summaryrefslogtreecommitdiffstats
path: root/usr.sbin
diff options
context:
space:
mode:
authorasomers <asomers@FreeBSD.org>2016-09-12 17:35:45 +0000
committerasomers <asomers@FreeBSD.org>2016-09-12 17:35:45 +0000
commit9f16b96c4bb2351b941afdc62da0d09617ff819b (patch)
tree1dc8f73e718333e9898a666df5b1a795540f17c4 /usr.sbin
parent5986af9d01080d549cde638c5af2bef5fd977207 (diff)
downloadFreeBSD-src-9f16b96c4bb2351b941afdc62da0d09617ff819b.zip
FreeBSD-src-9f16b96c4bb2351b941afdc62da0d09617ff819b.tar.gz
MFC r302778
pw should sanitize the argument of -w. Otherwise, it will silently disable the login for the selected account if the argument is unrecognizable. usr.sbin/pw/pw.h usr.sbin/pw/pw_conf.c usr.sbin/pw/pw_user.c Use separate rules to validate boolean parameters and passwd parameters. Error out if a password parameter cannot be parsed. usr.sbin/pw/tests/Makefile usr.sbin/pw/tests/crypt.c usr.sbin/pw/tests/pw_useradd.sh usr.sbin/pw/tests/pw_usermod.sh Add tests for the validation. Also, enhance existing password-related tests to actually validate that the correct hash is written to master.passwd.
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/pw/pw.h1
-rw-r--r--usr.sbin/pw/pw_conf.c20
-rw-r--r--usr.sbin/pw/pw_user.c4
-rw-r--r--usr.sbin/pw/tests/Makefile5
-rw-r--r--usr.sbin/pw/tests/crypt.c45
-rwxr-xr-xusr.sbin/pw/tests/pw_useradd.sh57
-rwxr-xr-xusr.sbin/pw/tests/pw_usermod.sh60
7 files changed, 177 insertions, 15 deletions
diff --git a/usr.sbin/pw/pw.h b/usr.sbin/pw/pw.h
index b389f12..05a51c2 100644
--- a/usr.sbin/pw/pw.h
+++ b/usr.sbin/pw/pw.h
@@ -93,6 +93,7 @@ int groupadd(struct userconf *, char *name, gid_t id, char *members, int fd,
int nis_update(void);
int boolean_val(char const * str, int dflt);
+int passwd_val(char const * str, int dflt);
char const *boolean_str(int val);
char *newstr(char const * p);
diff --git a/usr.sbin/pw/pw_conf.c b/usr.sbin/pw/pw_conf.c
index d30c80e..a3bd0bd 100644
--- a/usr.sbin/pw/pw_conf.c
+++ b/usr.sbin/pw/pw_conf.c
@@ -186,6 +186,22 @@ boolean_val(char const * str, int dflt)
for (i = 0; boolfalse[i]; i++)
if (strcmp(str, boolfalse[i]) == 0)
return 0;
+ }
+ return dflt;
+}
+
+int
+passwd_val(char const * str, int dflt)
+{
+ if ((str = unquote(str)) != NULL) {
+ int i;
+
+ for (i = 0; booltrue[i]; i++)
+ if (strcmp(str, booltrue[i]) == 0)
+ return 1;
+ for (i = 0; boolfalse[i]; i++)
+ if (strcmp(str, boolfalse[i]) == 0)
+ return 0;
/*
* Special cases for defaultpassword
@@ -194,6 +210,8 @@ boolean_val(char const * str, int dflt)
return -1;
if (strcmp(str, "none") == 0)
return -2;
+
+ errx(1, "Invalid value for default password");
}
return dflt;
}
@@ -258,7 +276,7 @@ read_userconfig(char const * file)
#endif
switch (i) {
case _UC_DEFAULTPWD:
- config.default_password = boolean_val(q, 1);
+ config.default_password = passwd_val(q, 1);
break;
case _UC_REUSEUID:
config.reuse_uids = boolean_val(q, 0);
diff --git a/usr.sbin/pw/pw_user.c b/usr.sbin/pw/pw_user.c
index 2f87b56..6e6b3cd 100644
--- a/usr.sbin/pw/pw_user.c
+++ b/usr.sbin/pw/pw_user.c
@@ -1317,7 +1317,7 @@ pw_user_add(int argc, char **argv, char *arg1)
mix_config(cmdcnf, cnf);
if (default_passwd)
- cmdcnf->default_password = boolean_val(default_passwd,
+ cmdcnf->default_password = passwd_val(default_passwd,
cnf->default_password);
if (genconf) {
if (name != NULL)
@@ -1719,7 +1719,7 @@ pw_user_mod(int argc, char **argv, char *arg1)
if (lc == NULL || login_setcryptfmt(lc, "sha512", NULL) == NULL)
warn("setting crypt(3) format");
login_close(lc);
- cnf->default_password = boolean_val(passwd,
+ cnf->default_password = passwd_val(passwd,
cnf->default_password);
pwd->pw_passwd = pw_password(cnf, pwd->pw_name, dryrun);
edited = true;
diff --git a/usr.sbin/pw/tests/Makefile b/usr.sbin/pw/tests/Makefile
index a1605aa..07a8069 100644
--- a/usr.sbin/pw/tests/Makefile
+++ b/usr.sbin/pw/tests/Makefile
@@ -2,6 +2,11 @@
TESTSDIR= ${TESTSBASE}/usr.sbin/pw
+BINDIR= ${TESTSDIR}
+
+PROGS+= crypt
+LDADD+= -lcrypt
+
ATF_TESTS_SH= pw_etcdir \
pw_lock \
pw_config \
diff --git a/usr.sbin/pw/tests/crypt.c b/usr.sbin/pw/tests/crypt.c
new file mode 100644
index 0000000..586fccd
--- /dev/null
+++ b/usr.sbin/pw/tests/crypt.c
@@ -0,0 +1,45 @@
+/*-
+ * Copyright (c) 2016 Spectra Logic Corporation
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#include <err.h>
+#include <stdio.h>
+#include <unistd.h>
+
+int main(int argc, char** argv)
+{
+ char *salt, *pass, *hash;
+
+ if (argc < 3)
+ errx(1, "Usage: crypt <salt> <password>");
+ salt = argv[1];
+ pass = argv[2];
+
+ hash = crypt(pass, salt);
+ printf("%s", hash);
+ return (hash == NULL ? 1 : 0);
+}
diff --git a/usr.sbin/pw/tests/pw_useradd.sh b/usr.sbin/pw/tests/pw_useradd.sh
index cb62944..b1ff8d4 100755
--- a/usr.sbin/pw/tests/pw_useradd.sh
+++ b/usr.sbin/pw/tests/pw_useradd.sh
@@ -235,9 +235,12 @@ atf_test_case user_add_password_from_h
user_add_password_from_h_body() {
populate_etc_skel
- atf_check -s exit:0 ${PW} useradd test -h 0 <<-EOF
- $(echo test)
+ atf_check -s exit:0 ${PW} useradd foo -h 0 <<-EOF
+ $(echo mypassword)
EOF
+ passhash=`awk -F ':' '/^foo:/ {print $2}' $HOME/master.passwd`
+ atf_check -s exit:0 -o inline:$passhash \
+ $(atf_get_srcdir)/crypt $passhash "mypassword"
}
atf_test_case user_add_R
@@ -325,17 +328,47 @@ user_add_already_exists_body() {
${PW} useradd foo
}
+atf_test_case user_add_w_error
+user_add_w_error_body() {
+ populate_etc_skel
+
+ atf_check -s exit:1 -e match:"pw: Invalid value for default password" \
+ ${PW} useradd foo -w invalid_value
+}
+
+atf_test_case user_add_w_no
+user_add_w_no_body() {
+ populate_etc_skel
+
+ atf_check -s exit:0 ${PW} useradd foo -w no
+ atf_check -s exit:0 -o match:"^foo:\*" grep "^foo:" $HOME/master.passwd
+}
+
+atf_test_case user_add_w_none
+user_add_w_none_body() {
+ populate_etc_skel
+
+ atf_check -s exit:0 ${PW} useradd foo -w none
+ atf_check -s exit:0 -o match:"^foo::" grep "^foo:" $HOME/master.passwd
+}
+
+atf_test_case user_add_w_random
+user_add_w_random_body() {
+ populate_etc_skel
+
+ password=`${PW} useradd foo -w random | cat`
+ passhash=`awk -F ':' '/^foo:/ {print $2}' $HOME/master.passwd`
+ atf_check -s exit:0 -o inline:$passhash \
+ $(atf_get_srcdir)/crypt $passhash "$password"
+}
+
atf_test_case user_add_w_yes
user_add_w_yes_body() {
populate_etc_skel
- atf_check -s exit:0 ${PW} useradd foo -w yes
- atf_check -s exit:0 \
- -o match:'^foo:\$.*' \
- grep "^foo" ${HOME}/master.passwd
- atf_check -s exit:0 ${PW} usermod foo -w yes
- atf_check -s exit:0 \
- -o match:'^foo:\$.*' \
- grep "^foo" ${HOME}/master.passwd
+ password=`${PW} useradd foo -w random | cat`
+ passhash=`awk -F ':' '/^foo:/ {print $2}' $HOME/master.passwd`
+ atf_check -s exit:0 -o inline:$passhash \
+ $(atf_get_srcdir)/crypt $passhash "$password"
}
atf_test_case user_add_with_pw_conf
@@ -380,6 +413,10 @@ atf_init_test_cases() {
atf_add_test_case user_add_uid_too_large
atf_add_test_case user_add_bad_shell
atf_add_test_case user_add_already_exists
+ atf_add_test_case user_add_w_error
+ atf_add_test_case user_add_w_no
+ atf_add_test_case user_add_w_none
+ atf_add_test_case user_add_w_random
atf_add_test_case user_add_w_yes
atf_add_test_case user_add_with_pw_conf
}
diff --git a/usr.sbin/pw/tests/pw_usermod.sh b/usr.sbin/pw/tests/pw_usermod.sh
index 236fd27..df056e0 100755
--- a/usr.sbin/pw/tests/pw_usermod.sh
+++ b/usr.sbin/pw/tests/pw_usermod.sh
@@ -157,8 +157,9 @@ user_mod_h_body() {
atf_check -s exit:0 ${PW} usermod foo -h 0 <<- EOF
$(echo a)
EOF
- atf_check -s exit:0 -o not-match:"^foo:\*:.*" \
- grep "^foo" ${HOME}/master.passwd
+ passhash=`awk -F ':' '/^foo:/ {print $2}' $HOME/master.passwd`
+ atf_check -s exit:0 -o inline:$passhash \
+ $(atf_get_srcdir)/crypt $passhash "a"
atf_check -s exit:0 ${PW} usermod foo -h - <<- EOF
$(echo b)
EOF
@@ -203,6 +204,56 @@ user_mod_uid_body() {
atf_check -s exit:0 ${PW} usermod foo -u 5000
}
+atf_test_case user_mod_w_error
+user_mod_w_error_body() {
+ populate_etc_skel
+
+ atf_check -s exit:0 ${PW} useradd foo
+ atf_check -s exit:1 -e match:"pw: Invalid value for default password" \
+ ${PW} usermod foo -w invalid_value
+}
+
+atf_test_case user_mod_w_no
+user_mod_w_no_body() {
+ populate_etc_skel
+
+ atf_check -s exit:0 ${PW} useradd foo
+ atf_check -s exit:0 ${PW} usermod foo -w no
+ atf_check -s exit:0 -o match:"^foo:\*" grep "^foo:" $HOME/master.passwd
+}
+
+atf_test_case user_mod_w_none
+user_mod_w_none_body() {
+ populate_etc_skel
+
+ atf_check -s exit:0 ${PW} useradd foo
+ atf_check -s exit:0 ${PW} usermod foo -w none
+ atf_check -s exit:0 -o match:"^foo::" grep "^foo:" $HOME/master.passwd
+}
+
+atf_test_case user_mod_w_random
+user_mod_w_random_body() {
+ populate_etc_skel
+
+ atf_check -s exit:0 ${PW} useradd foo
+ password=`${PW} usermod foo -w random | cat`
+ passhash=`awk -F ':' '/^foo:/ {print $2}' $HOME/master.passwd`
+ atf_check -s exit:0 -o inline:$passhash \
+ $(atf_get_srcdir)/crypt $passhash "$password"
+}
+
+atf_test_case user_mod_w_yes
+user_mod_w_yes_body() {
+ populate_etc_skel
+
+ atf_check -s exit:0 ${PW} useradd foo
+ atf_check -s exit:0 ${PW} usermod foo -w yes
+ passhash=`awk -F ':' '/^foo:/ {print $2}' $HOME/master.passwd`
+ atf_check -s exit:0 -o inline:$passhash \
+ $(atf_get_srcdir)/crypt $passhash "foo"
+}
+
+
atf_init_test_cases() {
atf_add_test_case user_mod
atf_add_test_case user_mod_noupdate
@@ -219,4 +270,9 @@ atf_init_test_cases() {
atf_add_test_case user_mod_H
atf_add_test_case user_mod_renamehome
atf_add_test_case user_mod_uid
+ atf_add_test_case user_mod_w_error
+ atf_add_test_case user_mod_w_no
+ atf_add_test_case user_mod_w_none
+ atf_add_test_case user_mod_w_random
+ atf_add_test_case user_mod_w_yes
}
OpenPOWER on IntegriCloud