From d28605477c1e757729cc9d090c0053826bb1f0a6 Mon Sep 17 00:00:00 2001 From: Michiel Broek Date: Sun, 28 Jul 2002 12:31:28 +0000 Subject: [PATCH] Changed username tests --- ChangeLog | 5 ++ mbsebbs/change.c | 116 +++++++++++++++++++++------------------------- mbsebbs/funcs.c | 63 +++++++++++++++++++++++++ mbsebbs/funcs.h | 1 + mbsebbs/newuser.c | 12 +++-- script/.cvsignore | 2 +- 6 files changed, 129 insertions(+), 70 deletions(-) diff --git a/ChangeLog b/ChangeLog index 0759b49e..8ce4fc33 100644 --- a/ChangeLog +++ b/ChangeLog @@ -33,6 +33,9 @@ v0.35.03 06-Jul-2002 newuser: Check for Unix accounts is now case sensitive. Check existing usernames now also checks handles. + Check for existing Unix names now also includes the name ping + and services names. + Check for handle now also checks Unix names. mbsebbs: Check existing usernames now also checks handles. @@ -40,6 +43,8 @@ v0.35.03 06-Jul-2002 expired, the bbs crashed. Fixed a problem with extra spaces in UUCP replyto address. Added test for HA archiver. + When changing a Handle, Unix names are checked as forbidden + names as well. mbtask: Changed logging of multiple logmessages that are equal. diff --git a/mbsebbs/change.c b/mbsebbs/change.c index 874fc6a1..e8a91299 100644 --- a/mbsebbs/change.c +++ b/mbsebbs/change.c @@ -228,35 +228,28 @@ void Chg_Password() int CheckHandle(char *); int CheckHandle(char *Name) { - FILE *fp; - int Status = FALSE; - char *temp, *temp1; - struct userhdr uhdr; - struct userrec u; + FILE *fp; + int Status = FALSE; + struct userhdr uhdr; + struct userrec u; + char *temp; - temp = calloc(PATH_MAX, sizeof(char)); - temp1 = calloc(PATH_MAX, sizeof(char)); + temp = calloc(PATH_MAX, sizeof(char)); + sprintf(temp, "%s/etc/users.data", getenv("MBSE_ROOT")); + if ((fp = fopen(temp,"rb")) != NULL) { + fread(&uhdr, sizeof(uhdr), 1, fp); - strcpy(temp1, tl(Name)); - - sprintf(temp, "%s/etc/users.data", getenv("MBSE_ROOT")); - if(( fp = fopen(temp,"rb")) != NULL) { - fread(&uhdr, sizeof(uhdr), 1, fp); - - while (fread(&u, uhdr.recsize, 1, fp) == 1) { - strcpy(temp, tl(u.sHandle)); - - if((strcmp(temp, temp1)) == 0) { - Status = TRUE; - break; - } - } - free(temp); - free(temp1); - fclose(fp); + while (fread(&u, uhdr.recsize, 1, fp) == 1) { + if ((strcasecmp(u.sHandle, Name)) == 0) { + Status = TRUE; + break; + } } + fclose(fp); + } - return Status; + free(temp); + return Status; } @@ -266,51 +259,46 @@ int CheckHandle(char *Name) */ void Chg_Handle() { - char *Handle, *temp; + char *Handle, *temp; - Handle = calloc(81, sizeof(char)); - temp = calloc(81, sizeof(char)); + Handle = calloc(81, sizeof(char)); + temp = calloc(81, sizeof(char)); - ReadExitinfo(); - Syslog('+', "Old handle \"%s\"", exitinfo.sHandle); + ReadExitinfo(); + Syslog('+', "Old handle \"%s\"", exitinfo.sHandle); - while (TRUE) { - Enter(1); - /* Enter a handle (Enter to Quit): */ - pout(9, 0, (char *) Language(412)); - colour(CFG.InputColourF, CFG.InputColourB); - fflush(stdout); - Getname(temp, 34); + while (TRUE) { + Enter(1); + /* Enter a handle (Enter to Quit): */ + pout(9, 0, (char *) Language(412)); + colour(CFG.InputColourF, CFG.InputColourB); + fflush(stdout); + Getname(temp, 34); - if((strcmp(temp, "")) == 0) { - free(Handle); - free(temp); - return; - } - - strcpy(Handle, tl(temp)); - - if (CheckHandle(Handle)) - pout(12, 0, (char *)"\nThat handle is already been used\n"); - else - if (CheckName(Handle)) - pout(12, 0, (char *)"\nThat name is already been used\n"); - else - if((strcmp(Handle, "sysop")) == 0) - pout(12, 0, (char *)"\nYou cannot use Sysop as a handle\n"); - else { - if(strcmp(temp, "") != 0) { - Setup(exitinfo.sHandle, temp); - pout(10, 0, (char *)"\nHandle Changed!\n\n"); - Syslog('+', "New handle \"%s\"", exitinfo.sHandle); - break; - } - } + if ((strcmp(temp, "")) == 0) { + free(Handle); + free(temp); + return; } + strcpy(Handle, tlcap(temp)); - WriteExitinfo(); - free(temp); - free(Handle); + if (CheckHandle(Handle) || CheckUnixNames(Handle)) { + pout(12, 0, (char *)"\nThat handle is already been used\n"); + } else if (CheckName(Handle)) { + pout(12, 0, (char *)"\nThat name is already been used\n"); + } else if((strcmp(Handle, "sysop")) == 0) { + pout(12, 0, (char *)"\nYou cannot use Sysop as a handle\n"); + } else if(strcmp(temp, "") != 0) { + Setup(exitinfo.sHandle, temp); + pout(10, 0, (char *)"\nHandle Changed!\n\n"); + Syslog('+', "New handle \"%s\"", exitinfo.sHandle); + break; + } + } + + WriteExitinfo(); + free(temp); + free(Handle); } diff --git a/mbsebbs/funcs.c b/mbsebbs/funcs.c index 7c8c11b8..257353a5 100644 --- a/mbsebbs/funcs.c +++ b/mbsebbs/funcs.c @@ -109,6 +109,69 @@ int CheckName(char *Name) +/* + * Check several Unix names and other build-in system names + * that are forbidden to select for new users. + */ +int CheckUnixNames(char *name) +{ + struct passwd *pw; + char *temp; + FILE *fp; + int rc = FALSE; + + /* + * Basic checks + */ + if (name == NULL) + rc = TRUE; + else if (strlen(name) == 0) + rc = TRUE; + else if (strlen(name) > 8) + rc = TRUE; + + /* + * Check Unix names in the password file + */ + if (! rc) { + if ((pw = getpwnam(name)) != NULL) + rc = TRUE; + endpwent(); + } + + /* + * Username ping is used by the PING function + */ + if (! rc) { + if (strcasecmp(name, (char *)"ping") == 0) + rc = TRUE; + } + + /* + * Check service names + */ + if (! rc) { + temp = calloc(PATH_MAX, sizeof(char)); + sprintf(temp, "%s/etc/service.data", getenv("MBSE_ROOT")); + if ((fp = fopen(temp, "r")) != NULL) { + fread(&servhdr, sizeof(servhdr), 1, fp); + + while (fread(&servrec, servhdr.recsize, 1, fp) == 1) { + if ((strcasecmp(servrec.Service, name) == 0) && servrec.Active) { + rc = TRUE; + break; + } + } + fclose(fp); + } + free(temp); + } + + return rc; +} + + + /* * Function will check and create a home directory for the user if * needed. It will also change into the users home directory when diff --git a/mbsebbs/funcs.h b/mbsebbs/funcs.h index 6dca1636..bb7ccdce 100644 --- a/mbsebbs/funcs.h +++ b/mbsebbs/funcs.h @@ -6,6 +6,7 @@ void UserSilent(int); /* Update users silent flag info */ int CheckStatus(void); /* Check BBS open status */ +int CheckUnixNames(char *); /* Check Unix and other forbidden names */ int CheckName(char *); /* Check if user name exists */ char *ChangeHomeDir(char *, int); /* Change and Create Users Home Directories */ void CheckDir(char *); /* Check and create directory */ diff --git a/mbsebbs/newuser.c b/mbsebbs/newuser.c index f0418f5b..324cee68 100644 --- a/mbsebbs/newuser.c +++ b/mbsebbs/newuser.c @@ -335,8 +335,9 @@ int newuser() alarm_on(); Getname(temp, 34); - badname = (BadNames(temp) || CheckName(temp)); + badname = (strlen(temp) && (BadNames(temp) || CheckName(temp) || CheckUnixNames(temp))); if (badname) { + Syslog('+', "User tried \"%s\" as Handle", MBSE_SS(temp)); /* That login name already exists, please choose another one. */ language(LIGHTRED, BLACK, 386); Enter(1); @@ -603,13 +604,12 @@ void Good_Bye(int onsig) */ char *NameGen(char *FidoName) { - char *sUserName; - struct passwd *pw; + char *sUserName; sUserName = calloc(10, sizeof(char)); Syslog('+', "NameGen(%s)", FidoName); - while ((strcmp(sUserName, "") == 0) || ((pw = getpwnam(sUserName)) != NULL) || (strlen(sUserName) < 3)) { + while ((strcmp(sUserName, "") == 0) || (CheckUnixNames(sUserName)) || (strlen(sUserName) < 3)) { colour(LIGHTRED, BLACK); printf("\n%s\n\n", (char *) Language(381)); colour(WHITE, BLACK); @@ -624,10 +624,11 @@ char *NameGen(char *FidoName) fflush(stdin); GetstrU(sUserName, 7); - if ((pw = getpwnam(sUserName)) != NULL) { + if (CheckUnixNames(sUserName)) { /* That login name already exists, please choose another one. */ colour(LIGHTRED, BLACK); printf("\n%s\n", (char *) Language(386)); + Syslog('+', "Users tried to use \"%s\" as Unix name", MBSE_SS(sUserName)); } } return sUserName; @@ -706,6 +707,7 @@ int BadNames(char *Username) Striplf(String); if ((strstr(User, String)) != NULL) { printf("\nSorry that name is not acceptable on this system\n"); + Syslog('+', "User tried username \"%s\", found in %s", Username, temp); iFoundName = TRUE; break; } diff --git a/script/.cvsignore b/script/.cvsignore index c5698cf8..cbaa4951 100644 --- a/script/.cvsignore +++ b/script/.cvsignore @@ -1 +1 @@ -filelist installinit.log +filelist editor installinit.log