mirror of
https://github.com/kasmtech/KasmVNC.git
synced 2024-11-25 01:24:04 +01:00
229 lines
5.7 KiB
C
229 lines
5.7 KiB
C
/* Copyright (C) 2002-2005 RealVNC Ltd. All Rights Reserved.
|
|
* Copyright (C) 2010 Antoine Martin. All Rights Reserved.
|
|
* Copyright (C) 2010 D. R. Commander. All Rights Reserved.
|
|
* Copyright (C) 2020 Kasm. All Rights Reserved.
|
|
*
|
|
* This is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This software is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this software; if not, write to the Free Software
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
|
|
* USA.
|
|
*/
|
|
|
|
#include <crypt.h>
|
|
#include <stdio.h>
|
|
#include <string.h>
|
|
#include <stdlib.h>
|
|
#include <sys/types.h>
|
|
#include <sys/stat.h>
|
|
#include <termios.h>
|
|
#include <unistd.h>
|
|
#include <wordexp.h>
|
|
|
|
#include "kasmpasswd.h"
|
|
|
|
static void usage(const char *prog)
|
|
{
|
|
fprintf(stderr, "Usage: %s -u username [-wnod] [password_file]\n"
|
|
"-r Read permission\n"
|
|
"-w Write permission\n"
|
|
"-o Owner\n"
|
|
"-n Don't change password, change permissions only\n"
|
|
"-d Delete this user\n"
|
|
"\n"
|
|
"The password file is updated atomically.\n"
|
|
"For more information, run \"man vncpasswd\".\n\n"
|
|
"To pass the password via a pipe, use\n"
|
|
"echo -e \"password\\npassword\\n\" | %s [-args]\n",
|
|
prog, prog);
|
|
exit(1);
|
|
}
|
|
|
|
|
|
static void enableEcho(unsigned char enable) {
|
|
struct termios attrs;
|
|
|
|
if (!isatty(fileno(stdin)))
|
|
return;
|
|
|
|
tcgetattr(fileno(stdin), &attrs);
|
|
if (enable)
|
|
attrs.c_lflag |= ECHO;
|
|
else
|
|
attrs.c_lflag &= ~ECHO;
|
|
attrs.c_lflag |= ECHONL;
|
|
tcsetattr(fileno(stdin), TCSAFLUSH, &attrs);
|
|
}
|
|
|
|
static const char *encryptpw(const char *in) {
|
|
return crypt(in, "$5$kasm$");
|
|
}
|
|
|
|
static char* getpassword(const char* prompt, char *buf) {
|
|
if (prompt && isatty(fileno(stdin))) fputs(prompt, stdout);
|
|
enableEcho(0);
|
|
char* result = fgets(buf, 4096, stdin);
|
|
enableEcho(1);
|
|
if (result) {
|
|
if (result[strlen(result)-1] == '\n')
|
|
result[strlen(result)-1] = 0;
|
|
return buf;
|
|
}
|
|
return NULL;
|
|
}
|
|
|
|
static char pw1[4096];
|
|
static char pw2[4096];
|
|
|
|
static const char *readpassword() {
|
|
while (1) {
|
|
if (!getpassword("Password:", pw1)) {
|
|
perror("getpassword error");
|
|
exit(1);
|
|
}
|
|
if (strlen(pw1) < 6) {
|
|
if (strlen(pw1) == 0) {
|
|
fprintf(stderr,"Password not changed\n");
|
|
exit(1);
|
|
}
|
|
fprintf(stderr,"Password must be at least 6 characters - try again\n");
|
|
continue;
|
|
}
|
|
|
|
if (!getpassword("Verify:", pw2)) {
|
|
perror("getpass error");
|
|
exit(1);
|
|
}
|
|
if (strcmp(pw1, pw2) != 0) {
|
|
if (!isatty(fileno(stdin))) {
|
|
fprintf(stderr,"Passwords don't match\n");
|
|
exit(1);
|
|
}
|
|
fprintf(stderr,"Passwords don't match - try again\n");
|
|
continue;
|
|
}
|
|
|
|
return encryptpw(pw1);
|
|
}
|
|
}
|
|
|
|
int main(int argc, char** argv)
|
|
{
|
|
const char *fname = NULL;
|
|
const char *user = NULL;
|
|
const char args[] = "u:rwnod";
|
|
int opt;
|
|
|
|
unsigned char nopass = 0, reader = 0, writer = 0, owner = 0, deleting = 0;
|
|
|
|
while ((opt = getopt(argc, argv, args)) != -1) {
|
|
switch (opt) {
|
|
case 'u':
|
|
user = optarg;
|
|
if (strlen(user) + 1 > sizeof(((struct kasmpasswd_entry_t *)0)->user)) {
|
|
fprintf(stderr, "Username %s too long\n", user);
|
|
exit(1);
|
|
}
|
|
break;
|
|
case 'n':
|
|
nopass = 1;
|
|
break;
|
|
case 'r':
|
|
reader = 1;
|
|
break;
|
|
case 'w':
|
|
writer = 1;
|
|
break;
|
|
case 'o':
|
|
owner = 1;
|
|
break;
|
|
case 'd':
|
|
deleting = 1;
|
|
break;
|
|
default:
|
|
usage(argv[0]);
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (deleting && (nopass || reader || writer || owner))
|
|
usage(argv[0]);
|
|
|
|
if (!user)
|
|
usage(argv[0]);
|
|
|
|
if (optind < argc)
|
|
fname = argv[optind];
|
|
|
|
if (!fname) {
|
|
wordexp_t wexp;
|
|
if (!wordexp("~/.kasmpasswd", &wexp, WRDE_NOCMD) && wexp.we_wordv[0])
|
|
fname = strdup(wexp.we_wordv[0]);
|
|
wordfree(&wexp);
|
|
}
|
|
if (!fname)
|
|
usage(argv[0]);
|
|
|
|
// Action
|
|
struct kasmpasswd_t *set = readkasmpasswd(fname);
|
|
unsigned i;
|
|
|
|
if (nopass) {
|
|
for (i = 0; i < set->num; i++) {
|
|
if (!strcmp(set->entries[i].user, user)) {
|
|
set->entries[i].read = reader;
|
|
set->entries[i].write = writer;
|
|
set->entries[i].owner = owner;
|
|
|
|
writekasmpasswd(fname, set);
|
|
return 0;
|
|
}
|
|
}
|
|
fprintf(stderr, "No user named %s found\n", user);
|
|
return 1;
|
|
|
|
} else if (deleting) {
|
|
for (i = 0; i < set->num; i++) {
|
|
if (!strcmp(set->entries[i].user, user)) {
|
|
set->entries[i].user[0] = '\0';
|
|
|
|
writekasmpasswd(fname, set);
|
|
return 0;
|
|
}
|
|
}
|
|
fprintf(stderr, "No user named %s found\n", user);
|
|
return 1;
|
|
} else {
|
|
const char *encrypted = readpassword();
|
|
for (i = 0; i < set->num; i++) {
|
|
if (!strcmp(set->entries[i].user, user))
|
|
break;
|
|
}
|
|
|
|
// No existing user by that name?
|
|
if (i >= set->num) {
|
|
i = set->num++;
|
|
set->entries = realloc(set->entries, set->num * sizeof(struct kasmpasswd_entry_t));
|
|
}
|
|
|
|
strcpy(set->entries[i].user, user);
|
|
strcpy(set->entries[i].password, encrypted);
|
|
set->entries[i].read = reader;
|
|
set->entries[i].write = writer;
|
|
set->entries[i].owner = owner;
|
|
|
|
writekasmpasswd(fname, set);
|
|
}
|
|
|
|
return 0;
|
|
}
|