From owner-svn-src-stable-10@freebsd.org Mon Sep 12 17:35:47 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 48E77BD82D1; Mon, 12 Sep 2016 17:35:47 +0000 (UTC) (envelope-from asomers@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2150590A; Mon, 12 Sep 2016 17:35:47 +0000 (UTC) (envelope-from asomers@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u8CHZk6n025470; Mon, 12 Sep 2016 17:35:46 GMT (envelope-from asomers@FreeBSD.org) Received: (from asomers@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u8CHZjmL025463; Mon, 12 Sep 2016 17:35:45 GMT (envelope-from asomers@FreeBSD.org) Message-Id: <201609121735.u8CHZjmL025463@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: asomers set sender to asomers@FreeBSD.org using -f From: Alan Somers Date: Mon, 12 Sep 2016 17:35:45 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r305750 - in stable/10/usr.sbin/pw: . tests X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Sep 2016 17:35:47 -0000 Author: asomers Date: Mon Sep 12 17:35:45 2016 New Revision: 305750 URL: https://svnweb.freebsd.org/changeset/base/305750 Log: MFC r302778 pw should sanitize the argument of -w. Otherwise, it will silently disable the login for the selected account if the argument is unrecognizable. usr.sbin/pw/pw.h usr.sbin/pw/pw_conf.c usr.sbin/pw/pw_user.c Use separate rules to validate boolean parameters and passwd parameters. Error out if a password parameter cannot be parsed. usr.sbin/pw/tests/Makefile usr.sbin/pw/tests/crypt.c usr.sbin/pw/tests/pw_useradd.sh usr.sbin/pw/tests/pw_usermod.sh Add tests for the validation. Also, enhance existing password-related tests to actually validate that the correct hash is written to master.passwd. Added: stable/10/usr.sbin/pw/tests/crypt.c - copied unchanged from r302778, head/usr.sbin/pw/tests/crypt.c Modified: stable/10/usr.sbin/pw/pw.h stable/10/usr.sbin/pw/pw_conf.c stable/10/usr.sbin/pw/pw_user.c stable/10/usr.sbin/pw/tests/Makefile stable/10/usr.sbin/pw/tests/pw_useradd.sh stable/10/usr.sbin/pw/tests/pw_usermod.sh Directory Properties: stable/10/ (props changed) Modified: stable/10/usr.sbin/pw/pw.h ============================================================================== --- stable/10/usr.sbin/pw/pw.h Mon Sep 12 17:29:20 2016 (r305749) +++ stable/10/usr.sbin/pw/pw.h Mon Sep 12 17:35:45 2016 (r305750) @@ -93,6 +93,7 @@ int groupadd(struct userconf *, char *na int nis_update(void); int boolean_val(char const * str, int dflt); +int passwd_val(char const * str, int dflt); char const *boolean_str(int val); char *newstr(char const * p); Modified: stable/10/usr.sbin/pw/pw_conf.c ============================================================================== --- stable/10/usr.sbin/pw/pw_conf.c Mon Sep 12 17:29:20 2016 (r305749) +++ stable/10/usr.sbin/pw/pw_conf.c Mon Sep 12 17:35:45 2016 (r305750) @@ -186,6 +186,22 @@ boolean_val(char const * str, int dflt) for (i = 0; boolfalse[i]; i++) if (strcmp(str, boolfalse[i]) == 0) return 0; + } + return dflt; +} + +int +passwd_val(char const * str, int dflt) +{ + if ((str = unquote(str)) != NULL) { + int i; + + for (i = 0; booltrue[i]; i++) + if (strcmp(str, booltrue[i]) == 0) + return 1; + for (i = 0; boolfalse[i]; i++) + if (strcmp(str, boolfalse[i]) == 0) + return 0; /* * Special cases for defaultpassword @@ -194,6 +210,8 @@ boolean_val(char const * str, int dflt) return -1; if (strcmp(str, "none") == 0) return -2; + + errx(1, "Invalid value for default password"); } return dflt; } @@ -258,7 +276,7 @@ read_userconfig(char const * file) #endif switch (i) { case _UC_DEFAULTPWD: - config.default_password = boolean_val(q, 1); + config.default_password = passwd_val(q, 1); break; case _UC_REUSEUID: config.reuse_uids = boolean_val(q, 0); Modified: stable/10/usr.sbin/pw/pw_user.c ============================================================================== --- stable/10/usr.sbin/pw/pw_user.c Mon Sep 12 17:29:20 2016 (r305749) +++ stable/10/usr.sbin/pw/pw_user.c Mon Sep 12 17:35:45 2016 (r305750) @@ -1317,7 +1317,7 @@ pw_user_add(int argc, char **argv, char mix_config(cmdcnf, cnf); if (default_passwd) - cmdcnf->default_password = boolean_val(default_passwd, + cmdcnf->default_password = passwd_val(default_passwd, cnf->default_password); if (genconf) { if (name != NULL) @@ -1719,7 +1719,7 @@ pw_user_mod(int argc, char **argv, char if (lc == NULL || login_setcryptfmt(lc, "sha512", NULL) == NULL) warn("setting crypt(3) format"); login_close(lc); - cnf->default_password = boolean_val(passwd, + cnf->default_password = passwd_val(passwd, cnf->default_password); pwd->pw_passwd = pw_password(cnf, pwd->pw_name, dryrun); edited = true; Modified: stable/10/usr.sbin/pw/tests/Makefile ============================================================================== --- stable/10/usr.sbin/pw/tests/Makefile Mon Sep 12 17:29:20 2016 (r305749) +++ stable/10/usr.sbin/pw/tests/Makefile Mon Sep 12 17:35:45 2016 (r305750) @@ -2,6 +2,11 @@ TESTSDIR= ${TESTSBASE}/usr.sbin/pw +BINDIR= ${TESTSDIR} + +PROGS+= crypt +LDADD+= -lcrypt + ATF_TESTS_SH= pw_etcdir \ pw_lock \ pw_config \ Copied: stable/10/usr.sbin/pw/tests/crypt.c (from r302778, head/usr.sbin/pw/tests/crypt.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/10/usr.sbin/pw/tests/crypt.c Mon Sep 12 17:35:45 2016 (r305750, copy of r302778, head/usr.sbin/pw/tests/crypt.c) @@ -0,0 +1,45 @@ +/*- + * Copyright (c) 2016 Spectra Logic Corporation + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include +#include +#include + +int main(int argc, char** argv) +{ + char *salt, *pass, *hash; + + if (argc < 3) + errx(1, "Usage: crypt "); + salt = argv[1]; + pass = argv[2]; + + hash = crypt(pass, salt); + printf("%s", hash); + return (hash == NULL ? 1 : 0); +} Modified: stable/10/usr.sbin/pw/tests/pw_useradd.sh ============================================================================== --- stable/10/usr.sbin/pw/tests/pw_useradd.sh Mon Sep 12 17:29:20 2016 (r305749) +++ stable/10/usr.sbin/pw/tests/pw_useradd.sh Mon Sep 12 17:35:45 2016 (r305750) @@ -235,9 +235,12 @@ atf_test_case user_add_password_from_h user_add_password_from_h_body() { populate_etc_skel - atf_check -s exit:0 ${PW} useradd test -h 0 <<-EOF - $(echo test) + atf_check -s exit:0 ${PW} useradd foo -h 0 <<-EOF + $(echo mypassword) EOF + passhash=`awk -F ':' '/^foo:/ {print $2}' $HOME/master.passwd` + atf_check -s exit:0 -o inline:$passhash \ + $(atf_get_srcdir)/crypt $passhash "mypassword" } atf_test_case user_add_R @@ -325,17 +328,47 @@ user_add_already_exists_body() { ${PW} useradd foo } +atf_test_case user_add_w_error +user_add_w_error_body() { + populate_etc_skel + + atf_check -s exit:1 -e match:"pw: Invalid value for default password" \ + ${PW} useradd foo -w invalid_value +} + +atf_test_case user_add_w_no +user_add_w_no_body() { + populate_etc_skel + + atf_check -s exit:0 ${PW} useradd foo -w no + atf_check -s exit:0 -o match:"^foo:\*" grep "^foo:" $HOME/master.passwd +} + +atf_test_case user_add_w_none +user_add_w_none_body() { + populate_etc_skel + + atf_check -s exit:0 ${PW} useradd foo -w none + atf_check -s exit:0 -o match:"^foo::" grep "^foo:" $HOME/master.passwd +} + +atf_test_case user_add_w_random +user_add_w_random_body() { + populate_etc_skel + + password=`${PW} useradd foo -w random | cat` + passhash=`awk -F ':' '/^foo:/ {print $2}' $HOME/master.passwd` + atf_check -s exit:0 -o inline:$passhash \ + $(atf_get_srcdir)/crypt $passhash "$password" +} + atf_test_case user_add_w_yes user_add_w_yes_body() { populate_etc_skel - atf_check -s exit:0 ${PW} useradd foo -w yes - atf_check -s exit:0 \ - -o match:'^foo:\$.*' \ - grep "^foo" ${HOME}/master.passwd - atf_check -s exit:0 ${PW} usermod foo -w yes - atf_check -s exit:0 \ - -o match:'^foo:\$.*' \ - grep "^foo" ${HOME}/master.passwd + password=`${PW} useradd foo -w random | cat` + passhash=`awk -F ':' '/^foo:/ {print $2}' $HOME/master.passwd` + atf_check -s exit:0 -o inline:$passhash \ + $(atf_get_srcdir)/crypt $passhash "$password" } atf_test_case user_add_with_pw_conf @@ -380,6 +413,10 @@ atf_init_test_cases() { atf_add_test_case user_add_uid_too_large atf_add_test_case user_add_bad_shell atf_add_test_case user_add_already_exists + atf_add_test_case user_add_w_error + atf_add_test_case user_add_w_no + atf_add_test_case user_add_w_none + atf_add_test_case user_add_w_random atf_add_test_case user_add_w_yes atf_add_test_case user_add_with_pw_conf } Modified: stable/10/usr.sbin/pw/tests/pw_usermod.sh ============================================================================== --- stable/10/usr.sbin/pw/tests/pw_usermod.sh Mon Sep 12 17:29:20 2016 (r305749) +++ stable/10/usr.sbin/pw/tests/pw_usermod.sh Mon Sep 12 17:35:45 2016 (r305750) @@ -157,8 +157,9 @@ user_mod_h_body() { atf_check -s exit:0 ${PW} usermod foo -h 0 <<- EOF $(echo a) EOF - atf_check -s exit:0 -o not-match:"^foo:\*:.*" \ - grep "^foo" ${HOME}/master.passwd + passhash=`awk -F ':' '/^foo:/ {print $2}' $HOME/master.passwd` + atf_check -s exit:0 -o inline:$passhash \ + $(atf_get_srcdir)/crypt $passhash "a" atf_check -s exit:0 ${PW} usermod foo -h - <<- EOF $(echo b) EOF @@ -203,6 +204,56 @@ user_mod_uid_body() { atf_check -s exit:0 ${PW} usermod foo -u 5000 } +atf_test_case user_mod_w_error +user_mod_w_error_body() { + populate_etc_skel + + atf_check -s exit:0 ${PW} useradd foo + atf_check -s exit:1 -e match:"pw: Invalid value for default password" \ + ${PW} usermod foo -w invalid_value +} + +atf_test_case user_mod_w_no +user_mod_w_no_body() { + populate_etc_skel + + atf_check -s exit:0 ${PW} useradd foo + atf_check -s exit:0 ${PW} usermod foo -w no + atf_check -s exit:0 -o match:"^foo:\*" grep "^foo:" $HOME/master.passwd +} + +atf_test_case user_mod_w_none +user_mod_w_none_body() { + populate_etc_skel + + atf_check -s exit:0 ${PW} useradd foo + atf_check -s exit:0 ${PW} usermod foo -w none + atf_check -s exit:0 -o match:"^foo::" grep "^foo:" $HOME/master.passwd +} + +atf_test_case user_mod_w_random +user_mod_w_random_body() { + populate_etc_skel + + atf_check -s exit:0 ${PW} useradd foo + password=`${PW} usermod foo -w random | cat` + passhash=`awk -F ':' '/^foo:/ {print $2}' $HOME/master.passwd` + atf_check -s exit:0 -o inline:$passhash \ + $(atf_get_srcdir)/crypt $passhash "$password" +} + +atf_test_case user_mod_w_yes +user_mod_w_yes_body() { + populate_etc_skel + + atf_check -s exit:0 ${PW} useradd foo + atf_check -s exit:0 ${PW} usermod foo -w yes + passhash=`awk -F ':' '/^foo:/ {print $2}' $HOME/master.passwd` + atf_check -s exit:0 -o inline:$passhash \ + $(atf_get_srcdir)/crypt $passhash "foo" +} + + atf_init_test_cases() { atf_add_test_case user_mod atf_add_test_case user_mod_noupdate @@ -219,4 +270,9 @@ atf_init_test_cases() { atf_add_test_case user_mod_H atf_add_test_case user_mod_renamehome atf_add_test_case user_mod_uid + atf_add_test_case user_mod_w_error + atf_add_test_case user_mod_w_no + atf_add_test_case user_mod_w_none + atf_add_test_case user_mod_w_random + atf_add_test_case user_mod_w_yes }