alema
/
us
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

implemented "nolog" option

Browse Source
master
Alessandro Mauri 3 years ago
parent f489885e3e
commit 475aa341c5
1 changed files with 27 additions and 6 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 33
      us.c

33
us.c
Unescape View File

@ -41,6 +41,7 @@
#include <signal.h> #include <signal.h>
#include <time.h> #include <time.h>
#include <fcntl.h> #include <fcntl.h>
#include <syslog.h>
#if !defined(_XOPEN_CRYPT) || _XOPEN_CRYPT == -1 #if !defined(_XOPEN_CRYPT) || _XOPEN_CRYPT == -1
#include <crypt.h> #include <crypt.h>
@ -51,6 +52,7 @@
#endif #endif
#define MAX_HASH 1024 #define MAX_HASH 1024
#define PASS_MAX 1024
#define CONF_LINE_MAX 1024 #define CONF_LINE_MAX 1024
#define GROUPS_MAX 256 #define GROUPS_MAX 256
#define STR_MAX 1024 #define STR_MAX 1024
@ -242,8 +244,18 @@ int main(int argc, char *argv[])
/* Authenticate, we will be root from now on */ /* Authenticate, we will be root from now on */
if (!(conf_flags & FLAG_NOPASS)) if (!(conf_flags & FLAG_NOPASS))
if (authenticate(my_pw->pw_uid, askpass, conf_flags & FLAG_PERSIST)) if (authenticate(my_pw->pw_uid, askpass, conf_flags & FLAG_PERSIST)) {
if (!(conf_flags & FLAG_NOLOG))
exit(EXIT_FAILURE);
char cmd[1024] = {0};
for (int i = optind, x = 0; argv[i] && x < 1024; i++)
x += snprintf(cmd, 1024-x, "%s ", argv[i]);
openlog("us", LOG_NOWAIT, LOG_AUTH);
syslog(LOG_NOTICE, "user %s tried to run %s as %s"
"but failed", my_name, cmd, t_pw->pw_name);
closelog();
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
}
/* Get target user's shell */ /* Get target user's shell */
if (!shellflag) if (!shellflag)
@ -333,6 +345,15 @@ int main(int argc, char *argv[])
goto fail_end; goto fail_end;
} }
if (!(conf_flags & FLAG_NOLOG)) {
char cmd[1024] = {0};
for (int i = 0, x = 0; c_argv[i] && x < 1024; i++)
x += snprintf(cmd, 1024-x, "%s ", c_argv[i]);
openlog("us", LOG_NOWAIT, LOG_AUTH);
syslog(LOG_INFO, "user %s ran %s as %s", my_name, cmd, t_pw->pw_name);
closelog();
}
/* Execute the command */ /* Execute the command */
err = execvp(c_argv[0], c_argv); err = execvp(c_argv[0], c_argv);
if (err == -1) if (err == -1)
@ -486,7 +507,7 @@ static int authenticate(uid_t uid, int ask, int persist)
int fd = STDIN_FILENO; int fd = STDIN_FILENO;
char *askpass = getenv("US_ASKPASS"); char *askpass = getenv("US_ASKPASS");
char pass[1024] = {0}; char pass[PASS_MAX] = {0};
struct termios tio_before, tio_pass; struct termios tio_before, tio_pass;
if (ask && askpass) { if (ask && askpass) {
pid_t pid, parent = getpid(); pid_t pid, parent = getpid();
@ -532,7 +553,7 @@ static int authenticate(uid_t uid, int ask, int persist)
if (tcsetattr(tty_fd, TCSANOW, &tio_pass) == -1) if (tcsetattr(tty_fd, TCSANOW, &tio_pass) == -1)
die("tcsetattr:"); die("tcsetattr:");
} }
int r = read(fd, pass, 1023); int r = read(fd, pass, PASS_MAX-1);
if (!r || r == -1) { if (!r || r == -1) {
if (errno) if (errno)
fprintf(stderr, "read: %s\n", strerror(errno)); fprintf(stderr, "read: %s\n", strerror(errno));
@ -543,7 +564,7 @@ static int authenticate(uid_t uid, int ask, int persist)
waitpid(-1, NULL, 0); waitpid(-1, NULL, 0);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
pass[1023] = '\0'; pass[PASS_MAX-1] = '\0';
/* Remove the terminating (if there is) \n in password */ /* Remove the terminating (if there is) \n in password */
int l = strlen(pass); int l = strlen(pass);
if (pass[l-1] == '\n') if (pass[l-1] == '\n')
@ -558,8 +579,8 @@ static int authenticate(uid_t uid, int ask, int persist)
char *enc = crypt(pass, hash); char *enc = crypt(pass, hash);
/* Remove password from memory, just to be sure */ /* Remove password from memory, just to be sure */
memset(pass, 0, 1024); memset(pass, 0, PASS_MAX);
if (strncmp(hash, enc, 1024)) { if (strncmp(hash, enc, PASS_MAX)) {
printf("Authentication failure\n"); printf("Authentication failure\n");
setuid(uid); setuid(uid);
return -1; return -1;

Write Preview
Loading…
Cancel
Save