search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
drivers/usbhid-ups.c: upsdrv_initups(): update comments about logical progression...
[networkupstools.git] / server / user.c
blob8ebb418ec9e5654d7755e458a4ec298a57bf2f70
1 /* user.c - user handling functions for upsd
2
3 Copyright (C) 2001 Russell Kroll <rkroll@exploits.org>
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 2 of the License, or
8 (at your option) any later version.
9
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
14
15 You should have received a copy of the GNU General Public License
16 along with this program; if not, write to the Free Software
17 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 */
19
20 #include "config.h" /* must be the first header */
21
22 #include <sys/types.h>
23 #ifndef WIN32
24 #include <sys/socket.h>
25 #include <netinet/in.h>
26 #include <arpa/inet.h>
27 #endif
28
29 #include "common.h"
30 #include "parseconf.h"
31
32 #include "user.h"
33 #include "user-data.h"
34
35 static ulist_t *users = NULL;
36
37 static ulist_t *curr_user;
38
39 /* create a new user entry */
40 static void user_add(const char *un)
41 {
42 ulist_t *tmp, *last = NULL;
43
44 if (!un) {
45 return;
46 }
47
48 for (tmp = users; tmp != NULL; tmp = tmp->next) {
49
50 last = tmp;
51
52 if (!strcmp(tmp->username, un)) {
53 fprintf(stderr, "Ignoring duplicate user %s\n", un);
54 return;
55 }
56 }
57
58 tmp = xcalloc(1, sizeof(*tmp));
59 tmp->username = xstrdup(un);
60
61 if (last) {
62 last->next = tmp;
63 } else {
64 users = tmp;
65 }
66
67 /* remember who we're working on */
68 curr_user = tmp;
69 }
70
71 /* set password */
72 static void user_password(const char *pw)
73 {
74 if (!curr_user) {
75 upslogx(LOG_WARNING, "Ignoring password definition outside "
76 "user section");
77 return;
78 }
79
80 if (!pw) {
81 return;
82 }
83
84 if (curr_user->password) {
85 fprintf(stderr, "Ignoring duplicate password for %s\n",
86 curr_user->username);
87 return;
88 }
89
90 curr_user->password = xstrdup(pw);
91 }
92
93 /* attach allowed instcmds to user */
94 static void user_add_instcmd(const char *cmd)
95 {
96 instcmdlist_t *tmp, *last = NULL;
97
98 if (!curr_user) {
99 upslogx(LOG_WARNING, "Ignoring instcmd definition outside "
100 "user section");
101 return;
102 }
103
104 if (!cmd) {
105 return;
106 }
107
108 for (tmp = curr_user->firstcmd; tmp != NULL; tmp = tmp->next) {
109
110 last = tmp;
111
112 /* ignore duplicates */
113 if (!strcasecmp(tmp->cmd, cmd)) {
114 return;
115 }
116 }
117
118 upsdebugx(2, "user_add_instcmd: adding '%s' for %s",
119 cmd, curr_user->username);
120
121 tmp = xcalloc(1, sizeof(*tmp));
122
123 tmp->cmd = xstrdup(cmd);
124
125 if (last) {
126 last->next = tmp;
127 } else {
128 curr_user->firstcmd = tmp;
129 }
130 }
131
132 static actionlist_t *addaction(actionlist_t *base, const char *action)
133 {
134 actionlist_t *tmp, *last = NULL;
135
136 if (!action) {
137 return base;
138 }
139
140 for (tmp = base; tmp != NULL; tmp = tmp->next) {
141
142 last = tmp;
143 }
144
145 tmp = xcalloc(1, sizeof(*tmp));
146 tmp->action = xstrdup(action);
147
148 if (last) {
149 last->next = tmp;
150 return base;
151 }
152
153 return tmp;
154 }
155
156 /* attach allowed actions to user */
157 static void user_add_action(const char *act)
158 {
159 if (!curr_user) {
160 upslogx(LOG_WARNING, "Ignoring action definition outside "
161 "user section");
162 return;
163 }
164
165 upsdebugx(2, "user_add_action: adding '%s' for %s",
166 act, curr_user->username);
167
168 curr_user->firstaction = addaction(curr_user->firstaction, act);
169 }
170
171 static void flushcmd(instcmdlist_t *ptr)
172 {
173 if (!ptr) {
174 return;
175 }
176
177 flushcmd(ptr->next);
178
179 free(ptr->cmd);
180 free(ptr);
181 }
182
183 static void flushaction(actionlist_t *ptr)
184 {
185 if (!ptr) {
186 return;
187 }
188
189 flushaction(ptr->next);
190
191 free(ptr->action);
192 free(ptr);
193 }
194
195 static void flushuser(ulist_t *ptr)
196 {
197 if (!ptr) {
198 return;
199 }
200
201 flushuser(ptr->next);
202 flushcmd(ptr->firstcmd);
203 flushaction(ptr->firstaction);
204
205 free(ptr->username);
206 free(ptr->password);
207 free(ptr);
208 }
209
210 /* flush all user attributes - used during reload */
211 void user_flush(void)
212 {
213 flushuser(users);
214 users = NULL;
215 }
216
217 static int user_matchinstcmd(ulist_t *user, const char * cmd)
218 {
219 instcmdlist_t *tmp;
220
221 for (tmp = user->firstcmd; tmp != NULL; tmp = tmp->next) {
222
223 if (!strcasecmp(tmp->cmd, cmd)) {
224 return 1; /* good */
225 }
226
227 if (!strcasecmp(tmp->cmd, "all")) {
228 return 1; /* good */
229 }
230 }
231
232 return 0; /* fail */
233 }
234
235 int user_checkinstcmd(const char *un, const char *pw, const char *cmd)
236 {
237 ulist_t *tmp;
238
239 if ((!un) || (!pw) || (!cmd)) {
240 return 0; /* failed */
241 }
242
243 for (tmp = users; tmp != NULL; tmp = tmp->next) {
244
245 /* let's be paranoid before we call strcmp */
246
247 if ((!tmp->username) || (!tmp->password)) {
248 continue;
249 }
250
251 if (strcmp(tmp->username, un)) {
252 continue;
253 }
254
255
256 if (strcmp(tmp->password, pw)) {
257 /* password mismatch */
258 return 0; /* fail */
259 }
260
261 if (!user_matchinstcmd(tmp, cmd)) {
262 return 0; /* fail */
263 }
264
265 /* passed all checks */
266 return 1; /* good */
267 }
268
269 /* username not found */
270 return 0; /* fail */
271 }
272
273 static int user_matchaction(ulist_t *user, const char *action)
274 {
275 actionlist_t *tmp;
276
277 for (tmp = user->firstaction; tmp != NULL; tmp = tmp->next) {
278
279 if (!strcasecmp(tmp->action, action)) {
280 return 1; /* good */
281 }
282 }
283
284 return 0; /* fail */
285 }
286
287 int user_checkaction(const char *un, const char *pw, const char *action)
288 {
289 ulist_t *tmp;
290
291 if ((!un) || (!pw) || (!action))
292 return 0; /* failed */
293
294 for (tmp = users; tmp != NULL; tmp = tmp->next) {
295
296 /* let's be paranoid before we call strcmp */
297
298 if ((!tmp->username) || (!tmp->password)) {
299 continue;
300 }
301
302 if (strcmp(tmp->username, un)) {
303 continue;
304 }
305
306 if (strcmp(tmp->password, pw)) {
307 upsdebugx(2, "user_checkaction: password mismatch");
308 return 0; /* fail */
309 }
310
311 if (!user_matchaction(tmp, action)) {
312 upsdebugx(2, "user_matchaction: failed");
313 return 0; /* fail */
314 }
315
316 /* passed all checks */
317 return 1; /* good */
318 }
319
320 /* username not found */
321 return 0; /* fail */
322 }
323
324 /* handle "upsmon primary" and "upsmon secondary" for nicer configurations */
325 /* FIXME: Protocol update needed to handle master/primary alias (in action and in protocol) */
326 static void set_upsmon_type(char *type)
327 {
328 /* primary: login, master, fsd */
329 if (!strcasecmp(type, "master") || !strcasecmp(type, "primary")) {
330 user_add_action("login");
331 user_add_action("master"); /* Note: this is linked to "MASTER" API command permission */
332 user_add_action("fsd");
333 return;
334 }
335
336 /* secondary: just login */
337 if (!strcasecmp(type, "slave") || !strcasecmp(type, "secondary")) {
338 user_add_action("login");
339 return;
340 }
341
342 upslogx(LOG_WARNING, "Unknown upsmon type %s", type);
343 }
344
345 /* actually do something with the variable + value pairs */
346 static void parse_var(char *var, char *val)
347 {
348 if (!strcasecmp(var, "password")) {
349 user_password(val);
350 return;
351 }
352
353 if (!strcasecmp(var, "instcmds")) {
354 user_add_instcmd(val);
355 return;
356 }
357
358 if (!strcasecmp(var, "actions")) {
359 user_add_action(val);
360 return;
361 }
362
363 if (!strcasecmp(var, "allowfrom")) {
364 upslogx(LOG_WARNING, "allowfrom in upsd.users is no longer used");
365 return;
366 }
367
368 /* someone did 'upsmon = type' - allow it anyway */
369 if (!strcasecmp(var, "upsmon")) {
370 set_upsmon_type(val);
371 return;
372 }
373
374 upslogx(LOG_NOTICE, "Unrecognized user setting %s", var);
375 }
376
377 /* parse first var+val pair, then flip through remaining vals */
378 static void parse_rest(char *var, char *fval, char **arg, size_t next, size_t left)
379 {
380 size_t i;
381
382 /* no globals supported yet, so there's no sense in continuing */
383 if (!curr_user) {
384 return;
385 }
386
387 parse_var(var, fval);
388
389 if (left == 0) {
390 return;
391 }
392
393 for (i = 0; i < left; i++) {
394 parse_var(var, arg[next + i]);
395 }
396 }
397
398 static void user_parse_arg(size_t numargs, char **arg)
399 {
400 char *ep;
401
402 if ((numargs == 0) || (!arg)) {
403 return;
404 }
405
406 /* ignore old file format */
407 if (!strcasecmp(arg[0], "user")) {
408 return;
409 }
410
411 /* handle 'foo=bar' (compressed form) */
412
413 ep = strchr(arg[0], '=');
414 if (ep) {
415 *ep = '\0';
416
417 /* parse first var/val, plus subsequent values (if any) */
418
419 /* 0 1 2 ... */
420 /* foo=bar <rest1> <rest2> ... */
421
422 parse_rest(arg[0], ep+1, arg, 1, (numargs < 2) ? 0 : (numargs - 1));
423 return;
424 }
425
426 /* look for section headers - [username] */
427 if ((arg[0][0] == '[') && (arg[0][strlen(arg[0])-1] == ']')) {
428
429 arg[0][strlen(arg[0])-1] = '\0';
430 user_add(&arg[0][1]);
431
432 return;
433 }
434
435 if (numargs < 2) {
436 return;
437 }
438
439 if (!strcasecmp(arg[0], "upsmon")) {
440 set_upsmon_type(arg[1]);
441 }
442
443 /* everything after here needs arg[1] and arg[2] */
444 if (numargs < 3) {
445 return;
446 }
447
448 /* handle 'foo = bar' (split form) */
449 if (!strcmp(arg[1], "=")) {
450
451 /* 0 1 2 3 4 ... */
452 /* foo = bar <rest1> <rest2> ... */
453
454 /* parse first var/val, plus subsequent values (if any) */
455
456 parse_rest(arg[0], arg[2], arg, 3, (numargs < 4) ? 0 : (numargs - 3));
457 return;
458 }
459
460 /* ... unhandled ... */
461 }
462
463 /* called for fatal errors in parseconf like malloc failures */
464 static void upsd_user_err(const char *errmsg)
465 {
466 upslogx(LOG_ERR, "Fatal error in parseconf(upsd.users): %s", errmsg);
467 }
468
469 void user_load(void)
470 {
471 char fn[SMALLBUF];
472 PCONF_CTX_t ctx;
473
474 curr_user = NULL;
475
476 snprintf(fn, sizeof(fn), "%s/upsd.users", confpath());
477
478 check_perms(fn);
479
480 pconf_init(&ctx, upsd_user_err);
481
482 if (!pconf_file_begin(&ctx, fn)) {
483
484 pconf_finish(&ctx);
485
486 upslogx(LOG_WARNING, "%s", ctx.errmsg);
487 return;
488 }
489
490 while (pconf_file_next(&ctx)) {
491
492 if (pconf_parse_error(&ctx)) {
493 upslogx(LOG_ERR, "Parse error: %s:%d: %s",
494 fn, ctx.linenum, ctx.errmsg);
495 continue;
496 }
497
498 user_parse_arg(ctx.numargs, ctx.arglist);
499 }
500
501 pconf_finish(&ctx);
502 }
Network UPS Tools