Line data Source code
1 : /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 : /*
3 : * This file is part of the LibreOffice project.
4 : *
5 : * This Source Code Form is subject to the terms of the Mozilla Public
6 : * License, v. 2.0. If a copy of the MPL was not distributed with this
7 : * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 : *
9 : * This file incorporates work covered by the following license notice:
10 : *
11 : * Licensed to the Apache Software Foundation (ASF) under one or more
12 : * contributor license agreements. See the NOTICE file distributed
13 : * with this work for additional information regarding copyright
14 : * ownership. The ASF licenses this file to you under the Apache
15 : * License, Version 2.0 (the "License"); you may not use this file
16 : * except in compliance with the License. You may obtain a copy of
17 : * the License at http://www.apache.org/licenses/LICENSE-2.0 .
18 : */
19 :
20 : #include <sal/config.h>
21 :
22 : #include <cstddef>
23 : #include <limits>
24 :
25 : #include "system.h"
26 :
27 : #include <osl/security.h>
28 : #include <osl/diagnose.h>
29 : #include <rtl/bootstrap.h>
30 : #include <sal/log.hxx>
31 :
32 : #include "osl/thread.h"
33 : #include "osl/file.h"
34 :
35 : #if defined LINUX || defined SOLARIS
36 : #include <crypt.h>
37 : #endif
38 :
39 : #include "secimpl.h"
40 :
41 : #ifdef ANDROID
42 : #define getpwuid_r(uid, pwd, buf, buflen, result) (*(result) = getpwuid(uid), (*(result) ? (memcpy (buf, *(result), sizeof (struct passwd)), 0) : errno))
43 : #endif
44 :
45 : static oslSecurityError SAL_CALL
46 : osl_psz_loginUser(const sal_Char* pszUserName, const sal_Char* pszPasswd,
47 : oslSecurity* pSecurity);
48 : extern "C" sal_Bool SAL_CALL osl_psz_getUserIdent(oslSecurity Security, sal_Char *pszIdent, sal_uInt32 nMax);
49 : static sal_Bool SAL_CALL osl_psz_getUserName(oslSecurity Security, sal_Char* pszName, sal_uInt32 nMax);
50 : static sal_Bool SAL_CALL osl_psz_getHomeDir(oslSecurity Security, sal_Char* pszDirectory, sal_uInt32 nMax);
51 : static sal_Bool SAL_CALL osl_psz_getConfigDir(oslSecurity Security, sal_Char* pszDirectory, sal_uInt32 nMax);
52 :
53 1912 : static sal_Bool sysconf_SC_GETPW_R_SIZE_MAX(std::size_t * value) {
54 : #if defined _SC_GETPW_R_SIZE_MAX
55 : long m;
56 1912 : errno = 0;
57 1912 : m = sysconf(_SC_GETPW_R_SIZE_MAX);
58 1912 : if (m == -1) {
59 : /* _SC_GETPW_R_SIZE_MAX has no limit; some platforms like certain
60 : FreeBSD versions support sysconf(_SC_GETPW_R_SIZE_MAX) in a broken
61 : way and always set EINVAL, so be resilient here: */
62 0 : return sal_False;
63 : } else {
64 : OSL_ASSERT(
65 : m >= 0
66 : && (unsigned long) m < std::numeric_limits<std::size_t>::max());
67 1912 : *value = (std::size_t) m;
68 1912 : return sal_True;
69 : }
70 : #else
71 : /* some platforms like Mac OS X 1.3 do not define _SC_GETPW_R_SIZE_MAX: */
72 : return sal_False;
73 : #endif
74 : }
75 :
76 1912 : static oslSecurityImpl * growSecurityImpl(
77 : oslSecurityImpl * impl, std::size_t * bufSize)
78 : {
79 1912 : std::size_t n = 0;
80 1912 : oslSecurityImpl * p = NULL;
81 1912 : if (impl == NULL) {
82 1912 : if (!sysconf_SC_GETPW_R_SIZE_MAX(&n)) {
83 : /* choose something sensible (the callers of growSecurityImpl will
84 : detect it if the allocated buffer is too small: */
85 0 : n = 1024;
86 : }
87 0 : } else if (*bufSize <= std::numeric_limits<std::size_t>::max() / 2) {
88 0 : n = 2 * *bufSize;
89 : }
90 1912 : if (n != 0) {
91 3824 : if (n <= std::numeric_limits<std::size_t>::max()
92 1912 : - offsetof(oslSecurityImpl, m_buffer))
93 : {
94 1912 : *bufSize = n;
95 1912 : n += offsetof(oslSecurityImpl, m_buffer);
96 : } else {
97 0 : *bufSize = std::numeric_limits<std::size_t>::max()
98 0 : - offsetof(oslSecurityImpl, m_buffer);
99 0 : n = std::numeric_limits<std::size_t>::max();
100 : }
101 1912 : p = static_cast<oslSecurityImpl *>(realloc(impl, n));
102 1912 : memset (p, 0, n);
103 : }
104 1912 : if (p == NULL) {
105 0 : free(impl);
106 : }
107 1912 : return p;
108 : }
109 :
110 1912 : static void deleteSecurityImpl(oslSecurityImpl * impl) {
111 1912 : free(impl);
112 1912 : }
113 :
114 1912 : oslSecurity SAL_CALL osl_getCurrentSecurity()
115 : {
116 1912 : std::size_t n = 0;
117 1912 : oslSecurityImpl * p = NULL;
118 : for (;;) {
119 : struct passwd * found;
120 1912 : p = growSecurityImpl(p, &n);
121 1912 : if (p == NULL) {
122 1912 : return NULL;
123 : }
124 1912 : switch (getpwuid_r(getuid(), &p->m_pPasswd, p->m_buffer, n, &found)) {
125 : case ERANGE:
126 0 : break;
127 : case 0:
128 1912 : if (found != NULL) {
129 1912 : return p;
130 : }
131 : /* fall through */
132 : default:
133 0 : deleteSecurityImpl(p);
134 0 : return NULL;
135 : }
136 0 : }
137 : }
138 :
139 0 : oslSecurityError SAL_CALL osl_loginUser(
140 : rtl_uString *ustrUserName,
141 : rtl_uString *ustrPassword,
142 : oslSecurity *pSecurity
143 : )
144 : {
145 : oslSecurityError Error;
146 0 : rtl_String* strUserName=0;
147 0 : rtl_String* strPassword=0;
148 0 : sal_Char* pszUserName=0;
149 0 : sal_Char* pszPassword=0;
150 :
151 0 : if ( ustrUserName != 0 )
152 : {
153 : rtl_uString2String( &strUserName,
154 0 : rtl_uString_getStr(ustrUserName),
155 : rtl_uString_getLength(ustrUserName),
156 : RTL_TEXTENCODING_UTF8,
157 0 : OUSTRING_TO_OSTRING_CVTFLAGS );
158 0 : pszUserName = rtl_string_getStr(strUserName);
159 : }
160 :
161 0 : if ( ustrPassword != 0 )
162 : {
163 : rtl_uString2String( &strPassword,
164 0 : rtl_uString_getStr(ustrPassword),
165 : rtl_uString_getLength(ustrPassword),
166 : RTL_TEXTENCODING_UTF8,
167 0 : OUSTRING_TO_OSTRING_CVTFLAGS );
168 0 : pszPassword = rtl_string_getStr(strPassword);
169 : }
170 :
171 0 : Error=osl_psz_loginUser(pszUserName,pszPassword,pSecurity);
172 :
173 0 : if ( strUserName != 0 )
174 : {
175 0 : rtl_string_release(strUserName);
176 : }
177 :
178 0 : if ( strPassword)
179 : {
180 0 : rtl_string_release(strPassword);
181 : }
182 :
183 0 : return Error;
184 : }
185 :
186 : static oslSecurityError SAL_CALL
187 0 : osl_psz_loginUser(const sal_Char* pszUserName, const sal_Char* pszPasswd,
188 : oslSecurity* pSecurity)
189 : {
190 : (void)pszUserName;
191 : (void)pszPasswd;
192 : (void)pSecurity;
193 :
194 0 : return osl_Security_E_None;
195 : }
196 :
197 1 : oslSecurityError SAL_CALL osl_loginUserOnFileServer(
198 : rtl_uString *strUserName,
199 : rtl_uString *strPasswd,
200 : rtl_uString *strFileServer,
201 : oslSecurity *pSecurity
202 : )
203 : {
204 : (void) strUserName; /* unused */
205 : (void) strPasswd; /* unused */
206 : (void) strFileServer; /* unused */
207 : (void) pSecurity; /* unused */
208 1 : return osl_Security_E_UserUnknown;
209 : }
210 :
211 1 : sal_Bool SAL_CALL osl_getUserIdent(oslSecurity Security, rtl_uString **ustrIdent)
212 : {
213 1 : sal_Bool bRet=sal_False;
214 : sal_Char pszIdent[1024];
215 :
216 1 : pszIdent[0] = '\0';
217 :
218 1 : bRet = osl_psz_getUserIdent(Security,pszIdent,sizeof(pszIdent));
219 :
220 1 : rtl_string2UString( ustrIdent, pszIdent, rtl_str_getLength( pszIdent ), osl_getThreadTextEncoding(), OUSTRING_TO_OSTRING_CVTFLAGS );
221 : OSL_ASSERT(*ustrIdent != NULL);
222 :
223 1 : return bRet;
224 : }
225 :
226 518 : sal_Bool SAL_CALL osl_psz_getUserIdent(oslSecurity Security, sal_Char *pszIdent, sal_uInt32 nMax)
227 : {
228 : sal_Char buffer[32];
229 : sal_Int32 nChr;
230 :
231 518 : oslSecurityImpl *pSecImpl = (oslSecurityImpl *)Security;
232 :
233 518 : if (pSecImpl == NULL)
234 0 : return sal_False;
235 :
236 518 : nChr = snprintf(buffer, sizeof(buffer), "%u", pSecImpl->m_pPasswd.pw_uid);
237 1036 : if ( nChr < 0 || sal::static_int_cast<sal_uInt32>(nChr) >= sizeof(buffer)
238 1036 : || sal::static_int_cast<sal_uInt32>(nChr) >= nMax )
239 0 : return sal_False; /* leave *pszIdent unmodified in case of failure */
240 :
241 518 : memcpy(pszIdent, buffer, nChr+1);
242 518 : return sal_True;
243 : }
244 :
245 227 : sal_Bool SAL_CALL osl_getUserName(oslSecurity Security, rtl_uString **ustrName)
246 : {
247 227 : sal_Bool bRet=sal_False;
248 : sal_Char pszName[1024];
249 :
250 227 : pszName[0] = '\0';
251 :
252 227 : bRet = osl_psz_getUserName(Security,pszName,sizeof(pszName));
253 :
254 227 : rtl_string2UString( ustrName, pszName, rtl_str_getLength( pszName ), osl_getThreadTextEncoding(), OUSTRING_TO_OSTRING_CVTFLAGS );
255 : OSL_ASSERT(*ustrName != NULL);
256 :
257 227 : return bRet;
258 : }
259 :
260 227 : static sal_Bool SAL_CALL osl_psz_getUserName(oslSecurity Security, sal_Char* pszName, sal_uInt32 nMax)
261 : {
262 227 : oslSecurityImpl *pSecImpl = (oslSecurityImpl *)Security;
263 :
264 227 : if (pSecImpl == NULL || pSecImpl->m_pPasswd.pw_name == NULL)
265 0 : return sal_False;
266 :
267 227 : strncpy(pszName, pSecImpl->m_pPasswd.pw_name, nMax);
268 :
269 227 : return sal_True;
270 : }
271 :
272 1124 : sal_Bool SAL_CALL osl_getHomeDir(oslSecurity Security, rtl_uString **pustrDirectory)
273 : {
274 1124 : sal_Bool bRet=sal_False;
275 : sal_Char pszDirectory[PATH_MAX];
276 :
277 1124 : pszDirectory[0] = '\0';
278 :
279 1124 : bRet = osl_psz_getHomeDir(Security,pszDirectory,sizeof(pszDirectory));
280 :
281 1124 : if ( bRet == sal_True )
282 : {
283 1124 : rtl_string2UString( pustrDirectory, pszDirectory, rtl_str_getLength( pszDirectory ), osl_getThreadTextEncoding(), OUSTRING_TO_OSTRING_CVTFLAGS );
284 : OSL_ASSERT(*pustrDirectory != NULL);
285 1124 : osl_getFileURLFromSystemPath( *pustrDirectory, pustrDirectory );
286 : }
287 :
288 1124 : return bRet;
289 : }
290 :
291 1157 : static sal_Bool SAL_CALL osl_psz_getHomeDir(oslSecurity Security, sal_Char* pszDirectory, sal_uInt32 nMax)
292 : {
293 1157 : oslSecurityImpl *pSecImpl = (oslSecurityImpl *)Security;
294 :
295 1157 : if (pSecImpl == NULL)
296 0 : return sal_False;
297 :
298 : #ifdef ANDROID
299 : {
300 : sal_Bool bRet = sal_False;
301 : rtl_uString *pName = 0, *pValue = 0;
302 :
303 : rtl_uString_newFromAscii(&pName, "HOME");
304 :
305 : if (rtl_bootstrap_get(pName, &pValue, NULL))
306 : {
307 : rtl_String *pStrValue = 0;
308 : if (pValue && pValue->length > 0)
309 : {
310 : rtl_uString2String(&pStrValue, pValue->buffer,
311 : pValue->length, RTL_TEXTENCODING_UTF8,
312 : OUSTRING_TO_OSTRING_CVTFLAGS);
313 : if (pStrValue && pStrValue->length > 0)
314 : {
315 : sal_Int32 nCopy = (sal_Int32)(nMax-1) < pStrValue->length ? (sal_Int32)(nMax-1) : pStrValue->length ;
316 : strncpy (pszDirectory, pStrValue->buffer, nCopy);
317 : pszDirectory[nCopy] = '\0';
318 : bRet = (std::size_t)pStrValue->length < nMax;
319 : }
320 : rtl_string_release(pStrValue);
321 : }
322 : rtl_uString_release(pName);
323 : }
324 : if (bRet)
325 : return bRet;
326 : }
327 : #endif
328 :
329 : /* if current user, check also environment for HOME */
330 1157 : if (getuid() == pSecImpl->m_pPasswd.pw_uid)
331 : {
332 1157 : sal_Char *pStr = NULL;
333 : #ifdef SOLARIS
334 : char buffer[8192];
335 :
336 : struct passwd pwd;
337 : struct passwd *ppwd;
338 :
339 : #ifdef _POSIX_PTHREAD_SEMANTICS
340 : if ( 0 != getpwuid_r(getuid(), &pwd, buffer, sizeof(buffer), &ppwd ) )
341 : ppwd = NULL;
342 : #else
343 : ppwd = getpwuid_r(getuid(), &pwd, buffer, sizeof(buffer) );
344 : #endif
345 :
346 : if ( ppwd )
347 : pStr = ppwd->pw_dir;
348 : #else
349 1157 : pStr = getenv("HOME");
350 : #endif
351 :
352 1157 : if (pStr != NULL && strlen(pStr) > 0 && access(pStr, 0) == 0)
353 1157 : strncpy(pszDirectory, pStr, nMax);
354 0 : else if (pSecImpl->m_pPasswd.pw_dir != NULL)
355 0 : strncpy(pszDirectory, pSecImpl->m_pPasswd.pw_dir, nMax);
356 : else
357 0 : return sal_False;
358 : }
359 0 : else if (pSecImpl->m_pPasswd.pw_dir != NULL)
360 0 : strncpy(pszDirectory, pSecImpl->m_pPasswd.pw_dir, nMax);
361 : else
362 0 : return sal_False;
363 :
364 1157 : return sal_True;
365 : }
366 :
367 33 : sal_Bool SAL_CALL osl_getConfigDir(oslSecurity Security, rtl_uString **pustrDirectory)
368 : {
369 33 : sal_Bool bRet = sal_False;
370 : sal_Char pszDirectory[PATH_MAX];
371 :
372 33 : pszDirectory[0] = '\0';
373 :
374 33 : bRet = osl_psz_getConfigDir(Security,pszDirectory,sizeof(pszDirectory));
375 :
376 33 : if ( bRet == sal_True )
377 : {
378 33 : rtl_string2UString( pustrDirectory, pszDirectory, rtl_str_getLength( pszDirectory ), osl_getThreadTextEncoding(), OUSTRING_TO_OSTRING_CVTFLAGS );
379 : OSL_ASSERT(*pustrDirectory != NULL);
380 33 : osl_getFileURLFromSystemPath( *pustrDirectory, pustrDirectory );
381 : }
382 :
383 33 : return bRet;
384 : }
385 :
386 : #if !defined(MACOSX) && !defined(IOS)
387 :
388 : #define DOT_CONFIG "/.config"
389 :
390 33 : static sal_Bool SAL_CALL osl_psz_getConfigDir(oslSecurity Security, sal_Char* pszDirectory, sal_uInt32 nMax)
391 : {
392 33 : sal_Char *pStr = getenv("XDG_CONFIG_HOME");
393 :
394 33 : if (pStr == NULL || strlen(pStr) == 0 || access(pStr, 0) != 0)
395 : {
396 33 : std::size_t n = 0;
397 :
398 : // a default equal to $HOME/.config should be used.
399 33 : if (!osl_psz_getHomeDir(Security, pszDirectory, nMax))
400 0 : return sal_False;
401 33 : n = strlen(pszDirectory);
402 33 : if (n + sizeof(DOT_CONFIG) < nMax)
403 : {
404 33 : strncpy(pszDirectory+n, DOT_CONFIG, sizeof(DOT_CONFIG));
405 :
406 : // try to create dir if not present
407 33 : bool dirOK = true;
408 33 : if (mkdir(pszDirectory, S_IRWXU) != 0)
409 : {
410 33 : int e = errno;
411 33 : if (e != EEXIST)
412 : {
413 : SAL_WARN(
414 : "sal.osl",
415 : "mkdir(" << pszDirectory << "): errno=" << e);
416 0 : dirOK = false;
417 : }
418 : }
419 33 : if (dirOK)
420 : {
421 : // check file type and permissions
422 : struct stat st;
423 33 : if (stat(pszDirectory, &st) != 0)
424 : {
425 : OSL_TRACE("Could not stat $HOME/.config");
426 0 : dirOK = false;
427 : }
428 : else
429 : {
430 33 : if (!S_ISDIR(st.st_mode))
431 : {
432 : OSL_TRACE("$HOME/.config is not a directory");
433 0 : dirOK = false;
434 : }
435 33 : if (!(st.st_mode & S_IRUSR && st.st_mode & S_IWUSR && st.st_mode & S_IXUSR))
436 : {
437 : OSL_TRACE("$HOME/.config has bad permissions");
438 0 : dirOK = false;
439 : }
440 : }
441 : }
442 :
443 : // resort to HOME
444 33 : if (!dirOK)
445 0 : pszDirectory[n] = '\0';
446 : }
447 : }
448 : else
449 0 : strncpy(pszDirectory, pStr, nMax);
450 :
451 33 : return sal_True;
452 : }
453 :
454 : #undef DOT_CONFIG
455 :
456 : #else
457 :
458 : /*
459 : * FIXME: rewrite to use more flexible
460 : * NSSearchPathForDirectoriesInDomains(NSApplicationSupportDirectory, NSUserDomainMask, YES)
461 : * as soon as we can bumb the baseline to Tiger (for NSApplicationSupportDirectory) and have
462 : * support for Objective-C in the build environment
463 : */
464 :
465 : #define MACOSX_CONFIG_DIR "/Library/Application Support" /* Used on iOS, too */
466 : static sal_Bool SAL_CALL osl_psz_getConfigDir(oslSecurity Security, sal_Char* pszDirectory, sal_uInt32 nMax)
467 : {
468 : if( osl_psz_getHomeDir(Security, pszDirectory, nMax - sizeof(MACOSX_CONFIG_DIR) + 1) )
469 : {
470 : strcat( pszDirectory, MACOSX_CONFIG_DIR );
471 : return sal_True;
472 : }
473 :
474 : return sal_False;
475 : }
476 :
477 : #endif
478 :
479 3 : sal_Bool SAL_CALL osl_isAdministrator(oslSecurity Security)
480 : {
481 3 : oslSecurityImpl *pSecImpl = (oslSecurityImpl *)Security;
482 :
483 3 : if (pSecImpl == NULL)
484 0 : return sal_False;
485 :
486 3 : if (pSecImpl->m_pPasswd.pw_uid != 0)
487 0 : return sal_False;
488 :
489 3 : return sal_True;
490 : }
491 :
492 1912 : void SAL_CALL osl_freeSecurityHandle(oslSecurity Security)
493 : {
494 1912 : deleteSecurityImpl(static_cast<oslSecurityImpl *>(Security));
495 1912 : }
496 :
497 1 : sal_Bool SAL_CALL osl_loadUserProfile(oslSecurity Security)
498 : {
499 : (void) Security; /* unused */
500 1 : return sal_False;
501 : }
502 :
503 1 : void SAL_CALL osl_unloadUserProfile(oslSecurity Security)
504 : {
505 : (void) Security; /* unused */
506 1 : }
507 :
508 : /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
|
