diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-06-26 16:18:36 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-06-26 16:18:36 +0000 |
commit | 6c3ea4f47ea280811a7fe53a22f7832e4533c9ec (patch) | |
tree | 3d7ed5da23b5dbf6f9e450dfb61642832249c31e /lib | |
parent | Adding upstream version 1:4.13+dfsg1. (diff) | |
download | shadow-upstream/1%4.15.2.tar.xz shadow-upstream/1%4.15.2.zip |
Adding upstream version 1:4.15.2.upstream/1%4.15.2upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'lib')
155 files changed, 18179 insertions, 1601 deletions
diff --git a/lib/Makefile.am b/lib/Makefile.am index 3a50b46..22abb97 100644 --- a/lib/Makefile.am +++ b/lib/Makefile.am @@ -5,57 +5,129 @@ DEFS = noinst_LTLIBRARIES = libshadow.la +if USE_PAM +LIBCRYPT_PAM = $(LIBCRYPT) +else +LIBCRYPT_PAM = +endif + +AM_CPPFLAGS = -I$(top_srcdir)/lib -I$(top_srcdir) $(ECONF_CPPFLAGS) + libshadow_la_CPPFLAGS = $(ECONF_CPPFLAGS) if HAVE_VENDORDIR libshadow_la_CPPFLAGS += -DVENDORDIR=\"$(VENDORDIR)\" endif libshadow_la_CPPFLAGS += -I$(top_srcdir) +libshadow_la_CFLAGS = $(LIBBSD_CFLAGS) $(LIBCRYPT_PAM) $(LIBSYSTEMD) +libshadow_la_LIBADD = $(LIBADD_DLOPEN) libshadow_la_SOURCES = \ + addgrps.c \ + adds.c \ + adds.h \ + age.c \ + agetpass.c \ + agetpass.h \ + alloc.c \ + alloc.h \ + atoi/a2i.c \ + atoi/a2i.h \ + atoi/str2i.c \ + atoi/str2i.h \ + atoi/strtoi.c \ + atoi/strtoi.h \ + atoi/strtou_noneg.c \ + atoi/strtou_noneg.h \ + attr.h \ + audit_help.c \ + basename.c \ + bit.c \ + bit.h \ + cast.h \ + chkname.c \ + chkname.h \ + chowndir.c \ + chowntty.c \ + cleanup.c \ + cleanup_group.c \ + cleanup_user.c \ commonio.c \ commonio.h \ + console.c \ + copydir.c \ + csrand.c \ defines.h \ encrypt.c \ + env.c \ exitcodes.h \ faillog.h \ + failure.c \ + failure.h \ + fd.c \ fields.c \ + find_new_gid.c \ + find_new_uid.c \ + find_new_sub_gids.c \ + find_new_sub_uids.c \ fputsx.c \ - getdef.c \ - getdef.h \ get_gid.c \ - getlong.c \ get_pid.c \ get_uid.c \ - getulong.c \ + getdate.h \ + getdate.y \ + getdef.c \ + getdef.h \ + getgr_nam_gid.c \ + getrange.c \ + gettime.c \ groupio.c \ groupmem.c \ groupio.h \ gshadow.c \ + hushed.c \ + idmapping.h \ + idmapping.c \ + isexpired.c \ + limits.c \ + list.c \ lockpw.c \ + loginprompt.c \ + mail.c \ + memzero.c \ + memzero.h \ + motd.c \ + must_be.h \ + myname.c \ nss.c \ nscd.c \ nscd.h \ - shadowlog.c \ - shadowlog.h \ - shadowlog_internal.h \ - sssd.c \ - sssd.h \ + obscure.c \ pam_defs.h \ + pam_pass.c \ + pam_pass_non_interactive.c \ port.c \ port.h \ + prefix_flag.c \ prototypes.h \ pwauth.c \ pwauth.h \ pwio.c \ pwio.h \ + pwd_init.c \ + pwd2spwd.c \ + pwdcheck.c \ pwmem.c \ + remove_tree.c \ + rlogin.c \ + root_flag.c \ run_part.h \ run_part.c \ - subordinateio.h \ - subordinateio.c \ + salt.c \ selinux.c \ semanage.c \ + setugid.c \ + setupenv.c \ sgetgrent.c \ sgetpwent.c \ sgetspent.c \ @@ -64,14 +136,74 @@ libshadow_la_SOURCES = \ shadow.c \ shadowio.c \ shadowio.h \ + shadowlog.c \ + shadowlog.h \ + shadowlog_internal.h \ shadowmem.c \ + shell.c \ + sizeof.h \ spawn.c \ - utent.c + sssd.c \ + sssd.h \ + string/sprintf.c \ + string/sprintf.h \ + string/stpecpy.c \ + string/stpecpy.h \ + string/stpeprintf.c \ + string/stpeprintf.h \ + string/strftime.c \ + string/strftime.h \ + string/strncpy.h \ + string/strtcpy.c \ + string/strtcpy.h \ + string/zustr2stp.h \ + strtoday.c \ + sub.c \ + subordinateio.h \ + subordinateio.c \ + sulog.c \ + time/day_to_str.c \ + time/day_to_str.h \ + ttytype.c \ + tz.c \ + ulimit.c \ + user_busy.c \ + valid.c \ + write_full.c \ + xgetpwnam.c \ + xprefix_getpwnam.c \ + xgetpwuid.c \ + xgetgrnam.c \ + xgetgrgid.c \ + xgetspnam.c \ + yesno.c if WITH_TCB libshadow_la_SOURCES += tcbfuncs.c tcbfuncs.h endif +if WITH_BTRFS +libshadow_la_SOURCES += btrfs.c +endif + +if ENABLE_LASTLOG +libshadow_la_SOURCES += log.c +endif + +if ENABLE_LOGIND +libshadow_la_SOURCES += logind.c +else +libshadow_la_SOURCES += utmp.c +endif + +if !WITH_LIBBSD +libshadow_la_SOURCES += \ + freezero.h \ + freezero.c \ + readpassphrase.h \ + readpassphrase.c +endif + # These files are unneeded for some reason, listed in # order of appearance: # @@ -79,4 +211,5 @@ endif EXTRA_DIST = \ .indent.pro \ - gshadow_.h + gshadow_.h \ + xgetXXbyYY.c diff --git a/lib/Makefile.in b/lib/Makefile.in index 9eef01c..1b4f0fe 100644 --- a/lib/Makefile.in +++ b/lib/Makefile.in @@ -90,6 +90,16 @@ build_triplet = @build@ host_triplet = @host@ @HAVE_VENDORDIR_TRUE@am__append_1 = -DVENDORDIR=\"$(VENDORDIR)\" @WITH_TCB_TRUE@am__append_2 = tcbfuncs.c tcbfuncs.h +@WITH_BTRFS_TRUE@am__append_3 = btrfs.c +@ENABLE_LASTLOG_TRUE@am__append_4 = log.c +@ENABLE_LOGIND_TRUE@am__append_5 = logind.c +@ENABLE_LOGIND_FALSE@am__append_6 = utmp.c +@WITH_LIBBSD_FALSE@am__append_7 = \ +@WITH_LIBBSD_FALSE@ freezero.h \ +@WITH_LIBBSD_FALSE@ freezero.c \ +@WITH_LIBBSD_FALSE@ readpassphrase.h \ +@WITH_LIBBSD_FALSE@ readpassphrase.c + subdir = lib ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \ @@ -109,41 +119,116 @@ CONFIG_HEADER = $(top_builddir)/config.h CONFIG_CLEAN_FILES = CONFIG_CLEAN_VPATH_FILES = LTLIBRARIES = $(noinst_LTLIBRARIES) -libshadow_la_LIBADD = -am__libshadow_la_SOURCES_DIST = commonio.c commonio.h defines.h \ - encrypt.c exitcodes.h faillog.h fields.c fputsx.c getdef.c \ - getdef.h get_gid.c getlong.c get_pid.c get_uid.c getulong.c \ - groupio.c groupmem.c groupio.h gshadow.c lockpw.c nss.c nscd.c \ - nscd.h shadowlog.c shadowlog.h shadowlog_internal.h sssd.c \ - sssd.h pam_defs.h port.c port.h prototypes.h pwauth.c pwauth.h \ - pwio.c pwio.h pwmem.c run_part.h run_part.c subordinateio.h \ - subordinateio.c selinux.c semanage.c sgetgrent.c sgetpwent.c \ +am__DEPENDENCIES_1 = +libshadow_la_DEPENDENCIES = $(am__DEPENDENCIES_1) +am__libshadow_la_SOURCES_DIST = addgrps.c adds.c adds.h age.c \ + agetpass.c agetpass.h alloc.c alloc.h atoi/a2i.c atoi/a2i.h \ + atoi/str2i.c atoi/str2i.h atoi/strtoi.c atoi/strtoi.h \ + atoi/strtou_noneg.c atoi/strtou_noneg.h attr.h audit_help.c \ + basename.c bit.c bit.h cast.h chkname.c chkname.h chowndir.c \ + chowntty.c cleanup.c cleanup_group.c cleanup_user.c commonio.c \ + commonio.h console.c copydir.c csrand.c defines.h encrypt.c \ + env.c exitcodes.h faillog.h failure.c failure.h fd.c fields.c \ + find_new_gid.c find_new_uid.c find_new_sub_gids.c \ + find_new_sub_uids.c fputsx.c get_gid.c get_pid.c get_uid.c \ + getdate.h getdate.y getdef.c getdef.h getgr_nam_gid.c \ + getrange.c gettime.c groupio.c groupmem.c groupio.h gshadow.c \ + hushed.c idmapping.h idmapping.c isexpired.c limits.c list.c \ + lockpw.c loginprompt.c mail.c memzero.c memzero.h motd.c \ + must_be.h myname.c nss.c nscd.c nscd.h obscure.c pam_defs.h \ + pam_pass.c pam_pass_non_interactive.c port.c port.h \ + prefix_flag.c prototypes.h pwauth.c pwauth.h pwio.c pwio.h \ + pwd_init.c pwd2spwd.c pwdcheck.c pwmem.c remove_tree.c \ + rlogin.c root_flag.c run_part.h run_part.c salt.c selinux.c \ + semanage.c setugid.c setupenv.c sgetgrent.c sgetpwent.c \ sgetspent.c sgroupio.c sgroupio.h shadow.c shadowio.c \ - shadowio.h shadowmem.c spawn.c utent.c tcbfuncs.c tcbfuncs.h + shadowio.h shadowlog.c shadowlog.h shadowlog_internal.h \ + shadowmem.c shell.c sizeof.h spawn.c sssd.c sssd.h \ + string/sprintf.c string/sprintf.h string/stpecpy.c \ + string/stpecpy.h string/stpeprintf.c string/stpeprintf.h \ + string/strftime.c string/strftime.h string/strncpy.h \ + string/strtcpy.c string/strtcpy.h string/zustr2stp.h \ + strtoday.c sub.c subordinateio.h subordinateio.c sulog.c \ + time/day_to_str.c time/day_to_str.h ttytype.c tz.c ulimit.c \ + user_busy.c valid.c write_full.c xgetpwnam.c \ + xprefix_getpwnam.c xgetpwuid.c xgetgrnam.c xgetgrgid.c \ + xgetspnam.c yesno.c tcbfuncs.c tcbfuncs.h btrfs.c log.c \ + logind.c utmp.c freezero.h freezero.c readpassphrase.h \ + readpassphrase.c +am__dirstamp = $(am__leading_dot)dirstamp @WITH_TCB_TRUE@am__objects_1 = libshadow_la-tcbfuncs.lo -am_libshadow_la_OBJECTS = libshadow_la-commonio.lo \ - libshadow_la-encrypt.lo libshadow_la-fields.lo \ - libshadow_la-fputsx.lo libshadow_la-getdef.lo \ - libshadow_la-get_gid.lo libshadow_la-getlong.lo \ - libshadow_la-get_pid.lo libshadow_la-get_uid.lo \ - libshadow_la-getulong.lo libshadow_la-groupio.lo \ - libshadow_la-groupmem.lo libshadow_la-gshadow.lo \ - libshadow_la-lockpw.lo libshadow_la-nss.lo \ - libshadow_la-nscd.lo libshadow_la-shadowlog.lo \ - libshadow_la-sssd.lo libshadow_la-port.lo \ - libshadow_la-pwauth.lo libshadow_la-pwio.lo \ - libshadow_la-pwmem.lo libshadow_la-run_part.lo \ - libshadow_la-subordinateio.lo libshadow_la-selinux.lo \ - libshadow_la-semanage.lo libshadow_la-sgetgrent.lo \ - libshadow_la-sgetpwent.lo libshadow_la-sgetspent.lo \ - libshadow_la-sgroupio.lo libshadow_la-shadow.lo \ - libshadow_la-shadowio.lo libshadow_la-shadowmem.lo \ - libshadow_la-spawn.lo libshadow_la-utent.lo $(am__objects_1) +@WITH_BTRFS_TRUE@am__objects_2 = libshadow_la-btrfs.lo +@ENABLE_LASTLOG_TRUE@am__objects_3 = libshadow_la-log.lo +@ENABLE_LOGIND_TRUE@am__objects_4 = libshadow_la-logind.lo +@ENABLE_LOGIND_FALSE@am__objects_5 = libshadow_la-utmp.lo +@WITH_LIBBSD_FALSE@am__objects_6 = libshadow_la-freezero.lo \ +@WITH_LIBBSD_FALSE@ libshadow_la-readpassphrase.lo +am_libshadow_la_OBJECTS = libshadow_la-addgrps.lo libshadow_la-adds.lo \ + libshadow_la-age.lo libshadow_la-agetpass.lo \ + libshadow_la-alloc.lo atoi/libshadow_la-a2i.lo \ + atoi/libshadow_la-str2i.lo atoi/libshadow_la-strtoi.lo \ + atoi/libshadow_la-strtou_noneg.lo libshadow_la-audit_help.lo \ + libshadow_la-basename.lo libshadow_la-bit.lo \ + libshadow_la-chkname.lo libshadow_la-chowndir.lo \ + libshadow_la-chowntty.lo libshadow_la-cleanup.lo \ + libshadow_la-cleanup_group.lo libshadow_la-cleanup_user.lo \ + libshadow_la-commonio.lo libshadow_la-console.lo \ + libshadow_la-copydir.lo libshadow_la-csrand.lo \ + libshadow_la-encrypt.lo libshadow_la-env.lo \ + libshadow_la-failure.lo libshadow_la-fd.lo \ + libshadow_la-fields.lo libshadow_la-find_new_gid.lo \ + libshadow_la-find_new_uid.lo libshadow_la-find_new_sub_gids.lo \ + libshadow_la-find_new_sub_uids.lo libshadow_la-fputsx.lo \ + libshadow_la-get_gid.lo libshadow_la-get_pid.lo \ + libshadow_la-get_uid.lo libshadow_la-getdate.lo \ + libshadow_la-getdef.lo libshadow_la-getgr_nam_gid.lo \ + libshadow_la-getrange.lo libshadow_la-gettime.lo \ + libshadow_la-groupio.lo libshadow_la-groupmem.lo \ + libshadow_la-gshadow.lo libshadow_la-hushed.lo \ + libshadow_la-idmapping.lo libshadow_la-isexpired.lo \ + libshadow_la-limits.lo libshadow_la-list.lo \ + libshadow_la-lockpw.lo libshadow_la-loginprompt.lo \ + libshadow_la-mail.lo libshadow_la-memzero.lo \ + libshadow_la-motd.lo libshadow_la-myname.lo \ + libshadow_la-nss.lo libshadow_la-nscd.lo \ + libshadow_la-obscure.lo libshadow_la-pam_pass.lo \ + libshadow_la-pam_pass_non_interactive.lo libshadow_la-port.lo \ + libshadow_la-prefix_flag.lo libshadow_la-pwauth.lo \ + libshadow_la-pwio.lo libshadow_la-pwd_init.lo \ + libshadow_la-pwd2spwd.lo libshadow_la-pwdcheck.lo \ + libshadow_la-pwmem.lo libshadow_la-remove_tree.lo \ + libshadow_la-rlogin.lo libshadow_la-root_flag.lo \ + libshadow_la-run_part.lo libshadow_la-salt.lo \ + libshadow_la-selinux.lo libshadow_la-semanage.lo \ + libshadow_la-setugid.lo libshadow_la-setupenv.lo \ + libshadow_la-sgetgrent.lo libshadow_la-sgetpwent.lo \ + libshadow_la-sgetspent.lo libshadow_la-sgroupio.lo \ + libshadow_la-shadow.lo libshadow_la-shadowio.lo \ + libshadow_la-shadowlog.lo libshadow_la-shadowmem.lo \ + libshadow_la-shell.lo libshadow_la-spawn.lo \ + libshadow_la-sssd.lo string/libshadow_la-sprintf.lo \ + string/libshadow_la-stpecpy.lo \ + string/libshadow_la-stpeprintf.lo \ + string/libshadow_la-strftime.lo string/libshadow_la-strtcpy.lo \ + libshadow_la-strtoday.lo libshadow_la-sub.lo \ + libshadow_la-subordinateio.lo libshadow_la-sulog.lo \ + time/libshadow_la-day_to_str.lo libshadow_la-ttytype.lo \ + libshadow_la-tz.lo libshadow_la-ulimit.lo \ + libshadow_la-user_busy.lo libshadow_la-valid.lo \ + libshadow_la-write_full.lo libshadow_la-xgetpwnam.lo \ + libshadow_la-xprefix_getpwnam.lo libshadow_la-xgetpwuid.lo \ + libshadow_la-xgetgrnam.lo libshadow_la-xgetgrgid.lo \ + libshadow_la-xgetspnam.lo libshadow_la-yesno.lo \ + $(am__objects_1) $(am__objects_2) $(am__objects_3) \ + $(am__objects_4) $(am__objects_5) $(am__objects_6) libshadow_la_OBJECTS = $(am_libshadow_la_OBJECTS) AM_V_lt = $(am__v_lt_@AM_V@) am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) am__v_lt_0 = --silent am__v_lt_1 = +libshadow_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(libshadow_la_CFLAGS) \ + $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ AM_V_P = $(am__v_P_@AM_V@) am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) am__v_P_0 = false @@ -159,29 +244,83 @@ am__v_at_1 = DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) depcomp = $(SHELL) $(top_srcdir)/depcomp am__maybe_remake_depfiles = depfiles -am__depfiles_remade = ./$(DEPDIR)/libshadow_la-commonio.Plo \ +am__depfiles_remade = ./$(DEPDIR)/libshadow_la-addgrps.Plo \ + ./$(DEPDIR)/libshadow_la-adds.Plo \ + ./$(DEPDIR)/libshadow_la-age.Plo \ + ./$(DEPDIR)/libshadow_la-agetpass.Plo \ + ./$(DEPDIR)/libshadow_la-alloc.Plo \ + ./$(DEPDIR)/libshadow_la-audit_help.Plo \ + ./$(DEPDIR)/libshadow_la-basename.Plo \ + ./$(DEPDIR)/libshadow_la-bit.Plo \ + ./$(DEPDIR)/libshadow_la-btrfs.Plo \ + ./$(DEPDIR)/libshadow_la-chkname.Plo \ + ./$(DEPDIR)/libshadow_la-chowndir.Plo \ + ./$(DEPDIR)/libshadow_la-chowntty.Plo \ + ./$(DEPDIR)/libshadow_la-cleanup.Plo \ + ./$(DEPDIR)/libshadow_la-cleanup_group.Plo \ + ./$(DEPDIR)/libshadow_la-cleanup_user.Plo \ + ./$(DEPDIR)/libshadow_la-commonio.Plo \ + ./$(DEPDIR)/libshadow_la-console.Plo \ + ./$(DEPDIR)/libshadow_la-copydir.Plo \ + ./$(DEPDIR)/libshadow_la-csrand.Plo \ ./$(DEPDIR)/libshadow_la-encrypt.Plo \ + ./$(DEPDIR)/libshadow_la-env.Plo \ + ./$(DEPDIR)/libshadow_la-failure.Plo \ + ./$(DEPDIR)/libshadow_la-fd.Plo \ ./$(DEPDIR)/libshadow_la-fields.Plo \ + ./$(DEPDIR)/libshadow_la-find_new_gid.Plo \ + ./$(DEPDIR)/libshadow_la-find_new_sub_gids.Plo \ + ./$(DEPDIR)/libshadow_la-find_new_sub_uids.Plo \ + ./$(DEPDIR)/libshadow_la-find_new_uid.Plo \ ./$(DEPDIR)/libshadow_la-fputsx.Plo \ + ./$(DEPDIR)/libshadow_la-freezero.Plo \ ./$(DEPDIR)/libshadow_la-get_gid.Plo \ ./$(DEPDIR)/libshadow_la-get_pid.Plo \ ./$(DEPDIR)/libshadow_la-get_uid.Plo \ + ./$(DEPDIR)/libshadow_la-getdate.Plo \ ./$(DEPDIR)/libshadow_la-getdef.Plo \ - ./$(DEPDIR)/libshadow_la-getlong.Plo \ - ./$(DEPDIR)/libshadow_la-getulong.Plo \ + ./$(DEPDIR)/libshadow_la-getgr_nam_gid.Plo \ + ./$(DEPDIR)/libshadow_la-getrange.Plo \ + ./$(DEPDIR)/libshadow_la-gettime.Plo \ ./$(DEPDIR)/libshadow_la-groupio.Plo \ ./$(DEPDIR)/libshadow_la-groupmem.Plo \ ./$(DEPDIR)/libshadow_la-gshadow.Plo \ + ./$(DEPDIR)/libshadow_la-hushed.Plo \ + ./$(DEPDIR)/libshadow_la-idmapping.Plo \ + ./$(DEPDIR)/libshadow_la-isexpired.Plo \ + ./$(DEPDIR)/libshadow_la-limits.Plo \ + ./$(DEPDIR)/libshadow_la-list.Plo \ ./$(DEPDIR)/libshadow_la-lockpw.Plo \ + ./$(DEPDIR)/libshadow_la-log.Plo \ + ./$(DEPDIR)/libshadow_la-logind.Plo \ + ./$(DEPDIR)/libshadow_la-loginprompt.Plo \ + ./$(DEPDIR)/libshadow_la-mail.Plo \ + ./$(DEPDIR)/libshadow_la-memzero.Plo \ + ./$(DEPDIR)/libshadow_la-motd.Plo \ + ./$(DEPDIR)/libshadow_la-myname.Plo \ ./$(DEPDIR)/libshadow_la-nscd.Plo \ ./$(DEPDIR)/libshadow_la-nss.Plo \ + ./$(DEPDIR)/libshadow_la-obscure.Plo \ + ./$(DEPDIR)/libshadow_la-pam_pass.Plo \ + ./$(DEPDIR)/libshadow_la-pam_pass_non_interactive.Plo \ ./$(DEPDIR)/libshadow_la-port.Plo \ + ./$(DEPDIR)/libshadow_la-prefix_flag.Plo \ ./$(DEPDIR)/libshadow_la-pwauth.Plo \ + ./$(DEPDIR)/libshadow_la-pwd2spwd.Plo \ + ./$(DEPDIR)/libshadow_la-pwd_init.Plo \ + ./$(DEPDIR)/libshadow_la-pwdcheck.Plo \ ./$(DEPDIR)/libshadow_la-pwio.Plo \ ./$(DEPDIR)/libshadow_la-pwmem.Plo \ + ./$(DEPDIR)/libshadow_la-readpassphrase.Plo \ + ./$(DEPDIR)/libshadow_la-remove_tree.Plo \ + ./$(DEPDIR)/libshadow_la-rlogin.Plo \ + ./$(DEPDIR)/libshadow_la-root_flag.Plo \ ./$(DEPDIR)/libshadow_la-run_part.Plo \ + ./$(DEPDIR)/libshadow_la-salt.Plo \ ./$(DEPDIR)/libshadow_la-selinux.Plo \ ./$(DEPDIR)/libshadow_la-semanage.Plo \ + ./$(DEPDIR)/libshadow_la-setugid.Plo \ + ./$(DEPDIR)/libshadow_la-setupenv.Plo \ ./$(DEPDIR)/libshadow_la-sgetgrent.Plo \ ./$(DEPDIR)/libshadow_la-sgetpwent.Plo \ ./$(DEPDIR)/libshadow_la-sgetspent.Plo \ @@ -190,11 +329,38 @@ am__depfiles_remade = ./$(DEPDIR)/libshadow_la-commonio.Plo \ ./$(DEPDIR)/libshadow_la-shadowio.Plo \ ./$(DEPDIR)/libshadow_la-shadowlog.Plo \ ./$(DEPDIR)/libshadow_la-shadowmem.Plo \ + ./$(DEPDIR)/libshadow_la-shell.Plo \ ./$(DEPDIR)/libshadow_la-spawn.Plo \ ./$(DEPDIR)/libshadow_la-sssd.Plo \ + ./$(DEPDIR)/libshadow_la-strtoday.Plo \ + ./$(DEPDIR)/libshadow_la-sub.Plo \ ./$(DEPDIR)/libshadow_la-subordinateio.Plo \ + ./$(DEPDIR)/libshadow_la-sulog.Plo \ ./$(DEPDIR)/libshadow_la-tcbfuncs.Plo \ - ./$(DEPDIR)/libshadow_la-utent.Plo + ./$(DEPDIR)/libshadow_la-ttytype.Plo \ + ./$(DEPDIR)/libshadow_la-tz.Plo \ + ./$(DEPDIR)/libshadow_la-ulimit.Plo \ + ./$(DEPDIR)/libshadow_la-user_busy.Plo \ + ./$(DEPDIR)/libshadow_la-utmp.Plo \ + ./$(DEPDIR)/libshadow_la-valid.Plo \ + ./$(DEPDIR)/libshadow_la-write_full.Plo \ + ./$(DEPDIR)/libshadow_la-xgetgrgid.Plo \ + ./$(DEPDIR)/libshadow_la-xgetgrnam.Plo \ + ./$(DEPDIR)/libshadow_la-xgetpwnam.Plo \ + ./$(DEPDIR)/libshadow_la-xgetpwuid.Plo \ + ./$(DEPDIR)/libshadow_la-xgetspnam.Plo \ + ./$(DEPDIR)/libshadow_la-xprefix_getpwnam.Plo \ + ./$(DEPDIR)/libshadow_la-yesno.Plo \ + atoi/$(DEPDIR)/libshadow_la-a2i.Plo \ + atoi/$(DEPDIR)/libshadow_la-str2i.Plo \ + atoi/$(DEPDIR)/libshadow_la-strtoi.Plo \ + atoi/$(DEPDIR)/libshadow_la-strtou_noneg.Plo \ + string/$(DEPDIR)/libshadow_la-sprintf.Plo \ + string/$(DEPDIR)/libshadow_la-stpecpy.Plo \ + string/$(DEPDIR)/libshadow_la-stpeprintf.Plo \ + string/$(DEPDIR)/libshadow_la-strftime.Plo \ + string/$(DEPDIR)/libshadow_la-strtcpy.Plo \ + time/$(DEPDIR)/libshadow_la-day_to_str.Plo am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) @@ -214,6 +380,17 @@ AM_V_CCLD = $(am__v_CCLD_@AM_V@) am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) am__v_CCLD_0 = @echo " CCLD " $@; am__v_CCLD_1 = +@MAINTAINER_MODE_FALSE@am__skipyacc = test -f $@ || +am__yacc_c2h = sed -e s/cc$$/hh/ -e s/cpp$$/hpp/ -e s/cxx$$/hxx/ \ + -e s/c++$$/h++/ -e s/c$$/h/ +YACCCOMPILE = $(YACC) $(AM_YFLAGS) $(YFLAGS) +LTYACCCOMPILE = $(LIBTOOL) $(AM_V_lt) $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=compile $(YACC) $(AM_YFLAGS) $(YFLAGS) +AM_V_YACC = $(am__v_YACC_@AM_V@) +am__v_YACC_ = $(am__v_YACC_@AM_DEFAULT_V@) +am__v_YACC_0 = @echo " YACC " $@; +am__v_YACC_1 = +YLWRAP = $(top_srcdir)/ylwrap SOURCES = $(libshadow_la_SOURCES) DIST_SOURCES = $(am__libshadow_la_SOURCES_DIST) am__can_run_installinfo = \ @@ -238,7 +415,8 @@ am__define_uniq_tagged_files = \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | $(am__uniquify_input)` -am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp +am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp \ + $(top_srcdir)/ylwrap getdate.c DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ @@ -251,6 +429,8 @@ AWK = @AWK@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ +CMOCKA_CFLAGS = @CMOCKA_CFLAGS@ +CMOCKA_LIBS = @CMOCKA_LIBS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ CSCOPE = @CSCOPE@ @@ -269,6 +449,7 @@ EGREP = @EGREP@ ETAGS = @ETAGS@ EXEEXT = @EXEEXT@ FGREP = @FGREP@ +FILECMD = @FILECMD@ GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ GMSGFMT = @GMSGFMT@ GMSGFMT_015 = @GMSGFMT_015@ @@ -284,9 +465,15 @@ INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ LD = @LD@ LDFLAGS = @LDFLAGS@ LIBACL = @LIBACL@ +LIBADD_DL = @LIBADD_DL@ +LIBADD_DLD_LINK = @LIBADD_DLD_LINK@ +LIBADD_DLOPEN = @LIBADD_DLOPEN@ +LIBADD_SHL_LOAD = @LIBADD_SHL_LOAD@ LIBATTR = @LIBATTR@ LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ +LIBBSD = @LIBBSD@ +LIBBSD_CFLAGS = @LIBBSD_CFLAGS@ +LIBBSD_LIBS = @LIBBSD_LIBS@ LIBCRYPT = @LIBCRYPT@ LIBECONF = @LIBECONF@ LIBICONV = @LIBICONV@ @@ -302,6 +489,7 @@ LIBSUBID_ABI = @LIBSUBID_ABI@ LIBSUBID_ABI_MAJOR = @LIBSUBID_ABI_MAJOR@ LIBSUBID_ABI_MICRO = @LIBSUBID_ABI_MICRO@ LIBSUBID_ABI_MINOR = @LIBSUBID_ABI_MINOR@ +LIBSYSTEMD = @LIBSYSTEMD@ LIBTCB = @LIBTCB@ LIBTOOL = @LIBTOOL@ LIPO = @LIPO@ @@ -310,6 +498,8 @@ LN_S = @LN_S@ LTLIBICONV = @LTLIBICONV@ LTLIBINTL = @LTLIBINTL@ LTLIBOBJS = @LTLIBOBJS@ +LT_DLLOADERS = @LT_DLLOADERS@ +LT_DLPREOPEN = @LT_DLPREOPEN@ LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ @@ -332,6 +522,9 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ +PKG_CONFIG = @PKG_CONFIG@ +PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ +PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ POSUB = @POSUB@ RANLIB = @RANLIB@ SED = @SED@ @@ -405,18 +598,46 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS = 1.0 foreign noinst_LTLIBRARIES = libshadow.la +@USE_PAM_FALSE@LIBCRYPT_PAM = +@USE_PAM_TRUE@LIBCRYPT_PAM = $(LIBCRYPT) +AM_CPPFLAGS = -I$(top_srcdir)/lib -I$(top_srcdir) $(ECONF_CPPFLAGS) libshadow_la_CPPFLAGS = $(ECONF_CPPFLAGS) $(am__append_1) \ -I$(top_srcdir) -libshadow_la_SOURCES = commonio.c commonio.h defines.h encrypt.c \ - exitcodes.h faillog.h fields.c fputsx.c getdef.c getdef.h \ - get_gid.c getlong.c get_pid.c get_uid.c getulong.c groupio.c \ - groupmem.c groupio.h gshadow.c lockpw.c nss.c nscd.c nscd.h \ - shadowlog.c shadowlog.h shadowlog_internal.h sssd.c sssd.h \ - pam_defs.h port.c port.h prototypes.h pwauth.c pwauth.h pwio.c \ - pwio.h pwmem.c run_part.h run_part.c subordinateio.h \ - subordinateio.c selinux.c semanage.c sgetgrent.c sgetpwent.c \ - sgetspent.c sgroupio.c sgroupio.h shadow.c shadowio.c \ - shadowio.h shadowmem.c spawn.c utent.c $(am__append_2) +libshadow_la_CFLAGS = $(LIBBSD_CFLAGS) $(LIBCRYPT_PAM) $(LIBSYSTEMD) +libshadow_la_LIBADD = $(LIBADD_DLOPEN) +libshadow_la_SOURCES = addgrps.c adds.c adds.h age.c agetpass.c \ + agetpass.h alloc.c alloc.h atoi/a2i.c atoi/a2i.h atoi/str2i.c \ + atoi/str2i.h atoi/strtoi.c atoi/strtoi.h atoi/strtou_noneg.c \ + atoi/strtou_noneg.h attr.h audit_help.c basename.c bit.c bit.h \ + cast.h chkname.c chkname.h chowndir.c chowntty.c cleanup.c \ + cleanup_group.c cleanup_user.c commonio.c commonio.h console.c \ + copydir.c csrand.c defines.h encrypt.c env.c exitcodes.h \ + faillog.h failure.c failure.h fd.c fields.c find_new_gid.c \ + find_new_uid.c find_new_sub_gids.c find_new_sub_uids.c \ + fputsx.c get_gid.c get_pid.c get_uid.c getdate.h getdate.y \ + getdef.c getdef.h getgr_nam_gid.c getrange.c gettime.c \ + groupio.c groupmem.c groupio.h gshadow.c hushed.c idmapping.h \ + idmapping.c isexpired.c limits.c list.c lockpw.c loginprompt.c \ + mail.c memzero.c memzero.h motd.c must_be.h myname.c nss.c \ + nscd.c nscd.h obscure.c pam_defs.h pam_pass.c \ + pam_pass_non_interactive.c port.c port.h prefix_flag.c \ + prototypes.h pwauth.c pwauth.h pwio.c pwio.h pwd_init.c \ + pwd2spwd.c pwdcheck.c pwmem.c remove_tree.c rlogin.c \ + root_flag.c run_part.h run_part.c salt.c selinux.c semanage.c \ + setugid.c setupenv.c sgetgrent.c sgetpwent.c sgetspent.c \ + sgroupio.c sgroupio.h shadow.c shadowio.c shadowio.h \ + shadowlog.c shadowlog.h shadowlog_internal.h shadowmem.c \ + shell.c sizeof.h spawn.c sssd.c sssd.h string/sprintf.c \ + string/sprintf.h string/stpecpy.c string/stpecpy.h \ + string/stpeprintf.c string/stpeprintf.h string/strftime.c \ + string/strftime.h string/strncpy.h string/strtcpy.c \ + string/strtcpy.h string/zustr2stp.h strtoday.c sub.c \ + subordinateio.h subordinateio.c sulog.c time/day_to_str.c \ + time/day_to_str.h ttytype.c tz.c ulimit.c user_busy.c valid.c \ + write_full.c xgetpwnam.c xprefix_getpwnam.c xgetpwuid.c \ + xgetgrnam.c xgetgrgid.c xgetspnam.c yesno.c $(am__append_2) \ + $(am__append_3) $(am__append_4) $(am__append_5) \ + $(am__append_6) $(am__append_7) # These files are unneeded for some reason, listed in # order of appearance: @@ -424,12 +645,13 @@ libshadow_la_SOURCES = commonio.c commonio.h defines.h encrypt.c \ # sources for dbm support (not yet used) EXTRA_DIST = \ .indent.pro \ - gshadow_.h + gshadow_.h \ + xgetXXbyYY.c all: all-am .SUFFIXES: -.SUFFIXES: .c .lo .o .obj +.SUFFIXES: .c .lo .o .obj .y $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ @@ -470,39 +692,137 @@ clean-noinstLTLIBRARIES: echo rm -f $${locs}; \ rm -f $${locs}; \ } +atoi/$(am__dirstamp): + @$(MKDIR_P) atoi + @: > atoi/$(am__dirstamp) +atoi/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) atoi/$(DEPDIR) + @: > atoi/$(DEPDIR)/$(am__dirstamp) +atoi/libshadow_la-a2i.lo: atoi/$(am__dirstamp) \ + atoi/$(DEPDIR)/$(am__dirstamp) +atoi/libshadow_la-str2i.lo: atoi/$(am__dirstamp) \ + atoi/$(DEPDIR)/$(am__dirstamp) +atoi/libshadow_la-strtoi.lo: atoi/$(am__dirstamp) \ + atoi/$(DEPDIR)/$(am__dirstamp) +atoi/libshadow_la-strtou_noneg.lo: atoi/$(am__dirstamp) \ + atoi/$(DEPDIR)/$(am__dirstamp) +string/$(am__dirstamp): + @$(MKDIR_P) string + @: > string/$(am__dirstamp) +string/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) string/$(DEPDIR) + @: > string/$(DEPDIR)/$(am__dirstamp) +string/libshadow_la-sprintf.lo: string/$(am__dirstamp) \ + string/$(DEPDIR)/$(am__dirstamp) +string/libshadow_la-stpecpy.lo: string/$(am__dirstamp) \ + string/$(DEPDIR)/$(am__dirstamp) +string/libshadow_la-stpeprintf.lo: string/$(am__dirstamp) \ + string/$(DEPDIR)/$(am__dirstamp) +string/libshadow_la-strftime.lo: string/$(am__dirstamp) \ + string/$(DEPDIR)/$(am__dirstamp) +string/libshadow_la-strtcpy.lo: string/$(am__dirstamp) \ + string/$(DEPDIR)/$(am__dirstamp) +time/$(am__dirstamp): + @$(MKDIR_P) time + @: > time/$(am__dirstamp) +time/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) time/$(DEPDIR) + @: > time/$(DEPDIR)/$(am__dirstamp) +time/libshadow_la-day_to_str.lo: time/$(am__dirstamp) \ + time/$(DEPDIR)/$(am__dirstamp) libshadow.la: $(libshadow_la_OBJECTS) $(libshadow_la_DEPENDENCIES) $(EXTRA_libshadow_la_DEPENDENCIES) - $(AM_V_CCLD)$(LINK) $(libshadow_la_OBJECTS) $(libshadow_la_LIBADD) $(LIBS) + $(AM_V_CCLD)$(libshadow_la_LINK) $(libshadow_la_OBJECTS) $(libshadow_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) + -rm -f atoi/*.$(OBJEXT) + -rm -f atoi/*.lo + -rm -f string/*.$(OBJEXT) + -rm -f string/*.lo + -rm -f time/*.$(OBJEXT) + -rm -f time/*.lo distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-addgrps.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-adds.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-age.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-agetpass.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-alloc.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-audit_help.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-basename.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-bit.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-btrfs.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-chkname.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-chowndir.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-chowntty.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-cleanup.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-cleanup_group.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-cleanup_user.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-commonio.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-console.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-copydir.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-csrand.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-encrypt.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-env.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-failure.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-fd.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-fields.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-find_new_gid.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-find_new_sub_gids.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-find_new_sub_uids.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-find_new_uid.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-fputsx.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-freezero.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-get_gid.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-get_pid.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-get_uid.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-getdate.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-getdef.Plo@am__quote@ # am--include-marker -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-getlong.Plo@am__quote@ # am--include-marker -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-getulong.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-getgr_nam_gid.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-getrange.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-gettime.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-groupio.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-groupmem.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-gshadow.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-hushed.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-idmapping.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-isexpired.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-limits.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-list.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-lockpw.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-log.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-logind.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-loginprompt.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-mail.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-memzero.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-motd.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-myname.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-nscd.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-nss.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-obscure.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-pam_pass.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-pam_pass_non_interactive.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-port.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-prefix_flag.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-pwauth.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-pwd2spwd.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-pwd_init.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-pwdcheck.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-pwio.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-pwmem.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-readpassphrase.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-remove_tree.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-rlogin.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-root_flag.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-run_part.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-salt.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-selinux.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-semanage.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-setugid.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-setupenv.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-sgetgrent.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-sgetpwent.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-sgetspent.Plo@am__quote@ # am--include-marker @@ -511,11 +831,38 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-shadowio.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-shadowlog.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-shadowmem.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-shell.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-spawn.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-sssd.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-strtoday.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-sub.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-subordinateio.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-sulog.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-tcbfuncs.Plo@am__quote@ # am--include-marker -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-utent.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-ttytype.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-tz.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-ulimit.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-user_busy.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-utmp.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-valid.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-write_full.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-xgetgrgid.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-xgetgrnam.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-xgetpwnam.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-xgetpwuid.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-xgetspnam.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-xprefix_getpwnam.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadow_la-yesno.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@atoi/$(DEPDIR)/libshadow_la-a2i.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@atoi/$(DEPDIR)/libshadow_la-str2i.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@atoi/$(DEPDIR)/libshadow_la-strtoi.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@atoi/$(DEPDIR)/libshadow_la-strtou_noneg.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@string/$(DEPDIR)/libshadow_la-sprintf.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@string/$(DEPDIR)/libshadow_la-stpecpy.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@string/$(DEPDIR)/libshadow_la-stpeprintf.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@string/$(DEPDIR)/libshadow_la-strftime.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@string/$(DEPDIR)/libshadow_la-strtcpy.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@time/$(DEPDIR)/libshadow_la-day_to_str.Plo@am__quote@ # am--include-marker $(am__depfiles_remade): @$(MKDIR_P) $(@D) @@ -524,283 +871,859 @@ $(am__depfiles_remade): am--depfiles: $(am__depfiles_remade) .c.o: -@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< .c.obj: -@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` .c.lo: -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\ +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< +libshadow_la-addgrps.lo: addgrps.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-addgrps.lo -MD -MP -MF $(DEPDIR)/libshadow_la-addgrps.Tpo -c -o libshadow_la-addgrps.lo `test -f 'addgrps.c' || echo '$(srcdir)/'`addgrps.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-addgrps.Tpo $(DEPDIR)/libshadow_la-addgrps.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='addgrps.c' object='libshadow_la-addgrps.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-addgrps.lo `test -f 'addgrps.c' || echo '$(srcdir)/'`addgrps.c + +libshadow_la-adds.lo: adds.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-adds.lo -MD -MP -MF $(DEPDIR)/libshadow_la-adds.Tpo -c -o libshadow_la-adds.lo `test -f 'adds.c' || echo '$(srcdir)/'`adds.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-adds.Tpo $(DEPDIR)/libshadow_la-adds.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='adds.c' object='libshadow_la-adds.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-adds.lo `test -f 'adds.c' || echo '$(srcdir)/'`adds.c + +libshadow_la-age.lo: age.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-age.lo -MD -MP -MF $(DEPDIR)/libshadow_la-age.Tpo -c -o libshadow_la-age.lo `test -f 'age.c' || echo '$(srcdir)/'`age.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-age.Tpo $(DEPDIR)/libshadow_la-age.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='age.c' object='libshadow_la-age.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-age.lo `test -f 'age.c' || echo '$(srcdir)/'`age.c + +libshadow_la-agetpass.lo: agetpass.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-agetpass.lo -MD -MP -MF $(DEPDIR)/libshadow_la-agetpass.Tpo -c -o libshadow_la-agetpass.lo `test -f 'agetpass.c' || echo '$(srcdir)/'`agetpass.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-agetpass.Tpo $(DEPDIR)/libshadow_la-agetpass.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='agetpass.c' object='libshadow_la-agetpass.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-agetpass.lo `test -f 'agetpass.c' || echo '$(srcdir)/'`agetpass.c + +libshadow_la-alloc.lo: alloc.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-alloc.lo -MD -MP -MF $(DEPDIR)/libshadow_la-alloc.Tpo -c -o libshadow_la-alloc.lo `test -f 'alloc.c' || echo '$(srcdir)/'`alloc.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-alloc.Tpo $(DEPDIR)/libshadow_la-alloc.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='alloc.c' object='libshadow_la-alloc.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-alloc.lo `test -f 'alloc.c' || echo '$(srcdir)/'`alloc.c + +atoi/libshadow_la-a2i.lo: atoi/a2i.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT atoi/libshadow_la-a2i.lo -MD -MP -MF atoi/$(DEPDIR)/libshadow_la-a2i.Tpo -c -o atoi/libshadow_la-a2i.lo `test -f 'atoi/a2i.c' || echo '$(srcdir)/'`atoi/a2i.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) atoi/$(DEPDIR)/libshadow_la-a2i.Tpo atoi/$(DEPDIR)/libshadow_la-a2i.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='atoi/a2i.c' object='atoi/libshadow_la-a2i.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o atoi/libshadow_la-a2i.lo `test -f 'atoi/a2i.c' || echo '$(srcdir)/'`atoi/a2i.c + +atoi/libshadow_la-str2i.lo: atoi/str2i.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT atoi/libshadow_la-str2i.lo -MD -MP -MF atoi/$(DEPDIR)/libshadow_la-str2i.Tpo -c -o atoi/libshadow_la-str2i.lo `test -f 'atoi/str2i.c' || echo '$(srcdir)/'`atoi/str2i.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) atoi/$(DEPDIR)/libshadow_la-str2i.Tpo atoi/$(DEPDIR)/libshadow_la-str2i.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='atoi/str2i.c' object='atoi/libshadow_la-str2i.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o atoi/libshadow_la-str2i.lo `test -f 'atoi/str2i.c' || echo '$(srcdir)/'`atoi/str2i.c + +atoi/libshadow_la-strtoi.lo: atoi/strtoi.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT atoi/libshadow_la-strtoi.lo -MD -MP -MF atoi/$(DEPDIR)/libshadow_la-strtoi.Tpo -c -o atoi/libshadow_la-strtoi.lo `test -f 'atoi/strtoi.c' || echo '$(srcdir)/'`atoi/strtoi.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) atoi/$(DEPDIR)/libshadow_la-strtoi.Tpo atoi/$(DEPDIR)/libshadow_la-strtoi.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='atoi/strtoi.c' object='atoi/libshadow_la-strtoi.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o atoi/libshadow_la-strtoi.lo `test -f 'atoi/strtoi.c' || echo '$(srcdir)/'`atoi/strtoi.c + +atoi/libshadow_la-strtou_noneg.lo: atoi/strtou_noneg.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT atoi/libshadow_la-strtou_noneg.lo -MD -MP -MF atoi/$(DEPDIR)/libshadow_la-strtou_noneg.Tpo -c -o atoi/libshadow_la-strtou_noneg.lo `test -f 'atoi/strtou_noneg.c' || echo '$(srcdir)/'`atoi/strtou_noneg.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) atoi/$(DEPDIR)/libshadow_la-strtou_noneg.Tpo atoi/$(DEPDIR)/libshadow_la-strtou_noneg.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='atoi/strtou_noneg.c' object='atoi/libshadow_la-strtou_noneg.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o atoi/libshadow_la-strtou_noneg.lo `test -f 'atoi/strtou_noneg.c' || echo '$(srcdir)/'`atoi/strtou_noneg.c + +libshadow_la-audit_help.lo: audit_help.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-audit_help.lo -MD -MP -MF $(DEPDIR)/libshadow_la-audit_help.Tpo -c -o libshadow_la-audit_help.lo `test -f 'audit_help.c' || echo '$(srcdir)/'`audit_help.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-audit_help.Tpo $(DEPDIR)/libshadow_la-audit_help.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='audit_help.c' object='libshadow_la-audit_help.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-audit_help.lo `test -f 'audit_help.c' || echo '$(srcdir)/'`audit_help.c + +libshadow_la-basename.lo: basename.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-basename.lo -MD -MP -MF $(DEPDIR)/libshadow_la-basename.Tpo -c -o libshadow_la-basename.lo `test -f 'basename.c' || echo '$(srcdir)/'`basename.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-basename.Tpo $(DEPDIR)/libshadow_la-basename.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='basename.c' object='libshadow_la-basename.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-basename.lo `test -f 'basename.c' || echo '$(srcdir)/'`basename.c + +libshadow_la-bit.lo: bit.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-bit.lo -MD -MP -MF $(DEPDIR)/libshadow_la-bit.Tpo -c -o libshadow_la-bit.lo `test -f 'bit.c' || echo '$(srcdir)/'`bit.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-bit.Tpo $(DEPDIR)/libshadow_la-bit.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='bit.c' object='libshadow_la-bit.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-bit.lo `test -f 'bit.c' || echo '$(srcdir)/'`bit.c + +libshadow_la-chkname.lo: chkname.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-chkname.lo -MD -MP -MF $(DEPDIR)/libshadow_la-chkname.Tpo -c -o libshadow_la-chkname.lo `test -f 'chkname.c' || echo '$(srcdir)/'`chkname.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-chkname.Tpo $(DEPDIR)/libshadow_la-chkname.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='chkname.c' object='libshadow_la-chkname.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-chkname.lo `test -f 'chkname.c' || echo '$(srcdir)/'`chkname.c + +libshadow_la-chowndir.lo: chowndir.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-chowndir.lo -MD -MP -MF $(DEPDIR)/libshadow_la-chowndir.Tpo -c -o libshadow_la-chowndir.lo `test -f 'chowndir.c' || echo '$(srcdir)/'`chowndir.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-chowndir.Tpo $(DEPDIR)/libshadow_la-chowndir.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='chowndir.c' object='libshadow_la-chowndir.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-chowndir.lo `test -f 'chowndir.c' || echo '$(srcdir)/'`chowndir.c + +libshadow_la-chowntty.lo: chowntty.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-chowntty.lo -MD -MP -MF $(DEPDIR)/libshadow_la-chowntty.Tpo -c -o libshadow_la-chowntty.lo `test -f 'chowntty.c' || echo '$(srcdir)/'`chowntty.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-chowntty.Tpo $(DEPDIR)/libshadow_la-chowntty.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='chowntty.c' object='libshadow_la-chowntty.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-chowntty.lo `test -f 'chowntty.c' || echo '$(srcdir)/'`chowntty.c + +libshadow_la-cleanup.lo: cleanup.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-cleanup.lo -MD -MP -MF $(DEPDIR)/libshadow_la-cleanup.Tpo -c -o libshadow_la-cleanup.lo `test -f 'cleanup.c' || echo '$(srcdir)/'`cleanup.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-cleanup.Tpo $(DEPDIR)/libshadow_la-cleanup.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='cleanup.c' object='libshadow_la-cleanup.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-cleanup.lo `test -f 'cleanup.c' || echo '$(srcdir)/'`cleanup.c + +libshadow_la-cleanup_group.lo: cleanup_group.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-cleanup_group.lo -MD -MP -MF $(DEPDIR)/libshadow_la-cleanup_group.Tpo -c -o libshadow_la-cleanup_group.lo `test -f 'cleanup_group.c' || echo '$(srcdir)/'`cleanup_group.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-cleanup_group.Tpo $(DEPDIR)/libshadow_la-cleanup_group.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='cleanup_group.c' object='libshadow_la-cleanup_group.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-cleanup_group.lo `test -f 'cleanup_group.c' || echo '$(srcdir)/'`cleanup_group.c + +libshadow_la-cleanup_user.lo: cleanup_user.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-cleanup_user.lo -MD -MP -MF $(DEPDIR)/libshadow_la-cleanup_user.Tpo -c -o libshadow_la-cleanup_user.lo `test -f 'cleanup_user.c' || echo '$(srcdir)/'`cleanup_user.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-cleanup_user.Tpo $(DEPDIR)/libshadow_la-cleanup_user.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='cleanup_user.c' object='libshadow_la-cleanup_user.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-cleanup_user.lo `test -f 'cleanup_user.c' || echo '$(srcdir)/'`cleanup_user.c + libshadow_la-commonio.lo: commonio.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-commonio.lo -MD -MP -MF $(DEPDIR)/libshadow_la-commonio.Tpo -c -o libshadow_la-commonio.lo `test -f 'commonio.c' || echo '$(srcdir)/'`commonio.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-commonio.lo -MD -MP -MF $(DEPDIR)/libshadow_la-commonio.Tpo -c -o libshadow_la-commonio.lo `test -f 'commonio.c' || echo '$(srcdir)/'`commonio.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-commonio.Tpo $(DEPDIR)/libshadow_la-commonio.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='commonio.c' object='libshadow_la-commonio.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-commonio.lo `test -f 'commonio.c' || echo '$(srcdir)/'`commonio.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-commonio.lo `test -f 'commonio.c' || echo '$(srcdir)/'`commonio.c + +libshadow_la-console.lo: console.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-console.lo -MD -MP -MF $(DEPDIR)/libshadow_la-console.Tpo -c -o libshadow_la-console.lo `test -f 'console.c' || echo '$(srcdir)/'`console.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-console.Tpo $(DEPDIR)/libshadow_la-console.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='console.c' object='libshadow_la-console.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-console.lo `test -f 'console.c' || echo '$(srcdir)/'`console.c + +libshadow_la-copydir.lo: copydir.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-copydir.lo -MD -MP -MF $(DEPDIR)/libshadow_la-copydir.Tpo -c -o libshadow_la-copydir.lo `test -f 'copydir.c' || echo '$(srcdir)/'`copydir.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-copydir.Tpo $(DEPDIR)/libshadow_la-copydir.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='copydir.c' object='libshadow_la-copydir.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-copydir.lo `test -f 'copydir.c' || echo '$(srcdir)/'`copydir.c + +libshadow_la-csrand.lo: csrand.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-csrand.lo -MD -MP -MF $(DEPDIR)/libshadow_la-csrand.Tpo -c -o libshadow_la-csrand.lo `test -f 'csrand.c' || echo '$(srcdir)/'`csrand.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-csrand.Tpo $(DEPDIR)/libshadow_la-csrand.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='csrand.c' object='libshadow_la-csrand.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-csrand.lo `test -f 'csrand.c' || echo '$(srcdir)/'`csrand.c libshadow_la-encrypt.lo: encrypt.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-encrypt.lo -MD -MP -MF $(DEPDIR)/libshadow_la-encrypt.Tpo -c -o libshadow_la-encrypt.lo `test -f 'encrypt.c' || echo '$(srcdir)/'`encrypt.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-encrypt.lo -MD -MP -MF $(DEPDIR)/libshadow_la-encrypt.Tpo -c -o libshadow_la-encrypt.lo `test -f 'encrypt.c' || echo '$(srcdir)/'`encrypt.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-encrypt.Tpo $(DEPDIR)/libshadow_la-encrypt.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='encrypt.c' object='libshadow_la-encrypt.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-encrypt.lo `test -f 'encrypt.c' || echo '$(srcdir)/'`encrypt.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-encrypt.lo `test -f 'encrypt.c' || echo '$(srcdir)/'`encrypt.c + +libshadow_la-env.lo: env.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-env.lo -MD -MP -MF $(DEPDIR)/libshadow_la-env.Tpo -c -o libshadow_la-env.lo `test -f 'env.c' || echo '$(srcdir)/'`env.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-env.Tpo $(DEPDIR)/libshadow_la-env.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='env.c' object='libshadow_la-env.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-env.lo `test -f 'env.c' || echo '$(srcdir)/'`env.c + +libshadow_la-failure.lo: failure.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-failure.lo -MD -MP -MF $(DEPDIR)/libshadow_la-failure.Tpo -c -o libshadow_la-failure.lo `test -f 'failure.c' || echo '$(srcdir)/'`failure.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-failure.Tpo $(DEPDIR)/libshadow_la-failure.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='failure.c' object='libshadow_la-failure.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-failure.lo `test -f 'failure.c' || echo '$(srcdir)/'`failure.c + +libshadow_la-fd.lo: fd.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-fd.lo -MD -MP -MF $(DEPDIR)/libshadow_la-fd.Tpo -c -o libshadow_la-fd.lo `test -f 'fd.c' || echo '$(srcdir)/'`fd.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-fd.Tpo $(DEPDIR)/libshadow_la-fd.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='fd.c' object='libshadow_la-fd.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-fd.lo `test -f 'fd.c' || echo '$(srcdir)/'`fd.c libshadow_la-fields.lo: fields.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-fields.lo -MD -MP -MF $(DEPDIR)/libshadow_la-fields.Tpo -c -o libshadow_la-fields.lo `test -f 'fields.c' || echo '$(srcdir)/'`fields.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-fields.lo -MD -MP -MF $(DEPDIR)/libshadow_la-fields.Tpo -c -o libshadow_la-fields.lo `test -f 'fields.c' || echo '$(srcdir)/'`fields.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-fields.Tpo $(DEPDIR)/libshadow_la-fields.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='fields.c' object='libshadow_la-fields.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-fields.lo `test -f 'fields.c' || echo '$(srcdir)/'`fields.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-fields.lo `test -f 'fields.c' || echo '$(srcdir)/'`fields.c + +libshadow_la-find_new_gid.lo: find_new_gid.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-find_new_gid.lo -MD -MP -MF $(DEPDIR)/libshadow_la-find_new_gid.Tpo -c -o libshadow_la-find_new_gid.lo `test -f 'find_new_gid.c' || echo '$(srcdir)/'`find_new_gid.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-find_new_gid.Tpo $(DEPDIR)/libshadow_la-find_new_gid.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='find_new_gid.c' object='libshadow_la-find_new_gid.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-find_new_gid.lo `test -f 'find_new_gid.c' || echo '$(srcdir)/'`find_new_gid.c + +libshadow_la-find_new_uid.lo: find_new_uid.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-find_new_uid.lo -MD -MP -MF $(DEPDIR)/libshadow_la-find_new_uid.Tpo -c -o libshadow_la-find_new_uid.lo `test -f 'find_new_uid.c' || echo '$(srcdir)/'`find_new_uid.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-find_new_uid.Tpo $(DEPDIR)/libshadow_la-find_new_uid.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='find_new_uid.c' object='libshadow_la-find_new_uid.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-find_new_uid.lo `test -f 'find_new_uid.c' || echo '$(srcdir)/'`find_new_uid.c + +libshadow_la-find_new_sub_gids.lo: find_new_sub_gids.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-find_new_sub_gids.lo -MD -MP -MF $(DEPDIR)/libshadow_la-find_new_sub_gids.Tpo -c -o libshadow_la-find_new_sub_gids.lo `test -f 'find_new_sub_gids.c' || echo '$(srcdir)/'`find_new_sub_gids.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-find_new_sub_gids.Tpo $(DEPDIR)/libshadow_la-find_new_sub_gids.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='find_new_sub_gids.c' object='libshadow_la-find_new_sub_gids.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-find_new_sub_gids.lo `test -f 'find_new_sub_gids.c' || echo '$(srcdir)/'`find_new_sub_gids.c + +libshadow_la-find_new_sub_uids.lo: find_new_sub_uids.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-find_new_sub_uids.lo -MD -MP -MF $(DEPDIR)/libshadow_la-find_new_sub_uids.Tpo -c -o libshadow_la-find_new_sub_uids.lo `test -f 'find_new_sub_uids.c' || echo '$(srcdir)/'`find_new_sub_uids.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-find_new_sub_uids.Tpo $(DEPDIR)/libshadow_la-find_new_sub_uids.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='find_new_sub_uids.c' object='libshadow_la-find_new_sub_uids.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-find_new_sub_uids.lo `test -f 'find_new_sub_uids.c' || echo '$(srcdir)/'`find_new_sub_uids.c libshadow_la-fputsx.lo: fputsx.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-fputsx.lo -MD -MP -MF $(DEPDIR)/libshadow_la-fputsx.Tpo -c -o libshadow_la-fputsx.lo `test -f 'fputsx.c' || echo '$(srcdir)/'`fputsx.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-fputsx.lo -MD -MP -MF $(DEPDIR)/libshadow_la-fputsx.Tpo -c -o libshadow_la-fputsx.lo `test -f 'fputsx.c' || echo '$(srcdir)/'`fputsx.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-fputsx.Tpo $(DEPDIR)/libshadow_la-fputsx.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='fputsx.c' object='libshadow_la-fputsx.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-fputsx.lo `test -f 'fputsx.c' || echo '$(srcdir)/'`fputsx.c - -libshadow_la-getdef.lo: getdef.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-getdef.lo -MD -MP -MF $(DEPDIR)/libshadow_la-getdef.Tpo -c -o libshadow_la-getdef.lo `test -f 'getdef.c' || echo '$(srcdir)/'`getdef.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-getdef.Tpo $(DEPDIR)/libshadow_la-getdef.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='getdef.c' object='libshadow_la-getdef.lo' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-getdef.lo `test -f 'getdef.c' || echo '$(srcdir)/'`getdef.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-fputsx.lo `test -f 'fputsx.c' || echo '$(srcdir)/'`fputsx.c libshadow_la-get_gid.lo: get_gid.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-get_gid.lo -MD -MP -MF $(DEPDIR)/libshadow_la-get_gid.Tpo -c -o libshadow_la-get_gid.lo `test -f 'get_gid.c' || echo '$(srcdir)/'`get_gid.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-get_gid.lo -MD -MP -MF $(DEPDIR)/libshadow_la-get_gid.Tpo -c -o libshadow_la-get_gid.lo `test -f 'get_gid.c' || echo '$(srcdir)/'`get_gid.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-get_gid.Tpo $(DEPDIR)/libshadow_la-get_gid.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='get_gid.c' object='libshadow_la-get_gid.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-get_gid.lo `test -f 'get_gid.c' || echo '$(srcdir)/'`get_gid.c - -libshadow_la-getlong.lo: getlong.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-getlong.lo -MD -MP -MF $(DEPDIR)/libshadow_la-getlong.Tpo -c -o libshadow_la-getlong.lo `test -f 'getlong.c' || echo '$(srcdir)/'`getlong.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-getlong.Tpo $(DEPDIR)/libshadow_la-getlong.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='getlong.c' object='libshadow_la-getlong.lo' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-getlong.lo `test -f 'getlong.c' || echo '$(srcdir)/'`getlong.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-get_gid.lo `test -f 'get_gid.c' || echo '$(srcdir)/'`get_gid.c libshadow_la-get_pid.lo: get_pid.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-get_pid.lo -MD -MP -MF $(DEPDIR)/libshadow_la-get_pid.Tpo -c -o libshadow_la-get_pid.lo `test -f 'get_pid.c' || echo '$(srcdir)/'`get_pid.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-get_pid.lo -MD -MP -MF $(DEPDIR)/libshadow_la-get_pid.Tpo -c -o libshadow_la-get_pid.lo `test -f 'get_pid.c' || echo '$(srcdir)/'`get_pid.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-get_pid.Tpo $(DEPDIR)/libshadow_la-get_pid.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='get_pid.c' object='libshadow_la-get_pid.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-get_pid.lo `test -f 'get_pid.c' || echo '$(srcdir)/'`get_pid.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-get_pid.lo `test -f 'get_pid.c' || echo '$(srcdir)/'`get_pid.c libshadow_la-get_uid.lo: get_uid.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-get_uid.lo -MD -MP -MF $(DEPDIR)/libshadow_la-get_uid.Tpo -c -o libshadow_la-get_uid.lo `test -f 'get_uid.c' || echo '$(srcdir)/'`get_uid.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-get_uid.lo -MD -MP -MF $(DEPDIR)/libshadow_la-get_uid.Tpo -c -o libshadow_la-get_uid.lo `test -f 'get_uid.c' || echo '$(srcdir)/'`get_uid.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-get_uid.Tpo $(DEPDIR)/libshadow_la-get_uid.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='get_uid.c' object='libshadow_la-get_uid.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-get_uid.lo `test -f 'get_uid.c' || echo '$(srcdir)/'`get_uid.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-get_uid.lo `test -f 'get_uid.c' || echo '$(srcdir)/'`get_uid.c + +libshadow_la-getdate.lo: getdate.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-getdate.lo -MD -MP -MF $(DEPDIR)/libshadow_la-getdate.Tpo -c -o libshadow_la-getdate.lo `test -f 'getdate.c' || echo '$(srcdir)/'`getdate.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-getdate.Tpo $(DEPDIR)/libshadow_la-getdate.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='getdate.c' object='libshadow_la-getdate.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-getdate.lo `test -f 'getdate.c' || echo '$(srcdir)/'`getdate.c + +libshadow_la-getdef.lo: getdef.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-getdef.lo -MD -MP -MF $(DEPDIR)/libshadow_la-getdef.Tpo -c -o libshadow_la-getdef.lo `test -f 'getdef.c' || echo '$(srcdir)/'`getdef.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-getdef.Tpo $(DEPDIR)/libshadow_la-getdef.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='getdef.c' object='libshadow_la-getdef.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-getdef.lo `test -f 'getdef.c' || echo '$(srcdir)/'`getdef.c -libshadow_la-getulong.lo: getulong.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-getulong.lo -MD -MP -MF $(DEPDIR)/libshadow_la-getulong.Tpo -c -o libshadow_la-getulong.lo `test -f 'getulong.c' || echo '$(srcdir)/'`getulong.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-getulong.Tpo $(DEPDIR)/libshadow_la-getulong.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='getulong.c' object='libshadow_la-getulong.lo' libtool=yes @AMDEPBACKSLASH@ +libshadow_la-getgr_nam_gid.lo: getgr_nam_gid.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-getgr_nam_gid.lo -MD -MP -MF $(DEPDIR)/libshadow_la-getgr_nam_gid.Tpo -c -o libshadow_la-getgr_nam_gid.lo `test -f 'getgr_nam_gid.c' || echo '$(srcdir)/'`getgr_nam_gid.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-getgr_nam_gid.Tpo $(DEPDIR)/libshadow_la-getgr_nam_gid.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='getgr_nam_gid.c' object='libshadow_la-getgr_nam_gid.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-getulong.lo `test -f 'getulong.c' || echo '$(srcdir)/'`getulong.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-getgr_nam_gid.lo `test -f 'getgr_nam_gid.c' || echo '$(srcdir)/'`getgr_nam_gid.c + +libshadow_la-getrange.lo: getrange.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-getrange.lo -MD -MP -MF $(DEPDIR)/libshadow_la-getrange.Tpo -c -o libshadow_la-getrange.lo `test -f 'getrange.c' || echo '$(srcdir)/'`getrange.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-getrange.Tpo $(DEPDIR)/libshadow_la-getrange.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='getrange.c' object='libshadow_la-getrange.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-getrange.lo `test -f 'getrange.c' || echo '$(srcdir)/'`getrange.c + +libshadow_la-gettime.lo: gettime.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-gettime.lo -MD -MP -MF $(DEPDIR)/libshadow_la-gettime.Tpo -c -o libshadow_la-gettime.lo `test -f 'gettime.c' || echo '$(srcdir)/'`gettime.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-gettime.Tpo $(DEPDIR)/libshadow_la-gettime.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='gettime.c' object='libshadow_la-gettime.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-gettime.lo `test -f 'gettime.c' || echo '$(srcdir)/'`gettime.c libshadow_la-groupio.lo: groupio.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-groupio.lo -MD -MP -MF $(DEPDIR)/libshadow_la-groupio.Tpo -c -o libshadow_la-groupio.lo `test -f 'groupio.c' || echo '$(srcdir)/'`groupio.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-groupio.lo -MD -MP -MF $(DEPDIR)/libshadow_la-groupio.Tpo -c -o libshadow_la-groupio.lo `test -f 'groupio.c' || echo '$(srcdir)/'`groupio.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-groupio.Tpo $(DEPDIR)/libshadow_la-groupio.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='groupio.c' object='libshadow_la-groupio.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-groupio.lo `test -f 'groupio.c' || echo '$(srcdir)/'`groupio.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-groupio.lo `test -f 'groupio.c' || echo '$(srcdir)/'`groupio.c libshadow_la-groupmem.lo: groupmem.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-groupmem.lo -MD -MP -MF $(DEPDIR)/libshadow_la-groupmem.Tpo -c -o libshadow_la-groupmem.lo `test -f 'groupmem.c' || echo '$(srcdir)/'`groupmem.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-groupmem.lo -MD -MP -MF $(DEPDIR)/libshadow_la-groupmem.Tpo -c -o libshadow_la-groupmem.lo `test -f 'groupmem.c' || echo '$(srcdir)/'`groupmem.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-groupmem.Tpo $(DEPDIR)/libshadow_la-groupmem.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='groupmem.c' object='libshadow_la-groupmem.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-groupmem.lo `test -f 'groupmem.c' || echo '$(srcdir)/'`groupmem.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-groupmem.lo `test -f 'groupmem.c' || echo '$(srcdir)/'`groupmem.c libshadow_la-gshadow.lo: gshadow.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-gshadow.lo -MD -MP -MF $(DEPDIR)/libshadow_la-gshadow.Tpo -c -o libshadow_la-gshadow.lo `test -f 'gshadow.c' || echo '$(srcdir)/'`gshadow.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-gshadow.lo -MD -MP -MF $(DEPDIR)/libshadow_la-gshadow.Tpo -c -o libshadow_la-gshadow.lo `test -f 'gshadow.c' || echo '$(srcdir)/'`gshadow.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-gshadow.Tpo $(DEPDIR)/libshadow_la-gshadow.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='gshadow.c' object='libshadow_la-gshadow.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-gshadow.lo `test -f 'gshadow.c' || echo '$(srcdir)/'`gshadow.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-gshadow.lo `test -f 'gshadow.c' || echo '$(srcdir)/'`gshadow.c + +libshadow_la-hushed.lo: hushed.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-hushed.lo -MD -MP -MF $(DEPDIR)/libshadow_la-hushed.Tpo -c -o libshadow_la-hushed.lo `test -f 'hushed.c' || echo '$(srcdir)/'`hushed.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-hushed.Tpo $(DEPDIR)/libshadow_la-hushed.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='hushed.c' object='libshadow_la-hushed.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-hushed.lo `test -f 'hushed.c' || echo '$(srcdir)/'`hushed.c + +libshadow_la-idmapping.lo: idmapping.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-idmapping.lo -MD -MP -MF $(DEPDIR)/libshadow_la-idmapping.Tpo -c -o libshadow_la-idmapping.lo `test -f 'idmapping.c' || echo '$(srcdir)/'`idmapping.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-idmapping.Tpo $(DEPDIR)/libshadow_la-idmapping.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='idmapping.c' object='libshadow_la-idmapping.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-idmapping.lo `test -f 'idmapping.c' || echo '$(srcdir)/'`idmapping.c + +libshadow_la-isexpired.lo: isexpired.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-isexpired.lo -MD -MP -MF $(DEPDIR)/libshadow_la-isexpired.Tpo -c -o libshadow_la-isexpired.lo `test -f 'isexpired.c' || echo '$(srcdir)/'`isexpired.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-isexpired.Tpo $(DEPDIR)/libshadow_la-isexpired.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='isexpired.c' object='libshadow_la-isexpired.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-isexpired.lo `test -f 'isexpired.c' || echo '$(srcdir)/'`isexpired.c + +libshadow_la-limits.lo: limits.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-limits.lo -MD -MP -MF $(DEPDIR)/libshadow_la-limits.Tpo -c -o libshadow_la-limits.lo `test -f 'limits.c' || echo '$(srcdir)/'`limits.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-limits.Tpo $(DEPDIR)/libshadow_la-limits.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='limits.c' object='libshadow_la-limits.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-limits.lo `test -f 'limits.c' || echo '$(srcdir)/'`limits.c + +libshadow_la-list.lo: list.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-list.lo -MD -MP -MF $(DEPDIR)/libshadow_la-list.Tpo -c -o libshadow_la-list.lo `test -f 'list.c' || echo '$(srcdir)/'`list.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-list.Tpo $(DEPDIR)/libshadow_la-list.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='list.c' object='libshadow_la-list.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-list.lo `test -f 'list.c' || echo '$(srcdir)/'`list.c libshadow_la-lockpw.lo: lockpw.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-lockpw.lo -MD -MP -MF $(DEPDIR)/libshadow_la-lockpw.Tpo -c -o libshadow_la-lockpw.lo `test -f 'lockpw.c' || echo '$(srcdir)/'`lockpw.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-lockpw.lo -MD -MP -MF $(DEPDIR)/libshadow_la-lockpw.Tpo -c -o libshadow_la-lockpw.lo `test -f 'lockpw.c' || echo '$(srcdir)/'`lockpw.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-lockpw.Tpo $(DEPDIR)/libshadow_la-lockpw.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='lockpw.c' object='libshadow_la-lockpw.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-lockpw.lo `test -f 'lockpw.c' || echo '$(srcdir)/'`lockpw.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-lockpw.lo `test -f 'lockpw.c' || echo '$(srcdir)/'`lockpw.c + +libshadow_la-loginprompt.lo: loginprompt.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-loginprompt.lo -MD -MP -MF $(DEPDIR)/libshadow_la-loginprompt.Tpo -c -o libshadow_la-loginprompt.lo `test -f 'loginprompt.c' || echo '$(srcdir)/'`loginprompt.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-loginprompt.Tpo $(DEPDIR)/libshadow_la-loginprompt.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='loginprompt.c' object='libshadow_la-loginprompt.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-loginprompt.lo `test -f 'loginprompt.c' || echo '$(srcdir)/'`loginprompt.c + +libshadow_la-mail.lo: mail.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-mail.lo -MD -MP -MF $(DEPDIR)/libshadow_la-mail.Tpo -c -o libshadow_la-mail.lo `test -f 'mail.c' || echo '$(srcdir)/'`mail.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-mail.Tpo $(DEPDIR)/libshadow_la-mail.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='mail.c' object='libshadow_la-mail.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-mail.lo `test -f 'mail.c' || echo '$(srcdir)/'`mail.c + +libshadow_la-memzero.lo: memzero.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-memzero.lo -MD -MP -MF $(DEPDIR)/libshadow_la-memzero.Tpo -c -o libshadow_la-memzero.lo `test -f 'memzero.c' || echo '$(srcdir)/'`memzero.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-memzero.Tpo $(DEPDIR)/libshadow_la-memzero.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='memzero.c' object='libshadow_la-memzero.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-memzero.lo `test -f 'memzero.c' || echo '$(srcdir)/'`memzero.c + +libshadow_la-motd.lo: motd.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-motd.lo -MD -MP -MF $(DEPDIR)/libshadow_la-motd.Tpo -c -o libshadow_la-motd.lo `test -f 'motd.c' || echo '$(srcdir)/'`motd.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-motd.Tpo $(DEPDIR)/libshadow_la-motd.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='motd.c' object='libshadow_la-motd.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-motd.lo `test -f 'motd.c' || echo '$(srcdir)/'`motd.c + +libshadow_la-myname.lo: myname.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-myname.lo -MD -MP -MF $(DEPDIR)/libshadow_la-myname.Tpo -c -o libshadow_la-myname.lo `test -f 'myname.c' || echo '$(srcdir)/'`myname.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-myname.Tpo $(DEPDIR)/libshadow_la-myname.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='myname.c' object='libshadow_la-myname.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-myname.lo `test -f 'myname.c' || echo '$(srcdir)/'`myname.c libshadow_la-nss.lo: nss.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-nss.lo -MD -MP -MF $(DEPDIR)/libshadow_la-nss.Tpo -c -o libshadow_la-nss.lo `test -f 'nss.c' || echo '$(srcdir)/'`nss.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-nss.lo -MD -MP -MF $(DEPDIR)/libshadow_la-nss.Tpo -c -o libshadow_la-nss.lo `test -f 'nss.c' || echo '$(srcdir)/'`nss.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-nss.Tpo $(DEPDIR)/libshadow_la-nss.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='nss.c' object='libshadow_la-nss.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-nss.lo `test -f 'nss.c' || echo '$(srcdir)/'`nss.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-nss.lo `test -f 'nss.c' || echo '$(srcdir)/'`nss.c libshadow_la-nscd.lo: nscd.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-nscd.lo -MD -MP -MF $(DEPDIR)/libshadow_la-nscd.Tpo -c -o libshadow_la-nscd.lo `test -f 'nscd.c' || echo '$(srcdir)/'`nscd.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-nscd.lo -MD -MP -MF $(DEPDIR)/libshadow_la-nscd.Tpo -c -o libshadow_la-nscd.lo `test -f 'nscd.c' || echo '$(srcdir)/'`nscd.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-nscd.Tpo $(DEPDIR)/libshadow_la-nscd.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='nscd.c' object='libshadow_la-nscd.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-nscd.lo `test -f 'nscd.c' || echo '$(srcdir)/'`nscd.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-nscd.lo `test -f 'nscd.c' || echo '$(srcdir)/'`nscd.c -libshadow_la-shadowlog.lo: shadowlog.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-shadowlog.lo -MD -MP -MF $(DEPDIR)/libshadow_la-shadowlog.Tpo -c -o libshadow_la-shadowlog.lo `test -f 'shadowlog.c' || echo '$(srcdir)/'`shadowlog.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-shadowlog.Tpo $(DEPDIR)/libshadow_la-shadowlog.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='shadowlog.c' object='libshadow_la-shadowlog.lo' libtool=yes @AMDEPBACKSLASH@ +libshadow_la-obscure.lo: obscure.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-obscure.lo -MD -MP -MF $(DEPDIR)/libshadow_la-obscure.Tpo -c -o libshadow_la-obscure.lo `test -f 'obscure.c' || echo '$(srcdir)/'`obscure.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-obscure.Tpo $(DEPDIR)/libshadow_la-obscure.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='obscure.c' object='libshadow_la-obscure.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-shadowlog.lo `test -f 'shadowlog.c' || echo '$(srcdir)/'`shadowlog.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-obscure.lo `test -f 'obscure.c' || echo '$(srcdir)/'`obscure.c -libshadow_la-sssd.lo: sssd.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-sssd.lo -MD -MP -MF $(DEPDIR)/libshadow_la-sssd.Tpo -c -o libshadow_la-sssd.lo `test -f 'sssd.c' || echo '$(srcdir)/'`sssd.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-sssd.Tpo $(DEPDIR)/libshadow_la-sssd.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='sssd.c' object='libshadow_la-sssd.lo' libtool=yes @AMDEPBACKSLASH@ +libshadow_la-pam_pass.lo: pam_pass.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-pam_pass.lo -MD -MP -MF $(DEPDIR)/libshadow_la-pam_pass.Tpo -c -o libshadow_la-pam_pass.lo `test -f 'pam_pass.c' || echo '$(srcdir)/'`pam_pass.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-pam_pass.Tpo $(DEPDIR)/libshadow_la-pam_pass.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='pam_pass.c' object='libshadow_la-pam_pass.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-sssd.lo `test -f 'sssd.c' || echo '$(srcdir)/'`sssd.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-pam_pass.lo `test -f 'pam_pass.c' || echo '$(srcdir)/'`pam_pass.c + +libshadow_la-pam_pass_non_interactive.lo: pam_pass_non_interactive.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-pam_pass_non_interactive.lo -MD -MP -MF $(DEPDIR)/libshadow_la-pam_pass_non_interactive.Tpo -c -o libshadow_la-pam_pass_non_interactive.lo `test -f 'pam_pass_non_interactive.c' || echo '$(srcdir)/'`pam_pass_non_interactive.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-pam_pass_non_interactive.Tpo $(DEPDIR)/libshadow_la-pam_pass_non_interactive.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='pam_pass_non_interactive.c' object='libshadow_la-pam_pass_non_interactive.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-pam_pass_non_interactive.lo `test -f 'pam_pass_non_interactive.c' || echo '$(srcdir)/'`pam_pass_non_interactive.c libshadow_la-port.lo: port.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-port.lo -MD -MP -MF $(DEPDIR)/libshadow_la-port.Tpo -c -o libshadow_la-port.lo `test -f 'port.c' || echo '$(srcdir)/'`port.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-port.lo -MD -MP -MF $(DEPDIR)/libshadow_la-port.Tpo -c -o libshadow_la-port.lo `test -f 'port.c' || echo '$(srcdir)/'`port.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-port.Tpo $(DEPDIR)/libshadow_la-port.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='port.c' object='libshadow_la-port.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-port.lo `test -f 'port.c' || echo '$(srcdir)/'`port.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-port.lo `test -f 'port.c' || echo '$(srcdir)/'`port.c + +libshadow_la-prefix_flag.lo: prefix_flag.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-prefix_flag.lo -MD -MP -MF $(DEPDIR)/libshadow_la-prefix_flag.Tpo -c -o libshadow_la-prefix_flag.lo `test -f 'prefix_flag.c' || echo '$(srcdir)/'`prefix_flag.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-prefix_flag.Tpo $(DEPDIR)/libshadow_la-prefix_flag.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='prefix_flag.c' object='libshadow_la-prefix_flag.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-prefix_flag.lo `test -f 'prefix_flag.c' || echo '$(srcdir)/'`prefix_flag.c libshadow_la-pwauth.lo: pwauth.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-pwauth.lo -MD -MP -MF $(DEPDIR)/libshadow_la-pwauth.Tpo -c -o libshadow_la-pwauth.lo `test -f 'pwauth.c' || echo '$(srcdir)/'`pwauth.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-pwauth.lo -MD -MP -MF $(DEPDIR)/libshadow_la-pwauth.Tpo -c -o libshadow_la-pwauth.lo `test -f 'pwauth.c' || echo '$(srcdir)/'`pwauth.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-pwauth.Tpo $(DEPDIR)/libshadow_la-pwauth.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='pwauth.c' object='libshadow_la-pwauth.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-pwauth.lo `test -f 'pwauth.c' || echo '$(srcdir)/'`pwauth.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-pwauth.lo `test -f 'pwauth.c' || echo '$(srcdir)/'`pwauth.c libshadow_la-pwio.lo: pwio.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-pwio.lo -MD -MP -MF $(DEPDIR)/libshadow_la-pwio.Tpo -c -o libshadow_la-pwio.lo `test -f 'pwio.c' || echo '$(srcdir)/'`pwio.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-pwio.lo -MD -MP -MF $(DEPDIR)/libshadow_la-pwio.Tpo -c -o libshadow_la-pwio.lo `test -f 'pwio.c' || echo '$(srcdir)/'`pwio.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-pwio.Tpo $(DEPDIR)/libshadow_la-pwio.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='pwio.c' object='libshadow_la-pwio.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-pwio.lo `test -f 'pwio.c' || echo '$(srcdir)/'`pwio.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-pwio.lo `test -f 'pwio.c' || echo '$(srcdir)/'`pwio.c + +libshadow_la-pwd_init.lo: pwd_init.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-pwd_init.lo -MD -MP -MF $(DEPDIR)/libshadow_la-pwd_init.Tpo -c -o libshadow_la-pwd_init.lo `test -f 'pwd_init.c' || echo '$(srcdir)/'`pwd_init.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-pwd_init.Tpo $(DEPDIR)/libshadow_la-pwd_init.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='pwd_init.c' object='libshadow_la-pwd_init.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-pwd_init.lo `test -f 'pwd_init.c' || echo '$(srcdir)/'`pwd_init.c + +libshadow_la-pwd2spwd.lo: pwd2spwd.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-pwd2spwd.lo -MD -MP -MF $(DEPDIR)/libshadow_la-pwd2spwd.Tpo -c -o libshadow_la-pwd2spwd.lo `test -f 'pwd2spwd.c' || echo '$(srcdir)/'`pwd2spwd.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-pwd2spwd.Tpo $(DEPDIR)/libshadow_la-pwd2spwd.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='pwd2spwd.c' object='libshadow_la-pwd2spwd.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-pwd2spwd.lo `test -f 'pwd2spwd.c' || echo '$(srcdir)/'`pwd2spwd.c + +libshadow_la-pwdcheck.lo: pwdcheck.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-pwdcheck.lo -MD -MP -MF $(DEPDIR)/libshadow_la-pwdcheck.Tpo -c -o libshadow_la-pwdcheck.lo `test -f 'pwdcheck.c' || echo '$(srcdir)/'`pwdcheck.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-pwdcheck.Tpo $(DEPDIR)/libshadow_la-pwdcheck.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='pwdcheck.c' object='libshadow_la-pwdcheck.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-pwdcheck.lo `test -f 'pwdcheck.c' || echo '$(srcdir)/'`pwdcheck.c libshadow_la-pwmem.lo: pwmem.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-pwmem.lo -MD -MP -MF $(DEPDIR)/libshadow_la-pwmem.Tpo -c -o libshadow_la-pwmem.lo `test -f 'pwmem.c' || echo '$(srcdir)/'`pwmem.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-pwmem.lo -MD -MP -MF $(DEPDIR)/libshadow_la-pwmem.Tpo -c -o libshadow_la-pwmem.lo `test -f 'pwmem.c' || echo '$(srcdir)/'`pwmem.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-pwmem.Tpo $(DEPDIR)/libshadow_la-pwmem.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='pwmem.c' object='libshadow_la-pwmem.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-pwmem.lo `test -f 'pwmem.c' || echo '$(srcdir)/'`pwmem.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-pwmem.lo `test -f 'pwmem.c' || echo '$(srcdir)/'`pwmem.c + +libshadow_la-remove_tree.lo: remove_tree.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-remove_tree.lo -MD -MP -MF $(DEPDIR)/libshadow_la-remove_tree.Tpo -c -o libshadow_la-remove_tree.lo `test -f 'remove_tree.c' || echo '$(srcdir)/'`remove_tree.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-remove_tree.Tpo $(DEPDIR)/libshadow_la-remove_tree.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='remove_tree.c' object='libshadow_la-remove_tree.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-remove_tree.lo `test -f 'remove_tree.c' || echo '$(srcdir)/'`remove_tree.c + +libshadow_la-rlogin.lo: rlogin.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-rlogin.lo -MD -MP -MF $(DEPDIR)/libshadow_la-rlogin.Tpo -c -o libshadow_la-rlogin.lo `test -f 'rlogin.c' || echo '$(srcdir)/'`rlogin.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-rlogin.Tpo $(DEPDIR)/libshadow_la-rlogin.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='rlogin.c' object='libshadow_la-rlogin.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-rlogin.lo `test -f 'rlogin.c' || echo '$(srcdir)/'`rlogin.c + +libshadow_la-root_flag.lo: root_flag.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-root_flag.lo -MD -MP -MF $(DEPDIR)/libshadow_la-root_flag.Tpo -c -o libshadow_la-root_flag.lo `test -f 'root_flag.c' || echo '$(srcdir)/'`root_flag.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-root_flag.Tpo $(DEPDIR)/libshadow_la-root_flag.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='root_flag.c' object='libshadow_la-root_flag.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-root_flag.lo `test -f 'root_flag.c' || echo '$(srcdir)/'`root_flag.c libshadow_la-run_part.lo: run_part.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-run_part.lo -MD -MP -MF $(DEPDIR)/libshadow_la-run_part.Tpo -c -o libshadow_la-run_part.lo `test -f 'run_part.c' || echo '$(srcdir)/'`run_part.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-run_part.lo -MD -MP -MF $(DEPDIR)/libshadow_la-run_part.Tpo -c -o libshadow_la-run_part.lo `test -f 'run_part.c' || echo '$(srcdir)/'`run_part.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-run_part.Tpo $(DEPDIR)/libshadow_la-run_part.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='run_part.c' object='libshadow_la-run_part.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-run_part.lo `test -f 'run_part.c' || echo '$(srcdir)/'`run_part.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-run_part.lo `test -f 'run_part.c' || echo '$(srcdir)/'`run_part.c -libshadow_la-subordinateio.lo: subordinateio.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-subordinateio.lo -MD -MP -MF $(DEPDIR)/libshadow_la-subordinateio.Tpo -c -o libshadow_la-subordinateio.lo `test -f 'subordinateio.c' || echo '$(srcdir)/'`subordinateio.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-subordinateio.Tpo $(DEPDIR)/libshadow_la-subordinateio.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='subordinateio.c' object='libshadow_la-subordinateio.lo' libtool=yes @AMDEPBACKSLASH@ +libshadow_la-salt.lo: salt.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-salt.lo -MD -MP -MF $(DEPDIR)/libshadow_la-salt.Tpo -c -o libshadow_la-salt.lo `test -f 'salt.c' || echo '$(srcdir)/'`salt.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-salt.Tpo $(DEPDIR)/libshadow_la-salt.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='salt.c' object='libshadow_la-salt.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-subordinateio.lo `test -f 'subordinateio.c' || echo '$(srcdir)/'`subordinateio.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-salt.lo `test -f 'salt.c' || echo '$(srcdir)/'`salt.c libshadow_la-selinux.lo: selinux.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-selinux.lo -MD -MP -MF $(DEPDIR)/libshadow_la-selinux.Tpo -c -o libshadow_la-selinux.lo `test -f 'selinux.c' || echo '$(srcdir)/'`selinux.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-selinux.lo -MD -MP -MF $(DEPDIR)/libshadow_la-selinux.Tpo -c -o libshadow_la-selinux.lo `test -f 'selinux.c' || echo '$(srcdir)/'`selinux.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-selinux.Tpo $(DEPDIR)/libshadow_la-selinux.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='selinux.c' object='libshadow_la-selinux.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-selinux.lo `test -f 'selinux.c' || echo '$(srcdir)/'`selinux.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-selinux.lo `test -f 'selinux.c' || echo '$(srcdir)/'`selinux.c libshadow_la-semanage.lo: semanage.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-semanage.lo -MD -MP -MF $(DEPDIR)/libshadow_la-semanage.Tpo -c -o libshadow_la-semanage.lo `test -f 'semanage.c' || echo '$(srcdir)/'`semanage.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-semanage.lo -MD -MP -MF $(DEPDIR)/libshadow_la-semanage.Tpo -c -o libshadow_la-semanage.lo `test -f 'semanage.c' || echo '$(srcdir)/'`semanage.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-semanage.Tpo $(DEPDIR)/libshadow_la-semanage.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='semanage.c' object='libshadow_la-semanage.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-semanage.lo `test -f 'semanage.c' || echo '$(srcdir)/'`semanage.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-semanage.lo `test -f 'semanage.c' || echo '$(srcdir)/'`semanage.c + +libshadow_la-setugid.lo: setugid.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-setugid.lo -MD -MP -MF $(DEPDIR)/libshadow_la-setugid.Tpo -c -o libshadow_la-setugid.lo `test -f 'setugid.c' || echo '$(srcdir)/'`setugid.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-setugid.Tpo $(DEPDIR)/libshadow_la-setugid.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='setugid.c' object='libshadow_la-setugid.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-setugid.lo `test -f 'setugid.c' || echo '$(srcdir)/'`setugid.c + +libshadow_la-setupenv.lo: setupenv.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-setupenv.lo -MD -MP -MF $(DEPDIR)/libshadow_la-setupenv.Tpo -c -o libshadow_la-setupenv.lo `test -f 'setupenv.c' || echo '$(srcdir)/'`setupenv.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-setupenv.Tpo $(DEPDIR)/libshadow_la-setupenv.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='setupenv.c' object='libshadow_la-setupenv.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-setupenv.lo `test -f 'setupenv.c' || echo '$(srcdir)/'`setupenv.c libshadow_la-sgetgrent.lo: sgetgrent.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-sgetgrent.lo -MD -MP -MF $(DEPDIR)/libshadow_la-sgetgrent.Tpo -c -o libshadow_la-sgetgrent.lo `test -f 'sgetgrent.c' || echo '$(srcdir)/'`sgetgrent.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-sgetgrent.lo -MD -MP -MF $(DEPDIR)/libshadow_la-sgetgrent.Tpo -c -o libshadow_la-sgetgrent.lo `test -f 'sgetgrent.c' || echo '$(srcdir)/'`sgetgrent.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-sgetgrent.Tpo $(DEPDIR)/libshadow_la-sgetgrent.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='sgetgrent.c' object='libshadow_la-sgetgrent.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-sgetgrent.lo `test -f 'sgetgrent.c' || echo '$(srcdir)/'`sgetgrent.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-sgetgrent.lo `test -f 'sgetgrent.c' || echo '$(srcdir)/'`sgetgrent.c libshadow_la-sgetpwent.lo: sgetpwent.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-sgetpwent.lo -MD -MP -MF $(DEPDIR)/libshadow_la-sgetpwent.Tpo -c -o libshadow_la-sgetpwent.lo `test -f 'sgetpwent.c' || echo '$(srcdir)/'`sgetpwent.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-sgetpwent.lo -MD -MP -MF $(DEPDIR)/libshadow_la-sgetpwent.Tpo -c -o libshadow_la-sgetpwent.lo `test -f 'sgetpwent.c' || echo '$(srcdir)/'`sgetpwent.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-sgetpwent.Tpo $(DEPDIR)/libshadow_la-sgetpwent.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='sgetpwent.c' object='libshadow_la-sgetpwent.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-sgetpwent.lo `test -f 'sgetpwent.c' || echo '$(srcdir)/'`sgetpwent.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-sgetpwent.lo `test -f 'sgetpwent.c' || echo '$(srcdir)/'`sgetpwent.c libshadow_la-sgetspent.lo: sgetspent.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-sgetspent.lo -MD -MP -MF $(DEPDIR)/libshadow_la-sgetspent.Tpo -c -o libshadow_la-sgetspent.lo `test -f 'sgetspent.c' || echo '$(srcdir)/'`sgetspent.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-sgetspent.lo -MD -MP -MF $(DEPDIR)/libshadow_la-sgetspent.Tpo -c -o libshadow_la-sgetspent.lo `test -f 'sgetspent.c' || echo '$(srcdir)/'`sgetspent.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-sgetspent.Tpo $(DEPDIR)/libshadow_la-sgetspent.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='sgetspent.c' object='libshadow_la-sgetspent.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-sgetspent.lo `test -f 'sgetspent.c' || echo '$(srcdir)/'`sgetspent.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-sgetspent.lo `test -f 'sgetspent.c' || echo '$(srcdir)/'`sgetspent.c libshadow_la-sgroupio.lo: sgroupio.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-sgroupio.lo -MD -MP -MF $(DEPDIR)/libshadow_la-sgroupio.Tpo -c -o libshadow_la-sgroupio.lo `test -f 'sgroupio.c' || echo '$(srcdir)/'`sgroupio.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-sgroupio.lo -MD -MP -MF $(DEPDIR)/libshadow_la-sgroupio.Tpo -c -o libshadow_la-sgroupio.lo `test -f 'sgroupio.c' || echo '$(srcdir)/'`sgroupio.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-sgroupio.Tpo $(DEPDIR)/libshadow_la-sgroupio.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='sgroupio.c' object='libshadow_la-sgroupio.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-sgroupio.lo `test -f 'sgroupio.c' || echo '$(srcdir)/'`sgroupio.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-sgroupio.lo `test -f 'sgroupio.c' || echo '$(srcdir)/'`sgroupio.c libshadow_la-shadow.lo: shadow.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-shadow.lo -MD -MP -MF $(DEPDIR)/libshadow_la-shadow.Tpo -c -o libshadow_la-shadow.lo `test -f 'shadow.c' || echo '$(srcdir)/'`shadow.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-shadow.lo -MD -MP -MF $(DEPDIR)/libshadow_la-shadow.Tpo -c -o libshadow_la-shadow.lo `test -f 'shadow.c' || echo '$(srcdir)/'`shadow.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-shadow.Tpo $(DEPDIR)/libshadow_la-shadow.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='shadow.c' object='libshadow_la-shadow.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-shadow.lo `test -f 'shadow.c' || echo '$(srcdir)/'`shadow.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-shadow.lo `test -f 'shadow.c' || echo '$(srcdir)/'`shadow.c libshadow_la-shadowio.lo: shadowio.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-shadowio.lo -MD -MP -MF $(DEPDIR)/libshadow_la-shadowio.Tpo -c -o libshadow_la-shadowio.lo `test -f 'shadowio.c' || echo '$(srcdir)/'`shadowio.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-shadowio.lo -MD -MP -MF $(DEPDIR)/libshadow_la-shadowio.Tpo -c -o libshadow_la-shadowio.lo `test -f 'shadowio.c' || echo '$(srcdir)/'`shadowio.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-shadowio.Tpo $(DEPDIR)/libshadow_la-shadowio.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='shadowio.c' object='libshadow_la-shadowio.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-shadowio.lo `test -f 'shadowio.c' || echo '$(srcdir)/'`shadowio.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-shadowio.lo `test -f 'shadowio.c' || echo '$(srcdir)/'`shadowio.c + +libshadow_la-shadowlog.lo: shadowlog.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-shadowlog.lo -MD -MP -MF $(DEPDIR)/libshadow_la-shadowlog.Tpo -c -o libshadow_la-shadowlog.lo `test -f 'shadowlog.c' || echo '$(srcdir)/'`shadowlog.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-shadowlog.Tpo $(DEPDIR)/libshadow_la-shadowlog.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='shadowlog.c' object='libshadow_la-shadowlog.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-shadowlog.lo `test -f 'shadowlog.c' || echo '$(srcdir)/'`shadowlog.c libshadow_la-shadowmem.lo: shadowmem.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-shadowmem.lo -MD -MP -MF $(DEPDIR)/libshadow_la-shadowmem.Tpo -c -o libshadow_la-shadowmem.lo `test -f 'shadowmem.c' || echo '$(srcdir)/'`shadowmem.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-shadowmem.lo -MD -MP -MF $(DEPDIR)/libshadow_la-shadowmem.Tpo -c -o libshadow_la-shadowmem.lo `test -f 'shadowmem.c' || echo '$(srcdir)/'`shadowmem.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-shadowmem.Tpo $(DEPDIR)/libshadow_la-shadowmem.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='shadowmem.c' object='libshadow_la-shadowmem.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-shadowmem.lo `test -f 'shadowmem.c' || echo '$(srcdir)/'`shadowmem.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-shadowmem.lo `test -f 'shadowmem.c' || echo '$(srcdir)/'`shadowmem.c + +libshadow_la-shell.lo: shell.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-shell.lo -MD -MP -MF $(DEPDIR)/libshadow_la-shell.Tpo -c -o libshadow_la-shell.lo `test -f 'shell.c' || echo '$(srcdir)/'`shell.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-shell.Tpo $(DEPDIR)/libshadow_la-shell.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='shell.c' object='libshadow_la-shell.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-shell.lo `test -f 'shell.c' || echo '$(srcdir)/'`shell.c libshadow_la-spawn.lo: spawn.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-spawn.lo -MD -MP -MF $(DEPDIR)/libshadow_la-spawn.Tpo -c -o libshadow_la-spawn.lo `test -f 'spawn.c' || echo '$(srcdir)/'`spawn.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-spawn.lo -MD -MP -MF $(DEPDIR)/libshadow_la-spawn.Tpo -c -o libshadow_la-spawn.lo `test -f 'spawn.c' || echo '$(srcdir)/'`spawn.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-spawn.Tpo $(DEPDIR)/libshadow_la-spawn.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='spawn.c' object='libshadow_la-spawn.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-spawn.lo `test -f 'spawn.c' || echo '$(srcdir)/'`spawn.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-spawn.lo `test -f 'spawn.c' || echo '$(srcdir)/'`spawn.c + +libshadow_la-sssd.lo: sssd.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-sssd.lo -MD -MP -MF $(DEPDIR)/libshadow_la-sssd.Tpo -c -o libshadow_la-sssd.lo `test -f 'sssd.c' || echo '$(srcdir)/'`sssd.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-sssd.Tpo $(DEPDIR)/libshadow_la-sssd.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='sssd.c' object='libshadow_la-sssd.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-sssd.lo `test -f 'sssd.c' || echo '$(srcdir)/'`sssd.c + +string/libshadow_la-sprintf.lo: string/sprintf.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT string/libshadow_la-sprintf.lo -MD -MP -MF string/$(DEPDIR)/libshadow_la-sprintf.Tpo -c -o string/libshadow_la-sprintf.lo `test -f 'string/sprintf.c' || echo '$(srcdir)/'`string/sprintf.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) string/$(DEPDIR)/libshadow_la-sprintf.Tpo string/$(DEPDIR)/libshadow_la-sprintf.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='string/sprintf.c' object='string/libshadow_la-sprintf.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o string/libshadow_la-sprintf.lo `test -f 'string/sprintf.c' || echo '$(srcdir)/'`string/sprintf.c + +string/libshadow_la-stpecpy.lo: string/stpecpy.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT string/libshadow_la-stpecpy.lo -MD -MP -MF string/$(DEPDIR)/libshadow_la-stpecpy.Tpo -c -o string/libshadow_la-stpecpy.lo `test -f 'string/stpecpy.c' || echo '$(srcdir)/'`string/stpecpy.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) string/$(DEPDIR)/libshadow_la-stpecpy.Tpo string/$(DEPDIR)/libshadow_la-stpecpy.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='string/stpecpy.c' object='string/libshadow_la-stpecpy.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o string/libshadow_la-stpecpy.lo `test -f 'string/stpecpy.c' || echo '$(srcdir)/'`string/stpecpy.c + +string/libshadow_la-stpeprintf.lo: string/stpeprintf.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT string/libshadow_la-stpeprintf.lo -MD -MP -MF string/$(DEPDIR)/libshadow_la-stpeprintf.Tpo -c -o string/libshadow_la-stpeprintf.lo `test -f 'string/stpeprintf.c' || echo '$(srcdir)/'`string/stpeprintf.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) string/$(DEPDIR)/libshadow_la-stpeprintf.Tpo string/$(DEPDIR)/libshadow_la-stpeprintf.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='string/stpeprintf.c' object='string/libshadow_la-stpeprintf.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o string/libshadow_la-stpeprintf.lo `test -f 'string/stpeprintf.c' || echo '$(srcdir)/'`string/stpeprintf.c + +string/libshadow_la-strftime.lo: string/strftime.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT string/libshadow_la-strftime.lo -MD -MP -MF string/$(DEPDIR)/libshadow_la-strftime.Tpo -c -o string/libshadow_la-strftime.lo `test -f 'string/strftime.c' || echo '$(srcdir)/'`string/strftime.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) string/$(DEPDIR)/libshadow_la-strftime.Tpo string/$(DEPDIR)/libshadow_la-strftime.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='string/strftime.c' object='string/libshadow_la-strftime.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o string/libshadow_la-strftime.lo `test -f 'string/strftime.c' || echo '$(srcdir)/'`string/strftime.c + +string/libshadow_la-strtcpy.lo: string/strtcpy.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT string/libshadow_la-strtcpy.lo -MD -MP -MF string/$(DEPDIR)/libshadow_la-strtcpy.Tpo -c -o string/libshadow_la-strtcpy.lo `test -f 'string/strtcpy.c' || echo '$(srcdir)/'`string/strtcpy.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) string/$(DEPDIR)/libshadow_la-strtcpy.Tpo string/$(DEPDIR)/libshadow_la-strtcpy.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='string/strtcpy.c' object='string/libshadow_la-strtcpy.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o string/libshadow_la-strtcpy.lo `test -f 'string/strtcpy.c' || echo '$(srcdir)/'`string/strtcpy.c + +libshadow_la-strtoday.lo: strtoday.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-strtoday.lo -MD -MP -MF $(DEPDIR)/libshadow_la-strtoday.Tpo -c -o libshadow_la-strtoday.lo `test -f 'strtoday.c' || echo '$(srcdir)/'`strtoday.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-strtoday.Tpo $(DEPDIR)/libshadow_la-strtoday.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='strtoday.c' object='libshadow_la-strtoday.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-strtoday.lo `test -f 'strtoday.c' || echo '$(srcdir)/'`strtoday.c -libshadow_la-utent.lo: utent.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-utent.lo -MD -MP -MF $(DEPDIR)/libshadow_la-utent.Tpo -c -o libshadow_la-utent.lo `test -f 'utent.c' || echo '$(srcdir)/'`utent.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-utent.Tpo $(DEPDIR)/libshadow_la-utent.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utent.c' object='libshadow_la-utent.lo' libtool=yes @AMDEPBACKSLASH@ +libshadow_la-sub.lo: sub.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-sub.lo -MD -MP -MF $(DEPDIR)/libshadow_la-sub.Tpo -c -o libshadow_la-sub.lo `test -f 'sub.c' || echo '$(srcdir)/'`sub.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-sub.Tpo $(DEPDIR)/libshadow_la-sub.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='sub.c' object='libshadow_la-sub.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-utent.lo `test -f 'utent.c' || echo '$(srcdir)/'`utent.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-sub.lo `test -f 'sub.c' || echo '$(srcdir)/'`sub.c + +libshadow_la-subordinateio.lo: subordinateio.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-subordinateio.lo -MD -MP -MF $(DEPDIR)/libshadow_la-subordinateio.Tpo -c -o libshadow_la-subordinateio.lo `test -f 'subordinateio.c' || echo '$(srcdir)/'`subordinateio.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-subordinateio.Tpo $(DEPDIR)/libshadow_la-subordinateio.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='subordinateio.c' object='libshadow_la-subordinateio.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-subordinateio.lo `test -f 'subordinateio.c' || echo '$(srcdir)/'`subordinateio.c + +libshadow_la-sulog.lo: sulog.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-sulog.lo -MD -MP -MF $(DEPDIR)/libshadow_la-sulog.Tpo -c -o libshadow_la-sulog.lo `test -f 'sulog.c' || echo '$(srcdir)/'`sulog.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-sulog.Tpo $(DEPDIR)/libshadow_la-sulog.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='sulog.c' object='libshadow_la-sulog.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-sulog.lo `test -f 'sulog.c' || echo '$(srcdir)/'`sulog.c + +time/libshadow_la-day_to_str.lo: time/day_to_str.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT time/libshadow_la-day_to_str.lo -MD -MP -MF time/$(DEPDIR)/libshadow_la-day_to_str.Tpo -c -o time/libshadow_la-day_to_str.lo `test -f 'time/day_to_str.c' || echo '$(srcdir)/'`time/day_to_str.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) time/$(DEPDIR)/libshadow_la-day_to_str.Tpo time/$(DEPDIR)/libshadow_la-day_to_str.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='time/day_to_str.c' object='time/libshadow_la-day_to_str.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o time/libshadow_la-day_to_str.lo `test -f 'time/day_to_str.c' || echo '$(srcdir)/'`time/day_to_str.c + +libshadow_la-ttytype.lo: ttytype.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-ttytype.lo -MD -MP -MF $(DEPDIR)/libshadow_la-ttytype.Tpo -c -o libshadow_la-ttytype.lo `test -f 'ttytype.c' || echo '$(srcdir)/'`ttytype.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-ttytype.Tpo $(DEPDIR)/libshadow_la-ttytype.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ttytype.c' object='libshadow_la-ttytype.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-ttytype.lo `test -f 'ttytype.c' || echo '$(srcdir)/'`ttytype.c + +libshadow_la-tz.lo: tz.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-tz.lo -MD -MP -MF $(DEPDIR)/libshadow_la-tz.Tpo -c -o libshadow_la-tz.lo `test -f 'tz.c' || echo '$(srcdir)/'`tz.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-tz.Tpo $(DEPDIR)/libshadow_la-tz.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='tz.c' object='libshadow_la-tz.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-tz.lo `test -f 'tz.c' || echo '$(srcdir)/'`tz.c + +libshadow_la-ulimit.lo: ulimit.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-ulimit.lo -MD -MP -MF $(DEPDIR)/libshadow_la-ulimit.Tpo -c -o libshadow_la-ulimit.lo `test -f 'ulimit.c' || echo '$(srcdir)/'`ulimit.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-ulimit.Tpo $(DEPDIR)/libshadow_la-ulimit.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ulimit.c' object='libshadow_la-ulimit.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-ulimit.lo `test -f 'ulimit.c' || echo '$(srcdir)/'`ulimit.c + +libshadow_la-user_busy.lo: user_busy.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-user_busy.lo -MD -MP -MF $(DEPDIR)/libshadow_la-user_busy.Tpo -c -o libshadow_la-user_busy.lo `test -f 'user_busy.c' || echo '$(srcdir)/'`user_busy.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-user_busy.Tpo $(DEPDIR)/libshadow_la-user_busy.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='user_busy.c' object='libshadow_la-user_busy.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-user_busy.lo `test -f 'user_busy.c' || echo '$(srcdir)/'`user_busy.c + +libshadow_la-valid.lo: valid.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-valid.lo -MD -MP -MF $(DEPDIR)/libshadow_la-valid.Tpo -c -o libshadow_la-valid.lo `test -f 'valid.c' || echo '$(srcdir)/'`valid.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-valid.Tpo $(DEPDIR)/libshadow_la-valid.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='valid.c' object='libshadow_la-valid.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-valid.lo `test -f 'valid.c' || echo '$(srcdir)/'`valid.c + +libshadow_la-write_full.lo: write_full.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-write_full.lo -MD -MP -MF $(DEPDIR)/libshadow_la-write_full.Tpo -c -o libshadow_la-write_full.lo `test -f 'write_full.c' || echo '$(srcdir)/'`write_full.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-write_full.Tpo $(DEPDIR)/libshadow_la-write_full.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='write_full.c' object='libshadow_la-write_full.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-write_full.lo `test -f 'write_full.c' || echo '$(srcdir)/'`write_full.c + +libshadow_la-xgetpwnam.lo: xgetpwnam.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-xgetpwnam.lo -MD -MP -MF $(DEPDIR)/libshadow_la-xgetpwnam.Tpo -c -o libshadow_la-xgetpwnam.lo `test -f 'xgetpwnam.c' || echo '$(srcdir)/'`xgetpwnam.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-xgetpwnam.Tpo $(DEPDIR)/libshadow_la-xgetpwnam.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='xgetpwnam.c' object='libshadow_la-xgetpwnam.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-xgetpwnam.lo `test -f 'xgetpwnam.c' || echo '$(srcdir)/'`xgetpwnam.c + +libshadow_la-xprefix_getpwnam.lo: xprefix_getpwnam.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-xprefix_getpwnam.lo -MD -MP -MF $(DEPDIR)/libshadow_la-xprefix_getpwnam.Tpo -c -o libshadow_la-xprefix_getpwnam.lo `test -f 'xprefix_getpwnam.c' || echo '$(srcdir)/'`xprefix_getpwnam.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-xprefix_getpwnam.Tpo $(DEPDIR)/libshadow_la-xprefix_getpwnam.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='xprefix_getpwnam.c' object='libshadow_la-xprefix_getpwnam.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-xprefix_getpwnam.lo `test -f 'xprefix_getpwnam.c' || echo '$(srcdir)/'`xprefix_getpwnam.c + +libshadow_la-xgetpwuid.lo: xgetpwuid.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-xgetpwuid.lo -MD -MP -MF $(DEPDIR)/libshadow_la-xgetpwuid.Tpo -c -o libshadow_la-xgetpwuid.lo `test -f 'xgetpwuid.c' || echo '$(srcdir)/'`xgetpwuid.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-xgetpwuid.Tpo $(DEPDIR)/libshadow_la-xgetpwuid.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='xgetpwuid.c' object='libshadow_la-xgetpwuid.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-xgetpwuid.lo `test -f 'xgetpwuid.c' || echo '$(srcdir)/'`xgetpwuid.c + +libshadow_la-xgetgrnam.lo: xgetgrnam.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-xgetgrnam.lo -MD -MP -MF $(DEPDIR)/libshadow_la-xgetgrnam.Tpo -c -o libshadow_la-xgetgrnam.lo `test -f 'xgetgrnam.c' || echo '$(srcdir)/'`xgetgrnam.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-xgetgrnam.Tpo $(DEPDIR)/libshadow_la-xgetgrnam.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='xgetgrnam.c' object='libshadow_la-xgetgrnam.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-xgetgrnam.lo `test -f 'xgetgrnam.c' || echo '$(srcdir)/'`xgetgrnam.c + +libshadow_la-xgetgrgid.lo: xgetgrgid.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-xgetgrgid.lo -MD -MP -MF $(DEPDIR)/libshadow_la-xgetgrgid.Tpo -c -o libshadow_la-xgetgrgid.lo `test -f 'xgetgrgid.c' || echo '$(srcdir)/'`xgetgrgid.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-xgetgrgid.Tpo $(DEPDIR)/libshadow_la-xgetgrgid.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='xgetgrgid.c' object='libshadow_la-xgetgrgid.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-xgetgrgid.lo `test -f 'xgetgrgid.c' || echo '$(srcdir)/'`xgetgrgid.c + +libshadow_la-xgetspnam.lo: xgetspnam.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-xgetspnam.lo -MD -MP -MF $(DEPDIR)/libshadow_la-xgetspnam.Tpo -c -o libshadow_la-xgetspnam.lo `test -f 'xgetspnam.c' || echo '$(srcdir)/'`xgetspnam.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-xgetspnam.Tpo $(DEPDIR)/libshadow_la-xgetspnam.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='xgetspnam.c' object='libshadow_la-xgetspnam.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-xgetspnam.lo `test -f 'xgetspnam.c' || echo '$(srcdir)/'`xgetspnam.c + +libshadow_la-yesno.lo: yesno.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-yesno.lo -MD -MP -MF $(DEPDIR)/libshadow_la-yesno.Tpo -c -o libshadow_la-yesno.lo `test -f 'yesno.c' || echo '$(srcdir)/'`yesno.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-yesno.Tpo $(DEPDIR)/libshadow_la-yesno.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='yesno.c' object='libshadow_la-yesno.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-yesno.lo `test -f 'yesno.c' || echo '$(srcdir)/'`yesno.c libshadow_la-tcbfuncs.lo: tcbfuncs.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libshadow_la-tcbfuncs.lo -MD -MP -MF $(DEPDIR)/libshadow_la-tcbfuncs.Tpo -c -o libshadow_la-tcbfuncs.lo `test -f 'tcbfuncs.c' || echo '$(srcdir)/'`tcbfuncs.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-tcbfuncs.lo -MD -MP -MF $(DEPDIR)/libshadow_la-tcbfuncs.Tpo -c -o libshadow_la-tcbfuncs.lo `test -f 'tcbfuncs.c' || echo '$(srcdir)/'`tcbfuncs.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-tcbfuncs.Tpo $(DEPDIR)/libshadow_la-tcbfuncs.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='tcbfuncs.c' object='libshadow_la-tcbfuncs.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libshadow_la-tcbfuncs.lo `test -f 'tcbfuncs.c' || echo '$(srcdir)/'`tcbfuncs.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-tcbfuncs.lo `test -f 'tcbfuncs.c' || echo '$(srcdir)/'`tcbfuncs.c + +libshadow_la-btrfs.lo: btrfs.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-btrfs.lo -MD -MP -MF $(DEPDIR)/libshadow_la-btrfs.Tpo -c -o libshadow_la-btrfs.lo `test -f 'btrfs.c' || echo '$(srcdir)/'`btrfs.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-btrfs.Tpo $(DEPDIR)/libshadow_la-btrfs.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='btrfs.c' object='libshadow_la-btrfs.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-btrfs.lo `test -f 'btrfs.c' || echo '$(srcdir)/'`btrfs.c + +libshadow_la-log.lo: log.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-log.lo -MD -MP -MF $(DEPDIR)/libshadow_la-log.Tpo -c -o libshadow_la-log.lo `test -f 'log.c' || echo '$(srcdir)/'`log.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-log.Tpo $(DEPDIR)/libshadow_la-log.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='log.c' object='libshadow_la-log.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-log.lo `test -f 'log.c' || echo '$(srcdir)/'`log.c + +libshadow_la-logind.lo: logind.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-logind.lo -MD -MP -MF $(DEPDIR)/libshadow_la-logind.Tpo -c -o libshadow_la-logind.lo `test -f 'logind.c' || echo '$(srcdir)/'`logind.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-logind.Tpo $(DEPDIR)/libshadow_la-logind.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='logind.c' object='libshadow_la-logind.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-logind.lo `test -f 'logind.c' || echo '$(srcdir)/'`logind.c + +libshadow_la-utmp.lo: utmp.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-utmp.lo -MD -MP -MF $(DEPDIR)/libshadow_la-utmp.Tpo -c -o libshadow_la-utmp.lo `test -f 'utmp.c' || echo '$(srcdir)/'`utmp.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-utmp.Tpo $(DEPDIR)/libshadow_la-utmp.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utmp.c' object='libshadow_la-utmp.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-utmp.lo `test -f 'utmp.c' || echo '$(srcdir)/'`utmp.c + +libshadow_la-freezero.lo: freezero.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-freezero.lo -MD -MP -MF $(DEPDIR)/libshadow_la-freezero.Tpo -c -o libshadow_la-freezero.lo `test -f 'freezero.c' || echo '$(srcdir)/'`freezero.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-freezero.Tpo $(DEPDIR)/libshadow_la-freezero.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='freezero.c' object='libshadow_la-freezero.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-freezero.lo `test -f 'freezero.c' || echo '$(srcdir)/'`freezero.c + +libshadow_la-readpassphrase.lo: readpassphrase.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -MT libshadow_la-readpassphrase.lo -MD -MP -MF $(DEPDIR)/libshadow_la-readpassphrase.Tpo -c -o libshadow_la-readpassphrase.lo `test -f 'readpassphrase.c' || echo '$(srcdir)/'`readpassphrase.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libshadow_la-readpassphrase.Tpo $(DEPDIR)/libshadow_la-readpassphrase.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='readpassphrase.c' object='libshadow_la-readpassphrase.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libshadow_la_CPPFLAGS) $(CPPFLAGS) $(libshadow_la_CFLAGS) $(CFLAGS) -c -o libshadow_la-readpassphrase.lo `test -f 'readpassphrase.c' || echo '$(srcdir)/'`readpassphrase.c + +.y.c: + $(AM_V_YACC)$(am__skipyacc) $(SHELL) $(YLWRAP) $< y.tab.c $@ y.tab.h `echo $@ | $(am__yacc_c2h)` y.output $*.output -- $(YACCCOMPILE) mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs + -rm -rf atoi/.libs atoi/_libs + -rm -rf string/.libs string/_libs + -rm -rf time/.libs time/_libs ID: $(am__tagged_files) $(am__define_uniq_tagged_files); mkid -fID $$unique @@ -916,39 +1839,100 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + -rm -f atoi/$(DEPDIR)/$(am__dirstamp) + -rm -f atoi/$(am__dirstamp) + -rm -f string/$(DEPDIR)/$(am__dirstamp) + -rm -f string/$(am__dirstamp) + -rm -f time/$(DEPDIR)/$(am__dirstamp) + -rm -f time/$(am__dirstamp) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." + -rm -f getdate.c clean: clean-am clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ mostlyclean-am distclean: distclean-am - -rm -f ./$(DEPDIR)/libshadow_la-commonio.Plo + -rm -f ./$(DEPDIR)/libshadow_la-addgrps.Plo + -rm -f ./$(DEPDIR)/libshadow_la-adds.Plo + -rm -f ./$(DEPDIR)/libshadow_la-age.Plo + -rm -f ./$(DEPDIR)/libshadow_la-agetpass.Plo + -rm -f ./$(DEPDIR)/libshadow_la-alloc.Plo + -rm -f ./$(DEPDIR)/libshadow_la-audit_help.Plo + -rm -f ./$(DEPDIR)/libshadow_la-basename.Plo + -rm -f ./$(DEPDIR)/libshadow_la-bit.Plo + -rm -f ./$(DEPDIR)/libshadow_la-btrfs.Plo + -rm -f ./$(DEPDIR)/libshadow_la-chkname.Plo + -rm -f ./$(DEPDIR)/libshadow_la-chowndir.Plo + -rm -f ./$(DEPDIR)/libshadow_la-chowntty.Plo + -rm -f ./$(DEPDIR)/libshadow_la-cleanup.Plo + -rm -f ./$(DEPDIR)/libshadow_la-cleanup_group.Plo + -rm -f ./$(DEPDIR)/libshadow_la-cleanup_user.Plo + -rm -f ./$(DEPDIR)/libshadow_la-commonio.Plo + -rm -f ./$(DEPDIR)/libshadow_la-console.Plo + -rm -f ./$(DEPDIR)/libshadow_la-copydir.Plo + -rm -f ./$(DEPDIR)/libshadow_la-csrand.Plo -rm -f ./$(DEPDIR)/libshadow_la-encrypt.Plo + -rm -f ./$(DEPDIR)/libshadow_la-env.Plo + -rm -f ./$(DEPDIR)/libshadow_la-failure.Plo + -rm -f ./$(DEPDIR)/libshadow_la-fd.Plo -rm -f ./$(DEPDIR)/libshadow_la-fields.Plo + -rm -f ./$(DEPDIR)/libshadow_la-find_new_gid.Plo + -rm -f ./$(DEPDIR)/libshadow_la-find_new_sub_gids.Plo + -rm -f ./$(DEPDIR)/libshadow_la-find_new_sub_uids.Plo + -rm -f ./$(DEPDIR)/libshadow_la-find_new_uid.Plo -rm -f ./$(DEPDIR)/libshadow_la-fputsx.Plo + -rm -f ./$(DEPDIR)/libshadow_la-freezero.Plo -rm -f ./$(DEPDIR)/libshadow_la-get_gid.Plo -rm -f ./$(DEPDIR)/libshadow_la-get_pid.Plo -rm -f ./$(DEPDIR)/libshadow_la-get_uid.Plo + -rm -f ./$(DEPDIR)/libshadow_la-getdate.Plo -rm -f ./$(DEPDIR)/libshadow_la-getdef.Plo - -rm -f ./$(DEPDIR)/libshadow_la-getlong.Plo - -rm -f ./$(DEPDIR)/libshadow_la-getulong.Plo + -rm -f ./$(DEPDIR)/libshadow_la-getgr_nam_gid.Plo + -rm -f ./$(DEPDIR)/libshadow_la-getrange.Plo + -rm -f ./$(DEPDIR)/libshadow_la-gettime.Plo -rm -f ./$(DEPDIR)/libshadow_la-groupio.Plo -rm -f ./$(DEPDIR)/libshadow_la-groupmem.Plo -rm -f ./$(DEPDIR)/libshadow_la-gshadow.Plo + -rm -f ./$(DEPDIR)/libshadow_la-hushed.Plo + -rm -f ./$(DEPDIR)/libshadow_la-idmapping.Plo + -rm -f ./$(DEPDIR)/libshadow_la-isexpired.Plo + -rm -f ./$(DEPDIR)/libshadow_la-limits.Plo + -rm -f ./$(DEPDIR)/libshadow_la-list.Plo -rm -f ./$(DEPDIR)/libshadow_la-lockpw.Plo + -rm -f ./$(DEPDIR)/libshadow_la-log.Plo + -rm -f ./$(DEPDIR)/libshadow_la-logind.Plo + -rm -f ./$(DEPDIR)/libshadow_la-loginprompt.Plo + -rm -f ./$(DEPDIR)/libshadow_la-mail.Plo + -rm -f ./$(DEPDIR)/libshadow_la-memzero.Plo + -rm -f ./$(DEPDIR)/libshadow_la-motd.Plo + -rm -f ./$(DEPDIR)/libshadow_la-myname.Plo -rm -f ./$(DEPDIR)/libshadow_la-nscd.Plo -rm -f ./$(DEPDIR)/libshadow_la-nss.Plo + -rm -f ./$(DEPDIR)/libshadow_la-obscure.Plo + -rm -f ./$(DEPDIR)/libshadow_la-pam_pass.Plo + -rm -f ./$(DEPDIR)/libshadow_la-pam_pass_non_interactive.Plo -rm -f ./$(DEPDIR)/libshadow_la-port.Plo + -rm -f ./$(DEPDIR)/libshadow_la-prefix_flag.Plo -rm -f ./$(DEPDIR)/libshadow_la-pwauth.Plo + -rm -f ./$(DEPDIR)/libshadow_la-pwd2spwd.Plo + -rm -f ./$(DEPDIR)/libshadow_la-pwd_init.Plo + -rm -f ./$(DEPDIR)/libshadow_la-pwdcheck.Plo -rm -f ./$(DEPDIR)/libshadow_la-pwio.Plo -rm -f ./$(DEPDIR)/libshadow_la-pwmem.Plo + -rm -f ./$(DEPDIR)/libshadow_la-readpassphrase.Plo + -rm -f ./$(DEPDIR)/libshadow_la-remove_tree.Plo + -rm -f ./$(DEPDIR)/libshadow_la-rlogin.Plo + -rm -f ./$(DEPDIR)/libshadow_la-root_flag.Plo -rm -f ./$(DEPDIR)/libshadow_la-run_part.Plo + -rm -f ./$(DEPDIR)/libshadow_la-salt.Plo -rm -f ./$(DEPDIR)/libshadow_la-selinux.Plo -rm -f ./$(DEPDIR)/libshadow_la-semanage.Plo + -rm -f ./$(DEPDIR)/libshadow_la-setugid.Plo + -rm -f ./$(DEPDIR)/libshadow_la-setupenv.Plo -rm -f ./$(DEPDIR)/libshadow_la-sgetgrent.Plo -rm -f ./$(DEPDIR)/libshadow_la-sgetpwent.Plo -rm -f ./$(DEPDIR)/libshadow_la-sgetspent.Plo @@ -957,11 +1941,38 @@ distclean: distclean-am -rm -f ./$(DEPDIR)/libshadow_la-shadowio.Plo -rm -f ./$(DEPDIR)/libshadow_la-shadowlog.Plo -rm -f ./$(DEPDIR)/libshadow_la-shadowmem.Plo + -rm -f ./$(DEPDIR)/libshadow_la-shell.Plo -rm -f ./$(DEPDIR)/libshadow_la-spawn.Plo -rm -f ./$(DEPDIR)/libshadow_la-sssd.Plo + -rm -f ./$(DEPDIR)/libshadow_la-strtoday.Plo + -rm -f ./$(DEPDIR)/libshadow_la-sub.Plo -rm -f ./$(DEPDIR)/libshadow_la-subordinateio.Plo + -rm -f ./$(DEPDIR)/libshadow_la-sulog.Plo -rm -f ./$(DEPDIR)/libshadow_la-tcbfuncs.Plo - -rm -f ./$(DEPDIR)/libshadow_la-utent.Plo + -rm -f ./$(DEPDIR)/libshadow_la-ttytype.Plo + -rm -f ./$(DEPDIR)/libshadow_la-tz.Plo + -rm -f ./$(DEPDIR)/libshadow_la-ulimit.Plo + -rm -f ./$(DEPDIR)/libshadow_la-user_busy.Plo + -rm -f ./$(DEPDIR)/libshadow_la-utmp.Plo + -rm -f ./$(DEPDIR)/libshadow_la-valid.Plo + -rm -f ./$(DEPDIR)/libshadow_la-write_full.Plo + -rm -f ./$(DEPDIR)/libshadow_la-xgetgrgid.Plo + -rm -f ./$(DEPDIR)/libshadow_la-xgetgrnam.Plo + -rm -f ./$(DEPDIR)/libshadow_la-xgetpwnam.Plo + -rm -f ./$(DEPDIR)/libshadow_la-xgetpwuid.Plo + -rm -f ./$(DEPDIR)/libshadow_la-xgetspnam.Plo + -rm -f ./$(DEPDIR)/libshadow_la-xprefix_getpwnam.Plo + -rm -f ./$(DEPDIR)/libshadow_la-yesno.Plo + -rm -f atoi/$(DEPDIR)/libshadow_la-a2i.Plo + -rm -f atoi/$(DEPDIR)/libshadow_la-str2i.Plo + -rm -f atoi/$(DEPDIR)/libshadow_la-strtoi.Plo + -rm -f atoi/$(DEPDIR)/libshadow_la-strtou_noneg.Plo + -rm -f string/$(DEPDIR)/libshadow_la-sprintf.Plo + -rm -f string/$(DEPDIR)/libshadow_la-stpecpy.Plo + -rm -f string/$(DEPDIR)/libshadow_la-stpeprintf.Plo + -rm -f string/$(DEPDIR)/libshadow_la-strftime.Plo + -rm -f string/$(DEPDIR)/libshadow_la-strtcpy.Plo + -rm -f time/$(DEPDIR)/libshadow_la-day_to_str.Plo -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -1007,29 +2018,83 @@ install-ps-am: installcheck-am: maintainer-clean: maintainer-clean-am - -rm -f ./$(DEPDIR)/libshadow_la-commonio.Plo + -rm -f ./$(DEPDIR)/libshadow_la-addgrps.Plo + -rm -f ./$(DEPDIR)/libshadow_la-adds.Plo + -rm -f ./$(DEPDIR)/libshadow_la-age.Plo + -rm -f ./$(DEPDIR)/libshadow_la-agetpass.Plo + -rm -f ./$(DEPDIR)/libshadow_la-alloc.Plo + -rm -f ./$(DEPDIR)/libshadow_la-audit_help.Plo + -rm -f ./$(DEPDIR)/libshadow_la-basename.Plo + -rm -f ./$(DEPDIR)/libshadow_la-bit.Plo + -rm -f ./$(DEPDIR)/libshadow_la-btrfs.Plo + -rm -f ./$(DEPDIR)/libshadow_la-chkname.Plo + -rm -f ./$(DEPDIR)/libshadow_la-chowndir.Plo + -rm -f ./$(DEPDIR)/libshadow_la-chowntty.Plo + -rm -f ./$(DEPDIR)/libshadow_la-cleanup.Plo + -rm -f ./$(DEPDIR)/libshadow_la-cleanup_group.Plo + -rm -f ./$(DEPDIR)/libshadow_la-cleanup_user.Plo + -rm -f ./$(DEPDIR)/libshadow_la-commonio.Plo + -rm -f ./$(DEPDIR)/libshadow_la-console.Plo + -rm -f ./$(DEPDIR)/libshadow_la-copydir.Plo + -rm -f ./$(DEPDIR)/libshadow_la-csrand.Plo -rm -f ./$(DEPDIR)/libshadow_la-encrypt.Plo + -rm -f ./$(DEPDIR)/libshadow_la-env.Plo + -rm -f ./$(DEPDIR)/libshadow_la-failure.Plo + -rm -f ./$(DEPDIR)/libshadow_la-fd.Plo -rm -f ./$(DEPDIR)/libshadow_la-fields.Plo + -rm -f ./$(DEPDIR)/libshadow_la-find_new_gid.Plo + -rm -f ./$(DEPDIR)/libshadow_la-find_new_sub_gids.Plo + -rm -f ./$(DEPDIR)/libshadow_la-find_new_sub_uids.Plo + -rm -f ./$(DEPDIR)/libshadow_la-find_new_uid.Plo -rm -f ./$(DEPDIR)/libshadow_la-fputsx.Plo + -rm -f ./$(DEPDIR)/libshadow_la-freezero.Plo -rm -f ./$(DEPDIR)/libshadow_la-get_gid.Plo -rm -f ./$(DEPDIR)/libshadow_la-get_pid.Plo -rm -f ./$(DEPDIR)/libshadow_la-get_uid.Plo + -rm -f ./$(DEPDIR)/libshadow_la-getdate.Plo -rm -f ./$(DEPDIR)/libshadow_la-getdef.Plo - -rm -f ./$(DEPDIR)/libshadow_la-getlong.Plo - -rm -f ./$(DEPDIR)/libshadow_la-getulong.Plo + -rm -f ./$(DEPDIR)/libshadow_la-getgr_nam_gid.Plo + -rm -f ./$(DEPDIR)/libshadow_la-getrange.Plo + -rm -f ./$(DEPDIR)/libshadow_la-gettime.Plo -rm -f ./$(DEPDIR)/libshadow_la-groupio.Plo -rm -f ./$(DEPDIR)/libshadow_la-groupmem.Plo -rm -f ./$(DEPDIR)/libshadow_la-gshadow.Plo + -rm -f ./$(DEPDIR)/libshadow_la-hushed.Plo + -rm -f ./$(DEPDIR)/libshadow_la-idmapping.Plo + -rm -f ./$(DEPDIR)/libshadow_la-isexpired.Plo + -rm -f ./$(DEPDIR)/libshadow_la-limits.Plo + -rm -f ./$(DEPDIR)/libshadow_la-list.Plo -rm -f ./$(DEPDIR)/libshadow_la-lockpw.Plo + -rm -f ./$(DEPDIR)/libshadow_la-log.Plo + -rm -f ./$(DEPDIR)/libshadow_la-logind.Plo + -rm -f ./$(DEPDIR)/libshadow_la-loginprompt.Plo + -rm -f ./$(DEPDIR)/libshadow_la-mail.Plo + -rm -f ./$(DEPDIR)/libshadow_la-memzero.Plo + -rm -f ./$(DEPDIR)/libshadow_la-motd.Plo + -rm -f ./$(DEPDIR)/libshadow_la-myname.Plo -rm -f ./$(DEPDIR)/libshadow_la-nscd.Plo -rm -f ./$(DEPDIR)/libshadow_la-nss.Plo + -rm -f ./$(DEPDIR)/libshadow_la-obscure.Plo + -rm -f ./$(DEPDIR)/libshadow_la-pam_pass.Plo + -rm -f ./$(DEPDIR)/libshadow_la-pam_pass_non_interactive.Plo -rm -f ./$(DEPDIR)/libshadow_la-port.Plo + -rm -f ./$(DEPDIR)/libshadow_la-prefix_flag.Plo -rm -f ./$(DEPDIR)/libshadow_la-pwauth.Plo + -rm -f ./$(DEPDIR)/libshadow_la-pwd2spwd.Plo + -rm -f ./$(DEPDIR)/libshadow_la-pwd_init.Plo + -rm -f ./$(DEPDIR)/libshadow_la-pwdcheck.Plo -rm -f ./$(DEPDIR)/libshadow_la-pwio.Plo -rm -f ./$(DEPDIR)/libshadow_la-pwmem.Plo + -rm -f ./$(DEPDIR)/libshadow_la-readpassphrase.Plo + -rm -f ./$(DEPDIR)/libshadow_la-remove_tree.Plo + -rm -f ./$(DEPDIR)/libshadow_la-rlogin.Plo + -rm -f ./$(DEPDIR)/libshadow_la-root_flag.Plo -rm -f ./$(DEPDIR)/libshadow_la-run_part.Plo + -rm -f ./$(DEPDIR)/libshadow_la-salt.Plo -rm -f ./$(DEPDIR)/libshadow_la-selinux.Plo -rm -f ./$(DEPDIR)/libshadow_la-semanage.Plo + -rm -f ./$(DEPDIR)/libshadow_la-setugid.Plo + -rm -f ./$(DEPDIR)/libshadow_la-setupenv.Plo -rm -f ./$(DEPDIR)/libshadow_la-sgetgrent.Plo -rm -f ./$(DEPDIR)/libshadow_la-sgetpwent.Plo -rm -f ./$(DEPDIR)/libshadow_la-sgetspent.Plo @@ -1038,11 +2103,38 @@ maintainer-clean: maintainer-clean-am -rm -f ./$(DEPDIR)/libshadow_la-shadowio.Plo -rm -f ./$(DEPDIR)/libshadow_la-shadowlog.Plo -rm -f ./$(DEPDIR)/libshadow_la-shadowmem.Plo + -rm -f ./$(DEPDIR)/libshadow_la-shell.Plo -rm -f ./$(DEPDIR)/libshadow_la-spawn.Plo -rm -f ./$(DEPDIR)/libshadow_la-sssd.Plo + -rm -f ./$(DEPDIR)/libshadow_la-strtoday.Plo + -rm -f ./$(DEPDIR)/libshadow_la-sub.Plo -rm -f ./$(DEPDIR)/libshadow_la-subordinateio.Plo + -rm -f ./$(DEPDIR)/libshadow_la-sulog.Plo -rm -f ./$(DEPDIR)/libshadow_la-tcbfuncs.Plo - -rm -f ./$(DEPDIR)/libshadow_la-utent.Plo + -rm -f ./$(DEPDIR)/libshadow_la-ttytype.Plo + -rm -f ./$(DEPDIR)/libshadow_la-tz.Plo + -rm -f ./$(DEPDIR)/libshadow_la-ulimit.Plo + -rm -f ./$(DEPDIR)/libshadow_la-user_busy.Plo + -rm -f ./$(DEPDIR)/libshadow_la-utmp.Plo + -rm -f ./$(DEPDIR)/libshadow_la-valid.Plo + -rm -f ./$(DEPDIR)/libshadow_la-write_full.Plo + -rm -f ./$(DEPDIR)/libshadow_la-xgetgrgid.Plo + -rm -f ./$(DEPDIR)/libshadow_la-xgetgrnam.Plo + -rm -f ./$(DEPDIR)/libshadow_la-xgetpwnam.Plo + -rm -f ./$(DEPDIR)/libshadow_la-xgetpwuid.Plo + -rm -f ./$(DEPDIR)/libshadow_la-xgetspnam.Plo + -rm -f ./$(DEPDIR)/libshadow_la-xprefix_getpwnam.Plo + -rm -f ./$(DEPDIR)/libshadow_la-yesno.Plo + -rm -f atoi/$(DEPDIR)/libshadow_la-a2i.Plo + -rm -f atoi/$(DEPDIR)/libshadow_la-str2i.Plo + -rm -f atoi/$(DEPDIR)/libshadow_la-strtoi.Plo + -rm -f atoi/$(DEPDIR)/libshadow_la-strtou_noneg.Plo + -rm -f string/$(DEPDIR)/libshadow_la-sprintf.Plo + -rm -f string/$(DEPDIR)/libshadow_la-stpecpy.Plo + -rm -f string/$(DEPDIR)/libshadow_la-stpeprintf.Plo + -rm -f string/$(DEPDIR)/libshadow_la-strftime.Plo + -rm -f string/$(DEPDIR)/libshadow_la-strtcpy.Plo + -rm -f time/$(DEPDIR)/libshadow_la-day_to_str.Plo -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic diff --git a/lib/addgrps.c b/lib/addgrps.c new file mode 100644 index 0000000..dae3dba --- /dev/null +++ b/lib/addgrps.c @@ -0,0 +1,114 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2001 - 2006, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2007 - 2009, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#if defined (HAVE_SETGROUPS) && ! defined (USE_PAM) + +#include "prototypes.h" +#include "defines.h" + +#include <stdio.h> +#include <grp.h> +#include <errno.h> + +#include "alloc.h" +#include "shadowlog.h" + +#ident "$Id$" + +#define SEP ",:" +/* + * Add groups with names from LIST (separated by commas or colons) + * to the supplementary group set. Silently ignore groups which are + * already there. Warning: uses strtok(). + */ +int add_groups (const char *list) +{ + GETGROUPS_T *grouplist; + size_t i; + int ngroups; + bool added; + char *token; + char buf[1024]; + int ret; + FILE *shadow_logfd = log_get_logfd(); + + if (strlen (list) >= sizeof (buf)) { + errno = EINVAL; + return -1; + } + strcpy (buf, list); + + i = 16; + for (;;) { + grouplist = MALLOC(i, GETGROUPS_T); + if (NULL == grouplist) { + return -1; + } + ngroups = getgroups (i, grouplist); + if ( ( (-1 == ngroups) + && (EINVAL != errno)) + || (i > (size_t)ngroups)) { + /* Unexpected failure of getgroups or successful + * reception of the groups */ + break; + } + /* not enough room, so try allocating a larger buffer */ + free (grouplist); + i *= 2; + } + if (ngroups < 0) { + free (grouplist); + return -1; + } + + added = false; + for (token = strtok (buf, SEP); NULL != token; token = strtok (NULL, SEP)) { + struct group *grp; + + grp = getgrnam (token); /* local, no need for xgetgrnam */ + if (NULL == grp) { + fprintf (shadow_logfd, _("Warning: unknown group %s\n"), + token); + continue; + } + + for (i = 0; i < (size_t)ngroups && grouplist[i] != grp->gr_gid; i++); + + if (i < (size_t)ngroups) { + continue; + } + + if (ngroups >= sysconf (_SC_NGROUPS_MAX)) { + fputs (_("Warning: too many groups\n"), shadow_logfd); + break; + } + grouplist = REALLOCF(grouplist, (size_t) ngroups + 1, GETGROUPS_T); + if (grouplist == NULL) { + return -1; + } + grouplist[ngroups] = grp->gr_gid; + ngroups++; + added = true; + } + + if (added) { + ret = setgroups (ngroups, grouplist); + free (grouplist); + return ret; + } + + free (grouplist); + return 0; +} +#else /* HAVE_SETGROUPS && !USE_PAM */ +extern int ISO_C_forbids_an_empty_translation_unit; +#endif /* HAVE_SETGROUPS && !USE_PAM */ + diff --git a/lib/adds.c b/lib/adds.c new file mode 100644 index 0000000..5d8c153 --- /dev/null +++ b/lib/adds.c @@ -0,0 +1,15 @@ +// SPDX-FileCopyrightText: 2023, Alejandro Colomar <alx@kernel.org> +// SPDX-License-Identifier: BSD-3-Clause + + +#include <config.h> + +#include "adds.h" + +#include <stddef.h> + + +extern inline long addsl2(long a, long b); +extern inline long addslN(size_t n, long addend[n]); + +extern inline int cmpl(const void *p1, const void *p2); diff --git a/lib/adds.h b/lib/adds.h new file mode 100644 index 0000000..6544ce5 --- /dev/null +++ b/lib/adds.h @@ -0,0 +1,86 @@ +// SPDX-FileCopyrightText: 2023, Alejandro Colomar <alx@kernel.org> +// SPDX-License-Identifier: BSD-3-Clause + + +#ifndef SHADOW_INCLUDE_LIB_ADDS_H_ +#define SHADOW_INCLUDE_LIB_ADDS_H_ + + +#include <config.h> + +#include <errno.h> +#include <limits.h> +#include <stddef.h> +#include <stdlib.h> + +#include "sizeof.h" + + +#define addsl(a, b, ...) \ +({ \ + long addend_[] = {a, b, __VA_ARGS__}; \ + \ + addslN(NITEMS(addend_), addend_); \ +}) + + +inline long addsl2(long a, long b); +inline long addslN(size_t n, long addend[n]); + +inline int cmpl(const void *p1, const void *p2); + + +inline long +addsl2(long a, long b) +{ + if (a > 0 && b > LONG_MAX - a) { + errno = EOVERFLOW; + return LONG_MAX; + } + if (a < 0 && b < LONG_MIN - a) { + errno = EOVERFLOW; + return LONG_MIN; + } + return a + b; +} + + +inline long +addslN(size_t n, long addend[n]) +{ + int e; + + if (n == 0) { + errno = EDOM; + return 0; + } + + e = errno; + while (n > 1) { + qsort(addend, n, sizeof(addend[0]), cmpl); + + errno = 0; + addend[0] = addsl2(addend[0], addend[--n]); + if (errno == EOVERFLOW) + return addend[0]; + } + errno = e; + return addend[0]; +} + + +inline int +cmpl(const void *p1, const void *p2) +{ + const long *l1 = p1; + const long *l2 = p2; + + if (*l1 < *l2) + return -1; + if (*l1 > *l2) + return +1; + return 0; +} + + +#endif // include guard diff --git a/lib/age.c b/lib/age.c new file mode 100644 index 0000000..72a13ea --- /dev/null +++ b/lib/age.c @@ -0,0 +1,181 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2001 - 2006, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2008 - 2009, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#include <sys/types.h> +#include <stdio.h> +#include <time.h> +#include <errno.h> +#include <pwd.h> +#include <grp.h> + +#include "adds.h" +#include "defines.h" +#include "exitcodes.h" +#include "prototypes.h" + + +#ident "$Id$" + +#ifndef PASSWD_PROGRAM +#define PASSWD_PROGRAM "/bin/passwd" +#endif +/* + * expire - force password change if password expired + * + * expire() calls /bin/passwd to change the user's password + * if it has expired. + */ +int expire (const struct passwd *pw, /*@null@*/const struct spwd *sp) +{ + int status; + pid_t child; + pid_t pid; + + if (NULL == sp) { + return 0; + } + + /* + * See if the user's password has expired, and if so + * force them to change their password. + */ + + status = isexpired (pw, sp); + switch (status) { + case 0: + return 0; + case 1: + (void) fputs (_("Your password has expired."), stdout); + break; + case 2: + (void) fputs (_("Your password is inactive."), stdout); + break; + case 3: + (void) fputs (_("Your login has expired."), stdout); + break; + } + + /* + * Setting the maximum valid period to less than the minimum + * valid period means that the minimum period will never + * occur while the password is valid, so the user can never + * change that password. + */ + + if ((status > 1) || (sp->sp_max < sp->sp_min)) { + (void) puts (_(" Contact the system administrator.")); + exit (EXIT_FAILURE); + } + (void) puts (_(" Choose a new password.")); + (void) fflush (stdout); + + /* + * Close all the files so that unauthorized access won't + * occur. This needs to be done anyway because those files + * might become stale after "passwd" is executed. + */ + + endspent (); + endpwent (); +#ifdef SHADOWGRP + endsgent (); +#endif + endgrent (); + + /* + * Execute the /bin/passwd command. The exit status will be + * examined to see what the result is. If there are any + * errors the routine will exit. This forces the user to + * change their password before being able to use the account. + */ + + pid = fork (); + if (0 == pid) { + int err; + + /* + * Set the UID to be that of the user. This causes + * passwd to work just like it would had they executed + * it from the command line while logged in. + */ +#if defined(HAVE_INITGROUPS) && ! defined(USE_PAM) + if (setup_uid_gid (pw, false) != 0) +#else + if (setup_uid_gid (pw) != 0) +#endif + { + _exit (126); + } + + (void) execl (PASSWD_PROGRAM, PASSWD_PROGRAM, pw->pw_name, (char *) NULL); + err = errno; + perror ("Can't execute " PASSWD_PROGRAM); + _exit ((ENOENT == err) ? E_CMD_NOTFOUND : E_CMD_NOEXEC); + } else if ((pid_t) -1 == pid) { + perror ("fork"); + exit (EXIT_FAILURE); + } + + while (((child = wait (&status)) != pid) && (child != (pid_t)-1)); + + if ((child == pid) && (0 == status)) { + return 1; + } + + exit (EXIT_FAILURE); + /*@notreached@*/} + +/* + * agecheck - see if warning is needed for password expiration + * + * agecheck sees how many days until the user's password is going + * to expire and warns the user of the pending password expiration. + */ + +void agecheck (/*@null@*/const struct spwd *sp) +{ + long now = time(NULL) / DAY; + long remain; + + if (NULL == sp) { + return; + } + + /* + * The last, max, and warn fields must be supported or the + * warning period cannot be calculated. + */ + + if ( (-1 == sp->sp_lstchg) + || (-1 == sp->sp_max) + || (-1 == sp->sp_warn)) { + return; + } + + if (0 == sp->sp_lstchg) { + (void) puts (_("You must change your password.")); + return; + } + + remain = addsl(sp->sp_lstchg, sp->sp_max, -now); + + if (remain <= sp->sp_warn) { + if (remain > 1) { + (void) printf (_("Your password will expire in %ld days.\n"), + remain); + } else if (1 == remain) { + (void) puts (_("Your password will expire tomorrow.")); + } else if (remain == 0) { + (void) puts (_("Your password will expire today.")); + } + } +} + diff --git a/lib/agetpass.c b/lib/agetpass.c new file mode 100644 index 0000000..5d9f928 --- /dev/null +++ b/lib/agetpass.c @@ -0,0 +1,145 @@ +/* + * SPDX-FileCopyrightText: 2022, Alejandro Colomar <alx@kernel.org> + * + * SPDX-License-Identifier: BSD-3-Clause + */ + + +#include <config.h> + +#include "agetpass.h" + +#include <limits.h> +#include <readpassphrase.h> +#include <stdlib.h> +#include <string.h> + +#ident "$Id$" + +#include "alloc.h" + +#if WITH_LIBBSD == 0 +#include "freezero.h" +#endif /* WITH_LIBBSD */ + + +/* + * SYNOPSIS + * [[gnu::malloc(erase_pass)]] + * char *agetpass(const char *prompt); + * char *agetpass_stdin(); + * + * void erase_pass(char *pass); + * + * ARGUMENTS + * agetpass() + * prompt String to be printed before reading a password. + * + * erase_pass() + * pass password previously returned by agetpass(). + * + * DESCRIPTION + * agetpass() + * This function is very similar to getpass(3). It has several + * advantages compared to getpass(3): + * + * - Instead of using a static buffer, agetpass() allocates memory + * through malloc(3). This makes the function thread-safe, and + * also reduces the visibility of the buffer. + * + * - agetpass() doesn't reallocate internally. Some + * implementations of getpass(3), such as glibc, do that, as a + * consequence of calling getline(3). That's a bug in glibc, + * which allows leaking prefixes of passwords in freed memory. + * + * - agetpass() doesn't overrun the output buffer. If the input + * password is too long, it simply fails. Some implementations + * of getpass(3), share the same bug that gets(3) has. + * + * As soon as possible, the password obtained from agetpass() be + * erased by calling erase_pass(), to avoid possibly leaking the + * password. + * + * agetpass_stdin() + * This function is the same as previous one (agetpass). Just the + * password is read from stdin and terminal is not required. + * + * erase_pass() + * This function first clears the password, by calling + * explicit_bzero(3) (or an equivalent call), and then frees the + * allocated memory by calling free(3). + * + * NULL is a valid input pointer, and in such a case, this call is + * a no-op. + * + * RETURN VALUE + * agetpass() returns a newly allocated buffer containing the + * password on success. On error, errno is set to indicate the + * error, and NULL is returned. + * + * ERRORS + * agetpass() + * This function may fail for any errors that malloc(3) or + * readpassphrase(3) may fail, and in addition it may fail for the + * following errors: + * + * ENOBUFS + * The input password was longer than PASS_MAX. + * + * CAVEATS + * If a password is passed twice to erase_pass(), the behavior is + * undefined. + */ + + +static char * +agetpass_internal(const char *prompt, int flags) +{ + char *pass; + size_t len; + + /* + * Since we want to support passwords upto PASS_MAX, we need + * PASS_MAX bytes for the password itself, and one more byte for + * the terminating '\0'. We also want to detect truncation, and + * readpassphrase(3) doesn't detect it, so we need some trick. + * Let's add one more byte, and if the password uses it, it + * means the introduced password was longer than PASS_MAX. + */ + pass = MALLOC(PASS_MAX + 2, char); + if (pass == NULL) + return NULL; + + if (readpassphrase(prompt, pass, PASS_MAX + 2, flags) == NULL) + goto fail; + + len = strlen(pass); + if (len == PASS_MAX + 1) { + errno = ENOBUFS; + goto fail; + } + + return pass; + +fail: + freezero(pass, PASS_MAX + 2); + return NULL; +} + +char * +agetpass(const char *prompt) +{ + return agetpass_internal(prompt, RPP_REQUIRE_TTY); +} + +char * +agetpass_stdin() +{ + return agetpass_internal(NULL, RPP_STDIN); +} + +void +erase_pass(char *pass) +{ + freezero(pass, PASS_MAX + 2); +} diff --git a/lib/agetpass.h b/lib/agetpass.h new file mode 100644 index 0000000..4a4444e --- /dev/null +++ b/lib/agetpass.h @@ -0,0 +1,23 @@ +/* + * SPDX-FileCopyrightText: 2022-2023, Alejandro Colomar <alx@kernel.org> + * SPDX-License-Identifier: BSD-3-Clause + */ + + +#ifndef SHADOW_INCLUDE_LIB_AGETPASS_H_ +#define SHADOW_INCLUDE_LIB_AGETPASS_H_ + + +#include <config.h> + +#include "attr.h" +#include "defines.h" + + +void erase_pass(char *pass); +ATTR_MALLOC(erase_pass) +char *agetpass(const char *prompt); +char *agetpass_stdin(); + + +#endif // include guard diff --git a/lib/alloc.c b/lib/alloc.c new file mode 100644 index 0000000..962f45a --- /dev/null +++ b/lib/alloc.c @@ -0,0 +1,73 @@ +/* + * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2006, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2008 , Nicolas François + * SPDX-FileCopyrightText: 2023 , Alejandro Colomar <alx@kernel.org> + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/* Replacements for malloc and strdup with error checking. Too trivial + to be worth copyrighting :-). I did that because a lot of code used + malloc and strdup without checking for NULL pointer, and I like some + message better than a core dump... --marekm + + Yeh, but. Remember that bailing out might leave the system in some + bizarre state. You really want to put in error checking, then add + some back-out failure recovery code. -- jfh */ + +#include <config.h> + +#ident "$Id$" + +#include "alloc.h" + +#include <errno.h> +#include <stddef.h> +#include <stdio.h> + +#include "defines.h" +#include "prototypes.h" +#include "shadowlog.h" + + +extern inline void *xmalloc(size_t size); +extern inline void *xmallocarray(size_t nmemb, size_t size); +extern inline void *mallocarray(size_t nmemb, size_t size); +extern inline void *reallocarrayf(void *p, size_t nmemb, size_t size); +extern inline char *xstrdup(const char *str); + + +void * +xcalloc(size_t nmemb, size_t size) +{ + void *p; + + p = calloc(nmemb, size); + if (p == NULL) + goto x; + + return p; + +x: + fprintf(log_get_logfd(), _("%s: %s\n"), + log_get_progname(), strerror(errno)); + exit(13); +} + + +void * +xreallocarray(void *p, size_t nmemb, size_t size) +{ + p = reallocarrayf(p, nmemb, size); + if (p == NULL) + goto x; + + return p; + +x: + fprintf(log_get_logfd(), _("%s: %s\n"), + log_get_progname(), strerror(errno)); + exit(13); +} diff --git a/lib/alloc.h b/lib/alloc.h new file mode 100644 index 0000000..39405a5 --- /dev/null +++ b/lib/alloc.h @@ -0,0 +1,101 @@ +// SPDX-FileCopyrightText: 2023-2024, Alejandro Colomar <alx@kernel.org> +// SPDX-License-Identifier: BSD-3-Clause + + +#ifndef SHADOW_INCLUDE_LIB_MALLOC_H_ +#define SHADOW_INCLUDE_LIB_MALLOC_H_ + + +#include <config.h> + +#include <assert.h> +#include <errno.h> +#include <stddef.h> +#include <stdint.h> +#include <stdlib.h> + +#include "attr.h" +#include "defines.h" + + +#define CALLOC(n, type) ((type *) calloc(n, sizeof(type))) +#define XCALLOC(n, type) ((type *) xcalloc(n, sizeof(type))) +#define MALLOC(n, type) ((type *) mallocarray(n, sizeof(type))) +#define XMALLOC(n, type) ((type *) xmallocarray(n, sizeof(type))) + +#define REALLOC(ptr, n, type) \ +( \ + _Generic(ptr, type *: (type *) reallocarray(ptr, n, sizeof(type))) \ +) + +#define REALLOCF(ptr, n, type) \ +( \ + _Generic(ptr, type *: (type *) reallocarrayf(ptr, n, sizeof(type))) \ +) + +#define XREALLOC(ptr, n, type) \ +( \ + _Generic(ptr, type *: (type *) xreallocarray(ptr, n, sizeof(type))) \ +) + + +ATTR_MALLOC(free) +inline void *xmalloc(size_t size); +ATTR_MALLOC(free) +inline void *xmallocarray(size_t nmemb, size_t size); +ATTR_MALLOC(free) +inline void *mallocarray(size_t nmemb, size_t size); +ATTR_MALLOC(free) +inline void *reallocarrayf(void *p, size_t nmemb, size_t size); +ATTR_MALLOC(free) +inline char *xstrdup(const char *str); + +ATTR_MALLOC(free) +void *xcalloc(size_t nmemb, size_t size); +ATTR_MALLOC(free) +void *xreallocarray(void *p, size_t nmemb, size_t size); + + +inline void * +xmalloc(size_t size) +{ + return xmallocarray(1, size); +} + + +inline void * +xmallocarray(size_t nmemb, size_t size) +{ + return xreallocarray(NULL, nmemb, size); +} + + +inline void * +mallocarray(size_t nmemb, size_t size) +{ + return reallocarray(NULL, nmemb, size); +} + + +inline void * +reallocarrayf(void *p, size_t nmemb, size_t size) +{ + void *q; + + q = reallocarray(p, nmemb, size); + + /* realloc(p, 0) is equivalent to free(p); avoid double free. */ + if (q == NULL && nmemb != 0 && size != 0) + free(p); + return q; +} + + +inline char * +xstrdup(const char *str) +{ + return strcpy(XMALLOC(strlen(str) + 1, char), str); +} + + +#endif // include guard diff --git a/lib/atoi/a2i.c b/lib/atoi/a2i.c new file mode 100644 index 0000000..a2cf872 --- /dev/null +++ b/lib/atoi/a2i.c @@ -0,0 +1,46 @@ +// SPDX-FileCopyrightText: 2023-2024, Alejandro Colomar <alx@kernel.org> +// SPDX-License-Identifier: BSD-3-Clause + + +#include <config.h> + +#include "atoi/a2i.h" + + +extern inline int a2sh_c(short *restrict n, const char *s, + const char **restrict endp, int base, short min, short max); +extern inline int a2si_c(int *restrict n, const char *s, + const char **restrict endp, int base, int min, int max); +extern inline int a2sl_c(long *restrict n, const char *s, + const char **restrict endp, int base, long min, long max); +extern inline int a2sll_c(long long *restrict n, const char *s, + const char **restrict endp, int base, long long min, long long max); +extern inline int a2uh_c(unsigned short *restrict n, const char *s, + const char **restrict endp, int base, unsigned short min, + unsigned short max); +extern inline int a2ui_c(unsigned int *restrict n, const char *s, + const char **restrict endp, int base, unsigned int min, unsigned int max); +extern inline int a2ul_c(unsigned long *restrict n, const char *s, + const char **restrict endp, int base, unsigned long min, unsigned long max); +extern inline int a2ull_c(unsigned long long *restrict n, const char *s, + const char **restrict endp, int base, unsigned long long min, + unsigned long long max); + + +extern inline int a2sh_nc(short *restrict n, char *s, + char **restrict endp, int base, short min, short max); +extern inline int a2si_nc(int *restrict n, char *s, + char **restrict endp, int base, int min, int max); +extern inline int a2sl_nc(long *restrict n, char *s, + char **restrict endp, int base, long min, long max); +extern inline int a2sll_nc(long long *restrict n, char *s, + char **restrict endp, int base, long long min, long long max); +extern inline int a2uh_nc(unsigned short *restrict n, char *s, + char **restrict endp, int base, unsigned short min, unsigned short max); +extern inline int a2ui_nc(unsigned int *restrict n, char *s, + char **restrict endp, int base, unsigned int min, unsigned int max); +extern inline int a2ul_nc(unsigned long *restrict n, char *s, + char **restrict endp, int base, unsigned long min, unsigned long max); +extern inline int a2ull_nc(unsigned long long *restrict n, char *s, + char **restrict endp, int base, unsigned long long min, + unsigned long long max); diff --git a/lib/atoi/a2i.h b/lib/atoi/a2i.h new file mode 100644 index 0000000..64f775a --- /dev/null +++ b/lib/atoi/a2i.h @@ -0,0 +1,386 @@ +// SPDX-FileCopyrightText: 2023-2024, Alejandro Colomar <alx@kernel.org> +// SPDX-License-Identifier: BSD-3-Clause + + +#ifndef SHADOW_INCLUDE_LIB_ATOI_A2I_H_ +#define SHADOW_INCLUDE_LIB_ATOI_A2I_H_ + + +#include <config.h> + +#include <errno.h> + +#include "atoi/strtoi.h" +#include "atoi/strtou_noneg.h" +#include "attr.h" + + +/* + * See the manual of these macros in liba2i's documentation: + * <http://www.alejandro-colomar.es/share/dist/liba2i/git/HEAD/liba2i-HEAD.pdf> + */ + + +#define a2i(TYPE, n, s, ...) \ +( \ + _Generic((void (*)(TYPE, typeof(s))) 0, \ + void (*)(short, const char *): a2sh_c, \ + void (*)(short, const void *): a2sh_c, \ + void (*)(short, char *): a2sh_nc, \ + void (*)(short, void *): a2sh_nc, \ + void (*)(int, const char *): a2si_c, \ + void (*)(int, const void *): a2si_c, \ + void (*)(int, char *): a2si_nc, \ + void (*)(int, void *): a2si_nc, \ + void (*)(long, const char *): a2sl_c, \ + void (*)(long, const void *): a2sl_c, \ + void (*)(long, char *): a2sl_nc, \ + void (*)(long, void *): a2sl_nc, \ + void (*)(long long, const char *): a2sll_c, \ + void (*)(long long, const void *): a2sll_c, \ + void (*)(long long, char *): a2sll_nc, \ + void (*)(long long, void *): a2sll_nc, \ + void (*)(unsigned short, const char *): a2uh_c, \ + void (*)(unsigned short, const void *): a2uh_c, \ + void (*)(unsigned short, char *): a2uh_nc, \ + void (*)(unsigned short, void *): a2uh_nc, \ + void (*)(unsigned int, const char *): a2ui_c, \ + void (*)(unsigned int, const void *): a2ui_c, \ + void (*)(unsigned int, char *): a2ui_nc, \ + void (*)(unsigned int, void *): a2ui_nc, \ + void (*)(unsigned long, const char *): a2ul_c, \ + void (*)(unsigned long, const void *): a2ul_c, \ + void (*)(unsigned long, char *): a2ul_nc, \ + void (*)(unsigned long, void *): a2ul_nc, \ + void (*)(unsigned long long, const char *): a2ull_c, \ + void (*)(unsigned long long, const void *): a2ull_c, \ + void (*)(unsigned long long, char *): a2ull_nc, \ + void (*)(unsigned long long, void *): a2ull_nc \ + )(n, s, __VA_ARGS__) \ +) + + +#define a2sh(n, s, ...) \ +( \ + _Generic(s, \ + const char *: a2sh_c, \ + const void *: a2sh_c, \ + char *: a2sh_nc, \ + void *: a2sh_nc \ + )(n, s, __VA_ARGS__) \ +) + +#define a2si(n, s, ...) \ +( \ + _Generic(s, \ + const char *: a2si_c, \ + const void *: a2si_c, \ + char *: a2si_nc, \ + void *: a2si_nc \ + )(n, s, __VA_ARGS__) \ +) + +#define a2sl(n, s, ...) \ +( \ + _Generic(s, \ + const char *: a2sl_c, \ + const void *: a2sl_c, \ + char *: a2sl_nc, \ + void *: a2sl_nc \ + )(n, s, __VA_ARGS__) \ +) + +#define a2sll(n, s, ...) \ +( \ + _Generic(s, \ + const char *: a2sll_c, \ + const void *: a2sll_c, \ + char *: a2sll_nc, \ + void *: a2sll_nc \ + )(n, s, __VA_ARGS__) \ +) + +#define a2uh(n, s, ...) \ +( \ + _Generic(s, \ + const char *: a2uh_c, \ + const void *: a2uh_c, \ + char *: a2uh_nc, \ + void *: a2uh_nc \ + )(n, s, __VA_ARGS__) \ +) + +#define a2ui(n, s, ...) \ +( \ + _Generic(s, \ + const char *: a2ui_c, \ + const void *: a2ui_c, \ + char *: a2ui_nc, \ + void *: a2ui_nc \ + )(n, s, __VA_ARGS__) \ +) + +#define a2ul(n, s, ...) \ +( \ + _Generic(s, \ + const char *: a2ul_c, \ + const void *: a2ul_c, \ + char *: a2ul_nc, \ + void *: a2ul_nc \ + )(n, s, __VA_ARGS__) \ +) + +#define a2ull(n, s, ...) \ +( \ + _Generic(s, \ + const char *: a2ull_c, \ + const void *: a2ull_c, \ + char *: a2ull_nc, \ + void *: a2ull_nc \ + )(n, s, __VA_ARGS__) \ +) + + +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3) +inline int a2sh_c(short *restrict n, const char *s, + const char **restrict endp, int base, short min, short max); +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3) +inline int a2si_c(int *restrict n, const char *s, + const char **restrict endp, int base, int min, int max); +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3) +inline int a2sl_c(long *restrict n, const char *s, + const char **restrict endp, int base, long min, long max); +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3) +inline int a2sll_c(long long *restrict n, const char *s, + const char **restrict endp, int base, long long min, long long max); +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3) +inline int a2uh_c(unsigned short *restrict n, const char *s, + const char **restrict endp, int base, unsigned short min, + unsigned short max); +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3) +inline int a2ui_c(unsigned int *restrict n, const char *s, + const char **restrict endp, int base, unsigned int min, unsigned int max); +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3) +inline int a2ul_c(unsigned long *restrict n, const char *s, + const char **restrict endp, int base, unsigned long min, unsigned long max); +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3) +inline int a2ull_c(unsigned long long *restrict n, const char *s, + const char **restrict endp, int base, unsigned long long min, + unsigned long long max); + +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3) +inline int a2sh_nc(short *restrict n, char *s, + char **restrict endp, int base, short min, short max); +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3) +inline int a2si_nc(int *restrict n, char *s, + char **restrict endp, int base, int min, int max); +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3) +inline int a2sl_nc(long *restrict n, char *s, + char **restrict endp, int base, long min, long max); +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3) +inline int a2sll_nc(long long *restrict n, char *s, + char **restrict endp, int base, long long min, long long max); +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3) +inline int a2uh_nc(unsigned short *restrict n, char *s, + char **restrict endp, int base, unsigned short min, unsigned short max); +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3) +inline int a2ui_nc(unsigned int *restrict n, char *s, + char **restrict endp, int base, unsigned int min, unsigned int max); +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3) +inline int a2ul_nc(unsigned long *restrict n, char *s, + char **restrict endp, int base, unsigned long min, unsigned long max); +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3) +inline int a2ull_nc(unsigned long long *restrict n, char *s, + char **restrict endp, int base, unsigned long long min, + unsigned long long max); + + +inline int +a2sh_c(short *restrict n, const char *s, + const char **restrict endp, int base, short min, short max) +{ + return a2sh(n, (char *) s, (char **) endp, base, min, max); +} + + +inline int +a2si_c(int *restrict n, const char *s, + const char **restrict endp, int base, int min, int max) +{ + return a2si(n, (char *) s, (char **) endp, base, min, max); +} + + +inline int +a2sl_c(long *restrict n, const char *s, + const char **restrict endp, int base, long min, long max) +{ + return a2sl(n, (char *) s, (char **) endp, base, min, max); +} + + +inline int +a2sll_c(long long *restrict n, const char *s, + const char **restrict endp, int base, long long min, long long max) +{ + return a2sll(n, (char *) s, (char **) endp, base, min, max); +} + + +inline int +a2uh_c(unsigned short *restrict n, const char *s, + const char **restrict endp, int base, unsigned short min, + unsigned short max) +{ + return a2uh(n, (char *) s, (char **) endp, base, min, max); +} + + +inline int +a2ui_c(unsigned int *restrict n, const char *s, + const char **restrict endp, int base, unsigned int min, unsigned int max) +{ + return a2ui(n, (char *) s, (char **) endp, base, min, max); +} + + +inline int +a2ul_c(unsigned long *restrict n, const char *s, + const char **restrict endp, int base, unsigned long min, unsigned long max) +{ + return a2ul(n, (char *) s, (char **) endp, base, min, max); +} + + +inline int +a2ull_c(unsigned long long *restrict n, const char *s, + const char **restrict endp, int base, unsigned long long min, + unsigned long long max) +{ + return a2ull(n, (char *) s, (char **) endp, base, min, max); +} + + +inline int +a2sh_nc(short *restrict n, char *s, + char **restrict endp, int base, short min, short max) +{ + int status; + + *n = strtoi_(s, endp, base, min, max, &status); + if (status != 0) { + errno = status; + return -1; + } + return 0; +} + + +inline int +a2si_nc(int *restrict n, char *s, + char **restrict endp, int base, int min, int max) +{ + int status; + + *n = strtoi_(s, endp, base, min, max, &status); + if (status != 0) { + errno = status; + return -1; + } + return 0; +} + + +inline int +a2sl_nc(long *restrict n, char *s, + char **restrict endp, int base, long min, long max) +{ + int status; + + *n = strtoi_(s, endp, base, min, max, &status); + if (status != 0) { + errno = status; + return -1; + } + return 0; +} + + +inline int +a2sll_nc(long long *restrict n, char *s, + char **restrict endp, int base, long long min, long long max) +{ + int status; + + *n = strtoi_(s, endp, base, min, max, &status); + if (status != 0) { + errno = status; + return -1; + } + return 0; +} + + +inline int +a2uh_nc(unsigned short *restrict n, char *s, + char **restrict endp, int base, unsigned short min, + unsigned short max) +{ + int status; + + *n = strtou_noneg(s, endp, base, min, max, &status); + if (status != 0) { + errno = status; + return -1; + } + return 0; +} + + +inline int +a2ui_nc(unsigned int *restrict n, char *s, + char **restrict endp, int base, unsigned int min, unsigned int max) +{ + int status; + + *n = strtou_noneg(s, endp, base, min, max, &status); + if (status != 0) { + errno = status; + return -1; + } + return 0; +} + + +inline int +a2ul_nc(unsigned long *restrict n, char *s, + char **restrict endp, int base, unsigned long min, unsigned long max) +{ + int status; + + *n = strtou_noneg(s, endp, base, min, max, &status); + if (status != 0) { + errno = status; + return -1; + } + return 0; +} + + +inline int +a2ull_nc(unsigned long long *restrict n, char *s, + char **restrict endp, int base, unsigned long long min, + unsigned long long max) +{ + int status; + + *n = strtou_noneg(s, endp, base, min, max, &status); + if (status != 0) { + errno = status; + return -1; + } + return 0; +} + + +#endif // include guard diff --git a/lib/atoi/str2i.c b/lib/atoi/str2i.c new file mode 100644 index 0000000..25ce360 --- /dev/null +++ b/lib/atoi/str2i.c @@ -0,0 +1,18 @@ +// SPDX-FileCopyrightText: 2007-2009, Nicolas François +// SPDX-FileCopyrightText: 2023-2024, Alejandro Colomar <alx@kernel.org> +// SPDX-License-Identifier: BSD-3-Clause + + +#include <config.h> + +#include "atoi/str2i.h" + + +extern inline int str2sh(short *restrict n, const char *restrict s); +extern inline int str2si(int *restrict n, const char *restrict s); +extern inline int str2sl(long *restrict n, const char *restrict s); +extern inline int str2sll(long long *restrict n, const char *restrict s); +extern inline int str2uh(unsigned short *restrict n, const char *restrict s); +extern inline int str2ui(unsigned int *restrict n, const char *restrict s); +extern inline int str2ul(unsigned long *restrict n, const char *restrict s); +extern inline int str2ull(unsigned long long *restrict n, const char *restrict s); diff --git a/lib/atoi/str2i.h b/lib/atoi/str2i.h new file mode 100644 index 0000000..b3ded03 --- /dev/null +++ b/lib/atoi/str2i.h @@ -0,0 +1,108 @@ +// SPDX-FileCopyrightText: 2007-2009, Nicolas François +// SPDX-FileCopyrightText: 2023-2024, Alejandro Colomar <alx@kernel.org> +// SPDX-License-Identifier: BSD-3-Clause + + +#ifndef SHADOW_INCLUDE_LIB_ATOI_STR2I_H_ +#define SHADOW_INCLUDE_LIB_ATOI_STR2I_H_ + + +#include <config.h> + +#include <limits.h> +#include <stddef.h> + +#include "atoi/a2i.h" +#include "attr.h" + + +#define str2i(TYPE, ...) \ +( \ + _Generic((TYPE) 0, \ + short: str2sh, \ + int: str2si, \ + long: str2sl, \ + long long: str2sll, \ + unsigned short: str2uh, \ + unsigned int: str2ui, \ + unsigned long: str2ul, \ + unsigned long long: str2ull \ + )(__VA_ARGS__) \ +) + + +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) +inline int str2sh(short *restrict n, const char *restrict s); +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) +inline int str2si(int *restrict n, const char *restrict s); +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) +inline int str2sl(long *restrict n, const char *restrict s); +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) +inline int str2sll(long long *restrict n, const char *restrict s); +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) +inline int str2uh(unsigned short *restrict n, const char *restrict s); +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) +inline int str2ui(unsigned int *restrict n, const char *restrict s); +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) +inline int str2ul(unsigned long *restrict n, const char *restrict s); +ATTR_STRING(2) ATTR_ACCESS(write_only, 1) +inline int str2ull(unsigned long long *restrict n, const char *restrict s); + + +inline int +str2sh(short *restrict n, const char *restrict s) +{ + return a2sh(n, s, NULL, 0, SHRT_MIN, SHRT_MAX); +} + + +inline int +str2si(int *restrict n, const char *restrict s) +{ + return a2si(n, s, NULL, 0, INT_MIN, INT_MAX); +} + + +inline int +str2sl(long *restrict n, const char *restrict s) +{ + return a2sl(n, s, NULL, 0, LONG_MIN, LONG_MAX); +} + + +inline int +str2sll(long long *restrict n, const char *restrict s) +{ + return a2sll(n, s, NULL, 0, LLONG_MIN, LLONG_MAX); +} + + +inline int +str2uh(unsigned short *restrict n, const char *restrict s) +{ + return a2uh(n, s, NULL, 0, 0, USHRT_MAX); +} + + +inline int +str2ui(unsigned int *restrict n, const char *restrict s) +{ + return a2ui(n, s, NULL, 0, 0, UINT_MAX); +} + + +inline int +str2ul(unsigned long *restrict n, const char *restrict s) +{ + return a2ul(n, s, NULL, 0, 0, ULONG_MAX); +} + + +inline int +str2ull(unsigned long long *restrict n, const char *restrict s) +{ + return a2ull(n, s, NULL, 0, 0, ULLONG_MAX); +} + + +#endif // include guard diff --git a/lib/atoi/strtoi.c b/lib/atoi/strtoi.c new file mode 100644 index 0000000..197707b --- /dev/null +++ b/lib/atoi/strtoi.c @@ -0,0 +1,15 @@ +// SPDX-FileCopyrightText: 2023, Alejandro Colomar <alx@kernel.org> +// SPDX-License-Identifier: BSD-3-Clause + + +#include <config.h> + +#include "atoi/strtoi.h" + +#include <stdint.h> + + +extern inline intmax_t strtoi_(const char *s, char **restrict endp, int base, + intmax_t min, intmax_t max, int *restrict status); +extern inline uintmax_t strtou_(const char *s, char **restrict endp, int base, + uintmax_t min, uintmax_t max, int *restrict status); diff --git a/lib/atoi/strtoi.h b/lib/atoi/strtoi.h new file mode 100644 index 0000000..1f061fc --- /dev/null +++ b/lib/atoi/strtoi.h @@ -0,0 +1,96 @@ +// SPDX-FileCopyrightText: 2023, Alejandro Colomar <alx@kernel.org> +// SPDX-License-Identifier: BSD-3-Clause + + +#ifndef SHADOW_INCLUDE_LIB_ATOI_STRTOI_H_ +#define SHADOW_INCLUDE_LIB_ATOI_STRTOI_H_ + + +#include <config.h> + +#include <errno.h> +#include <inttypes.h> +#include <stddef.h> +#include <stdint.h> +#include <stdlib.h> +#include <sys/param.h> + +#include "attr.h" + + +#define strtoNmax(TYPE, ...) \ +( \ + _Generic((TYPE) 0, \ + intmax_t: strtoimax, \ + uintmax_t: strtoumax \ + )(__VA_ARGS__) \ +) + + +#define strtoN(s, endp, base, min, max, status, TYPE) \ +({ \ + const char *s_ = s; \ + char **endp_ = endp; \ + int base_ = base; \ + TYPE min_ = min; \ + TYPE max_ = max; \ + int *status_ = status; \ + \ + int e_, st_; \ + char *end_; \ + TYPE n_; \ + \ + if (endp_ == NULL) \ + endp_ = &end_; \ + if (status_ == NULL) \ + status_ = &st_; \ + \ + if (base_ != 0 && (base_ < 0 || base_ > 36)) { \ + *status_ = EINVAL; \ + n_ = 0; \ + \ + } else { \ + e_ = errno; \ + errno = 0; \ + n_ = strtoNmax(TYPE, s_, endp_, base_); \ + \ + if (*endp_ == s_) \ + *status_ = ECANCELED; \ + else if (errno == ERANGE || n_ < min_ || n_ > max_) \ + *status_ = ERANGE; \ + else if (**endp_ != '\0') \ + *status_ = ENOTSUP; \ + else \ + *status_ = 0; \ + \ + errno = e_; \ + } \ + MAX(min_, MIN(max_, n_)); \ +}) + + +ATTR_STRING(1) ATTR_ACCESS(write_only, 2) ATTR_ACCESS(write_only, 6) +inline intmax_t strtoi_(const char *s, char **restrict endp, int base, + intmax_t min, intmax_t max, int *restrict status); +ATTR_STRING(1) ATTR_ACCESS(write_only, 2) ATTR_ACCESS(write_only, 6) +inline uintmax_t strtou_(const char *s, char **restrict endp, int base, + uintmax_t min, uintmax_t max, int *restrict status); + + +inline intmax_t +strtoi_(const char *s, char **restrict endp, int base, + intmax_t min, intmax_t max, int *restrict status) +{ + return strtoN(s, endp, base, min, max, status, intmax_t); +} + + +inline uintmax_t +strtou_(const char *s, char **restrict endp, int base, + uintmax_t min, uintmax_t max, int *restrict status) +{ + return strtoN(s, endp, base, min, max, status, uintmax_t); +} + + +#endif // include guard diff --git a/lib/atoi/strtou_noneg.c b/lib/atoi/strtou_noneg.c new file mode 100644 index 0000000..71cacbd --- /dev/null +++ b/lib/atoi/strtou_noneg.c @@ -0,0 +1,13 @@ +// SPDX-FileCopyrightText: 2023, Alejandro Colomar <alx@kernel.org> +// SPDX-License-Identifier: BSD-3-Clause + + +#include <config.h> + +#include "atoi/strtou_noneg.h" + +#include <stdint.h> + + +extern inline uintmax_t strtou_noneg(const char *s, char **restrict endp, + int base, uintmax_t min, uintmax_t max, int *restrict status); diff --git a/lib/atoi/strtou_noneg.h b/lib/atoi/strtou_noneg.h new file mode 100644 index 0000000..6d77adf --- /dev/null +++ b/lib/atoi/strtou_noneg.h @@ -0,0 +1,39 @@ +// SPDX-FileCopyrightText: 2023, Alejandro Colomar <alx@kernel.org> +// SPDX-License-Identifier: BSD-3-Clause + + +#ifndef SHADOW_INCLUDE_LIB_ATOI_STRTOU_NONEG_H_ +#define SHADOW_INCLUDE_LIB_ATOI_STRTOU_NONEG_H_ + + +#include <config.h> + +#include <errno.h> +#include <stddef.h> +#include <stdint.h> + +#include "atoi/strtoi.h" +#include "attr.h" + + +ATTR_STRING(1) ATTR_ACCESS(write_only, 2) ATTR_ACCESS(write_only, 6) +inline uintmax_t strtou_noneg(const char *s, char **restrict endp, + int base, uintmax_t min, uintmax_t max, int *restrict status); + + +inline uintmax_t +strtou_noneg(const char *s, char **restrict endp, int base, + uintmax_t min, uintmax_t max, int *restrict status) +{ + int st; + + if (status == NULL) + status = &st; + if (strtoi_(s, endp, base, 0, 1, status) == 0 && *status == ERANGE) + return min; + + return strtou_(s, endp, base, min, max, status); +} + + +#endif // include guard diff --git a/lib/attr.h b/lib/attr.h new file mode 100644 index 0000000..3835848 --- /dev/null +++ b/lib/attr.h @@ -0,0 +1,33 @@ +#ifndef SHADOW_INCLUDE_LIB_ATTR_H_ +#define SHADOW_INCLUDE_LIB_ATTR_H_ + + +#include "config.h" + + +#if defined(__GNUC__) +# define MAYBE_UNUSED __attribute__((unused)) +# define NORETURN __attribute__((__noreturn__)) +# define format_attr(type, fmt, va) __attribute__((format(type, fmt, va))) +# define ATTR_ACCESS(...) __attribute__((access(__VA_ARGS__))) +#else +# define MAYBE_UNUSED +# define NORETURN +# define format_attr(type, fmt, va) +# define ATTR_ACCESS(...) +#endif + +#if (__GNUC__ >= 11) && !defined(__clang__) +# define ATTR_MALLOC(deallocator) [[gnu::malloc(deallocator)]] +#else +# define ATTR_MALLOC(deallocator) +#endif + +#if (__GNUC__ >= 14) +# define ATTR_STRING(...) [[gnu::null_terminated_string_arg(__VA_ARGS__)]] +#else +# define ATTR_STRING(...) +#endif + + +#endif // include guard diff --git a/lib/audit_help.c b/lib/audit_help.c new file mode 100644 index 0000000..54109f0 --- /dev/null +++ b/lib/audit_help.c @@ -0,0 +1,89 @@ +/* + * SPDX-FileCopyrightText: 2005 , Red Hat, Inc. + * SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko + * SPDX-FileCopyrightText: 2008 , Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/* + * Audit helper functions used throughout shadow + * + */ + +#include <config.h> + +#ifdef WITH_AUDIT + +#include <stdlib.h> +#include <syslog.h> +#include <stdarg.h> +#include <libaudit.h> +#include <errno.h> +#include <stdio.h> + +#include "attr.h" +#include "prototypes.h" +#include "shadowlog.h" +int audit_fd; + +void audit_help_open (void) +{ + audit_fd = audit_open (); + if (audit_fd < 0) { + /* You get these only when the kernel doesn't have + * audit compiled in. */ + if ( (errno == EINVAL) + || (errno == EPROTONOSUPPORT) + || (errno == EAFNOSUPPORT)) { + return; + } + (void) fputs (_("Cannot open audit interface - aborting.\n"), + log_get_logfd()); + exit (EXIT_FAILURE); + } +} + +/* + * This function will log a message to the audit system using a predefined + * message format. Parameter usage is as follows: + * + * type - type of message: AUDIT_USER_CHAUTHTOK for changing any account + * attributes. + * pgname - program's name + * op - operation. "adding user", "changing finger info", "deleting group" + * name - user's account or group name. If not available use NULL. + * id - uid or gid that the operation is being performed on. This is used + * only when user is NULL. + */ +void audit_logger (int type, MAYBE_UNUSED const char *pgname, const char *op, + const char *name, unsigned int id, + shadow_audit_result result) +{ + if (audit_fd < 0) { + return; + } else { + audit_log_acct_message (audit_fd, type, NULL, op, name, id, + NULL, NULL, NULL, result); + } +} + +void audit_logger_message (const char *message, shadow_audit_result result) +{ + if (audit_fd < 0) { + return; + } else { + audit_log_user_message (audit_fd, + AUDIT_USYS_CONFIG, + message, + NULL, /* hostname */ + NULL, /* addr */ + NULL, /* tty */ + result); + } +} + +#else /* WITH_AUDIT */ +extern int ISO_C_forbids_an_empty_translation_unit; +#endif /* WITH_AUDIT */ + diff --git a/lib/basename.c b/lib/basename.c new file mode 100644 index 0000000..95a2f85 --- /dev/null +++ b/lib/basename.c @@ -0,0 +1,31 @@ +/* + * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1997, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/* + * basename.c - not worth copyrighting :-). Some versions of Linux libc + * already have basename(), other versions don't. To avoid confusion, + * we will not use the function from libc and use a different name here. + * --marekm + */ + +#include <config.h> + +#ident "$Id$" + +#include "defines.h" +#include "prototypes.h" +/*@observer@*/const char *Basename (const char *str) +{ + if (str == NULL) { + abort (); + } + + char *cp = strrchr (str, '/'); + + return (NULL != cp) ? cp + 1 : str; +} diff --git a/lib/bit.c b/lib/bit.c new file mode 100644 index 0000000..1ffc6dc --- /dev/null +++ b/lib/bit.c @@ -0,0 +1,19 @@ +/* + * SPDX-FileCopyrightText: 2022 - 2023, Alejandro Colomar <alx@kernel.org> + * + * SPDX-License-Identifier: BSD-3-Clause + */ + + +#include <config.h> + +#ident "$Id$" + +#include "bit.h" + +#include <limits.h> + + +extern inline unsigned long bit_ceilul(unsigned long x); +extern inline unsigned long bit_ceil_wrapul(unsigned long x); +extern inline int leading_zerosul(unsigned long x); diff --git a/lib/bit.h b/lib/bit.h new file mode 100644 index 0000000..7f09eb4 --- /dev/null +++ b/lib/bit.h @@ -0,0 +1,53 @@ +/* + * SPDX-FileCopyrightText: 2022 - 2023, Alejandro Colomar <alx@kernel.org> + * + * SPDX-License-Identifier: BSD-3-Clause + */ + + +#ifndef SHADOW_INCLUDE_LIB_BIT_H_ +#define SHADOW_INCLUDE_LIB_BIT_H_ + + +#include <config.h> + +#include <limits.h> + + +#ifndef ULONG_WIDTH +#define ULONG_WIDTH (sizeof(unsigned long) * CHAR_BIT) +#endif + + +inline unsigned long bit_ceilul(unsigned long x); +inline unsigned long bit_ceil_wrapul(unsigned long x); +inline int leading_zerosul(unsigned long x); + + +/* stdc_bit_ceilul(3) */ +inline unsigned long +bit_ceilul(unsigned long x) +{ + return 1 + (ULONG_MAX >> leading_zerosul(x)); +} + + +/* stdc_bit_ceilul(3), but wrap instead of having Undefined Behavior */ +inline unsigned long +bit_ceil_wrapul(unsigned long x) +{ + if (x == 0) + return 0; + + return bit_ceilul(x); +} + +/* stdc_leading_zerosul(3) */ +inline int +leading_zerosul(unsigned long x) +{ + return (x == 0) ? ULONG_WIDTH : __builtin_clzl(x); +} + + +#endif // include guard diff --git a/lib/btrfs.c b/lib/btrfs.c new file mode 100644 index 0000000..0391598 --- /dev/null +++ b/lib/btrfs.c @@ -0,0 +1,110 @@ +#include <linux/btrfs_tree.h> +#include <linux/magic.h> +#include <sys/statfs.h> +#include <stdbool.h> + +#include "prototypes.h" + +static bool path_exists(const char *p) +{ + struct stat sb; + + return stat(p, &sb) == 0; +} + +static const char *btrfs_cmd(void) +{ + const char *const btrfs_paths[] = {"/sbin/btrfs", + "/bin/btrfs", "/usr/sbin/btrfs", "/usr/bin/btrfs", NULL}; + const char *p; + int i; + + for (i = 0, p = btrfs_paths[i]; p; i++, p = btrfs_paths[i]) + if (path_exists(p)) + return p; + + return NULL; +} + +static int run_btrfs_subvolume_cmd(const char *subcmd, const char *arg1, const char *arg2) +{ + int status = 0; + const char *cmd = btrfs_cmd(); + const char *argv[] = { + "btrfs", + "subvolume", + subcmd, + arg1, + arg2, + NULL + }; + + if (!cmd || access(cmd, X_OK)) { + return 1; + } + + if (run_command(cmd, argv, NULL, &status)) + return -1; + return status; +} + + +int btrfs_create_subvolume(const char *path) +{ + return run_btrfs_subvolume_cmd("create", path, NULL); +} + + +int btrfs_remove_subvolume(const char *path) +{ + return run_btrfs_subvolume_cmd("delete", "-C", path); +} + + +/* Adapted from btrfsprogs */ +/* + * This intentionally duplicates btrfs_util_is_subvolume_fd() instead of opening + * a file descriptor and calling it, because fstat() and fstatfs() don't accept + * file descriptors opened with O_PATH on old kernels (before v3.6 and before + * v3.12, respectively), but stat() and statfs() can be called on a path that + * the user doesn't have read or write permissions to. + * + * returns: + * 1 - btrfs subvolume + * 0 - not btrfs subvolume + * -1 - error + */ +int btrfs_is_subvolume(const char *path) +{ + struct stat st; + int ret; + + ret = is_btrfs(path); + if (ret <= 0) + return ret; + + ret = stat(path, &st); + if (ret == -1) + return -1; + + if (st.st_ino != BTRFS_FIRST_FREE_OBJECTID || !S_ISDIR(st.st_mode)) { + return 0; + } + + return 1; +} + + +/* Adapted from btrfsprogs */ +int is_btrfs(const char *path) +{ + struct statfs sfs; + int ret; + + ret = statfs(path, &sfs); + if (ret == -1) + return -1; + + return sfs.f_type == BTRFS_SUPER_MAGIC; +} + diff --git a/lib/cast.h b/lib/cast.h new file mode 100644 index 0000000..5cbbcf6 --- /dev/null +++ b/lib/cast.h @@ -0,0 +1,15 @@ +// SPDX-FileCopyrightText: 2022-2024, Alejandro Colomar <alx@kernel.org> +// SPDX-License-Identifier: BSD-3-Clause + + +#ifndef SHADOW_INCLUDE_LIB_CAST_H_ +#define SHADOW_INCLUDE_LIB_CAST_H_ + + +#include <config.h> + + +#define const_cast(T, p) _Generic(p, const T: (T) (p)) + + +#endif // include guard diff --git a/lib/chkname.c b/lib/chkname.c new file mode 100644 index 0000000..995562f --- /dev/null +++ b/lib/chkname.c @@ -0,0 +1,120 @@ +// SPDX-FileCopyrightText: 1990-1994, Julianne Frances Haugh +// SPDX-FileCopyrightText: 1996-2000, Marek Michałkiewicz +// SPDX-FileCopyrightText: 2001-2005, Tomasz Kłoczko +// SPDX-FileCopyrightText: 2005-2008, Nicolas François +// SPDX-FileCopyrightText: 2023-2024, Alejandro Colomar <alx@kernel.org> +// SPDX-License-Identifier: BSD-3-Clause + + +/* + * is_valid_user_name(), is_valid_group_name() - check the new user/group + * name for validity; + * return values: + * true - OK + * false - bad name + */ + + +#include <config.h> + +#ident "$Id$" + +#include <ctype.h> +#include <errno.h> +#include <limits.h> +#include <stdbool.h> +#include <stddef.h> +#include <unistd.h> + +#include "defines.h" +#include "chkname.h" + + +int allow_bad_names = false; + + +size_t +login_name_max_size(void) +{ + long conf; + + errno = 0; + conf = sysconf(_SC_LOGIN_NAME_MAX); + if (conf == -1 && errno != 0) + return LOGIN_NAME_MAX; + + return conf; +} + + +static bool is_valid_name (const char *name) +{ + if (allow_bad_names) { + return true; + } + + /* + * User/group names must match BRE regex: + * [a-zA-Z0-9_.][a-zA-Z0-9_.-]*$\? + * + * as a non-POSIX, extension, allow "$" as the last char for + * sake of Samba 3.x "add machine script" + * + * Also do not allow fully numeric names or just "." or "..". + */ + int numeric; + + if ('\0' == *name || + ('.' == *name && (('.' == name[1] && '\0' == name[2]) || + '\0' == name[1])) || + !((*name >= 'a' && *name <= 'z') || + (*name >= 'A' && *name <= 'Z') || + (*name >= '0' && *name <= '9') || + *name == '_' || + *name == '.')) { + return false; + } + + numeric = isdigit(*name); + + while ('\0' != *++name) { + if (!((*name >= 'a' && *name <= 'z') || + (*name >= 'A' && *name <= 'Z') || + (*name >= '0' && *name <= '9') || + *name == '_' || + *name == '.' || + *name == '-' || + (*name == '$' && name[1] == '\0') + )) { + return false; + } + numeric &= isdigit(*name); + } + + return !numeric; +} + + +bool +is_valid_user_name(const char *name) +{ + if (strlen(name) >= login_name_max_size()) + return false; + + return is_valid_name(name); +} + + +bool is_valid_group_name (const char *name) +{ + /* + * Arbitrary limit for group names. + * HP-UX 10 limits to 16 characters + */ + if ( (GROUP_NAME_MAX_LENGTH > 0) + && (strlen (name) > GROUP_NAME_MAX_LENGTH)) { + return false; + } + + return is_valid_name (name); +} diff --git a/lib/chkname.h b/lib/chkname.h new file mode 100644 index 0000000..4306a8a --- /dev/null +++ b/lib/chkname.h @@ -0,0 +1,34 @@ +/* + * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1997 - 2000, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko + * SPDX-FileCopyrightText: 2008 , Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/* $Id$ */ +#ifndef _CHKNAME_H_ +#define _CHKNAME_H_ + + +/* + * is_valid_user_name(), is_valid_group_name() - check the new user/group + * name for validity; + * return values: + * true - OK + * false - bad name + */ + + +#include <config.h> + +#include <stdbool.h> +#include <stddef.h> + + +extern size_t login_name_max_size(void); +extern bool is_valid_user_name (const char *name); +extern bool is_valid_group_name (const char *name); + +#endif diff --git a/lib/chowndir.c b/lib/chowndir.c new file mode 100644 index 0000000..d31618a --- /dev/null +++ b/lib/chowndir.c @@ -0,0 +1,146 @@ +/* + * SPDX-FileCopyrightText: 1992 - 1993, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2010 - , Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <sys/types.h> +#include <sys/stat.h> +#include "prototypes.h" +#include "defines.h" +#include <fcntl.h> +#include <stdio.h> +#include <unistd.h> + +static int chown_tree_at (int at_fd, + const char *path, + uid_t old_uid, + uid_t new_uid, + gid_t old_gid, + gid_t new_gid) +{ + DIR *dir; + const struct dirent *ent; + struct stat dir_sb; + int dir_fd, rc = 0; + + dir_fd = openat (at_fd, path, O_RDONLY | O_DIRECTORY | O_NOFOLLOW | O_CLOEXEC); + if (dir_fd < 0) { + return -1; + } + + dir = fdopendir (dir_fd); + if (!dir) { + (void) close (dir_fd); + return -1; + } + + /* + * Open the directory and read each entry. Every entry is tested + * to see if it is a directory, and if so this routine is called + * recursively. If not, it is checked to see if an ownership + * shall be changed. + */ + while ((ent = readdir (dir))) { + uid_t tmpuid = (uid_t) -1; + gid_t tmpgid = (gid_t) -1; + struct stat ent_sb; + + /* + * Skip the "." and ".." entries + */ + if ( (strcmp (ent->d_name, ".") == 0) + || (strcmp (ent->d_name, "..") == 0)) { + continue; + } + + rc = fstatat (dirfd(dir), ent->d_name, &ent_sb, AT_SYMLINK_NOFOLLOW); + if (rc < 0) { + break; + } + + if (S_ISDIR (ent_sb.st_mode)) { + /* + * Do the entire subdirectory. + */ + rc = chown_tree_at (dirfd(dir), ent->d_name, old_uid, new_uid, old_gid, new_gid); + if (0 != rc) { + break; + } + } + + /* + * By default, the IDs are not changed (-1). + * + * If the file is not owned by the user, the owner is not + * changed. + * + * If the file is not group-owned by the group, the + * group-owner is not changed. + */ + if (((uid_t) -1 == old_uid) || (ent_sb.st_uid == old_uid)) { + tmpuid = new_uid; + } + if (((gid_t) -1 == old_gid) || (ent_sb.st_gid == old_gid)) { + tmpgid = new_gid; + } + if (((uid_t) -1 != tmpuid) || ((gid_t) -1 != tmpgid)) { + rc = fchownat (dirfd(dir), ent->d_name, tmpuid, tmpgid, AT_SYMLINK_NOFOLLOW); + if (0 != rc) { + break; + } + } + } + + /* + * Now do the root of the tree + */ + if ((0 == rc) && (fstat (dirfd(dir), &dir_sb) == 0)) { + uid_t tmpuid = (uid_t) -1; + gid_t tmpgid = (gid_t) -1; + if (((uid_t) -1 == old_uid) || (dir_sb.st_uid == old_uid)) { + tmpuid = new_uid; + } + if (((gid_t) -1 == old_gid) || (dir_sb.st_gid == old_gid)) { + tmpgid = new_gid; + } + if (((uid_t) -1 != tmpuid) || ((gid_t) -1 != tmpgid)) { + rc = fchown (dirfd(dir), tmpuid, tmpgid); + } + } else { + rc = -1; + } + + (void) closedir (dir); + + return rc; +} + +/* + * chown_tree - change ownership of files in a directory tree + * + * chown_dir() walks a directory tree and changes the ownership + * of all files owned by the provided user ID. + * + * Only files owned (resp. group-owned) by old_uid (resp. by old_gid) + * will have their ownership (resp. group-ownership) modified, unless + * old_uid (resp. old_gid) is set to -1. + * + * new_uid and new_gid can be set to -1 to indicate that no owner or + * group-owner shall be changed. + */ +int chown_tree (const char *root, + uid_t old_uid, + uid_t new_uid, + gid_t old_gid, + gid_t new_gid) +{ + return chown_tree_at (AT_FDCWD, root, old_uid, new_uid, old_gid, new_gid); +} diff --git a/lib/chowntty.c b/lib/chowntty.c new file mode 100644 index 0000000..70127f3 --- /dev/null +++ b/lib/chowntty.c @@ -0,0 +1,79 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 2001, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2007 - 2009, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <sys/types.h> +#include <sys/stat.h> +#include <stdio.h> +#include <errno.h> +#include <grp.h> +#include "prototypes.h" +#include "defines.h" +#include <pwd.h> +#include "getdef.h" +#include "shadowlog.h" + +/* + * chown_tty() sets the login tty to be owned by the new user ID + * with TTYPERM modes + */ + +void chown_tty (const struct passwd *info) +{ + struct group *grent; + gid_t gid; + + /* + * See if login.defs has some value configured for the port group + * ID. Otherwise, use the user's primary group ID. + */ + + grent = getgr_nam_gid (getdef_str ("TTYGROUP")); + if (NULL != grent) { + gid = grent->gr_gid; + gr_free (grent); + } else { + gid = info->pw_gid; + } + + /* + * Change the permissions on the TTY to be owned by the user with + * the group as determined above. + */ + + if ( (fchown (STDIN_FILENO, info->pw_uid, gid) != 0) + || (fchmod (STDIN_FILENO, getdef_num ("TTYPERM", 0600)) != 0)) { + int err = errno; + FILE *shadow_logfd = log_get_logfd(); + + fprintf (shadow_logfd, + _("Unable to change owner or mode of tty stdin: %s"), + strerror (err)); + SYSLOG ((LOG_WARN, + "unable to change owner or mode of tty stdin for user `%s': %s\n", + info->pw_name, strerror (err))); + if (EROFS != err) { + closelog (); + exit (EXIT_FAILURE); + } + } +#ifdef __linux__ + /* + * Please don't add code to chown /dev/vcs* to the user logging in - + * it's a potential security hole. I wouldn't like the previous user + * to hold the file descriptor open and watch my screen. We don't + * have the *BSD revoke() system call yet, and vhangup() only works + * for tty devices (which vcs* is not). --marekm + */ +#endif +} + diff --git a/lib/cleanup.c b/lib/cleanup.c new file mode 100644 index 0000000..c16f1bc --- /dev/null +++ b/lib/cleanup.c @@ -0,0 +1,121 @@ +/* + * SPDX-FileCopyrightText: 2008 - 2011, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#include <assert.h> +#include <stdio.h> + +#include "prototypes.h" + +/* + * The cleanup_functions stack. + */ +#define CLEANUP_FUNCTIONS 10 + +typedef /*@null@*/void * parg_t; + +static cleanup_function cleanup_functions[CLEANUP_FUNCTIONS]; +static parg_t cleanup_function_args[CLEANUP_FUNCTIONS]; +static pid_t cleanup_pid = 0; + +/* + * - Cleanup functions shall not fail. + * - You should register do_cleanups with atexit. + * - You should add cleanup functions to the stack with add_cleanup when + * an operation is expected to be executed later, and remove it from the + * stack with del_cleanup when it has been executed. + * + **/ + +/* + * do_cleanups - perform the actions stored in the cleanup_functions stack. + * + * Cleanup action are not executed on exit of the processes started by the + * parent (first caller of add_cleanup). + * + * It is intended to be used as: + * atexit (do_cleanups); + */ +void do_cleanups (void) +{ + unsigned int i; + + /* Make sure there were no overflow */ + assert (NULL == cleanup_functions[CLEANUP_FUNCTIONS-1]); + + if (getpid () != cleanup_pid) { + return; + } + + i = CLEANUP_FUNCTIONS; + do { + i--; + if (cleanup_functions[i] != NULL) { + cleanup_functions[i] (cleanup_function_args[i]); + } + } while (i>0); +} + +/* + * add_cleanup - Add a cleanup_function to the cleanup_functions stack. + */ +void add_cleanup (/*@notnull@*/cleanup_function pcf, /*@null@*/void *arg) +{ + unsigned int i; + assert (NULL != pcf); + + assert (NULL == cleanup_functions[CLEANUP_FUNCTIONS-2]); + + if (0 == cleanup_pid) { + cleanup_pid = getpid (); + } + + /* Add the cleanup_function at the end of the stack */ + for (i=0; NULL != cleanup_functions[i]; i++); + cleanup_functions[i] = pcf; + cleanup_function_args[i] = arg; +} + +/* + * del_cleanup - Remove a cleanup_function from the cleanup_functions stack. + */ +void del_cleanup (/*@notnull@*/cleanup_function pcf) +{ + unsigned int i; + assert (NULL != pcf); + + /* Find the pcf cleanup function */ + for (i=0; i<CLEANUP_FUNCTIONS; i++) { + if (cleanup_functions[i] == pcf) { + break; + } + } + + /* Make sure the cleanup function was found */ + assert (i<CLEANUP_FUNCTIONS); + + /* Move the rest of the cleanup functions */ + for (; i<CLEANUP_FUNCTIONS; i++) { + /* Make sure the cleanup function was specified only once */ + assert ( (i == (CLEANUP_FUNCTIONS -1)) + || (cleanup_functions[i+1] != pcf)); + + if (i == (CLEANUP_FUNCTIONS -1)) { + cleanup_functions[i] = NULL; + cleanup_function_args[i] = NULL; + } else { + cleanup_functions[i] = cleanup_functions[i+1]; + cleanup_function_args[i] = cleanup_function_args[i+1]; + } + + /* A NULL indicates the end of the stack */ + if (NULL == cleanup_functions[i]) { + break; + } + } +} + diff --git a/lib/cleanup_group.c b/lib/cleanup_group.c new file mode 100644 index 0000000..50c7084 --- /dev/null +++ b/lib/cleanup_group.c @@ -0,0 +1,216 @@ +/* + * SPDX-FileCopyrightText: 2008 , Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#include <assert.h> +#include <stdio.h> + +#include "attr.h" +#include "defines.h" +#include "groupio.h" +#include "sgroupio.h" +#include "prototypes.h" +#include "shadowlog.h" + +/* + * cleanup_report_add_group - Report failure to add a group to the system + * + * It should be registered when it is decided to add a group to the system. + */ +void cleanup_report_add_group (void *group_name) +{ + const char *name = group_name; + + SYSLOG ((LOG_ERR, "failed to add group %s", name)); +#ifdef WITH_AUDIT + audit_logger (AUDIT_ADD_GROUP, log_get_progname(), + "", + name, AUDIT_NO_ID, + SHADOW_AUDIT_FAILURE); +#endif +} + +/* + * cleanup_report_del_group - Report failure to remove a group from the system + * + * It should be registered when it is decided to remove a group from the system. + */ +void cleanup_report_del_group (void *group_name) +{ + const char *name = group_name; + + SYSLOG ((LOG_ERR, "failed to remove group %s", name)); +#ifdef WITH_AUDIT + audit_logger (AUDIT_DEL_GROUP, log_get_progname(), + "", + name, AUDIT_NO_ID, + SHADOW_AUDIT_FAILURE); +#endif +} + +void cleanup_report_mod_group (void *cleanup_info) +{ + const struct cleanup_info_mod *info; + info = (const struct cleanup_info_mod *)cleanup_info; + + SYSLOG ((LOG_ERR, + "failed to change %s (%s)", + gr_dbname (), + info->action)); +#ifdef WITH_AUDIT + audit_logger (AUDIT_USER_ACCT, log_get_progname(), + info->audit_msg, + info->name, AUDIT_NO_ID, + SHADOW_AUDIT_FAILURE); +#endif +} + +#ifdef SHADOWGRP +void cleanup_report_mod_gshadow (void *cleanup_info) +{ + const struct cleanup_info_mod *info; + info = (const struct cleanup_info_mod *)cleanup_info; + + SYSLOG ((LOG_ERR, + "failed to change %s (%s)", + sgr_dbname (), + info->action)); +#ifdef WITH_AUDIT + audit_logger (AUDIT_USER_ACCT, log_get_progname(), + info->audit_msg, + info->name, AUDIT_NO_ID, + SHADOW_AUDIT_FAILURE); +#endif +} +#endif + +/* + * cleanup_report_add_group_group - Report failure to add a group to group + * + * It should be registered when it is decided to add a group to the + * group database. + */ +void cleanup_report_add_group_group (void *group_name) +{ + const char *name = group_name; + + SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, gr_dbname ())); +#ifdef WITH_AUDIT + audit_logger (AUDIT_ADD_GROUP, log_get_progname(), + "adding group to /etc/group", + name, AUDIT_NO_ID, + SHADOW_AUDIT_FAILURE); +#endif +} + +#ifdef SHADOWGRP +/* + * cleanup_report_add_group_gshadow - Report failure to add a group to gshadow + * + * It should be registered when it is decided to add a group to the + * gshadow database. + */ +void cleanup_report_add_group_gshadow (void *group_name) +{ + const char *name = group_name; + + SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, sgr_dbname ())); +#ifdef WITH_AUDIT + audit_logger (AUDIT_ADD_GROUP, log_get_progname(), + "adding group to /etc/gshadow", + name, AUDIT_NO_ID, + SHADOW_AUDIT_FAILURE); +#endif +} +#endif + +/* + * cleanup_report_del_group_group - Report failure to remove a group from the + * regular group database + * + * It should be registered when it is decided to remove a group from the + * regular group database. + */ +void cleanup_report_del_group_group (void *group_name) +{ + const char *name = group_name; + + SYSLOG ((LOG_ERR, + "failed to remove group %s from %s", + name, gr_dbname ())); +#ifdef WITH_AUDIT + audit_logger (AUDIT_ADD_GROUP, log_get_progname(), + "removing group from /etc/group", + name, AUDIT_NO_ID, + SHADOW_AUDIT_FAILURE); +#endif +} + +#ifdef SHADOWGRP +/* + * cleanup_report_del_group_gshadow - Report failure to remove a group from + * gshadow + * + * It should be registered when it is decided to remove a group from the + * gshadow database. + */ +void cleanup_report_del_group_gshadow (void *group_name) +{ + const char *name = group_name; + + SYSLOG ((LOG_ERR, + "failed to remove group %s from %s", + name, sgr_dbname ())); +#ifdef WITH_AUDIT + audit_logger (AUDIT_ADD_GROUP, log_get_progname(), + "removing group from /etc/gshadow", + name, AUDIT_NO_ID, + SHADOW_AUDIT_FAILURE); +#endif +} +#endif + +/* + * cleanup_unlock_group - Unlock the group file + * + * It should be registered after the group file is successfully locked. + */ +void cleanup_unlock_group (MAYBE_UNUSED void *arg) +{ + if (gr_unlock () == 0) { + fprintf (log_get_logfd(), + _("%s: failed to unlock %s\n"), + log_get_progname(), gr_dbname ()); + SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ())); +#ifdef WITH_AUDIT + audit_logger_message ("unlocking group file", + SHADOW_AUDIT_FAILURE); +#endif + } +} + +#ifdef SHADOWGRP +/* + * cleanup_unlock_gshadow - Unlock the gshadow file + * + * It should be registered after the gshadow file is successfully locked. + */ +void cleanup_unlock_gshadow (MAYBE_UNUSED void *arg) +{ + if (sgr_unlock () == 0) { + fprintf (log_get_logfd(), + _("%s: failed to unlock %s\n"), + log_get_progname(), sgr_dbname ()); + SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ())); +#ifdef WITH_AUDIT + audit_logger_message ("unlocking gshadow file", + SHADOW_AUDIT_FAILURE); +#endif + } +} +#endif + diff --git a/lib/cleanup_user.c b/lib/cleanup_user.c new file mode 100644 index 0000000..9c4bda9 --- /dev/null +++ b/lib/cleanup_user.c @@ -0,0 +1,131 @@ +/* + * SPDX-FileCopyrightText: 2008 , Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#include <assert.h> +#include <stdio.h> + +#include "attr.h" +#include "defines.h" +#include "pwio.h" +#include "shadowio.h" +#include "prototypes.h" +#include "shadowlog.h" + +/* + * cleanup_report_add_user - Report failure to add a user to the system + * + * It should be registered when it is decided to add a user to the system. + */ +void cleanup_report_add_user (void *user_name) +{ + const char *name = user_name; + + SYSLOG ((LOG_ERR, "failed to add user %s", name)); +#ifdef WITH_AUDIT + audit_logger (AUDIT_ADD_USER, log_get_progname(), + "", + name, AUDIT_NO_ID, + SHADOW_AUDIT_FAILURE); +#endif +} + +void cleanup_report_mod_passwd (void *cleanup_info) +{ + const struct cleanup_info_mod *info; + info = (const struct cleanup_info_mod *)cleanup_info; + + SYSLOG ((LOG_ERR, + "failed to change %s (%s)", + pw_dbname (), + info->action)); +#ifdef WITH_AUDIT + audit_logger (AUDIT_USER_ACCT, log_get_progname(), + info->audit_msg, + info->name, AUDIT_NO_ID, + SHADOW_AUDIT_FAILURE); +#endif +} + +/* + * cleanup_report_add_user_passwd - Report failure to add a user to + * /etc/passwd + * + * It should be registered when it is decided to add a user to the + * /etc/passwd database. + */ +void cleanup_report_add_user_passwd (void *user_name) +{ + const char *name = user_name; + + SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, pw_dbname ())); +#ifdef WITH_AUDIT + audit_logger (AUDIT_ADD_USER, log_get_progname(), + "adding user to /etc/passwd", + name, AUDIT_NO_ID, + SHADOW_AUDIT_FAILURE); +#endif +} + +/* + * cleanup_report_add_user_shadow - Report failure to add a user to + * /etc/shadow + * + * It should be registered when it is decided to add a user to the + * /etc/shadow database. + */ +void cleanup_report_add_user_shadow (void *user_name) +{ + const char *name = user_name; + + SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, spw_dbname ())); +#ifdef WITH_AUDIT + audit_logger (AUDIT_ADD_USER, log_get_progname(), + "adding user to /etc/shadow", + name, AUDIT_NO_ID, + SHADOW_AUDIT_FAILURE); +#endif +} + +/* + * cleanup_unlock_passwd - Unlock the /etc/passwd database + * + * It should be registered after the passwd database is successfully locked. + */ +void cleanup_unlock_passwd (MAYBE_UNUSED void *arg) +{ + if (pw_unlock () == 0) { + fprintf (log_get_logfd(), + _("%s: failed to unlock %s\n"), + log_get_progname(), pw_dbname ()); + SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ())); +#ifdef WITH_AUDIT + audit_logger_message ("unlocking passwd file", + SHADOW_AUDIT_FAILURE); +#endif + } +} + +/* + * cleanup_unlock_shadow - Unlock the /etc/shadow database + * + * It should be registered after the shadow database is successfully locked. + */ +void cleanup_unlock_shadow (MAYBE_UNUSED void *arg) +{ + if (spw_unlock () == 0) { + fprintf (log_get_logfd(), + _("%s: failed to unlock %s\n"), + log_get_progname(), spw_dbname ()); + SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ())); +#ifdef WITH_AUDIT + audit_logger_message ("unlocking shadow file", + SHADOW_AUDIT_FAILURE); +#endif + } +} + diff --git a/lib/commonio.c b/lib/commonio.c index 9a02ce1..01a26c9 100644 --- a/lib/commonio.c +++ b/lib/commonio.c @@ -21,6 +21,9 @@ #include <errno.h> #include <stdio.h> #include <signal.h> + +#include "alloc.h" +#include "memzero.h" #include "nscd.h" #include "sssd.h" #ifdef WITH_TCB @@ -29,6 +32,8 @@ #include "prototypes.h" #include "commonio.h" #include "shadowlog_internal.h" +#include "string/sprintf.h" + /* local function prototypes */ static int lrename (const char *, const char *); @@ -106,9 +111,9 @@ static int check_link_count (const char *file, bool log) if (sb.st_nlink != 2) { if (log) { - (void) fprintf (shadow_logfd, - "%s: %s: lock file already used (nlink: %u)\n", - shadow_progname, file, sb.st_nlink); + fprintf(shadow_logfd, + "%s: %s: lock file already used (nlink: %ju)\n", + shadow_progname, file, (uintmax_t) sb.st_nlink); } return 0; } @@ -119,11 +124,11 @@ static int check_link_count (const char *file, bool log) static int do_lock_file (const char *file, const char *lock, bool log) { - int fd; - pid_t pid; - ssize_t len; - int retval; - char buf[32]; + int fd; + int retval; + char buf[32]; + pid_t pid; + ssize_t len; fd = open (file, O_CREAT | O_TRUNC | O_WRONLY, 0600); if (-1 == fd) { @@ -136,9 +141,9 @@ static int do_lock_file (const char *file, const char *lock, bool log) } pid = getpid (); - snprintf (buf, sizeof buf, "%lu", (unsigned long) pid); + SNPRINTF(buf, "%lu", (unsigned long) pid); len = (ssize_t) strlen (buf) + 1; - if (write (fd, buf, (size_t) len) != len) { + if (write_full(fd, buf, len) == -1) { if (log) { (void) fprintf (shadow_logfd, "%s: %s file write error: %s\n", @@ -190,7 +195,7 @@ static int do_lock_file (const char *file, const char *lock, bool log) return 0; } buf[len] = '\0'; - if (get_pid (buf, &pid) == 0) { + if (get_pid(buf, &pid) == -1) { if (log) { (void) fprintf (shadow_logfd, "%s: existing lock file %s with an invalid PID '%s'\n", @@ -251,25 +256,13 @@ static /*@null@*/ /*@dependent@*/FILE *fopen_set_perms ( return NULL; } -#ifdef HAVE_FCHOWN if (fchown (fileno (fp), sb->st_uid, sb->st_gid) != 0) { goto fail; } -#else /* !HAVE_FCHOWN */ - if (chown (name, sb->st_mode) != 0) { - goto fail; - } -#endif /* !HAVE_FCHOWN */ - -#ifdef HAVE_FCHMOD if (fchmod (fileno (fp), sb->st_mode & 0664) != 0) { goto fail; } -#else /* !HAVE_FCHMOD */ - if (chmod (name, sb->st_mode & 0664) != 0) { - goto fail; - } -#endif /* !HAVE_FCHMOD */ + return fp; fail: @@ -349,7 +342,7 @@ static void free_linked_list (struct commonio_db *db) int commonio_setname (struct commonio_db *db, const char *name) { - snprintf (db->filename, sizeof (db->filename), "%s", name); + SNPRINTF(db->filename, "%s", name); db->setname = true; return 1; } @@ -363,33 +356,25 @@ bool commonio_present (const struct commonio_db *db) int commonio_lock_nowait (struct commonio_db *db, bool log) { - char* file = NULL; - char* lock = NULL; - size_t lock_file_len; - size_t file_len; - int err = 0; + int err = 0; + char *file = NULL; + char *lock = NULL; if (db->locked) { return 1; } - file_len = strlen(db->filename) + 11;/* %lu max size */ - lock_file_len = strlen(db->filename) + 6; /* sizeof ".lock" */ - file = (char*)malloc(file_len); - if (file == NULL) { + + if (asprintf(&file, "%s.%ju", db->filename, (uintmax_t) getpid()) == -1) goto cleanup_ENOMEM; - } - lock = (char*)malloc(lock_file_len); - if (lock == NULL) { + if (asprintf(&lock, "%s.lock", db->filename) == -1) goto cleanup_ENOMEM; - } - snprintf (file, file_len, "%s.%lu", - db->filename, (unsigned long) getpid ()); - snprintf (lock, lock_file_len, "%s.lock", db->filename); + if (do_lock_file (file, lock, log) != 0) { db->locked = true; lock_count++; err = 1; } + cleanup_ENOMEM: free(file); free(lock); @@ -483,7 +468,7 @@ static void dec_lock_count (void) int commonio_unlock (struct commonio_db *db) { - char lock[1024]; + char lock[1029]; if (db->isopen) { db->readonly = true; @@ -500,7 +485,7 @@ int commonio_unlock (struct commonio_db *db) * then call ulckpwdf() (if used) on last unlock. */ db->locked = false; - snprintf (lock, sizeof lock, "%s.lock", db->filename); + SNPRINTF(lock, "%s.lock", db->filename); unlink (lock); dec_lock_count (); return 1; @@ -618,7 +603,7 @@ int commonio_open (struct commonio_db *db, int mode) fd = open (db->filename, (db->readonly ? O_RDONLY : O_RDWR) - | O_NOCTTY | O_NONBLOCK | O_NOFOLLOW); + | O_NOCTTY | O_NONBLOCK | O_NOFOLLOW | O_CLOEXEC); saved_errno = errno; db->fp = NULL; if (fd >= 0) { @@ -649,22 +634,19 @@ int commonio_open (struct commonio_db *db, int mode) return 0; } - /* Do not inherit fd in spawned processes (e.g. nscd) */ - fcntl (fileno (db->fp), F_SETFD, FD_CLOEXEC); - buflen = BUFLEN; - buf = (char *) malloc (buflen); + buf = MALLOC(buflen, char); if (NULL == buf) { goto cleanup_ENOMEM; } - while (db->ops->fgets (buf, (int) buflen, db->fp) == buf) { - while ( ((cp = strrchr (buf, '\n')) == NULL) + while (db->ops->fgets (buf, buflen, db->fp) == buf) { + while ( (strrchr (buf, '\n') == NULL) && (feof (db->fp) == 0)) { size_t len; buflen += BUFLEN; - cp = (char *) realloc (buf, buflen); + cp = REALLOC(buf, buflen, char); if (NULL == cp) { goto cleanup_buf; } @@ -698,7 +680,7 @@ int commonio_open (struct commonio_db *db, int mode) } } - p = (struct commonio_entry *) malloc (sizeof *p); + p = MALLOC(1, struct commonio_entry); if (NULL == p) { goto cleanup_entry; } @@ -775,7 +757,7 @@ commonio_sort (struct commonio_db *db, int (*cmp) (const void *, const void *)) return 0; } - entries = malloc (n * sizeof (struct commonio_entry *)); + entries = MALLOC(n, struct commonio_entry *); if (entries == NULL) { return -1; } @@ -912,9 +894,9 @@ static int write_all (const struct commonio_db *db) int commonio_close (struct commonio_db *db) { - char buf[1024]; - int errors = 0; - struct stat sb; + int errors = 0; + char buf[1024]; + struct stat sb; if (!db->isopen) { errno = EINVAL; @@ -945,7 +927,11 @@ int commonio_close (struct commonio_db *db) /* * Create backup file. */ - snprintf (buf, sizeof buf, "%s-", db->filename); + if (SNPRINTF(buf, "%s-", db->filename) == -1) { + (void) fclose (db->fp); + db->fp = NULL; + goto fail; + } #ifdef WITH_SELINUX if (set_selinux_file_context (db->filename, S_IFREG) != 0) { @@ -960,15 +946,15 @@ int commonio_close (struct commonio_db *db) errors++; } + db->fp = NULL; + #ifdef WITH_SELINUX if (reset_selinux_file_context () != 0) { errors++; } #endif - if (errors != 0) { - db->fp = NULL; + if (errors != 0) goto fail; - } } else { /* * Default permissions for new [g]shadow files. @@ -978,7 +964,8 @@ int commonio_close (struct commonio_db *db) sb.st_gid = db->st_gid; } - snprintf (buf, sizeof buf, "%s+", db->filename); + if (SNPRINTF(buf, "%s+", db->filename) == -1) + goto fail; #ifdef WITH_SELINUX if (set_selinux_file_context (db->filename, S_IFREG) != 0) { @@ -998,13 +985,11 @@ int commonio_close (struct commonio_db *db) if (fflush (db->fp) != 0) { errors++; } -#ifdef HAVE_FSYNC + if (fsync (fileno (db->fp)) != 0) { errors++; } -#else /* !HAVE_FSYNC */ - sync (); -#endif /* !HAVE_FSYNC */ + if (fclose (db->fp) != 0) { errors++; } @@ -1096,7 +1081,7 @@ int commonio_update (struct commonio_db *db, const void *eptr) return 1; } /* not found, new entry */ - p = (struct commonio_entry *) malloc (sizeof *p); + p = MALLOC(1, struct commonio_entry); if (NULL == p) { db->ops->free (nentry); errno = ENOMEM; @@ -1133,7 +1118,7 @@ int commonio_append (struct commonio_db *db, const void *eptr) return 0; } /* new entry */ - p = (struct commonio_entry *) malloc (sizeof *p); + p = MALLOC(1, struct commonio_entry); if (NULL == p) { db->ops->free (nentry); errno = ENOMEM; @@ -1200,6 +1185,8 @@ int commonio_remove (struct commonio_db *db, const char *name) db->ops->free (p->eptr); } + free(p); + return 1; } diff --git a/lib/commonio.h b/lib/commonio.h index e63c5b4..fedbefa 100644 --- a/lib/commonio.h +++ b/lib/commonio.h @@ -11,8 +11,11 @@ #ifndef COMMONIO_H #define COMMONIO_H + +#include "attr.h" #include "defines.h" /* bool */ + /* * Linked list entry. */ @@ -37,7 +40,7 @@ struct commonio_ops { /* * free() the object including any strings pointed by it. */ - void (*free) (/*@out@*/ /*@only@*/void *); + void (*free)(/*@only@*/void *); /* * Return the name of the object (for example, pw_name @@ -61,7 +64,9 @@ struct commonio_ops { * fgets and fputs (can be replaced by versions that * understand line continuation conventions). */ - /*@null@*/char *(*fgets) (/*@returned@*/ /*@out@*/char *s, int n, FILE *stream); + ATTR_ACCESS(write_only, 1, 2) + /*@null@*/char *(*fgets)(/*@returned@*/char *restrict s, int n, + FILE *restrict stream); int (*fputs) (const char *, FILE *); /* @@ -123,6 +128,7 @@ extern int commonio_setname (struct commonio_db *, const char *); extern bool commonio_present (const struct commonio_db *db); extern int commonio_lock (struct commonio_db *); extern int commonio_lock_nowait (struct commonio_db *, bool log); +extern int do_fcntl_lock (const char *file, bool log, short type); extern int commonio_open (struct commonio_db *, int); extern /*@observer@*/ /*@null@*/const void *commonio_locate (struct commonio_db *, const char *); extern int commonio_update (struct commonio_db *, const void *); diff --git a/lib/console.c b/lib/console.c new file mode 100644 index 0000000..92065d9 --- /dev/null +++ b/lib/console.c @@ -0,0 +1,109 @@ +/* + * SPDX-FileCopyrightText: 1991 , Julianne Frances Haugh + * SPDX-FileCopyrightText: 1991 , Chip Rosenthal + * SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2007 - 2010, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> +#include "defines.h" +#include <stdio.h> +#include "getdef.h" +#include "prototypes.h" +#include "string/strtcpy.h" + +#ident "$Id$" + +/* + * This is now rather generic function which decides if "tty" is listed + * under "cfgin" in config (directly or indirectly). Fallback to default if + * something is bad. + */ +static bool is_listed (const char *cfgin, const char *tty, bool def) +{ + FILE *fp; + char buf[1024], *s; + const char *cons; + + /* + * If the CONSOLE configuration definition isn't given, + * fallback to default. + */ + + cons = getdef_str (cfgin); + if (NULL == cons) { + return def; + } + + /* + * If this isn't a filename, then it is a ":" delimited list of + * console devices upon which root logins are allowed. + */ + + if (*cons != '/') { + char *pbuf; + STRTCPY(buf, cons); + pbuf = &buf[0]; + while ((s = strtok (pbuf, ":")) != NULL) { + if (strcmp (s, tty) == 0) { + return true; + } + + pbuf = NULL; + } + return false; + } + + /* + * If we can't open the console list, then call everything a + * console - otherwise root will never be allowed to login. + */ + + fp = fopen (cons, "r"); + if (NULL == fp) { + return def; + } + + /* + * See if this tty is listed in the console file. + */ + + while (fgets (buf, sizeof (buf), fp) != NULL) { + /* Remove optional trailing '\n'. */ + buf[strcspn (buf, "\n")] = '\0'; + if (strcmp (buf, tty) == 0) { + (void) fclose (fp); + return true; + } + } + + /* + * This tty isn't a console. + */ + + (void) fclose (fp); + return false; +} + +/* + * console - return 1 if the "tty" is a console device, else 0. + * + * Note - we need to take extreme care here to avoid locking out root logins + * if something goes awry. That's why we do things like call everything a + * console if the consoles file can't be opened. Because of this, we must + * warn the user to protect against the remove of the consoles file since + * that would allow an unauthorized root login. + */ + +bool console (const char *tty) +{ + if (strncmp (tty, "/dev/", 5) == 0) { + tty += 5; + } + + return is_listed ("CONSOLE", tty, true); +} + diff --git a/lib/copydir.c b/lib/copydir.c new file mode 100644 index 0000000..926033a --- /dev/null +++ b/lib/copydir.c @@ -0,0 +1,925 @@ +/* + * SPDX-FileCopyrightText: 1991 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 2001, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2006, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2007 - 2010, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <assert.h> +#include <sys/stat.h> +#include <sys/types.h> +#include <sys/time.h> +#include <fcntl.h> +#include <stdio.h> + +#include "alloc.h" +#include "attr.h" +#include "prototypes.h" +#include "defines.h" +#ifdef WITH_SELINUX +#include <selinux/selinux.h> +#endif /* WITH_SELINUX */ +#if defined(WITH_ACL) || defined(WITH_ATTR) +#include <stdarg.h> +#include <attr/error_context.h> +#endif /* WITH_ACL || WITH_ATTR */ +#ifdef WITH_ACL +#include <acl/libacl.h> +#endif /* WITH_ACL */ +#ifdef WITH_ATTR +#include <attr/libattr.h> +#endif /* WITH_ATTR */ +#include "shadowlog.h" +#include "string/sprintf.h" + + +static /*@null@*/const char *src_orig; +static /*@null@*/const char *dst_orig; + +struct link_name { + dev_t ln_dev; + ino_t ln_ino; + nlink_t ln_count; + char *ln_name; + /*@dependent@*/struct link_name *ln_next; +}; +static /*@exposed@*/struct link_name *links; + +struct path_info { + const char *full_path; + int dirfd; + const char *name; +}; + +static int copy_entry (const struct path_info *src, const struct path_info *dst, + bool reset_selinux, + uid_t old_uid, uid_t new_uid, + gid_t old_gid, gid_t new_gid); +static int copy_dir (const struct path_info *src, const struct path_info *dst, + bool reset_selinux, + const struct stat *statp, const struct timespec mt[], + uid_t old_uid, uid_t new_uid, + gid_t old_gid, gid_t new_gid); +static /*@null@*/char *readlink_malloc (const char *filename); +static int copy_symlink (const struct path_info *src, const struct path_info *dst, + MAYBE_UNUSED bool reset_selinux, + const struct stat *statp, const struct timespec mt[], + uid_t old_uid, uid_t new_uid, + gid_t old_gid, gid_t new_gid); +static int copy_hardlink (const struct path_info *dst, + MAYBE_UNUSED bool reset_selinux, + struct link_name *lp); +static int copy_special (const struct path_info *src, const struct path_info *dst, + bool reset_selinux, + const struct stat *statp, const struct timespec mt[], + uid_t old_uid, uid_t new_uid, + gid_t old_gid, gid_t new_gid); +static int copy_file (const struct path_info *src, const struct path_info *dst, + bool reset_selinux, + const struct stat *statp, const struct timespec mt[], + uid_t old_uid, uid_t new_uid, + gid_t old_gid, gid_t new_gid); +static int chownat_if_needed (const struct path_info *dst, const struct stat *statp, + uid_t old_uid, uid_t new_uid, + gid_t old_gid, gid_t new_gid); +static int fchown_if_needed (int fdst, const struct stat *statp, + uid_t old_uid, uid_t new_uid, + gid_t old_gid, gid_t new_gid); + +#if defined(WITH_ACL) || defined(WITH_ATTR) +/* + * error_acl - format the error messages for the ACL and EQ libraries. + */ +format_attr(printf, 2, 3) +static void error_acl (MAYBE_UNUSED struct error_context *ctx, const char *fmt, ...) +{ + va_list ap; + FILE *shadow_logfd = log_get_logfd(); + + /* ignore the case when destination does not support ACLs + * or extended attributes */ + if (ENOTSUP == errno) { + errno = 0; + return; + } + + va_start (ap, fmt); + (void) fprintf (shadow_logfd, _("%s: "), log_get_progname()); + if (vfprintf (shadow_logfd, fmt, ap) != 0) { + (void) fputs (_(": "), shadow_logfd); + } + (void) fprintf (shadow_logfd, "%s\n", strerror (errno)); + va_end (ap); +} + +static struct error_context ctx = { + error_acl, NULL, NULL +}; +#endif /* WITH_ACL || WITH_ATTR */ + +#ifdef WITH_ACL +static int perm_copy_path(const struct path_info *src, + const struct path_info *dst, + struct error_context *errctx) +{ + int src_fd, dst_fd, ret; + + src_fd = openat(src->dirfd, src->name, O_RDONLY | O_NOFOLLOW | O_NONBLOCK | O_CLOEXEC); + if (src_fd < 0) { + return -1; + } + + dst_fd = openat(dst->dirfd, dst->name, O_RDONLY | O_NOFOLLOW | O_NONBLOCK | O_CLOEXEC); + if (dst_fd < 0) { + (void) close (src_fd); + return -1; + } + + ret = perm_copy_fd(src->full_path, src_fd, dst->full_path, dst_fd, errctx); + (void) close (src_fd); + (void) close (dst_fd); + return ret; +} +#endif /* WITH_ACL */ + +#ifdef WITH_ATTR +static int attr_copy_path(const struct path_info *src, + const struct path_info *dst, + int (*callback) (const char *, struct error_context *), + struct error_context *errctx) +{ + int src_fd, dst_fd, ret; + + src_fd = openat(src->dirfd, src->name, O_RDONLY | O_NOFOLLOW | O_NONBLOCK | O_CLOEXEC); + if (src_fd < 0) { + return -1; + } + + dst_fd = openat(dst->dirfd, dst->name, O_RDONLY | O_NOFOLLOW | O_NONBLOCK | O_CLOEXEC); + if (dst_fd < 0) { + (void) close (src_fd); + return -1; + } + + ret = attr_copy_fd(src->full_path, src_fd, dst->full_path, dst_fd, callback, errctx); + (void) close (src_fd); + (void) close (dst_fd); + return ret; +} +#endif /* WITH_ATTR */ + +/* + * remove_link - delete a link from the linked list + */ +static void remove_link (/*@only@*/struct link_name *ln) +{ + struct link_name *lp; + + if (links == ln) { + links = ln->ln_next; + free (ln->ln_name); + free (ln); + return; + } + for (lp = links; NULL !=lp; lp = lp->ln_next) { + if (lp->ln_next == ln) { + break; + } + } + + if (NULL == lp) { + free (ln->ln_name); + free (ln); + return; + } + + lp->ln_next = lp->ln_next->ln_next; + free (ln->ln_name); + free (ln); +} + +/* + * check_link - see if a file is really a link + */ + +static /*@exposed@*/ /*@null@*/struct link_name *check_link (const char *name, const struct stat *sb) +{ + struct link_name *lp; + + /* copy_tree () must be the entry point */ + assert (NULL != src_orig); + assert (NULL != dst_orig); + + for (lp = links; NULL != lp; lp = lp->ln_next) { + if ((lp->ln_dev == sb->st_dev) && (lp->ln_ino == sb->st_ino)) { + return lp; + } + } + + if (sb->st_nlink == 1) { + return NULL; + } + + lp = XMALLOC(1, struct link_name); + lp->ln_dev = sb->st_dev; + lp->ln_ino = sb->st_ino; + lp->ln_count = sb->st_nlink; + xasprintf(&lp->ln_name, "%s%s", dst_orig, name + strlen(src_orig)); + lp->ln_next = links; + links = lp; + + return NULL; +} + +static int copy_tree_impl (const struct path_info *src, const struct path_info *dst, + bool copy_root, bool reset_selinux, + uid_t old_uid, uid_t new_uid, + gid_t old_gid, gid_t new_gid) +{ + int dst_fd, src_fd, err = 0; + bool set_orig = false; + const struct dirent *ent; + DIR *dir; + + if (copy_root) { + struct stat sb; + + if ( fstatat (dst->dirfd, dst->name, &sb, 0) == 0 + || errno != ENOENT) { + return -1; + } + + if (fstatat (src->dirfd, src->name, &sb, AT_SYMLINK_NOFOLLOW) == -1) { + return -1; + } + + if (!S_ISDIR (sb.st_mode)) { + fprintf (log_get_logfd(), + "%s: %s is not a directory", + log_get_progname(), src->full_path); + return -1; + } + + return copy_entry (src, dst, reset_selinux, + old_uid, new_uid, old_gid, new_gid); + } + + /* + * Make certain both directories exist. This routine is called + * after the home directory is created, or recursively after the + * target is created. It assumes the target directory exists. + */ + + src_fd = openat (src->dirfd, src->name, O_DIRECTORY | O_RDONLY | O_NOFOLLOW | O_CLOEXEC); + if (src_fd < 0) { + return -1; + } + + dst_fd = openat (dst->dirfd, dst->name, O_DIRECTORY | O_RDONLY | O_NOFOLLOW | O_CLOEXEC); + if (dst_fd < 0) { + (void) close (src_fd); + return -1; + } + + /* + * Open the source directory and read each entry. Every file + * entry in the directory is copied with the UID and GID set + * to the provided values. As an added security feature only + * regular files (and directories ...) are copied, and no file + * is made set-ID. + */ + dir = fdopendir (src_fd); + if (NULL == dir) { + (void) close (src_fd); + (void) close (dst_fd); + return -1; + } + + if (src_orig == NULL) { + src_orig = src->full_path; + dst_orig = dst->full_path; + set_orig = true; + } + while ((0 == err) && (ent = readdir (dir)) != NULL) { + char *src_name = NULL; + char *dst_name; + struct path_info src_entry, dst_entry; + /* + * Skip the "." and ".." entries + */ + if (strcmp(ent->d_name, ".") == 0 || + strcmp(ent->d_name, "..") == 0) + { + continue; + } + + if (asprintf(&src_name, "%s/%s", src->full_path, ent->d_name) == -1) + { + err = -1; + continue; + } + if (asprintf(&dst_name, "%s/%s", dst->full_path, ent->d_name) == -1) + { + err = -1; + goto skip; + } + + src_entry.full_path = src_name; + src_entry.dirfd = dirfd(dir); + src_entry.name = ent->d_name; + + dst_entry.full_path = dst_name; + dst_entry.dirfd = dst_fd; + dst_entry.name = ent->d_name; + + err = copy_entry(&src_entry, &dst_entry, reset_selinux, + old_uid, new_uid, old_gid, new_gid); + + free(dst_name); +skip: + free(src_name); + } + (void) closedir (dir); + (void) close (dst_fd); + + if (set_orig) { + src_orig = NULL; + dst_orig = NULL; + /* FIXME: clean links + * Since there can be hardlinks elsewhere on the device, + * we cannot check that all the hardlinks were found: + assert (NULL == links); + */ + } + +#ifdef WITH_SELINUX + /* Reset SELinux to create files with default contexts. + * Note that the context is only reset on exit of copy_tree (it is + * assumed that the program would quit without needing a restored + * context if copy_tree failed previously), and that copy_tree can + * be called recursively (hence the context is set on the + * sub-functions of copy_entry). + */ + if (reset_selinux_file_context () != 0) { + err = -1; + } +#endif /* WITH_SELINUX */ + + return err; +} + +/* + * copy_entry - copy the entry of a directory + * + * Copy the entry src to dst. + * Depending on the type of entry, this function will forward the + * request to copy_dir(), copy_symlink(), copy_hardlink(), + * copy_special(), or copy_file(). + * + * The access and modification time will not be modified. + * + * The permissions will be set to new_uid/new_gid. + * + * If new_uid (resp. new_gid) is equal to -1, the user (resp. group) will + * not be modified. + * + * Only the files owned (resp. group-owned) by old_uid (resp. + * old_gid) will be modified, unless old_uid (resp. old_gid) is set + * to -1. + */ +static int copy_entry (const struct path_info *src, const struct path_info *dst, + bool reset_selinux, + uid_t old_uid, uid_t new_uid, + gid_t old_gid, gid_t new_gid) +{ + int err = 0; + struct stat sb; + struct stat tmp_sb; + struct link_name *lp; + struct timespec mt[2]; + + if (fstatat(src->dirfd, src->name, &sb, AT_SYMLINK_NOFOLLOW) == -1) { + /* If we cannot stat the file, do not care. */ + return 0; + } + + mt[0].tv_sec = sb.st_atim.tv_sec; + mt[0].tv_nsec = sb.st_atim.tv_nsec; + + mt[1].tv_sec = sb.st_mtim.tv_sec; + mt[1].tv_nsec = sb.st_mtim.tv_nsec; + + if (S_ISDIR (sb.st_mode)) { + err = copy_dir (src, dst, reset_selinux, &sb, mt, + old_uid, new_uid, old_gid, new_gid); + } + + /* + * If the destination already exists do nothing. + * This is after the copy_dir above to still iterate into subdirectories. + */ + if (fstatat(dst->dirfd, dst->name, &tmp_sb, AT_SYMLINK_NOFOLLOW) != -1) { + return err; + } + + /* + * Copy any symbolic links + */ + + else if (S_ISLNK (sb.st_mode)) { + err = copy_symlink (src, dst, reset_selinux, &sb, mt, + old_uid, new_uid, old_gid, new_gid); + } + + /* + * See if this is a previously copied link + */ + + else if ((lp = check_link (src->full_path, &sb)) != NULL) { + err = copy_hardlink (dst, reset_selinux, lp); + } + + /* + * Deal with FIFOs and special files. The user really + * shouldn't have any of these, but it seems like it + * would be nice to copy everything ... + */ + + else if (!S_ISREG (sb.st_mode)) { + err = copy_special (src, dst, reset_selinux, &sb, mt, + old_uid, new_uid, old_gid, new_gid); + } + + /* + * Create the new file and copy the contents. The new + * file will be owned by the provided UID and GID values. + */ + + else { + err = copy_file (src, dst, reset_selinux, &sb, mt, + old_uid, new_uid, old_gid, new_gid); + } + + return err; +} + +/* + * copy_dir - copy a directory + * + * Copy a directory (recursively) from src to dst. + * + * statp, mt, old_uid, new_uid, old_gid, and new_gid are used to set + * the access and modification and the access rights. + * + * Return 0 on success, -1 on error. + */ +static int copy_dir (const struct path_info *src, const struct path_info *dst, + bool reset_selinux, + const struct stat *statp, const struct timespec mt[], + uid_t old_uid, uid_t new_uid, + gid_t old_gid, gid_t new_gid) +{ + int err = 0; + struct stat dst_sb; + + /* + * Create a new target directory, make it owned by + * the user and then recursively copy that directory. + */ + +#ifdef WITH_SELINUX + if (set_selinux_file_context (dst->full_path, S_IFDIR) != 0) { + return -1; + } +#endif /* WITH_SELINUX */ + /* + * If the destination is already a directory, don't change it + * but copy into it (recursively). + */ + if (fstatat(dst->dirfd, dst->name, &dst_sb, AT_SYMLINK_NOFOLLOW) == 0 && S_ISDIR(dst_sb.st_mode)) { + return (copy_tree_impl (src, dst, false, reset_selinux, + old_uid, new_uid, old_gid, new_gid) != 0); + } + + if ( (mkdirat (dst->dirfd, dst->name, 0700) != 0) + || (chownat_if_needed (dst, statp, + old_uid, new_uid, old_gid, new_gid) != 0) + || (fchmodat (dst->dirfd, dst->name, statp->st_mode & 07777, AT_SYMLINK_NOFOLLOW) != 0) +#ifdef WITH_ACL + || ( (perm_copy_path (src, dst, &ctx) != 0) + && (errno != 0)) +#endif /* WITH_ACL */ +#ifdef WITH_ATTR + /* + * If the third parameter is NULL, all extended attributes + * except those that define Access Control Lists are copied. + * ACLs are excluded by default because copying them between + * file systems with and without ACL support needs some + * additional logic so that no unexpected permissions result. + */ + || ( !reset_selinux + && (attr_copy_path (src, dst, NULL, &ctx) != 0) + && (errno != 0)) +#endif /* WITH_ATTR */ + || (copy_tree_impl (src, dst, false, reset_selinux, + old_uid, new_uid, old_gid, new_gid) != 0) + || (utimensat (dst->dirfd, dst->name, mt, AT_SYMLINK_NOFOLLOW) != 0)) { + err = -1; + } + + return err; +} + +/* + * readlink_malloc - wrapper for readlink + * + * return NULL on error. + * The return string shall be freed by the caller. + */ +static /*@null@*/char *readlink_malloc (const char *filename) +{ + size_t size = 1024; + + while (true) { + ssize_t nchars; + char *buffer = MALLOC(size, char); + if (NULL == buffer) { + return NULL; + } + + nchars = readlink (filename, buffer, size); + + if (nchars < 0) { + free(buffer); + return NULL; + } + + if ((size_t) nchars < size) { /* The buffer was large enough */ + /* readlink does not nul-terminate */ + buffer[nchars] = '\0'; + return buffer; + } + + /* Try again with a bigger buffer */ + free (buffer); + size *= 2; + } +} + +/* + * copy_symlink - copy a symlink + * + * Copy a symlink from src to dst. + * + * statp, mt, old_uid, new_uid, old_gid, and new_gid are used to set + * the access and modification and the access rights. + * + * Return 0 on success, -1 on error. + */ +static int copy_symlink (const struct path_info *src, const struct path_info *dst, + MAYBE_UNUSED bool reset_selinux, + const struct stat *statp, const struct timespec mt[], + uid_t old_uid, uid_t new_uid, + gid_t old_gid, gid_t new_gid) +{ + char *oldlink; + + /* copy_tree () must be the entry point */ + assert (NULL != src_orig); + assert (NULL != dst_orig); + + /* + * Get the name of the file which the link points + * to. If that name begins with the original + * source directory name, that part of the link + * name will be replaced with the original + * destination directory name. + */ + + oldlink = readlink_malloc (src->full_path); + if (NULL == oldlink) { + return -1; + } + + /* If src was a link to an entry of the src_orig directory itself, + * create a link to the corresponding entry in the dst_orig + * directory. + */ + if (strncmp(oldlink, src_orig, strlen(src_orig)) == 0) { + char *dummy; + + xasprintf(&dummy, "%s%s", dst_orig, oldlink + strlen(src_orig)); + free(oldlink); + oldlink = dummy; + } + +#ifdef WITH_SELINUX + if (set_selinux_file_context (dst->full_path, S_IFLNK) != 0) { + free (oldlink); + return -1; + } +#endif /* WITH_SELINUX */ + if ( (symlinkat (oldlink, dst->dirfd, dst->name) != 0) + || (chownat_if_needed (dst, statp, + old_uid, new_uid, old_gid, new_gid) != 0)) { + /* FIXME: there are no modes on symlinks, right? + * ACL could be copied, but this would be much more + * complex than calling perm_copy_file. + * Ditto for Extended Attributes. + * We currently only document that ACL and Extended + * Attributes are not copied. + */ + free (oldlink); + return -1; + } + free (oldlink); + + if (utimensat (dst->dirfd, dst->name, mt, AT_SYMLINK_NOFOLLOW) != 0) { + return -1; + } + + return 0; +} + +/* + * copy_hardlink - copy a hardlink + * + * Copy a hardlink from src to dst. + * + * Return 0 on success, -1 on error. + */ +static int copy_hardlink (const struct path_info *dst, + MAYBE_UNUSED bool reset_selinux, + struct link_name *lp) +{ + /* FIXME: selinux, ACL, Extended Attributes needed? */ + + if (linkat (AT_FDCWD, lp->ln_name, dst->dirfd, dst->name, 0) != 0) { + return -1; + } + + /* If the file could be unlinked, decrement the links counter, + * and forget about this link if it was the last reference */ + lp->ln_count--; + if (lp->ln_count <= 0) { + remove_link (lp); + } + + return 0; +} + + +/* + * copy_special - copy a special file + * + * Copy a special file from src to dst. + * + * statp, mt, old_uid, new_uid, old_gid, and new_gid are used to set + * the access and modification and the access rights. + * + * Return 0 on success, -1 on error. + */ +static int +copy_special(const struct path_info *src, const struct path_info *dst, + bool reset_selinux, + const struct stat *statp, const struct timespec mt[], + uid_t old_uid, uid_t new_uid, + gid_t old_gid, gid_t new_gid) +{ +#if defined(WITH_SELINUX) + if (set_selinux_file_context(dst->full_path, statp->st_mode & S_IFMT) != 0) + return -1; +#endif + + if (mknodat(dst->dirfd, dst->name, statp->st_mode & ~07777U, statp->st_rdev) == -1) + return -1; + + if (chownat_if_needed(dst, statp, old_uid, new_uid, old_gid, new_gid) == -1) + return -1; + + if (fchmodat(dst->dirfd, dst->name, statp->st_mode & 07777, AT_SYMLINK_NOFOLLOW) == -1) + return -1; + +#if defined(WITH_ACL) + if (perm_copy_path(src, dst, &ctx) == -1 && errno != 0) + return -1; +#endif + +#if defined(WITH_ATTR) + /* + * If the third parameter is NULL, all extended attributes + * except those that define Access Control Lists are copied. + * ACLs are excluded by default because copying them between + * file systems with and without ACL support needs some + * additional logic so that no unexpected permissions result. + */ + if (!reset_selinux) { + if (attr_copy_path(src, dst, NULL, &ctx) == -1 && errno != 0) + return -1; + } +#endif + + if (utimensat(dst->dirfd, dst->name, mt, AT_SYMLINK_NOFOLLOW) == -1) + return -1; + + return 0; +} + +/* + * copy_file - copy a file + * + * Copy a file from src to dst. + * + * statp, mt, old_uid, new_uid, old_gid, and new_gid are used to set + * the access and modification and the access rights. + * + * Return 0 on success, -1 on error. + */ +static int copy_file (const struct path_info *src, const struct path_info *dst, + bool reset_selinux, + const struct stat *statp, const struct timespec mt[], + uid_t old_uid, uid_t new_uid, + gid_t old_gid, gid_t new_gid) +{ + int err = 0; + int ifd; + int ofd; + + ifd = openat (src->dirfd, src->name, O_RDONLY|O_NOFOLLOW|O_CLOEXEC); + if (ifd < 0) { + return -1; + } +#ifdef WITH_SELINUX + if (set_selinux_file_context (dst->full_path, S_IFREG) != 0) { + (void) close (ifd); + return -1; + } +#endif /* WITH_SELINUX */ + ofd = openat (dst->dirfd, dst->name, O_WRONLY | O_CREAT | O_EXCL | O_TRUNC | O_NOFOLLOW | O_CLOEXEC, 0600); + if ( (ofd < 0) + || (fchown_if_needed (ofd, statp, + old_uid, new_uid, old_gid, new_gid) != 0) + || (fchmod (ofd, statp->st_mode & 07777) != 0) +#ifdef WITH_ACL + || ( (perm_copy_fd (src->full_path, ifd, dst->full_path, ofd, &ctx) != 0) + && (errno != 0)) +#endif /* WITH_ACL */ +#ifdef WITH_ATTR + /* + * If the third parameter is NULL, all extended attributes + * except those that define Access Control Lists are copied. + * ACLs are excluded by default because copying them between + * file systems with and without ACL support needs some + * additional logic so that no unexpected permissions result. + */ + || ( !reset_selinux + && (attr_copy_fd (src->full_path, ifd, dst->full_path, ofd, NULL, &ctx) != 0) + && (errno != 0)) +#endif /* WITH_ATTR */ + ) { + if (ofd >= 0) { + (void) close (ofd); + } + (void) close (ifd); + return -1; + } + + while (true) { + char buf[8192]; + ssize_t cnt; + + cnt = read (ifd, buf, sizeof buf); + if (cnt < 0) { + if (errno == EINTR) { + continue; + } + (void) close (ofd); + (void) close (ifd); + return -1; + } + if (cnt == 0) { + break; + } + + if (write_full(ofd, buf, cnt) == -1) { + (void) close (ofd); + (void) close (ifd); + return -1; + } + } + + (void) close (ifd); + if (close (ofd) != 0 && errno != EINTR) { + return -1; + } + + if (utimensat (dst->dirfd, dst->name, mt, AT_SYMLINK_NOFOLLOW) != 0) { + return -1; + } + + return err; +} + +#define def_chown_if_needed(chown_function, type_dst) \ +static int chown_function ## _if_needed (type_dst dst, \ + const struct stat *statp, \ + uid_t old_uid, uid_t new_uid, \ + gid_t old_gid, gid_t new_gid) \ +{ \ + uid_t tmpuid = (uid_t) -1; \ + gid_t tmpgid = (gid_t) -1; \ + \ + /* Use new_uid if old_uid is set to -1 or if the file was \ + * owned by the user. */ \ + if (((uid_t) -1 == old_uid) || (statp->st_uid == old_uid)) { \ + tmpuid = new_uid; \ + } \ + /* Otherwise, or if new_uid was set to -1, we keep the same \ + * owner. */ \ + if ((uid_t) -1 == tmpuid) { \ + tmpuid = statp->st_uid; \ + } \ + \ + if (((gid_t) -1 == old_gid) || (statp->st_gid == old_gid)) { \ + tmpgid = new_gid; \ + } \ + if ((gid_t) -1 == tmpgid) { \ + tmpgid = statp->st_gid; \ + } \ + \ + return chown_function (dst, tmpuid, tmpgid); \ +} + +def_chown_if_needed (fchown, int) + +static int chownat_if_needed (const struct path_info *dst, + const struct stat *statp, + uid_t old_uid, uid_t new_uid, + gid_t old_gid, gid_t new_gid) +{ + uid_t tmpuid = (uid_t) -1; + gid_t tmpgid = (gid_t) -1; + + /* Use new_uid if old_uid is set to -1 or if the file was + * owned by the user. */ + if (((uid_t) -1 == old_uid) || (statp->st_uid == old_uid)) { + tmpuid = new_uid; + } + /* Otherwise, or if new_uid was set to -1, we keep the same + * owner. */ + if ((uid_t) -1 == tmpuid) { + tmpuid = statp->st_uid; + } + + if (((gid_t) -1 == old_gid) || (statp->st_gid == old_gid)) { + tmpgid = new_gid; + } + if ((gid_t) -1 == tmpgid) { + tmpgid = statp->st_gid; + } + + return fchownat (dst->dirfd, dst->name, tmpuid, tmpgid, AT_SYMLINK_NOFOLLOW); +} + +/* + * copy_tree - copy files in a directory tree + * + * copy_tree() walks a directory tree and copies ordinary files + * as it goes. + * + * When reset_selinux is enabled, extended attributes (and thus + * SELinux attributes) are not copied. + * + * old_uid and new_uid are used to set the ownership of the copied + * files. Unless old_uid is set to -1, only the files owned by + * old_uid have their ownership changed to new_uid. In addition, if + * new_uid is set to -1, no ownership will be changed. + * + * The same logic applies for the group-ownership and + * old_gid/new_gid. + */ +int copy_tree (const char *src_root, const char *dst_root, + bool copy_root, bool reset_selinux, + uid_t old_uid, uid_t new_uid, + gid_t old_gid, gid_t new_gid) +{ + const struct path_info src = { + .full_path = src_root, + .dirfd = AT_FDCWD, + .name = src_root + }; + const struct path_info dst = { + .full_path = dst_root, + .dirfd = AT_FDCWD, + .name = dst_root + }; + + return copy_tree_impl(&src, &dst, copy_root, reset_selinux, + old_uid, new_uid, old_gid, new_gid); +} diff --git a/lib/csrand.c b/lib/csrand.c new file mode 100644 index 0000000..8ded343 --- /dev/null +++ b/lib/csrand.c @@ -0,0 +1,150 @@ +/* + * SPDX-FileCopyrightText: Alejandro Colomar <alx@kernel.org> + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <limits.h> +#include <stdint.h> +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> +#if HAVE_SYS_RANDOM_H +#include <sys/random.h> +#endif +#include "bit.h" +#include "defines.h" +#include "prototypes.h" +#include "shadowlog.h" +#include "sizeof.h" + + +static uint32_t csrand32(void); +static uint32_t csrand_uniform32(uint32_t n); +static unsigned long csrand_uniform_slow(unsigned long n); + + +/* + * Return a uniformly-distributed CS random u_long value. + */ +unsigned long +csrand(void) +{ + FILE *fp; + unsigned long r; + +#ifdef HAVE_GETENTROPY + /* getentropy may exist but lack kernel support. */ + if (getentropy(&r, sizeof(r)) == 0) + return r; +#endif + +#ifdef HAVE_GETRANDOM + /* Likewise getrandom. */ + if (getrandom(&r, sizeof(r), 0) == sizeof(r)) + return r; +#endif + +#ifdef HAVE_ARC4RANDOM_BUF + /* arc4random_buf can never fail. */ + arc4random_buf(&r, sizeof(r)); + return r; +#endif + + /* Use /dev/urandom as a last resort. */ + fp = fopen("/dev/urandom", "r"); + if (NULL == fp) { + goto fail; + } + + if (fread(&r, sizeof(r), 1, fp) != 1) { + fclose(fp); + goto fail; + } + + fclose(fp); + return r; + +fail: + fprintf(log_get_logfd(), _("Unable to obtain random bytes.\n")); + exit(1); +} + + +/* + * Return a uniformly-distributed CS random value in the interval [0, n-1]. + */ +unsigned long +csrand_uniform(unsigned long n) +{ + if (n == 0 || n > UINT32_MAX) + return csrand_uniform_slow(n); + + return csrand_uniform32(n); +} + + +/* + * Return a uniformly-distributed CS random value in the interval [min, max]. + */ +unsigned long +csrand_interval(unsigned long min, unsigned long max) +{ + return csrand_uniform(max - min + 1) + min; +} + + +static uint32_t +csrand32(void) +{ + return csrand(); +} + + +/* + * Fast Random Integer Generation in an Interval + * ACM Transactions on Modeling and Computer Simulation 29 (1), 2019 + * <https://arxiv.org/abs/1805.10941> + */ +static uint32_t +csrand_uniform32(uint32_t n) +{ + uint32_t bound, rem; + uint64_t r, mult; + + if (n == 0) + return csrand32(); + + bound = -n % n; // analogous to `2^32 % n`, since `x % y == (x-y) % y` + + do { + r = csrand32(); + mult = r * n; + rem = mult; // analogous to `mult % 2^32` + } while (rem < bound); // p = (2^32 % n) / 2^32; W.C.: n=2^31+1, p=0.5 + + r = mult >> WIDTHOF(n); // analogous to `mult / 2^32` + + return r; +} + + +static unsigned long +csrand_uniform_slow(unsigned long n) +{ + unsigned long r, max, mask; + + max = n - 1; + mask = bit_ceil_wrapul(n) - 1; + + do { + r = csrand(); + r &= mask; // optimization + } while (r > max); // p = ((mask+1) % n) / (mask+1); W.C.: p=0.5 + + return r; +} diff --git a/lib/defines.h b/lib/defines.h index d01f691..8c55ddd 100644 --- a/lib/defines.h +++ b/lib/defines.h @@ -6,41 +6,8 @@ #include "config.h" -#if HAVE_STDBOOL_H -# include <stdbool.h> -#else -# if ! HAVE__BOOL -# ifdef __cplusplus -typedef bool _Bool; -# else -typedef unsigned char _Bool; -# endif -# endif -# define bool _Bool -# define false (0) -# define true (1) -# define __bool_true_false_are_defined 1 -#endif - -/* Take care of NLS matters. */ -#ifdef S_SPLINT_S -extern char *setlocale(int categories, const char *locale); -# define LC_ALL (6) -extern char * bindtextdomain (const char * domainname, const char * dirname); -extern char * textdomain (const char * domainname); -# define _(Text) Text -# define ngettext(Msgid1, Msgid2, N) \ - ((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2)) -#else -#ifdef HAVE_LOCALE_H -# include <locale.h> -#else -# undef setlocale -# define setlocale(category, locale) (NULL) -# ifndef LC_ALL -# define LC_ALL 6 -# endif -#endif +#include <stdbool.h> +#include <locale.h> #define gettext_noop(String) (String) /* #define gettext_def(String) "#define String" */ @@ -57,22 +24,18 @@ extern char * textdomain (const char * domainname); # define ngettext(Msgid1, Msgid2, N) \ ((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2)) #endif -#endif +#include <stdio.h> #include <stdlib.h> #include <string.h> -#if HAVE_ERRNO_H -# include <errno.h> -#endif +#include <errno.h> #include <sys/stat.h> #include <sys/types.h> #include <sys/wait.h> -#if HAVE_UNISTD_H -# include <unistd.h> -#endif +#include <unistd.h> /* * crypt(3), crypt_gensalt(3), and their @@ -85,22 +48,6 @@ extern char * textdomain (const char * domainname); #include <sys/time.h> #include <time.h> -#ifdef HAVE_MEMSET_S -# define memzero(ptr, size) memset_s((ptr), 0, (size)) -#elif defined HAVE_EXPLICIT_BZERO /* !HAVE_MEMSET_S */ -# define memzero(ptr, size) explicit_bzero((ptr), (size)) -#else /* !HAVE_MEMSET_S && HAVE_EXPLICIT_BZERO */ -static inline void memzero(void *ptr, size_t size) -{ - volatile unsigned char * volatile p = ptr; - while (size--) { - *p++ = '\0'; - } -} -#endif /* !HAVE_MEMSET_S && !HAVE_EXPLICIT_BZERO */ - -#define strzero(s) memzero(s, strlen(s)) /* warning: evaluates twice */ - #include <dirent.h> /* @@ -123,7 +70,6 @@ static inline void memzero(void *ptr, size_t size) #endif #endif -#ifdef USE_SYSLOG #include <syslog.h> #ifndef LOG_WARN @@ -170,14 +116,6 @@ static inline void memzero(void *ptr, size_t size) #define SYSLOG(x) syslog x #endif /* !ENABLE_NLS */ -#else /* !USE_SYSLOG */ - -#define SYSLOG(x) /* empty */ -#define openlog(a,b,c) /* empty */ -#define closelog() /* empty */ - -#endif /* !USE_SYSLOG */ - /* The default syslog settings can now be changed here, in just one place. */ @@ -192,63 +130,25 @@ static inline void memzero(void *ptr, size_t size) #define OPENLOG(progname) openlog(progname, SYSLOG_OPTIONS, SYSLOG_FACILITY) -#ifndef F_OK -# define F_OK 0 -# define X_OK 1 -# define W_OK 2 -# define R_OK 4 -#endif - -#ifndef SEEK_SET -# define SEEK_SET 0 -# define SEEK_CUR 1 -# define SEEK_END 2 -#endif - -#if HAVE_TERMIOS_H -# include <termios.h> -# define STTY(fd, termio) tcsetattr(fd, TCSANOW, termio) -# define GTTY(fd, termio) tcgetattr(fd, termio) -# define TERMIO struct termios -# define USE_TERMIOS -#else /* assumed HAVE_TERMIO_H */ -# include <sys/ioctl.h> -# include <termio.h> -# define STTY(fd, termio) ioctl(fd, TCSETA, termio) -# define GTTY(fd, termio) ioctl(fd, TCGETA, termio) -# define TEMRIO struct termio -# define USE_TERMIO -#endif +#include <termios.h> +#define STTY(fd, termio) tcsetattr(fd, TCSANOW, termio) +#define GTTY(fd, termio) tcgetattr(fd, termio) +#define TERMIO struct termios /* * Password aging constants * * DAY - seconds / day * WEEK - seconds / week - * SCALE - seconds / aging unit */ /* Solaris defines this in shadow.h */ #ifndef DAY -#define DAY (24L*3600L) +#define DAY ((time_t) 24 * 3600) #endif #define WEEK (7*DAY) -#ifdef ITI_AGING -#define SCALE 1 -#else -#define SCALE DAY -#endif - -/* Copy string pointed by B to array A with size checking. It was originally - in lmain.c but is _very_ useful elsewhere. Some setuid root programs with - very sloppy coding used to assume that BUFSIZ will always be enough... */ - - /* danger - side effects */ -#define STRFCPY(A,B) \ - (strncpy((A), (B), sizeof(A) - 1), (A)[sizeof(A) - 1] = '\0') - #ifndef PASSWD_FILE #define PASSWD_FILE "/etc/passwd" #endif @@ -261,22 +161,18 @@ static inline void memzero(void *ptr, size_t size) #define SHADOW_FILE "/etc/shadow" #endif -#ifdef SHADOWGRP -#ifndef SGROUP_FILE -#define SGROUP_FILE "/etc/gshadow" -#endif +#ifndef SUBUID_FILE +#define SUBUID_FILE "/etc/subuid" #endif -#ifndef NULL -#define NULL ((void *) 0) +#ifndef SUBGID_FILE +#define SUBGID_FILE "/etc/subgid" #endif -#ifdef sun /* hacks for compiling on SunOS */ -# ifndef SOLARIS -extern int fputs (); -extern char *strdup (); -extern char *strerror (); -# endif +#ifdef SHADOWGRP +#ifndef SGROUP_FILE +#define SGROUP_FILE "/etc/gshadow" +#endif #endif /* @@ -288,45 +184,16 @@ extern char *strerror (); #define SHADOW_PASSWD_STRING "x" #endif -#define SHADOW_SP_FLAG_UNSET ((unsigned long int)-1) +#define SHADOW_SP_FLAG_UNSET ((unsigned long)-1) #ifdef WITH_AUDIT -#ifdef __u8 /* in case we use pam < 0.80 */ +/* in case we use pam < 0.80 */ #undef __u8 -#endif -#ifdef __u32 #undef __u32 -#endif #include <libaudit.h> #endif -/* To be used for verified unused parameters */ -#if defined(__GNUC__) && !defined(__STRICT_ANSI__) -# define unused __attribute__((unused)) -# define format_attr(type, index, check) __attribute__((format (type, index, check))) -#else -# define unused -# define format_attr(type, index, check) -#endif - -/* Maximum length of usernames */ -#ifdef HAVE_UTMPX_H -# include <utmpx.h> -# define USER_NAME_MAX_LENGTH (sizeof (((struct utmpx *)NULL)->ut_user)) -#else -# include <utmp.h> -# ifdef HAVE_STRUCT_UTMP_UT_USER -# define USER_NAME_MAX_LENGTH (sizeof (((struct utmp *)NULL)->ut_user)) -# else -# ifdef HAVE_STRUCT_UTMP_UT_NAME -# define USER_NAME_MAX_LENGTH (sizeof (((struct utmp *)NULL)->ut_name)) -# else -# define USER_NAME_MAX_LENGTH 32 -# endif -# endif -#endif - /* Maximum length of passwd entry */ #define PASSWD_ENTRY_MAX_LENGTH 32768 @@ -336,4 +203,14 @@ extern char *strerror (); # define shadow_getenv(name) getenv(name) #endif +/* + * Maximum password length + * + * Consider that there is also limit in PAM (PAM_MAX_RESP_SIZE) + * currently set to 512. + */ +#if !defined(PASS_MAX) +#define PASS_MAX BUFSIZ - 1 +#endif + #endif /* _DEFINES_H_ */ diff --git a/lib/env.c b/lib/env.c new file mode 100644 index 0000000..9b5fd32 --- /dev/null +++ b/lib/env.c @@ -0,0 +1,236 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1992, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1999, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2008 - 2009, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <assert.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include "alloc.h" +#include "prototypes.h" +#include "defines.h" +#include "shadowlog.h" +#include "string/sprintf.h" + + +/* + * NEWENVP_STEP must be a power of two. This is the number + * of (char *) pointers to allocate at a time, to avoid using + * realloc() too often. + */ +#define NEWENVP_STEP 16 +size_t newenvc = 0; +/*@null@*/char **newenvp = NULL; + +static const char *const forbid[] = { + "_RLD_=", + "BASH_ENV=", /* GNU creeping featurism strikes again... */ + "ENV=", + "HOME=", + "IFS=", + "KRB_CONF=", + "LD_", /* anything with the LD_ prefix */ + "LIBPATH=", + "MAIL=", + "NLSPATH=", + "PATH=", + "SHELL=", + "SHLIB_PATH=", + NULL +}; + +/* these are allowed, but with no slashes inside + (to work around security problems in GNU gettext) */ +static const char *const noslash[] = { + "LANG=", + "LANGUAGE=", + "LC_", /* anything with the LC_ prefix */ + NULL +}; + +/* + * initenv() must be called once before using addenv(). + */ +void initenv (void) +{ + newenvp = XMALLOC(NEWENVP_STEP, char *); + *newenvp = NULL; +} + + +void addenv (const char *string, /*@null@*/const char *value) +{ + char *cp, *newstring; + size_t i, n; + + if (NULL != value) { + xasprintf(&newstring, "%s=%s", string, value); + } else { + newstring = xstrdup (string); + } + + /* + * Search for a '=' character within the string and if none is found + * just ignore the whole string. + */ + + cp = strchr (newstring, '='); + if (NULL == cp) { + free(newstring); + return; + } + + n = (size_t) (cp - newstring); + + /* + * If this environment variable is already set, change its value. + */ + for (i = 0; i < newenvc; i++) { + if ( (strncmp (newstring, newenvp[i], n) == 0) + && (('=' == newenvp[i][n]) || ('\0' == newenvp[i][n]))) { + break; + } + } + + if (i < newenvc) { + free(newenvp[i]); + newenvp[i] = newstring; + return; + } + + /* + * Otherwise, save the new environment variable + */ + newenvp[newenvc++] = newstring; + + /* + * And extend the environment if needed. + */ + + /* + * Check whether newenvc is a multiple of NEWENVP_STEP. + * If so we have to resize the vector. + * the expression (newenvc & (NEWENVP_STEP - 1)) == 0 + * is equal to (newenvc % NEWENVP_STEP) == 0 + * as long as NEWENVP_STEP is a power of 2. + */ + + if ((newenvc & (NEWENVP_STEP - 1)) == 0) { + bool update_environ; + + update_environ = (environ == newenvp); + + newenvp = XREALLOC(newenvp, newenvc + NEWENVP_STEP, char *); + + /* + * If this is our current environment, update + * environ so that it doesn't point to some + * free memory area (realloc() could move it). + */ + if (update_environ) + environ = newenvp; + } + + /* + * The last entry of newenvp must be NULL + */ + + newenvp[newenvc] = NULL; +} + + +/* + * set_env - copy command line arguments into the environment + */ +void set_env (int argc, char *const *argv) +{ + int noname = 1; + char variable[1024]; + char *cp; + + for (; argc > 0; argc--, argv++) { + if (strlen (*argv) >= sizeof variable) { + continue; /* ignore long entries */ + } + + cp = strchr (*argv, '='); + if (NULL == cp) { + assert(SNPRINTF(variable, "L%d", noname) != -1); + noname++; + addenv (variable, *argv); + } else { + const char *const *p; + + for (p = forbid; NULL != *p; p++) { + if (strncmp (*argv, *p, strlen (*p)) == 0) { + break; + } + } + + if (NULL != *p) { + stpcpy(mempcpy(variable, *argv, (size_t)(cp - *argv)), ""); + printf (_("You may not change $%s\n"), + variable); + continue; + } + + addenv (*argv, NULL); + } + } +} + +/* + * sanitize_env - remove some nasty environment variables + * If you fall into a total paranoia, you should call this + * function for any root-setuid program or anything the user + * might change the environment with. 99% useless as almost + * all modern Unixes will handle setuid executables properly, + * but... I feel better with that silly precaution. -j. + */ + +void sanitize_env (void) +{ + char **envp = environ; + const char *const *bad; + char **cur; + char **move; + + for (cur = envp; NULL != *cur; cur++) { + for (bad = forbid; NULL != *bad; bad++) { + if (strncmp (*cur, *bad, strlen (*bad)) == 0) { + for (move = cur; NULL != *move; move++) { + *move = *(move + 1); + } + cur--; + break; + } + } + } + + for (cur = envp; NULL != *cur; cur++) { + for (bad = noslash; NULL != *bad; bad++) { + if (strncmp (*cur, *bad, strlen (*bad)) != 0) { + continue; + } + if (strchr (*cur, '/') == NULL) { + continue; /* OK */ + } + for (move = cur; NULL != *move; move++) { + *move = *(move + 1); + } + cur--; + break; + } + } +} + diff --git a/lib/failure.c b/lib/failure.c new file mode 100644 index 0000000..e42e710 --- /dev/null +++ b/lib/failure.c @@ -0,0 +1,267 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2002 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2008 - 2010, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <fcntl.h> +#include <stdio.h> +#include <unistd.h> + +#include "defines.h" +#include "faillog.h" +#include "failure.h" +#include "memzero.h" +#include "prototypes.h" +#include "string/strftime.h" +#include "string/strtcpy.h" + + +#define YEAR (365L*DAY) +/* + * failure - make failure entry + * + * failure() creates a new (struct faillog) entry or updates an + * existing one with the current failed login information. + */ +void failure (uid_t uid, const char *tty, struct faillog *fl) +{ + int fd; + off_t offset_uid = (off_t) (sizeof *fl) * uid; + + /* + * Don't do anything if failure logging isn't set up. + */ + + if (access (FAILLOG_FILE, F_OK) != 0) { + return; + } + + fd = open (FAILLOG_FILE, O_RDWR); + if (fd < 0) { + SYSLOG ((LOG_WARN, + "Can't write faillog entry for UID %lu in %s: %m", + (unsigned long) uid, FAILLOG_FILE)); + return; + } + + /* + * The file is indexed by UID value meaning that shared UID's + * share failure log records. That's OK since they really + * share just about everything else ... + */ + + if ( (lseek (fd, offset_uid, SEEK_SET) != offset_uid) + || (read (fd, fl, sizeof *fl) != (ssize_t) sizeof *fl)) { + /* This is not necessarily a failure. The file is + * initially zero length. + * + * If lseek() or read() failed for any other reason, this + * might reset the counter. But the new failure will be + * logged. + */ + memzero (fl, sizeof *fl); + } + + /* + * Update the record. We increment the failure count to log the + * latest failure. The only concern here is overflow, and we'll + * check for that. The line name and time of day are both + * updated as well. + */ + + if (fl->fail_cnt + 1 > 0) { + fl->fail_cnt++; + } + + STRTCPY(fl->fail_line, tty); + (void) time (&fl->fail_time); + + /* + * Seek back to the correct position in the file and write the + * record out. Ideally we should lock the file in case the same + * account is being logged simultaneously. But the risk doesn't + * seem that great. + */ + + if ( (lseek (fd, offset_uid, SEEK_SET) != offset_uid) + || (write_full(fd, fl, sizeof *fl) == -1)) { + goto err_write; + } + + if (close (fd) != 0 && errno != EINTR) { + goto err_close; + } + + return; + +err_write: + { + int saved_errno = errno; + (void) close (fd); + errno = saved_errno; + } +err_close: + SYSLOG ((LOG_WARN, + "Can't write faillog entry for UID %lu to %s: %m", + (unsigned long) uid, FAILLOG_FILE)); +} + +static bool too_many_failures (const struct faillog *fl) +{ + time_t now; + + if ((0 == fl->fail_max) || (fl->fail_cnt < fl->fail_max)) { + return false; + } + + if (0 == fl->fail_locktime) { + return true; /* locked until reset manually */ + } + + (void) time (&now); + if ((fl->fail_time + fl->fail_locktime) < now) { + return false; /* enough time since last failure */ + } + + return true; +} + +/* + * failcheck - check for failures > allowable + * + * failcheck() is called AFTER the password has been validated. If the + * account has been "attacked" with too many login failures, failcheck() + * returns 0 to indicate that the login should be denied even though + * the password is valid. + * + * failed indicates if the login failed AFTER the password has been + * validated. + */ + +int failcheck (uid_t uid, struct faillog *fl, bool failed) +{ + int fd; + struct faillog fail; + off_t offset_uid = (off_t) (sizeof *fl) * uid; + + /* + * Suppress the check if the log file isn't there. + */ + + if (access (FAILLOG_FILE, F_OK) != 0) { + return 1; + } + + fd = open (FAILLOG_FILE, failed?O_RDONLY:O_RDWR); + if (fd < 0) { + SYSLOG ((LOG_WARN, + "Can't open the faillog file (%s) to check UID %lu: %m; " + "User access authorized.", + FAILLOG_FILE, (unsigned long) uid)); + return 1; + } + + /* + * Get the record from the file and determine if the user has + * exceeded the failure limit. If "max" is zero, any number + * of failures are permitted. Only when "max" is non-zero and + * "cnt" is greater than or equal to "max" is the account + * considered to be locked. + * + * If read fails, there is no record for this user yet (the + * file is initially zero length and extended by writes), so + * no need to reset the count. + */ + + if ( (lseek (fd, offset_uid, SEEK_SET) != offset_uid) + || (read (fd, fl, sizeof *fl) != (ssize_t) sizeof *fl)) { + (void) close (fd); + return 1; + } + + if (too_many_failures (fl)) { + (void) close (fd); + return 0; + } + + /* + * The record is updated if this is not a failure. The count will + * be reset to zero, but the rest of the information will be left + * in the record in case someone wants to see where the failed + * login originated. + */ + + if (!failed) { + fail = *fl; + fail.fail_cnt = 0; + + if ( (lseek (fd, offset_uid, SEEK_SET) != offset_uid) + || (write_full(fd, &fail, sizeof fail) == -1)) { + goto err_write; + } + + if (close (fd) != 0 && errno != EINTR) { + goto err_close; + } + } else { + (void) close (fd); + } + + return 1; + +err_write: + { + int saved_errno = errno; + (void) close (fd); + errno = saved_errno; + } +err_close: + SYSLOG ((LOG_WARN, + "Can't reset faillog entry for UID %lu in %s: %m", + (unsigned long) uid, FAILLOG_FILE)); + return 1; +} + +/* + * failprint - print line of failure information + * + * failprint takes a (struct faillog) entry and formats it into a + * message which is displayed at login time. + */ + +void failprint (const struct faillog *fail) +{ + struct tm *tp; + char lasttimeb[256]; + char *lasttime = lasttimeb; + time_t NOW; + + if (0 == fail->fail_cnt) { + return; + } + + tp = localtime (&(fail->fail_time)); + (void) time (&NOW); + + /* + * Print all information we have. + */ + STRFTIME(lasttimeb, "%c", tp); + + /*@-formatconst@*/ + (void) printf (ngettext ("%d failure since last login.\n" + "Last was %s on %s.\n", + "%d failures since last login.\n" + "Last was %s on %s.\n", + (unsigned long) fail->fail_cnt), + fail->fail_cnt, lasttime, fail->fail_line); + /*@=formatconst@*/ +} diff --git a/lib/failure.h b/lib/failure.h new file mode 100644 index 0000000..1352b68 --- /dev/null +++ b/lib/failure.h @@ -0,0 +1,44 @@ +/* + * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1997 - 2000, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko + * SPDX-FileCopyrightText: 2008 - 2009, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/* $Id$ */ +#ifndef _FAILURE_H_ +#define _FAILURE_H_ + +#include "defines.h" +#include "faillog.h" + +/* + * failure - make failure entry + * + * failure() creates a new (struct faillog) entry or updates an + * existing one with the current failed login information. + */ +extern void failure (uid_t, const char *, struct faillog *); + +/* + * failcheck - check for failures > allowable + * + * failcheck() is called AFTER the password has been validated. If the + * account has been "attacked" with too many login failures, failcheck() + * returns FALSE to indicate that the login should be denied even though + * the password is valid. + */ +extern int failcheck (uid_t uid, struct faillog *fl, bool failed); + +/* + * failprint - print line of failure information + * + * failprint takes a (struct faillog) entry and formats it into a + * message which is displayed at login time. + */ +extern void failprint (const struct faillog *); + +#endif + diff --git a/lib/fd.c b/lib/fd.c new file mode 100644 index 0000000..bcfa374 --- /dev/null +++ b/lib/fd.c @@ -0,0 +1,41 @@ +// SPDX-FileCopyrightText: 2024, Skyler Ferrante <sjf5462@rit.edu> +// SPDX-License-Identifier: BSD-3-Clause + +/** + * To protect against file descriptor omission attacks, we open the std file + * descriptors with /dev/null if they are not already open. Code is based on + * fix_fds from sudo.c. + */ + +#include <fcntl.h> +#include <stdlib.h> +#include <unistd.h> + +#include "prototypes.h" + +static void check_fd(int fd); + +void +check_fds(void) +{ + /** + * Make sure stdin, stdout, stderr are open + * If they are closed, set them to /dev/null + */ + check_fd(STDIN_FILENO); + check_fd(STDOUT_FILENO); + check_fd(STDERR_FILENO); +} + +static void +check_fd(int fd) +{ + int devnull; + + if (fcntl(fd, F_GETFL, 0) != -1) + return; + + devnull = open("/dev/null", O_RDWR); + if (devnull != fd) + abort(); +} diff --git a/lib/fields.c b/lib/fields.c index 8a56035..5392924 100644 --- a/lib/fields.c +++ b/lib/fields.c @@ -21,9 +21,9 @@ * * The supplied field is scanned for non-printable and other illegal * characters. - * + -1 is returned if an illegal character is present. - * + 1 is returned if no illegal characters are present, but the field - * contains a non-printable character. + * + -1 is returned if an illegal or control character is present. + * + 1 is returned if no illegal or control characters are present, + * but the field contains a non-printable character. * + 0 is returned otherwise. */ int valid_field (const char *field, const char *illegal) @@ -37,23 +37,22 @@ int valid_field (const char *field, const char *illegal) /* For each character of field, search if it appears in the list * of illegal characters. */ + if (illegal && NULL != strpbrk (field, illegal)) { + return -1; + } + + /* Search if there are non-printable or control characters */ for (cp = field; '\0' != *cp; cp++) { - if (strchr (illegal, *cp) != NULL) { + unsigned char c = *cp; + if (!isprint (c)) { + err = 1; + } + if (iscntrl (c)) { err = -1; break; } } - if (0 == err) { - /* Search if there are some non-printable characters */ - for (cp = field; '\0' != *cp; cp++) { - if (!isprint (*cp)) { - err = 1; - break; - } - } - } - return err; } @@ -74,7 +73,7 @@ void change_field (char *buf, size_t maxsize, const char *prompt) printf ("\t%s [%s]: ", prompt, buf); (void) fflush (stdout); - if (fgets (newf, (int) maxsize, stdin) != newf) { + if (fgets (newf, maxsize, stdin) != newf) { return; } @@ -91,17 +90,16 @@ void change_field (char *buf, size_t maxsize, const char *prompt) * entering a space. --marekm */ - while (--cp >= newf && isspace (*cp)); - cp++; + while (newf < cp && isspace (cp[-1])) { + cp--; + } *cp = '\0'; cp = newf; - while (('\0' != *cp) && isspace (*cp)) { + while (isspace (*cp)) { cp++; } - strncpy (buf, cp, maxsize - 1); - buf[maxsize - 1] = '\0'; + strcpy (buf, cp); } } - diff --git a/lib/find_new_gid.c b/lib/find_new_gid.c new file mode 100644 index 0000000..cfd5609 --- /dev/null +++ b/lib/find_new_gid.c @@ -0,0 +1,500 @@ +/* + * SPDX-FileCopyrightText: 1991 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 2008 - 2011, Nicolas François + * SPDX-FileCopyrightText: 2014, Red Hat, Inc. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#include <assert.h> +#include <stdio.h> +#include <errno.h> + +#include "alloc.h" +#include "prototypes.h" +#include "groupio.h" +#include "getdef.h" +#include "shadowlog.h" + +/* + * get_ranges - Get the minimum and maximum ID ranges for the search + * + * This function will return the minimum and maximum ranges for IDs + * + * 0: The function completed successfully + * EINVAL: The provided ranges are impossible (such as maximum < minimum) + * + * preferred_min: The special-case minimum value for a specifically- + * requested ID, which may be lower than the standard min_id + */ +static int get_ranges (bool sys_group, gid_t *min_id, gid_t *max_id, + gid_t *preferred_min) +{ + gid_t gid_def_max = 0; + + if (sys_group) { + /* System groups */ + + /* A requested ID is allowed to be below the autoselect range */ + *preferred_min = (gid_t) 1; + + /* Get the minimum ID range from login.defs or default to 101 */ + *min_id = getdef_ulong ("SYS_GID_MIN", 101UL); + + /* + * If SYS_GID_MAX is unspecified, we should assume it to be one + * less than the GID_MIN (which is reserved for non-system accounts) + */ + gid_def_max = getdef_ulong ("GID_MIN", 1000UL) - 1; + *max_id = getdef_ulong ("SYS_GID_MAX", gid_def_max); + + /* Check that the ranges make sense */ + if (*max_id < *min_id) { + (void) fprintf (log_get_logfd(), + _("%s: Invalid configuration: SYS_GID_MIN (%lu), " + "GID_MIN (%lu), SYS_GID_MAX (%lu)\n"), + log_get_progname(), (unsigned long) *min_id, + getdef_ulong ("GID_MIN", 1000UL), + (unsigned long) *max_id); + return EINVAL; + } + /* + * Zero is reserved for root and the allocation algorithm does not + * work right with it. + */ + if (*min_id == 0) { + *min_id = (gid_t) 1; + } + } else { + /* Non-system groups */ + + /* Get the values from login.defs or use reasonable defaults */ + *min_id = getdef_ulong ("GID_MIN", 1000UL); + *max_id = getdef_ulong ("GID_MAX", 60000UL); + + /* + * The preferred minimum should match the standard ID minimum + * for non-system groups. + */ + *preferred_min = *min_id; + + /* Check that the ranges make sense */ + if (*max_id < *min_id) { + (void) fprintf (log_get_logfd(), + _("%s: Invalid configuration: GID_MIN (%lu), " + "GID_MAX (%lu)\n"), + log_get_progname(), (unsigned long) *min_id, + (unsigned long) *max_id); + return EINVAL; + } + } + + return 0; +} + +/* + * check_gid - See if the requested GID is available + * + * On success, return 0 + * If the ID is in use, return EEXIST + * If the ID might clash with -1, return EINVAL + * If the ID is outside the range, return ERANGE + * In other cases, return errno from getgrgid() + */ +static int check_gid (const gid_t gid, + const gid_t gid_min, + const gid_t gid_max, + const bool *used_gids) +{ + /* First test that the preferred ID is in the range */ + if (gid < gid_min || gid > gid_max) { + return ERANGE; + } + + /* Check for compatibility with 16b and 32b gid_t error codes */ + if (gid == UINT16_MAX || gid == UINT32_MAX) { + return EINVAL; + } + + /* + * Check whether we already detected this GID + * using the gr_next() loop + */ + if (used_gids != NULL && used_gids[gid]) { + return EEXIST; + } + /* Check if the GID exists according to NSS */ + errno = 0; + if (prefix_getgrgid (gid) != NULL) { + return EEXIST; + } else { + /* getgrgid() was NULL + * we have to ignore errors as temporary + * failures of remote user identity services + * would completely block user/group creation + */ + } + + /* If we've made it here, the GID must be available */ + return 0; +} + +/* + * find_new_gid - Find a new unused GID. + * + * If successful, find_new_gid provides an unused group ID in the + * [GID_MIN:GID_MAX] range. + * This ID should be higher than all the used GID, but if not possible, + * the lowest unused ID in the range will be returned. + * + * Return 0 on success, -1 if no unused GIDs are available. + */ +int find_new_gid (bool sys_group, + gid_t *gid, + /*@null@*/gid_t const *preferred_gid) +{ + bool *used_gids; + const struct group *grp; + gid_t gid_min, gid_max, preferred_min; + gid_t id; + gid_t lowest_found, highest_found; + int result; + int nospam = 0; + + assert(gid != NULL); + + /* + * First, figure out what ID range is appropriate for + * automatic assignment + */ + result = get_ranges (sys_group, &gid_min, &gid_max, &preferred_min); + if (result == EINVAL) { + return -1; + } + + /* Check if the preferred GID is available */ + if (preferred_gid) { + result = check_gid (*preferred_gid, preferred_min, gid_max, NULL); + if (result == 0) { + /* + * Make sure the GID isn't queued for use already + */ + if (gr_locate_gid (*preferred_gid) == NULL) { + *gid = *preferred_gid; + return 0; + } + /* + * gr_locate_gid() found the GID in an as-yet uncommitted + * entry. We'll proceed below and auto-set a GID. + */ + } else if (result == EEXIST || result == ERANGE || result == EINVAL) { + /* + * Continue on below. At this time, we won't + * treat these three cases differently. + */ + } else { + /* + * An unexpected error occurred. We should report + * this and fail the group creation. + * This differs from the automatic creation + * behavior below, since if a specific GID was + * requested and generated an error, the user is + * more likely to want to stop and address the + * issue. + */ + fprintf (log_get_logfd(), + _("%s: Encountered error attempting to use " + "preferred GID: %s\n"), + log_get_progname(), strerror (result)); + return -1; + } + } + + /* + * Search the entire group file, + * looking for the next unused value. + * + * We first check the local database with gr_rewind/gr_next to find + * all local values that are in use. + * + * We then compare the next free value to all databases (local and + * remote) and iterate until we find a free one. If there are free + * values beyond the lowest (system groups) or highest (non-system + * groups), we will prefer those and avoid potentially reclaiming a + * deleted group (which can be a security issue, since it may grant + * access to files belonging to that former group). + * + * If there are no GIDs available at the end of the search, we will + * have no choice but to iterate through the range looking for gaps. + * + */ + + /* Create an array to hold all of the discovered GIDs */ + used_gids = CALLOC (gid_max + 1, bool); + if (NULL == used_gids) { + fprintf (log_get_logfd(), + _("%s: failed to allocate memory: %s\n"), + log_get_progname(), strerror (errno)); + return -1; + } + + /* First look for the lowest and highest value in the local database */ + (void) gr_rewind (); + highest_found = gid_min; + lowest_found = gid_max; + while ((grp = gr_next ()) != NULL) { + /* + * Does this entry have a lower GID than the lowest we've found + * so far? + */ + if ((grp->gr_gid <= lowest_found) && (grp->gr_gid >= gid_min)) { + lowest_found = grp->gr_gid - 1; + } + + /* + * Does this entry have a higher GID than the highest we've found + * so far? + */ + if ((grp->gr_gid >= highest_found) && (grp->gr_gid <= gid_max)) { + highest_found = grp->gr_gid + 1; + } + + /* create index of used GIDs */ + if (grp->gr_gid >= gid_min + && grp->gr_gid <= gid_max) { + + used_gids[grp->gr_gid] = true; + } + } + + if (sys_group) { + /* + * For system groups, we want to start from the + * top of the range and work downwards. + */ + + /* + * At the conclusion of the gr_next() search, we will either + * have a presumed-free GID or we will be at GID_MIN - 1. + */ + if (lowest_found < gid_min) { + /* + * In this case, a GID is in use at GID_MIN. + * + * We will reset the search to GID_MAX and proceed down + * through all the GIDs (skipping those we detected with + * used_gids) for a free one. It is a known issue that + * this may result in reusing a previously-deleted GID, + * so administrators should be instructed to use this + * auto-detection with care (and prefer to assign GIDs + * explicitly). + */ + lowest_found = gid_max; + } + + /* Search through all of the IDs in the range */ + for (id = lowest_found; id >= gid_min; id--) { + result = check_gid (id, gid_min, gid_max, used_gids); + if (result == 0) { + /* This GID is available. Return it. */ + *gid = id; + free (used_gids); + return 0; + } else if (result == EEXIST || result == EINVAL) { + /* + * This GID is in use or unusable, we'll + * continue to the next. + */ + } else { + /* + * An unexpected error occurred. + * + * Only report it the first time to avoid spamming + * the logs + * + */ + if (!nospam) { + fprintf (log_get_logfd(), + _("%s: Can't get unique system GID (%s). " + "Suppressing additional messages.\n"), + log_get_progname(), strerror (result)); + SYSLOG ((LOG_ERR, + "Error checking available GIDs: %s", + strerror (result))); + nospam = 1; + } + /* + * We will continue anyway. Hopefully a later GID + * will work properly. + */ + } + } + + /* + * If we get all the way through the loop, try again from GID_MAX, + * unless that was where we previously started. (NOTE: the worst-case + * scenario here is that we will run through (GID_MAX - GID_MIN - 1) + * cycles *again* if we fall into this case with lowest_found as + * GID_MAX - 1, all groups in the range in use and maintained by + * network services such as LDAP.) + */ + if (lowest_found != gid_max) { + for (id = gid_max; id >= gid_min; id--) { + result = check_gid (id, gid_min, gid_max, used_gids); + if (result == 0) { + /* This GID is available. Return it. */ + *gid = id; + free (used_gids); + return 0; + } else if (result == EEXIST || result == EINVAL) { + /* + * This GID is in use or unusable, we'll + * continue to the next. + */ + } else { + /* + * An unexpected error occurred. + * + * Only report it the first time to avoid spamming + * the logs + * + */ + if (!nospam) { + fprintf (log_get_logfd(), + _("%s: Can't get unique system GID (%s). " + "Suppressing additional messages.\n"), + log_get_progname(), strerror (result)); + SYSLOG ((LOG_ERR, + "Error checking available GIDs: %s", + strerror (result))); + nospam = 1; + } + /* + * We will continue anyway. Hopefully a later GID + * will work properly. + */ + } + } + } + } else { /* !sys_group */ + /* + * For non-system groups, we want to start from the + * bottom of the range and work upwards. + */ + + /* + * At the conclusion of the gr_next() search, we will either + * have a presumed-free GID or we will be at GID_MAX + 1. + */ + if (highest_found > gid_max) { + /* + * In this case, a GID is in use at GID_MAX. + * + * We will reset the search to GID_MIN and proceed up + * through all the GIDs (skipping those we detected with + * used_gids) for a free one. It is a known issue that + * this may result in reusing a previously-deleted GID, + * so administrators should be instructed to use this + * auto-detection with care (and prefer to assign GIDs + * explicitly). + */ + highest_found = gid_min; + } + + /* Search through all of the IDs in the range */ + for (id = highest_found; id <= gid_max; id++) { + result = check_gid (id, gid_min, gid_max, used_gids); + if (result == 0) { + /* This GID is available. Return it. */ + *gid = id; + free (used_gids); + return 0; + } else if (result == EEXIST || result == EINVAL) { + /* + * This GID is in use or unusable, we'll + * continue to the next. + */ + } else { + /* + * An unexpected error occurred. + * + * Only report it the first time to avoid spamming + * the logs + * + */ + if (!nospam) { + fprintf (log_get_logfd(), + _("%s: Can't get unique GID (%s). " + "Suppressing additional messages.\n"), + log_get_progname(), strerror (result)); + SYSLOG ((LOG_ERR, + "Error checking available GIDs: %s", + strerror (result))); + nospam = 1; + } + /* + * We will continue anyway. Hopefully a later GID + * will work properly. + */ + } + } + + /* + * If we get all the way through the loop, try again from GID_MIN, + * unless that was where we previously started. (NOTE: the worst-case + * scenario here is that we will run through (GID_MAX - GID_MIN - 1) + * cycles *again* if we fall into this case with highest_found as + * GID_MIN + 1, all groups in the range in use and maintained by + * network services such as LDAP.) + */ + if (highest_found != gid_min) { + for (id = gid_min; id <= gid_max; id++) { + result = check_gid (id, gid_min, gid_max, used_gids); + if (result == 0) { + /* This GID is available. Return it. */ + *gid = id; + free (used_gids); + return 0; + } else if (result == EEXIST || result == EINVAL) { + /* + * This GID is in use or unusable, we'll + * continue to the next. + */ + } else { + /* + * An unexpected error occurred. + * + * Only report it the first time to avoid spamming + * the logs + * + */ + if (!nospam) { + fprintf (log_get_logfd(), + _("%s: Can't get unique GID (%s). " + "Suppressing additional messages.\n"), + log_get_progname(), strerror (result)); + SYSLOG ((LOG_ERR, + "Error checking available GIDs: %s", + strerror (result))); + nospam = 1; + } + /* + * We will continue anyway. Hopefully a later GID + * will work properly. + */ + } + } + } + } + + /* The code reached here and found no available IDs in the range */ + fprintf (log_get_logfd(), + _("%s: Can't get unique GID (no more available GIDs)\n"), + log_get_progname()); + SYSLOG ((LOG_WARN, "no more available GIDs on the system")); + free (used_gids); + return -1; +} + diff --git a/lib/find_new_sub_gids.c b/lib/find_new_sub_gids.c new file mode 100644 index 0000000..74c9d8f --- /dev/null +++ b/lib/find_new_sub_gids.c @@ -0,0 +1,64 @@ +/* + * SPDX-FileCopyrightText: 2012 Eric Biederman + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ifdef ENABLE_SUBIDS + +#include <assert.h> +#include <stdio.h> +#include <errno.h> + +#include "prototypes.h" +#include "subordinateio.h" +#include "getdef.h" +#include "shadowlog.h" + +/* + * find_new_sub_gids - Find a new unused range of GIDs. + * + * If successful, find_new_sub_gids provides a range of unused + * user IDs in the [SUB_GID_MIN:SUB_GID_MAX] range. + * + * Return 0 on success, -1 if no unused GIDs are available. + */ +int find_new_sub_gids (gid_t *range_start, unsigned long *range_count) +{ + unsigned long min, max; + unsigned long count; + gid_t start; + + assert (range_start != NULL); + assert (range_count != NULL); + + min = getdef_ulong ("SUB_GID_MIN", 100000UL); + max = getdef_ulong ("SUB_GID_MAX", 600100000UL); + count = getdef_ulong ("SUB_GID_COUNT", 65536); + + if (min > max || count >= max || (min + count - 1) > max) { + (void) fprintf (log_get_logfd(), + _("%s: Invalid configuration: SUB_GID_MIN (%lu)," + " SUB_GID_MAX (%lu), SUB_GID_COUNT (%lu)\n"), + log_get_progname(), min, max, count); + return -1; + } + + start = sub_gid_find_free_range(min, max, count); + if (start == (gid_t)-1) { + fprintf (log_get_logfd(), + _("%s: Can't get unique subordinate GID range\n"), + log_get_progname()); + SYSLOG ((LOG_WARN, "no more available subordinate GIDs on the system")); + return -1; + } + *range_start = start; + *range_count = count; + return 0; +} +#else /* !ENABLE_SUBIDS */ +extern int ISO_C_forbids_an_empty_translation_unit; +#endif /* !ENABLE_SUBIDS */ + diff --git a/lib/find_new_sub_uids.c b/lib/find_new_sub_uids.c new file mode 100644 index 0000000..cc4b0cf --- /dev/null +++ b/lib/find_new_sub_uids.c @@ -0,0 +1,64 @@ +/* + * SPDX-FileCopyrightText: 2012 Eric Biederman + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ifdef ENABLE_SUBIDS + +#include <assert.h> +#include <stdio.h> +#include <errno.h> + +#include "prototypes.h" +#include "subordinateio.h" +#include "getdef.h" +#include "shadowlog.h" + +/* + * find_new_sub_uids - Find a new unused range of UIDs. + * + * If successful, find_new_sub_uids provides a range of unused + * user IDs in the [SUB_UID_MIN:SUB_UID_MAX] range. + * + * Return 0 on success, -1 if no unused UIDs are available. + */ +int find_new_sub_uids (uid_t *range_start, unsigned long *range_count) +{ + unsigned long min, max; + unsigned long count; + uid_t start; + + assert (range_start != NULL); + assert (range_count != NULL); + + min = getdef_ulong ("SUB_UID_MIN", 100000UL); + max = getdef_ulong ("SUB_UID_MAX", 600100000UL); + count = getdef_ulong ("SUB_UID_COUNT", 65536); + + if (min > max || count >= max || (min + count - 1) > max) { + (void) fprintf (log_get_logfd(), + _("%s: Invalid configuration: SUB_UID_MIN (%lu)," + " SUB_UID_MAX (%lu), SUB_UID_COUNT (%lu)\n"), + log_get_progname(), min, max, count); + return -1; + } + + start = sub_uid_find_free_range(min, max, count); + if (start == (uid_t)-1) { + fprintf (log_get_logfd(), + _("%s: Can't get unique subordinate UID range\n"), + log_get_progname()); + SYSLOG ((LOG_WARN, "no more available subordinate UIDs on the system")); + return -1; + } + *range_start = start; + *range_count = count; + return 0; +} +#else /* !ENABLE_SUBIDS */ +extern int ISO_C_forbids_an_empty_translation_unit; +#endif /* !ENABLE_SUBIDS */ + diff --git a/lib/find_new_uid.c b/lib/find_new_uid.c new file mode 100644 index 0000000..45ce712 --- /dev/null +++ b/lib/find_new_uid.c @@ -0,0 +1,500 @@ +/* + * SPDX-FileCopyrightText: 1991 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 2008 - 2011, Nicolas François + * SPDX-FileCopyrightText: 2014, Red Hat, Inc. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#include <assert.h> +#include <stdio.h> +#include <errno.h> + +#include "alloc.h" +#include "prototypes.h" +#include "pwio.h" +#include "getdef.h" +#include "shadowlog.h" + +/* + * get_ranges - Get the minimum and maximum ID ranges for the search + * + * This function will return the minimum and maximum ranges for IDs + * + * 0: The function completed successfully + * EINVAL: The provided ranges are impossible (such as maximum < minimum) + * + * preferred_min: The special-case minimum value for a specifically- + * requested ID, which may be lower than the standard min_id + */ +static int get_ranges (bool sys_user, uid_t *min_id, uid_t *max_id, + uid_t *preferred_min) +{ + uid_t uid_def_max = 0; + + if (sys_user) { + /* System users */ + + /* A requested ID is allowed to be below the autoselect range */ + *preferred_min = (uid_t) 1; + + /* Get the minimum ID range from login.defs or default to 101 */ + *min_id = getdef_ulong ("SYS_UID_MIN", 101UL); + + /* + * If SYS_UID_MAX is unspecified, we should assume it to be one + * less than the UID_MIN (which is reserved for non-system accounts) + */ + uid_def_max = getdef_ulong ("UID_MIN", 1000UL) - 1; + *max_id = getdef_ulong ("SYS_UID_MAX", uid_def_max); + + /* Check that the ranges make sense */ + if (*max_id < *min_id) { + (void) fprintf (log_get_logfd(), + _("%s: Invalid configuration: SYS_UID_MIN (%lu), " + "UID_MIN (%lu), SYS_UID_MAX (%lu)\n"), + log_get_progname(), (unsigned long) *min_id, + getdef_ulong ("UID_MIN", 1000UL), + (unsigned long) *max_id); + return EINVAL; + } + /* + * Zero is reserved for root and the allocation algorithm does not + * work right with it. + */ + if (*min_id == 0) { + *min_id = (uid_t) 1; + } + } else { + /* Non-system users */ + + /* Get the values from login.defs or use reasonable defaults */ + *min_id = getdef_ulong ("UID_MIN", 1000UL); + *max_id = getdef_ulong ("UID_MAX", 60000UL); + + /* + * The preferred minimum should match the standard ID minimum + * for non-system users. + */ + *preferred_min = *min_id; + + /* Check that the ranges make sense */ + if (*max_id < *min_id) { + (void) fprintf (log_get_logfd(), + _("%s: Invalid configuration: UID_MIN (%lu), " + "UID_MAX (%lu)\n"), + log_get_progname(), (unsigned long) *min_id, + (unsigned long) *max_id); + return EINVAL; + } + } + + return 0; +} + +/* + * check_uid - See if the requested UID is available + * + * On success, return 0 + * If the ID is in use, return EEXIST + * If the ID might clash with -1, return EINVAL + * If the ID is outside the range, return ERANGE + * In other cases, return errno from getpwuid() + */ +static int check_uid(const uid_t uid, + const uid_t uid_min, + const uid_t uid_max, + const bool *used_uids) +{ + /* First test that the preferred ID is in the range */ + if (uid < uid_min || uid > uid_max) { + return ERANGE; + } + + /* Check for compatibility with 16b and 32b uid_t error codes */ + if (uid == UINT16_MAX || uid == UINT32_MAX) { + return EINVAL; + } + + /* + * Check whether we already detected this UID + * using the pw_next() loop + */ + if (used_uids != NULL && used_uids[uid]) { + return EEXIST; + } + /* Check if the UID exists according to NSS */ + errno = 0; + if (prefix_getpwuid(uid) != NULL) { + return EEXIST; + } else { + /* getpwuid() was NULL + * we have to ignore errors as temporary + * failures of remote user identity services + * would completely block user/group creation + */ + } + + /* If we've made it here, the UID must be available */ + return 0; +} + +/* + * find_new_uid - Find a new unused UID. + * + * If successful, find_new_uid provides an unused user ID in the + * [UID_MIN:UID_MAX] range. + * This ID should be higher than all the used UID, but if not possible, + * the lowest unused ID in the range will be returned. + * + * Return 0 on success, -1 if no unused UIDs are available. + */ +int find_new_uid(bool sys_user, + uid_t *uid, + /*@null@*/uid_t const *preferred_uid) +{ + bool *used_uids; + const struct passwd *pwd; + uid_t uid_min, uid_max, preferred_min; + uid_t id; + uid_t lowest_found, highest_found; + int result; + int nospam = 0; + + assert (uid != NULL); + + /* + * First, figure out what ID range is appropriate for + * automatic assignment + */ + result = get_ranges (sys_user, &uid_min, &uid_max, &preferred_min); + if (result == EINVAL) { + return -1; + } + + /* Check if the preferred UID is available */ + if (preferred_uid) { + result = check_uid (*preferred_uid, preferred_min, uid_max, NULL); + if (result == 0) { + /* + * Make sure the UID isn't queued for use already + */ + if (pw_locate_uid (*preferred_uid) == NULL) { + *uid = *preferred_uid; + return 0; + } + /* + * pw_locate_uid() found the UID in an as-yet uncommitted + * entry. We'll proceed below and auto-set an UID. + */ + } else if (result == EEXIST || result == ERANGE || result == EINVAL) { + /* + * Continue on below. At this time, we won't + * treat these three cases differently. + */ + } else { + /* + * An unexpected error occurred. We should report + * this and fail the user creation. + * This differs from the automatic creation + * behavior below, since if a specific UID was + * requested and generated an error, the user is + * more likely to want to stop and address the + * issue. + */ + fprintf (log_get_logfd(), + _("%s: Encountered error attempting to use " + "preferred UID: %s\n"), + log_get_progname(), strerror (result)); + return -1; + } + } + + /* + * Search the entire passwd file, + * looking for the next unused value. + * + * We first check the local database with pw_rewind/pw_next to find + * all local values that are in use. + * + * We then compare the next free value to all databases (local and + * remote) and iterate until we find a free one. If there are free + * values beyond the lowest (system users) or highest (non-system + * users), we will prefer those and avoid potentially reclaiming a + * deleted user (which can be a security issue, since it may grant + * access to files belonging to that former user). + * + * If there are no UIDs available at the end of the search, we will + * have no choice but to iterate through the range looking for gaps. + * + */ + + /* Create an array to hold all of the discovered UIDs */ + used_uids = CALLOC(uid_max + 1, bool); + if (NULL == used_uids) { + fprintf (log_get_logfd(), + _("%s: failed to allocate memory: %s\n"), + log_get_progname(), strerror (errno)); + return -1; + } + + /* First look for the lowest and highest value in the local database */ + (void) pw_rewind (); + highest_found = uid_min; + lowest_found = uid_max; + while ((pwd = pw_next ()) != NULL) { + /* + * Does this entry have a lower UID than the lowest we've found + * so far? + */ + if ((pwd->pw_uid <= lowest_found) && (pwd->pw_uid >= uid_min)) { + lowest_found = pwd->pw_uid - 1; + } + + /* + * Does this entry have a higher UID than the highest we've found + * so far? + */ + if ((pwd->pw_uid >= highest_found) && (pwd->pw_uid <= uid_max)) { + highest_found = pwd->pw_uid + 1; + } + + /* create index of used UIDs */ + if (pwd->pw_uid >= uid_min + && pwd->pw_uid <= uid_max) { + + used_uids[pwd->pw_uid] = true; + } + } + + if (sys_user) { + /* + * For system users, we want to start from the + * top of the range and work downwards. + */ + + /* + * At the conclusion of the pw_next() search, we will either + * have a presumed-free UID or we will be at UID_MIN - 1. + */ + if (lowest_found < uid_min) { + /* + * In this case, an UID is in use at UID_MIN. + * + * We will reset the search to UID_MAX and proceed down + * through all the UIDs (skipping those we detected with + * used_uids) for a free one. It is a known issue that + * this may result in reusing a previously-deleted UID, + * so administrators should be instructed to use this + * auto-detection with care (and prefer to assign UIDs + * explicitly). + */ + lowest_found = uid_max; + } + + /* Search through all of the IDs in the range */ + for (id = lowest_found; id >= uid_min; id--) { + result = check_uid (id, uid_min, uid_max, used_uids); + if (result == 0) { + /* This UID is available. Return it. */ + *uid = id; + free (used_uids); + return 0; + } else if (result == EEXIST || result == EINVAL) { + /* + * This GID is in use or unusable, we'll + * continue to the next. + */ + } else { + /* + * An unexpected error occurred. + * + * Only report it the first time to avoid spamming + * the logs + * + */ + if (!nospam) { + fprintf (log_get_logfd(), + _("%s: Can't get unique system UID (%s). " + "Suppressing additional messages.\n"), + log_get_progname(), strerror (result)); + SYSLOG ((LOG_ERR, + "Error checking available UIDs: %s", + strerror (result))); + nospam = 1; + } + /* + * We will continue anyway. Hopefully a later UID + * will work properly. + */ + } + } + + /* + * If we get all the way through the loop, try again from UID_MAX, + * unless that was where we previously started. (NOTE: the worst-case + * scenario here is that we will run through (UID_MAX - UID_MIN - 1) + * cycles *again* if we fall into this case with lowest_found as + * UID_MAX - 1, all users in the range in use and maintained by + * network services such as LDAP.) + */ + if (lowest_found != uid_max) { + for (id = uid_max; id >= uid_min; id--) { + result = check_uid (id, uid_min, uid_max, used_uids); + if (result == 0) { + /* This UID is available. Return it. */ + *uid = id; + free (used_uids); + return 0; + } else if (result == EEXIST || result == EINVAL) { + /* + * This GID is in use or unusable, we'll + * continue to the next. + */ + } else { + /* + * An unexpected error occurred. + * + * Only report it the first time to avoid spamming + * the logs + * + */ + if (!nospam) { + fprintf (log_get_logfd(), + _("%s: Can't get unique system UID (%s). " + "Suppressing additional messages.\n"), + log_get_progname(), strerror (result)); + SYSLOG((LOG_ERR, + "Error checking available UIDs: %s", + strerror (result))); + nospam = 1; + } + /* + * We will continue anyway. Hopefully a later UID + * will work properly. + */ + } + } + } + } else { /* !sys_user */ + /* + * For non-system users, we want to start from the + * bottom of the range and work upwards. + */ + + /* + * At the conclusion of the pw_next() search, we will either + * have a presumed-free UID or we will be at UID_MAX + 1. + */ + if (highest_found > uid_max) { + /* + * In this case, a UID is in use at UID_MAX. + * + * We will reset the search to UID_MIN and proceed up + * through all the UIDs (skipping those we detected with + * used_uids) for a free one. It is a known issue that + * this may result in reusing a previously-deleted UID, + * so administrators should be instructed to use this + * auto-detection with care (and prefer to assign UIDs + * explicitly). + */ + highest_found = uid_min; + } + + /* Search through all of the IDs in the range */ + for (id = highest_found; id <= uid_max; id++) { + result = check_uid (id, uid_min, uid_max, used_uids); + if (result == 0) { + /* This UID is available. Return it. */ + *uid = id; + free (used_uids); + return 0; + } else if (result == EEXIST || result == EINVAL) { + /* + * This GID is in use or unusable, we'll + * continue to the next. + */ + } else { + /* + * An unexpected error occurred. + * + * Only report it the first time to avoid spamming + * the logs + * + */ + if (!nospam) { + fprintf (log_get_logfd(), + _("%s: Can't get unique UID (%s). " + "Suppressing additional messages.\n"), + log_get_progname(), strerror (result)); + SYSLOG ((LOG_ERR, + "Error checking available UIDs: %s", + strerror (result))); + nospam = 1; + } + /* + * We will continue anyway. Hopefully a later UID + * will work properly. + */ + } + } + + /* + * If we get all the way through the loop, try again from UID_MIN, + * unless that was where we previously started. (NOTE: the worst-case + * scenario here is that we will run through (UID_MAX - UID_MIN - 1) + * cycles *again* if we fall into this case with highest_found as + * UID_MIN + 1, all users in the range in use and maintained by + * network services such as LDAP.) + */ + if (highest_found != uid_min) { + for (id = uid_min; id <= uid_max; id++) { + result = check_uid (id, uid_min, uid_max, used_uids); + if (result == 0) { + /* This UID is available. Return it. */ + *uid = id; + free (used_uids); + return 0; + } else if (result == EEXIST || result == EINVAL) { + /* + * This GID is in use or unusable, we'll + * continue to the next. + */ + } else { + /* + * An unexpected error occurred. + * + * Only report it the first time to avoid spamming + * the logs + * + */ + if (!nospam) { + fprintf (log_get_logfd(), + _("%s: Can't get unique UID (%s). " + "Suppressing additional messages.\n"), + log_get_progname(), strerror (result)); + SYSLOG ((LOG_ERR, + "Error checking available UIDs: %s", + strerror (result))); + nospam = 1; + } + /* + * We will continue anyway. Hopefully a later UID + * will work properly. + */ + } + } + } + } + + /* The code reached here and found no available IDs in the range */ + fprintf (log_get_logfd(), + _("%s: Can't get unique UID (no more available UIDs)\n"), + log_get_progname()); + SYSLOG ((LOG_WARN, "no more available UIDs on the system")); + free (used_uids); + return -1; +} + diff --git a/lib/fputsx.c b/lib/fputsx.c index bb71ab2..0565310 100644 --- a/lib/fputsx.c +++ b/lib/fputsx.c @@ -16,7 +16,8 @@ #ident "$Id$" -/*@null@*/char *fgetsx (/*@returned@*/ /*@out@*/char *buf, int cnt, FILE * f) +/*@null@*/char * +fgetsx(/*@returned@*/char *restrict buf, int cnt, FILE *restrict f) { char *cp = buf; char *ep; diff --git a/lib/freezero.c b/lib/freezero.c new file mode 100644 index 0000000..c565f43 --- /dev/null +++ b/lib/freezero.c @@ -0,0 +1,30 @@ +/* $OpenBSD: malloc.c,v 1.267 2020/11/23 15:42:11 otto Exp $ */ +/* + * Copyright (c) 2008, 2010, 2011, 2016 Otto Moerbeek <otto@drijf.net> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include <stdlib.h> +#include <string.h> + +void +freezero(void *ptr, size_t sz) +{ + /* This is legal. */ + if (ptr == NULL) + return; + + explicit_bzero(ptr, sz); + free(ptr); +} diff --git a/lib/freezero.h b/lib/freezero.h new file mode 100644 index 0000000..8dbcd7c --- /dev/null +++ b/lib/freezero.h @@ -0,0 +1,34 @@ +/* + * Copyright © 2005 Aurelien Jarno + * Copyright © 2006 Robert Millan + * Copyright © 2008-2011 Guillem Jover <guillem@hadrons.org> + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL + * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef LIBBSD_FREEZERO_H +#define LIBBSD_FREEZERO_H + +void freezero(void *ptr, size_t size); + +#endif diff --git a/lib/get_gid.c b/lib/get_gid.c index cbcd6f4..2420137 100644 --- a/lib/get_gid.c +++ b/lib/get_gid.c @@ -4,6 +4,7 @@ * SPDX-License-Identifier: BSD-3-Clause */ + #include <config.h> #ident "$Id$" @@ -11,21 +12,23 @@ #include "prototypes.h" #include "defines.h" -int get_gid (const char *gidstr, gid_t *gid) + +int +get_gid(const char *gidstr, gid_t *gid) { - long long int val; - char *endptr; + char *end; + long long val; errno = 0; - val = strtoll (gidstr, &endptr, 10); + val = strtoll(gidstr, &end, 10); if ( ('\0' == *gidstr) - || ('\0' != *endptr) - || (ERANGE == errno) + || ('\0' != *end) + || (0 != errno) || (/*@+longintegral@*/val != (gid_t)val)/*@=longintegral@*/) { - return 0; + return -1; } - *gid = (gid_t)val; - return 1; + *gid = val; + return 0; } diff --git a/lib/get_pid.c b/lib/get_pid.c index 383eb69..af3f2f8 100644 --- a/lib/get_pid.c +++ b/lib/get_pid.c @@ -10,22 +10,94 @@ #include "prototypes.h" #include "defines.h" +#include <sys/types.h> +#include <sys/stat.h> +#include <fcntl.h> -int get_pid (const char *pidstr, pid_t *pid) +#include "string/sprintf.h" + + +int +get_pid(const char *pidstr, pid_t *pid) { - long long int val; - char *endptr; + char *end; + long long val; errno = 0; - val = strtoll (pidstr, &endptr, 10); + val = strtoll(pidstr, &end, 10); if ( ('\0' == *pidstr) - || ('\0' != *endptr) - || (ERANGE == errno) + || ('\0' != *end) + || (0 != errno) + || (val < 1) || (/*@+longintegral@*/val != (pid_t)val)/*@=longintegral@*/) { - return 0; + return -1; } - *pid = (pid_t)val; - return 1; + *pid = val; + return 0; } +/* + * If use passed in fd:4 as an argument, then return the + * value '4', the fd to use. + * On error, return -1. + */ +int get_pidfd_from_fd(const char *pidfdstr) +{ + char *end; + long long val; + struct stat st; + dev_t proc_st_dev, proc_st_rdev; + + errno = 0; + val = strtoll(pidfdstr, &end, 10); + if ( ('\0' == *pidfdstr) + || ('\0' != *end) + || (0 != errno) + || (val < 0) + || (/*@+longintegral@*/val != (int)val)/*@=longintegral@*/) { + return -1; + } + + if (stat("/proc/self/uid_map", &st) < 0) { + return -1; + } + + proc_st_dev = st.st_dev; + proc_st_rdev = st.st_rdev; + + if (fstat(val, &st) < 0) { + return -1; + } + + if (st.st_dev != proc_st_dev || st.st_rdev != proc_st_rdev) { + return -1; + } + + return (int)val; +} + +int open_pidfd(const char *pidstr) +{ + int proc_dir_fd; + char proc_dir_name[32]; + pid_t target; + + if (get_pid(pidstr, &target) == -1) + return -ENOENT; + + /* max string length is 6 + 10 + 1 + 1 = 18, allocate 32 bytes */ + if (SNPRINTF(proc_dir_name, "/proc/%u/", target) == -1) { + fprintf(stderr, "snprintf of proc path failed for %u: %s\n", + target, strerror(errno)); + return -EINVAL; + } + + proc_dir_fd = open(proc_dir_name, O_DIRECTORY); + if (proc_dir_fd < 0) { + fprintf(stderr, _("Could not open proc directory for target %u: %s\n"), + target, strerror(errno)); + return -EINVAL; + } + return proc_dir_fd; +} diff --git a/lib/get_uid.c b/lib/get_uid.c index 50f9922..77fe966 100644 --- a/lib/get_uid.c +++ b/lib/get_uid.c @@ -4,6 +4,7 @@ * SPDX-License-Identifier: BSD-3-Clause */ + #include <config.h> #ident "$Id$" @@ -11,21 +12,23 @@ #include "prototypes.h" #include "defines.h" -int get_uid (const char *uidstr, uid_t *uid) + +int +get_uid(const char *uidstr, uid_t *uid) { - long long int val; - char *endptr; + char *end; + long long val; errno = 0; - val = strtoll (uidstr, &endptr, 10); + val = strtoll(uidstr, &end, 10); if ( ('\0' == *uidstr) - || ('\0' != *endptr) - || (ERANGE == errno) + || ('\0' != *end) + || (0 != errno) || (/*@+longintegral@*/val != (uid_t)val)/*@=longintegral@*/) { - return 0; + return -1; } - *uid = (uid_t)val; - return 1; + *uid = val; + return 0; } diff --git a/lib/getdate.c b/lib/getdate.c new file mode 100644 index 0000000..556ce62 --- /dev/null +++ b/lib/getdate.c @@ -0,0 +1,2535 @@ +/* A Bison parser, made by GNU Bison 3.8.2. */ + +/* Bison implementation for Yacc-like parsers in C + + Copyright (C) 1984, 1989-1990, 2000-2015, 2018-2021 Free Software Foundation, + Inc. + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <https://www.gnu.org/licenses/>. */ + +/* As a special exception, you may create a larger work that contains + part or all of the Bison parser skeleton and distribute that work + under terms of your choice, so long as that work isn't itself a + parser generator using the skeleton or a modified version thereof + as a parser skeleton. Alternatively, if you modify or redistribute + the parser skeleton itself, you may (at your option) remove this + special exception, which will cause the skeleton and the resulting + Bison output files to be licensed under the GNU General Public + License without this special exception. + + This special exception was added by the Free Software Foundation in + version 2.2 of Bison. */ + +/* C LALR(1) parser skeleton written by Richard Stallman, by + simplifying the original so-called "semantic" parser. */ + +/* DO NOT RELY ON FEATURES THAT ARE NOT DOCUMENTED in the manual, + especially those whose name start with YY_ or yy_. They are + private implementation details that can be changed or removed. */ + +/* All symbols defined below should begin with yy or YY, to avoid + infringing on user name space. This should be done even for local + variables, as they might otherwise be expanded by user macros. + There are some unavoidable exceptions within include files to + define necessary library symbols; they are noted "INFRINGES ON + USER NAME SPACE" below. */ + +/* Identify Bison output, and Bison version. */ +#define YYBISON 30802 + +/* Bison version string. */ +#define YYBISON_VERSION "3.8.2" + +/* Skeleton name. */ +#define YYSKELETON_NAME "yacc.c" + +/* Pure parsers. */ +#define YYPURE 0 + +/* Push parsers. */ +#define YYPUSH 0 + +/* Pull parsers. */ +#define YYPULL 1 + + + + +/* First part of user prologue. */ +#line 1 "getdate.y" + +/* +** Originally written by Steven M. Bellovin <smb@research.att.com> while +** at the University of North Carolina at Chapel Hill. Later tweaked by +** a couple of people on Usenet. Completely overhauled by Rich $alz +** <rsalz@bbn.com> and Jim Berets <jberets@bbn.com> in August, 1990; +** +** This grammar has 13 shift/reduce conflicts. +** +** This code is in the public domain and has no copyright. +*/ + +#ifdef HAVE_CONFIG_H +# include <config.h> +#endif + +/* Since the code of getdate.y is not included in the Emacs executable + itself, there is no need to #define static in this file. Even if + the code were included in the Emacs executable, it probably + wouldn't do any harm to #undef it here; this will only cause + problems if we try to write to a static variable, which I don't + think this code needs to do. */ +#ifdef emacs +# undef static +#endif + +#include <stdio.h> +#include <ctype.h> +#include <time.h> + +#include "attr.h" +#include "getdate.h" + +#include <string.h> + +/* Some old versions of bison generate parsers that use bcopy. + That loses on systems that don't provide the function, so we have + to redefine it here. */ +#if !defined (HAVE_BCOPY) && !defined (bcopy) +# define bcopy(from, to, len) memcpy ((to), (from), (len)) +#endif + +/* Remap normal yacc parser interface names (yyparse, yylex, yyerror, etc), + as well as gratuitously global symbol names, so we can have multiple + yacc generated parsers in the same program. Note that these are only + the variables produced by yacc. If other parser generators (bison, + byacc, etc) produce additional global names that conflict at link time, + then those parser generators need to be fixed instead of adding those + names to this list. */ + +#define yymaxdepth gd_maxdepth +#define yyparse gd_parse +#define yylex gd_lex +#define yyerror gd_error +#define yylval gd_lval +#define yychar gd_char +#define yydebug gd_debug +#define yypact gd_pact +#define yyr1 gd_r1 +#define yyr2 gd_r2 +#define yydef gd_def +#define yychk gd_chk +#define yypgo gd_pgo +#define yyact gd_act +#define yyexca gd_exca +#define yyerrflag gd_errflag +#define yynerrs gd_nerrs +#define yyps gd_ps +#define yypv gd_pv +#define yys gd_s +#define yy_yys gd_yys +#define yystate gd_state +#define yytmp gd_tmp +#define yyv gd_v +#define yy_yyv gd_yyv +#define yyval gd_val +#define yylloc gd_lloc +#define yyreds gd_reds /* With YYDEBUG defined */ +#define yytoks gd_toks /* With YYDEBUG defined */ +#define yylhs gd_yylhs +#define yylen gd_yylen +#define yydefred gd_yydefred +#define yydgoto gd_yydgoto +#define yysindex gd_yysindex +#define yyrindex gd_yyrindex +#define yygindex gd_yygindex +#define yytable gd_yytable +#define yycheck gd_yycheck + +static int yylex (void); +static int yyerror (const char *s); + +#define EPOCH 1970 +#define HOUR(x) ((x) * 60) + +#define MAX_BUFF_LEN 128 /* size of buffer to read the date into */ + +/* +** An entry in the lexical lookup table. +*/ +typedef struct _TABLE { + const char *name; + int type; + int value; +} TABLE; + + +/* +** Meridian: am, pm, or 24-hour style. +*/ +typedef enum _MERIDIAN { + MERam, MERpm, MER24 +} MERIDIAN; + + +/* +** Global variables. We could get rid of most of these by using a good +** union as the yacc stack. (This routine was originally written before +** yacc had the %union construct.) Maybe someday; right now we only use +** the %union very rarely. +*/ +static const char *yyInput; +static int yyDayOrdinal; +static int yyDayNumber; +static int yyHaveDate; +static int yyHaveDay; +static int yyHaveRel; +static int yyHaveTime; +static int yyHaveZone; +static int yyTimezone; +static int yyDay; +static int yyHour; +static int yyMinutes; +static int yyMonth; +static int yySeconds; +static int yyYear; +static MERIDIAN yyMeridian; +static int yyRelDay; +static int yyRelHour; +static int yyRelMinutes; +static int yyRelMonth; +static int yyRelSeconds; +static int yyRelYear; + + +#line 217 "getdate.c" + +# ifndef YY_CAST +# ifdef __cplusplus +# define YY_CAST(Type, Val) static_cast<Type> (Val) +# define YY_REINTERPRET_CAST(Type, Val) reinterpret_cast<Type> (Val) +# else +# define YY_CAST(Type, Val) ((Type) (Val)) +# define YY_REINTERPRET_CAST(Type, Val) ((Type) (Val)) +# endif +# endif +# ifndef YY_NULLPTR +# if defined __cplusplus +# if 201103L <= __cplusplus +# define YY_NULLPTR nullptr +# else +# define YY_NULLPTR 0 +# endif +# else +# define YY_NULLPTR ((void*)0) +# endif +# endif + + +/* Debug traces. */ +#ifndef YYDEBUG +# define YYDEBUG 0 +#endif +#if YYDEBUG +extern int yydebug; +#endif + +/* Token kinds. */ +#ifndef YYTOKENTYPE +# define YYTOKENTYPE + enum yytokentype + { + YYEMPTY = -2, + YYEOF = 0, /* "end of file" */ + YYerror = 256, /* error */ + YYUNDEF = 257, /* "invalid token" */ + tAGO = 258, /* tAGO */ + tDAY = 259, /* tDAY */ + tDAY_UNIT = 260, /* tDAY_UNIT */ + tDAYZONE = 261, /* tDAYZONE */ + tDST = 262, /* tDST */ + tHOUR_UNIT = 263, /* tHOUR_UNIT */ + tID = 264, /* tID */ + tMERIDIAN = 265, /* tMERIDIAN */ + tMINUTE_UNIT = 266, /* tMINUTE_UNIT */ + tMONTH = 267, /* tMONTH */ + tMONTH_UNIT = 268, /* tMONTH_UNIT */ + tSEC_UNIT = 269, /* tSEC_UNIT */ + tSNUMBER = 270, /* tSNUMBER */ + tUNUMBER = 271, /* tUNUMBER */ + tYEAR_UNIT = 272, /* tYEAR_UNIT */ + tZONE = 273 /* tZONE */ + }; + typedef enum yytokentype yytoken_kind_t; +#endif +/* Token kinds. */ +#define YYEMPTY -2 +#define YYEOF 0 +#define YYerror 256 +#define YYUNDEF 257 +#define tAGO 258 +#define tDAY 259 +#define tDAY_UNIT 260 +#define tDAYZONE 261 +#define tDST 262 +#define tHOUR_UNIT 263 +#define tID 264 +#define tMERIDIAN 265 +#define tMINUTE_UNIT 266 +#define tMONTH 267 +#define tMONTH_UNIT 268 +#define tSEC_UNIT 269 +#define tSNUMBER 270 +#define tUNUMBER 271 +#define tYEAR_UNIT 272 +#define tZONE 273 + +/* Value type. */ +#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED +union YYSTYPE +{ +#line 147 "getdate.y" + + int Number; + enum _MERIDIAN Meridian; + +#line 308 "getdate.c" + +}; +typedef union YYSTYPE YYSTYPE; +# define YYSTYPE_IS_TRIVIAL 1 +# define YYSTYPE_IS_DECLARED 1 +#endif + + +extern YYSTYPE yylval; + + +int yyparse (void); + + + +/* Symbol kind. */ +enum yysymbol_kind_t +{ + YYSYMBOL_YYEMPTY = -2, + YYSYMBOL_YYEOF = 0, /* "end of file" */ + YYSYMBOL_YYerror = 1, /* error */ + YYSYMBOL_YYUNDEF = 2, /* "invalid token" */ + YYSYMBOL_tAGO = 3, /* tAGO */ + YYSYMBOL_tDAY = 4, /* tDAY */ + YYSYMBOL_tDAY_UNIT = 5, /* tDAY_UNIT */ + YYSYMBOL_tDAYZONE = 6, /* tDAYZONE */ + YYSYMBOL_tDST = 7, /* tDST */ + YYSYMBOL_tHOUR_UNIT = 8, /* tHOUR_UNIT */ + YYSYMBOL_tID = 9, /* tID */ + YYSYMBOL_tMERIDIAN = 10, /* tMERIDIAN */ + YYSYMBOL_tMINUTE_UNIT = 11, /* tMINUTE_UNIT */ + YYSYMBOL_tMONTH = 12, /* tMONTH */ + YYSYMBOL_tMONTH_UNIT = 13, /* tMONTH_UNIT */ + YYSYMBOL_tSEC_UNIT = 14, /* tSEC_UNIT */ + YYSYMBOL_tSNUMBER = 15, /* tSNUMBER */ + YYSYMBOL_tUNUMBER = 16, /* tUNUMBER */ + YYSYMBOL_tYEAR_UNIT = 17, /* tYEAR_UNIT */ + YYSYMBOL_tZONE = 18, /* tZONE */ + YYSYMBOL_19_ = 19, /* ':' */ + YYSYMBOL_20_ = 20, /* ',' */ + YYSYMBOL_21_ = 21, /* '/' */ + YYSYMBOL_YYACCEPT = 22, /* $accept */ + YYSYMBOL_spec = 23, /* spec */ + YYSYMBOL_item = 24, /* item */ + YYSYMBOL_time = 25, /* time */ + YYSYMBOL_zone = 26, /* zone */ + YYSYMBOL_day = 27, /* day */ + YYSYMBOL_date = 28, /* date */ + YYSYMBOL_rel = 29, /* rel */ + YYSYMBOL_relunit = 30, /* relunit */ + YYSYMBOL_number = 31, /* number */ + YYSYMBOL_o_merid = 32 /* o_merid */ +}; +typedef enum yysymbol_kind_t yysymbol_kind_t; + + + + +#ifdef short +# undef short +#endif + +/* On compilers that do not define __PTRDIFF_MAX__ etc., make sure + <limits.h> and (if available) <stdint.h> are included + so that the code can choose integer types of a good width. */ + +#ifndef __PTRDIFF_MAX__ +# include <limits.h> /* INFRINGES ON USER NAME SPACE */ +# if defined __STDC_VERSION__ && 199901 <= __STDC_VERSION__ +# include <stdint.h> /* INFRINGES ON USER NAME SPACE */ +# define YY_STDINT_H +# endif +#endif + +/* Narrow types that promote to a signed type and that can represent a + signed or unsigned integer of at least N bits. In tables they can + save space and decrease cache pressure. Promoting to a signed type + helps avoid bugs in integer arithmetic. */ + +#ifdef __INT_LEAST8_MAX__ +typedef __INT_LEAST8_TYPE__ yytype_int8; +#elif defined YY_STDINT_H +typedef int_least8_t yytype_int8; +#else +typedef signed char yytype_int8; +#endif + +#ifdef __INT_LEAST16_MAX__ +typedef __INT_LEAST16_TYPE__ yytype_int16; +#elif defined YY_STDINT_H +typedef int_least16_t yytype_int16; +#else +typedef short yytype_int16; +#endif + +/* Work around bug in HP-UX 11.23, which defines these macros + incorrectly for preprocessor constants. This workaround can likely + be removed in 2023, as HPE has promised support for HP-UX 11.23 + (aka HP-UX 11i v2) only through the end of 2022; see Table 2 of + <https://h20195.www2.hpe.com/V2/getpdf.aspx/4AA4-7673ENW.pdf>. */ +#ifdef __hpux +# undef UINT_LEAST8_MAX +# undef UINT_LEAST16_MAX +# define UINT_LEAST8_MAX 255 +# define UINT_LEAST16_MAX 65535 +#endif + +#if defined __UINT_LEAST8_MAX__ && __UINT_LEAST8_MAX__ <= __INT_MAX__ +typedef __UINT_LEAST8_TYPE__ yytype_uint8; +#elif (!defined __UINT_LEAST8_MAX__ && defined YY_STDINT_H \ + && UINT_LEAST8_MAX <= INT_MAX) +typedef uint_least8_t yytype_uint8; +#elif !defined __UINT_LEAST8_MAX__ && UCHAR_MAX <= INT_MAX +typedef unsigned char yytype_uint8; +#else +typedef short yytype_uint8; +#endif + +#if defined __UINT_LEAST16_MAX__ && __UINT_LEAST16_MAX__ <= __INT_MAX__ +typedef __UINT_LEAST16_TYPE__ yytype_uint16; +#elif (!defined __UINT_LEAST16_MAX__ && defined YY_STDINT_H \ + && UINT_LEAST16_MAX <= INT_MAX) +typedef uint_least16_t yytype_uint16; +#elif !defined __UINT_LEAST16_MAX__ && USHRT_MAX <= INT_MAX +typedef unsigned short yytype_uint16; +#else +typedef int yytype_uint16; +#endif + +#ifndef YYPTRDIFF_T +# if defined __PTRDIFF_TYPE__ && defined __PTRDIFF_MAX__ +# define YYPTRDIFF_T __PTRDIFF_TYPE__ +# define YYPTRDIFF_MAXIMUM __PTRDIFF_MAX__ +# elif defined PTRDIFF_MAX +# ifndef ptrdiff_t +# include <stddef.h> /* INFRINGES ON USER NAME SPACE */ +# endif +# define YYPTRDIFF_T ptrdiff_t +# define YYPTRDIFF_MAXIMUM PTRDIFF_MAX +# else +# define YYPTRDIFF_T long +# define YYPTRDIFF_MAXIMUM LONG_MAX +# endif +#endif + +#ifndef YYSIZE_T +# ifdef __SIZE_TYPE__ +# define YYSIZE_T __SIZE_TYPE__ +# elif defined size_t +# define YYSIZE_T size_t +# elif defined __STDC_VERSION__ && 199901 <= __STDC_VERSION__ +# include <stddef.h> /* INFRINGES ON USER NAME SPACE */ +# define YYSIZE_T size_t +# else +# define YYSIZE_T unsigned +# endif +#endif + +#define YYSIZE_MAXIMUM \ + YY_CAST (YYPTRDIFF_T, \ + (YYPTRDIFF_MAXIMUM < YY_CAST (YYSIZE_T, -1) \ + ? YYPTRDIFF_MAXIMUM \ + : YY_CAST (YYSIZE_T, -1))) + +#define YYSIZEOF(X) YY_CAST (YYPTRDIFF_T, sizeof (X)) + + +/* Stored state numbers (used for stacks). */ +typedef yytype_int8 yy_state_t; + +/* State numbers in computations. */ +typedef int yy_state_fast_t; + +#ifndef YY_ +# if defined YYENABLE_NLS && YYENABLE_NLS +# if ENABLE_NLS +# include <libintl.h> /* INFRINGES ON USER NAME SPACE */ +# define YY_(Msgid) dgettext ("bison-runtime", Msgid) +# endif +# endif +# ifndef YY_ +# define YY_(Msgid) Msgid +# endif +#endif + + +#ifndef YY_ATTRIBUTE_PURE +# if defined __GNUC__ && 2 < __GNUC__ + (96 <= __GNUC_MINOR__) +# define YY_ATTRIBUTE_PURE __attribute__ ((__pure__)) +# else +# define YY_ATTRIBUTE_PURE +# endif +#endif + +#ifndef YY_ATTRIBUTE_UNUSED +# if defined __GNUC__ && 2 < __GNUC__ + (7 <= __GNUC_MINOR__) +# define YY_ATTRIBUTE_UNUSED __attribute__ ((__unused__)) +# else +# define YY_ATTRIBUTE_UNUSED +# endif +#endif + +/* Suppress unused-variable warnings by "using" E. */ +#if ! defined lint || defined __GNUC__ +# define YY_USE(E) ((void) (E)) +#else +# define YY_USE(E) /* empty */ +#endif + +/* Suppress an incorrect diagnostic about yylval being uninitialized. */ +#if defined __GNUC__ && ! defined __ICC && 406 <= __GNUC__ * 100 + __GNUC_MINOR__ +# if __GNUC__ * 100 + __GNUC_MINOR__ < 407 +# define YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN \ + _Pragma ("GCC diagnostic push") \ + _Pragma ("GCC diagnostic ignored \"-Wuninitialized\"") +# else +# define YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN \ + _Pragma ("GCC diagnostic push") \ + _Pragma ("GCC diagnostic ignored \"-Wuninitialized\"") \ + _Pragma ("GCC diagnostic ignored \"-Wmaybe-uninitialized\"") +# endif +# define YY_IGNORE_MAYBE_UNINITIALIZED_END \ + _Pragma ("GCC diagnostic pop") +#else +# define YY_INITIAL_VALUE(Value) Value +#endif +#ifndef YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN +# define YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN +# define YY_IGNORE_MAYBE_UNINITIALIZED_END +#endif +#ifndef YY_INITIAL_VALUE +# define YY_INITIAL_VALUE(Value) /* Nothing. */ +#endif + +#if defined __cplusplus && defined __GNUC__ && ! defined __ICC && 6 <= __GNUC__ +# define YY_IGNORE_USELESS_CAST_BEGIN \ + _Pragma ("GCC diagnostic push") \ + _Pragma ("GCC diagnostic ignored \"-Wuseless-cast\"") +# define YY_IGNORE_USELESS_CAST_END \ + _Pragma ("GCC diagnostic pop") +#endif +#ifndef YY_IGNORE_USELESS_CAST_BEGIN +# define YY_IGNORE_USELESS_CAST_BEGIN +# define YY_IGNORE_USELESS_CAST_END +#endif + + +#define YY_ASSERT(E) ((void) (0 && (E))) + +#if !defined yyoverflow + +/* The parser invokes alloca or malloc; define the necessary symbols. */ + +# ifdef YYSTACK_USE_ALLOCA +# if YYSTACK_USE_ALLOCA +# ifdef __GNUC__ +# define YYSTACK_ALLOC __builtin_alloca +# elif defined __BUILTIN_VA_ARG_INCR +# include <alloca.h> /* INFRINGES ON USER NAME SPACE */ +# elif defined _AIX +# define YYSTACK_ALLOC __alloca +# elif defined _MSC_VER +# include <malloc.h> /* INFRINGES ON USER NAME SPACE */ +# define alloca _alloca +# else +# define YYSTACK_ALLOC alloca +# if ! defined _ALLOCA_H && ! defined EXIT_SUCCESS +# include <stdlib.h> /* INFRINGES ON USER NAME SPACE */ + /* Use EXIT_SUCCESS as a witness for stdlib.h. */ +# ifndef EXIT_SUCCESS +# define EXIT_SUCCESS 0 +# endif +# endif +# endif +# endif +# endif + +# ifdef YYSTACK_ALLOC + /* Pacify GCC's 'empty if-body' warning. */ +# define YYSTACK_FREE(Ptr) do { /* empty */; } while (0) +# ifndef YYSTACK_ALLOC_MAXIMUM + /* The OS might guarantee only one guard page at the bottom of the stack, + and a page size can be as small as 4096 bytes. So we cannot safely + invoke alloca (N) if N exceeds 4096. Use a slightly smaller number + to allow for a few compiler-allocated temporary stack slots. */ +# define YYSTACK_ALLOC_MAXIMUM 4032 /* reasonable circa 2006 */ +# endif +# else +# define YYSTACK_ALLOC YYMALLOC +# define YYSTACK_FREE YYFREE +# ifndef YYSTACK_ALLOC_MAXIMUM +# define YYSTACK_ALLOC_MAXIMUM YYSIZE_MAXIMUM +# endif +# if (defined __cplusplus && ! defined EXIT_SUCCESS \ + && ! ((defined YYMALLOC || defined malloc) \ + && (defined YYFREE || defined free))) +# include <stdlib.h> /* INFRINGES ON USER NAME SPACE */ +# ifndef EXIT_SUCCESS +# define EXIT_SUCCESS 0 +# endif +# endif +# ifndef YYMALLOC +# define YYMALLOC malloc +# if ! defined malloc && ! defined EXIT_SUCCESS +void *malloc (YYSIZE_T); /* INFRINGES ON USER NAME SPACE */ +# endif +# endif +# ifndef YYFREE +# define YYFREE free +# if ! defined free && ! defined EXIT_SUCCESS +void free (void *); /* INFRINGES ON USER NAME SPACE */ +# endif +# endif +# endif +#endif /* !defined yyoverflow */ + +#if (! defined yyoverflow \ + && (! defined __cplusplus \ + || (defined YYSTYPE_IS_TRIVIAL && YYSTYPE_IS_TRIVIAL))) + +/* A type that is properly aligned for any stack member. */ +union yyalloc +{ + yy_state_t yyss_alloc; + YYSTYPE yyvs_alloc; +}; + +/* The size of the maximum gap between one aligned stack and the next. */ +# define YYSTACK_GAP_MAXIMUM (YYSIZEOF (union yyalloc) - 1) + +/* The size of an array large to enough to hold all stacks, each with + N elements. */ +# define YYSTACK_BYTES(N) \ + ((N) * (YYSIZEOF (yy_state_t) + YYSIZEOF (YYSTYPE)) \ + + YYSTACK_GAP_MAXIMUM) + +# define YYCOPY_NEEDED 1 + +/* Relocate STACK from its old location to the new one. The + local variables YYSIZE and YYSTACKSIZE give the old and new number of + elements in the stack, and YYPTR gives the new location of the + stack. Advance YYPTR to a properly aligned location for the next + stack. */ +# define YYSTACK_RELOCATE(Stack_alloc, Stack) \ + do \ + { \ + YYPTRDIFF_T yynewbytes; \ + YYCOPY (&yyptr->Stack_alloc, Stack, yysize); \ + Stack = &yyptr->Stack_alloc; \ + yynewbytes = yystacksize * YYSIZEOF (*Stack) + YYSTACK_GAP_MAXIMUM; \ + yyptr += yynewbytes / YYSIZEOF (*yyptr); \ + } \ + while (0) + +#endif + +#if defined YYCOPY_NEEDED && YYCOPY_NEEDED +/* Copy COUNT objects from SRC to DST. The source and destination do + not overlap. */ +# ifndef YYCOPY +# if defined __GNUC__ && 1 < __GNUC__ +# define YYCOPY(Dst, Src, Count) \ + __builtin_memcpy (Dst, Src, YY_CAST (YYSIZE_T, (Count)) * sizeof (*(Src))) +# else +# define YYCOPY(Dst, Src, Count) \ + do \ + { \ + YYPTRDIFF_T yyi; \ + for (yyi = 0; yyi < (Count); yyi++) \ + (Dst)[yyi] = (Src)[yyi]; \ + } \ + while (0) +# endif +# endif +#endif /* !YYCOPY_NEEDED */ + +/* YYFINAL -- State number of the termination state. */ +#define YYFINAL 2 +/* YYLAST -- Last index in YYTABLE. */ +#define YYLAST 50 + +/* YYNTOKENS -- Number of terminals. */ +#define YYNTOKENS 22 +/* YYNNTS -- Number of nonterminals. */ +#define YYNNTS 11 +/* YYNRULES -- Number of rules. */ +#define YYNRULES 51 +/* YYNSTATES -- Number of states. */ +#define YYNSTATES 61 + +/* YYMAXUTOK -- Last valid token kind. */ +#define YYMAXUTOK 273 + + +/* YYTRANSLATE(TOKEN-NUM) -- Symbol number corresponding to TOKEN-NUM + as returned by yylex, with out-of-bounds checking. */ +#define YYTRANSLATE(YYX) \ + (0 <= (YYX) && (YYX) <= YYMAXUTOK \ + ? YY_CAST (yysymbol_kind_t, yytranslate[YYX]) \ + : YYSYMBOL_YYUNDEF) + +/* YYTRANSLATE[TOKEN-NUM] -- Symbol number corresponding to TOKEN-NUM + as returned by yylex. */ +static const yytype_int8 yytranslate[] = +{ + 0, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 20, 2, 2, 21, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 19, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 1, 2, 3, 4, + 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, + 15, 16, 17, 18 +}; + +#if YYDEBUG +/* YYRLINE[YYN] -- Source line where rule number YYN was defined. */ +static const yytype_int16 yyrline[] = +{ + 0, 163, 163, 164, 167, 170, 173, 176, 179, 182, + 185, 191, 197, 206, 212, 224, 227, 231, 236, 240, + 244, 250, 254, 272, 278, 284, 288, 293, 297, 304, + 312, 315, 318, 321, 324, 327, 330, 333, 336, 339, + 342, 345, 348, 351, 354, 357, 360, 363, 366, 371, + 405, 408 +}; +#endif + +/** Accessing symbol of state STATE. */ +#define YY_ACCESSING_SYMBOL(State) YY_CAST (yysymbol_kind_t, yystos[State]) + +#if YYDEBUG || 0 +/* The user-facing name of the symbol whose (internal) number is + YYSYMBOL. No bounds checking. */ +static const char *yysymbol_name (yysymbol_kind_t yysymbol) YY_ATTRIBUTE_UNUSED; + +/* YYTNAME[SYMBOL-NUM] -- String name of the symbol SYMBOL-NUM. + First, the terminals, then, starting at YYNTOKENS, nonterminals. */ +static const char *const yytname[] = +{ + "\"end of file\"", "error", "\"invalid token\"", "tAGO", "tDAY", + "tDAY_UNIT", "tDAYZONE", "tDST", "tHOUR_UNIT", "tID", "tMERIDIAN", + "tMINUTE_UNIT", "tMONTH", "tMONTH_UNIT", "tSEC_UNIT", "tSNUMBER", + "tUNUMBER", "tYEAR_UNIT", "tZONE", "':'", "','", "'/'", "$accept", + "spec", "item", "time", "zone", "day", "date", "rel", "relunit", + "number", "o_merid", YY_NULLPTR +}; + +static const char * +yysymbol_name (yysymbol_kind_t yysymbol) +{ + return yytname[yysymbol]; +} +#endif + +#define YYPACT_NINF (-20) + +#define yypact_value_is_default(Yyn) \ + ((Yyn) == YYPACT_NINF) + +#define YYTABLE_NINF (-1) + +#define yytable_value_is_error(Yyn) \ + 0 + +/* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing + STATE-NUM. */ +static const yytype_int8 yypact[] = +{ + -20, 0, -20, -19, -20, -20, -20, -20, -13, -20, + -20, 30, 15, -20, 14, -20, -20, -20, -20, -20, + -20, 19, -20, -20, 4, -20, -20, -20, -20, -20, + -20, -20, -20, -20, -20, -20, -6, -20, -20, 16, + -20, 17, 23, -20, -20, 24, -20, -20, -20, 27, + 28, -20, -20, -20, 29, -20, 32, -8, -20, -20, + -20 +}; + +/* YYDEFACT[STATE-NUM] -- Default reduction number in state STATE-NUM. + Performed when YYTABLE does not specify something else to do. Zero + means the default is an error. */ +static const yytype_int8 yydefact[] = +{ + 2, 0, 1, 18, 39, 16, 42, 45, 0, 36, + 48, 0, 49, 33, 15, 3, 4, 5, 7, 6, + 8, 30, 9, 19, 25, 38, 41, 44, 35, 47, + 32, 20, 37, 40, 10, 43, 27, 34, 46, 0, + 31, 0, 0, 17, 29, 0, 24, 28, 23, 50, + 21, 26, 51, 12, 0, 11, 0, 50, 22, 14, + 13 +}; + +/* YYPGOTO[NTERM-NUM]. */ +static const yytype_int8 yypgoto[] = +{ + -20, -20, -20, -20, -20, -20, -20, -20, -20, -20, + -7 +}; + +/* YYDEFGOTO[NTERM-NUM]. */ +static const yytype_int8 yydefgoto[] = +{ + 0, 1, 15, 16, 17, 18, 19, 20, 21, 22, + 55 +}; + +/* YYTABLE[YYPACT[STATE-NUM]] -- What to do in state STATE-NUM. If + positive, shift that token. If negative, reduce the rule whose + number is the opposite. If YYTABLE_NINF, syntax error. */ +static const yytype_int8 yytable[] = +{ + 2, 23, 52, 24, 3, 4, 5, 59, 6, 46, + 47, 7, 8, 9, 10, 11, 12, 13, 14, 31, + 32, 43, 44, 33, 45, 34, 35, 36, 37, 38, + 39, 48, 40, 49, 41, 25, 42, 52, 26, 50, + 51, 27, 53, 28, 29, 57, 54, 30, 58, 56, + 60 +}; + +static const yytype_int8 yycheck[] = +{ + 0, 20, 10, 16, 4, 5, 6, 15, 8, 15, + 16, 11, 12, 13, 14, 15, 16, 17, 18, 4, + 5, 7, 3, 8, 20, 10, 11, 12, 13, 14, + 15, 15, 17, 16, 19, 5, 21, 10, 8, 16, + 16, 11, 15, 13, 14, 16, 19, 17, 16, 21, + 57 +}; + +/* YYSTOS[STATE-NUM] -- The symbol kind of the accessing symbol of + state STATE-NUM. */ +static const yytype_int8 yystos[] = +{ + 0, 23, 0, 4, 5, 6, 8, 11, 12, 13, + 14, 15, 16, 17, 18, 24, 25, 26, 27, 28, + 29, 30, 31, 20, 16, 5, 8, 11, 13, 14, + 17, 4, 5, 8, 10, 11, 12, 13, 14, 15, + 17, 19, 21, 7, 3, 20, 15, 16, 15, 16, + 16, 16, 10, 15, 19, 32, 21, 16, 16, 15, + 32 +}; + +/* YYR1[RULE-NUM] -- Symbol kind of the left-hand side of rule RULE-NUM. */ +static const yytype_int8 yyr1[] = +{ + 0, 22, 23, 23, 24, 24, 24, 24, 24, 24, + 25, 25, 25, 25, 25, 26, 26, 26, 27, 27, + 27, 28, 28, 28, 28, 28, 28, 28, 28, 29, + 29, 30, 30, 30, 30, 30, 30, 30, 30, 30, + 30, 30, 30, 30, 30, 30, 30, 30, 30, 31, + 32, 32 +}; + +/* YYR2[RULE-NUM] -- Number of symbols on the right-hand side of rule RULE-NUM. */ +static const yytype_int8 yyr2[] = +{ + 0, 2, 0, 2, 1, 1, 1, 1, 1, 1, + 2, 4, 4, 6, 6, 1, 1, 2, 1, 2, + 2, 3, 5, 3, 3, 2, 4, 2, 3, 2, + 1, 2, 2, 1, 2, 2, 1, 2, 2, 1, + 2, 2, 1, 2, 2, 1, 2, 2, 1, 1, + 0, 1 +}; + + +enum { YYENOMEM = -2 }; + +#define yyerrok (yyerrstatus = 0) +#define yyclearin (yychar = YYEMPTY) + +#define YYACCEPT goto yyacceptlab +#define YYABORT goto yyabortlab +#define YYERROR goto yyerrorlab +#define YYNOMEM goto yyexhaustedlab + + +#define YYRECOVERING() (!!yyerrstatus) + +#define YYBACKUP(Token, Value) \ + do \ + if (yychar == YYEMPTY) \ + { \ + yychar = (Token); \ + yylval = (Value); \ + YYPOPSTACK (yylen); \ + yystate = *yyssp; \ + goto yybackup; \ + } \ + else \ + { \ + yyerror (YY_("syntax error: cannot back up")); \ + YYERROR; \ + } \ + while (0) + +/* Backward compatibility with an undocumented macro. + Use YYerror or YYUNDEF. */ +#define YYERRCODE YYUNDEF + + +/* Enable debugging if requested. */ +#if YYDEBUG + +# ifndef YYFPRINTF +# include <stdio.h> /* INFRINGES ON USER NAME SPACE */ +# define YYFPRINTF fprintf +# endif + +# define YYDPRINTF(Args) \ +do { \ + if (yydebug) \ + YYFPRINTF Args; \ +} while (0) + + + + +# define YY_SYMBOL_PRINT(Title, Kind, Value, Location) \ +do { \ + if (yydebug) \ + { \ + YYFPRINTF (stderr, "%s ", Title); \ + yy_symbol_print (stderr, \ + Kind, Value); \ + YYFPRINTF (stderr, "\n"); \ + } \ +} while (0) + + +/*-----------------------------------. +| Print this symbol's value on YYO. | +`-----------------------------------*/ + +static void +yy_symbol_value_print (FILE *yyo, + yysymbol_kind_t yykind, YYSTYPE const * const yyvaluep) +{ + FILE *yyoutput = yyo; + YY_USE (yyoutput); + if (!yyvaluep) + return; + YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN + YY_USE (yykind); + YY_IGNORE_MAYBE_UNINITIALIZED_END +} + + +/*---------------------------. +| Print this symbol on YYO. | +`---------------------------*/ + +static void +yy_symbol_print (FILE *yyo, + yysymbol_kind_t yykind, YYSTYPE const * const yyvaluep) +{ + YYFPRINTF (yyo, "%s %s (", + yykind < YYNTOKENS ? "token" : "nterm", yysymbol_name (yykind)); + + yy_symbol_value_print (yyo, yykind, yyvaluep); + YYFPRINTF (yyo, ")"); +} + +/*------------------------------------------------------------------. +| yy_stack_print -- Print the state stack from its BOTTOM up to its | +| TOP (included). | +`------------------------------------------------------------------*/ + +static void +yy_stack_print (yy_state_t *yybottom, yy_state_t *yytop) +{ + YYFPRINTF (stderr, "Stack now"); + for (; yybottom <= yytop; yybottom++) + { + int yybot = *yybottom; + YYFPRINTF (stderr, " %d", yybot); + } + YYFPRINTF (stderr, "\n"); +} + +# define YY_STACK_PRINT(Bottom, Top) \ +do { \ + if (yydebug) \ + yy_stack_print ((Bottom), (Top)); \ +} while (0) + + +/*------------------------------------------------. +| Report that the YYRULE is going to be reduced. | +`------------------------------------------------*/ + +static void +yy_reduce_print (yy_state_t *yyssp, YYSTYPE *yyvsp, + int yyrule) +{ + int yylno = yyrline[yyrule]; + int yynrhs = yyr2[yyrule]; + int yyi; + YYFPRINTF (stderr, "Reducing stack by rule %d (line %d):\n", + yyrule - 1, yylno); + /* The symbols being reduced. */ + for (yyi = 0; yyi < yynrhs; yyi++) + { + YYFPRINTF (stderr, " $%d = ", yyi + 1); + yy_symbol_print (stderr, + YY_ACCESSING_SYMBOL (+yyssp[yyi + 1 - yynrhs]), + &yyvsp[(yyi + 1) - (yynrhs)]); + YYFPRINTF (stderr, "\n"); + } +} + +# define YY_REDUCE_PRINT(Rule) \ +do { \ + if (yydebug) \ + yy_reduce_print (yyssp, yyvsp, Rule); \ +} while (0) + +/* Nonzero means print parse trace. It is left uninitialized so that + multiple parsers can coexist. */ +int yydebug; +#else /* !YYDEBUG */ +# define YYDPRINTF(Args) ((void) 0) +# define YY_SYMBOL_PRINT(Title, Kind, Value, Location) +# define YY_STACK_PRINT(Bottom, Top) +# define YY_REDUCE_PRINT(Rule) +#endif /* !YYDEBUG */ + + +/* YYINITDEPTH -- initial size of the parser's stacks. */ +#ifndef YYINITDEPTH +# define YYINITDEPTH 200 +#endif + +/* YYMAXDEPTH -- maximum size the stacks can grow to (effective only + if the built-in stack extension method is used). + + Do not make this value too large; the results are undefined if + YYSTACK_ALLOC_MAXIMUM < YYSTACK_BYTES (YYMAXDEPTH) + evaluated with infinite-precision integer arithmetic. */ + +#ifndef YYMAXDEPTH +# define YYMAXDEPTH 10000 +#endif + + + + + + +/*-----------------------------------------------. +| Release the memory associated to this symbol. | +`-----------------------------------------------*/ + +static void +yydestruct (const char *yymsg, + yysymbol_kind_t yykind, YYSTYPE *yyvaluep) +{ + YY_USE (yyvaluep); + if (!yymsg) + yymsg = "Deleting"; + YY_SYMBOL_PRINT (yymsg, yykind, yyvaluep, yylocationp); + + YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN + YY_USE (yykind); + YY_IGNORE_MAYBE_UNINITIALIZED_END +} + + +/* Lookahead token kind. */ +int yychar; + +/* The semantic value of the lookahead symbol. */ +YYSTYPE yylval; +/* Number of syntax errors so far. */ +int yynerrs; + + + + +/*----------. +| yyparse. | +`----------*/ + +int +yyparse (void) +{ + yy_state_fast_t yystate = 0; + /* Number of tokens to shift before error messages enabled. */ + int yyerrstatus = 0; + + /* Refer to the stacks through separate pointers, to allow yyoverflow + to reallocate them elsewhere. */ + + /* Their size. */ + YYPTRDIFF_T yystacksize = YYINITDEPTH; + + /* The state stack: array, bottom, top. */ + yy_state_t yyssa[YYINITDEPTH]; + yy_state_t *yyss = yyssa; + yy_state_t *yyssp = yyss; + + /* The semantic value stack: array, bottom, top. */ + YYSTYPE yyvsa[YYINITDEPTH]; + YYSTYPE *yyvs = yyvsa; + YYSTYPE *yyvsp = yyvs; + + int yyn; + /* The return value of yyparse. */ + int yyresult; + /* Lookahead symbol kind. */ + yysymbol_kind_t yytoken = YYSYMBOL_YYEMPTY; + /* The variables used to return semantic value and location from the + action routines. */ + YYSTYPE yyval; + + + +#define YYPOPSTACK(N) (yyvsp -= (N), yyssp -= (N)) + + /* The number of symbols on the RHS of the reduced rule. + Keep to zero when no symbol should be popped. */ + int yylen = 0; + + YYDPRINTF ((stderr, "Starting parse\n")); + + yychar = YYEMPTY; /* Cause a token to be read. */ + + goto yysetstate; + + +/*------------------------------------------------------------. +| yynewstate -- push a new state, which is found in yystate. | +`------------------------------------------------------------*/ +yynewstate: + /* In all cases, when you get here, the value and location stacks + have just been pushed. So pushing a state here evens the stacks. */ + yyssp++; + + +/*--------------------------------------------------------------------. +| yysetstate -- set current state (the top of the stack) to yystate. | +`--------------------------------------------------------------------*/ +yysetstate: + YYDPRINTF ((stderr, "Entering state %d\n", yystate)); + YY_ASSERT (0 <= yystate && yystate < YYNSTATES); + YY_IGNORE_USELESS_CAST_BEGIN + *yyssp = YY_CAST (yy_state_t, yystate); + YY_IGNORE_USELESS_CAST_END + YY_STACK_PRINT (yyss, yyssp); + + if (yyss + yystacksize - 1 <= yyssp) +#if !defined yyoverflow && !defined YYSTACK_RELOCATE + YYNOMEM; +#else + { + /* Get the current used size of the three stacks, in elements. */ + YYPTRDIFF_T yysize = yyssp - yyss + 1; + +# if defined yyoverflow + { + /* Give user a chance to reallocate the stack. Use copies of + these so that the &'s don't force the real ones into + memory. */ + yy_state_t *yyss1 = yyss; + YYSTYPE *yyvs1 = yyvs; + + /* Each stack pointer address is followed by the size of the + data in use in that stack, in bytes. This used to be a + conditional around just the two extra args, but that might + be undefined if yyoverflow is a macro. */ + yyoverflow (YY_("memory exhausted"), + &yyss1, yysize * YYSIZEOF (*yyssp), + &yyvs1, yysize * YYSIZEOF (*yyvsp), + &yystacksize); + yyss = yyss1; + yyvs = yyvs1; + } +# else /* defined YYSTACK_RELOCATE */ + /* Extend the stack our own way. */ + if (YYMAXDEPTH <= yystacksize) + YYNOMEM; + yystacksize *= 2; + if (YYMAXDEPTH < yystacksize) + yystacksize = YYMAXDEPTH; + + { + yy_state_t *yyss1 = yyss; + union yyalloc *yyptr = + YY_CAST (union yyalloc *, + YYSTACK_ALLOC (YY_CAST (YYSIZE_T, YYSTACK_BYTES (yystacksize)))); + if (! yyptr) + YYNOMEM; + YYSTACK_RELOCATE (yyss_alloc, yyss); + YYSTACK_RELOCATE (yyvs_alloc, yyvs); +# undef YYSTACK_RELOCATE + if (yyss1 != yyssa) + YYSTACK_FREE (yyss1); + } +# endif + + yyssp = yyss + yysize - 1; + yyvsp = yyvs + yysize - 1; + + YY_IGNORE_USELESS_CAST_BEGIN + YYDPRINTF ((stderr, "Stack size increased to %ld\n", + YY_CAST (long, yystacksize))); + YY_IGNORE_USELESS_CAST_END + + if (yyss + yystacksize - 1 <= yyssp) + YYABORT; + } +#endif /* !defined yyoverflow && !defined YYSTACK_RELOCATE */ + + + if (yystate == YYFINAL) + YYACCEPT; + + goto yybackup; + + +/*-----------. +| yybackup. | +`-----------*/ +yybackup: + /* Do appropriate processing given the current state. Read a + lookahead token if we need one and don't already have one. */ + + /* First try to decide what to do without reference to lookahead token. */ + yyn = yypact[yystate]; + if (yypact_value_is_default (yyn)) + goto yydefault; + + /* Not known => get a lookahead token if don't already have one. */ + + /* YYCHAR is either empty, or end-of-input, or a valid lookahead. */ + if (yychar == YYEMPTY) + { + YYDPRINTF ((stderr, "Reading a token\n")); + yychar = yylex (); + } + + if (yychar <= YYEOF) + { + yychar = YYEOF; + yytoken = YYSYMBOL_YYEOF; + YYDPRINTF ((stderr, "Now at end of input.\n")); + } + else if (yychar == YYerror) + { + /* The scanner already issued an error message, process directly + to error recovery. But do not keep the error token as + lookahead, it is too special and may lead us to an endless + loop in error recovery. */ + yychar = YYUNDEF; + yytoken = YYSYMBOL_YYerror; + goto yyerrlab1; + } + else + { + yytoken = YYTRANSLATE (yychar); + YY_SYMBOL_PRINT ("Next token is", yytoken, &yylval, &yylloc); + } + + /* If the proper action on seeing token YYTOKEN is to reduce or to + detect an error, take that action. */ + yyn += yytoken; + if (yyn < 0 || YYLAST < yyn || yycheck[yyn] != yytoken) + goto yydefault; + yyn = yytable[yyn]; + if (yyn <= 0) + { + if (yytable_value_is_error (yyn)) + goto yyerrlab; + yyn = -yyn; + goto yyreduce; + } + + /* Count tokens shifted since error; after three, turn off error + status. */ + if (yyerrstatus) + yyerrstatus--; + + /* Shift the lookahead token. */ + YY_SYMBOL_PRINT ("Shifting", yytoken, &yylval, &yylloc); + yystate = yyn; + YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN + *++yyvsp = yylval; + YY_IGNORE_MAYBE_UNINITIALIZED_END + + /* Discard the shifted token. */ + yychar = YYEMPTY; + goto yynewstate; + + +/*-----------------------------------------------------------. +| yydefault -- do the default action for the current state. | +`-----------------------------------------------------------*/ +yydefault: + yyn = yydefact[yystate]; + if (yyn == 0) + goto yyerrlab; + goto yyreduce; + + +/*-----------------------------. +| yyreduce -- do a reduction. | +`-----------------------------*/ +yyreduce: + /* yyn is the number of a rule to reduce with. */ + yylen = yyr2[yyn]; + + /* If YYLEN is nonzero, implement the default value of the action: + '$$ = $1'. + + Otherwise, the following line sets YYVAL to garbage. + This behavior is undocumented and Bison + users should not rely upon it. Assigning to YYVAL + unconditionally makes the parser a bit smaller, and it avoids a + GCC warning that YYVAL may be used uninitialized. */ + yyval = yyvsp[1-yylen]; + + + YY_REDUCE_PRINT (yyn); + switch (yyn) + { + case 4: /* item: time */ +#line 167 "getdate.y" + { + yyHaveTime++; + } +#line 1358 "getdate.c" + break; + + case 5: /* item: zone */ +#line 170 "getdate.y" + { + yyHaveZone++; + } +#line 1366 "getdate.c" + break; + + case 6: /* item: date */ +#line 173 "getdate.y" + { + yyHaveDate++; + } +#line 1374 "getdate.c" + break; + + case 7: /* item: day */ +#line 176 "getdate.y" + { + yyHaveDay++; + } +#line 1382 "getdate.c" + break; + + case 8: /* item: rel */ +#line 179 "getdate.y" + { + yyHaveRel++; + } +#line 1390 "getdate.c" + break; + + case 10: /* time: tUNUMBER tMERIDIAN */ +#line 185 "getdate.y" + { + yyHour = (yyvsp[-1].Number); + yyMinutes = 0; + yySeconds = 0; + yyMeridian = (yyvsp[0].Meridian); + } +#line 1401 "getdate.c" + break; + + case 11: /* time: tUNUMBER ':' tUNUMBER o_merid */ +#line 191 "getdate.y" + { + yyHour = (yyvsp[-3].Number); + yyMinutes = (yyvsp[-1].Number); + yySeconds = 0; + yyMeridian = (yyvsp[0].Meridian); + } +#line 1412 "getdate.c" + break; + + case 12: /* time: tUNUMBER ':' tUNUMBER tSNUMBER */ +#line 197 "getdate.y" + { + yyHour = (yyvsp[-3].Number); + yyMinutes = (yyvsp[-1].Number); + yyMeridian = MER24; + yyHaveZone++; + yyTimezone = ((yyvsp[0].Number) < 0 + ? -(yyvsp[0].Number) % 100 + (-(yyvsp[0].Number) / 100) * 60 + : - ((yyvsp[0].Number) % 100 + ((yyvsp[0].Number) / 100) * 60)); + } +#line 1426 "getdate.c" + break; + + case 13: /* time: tUNUMBER ':' tUNUMBER ':' tUNUMBER o_merid */ +#line 206 "getdate.y" + { + yyHour = (yyvsp[-5].Number); + yyMinutes = (yyvsp[-3].Number); + yySeconds = (yyvsp[-1].Number); + yyMeridian = (yyvsp[0].Meridian); + } +#line 1437 "getdate.c" + break; + + case 14: /* time: tUNUMBER ':' tUNUMBER ':' tUNUMBER tSNUMBER */ +#line 212 "getdate.y" + { + yyHour = (yyvsp[-5].Number); + yyMinutes = (yyvsp[-3].Number); + yySeconds = (yyvsp[-1].Number); + yyMeridian = MER24; + yyHaveZone++; + yyTimezone = ((yyvsp[0].Number) < 0 + ? -(yyvsp[0].Number) % 100 + (-(yyvsp[0].Number) / 100) * 60 + : - ((yyvsp[0].Number) % 100 + ((yyvsp[0].Number) / 100) * 60)); + } +#line 1452 "getdate.c" + break; + + case 15: /* zone: tZONE */ +#line 224 "getdate.y" + { + yyTimezone = (yyvsp[0].Number); + } +#line 1460 "getdate.c" + break; + + case 16: /* zone: tDAYZONE */ +#line 227 "getdate.y" + { + yyTimezone = (yyvsp[0].Number) - 60; + } +#line 1468 "getdate.c" + break; + + case 17: /* zone: tZONE tDST */ +#line 231 "getdate.y" + { + yyTimezone = (yyvsp[-1].Number) - 60; + } +#line 1476 "getdate.c" + break; + + case 18: /* day: tDAY */ +#line 236 "getdate.y" + { + yyDayOrdinal = 1; + yyDayNumber = (yyvsp[0].Number); + } +#line 1485 "getdate.c" + break; + + case 19: /* day: tDAY ',' */ +#line 240 "getdate.y" + { + yyDayOrdinal = 1; + yyDayNumber = (yyvsp[-1].Number); + } +#line 1494 "getdate.c" + break; + + case 20: /* day: tUNUMBER tDAY */ +#line 244 "getdate.y" + { + yyDayOrdinal = (yyvsp[-1].Number); + yyDayNumber = (yyvsp[0].Number); + } +#line 1503 "getdate.c" + break; + + case 21: /* date: tUNUMBER '/' tUNUMBER */ +#line 250 "getdate.y" + { + yyMonth = (yyvsp[-2].Number); + yyDay = (yyvsp[0].Number); + } +#line 1512 "getdate.c" + break; + + case 22: /* date: tUNUMBER '/' tUNUMBER '/' tUNUMBER */ +#line 254 "getdate.y" + { + /* Interpret as YYYY/MM/DD if $1 >= 1000, otherwise as MM/DD/YY. + The goal in recognizing YYYY/MM/DD is solely to support legacy + machine-generated dates like those in an RCS log listing. If + you want portability, use the ISO 8601 format. */ + if ((yyvsp[-4].Number) >= 1000) + { + yyYear = (yyvsp[-4].Number); + yyMonth = (yyvsp[-2].Number); + yyDay = (yyvsp[0].Number); + } + else + { + yyMonth = (yyvsp[-4].Number); + yyDay = (yyvsp[-2].Number); + yyYear = (yyvsp[0].Number); + } + } +#line 1535 "getdate.c" + break; + + case 23: /* date: tUNUMBER tSNUMBER tSNUMBER */ +#line 272 "getdate.y" + { + /* ISO 8601 format. yyyy-mm-dd. */ + yyYear = (yyvsp[-2].Number); + yyMonth = -(yyvsp[-1].Number); + yyDay = -(yyvsp[0].Number); + } +#line 1546 "getdate.c" + break; + + case 24: /* date: tUNUMBER tMONTH tSNUMBER */ +#line 278 "getdate.y" + { + /* e.g. 17-JUN-1992. */ + yyDay = (yyvsp[-2].Number); + yyMonth = (yyvsp[-1].Number); + yyYear = -(yyvsp[0].Number); + } +#line 1557 "getdate.c" + break; + + case 25: /* date: tMONTH tUNUMBER */ +#line 284 "getdate.y" + { + yyMonth = (yyvsp[-1].Number); + yyDay = (yyvsp[0].Number); + } +#line 1566 "getdate.c" + break; + + case 26: /* date: tMONTH tUNUMBER ',' tUNUMBER */ +#line 288 "getdate.y" + { + yyMonth = (yyvsp[-3].Number); + yyDay = (yyvsp[-2].Number); + yyYear = (yyvsp[0].Number); + } +#line 1576 "getdate.c" + break; + + case 27: /* date: tUNUMBER tMONTH */ +#line 293 "getdate.y" + { + yyMonth = (yyvsp[0].Number); + yyDay = (yyvsp[-1].Number); + } +#line 1585 "getdate.c" + break; + + case 28: /* date: tUNUMBER tMONTH tUNUMBER */ +#line 297 "getdate.y" + { + yyMonth = (yyvsp[-1].Number); + yyDay = (yyvsp[-2].Number); + yyYear = (yyvsp[0].Number); + } +#line 1595 "getdate.c" + break; + + case 29: /* rel: relunit tAGO */ +#line 304 "getdate.y" + { + yyRelSeconds = -yyRelSeconds; + yyRelMinutes = -yyRelMinutes; + yyRelHour = -yyRelHour; + yyRelDay = -yyRelDay; + yyRelMonth = -yyRelMonth; + yyRelYear = -yyRelYear; + } +#line 1608 "getdate.c" + break; + + case 31: /* relunit: tUNUMBER tYEAR_UNIT */ +#line 315 "getdate.y" + { + yyRelYear += (yyvsp[-1].Number) * (yyvsp[0].Number); + } +#line 1616 "getdate.c" + break; + + case 32: /* relunit: tSNUMBER tYEAR_UNIT */ +#line 318 "getdate.y" + { + yyRelYear += (yyvsp[-1].Number) * (yyvsp[0].Number); + } +#line 1624 "getdate.c" + break; + + case 33: /* relunit: tYEAR_UNIT */ +#line 321 "getdate.y" + { + yyRelYear += (yyvsp[0].Number); + } +#line 1632 "getdate.c" + break; + + case 34: /* relunit: tUNUMBER tMONTH_UNIT */ +#line 324 "getdate.y" + { + yyRelMonth += (yyvsp[-1].Number) * (yyvsp[0].Number); + } +#line 1640 "getdate.c" + break; + + case 35: /* relunit: tSNUMBER tMONTH_UNIT */ +#line 327 "getdate.y" + { + yyRelMonth += (yyvsp[-1].Number) * (yyvsp[0].Number); + } +#line 1648 "getdate.c" + break; + + case 36: /* relunit: tMONTH_UNIT */ +#line 330 "getdate.y" + { + yyRelMonth += (yyvsp[0].Number); + } +#line 1656 "getdate.c" + break; + + case 37: /* relunit: tUNUMBER tDAY_UNIT */ +#line 333 "getdate.y" + { + yyRelDay += (yyvsp[-1].Number) * (yyvsp[0].Number); + } +#line 1664 "getdate.c" + break; + + case 38: /* relunit: tSNUMBER tDAY_UNIT */ +#line 336 "getdate.y" + { + yyRelDay += (yyvsp[-1].Number) * (yyvsp[0].Number); + } +#line 1672 "getdate.c" + break; + + case 39: /* relunit: tDAY_UNIT */ +#line 339 "getdate.y" + { + yyRelDay += (yyvsp[0].Number); + } +#line 1680 "getdate.c" + break; + + case 40: /* relunit: tUNUMBER tHOUR_UNIT */ +#line 342 "getdate.y" + { + yyRelHour += (yyvsp[-1].Number) * (yyvsp[0].Number); + } +#line 1688 "getdate.c" + break; + + case 41: /* relunit: tSNUMBER tHOUR_UNIT */ +#line 345 "getdate.y" + { + yyRelHour += (yyvsp[-1].Number) * (yyvsp[0].Number); + } +#line 1696 "getdate.c" + break; + + case 42: /* relunit: tHOUR_UNIT */ +#line 348 "getdate.y" + { + yyRelHour += (yyvsp[0].Number); + } +#line 1704 "getdate.c" + break; + + case 43: /* relunit: tUNUMBER tMINUTE_UNIT */ +#line 351 "getdate.y" + { + yyRelMinutes += (yyvsp[-1].Number) * (yyvsp[0].Number); + } +#line 1712 "getdate.c" + break; + + case 44: /* relunit: tSNUMBER tMINUTE_UNIT */ +#line 354 "getdate.y" + { + yyRelMinutes += (yyvsp[-1].Number) * (yyvsp[0].Number); + } +#line 1720 "getdate.c" + break; + + case 45: /* relunit: tMINUTE_UNIT */ +#line 357 "getdate.y" + { + yyRelMinutes += (yyvsp[0].Number); + } +#line 1728 "getdate.c" + break; + + case 46: /* relunit: tUNUMBER tSEC_UNIT */ +#line 360 "getdate.y" + { + yyRelSeconds += (yyvsp[-1].Number) * (yyvsp[0].Number); + } +#line 1736 "getdate.c" + break; + + case 47: /* relunit: tSNUMBER tSEC_UNIT */ +#line 363 "getdate.y" + { + yyRelSeconds += (yyvsp[-1].Number) * (yyvsp[0].Number); + } +#line 1744 "getdate.c" + break; + + case 48: /* relunit: tSEC_UNIT */ +#line 366 "getdate.y" + { + yyRelSeconds += (yyvsp[0].Number); + } +#line 1752 "getdate.c" + break; + + case 49: /* number: tUNUMBER */ +#line 372 "getdate.y" + { + if ((yyHaveTime != 0) && (yyHaveDate != 0) && (yyHaveRel == 0)) + yyYear = (yyvsp[0].Number); + else + { + if ((yyvsp[0].Number)>10000) + { + yyHaveDate++; + yyDay= ((yyvsp[0].Number))%100; + yyMonth= ((yyvsp[0].Number)/100)%100; + yyYear = (yyvsp[0].Number)/10000; + } + else + { + yyHaveTime++; + if ((yyvsp[0].Number) < 100) + { + yyHour = (yyvsp[0].Number); + yyMinutes = 0; + } + else + { + yyHour = (yyvsp[0].Number) / 100; + yyMinutes = (yyvsp[0].Number) % 100; + } + yySeconds = 0; + yyMeridian = MER24; + } + } + } +#line 1787 "getdate.c" + break; + + case 50: /* o_merid: %empty */ +#line 405 "getdate.y" + { + (yyval.Meridian) = MER24; + } +#line 1795 "getdate.c" + break; + + case 51: /* o_merid: tMERIDIAN */ +#line 409 "getdate.y" + { + (yyval.Meridian) = (yyvsp[0].Meridian); + } +#line 1803 "getdate.c" + break; + + +#line 1807 "getdate.c" + + default: break; + } + /* User semantic actions sometimes alter yychar, and that requires + that yytoken be updated with the new translation. We take the + approach of translating immediately before every use of yytoken. + One alternative is translating here after every semantic action, + but that translation would be missed if the semantic action invokes + YYABORT, YYACCEPT, or YYERROR immediately after altering yychar or + if it invokes YYBACKUP. In the case of YYABORT or YYACCEPT, an + incorrect destructor might then be invoked immediately. In the + case of YYERROR or YYBACKUP, subsequent parser actions might lead + to an incorrect destructor call or verbose syntax error message + before the lookahead is translated. */ + YY_SYMBOL_PRINT ("-> $$ =", YY_CAST (yysymbol_kind_t, yyr1[yyn]), &yyval, &yyloc); + + YYPOPSTACK (yylen); + yylen = 0; + + *++yyvsp = yyval; + + /* Now 'shift' the result of the reduction. Determine what state + that goes to, based on the state we popped back to and the rule + number reduced by. */ + { + const int yylhs = yyr1[yyn] - YYNTOKENS; + const int yyi = yypgoto[yylhs] + *yyssp; + yystate = (0 <= yyi && yyi <= YYLAST && yycheck[yyi] == *yyssp + ? yytable[yyi] + : yydefgoto[yylhs]); + } + + goto yynewstate; + + +/*--------------------------------------. +| yyerrlab -- here on detecting error. | +`--------------------------------------*/ +yyerrlab: + /* Make sure we have latest lookahead translation. See comments at + user semantic actions for why this is necessary. */ + yytoken = yychar == YYEMPTY ? YYSYMBOL_YYEMPTY : YYTRANSLATE (yychar); + /* If not already recovering from an error, report this error. */ + if (!yyerrstatus) + { + ++yynerrs; + yyerror (YY_("syntax error")); + } + + if (yyerrstatus == 3) + { + /* If just tried and failed to reuse lookahead token after an + error, discard it. */ + + if (yychar <= YYEOF) + { + /* Return failure if at end of input. */ + if (yychar == YYEOF) + YYABORT; + } + else + { + yydestruct ("Error: discarding", + yytoken, &yylval); + yychar = YYEMPTY; + } + } + + /* Else will try to reuse lookahead token after shifting the error + token. */ + goto yyerrlab1; + + +/*---------------------------------------------------. +| yyerrorlab -- error raised explicitly by YYERROR. | +`---------------------------------------------------*/ +yyerrorlab: + /* Pacify compilers when the user code never invokes YYERROR and the + label yyerrorlab therefore never appears in user code. */ + if (0) + YYERROR; + ++yynerrs; + + /* Do not reclaim the symbols of the rule whose action triggered + this YYERROR. */ + YYPOPSTACK (yylen); + yylen = 0; + YY_STACK_PRINT (yyss, yyssp); + yystate = *yyssp; + goto yyerrlab1; + + +/*-------------------------------------------------------------. +| yyerrlab1 -- common code for both syntax error and YYERROR. | +`-------------------------------------------------------------*/ +yyerrlab1: + yyerrstatus = 3; /* Each real token shifted decrements this. */ + + /* Pop stack until we find a state that shifts the error token. */ + for (;;) + { + yyn = yypact[yystate]; + if (!yypact_value_is_default (yyn)) + { + yyn += YYSYMBOL_YYerror; + if (0 <= yyn && yyn <= YYLAST && yycheck[yyn] == YYSYMBOL_YYerror) + { + yyn = yytable[yyn]; + if (0 < yyn) + break; + } + } + + /* Pop the current state because it cannot handle the error token. */ + if (yyssp == yyss) + YYABORT; + + + yydestruct ("Error: popping", + YY_ACCESSING_SYMBOL (yystate), yyvsp); + YYPOPSTACK (1); + yystate = *yyssp; + YY_STACK_PRINT (yyss, yyssp); + } + + YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN + *++yyvsp = yylval; + YY_IGNORE_MAYBE_UNINITIALIZED_END + + + /* Shift the error token. */ + YY_SYMBOL_PRINT ("Shifting", YY_ACCESSING_SYMBOL (yyn), yyvsp, yylsp); + + yystate = yyn; + goto yynewstate; + + +/*-------------------------------------. +| yyacceptlab -- YYACCEPT comes here. | +`-------------------------------------*/ +yyacceptlab: + yyresult = 0; + goto yyreturnlab; + + +/*-----------------------------------. +| yyabortlab -- YYABORT comes here. | +`-----------------------------------*/ +yyabortlab: + yyresult = 1; + goto yyreturnlab; + + +/*-----------------------------------------------------------. +| yyexhaustedlab -- YYNOMEM (memory exhaustion) comes here. | +`-----------------------------------------------------------*/ +yyexhaustedlab: + yyerror (YY_("memory exhausted")); + yyresult = 2; + goto yyreturnlab; + + +/*----------------------------------------------------------. +| yyreturnlab -- parsing is finished, clean up and return. | +`----------------------------------------------------------*/ +yyreturnlab: + if (yychar != YYEMPTY) + { + /* Make sure we have latest lookahead translation. See comments at + user semantic actions for why this is necessary. */ + yytoken = YYTRANSLATE (yychar); + yydestruct ("Cleanup: discarding lookahead", + yytoken, &yylval); + } + /* Do not reclaim the symbols of the rule whose action triggered + this YYABORT or YYACCEPT. */ + YYPOPSTACK (yylen); + YY_STACK_PRINT (yyss, yyssp); + while (yyssp != yyss) + { + yydestruct ("Cleanup: popping", + YY_ACCESSING_SYMBOL (+*yyssp), yyvsp); + YYPOPSTACK (1); + } +#ifndef yyoverflow + if (yyss != yyssa) + YYSTACK_FREE (yyss); +#endif + + return yyresult; +} + +#line 414 "getdate.y" + + +/* Month and day table. */ +static TABLE const MonthDayTable[] = { + { "january", tMONTH, 1 }, + { "february", tMONTH, 2 }, + { "march", tMONTH, 3 }, + { "april", tMONTH, 4 }, + { "may", tMONTH, 5 }, + { "june", tMONTH, 6 }, + { "july", tMONTH, 7 }, + { "august", tMONTH, 8 }, + { "september", tMONTH, 9 }, + { "sept", tMONTH, 9 }, + { "october", tMONTH, 10 }, + { "november", tMONTH, 11 }, + { "december", tMONTH, 12 }, + { "sunday", tDAY, 0 }, + { "monday", tDAY, 1 }, + { "tuesday", tDAY, 2 }, + { "tues", tDAY, 2 }, + { "wednesday", tDAY, 3 }, + { "wednes", tDAY, 3 }, + { "thursday", tDAY, 4 }, + { "thur", tDAY, 4 }, + { "thurs", tDAY, 4 }, + { "friday", tDAY, 5 }, + { "saturday", tDAY, 6 }, + { NULL, 0, 0 } +}; + +/* Time units table. */ +static TABLE const UnitsTable[] = { + { "year", tYEAR_UNIT, 1 }, + { "month", tMONTH_UNIT, 1 }, + { "fortnight", tDAY_UNIT, 14 }, + { "week", tDAY_UNIT, 7 }, + { "day", tDAY_UNIT, 1 }, + { "hour", tHOUR_UNIT, 1 }, + { "minute", tMINUTE_UNIT, 1 }, + { "min", tMINUTE_UNIT, 1 }, + { "second", tSEC_UNIT, 1 }, + { "sec", tSEC_UNIT, 1 }, + { NULL, 0, 0 } +}; + +/* Assorted relative-time words. */ +static TABLE const OtherTable[] = { + { "tomorrow", tMINUTE_UNIT, 1 * 24 * 60 }, + { "yesterday", tMINUTE_UNIT, -1 * 24 * 60 }, + { "today", tMINUTE_UNIT, 0 }, + { "now", tMINUTE_UNIT, 0 }, + { "last", tUNUMBER, -1 }, + { "this", tMINUTE_UNIT, 0 }, + { "next", tUNUMBER, 2 }, + { "first", tUNUMBER, 1 }, +/* { "second", tUNUMBER, 2 }, */ + { "third", tUNUMBER, 3 }, + { "fourth", tUNUMBER, 4 }, + { "fifth", tUNUMBER, 5 }, + { "sixth", tUNUMBER, 6 }, + { "seventh", tUNUMBER, 7 }, + { "eighth", tUNUMBER, 8 }, + { "ninth", tUNUMBER, 9 }, + { "tenth", tUNUMBER, 10 }, + { "eleventh", tUNUMBER, 11 }, + { "twelfth", tUNUMBER, 12 }, + { "ago", tAGO, 1 }, + { NULL, 0, 0 } +}; + +/* The timezone table. */ +static TABLE const TimezoneTable[] = { + { "gmt", tZONE, HOUR ( 0) }, /* Greenwich Mean */ + { "ut", tZONE, HOUR ( 0) }, /* Universal (Coordinated) */ + { "utc", tZONE, HOUR ( 0) }, + { "wet", tZONE, HOUR ( 0) }, /* Western European */ + { "bst", tDAYZONE, HOUR ( 0) }, /* British Summer */ + { "wat", tZONE, HOUR ( 1) }, /* West Africa */ + { "at", tZONE, HOUR ( 2) }, /* Azores */ + { "ast", tZONE, HOUR ( 4) }, /* Atlantic Standard */ + { "adt", tDAYZONE, HOUR ( 4) }, /* Atlantic Daylight */ + { "est", tZONE, HOUR ( 5) }, /* Eastern Standard */ + { "edt", tDAYZONE, HOUR ( 5) }, /* Eastern Daylight */ + { "cst", tZONE, HOUR ( 6) }, /* Central Standard */ + { "cdt", tDAYZONE, HOUR ( 6) }, /* Central Daylight */ + { "mst", tZONE, HOUR ( 7) }, /* Mountain Standard */ + { "mdt", tDAYZONE, HOUR ( 7) }, /* Mountain Daylight */ + { "pst", tZONE, HOUR ( 8) }, /* Pacific Standard */ + { "pdt", tDAYZONE, HOUR ( 8) }, /* Pacific Daylight */ + { "yst", tZONE, HOUR ( 9) }, /* Yukon Standard */ + { "ydt", tDAYZONE, HOUR ( 9) }, /* Yukon Daylight */ + { "hst", tZONE, HOUR (10) }, /* Hawaii Standard */ + { "hdt", tDAYZONE, HOUR (10) }, /* Hawaii Daylight */ + { "cat", tZONE, HOUR (10) }, /* Central Alaska */ + { "ahst", tZONE, HOUR (10) }, /* Alaska-Hawaii Standard */ + { "nt", tZONE, HOUR (11) }, /* Nome */ + { "idlw", tZONE, HOUR (12) }, /* International Date Line West */ + { "cet", tZONE, -HOUR (1) }, /* Central European */ + { "met", tZONE, -HOUR (1) }, /* Middle European */ + { "mewt", tZONE, -HOUR (1) }, /* Middle European Winter */ + { "mest", tDAYZONE, -HOUR (1) }, /* Middle European Summer */ + { "mesz", tDAYZONE, -HOUR (1) }, /* Middle European Summer */ + { "swt", tZONE, -HOUR (1) }, /* Swedish Winter */ + { "sst", tDAYZONE, -HOUR (1) }, /* Swedish Summer */ + { "fwt", tZONE, -HOUR (1) }, /* French Winter */ + { "fst", tDAYZONE, -HOUR (1) }, /* French Summer */ + { "eet", tZONE, -HOUR (2) }, /* Eastern Europe, USSR Zone 1 */ + { "bt", tZONE, -HOUR (3) }, /* Baghdad, USSR Zone 2 */ + { "zp4", tZONE, -HOUR (4) }, /* USSR Zone 3 */ + { "zp5", tZONE, -HOUR (5) }, /* USSR Zone 4 */ + { "zp6", tZONE, -HOUR (6) }, /* USSR Zone 5 */ + { "wast", tZONE, -HOUR (7) }, /* West Australian Standard */ + { "wadt", tDAYZONE, -HOUR (7) }, /* West Australian Daylight */ + { "cct", tZONE, -HOUR (8) }, /* China Coast, USSR Zone 7 */ + { "jst", tZONE, -HOUR (9) }, /* Japan Standard, USSR Zone 8 */ + { "east", tZONE, -HOUR (10) }, /* Eastern Australian Standard */ + { "eadt", tDAYZONE, -HOUR (10) }, /* Eastern Australian Daylight */ + { "gst", tZONE, -HOUR (10) }, /* Guam Standard, USSR Zone 9 */ + { "nzt", tZONE, -HOUR (12) }, /* New Zealand */ + { "nzst", tZONE, -HOUR (12) }, /* New Zealand Standard */ + { "nzdt", tDAYZONE, -HOUR (12) }, /* New Zealand Daylight */ + { "idle", tZONE, -HOUR (12) }, /* International Date Line East */ + { NULL, 0, 0 } +}; + +/* Military timezone table. */ +static TABLE const MilitaryTable[] = { + { "a", tZONE, HOUR ( 1) }, + { "b", tZONE, HOUR ( 2) }, + { "c", tZONE, HOUR ( 3) }, + { "d", tZONE, HOUR ( 4) }, + { "e", tZONE, HOUR ( 5) }, + { "f", tZONE, HOUR ( 6) }, + { "g", tZONE, HOUR ( 7) }, + { "h", tZONE, HOUR ( 8) }, + { "i", tZONE, HOUR ( 9) }, + { "k", tZONE, HOUR ( 10) }, + { "l", tZONE, HOUR ( 11) }, + { "m", tZONE, HOUR ( 12) }, + { "n", tZONE, HOUR (- 1) }, + { "o", tZONE, HOUR (- 2) }, + { "p", tZONE, HOUR (- 3) }, + { "q", tZONE, HOUR (- 4) }, + { "r", tZONE, HOUR (- 5) }, + { "s", tZONE, HOUR (- 6) }, + { "t", tZONE, HOUR (- 7) }, + { "u", tZONE, HOUR (- 8) }, + { "v", tZONE, HOUR (- 9) }, + { "w", tZONE, HOUR (-10) }, + { "x", tZONE, HOUR (-11) }, + { "y", tZONE, HOUR (-12) }, + { "z", tZONE, HOUR ( 0) }, + { NULL, 0, 0 } +}; + + + + +static int yyerror (MAYBE_UNUSED const char *s) +{ + return 0; +} + +static int ToHour (int Hours, MERIDIAN Meridian) +{ + switch (Meridian) + { + case MER24: + if (Hours < 0 || Hours > 23) + return -1; + return Hours; + case MERam: + if (Hours < 1 || Hours > 12) + return -1; + if (Hours == 12) + Hours = 0; + return Hours; + case MERpm: + if (Hours < 1 || Hours > 12) + return -1; + if (Hours == 12) + Hours = 0; + return Hours + 12; + default: + abort (); + } + /* NOTREACHED */ +} + +static int ToYear (int Year) +{ + if (Year < 0) + Year = -Year; + + /* XPG4 suggests that years 00-68 map to 2000-2068, and + years 69-99 map to 1969-1999. */ + if (Year < 69) + Year += 2000; + else if (Year < 100) + Year += 1900; + + return Year; +} + +static int LookupWord (char *buff) +{ + register char *p; + register char *q; + register const TABLE *tp; + int i; + bool abbrev; + + /* Make it lowercase. */ + for (p = buff; '\0' != *p; p++) + if (isupper (*p)) + *p = tolower (*p); + + if (strcmp (buff, "am") == 0 || strcmp (buff, "a.m.") == 0) + { + yylval.Meridian = MERam; + return tMERIDIAN; + } + if (strcmp (buff, "pm") == 0 || strcmp (buff, "p.m.") == 0) + { + yylval.Meridian = MERpm; + return tMERIDIAN; + } + + /* See if we have an abbreviation for a month. */ + if (strlen (buff) == 3) + abbrev = true; + else if (strlen (buff) == 4 && buff[3] == '.') + { + abbrev = true; + buff[3] = '\0'; + } + else + abbrev = false; + + for (tp = MonthDayTable; tp->name; tp++) + { + if (abbrev) + { + if (strncmp (buff, tp->name, 3) == 0) + { + yylval.Number = tp->value; + return tp->type; + } + } + else if (strcmp (buff, tp->name) == 0) + { + yylval.Number = tp->value; + return tp->type; + } + } + + for (tp = TimezoneTable; tp->name; tp++) + if (strcmp (buff, tp->name) == 0) + { + yylval.Number = tp->value; + return tp->type; + } + + if (strcmp (buff, "dst") == 0) + return tDST; + + for (tp = UnitsTable; tp->name; tp++) + if (strcmp (buff, tp->name) == 0) + { + yylval.Number = tp->value; + return tp->type; + } + + /* Strip off any plural and try the units table again. */ + i = strlen (buff) - 1; + if (buff[i] == 's') + { + buff[i] = '\0'; + for (tp = UnitsTable; tp->name; tp++) + if (strcmp (buff, tp->name) == 0) + { + yylval.Number = tp->value; + return tp->type; + } + buff[i] = 's'; /* Put back for "this" in OtherTable. */ + } + + for (tp = OtherTable; tp->name; tp++) + if (strcmp (buff, tp->name) == 0) + { + yylval.Number = tp->value; + return tp->type; + } + + /* Military timezones. */ + if (buff[1] == '\0' && isalpha (*buff)) + { + for (tp = MilitaryTable; tp->name; tp++) + if (strcmp (buff, tp->name) == 0) + { + yylval.Number = tp->value; + return tp->type; + } + } + + /* Drop out any periods and try the timezone table again. */ + for (i = 0, p = q = buff; '\0' != *q; q++) + if (*q != '.') + *p++ = *q; + else + i++; + *p = '\0'; + if (0 != i) + for (tp = TimezoneTable; NULL != tp->name; tp++) + if (strcmp (buff, tp->name) == 0) + { + yylval.Number = tp->value; + return tp->type; + } + + return tID; +} + +static int +yylex (void) +{ + register char c; + register char *p; + char buff[20]; + int Count; + int sign; + + for (;;) + { + while (isspace (*yyInput)) + yyInput++; + + if (isdigit (c = *yyInput) || c == '-' || c == '+') + { + if (c == '-' || c == '+') + { + sign = c == '-' ? -1 : 1; + if (!isdigit (*++yyInput)) + /* skip the '-' sign */ + continue; + } + else + sign = 0; + for (yylval.Number = 0; isdigit (c = *yyInput++);) + yylval.Number = 10 * yylval.Number + c - '0'; + yyInput--; + if (sign < 0) + yylval.Number = -yylval.Number; + return (0 != sign) ? tSNUMBER : tUNUMBER; + } + if (isalpha (c)) + { + for (p = buff; (c = *yyInput++, isalpha (c)) || c == '.';) + if (p < &buff[sizeof buff - 1]) + *p++ = c; + *p = '\0'; + yyInput--; + return LookupWord (buff); + } + if (c != '(') + return *yyInput++; + Count = 0; + do + { + c = *yyInput++; + if (c == '\0') + return c; + if (c == '(') + Count++; + else if (c == ')') + Count--; + } + while (Count > 0); + } +} + +#define TM_YEAR_ORIGIN 1900 + +/* Yield A - B, measured in seconds. */ +static long difftm (struct tm *a, struct tm *b) +{ + int ay = a->tm_year + (TM_YEAR_ORIGIN - 1); + int by = b->tm_year + (TM_YEAR_ORIGIN - 1); + long days = ( + /* difference in day of year */ + a->tm_yday - b->tm_yday + /* + intervening leap days */ + + ((ay >> 2) - (by >> 2)) + - (ay / 100 - by / 100) + + ((ay / 100 >> 2) - (by / 100 >> 2)) + /* + difference in years * 365 */ + + (long) (ay - by) * 365 + ); + return (60 * (60 * (24 * days + (a->tm_hour - b->tm_hour)) + + (a->tm_min - b->tm_min)) + + (a->tm_sec - b->tm_sec)); +} + +time_t get_date (const char *p, const time_t *now) +{ + struct tm tm, tm0, *tmp; + time_t Start; + + yyInput = p; + Start = now ? *now : time ((time_t *) NULL); + tmp = localtime (&Start); + yyYear = tmp->tm_year + TM_YEAR_ORIGIN; + yyMonth = tmp->tm_mon + 1; + yyDay = tmp->tm_mday; + yyHour = tmp->tm_hour; + yyMinutes = tmp->tm_min; + yySeconds = tmp->tm_sec; + yyMeridian = MER24; + yyRelSeconds = 0; + yyRelMinutes = 0; + yyRelHour = 0; + yyRelDay = 0; + yyRelMonth = 0; + yyRelYear = 0; + yyHaveDate = 0; + yyHaveDay = 0; + yyHaveRel = 0; + yyHaveTime = 0; + yyHaveZone = 0; + + if (yyparse () + || yyHaveTime > 1 || yyHaveZone > 1 || yyHaveDate > 1 || yyHaveDay > 1) + return -1; + + tm.tm_year = ToYear (yyYear) - TM_YEAR_ORIGIN + yyRelYear; + tm.tm_mon = yyMonth - 1 + yyRelMonth; + tm.tm_mday = yyDay + yyRelDay; + if ((yyHaveTime != 0) || + ( (yyHaveRel != 0) && (yyHaveDate == 0) && (yyHaveDay == 0) )) + { + tm.tm_hour = ToHour (yyHour, yyMeridian); + if (tm.tm_hour < 0) + return -1; + tm.tm_min = yyMinutes; + tm.tm_sec = yySeconds; + } + else + { + tm.tm_hour = tm.tm_min = tm.tm_sec = 0; + } + tm.tm_hour += yyRelHour; + tm.tm_min += yyRelMinutes; + tm.tm_sec += yyRelSeconds; + tm.tm_isdst = -1; + tm0 = tm; + + Start = mktime (&tm); + + if (Start == (time_t) -1) + { + + /* Guard against falsely reporting errors near the time_t boundaries + when parsing times in other time zones. For example, if the min + time_t value is 1970-01-01 00:00:00 UTC and we are 8 hours ahead + of UTC, then the min localtime value is 1970-01-01 08:00:00; if + we apply mktime to 1970-01-01 00:00:00 we will get an error, so + we apply mktime to 1970-01-02 08:00:00 instead and adjust the time + zone by 24 hours to compensate. This algorithm assumes that + there is no DST transition within a day of the time_t boundaries. */ + if (yyHaveZone) + { + tm = tm0; + if (tm.tm_year <= EPOCH - TM_YEAR_ORIGIN) + { + tm.tm_mday++; + yyTimezone -= 24 * 60; + } + else + { + tm.tm_mday--; + yyTimezone += 24 * 60; + } + Start = mktime (&tm); + } + + if (Start == (time_t) -1) + return Start; + } + + if (yyHaveDay && !yyHaveDate) + { + tm.tm_mday += ((yyDayNumber - tm.tm_wday + 7) % 7 + + 7 * (yyDayOrdinal - (0 < yyDayOrdinal))); + Start = mktime (&tm); + if (Start == (time_t) -1) + return Start; + } + + if (yyHaveZone) + { + long delta = yyTimezone * 60L + difftm (&tm, gmtime (&Start)); + if ((Start + delta < Start) != (delta < 0)) + return -1; /* time_t overflow */ + Start += delta; + } + + return Start; +} + +#if defined (TEST) + +int +main(void) +{ + char buff[MAX_BUFF_LEN + 1]; + time_t d; + + (void) printf ("Enter date, or blank line to exit.\n\t> "); + (void) fflush (stdout); + + buff[MAX_BUFF_LEN] = 0; + while (fgets (buff, MAX_BUFF_LEN, stdin) && buff[0]) + { + d = get_date (buff, (time_t *) NULL); + if (d == -1) + (void) printf ("Bad format - couldn't convert.\n"); + else + (void) printf ("%s", ctime (&d)); + (void) printf ("\t> "); + (void) fflush (stdout); + } + exit (0); + /* NOTREACHED */ +} +#endif /* defined (TEST) */ diff --git a/lib/getdate.h b/lib/getdate.h new file mode 100644 index 0000000..eae56f6 --- /dev/null +++ b/lib/getdate.h @@ -0,0 +1,16 @@ +/* + * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1997 - 2000, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef _GETDATE_H_ +#define _GETDATE_H_ + +#include <config.h> +#include "defines.h" + +time_t get_date (const char *p, /*@null@*/const time_t *now); +#endif diff --git a/lib/getdate.y b/lib/getdate.y new file mode 100644 index 0000000..8cea2cc --- /dev/null +++ b/lib/getdate.y @@ -0,0 +1,949 @@ +%{ +/* +** Originally written by Steven M. Bellovin <smb@research.att.com> while +** at the University of North Carolina at Chapel Hill. Later tweaked by +** a couple of people on Usenet. Completely overhauled by Rich $alz +** <rsalz@bbn.com> and Jim Berets <jberets@bbn.com> in August, 1990; +** +** This grammar has 13 shift/reduce conflicts. +** +** This code is in the public domain and has no copyright. +*/ + +#ifdef HAVE_CONFIG_H +# include <config.h> +#endif + +/* Since the code of getdate.y is not included in the Emacs executable + itself, there is no need to #define static in this file. Even if + the code were included in the Emacs executable, it probably + wouldn't do any harm to #undef it here; this will only cause + problems if we try to write to a static variable, which I don't + think this code needs to do. */ +#ifdef emacs +# undef static +#endif + +#include <stdio.h> +#include <ctype.h> +#include <time.h> + +#include "attr.h" +#include "getdate.h" + +#include <string.h> + +/* Some old versions of bison generate parsers that use bcopy. + That loses on systems that don't provide the function, so we have + to redefine it here. */ +#if !defined (HAVE_BCOPY) && !defined (bcopy) +# define bcopy(from, to, len) memcpy ((to), (from), (len)) +#endif + +/* Remap normal yacc parser interface names (yyparse, yylex, yyerror, etc), + as well as gratuitously global symbol names, so we can have multiple + yacc generated parsers in the same program. Note that these are only + the variables produced by yacc. If other parser generators (bison, + byacc, etc) produce additional global names that conflict at link time, + then those parser generators need to be fixed instead of adding those + names to this list. */ + +#define yymaxdepth gd_maxdepth +#define yyparse gd_parse +#define yylex gd_lex +#define yyerror gd_error +#define yylval gd_lval +#define yychar gd_char +#define yydebug gd_debug +#define yypact gd_pact +#define yyr1 gd_r1 +#define yyr2 gd_r2 +#define yydef gd_def +#define yychk gd_chk +#define yypgo gd_pgo +#define yyact gd_act +#define yyexca gd_exca +#define yyerrflag gd_errflag +#define yynerrs gd_nerrs +#define yyps gd_ps +#define yypv gd_pv +#define yys gd_s +#define yy_yys gd_yys +#define yystate gd_state +#define yytmp gd_tmp +#define yyv gd_v +#define yy_yyv gd_yyv +#define yyval gd_val +#define yylloc gd_lloc +#define yyreds gd_reds /* With YYDEBUG defined */ +#define yytoks gd_toks /* With YYDEBUG defined */ +#define yylhs gd_yylhs +#define yylen gd_yylen +#define yydefred gd_yydefred +#define yydgoto gd_yydgoto +#define yysindex gd_yysindex +#define yyrindex gd_yyrindex +#define yygindex gd_yygindex +#define yytable gd_yytable +#define yycheck gd_yycheck + +static int yylex (void); +static int yyerror (const char *s); + +#define EPOCH 1970 +#define HOUR(x) ((x) * 60) + +#define MAX_BUFF_LEN 128 /* size of buffer to read the date into */ + +/* +** An entry in the lexical lookup table. +*/ +typedef struct _TABLE { + const char *name; + int type; + int value; +} TABLE; + + +/* +** Meridian: am, pm, or 24-hour style. +*/ +typedef enum _MERIDIAN { + MERam, MERpm, MER24 +} MERIDIAN; + + +/* +** Global variables. We could get rid of most of these by using a good +** union as the yacc stack. (This routine was originally written before +** yacc had the %union construct.) Maybe someday; right now we only use +** the %union very rarely. +*/ +static const char *yyInput; +static int yyDayOrdinal; +static int yyDayNumber; +static int yyHaveDate; +static int yyHaveDay; +static int yyHaveRel; +static int yyHaveTime; +static int yyHaveZone; +static int yyTimezone; +static int yyDay; +static int yyHour; +static int yyMinutes; +static int yyMonth; +static int yySeconds; +static int yyYear; +static MERIDIAN yyMeridian; +static int yyRelDay; +static int yyRelHour; +static int yyRelMinutes; +static int yyRelMonth; +static int yyRelSeconds; +static int yyRelYear; + +%} + +%union { + int Number; + enum _MERIDIAN Meridian; +} + +%token tAGO tDAY tDAY_UNIT tDAYZONE tDST tHOUR_UNIT tID +%token tMERIDIAN tMINUTE_UNIT tMONTH tMONTH_UNIT +%token tSEC_UNIT tSNUMBER tUNUMBER tYEAR_UNIT tZONE + +%type <Number> tDAY tDAY_UNIT tDAYZONE tHOUR_UNIT tMINUTE_UNIT +%type <Number> tMONTH tMONTH_UNIT +%type <Number> tSEC_UNIT tSNUMBER tUNUMBER tYEAR_UNIT tZONE +%type <Meridian> tMERIDIAN o_merid + +%% + +spec : /* NULL */ + | spec item + ; + +item : time { + yyHaveTime++; + } + | zone { + yyHaveZone++; + } + | date { + yyHaveDate++; + } + | day { + yyHaveDay++; + } + | rel { + yyHaveRel++; + } + | number + ; + +time : tUNUMBER tMERIDIAN { + yyHour = $1; + yyMinutes = 0; + yySeconds = 0; + yyMeridian = $2; + } + | tUNUMBER ':' tUNUMBER o_merid { + yyHour = $1; + yyMinutes = $3; + yySeconds = 0; + yyMeridian = $4; + } + | tUNUMBER ':' tUNUMBER tSNUMBER { + yyHour = $1; + yyMinutes = $3; + yyMeridian = MER24; + yyHaveZone++; + yyTimezone = ($4 < 0 + ? -$4 % 100 + (-$4 / 100) * 60 + : - ($4 % 100 + ($4 / 100) * 60)); + } + | tUNUMBER ':' tUNUMBER ':' tUNUMBER o_merid { + yyHour = $1; + yyMinutes = $3; + yySeconds = $5; + yyMeridian = $6; + } + | tUNUMBER ':' tUNUMBER ':' tUNUMBER tSNUMBER { + yyHour = $1; + yyMinutes = $3; + yySeconds = $5; + yyMeridian = MER24; + yyHaveZone++; + yyTimezone = ($6 < 0 + ? -$6 % 100 + (-$6 / 100) * 60 + : - ($6 % 100 + ($6 / 100) * 60)); + } + ; + +zone : tZONE { + yyTimezone = $1; + } + | tDAYZONE { + yyTimezone = $1 - 60; + } + | + tZONE tDST { + yyTimezone = $1 - 60; + } + ; + +day : tDAY { + yyDayOrdinal = 1; + yyDayNumber = $1; + } + | tDAY ',' { + yyDayOrdinal = 1; + yyDayNumber = $1; + } + | tUNUMBER tDAY { + yyDayOrdinal = $1; + yyDayNumber = $2; + } + ; + +date : tUNUMBER '/' tUNUMBER { + yyMonth = $1; + yyDay = $3; + } + | tUNUMBER '/' tUNUMBER '/' tUNUMBER { + /* Interpret as YYYY/MM/DD if $1 >= 1000, otherwise as MM/DD/YY. + The goal in recognizing YYYY/MM/DD is solely to support legacy + machine-generated dates like those in an RCS log listing. If + you want portability, use the ISO 8601 format. */ + if ($1 >= 1000) + { + yyYear = $1; + yyMonth = $3; + yyDay = $5; + } + else + { + yyMonth = $1; + yyDay = $3; + yyYear = $5; + } + } + | tUNUMBER tSNUMBER tSNUMBER { + /* ISO 8601 format. yyyy-mm-dd. */ + yyYear = $1; + yyMonth = -$2; + yyDay = -$3; + } + | tUNUMBER tMONTH tSNUMBER { + /* e.g. 17-JUN-1992. */ + yyDay = $1; + yyMonth = $2; + yyYear = -$3; + } + | tMONTH tUNUMBER { + yyMonth = $1; + yyDay = $2; + } + | tMONTH tUNUMBER ',' tUNUMBER { + yyMonth = $1; + yyDay = $2; + yyYear = $4; + } + | tUNUMBER tMONTH { + yyMonth = $2; + yyDay = $1; + } + | tUNUMBER tMONTH tUNUMBER { + yyMonth = $2; + yyDay = $1; + yyYear = $3; + } + ; + +rel : relunit tAGO { + yyRelSeconds = -yyRelSeconds; + yyRelMinutes = -yyRelMinutes; + yyRelHour = -yyRelHour; + yyRelDay = -yyRelDay; + yyRelMonth = -yyRelMonth; + yyRelYear = -yyRelYear; + } + | relunit + ; + +relunit : tUNUMBER tYEAR_UNIT { + yyRelYear += $1 * $2; + } + | tSNUMBER tYEAR_UNIT { + yyRelYear += $1 * $2; + } + | tYEAR_UNIT { + yyRelYear += $1; + } + | tUNUMBER tMONTH_UNIT { + yyRelMonth += $1 * $2; + } + | tSNUMBER tMONTH_UNIT { + yyRelMonth += $1 * $2; + } + | tMONTH_UNIT { + yyRelMonth += $1; + } + | tUNUMBER tDAY_UNIT { + yyRelDay += $1 * $2; + } + | tSNUMBER tDAY_UNIT { + yyRelDay += $1 * $2; + } + | tDAY_UNIT { + yyRelDay += $1; + } + | tUNUMBER tHOUR_UNIT { + yyRelHour += $1 * $2; + } + | tSNUMBER tHOUR_UNIT { + yyRelHour += $1 * $2; + } + | tHOUR_UNIT { + yyRelHour += $1; + } + | tUNUMBER tMINUTE_UNIT { + yyRelMinutes += $1 * $2; + } + | tSNUMBER tMINUTE_UNIT { + yyRelMinutes += $1 * $2; + } + | tMINUTE_UNIT { + yyRelMinutes += $1; + } + | tUNUMBER tSEC_UNIT { + yyRelSeconds += $1 * $2; + } + | tSNUMBER tSEC_UNIT { + yyRelSeconds += $1 * $2; + } + | tSEC_UNIT { + yyRelSeconds += $1; + } + ; + +number : tUNUMBER + { + if ((yyHaveTime != 0) && (yyHaveDate != 0) && (yyHaveRel == 0)) + yyYear = $1; + else + { + if ($1>10000) + { + yyHaveDate++; + yyDay= ($1)%100; + yyMonth= ($1/100)%100; + yyYear = $1/10000; + } + else + { + yyHaveTime++; + if ($1 < 100) + { + yyHour = $1; + yyMinutes = 0; + } + else + { + yyHour = $1 / 100; + yyMinutes = $1 % 100; + } + yySeconds = 0; + yyMeridian = MER24; + } + } + } + ; + +o_merid : /* NULL */ + { + $$ = MER24; + } + | tMERIDIAN + { + $$ = $1; + } + ; + +%% + +/* Month and day table. */ +static TABLE const MonthDayTable[] = { + { "january", tMONTH, 1 }, + { "february", tMONTH, 2 }, + { "march", tMONTH, 3 }, + { "april", tMONTH, 4 }, + { "may", tMONTH, 5 }, + { "june", tMONTH, 6 }, + { "july", tMONTH, 7 }, + { "august", tMONTH, 8 }, + { "september", tMONTH, 9 }, + { "sept", tMONTH, 9 }, + { "october", tMONTH, 10 }, + { "november", tMONTH, 11 }, + { "december", tMONTH, 12 }, + { "sunday", tDAY, 0 }, + { "monday", tDAY, 1 }, + { "tuesday", tDAY, 2 }, + { "tues", tDAY, 2 }, + { "wednesday", tDAY, 3 }, + { "wednes", tDAY, 3 }, + { "thursday", tDAY, 4 }, + { "thur", tDAY, 4 }, + { "thurs", tDAY, 4 }, + { "friday", tDAY, 5 }, + { "saturday", tDAY, 6 }, + { NULL, 0, 0 } +}; + +/* Time units table. */ +static TABLE const UnitsTable[] = { + { "year", tYEAR_UNIT, 1 }, + { "month", tMONTH_UNIT, 1 }, + { "fortnight", tDAY_UNIT, 14 }, + { "week", tDAY_UNIT, 7 }, + { "day", tDAY_UNIT, 1 }, + { "hour", tHOUR_UNIT, 1 }, + { "minute", tMINUTE_UNIT, 1 }, + { "min", tMINUTE_UNIT, 1 }, + { "second", tSEC_UNIT, 1 }, + { "sec", tSEC_UNIT, 1 }, + { NULL, 0, 0 } +}; + +/* Assorted relative-time words. */ +static TABLE const OtherTable[] = { + { "tomorrow", tMINUTE_UNIT, 1 * 24 * 60 }, + { "yesterday", tMINUTE_UNIT, -1 * 24 * 60 }, + { "today", tMINUTE_UNIT, 0 }, + { "now", tMINUTE_UNIT, 0 }, + { "last", tUNUMBER, -1 }, + { "this", tMINUTE_UNIT, 0 }, + { "next", tUNUMBER, 2 }, + { "first", tUNUMBER, 1 }, +/* { "second", tUNUMBER, 2 }, */ + { "third", tUNUMBER, 3 }, + { "fourth", tUNUMBER, 4 }, + { "fifth", tUNUMBER, 5 }, + { "sixth", tUNUMBER, 6 }, + { "seventh", tUNUMBER, 7 }, + { "eighth", tUNUMBER, 8 }, + { "ninth", tUNUMBER, 9 }, + { "tenth", tUNUMBER, 10 }, + { "eleventh", tUNUMBER, 11 }, + { "twelfth", tUNUMBER, 12 }, + { "ago", tAGO, 1 }, + { NULL, 0, 0 } +}; + +/* The timezone table. */ +static TABLE const TimezoneTable[] = { + { "gmt", tZONE, HOUR ( 0) }, /* Greenwich Mean */ + { "ut", tZONE, HOUR ( 0) }, /* Universal (Coordinated) */ + { "utc", tZONE, HOUR ( 0) }, + { "wet", tZONE, HOUR ( 0) }, /* Western European */ + { "bst", tDAYZONE, HOUR ( 0) }, /* British Summer */ + { "wat", tZONE, HOUR ( 1) }, /* West Africa */ + { "at", tZONE, HOUR ( 2) }, /* Azores */ + { "ast", tZONE, HOUR ( 4) }, /* Atlantic Standard */ + { "adt", tDAYZONE, HOUR ( 4) }, /* Atlantic Daylight */ + { "est", tZONE, HOUR ( 5) }, /* Eastern Standard */ + { "edt", tDAYZONE, HOUR ( 5) }, /* Eastern Daylight */ + { "cst", tZONE, HOUR ( 6) }, /* Central Standard */ + { "cdt", tDAYZONE, HOUR ( 6) }, /* Central Daylight */ + { "mst", tZONE, HOUR ( 7) }, /* Mountain Standard */ + { "mdt", tDAYZONE, HOUR ( 7) }, /* Mountain Daylight */ + { "pst", tZONE, HOUR ( 8) }, /* Pacific Standard */ + { "pdt", tDAYZONE, HOUR ( 8) }, /* Pacific Daylight */ + { "yst", tZONE, HOUR ( 9) }, /* Yukon Standard */ + { "ydt", tDAYZONE, HOUR ( 9) }, /* Yukon Daylight */ + { "hst", tZONE, HOUR (10) }, /* Hawaii Standard */ + { "hdt", tDAYZONE, HOUR (10) }, /* Hawaii Daylight */ + { "cat", tZONE, HOUR (10) }, /* Central Alaska */ + { "ahst", tZONE, HOUR (10) }, /* Alaska-Hawaii Standard */ + { "nt", tZONE, HOUR (11) }, /* Nome */ + { "idlw", tZONE, HOUR (12) }, /* International Date Line West */ + { "cet", tZONE, -HOUR (1) }, /* Central European */ + { "met", tZONE, -HOUR (1) }, /* Middle European */ + { "mewt", tZONE, -HOUR (1) }, /* Middle European Winter */ + { "mest", tDAYZONE, -HOUR (1) }, /* Middle European Summer */ + { "mesz", tDAYZONE, -HOUR (1) }, /* Middle European Summer */ + { "swt", tZONE, -HOUR (1) }, /* Swedish Winter */ + { "sst", tDAYZONE, -HOUR (1) }, /* Swedish Summer */ + { "fwt", tZONE, -HOUR (1) }, /* French Winter */ + { "fst", tDAYZONE, -HOUR (1) }, /* French Summer */ + { "eet", tZONE, -HOUR (2) }, /* Eastern Europe, USSR Zone 1 */ + { "bt", tZONE, -HOUR (3) }, /* Baghdad, USSR Zone 2 */ + { "zp4", tZONE, -HOUR (4) }, /* USSR Zone 3 */ + { "zp5", tZONE, -HOUR (5) }, /* USSR Zone 4 */ + { "zp6", tZONE, -HOUR (6) }, /* USSR Zone 5 */ + { "wast", tZONE, -HOUR (7) }, /* West Australian Standard */ + { "wadt", tDAYZONE, -HOUR (7) }, /* West Australian Daylight */ + { "cct", tZONE, -HOUR (8) }, /* China Coast, USSR Zone 7 */ + { "jst", tZONE, -HOUR (9) }, /* Japan Standard, USSR Zone 8 */ + { "east", tZONE, -HOUR (10) }, /* Eastern Australian Standard */ + { "eadt", tDAYZONE, -HOUR (10) }, /* Eastern Australian Daylight */ + { "gst", tZONE, -HOUR (10) }, /* Guam Standard, USSR Zone 9 */ + { "nzt", tZONE, -HOUR (12) }, /* New Zealand */ + { "nzst", tZONE, -HOUR (12) }, /* New Zealand Standard */ + { "nzdt", tDAYZONE, -HOUR (12) }, /* New Zealand Daylight */ + { "idle", tZONE, -HOUR (12) }, /* International Date Line East */ + { NULL, 0, 0 } +}; + +/* Military timezone table. */ +static TABLE const MilitaryTable[] = { + { "a", tZONE, HOUR ( 1) }, + { "b", tZONE, HOUR ( 2) }, + { "c", tZONE, HOUR ( 3) }, + { "d", tZONE, HOUR ( 4) }, + { "e", tZONE, HOUR ( 5) }, + { "f", tZONE, HOUR ( 6) }, + { "g", tZONE, HOUR ( 7) }, + { "h", tZONE, HOUR ( 8) }, + { "i", tZONE, HOUR ( 9) }, + { "k", tZONE, HOUR ( 10) }, + { "l", tZONE, HOUR ( 11) }, + { "m", tZONE, HOUR ( 12) }, + { "n", tZONE, HOUR (- 1) }, + { "o", tZONE, HOUR (- 2) }, + { "p", tZONE, HOUR (- 3) }, + { "q", tZONE, HOUR (- 4) }, + { "r", tZONE, HOUR (- 5) }, + { "s", tZONE, HOUR (- 6) }, + { "t", tZONE, HOUR (- 7) }, + { "u", tZONE, HOUR (- 8) }, + { "v", tZONE, HOUR (- 9) }, + { "w", tZONE, HOUR (-10) }, + { "x", tZONE, HOUR (-11) }, + { "y", tZONE, HOUR (-12) }, + { "z", tZONE, HOUR ( 0) }, + { NULL, 0, 0 } +}; + + + + +static int yyerror (MAYBE_UNUSED const char *s) +{ + return 0; +} + +static int ToHour (int Hours, MERIDIAN Meridian) +{ + switch (Meridian) + { + case MER24: + if (Hours < 0 || Hours > 23) + return -1; + return Hours; + case MERam: + if (Hours < 1 || Hours > 12) + return -1; + if (Hours == 12) + Hours = 0; + return Hours; + case MERpm: + if (Hours < 1 || Hours > 12) + return -1; + if (Hours == 12) + Hours = 0; + return Hours + 12; + default: + abort (); + } + /* NOTREACHED */ +} + +static int ToYear (int Year) +{ + if (Year < 0) + Year = -Year; + + /* XPG4 suggests that years 00-68 map to 2000-2068, and + years 69-99 map to 1969-1999. */ + if (Year < 69) + Year += 2000; + else if (Year < 100) + Year += 1900; + + return Year; +} + +static int LookupWord (char *buff) +{ + register char *p; + register char *q; + register const TABLE *tp; + int i; + bool abbrev; + + /* Make it lowercase. */ + for (p = buff; '\0' != *p; p++) + if (isupper (*p)) + *p = tolower (*p); + + if (strcmp (buff, "am") == 0 || strcmp (buff, "a.m.") == 0) + { + yylval.Meridian = MERam; + return tMERIDIAN; + } + if (strcmp (buff, "pm") == 0 || strcmp (buff, "p.m.") == 0) + { + yylval.Meridian = MERpm; + return tMERIDIAN; + } + + /* See if we have an abbreviation for a month. */ + if (strlen (buff) == 3) + abbrev = true; + else if (strlen (buff) == 4 && buff[3] == '.') + { + abbrev = true; + buff[3] = '\0'; + } + else + abbrev = false; + + for (tp = MonthDayTable; tp->name; tp++) + { + if (abbrev) + { + if (strncmp (buff, tp->name, 3) == 0) + { + yylval.Number = tp->value; + return tp->type; + } + } + else if (strcmp (buff, tp->name) == 0) + { + yylval.Number = tp->value; + return tp->type; + } + } + + for (tp = TimezoneTable; tp->name; tp++) + if (strcmp (buff, tp->name) == 0) + { + yylval.Number = tp->value; + return tp->type; + } + + if (strcmp (buff, "dst") == 0) + return tDST; + + for (tp = UnitsTable; tp->name; tp++) + if (strcmp (buff, tp->name) == 0) + { + yylval.Number = tp->value; + return tp->type; + } + + /* Strip off any plural and try the units table again. */ + i = strlen (buff) - 1; + if (buff[i] == 's') + { + buff[i] = '\0'; + for (tp = UnitsTable; tp->name; tp++) + if (strcmp (buff, tp->name) == 0) + { + yylval.Number = tp->value; + return tp->type; + } + buff[i] = 's'; /* Put back for "this" in OtherTable. */ + } + + for (tp = OtherTable; tp->name; tp++) + if (strcmp (buff, tp->name) == 0) + { + yylval.Number = tp->value; + return tp->type; + } + + /* Military timezones. */ + if (buff[1] == '\0' && isalpha (*buff)) + { + for (tp = MilitaryTable; tp->name; tp++) + if (strcmp (buff, tp->name) == 0) + { + yylval.Number = tp->value; + return tp->type; + } + } + + /* Drop out any periods and try the timezone table again. */ + for (i = 0, p = q = buff; '\0' != *q; q++) + if (*q != '.') + *p++ = *q; + else + i++; + *p = '\0'; + if (0 != i) + for (tp = TimezoneTable; NULL != tp->name; tp++) + if (strcmp (buff, tp->name) == 0) + { + yylval.Number = tp->value; + return tp->type; + } + + return tID; +} + +static int +yylex (void) +{ + register char c; + register char *p; + char buff[20]; + int Count; + int sign; + + for (;;) + { + while (isspace (*yyInput)) + yyInput++; + + if (isdigit (c = *yyInput) || c == '-' || c == '+') + { + if (c == '-' || c == '+') + { + sign = c == '-' ? -1 : 1; + if (!isdigit (*++yyInput)) + /* skip the '-' sign */ + continue; + } + else + sign = 0; + for (yylval.Number = 0; isdigit (c = *yyInput++);) + yylval.Number = 10 * yylval.Number + c - '0'; + yyInput--; + if (sign < 0) + yylval.Number = -yylval.Number; + return (0 != sign) ? tSNUMBER : tUNUMBER; + } + if (isalpha (c)) + { + for (p = buff; (c = *yyInput++, isalpha (c)) || c == '.';) + if (p < &buff[sizeof buff - 1]) + *p++ = c; + *p = '\0'; + yyInput--; + return LookupWord (buff); + } + if (c != '(') + return *yyInput++; + Count = 0; + do + { + c = *yyInput++; + if (c == '\0') + return c; + if (c == '(') + Count++; + else if (c == ')') + Count--; + } + while (Count > 0); + } +} + +#define TM_YEAR_ORIGIN 1900 + +/* Yield A - B, measured in seconds. */ +static long difftm (struct tm *a, struct tm *b) +{ + int ay = a->tm_year + (TM_YEAR_ORIGIN - 1); + int by = b->tm_year + (TM_YEAR_ORIGIN - 1); + long days = ( + /* difference in day of year */ + a->tm_yday - b->tm_yday + /* + intervening leap days */ + + ((ay >> 2) - (by >> 2)) + - (ay / 100 - by / 100) + + ((ay / 100 >> 2) - (by / 100 >> 2)) + /* + difference in years * 365 */ + + (long) (ay - by) * 365 + ); + return (60 * (60 * (24 * days + (a->tm_hour - b->tm_hour)) + + (a->tm_min - b->tm_min)) + + (a->tm_sec - b->tm_sec)); +} + +time_t get_date (const char *p, const time_t *now) +{ + struct tm tm, tm0, *tmp; + time_t Start; + + yyInput = p; + Start = now ? *now : time ((time_t *) NULL); + tmp = localtime (&Start); + yyYear = tmp->tm_year + TM_YEAR_ORIGIN; + yyMonth = tmp->tm_mon + 1; + yyDay = tmp->tm_mday; + yyHour = tmp->tm_hour; + yyMinutes = tmp->tm_min; + yySeconds = tmp->tm_sec; + yyMeridian = MER24; + yyRelSeconds = 0; + yyRelMinutes = 0; + yyRelHour = 0; + yyRelDay = 0; + yyRelMonth = 0; + yyRelYear = 0; + yyHaveDate = 0; + yyHaveDay = 0; + yyHaveRel = 0; + yyHaveTime = 0; + yyHaveZone = 0; + + if (yyparse () + || yyHaveTime > 1 || yyHaveZone > 1 || yyHaveDate > 1 || yyHaveDay > 1) + return -1; + + tm.tm_year = ToYear (yyYear) - TM_YEAR_ORIGIN + yyRelYear; + tm.tm_mon = yyMonth - 1 + yyRelMonth; + tm.tm_mday = yyDay + yyRelDay; + if ((yyHaveTime != 0) || + ( (yyHaveRel != 0) && (yyHaveDate == 0) && (yyHaveDay == 0) )) + { + tm.tm_hour = ToHour (yyHour, yyMeridian); + if (tm.tm_hour < 0) + return -1; + tm.tm_min = yyMinutes; + tm.tm_sec = yySeconds; + } + else + { + tm.tm_hour = tm.tm_min = tm.tm_sec = 0; + } + tm.tm_hour += yyRelHour; + tm.tm_min += yyRelMinutes; + tm.tm_sec += yyRelSeconds; + tm.tm_isdst = -1; + tm0 = tm; + + Start = mktime (&tm); + + if (Start == (time_t) -1) + { + + /* Guard against falsely reporting errors near the time_t boundaries + when parsing times in other time zones. For example, if the min + time_t value is 1970-01-01 00:00:00 UTC and we are 8 hours ahead + of UTC, then the min localtime value is 1970-01-01 08:00:00; if + we apply mktime to 1970-01-01 00:00:00 we will get an error, so + we apply mktime to 1970-01-02 08:00:00 instead and adjust the time + zone by 24 hours to compensate. This algorithm assumes that + there is no DST transition within a day of the time_t boundaries. */ + if (yyHaveZone) + { + tm = tm0; + if (tm.tm_year <= EPOCH - TM_YEAR_ORIGIN) + { + tm.tm_mday++; + yyTimezone -= 24 * 60; + } + else + { + tm.tm_mday--; + yyTimezone += 24 * 60; + } + Start = mktime (&tm); + } + + if (Start == (time_t) -1) + return Start; + } + + if (yyHaveDay && !yyHaveDate) + { + tm.tm_mday += ((yyDayNumber - tm.tm_wday + 7) % 7 + + 7 * (yyDayOrdinal - (0 < yyDayOrdinal))); + Start = mktime (&tm); + if (Start == (time_t) -1) + return Start; + } + + if (yyHaveZone) + { + long delta = yyTimezone * 60L + difftm (&tm, gmtime (&Start)); + if ((Start + delta < Start) != (delta < 0)) + return -1; /* time_t overflow */ + Start += delta; + } + + return Start; +} + +#if defined (TEST) + +int +main(void) +{ + char buff[MAX_BUFF_LEN + 1]; + time_t d; + + (void) printf ("Enter date, or blank line to exit.\n\t> "); + (void) fflush (stdout); + + buff[MAX_BUFF_LEN] = 0; + while (fgets (buff, MAX_BUFF_LEN, stdin) && buff[0]) + { + d = get_date (buff, (time_t *) NULL); + if (d == -1) + (void) printf ("Bad format - couldn't convert.\n"); + else + (void) printf ("%s", ctime (&d)); + (void) printf ("\t> "); + (void) fflush (stdout); + } + exit (0); + /* NOTREACHED */ +} +#endif /* defined (TEST) */ diff --git a/lib/getdef.c b/lib/getdef.c index dcd1fe7..30f54ba 100644 --- a/lib/getdef.c +++ b/lib/getdef.c @@ -13,6 +13,7 @@ #include "prototypes.h" #include "defines.h" +#include <stddef.h> #include <stdio.h> #include <stdlib.h> #include <ctype.h> @@ -20,8 +21,14 @@ #ifdef USE_ECONF #include <libeconf.h> #endif + +#include "alloc.h" +#include "atoi/str2i.h" #include "getdef.h" #include "shadowlog_internal.h" +#include "string/sprintf.h" + + /* * A configuration item definition. */ @@ -33,7 +40,6 @@ struct itemdef { #define PAMDEFS \ {"CHFN_AUTH", NULL}, \ {"CHSH_AUTH", NULL}, \ - {"CRACKLIB_DICTPATH", NULL}, \ {"ENV_HZ", NULL}, \ {"ENVIRON_FILE", NULL}, \ {"ENV_TZ", NULL}, \ @@ -132,10 +138,8 @@ static struct itemdef def_table[] = { #ifndef USE_PAM PAMDEFS #endif -#ifdef USE_SYSLOG {"SYSLOG_SG_ENAB", NULL}, {"SYSLOG_SU_ENAB", NULL}, -#endif #ifdef WITH_TCB {"TCB_AUTH_GROUP", NULL}, {"TCB_SYMLINKS", NULL}, @@ -173,7 +177,7 @@ static const char* def_fname = LOGINDEFS; /* login config defs file */ static bool def_loaded = false; /* are defs already loaded? */ /* local function prototypes */ -static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *); +static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *, const char *); static void def_load (void); @@ -192,8 +196,8 @@ static void def_load (void); def_load (); } - d = def_find (item); - return ((NULL == d)? (const char *) NULL : d->value); + d = def_find (item, NULL); + return (NULL == d) ? NULL : d->value; } @@ -211,7 +215,7 @@ bool getdef_bool (const char *item) def_load (); } - d = def_find (item); + d = def_find (item, NULL); if ((NULL == d) || (NULL == d->value)) { return false; } @@ -237,21 +241,21 @@ int getdef_num (const char *item, int dflt) def_load (); } - d = def_find (item); + d = def_find (item, NULL); if ((NULL == d) || (NULL == d->value)) { return dflt; } - if ( (getlong (d->value, &val) == 0) + if ( (str2sl(&val, d->value) == -1) || (val > INT_MAX) - || (val < INT_MIN)) { + || (val < -1)) { fprintf (shadow_logfd, _("configuration error - cannot parse %s value: '%s'"), item, d->value); return dflt; } - return (int) val; + return val; } @@ -272,12 +276,12 @@ unsigned int getdef_unum (const char *item, unsigned int dflt) def_load (); } - d = def_find (item); + d = def_find (item, NULL); if ((NULL == d) || (NULL == d->value)) { return dflt; } - if ( (getlong (d->value, &val) == 0) + if ( (str2sl(&val, d->value) == -1) || (val < 0) || (val > INT_MAX)) { fprintf (shadow_logfd, @@ -286,7 +290,7 @@ unsigned int getdef_unum (const char *item, unsigned int dflt) return dflt; } - return (unsigned int) val; + return val; } @@ -307,12 +311,12 @@ long getdef_long (const char *item, long dflt) def_load (); } - d = def_find (item); + d = def_find (item, NULL); if ((NULL == d) || (NULL == d->value)) { return dflt; } - if (getlong (d->value, &val) == 0) { + if (str2sl(&val, d->value) == -1 || val < -1) { fprintf (shadow_logfd, _("configuration error - cannot parse %s value: '%s'"), item, d->value); @@ -339,12 +343,12 @@ unsigned long getdef_ulong (const char *item, unsigned long dflt) def_load (); } - d = def_find (item); + d = def_find (item, NULL); if ((NULL == d) || (NULL == d->value)) { return dflt; } - if (getulong (d->value, &val) == 0) { + if (str2ul(&val, d->value) == -1) { fprintf (shadow_logfd, _("configuration error - cannot parse %s value: '%s'"), item, d->value); @@ -359,7 +363,7 @@ unsigned long getdef_ulong (const char *item, unsigned long dflt) * (also used when loading the initial defaults) */ -int putdef_str (const char *name, const char *value) +int putdef_str (const char *name, const char *value, const char *srcfile) { struct itemdef *d; char *cp; @@ -372,10 +376,9 @@ int putdef_str (const char *name, const char *value) * Locate the slot to save the value. If this parameter * is unknown then "def_find" will print an err message. */ - d = def_find (name); - if (NULL == d) { + d = def_find (name, srcfile); + if (NULL == d) return -1; - } /* * Save off the value. @@ -399,9 +402,12 @@ int putdef_str (const char *name, const char *value) * * Search through a table of configurable items to locate the * specified configuration option. + * + * If srcfile is not NULL, and the item is not found, then report an error saying + * the unknown item was used in this file. */ -static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name) +static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name, const char *srcfile) { struct itemdef *ptr; @@ -427,10 +433,11 @@ static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name) fprintf (shadow_logfd, _("configuration error - unknown item '%s' (notify administrator)\n"), name); - SYSLOG ((LOG_CRIT, "unknown configuration item `%s'", name)); + if (srcfile != NULL) + SYSLOG ((LOG_CRIT, "shadow: unknown configuration item '%s' in '%s'", name, srcfile)); out: - return (struct itemdef *) NULL; + return NULL; } /* @@ -442,21 +449,12 @@ out: void setdef_config_file (const char* file) { #ifdef USE_ECONF - size_t len; - char* cp; - - len = strlen(file) + strlen(sysconfdir) + 2; - cp = malloc(len); - if (cp == NULL) - exit (13); - snprintf(cp, len, "%s/%s", file, sysconfdir); + char *cp; + + xasprintf(&cp, "%s/%s", file, sysconfdir); sysconfdir = cp; #ifdef VENDORDIR - len = strlen(file) + strlen(vendordir) + 2; - cp = malloc(len); - if (cp == NULL) - exit (13); - snprintf(cp, len, "%s/%s", file, vendordir); + xasprintf(&cp, "%s/%s", file, vendordir); vendordir = cp; #endif #else @@ -470,18 +468,13 @@ void setdef_config_file (const char* file) * Loads the user-configured options from the default configuration file */ +#ifdef USE_ECONF static void def_load (void) { -#ifdef USE_ECONF econf_file *defs_file = NULL; econf_err error; char **keys; size_t key_number; -#else - int i; - FILE *fp; - char buf[1024], *name, *value, *s; -#endif /* * Set the initialized flag. @@ -489,8 +482,6 @@ static void def_load (void) */ def_loaded = true; -#ifdef USE_ECONF - error = econf_readDirs (&defs_file, vendordir, sysconfdir, "login", "defs", " \t", "#"); if (error) { if (error == ECONF_NOFILE) @@ -510,7 +501,12 @@ static void def_load (void) for (size_t i = 0; i < key_number; i++) { char *value; - econf_getStringValue(defs_file, NULL, keys[i], &value); + error = econf_getStringValue(defs_file, NULL, keys[i], &value); + if (error) { + SYSLOG ((LOG_CRIT, "failed reading key %zu from econf [%s]", + i, econf_errString(error))); + exit (EXIT_FAILURE); + } /* * Store the value in def_table. @@ -519,12 +515,27 @@ static void def_load (void) * The error was already reported to the user and to * syslog. The tools will just use their default values. */ - (void)putdef_str (keys[i], value); + (void)putdef_str (keys[i], value, econf_getPath(defs_file)); + + free(value); } econf_free (keys); econf_free (defs_file); -#else +} +#else /* USE_ECONF */ +static void def_load (void) +{ + int i; + FILE *fp; + char buf[1024], *name, *value, *s; + + /* + * Set the initialized flag. + * (do it early to prevent recursion in putdef_str()) + */ + def_loaded = true; + /* * Open the configuration definitions file. */ @@ -542,12 +553,12 @@ static void def_load (void) /* * Go through all of the lines in the file. */ - while (fgets (buf, (int) sizeof (buf), fp) != NULL) { + while (fgets (buf, sizeof (buf), fp) != NULL) { /* * Trim trailing whitespace. */ - for (i = (int) strlen (buf) - 1; i >= 0; --i) { + for (i = (ptrdiff_t) strlen (buf) - 1; i >= 0; --i) { if (!isspace (buf[i])) { break; } @@ -577,7 +588,7 @@ static void def_load (void) * The error was already reported to the user and to * syslog. The tools will just use their default values. */ - (void)putdef_str (name, value); + (void)putdef_str (name, value, def_fname); } if (ferror (fp) != 0) { @@ -588,8 +599,8 @@ static void def_load (void) } (void) fclose (fp); -#endif } +#endif /* USE_ECONF */ #ifdef CKDEFS @@ -602,7 +613,7 @@ int main (int argc, char **argv) def_load (); for (i = 0; i < NUMDEFS; ++i) { - d = def_find (def_table[i].name); + d = def_find (def_table[i].name, NULL); if (NULL == d) { printf ("error - lookup '%s' failed\n", def_table[i].name); diff --git a/lib/getdef.h b/lib/getdef.h index 2bd3fc5..f55e28b 100644 --- a/lib/getdef.h +++ b/lib/getdef.h @@ -16,7 +16,7 @@ extern int getdef_num (const char *, int); extern unsigned long getdef_ulong (const char *, unsigned long); extern unsigned int getdef_unum (const char *, unsigned int); extern /*@observer@*/ /*@null@*/const char *getdef_str (const char *); -extern int putdef_str (const char *, const char *); +extern int putdef_str (const char *, const char *, const char *); extern void setdef_config_file (const char* file); /* default UMASK value if not specified in /etc/login.defs */ diff --git a/lib/getgr_nam_gid.c b/lib/getgr_nam_gid.c new file mode 100644 index 0000000..fd0c217 --- /dev/null +++ b/lib/getgr_nam_gid.c @@ -0,0 +1,43 @@ +/* + * SPDX-FileCopyrightText: 1991 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2000 - 2006, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2007 - 2009, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <stdlib.h> +#include <errno.h> +#include <grp.h> +#include "prototypes.h" + +/* + * getgr_nam_gid - Return a pointer to the group specified by a string. + * The string may be a valid GID or a valid groupname. + * If the group does not exist on the system, NULL is returned. + */ +extern /*@only@*//*@null@*/struct group *getgr_nam_gid (/*@null@*/const char *grname) +{ + char *end; + long long gid; + + if (NULL == grname) { + return NULL; + } + + errno = 0; + gid = strtoll(grname, &end, 10); + if ( ('\0' != *grname) + && ('\0' == *end) + && (0 == errno) + && (/*@+longintegral@*/gid == (gid_t)gid)/*@=longintegral@*/) { + return xgetgrgid (gid); + } + return xgetgrnam (grname); +} + diff --git a/lib/getlong.c b/lib/getlong.c deleted file mode 100644 index ec4aa54..0000000 --- a/lib/getlong.c +++ /dev/null @@ -1,36 +0,0 @@ -/* - * SPDX-FileCopyrightText: 2007 - 2009, Nicolas François - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#include <config.h> - -#ident "$Id$" - -#include <stdlib.h> -#include <errno.h> -#include "prototypes.h" - -/* - * getlong - extract a long integer provided by the numstr string in *result - * - * It supports decimal, hexadecimal or octal representations. - * - * Returns 0 on failure, 1 on success. - */ -int getlong (const char *numstr, /*@out@*/long int *result) -{ - long val; - char *endptr; - - errno = 0; - val = strtol (numstr, &endptr, 0); - if (('\0' == *numstr) || ('\0' != *endptr) || (ERANGE == errno)) { - return 0; - } - - *result = val; - return 1; -} - diff --git a/lib/getrange.c b/lib/getrange.c new file mode 100644 index 0000000..466e908 --- /dev/null +++ b/lib/getrange.c @@ -0,0 +1,71 @@ +// SPDX-FileCopyrightText: 2008, Nicolas François +// SPDX-FileCopyrightText: 2023-2024, Alejandro Colomar <alx@kernel.org> +// SPDX-License-Identifier: BSD-3-Clause + + +#include <config.h> + +#ident "$Id: $" + +#include <ctype.h> +#include <stdlib.h> + +#include "atoi/a2i.h" +#include "defines.h" +#include "prototypes.h" + + +/* + * Parse a range and indicate if the range is valid. + * Valid ranges are in the form: + * <long> -> min=max=long has_min has_max + * -<long> -> max=long !has_min has_max + * <long>- -> min=long has_min !has_max + * <long1>-<long2> -> min=long1 max=long2 has_min has_max + */ +int +getrange(const char *range, + unsigned long *min, bool *has_min, + unsigned long *max, bool *has_max) +{ + const char *end; + + if (NULL == range) + return -1; + + *min = 0; + *has_min = false; + *has_max = false; + + if ('-' == range[0]) { + end = range + 1; + goto parse_max; + } + + if (a2ul(min, range, &end, 10, 0, ULONG_MAX) == -1 && errno != ENOTSUP) + return -1; + *has_min = true; + + switch (*end++) { + case '\0': + *has_max = true; + *max = *min; + return 0; /* <long> */ + + case '-': + if ('\0' == *end) + return 0; /* <long>- */ +parse_max: + if (!isdigit((unsigned char) *end)) + return -1; + + if (a2ul(max, end, NULL, 10, *min, ULONG_MAX) == -1) + return -1; + *has_max = true; + + return 0; /* <long>-<long>, or -<long> */ + + default: + return -1; + } +} diff --git a/lib/gettime.c b/lib/gettime.c new file mode 100644 index 0000000..c61c88c --- /dev/null +++ b/lib/gettime.c @@ -0,0 +1,47 @@ +// SPDX-FileCopyrightText: 2017, Chris Lamb +// SPDX-FileCopyrightText: 2023-2024, Alejandro Colomar <alx@kernel.org> +// SPDX-License-Identifier: BSD-3-Clause + + +#include <config.h> + +#ident "$Id$" + +#include <errno.h> +#include <limits.h> +#include <stdio.h> + +#include "atoi/a2i.h" +#include "defines.h" +#include "prototypes.h" +#include "shadowlog.h" + + +/* + * gettime() returns the time as the number of seconds since the Epoch + * + * Like time(), gettime() returns the time as the number of seconds since the + * Epoch, 1970-01-01 00:00:00 +0000 (UTC), except that if the SOURCE_DATE_EPOCH + * environment variable is exported it will use that instead. + */ +/*@observer@*/time_t +gettime(void) +{ + char *source_date_epoch; + FILE *shadow_logfd = log_get_logfd(); + time_t fallback, epoch; + + fallback = time (NULL); + source_date_epoch = shadow_getenv ("SOURCE_DATE_EPOCH"); + + if (!source_date_epoch) + return fallback; + + if (a2i(time_t, &epoch, source_date_epoch, NULL, 10, 0, fallback) == -1) { + fprintf(shadow_logfd, + _("Environment variable $SOURCE_DATE_EPOCH: a2i(\"%s\"): %s"), + source_date_epoch, strerror(errno)); + return fallback; + } + return epoch; +} diff --git a/lib/getulong.c b/lib/getulong.c deleted file mode 100644 index 33250e3..0000000 --- a/lib/getulong.c +++ /dev/null @@ -1,39 +0,0 @@ -/* - * SPDX-FileCopyrightText: 2007 - 2009, Nicolas François - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#include <config.h> - -#ident "$Id: getlong.c 2763 2009-04-23 09:57:03Z nekral-guest $" - -#include <stdlib.h> -#include <errno.h> -#include "prototypes.h" - -/* - * getulong - extract an unsigned long integer provided by the numstr string in *result - * - * It supports decimal, hexadecimal or octal representations. - * - * Returns 0 on failure, 1 on success. - */ -int getulong (const char *numstr, /*@out@*/unsigned long int *result) -{ - unsigned long int val; - char *endptr; - - errno = 0; - val = strtoul (numstr, &endptr, 0); - if ( ('\0' == *numstr) - || ('\0' != *endptr) - || (ERANGE == errno) - ) { - return 0; - } - - *result = val; - return 1; -} - diff --git a/lib/groupio.c b/lib/groupio.c index 357a30e..7b9d45f 100644 --- a/lib/groupio.c +++ b/lib/groupio.c @@ -15,12 +15,14 @@ #include <assert.h> #include <stdio.h> +#include "alloc.h" #include "prototypes.h" #include "defines.h" #include "commonio.h" #include "getdef.h" #include "groupio.h" + static /*@null@*/struct commonio_entry *merge_group_entries ( /*@null@*/ /*@returned@*/struct commonio_entry *gr1, /*@null@*/struct commonio_entry *gr2); @@ -34,7 +36,8 @@ static /*@null@*/ /*@only@*/void *group_dup (const void *ent) return __gr_dup (gr); } -static void group_free (/*@out@*/ /*@only@*/void *ent) +static void +group_free(/*@only@*/void *ent) { struct group *gr = ent; @@ -50,7 +53,7 @@ static const char *group_getname (const void *ent) static void *group_parse (const char *line) { - return (void *) sgetgrent (line); + return sgetgrent (line); } static int group_put (const void *ent, FILE * file) @@ -159,7 +162,7 @@ int gr_open (int mode) int gr_update (const struct group *gr) { - return commonio_update (&group_db, (const void *) gr); + return commonio_update (&group_db, gr); } int gr_remove (const char *name) @@ -209,17 +212,25 @@ void __gr_del_entry (const struct commonio_entry *ent) static int gr_cmp (const void *p1, const void *p2) { + const struct commonio_entry *const *ce1; + const struct commonio_entry *const *ce2; + const struct group *g1, *g2; gid_t u1, u2; - if ((*(struct commonio_entry **) p1)->eptr == NULL) { + ce1 = p1; + g1 = (*ce1)->eptr; + if (g1 == NULL) { return 1; } - if ((*(struct commonio_entry **) p2)->eptr == NULL) { + + ce2 = p2; + g2 = (*ce2)->eptr; + if (g2 == NULL) { return -1; } - u1 = ((struct group *) (*(struct commonio_entry **) p1)->eptr)->gr_gid; - u2 = ((struct group *) (*(struct commonio_entry **) p2)->eptr)->gr_gid; + u1 = g1->gr_gid; + u2 = g2->gr_gid; if (u1 < u2) { return -1; @@ -247,8 +258,8 @@ static int group_open_hook (void) for (gr1 = group_db.head; NULL != gr1; gr1 = gr1->next) { for (gr2 = gr1->next; NULL != gr2; gr2 = gr2->next) { - struct group *g1 = (struct group *)gr1->eptr; - struct group *g2 = (struct group *)gr2->eptr; + struct group *g1 = gr1->eptr; + struct group *g2 = gr2->eptr; if (NULL != g1 && NULL != g2 && 0 == strcmp (g1->gr_name, g2->gr_name) && @@ -291,32 +302,28 @@ static /*@null@*/struct commonio_entry *merge_group_entries ( /*@null@*/ /*@returned@*/struct commonio_entry *gr1, /*@null@*/struct commonio_entry *gr2) { - struct group *gptr1; - struct group *gptr2; - char **new_members; - size_t members = 0; - char *new_line; - size_t new_line_len, i; + char *new_line; + char **new_members; + size_t i; + size_t members = 0; + struct group *gptr1; + struct group *gptr2; + if (NULL == gr2 || NULL == gr1) { errno = EINVAL; return NULL; } - gptr1 = (struct group *)gr1->eptr; - gptr2 = (struct group *)gr2->eptr; + gptr1 = gr1->eptr; + gptr2 = gr2->eptr; if (NULL == gptr2 || NULL == gptr1) { errno = EINVAL; return NULL; } /* Concatenate the 2 lines */ - new_line_len = strlen (gr1->line) + strlen (gr2->line) +1; - new_line = (char *)malloc (new_line_len + 1); - if (NULL == new_line) { - errno = ENOMEM; + if (asprintf(&new_line, "%s\n%s", gr1->line, gr2->line) == -1) return NULL; - } - snprintf(new_line, new_line_len + 1, "%s\n%s", gr1->line, gr2->line); /* Concatenate the 2 list of members */ for (i=0; NULL != gptr1->gr_mem[i]; i++); @@ -333,10 +340,9 @@ static /*@null@*/struct commonio_entry *merge_group_entries ( members++; } } - new_members = (char **)calloc ( (members+1), sizeof(char*) ); + new_members = CALLOC (members + 1, char *); if (NULL == new_members) { - free (new_line); - errno = ENOMEM; + free(new_line); return NULL; } for (i=0; NULL != gptr1->gr_mem[i]; i++) { @@ -377,7 +383,7 @@ static int split_groups (unsigned int max_members) struct commonio_entry *gr; for (gr = group_db.head; NULL != gr; gr = gr->next) { - struct group *gptr = (struct group *)gr->eptr; + struct group *gptr = gr->eptr; struct commonio_entry *new; struct group *new_gptr; unsigned int members = 0; @@ -395,9 +401,8 @@ static int split_groups (unsigned int max_members) continue; } - new = (struct commonio_entry *) malloc (sizeof *new); + new = MALLOC(1, struct commonio_entry); if (NULL == new) { - errno = ENOMEM; return 0; } new->eptr = group_dup(gr->eptr); @@ -406,7 +411,7 @@ static int split_groups (unsigned int max_members) errno = ENOMEM; return 0; } - new_gptr = (struct group *)new->eptr; + new_gptr = new->eptr; new->line = NULL; new->changed = true; diff --git a/lib/groupmem.c b/lib/groupmem.c index c858b72..69d4435 100644 --- a/lib/groupmem.c +++ b/lib/groupmem.c @@ -12,6 +12,8 @@ #ident "$Id$" +#include "alloc.h" +#include "memzero.h" #include "prototypes.h" #include "defines.h" #include "groupio.h" @@ -21,12 +23,11 @@ struct group *gr; int i; - gr = (struct group *) malloc (sizeof *gr); + gr = CALLOC(1, struct group); if (NULL == gr) { return NULL; } /* The libc might define other fields. They won't be copied. */ - memset (gr, 0, sizeof *gr); gr->gr_gid = grent->gr_gid; /*@-mustfreeonly@*/ gr->gr_name = strdup (grent->gr_name); @@ -46,7 +47,7 @@ for (i = 0; grent->gr_mem[i]; i++); /*@-mustfreeonly@*/ - gr->gr_mem = (char **) malloc ((i + 1) * sizeof (char *)); + gr->gr_mem = MALLOC(i + 1, char *); /*@=mustfreeonly@*/ if (NULL == gr->gr_mem) { gr_free(gr); @@ -76,7 +77,8 @@ void gr_free_members (struct group *grent) } } -void gr_free (/*@out@*/ /*@only@*/struct group *grent) +void +gr_free(/*@only@*/struct group *grent) { free (grent->gr_name); if (NULL != grent->gr_passwd) { @@ -86,33 +88,3 @@ void gr_free (/*@out@*/ /*@only@*/struct group *grent) gr_free_members(grent); free (grent); } - -bool gr_append_member(struct group *grp, char *member) -{ - int i; - - if (NULL == grp->gr_mem || grp->gr_mem[0] == NULL) { - grp->gr_mem = (char **)malloc(2 * sizeof(char *)); - if (!grp->gr_mem) { - return false; - } - grp->gr_mem[0] = strdup(member); - if (!grp->gr_mem[0]) { - return false; - } - grp->gr_mem[1] = NULL; - return true; - } - - for (i = 0; grp->gr_mem[i]; i++) ; - grp->gr_mem = realloc(grp->gr_mem, (i + 2) * sizeof(char *)); - if (NULL == grp->gr_mem) { - return false; - } - grp->gr_mem[i] = strdup(member); - if (NULL == grp->gr_mem[i]) { - return false; - } - grp->gr_mem[i + 1] = NULL; - return true; -} diff --git a/lib/gshadow.c b/lib/gshadow.c index 2e12923..3c71bea 100644 --- a/lib/gshadow.c +++ b/lib/gshadow.c @@ -15,8 +15,12 @@ #ident "$Id$" #include <stdio.h> +#include <string.h> + +#include "alloc.h" #include "prototypes.h" #include "defines.h" + static /*@null@*/FILE *shadow; static /*@null@*//*@only@*/char **members = NULL; static size_t nmembers = 0; @@ -26,34 +30,6 @@ static struct sgrp sgroup; #define FIELDS 4 -#ifdef USE_NIS -static bool nis_used; -static bool nis_ignore; -static enum { native, start, middle, native2 } nis_state; -static bool nis_bound; -static char *nis_domain; -static char *nis_key; -static int nis_keylen; -static char *nis_val; -static int nis_vallen; - -#define IS_NISCHAR(c) ((c)=='+') -#endif - -#ifdef USE_NIS -/* - * bind_nis - bind to NIS server - */ - -static int bind_nis (void) -{ - if (yp_get_default_domain (&nis_domain)) - return -1; - - nis_bound = true; - return 0; -} -#endif static /*@null@*/char **build_list (char *s, char **list[], size_t * nlist) { @@ -62,21 +38,16 @@ static /*@null@*/char **build_list (char *s, char **list[], size_t * nlist) while (s != NULL && *s != '\0') { size = (nelem + 1) * sizeof (ptr); - ptr = realloc (*list, size); + ptr = REALLOC(*list, size, char *); if (NULL != ptr) { - ptr[nelem] = s; + ptr[nelem] = strsep(&s, ","); nelem++; *list = ptr; *nlist = nelem; - s = strchr (s, ','); - if (NULL != s) { - *s = '\0'; - s++; - } } } size = (nelem + 1) * sizeof (ptr); - ptr = realloc (*list, size); + ptr = REALLOC(*list, size, char *); if (NULL != ptr) { ptr[nelem] = NULL; *list = ptr; @@ -86,9 +57,6 @@ static /*@null@*/char **build_list (char *s, char **list[], size_t * nlist) void setsgent (void) { -#ifdef USE_NIS - nis_state = native; -#endif if (NULL != shadow) { rewind (shadow); } else { @@ -102,7 +70,7 @@ void endsgent (void) (void) fclose (shadow); } - shadow = (FILE *) 0; + shadow = NULL; } /*@observer@*//*@null@*/struct sgrp *sgetsgent (const char *string) @@ -116,7 +84,7 @@ void endsgent (void) size_t len = strlen (string) + 1; if (len > sgrbuflen) { - char *buf = (char *) realloc (sgrbuf, sizeof (char) * len); + char *buf = REALLOC(sgrbuf, len, char); if (NULL == buf) { return NULL; } @@ -124,8 +92,7 @@ void endsgent (void) sgrbuflen = len; } - strncpy (sgrbuf, string, len); - sgrbuf[len-1] = '\0'; + strcpy (sgrbuf, string); cp = strrchr (sgrbuf, '\n'); if (NULL != cp) { @@ -137,30 +104,16 @@ void endsgent (void) * all 4 of them and save the starting addresses in fields[]. */ - for (cp = sgrbuf, i = 0; (i < FIELDS) && (NULL != cp); i++) { - fields[i] = cp; - cp = strchr (cp, ':'); - if (NULL != cp) { - *cp++ = '\0'; - } - } + for (cp = sgrbuf, i = 0; (i < FIELDS) && (NULL != cp); i++) + fields[i] = strsep(&cp, ":"); /* * If there was an extra field somehow, or perhaps not enough, * the line is invalid. */ - if ((NULL != cp) || (i != FIELDS)) { -#ifdef USE_NIS - if (!IS_NISCHAR (fields[0][0])) { - return 0; - } else { - nis_used = true; - } -#else + if (NULL != cp || i != FIELDS) return 0; -#endif - } sgroup.sg_name = fields[0]; sgroup.sg_passwd = fields[1]; @@ -195,7 +148,7 @@ void endsgent (void) char *cp; if (0 == buflen) { - buf = (char *) malloc (BUFSIZ); + buf = MALLOC(BUFSIZ, char); if (NULL == buf) { return NULL; } @@ -206,17 +159,12 @@ void endsgent (void) return NULL; } -#ifdef USE_NIS - while (fgetsx (buf, (int) buflen, fp) == buf) -#else - if (fgetsx (buf, (int) buflen, fp) == buf) -#endif - { + if (fgetsx(buf, buflen, fp) == buf) { while ( ((cp = strrchr (buf, '\n')) == NULL) && (feof (fp) == 0)) { size_t len; - cp = (char *) realloc (buf, buflen*2); + cp = REALLOC(buf, buflen * 2, char); if (NULL == cp) { return NULL; } @@ -234,11 +182,6 @@ void endsgent (void) if (NULL != cp) { *cp = '\0'; } -#ifdef USE_NIS - if (nis_ignore && IS_NISCHAR (buf[0])) { - continue; - } -#endif return (sgetsgent (buf)); } return NULL; @@ -250,96 +193,10 @@ void endsgent (void) /*@observer@*//*@null@*/struct sgrp *getsgent (void) { -#ifdef USE_NIS - bool nis_1_group = false; - struct sgrp *val; -#endif if (NULL == shadow) { setsgent (); } - -#ifdef USE_NIS - again: - /* - * See if we are reading from the local file. - */ - - if (nis_state == native || nis_state == native2) { - - /* - * Get the next entry from the shadow group file. Return - * NULL right away if there is none. - */ - - val = fgetsgent (shadow); - if (NULL == val) { - return 0; - } - - /* - * If this entry began with a NIS escape character, we have - * to see if this is just a single group, or if the entire - * map is being asked for. - */ - - if (IS_NISCHAR (val->sg_name[0])) { - if ('\0' != val->sg_name[1]) { - nis_1_group = true; - } else { - nis_state = start; - } - } - - /* - * If this isn't a NIS group and this isn't an escape to go - * use a NIS map, it must be a regular local group. - */ - - if (!nis_1_group && (nis_state != start)) { - return val; - } - - /* - * If this is an escape to use an NIS map, switch over to - * that bunch of code. - */ - - if (nis_state == start) { - goto again; - } - - /* - * NEEDSWORK. Here we substitute pieces-parts of this entry. - */ - - return 0; - } else { - if (!nis_bound) { - if (bind_nis ()) { - nis_state = native2; - goto again; - } - } - if (nis_state == start) { - if (yp_first (nis_domain, "gshadow.byname", &nis_key, - &nis_keylen, &nis_val, &nis_vallen)) { - nis_state = native2; - goto again; - } - nis_state = middle; - } else if (nis_state == middle) { - if (yp_next (nis_domain, "gshadow.byname", nis_key, - nis_keylen, &nis_key, &nis_keylen, - &nis_val, &nis_vallen)) { - nis_state = native2; - goto again; - } - } - return sgetsgent (nis_val); - } -#else return (fgetsgent (shadow)); -#endif } /* @@ -350,63 +207,13 @@ void endsgent (void) { struct sgrp *sgrp; -#ifdef USE_NIS - static char save_name[16]; - int nis_disabled = 0; -#endif - setsgent (); -#ifdef USE_NIS - if (nis_used) { - again: - - /* - * Search the gshadow.byname map for this group. - */ - - if (!nis_bound) { - bind_nis (); - } - - if (nis_bound) { - char *cp; - - if (yp_match (nis_domain, "gshadow.byname", name, - strlen (name), &nis_val, - &nis_vallen) == 0) { - cp = strchr (nis_val, '\n'); - if (NULL != cp) { - *cp = '\0'; - } - - nis_state = middle; - sgrp = sgetsgent (nis_val); - if (NULL != sgrp) { - strcpy (save_name, sgrp->sg_name); - nis_key = save_name; - nis_keylen = strlen (save_name); - } - return sgrp; - } - } - nis_state = native2; - } -#endif -#ifdef USE_NIS - if (nis_used) { - nis_ignore = true; - nis_disabled = true; - } -#endif - while ((sgrp = getsgent ()) != (struct sgrp *) 0) { + while ((sgrp = getsgent ()) != NULL) { if (strcmp (name, sgrp->sg_name) == 0) { break; } } -#ifdef USE_NIS - nis_ignore = false; -#endif return sgrp; } @@ -437,7 +244,7 @@ int putsgent (const struct sgrp *sgrp, FILE * fp) size += strlen (sgrp->sg_mem[i]) + 1; } - buf = malloc (size); + buf = MALLOC(size, char); if (NULL == buf) { return -1; } @@ -502,5 +309,5 @@ int putsgent (const struct sgrp *sgrp, FILE * fp) return 0; } #else -extern int errno; /* warning: ANSI C forbids an empty source file */ +extern int ISO_C_forbids_an_empty_translation_unit; #endif /*} SHADOWGRP */ diff --git a/lib/hushed.c b/lib/hushed.c new file mode 100644 index 0000000..86c224f --- /dev/null +++ b/lib/hushed.c @@ -0,0 +1,80 @@ +/* + * SPDX-FileCopyrightText: 1991 - 1993, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1991 - 1993, Chip Rosenthal + * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2008 - 2010, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <sys/types.h> +#include <stdio.h> +#include <pwd.h> +#include "defines.h" +#include "prototypes.h" +#include "getdef.h" +#include "string/sprintf.h" + + +/* + * hushed - determine if a user receives login messages + * + * Look in the hushed-logins file (or user's home directory) to see + * if the user is to receive the login-time messages. + */ +bool hushed (const char *username) +{ + bool found; + char buf[BUFSIZ]; + FILE *fp; + const char *hushfile; + struct passwd *pw; + + /* + * Get the name of the file to use. If this option is not + * defined, default to a noisy login. + */ + + hushfile = getdef_str ("HUSHLOGIN_FILE"); + if (NULL == hushfile) { + return false; + } + + pw = getpwnam (username); + if (NULL == pw) { + return false; + } + + /* + * If this is not a fully rooted path then see if the + * file exists in the user's home directory. + */ + + if (hushfile[0] != '/') { + SNPRINTF(buf, "%s/%s", pw->pw_dir, hushfile); + return (access (buf, F_OK) == 0); + } + + /* + * If this is a fully rooted path then go through the file + * and see if this user, or its shell is in there. + */ + + fp = fopen (hushfile, "r"); + if (NULL == fp) { + return false; + } + for (found = false; !found && (fgets (buf, sizeof buf, fp) == buf);) { + buf[strcspn (buf, "\n")] = '\0'; + found = (strcmp (buf, pw->pw_shell) == 0) || + (strcmp (buf, pw->pw_name) == 0); + } + (void) fclose (fp); + return found; +} + diff --git a/lib/idmapping.c b/lib/idmapping.c new file mode 100644 index 0000000..56c72ea --- /dev/null +++ b/lib/idmapping.c @@ -0,0 +1,224 @@ +/* + * SPDX-FileCopyrightText: 2013 Eric Biederman + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <fcntl.h> +#include <limits.h> +#include <stdlib.h> +#include <stdio.h> +#include <strings.h> + +#include "alloc.h" +#include "atoi/str2i.h" +#include "prototypes.h" +#include "string/stpeprintf.h" +#include "idmapping.h" +#if HAVE_SYS_CAPABILITY_H +#include <sys/prctl.h> +#include <sys/capability.h> +#endif +#include "shadowlog.h" +#include "sizeof.h" + + +struct map_range *get_map_ranges(int ranges, int argc, char **argv) +{ + struct map_range *mappings, *mapping; + int idx, argidx; + + if (ranges < 0 || argc < 0) { + fprintf(log_get_logfd(), "%s: error calculating number of arguments\n", log_get_progname()); + return NULL; + } + + if (ranges * 3 != argc) { + fprintf(log_get_logfd(), "%s: ranges: %u is wrong for argc: %d\n", log_get_progname(), ranges, argc); + return NULL; + } + + mappings = CALLOC(ranges, struct map_range); + if (!mappings) { + fprintf(log_get_logfd(), _( "%s: Memory allocation failure\n"), + log_get_progname()); + exit(EXIT_FAILURE); + } + + /* Gather up the ranges from the command line */ + mapping = mappings; + for (idx = 0, argidx = 0; idx < ranges; idx++, argidx += 3, mapping++) { + if (str2ul(&mapping->upper, argv[argidx + 0]) == -1) { + free(mappings); + return NULL; + } + if (str2ul(&mapping->lower, argv[argidx + 1]) == -1) { + free(mappings); + return NULL; + } + if (str2ul(&mapping->count, argv[argidx + 2]) == -1) { + free(mappings); + return NULL; + } + if (ULONG_MAX - mapping->upper <= mapping->count || ULONG_MAX - mapping->lower <= mapping->count) { + fprintf(log_get_logfd(), _( "%s: subuid overflow detected.\n"), log_get_progname()); + exit(EXIT_FAILURE); + } + if (mapping->upper > UINT_MAX || + mapping->lower > UINT_MAX || + mapping->count > UINT_MAX) { + fprintf(log_get_logfd(), _( "%s: subuid overflow detected.\n"), log_get_progname()); + exit(EXIT_FAILURE); + } + if (mapping->lower + mapping->count > UINT_MAX || + mapping->upper + mapping->count > UINT_MAX) { + fprintf(log_get_logfd(), _( "%s: subuid overflow detected.\n"), log_get_progname()); + exit(EXIT_FAILURE); + } + if (mapping->lower + mapping->count < mapping->lower || + mapping->upper + mapping->count < mapping->upper) { + /* this one really shouldn't be possible given previous checks */ + fprintf(log_get_logfd(), _( "%s: subuid overflow detected.\n"), log_get_progname()); + exit(EXIT_FAILURE); + } + } + return mappings; +} + +/* Number of ascii digits needed to print any unsigned long in decimal. + * There are approximately 10 bits for every 3 decimal digits. + * So from bits to digits the formula is roundup((Number of bits)/10) * 3. + * For common sizes of integers this works out to: + * 2bytes --> 6 ascii estimate -> 65536 (5 real) + * 4bytes --> 12 ascii estimated -> 4294967296 (10 real) + * 8bytes --> 21 ascii estimated -> 18446744073709551616 (20 real) + * 16bytes --> 39 ascii estimated -> 340282366920938463463374607431768211456 (39 real) + */ +#define ULONG_DIGITS (((WIDTHOF(unsigned long) + 9)/10)*3) + +#if HAVE_SYS_CAPABILITY_H +static inline bool maps_lower_root(int cap, int ranges, const struct map_range *mappings) +{ + int idx; + const struct map_range *mapping; + + if (cap != CAP_SETUID) + return false; + + mapping = mappings; + for (idx = 0; idx < ranges; idx++, mapping++) { + if (mapping->lower == 0) + return true; + } + + return false; +} +#endif + +/* + * The ruid refers to the caller's uid and is used to reset the effective uid + * back to the callers real uid. + * This clutch mainly exists for setuid-based new{g,u}idmap binaries that are + * called in contexts where all capabilities other than the necessary + * CAP_SET{G,U}ID capabilities are dropped. Since the kernel will require + * assurance that the caller holds CAP_SYS_ADMIN over the target user namespace + * the only way it can confirm is in this case is if the effective uid is + * equivalent to the uid owning the target user namespace. + * Note, we only support this when a) new{g,u}idmap is not called by root and + * b) if the caller's uid and the uid retrieved via system appropriate means + * (shadow file or other) are identical. Specifically, this does not support + * when the root user calls the new{g,u}idmap binary for an unprivileged user. + * If this is wanted: use file capabilities! + */ +void write_mapping(int proc_dir_fd, int ranges, const struct map_range *mappings, + const char *map_file, uid_t ruid) +{ + int idx; + const struct map_range *mapping; + size_t bufsize; + char *buf, *pos, *end; + int fd; + +#if HAVE_SYS_CAPABILITY_H + int cap; + struct __user_cap_header_struct hdr = {_LINUX_CAPABILITY_VERSION_3, 0}; + struct __user_cap_data_struct data[2] = {{0}}; + + if (strcmp(map_file, "uid_map") == 0) { + cap = CAP_SETUID; + } else if (strcmp(map_file, "gid_map") == 0) { + cap = CAP_SETGID; + } else { + fprintf(log_get_logfd(), _("%s: Invalid map file %s specified\n"), log_get_progname(), map_file); + exit(EXIT_FAILURE); + } + + /* Align setuid- and fscaps-based new{g,u}idmap behavior. */ + if (geteuid() == 0 && geteuid() != ruid) { + if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) < 0) { + fprintf(log_get_logfd(), _("%s: Could not prctl(PR_SET_KEEPCAPS)\n"), log_get_progname()); + exit(EXIT_FAILURE); + } + + if (seteuid(ruid) < 0) { + fprintf(log_get_logfd(), _("%s: Could not seteuid to %d\n"), log_get_progname(), ruid); + exit(EXIT_FAILURE); + } + } + + /* Lockdown new{g,u}idmap by dropping all unneeded capabilities. */ + bzero(data, sizeof(data)); + data[0].effective = CAP_TO_MASK(cap); + /* + * When uid 0 from the ancestor userns is supposed to be mapped into + * the child userns we need to retain CAP_SETFCAP. + */ + if (maps_lower_root(cap, ranges, mappings)) + data[0].effective |= CAP_TO_MASK(CAP_SETFCAP); + data[0].permitted = data[0].effective; + if (capset(&hdr, data) < 0) { + fprintf(log_get_logfd(), _("%s: Could not set caps\n"), log_get_progname()); + exit(EXIT_FAILURE); + } +#endif + + bufsize = (ULONG_DIGITS + 1) * 3 * ranges + 1; + pos = buf = XMALLOC(bufsize, char); + end = buf + bufsize; + + /* Build the mapping command */ + mapping = mappings; + for (idx = 0; idx < ranges; idx++, mapping++) { + /* Append this range to the string that will be written */ + pos = stpeprintf(pos, end, "%lu %lu %lu\n", + mapping->upper, + mapping->lower, + mapping->count); + } + if (pos == end || pos == NULL) { + fprintf(log_get_logfd(), _("%s: stpeprintf failed!\n"), log_get_progname()); + exit(EXIT_FAILURE); + } + + /* Write the mapping to the mapping file */ + fd = openat(proc_dir_fd, map_file, O_WRONLY); + if (fd < 0) { + fprintf(log_get_logfd(), _("%s: open of %s failed: %s\n"), + log_get_progname(), map_file, strerror(errno)); + exit(EXIT_FAILURE); + } + if (write_full(fd, buf, pos - buf) == -1) { + fprintf(log_get_logfd(), _("%s: write to %s failed: %s\n"), + log_get_progname(), map_file, strerror(errno)); + exit(EXIT_FAILURE); + } + if (close(fd) != 0 && errno != EINTR) { + fprintf(log_get_logfd(), _("%s: closing %s failed: %s\n"), + log_get_progname(), map_file, strerror(errno)); + exit(EXIT_FAILURE); + } + free(buf); +} diff --git a/lib/idmapping.h b/lib/idmapping.h new file mode 100644 index 0000000..46d4631 --- /dev/null +++ b/lib/idmapping.h @@ -0,0 +1,23 @@ +/* + * SPDX-FileCopyrightText: 2013 Eric Biederman + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef _IDMAPPING_H_ +#define _IDMAPPING_H_ + +#include <sys/types.h> + +struct map_range { + unsigned long upper; /* first ID inside the namespace */ + unsigned long lower; /* first ID outside the namespace */ + unsigned long count; /* Length of the inside and outside ranges */ +}; + +extern struct map_range *get_map_ranges(int ranges, int argc, char **argv); +extern void write_mapping(int proc_dir_fd, int ranges, + const struct map_range *mappings, const char *map_file, uid_t ruid); + +#endif /* _ID_MAPPING_H_ */ + diff --git a/lib/isexpired.c b/lib/isexpired.c new file mode 100644 index 0000000..c275691 --- /dev/null +++ b/lib/isexpired.c @@ -0,0 +1,105 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1997, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2001 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2008 - 2009, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/* + * Extracted from age.c and made part of libshadow.a - may be useful + * in other shadow-aware programs. --marekm + */ + +#include <config.h> + +#include <sys/types.h> +#include <pwd.h> +#include <time.h> + +#include "adds.h" +#include "defines.h" +#include "prototypes.h" + +#ident "$Id$" + + +/* + * isexpired - determine if account is expired yet + * + * isexpired calculates the expiration date based on the + * password expiration criteria. + * + * Return value: + * 0: The password is still valid + * 1: The password has expired, it must be changed + * 2: The password has expired since a long time and the account is + * now disabled. (password cannot be changed) + * 3: The account has expired + */ +int isexpired (const struct passwd *pw, /*@null@*/const struct spwd *sp) +{ + long now; + + now = time(NULL) / DAY; + + if (NULL == sp) { + return 0; + } + + /* + * Quick and easy - there is an expired account field + * along with an inactive account field. Do the expired + * one first since it is worse. + */ + + if ((sp->sp_expire > 0) && (now >= sp->sp_expire)) { + return 3; + } + + /* + * Last changed date 1970-01-01 (not very likely) means that + * the password must be changed on next login (passwd -e). + * + * The check for "x" is a workaround for RedHat NYS libc bug - + * if /etc/shadow doesn't exist, getspnam() still succeeds and + * returns sp_lstchg==0 (must change password) instead of -1! + */ + if ( (0 == sp->sp_lstchg) + && (strcmp (pw->pw_passwd, SHADOW_PASSWD_STRING) == 0)) { + return 1; + } + + if ( (sp->sp_lstchg > 0) + && (sp->sp_max >= 0) + && (sp->sp_inact >= 0) + && (now >= addsl(sp->sp_lstchg, sp->sp_max, sp->sp_inact))) + { + return 2; + } + + /* + * The last and max fields must be present for an account + * to have an expired password. A maximum of >10000 days + * is considered to be infinite. + */ + + if ( (-1 == sp->sp_lstchg) + || (-1 == sp->sp_max) + || (sp->sp_max >= 10000)) { + return 0; + } + + /* + * Calculate today's day and the day on which the password + * is going to expire. If that date has already passed, + * the password has expired. + */ + + if (now >= addsl(sp->sp_lstchg, sp->sp_max)) + return 1; + + return 0; +} + diff --git a/lib/limits.c b/lib/limits.c new file mode 100644 index 0000000..813c082 --- /dev/null +++ b/lib/limits.c @@ -0,0 +1,537 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1999, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2006, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2007 - 2010, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/* + * Separated from setup.c. --marekm + * Resource limits thanks to Cristian Gafton. + * Enhancements of resource limit code by Thomas Orgis <thomas@orgis.org> + */ + +#include <config.h> + +#ifndef USE_PAM + +#ident "$Id$" + +#include <sys/types.h> +#include <sys/stat.h> +#include <stdio.h> +#include <ctype.h> +#include "prototypes.h" +#include "defines.h" +#include <pwd.h> +#include "getdef.h" +#include "shadowlog.h" +#include <sys/resource.h> + +#include "atoi/str2i.h" +#include "memzero.h" + + +#ifndef LIMITS_FILE +#define LIMITS_FILE "/etc/limits" +#endif +#define LOGIN_ERROR_RLIMIT 1 +#define LOGIN_ERROR_LOGIN 2 +/* Set a limit on a resource */ +/* + * rlimit - RLIMIT_XXXX + * value - string value to be read + * multiplier - value*multiplier is the actual limit + */ +static int setrlimit_value (unsigned int resource, + const char *value, + unsigned int multiplier) +{ + char *end; + long l; + rlim_t limit; + struct rlimit rlim; + + /* The "-" is special, not belonging to a strange negative limit. + * It is infinity, in a controlled way. + */ + if ('-' == value[0]) { + limit = RLIM_INFINITY; + } + else { + /* We cannot use str2sl() here because it fails when there + * is more to the value than just this number! + * Also, we are limited to base 10 here (hex numbers will not + * work with the limit string parser as is anyway) + */ + errno = 0; + l = strtol(value, &end, 10); + + if (value == end || errno != 0) + return 0; // FIXME: We could instead throw an error, though. + + if (__builtin_mul_overflow(l, multiplier, &limit)) { + /* FIXME: Again, silent error handling... + * Wouldn't screaming make more sense? + */ + return 0; + } + } + + rlim.rlim_cur = limit; + rlim.rlim_max = limit; + if (setrlimit (resource, &rlim) != 0) { + return LOGIN_ERROR_RLIMIT; + } + return 0; +} + + +static int set_prio (const char *value) +{ + long prio; + + if ( (str2sl(&prio, value) == -1) + || (prio != (int) prio)) { + return 0; + } + if (setpriority (PRIO_PROCESS, 0, prio) != 0) { + return LOGIN_ERROR_RLIMIT; + } + return 0; +} + + +static int set_umask (const char *value) +{ + unsigned long mask; + + if ( (str2ul(&mask, value) == -1) + || (mask != (mode_t) mask)) { + return 0; + } + + (void) umask (mask); + return 0; +} + + +/* Counts the number of user logins and check against the limit */ +static int check_logins (const char *name, const char *maxlogins) +{ + unsigned long limit, count; + + if (str2ul(&limit, maxlogins) == -1) { + return 0; + } + + if (0 == limit) { /* maximum 0 logins ? */ + SYSLOG ((LOG_WARN, "No logins allowed for `%s'\n", name)); + return LOGIN_ERROR_LOGIN; + } + + count = active_sessions_count(name, limit); + + if (count > limit) { + SYSLOG ((LOG_WARN, + "Too many logins (max %lu) for %s\n", + limit, name)); + return LOGIN_ERROR_LOGIN; + } + return 0; +} + +/* Function setup_user_limits - checks/set limits for the current login + * Original idea from Joel Katz's lshell. Ported to shadow-login + * by Cristian Gafton - gafton@sorosis.ro + * + * We are passed a string of the form ('BASH' constants for ulimit) + * [Aa][Cc][Dd][Ff][Mm][Nn][Rr][Ss][Tt][Uu][Ll][Pp][Ii][Oo] + * (eg. 'C2F256D2048N5' or 'C2 F256 D2048 N5') + * where: + * [Aa]: a = RLIMIT_AS max address space (KB) + * [Cc]: c = RLIMIT_CORE max core file size (KB) + * [Dd]: d = RLIMIT_DATA max data size (KB) + * [Ff]: f = RLIMIT_FSIZE max file size (KB) + * [Ii]: i = RLIMIT_NICE max nice value (0..39 translates to 20..-19) + * [Kk]: k = file creation masK (umask) + * [Ll]: l = max number of logins for this user + * [Mm]: m = RLIMIT_MEMLOCK max locked-in-memory address space (KB) + * [Nn]: n = RLIMIT_NOFILE max number of open files + * [Oo]: o = RLIMIT_RTPRIO max real time priority (linux/sched.h 0..MAX_RT_PRIO) + * [Pp]: p = process priority -20..20 (negative = high, positive = low) + * [Rr]: r = RLIMIT_RSS max resident set size (KB) + * [Ss]: s = RLIMIT_STACK max stack size (KB) + * [Tt]: t = RLIMIT_CPU max CPU time (MIN) + * [Uu]: u = RLIMIT_NPROC max number of processes + * + * NOTE: Remember to extend the "no-limits" string below when adding a new + * limit... + * + * Return value: + * 0 = okay, of course + * LOGIN_ERROR_RLIMIT = error setting some RLIMIT + * LOGIN_ERROR_LOGIN = error - too many logins for this user + * + * buf - the limits string + * name - the username + */ +static int do_user_limits (const char *buf, const char *name) +{ + const char *pp; + int retval = 0; + bool reported = false; + + pp = buf; + /* Skip leading whitespace. */ + while ((' ' == *pp) || ('\t' == *pp)) { + pp++; + } + + /* The special limit string "-" results in no limit for all known + * limits. + * We achieve that by parsing a full limit string, parts of it + * being ignored if a limit type is not known to the system. + * Though, there will be complaining for unknown limit types. + */ + if (strcmp (pp, "-") == 0) { + /* Remember to extend this, too, when adding new limits! + * Oh... but "unlimited" does not make sense for umask, + * or does it? (K-) + */ + pp = "A- C- D- F- I- L- M- N- O- P- R- S- T- U-"; + } + + while ('\0' != *pp) { + switch (*pp++) { + case 'a': + case 'A': + /* RLIMIT_AS - max address space (KB) */ + retval |= setrlimit_value (RLIMIT_AS, pp, 1024); + break; + case 'c': + case 'C': + /* RLIMIT_CORE - max core file size (KB) */ + retval |= setrlimit_value (RLIMIT_CORE, pp, 1024); + break; + case 'd': + case 'D': + /* RLIMIT_DATA - max data size (KB) */ + retval |= setrlimit_value (RLIMIT_DATA, pp, 1024); + break; + case 'f': + case 'F': + /* RLIMIT_FSIZE - Maximum filesize (KB) */ + retval |= setrlimit_value (RLIMIT_FSIZE, pp, 1024); + break; +#ifdef RLIMIT_NICE + case 'i': + case 'I': + /* RLIMIT_NICE - max scheduling priority (0..39) */ + retval |= setrlimit_value (RLIMIT_NICE, pp, 1); + break; +#endif + case 'k': + case 'K': + retval |= set_umask (pp); + break; + case 'l': + case 'L': + /* LIMIT the number of concurrent logins */ + retval |= check_logins (name, pp); + break; +#ifdef RLIMIT_MEMLOCK + case 'm': + case 'M': + /* RLIMIT_MEMLOCK - max locked-in-memory address space (KB) */ + retval |= setrlimit_value (RLIMIT_MEMLOCK, pp, 1024); + break; +#endif + case 'n': + case 'N': + /* RLIMIT_NOFILE - max number of open files */ + retval |= setrlimit_value (RLIMIT_NOFILE, pp, 1); + break; +#ifdef RLIMIT_RTPRIO + case 'o': + case 'O': + /* RLIMIT_RTPRIO - max real time priority (0..MAX_RT_PRIO) */ + retval |= setrlimit_value (RLIMIT_RTPRIO, pp, 1); + break; +#endif + case 'p': + case 'P': + retval |= set_prio (pp); + break; +#ifdef RLIMIT_RSS + case 'r': + case 'R': + /* RLIMIT_RSS - max resident set size (KB) */ + retval |= setrlimit_value (RLIMIT_RSS, pp, 1024); + break; +#endif + case 's': + case 'S': + /* RLIMIT_STACK - max stack size (KB) */ + retval |= setrlimit_value (RLIMIT_STACK, pp, 1024); + break; + case 't': + case 'T': + /* RLIMIT_CPU - max CPU time (MIN) */ + retval |= setrlimit_value (RLIMIT_CPU, pp, 60); + break; +#ifdef RLIMIT_NPROC + case 'u': + case 'U': + /* RLIMIT_NPROC - max number of processes */ + retval |= setrlimit_value (RLIMIT_NPROC, pp, 1); + break; +#endif + default: + /* Only report invalid strings once */ + /* Note: A string can be invalid just because a + * specific (theoretically valid) setting is not + * supported by this build. + * It is just a warning in syslog anyway. The line + * is still processed + */ + if (!reported) { + SYSLOG ((LOG_WARN, + "Invalid limit string: '%s'", + pp-1)); + reported = true; + retval |= LOGIN_ERROR_RLIMIT; + } + } + /* After parsing one limit setting (or just complaining + * about it), one still needs to skip its argument to + * prevent a bogus warning on trying to parse that as + * limit specification. + * So, let's skip all digits, "-" and our limited set of + * whitespace. + */ + while ( isdigit (*pp) + || ('-' == *pp) + || (' ' == *pp) + || ('\t' ==*pp)) { + pp++; + } + } + return retval; +} + +/* Check if user uname is in the group gname. + * Can I be sure that gr_mem contains no UID as string? + * Returns true when user is in the group, false when not. + * Any error is treated as false. + */ +static bool user_in_group (const char *uname, const char *gname) +{ + struct group *groupdata; + + if (uname == NULL || gname == NULL) { + return false; + } + + /* We are not claiming to be re-entrant! + * In case of paranoia or a multithreaded login program, + * one needs to add some mess for getgrnam_r. */ + groupdata = getgrnam (gname); + if (NULL == groupdata) { + SYSLOG ((LOG_WARN, "Nonexisting group `%s' in limits file.", + gname)); + return false; + } + + return is_on_list (groupdata->gr_mem, uname); +} + +static int setup_user_limits (const char *uname) +{ + FILE *fil; + char buf[1024]; + char name[1024]; + char limits[1024]; + char deflimits[1024]; + char tempbuf[1024]; + + /* init things */ + MEMZERO(buf); + MEMZERO(name); + MEMZERO(limits); + MEMZERO(deflimits); + MEMZERO(tempbuf); + + /* start the checks */ + fil = fopen (LIMITS_FILE, "r"); + if (fil == NULL) { + return 0; + } + /* The limits file have the following format: + * - '#' (comment) chars only as first chars on a line; + * - username must start on first column (or *, or @group) + * + * FIXME: A better (smarter) checking should be done + */ + while (fgets (buf, 1024, fil) != NULL) { + if (('#' == buf[0]) || ('\n' == buf[0])) { + continue; + } + MEMZERO(tempbuf); + /* a valid line should have a username, then spaces, + * then limits + * we allow the format: + * username L2 D2048 R4096 + * where spaces={' ',\t}. Also, we reject invalid limits. + * Imposing a limit should be done with care, so a wrong + * entry means no care anyway :-). + * + * A '-' as a limits strings means no limits + * + * The username can also be: + * '*': the default limits (only the last is taken into + * account) + * @group: the limit applies to the members of the group + * + * To clarify: The first entry with matching user name rules, + * everything after it is ignored. If there is no user entry, + * the last encountered entry for a matching group rules. + * If there is no matching group entry, the default limits rule. + */ + if (sscanf (buf, "%s%[ACDFIKLMNOPRSTUacdfiklmnoprstu0-9 \t-]", + name, tempbuf) == 2) { + if (strcmp (name, uname) == 0) { + strcpy (limits, tempbuf); + break; + } else if (strcmp (name, "*") == 0) { + strcpy (deflimits, tempbuf); + } else if (name[0] == '@') { + /* If the user is in the group, the group + * limits apply unless later a line for + * the specific user is found. + */ + if (user_in_group (uname, name+1)) { + strcpy (limits, tempbuf); + } + } + } + } + (void) fclose (fil); + if (limits[0] == '\0') { + /* no user specific limits */ + if (deflimits[0] == '\0') { /* no default limits */ + return 0; + } + strcpy (limits, deflimits); /* use the default limits */ + } + return do_user_limits (limits, uname); +} + + +static void setup_usergroups (const struct passwd *info) +{ + const struct group *grp; + +/* + * if not root, and UID == GID, and username is the same as primary + * group name, set umask group bits to be the same as owner bits + * (examples: 022 -> 002, 077 -> 007). + */ + if ((0 != info->pw_uid) && (info->pw_uid == info->pw_gid)) { + /* local, no need for xgetgrgid */ + grp = getgrgid (info->pw_gid); + if ( (NULL != grp) + && (strcmp (info->pw_name, grp->gr_name) == 0)) { + mode_t tmpmask; + tmpmask = umask (0777); + tmpmask = (tmpmask & ~070) | ((tmpmask >> 3) & 070); + (void) umask (tmpmask); + } + } +} + +/* + * set the process nice, ulimit, and umask from the password file entry + */ + +void setup_limits (const struct passwd *info) +{ + char *cp; + + if (getdef_bool ("USERGROUPS_ENAB")) { + setup_usergroups (info); + } + + /* + * See if the GECOS field contains values for NICE, UMASK or ULIMIT. + * If this feature is enabled in /etc/login.defs, we make those + * values the defaults for this login session. + */ + + if (getdef_bool ("QUOTAS_ENAB")) { + if (info->pw_uid != 0) { + if ((setup_user_limits (info->pw_name) & LOGIN_ERROR_LOGIN) != 0) { + (void) fputs (_("Too many logins.\n"), log_get_logfd()); + (void) sleep (2); /* XXX: Should be FAIL_DELAY */ + exit (EXIT_FAILURE); + } + } + for (cp = info->pw_gecos; cp != NULL; cp = strchr (cp, ',')) { + if (',' == *cp) { + cp++; + } + + if (strncmp (cp, "pri=", 4) == 0) { + long inc; + + if ( (str2sl(&inc, cp + 4) == 0) + && (inc >= -20) && (inc <= 20)) { + errno = 0; + if ( (nice (inc) != -1) + || (0 != errno)) { + continue; + } + } + + /* Failed to parse or failed to nice() */ + SYSLOG ((LOG_WARN, + "Can't set the nice value for user %s", + info->pw_name)); + + continue; + } + if (strncmp (cp, "ulimit=", 7) == 0) { + long blocks; + if ( (str2sl(&blocks, cp + 7) == -1) + || (blocks != (int) blocks) + || (set_filesize_limit (blocks) != 0)) { + SYSLOG ((LOG_WARN, + "Can't set the ulimit for user %s", + info->pw_name)); + } + continue; + } + if (strncmp (cp, "umask=", 6) == 0) { + unsigned long mask; + + if ( (str2ul(&mask, cp + 6) == -1) + || (mask != (mode_t) mask)) { + SYSLOG ((LOG_WARN, + "Can't set umask value for user %s", + info->pw_name)); + } else { + (void) umask (mask); + } + + continue; + } + } + } +} + +#else /* !USE_PAM */ +extern int ISO_C_forbids_an_empty_translation_unit; +#endif /* !USE_PAM */ + diff --git a/lib/list.c b/lib/list.c new file mode 100644 index 0000000..9fc6608 --- /dev/null +++ b/lib/list.c @@ -0,0 +1,245 @@ +/* + * SPDX-FileCopyrightText: 1991 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1997, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <assert.h> + +#include "alloc.h" +#include "prototypes.h" +#include "defines.h" +/* + * add_list - add a member to a list of group members + * + * the array of member names is searched for the new member + * name, and if not present it is added to a freshly allocated + * list of users. + */ +/*@only@*/char ** +add_list(/*@returned@*/ /*@only@*/char **list, const char *member) +{ + int i; + char **tmp; + + assert (NULL != member); + assert (NULL != list); + + /* + * Scan the list for the new name. Return the original list + * pointer if it is present. + */ + + for (i = 0; list[i] != NULL; i++) { + if (strcmp (list[i], member) == 0) { + return list; + } + } + + /* + * Allocate a new list pointer large enough to hold all the + * old entries, and the new entries as well. + */ + + tmp = XMALLOC(i + 2, char *); + + /* + * Copy the original list to the new list, then append the + * new member and NULL terminate the result. This new list + * is returned to the invoker. + */ + + for (i = 0; list[i] != NULL; i++) { + tmp[i] = list[i]; + } + + tmp[i] = xstrdup (member); + tmp[i+1] = NULL; + + return tmp; +} + +/* + * del_list - delete a member from a list of group members + * + * the array of member names is searched for the old member + * name, and if present it is deleted from a freshly allocated + * list of users. + */ + +/*@only@*/char ** +del_list(/*@returned@*/ /*@only@*/char **list, const char *member) +{ + int i, j; + char **tmp; + + assert (NULL != member); + assert (NULL != list); + + /* + * Scan the list for the old name. Return the original list + * pointer if it is not present. + */ + + for (i = j = 0; list[i] != NULL; i++) { + if (strcmp (list[i], member) != 0) { + j++; + } + } + + if (j == i) { + return list; + } + + /* + * Allocate a new list pointer large enough to hold all the + * old entries. + */ + + tmp = XMALLOC(j + 1, char *); + + /* + * Copy the original list except the deleted members to the + * new list, then NULL terminate the result. This new list + * is returned to the invoker. + */ + + for (i = j = 0; list[i] != NULL; i++) { + if (strcmp (list[i], member) != 0) { + tmp[j] = list[i]; + j++; + } + } + + tmp[j] = NULL; + + return tmp; +} + +/* + * Duplicate a list. + * The input list is not modified, but in order to allow the use of this + * function with list of members, the list elements are not enforced to be + * constant strings here. + */ +/*@only@*/char ** +dup_list(char *const *list) +{ + int i; + char **tmp; + + assert (NULL != list); + + for (i = 0; NULL != list[i]; i++); + + tmp = XMALLOC(i + 1, char *); + + i = 0; + while (NULL != *list) { + tmp[i] = xstrdup (*list); + i++; + list++; + } + + tmp[i] = NULL; + return tmp; +} + +/* + * Check if member is part of the input list + * The input list is not modified, but in order to allow the use of this + * function with list of members, the list elements are not enforced to be + * constant strings here. + */ +bool is_on_list (char *const *list, const char *member) +{ + assert (NULL != member); + assert (NULL != list); + + while (NULL != *list) { + if (strcmp (*list, member) == 0) { + return true; + } + list++; + } + + return false; +} + +/* + * comma_to_list - convert comma-separated list to (char *) array + */ + +/*@only@*/char **comma_to_list (const char *comma) +{ + char *members; + char **array; + int i; + char *cp; + char *cp2; + + assert (NULL != comma); + + /* + * Make a copy since we are going to be modifying the list + */ + + members = xstrdup (comma); + + /* + * Count the number of commas in the list + */ + + for (cp = members, i = 0;; i++) { + cp2 = strchr (cp, ','); + if (NULL != cp2) { + cp = cp2 + 1; + } else { + break; + } + } + + /* + * Add 2 - one for the ending NULL, the other for the last item + */ + + i += 2; + + /* + * Allocate the array we're going to store the pointers into. + */ + + array = XMALLOC(i, char *); + + /* + * Empty list is special - 0 members, not 1 empty member. --marekm + */ + + if ('\0' == *members) { + *array = NULL; + free (members); + return array; + } + + /* + * Now go walk that list all over again, this time building the + * array of pointers. + */ + + for (cp = members, i = 0; cp != NULL; i++) + array[i] = strsep(&cp, ","); + array[i] = NULL; + + /* + * Return the new array of pointers + */ + + return array; +} + diff --git a/lib/lockpw.c b/lib/lockpw.c index aaa317f..15e7c8f 100644 --- a/lib/lockpw.c +++ b/lib/lockpw.c @@ -81,5 +81,5 @@ int ulckpwdf (void) return (pw_unlock () && spw_unlock ())? 0 : -1; } #else -extern int errno; /* warning: ANSI C forbids an empty source file */ +extern int ISO_C_forbids_an_empty_translation_unit; #endif diff --git a/lib/log.c b/lib/log.c new file mode 100644 index 0000000..9f54d45 --- /dev/null +++ b/lib/log.c @@ -0,0 +1,109 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2008 , Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <sys/types.h> +#include <pwd.h> +#include <fcntl.h> +#include <time.h> +#include "defines.h" +#include <lastlog.h> +#include "memzero.h" +#include "prototypes.h" +#include "string/strncpy.h" +#include "string/strtcpy.h" + + +/* + * dolastlog - create lastlog entry + * + * A "last login" entry is created for the user being logged in. The + * UID is extracted from the global (struct passwd) entry and the + * TTY information is gotten from the (struct utmpx). + */ +void dolastlog ( + struct lastlog *ll, + const struct passwd *pw, + /*@unique@*/const char *line, + /*@unique@*/const char *host) +{ + int fd; + off_t offset; + struct lastlog newlog; + time_t ll_time; + + /* + * If the file does not exist, don't create it. + */ + + fd = open (LASTLOG_FILE, O_RDWR); + if (-1 == fd) { + return; + } + + /* + * The file is indexed by UID number. Seek to the record + * for this UID. Negative UID's will create problems, but ... + */ + + offset = (off_t) pw->pw_uid * sizeof newlog; + + if (lseek (fd, offset, SEEK_SET) != offset) { + SYSLOG ((LOG_WARN, + "Can't read last lastlog entry for UID %lu in %s. Entry not updated.", + (unsigned long) pw->pw_uid, LASTLOG_FILE)); + (void) close (fd); + return; + } + + /* + * Read the old entry so we can tell the user when they last + * logged in. Then construct the new entry and write it out + * the way we read the old one in. + */ + + if (read (fd, &newlog, sizeof newlog) != (ssize_t) sizeof newlog) { + memzero (&newlog, sizeof newlog); + } + if (NULL != ll) { + *ll = newlog; + } + + ll_time = newlog.ll_time; + (void) time (&ll_time); + newlog.ll_time = ll_time; + STRTCPY(newlog.ll_line, line); +#if HAVE_LL_HOST + STRNCPY(newlog.ll_host, host); +#endif + if ( (lseek (fd, offset, SEEK_SET) != offset) + || (write_full(fd, &newlog, sizeof newlog) == -1)) { + goto err_write; + } + + if (close (fd) != 0 && errno != EINTR) { + goto err_close; + } + + return; + +err_write: + { + int saved_errno = errno; + (void) close (fd); + errno = saved_errno; + } +err_close: + SYSLOG ((LOG_WARN, + "Can't write lastlog entry for UID %lu in %s: %m", + (unsigned long) pw->pw_uid, LASTLOG_FILE)); +} diff --git a/lib/logind.c b/lib/logind.c new file mode 100644 index 0000000..ba7278f --- /dev/null +++ b/lib/logind.c @@ -0,0 +1,52 @@ +/* + * SPDX-FileCopyrightText: 2023, Iker Pedrosa <ipedrosa@redhat.com> + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include "attr.h" +#include "defines.h" +#include "prototypes.h" + +#include <systemd/sd-login.h> + +int get_session_host (char **out) +{ + char *host = NULL; + char *session = NULL; + int ret; + + ret = sd_pid_get_session (getpid(), &session); + if (ret < 0) { + return ret; + } + ret = sd_session_get_remote_host (session, &host); + if (ret < 0) { + goto done; + } + + *out = host; + +done: + free (session); + return ret; +} + +unsigned long active_sessions_count(const char *name, MAYBE_UNUSED unsigned long limit) +{ + struct passwd *pw; + unsigned long count = 0; + + pw = prefix_getpwnam(name); + if (pw == NULL) { + return 0; + } + + count = sd_uid_get_sessions(pw->pw_uid, 0, NULL); + + return count; +} diff --git a/lib/loginprompt.c b/lib/loginprompt.c new file mode 100644 index 0000000..9b2aa25 --- /dev/null +++ b/lib/loginprompt.c @@ -0,0 +1,111 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1993, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2008 - 2011, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <assert.h> +#include <stdio.h> +#include <signal.h> + +#include "alloc.h" +#include "attr.h" +#include "memzero.h" +#include "prototypes.h" +#include "defines.h" +#include "getdef.h" + +static void login_exit (MAYBE_UNUSED int sig) +{ + _exit (EXIT_FAILURE); +} + +/* + * login_prompt - prompt the user for their login name + * + * login_prompt() displays the standard login prompt. If ISSUE_FILE + * is set in login.defs, this file is displayed before the prompt. + */ + +void login_prompt (char *name, int namesize) +{ + char buf[1024]; + + char *cp; + int i; + FILE *fp; + const char *fname = getdef_str ("ISSUE_FILE"); + + sighandler_t sigquit; + sighandler_t sigtstp; + + /* + * There is a small chance that a QUIT character will be part of + * some random noise during a prompt. Deal with this by exiting + * instead of core dumping. Do the same thing for SIGTSTP. + */ + + sigquit = signal (SIGQUIT, login_exit); + sigtstp = signal (SIGTSTP, login_exit); + + /* + * See if the user has configured the issue file to + * be displayed and display it before the prompt. + */ + + if (NULL != fname) { + fp = fopen (fname, "r"); + if (NULL != fp) { + while ((i = getc (fp)) != EOF) { + (void) putc (i, stdout); + } + + (void) fclose (fp); + } + } + (void) gethostname (buf, sizeof buf); + printf (_("\n%s login: "), buf); + (void) fflush (stdout); + + /* + * Read the user's response. The trailing newline will be + * removed. + */ + + MEMZERO(buf); + if (fgets (buf, sizeof buf, stdin) != buf) { + exit (EXIT_FAILURE); + } + + cp = strchr (buf, '\n'); + if (NULL == cp) { + exit (EXIT_FAILURE); + } + *cp = '\0'; /* remove \n [ must be there ] */ + + /* + * Skip leading whitespace. This makes " username" work right. + * Then copy the rest (up to the end) into the username. + */ + + for (cp = buf; *cp == ' ' || *cp == '\t'; cp++); + + for (i = 0; i < namesize - 1 && *cp != '\0'; name[i++] = *cp++); + + name[i] = '\0'; + + /* + * Set the SIGQUIT handler back to its original value + */ + + (void) signal (SIGQUIT, sigquit); + (void) signal (SIGTSTP, sigtstp); +} + diff --git a/lib/mail.c b/lib/mail.c new file mode 100644 index 0000000..d14bdb1 --- /dev/null +++ b/lib/mail.c @@ -0,0 +1,67 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1991, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2008 , Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> +#include "prototypes.h" +#include "defines.h" +#include <assert.h> +#include <sys/stat.h> +#include <stdio.h> +#include <string.h> + +#include "alloc.h" +#include "getdef.h" +#include "string/sprintf.h" + +#ident "$Id$" + + +void mailcheck (void) +{ + struct stat statbuf; + char *mailbox; + + if (!getdef_bool ("MAIL_CHECK_ENAB")) { + return; + } + + /* + * Check incoming mail in Maildir format - J. + */ + mailbox = getenv ("MAILDIR"); + if (NULL != mailbox) { + char *newmail; + + xasprintf(&newmail, "%s/new", mailbox); + + if (stat (newmail, &statbuf) != -1 && statbuf.st_size != 0) { + if (statbuf.st_mtime > statbuf.st_atime) { + free(newmail); + (void) puts (_("You have new mail.")); + return; + } + } + free(newmail); + } + + mailbox = getenv ("MAIL"); + if (NULL == mailbox) { + return; + } + + if ( (stat (mailbox, &statbuf) == -1) + || (statbuf.st_size == 0)) { + (void) puts (_("No mail.")); + } else if (statbuf.st_atime > statbuf.st_mtime) { + (void) puts (_("You have mail.")); + } else { + (void) puts (_("You have new mail.")); + } +} + diff --git a/lib/memzero.c b/lib/memzero.c new file mode 100644 index 0000000..8979e5f --- /dev/null +++ b/lib/memzero.c @@ -0,0 +1,17 @@ +/* + * SPDX-FileCopyrightText: 2023, Alejandro Colomar <alx@kernel.org> + * SPDX-License-Identifier: BSD-3-Clause + */ + + +#include <config.h> + +#ident "$Id$" + +#include <stddef.h> + +#include "memzero.h" + + +extern inline void memzero(void *ptr, size_t size); +extern inline void strzero(char *s); diff --git a/lib/memzero.h b/lib/memzero.h new file mode 100644 index 0000000..1137e83 --- /dev/null +++ b/lib/memzero.h @@ -0,0 +1,49 @@ +/* + * SPDX-FileCopyrightText: 2022-2023, Christian Göttsche <cgzones@googlemail.com> + * SPDX-FileCopyrightText: 2023, Alejandro Colomar <alx@kernel.org> + * SPDX-License-Identifier: BSD-3-Clause + */ + + +#ifndef SHADOW_INCLUDE_LIBMISC_MEMZERO_H_ +#define SHADOW_INCLUDE_LIBMISC_MEMZERO_H_ + + +#include <config.h> + +#include <stddef.h> +#include <string.h> +#include <strings.h> + +#include "sizeof.h" + + +#define MEMZERO(arr) memzero(arr, SIZEOF_ARRAY(arr)) + + +inline void memzero(void *ptr, size_t size); +inline void strzero(char *s); + + +inline void +memzero(void *ptr, size_t size) +{ +#if defined(HAVE_MEMSET_EXPLICIT) + memset_explicit(ptr, 0, size); +#elif defined(HAVE_EXPLICIT_BZERO) + explicit_bzero(ptr, size); +#else + bzero(ptr, size); + __asm__ __volatile__ ("" : : "r"(ptr) : "memory"); +#endif +} + + +inline void +strzero(char *s) +{ + memzero(s, strlen(s)); +} + + +#endif // include guard diff --git a/lib/motd.c b/lib/motd.c new file mode 100644 index 0000000..d1d5bf6 --- /dev/null +++ b/lib/motd.c @@ -0,0 +1,60 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1991, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1997, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2010 , Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <stdio.h> + +#include "alloc.h" +#include "defines.h" +#include "getdef.h" +#include "prototypes.h" +/* + * motd -- output the /etc/motd file + * + * motd() determines the name of a login announcement file and outputs + * it to the user's terminal at login time. The MOTD_FILE configuration + * option is a colon-delimited list of filenames. + */ +void motd (void) +{ + FILE *fp; + char *motdlist; + const char *motdfile; + char *mb; + int c; + + motdfile = getdef_str ("MOTD_FILE"); + if (NULL == motdfile) { + return; + } + + motdlist = xstrdup (motdfile); + + for (mb = motdlist; ;mb = NULL) { + motdfile = strtok (mb, ":"); + if (NULL == motdfile) { + break; + } + + fp = fopen (motdfile, "r"); + if (NULL != fp) { + while ((c = getc (fp)) != EOF) { + putchar (c); + } + fclose (fp); + } + } + fflush (stdout); + + free (motdlist); +} + diff --git a/lib/must_be.h b/lib/must_be.h new file mode 100644 index 0000000..a7365cb --- /dev/null +++ b/lib/must_be.h @@ -0,0 +1,99 @@ +/* + * SPDX-FileCopyrightText: 2019-2023, Alejandro Colomar <alx@kernel.org> + * SPDX-License-Identifier: BSD-3-Clause + */ + + +#ifndef SHADOW_INCLUDE_LIBMISC_MUST_BE_H_ +#define SHADOW_INCLUDE_LIBMISC_MUST_BE_H_ + + +#include <config.h> + +#include <assert.h> + + +/* + * SYNOPSIS + * int must_be(bool e); + * + * ARGUMENTS + * e Expression to be asserted. + * + * DESCRIPTION + * This macro fails compilation if 'e' is false. If 'e' is true, + * it returns (int) 0, so it doesn't affect the expression in which + * it is contained. + * + * This macro is similar to static_assert(3). While + * static_assert(3) can only be used where a statement is allowed, + * this must_be() macro can be used wherever an expression is + * allowed. + * + * RETURN VALUE + * 0 + * + * ERRORS + * If 'e' is false, the compilation will fail, as when using + * static_assert(3). + * + * EXAMPLES + * #define must_be_array(a) must_be(is_array(a)) + * + * #define NITEMS(a) (sizeof(a) / sizeof(*(a)) + must_be_array(a)) + * + * int foo[42]; + * int bar[NITEMS(foo)]; + */ + + +#define must_be(e) \ +( \ + 0 * (int) sizeof( \ + struct { \ + static_assert(e, ""); \ + int ISO_C_forbids_a_struct_with_no_members_; \ + } \ + ) \ +) + + +/* + * SYNOPSIS + * int must_be_array(a); + * + * ARGUMENTS + * a Array. + * + * DESCRIPTION + * This macro fails compilation if 'a' is not an array. It is + * useful in macros that accept an array as a parameter, where this + * macro can validate the macro argument. It prevent passing a + * pointer to such macros, which would otherwise produce silent + * bugs. + * + * RETURN VALUE + * 0 + * + * ERRORS + * If 'a' is not an array, the compilation will fail. + * + * EXAMPLES + * int a[10]; + * int *p; + * + * must_be_array(a); // Ok + * must_be_array(p); // Compile-time error + * + * SEE ALSO + * must_be() + */ + + +#define is_same_type(a, b) __builtin_types_compatible_p(a, b) +#define is_same_typeof(a, b) is_same_type(typeof(a), typeof(b)) +#define is_array(a) (!is_same_typeof((a), &(a)[0])) +#define must_be_array(a) must_be(is_array(a)) + + +#endif // include guard diff --git a/lib/myname.c b/lib/myname.c new file mode 100644 index 0000000..1b02617 --- /dev/null +++ b/lib/myname.c @@ -0,0 +1,49 @@ +/* + * SPDX-FileCopyrightText: 1996 - 1997, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2007 - 2009, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/* + * myname.c - determine the current username and get the passwd entry + * + */ + +#include <config.h> + +#ident "$Id$" + +#include "defines.h" +#include <pwd.h> +#include "prototypes.h" +/*@null@*/ /*@only@*/struct passwd *get_my_pwent (void) +{ + struct passwd *pw; + const char *cp = getlogin (); + uid_t ruid = getuid (); + + /* + * Try getlogin() first - if it fails or returns a non-existent + * username, or a username which doesn't match the real UID, fall + * back to getpwuid(getuid()). This should work reasonably with + * usernames longer than the utmp limit (8 characters), as well as + * shared UIDs - but not both at the same time... + * + * XXX - when running from su, will return the current user (not + * the original user, like getlogin() does). Does this matter? + */ + if ((NULL != cp) && ('\0' != *cp)) { + pw = xgetpwnam (cp); + if ((NULL != pw) && (pw->pw_uid == ruid)) { + return pw; + } + if (NULL != pw) { + pw_free (pw); + } + } + + return xgetpwuid (ruid); +} + @@ -53,6 +53,6 @@ int nscd_flush_cache (const char *service) return 0; } #else /* USE_NSCD */ -extern int errno; /* warning: ANSI C forbids an empty source file */ +extern int ISO_C_forbids_an_empty_translation_unit; #endif /* USE_NSCD */ @@ -1,3 +1,5 @@ +#include <config.h> + #include <stdio.h> #include <stdlib.h> #include <dlfcn.h> @@ -6,10 +8,14 @@ #include <strings.h> #include <ctype.h> #include <stdatomic.h> + +#include "alloc.h" #include "prototypes.h" #include "../libsubid/subid.h" #include "shadowlog_internal.h" #include "shadowlog.h" +#include "string/sprintf.h" + #define NSSWITCH "/etc/nsswitch.conf" @@ -40,10 +46,12 @@ static void nss_exit(void) { // nsswitch_path is an argument only to support testing. void nss_init(const char *nsswitch_path) { - FILE *nssfp = NULL; - char *line = NULL, *p, *token, *saveptr; - size_t len = 0; - FILE *shadow_logfd = log_get_logfd(); + char *line = NULL, *p, *token, *saveptr; + char libname[64]; + FILE *nssfp = NULL; + FILE *shadow_logfd = log_get_logfd(); + void *h; + size_t len = 0; if (atomic_flag_test_and_set(&nss_init_started)) { // Another thread has started nss_init, wait for it to complete @@ -59,82 +67,78 @@ void nss_init(const char *nsswitch_path) { // subid: files nssfp = fopen(nsswitch_path, "r"); if (!nssfp) { + if (errno != ENOENT) + fprintf(shadow_logfd, "Failed opening %s: %m\n", nsswitch_path); + atomic_store(&nss_init_completed, true); return; } - while ((getline(&line, &len, nssfp)) != -1) { - if (line[0] == '\0' || line[0] == '#') + p = NULL; + while (getline(&line, &len, nssfp) != -1) { + if (line[0] == '#') continue; if (strlen(line) < 8) continue; if (strncasecmp(line, "subid:", 6) != 0) continue; p = &line[6]; - while ((*p) && isspace(*p)) + while (isspace(*p)) p++; - if (!*p) - continue; - for (token = strtok_r(p, " \n\t", &saveptr); - token; - token = strtok_r(NULL, " \n\t", &saveptr)) { - char libname[65]; - void *h; - if (strcmp(token, "files") == 0) { - subid_nss = NULL; - goto done; - } - if (strlen(token) > 50) { - fprintf(shadow_logfd, "Subid NSS module name too long (longer than 50 characters): %s\n", token); - fprintf(shadow_logfd, "Using files\n"); - subid_nss = NULL; - goto done; - } - snprintf(libname, 64, "libsubid_%s.so", token); - h = dlopen(libname, RTLD_LAZY); - if (!h) { - fprintf(shadow_logfd, "Error opening %s: %s\n", libname, dlerror()); - fprintf(shadow_logfd, "Using files\n"); - subid_nss = NULL; - goto done; - } - subid_nss = malloc(sizeof(*subid_nss)); - if (!subid_nss) { - dlclose(h); - goto done; - } - subid_nss->has_range = dlsym(h, "shadow_subid_has_range"); - if (!subid_nss->has_range) { - fprintf(shadow_logfd, "%s did not provide @has_range@\n", libname); - dlclose(h); - free(subid_nss); - subid_nss = NULL; - goto done; - } - subid_nss->list_owner_ranges = dlsym(h, "shadow_subid_list_owner_ranges"); - if (!subid_nss->list_owner_ranges) { - fprintf(shadow_logfd, "%s did not provide @list_owner_ranges@\n", libname); - dlclose(h); - free(subid_nss); - subid_nss = NULL; - goto done; - } - subid_nss->find_subid_owners = dlsym(h, "shadow_subid_find_subid_owners"); - if (!subid_nss->find_subid_owners) { - fprintf(shadow_logfd, "%s did not provide @find_subid_owners@\n", libname); - dlclose(h); - free(subid_nss); - subid_nss = NULL; - goto done; - } - subid_nss->handle = h; - goto done; - } + if (*p != '\0') + break; + p = NULL; + } + if (p == NULL) { + goto null_subid; + } + token = strtok_r(p, " \n\t", &saveptr); + if (token == NULL) { fprintf(shadow_logfd, "No usable subid NSS module found, using files\n"); // subid_nss has to be null here, but to ease reviews: - free(subid_nss); - subid_nss = NULL; - goto done; + goto null_subid; } + if (strcmp(token, "files") == 0) { + goto null_subid; + } + if (strlen(token) > 50) { + fprintf(shadow_logfd, "Subid NSS module name too long (longer than 50 characters): %s\n", token); + fprintf(shadow_logfd, "Using files\n"); + goto null_subid; + } + SNPRINTF(libname, "libsubid_%s.so", token); + h = dlopen(libname, RTLD_LAZY); + if (!h) { + fprintf(shadow_logfd, "Error opening %s: %s\n", libname, dlerror()); + fprintf(shadow_logfd, "Using files\n"); + goto null_subid; + } + subid_nss = MALLOC(1, struct subid_nss_ops); + if (!subid_nss) { + goto close_lib; + } + subid_nss->has_range = dlsym(h, "shadow_subid_has_range"); + if (!subid_nss->has_range) { + fprintf(shadow_logfd, "%s did not provide @has_range@\n", libname); + goto close_lib; + } + subid_nss->list_owner_ranges = dlsym(h, "shadow_subid_list_owner_ranges"); + if (!subid_nss->list_owner_ranges) { + fprintf(shadow_logfd, "%s did not provide @list_owner_ranges@\n", libname); + goto close_lib; + } + subid_nss->find_subid_owners = dlsym(h, "shadow_subid_find_subid_owners"); + if (!subid_nss->find_subid_owners) { + fprintf(shadow_logfd, "%s did not provide @find_subid_owners@\n", libname); + goto close_lib; + } + subid_nss->handle = h; + goto done; + +close_lib: + dlclose(h); + free(subid_nss); +null_subid: + subid_nss = NULL; done: atomic_store(&nss_init_completed, true); diff --git a/lib/obscure.c b/lib/obscure.c new file mode 100644 index 0000000..549c2a8 --- /dev/null +++ b/lib/obscure.c @@ -0,0 +1,224 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1999, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2007 - 2010, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + + +#include <ctype.h> +#include <stdio.h> + +#include "alloc.h" +#include "attr.h" +#include "memzero.h" +#include "prototypes.h" +#include "defines.h" +#include "getdef.h" + +#if WITH_LIBBSD == 0 +#include "freezero.h" +#endif /* WITH_LIBBSD */ + +/* + * can't be a palindrome - like `R A D A R' or `M A D A M' + */ +static bool palindrome (MAYBE_UNUSED const char *old, const char *new) +{ + size_t i, j; + + i = strlen (new); + + for (j = 0; j < i; j++) { + if (new[i - j - 1] != new[j]) { + return false; + } + } + + return true; +} + +/* + * more than half of the characters are different ones. + */ + +static bool similar (/*@notnull@*/const char *old, /*@notnull@*/const char *new) +{ + int i, j; + + /* + * XXX - sometimes this fails when changing from a simple password + * to a really long one (MD5). For now, I just return success if + * the new password is long enough. Please feel free to suggest + * something better... --marekm + */ + if (strlen (new) >= 8) { + return false; + } + + for (i = j = 0; ('\0' != new[i]) && ('\0' != old[i]); i++) { + if (strchr (new, old[i]) != NULL) { + j++; + } + } + + if (i >= j * 2) { + return false; + } + + return true; +} + +static char *str_lower (/*@returned@*/char *string) +{ + char *cp; + + for (cp = string; '\0' != *cp; cp++) { + *cp = tolower (*cp); + } + return string; +} + +static /*@observer@*//*@null@*/const char *password_check ( + /*@notnull@*/const char *old, + /*@notnull@*/const char *new, + /*@notnull@*/MAYBE_UNUSED const struct passwd *pwdp) +{ + const char *msg = NULL; + char *oldmono, *newmono, *wrapped; + + if (strcmp (new, old) == 0) { + return _("no change"); + } + + newmono = str_lower (xstrdup (new)); + oldmono = str_lower (xstrdup (old)); + wrapped = XMALLOC(strlen(oldmono) * 2 + 1, char); + strcpy (wrapped, oldmono); + strcat (wrapped, oldmono); + + if (palindrome (oldmono, newmono)) { + msg = _("a palindrome"); + } else if (strcmp (oldmono, newmono) == 0) { + msg = _("case changes only"); + } else if (similar (oldmono, newmono)) { + msg = _("too similar"); + } else if (strstr (wrapped, newmono) != NULL) { + msg = _("rotated"); + } + strzero (newmono); + strzero (oldmono); + strzero (wrapped); + free (newmono); + free (oldmono); + free (wrapped); + + return msg; +} + +static /*@observer@*//*@null@*/const char *obscure_msg ( + /*@notnull@*/const char *old, + /*@notnull@*/const char *new, + /*@notnull@*/const struct passwd *pwdp) +{ + size_t maxlen, oldlen, newlen; + char *new1, *old1; + const char *msg; + const char *result; + + oldlen = strlen (old); + newlen = strlen (new); + + if (newlen < (size_t) getdef_num ("PASS_MIN_LEN", 0)) { + return _("too short"); + } + + /* + * Remaining checks are optional. + */ + if (!getdef_bool ("OBSCURE_CHECKS_ENAB")) { + return NULL; + } + + msg = password_check (old, new, pwdp); + if (NULL != msg) { + return msg; + } + + result = getdef_str ("ENCRYPT_METHOD"); + if (NULL == result) { + /* The traditional crypt() truncates passwords to 8 chars. It is + possible to circumvent the above checks by choosing an easy + 8-char password and adding some random characters to it... + Example: "password$%^&*123". So check it again, this time + truncated to the maximum length. Idea from npasswd. --marekm */ + + if (getdef_bool ("MD5_CRYPT_ENAB")) { + return NULL; + } + + } else { + + if ( (strcmp (result, "MD5") == 0) +#ifdef USE_SHA_CRYPT + || (strcmp (result, "SHA256") == 0) + || (strcmp (result, "SHA512") == 0) +#endif +#ifdef USE_BCRYPT + || (strcmp (result, "BCRYPT") == 0) +#endif +#ifdef USE_YESCRYPT + || (strcmp (result, "YESCRYPT") == 0) +#endif + ) { + return NULL; + } + + } + maxlen = getdef_num ("PASS_MAX_LEN", 8); + if ( (oldlen <= maxlen) + && (newlen <= maxlen)) { + return NULL; + } + + new1 = xstrdup (new); + old1 = xstrdup (old); + if (newlen > maxlen) { + new1[maxlen] = '\0'; + } + if (oldlen > maxlen) { + old1[maxlen] = '\0'; + } + + msg = password_check (old1, new1, pwdp); + + freezero (new1, newlen); + freezero (old1, oldlen); + + return msg; +} + +/* + * Obscure - see if password is obscure enough. + * + * The programmer is encouraged to add as much complexity to this + * routine as desired. Included are some of my favorite ways to + * check passwords. + */ + +bool obscure (const char *old, const char *new, const struct passwd *pwdp) +{ + const char *msg = obscure_msg (old, new, pwdp); + + if (NULL != msg) { + printf (_("Bad password: %s. "), msg); + return false; + } + return true; +} diff --git a/lib/pam_defs.h b/lib/pam_defs.h index 2dcda3c..dd016e5 100644 --- a/lib/pam_defs.h +++ b/lib/pam_defs.h @@ -15,7 +15,7 @@ #endif -static struct pam_conv conv = { +static const struct pam_conv conv = { SHADOW_PAM_CONVERSATION, NULL }; diff --git a/lib/pam_pass.c b/lib/pam_pass.c new file mode 100644 index 0000000..ff49173 --- /dev/null +++ b/lib/pam_pass.c @@ -0,0 +1,59 @@ +/* + * SPDX-FileCopyrightText: 1997 - 1999, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2001 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2008 , Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ifdef USE_PAM + +#ident "$Id$" + + +/* + * Change the user's password using PAM. + */ +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> +#include <sys/types.h> +#include "defines.h" +#include "pam_defs.h" +#include "prototypes.h" +#include "shadowlog.h" + +void do_pam_passwd (const char *user, bool silent, bool change_expired) +{ + pam_handle_t *pamh = NULL; + int flags = 0, ret; + FILE *shadow_logfd = log_get_logfd(); + + if (silent) + flags |= PAM_SILENT; + if (change_expired) + flags |= PAM_CHANGE_EXPIRED_AUTHTOK; + + ret = pam_start ("passwd", user, &conv, &pamh); + if (ret != PAM_SUCCESS) { + fprintf (shadow_logfd, + _("passwd: pam_start() failed, error %d\n"), ret); + exit (10); /* XXX */ + } + + ret = pam_chauthtok (pamh, flags); + if (ret != PAM_SUCCESS) { + fprintf (shadow_logfd, _("passwd: %s\n"), pam_strerror (pamh, ret)); + fputs (_("passwd: password unchanged\n"), shadow_logfd); + pam_end (pamh, ret); + exit (10); /* XXX */ + } + + fputs (_("passwd: password updated successfully\n"), shadow_logfd); + (void) pam_end (pamh, PAM_SUCCESS); +} +#else /* !USE_PAM */ +extern int ISO_C_forbids_an_empty_translation_unit; +#endif /* !USE_PAM */ diff --git a/lib/pam_pass_non_interactive.c b/lib/pam_pass_non_interactive.c new file mode 100644 index 0000000..3d10908 --- /dev/null +++ b/lib/pam_pass_non_interactive.c @@ -0,0 +1,149 @@ +/* + * SPDX-FileCopyrightText: 2009 - 2010, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id:$" + +#ifdef USE_PAM +#include <assert.h> +#include <string.h> +#include <stdio.h> +#include <stdlib.h> +#include <strings.h> + +#include <security/pam_appl.h> + +#include "alloc.h" +#include "attr.h" +#include "memzero.h" +#include "prototypes.h" +#include "shadowlog.h" + +/*@null@*/ /*@only@*/static const char *non_interactive_password = NULL; +static int ni_conv (int num_msg, + const struct pam_message **msg, + struct pam_response **resp, + MAYBE_UNUSED void *appdata_ptr); +static const struct pam_conv non_interactive_pam_conv = { + ni_conv, + NULL +}; + + + +static int ni_conv (int num_msg, + const struct pam_message **msg, + struct pam_response **resp, + MAYBE_UNUSED void *appdata_ptr) +{ + struct pam_response *responses; + int count; + + assert (NULL != non_interactive_password); + + if (num_msg <= 0) { + return PAM_CONV_ERR; + } + + responses = CALLOC (num_msg, struct pam_response); + if (NULL == responses) { + return PAM_CONV_ERR; + } + + for (count=0; count < num_msg; count++) { + responses[count].resp_retcode = 0; + + switch (msg[count]->msg_style) { + case PAM_PROMPT_ECHO_ON: + fprintf (log_get_logfd(), + _("%s: PAM modules requesting echoing are not supported.\n"), + log_get_progname()); + goto failed_conversation; + case PAM_PROMPT_ECHO_OFF: + responses[count].resp = strdup (non_interactive_password); + if (NULL == responses[count].resp) { + goto failed_conversation; + } + break; + case PAM_ERROR_MSG: + if ( (NULL == msg[count]->msg) + || (fprintf (log_get_logfd(), "%s\n", msg[count]->msg) <0)) { + goto failed_conversation; + } + responses[count].resp = NULL; + break; + case PAM_TEXT_INFO: + if ( (NULL == msg[count]->msg) + || (fprintf (stdout, "%s\n", msg[count]->msg) <0)) { + goto failed_conversation; + } + responses[count].resp = NULL; + break; + default: + (void) fprintf (log_get_logfd(), + _("%s: conversation type %d not supported.\n"), + log_get_progname(), msg[count]->msg_style); + goto failed_conversation; + } + } + + *resp = responses; + + return PAM_SUCCESS; + +failed_conversation: + for (count=0; count < num_msg; count++) { + if (NULL != responses[count].resp) { + strzero(responses[count].resp); + free(responses[count].resp); + responses[count].resp = NULL; + } + } + + free (responses); + *resp = NULL; + + return PAM_CONV_ERR; +} + + +/* + * Change non interactively the user's password using PAM. + * + * Return 0 on success, 1 on failure. + */ +int do_pam_passwd_non_interactive (const char *pam_service, + const char *username, + const char* password) +{ + pam_handle_t *pamh = NULL; + int ret; + + ret = pam_start (pam_service, username, &non_interactive_pam_conv, &pamh); + if (ret != PAM_SUCCESS) { + fprintf (log_get_logfd(), + _("%s: (user %s) pam_start failure %d\n"), + log_get_progname(), username, ret); + return 1; + } + + non_interactive_password = password; + ret = pam_chauthtok (pamh, 0); + if (ret != PAM_SUCCESS) { + fprintf (log_get_logfd(), + _("%s: (user %s) pam_chauthtok() failed, error:\n" + "%s\n"), + log_get_progname(), username, pam_strerror (pamh, ret)); + } + + (void) pam_end (pamh, PAM_SUCCESS); + + return ((PAM_SUCCESS == ret) ? 0 : 1); +} +#else /* !USE_PAM */ +extern int ISO_C_forbids_an_empty_translation_unit; +#endif /* !USE_PAM */ @@ -79,7 +79,7 @@ static void endportent (void) (void) fclose (ports); } - ports = (FILE *) 0; + ports = NULL; } /* @@ -127,14 +127,14 @@ static struct port *getportent (void) * - parse off a list of days and times */ - again: +again: /* - * Get the next line and remove the last character, which - * is a '\n'. Lines which begin with '#' are all ignored. + * Get the next line and remove optional trailing '\n'. + * Lines which begin with '#' are all ignored. */ - if (fgets (buf, (int) sizeof buf, ports) == 0) { + if (fgets (buf, sizeof buf, ports) == 0) { errno = saveerr; return 0; } @@ -149,18 +149,14 @@ static struct port *getportent (void) * TTY devices. */ - buf[strlen (buf) - 1] = 0; + buf[strcspn (buf, "\n")] = 0; port.pt_names = ttys; for (cp = buf, j = 0; j < PORT_TTY; j++) { port.pt_names[j] = cp; - while (('\0' != *cp) && (':' != *cp) && (',' != *cp)) { - cp++; - } - - if ('\0' == *cp) { + cp = strpbrk(cp, ":,"); + if (cp == NULL) goto again; /* line format error */ - } if (':' == *cp) { /* end of tty name list */ break; @@ -172,13 +168,13 @@ static struct port *getportent (void) } *cp = '\0'; cp++; - port.pt_names[j + 1] = (char *) 0; + port.pt_names[j] = NULL; /* * Get the list of user names. It is the second colon * separated field, and is a comma separated list of user * names. The entry '*' is used to specify all usernames. - * The last entry in the list is a (char *) 0 pointer. + * The last entry in the list is a NULL pointer. */ if (':' != *cp) { @@ -243,9 +239,7 @@ static struct port *getportent (void) * week or the other two values. */ - for (i = 0; - ('\0' != cp[i]) && ('\0' != cp[i + 1]) && isalpha (cp[i]); - i += 2) { + for (i = 0; isalpha(cp[i]) && ('\0' != cp[i + 1]); i += 2) { switch ((cp[i] << 8) | (cp[i + 1])) { case ('S' << 8) | 'u': port.pt_times[j].t_days |= 01; @@ -294,7 +288,7 @@ static struct port *getportent (void) * representing the times of day. */ - for (dtime = 0; ('\0' != cp[i]) && isdigit (cp[i]); i++) { + for (dtime = 0; isdigit (cp[i]); i++) { dtime = dtime * 10 + cp[i] - '0'; } @@ -304,9 +298,7 @@ static struct port *getportent (void) port.pt_times[j].t_start = dtime; cp = cp + i + 1; - for (dtime = 0, i = 0; - ('\0' != cp[i]) && isdigit (cp[i]); - i++) { + for (dtime = 0, i = 0; isdigit (cp[i]); i++) { dtime = dtime * 10 + cp[i] - '0'; } diff --git a/lib/prefix_flag.c b/lib/prefix_flag.c new file mode 100644 index 0000000..bba7102 --- /dev/null +++ b/lib/prefix_flag.c @@ -0,0 +1,360 @@ +/* + * SPDX-FileCopyrightText: 2011 , Julian Pidancet + * SPDX-FileCopyrightText: 2011 , Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <stdio.h> +#include <assert.h> + +#include "defines.h" +#include "alloc.h" +#include "prototypes.h" +/*@-exitarg@*/ +#include "exitcodes.h" +#include "groupio.h" +#include "pwio.h" +#ifdef SHADOWGRP +#include "sgroupio.h" +#endif +#include "shadowio.h" +#ifdef ENABLE_SUBIDS +#include "subordinateio.h" +#endif /* ENABLE_SUBIDS */ +#include "getdef.h" +#include "shadowlog.h" +#include "string/sprintf.h" + + +static char *passwd_db_file = NULL; +static char *spw_db_file = NULL; +static char *group_db_file = NULL; +static char *sgroup_db_file = NULL; +static char *suid_db_file = NULL; +static char *sgid_db_file = NULL; +static char *def_conf_file = NULL; +static FILE* fp_pwent = NULL; +static FILE* fp_grent = NULL; + +/* + * process_prefix_flag - prefix all paths if given the --prefix option + * + * This shall be called before accessing the passwd, group, shadow, + * gshadow, useradd's default, login.defs files (non exhaustive list) + * or authenticating the caller. + * + * The audit, syslog, or locale files shall be open before + */ +extern const char* process_prefix_flag (const char* short_opt, int argc, char **argv) +{ + /* + * Parse the command line options. + */ + int i; + const char *prefix = NULL, *val; + + for (i = 0; i < argc; i++) { + val = NULL; + if ( (strcmp (argv[i], "--prefix") == 0) + || ((strncmp (argv[i], "--prefix=", 9) == 0) + && (val = argv[i] + 9)) + || (strcmp (argv[i], short_opt) == 0)) { + if (NULL != prefix) { + fprintf (log_get_logfd(), + _("%s: multiple --prefix options\n"), + log_get_progname()); + exit (E_BAD_ARG); + } + + if (val) { + prefix = val; + } else if (i + 1 == argc) { + fprintf (log_get_logfd(), + _("%s: option '%s' requires an argument\n"), + log_get_progname(), argv[i]); + exit (E_BAD_ARG); + } else { + prefix = argv[++ i]; + } + } + } + + + + if (prefix != NULL) { + /* Drop privileges */ + if ( (setregid (getgid (), getgid ()) != 0) + || (setreuid (getuid (), getuid ()) != 0)) { + fprintf (log_get_logfd(), + _("%s: failed to drop privileges (%s)\n"), + log_get_progname(), strerror (errno)); + exit (EXIT_FAILURE); + } + + if ( prefix[0] == '\0' || !strcmp(prefix, "/")) + return ""; /* if prefix is "/" then we ignore the flag option */ + /* should we prevent symbolic link from being used as a prefix? */ + + if ( prefix[0] != '/') { + fprintf (log_get_logfd(), + _("%s: prefix must be an absolute path\n"), + log_get_progname()); + exit (E_BAD_ARG); + } + + xasprintf(&passwd_db_file, "%s/%s", prefix, PASSWD_FILE); + pw_setdbname(passwd_db_file); + + xasprintf(&group_db_file, "%s/%s", prefix, GROUP_FILE); + gr_setdbname(group_db_file); + +#ifdef SHADOWGRP + xasprintf(&sgroup_db_file, "%s/%s", prefix, SGROUP_FILE); + sgr_setdbname(sgroup_db_file); +#endif + + xasprintf(&spw_db_file, "%s/%s", prefix, SHADOW_FILE); + spw_setdbname(spw_db_file); + +#ifdef ENABLE_SUBIDS + xasprintf(&suid_db_file, "%s/%s", prefix, SUBUID_FILE); + sub_uid_setdbname(suid_db_file); + + xasprintf(&sgid_db_file, "%s/%s", prefix, SUBGID_FILE); + sub_gid_setdbname(sgid_db_file); +#endif + +#ifdef USE_ECONF + setdef_config_file(prefix); +#else + xasprintf(&def_conf_file, "%s/%s", prefix, "/etc/login.defs"); + setdef_config_file(def_conf_file); +#endif + } + + if (prefix == NULL) + return ""; + return prefix; +} + + +extern struct group *prefix_getgrnam(const char *name) +{ + if (group_db_file) { + FILE* fg; + struct group * grp = NULL; + + fg = fopen(group_db_file, "rt"); + if (!fg) + return NULL; + while ((grp = fgetgrent(fg)) != NULL) { + if (!strcmp(name, grp->gr_name)) + break; + } + fclose(fg); + return grp; + } + + return getgrnam(name); +} + +extern struct group *prefix_getgrgid(gid_t gid) +{ + if (group_db_file) { + FILE* fg; + struct group * grp = NULL; + + fg = fopen(group_db_file, "rt"); + if (!fg) + return NULL; + while ((grp = fgetgrent(fg)) != NULL) { + if (gid == grp->gr_gid) + break; + } + fclose(fg); + return grp; + } + + return getgrgid(gid); +} + +extern struct passwd *prefix_getpwuid(uid_t uid) +{ + if (passwd_db_file) { + FILE* fg; + struct passwd *pwd = NULL; + + fg = fopen(passwd_db_file, "rt"); + if (!fg) + return NULL; + while ((pwd = fgetpwent(fg)) != NULL) { + if (uid == pwd->pw_uid) + break; + } + fclose(fg); + return pwd; + } + else { + return getpwuid(uid); + } +} +extern struct passwd *prefix_getpwnam(const char* name) +{ + if (passwd_db_file) { + FILE* fg; + struct passwd *pwd = NULL; + + fg = fopen(passwd_db_file, "rt"); + if (!fg) + return NULL; + while ((pwd = fgetpwent(fg)) != NULL) { + if (!strcmp(name, pwd->pw_name)) + break; + } + fclose(fg); + return pwd; + } + else { + return getpwnam(name); + } +} +#if HAVE_FGETPWENT_R +extern int prefix_getpwnam_r(const char* name, struct passwd* pwd, + char* buf, size_t buflen, struct passwd** result) +{ + if (passwd_db_file) { + FILE* fg; + int ret = 0; + + fg = fopen(passwd_db_file, "rt"); + if (!fg) + return errno; + while ((ret = fgetpwent_r(fg, pwd, buf, buflen, result)) == 0) { + if (!strcmp(name, pwd->pw_name)) + break; + } + fclose(fg); + return ret; + } + else { + return getpwnam_r(name, pwd, buf, buflen, result); + } +} +#endif +extern struct spwd *prefix_getspnam(const char* name) +{ + if (spw_db_file) { + FILE* fg; + struct spwd *sp = NULL; + + fg = fopen(spw_db_file, "rt"); + if (!fg) + return NULL; + while ((sp = fgetspent(fg)) != NULL) { + if (!strcmp(name, sp->sp_namp)) + break; + } + fclose(fg); + return sp; + } + else { + return getspnam(name); + } +} + +extern void prefix_setpwent(void) +{ + if (!passwd_db_file) { + setpwent(); + return; + } + if (fp_pwent) + fclose (fp_pwent); + + fp_pwent = fopen(passwd_db_file, "rt"); + if (!fp_pwent) + return; +} +extern struct passwd* prefix_getpwent(void) +{ + if (!passwd_db_file) { + return getpwent(); + } + if (!fp_pwent) { + return NULL; + } + return fgetpwent(fp_pwent); +} +extern void prefix_endpwent(void) +{ + if (!passwd_db_file) { + endpwent(); + return; + } + if (fp_pwent) + fclose(fp_pwent); + fp_pwent = NULL; +} + +extern void prefix_setgrent(void) +{ + if (!group_db_file) { + setgrent(); + return; + } + if (fp_grent) + fclose (fp_grent); + + fp_grent = fopen(group_db_file, "rt"); + if (!fp_grent) + return; +} +extern struct group* prefix_getgrent(void) +{ + if (!group_db_file) { + return getgrent(); + } + return fgetgrent(fp_grent); +} +extern void prefix_endgrent(void) +{ + if (!group_db_file) { + endgrent(); + return; + } + if (fp_grent) + fclose(fp_grent); + fp_grent = NULL; +} + +extern struct group *prefix_getgr_nam_gid(const char *grname) +{ + char *end; + long long gid; + struct group *g; + + if (NULL == grname) { + return NULL; + } + + if (!group_db_file) + return getgr_nam_gid(grname); + + errno = 0; + gid = strtoll(grname, &end, 10); + if ( ('\0' != *grname) + && ('\0' == *end) + && (0 == errno) + && (gid == (gid_t)gid)) + { + return prefix_getgrgid(gid); + } + + g = prefix_getgrnam(grname); + return g ? __gr_dup(g) : NULL; +} diff --git a/lib/prototypes.h b/lib/prototypes.h index 1172b5d..5c56e77 100644 --- a/lib/prototypes.h +++ b/lib/prototypes.h @@ -10,7 +10,7 @@ /* * prototypes.h * - * prototypes of libmisc functions, and private lib functions. + * prototypes of some lib functions, and private lib functions. * * $Id$ * @@ -21,18 +21,17 @@ #include <config.h> +#include <sys/socket.h> #include <sys/stat.h> -#ifdef USE_UTMPX -#include <utmpx.h> -#else -#include <utmp.h> -#endif #include <sys/types.h> #include <pwd.h> #include <grp.h> #include <shadow.h> +#ifdef ENABLE_LASTLOG #include <lastlog.h> +#endif /* ENABLE_LASTLOG */ +#include "attr.h" #include "defines.h" #include "commonio.h" @@ -44,6 +43,7 @@ extern int add_groups (const char *); /* age.c */ extern void agecheck (/*@null@*/const struct spwd *); extern int expire (const struct passwd *, /*@null@*/const struct spwd *); + /* isexpired.c */ extern int isexpired (const struct passwd *, /*@null@*/const struct spwd *); @@ -92,11 +92,11 @@ void cleanup_report_del_group_gshadow (void *group_name); void cleanup_report_mod_passwd (void *cleanup_info); void cleanup_report_mod_group (void *cleanup_info); void cleanup_report_mod_gshadow (void *cleanup_info); -void cleanup_unlock_group (/*@null@*/void *unused); +void cleanup_unlock_group (/*@null@*/void *MAYBE_UNUSED); #ifdef SHADOWGRP -void cleanup_unlock_gshadow (/*@null@*/void *unused); +void cleanup_unlock_gshadow (/*@null@*/void *MAYBE_UNUSED); #endif -void cleanup_unlock_passwd (/*@null@*/void *unused); +void cleanup_unlock_passwd (/*@null@*/void *MAYBE_UNUSED); /* console.c */ extern bool console (const char *); @@ -108,21 +108,18 @@ extern int copy_tree (const char *src_root, const char *dst_root, uid_t old_uid, uid_t new_uid, gid_t old_gid, gid_t new_gid); -/* date_to_str.c */ -extern void date_to_str (size_t size, char buf[size], long date); - /* encrypt.c */ extern /*@exposed@*//*@null@*/char *pw_encrypt (const char *, const char *); -/* entry.c */ -extern void pw_entry (const char *, struct passwd *); - /* env.c */ extern void addenv (const char *, /*@null@*/const char *); extern void initenv (void); extern void set_env (int, char *const *); extern void sanitize_env (void); +/* fd.c */ +extern void check_fds (void); + /* fields.c */ extern void change_field (char *, size_t, const char *); extern int valid_field (const char *, const char *); @@ -152,11 +149,10 @@ extern int get_gid (const char *gidstr, gid_t *gid); /* getgr_nam_gid.c */ extern /*@only@*//*@null@*/struct group *getgr_nam_gid (/*@null@*/const char *grname); -/* getlong.c */ -extern int getlong (const char *numstr, /*@out@*/long int *result); - /* get_pid.c */ extern int get_pid (const char *pidstr, pid_t *pid); +extern int get_pidfd_from_fd(const char *pidfdstr); +extern int open_pidfd(const char *pidstr); /* getrange */ extern int getrange (const char *range, @@ -169,11 +165,9 @@ extern time_t gettime (void); /* get_uid.c */ extern int get_uid (const char *uidstr, uid_t *uid); -/* getulong.c */ -extern int getulong (const char *numstr, /*@out@*/unsigned long int *result); - /* fputsx.c */ -extern /*@null@*/char *fgetsx (/*@returned@*/ /*@out@*/char *, int, FILE *); +ATTR_ACCESS(write_only, 1, 2) +extern /*@null@*/char *fgetsx(/*@returned@*/char *restrict, int, FILE *restrict); extern int fputsx (const char *, FILE *); /* groupio.c */ @@ -185,8 +179,7 @@ extern void __gr_set_changed (void); /* groupmem.c */ extern /*@null@*/ /*@only@*/struct group *__gr_dup (const struct group *grent); extern void gr_free_members (struct group *grent); -extern void gr_free (/*@out@*/ /*@only@*/struct group *grent); -extern bool gr_append_member (struct group *grp, char *member); +extern void gr_free(/*@only@*/struct group *grent); /* hushed.c */ extern bool hushed (const char *username); @@ -212,24 +205,26 @@ extern void setup_limits (const struct passwd *); #endif /* list.c */ -extern /*@only@*/ /*@out@*/char **add_list (/*@returned@*/ /*@only@*/char **, const char *); -extern /*@only@*/ /*@out@*/char **del_list (/*@returned@*/ /*@only@*/char **, const char *); -extern /*@only@*/ /*@out@*/char **dup_list (char *const *); +extern /*@only@*/char **add_list (/*@returned@*/ /*@only@*/char **, const char *); +extern /*@only@*/char **del_list (/*@returned@*/ /*@only@*/char **, const char *); +extern /*@only@*/char **dup_list (char *const *); extern bool is_on_list (char *const *list, const char *member); extern /*@only@*/char **comma_to_list (const char *); +#ifdef ENABLE_LASTLOG /* log.c */ extern void dolastlog ( struct lastlog *ll, const struct passwd *pw, /*@unique@*/const char *line, /*@unique@*/const char *host); +#endif /* ENABLE_LASTLOG */ /* login_nopam.c */ extern int login_access (const char *user, const char *from); /* loginprompt.c */ -extern void login_prompt (const char *, char *, int); +extern void login_prompt (char *, int); /* mail.c */ extern void mailcheck (void); @@ -304,9 +299,7 @@ extern int do_pam_passwd_non_interactive (const char *pam_service, #endif /* USE_PAM */ /* obscure.c */ -#ifndef USE_PAM extern bool obscure (const char *, const char *, const struct passwd *); -#endif /* pam_pass.c */ #ifdef USE_PAM @@ -322,6 +315,10 @@ extern struct group *prefix_getgrnam(const char *name); extern struct group *prefix_getgrgid(gid_t gid); extern struct passwd *prefix_getpwuid(uid_t uid); extern struct passwd *prefix_getpwnam(const char* name); +#if HAVE_FGETPWENT_R +extern int prefix_getpwnam_r(const char* name, struct passwd* pwd, + char* buf, size_t buflen, struct passwd** result); +#endif extern struct spwd *prefix_getspnam(const char* name); extern struct group *prefix_getgr_nam_gid(const char *grname); extern void prefix_setpwent(void); @@ -332,9 +329,7 @@ extern struct group* prefix_getgrent(void); extern void prefix_endgrent(void); /* pwd2spwd.c */ -#ifndef USE_PAM extern struct spwd *pwd_to_spwd (const struct passwd *); -#endif /* pwdcheck.c */ #ifndef USE_PAM @@ -351,14 +346,19 @@ extern /*@dependent@*/ /*@null@*/struct commonio_entry *__pw_get_head (void); /* pwmem.c */ extern /*@null@*/ /*@only@*/struct passwd *__pw_dup (const struct passwd *pwent); -extern void pw_free (/*@out@*/ /*@only@*/struct passwd *pwent); +extern void pw_free(/*@only@*/struct passwd *pwent); + +/* csrand.c */ +unsigned long csrand (void); +unsigned long csrand_uniform (unsigned long n); +unsigned long csrand_interval (unsigned long min, unsigned long max); /* remove_tree.c */ extern int remove_tree (const char *root, bool remove_root); /* rlogin.c */ -extern int do_rlogin (const char *remote_host, char *name, size_t namelen, - char *term, size_t termlen); +extern int do_rlogin(const char *remote_host, char *name, size_t namesize, + char *term, size_t termsize); /* root_flag.c */ extern void process_root_flag (const char* short_opt, int argc, char **argv); @@ -376,7 +376,7 @@ extern int check_selinux_permit (const char *perm_name); /* semanage.c */ #ifdef WITH_SELINUX -extern int set_seuser(const char *login_name, const char *seuser_name); +extern int set_seuser(const char *login_name, const char *seuser_name, const char *serange); extern int del_seuser(const char *login_name); #endif @@ -409,7 +409,7 @@ extern struct spwd *sgetspent (const char *string); /* sgroupio.c */ extern void __sgr_del_entry (const struct commonio_entry *ent); extern /*@null@*/ /*@only@*/struct sgrp *__sgr_dup (const struct sgrp *sgent); -extern void sgr_free (/*@out@*/ /*@only@*/struct sgrp *sgent); +extern void sgr_free(/*@only@*/struct sgrp *sgent); extern /*@dependent@*/ /*@null@*/struct commonio_entry *__sgr_get_head (void); extern void __sgr_set_changed (void); @@ -419,14 +419,15 @@ extern void __spw_del_entry (const struct commonio_entry *ent); /* shadowmem.c */ extern /*@null@*/ /*@only@*/struct spwd *__spw_dup (const struct spwd *spent); -extern void spw_free (/*@out@*/ /*@only@*/struct spwd *spent); +extern void spw_free(/*@only@*/struct spwd *spent); /* shell.c */ extern int shell (const char *file, /*@null@*/const char *arg, char *const envp[]); /* spawn.c */ -extern int run_command (const char *cmd, const char *argv[], - /*@null@*/const char *envp[], /*@out@*/int *status); +ATTR_ACCESS(write_only, 4) +extern int run_command(const char *cmd, const char *argv[], + /*@null@*/const char *envp[], int *restrict status); /* strtoday.c */ extern long strtoday (const char *); @@ -459,33 +460,68 @@ extern int set_filesize_limit (int blocks); /* user_busy.c */ extern int user_busy (const char *name, uid_t uid); -/* utmp.c */ -#ifndef USE_UTMPX -extern /*@null@*/struct utmp *get_current_utmp (void); -extern struct utmp *prepare_utmp (const char *name, - const char *line, - const char *host, - /*@null@*/const struct utmp *ut); -extern int setutmp (struct utmp *ut); -#else -extern /*@null@*/struct utmpx *get_current_utmp (void); -extern struct utmpx *prepare_utmpx (const char *name, - const char *line, - const char *host, - /*@null@*/const struct utmpx *ut); -extern int setutmpx (struct utmpx *utx); -#endif /* USE_UTMPX */ +/* + * Session management: utmp.c or logind.c + */ + +/** + * @brief Get host for the current session + * + * @param[out] out Host name + * + * @return 0 or a positive integer if the host was obtained properly, + * another value on error. + */ +extern int get_session_host (char **out); +#ifndef ENABLE_LOGIND +/** + * @brief Update or create an utmp entry in utmp, wtmp, utmpw, or wtmpx + * + * @param[in] user username + * @param[in] tty tty + * @param[in] host hostname + * + * @return 0 if utmp was updated properly, + * 1 on error. + */ +extern int update_utmp (const char *user, + const char *tty, + const char *host); +/** + * @brief Update the cumulative failure log + * + * @param[in] failent_user username + * @param[in] tty tty + * @param[in] host hostname + * + */ +extern void record_failure(const char *failent_user, + const char *tty, + const char *hostname); +#endif /* ENABLE_LOGIND */ + +/** + * @brief Number of active user sessions + * + * @param[in] name username + * @param[in] limit maximum number of active sessions + * + * @return number of active sessions. + * + */ +extern unsigned long active_sessions_count(const char *name, + unsigned long limit); /* valid.c */ extern bool valid (const char *, const struct passwd *); -/* xmalloc.c */ -extern /*@maynotreturn@*/ /*@only@*//*@out@*//*@notnull@*/void *xmalloc (size_t size) - /*@ensures MaxSet(result) == (size - 1); @*/; -extern /*@maynotreturn@*/ /*@only@*//*@notnull@*/char *xstrdup (const char *); +/* write_full.c */ +extern int write_full(int fd, const void *buf, size_t count); /* xgetpwnam.c */ extern /*@null@*/ /*@only@*/struct passwd *xgetpwnam (const char *); +/* xprefix_getpwnam.c */ +extern /*@null@*/ /*@only@*/struct passwd *xprefix_getpwnam (const char *); /* xgetpwuid.c */ extern /*@null@*/ /*@only@*/struct passwd *xgetpwuid (uid_t); /* xgetgrnam.c */ diff --git a/lib/pwauth.c b/lib/pwauth.c index 62de472..0cd3412 100644 --- a/lib/pwauth.c +++ b/lib/pwauth.c @@ -18,21 +18,26 @@ #include <stdio.h> #include <sys/types.h> #include <unistd.h> -#include "prototypes.h" + +#include "agetpass.h" #include "defines.h" +#include "memzero.h" +#include "prototypes.h" #include "pwauth.h" #include "getdef.h" +#include "string/sprintf.h" + #ifdef SKEY #include <skey.h> #endif + + #ifdef __linux__ /* standard password prompt by default */ static const char *PROMPT = gettext_noop ("Password: "); #else static const char *PROMPT = gettext_noop ("%s's Password: "); #endif -bool wipe_clear_pass = true; -/*@null@*/char *clear_pass = NULL; /* * pw_auth - perform getpass/crypt authentication @@ -47,16 +52,16 @@ int pw_auth (const char *cipher, int reason, /*@null@*/const char *input) { - char prompt[1024]; - char *clear = NULL; - const char *cp; - const char *encrypted; - int retval; + int retval; + char prompt[1024]; + char *clear = NULL; + const char *cp; + const char *encrypted; #ifdef SKEY - bool use_skey = false; - char challenge_info[40]; - struct skey skey; + bool use_skey = false; + char challenge_info[40]; + struct skey skey; #endif /* @@ -137,15 +142,9 @@ int pw_auth (const char *cipher, } #endif - snprintf (prompt, sizeof prompt, cp, user); - clear = getpass (prompt); - if (NULL == clear) { - static char c[1]; - - c[0] = '\0'; - clear = c; - } - input = clear; + SNPRINTF(prompt, cp, user); + clear = agetpass(prompt); + input = (clear == NULL) ? "" : clear; } /* @@ -171,14 +170,9 @@ int pw_auth (const char *cipher, * -- AR 8/22/1999 */ if ((0 != retval) && ('\0' == input[0]) && use_skey) { - clear = getpass (prompt); - if (NULL == clear) { - static char c[1]; - - c[0] = '\0'; - clear = c; - } - input = clear; + erase_pass(clear); + clear = agetpass(prompt); + input = (clear == NULL) ? "" : clear; } if ((0 != retval) && use_skey) { @@ -192,20 +186,10 @@ int pw_auth (const char *cipher, } } #endif + erase_pass(clear); - /* - * Things like RADIUS authentication may need the password - - * if the external variable wipe_clear_pass is zero, we will - * not wipe it (the caller should wipe clear_pass when it is - * no longer needed). --marekm - */ - - clear_pass = clear; - if (wipe_clear_pass && (NULL != clear) && ('\0' != *clear)) { - strzero (clear); - } return retval; } #else /* !USE_PAM */ -extern int errno; /* warning: ANSI C forbids an empty source file */ +extern int ISO_C_forbids_an_empty_translation_unit; #endif /* !USE_PAM */ diff --git a/lib/pwd2spwd.c b/lib/pwd2spwd.c new file mode 100644 index 0000000..eea9519 --- /dev/null +++ b/lib/pwd2spwd.c @@ -0,0 +1,62 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1997, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2007 - 2009, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <sys/types.h> +#include "prototypes.h" +#include "defines.h" +#include <pwd.h> + +/* + * pwd_to_spwd - create entries for new spwd structure + * + * pwd_to_spwd() creates a new (struct spwd) containing the + * information in the pointed-to (struct passwd). + */ + +struct spwd *pwd_to_spwd (const struct passwd *pw) +{ + static struct spwd sp; + + /* + * Nice, easy parts first. The name and passwd map directly + * from the old password structure to the new one. + */ + sp.sp_namp = pw->pw_name; + sp.sp_pwdp = pw->pw_passwd; + + { + /* + * Defaults used if there is no pw_age information. + */ + sp.sp_min = 0; + sp.sp_max = 10000; + sp.sp_lstchg = gettime () / DAY; + if (0 == sp.sp_lstchg) { + /* Better disable aging than requiring a password + * change */ + sp.sp_lstchg = -1; + } + } + + /* + * These fields have no corresponding information in the password + * file. They are set to uninitialized values. + */ + sp.sp_warn = -1; + sp.sp_expire = -1; + sp.sp_inact = -1; + sp.sp_flag = SHADOW_SP_FLAG_UNSET; + + return &sp; +} + diff --git a/lib/pwd_init.c b/lib/pwd_init.c new file mode 100644 index 0000000..b3f94e1 --- /dev/null +++ b/lib/pwd_init.c @@ -0,0 +1,56 @@ +/* + * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1997 , Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2008 , Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include "defines.h" +#include <signal.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <sys/resource.h> + +#include "prototypes.h" + +/* + * pwd_init - ignore signals, and set resource limits to safe + * values. Call this before modifying password files, so that + * it is less likely to fail in the middle of operation. + */ +void pwd_init (void) +{ + struct rlimit rlim; + + rlim.rlim_cur = rlim.rlim_max = 0; + setrlimit (RLIMIT_CORE, &rlim); + + rlim.rlim_cur = rlim.rlim_max = RLIM_INFINITY; + setrlimit (RLIMIT_AS, &rlim); + + setrlimit (RLIMIT_CPU, &rlim); + setrlimit (RLIMIT_DATA, &rlim); + setrlimit (RLIMIT_FSIZE, &rlim); + setrlimit (RLIMIT_NOFILE, &rlim); +#ifdef RLIMIT_RSS + setrlimit (RLIMIT_RSS, &rlim); +#endif + setrlimit (RLIMIT_STACK, &rlim); + + signal (SIGALRM, SIG_IGN); + signal (SIGHUP, SIG_IGN); + signal (SIGINT, SIG_IGN); + signal (SIGPIPE, SIG_IGN); + signal (SIGQUIT, SIG_IGN); + signal (SIGTERM, SIG_IGN); + signal (SIGTSTP, SIG_IGN); + signal (SIGTTOU, SIG_IGN); + + umask (077); +} diff --git a/lib/pwdcheck.c b/lib/pwdcheck.c new file mode 100644 index 0000000..93c9f5c --- /dev/null +++ b/lib/pwdcheck.c @@ -0,0 +1,40 @@ +/* + * SPDX-FileCopyrightText: 2000 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2007 - 2008, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#ifndef USE_PAM + +#include <stdio.h> +#include <shadow.h> + +#include "attr.h" +#include "prototypes.h" +#include "defines.h" +#include "pwauth.h" +#include "shadowlog.h" + +void passwd_check (const char *user, const char *passwd, MAYBE_UNUSED const char *progname) +{ + struct spwd *sp; + + sp = getspnam (user); /* !USE_PAM, no need for xgetspnam */ + if (NULL != sp) { + passwd = sp->sp_pwdp; + } + if (pw_auth (passwd, user, PW_LOGIN, NULL) != 0) { + SYSLOG ((LOG_WARN, "incorrect password for `%s'", user)); + (void) sleep (1); + fprintf (log_get_logfd(), _("Incorrect password for %s.\n"), user); + exit (EXIT_FAILURE); + } +} +#else /* USE_PAM */ +extern int ISO_C_forbids_an_empty_translation_unit; +#endif /* USE_PAM */ @@ -26,7 +26,8 @@ static /*@null@*/ /*@only@*/void *passwd_dup (const void *ent) return __pw_dup (pw); } -static void passwd_free (/*@out@*/ /*@only@*/void *ent) +static void +passwd_free(/*@only@*/void *ent) { struct passwd *pw = ent; @@ -42,7 +43,7 @@ static const char *passwd_getname (const void *ent) static void *passwd_parse (const char *line) { - return (void *) sgetpwent (line); + return sgetpwent (line); } static int passwd_put (const void *ent, FILE * file) @@ -137,7 +138,7 @@ int pw_open (int mode) int pw_update (const struct passwd *pw) { - return commonio_update (&passwd_db, (const void *) pw); + return commonio_update (&passwd_db, pw); } int pw_remove (const char *name) @@ -182,15 +183,23 @@ struct commonio_db *__pw_get_db (void) static int pw_cmp (const void *p1, const void *p2) { + const struct commonio_entry *const *ce1; + const struct commonio_entry *const *ce2; + const struct passwd *pw1, *pw2; uid_t u1, u2; - if ((*(struct commonio_entry **) p1)->eptr == NULL) + ce1 = p1; + pw1 = (*ce1)->eptr; + if (pw1 == NULL) return 1; - if ((*(struct commonio_entry **) p2)->eptr == NULL) + + ce2 = p2; + pw2 = (*ce2)->eptr; + if (pw2 == NULL) return -1; - u1 = ((struct passwd *) (*(struct commonio_entry **) p1)->eptr)->pw_uid; - u2 = ((struct passwd *) (*(struct commonio_entry **) p2)->eptr)->pw_uid; + u1 = pw1->pw_uid; + u2 = pw2->pw_uid; if (u1 < u2) return -1; diff --git a/lib/pwmem.c b/lib/pwmem.c index 867e3f7..9c6e58d 100644 --- a/lib/pwmem.c +++ b/lib/pwmem.c @@ -13,7 +13,10 @@ #ident "$Id$" #include <stdio.h> + +#include "alloc.h" #include "defines.h" +#include "memzero.h" #include "prototypes.h" #include "pwio.h" @@ -21,12 +24,11 @@ { struct passwd *pw; - pw = (struct passwd *) malloc (sizeof *pw); + pw = CALLOC (1, struct passwd); if (NULL == pw) { return NULL; } /* The libc might define other fields. They won't be copied. */ - memset (pw, 0, sizeof *pw); pw->pw_uid = pwent->pw_uid; pw->pw_gid = pwent->pw_gid; /*@-mustfreeonly@*/ @@ -68,7 +70,8 @@ return pw; } -void pw_free (/*@out@*/ /*@only@*/struct passwd *pwent) +void +pw_free(/*@only@*/struct passwd *pwent) { if (pwent != NULL) { free (pwent->pw_name); diff --git a/lib/readpassphrase.c b/lib/readpassphrase.c new file mode 100644 index 0000000..5ff060c --- /dev/null +++ b/lib/readpassphrase.c @@ -0,0 +1,198 @@ +/* $OpenBSD: readpassphrase.c,v 1.26 2016/10/18 12:47:18 millert Exp $ */ + +/* + * Copyright (c) 2000-2002, 2007, 2010 + * Todd C. Miller <Todd.Miller@courtesan.com> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + * + * Sponsored in part by the Defense Advanced Research Projects + * Agency (DARPA) and Air Force Research Laboratory, Air Force + * Materiel Command, USAF, under agreement number F39502-99-1-0512. + */ + +#include <ctype.h> +#include <errno.h> +#include <fcntl.h> +#include <paths.h> +#include <pwd.h> +#include <signal.h> +#include <string.h> +#include <termios.h> +#include <unistd.h> +#include <readpassphrase.h> + +#ifndef TCSASOFT +#define TCSASOFT 0 +#endif + +#ifndef _NSIG +#if defined(NSIG) +#define _NSIG NSIG +#else +/* The SIGRTMAX define might be set to a function such as sysconf(). */ +#define _NSIG (SIGRTMAX + 1) +#endif +#endif + +static volatile sig_atomic_t signo[_NSIG]; + +static void handler(int); + +char * +readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags) +{ + ssize_t nr; + int input, output, save_errno, i, need_restart; + char ch, *p, *end; + struct termios term, oterm; + struct sigaction sa, savealrm, saveint, savehup, savequit, saveterm; + struct sigaction savetstp, savettin, savettou, savepipe; + + /* I suppose we could alloc on demand in this case (XXX). */ + if (bufsiz == 0) { + errno = EINVAL; + return(NULL); + } + +restart: + for (i = 0; i < _NSIG; i++) + signo[i] = 0; + nr = -1; + save_errno = 0; + need_restart = 0; + /* + * Read and write to /dev/tty if available. If not, read from + * stdin and write to stderr unless a tty is required. + */ + if ((flags & RPP_STDIN) || + (input = output = open(_PATH_TTY, O_RDWR)) == -1) { + if (flags & RPP_REQUIRE_TTY) { + errno = ENOTTY; + return(NULL); + } + input = STDIN_FILENO; + output = STDERR_FILENO; + } + + /* + * Turn off echo if possible. + * If we are using a tty but are not the foreground pgrp this will + * generate SIGTTOU, so do it *before* installing the signal handlers. + */ + if (input != STDIN_FILENO && tcgetattr(input, &oterm) == 0) { + memcpy(&term, &oterm, sizeof(term)); + if (!(flags & RPP_ECHO_ON)) + term.c_lflag &= ~(ECHO | ECHONL); +#ifdef VSTATUS + if (term.c_cc[VSTATUS] != _POSIX_VDISABLE) + term.c_cc[VSTATUS] = _POSIX_VDISABLE; +#endif + (void)tcsetattr(input, TCSAFLUSH|TCSASOFT, &term); + } else { + memset(&term, 0, sizeof(term)); + term.c_lflag |= ECHO; + memset(&oterm, 0, sizeof(oterm)); + oterm.c_lflag |= ECHO; + } + + /* + * Catch signals that would otherwise cause the user to end + * up with echo turned off in the shell. Don't worry about + * things like SIGXCPU and SIGVTALRM for now. + */ + sigemptyset(&sa.sa_mask); + sa.sa_flags = 0; /* don't restart system calls */ + sa.sa_handler = handler; + (void)sigaction(SIGALRM, &sa, &savealrm); + (void)sigaction(SIGHUP, &sa, &savehup); + (void)sigaction(SIGINT, &sa, &saveint); + (void)sigaction(SIGPIPE, &sa, &savepipe); + (void)sigaction(SIGQUIT, &sa, &savequit); + (void)sigaction(SIGTERM, &sa, &saveterm); + (void)sigaction(SIGTSTP, &sa, &savetstp); + (void)sigaction(SIGTTIN, &sa, &savettin); + (void)sigaction(SIGTTOU, &sa, &savettou); + + if (!(flags & RPP_STDIN)) + (void)write(output, prompt, strlen(prompt)); + end = buf + bufsiz - 1; + p = buf; + while ((nr = read(input, &ch, 1)) == 1 && ch != '\n' && ch != '\r') { + if (p < end) { + if ((flags & RPP_SEVENBIT)) + ch &= 0x7f; + if (isalpha((unsigned char)ch)) { + if ((flags & RPP_FORCELOWER)) + ch = (char)tolower((unsigned char)ch); + if ((flags & RPP_FORCEUPPER)) + ch = (char)toupper((unsigned char)ch); + } + *p++ = ch; + } + } + *p = '\0'; + save_errno = errno; + if (!(term.c_lflag & ECHO)) + (void)write(output, "\n", 1); + + /* Restore old terminal settings and signals. */ + if (memcmp(&term, &oterm, sizeof(term)) != 0) { + const int sigttou = signo[SIGTTOU]; + + /* Ignore SIGTTOU generated when we are not the fg pgrp. */ + while (tcsetattr(input, TCSAFLUSH|TCSASOFT, &oterm) == -1 && + errno == EINTR && !signo[SIGTTOU]) + continue; + signo[SIGTTOU] = sigttou; + } + (void)sigaction(SIGALRM, &savealrm, NULL); + (void)sigaction(SIGHUP, &savehup, NULL); + (void)sigaction(SIGINT, &saveint, NULL); + (void)sigaction(SIGQUIT, &savequit, NULL); + (void)sigaction(SIGPIPE, &savepipe, NULL); + (void)sigaction(SIGTERM, &saveterm, NULL); + (void)sigaction(SIGTSTP, &savetstp, NULL); + (void)sigaction(SIGTTIN, &savettin, NULL); + (void)sigaction(SIGTTOU, &savettou, NULL); + if (input != STDIN_FILENO) + (void)close(input); + + /* + * If we were interrupted by a signal, resend it to ourselves + * now that we have restored the signal handlers. + */ + for (i = 0; i < _NSIG; i++) { + if (signo[i]) { + kill(getpid(), i); + switch (i) { + case SIGTSTP: + case SIGTTIN: + case SIGTTOU: + need_restart = 1; + } + } + } + if (need_restart) + goto restart; + + if (save_errno) + errno = save_errno; + return(nr == -1 ? NULL : buf); +} + +static void handler(int s) +{ + + signo[s] = 1; +} diff --git a/lib/readpassphrase.h b/lib/readpassphrase.h new file mode 100644 index 0000000..2530b7f --- /dev/null +++ b/lib/readpassphrase.h @@ -0,0 +1,47 @@ +/* $OpenBSD: readpassphrase.h,v 1.4 2003/06/03 01:52:39 millert Exp $ */ + +/* + * Copyright (c) 2000, 2002 Todd C. Miller <Todd.Miller@courtesan.com> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + * + * Sponsored in part by the Defense Advanced Research Projects + * Agency (DARPA) and Air Force Research Laboratory, Air Force + * Materiel Command, USAF, under agreement number F39502-99-1-0512. + */ + +#ifndef LIBBSD_READPASSPHRASE_H +#define LIBBSD_READPASSPHRASE_H + +#define RPP_ECHO_OFF 0x00 /* Turn off echo (default). */ +#define RPP_ECHO_ON 0x01 /* Leave echo on. */ +#define RPP_REQUIRE_TTY 0x02 /* Fail if there is no tty. */ +#define RPP_FORCELOWER 0x04 /* Force input to lower case. */ +#define RPP_FORCEUPPER 0x08 /* Force input to upper case. */ +#define RPP_SEVENBIT 0x10 /* Strip the high bit from input. */ +#define RPP_STDIN 0x20 /* Read from stdin, not /dev/tty */ + +#ifdef LIBBSD_OVERLAY +#include <sys/cdefs.h> +#endif +#include <sys/types.h> + +#ifdef __cplusplus +extern "C" { +#endif +char * readpassphrase(const char *, char *, size_t, int); +#ifdef __cplusplus +} +#endif + +#endif /* !LIBBSD_READPASSPHRASE_H */ diff --git a/lib/remove_tree.c b/lib/remove_tree.c new file mode 100644 index 0000000..3d76b95 --- /dev/null +++ b/lib/remove_tree.c @@ -0,0 +1,101 @@ +/* + * SPDX-FileCopyrightText: 1991 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 2001, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2006, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2007 - 2010, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <fcntl.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <dirent.h> +#include <unistd.h> +#include "prototypes.h" +#include "defines.h" + +static int remove_tree_at (int at_fd, const char *path, bool remove_root) +{ + DIR *dir; + const struct dirent *ent; + int dir_fd, rc = 0; + + dir_fd = openat (at_fd, path, O_RDONLY | O_DIRECTORY | O_NOFOLLOW | O_CLOEXEC); + if (dir_fd < 0) { + return -1; + } + + dir = fdopendir (dir_fd); + if (!dir) { + (void) close (dir_fd); + return -1; + } + + /* + * Open the source directory and delete each entry. + */ + while ((ent = readdir (dir))) { + struct stat ent_sb; + + /* + * Skip the "." and ".." entries + */ + if (strcmp (ent->d_name, ".") == 0 || + strcmp (ent->d_name, "..") == 0) { + continue; + } + + rc = fstatat (dirfd(dir), ent->d_name, &ent_sb, AT_SYMLINK_NOFOLLOW); + if (rc < 0) { + break; + } + + if (S_ISDIR (ent_sb.st_mode)) { + /* + * Recursively delete this directory. + */ + if (remove_tree_at (dirfd(dir), ent->d_name, true) != 0) { + rc = -1; + break; + } + } else { + /* + * Delete the file. + */ + if (unlinkat (dirfd(dir), ent->d_name, 0) != 0) { + rc = -1; + break; + } + } + } + + (void) closedir (dir); + + if (remove_root && (0 == rc)) { + if (unlinkat (at_fd, path, AT_REMOVEDIR) != 0) { + rc = -1; + } + } + + return rc; +} + +/* + * remove_tree - delete a directory tree + * + * remove_tree() walks a directory tree and deletes all the files + * and directories. + * At the end, it deletes the root directory itself. + */ +int remove_tree (const char *root, bool remove_root) +{ + return remove_tree_at (AT_FDCWD, root, remove_root); +} diff --git a/lib/rlogin.c b/lib/rlogin.c new file mode 100644 index 0000000..cbc05dd --- /dev/null +++ b/lib/rlogin.c @@ -0,0 +1,135 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1999, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2007 - 2008, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ifdef RLOGIN + +#ident "$Id$" + +#include "prototypes.h" +#include "defines.h" +#include <stdio.h> +#include <pwd.h> +#include <netdb.h> + +#include "atoi/str2i.h" + + +static struct { + int spd_name; + int spd_baud; +} speed_table[] = +{ + { B50, 50}, + { B75, 75}, + { B110, 110}, + { B134, 134}, + { B150, 150}, + { B200, 200}, + { B300, 300}, + { B600, 600}, + { B1200, 1200}, + { B1800, 1800}, + { B2400, 2400}, + { B4800, 4800}, + { B9600, 9600}, + { B19200, 19200}, + { B38400, 38400}, + { -1, -1} +}; + + +static void +get_remote_string(char *buf, size_t size) +{ + for (;;) { + if (read (0, buf, 1) != 1) { + exit (EXIT_FAILURE); + } + if ('\0' == *buf) { + return; + } + --size; + if (size > 0) { + ++buf; + } + } + /*NOTREACHED*/ +} + + +int +do_rlogin(const char *remote_host, char *name, size_t namesize, char *term, + size_t termsize) +{ + struct passwd *pwd; + char remote_name[32]; + char *cp; + unsigned long remote_speed = 9600; + int speed_name = B9600; + int i; + TERMIO termio; + + get_remote_string(remote_name, sizeof(remote_name)); + get_remote_string(name, namesize); + get_remote_string(term, termsize); + + cp = strchr (term, '/'); + if (NULL != cp) { + *cp = '\0'; + cp++; + + if (str2ul(&remote_speed, cp) == -1) + remote_speed = 9600; + } + for (i = 0; + ( (speed_table[i].spd_baud != remote_speed) + && (speed_table[i].spd_name != -1)); + i++); + + if (-1 != speed_table[i].spd_name) { + speed_name = speed_table[i].spd_name; + } + + /* + * Put the terminal in cooked mode with echo turned on. + */ + + GTTY (0, &termio); + termio.c_iflag |= ICRNL | IXON; + termio.c_oflag |= OPOST | ONLCR; + termio.c_lflag |= ICANON | ECHO | ECHOE; +#ifdef CBAUD + termio.c_cflag = (termio.c_cflag & ~CBAUD) | speed_name; +#else + termio.c_cflag = (termio.c_cflag) | speed_name; +#endif + STTY (0, &termio); + + pwd = getpwnam (name); /* local, no need for xgetpwnam */ + if (NULL == pwd) { + return 0; + } + + /* + * ruserok() returns 0 for success on modern systems, and 1 on + * older ones. If you are having trouble with people logging + * in without giving a required password, THIS is the culprit - + * go fix the #define in config.h. + */ + +#ifndef RUSEROK + return 0; +#else + return ruserok (remote_host, pwd->pw_uid == 0, + remote_name, name) == RUSEROK; +#endif +} +#endif /* RLOGIN */ diff --git a/lib/root_flag.c b/lib/root_flag.c new file mode 100644 index 0000000..5572831 --- /dev/null +++ b/lib/root_flag.c @@ -0,0 +1,108 @@ +/* + * SPDX-FileCopyrightText: 2011 , Julian Pidancet + * SPDX-FileCopyrightText: 2011 , Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <stdio.h> +#include <assert.h> +#include "defines.h" +#include "prototypes.h" +/*@-exitarg@*/ +#include "exitcodes.h" +#include "shadowlog.h" + +static void change_root (const char* newroot); + +/* + * process_root_flag - chroot if given the --root option + * + * This shall be called before accessing the passwd, group, shadow, + * gshadow, useradd's default, login.defs files (non exhaustive list) + * or authenticating the caller. + * + * The audit, syslog, or locale files shall be open before + */ +extern void process_root_flag (const char* short_opt, int argc, char **argv) +{ + /* + * Parse the command line options. + */ + int i; + const char *newroot = NULL, *val; + + for (i = 0; i < argc; i++) { + val = NULL; + if ( (strcmp (argv[i], "--root") == 0) + || ((strncmp (argv[i], "--root=", 7) == 0) + && (val = argv[i] + 7)) + || (strcmp (argv[i], short_opt) == 0)) { + if (NULL != newroot) { + fprintf (log_get_logfd(), + _("%s: multiple --root options\n"), + log_get_progname()); + exit (E_BAD_ARG); + } + + if (val) { + newroot = val; + } else if (i + 1 == argc) { + fprintf (log_get_logfd(), + _("%s: option '%s' requires an argument\n"), + log_get_progname(), argv[i]); + exit (E_BAD_ARG); + } else { + newroot = argv[++ i]; + } + } + } + + if (NULL != newroot) { + change_root (newroot); + } +} + +static void change_root (const char* newroot) +{ + /* Drop privileges */ + if ( (setregid (getgid (), getgid ()) != 0) + || (setreuid (getuid (), getuid ()) != 0)) { + fprintf (log_get_logfd(), _("%s: failed to drop privileges (%s)\n"), + log_get_progname(), strerror (errno)); + exit (EXIT_FAILURE); + } + + if ('/' != newroot[0]) { + fprintf (log_get_logfd(), + _("%s: invalid chroot path '%s', only absolute paths are supported.\n"), + log_get_progname(), newroot); + exit (E_BAD_ARG); + } + + if (access (newroot, F_OK) != 0) { + fprintf(log_get_logfd(), + _("%s: cannot access chroot directory %s: %s\n"), + log_get_progname(), newroot, strerror (errno)); + exit (E_BAD_ARG); + } + + if (chroot (newroot) != 0) { + fprintf(log_get_logfd(), + _("%s: unable to chroot to directory %s: %s\n"), + log_get_progname(), newroot, strerror (errno)); + exit (E_BAD_ARG); + } + + if (chdir ("/") != 0) { + fprintf(log_get_logfd(), + _("%s: cannot chdir in chroot directory %s: %s\n"), + log_get_progname(), newroot, strerror (errno)); + exit (E_BAD_ARG); + } +} + diff --git a/lib/run_part.c b/lib/run_part.c index bce11d3..670d815 100644 --- a/lib/run_part.c +++ b/lib/run_part.c @@ -1,3 +1,5 @@ +#include <config.h> + #include <dirent.h> #include <errno.h> #include <stdio.h> @@ -8,9 +10,12 @@ #include <sys/wait.h> #include <unistd.h> #include <lib/prototypes.h> + +#include "alloc.h" #include "run_part.h" #include "shadowlog_internal.h" + int run_part (char *script_path, const char *name, const char *action) { int pid; @@ -53,25 +58,22 @@ int run_parts (const char *directory, const char *name, const char *action) } for (n=0; n<scanlist; n++) { - int path_length; - struct stat sb; + char *s; + struct stat sb; - path_length=strlen(directory) + strlen(namelist[n]->d_name) + 2; - char *s = (char*)malloc(path_length); - if (!s) { - printf ("could not allocate memory\n"); + if (asprintf(&s, "%s/%s", directory, namelist[n]->d_name) == -1) { + fprintf(stderr, "could not allocate memory\n"); for (; n<scanlist; n++) { - free (namelist[n]); + free(namelist[n]); } - free (namelist); + free(namelist); return (1); } - snprintf (s, path_length, "%s/%s", directory, namelist[n]->d_name); execute_result = 0; if (stat (s, &sb) == -1) { perror ("stat"); - free (s); + free(s); for (; n<scanlist; n++) { free (namelist[n]); } @@ -83,7 +85,7 @@ int run_parts (const char *directory, const char *name, const char *action) execute_result = run_part (s, name, action); } - free (s); + free(s); if (execute_result!=0) { fprintf (shadow_logfd, diff --git a/lib/salt.c b/lib/salt.c new file mode 100644 index 0000000..529d59c --- /dev/null +++ b/lib/salt.c @@ -0,0 +1,452 @@ +/* + * SPDX-FileCopyrightText: Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl> + * SPDX-FileCopyrightText: J.T. Conklin <jtc@netbsd.org> + * + * SPDX-License-Identifier: Unlicense + */ + +/* + * salt.c - generate a random salt string for crypt() + * + * Written by Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>, + * it is in the public domain. + */ + +#include <config.h> + +#ident "$Id$" + +#include <assert.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <strings.h> + +#include "prototypes.h" +#include "defines.h" +#include "getdef.h" +#include "shadowlog.h" + +#if (defined CRYPT_GENSALT_IMPLEMENTS_AUTO_ENTROPY && \ + CRYPT_GENSALT_IMPLEMENTS_AUTO_ENTROPY) +#define USE_XCRYPT_GENSALT 1 +#else +#define USE_XCRYPT_GENSALT 0 +#endif + +/* Add the salt prefix. */ +#define MAGNUM(array,ch) (array)[0]=(array)[2]='$',(array)[1]=(ch),(array)[3]='\0' + +#ifdef USE_BCRYPT +/* Use $2b$ as prefix for compatibility with OpenBSD's bcrypt. */ +#define BCRYPTMAGNUM(array) (array)[0]=(array)[3]='$',(array)[1]='2',(array)[2]='b',(array)[4]='\0' +#define BCRYPT_SALT_SIZE 22 +/* Default number of rounds if not explicitly specified. */ +#define B_ROUNDS_DEFAULT 13 +/* Minimum number of rounds. */ +#define B_ROUNDS_MIN 4 +/* Maximum number of rounds. */ +#define B_ROUNDS_MAX 31 +#endif /* USE_BCRYPT */ + +#ifdef USE_SHA_CRYPT +/* Fixed salt len for sha{256,512}crypt. */ +#define SHA_CRYPT_SALT_SIZE 16 +/* Default number of rounds if not explicitly specified. */ +#define SHA_ROUNDS_DEFAULT 5000 +/* Minimum number of rounds. */ +#define SHA_ROUNDS_MIN 1000 +/* Maximum number of rounds. */ +#define SHA_ROUNDS_MAX 999999999 +#endif + +#ifdef USE_YESCRYPT +/* + * Default number of base64 characters used for the salt. + * 24 characters gives a 144 bits (18 bytes) salt. Unlike the more + * traditional 128 bits (16 bytes) salt, this 144 bits salt is always + * represented by the same number of base64 characters without padding + * issue, even with a non-standard base64 encoding scheme. + */ +#define YESCRYPT_SALT_SIZE 24 +/* Default cost if not explicitly specified. */ +#define Y_COST_DEFAULT 5 +/* Minimum cost. */ +#define Y_COST_MIN 1 +/* Maximum cost. */ +#define Y_COST_MAX 11 +#endif + +/* Fixed salt len for md5crypt. */ +#define MD5_CRYPT_SALT_SIZE 8 + +/* Generate salt of size salt_size. */ +#define MAX_SALT_SIZE 44 +#define MIN_SALT_SIZE 8 + +/* Maximum size of the generated salt string. */ +#define GENSALT_SETTING_SIZE 100 + +/* local function prototypes */ +#if !USE_XCRYPT_GENSALT +static /*@observer@*/const char *gensalt (size_t salt_size); +#endif /* !USE_XCRYPT_GENSALT */ +#ifdef USE_SHA_CRYPT +static /*@observer@*/unsigned long SHA_get_salt_rounds (/*@null@*/const int *prefered_rounds); +static /*@observer@*/void SHA_salt_rounds_to_buf (char *buf, unsigned long rounds); +#endif /* USE_SHA_CRYPT */ +#ifdef USE_BCRYPT +static /*@observer@*/unsigned long BCRYPT_get_salt_rounds (/*@null@*/const int *prefered_rounds); +static /*@observer@*/void BCRYPT_salt_rounds_to_buf (char *buf, unsigned long rounds); +#endif /* USE_BCRYPT */ +#ifdef USE_YESCRYPT +static /*@observer@*/unsigned long YESCRYPT_get_salt_cost (/*@null@*/const int *prefered_cost); +static /*@observer@*/void YESCRYPT_salt_cost_to_buf (char *buf, unsigned long cost); +#endif /* USE_YESCRYPT */ + + +#ifdef USE_SHA_CRYPT +/* Return the the rounds number for the SHA crypt methods. */ +static /*@observer@*/unsigned long SHA_get_salt_rounds (/*@null@*/const int *prefered_rounds) +{ + unsigned long rounds; + + if (NULL == prefered_rounds) { + long min_rounds = getdef_long ("SHA_CRYPT_MIN_ROUNDS", -1); + long max_rounds = getdef_long ("SHA_CRYPT_MAX_ROUNDS", -1); + + if ((-1 == min_rounds) && (-1 == max_rounds)) { + rounds = SHA_ROUNDS_DEFAULT; + } + else { + if (-1 == min_rounds) { + min_rounds = max_rounds; + } + + if (-1 == max_rounds) { + max_rounds = min_rounds; + } + + if (min_rounds > max_rounds) { + max_rounds = min_rounds; + } + + rounds = csrand_interval (min_rounds, max_rounds); + } + } else if (0 == *prefered_rounds) { + rounds = SHA_ROUNDS_DEFAULT; + } else { + rounds = (unsigned long) *prefered_rounds; + } + + /* Sanity checks. The libc should also check this, but this + * protects against a rounds_prefix overflow. */ + if (rounds < SHA_ROUNDS_MIN) { + rounds = SHA_ROUNDS_MIN; + } + + if (rounds > SHA_ROUNDS_MAX) { + rounds = SHA_ROUNDS_MAX; + } + + return rounds; +} + +/* + * Fill a salt prefix specifying the rounds number for the SHA crypt methods + * to a buffer. + */ +static /*@observer@*/void SHA_salt_rounds_to_buf (char *buf, unsigned long rounds) +{ + const size_t buf_begin = strlen (buf); + + /* Nothing to do here if SHA_ROUNDS_DEFAULT is used. */ + if (rounds == SHA_ROUNDS_DEFAULT) { + return; + } + + /* + * Check if the result buffer is long enough. + * We are going to write a maximum of 17 bytes, + * plus one byte for the terminator. + * rounds=XXXXXXXXX$ + * 00000000011111111 + * 12345678901234567 + */ + assert (GENSALT_SETTING_SIZE > buf_begin + 17); + + (void) snprintf (buf + buf_begin, 18, "rounds=%lu$", rounds); +} +#endif /* USE_SHA_CRYPT */ + +#ifdef USE_BCRYPT +/* Return the the rounds number for the BCRYPT method. */ +static /*@observer@*/unsigned long BCRYPT_get_salt_rounds (/*@null@*/const int *prefered_rounds) +{ + unsigned long rounds; + + if (NULL == prefered_rounds) { + long min_rounds = getdef_long ("BCRYPT_MIN_ROUNDS", -1); + long max_rounds = getdef_long ("BCRYPT_MAX_ROUNDS", -1); + + if ((-1 == min_rounds) && (-1 == max_rounds)) { + rounds = B_ROUNDS_DEFAULT; + } else { + if (-1 == min_rounds) { + min_rounds = max_rounds; + } + + if (-1 == max_rounds) { + max_rounds = min_rounds; + } + + if (min_rounds > max_rounds) { + max_rounds = min_rounds; + } + + rounds = csrand_interval (min_rounds, max_rounds); + } + } else if (0 == *prefered_rounds) { + rounds = B_ROUNDS_DEFAULT; + } else { + rounds = (unsigned long) *prefered_rounds; + } + + /* Sanity checks. */ + if (rounds < B_ROUNDS_MIN) { + rounds = B_ROUNDS_MIN; + } + +#if USE_XCRYPT_GENSALT + if (rounds > B_ROUNDS_MAX) { + rounds = B_ROUNDS_MAX; + } +#else /* USE_XCRYPT_GENSALT */ + /* + * Use 19 as an upper bound for now, + * because musl doesn't allow rounds >= 20. + * If musl ever supports > 20 rounds, + * rounds should be set to B_ROUNDS_MAX. + */ + if (rounds > 19) { + rounds = 19; + } +#endif /* USE_XCRYPT_GENSALT */ + + return rounds; +} + +/* + * Fill a salt prefix specifying the rounds number for the BCRYPT method + * to a buffer. + */ +static /*@observer@*/void BCRYPT_salt_rounds_to_buf (char *buf, unsigned long rounds) +{ + const size_t buf_begin = strlen (buf); + + /* + * Check if the result buffer is long enough. + * We are going to write three bytes, + * plus one byte for the terminator. + * XX$ + * 000 + * 123 + */ + assert (GENSALT_SETTING_SIZE > buf_begin + 3); + + (void) snprintf (buf + buf_begin, 4, "%2.2lu$", rounds); +} +#endif /* USE_BCRYPT */ + +#ifdef USE_YESCRYPT +/* Return the the cost number for the YESCRYPT method. */ +static /*@observer@*/unsigned long YESCRYPT_get_salt_cost (/*@null@*/const int *prefered_cost) +{ + unsigned long cost; + + if (NULL == prefered_cost) { + cost = getdef_num ("YESCRYPT_COST_FACTOR", Y_COST_DEFAULT); + } else if (0 == *prefered_cost) { + cost = Y_COST_DEFAULT; + } else { + cost = (unsigned long) *prefered_cost; + } + + /* Sanity checks. */ + if (cost < Y_COST_MIN) { + cost = Y_COST_MIN; + } + + if (cost > Y_COST_MAX) { + cost = Y_COST_MAX; + } + + return cost; +} + +/* + * Fill a salt prefix specifying the cost for the YESCRYPT method + * to a buffer. + */ +static /*@observer@*/void YESCRYPT_salt_cost_to_buf (char *buf, unsigned long cost) +{ + const size_t buf_begin = strlen (buf); + + /* + * Check if the result buffer is long enough. + * We are going to write four bytes, + * plus one byte for the terminator. + * jXX$ + * 0000 + * 1234 + */ + assert (GENSALT_SETTING_SIZE > buf_begin + 4); + + buf[buf_begin + 0] = 'j'; + if (cost < 3) { + buf[buf_begin + 1] = 0x36 + cost; + } else if (cost < 6) { + buf[buf_begin + 1] = 0x34 + cost; + } else { + buf[buf_begin + 1] = 0x3b + cost; + } + buf[buf_begin + 2] = cost >= 3 ? 'T' : '5'; + buf[buf_begin + 3] = '$'; + buf[buf_begin + 4] = '\0'; +} +#endif /* USE_YESCRYPT */ + +#if !USE_XCRYPT_GENSALT +static /*@observer@*/const char *gensalt (size_t salt_size) +{ + static char salt[MAX_SALT_SIZE + 6]; + + bzero(salt, MAX_SALT_SIZE + 6); + + assert (salt_size >= MIN_SALT_SIZE && + salt_size <= MAX_SALT_SIZE); + strcat (salt, l64a (csrand ())); + do { + strcat (salt, l64a (csrand ())); + } while (strlen (salt) < salt_size); + + salt[salt_size] = '\0'; + + return salt; +} +#endif /* !USE_XCRYPT_GENSALT */ + +/* + * Generate 8 base64 ASCII characters of random salt. If MD5_CRYPT_ENAB + * in /etc/login.defs is "yes", the salt string will be prefixed by "$1$" + * (magic) and pw_encrypt() will execute the MD5-based FreeBSD-compatible + * version of crypt() instead of the standard one. + * Other methods can be set with ENCRYPT_METHOD + * + * The method can be forced with the meth parameter. + * If NULL, the method will be defined according to the ENCRYPT_METHOD + * variable, and if not set according to the MD5_CRYPT_ENAB variable, + * which can both be set inside the login.defs file. + * + * If meth is specified, an additional parameter can be provided. + * * For the SHA256 and SHA512 method, this specifies the number of rounds + * (if not NULL). + * * For the YESCRYPT method, this specifies the cost factor (if not NULL). + */ +/*@observer@*/const char *crypt_make_salt (/*@null@*//*@observer@*/const char *meth, /*@null@*/void *arg) +{ + static char result[GENSALT_SETTING_SIZE]; + size_t salt_len = MAX_SALT_SIZE; + const char *method; + unsigned long rounds = 0; + + bzero(result, GENSALT_SETTING_SIZE); + + if (NULL != meth) + method = meth; + else { + method = getdef_str ("ENCRYPT_METHOD"); + if (NULL == method) { + method = getdef_bool ("MD5_CRYPT_ENAB") ? "MD5" : "DES"; + } + } + + if (0 == strcmp (method, "MD5")) { + MAGNUM(result, '1'); + salt_len = MD5_CRYPT_SALT_SIZE; + rounds = 0; +#ifdef USE_BCRYPT + } else if (0 == strcmp (method, "BCRYPT")) { + BCRYPTMAGNUM(result); + salt_len = BCRYPT_SALT_SIZE; + rounds = BCRYPT_get_salt_rounds (arg); + BCRYPT_salt_rounds_to_buf (result, rounds); +#endif /* USE_BCRYPT */ +#ifdef USE_YESCRYPT + } else if (0 == strcmp (method, "YESCRYPT")) { + MAGNUM(result, 'y'); + salt_len = YESCRYPT_SALT_SIZE; + rounds = YESCRYPT_get_salt_cost (arg); + YESCRYPT_salt_cost_to_buf (result, rounds); +#endif /* USE_YESCRYPT */ +#ifdef USE_SHA_CRYPT + } else if (0 == strcmp (method, "SHA256")) { + MAGNUM(result, '5'); + salt_len = SHA_CRYPT_SALT_SIZE; + rounds = SHA_get_salt_rounds (arg); + SHA_salt_rounds_to_buf (result, rounds); + } else if (0 == strcmp (method, "SHA512")) { + MAGNUM(result, '6'); + salt_len = SHA_CRYPT_SALT_SIZE; + rounds = SHA_get_salt_rounds (arg); + SHA_salt_rounds_to_buf (result, rounds); +#endif /* USE_SHA_CRYPT */ + } else if (0 != strcmp (method, "DES")) { + fprintf (log_get_logfd(), + _("Invalid ENCRYPT_METHOD value: '%s'.\n" + "Defaulting to DES.\n"), + method); + salt_len = MAX_SALT_SIZE; + rounds = 0; + bzero(result, GENSALT_SETTING_SIZE); + } + +#if USE_XCRYPT_GENSALT + /* + * Prepare DES setting for crypt_gensalt(), if result + * has not been filled with anything previously. + */ + if ('\0' == result[0]) { + /* Avoid -Wunused-but-set-variable. */ + salt_len = GENSALT_SETTING_SIZE - 1; + rounds = 0; + memset(result, '.', salt_len); + result[salt_len] = '\0'; + } + + char *retval = crypt_gensalt (result, rounds, NULL, 0); + + /* Should not happen, but... */ + if (NULL == retval) { + fprintf (log_get_logfd(), + _("Unable to generate a salt from setting " + "\"%s\", check your settings in " + "ENCRYPT_METHOD and the corresponding " + "configuration for your selected hash " + "method.\n"), result); + + exit (1); + } + + return retval; +#else /* USE_XCRYPT_GENSALT */ + /* Check if the result buffer is long enough. */ + assert (GENSALT_SETTING_SIZE > strlen (result) + salt_len); + + /* Concatenate a pseudo random salt. */ + strncat (result, gensalt (salt_len), + GENSALT_SETTING_SIZE - strlen (result) - 1); + + return result; +#endif /* USE_XCRYPT_GENSALT */ +} diff --git a/lib/selinux.c b/lib/selinux.c index ad639bd..6eb2894 100644 --- a/lib/selinux.c +++ b/lib/selinux.c @@ -188,7 +188,7 @@ int check_selinux_permit (const char *perm_name) return 0; } - selinux_set_callback (SELINUX_CB_LOG, (union selinux_callback) selinux_log_cb); + selinux_set_callback (SELINUX_CB_LOG, (union selinux_callback) { .func_log = selinux_log_cb }); if (getprevcon_raw (&user_context_raw) != 0) { fprintf (shadow_logfd, @@ -206,5 +206,5 @@ int check_selinux_permit (const char *perm_name) } #else /* !WITH_SELINUX */ -extern int errno; /* warning: ANSI C forbids an empty source file */ +extern int ISO_C_forbids_an_empty_translation_unit; #endif /* !WITH_SELINUX */ diff --git a/lib/semanage.c b/lib/semanage.c index 082a6e8..277e20e 100644 --- a/lib/semanage.c +++ b/lib/semanage.c @@ -16,19 +16,19 @@ #endif #include <stdio.h> #include <stdarg.h> + #include <selinux/selinux.h> + #include <semanage/semanage.h> + +#include "attr.h" #include "prototypes.h" #include "shadowlog_internal.h" -#ifndef DEFAULT_SERANGE -#define DEFAULT_SERANGE "s0" -#endif - format_attr(printf, 3, 4) -static void semanage_error_callback (unused void *varg, +static void semanage_error_callback (MAYBE_UNUSED void *varg, semanage_handle_t *handle, const char *fmt, ...) { @@ -101,6 +101,8 @@ static semanage_handle_t *semanage_init (void) return handle; fail: + if (handle) + semanage_disconnect (handle); semanage_handle_destroy (handle); return NULL; } @@ -109,7 +111,8 @@ fail: static int semanage_user_mod (semanage_handle_t *handle, semanage_seuser_key_t *key, const char *login_name, - const char *seuser_name) + const char *seuser_name, + const char *serange) { int ret; semanage_seuser_t *seuser = NULL; @@ -122,11 +125,12 @@ static int semanage_user_mod (semanage_handle_t *handle, goto done; } - if (semanage_mls_enabled(handle)) { - ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE); + if (serange && semanage_mls_enabled(handle)) { + ret = semanage_seuser_set_mlsrange (handle, seuser, serange); if (ret != 0) { fprintf (shadow_logfd, - _("Could not set serange for %s\n"), login_name); + _("Could not set serange for %s to %s\n"), + login_name, serange); ret = 1; goto done; } @@ -158,9 +162,10 @@ done: static int semanage_user_add (semanage_handle_t *handle, - semanage_seuser_key_t *key, + const semanage_seuser_key_t *key, const char *login_name, - const char *seuser_name) + const char *seuser_name, + const char *serange) { int ret; semanage_seuser_t *seuser = NULL; @@ -181,11 +186,12 @@ static int semanage_user_add (semanage_handle_t *handle, goto done; } - if (semanage_mls_enabled(handle)) { - ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE); + if (serange && semanage_mls_enabled(handle)) { + ret = semanage_seuser_set_mlsrange (handle, seuser, serange); if (ret != 0) { fprintf (shadow_logfd, - _("Could not set serange for %s\n"), login_name); + _("Could not set serange for %s to %s\n"), + login_name, serange); ret = 1; goto done; } @@ -216,7 +222,7 @@ done: } -int set_seuser (const char *login_name, const char *seuser_name) +int set_seuser (const char *login_name, const char *seuser_name, const char *serange) { semanage_handle_t *handle = NULL; semanage_seuser_key_t *key = NULL; @@ -250,7 +256,7 @@ int set_seuser (const char *login_name, const char *seuser_name) } if (0 != seuser_exists) { - ret = semanage_user_mod (handle, key, login_name, seuser_name); + ret = semanage_user_mod (handle, key, login_name, seuser_name, serange); if (ret != 0) { fprintf (shadow_logfd, _("Cannot modify SELinux user mapping\n")); @@ -258,7 +264,7 @@ int set_seuser (const char *login_name, const char *seuser_name) goto done; } } else { - ret = semanage_user_add (handle, key, login_name, seuser_name); + ret = semanage_user_add (handle, key, login_name, seuser_name, serange); if (ret != 0) { fprintf (shadow_logfd, _("Cannot add SELinux user mapping\n")); @@ -279,6 +285,8 @@ int set_seuser (const char *login_name, const char *seuser_name) done: semanage_seuser_key_free (key); + if (handle) + semanage_disconnect (handle); semanage_handle_destroy (handle); return ret; } @@ -353,9 +361,12 @@ int del_seuser (const char *login_name) ret = 0; done: + semanage_seuser_key_free (key); + if (handle) + semanage_disconnect (handle); semanage_handle_destroy (handle); return ret; } #else /* !WITH_SELINUX */ -extern int errno; /* warning: ANSI C forbids an empty source file */ +extern int ISO_C_forbids_an_empty_translation_unit; #endif /* !WITH_SELINUX */ diff --git a/lib/setugid.c b/lib/setugid.c new file mode 100644 index 0000000..6dbe38e --- /dev/null +++ b/lib/setugid.c @@ -0,0 +1,125 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2008 - 2010, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/* + * Separated from setup.c. --marekm + */ + +#include <config.h> + +#ident "$Id$" + +#include <stdio.h> +#include <grp.h> +#include <errno.h> +#include "prototypes.h" +#include "defines.h" +#include <pwd.h> +#include "getdef.h" + +/* + * setup_groups - set the group credentials + * set the group ID to the value from the password file entry + * set the supplementary group IDs + * + * In case of PAM enabled configurations, this shall be called before + * pam_setcred. + * + * Returns 0 on success, or -1 on failure. + */ +int setup_groups (const struct passwd *info) +{ + /* + * Set the real group ID to the primary group ID in the password + * file. + */ + if (setgid (info->pw_gid) == -1) { + int err = errno; + perror ("setgid"); + SYSLOG ((LOG_ERR, "bad group ID `%d' for user `%s': %s\n", + info->pw_gid, info->pw_name, strerror (err))); + closelog (); + return -1; + } +#ifdef HAVE_INITGROUPS + /* + * For systems which support multiple concurrent groups, go get + * the group set from the /etc/group file. + */ + if (initgroups (info->pw_name, info->pw_gid) == -1) { + int err = errno; + perror ("initgroups"); + SYSLOG ((LOG_ERR, "initgroups failed for user `%s': %s\n", + info->pw_name, strerror (err))); + closelog (); + return -1; + } +#endif + return 0; +} + +/* + * change_uid - Set the real UID + * + * Returns 0 on success, or -1 on failure. + */ +int change_uid (const struct passwd *info) +{ + /* + * Set the real UID to the UID value in the password file. + */ + if (setuid (info->pw_uid) != 0) { + int err = errno; + perror ("setuid"); + SYSLOG ((LOG_ERR, "bad user ID `%d' for user `%s': %s\n", + (int) info->pw_uid, info->pw_name, strerror (err))); + closelog (); + return -1; + } + return 0; +} + +/* + * setup_uid_gid() performs the following steps - + * + * set the group ID to the value from the password file entry + * set the supplementary group IDs + * optionally call specified function which may add more groups + * set the user ID to the value from the password file entry + * + * Returns 0 on success, or -1 on failure. + */ + +#if defined (HAVE_INITGROUPS) && ! (defined USE_PAM) +int setup_uid_gid (const struct passwd *info, bool is_console) +#else +int setup_uid_gid (const struct passwd *info) +#endif +{ + if (setup_groups (info) < 0) { + return -1; + } + +#if defined (HAVE_INITGROUPS) && ! defined (USE_PAM) + if (is_console) { + const char *cp = getdef_str ("CONSOLE_GROUPS"); + + if ((NULL != cp) && (add_groups (cp) != 0)) { + perror ("Warning: add_groups"); + } + } +#endif /* HAVE_INITGROUPS && !USE_PAM*/ + + if (change_uid (info) < 0) { + return -1; + } + + return 0; +} + diff --git a/lib/setupenv.c b/lib/setupenv.c new file mode 100644 index 0000000..c9b7f26 --- /dev/null +++ b/lib/setupenv.c @@ -0,0 +1,285 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2001 - 2006, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2007 - 2010, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/* + * Separated from setup.c. --marekm + */ + +#include <config.h> + +#ident "$Id$" + +#include <assert.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <stdio.h> +#include <ctype.h> + +#include "alloc.h" +#include "prototypes.h" +#include "defines.h" +#include <pwd.h> +#include "getdef.h" +#include "shadowlog.h" +#include "string/sprintf.h" + + +#ifndef USE_PAM +static void +addenv_path(const char *varname, const char *dirname, const char *filename) +{ + char *buf; + + xasprintf(&buf, "%s/%s", dirname, filename); + addenv(varname, buf); + free(buf); +} + +static void read_env_file (const char *filename) +{ + FILE *fp; + char buf[1024]; + char *cp, *name, *val; + + fp = fopen (filename, "r"); + if (NULL == fp) { + return; + } + while (fgets (buf, (int)(sizeof buf), fp) == buf) { + cp = strrchr (buf, '\n'); + if (NULL == cp) { + break; + } + *cp = '\0'; + + cp = buf; + /* ignore whitespace and comments */ + while (isspace (*cp)) { + cp++; + } + if (('\0' == *cp) || ('#' == *cp)) { + continue; + } + /* + * ignore lines which don't follow the name=value format + * (for example, the "export NAME" shell commands) + */ + name = cp; + while (('\0' != *cp) && !isspace (*cp) && ('=' != *cp)) { + cp++; + } + if ('=' != *cp) { + continue; + } + /* NUL-terminate the name */ + *cp = '\0'; + cp++; + val = cp; +#if 0 /* XXX untested, and needs rewrite with fewer goto's :-) */ +/* + (state, char_type) -> (state, action) + + state: unquoted, single_quoted, double_quoted, escaped, double_quoted_escaped + char_type: normal, white, backslash, single, double + action: remove_curr, remove_curr_skip_next, remove_prev, finish XXX +*/ + no_quote: + if (*cp == '\\') { + /* remove the backslash */ + remove_char (cp); + /* skip over the next character */ + if (*cp) + cp++; + goto no_quote; + } else if (*cp == '\'') { + /* remove the quote */ + remove_char (cp); + /* now within single quotes */ + goto s_quote; + } else if (*cp == '"') { + /* remove the quote */ + remove_char (cp); + /* now within double quotes */ + goto d_quote; + } else if (*cp == '\0') { + /* end of string */ + goto finished; + } else if (isspace (*cp)) { + /* unescaped whitespace - end of string */ + *cp = '\0'; + goto finished; + } else { + cp++; + goto no_quote; + } + s_quote: + if (*cp == '\'') { + /* remove the quote */ + remove_char (cp); + /* unquoted again */ + goto no_quote; + } else if (*cp == '\0') { + /* end of string */ + goto finished; + } else { + /* preserve everything within single quotes */ + cp++; + goto s_quote; + } + d_quote: + if (*cp == '\"') { + /* remove the quote */ + remove_char (cp); + /* unquoted again */ + goto no_quote; + } else if (*cp == '\\') { + cp++; + /* if backslash followed by double quote, remove backslash + else skip over the backslash and following char */ + if (*cp == '"') + remove_char (cp - 1); + else if (*cp) + cp++; + goto d_quote; + } + else if (*cp == '\0') { + /* end of string */ + goto finished; + } else { + /* preserve everything within double quotes */ + goto d_quote; + } + finished: +#endif /* 0 */ + /* + * XXX - should handle quotes, backslash escapes, etc. + * like the shell does. + */ + addenv (name, val); + } + (void) fclose (fp); +} +#endif /* USE_PAM */ + + +/* + * change to the user's home directory + * set the HOME, SHELL, MAIL, PATH, and LOGNAME or USER environmental + * variables. + */ + +void setup_env (struct passwd *info) +{ +#ifndef USE_PAM + const char *envf; +#endif + const char *cp; + + /* + * Change the current working directory to be the home directory + * of the user. It is a fatal error for this process to be unable + * to change to that directory. There is no "default" home + * directory. + * + * We no longer do it as root - should work better on NFS-mounted + * home directories. Some systems default to HOME=/, so we make + * this a configurable option. --marekm + */ + + if (chdir (info->pw_dir) == -1) { + if (!getdef_bool ("DEFAULT_HOME") || chdir ("/") == -1) { + fprintf (log_get_logfd(), _("Unable to cd to '%s'\n"), + info->pw_dir); + SYSLOG ((LOG_WARN, + "unable to cd to `%s' for user `%s'\n", + info->pw_dir, info->pw_name)); + closelog (); + exit (EXIT_FAILURE); + } + (void) puts (_("No directory, logging in with HOME=/")); + free (info->pw_dir); + info->pw_dir = xstrdup ("/"); + } + + /* + * Create the HOME environmental variable and export it. + */ + + addenv ("HOME", info->pw_dir); + + /* + * Create the SHELL environmental variable and export it. + */ + + if ((NULL == info->pw_shell) || ('\0' == *info->pw_shell)) { + free (info->pw_shell); + info->pw_shell = xstrdup (SHELL); + } + + addenv ("SHELL", info->pw_shell); + + /* + * Export the user name. For BSD derived systems, it's "USER", for + * all others it's "LOGNAME". We set both of them. + */ + + addenv ("USER", info->pw_name); + addenv ("LOGNAME", info->pw_name); + + /* + * Create the PATH environmental variable and export it. + */ + + cp = getdef_str ((info->pw_uid == 0) ? "ENV_SUPATH" : "ENV_PATH"); + + if (NULL == cp) { + /* not specified, use a minimal default */ + addenv ((info->pw_uid == 0) ? "PATH=/sbin:/bin:/usr/sbin:/usr/bin" : "PATH=/bin:/usr/bin", NULL); + } else if (strchr (cp, '=')) { + /* specified as name=value (PATH=...) */ + addenv (cp, NULL); + } else { + /* only value specified without "PATH=" */ + addenv ("PATH", cp); + } + +#ifndef USE_PAM + /* + * Create the MAIL environmental variable and export it. login.defs + * knows the prefix. + */ + + if (getdef_bool ("MAIL_CHECK_ENAB")) { + cp = getdef_str ("MAIL_DIR"); + if (NULL != cp) { + addenv_path ("MAIL", cp, info->pw_name); + } else { + cp = getdef_str ("MAIL_FILE"); + if (NULL != cp) { + addenv_path ("MAIL", info->pw_dir, cp); + } else { +#if defined(MAIL_SPOOL_FILE) + addenv_path ("MAIL", info->pw_dir, MAIL_SPOOL_FILE); +#elif defined(MAIL_SPOOL_DIR) + addenv_path ("MAIL", MAIL_SPOOL_DIR, info->pw_name); +#endif + } + } + } + + /* + * Read environment from optional config file. --marekm + */ + envf = getdef_str ("ENVIRON_FILE"); + if (NULL != envf) { + read_env_file (envf); + } +#endif /* !USE_PAM */ +} + diff --git a/lib/sgetgrent.c b/lib/sgetgrent.c index ad4fcc8..6cde15c 100644 --- a/lib/sgetgrent.c +++ b/lib/sgetgrent.c @@ -14,6 +14,9 @@ #include <stdio.h> #include <sys/types.h> #include <grp.h> +#include <string.h> + +#include "alloc.h" #include "defines.h" #include "prototypes.h" @@ -25,19 +28,15 @@ * list() converts the comma-separated list of member names into * an array of character pointers. * - * WARNING: I profiled this once with and without strchr() calls - * and found that using a register variable and an explicit loop - * works best. For large /etc/group files, this is a major win. - * * FINALLY added dynamic allocation. Still need to fix sgetsgent(). * --marekm */ -static char **list (char *s) +static char ** +list(char *s) { - static char **members = 0; - static int size = 0; /* max members + 1 */ - int i; - char **rbuf; + static char **members = NULL; + static size_t size = 0; /* max members + 1 */ + size_t i; i = 0; for (;;) { @@ -45,40 +44,24 @@ static char **list (char *s) member name, or terminating NULL). */ if (i >= size) { size = i + 100; /* at least: i + 1 */ - if (members) { - rbuf = - realloc (members, size * sizeof (char *)); - } else { - /* for old (before ANSI C) implementations of - realloc() that don't handle NULL properly */ - rbuf = malloc (size * sizeof (char *)); - } - if (!rbuf) { - free (members); - members = 0; + members = REALLOCF(members, size, char *); + if (!members) { size = 0; - return (char **) 0; + return NULL; } - members = rbuf; } if (!s || s[0] == '\0') break; - members[i++] = s; - while (('\0' != *s) && (',' != *s)) { - s++; - } - if ('\0' != *s) { - *s++ = '\0'; - } + members[i++] = strsep(&s, ","); } - members[i] = (char *) 0; + members[i] = NULL; return members; } struct group *sgetgrent (const char *buf) { - static char *grpbuf = 0; + static char *grpbuf = NULL; static size_t size = 0; static char *grpfields[NFIELDS]; static struct group grent; @@ -90,10 +73,10 @@ struct group *sgetgrent (const char *buf) allocate a larger block */ free (grpbuf); size = strlen (buf) + 1000; /* at least: strlen(buf) + 1 */ - grpbuf = malloc (size); - if (!grpbuf) { + grpbuf = MALLOC(size, char); + if (grpbuf == NULL) { size = 0; - return 0; + return NULL; } } strcpy (grpbuf, buf); @@ -103,25 +86,20 @@ struct group *sgetgrent (const char *buf) *cp = '\0'; } - for (cp = grpbuf, i = 0; (i < NFIELDS) && (NULL != cp); i++) { - grpfields[i] = cp; - cp = strchr (cp, ':'); - if (NULL != cp) { - *cp = '\0'; - cp++; - } - } + for (cp = grpbuf, i = 0; (i < NFIELDS) && (NULL != cp); i++) + grpfields[i] = strsep(&cp, ":"); + if (i < (NFIELDS - 1) || *grpfields[2] == '\0' || cp != NULL) { - return (struct group *) 0; + return NULL; } grent.gr_name = grpfields[0]; grent.gr_passwd = grpfields[1]; - if (get_gid (grpfields[2], &grent.gr_gid) == 0) { - return (struct group *) 0; + if (get_gid(grpfields[2], &grent.gr_gid) == -1) { + return NULL; } grent.gr_mem = list (grpfields[3]); if (NULL == grent.gr_mem) { - return (struct group *) 0; /* out of memory */ + return NULL; /* out of memory */ } return &grent; diff --git a/lib/sgetpwent.c b/lib/sgetpwent.c index 1c8c63e..75c9177 100644 --- a/lib/sgetpwent.c +++ b/lib/sgetpwent.c @@ -12,9 +12,11 @@ #ident "$Id$" #include <sys/types.h> -#include "defines.h" #include <stdio.h> #include <pwd.h> +#include <string.h> + +#include "defines.h" #include "prototypes.h" #include "shadowlog_internal.h" @@ -32,7 +34,8 @@ * performance reasons. I am going to come up with some conditional * compilation glarp to improve on this in the future. */ -struct passwd *sgetpwent (const char *buf) +struct passwd * +sgetpwent(const char *buf) { static struct passwd pwent; static char pwdbuf[PASSWD_ENTRY_MAX_LENGTH]; @@ -58,19 +61,8 @@ struct passwd *sgetpwent (const char *buf) * field. The fields are converted into NUL terminated strings. */ - for (cp = pwdbuf, i = 0; (i < NFIELDS) && (NULL != cp); i++) { - fields[i] = cp; - while (('\0' != *cp) && (':' != *cp)) { - cp++; - } - - if ('\0' != *cp) { - *cp = '\0'; - cp++; - } else { - cp = NULL; - } - } + for (cp = pwdbuf, i = 0; (i < NFIELDS) && (NULL != cp); i++) + fields[i] = strsep(&cp, ":"); /* something at the end, columns over shot */ if ( cp != NULL ) { @@ -94,10 +86,10 @@ struct passwd *sgetpwent (const char *buf) pwent.pw_name = fields[0]; pwent.pw_passwd = fields[1]; - if (get_uid (fields[2], &pwent.pw_uid) == 0) { + if (get_uid(fields[2], &pwent.pw_uid) == -1) { return NULL; } - if (get_gid (fields[3], &pwent.pw_gid) == 0) { + if (get_gid(fields[3], &pwent.pw_gid) == -1) { return NULL; } pwent.pw_gecos = fields[4]; diff --git a/lib/sgetspent.c b/lib/sgetspent.c index f1d4b20..bd2ef8b 100644 --- a/lib/sgetspent.c +++ b/lib/sgetspent.c @@ -14,17 +14,26 @@ #ident "$Id$" +#include <stddef.h> +#include <stdio.h> #include <sys/types.h> +#include <string.h> + +#include "atoi/str2i.h" #include "prototypes.h" #include "shadowlog_internal.h" #include "defines.h" -#include <stdio.h> + + #define FIELDS 9 #define OFIELDS 5 + + /* * sgetspent - convert string in shadow file format to (struct spwd *) */ -struct spwd *sgetspent (const char *string) +struct spwd * +sgetspent(const char *string) { static char spwbuf[PASSWD_ENTRY_MAX_LENGTH]; static struct spwd spwd; @@ -41,7 +50,7 @@ struct spwd *sgetspent (const char *string) fprintf (shadow_logfd, "%s: Too long passwd entry encountered, file corruption?\n", shadow_progname); - return 0; /* fail if too long */ + return NULL; /* fail if too long */ } strcpy (spwbuf, string); @@ -57,9 +66,7 @@ struct spwd *sgetspent (const char *string) for (cp = spwbuf, i = 0; ('\0' != *cp) && (i < FIELDS); i++) { fields[i] = cp; - while (('\0' != *cp) && (':' != *cp)) { - cp++; - } + cp = strchrnul(cp, ':'); if ('\0' != *cp) { *cp = '\0'; @@ -67,13 +74,12 @@ struct spwd *sgetspent (const char *string) } } - if (i == (FIELDS - 1)) { - fields[i++] = cp; - } + if (i == (FIELDS - 1)) + fields[i++] = ""; if ( ((NULL != cp) && ('\0' != *cp)) || ((i != FIELDS) && (i != OFIELDS)) ) { - return 0; + return NULL; } /* @@ -92,9 +98,9 @@ struct spwd *sgetspent (const char *string) if (fields[2][0] == '\0') { spwd.sp_lstchg = -1; - } else if ( (getlong (fields[2], &spwd.sp_lstchg) == 0) + } else if ( (str2sl(&spwd.sp_lstchg, fields[2]) == -1) || (spwd.sp_lstchg < 0)) { - return 0; + return NULL; } /* @@ -103,9 +109,9 @@ struct spwd *sgetspent (const char *string) if (fields[3][0] == '\0') { spwd.sp_min = -1; - } else if ( (getlong (fields[3], &spwd.sp_min) == 0) + } else if ( (str2sl(&spwd.sp_min, fields[3]) == -1) || (spwd.sp_min < 0)) { - return 0; + return NULL; } /* @@ -114,9 +120,9 @@ struct spwd *sgetspent (const char *string) if (fields[4][0] == '\0') { spwd.sp_max = -1; - } else if ( (getlong (fields[4], &spwd.sp_max) == 0) + } else if ( (str2sl(&spwd.sp_max, fields[4]) == -1) || (spwd.sp_max < 0)) { - return 0; + return NULL; } /* @@ -139,9 +145,9 @@ struct spwd *sgetspent (const char *string) if (fields[5][0] == '\0') { spwd.sp_warn = -1; - } else if ( (getlong (fields[5], &spwd.sp_warn) == 0) + } else if ( (str2sl(&spwd.sp_warn, fields[5]) == -1) || (spwd.sp_warn < 0)) { - return 0; + return NULL; } /* @@ -151,9 +157,9 @@ struct spwd *sgetspent (const char *string) if (fields[6][0] == '\0') { spwd.sp_inact = -1; - } else if ( (getlong (fields[6], &spwd.sp_inact) == 0) + } else if ( (str2sl(&spwd.sp_inact, fields[6]) == -1) || (spwd.sp_inact < 0)) { - return 0; + return NULL; } /* @@ -163,9 +169,9 @@ struct spwd *sgetspent (const char *string) if (fields[7][0] == '\0') { spwd.sp_expire = -1; - } else if ( (getlong (fields[7], &spwd.sp_expire) == 0) + } else if ( (str2sl(&spwd.sp_expire, fields[7]) == -1) || (spwd.sp_expire < 0)) { - return 0; + return NULL; } /* @@ -175,13 +181,12 @@ struct spwd *sgetspent (const char *string) if (fields[8][0] == '\0') { spwd.sp_flag = SHADOW_SP_FLAG_UNSET; - } else if (getulong (fields[8], &spwd.sp_flag) == 0) { - return 0; + } else if (str2ul(&spwd.sp_flag, fields[8]) == -1) { + return NULL; } return (&spwd); } #else -extern int errno; /* warning: ANSI C forbids an empty source file */ +extern int ISO_C_forbids_an_empty_translation_unit; #endif - diff --git a/lib/sgroupio.c b/lib/sgroupio.c index 871749b..0297df4 100644 --- a/lib/sgroupio.c +++ b/lib/sgroupio.c @@ -14,10 +14,12 @@ #ident "$Id$" +#include "alloc.h" #include "prototypes.h" #include "defines.h" #include "commonio.h" #include "getdef.h" +#include "memzero.h" #include "sgroupio.h" /*@null@*/ /*@only@*/struct sgrp *__sgr_dup (const struct sgrp *sgent) @@ -25,13 +27,12 @@ struct sgrp *sg; int i; - sg = (struct sgrp *) malloc (sizeof *sg); + sg = CALLOC (1, struct sgrp); if (NULL == sg) { return NULL; } /* Do the same as the other _dup function, even if we know the * structure. */ - memset (sg, 0, sizeof *sg); /*@-mustfreeonly@*/ sg->sg_name = strdup (sgent->sg_name); /*@=mustfreeonly@*/ @@ -50,7 +51,7 @@ for (i = 0; NULL != sgent->sg_adm[i]; i++); /*@-mustfreeonly@*/ - sg->sg_adm = (char **) malloc ((i + 1) * sizeof (char *)); + sg->sg_adm = MALLOC(i + 1, char *); /*@=mustfreeonly@*/ if (NULL == sg->sg_adm) { free (sg->sg_passwd); @@ -75,7 +76,7 @@ for (i = 0; NULL != sgent->sg_mem[i]; i++); /*@-mustfreeonly@*/ - sg->sg_mem = (char **) malloc ((i + 1) * sizeof (char *)); + sg->sg_mem = MALLOC(i + 1, char *); /*@=mustfreeonly@*/ if (NULL == sg->sg_mem) { for (i = 0; NULL != sg->sg_adm[i]; i++) { @@ -116,14 +117,16 @@ static /*@null@*/ /*@only@*/void *gshadow_dup (const void *ent) return __sgr_dup (sg); } -static void gshadow_free (/*@out@*/ /*@only@*/void *ent) +static void +gshadow_free(/*@only@*/void *ent) { struct sgrp *sg = ent; sgr_free (sg); } -void sgr_free (/*@out@*/ /*@only@*/struct sgrp *sgent) +void +sgr_free(/*@only@*/struct sgrp *sgent) { size_t i; free (sgent->sg_name); @@ -151,7 +154,7 @@ static const char *gshadow_getname (const void *ent) static void *gshadow_parse (const char *line) { - return (void *) sgetsgent (line); + return sgetsgent (line); } static int gshadow_put (const void *ent, FILE * file) @@ -253,7 +256,7 @@ int sgr_open (int mode) int sgr_update (const struct sgrp *sg) { - return commonio_update (&gshadow_db, (const void *) sg); + return commonio_update (&gshadow_db, sg); } int sgr_remove (const char *name) @@ -302,5 +305,5 @@ int sgr_sort () return commonio_sort_wrt (&gshadow_db, __gr_get_db ()); } #else -extern int errno; /* warning: ANSI C forbids an empty source file */ +extern int ISO_C_forbids_an_empty_translation_unit; #endif diff --git a/lib/shadow.c b/lib/shadow.c index b628b65..f17d09e 100644 --- a/lib/shadow.c +++ b/lib/shadow.c @@ -18,54 +18,15 @@ #include "prototypes.h" #include "defines.h" #include <stdio.h> -#ifdef USE_NIS -static bool nis_used; -static bool nis_ignore; -static enum { native, start, middle, native2 } nis_state; -static bool nis_bound; -static char *nis_domain; -static char *nis_key; -static int nis_keylen; -static char *nis_val; -static int nis_vallen; - -#define IS_NISCHAR(c) ((c)=='+') -#endif + +#include "atoi/str2i.h" + static FILE *shadow; #define FIELDS 9 #define OFIELDS 5 -#ifdef USE_NIS - -/* - * __setspNIS - turn on or off NIS searches - */ - -void __setspNIS (bool flag) -{ - nis_ignore = !flag; - - if (nis_ignore) { - nis_used = false; - } -} - -/* - * bind_nis - bind to NIS server - */ - -static int bind_nis (void) -{ - if (yp_get_default_domain (&nis_domain)) { - return -1; - } - - nis_bound = true; - return 0; -} -#endif /* * setspent - initialize access to shadow text and DBM files @@ -78,10 +39,6 @@ void setspent (void) }else { shadow = fopen (SHADOW_FILE, "r"); } - -#ifdef USE_NIS - nis_state = native; -#endif } /* @@ -94,7 +51,7 @@ void endspent (void) (void) fclose (shadow); } - shadow = (FILE *) 0; + shadow = NULL; } /* @@ -150,11 +107,6 @@ static struct spwd *my_sgetspent (const char *string) */ spwd.sp_namp = fields[0]; -#ifdef USE_NIS - if (IS_NISCHAR (fields[0][0])) { - nis_used = true; - } -#endif spwd.sp_pwdp = fields[1]; /* @@ -166,16 +118,10 @@ static struct spwd *my_sgetspent (const char *string) if (fields[2][0] == '\0') { spwd.sp_lstchg = -1; } else { - if (getlong (fields[2], &spwd.sp_lstchg) == 0) { -#ifdef USE_NIS - if (nis_used) { - spwd.sp_lstchg = -1; - } else -#endif - return 0; - } else if (spwd.sp_lstchg < 0) { + if (str2sl(&spwd.sp_lstchg, fields[2]) == -1) + return 0; + if (spwd.sp_lstchg < 0) return 0; - } } /* @@ -185,18 +131,10 @@ static struct spwd *my_sgetspent (const char *string) if (fields[3][0] == '\0') { spwd.sp_min = -1; } else { - if (getlong (fields[3], &spwd.sp_min) == 0) { -#ifdef USE_NIS - if (nis_used) { - spwd.sp_min = -1; - } else -#endif - { - return 0; - } - } else if (spwd.sp_min < 0) { + if (str2sl(&spwd.sp_min, fields[3]) == -1) + return 0; + if (spwd.sp_min < 0) return 0; - } } /* @@ -206,16 +144,10 @@ static struct spwd *my_sgetspent (const char *string) if (fields[4][0] == '\0') { spwd.sp_max = -1; } else { - if (getlong (fields[4], &spwd.sp_max) == 0) { -#ifdef USE_NIS - if (nis_used) { - spwd.sp_max = -1; - } else -#endif - return 0; - } else if (spwd.sp_max < 0) { + if (str2sl(&spwd.sp_max, fields[4]) == -1) + return 0; + if (spwd.sp_max < 0) return 0; - } } /* @@ -239,18 +171,10 @@ static struct spwd *my_sgetspent (const char *string) if (fields[5][0] == '\0') { spwd.sp_warn = -1; } else { - if (getlong (fields[5], &spwd.sp_warn) == 0) { -#ifdef USE_NIS - if (nis_used) { - spwd.sp_warn = -1; - } else -#endif - { - return 0; - } - } else if (spwd.sp_warn < 0) { + if (str2sl(&spwd.sp_warn, fields[5]) == -1) + return 0; + if (spwd.sp_warn < 0) return 0; - } } /* @@ -261,18 +185,10 @@ static struct spwd *my_sgetspent (const char *string) if (fields[6][0] == '\0') { spwd.sp_inact = -1; } else { - if (getlong (fields[6], &spwd.sp_inact) == 0) { -#ifdef USE_NIS - if (nis_used) { - spwd.sp_inact = -1; - } else -#endif - { - return 0; - } - } else if (spwd.sp_inact < 0) { + if (str2sl(&spwd.sp_inact, fields[6]) == -1) + return 0; + if (spwd.sp_inact < 0) return 0; - } } /* @@ -283,18 +199,10 @@ static struct spwd *my_sgetspent (const char *string) if (fields[7][0] == '\0') { spwd.sp_expire = -1; } else { - if (getlong (fields[7], &spwd.sp_expire) == 0) { -#ifdef USE_NIS - if (nis_used) { - spwd.sp_expire = -1; - } else -#endif - { - return 0; - } - } else if (spwd.sp_expire < 0) { + if (str2sl(&spwd.sp_expire, fields[7]) == -1) + return 0; + if (spwd.sp_expire < 0) return 0; - } } /* @@ -305,18 +213,10 @@ static struct spwd *my_sgetspent (const char *string) if (fields[8][0] == '\0') { spwd.sp_flag = SHADOW_SP_FLAG_UNSET; } else { - if (getulong (fields[8], &spwd.sp_flag) == 0) { -#ifdef USE_NIS - if (nis_used) { - spwd.sp_flag = SHADOW_SP_FLAG_UNSET; - } else -#endif - { - return 0; - } - } else if (spwd.sp_flag < 0) { + if (str2ul(&spwd.sp_flag, fields[8]) == -1) + return 0; + if (spwd.sp_flag < 0) return 0; - } } return (&spwd); @@ -335,21 +235,12 @@ struct spwd *fgetspent (FILE * fp) return (0); } -#ifdef USE_NIS - while (fgets (buf, (int) sizeof buf, fp) != (char *) 0) -#else - if (fgets (buf, (int) sizeof buf, fp) != (char *) 0) -#endif + if (fgets (buf, sizeof buf, fp) != NULL) { cp = strchr (buf, '\n'); if (NULL != cp) { *cp = '\0'; } -#ifdef USE_NIS - if (nis_ignore && IS_NISCHAR (buf[0])) { - continue; - } -#endif return my_sgetspent (buf); } return 0; @@ -361,92 +252,10 @@ struct spwd *fgetspent (FILE * fp) struct spwd *getspent (void) { -#ifdef USE_NIS - int nis_1_user = 0; - struct spwd *val; -#endif if (NULL == shadow) { setspent (); } - -#ifdef USE_NIS - again: - /* - * See if we are reading from the local file. - */ - - if (nis_state == native || nis_state == native2) { - - /* - * Get the next entry from the shadow file. Return NULL - * right away if there is none. - */ - - val = fgetspent (shadow); - if (NULL == val) - return 0; - - /* - * If this entry began with a NIS escape character, we have - * to see if this is just a single user, or if the entire - * map is being asked for. - */ - - if (IS_NISCHAR (val->sp_namp[0])) { - if (val->sp_namp[1]) - nis_1_user = 1; - else - nis_state = start; - } - - /* - * If this isn't a NIS user and this isn't an escape to go - * use a NIS map, it must be a regular local user. - */ - - if (nis_1_user == 0 && nis_state != start) - return val; - - /* - * If this is an escape to use an NIS map, switch over to - * that bunch of code. - */ - - if (nis_state == start) - goto again; - - /* - * NEEDSWORK. Here we substitute pieces-parts of this entry. - */ - - return 0; - } else { - if (!nis_bound) { - if (bind_nis ()) { - nis_state = native2; - goto again; - } - } - if (nis_state == start) { - if (yp_first (nis_domain, "shadow.bynam", &nis_key, - &nis_keylen, &nis_val, &nis_vallen)) { - nis_state = native2; - goto again; - } - nis_state = middle; - } else if (nis_state == middle) { - if (yp_next (nis_domain, "shadow.bynam", nis_key, - nis_keylen, &nis_key, &nis_keylen, - &nis_val, &nis_vallen)) { - nis_state = native2; - goto again; - } - } - return my_sgetspent (nis_val); - } -#else return (fgetspent (shadow)); -#endif } /* @@ -457,74 +266,16 @@ struct spwd *getspnam (const char *name) { struct spwd *sp; -#ifdef USE_NIS - static char save_name[16]; - bool nis_disabled = false; -#endif - setspent (); -#ifdef USE_NIS - /* - * Search the shadow.byname map for this user. - */ - - if (!nis_ignore && !nis_bound) { - bind_nis (); - } - - if (!nis_ignore && nis_bound) { - char *cp; - - if (yp_match (nis_domain, "shadow.byname", name, - strlen (name), &nis_val, &nis_vallen) == 0) { - - cp = strchr (nis_val, '\n'); - if (NULL != cp) { - *cp = '\0'; - } - - nis_state = middle; - sp = my_sgetspent (nis_val); - if (NULL != sp) { - strcpy (save_name, sp->sp_namp); - nis_key = save_name; - nis_keylen = strlen (save_name); - } - endspent (); - return sp; - } else { - nis_state = native2; - } - } -#endif -#ifdef USE_NIS - /* - * NEEDSWORK -- this is a mess, and it is the same mess in the - * other three files. I can't just blindly turn off NIS because - * this might be the first pass through the local files. In - * that case, I never discover that NIS is present. - */ - - if (nis_used) { - nis_ignore = true; - nis_disabled = true; - } -#endif - while ((sp = getspent ()) != (struct spwd *) 0) { + while ((sp = getspent ()) != NULL) { if (strcmp (name, sp->sp_namp) == 0) { break; } } -#ifdef USE_NIS - if (nis_disabled) { - nis_ignore = false; - } -#endif endspent (); return (sp); } #else -extern int errno; /* warning: ANSI C forbids an empty source file */ +extern int ISO_C_forbids_an_empty_translation_unit; #endif - diff --git a/lib/shadowio.c b/lib/shadowio.c index 683b6c8..d2c3b47 100644 --- a/lib/shadowio.c +++ b/lib/shadowio.c @@ -31,7 +31,8 @@ static /*@null@*/ /*@only@*/void *shadow_dup (const void *ent) return __spw_dup (sp); } -static void shadow_free (/*@out@*//*@only@*/void *ent) +static void +shadow_free(/*@only@*/void *ent) { struct spwd *sp = ent; @@ -47,7 +48,7 @@ static const char *shadow_getname (const void *ent) static void *shadow_parse (const char *line) { - return (void *) sgetspent (line); + return sgetspent (line); } static int shadow_put (const void *ent, FILE * file) @@ -164,7 +165,7 @@ int spw_open (int mode) int spw_update (const struct spwd *sp) { - return commonio_update (&shadow_db, (const void *) sp); + return commonio_update (&shadow_db, sp); } int spw_remove (const char *name) diff --git a/lib/shadowlog_internal.h b/lib/shadowlog_internal.h index 72a0e0c..f972a3c 100644 --- a/lib/shadowlog_internal.h +++ b/lib/shadowlog_internal.h @@ -2,6 +2,6 @@ #define _SHADOWLOG_INTERNAL_H extern const char *shadow_progname; /* Program name showed in error messages */ -extern FILE *shadow_logfd; /* file descripter to which error messages are printed */ +extern FILE *shadow_logfd; /* file descriptor to which error messages are printed */ #endif /* _SHADOWLOG_INTERNAL_H */ diff --git a/lib/shadowmem.c b/lib/shadowmem.c index 82f99e7..9d8f193 100644 --- a/lib/shadowmem.c +++ b/lib/shadowmem.c @@ -16,18 +16,20 @@ #include "defines.h" #include <shadow.h> #include <stdio.h> + +#include "alloc.h" +#include "memzero.h" #include "shadowio.h" /*@null@*/ /*@only@*/struct spwd *__spw_dup (const struct spwd *spent) { struct spwd *sp; - sp = (struct spwd *) malloc (sizeof *sp); + sp = CALLOC (1, struct spwd); if (NULL == sp) { return NULL; } /* The libc might define other fields. They won't be copied. */ - memset (sp, 0, sizeof *sp); sp->sp_lstchg = spent->sp_lstchg; sp->sp_min = spent->sp_min; sp->sp_max = spent->sp_max; @@ -54,7 +56,8 @@ return sp; } -void spw_free (/*@out@*/ /*@only@*/struct spwd *spent) +void +spw_free(/*@only@*/struct spwd *spent) { if (spent != NULL) { free (spent->sp_namp); diff --git a/lib/shell.c b/lib/shell.c new file mode 100644 index 0000000..25ef3e3 --- /dev/null +++ b/lib/shell.c @@ -0,0 +1,82 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1991, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2006, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2009 , Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <stdio.h> +#include <errno.h> +#include "prototypes.h" +#include "defines.h" +#include "string/sprintf.h" + + +extern char **newenvp; +extern size_t newenvc; + +/* + * shell - execute the named program + * + * shell begins by trying to figure out what argv[0] is going to + * be for the named process. The user may pass in that argument, + * or it will be the last pathname component of the file with a + * '-' prepended. + * Then, it executes the named file. + */ + +int shell (const char *file, /*@null@*/const char *arg, char *const envp[]) +{ + int err; + char arg0[1024]; + + if (file == NULL) { + errno = EINVAL; + return errno; + } + + /* + * The argv[0]'th entry is usually the path name, but + * for various reasons the invoker may want to override + * that. So, we determine the 0'th entry only if they + * don't want to tell us what it is themselves. + */ + if (arg == NULL) { + SNPRINTF(arg0, "-%s", Basename(file)); + arg = arg0; + } + + /* + * First we try the direct approach. The system should be + * able to figure out what we are up to without too much + * grief. + */ + (void) execle (file, arg, (char *) NULL, envp); + err = errno; + + if (access (file, R_OK|X_OK) == 0) { + /* + * Assume this is a shell script (with no shebang). + * Interpret it with /bin/sh + */ + (void) execle (SHELL, "sh", "-", file, (char *) NULL, envp); + err = errno; + } + + /* + * Obviously something is really wrong - I can't figure out + * how to execute this stupid shell, so I might as well give + * up in disgust ... + */ + SNPRINTF(arg0, _("Cannot execute %s"), file); + errno = err; + perror (arg0); + return err; +} + diff --git a/lib/sizeof.h b/lib/sizeof.h new file mode 100644 index 0000000..6847068 --- /dev/null +++ b/lib/sizeof.h @@ -0,0 +1,25 @@ +/* + * SPDX-FileCopyrightText: 2022-2023, Alejandro Colomar <alx@kernel.org> + * SPDX-License-Identifier: BSD-3-Clause + */ + + +#ifndef SHADOW_INCLUDE_LIBMISC_SIZEOF_H_ +#define SHADOW_INCLUDE_LIBMISC_SIZEOF_H_ + + +#include <config.h> + +#include <limits.h> + +#include "must_be.h" + + +#define memberof(T, member) ((T){}.member) +#define WIDTHOF(x) (sizeof(x) * CHAR_BIT) +#define SIZEOF_ARRAY(a) (sizeof(a) + must_be_array(a)) +#define NITEMS(a) (SIZEOF_ARRAY((a)) / sizeof((a)[0])) +#define STRLEN(s) (NITEMS(s) - 1) + + +#endif // include guard diff --git a/lib/spawn.c b/lib/spawn.c index ce1a97d..57a4121 100644 --- a/lib/spawn.c +++ b/lib/spawn.c @@ -17,8 +17,9 @@ #include "shadowlog_internal.h" -int run_command (const char *cmd, const char *argv[], - /*@null@*/const char *envp[], /*@out@*/int *status) +int +run_command(const char *cmd, const char *argv[], + /*@null@*/const char *envp[], int *restrict status) { pid_t pid, wpid; @@ -4,8 +4,11 @@ #ifdef USE_SSSD #include <stdio.h> +#include <sys/stat.h> #include <sys/wait.h> #include <sys/types.h> + +#include "alloc.h" #include "exitcodes.h" #include "defines.h" #include "prototypes.h" @@ -19,12 +22,17 @@ int sssd_flush_cache (int dbflags) { int status, code, rv; const char *cmd = "/usr/sbin/sss_cache"; + struct stat sb; char *sss_cache_args = NULL; const char *spawnedArgs[] = {"sss_cache", NULL, NULL}; const char *spawnedEnv[] = {NULL}; int i = 0; - sss_cache_args = malloc(4); + rv = stat(cmd, &sb); + if (rv == -1 && errno == ENOENT) + return 0; + + sss_cache_args = MALLOC(4, char); if (sss_cache_args == NULL) { return -1; } @@ -70,6 +78,6 @@ int sssd_flush_cache (int dbflags) return 0; } #else /* USE_SSSD */ -extern int errno; /* warning: ANSI C forbids an empty source file */ +extern int ISO_C_forbids_an_empty_translation_unit; #endif /* USE_SSSD */ diff --git a/lib/string/sprintf.c b/lib/string/sprintf.c new file mode 100644 index 0000000..cf3c210 --- /dev/null +++ b/lib/string/sprintf.c @@ -0,0 +1,24 @@ +/* + * SPDX-FileCopyrightText: 2023, Alejandro Colomar <alx@kernel.org> + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include "string/sprintf.h" + +#include <stdarg.h> +#include <stddef.h> +#include <stdio.h> + + +extern inline int xasprintf(char **restrict s, const char *restrict fmt, ...); +extern inline int xvasprintf(char **restrict s, const char *restrict fmt, + va_list ap); + +extern inline int snprintf_(char *restrict s, size_t size, + const char *restrict fmt, ...); +extern inline int vsnprintf_(char *restrict s, size_t size, + const char *restrict fmt, va_list ap); diff --git a/lib/string/sprintf.h b/lib/string/sprintf.h new file mode 100644 index 0000000..7485369 --- /dev/null +++ b/lib/string/sprintf.h @@ -0,0 +1,97 @@ +/* + * SPDX-FileCopyrightText: 2023, Alejandro Colomar <alx@kernel.org> + * SPDX-License-Identifier: BSD-3-Clause + */ + + +#ifndef SHADOW_INCLUDE_LIB_SPRINTF_H_ +#define SHADOW_INCLUDE_LIB_SPRINTF_H_ + + +#include <config.h> + +#include <stdarg.h> +#include <stddef.h> +#include <stdio.h> + +#include "attr.h" +#include "defines.h" +#include "sizeof.h" + + +#define SNPRINTF(s, fmt, ...) \ + snprintf_(s, NITEMS(s), fmt __VA_OPT__(,) __VA_ARGS__) + + +format_attr(printf, 2, 3) +inline int xasprintf(char **restrict s, const char *restrict fmt, ...); +format_attr(printf, 2, 0) +inline int xvasprintf(char **restrict s, const char *restrict fmt, va_list ap); + +format_attr(printf, 3, 4) +inline int snprintf_(char *restrict s, size_t size, const char *restrict fmt, + ...); +format_attr(printf, 3, 0) +inline int vsnprintf_(char *restrict s, size_t size, const char *restrict fmt, + va_list ap); + + +inline int +xasprintf(char **restrict s, const char *restrict fmt, ...) +{ + int len; + va_list ap; + + va_start(ap, fmt); + len = xvasprintf(s, fmt, ap); + va_end(ap); + + return len; +} + + +inline int +xvasprintf(char **restrict s, const char *restrict fmt, va_list ap) +{ + int len; + + len = vasprintf(s, fmt, ap); + if (len == -1) { + perror("asprintf"); + exit(EXIT_FAILURE); + } + + return len; +} + + +inline int +snprintf_(char *restrict s, size_t size, const char *restrict fmt, ...) +{ + int len; + va_list ap; + + va_start(ap, fmt); + len = vsnprintf_(s, size, fmt, ap); + va_end(ap); + + return len; +} + + +inline int +vsnprintf_(char *restrict s, size_t size, const char *restrict fmt, va_list ap) +{ + int len; + + len = vsnprintf(s, size, fmt, ap); + if (len == -1) + return -1; + if ((size_t) len >= size) + return -1; + + return len; +} + + +#endif // include guard diff --git a/lib/string/stpecpy.c b/lib/string/stpecpy.c new file mode 100644 index 0000000..9759388 --- /dev/null +++ b/lib/string/stpecpy.c @@ -0,0 +1,20 @@ +/* + * SPDX-FileCopyrightText: 2022 - 2023, Alejandro Colomar <alx@kernel.org> + * + * SPDX-License-Identifier: BSD-3-Clause + */ + + +#include <config.h> + +#if !defined(HAVE_STPECPY) + +#ident "$Id$" + +#include "string/stpecpy.h" + + +extern inline char *stpecpy(char *dst, char *end, const char *restrict src); + + +#endif // !HAVE_STPECPY diff --git a/lib/string/stpecpy.h b/lib/string/stpecpy.h new file mode 100644 index 0000000..2324baa --- /dev/null +++ b/lib/string/stpecpy.h @@ -0,0 +1,90 @@ +/* + * SPDX-FileCopyrightText: 2022 - 2023, Alejandro Colomar <alx@kernel.org> + * + * SPDX-License-Identifier: BSD-3-Clause + */ + + +#ifndef SHADOW_INCLUDE_LIB_STPECPY_H_ +#define SHADOW_INCLUDE_LIB_STPECPY_H_ + + +#include <config.h> + +#if !defined(HAVE_STPECPY) + +#include <stdbool.h> +#include <stddef.h> +#include <string.h> + +#include "attr.h" + + +ATTR_STRING(3) +inline char *stpecpy(char *dst, char *end, const char *restrict src); + + +/* + * SYNOPSIS + * [[gnu::null_terminated_string_arg(3)]] + * char *_Nullable stpecpy(char *_Nullable dst, char end[0], + * const char *restrict src); + * + * ARGUMENTS + * dst Destination buffer where to copy a string. + * + * end Pointer to one after the last element of the buffer + * pointed to by `dst`. Usually, it should be calculated + * as `dst + NITEMS(dst)`. + * + * src Source string to be copied into dst. + * + * DESCRIPTION + * This function copies the string pointed to by src, into a string + * at the buffer pointed to by dst. If the destination buffer, + * limited by a pointer to its end --one after its last element--, + * isn't large enough to hold the copy, the resulting string is + * truncated. + * + * This function can be chained with calls to [v]stpeprintf(). + * + * RETURN VALUE + * dst + strlen(dst) + * • On success, this function returns a pointer to the + * terminating NUL byte. + * + * end + * • If this call truncated the resulting string. + * • If `dst == end` (a previous chained call to these + * functions truncated). + * NULL + * • If `dst == NULL` (a previous chained call to + * [v]stpeprintf() failed). + * + * ERRORS + * This function doesn't set errno. + */ + + +inline char * +stpecpy(char *dst, char *end, const char *restrict src) +{ + bool trunc; + size_t dsize, dlen, slen; + + if (dst == end) + return end; + if (dst == NULL) + return NULL; + + dsize = end - dst; + slen = strnlen(src, dsize); + trunc = (slen == dsize); + dlen = slen - trunc; + + return stpcpy(mempcpy(dst, src, dlen), "") + trunc; +} + + +#endif // !HAVE_STPECPY +#endif // include guard diff --git a/lib/string/stpeprintf.c b/lib/string/stpeprintf.c new file mode 100644 index 0000000..cecd95d --- /dev/null +++ b/lib/string/stpeprintf.c @@ -0,0 +1,25 @@ +/* + * SPDX-FileCopyrightText: 2022 - 2023, Alejandro Colomar <alx@kernel.org> + * + * SPDX-License-Identifier: BSD-3-Clause + */ + + +#include <config.h> + +#if !defined(HAVE_STPEPRINTF) + +#ident "$Id$" + +#include "string/stpeprintf.h" + +#include <stdarg.h> + + +extern inline char *stpeprintf(char *dst, char *end, const char *restrict fmt, + ...); +extern inline char *vstpeprintf(char *dst, char *end, const char *restrict fmt, + va_list ap); + + +#endif // !HAVE_STPEPRINTF diff --git a/lib/string/stpeprintf.h b/lib/string/stpeprintf.h new file mode 100644 index 0000000..14ee7b6 --- /dev/null +++ b/lib/string/stpeprintf.h @@ -0,0 +1,120 @@ +/* + * SPDX-FileCopyrightText: 2022 - 2023, Alejandro Colomar <alx@kernel.org> + * + * SPDX-License-Identifier: BSD-3-Clause + */ + + +#ifndef SHADOW_INCLUDE_LIB_STPEPRINTF_H_ +#define SHADOW_INCLUDE_LIB_STPEPRINTF_H_ + + +#include <config.h> + +#if !defined(HAVE_STPEPRINTF) + +#include <stdarg.h> +#include <stddef.h> +#include <stdio.h> + +#include "attr.h" +#include "defines.h" + + +format_attr(printf, 3, 4) +inline char *stpeprintf(char *dst, char *end, const char *restrict fmt, ...); + +format_attr(printf, 3, 0) +inline char *vstpeprintf(char *dst, char *end, const char *restrict fmt, + va_list ap); + + +/* + * SYNOPSIS + * [[gnu::format(printf, 3, 4)]] + * char *_Nullable stpeprintf(char *_Nullable dst, char end[0], + * const char *restrict fmt, ...); + * + * [[gnu::format(printf, 3, 0)]] + * char *_Nullable vstpeprintf(char *_Nullable dst, char end[0], + * const char *restrict fmt, va_list ap); + * + * + * ARGUMENTS + * dst Destination buffer where to write a string. + * + * end Pointer to one after the last element of the buffer + * pointed to by `dst`. Usually, it should be calculated + * as `dst + NITEMS(dst)`. + * + * fmt Format string + * + * ... + * ap Variadic argument list + * + * DESCRIPTION + * These functions are very similar to [v]snprintf(3). + * + * The destination buffer is limited by a pointer to its end --one + * after its last element-- instead of a size. This allows + * chaining calls to it safely, unlike [v]snprintf(3), which is + * difficult to chain without invoking Undefined Behavior. + * + * RETURN VALUE + * dst + strlen(dst) + * • On success, these functions return a pointer to the + * terminating NUL byte. + * + * end + * • If this call truncated the resulting string. + * • If `dst == end` (a previous chained call to these + * functions truncated). + * NULL + * • If this function failed (see ERRORS). + * • If `dst == NULL` (a previous chained call to these + * functions failed). + * + * ERRORS + * These functions may fail for the same reasons as vsnprintf(3). + */ + + +inline char * +stpeprintf(char *dst, char *end, const char *restrict fmt, ...) +{ + char *p; + va_list ap; + + va_start(ap, fmt); + p = vstpeprintf(dst, end, fmt, ap); + va_end(ap); + + return p; +} + + +inline char * +vstpeprintf(char *dst, char *end, const char *restrict fmt, va_list ap) +{ + int len; + ptrdiff_t size; + + if (dst == end) + return end; + if (dst == NULL) + return NULL; + + size = end - dst; + len = vsnprintf(dst, size, fmt, ap); + + if (len == -1) + return NULL; + if (len >= size) + return end; + + return dst + len; +} + + +#endif // !HAVE_STPEPRINTF +#endif // include guard diff --git a/lib/string/strftime.c b/lib/string/strftime.c new file mode 100644 index 0000000..ea1deb3 --- /dev/null +++ b/lib/string/strftime.c @@ -0,0 +1,7 @@ +// SPDX-FileCopyrightText: 2024, Alejandro Colomar <alx@kernel.org> +// SPDX-License-Identifier: BSD-3-Clause + + +#include <config.h> + +#include "strftime.h" diff --git a/lib/string/strftime.h b/lib/string/strftime.h new file mode 100644 index 0000000..bebb31a --- /dev/null +++ b/lib/string/strftime.h @@ -0,0 +1,19 @@ +// SPDX-FileCopyrightText: 2024, Alejandro Colomar <alx@kernel.org> +// SPDX-License-Identifier: BSD-3-Clause + + +#ifndef SHADOW_INCLUDE_LIB_STRFTIME_H_ +#define SHADOW_INCLUDE_LIB_STRFTIME_H_ + + +#include <config.h> + +#include <time.h> + +#include "sizeof.h" + + +#define STRFTIME(dst, fmt, ...) strftime(dst, NITEMS(dst), fmt, __VA_ARGS__) + + +#endif // include guard diff --git a/lib/string/strncpy.h b/lib/string/strncpy.h new file mode 100644 index 0000000..fc6fcc9 --- /dev/null +++ b/lib/string/strncpy.h @@ -0,0 +1,21 @@ +/* + * SPDX-FileCopyrightText: 2023, Alejandro Colomar <alx@kernel.org> + * SPDX-License-Identifier: BSD-3-Clause + */ + + +#ifndef SHADOW_INCLUDE_LIB_STRNCPY_H_ +#define SHADOW_INCLUDE_LIB_STRNCPY_H_ + + +#include <config.h> + +#include <string.h> + +#include "sizeof.h" + + +#define STRNCPY(dst, src) strncpy(dst, src, NITEMS(dst)) + + +#endif // include guard diff --git a/lib/string/strtcpy.c b/lib/string/strtcpy.c new file mode 100644 index 0000000..74de4fc --- /dev/null +++ b/lib/string/strtcpy.c @@ -0,0 +1,18 @@ +/* + * SPDX-FileCopyrightText: 2022-2023, Alejandro Colomar <alx@kernel.org> + * SPDX-License-Identifier: BSD-3-Clause + */ + + +#include <config.h> + +#include <stddef.h> +#include <sys/types.h> + +#ident "$Id$" + +#include "string/strtcpy.h" + + +extern inline ssize_t strtcpy(char *restrict dst, const char *restrict src, + size_t dsize); diff --git a/lib/string/strtcpy.h b/lib/string/strtcpy.h new file mode 100644 index 0000000..4ff6e11 --- /dev/null +++ b/lib/string/strtcpy.h @@ -0,0 +1,80 @@ +/* + * SPDX-FileCopyrightText: 2023, Alejandro Colomar <alx@kernel.org> + * SPDX-License-Identifier: BSD-3-Clause + */ + + +#ifndef SHADOW_INCLUDE_LIB_STRTCPY_H_ +#define SHADOW_INCLUDE_LIB_STRTCPY_H_ + + +#include <config.h> + +#include <stdbool.h> +#include <stddef.h> +#include <string.h> +#include <sys/types.h> + +#include "attr.h" +#include "defines.h" +#include "sizeof.h" + + +/* + * SYNOPSIS + * [[gnu::null_terminated_string_arg(2)]] + * int STRTCPY(char dst[restrict], const char *restrict src); + * + * ARGUMENTS + * dst Destination buffer where to copy a string. + * src Source string to be copied into dst. + * + * DESCRIPTION + * This macro copies the string pointed to by src, into a string + * at the buffer pointed to by dst. If the destination buffer, + * isn't large enough to hold the copy, the resulting string is + * truncated. The size of the buffer is calculated internally via + * NITEMS(). + * + * RETURN VALUE + * -1 If this call truncated the resulting string. + * + * strlen(dst) + * On success. + * + * ERRORS + * This function doesn't set errno. + */ + + +#define STRTCPY(dst, src) strtcpy(dst, src, NITEMS(dst)) + + +ATTR_STRING(2) +inline ssize_t strtcpy(char *restrict dst, const char *restrict src, + size_t dsize); + + +inline ssize_t +strtcpy(char *restrict dst, const char *restrict src, size_t dsize) +{ + bool trunc; + size_t dlen, slen; + + if (dsize == 0) + return -1; + + slen = strnlen(src, dsize); + trunc = (slen == dsize); + dlen = slen - trunc; + + stpcpy(mempcpy(dst, src, dlen), ""); + + if (trunc) + return -1; + + return slen; +} + + +#endif // include guard diff --git a/lib/string/zustr2stp.h b/lib/string/zustr2stp.h new file mode 100644 index 0000000..152102b --- /dev/null +++ b/lib/string/zustr2stp.h @@ -0,0 +1,58 @@ +// SPDX-FileCopyrightText: 2022-2024, Alejandro Colomar <alx@kernel.org> +// SPDX-License-Identifier: BSD-3-Clause + + +#ifndef SHADOW_INCLUDE_LIB_STRING_ZUSTR2STP_H_ +#define SHADOW_INCLUDE_LIB_STRING_ZUSTR2STP_H_ + + +#include <config.h> + +#include <assert.h> +#include <string.h> + +#include "must_be.h" +#include "sizeof.h" + + +/* + * SYNOPSIS + * char *ZUSTR2STP(char *restrict dst, const char src[restrict]); + * + * ARGUMENTS + * dst Destination buffer. + * src Source null-padded character sequence. + * + * DESCRIPTION + * This macro copies at most NITEMS(src) non-null bytes from the + * array pointed to by src, followed by a null character, to the + * buffer pointed to by dst. + * + * RETURN VALUE + * dst + strlen(dst) + * This function returns a pointer to the terminating NUL + * byte. + * + * CAVEATS + * This function doesn't know the size of the destination buffer. + * It assumes it will always be large enough. Since the size of + * the source buffer is known to the caller, it should make sure to + * allocate a destination buffer of at least `NITEMS(src) + 1`. + * + * EXAMPLES + * char hostname[NITEMS(utmp->ut_host) + 1]; + * + * len = ZUSTR2STP(hostname, utmp->ut_host) - hostname; + * puts(hostname); + */ + + +#define ZUSTR2STP(dst, src) \ +({ \ + static_assert(!is_array(dst) || sizeof(dst) > SIZEOF_ARRAY(src), ""); \ + \ + stpcpy(mempcpy(dst, src, strnlen(src, NITEMS(src))), ""); \ +}) + + +#endif // include guard diff --git a/lib/strtoday.c b/lib/strtoday.c new file mode 100644 index 0000000..dabd5b5 --- /dev/null +++ b/lib/strtoday.c @@ -0,0 +1,77 @@ +/* + * SPDX-FileCopyrightText: 1991 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1999, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2008 , Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#include <ctype.h> + +#ident "$Id$" + +#include "atoi/str2i.h" +#include "prototypes.h" +#include "getdate.h" + + +/* + * strtoday() now uses get_date() (borrowed from GNU shellutils) + * which can handle many date formats, for example: + * 1970-09-17 # ISO 8601. + * 70-9-17 # This century assumed by default. + * 70-09-17 # Leading zeros are ignored. + * 9/17/72 # Common U.S. writing. + * 24 September 1972 + * 24 Sept 72 # September has a special abbreviation. + * 24 Sep 72 # Three-letter abbreviations always allowed. + * Sep 24, 1972 + * 24-sep-72 + * 24sep72 + */ +long strtoday (const char *str) +{ + time_t t; + bool isnum = true; + const char *s = str; + + /* + * get_date() interprets an empty string as the current date, + * which is not what we expect, unless you're a BOFH :-). + * (useradd sets sp_expire = current date for new lusers) + */ + if ((NULL == str) || ('\0' == *str)) { + return -1; + } + + /* If a numerical value is provided, this is already a number of + * days since EPOCH. + */ + if ('-' == *s) { + s++; + } + while (' ' == *s) { + s++; + } + while (isnum && ('\0' != *s)) { + if (!isdigit (*s)) { + isnum = false; + } + s++; + } + if (isnum) { + long retdate; + if (str2sl(&retdate, str) == -1) + return -2; + return retdate; + } + + t = get_date(str, NULL); + if ((time_t) - 1 == t) { + return -2; + } + return t / DAY; +} diff --git a/lib/sub.c b/lib/sub.c new file mode 100644 index 0000000..d8e2447 --- /dev/null +++ b/lib/sub.c @@ -0,0 +1,69 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1991, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1999, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2006, Tomasz Kłoczko + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <pwd.h> +#include <stdio.h> +#include <sys/types.h> +#include "prototypes.h" +#include "defines.h" +#define MAX_SUBROOT2 "maximum subsystem depth reached\n" +#define BAD_SUBROOT2 "invalid root `%s' for user `%s'\n" +#define NO_SUBROOT2 "no subsystem root `%s' for user `%s'\n" +#define MAX_DEPTH 1024 +/* + * subsystem - change to subsystem root + * + * A subsystem login is indicated by the presence of a "*" as + * the first character of the login shell. The given home + * directory will be used as the root of a new filesystem which + * the user is actually logged into. + */ +void subsystem (const struct passwd *pw) +{ + static int depth = 0; + + /* + * Prevent endless loop on misconfigured systems. + */ + if (++depth > MAX_DEPTH) { + printf (_("Maximum subsystem depth reached\n")); + SYSLOG ((LOG_WARN, MAX_SUBROOT2)); + closelog (); + exit (EXIT_FAILURE); + } + + /* + * The new root directory must begin with a "/" character. + */ + + if (pw->pw_dir[0] != '/') { + printf (_("Invalid root directory '%s'\n"), pw->pw_dir); + SYSLOG ((LOG_WARN, BAD_SUBROOT2, pw->pw_dir, pw->pw_name)); + closelog (); + exit (EXIT_FAILURE); + } + + /* + * The directory must be accessible and the current process + * must be able to change into it. + */ + + if ( (chroot (pw->pw_dir) != 0) + || (chdir ("/") != 0)) { + (void) printf (_("Can't change root directory to '%s'\n"), + pw->pw_dir); + SYSLOG ((LOG_WARN, NO_SUBROOT2, pw->pw_dir, pw->pw_name)); + closelog (); + exit (EXIT_FAILURE); + } +} + diff --git a/lib/subordinateio.c b/lib/subordinateio.c index bd1af26..e7cd4b4 100644 --- a/lib/subordinateio.c +++ b/lib/subordinateio.c @@ -16,6 +16,12 @@ #include <pwd.h> #include <ctype.h> #include <fcntl.h> +#include <string.h> + +#include "alloc.h" +#include "atoi/str2i.h" +#include "string/sprintf.h" + #define ID_SIZE 31 @@ -32,7 +38,7 @@ static /*@null@*/ /*@only@*/void *subordinate_dup (const void *ent) const struct subordinate_range *rangeent = ent; struct subordinate_range *range; - range = (struct subordinate_range *) malloc (sizeof *range); + range = MALLOC(1, struct subordinate_range); if (NULL == range) { return NULL; } @@ -52,7 +58,8 @@ static /*@null@*/ /*@only@*/void *subordinate_dup (const void *ent) * * @ent: pointer to a subordinate_range struct to free. */ -static void subordinate_free (/*@out@*/ /*@only@*/void *ent) +static void +subordinate_free(/*@only@*/void *ent) { struct subordinate_range *rangeent = ent; @@ -69,7 +76,8 @@ static void subordinate_free (/*@out@*/ /*@only@*/void *ent) * in @line, or NULL on failure. Note that the returned value should not * be freed by the caller. */ -static void *subordinate_parse (const char *line) +static void * +subordinate_parse(const char *line) { static struct subordinate_range range; static char rangebuf[1024]; @@ -90,19 +98,8 @@ static void *subordinate_parse (const char *line) * field. The fields are converted into NUL terminated strings. */ - for (cp = rangebuf, i = 0; (i < SUBID_NFIELDS) && (NULL != cp); i++) { - fields[i] = cp; - while (('\0' != *cp) && (':' != *cp)) { - cp++; - } - - if ('\0' != *cp) { - *cp = '\0'; - cp++; - } else { - cp = NULL; - } - } + for (cp = rangebuf, i = 0; (i < SUBID_NFIELDS) && (NULL != cp); i++) + fields[i] = strsep(&cp, ":"); /* * There must be exactly SUBID_NFIELDS colon separated fields or @@ -111,9 +108,9 @@ static void *subordinate_parse (const char *line) if (i != SUBID_NFIELDS || *fields[0] == '\0' || *fields[1] == '\0' || *fields[2] == '\0') return NULL; range.owner = fields[0]; - if (getulong (fields[1], &range.start) == 0) + if (str2ul(&range.start, fields[1]) == -1) return NULL; - if (getulong (fields[2], &range.count) == 0) + if (str2ul(&range.count, fields[2]) == -1) return NULL; return ⦥ @@ -208,7 +205,7 @@ static const struct subordinate_range *find_range(struct commonio_db *db, /* * We only do special handling for these two files */ - if ((0 != strcmp(db->filename, "/etc/subuid")) && (0 != strcmp(db->filename, "/etc/subgid"))) + if ((0 != strcmp(db->filename, SUBUID_FILE)) && (0 != strcmp(db->filename, SUBGID_FILE))) return NULL; /* @@ -218,9 +215,9 @@ static const struct subordinate_range *find_range(struct commonio_db *db, * (It may be specified as literal UID or as another username which * has the same UID as the username we are looking for.) */ - struct passwd *pwd; + char owner_uid_string[33]; uid_t owner_uid; - char owner_uid_string[33] = ""; + struct passwd *pwd; /* Get UID of the username we are looking for */ @@ -230,7 +227,8 @@ static const struct subordinate_range *find_range(struct commonio_db *db, return NULL; } owner_uid = pwd->pw_uid; - sprintf(owner_uid_string, "%lu", (unsigned long int)owner_uid); + if (SNPRINTF(owner_uid_string, "%lu", (unsigned long) owner_uid) == -1) + return NULL; commonio_rewind(db); while ((range = commonio_next(db)) != NULL) { @@ -313,19 +311,16 @@ static bool have_range(struct commonio_db *db, static bool append_range(struct subid_range **ranges, const struct subordinate_range *new, int n) { - if (!*ranges) { - *ranges = malloc(sizeof(struct subid_range)); - if (!*ranges) - return false; - } else { - struct subid_range *alloced; - alloced = realloc(*ranges, (n + 1) * (sizeof(struct subid_range))); - if (!alloced) - return false; - *ranges = alloced; - } - (*ranges)[n].start = new->start; - (*ranges)[n].count = new->count; + struct subid_range *sr; + + sr = REALLOC(*ranges, n + 1, struct subid_range); + if (!sr) + return false; + + sr[n].start = new->start; + sr[n].count = new->count; + *ranges = sr; + return true; } @@ -353,15 +348,19 @@ void free_subordinate_ranges(struct subordinate_range **ranges, int count) */ static int subordinate_range_cmp (const void *p1, const void *p2) { - struct subordinate_range *range1, *range2; + const struct commonio_entry *const *ce1; + const struct commonio_entry *const *ce2; + const struct subordinate_range *range1, *range2; - if ((*(struct commonio_entry **) p1)->eptr == NULL) + ce1 = p1; + range1 = (*ce1)->eptr; + if (range1 == NULL) return 1; - if ((*(struct commonio_entry **) p2)->eptr == NULL) - return -1; - range1 = ((struct subordinate_range *) (*(struct commonio_entry **) p1)->eptr); - range2 = ((struct subordinate_range *) (*(struct commonio_entry **) p2)->eptr); + ce2 = p2; + range2 = (*ce2)->eptr; + if (range2 == NULL) + return -1; if (range1->start < range2->start) return -1; @@ -556,7 +555,7 @@ static int remove_range (struct commonio_db *db, } static struct commonio_db subordinate_uid_db = { - "/etc/subuid", /* filename */ + SUBUID_FILE, /* filename */ &subordinate_ops, /* ops */ NULL, /* fp */ #ifdef WITH_SELINUX @@ -620,17 +619,28 @@ bool have_sub_uids(const char *owner, uid_t start, unsigned long count) return have_range (&subordinate_uid_db, owner, start, count); } +/* + * sub_uid_add: add a subuid range, perhaps through nss. + * + * Return 1 if the range is already present or on success. On error + * return 0 and set errno appropriately. + */ int sub_uid_add (const char *owner, uid_t start, unsigned long count) { - if (get_subid_nss_handle()) - return -EOPNOTSUPP; + if (get_subid_nss_handle()) { + errno = EOPNOTSUPP; + return 0; + } return add_range (&subordinate_uid_db, owner, start, count); } +/* Return 1 on success. on failure, return 0 and set errno appropriately */ int sub_uid_remove (const char *owner, uid_t start, unsigned long count) { - if (get_subid_nss_handle()) - return -EOPNOTSUPP; + if (get_subid_nss_handle()) { + errno = EOPNOTSUPP; + return 0; + } return remove_range (&subordinate_uid_db, owner, start, count); } @@ -652,7 +662,7 @@ uid_t sub_uid_find_free_range(uid_t min, uid_t max, unsigned long count) } static struct commonio_db subordinate_gid_db = { - "/etc/subgid", /* filename */ + SUBGID_FILE, /* filename */ &subordinate_ops, /* ops */ NULL, /* fp */ #ifdef WITH_SELINUX @@ -716,17 +726,28 @@ bool local_sub_gid_assigned(const char *owner) return range_exists (&subordinate_gid_db, owner); } +/* + * sub_gid_add: add a subgid range, perhaps through nss. + * + * Return 1 if the range is already present or on success. On error + * return 0 and set errno appropriately. + */ int sub_gid_add (const char *owner, gid_t start, unsigned long count) { - if (get_subid_nss_handle()) - return -EOPNOTSUPP; + if (get_subid_nss_handle()) { + errno = EOPNOTSUPP; + return 0; + } return add_range (&subordinate_gid_db, owner, start, count); } +/* Return 1 on success. on failure, return 0 and set errno appropriately */ int sub_gid_remove (const char *owner, gid_t start, unsigned long count) { - if (get_subid_nss_handle()) - return -EOPNOTSUPP; + if (get_subid_nss_handle()) { + errno = EOPNOTSUPP; + return 0; + } return remove_range (&subordinate_gid_db, owner, start, count); } @@ -910,7 +931,7 @@ static int append_uids(uid_t **uids, const char *owner, int n) return n; } - ret = realloc(*uids, (n + 1) * sizeof(uid_t)); + ret = REALLOC(*uids, n + 1, uid_t); if (!ret) { free(*uids); return -1; @@ -985,7 +1006,7 @@ bool new_subid_range(struct subordinate_range *range, enum subid_type id_type, b switch (id_type) { case ID_TYPE_UID: if (!sub_uid_lock()) { - printf("Failed loging subuids (errno %d)\n", errno); + printf("Failed locking subuids (errno %d)\n", errno); return false; } if (!sub_uid_open(O_CREAT | O_RDWR)) { @@ -997,7 +1018,7 @@ bool new_subid_range(struct subordinate_range *range, enum subid_type id_type, b break; case ID_TYPE_GID: if (!sub_gid_lock()) { - printf("Failed loging subgids (errno %d)\n", errno); + printf("Failed locking subgids (errno %d)\n", errno); return false; } if (!sub_gid_open(O_CREAT | O_RDWR)) { @@ -1057,7 +1078,7 @@ bool release_subid_range(struct subordinate_range *range, enum subid_type id_typ switch (id_type) { case ID_TYPE_UID: if (!sub_uid_lock()) { - printf("Failed loging subuids (errno %d)\n", errno); + printf("Failed locking subuids (errno %d)\n", errno); return false; } if (!sub_uid_open(O_CREAT | O_RDWR)) { @@ -1069,7 +1090,7 @@ bool release_subid_range(struct subordinate_range *range, enum subid_type id_typ break; case ID_TYPE_GID: if (!sub_gid_lock()) { - printf("Failed loging subgids (errno %d)\n", errno); + printf("Failed locking subgids (errno %d)\n", errno); return false; } if (!sub_gid_open(O_CREAT | O_RDWR)) { @@ -1097,6 +1118,6 @@ bool release_subid_range(struct subordinate_range *range, enum subid_type id_typ } #else /* !ENABLE_SUBIDS */ -extern int errno; /* warning: ANSI C forbids an empty source file */ +extern int ISO_C_forbids_an_empty_translation_unit; #endif /* !ENABLE_SUBIDS */ diff --git a/lib/sulog.c b/lib/sulog.c new file mode 100644 index 0000000..2ef22b2 --- /dev/null +++ b/lib/sulog.c @@ -0,0 +1,83 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1992, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2001 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2008 - 2010, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <sys/types.h> +#include <sys/stat.h> +#include <stdio.h> +#include <time.h> +#include "prototypes.h" +#include "defines.h" +#include "getdef.h" + +/* + * sulog - log a SU command execution result + */ +void sulog (const char *tty, bool success, const char *oldname, const char *name) +{ + const char *sulog_file; + time_t now; + struct tm *tm; + FILE *fp; + mode_t oldmask; + gid_t oldgid = 0; + + if (success) { + SYSLOG ((LOG_INFO, + "Successful su for %s by %s",name,oldname)); + } else { + SYSLOG ((LOG_NOTICE, + "FAILED su for %s by %s",name,oldname)); + } + + sulog_file = getdef_str ("SULOG_FILE"); + if (NULL == sulog_file) { + return; + } + + oldgid = getgid (); + oldmask = umask (077); + /* Switch to group root to avoid creating the sulog file with + * the wrong group ownership. */ + if ((oldgid != 0) && (setgid (0) != 0)) { + SYSLOG ((LOG_INFO, + "su session not logged to %s", sulog_file)); + /* Continue, but do not switch back to oldgid later */ + oldgid = 0; + } + fp = fopen (sulog_file, "a+"); + (void) umask (oldmask); + if ((oldgid != 0) && (setgid (oldgid) != 0)) { + perror ("setgid"); + SYSLOG ((LOG_ERR, + "can't switch back to group `%d' in sulog", + oldgid)); + /* Do not return if the group permission were raised. */ + exit (EXIT_FAILURE); + } + if (fp == NULL) { + return; /* can't open or create logfile */ + } + + (void) time (&now); + tm = localtime (&now); + + fprintf (fp, "SU %.02d/%.02d %.02d:%.02d %c %s %s-%s\n", + tm->tm_mon + 1, tm->tm_mday, tm->tm_hour, tm->tm_min, + success ? '+' : '-', tty, oldname, name); + + (void) fflush (fp); + fsync (fileno (fp)); + fclose (fp); + /* TODO: log if failure */ +} + diff --git a/lib/tcbfuncs.c b/lib/tcbfuncs.c index 1ed5d03..b5915fc 100644 --- a/lib/tcbfuncs.c +++ b/lib/tcbfuncs.c @@ -141,7 +141,7 @@ static /*@null@*/ char *shadowtcb_path_rel_existing (const char *name) shadow_progname, link); return NULL; } - link[(size_t)ret] = '\0'; + link[ret] = '\0'; rval = strdup (link); if (NULL == rval) { OUT_OF_MEMORY; @@ -527,7 +527,7 @@ shadowtcb_status shadowtcb_create (const char *name, uid_t uid) struct stat tcbdir_stat; gid_t shadowgid, authgid; struct group *gr; - int fd; + int fd = -1; shadowtcb_status ret = SHADOWTCB_FAILURE; if (!getdef_bool ("USE_TCB")) { @@ -566,14 +566,13 @@ shadowtcb_status shadowtcb_create (const char *name, uid_t uid) shadow_progname, shadow, strerror (errno)); goto out_free; } - close (fd); - if (chown (shadow, 0, authgid) != 0) { + if (fchown (fd, 0, authgid) != 0) { fprintf (shadow_logfd, _("%s: Cannot change owner of %s: %s\n"), shadow_progname, shadow, strerror (errno)); goto out_free; } - if (chmod (shadow, (mode_t) ((authgid == shadowgid) ? 0600 : 0640)) != 0) { + if (fchmod (fd, (mode_t) ((authgid == shadowgid) ? 0600 : 0640)) != 0) { fprintf (shadow_logfd, _("%s: Cannot change mode of %s: %s\n"), shadow_progname, shadow, strerror (errno)); @@ -597,6 +596,8 @@ shadowtcb_status shadowtcb_create (const char *name, uid_t uid) } ret = SHADOWTCB_SUCCESS; out_free: + if (fd != -1) + close(fd); free (dir); free (shadow); return ret; diff --git a/lib/time/day_to_str.c b/lib/time/day_to_str.c new file mode 100644 index 0000000..e3e4221 --- /dev/null +++ b/lib/time/day_to_str.c @@ -0,0 +1,11 @@ +// SPDX-FileCopyrightText: 2021-2024, Alejandro Colomar <alx@kernel.org> +// SPDX-FileCopyrightText: 2024, Tobias Stoeckmann <tobias@stoeckmann.org> +// SPDX-License-Identifier: BSD-3-Clause + + +#include <config.h> + +#include "time/day_to_str.h" + + +extern inline void day_to_str(size_t size, char buf[size], long day); diff --git a/lib/time/day_to_str.h b/lib/time/day_to_str.h new file mode 100644 index 0000000..96cec6e --- /dev/null +++ b/lib/time/day_to_str.h @@ -0,0 +1,51 @@ +// SPDX-FileCopyrightText: 2021-2024, Alejandro Colomar <alx@kernel.org> +// SPDX-FileCopyrightText: 2024, Tobias Stoeckmann <tobias@stoeckmann.org> +// SPDX-License-Identifier: BSD-3-Clause + + +#ifndef SHADOW_INCLUDE_LIB_TIME_DAY_TO_STR_H_ +#define SHADOW_INCLUDE_LIB_TIME_DAY_TO_STR_H_ + + +#include <config.h> + +#include <time.h> + +#include "defines.h" +#include "sizeof.h" +#include "string/strtcpy.h" + + +#define DAY_TO_STR(str, day) day_to_str(NITEMS(str), str, day) + + +inline void day_to_str(size_t size, char buf[size], long day); + + +inline void +day_to_str(size_t size, char buf[size], long day) +{ + time_t date; + struct tm tm; + + if (day < 0) { + strtcpy(buf, "never", size); + return; + } + + if (__builtin_mul_overflow(day, DAY, &date)) { + strtcpy(buf, "future", size); + return; + } + + if (gmtime_r(&date, &tm) == NULL) { + strtcpy(buf, "future", size); + return; + } + + if (strftime(buf, size, "%Y-%m-%d", &tm) == 0) + strtcpy(buf, "future", size); +} + + +#endif // include guard diff --git a/lib/ttytype.c b/lib/ttytype.c new file mode 100644 index 0000000..a9fb0e8 --- /dev/null +++ b/lib/ttytype.c @@ -0,0 +1,65 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1997, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2008 - 2010, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <stdio.h> +#include "prototypes.h" +#include "defines.h" +#include "getdef.h" +/* + * ttytype - set ttytype from port to terminal type mapping database + */ +void ttytype (const char *line) +{ + FILE *fp; + char buf[BUFSIZ]; + const char *typefile; + char *cp; + char type[1024] = ""; + char port[1024]; + + if (getenv ("TERM") != NULL) { + return; + } + typefile = getdef_str ("TTYTYPE_FILE"); + if (NULL == typefile) { + return; + } + + fp = fopen (typefile, "r"); + if (NULL == fp) { + if (errno != ENOENT) + perror (typefile); + return; + } + while (fgets (buf, sizeof buf, fp) == buf) { + if (buf[0] == '#') { + continue; + } + + cp = strchr (buf, '\n'); + if (NULL != cp) { + *cp = '\0'; + } + + if ( (sscanf (buf, "%1023s %1023s", type, port) == 2) + && (strcmp (line, port) == 0)) { + break; + } + } + if ((feof (fp) == 0) && (ferror (fp) == 0) && (type[0] != '\0')) { + addenv ("TERM", type); + } + + (void) fclose (fp); +} + diff --git a/lib/tz.c b/lib/tz.c new file mode 100644 index 0000000..83b295c --- /dev/null +++ b/lib/tz.c @@ -0,0 +1,58 @@ +/* + * SPDX-FileCopyrightText: 1991 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1991 - 1994, Chip Rosenthal + * SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2007 - 2010, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ifndef USE_PAM + +#ident "$Id$" + +#include <stdio.h> +#include <string.h> +#include "defines.h" +#include "prototypes.h" +#include "getdef.h" + +/* + * tz - return local timezone name + * + * tz() determines the name of the local timezone by reading the + * contents of the file named by ``fname''. + */ +/*@observer@*/const char *tz (const char *fname) +{ + FILE *fp = NULL; + static char tzbuf[BUFSIZ]; + const char *def_tz = "TZ=CST6CDT"; + + fp = fopen (fname, "r"); + if ( (NULL == fp) + || (fgets (tzbuf, sizeof (tzbuf), fp) == NULL)) { + def_tz = getdef_str ("ENV_TZ"); + if ((NULL == def_tz) || ('/' == def_tz[0])) { + def_tz = "TZ=CST6CDT"; + } + + strcpy (tzbuf, def_tz); + } else { + /* Remove optional trailing '\n'. */ + tzbuf[strcspn (tzbuf, "\n")] = '\0'; + } + + if (NULL != fp) { + (void) fclose (fp); + } + + return tzbuf; +} +#else /* !USE_PAM */ +extern int ISO_C_forbids_an_empty_translation_unit; +#endif /* !USE_PAM */ + diff --git a/lib/ulimit.c b/lib/ulimit.c new file mode 100644 index 0000000..45a184a --- /dev/null +++ b/lib/ulimit.c @@ -0,0 +1,29 @@ +/* + * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1997, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2008 , Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <sys/time.h> +#include <sys/resource.h> +#include "prototypes.h" + +int set_filesize_limit (int blocks) +{ + int ret = -1; + struct rlimit rlimit_fsize; + + rlimit_fsize.rlim_cur = 512L * blocks; + rlimit_fsize.rlim_max = rlimit_fsize.rlim_cur; + ret = setrlimit (RLIMIT_FSIZE, &rlimit_fsize); + + return ret; +} + diff --git a/lib/user_busy.c b/lib/user_busy.c new file mode 100644 index 0000000..a622376 --- /dev/null +++ b/lib/user_busy.c @@ -0,0 +1,269 @@ +/* + * SPDX-FileCopyrightText: 1991 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2000 - 2006, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2007 - 2009, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id: $" + +#include <assert.h> +#include <stdio.h> +#include <sys/types.h> +#include <dirent.h> +#include <fcntl.h> +#include <unistd.h> +#include "defines.h" +#include "prototypes.h" +#ifdef ENABLE_SUBIDS +#include "subordinateio.h" +#endif /* ENABLE_SUBIDS */ +#include "shadowlog.h" +#include "string/sprintf.h" + + +#ifdef __linux__ +static int check_status (const char *name, const char *sname, uid_t uid); +static int user_busy_processes (const char *name, uid_t uid); +#else /* !__linux__ */ +static int user_busy_utmp (const char *name); +#endif /* !__linux__ */ + +/* + * user_busy - check if a user is currently running processes + */ +int user_busy (const char *name, uid_t uid) +{ + /* There are no standard ways to get the list of processes. + * An option could be to run an external tool (ps). + */ +#ifdef __linux__ + /* On Linux, directly parse /proc */ + return user_busy_processes (name, uid); +#else /* !__linux__ */ + /* If we cannot rely on /proc, check if there is a record in utmp + * indicating that the user is still logged in */ + return user_busy_utmp (name); +#endif /* !__linux__ */ +} + + +#ifndef __linux__ +static int +user_busy_utmp(const char *name) +{ + struct utmpx *utent; + + setutxent(); + while ((utent = getutxent()) != NULL) + { + if (utent->ut_type != USER_PROCESS) { + continue; + } + if (strncmp (utent->ut_user, name, sizeof utent->ut_user) != 0) { + continue; + } + if (kill (utent->ut_pid, 0) != 0) { + continue; + } + + fprintf (log_get_logfd(), + _("%s: user %s is currently logged in\n"), + log_get_progname(), name); + return 1; + } + + return 0; +} +#endif /* !__linux__ */ + + +#ifdef __linux__ +#ifdef ENABLE_SUBIDS +#define in_parentuid_range(uid) ((uid) >= parentuid && (uid) < parentuid + range) +static int different_namespace (const char *sname) +{ + /* 41: /proc/xxxxxxxxxx/task/xxxxxxxxxx/ns/user + \0 */ + char path[41]; + char buf[512], buf2[512]; + ssize_t llen1, llen2; + + SNPRINTF(path, "/proc/%s/ns/user", sname); + + if ((llen1 = readlink (path, buf, sizeof(buf))) == -1) + return 0; + + if ((llen2 = readlink ("/proc/self/ns/user", buf2, sizeof(buf2))) == -1) + return 0; + + if (llen1 == llen2 && memcmp (buf, buf2, llen1) == 0) + return 0; /* same namespace */ + + return 1; +} +#endif /* ENABLE_SUBIDS */ + + +static int check_status (const char *name, const char *sname, uid_t uid) +{ + /* 40: /proc/xxxxxxxxxx/task/xxxxxxxxxx/status + \0 */ + char status[40]; + char line[1024]; + FILE *sfile; + + SNPRINTF(status, "/proc/%s/status", sname); + + sfile = fopen (status, "r"); + if (NULL == sfile) { + return 0; + } + while (fgets (line, sizeof (line), sfile) == line) { + if (strncmp (line, "Uid:\t", 5) == 0) { + unsigned long ruid, euid, suid; + + assert (uid == (unsigned long) uid); + (void) fclose (sfile); + if (sscanf (line, + "Uid:\t%lu\t%lu\t%lu\n", + &ruid, &euid, &suid) == 3) { + if ( (ruid == (unsigned long) uid) + || (euid == (unsigned long) uid) + || (suid == (unsigned long) uid) ) { + return 1; + } +#ifdef ENABLE_SUBIDS + if ( different_namespace (sname) + && ( have_sub_uids(name, ruid, 1) + || have_sub_uids(name, euid, 1) + || have_sub_uids(name, suid, 1)) + ) { + return 1; + } +#endif /* ENABLE_SUBIDS */ + } else { + /* Ignore errors. This is just a best effort. */ + } + return 0; + } + } + (void) fclose (sfile); + return 0; +} + +static int user_busy_processes (const char *name, uid_t uid) +{ + DIR *proc; + DIR *task_dir; + char *tmp_d_name; + /* 22: /proc/xxxxxxxxxx/task + \0 */ + char task_path[22]; + char root_path[22]; + pid_t pid; + struct stat sbroot; + struct stat sbroot_process; + struct dirent *ent; + +#ifdef ENABLE_SUBIDS + sub_uid_open (O_RDONLY); +#endif /* ENABLE_SUBIDS */ + + proc = opendir ("/proc"); + if (proc == NULL) { + perror ("opendir /proc"); +#ifdef ENABLE_SUBIDS + sub_uid_close(); +#endif + return 0; + } + if (stat ("/", &sbroot) != 0) { + perror ("stat (\"/\")"); + (void) closedir (proc); +#ifdef ENABLE_SUBIDS + sub_uid_close(); +#endif + return 0; + } + + while ((ent = readdir (proc)) != NULL) { + tmp_d_name = ent->d_name; + /* + * Ingo Molnar's patch introducing NPTL for 2.4 hides + * threads in the /proc directory by prepending a period. + * This patch is applied by default in some RedHat + * kernels. + */ + if ( (strcmp (tmp_d_name, ".") == 0) + || (strcmp (tmp_d_name, "..") == 0)) { + continue; + } + if (*tmp_d_name == '.') { + tmp_d_name++; + } + + /* Check if this is a valid PID */ + if (get_pid(tmp_d_name, &pid) == -1) { + continue; + } + + /* Check if the process is in our chroot */ + SNPRINTF(root_path, "/proc/%lu/root", (unsigned long) pid); + if (stat (root_path, &sbroot_process) != 0) { + continue; + } + if ( (sbroot.st_dev != sbroot_process.st_dev) + || (sbroot.st_ino != sbroot_process.st_ino)) { + continue; + } + + if (check_status (name, tmp_d_name, uid) != 0) { + (void) closedir (proc); +#ifdef ENABLE_SUBIDS + sub_uid_close(); +#endif + fprintf (log_get_logfd(), + _("%s: user %s is currently used by process %d\n"), + log_get_progname(), name, pid); + return 1; + } + + SNPRINTF(task_path, "/proc/%lu/task", (unsigned long) pid); + task_dir = opendir (task_path); + if (task_dir != NULL) { + while ((ent = readdir (task_dir)) != NULL) { + pid_t tid; + if (get_pid(ent->d_name, &tid) == -1) { + continue; + } + if (tid == pid) { + continue; + } + if (check_status (name, task_path+6, uid) != 0) { + (void) closedir (proc); + (void) closedir (task_dir); +#ifdef ENABLE_SUBIDS + sub_uid_close(); +#endif + fprintf (log_get_logfd(), + _("%s: user %s is currently used by process %d\n"), + log_get_progname(), name, pid); + return 1; + } + } + (void) closedir (task_dir); + } else { + /* Ignore errors. This is just a best effort */ + } + } + + (void) closedir (proc); +#ifdef ENABLE_SUBIDS + sub_uid_close(); +#endif /* ENABLE_SUBIDS */ + return 0; +} +#endif /* __linux__ */ + diff --git a/lib/utent.c b/lib/utent.c deleted file mode 100644 index d5e6dae..0000000 --- a/lib/utent.c +++ /dev/null @@ -1,70 +0,0 @@ -/* - * SPDX-FileCopyrightText: 1993 - 1994, Julianne Frances Haugh - * SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz - * SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#include <config.h> - -#ifndef HAVE_GETUTENT - -#include "defines.h" -#include <stdio.h> -#include <fcntl.h> -#include <utmp.h> - -#ifndef lint -static char rcsid[] = "$Id$"; -#endif - -static int utmp_fd = -1; -static struct utmp utmp_buf; - -/* - * setutent - open or rewind the utmp file - */ - -void setutent (void) -{ - if (utmp_fd == -1) - if ((utmp_fd = open (_UTMP_FILE, O_RDWR)) == -1) - utmp_fd = open (_UTMP_FILE, O_RDONLY); - - if (utmp_fd != -1) - lseek (utmp_fd, (off_t) 0L, SEEK_SET); -} - -/* - * endutent - close the utmp file - */ - -void endutent (void) -{ - if (utmp_fd != -1) - close (utmp_fd); - - utmp_fd = -1; -} - -/* - * getutent - get the next record from the utmp file - */ - -struct utmp *getutent (void) -{ - if (utmp_fd == -1) - setutent (); - - if (utmp_fd == -1) - return 0; - - if (read (utmp_fd, &utmp_buf, sizeof utmp_buf) != sizeof utmp_buf) - return 0; - - return &utmp_buf; -} -#else -extern int errno; /* warning: ANSI C forbids an empty source file */ -#endif diff --git a/lib/utmp.c b/lib/utmp.c new file mode 100644 index 0000000..08e9b62 --- /dev/null +++ b/lib/utmp.c @@ -0,0 +1,434 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1999, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2001 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2008 - 2009, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#include "defines.h" +#include "prototypes.h" +#include "getdef.h" + +#include <utmpx.h> +#include <assert.h> +#include <sys/param.h> +#include <sys/types.h> +#include <sys/socket.h> +#include <netdb.h> +#include <stdio.h> +#include <fcntl.h> + +#include "alloc.h" +#include "sizeof.h" +#include "string/strncpy.h" +#include "string/strtcpy.h" +#include "string/zustr2stp.h" + +#ident "$Id$" + + +#define UTX_LINESIZE NITEMS(memberof(struct utmpx, ut_line)) + + +/* + * is_my_tty -- determine if "tty" is the same TTY stdin is using + */ +static bool +is_my_tty(const char tty[UTX_LINESIZE]) +{ + char full_tty[STRLEN("/dev/") + UTX_LINESIZE + 1]; + /* tmptty shall be bigger than full_tty */ + static char tmptty[sizeof(full_tty) + 1]; + + full_tty[0] = '\0'; + if (tty[0] != '/') + strcpy (full_tty, "/dev/"); + strncat(full_tty, tty, UTX_LINESIZE); + + if ('\0' == tmptty[0]) { + const char *tname = ttyname (STDIN_FILENO); + if (NULL != tname) + STRTCPY(tmptty, tname); + } + + if ('\0' == tmptty[0]) { + (void) puts (_("Unable to determine your tty name.")); + exit (EXIT_FAILURE); + } + + return strcmp (full_tty, tmptty) == 0; +} + + +/* + * failtmp - update the cumulative failure log + * + * failtmp updates the (struct utmpx) formatted failure log which + * maintains a record of all login failures. + */ +static void +failtmp(const char *username, const struct utmpx *failent) +{ + const char *ftmp; + int fd; + + /* + * Get the name of the failure file. If no file has been defined + * in login.defs, don't do this. + */ + + ftmp = getdef_str ("FTMP_FILE"); + if (NULL == ftmp) { + return; + } + + /* + * Open the file for append. It must already exist for this + * feature to be used. + */ + + fd = open (ftmp, O_WRONLY | O_APPEND); + if (-1 == fd) { + if (errno != ENOENT) { + SYSLOG ((LOG_WARN, + "Can't append failure of user %s to %s: %m", + username, ftmp)); + } + return; + } + + /* + * Append the new failure record and close the log file. + */ + + if (write_full(fd, failent, sizeof *failent) == -1) { + goto err_write; + } + + if (close (fd) != 0 && errno != EINTR) { + goto err_close; + } + + return; + +err_write: + { + int saved_errno = errno; + (void) close (fd); + errno = saved_errno; + } +err_close: + SYSLOG ((LOG_WARN, + "Can't append failure of user %s to %s: %m", + username, ftmp)); +} + + +/* + * get_current_utmp - return the most probable utmp entry for the current + * session + * + * The utmp file is scanned for an entry with the same process ID. + * The line entered by the *getty / telnetd, etc. should also match + * the current terminal. + * + * When an entry is returned by get_current_utmp, and if the utmpx + * structure has a ut_id field, this field should be used to update + * the entry information. + * + * Return NULL if no entries exist in utmp for the current process. + */ +static /*@null@*/ /*@only@*/struct utmpx * +get_current_utmp(void) +{ + struct utmpx *ut; + struct utmpx *ret = NULL; + + setutxent(); + + /* First, try to find a valid utmp entry for this process. */ + while ((ut = getutxent()) != NULL) { + if ( (ut->ut_pid == getpid ()) + && ('\0' != ut->ut_id[0]) + && ( (LOGIN_PROCESS == ut->ut_type) + || (USER_PROCESS == ut->ut_type)) + /* A process may have failed to close an entry + * Check if this entry refers to the current tty */ + && is_my_tty(ut->ut_line)) + { + break; + } + } + + if (NULL != ut) { + ret = XMALLOC(1, struct utmpx); + memcpy (ret, ut, sizeof (*ret)); + } + + endutxent(); + + return ret; +} + + +int +get_session_host(char **out) +{ + int ret = 0; + struct utmpx *ut; + + ut = get_current_utmp(); + +#if defined(HAVE_STRUCT_UTMPX_UT_HOST) + if ((ut != NULL) && (ut->ut_host[0] != '\0')) { + char *hostname; + + hostname = XMALLOC(sizeof(ut->ut_host) + 1, char); + ZUSTR2STP(hostname, ut->ut_host); + *out = hostname; + free (ut); + } else { + *out = NULL; + ret = -2; + } +#else + *out = NULL; + ret = -2; +#endif + + return ret; +} + + +#if !defined(USE_PAM) && !defined(HAVE_UPDWTMPX) +/* + * Some systems already have updwtmpx(). Others + * don't, so we re-implement these functions if necessary. + */ +static void +updwtmpx(const char *filename, const struct utmpx *ut) +{ + int fd; + + fd = open (filename, O_APPEND | O_WRONLY, 0); + if (fd >= 0) { + write_full(fd, ut, sizeof(*ut)); + close (fd); + } +} +#endif + + +/* + * prepare_utmp - prepare an utmp entry so that it can be logged in a + * utmp/wtmp file. + * + * It accepts an utmp entry in input (ut) to return an entry with + * the right ut_id. This is typically an entry returned by + * get_current_utmp + * If ut is NULL, ut_id will be forged based on the line argument. + * + * The ut_host field of the input structure may also be kept, and is + * used to define the ut_addr/ut_addr_v6 fields. (if these fields + * exist) + * + * Other fields are discarded and filed with new values (if they + * exist). + * + * The returned structure shall be freed by the caller. + */ +static /*@only@*/struct utmpx * +prepare_utmp(const char *name, const char *line, const char *host, + /*@null@*/const struct utmpx *ut) +{ + char *hostname = NULL; + struct utmpx *utent; + struct timeval tv; + + assert (NULL != name); + assert (NULL != line); + + + + if ( (NULL != host) + && ('\0' != host[0])) { + hostname = XMALLOC(strlen(host) + 1, char); + strcpy (hostname, host); +#if defined(HAVE_STRUCT_UTMPX_UT_HOST) + } else if ( (NULL != ut) + && ('\0' != ut->ut_host[0])) { + hostname = XMALLOC(NITEMS(ut->ut_host) + 1, char); + ZUSTR2STP(hostname, ut->ut_host); +#endif + } + + if (strncmp(line, "/dev/", 5) == 0) { + line += 5; + } + + + utent = XCALLOC(1, struct utmpx); + + + utent->ut_type = USER_PROCESS; + utent->ut_pid = getpid (); + STRNCPY(utent->ut_line, line); + if (NULL != ut) { + STRNCPY(utent->ut_id, ut->ut_id); + } else { + /* XXX - assumes /dev/tty?? */ + STRNCPY(utent->ut_id, line + 3); + } +#if defined(HAVE_STRUCT_UTMPX_UT_NAME) + STRNCPY(utent->ut_name, name); +#endif + STRNCPY(utent->ut_user, name); + if (NULL != hostname) { + struct addrinfo *info = NULL; +#if defined(HAVE_STRUCT_UTMPX_UT_HOST) + STRNCPY(utent->ut_host, hostname); +#endif +#if defined(HAVE_STRUCT_UTMPX_UT_SYSLEN) + utent->ut_syslen = MIN (strlen (hostname), + sizeof (utent->ut_host)); +#endif +#if defined(HAVE_STRUCT_UTMPX_UT_ADDR) || defined(HAVE_STRUCT_UTMPX_UT_ADDR_V6) + if (getaddrinfo (hostname, NULL, NULL, &info) == 0) { + /* getaddrinfo might not be reliable. + * Just try to log what may be useful. + */ + if (info->ai_family == AF_INET) { + struct sockaddr_in *sa = + (struct sockaddr_in *) info->ai_addr; +# if defined(HAVE_STRUCT_UTMPX_UT_ADDR) + memcpy (&(utent->ut_addr), + &(sa->sin_addr), + MIN (sizeof (utent->ut_addr), + sizeof (sa->sin_addr))); +# endif +# if defined(HAVE_STRUCT_UTMPX_UT_ADDR_V6) + memcpy (utent->ut_addr_v6, + &(sa->sin_addr), + MIN (sizeof (utent->ut_addr_v6), + sizeof (sa->sin_addr))); + } else if (info->ai_family == AF_INET6) { + struct sockaddr_in6 *sa = + (struct sockaddr_in6 *) info->ai_addr; + memcpy (utent->ut_addr_v6, + &(sa->sin6_addr), + MIN (sizeof (utent->ut_addr_v6), + sizeof (sa->sin6_addr))); +# endif + } + freeaddrinfo (info); + } +#endif + free (hostname); + } + /* ut_exit is only for DEAD_PROCESS */ + utent->ut_session = getsid (0); + if (gettimeofday (&tv, NULL) == 0) { +#if defined(HAVE_STRUCT_UTMPX_UT_TIME) + utent->ut_time = tv.tv_sec; +#endif +#if defined(HAVE_STRUCT_UTMPX_UT_XTIME) + utent->ut_xtime = tv.tv_usec; +#endif + utent->ut_tv.tv_sec = tv.tv_sec; + utent->ut_tv.tv_usec = tv.tv_usec; + } + + return utent; +} + + +/* + * setutmp - Update an entry in utmp and log an entry in wtmp + * + * Return 1 on failure and 0 on success. + */ +static int +setutmp(struct utmpx *ut) +{ + int err = 0; + + assert (NULL != ut); + + setutxent(); + if (pututxline(ut) == NULL) { + err = 1; + } + endutxent(); + +#if !defined(USE_PAM) + /* This is done by pam_lastlog */ + updwtmpx(_WTMP_FILE, ut); +#endif + + return err; +} + + +int +update_utmp(const char *user, const char *tty, const char *host) +{ + struct utmpx *utent, *ut; + + utent = get_current_utmp (); + ut = prepare_utmp (user, tty, host, utent); + + (void) setutmp (ut); /* make entry in the utmp & wtmp files */ + + free(utent); + free(ut); + + return 0; +} + + +void +record_failure(const char *failent_user, const char *tty, const char *hostname) +{ + struct utmpx *utent, *failent; + + if (getdef_str ("FTMP_FILE") != NULL) { + utent = get_current_utmp (); + failent = prepare_utmp (failent_user, tty, hostname, utent); + failtmp (failent_user, failent); + free (utent); + free (failent); + } +} + + +unsigned long +active_sessions_count(const char *name, unsigned long limit) +{ + struct utmpx *ut; + unsigned long count = 0; + + setutxent(); + while ((ut = getutxent())) + { + if (USER_PROCESS != ut->ut_type) { + continue; + } + if ('\0' == ut->ut_user[0]) { + continue; + } + if (strncmp (name, ut->ut_user, sizeof (ut->ut_user)) != 0) { + continue; + } + count++; + if (count > limit) { + break; + } + } + endutxent(); + + return count; +} diff --git a/lib/valid.c b/lib/valid.c new file mode 100644 index 0000000..326635f --- /dev/null +++ b/lib/valid.c @@ -0,0 +1,82 @@ +/* + * SPDX-FileCopyrightText: 1989 - 1993, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 1999, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2007 - 2008, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <sys/types.h> +#include <stdio.h> +#include "prototypes.h" +#include "defines.h" +#include <pwd.h> +/* + * valid - compare encrypted passwords + * + * Valid() compares the DES encrypted password from the password file + * against the password which the user has entered after it has been + * encrypted using the same salt as the original. Entries which do + * not have a password file entry have a NULL pw_name field and this + * is used to indicate that a dummy salt must be used to encrypt the + * password anyway. + */ +bool valid (const char *password, const struct passwd *ent) +{ + const char *encrypted; + /*@observer@*/const char *salt; + + /* + * Start with blank or empty password entries. Always encrypt + * a password if no such user exists. Only if the ID exists and + * the password is really empty do you return quickly. This + * routine is meant to waste CPU time. + */ + + if ((NULL != ent->pw_name) && ('\0' == ent->pw_passwd[0])) { + if ('\0' == password[0]) { + return true; /* user entered nothing */ + } else { + return false; /* user entered something! */ + } + } + + /* + * If there is no entry then we need a salt to use. + */ + + if ((NULL == ent->pw_name) || ('\0' == ent->pw_passwd[0])) { + salt = "xx"; + } else { + salt = ent->pw_passwd; + } + + /* + * Now, perform the encryption using the salt from before on + * the users input. Since we always encrypt the string, it + * should be very difficult to determine if the user exists by + * looking at execution time. + */ + + encrypted = pw_encrypt (password, salt); + + /* + * One last time we must deal with there being no password file + * entry for the user. We use the pw_name == NULL idiom to + * cause non-existent users to not be validated. + */ + + if ( (NULL != ent->pw_name) + && (NULL != encrypted) + && (strcmp (encrypted, ent->pw_passwd) == 0)) { + return true; + } else { + return false; + } +} + diff --git a/lib/write_full.c b/lib/write_full.c new file mode 100644 index 0000000..4ef902c --- /dev/null +++ b/lib/write_full.c @@ -0,0 +1,77 @@ +/* + * SPDX-FileCopyrightText: 2023, Christian Göttsche <cgzones@googlemail.com> + * SPDX-FileCopyrightText: 2023, Alejandro Colomar <alx@kernel.org> + * + * SPDX-License-Identifier: BSD-3-Clause + */ + + +#include <config.h> + +#ident "$Id$" + +#include <errno.h> +#include <unistd.h> + +#include "prototypes.h" + + +/* + * SYNOPSIS + * int write_full(int fd, const void *buf, size_t count); + * + * ARGUMENTS + * fd File descriptor. + * buf Source buffer to write(2) into 'fd'. + * count Size of 'buf'. + * + * DESCRIPTION + * Write 'count' bytes from the buffer starting at 'buf' to the + * file referred to by 'fd'. + * + * This function is similar to write(2), except that it retries + * in case of a short write. + * + * Since this function either performs a full write, or fails, the + * return value is simpler than for write(2). + * + * RETURN VALUE + * 0 On success. + * -1 On error. + * + * ERRORS + * See write(2). + * + * CAVEATS + * This function can still perform partial writes: if the function + * fails in the loop after one or more write(2) calls have + * succeeded, it will report a failure, but some data may have been + * written. In such a case, it's the caller's responsibility to + * make sure that the partial write is not problematic, and + * remediate it if it is --maybe by trying to remove the file--. + */ + + +int +write_full(int fd, const void *buf, size_t count) +{ + ssize_t w; + const unsigned char *p; + + p = buf; + + while (count > 0) { + w = write(fd, p, count); + if (w == -1) { + if (errno == EINTR) + continue; + + return -1; + } + + p += w; + count -= w; + } + + return 0; +} diff --git a/lib/xgetXXbyYY.c b/lib/xgetXXbyYY.c new file mode 100644 index 0000000..7d5e914 --- /dev/null +++ b/lib/xgetXXbyYY.c @@ -0,0 +1,118 @@ +/* + * SPDX-FileCopyrightText: 2007 - 2009, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/* + * According to the Linux-PAM documentation: + * + * 4.1. Care about standard library calls + * + * In general, writers of authorization-granting applications should + * assume that each module is likely to call any or all 'libc' functions. + * For 'libc' functions that return pointers to static/dynamically + * allocated structures (ie. the library allocates the memory and the + * user is not expected to 'free()' it) any module call to this function + * is likely to corrupt a pointer previously obtained by the application. + * The application programmer should either re-call such a 'libc' + * function after a call to the Linux-PAM library, or copy the structure + * contents to some safe area of memory before passing control to the + * Linux-PAM library. + * + * Two important function classes that fall into this category are + * getpwnam(3) and syslog(3). + * + * This file provides wrapper to the name or name_r functions. + */ + +#include <unistd.h> +#include <stdlib.h> +#include <stdio.h> +#include <errno.h> + +#include "alloc.h" +#include "prototypes.h" +#include "shadowlog.h" + +#define XFUNCTION_NAME XPREFIX (FUNCTION_NAME) +#define XPREFIX(name) XPREFIX1 (name) +#define XPREFIX1(name) x##name +#define REENTRANT_NAME APPEND_R (FUNCTION_NAME) +#define APPEND_R(name) APPEND_R1 (name) +#define APPEND_R1(name) name##_r +#define STRINGIZE(name) STRINGIZE1 (name) +#define STRINGIZE1(name) #name + +/*@null@*/ /*@only@*/LOOKUP_TYPE *XFUNCTION_NAME (ARG_TYPE ARG_NAME) +{ +#if HAVE_FUNCTION_R + LOOKUP_TYPE *result=NULL; + char *buffer=NULL; + /* we have to start with something */ + size_t length = 0x100; + + result = MALLOC(1, LOOKUP_TYPE); + if (NULL == result) { + goto oom; + } + + while (true) { + int status; + LOOKUP_TYPE *resbuf = NULL; + buffer = XREALLOC(buffer, length, char); + status = REENTRANT_NAME(ARG_NAME, result, buffer, + length, &resbuf); + if ((0 == status) && (resbuf == result)) { + /* Build a result structure that can be freed by + * the shadow *_free functions. */ + LOOKUP_TYPE *ret_result = DUP_FUNCTION(result); + if (NULL == ret_result) { + goto oom; + } + free(buffer); + free(result); + return ret_result; + } + + if (ERANGE != status) { + break; + } + + if (length == SIZE_MAX) { + break; + } + + length = (length <= SIZE_MAX / 4) ? length * 4 : SIZE_MAX; + } + + free(buffer); + free(result); + return NULL; + +#else /* !HAVE_FUNCTION_R */ + + /* No reentrant function. + * Duplicate the structure to avoid other call to overwrite it. + * + * We should also restore the initial structure. But that would be + * overkill. + */ + LOOKUP_TYPE *result = FUNCTION_NAME(ARG_NAME); + + if (result) { + result = DUP_FUNCTION(result); + if (NULL == result) { + goto oom; + } + } + + return result; +#endif + +oom: + fprintf (log_get_logfd(), _("%s: out of memory\n"), + "x" STRINGIZE(FUNCTION_NAME)); + exit (13); +} + diff --git a/lib/xgetgrgid.c b/lib/xgetgrgid.c new file mode 100644 index 0000000..6419196 --- /dev/null +++ b/lib/xgetgrgid.c @@ -0,0 +1,41 @@ +/* + * SPDX-FileCopyrightText: 2007 - 2009, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/* + * According to the Linux-PAM documentation: + * + * 4.1. Care about standard library calls + * + * In general, writers of authorization-granting applications should + * assume that each module is likely to call any or all 'libc' functions. + * For 'libc' functions that return pointers to static/dynamically + * allocated structures (ie. the library allocates the memory and the + * user is not expected to 'free()' it) any module call to this function + * is likely to corrupt a pointer previously obtained by the application. + * The application programmer should either re-call such a 'libc' + * function after a call to the Linux-PAM library, or copy the structure + * contents to some safe area of memory before passing control to the + * Linux-PAM library. + * + * Two important function classes that fall into this category are + * getpwnam(3) and syslog(3). + * + * This file provides wrapper to the getgrgid or getgrgid_r functions. + */ + +#include <config.h> + +#include "groupio.h" + +#define LOOKUP_TYPE struct group +#define FUNCTION_NAME getgrgid +#define ARG_TYPE gid_t +#define ARG_NAME gid +#define DUP_FUNCTION __gr_dup +#define HAVE_FUNCTION_R 1 + +#include "xgetXXbyYY.c" + diff --git a/lib/xgetgrnam.c b/lib/xgetgrnam.c new file mode 100644 index 0000000..35ad9ee --- /dev/null +++ b/lib/xgetgrnam.c @@ -0,0 +1,41 @@ +/* + * SPDX-FileCopyrightText: 2007 - 2009, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/* + * According to the Linux-PAM documentation: + * + * 4.1. Care about standard library calls + * + * In general, writers of authorization-granting applications should + * assume that each module is likely to call any or all 'libc' functions. + * For 'libc' functions that return pointers to static/dynamically + * allocated structures (ie. the library allocates the memory and the + * user is not expected to 'free()' it) any module call to this function + * is likely to corrupt a pointer previously obtained by the application. + * The application programmer should either re-call such a 'libc' + * function after a call to the Linux-PAM library, or copy the structure + * contents to some safe area of memory before passing control to the + * Linux-PAM library. + * + * Two important function classes that fall into this category are + * getpwnam(3) and syslog(3). + * + * This file provides wrapper to the getgrnam or getgrnam_r functions. + */ + +#include <config.h> + +#include "groupio.h" + +#define LOOKUP_TYPE struct group +#define FUNCTION_NAME getgrnam +#define ARG_TYPE const char * +#define ARG_NAME name +#define DUP_FUNCTION __gr_dup +#define HAVE_FUNCTION_R 1 + +#include "xgetXXbyYY.c" + diff --git a/lib/xgetpwnam.c b/lib/xgetpwnam.c new file mode 100644 index 0000000..4387e79 --- /dev/null +++ b/lib/xgetpwnam.c @@ -0,0 +1,41 @@ +/* + * SPDX-FileCopyrightText: 2007 - 2009, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/* + * According to the Linux-PAM documentation: + * + * 4.1. Care about standard library calls + * + * In general, writers of authorization-granting applications should + * assume that each module is likely to call any or all 'libc' functions. + * For 'libc' functions that return pointers to static/dynamically + * allocated structures (ie. the library allocates the memory and the + * user is not expected to 'free()' it) any module call to this function + * is likely to corrupt a pointer previously obtained by the application. + * The application programmer should either re-call such a 'libc' + * function after a call to the Linux-PAM library, or copy the structure + * contents to some safe area of memory before passing control to the + * Linux-PAM library. + * + * Two important function classes that fall into this category are + * getpwnam(3) and syslog(3). + * + * This file provides wrapper to the getpwnam or getpwnam_r functions. + */ + +#include <config.h> + +#include "pwio.h" + +#define LOOKUP_TYPE struct passwd +#define FUNCTION_NAME getpwnam +#define ARG_TYPE const char * +#define ARG_NAME name +#define DUP_FUNCTION __pw_dup +#define HAVE_FUNCTION_R 1 + +#include "xgetXXbyYY.c" + diff --git a/lib/xgetpwuid.c b/lib/xgetpwuid.c new file mode 100644 index 0000000..d663a42 --- /dev/null +++ b/lib/xgetpwuid.c @@ -0,0 +1,41 @@ +/* + * SPDX-FileCopyrightText: 2007 - 2009, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/* + * According to the Linux-PAM documentation: + * + * 4.1. Care about standard library calls + * + * In general, writers of authorization-granting applications should + * assume that each module is likely to call any or all 'libc' functions. + * For 'libc' functions that return pointers to static/dynamically + * allocated structures (ie. the library allocates the memory and the + * user is not expected to 'free()' it) any module call to this function + * is likely to corrupt a pointer previously obtained by the application. + * The application programmer should either re-call such a 'libc' + * function after a call to the Linux-PAM library, or copy the structure + * contents to some safe area of memory before passing control to the + * Linux-PAM library. + * + * Two important function classes that fall into this category are + * getpwnam(3) and syslog(3). + * + * This file provides wrapper to the getpwuid or getpwuid_r functions. + */ + +#include <config.h> + +#include "pwio.h" + +#define LOOKUP_TYPE struct passwd +#define FUNCTION_NAME getpwuid +#define ARG_TYPE uid_t +#define ARG_NAME uid +#define DUP_FUNCTION __pw_dup +#define HAVE_FUNCTION_R 1 + +#include "xgetXXbyYY.c" + diff --git a/lib/xgetspnam.c b/lib/xgetspnam.c new file mode 100644 index 0000000..ebda94b --- /dev/null +++ b/lib/xgetspnam.c @@ -0,0 +1,41 @@ +/* + * SPDX-FileCopyrightText: 2008 - 2009, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/* + * According to the Linux-PAM documentation: + * + * 4.1. Care about standard library calls + * + * In general, writers of authorization-granting applications should + * assume that each module is likely to call any or all 'libc' functions. + * For 'libc' functions that return pointers to static/dynamically + * allocated structures (ie. the library allocates the memory and the + * user is not expected to 'free()' it) any module call to this function + * is likely to corrupt a pointer previously obtained by the application. + * The application programmer should either re-call such a 'libc' + * function after a call to the Linux-PAM library, or copy the structure + * contents to some safe area of memory before passing control to the + * Linux-PAM library. + * + * Two important function classes that fall into this category are + * getpwnam(3) and syslog(3). + * + * This file provides wrapper to the getspnam or getspnam_r functions. + */ + +#include <config.h> + +#include "shadowio.h" + +#define LOOKUP_TYPE struct spwd +#define FUNCTION_NAME getspnam +#define ARG_TYPE const char * +#define ARG_NAME name +#define DUP_FUNCTION __spw_dup +#define HAVE_FUNCTION_R (defined HAVE_GETSPNAM_R) + +#include "xgetXXbyYY.c" + diff --git a/lib/xprefix_getpwnam.c b/lib/xprefix_getpwnam.c new file mode 100644 index 0000000..cec0106 --- /dev/null +++ b/lib/xprefix_getpwnam.c @@ -0,0 +1,41 @@ +/* + * SPDX-FileCopyrightText: 2007 - 2009, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/* + * According to the Linux-PAM documentation: + * + * 4.1. Care about standard library calls + * + * In general, writers of authorization-granting applications should + * assume that each module is likely to call any or all 'libc' functions. + * For 'libc' functions that return pointers to static/dynamically + * allocated structures (ie. the library allocates the memory and the + * user is not expected to 'free()' it) any module call to this function + * is likely to corrupt a pointer previously obtained by the application. + * The application programmer should either re-call such a 'libc' + * function after a call to the Linux-PAM library, or copy the structure + * contents to some safe area of memory before passing control to the + * Linux-PAM library. + * + * Two important function classes that fall into this category are + * getpwnam(3) and syslog(3). + * + * This file provides wrapper to the prefix_getpwnam or prefix_getpwnam_r functions. + */ + +#include <config.h> + +#include "pwio.h" + +#define LOOKUP_TYPE struct passwd +#define FUNCTION_NAME prefix_getpwnam +#define ARG_TYPE const char * +#define ARG_NAME name +#define DUP_FUNCTION __pw_dup +#define HAVE_FUNCTION_R HAVE_FGETPWENT_R + +#include "xgetXXbyYY.c" + diff --git a/lib/yesno.c b/lib/yesno.c new file mode 100644 index 0000000..029cd81 --- /dev/null +++ b/lib/yesno.c @@ -0,0 +1,87 @@ +/* + * SPDX-FileCopyrightText: 1992 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 2007 - 2008, Nicolas François + * SPDX-FileCopyrightText: 2023, Alejandro Colomar <alx@kernel.org> + * + * SPDX-License-Identifier: BSD-3-Clause + */ + + +#include <config.h> + +#ident "$Id$" + +#include <stdbool.h> +#include <stdio.h> +#include <stdlib.h> +#include "prototypes.h" + + +/* + * Synopsis + * bool yes_or_no(bool read_only); + * + * Arguments + * read_only + * In read-only mode, all questions are answered "no". It + * will print "No" to stdout. + * + * Description + * After a yes/no question, this function gets the answer from the + * user. + * + * Calls to this function will normally be preceeded by a prompt on + * stdout, so we should fflush(3). + * + * Return value + * false "no" + * true "yes" + * + * See also + * rpmatch(3) + */ + + +#if !defined(HAVE_RPMATCH) +static int rpmatch(const char *response); +#endif + + +bool +yes_or_no(bool read_only) +{ + bool ret; + char *buf; + size_t size; + + if (read_only) { + puts(_("No")); + return false; + } + + fflush(stdout); + + buf = NULL; + ret = false; + size = 0; + if (getline(&buf, &size, stdin) != -1) + ret = rpmatch(buf) == 1; + + free(buf); + return ret; +} + + +#if !defined(HAVE_RPMATCH) +static int +rpmatch(const char *response) +{ + if (response[0] == 'y' || response[0] == 'Y') + return 1; + + if (response[0] == 'n' || response[0] == 'n') + return 0; + + return -1; +} +#endif |