revise environment handling. Add a setenv keyword for manipulating the environment...

[opendoas.git] / doas.c

diff --git a/doas.c b/doas.c
index e74881b7652b6dc114c2ce9874484164bb615d8f..c1b822b56d9d7f32faa18496bf91d131bcbb314b 100644 (file)
--- a/doas.c
+++ b/doas.c
@@ -28,6 +28,9 @@
 #include <grp.h>
 #include <syslog.h>
 #include <errno.h>
+#if HAVE_SHADOW_H
+#include <shadow.h>
+#endif
 
 #include "includes.h"
 
@@ -325,7 +328,7 @@ main(int argc, char **argv)
        parseconfig("/etc/doas.conf", 1);
 
        /* cmdline is used only for logging, no need to abort on truncate */
-       (void) strlcpy(cmdline, argv[0], sizeof(cmdline));
+       (void)strlcpy(cmdline, argv[0], sizeof(cmdline));
        for (i = 1; i < argc; i++) {
                if (strlcat(cmdline, " ", sizeof(cmdline)) >= sizeof(cmdline))
                        break;
@@ -335,16 +338,12 @@ main(int argc, char **argv)
 
        cmd = argv[0];
        if (!permit(uid, groups, ngroups, &rule, target, cmd,
-           (const char**)argv + 1)) {
+           (const char **)argv + 1)) {
                syslog(LOG_AUTHPRIV | LOG_NOTICE,
                    "failed command for %s: %s", myname, cmdline);
                errc(1, EPERM, NULL);
        }
 
-       pw = getpwuid(target);
-       if (!pw)
-               errx(1, "no passwd entry for target");
-
 #ifdef HAVE_BSD_AUTH_H
        if (!(rule->options & NOPASS)) {
                if (nflag)
@@ -379,18 +378,60 @@ main(int argc, char **argv)
                explicit_bzero(rbuf, sizeof(rbuf));
        }
 #elif HAVE_PAM_APPL_H
+       pw = getpwuid(target);
+       if (!pw)
+               errx(1, "no passwd entry for target");
+
        if (!pamauth(pw->pw_name, myname, !nflag, rule->options & NOPASS)) {
                syslog(LOG_AUTHPRIV | LOG_NOTICE, "failed auth for %s", myname);
                errc(1, EPERM, NULL);
        }
-#else
+#elif HAVE_SHADOW_H
+       const char *pass;
+
        if (!(rule->options & NOPASS)) {
+               if (nflag)
                        errx(1, "Authorization required");
+
+               pass = pw->pw_passwd;
+               if (pass[0] == 'x' && pass[1] == '\0') {
+                       struct spwd *sp;
+                       if (!(sp = getspnam(myname)))
+                               errx(1, "Authorization failed");
+                       pass = sp->sp_pwdp;
+               }
+
+               char *challenge, *response, rbuf[1024], cbuf[128], host[HOST_NAME_MAX + 1];
+               if (gethostname(host, sizeof(host)))
+                       snprintf(host, sizeof(host), "?");
+               snprintf(cbuf, sizeof(cbuf),
+                               "\rdoas (%.32s@%.32s) password: ", myname, host);
+               challenge = cbuf;
+
+               response = readpassphrase(challenge, rbuf, sizeof(rbuf), RPP_REQUIRE_TTY);
+               if (response == NULL && errno == ENOTTY) {
+                       syslog(LOG_AUTHPRIV | LOG_NOTICE,
+                           "tty required for %s", myname);
+                       errx(1, "a tty is required");
+               }
+               if (strcmp(crypt(response, pass), pass) != 0) {
+                       syslog(LOG_AUTHPRIV | LOG_NOTICE, "failed auth for %s", myname);
+                       errc(1, EPERM, NULL);
+               }
+               explicit_bzero(rbuf, sizeof(rbuf));
+       }
+#else
+       if (!(rule->options & NOPASS))
+               errx(1, "Authorization required");
 #endif /* HAVE_BSD_AUTH_H */
 
        if (pledge("stdio rpath getpw exec id", NULL) == -1)
                err(1, "pledge");
 
+       pw = getpwuid(target);
+       if (!pw)
+               errx(1, "no passwd entry for target");
+
 #ifdef HAVE_BSD_AUTH_H
        if (setusercontext(NULL, pw, target, LOGIN_SETGROUP |
            LOGIN_SETPRIORITY | LOGIN_SETRESOURCES | LOGIN_SETUMASK |