2021-07-13 21:33:12 +02:00
|
|
|
#include <pwd.h>
|
2021-07-13 22:39:28 +02:00
|
|
|
#include <err.h>
|
2021-07-13 21:33:12 +02:00
|
|
|
#include <shadow.h>
|
|
|
|
|
#include <crypt.h>
|
|
|
|
|
#include <unistd.h>
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <string.h>
|
2021-07-13 22:23:27 +02:00
|
|
|
#include <bsd/readpassphrase.h>
|
2021-07-13 21:33:12 +02:00
|
|
|
|
2021-07-13 23:21:34 +02:00
|
|
|
int getconf(FILE* fp, const char* entry, char* result, size_t len_result) {
|
|
|
|
|
char* line = NULL;
|
|
|
|
|
size_t len = 0;
|
|
|
|
|
|
|
|
|
|
fseek(fp, 0, SEEK_SET);
|
|
|
|
|
|
|
|
|
|
while (getline(&line, &len, fp) != -1) {
|
|
|
|
|
if (strncmp(entry, line, strlen(entry)) == 0) {
|
|
|
|
|
strtok(line, "=");
|
|
|
|
|
char* token = strtok(NULL, "=");
|
|
|
|
|
if (token) {
|
|
|
|
|
strncpy(result, token, len_result);
|
|
|
|
|
result[strcspn(result, "\n")] = 0;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-13 21:33:12 +02:00
|
|
|
void runprog(int argc, char** argv) {
|
2021-07-13 22:14:46 +02:00
|
|
|
for(int i=0; i<argc; i++)
|
|
|
|
|
argv[i] = argv[i + 1];
|
2021-07-13 22:46:57 +02:00
|
|
|
|
2021-07-13 22:14:46 +02:00
|
|
|
setuid(0);
|
|
|
|
|
setgid(0);
|
2021-07-13 23:21:34 +02:00
|
|
|
|
2021-07-13 22:39:28 +02:00
|
|
|
if (execvp(argv[0], argv) != 0)
|
|
|
|
|
perror(argv[0]);
|
2021-07-13 21:33:12 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int main(int argc, char** argv) {
|
2021-07-13 22:39:28 +02:00
|
|
|
if (argc < 2)
|
|
|
|
|
errx(1, "Please specify a program to run");
|
2021-07-13 21:33:12 +02:00
|
|
|
|
2021-07-13 23:21:34 +02:00
|
|
|
FILE* fp = fopen("/etc/rdo.conf", "r");
|
2021-07-13 21:33:12 +02:00
|
|
|
|
2021-07-13 22:39:28 +02:00
|
|
|
if (!fp)
|
2021-07-13 23:21:34 +02:00
|
|
|
err(1, "Could not open /etc/rdo.conf");
|
2021-07-13 21:33:12 +02:00
|
|
|
|
|
|
|
|
int ruid = getuid();
|
|
|
|
|
if (ruid == 0) {
|
|
|
|
|
fclose(fp);
|
2021-07-13 22:14:46 +02:00
|
|
|
runprog(argc, argv);
|
|
|
|
|
return 0;
|
2021-07-13 22:46:57 +02:00
|
|
|
}
|
2021-07-13 21:33:12 +02:00
|
|
|
|
|
|
|
|
char username[64];
|
2021-07-13 23:21:34 +02:00
|
|
|
getconf(fp, "username", username, sizeof(username));
|
2021-07-13 21:33:12 +02:00
|
|
|
|
|
|
|
|
struct passwd* p = getpwnam(username);
|
2021-07-13 22:39:28 +02:00
|
|
|
if (!p)
|
|
|
|
|
err(1, "Could not get user info");
|
2021-07-13 21:33:12 +02:00
|
|
|
|
|
|
|
|
int uid = p->pw_uid;
|
2021-07-13 22:39:28 +02:00
|
|
|
if (uid != ruid && ruid != 0)
|
|
|
|
|
errx(1, "You are not in the username file");
|
2021-07-13 21:33:12 +02:00
|
|
|
|
|
|
|
|
struct spwd* shadowEntry = getspnam(username);
|
|
|
|
|
|
2021-07-13 22:39:28 +02:00
|
|
|
if (!shadowEntry)
|
|
|
|
|
err(1, "Could not get shadow entry");
|
2021-07-13 21:33:12 +02:00
|
|
|
|
|
|
|
|
int tries = 0;
|
|
|
|
|
char password[128];
|
|
|
|
|
while (tries < 3) {
|
2021-07-13 22:39:28 +02:00
|
|
|
if (!readpassphrase("(rdo) Password: ", password, sizeof(password), RPP_REQUIRE_TTY))
|
|
|
|
|
err(1, "Could not get passphrase");
|
2021-07-13 22:23:27 +02:00
|
|
|
|
2021-07-13 21:33:12 +02:00
|
|
|
if (strcmp(shadowEntry->sp_pwdp, crypt(password, shadowEntry->sp_pwdp)) == 0) {
|
2021-07-13 22:14:46 +02:00
|
|
|
runprog(argc, argv);
|
2021-07-13 22:46:57 +02:00
|
|
|
return 0;
|
2021-07-13 21:33:12 +02:00
|
|
|
}
|
2021-07-13 22:46:57 +02:00
|
|
|
|
2021-07-13 21:33:12 +02:00
|
|
|
fprintf(stderr, "Wrong password.\n");
|
2021-07-13 22:14:46 +02:00
|
|
|
tries++;
|
2021-07-13 21:33:12 +02:00
|
|
|
}
|
2021-07-13 22:39:28 +02:00
|
|
|
errx(1, "Too many wrong password attempts.");
|
|
|
|
|
return 1;
|
2021-07-13 21:33:12 +02:00
|
|
|
}
|
