falselogin-0.3.orig/0000755000000000000000000000000010473224665013145 5ustar rootrootfalselogin-0.3.orig/changelog0000644000000000000000000000332210473224665015017 0ustar rootrootfalselogin (0.3) - New release with several improvements and two bugs solved, as well as a potential buffer overrun. - Changed the mailbox directory reference to /var/mail in compliance with FHS 2.3 option in Chapter 5. - Solved segfault when arguments of --wait are not completely specified by making some verifications to the command line arguments in a separate readArgs function. - Solved segfault when no mailbox is found for user, caused by fclose'ing a non-existent descriptor, by moving fclose to an inner control structure. - Changed %mail% usage so now it will be substituted only by the number of mails, allowing the user to i18n the mail message, by modifying the sprintf involved and changed the sample configuration file provided accordingly. - Moved mail counting to a separate function so now it will be called if it's really needed in the conffile (the function is called countMail and it's designed to be improved in the future maybe using system calls to other programs like countmail) - Both %debian_version% and %host% data extraction routines are called only if the string appears in the configuration file. In the future all the other functions will be designed this way. - Switched to strgsub in order to avoid possible buffer overruns, by means of providing a maximum substituted string size equal to 1024, which is the getlined size of the buffer from the stream. - Switched to snprintf with a 1024 character limit. - Defined all the maximum buffer lengths as constants at the beggining of the file. -- Jose Parrella Wed, 21 Jun 2006 00:14:27 -0400 falselogin-0.3.orig/falselogin.c0000644000000000000000000001240310473224665015434 0ustar rootroot/* Falselogin by Tibor Koleszar GNU/GPL Further development made by Jose Parrella */ #define _GNU_SOURCE #include #include #include #include #include #include #include #include // This is the maximum length of line buffers for // configuration files and mailbox files. #define MAXLEN_BUF 1024 // This is the maximum length of the user names. #define MAXLEN_USERNAME 50 // This is the default configuration file on Debian, // attending to FHS. #define CONFIG_FILE "/etc/falselogin.conf" // This is the default pattern for counting messages // in a mailbox. #define MESSAGE_ID "Message-ID" // Maximum length for the hostname #define MAXLEN_HOSTNAME 512 // Maximum length for the Debian version information #define MAXLEN_DEBVER 50 // Maximum length for quantity of mails #define MAIL_LEN 50 // Function definitions int readArgs (char *argv[]); int countMail (char userName[]); int main (int argc, char *argv[]) { FILE *f, *g; // f will hold the configuration file struct passwd *pwd; // this holds the pwent char s_mail[MAIL_LEN]; // length of mail number char *temp, host_n[MAXLEN_HOSTNAME], deb_ver[MAXLEN_DEBVER] = ""; // temp will hold a conffile line struct utsname u_name; // this holds the u_name size_t max_buf = MAXLEN_BUF; // maximum buffer length int ok = 0; // lame control (see passwd filling) temp = malloc(MAXLEN_BUF); // initial allocation (could happen later) // thou shalt not cast // This fills the passwd struct with the // pwent until it ends. // (it might be a better way) while (!ok) { pwd = getpwent (); if (pwd->pw_uid == getuid ()) ok = 1; } // This fills the uname struct with the // data and exits if it fails. if (uname ((struct utsname *) &u_name) == -1) { perror ("Error at calling uname()"); exit (EXIT_FAILURE); } // Proceeds to open the configuration // file specified as a macro constant. if ((f = fopen (CONFIG_FILE, "rt")) == NULL) { perror ("Can't parse config file"); exit (EXIT_FAILURE); } // While we have fun... while (!feof (f)) { // Main iteration // f: The opened CONFIG_FILE in rt mode. // &temp: A line, taken from the CONFIG_FILE // &max_buf: A reference to the maximum buffer length // Now I reset the buffer size // (but I don't really resize &temp) max_buf = MAXLEN_BUF; // This does the same that fgets (temp, 1024, f) does in less iterations, // but with a variable buffer size. if (getline (&temp, &max_buf, f) == -1) { continue; } // If we still have something to work on... // ...and this is not a comment if (!feof (f) && strncmp(temp, "#", 1)) { // Substitutions follows: they happen on the temp // buffer which is 1024 bytes long, so only 1023 // characters will be allowed. // Substitutions using passwd and uname structs if (strstr (temp, "%user%") != NULL) strgsub (temp, "%user%", pwd->pw_name, max_buf); if (strstr (temp, "%sysname%") != NULL) strgsub (temp, "%sysname%", u_name.sysname, max_buf); if (strstr (temp, "%nodename%") != NULL) strgsub (temp, "%nodename%", u_name.nodename, max_buf); if (strstr (temp, "%release%") != NULL) strgsub (temp, "%release%", u_name.release, max_buf); if (strstr (temp, "%version%") != NULL) strgsub (temp, "%version%", u_name.version, max_buf); if (strstr (temp, "%machine%") != NULL) strgsub (temp, "%machine%", u_name.machine, max_buf); // Self-contained substitutions if (strstr (temp, "%host%") != NULL) { gethostname(host_n, MAXLEN_HOSTNAME); strgsub (temp, "%host%", host_n, max_buf); } if (strstr (temp, "%mail%") != NULL) { snprintf (s_mail, MAXLEN_BUF, "%d", countMail(pwd->pw_name)); strgsub (temp, "%mail%", s_mail, max_buf); } if (strstr (temp, "%debian_version%") != NULL) { if ((g = fopen ("/etc/debian_version", "rt")) != NULL) { fgets(deb_ver, sizeof(deb_ver), g); if (*deb_ver && deb_ver[strlen(deb_ver)-1] == '\n') deb_ver[strlen(deb_ver)-1] = 0; fclose(g); }; strgsub (temp, "%debian_version%", deb_ver, max_buf); } // Prints the new line with substitutions printf ("%s", temp); } } // Closes the configuration file after the feof fclose (f); // Frees the buffer free (temp); // Now we can check the arguments if (argc > 2) { if (readArgs(argv) == 255) { printf("Unknown arguments were given\n"); } } else if (argc > 3 || argc == 2) { printf("Wrong number of arguments given\n"); exit(EXIT_FAILURE); } // Bye-bye if we don't have arguments exit(EXIT_SUCCESS); } int countMail (char userName[MAXLEN_USERNAME]) { int total = 0; char *temp; FILE *f; temp = (char *) malloc (MAXLEN_BUF); snprintf (temp, MAXLEN_BUF, "/var/mail/%s", userName); if ( (f = fopen (temp, "rt")) != NULL) { while (!feof (f)) { fgets (temp, MAXLEN_BUF, f); if (!strncasecmp (temp, MESSAGE_ID, strlen (MESSAGE_ID))) total++; } fclose (f); } return total; } int readArgs (char *argv[]) { if ( !strncmp(argv[1], "--wait", 6) || !strncmp(argv[1], "-w", 2) ) { if ( !strncmp(argv[2], "enter", 5) ) while (getchar() != '\n'); else if ( atol(argv[2]) > 0 ) sleep(atol(argv[2])); } else { return 255; } return 1; } falselogin-0.3.orig/falselogin.conf0000644000000000000000000000046510473224665016144 0ustar rootroot# /etc/falselogin.conf # This is the configuration file of /bin/falselogin # See the man for details # Welcome at %host% (Debian %debian_version% %sysname% %release%)! You have %mail% messages in your mailbox. Sorry %user% but our server does not accept shell logins. So long and thanks for all the fish. falselogin-0.3.orig/Makefile0000644000000000000000000000064210473224665014607 0ustar rootrootLIBS = -lpub C_ARGS = -Wall CC = gcc INS = /usr/bin/install all: falselogin install: falselogin $(INS) -D -o root -g root -m 0755 -s falselogin $(DESTDIR)/usr/bin/falselogin $(INS) -D -o root -g root -m 0644 falselogin.conf $(DESTDIR)/etc/falselogin.conf clean: rm -f *.o falselogin falselogin: falselogin.o $(CC) -o falselogin falselogin.o $(LIBS) falselogin.o: falselogin.c $(CC) $(C_ARGS) -c falselogin.c