1
0
mirror of https://github.com/openbsd/src.git synced 2024-12-22 16:42:56 -08:00

o perl5'ified

o We now lock the skeys database as we ought to avoid problems.
o Safe temp file handling
o Weed out bogus records instead of ignoring them
o Add a hash type to old md4 entries w/o a hash type listed
This commit is contained in:
millert 2001-06-20 22:19:58 +00:00
parent f33ddb5145
commit feac1c08c8
2 changed files with 93 additions and 61 deletions

View File

@ -1,4 +1,4 @@
.\" $OpenBSD: skeyprune.8,v 1.5 2000/03/23 21:10:18 aaron Exp $
.\" $OpenBSD: skeyprune.8,v 1.6 2001/06/20 22:19:58 millert Exp $
.\"
.\"
.Dd September 27, 1996
@ -12,16 +12,17 @@
.Op Ar days
.Sh DESCRIPTION
.Nm skeyprune
searches through the file
.Dq Pa /etc/skeykeys
and prunes out users who have zeroed their entries via
.Xr skeyinit 1
searches through the S/Key database,
.Dq Pa /etc/skeykeys ,
and prunes out invalid entries (including users who have zeroed out their)
entries via
.Xr skeyinit 1 )
as well as entries that have not been modified in
.Ar days
days.
If
.Ar days
is not specified only commented out entries are pruned.
is not specified, only invalid entries are pruned.
.Sh FILES
.Bl -tag -width /etc/skeykeys -compact
.It Pa /etc/skeykeys
@ -30,12 +31,3 @@ S/Key key information database
.Sh SEE ALSO
.Xr skey 1 ,
.Xr skeyinit 1
.Sh BUGS
Since
.Nm skeyprune
rewrites
.Dq Pa /etc/skeykeys ,
there is a window where S/Key changes could get lost.
It is therefore suggested that
.Nm skeyprune
be run at a time when users are unlikely to be active.

View File

@ -1,21 +1,47 @@
#!/usr/bin/perl
#!/usr/bin/perl -w
#
# Prune commented out and crufty entries from skeykeys
# Copyright (c) 1996, 2001 Todd C. Miller <Todd.Miller@courtesan.com>
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
# 3. The name of the author may not be used to endorse or promote products
# derived from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
# THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
# EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
# Prune commented out, bogus, and crufty entries from /etc/skeykeys
# Usage: skeyprune [days]
#
# Todd C. Miller <Todd.Miller@courtesan.com>
# $OpenBSD: skeyprune.pl,v 1.1 1996/09/28 00:00:41 millert Exp $
# $OpenBSD: skeyprune.pl,v 1.2 2001/06/20 22:19:58 millert Exp $
#
# We need to be able convert to time_t
require 'timelocal.pl';
use File::Temp qw(:mktemp);
use Fcntl qw(:DEFAULT :flock);
use Time::Local;
# Keep out the stupid
die "Only root may run $0.\n" if $>;
die "Usage: $0 [days]\n" if $#ARGC > 0;
die "Usage: $0 [days]\n" if $#ARGV > 0;
# Pathnames
$keyfile = '/etc/skeykeys';
$temp = "$keyfile.tmp$$";
$template = "$keyfile.XXXXXXXX";
# Quick mapping of month name -> number
%months = ('Jan', 0, 'Feb', 1, 'Mar', 2, 'Apr', 3, 'May', 4, 'Jun', 5,
@ -24,65 +50,79 @@ $temp = "$keyfile.tmp$$";
# Remove entries that haven't been modified in this many days.
$days_old = $ARGV[0] || -1;
# Open current key file
# Safe umask
umask(077);
# Open and lock the current key file
open(OLD, $keyfile) || die "$0: Can't open $keyfile: $!\n";
flock(OLD, LOCK_EX) || die "$0: Can't lock $keyfile: $!\n";
# Safely open temp file
umask(077);
unlink($temp);
open(NEW, ">$temp") || die "$0: Can't open tempfile $temp: $!\n";
($NEW, $temp) = mkstemp($template);
die "$0: Can't open tempfile $template: $!\n" unless $temp;
# We need to be extra speedy to close the window where someone can hose us.
# Run at a high priority so we don't keep things locked for too long
setpriority(0, 0, -4);
while (<OLD>) {
# Ignore commented out entries
if ( ! /^#[^\s#]+\s+(MD[0-9]+\s+)?[0-9]+\s+[A-z0-9_-]+\s+[a-f0-9]+\s+(Jan|Feb|Mar|Apr|May|Ju[nl]|Aug|Sep|Oct|Nov|Dec)\s+[0-9]+,\s*[0-9]+\s+[0-9]+:[0-9]+:[0-9]+$/ ) {
/((Jan|Feb|Mar|Apr|May|Ju[nl]|Aug|Sep|Oct|Nov|Dec)\s+[0-9]+,\s*[0-9]+\s+[0-9]+:[0-9]+:[0-9]+)$/;
chomp();
# Prune out old entries if asked to
if ($days_old > 0) {
# build up time based on date string
@date = split(/[\s,:]/, $1);
$sec = $date[5];
$min = $date[4];
$hours = $date[3];
$mday = $date[1] - 1;
$mon = $months{$date[0]};
$year = $date[2] - 1900;
# Valid entry: 'username hash seq seed key date"
if ( /^[^\s#]+\s+(\S+\s+)?[0-9]+\s+[A-z0-9]+\s+[a-f0-9]+\s+(Jan|Feb|Mar|Apr|May|Ju[nl]|Aug|Sep|Oct|Nov|Dec)\s+[0-9]+,\s*[0-9]+\s+[0-9]+:[0-9]+:[0-9]+$/ ) {
$now = time();
$then = &timelocal($sec,$min,$hours,$mday,$mon,$year);
if (($now - $then) / (60 * 60 * 24) - 1 <= $days_old) {
print NEW $_ || do {
warn "Can't write to $temp: $!\n";
unlink($temp);
@entry = split(/[\s,:]+/, $_);
# Prune out old entries if asked to
if ($days_old > 0) {
# build up time based on date string
$sec = $date[10];
$min = $date[9];
$hours = $date[8];
$mday = $date[6] - 1;
$mon = $months{$date[5]};
$year = $date[7] - 1900;
$now = time();
$then = timelocal($sec,$min,$hours,$mday,$mon,$year);
if (($now - $then) / (60 * 60 * 24) - 1 > $days_old) {
next; # too old
}
}
# Missing hash type? Must be md4...
if ($entry[1] =~ /^\d/) {
splice(@entry, 1, 0, "md4");
}
printf $NEW "%s %s %04d %-16s %s %4s %02d,%-4d %02d:%02d:%02d\n",
$entry[0], $entry[1], $entry[2], $entry[3], $entry[4],
$entry[5], $entry[6], $entry[7], $entry[8], $entry[9],
$entry[10] || do {
warn "Can't write to $temp: $!\n";
unlink($temp);
exit(1);
};
}
} else {
print NEW $_ || do {
warn "Can't write to $temp: $!\n";
unlink($temp);
};
}
}
}
close(OLD);
close(NEW);
close($NEW);
# Set owner/group/mode on tempfile and move to real location.
($mode, $nlink, $uid, $gid) = (stat($keyfile))[2..5];
if (!defined($mode)) {
unlink($temp);
die "$0: Unable to stat $keyfile: $!\n";
unlink($temp);
die "$0: Unable to stat $keyfile: $!\n";
}
if (!chmod($mode, $temp)) {
unlink($temp);
die "$0: Unable to set mode of $temp to $mode: $!\n";
unlink($temp);
die "$0: Unable to set mode of $temp to $mode: $!\n";
}
if (!chown($uid, $gid, $temp)) {
unlink($temp);
die "$0: Unable to set owner of $temp to ($uid, $gid): $!\n";
unlink($temp);
die "$0: Unable to set owner of $temp to ($uid, $gid): $!\n";
}
if ($nlink != 1) {
$nlink--;
warn "$0: Old $keyfile had $nlink hard links, those will be broken\n";
}
# Leave temp file in place if rename fails. Might help in debugging.
rename($temp, $keyfile) || die "$0: Unable to rename $temp to $keyfile: $!\n";