bd1529
From 1e4ec1b29d15684a305bbc9ab54c6c8321504e7b Mon Sep 17 00:00:00 2001
bd1529
From: David Tardon <dtardon@redhat.com>
bd1529
Date: Tue, 27 Oct 2020 10:31:05 +0100
bd1529
Subject: [PATCH] shared/user-util: add compat forms of user name checking
bd1529
 functions
bd1529
bd1529
New functions are called valid_user_group_name_compat() and
bd1529
valid_user_group_name_or_id_compat() and accept dots in the user
bd1529
or group name. No functional change except the tests.
bd1529
bd1529
(cherry picked from commit 1a29610f5fa1bcb2eeb37d2c6b79d8d1a6dbb865)
bd1529
bd1529
This completes previous partial cherry-pick of the same commit (commit
bd1529
76176de0889c3e8b9b3a176da24e4f8dbbd380a3).
bd1529
bd1529
Related: #1848373
bd1529
---
bd1529
 src/basic/user-util.c     | 32 +++++++-------
bd1529
 src/basic/user-util.h     | 16 ++++++-
bd1529
 src/test/test-user-util.c | 91 +++++++++++++++++++++++++++++++++++++--
bd1529
 3 files changed, 117 insertions(+), 22 deletions(-)
bd1529
bd1529
diff --git a/src/basic/user-util.c b/src/basic/user-util.c
bd1529
index 40f4e45db6..03cbbc2503 100644
bd1529
--- a/src/basic/user-util.c
bd1529
+++ b/src/basic/user-util.c
bd1529
@@ -576,7 +576,7 @@ int take_etc_passwd_lock(const char *root) {
bd1529
         return fd;
bd1529
 }
bd1529
 
bd1529
-bool valid_user_group_name(const char *u) {
bd1529
+bool valid_user_group_name_full(const char *u, bool strict) {
bd1529
         const char *i;
bd1529
         long sz;
bd1529
 
bd1529
@@ -585,12 +585,12 @@ bool valid_user_group_name(const char *u) {
bd1529
          *
bd1529
          * - We require that names fit into the appropriate utmp field
bd1529
          * - We don't allow empty user names
bd1529
+         * - No dots or digits in the first character
bd1529
          *
bd1529
-         * Note that other systems are even more restrictive, and don't permit underscores or uppercase characters.
bd1529
+         * If strict==true, additionally:
bd1529
+         * - We don't allow any dots (this conflicts with chown syntax which permits dots as user/group name separator)
bd1529
          *
bd1529
-         * jsynacek: We now allow dots in user names. The checks are not exhaustive as user names like "..." are allowed
bd1529
-         * and valid according to POSIX, but can't be created using useradd. However, ".user" can be created. Let's not
bd1529
-         * complicate the code by adding additional checks for weird corner cases like these,  as they don't really matter here.
bd1529
+         * Note that other systems are even more restrictive, and don't permit underscores or uppercase characters.
bd1529
          */
bd1529
 
bd1529
         if (isempty(u))
bd1529
@@ -598,16 +598,16 @@ bool valid_user_group_name(const char *u) {
bd1529
 
bd1529
         if (!(u[0] >= 'a' && u[0] <= 'z') &&
bd1529
             !(u[0] >= 'A' && u[0] <= 'Z') &&
bd1529
-            u[0] != '_' && u[0] != '.')
bd1529
+            u[0] != '_')
bd1529
                 return false;
bd1529
 
bd1529
-        for (i = u+1; *i; i++) {
bd1529
-                if (!(*i >= 'a' && *i <= 'z') &&
bd1529
-                    !(*i >= 'A' && *i <= 'Z') &&
bd1529
-                    !(*i >= '0' && *i <= '9') &&
bd1529
-                    !IN_SET(*i, '_', '-', '.'))
bd1529
+        for (i = u+1; *i; i++)
bd1529
+                if (!((*i >= 'a' && *i <= 'z') ||
bd1529
+                      (*i >= 'A' && *i <= 'Z') ||
bd1529
+                      (*i >= '0' && *i <= '9') ||
bd1529
+                      IN_SET(*i, '_', '-') ||
bd1529
+                      (!strict && *i == '.')))
bd1529
                         return false;
bd1529
-        }
bd1529
 
bd1529
         sz = sysconf(_SC_LOGIN_NAME_MAX);
bd1529
         assert_se(sz > 0);
bd1529
@@ -621,15 +621,15 @@ bool valid_user_group_name(const char *u) {
bd1529
         return true;
bd1529
 }
bd1529
 
bd1529
-bool valid_user_group_name_or_id(const char *u) {
bd1529
+bool valid_user_group_name_or_id_full(const char *u, bool strict) {
bd1529
 
bd1529
-        /* Similar as above, but is also fine with numeric UID/GID specifications, as long as they are in the right
bd1529
-         * range, and not the invalid user ids. */
bd1529
+        /* Similar as above, but is also fine with numeric UID/GID specifications, as long as they are in the
bd1529
+         * right range, and not the invalid user ids. */
bd1529
 
bd1529
         if (isempty(u))
bd1529
                 return false;
bd1529
 
bd1529
-        if (valid_user_group_name(u))
bd1529
+        if (valid_user_group_name_full(u, strict))
bd1529
                 return true;
bd1529
 
bd1529
         return parse_uid(u, NULL) >= 0;
bd1529
diff --git a/src/basic/user-util.h b/src/basic/user-util.h
bd1529
index b74f168859..5ad0b2a2f9 100644
bd1529
--- a/src/basic/user-util.h
bd1529
+++ b/src/basic/user-util.h
bd1529
@@ -78,8 +78,20 @@ static inline bool userns_supported(void) {
bd1529
         return access("/proc/self/uid_map", F_OK) >= 0;
bd1529
 }
bd1529
 
bd1529
-bool valid_user_group_name(const char *u);
bd1529
-bool valid_user_group_name_or_id(const char *u);
bd1529
+bool valid_user_group_name_full(const char *u, bool strict);
bd1529
+bool valid_user_group_name_or_id_full(const char *u, bool strict);
bd1529
+static inline bool valid_user_group_name(const char *u) {
bd1529
+        return valid_user_group_name_full(u, true);
bd1529
+}
bd1529
+static inline bool valid_user_group_name_or_id(const char *u) {
bd1529
+        return valid_user_group_name_or_id_full(u, true);
bd1529
+}
bd1529
+static inline bool valid_user_group_name_compat(const char *u) {
bd1529
+        return valid_user_group_name_full(u, false);
bd1529
+}
bd1529
+static inline bool valid_user_group_name_or_id_compat(const char *u) {
bd1529
+        return valid_user_group_name_or_id_full(u, false);
bd1529
+}
bd1529
 bool valid_gecos(const char *d);
bd1529
 bool valid_home(const char *p);
bd1529
 
bd1529
diff --git a/src/test/test-user-util.c b/src/test/test-user-util.c
bd1529
index 04e86f5ac3..3a4211655d 100644
bd1529
--- a/src/test/test-user-util.c
bd1529
+++ b/src/test/test-user-util.c
bd1529
@@ -131,6 +131,43 @@ static void test_uid_ptr(void) {
bd1529
         assert_se(PTR_TO_UID(UID_TO_PTR(1000)) == 1000);
bd1529
 }
bd1529
 
bd1529
+static void test_valid_user_group_name_compat(void) {
bd1529
+        log_info("/* %s */", __func__);
bd1529
+
bd1529
+        assert_se(!valid_user_group_name_compat(NULL));
bd1529
+        assert_se(!valid_user_group_name_compat(""));
bd1529
+        assert_se(!valid_user_group_name_compat("1"));
bd1529
+        assert_se(!valid_user_group_name_compat("65535"));
bd1529
+        assert_se(!valid_user_group_name_compat("-1"));
bd1529
+        assert_se(!valid_user_group_name_compat("-kkk"));
bd1529
+        assert_se(!valid_user_group_name_compat("rööt"));
bd1529
+        assert_se(!valid_user_group_name_compat("."));
bd1529
+        assert_se(!valid_user_group_name_compat(".eff"));
bd1529
+        assert_se(!valid_user_group_name_compat("foo\nbar"));
bd1529
+        assert_se(!valid_user_group_name_compat("0123456789012345678901234567890123456789"));
bd1529
+        assert_se(!valid_user_group_name_or_id_compat("aaa:bbb"));
bd1529
+        assert_se(!valid_user_group_name_compat("."));
bd1529
+        assert_se(!valid_user_group_name_compat(".1"));
bd1529
+        assert_se(!valid_user_group_name_compat(".65535"));
bd1529
+        assert_se(!valid_user_group_name_compat(".-1"));
bd1529
+        assert_se(!valid_user_group_name_compat(".-kkk"));
bd1529
+        assert_se(!valid_user_group_name_compat(".rööt"));
bd1529
+        assert_se(!valid_user_group_name_or_id_compat(".aaa:bbb"));
bd1529
+
bd1529
+        assert_se(valid_user_group_name_compat("root"));
bd1529
+        assert_se(valid_user_group_name_compat("lennart"));
bd1529
+        assert_se(valid_user_group_name_compat("LENNART"));
bd1529
+        assert_se(valid_user_group_name_compat("_kkk"));
bd1529
+        assert_se(valid_user_group_name_compat("kkk-"));
bd1529
+        assert_se(valid_user_group_name_compat("kk-k"));
bd1529
+        assert_se(valid_user_group_name_compat("eff.eff"));
bd1529
+        assert_se(valid_user_group_name_compat("eff."));
bd1529
+
bd1529
+        assert_se(valid_user_group_name_compat("some5"));
bd1529
+        assert_se(!valid_user_group_name_compat("5some"));
bd1529
+        assert_se(valid_user_group_name_compat("INNER5NUMBER"));
bd1529
+}
bd1529
+
bd1529
 static void test_valid_user_group_name(void) {
bd1529
         log_info("/* %s */", __func__);
bd1529
 
bd1529
@@ -141,9 +178,18 @@ static void test_valid_user_group_name(void) {
bd1529
         assert_se(!valid_user_group_name("-1"));
bd1529
         assert_se(!valid_user_group_name("-kkk"));
bd1529
         assert_se(!valid_user_group_name("rööt"));
bd1529
+        assert_se(!valid_user_group_name("."));
bd1529
+        assert_se(!valid_user_group_name(".eff"));
bd1529
         assert_se(!valid_user_group_name("foo\nbar"));
bd1529
         assert_se(!valid_user_group_name("0123456789012345678901234567890123456789"));
bd1529
         assert_se(!valid_user_group_name_or_id("aaa:bbb"));
bd1529
+        assert_se(!valid_user_group_name("."));
bd1529
+        assert_se(!valid_user_group_name(".1"));
bd1529
+        assert_se(!valid_user_group_name(".65535"));
bd1529
+        assert_se(!valid_user_group_name(".-1"));
bd1529
+        assert_se(!valid_user_group_name(".-kkk"));
bd1529
+        assert_se(!valid_user_group_name(".rööt"));
bd1529
+        assert_se(!valid_user_group_name_or_id(".aaa:bbb"));
bd1529
 
bd1529
         assert_se(valid_user_group_name("root"));
bd1529
         assert_se(valid_user_group_name("lennart"));
bd1529
@@ -151,14 +197,47 @@ static void test_valid_user_group_name(void) {
bd1529
         assert_se(valid_user_group_name("_kkk"));
bd1529
         assert_se(valid_user_group_name("kkk-"));
bd1529
         assert_se(valid_user_group_name("kk-k"));
bd1529
-        assert_se(valid_user_group_name(".moo"));
bd1529
-        assert_se(valid_user_group_name("eff.eff"));
bd1529
+        assert_se(!valid_user_group_name("eff.eff"));
bd1529
+        assert_se(!valid_user_group_name("eff."));
bd1529
 
bd1529
         assert_se(valid_user_group_name("some5"));
bd1529
         assert_se(!valid_user_group_name("5some"));
bd1529
         assert_se(valid_user_group_name("INNER5NUMBER"));
bd1529
 }
bd1529
 
bd1529
+static void test_valid_user_group_name_or_id_compat(void) {
bd1529
+        log_info("/* %s */", __func__);
bd1529
+
bd1529
+        assert_se(!valid_user_group_name_or_id_compat(NULL));
bd1529
+        assert_se(!valid_user_group_name_or_id_compat(""));
bd1529
+        assert_se(valid_user_group_name_or_id_compat("0"));
bd1529
+        assert_se(valid_user_group_name_or_id_compat("1"));
bd1529
+        assert_se(valid_user_group_name_or_id_compat("65534"));
bd1529
+        assert_se(!valid_user_group_name_or_id_compat("65535"));
bd1529
+        assert_se(valid_user_group_name_or_id_compat("65536"));
bd1529
+        assert_se(!valid_user_group_name_or_id_compat("-1"));
bd1529
+        assert_se(!valid_user_group_name_or_id_compat("-kkk"));
bd1529
+        assert_se(!valid_user_group_name_or_id_compat("rööt"));
bd1529
+        assert_se(!valid_user_group_name_or_id_compat("."));
bd1529
+        assert_se(!valid_user_group_name_or_id_compat(".eff"));
bd1529
+        assert_se(valid_user_group_name_or_id_compat("eff.eff"));
bd1529
+        assert_se(valid_user_group_name_or_id_compat("eff."));
bd1529
+        assert_se(!valid_user_group_name_or_id_compat("foo\nbar"));
bd1529
+        assert_se(!valid_user_group_name_or_id_compat("0123456789012345678901234567890123456789"));
bd1529
+        assert_se(!valid_user_group_name_or_id_compat("aaa:bbb"));
bd1529
+
bd1529
+        assert_se(valid_user_group_name_or_id_compat("root"));
bd1529
+        assert_se(valid_user_group_name_or_id_compat("lennart"));
bd1529
+        assert_se(valid_user_group_name_or_id_compat("LENNART"));
bd1529
+        assert_se(valid_user_group_name_or_id_compat("_kkk"));
bd1529
+        assert_se(valid_user_group_name_or_id_compat("kkk-"));
bd1529
+        assert_se(valid_user_group_name_or_id_compat("kk-k"));
bd1529
+
bd1529
+        assert_se(valid_user_group_name_or_id_compat("some5"));
bd1529
+        assert_se(!valid_user_group_name_or_id_compat("5some"));
bd1529
+        assert_se(valid_user_group_name_or_id_compat("INNER5NUMBER"));
bd1529
+}
bd1529
+
bd1529
 static void test_valid_user_group_name_or_id(void) {
bd1529
         log_info("/* %s */", __func__);
bd1529
 
bd1529
@@ -172,6 +251,10 @@ static void test_valid_user_group_name_or_id(void) {
bd1529
         assert_se(!valid_user_group_name_or_id("-1"));
bd1529
         assert_se(!valid_user_group_name_or_id("-kkk"));
bd1529
         assert_se(!valid_user_group_name_or_id("rööt"));
bd1529
+        assert_se(!valid_user_group_name_or_id("."));
bd1529
+        assert_se(!valid_user_group_name_or_id(".eff"));
bd1529
+        assert_se(!valid_user_group_name_or_id("eff.eff"));
bd1529
+        assert_se(!valid_user_group_name_or_id("eff."));
bd1529
         assert_se(!valid_user_group_name_or_id("foo\nbar"));
bd1529
         assert_se(!valid_user_group_name_or_id("0123456789012345678901234567890123456789"));
bd1529
         assert_se(!valid_user_group_name_or_id("aaa:bbb"));
bd1529
@@ -182,8 +265,6 @@ static void test_valid_user_group_name_or_id(void) {
bd1529
         assert_se(valid_user_group_name_or_id("_kkk"));
bd1529
         assert_se(valid_user_group_name_or_id("kkk-"));
bd1529
         assert_se(valid_user_group_name_or_id("kk-k"));
bd1529
-        assert_se(valid_user_group_name_or_id(".moo"));
bd1529
-        assert_se(valid_user_group_name_or_id("eff.eff"));
bd1529
 
bd1529
         assert_se(valid_user_group_name_or_id("some5"));
bd1529
         assert_se(!valid_user_group_name_or_id("5some"));
bd1529
@@ -286,7 +367,9 @@ int main(int argc, char*argv[]) {
bd1529
         test_parse_uid();
bd1529
         test_uid_ptr();
bd1529
 
bd1529
+        test_valid_user_group_name_compat();
bd1529
         test_valid_user_group_name();
bd1529
+        test_valid_user_group_name_or_id_compat();
bd1529
         test_valid_user_group_name_or_id();
bd1529
         test_valid_gecos();
bd1529
         test_valid_home();