2022-03-07 10:33 GMT+09:00, Enzo Matsumiya <ematsumiya@xxxxxxx>:
> Create user command in preparation for binary unification.
>
> Rename some variables to make them more relatable to user properties and
> management.
>
> Signed-off-by: Enzo Matsumiya <ematsumiya@xxxxxxx>
> ---
> daemon/daemon.c | 12 +-
> daemon/ipc.c | 6 +-
> include/config_parser.h | 2 +-
> include/ksmbdtools.h | 7 +-
> lib/config_parser.c | 4 +-
> user/Makefile.am | 2 +-
> user/adduser.c | 180 -----------------------------
> user/user.c | 238 ++++++++++++++++++++++++++++++++++++++
> user/user_admin.c | 247 +++++++++++++++++++++-------------------
> user/user_admin.h | 35 +++++-
> 10 files changed, 417 insertions(+), 316 deletions(-)
> delete mode 100644 user/adduser.c
> create mode 100644 user/user.c
>
> diff --git a/daemon/daemon.c b/daemon/daemon.c
> index 946f500bc977..50afbd2ed70d 100644
> --- a/daemon/daemon.c
> +++ b/daemon/daemon.c
> @@ -291,11 +291,11 @@ static int setup_signals(sighandler_t handler)
> return 0;
> }
>
> -static int parse_configs(char *pwddb, char *smbconf)
> +static int parse_configs(char *db, char *smbconf)
> {
> int ret;
>
> - ret = cp_parse_pwddb(pwddb);
> + ret = cp_parse_db(db);
> if (ret == -ENOENT) {
> pr_err("User database file does not exist. %s\n",
> "Only guest sessions (if permitted) will work.");
> @@ -395,7 +395,7 @@ static int worker_process_init(void)
> goto out;
> }
>
> - ret = parse_configs(global_conf.pwddb, global_conf.smbconf);
> + ret = parse_configs(global_conf.db, global_conf.smbconf);
> if (ret) {
> pr_err("Failed to parse configuration files\n");
> goto out;
> @@ -645,7 +645,7 @@ int main(int argc, char *argv[])
>
> set_logger_app_name("ksmbd.daemon");
> memset(&global_conf, 0x00, sizeof(struct smbconf_global));
> - global_conf.pwddb = PATH_PWDDB;
> + global_conf.db = PATH_USERS_DB;
> global_conf.smbconf = PATH_SMBCONF;
> pr_logger_init(PR_LOGGER_STDIO);
>
> @@ -669,7 +669,7 @@ int main(int argc, char *argv[])
> global_conf.smbconf = g_strdup(optarg);
> break;
> case 'u':
> - global_conf.pwddb = g_strdup(optarg);
> + global_conf.db = g_strdup(optarg);
> break;
> case 'n':
> if (!optarg)
> @@ -694,7 +694,7 @@ int main(int argc, char *argv[])
> }
> }
>
> - if (!global_conf.smbconf || !global_conf.pwddb) {
> + if (!global_conf.smbconf || !global_conf.db) {
> pr_err("Out of memory\n");
> exit(EXIT_FAILURE);
> }
> diff --git a/daemon/ipc.c b/daemon/ipc.c
> index c46cbc174175..b793a1e101b0 100644
> --- a/daemon/ipc.c
> +++ b/daemon/ipc.c
> @@ -63,13 +63,13 @@ static int generic_event(int type, void *payload, size_t
> sz)
> return 0;
> }
>
> -static int parse_reload_configs(const char *pwddb, const char *smbconf)
> +static int parse_reload_configs(const char *db, const char *smbconf)
> {
> int ret;
>
> pr_debug("Reload config\n");
> usm_remove_all_users();
> - ret = cp_parse_pwddb(pwddb);
> + ret = cp_parse_db(db);
> if (ret == -ENOENT) {
> pr_err("User database file does not exist. %s\n",
> "Only guest sessions (if permitted) will work.");
> @@ -91,7 +91,7 @@ static int handle_generic_event(struct nl_cache_ops
> *unused,
> void *arg)
> {
> if (ksmbd_health_status & KSMBD_SHOULD_RELOAD_CONFIG) {
> - parse_reload_configs(global_conf.pwddb, global_conf.smbconf);
> + parse_reload_configs(global_conf.db, global_conf.smbconf);
> ksmbd_health_status &= ~KSMBD_SHOULD_RELOAD_CONFIG;
> }
>
> diff --git a/include/config_parser.h b/include/config_parser.h
> index c051f487c319..0aefc3b4d5c7 100644
> --- a/include/config_parser.h
> +++ b/include/config_parser.h
> @@ -26,7 +26,7 @@ int cp_parse_external_smbconf_group(char *name, char
> *opts);
> int cp_smbconfig_hash_create(const char *smbconf);
> void cp_smbconfig_destroy(void);
>
> -int cp_parse_pwddb(const char *pwddb);
> +int cp_parse_db(const char *db);
> int cp_parse_smbconf(const char *smbconf);
> int cp_parse_reload_smbconf(const char *smbconf);
> int cp_parse_subauth(const char *subauth_path);
> diff --git a/include/ksmbdtools.h b/include/ksmbdtools.h
> index fccb88d8898a..978cbe148eac 100644
> --- a/include/ksmbdtools.h
> +++ b/include/ksmbdtools.h
> @@ -57,7 +57,7 @@ struct smbconf_global {
> unsigned int gen_subauth[3];
> char *krb5_keytab_file;
> char *krb5_service_name;
> - char *pwddb;
> + char *db;
> char *smbconf;
> };
>
> @@ -85,8 +85,9 @@ extern struct smbconf_global global_conf;
>
> #define KSMBD_CONF_FILE_MAX 10000
>
> -#define PATH_PWDDB "/etc/ksmbd/ksmbdpwd.db"
> -#define PATH_SMBCONF "/etc/ksmbd/smb.conf"
> +#define PATH_USERS_DB "/etc/ksmbd/users.db"
> +#define PATH_OLD_USERS_DB "/etc/ksmbd/ksmbdpwd.db"
> +#define PATH_SMBCONF "/etc/ksmbd/smb.conf"
>
> #define KSMBD_HEALTH_START (0)
> #define KSMBD_HEALTH_RUNNING (1 << 0)
> diff --git a/lib/config_parser.c b/lib/config_parser.c
> index 20e27c3ab8ec..a000a2a6059e 100644
> --- a/lib/config_parser.c
> +++ b/lib/config_parser.c
> @@ -680,9 +680,9 @@ int cp_parse_smbconf(const char *smbconf)
> GROUPS_CALLBACK_STARTUP_INIT);
> }
>
> -int cp_parse_pwddb(const char *pwddb)
> +int cp_parse_db(const char *db)
> {
> - return __mmap_parse_file(pwddb, usm_add_update_user_from_pwdentry);
> + return __mmap_parse_file(db, usm_add_update_user_from_pwdentry);
> }
>
> int cp_smbconfig_hash_create(const char *smbconf)
> diff --git a/user/Makefile.am b/user/Makefile.am
> index c5cee686f5cc..ba491c84f0f4 100644
> --- a/user/Makefile.am
> +++ b/user/Makefile.am
> @@ -4,4 +4,4 @@ ksmbd_adduser_LDADD = $(top_builddir)/lib/libksmbdtools.a
>
> sbin_PROGRAMS = ksmbd.adduser
>
> -ksmbd_adduser_SOURCES = md4_hash.c user_admin.c adduser.c md4_hash.h
> user_admin.h
> +ksmbd_adduser_SOURCES = md4_hash.c user_admin.c user.c md4_hash.h
> user_admin.h
> diff --git a/user/adduser.c b/user/adduser.c
> deleted file mode 100644
> index 88b12db9f439..000000000000
> --- a/user/adduser.c
> +++ /dev/null
> @@ -1,180 +0,0 @@
> -// SPDX-License-Identifier: GPL-2.0-or-later
> -/*
> - * Copyright (C) 2018 Samsung Electronics Co., Ltd.
> - *
> - * linux-cifsd-devel@xxxxxxxxxxxxxxxxxxxxx
> - */
> -
> -#include <glib.h>
> -#include <stdlib.h>
> -#include <stdio.h>
> -#include <unistd.h>
> -#include <getopt.h>
> -#include <sys/stat.h>
> -#include <fcntl.h>
> -#include <sys/types.h>
> -#include <signal.h>
> -#include <errno.h>
> -#include <ctype.h>
> -
> -#include "config_parser.h"
> -#include "ksmbdtools.h"
> -#include "management/user.h"
> -#include "management/share.h"
> -#include "user_admin.h"
> -#include "linux/ksmbd_server.h"
> -#include "version.h"
> -
> -static char *arg_account = NULL;
> -static char *arg_password = NULL;
> -
> -enum {
> - COMMAND_ADD_USER = 1,
> - COMMAND_DEL_USER,
> - COMMAND_UPDATE_USER,
> -};
> -
> -static void usage(void)
> -{
> - fprintf(stderr, "Usage: smbuseradd\n");
> -
> - fprintf(stderr, "\t-a | --add-user=login\n");
> - fprintf(stderr, "\t-d | --del-user=login\n");
> - fprintf(stderr, "\t-u | --update-user=login\n");
> - fprintf(stderr, "\t-p | --password=pass\n");
> -
> - fprintf(stderr, "\t-i smbpwd.db | --import-users=smbpwd.db\n");
> - fprintf(stderr, "\t-V | --version\n");
> - fprintf(stderr, "\t-v | --verbose\n");
> -
> - exit(EXIT_FAILURE);
> -}
> -
> -static void show_version(void)
> -{
> - printf("ksmbd-tools version : %s\n", KSMBD_TOOLS_VERSION);
> - exit(EXIT_FAILURE);
> -}
> -
> -static int parse_configs(char *pwddb)
> -{
> - int ret;
> -
> - ret = test_file_access(pwddb);
> - if (ret)
> - return ret;
> -
> - ret = cp_parse_pwddb(pwddb);
> - if (ret)
> - return ret;
> - return 0;
> -}
> -
> -static int sanity_check_user_name_simple(char *uname)
> -{
> - int sz, i;
> -
> - if (!uname)
> - return -EINVAL;
> -
> - sz = strlen(uname);
> - if (sz < 1)
> - return -EINVAL;
> - if (sz >= KSMBD_REQ_MAX_ACCOUNT_NAME_SZ)
> - return -EINVAL;
> -
> - /* 1'; Drop table users -- */
> - if (!strcmp(uname, "root"))
> - return -EINVAL;
> -
> - if (strpbrk(uname, ":\n"))
> - return -EINVAL;
> -
> - return 0;
> -}
> -
> -int main(int argc, char *argv[])
> -{
> - int ret = EXIT_FAILURE;
> - char *pwddb = PATH_PWDDB;
> - int c, cmd = 0;
> -
> - set_logger_app_name("ksmbd.adduser");
> -
> - opterr = 0;
> - while ((c = getopt(argc, argv, "c:i:a:d:u:p:Vvh")) != EOF)
> - switch (c) {
> - case 'a':
> - arg_account = g_strdup(optarg);
> - cmd = COMMAND_ADD_USER;
> - break;
> - case 'd':
> - arg_account = g_strdup(optarg);
> - cmd = COMMAND_DEL_USER;
> - break;
> - case 'u':
> - arg_account = g_strdup(optarg);
> - cmd = COMMAND_UPDATE_USER;
> - break;
> - case 'p':
> - arg_password = g_strdup(optarg);
> - break;
> - case 'i':
> - pwddb = g_strdup(optarg);
> - break;
> - case 'V':
> - show_version();
> - break;
> - case 'v':
> - break;
> - case '?':
> - case 'h':
> - default:
> - usage();
> - }
> -
> - if (sanity_check_user_name_simple(arg_account)) {
> - pr_err("User name sanity check failure\n");
> - goto out;
> - }
> -
> - if (!pwddb) {
> - pr_err("Out of memory\n");
> - goto out;
> - }
> -
> - ret = usm_init();
> - if (ret) {
> - pr_err("Failed to init user management\n");
> - goto out;
> - }
> -
> - ret = shm_init();
> - if (ret) {
> - pr_err("Failed to init net share management\n");
> - goto out;
> - }
> -
> - ret = parse_configs(pwddb);
> - if (ret) {
> - pr_err("Unable to parse configuration files\n");
> - goto out;
> - }
> -
> - if (cmd == COMMAND_ADD_USER)
> - ret = command_add_user(pwddb, arg_account, arg_password);
> - if (cmd == COMMAND_DEL_USER)
> - ret = command_del_user(pwddb, arg_account);
> - if (cmd == COMMAND_UPDATE_USER)
> - ret = command_update_user(pwddb, arg_account, arg_password);
> -
> - /*
> - * We support only ADD_USER command at this moment
> - */
> - if (ret == 0 && cmd == COMMAND_ADD_USER)
> - notify_ksmbd_daemon();
> -out:
> - shm_destroy();
> - usm_destroy();
> - return ret;
> -}
> diff --git a/user/user.c b/user/user.c
> new file mode 100644
> index 000000000000..f59c34c11b02
> --- /dev/null
> +++ b/user/user.c
> @@ -0,0 +1,238 @@
> +// SPDX-License-Identifier: GPL-2.0-or-later
> +/*
> + * Copyright (C) 2018 Samsung Electronics Co., Ltd.
> + * Copyright (C) 2021 SUSE LLC
> + *
> + * linux-cifsd-devel@xxxxxxxxxxxxxxxxxxxxx
> + */
> +
> +#include <glib.h>
> +#include <stdlib.h>
> +#include <stdio.h>
> +#include <unistd.h>
> +#include <getopt.h>
> +#include <sys/stat.h>
> +#include <fcntl.h>
> +#include <sys/types.h>
> +#include <signal.h>
> +#include <errno.h>
> +#include <ctype.h>
> +
> +#include "config_parser.h"
> +#include "ksmbdtools.h"
> +#include "management/user.h"
> +#include "management/share.h"
> +#include "user_admin.h"
> +#include "linux/ksmbd_server.h"
> +
> +static ksmbd_user_cmd ksmbd_user_get_cmd(char *cmd)
> +{
> + int i;
> +
> + if (!cmd)
> + return KSMBD_CMD_USER_NONE;
> +
> + for (i = 1; i < KSMBD_CMD_USER_MAX; i++)
> + if (!strcmp(cmd, ksmbd_user_cmds_str[i]))
> + return (ksmbd_user_cmd)i;
> +
> + return KSMBD_CMD_USER_NONE;
> +}
> +
> +static const char *ksmbd_user_get_cmd_str(ksmbd_user_cmd cmd)
> +{
> + if (cmd > KSMBD_CMD_USER_MAX)
> + return ksmbd_user_cmds_str[KSMBD_CMD_USER_NONE];
> +
> + return ksmbd_user_cmds_str[(int)cmd];
> +}
> +
> +void user_usage(ksmbd_user_cmd cmd)
> +{
> + const char *cmd_str = ksmbd_user_get_cmd_str(cmd);
> +
> + switch (cmd) {
> + case KSMBD_CMD_USER_ADD:
> + case KSMBD_CMD_USER_UPDATE:
> + pr_out("Usage: ksmbdctl user %s <username> [-p <password>] [-d
> <file>]\n", cmd_str);
> + pr_out("Adds or updates a user to the database.\n\n");
> + pr_out("%-30s%s", " -p, --password=<password>", "Use <password> for
> <username>\n");
> + pr_out("%-30s%s", " -d, --database=<file>", "Use <file> as
> database\n\n");
> + break;
> + case KSMBD_CMD_USER_DELETE:
> + pr_out("Usage: ksmbdctl user delete <username>\n");
> + pr_out("Delete user from database.\n\n");
> + break;
> + case KSMBD_CMD_USER_LIST:
> + pr_out("Usage: ksmbdctl user list\n");
> + pr_out("List users in database.\n\n");
> + pr_out("%-30s%s", " -d, --database=<file>", "Use <file> as
> database\n\n");
> + break;
> + default:
> + pr_out("Usage: ksmbdctl user <subcommand> <args> [options]\n");
> + pr_out("User management.\n\n");
> + pr_out("List of available subcommands:\n");
> + pr_out("%-20s%s", " add", "Add a user\n");
> + pr_out("%-20s%s", " delete", "Delete a user\n");
> + pr_out("%-20s%s", " update", "Update an existing user\n");
> + pr_out("%-20s%s", " list", "List users in user database\n\n");
> + break;
> + }
> +
> + exit(EXIT_FAILURE);
> +}
> +
> +static int parse_configs(char *db)
> +{
> + int ret;
> +
> + ret = test_file_access(db);
> + if (ret)
> + return ret;
> +
> + ret = cp_parse_db(db);
> + if (ret)
> + return ret;
> + return 0;
> +}
> +
> +static int sanity_check_user_name_simple(char *uname)
> +{
> + int sz, i;
> +
> + if (!uname)
> + return -EINVAL;
> +
> + sz = strlen(uname);
> + if (sz < 1)
> + return -EINVAL;
> + if (sz >= KSMBD_REQ_MAX_ACCOUNT_NAME_SZ)
> + return -EINVAL;
> +
> + /* 1'; Drop table users -- */
> + if (!strcmp(uname, "root"))
> + return -EINVAL;
> +
> + for (i = 0; i < sz; i++) {
> + if (isalnum(uname[i]))
This check was removed before. Please remove this.
> + return 0;
> + }
Is there any reason to remove the ":" check in uname using strpbrk() ?
> + return -EINVAL;
> +}
> +
> +int user_cmd(int argc, char *argv[])
> +{
> + int ret = EXIT_FAILURE;
> + char *db = PATH_USERS_DB;
> + char *login = NULL;
> + char *pw = NULL;
> + ksmbd_user_cmd cmd = KSMBD_CMD_USER_NONE;
> + const char *cmd_str = NULL;
> + int c;
> +
> + if (argc < 2)
> + goto usage;
> +
> + set_logger_app_name("ksmbd-user");
> +
> + cmd = ksmbd_user_get_cmd(argv[1]);
> + cmd_str = ksmbd_user_get_cmd_str(cmd);
> +
> + if (cmd == KSMBD_CMD_USER_NONE)
> + goto usage;
> +
> + if (cmd != KSMBD_CMD_USER_LIST) {
> + if (argc == 2)
> + goto missing_arg;
> +
> + if (argv[2][0] != '-')
> + login = g_strdup(argv[2]);
> + else
> + goto usage;
> + }
> +
> + optind = 1;
> + while((c = getopt_long(argc, argv, "-:p:d:", user_opts, NULL)) != EOF)
> + switch (c) {
> + case 1:
> + break;
> + case 'p':
> + pw = g_strdup(optarg);
> + break;
> + case 'd':
> + db = g_strdup(optarg);
> + break;
> + case ':':
> + case '?':
> + default:
> + goto usage;
> + }
> +
> + if (cmd == KSMBD_CMD_USER_LIST)
> + goto user_list;
> +
> + if (!login)
> + goto missing_arg;
> +
> + if (sanity_check_user_name_simple(login)) {
> + pr_err("User name (%s) sanity check failure\n");
You are missing adding "login" string to print %s here.
> + goto out;
> + }
> +
> +user_list:
> + if (!db) {
> + pr_err("Out of memory\n");
> + goto out;
> + }
> +
> + ret = usm_init();
> + if (ret) {
> + pr_err("Failed to init user management\n");
> + goto out;
> + }
> +
> + ret = shm_init();
> + if (ret) {
> + pr_err("Failed to init net share management\n");
> + goto out;
> + }
> +
> + ret = parse_configs(db);
> + if (ret) {
> + pr_err("Unable to parse database file %s\n", db);
> + goto out;
> + }
> +
> + switch (cmd) {
> + case KSMBD_CMD_USER_ADD:
> + ret = user_add_cmd(db, login, pw);
> + break;
> + case KSMBD_CMD_USER_DELETE:
> + ret = user_delete_cmd(db, login);
> + break;
> + case KSMBD_CMD_USER_UPDATE:
> + ret = user_update_cmd(db, login, pw);
> + break;
> + case KSMBD_CMD_USER_LIST:
> + ret = user_list_cmd(db);
> + break;
> + }
> +
> + /*
> + * FIXME: We support only ADD_USER command at this moment
> + */
> + if (ret == 0 && cmd == KSMBD_CMD_USER_ADD)
> + notify_ksmbd_daemon();
> +out:
> + shm_destroy();
> + usm_destroy();
> + return ret;
> +
> +missing_arg:
> + if (cmd > KSMBD_CMD_USER_NONE && cmd < KSMBD_CMD_USER_MAX)
> + pr_out("Subcommand \"%s\" requires an argument.\n\n", cmd_str);
> +usage:
> + user_usage(cmd);
> +
> + return ret;
> +}
> diff --git a/user/user_admin.c b/user/user_admin.c
> index 95b05ea33f28..ca0e14978701 100644
> --- a/user/user_admin.c
> +++ b/user/user_admin.c
> @@ -1,6 +1,7 @@
> // SPDX-License-Identifier: GPL-2.0-or-later
> /*
> * Copyright (C) 2018 Samsung Electronics Co., Ltd.
> + * Copyright (C) 2021 SUSE LLC
> *
> * linux-cifsd-devel@xxxxxxxxxxxxxxxxxxxxx
> */
> @@ -8,8 +9,8 @@
> #include <glib.h>
> #include <stdlib.h>
> #include <stdio.h>
> +#include <stdbool.h>
> #include <unistd.h>
> -#include <getopt.h>
> #include <sys/stat.h>
> #include <fcntl.h>
> #include <termios.h>
> @@ -24,23 +25,23 @@
>
> #define MAX_NT_PWD_LEN 129
>
> -static char *arg_account = NULL;
> -static char *arg_password = NULL;
> static int conf_fd = -1;
> static char wbuf[2 * MAX_NT_PWD_LEN + 2 * KSMBD_REQ_MAX_ACCOUNT_NAME_SZ];
>
> -static int __opendb_file(char *pwddb)
> +static int open_db(char *db, bool truncate)
> {
> - conf_fd = open(pwddb, O_WRONLY);
> + conf_fd = open(db, O_WRONLY);
> if (conf_fd == -1) {
> - pr_err("%s %s\n", strerr(errno), pwddb);
> + pr_err("%s %s\n", strerr(errno), db);
> return -EINVAL;
> }
>
> - if (ftruncate(conf_fd, 0)) {
> - pr_err("%s %s\n", strerr(errno), pwddb);
> - close(conf_fd);
> - return -EINVAL;
> + if (truncate) {
> + if (ftruncate(conf_fd, 0)) {
> + pr_err("%s %s\n", strerr(errno), db);
> + close(conf_fd);
> + return -EINVAL;
> + }
> }
>
> return 0;
> @@ -60,149 +61,147 @@ static void term_toggle_echo(int on_off)
> tcsetattr(STDIN_FILENO, TCSAFLUSH, &term);
> }
>
> -static char *__prompt_password_stdin(size_t *sz)
> +static char *prompt_password_stdin(size_t *sz)
> {
> - char *pswd1 = calloc(1, MAX_NT_PWD_LEN + 1);
> - char *pswd2 = calloc(1, MAX_NT_PWD_LEN + 1);
> + char *pw1 = calloc(1, MAX_NT_PWD_LEN + 1);
> + char *pw2 = calloc(1, MAX_NT_PWD_LEN + 1);
> size_t len = 0;
> int i;
>
> - if (!pswd1 || !pswd2) {
> - free(pswd1);
> - free(pswd2);
> - pr_err("Out of memory\n");
> - return NULL;
> - }
> + if (!pw1 || !pw2)
> + goto fail;
>
> again:
> - printf("New password: ");
> + pr_out("New password: ");
> term_toggle_echo(0);
> - if (fgets(pswd1, MAX_NT_PWD_LEN, stdin) == NULL) {
> + if (fgets(pw1, MAX_NT_PWD_LEN, stdin) == NULL) {
> term_toggle_echo(1);
> - pr_err("\nFatal error: %s\n", strerr(errno));
> - free(pswd1);
> - free(pswd2);
> - return NULL;
> + pr_out("\n");
> + goto fail;
> }
> + pr_out("\n");
>
> - printf("\nRetype new password: ");
> - if (fgets(pswd2, MAX_NT_PWD_LEN, stdin) == NULL) {
> + pr_out("Retype new password: ");
> + if (fgets(pw2, MAX_NT_PWD_LEN, stdin) == NULL) {
> term_toggle_echo(1);
> - pr_err("\nFatal error: %s\n", strerr(errno));
> - free(pswd1);
> - free(pswd2);
> - return NULL;
> + pr_out("\n");
> + goto fail;
> }
> term_toggle_echo(1);
> - printf("\n");
> + pr_out("\n");
>
> - len = strlen(pswd1);
> + len = strlen(pw1);
> for (i = 0; i < len; i++)
> - if (pswd1[i] == '\n')
> - pswd1[i] = 0x00;
> + if (pw1[i] == '\n')
> + pw1[i] = 0x00;
>
> - len = strlen(pswd2);
> + len = strlen(pw2);
> for (i = 0; i < len; i++)
> - if (pswd2[i] == '\n')
> - pswd2[i] = 0x00;
> + if (pw2[i] == '\n')
> + pw2[i] = 0x00;
>
> - if (memcmp(pswd1, pswd2, MAX_NT_PWD_LEN + 1)) {
> + if (memcmp(pw1, pw2, MAX_NT_PWD_LEN + 1)) {
> pr_err("Passwords don't match\n");
> goto again;
> }
>
> - len = strlen(pswd1);
> + len = strlen(pw1);
> if (len <= 1) {
> pr_err("No password was provided\n");
> goto again;
> }
>
> *sz = len;
> - free(pswd2);
> - return pswd1;
> + free(pw2);
> + return pw1;
> +fail:
> + pr_err("Fatal error: %s\n", strerr(errno));
> + free(pw1);
> + free(pw2);
> + return NULL;
> }
>
> -static char *prompt_password(size_t *sz)
> +static char *prompt_password(char *password, size_t *len)
> {
> - if (!arg_password)
> - return __prompt_password_stdin(sz);
> + if (!password)
> + return prompt_password_stdin(len);
>
> - *sz = strlen(arg_password);
> - return arg_password;
> + *len = strlen(password);
> + return password;
> }
>
> -static char *get_utf8_password(long *len)
> +static char *get_utf8_password(char *password, long *len)
> {
> size_t raw_sz;
> - char *pswd_raw, *pswd_converted;
> + char *pw_raw, *pw_converted;
> gsize bytes_read = 0;
> gsize bytes_written = 0;
>
> - pswd_raw = prompt_password(&raw_sz);
> - if (!pswd_raw)
> + pw_raw = prompt_password(password, &raw_sz);
> + if (!pw_raw)
> return NULL;
>
> - pswd_converted = ksmbd_gconvert(pswd_raw,
> + pw_converted = ksmbd_gconvert(pw_raw,
> raw_sz,
> KSMBD_CHARSET_UTF16LE,
> KSMBD_CHARSET_DEFAULT,
> &bytes_read,
> &bytes_written);
> - if (!pswd_converted) {
> - free(pswd_raw);
> + if (!pw_converted) {
> + free(pw_raw);
> return NULL;
> }
>
> *len = bytes_written;
> - free(pswd_raw);
> - return pswd_converted;
> + free(pw_raw);
> + return pw_converted;
> }
>
> -static void __sanity_check(char *pswd_hash, char *pswd_b64)
> +static void sanity_check_pw(char *pw_hash, char *pw_b64)
> {
> - size_t pass_sz;
> - char *pass = base64_decode(pswd_b64, &pass_sz);
> + size_t len;
> + char *pass = base64_decode(pw_b64, &len);
>
> if (!pass) {
> pr_err("Unable to decode NT hash\n");
> exit(EXIT_FAILURE);
> }
>
> - if (memcmp(pass, pswd_hash, pass_sz)) {
> + if (memcmp(pass, pw_hash, len)) {
> pr_err("NT hash encoding error\n");
> exit(EXIT_FAILURE);
> }
> free(pass);
> }
>
> -static char *get_hashed_b64_password(void)
> +static char *get_hashed_b64_password(char *password)
> {
> struct md4_ctx mctx;
> long len;
> - char *pswd_plain, *pswd_hash, *pswd_b64;
> + char *pw_plain, *pw_hash, *pw_b64;
>
> - pswd_plain = get_utf8_password(&len);
> - if (!pswd_plain)
> + pw_plain = get_utf8_password(password, &len);
> + if (!pw_plain)
> return NULL;
>
> - pswd_hash = calloc(1, sizeof(mctx.hash) + 1);
> - if (!pswd_hash) {
> - free(pswd_plain);
> + pw_hash = calloc(1, sizeof(mctx.hash) + 1);
> + if (!pw_hash) {
> + free(pw_plain);
> pr_err("Out of memory\n");
> return NULL;
> }
>
> md4_init(&mctx);
> - md4_update(&mctx, pswd_plain, len);
> - md4_final(&mctx, pswd_hash);
> + md4_update(&mctx, pw_plain, len);
> + md4_final(&mctx, pw_hash);
>
> - pswd_b64 = base64_encode(pswd_hash,
> + pw_b64 = base64_encode(pw_hash,
> MD4_HASH_WORDS * sizeof(unsigned int));
>
> - __sanity_check(pswd_hash, pswd_b64);
> - free(pswd_plain);
> - free(pswd_hash);
> - return pswd_b64;
> + sanity_check_pw(pw_hash, pw_b64);
> + free(pw_plain);
> + free(pw_hash);
> + return pw_b64;
> }
>
> static void write_user(struct ksmbd_user *user)
> @@ -248,7 +247,7 @@ static void write_remove_user_cb(gpointer key,
> {
> struct ksmbd_user *user = (struct ksmbd_user *)value;
>
> - if (!g_ascii_strcasecmp(user->name, arg_account)) {
> + if (!g_ascii_strcasecmp(user->name, (char *)user_data)) {
> pr_info("User '%s' removed\n", user->name);
> return;
> }
> @@ -262,96 +261,91 @@ static void lookup_can_del_user(gpointer key,
> {
> struct ksmbd_share *share = (struct ksmbd_share *)value;
> int ret = 0;
> - int *abort_del_user = (int *)user_data;
> + char *account = (char *)user_data;
>
> - if (*abort_del_user)
> + if (!account)
> return;
>
> ret = shm_lookup_users_map(share,
> KSMBD_SHARE_ADMIN_USERS_MAP,
> - arg_account);
> + account);
> if (ret == 0)
> goto conflict;
>
> ret = shm_lookup_users_map(share,
> KSMBD_SHARE_WRITE_LIST_MAP,
> - arg_account);
> + account);
> if (ret == 0)
> goto conflict;
>
> ret = shm_lookup_users_map(share,
> KSMBD_SHARE_VALID_USERS_MAP,
> - arg_account);
> + account);
> if (ret == 0)
> goto conflict;
>
> - *abort_del_user = 0;
> return;
>
> conflict:
> pr_err("Share %s requires user %s to exist\n",
> - share->name, arg_account);
> - *abort_del_user = 1;
> + share->name, account);
> + account = NULL;
> }
>
> -int command_add_user(char *pwddb, char *account, char *password)
> +int user_add_cmd(char *db, char *account, char *password)
> {
> struct ksmbd_user *user;
> - char *pswd;
> -
> - arg_account = account;
> - arg_password = password;
> + char *pw;
>
> - user = usm_lookup_user(arg_account);
> + user = usm_lookup_user(account);
> if (user) {
> put_ksmbd_user(user);
> - pr_err("Account `%s' already exists\n", arg_account);
> + pr_err("Account `%s' already exists\n", account);
> return -EEXIST;
> }
>
> - pswd = get_hashed_b64_password();
> - if (!pswd) {
> + pw = get_hashed_b64_password(password);
> + if (!pw) {
> pr_err("Out of memory\n");
> return -EINVAL;
> }
>
> - /* pswd is already g_strdup-ed */
> - if (usm_add_new_user(arg_account, pswd)) {
> + /* pw is already g_strdup-ed */
> + if (usm_add_new_user(account, pw)) {
> pr_err("Could not add new account\n");
> return -EINVAL;
> }
>
> - pr_info("User '%s' added\n", arg_account);
> - if (__opendb_file(pwddb))
> + if (open_db(db, true))
> return -EINVAL;
>
> for_each_ksmbd_user(write_user_cb, NULL);
> +
> + pr_info("User '%s' added\n", account);
> +
> close(conf_fd);
> return 0;
> }
>
> -int command_update_user(char *pwddb, char *account, char *password)
> +int user_update_cmd(char *db, char *account, char *password)
> {
> struct ksmbd_user *user;
> - char *pswd;
> -
> - arg_password = password;
> - arg_account = account;
> + char *pw;
>
> - user = usm_lookup_user(arg_account);
> + user = usm_lookup_user(account);
> if (!user) {
> - pr_err("Unknown account\n");
> + pr_err("Unknown account \"%s\"\n", account);
> return -EINVAL;
> }
>
> - pswd = get_hashed_b64_password();
> - if (!pswd) {
> + pw = get_hashed_b64_password(password);
> + if (!pw) {
> pr_err("Out of memory\n");
> put_ksmbd_user(user);
> return -EINVAL;
> }
>
> - if (usm_update_user_password(user, pswd)) {
> + if (usm_update_user_password(user, pw)) {
> pr_err("Out of memory\n");
> put_ksmbd_user(user);
> return -ENOMEM;
> @@ -359,9 +353,9 @@ int command_update_user(char *pwddb, char *account, char
> *password)
>
> pr_info("User '%s' updated\n", account);
> put_ksmbd_user(user);
> - free(pswd);
> + free(pw);
>
> - if (__opendb_file(pwddb))
> + if (open_db(db, true))
> return -EINVAL;
>
> for_each_ksmbd_user(write_user_cb, NULL);
> @@ -369,28 +363,47 @@ int command_update_user(char *pwddb, char *account,
> char *password)
> return 0;
> }
>
> -int command_del_user(char *pwddb, char *account)
> +int user_delete_cmd(char *db, char *account)
> {
> - int abort_del_user = 0;
> + char *abort_del_user = strdup(account);
>
> - arg_account = account;
> - if (!cp_key_cmp(global_conf.guest_account, arg_account)) {
> + if (!cp_key_cmp(global_conf.guest_account, account)) {
> pr_err("User %s is a global guest account. Abort deletion.\n",
> - arg_account);
> + account);
> return -EINVAL;
> }
>
> - for_each_ksmbd_share(lookup_can_del_user, &abort_del_user);
> + for_each_ksmbd_share(lookup_can_del_user, abort_del_user);
>
> - if (abort_del_user) {
> + if (!abort_del_user) {
> pr_err("Aborting user deletion\n");
> return -EINVAL;
> }
>
> - if (__opendb_file(pwddb))
> + if (open_db(db, true))
> + return -EINVAL;
> +
> + for_each_ksmbd_user(write_remove_user_cb, account);
> + close(conf_fd);
> + return 0;
> +}
> +
> +static void list_users_cb(gpointer key, gpointer value, gpointer data)
> +{
> + struct ksmbd_user *user = (struct ksmbd_user *)value;
> +
> + pr_out("%s\n", user->name);
> +}
> +
> +int user_list_cmd(char *db)
> +{
> + if (open_db(db, false))
> return -EINVAL;
>
> - for_each_ksmbd_user(write_remove_user_cb, NULL);
> + pr_out("Users in %s:\n", db);
> + for_each_ksmbd_user(list_users_cb, NULL);
> + pr_out("\n");
> close(conf_fd);
> +
> return 0;
> }
> diff --git a/user/user_admin.h b/user/user_admin.h
> index 9ff839e846bd..2dfbaa00b6b0 100644
> --- a/user/user_admin.h
> +++ b/user/user_admin.h
> @@ -1,6 +1,7 @@
> /* SPDX-License-Identifier: GPL-2.0-or-later */
> /*
> * Copyright (C) 2018 Samsung Electronics Co., Ltd.
> + * Copyright (C) 2021 SUSE LLC
> *
> * linux-cifsd-devel@xxxxxxxxxxxxxxxxxxxxx
> */
> @@ -8,8 +9,36 @@
> #ifndef __KSMBD_USER_ADMIN_H__
> #define __KSMBD_USER_ADMIN_H__
>
> -int command_add_user(char *pwddb, char *account, char *password);
> -int command_update_user(char *pwddb, char *account, char *password);
> -int command_del_user(char *pwddb, char *account);
> +int user_add_cmd(char *db, char *account, char *password);
> +int user_delete_cmd(char *db, char *account);
> +int user_update_cmd(char *db, char *account, char *password);
> +int user_list_cmd(char *db);
> +
> +typedef enum {
> + KSMBD_CMD_USER_NONE = 0,
> + KSMBD_CMD_USER_ADD,
> + KSMBD_CMD_USER_DELETE,
> + KSMBD_CMD_USER_UPDATE,
> + KSMBD_CMD_USER_LIST,
> + KSMBD_CMD_USER_MAX
> +} ksmbd_user_cmd;
> +
> +/* List of supported subcommands */
> +static const char *ksmbd_user_cmds_str[] = {
> + "none",
> + "add",
> + "delete",
> + "update",
> + "list",
> +};
> +
> +static struct option user_opts[] = {
> + { "password", required_argument, NULL, 'p' },
> + { "database", required_argument, NULL, 'd' },
> + { 0, 0, 0, 0 },
> +};
> +
> +void user_usage(ksmbd_user_cmd cmd);
> +int user_cmd(int argc, char *argv[]);
>
> #endif /* __KSMBD_USER_ADMIN_H__ */
> --
> 2.34.1
>
>
