From 141289f14b38ee26f52cf8c74cdfd5c9ac488f6b Mon Sep 17 00:00:00 2001 From: Nicolas Williams Date: Wed, 25 Sep 2019 17:49:56 -0500 Subject: [PATCH] roken: add roken_get_loginname() --- lib/roken/getuserinfo.c | 53 +++++++++++++++--------------------- lib/roken/roken.h.in | 2 ++ lib/roken/test-getuserinfo.c | 1 + lib/roken/version-script.map | 1 + 4 files changed, 26 insertions(+), 31 deletions(-) diff --git a/lib/roken/getuserinfo.c b/lib/roken/getuserinfo.c index aab9914f5..f59abb4e8 100644 --- a/lib/roken/getuserinfo.c +++ b/lib/roken/getuserinfo.c @@ -213,6 +213,10 @@ roken_get_appdatadir(char *appdata, size_t appdatasz) /** * Return a bare username. This is used for, e.g., constructing default * principal names. + * + * On POSIX systems, if the caller is not set-uid-like, then this will return + * the value of the USER or LOGNAME environment variables (in that order of + * preference), else the username found by looking up the effective UID. */ ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL roken_get_username(char *user, size_t usersz) @@ -253,37 +257,6 @@ roken_get_username(char *user, size_t usersz) #else size_t buflen = 2048; - if (issuid()) - return NULL; - - if (getuid() == 0) { - /* - * NOTE: When the running process was not the result of executing a - * set-uid or set-gid executable, and it is running as root, then the - * username will preferentially be taken from the wtmp if at all - * possible. This is depended on by _krb5_get_default_principal_local() - * in order to produce /root@DEFAULT_REALM as the default - * principal. - */ -#ifdef HAVE_GETLOGIN_R - if ((errno = getlogin_r(user, usersz)) == 0) - return user; - if (errno != ENOENT) - return NULL; -#else -#ifdef HAVE_GETLOGIN - if ((p = getlogin()) != NULL && p[0] != '\0') { - if strlcpy(user, p, usersz) < usersz) - return user; - errno = ERANGE; - return NULL; - } - if (errno != ENOENT) - return NULL; -#endif -#endif - } - p = secure_getenv("USER"); if (p == NULL || p[0] == '\0') p = secure_getenv("LOGNAME"); @@ -312,6 +285,24 @@ roken_get_username(char *user, size_t usersz) } } #endif +#endif + errno = 0; + return NULL; +} + +/** + * Return a bare username. This is used for, e.g., constructing default + * principal names. + * + * On POSIX systems this returns the name recorded in the system as currently + * logged in on the current terminal. + */ +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL +roken_get_loginname(char *user, size_t usersz) +{ +#ifdef WIN32 + return roken_get_username(user, usersz); +#else #ifdef HAVE_GETLOGIN_R if ((errno = getlogin_r(user, usersz)) == 0) return user; diff --git a/lib/roken/roken.h.in b/lib/roken/roken.h.in index 2ba9dea83..729caabeb 100644 --- a/lib/roken/roken.h.in +++ b/lib/roken/roken.h.in @@ -1036,6 +1036,8 @@ roken_get_appdatadir(char *, size_t); ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL roken_get_username(char *, size_t); ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL +roken_get_loginname(char *, size_t); +ROKEN_LIB_FUNCTION char * ROKEN_LIB_CALL roken_get_shell(char *, size_t); #ifndef HAVE_STRFTIME diff --git a/lib/roken/test-getuserinfo.c b/lib/roken/test-getuserinfo.c index 053b24c9f..55a46a095 100644 --- a/lib/roken/test-getuserinfo.c +++ b/lib/roken/test-getuserinfo.c @@ -69,6 +69,7 @@ main(void) } #endif printf("Username:\t%s\n", roken_get_username(buf, sizeof(buf))); + printf("Loginname:\t%s\n", roken_get_loginname(buf, sizeof(buf))); printf("Home:\t\t%s\n", roken_get_homedir(buf, sizeof(buf))); printf("Appdatadir:\t%s\n", roken_get_appdatadir(buf, sizeof(buf))); printf("Shell:\t\t%s\n", roken_get_shell(buf, sizeof(buf))); diff --git a/lib/roken/version-script.map b/lib/roken/version-script.map index 45505d0bf..8f7e57ec2 100644 --- a/lib/roken/version-script.map +++ b/lib/roken/version-script.map @@ -182,6 +182,7 @@ HEIMDAL_ROKEN_2.0 { roken_get_homedir; roken_get_shell; roken_get_username; + roken_get_loginname; roken_mconcat; roken_vconcat; roken_vmconcat;