|
|
8be66a |
From 33b851f0c30e47fe71a293e2c990ef26573efe86 Mon Sep 17 00:00:00 2001
|
|
|
8be66a |
From: Lennart Poettering <lennart@poettering.net>
|
|
|
8be66a |
Date: Sat, 4 Apr 2020 12:23:02 +0200
|
|
|
8be66a |
Subject: [PATCH] user-util: rework how we validate user names
|
|
|
8be66a |
MIME-Version: 1.0
|
|
|
8be66a |
Content-Type: text/plain; charset=UTF-8
|
|
|
8be66a |
Content-Transfer-Encoding: 8bit
|
|
|
8be66a |
|
|
|
8be66a |
This reworks the user validation infrastructure. There are now two
|
|
|
8be66a |
modes. In regular mode we are strict and test against a strict set of
|
|
|
8be66a |
valid chars. And in "relaxed" mode we just filter out some really
|
|
|
8be66a |
obvious, dangerous stuff. i.e. strict is whitelisting what is OK, but
|
|
|
8be66a |
"relaxed" is blacklisting what is really not OK.
|
|
|
8be66a |
|
|
|
8be66a |
The idea is that we use strict mode whenver we allocate a new user
|
|
|
8be66a |
(i.e. in sysusers.d or homed), while "relaxed" mode is when we process
|
|
|
8be66a |
users registered elsewhere, (i.e. userdb, logind, …)
|
|
|
8be66a |
|
|
|
8be66a |
The requirements on user name validity vary wildly. SSSD thinks its fine
|
|
|
8be66a |
to embedd "@" for example, while the suggested NAME_REGEX field on
|
|
|
8be66a |
Debian does not even allow uppercase chars…
|
|
|
8be66a |
|
|
|
8be66a |
This effectively liberaralizes a lot what we expect from usernames.
|
|
|
8be66a |
|
|
|
8be66a |
The code that warns about questionnable user names is now optional and
|
|
|
8be66a |
only used at places such as unit file parsing, so that it doesn't show
|
|
|
8be66a |
up on every userdb query, but only when processing configuration files
|
|
|
8be66a |
that know better.
|
|
|
8be66a |
|
|
|
8be66a |
Fixes: #15149 #15090
|
|
|
8be66a |
(cherry picked from commit 7a8867abfab10e5bbca10590ec2aa40c5b27d8fb)
|
|
|
8be66a |
|
|
|
8be66a |
Resolves: #1848373
|
|
|
8be66a |
---
|
|
|
8be66a |
src/basic/user-util.c | 185 +++++++++++++----------
|
|
|
8be66a |
src/basic/user-util.h | 21 +--
|
|
|
8be66a |
src/core/dbus-execute.c | 6 +-
|
|
|
8be66a |
src/core/dbus-manager.c | 2 +-
|
|
|
8be66a |
src/core/dbus-socket.c | 4 +-
|
|
|
8be66a |
src/core/dbus-util.c | 7 +-
|
|
|
8be66a |
src/core/dbus-util.h | 2 +-
|
|
|
8be66a |
src/core/dynamic-user.c | 2 +-
|
|
|
8be66a |
src/core/load-fragment.c | 4 +-
|
|
|
8be66a |
src/core/unit.c | 2 +-
|
|
|
8be66a |
src/nss-systemd/nss-systemd.c | 6 +-
|
|
|
8be66a |
src/systemd/sd-messages.h | 3 +
|
|
|
8be66a |
src/sysusers/sysusers.c | 4 +-
|
|
|
8be66a |
src/test/test-user-util.c | 271 ++++++++++++++++++----------------
|
|
|
8be66a |
14 files changed, 287 insertions(+), 232 deletions(-)
|
|
|
8be66a |
|
|
|
8be66a |
diff --git a/src/basic/user-util.c b/src/basic/user-util.c
|
|
|
8be66a |
index 68a924770b..cd870c4361 100644
|
|
|
8be66a |
--- a/src/basic/user-util.c
|
|
|
8be66a |
+++ b/src/basic/user-util.c
|
|
|
8be66a |
@@ -14,6 +14,8 @@
|
|
|
8be66a |
#include <unistd.h>
|
|
|
8be66a |
#include <utmp.h>
|
|
|
8be66a |
|
|
|
8be66a |
+#include "sd-messages.h"
|
|
|
8be66a |
+
|
|
|
8be66a |
#include "alloc-util.h"
|
|
|
8be66a |
#include "fd-util.h"
|
|
|
8be66a |
#include "fileio.h"
|
|
|
8be66a |
@@ -576,92 +578,125 @@ int take_etc_passwd_lock(const char *root) {
|
|
|
8be66a |
return fd;
|
|
|
8be66a |
}
|
|
|
8be66a |
|
|
|
8be66a |
-bool valid_user_group_name_full(const char *u, bool strict) {
|
|
|
8be66a |
+bool valid_user_group_name(const char *u, ValidUserFlags flags) {
|
|
|
8be66a |
const char *i;
|
|
|
8be66a |
- long sz;
|
|
|
8be66a |
- bool warned = false;
|
|
|
8be66a |
|
|
|
8be66a |
- /* Checks if the specified name is a valid user/group name. Also see POSIX IEEE Std 1003.1-2008, 2016 Edition,
|
|
|
8be66a |
- * 3.437. We are a bit stricter here however. Specifically we deviate from POSIX rules:
|
|
|
8be66a |
- *
|
|
|
8be66a |
- * - We require that names fit into the appropriate utmp field
|
|
|
8be66a |
- * - We don't allow empty user names
|
|
|
8be66a |
- * - No dots in the first character
|
|
|
8be66a |
+ /* Checks if the specified name is a valid user/group name. There are two flavours of this call:
|
|
|
8be66a |
+ * strict mode is the default which is POSIX plus some extra rules; and relaxed mode where we accept
|
|
|
8be66a |
+ * pretty much everything except the really worst offending names.
|
|
|
8be66a |
*
|
|
|
8be66a |
- * If strict==true, additionally:
|
|
|
8be66a |
- * - We don't allow any dots (this conflicts with chown syntax which permits dots as user/group name separator)
|
|
|
8be66a |
- * - We don't allow a digit as the first character
|
|
|
8be66a |
- *
|
|
|
8be66a |
- * Note that other systems are even more restrictive, and don't permit underscores or uppercase characters.
|
|
|
8be66a |
- */
|
|
|
8be66a |
+ * Whenever we synthesize users ourselves we should use the strict mode. But when we process users
|
|
|
8be66a |
+ * created by other stuff, let's be more liberal. */
|
|
|
8be66a |
|
|
|
8be66a |
- if (isempty(u))
|
|
|
8be66a |
+ if (isempty(u)) /* An empty user name is never valid */
|
|
|
8be66a |
return false;
|
|
|
8be66a |
|
|
|
8be66a |
- if (!(u[0] >= 'a' && u[0] <= 'z') &&
|
|
|
8be66a |
- !(u[0] >= 'A' && u[0] <= 'Z') &&
|
|
|
8be66a |
- !(u[0] >= '0' && u[0] <= '9' && !strict) &&
|
|
|
8be66a |
- u[0] != '_')
|
|
|
8be66a |
- return false;
|
|
|
8be66a |
-
|
|
|
8be66a |
- bool only_digits_seen = u[0] >= '0' && u[0] <= '9';
|
|
|
8be66a |
-
|
|
|
8be66a |
- if (only_digits_seen) {
|
|
|
8be66a |
- log_warning("User or group name \"%s\" starts with a digit, accepting for compatibility.", u);
|
|
|
8be66a |
- warned = true;
|
|
|
8be66a |
- }
|
|
|
8be66a |
-
|
|
|
8be66a |
- for (i = u+1; *i; i++) {
|
|
|
8be66a |
- if (((*i >= 'a' && *i <= 'z') ||
|
|
|
8be66a |
- (*i >= 'A' && *i <= 'Z') ||
|
|
|
8be66a |
- (*i >= '0' && *i <= '9') ||
|
|
|
8be66a |
- IN_SET(*i, '_', '-'))) {
|
|
|
8be66a |
- if (!(*i >= '0' && *i <= '9'))
|
|
|
8be66a |
- only_digits_seen = false;
|
|
|
8be66a |
- continue;
|
|
|
8be66a |
- }
|
|
|
8be66a |
-
|
|
|
8be66a |
- if (*i == '.' && !strict) {
|
|
|
8be66a |
- if (!warned) {
|
|
|
8be66a |
- log_warning("Bad user or group name \"%s\", accepting for compatibility.", u);
|
|
|
8be66a |
- warned = true;
|
|
|
8be66a |
- }
|
|
|
8be66a |
-
|
|
|
8be66a |
- continue;
|
|
|
8be66a |
- }
|
|
|
8be66a |
-
|
|
|
8be66a |
- return false;
|
|
|
8be66a |
+ if (parse_uid(u, NULL) >= 0) /* Something that parses as numeric UID string is valid exactly when the
|
|
|
8be66a |
+ * flag for it is set */
|
|
|
8be66a |
+ return FLAGS_SET(flags, VALID_USER_ALLOW_NUMERIC);
|
|
|
8be66a |
+
|
|
|
8be66a |
+ if (FLAGS_SET(flags, VALID_USER_RELAX)) {
|
|
|
8be66a |
+
|
|
|
8be66a |
+ /* In relaxed mode we just check very superficially. Apparently SSSD and other stuff is
|
|
|
8be66a |
+ * extremely liberal (way too liberal if you ask me, even inserting "@" in user names, which
|
|
|
8be66a |
+ * is bound to cause problems for example when used with an MTA), hence only filter the most
|
|
|
8be66a |
+ * obvious cases, or where things would result in an invalid entry if such a user name would
|
|
|
8be66a |
+ * show up in /etc/passwd (or equivalent getent output).
|
|
|
8be66a |
+ *
|
|
|
8be66a |
+ * Note that we stepped far out of POSIX territory here. It's not our fault though, but
|
|
|
8be66a |
+ * SSSD's, Samba's and everybody else who ignored POSIX on this. (I mean, I am happy to step
|
|
|
8be66a |
+ * outside of POSIX' bounds any day, but I must say in this case I probably wouldn't
|
|
|
8be66a |
+ * have...) */
|
|
|
8be66a |
+
|
|
|
8be66a |
+ if (startswith(u, " ") || endswith(u, " ")) /* At least expect whitespace padding is removed
|
|
|
8be66a |
+ * at front and back (accept in the middle, since
|
|
|
8be66a |
+ * that's apparently a thing on Windows). Note
|
|
|
8be66a |
+ * that this also blocks usernames consisting of
|
|
|
8be66a |
+ * whitespace only. */
|
|
|
8be66a |
+ return false;
|
|
|
8be66a |
+
|
|
|
8be66a |
+ if (!utf8_is_valid(u)) /* We want to synthesize JSON from this, hence insist on UTF-8 */
|
|
|
8be66a |
+ return false;
|
|
|
8be66a |
+
|
|
|
8be66a |
+ if (string_has_cc(u, NULL)) /* CC characters are just dangerous (and \n in particular is the
|
|
|
8be66a |
+ * record separator in /etc/passwd), so we can't allow that. */
|
|
|
8be66a |
+ return false;
|
|
|
8be66a |
+
|
|
|
8be66a |
+ if (strpbrk(u, ":/")) /* Colons are the field separator in /etc/passwd, we can't allow
|
|
|
8be66a |
+ * that. Slashes are special to file systems paths and user names
|
|
|
8be66a |
+ * typically show up in the file system as home directories, hence
|
|
|
8be66a |
+ * don't allow slashes. */
|
|
|
8be66a |
+ return false;
|
|
|
8be66a |
+
|
|
|
8be66a |
+ if (in_charset(u, "0123456789")) /* Don't allow fully numeric strings, they might be confused
|
|
|
8be66a |
+ * with with UIDs (note that this test is more broad than
|
|
|
8be66a |
+ * the parse_uid() test above, as it will cover more than
|
|
|
8be66a |
+ * the 32bit range, and it will detect 65535 (which is in
|
|
|
8be66a |
+ * invalid UID, even though in the unsigned 32 bit range) */
|
|
|
8be66a |
+ return false;
|
|
|
8be66a |
+
|
|
|
8be66a |
+ if (u[0] == '-' && in_charset(u + 1, "0123456789")) /* Don't allow negative fully numeric
|
|
|
8be66a |
+ * strings either. After all some people
|
|
|
8be66a |
+ * write 65535 as -1 (even though that's
|
|
|
8be66a |
+ * not even true on 32bit uid_t
|
|
|
8be66a |
+ * anyway) */
|
|
|
8be66a |
+ return false;
|
|
|
8be66a |
+
|
|
|
8be66a |
+ if (dot_or_dot_dot(u)) /* User names typically become home directory names, and these two are
|
|
|
8be66a |
+ * special in that context, don't allow that. */
|
|
|
8be66a |
+ return false;
|
|
|
8be66a |
+
|
|
|
8be66a |
+ /* Compare with strict result and warn if result doesn't match */
|
|
|
8be66a |
+ if (FLAGS_SET(flags, VALID_USER_WARN) && !valid_user_group_name(u, 0))
|
|
|
8be66a |
+ log_struct(LOG_NOTICE,
|
|
|
8be66a |
+ "MESSAGE=Accepting user/group name '%s', which does not match strict user/group name rules.", u,
|
|
|
8be66a |
+ "USER_GROUP_NAME=%s", u,
|
|
|
8be66a |
+ "MESSAGE_ID=" SD_MESSAGE_UNSAFE_USER_NAME_STR);
|
|
|
8be66a |
+
|
|
|
8be66a |
+ /* Note that we make no restrictions on the length in relaxed mode! */
|
|
|
8be66a |
+ } else {
|
|
|
8be66a |
+ long sz;
|
|
|
8be66a |
+ size_t l;
|
|
|
8be66a |
+
|
|
|
8be66a |
+ /* Also see POSIX IEEE Std 1003.1-2008, 2016 Edition, 3.437. We are a bit stricter here
|
|
|
8be66a |
+ * however. Specifically we deviate from POSIX rules:
|
|
|
8be66a |
+ *
|
|
|
8be66a |
+ * - We don't allow empty user names (see above)
|
|
|
8be66a |
+ * - We require that names fit into the appropriate utmp field
|
|
|
8be66a |
+ * - We don't allow any dots (this conflicts with chown syntax which permits dots as user/group name separator)
|
|
|
8be66a |
+ * - We don't allow dashes or digit as the first character
|
|
|
8be66a |
+ *
|
|
|
8be66a |
+ * Note that other systems are even more restrictive, and don't permit underscores or uppercase characters.
|
|
|
8be66a |
+ */
|
|
|
8be66a |
+
|
|
|
8be66a |
+ if (!(u[0] >= 'a' && u[0] <= 'z') &&
|
|
|
8be66a |
+ !(u[0] >= 'A' && u[0] <= 'Z') &&
|
|
|
8be66a |
+ u[0] != '_')
|
|
|
8be66a |
+ return false;
|
|
|
8be66a |
+
|
|
|
8be66a |
+ for (i = u+1; *i; i++)
|
|
|
8be66a |
+ if (!(*i >= 'a' && *i <= 'z') &&
|
|
|
8be66a |
+ !(*i >= 'A' && *i <= 'Z') &&
|
|
|
8be66a |
+ !(*i >= '0' && *i <= '9') &&
|
|
|
8be66a |
+ !IN_SET(*i, '_', '-'))
|
|
|
8be66a |
+ return false;
|
|
|
8be66a |
+
|
|
|
8be66a |
+ l = i - u;
|
|
|
8be66a |
+
|
|
|
8be66a |
+ sz = sysconf(_SC_LOGIN_NAME_MAX);
|
|
|
8be66a |
+ assert_se(sz > 0);
|
|
|
8be66a |
+
|
|
|
8be66a |
+ if (l > (size_t) sz)
|
|
|
8be66a |
+ return false;
|
|
|
8be66a |
+ if (l > FILENAME_MAX)
|
|
|
8be66a |
+ return false;
|
|
|
8be66a |
+ if (l > UT_NAMESIZE - 1)
|
|
|
8be66a |
+ return false;
|
|
|
8be66a |
}
|
|
|
8be66a |
|
|
|
8be66a |
- if (only_digits_seen)
|
|
|
8be66a |
- return false;
|
|
|
8be66a |
-
|
|
|
8be66a |
- sz = sysconf(_SC_LOGIN_NAME_MAX);
|
|
|
8be66a |
- assert_se(sz > 0);
|
|
|
8be66a |
-
|
|
|
8be66a |
- if ((size_t) (i-u) > (size_t) sz)
|
|
|
8be66a |
- return false;
|
|
|
8be66a |
-
|
|
|
8be66a |
- if ((size_t) (i-u) > UT_NAMESIZE - 1)
|
|
|
8be66a |
- return false;
|
|
|
8be66a |
-
|
|
|
8be66a |
return true;
|
|
|
8be66a |
}
|
|
|
8be66a |
|
|
|
8be66a |
-bool valid_user_group_name_or_id_full(const char *u, bool strict) {
|
|
|
8be66a |
-
|
|
|
8be66a |
- /* Similar as above, but is also fine with numeric UID/GID specifications, as long as they are in the
|
|
|
8be66a |
- * right range, and not the invalid user ids. */
|
|
|
8be66a |
-
|
|
|
8be66a |
- if (isempty(u))
|
|
|
8be66a |
- return false;
|
|
|
8be66a |
-
|
|
|
8be66a |
- if (parse_uid(u, NULL) >= 0)
|
|
|
8be66a |
- return true;
|
|
|
8be66a |
-
|
|
|
8be66a |
- return valid_user_group_name_full(u, strict);
|
|
|
8be66a |
-}
|
|
|
8be66a |
-
|
|
|
8be66a |
bool valid_gecos(const char *d) {
|
|
|
8be66a |
|
|
|
8be66a |
if (!d)
|
|
|
8be66a |
diff --git a/src/basic/user-util.h b/src/basic/user-util.h
|
|
|
8be66a |
index 5ad0b2a2f9..939bded40d 100644
|
|
|
8be66a |
--- a/src/basic/user-util.h
|
|
|
8be66a |
+++ b/src/basic/user-util.h
|
|
|
8be66a |
@@ -78,20 +78,13 @@ static inline bool userns_supported(void) {
|
|
|
8be66a |
return access("/proc/self/uid_map", F_OK) >= 0;
|
|
|
8be66a |
}
|
|
|
8be66a |
|
|
|
8be66a |
-bool valid_user_group_name_full(const char *u, bool strict);
|
|
|
8be66a |
-bool valid_user_group_name_or_id_full(const char *u, bool strict);
|
|
|
8be66a |
-static inline bool valid_user_group_name(const char *u) {
|
|
|
8be66a |
- return valid_user_group_name_full(u, true);
|
|
|
8be66a |
-}
|
|
|
8be66a |
-static inline bool valid_user_group_name_or_id(const char *u) {
|
|
|
8be66a |
- return valid_user_group_name_or_id_full(u, true);
|
|
|
8be66a |
-}
|
|
|
8be66a |
-static inline bool valid_user_group_name_compat(const char *u) {
|
|
|
8be66a |
- return valid_user_group_name_full(u, false);
|
|
|
8be66a |
-}
|
|
|
8be66a |
-static inline bool valid_user_group_name_or_id_compat(const char *u) {
|
|
|
8be66a |
- return valid_user_group_name_or_id_full(u, false);
|
|
|
8be66a |
-}
|
|
|
8be66a |
+typedef enum ValidUserFlags {
|
|
|
8be66a |
+ VALID_USER_RELAX = 1 << 0,
|
|
|
8be66a |
+ VALID_USER_WARN = 1 << 1,
|
|
|
8be66a |
+ VALID_USER_ALLOW_NUMERIC = 1 << 2,
|
|
|
8be66a |
+} ValidUserFlags;
|
|
|
8be66a |
+
|
|
|
8be66a |
+bool valid_user_group_name(const char *u, ValidUserFlags flags);
|
|
|
8be66a |
bool valid_gecos(const char *d);
|
|
|
8be66a |
bool valid_home(const char *p);
|
|
|
8be66a |
|
|
|
8be66a |
diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c
|
|
|
8be66a |
index e004fb55c9..8348663000 100644
|
|
|
8be66a |
--- a/src/core/dbus-execute.c
|
|
|
8be66a |
+++ b/src/core/dbus-execute.c
|
|
|
8be66a |
@@ -1113,10 +1113,10 @@ int bus_exec_context_set_transient_property(
|
|
|
8be66a |
flags |= UNIT_PRIVATE;
|
|
|
8be66a |
|
|
|
8be66a |
if (streq(name, "User"))
|
|
|
8be66a |
- return bus_set_transient_user_compat(u, name, &c->user, message, flags, error);
|
|
|
8be66a |
+ return bus_set_transient_user_relaxed(u, name, &c->user, message, flags, error);
|
|
|
8be66a |
|
|
|
8be66a |
if (streq(name, "Group"))
|
|
|
8be66a |
- return bus_set_transient_user_compat(u, name, &c->group, message, flags, error);
|
|
|
8be66a |
+ return bus_set_transient_user_relaxed(u, name, &c->group, message, flags, error);
|
|
|
8be66a |
|
|
|
8be66a |
if (streq(name, "TTYPath"))
|
|
|
8be66a |
return bus_set_transient_path(u, name, &c->tty_path, message, flags, error);
|
|
|
8be66a |
@@ -1298,7 +1298,7 @@ int bus_exec_context_set_transient_property(
|
|
|
8be66a |
return r;
|
|
|
8be66a |
|
|
|
8be66a |
STRV_FOREACH(p, l)
|
|
|
8be66a |
- if (!isempty(*p) && !valid_user_group_name_or_id_compat(*p))
|
|
|
8be66a |
+ if (!isempty(*p) && !valid_user_group_name(*p, VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX|VALID_USER_WARN))
|
|
|
8be66a |
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS,
|
|
|
8be66a |
"Invalid supplementary group names");
|
|
|
8be66a |
|
|
|
8be66a |
diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c
|
|
|
8be66a |
index 0a1d3df42f..7488f22116 100644
|
|
|
8be66a |
--- a/src/core/dbus-manager.c
|
|
|
8be66a |
+++ b/src/core/dbus-manager.c
|
|
|
8be66a |
@@ -1762,7 +1762,7 @@ static int method_lookup_dynamic_user_by_name(sd_bus_message *message, void *use
|
|
|
8be66a |
|
|
|
8be66a |
if (!MANAGER_IS_SYSTEM(m))
|
|
|
8be66a |
return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Dynamic users are only supported in the system instance.");
|
|
|
8be66a |
- if (!valid_user_group_name(name))
|
|
|
8be66a |
+ if (!valid_user_group_name(name, VALID_USER_RELAX))
|
|
|
8be66a |
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "User name invalid: %s", name);
|
|
|
8be66a |
|
|
|
8be66a |
r = dynamic_user_lookup_name(m, name, &uid);
|
|
|
8be66a |
diff --git a/src/core/dbus-socket.c b/src/core/dbus-socket.c
|
|
|
8be66a |
index 8fdbc05409..fa6bbe2c6f 100644
|
|
|
8be66a |
--- a/src/core/dbus-socket.c
|
|
|
8be66a |
+++ b/src/core/dbus-socket.c
|
|
|
8be66a |
@@ -281,10 +281,10 @@ static int bus_socket_set_transient_property(
|
|
|
8be66a |
return bus_set_transient_fdname(u, name, &s->fdname, message, flags, error);
|
|
|
8be66a |
|
|
|
8be66a |
if (streq(name, "SocketUser"))
|
|
|
8be66a |
- return bus_set_transient_user_compat(u, name, &s->user, message, flags, error);
|
|
|
8be66a |
+ return bus_set_transient_user_relaxed(u, name, &s->user, message, flags, error);
|
|
|
8be66a |
|
|
|
8be66a |
if (streq(name, "SocketGroup"))
|
|
|
8be66a |
- return bus_set_transient_user_compat(u, name, &s->group, message, flags, error);
|
|
|
8be66a |
+ return bus_set_transient_user_relaxed(u, name, &s->group, message, flags, error);
|
|
|
8be66a |
|
|
|
8be66a |
if (streq(name, "BindIPv6Only"))
|
|
|
8be66a |
return bus_set_transient_bind_ipv6_only(u, name, &s->bind_ipv6_only, message, flags, error);
|
|
|
8be66a |
diff --git a/src/core/dbus-util.c b/src/core/dbus-util.c
|
|
|
8be66a |
index 7862beaacb..951450e53d 100644
|
|
|
8be66a |
--- a/src/core/dbus-util.c
|
|
|
8be66a |
+++ b/src/core/dbus-util.c
|
|
|
8be66a |
@@ -30,7 +30,12 @@ int bus_property_get_triggered_unit(
|
|
|
8be66a |
|
|
|
8be66a |
BUS_DEFINE_SET_TRANSIENT(mode_t, "u", uint32_t, mode_t, "%040o");
|
|
|
8be66a |
BUS_DEFINE_SET_TRANSIENT(unsigned, "u", uint32_t, unsigned, "%" PRIu32);
|
|
|
8be66a |
-BUS_DEFINE_SET_TRANSIENT_STRING_WITH_CHECK(user_compat, valid_user_group_name_or_id_compat);
|
|
|
8be66a |
+
|
|
|
8be66a |
+static inline bool valid_user_group_name_or_id_relaxed(const char *u) {
|
|
|
8be66a |
+ return valid_user_group_name(u, VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX);
|
|
|
8be66a |
+}
|
|
|
8be66a |
+
|
|
|
8be66a |
+BUS_DEFINE_SET_TRANSIENT_STRING_WITH_CHECK(user_relaxed, valid_user_group_name_or_id_relaxed);
|
|
|
8be66a |
BUS_DEFINE_SET_TRANSIENT_STRING_WITH_CHECK(path, path_is_absolute);
|
|
|
8be66a |
|
|
|
8be66a |
int bus_set_transient_string(
|
|
|
8be66a |
diff --git a/src/core/dbus-util.h b/src/core/dbus-util.h
|
|
|
8be66a |
index a3316c6701..713b464dd9 100644
|
|
|
8be66a |
--- a/src/core/dbus-util.h
|
|
|
8be66a |
+++ b/src/core/dbus-util.h
|
|
|
8be66a |
@@ -235,7 +235,7 @@ int bus_property_get_triggered_unit(sd_bus *bus, const char *path, const char *i
|
|
|
8be66a |
|
|
|
8be66a |
int bus_set_transient_mode_t(Unit *u, const char *name, mode_t *p, sd_bus_message *message, UnitWriteFlags flags, sd_bus_error *error);
|
|
|
8be66a |
int bus_set_transient_unsigned(Unit *u, const char *name, unsigned *p, sd_bus_message *message, UnitWriteFlags flags, sd_bus_error *error);
|
|
|
8be66a |
-int bus_set_transient_user_compat(Unit *u, const char *name, char **p, sd_bus_message *message, UnitWriteFlags flags, sd_bus_error *error);
|
|
|
8be66a |
+int bus_set_transient_user_relaxed(Unit *u, const char *name, char **p, sd_bus_message *message, UnitWriteFlags flags, sd_bus_error *error);
|
|
|
8be66a |
int bus_set_transient_path(Unit *u, const char *name, char **p, sd_bus_message *message, UnitWriteFlags flags, sd_bus_error *error);
|
|
|
8be66a |
int bus_set_transient_string(Unit *u, const char *name, char **p, sd_bus_message *message, UnitWriteFlags flags, sd_bus_error *error);
|
|
|
8be66a |
int bus_set_transient_bool(Unit *u, const char *name, bool *p, sd_bus_message *message, UnitWriteFlags flags, sd_bus_error *error);
|
|
|
8be66a |
diff --git a/src/core/dynamic-user.c b/src/core/dynamic-user.c
|
|
|
8be66a |
index 021fd93a76..548b3cc9df 100644
|
|
|
8be66a |
--- a/src/core/dynamic-user.c
|
|
|
8be66a |
+++ b/src/core/dynamic-user.c
|
|
|
8be66a |
@@ -108,7 +108,7 @@ static int dynamic_user_acquire(Manager *m, const char *name, DynamicUser** ret)
|
|
|
8be66a |
return 0;
|
|
|
8be66a |
}
|
|
|
8be66a |
|
|
|
8be66a |
- if (!valid_user_group_name_or_id(name))
|
|
|
8be66a |
+ if (!valid_user_group_name(name, VALID_USER_ALLOW_NUMERIC))
|
|
|
8be66a |
return -EINVAL;
|
|
|
8be66a |
|
|
|
8be66a |
if (socketpair(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, storage_socket) < 0)
|
|
|
8be66a |
diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
|
|
|
8be66a |
index ba81d94504..e0d7b8f7f8 100644
|
|
|
8be66a |
--- a/src/core/load-fragment.c
|
|
|
8be66a |
+++ b/src/core/load-fragment.c
|
|
|
8be66a |
@@ -1932,7 +1932,7 @@ int config_parse_user_group_compat(
|
|
|
8be66a |
return -ENOEXEC;
|
|
|
8be66a |
}
|
|
|
8be66a |
|
|
|
8be66a |
- if (!valid_user_group_name_or_id_compat(k)) {
|
|
|
8be66a |
+ if (!valid_user_group_name(k, VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX|VALID_USER_WARN)) {
|
|
|
8be66a |
log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k);
|
|
|
8be66a |
return -ENOEXEC;
|
|
|
8be66a |
}
|
|
|
8be66a |
@@ -1986,7 +1986,7 @@ int config_parse_user_group_strv_compat(
|
|
|
8be66a |
return -ENOEXEC;
|
|
|
8be66a |
}
|
|
|
8be66a |
|
|
|
8be66a |
- if (!valid_user_group_name_or_id_compat(k)) {
|
|
|
8be66a |
+ if (!valid_user_group_name(k, VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX|VALID_USER_WARN)) {
|
|
|
8be66a |
log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k);
|
|
|
8be66a |
return -ENOEXEC;
|
|
|
8be66a |
}
|
|
|
8be66a |
diff --git a/src/core/unit.c b/src/core/unit.c
|
|
|
8be66a |
index ffbf3cfd48..cd3e7c806d 100644
|
|
|
8be66a |
--- a/src/core/unit.c
|
|
|
8be66a |
+++ b/src/core/unit.c
|
|
|
8be66a |
@@ -4088,7 +4088,7 @@ static int user_from_unit_name(Unit *u, char **ret) {
|
|
|
8be66a |
if (r < 0)
|
|
|
8be66a |
return r;
|
|
|
8be66a |
|
|
|
8be66a |
- if (valid_user_group_name(n)) {
|
|
|
8be66a |
+ if (valid_user_group_name(n, 0)) {
|
|
|
8be66a |
*ret = TAKE_PTR(n);
|
|
|
8be66a |
return 0;
|
|
|
8be66a |
}
|
|
|
8be66a |
diff --git a/src/nss-systemd/nss-systemd.c b/src/nss-systemd/nss-systemd.c
|
|
|
8be66a |
index f8db27ae27..615c710257 100644
|
|
|
8be66a |
--- a/src/nss-systemd/nss-systemd.c
|
|
|
8be66a |
+++ b/src/nss-systemd/nss-systemd.c
|
|
|
8be66a |
@@ -123,7 +123,7 @@ static int direct_lookup_uid(uid_t uid, char **ret) {
|
|
|
8be66a |
r = readlink_malloc(path, &s);
|
|
|
8be66a |
if (r < 0)
|
|
|
8be66a |
return r;
|
|
|
8be66a |
- if (!valid_user_group_name(s)) { /* extra safety check */
|
|
|
8be66a |
+ if (!valid_user_group_name(s, VALID_USER_RELAX)) { /* extra safety check */
|
|
|
8be66a |
free(s);
|
|
|
8be66a |
return -EINVAL;
|
|
|
8be66a |
}
|
|
|
8be66a |
@@ -153,7 +153,7 @@ enum nss_status _nss_systemd_getpwnam_r(
|
|
|
8be66a |
|
|
|
8be66a |
/* If the username is not valid, then we don't know it. Ideally libc would filter these for us anyway. We don't
|
|
|
8be66a |
* generate EINVAL here, because it isn't really out business to complain about invalid user names. */
|
|
|
8be66a |
- if (!valid_user_group_name(name))
|
|
|
8be66a |
+ if (!valid_user_group_name(name, VALID_USER_RELAX))
|
|
|
8be66a |
return NSS_STATUS_NOTFOUND;
|
|
|
8be66a |
|
|
|
8be66a |
/* Synthesize entries for the root and nobody users, in case they are missing in /etc/passwd */
|
|
|
8be66a |
@@ -356,7 +356,7 @@ enum nss_status _nss_systemd_getgrnam_r(
|
|
|
8be66a |
assert(name);
|
|
|
8be66a |
assert(gr);
|
|
|
8be66a |
|
|
|
8be66a |
- if (!valid_user_group_name(name))
|
|
|
8be66a |
+ if (!valid_user_group_name(name, VALID_USER_RELAX))
|
|
|
8be66a |
return NSS_STATUS_NOTFOUND;
|
|
|
8be66a |
|
|
|
8be66a |
/* Synthesize records for root and nobody, in case they are missing form /etc/group */
|
|
|
8be66a |
diff --git a/src/systemd/sd-messages.h b/src/systemd/sd-messages.h
|
|
|
8be66a |
index bdd4fd3974..847b698ba4 100644
|
|
|
8be66a |
--- a/src/systemd/sd-messages.h
|
|
|
8be66a |
+++ b/src/systemd/sd-messages.h
|
|
|
8be66a |
@@ -152,6 +152,9 @@ _SD_BEGIN_DECLARATIONS;
|
|
|
8be66a |
#define SD_MESSAGE_DNSSEC_DOWNGRADE SD_ID128_MAKE(36,db,2d,fa,5a,90,45,e1,bd,4a,f5,f9,3e,1c,f0,57)
|
|
|
8be66a |
#define SD_MESSAGE_DNSSEC_DOWNGRADE_STR SD_ID128_MAKE_STR(36,db,2d,fa,5a,90,45,e1,bd,4a,f5,f9,3e,1c,f0,57)
|
|
|
8be66a |
|
|
|
8be66a |
+#define SD_MESSAGE_UNSAFE_USER_NAME SD_ID128_MAKE(b6,1f,da,c6,12,e9,4b,91,82,28,5b,99,88,43,06,1f)
|
|
|
8be66a |
+#define SD_MESSAGE_UNSAFE_USER_NAME_STR SD_ID128_MAKE_STR(b6,1f,da,c6,12,e9,4b,91,82,28,5b,99,88,43,06,1f)
|
|
|
8be66a |
+
|
|
|
8be66a |
_SD_END_DECLARATIONS;
|
|
|
8be66a |
|
|
|
8be66a |
#endif
|
|
|
8be66a |
diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
|
|
|
8be66a |
index 33959d3c11..a374ebaaf4 100644
|
|
|
8be66a |
--- a/src/sysusers/sysusers.c
|
|
|
8be66a |
+++ b/src/sysusers/sysusers.c
|
|
|
8be66a |
@@ -1413,7 +1413,7 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) {
|
|
|
8be66a |
return r;
|
|
|
8be66a |
}
|
|
|
8be66a |
|
|
|
8be66a |
- if (!valid_user_group_name(resolved_name)) {
|
|
|
8be66a |
+ if (!valid_user_group_name(resolved_name, 0)) {
|
|
|
8be66a |
log_error("[%s:%u] '%s' is not a valid user or group name.", fname, line, resolved_name);
|
|
|
8be66a |
return -EINVAL;
|
|
|
8be66a |
}
|
|
|
8be66a |
@@ -1524,7 +1524,7 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) {
|
|
|
8be66a |
return -EINVAL;
|
|
|
8be66a |
}
|
|
|
8be66a |
|
|
|
8be66a |
- if (!valid_user_group_name(resolved_id)) {
|
|
|
8be66a |
+ if (!valid_user_group_name(resolved_id, 0)) {
|
|
|
8be66a |
log_error("[%s:%u] '%s' is not a valid user or group name.", fname, line, resolved_id);
|
|
|
8be66a |
return -EINVAL;
|
|
|
8be66a |
}
|
|
|
8be66a |
diff --git a/src/test/test-user-util.c b/src/test/test-user-util.c
|
|
|
8be66a |
index 56079f1486..31ac018da9 100644
|
|
|
8be66a |
--- a/src/test/test-user-util.c
|
|
|
8be66a |
+++ b/src/test/test-user-util.c
|
|
|
8be66a |
@@ -131,144 +131,163 @@ static void test_uid_ptr(void) {
|
|
|
8be66a |
assert_se(PTR_TO_UID(UID_TO_PTR(1000)) == 1000);
|
|
|
8be66a |
}
|
|
|
8be66a |
|
|
|
8be66a |
-static void test_valid_user_group_name_compat(void) {
|
|
|
8be66a |
+static void test_valid_user_group_name_relaxed(void) {
|
|
|
8be66a |
log_info("/* %s */", __func__);
|
|
|
8be66a |
|
|
|
8be66a |
- assert_se(!valid_user_group_name_compat(NULL));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_compat(""));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_compat("1"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_compat("65535"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_compat("-1"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_compat("-kkk"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_compat("rööt"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_compat("."));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_compat(".eff"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_compat("foo\nbar"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_compat("0123456789012345678901234567890123456789"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id_compat("aaa:bbb"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_compat("."));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_compat(".1"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_compat(".65535"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_compat(".-1"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_compat(".-kkk"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_compat(".rööt"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id_compat(".aaa:bbb"));
|
|
|
8be66a |
-
|
|
|
8be66a |
- assert_se(valid_user_group_name_compat("root"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_compat("lennart"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_compat("LENNART"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_compat("_kkk"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_compat("kkk-"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_compat("kk-k"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_compat("eff.eff"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_compat("eff."));
|
|
|
8be66a |
-
|
|
|
8be66a |
- assert_se(valid_user_group_name_compat("some5"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_compat("5some"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_compat("INNER5NUMBER"));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name(NULL, VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("1", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("65535", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("-1", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("foo\nbar", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("0123456789012345678901234567890123456789", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("aaa:bbb", VALID_USER_RELAX|VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name(".aaa:bbb", VALID_USER_RELAX|VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name(".", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("..", VALID_USER_RELAX));
|
|
|
8be66a |
+
|
|
|
8be66a |
+ assert_se(valid_user_group_name("root", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("lennart", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("LENNART", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("_kkk", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("kkk-", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("kk-k", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("eff.eff", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("eff.", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("-kkk", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("rööt", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name(".eff", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name(".1", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name(".65535", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name(".-1", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name(".-kkk", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name(".rööt", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("...", VALID_USER_RELAX));
|
|
|
8be66a |
+
|
|
|
8be66a |
+ assert_se(valid_user_group_name("some5", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("5some", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("INNER5NUMBER", VALID_USER_RELAX));
|
|
|
8be66a |
+
|
|
|
8be66a |
+ assert_se(valid_user_group_name("piff.paff@ad.domain.example", VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("Dāvis", VALID_USER_RELAX));
|
|
|
8be66a |
}
|
|
|
8be66a |
|
|
|
8be66a |
static void test_valid_user_group_name(void) {
|
|
|
8be66a |
log_info("/* %s */", __func__);
|
|
|
8be66a |
|
|
|
8be66a |
- assert_se(!valid_user_group_name(NULL));
|
|
|
8be66a |
- assert_se(!valid_user_group_name(""));
|
|
|
8be66a |
- assert_se(!valid_user_group_name("1"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name("65535"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name("-1"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name("-kkk"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name("rööt"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name("."));
|
|
|
8be66a |
- assert_se(!valid_user_group_name(".eff"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name("foo\nbar"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name("0123456789012345678901234567890123456789"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id("aaa:bbb"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name("."));
|
|
|
8be66a |
- assert_se(!valid_user_group_name(".1"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name(".65535"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name(".-1"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name(".-kkk"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name(".rööt"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id(".aaa:bbb"));
|
|
|
8be66a |
-
|
|
|
8be66a |
- assert_se(valid_user_group_name("root"));
|
|
|
8be66a |
- assert_se(valid_user_group_name("lennart"));
|
|
|
8be66a |
- assert_se(valid_user_group_name("LENNART"));
|
|
|
8be66a |
- assert_se(valid_user_group_name("_kkk"));
|
|
|
8be66a |
- assert_se(valid_user_group_name("kkk-"));
|
|
|
8be66a |
- assert_se(valid_user_group_name("kk-k"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name("eff.eff"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name("eff."));
|
|
|
8be66a |
-
|
|
|
8be66a |
- assert_se(valid_user_group_name("some5"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name("5some"));
|
|
|
8be66a |
- assert_se(valid_user_group_name("INNER5NUMBER"));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name(NULL, 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("1", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("65535", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("-1", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("-kkk", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("rööt", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name(".", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name(".eff", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("foo\nbar", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("0123456789012345678901234567890123456789", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("aaa:bbb", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name(".", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("..", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("...", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name(".1", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name(".65535", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name(".-1", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name(".-kkk", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name(".rööt", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name(".aaa:bbb", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+
|
|
|
8be66a |
+ assert_se(valid_user_group_name("root", 0));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("lennart", 0));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("LENNART", 0));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("_kkk", 0));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("kkk-", 0));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("kk-k", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("eff.eff", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("eff.", 0));
|
|
|
8be66a |
+
|
|
|
8be66a |
+ assert_se(valid_user_group_name("some5", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("5some", 0));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("INNER5NUMBER", 0));
|
|
|
8be66a |
+
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("piff.paff@ad.domain.example", 0));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("Dāvis", 0));
|
|
|
8be66a |
}
|
|
|
8be66a |
|
|
|
8be66a |
-static void test_valid_user_group_name_or_id_compat(void) {
|
|
|
8be66a |
+static void test_valid_user_group_name_or_numeric_relaxed(void) {
|
|
|
8be66a |
log_info("/* %s */", __func__);
|
|
|
8be66a |
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id_compat(NULL));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id_compat(""));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id_compat("0"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id_compat("1"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id_compat("65534"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id_compat("65535"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id_compat("65536"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id_compat("-1"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id_compat("-kkk"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id_compat("rööt"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id_compat("."));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id_compat(".eff"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id_compat("eff.eff"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id_compat("eff."));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id_compat("foo\nbar"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id_compat("0123456789012345678901234567890123456789"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id_compat("aaa:bbb"));
|
|
|
8be66a |
-
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id_compat("root"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id_compat("lennart"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id_compat("LENNART"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id_compat("_kkk"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id_compat("kkk-"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id_compat("kk-k"));
|
|
|
8be66a |
-
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id_compat("some5"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id_compat("5some"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id_compat("INNER5NUMBER"));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name(NULL, VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("0", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("1", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("65534", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("65535", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("65536", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("-1", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("foo\nbar", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("0123456789012345678901234567890123456789", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("aaa:bbb", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name(".", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("..", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+
|
|
|
8be66a |
+ assert_se(valid_user_group_name("root", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("lennart", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("LENNART", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("_kkk", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("kkk-", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("kk-k", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("-kkk", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("rööt", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name(".eff", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("eff.eff", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("eff.", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("...", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+
|
|
|
8be66a |
+ assert_se(valid_user_group_name("some5", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("5some", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("INNER5NUMBER", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+
|
|
|
8be66a |
+ assert_se(valid_user_group_name("piff.paff@ad.domain.example", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("Dāvis", VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX));
|
|
|
8be66a |
}
|
|
|
8be66a |
|
|
|
8be66a |
-static void test_valid_user_group_name_or_id(void) {
|
|
|
8be66a |
+static void test_valid_user_group_name_or_numeric(void) {
|
|
|
8be66a |
log_info("/* %s */", __func__);
|
|
|
8be66a |
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id(NULL));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id(""));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id("0"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id("1"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id("65534"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id("65535"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id("65536"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id("-1"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id("-kkk"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id("rööt"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id("."));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id(".eff"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id("eff.eff"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id("eff."));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id("foo\nbar"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id("0123456789012345678901234567890123456789"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id("aaa:bbb"));
|
|
|
8be66a |
-
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id("root"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id("lennart"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id("LENNART"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id("_kkk"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id("kkk-"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id("kk-k"));
|
|
|
8be66a |
-
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id("some5"));
|
|
|
8be66a |
- assert_se(!valid_user_group_name_or_id("5some"));
|
|
|
8be66a |
- assert_se(valid_user_group_name_or_id("INNER5NUMBER"));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name(NULL, VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("0", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("1", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("65534", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("65535", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("65536", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("-1", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("-kkk", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("rööt", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name(".", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("..", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("...", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name(".eff", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("eff.eff", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("eff.", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("foo\nbar", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("0123456789012345678901234567890123456789", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("aaa:bbb", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+
|
|
|
8be66a |
+ assert_se(valid_user_group_name("root", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("lennart", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("LENNART", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("_kkk", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("kkk-", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("kk-k", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+
|
|
|
8be66a |
+ assert_se(valid_user_group_name("some5", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("5some", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(valid_user_group_name("INNER5NUMBER", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("piff.paff@ad.domain.example", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
+ assert_se(!valid_user_group_name("Dāvis", VALID_USER_ALLOW_NUMERIC));
|
|
|
8be66a |
}
|
|
|
8be66a |
|
|
|
8be66a |
static void test_valid_gecos(void) {
|
|
|
8be66a |
@@ -367,10 +386,10 @@ int main(int argc, char*argv[]) {
|
|
|
8be66a |
test_parse_uid();
|
|
|
8be66a |
test_uid_ptr();
|
|
|
8be66a |
|
|
|
8be66a |
- test_valid_user_group_name_compat();
|
|
|
8be66a |
+ test_valid_user_group_name_relaxed();
|
|
|
8be66a |
test_valid_user_group_name();
|
|
|
8be66a |
- test_valid_user_group_name_or_id_compat();
|
|
|
8be66a |
- test_valid_user_group_name_or_id();
|
|
|
8be66a |
+ test_valid_user_group_name_or_numeric_relaxed();
|
|
|
8be66a |
+ test_valid_user_group_name_or_numeric();
|
|
|
8be66a |
test_valid_gecos();
|
|
|
8be66a |
test_valid_home();
|
|
|
8be66a |
|