1/*
2 * Copyright (c) 1989, 1993
3 *	The Regents of the University of California.  All rights reserved.
4 *
5 * This code is derived from software contributed to Berkeley by
6 * Tony Nardo of the Johns Hopkins University/Applied Physics Lab.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 *    notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 *    notice, this list of conditions and the following disclaimer in the
15 *    documentation and/or other materials provided with the distribution.
16 * 3. All advertising materials mentioning features or use of this software
17 *    must display the following acknowledgement:
18 *	This product includes software developed by the University of
19 *	California, Berkeley and its contributors.
20 * 4. Neither the name of the University nor the names of its contributors
21 *    may be used to endorse or promote products derived from this software
22 *    without specific prior written permission.
23 *
24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 * SUCH DAMAGE.
35 */
36
37/*
38 * Luke Mewburn <lm@rmit.edu.au> added the following on 940622:
39 *    - mail status ("No Mail", "Mail read:...", or "New Mail ...,
40 *	Unread since ...".)
41 *    - 4 digit phone extensions (3210 is printed as x3210.)
42 *    - host/office toggling in short format with -h & -o.
43 *    - short day names (`Tue' printed instead of `Jun 21' if the
44 *	login time is < 6 days.
45 */
46
47#ifndef lint
48static const char copyright[] =
49"@(#) Copyright (c) 1989, 1993\n\
50	The Regents of the University of California.  All rights reserved.\n";
51#endif /* not lint */
52
53#if 0
54#ifndef lint
55static char sccsid[] = "@(#)finger.c	8.5 (Berkeley) 5/4/95";
56#endif
57#endif
58
59#include <sys/cdefs.h>
60__FBSDID("$FreeBSD: src/usr.bin/finger/finger.c,v 1.36 2005/09/19 10:11:46 dds Exp $");
61
62/*
63 * Finger prints out information about users.  It is not portable since
64 * certain fields (e.g. the full user name, office, and phone numbers) are
65 * extracted from the gecos field of the passwd file which other UNIXes
66 * may not have or may use for other things.
67 *
68 * There are currently two output formats; the short format is one line
69 * per user and displays login name, tty, login time, real name, idle time,
70 * and either remote host information (default) or office location/phone
71 * number, depending on if -h or -o is used respectively.
72 * The long format gives the same information (in a more legible format) as
73 * well as home directory, shell, mail info, and .plan/.project files.
74 */
75
76#include <sys/types.h>
77#include <sys/socket.h>
78#include <db.h>
79#include <err.h>
80#include <pwd.h>
81#include <stdio.h>
82#include <stdlib.h>
83#include <string.h>
84#include <time.h>
85#include <unistd.h>
86#include <utmpx.h>
87#include <locale.h>
88
89#include "finger.h"
90#include "pathnames.h"
91
92DB *db;
93time_t now;
94int entries, gflag, kflag, lflag, mflag, pplan, sflag, oflag, Tflag;
95sa_family_t family = PF_UNSPEC;
96int d_first = -1;
97char tbuf[1024];
98int invoker_root = 0;
99
100static void loginlist(void);
101static int option(int, char **);
102static void usage(void);
103static void userlist(int, char **);
104
105static int
106option(int argc, char **argv)
107{
108	int ch;
109
110	optind = 1;		/* reset getopt */
111
112#ifdef __APPLE__
113	while ((ch = getopt(argc, argv, "46gklmpsho")) != -1)
114#else
115	while ((ch = getopt(argc, argv, "46gklmpshoT")) != -1)
116#endif
117		switch(ch) {
118		case '4':
119			family = AF_INET;
120			break;
121		case '6':
122			family = AF_INET6;
123			break;
124		case 'g':
125			gflag = 1;
126			break;
127		case 'k':
128			kflag = 1;		/* keep going without utmpx */
129			break;
130		case 'l':
131			lflag = 1;		/* long format */
132			break;
133		case 'm':
134			mflag = 1;		/* force exact match of names */
135			break;
136		case 'p':
137			pplan = 1;		/* don't show .plan/.project */
138			break;
139		case 's':
140			sflag = 1;		/* short format */
141			break;
142		case 'h':
143			oflag = 0;		/* remote host info */
144			break;
145		case 'o':
146			oflag = 1;		/* office info */
147			break;
148#ifndef __APPLE__
149		case 'T':
150			Tflag = 1;		/* disable T/TCP */
151			break;
152#endif
153		case '?':
154		default:
155			usage();
156		}
157
158	return optind;
159}
160
161static void
162usage(void)
163{
164	(void)fprintf(stderr,
165	    "usage: finger [-46gklmpshoT] [user ...] [user@host ...]\n");
166	exit(1);
167}
168
169int
170main(int argc, char **argv)
171{
172	int envargc, argcnt;
173	char *envargv[3];
174	struct passwd *pw;
175	static char myname[] = "finger";
176
177	if (getuid() == 0 || geteuid() == 0) {
178		invoker_root = 1;
179		if ((pw = getpwnam(UNPRIV_NAME)) && pw->pw_uid > 0) {
180			 setgid(pw->pw_gid);
181			 setuid(pw->pw_uid);
182		} else {
183			 setgid(UNPRIV_UGID);
184			 setuid(UNPRIV_UGID);
185		}
186	}
187
188	(void) setlocale(LC_ALL, "");
189
190				/* remove this line to get remote host */
191	oflag = 1;		/* default to old "office" behavior */
192
193	/*
194	 * Process environment variables followed by command line arguments.
195	 */
196	if ((envargv[1] = getenv("FINGER"))) {
197		envargc = 2;
198		envargv[0] = myname;
199		envargv[2] = NULL;
200		(void) option(envargc, envargv);
201	}
202
203	argcnt = option(argc, argv);
204	argc -= argcnt;
205	argv += argcnt;
206
207	(void)time(&now);
208	setpassent(1);
209	if (!*argv) {
210		/*
211		 * Assign explicit "small" format if no names given and -l
212		 * not selected.  Force the -s BEFORE we get names so proper
213		 * screening will be done.
214		 */
215		if (!lflag)
216			sflag = 1;	/* if -l not explicit, force -s */
217		loginlist();
218		if (entries == 0)
219			(void)printf("No one logged on.\n");
220	} else {
221		userlist(argc, argv);
222		/*
223		 * Assign explicit "large" format if names given and -s not
224		 * explicitly stated.  Force the -l AFTER we get names so any
225		 * remote finger attempts specified won't be mishandled.
226		 */
227		if (!sflag)
228			lflag = 1;	/* if -s not explicit, force -l */
229	}
230	if (entries) {
231		if (lflag)
232			lflag_print();
233		else
234			sflag_print();
235	}
236	return (0);
237}
238
239static void
240loginlist(void)
241{
242	PERSON *pn;
243	DBT data, key;
244	struct passwd *pw;
245	struct utmpx *user;
246	int r, sflag1;
247	char name[_UTX_USERSIZE + 1];
248
249	if (kflag)
250		errx(1, "can't list logins without reading utmpx");
251
252	setutxent();
253	name[_UTX_USERSIZE] = '\0';
254	while ((user = getutxent()) != NULL) {
255		if (!user->ut_user[0] || user->ut_type != USER_PROCESS)
256			continue;
257		if ((pn = find_person(user->ut_user)) == NULL) {
258			bcopy(user->ut_user, name, _UTX_USERSIZE);
259			if ((pw = getpwnam(name)) == NULL)
260				continue;
261			if (hide(pw))
262				continue;
263			pn = enter_person(pw);
264		}
265		enter_where(user, pn);
266	}
267	endutxent();
268	if (db && lflag)
269		for (sflag1 = R_FIRST;; sflag1 = R_NEXT) {
270			PERSON *tmp;
271
272			r = (*db->seq)(db, &key, &data, sflag1);
273			if (r == -1)
274				err(1, "db seq");
275			if (r == 1)
276				break;
277			memmove(&tmp, data.data, sizeof tmp);
278			enter_lastlog(tmp);
279		}
280}
281
282static void
283userlist(int argc, char **argv)
284{
285	PERSON *pn;
286	DBT data, key;
287	struct utmpx *user;
288	struct passwd *pw;
289	int r, sflag1, *used, *ip;
290	char **ap, **nargv, **np, **p;
291	FILE *conf_fp;
292	char conf_alias[LINE_MAX];
293	char *conf_realname;
294	int conf_length;
295
296	if ((nargv = malloc((argc+1) * sizeof(char *))) == NULL ||
297	    (used = calloc(argc, sizeof(int))) == NULL)
298		err(1, NULL);
299
300	/* Pull out all network requests. */
301	for (ap = p = argv, np = nargv; *p; ++p)
302		if (index(*p, '@'))
303			*np++ = *p;
304		else
305			*ap++ = *p;
306
307	*np++ = NULL;
308	*ap++ = NULL;
309
310	if (!*argv)
311		goto net;
312
313	/*
314	 * Mark any arguments beginning with '/' as invalid so that we
315	 * don't accidently confuse them with expansions from finger.conf
316	 */
317	for (p = argv, ip = used; *p; ++p, ++ip)
318	    if (**p == '/') {
319		*ip = 1;
320		warnx("%s: no such user", *p);
321	    }
322
323	/*
324	 * Traverse the finger alias configuration file of the form
325	 * alias:(user|alias), ignoring comment lines beginning '#'.
326	 */
327	if ((conf_fp = fopen(_PATH_FINGERCONF, "r")) != NULL) {
328	    while(fgets(conf_alias, sizeof(conf_alias), conf_fp) != NULL) {
329		conf_length = strlen(conf_alias);
330		if (*conf_alias == '#' || conf_alias[--conf_length] != '\n')
331		    continue;
332		conf_alias[conf_length] = '\0';      /* Remove trailing LF */
333		if ((conf_realname = strchr(conf_alias, ':')) == NULL)
334		    continue;
335		*conf_realname = '\0';               /* Replace : with NUL */
336		for (p = argv; *p; ++p) {
337		    if (strcmp(*p, conf_alias) == 0) {
338			if ((*p = strdup(conf_realname+1)) == NULL) {
339			    err(1, NULL);
340			}
341		    }
342		}
343	    }
344	    (void)fclose(conf_fp);
345	}
346
347	/*
348	 * Traverse the list of possible login names and check the login name
349	 * and real name against the name specified by the user. If the name
350	 * begins with a '/', try to read the file of that name instead of
351	 * gathering the traditional finger information.
352	 */
353	if (mflag)
354		for (p = argv, ip = used; *p; ++p, ++ip) {
355			if (**p != '/' || *ip == 1 || !show_text("", *p, "")) {
356				if (((pw = getpwnam(*p)) != NULL) && !hide(pw))
357					enter_person(pw);
358				else if (!*ip)
359					warnx("%s: no such user", *p);
360			}
361		}
362	else {
363		while ((pw = getpwent()) != NULL) {
364			for (p = argv, ip = used; *p; ++p, ++ip)
365				if (**p == '/' && *ip != 1
366				    && show_text("", *p, ""))
367					*ip = 1;
368				else if (match(pw, *p) && !hide(pw)) {
369					enter_person(pw);
370					*ip = 1;
371				}
372		}
373		for (p = argv, ip = used; *p; ++p, ++ip)
374			if (!*ip)
375				warnx("%s: no such user", *p);
376	}
377
378	/* Handle network requests. */
379net:	for (p = nargv; *p;) {
380		netfinger(*p++);
381		if (*p || entries)
382		    printf("\n");
383	}
384
385	if (entries == 0)
386		return;
387
388	if (kflag)
389		return;
390
391	/*
392	 * Scan thru the list of users currently logged in, saving
393	 * appropriate data whenever a match occurs.
394	 */
395	setutxent();
396	while ((user = getutxent()) != NULL) {
397		if (!user->ut_user && user->ut_type != USER_PROCESS)
398			continue;
399		if ((pn = find_person(user->ut_user)) == NULL)
400			continue;
401		enter_where(user, pn);
402	}
403	endutxent();
404	if (db)
405		for (sflag1 = R_FIRST;; sflag1 = R_NEXT) {
406			PERSON *tmp;
407
408			r = (*db->seq)(db, &key, &data, sflag1);
409			if (r == -1)
410				err(1, "db seq");
411			if (r == 1)
412				break;
413			memmove(&tmp, data.data, sizeof tmp);
414			enter_lastlog(tmp);
415		}
416}
417