| Vishwanatha Subbanna | d20225f | 2017-09-06 11:36:04 +0530 | [diff] [blame] | 1 | #pragma once |
| 2 | |
| Vishwanatha Subbanna | bdb298f | 2017-09-06 11:39:22 +0530 | [diff] [blame] | 3 | #include <cstring> |
| 4 | #include <experimental/filesystem> |
| Vishwanatha Subbanna | d20225f | 2017-09-06 11:36:04 +0530 | [diff] [blame] | 5 | #include <sdbusplus/bus.hpp> |
| 6 | #include <sdbusplus/server/object.hpp> |
| 7 | #include <xyz/openbmc_project/User/Password/server.hpp> |
| 8 | namespace phosphor |
| 9 | { |
| 10 | namespace user |
| 11 | { |
| 12 | |
| Vishwanatha Subbanna | bdb298f | 2017-09-06 11:39:22 +0530 | [diff] [blame] | 13 | using CryptAlgo = std::string; |
| 14 | |
| 15 | namespace fs = std::experimental::filesystem; |
| Vishwanatha Subbanna | d20225f | 2017-09-06 11:36:04 +0530 | [diff] [blame] | 16 | namespace Base = sdbusplus::xyz::openbmc_project::User::server; |
| 17 | using Interface = sdbusplus::server::object::object<Base::Password>; |
| 18 | |
| 19 | /** @class User |
| 20 | * @brief Responsible for managing a specific user account. |
| 21 | * It is implementing just the Password interface |
| 22 | * for now. |
| 23 | */ |
| 24 | class User : public Interface |
| 25 | { |
| 26 | public: |
| 27 | User() = delete; |
| 28 | ~User() = default; |
| 29 | User(const User&) = delete; |
| 30 | User& operator=(const User&) = delete; |
| 31 | User(User&&) = delete; |
| 32 | User& operator=(User&&) = delete; |
| 33 | |
| 34 | /** @brief Constructs User object. |
| 35 | * |
| 36 | * @param[in] bus - sdbusplus handler |
| 37 | * @param[in] path - D-Bus path |
| 38 | */ |
| 39 | User(sdbusplus::bus::bus& bus, const char* path) |
| 40 | : Interface(bus, path), |
| 41 | bus(bus), |
| Vishwanatha Subbanna | bdb298f | 2017-09-06 11:39:22 +0530 | [diff] [blame] | 42 | path(path), |
| 43 | user(fs::path(path).filename()) |
| Vishwanatha Subbanna | d20225f | 2017-09-06 11:36:04 +0530 | [diff] [blame] | 44 | { |
| 45 | // Do nothing |
| 46 | } |
| 47 | |
| 48 | /** @brief user password set method. If this is called for |
| 49 | * a user ID that already has the password, the password |
| 50 | * would be updated, else password would be created. |
| 51 | * Since this needs an already authenticated session, |
| 52 | * old password is not needed. |
| 53 | * |
| 54 | * @param[in] newPassword - New password |
| 55 | */ |
| 56 | void setPassword(std::string newPassword) override; |
| 57 | |
| 58 | private: |
| 59 | /** @brief sdbusplus handler */ |
| 60 | sdbusplus::bus::bus& bus; |
| 61 | |
| 62 | /** @brief object path */ |
| 63 | const std::string& path; |
| Vishwanatha Subbanna | bdb298f | 2017-09-06 11:39:22 +0530 | [diff] [blame] | 64 | |
| 65 | /** @brief User id extracted from object path */ |
| 66 | const std::string user; |
| 67 | |
| Vishwanatha Subbanna | 070a3e4 | 2017-09-06 11:40:45 +0530 | [diff] [blame] | 68 | /** @brief Returns a random string from set [A-Za-z0-9./] |
| 69 | * of length size |
| 70 | * |
| 71 | * @param[in] numChars - length of string |
| 72 | */ |
| 73 | static const std::string randomString(int length); |
| 74 | |
| 75 | /** @brief Returns password hash created with crypt algo, |
| 76 | * salt and password |
| 77 | * |
| 78 | * @param[in] spPwdp - sp_pwdp of struct spwd |
| 79 | * @param[in] password - clear text password |
| 80 | * @param[in] salt - Random salt |
| 81 | */ |
| 82 | std::string hashPassword(char* spPwdp, |
| 83 | const std::string& password, |
| 84 | const std::string& salt); |
| 85 | |
| Vishwanatha Subbanna | bdb298f | 2017-09-06 11:39:22 +0530 | [diff] [blame] | 86 | /** @brief Extracts crypto number from the shadow entry for user |
| 87 | * |
| 88 | * @param[in] spPwdp - sp_pwdp of struct spwd |
| 89 | */ |
| 90 | static CryptAlgo getCryptField(char* spPwdp); |
| 91 | |
| 92 | /** @brief Generates one-way hash based on salt and password |
| 93 | * |
| 94 | * @param[in] password - clear text password |
| 95 | * @param[in] salt - Combination of crypto method and salt |
| 96 | * Eg: $1$HELLO$, where in 1 is crypto method |
| 97 | * and HELLO is salt |
| 98 | */ |
| 99 | static std::string generateHash(const std::string& password, |
| 100 | const std::string& salt); |
| 101 | |
| Vishwanatha Subbanna | 070a3e4 | 2017-09-06 11:40:45 +0530 | [diff] [blame] | 102 | /** @brief Returns salt string with $ delimiter. |
| Vishwanatha Subbanna | bdb298f | 2017-09-06 11:39:22 +0530 | [diff] [blame] | 103 | * Eg: If crypt is 1 and salt is HELLO, returns $1$HELLO$ |
| 104 | * |
| 105 | * @param[in] crypt - Crypt number in string |
| 106 | * @param[in] salt - salt |
| 107 | */ |
| 108 | static std::string getSaltString(const std::string& crypt, |
| 109 | const std::string& salt); |
| Vishwanatha Subbanna | 070a3e4 | 2017-09-06 11:40:45 +0530 | [diff] [blame] | 110 | |
| 111 | /** @brief Applies the password for a given user. |
| 112 | * Writes shadow entries into a temp file |
| 113 | * |
| 114 | * @param[in] shadowFile - shadow password file |
| 115 | * @param[in] tempFile - Temporary file |
| 116 | * @param[in] password - clear text password |
| 117 | * @param[in] salt - salt |
| 118 | */ |
| 119 | void applyPassword(const std::string& shadowFile, |
| 120 | const std::string& tempFile, |
| 121 | const std::string& password, |
| 122 | const std::string& salt); |
| Vishwanatha Subbanna | 36218e6 | 2017-09-06 17:19:56 +0530 | [diff] [blame^] | 123 | |
| 124 | /** @brief Wrapper for raising exception |
| 125 | * |
| 126 | * @param[in] errNo - errno |
| 127 | * @param[in] errMsg - Error message |
| 128 | */ |
| 129 | void raiseException(int errNo, |
| 130 | const std::string& errMsg); |
| Vishwanatha Subbanna | d20225f | 2017-09-06 11:36:04 +0530 | [diff] [blame] | 131 | }; |
| 132 | |
| 133 | } // namespace user |
| 134 | } // namespace phosphor |