pinky

commit dc0be4fca8b7aae9e87a5982b1e4ab2a502d0413
Author: Paco Esteban <paco@e1e0.net>
Date:   Sun, 13 Dec 2020 12:33:51 +0100

initial commit

Diffstat:
A
Makefile
 | 
7
+++++++
A
pinky.1
 | 
66
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
A
pinky.c
 | 
97
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

3 files changed, 170 insertions(+), 0 deletions(-)
diff --git a/Makefile b/Makefile
@@ -0,0 +1,7 @@
+PROG =		pinky
+
+SRCS +=		pinky.c
+
+DEBUG =		-g -O2
+
+.include <bsd.prog.mk>
diff --git a/pinky.1 b/pinky.1
@@ -0,0 +1,66 @@
+.\" Copyright (c) 2020 Paco Esteban <paco@e1e0.net>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd December 13, 2020
+.Dt PINKY 1
+.Os
+.Sh NAME
+.Nm pinky
+.Nd small and hopefully secure
+.Xr finger 1
+replacement
+.Sh SYNOPSIS
+.Nm
+.Op Fl d Ar directory
+.Ar user
+.Sh DESCRIPTION
+.Nm
+is supposed to be invoked by
+.Xr fingerd 8 .
+It looks for a file named as the user in the folder specified by
+.Fl d .
+If
+.Fl d
+is not provided, the default folder is
+.Pa /var/pinky .
+.Pp
+.Nm
+uses
+.Xr unveil 2
+to limit itself to the default folder or the one provided by
+.Fl d ,
+and uses
+.Xr pledge 2
+to limit itself to
+.Va stdio
+and
+.Va rpath .
+.Pp
+The options are as follows:
+.Bl -tag -width Ds
+.It Fl d Ar directory
+The folder where all the user info resides.
+.It Ar user
+The user name to get the info from.
+.El
+.Sh EXIT STATUS
+.Ex -std
+.Sh AUTHORS
+.An Paco Esteban
+.Mt paco@e1e0.net
+.Sh BUGS
+I hope not so many, as this is running in one of my servers :-)
+.Pp
+If you find horrors, send patches to:
+.Mt patches@e1e0.net
diff --git a/pinky.c b/pinky.c
@@ -0,0 +1,97 @@
+/*
+ * Copyright (c) 2020 Paco Esteban <paco@e1e0.net>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <sys/syslimits.h>
+
+#include <err.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#define _VERSION 0.1
+#define _DEFAULT_BASE_PATH "/var/pinky"
+#define BUF_LEN 1024
+
+__dead void usage(void);
+
+void
+usage(void)
+{
+	fprintf(stderr, "usage: pinky [-d base_directory] user\n");
+	exit(2);
+}
+
+int
+main(int argc, char *argv[])
+{
+	FILE	*fp;
+	char	*base_path = NULL, *pinky_path = NULL, *user = NULL,
+		buf[BUF_LEN];
+	int	ch, n;
+	ssize_t	nread;
+	size_t	buflen = BUF_LEN;
+
+	base_path = _DEFAULT_BASE_PATH;
+
+	opterr = 0;
+	while ((ch = getopt(argc, argv, "d:")) != -1)
+		switch (ch) {
+		case 'd':
+			base_path = optarg;
+			break;
+		default:
+			usage();
+		}
+	argc -= optind;
+	argv += optind;
+
+	if (argc != 1) {
+		printf("No info for you today.\n");
+		exit(0);
+	}
+
+	user = strndup(argv[0], _PW_NAME_LEN);
+
+	if (unveil(base_path, "r") == -1)
+		err(1, "unveil");
+	if (pledge("stdio rpath", NULL) == -1)
+		err(1, "pledge");
+
+	n = asprintf(&pinky_path, "%s/%s", base_path, user);
+	if ((n < 0) || (n > PATH_MAX)) {
+		err(1, "path create");
+	}
+
+	if (access(pinky_path, R_OK) == -1) {
+		printf("These aren't the droids you're looking for ...\n");
+		exit(0);
+	}
+
+	if ((fp = fopen(pinky_path, "r")) == NULL)
+		err(1, "open file");
+
+	while ((nread = fread(buf, sizeof(char), buflen, fp)) != 0)
+		fwrite(buf, sizeof(char), nread, stdout);
+
+	free(pinky_path);
+	free(user);
+	fclose(fp);
+
+	exit(0);
+}
+