diff options
author | Vishwanatha Subbanna <vishwa@linux.vnet.ibm.com> | 2017-09-06 17:19:56 +0530 |
---|---|---|
committer | Vishwanatha Subbanna <vishwa@linux.vnet.ibm.com> | 2017-10-12 23:37:01 +0530 |
commit | 36218e6c390401748fb13cd05670aeb86cb8d0c2 (patch) | |
tree | c75b2ded0a12663df222837a6a73a8add2d0567f | |
parent | 070a3e49fdd8a6ecd5c71f6ee018ebe89ccd7a1f (diff) | |
download | phosphor-user-manager-36218e6c390401748fb13cd05670aeb86cb8d0c2.tar.gz phosphor-user-manager-36218e6c390401748fb13cd05670aeb86cb8d0c2.zip |
Throw exceptions on password update failure
Change-Id: I78112212b0f436c6d3b05cb1f16015c2d6bb5089
Signed-off-by: Vishwanatha Subbanna <vishwa@linux.vnet.ibm.com>
-rw-r--r-- | user.cpp | 58 | ||||
-rw-r--r-- | user.hpp | 8 |
2 files changed, 52 insertions, 14 deletions
@@ -21,6 +21,10 @@ #include <array> #include <random> #include <errno.h> +#include <xyz/openbmc_project/Common/error.hpp> +#include <phosphor-logging/log.hpp> +#include <phosphor-logging/elog.hpp> +#include <phosphor-logging/elog-errors.hpp> #include "user.hpp" #include "file.hpp" #include "shadowlock.hpp" @@ -35,6 +39,11 @@ constexpr auto SHADOW_FILE = "/etc/shadow"; // See crypt(3) constexpr int SALT_LENGTH = 16; +using namespace phosphor::logging; +using InsufficientPermission = sdbusplus::xyz::openbmc_project::Common:: + Error::InsufficientPermission; +using InternalFailure = sdbusplus::xyz::openbmc_project::Common:: + Error::InternalFailure; // Sets or updates the password void User::setPassword(std::string newPassword) { @@ -79,8 +88,7 @@ void User::applyPassword(const std::string& shadowFile, phosphor::user::File shadow(shadowFile, "r"); if ((shadow)() == NULL) { - throw std::runtime_error("Error opening shadow file"); - // TODO: Throw error + return raiseException(errno, "Error opening shadow file"); } // Open the temp shadow file for writing @@ -89,8 +97,7 @@ void User::applyPassword(const std::string& shadowFile, phosphor::user::File temp(tempFile, "w", true); if ((temp)() == NULL) { - throw std::runtime_error("Error opening temp shadow file"); - // TODO: Throw error + return raiseException(errno, "Error opening temp shadow file"); } // Change the permission of this new temp file @@ -99,15 +106,13 @@ void User::applyPassword(const std::string& shadowFile, auto r = fstat(fileno((shadow)()), &st); if (r < 0) { - throw std::runtime_error("Error reading permission of shadow"); - // TODO: Throw error + return raiseException(errno, "Error reading shadow file mode"); } r = fchmod(fileno((temp)()), st.st_mode); if (r < 0) { - throw std::runtime_error("Error setting permission on temp file"); - // TODO: Throw error + return raiseException(errno, "Error setting temp file mode"); } // Read shadow file and process @@ -117,8 +122,15 @@ void User::applyPassword(const std::string& shadowFile, buffer.max_size(), &pshdp); if (r) { - // Done with all entries - break; + if (errno == EACCES || errno == ERANGE) + { + return raiseException(errno, "Error reading shadow file"); + } + else + { + // Seem to have run over all + break; + } } // Hash of password if the user matches @@ -136,8 +148,7 @@ void User::applyPassword(const std::string& shadowFile, r = putspent(&shdp, (temp)()); if (r < 0) { - throw std::runtime_error("Error updating temp shadow entry"); - // TODO: Throw exception + return raiseException(errno, "Error updating temp shadow file"); } } // All entries @@ -149,6 +160,24 @@ void User::applyPassword(const std::string& shadowFile, return; } +void User::raiseException(int errNo, const std::string& errMsg) +{ + using namespace std::string_literals; + if (errNo == EACCES) + { + auto message = "Access denied "s + errMsg; + log<level::ERR>(message.c_str()); + elog<InsufficientPermission>(); + } + else + { + log<level::ERR>(errMsg.c_str(), + entry("USER=%s",user.c_str()), + entry("ERRNO=%d", errNo)); + elog<InternalFailure>(); + } +} + std::string User::hashPassword(char* spPwdp, const std::string& password, const std::string& salt) @@ -157,8 +186,9 @@ std::string User::hashPassword(char* spPwdp, auto cryptAlgo = getCryptField(spPwdp); if (cryptAlgo.empty()) { - throw std::runtime_error("Error finding crypt algo"); - // TODO: Throw error + log<level::ERR>("Error finding crypt algo", + entry("USER=%s",user.c_str())); + elog<InternalFailure>(); } // Update shadow password pointer with hash @@ -120,6 +120,14 @@ class User : public Interface const std::string& tempFile, const std::string& password, const std::string& salt); + + /** @brief Wrapper for raising exception + * + * @param[in] errNo - errno + * @param[in] errMsg - Error message + */ + void raiseException(int errNo, + const std::string& errMsg); }; } // namespace user |