summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVishwanatha Subbanna <vishwa@linux.vnet.ibm.com>2017-09-06 17:19:56 +0530
committerVishwanatha Subbanna <vishwa@linux.vnet.ibm.com>2017-10-12 23:37:01 +0530
commit36218e6c390401748fb13cd05670aeb86cb8d0c2 (patch)
treec75b2ded0a12663df222837a6a73a8add2d0567f
parent070a3e49fdd8a6ecd5c71f6ee018ebe89ccd7a1f (diff)
downloadphosphor-user-manager-36218e6c390401748fb13cd05670aeb86cb8d0c2.zip
phosphor-user-manager-36218e6c390401748fb13cd05670aeb86cb8d0c2.tar.gz
Throw exceptions on password update failure
Change-Id: I78112212b0f436c6d3b05cb1f16015c2d6bb5089 Signed-off-by: Vishwanatha Subbanna <vishwa@linux.vnet.ibm.com>
-rw-r--r--user.cpp58
-rw-r--r--user.hpp8
2 files changed, 52 insertions, 14 deletions
diff --git a/user.cpp b/user.cpp
index 24cd988..f92fe10 100644
--- a/user.cpp
+++ b/user.cpp
@@ -21,6 +21,10 @@
#include <array>
#include <random>
#include <errno.h>
+#include <xyz/openbmc_project/Common/error.hpp>
+#include <phosphor-logging/log.hpp>
+#include <phosphor-logging/elog.hpp>
+#include <phosphor-logging/elog-errors.hpp>
#include "user.hpp"
#include "file.hpp"
#include "shadowlock.hpp"
@@ -35,6 +39,11 @@ constexpr auto SHADOW_FILE = "/etc/shadow";
// See crypt(3)
constexpr int SALT_LENGTH = 16;
+using namespace phosphor::logging;
+using InsufficientPermission = sdbusplus::xyz::openbmc_project::Common::
+ Error::InsufficientPermission;
+using InternalFailure = sdbusplus::xyz::openbmc_project::Common::
+ Error::InternalFailure;
// Sets or updates the password
void User::setPassword(std::string newPassword)
{
@@ -79,8 +88,7 @@ void User::applyPassword(const std::string& shadowFile,
phosphor::user::File shadow(shadowFile, "r");
if ((shadow)() == NULL)
{
- throw std::runtime_error("Error opening shadow file");
- // TODO: Throw error
+ return raiseException(errno, "Error opening shadow file");
}
// Open the temp shadow file for writing
@@ -89,8 +97,7 @@ void User::applyPassword(const std::string& shadowFile,
phosphor::user::File temp(tempFile, "w", true);
if ((temp)() == NULL)
{
- throw std::runtime_error("Error opening temp shadow file");
- // TODO: Throw error
+ return raiseException(errno, "Error opening temp shadow file");
}
// Change the permission of this new temp file
@@ -99,15 +106,13 @@ void User::applyPassword(const std::string& shadowFile,
auto r = fstat(fileno((shadow)()), &st);
if (r < 0)
{
- throw std::runtime_error("Error reading permission of shadow");
- // TODO: Throw error
+ return raiseException(errno, "Error reading shadow file mode");
}
r = fchmod(fileno((temp)()), st.st_mode);
if (r < 0)
{
- throw std::runtime_error("Error setting permission on temp file");
- // TODO: Throw error
+ return raiseException(errno, "Error setting temp file mode");
}
// Read shadow file and process
@@ -117,8 +122,15 @@ void User::applyPassword(const std::string& shadowFile,
buffer.max_size(), &pshdp);
if (r)
{
- // Done with all entries
- break;
+ if (errno == EACCES || errno == ERANGE)
+ {
+ return raiseException(errno, "Error reading shadow file");
+ }
+ else
+ {
+ // Seem to have run over all
+ break;
+ }
}
// Hash of password if the user matches
@@ -136,8 +148,7 @@ void User::applyPassword(const std::string& shadowFile,
r = putspent(&shdp, (temp)());
if (r < 0)
{
- throw std::runtime_error("Error updating temp shadow entry");
- // TODO: Throw exception
+ return raiseException(errno, "Error updating temp shadow file");
}
} // All entries
@@ -149,6 +160,24 @@ void User::applyPassword(const std::string& shadowFile,
return;
}
+void User::raiseException(int errNo, const std::string& errMsg)
+{
+ using namespace std::string_literals;
+ if (errNo == EACCES)
+ {
+ auto message = "Access denied "s + errMsg;
+ log<level::ERR>(message.c_str());
+ elog<InsufficientPermission>();
+ }
+ else
+ {
+ log<level::ERR>(errMsg.c_str(),
+ entry("USER=%s",user.c_str()),
+ entry("ERRNO=%d", errNo));
+ elog<InternalFailure>();
+ }
+}
+
std::string User::hashPassword(char* spPwdp,
const std::string& password,
const std::string& salt)
@@ -157,8 +186,9 @@ std::string User::hashPassword(char* spPwdp,
auto cryptAlgo = getCryptField(spPwdp);
if (cryptAlgo.empty())
{
- throw std::runtime_error("Error finding crypt algo");
- // TODO: Throw error
+ log<level::ERR>("Error finding crypt algo",
+ entry("USER=%s",user.c_str()));
+ elog<InternalFailure>();
}
// Update shadow password pointer with hash
diff --git a/user.hpp b/user.hpp
index 4c18c7a..44dd3a3 100644
--- a/user.hpp
+++ b/user.hpp
@@ -120,6 +120,14 @@ class User : public Interface
const std::string& tempFile,
const std::string& password,
const std::string& salt);
+
+ /** @brief Wrapper for raising exception
+ *
+ * @param[in] errNo - errno
+ * @param[in] errMsg - Error message
+ */
+ void raiseException(int errNo,
+ const std::string& errMsg);
};
} // namespace user
OpenPOWER on IntegriCloud