#pragma once #include #include #include #include #include namespace phosphor { namespace user { using CryptAlgo = std::string; namespace fs = std::experimental::filesystem; namespace Base = sdbusplus::xyz::openbmc_project::User::server; using Interface = sdbusplus::server::object::object; /** @class User * @brief Responsible for managing a specific user account. * It is implementing just the Password interface * for now. */ class User : public Interface { public: User() = delete; ~User() = default; User(const User&) = delete; User& operator=(const User&) = delete; User(User&&) = delete; User& operator=(User&&) = delete; /** @brief Constructs User object. * * @param[in] bus - sdbusplus handler * @param[in] path - D-Bus path */ User(sdbusplus::bus::bus& bus, const char* path) : Interface(bus, path), bus(bus), path(path), user(fs::path(path).filename()) { // Do nothing } /** @brief user password set method. If this is called for * a user ID that already has the password, the password * would be updated, else password would be created. * Since this needs an already authenticated session, * old password is not needed. * * @param[in] newPassword - New password */ void setPassword(std::string newPassword) override; private: /** @brief sdbusplus handler */ sdbusplus::bus::bus& bus; /** @brief object path */ const std::string& path; /** @brief User id extracted from object path */ const std::string user; /** @brief Returns a random string from set [A-Za-z0-9./] * of length size * * @param[in] numChars - length of string */ static const std::string randomString(int length); /** @brief Returns password hash created with crypt algo, * salt and password * * @param[in] spPwdp - sp_pwdp of struct spwd * @param[in] password - clear text password * @param[in] salt - Random salt */ std::string hashPassword(char* spPwdp, const std::string& password, const std::string& salt); /** @brief Extracts crypto number from the shadow entry for user * * @param[in] spPwdp - sp_pwdp of struct spwd */ static CryptAlgo getCryptField(char* spPwdp); /** @brief Generates one-way hash based on salt and password * * @param[in] password - clear text password * @param[in] salt - Combination of crypto method and salt * Eg: $1$HELLO$, where in 1 is crypto method * and HELLO is salt */ static std::string generateHash(const std::string& password, const std::string& salt); /** @brief Returns salt string with $ delimiter. * Eg: If crypt is 1 and salt is HELLO, returns $1$HELLO$ * * @param[in] crypt - Crypt number in string * @param[in] salt - salt */ static std::string getSaltString(const std::string& crypt, const std::string& salt); /** @brief Applies the password for a given user. * Writes shadow entries into a temp file * * @param[in] shadowFile - shadow password file * @param[in] password - clear text password * @param[in] salt - salt */ void applyPassword(const std::string& shadowFile, const std::string& password, const std::string& salt); /** @brief Wrapper for raising exception * * @param[in] errNo - errno * @param[in] errMsg - Error message */ void raiseException(int errNo, const std::string& errMsg); /** @brief For enabling test cases */ friend class UserTest; }; } // namespace user } // namespace phosphor