lib/audit_help.c: We don't support names that need encoding

lib/audit_help.c

@@ -66,12 +66,11 @@ void audit_logger (int type, MAYBE_UNUSED const char *pgname, const char *op,
                    const char *name, unsigned int id,
                    shadow_audit_result result)
 {
-	if (audit_fd < 0) {
+	if (audit_fd < 0)
 		return;
-	} else {
-		audit_log_acct_message (audit_fd, type, NULL, op, name, id,
-		                        NULL, NULL, NULL, result);
-	}
+
+	audit_log_acct_message(audit_fd, type, NULL, op, name, id,
+	                       NULL, NULL, NULL, result);
 }
 
 /*
@@ -96,41 +95,31 @@ audit_logger_with_group(int type, const char *op, const char *name,
     id_t id, const char *grp_type, const char *grp,
     shadow_audit_result result)
 {
-	int len;
-	char enc_group[GROUP_NAME_MAX_LENGTH * 2 + 1];
-	char buf[countof(enc_group) + 100];
+	char  buf[GROUP_NAME_MAX_LENGTH + 100];
 
 	if (audit_fd < 0)
 		return;
 
-	len = strnlen(grp, sizeof(enc_group)/2);
-	if (audit_value_needs_encoding(grp, len)) {
-		SNPRINTF(buf, "%s %s=%s", op, grp_type,
-			audit_encode_value(enc_group, grp, len));
-	} else {
-		SNPRINTF(buf, "%s %s=\"%s\"", op, grp_type, grp);
-	}
+	SNPRINTF(buf, "%s %s=\"%s\"", op, grp_type, grp);
 
 	audit_log_acct_message(audit_fd, type, NULL, buf, name, id,
 		               NULL, NULL, NULL, result);
 }
 
 void audit_logger_message (const char *message, shadow_audit_result result)
 {
-	if (audit_fd < 0) {
+	if (audit_fd < 0)
 		return;
-	} else {
-		audit_log_user_message (audit_fd,
-		                        AUDIT_USYS_CONFIG,
-		                        message,
-		                        NULL, /* hostname */
-		                        NULL, /* addr */
-		                        NULL, /* tty */
-		                        result);
-	}
+
+	audit_log_user_message (audit_fd,
+	                        AUDIT_USYS_CONFIG,
+	                        message,
+	                        NULL, /* hostname */
+	                        NULL, /* addr */
+	                        NULL, /* tty */
+	                        result);
 }
 
 #else				/* WITH_AUDIT */
 extern int ISO_C_forbids_an_empty_translation_unit;
 #endif				/* WITH_AUDIT */
-

lib/chkname.c

@@ -13,7 +13,8 @@
  *   true  - OK
  *   false - bad name
  * errors:
- *   EINVAL	Invalid name characters or sequences
+ *   EINVAL	Invalid name
+ *   EILSEQ	Invalid name character sequence (acceptable with --badname)
  *   EOVERFLOW	Name longer than maximum size
  */
 
@@ -31,8 +32,11 @@
 
 #include "defines.h"
 #include "chkname.h"
+#include "string/ctype/strchrisascii/strchriscntrl.h"
 #include "string/ctype/strisascii/strisdigit.h"
 #include "string/strcmp/streq.h"
+#include "string/strcmp/strcaseeq.h"
+#include "string/strcmp/strprefix.h"
 
 
 #ifndef  LOGIN_NAME_MAX
@@ -59,6 +63,21 @@ login_name_max_size(void)
 static bool
 is_valid_name(const char *name)
 {
+	if (streq(name, "")
+	 || streq(name, ".")
+	 || streq(name, "..")
+	 || strcaseeq(name, "none")
+	 || strcaseeq(name, "all")
+	 || strcaseeq(name, "except")
+	 || strprefix(name, "-")
+	 || strpbrk(name, " !\"#&*+,/:;@|~")
+	 || strchriscntrl(name)
+	 || strisdigit(name))
+	{
+		errno = EINVAL;
+		return false;
+	}
+
 	if (allow_bad_names) {
 		return true;
 	}
@@ -69,25 +88,15 @@ is_valid_name(const char *name)
          *
          * as a non-POSIX, extension, allow "$" as the last char for
          * sake of Samba 3.x "add machine script"
-         *
-         * Also do not allow fully numeric names or just "." or "..".
          */
 
-	if (strisdigit(name)) {
-		errno = EINVAL;
-		return false;
-	}
-
-	if (streq(name, "") ||
-	    streq(name, ".") ||
-	    streq(name, "..") ||
-	    !((*name >= 'a' && *name <= 'z') ||
+	if (!((*name >= 'a' && *name <= 'z') ||
 	      (*name >= 'A' && *name <= 'Z') ||
 	      (*name >= '0' && *name <= '9') ||
 	      *name == '_' ||
 	      *name == '.'))
 	{
-		errno = EINVAL;
+		errno = EILSEQ;
 		return false;
 	}
 
@@ -101,7 +110,7 @@ is_valid_name(const char *name)
 		      streq(name, "$")
 		     ))
 		{
-			errno = EINVAL;
+			errno = EILSEQ;
 			return false;
 		}
 	}

src/newusers.c

@@ -391,7 +391,7 @@ static int add_user (const char *name, uid_t uid, gid_t gid)
 
 	/* Check if this is a valid user name */
 	if (!is_valid_user_name(name)) {
-		if (errno == EINVAL) {
+		if (errno == EILSEQ) {
 			fprintf(stderr,
 			        _("%s: invalid user name '%s': use --badname to ignore\n"),
 			        Prog, name);

src/pwck.c

@@ -476,7 +476,7 @@ static void check_pw_file (bool *errors, bool *changed)
 		 */
 
 		if (!is_valid_user_name(pwd->pw_name)) {
-			if (errno == EINVAL) {
+			if (errno == EILSEQ) {
 				printf(_("invalid user name '%s': use --badname to ignore\n"),
 				       pwd->pw_name);
 			} else {

src/useradd.c

@@ -1493,7 +1493,7 @@ static void process_flags (int argc, char **argv)
 
 		user_name = argv[optind];
 		if (!is_valid_user_name(user_name)) {
-			if (errno == EINVAL) {
+			if (errno == EILSEQ) {
 				fprintf(stderr,
 				        _("%s: invalid user name '%s': use --badname to ignore\n"),
 				        Prog, user_name);

src/usermod.c

@@ -1127,7 +1127,7 @@ process_flags(int argc, char **argv)
 				/*@notreached@*/break;
 			case 'l':
 				if (!is_valid_user_name(optarg)) {
-					if (errno == EINVAL) {
+					if (errno == EILSEQ) {
 						fprintf(stderr,
 						        _("%s: invalid user name '%s': use --badname to ignore\n"),
 						        Prog, optarg);