hscript: Implement username validity check and UserAlias code; add tests

1 files changed, 76 insertions, 3 deletions

diff --git a/hscript/user.cc b/hscript/user.cc
index 33f9789..8382f1c 100644
--- a/hscript/user.cc
+++ b/hscript/user.cc
@@ -38,6 +38,69 @@ const static std::set<std::string> system_groups = {
     "qmaill", "smmsp", "locate", "abuild", "utmp", "ping", "nogroup", "nobody"
 };
 
+
+/*
+ * is_valid_name is from shadow libmisc/chkname.c:
+ *
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2005, Tomasz Kłoczko
+ * Copyright (c) 2005 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+static bool is_valid_name (const char *name)
+{
+        /*
+         * User/group names must match [a-z_][a-z0-9_-]*[$]
+         */
+        if (('\0' == *name) ||
+            !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) {
+                return false;
+        }
+
+        while ('\0' != *++name) {
+                if (!(( ('a' <= *name) && ('z' >= *name) ) ||
+                      ( ('0' <= *name) && ('9' >= *name) ) ||
+                      ('_' == *name) ||
+                      ('-' == *name) ||
+                      ('.' == *name) ||
+                      ( ('$' == *name) && ('\0' == *(name + 1)) )
+                     )) {
+                        return false;
+                }
+        }
+
+        return true;
+}
+
+/* End above copyright ^ */
+
+
 Key *RootPassphrase::parseFromData(const std::string &data, int lineno,
                                    int *errors, int *warnings) {
     if(data.size() < 5 || data[0] != '$' || (data[1] != '2' && data[1] != '6')
@@ -107,7 +170,7 @@ bool RootPassphrase::execute(ScriptOptions options) const {
 
 Key *Username::parseFromData(const std::string &data, int lineno, int *errors,
                              int *warnings) {
-    if(data.find_first_of(' ') != std::string::npos) {
+    if(!is_valid_name(data.c_str())) {
         if(errors) *errors += 1;
         output_error("installfile:" + std::to_string(lineno),
                      "username: invalid username specified");
@@ -132,11 +195,21 @@ bool Username::execute(ScriptOptions) const {
 
 Key *UserAlias::parseFromData(const std::string &data, int lineno, int *errors,
                               int *warnings) {
-    return nullptr;
+    /* REQ: Runner.Validate.useralias.Validity */
+    const std::string::size_type sep = data.find_first_of(' ');
+    if(sep == std::string::npos || data.length() == sep + 1) {
+        if(errors) *errors += 1;
+        output_error("installfile:" + std::to_string(lineno),
+                     "useralias: alias is required",
+                     "expected format is: useralias [username] [alias...]");
+        return nullptr;
+    }
+
+    return new UserAlias(lineno, data.substr(0, sep), data.substr(sep + 1));
 }
 
 bool UserAlias::validate(ScriptOptions) const {
-    return false;
+    return true;
 }
 
 bool UserAlias::execute(ScriptOptions) const {