xref: /netbsd-src/crypto/external/bsd/heimdal/dist/lib/krb5/get_default_principal.c (revision afab4e300d3a9fb07dd8c80daf53d0feb3345706) 
1 /*	$NetBSD: get_default_principal.c,v 1.4 2023/06/19 21:41:44 christos Exp $	*/
2 
3 /*
4  * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
5  * (Royal Institute of Technology, Stockholm, Sweden).
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  *
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  *
19  * 3. Neither the name of the Institute nor the names of its contributors
20  *    may be used to endorse or promote products derived from this software
21  *    without specific prior written permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33  * SUCH DAMAGE.
34  */
35 
36 #include "krb5_locl.h"
37 
38 /*
39  * Try to find out what's a reasonable default principal.
40  */
41 
42 static const char*
get_env_user(void)43 get_env_user(void)
44 {
45     const char *user = getenv("USER");
46     if(user == NULL)
47 	user = getenv("LOGNAME");
48     if(user == NULL)
49 	user = getenv("USERNAME");
50     return user;
51 }
52 
53 #ifndef _WIN32
54 
55 /*
56  * Will only use operating-system dependant operation to get the
57  * default principal, for use of functions that in ccache layer to
58  * avoid recursive calls.
59  */
60 
61 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
_krb5_get_default_principal_local(krb5_context context,krb5_principal * princ)62 _krb5_get_default_principal_local (krb5_context context,
63 				   krb5_principal *princ)
64 {
65     krb5_error_code ret;
66     const char *user;
67     uid_t uid;
68 
69     *princ = NULL;
70 
71     uid = getuid();
72     if(uid == 0) {
73 	user = getlogin();
74 	if(user == NULL)
75 	    user = get_env_user();
76 	if(user != NULL && strcmp(user, "root") != 0)
77 	    ret = krb5_make_principal(context, princ, NULL, user, "root", NULL);
78 	else
79 	    ret = krb5_make_principal(context, princ, NULL, "root", NULL);
80     } else {
81 	struct passwd pw, *pwd = NULL;
82 	char pwbuf[2048];
83 
84 	if (rk_getpwuid_r(uid, &pw, pwbuf, sizeof(pwbuf), &pwd) == 0)
85 	    user = pwd->pw_name;
86 	else {
87 	    user = get_env_user();
88 	    if(user == NULL)
89 		user = getlogin();
90 	}
91 	if(user == NULL) {
92 	    krb5_set_error_message(context, ENOTTY,
93 				   N_("unable to figure out current "
94 				      "principal", ""));
95 	    return ENOTTY; /* XXX */
96 	}
97 	ret = krb5_make_principal(context, princ, NULL, user, NULL);
98     }
99     return ret;
100 }
101 
102 #else  /* _WIN32 */
103 
104 #define SECURITY_WIN32
105 #include <security.h>
106 
107 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
_krb5_get_default_principal_local(krb5_context context,krb5_principal * princ)108 _krb5_get_default_principal_local(krb5_context context,
109 				  krb5_principal *princ)
110 {
111     /* See if we can get the principal first.  We only expect this to
112        work if logged into a domain. */
113     {
114 	char username[1024];
115 	ULONG sz = sizeof(username);
116 
117 	if (GetUserNameEx(NameUserPrincipal, username, &sz)) {
118 	    return krb5_parse_name_flags(context, username,
119 					 KRB5_PRINCIPAL_PARSE_ENTERPRISE,
120 					 princ);
121 	}
122     }
123 
124     /* Just get the Windows username.  This should pretty much always
125        work. */
126     {
127 	char username[1024];
128 	DWORD dsz = sizeof(username);
129 
130 	if (GetUserName(username, &dsz)) {
131 	    return krb5_make_principal(context, princ, NULL, username, NULL);
132 	}
133     }
134 
135     /* Failing that, we look at the environment */
136     {
137 	const char * username = get_env_user();
138 
139 	if (username == NULL) {
140 	    krb5_set_error_string(context,
141 				  "unable to figure out current principal");
142 	    return ENOTTY;	/* Really? */
143 	}
144 
145 	return krb5_make_principal(context, princ, NULL, username, NULL);
146     }
147 }
148 
149 #endif
150 
151 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_get_default_principal(krb5_context context,krb5_principal * princ)152 krb5_get_default_principal (krb5_context context,
153 			    krb5_principal *princ)
154 {
155     krb5_error_code ret;
156     krb5_ccache id;
157 
158     *princ = NULL;
159 
160     ret = krb5_cc_default (context, &id);
161     if (ret == 0) {
162 	ret = krb5_cc_get_principal (context, id, princ);
163 	krb5_cc_close (context, id);
164 	if (ret == 0)
165 	    return 0;
166     }
167 
168     return _krb5_get_default_principal_local(context, princ);
169 }
170