1 /* $NetBSD: ruserpass.c,v 1.11 2024/10/04 03:18:02 rillig Exp $ */ 2 3 /* 4 * Copyright (c) 1985, 1993, 1994 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 #if defined(LIBC_SCCS) && !defined(lint) 34 #if 0 35 static char sccsid[] = "@(#)ruserpass.c 8.4 (Berkeley) 4/27/95"; 36 #else 37 __RCSID("$NetBSD: ruserpass.c,v 1.11 2024/10/04 03:18:02 rillig Exp $"); 38 #endif 39 #endif /* LIBC_SCCS and not lint */ 40 41 #include <sys/types.h> 42 #include <sys/stat.h> 43 #include <sys/param.h> 44 45 #include <assert.h> 46 #include <ctype.h> 47 #include <err.h> 48 #include <errno.h> 49 #include <stdio.h> 50 #include <stdlib.h> 51 #include <string.h> 52 #include <unistd.h> 53 54 struct macel { 55 char mac_name[9]; /* macro name */ 56 char *mac_start; /* start of macro in macbuf */ 57 char *mac_end; /* end of macro in macbuf */ 58 }; 59 60 static int token __P((void)); 61 static FILE *cfile; 62 static int macnum; /* number of defined macros */ 63 static struct macel macros[16]; 64 static char macbuf[4096]; 65 66 #define DEFAULT 1 67 #define LOGIN 2 68 #define PASSWD 3 69 #define ACCOUNT 4 70 #define MACDEF 5 71 #define ID 10 72 #define MACH 11 73 74 static char tokval[100]; 75 76 static struct toktab { 77 char *tokstr; 78 int tval; 79 } toktab[]= { 80 { "default", DEFAULT }, 81 { "login", LOGIN }, 82 { "password", PASSWD }, 83 { "passwd", PASSWD }, 84 { "account", ACCOUNT }, 85 { "machine", MACH }, 86 { "macdef", MACDEF }, 87 { NULL, 0 } 88 }; 89 90 int ruserpass __P((const char *, char **, char **)); 91 92 int 93 ruserpass(host, aname, apass) 94 const char *host; 95 char **aname, **apass; 96 { 97 char *hdir, buf[BUFSIZ], *tmp; 98 const char *ctmp; 99 char myname[MAXHOSTNAMELEN + 1], *mydomain; 100 int t, i, c, usedefault = 0; 101 struct stat stb; 102 103 _DIAGASSERT(host != NULL); 104 _DIAGASSERT(aname != NULL); 105 _DIAGASSERT(apass != NULL); 106 107 hdir = getenv("HOME"); 108 if (hdir == NULL) 109 hdir = "."; 110 if (strlen(hdir) + sizeof(".netrc") < sizeof(buf)) { 111 (void)snprintf(buf, sizeof buf, "%s/.netrc", hdir); 112 } else { 113 warnx("%s/.netrc: %s", hdir, strerror(ENAMETOOLONG)); 114 return (0); 115 } 116 cfile = fopen(buf, "r"); 117 if (cfile == NULL) { 118 if (errno != ENOENT) 119 warn("%s", buf); 120 return (0); 121 } 122 if (gethostname(myname, sizeof(myname)) < 0) 123 myname[0] = '\0'; 124 else 125 myname[sizeof(myname) - 1] = '\0'; 126 if ((mydomain = strchr(myname, '.')) == NULL) 127 mydomain = ""; 128 next: 129 while ((t = token()) != 0) switch(t) { 130 131 case DEFAULT: 132 usedefault = 1; 133 /* FALLTHROUGH */ 134 135 case MACH: 136 if (!usedefault) { 137 if (token() != ID) 138 continue; 139 /* 140 * Allow match either for user's input host name 141 * or official hostname. Also allow match of 142 * incompletely-specified host in local domain. 143 */ 144 if (strcasecmp(host, tokval) == 0) 145 goto match; 146 if ((ctmp = strchr(host, '.')) != NULL && 147 strcasecmp(ctmp, mydomain) == 0 && 148 strncasecmp(host, tokval, 149 (size_t)(ctmp - host)) == 0 && 150 tokval[ctmp - host] == '\0') 151 goto match; 152 continue; 153 } 154 match: 155 while ((t = token()) && t != MACH && t != DEFAULT) switch(t) { 156 157 case LOGIN: 158 if (token()) { 159 if (*aname == NULL) { 160 *aname = strdup(tokval); 161 if (*aname == NULL) 162 err(1, "can't strdup *aname"); 163 } else { 164 if (strcmp(*aname, tokval)) 165 goto next; 166 } 167 } 168 break; 169 case PASSWD: 170 if ((*aname == NULL || strcmp(*aname, "anonymous")) && 171 fstat(fileno(cfile), &stb) >= 0 && 172 (stb.st_mode & 077) != 0) { 173 warnx("Error: .netrc file is readable by others."); 174 warnx("Remove password or make file unreadable by others."); 175 goto bad; 176 } 177 if (token() && *apass == NULL) { 178 *apass = strdup(tokval); 179 if (*apass == NULL) 180 err(1, "can't strdup *apass"); 181 } 182 break; 183 case ACCOUNT: 184 if (fstat(fileno(cfile), &stb) >= 0 185 && (stb.st_mode & 077) != 0) { 186 warnx("Error: .netrc file is readable by others."); 187 warnx("Remove account or make file unreadable by others."); 188 goto bad; 189 } 190 break; 191 case MACDEF: 192 while ((c=getc(cfile)) != EOF) 193 if (c != ' ' && c != '\t') 194 break; 195 if (c == EOF || c == '\n') { 196 puts("Missing macdef name argument."); 197 goto bad; 198 } 199 if (macnum == 16) { 200 puts( 201 "Limit of 16 macros have already been defined."); 202 goto bad; 203 } 204 tmp = macros[macnum].mac_name; 205 *tmp++ = c; 206 for (i=0; i < 8 && (c=getc(cfile)) != EOF && 207 !isspace(c); ++i) { 208 *tmp++ = c; 209 } 210 if (c == EOF) { 211 puts( 212 "Macro definition missing null line terminator."); 213 goto bad; 214 } 215 *tmp = '\0'; 216 if (c != '\n') { 217 while ((c=getc(cfile)) != EOF && c != '\n'); 218 } 219 if (c == EOF) { 220 puts( 221 "Macro definition missing null line terminator."); 222 goto bad; 223 } 224 if (macnum == 0) { 225 macros[macnum].mac_start = macbuf; 226 } 227 else { 228 macros[macnum].mac_start = 229 macros[macnum-1].mac_end + 1; 230 } 231 tmp = macros[macnum].mac_start; 232 while (tmp != macbuf + 4096) { 233 if ((c=getc(cfile)) == EOF) { 234 puts( 235 "Macro definition missing null line terminator."); 236 goto bad; 237 } 238 *tmp = c; 239 if (*tmp == '\n') { 240 if (*(tmp-1) == '\0') { 241 macros[macnum++].mac_end = tmp - 1; 242 break; 243 } 244 *tmp = '\0'; 245 } 246 tmp++; 247 } 248 if (tmp == macbuf + 4096) { 249 puts("4K macro buffer exceeded."); 250 goto bad; 251 } 252 break; 253 default: 254 warnx("Unknown .netrc keyword %s", tokval); 255 break; 256 } 257 goto done; 258 } 259 done: 260 (void)fclose(cfile); 261 return (0); 262 bad: 263 (void)fclose(cfile); 264 return (-1); 265 } 266 267 static int 268 token() 269 { 270 char *cp; 271 int c; 272 struct toktab *t; 273 274 if (feof(cfile) || ferror(cfile)) 275 return (0); 276 while ((c = getc(cfile)) != EOF && 277 (c == '\n' || c == '\t' || c == ' ' || c == ',')) 278 continue; 279 if (c == EOF) 280 return (0); 281 cp = tokval; 282 if (c == '"') { 283 while ((c = getc(cfile)) != EOF && c != '"') { 284 if (c == '\\') 285 c = getc(cfile); 286 *cp++ = c; 287 } 288 } else { 289 *cp++ = c; 290 while ((c = getc(cfile)) != EOF 291 && c != '\n' && c != '\t' && c != ' ' && c != ',') { 292 if (c == '\\') 293 c = getc(cfile); 294 *cp++ = c; 295 } 296 } 297 *cp = 0; 298 if (tokval[0] == 0) 299 return (0); 300 for (t = toktab; t->tokstr; t++) 301 if (!strcmp(t->tokstr, tokval)) 302 return (t->tval); 303 return (ID); 304 } 305