1 /* $NetBSD: ruserpass.c,v 1.29 2003/08/07 11:13:57 agc Exp $ */ 2 3 /* 4 * Copyright (c) 1985, 1993, 1994 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 #ifndef lint 34 #if 0 35 static char sccsid[] = "@(#)ruserpass.c 8.4 (Berkeley) 4/27/95"; 36 #else 37 __RCSID("$NetBSD: ruserpass.c,v 1.29 2003/08/07 11:13:57 agc Exp $"); 38 #endif 39 #endif /* not lint */ 40 41 #include <sys/types.h> 42 #include <sys/stat.h> 43 44 #include <ctype.h> 45 #include <err.h> 46 #include <errno.h> 47 #include <netdb.h> 48 #include <stdio.h> 49 #include <stdlib.h> 50 #include <string.h> 51 #include <unistd.h> 52 53 #include "ftp_var.h" 54 55 static int token(void); 56 static FILE *cfile; 57 58 #define DEFAULT 1 59 #define LOGIN 2 60 #define PASSWD 3 61 #define ACCOUNT 4 62 #define MACDEF 5 63 #define ID 10 64 #define MACH 11 65 66 static char tokval[100]; 67 68 static struct toktab { 69 char *tokstr; 70 int tval; 71 } toktab[] = { 72 { "default", DEFAULT }, 73 { "login", LOGIN }, 74 { "password", PASSWD }, 75 { "passwd", PASSWD }, 76 { "account", ACCOUNT }, 77 { "machine", MACH }, 78 { "macdef", MACDEF }, 79 { NULL, 0 } 80 }; 81 82 int 83 ruserpass(const char *host, const char **aname, const char **apass, 84 const char **aacct) 85 { 86 char *tmp; 87 char myname[MAXHOSTNAMELEN + 1], *mydomain; 88 int t, i, c, usedefault = 0; 89 struct stat stb; 90 91 if (netrc[0] == '\0') 92 return (0); 93 cfile = fopen(netrc, "r"); 94 if (cfile == NULL) { 95 if (errno != ENOENT) 96 warn("%s", netrc); 97 return (0); 98 } 99 if (gethostname(myname, sizeof(myname)) < 0) 100 myname[0] = '\0'; 101 myname[sizeof(myname) - 1] = '\0'; 102 if ((mydomain = strchr(myname, '.')) == NULL) 103 mydomain = ""; 104 next: 105 while ((t = token())) switch(t) { 106 107 case DEFAULT: 108 usedefault = 1; 109 /* FALL THROUGH */ 110 111 case MACH: 112 if (!usedefault) { 113 if (token() != ID) 114 continue; 115 /* 116 * Allow match either for user's input host name 117 * or official hostname. Also allow match of 118 * incompletely-specified host in local domain. 119 */ 120 if (strcasecmp(host, tokval) == 0) 121 goto match; 122 if (strcasecmp(hostname, tokval) == 0) 123 goto match; 124 if ((tmp = strchr(hostname, '.')) != NULL && 125 strcasecmp(tmp, mydomain) == 0 && 126 strncasecmp(hostname, tokval, tmp-hostname) == 0 && 127 tokval[tmp - hostname] == '\0') 128 goto match; 129 if ((tmp = strchr(host, '.')) != NULL && 130 strcasecmp(tmp, mydomain) == 0 && 131 strncasecmp(host, tokval, tmp - host) == 0 && 132 tokval[tmp - host] == '\0') 133 goto match; 134 continue; 135 } 136 match: 137 while ((t = token()) && t != MACH && t != DEFAULT) switch(t) { 138 139 case LOGIN: 140 if (token()) { 141 if (*aname == NULL) 142 *aname = xstrdup(tokval); 143 else { 144 if (strcmp(*aname, tokval)) 145 goto next; 146 } 147 } 148 break; 149 case PASSWD: 150 if ((*aname == NULL || strcmp(*aname, "anonymous")) && 151 fstat(fileno(cfile), &stb) >= 0 && 152 (stb.st_mode & 077) != 0) { 153 warnx("Error: .netrc file is readable by others."); 154 warnx("Remove password or make file unreadable by others."); 155 goto bad; 156 } 157 if (token() && *apass == NULL) 158 *apass = xstrdup(tokval); 159 break; 160 case ACCOUNT: 161 if (fstat(fileno(cfile), &stb) >= 0 162 && (stb.st_mode & 077) != 0) { 163 warnx("Error: .netrc file is readable by others."); 164 warnx("Remove account or make file unreadable by others."); 165 goto bad; 166 } 167 if (token() && *aacct == NULL) 168 *aacct = xstrdup(tokval); 169 break; 170 case MACDEF: 171 if (proxy) { 172 (void)fclose(cfile); 173 return (0); 174 } 175 while ((c = getc(cfile)) != EOF) 176 if (c != ' ' && c != '\t') 177 break; 178 if (c == EOF || c == '\n') { 179 fputs("Missing macdef name argument.\n", 180 ttyout); 181 goto bad; 182 } 183 if (macnum == 16) { 184 fputs( 185 "Limit of 16 macros have already been defined.\n", 186 ttyout); 187 goto bad; 188 } 189 tmp = macros[macnum].mac_name; 190 *tmp++ = c; 191 for (i = 0; i < 8 && (c = getc(cfile)) != EOF && 192 !isspace(c); ++i) { 193 *tmp++ = c; 194 } 195 if (c == EOF) { 196 fputs( 197 "Macro definition missing null line terminator.\n", 198 ttyout); 199 goto bad; 200 } 201 *tmp = '\0'; 202 if (c != '\n') { 203 while ((c = getc(cfile)) != EOF && c != '\n'); 204 } 205 if (c == EOF) { 206 fputs( 207 "Macro definition missing null line terminator.\n", 208 ttyout); 209 goto bad; 210 } 211 if (macnum == 0) { 212 macros[macnum].mac_start = macbuf; 213 } 214 else { 215 macros[macnum].mac_start = 216 macros[macnum-1].mac_end + 1; 217 } 218 tmp = macros[macnum].mac_start; 219 while (tmp != macbuf + 4096) { 220 if ((c = getc(cfile)) == EOF) { 221 fputs( 222 "Macro definition missing null line terminator.\n", 223 ttyout); 224 goto bad; 225 } 226 *tmp = c; 227 if (*tmp == '\n') { 228 if (*(tmp-1) == '\0') { 229 macros[macnum++].mac_end = tmp - 1; 230 break; 231 } 232 *tmp = '\0'; 233 } 234 tmp++; 235 } 236 if (tmp == macbuf + 4096) { 237 fputs("4K macro buffer exceeded.\n", 238 ttyout); 239 goto bad; 240 } 241 break; 242 default: 243 warnx("Unknown .netrc keyword %s", tokval); 244 break; 245 } 246 goto done; 247 } 248 done: 249 (void)fclose(cfile); 250 return (0); 251 bad: 252 (void)fclose(cfile); 253 return (-1); 254 } 255 256 static int 257 token(void) 258 { 259 char *cp; 260 int c; 261 struct toktab *t; 262 263 if (feof(cfile) || ferror(cfile)) 264 return (0); 265 while ((c = getc(cfile)) != EOF && 266 (c == '\n' || c == '\t' || c == ' ' || c == ',')) 267 continue; 268 if (c == EOF) 269 return (0); 270 cp = tokval; 271 if (c == '"') { 272 while ((c = getc(cfile)) != EOF && c != '"') { 273 if (c == '\\') 274 c = getc(cfile); 275 *cp++ = c; 276 } 277 } else { 278 *cp++ = c; 279 while ((c = getc(cfile)) != EOF 280 && c != '\n' && c != '\t' && c != ' ' && c != ',') { 281 if (c == '\\') 282 c = getc(cfile); 283 *cp++ = c; 284 } 285 } 286 *cp = 0; 287 if (tokval[0] == 0) 288 return (0); 289 for (t = toktab; t->tokstr; t++) 290 if (!strcmp(t->tokstr, tokval)) 291 return (t->tval); 292 return (ID); 293 } 294