appl/ftp/ftp/ruserpass.c

   1 /*
   2  * Copyright (c) 1985, 1993, 1994
   3  *      The Regents of the University of California.  All rights reserved.
   4  *
   5  * Redistribution and use in source and binary forms, with or without
   6  * modification, are permitted provided that the following conditions
   7  * are met:
   8  * 1. Redistributions of source code must retain the above copyright
   9  *    notice, this list of conditions and the following disclaimer.
  10  * 2. Redistributions in binary form must reproduce the above copyright
  11  *    notice, this list of conditions and the following disclaimer in the
  12  *    documentation and/or other materials provided with the distribution.
  13  * 3. All advertising materials mentioning features or use of this software
  14  *    must display the following acknowledgement:
  15  *      This product includes software developed by the University of
  16  *      California, Berkeley and its contributors.
  17  * 4. Neither the name of the University nor the names of its contributors
  18  *    may be used to endorse or promote products derived from this software
  19  *    without specific prior written permission.
  20  *
  21  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
  22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  31  * SUCH DAMAGE.
  32  */
  33
  34 #include "ftp_locl.h"
  35 RCSID("$Id$");
  36
  37 static  int token (void);
  38 static  FILE *cfile;
  39
  40 #define DEFAULT 1
  41 #define LOGIN   2
  42 #define PASSWD  3
  43 #define ACCOUNT 4
  44 #define MACDEF  5
  45 #define PROT    6
  46 #define ID      10
  47 #define MACH    11
  48
  49 static char tokval[100];
  50
  51 static struct toktab {
  52         char *tokstr;
  53         int tval;
  54 } toktab[]= {
  55         { "default",    DEFAULT },
  56         { "login",      LOGIN },
  57         { "password",   PASSWD },
  58         { "passwd",     PASSWD },
  59         { "account",    ACCOUNT },
  60         { "machine",    MACH },
  61         { "macdef",     MACDEF },
  62         { "prot",       PROT },
  63         { NULL,         0 }
  64 };
  65
  66 /*
  67  * Write a copy of the hostname into `hostname, sz' and return a guess
  68  * as to the `domain' of that hostname.
  69  */
  70
  71 static char *
  72 guess_domain (char *hostname_str, size_t sz)
  73 {
  74     struct addrinfo *ai, *a;
  75     struct addrinfo hints;
  76     int error;
  77     char *dot;
  78
  79     if (gethostname (hostname_str, sz) < 0) {
  80         strlcpy (hostname_str, "", sz);
  81         return "";
  82     }
  83     dot = strchr (hostname_str, '.');
  84     if (dot != NULL)
  85         return dot + 1;
  86
  87     memset (&hints, 0, sizeof(hints));
  88     hints.ai_flags = AI_CANONNAME;
  89
  90     error = getaddrinfo (hostname_str, NULL, &hints, &ai);
  91     if (error)
  92         return hostname_str;
  93
  94     for (a = ai; a != NULL; a = a->ai_next)
  95         if (a->ai_canonname != NULL) {
  96             strlcpy (hostname_str, ai->ai_canonname, sz);
  97             break;
  98         }
  99     freeaddrinfo (ai);
 100     dot = strchr (hostname_str, '.');
 101     if (dot != NULL)
 102         return dot + 1;
 103     else
 104         return hostname_str;
 105 }
 106
 107 int
 108 ruserpassword(char *host, char **aname, char **apass, char **aacct)
 109 {
 110     char *hdir, buf[BUFSIZ], *tmp;
 111     int t, i, c, usedefault = 0;
 112     struct stat stb;
 113
 114     mydomain = guess_domain (myhostname, MaxHostNameLen);
 115
 116     hdir = getenv("HOME");
 117     if (hdir == NULL)
 118         hdir = ".";
 119     snprintf(buf, sizeof(buf), "%s/.netrc", hdir);
 120     cfile = fopen(buf, "r");
 121     if (cfile == NULL) {
 122         if (errno != ENOENT)
 123             warn("%s", buf);
 124         return (0);
 125     }
 126
 127 next:
 128     while ((t = token())) switch(t) {
 129
 130     case DEFAULT:
 131         usedefault = 1;
 132         /* FALL THROUGH */
 133
 134     case MACH:
 135         if (!usedefault) {
 136             if (token() != ID)
 137                 continue;
 138             /*
 139              * Allow match either for user's input host name
 140              * or official hostname.  Also allow match of
 141              * incompletely-specified host in local domain.
 142              */
 143             if (strcasecmp(host, tokval) == 0)
 144                 goto match;
 145             if (strcasecmp(hostname, tokval) == 0)
 146                 goto match;
 147             if ((tmp = strchr(hostname, '.')) != NULL &&
 148                 tmp++ &&
 149                 strcasecmp(tmp, mydomain) == 0 &&
 150                 strncasecmp(hostname, tokval, tmp-hostname) == 0 &&
 151                 tokval[tmp - hostname] == '\0')
 152                 goto match;
 153             if ((tmp = strchr(host, '.')) != NULL &&
 154                 tmp++ &&
 155                 strcasecmp(tmp, mydomain) == 0 &&
 156                 strncasecmp(host, tokval, tmp - host) == 0 &&
 157                 tokval[tmp - host] == '\0')
 158                 goto match;
 159             continue;
 160         }
 161     match:
 162         while ((t = token()) && t != MACH && t != DEFAULT) switch(t) {
 163
 164         case LOGIN:
 165             if (token()) {
 166                 if (*aname == 0) {
 167                     *aname = strdup(tokval);
 168                 } else {
 169                     if (strcmp(*aname, tokval))
 170                         goto next;
 171                 }
 172             }
 173             break;
 174         case PASSWD:
 175             if ((*aname == NULL || strcmp(*aname, "anonymous")) &&
 176                 fstat(fileno(cfile), &stb) >= 0 &&
 177                 (stb.st_mode & 077) != 0) {
 178                 warnx("Error: .netrc file is readable by others.");
 179                 warnx("Remove password or make file unreadable by others.");
 180                 goto bad;
 181             }
 182             if (token() && *apass == 0) {
 183                 *apass = strdup(tokval);
 184             }
 185             break;
 186         case ACCOUNT:
 187             if (fstat(fileno(cfile), &stb) >= 0
 188                 && (stb.st_mode & 077) != 0) {
 189                 warnx("Error: .netrc file is readable by others.");
 190                 warnx("Remove account or make file unreadable by others.");
 191                 goto bad;
 192             }
 193             if (token() && *aacct == 0) {
 194                 *aacct = strdup(tokval);
 195             }
 196             break;
 197         case MACDEF:
 198             if (proxy) {
 199                 fclose(cfile);
 200                 return (0);
 201             }
 202             while ((c=getc(cfile)) != EOF &&
 203                    (c == ' ' || c == '\t'));
 204             if (c == EOF || c == '\n') {
 205                 printf("Missing macdef name argument.\n");
 206                 goto bad;
 207             }
 208             if (macnum == 16) {
 209                 printf("Limit of 16 macros have already been defined\n");
 210                 goto bad;
 211             }
 212             tmp = macros[macnum].mac_name;
 213             *tmp++ = c;
 214             for (i=0; i < 8 && (c=getc(cfile)) != EOF &&
 215                      !isspace(c); ++i) {
 216                 *tmp++ = c;
 217             }
 218             if (c == EOF) {
 219                 printf("Macro definition missing null line terminator.\n");
 220                 goto bad;
 221             }
 222             *tmp = '\0';
 223             if (c != '\n') {
 224                 while ((c=getc(cfile)) != EOF && c != '\n');
 225             }
 226             if (c == EOF) {
 227                 printf("Macro definition missing null line terminator.\n");
 228                 goto bad;
 229             }
 230             if (macnum == 0) {
 231                 macros[macnum].mac_start = macbuf;
 232             }
 233             else {
 234                 macros[macnum].mac_start = macros[macnum-1].mac_end + 1;
 235             }
 236             tmp = macros[macnum].mac_start;
 237             while (tmp != macbuf + 4096) {
 238                 if ((c=getc(cfile)) == EOF) {
 239                     printf("Macro definition missing null line terminator.\n");
 240                     goto bad;
 241                 }
 242                 *tmp = c;
 243                 if (*tmp == '\n') {
 244                     if (*(tmp-1) == '\0') {
 245                         macros[macnum++].mac_end = tmp - 1;
 246                         break;
 247                     }
 248                     *tmp = '\0';
 249                 }
 250                 tmp++;
 251             }
 252             if (tmp == macbuf + 4096) {
 253                 printf("4K macro buffer exceeded\n");
 254                 goto bad;
 255             }
 256             break;
 257         case PROT:
 258             token();
 259             if(doencrypt == 0 && sec_request_prot(tokval) < 0)
 260                 warnx("Unknown protection level \"%s\"", tokval);
 261             break;
 262         default:
 263             warnx("Unknown .netrc keyword %s", tokval);
 264             break;
 265         }
 266         goto done;
 267     }
 268 done:
 269     fclose(cfile);
 270     return (0);
 271 bad:
 272     fclose(cfile);
 273     return (-1);
 274 }
 275
 276 static int
 277 token(void)
 278 {
 279         char *cp;
 280         int c;
 281         struct toktab *t;
 282
 283         if (feof(cfile) || ferror(cfile))
 284                 return (0);
 285         while ((c = getc(cfile)) != EOF &&
 286             (c == '\n' || c == '\t' || c == ' ' || c == ','))
 287                 continue;
 288         if (c == EOF)
 289                 return (0);
 290         cp = tokval;
 291         if (c == '"') {
 292                 while ((c = getc(cfile)) != EOF && c != '"') {
 293                         if (c == '\\')
 294                                 c = getc(cfile);
 295                         *cp++ = c;
 296                 }
 297         } else {
 298                 *cp++ = c;
 299                 while ((c = getc(cfile)) != EOF
 300                     && c != '\n' && c != '\t' && c != ' ' && c != ',') {
 301                         if (c == '\\')
 302                                 c = getc(cfile);
 303                         *cp++ = c;
 304                 }
 305         }
 306         *cp = 0;
 307         if (tokval[0] == 0)
 308                 return (0);
 309         for (t = toktab; t->tokstr; t++)
 310                 if (!strcmp(t->tokstr, tokval))
 311                         return (t->tval);
 312         return (ID);
 313 }