search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3-winbindd: Move connection to AD server from idmap_ad
[Samba/gbeck.git] / source3 / lib / substitute.c
bloba254bcaa7d54e481d26a08c7cc866767adb85201
1 /*
2 Unix SMB/CIFS implementation.
3 string substitution functions
4 Copyright (C) Andrew Tridgell 1992-2000
5 Copyright (C) Gerald Carter 2006
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21
22 #include "includes.h"
23 #include "system/passwd.h"
24 #include "secrets.h"
25 #include "auth.h"
26
27 userdom_struct current_user_info;
28 fstring remote_proto="UNKNOWN";
29
30 /**
31 * Set the 'local' machine name
32 * @param local_name the name we are being called
33 * @param if this is the 'final' name for us, not be be changed again
34 */
35
36 static char *local_machine;
37
38 void free_local_machine_name(void)
39 {
40 TALLOC_FREE(local_machine);
41 }
42
43 bool set_local_machine_name(const char *local_name, bool perm)
44 {
45 static bool already_perm = false;
46 char *tmp_local_machine = NULL;
47 size_t len;
48
49 if (already_perm) {
50 return true;
51 }
52
53 tmp_local_machine = talloc_strdup(NULL, local_name);
54 if (!tmp_local_machine) {
55 return false;
56 }
57 trim_char(tmp_local_machine,' ',' ');
58
59 TALLOC_FREE(local_machine);
60 len = strlen(tmp_local_machine);
61 local_machine = (char *)TALLOC_ZERO(NULL, len+1);
62 if (!local_machine) {
63 TALLOC_FREE(tmp_local_machine);
64 return false;
65 }
66 /* alpha_strcpy includes the space for the terminating nul. */
67 alpha_strcpy(local_machine,tmp_local_machine,
68 SAFE_NETBIOS_CHARS,len+1);
69 if (!strlower_m(local_machine)) {
70 TALLOC_FREE(tmp_local_machine);
71 return false;
72 }
73 TALLOC_FREE(tmp_local_machine);
74
75 already_perm = perm;
76
77 return true;
78 }
79
80 const char *get_local_machine_name(void)
81 {
82 if (!local_machine || !*local_machine) {
83 return lp_netbios_name();
84 }
85
86 return local_machine;
87 }
88
89 /**
90 * Set the 'remote' machine name
91 * @param remote_name the name our client wants to be called by
92 * @param if this is the 'final' name for them, not be be changed again
93 */
94
95 static char *remote_machine;
96
97 bool set_remote_machine_name(const char *remote_name, bool perm)
98 {
99 static bool already_perm = False;
100 char *tmp_remote_machine;
101 size_t len;
102
103 if (already_perm) {
104 return true;
105 }
106
107 tmp_remote_machine = talloc_strdup(NULL, remote_name);
108 if (!tmp_remote_machine) {
109 return false;
110 }
111 trim_char(tmp_remote_machine,' ',' ');
112
113 TALLOC_FREE(remote_machine);
114 len = strlen(tmp_remote_machine);
115 remote_machine = (char *)TALLOC_ZERO(NULL, len+1);
116 if (!remote_machine) {
117 TALLOC_FREE(tmp_remote_machine);
118 return false;
119 }
120
121 /* alpha_strcpy includes the space for the terminating nul. */
122 alpha_strcpy(remote_machine,tmp_remote_machine,
123 SAFE_NETBIOS_CHARS,len+1);
124 if (!strlower_m(remote_machine)) {
125 TALLOC_FREE(tmp_remote_machine);
126 return false;
127 }
128 TALLOC_FREE(tmp_remote_machine);
129
130 already_perm = perm;
131
132 return true;
133 }
134
135 const char *get_remote_machine_name(void)
136 {
137 return remote_machine ? remote_machine : "";
138 }
139
140 /*******************************************************************
141 Setup the string used by %U substitution.
142 ********************************************************************/
143
144 static char *smb_user_name;
145
146 void sub_set_smb_name(const char *name)
147 {
148 char *tmp;
149 size_t len;
150 bool is_machine_account = false;
151
152 /* don't let anonymous logins override the name */
153 if (!name || !*name) {
154 return;
155 }
156
157 tmp = talloc_strdup(NULL, name);
158 if (!tmp) {
159 return;
160 }
161 trim_char(tmp, ' ', ' ');
162 if (!strlower_m(tmp)) {
163 TALLOC_FREE(tmp);
164 return;
165 }
166
167 len = strlen(tmp);
168
169 if (len == 0) {
170 TALLOC_FREE(tmp);
171 return;
172 }
173
174 /* long story but here goes....we have to allow usernames
175 ending in '$' as they are valid machine account names.
176 So check for a machine account and re-add the '$'
177 at the end after the call to alpha_strcpy(). --jerry */
178
179 if (tmp[len-1] == '$') {
180 is_machine_account = True;
181 }
182
183 TALLOC_FREE(smb_user_name);
184 smb_user_name = (char *)TALLOC_ZERO(NULL, len+1);
185 if (!smb_user_name) {
186 TALLOC_FREE(tmp);
187 return;
188 }
189
190 /* alpha_strcpy includes the space for the terminating nul. */
191 alpha_strcpy(smb_user_name, tmp,
192 SAFE_NETBIOS_CHARS,
193 len+1);
194
195 TALLOC_FREE(tmp);
196
197 if (is_machine_account) {
198 len = strlen(smb_user_name);
199 smb_user_name[len-1] = '$';
200 }
201 }
202
203 static char sub_peeraddr[INET6_ADDRSTRLEN];
204 static const char *sub_peername = NULL;
205 static char sub_sockaddr[INET6_ADDRSTRLEN];
206
207 void sub_set_socket_ids(const char *peeraddr, const char *peername,
208 const char *sockaddr)
209 {
210 const char *addr = peeraddr;
211
212 if (strnequal(addr, "::ffff:", 7)) {
213 addr += 7;
214 }
215 strlcpy(sub_peeraddr, addr, sizeof(sub_peeraddr));
216
217 if (sub_peername != NULL &&
218 sub_peername != sub_peeraddr) {
219 talloc_free(discard_const_p(char,sub_peername));
220 sub_peername = NULL;
221 }
222 sub_peername = talloc_strdup(NULL, peername);
223 if (sub_peername == NULL) {
224 sub_peername = sub_peeraddr;
225 }
226
227 /*
228 * Shouldn't we do the ::ffff: cancellation here as well? The
229 * original code in talloc_sub_basic() did not do it, so I'm
230 * leaving it out here as well for compatibility.
231 */
232 strlcpy(sub_sockaddr, sockaddr, sizeof(sub_sockaddr));
233 }
234
235 static const char *get_smb_user_name(void)
236 {
237 return smb_user_name ? smb_user_name : "";
238 }
239
240 /*******************************************************************
241 Setup the strings used by substitutions. Called per packet. Ensure
242 %U name is set correctly also.
243
244 smb_name must be sanitized by alpha_strcpy
245 ********************************************************************/
246
247 void set_current_user_info(const char *smb_name, const char *unix_name,
248 const char *domain)
249 {
250 fstrcpy(current_user_info.smb_name, smb_name);
251 fstrcpy(current_user_info.unix_name, unix_name);
252 fstrcpy(current_user_info.domain, domain);
253
254 /* The following is safe as current_user_info.smb_name
255 * has already been sanitised in register_existing_vuid. */
256
257 sub_set_smb_name(current_user_info.smb_name);
258 }
259
260 /*******************************************************************
261 Return the current active user name.
262 *******************************************************************/
263
264 const char *get_current_username(void)
265 {
266 if (current_user_info.smb_name[0] == '\0' ) {
267 return get_smb_user_name();
268 }
269
270 return current_user_info.smb_name;
271 }
272
273 /*******************************************************************
274 Given a pointer to a %$(NAME) in p and the whole string in str
275 expand it as an environment variable.
276 str must be a talloced string.
277 Return a new allocated and expanded string.
278 Based on code by Branko Cibej <branko.cibej@hermes.si>
279 When this is called p points at the '%' character.
280 May substitute multiple occurrencies of the same env var.
281 ********************************************************************/
282
283 static char *realloc_expand_env_var(char *str, char *p)
284 {
285 char *envname;
286 char *envval;
287 char *q, *r;
288 int copylen;
289
290 if (p[0] != '%' || p[1] != '$' || p[2] != '(') {
291 return str;
292 }
293
294 /*
295 * Look for the terminating ')'.
296 */
297
298 if ((q = strchr_m(p,')')) == NULL) {
299 DEBUG(0,("expand_env_var: Unterminated environment variable [%s]\n", p));
300 return str;
301 }
302
303 /*
304 * Extract the name from within the %$(NAME) string.
305 */
306
307 r = p + 3;
308 copylen = q - r;
309
310 /* reserve space for use later add %$() chars */
311 if ( (envname = talloc_array(talloc_tos(), char, copylen + 1 + 4)) == NULL ) {
312 return NULL;
313 }
314
315 strncpy(envname,r,copylen);
316 envname[copylen] = '\0';
317
318 if ((envval = getenv(envname)) == NULL) {
319 DEBUG(0,("expand_env_var: Environment variable [%s] not set\n", envname));
320 TALLOC_FREE(envname);
321 return str;
322 }
323
324 /*
325 * Copy the full %$(NAME) into envname so it
326 * can be replaced.
327 */
328
329 copylen = q + 1 - p;
330 strncpy(envname,p,copylen);
331 envname[copylen] = '\0';
332 r = realloc_string_sub(str, envname, envval);
333 TALLOC_FREE(envname);
334
335 return r;
336 }
337
338 /*******************************************************************
339 Patch from jkf@soton.ac.uk
340 Added this to implement %p (NIS auto-map version of %H)
341 *******************************************************************/
342
343 static const char *automount_path(const char *user_name)
344 {
345 TALLOC_CTX *ctx = talloc_tos();
346 const char *server_path;
347
348 /* use the passwd entry as the default */
349 /* this will be the default if WITH_AUTOMOUNT is not used or fails */
350
351 server_path = talloc_strdup(ctx, get_user_home_dir(ctx, user_name));
352 if (!server_path) {
353 return "";
354 }
355
356 #if (defined(HAVE_NETGROUP) && defined (WITH_AUTOMOUNT))
357
358 if (lp_nis_home_map()) {
359 const char *home_path_start;
360 char *automount_value = automount_lookup(ctx, user_name);
361
362 if(automount_value && strlen(automount_value) > 0) {
363 home_path_start = strchr_m(automount_value,':');
364 if (home_path_start != NULL) {
365 DEBUG(5, ("NIS lookup succeeded. "
366 "Home path is: %s\n",
367 home_path_start ?
368 (home_path_start+1):""));
369 server_path = talloc_strdup(ctx,
370 home_path_start+1);
371 if (!server_path) {
372 server_path = "";
373 }
374 }
375 } else {
376 /* NIS key lookup failed: default to
377 * user home directory from password file */
378 DEBUG(5, ("NIS lookup failed. Using Home path from "
379 "passwd file. Home path is: %s\n", server_path ));
380 }
381 }
382 #endif
383
384 DEBUG(4,("Home server path: %s\n", server_path));
385 return server_path;
386 }
387
388 /*******************************************************************
389 Patch from jkf@soton.ac.uk
390 This is Luke's original function with the NIS lookup code
391 moved out to a separate function.
392 *******************************************************************/
393
394 static const char *automount_server(const char *user_name)
395 {
396 TALLOC_CTX *ctx = talloc_tos();
397 const char *server_name;
398 const char *local_machine_name = get_local_machine_name();
399
400 /* use the local machine name as the default */
401 /* this will be the default if WITH_AUTOMOUNT is not used or fails */
402 if (local_machine_name && *local_machine_name) {
403 server_name = talloc_strdup(ctx, local_machine_name);
404 } else {
405 server_name = talloc_strdup(ctx, lp_netbios_name());
406 }
407
408 if (!server_name) {
409 return "";
410 }
411
412 #if (defined(HAVE_NETGROUP) && defined (WITH_AUTOMOUNT))
413 if (lp_nis_home_map()) {
414 char *p;
415 char *srv;
416 char *automount_value = automount_lookup(ctx, user_name);
417 if (!automount_value) {
418 return "";
419 }
420 srv = talloc_strdup(ctx, automount_value);
421 if (!srv) {
422 return "";
423 }
424 p = strchr_m(srv, ':');
425 if (!p) {
426 return "";
427 }
428 *p = '\0';
429 server_name = srv;
430 DEBUG(5, ("NIS lookup succeeded. Home server %s\n",
431 server_name));
432 }
433 #endif
434
435 DEBUG(4,("Home server: %s\n", server_name));
436 return server_name;
437 }
438
439 /****************************************************************************
440 Do some standard substitutions in a string.
441 len is the length in bytes of the space allowed in string str. If zero means
442 don't allow expansions.
443 ****************************************************************************/
444
445 void standard_sub_basic(const char *smb_name, const char *domain_name,
446 char *str, size_t len)
447 {
448 char *s;
449
450 if ( (s = talloc_sub_basic(talloc_tos(), smb_name, domain_name, str )) != NULL ) {
451 strncpy( str, s, len );
452 }
453
454 TALLOC_FREE( s );
455 }
456
457 /****************************************************************************
458 Do some standard substitutions in a string.
459 This function will return an talloced string that has to be freed.
460 ****************************************************************************/
461
462 char *talloc_sub_basic(TALLOC_CTX *mem_ctx,
463 const char *smb_name,
464 const char *domain_name,
465 const char *str)
466 {
467 char *b, *p, *s, *r, *a_string;
468 fstring pidstr, vnnstr;
469 const char *local_machine_name = get_local_machine_name();
470 TALLOC_CTX *tmp_ctx = NULL;
471
472 /* workaround to prevent a crash while looking at bug #687 */
473
474 if (!str) {
475 DEBUG(0,("talloc_sub_basic: NULL source string! This should not happen\n"));
476 return NULL;
477 }
478
479 a_string = talloc_strdup(mem_ctx, str);
480 if (a_string == NULL) {
481 DEBUG(0, ("talloc_sub_basic: Out of memory!\n"));
482 return NULL;
483 }
484
485 tmp_ctx = talloc_stackframe();
486
487 for (b = s = a_string; (p = strchr_m(s, '%')); s = a_string + (p - b)) {
488
489 r = NULL;
490 b = a_string;
491
492 switch (*(p+1)) {
493 case 'U' :
494 r = strlower_talloc(tmp_ctx, smb_name);
495 if (r == NULL) {
496 goto error;
497 }
498 a_string = realloc_string_sub(a_string, "%U", r);
499 break;
500 case 'G' : {
501 struct passwd *pass;
502 r = talloc_strdup(tmp_ctx, smb_name);
503 if (r == NULL) {
504 goto error;
505 }
506 pass = Get_Pwnam_alloc(tmp_ctx, r);
507 if (pass != NULL) {
508 a_string = realloc_string_sub(
509 a_string, "%G",
510 gidtoname(pass->pw_gid));
511 }
512 TALLOC_FREE(pass);
513 break;
514 }
515 case 'D' :
516 r = strupper_talloc(tmp_ctx, domain_name);
517 if (r == NULL) {
518 goto error;
519 }
520 a_string = realloc_string_sub(a_string, "%D", r);
521 break;
522 case 'I' : {
523 a_string = realloc_string_sub(
524 a_string, "%I",
525 sub_peeraddr[0] ? sub_peeraddr : "0.0.0.0");
526 break;
527 }
528 case 'i':
529 a_string = realloc_string_sub(
530 a_string, "%i",
531 sub_sockaddr[0] ? sub_sockaddr : "0.0.0.0");
532 break;
533 case 'L' :
534 if ( strncasecmp_m(p, "%LOGONSERVER%", strlen("%LOGONSERVER%")) == 0 ) {
535 break;
536 }
537 if (local_machine_name && *local_machine_name) {
538 a_string = realloc_string_sub(a_string, "%L", local_machine_name);
539 } else {
540 a_string = realloc_string_sub(a_string, "%L", lp_netbios_name());
541 }
542 break;
543 case 'N':
544 a_string = realloc_string_sub(a_string, "%N", automount_server(smb_name));
545 break;
546 case 'M' :
547 a_string = realloc_string_sub(a_string, "%M",
548 sub_peername ? sub_peername : "");
549 break;
550 case 'R' :
551 a_string = realloc_string_sub(a_string, "%R", remote_proto);
552 break;
553 case 'T' :
554 a_string = realloc_string_sub(a_string, "%T", current_timestring(tmp_ctx, False));
555 break;
556 case 'a' :
557 a_string = realloc_string_sub(a_string, "%a",
558 get_remote_arch_str());
559 break;
560 case 'd' :
561 slprintf(pidstr,sizeof(pidstr)-1, "%d",(int)getpid());
562 a_string = realloc_string_sub(a_string, "%d", pidstr);
563 break;
564 case 'h' :
565 a_string = realloc_string_sub(a_string, "%h", myhostname());
566 break;
567 case 'm' :
568 a_string = realloc_string_sub(a_string, "%m",
569 remote_machine
570 ? remote_machine
571 : "");
572 break;
573 case 'v' :
574 a_string = realloc_string_sub(a_string, "%v", samba_version_string());
575 break;
576 case 'w' :
577 a_string = realloc_string_sub(a_string, "%w", lp_winbind_separator());
578 break;
579 case '$' :
580 a_string = realloc_expand_env_var(a_string, p); /* Expand environment variables */
581 break;
582 case 'V' :
583 slprintf(vnnstr,sizeof(vnnstr)-1, "%u", get_my_vnn());
584 a_string = realloc_string_sub(a_string, "%V", vnnstr);
585 break;
586 default:
587 break;
588 }
589
590 p++;
591 TALLOC_FREE(r);
592
593 if (a_string == NULL) {
594 goto done;
595 }
596 }
597
598 goto done;
599
600 error:
601 TALLOC_FREE(a_string);
602
603 done:
604 TALLOC_FREE(tmp_ctx);
605 return a_string;
606 }
607
608 /****************************************************************************
609 Do some specific substitutions in a string.
610 This function will return an allocated string that have to be freed.
611 ****************************************************************************/
612
613 char *talloc_sub_specified(TALLOC_CTX *mem_ctx,
614 const char *input_string,
615 const char *username,
616 const char *domain,
617 uid_t uid,
618 gid_t gid)
619 {
620 char *a_string;
621 char *ret_string = NULL;
622 char *b, *p, *s;
623 TALLOC_CTX *tmp_ctx;
624
625 if (!(tmp_ctx = talloc_new(mem_ctx))) {
626 DEBUG(0, ("talloc_new failed\n"));
627 return NULL;
628 }
629
630 a_string = talloc_strdup(tmp_ctx, input_string);
631 if (a_string == NULL) {
632 DEBUG(0, ("talloc_sub_specified: Out of memory!\n"));
633 goto done;
634 }
635
636 for (b = s = a_string; (p = strchr_m(s, '%')); s = a_string + (p - b)) {
637
638 b = a_string;
639
640 switch (*(p+1)) {
641 case 'U' :
642 a_string = talloc_string_sub(
643 tmp_ctx, a_string, "%U", username);
644 break;
645 case 'u' :
646 a_string = talloc_string_sub(
647 tmp_ctx, a_string, "%u", username);
648 break;
649 case 'G' :
650 if (gid != -1) {
651 a_string = talloc_string_sub(
652 tmp_ctx, a_string, "%G",
653 gidtoname(gid));
654 } else {
655 a_string = talloc_string_sub(
656 tmp_ctx, a_string,
657 "%G", "NO_GROUP");
658 }
659 break;
660 case 'g' :
661 if (gid != -1) {
662 a_string = talloc_string_sub(
663 tmp_ctx, a_string, "%g",
664 gidtoname(gid));
665 } else {
666 a_string = talloc_string_sub(
667 tmp_ctx, a_string, "%g", "NO_GROUP");
668 }
669 break;
670 case 'D' :
671 a_string = talloc_string_sub(tmp_ctx, a_string,
672 "%D", domain);
673 break;
674 case 'N' :
675 a_string = talloc_string_sub(
676 tmp_ctx, a_string, "%N",
677 automount_server(username));
678 break;
679 default:
680 break;
681 }
682
683 p++;
684 if (a_string == NULL) {
685 goto done;
686 }
687 }
688
689 /* Watch out, using "mem_ctx" here, so all intermediate stuff goes
690 * away with the TALLOC_FREE(tmp_ctx) further down. */
691
692 ret_string = talloc_sub_basic(mem_ctx, username, domain, a_string);
693
694 done:
695 TALLOC_FREE(tmp_ctx);
696 return ret_string;
697 }
698
699 /****************************************************************************
700 ****************************************************************************/
701
702 char *talloc_sub_advanced(TALLOC_CTX *ctx,
703 const char *servicename,
704 const char *user,
705 const char *connectpath,
706 gid_t gid,
707 const char *smb_name,
708 const char *domain_name,
709 const char *str)
710 {
711 char *a_string, *ret_string;
712 char *b, *p, *s;
713
714 a_string = talloc_strdup(talloc_tos(), str);
715 if (a_string == NULL) {
716 DEBUG(0, ("talloc_sub_advanced: Out of memory!\n"));
717 return NULL;
718 }
719
720 for (b = s = a_string; (p = strchr_m(s, '%')); s = a_string + (p - b)) {
721
722 b = a_string;
723
724 switch (*(p+1)) {
725 case 'N' :
726 a_string = realloc_string_sub(a_string, "%N", automount_server(user));
727 break;
728 case 'H': {
729 char *h;
730 if ((h = get_user_home_dir(talloc_tos(), user)))
731 a_string = realloc_string_sub(a_string, "%H", h);
732 TALLOC_FREE(h);
733 break;
734 }
735 case 'P':
736 a_string = realloc_string_sub(a_string, "%P", connectpath);
737 break;
738 case 'S':
739 a_string = realloc_string_sub(a_string, "%S", servicename);
740 break;
741 case 'g':
742 a_string = realloc_string_sub(a_string, "%g", gidtoname(gid));
743 break;
744 case 'u':
745 a_string = realloc_string_sub(a_string, "%u", user);
746 break;
747
748 /* Patch from jkf@soton.ac.uk Left the %N (NIS
749 * server name) in standard_sub_basic as it is
750 * a feature for logon servers, hence uses the
751 * username. The %p (NIS server path) code is
752 * here as it is used instead of the default
753 * "path =" string in [homes] and so needs the
754 * service name, not the username. */
755 case 'p':
756 a_string = realloc_string_sub(a_string, "%p",
757 automount_path(servicename));
758 break;
759
760 default:
761 break;
762 }
763
764 p++;
765 if (a_string == NULL) {
766 return NULL;
767 }
768 }
769
770 ret_string = talloc_sub_basic(ctx, smb_name, domain_name, a_string);
771 TALLOC_FREE(a_string);
772 return ret_string;
773 }
774
775 void standard_sub_advanced(const char *servicename, const char *user,
776 const char *connectpath, gid_t gid,
777 const char *smb_name, const char *domain_name,
778 char *str, size_t len)
779 {
780 char *s = talloc_sub_advanced(talloc_tos(),
781 servicename, user, connectpath,
782 gid, smb_name, domain_name, str);
783
784 if (!s) {
785 return;
786 }
787 strlcpy( str, s, len );
788 TALLOC_FREE( s );
789 }
790
791 /******************************************************************************
792 version of standard_sub_basic() for string lists; uses talloc_sub_basic()
793 for the work
794 *****************************************************************************/
795
796 bool str_list_sub_basic( char **list, const char *smb_name,
797 const char *domain_name )
798 {
799 TALLOC_CTX *ctx = list;
800 char *s, *tmpstr;
801
802 while ( *list ) {
803 s = *list;
804 tmpstr = talloc_sub_basic(ctx, smb_name, domain_name, s);
805 if ( !tmpstr ) {
806 DEBUG(0,("str_list_sub_basic: "
807 "talloc_sub_basic() return NULL!\n"));
808 return false;
809 }
810
811 TALLOC_FREE(*list);
812 *list = tmpstr;
813
814 list++;
815 }
816
817 return true;
818 }
WIP