1 /*-
2  * Copyright (c) 2011-2023 Dag-Erling Smørgrav
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  * 3. The name of the author may not be used to endorse or promote
14  *    products derived from this software without specific prior written
15  *    permission.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  */
29 
30 #ifdef HAVE_CONFIG_H
31 # include "config.h"
32 #endif
33 
34 #include <security/pam_appl.h>
35 
36 #include "openpam_impl.h"
37 
38 #define subst_char(ch) do {			\
39 	int ch_ = (ch);				\
40 	if (buf && len < *bufsize)		\
41 		*buf++ = ch_;			\
42 	++len;					\
43 } while (0)
44 
45 #define subst_string(s) do {			\
46 	const char *s_ = (s);			\
47 	while (*s_)				\
48 		subst_char(*s_++);		\
49 } while (0)
50 
51 #define subst_item(i) do {			\
52 	int i_ = (i);				\
53 	const void *p_;				\
54 	ret = pam_get_item(pamh, i_, &p_);	\
55 	if (ret == PAM_SUCCESS && p_ != NULL)	\
56 		subst_string(p_);		\
57 } while (0)
58 
59 /*
60  * OpenPAM internal
61  *
62  * Substitute PAM item values in a string
63  */
64 
65 int
66 openpam_subst(const pam_handle_t *pamh,
67     char *buf, size_t *bufsize, const char *template)
68 {
69 	size_t len;
70 	int ret;
71 
72 	ENTERS(template);
73 	if (template == NULL)
74 		template = "(null)";
75 
76 	len = 1; /* initialize to 1 for terminating NUL */
77 	ret = PAM_SUCCESS;
78 	while (*template && ret == PAM_SUCCESS) {
79 		if (template[0] == '%') {
80 			++template;
81 			switch (*template) {
82 			case 's':
83 				subst_item(PAM_SERVICE);
84 				break;
85 			case 't':
86 				subst_item(PAM_TTY);
87 				break;
88 			case 'h':
89 				subst_item(PAM_HOST);
90 				break;
91 			case 'u':
92 				subst_item(PAM_USER);
93 				break;
94 			case 'H':
95 				subst_item(PAM_RHOST);
96 				break;
97 			case 'U':
98 				subst_item(PAM_RUSER);
99 				break;
100 			case '\0':
101 				subst_char('%');
102 				break;
103 			default:
104 				subst_char('%');
105 				subst_char(*template);
106 			}
107 			if (*template)
108 				++template;
109 		} else {
110 			subst_char(*template++);
111 		}
112 	}
113 	if (buf)
114 		*buf = '\0';
115 	if (ret == PAM_SUCCESS) {
116 		if (len > *bufsize)
117 			ret = PAM_TRY_AGAIN;
118 		*bufsize = len;
119 	}
120 	RETURNC(ret);
121 }
122 
123 /*
124  * Error codes:
125  *
126  *	=pam_get_item
127  *	!PAM_SYMBOL_ERR
128  *	PAM_TRY_AGAIN
129  */
130 
131 /**
132  * The =openpam_subst function expands a string, substituting PAM item
133  * values for all occurrences of specific substitution codes.
134  * The =template argument points to the initial string.
135  * The result is stored in the buffer pointed to by the =buf argument; the
136  * =bufsize argument specifies the size of that buffer.
137  * The actual size of the resulting string, including the terminating NUL
138  * character, is stored in the location pointed to by the =bufsize
139  * argument.
140  *
141  * If =buf is NULL, or if the buffer is too small to hold the expanded
142  * string, =bufsize is updated to reflect the amount of space required to
143  * hold the entire string, and =openpam_subst returns =PAM_TRY_AGAIN.
144  *
145  * If =openpam_subst fails for any other reason, the =bufsize argument is
146  * untouched, but part of the buffer may still have been overwritten.
147  *
148  * Substitution codes are introduced by a percent character and correspond
149  * to PAM items:
150  *
151  *	%H:
152  *		Replaced by the current value of the =PAM_RHOST item.
153  *	%h:
154  *		Replaced by the current value of the =PAM_HOST item.
155  *	%s:
156  *		Replaced by the current value of the =PAM_SERVICE item.
157  *	%t:
158  *		Replaced by the current value of the =PAM_TTY item.
159  *	%U:
160  *		Replaced by the current value of the =PAM_RUSER item.
161  *	%u:
162  *		Replaced by the current value of the =PAM_USER item.
163  *
164  * >pam_get_authtok
165  * >pam_get_item
166  * >pam_get_user
167  *
168  * AUTHOR DES
169  */
170