1 /* 2 * Copyright (c) 1985, 1993, 1994 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #include "ftp_locl.h" 35 RCSID("$Id: ruserpass.c 16161 2005-10-12 09:44:24Z joda $"); 36 37 static int token (void); 38 static FILE *cfile; 39 40 #define DEFAULT 1 41 #define LOGIN 2 42 #define PASSWD 3 43 #define ACCOUNT 4 44 #define MACDEF 5 45 #define PROT 6 46 #define ID 10 47 #define MACH 11 48 49 static char tokval[100]; 50 51 static struct toktab { 52 char *tokstr; 53 int tval; 54 } toktab[]= { 55 { "default", DEFAULT }, 56 { "login", LOGIN }, 57 { "password", PASSWD }, 58 { "passwd", PASSWD }, 59 { "account", ACCOUNT }, 60 { "machine", MACH }, 61 { "macdef", MACDEF }, 62 { "prot", PROT }, 63 { NULL, 0 } 64 }; 65 66 /* 67 * Write a copy of the hostname into `hostname, sz' and return a guess 68 * as to the `domain' of that hostname. 69 */ 70 71 static char * 72 guess_domain (char *hostname_str, size_t sz) 73 { 74 struct addrinfo *ai, *a; 75 struct addrinfo hints; 76 int error; 77 char *dot; 78 79 if (gethostname (hostname_str, sz) < 0) { 80 strlcpy (hostname_str, "", sz); 81 return ""; 82 } 83 dot = strchr (hostname_str, '.'); 84 if (dot != NULL) 85 return dot + 1; 86 87 memset (&hints, 0, sizeof(hints)); 88 hints.ai_flags = AI_CANONNAME; 89 90 error = getaddrinfo (hostname_str, NULL, &hints, &ai); 91 if (error) 92 return hostname_str; 93 94 for (a = ai; a != NULL; a = a->ai_next) 95 if (a->ai_canonname != NULL) { 96 strlcpy (hostname_str, ai->ai_canonname, sz); 97 break; 98 } 99 freeaddrinfo (ai); 100 dot = strchr (hostname_str, '.'); 101 if (dot != NULL) 102 return dot + 1; 103 else 104 return hostname_str; 105 } 106 107 int 108 ruserpass(char *host, char **aname, char **apass, char **aacct) 109 { 110 char *hdir, buf[BUFSIZ], *tmp; 111 int t, i, c, usedefault = 0; 112 struct stat stb; 113 114 mydomain = guess_domain (myhostname, MaxHostNameLen); 115 116 hdir = getenv("HOME"); 117 if (hdir == NULL) 118 hdir = "."; 119 snprintf(buf, sizeof(buf), "%s/.netrc", hdir); 120 cfile = fopen(buf, "r"); 121 if (cfile == NULL) { 122 if (errno != ENOENT) 123 warn("%s", buf); 124 return (0); 125 } 126 127 next: 128 while ((t = token())) switch(t) { 129 130 case DEFAULT: 131 usedefault = 1; 132 /* FALL THROUGH */ 133 134 case MACH: 135 if (!usedefault) { 136 if (token() != ID) 137 continue; 138 /* 139 * Allow match either for user's input host name 140 * or official hostname. Also allow match of 141 * incompletely-specified host in local domain. 142 */ 143 if (strcasecmp(host, tokval) == 0) 144 goto match; 145 if (strcasecmp(hostname, tokval) == 0) 146 goto match; 147 if ((tmp = strchr(hostname, '.')) != NULL && 148 tmp++ && 149 strcasecmp(tmp, mydomain) == 0 && 150 strncasecmp(hostname, tokval, tmp-hostname) == 0 && 151 tokval[tmp - hostname] == '\0') 152 goto match; 153 if ((tmp = strchr(host, '.')) != NULL && 154 tmp++ && 155 strcasecmp(tmp, mydomain) == 0 && 156 strncasecmp(host, tokval, tmp - host) == 0 && 157 tokval[tmp - host] == '\0') 158 goto match; 159 continue; 160 } 161 match: 162 while ((t = token()) && t != MACH && t != DEFAULT) switch(t) { 163 164 case LOGIN: 165 if (token()) { 166 if (*aname == 0) { 167 *aname = strdup(tokval); 168 } else { 169 if (strcmp(*aname, tokval)) 170 goto next; 171 } 172 } 173 break; 174 case PASSWD: 175 if ((*aname == NULL || strcmp(*aname, "anonymous")) && 176 fstat(fileno(cfile), &stb) >= 0 && 177 (stb.st_mode & 077) != 0) { 178 warnx("Error: .netrc file is readable by others."); 179 warnx("Remove password or make file unreadable by others."); 180 goto bad; 181 } 182 if (token() && *apass == 0) { 183 *apass = strdup(tokval); 184 } 185 break; 186 case ACCOUNT: 187 if (fstat(fileno(cfile), &stb) >= 0 188 && (stb.st_mode & 077) != 0) { 189 warnx("Error: .netrc file is readable by others."); 190 warnx("Remove account or make file unreadable by others."); 191 goto bad; 192 } 193 if (token() && *aacct == 0) { 194 *aacct = strdup(tokval); 195 } 196 break; 197 case MACDEF: 198 if (proxy) { 199 fclose(cfile); 200 return (0); 201 } 202 while ((c=getc(cfile)) != EOF && 203 (c == ' ' || c == '\t')); 204 if (c == EOF || c == '\n') { 205 printf("Missing macdef name argument.\n"); 206 goto bad; 207 } 208 if (macnum == 16) { 209 printf("Limit of 16 macros have already been defined\n"); 210 goto bad; 211 } 212 tmp = macros[macnum].mac_name; 213 *tmp++ = c; 214 for (i=0; i < 8 && (c=getc(cfile)) != EOF && 215 !isspace(c); ++i) { 216 *tmp++ = c; 217 } 218 if (c == EOF) { 219 printf("Macro definition missing null line terminator.\n"); 220 goto bad; 221 } 222 *tmp = '\0'; 223 if (c != '\n') { 224 while ((c=getc(cfile)) != EOF && c != '\n'); 225 } 226 if (c == EOF) { 227 printf("Macro definition missing null line terminator.\n"); 228 goto bad; 229 } 230 if (macnum == 0) { 231 macros[macnum].mac_start = macbuf; 232 } 233 else { 234 macros[macnum].mac_start = macros[macnum-1].mac_end + 1; 235 } 236 tmp = macros[macnum].mac_start; 237 while (tmp != macbuf + 4096) { 238 if ((c=getc(cfile)) == EOF) { 239 printf("Macro definition missing null line terminator.\n"); 240 goto bad; 241 } 242 *tmp = c; 243 if (*tmp == '\n') { 244 if (*(tmp-1) == '\0') { 245 macros[macnum++].mac_end = tmp - 1; 246 break; 247 } 248 *tmp = '\0'; 249 } 250 tmp++; 251 } 252 if (tmp == macbuf + 4096) { 253 printf("4K macro buffer exceeded\n"); 254 goto bad; 255 } 256 break; 257 case PROT: 258 token(); 259 if(doencrypt == 0 && sec_request_prot(tokval) < 0) 260 warnx("Unknown protection level \"%s\"", tokval); 261 break; 262 default: 263 warnx("Unknown .netrc keyword %s", tokval); 264 break; 265 } 266 goto done; 267 } 268 done: 269 fclose(cfile); 270 return (0); 271 bad: 272 fclose(cfile); 273 return (-1); 274 } 275 276 static int 277 token(void) 278 { 279 char *cp; 280 int c; 281 struct toktab *t; 282 283 if (feof(cfile) || ferror(cfile)) 284 return (0); 285 while ((c = getc(cfile)) != EOF && 286 (c == '\n' || c == '\t' || c == ' ' || c == ',')) 287 continue; 288 if (c == EOF) 289 return (0); 290 cp = tokval; 291 if (c == '"') { 292 while ((c = getc(cfile)) != EOF && c != '"') { 293 if (c == '\\') 294 c = getc(cfile); 295 *cp++ = c; 296 } 297 } else { 298 *cp++ = c; 299 while ((c = getc(cfile)) != EOF 300 && c != '\n' && c != '\t' && c != ' ' && c != ',') { 301 if (c == '\\') 302 c = getc(cfile); 303 *cp++ = c; 304 } 305 } 306 *cp = 0; 307 if (tokval[0] == 0) 308 return (0); 309 for (t = toktab; t->tokstr; t++) 310 if (!strcmp(t->tokstr, tokval)) 311 return (t->tval); 312 return (ID); 313 } 314