1 /*
2 * Copyright (c) 1985, 1993, 1994
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 4. Neither the name of the University nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 */
29
30 #include <sys/types.h>
31 #include <sys/stat.h>
32
33 #include <ctype.h>
34 #include <err.h>
35 #include <errno.h>
36 #include <netdb.h>
37 #include <stdio.h>
38 #include <stdio_ext.h>
39 #include <stdlib.h>
40 #include <string.h>
41 #include <unistd.h>
42 #include <libintl.h>
43
44 /* #include "ftp_var.h" */
45
46 static int token (void);
47 static FILE *cfile;
48
49 #define DEFAULT 1
50 #define LOGIN 2
51 #define PASSWD 3
52 #define ACCOUNT 4
53 #define MACDEF 5
54 #define ID 10
55 #define MACHINE 11
56
57 static char tokval[100];
58
59 static const char tokstr[] =
60 {
61 #define TOK_DEFAULT_IDX 0
62 "default\0"
63 #define TOK_LOGIN_IDX (TOK_DEFAULT_IDX + sizeof "default")
64 "login\0"
65 #define TOK_PASSWORD_IDX (TOK_LOGIN_IDX + sizeof "login")
66 "password\0"
67 #define TOK_PASSWD_IDX (TOK_PASSWORD_IDX + sizeof "password")
68 "passwd\0"
69 #define TOK_ACCOUNT_IDX (TOK_PASSWD_IDX + sizeof "passwd")
70 "account\0"
71 #define TOK_MACHINE_IDX (TOK_ACCOUNT_IDX + sizeof "account")
72 "machine\0"
73 #define TOK_MACDEF_IDX (TOK_MACHINE_IDX + sizeof "machine")
74 "macdef"
75 };
76
77 static const struct toktab {
78 int tokstr_off;
79 int tval;
80 } toktab[]= {
81 { TOK_DEFAULT_IDX, DEFAULT },
82 { TOK_LOGIN_IDX, LOGIN },
83 { TOK_PASSWORD_IDX, PASSWD },
84 { TOK_PASSWD_IDX, PASSWD },
85 { TOK_ACCOUNT_IDX, ACCOUNT },
86 { TOK_MACHINE_IDX, MACHINE },
87 { TOK_MACDEF_IDX, MACDEF }
88 };
89
90
91
92 int
ruserpass(const char * host,const char ** aname,const char ** apass)93 ruserpass (const char *host, const char **aname, const char **apass)
94 {
95 char *hdir, *buf, *tmp;
96 char myname[1024], *mydomain;
97 int t, usedefault = 0;
98 struct __stat64_t64 stb;
99
100 hdir = __libc_secure_getenv("HOME");
101 if (hdir == NULL) {
102 /* If we can't get HOME, fail instead of trying ".",
103 which is no improvement. This really should call
104 getpwuid(getuid()). */
105 /*hdir = ".";*/
106 return -1;
107 }
108
109 buf = alloca (strlen (hdir) + 8);
110
111 __stpcpy (__stpcpy (buf, hdir), "/.netrc");
112 cfile = fopen(buf, "rce");
113 if (cfile == NULL) {
114 if (errno != ENOENT)
115 warn("%s", buf);
116 return (0);
117 }
118 /* No threads use this stream. */
119 __fsetlocking (cfile, FSETLOCKING_BYCALLER);
120 if (__gethostname(myname, sizeof(myname)) < 0)
121 myname[0] = '\0';
122 mydomain = __strchrnul(myname, '.');
123 next:
124 while ((t = token())) switch(t) {
125
126 case DEFAULT:
127 usedefault = 1;
128 /* FALL THROUGH */
129
130 case MACHINE:
131 if (!usedefault) {
132 if (token() != ID)
133 continue;
134 /*
135 * Allow match either for user's input host name
136 * or official hostname. Also allow match of
137 * incompletely-specified host in local domain.
138 */
139 if (__strcasecmp(host, tokval) == 0)
140 goto match;
141 /* if (__strcasecmp(hostname, tokval) == 0)
142 goto match;
143 if ((tmp = strchr(hostname, '.')) != NULL &&
144 __strcasecmp(tmp, mydomain) == 0 &&
145 __strncasecmp(hostname, tokval, tmp-hostname) == 0 &&
146 tokval[tmp - hostname] == '\0')
147 goto match; */
148 if ((tmp = strchr(host, '.')) != NULL &&
149 __strcasecmp(tmp, mydomain) == 0 &&
150 __strncasecmp(host, tokval, tmp - host) == 0 &&
151 tokval[tmp - host] == '\0')
152 goto match;
153 continue;
154 }
155 match:
156 while ((t = token()) && t != MACHINE && t != DEFAULT) switch(t) {
157
158 case LOGIN:
159 if (token()) {
160 if (*aname == 0) {
161 char *newp;
162 newp = malloc((unsigned) strlen(tokval) + 1);
163 if (newp == NULL)
164 {
165 warnx(_("out of memory"));
166 goto bad;
167 }
168 *aname = strcpy(newp, tokval);
169 } else {
170 if (strcmp(*aname, tokval))
171 goto next;
172 }
173 }
174 break;
175 case PASSWD:
176 if (strcmp(*aname, "anonymous") &&
177 __fstat64_time64(fileno(cfile), &stb) >= 0 &&
178 (stb.st_mode & 077) != 0) {
179 warnx(_("Error: .netrc file is readable by others."));
180 warnx(_("Remove 'password' line or make file unreadable by others."));
181 goto bad;
182 }
183 if (token() && *apass == 0) {
184 char *newp;
185 newp = malloc((unsigned) strlen(tokval) + 1);
186 if (newp == NULL)
187 {
188 warnx(_("out of memory"));
189 goto bad;
190 }
191 *apass = strcpy(newp, tokval);
192 }
193 break;
194 case ACCOUNT:
195 break;
196 case MACDEF:
197 break;
198 default:
199 warnx(_("Unknown .netrc keyword %s"), tokval);
200 break;
201 }
202 goto done;
203 }
204 done:
205 (void) fclose(cfile);
206 return (0);
207 bad:
208 (void) fclose(cfile);
209 return (-1);
210 }
libc_hidden_def(ruserpass)211 libc_hidden_def (ruserpass)
212
213 static int
214 token (void)
215 {
216 char *cp;
217 int c;
218 int i;
219
220 if (feof_unlocked(cfile) || ferror_unlocked(cfile))
221 return (0);
222 while ((c = getc_unlocked(cfile)) != EOF &&
223 (c == '\n' || c == '\t' || c == ' ' || c == ','))
224 continue;
225 if (c == EOF)
226 return (0);
227 cp = tokval;
228 if (c == '"') {
229 while ((c = getc_unlocked(cfile)) != EOF && c != '"') {
230 if (c == '\\')
231 c = getc_unlocked(cfile);
232 *cp++ = c;
233 }
234 } else {
235 *cp++ = c;
236 while ((c = getc_unlocked(cfile)) != EOF
237 && c != '\n' && c != '\t' && c != ' ' && c != ',') {
238 if (c == '\\')
239 c = getc_unlocked(cfile);
240 *cp++ = c;
241 }
242 }
243 *cp = 0;
244 if (tokval[0] == 0)
245 return (0);
246 for (i = 0; i < (int) (sizeof (toktab) / sizeof (toktab[0])); ++i)
247 if (!strcmp(&tokstr[toktab[i].tokstr_off], tokval))
248 return toktab[i].tval;
249 return (ID);
250 }
251