xref: /dragonfly/contrib/openpam/lib/libpam/openpam_subst.c (revision 7031abe4d1ef8c309d4113438494530b74f3f3fe)
1 /*-
2  * Copyright (c) 2011 Dag-Erling Smørgrav
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  * 3. The name of the author may not be used to endorse or promote
14  *    products derived from this software without specific prior written
15  *    permission.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  *
29  * $OpenPAM: openpam_subst.c 938 2017-04-30 21:34:42Z des $
30  */
31 
32 #ifdef HAVE_CONFIG_H
33 # include "config.h"
34 #endif
35 
36 #include <security/pam_appl.h>
37 
38 #include "openpam_impl.h"
39 
40 #define subst_char(ch) do {                       \
41           int ch_ = (ch);                                   \
42           if (buf && len < *bufsize)              \
43                     *buf++ = ch_;                           \
44           ++len;                                            \
45 } while (0)
46 
47 #define subst_string(s) do {                      \
48           const char *s_ = (s);                             \
49           while (*s_)                                       \
50                     subst_char(*s_++);            \
51 } while (0)
52 
53 #define subst_item(i) do {                        \
54           int i_ = (i);                                     \
55           const void *p_;                                   \
56           ret = pam_get_item(pamh, i_, &p_);      \
57           if (ret == PAM_SUCCESS && p_ != NULL)   \
58                     subst_string(p_);             \
59 } while (0)
60 
61 /*
62  * OpenPAM internal
63  *
64  * Substitute PAM item values in a string
65  */
66 
67 int
openpam_subst(const pam_handle_t * pamh,char * buf,size_t * bufsize,const char * template)68 openpam_subst(const pam_handle_t *pamh,
69     char *buf, size_t *bufsize, const char *template)
70 {
71           size_t len;
72           int ret;
73 
74           ENTERS(template);
75           if (template == NULL)
76                     template = "(null)";
77 
78           len = 1; /* initialize to 1 for terminating NUL */
79           ret = PAM_SUCCESS;
80           while (*template && ret == PAM_SUCCESS) {
81                     if (template[0] == '%') {
82                               ++template;
83                               switch (*template) {
84                               case 's':
85                                         subst_item(PAM_SERVICE);
86                                         break;
87                               case 't':
88                                         subst_item(PAM_TTY);
89                                         break;
90                               case 'h':
91                                         subst_item(PAM_HOST);
92                                         break;
93                               case 'u':
94                                         subst_item(PAM_USER);
95                                         break;
96                               case 'H':
97                                         subst_item(PAM_RHOST);
98                                         break;
99                               case 'U':
100                                         subst_item(PAM_RUSER);
101                                         break;
102                               case '\0':
103                                         subst_char('%');
104                                         break;
105                               default:
106                                         subst_char('%');
107                                         subst_char(*template);
108                               }
109                               ++template;
110                     } else {
111                               subst_char(*template++);
112                     }
113           }
114           if (buf)
115                     *buf = '\0';
116           if (ret == PAM_SUCCESS) {
117                     if (len > *bufsize)
118                               ret = PAM_TRY_AGAIN;
119                     *bufsize = len;
120           }
121           RETURNC(ret);
122 }
123 
124 /*
125  * Error codes:
126  *
127  *        =pam_get_item
128  *        !PAM_SYMBOL_ERR
129  *        PAM_TRY_AGAIN
130  */
131 
132 /**
133  * The =openpam_subst function expands a string, substituting PAM item
134  * values for all occurrences of specific substitution codes.
135  * The =template argument points to the initial string.
136  * The result is stored in the buffer pointed to by the =buf argument; the
137  * =bufsize argument specifies the size of that buffer.
138  * The actual size of the resulting string, including the terminating NUL
139  * character, is stored in the location pointed to by the =bufsize
140  * argument.
141  *
142  * If =buf is NULL, or if the buffer is too small to hold the expanded
143  * string, =bufsize is updated to reflect the amount of space required to
144  * hold the entire string, and =openpam_subst returns =PAM_TRY_AGAIN.
145  *
146  * If =openpam_subst fails for any other reason, the =bufsize argument is
147  * untouched, but part of the buffer may still have been overwritten.
148  *
149  * Substitution codes are introduced by a percent character and correspond
150  * to PAM items:
151  *
152  *        %H:
153  *                  Replaced by the current value of the =PAM_RHOST item.
154  *        %h:
155  *                  Replaced by the current value of the =PAM_HOST item.
156  *        %s:
157  *                  Replaced by the current value of the =PAM_SERVICE item.
158  *        %t:
159  *                  Replaced by the current value of the =PAM_TTY item.
160  *        %U:
161  *                  Replaced by the current value of the =PAM_RUSER item.
162  *        %u:
163  *                  Replaced by the current value of the =PAM_USER item.
164  *
165  * >pam_get_authtok
166  * >pam_get_item
167  * >pam_get_user
168  *
169  * AUTHOR DES
170  */
171