1/*-
2 * Copyright (c) 2011 Dag-Erling Smørgrav
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 *    notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 *    notice, this list of conditions and the following disclaimer in the
12 *    documentation and/or other materials provided with the distribution.
13 * 3. The name of the author may not be used to endorse or promote
14 *    products derived from this software without specific prior written
15 *    permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 *
29 * $Id: openpam_subst.c 648 2013-03-05 17:54:27Z des $
30 */
31
32#ifdef HAVE_CONFIG_H
33# include "config.h"
34#endif
35
36#include <security/pam_appl.h>
37
38#include "openpam_impl.h"
39
40#define subst_char(ch) do {			\
41	int ch_ = (ch);				\
42	if (buf && len < *bufsize)		\
43		*buf++ = ch_;			\
44	++len;					\
45} while (0)
46
47#define subst_string(s) do {			\
48	const char *s_ = (s);			\
49	while (*s_)				\
50		subst_char(*s_++);		\
51} while (0)
52
53#define subst_item(i) do {			\
54	int i_ = (i);				\
55	const void *p_;				\
56	ret = pam_get_item(pamh, i_, &p_);	\
57	if (ret == PAM_SUCCESS && p_ != NULL)	\
58		subst_string(p_);		\
59} while (0)
60
61/*
62 * OpenPAM internal
63 *
64 * Substitute PAM item values in a string
65 */
66
67int
68openpam_subst(const pam_handle_t *pamh,
69    char *buf, size_t *bufsize, const char *template)
70{
71	size_t len;
72	int ret;
73
74	ENTERS(template);
75	if (template == NULL)
76		template = "(null)";
77
78	len = 1; /* initialize to 1 for terminating NUL */
79	ret = PAM_SUCCESS;
80	while (*template && ret == PAM_SUCCESS) {
81		if (template[0] == '%') {
82			++template;
83			switch (*template) {
84			case 's':
85				subst_item(PAM_SERVICE);
86				break;
87			case 't':
88				subst_item(PAM_TTY);
89				break;
90			case 'h':
91				subst_item(PAM_HOST);
92				break;
93			case 'u':
94				subst_item(PAM_USER);
95				break;
96			case 'H':
97				subst_item(PAM_RHOST);
98				break;
99			case 'U':
100				subst_item(PAM_RUSER);
101				break;
102			case '\0':
103				subst_char('%');
104				break;
105			default:
106				subst_char('%');
107				subst_char(*template);
108			}
109			++template;
110		} else {
111			subst_char(*template++);
112		}
113	}
114	if (buf)
115		*buf = '\0';
116	if (ret == PAM_SUCCESS) {
117		if (len > *bufsize)
118			ret = PAM_TRY_AGAIN;
119		*bufsize = len;
120	}
121	RETURNC(ret);
122}
123
124/*
125 * Error codes:
126 *
127 *	=pam_get_item
128 *	!PAM_SYMBOL_ERR
129 *	PAM_TRY_AGAIN
130 */
131
132/**
133 * The =openpam_subst function expands a string, substituting PAM item
134 * values for all occurrences of specific substitution codes.
135 * The =template argument points to the initial string.
136 * The result is stored in the buffer pointed to by the =buf argument; the
137 * =bufsize argument specifies the size of that buffer.
138 * The actual size of the resulting string, including the terminating NUL
139 * character, is stored in the location pointed to by the =bufsize
140 * argument.
141 *
142 * If =buf is NULL, or if the buffer is too small to hold the expanded
143 * string, =bufsize is updated to reflect the amount of space required to
144 * hold the entire string, and =openpam_subst returns =PAM_TRY_AGAIN.
145 *
146 * If =openpam_subst fails for any other reason, the =bufsize argument is
147 * untouched, but part of the buffer may still have been overwritten.
148 *
149 * Substitution codes are introduced by a percent character and correspond
150 * to PAM items:
151 *
152 *	%H:
153 *		Replaced by the current value of the =PAM_RHOST item.
154 *	%h:
155 *		Replaced by the current value of the =PAM_HOST item.
156 *	%s:
157 *		Replaced by the current value of the =PAM_SERVICE item.
158 *	%t:
159 *		Replaced by the current value of the =PAM_TTY item.
160 *	%U:
161 *		Replaced by the current value of the =PAM_RUSER item.
162 *	%u:
163 *		Replaced by the current value of the =PAM_USER item.
164 *
165 * >pam_get_authtok
166 * >pam_get_item
167 * >pam_get_user
168 *
169 * AUTHOR DES
170 */
171