1/*	$NetBSD: get_default_principal.c,v 1.4 2023/06/19 21:41:44 christos Exp $	*/
2
3/*
4 * Copyright (c) 1997 - 2001 Kungliga Tekniska H��gskolan
5 * (Royal Institute of Technology, Stockholm, Sweden).
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 *    notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 *    notice, this list of conditions and the following disclaimer in the
17 *    documentation and/or other materials provided with the distribution.
18 *
19 * 3. Neither the name of the Institute nor the names of its contributors
20 *    may be used to endorse or promote products derived from this software
21 *    without specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 */
35
36#include "krb5_locl.h"
37
38/*
39 * Try to find out what's a reasonable default principal.
40 */
41
42static const char*
43get_env_user(void)
44{
45    const char *user = getenv("USER");
46    if(user == NULL)
47	user = getenv("LOGNAME");
48    if(user == NULL)
49	user = getenv("USERNAME");
50    return user;
51}
52
53#ifndef _WIN32
54
55/*
56 * Will only use operating-system dependant operation to get the
57 * default principal, for use of functions that in ccache layer to
58 * avoid recursive calls.
59 */
60
61KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
62_krb5_get_default_principal_local (krb5_context context,
63				   krb5_principal *princ)
64{
65    krb5_error_code ret;
66    const char *user;
67    uid_t uid;
68
69    *princ = NULL;
70
71    uid = getuid();
72    if(uid == 0) {
73	user = getlogin();
74	if(user == NULL)
75	    user = get_env_user();
76	if(user != NULL && strcmp(user, "root") != 0)
77	    ret = krb5_make_principal(context, princ, NULL, user, "root", NULL);
78	else
79	    ret = krb5_make_principal(context, princ, NULL, "root", NULL);
80    } else {
81	struct passwd pw, *pwd = NULL;
82	char pwbuf[2048];
83
84	if (rk_getpwuid_r(uid, &pw, pwbuf, sizeof(pwbuf), &pwd) == 0)
85	    user = pwd->pw_name;
86	else {
87	    user = get_env_user();
88	    if(user == NULL)
89		user = getlogin();
90	}
91	if(user == NULL) {
92	    krb5_set_error_message(context, ENOTTY,
93				   N_("unable to figure out current "
94				      "principal", ""));
95	    return ENOTTY; /* XXX */
96	}
97	ret = krb5_make_principal(context, princ, NULL, user, NULL);
98    }
99    return ret;
100}
101
102#else  /* _WIN32 */
103
104#define SECURITY_WIN32
105#include <security.h>
106
107KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
108_krb5_get_default_principal_local(krb5_context context,
109				  krb5_principal *princ)
110{
111    /* See if we can get the principal first.  We only expect this to
112       work if logged into a domain. */
113    {
114	char username[1024];
115	ULONG sz = sizeof(username);
116
117	if (GetUserNameEx(NameUserPrincipal, username, &sz)) {
118	    return krb5_parse_name_flags(context, username,
119					 KRB5_PRINCIPAL_PARSE_ENTERPRISE,
120					 princ);
121	}
122    }
123
124    /* Just get the Windows username.  This should pretty much always
125       work. */
126    {
127	char username[1024];
128	DWORD dsz = sizeof(username);
129
130	if (GetUserName(username, &dsz)) {
131	    return krb5_make_principal(context, princ, NULL, username, NULL);
132	}
133    }
134
135    /* Failing that, we look at the environment */
136    {
137	const char * username = get_env_user();
138
139	if (username == NULL) {
140	    krb5_set_error_string(context,
141				  "unable to figure out current principal");
142	    return ENOTTY;	/* Really? */
143	}
144
145	return krb5_make_principal(context, princ, NULL, username, NULL);
146    }
147}
148
149#endif
150
151KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
152krb5_get_default_principal (krb5_context context,
153			    krb5_principal *princ)
154{
155    krb5_error_code ret;
156    krb5_ccache id;
157
158    *princ = NULL;
159
160    ret = krb5_cc_default (context, &id);
161    if (ret == 0) {
162	ret = krb5_cc_get_principal (context, id, princ);
163	krb5_cc_close (context, id);
164	if (ret == 0)
165	    return 0;
166    }
167
168    return _krb5_get_default_principal_local(context, princ);
169}
170