1*f7e6344dSDag-Erling Smørgrav /*- 2*f7e6344dSDag-Erling Smørgrav * Copyright (c) 2012 Dag-Erling Smørgrav 3*f7e6344dSDag-Erling Smørgrav * All rights reserved. 4*f7e6344dSDag-Erling Smørgrav * 5*f7e6344dSDag-Erling Smørgrav * Redistribution and use in source and binary forms, with or without 6*f7e6344dSDag-Erling Smørgrav * modification, are permitted provided that the following conditions 7*f7e6344dSDag-Erling Smørgrav * are met: 8*f7e6344dSDag-Erling Smørgrav * 1. Redistributions of source code must retain the above copyright 9*f7e6344dSDag-Erling Smørgrav * notice, this list of conditions and the following disclaimer 10*f7e6344dSDag-Erling Smørgrav * in this position and unchanged. 11*f7e6344dSDag-Erling Smørgrav * 2. Redistributions in binary form must reproduce the above copyright 12*f7e6344dSDag-Erling Smørgrav * notice, this list of conditions and the following disclaimer in the 13*f7e6344dSDag-Erling Smørgrav * documentation and/or other materials provided with the distribution. 14*f7e6344dSDag-Erling Smørgrav * 3. The name of the author may not be used to endorse or promote 15*f7e6344dSDag-Erling Smørgrav * products derived from this software without specific prior written 16*f7e6344dSDag-Erling Smørgrav * permission. 17*f7e6344dSDag-Erling Smørgrav * 18*f7e6344dSDag-Erling Smørgrav * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 19*f7e6344dSDag-Erling Smørgrav * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20*f7e6344dSDag-Erling Smørgrav * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21*f7e6344dSDag-Erling Smørgrav * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 22*f7e6344dSDag-Erling Smørgrav * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23*f7e6344dSDag-Erling Smørgrav * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24*f7e6344dSDag-Erling Smørgrav * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25*f7e6344dSDag-Erling Smørgrav * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26*f7e6344dSDag-Erling Smørgrav * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27*f7e6344dSDag-Erling Smørgrav * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28*f7e6344dSDag-Erling Smørgrav * SUCH DAMAGE. 29*f7e6344dSDag-Erling Smørgrav * 30*f7e6344dSDag-Erling Smørgrav * $Id: openpam_readword.c 588 2012-04-08 11:52:25Z des $ 31*f7e6344dSDag-Erling Smørgrav */ 32*f7e6344dSDag-Erling Smørgrav 33*f7e6344dSDag-Erling Smørgrav #ifdef HAVE_CONFIG_H 34*f7e6344dSDag-Erling Smørgrav # include "config.h" 35*f7e6344dSDag-Erling Smørgrav #endif 36*f7e6344dSDag-Erling Smørgrav 37*f7e6344dSDag-Erling Smørgrav #include <errno.h> 38*f7e6344dSDag-Erling Smørgrav #include <stdio.h> 39*f7e6344dSDag-Erling Smørgrav #include <stdlib.h> 40*f7e6344dSDag-Erling Smørgrav 41*f7e6344dSDag-Erling Smørgrav #include <security/pam_appl.h> 42*f7e6344dSDag-Erling Smørgrav 43*f7e6344dSDag-Erling Smørgrav #include "openpam_impl.h" 44*f7e6344dSDag-Erling Smørgrav #include "openpam_ctype.h" 45*f7e6344dSDag-Erling Smørgrav 46*f7e6344dSDag-Erling Smørgrav #define MIN_WORD_SIZE 32 47*f7e6344dSDag-Erling Smørgrav 48*f7e6344dSDag-Erling Smørgrav /* 49*f7e6344dSDag-Erling Smørgrav * OpenPAM extension 50*f7e6344dSDag-Erling Smørgrav * 51*f7e6344dSDag-Erling Smørgrav * Read a word from a file, respecting shell quoting rules. 52*f7e6344dSDag-Erling Smørgrav */ 53*f7e6344dSDag-Erling Smørgrav 54*f7e6344dSDag-Erling Smørgrav char * 55*f7e6344dSDag-Erling Smørgrav openpam_readword(FILE *f, int *lineno, size_t *lenp) 56*f7e6344dSDag-Erling Smørgrav { 57*f7e6344dSDag-Erling Smørgrav char *word; 58*f7e6344dSDag-Erling Smørgrav size_t size, len; 59*f7e6344dSDag-Erling Smørgrav int ch, comment, escape, quote; 60*f7e6344dSDag-Erling Smørgrav int serrno; 61*f7e6344dSDag-Erling Smørgrav 62*f7e6344dSDag-Erling Smørgrav errno = 0; 63*f7e6344dSDag-Erling Smørgrav 64*f7e6344dSDag-Erling Smørgrav /* skip initial whitespace */ 65*f7e6344dSDag-Erling Smørgrav comment = 0; 66*f7e6344dSDag-Erling Smørgrav while ((ch = getc(f)) != EOF && ch != '\n') { 67*f7e6344dSDag-Erling Smørgrav if (ch == '#') 68*f7e6344dSDag-Erling Smørgrav comment = 1; 69*f7e6344dSDag-Erling Smørgrav if (!is_lws(ch) && !comment) 70*f7e6344dSDag-Erling Smørgrav break; 71*f7e6344dSDag-Erling Smørgrav } 72*f7e6344dSDag-Erling Smørgrav if (ch == EOF) 73*f7e6344dSDag-Erling Smørgrav return (NULL); 74*f7e6344dSDag-Erling Smørgrav ungetc(ch, f); 75*f7e6344dSDag-Erling Smørgrav if (ch == '\n') 76*f7e6344dSDag-Erling Smørgrav return (NULL); 77*f7e6344dSDag-Erling Smørgrav 78*f7e6344dSDag-Erling Smørgrav word = NULL; 79*f7e6344dSDag-Erling Smørgrav size = len = 0; 80*f7e6344dSDag-Erling Smørgrav escape = quote = 0; 81*f7e6344dSDag-Erling Smørgrav while ((ch = fgetc(f)) != EOF && (!is_ws(ch) || quote || escape)) { 82*f7e6344dSDag-Erling Smørgrav if (ch == '\\' && !escape && quote != '\'') { 83*f7e6344dSDag-Erling Smørgrav /* escape next character */ 84*f7e6344dSDag-Erling Smørgrav escape = ch; 85*f7e6344dSDag-Erling Smørgrav } else if ((ch == '\'' || ch == '"') && !quote && !escape) { 86*f7e6344dSDag-Erling Smørgrav /* begin quote */ 87*f7e6344dSDag-Erling Smørgrav quote = ch; 88*f7e6344dSDag-Erling Smørgrav /* edge case: empty quoted string */ 89*f7e6344dSDag-Erling Smørgrav if (openpam_straddch(&word, &size, &len, 0) != 0) 90*f7e6344dSDag-Erling Smørgrav return (NULL); 91*f7e6344dSDag-Erling Smørgrav } else if (ch == quote && !escape) { 92*f7e6344dSDag-Erling Smørgrav /* end quote */ 93*f7e6344dSDag-Erling Smørgrav quote = 0; 94*f7e6344dSDag-Erling Smørgrav } else if (ch == '\n' && escape && quote != '\'') { 95*f7e6344dSDag-Erling Smørgrav /* line continuation */ 96*f7e6344dSDag-Erling Smørgrav escape = 0; 97*f7e6344dSDag-Erling Smørgrav } else { 98*f7e6344dSDag-Erling Smørgrav if (escape && quote && ch != '\\' && ch != quote && 99*f7e6344dSDag-Erling Smørgrav openpam_straddch(&word, &size, &len, '\\') != 0) { 100*f7e6344dSDag-Erling Smørgrav free(word); 101*f7e6344dSDag-Erling Smørgrav errno = ENOMEM; 102*f7e6344dSDag-Erling Smørgrav return (NULL); 103*f7e6344dSDag-Erling Smørgrav } 104*f7e6344dSDag-Erling Smørgrav if (openpam_straddch(&word, &size, &len, ch) != 0) { 105*f7e6344dSDag-Erling Smørgrav free(word); 106*f7e6344dSDag-Erling Smørgrav errno = ENOMEM; 107*f7e6344dSDag-Erling Smørgrav return (NULL); 108*f7e6344dSDag-Erling Smørgrav } 109*f7e6344dSDag-Erling Smørgrav escape = 0; 110*f7e6344dSDag-Erling Smørgrav } 111*f7e6344dSDag-Erling Smørgrav if (lineno != NULL && ch == '\n') 112*f7e6344dSDag-Erling Smørgrav ++*lineno; 113*f7e6344dSDag-Erling Smørgrav } 114*f7e6344dSDag-Erling Smørgrav if (ch == EOF && ferror(f)) { 115*f7e6344dSDag-Erling Smørgrav serrno = errno; 116*f7e6344dSDag-Erling Smørgrav free(word); 117*f7e6344dSDag-Erling Smørgrav errno = serrno; 118*f7e6344dSDag-Erling Smørgrav return (NULL); 119*f7e6344dSDag-Erling Smørgrav } 120*f7e6344dSDag-Erling Smørgrav if (ch == EOF && (escape || quote)) { 121*f7e6344dSDag-Erling Smørgrav /* Missing escaped character or closing quote. */ 122*f7e6344dSDag-Erling Smørgrav openpam_log(PAM_LOG_ERROR, "unexpected end of file"); 123*f7e6344dSDag-Erling Smørgrav free(word); 124*f7e6344dSDag-Erling Smørgrav errno = EINVAL; 125*f7e6344dSDag-Erling Smørgrav return (NULL); 126*f7e6344dSDag-Erling Smørgrav } 127*f7e6344dSDag-Erling Smørgrav ungetc(ch, f); 128*f7e6344dSDag-Erling Smørgrav if (lenp != NULL) 129*f7e6344dSDag-Erling Smørgrav *lenp = len; 130*f7e6344dSDag-Erling Smørgrav return (word); 131*f7e6344dSDag-Erling Smørgrav } 132*f7e6344dSDag-Erling Smørgrav 133*f7e6344dSDag-Erling Smørgrav /** 134*f7e6344dSDag-Erling Smørgrav * The =openpam_readword function reads the next word from a file, and 135*f7e6344dSDag-Erling Smørgrav * returns it in a NUL-terminated buffer allocated with =!malloc. 136*f7e6344dSDag-Erling Smørgrav * 137*f7e6344dSDag-Erling Smørgrav * A word is a sequence of non-whitespace characters. 138*f7e6344dSDag-Erling Smørgrav * However, whitespace characters can be included in a word if quoted or 139*f7e6344dSDag-Erling Smørgrav * escaped according to the following rules: 140*f7e6344dSDag-Erling Smørgrav * 141*f7e6344dSDag-Erling Smørgrav * - An unescaped single or double quote introduces a quoted string, 142*f7e6344dSDag-Erling Smørgrav * which ends when the same quote character is encountered a second 143*f7e6344dSDag-Erling Smørgrav * time. 144*f7e6344dSDag-Erling Smørgrav * The quotes themselves are stripped. 145*f7e6344dSDag-Erling Smørgrav * 146*f7e6344dSDag-Erling Smørgrav * - Within a single- or double-quoted string, all whitespace characters, 147*f7e6344dSDag-Erling Smørgrav * including the newline character, are preserved as-is. 148*f7e6344dSDag-Erling Smørgrav * 149*f7e6344dSDag-Erling Smørgrav * - Outside a quoted string, a backslash escapes the next character, 150*f7e6344dSDag-Erling Smørgrav * which is preserved as-is, unless that character is a newline, in 151*f7e6344dSDag-Erling Smørgrav * which case it is discarded and reading continues at the beginning of 152*f7e6344dSDag-Erling Smørgrav * the next line as if the backslash and newline had not been there. 153*f7e6344dSDag-Erling Smørgrav * In all cases, the backslash itself is discarded. 154*f7e6344dSDag-Erling Smørgrav * 155*f7e6344dSDag-Erling Smørgrav * - Within a single-quoted string, double quotes and backslashes are 156*f7e6344dSDag-Erling Smørgrav * preserved as-is. 157*f7e6344dSDag-Erling Smørgrav * 158*f7e6344dSDag-Erling Smørgrav * - Within a double-quoted string, a single quote is preserved as-is, 159*f7e6344dSDag-Erling Smørgrav * and a backslash is preserved as-is unless used to escape a double 160*f7e6344dSDag-Erling Smørgrav * quote. 161*f7e6344dSDag-Erling Smørgrav * 162*f7e6344dSDag-Erling Smørgrav * In addition, if the first non-whitespace character on the line is a 163*f7e6344dSDag-Erling Smørgrav * hash character (#), the rest of the line is discarded. 164*f7e6344dSDag-Erling Smørgrav * If a hash character occurs within a word, however, it is preserved 165*f7e6344dSDag-Erling Smørgrav * as-is. 166*f7e6344dSDag-Erling Smørgrav * A backslash at the end of a comment does cause line continuation. 167*f7e6344dSDag-Erling Smørgrav * 168*f7e6344dSDag-Erling Smørgrav * If =lineno is not =NULL, the integer variable it points to is 169*f7e6344dSDag-Erling Smørgrav * incremented every time a quoted or escaped newline character is read. 170*f7e6344dSDag-Erling Smørgrav * 171*f7e6344dSDag-Erling Smørgrav * If =lenp is not =NULL, the length of the word (after quotes and 172*f7e6344dSDag-Erling Smørgrav * backslashes have been removed) is stored in the variable it points to. 173*f7e6344dSDag-Erling Smørgrav * 174*f7e6344dSDag-Erling Smørgrav * RETURN VALUES 175*f7e6344dSDag-Erling Smørgrav * 176*f7e6344dSDag-Erling Smørgrav * If successful, the =openpam_readword function returns a pointer to a 177*f7e6344dSDag-Erling Smørgrav * dynamically allocated NUL-terminated string containing the first word 178*f7e6344dSDag-Erling Smørgrav * encountered on the line. 179*f7e6344dSDag-Erling Smørgrav * 180*f7e6344dSDag-Erling Smørgrav * The caller is responsible for releasing the returned buffer by passing 181*f7e6344dSDag-Erling Smørgrav * it to =!free. 182*f7e6344dSDag-Erling Smørgrav * 183*f7e6344dSDag-Erling Smørgrav * If =openpam_readword reaches the end of the line or file before any 184*f7e6344dSDag-Erling Smørgrav * characters are copied to the word, it returns =NULL. In the former 185*f7e6344dSDag-Erling Smørgrav * case, the newline is pushed back to the file. 186*f7e6344dSDag-Erling Smørgrav * 187*f7e6344dSDag-Erling Smørgrav * If =openpam_readword reaches the end of the file while a quote or 188*f7e6344dSDag-Erling Smørgrav * backslash escape is in effect, it sets :errno to =EINVAL and returns 189*f7e6344dSDag-Erling Smørgrav * =NULL. 190*f7e6344dSDag-Erling Smørgrav * 191*f7e6344dSDag-Erling Smørgrav * IMPLEMENTATION NOTES 192*f7e6344dSDag-Erling Smørgrav * 193*f7e6344dSDag-Erling Smørgrav * The parsing rules are intended to be equivalent to the normal POSIX 194*f7e6344dSDag-Erling Smørgrav * shell quoting rules. 195*f7e6344dSDag-Erling Smørgrav * Any discrepancy is a bug and should be reported to the author along 196*f7e6344dSDag-Erling Smørgrav * with sample input that can be used to reproduce the error. 197*f7e6344dSDag-Erling Smørgrav * 198*f7e6344dSDag-Erling Smørgrav * >openpam_readline 199*f7e6344dSDag-Erling Smørgrav * >openpam_readlinev 200*f7e6344dSDag-Erling Smørgrav * 201*f7e6344dSDag-Erling Smørgrav * AUTHOR DES 202*f7e6344dSDag-Erling Smørgrav */ 203