1 /*
2 * Kerberos compatibility functions for AIX's NAS libraries.
3 *
4 * AIX for some reason doesn't provide the krb5_appdefault_* functions, but
5 * does provide the underlying profile library functions (as a separate
6 * libk5profile with a separate k5profile.h header file).
7 *
8 * This file is therefore (apart from the includes, opening and closing
9 * comments, and the spots marked with an rra-c-util comment) a verbatim copy
10 * of src/lib/krb5/krb/appdefault.c from MIT Kerberos 1.4.4.
11 *
12 * The canonical version of this file is maintained in the rra-c-util package,
13 * which can be found at <https://www.eyrie.org/~eagle/software/rra-c-util/>.
14 *
15 * Copyright 1985-2005 by the Massachusetts Institute of Technology.
16 * For license information, see the end of this file.
17 */
18
19 #include <config.h>
20
21 #include <krb5.h>
22 #ifdef HAVE_K5PROFILE_H
23 # include <k5profile.h>
24 #endif
25 #ifdef HAVE_PROFILE_H
26 # include <profile.h>
27 #endif
28 #include <stdio.h>
29 #include <string.h>
30
31 /*xxx Duplicating this is annoying; try to work on a better way.*/
32 static const char *const conf_yes[] = {
33 "y", "yes", "true", "t", "1", "on",
34 0,
35 };
36
37 static const char *const conf_no[] = {
38 "n", "no", "false", "nil", "0", "off",
39 0,
40 };
41
conf_boolean(char * s)42 static int conf_boolean(char *s)
43 {
44 const char * const *p;
45 for(p=conf_yes; *p; p++) {
46 if (!strcasecmp(*p,s))
47 return 1;
48 }
49 for(p=conf_no; *p; p++) {
50 if (!strcasecmp(*p,s))
51 return 0;
52 }
53 /* Default to "no" */
54 return 0;
55 }
56
appdefault_get(krb5_context context,const char * appname,const krb5_data * realm,const char * option,char ** ret_value)57 static krb5_error_code appdefault_get(krb5_context context, const char *appname, const krb5_data *realm, const char *option, char **ret_value)
58 {
59 profile_t profile;
60 const char *names[5];
61 char **nameval = NULL;
62 krb5_error_code retval;
63 const char * realmstr = realm?realm->data:NULL;
64
65 /*
66 * rra-c-util: The magic values are internal, so a magic check for the
67 * context struct was removed here. Call krb5_get_profile if it's
68 * available since the krb5_context struct may be opaque.
69 */
70 if (!context)
71 return KV5M_CONTEXT;
72
73 #ifdef HAVE_KRB5_GET_PROFILE
74 krb5_get_profile(context, &profile);
75 #else
76 profile = context->profile;
77 #endif
78
79 /*
80 * Try number one:
81 *
82 * [appdefaults]
83 * app = {
84 * SOME.REALM = {
85 * option = <boolean>
86 * }
87 * }
88 */
89
90 names[0] = "appdefaults";
91 names[1] = appname;
92
93 if (realmstr) {
94 names[2] = realmstr;
95 names[3] = option;
96 names[4] = 0;
97 retval = profile_get_values(profile, names, &nameval);
98 if (retval == 0 && nameval && nameval[0]) {
99 *ret_value = strdup(nameval[0]);
100 goto goodbye;
101 }
102 }
103
104 /*
105 * Try number two:
106 *
107 * [appdefaults]
108 * app = {
109 * option = <boolean>
110 * }
111 */
112
113 names[2] = option;
114 names[3] = 0;
115 retval = profile_get_values(profile, names, &nameval);
116 if (retval == 0 && nameval && nameval[0]) {
117 *ret_value = strdup(nameval[0]);
118 goto goodbye;
119 }
120
121 /*
122 * Try number three:
123 *
124 * [appdefaults]
125 * realm = {
126 * option = <boolean>
127 */
128
129 if (realmstr) {
130 names[1] = realmstr;
131 names[2] = option;
132 names[3] = 0;
133 retval = profile_get_values(profile, names, &nameval);
134 if (retval == 0 && nameval && nameval[0]) {
135 *ret_value = strdup(nameval[0]);
136 goto goodbye;
137 }
138 }
139
140 /*
141 * Try number four:
142 *
143 * [appdefaults]
144 * option = <boolean>
145 */
146
147 names[1] = option;
148 names[2] = 0;
149 retval = profile_get_values(profile, names, &nameval);
150 if (retval == 0 && nameval && nameval[0]) {
151 *ret_value = strdup(nameval[0]);
152 } else {
153 return retval;
154 }
155
156 goodbye:
157 if (nameval) {
158 char **cpp;
159 for (cpp = nameval; *cpp; cpp++)
160 free(*cpp);
161 free(nameval);
162 }
163 return 0;
164 }
165
166 void KRB5_CALLCONV
krb5_appdefault_boolean(krb5_context context,const char * appname,const krb5_data * realm,const char * option,int default_value,int * ret_value)167 krb5_appdefault_boolean(krb5_context context, const char *appname, const krb5_data *realm, const char *option, int default_value, int *ret_value)
168 {
169 char *string = NULL;
170 krb5_error_code retval;
171
172 retval = appdefault_get(context, appname, realm, option, &string);
173
174 if (! retval && string) {
175 *ret_value = conf_boolean(string);
176 free(string);
177 } else
178 *ret_value = default_value;
179 }
180
181 void KRB5_CALLCONV
krb5_appdefault_string(krb5_context context,const char * appname,const krb5_data * realm,const char * option,const char * default_value,char ** ret_value)182 krb5_appdefault_string(krb5_context context, const char *appname, const krb5_data *realm, const char *option, const char *default_value, char **ret_value)
183 {
184 krb5_error_code retval;
185 char *string;
186
187 retval = appdefault_get(context, appname, realm, option, &string);
188
189 if (! retval && string) {
190 *ret_value = string;
191 } else {
192 *ret_value = strdup(default_value);
193 }
194 }
195
196 /*
197 * Copyright (C) 1985-2005 by the Massachusetts Institute of Technology.
198 * All rights reserved.
199 *
200 * Export of this software from the United States of America may require
201 * a specific license from the United States Government. It is the
202 * responsibility of any person or organization contemplating export to
203 * obtain such a license before exporting.
204 *
205 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
206 * distribute this software and its documentation for any purpose and
207 * without fee is hereby granted, provided that the above copyright
208 * notice appear in all copies and that both that copyright notice and
209 * this permission notice appear in supporting documentation, and that
210 * the name of M.I.T. not be used in advertising or publicity pertaining
211 * to distribution of the software without specific, written prior
212 * permission. Furthermore if you modify this software you must label
213 * your software as modified software and not distribute it in such a
214 * fashion that it might be confused with the original MIT software.
215 * M.I.T. makes no representations about the suitability of this software
216 * for any purpose. It is provided "as is" without express or implied
217 * warranty.
218 *
219 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
220 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
221 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
222 *
223 * Individual source code files are copyright MIT, Cygnus Support,
224 * OpenVision, Oracle, Sun Soft, FundsXpress, and others.
225 *
226 * Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira,
227 * and Zephyr are trademarks of the Massachusetts Institute of Technology
228 * (MIT). No commercial use of these trademarks may be made without
229 * prior written permission of MIT.
230 *
231 * "Commercial use" means use of a name in a product or other for-profit
232 * manner. It does NOT prevent a commercial firm from referring to the
233 * MIT trademarks in order to convey information (although in doing so,
234 * recognition of their trademark status should be given).
235 *
236 * There is no SPDX-License-Identifier registered for this license.
237 */
238