xref: /freebsd/crypto/openssh/match.c (revision 62cfcf62f627e5093fb37026a6d8c98e4d2ef04c)
1 /* $OpenBSD: match.c,v 1.38 2018/07/04 13:49:31 djm Exp $ */
2 /*
3  * Author: Tatu Ylonen <ylo@cs.hut.fi>
4  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5  *                    All rights reserved
6  * Simple pattern matching, with '*' and '?' as wildcards.
7  *
8  * As far as I am concerned, the code I have written for this software
9  * can be used freely for any purpose.  Any derived versions of this
10  * software must be clearly marked as such, and if the derived work is
11  * incompatible with the protocol description in the RFC file, it must be
12  * called by a name other than "ssh" or "Secure Shell".
13  */
14 /*
15  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
16  *
17  * Redistribution and use in source and binary forms, with or without
18  * modification, are permitted provided that the following conditions
19  * are met:
20  * 1. Redistributions of source code must retain the above copyright
21  *    notice, this list of conditions and the following disclaimer.
22  * 2. Redistributions in binary form must reproduce the above copyright
23  *    notice, this list of conditions and the following disclaimer in the
24  *    documentation and/or other materials provided with the distribution.
25  *
26  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
27  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
28  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
29  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
30  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
31  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
32  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
33  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
34  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36  */
37 
38 #include "includes.h"
39 
40 #include <sys/types.h>
41 
42 #include <ctype.h>
43 #include <stdlib.h>
44 #include <string.h>
45 #include <stdio.h>
46 
47 #include "xmalloc.h"
48 #include "match.h"
49 #include "misc.h"
50 
51 /*
52  * Returns true if the given string matches the pattern (which may contain ?
53  * and * as wildcards), and zero if it does not match.
54  */
55 
56 int
57 match_pattern(const char *s, const char *pattern)
58 {
59 	for (;;) {
60 		/* If at end of pattern, accept if also at end of string. */
61 		if (!*pattern)
62 			return !*s;
63 
64 		if (*pattern == '*') {
65 			/* Skip the asterisk. */
66 			pattern++;
67 
68 			/* If at end of pattern, accept immediately. */
69 			if (!*pattern)
70 				return 1;
71 
72 			/* If next character in pattern is known, optimize. */
73 			if (*pattern != '?' && *pattern != '*') {
74 				/*
75 				 * Look instances of the next character in
76 				 * pattern, and try to match starting from
77 				 * those.
78 				 */
79 				for (; *s; s++)
80 					if (*s == *pattern &&
81 					    match_pattern(s + 1, pattern + 1))
82 						return 1;
83 				/* Failed. */
84 				return 0;
85 			}
86 			/*
87 			 * Move ahead one character at a time and try to
88 			 * match at each position.
89 			 */
90 			for (; *s; s++)
91 				if (match_pattern(s, pattern))
92 					return 1;
93 			/* Failed. */
94 			return 0;
95 		}
96 		/*
97 		 * There must be at least one more character in the string.
98 		 * If we are at the end, fail.
99 		 */
100 		if (!*s)
101 			return 0;
102 
103 		/* Check if the next character of the string is acceptable. */
104 		if (*pattern != '?' && *pattern != *s)
105 			return 0;
106 
107 		/* Move to the next character, both in string and in pattern. */
108 		s++;
109 		pattern++;
110 	}
111 	/* NOTREACHED */
112 }
113 
114 /*
115  * Tries to match the string against the
116  * comma-separated sequence of subpatterns (each possibly preceded by ! to
117  * indicate negation).  Returns -1 if negation matches, 1 if there is
118  * a positive match, 0 if there is no match at all.
119  */
120 int
121 match_pattern_list(const char *string, const char *pattern, int dolower)
122 {
123 	char sub[1024];
124 	int negated;
125 	int got_positive;
126 	u_int i, subi, len = strlen(pattern);
127 
128 	got_positive = 0;
129 	for (i = 0; i < len;) {
130 		/* Check if the subpattern is negated. */
131 		if (pattern[i] == '!') {
132 			negated = 1;
133 			i++;
134 		} else
135 			negated = 0;
136 
137 		/*
138 		 * Extract the subpattern up to a comma or end.  Convert the
139 		 * subpattern to lowercase.
140 		 */
141 		for (subi = 0;
142 		    i < len && subi < sizeof(sub) - 1 && pattern[i] != ',';
143 		    subi++, i++)
144 			sub[subi] = dolower && isupper((u_char)pattern[i]) ?
145 			    tolower((u_char)pattern[i]) : pattern[i];
146 		/* If subpattern too long, return failure (no match). */
147 		if (subi >= sizeof(sub) - 1)
148 			return 0;
149 
150 		/* If the subpattern was terminated by a comma, then skip it. */
151 		if (i < len && pattern[i] == ',')
152 			i++;
153 
154 		/* Null-terminate the subpattern. */
155 		sub[subi] = '\0';
156 
157 		/* Try to match the subpattern against the string. */
158 		if (match_pattern(string, sub)) {
159 			if (negated)
160 				return -1;		/* Negative */
161 			else
162 				got_positive = 1;	/* Positive */
163 		}
164 	}
165 
166 	/*
167 	 * Return success if got a positive match.  If there was a negative
168 	 * match, we have already returned -1 and never get here.
169 	 */
170 	return got_positive;
171 }
172 
173 /*
174  * Tries to match the host name (which must be in all lowercase) against the
175  * comma-separated sequence of subpatterns (each possibly preceded by ! to
176  * indicate negation).  Returns -1 if negation matches, 1 if there is
177  * a positive match, 0 if there is no match at all.
178  */
179 int
180 match_hostname(const char *host, const char *pattern)
181 {
182 	char *hostcopy = xstrdup(host);
183 	int r;
184 
185 	lowercase(hostcopy);
186 	r = match_pattern_list(hostcopy, pattern, 1);
187 	free(hostcopy);
188 	return r;
189 }
190 
191 /*
192  * returns 0 if we get a negative match for the hostname or the ip
193  * or if we get no match at all.  returns -1 on error, or 1 on
194  * successful match.
195  */
196 int
197 match_host_and_ip(const char *host, const char *ipaddr,
198     const char *patterns)
199 {
200 	int mhost, mip;
201 
202 	if ((mip = addr_match_list(ipaddr, patterns)) == -2)
203 		return -1; /* error in ipaddr match */
204 	else if (host == NULL || ipaddr == NULL || mip == -1)
205 		return 0; /* negative ip address match, or testing pattern */
206 
207 	/* negative hostname match */
208 	if ((mhost = match_hostname(host, patterns)) == -1)
209 		return 0;
210 	/* no match at all */
211 	if (mhost == 0 && mip == 0)
212 		return 0;
213 	return 1;
214 }
215 
216 /*
217  * Match user, user@host_or_ip, user@host_or_ip_list against pattern.
218  * If user, host and ipaddr are all NULL then validate pattern/
219  * Returns -1 on invalid pattern, 0 on no match, 1 on match.
220  */
221 int
222 match_user(const char *user, const char *host, const char *ipaddr,
223     const char *pattern)
224 {
225 	char *p, *pat;
226 	int ret;
227 
228 	/* test mode */
229 	if (user == NULL && host == NULL && ipaddr == NULL) {
230 		if ((p = strchr(pattern, '@')) != NULL &&
231 		    match_host_and_ip(NULL, NULL, p + 1) < 0)
232 			return -1;
233 		return 0;
234 	}
235 
236 	if ((p = strchr(pattern,'@')) == NULL)
237 		return match_pattern(user, pattern);
238 
239 	pat = xstrdup(pattern);
240 	p = strchr(pat, '@');
241 	*p++ = '\0';
242 
243 	if ((ret = match_pattern(user, pat)) == 1)
244 		ret = match_host_and_ip(host, ipaddr, p);
245 	free(pat);
246 
247 	return ret;
248 }
249 
250 /*
251  * Returns first item from client-list that is also supported by server-list,
252  * caller must free the returned string.
253  */
254 #define	MAX_PROP	40
255 #define	SEP	","
256 char *
257 match_list(const char *client, const char *server, u_int *next)
258 {
259 	char *sproposals[MAX_PROP];
260 	char *c, *s, *p, *ret, *cp, *sp;
261 	int i, j, nproposals;
262 
263 	c = cp = xstrdup(client);
264 	s = sp = xstrdup(server);
265 
266 	for ((p = strsep(&sp, SEP)), i=0; p && *p != '\0';
267 	    (p = strsep(&sp, SEP)), i++) {
268 		if (i < MAX_PROP)
269 			sproposals[i] = p;
270 		else
271 			break;
272 	}
273 	nproposals = i;
274 
275 	for ((p = strsep(&cp, SEP)), i=0; p && *p != '\0';
276 	    (p = strsep(&cp, SEP)), i++) {
277 		for (j = 0; j < nproposals; j++) {
278 			if (strcmp(p, sproposals[j]) == 0) {
279 				ret = xstrdup(p);
280 				if (next != NULL)
281 					*next = (cp == NULL) ?
282 					    strlen(c) : (u_int)(cp - c);
283 				free(c);
284 				free(s);
285 				return ret;
286 			}
287 		}
288 	}
289 	if (next != NULL)
290 		*next = strlen(c);
291 	free(c);
292 	free(s);
293 	return NULL;
294 }
295 
296 /*
297  * Filter proposal using pattern-list filter.
298  * "blacklist" determines sense of filter:
299  * non-zero indicates that items matching filter should be excluded.
300  * zero indicates that only items matching filter should be included.
301  * returns NULL on allocation error, otherwise caller must free result.
302  */
303 static char *
304 filter_list(const char *proposal, const char *filter, int blacklist)
305 {
306 	size_t len = strlen(proposal) + 1;
307 	char *fix_prop = malloc(len);
308 	char *orig_prop = strdup(proposal);
309 	char *cp, *tmp;
310 	int r;
311 
312 	if (fix_prop == NULL || orig_prop == NULL) {
313 		free(orig_prop);
314 		free(fix_prop);
315 		return NULL;
316 	}
317 
318 	tmp = orig_prop;
319 	*fix_prop = '\0';
320 	while ((cp = strsep(&tmp, ",")) != NULL) {
321 		r = match_pattern_list(cp, filter, 0);
322 		if ((blacklist && r != 1) || (!blacklist && r == 1)) {
323 			if (*fix_prop != '\0')
324 				strlcat(fix_prop, ",", len);
325 			strlcat(fix_prop, cp, len);
326 		}
327 	}
328 	free(orig_prop);
329 	return fix_prop;
330 }
331 
332 /*
333  * Filters a comma-separated list of strings, excluding any entry matching
334  * the 'filter' pattern list. Caller must free returned string.
335  */
336 char *
337 match_filter_blacklist(const char *proposal, const char *filter)
338 {
339 	return filter_list(proposal, filter, 1);
340 }
341 
342 /*
343  * Filters a comma-separated list of strings, including only entries matching
344  * the 'filter' pattern list. Caller must free returned string.
345  */
346 char *
347 match_filter_whitelist(const char *proposal, const char *filter)
348 {
349 	return filter_list(proposal, filter, 0);
350 }
351