/src/PROJ/curl/lib/netrc.c
Line | Count | Source (jump to first uncovered line) |
1 | | /*************************************************************************** |
2 | | * _ _ ____ _ |
3 | | * Project ___| | | | _ \| | |
4 | | * / __| | | | |_) | | |
5 | | * | (__| |_| | _ <| |___ |
6 | | * \___|\___/|_| \_\_____| |
7 | | * |
8 | | * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. |
9 | | * |
10 | | * This software is licensed as described in the file COPYING, which |
11 | | * you should have received as part of this distribution. The terms |
12 | | * are also available at https://curl.se/docs/copyright.html. |
13 | | * |
14 | | * You may opt to use, copy, modify, merge, publish, distribute and/or sell |
15 | | * copies of the Software, and permit persons to whom the Software is |
16 | | * furnished to do so, under the terms of the COPYING file. |
17 | | * |
18 | | * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY |
19 | | * KIND, either express or implied. |
20 | | * |
21 | | * SPDX-License-Identifier: curl |
22 | | * |
23 | | ***************************************************************************/ |
24 | | |
25 | | #include "curl_setup.h" |
26 | | #ifndef CURL_DISABLE_NETRC |
27 | | |
28 | | #ifdef HAVE_PWD_H |
29 | | #include <pwd.h> |
30 | | #endif |
31 | | |
32 | | #include <curl/curl.h> |
33 | | #include "netrc.h" |
34 | | #include "strtok.h" |
35 | | #include "strcase.h" |
36 | | #include "curl_get_line.h" |
37 | | |
38 | | /* The last 3 #include files should be in this order */ |
39 | | #include "curl_printf.h" |
40 | | #include "curl_memory.h" |
41 | | #include "memdebug.h" |
42 | | |
43 | | /* Get user and password from .netrc when given a machine name */ |
44 | | |
45 | | enum host_lookup_state { |
46 | | NOTHING, |
47 | | HOSTFOUND, /* the 'machine' keyword was found */ |
48 | | HOSTVALID, /* this is "our" machine! */ |
49 | | MACDEF |
50 | | }; |
51 | | |
52 | 0 | #define NETRC_FILE_MISSING 1 |
53 | 0 | #define NETRC_FAILED -1 |
54 | 0 | #define NETRC_SUCCESS 0 |
55 | | |
56 | 0 | #define MAX_NETRC_LINE 4096 |
57 | | |
58 | | /* |
59 | | * Returns zero on success. |
60 | | */ |
61 | | static int parsenetrc(const char *host, |
62 | | char **loginp, |
63 | | char **passwordp, |
64 | | char *netrcfile) |
65 | 0 | { |
66 | 0 | FILE *file; |
67 | 0 | int retcode = NETRC_FILE_MISSING; |
68 | 0 | char *login = *loginp; |
69 | 0 | char *password = *passwordp; |
70 | 0 | bool specific_login = (login && *login != 0); |
71 | 0 | bool login_alloc = FALSE; |
72 | 0 | bool password_alloc = FALSE; |
73 | 0 | enum host_lookup_state state = NOTHING; |
74 | |
|
75 | 0 | char state_login = 0; /* Found a login keyword */ |
76 | 0 | char state_password = 0; /* Found a password keyword */ |
77 | 0 | int state_our_login = TRUE; /* With specific_login, found *our* login |
78 | | name (or login-less line) */ |
79 | |
|
80 | 0 | DEBUGASSERT(netrcfile); |
81 | |
|
82 | 0 | file = fopen(netrcfile, FOPEN_READTEXT); |
83 | 0 | if(file) { |
84 | 0 | bool done = FALSE; |
85 | 0 | struct dynbuf buf; |
86 | 0 | Curl_dyn_init(&buf, MAX_NETRC_LINE); |
87 | |
|
88 | 0 | while(!done && Curl_get_line(&buf, file)) { |
89 | 0 | char *tok; |
90 | 0 | char *tok_end; |
91 | 0 | bool quoted; |
92 | 0 | char *netrcbuffer = Curl_dyn_ptr(&buf); |
93 | 0 | if(state == MACDEF) { |
94 | 0 | if((netrcbuffer[0] == '\n') || (netrcbuffer[0] == '\r')) |
95 | 0 | state = NOTHING; |
96 | 0 | else |
97 | 0 | continue; |
98 | 0 | } |
99 | 0 | tok = netrcbuffer; |
100 | 0 | while(tok) { |
101 | 0 | while(ISBLANK(*tok)) |
102 | 0 | tok++; |
103 | | /* tok is first non-space letter */ |
104 | 0 | if(!*tok || (*tok == '#')) |
105 | | /* end of line or the rest is a comment */ |
106 | 0 | break; |
107 | | |
108 | | /* leading double-quote means quoted string */ |
109 | 0 | quoted = (*tok == '\"'); |
110 | |
|
111 | 0 | tok_end = tok; |
112 | 0 | if(!quoted) { |
113 | 0 | while(!ISSPACE(*tok_end)) |
114 | 0 | tok_end++; |
115 | 0 | *tok_end = 0; |
116 | 0 | } |
117 | 0 | else { |
118 | 0 | bool escape = FALSE; |
119 | 0 | bool endquote = FALSE; |
120 | 0 | char *store = tok; |
121 | 0 | tok_end++; /* pass the leading quote */ |
122 | 0 | while(*tok_end) { |
123 | 0 | char s = *tok_end; |
124 | 0 | if(escape) { |
125 | 0 | escape = FALSE; |
126 | 0 | switch(s) { |
127 | 0 | case 'n': |
128 | 0 | s = '\n'; |
129 | 0 | break; |
130 | 0 | case 'r': |
131 | 0 | s = '\r'; |
132 | 0 | break; |
133 | 0 | case 't': |
134 | 0 | s = '\t'; |
135 | 0 | break; |
136 | 0 | } |
137 | 0 | } |
138 | 0 | else if(s == '\\') { |
139 | 0 | escape = TRUE; |
140 | 0 | tok_end++; |
141 | 0 | continue; |
142 | 0 | } |
143 | 0 | else if(s == '\"') { |
144 | 0 | tok_end++; /* pass the ending quote */ |
145 | 0 | endquote = TRUE; |
146 | 0 | break; |
147 | 0 | } |
148 | 0 | *store++ = s; |
149 | 0 | tok_end++; |
150 | 0 | } |
151 | 0 | *store = 0; |
152 | 0 | if(escape || !endquote) { |
153 | | /* bad syntax, get out */ |
154 | 0 | retcode = NETRC_FAILED; |
155 | 0 | goto out; |
156 | 0 | } |
157 | 0 | } |
158 | | |
159 | 0 | if((login && *login) && (password && *password)) { |
160 | 0 | done = TRUE; |
161 | 0 | break; |
162 | 0 | } |
163 | | |
164 | 0 | switch(state) { |
165 | 0 | case NOTHING: |
166 | 0 | if(strcasecompare("macdef", tok)) { |
167 | | /* Define a macro. A macro is defined with the specified name; its |
168 | | contents begin with the next .netrc line and continue until a |
169 | | null line (consecutive new-line characters) is encountered. */ |
170 | 0 | state = MACDEF; |
171 | 0 | } |
172 | 0 | else if(strcasecompare("machine", tok)) { |
173 | | /* the next tok is the machine name, this is in itself the |
174 | | delimiter that starts the stuff entered for this machine, |
175 | | after this we need to search for 'login' and |
176 | | 'password'. */ |
177 | 0 | state = HOSTFOUND; |
178 | 0 | } |
179 | 0 | else if(strcasecompare("default", tok)) { |
180 | 0 | state = HOSTVALID; |
181 | 0 | retcode = NETRC_SUCCESS; /* we did find our host */ |
182 | 0 | } |
183 | 0 | break; |
184 | 0 | case MACDEF: |
185 | 0 | if(!strlen(tok)) { |
186 | 0 | state = NOTHING; |
187 | 0 | } |
188 | 0 | break; |
189 | 0 | case HOSTFOUND: |
190 | 0 | if(strcasecompare(host, tok)) { |
191 | | /* and yes, this is our host! */ |
192 | 0 | state = HOSTVALID; |
193 | 0 | retcode = NETRC_SUCCESS; /* we did find our host */ |
194 | 0 | } |
195 | 0 | else |
196 | | /* not our host */ |
197 | 0 | state = NOTHING; |
198 | 0 | break; |
199 | 0 | case HOSTVALID: |
200 | | /* we are now parsing sub-keywords concerning "our" host */ |
201 | 0 | if(state_login) { |
202 | 0 | if(specific_login) { |
203 | 0 | state_our_login = !Curl_timestrcmp(login, tok); |
204 | 0 | } |
205 | 0 | else if(!login || Curl_timestrcmp(login, tok)) { |
206 | 0 | if(login_alloc) { |
207 | 0 | free(login); |
208 | 0 | login_alloc = FALSE; |
209 | 0 | } |
210 | 0 | login = strdup(tok); |
211 | 0 | if(!login) { |
212 | 0 | retcode = NETRC_FAILED; /* allocation failed */ |
213 | 0 | goto out; |
214 | 0 | } |
215 | 0 | login_alloc = TRUE; |
216 | 0 | } |
217 | 0 | state_login = 0; |
218 | 0 | } |
219 | 0 | else if(state_password) { |
220 | 0 | if((state_our_login || !specific_login) |
221 | 0 | && (!password || Curl_timestrcmp(password, tok))) { |
222 | 0 | if(password_alloc) { |
223 | 0 | free(password); |
224 | 0 | password_alloc = FALSE; |
225 | 0 | } |
226 | 0 | password = strdup(tok); |
227 | 0 | if(!password) { |
228 | 0 | retcode = NETRC_FAILED; /* allocation failed */ |
229 | 0 | goto out; |
230 | 0 | } |
231 | 0 | password_alloc = TRUE; |
232 | 0 | } |
233 | 0 | state_password = 0; |
234 | 0 | } |
235 | 0 | else if(strcasecompare("login", tok)) |
236 | 0 | state_login = 1; |
237 | 0 | else if(strcasecompare("password", tok)) |
238 | 0 | state_password = 1; |
239 | 0 | else if(strcasecompare("machine", tok)) { |
240 | | /* ok, there's machine here go => */ |
241 | 0 | state = HOSTFOUND; |
242 | 0 | state_our_login = FALSE; |
243 | 0 | } |
244 | 0 | break; |
245 | 0 | } /* switch (state) */ |
246 | 0 | tok = ++tok_end; |
247 | 0 | } |
248 | 0 | } /* while Curl_get_line() */ |
249 | | |
250 | 0 | out: |
251 | 0 | Curl_dyn_free(&buf); |
252 | 0 | if(!retcode) { |
253 | | /* success */ |
254 | 0 | if(login_alloc) { |
255 | 0 | if(*loginp) |
256 | 0 | free(*loginp); |
257 | 0 | *loginp = login; |
258 | 0 | } |
259 | 0 | if(password_alloc) { |
260 | 0 | if(*passwordp) |
261 | 0 | free(*passwordp); |
262 | 0 | *passwordp = password; |
263 | 0 | } |
264 | 0 | } |
265 | 0 | else { |
266 | 0 | if(login_alloc) |
267 | 0 | free(login); |
268 | 0 | if(password_alloc) |
269 | 0 | free(password); |
270 | 0 | } |
271 | 0 | fclose(file); |
272 | 0 | } |
273 | | |
274 | 0 | return retcode; |
275 | 0 | } |
276 | | |
277 | | /* |
278 | | * @unittest: 1304 |
279 | | * |
280 | | * *loginp and *passwordp MUST be allocated if they aren't NULL when passed |
281 | | * in. |
282 | | */ |
283 | | int Curl_parsenetrc(const char *host, char **loginp, char **passwordp, |
284 | | char *netrcfile) |
285 | 0 | { |
286 | 0 | int retcode = 1; |
287 | 0 | char *filealloc = NULL; |
288 | |
|
289 | 0 | if(!netrcfile) { |
290 | 0 | #if defined(HAVE_GETPWUID_R) && defined(HAVE_GETEUID) |
291 | 0 | char pwbuf[1024]; |
292 | 0 | #endif |
293 | 0 | char *home = NULL; |
294 | 0 | char *homea = curl_getenv("HOME"); /* portable environment reader */ |
295 | 0 | if(homea) { |
296 | 0 | home = homea; |
297 | 0 | #if defined(HAVE_GETPWUID_R) && defined(HAVE_GETEUID) |
298 | 0 | } |
299 | 0 | else { |
300 | 0 | struct passwd pw, *pw_res; |
301 | 0 | if(!getpwuid_r(geteuid(), &pw, pwbuf, sizeof(pwbuf), &pw_res) |
302 | 0 | && pw_res) { |
303 | 0 | home = pw.pw_dir; |
304 | 0 | } |
305 | | #elif defined(HAVE_GETPWUID) && defined(HAVE_GETEUID) |
306 | | } |
307 | | else { |
308 | | struct passwd *pw; |
309 | | pw = getpwuid(geteuid()); |
310 | | if(pw) { |
311 | | home = pw->pw_dir; |
312 | | } |
313 | | #elif defined(_WIN32) |
314 | | } |
315 | | else { |
316 | | homea = curl_getenv("USERPROFILE"); |
317 | | if(homea) { |
318 | | home = homea; |
319 | | } |
320 | | #endif |
321 | 0 | } |
322 | |
|
323 | 0 | if(!home) |
324 | 0 | return retcode; /* no home directory found (or possibly out of |
325 | | memory) */ |
326 | | |
327 | 0 | filealloc = curl_maprintf("%s%s.netrc", home, DIR_CHAR); |
328 | 0 | if(!filealloc) { |
329 | 0 | free(homea); |
330 | 0 | return -1; |
331 | 0 | } |
332 | 0 | retcode = parsenetrc(host, loginp, passwordp, filealloc); |
333 | 0 | free(filealloc); |
334 | | #ifdef _WIN32 |
335 | | if(retcode == NETRC_FILE_MISSING) { |
336 | | /* fallback to the old-style "_netrc" file */ |
337 | | filealloc = curl_maprintf("%s%s_netrc", home, DIR_CHAR); |
338 | | if(!filealloc) { |
339 | | free(homea); |
340 | | return -1; |
341 | | } |
342 | | retcode = parsenetrc(host, loginp, passwordp, filealloc); |
343 | | free(filealloc); |
344 | | } |
345 | | #endif |
346 | 0 | free(homea); |
347 | 0 | } |
348 | 0 | else |
349 | 0 | retcode = parsenetrc(host, loginp, passwordp, netrcfile); |
350 | 0 | return retcode; |
351 | 0 | } |
352 | | |
353 | | #endif |