search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
lib: Add a few required includes
[samba4-gss.git] / source3 / lib / substitute.c
blob40eb15aee04ba6029e75334036ac8ec07fc30b07
1 /*
2 Unix SMB/CIFS implementation.
3 string substitution functions
4 Copyright (C) Andrew Tridgell 1992-2000
5 Copyright (C) Gerald Carter 2006
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21
22 #include "includes.h"
23 #include "substitute.h"
24 #include "system/passwd.h"
25 #include "secrets.h"
26 #include "auth.h"
27 #include "lib/util/string_wrappers.h"
28
29 /* Max DNS name is 253 + '\0' */
30 #define MACHINE_NAME_SIZE 254
31
32 static char local_machine[MACHINE_NAME_SIZE];
33 static char remote_machine[MACHINE_NAME_SIZE];
34
35 userdom_struct current_user_info;
36 static fstring remote_proto="UNKNOWN";
37
38 void set_remote_proto(const char *proto)
39 {
40 fstrcpy(remote_proto, proto);
41 }
42
43 /**
44 * Set the 'local' machine name
45 * @param local_name the name we are being called
46 * @param if this is the 'final' name for us, not be be changed again
47 */
48 bool set_local_machine_name(const char *local_name, bool perm)
49 {
50 static bool already_perm = false;
51 char tmp[MACHINE_NAME_SIZE];
52
53 if (already_perm) {
54 return true;
55 }
56
57 strlcpy(tmp, local_name, sizeof(tmp));
58 trim_char(tmp, ' ', ' ');
59
60 alpha_strcpy(local_machine,
61 tmp,
62 SAFE_NETBIOS_CHARS,
63 sizeof(local_machine) - 1);
64 if (!strlower_m(local_machine)) {
65 return false;
66 }
67
68 already_perm = perm;
69
70 return true;
71 }
72
73 const char *get_local_machine_name(void)
74 {
75 if (local_machine[0] == '\0') {
76 return lp_netbios_name();
77 }
78
79 return local_machine;
80 }
81
82 /**
83 * Set the 'remote' machine name
84 *
85 * @param remote_name the name our client wants to be called by
86 * @param if this is the 'final' name for them, not be be changed again
87 */
88 bool set_remote_machine_name(const char *remote_name, bool perm)
89 {
90 static bool already_perm = False;
91 char tmp[MACHINE_NAME_SIZE];
92
93 if (already_perm) {
94 return true;
95 }
96
97 strlcpy(tmp, remote_name, sizeof(tmp));
98 trim_char(tmp, ' ', ' ');
99
100 alpha_strcpy(remote_machine,
101 tmp,
102 SAFE_NETBIOS_CHARS,
103 sizeof(remote_machine) - 1);
104 if (!strlower_m(remote_machine)) {
105 return false;
106 }
107
108 already_perm = perm;
109
110 return true;
111 }
112
113 const char *get_remote_machine_name(void)
114 {
115 return remote_machine;
116 }
117
118 static char sub_peeraddr[INET6_ADDRSTRLEN];
119 static const char *sub_peername = NULL;
120 static char sub_sockaddr[INET6_ADDRSTRLEN];
121
122 void sub_set_socket_ids(const char *peeraddr, const char *peername,
123 const char *sockaddr)
124 {
125 const char *addr = peeraddr;
126
127 if (strnequal(addr, "::ffff:", 7)) {
128 addr += 7;
129 }
130 strlcpy(sub_peeraddr, addr, sizeof(sub_peeraddr));
131
132 if (sub_peername != NULL &&
133 sub_peername != sub_peeraddr) {
134 talloc_free(discard_const_p(char,sub_peername));
135 sub_peername = NULL;
136 }
137 sub_peername = talloc_strdup(NULL, peername);
138 if (sub_peername == NULL) {
139 sub_peername = sub_peeraddr;
140 }
141
142 /*
143 * Shouldn't we do the ::ffff: cancellation here as well? The
144 * original code in talloc_sub_basic() did not do it, so I'm
145 * leaving it out here as well for compatibility.
146 */
147 strlcpy(sub_sockaddr, sockaddr, sizeof(sub_sockaddr));
148 }
149
150 /*******************************************************************
151 Setup the strings used by substitutions. Called per packet. Ensure
152 %U name is set correctly also.
153
154 smb_name must be sanitized by alpha_strcpy
155 ********************************************************************/
156
157 void set_current_user_info(const char *smb_name, const char *unix_name,
158 const char *domain)
159 {
160 static const void *last_smb_name;
161 static const void *last_unix_name;
162 static const void *last_domain;
163
164 if (likely(last_smb_name == smb_name &&
165 last_unix_name == unix_name &&
166 last_domain == domain))
167 {
168 return;
169 }
170
171 fstrcpy(current_user_info.smb_name, smb_name);
172 fstrcpy(current_user_info.unix_name, unix_name);
173 fstrcpy(current_user_info.domain, domain);
174
175 last_smb_name = smb_name;
176 last_unix_name = unix_name;
177 last_domain = domain;
178 }
179
180 /*******************************************************************
181 Return the current active user name.
182 *******************************************************************/
183
184 const char *get_current_username(void)
185 {
186 return current_user_info.smb_name;
187 }
188
189 const char *get_current_user_info_domain(void)
190 {
191 return current_user_info.domain;
192 }
193
194 /*******************************************************************
195 Given a pointer to a %$(NAME) in p and the whole string in str
196 expand it as an environment variable.
197 str must be a talloced string.
198 Return a new allocated and expanded string.
199 Based on code by Branko Cibej <branko.cibej@hermes.si>
200 When this is called p points at the '%' character.
201 May substitute multiple occurrences of the same env var.
202 ********************************************************************/
203
204 static char *realloc_expand_env_var(char *str, char *p)
205 {
206 char *envname;
207 char *envval;
208 char *q, *r;
209 int copylen;
210
211 if (p[0] != '%' || p[1] != '$' || p[2] != '(') {
212 return str;
213 }
214
215 /*
216 * Look for the terminating ')'.
217 */
218
219 if ((q = strchr_m(p,')')) == NULL) {
220 DEBUG(0,("expand_env_var: Unterminated environment variable [%s]\n", p));
221 return str;
222 }
223
224 /*
225 * Extract the name from within the %$(NAME) string.
226 */
227
228 r = p + 3;
229 copylen = q - r;
230
231 /* reserve space for use later add %$() chars */
232 if ( (envname = talloc_array(talloc_tos(), char, copylen + 1 + 4)) == NULL ) {
233 return NULL;
234 }
235
236 strncpy(envname,r,copylen);
237 envname[copylen] = '\0';
238
239 if ((envval = getenv(envname)) == NULL) {
240 DEBUG(0,("expand_env_var: Environment variable [%s] not set\n", envname));
241 TALLOC_FREE(envname);
242 return str;
243 }
244
245 /*
246 * Copy the full %$(NAME) into envname so it
247 * can be replaced.
248 */
249
250 copylen = q + 1 - p;
251 strncpy(envname,p,copylen);
252 envname[copylen] = '\0';
253 r = realloc_string_sub(str, envname, envval);
254 TALLOC_FREE(envname);
255
256 return r;
257 }
258
259 /****************************************************************************
260 Do some standard substitutions in a string.
261 len is the length in bytes of the space allowed in string str. If zero means
262 don't allow expansions.
263 ****************************************************************************/
264
265 void standard_sub_basic(const char *smb_name, const char *domain_name,
266 char *str, size_t len)
267 {
268 char *s;
269
270 if ( (s = talloc_sub_basic(talloc_tos(), smb_name, domain_name, str )) != NULL ) {
271 strncpy( str, s, len );
272 }
273
274 TALLOC_FREE( s );
275 }
276
277 /*
278 * Limit addresses to hexalpha characters and underscore, safe for path
279 * components for Windows clients.
280 */
281 static void make_address_pathsafe(char *addr)
282 {
283 while(addr && *addr) {
284 if(!isxdigit(*addr)) {
285 *addr = '_';
286 }
287 ++addr;
288 }
289 }
290
291 /****************************************************************************
292 Do some standard substitutions in a string.
293 This function will return a talloced string that has to be freed.
294 ****************************************************************************/
295
296 char *talloc_sub_basic(TALLOC_CTX *mem_ctx,
297 const char *smb_name,
298 const char *domain_name,
299 const char *str)
300 {
301 char *b, *p, *s, *r, *a_string;
302 fstring pidstr, vnnstr;
303 const char *local_machine_name = get_local_machine_name();
304 TALLOC_CTX *tmp_ctx = NULL;
305
306 /* workaround to prevent a crash while looking at bug #687 */
307
308 if (!str) {
309 DEBUG(0,("talloc_sub_basic: NULL source string! This should not happen\n"));
310 return NULL;
311 }
312
313 a_string = talloc_strdup(mem_ctx, str);
314 if (a_string == NULL) {
315 DEBUG(0, ("talloc_sub_basic: Out of memory!\n"));
316 return NULL;
317 }
318
319 tmp_ctx = talloc_stackframe();
320
321 for (s = a_string; (p = strchr_m(s, '%')); s = a_string + (p - b)) {
322
323 r = NULL;
324 b = a_string;
325
326 switch (*(p+1)) {
327 case 'U' :
328 r = strlower_talloc(tmp_ctx, smb_name);
329 if (r == NULL) {
330 goto error;
331 }
332 a_string = realloc_string_sub(a_string, "%U", r);
333 break;
334 case 'G' : {
335 struct passwd *pass;
336 bool is_domain_name = false;
337 const char *sep = lp_winbind_separator();
338
339 if (domain_name != NULL && domain_name[0] != '\0' &&
340 (lp_security() == SEC_ADS ||
341 lp_security() == SEC_DOMAIN)) {
342 r = talloc_asprintf(tmp_ctx,
343 "%s%c%s",
344 domain_name,
345 *sep,
346 smb_name);
347 is_domain_name = true;
348 } else {
349 r = talloc_strdup(tmp_ctx, smb_name);
350 }
351 if (r == NULL) {
352 goto error;
353 }
354
355 pass = Get_Pwnam_alloc(tmp_ctx, r);
356 if (pass != NULL) {
357 char *group_name;
358
359 group_name = gidtoname(pass->pw_gid);
360 if (is_domain_name) {
361 char *group_sep;
362 group_sep = strchr_m(group_name, *sep);
363 if (group_sep != NULL) {
364 group_name = group_sep + 1;
365 }
366 }
367 a_string = realloc_string_sub(a_string,
368 "%G",
369 group_name);
370 }
371 TALLOC_FREE(pass);
372 break;
373 }
374 case 'D' :
375 r = strupper_talloc(tmp_ctx, domain_name);
376 if (r == NULL) {
377 goto error;
378 }
379 a_string = realloc_string_sub(a_string, "%D", r);
380 break;
381 case 'I' : {
382 a_string = realloc_string_sub(
383 a_string, "%I",
384 sub_peeraddr[0] ? sub_peeraddr : "0.0.0.0");
385 break;
386 }
387 case 'J' : {
388 r = talloc_strdup(tmp_ctx,
389 sub_peeraddr[0] ? sub_peeraddr : "0.0.0.0");
390 make_address_pathsafe(r);
391 a_string = realloc_string_sub(a_string, "%J", r);
392 break;
393 }
394 case 'i':
395 a_string = realloc_string_sub(
396 a_string, "%i",
397 sub_sockaddr[0] ? sub_sockaddr : "0.0.0.0");
398 break;
399 case 'j' : {
400 r = talloc_strdup(tmp_ctx,
401 sub_sockaddr[0] ? sub_sockaddr : "0.0.0.0");
402 make_address_pathsafe(r);
403 a_string = realloc_string_sub(a_string, "%j", r);
404 break;
405 }
406 case 'L' :
407 if ( strncasecmp_m(p, "%LOGONSERVER%", strlen("%LOGONSERVER%")) == 0 ) {
408 break;
409 }
410 if (local_machine_name && *local_machine_name) {
411 a_string = realloc_string_sub(a_string, "%L", local_machine_name);
412 } else {
413 a_string = realloc_string_sub(a_string, "%L", lp_netbios_name());
414 }
415 break;
416 case 'N' :
417 a_string = realloc_string_sub(a_string,
418 "%N",
419 lp_netbios_name());
420 break;
421 case 'M' :
422 a_string = realloc_string_sub(a_string, "%M",
423 sub_peername ? sub_peername : "");
424 break;
425 case 'R' :
426 a_string = realloc_string_sub(a_string, "%R", remote_proto);
427 break;
428 case 'T' :
429 a_string = realloc_string_sub(a_string, "%T", current_timestring(tmp_ctx, False));
430 break;
431 case 't' :
432 a_string = realloc_string_sub(a_string, "%t",
433 current_minimal_timestring(tmp_ctx, False));
434 break;
435 case 'a' :
436 a_string = realloc_string_sub(a_string, "%a",
437 get_remote_arch_str());
438 break;
439 case 'd' :
440 slprintf(pidstr,sizeof(pidstr)-1, "%d",(int)getpid());
441 a_string = realloc_string_sub(a_string, "%d", pidstr);
442 break;
443 case 'h' :
444 a_string = realloc_string_sub(a_string, "%h", myhostname());
445 break;
446 case 'm' :
447 a_string = realloc_string_sub(a_string, "%m",
448 remote_machine);
449 break;
450 case 'v' :
451 a_string = realloc_string_sub(a_string, "%v", samba_version_string());
452 break;
453 case 'w' :
454 a_string = realloc_string_sub(a_string, "%w", lp_winbind_separator());
455 break;
456 case '$' :
457 a_string = realloc_expand_env_var(a_string, p); /* Expand environment variables */
458 break;
459 case 'V' :
460 slprintf(vnnstr,sizeof(vnnstr)-1, "%u", get_my_vnn());
461 a_string = realloc_string_sub(a_string, "%V", vnnstr);
462 break;
463 default:
464 break;
465 }
466
467 p++;
468 TALLOC_FREE(r);
469
470 if (a_string == NULL) {
471 goto done;
472 }
473 }
474
475 goto done;
476
477 error:
478 TALLOC_FREE(a_string);
479
480 done:
481 TALLOC_FREE(tmp_ctx);
482 return a_string;
483 }
484
485 /****************************************************************************
486 Do some specific substitutions in a string.
487 This function will return an allocated string that have to be freed.
488 ****************************************************************************/
489
490 char *talloc_sub_specified(TALLOC_CTX *mem_ctx,
491 const char *input_string,
492 const char *username,
493 const char *grpname,
494 const char *domain,
495 uid_t uid,
496 gid_t gid)
497 {
498 char *a_string;
499 char *ret_string = NULL;
500 char *b, *p, *s;
501 TALLOC_CTX *tmp_ctx;
502
503 if (!(tmp_ctx = talloc_new(mem_ctx))) {
504 DEBUG(0, ("talloc_new failed\n"));
505 return NULL;
506 }
507
508 a_string = talloc_strdup(tmp_ctx, input_string);
509 if (a_string == NULL) {
510 DEBUG(0, ("talloc_sub_specified: Out of memory!\n"));
511 goto done;
512 }
513
514 for (s = a_string; (p = strchr_m(s, '%')); s = a_string + (p - b)) {
515
516 b = a_string;
517
518 switch (*(p+1)) {
519 case 'U' :
520 a_string = talloc_string_sub(
521 tmp_ctx, a_string, "%U", username);
522 break;
523 case 'u' :
524 a_string = talloc_string_sub(
525 tmp_ctx, a_string, "%u", username);
526 break;
527 case 'G' :
528 if (gid != -1) {
529 const char *name;
530
531 if (grpname != NULL) {
532 name = grpname;
533 } else {
534 name = gidtoname(gid);
535 }
536
537 a_string = talloc_string_sub(tmp_ctx,
538 a_string,
539 "%G",
540 name);
541 } else {
542 a_string = talloc_string_sub(
543 tmp_ctx, a_string,
544 "%G", "NO_GROUP");
545 }
546 break;
547 case 'g' :
548 if (gid != -1) {
549 const char *name;
550
551 if (grpname != NULL) {
552 name = grpname;
553 } else {
554 name = gidtoname(gid);
555 }
556
557 a_string = talloc_string_sub(tmp_ctx,
558 a_string,
559 "%g",
560 name);
561 } else {
562 a_string = talloc_string_sub(
563 tmp_ctx, a_string, "%g", "NO_GROUP");
564 }
565 break;
566 case 'D' :
567 a_string = talloc_string_sub(tmp_ctx, a_string,
568 "%D", domain);
569 break;
570 case 'N' :
571 a_string = talloc_string_sub(tmp_ctx, a_string,
572 "%N", lp_netbios_name());
573 break;
574 default:
575 break;
576 }
577
578 p++;
579 if (a_string == NULL) {
580 goto done;
581 }
582 }
583
584 /* Watch out, using "mem_ctx" here, so all intermediate stuff goes
585 * away with the TALLOC_FREE(tmp_ctx) further down. */
586
587 ret_string = talloc_sub_basic(mem_ctx, username, domain, a_string);
588
589 done:
590 TALLOC_FREE(tmp_ctx);
591 return ret_string;
592 }
593
594 /****************************************************************************
595 ****************************************************************************/
596
597 char *talloc_sub_advanced(TALLOC_CTX *ctx,
598 const char *servicename,
599 const char *user,
600 const char *connectpath,
601 gid_t gid,
602 const char *str)
603 {
604 char *a_string;
605 char *b, *p, *s;
606
607 a_string = talloc_strdup(talloc_tos(), str);
608 if (a_string == NULL) {
609 DEBUG(0, ("talloc_sub_advanced_only: Out of memory!\n"));
610 return NULL;
611 }
612
613 for (s = a_string; (p = strchr_m(s, '%')); s = a_string + (p - b)) {
614
615 b = a_string;
616
617 switch (*(p+1)) {
618 case 'N':
619 a_string = realloc_string_sub(a_string,
620 "%N",
621 lp_netbios_name());
622 break;
623 case 'H': {
624 char *h;
625 if ((h = get_user_home_dir(talloc_tos(), user)))
626 a_string = realloc_string_sub(a_string, "%H", h);
627 TALLOC_FREE(h);
628 break;
629 }
630 case 'P':
631 a_string = realloc_string_sub(a_string, "%P", connectpath);
632 break;
633 case 'S':
634 a_string = realloc_string_sub(a_string, "%S", servicename);
635 break;
636 case 'g':
637 a_string = realloc_string_sub(a_string, "%g", gidtoname(gid));
638 break;
639 case 'u':
640 a_string = realloc_string_sub(a_string, "%u", user);
641 break;
642 default:
643 break;
644 }
645
646 p++;
647 if (a_string == NULL) {
648 return NULL;
649 }
650 }
651
652 return a_string;
653 }
654
655 char *talloc_sub_full(TALLOC_CTX *ctx,
656 const char *servicename,
657 const char *user,
658 const char *connectpath,
659 gid_t gid,
660 const char *smb_name,
661 const char *domain_name,
662 const char *str)
663 {
664 char *a_string, *ret_string;
665
666 a_string = talloc_sub_advanced(ctx, servicename, user, connectpath,
667 gid, str);
668 if (a_string == NULL) {
669 return NULL;
670 }
671
672 ret_string = talloc_sub_basic(ctx, smb_name, domain_name, a_string);
673 TALLOC_FREE(a_string);
674 return ret_string;
675 }
GSS-enabled samba4