expand_path.c
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* lib/krb5/os/expand_path.c - Parameterized path expansion facility */
/*
* Copyright (c) 2009, Secure Endpoints Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* - Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* - Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "k5-int.h"
#include "os-proto.h"
typedef int PTYPE;
#ifdef _WIN32
#include <shlobj.h>
#include <sddl.h>
/*
* Expand a %{TEMP} token
*
* The %{TEMP} token expands to the temporary path for the current
* user as returned by GetTempPath().
*
* @note: Since the GetTempPath() function relies on the TMP or TEMP
* environment variables, this function will failover to the system
* temporary directory until the user profile is loaded. In addition,
* the returned path may or may not exist.
*/
static krb5_error_code
expand_temp_folder(krb5_context context, PTYPE param, const char *postfix,
char **ret)
{
TCHAR tpath[MAX_PATH];
size_t len;
if (!GetTempPath(sizeof(tpath) / sizeof(tpath[0]), tpath)) {
k5_setmsg(context, EINVAL, "Failed to get temporary path (GLE=%d)",
GetLastError());
return EINVAL;
}
len = strlen(tpath);
if (len > 0 && tpath[len - 1] == '\\')
tpath[len - 1] = '\0';
*ret = strdup(tpath);
if (*ret == NULL)
return ENOMEM;
return 0;
}
/*
* Expand a %{BINDIR} token
*
* This is also used to expand a few other tokens on Windows, since
* most of the executable binaries end up in the same directory. The
* "bin" directory is considered to be the directory in which the
* krb5.dll is located.
*/
static krb5_error_code
expand_bin_dir(krb5_context context, PTYPE param, const char *postfix,
char **ret)
{
TCHAR path[MAX_PATH];
TCHAR *lastSlash;
DWORD nc;
nc = GetModuleFileName(get_lib_instance(), path,
sizeof(path) / sizeof(path[0]));
if (nc == 0 ||
nc == sizeof(path) / sizeof(path[0])) {
return EINVAL;
}
lastSlash = strrchr(path, '\\');
if (lastSlash != NULL) {
TCHAR *fslash = strrchr(lastSlash, '/');
if (fslash != NULL)
lastSlash = fslash;
*lastSlash = '\0';
}
if (postfix) {
if (strlcat(path, postfix, sizeof(path) / sizeof(path[0])) >=
sizeof(path) / sizeof(path[0]))
return EINVAL;
}
*ret = strdup(path);
if (*ret == NULL)
return ENOMEM;
return 0;
}
/*
* Expand a %{USERID} token
*
* The %{USERID} token expands to the string representation of the
* user's SID. The user account that will be used is the account
* corresponding to the current thread's security token. This means
* that:
*
* - If the current thread token has the anonymous impersonation
* level, the call will fail.
*
* - If the current thread is impersonating a token at
* SecurityIdentification level the call will fail.
*
*/
static krb5_error_code
expand_userid(krb5_context context, PTYPE param, const char *postfix,
char **ret)
{
int rv = EINVAL;
HANDLE hThread = NULL;
HANDLE hToken = NULL;
PTOKEN_OWNER pOwner = NULL;
DWORD len = 0;
LPTSTR strSid = NULL;
hThread = GetCurrentThread();
if (!OpenThreadToken(hThread, TOKEN_QUERY,
FALSE, /* Open the thread token as the
current thread user. */
&hToken)) {
DWORD le = GetLastError();
if (le == ERROR_NO_TOKEN) {
HANDLE hProcess = GetCurrentProcess();
le = 0;
if (!OpenProcessToken(hProcess, TOKEN_QUERY, &hToken))
le = GetLastError();
}
if (le != 0) {
k5_setmsg(context, rv, "Can't open thread token (GLE=%d)", le);
goto cleanup;
}
}
if (!GetTokenInformation(hToken, TokenOwner, NULL, 0, &len)) {
if (GetLastError() != ERROR_INSUFFICIENT_BUFFER) {
k5_setmsg(context, rv,
"Unexpected error reading token information (GLE=%d)",
GetLastError());
goto cleanup;
}
if (len == 0) {
k5_setmsg(context, rv,
"GetTokenInformation() returned truncated buffer");
goto cleanup;
}
pOwner = malloc(len);
if (pOwner == NULL) {
rv = ENOMEM;
goto cleanup;
}
} else {
k5_setmsg(context, rv,
"GetTokenInformation() returned truncated buffer");
goto cleanup;
}
if (!GetTokenInformation(hToken, TokenOwner, pOwner, len, &len)) {
k5_setmsg(context, rv,
"GetTokenInformation() failed. GLE=%d", GetLastError());
goto cleanup;
}
if (!ConvertSidToStringSid(pOwner->Owner, &strSid)) {
k5_setmsg(context, rv,
"Can't convert SID to string. GLE=%d", GetLastError());
goto cleanup;
}
*ret = strdup(strSid);
if (*ret == NULL) {
rv = ENOMEM;
goto cleanup;
}
rv = 0;
cleanup:
if (hToken != NULL)
CloseHandle(hToken);
if (pOwner != NULL)
free(pOwner);
if (strSid != NULL)
LocalFree(strSid);
return rv;
}
/*
* Expand a folder identified by a CSIDL
*/
static krb5_error_code
expand_csidl(krb5_context context, PTYPE folder, const char *postfix,
char **ret)
{
TCHAR path[MAX_PATH];
size_t len;
if (SHGetFolderPath(NULL, folder, NULL, SHGFP_TYPE_CURRENT,
path) != S_OK) {
k5_setmsg(context, EINVAL, "Unable to determine folder path");
return EINVAL;
}
len = strlen(path);
if (len > 0 && path[len - 1] == '\\')
path[len - 1] = '\0';
if (postfix &&
strlcat(path, postfix, sizeof(path) / sizeof(path[0])) >=
sizeof(path)/sizeof(path[0]))
return ENOMEM;
*ret = strdup(path);
if (*ret == NULL)
return ENOMEM;
return 0;
}
#else /* not _WIN32 */
#include <pwd.h>
static krb5_error_code
expand_path(krb5_context context, PTYPE param, const char *postfix, char **ret)
{
*ret = strdup(postfix);
if (*ret == NULL)
return ENOMEM;
return 0;
}
static krb5_error_code
expand_temp_folder(krb5_context context, PTYPE param, const char *postfix,
char **ret)
{
const char *p = NULL;
if (context == NULL || !context->profile_secure)
p = secure_getenv("TMPDIR");
*ret = strdup((p != NULL) ? p : "/tmp");
if (*ret == NULL)
return ENOMEM;
return 0;
}
static krb5_error_code
expand_userid(krb5_context context, PTYPE param, const char *postfix,
char **str)
{
if (asprintf(str, "%lu", (unsigned long)getuid()) < 0)
return ENOMEM;
return 0;
}
static krb5_error_code
expand_euid(krb5_context context, PTYPE param, const char *postfix, char **str)
{
if (asprintf(str, "%lu", (unsigned long)geteuid()) < 0)
return ENOMEM;
return 0;
}
static krb5_error_code
expand_username(krb5_context context, PTYPE param, const char *postfix,
char **str)
{
uid_t euid = geteuid();
struct passwd *pw, pwx;
char pwbuf[BUFSIZ];
if (k5_getpwuid_r(euid, &pwx, pwbuf, sizeof(pwbuf), &pw) != 0) {
k5_setmsg(context, ENOENT, _("Can't find username for uid %lu"),
(unsigned long)euid);
return ENOENT;
}
*str = strdup(pw->pw_name);
if (*str == NULL)
return ENOMEM;
return 0;
}
#endif /* not _WIN32 */
/*
* Expand an extra token
*/
static krb5_error_code
expand_extra_token(krb5_context context, const char *value, char **ret)
{
*ret = strdup(value);
if (*ret == NULL)
return ENOMEM;
return 0;
}
/*
* Expand a %{null} token
*
* The expansion of a %{null} token is always the empty string.
*/
static krb5_error_code
expand_null(krb5_context context, PTYPE param, const char *postfix, char **ret)
{
*ret = strdup("");
if (*ret == NULL)
return ENOMEM;
return 0;
}
static const struct {
const char *tok;
PTYPE param;
const char *postfix;
int (*exp_func)(krb5_context, PTYPE, const char *, char **);
} tokens[] = {
#ifdef _WIN32
/* Roaming application data (for current user) */
{"APPDATA", CSIDL_APPDATA, NULL, expand_csidl},
/* Application data (all users) */
{"COMMON_APPDATA", CSIDL_COMMON_APPDATA, NULL, expand_csidl},
/* Local application data (for current user) */
{"LOCAL_APPDATA", CSIDL_LOCAL_APPDATA, NULL, expand_csidl},
/* Windows System folder (e.g. %WINDIR%\System32) */
{"SYSTEM", CSIDL_SYSTEM, NULL, expand_csidl},
/* Windows folder */
{"WINDOWS", CSIDL_WINDOWS, NULL, expand_csidl},
/* Per user MIT krb5 configuration file directory */
{"USERCONFIG", CSIDL_APPDATA, "\\MIT\\Kerberos5",
expand_csidl},
/* Common MIT krb5 configuration file directory */
{"COMMONCONFIG", CSIDL_COMMON_APPDATA, "\\MIT\\Kerberos5",
expand_csidl},
{"LIBDIR", 0, NULL, expand_bin_dir},
{"BINDIR", 0, NULL, expand_bin_dir},
{"SBINDIR", 0, NULL, expand_bin_dir},
{"euid", 0, NULL, expand_userid},
#else
{"LIBDIR", 0, LIBDIR, expand_path},
{"BINDIR", 0, BINDIR, expand_path},
{"SBINDIR", 0, SBINDIR, expand_path},
{"euid", 0, NULL, expand_euid},
{"username", 0, NULL, expand_username},
#endif
{"TEMP", 0, NULL, expand_temp_folder},
{"USERID", 0, NULL, expand_userid},
{"uid", 0, NULL, expand_userid},
{"null", 0, NULL, expand_null}
};
static krb5_error_code
expand_token(krb5_context context, const char *token, const char *token_end,
char **extra_tokens, char **ret)
{
size_t i;
char **p;
*ret = NULL;
if (token[0] != '%' || token[1] != '{' || token_end[0] != '}' ||
token_end - token <= 2) {
k5_setmsg(context, EINVAL, _("Invalid token"));
return EINVAL;
}
for (p = extra_tokens; p != NULL && *p != NULL; p += 2) {
if (strncmp(token + 2, *p, (token_end - token) - 2) == 0)
return expand_extra_token(context, p[1], ret);
}
for (i = 0; i < sizeof(tokens) / sizeof(tokens[0]); i++) {
if (!strncmp(token + 2, tokens[i].tok, (token_end - token) - 2)) {
return tokens[i].exp_func(context, tokens[i].param,
tokens[i].postfix, ret);
}
}
k5_setmsg(context, EINVAL, _("Invalid token"));
return EINVAL;
}
/*
* Expand tokens in path_in to produce *path_out. The caller should free
* *path_out with free().
*/
krb5_error_code
k5_expand_path_tokens(krb5_context context, const char *path_in,
char **path_out)
{
return k5_expand_path_tokens_extra(context, path_in, path_out, NULL);
}
static void
free_extra_tokens(char **extra_tokens)
{
char **p;
for (p = extra_tokens; p != NULL && *p != NULL; p++)
free(*p);
free(extra_tokens);
}
/*
* Expand tokens in path_in to produce *path_out. Arguments after path_out are
* pairs of extra token names and replacement values, terminated by a NULL.
* The caller should free *path_out with free().
*/
krb5_error_code
k5_expand_path_tokens_extra(krb5_context context, const char *path_in,
char **path_out, ...)
{
krb5_error_code ret;
struct k5buf buf;
char *tok_begin, *tok_end, *tok_val, **extra_tokens = NULL, *path;
const char *path_left;
size_t nargs = 0, i;
va_list ap;
*path_out = NULL;
k5_buf_init_dynamic(&buf);
/* Count extra tokens. */
va_start(ap, path_out);
while (va_arg(ap, const char *) != NULL)
nargs++;
va_end(ap);
if (nargs % 2 != 0)
return EINVAL;
/* Get extra tokens. */
if (nargs > 0) {
extra_tokens = k5calloc(nargs + 1, sizeof(char *), &ret);
if (extra_tokens == NULL)
goto cleanup;
va_start(ap, path_out);
for (i = 0; i < nargs; i++) {
extra_tokens[i] = strdup(va_arg(ap, const char *));
if (extra_tokens[i] == NULL) {
ret = ENOMEM;
va_end(ap);
goto cleanup;
}
}
va_end(ap);
}
path_left = path_in;
while (TRUE) {
/* Find the next token in path_left and add the literal text up to it.
* If there are no more tokens, we can finish up. */
tok_begin = strstr(path_left, "%{");
if (tok_begin == NULL) {
k5_buf_add(&buf, path_left);
break;
}
k5_buf_add_len(&buf, path_left, tok_begin - path_left);
/* Find the end of this token. */
tok_end = strchr(tok_begin, '}');
if (tok_end == NULL) {
ret = EINVAL;
k5_setmsg(context, ret, _("variable missing }"));
goto cleanup;
}
/* Expand this token and add its value. */
ret = expand_token(context, tok_begin, tok_end, extra_tokens,
&tok_val);
if (ret)
goto cleanup;
k5_buf_add(&buf, tok_val);
free(tok_val);
path_left = tok_end + 1;
}
path = k5_buf_cstring(&buf);
if (path == NULL) {
ret = ENOMEM;
goto cleanup;
}
#ifdef _WIN32
/* Also deal with slashes. */
{
char *p;
for (p = path; *p != '\0'; p++) {
if (*p == '/')
*p = '\\';
}
}
#endif
*path_out = path;
memset(&buf, 0, sizeof(buf));
ret = 0;
cleanup:
k5_buf_free(&buf);
free_extra_tokens(extra_tokens);
return ret;
}
