X-Git-Url: https://diplodocus.org/git/nmh/blobdiff_plain/90edb255effd0d29d94e662ca5bf3e9eda7ed122..c02f66668d32980a3770e450061c5b96b9f31690:/sbr/ruserpass.c diff --git a/sbr/ruserpass.c b/sbr/ruserpass.c index 610f32a5..1d946fa2 100644 --- a/sbr/ruserpass.c +++ b/sbr/ruserpass.c @@ -26,6 +26,7 @@ static FILE *cfile; +#define TOK_EOF 0 #define DEFAULT 1 #define LOGIN 2 #define PASSWD 3 @@ -34,7 +35,7 @@ static FILE *cfile; #define ID 10 #define MACH 11 -#define MAX_TOKVAL_SIZE 1024 +#define MAX_TOKVAL_SIZE 1024 /* Including terminating NUL. */ struct toktab { char *tokstr; @@ -42,6 +43,7 @@ struct toktab { }; static struct toktab toktabs[] = { + { "", TOK_EOF }, { "default", DEFAULT }, { "login", LOGIN }, { "password", PASSWD }, @@ -105,8 +107,8 @@ ruserpass(const char *host, char **aname, char **apass, int flags) (stb.st_mode & 077) != 0) { /* We make this a fatal error to force the user to correct it. */ - advise(NULL, "Error - file %s must not be world or " - "group readable.", credentials_file); + advise(NULL, "group or other permissions, %#o, " + "forbidden: %s", stb.st_mode, credentials_file); adios(NULL, "Remove password or correct file " "permissions."); } @@ -145,7 +147,7 @@ ruserpass(const char *host, char **aname, char **apass, int flags) } printf("Name (%s:%s): ", host, myname); - if (fgets(tmp, sizeof(tmp) - 1, stdin) == NULL) { + if (fgets(tmp, sizeof tmp, stdin) == NULL) { advise ("tmp", "fgets"); } TrimSuffixC(tmp, '\n'); @@ -175,46 +177,47 @@ ruserpass(const char *host, char **aname, char **apass, int flags) static int token(char *tokval) { - char *cp; int c; + const char normalStop[] = "\t\n ,"; /* Each breaks a word. */ + const char *stop; + char *cp; struct toktab *t; - if (feof(cfile)) - return (0); - while ((c = getc(cfile)) != EOF && - (c == '\n' || c == '\t' || c == ' ' || c == ',')) - continue; + if (feof(cfile) || ferror(cfile)) + return TOK_EOF; + + stop = normalStop; + while ((c = getc(cfile)) != EOF && c && strchr(stop, c)) + ; if (c == EOF) - return (0); + return TOK_EOF; + cp = tokval; - if (c == '"') { - while ((c = getc(cfile)) != EOF && c != '"') { - if (c == '\\') - c = getc(cfile); - *cp++ = c; - if (cp - tokval > MAX_TOKVAL_SIZE-1) { - adios(NULL, "credential tokens restricted to length %d", - MAX_TOKVAL_SIZE - 1); - } - } - } else { - *cp++ = c; - while ((c = getc(cfile)) != EOF - && c != '\n' && c != '\t' && c != ' ' && c != ',') { - if (c == '\\') - c = getc(cfile); - *cp++ = c; - if (cp - tokval > MAX_TOKVAL_SIZE-1) { - adios(NULL, "credential tokens restricted to length %d", - MAX_TOKVAL_SIZE - 1); - } - } + if (c == '"') + /* FIXME: Where is the quoted-string syntax of netrc documented? + * This code treats «"foo""bar"» as two tokens without further + * separators. */ + stop = "\""; + else + /* Might be backslash. Get it again later. It's handled then. */ + if (ungetc(c, cfile) == EOF) + return TOK_EOF; + + while ((c = getc(cfile)) != EOF && c && !strchr(stop, c)) { + if (c == '\\' && (c = getc(cfile)) == EOF) + return TOK_EOF; /* Discard whole token. */ + + *cp++ = c; + if (cp - tokval > MAX_TOKVAL_SIZE-1) { + adios(NULL, "credential tokens restricted to length %d", + MAX_TOKVAL_SIZE - 1); + } } - *cp = 0; - if (tokval[0] == 0) - return (0); + *cp = '\0'; + for (t = toktabs; t->tokstr; t++) if (!strcmp(t->tokstr, tokval)) return (t->tval); + return (ID); }