From c3bd400fa209422cb0dfedde5b7d5aeb8bdd229d Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Wed, 16 Apr 2025 10:08:23 -0400 Subject: [PATCH] base: heim_config_parse_file_multi fix plist config parsing 4c34168b01913d592fb304903b2fd75d9d65644e ("base: Fix use of HEIM_USE_PATH_TOKENS") relocated the expansion of path tokens within heim_config_parse_file_multi() so it is only performed for non-plist files. However, parse_plist_config() does not understand tokens and will treat them as path components. As a result, plist paths such as %{USERCONFIG}/Library/Preferences/com.apple.Kerberos.plist will not be expanded. If parse_plist_config() fails with ENOENT, then the plist configuration will be skipped and krb5_init_context() will succeed. However, if the current working directory is invalid, then parse_plist_config() would return ENOMEM which is a fatal error and krb5_init_context() would fail. For example, on macOS, if the cwd is in /afs and the user's tokens have expired: user@MacBookAir user % ~/src/heimdal/kuser/heimtools klist shell-init: error retrieving current directory: getcwd: cannot access parent directories: Permission denied chdir: error retrieving current directory: getcwd: cannot access parent directories: Permission denied heimtools: krb5_init_context failed: 12 With this change %{USERCONFIG} is expanded and parse_plist_config() is called with an absolute path. Even though the specified file is inaccessible, the krb5_init_context() call succeeds. --- lib/base/config_file.c | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/lib/base/config_file.c b/lib/base/config_file.c index e23c3391f..7ea7a99ca 100644 --- a/lib/base/config_file.c +++ b/lib/base/config_file.c @@ -576,6 +576,7 @@ heim_config_parse_file_multi(heim_context context, { const char *str; char *newfname = NULL; + char *exp_fname = NULL; unsigned lineno = 0; heim_error_code ret = 0; struct fileptr f; @@ -608,6 +609,19 @@ heim_config_parse_file_multi(heim_context context, fname = newfname; } + /* + * Note that heim_config_parse_dir_multi() doesn't want tokens + * expanded here, but it happens to limit the names of files to + * include such that there can be no tokens to expand. Don't + * add token expansion for tokens using _, say. + */ + ret = heim_expand_path_tokens(context, fname, 1, &exp_fname, NULL); + if (ret) + goto out; + free(newfname); + fname = newfname = exp_fname; + + if (is_plist_file(fname)) { #if defined(HAVE_FRAMEWORK_COREFOUNDATION) ret = parse_plist_config(context, fname, res); @@ -623,20 +637,6 @@ heim_config_parse_file_multi(heim_context context, goto out; #endif } else { - char *exp_fname = NULL; - - /* - * Note that heim_config_parse_dir_multi() doesn't want tokens - * expanded here, but it happens to limit the names of files to - * include such that there can be no tokens to expand. Don't - * add token expansion for tokens using _, say. - */ - ret = heim_expand_path_tokens(context, fname, 1, &exp_fname, NULL); - if (ret) - goto out; - free(newfname); - fname = newfname = exp_fname; - f.context = context; f.f = fopen(fname, "r"); f.s = NULL;