search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
2.5-18.1
[glibc.git] / nis / nss_compat / compat-pwd.c
blobac132046dae9e2ef63da1d1a3ed630c816ee31fa
1 /* Copyright (C) 1996-1999,2001-2005,2006 Free Software Foundation, Inc.
2 This file is part of the GNU C Library.
3 Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1996.
4
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
9
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
14
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, write to the Free
17 Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
18 02111-1307 USA. */
19
20 #include <ctype.h>
21 #include <errno.h>
22 #include <fcntl.h>
23 #include <netdb.h>
24 #include <nss.h>
25 #include <nsswitch.h>
26 #include <pwd.h>
27 #include <stdio_ext.h>
28 #include <string.h>
29 #include <rpc/types.h>
30 #include <rpcsvc/ypclnt.h>
31 #include <bits/libc-lock.h>
32
33 #include "netgroup.h"
34
35 static service_user *ni;
36 static enum nss_status (*nss_setpwent) (int stayopen);
37 static enum nss_status (*nss_getpwnam_r) (const char *name,
38 struct passwd * pwd, char *buffer,
39 size_t buflen, int *errnop);
40 static enum nss_status (*nss_getpwuid_r) (uid_t uid, struct passwd * pwd,
41 char *buffer, size_t buflen,
42 int *errnop);
43 static enum nss_status (*nss_getpwent_r) (struct passwd * pwd, char *buffer,
44 size_t buflen, int *errnop);
45 static enum nss_status (*nss_endpwent) (void);
46
47 /* Get the declaration of the parser function. */
48 #define ENTNAME pwent
49 #define STRUCTURE passwd
50 #define EXTERN_PARSER
51 #include <nss/nss_files/files-parse.c>
52
53 /* Structure for remembering -@netgroup and -user members ... */
54 #define BLACKLIST_INITIAL_SIZE 512
55 #define BLACKLIST_INCREMENT 256
56 struct blacklist_t
57 {
58 char *data;
59 int current;
60 int size;
61 };
62
63 struct ent_t
64 {
65 bool netgroup;
66 bool first;
67 bool files;
68 enum nss_status setent_status;
69 FILE *stream;
70 struct blacklist_t blacklist;
71 struct passwd pwd;
72 struct __netgrent netgrdata;
73 };
74 typedef struct ent_t ent_t;
75
76 static ent_t ext_ent = { false, false, true, NSS_STATUS_SUCCESS, NULL,
77 { NULL, 0, 0 },
78 { NULL, NULL, 0, 0, NULL, NULL, NULL }};
79
80 /* Protect global state against multiple changers. */
81 __libc_lock_define_initialized (static, lock)
82
83 /* Prototypes for local functions. */
84 static void blacklist_store_name (const char *, ent_t *);
85 static int in_blacklist (const char *, int, ent_t *);
86
87 /* Initialize the NSS interface/functions. The calling function must
88 hold the lock. */
89 static void
90 init_nss_interface (void)
91 {
92 if (__nss_database_lookup ("passwd_compat", NULL, "nis", &ni) >= 0)
93 {
94 nss_setpwent = __nss_lookup_function (ni, "setpwent");
95 nss_getpwnam_r = __nss_lookup_function (ni, "getpwnam_r");
96 nss_getpwuid_r = __nss_lookup_function (ni, "getpwuid_r");
97 nss_getpwent_r = __nss_lookup_function (ni, "getpwent_r");
98 nss_endpwent = __nss_lookup_function (ni, "endpwent");
99 }
100 }
101
102 static void
103 give_pwd_free (struct passwd *pwd)
104 {
105 if (pwd->pw_name != NULL)
106 free (pwd->pw_name);
107 if (pwd->pw_passwd != NULL)
108 free (pwd->pw_passwd);
109 if (pwd->pw_gecos != NULL)
110 free (pwd->pw_gecos);
111 if (pwd->pw_dir != NULL)
112 free (pwd->pw_dir);
113 if (pwd->pw_shell != NULL)
114 free (pwd->pw_shell);
115
116 memset (pwd, '\0', sizeof (struct passwd));
117 }
118
119 static size_t
120 pwd_need_buflen (struct passwd *pwd)
121 {
122 size_t len = 0;
123
124 if (pwd->pw_passwd != NULL)
125 len += strlen (pwd->pw_passwd) + 1;
126
127 if (pwd->pw_gecos != NULL)
128 len += strlen (pwd->pw_gecos) + 1;
129
130 if (pwd->pw_dir != NULL)
131 len += strlen (pwd->pw_dir) + 1;
132
133 if (pwd->pw_shell != NULL)
134 len += strlen (pwd->pw_shell) + 1;
135
136 return len;
137 }
138
139 static void
140 copy_pwd_changes (struct passwd *dest, struct passwd *src,
141 char *buffer, size_t buflen)
142 {
143 if (src->pw_passwd != NULL && strlen (src->pw_passwd))
144 {
145 if (buffer == NULL)
146 dest->pw_passwd = strdup (src->pw_passwd);
147 else if (dest->pw_passwd &&
148 strlen (dest->pw_passwd) >= strlen (src->pw_passwd))
149 strcpy (dest->pw_passwd, src->pw_passwd);
150 else
151 {
152 dest->pw_passwd = buffer;
153 strcpy (dest->pw_passwd, src->pw_passwd);
154 buffer += strlen (dest->pw_passwd) + 1;
155 buflen = buflen - (strlen (dest->pw_passwd) + 1);
156 }
157 }
158
159 if (src->pw_gecos != NULL && strlen (src->pw_gecos))
160 {
161 if (buffer == NULL)
162 dest->pw_gecos = strdup (src->pw_gecos);
163 else if (dest->pw_gecos &&
164 strlen (dest->pw_gecos) >= strlen (src->pw_gecos))
165 strcpy (dest->pw_gecos, src->pw_gecos);
166 else
167 {
168 dest->pw_gecos = buffer;
169 strcpy (dest->pw_gecos, src->pw_gecos);
170 buffer += strlen (dest->pw_gecos) + 1;
171 buflen = buflen - (strlen (dest->pw_gecos) + 1);
172 }
173 }
174 if (src->pw_dir != NULL && strlen (src->pw_dir))
175 {
176 if (buffer == NULL)
177 dest->pw_dir = strdup (src->pw_dir);
178 else if (dest->pw_dir && strlen (dest->pw_dir) >= strlen (src->pw_dir))
179 strcpy (dest->pw_dir, src->pw_dir);
180 else
181 {
182 dest->pw_dir = buffer;
183 strcpy (dest->pw_dir, src->pw_dir);
184 buffer += strlen (dest->pw_dir) + 1;
185 buflen = buflen - (strlen (dest->pw_dir) + 1);
186 }
187 }
188
189 if (src->pw_shell != NULL && strlen (src->pw_shell))
190 {
191 if (buffer == NULL)
192 dest->pw_shell = strdup (src->pw_shell);
193 else if (dest->pw_shell &&
194 strlen (dest->pw_shell) >= strlen (src->pw_shell))
195 strcpy (dest->pw_shell, src->pw_shell);
196 else
197 {
198 dest->pw_shell = buffer;
199 strcpy (dest->pw_shell, src->pw_shell);
200 buffer += strlen (dest->pw_shell) + 1;
201 buflen = buflen - (strlen (dest->pw_shell) + 1);
202 }
203 }
204 }
205
206 static enum nss_status
207 internal_setpwent (ent_t *ent, int stayopen, int needent)
208 {
209 enum nss_status status = NSS_STATUS_SUCCESS;
210
211 ent->first = ent->netgroup = false;
212 ent->files = true;
213 ent->setent_status = NSS_STATUS_SUCCESS;
214
215 /* If something was left over free it. */
216 if (ent->netgroup)
217 __internal_endnetgrent (&ent->netgrdata);
218
219 if (ent->blacklist.data != NULL)
220 {
221 ent->blacklist.current = 1;
222 ent->blacklist.data[0] = '|';
223 ent->blacklist.data[1] = '\0';
224 }
225 else
226 ent->blacklist.current = 0;
227
228 if (ent->stream == NULL)
229 {
230 ent->stream = fopen ("/etc/passwd", "rm");
231
232 if (ent->stream == NULL)
233 status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL;
234 else
235 {
236 /* We have to make sure the file is `closed on exec'. */
237 int result, flags;
238
239 result = flags = fcntl (fileno_unlocked (ent->stream), F_GETFD, 0);
240 if (result >= 0)
241 {
242 flags |= FD_CLOEXEC;
243 result = fcntl (fileno_unlocked (ent->stream), F_SETFD, flags);
244 }
245 if (result < 0)
246 {
247 /* Something went wrong. Close the stream and return a
248 failure. */
249 fclose (ent->stream);
250 ent->stream = NULL;
251 status = NSS_STATUS_UNAVAIL;
252 }
253 else
254 /* We take care of locking ourself. */
255 __fsetlocking (ent->stream, FSETLOCKING_BYCALLER);
256 }
257 }
258 else
259 rewind (ent->stream);
260
261 give_pwd_free (&ent->pwd);
262
263 if (needent && status == NSS_STATUS_SUCCESS && nss_setpwent)
264 ent->setent_status = nss_setpwent (stayopen);
265
266 return status;
267 }
268
269
270 enum nss_status
271 _nss_compat_setpwent (int stayopen)
272 {
273 enum nss_status result;
274
275 __libc_lock_lock (lock);
276
277 if (ni == NULL)
278 init_nss_interface ();
279
280 result = internal_setpwent (&ext_ent, stayopen, 1);
281
282 __libc_lock_unlock (lock);
283
284 return result;
285 }
286
287
288 static enum nss_status
289 internal_endpwent (ent_t *ent)
290 {
291 if (nss_endpwent)
292 nss_endpwent ();
293
294 if (ent->stream != NULL)
295 {
296 fclose (ent->stream);
297 ent->stream = NULL;
298 }
299
300 if (ent->netgroup)
301 __internal_endnetgrent (&ent->netgrdata);
302
303 ent->first = ent->netgroup = false;
304
305 if (ent->blacklist.data != NULL)
306 {
307 ent->blacklist.current = 1;
308 ent->blacklist.data[0] = '|';
309 ent->blacklist.data[1] = '\0';
310 }
311 else
312 ent->blacklist.current = 0;
313
314 give_pwd_free (&ent->pwd);
315
316 return NSS_STATUS_SUCCESS;
317 }
318
319 enum nss_status
320 _nss_compat_endpwent (void)
321 {
322 enum nss_status result;
323
324 __libc_lock_lock (lock);
325
326 result = internal_endpwent (&ext_ent);
327
328 __libc_lock_unlock (lock);
329
330 return result;
331 }
332
333
334 static enum nss_status
335 getpwent_next_nss_netgr (const char *name, struct passwd *result, ent_t *ent,
336 char *group, char *buffer, size_t buflen,
337 int *errnop)
338 {
339 char *curdomain, *host, *user, *domain, *p2;
340 int status;
341 size_t p2len;
342
343 /* Leave function if NSS module does not support getpwnam_r,
344 we need this function here. */
345 if (!nss_getpwnam_r)
346 return NSS_STATUS_UNAVAIL;
347
348 if (yp_get_default_domain (&curdomain) != YPERR_SUCCESS)
349 {
350 ent->netgroup = false;
351 ent->first = false;
352 give_pwd_free (&ent->pwd);
353 return NSS_STATUS_UNAVAIL;
354 }
355
356 if (ent->first == true)
357 {
358 memset (&ent->netgrdata, 0, sizeof (struct __netgrent));
359 __internal_setnetgrent (group, &ent->netgrdata);
360 ent->first = false;
361 }
362
363 while (1)
364 {
365 char *saved_cursor;
366
367 saved_cursor = ent->netgrdata.cursor;
368 status = __internal_getnetgrent_r (&host, &user, &domain,
369 &ent->netgrdata, buffer, buflen,
370 errnop);
371 if (status != 1)
372 {
373 __internal_endnetgrent (&ent->netgrdata);
374 ent->netgroup = 0;
375 give_pwd_free (&ent->pwd);
376 return NSS_STATUS_RETURN;
377 }
378
379 if (user == NULL || user[0] == '-')
380 continue;
381
382 if (domain != NULL && strcmp (curdomain, domain) != 0)
383 continue;
384
385 /* If name != NULL, we are called from getpwnam. */
386 if (name != NULL)
387 if (strcmp (user, name) != 0)
388 continue;
389
390 p2len = pwd_need_buflen (&ent->pwd);
391 if (p2len > buflen)
392 {
393 *errnop = ERANGE;
394 return NSS_STATUS_TRYAGAIN;
395 }
396 p2 = buffer + (buflen - p2len);
397 buflen -= p2len;
398
399 if (nss_getpwnam_r (user, result, buffer, buflen, errnop) !=
400 NSS_STATUS_SUCCESS)
401 continue;
402
403 if (!in_blacklist (result->pw_name, strlen (result->pw_name), ent))
404 {
405 /* Store the User in the blacklist for possible the "+" at the
406 end of /etc/passwd */
407 blacklist_store_name (result->pw_name, ent);
408 copy_pwd_changes (result, &ent->pwd, p2, p2len);
409 break;
410 }
411 }
412
413 return NSS_STATUS_SUCCESS;
414 }
415
416 /* get the next user from NSS (+ entry) */
417 static enum nss_status
418 getpwent_next_nss (struct passwd *result, ent_t *ent, char *buffer,
419 size_t buflen, int *errnop)
420 {
421 enum nss_status status;
422 char *p2;
423 size_t p2len;
424
425 /* Return if NSS module does not support getpwent_r. */
426 if (!nss_getpwent_r)
427 return NSS_STATUS_UNAVAIL;
428
429 /* If the setpwent call failed, say so. */
430 if (ent->setent_status != NSS_STATUS_SUCCESS)
431 return ent->setent_status;
432
433 p2len = pwd_need_buflen (&ent->pwd);
434 if (p2len > buflen)
435 {
436 *errnop = ERANGE;
437 return NSS_STATUS_TRYAGAIN;
438 }
439 p2 = buffer + (buflen - p2len);
440 buflen -= p2len;
441
442 if (ent->first)
443 ent->first = false;
444
445 do
446 {
447 if ((status = nss_getpwent_r (result, buffer, buflen, errnop)) !=
448 NSS_STATUS_SUCCESS)
449 return status;
450 }
451 while (in_blacklist (result->pw_name, strlen (result->pw_name), ent));
452
453 copy_pwd_changes (result, &ent->pwd, p2, p2len);
454
455 return NSS_STATUS_SUCCESS;
456 }
457
458 /* This function handle the +user entrys in /etc/passwd */
459 static enum nss_status
460 getpwnam_plususer (const char *name, struct passwd *result, ent_t *ent,
461 char *buffer, size_t buflen, int *errnop)
462 {
463 if (!nss_getpwnam_r)
464 return NSS_STATUS_UNAVAIL;
465
466 struct passwd pwd;
467 memset (&pwd, '\0', sizeof (struct passwd));
468
469 copy_pwd_changes (&pwd, result, NULL, 0);
470
471 size_t plen = pwd_need_buflen (&pwd);
472 if (plen > buflen)
473 {
474 *errnop = ERANGE;
475 return NSS_STATUS_TRYAGAIN;
476 }
477 char *p = buffer + (buflen - plen);
478 buflen -= plen;
479
480 enum nss_status status = nss_getpwnam_r (name, result, buffer, buflen,
481 errnop);
482 if (status != NSS_STATUS_SUCCESS)
483 return status;
484
485 if (in_blacklist (result->pw_name, strlen (result->pw_name), ent))
486 return NSS_STATUS_NOTFOUND;
487
488 copy_pwd_changes (result, &pwd, p, plen);
489 give_pwd_free (&pwd);
490 /* We found the entry. */
491 return NSS_STATUS_SUCCESS;
492 }
493
494 static enum nss_status
495 getpwent_next_file (struct passwd *result, ent_t *ent,
496 char *buffer, size_t buflen, int *errnop)
497 {
498 struct parser_data *data = (void *) buffer;
499 while (1)
500 {
501 fpos_t pos;
502 char *p;
503 int parse_res;
504
505 do
506 {
507 /* We need at least 3 characters for one line. */
508 if (__builtin_expect (buflen < 3, 0))
509 {
510 erange:
511 *errnop = ERANGE;
512 return NSS_STATUS_TRYAGAIN;
513 }
514
515 fgetpos (ent->stream, &pos);
516 buffer[buflen - 1] = '\xff';
517 p = fgets_unlocked (buffer, buflen, ent->stream);
518 if (p == NULL && feof_unlocked (ent->stream))
519 return NSS_STATUS_NOTFOUND;
520
521 if (p == NULL || __builtin_expect (buffer[buflen - 1] != '\xff', 0))
522 {
523 erange_reset:
524 fsetpos (ent->stream, &pos);
525 goto erange;
526 }
527
528 /* Terminate the line for any case. */
529 buffer[buflen - 1] = '\0';
530
531 /* Skip leading blanks. */
532 while (isspace (*p))
533 ++p;
534 }
535 while (*p == '\0' || *p == '#' || /* Ignore empty and comment lines. */
536 /* Parse the line. If it is invalid, loop to
537 get the next line of the file to parse. */
538 !(parse_res = _nss_files_parse_pwent (p, result, data, buflen,
539 errnop)));
540
541 if (__builtin_expect (parse_res == -1, 0))
542 /* The parser ran out of space. */
543 goto erange_reset;
544
545 if (result->pw_name[0] != '+' && result->pw_name[0] != '-')
546 /* This is a real entry. */
547 break;
548
549 /* -@netgroup */
550 if (result->pw_name[0] == '-' && result->pw_name[1] == '@'
551 && result->pw_name[2] != '\0')
552 {
553 /* XXX Do not use fixed length buffer. */
554 char buf2[1024];
555 char *user, *host, *domain;
556 struct __netgrent netgrdata;
557
558 bzero (&netgrdata, sizeof (struct __netgrent));
559 __internal_setnetgrent (&result->pw_name[2], &netgrdata);
560 while (__internal_getnetgrent_r (&host, &user, &domain, &netgrdata,
561 buf2, sizeof (buf2), errnop))
562 {
563 if (user != NULL && user[0] != '-')
564 blacklist_store_name (user, ent);
565 }
566 __internal_endnetgrent (&netgrdata);
567 continue;
568 }
569
570 /* +@netgroup */
571 if (result->pw_name[0] == '+' && result->pw_name[1] == '@'
572 && result->pw_name[2] != '\0')
573 {
574 enum nss_status status;
575
576 ent->netgroup = true;
577 ent->first = true;
578 copy_pwd_changes (&ent->pwd, result, NULL, 0);
579
580 status = getpwent_next_nss_netgr (NULL, result, ent,
581 &result->pw_name[2],
582 buffer, buflen, errnop);
583 if (status == NSS_STATUS_RETURN)
584 continue;
585 else
586 return status;
587 }
588
589 /* -user */
590 if (result->pw_name[0] == '-' && result->pw_name[1] != '\0'
591 && result->pw_name[1] != '@')
592 {
593 blacklist_store_name (&result->pw_name[1], ent);
594 continue;
595 }
596
597 /* +user */
598 if (result->pw_name[0] == '+' && result->pw_name[1] != '\0'
599 && result->pw_name[1] != '@')
600 {
601 size_t len = strlen (result->pw_name);
602 char buf[len];
603 enum nss_status status;
604
605 /* Store the User in the blacklist for the "+" at the end of
606 /etc/passwd */
607 memcpy (buf, &result->pw_name[1], len);
608 status = getpwnam_plususer (&result->pw_name[1], result, ent,
609 buffer, buflen, errnop);
610 blacklist_store_name (buf, ent);
611
612 if (status == NSS_STATUS_SUCCESS) /* We found the entry. */
613 break;
614 else if (status == NSS_STATUS_RETURN /* We couldn't parse the entry */
615 || status == NSS_STATUS_NOTFOUND) /* entry doesn't exist */
616 continue;
617 else
618 {
619 if (status == NSS_STATUS_TRYAGAIN)
620 {
621 /* The parser ran out of space */
622 fsetpos (ent->stream, &pos);
623 *errnop = ERANGE;
624 }
625 return status;
626 }
627 }
628
629 /* +:... */
630 if (result->pw_name[0] == '+' && result->pw_name[1] == '\0')
631 {
632 ent->files = false;
633 ent->first = true;
634 copy_pwd_changes (&ent->pwd, result, NULL, 0);
635
636 return getpwent_next_nss (result, ent, buffer, buflen, errnop);
637 }
638 }
639
640 return NSS_STATUS_SUCCESS;
641 }
642
643
644 static enum nss_status
645 internal_getpwent_r (struct passwd *pw, ent_t *ent, char *buffer,
646 size_t buflen, int *errnop)
647 {
648 if (ent->netgroup)
649 {
650 enum nss_status status;
651
652 /* We are searching members in a netgroup */
653 /* Since this is not the first call, we don't need the group name */
654 status = getpwent_next_nss_netgr (NULL, pw, ent, NULL, buffer, buflen,
655 errnop);
656 if (status == NSS_STATUS_RETURN)
657 return getpwent_next_file (pw, ent, buffer, buflen, errnop);
658 else
659 return status;
660 }
661 else if (ent->files)
662 return getpwent_next_file (pw, ent, buffer, buflen, errnop);
663 else
664 return getpwent_next_nss (pw, ent, buffer, buflen, errnop);
665
666 }
667
668 enum nss_status
669 _nss_compat_getpwent_r (struct passwd *pwd, char *buffer, size_t buflen,
670 int *errnop)
671 {
672 enum nss_status result = NSS_STATUS_SUCCESS;
673
674 __libc_lock_lock (lock);
675
676 /* Be prepared that the setpwent function was not called before. */
677 if (ni == NULL)
678 init_nss_interface ();
679
680 if (ext_ent.stream == NULL)
681 result = internal_setpwent (&ext_ent, 1, 1);
682
683 if (result == NSS_STATUS_SUCCESS)
684 result = internal_getpwent_r (pwd, &ext_ent, buffer, buflen, errnop);
685
686 __libc_lock_unlock (lock);
687
688 return result;
689 }
690
691 /* Searches in /etc/passwd and the NIS/NIS+ map for a special user */
692 static enum nss_status
693 internal_getpwnam_r (const char *name, struct passwd *result, ent_t *ent,
694 char *buffer, size_t buflen, int *errnop)
695 {
696 struct parser_data *data = (void *) buffer;
697
698 while (1)
699 {
700 fpos_t pos;
701 char *p;
702 int parse_res;
703
704 do
705 {
706 /* We need at least 3 characters for one line. */
707 if (__builtin_expect (buflen < 3, 0))
708 {
709 erange:
710 *errnop = ERANGE;
711 return NSS_STATUS_TRYAGAIN;
712 }
713
714 fgetpos (ent->stream, &pos);
715 buffer[buflen - 1] = '\xff';
716 p = fgets_unlocked (buffer, buflen, ent->stream);
717 if (p == NULL && feof_unlocked (ent->stream))
718 {
719 return NSS_STATUS_NOTFOUND;
720 }
721 if (p == NULL || __builtin_expect (buffer[buflen - 1] != '\xff', 0))
722 {
723 erange_reset:
724 fsetpos (ent->stream, &pos);
725 goto erange;
726 }
727
728 /* Terminate the line for any case. */
729 buffer[buflen - 1] = '\0';
730
731 /* Skip leading blanks. */
732 while (isspace (*p))
733 ++p;
734 }
735 while (*p == '\0' || *p == '#' || /* Ignore empty and comment lines. */
736 /* Parse the line. If it is invalid, loop to
737 get the next line of the file to parse. */
738 !(parse_res = _nss_files_parse_pwent (p, result, data, buflen,
739 errnop)));
740
741 if (__builtin_expect (parse_res == -1, 0))
742 /* The parser ran out of space. */
743 goto erange_reset;
744
745 /* This is a real entry. */
746 if (result->pw_name[0] != '+' && result->pw_name[0] != '-')
747 {
748 if (strcmp (result->pw_name, name) == 0)
749 return NSS_STATUS_SUCCESS;
750 else
751 continue;
752 }
753
754 /* -@netgroup */
755 if (result->pw_name[0] == '-' && result->pw_name[1] == '@'
756 && result->pw_name[2] != '\0')
757 {
758 if (innetgr (&result->pw_name[2], NULL, name, NULL))
759 return NSS_STATUS_NOTFOUND;
760 continue;
761 }
762
763 /* +@netgroup */
764 if (result->pw_name[0] == '+' && result->pw_name[1] == '@'
765 && result->pw_name[2] != '\0')
766 {
767 enum nss_status status;
768
769 if (innetgr (&result->pw_name[2], NULL, name, NULL))
770 {
771 status = getpwnam_plususer (name, result, ent, buffer,
772 buflen, errnop);
773
774 if (status == NSS_STATUS_RETURN)
775 continue;
776
777 return status;
778 }
779 continue;
780 }
781
782 /* -user */
783 if (result->pw_name[0] == '-' && result->pw_name[1] != '\0'
784 && result->pw_name[1] != '@')
785 {
786 if (strcmp (&result->pw_name[1], name) == 0)
787 return NSS_STATUS_NOTFOUND;
788 else
789 continue;
790 }
791
792 /* +user */
793 if (result->pw_name[0] == '+' && result->pw_name[1] != '\0'
794 && result->pw_name[1] != '@')
795 {
796 if (strcmp (name, &result->pw_name[1]) == 0)
797 {
798 enum nss_status status;
799
800 status = getpwnam_plususer (name, result, ent, buffer, buflen,
801 errnop);
802 if (status == NSS_STATUS_RETURN)
803 /* We couldn't parse the entry */
804 return NSS_STATUS_NOTFOUND;
805 else
806 return status;
807 }
808 }
809
810 /* +:... */
811 if (result->pw_name[0] == '+' && result->pw_name[1] == '\0')
812 {
813 enum nss_status status;
814
815 status = getpwnam_plususer (name, result, ent,
816 buffer, buflen, errnop);
817 if (status == NSS_STATUS_SUCCESS) /* We found the entry. */
818 break;
819 else if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */
820 return NSS_STATUS_NOTFOUND;
821 else
822 return status;
823 }
824 }
825 return NSS_STATUS_SUCCESS;
826 }
827
828 enum nss_status
829 _nss_compat_getpwnam_r (const char *name, struct passwd *pwd,
830 char *buffer, size_t buflen, int *errnop)
831 {
832 enum nss_status result;
833 ent_t ent = { false, false, true, NSS_STATUS_SUCCESS, NULL, { NULL, 0, 0 },
834 { NULL, NULL, 0, 0, NULL, NULL, NULL }};
835
836 if (name[0] == '-' || name[0] == '+')
837 return NSS_STATUS_NOTFOUND;
838
839 __libc_lock_lock (lock);
840
841 if (ni == NULL)
842 init_nss_interface ();
843
844 __libc_lock_unlock (lock);
845
846 result = internal_setpwent (&ent, 0, 0);
847
848 if (result == NSS_STATUS_SUCCESS)
849 result = internal_getpwnam_r (name, pwd, &ent, buffer, buflen, errnop);
850
851 internal_endpwent (&ent);
852
853 return result;
854 }
855
856 /* This function handle the + entry in /etc/passwd for getpwuid */
857 static enum nss_status
858 getpwuid_plususer (uid_t uid, struct passwd *result, char *buffer,
859 size_t buflen, int *errnop)
860 {
861 struct passwd pwd;
862 char *p;
863 size_t plen;
864
865 if (!nss_getpwuid_r)
866 return NSS_STATUS_UNAVAIL;
867
868 memset (&pwd, '\0', sizeof (struct passwd));
869
870 copy_pwd_changes (&pwd, result, NULL, 0);
871
872 plen = pwd_need_buflen (&pwd);
873 if (plen > buflen)
874 {
875 *errnop = ERANGE;
876 return NSS_STATUS_TRYAGAIN;
877 }
878 p = buffer + (buflen - plen);
879 buflen -= plen;
880
881 if (nss_getpwuid_r (uid, result, buffer, buflen, errnop) ==
882 NSS_STATUS_SUCCESS)
883 {
884 copy_pwd_changes (result, &pwd, p, plen);
885 give_pwd_free (&pwd);
886 /* We found the entry. */
887 return NSS_STATUS_SUCCESS;
888 }
889 else
890 {
891 /* Give buffer the old len back */
892 buflen += plen;
893 give_pwd_free (&pwd);
894 }
895 return NSS_STATUS_RETURN;
896 }
897
898 /* Searches in /etc/passwd and the NSS subsystem for a special user id */
899 static enum nss_status
900 internal_getpwuid_r (uid_t uid, struct passwd *result, ent_t *ent,
901 char *buffer, size_t buflen, int *errnop)
902 {
903 struct parser_data *data = (void *) buffer;
904
905 while (1)
906 {
907 fpos_t pos;
908 char *p;
909 int parse_res;
910
911 do
912 {
913 /* We need at least 3 characters for one line. */
914 if (__builtin_expect (buflen < 3, 0))
915 {
916 erange:
917 *errnop = ERANGE;
918 return NSS_STATUS_TRYAGAIN;
919 }
920
921 fgetpos (ent->stream, &pos);
922 buffer[buflen - 1] = '\xff';
923 p = fgets_unlocked (buffer, buflen, ent->stream);
924 if (p == NULL && feof_unlocked (ent->stream))
925 return NSS_STATUS_NOTFOUND;
926
927 if (p == NULL || __builtin_expect (buffer[buflen - 1] != '\xff', 0))
928 {
929 erange_reset:
930 fsetpos (ent->stream, &pos);
931 goto erange;
932 }
933
934 /* Terminate the line for any case. */
935 buffer[buflen - 1] = '\0';
936
937 /* Skip leading blanks. */
938 while (isspace (*p))
939 ++p;
940 }
941 while (*p == '\0' || *p == '#' || /* Ignore empty and comment lines. */
942 /* Parse the line. If it is invalid, loop to
943 get the next line of the file to parse. */
944 !(parse_res = _nss_files_parse_pwent (p, result, data, buflen,
945 errnop)));
946
947 if (__builtin_expect (parse_res == -1, 0))
948 /* The parser ran out of space. */
949 goto erange_reset;
950
951 /* This is a real entry. */
952 if (result->pw_name[0] != '+' && result->pw_name[0] != '-')
953 {
954 if (result->pw_uid == uid)
955 return NSS_STATUS_SUCCESS;
956 else
957 continue;
958 }
959
960 /* -@netgroup */
961 if (result->pw_name[0] == '-' && result->pw_name[1] == '@'
962 && result->pw_name[2] != '\0')
963 {
964 /* -1, because we remove first two character of pw_name. */
965 size_t len = strlen (result->pw_name) - 1;
966 char buf[len];
967 enum nss_status status;
968
969 memcpy (buf, &result->pw_name[2], len);
970
971 status = getpwuid_plususer (uid, result, buffer, buflen, errnop);
972 if (status == NSS_STATUS_SUCCESS &&
973 innetgr (buf, NULL, result->pw_name, NULL))
974 return NSS_STATUS_NOTFOUND;
975
976 continue;
977 }
978
979 /* +@netgroup */
980 if (result->pw_name[0] == '+' && result->pw_name[1] == '@'
981 && result->pw_name[2] != '\0')
982 {
983 /* -1, because we remove first two characters of pw_name. */
984 size_t len = strlen (result->pw_name) - 1;
985 char buf[len];
986 enum nss_status status;
987
988 memcpy (buf, &result->pw_name[2], len);
989
990 status = getpwuid_plususer (uid, result, buffer, buflen, errnop);
991
992 if (status == NSS_STATUS_RETURN)
993 continue;
994
995 if (status == NSS_STATUS_SUCCESS)
996 {
997 if (innetgr (buf, NULL, result->pw_name, NULL))
998 return NSS_STATUS_SUCCESS;
999 }
1000 else if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */
1001 return NSS_STATUS_NOTFOUND;
1002 else
1003 return status;
1004
1005 continue;
1006 }
1007
1008 /* -user */
1009 if (result->pw_name[0] == '-' && result->pw_name[1] != '\0'
1010 && result->pw_name[1] != '@')
1011 {
1012 size_t len = strlen (result->pw_name);
1013 char buf[len];
1014 enum nss_status status;
1015
1016 memcpy (buf, &result->pw_name[1], len);
1017
1018 status = getpwuid_plususer (uid, result, buffer, buflen, errnop);
1019 if (status == NSS_STATUS_SUCCESS &&
1020 innetgr (buf, NULL, result->pw_name, NULL))
1021 return NSS_STATUS_NOTFOUND;
1022 continue;
1023 }
1024
1025 /* +user */
1026 if (result->pw_name[0] == '+' && result->pw_name[1] != '\0'
1027 && result->pw_name[1] != '@')
1028 {
1029 size_t len = strlen (result->pw_name);
1030 char buf[len];
1031 enum nss_status status;
1032
1033 memcpy (buf, &result->pw_name[1], len);
1034
1035 status = getpwuid_plususer (uid, result, buffer, buflen, errnop);
1036
1037 if (status == NSS_STATUS_RETURN)
1038 continue;
1039
1040 if (status == NSS_STATUS_SUCCESS)
1041 {
1042 if (strcmp (buf, result->pw_name) == 0)
1043 return NSS_STATUS_SUCCESS;
1044 }
1045 else if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */
1046 return NSS_STATUS_NOTFOUND;
1047 else
1048 return status;
1049
1050 continue;
1051 }
1052
1053 /* +:... */
1054 if (result->pw_name[0] == '+' && result->pw_name[1] == '\0')
1055 {
1056 enum nss_status status;
1057
1058 status = getpwuid_plususer (uid, result, buffer, buflen, errnop);
1059 if (status == NSS_STATUS_SUCCESS) /* We found the entry. */
1060 break;
1061 else if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */
1062 return NSS_STATUS_NOTFOUND;
1063 else
1064 return status;
1065 }
1066 }
1067 return NSS_STATUS_SUCCESS;
1068 }
1069
1070 enum nss_status
1071 _nss_compat_getpwuid_r (uid_t uid, struct passwd *pwd,
1072 char *buffer, size_t buflen, int *errnop)
1073 {
1074 enum nss_status result;
1075 ent_t ent = { false, false, true, NSS_STATUS_SUCCESS, NULL, { NULL, 0, 0 },
1076 { NULL, NULL, 0, 0, NULL, NULL, NULL }};
1077
1078 __libc_lock_lock (lock);
1079
1080 if (ni == NULL)
1081 init_nss_interface ();
1082
1083 __libc_lock_unlock (lock);
1084
1085 result = internal_setpwent (&ent, 0, 0);
1086
1087 if (result == NSS_STATUS_SUCCESS)
1088 result = internal_getpwuid_r (uid, pwd, &ent, buffer, buflen, errnop);
1089
1090 internal_endpwent (&ent);
1091
1092 return result;
1093 }
1094
1095
1096 /* Support routines for remembering -@netgroup and -user entries.
1097 The names are stored in a single string with `|' as separator. */
1098 static void
1099 blacklist_store_name (const char *name, ent_t *ent)
1100 {
1101 int namelen = strlen (name);
1102 char *tmp;
1103
1104 /* first call, setup cache */
1105 if (ent->blacklist.size == 0)
1106 {
1107 ent->blacklist.size = MAX (BLACKLIST_INITIAL_SIZE, 2 * namelen);
1108 ent->blacklist.data = malloc (ent->blacklist.size);
1109 if (ent->blacklist.data == NULL)
1110 return;
1111 ent->blacklist.data[0] = '|';
1112 ent->blacklist.data[1] = '\0';
1113 ent->blacklist.current = 1;
1114 }
1115 else
1116 {
1117 if (in_blacklist (name, namelen, ent))
1118 return; /* no duplicates */
1119
1120 if (ent->blacklist.current + namelen + 1 >= ent->blacklist.size)
1121 {
1122 ent->blacklist.size += MAX (BLACKLIST_INCREMENT, 2 * namelen);
1123 tmp = realloc (ent->blacklist.data, ent->blacklist.size);
1124 if (tmp == NULL)
1125 {
1126 free (ent->blacklist.data);
1127 ent->blacklist.size = 0;
1128 return;
1129 }
1130 ent->blacklist.data = tmp;
1131 }
1132 }
1133
1134 tmp = stpcpy (ent->blacklist.data + ent->blacklist.current, name);
1135 *tmp++ = '|';
1136 *tmp = '\0';
1137 ent->blacklist.current += namelen + 1;
1138
1139 return;
1140 }
1141
1142 /* Returns TRUE if ent->blacklist contains name, else FALSE. */
1143 static bool_t
1144 in_blacklist (const char *name, int namelen, ent_t *ent)
1145 {
1146 char buf[namelen + 3];
1147 char *cp;
1148
1149 if (ent->blacklist.data == NULL)
1150 return FALSE;
1151
1152 buf[0] = '|';
1153 cp = stpcpy (&buf[1], name);
1154 *cp++ = '|';
1155 *cp = '\0';
1156 return strstr (ent->blacklist.data, buf) != NULL;
1157 }
sources.redhat.com git mirror of glibc CVS