search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Support Intel processor model 6 and model 0x2.
[glibc.git] / nis / nss_nis / nis-pwd.c
blob89de350c4dab47d48d073a5a1f3d2231af9c9973
1 /* Copyright (C) 1996-1998,2001-2003,2006,2009,2010
2 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
4 Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1996.
5
6 The GNU C Library is free software; you can redistribute it and/or
7 modify it under the terms of the GNU Lesser General Public
8 License as published by the Free Software Foundation; either
9 version 2.1 of the License, or (at your option) any later version.
10
11 The GNU C Library is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
15
16 You should have received a copy of the GNU Lesser General Public
17 License along with the GNU C Library; if not, write to the Free
18 Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
19 02111-1307 USA. */
20
21 #include <assert.h>
22 #include <ctype.h>
23 #include <errno.h>
24 #include <nss.h>
25 #include <pwd.h>
26 #include <string.h>
27 #include <bits/libc-lock.h>
28 #include <rpcsvc/yp.h>
29 #include <rpcsvc/ypclnt.h>
30
31 #include "nss-nis.h"
32 #include <libnsl.h>
33
34 /* Get the declaration of the parser function. */
35 #define ENTNAME pwent
36 #define STRUCTURE passwd
37 #define EXTERN_PARSER
38 #include <nss/nss_files/files-parse.c>
39
40 /* Protect global state against multiple changers */
41 __libc_lock_define_initialized (static, lock)
42
43 static bool new_start = true;
44 static char *oldkey;
45 static int oldkeylen;
46 static intern_t intern;
47
48
49 int
50 _nis_saveit (int instatus, char *inkey, int inkeylen, char *inval,
51 int invallen, char *indata)
52 {
53 intern_t *intern = (intern_t *) indata;
54
55 if (instatus != YP_TRUE)
56 return 1;
57
58 if (inkey && inkeylen > 0 && inval && invallen > 0)
59 {
60 struct response_t *bucket = intern->next;
61
62 if (__builtin_expect (bucket == NULL, 0))
63 {
64 #define MINSIZE 4096 - 4 * sizeof (void *)
65 const size_t minsize = MAX (MINSIZE, 2 * (invallen + 1));
66 bucket = malloc (sizeof (struct response_t) + minsize);
67 if (bucket == NULL)
68 /* We have no error code for out of memory. */
69 return 1;
70
71 bucket->next = NULL;
72 bucket->size = minsize;
73 intern->start = intern->next = bucket;
74 intern->offset = 0;
75 }
76 else if (__builtin_expect (invallen + 1 > bucket->size - intern->offset,
77 0))
78 {
79 /* We need a new (larger) buffer. */
80 const size_t newsize = 2 * MAX (bucket->size, invallen + 1);
81 struct response_t *newp = malloc (sizeof (struct response_t)
82 + newsize);
83 if (newp == NULL)
84 /* We have no error code for out of memory. */
85 return 1;
86
87 /* Mark the old bucket as full. */
88 bucket->size = intern->offset;
89
90 newp->next = NULL;
91 newp->size = newsize;
92 bucket = intern->next = bucket->next = newp;
93 intern->offset = 0;
94 }
95
96 char *p = mempcpy (&bucket->mem[intern->offset], inval, invallen);
97 if (__builtin_expect (p[-1] != '\0', 0))
98 {
99 *p = '\0';
100 ++invallen;
101 }
102 intern->offset += invallen;
103 }
104
105 return 0;
106 }
107
108
109 static void
110 internal_nis_endpwent (void)
111 {
112 new_start = true;
113 free (oldkey);
114 oldkey = NULL;
115 oldkeylen = 0;
116
117 struct response_t *curr = intern.start;
118
119 while (curr != NULL)
120 {
121 struct response_t *last = curr;
122 curr = curr->next;
123 free (last);
124 }
125
126 intern.next = intern.start = NULL;
127 }
128
129
130 enum nss_status
131 _nss_nis_endpwent (void)
132 {
133 __libc_lock_lock (lock);
134
135 internal_nis_endpwent ();
136
137 __libc_lock_unlock (lock);
138
139 return NSS_STATUS_SUCCESS;
140 }
141
142
143 enum nss_status
144 internal_nis_setpwent (void)
145 {
146 /* We have to read all the data now. */
147 char *domain;
148 if (__builtin_expect (yp_get_default_domain (&domain), 0))
149 return NSS_STATUS_UNAVAIL;
150
151 struct ypall_callback ypcb;
152
153 ypcb.foreach = _nis_saveit;
154 ypcb.data = (char *) &intern;
155 enum nss_status status = yperr2nss (yp_all (domain, "passwd.byname", &ypcb));
156
157
158 /* Mark the last buffer as full. */
159 if (intern.next != NULL)
160 intern.next->size = intern.offset;
161
162 intern.next = intern.start;
163 intern.offset = 0;
164
165 return status;
166 }
167
168
169 enum nss_status
170 _nss_nis_setpwent (int stayopen)
171 {
172 enum nss_status result = NSS_STATUS_SUCCESS;
173
174 __libc_lock_lock (lock);
175
176 internal_nis_endpwent ();
177
178 if (_nsl_default_nss () & NSS_FLAG_SETENT_BATCH_READ)
179 result = internal_nis_setpwent ();
180
181 __libc_lock_unlock (lock);
182
183 return result;
184 }
185
186
187 static enum nss_status
188 internal_nis_getpwent_r (struct passwd *pwd, char *buffer, size_t buflen,
189 int *errnop)
190 {
191 /* If we read the entire database at setpwent time we just iterate
192 over the data we have in memory. */
193 bool batch_read = intern.start != NULL;
194
195 char *domain = NULL;
196 if (!batch_read && __builtin_expect (yp_get_default_domain (&domain), 0))
197 return NSS_STATUS_UNAVAIL;
198
199 /* Get the next entry until we found a correct one. */
200 int parse_res;
201 do
202 {
203 char *result;
204 char *outkey;
205 int len;
206 int keylen;
207
208 if (batch_read)
209 {
210 struct response_t *bucket;
211
212 handle_batch_read:
213 bucket = intern.next;
214
215 if (__builtin_expect (intern.offset >= bucket->size, 0))
216 {
217 if (bucket->next == NULL)
218 return NSS_STATUS_NOTFOUND;
219
220 /* We look at all the content in the current bucket. Go on
221 to the next. */
222 bucket = intern.next = bucket->next;
223 intern.offset = 0;
224 }
225
226 for (result = &bucket->mem[intern.offset]; isspace (*result);
227 ++result)
228 ++intern.offset;
229
230 len = strlen (result);
231 }
232 else
233 {
234 int yperr;
235
236 if (new_start)
237 {
238 /* Maybe we should read the database in one piece. */
239 if ((_nsl_default_nss () & NSS_FLAG_SETENT_BATCH_READ)
240 && internal_nis_setpwent () == NSS_STATUS_SUCCESS
241 && intern.start != NULL)
242 {
243 batch_read = true;
244 goto handle_batch_read;
245 }
246
247 yperr = yp_first (domain, "passwd.byname", &outkey, &keylen,
248 &result, &len);
249 }
250 else
251 yperr = yp_next (domain, "passwd.byname", oldkey, oldkeylen,
252 &outkey, &keylen, &result, &len);
253
254 if (__builtin_expect (yperr != YPERR_SUCCESS, 0))
255 {
256 enum nss_status retval = yperr2nss (yperr);
257
258 if (retval == NSS_STATUS_TRYAGAIN)
259 *errnop = errno;
260 return retval;
261 }
262 }
263
264 /* Check for adjunct style secret passwords. They can be
265 recognized by a password starting with "##". We do not use
266 it if the passwd.adjunct.byname table is supposed to be used
267 as a shadow.byname replacement. */
268 char *p = strchr (result, ':');
269 size_t namelen;
270 char *result2;
271 int len2;
272 if ((_nsl_default_nss () & NSS_FLAG_ADJUNCT_AS_SHADOW) == 0
273 && p != NULL /* This better should be true in all cases. */
274 && p[1] == '#' && p[2] == '#'
275 && (namelen = p - result,
276 yp_match (domain, "passwd.adjunct.byname", result, namelen,
277 &result2, &len2)) == YPERR_SUCCESS)
278 {
279 /* We found a passwd.adjunct.byname entry. Merge encrypted
280 password therein into original result. */
281 char *encrypted = strchr (result2, ':');
282 char *endp;
283 size_t restlen;
284
285 if (encrypted == NULL
286 || (endp = strchr (++encrypted, ':')) == NULL
287 || (p = strchr (p + 1, ':')) == NULL)
288 {
289 /* Invalid format of the entry. This never should happen
290 unless the data from which the NIS table is generated is
291 wrong. We simply ignore it. */
292 free (result2);
293 goto non_adjunct;
294 }
295
296 restlen = len - (p - result);
297 if (__builtin_expect ((size_t) (namelen + (endp - encrypted)
298 + restlen + 2) > buflen, 0))
299 {
300 free (result2);
301 free (result);
302 *errnop = ERANGE;
303 return NSS_STATUS_TRYAGAIN;
304 }
305
306 mempcpy (mempcpy (mempcpy (mempcpy (buffer, result, namelen),
307 ":", 1),
308 encrypted, endp - encrypted),
309 p, restlen + 1);
310 p = buffer;
311
312 free (result2);
313 }
314 else
315 {
316 non_adjunct:
317 if (__builtin_expect ((size_t) (len + 1) > buflen, 0))
318 {
319 free (result);
320 *errnop = ERANGE;
321 return NSS_STATUS_TRYAGAIN;
322 }
323
324 p = buffer;
325 *((char *) mempcpy (buffer, result, len)) = '\0';
326 }
327
328 while (isspace (*p))
329 ++p;
330 if (!batch_read)
331 free (result);
332
333 parse_res = _nss_files_parse_pwent (p, pwd, (void *) buffer, buflen,
334 errnop);
335 if (__builtin_expect (parse_res == -1, 0))
336 {
337 if (!batch_read)
338 free (outkey);
339 *errnop = ERANGE;
340 return NSS_STATUS_TRYAGAIN;
341 }
342
343 if (batch_read)
344 intern.offset += len + 1;
345 else
346 {
347 free (oldkey);
348 oldkey = outkey;
349 oldkeylen = keylen;
350 new_start = false;
351 }
352 }
353 while (parse_res < 1);
354
355 return NSS_STATUS_SUCCESS;
356 }
357
358 enum nss_status
359 _nss_nis_getpwent_r (struct passwd *result, char *buffer, size_t buflen,
360 int *errnop)
361 {
362 int status;
363
364 __libc_lock_lock (lock);
365
366 status = internal_nis_getpwent_r (result, buffer, buflen, errnop);
367
368 __libc_lock_unlock (lock);
369
370 return status;
371 }
372
373 enum nss_status
374 _nss_nis_getpwnam_r (const char *name, struct passwd *pwd,
375 char *buffer, size_t buflen, int *errnop)
376 {
377 if (name == NULL)
378 {
379 *errnop = EINVAL;
380 return NSS_STATUS_UNAVAIL;
381 }
382
383 char *domain;
384 if (__builtin_expect (yp_get_default_domain (&domain), 0))
385 return NSS_STATUS_UNAVAIL;
386
387 size_t namelen = strlen (name);
388
389 char *result;
390 int len;
391 int yperr = yp_match (domain, "passwd.byname", name, namelen, &result, &len);
392
393 if (__builtin_expect (yperr != YPERR_SUCCESS, 0))
394 {
395 enum nss_status retval = yperr2nss (yperr);
396
397 if (retval == NSS_STATUS_TRYAGAIN)
398 *errnop = errno;
399 return retval;
400 }
401
402 /* Check for adjunct style secret passwords. They can be recognized
403 by a password starting with "##". We do not use it if the
404 passwd.adjunct.byname table is supposed to be used as a shadow.byname
405 replacement. */
406 char *result2;
407 int len2;
408 char *p = strchr (result, ':');
409 if ((_nsl_default_nss () & NSS_FLAG_ADJUNCT_AS_SHADOW) == 0
410 && p != NULL /* This better should be true in all cases. */
411 && p[1] == '#' && p[2] == '#'
412 && yp_match (domain, "passwd.adjunct.byname", name, namelen,
413 &result2, &len2) == YPERR_SUCCESS)
414 {
415 /* We found a passwd.adjunct.byname entry. Merge encrypted password
416 therein into original result. */
417 char *encrypted = strchr (result2, ':');
418 char *endp;
419
420 if (encrypted == NULL
421 || (endp = strchr (++encrypted, ':')) == NULL
422 || (p = strchr (p + 1, ':')) == NULL)
423 {
424 /* Invalid format of the entry. This never should happen
425 unless the data from which the NIS table is generated is
426 wrong. We simply ignore it. */
427 free (result2);
428 goto non_adjunct;
429 }
430
431 size_t restlen = len - (p - result);
432 if (__builtin_expect ((size_t) (namelen + (endp - encrypted)
433 + restlen + 2) > buflen, 0))
434 {
435 free (result2);
436 free (result);
437 *errnop = ERANGE;
438 return NSS_STATUS_TRYAGAIN;
439 }
440
441 __mempcpy (__mempcpy (__mempcpy (__mempcpy (buffer, name, namelen),
442 ":", 1),
443 encrypted, endp - encrypted),
444 p, restlen + 1);
445 p = buffer;
446
447 free (result2);
448 }
449 else
450 {
451 non_adjunct:
452 if (__builtin_expect ((size_t) (len + 1) > buflen, 0))
453 {
454 free (result);
455 *errnop = ERANGE;
456 return NSS_STATUS_TRYAGAIN;
457 }
458
459 p = strncpy (buffer, result, len);
460 buffer[len] = '\0';
461 }
462
463 while (isspace (*p))
464 ++p;
465 free (result);
466
467 int parse_res = _nss_files_parse_pwent (p, pwd, (void *) buffer, buflen,
468 errnop);
469 if (__builtin_expect (parse_res < 1, 0))
470 {
471 if (parse_res == -1)
472 return NSS_STATUS_TRYAGAIN;
473 else
474 return NSS_STATUS_NOTFOUND;
475 }
476 else
477 return NSS_STATUS_SUCCESS;
478 }
479
480 enum nss_status
481 _nss_nis_getpwuid_r (uid_t uid, struct passwd *pwd,
482 char *buffer, size_t buflen, int *errnop)
483 {
484 char *domain;
485 if (__builtin_expect (yp_get_default_domain (&domain), 0))
486 return NSS_STATUS_UNAVAIL;
487
488 char buf[32];
489 int nlen = snprintf (buf, sizeof (buf), "%lu", (unsigned long int) uid);
490
491 char *result;
492 int len;
493 int yperr = yp_match (domain, "passwd.byuid", buf, nlen, &result, &len);
494
495 if (__builtin_expect (yperr != YPERR_SUCCESS, 0))
496 {
497 enum nss_status retval = yperr2nss (yperr);
498
499 if (retval == NSS_STATUS_TRYAGAIN)
500 *errnop = errno;
501 return retval;
502 }
503
504 /* Check for adjunct style secret passwords. They can be recognized
505 by a password starting with "##". We do not use it if the
506 passwd.adjunct.byname table is supposed to be used as a shadow.byname
507 replacement. */
508 char *result2;
509 int len2;
510 size_t namelen;
511 char *p = strchr (result, ':');
512 if ((_nsl_default_nss () & NSS_FLAG_ADJUNCT_AS_SHADOW) == 0
513 && p != NULL /* This better should be true in all cases. */
514 && p[1] == '#' && p[2] == '#'
515 && (namelen = p - result,
516 yp_match (domain, "passwd.adjunct.byname", result, namelen,
517 &result2, &len2)) == YPERR_SUCCESS)
518 {
519 /* We found a passwd.adjunct.byname entry. Merge encrypted password
520 therein into original result. */
521 char *encrypted = strchr (result2, ':');
522 char *endp;
523 size_t restlen;
524
525 if (encrypted == NULL
526 || (endp = strchr (++encrypted, ':')) == NULL
527 || (p = strchr (p + 1, ':')) == NULL)
528 {
529 /* Invalid format of the entry. This never should happen
530 unless the data from which the NIS table is generated is
531 wrong. We simply ignore it. */
532 free (result2);
533 goto non_adjunct;
534 }
535
536 restlen = len - (p - result);
537 if (__builtin_expect ((size_t) (namelen + (endp - encrypted)
538 + restlen + 2) > buflen, 0))
539 {
540 free (result2);
541 free (result);
542 *errnop = ERANGE;
543 return NSS_STATUS_TRYAGAIN;
544 }
545
546 __mempcpy (__mempcpy (__mempcpy (__mempcpy (buffer, result, namelen),
547 ":", 1),
548 encrypted, endp - encrypted),
549 p, restlen + 1);
550 p = buffer;
551
552 free (result2);
553 }
554 else
555 {
556 non_adjunct:
557 if (__builtin_expect ((size_t) (len + 1) > buflen, 0))
558 {
559 free (result);
560 *errnop = ERANGE;
561 return NSS_STATUS_TRYAGAIN;
562 }
563
564 p = strncpy (buffer, result, len);
565 buffer[len] = '\0';
566 }
567
568 while (isspace (*p))
569 ++p;
570 free (result);
571
572 int parse_res = _nss_files_parse_pwent (p, pwd, (void *) buffer, buflen,
573 errnop);
574 if (__builtin_expect (parse_res < 1, 0))
575 {
576 if (parse_res == -1)
577 return NSS_STATUS_TRYAGAIN;
578 else
579 return NSS_STATUS_NOTFOUND;
580 }
581 else
582 return NSS_STATUS_SUCCESS;
583 }
sources.redhat.com git mirror of glibc CVS