source/nsswitch/wb_common.c

   1 /*
   2    Unix SMB/Netbios implementation.
   3    Version 2.0
   4
   5    winbind client common code
   6
   7    Copyright (C) Tim Potter 2000
   8    Copyright (C) Andrew Tridgell 2000
   9
  10    This library is free software; you can redistribute it and/or
  11    modify it under the terms of the GNU Library General Public
  12    License as published by the Free Software Foundation; either
  13    version 2 of the License, or (at your option) any later version.
  14
  15    This library is distributed in the hope that it will be useful,
  16    but WITHOUT ANY WARRANTY; without even the implied warranty of
  17    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  18    Library General Public License for more details.
  19
  20    You should have received a copy of the GNU Library General Public
  21    License along with this library; if not, write to the
  22    Free Software Foundation, Inc., 59 Temple Place - Suite 330,
  23    Boston, MA  02111-1307, USA.
  24 */
  25
  26 #include "winbind_nss_config.h"
  27 #include "winbindd_nss.h"
  28
  29 /* Global variables.  These are effectively the client state information */
  30
  31 static int established_socket = -1;           /* fd for winbindd socket */
  32
  33 /* Initialise a request structure */
  34
  35 void init_request(struct winbindd_request *request, int request_type)
  36 {
  37         static char *domain_env;
  38         static BOOL initialised;
  39
  40         request->cmd = request_type;
  41         request->pid = getpid();
  42         request->domain[0] = '\0';
  43
  44         if (!initialised) {
  45                 initialised = True;
  46                 domain_env = getenv(WINBINDD_DOMAIN_ENV);
  47         }
  48
  49         if (domain_env) {
  50                 strncpy(request->domain, domain_env,
  51                         sizeof(request->domain) - 1);
  52                 request->domain[sizeof(request->domain) - 1] = '\0';
  53         }
  54 }
  55
  56 /* Initialise a response structure */
  57
  58 void init_response(struct winbindd_response *response)
  59 {
  60         /* Initialise return value */
  61
  62         response->result = NSS_STATUS_UNAVAIL;
  63 }
  64
  65 /* Close established socket */
  66
  67 void close_sock(void)
  68 {
  69         if (established_socket != -1) {
  70                 close(established_socket);
  71                 established_socket = -1;
  72         }
  73 }
  74
  75 /* Connect to winbindd socket */
  76
  77 static int open_pipe_sock(void)
  78 {
  79         struct sockaddr_un sunaddr;
  80         static pid_t our_pid;
  81         struct stat st;
  82         pstring path;
  83
  84         if (our_pid != getpid()) {
  85                 if (established_socket != -1) {
  86                         close(established_socket);
  87                 }
  88                 established_socket = -1;
  89                 our_pid = getpid();
  90         }
  91
  92         if (established_socket != -1) {
  93                 return established_socket;
  94         }
  95
  96         /* Check permissions on unix socket directory */
  97
  98         if (lstat(WINBINDD_SOCKET_DIR, &st) == -1) {
  99                 return -1;
 100         }
 101
 102         if (!S_ISDIR(st.st_mode) || (st.st_uid != 0)) {
 103                 return -1;
 104         }
 105
 106         /* Connect to socket */
 107
 108         strncpy(path, WINBINDD_SOCKET_DIR, sizeof(path) - 1);
 109         path[sizeof(path) - 1] = '\0';
 110
 111         strncat(path, "/", sizeof(path) - 1);
 112         path[sizeof(path) - 1] = '\0';
 113
 114         strncat(path, WINBINDD_SOCKET_NAME, sizeof(path) - 1);
 115         path[sizeof(path) - 1] = '\0';
 116
 117         ZERO_STRUCT(sunaddr);
 118         sunaddr.sun_family = AF_UNIX;
 119         strncpy(sunaddr.sun_path, path, sizeof(sunaddr.sun_path) - 1);
 120
 121         /* If socket file doesn't exist, don't bother trying to connect
 122            with retry.  This is an attempt to make the system usable when
 123            the winbindd daemon is not running. */
 124
 125         if (lstat(path, &st) == -1) {
 126                 return -1;
 127         }
 128
 129         /* Check permissions on unix socket file */
 130
 131         if (!S_ISSOCK(st.st_mode) || (st.st_uid != 0)) {
 132                 return -1;
 133         }
 134
 135         /* Connect to socket */
 136
 137         if ((established_socket = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) {
 138                 return -1;
 139         }
 140
 141         if (connect(established_socket, (struct sockaddr *)&sunaddr,
 142                     sizeof(sunaddr)) == -1) {
 143                 close_sock();
 144                 return -1;
 145         }
 146
 147         return established_socket;
 148 }
 149
 150 /* Write data to winbindd socket with timeout */
 151
 152 int write_sock(void *buffer, int count)
 153 {
 154         int result, nwritten;
 155
 156         /* Open connection to winbind daemon */
 157
 158  restart:
 159
 160         if (open_pipe_sock() == -1) {
 161                 return -1;
 162         }
 163
 164         /* Write data to socket */
 165
 166         nwritten = 0;
 167
 168         while(nwritten < count) {
 169                 struct timeval tv;
 170                 fd_set r_fds;
 171                 int selret;
 172
 173                 /* Catch pipe close on other end by checking if a read()
 174                    call would not block by calling select(). */
 175
 176                 FD_ZERO(&r_fds);
 177                 FD_SET(established_socket, &r_fds);
 178                 ZERO_STRUCT(tv);
 179
 180                 if ((selret = select(established_socket + 1, &r_fds,
 181                                      NULL, NULL, &tv)) == -1) {
 182                         close_sock();
 183                         return -1;                   /* Select error */
 184                 }
 185
 186                 /* Write should be OK if fd not available for reading */
 187
 188                 if (!FD_ISSET(established_socket, &r_fds)) {
 189
 190                         /* Do the write */
 191
 192                         result = write(established_socket,
 193                                        (char *)buffer + nwritten,
 194                                        count - nwritten);
 195
 196                         if ((result == -1) || (result == 0)) {
 197
 198                                 /* Write failed */
 199
 200                                 close_sock();
 201                                 return -1;
 202                         }
 203
 204                         nwritten += result;
 205
 206                 } else {
 207
 208                         /* Pipe has closed on remote end */
 209
 210                         close_sock();
 211                         goto restart;
 212                 }
 213         }
 214
 215         return nwritten;
 216 }
 217
 218 /* Read data from winbindd socket with timeout */
 219
 220 static int read_sock(void *buffer, int count)
 221 {
 222         int result = 0, nread = 0;
 223
 224         /* Read data from socket */
 225
 226         while(nread < count) {
 227
 228                 result = read(established_socket, (char *)buffer + nread,
 229                               count - nread);
 230
 231                 if ((result == -1) || (result == 0)) {
 232
 233                         /* Read failed.  I think the only useful thing we
 234                            can do here is just return -1 and fail since the
 235                            transaction has failed half way through. */
 236
 237                         close_sock();
 238                         return -1;
 239                 }
 240
 241                 nread += result;
 242         }
 243
 244         return result;
 245 }
 246
 247 /* Read reply */
 248
 249 int read_reply(struct winbindd_response *response)
 250 {
 251         int result1, result2 = 0;
 252
 253         if (!response) {
 254                 return -1;
 255         }
 256
 257         /* Read fixed length response */
 258
 259         if ((result1 = read_sock(response, sizeof(struct winbindd_response)))
 260             == -1) {
 261
 262                 return -1;
 263         }
 264
 265         /* We actually send the pointer value of the extra_data field from
 266            the server.  This has no meaning in the client's address space
 267            so we clear it out. */
 268
 269         response->extra_data = NULL;
 270
 271         /* Read variable length response */
 272
 273         if (response->length > sizeof(struct winbindd_response)) {
 274                 int extra_data_len = response->length -
 275                         sizeof(struct winbindd_response);
 276
 277                 /* Mallocate memory for extra data */
 278
 279                 if (!(response->extra_data = malloc(extra_data_len))) {
 280                         return -1;
 281                 }
 282
 283                 if ((result2 = read_sock(response->extra_data, extra_data_len))
 284                     == -1) {
 285                         return -1;
 286                 }
 287         }
 288
 289         /* Return total amount of data read */
 290
 291         return result1 + result2;
 292 }
 293
 294 /* Free a response structure */
 295
 296 void free_response(struct winbindd_response *response)
 297 {
 298         /* Free any allocated extra_data */
 299
 300         if (response && response->extra_data) {
 301                 free(response->extra_data);
 302                 response->extra_data = NULL;
 303         }
 304 }
 305
 306 /* Handle simple types of requests */
 307
 308 enum nss_status winbindd_request(int req_type,
 309                                  struct winbindd_request *request,
 310                                  struct winbindd_response *response)
 311 {
 312         struct winbindd_request lrequest;
 313         struct winbindd_response lresponse;
 314
 315         /* Check for our tricky environment variable */
 316
 317         if (getenv(WINBINDD_DONT_ENV)) {
 318                 return NSS_STATUS_NOTFOUND;
 319         }
 320
 321         if (!response) {
 322                 ZERO_STRUCT(lresponse);
 323                 response = &lresponse;
 324         }
 325
 326         if (!request) {
 327                 ZERO_STRUCT(lrequest);
 328                 request = &lrequest;
 329         }
 330
 331         /* Fill in request and send down pipe */
 332
 333         init_request(request, req_type);
 334         init_response(response);
 335
 336         if (write_sock(request, sizeof(*request)) == -1) {
 337                 return NSS_STATUS_UNAVAIL;
 338         }
 339
 340         /* Wait for reply */
 341         if (read_reply(response) == -1) {
 342                 return NSS_STATUS_UNAVAIL;
 343         }
 344
 345         /* Throw away extra data if client didn't request it */
 346         if (response == &lresponse) {
 347                 free_response(response);
 348         }
 349
 350         /* Copy reply data from socket */
 351         if (response->result != WINBINDD_OK) {
 352                 return NSS_STATUS_NOTFOUND;
 353         }
 354
 355         return NSS_STATUS_SUCCESS;
 356 }