auth auth_log: csbuild unused parm unix_username
[Samba.git] / nsswitch / winbind_nss_linux.c
blob635813ccd6053451c683228c0fd6c22cfd1ec1a1
1 /*
2 Unix SMB/CIFS implementation.
4 Windows NT Domain nsswitch module
6 Copyright (C) Tim Potter 2000
8 This library is free software; you can redistribute it and/or
9 modify it under the terms of the GNU Lesser General Public
10 License as published by the Free Software Foundation; either
11 version 3 of the License, or (at your option) any later version.
13 This library is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Library General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "winbind_client.h"
24 #ifdef HAVE_PTHREAD_H
25 #include <pthread.h>
26 #endif
28 #ifdef HAVE_PTHREAD
29 static pthread_mutex_t winbind_nss_mutex = PTHREAD_MUTEX_INITIALIZER;
30 #endif
32 /* Maximum number of users to pass back over the unix domain socket
33 per call. This is not a static limit on the total number of users
34 or groups returned in total. */
36 #define MAX_GETPWENT_USERS 250
37 #define MAX_GETGRENT_USERS 250
39 /*************************************************************************
40 ************************************************************************/
42 #ifdef DEBUG_NSS
43 static const char *nss_err_str(NSS_STATUS ret)
45 switch (ret) {
46 case NSS_STATUS_TRYAGAIN:
47 return "NSS_STATUS_TRYAGAIN";
48 case NSS_STATUS_SUCCESS:
49 return "NSS_STATUS_SUCCESS";
50 case NSS_STATUS_NOTFOUND:
51 return "NSS_STATUS_NOTFOUND";
52 case NSS_STATUS_UNAVAIL:
53 return "NSS_STATUS_UNAVAIL";
54 #ifdef NSS_STATUS_RETURN
55 case NSS_STATUS_RETURN:
56 return "NSS_STATUS_RETURN";
57 #endif
58 default:
59 return "UNKNOWN RETURN CODE!!!!!!!";
62 #endif
64 /* Prototypes from wb_common.c */
66 /* Allocate some space from the nss static buffer. The buffer and buflen
67 are the pointers passed in by the C library to the _nss_ntdom_*
68 functions. */
70 static char *get_static(char **buffer, size_t *buflen, size_t len)
72 char *result;
74 /* Error check. We return false if things aren't set up right, or
75 there isn't enough buffer space left. */
77 if ((buffer == NULL) || (buflen == NULL) || (*buflen < len)) {
78 return NULL;
81 /* Return an index into the static buffer */
83 result = *buffer;
84 *buffer += len;
85 *buflen -= len;
87 return result;
90 /* I've copied the strtok() replacement function next_token_Xalloc() from
91 lib/util_str.c as I really don't want to have to link in any other
92 objects if I can possibly avoid it. */
94 static bool next_token_alloc(const char **ptr,
95 char **pp_buff,
96 const char *sep)
98 const char *s;
99 const char *saved_s;
100 char *pbuf;
101 bool quoted;
102 size_t len=1;
104 *pp_buff = NULL;
105 if (!ptr) {
106 return(false);
109 s = *ptr;
111 /* default to simple separators */
112 if (!sep) {
113 sep = " \t\n\r";
116 /* find the first non sep char */
117 while (*s && strchr(sep,*s)) {
118 s++;
121 /* nothing left? */
122 if (!*s) {
123 return false;
126 /* When restarting we need to go from here. */
127 saved_s = s;
129 /* Work out the length needed. */
130 for (quoted = false; *s &&
131 (quoted || !strchr(sep,*s)); s++) {
132 if (*s == '\"') {
133 quoted = !quoted;
134 } else {
135 len++;
139 /* We started with len = 1 so we have space for the nul. */
140 *pp_buff = (char *)malloc(len);
141 if (!*pp_buff) {
142 return false;
145 /* copy over the token */
146 pbuf = *pp_buff;
147 s = saved_s;
148 for (quoted = false; *s &&
149 (quoted || !strchr(sep,*s)); s++) {
150 if ( *s == '\"' ) {
151 quoted = !quoted;
152 } else {
153 *pbuf++ = *s;
157 *ptr = (*s) ? s+1 : s;
158 *pbuf = 0;
160 return true;
163 /* Fill a pwent structure from a winbindd_response structure. We use
164 the static data passed to us by libc to put strings and stuff in.
165 Return NSS_STATUS_TRYAGAIN if we run out of memory. */
167 static NSS_STATUS fill_pwent(struct passwd *result,
168 struct winbindd_pw *pw,
169 char **buffer, size_t *buflen)
171 size_t len;
173 /* User name */
174 len = strlen(pw->pw_name) + 1;
176 if ((result->pw_name =
177 get_static(buffer, buflen, len)) == NULL) {
179 /* Out of memory */
181 return NSS_STATUS_TRYAGAIN;
184 memcpy(result->pw_name, pw->pw_name, len);
186 /* Password */
187 len = strlen(pw->pw_passwd) + 1;
189 if ((result->pw_passwd =
190 get_static(buffer, buflen, len)) == NULL) {
192 /* Out of memory */
194 return NSS_STATUS_TRYAGAIN;
197 memcpy(result->pw_passwd, pw->pw_passwd, len);
199 /* [ug]id */
201 result->pw_uid = pw->pw_uid;
202 result->pw_gid = pw->pw_gid;
204 /* GECOS */
205 len = strlen(pw->pw_gecos) + 1;
207 if ((result->pw_gecos =
208 get_static(buffer, buflen, len)) == NULL) {
210 /* Out of memory */
212 return NSS_STATUS_TRYAGAIN;
215 memcpy(result->pw_gecos, pw->pw_gecos, len);
217 /* Home directory */
218 len = strlen(pw->pw_dir) + 1;
220 if ((result->pw_dir =
221 get_static(buffer, buflen, len)) == NULL) {
223 /* Out of memory */
225 return NSS_STATUS_TRYAGAIN;
228 memcpy(result->pw_dir, pw->pw_dir, len);
230 /* Logon shell */
231 len = strlen(pw->pw_shell) + 1;
233 if ((result->pw_shell =
234 get_static(buffer, buflen, len)) == NULL) {
236 /* Out of memory */
238 return NSS_STATUS_TRYAGAIN;
241 memcpy(result->pw_shell, pw->pw_shell, len);
243 /* The struct passwd for Solaris has some extra fields which must
244 be initialised or nscd crashes. */
246 #ifdef HAVE_PASSWD_PW_COMMENT
247 result->pw_comment = "";
248 #endif
250 #ifdef HAVE_PASSWD_PW_AGE
251 result->pw_age = "";
252 #endif
254 return NSS_STATUS_SUCCESS;
257 /* Fill a grent structure from a winbindd_response structure. We use
258 the static data passed to us by libc to put strings and stuff in.
259 Return NSS_STATUS_TRYAGAIN if we run out of memory. */
261 static NSS_STATUS fill_grent(struct group *result, struct winbindd_gr *gr,
262 const char *gr_mem, char **buffer, size_t *buflen)
264 char *name;
265 int i;
266 char *tst;
267 size_t len;
269 /* Group name */
270 len = strlen(gr->gr_name) + 1;
272 if ((result->gr_name =
273 get_static(buffer, buflen, len)) == NULL) {
275 /* Out of memory */
277 return NSS_STATUS_TRYAGAIN;
280 memcpy(result->gr_name, gr->gr_name, len);
282 /* Password */
283 len = strlen(gr->gr_passwd) + 1;
285 if ((result->gr_passwd =
286 get_static(buffer, buflen, len)) == NULL) {
288 /* Out of memory */
289 return NSS_STATUS_TRYAGAIN;
292 memcpy(result->gr_passwd, gr->gr_passwd, len);
294 /* gid */
296 result->gr_gid = gr->gr_gid;
298 /* Group membership */
300 if (!gr_mem) {
301 gr->num_gr_mem = 0;
304 /* this next value is a pointer to a pointer so let's align it */
306 /* Calculate number of extra bytes needed to align on pointer size boundry */
307 if ((i = (unsigned long)(*buffer) % sizeof(char*)) != 0)
308 i = sizeof(char*) - i;
310 if ((tst = get_static(buffer, buflen, ((gr->num_gr_mem + 1) *
311 sizeof(char *)+i))) == NULL) {
313 /* Out of memory */
315 return NSS_STATUS_TRYAGAIN;
317 result->gr_mem = (char **)(tst + i);
319 if (gr->num_gr_mem == 0) {
321 /* Group is empty */
323 *(result->gr_mem) = NULL;
324 return NSS_STATUS_SUCCESS;
327 /* Start looking at extra data */
329 i = 0;
331 while(next_token_alloc((const char **)&gr_mem, &name, ",")) {
332 /* Allocate space for member */
333 len = strlen(name) + 1;
335 if (((result->gr_mem)[i] =
336 get_static(buffer, buflen, len)) == NULL) {
337 free(name);
338 /* Out of memory */
339 return NSS_STATUS_TRYAGAIN;
341 memcpy((result->gr_mem)[i], name, len);
342 free(name);
343 i++;
346 /* Terminate list */
348 (result->gr_mem)[i] = NULL;
350 return NSS_STATUS_SUCCESS;
354 * NSS user functions
357 static struct winbindd_response getpwent_response;
359 static int ndx_pw_cache; /* Current index into pwd cache */
360 static int num_pw_cache; /* Current size of pwd cache */
362 /* Rewind "file pointer" to start of ntdom password database */
364 NSS_STATUS
365 _nss_winbind_setpwent(void)
367 NSS_STATUS ret;
368 #ifdef DEBUG_NSS
369 fprintf(stderr, "[%5d]: setpwent\n", getpid());
370 #endif
372 #ifdef HAVE_PTHREAD
373 pthread_mutex_lock(&winbind_nss_mutex);
374 #endif
376 if (num_pw_cache > 0) {
377 ndx_pw_cache = num_pw_cache = 0;
378 winbindd_free_response(&getpwent_response);
381 winbind_set_client_name("nss_winbind");
382 ret = winbindd_request_response(NULL, WINBINDD_SETPWENT, NULL, NULL);
383 #ifdef DEBUG_NSS
384 fprintf(stderr, "[%5d]: setpwent returns %s (%d)\n", getpid(),
385 nss_err_str(ret), ret);
386 #endif
388 #ifdef HAVE_PTHREAD
389 pthread_mutex_unlock(&winbind_nss_mutex);
390 #endif
391 return ret;
394 /* Close ntdom password database "file pointer" */
396 NSS_STATUS
397 _nss_winbind_endpwent(void)
399 NSS_STATUS ret;
400 #ifdef DEBUG_NSS
401 fprintf(stderr, "[%5d]: endpwent\n", getpid());
402 #endif
404 #ifdef HAVE_PTHREAD
405 pthread_mutex_lock(&winbind_nss_mutex);
406 #endif
408 if (num_pw_cache > 0) {
409 ndx_pw_cache = num_pw_cache = 0;
410 winbindd_free_response(&getpwent_response);
413 winbind_set_client_name("nss_winbind");
414 ret = winbindd_request_response(NULL, WINBINDD_ENDPWENT, NULL, NULL);
415 #ifdef DEBUG_NSS
416 fprintf(stderr, "[%5d]: endpwent returns %s (%d)\n", getpid(),
417 nss_err_str(ret), ret);
418 #endif
420 #ifdef HAVE_PTHREAD
421 pthread_mutex_unlock(&winbind_nss_mutex);
422 #endif
424 return ret;
427 /* Fetch the next password entry from ntdom password database */
429 NSS_STATUS
430 _nss_winbind_getpwent_r(struct passwd *result, char *buffer,
431 size_t buflen, int *errnop)
433 NSS_STATUS ret;
434 struct winbindd_request request;
435 static int called_again;
437 #ifdef DEBUG_NSS
438 fprintf(stderr, "[%5d]: getpwent\n", getpid());
439 #endif
441 #ifdef HAVE_PTHREAD
442 pthread_mutex_lock(&winbind_nss_mutex);
443 #endif
445 /* Return an entry from the cache if we have one, or if we are
446 called again because we exceeded our static buffer. */
448 if ((ndx_pw_cache < num_pw_cache) || called_again) {
449 goto return_result;
452 /* Else call winbindd to get a bunch of entries */
454 if (num_pw_cache > 0) {
455 winbindd_free_response(&getpwent_response);
458 ZERO_STRUCT(request);
459 ZERO_STRUCT(getpwent_response);
461 request.data.num_entries = MAX_GETPWENT_USERS;
463 winbind_set_client_name("nss_winbind");
464 ret = winbindd_request_response(NULL, WINBINDD_GETPWENT, &request,
465 &getpwent_response);
467 if (ret == NSS_STATUS_SUCCESS) {
468 struct winbindd_pw *pw_cache;
470 /* Fill cache */
472 ndx_pw_cache = 0;
473 num_pw_cache = getpwent_response.data.num_entries;
475 /* Return a result */
477 return_result:
479 pw_cache = (struct winbindd_pw *)
480 getpwent_response.extra_data.data;
482 /* Check data is valid */
484 if (pw_cache == NULL) {
485 ret = NSS_STATUS_NOTFOUND;
486 goto done;
489 ret = fill_pwent(result, &pw_cache[ndx_pw_cache],
490 &buffer, &buflen);
492 /* Out of memory - try again */
494 if (ret == NSS_STATUS_TRYAGAIN) {
495 called_again = true;
496 *errnop = errno = ERANGE;
497 goto done;
500 *errnop = errno = 0;
501 called_again = false;
502 ndx_pw_cache++;
504 /* If we've finished with this lot of results free cache */
506 if (ndx_pw_cache == num_pw_cache) {
507 ndx_pw_cache = num_pw_cache = 0;
508 winbindd_free_response(&getpwent_response);
511 done:
512 #ifdef DEBUG_NSS
513 fprintf(stderr, "[%5d]: getpwent returns %s (%d)\n", getpid(),
514 nss_err_str(ret), ret);
515 #endif
517 #ifdef HAVE_PTHREAD
518 pthread_mutex_unlock(&winbind_nss_mutex);
519 #endif
520 return ret;
523 /* Return passwd struct from uid */
525 NSS_STATUS
526 _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result, char *buffer,
527 size_t buflen, int *errnop)
529 NSS_STATUS ret;
530 static struct winbindd_response response;
531 struct winbindd_request request;
532 static int keep_response;
534 #ifdef DEBUG_NSS
535 fprintf(stderr, "[%5d]: getpwuid_r %d\n", getpid(), (unsigned int)uid);
536 #endif
538 #ifdef HAVE_PTHREAD
539 pthread_mutex_lock(&winbind_nss_mutex);
540 #endif
542 /* If our static buffer needs to be expanded we are called again */
543 if (!keep_response || uid != response.data.pw.pw_uid) {
545 /* Call for the first time */
547 response = (struct winbindd_response) {
548 .length = 0,
550 request = (struct winbindd_request) {
551 .wb_flags = WBFLAG_FROM_NSS,
552 .data = {
553 .uid = uid,
557 winbind_set_client_name("nss_winbind");
558 ret = winbindd_request_response(NULL, WINBINDD_GETPWUID, &request, &response);
560 if (ret == NSS_STATUS_SUCCESS) {
561 ret = fill_pwent(result, &response.data.pw,
562 &buffer, &buflen);
564 if (ret == NSS_STATUS_TRYAGAIN) {
565 keep_response = true;
566 *errnop = errno = ERANGE;
567 goto done;
571 } else {
573 /* We've been called again */
575 ret = fill_pwent(result, &response.data.pw, &buffer, &buflen);
577 if (ret == NSS_STATUS_TRYAGAIN) {
578 *errnop = errno = ERANGE;
579 goto done;
582 keep_response = false;
583 *errnop = errno = 0;
586 winbindd_free_response(&response);
588 done:
590 #ifdef DEBUG_NSS
591 fprintf(stderr, "[%5d]: getpwuid %d returns %s (%d)\n", getpid(),
592 (unsigned int)uid, nss_err_str(ret), ret);
593 #endif
595 #ifdef HAVE_PTHREAD
596 pthread_mutex_unlock(&winbind_nss_mutex);
597 #endif
599 return ret;
602 /* Return passwd struct from username */
603 NSS_STATUS
604 _nss_winbind_getpwnam_r(const char *name, struct passwd *result, char *buffer,
605 size_t buflen, int *errnop)
607 NSS_STATUS ret;
608 static struct winbindd_response response;
609 struct winbindd_request request;
610 static int keep_response;
612 #ifdef DEBUG_NSS
613 fprintf(stderr, "[%5d]: getpwnam_r %s\n", getpid(), name);
614 #endif
616 #ifdef HAVE_PTHREAD
617 pthread_mutex_lock(&winbind_nss_mutex);
618 #endif
620 /* If our static buffer needs to be expanded we are called again */
622 if (!keep_response || strcmp(name,response.data.pw.pw_name) != 0) {
624 /* Call for the first time */
626 response = (struct winbindd_response) {
627 .length = 0,
629 request = (struct winbindd_request) {
630 .wb_flags = WBFLAG_FROM_NSS,
633 strncpy(request.data.username, name,
634 sizeof(request.data.username) - 1);
635 request.data.username
636 [sizeof(request.data.username) - 1] = '\0';
638 winbind_set_client_name("nss_winbind");
639 ret = winbindd_request_response(NULL, WINBINDD_GETPWNAM, &request, &response);
641 if (ret == NSS_STATUS_SUCCESS) {
642 ret = fill_pwent(result, &response.data.pw, &buffer,
643 &buflen);
645 if (ret == NSS_STATUS_TRYAGAIN) {
646 keep_response = true;
647 *errnop = errno = ERANGE;
648 goto done;
652 } else {
654 /* We've been called again */
656 ret = fill_pwent(result, &response.data.pw, &buffer, &buflen);
658 if (ret == NSS_STATUS_TRYAGAIN) {
659 keep_response = true;
660 *errnop = errno = ERANGE;
661 goto done;
664 keep_response = false;
665 *errnop = errno = 0;
668 winbindd_free_response(&response);
669 done:
670 #ifdef DEBUG_NSS
671 fprintf(stderr, "[%5d]: getpwnam %s returns %s (%d)\n", getpid(),
672 name, nss_err_str(ret), ret);
673 #endif
675 #ifdef HAVE_PTHREAD
676 pthread_mutex_unlock(&winbind_nss_mutex);
677 #endif
679 return ret;
683 * NSS group functions
686 static struct winbindd_response getgrent_response;
688 static int ndx_gr_cache; /* Current index into grp cache */
689 static int num_gr_cache; /* Current size of grp cache */
691 /* Rewind "file pointer" to start of ntdom group database */
693 NSS_STATUS
694 _nss_winbind_setgrent(void)
696 NSS_STATUS ret;
697 #ifdef DEBUG_NSS
698 fprintf(stderr, "[%5d]: setgrent\n", getpid());
699 #endif
701 #ifdef HAVE_PTHREAD
702 pthread_mutex_lock(&winbind_nss_mutex);
703 #endif
705 if (num_gr_cache > 0) {
706 ndx_gr_cache = num_gr_cache = 0;
707 winbindd_free_response(&getgrent_response);
710 winbind_set_client_name("nss_winbind");
711 ret = winbindd_request_response(NULL, WINBINDD_SETGRENT, NULL, NULL);
712 #ifdef DEBUG_NSS
713 fprintf(stderr, "[%5d]: setgrent returns %s (%d)\n", getpid(),
714 nss_err_str(ret), ret);
715 #endif
717 #ifdef HAVE_PTHREAD
718 pthread_mutex_unlock(&winbind_nss_mutex);
719 #endif
721 return ret;
724 /* Close "file pointer" for ntdom group database */
726 NSS_STATUS
727 _nss_winbind_endgrent(void)
729 NSS_STATUS ret;
730 #ifdef DEBUG_NSS
731 fprintf(stderr, "[%5d]: endgrent\n", getpid());
732 #endif
734 #ifdef HAVE_PTHREAD
735 pthread_mutex_lock(&winbind_nss_mutex);
736 #endif
738 if (num_gr_cache > 0) {
739 ndx_gr_cache = num_gr_cache = 0;
740 winbindd_free_response(&getgrent_response);
743 winbind_set_client_name("nss_winbind");
744 ret = winbindd_request_response(NULL, WINBINDD_ENDGRENT, NULL, NULL);
745 #ifdef DEBUG_NSS
746 fprintf(stderr, "[%5d]: endgrent returns %s (%d)\n", getpid(),
747 nss_err_str(ret), ret);
748 #endif
750 #ifdef HAVE_PTHREAD
751 pthread_mutex_unlock(&winbind_nss_mutex);
752 #endif
754 return ret;
757 /* Get next entry from ntdom group database */
759 static NSS_STATUS
760 winbind_getgrent(enum winbindd_cmd cmd,
761 struct group *result,
762 char *buffer, size_t buflen, int *errnop)
764 NSS_STATUS ret;
765 static struct winbindd_request request;
766 static int called_again;
769 #ifdef DEBUG_NSS
770 fprintf(stderr, "[%5d]: getgrent\n", getpid());
771 #endif
773 #ifdef HAVE_PTHREAD
774 pthread_mutex_lock(&winbind_nss_mutex);
775 #endif
777 /* Return an entry from the cache if we have one, or if we are
778 called again because we exceeded our static buffer. */
780 if ((ndx_gr_cache < num_gr_cache) || called_again) {
781 goto return_result;
784 /* Else call winbindd to get a bunch of entries */
786 if (num_gr_cache > 0) {
787 winbindd_free_response(&getgrent_response);
790 ZERO_STRUCT(request);
791 ZERO_STRUCT(getgrent_response);
793 request.data.num_entries = MAX_GETGRENT_USERS;
795 winbind_set_client_name("nss_winbind");
796 ret = winbindd_request_response(NULL, cmd, &request,
797 &getgrent_response);
799 if (ret == NSS_STATUS_SUCCESS) {
800 struct winbindd_gr *gr_cache;
801 int mem_ofs;
803 /* Fill cache */
805 ndx_gr_cache = 0;
806 num_gr_cache = getgrent_response.data.num_entries;
808 /* Return a result */
810 return_result:
812 gr_cache = (struct winbindd_gr *)
813 getgrent_response.extra_data.data;
815 /* Check data is valid */
817 if (gr_cache == NULL) {
818 ret = NSS_STATUS_NOTFOUND;
819 goto done;
822 /* Fill group membership. The offset into the extra data
823 for the group membership is the reported offset plus the
824 size of all the winbindd_gr records returned. */
826 mem_ofs = gr_cache[ndx_gr_cache].gr_mem_ofs +
827 num_gr_cache * sizeof(struct winbindd_gr);
829 ret = fill_grent(result, &gr_cache[ndx_gr_cache],
830 ((char *)getgrent_response.extra_data.data)+mem_ofs,
831 &buffer, &buflen);
833 /* Out of memory - try again */
835 if (ret == NSS_STATUS_TRYAGAIN) {
836 called_again = true;
837 *errnop = errno = ERANGE;
838 goto done;
841 *errnop = 0;
842 called_again = false;
843 ndx_gr_cache++;
845 /* If we've finished with this lot of results free cache */
847 if (ndx_gr_cache == num_gr_cache) {
848 ndx_gr_cache = num_gr_cache = 0;
849 winbindd_free_response(&getgrent_response);
852 done:
853 #ifdef DEBUG_NSS
854 fprintf(stderr, "[%5d]: getgrent returns %s (%d)\n", getpid(),
855 nss_err_str(ret), ret);
856 #endif
858 #ifdef HAVE_PTHREAD
859 pthread_mutex_unlock(&winbind_nss_mutex);
860 #endif
862 return ret;
866 NSS_STATUS
867 _nss_winbind_getgrent_r(struct group *result,
868 char *buffer, size_t buflen, int *errnop)
870 return winbind_getgrent(WINBINDD_GETGRENT, result, buffer, buflen, errnop);
873 NSS_STATUS
874 _nss_winbind_getgrlst_r(struct group *result,
875 char *buffer, size_t buflen, int *errnop)
877 return winbind_getgrent(WINBINDD_GETGRLST, result, buffer, buflen, errnop);
880 /* Return group struct from group name */
882 NSS_STATUS
883 _nss_winbind_getgrnam_r(const char *name,
884 struct group *result, char *buffer,
885 size_t buflen, int *errnop)
887 NSS_STATUS ret;
888 static struct winbindd_response response;
889 struct winbindd_request request;
890 static int keep_response;
892 #ifdef DEBUG_NSS
893 fprintf(stderr, "[%5d]: getgrnam %s\n", getpid(), name);
894 #endif
896 #ifdef HAVE_PTHREAD
897 pthread_mutex_lock(&winbind_nss_mutex);
898 #endif
900 /* If our static buffer needs to be expanded we are called again */
901 /* Or if the stored response group name differs from the request. */
903 if (!keep_response || strcmp(name,response.data.gr.gr_name) != 0) {
905 /* Call for the first time */
907 response = (struct winbindd_response) {
908 .length = 0,
910 request = (struct winbindd_request) {
911 .wb_flags = WBFLAG_FROM_NSS,
914 strncpy(request.data.groupname, name,
915 sizeof(request.data.groupname));
916 request.data.groupname
917 [sizeof(request.data.groupname) - 1] = '\0';
919 winbind_set_client_name("nss_winbind");
920 ret = winbindd_request_response(NULL, WINBINDD_GETGRNAM,
921 &request, &response);
923 if (ret == NSS_STATUS_SUCCESS) {
924 ret = fill_grent(result, &response.data.gr,
925 (char *)response.extra_data.data,
926 &buffer, &buflen);
928 if (ret == NSS_STATUS_TRYAGAIN) {
929 keep_response = true;
930 *errnop = errno = ERANGE;
931 goto done;
935 } else {
937 /* We've been called again */
939 ret = fill_grent(result, &response.data.gr,
940 (char *)response.extra_data.data, &buffer,
941 &buflen);
943 if (ret == NSS_STATUS_TRYAGAIN) {
944 keep_response = true;
945 *errnop = errno = ERANGE;
946 goto done;
949 keep_response = false;
950 *errnop = 0;
953 winbindd_free_response(&response);
954 done:
955 #ifdef DEBUG_NSS
956 fprintf(stderr, "[%5d]: getgrnam %s returns %s (%d)\n", getpid(),
957 name, nss_err_str(ret), ret);
958 #endif
960 #ifdef HAVE_PTHREAD
961 pthread_mutex_unlock(&winbind_nss_mutex);
962 #endif
964 return ret;
967 /* Return group struct from gid */
969 NSS_STATUS
970 _nss_winbind_getgrgid_r(gid_t gid,
971 struct group *result, char *buffer,
972 size_t buflen, int *errnop)
974 NSS_STATUS ret;
975 static struct winbindd_response response;
976 struct winbindd_request request;
977 static int keep_response;
979 #ifdef DEBUG_NSS
980 fprintf(stderr, "[%5d]: getgrgid %d\n", getpid(), gid);
981 #endif
983 #ifdef HAVE_PTHREAD
984 pthread_mutex_lock(&winbind_nss_mutex);
985 #endif
987 /* If our static buffer needs to be expanded we are called again */
988 /* Or if the stored response group name differs from the request. */
990 if (!keep_response || gid != response.data.gr.gr_gid) {
992 /* Call for the first time */
994 response = (struct winbindd_response) {
995 .length = 0,
997 request = (struct winbindd_request) {
998 .wb_flags = WBFLAG_FROM_NSS,
1002 request.data.gid = gid;
1004 winbind_set_client_name("nss_winbind");
1005 ret = winbindd_request_response(NULL, WINBINDD_GETGRGID,
1006 &request, &response);
1008 if (ret == NSS_STATUS_SUCCESS) {
1010 ret = fill_grent(result, &response.data.gr,
1011 (char *)response.extra_data.data,
1012 &buffer, &buflen);
1014 if (ret == NSS_STATUS_TRYAGAIN) {
1015 keep_response = true;
1016 *errnop = errno = ERANGE;
1017 goto done;
1021 } else {
1023 /* We've been called again */
1025 ret = fill_grent(result, &response.data.gr,
1026 (char *)response.extra_data.data, &buffer,
1027 &buflen);
1029 if (ret == NSS_STATUS_TRYAGAIN) {
1030 keep_response = true;
1031 *errnop = errno = ERANGE;
1032 goto done;
1035 keep_response = false;
1036 *errnop = 0;
1039 winbindd_free_response(&response);
1040 done:
1041 #ifdef DEBUG_NSS
1042 fprintf(stderr, "[%5d]: getgrgid %d returns %s (%d)\n", getpid(),
1043 (unsigned int)gid, nss_err_str(ret), ret);
1044 #endif
1046 #ifdef HAVE_PTHREAD
1047 pthread_mutex_unlock(&winbind_nss_mutex);
1048 #endif
1049 return ret;
1052 /* Initialise supplementary groups */
1054 NSS_STATUS
1055 _nss_winbind_initgroups_dyn(const char *user, gid_t group, long int *start,
1056 long int *size, gid_t **groups, long int limit,
1057 int *errnop)
1059 NSS_STATUS ret;
1060 struct winbindd_request request;
1061 struct winbindd_response response;
1062 int i;
1064 #ifdef DEBUG_NSS
1065 fprintf(stderr, "[%5d]: initgroups %s (%d)\n", getpid(),
1066 user, group);
1067 #endif
1069 #ifdef HAVE_PTHREAD
1070 pthread_mutex_lock(&winbind_nss_mutex);
1071 #endif
1073 ZERO_STRUCT(request);
1074 ZERO_STRUCT(response);
1076 strncpy(request.data.username, user,
1077 sizeof(request.data.username) - 1);
1079 winbind_set_client_name("nss_winbind");
1080 ret = winbindd_request_response(NULL, WINBINDD_GETGROUPS,
1081 &request, &response);
1083 if (ret == NSS_STATUS_SUCCESS) {
1084 int num_gids = response.data.num_entries;
1085 gid_t *gid_list = (gid_t *)response.extra_data.data;
1087 #ifdef DEBUG_NSS
1088 fprintf(stderr, "[%5d]: initgroups %s: got NSS_STATUS_SUCCESS "
1089 "and %d gids\n", getpid(),
1090 user, num_gids);
1091 #endif
1092 if (gid_list == NULL) {
1093 ret = NSS_STATUS_NOTFOUND;
1094 goto done;
1097 /* Copy group list to client */
1099 for (i = 0; i < num_gids; i++) {
1101 #ifdef DEBUG_NSS
1102 fprintf(stderr, "[%5d]: initgroups %s (%d): "
1103 "processing gid %d \n", getpid(),
1104 user, group, gid_list[i]);
1105 #endif
1107 /* Skip primary group */
1109 if (gid_list[i] == group) {
1110 continue;
1113 /* Skip groups without a mapping */
1114 if (gid_list[i] == (uid_t)-1) {
1115 continue;
1118 /* Filled buffer ? If so, resize. */
1120 if (*start == *size) {
1121 long int newsize;
1122 gid_t *newgroups;
1124 newsize = 2 * (*size);
1125 if (limit > 0) {
1126 if (*size == limit) {
1127 goto done;
1129 if (newsize > limit) {
1130 newsize = limit;
1134 newgroups = (gid_t *)
1135 realloc((*groups),
1136 newsize * sizeof(**groups));
1137 if (!newgroups) {
1138 *errnop = ENOMEM;
1139 ret = NSS_STATUS_NOTFOUND;
1140 goto done;
1142 *groups = newgroups;
1143 *size = newsize;
1146 /* Add to buffer */
1148 (*groups)[*start] = gid_list[i];
1149 *start += 1;
1153 /* Back to your regularly scheduled programming */
1155 done:
1156 #ifdef DEBUG_NSS
1157 fprintf(stderr, "[%5d]: initgroups %s returns %s (%d)\n", getpid(),
1158 user, nss_err_str(ret), ret);
1159 #endif
1161 #ifdef HAVE_PTHREAD
1162 pthread_mutex_unlock(&winbind_nss_mutex);
1163 #endif
1165 return ret;