search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
nss_wrapper: add missing return in nwrap_module_init().
[Samba/fernandojvsilva.git] / lib / nss_wrapper / nss_wrapper.c
blob0e02e05cc3f8645de3917136b13eaabc8389aa7b
1 /*
2 * Copyright (C) Stefan Metzmacher 2007 <metze@samba.org>
3 *
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the author nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #ifdef _SAMBA_BUILD_
35
36 #define NSS_WRAPPER_NOT_REPLACE
37 #include "../replace/replace.h"
38 #include "system/passwd.h"
39 #include "system/filesys.h"
40 #include "../nsswitch/nsstest.h"
41
42 #else /* _SAMBA_BUILD_ */
43
44 #error nss_wrapper_only_supported_in_samba_yet
45
46 #endif
47
48 #ifndef _PUBLIC_
49 #define _PUBLIC_
50 #endif
51
52 /* not all systems have _r functions... */
53 #ifndef HAVE_GETPWNAM_R
54 #define getpwnam_r(name, pwdst, buf, buflen, pwdstp) ENOSYS
55 #endif
56 #ifndef HAVE_GETPWUID_R
57 #define getpwuid_r(uid, pwdst, buf, buflen, pwdstp) ENOSYS
58 #endif
59 #ifndef HAVE_GETPWENT_R
60 #define getpwent_r(pwdst, buf, buflen, pwdstp) ENOSYS
61 #endif
62 #ifndef HAVE_GETGRNAM_R
63 #define getgrnam_r(name, grdst, buf, buflen, grdstp) ENOSYS
64 #endif
65 #ifndef HAVE_GETGRGID_R
66 #define getgrgid_r(gid, grdst, buf, buflen, grdstp) ENOSYS
67 #endif
68 #ifndef HAVE_GETGRENT_R
69 #define getgrent_r(grdst, buf, buflen, grdstp) ENOSYS
70 #endif
71
72 /* not all systems have getgrouplist */
73 #ifndef HAVE_GETGROUPLIST
74 #define getgrouplist(user, group, groups, ngroups) 0
75 #endif
76
77 /* LD_PRELOAD doesn't work yet, so REWRITE_CALLS is all we support
78 * for now */
79 #define REWRITE_CALLS
80
81 #ifdef REWRITE_CALLS
82
83 #define real_getpwnam getpwnam
84 #define real_getpwnam_r getpwnam_r
85 #define real_getpwuid getpwuid
86 #define real_getpwuid_r getpwuid_r
87
88 #define real_setpwent setpwent
89 #define real_getpwent getpwent
90 #define real_getpwent_r getpwent_r
91 #define real_endpwent endpwent
92
93 /*
94 #define real_getgrlst getgrlst
95 #define real_getgrlst_r getgrlst_r
96 #define real_initgroups_dyn initgroups_dyn
97 */
98 #define real_initgroups initgroups
99 #define real_getgrouplist getgrouplist
100
101 #define real_getgrnam getgrnam
102 #define real_getgrnam_r getgrnam_r
103 #define real_getgrgid getgrgid
104 #define real_getgrgid_r getgrgid_r
105
106 #define real_setgrent setgrent
107 #define real_getgrent getgrent
108 #define real_getgrent_r getgrent_r
109 #define real_endgrent endgrent
110
111 #endif
112
113 #if 0
114 # ifdef DEBUG
115 # define NWRAP_ERROR(args) DEBUG(0, args)
116 # else
117 # define NWRAP_ERROR(args) printf args
118 # endif
119 #else
120 #define NWRAP_ERROR(args)
121 #endif
122
123 #if 0
124 # ifdef DEBUG
125 # define NWRAP_DEBUG(args) DEBUG(0, args)
126 # else
127 # define NWRAP_DEBUG(args) printf args
128 # endif
129 #else
130 #define NWRAP_DEBUG(args)
131 #endif
132
133 #if 0
134 # ifdef DEBUG
135 # define NWRAP_VERBOSE(args) DEBUG(0, args)
136 # else
137 # define NWRAP_VERBOSE(args) printf args
138 # endif
139 #else
140 #define NWRAP_VERBOSE(args)
141 #endif
142
143 struct nwrap_module_nss_fns {
144 NSS_STATUS (*_nss_getpwnam_r)(const char *name, struct passwd *result, char *buffer,
145 size_t buflen, int *errnop);
146 NSS_STATUS (*_nss_getpwuid_r)(uid_t uid, struct passwd *result, char *buffer,
147 size_t buflen, int *errnop);
148 NSS_STATUS (*_nss_setpwent)(void);
149 NSS_STATUS (*_nss_getpwent_r)(struct passwd *result, char *buffer,
150 size_t buflen, int *errnop);
151 NSS_STATUS (*_nss_endpwent)(void);
152 NSS_STATUS (*_nss_initgroups)(const char *user, gid_t group, long int *start,
153 long int *size, gid_t **groups, long int limit, int *errnop);
154 NSS_STATUS (*_nss_getgrnam_r)(const char *name, struct group *result, char *buffer,
155 size_t buflen, int *errnop);
156 NSS_STATUS (*_nss_getgrgid_r)(gid_t gid, struct group *result, char *buffer,
157 size_t buflen, int *errnop);
158 NSS_STATUS (*_nss_setgrent)(void);
159 NSS_STATUS (*_nss_getgrent_r)(struct group *result, char *buffer,
160 size_t buflen, int *errnop);
161 NSS_STATUS (*_nss_endgrent)(void);
162 };
163
164 struct nwrap_backend {
165 const char *name;
166 const char *so_path;
167 void *so_handle;
168 struct nwrap_ops *ops;
169 struct nwrap_module_nss_fns *fns;
170 };
171
172 struct nwrap_ops {
173 struct passwd * (*nw_getpwnam)(struct nwrap_backend *b,
174 const char *name);
175 int (*nw_getpwnam_r)(struct nwrap_backend *b,
176 const char *name, struct passwd *pwdst,
177 char *buf, size_t buflen, struct passwd **pwdstp);
178 struct passwd * (*nw_getpwuid)(struct nwrap_backend *b,
179 uid_t uid);
180 int (*nw_getpwuid_r)(struct nwrap_backend *b,
181 uid_t uid, struct passwd *pwdst,
182 char *buf, size_t buflen, struct passwd **pwdstp);
183 void (*nw_setpwent)(struct nwrap_backend *b);
184 struct passwd * (*nw_getpwent)(struct nwrap_backend *b);
185 int (*nw_getpwent_r)(struct nwrap_backend *b,
186 struct passwd *pwdst, char *buf,
187 size_t buflen, struct passwd **pwdstp);
188 void (*nw_endpwent)(struct nwrap_backend *b);
189 int (*nw_initgroups)(struct nwrap_backend *b,
190 const char *user, gid_t group);
191 struct group * (*nw_getgrnam)(struct nwrap_backend *b,
192 const char *name);
193 int (*nw_getgrnam_r)(struct nwrap_backend *b,
194 const char *name, struct group *grdst,
195 char *buf, size_t buflen, struct group **grdstp);
196 struct group * (*nw_getgrgid)(struct nwrap_backend *b,
197 gid_t gid);
198 int (*nw_getgrgid_r)(struct nwrap_backend *b,
199 gid_t gid, struct group *grdst,
200 char *buf, size_t buflen, struct group **grdstp);
201 void (*nw_setgrent)(struct nwrap_backend *b);
202 struct group * (*nw_getgrent)(struct nwrap_backend *b);
203 int (*nw_getgrent_r)(struct nwrap_backend *b,
204 struct group *grdst, char *buf,
205 size_t buflen, struct group **grdstp);
206 void (*nw_endgrent)(struct nwrap_backend *b);
207 };
208
209 /* protoypes for files backend */
210
211
212 static struct passwd *nwrap_files_getpwnam(struct nwrap_backend *b,
213 const char *name);
214 static int nwrap_files_getpwnam_r(struct nwrap_backend *b,
215 const char *name, struct passwd *pwdst,
216 char *buf, size_t buflen, struct passwd **pwdstp);
217 static struct passwd *nwrap_files_getpwuid(struct nwrap_backend *b,
218 uid_t uid);
219 static int nwrap_files_getpwuid_r(struct nwrap_backend *b,
220 uid_t uid, struct passwd *pwdst,
221 char *buf, size_t buflen, struct passwd **pwdstp);
222 static void nwrap_files_setpwent(struct nwrap_backend *b);
223 static struct passwd *nwrap_files_getpwent(struct nwrap_backend *b);
224 static int nwrap_files_getpwent_r(struct nwrap_backend *b,
225 struct passwd *pwdst, char *buf,
226 size_t buflen, struct passwd **pwdstp);
227 static void nwrap_files_endpwent(struct nwrap_backend *b);
228 static int nwrap_files_initgroups(struct nwrap_backend *b,
229 const char *user, gid_t group);
230 static struct group *nwrap_files_getgrnam(struct nwrap_backend *b,
231 const char *name);
232 static int nwrap_files_getgrnam_r(struct nwrap_backend *b,
233 const char *name, struct group *grdst,
234 char *buf, size_t buflen, struct group **grdstp);
235 static struct group *nwrap_files_getgrgid(struct nwrap_backend *b,
236 gid_t gid);
237 static int nwrap_files_getgrgid_r(struct nwrap_backend *b,
238 gid_t gid, struct group *grdst,
239 char *buf, size_t buflen, struct group **grdstp);
240 static void nwrap_files_setgrent(struct nwrap_backend *b);
241 static struct group *nwrap_files_getgrent(struct nwrap_backend *b);
242 static int nwrap_files_getgrent_r(struct nwrap_backend *b,
243 struct group *grdst, char *buf,
244 size_t buflen, struct group **grdstp);
245 static void nwrap_files_endgrent(struct nwrap_backend *b);
246
247 /* protoypes for module backend */
248
249 static struct passwd *nwrap_module_getpwent(struct nwrap_backend *b);
250 static int nwrap_module_getpwent_r(struct nwrap_backend *b,
251 struct passwd *pwdst, char *buf,
252 size_t buflen, struct passwd **pwdstp);
253 static struct passwd *nwrap_module_getpwnam(struct nwrap_backend *b,
254 const char *name);
255 static int nwrap_module_getpwnam_r(struct nwrap_backend *b,
256 const char *name, struct passwd *pwdst,
257 char *buf, size_t buflen, struct passwd **pwdstp);
258 static struct passwd *nwrap_module_getpwuid(struct nwrap_backend *b,
259 uid_t uid);
260 static int nwrap_module_getpwuid_r(struct nwrap_backend *b,
261 uid_t uid, struct passwd *pwdst,
262 char *buf, size_t buflen, struct passwd **pwdstp);
263 static void nwrap_module_setpwent(struct nwrap_backend *b);
264 static void nwrap_module_endpwent(struct nwrap_backend *b);
265 static struct group *nwrap_module_getgrent(struct nwrap_backend *b);
266 static int nwrap_module_getgrent_r(struct nwrap_backend *b,
267 struct group *grdst, char *buf,
268 size_t buflen, struct group **grdstp);
269 static struct group *nwrap_module_getgrnam(struct nwrap_backend *b,
270 const char *name);
271 static int nwrap_module_getgrnam_r(struct nwrap_backend *b,
272 const char *name, struct group *grdst,
273 char *buf, size_t buflen, struct group **grdstp);
274 static struct group *nwrap_module_getgrgid(struct nwrap_backend *b,
275 gid_t gid);
276 static int nwrap_module_getgrgid_r(struct nwrap_backend *b,
277 gid_t gid, struct group *grdst,
278 char *buf, size_t buflen, struct group **grdstp);
279 static void nwrap_module_setgrent(struct nwrap_backend *b);
280 static void nwrap_module_endgrent(struct nwrap_backend *b);
281 static int nwrap_module_initgroups(struct nwrap_backend *b,
282 const char *user, gid_t group);
283
284 struct nwrap_ops nwrap_files_ops = {
285 .nw_getpwnam = nwrap_files_getpwnam,
286 .nw_getpwnam_r = nwrap_files_getpwnam_r,
287 .nw_getpwuid = nwrap_files_getpwuid,
288 .nw_getpwuid_r = nwrap_files_getpwuid_r,
289 .nw_setpwent = nwrap_files_setpwent,
290 .nw_getpwent = nwrap_files_getpwent,
291 .nw_getpwent_r = nwrap_files_getpwent_r,
292 .nw_endpwent = nwrap_files_endpwent,
293 .nw_initgroups = nwrap_files_initgroups,
294 .nw_getgrnam = nwrap_files_getgrnam,
295 .nw_getgrnam_r = nwrap_files_getgrnam_r,
296 .nw_getgrgid = nwrap_files_getgrgid,
297 .nw_getgrgid_r = nwrap_files_getgrgid_r,
298 .nw_setgrent = nwrap_files_setgrent,
299 .nw_getgrent = nwrap_files_getgrent,
300 .nw_getgrent_r = nwrap_files_getgrent_r,
301 .nw_endgrent = nwrap_files_endgrent,
302 };
303
304 struct nwrap_ops nwrap_module_ops = {
305 .nw_getpwnam = nwrap_module_getpwnam,
306 .nw_getpwnam_r = nwrap_module_getpwnam_r,
307 .nw_getpwuid = nwrap_module_getpwuid,
308 .nw_getpwuid_r = nwrap_module_getpwuid_r,
309 .nw_setpwent = nwrap_module_setpwent,
310 .nw_getpwent = nwrap_module_getpwent,
311 .nw_getpwent_r = nwrap_module_getpwent_r,
312 .nw_endpwent = nwrap_module_endpwent,
313 .nw_initgroups = nwrap_module_initgroups,
314 .nw_getgrnam = nwrap_module_getgrnam,
315 .nw_getgrnam_r = nwrap_module_getgrnam_r,
316 .nw_getgrgid = nwrap_module_getgrgid,
317 .nw_getgrgid_r = nwrap_module_getgrgid_r,
318 .nw_setgrent = nwrap_module_setgrent,
319 .nw_getgrent = nwrap_module_getgrent,
320 .nw_getgrent_r = nwrap_module_getgrent_r,
321 .nw_endgrent = nwrap_module_endgrent,
322 };
323
324 struct nwrap_main {
325 const char *nwrap_switch;
326 int num_backends;
327 struct nwrap_backend *backends;
328 };
329
330 struct nwrap_main *nwrap_main_global;
331 struct nwrap_main __nwrap_main_global;
332
333 struct nwrap_cache {
334 const char *path;
335 int fd;
336 struct stat st;
337 uint8_t *buf;
338 void *private_data;
339 bool (*parse_line)(struct nwrap_cache *, char *line);
340 void (*unload)(struct nwrap_cache *);
341 };
342
343 struct nwrap_pw {
344 struct nwrap_cache *cache;
345
346 struct passwd *list;
347 int num;
348 int idx;
349 };
350
351 struct nwrap_cache __nwrap_cache_pw;
352 struct nwrap_pw nwrap_pw_global;
353
354 static bool nwrap_pw_parse_line(struct nwrap_cache *nwrap, char *line);
355 static void nwrap_pw_unload(struct nwrap_cache *nwrap);
356
357 struct nwrap_gr {
358 struct nwrap_cache *cache;
359
360 struct group *list;
361 int num;
362 int idx;
363 };
364
365 struct nwrap_cache __nwrap_cache_gr;
366 struct nwrap_gr nwrap_gr_global;
367
368 static bool nwrap_gr_parse_line(struct nwrap_cache *nwrap, char *line);
369 static void nwrap_gr_unload(struct nwrap_cache *nwrap);
370
371 static void *nwrap_load_module_fn(struct nwrap_backend *b,
372 const char *fn_name)
373 {
374 void *res;
375 char *s;
376
377 if (!b->so_handle) {
378 NWRAP_ERROR(("%s: no handle\n",
379 __location__));
380 return NULL;
381 }
382
383 if (asprintf(&s, "_nss_%s_%s", b->name, fn_name) == -1) {
384 NWRAP_ERROR(("%s: out of memory\n",
385 __location__));
386 return NULL;
387 }
388
389 res = dlsym(b->so_handle, s);
390 if (!res) {
391 NWRAP_ERROR(("%s: cannot find function %s in %s\n",
392 __location__, s, b->so_path));
393 }
394 free(s);
395 s = NULL;
396 return res;
397 }
398
399 static struct nwrap_module_nss_fns *nwrap_load_module_fns(struct nwrap_backend *b)
400 {
401 struct nwrap_module_nss_fns *fns;
402
403 if (!b->so_handle) {
404 return NULL;
405 }
406
407 fns = (struct nwrap_module_nss_fns *)malloc(sizeof(struct nwrap_module_nss_fns));
408 if (!fns) {
409 return NULL;
410 }
411
412 fns->_nss_getpwnam_r = (NSS_STATUS (*)(const char *, struct passwd *, char *, size_t, int *))
413 nwrap_load_module_fn(b, "getpwnam_r");
414 fns->_nss_getpwuid_r = (NSS_STATUS (*)(uid_t, struct passwd *, char *, size_t, int *))
415 nwrap_load_module_fn(b, "getpwuid_r");
416 fns->_nss_setpwent = (NSS_STATUS(*)(void))
417 nwrap_load_module_fn(b, "setpwent");
418 fns->_nss_getpwent_r = (NSS_STATUS (*)(struct passwd *, char *, size_t, int *))
419 nwrap_load_module_fn(b, "getpwent_r");
420 fns->_nss_endpwent = (NSS_STATUS(*)(void))
421 nwrap_load_module_fn(b, "endpwent");
422 fns->_nss_initgroups = (NSS_STATUS (*)(const char *, gid_t, long int *, long int *, gid_t **, long int, int *))
423 nwrap_load_module_fn(b, "initgroups_dyn");
424 fns->_nss_getgrnam_r = (NSS_STATUS (*)(const char *, struct group *, char *, size_t, int *))
425 nwrap_load_module_fn(b, "getgrnam_r");
426 fns->_nss_getgrgid_r = (NSS_STATUS (*)(gid_t, struct group *, char *, size_t, int *))
427 nwrap_load_module_fn(b, "getgrgid_r");
428 fns->_nss_setgrent = (NSS_STATUS(*)(void))
429 nwrap_load_module_fn(b, "setgrent");
430 fns->_nss_getgrent_r = (NSS_STATUS (*)(struct group *, char *, size_t, int *))
431 nwrap_load_module_fn(b, "getgrent_r");
432 fns->_nss_endgrent = (NSS_STATUS(*)(void))
433 nwrap_load_module_fn(b, "endgrent");
434
435 return fns;
436 }
437
438 static void *nwrap_load_module(const char *so_path)
439 {
440 void *h;
441
442 if (!so_path || !strlen(so_path)) {
443 return NULL;
444 }
445
446 h = dlopen(so_path, RTLD_LAZY);
447 if (!h) {
448 NWRAP_ERROR(("%s: cannot open shared library %s\n",
449 __location__, so_path));
450 return NULL;
451 }
452
453 return h;
454 }
455
456 static bool nwrap_module_init(const char *name,
457 struct nwrap_ops *ops,
458 const char *so_path,
459 int *num_backends,
460 struct nwrap_backend **backends)
461 {
462 *backends = (struct nwrap_backend *)realloc(*backends,
463 sizeof(struct nwrap_backend) * ((*num_backends) + 1));
464 if (!*backends) {
465 NWRAP_ERROR(("%s: out of memory\n",
466 __location__));
467 return false;
468 }
469
470 (*backends)[*num_backends].name = name;
471 (*backends)[*num_backends].ops = ops;
472 (*backends)[*num_backends].so_path = so_path;
473 (*backends)[*num_backends].so_handle = nwrap_load_module(so_path);
474 (*backends)[*num_backends].fns = nwrap_load_module_fns(&((*backends)[*num_backends]));
475
476 (*num_backends)++;
477
478 return true;
479 }
480
481 static void nwrap_backend_init(struct nwrap_main *r)
482 {
483 r->num_backends = 0;
484 r->backends = NULL;
485
486 if (!nwrap_module_init("files", &nwrap_files_ops, NULL,
487 &r->num_backends,
488 &r->backends)) {
489 NWRAP_ERROR(("%s: failed to initialize 'files' backend\n",
490 __location__));
491 return;
492 }
493 }
494
495 static void nwrap_init(void)
496 {
497 static bool initialized;
498
499 if (initialized) return;
500 initialized = true;
501
502 nwrap_main_global = &__nwrap_main_global;
503
504 nwrap_backend_init(nwrap_main_global);
505
506 nwrap_pw_global.cache = &__nwrap_cache_pw;
507
508 nwrap_pw_global.cache->path = getenv("NSS_WRAPPER_PASSWD");
509 nwrap_pw_global.cache->fd = -1;
510 nwrap_pw_global.cache->private_data = &nwrap_pw_global;
511 nwrap_pw_global.cache->parse_line = nwrap_pw_parse_line;
512 nwrap_pw_global.cache->unload = nwrap_pw_unload;
513
514 nwrap_gr_global.cache = &__nwrap_cache_gr;
515
516 nwrap_gr_global.cache->path = getenv("NSS_WRAPPER_GROUP");
517 nwrap_gr_global.cache->fd = -1;
518 nwrap_gr_global.cache->private_data = &nwrap_gr_global;
519 nwrap_gr_global.cache->parse_line = nwrap_gr_parse_line;
520 nwrap_gr_global.cache->unload = nwrap_gr_unload;
521 }
522
523 static bool nwrap_enabled(void)
524 {
525 nwrap_init();
526
527 if (!nwrap_pw_global.cache->path) {
528 return false;
529 }
530 if (nwrap_pw_global.cache->path[0] == '\0') {
531 return false;
532 }
533 if (!nwrap_gr_global.cache->path) {
534 return false;
535 }
536 if (nwrap_gr_global.cache->path[0] == '\0') {
537 return false;
538 }
539
540 return true;
541 }
542
543 static bool nwrap_parse_file(struct nwrap_cache *nwrap)
544 {
545 int ret;
546 uint8_t *buf = NULL;
547 char *nline;
548
549 if (nwrap->st.st_size == 0) {
550 NWRAP_DEBUG(("%s: size == 0\n",
551 __location__));
552 goto done;
553 }
554
555 if (nwrap->st.st_size > INT32_MAX) {
556 NWRAP_ERROR(("%s: size[%u] larger than INT32_MAX\n",
557 __location__, (unsigned)nwrap->st.st_size));
558 goto failed;
559 }
560
561 ret = lseek(nwrap->fd, 0, SEEK_SET);
562 if (ret != 0) {
563 NWRAP_ERROR(("%s: lseek - %d\n",__location__,ret));
564 goto failed;
565 }
566
567 buf = (uint8_t *)malloc(nwrap->st.st_size + 1);
568 if (!buf) {
569 NWRAP_ERROR(("%s: malloc failed\n",__location__));
570 goto failed;
571 }
572
573 ret = read(nwrap->fd, buf, nwrap->st.st_size);
574 if (ret != nwrap->st.st_size) {
575 NWRAP_ERROR(("%s: read(%u) gave %d\n",
576 __location__, (unsigned)nwrap->st.st_size, ret));
577 goto failed;
578 }
579
580 buf[nwrap->st.st_size] = '\0';
581
582 nline = (char *)buf;
583 while (nline && nline[0]) {
584 char *line;
585 char *e;
586 bool ok;
587
588 line = nline;
589 nline = NULL;
590
591 e = strchr(line, '\n');
592 if (e) {
593 e[0] = '\0';
594 e++;
595 if (e[0] == '\r') {
596 e[0] = '\0';
597 e++;
598 }
599 nline = e;
600 }
601
602 NWRAP_VERBOSE(("%s:'%s'\n",__location__, line));
603
604 if (strlen(line) == 0) {
605 continue;
606 }
607
608 ok = nwrap->parse_line(nwrap, line);
609 if (!ok) {
610 goto failed;
611 }
612 }
613
614 done:
615 nwrap->buf = buf;
616 return true;
617
618 failed:
619 if (buf) free(buf);
620 return false;
621 }
622
623 static void nwrap_cache_unload(struct nwrap_cache *nwrap)
624 {
625 nwrap->unload(nwrap);
626
627 if (nwrap->buf) free(nwrap->buf);
628
629 nwrap->buf = NULL;
630 }
631
632 static void nwrap_cache_reload(struct nwrap_cache *nwrap)
633 {
634 struct stat st;
635 int ret;
636 bool ok;
637 bool retried = false;
638
639 reopen:
640 if (nwrap->fd < 0) {
641 nwrap->fd = open(nwrap->path, O_RDONLY);
642 if (nwrap->fd < 0) {
643 NWRAP_ERROR(("%s: unable to open '%s' readonly %d:%s\n",
644 __location__,
645 nwrap->path, nwrap->fd,
646 strerror(errno)));
647 return;
648 }
649 NWRAP_VERBOSE(("%s: open '%s'\n", __location__, nwrap->path));
650 }
651
652 ret = fstat(nwrap->fd, &st);
653 if (ret != 0) {
654 NWRAP_ERROR(("%s: fstat(%s) - %d:%s\n",
655 __location__,
656 nwrap->path,
657 ret, strerror(errno)));
658 return;
659 }
660
661 if (retried == false && st.st_nlink == 0) {
662 /* maybe someone has replaced the file... */
663 NWRAP_DEBUG(("%s: st_nlink == 0, reopen %s\n",
664 __location__, nwrap->path));
665 retried = true;
666 memset(&nwrap->st, 0, sizeof(nwrap->st));
667 close(nwrap->fd);
668 nwrap->fd = -1;
669 goto reopen;
670 }
671
672 if (st.st_mtime == nwrap->st.st_mtime) {
673 NWRAP_VERBOSE(("%s: st_mtime[%u] hasn't changed, skip reload\n",
674 __location__, (unsigned)st.st_mtime));
675 return;
676 }
677 NWRAP_DEBUG(("%s: st_mtime has changed [%u] => [%u], start reload\n",
678 __location__, (unsigned)st.st_mtime,
679 (unsigned)nwrap->st.st_mtime));
680
681 nwrap->st = st;
682
683 nwrap_cache_unload(nwrap);
684
685 ok = nwrap_parse_file(nwrap);
686 if (!ok) {
687 NWRAP_ERROR(("%s: failed to reload %s\n",
688 __location__, nwrap->path));
689 nwrap_cache_unload(nwrap);
690 }
691 NWRAP_DEBUG(("%s: reloaded %s\n",
692 __location__, nwrap->path));
693 }
694
695 /*
696 * the caller has to call nwrap_unload() on failure
697 */
698 static bool nwrap_pw_parse_line(struct nwrap_cache *nwrap, char *line)
699 {
700 struct nwrap_pw *nwrap_pw;
701 char *c;
702 char *p;
703 char *e;
704 struct passwd *pw;
705 size_t list_size;
706
707 nwrap_pw = (struct nwrap_pw *)nwrap->private_data;
708
709 list_size = sizeof(*nwrap_pw->list) * (nwrap_pw->num+1);
710 pw = (struct passwd *)realloc(nwrap_pw->list, list_size);
711 if (!pw) {
712 NWRAP_ERROR(("%s:realloc(%u) failed\n",
713 __location__, list_size));
714 return false;
715 }
716 nwrap_pw->list = pw;
717
718 pw = &nwrap_pw->list[nwrap_pw->num];
719
720 c = line;
721
722 /* name */
723 p = strchr(c, ':');
724 if (!p) {
725 NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n",
726 __location__, line, c));
727 return false;
728 }
729 *p = '\0';
730 p++;
731 pw->pw_name = c;
732 c = p;
733
734 NWRAP_VERBOSE(("name[%s]\n", pw->pw_name));
735
736 /* password */
737 p = strchr(c, ':');
738 if (!p) {
739 NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n",
740 __location__, line, c));
741 return false;
742 }
743 *p = '\0';
744 p++;
745 pw->pw_passwd = c;
746 c = p;
747
748 NWRAP_VERBOSE(("password[%s]\n", pw->pw_passwd));
749
750 /* uid */
751 p = strchr(c, ':');
752 if (!p) {
753 NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n",
754 __location__, line, c));
755 return false;
756 }
757 *p = '\0';
758 p++;
759 e = NULL;
760 pw->pw_uid = (uid_t)strtoul(c, &e, 10);
761 if (c == e) {
762 NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n",
763 __location__, line, c, strerror(errno)));
764 return false;
765 }
766 if (e == NULL) {
767 NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n",
768 __location__, line, c, strerror(errno)));
769 return false;
770 }
771 if (e[0] != '\0') {
772 NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n",
773 __location__, line, c, strerror(errno)));
774 return false;
775 }
776 c = p;
777
778 NWRAP_VERBOSE(("uid[%u]\n", pw->pw_uid));
779
780 /* gid */
781 p = strchr(c, ':');
782 if (!p) {
783 NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n",
784 __location__, line, c));
785 return false;
786 }
787 *p = '\0';
788 p++;
789 e = NULL;
790 pw->pw_gid = (gid_t)strtoul(c, &e, 10);
791 if (c == e) {
792 NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n",
793 __location__, line, c, strerror(errno)));
794 return false;
795 }
796 if (e == NULL) {
797 NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n",
798 __location__, line, c, strerror(errno)));
799 return false;
800 }
801 if (e[0] != '\0') {
802 NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n",
803 __location__, line, c, strerror(errno)));
804 return false;
805 }
806 c = p;
807
808 NWRAP_VERBOSE(("gid[%u]\n", pw->pw_gid));
809
810 /* gecos */
811 p = strchr(c, ':');
812 if (!p) {
813 NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n",
814 __location__, line, c));
815 return false;
816 }
817 *p = '\0';
818 p++;
819 pw->pw_gecos = c;
820 c = p;
821
822 NWRAP_VERBOSE(("gecos[%s]\n", pw->pw_gecos));
823
824 /* dir */
825 p = strchr(c, ':');
826 if (!p) {
827 NWRAP_ERROR(("%s:'%s'\n",__location__,c));
828 return false;
829 }
830 *p = '\0';
831 p++;
832 pw->pw_dir = c;
833 c = p;
834
835 NWRAP_VERBOSE(("dir[%s]\n", pw->pw_dir));
836
837 /* shell */
838 pw->pw_shell = c;
839 NWRAP_VERBOSE(("shell[%s]\n", pw->pw_shell));
840
841 NWRAP_DEBUG(("add user[%s:%s:%u:%u:%s:%s:%s]\n",
842 pw->pw_name, pw->pw_passwd,
843 pw->pw_uid, pw->pw_gid,
844 pw->pw_gecos, pw->pw_dir, pw->pw_shell));
845
846 nwrap_pw->num++;
847 return true;
848 }
849
850 static void nwrap_pw_unload(struct nwrap_cache *nwrap)
851 {
852 struct nwrap_pw *nwrap_pw;
853 nwrap_pw = (struct nwrap_pw *)nwrap->private_data;
854
855 if (nwrap_pw->list) free(nwrap_pw->list);
856
857 nwrap_pw->list = NULL;
858 nwrap_pw->num = 0;
859 nwrap_pw->idx = 0;
860 }
861
862 static int nwrap_pw_copy_r(const struct passwd *src, struct passwd *dst,
863 char *buf, size_t buflen, struct passwd **dstp)
864 {
865 char *first;
866 char *last;
867 off_t ofs;
868
869 first = src->pw_name;
870
871 last = src->pw_shell;
872 while (*last) last++;
873
874 ofs = PTR_DIFF(last + 1, first);
875
876 if (ofs > buflen) {
877 return ERANGE;
878 }
879
880 memcpy(buf, first, ofs);
881
882 ofs = PTR_DIFF(src->pw_name, first);
883 dst->pw_name = buf + ofs;
884 ofs = PTR_DIFF(src->pw_passwd, first);
885 dst->pw_passwd = buf + ofs;
886 dst->pw_uid = src->pw_uid;
887 dst->pw_gid = src->pw_gid;
888 ofs = PTR_DIFF(src->pw_gecos, first);
889 dst->pw_gecos = buf + ofs;
890 ofs = PTR_DIFF(src->pw_dir, first);
891 dst->pw_dir = buf + ofs;
892 ofs = PTR_DIFF(src->pw_shell, first);
893 dst->pw_shell = buf + ofs;
894
895 if (dstp) {
896 *dstp = dst;
897 }
898
899 return 0;
900 }
901
902 /*
903 * the caller has to call nwrap_unload() on failure
904 */
905 static bool nwrap_gr_parse_line(struct nwrap_cache *nwrap, char *line)
906 {
907 struct nwrap_gr *nwrap_gr;
908 char *c;
909 char *p;
910 char *e;
911 struct group *gr;
912 size_t list_size;
913 unsigned nummem;
914
915 nwrap_gr = (struct nwrap_gr *)nwrap->private_data;
916
917 list_size = sizeof(*nwrap_gr->list) * (nwrap_gr->num+1);
918 gr = (struct group *)realloc(nwrap_gr->list, list_size);
919 if (!gr) {
920 NWRAP_ERROR(("%s:realloc failed\n",__location__));
921 return false;
922 }
923 nwrap_gr->list = gr;
924
925 gr = &nwrap_gr->list[nwrap_gr->num];
926
927 c = line;
928
929 /* name */
930 p = strchr(c, ':');
931 if (!p) {
932 NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n",
933 __location__, line, c));
934 return false;
935 }
936 *p = '\0';
937 p++;
938 gr->gr_name = c;
939 c = p;
940
941 NWRAP_VERBOSE(("name[%s]\n", gr->gr_name));
942
943 /* password */
944 p = strchr(c, ':');
945 if (!p) {
946 NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n",
947 __location__, line, c));
948 return false;
949 }
950 *p = '\0';
951 p++;
952 gr->gr_passwd = c;
953 c = p;
954
955 NWRAP_VERBOSE(("password[%s]\n", gr->gr_passwd));
956
957 /* gid */
958 p = strchr(c, ':');
959 if (!p) {
960 NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n",
961 __location__, line, c));
962 return false;
963 }
964 *p = '\0';
965 p++;
966 e = NULL;
967 gr->gr_gid = (gid_t)strtoul(c, &e, 10);
968 if (c == e) {
969 NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n",
970 __location__, line, c, strerror(errno)));
971 return false;
972 }
973 if (e == NULL) {
974 NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n",
975 __location__, line, c, strerror(errno)));
976 return false;
977 }
978 if (e[0] != '\0') {
979 NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n",
980 __location__, line, c, strerror(errno)));
981 return false;
982 }
983 c = p;
984
985 NWRAP_VERBOSE(("gid[%u]\n", gr->gr_gid));
986
987 /* members */
988 gr->gr_mem = (char **)malloc(sizeof(char *));
989 if (!gr->gr_mem) {
990 NWRAP_ERROR(("%s:calloc failed\n",__location__));
991 return false;
992 }
993 gr->gr_mem[0] = NULL;
994
995 for(nummem=0; p; nummem++) {
996 char **m;
997 size_t m_size;
998 c = p;
999 p = strchr(c, ',');
1000 if (p) {
1001 *p = '\0';
1002 p++;
1003 }
1004
1005 if (strlen(c) == 0) {
1006 break;
1007 }
1008
1009 m_size = sizeof(char *) * (nummem+2);
1010 m = (char **)realloc(gr->gr_mem, m_size);
1011 if (!m) {
1012 NWRAP_ERROR(("%s:realloc(%u) failed\n",
1013 __location__, m_size));
1014 return false;
1015 }
1016 gr->gr_mem = m;
1017 gr->gr_mem[nummem] = c;
1018 gr->gr_mem[nummem+1] = NULL;
1019
1020 NWRAP_VERBOSE(("member[%u]: '%s'\n", nummem, gr->gr_mem[nummem]));
1021 }
1022
1023 NWRAP_DEBUG(("add group[%s:%s:%u:] with %u members\n",
1024 gr->gr_name, gr->gr_passwd, gr->gr_gid, nummem));
1025
1026 nwrap_gr->num++;
1027 return true;
1028 }
1029
1030 static void nwrap_gr_unload(struct nwrap_cache *nwrap)
1031 {
1032 int i;
1033 struct nwrap_gr *nwrap_gr;
1034 nwrap_gr = (struct nwrap_gr *)nwrap->private_data;
1035
1036 if (nwrap_gr->list) {
1037 for (i=0; i < nwrap_gr->num; i++) {
1038 if (nwrap_gr->list[i].gr_mem) {
1039 free(nwrap_gr->list[i].gr_mem);
1040 }
1041 }
1042 free(nwrap_gr->list);
1043 }
1044
1045 nwrap_gr->list = NULL;
1046 nwrap_gr->num = 0;
1047 nwrap_gr->idx = 0;
1048 }
1049
1050 static int nwrap_gr_copy_r(const struct group *src, struct group *dst,
1051 char *buf, size_t buflen, struct group **dstp)
1052 {
1053 char *first;
1054 char **lastm;
1055 char *last = NULL;
1056 off_t ofsb;
1057 off_t ofsm;
1058 off_t ofs;
1059 unsigned i;
1060
1061 first = src->gr_name;
1062
1063 lastm = src->gr_mem;
1064 while (*lastm) {
1065 last = *lastm;
1066 lastm++;
1067 }
1068
1069 if (last == NULL) {
1070 last = src->gr_passwd;
1071 }
1072 while (*last) last++;
1073
1074 ofsb = PTR_DIFF(last + 1, first);
1075 ofsm = PTR_DIFF(lastm + 1, src->gr_mem);
1076
1077 if ((ofsb + ofsm) > buflen) {
1078 return ERANGE;
1079 }
1080
1081 memcpy(buf, first, ofsb);
1082 memcpy(buf + ofsb, src->gr_mem, ofsm);
1083
1084 ofs = PTR_DIFF(src->gr_name, first);
1085 dst->gr_name = buf + ofs;
1086 ofs = PTR_DIFF(src->gr_passwd, first);
1087 dst->gr_passwd = buf + ofs;
1088 dst->gr_gid = src->gr_gid;
1089
1090 dst->gr_mem = (char **)(buf + ofsb);
1091 for (i=0; src->gr_mem[i]; i++) {
1092 ofs = PTR_DIFF(src->gr_mem[i], first);
1093 dst->gr_mem[i] = buf + ofs;
1094 }
1095
1096 if (dstp) {
1097 *dstp = dst;
1098 }
1099
1100 return 0;
1101 }
1102
1103 /* user functions */
1104 static struct passwd *nwrap_files_getpwnam(struct nwrap_backend *b,
1105 const char *name)
1106 {
1107 int i;
1108
1109 nwrap_cache_reload(nwrap_pw_global.cache);
1110
1111 for (i=0; i<nwrap_pw_global.num; i++) {
1112 if (strcmp(nwrap_pw_global.list[i].pw_name, name) == 0) {
1113 NWRAP_DEBUG(("%s: user[%s] found\n",
1114 __location__, name));
1115 return &nwrap_pw_global.list[i];
1116 }
1117 NWRAP_VERBOSE(("%s: user[%s] does not match [%s]\n",
1118 __location__, name,
1119 nwrap_pw_global.list[i].pw_name));
1120 }
1121
1122 NWRAP_DEBUG(("%s: user[%s] not found\n", __location__, name));
1123
1124 errno = ENOENT;
1125 return NULL;
1126 }
1127
1128 static int nwrap_files_getpwnam_r(struct nwrap_backend *b,
1129 const char *name, struct passwd *pwdst,
1130 char *buf, size_t buflen, struct passwd **pwdstp)
1131 {
1132 struct passwd *pw;
1133
1134 pw = nwrap_files_getpwnam(b, name);
1135 if (!pw) {
1136 if (errno == 0) {
1137 return ENOENT;
1138 }
1139 return errno;
1140 }
1141
1142 return nwrap_pw_copy_r(pw, pwdst, buf, buflen, pwdstp);
1143 }
1144
1145 static struct passwd *nwrap_files_getpwuid(struct nwrap_backend *b,
1146 uid_t uid)
1147 {
1148 int i;
1149
1150 nwrap_cache_reload(nwrap_pw_global.cache);
1151
1152 for (i=0; i<nwrap_pw_global.num; i++) {
1153 if (nwrap_pw_global.list[i].pw_uid == uid) {
1154 NWRAP_DEBUG(("%s: uid[%u] found\n",
1155 __location__, uid));
1156 return &nwrap_pw_global.list[i];
1157 }
1158 NWRAP_VERBOSE(("%s: uid[%u] does not match [%u]\n",
1159 __location__, uid,
1160 nwrap_pw_global.list[i].pw_uid));
1161 }
1162
1163 NWRAP_DEBUG(("%s: uid[%u] not found\n", __location__, uid));
1164
1165 errno = ENOENT;
1166 return NULL;
1167 }
1168
1169 static int nwrap_files_getpwuid_r(struct nwrap_backend *b,
1170 uid_t uid, struct passwd *pwdst,
1171 char *buf, size_t buflen, struct passwd **pwdstp)
1172 {
1173 struct passwd *pw;
1174
1175 pw = nwrap_files_getpwuid(b, uid);
1176 if (!pw) {
1177 if (errno == 0) {
1178 return ENOENT;
1179 }
1180 return errno;
1181 }
1182
1183 return nwrap_pw_copy_r(pw, pwdst, buf, buflen, pwdstp);
1184 }
1185
1186 /* user enum functions */
1187 static void nwrap_files_setpwent(struct nwrap_backend *b)
1188 {
1189 nwrap_pw_global.idx = 0;
1190 }
1191
1192 static struct passwd *nwrap_files_getpwent(struct nwrap_backend *b)
1193 {
1194 struct passwd *pw;
1195
1196 if (nwrap_pw_global.idx == 0) {
1197 nwrap_cache_reload(nwrap_pw_global.cache);
1198 }
1199
1200 if (nwrap_pw_global.idx >= nwrap_pw_global.num) {
1201 errno = ENOENT;
1202 return NULL;
1203 }
1204
1205 pw = &nwrap_pw_global.list[nwrap_pw_global.idx++];
1206
1207 NWRAP_VERBOSE(("%s: return user[%s] uid[%u]\n",
1208 __location__, pw->pw_name, pw->pw_uid));
1209
1210 return pw;
1211 }
1212
1213 static int nwrap_files_getpwent_r(struct nwrap_backend *b,
1214 struct passwd *pwdst, char *buf,
1215 size_t buflen, struct passwd **pwdstp)
1216 {
1217 struct passwd *pw;
1218
1219 pw = nwrap_files_getpwent(b);
1220 if (!pw) {
1221 if (errno == 0) {
1222 return ENOENT;
1223 }
1224 return errno;
1225 }
1226
1227 return nwrap_pw_copy_r(pw, pwdst, buf, buflen, pwdstp);
1228 }
1229
1230 static void nwrap_files_endpwent(struct nwrap_backend *b)
1231 {
1232 nwrap_pw_global.idx = 0;
1233 }
1234
1235 /* misc functions */
1236 static int nwrap_files_initgroups(struct nwrap_backend *b,
1237 const char *user, gid_t group)
1238 {
1239 /* TODO: maybe we should also fake this... */
1240 return EPERM;
1241 }
1242
1243 /* group functions */
1244 static struct group *nwrap_files_getgrnam(struct nwrap_backend *b,
1245 const char *name)
1246 {
1247 int i;
1248
1249 nwrap_cache_reload(nwrap_gr_global.cache);
1250
1251 for (i=0; i<nwrap_gr_global.num; i++) {
1252 if (strcmp(nwrap_gr_global.list[i].gr_name, name) == 0) {
1253 NWRAP_DEBUG(("%s: group[%s] found\n",
1254 __location__, name));
1255 return &nwrap_gr_global.list[i];
1256 }
1257 NWRAP_VERBOSE(("%s: group[%s] does not match [%s]\n",
1258 __location__, name,
1259 nwrap_gr_global.list[i].gr_name));
1260 }
1261
1262 NWRAP_DEBUG(("%s: group[%s] not found\n", __location__, name));
1263
1264 errno = ENOENT;
1265 return NULL;
1266 }
1267
1268 static int nwrap_files_getgrnam_r(struct nwrap_backend *b,
1269 const char *name, struct group *grdst,
1270 char *buf, size_t buflen, struct group **grdstp)
1271 {
1272 struct group *gr;
1273
1274 gr = nwrap_files_getgrnam(b, name);
1275 if (!gr) {
1276 if (errno == 0) {
1277 return ENOENT;
1278 }
1279 return errno;
1280 }
1281
1282 return nwrap_gr_copy_r(gr, grdst, buf, buflen, grdstp);
1283 }
1284
1285 static struct group *nwrap_files_getgrgid(struct nwrap_backend *b,
1286 gid_t gid)
1287 {
1288 int i;
1289
1290 nwrap_cache_reload(nwrap_gr_global.cache);
1291
1292 for (i=0; i<nwrap_gr_global.num; i++) {
1293 if (nwrap_gr_global.list[i].gr_gid == gid) {
1294 NWRAP_DEBUG(("%s: gid[%u] found\n",
1295 __location__, gid));
1296 return &nwrap_gr_global.list[i];
1297 }
1298 NWRAP_VERBOSE(("%s: gid[%u] does not match [%u]\n",
1299 __location__, gid,
1300 nwrap_gr_global.list[i].gr_gid));
1301 }
1302
1303 NWRAP_DEBUG(("%s: gid[%u] not found\n", __location__, gid));
1304
1305 errno = ENOENT;
1306 return NULL;
1307 }
1308
1309 static int nwrap_files_getgrgid_r(struct nwrap_backend *b,
1310 gid_t gid, struct group *grdst,
1311 char *buf, size_t buflen, struct group **grdstp)
1312 {
1313 struct group *gr;
1314
1315 gr = nwrap_files_getgrgid(b, gid);
1316 if (!gr) {
1317 if (errno == 0) {
1318 return ENOENT;
1319 }
1320 return errno;
1321 }
1322
1323 return nwrap_gr_copy_r(gr, grdst, buf, buflen, grdstp);
1324 }
1325
1326 /* group enum functions */
1327 static void nwrap_files_setgrent(struct nwrap_backend *b)
1328 {
1329 nwrap_gr_global.idx = 0;
1330 }
1331
1332 static struct group *nwrap_files_getgrent(struct nwrap_backend *b)
1333 {
1334 struct group *gr;
1335
1336 if (nwrap_gr_global.idx == 0) {
1337 nwrap_cache_reload(nwrap_gr_global.cache);
1338 }
1339
1340 if (nwrap_gr_global.idx >= nwrap_gr_global.num) {
1341 errno = ENOENT;
1342 return NULL;
1343 }
1344
1345 gr = &nwrap_gr_global.list[nwrap_gr_global.idx++];
1346
1347 NWRAP_VERBOSE(("%s: return group[%s] gid[%u]\n",
1348 __location__, gr->gr_name, gr->gr_gid));
1349
1350 return gr;
1351 }
1352
1353 static int nwrap_files_getgrent_r(struct nwrap_backend *b,
1354 struct group *grdst, char *buf,
1355 size_t buflen, struct group **grdstp)
1356 {
1357 struct group *gr;
1358
1359 gr = nwrap_files_getgrent(b);
1360 if (!gr) {
1361 if (errno == 0) {
1362 return ENOENT;
1363 }
1364 return errno;
1365 }
1366
1367 return nwrap_gr_copy_r(gr, grdst, buf, buflen, grdstp);
1368 }
1369
1370 static void nwrap_files_endgrent(struct nwrap_backend *b)
1371 {
1372 nwrap_gr_global.idx = 0;
1373 }
1374
1375 /*
1376 * module backend
1377 */
1378
1379 static struct passwd *nwrap_module_getpwnam(struct nwrap_backend *b,
1380 const char *name)
1381 {
1382 return NULL;
1383 }
1384
1385 static int nwrap_module_getpwnam_r(struct nwrap_backend *b,
1386 const char *name, struct passwd *pwdst,
1387 char *buf, size_t buflen, struct passwd **pwdstp)
1388 {
1389 return ENOENT;
1390 }
1391
1392 static struct passwd *nwrap_module_getpwuid(struct nwrap_backend *b,
1393 uid_t uid)
1394 {
1395 return NULL;
1396 }
1397
1398 static int nwrap_module_getpwuid_r(struct nwrap_backend *b,
1399 uid_t uid, struct passwd *pwdst,
1400 char *buf, size_t buflen, struct passwd **pwdstp)
1401 {
1402 return ENOENT;
1403 }
1404
1405 static void nwrap_module_setpwent(struct nwrap_backend *b)
1406 {
1407 }
1408
1409 static struct passwd *nwrap_module_getpwent(struct nwrap_backend *b)
1410 {
1411 return NULL;
1412 }
1413
1414 static int nwrap_module_getpwent_r(struct nwrap_backend *b,
1415 struct passwd *pwdst, char *buf,
1416 size_t buflen, struct passwd **pwdstp)
1417 {
1418 return ENOENT;
1419 }
1420
1421 static void nwrap_module_endpwent(struct nwrap_backend *b)
1422 {
1423 }
1424
1425 static int nwrap_module_initgroups(struct nwrap_backend *b,
1426 const char *user, gid_t group)
1427 {
1428 return -1;
1429 }
1430
1431 static struct group *nwrap_module_getgrnam(struct nwrap_backend *b,
1432 const char *name)
1433 {
1434 return NULL;
1435 }
1436
1437 static int nwrap_module_getgrnam_r(struct nwrap_backend *b,
1438 const char *name, struct group *grdst,
1439 char *buf, size_t buflen, struct group **grdstp)
1440 {
1441 return ENOENT;
1442 }
1443
1444 static struct group *nwrap_module_getgrgid(struct nwrap_backend *b,
1445 gid_t gid)
1446 {
1447 return NULL;
1448 }
1449
1450 static int nwrap_module_getgrgid_r(struct nwrap_backend *b,
1451 gid_t gid, struct group *grdst,
1452 char *buf, size_t buflen, struct group **grdstp)
1453 {
1454 return ENOENT;
1455 }
1456
1457 static void nwrap_module_setgrent(struct nwrap_backend *b)
1458 {
1459 }
1460
1461 static struct group *nwrap_module_getgrent(struct nwrap_backend *b)
1462 {
1463 return NULL;
1464 }
1465
1466 static int nwrap_module_getgrent_r(struct nwrap_backend *b,
1467 struct group *grdst, char *buf,
1468 size_t buflen, struct group **grdstp)
1469 {
1470 return 0;
1471 }
1472
1473 static void nwrap_module_endgrent(struct nwrap_backend *b)
1474 {
1475 }
1476
1477 /*
1478 * PUBLIC interface
1479 */
1480
1481 _PUBLIC_ struct passwd *nwrap_getpwnam(const char *name)
1482 {
1483 int i;
1484 struct passwd *pwd;
1485
1486 if (!nwrap_enabled()) {
1487 return real_getpwnam(name);
1488 }
1489
1490 for (i=0; i < nwrap_main_global->num_backends; i++) {
1491 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1492 pwd = b->ops->nw_getpwnam(b, name);
1493 if (pwd) {
1494 return pwd;
1495 }
1496 }
1497
1498 return NULL;
1499 }
1500
1501 _PUBLIC_ int nwrap_getpwnam_r(const char *name, struct passwd *pwdst,
1502 char *buf, size_t buflen, struct passwd **pwdstp)
1503 {
1504 int i,ret;
1505
1506 if (!nwrap_enabled()) {
1507 return real_getpwnam_r(name, pwdst, buf, buflen, pwdstp);
1508 }
1509
1510 for (i=0; i < nwrap_main_global->num_backends; i++) {
1511 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1512 ret = b->ops->nw_getpwnam_r(b, name, pwdst, buf, buflen, pwdstp);
1513 if (ret == ENOENT) {
1514 continue;
1515 }
1516 return ret;
1517 }
1518
1519 return ENOENT;
1520 }
1521
1522 _PUBLIC_ struct passwd *nwrap_getpwuid(uid_t uid)
1523 {
1524 int i;
1525 struct passwd *pwd;
1526
1527 if (!nwrap_enabled()) {
1528 return real_getpwuid(uid);
1529 }
1530
1531 for (i=0; i < nwrap_main_global->num_backends; i++) {
1532 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1533 pwd = b->ops->nw_getpwuid(b, uid);
1534 if (pwd) {
1535 return pwd;
1536 }
1537 }
1538
1539 return NULL;
1540 }
1541
1542 _PUBLIC_ int nwrap_getpwuid_r(uid_t uid, struct passwd *pwdst,
1543 char *buf, size_t buflen, struct passwd **pwdstp)
1544 {
1545 int i,ret;
1546
1547 if (!nwrap_enabled()) {
1548 return real_getpwuid_r(uid, pwdst, buf, buflen, pwdstp);
1549 }
1550
1551 for (i=0; i < nwrap_main_global->num_backends; i++) {
1552 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1553 ret = b->ops->nw_getpwuid_r(b, uid, pwdst, buf, buflen, pwdstp);
1554 if (ret == ENOENT) {
1555 continue;
1556 }
1557 return ret;
1558 }
1559
1560 return ENOENT;
1561 }
1562
1563 _PUBLIC_ void nwrap_setpwent(void)
1564 {
1565 int i;
1566
1567 if (!nwrap_enabled()) {
1568 real_setpwent();
1569 return;
1570 }
1571
1572 for (i=0; i < nwrap_main_global->num_backends; i++) {
1573 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1574 b->ops->nw_setpwent(b);
1575 }
1576 }
1577
1578 _PUBLIC_ struct passwd *nwrap_getpwent(void)
1579 {
1580 int i;
1581 struct passwd *pwd;
1582
1583 if (!nwrap_enabled()) {
1584 return real_getpwent();
1585 }
1586
1587 for (i=0; i < nwrap_main_global->num_backends; i++) {
1588 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1589 pwd = b->ops->nw_getpwent(b);
1590 if (pwd) {
1591 return pwd;
1592 }
1593 }
1594
1595 return NULL;
1596 }
1597
1598 _PUBLIC_ int nwrap_getpwent_r(struct passwd *pwdst, char *buf,
1599 size_t buflen, struct passwd **pwdstp)
1600 {
1601 int i,ret;
1602
1603 if (!nwrap_enabled()) {
1604 #ifdef SOLARIS_GETPWENT_R
1605 struct passwd *pw;
1606 pw = real_getpwent_r(pwdst, buf, buflen);
1607 if (!pw) {
1608 if (errno == 0) {
1609 return ENOENT;
1610 }
1611 return errno;
1612 }
1613 if (pwdstp) {
1614 *pwdstp = pw;
1615 }
1616 return 0;
1617 #else
1618 return real_getpwent_r(pwdst, buf, buflen, pwdstp);
1619 #endif
1620 }
1621
1622 for (i=0; i < nwrap_main_global->num_backends; i++) {
1623 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1624 ret = b->ops->nw_getpwent_r(b, pwdst, buf, buflen, pwdstp);
1625 if (ret == ENOENT) {
1626 continue;
1627 }
1628 return ret;
1629 }
1630
1631 return ENOENT;
1632 }
1633
1634 _PUBLIC_ void nwrap_endpwent(void)
1635 {
1636 int i;
1637
1638 if (!nwrap_enabled()) {
1639 real_endpwent();
1640 return;
1641 }
1642
1643 for (i=0; i < nwrap_main_global->num_backends; i++) {
1644 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1645 b->ops->nw_endpwent(b);
1646 }
1647 }
1648
1649 _PUBLIC_ int nwrap_initgroups(const char *user, gid_t group)
1650 {
1651 int i;
1652
1653 if (!nwrap_enabled()) {
1654 return real_initgroups(user, group);
1655 }
1656
1657 for (i=0; i < nwrap_main_global->num_backends; i++) {
1658 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1659 return b->ops->nw_initgroups(b, user, group);
1660 }
1661
1662 errno = ENOENT;
1663 return -1;
1664 }
1665
1666 _PUBLIC_ struct group *nwrap_getgrnam(const char *name)
1667 {
1668 int i;
1669 struct group *grp;
1670
1671 if (!nwrap_enabled()) {
1672 return real_getgrnam(name);
1673 }
1674
1675 for (i=0; i < nwrap_main_global->num_backends; i++) {
1676 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1677 grp = b->ops->nw_getgrnam(b, name);
1678 if (grp) {
1679 return grp;
1680 }
1681 }
1682
1683 return NULL;
1684 }
1685
1686 _PUBLIC_ int nwrap_getgrnam_r(const char *name, struct group *grdst,
1687 char *buf, size_t buflen, struct group **grdstp)
1688 {
1689 int i,ret;
1690
1691 if (!nwrap_enabled()) {
1692 return real_getgrnam_r(name, grdst, buf, buflen, grdstp);
1693 }
1694
1695 for (i=0; i < nwrap_main_global->num_backends; i++) {
1696 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1697 ret = b->ops->nw_getgrnam_r(b, name, grdst, buf, buflen, grdstp);
1698 if (ret == ENOENT) {
1699 continue;
1700 }
1701 return ret;
1702 }
1703
1704 return ENOENT;
1705 }
1706
1707 _PUBLIC_ struct group *nwrap_getgrgid(gid_t gid)
1708 {
1709 int i;
1710 struct group *grp;
1711
1712 if (!nwrap_enabled()) {
1713 return real_getgrgid(gid);
1714 }
1715
1716 for (i=0; i < nwrap_main_global->num_backends; i++) {
1717 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1718 grp = b->ops->nw_getgrgid(b, gid);
1719 if (grp) {
1720 return grp;
1721 }
1722 }
1723
1724 return NULL;
1725 }
1726
1727 _PUBLIC_ int nwrap_getgrgid_r(gid_t gid, struct group *grdst,
1728 char *buf, size_t buflen, struct group **grdstp)
1729 {
1730 int i,ret;
1731
1732 if (!nwrap_enabled()) {
1733 return real_getgrgid_r(gid, grdst, buf, buflen, grdstp);
1734 }
1735
1736 for (i=0; i < nwrap_main_global->num_backends; i++) {
1737 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1738 ret = b->ops->nw_getgrgid_r(b, gid, grdst, buf, buflen, grdstp);
1739 if (ret == ENOENT) {
1740 continue;
1741 }
1742 return ret;
1743 }
1744
1745 return ENOENT;
1746 }
1747
1748 _PUBLIC_ void nwrap_setgrent(void)
1749 {
1750 int i;
1751
1752 if (!nwrap_enabled()) {
1753 real_setgrent();
1754 return;
1755 }
1756
1757 for (i=0; i < nwrap_main_global->num_backends; i++) {
1758 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1759 b->ops->nw_setgrent(b);
1760 }
1761 }
1762
1763 _PUBLIC_ struct group *nwrap_getgrent(void)
1764 {
1765 int i;
1766 struct group *grp;
1767
1768 if (!nwrap_enabled()) {
1769 return real_getgrent();
1770 }
1771
1772 for (i=0; i < nwrap_main_global->num_backends; i++) {
1773 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1774 grp = b->ops->nw_getgrent(b);
1775 if (grp) {
1776 return grp;
1777 }
1778 }
1779
1780 return NULL;
1781 }
1782
1783 _PUBLIC_ int nwrap_getgrent_r(struct group *grdst, char *buf,
1784 size_t buflen, struct group **grdstp)
1785 {
1786 int i,ret;
1787
1788 if (!nwrap_enabled()) {
1789 #ifdef SOLARIS_GETGRENT_R
1790 struct group *gr;
1791 gr = real_getgrent_r(grdst, buf, buflen);
1792 if (!gr) {
1793 if (errno == 0) {
1794 return ENOENT;
1795 }
1796 return errno;
1797 }
1798 if (grdstp) {
1799 *grdstp = gr;
1800 }
1801 return 0;
1802 #else
1803 return real_getgrent_r(grdst, buf, buflen, grdstp);
1804 #endif
1805 }
1806
1807 for (i=0; i < nwrap_main_global->num_backends; i++) {
1808 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1809 ret = b->ops->nw_getgrent_r(b, grdst, buf, buflen, grdstp);
1810 if (ret == ENOENT) {
1811 continue;
1812 }
1813 return ret;
1814 }
1815
1816 return ENOENT;
1817 }
1818
1819 _PUBLIC_ void nwrap_endgrent(void)
1820 {
1821 int i;
1822
1823 if (!nwrap_enabled()) {
1824 real_endgrent();
1825 return;
1826 }
1827
1828 for (i=0; i < nwrap_main_global->num_backends; i++) {
1829 struct nwrap_backend *b = &nwrap_main_global->backends[i];
1830 b->ops->nw_endgrent(b);
1831 }
1832 }
1833
1834 _PUBLIC_ int nwrap_getgrouplist(const char *user, gid_t group, gid_t *groups, int *ngroups)
1835 {
1836 struct group *grp;
1837 gid_t *groups_tmp;
1838 int count = 1;
1839 const char *name_of_group = NULL;
1840
1841 if (!nwrap_enabled()) {
1842 return real_getgrouplist(user, group, groups, ngroups);
1843 }
1844
1845 NWRAP_DEBUG(("%s: getgrouplist called for %s\n", __location__, user));
1846
1847 groups_tmp = (gid_t *)malloc(count * sizeof(gid_t));
1848 if (!groups_tmp) {
1849 NWRAP_ERROR(("%s:calloc failed\n",__location__));
1850 errno = ENOMEM;
1851 return -1;
1852 }
1853
1854 memcpy(groups_tmp, &group, sizeof(gid_t));
1855
1856 grp = nwrap_getgrgid(group);
1857 if (grp) {
1858 name_of_group = grp->gr_name;
1859 }
1860
1861 nwrap_setgrent();
1862 while ((grp = nwrap_getgrent()) != NULL) {
1863 int i = 0;
1864
1865 NWRAP_VERBOSE(("%s: inspecting %s for group membership\n",
1866 __location__, grp->gr_name));
1867
1868 for (i=0; grp->gr_mem && grp->gr_mem[i] != NULL; i++) {
1869
1870 if ((strcmp(user, grp->gr_mem[i]) == 0) &&
1871 (strcmp(name_of_group, grp->gr_name) != 0)) {
1872
1873 NWRAP_DEBUG(("%s: %s is member of %s\n",
1874 __location__, user, grp->gr_name));
1875
1876 groups_tmp = (gid_t *)realloc(groups_tmp, (count + 1) * sizeof(gid_t));
1877 if (!groups_tmp) {
1878 NWRAP_ERROR(("%s:calloc failed\n",__location__));
1879 errno = ENOMEM;
1880 return -1;
1881 }
1882
1883 memcpy(&groups_tmp[count], &grp->gr_gid, sizeof(gid_t));
1884 count++;
1885 }
1886 }
1887 }
1888
1889 nwrap_endgrent();
1890
1891 NWRAP_VERBOSE(("%s: %s is member of %d groups: %d\n",
1892 __location__, user, *ngroups));
1893
1894 if (*ngroups < count) {
1895 *ngroups = count;
1896 free(groups_tmp);
1897 return -1;
1898 }
1899
1900 *ngroups = count;
1901 memcpy(groups, groups_tmp, count * sizeof(gid_t));
1902 free(groups_tmp);
1903
1904 return count;
1905 }
fernandojvsilva's samba4 branch