search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
teach libkvm about vkernels
[dragonfly.git] / lib / libc / gen / getpwent.c
blob40a9edff055f96b3a8460c34015f73f9626d9fa1
1 /*-
2 * Copyright (c) 2003 Networks Associates Technology, Inc.
3 * All rights reserved.
4 *
5 * This software was developed for the FreeBSD Project by
6 * Jacques A. Vidrine, Safeport Network Services, and Network
7 * Associates Laboratories, the Security Research Division of Network
8 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
9 * ("CBOSS"), as part of the DARPA CHATS research program.
10 *
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE.
31 *
32 * $FreeBSD: src/lib/libc/gen/getpwent.c,v 1.90 2006/04/28 12:03:35 ume Exp $
33 * $DragonFly: src/lib/libc/gen/getpwent.c,v 1.7 2005/11/19 22:32:53 swildner Exp $
34 */
35
36 #include "namespace.h"
37 #include <sys/param.h>
38 #ifdef YP
39 #include <rpc/rpc.h>
40 #include <rpcsvc/yp_prot.h>
41 #include <rpcsvc/ypclnt.h>
42 #endif
43 #include <arpa/inet.h>
44 #include <errno.h>
45 #include <fcntl.h>
46 #ifdef HESIOD
47 #include <hesiod.h>
48 #endif
49 #include <netdb.h>
50 #include <nsswitch.h>
51 #include <pthread.h>
52 #include <pthread_np.h>
53 #include <pwd.h>
54 #include <stdlib.h>
55 #include <stdio.h>
56 #include <string.h>
57 #include <syslog.h>
58 #include <unistd.h>
59 #include "un-namespace.h"
60 #include <db.h>
61 #include "libc_private.h"
62 #include "pw_scan.h"
63 #include "nss_tls.h"
64 #ifdef NS_CACHING
65 #include "nscache.h"
66 #endif
67
68 #ifndef CTASSERT
69 #define CTASSERT(x) _CTASSERT(x, __LINE__)
70 #define _CTASSERT(x, y) __CTASSERT(x, y)
71 #define __CTASSERT(x, y) typedef char __assert_ ## y [(x) ? 1 : -1]
72 #endif
73
74 /* Counter as stored in /etc/pwd.db */
75 typedef int pwkeynum;
76
77 CTASSERT(MAXLOGNAME > sizeof(uid_t));
78 CTASSERT(MAXLOGNAME > sizeof(pwkeynum));
79
80 enum constants {
81 PWD_STORAGE_INITIAL = 1 << 10, /* 1 KByte */
82 PWD_STORAGE_MAX = 1 << 20, /* 1 MByte */
83 SETPWENT = 1,
84 ENDPWENT = 2,
85 HESIOD_NAME_MAX = 256
86 };
87
88 static const ns_src defaultsrc[] = {
89 { NSSRC_COMPAT, NS_SUCCESS },
90 { NULL, 0 }
91 };
92
93 int __pw_match_entry(const char *, size_t, enum nss_lookup_type,
94 const char *, uid_t);
95 int __pw_parse_entry(char *, size_t, struct passwd *, int, int *errnop);
96
97 static void pwd_init(struct passwd *);
98
99 union key {
100 const char *name;
101 uid_t uid;
102 };
103
104 static struct passwd *getpw(int (*fn)(union key, struct passwd *, char *,
105 size_t, struct passwd **), union key);
106 static int wrap_getpwnam_r(union key, struct passwd *, char *,
107 size_t, struct passwd **);
108 static int wrap_getpwuid_r(union key, struct passwd *, char *, size_t,
109 struct passwd **);
110 static int wrap_getpwent_r(union key, struct passwd *, char *, size_t,
111 struct passwd **);
112
113 static int pwdb_match_entry_v3(char *, size_t, enum nss_lookup_type,
114 const char *, uid_t);
115 static int pwdb_parse_entry_v3(char *, size_t, struct passwd *, int *);
116 static int pwdb_match_entry_v4(char *, size_t, enum nss_lookup_type,
117 const char *, uid_t);
118 static int pwdb_parse_entry_v4(char *, size_t, struct passwd *, int *);
119
120
121 struct {
122 int (*match)(char *, size_t, enum nss_lookup_type, const char *,
123 uid_t);
124 int (*parse)(char *, size_t, struct passwd *, int *);
125 } pwdb_versions[] = {
126 { NULL, NULL }, /* version 0 */
127 { NULL, NULL }, /* version 1 */
128 { NULL, NULL }, /* version 2 */
129 { pwdb_match_entry_v3, pwdb_parse_entry_v3 }, /* version 3 */
130 { pwdb_match_entry_v4, pwdb_parse_entry_v4 }, /* version 4 */
131 };
132
133
134 struct files_state {
135 DB *db;
136 pwkeynum keynum;
137 int stayopen;
138 int version;
139 };
140 static void files_endstate(void *);
141 NSS_TLS_HANDLING(files);
142 static DB *pwdbopen(int *);
143 static void files_endstate(void *);
144 static int files_setpwent(void *, void *, va_list);
145 static int files_passwd(void *, void *, va_list);
146
147
148 #ifdef HESIOD
149 struct dns_state {
150 long counter;
151 };
152 static void dns_endstate(void *);
153 NSS_TLS_HANDLING(dns);
154 static int dns_setpwent(void *, void *, va_list);
155 static int dns_passwd(void *, void *, va_list);
156 #endif
157
158
159 #ifdef YP
160 struct nis_state {
161 char domain[MAXHOSTNAMELEN];
162 int done;
163 char *key;
164 int keylen;
165 };
166 static void nis_endstate(void *);
167 NSS_TLS_HANDLING(nis);
168 static int nis_setpwent(void *, void *, va_list);
169 static int nis_passwd(void *, void *, va_list);
170 static int nis_map(char *, enum nss_lookup_type, char *, size_t, int *);
171 static int nis_adjunct(char *, const char *, char *, size_t);
172 #endif
173
174
175 struct compat_state {
176 DB *db;
177 pwkeynum keynum;
178 int stayopen;
179 int version;
180 DB *exclude;
181 struct passwd template;
182 char *name;
183 enum _compat {
184 COMPAT_MODE_OFF = 0,
185 COMPAT_MODE_ALL,
186 COMPAT_MODE_NAME,
187 COMPAT_MODE_NETGROUP
188 } compat;
189 };
190 static void compat_endstate(void *);
191 NSS_TLS_HANDLING(compat);
192 static int compat_setpwent(void *, void *, va_list);
193 static int compat_passwd(void *, void *, va_list);
194 static void compat_clear_template(struct passwd *);
195 static int compat_set_template(struct passwd *, struct passwd *);
196 static int compat_use_template(struct passwd *, struct passwd *, char *,
197 size_t);
198 static int compat_redispatch(struct compat_state *, enum nss_lookup_type,
199 enum nss_lookup_type, const char *, const char *, uid_t,
200 struct passwd *, char *, size_t, int *);
201
202 #ifdef NS_CACHING
203 static int pwd_id_func(char *, size_t *, va_list ap, void *);
204 static int pwd_marshal_func(char *, size_t *, void *, va_list, void *);
205 static int pwd_unmarshal_func(char *, size_t, void *, va_list, void *);
206
207 static int
208 pwd_id_func(char *buffer, size_t *buffer_size, va_list ap, void *cache_mdata)
209 {
210 char *name;
211 uid_t uid;
212 size_t size, desired_size;
213 int res = NS_UNAVAIL;
214 enum nss_lookup_type lookup_type;
215
216 lookup_type = (enum nss_lookup_type)cache_mdata;
217 switch (lookup_type) {
218 case nss_lt_name:
219 name = va_arg(ap, char *);
220 size = strlen(name);
221 desired_size = sizeof(enum nss_lookup_type) + size + 1;
222 if (desired_size > *buffer_size) {
223 res = NS_RETURN;
224 goto fin;
225 }
226
227 memcpy(buffer, &lookup_type, sizeof(enum nss_lookup_type));
228 memcpy(buffer + sizeof(enum nss_lookup_type), name, size + 1);
229
230 res = NS_SUCCESS;
231 break;
232 case nss_lt_id:
233 uid = va_arg(ap, uid_t);
234 desired_size = sizeof(enum nss_lookup_type) + sizeof(uid_t);
235 if (desired_size > *buffer_size) {
236 res = NS_RETURN;
237 goto fin;
238 }
239
240 memcpy(buffer, &lookup_type, sizeof(enum nss_lookup_type));
241 memcpy(buffer + sizeof(enum nss_lookup_type), &uid,
242 sizeof(uid_t));
243
244 res = NS_SUCCESS;
245 break;
246 default:
247 /* should be unreachable */
248 return (NS_UNAVAIL);
249 }
250
251 fin:
252 *buffer_size = desired_size;
253 return (res);
254 }
255
256 static int
257 pwd_marshal_func(char *buffer, size_t *buffer_size, void *retval, va_list ap,
258 void *cache_mdata)
259 {
260 char *name;
261 uid_t uid;
262 struct passwd *pwd;
263 char *orig_buf;
264 size_t orig_buf_size;
265
266 struct passwd new_pwd;
267 size_t desired_size, size;
268 char *p;
269
270 switch ((enum nss_lookup_type)cache_mdata) {
271 case nss_lt_name:
272 name = va_arg(ap, char *);
273 break;
274 case nss_lt_id:
275 uid = va_arg(ap, uid_t);
276 break;
277 case nss_lt_all:
278 break;
279 default:
280 /* should be unreachable */
281 return (NS_UNAVAIL);
282 }
283
284 pwd = va_arg(ap, struct passwd *);
285 orig_buf = va_arg(ap, char *);
286 orig_buf_size = va_arg(ap, size_t);
287
288 desired_size = sizeof(struct passwd) + sizeof(char *) +
289 strlen(pwd->pw_name) + 1;
290 if (pwd->pw_passwd != NULL)
291 desired_size += strlen(pwd->pw_passwd) + 1;
292 if (pwd->pw_class != NULL)
293 desired_size += strlen(pwd->pw_class) + 1;
294 if (pwd->pw_gecos != NULL)
295 desired_size += strlen(pwd->pw_gecos) + 1;
296 if (pwd->pw_dir != NULL)
297 desired_size += strlen(pwd->pw_dir) + 1;
298 if (pwd->pw_shell != NULL)
299 desired_size += strlen(pwd->pw_shell) + 1;
300
301 if (*buffer_size < desired_size) {
302 /* this assignment is here for future use */
303 *buffer_size = desired_size;
304 return (NS_RETURN);
305 }
306
307 memcpy(&new_pwd, pwd, sizeof(struct passwd));
308 memset(buffer, 0, desired_size);
309
310 *buffer_size = desired_size;
311 p = buffer + sizeof(struct passwd) + sizeof(char *);
312 memcpy(buffer + sizeof(struct passwd), &p, sizeof(char *));
313
314 if (new_pwd.pw_name != NULL) {
315 size = strlen(new_pwd.pw_name);
316 memcpy(p, new_pwd.pw_name, size);
317 new_pwd.pw_name = p;
318 p += size + 1;
319 }
320
321 if (new_pwd.pw_passwd != NULL) {
322 size = strlen(new_pwd.pw_passwd);
323 memcpy(p, new_pwd.pw_passwd, size);
324 new_pwd.pw_passwd = p;
325 p += size + 1;
326 }
327
328 if (new_pwd.pw_class != NULL) {
329 size = strlen(new_pwd.pw_class);
330 memcpy(p, new_pwd.pw_class, size);
331 new_pwd.pw_class = p;
332 p += size + 1;
333 }
334
335 if (new_pwd.pw_gecos != NULL) {
336 size = strlen(new_pwd.pw_gecos);
337 memcpy(p, new_pwd.pw_gecos, size);
338 new_pwd.pw_gecos = p;
339 p += size + 1;
340 }
341
342 if (new_pwd.pw_dir != NULL) {
343 size = strlen(new_pwd.pw_dir);
344 memcpy(p, new_pwd.pw_dir, size);
345 new_pwd.pw_dir = p;
346 p += size + 1;
347 }
348
349 if (new_pwd.pw_shell != NULL) {
350 size = strlen(new_pwd.pw_shell);
351 memcpy(p, new_pwd.pw_shell, size);
352 new_pwd.pw_shell = p;
353 p += size + 1;
354 }
355
356 memcpy(buffer, &new_pwd, sizeof(struct passwd));
357 return (NS_SUCCESS);
358 }
359
360 static int
361 pwd_unmarshal_func(char *buffer, size_t buffer_size, void *retval, va_list ap,
362 void *cache_mdata)
363 {
364 char *name;
365 uid_t uid;
366 struct passwd *pwd;
367 char *orig_buf;
368 size_t orig_buf_size;
369 int *ret_errno;
370
371 char *p;
372
373 switch ((enum nss_lookup_type)cache_mdata) {
374 case nss_lt_name:
375 name = va_arg(ap, char *);
376 break;
377 case nss_lt_id:
378 uid = va_arg(ap, uid_t);
379 break;
380 case nss_lt_all:
381 break;
382 default:
383 /* should be unreachable */
384 return (NS_UNAVAIL);
385 }
386
387 pwd = va_arg(ap, struct passwd *);
388 orig_buf = va_arg(ap, char *);
389 orig_buf_size = va_arg(ap, size_t);
390 ret_errno = va_arg(ap, int *);
391
392 if (orig_buf_size <
393 buffer_size - sizeof(struct passwd) - sizeof(char *)) {
394 *ret_errno = ERANGE;
395 return (NS_RETURN);
396 }
397
398 memcpy(pwd, buffer, sizeof(struct passwd));
399 memcpy(&p, buffer + sizeof(struct passwd), sizeof(char *));
400 memcpy(orig_buf, buffer + sizeof(struct passwd) + sizeof(char *),
401 buffer_size - sizeof(struct passwd) - sizeof(char *));
402
403 NS_APPLY_OFFSET(pwd->pw_name, orig_buf, p, char *);
404 NS_APPLY_OFFSET(pwd->pw_passwd, orig_buf, p, char *);
405 NS_APPLY_OFFSET(pwd->pw_class, orig_buf, p, char *);
406 NS_APPLY_OFFSET(pwd->pw_gecos, orig_buf, p, char *);
407 NS_APPLY_OFFSET(pwd->pw_dir, orig_buf, p, char *);
408 NS_APPLY_OFFSET(pwd->pw_shell, orig_buf, p, char *);
409
410 if (retval != NULL)
411 *((struct passwd **)retval) = pwd;
412
413 return (NS_SUCCESS);
414 }
415
416 NSS_MP_CACHE_HANDLING(passwd);
417 #endif /* NS_CACHING */
418
419 void
420 setpwent(void)
421 {
422 #ifdef NS_CACHING
423 static const nss_cache_info cache_info = NS_MP_CACHE_INFO_INITIALIZER(
424 passwd, (void *)nss_lt_all,
425 NULL, NULL);
426 #endif
427
428 static const ns_dtab dtab[] = {
429 { NSSRC_FILES, files_setpwent, (void *)SETPWENT },
430 #ifdef HESIOD
431 { NSSRC_DNS, dns_setpwent, (void *)SETPWENT },
432 #endif
433 #ifdef YP
434 { NSSRC_NIS, nis_setpwent, (void *)SETPWENT },
435 #endif
436 { NSSRC_COMPAT, compat_setpwent, (void *)SETPWENT },
437 #ifdef NS_CACHING
438 NS_CACHE_CB(&cache_info)
439 #endif
440 { NULL, NULL, NULL }
441 };
442 _nsdispatch(NULL, dtab, NSDB_PASSWD, "setpwent", defaultsrc, 0);
443 }
444
445
446 int
447 setpassent(int stayopen)
448 {
449 #ifdef NS_CACHING
450 static const nss_cache_info cache_info = NS_MP_CACHE_INFO_INITIALIZER(
451 passwd, (void *)nss_lt_all,
452 NULL, NULL);
453 #endif
454
455 static const ns_dtab dtab[] = {
456 { NSSRC_FILES, files_setpwent, (void *)SETPWENT },
457 #ifdef HESIOD
458 { NSSRC_DNS, dns_setpwent, (void *)SETPWENT },
459 #endif
460 #ifdef YP
461 { NSSRC_NIS, nis_setpwent, (void *)SETPWENT },
462 #endif
463 { NSSRC_COMPAT, compat_setpwent, (void *)SETPWENT },
464 #ifdef NS_CACHING
465 NS_CACHE_CB(&cache_info)
466 #endif
467 { NULL, NULL, NULL }
468 };
469 _nsdispatch(NULL, dtab, NSDB_PASSWD, "setpwent", defaultsrc, stayopen);
470 return (1);
471 }
472
473
474 void
475 endpwent(void)
476 {
477 #ifdef NS_CACHING
478 static const nss_cache_info cache_info = NS_MP_CACHE_INFO_INITIALIZER(
479 passwd, (void *)nss_lt_all,
480 NULL, NULL);
481 #endif
482
483 static const ns_dtab dtab[] = {
484 { NSSRC_FILES, files_setpwent, (void *)ENDPWENT },
485 #ifdef HESIOD
486 { NSSRC_DNS, dns_setpwent, (void *)ENDPWENT },
487 #endif
488 #ifdef YP
489 { NSSRC_NIS, nis_setpwent, (void *)ENDPWENT },
490 #endif
491 { NSSRC_COMPAT, compat_setpwent, (void *)ENDPWENT },
492 #ifdef NS_CACHING
493 NS_CACHE_CB(&cache_info)
494 #endif
495 { NULL, NULL, NULL }
496 };
497 _nsdispatch(NULL, dtab, NSDB_PASSWD, "endpwent", defaultsrc);
498 }
499
500
501 int
502 getpwent_r(struct passwd *pwd, char *buffer, size_t bufsize,
503 struct passwd **result)
504 {
505 #ifdef NS_CACHING
506 static const nss_cache_info cache_info = NS_MP_CACHE_INFO_INITIALIZER(
507 passwd, (void *)nss_lt_all,
508 pwd_marshal_func, pwd_unmarshal_func);
509 #endif
510
511 static const ns_dtab dtab[] = {
512 { NSSRC_FILES, files_passwd, (void *)nss_lt_all },
513 #ifdef HESIOD
514 { NSSRC_DNS, dns_passwd, (void *)nss_lt_all },
515 #endif
516 #ifdef YP
517 { NSSRC_NIS, nis_passwd, (void *)nss_lt_all },
518 #endif
519 { NSSRC_COMPAT, compat_passwd, (void *)nss_lt_all },
520 #ifdef NS_CACHING
521 NS_CACHE_CB(&cache_info)
522 #endif
523 { NULL, NULL, NULL }
524 };
525 int rv, ret_errno;
526
527 pwd_init(pwd);
528 ret_errno = 0;
529 *result = NULL;
530 rv = _nsdispatch(result, dtab, NSDB_PASSWD, "getpwent_r", defaultsrc,
531 pwd, buffer, bufsize, &ret_errno);
532 if (rv == NS_SUCCESS)
533 return (0);
534 else
535 return (ret_errno);
536 }
537
538
539 int
540 getpwnam_r(const char *name, struct passwd *pwd, char *buffer, size_t bufsize,
541 struct passwd **result)
542 {
543 #ifdef NS_CACHING
544 static const nss_cache_info cache_info =
545 NS_COMMON_CACHE_INFO_INITIALIZER(
546 passwd, (void *)nss_lt_name,
547 pwd_id_func, pwd_marshal_func, pwd_unmarshal_func);
548 #endif
549
550 static const ns_dtab dtab[] = {
551 { NSSRC_FILES, files_passwd, (void *)nss_lt_name },
552 #ifdef HESIOD
553 { NSSRC_DNS, dns_passwd, (void *)nss_lt_name },
554 #endif
555 #ifdef YP
556 { NSSRC_NIS, nis_passwd, (void *)nss_lt_name },
557 #endif
558 { NSSRC_COMPAT, compat_passwd, (void *)nss_lt_name },
559 #ifdef NS_CACHING
560 NS_CACHE_CB(&cache_info)
561 #endif
562 { NULL, NULL, NULL }
563 };
564 int rv, ret_errno;
565
566 pwd_init(pwd);
567 ret_errno = 0;
568 *result = NULL;
569 rv = _nsdispatch(result, dtab, NSDB_PASSWD, "getpwnam_r", defaultsrc,
570 name, pwd, buffer, bufsize, &ret_errno);
571 if (rv == NS_SUCCESS)
572 return (0);
573 else
574 return (ret_errno);
575 }
576
577
578 int
579 getpwuid_r(uid_t uid, struct passwd *pwd, char *buffer, size_t bufsize,
580 struct passwd **result)
581 {
582 #ifdef NS_CACHING
583 static const nss_cache_info cache_info =
584 NS_COMMON_CACHE_INFO_INITIALIZER(
585 passwd, (void *)nss_lt_id,
586 pwd_id_func, pwd_marshal_func, pwd_unmarshal_func);
587 #endif
588
589 static const ns_dtab dtab[] = {
590 { NSSRC_FILES, files_passwd, (void *)nss_lt_id },
591 #ifdef HESIOD
592 { NSSRC_DNS, dns_passwd, (void *)nss_lt_id },
593 #endif
594 #ifdef YP
595 { NSSRC_NIS, nis_passwd, (void *)nss_lt_id },
596 #endif
597 { NSSRC_COMPAT, compat_passwd, (void *)nss_lt_id },
598 #ifdef NS_CACHING
599 NS_CACHE_CB(&cache_info)
600 #endif
601 { NULL, NULL, NULL }
602 };
603 int rv, ret_errno;
604
605 pwd_init(pwd);
606 ret_errno = 0;
607 *result = NULL;
608 rv = _nsdispatch(result, dtab, NSDB_PASSWD, "getpwuid_r", defaultsrc,
609 uid, pwd, buffer, bufsize, &ret_errno);
610 if (rv == NS_SUCCESS)
611 return (0);
612 else
613 return (ret_errno);
614 }
615
616
617 static void
618 pwd_init(struct passwd *pwd)
619 {
620 static char nul[] = "";
621
622 memset(pwd, 0, sizeof(*pwd));
623 pwd->pw_uid = (uid_t)-1; /* Considered least likely to lead to */
624 pwd->pw_gid = (gid_t)-1; /* a security issue. */
625 pwd->pw_name = nul;
626 pwd->pw_passwd = nul;
627 pwd->pw_class = nul;
628 pwd->pw_gecos = nul;
629 pwd->pw_dir = nul;
630 pwd->pw_shell = nul;
631 }
632
633
634 static struct passwd pwd;
635 static char *pwd_storage;
636 static size_t pwd_storage_size;
637
638
639 static struct passwd *
640 getpw(int (*fn)(union key, struct passwd *, char *, size_t, struct passwd **),
641 union key key)
642 {
643 int rv;
644 struct passwd *res;
645
646 if (pwd_storage == NULL) {
647 pwd_storage = malloc(PWD_STORAGE_INITIAL);
648 if (pwd_storage == NULL)
649 return (NULL);
650 pwd_storage_size = PWD_STORAGE_INITIAL;
651 }
652 do {
653 rv = fn(key, &pwd, pwd_storage, pwd_storage_size, &res);
654 if (res == NULL && rv == ERANGE) {
655 free(pwd_storage);
656 if ((pwd_storage_size << 1) > PWD_STORAGE_MAX) {
657 pwd_storage = NULL;
658 errno = ERANGE;
659 return (NULL);
660 }
661 pwd_storage_size <<= 1;
662 pwd_storage = malloc(pwd_storage_size);
663 if (pwd_storage == NULL)
664 return (NULL);
665 }
666 } while (res == NULL && rv == ERANGE);
667 if (rv != 0)
668 errno = rv;
669 return (res);
670 }
671
672
673 static int
674 wrap_getpwnam_r(union key key, struct passwd *pwd, char *buffer,
675 size_t bufsize, struct passwd **res)
676 {
677 return (getpwnam_r(key.name, pwd, buffer, bufsize, res));
678 }
679
680
681 static int
682 wrap_getpwuid_r(union key key, struct passwd *pwd, char *buffer,
683 size_t bufsize, struct passwd **res)
684 {
685 return (getpwuid_r(key.uid, pwd, buffer, bufsize, res));
686 }
687
688
689 static int
690 wrap_getpwent_r(union key key __unused, struct passwd *pwd, char *buffer,
691 size_t bufsize, struct passwd **res)
692 {
693 return (getpwent_r(pwd, buffer, bufsize, res));
694 }
695
696
697 struct passwd *
698 getpwnam(const char *name)
699 {
700 union key key;
701
702 key.name = name;
703 return (getpw(wrap_getpwnam_r, key));
704 }
705
706
707 struct passwd *
708 getpwuid(uid_t uid)
709 {
710 union key key;
711
712 key.uid = uid;
713 return (getpw(wrap_getpwuid_r, key));
714 }
715
716
717 struct passwd *
718 getpwent(void)
719 {
720 union key key;
721
722 key.uid = 0; /* not used */
723 return (getpw(wrap_getpwent_r, key));
724 }
725
726
727 /*
728 * files backend
729 */
730 static DB *
731 pwdbopen(int *version)
732 {
733 DB *res;
734 DBT key, entry;
735 int rv;
736
737 if (geteuid() != 0 ||
738 (res = dbopen(_PATH_SMP_DB, O_RDONLY, 0, DB_HASH, NULL)) == NULL)
739 res = dbopen(_PATH_MP_DB, O_RDONLY, 0, DB_HASH, NULL);
740 if (res == NULL)
741 return (NULL);
742 key.data = _PWD_VERSION_KEY;
743 key.size = strlen(_PWD_VERSION_KEY);
744 rv = res->get(res, &key, &entry, 0);
745 if (rv == 0)
746 *version = *(unsigned char *)entry.data;
747 else
748 *version = 3;
749 if (*version < 3 ||
750 *version >= sizeof(pwdb_versions)/sizeof(pwdb_versions[0])) {
751 syslog(LOG_CRIT, "Unsupported password database version %d",
752 *version);
753 res->close(res);
754 res = NULL;
755 }
756 return (res);
757 }
758
759
760 static void
761 files_endstate(void *p)
762 {
763 DB *db;
764
765 if (p == NULL)
766 return;
767 db = ((struct files_state *)p)->db;
768 if (db != NULL)
769 db->close(db);
770 free(p);
771 }
772
773
774 static int
775 files_setpwent(void *retval, void *mdata, va_list ap)
776 {
777 struct files_state *st;
778 int rv, stayopen;
779
780 rv = files_getstate(&st);
781 if (rv != 0)
782 return (NS_UNAVAIL);
783 switch ((enum constants)mdata) {
784 case SETPWENT:
785 stayopen = va_arg(ap, int);
786 st->keynum = 0;
787 if (stayopen)
788 st->db = pwdbopen(&st->version);
789 st->stayopen = stayopen;
790 break;
791 case ENDPWENT:
792 if (st->db != NULL) {
793 st->db->close(st->db);
794 st->db = NULL;
795 }
796 break;
797 default:
798 break;
799 }
800 return (NS_UNAVAIL);
801 }
802
803
804 static int
805 files_passwd(void *retval, void *mdata, va_list ap)
806 {
807 char keybuf[MAXLOGNAME + 1];
808 DBT key, entry;
809 struct files_state *st;
810 enum nss_lookup_type how;
811 const char *name;
812 struct passwd *pwd;
813 char *buffer;
814 size_t bufsize, namesize;
815 uid_t uid;
816 uint32_t store;
817 int rv, stayopen, *errnop;
818
819 name = NULL;
820 uid = (uid_t)-1;
821 how = (enum nss_lookup_type)mdata;
822 switch (how) {
823 case nss_lt_name:
824 name = va_arg(ap, const char *);
825 keybuf[0] = _PW_KEYBYNAME;
826 break;
827 case nss_lt_id:
828 uid = va_arg(ap, uid_t);
829 keybuf[0] = _PW_KEYBYUID;
830 break;
831 case nss_lt_all:
832 keybuf[0] = _PW_KEYBYNUM;
833 break;
834 default:
835 rv = NS_NOTFOUND;
836 goto fin;
837 }
838 pwd = va_arg(ap, struct passwd *);
839 buffer = va_arg(ap, char *);
840 bufsize = va_arg(ap, size_t);
841 errnop = va_arg(ap, int *);
842 *errnop = files_getstate(&st);
843 if (*errnop != 0)
844 return (NS_UNAVAIL);
845 if (how == nss_lt_all && st->keynum < 0) {
846 rv = NS_NOTFOUND;
847 goto fin;
848 }
849 if (st->db == NULL &&
850 (st->db = pwdbopen(&st->version)) == NULL) {
851 *errnop = errno;
852 rv = NS_UNAVAIL;
853 goto fin;
854 }
855 if (how == nss_lt_all)
856 stayopen = 1;
857 else
858 stayopen = st->stayopen;
859 key.data = keybuf;
860 do {
861 switch (how) {
862 case nss_lt_name:
863 /* MAXLOGNAME includes NUL byte, but we do not
864 * include the NUL byte in the key.
865 */
866 namesize = strlcpy(&keybuf[1], name, sizeof(keybuf)-1);
867 if (namesize >= sizeof(keybuf)-1) {
868 *errnop = EINVAL;
869 rv = NS_NOTFOUND;
870 goto fin;
871 }
872 key.size = namesize + 1;
873 break;
874 case nss_lt_id:
875 if (st->version < _PWD_CURRENT_VERSION) {
876 memcpy(&keybuf[1], &uid, sizeof(uid));
877 key.size = sizeof(uid) + 1;
878 } else {
879 store = htonl(uid);
880 memcpy(&keybuf[1], &store, sizeof(store));
881 key.size = sizeof(store) + 1;
882 }
883 break;
884 case nss_lt_all:
885 st->keynum++;
886 if (st->version < _PWD_CURRENT_VERSION) {
887 memcpy(&keybuf[1], &st->keynum,
888 sizeof(st->keynum));
889 key.size = sizeof(st->keynum) + 1;
890 } else {
891 store = htonl(st->keynum);
892 memcpy(&keybuf[1], &store, sizeof(store));
893 key.size = sizeof(store) + 1;
894 }
895 break;
896 }
897 keybuf[0] = _PW_VERSIONED(keybuf[0], st->version);
898 rv = st->db->get(st->db, &key, &entry, 0);
899 if (rv < 0 || rv > 1) { /* should never return > 1 */
900 *errnop = errno;
901 rv = NS_UNAVAIL;
902 goto fin;
903 } else if (rv == 1) {
904 if (how == nss_lt_all)
905 st->keynum = -1;
906 rv = NS_NOTFOUND;
907 goto fin;
908 }
909 rv = pwdb_versions[st->version].match(entry.data, entry.size,
910 how, name, uid);
911 if (rv != NS_SUCCESS)
912 continue;
913 if (entry.size > bufsize) {
914 *errnop = ERANGE;
915 rv = NS_RETURN;
916 break;
917 }
918 memcpy(buffer, entry.data, entry.size);
919 rv = pwdb_versions[st->version].parse(buffer, entry.size, pwd,
920 errnop);
921 } while (how == nss_lt_all && !(rv & NS_TERMINATE));
922 fin:
923 if (!stayopen && st->db != NULL) {
924 st->db->close(st->db);
925 st->db = NULL;
926 }
927 if (rv == NS_SUCCESS) {
928 pwd->pw_fields &= ~_PWF_SOURCE;
929 pwd->pw_fields |= _PWF_FILES;
930 if (retval != NULL)
931 *(struct passwd **)retval = pwd;
932 }
933 return (rv);
934 }
935
936
937 static int
938 pwdb_match_entry_v3(char *entry, size_t entrysize, enum nss_lookup_type how,
939 const char *name, uid_t uid)
940 {
941 const char *p, *eom;
942 uid_t uid2;
943
944 eom = &entry[entrysize];
945 for (p = entry; p < eom; p++)
946 if (*p == '\0')
947 break;
948 if (*p != '\0')
949 return (NS_NOTFOUND);
950 if (how == nss_lt_all)
951 return (NS_SUCCESS);
952 if (how == nss_lt_name)
953 return (strcmp(name, entry) == 0 ? NS_SUCCESS : NS_NOTFOUND);
954 for (p++; p < eom; p++)
955 if (*p == '\0')
956 break;
957 if (*p != '\0' || (++p) + sizeof(uid) >= eom)
958 return (NS_NOTFOUND);
959 memcpy(&uid2, p, sizeof(uid2));
960 return (uid == uid2 ? NS_SUCCESS : NS_NOTFOUND);
961 }
962
963
964 static int
965 pwdb_parse_entry_v3(char *buffer, size_t bufsize, struct passwd *pwd,
966 int *errnop)
967 {
968 char *p, *eom;
969 int32_t pw_change, pw_expire;
970
971 /* THIS CODE MUST MATCH THAT IN pwd_mkdb. */
972 p = buffer;
973 eom = &buffer[bufsize];
974 #define STRING(field) do { \
975 (field) = p; \
976 while (p < eom && *p != '\0') \
977 p++; \
978 if (p >= eom) \
979 return (NS_NOTFOUND); \
980 p++; \
981 } while (0)
982 #define SCALAR(field) do { \
983 if (p + sizeof(field) > eom) \
984 return (NS_NOTFOUND); \
985 memcpy(&(field), p, sizeof(field)); \
986 p += sizeof(field); \
987 } while (0)
988 STRING(pwd->pw_name);
989 STRING(pwd->pw_passwd);
990 SCALAR(pwd->pw_uid);
991 SCALAR(pwd->pw_gid);
992 SCALAR(pw_change);
993 STRING(pwd->pw_class);
994 STRING(pwd->pw_gecos);
995 STRING(pwd->pw_dir);
996 STRING(pwd->pw_shell);
997 SCALAR(pw_expire);
998 SCALAR(pwd->pw_fields);
999 #undef STRING
1000 #undef SCALAR
1001 pwd->pw_change = pw_change;
1002 pwd->pw_expire = pw_expire;
1003 return (NS_SUCCESS);
1004 }
1005
1006
1007 static int
1008 pwdb_match_entry_v4(char *entry, size_t entrysize, enum nss_lookup_type how,
1009 const char *name, uid_t uid)
1010 {
1011 const char *p, *eom;
1012 uint32_t uid2;
1013
1014 eom = &entry[entrysize];
1015 for (p = entry; p < eom; p++)
1016 if (*p == '\0')
1017 break;
1018 if (*p != '\0')
1019 return (NS_NOTFOUND);
1020 if (how == nss_lt_all)
1021 return (NS_SUCCESS);
1022 if (how == nss_lt_name)
1023 return (strcmp(name, entry) == 0 ? NS_SUCCESS : NS_NOTFOUND);
1024 for (p++; p < eom; p++)
1025 if (*p == '\0')
1026 break;
1027 if (*p != '\0' || (++p) + sizeof(uid) >= eom)
1028 return (NS_NOTFOUND);
1029 memcpy(&uid2, p, sizeof(uid2));
1030 uid2 = ntohl(uid2);
1031 return (uid == (uid_t)uid2 ? NS_SUCCESS : NS_NOTFOUND);
1032 }
1033
1034
1035 static int
1036 pwdb_parse_entry_v4(char *buffer, size_t bufsize, struct passwd *pwd,
1037 int *errnop)
1038 {
1039 char *p, *eom;
1040 uint32_t n;
1041
1042 /* THIS CODE MUST MATCH THAT IN pwd_mkdb. */
1043 p = buffer;
1044 eom = &buffer[bufsize];
1045 #define STRING(field) do { \
1046 (field) = p; \
1047 while (p < eom && *p != '\0') \
1048 p++; \
1049 if (p >= eom) \
1050 return (NS_NOTFOUND); \
1051 p++; \
1052 } while (0)
1053 #define SCALAR(field) do { \
1054 if (p + sizeof(n) > eom) \
1055 return (NS_NOTFOUND); \
1056 memcpy(&n, p, sizeof(n)); \
1057 (field) = ntohl(n); \
1058 p += sizeof(n); \
1059 } while (0)
1060 STRING(pwd->pw_name);
1061 STRING(pwd->pw_passwd);
1062 SCALAR(pwd->pw_uid);
1063 SCALAR(pwd->pw_gid);
1064 SCALAR(pwd->pw_change);
1065 STRING(pwd->pw_class);
1066 STRING(pwd->pw_gecos);
1067 STRING(pwd->pw_dir);
1068 STRING(pwd->pw_shell);
1069 SCALAR(pwd->pw_expire);
1070 SCALAR(pwd->pw_fields);
1071 #undef STRING
1072 #undef SCALAR
1073 return (NS_SUCCESS);
1074 }
1075
1076
1077 #ifdef HESIOD
1078 /*
1079 * dns backend
1080 */
1081 static void
1082 dns_endstate(void *p)
1083 {
1084 free(p);
1085 }
1086
1087
1088 static int
1089 dns_setpwent(void *retval, void *mdata, va_list ap)
1090 {
1091 struct dns_state *st;
1092 int rv;
1093
1094 rv = dns_getstate(&st);
1095 if (rv != 0)
1096 return (NS_UNAVAIL);
1097 st->counter = 0;
1098 return (NS_UNAVAIL);
1099 }
1100
1101
1102 static int
1103 dns_passwd(void *retval, void *mdata, va_list ap)
1104 {
1105 char buf[HESIOD_NAME_MAX];
1106 struct dns_state *st;
1107 struct passwd *pwd;
1108 const char *name, *label;
1109 void *ctx;
1110 char *buffer, **hes;
1111 size_t bufsize, linesize;
1112 uid_t uid;
1113 enum nss_lookup_type how;
1114 int rv, *errnop;
1115
1116 ctx = NULL;
1117 hes = NULL;
1118 name = NULL;
1119 uid = (uid_t)-1;
1120 how = (enum nss_lookup_type)mdata;
1121 switch (how) {
1122 case nss_lt_name:
1123 name = va_arg(ap, const char *);
1124 break;
1125 case nss_lt_id:
1126 uid = va_arg(ap, uid_t);
1127 break;
1128 case nss_lt_all:
1129 break;
1130 }
1131 pwd = va_arg(ap, struct passwd *);
1132 buffer = va_arg(ap, char *);
1133 bufsize = va_arg(ap, size_t);
1134 errnop = va_arg(ap, int *);
1135 *errnop = dns_getstate(&st);
1136 if (*errnop != 0)
1137 return (NS_UNAVAIL);
1138 if (hesiod_init(&ctx) != 0) {
1139 *errnop = errno;
1140 rv = NS_UNAVAIL;
1141 goto fin;
1142 }
1143 do {
1144 rv = NS_NOTFOUND;
1145 switch (how) {
1146 case nss_lt_name:
1147 label = name;
1148 break;
1149 case nss_lt_id:
1150 if (snprintf(buf, sizeof(buf), "%lu",
1151 (unsigned long)uid) >= sizeof(buf))
1152 goto fin;
1153 label = buf;
1154 break;
1155 case nss_lt_all:
1156 if (st->counter < 0)
1157 goto fin;
1158 if (snprintf(buf, sizeof(buf), "passwd-%ld",
1159 st->counter++) >= sizeof(buf))
1160 goto fin;
1161 label = buf;
1162 break;
1163 }
1164 hes = hesiod_resolve(ctx, label,
1165 how == nss_lt_id ? "uid" : "passwd");
1166 if (hes == NULL) {
1167 if (how == nss_lt_all)
1168 st->counter = -1;
1169 if (errno != ENOENT)
1170 *errnop = errno;
1171 goto fin;
1172 }
1173 rv = __pw_match_entry(hes[0], strlen(hes[0]), how, name, uid);
1174 if (rv != NS_SUCCESS) {
1175 hesiod_free_list(ctx, hes);
1176 hes = NULL;
1177 continue;
1178 }
1179 linesize = strlcpy(buffer, hes[0], bufsize);
1180 if (linesize >= bufsize) {
1181 *errnop = ERANGE;
1182 rv = NS_RETURN;
1183 continue;
1184 }
1185 hesiod_free_list(ctx, hes);
1186 hes = NULL;
1187 rv = __pw_parse_entry(buffer, bufsize, pwd, 0, errnop);
1188 } while (how == nss_lt_all && !(rv & NS_TERMINATE));
1189 fin:
1190 if (hes != NULL)
1191 hesiod_free_list(ctx, hes);
1192 if (ctx != NULL)
1193 hesiod_end(ctx);
1194 if (rv == NS_SUCCESS) {
1195 pwd->pw_fields &= ~_PWF_SOURCE;
1196 pwd->pw_fields |= _PWF_HESIOD;
1197 if (retval != NULL)
1198 *(struct passwd **)retval = pwd;
1199 }
1200 return (rv);
1201 }
1202 #endif /* HESIOD */
1203
1204
1205 #ifdef YP
1206 /*
1207 * nis backend
1208 */
1209 static void
1210 nis_endstate(void *p)
1211 {
1212 free(((struct nis_state *)p)->key);
1213 free(p);
1214 }
1215
1216 /*
1217 * Test for the presence of special FreeBSD-specific master.passwd.by*
1218 * maps. We do this using yp_order(). If it fails, then either the server
1219 * doesn't have the map, or the YPPROC_ORDER procedure isn't supported by
1220 * the server (Sun NIS+ servers in YP compat mode behave this way). If
1221 * the master.passwd.by* maps don't exist, then let the lookup routine try
1222 * the regular passwd.by* maps instead. If the lookup routine fails, it
1223 * can return an error as needed.
1224 */
1225 static int
1226 nis_map(char *domain, enum nss_lookup_type how, char *buffer, size_t bufsize,
1227 int *master)
1228 {
1229 int rv, order;
1230
1231 *master = 0;
1232 if (geteuid() == 0) {
1233 if (snprintf(buffer, bufsize, "master.passwd.by%s",
1234 (how == nss_lt_id) ? "uid" : "name") >= bufsize)
1235 return (NS_UNAVAIL);
1236 rv = yp_order(domain, buffer, &order);
1237 if (rv == 0) {
1238 *master = 1;
1239 return (NS_SUCCESS);
1240 }
1241 }
1242
1243 if (snprintf(buffer, bufsize, "passwd.by%s",
1244 (how == nss_lt_id) ? "uid" : "name") >= bufsize)
1245 return (NS_UNAVAIL);
1246
1247 return (NS_SUCCESS);
1248 }
1249
1250
1251 static int
1252 nis_adjunct(char *domain, const char *name, char *buffer, size_t bufsize)
1253 {
1254 int rv;
1255 char *result, *p, *q, *eor;
1256 int resultlen;
1257
1258 result = NULL;
1259 rv = yp_match(domain, "passwd.adjunct.byname", name, strlen(name),
1260 &result, &resultlen);
1261 if (rv != 0)
1262 rv = 1;
1263 else {
1264 eor = &result[resultlen];
1265 p = memchr(result, ':', eor - result);
1266 if (p != NULL && ++p < eor &&
1267 (q = memchr(p, ':', eor - p)) != NULL) {
1268 if (q - p >= bufsize)
1269 rv = -1;
1270 else {
1271 memcpy(buffer, p, q - p);
1272 buffer[q - p] ='\0';
1273 }
1274 } else
1275 rv = 1;
1276 }
1277 free(result);
1278 return (rv);
1279 }
1280
1281
1282 static int
1283 nis_setpwent(void *retval, void *mdata, va_list ap)
1284 {
1285 struct nis_state *st;
1286 int rv;
1287
1288 rv = nis_getstate(&st);
1289 if (rv != 0)
1290 return (NS_UNAVAIL);
1291 st->done = 0;
1292 free(st->key);
1293 st->key = NULL;
1294 return (NS_UNAVAIL);
1295 }
1296
1297
1298 static int
1299 nis_passwd(void *retval, void *mdata, va_list ap)
1300 {
1301 char map[YPMAXMAP];
1302 struct nis_state *st;
1303 struct passwd *pwd;
1304 const char *name;
1305 char *buffer, *key, *result;
1306 size_t bufsize;
1307 uid_t uid;
1308 enum nss_lookup_type how;
1309 int *errnop, keylen, resultlen, rv, master;
1310
1311 name = NULL;
1312 uid = (uid_t)-1;
1313 how = (enum nss_lookup_type)mdata;
1314 switch (how) {
1315 case nss_lt_name:
1316 name = va_arg(ap, const char *);
1317 break;
1318 case nss_lt_id:
1319 uid = va_arg(ap, uid_t);
1320 break;
1321 case nss_lt_all:
1322 break;
1323 }
1324 pwd = va_arg(ap, struct passwd *);
1325 buffer = va_arg(ap, char *);
1326 bufsize = va_arg(ap, size_t);
1327 errnop = va_arg(ap, int *);
1328 *errnop = nis_getstate(&st);
1329 if (*errnop != 0)
1330 return (NS_UNAVAIL);
1331 if (st->domain[0] == '\0') {
1332 if (getdomainname(st->domain, sizeof(st->domain)) != 0) {
1333 *errnop = errno;
1334 return (NS_UNAVAIL);
1335 }
1336 }
1337 rv = nis_map(st->domain, how, map, sizeof(map), &master);
1338 if (rv != NS_SUCCESS)
1339 return (rv);
1340 result = NULL;
1341 do {
1342 rv = NS_NOTFOUND;
1343 switch (how) {
1344 case nss_lt_name:
1345 if (strlcpy(buffer, name, bufsize) >= bufsize)
1346 goto erange;
1347 break;
1348 case nss_lt_id:
1349 if (snprintf(buffer, bufsize, "%lu",
1350 (unsigned long)uid) >= bufsize)
1351 goto erange;
1352 break;
1353 case nss_lt_all:
1354 if (st->done)
1355 goto fin;
1356 break;
1357 }
1358 result = NULL;
1359 if (how == nss_lt_all) {
1360 if (st->key == NULL)
1361 rv = yp_first(st->domain, map, &st->key,
1362 &st->keylen, &result, &resultlen);
1363 else {
1364 key = st->key;
1365 keylen = st->keylen;
1366 st->key = NULL;
1367 rv = yp_next(st->domain, map, key, keylen,
1368 &st->key, &st->keylen, &result,
1369 &resultlen);
1370 free(key);
1371 }
1372 if (rv != 0) {
1373 free(result);
1374 free(st->key);
1375 st->key = NULL;
1376 if (rv == YPERR_NOMORE)
1377 st->done = 1;
1378 else
1379 rv = NS_UNAVAIL;
1380 goto fin;
1381 }
1382 } else {
1383 rv = yp_match(st->domain, map, buffer, strlen(buffer),
1384 &result, &resultlen);
1385 if (rv == YPERR_KEY) {
1386 rv = NS_NOTFOUND;
1387 continue;
1388 } else if (rv != 0) {
1389 free(result);
1390 rv = NS_UNAVAIL;
1391 continue;
1392 }
1393 }
1394 if (resultlen >= bufsize)
1395 goto erange;
1396 memcpy(buffer, result, resultlen);
1397 buffer[resultlen] = '\0';
1398 free(result);
1399 rv = __pw_match_entry(buffer, resultlen, how, name, uid);
1400 if (rv == NS_SUCCESS)
1401 rv = __pw_parse_entry(buffer, resultlen, pwd, master,
1402 errnop);
1403 } while (how == nss_lt_all && !(rv & NS_TERMINATE));
1404 fin:
1405 if (rv == NS_SUCCESS) {
1406 if (strstr(pwd->pw_passwd, "##") != NULL) {
1407 rv = nis_adjunct(st->domain, pwd->pw_name,
1408 &buffer[resultlen+1], bufsize-resultlen-1);
1409 if (rv < 0)
1410 goto erange;
1411 else if (rv == 0)
1412 pwd->pw_passwd = &buffer[resultlen+1];
1413 }
1414 pwd->pw_fields &= ~_PWF_SOURCE;
1415 pwd->pw_fields |= _PWF_NIS;
1416 if (retval != NULL)
1417 *(struct passwd **)retval = pwd;
1418 rv = NS_SUCCESS;
1419 }
1420 return (rv);
1421 erange:
1422 *errnop = ERANGE;
1423 return (NS_RETURN);
1424 }
1425 #endif /* YP */
1426
1427
1428 /*
1429 * compat backend
1430 */
1431 static void
1432 compat_clear_template(struct passwd *template)
1433 {
1434
1435 free(template->pw_passwd);
1436 free(template->pw_gecos);
1437 free(template->pw_dir);
1438 free(template->pw_shell);
1439 memset(template, 0, sizeof(*template));
1440 }
1441
1442
1443 static int
1444 compat_set_template(struct passwd *src, struct passwd *template)
1445 {
1446
1447 compat_clear_template(template);
1448 #ifdef PW_OVERRIDE_PASSWD
1449 if ((src->pw_fields & _PWF_PASSWD) &&
1450 (template->pw_passwd = strdup(src->pw_passwd)) == NULL)
1451 goto enomem;
1452 #endif
1453 if (src->pw_fields & _PWF_UID)
1454 template->pw_uid = src->pw_uid;
1455 if (src->pw_fields & _PWF_GID)
1456 template->pw_gid = src->pw_gid;
1457 if ((src->pw_fields & _PWF_GECOS) &&
1458 (template->pw_gecos = strdup(src->pw_gecos)) == NULL)
1459 goto enomem;
1460 if ((src->pw_fields & _PWF_DIR) &&
1461 (template->pw_dir = strdup(src->pw_dir)) == NULL)
1462 goto enomem;
1463 if ((src->pw_fields & _PWF_SHELL) &&
1464 (template->pw_shell = strdup(src->pw_shell)) == NULL)
1465 goto enomem;
1466 template->pw_fields = src->pw_fields;
1467 return (0);
1468 enomem:
1469 syslog(LOG_ERR, "getpwent memory allocation failure");
1470 return (-1);
1471 }
1472
1473
1474 static int
1475 compat_use_template(struct passwd *pwd, struct passwd *template, char *buffer,
1476 size_t bufsize)
1477 {
1478 struct passwd hold;
1479 char *copy, *p, *q, *eob;
1480 size_t n;
1481
1482 /* We cannot know the layout of the password fields in `buffer',
1483 * so we have to copy everything.
1484 */
1485 if (template->pw_fields == 0) /* nothing to fill-in */
1486 return (0);
1487 n = 0;
1488 n += pwd->pw_name != NULL ? strlen(pwd->pw_name) + 1 : 0;
1489 n += pwd->pw_passwd != NULL ? strlen(pwd->pw_passwd) + 1 : 0;
1490 n += pwd->pw_class != NULL ? strlen(pwd->pw_class) + 1 : 0;
1491 n += pwd->pw_gecos != NULL ? strlen(pwd->pw_gecos) + 1 : 0;
1492 n += pwd->pw_dir != NULL ? strlen(pwd->pw_dir) + 1 : 0;
1493 n += pwd->pw_shell != NULL ? strlen(pwd->pw_shell) + 1 : 0;
1494 copy = malloc(n);
1495 if (copy == NULL) {
1496 syslog(LOG_ERR, "getpwent memory allocation failure");
1497 return (ENOMEM);
1498 }
1499 p = copy;
1500 eob = &copy[n];
1501 #define COPY(field) do { \
1502 if (pwd->field == NULL) \
1503 hold.field = NULL; \
1504 else { \
1505 hold.field = p; \
1506 p += strlcpy(p, pwd->field, eob-p) + 1; \
1507 } \
1508 } while (0)
1509 COPY(pw_name);
1510 COPY(pw_passwd);
1511 COPY(pw_class);
1512 COPY(pw_gecos);
1513 COPY(pw_dir);
1514 COPY(pw_shell);
1515 #undef COPY
1516 p = buffer;
1517 eob = &buffer[bufsize];
1518 #define COPY(field, flag) do { \
1519 q = (template->pw_fields & flag) ? template->field : hold.field; \
1520 if (q == NULL) \
1521 pwd->field = NULL; \
1522 else { \
1523 pwd->field = p; \
1524 if ((n = strlcpy(p, q, eob-p)) >= eob-p) { \
1525 free(copy); \
1526 return (ERANGE); \
1527 } \
1528 p += n + 1; \
1529 } \
1530 } while (0)
1531 COPY(pw_name, 0);
1532 #ifdef PW_OVERRIDE_PASSWD
1533 COPY(pw_passwd, _PWF_PASSWD);
1534 #else
1535 COPY(pw_passwd, 0);
1536 #endif
1537 COPY(pw_class, 0);
1538 COPY(pw_gecos, _PWF_GECOS);
1539 COPY(pw_dir, _PWF_DIR);
1540 COPY(pw_shell, _PWF_SHELL);
1541 #undef COPY
1542 #define COPY(field, flag) do { \
1543 if (template->pw_fields & flag) \
1544 pwd->field = template->field; \
1545 } while (0)
1546 COPY(pw_uid, _PWF_UID);
1547 COPY(pw_gid, _PWF_GID);
1548 #undef COPY
1549 free(copy);
1550 return (0);
1551 }
1552
1553
1554 static int
1555 compat_exclude(const char *name, DB **db)
1556 {
1557 DBT key, data;
1558
1559 if (*db == NULL &&
1560 (*db = dbopen(NULL, O_RDWR, 600, DB_HASH, 0)) == NULL)
1561 return (errno);
1562 key.size = strlen(name);
1563 key.data = (char *)name;
1564 data.size = 0;
1565 data.data = NULL;
1566
1567 if ((*db)->put(*db, &key, &data, 0) == -1)
1568 return (errno);
1569 return (0);
1570 }
1571
1572
1573 static int
1574 compat_is_excluded(const char *name, DB *db)
1575 {
1576 DBT key, data;
1577
1578 if (db == NULL)
1579 return (0);
1580 key.size = strlen(name);
1581 key.data = (char *)name;
1582 return (db->get(db, &key, &data, 0) == 0);
1583 }
1584
1585
1586 static int
1587 compat_redispatch(struct compat_state *st, enum nss_lookup_type how,
1588 enum nss_lookup_type lookup_how, const char *name, const char *lookup_name,
1589 uid_t uid, struct passwd *pwd, char *buffer, size_t bufsize, int *errnop)
1590 {
1591 static const ns_src compatsrc[] = {
1592 #ifdef YP
1593 { NSSRC_NIS, NS_SUCCESS },
1594 #endif
1595 { NULL, 0 }
1596 };
1597 ns_dtab dtab[] = {
1598 #ifdef YP
1599 { NSSRC_NIS, nis_passwd, NULL },
1600 #endif
1601 #ifdef HESIOD
1602 { NSSRC_DNS, dns_passwd, NULL },
1603 #endif
1604 { NULL, NULL, NULL }
1605 };
1606 void *discard;
1607 int rv, e, i;
1608
1609 for (i = 0; i < sizeof(dtab)/sizeof(dtab[0]) - 1; i++)
1610 dtab[i].mdata = (void *)lookup_how;
1611 more:
1612 pwd_init(pwd);
1613 switch (lookup_how) {
1614 case nss_lt_all:
1615 rv = _nsdispatch(&discard, dtab, NSDB_PASSWD_COMPAT,
1616 "getpwent_r", compatsrc, pwd, buffer, bufsize,
1617 errnop);
1618 break;
1619 case nss_lt_id:
1620 rv = _nsdispatch(&discard, dtab, NSDB_PASSWD_COMPAT,
1621 "getpwuid_r", compatsrc, uid, pwd, buffer,
1622 bufsize, errnop);
1623 break;
1624 case nss_lt_name:
1625 rv = _nsdispatch(&discard, dtab, NSDB_PASSWD_COMPAT,
1626 "getpwnam_r", compatsrc, lookup_name, pwd, buffer,
1627 bufsize, errnop);
1628 break;
1629 default:
1630 return (NS_UNAVAIL);
1631 }
1632 if (rv != NS_SUCCESS)
1633 return (rv);
1634 if (compat_is_excluded(pwd->pw_name, st->exclude)) {
1635 if (how == nss_lt_all)
1636 goto more;
1637 return (NS_NOTFOUND);
1638 }
1639 e = compat_use_template(pwd, &st->template, buffer, bufsize);
1640 if (e != 0) {
1641 *errnop = e;
1642 if (e == ERANGE)
1643 return (NS_RETURN);
1644 else
1645 return (NS_UNAVAIL);
1646 }
1647 switch (how) {
1648 case nss_lt_name:
1649 if (strcmp(name, pwd->pw_name) != 0)
1650 return (NS_NOTFOUND);
1651 break;
1652 case nss_lt_id:
1653 if (uid != pwd->pw_uid)
1654 return (NS_NOTFOUND);
1655 break;
1656 default:
1657 break;
1658 }
1659 return (NS_SUCCESS);
1660 }
1661
1662
1663 static void
1664 compat_endstate(void *p)
1665 {
1666 struct compat_state *st;
1667
1668 if (p == NULL)
1669 return;
1670 st = (struct compat_state *)p;
1671 if (st->db != NULL)
1672 st->db->close(st->db);
1673 if (st->exclude != NULL)
1674 st->exclude->close(st->exclude);
1675 compat_clear_template(&st->template);
1676 free(p);
1677 }
1678
1679
1680 static int
1681 compat_setpwent(void *retval, void *mdata, va_list ap)
1682 {
1683 static const ns_src compatsrc[] = {
1684 #ifdef YP
1685 { NSSRC_NIS, NS_SUCCESS },
1686 #endif
1687 { NULL, 0 }
1688 };
1689 ns_dtab dtab[] = {
1690 #ifdef YP
1691 { NSSRC_NIS, nis_setpwent, NULL },
1692 #endif
1693 #ifdef HESIOD
1694 { NSSRC_DNS, dns_setpwent, NULL },
1695 #endif
1696 { NULL, NULL, NULL }
1697 };
1698 struct compat_state *st;
1699 int rv, stayopen;
1700
1701 #define set_setent(x, y) do { \
1702 int i; \
1703 \
1704 for (i = 0; i < (sizeof(x)/sizeof(x[0])) - 1; i++) \
1705 x[i].mdata = (void *)y; \
1706 } while (0)
1707
1708 rv = compat_getstate(&st);
1709 if (rv != 0)
1710 return (NS_UNAVAIL);
1711 switch ((enum constants)mdata) {
1712 case SETPWENT:
1713 stayopen = va_arg(ap, int);
1714 st->keynum = 0;
1715 if (stayopen)
1716 st->db = pwdbopen(&st->version);
1717 st->stayopen = stayopen;
1718 set_setent(dtab, mdata);
1719 _nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "setpwent",
1720 compatsrc, 0);
1721 break;
1722 case ENDPWENT:
1723 if (st->db != NULL) {
1724 st->db->close(st->db);
1725 st->db = NULL;
1726 }
1727 set_setent(dtab, mdata);
1728 _nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "endpwent",
1729 compatsrc, 0);
1730 break;
1731 default:
1732 break;
1733 }
1734 return (NS_UNAVAIL);
1735 #undef set_setent
1736 }
1737
1738
1739 static int
1740 compat_passwd(void *retval, void *mdata, va_list ap)
1741 {
1742 char keybuf[MAXLOGNAME + 1];
1743 DBT key, entry;
1744 struct compat_state *st;
1745 enum nss_lookup_type how;
1746 const char *name;
1747 struct passwd *pwd;
1748 char *buffer, *pw_name;
1749 char *host, *user, *domain;
1750 size_t bufsize;
1751 uid_t uid;
1752 uint32_t store;
1753 int rv, from_compat, stayopen, *errnop;
1754
1755 from_compat = 0;
1756 name = NULL;
1757 uid = (uid_t)-1;
1758 how = (enum nss_lookup_type)mdata;
1759 switch (how) {
1760 case nss_lt_name:
1761 name = va_arg(ap, const char *);
1762 break;
1763 case nss_lt_id:
1764 uid = va_arg(ap, uid_t);
1765 break;
1766 case nss_lt_all:
1767 break;
1768 default:
1769 rv = NS_NOTFOUND;
1770 goto fin;
1771 }
1772 pwd = va_arg(ap, struct passwd *);
1773 buffer = va_arg(ap, char *);
1774 bufsize = va_arg(ap, size_t);
1775 errnop = va_arg(ap, int *);
1776 *errnop = compat_getstate(&st);
1777 if (*errnop != 0)
1778 return (NS_UNAVAIL);
1779 if (how == nss_lt_all && st->keynum < 0) {
1780 rv = NS_NOTFOUND;
1781 goto fin;
1782 }
1783 if (st->db == NULL &&
1784 (st->db = pwdbopen(&st->version)) == NULL) {
1785 *errnop = errno;
1786 rv = NS_UNAVAIL;
1787 goto fin;
1788 }
1789 if (how == nss_lt_all) {
1790 if (st->keynum < 0) {
1791 rv = NS_NOTFOUND;
1792 goto fin;
1793 }
1794 stayopen = 1;
1795 } else {
1796 st->keynum = 0;
1797 stayopen = st->stayopen;
1798 }
1799 docompat:
1800 rv = NS_NOTFOUND;
1801 switch (st->compat) {
1802 case COMPAT_MODE_ALL:
1803 rv = compat_redispatch(st, how, how, name, name, uid, pwd,
1804 buffer, bufsize, errnop);
1805 if (rv != NS_SUCCESS)
1806 st->compat = COMPAT_MODE_OFF;
1807 break;
1808 case COMPAT_MODE_NETGROUP:
1809 /* XXX getnetgrent is not thread-safe. */
1810 do {
1811 rv = getnetgrent(&host, &user, &domain);
1812 if (rv == 0) {
1813 endnetgrent();
1814 st->compat = COMPAT_MODE_OFF;
1815 rv = NS_NOTFOUND;
1816 continue;
1817 } else if (user == NULL || user[0] == '\0')
1818 continue;
1819 rv = compat_redispatch(st, how, nss_lt_name, name,
1820 user, uid, pwd, buffer, bufsize, errnop);
1821 } while (st->compat == COMPAT_MODE_NETGROUP &&
1822 !(rv & NS_TERMINATE));
1823 break;
1824 case COMPAT_MODE_NAME:
1825 rv = compat_redispatch(st, how, nss_lt_name, name, st->name,
1826 uid, pwd, buffer, bufsize, errnop);
1827 free(st->name);
1828 st->name = NULL;
1829 st->compat = COMPAT_MODE_OFF;
1830 break;
1831 default:
1832 break;
1833 }
1834 if (rv & NS_TERMINATE) {
1835 from_compat = 1;
1836 goto fin;
1837 }
1838 key.data = keybuf;
1839 rv = NS_NOTFOUND;
1840 while (st->keynum >= 0) {
1841 st->keynum++;
1842 if (st->version < _PWD_CURRENT_VERSION) {
1843 memcpy(&keybuf[1], &st->keynum, sizeof(st->keynum));
1844 key.size = sizeof(st->keynum) + 1;
1845 } else {
1846 store = htonl(st->keynum);
1847 memcpy(&keybuf[1], &store, sizeof(store));
1848 key.size = sizeof(store) + 1;
1849 }
1850 keybuf[0] = _PW_VERSIONED(_PW_KEYBYNUM, st->version);
1851 rv = st->db->get(st->db, &key, &entry, 0);
1852 if (rv < 0 || rv > 1) { /* should never return > 1 */
1853 *errnop = errno;
1854 rv = NS_UNAVAIL;
1855 goto fin;
1856 } else if (rv == 1) {
1857 st->keynum = -1;
1858 rv = NS_NOTFOUND;
1859 goto fin;
1860 }
1861 pw_name = (char *)entry.data;
1862 switch (pw_name[0]) {
1863 case '+':
1864 switch (pw_name[1]) {
1865 case '\0':
1866 st->compat = COMPAT_MODE_ALL;
1867 break;
1868 case '@':
1869 setnetgrent(&pw_name[2]);
1870 st->compat = COMPAT_MODE_NETGROUP;
1871 break;
1872 default:
1873 st->name = strdup(&pw_name[1]);
1874 if (st->name == NULL) {
1875 syslog(LOG_ERR,
1876 "getpwent memory allocation failure");
1877 *errnop = ENOMEM;
1878 rv = NS_UNAVAIL;
1879 break;
1880 }
1881 st->compat = COMPAT_MODE_NAME;
1882 }
1883 if (entry.size > bufsize) {
1884 *errnop = ERANGE;
1885 rv = NS_RETURN;
1886 goto fin;
1887 }
1888 memcpy(buffer, entry.data, entry.size);
1889 rv = pwdb_versions[st->version].parse(buffer,
1890 entry.size, pwd, errnop);
1891 if (rv != NS_SUCCESS)
1892 ;
1893 else if (compat_set_template(pwd, &st->template) < 0) {
1894 *errnop = ENOMEM;
1895 rv = NS_UNAVAIL;
1896 goto fin;
1897 }
1898 goto docompat;
1899 case '-':
1900 switch (pw_name[1]) {
1901 case '\0':
1902 /* XXX Maybe syslog warning */
1903 continue;
1904 case '@':
1905 setnetgrent(&pw_name[2]);
1906 while (getnetgrent(&host, &user, &domain) !=
1907 0) {
1908 if (user != NULL && user[0] != '\0')
1909 compat_exclude(user,
1910 &st->exclude);
1911 }
1912 endnetgrent();
1913 continue;
1914 default:
1915 compat_exclude(&pw_name[1], &st->exclude);
1916 continue;
1917 }
1918 break;
1919 default:
1920 break;
1921 }
1922 if (compat_is_excluded((char *)entry.data, st->exclude))
1923 continue;
1924 rv = pwdb_versions[st->version].match(entry.data, entry.size,
1925 how, name, uid);
1926 if (rv == NS_RETURN)
1927 break;
1928 else if (rv != NS_SUCCESS)
1929 continue;
1930 if (entry.size > bufsize) {
1931 *errnop = ERANGE;
1932 rv = NS_RETURN;
1933 break;
1934 }
1935 memcpy(buffer, entry.data, entry.size);
1936 rv = pwdb_versions[st->version].parse(buffer, entry.size, pwd,
1937 errnop);
1938 if (rv & NS_TERMINATE)
1939 break;
1940 }
1941 fin:
1942 if (!stayopen && st->db != NULL) {
1943 st->db->close(st->db);
1944 st->db = NULL;
1945 }
1946 if (rv == NS_SUCCESS) {
1947 if (!from_compat) {
1948 pwd->pw_fields &= ~_PWF_SOURCE;
1949 pwd->pw_fields |= _PWF_FILES;
1950 }
1951 if (retval != NULL)
1952 *(struct passwd **)retval = pwd;
1953 }
1954 return (rv);
1955 }
1956
1957
1958 /*
1959 * common passwd line matching and parsing
1960 */
1961 int
1962 __pw_match_entry(const char *entry, size_t entrysize, enum nss_lookup_type how,
1963 const char *name, uid_t uid)
1964 {
1965 const char *p, *eom;
1966 char *q;
1967 size_t len;
1968 unsigned long m;
1969
1970 eom = entry + entrysize;
1971 for (p = entry; p < eom; p++)
1972 if (*p == ':')
1973 break;
1974 if (*p != ':')
1975 return (NS_NOTFOUND);
1976 if (how == nss_lt_all)
1977 return (NS_SUCCESS);
1978 if (how == nss_lt_name) {
1979 len = strlen(name);
1980 if (len == (p - entry) && memcmp(name, entry, len) == 0)
1981 return (NS_SUCCESS);
1982 else
1983 return (NS_NOTFOUND);
1984 }
1985 for (p++; p < eom; p++)
1986 if (*p == ':')
1987 break;
1988 if (*p != ':')
1989 return (NS_NOTFOUND);
1990 m = strtoul(++p, &q, 10);
1991 if (q[0] != ':' || (uid_t)m != uid)
1992 return (NS_NOTFOUND);
1993 else
1994 return (NS_SUCCESS);
1995 }
1996
1997
1998 /* XXX buffer must be NUL-terminated. errnop is not set correctly. */
1999 int
2000 __pw_parse_entry(char *buffer, size_t bufsize __unused, struct passwd *pwd,
2001 int master, int *errnop __unused)
2002 {
2003
2004 if (__pw_scan(buffer, pwd, master ? _PWSCAN_MASTER : 0) == 0)
2005 return (NS_NOTFOUND);
2006 else
2007 return (NS_SUCCESS);
2008 }
DragonFly BSD