search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
* nis/nss-default.c (vars): Add SETENT_BATCH_READ.
[glibc.git] / nis / nss_nis / nis-pwd.c
bloba996b042c4e3a069ef0a98e2862843e98b1faa24
1 /* Copyright (C) 1996-1998,2001,2002,2003,2006 Free Software Foundation, Inc.
2 This file is part of the GNU C Library.
3 Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1996.
4
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
9
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
14
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, write to the Free
17 Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
18 02111-1307 USA. */
19
20 #include <assert.h>
21 #include <ctype.h>
22 #include <errno.h>
23 #include <nss.h>
24 #include <pwd.h>
25 #include <string.h>
26 #include <bits/libc-lock.h>
27 #include <rpcsvc/yp.h>
28 #include <rpcsvc/ypclnt.h>
29
30 #include "nss-nis.h"
31 #include <libnsl.h>
32
33 /* Get the declaration of the parser function. */
34 #define ENTNAME pwent
35 #define STRUCTURE passwd
36 #define EXTERN_PARSER
37 #include <nss/nss_files/files-parse.c>
38
39 /* Protect global state against multiple changers */
40 __libc_lock_define_initialized (static, lock)
41
42 static bool_t new_start = 1;
43 static char *oldkey;
44 static int oldkeylen;
45
46 struct response_t
47 {
48 struct response_t *next;
49 size_t size;
50 char mem[0];
51 };
52
53 typedef struct intern_t
54 {
55 struct response_t *start;
56 struct response_t *next;
57 size_t offset;
58 } intern_t;
59
60 static intern_t intern;
61
62
63 static int
64 saveit (int instatus, char *inkey, int inkeylen, char *inval,
65 int invallen, char *indata)
66 {
67 if (instatus != YP_TRUE)
68 return 1;
69
70 if (inkey && inkeylen > 0 && inval && invallen > 0)
71 {
72 struct response_t *bucket = intern.next;
73
74 if (__builtin_expect (bucket == NULL, 0))
75 {
76 #define MINSIZE 4096 - 4 * sizeof (void *)
77 const size_t minsize = MAX (MINSIZE, 2 * (invallen + 1));
78 bucket = malloc (sizeof (struct response_t) + minsize);
79 if (bucket == NULL)
80 /* We have no error code for out of memory. */
81 return 1;
82
83 bucket->next = NULL;
84 bucket->size = minsize;
85 intern.start = intern.next = bucket;
86 intern.offset = 0;
87 }
88 else if (__builtin_expect (invallen + 1 > bucket->size - intern.offset,
89 0))
90 {
91 /* We need a new (larger) buffer. */
92 const size_t newsize = 2 * MAX (bucket->size, invallen + 1);
93 struct response_t *newp = malloc (sizeof (struct response_t)
94 + newsize);
95 if (newp == NULL)
96 /* We have no error code for out of memory. */
97 return 1;
98
99 /* Mark the old bucket as full. */
100 bucket->size = intern.offset;
101
102 newp->next = NULL;
103 newp->size = newsize;
104 bucket = intern.next = bucket->next = newp;
105 intern.offset = 0;
106 }
107
108 char *p = mempcpy (&bucket->mem[intern.offset], inval, invallen);
109 if (__builtin_expect (p[-1] != '\0', 0))
110 {
111 *p = '\0';
112 ++invallen;
113 }
114 intern.offset += invallen;
115 }
116
117 return 0;
118 }
119
120
121 static void
122 internal_nis_endpwent (void)
123 {
124 new_start = 1;
125 if (oldkey != NULL)
126 {
127 free (oldkey);
128 oldkey = NULL;
129 oldkeylen = 0;
130 }
131
132 struct response_t *curr = intern.next;
133
134 while (curr != NULL)
135 {
136 struct response_t *last = curr;
137 curr = curr->next;
138 free (last);
139 }
140
141 intern.next = intern.start = NULL;
142 }
143
144
145 enum nss_status
146 _nss_nis_endpwent (void)
147 {
148 __libc_lock_lock (lock);
149
150 internal_nis_endpwent ();
151
152 __libc_lock_unlock (lock);
153
154 return NSS_STATUS_SUCCESS;
155 }
156
157
158 enum nss_status
159 internal_nis_setpwent (void)
160 {
161 /* We have to read all the data now. */
162 char *domain;
163 if (__builtin_expect (yp_get_default_domain (&domain), 0))
164 return NSS_STATUS_UNAVAIL;
165
166 struct ypall_callback ypcb;
167
168 ypcb.foreach = saveit;
169 ypcb.data = NULL;
170 enum nss_status status = yperr2nss (yp_all (domain, "passwd.byname", &ypcb));
171
172
173 /* Mark the last buffer as full. */
174 if (intern.next != NULL)
175 intern.next->size = intern.offset;
176
177 intern.next = intern.start;
178 intern.offset = 0;
179
180 return status;
181 }
182
183
184 enum nss_status
185 _nss_nis_setpwent (int stayopen)
186 {
187 enum nss_status result = NSS_STATUS_SUCCESS;
188
189 __libc_lock_lock (lock);
190
191 internal_nis_endpwent ();
192
193 if (_nsl_default_nss () & NSS_FLAG_SETENT_BATCH_READ)
194 result = internal_nis_setpwent ();
195
196 __libc_lock_unlock (lock);
197
198 return result;
199 }
200
201
202 static enum nss_status
203 internal_nis_getpwent_r (struct passwd *pwd, char *buffer, size_t buflen,
204 int *errnop)
205 {
206 /* If we read the entire database at setpwent time we just iterate
207 over the data we have in memory. */
208 bool batch_read = intern.start != NULL;
209
210 char *domain = NULL;
211 if (!batch_read && __builtin_expect (yp_get_default_domain (&domain), 0))
212 return NSS_STATUS_UNAVAIL;
213
214 /* Get the next entry until we found a correct one. */
215 int parse_res;
216 do
217 {
218 char *result;
219 char *outkey;
220 int len;
221 int keylen;
222
223 if (batch_read)
224 {
225 struct response_t *bucket;
226
227 handle_batch_read:
228 bucket = intern.next;
229
230 if (__builtin_expect (intern.offset >= bucket->size, 0))
231 {
232 if (bucket->next == NULL)
233 return NSS_STATUS_NOTFOUND;
234
235 /* We look at all the content in the current bucket. Go on
236 to the next. */
237 bucket = intern.next = bucket->next;
238 intern.offset = 0;
239 }
240
241 for (result = &bucket->mem[intern.offset]; isspace (*result);
242 ++result)
243 ++intern.offset;
244
245 len = strlen (result);
246 }
247 else
248 {
249 int yperr;
250
251 if (new_start)
252 {
253 /* Maybe we should read the database in one piece. */
254 if ((_nsl_default_nss () & NSS_FLAG_SETENT_BATCH_READ)
255 && internal_nis_setpwent () == NSS_STATUS_SUCCESS
256 && intern.start != NULL)
257 {
258 batch_read = true;
259 goto handle_batch_read;
260 }
261
262 yperr = yp_first (domain, "passwd.byname", &outkey, &keylen,
263 &result, &len);
264 }
265 else
266 yperr = yp_next (domain, "passwd.byname", oldkey, oldkeylen,
267 &outkey, &keylen, &result, &len);
268
269 if (__builtin_expect (yperr != YPERR_SUCCESS, 0))
270 {
271 enum nss_status retval = yperr2nss (yperr);
272
273 if (retval == NSS_STATUS_TRYAGAIN)
274 *errnop = errno;
275 return retval;
276 }
277 }
278
279 /* Check for adjunct style secret passwords. They can be
280 recognized by a password starting with "##". */
281 char *p = strchr (result, ':');
282 size_t namelen;
283 char *result2;
284 int len2;
285 if (p != NULL /* This better should be true in all cases. */
286 && p[1] == '#' && p[2] == '#'
287 && (namelen = p - result,
288 yp_match (domain, "passwd.adjunct.byname", result, namelen,
289 &result2, &len2)) == YPERR_SUCCESS)
290 {
291 /* We found a passwd.adjunct entry. Merge encrypted
292 password therein into original result. */
293 char *encrypted = strchr (result2, ':');
294 char *endp;
295 size_t restlen;
296
297 if (encrypted == NULL
298 || (endp = strchr (++encrypted, ':')) == NULL
299 || (p = strchr (p + 1, ':')) == NULL)
300 {
301 /* Invalid format of the entry. This never should happen
302 unless the data from which the NIS table is generated is
303 wrong. We simply ignore it. */
304 free (result2);
305 goto non_adjunct;
306 }
307
308 restlen = len - (p - result);
309 if (__builtin_expect ((size_t) (namelen + (endp - encrypted)
310 + restlen + 2) > buflen, 0))
311 {
312 free (result2);
313 free (result);
314 *errnop = ERANGE;
315 return NSS_STATUS_TRYAGAIN;
316 }
317
318 mempcpy (mempcpy (mempcpy (mempcpy (buffer, result, namelen),
319 ":", 1),
320 encrypted, endp - encrypted),
321 p, restlen + 1);
322 p = buffer;
323
324 free (result2);
325 }
326 else
327 {
328 non_adjunct:
329 if (__builtin_expect ((size_t) (len + 1) > buflen, 0))
330 {
331 free (result);
332 *errnop = ERANGE;
333 return NSS_STATUS_TRYAGAIN;
334 }
335
336 p = buffer;
337 *((char *) mempcpy (buffer, result, len)) = '\0';
338 }
339
340 while (isspace (*p))
341 ++p;
342 if (!batch_read)
343 free (result);
344
345 parse_res = _nss_files_parse_pwent (p, pwd, (void *) buffer, buflen,
346 errnop);
347 if (__builtin_expect (parse_res == -1, 0))
348 {
349 free (outkey);
350 *errnop = ERANGE;
351 return NSS_STATUS_TRYAGAIN;
352 }
353
354 if (batch_read)
355 intern.offset += len + 1;
356 else
357 {
358 free (oldkey);
359 oldkey = outkey;
360 oldkeylen = keylen;
361 new_start = 0;
362 }
363 }
364 while (parse_res < 1);
365
366 return NSS_STATUS_SUCCESS;
367 }
368
369 enum nss_status
370 _nss_nis_getpwent_r (struct passwd *result, char *buffer, size_t buflen,
371 int *errnop)
372 {
373 int status;
374
375 __libc_lock_lock (lock);
376
377 status = internal_nis_getpwent_r (result, buffer, buflen, errnop);
378
379 __libc_lock_unlock (lock);
380
381 return status;
382 }
383
384 enum nss_status
385 _nss_nis_getpwnam_r (const char *name, struct passwd *pwd,
386 char *buffer, size_t buflen, int *errnop)
387 {
388 if (name == NULL)
389 {
390 *errnop = EINVAL;
391 return NSS_STATUS_UNAVAIL;
392 }
393
394 char *domain;
395 if (__builtin_expect (yp_get_default_domain (&domain), 0))
396 return NSS_STATUS_UNAVAIL;
397
398 size_t namelen = strlen (name);
399
400 char *result;
401 int len;
402 int yperr = yp_match (domain, "passwd.byname", name, namelen, &result, &len);
403
404 if (__builtin_expect (yperr != YPERR_SUCCESS, 0))
405 {
406 enum nss_status retval = yperr2nss (yperr);
407
408 if (retval == NSS_STATUS_TRYAGAIN)
409 *errnop = errno;
410 return retval;
411 }
412
413 /* Check for adjunct style secret passwords. They can be recognized
414 by a password starting with "##". */
415 char *result2;
416 int len2;
417 char *p = strchr (result, ':');
418 if (p != NULL /* This better should be true in all cases. */
419 && p[1] == '#' && p[2] == '#'
420 && yp_match (domain, "passwd.adjunct.byname", name, namelen,
421 &result2, &len2) == YPERR_SUCCESS)
422 {
423 /* We found a passwd.adjunct entry. Merge encrypted password
424 therein into original result. */
425 char *encrypted = strchr (result2, ':');
426 char *endp;
427
428 if (encrypted == NULL
429 || (endp = strchr (++encrypted, ':')) == NULL
430 || (p = strchr (p + 1, ':')) == NULL)
431 {
432 /* Invalid format of the entry. This never should happen
433 unless the data from which the NIS table is generated is
434 wrong. We simply ignore it. */
435 free (result2);
436 goto non_adjunct;
437 }
438
439 size_t restlen = len - (p - result);
440 if (__builtin_expect ((size_t) (namelen + (endp - encrypted)
441 + restlen + 2) > buflen, 0))
442 {
443 free (result2);
444 free (result);
445 *errnop = ERANGE;
446 return NSS_STATUS_TRYAGAIN;
447 }
448
449 __mempcpy (__mempcpy (__mempcpy (__mempcpy (buffer, name, namelen),
450 ":", 1),
451 encrypted, endp - encrypted),
452 p, restlen + 1);
453 p = buffer;
454
455 free (result2);
456 }
457 else
458 {
459 non_adjunct:
460 if (__builtin_expect ((size_t) (len + 1) > buflen, 0))
461 {
462 free (result);
463 *errnop = ERANGE;
464 return NSS_STATUS_TRYAGAIN;
465 }
466
467 p = strncpy (buffer, result, len);
468 buffer[len] = '\0';
469 }
470
471 while (isspace (*p))
472 ++p;
473 free (result);
474
475 int parse_res = _nss_files_parse_pwent (p, pwd, (void *) buffer, buflen,
476 errnop);
477 if (__builtin_expect (parse_res < 1, 0))
478 {
479 if (parse_res == -1)
480 return NSS_STATUS_TRYAGAIN;
481 else
482 return NSS_STATUS_NOTFOUND;
483 }
484 else
485 return NSS_STATUS_SUCCESS;
486 }
487
488 enum nss_status
489 _nss_nis_getpwuid_r (uid_t uid, struct passwd *pwd,
490 char *buffer, size_t buflen, int *errnop)
491 {
492 char *domain;
493 if (__builtin_expect (yp_get_default_domain (&domain), 0))
494 return NSS_STATUS_UNAVAIL;
495
496 char buf[32];
497 int nlen = snprintf (buf, sizeof (buf), "%lu", (unsigned long int) uid);
498
499 char *result;
500 int len;
501 int yperr = yp_match (domain, "passwd.byuid", buf, nlen, &result, &len);
502
503 if (__builtin_expect (yperr != YPERR_SUCCESS, 0))
504 {
505 enum nss_status retval = yperr2nss (yperr);
506
507 if (retval == NSS_STATUS_TRYAGAIN)
508 *errnop = errno;
509 return retval;
510 }
511
512 /* Check for adjunct style secret passwords. They can be recognized
513 by a password starting with "##". */
514 char *result2;
515 int len2;
516 size_t namelen;
517 char *p = strchr (result, ':');
518 if (p != NULL /* This better should be true in all cases. */
519 && p[1] == '#' && p[2] == '#'
520 && (namelen = p - result,
521 yp_match (domain, "passwd.adjunct.byname", result, namelen,
522 &result2, &len2)) == YPERR_SUCCESS)
523 {
524 /* We found a passwd.adjunct entry. Merge encrypted password
525 therein into original result. */
526 char *encrypted = strchr (result2, ':');
527 char *endp;
528 size_t restlen;
529
530 if (encrypted == NULL
531 || (endp = strchr (++encrypted, ':')) == NULL
532 || (p = strchr (p + 1, ':')) == NULL)
533 {
534 /* Invalid format of the entry. This never should happen
535 unless the data from which the NIS table is generated is
536 wrong. We simply ignore it. */
537 free (result2);
538 goto non_adjunct;
539 }
540
541 restlen = len - (p - result);
542 if (__builtin_expect ((size_t) (namelen + (endp - encrypted)
543 + restlen + 2) > buflen, 0))
544 {
545 free (result2);
546 free (result);
547 *errnop = ERANGE;
548 return NSS_STATUS_TRYAGAIN;
549 }
550
551 __mempcpy (__mempcpy (__mempcpy (__mempcpy (buffer, result, namelen),
552 ":", 1),
553 encrypted, endp - encrypted),
554 p, restlen + 1);
555 p = buffer;
556
557 free (result2);
558 }
559 else
560 {
561 non_adjunct:
562 if (__builtin_expect ((size_t) (len + 1) > buflen, 0))
563 {
564 free (result);
565 *errnop = ERANGE;
566 return NSS_STATUS_TRYAGAIN;
567 }
568
569 p = strncpy (buffer, result, len);
570 buffer[len] = '\0';
571 }
572
573 while (isspace (*p))
574 ++p;
575 free (result);
576
577 int parse_res = _nss_files_parse_pwent (p, pwd, (void *) buffer, buflen,
578 errnop);
579 if (__builtin_expect (parse_res < 1, 0))
580 {
581 if (parse_res == -1)
582 return NSS_STATUS_TRYAGAIN;
583 else
584 return NSS_STATUS_NOTFOUND;
585 }
586 else
587 return NSS_STATUS_SUCCESS;
588 }
sources.redhat.com git mirror of glibc CVS