search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
New test to expose erroneous negative sign on logb(1) (bug 887).
[glibc.git] / nis / nss_nis / nis-pwd.c
blob37082ce1c0a2dcb1437bf64491d2f9874fc465b9
1 /* Copyright (C) 1996-1998,2001-2003,2006,2009,2010
2 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
4 Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1996.
5
6 The GNU C Library is free software; you can redistribute it and/or
7 modify it under the terms of the GNU Lesser General Public
8 License as published by the Free Software Foundation; either
9 version 2.1 of the License, or (at your option) any later version.
10
11 The GNU C Library is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
15
16 You should have received a copy of the GNU Lesser General Public
17 License along with the GNU C Library; if not, see
18 <http://www.gnu.org/licenses/>. */
19
20 #include <assert.h>
21 #include <ctype.h>
22 #include <errno.h>
23 #include <nss.h>
24 #include <pwd.h>
25 #include <string.h>
26 #include <bits/libc-lock.h>
27 #include <rpcsvc/yp.h>
28 #include <rpcsvc/ypclnt.h>
29
30 #include "nss-nis.h"
31 #include <libnsl.h>
32
33 /* Get the declaration of the parser function. */
34 #define ENTNAME pwent
35 #define STRUCTURE passwd
36 #define EXTERN_PARSER
37 #include <nss/nss_files/files-parse.c>
38
39 /* Protect global state against multiple changers */
40 __libc_lock_define_initialized (static, lock)
41
42 static bool new_start = true;
43 static char *oldkey;
44 static int oldkeylen;
45 static intern_t intern;
46
47
48 int
49 _nis_saveit (int instatus, char *inkey, int inkeylen, char *inval,
50 int invallen, char *indata)
51 {
52 intern_t *intern = (intern_t *) indata;
53
54 if (instatus != YP_TRUE)
55 return 1;
56
57 if (inkey && inkeylen > 0 && inval && invallen > 0)
58 {
59 struct response_t *bucket = intern->next;
60
61 if (__builtin_expect (bucket == NULL, 0))
62 {
63 #define MINSIZE 4096 - 4 * sizeof (void *)
64 const size_t minsize = MAX (MINSIZE, 2 * (invallen + 1));
65 bucket = malloc (sizeof (struct response_t) + minsize);
66 if (bucket == NULL)
67 /* We have no error code for out of memory. */
68 return 1;
69
70 bucket->next = NULL;
71 bucket->size = minsize;
72 intern->start = intern->next = bucket;
73 intern->offset = 0;
74 }
75 else if (__builtin_expect (invallen + 1 > bucket->size - intern->offset,
76 0))
77 {
78 /* We need a new (larger) buffer. */
79 const size_t newsize = 2 * MAX (bucket->size, invallen + 1);
80 struct response_t *newp = malloc (sizeof (struct response_t)
81 + newsize);
82 if (newp == NULL)
83 /* We have no error code for out of memory. */
84 return 1;
85
86 /* Mark the old bucket as full. */
87 bucket->size = intern->offset;
88
89 newp->next = NULL;
90 newp->size = newsize;
91 bucket = intern->next = bucket->next = newp;
92 intern->offset = 0;
93 }
94
95 char *p = mempcpy (&bucket->mem[intern->offset], inval, invallen);
96 if (__builtin_expect (p[-1] != '\0', 0))
97 {
98 *p = '\0';
99 ++invallen;
100 }
101 intern->offset += invallen;
102 }
103
104 return 0;
105 }
106
107
108 static void
109 internal_nis_endpwent (void)
110 {
111 new_start = true;
112 free (oldkey);
113 oldkey = NULL;
114 oldkeylen = 0;
115
116 struct response_t *curr = intern.start;
117
118 while (curr != NULL)
119 {
120 struct response_t *last = curr;
121 curr = curr->next;
122 free (last);
123 }
124
125 intern.next = intern.start = NULL;
126 }
127
128
129 enum nss_status
130 _nss_nis_endpwent (void)
131 {
132 __libc_lock_lock (lock);
133
134 internal_nis_endpwent ();
135
136 __libc_lock_unlock (lock);
137
138 return NSS_STATUS_SUCCESS;
139 }
140
141
142 enum nss_status
143 internal_nis_setpwent (void)
144 {
145 /* We have to read all the data now. */
146 char *domain;
147 if (__builtin_expect (yp_get_default_domain (&domain), 0))
148 return NSS_STATUS_UNAVAIL;
149
150 struct ypall_callback ypcb;
151
152 ypcb.foreach = _nis_saveit;
153 ypcb.data = (char *) &intern;
154 enum nss_status status = yperr2nss (yp_all (domain, "passwd.byname", &ypcb));
155
156
157 /* Mark the last buffer as full. */
158 if (intern.next != NULL)
159 intern.next->size = intern.offset;
160
161 intern.next = intern.start;
162 intern.offset = 0;
163
164 return status;
165 }
166
167
168 enum nss_status
169 _nss_nis_setpwent (int stayopen)
170 {
171 enum nss_status result = NSS_STATUS_SUCCESS;
172
173 __libc_lock_lock (lock);
174
175 internal_nis_endpwent ();
176
177 if (_nsl_default_nss () & NSS_FLAG_SETENT_BATCH_READ)
178 result = internal_nis_setpwent ();
179
180 __libc_lock_unlock (lock);
181
182 return result;
183 }
184
185
186 static enum nss_status
187 internal_nis_getpwent_r (struct passwd *pwd, char *buffer, size_t buflen,
188 int *errnop)
189 {
190 /* If we read the entire database at setpwent time we just iterate
191 over the data we have in memory. */
192 bool batch_read = intern.start != NULL;
193
194 char *domain = NULL;
195 if (!batch_read && __builtin_expect (yp_get_default_domain (&domain), 0))
196 return NSS_STATUS_UNAVAIL;
197
198 /* Get the next entry until we found a correct one. */
199 int parse_res;
200 do
201 {
202 char *result;
203 char *outkey;
204 int len;
205 int keylen;
206
207 if (batch_read)
208 {
209 struct response_t *bucket;
210
211 handle_batch_read:
212 bucket = intern.next;
213
214 if (__builtin_expect (intern.offset >= bucket->size, 0))
215 {
216 if (bucket->next == NULL)
217 return NSS_STATUS_NOTFOUND;
218
219 /* We look at all the content in the current bucket. Go on
220 to the next. */
221 bucket = intern.next = bucket->next;
222 intern.offset = 0;
223 }
224
225 for (result = &bucket->mem[intern.offset]; isspace (*result);
226 ++result)
227 ++intern.offset;
228
229 len = strlen (result);
230 }
231 else
232 {
233 int yperr;
234
235 if (new_start)
236 {
237 /* Maybe we should read the database in one piece. */
238 if ((_nsl_default_nss () & NSS_FLAG_SETENT_BATCH_READ)
239 && internal_nis_setpwent () == NSS_STATUS_SUCCESS
240 && intern.start != NULL)
241 {
242 batch_read = true;
243 goto handle_batch_read;
244 }
245
246 yperr = yp_first (domain, "passwd.byname", &outkey, &keylen,
247 &result, &len);
248 }
249 else
250 yperr = yp_next (domain, "passwd.byname", oldkey, oldkeylen,
251 &outkey, &keylen, &result, &len);
252
253 if (__builtin_expect (yperr != YPERR_SUCCESS, 0))
254 {
255 enum nss_status retval = yperr2nss (yperr);
256
257 if (retval == NSS_STATUS_TRYAGAIN)
258 *errnop = errno;
259 return retval;
260 }
261 }
262
263 /* Check for adjunct style secret passwords. They can be
264 recognized by a password starting with "##". We do not use
265 it if the passwd.adjunct.byname table is supposed to be used
266 as a shadow.byname replacement. */
267 char *p = strchr (result, ':');
268 size_t namelen;
269 char *result2;
270 int len2;
271 if ((_nsl_default_nss () & NSS_FLAG_ADJUNCT_AS_SHADOW) == 0
272 && p != NULL /* This better should be true in all cases. */
273 && p[1] == '#' && p[2] == '#'
274 && (namelen = p - result,
275 yp_match (domain, "passwd.adjunct.byname", result, namelen,
276 &result2, &len2)) == YPERR_SUCCESS)
277 {
278 /* We found a passwd.adjunct.byname entry. Merge encrypted
279 password therein into original result. */
280 char *encrypted = strchr (result2, ':');
281 char *endp;
282 size_t restlen;
283
284 if (encrypted == NULL
285 || (endp = strchr (++encrypted, ':')) == NULL
286 || (p = strchr (p + 1, ':')) == NULL)
287 {
288 /* Invalid format of the entry. This never should happen
289 unless the data from which the NIS table is generated is
290 wrong. We simply ignore it. */
291 free (result2);
292 goto non_adjunct;
293 }
294
295 restlen = len - (p - result);
296 if (__builtin_expect ((size_t) (namelen + (endp - encrypted)
297 + restlen + 2) > buflen, 0))
298 {
299 free (result2);
300 free (result);
301 *errnop = ERANGE;
302 return NSS_STATUS_TRYAGAIN;
303 }
304
305 mempcpy (mempcpy (mempcpy (mempcpy (buffer, result, namelen),
306 ":", 1),
307 encrypted, endp - encrypted),
308 p, restlen + 1);
309 p = buffer;
310
311 free (result2);
312 }
313 else
314 {
315 non_adjunct:
316 if (__builtin_expect ((size_t) (len + 1) > buflen, 0))
317 {
318 free (result);
319 *errnop = ERANGE;
320 return NSS_STATUS_TRYAGAIN;
321 }
322
323 p = buffer;
324 *((char *) mempcpy (buffer, result, len)) = '\0';
325 }
326
327 while (isspace (*p))
328 ++p;
329 if (!batch_read)
330 free (result);
331
332 parse_res = _nss_files_parse_pwent (p, pwd, (void *) buffer, buflen,
333 errnop);
334 if (__builtin_expect (parse_res == -1, 0))
335 {
336 if (!batch_read)
337 free (outkey);
338 *errnop = ERANGE;
339 return NSS_STATUS_TRYAGAIN;
340 }
341
342 if (batch_read)
343 intern.offset += len + 1;
344 else
345 {
346 free (oldkey);
347 oldkey = outkey;
348 oldkeylen = keylen;
349 new_start = false;
350 }
351 }
352 while (parse_res < 1);
353
354 return NSS_STATUS_SUCCESS;
355 }
356
357 enum nss_status
358 _nss_nis_getpwent_r (struct passwd *result, char *buffer, size_t buflen,
359 int *errnop)
360 {
361 int status;
362
363 __libc_lock_lock (lock);
364
365 status = internal_nis_getpwent_r (result, buffer, buflen, errnop);
366
367 __libc_lock_unlock (lock);
368
369 return status;
370 }
371
372 enum nss_status
373 _nss_nis_getpwnam_r (const char *name, struct passwd *pwd,
374 char *buffer, size_t buflen, int *errnop)
375 {
376 if (name == NULL)
377 {
378 *errnop = EINVAL;
379 return NSS_STATUS_UNAVAIL;
380 }
381
382 char *domain;
383 if (__builtin_expect (yp_get_default_domain (&domain), 0))
384 return NSS_STATUS_UNAVAIL;
385
386 size_t namelen = strlen (name);
387
388 char *result;
389 int len;
390 int yperr = yp_match (domain, "passwd.byname", name, namelen, &result, &len);
391
392 if (__builtin_expect (yperr != YPERR_SUCCESS, 0))
393 {
394 enum nss_status retval = yperr2nss (yperr);
395
396 if (retval == NSS_STATUS_TRYAGAIN)
397 *errnop = errno;
398 return retval;
399 }
400
401 /* Check for adjunct style secret passwords. They can be recognized
402 by a password starting with "##". We do not use it if the
403 passwd.adjunct.byname table is supposed to be used as a shadow.byname
404 replacement. */
405 char *result2;
406 int len2;
407 char *p = strchr (result, ':');
408 if ((_nsl_default_nss () & NSS_FLAG_ADJUNCT_AS_SHADOW) == 0
409 && p != NULL /* This better should be true in all cases. */
410 && p[1] == '#' && p[2] == '#'
411 && yp_match (domain, "passwd.adjunct.byname", name, namelen,
412 &result2, &len2) == YPERR_SUCCESS)
413 {
414 /* We found a passwd.adjunct.byname entry. Merge encrypted password
415 therein into original result. */
416 char *encrypted = strchr (result2, ':');
417 char *endp;
418
419 if (encrypted == NULL
420 || (endp = strchr (++encrypted, ':')) == NULL
421 || (p = strchr (p + 1, ':')) == NULL)
422 {
423 /* Invalid format of the entry. This never should happen
424 unless the data from which the NIS table is generated is
425 wrong. We simply ignore it. */
426 free (result2);
427 goto non_adjunct;
428 }
429
430 size_t restlen = len - (p - result);
431 if (__builtin_expect ((size_t) (namelen + (endp - encrypted)
432 + restlen + 2) > buflen, 0))
433 {
434 free (result2);
435 free (result);
436 *errnop = ERANGE;
437 return NSS_STATUS_TRYAGAIN;
438 }
439
440 __mempcpy (__mempcpy (__mempcpy (__mempcpy (buffer, name, namelen),
441 ":", 1),
442 encrypted, endp - encrypted),
443 p, restlen + 1);
444 p = buffer;
445
446 free (result2);
447 }
448 else
449 {
450 non_adjunct:
451 if (__builtin_expect ((size_t) (len + 1) > buflen, 0))
452 {
453 free (result);
454 *errnop = ERANGE;
455 return NSS_STATUS_TRYAGAIN;
456 }
457
458 p = strncpy (buffer, result, len);
459 buffer[len] = '\0';
460 }
461
462 while (isspace (*p))
463 ++p;
464 free (result);
465
466 int parse_res = _nss_files_parse_pwent (p, pwd, (void *) buffer, buflen,
467 errnop);
468 if (__builtin_expect (parse_res < 1, 0))
469 {
470 if (parse_res == -1)
471 return NSS_STATUS_TRYAGAIN;
472 else
473 return NSS_STATUS_NOTFOUND;
474 }
475 else
476 return NSS_STATUS_SUCCESS;
477 }
478
479 enum nss_status
480 _nss_nis_getpwuid_r (uid_t uid, struct passwd *pwd,
481 char *buffer, size_t buflen, int *errnop)
482 {
483 char *domain;
484 if (__builtin_expect (yp_get_default_domain (&domain), 0))
485 return NSS_STATUS_UNAVAIL;
486
487 char buf[32];
488 int nlen = snprintf (buf, sizeof (buf), "%lu", (unsigned long int) uid);
489
490 char *result;
491 int len;
492 int yperr = yp_match (domain, "passwd.byuid", buf, nlen, &result, &len);
493
494 if (__builtin_expect (yperr != YPERR_SUCCESS, 0))
495 {
496 enum nss_status retval = yperr2nss (yperr);
497
498 if (retval == NSS_STATUS_TRYAGAIN)
499 *errnop = errno;
500 return retval;
501 }
502
503 /* Check for adjunct style secret passwords. They can be recognized
504 by a password starting with "##". We do not use it if the
505 passwd.adjunct.byname table is supposed to be used as a shadow.byname
506 replacement. */
507 char *result2;
508 int len2;
509 size_t namelen;
510 char *p = strchr (result, ':');
511 if ((_nsl_default_nss () & NSS_FLAG_ADJUNCT_AS_SHADOW) == 0
512 && p != NULL /* This better should be true in all cases. */
513 && p[1] == '#' && p[2] == '#'
514 && (namelen = p - result,
515 yp_match (domain, "passwd.adjunct.byname", result, namelen,
516 &result2, &len2)) == YPERR_SUCCESS)
517 {
518 /* We found a passwd.adjunct.byname entry. Merge encrypted password
519 therein into original result. */
520 char *encrypted = strchr (result2, ':');
521 char *endp;
522 size_t restlen;
523
524 if (encrypted == NULL
525 || (endp = strchr (++encrypted, ':')) == NULL
526 || (p = strchr (p + 1, ':')) == NULL)
527 {
528 /* Invalid format of the entry. This never should happen
529 unless the data from which the NIS table is generated is
530 wrong. We simply ignore it. */
531 free (result2);
532 goto non_adjunct;
533 }
534
535 restlen = len - (p - result);
536 if (__builtin_expect ((size_t) (namelen + (endp - encrypted)
537 + restlen + 2) > buflen, 0))
538 {
539 free (result2);
540 free (result);
541 *errnop = ERANGE;
542 return NSS_STATUS_TRYAGAIN;
543 }
544
545 __mempcpy (__mempcpy (__mempcpy (__mempcpy (buffer, result, namelen),
546 ":", 1),
547 encrypted, endp - encrypted),
548 p, restlen + 1);
549 p = buffer;
550
551 free (result2);
552 }
553 else
554 {
555 non_adjunct:
556 if (__builtin_expect ((size_t) (len + 1) > buflen, 0))
557 {
558 free (result);
559 *errnop = ERANGE;
560 return NSS_STATUS_TRYAGAIN;
561 }
562
563 p = strncpy (buffer, result, len);
564 buffer[len] = '\0';
565 }
566
567 while (isspace (*p))
568 ++p;
569 free (result);
570
571 int parse_res = _nss_files_parse_pwent (p, pwd, (void *) buffer, buflen,
572 errnop);
573 if (__builtin_expect (parse_res < 1, 0))
574 {
575 if (parse_res == -1)
576 return NSS_STATUS_TRYAGAIN;
577 else
578 return NSS_STATUS_NOTFOUND;
579 }
580 else
581 return NSS_STATUS_SUCCESS;
582 }
sources.redhat.com git mirror of glibc CVS