search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
* libio/fileops.c (_IO_new_file_fopen): Recognize 'e' flag and set
[glibc.git] / nis / nss_compat / compat-pwd.c
blobdf8f91eea01195986887b7f281139be3cc98f5b6
1 /* Copyright (C) 1996-1999, 2001-2006, 2007 Free Software Foundation, Inc.
2 This file is part of the GNU C Library.
3 Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1996.
4
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
9
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
14
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, write to the Free
17 Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
18 02111-1307 USA. */
19
20 #include <ctype.h>
21 #include <errno.h>
22 #include <fcntl.h>
23 #include <netdb.h>
24 #include <nss.h>
25 #include <nsswitch.h>
26 #include <pwd.h>
27 #include <stdio_ext.h>
28 #include <string.h>
29 #include <rpc/types.h>
30 #include <rpcsvc/ypclnt.h>
31 #include <bits/libc-lock.h>
32 #include <kernel-features.h>
33
34 #include "netgroup.h"
35
36 static service_user *ni;
37 static enum nss_status (*nss_setpwent) (int stayopen);
38 static enum nss_status (*nss_getpwnam_r) (const char *name,
39 struct passwd * pwd, char *buffer,
40 size_t buflen, int *errnop);
41 static enum nss_status (*nss_getpwuid_r) (uid_t uid, struct passwd * pwd,
42 char *buffer, size_t buflen,
43 int *errnop);
44 static enum nss_status (*nss_getpwent_r) (struct passwd * pwd, char *buffer,
45 size_t buflen, int *errnop);
46 static enum nss_status (*nss_endpwent) (void);
47
48 /* Get the declaration of the parser function. */
49 #define ENTNAME pwent
50 #define STRUCTURE passwd
51 #define EXTERN_PARSER
52 #include <nss/nss_files/files-parse.c>
53
54 /* Structure for remembering -@netgroup and -user members ... */
55 #define BLACKLIST_INITIAL_SIZE 512
56 #define BLACKLIST_INCREMENT 256
57 struct blacklist_t
58 {
59 char *data;
60 int current;
61 int size;
62 };
63
64 struct ent_t
65 {
66 bool netgroup;
67 bool first;
68 bool files;
69 enum nss_status setent_status;
70 FILE *stream;
71 struct blacklist_t blacklist;
72 struct passwd pwd;
73 struct __netgrent netgrdata;
74 };
75 typedef struct ent_t ent_t;
76
77 static ent_t ext_ent = { false, false, true, NSS_STATUS_SUCCESS, NULL,
78 { NULL, 0, 0 },
79 { NULL, NULL, 0, 0, NULL, NULL, NULL }};
80
81 /* Protect global state against multiple changers. */
82 __libc_lock_define_initialized (static, lock)
83
84 /* Positive if O_CLOEXEC is supported, negative if it is not supported,
85 zero if it is still undecided. This variable is shared with the
86 other compat functions. */
87 #ifdef __ASSUME_O_CLOEXEC
88 # define __compat_have_cloexec 1
89 #else
90 # ifdef O_CLOEXEC
91 extern int __compat_have_cloexec;
92 # else
93 # define __compat_have_cloexec -1
94 # endif
95 #endif
96
97 /* Prototypes for local functions. */
98 static void blacklist_store_name (const char *, ent_t *);
99 static int in_blacklist (const char *, int, ent_t *);
100
101 /* Initialize the NSS interface/functions. The calling function must
102 hold the lock. */
103 static void
104 init_nss_interface (void)
105 {
106 if (__nss_database_lookup ("passwd_compat", NULL, "nis", &ni) >= 0)
107 {
108 nss_setpwent = __nss_lookup_function (ni, "setpwent");
109 nss_getpwnam_r = __nss_lookup_function (ni, "getpwnam_r");
110 nss_getpwuid_r = __nss_lookup_function (ni, "getpwuid_r");
111 nss_getpwent_r = __nss_lookup_function (ni, "getpwent_r");
112 nss_endpwent = __nss_lookup_function (ni, "endpwent");
113 }
114 }
115
116 static void
117 give_pwd_free (struct passwd *pwd)
118 {
119 if (pwd->pw_name != NULL)
120 free (pwd->pw_name);
121 if (pwd->pw_passwd != NULL)
122 free (pwd->pw_passwd);
123 if (pwd->pw_gecos != NULL)
124 free (pwd->pw_gecos);
125 if (pwd->pw_dir != NULL)
126 free (pwd->pw_dir);
127 if (pwd->pw_shell != NULL)
128 free (pwd->pw_shell);
129
130 memset (pwd, '\0', sizeof (struct passwd));
131 }
132
133 static size_t
134 pwd_need_buflen (struct passwd *pwd)
135 {
136 size_t len = 0;
137
138 if (pwd->pw_passwd != NULL)
139 len += strlen (pwd->pw_passwd) + 1;
140
141 if (pwd->pw_gecos != NULL)
142 len += strlen (pwd->pw_gecos) + 1;
143
144 if (pwd->pw_dir != NULL)
145 len += strlen (pwd->pw_dir) + 1;
146
147 if (pwd->pw_shell != NULL)
148 len += strlen (pwd->pw_shell) + 1;
149
150 return len;
151 }
152
153 static void
154 copy_pwd_changes (struct passwd *dest, struct passwd *src,
155 char *buffer, size_t buflen)
156 {
157 if (src->pw_passwd != NULL && strlen (src->pw_passwd))
158 {
159 if (buffer == NULL)
160 dest->pw_passwd = strdup (src->pw_passwd);
161 else if (dest->pw_passwd &&
162 strlen (dest->pw_passwd) >= strlen (src->pw_passwd))
163 strcpy (dest->pw_passwd, src->pw_passwd);
164 else
165 {
166 dest->pw_passwd = buffer;
167 strcpy (dest->pw_passwd, src->pw_passwd);
168 buffer += strlen (dest->pw_passwd) + 1;
169 buflen = buflen - (strlen (dest->pw_passwd) + 1);
170 }
171 }
172
173 if (src->pw_gecos != NULL && strlen (src->pw_gecos))
174 {
175 if (buffer == NULL)
176 dest->pw_gecos = strdup (src->pw_gecos);
177 else if (dest->pw_gecos &&
178 strlen (dest->pw_gecos) >= strlen (src->pw_gecos))
179 strcpy (dest->pw_gecos, src->pw_gecos);
180 else
181 {
182 dest->pw_gecos = buffer;
183 strcpy (dest->pw_gecos, src->pw_gecos);
184 buffer += strlen (dest->pw_gecos) + 1;
185 buflen = buflen - (strlen (dest->pw_gecos) + 1);
186 }
187 }
188 if (src->pw_dir != NULL && strlen (src->pw_dir))
189 {
190 if (buffer == NULL)
191 dest->pw_dir = strdup (src->pw_dir);
192 else if (dest->pw_dir && strlen (dest->pw_dir) >= strlen (src->pw_dir))
193 strcpy (dest->pw_dir, src->pw_dir);
194 else
195 {
196 dest->pw_dir = buffer;
197 strcpy (dest->pw_dir, src->pw_dir);
198 buffer += strlen (dest->pw_dir) + 1;
199 buflen = buflen - (strlen (dest->pw_dir) + 1);
200 }
201 }
202
203 if (src->pw_shell != NULL && strlen (src->pw_shell))
204 {
205 if (buffer == NULL)
206 dest->pw_shell = strdup (src->pw_shell);
207 else if (dest->pw_shell &&
208 strlen (dest->pw_shell) >= strlen (src->pw_shell))
209 strcpy (dest->pw_shell, src->pw_shell);
210 else
211 {
212 dest->pw_shell = buffer;
213 strcpy (dest->pw_shell, src->pw_shell);
214 buffer += strlen (dest->pw_shell) + 1;
215 buflen = buflen - (strlen (dest->pw_shell) + 1);
216 }
217 }
218 }
219
220 static enum nss_status
221 internal_setpwent (ent_t *ent, int stayopen, int needent)
222 {
223 enum nss_status status = NSS_STATUS_SUCCESS;
224
225 ent->first = ent->netgroup = false;
226 ent->files = true;
227 ent->setent_status = NSS_STATUS_SUCCESS;
228
229 /* If something was left over free it. */
230 if (ent->netgroup)
231 __internal_endnetgrent (&ent->netgrdata);
232
233 if (ent->blacklist.data != NULL)
234 {
235 ent->blacklist.current = 1;
236 ent->blacklist.data[0] = '|';
237 ent->blacklist.data[1] = '\0';
238 }
239 else
240 ent->blacklist.current = 0;
241
242 if (ent->stream == NULL)
243 {
244 ent->stream = fopen ("/etc/passwd", "rme");
245
246 if (ent->stream == NULL)
247 status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL;
248 else
249 {
250 /* We have to make sure the file is `closed on exec'. */
251 int result = 0;
252
253 if (__compat_have_cloexec <= 0)
254 {
255 int flags;
256 result = flags = fcntl (fileno_unlocked (ent->stream), F_GETFD,
257 0);
258 if (result >= 0)
259 {
260 #if defined O_CLOEXEC && !defined __ASSUME_O_CLOEXEC
261 if (__compat_have_cloexec == 0)
262 __compat_have_cloexec = (flags & FD_CLOEXEC) ? 1 : -1;
263
264 if (__compat_have_cloexec < 0)
265 #endif
266 {
267 flags |= FD_CLOEXEC;
268 result = fcntl (fileno_unlocked (ent->stream), F_SETFD,
269 flags);
270 }
271 }
272 }
273
274 if (result < 0)
275 {
276 /* Something went wrong. Close the stream and return a
277 failure. */
278 fclose (ent->stream);
279 ent->stream = NULL;
280 status = NSS_STATUS_UNAVAIL;
281 }
282 else
283 /* We take care of locking ourself. */
284 __fsetlocking (ent->stream, FSETLOCKING_BYCALLER);
285 }
286 }
287 else
288 rewind (ent->stream);
289
290 give_pwd_free (&ent->pwd);
291
292 if (needent && status == NSS_STATUS_SUCCESS && nss_setpwent)
293 ent->setent_status = nss_setpwent (stayopen);
294
295 return status;
296 }
297
298
299 enum nss_status
300 _nss_compat_setpwent (int stayopen)
301 {
302 enum nss_status result;
303
304 __libc_lock_lock (lock);
305
306 if (ni == NULL)
307 init_nss_interface ();
308
309 result = internal_setpwent (&ext_ent, stayopen, 1);
310
311 __libc_lock_unlock (lock);
312
313 return result;
314 }
315
316
317 static enum nss_status
318 internal_endpwent (ent_t *ent)
319 {
320 if (nss_endpwent)
321 nss_endpwent ();
322
323 if (ent->stream != NULL)
324 {
325 fclose (ent->stream);
326 ent->stream = NULL;
327 }
328
329 if (ent->netgroup)
330 __internal_endnetgrent (&ent->netgrdata);
331
332 ent->first = ent->netgroup = false;
333
334 if (ent->blacklist.data != NULL)
335 {
336 ent->blacklist.current = 1;
337 ent->blacklist.data[0] = '|';
338 ent->blacklist.data[1] = '\0';
339 }
340 else
341 ent->blacklist.current = 0;
342
343 give_pwd_free (&ent->pwd);
344
345 return NSS_STATUS_SUCCESS;
346 }
347
348 enum nss_status
349 _nss_compat_endpwent (void)
350 {
351 enum nss_status result;
352
353 __libc_lock_lock (lock);
354
355 result = internal_endpwent (&ext_ent);
356
357 __libc_lock_unlock (lock);
358
359 return result;
360 }
361
362
363 static enum nss_status
364 getpwent_next_nss_netgr (const char *name, struct passwd *result, ent_t *ent,
365 char *group, char *buffer, size_t buflen,
366 int *errnop)
367 {
368 char *curdomain, *host, *user, *domain, *p2;
369 int status;
370 size_t p2len;
371
372 /* Leave function if NSS module does not support getpwnam_r,
373 we need this function here. */
374 if (!nss_getpwnam_r)
375 return NSS_STATUS_UNAVAIL;
376
377 if (yp_get_default_domain (&curdomain) != YPERR_SUCCESS)
378 {
379 ent->netgroup = false;
380 ent->first = false;
381 give_pwd_free (&ent->pwd);
382 return NSS_STATUS_UNAVAIL;
383 }
384
385 if (ent->first == true)
386 {
387 memset (&ent->netgrdata, 0, sizeof (struct __netgrent));
388 __internal_setnetgrent (group, &ent->netgrdata);
389 ent->first = false;
390 }
391
392 while (1)
393 {
394 char *saved_cursor;
395
396 saved_cursor = ent->netgrdata.cursor;
397 status = __internal_getnetgrent_r (&host, &user, &domain,
398 &ent->netgrdata, buffer, buflen,
399 errnop);
400 if (status != 1)
401 {
402 __internal_endnetgrent (&ent->netgrdata);
403 ent->netgroup = 0;
404 give_pwd_free (&ent->pwd);
405 return NSS_STATUS_RETURN;
406 }
407
408 if (user == NULL || user[0] == '-')
409 continue;
410
411 if (domain != NULL && strcmp (curdomain, domain) != 0)
412 continue;
413
414 /* If name != NULL, we are called from getpwnam. */
415 if (name != NULL)
416 if (strcmp (user, name) != 0)
417 continue;
418
419 p2len = pwd_need_buflen (&ent->pwd);
420 if (p2len > buflen)
421 {
422 *errnop = ERANGE;
423 return NSS_STATUS_TRYAGAIN;
424 }
425 p2 = buffer + (buflen - p2len);
426 buflen -= p2len;
427
428 if (nss_getpwnam_r (user, result, buffer, buflen, errnop) !=
429 NSS_STATUS_SUCCESS)
430 continue;
431
432 if (!in_blacklist (result->pw_name, strlen (result->pw_name), ent))
433 {
434 /* Store the User in the blacklist for possible the "+" at the
435 end of /etc/passwd */
436 blacklist_store_name (result->pw_name, ent);
437 copy_pwd_changes (result, &ent->pwd, p2, p2len);
438 break;
439 }
440 }
441
442 return NSS_STATUS_SUCCESS;
443 }
444
445 /* get the next user from NSS (+ entry) */
446 static enum nss_status
447 getpwent_next_nss (struct passwd *result, ent_t *ent, char *buffer,
448 size_t buflen, int *errnop)
449 {
450 enum nss_status status;
451 char *p2;
452 size_t p2len;
453
454 /* Return if NSS module does not support getpwent_r. */
455 if (!nss_getpwent_r)
456 return NSS_STATUS_UNAVAIL;
457
458 /* If the setpwent call failed, say so. */
459 if (ent->setent_status != NSS_STATUS_SUCCESS)
460 return ent->setent_status;
461
462 p2len = pwd_need_buflen (&ent->pwd);
463 if (p2len > buflen)
464 {
465 *errnop = ERANGE;
466 return NSS_STATUS_TRYAGAIN;
467 }
468 p2 = buffer + (buflen - p2len);
469 buflen -= p2len;
470
471 if (ent->first)
472 ent->first = false;
473
474 do
475 {
476 if ((status = nss_getpwent_r (result, buffer, buflen, errnop)) !=
477 NSS_STATUS_SUCCESS)
478 return status;
479 }
480 while (in_blacklist (result->pw_name, strlen (result->pw_name), ent));
481
482 copy_pwd_changes (result, &ent->pwd, p2, p2len);
483
484 return NSS_STATUS_SUCCESS;
485 }
486
487 /* This function handle the +user entrys in /etc/passwd */
488 static enum nss_status
489 getpwnam_plususer (const char *name, struct passwd *result, ent_t *ent,
490 char *buffer, size_t buflen, int *errnop)
491 {
492 if (!nss_getpwnam_r)
493 return NSS_STATUS_UNAVAIL;
494
495 struct passwd pwd;
496 memset (&pwd, '\0', sizeof (struct passwd));
497
498 copy_pwd_changes (&pwd, result, NULL, 0);
499
500 size_t plen = pwd_need_buflen (&pwd);
501 if (plen > buflen)
502 {
503 *errnop = ERANGE;
504 return NSS_STATUS_TRYAGAIN;
505 }
506 char *p = buffer + (buflen - plen);
507 buflen -= plen;
508
509 enum nss_status status = nss_getpwnam_r (name, result, buffer, buflen,
510 errnop);
511 if (status != NSS_STATUS_SUCCESS)
512 return status;
513
514 if (in_blacklist (result->pw_name, strlen (result->pw_name), ent))
515 return NSS_STATUS_NOTFOUND;
516
517 copy_pwd_changes (result, &pwd, p, plen);
518 give_pwd_free (&pwd);
519 /* We found the entry. */
520 return NSS_STATUS_SUCCESS;
521 }
522
523 static enum nss_status
524 getpwent_next_file (struct passwd *result, ent_t *ent,
525 char *buffer, size_t buflen, int *errnop)
526 {
527 struct parser_data *data = (void *) buffer;
528 while (1)
529 {
530 fpos_t pos;
531 char *p;
532 int parse_res;
533
534 do
535 {
536 /* We need at least 3 characters for one line. */
537 if (__builtin_expect (buflen < 3, 0))
538 {
539 erange:
540 *errnop = ERANGE;
541 return NSS_STATUS_TRYAGAIN;
542 }
543
544 fgetpos (ent->stream, &pos);
545 buffer[buflen - 1] = '\xff';
546 p = fgets_unlocked (buffer, buflen, ent->stream);
547 if (p == NULL && feof_unlocked (ent->stream))
548 return NSS_STATUS_NOTFOUND;
549
550 if (p == NULL || __builtin_expect (buffer[buflen - 1] != '\xff', 0))
551 {
552 erange_reset:
553 fsetpos (ent->stream, &pos);
554 goto erange;
555 }
556
557 /* Terminate the line for any case. */
558 buffer[buflen - 1] = '\0';
559
560 /* Skip leading blanks. */
561 while (isspace (*p))
562 ++p;
563 }
564 while (*p == '\0' || *p == '#' || /* Ignore empty and comment lines. */
565 /* Parse the line. If it is invalid, loop to
566 get the next line of the file to parse. */
567 !(parse_res = _nss_files_parse_pwent (p, result, data, buflen,
568 errnop)));
569
570 if (__builtin_expect (parse_res == -1, 0))
571 /* The parser ran out of space. */
572 goto erange_reset;
573
574 if (result->pw_name[0] != '+' && result->pw_name[0] != '-')
575 /* This is a real entry. */
576 break;
577
578 /* -@netgroup */
579 if (result->pw_name[0] == '-' && result->pw_name[1] == '@'
580 && result->pw_name[2] != '\0')
581 {
582 /* XXX Do not use fixed length buffer. */
583 char buf2[1024];
584 char *user, *host, *domain;
585 struct __netgrent netgrdata;
586
587 bzero (&netgrdata, sizeof (struct __netgrent));
588 __internal_setnetgrent (&result->pw_name[2], &netgrdata);
589 while (__internal_getnetgrent_r (&host, &user, &domain, &netgrdata,
590 buf2, sizeof (buf2), errnop))
591 {
592 if (user != NULL && user[0] != '-')
593 blacklist_store_name (user, ent);
594 }
595 __internal_endnetgrent (&netgrdata);
596 continue;
597 }
598
599 /* +@netgroup */
600 if (result->pw_name[0] == '+' && result->pw_name[1] == '@'
601 && result->pw_name[2] != '\0')
602 {
603 enum nss_status status;
604
605 ent->netgroup = true;
606 ent->first = true;
607 copy_pwd_changes (&ent->pwd, result, NULL, 0);
608
609 status = getpwent_next_nss_netgr (NULL, result, ent,
610 &result->pw_name[2],
611 buffer, buflen, errnop);
612 if (status == NSS_STATUS_RETURN)
613 continue;
614 else
615 return status;
616 }
617
618 /* -user */
619 if (result->pw_name[0] == '-' && result->pw_name[1] != '\0'
620 && result->pw_name[1] != '@')
621 {
622 blacklist_store_name (&result->pw_name[1], ent);
623 continue;
624 }
625
626 /* +user */
627 if (result->pw_name[0] == '+' && result->pw_name[1] != '\0'
628 && result->pw_name[1] != '@')
629 {
630 size_t len = strlen (result->pw_name);
631 char buf[len];
632 enum nss_status status;
633
634 /* Store the User in the blacklist for the "+" at the end of
635 /etc/passwd */
636 memcpy (buf, &result->pw_name[1], len);
637 status = getpwnam_plususer (&result->pw_name[1], result, ent,
638 buffer, buflen, errnop);
639 blacklist_store_name (buf, ent);
640
641 if (status == NSS_STATUS_SUCCESS) /* We found the entry. */
642 break;
643 else if (status == NSS_STATUS_RETURN /* We couldn't parse the entry */
644 || status == NSS_STATUS_NOTFOUND) /* entry doesn't exist */
645 continue;
646 else
647 {
648 if (status == NSS_STATUS_TRYAGAIN)
649 {
650 /* The parser ran out of space */
651 fsetpos (ent->stream, &pos);
652 *errnop = ERANGE;
653 }
654 return status;
655 }
656 }
657
658 /* +:... */
659 if (result->pw_name[0] == '+' && result->pw_name[1] == '\0')
660 {
661 ent->files = false;
662 ent->first = true;
663 copy_pwd_changes (&ent->pwd, result, NULL, 0);
664
665 return getpwent_next_nss (result, ent, buffer, buflen, errnop);
666 }
667 }
668
669 return NSS_STATUS_SUCCESS;
670 }
671
672
673 static enum nss_status
674 internal_getpwent_r (struct passwd *pw, ent_t *ent, char *buffer,
675 size_t buflen, int *errnop)
676 {
677 if (ent->netgroup)
678 {
679 enum nss_status status;
680
681 /* We are searching members in a netgroup */
682 /* Since this is not the first call, we don't need the group name */
683 status = getpwent_next_nss_netgr (NULL, pw, ent, NULL, buffer, buflen,
684 errnop);
685 if (status == NSS_STATUS_RETURN)
686 return getpwent_next_file (pw, ent, buffer, buflen, errnop);
687 else
688 return status;
689 }
690 else if (ent->files)
691 return getpwent_next_file (pw, ent, buffer, buflen, errnop);
692 else
693 return getpwent_next_nss (pw, ent, buffer, buflen, errnop);
694
695 }
696
697 enum nss_status
698 _nss_compat_getpwent_r (struct passwd *pwd, char *buffer, size_t buflen,
699 int *errnop)
700 {
701 enum nss_status result = NSS_STATUS_SUCCESS;
702
703 __libc_lock_lock (lock);
704
705 /* Be prepared that the setpwent function was not called before. */
706 if (ni == NULL)
707 init_nss_interface ();
708
709 if (ext_ent.stream == NULL)
710 result = internal_setpwent (&ext_ent, 1, 1);
711
712 if (result == NSS_STATUS_SUCCESS)
713 result = internal_getpwent_r (pwd, &ext_ent, buffer, buflen, errnop);
714
715 __libc_lock_unlock (lock);
716
717 return result;
718 }
719
720 /* Searches in /etc/passwd and the NIS/NIS+ map for a special user */
721 static enum nss_status
722 internal_getpwnam_r (const char *name, struct passwd *result, ent_t *ent,
723 char *buffer, size_t buflen, int *errnop)
724 {
725 struct parser_data *data = (void *) buffer;
726
727 while (1)
728 {
729 fpos_t pos;
730 char *p;
731 int parse_res;
732
733 do
734 {
735 /* We need at least 3 characters for one line. */
736 if (__builtin_expect (buflen < 3, 0))
737 {
738 erange:
739 *errnop = ERANGE;
740 return NSS_STATUS_TRYAGAIN;
741 }
742
743 fgetpos (ent->stream, &pos);
744 buffer[buflen - 1] = '\xff';
745 p = fgets_unlocked (buffer, buflen, ent->stream);
746 if (p == NULL && feof_unlocked (ent->stream))
747 {
748 return NSS_STATUS_NOTFOUND;
749 }
750 if (p == NULL || __builtin_expect (buffer[buflen - 1] != '\xff', 0))
751 {
752 erange_reset:
753 fsetpos (ent->stream, &pos);
754 goto erange;
755 }
756
757 /* Terminate the line for any case. */
758 buffer[buflen - 1] = '\0';
759
760 /* Skip leading blanks. */
761 while (isspace (*p))
762 ++p;
763 }
764 while (*p == '\0' || *p == '#' || /* Ignore empty and comment lines. */
765 /* Parse the line. If it is invalid, loop to
766 get the next line of the file to parse. */
767 !(parse_res = _nss_files_parse_pwent (p, result, data, buflen,
768 errnop)));
769
770 if (__builtin_expect (parse_res == -1, 0))
771 /* The parser ran out of space. */
772 goto erange_reset;
773
774 /* This is a real entry. */
775 if (result->pw_name[0] != '+' && result->pw_name[0] != '-')
776 {
777 if (strcmp (result->pw_name, name) == 0)
778 return NSS_STATUS_SUCCESS;
779 else
780 continue;
781 }
782
783 /* -@netgroup */
784 if (result->pw_name[0] == '-' && result->pw_name[1] == '@'
785 && result->pw_name[2] != '\0')
786 {
787 if (innetgr (&result->pw_name[2], NULL, name, NULL))
788 return NSS_STATUS_NOTFOUND;
789 continue;
790 }
791
792 /* +@netgroup */
793 if (result->pw_name[0] == '+' && result->pw_name[1] == '@'
794 && result->pw_name[2] != '\0')
795 {
796 enum nss_status status;
797
798 if (innetgr (&result->pw_name[2], NULL, name, NULL))
799 {
800 status = getpwnam_plususer (name, result, ent, buffer,
801 buflen, errnop);
802
803 if (status == NSS_STATUS_RETURN)
804 continue;
805
806 return status;
807 }
808 continue;
809 }
810
811 /* -user */
812 if (result->pw_name[0] == '-' && result->pw_name[1] != '\0'
813 && result->pw_name[1] != '@')
814 {
815 if (strcmp (&result->pw_name[1], name) == 0)
816 return NSS_STATUS_NOTFOUND;
817 else
818 continue;
819 }
820
821 /* +user */
822 if (result->pw_name[0] == '+' && result->pw_name[1] != '\0'
823 && result->pw_name[1] != '@')
824 {
825 if (strcmp (name, &result->pw_name[1]) == 0)
826 {
827 enum nss_status status;
828
829 status = getpwnam_plususer (name, result, ent, buffer, buflen,
830 errnop);
831 if (status == NSS_STATUS_RETURN)
832 /* We couldn't parse the entry */
833 return NSS_STATUS_NOTFOUND;
834 else
835 return status;
836 }
837 }
838
839 /* +:... */
840 if (result->pw_name[0] == '+' && result->pw_name[1] == '\0')
841 {
842 enum nss_status status;
843
844 status = getpwnam_plususer (name, result, ent,
845 buffer, buflen, errnop);
846 if (status == NSS_STATUS_SUCCESS) /* We found the entry. */
847 break;
848 else if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */
849 return NSS_STATUS_NOTFOUND;
850 else
851 return status;
852 }
853 }
854 return NSS_STATUS_SUCCESS;
855 }
856
857 enum nss_status
858 _nss_compat_getpwnam_r (const char *name, struct passwd *pwd,
859 char *buffer, size_t buflen, int *errnop)
860 {
861 enum nss_status result;
862 ent_t ent = { false, false, true, NSS_STATUS_SUCCESS, NULL, { NULL, 0, 0 },
863 { NULL, NULL, 0, 0, NULL, NULL, NULL }};
864
865 if (name[0] == '-' || name[0] == '+')
866 return NSS_STATUS_NOTFOUND;
867
868 __libc_lock_lock (lock);
869
870 if (ni == NULL)
871 init_nss_interface ();
872
873 __libc_lock_unlock (lock);
874
875 result = internal_setpwent (&ent, 0, 0);
876
877 if (result == NSS_STATUS_SUCCESS)
878 result = internal_getpwnam_r (name, pwd, &ent, buffer, buflen, errnop);
879
880 internal_endpwent (&ent);
881
882 return result;
883 }
884
885 /* This function handle the + entry in /etc/passwd for getpwuid */
886 static enum nss_status
887 getpwuid_plususer (uid_t uid, struct passwd *result, char *buffer,
888 size_t buflen, int *errnop)
889 {
890 struct passwd pwd;
891 char *p;
892 size_t plen;
893
894 if (!nss_getpwuid_r)
895 return NSS_STATUS_UNAVAIL;
896
897 memset (&pwd, '\0', sizeof (struct passwd));
898
899 copy_pwd_changes (&pwd, result, NULL, 0);
900
901 plen = pwd_need_buflen (&pwd);
902 if (plen > buflen)
903 {
904 *errnop = ERANGE;
905 return NSS_STATUS_TRYAGAIN;
906 }
907 p = buffer + (buflen - plen);
908 buflen -= plen;
909
910 if (nss_getpwuid_r (uid, result, buffer, buflen, errnop) ==
911 NSS_STATUS_SUCCESS)
912 {
913 copy_pwd_changes (result, &pwd, p, plen);
914 give_pwd_free (&pwd);
915 /* We found the entry. */
916 return NSS_STATUS_SUCCESS;
917 }
918 else
919 {
920 /* Give buffer the old len back */
921 buflen += plen;
922 give_pwd_free (&pwd);
923 }
924 return NSS_STATUS_RETURN;
925 }
926
927 /* Searches in /etc/passwd and the NSS subsystem for a special user id */
928 static enum nss_status
929 internal_getpwuid_r (uid_t uid, struct passwd *result, ent_t *ent,
930 char *buffer, size_t buflen, int *errnop)
931 {
932 struct parser_data *data = (void *) buffer;
933
934 while (1)
935 {
936 fpos_t pos;
937 char *p;
938 int parse_res;
939
940 do
941 {
942 /* We need at least 3 characters for one line. */
943 if (__builtin_expect (buflen < 3, 0))
944 {
945 erange:
946 *errnop = ERANGE;
947 return NSS_STATUS_TRYAGAIN;
948 }
949
950 fgetpos (ent->stream, &pos);
951 buffer[buflen - 1] = '\xff';
952 p = fgets_unlocked (buffer, buflen, ent->stream);
953 if (p == NULL && feof_unlocked (ent->stream))
954 return NSS_STATUS_NOTFOUND;
955
956 if (p == NULL || __builtin_expect (buffer[buflen - 1] != '\xff', 0))
957 {
958 erange_reset:
959 fsetpos (ent->stream, &pos);
960 goto erange;
961 }
962
963 /* Terminate the line for any case. */
964 buffer[buflen - 1] = '\0';
965
966 /* Skip leading blanks. */
967 while (isspace (*p))
968 ++p;
969 }
970 while (*p == '\0' || *p == '#' || /* Ignore empty and comment lines. */
971 /* Parse the line. If it is invalid, loop to
972 get the next line of the file to parse. */
973 !(parse_res = _nss_files_parse_pwent (p, result, data, buflen,
974 errnop)));
975
976 if (__builtin_expect (parse_res == -1, 0))
977 /* The parser ran out of space. */
978 goto erange_reset;
979
980 /* This is a real entry. */
981 if (result->pw_name[0] != '+' && result->pw_name[0] != '-')
982 {
983 if (result->pw_uid == uid)
984 return NSS_STATUS_SUCCESS;
985 else
986 continue;
987 }
988
989 /* -@netgroup */
990 if (result->pw_name[0] == '-' && result->pw_name[1] == '@'
991 && result->pw_name[2] != '\0')
992 {
993 /* -1, because we remove first two character of pw_name. */
994 size_t len = strlen (result->pw_name) - 1;
995 char buf[len];
996 enum nss_status status;
997
998 memcpy (buf, &result->pw_name[2], len);
999
1000 status = getpwuid_plususer (uid, result, buffer, buflen, errnop);
1001 if (status == NSS_STATUS_SUCCESS &&
1002 innetgr (buf, NULL, result->pw_name, NULL))
1003 return NSS_STATUS_NOTFOUND;
1004
1005 continue;
1006 }
1007
1008 /* +@netgroup */
1009 if (result->pw_name[0] == '+' && result->pw_name[1] == '@'
1010 && result->pw_name[2] != '\0')
1011 {
1012 /* -1, because we remove first two characters of pw_name. */
1013 size_t len = strlen (result->pw_name) - 1;
1014 char buf[len];
1015 enum nss_status status;
1016
1017 memcpy (buf, &result->pw_name[2], len);
1018
1019 status = getpwuid_plususer (uid, result, buffer, buflen, errnop);
1020
1021 if (status == NSS_STATUS_RETURN)
1022 continue;
1023
1024 if (status == NSS_STATUS_SUCCESS)
1025 {
1026 if (innetgr (buf, NULL, result->pw_name, NULL))
1027 return NSS_STATUS_SUCCESS;
1028 }
1029 else if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */
1030 return NSS_STATUS_NOTFOUND;
1031 else
1032 return status;
1033
1034 continue;
1035 }
1036
1037 /* -user */
1038 if (result->pw_name[0] == '-' && result->pw_name[1] != '\0'
1039 && result->pw_name[1] != '@')
1040 {
1041 size_t len = strlen (result->pw_name);
1042 char buf[len];
1043 enum nss_status status;
1044
1045 memcpy (buf, &result->pw_name[1], len);
1046
1047 status = getpwuid_plususer (uid, result, buffer, buflen, errnop);
1048 if (status == NSS_STATUS_SUCCESS &&
1049 innetgr (buf, NULL, result->pw_name, NULL))
1050 return NSS_STATUS_NOTFOUND;
1051 continue;
1052 }
1053
1054 /* +user */
1055 if (result->pw_name[0] == '+' && result->pw_name[1] != '\0'
1056 && result->pw_name[1] != '@')
1057 {
1058 size_t len = strlen (result->pw_name);
1059 char buf[len];
1060 enum nss_status status;
1061
1062 memcpy (buf, &result->pw_name[1], len);
1063
1064 status = getpwuid_plususer (uid, result, buffer, buflen, errnop);
1065
1066 if (status == NSS_STATUS_RETURN)
1067 continue;
1068
1069 if (status == NSS_STATUS_SUCCESS)
1070 {
1071 if (strcmp (buf, result->pw_name) == 0)
1072 return NSS_STATUS_SUCCESS;
1073 }
1074 else if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */
1075 return NSS_STATUS_NOTFOUND;
1076 else
1077 return status;
1078
1079 continue;
1080 }
1081
1082 /* +:... */
1083 if (result->pw_name[0] == '+' && result->pw_name[1] == '\0')
1084 {
1085 enum nss_status status;
1086
1087 status = getpwuid_plususer (uid, result, buffer, buflen, errnop);
1088 if (status == NSS_STATUS_SUCCESS) /* We found the entry. */
1089 break;
1090 else if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */
1091 return NSS_STATUS_NOTFOUND;
1092 else
1093 return status;
1094 }
1095 }
1096 return NSS_STATUS_SUCCESS;
1097 }
1098
1099 enum nss_status
1100 _nss_compat_getpwuid_r (uid_t uid, struct passwd *pwd,
1101 char *buffer, size_t buflen, int *errnop)
1102 {
1103 enum nss_status result;
1104 ent_t ent = { false, false, true, NSS_STATUS_SUCCESS, NULL, { NULL, 0, 0 },
1105 { NULL, NULL, 0, 0, NULL, NULL, NULL }};
1106
1107 __libc_lock_lock (lock);
1108
1109 if (ni == NULL)
1110 init_nss_interface ();
1111
1112 __libc_lock_unlock (lock);
1113
1114 result = internal_setpwent (&ent, 0, 0);
1115
1116 if (result == NSS_STATUS_SUCCESS)
1117 result = internal_getpwuid_r (uid, pwd, &ent, buffer, buflen, errnop);
1118
1119 internal_endpwent (&ent);
1120
1121 return result;
1122 }
1123
1124
1125 /* Support routines for remembering -@netgroup and -user entries.
1126 The names are stored in a single string with `|' as separator. */
1127 static void
1128 blacklist_store_name (const char *name, ent_t *ent)
1129 {
1130 int namelen = strlen (name);
1131 char *tmp;
1132
1133 /* first call, setup cache */
1134 if (ent->blacklist.size == 0)
1135 {
1136 ent->blacklist.size = MAX (BLACKLIST_INITIAL_SIZE, 2 * namelen);
1137 ent->blacklist.data = malloc (ent->blacklist.size);
1138 if (ent->blacklist.data == NULL)
1139 return;
1140 ent->blacklist.data[0] = '|';
1141 ent->blacklist.data[1] = '\0';
1142 ent->blacklist.current = 1;
1143 }
1144 else
1145 {
1146 if (in_blacklist (name, namelen, ent))
1147 return; /* no duplicates */
1148
1149 if (ent->blacklist.current + namelen + 1 >= ent->blacklist.size)
1150 {
1151 ent->blacklist.size += MAX (BLACKLIST_INCREMENT, 2 * namelen);
1152 tmp = realloc (ent->blacklist.data, ent->blacklist.size);
1153 if (tmp == NULL)
1154 {
1155 free (ent->blacklist.data);
1156 ent->blacklist.size = 0;
1157 return;
1158 }
1159 ent->blacklist.data = tmp;
1160 }
1161 }
1162
1163 tmp = stpcpy (ent->blacklist.data + ent->blacklist.current, name);
1164 *tmp++ = '|';
1165 *tmp = '\0';
1166 ent->blacklist.current += namelen + 1;
1167
1168 return;
1169 }
1170
1171 /* Returns TRUE if ent->blacklist contains name, else FALSE. */
1172 static bool_t
1173 in_blacklist (const char *name, int namelen, ent_t *ent)
1174 {
1175 char buf[namelen + 3];
1176 char *cp;
1177
1178 if (ent->blacklist.data == NULL)
1179 return FALSE;
1180
1181 buf[0] = '|';
1182 cp = stpcpy (&buf[1], name);
1183 *cp++ = '|';
1184 *cp = '\0';
1185 return strstr (ent->blacklist.data, buf) != NULL;
1186 }
sources.redhat.com git mirror of glibc CVS