1 /* Copyright (C) 1996-2014 Free Software Foundation, Inc.
2 This file is part of the GNU C Library.
3 Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1996.
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, see
17 <http://www.gnu.org/licenses/>. */
25 #include <bits/libc-lock.h>
26 #include <rpcsvc/yp.h>
27 #include <rpcsvc/ypclnt.h>
32 /* Get the declaration of the parser function. */
34 #define STRUCTURE passwd
36 #include <nss/nss_files/files-parse.c>
38 /* Protect global state against multiple changers */
39 __libc_lock_define_initialized (static, lock
)
41 static bool new_start
= true;
44 static intern_t intern
;
48 _nis_saveit (int instatus
, char *inkey
, int inkeylen
, char *inval
,
49 int invallen
, char *indata
)
51 intern_t
*intern
= (intern_t
*) indata
;
53 if (instatus
!= YP_TRUE
)
56 if (inkey
&& inkeylen
> 0 && inval
&& invallen
> 0)
58 struct response_t
*bucket
= intern
->next
;
60 if (__glibc_unlikely (bucket
== NULL
))
62 #define MINSIZE 4096 - 4 * sizeof (void *)
63 const size_t minsize
= MAX (MINSIZE
, 2 * (invallen
+ 1));
64 bucket
= malloc (sizeof (struct response_t
) + minsize
);
66 /* We have no error code for out of memory. */
70 bucket
->size
= minsize
;
71 intern
->start
= intern
->next
= bucket
;
74 else if (__builtin_expect (invallen
+ 1 > bucket
->size
- intern
->offset
,
77 /* We need a new (larger) buffer. */
78 const size_t newsize
= 2 * MAX (bucket
->size
, invallen
+ 1);
79 struct response_t
*newp
= malloc (sizeof (struct response_t
)
82 /* We have no error code for out of memory. */
85 /* Mark the old bucket as full. */
86 bucket
->size
= intern
->offset
;
90 bucket
= intern
->next
= bucket
->next
= newp
;
94 char *p
= mempcpy (&bucket
->mem
[intern
->offset
], inval
, invallen
);
95 if (__glibc_unlikely (p
[-1] != '\0'))
100 intern
->offset
+= invallen
;
108 internal_nis_endpwent (void)
115 struct response_t
*curr
= intern
.start
;
119 struct response_t
*last
= curr
;
124 intern
.next
= intern
.start
= NULL
;
129 _nss_nis_endpwent (void)
131 __libc_lock_lock (lock
);
133 internal_nis_endpwent ();
135 __libc_lock_unlock (lock
);
137 return NSS_STATUS_SUCCESS
;
142 internal_nis_setpwent (void)
144 /* We have to read all the data now. */
146 if (__glibc_unlikely (yp_get_default_domain (&domain
)))
147 return NSS_STATUS_UNAVAIL
;
149 struct ypall_callback ypcb
;
151 ypcb
.foreach
= _nis_saveit
;
152 ypcb
.data
= (char *) &intern
;
153 enum nss_status status
= yperr2nss (yp_all (domain
, "passwd.byname", &ypcb
));
156 /* Mark the last buffer as full. */
157 if (intern
.next
!= NULL
)
158 intern
.next
->size
= intern
.offset
;
160 intern
.next
= intern
.start
;
168 _nss_nis_setpwent (int stayopen
)
170 enum nss_status result
= NSS_STATUS_SUCCESS
;
172 __libc_lock_lock (lock
);
174 internal_nis_endpwent ();
176 if (_nsl_default_nss () & NSS_FLAG_SETENT_BATCH_READ
)
177 result
= internal_nis_setpwent ();
179 __libc_lock_unlock (lock
);
185 static enum nss_status
186 internal_nis_getpwent_r (struct passwd
*pwd
, char *buffer
, size_t buflen
,
189 /* If we read the entire database at setpwent time we just iterate
190 over the data we have in memory. */
191 bool batch_read
= intern
.start
!= NULL
;
194 if (!batch_read
&& __builtin_expect (yp_get_default_domain (&domain
), 0))
195 return NSS_STATUS_UNAVAIL
;
197 /* Get the next entry until we found a correct one. */
208 struct response_t
*bucket
;
211 bucket
= intern
.next
;
213 if (__glibc_unlikely (intern
.offset
>= bucket
->size
))
215 if (bucket
->next
== NULL
)
216 return NSS_STATUS_NOTFOUND
;
218 /* We look at all the content in the current bucket. Go on
220 bucket
= intern
.next
= bucket
->next
;
224 for (result
= &bucket
->mem
[intern
.offset
]; isspace (*result
);
228 len
= strlen (result
);
236 /* Maybe we should read the database in one piece. */
237 if ((_nsl_default_nss () & NSS_FLAG_SETENT_BATCH_READ
)
238 && internal_nis_setpwent () == NSS_STATUS_SUCCESS
239 && intern
.start
!= NULL
)
242 goto handle_batch_read
;
245 yperr
= yp_first (domain
, "passwd.byname", &outkey
, &keylen
,
249 yperr
= yp_next (domain
, "passwd.byname", oldkey
, oldkeylen
,
250 &outkey
, &keylen
, &result
, &len
);
252 if (__glibc_unlikely (yperr
!= YPERR_SUCCESS
))
254 enum nss_status retval
= yperr2nss (yperr
);
256 if (retval
== NSS_STATUS_TRYAGAIN
)
262 /* Check for adjunct style secret passwords. They can be
263 recognized by a password starting with "##". We do not use
264 it if the passwd.adjunct.byname table is supposed to be used
265 as a shadow.byname replacement. */
266 char *p
= strchr (result
, ':');
270 if ((_nsl_default_nss () & NSS_FLAG_ADJUNCT_AS_SHADOW
) == 0
271 && p
!= NULL
/* This better should be true in all cases. */
272 && p
[1] == '#' && p
[2] == '#'
273 && (namelen
= p
- result
,
274 yp_match (domain
, "passwd.adjunct.byname", result
, namelen
,
275 &result2
, &len2
)) == YPERR_SUCCESS
)
277 /* We found a passwd.adjunct.byname entry. Merge encrypted
278 password therein into original result. */
279 char *encrypted
= strchr (result2
, ':');
283 if (encrypted
== NULL
284 || (endp
= strchr (++encrypted
, ':')) == NULL
285 || (p
= strchr (p
+ 1, ':')) == NULL
)
287 /* Invalid format of the entry. This never should happen
288 unless the data from which the NIS table is generated is
289 wrong. We simply ignore it. */
294 restlen
= len
- (p
- result
);
295 if (__builtin_expect ((size_t) (namelen
+ (endp
- encrypted
)
296 + restlen
+ 2) > buflen
, 0))
301 return NSS_STATUS_TRYAGAIN
;
304 mempcpy (mempcpy (mempcpy (mempcpy (buffer
, result
, namelen
),
306 encrypted
, endp
- encrypted
),
315 if (__glibc_unlikely ((size_t) (len
+ 1) > buflen
))
319 return NSS_STATUS_TRYAGAIN
;
323 *((char *) mempcpy (buffer
, result
, len
)) = '\0';
331 parse_res
= _nss_files_parse_pwent (p
, pwd
, (void *) buffer
, buflen
,
333 if (__glibc_unlikely (parse_res
== -1))
338 return NSS_STATUS_TRYAGAIN
;
342 intern
.offset
+= len
+ 1;
351 while (parse_res
< 1);
353 return NSS_STATUS_SUCCESS
;
357 _nss_nis_getpwent_r (struct passwd
*result
, char *buffer
, size_t buflen
,
362 __libc_lock_lock (lock
);
364 status
= internal_nis_getpwent_r (result
, buffer
, buflen
, errnop
);
366 __libc_lock_unlock (lock
);
372 _nss_nis_getpwnam_r (const char *name
, struct passwd
*pwd
,
373 char *buffer
, size_t buflen
, int *errnop
)
378 return NSS_STATUS_UNAVAIL
;
382 if (__glibc_unlikely (yp_get_default_domain (&domain
)))
383 return NSS_STATUS_UNAVAIL
;
385 size_t namelen
= strlen (name
);
389 int yperr
= yp_match (domain
, "passwd.byname", name
, namelen
, &result
, &len
);
391 if (__glibc_unlikely (yperr
!= YPERR_SUCCESS
))
393 enum nss_status retval
= yperr2nss (yperr
);
395 if (retval
== NSS_STATUS_TRYAGAIN
)
400 /* Check for adjunct style secret passwords. They can be recognized
401 by a password starting with "##". We do not use it if the
402 passwd.adjunct.byname table is supposed to be used as a shadow.byname
406 char *p
= strchr (result
, ':');
407 if ((_nsl_default_nss () & NSS_FLAG_ADJUNCT_AS_SHADOW
) == 0
408 && p
!= NULL
/* This better should be true in all cases. */
409 && p
[1] == '#' && p
[2] == '#'
410 && yp_match (domain
, "passwd.adjunct.byname", name
, namelen
,
411 &result2
, &len2
) == YPERR_SUCCESS
)
413 /* We found a passwd.adjunct.byname entry. Merge encrypted password
414 therein into original result. */
415 char *encrypted
= strchr (result2
, ':');
418 if (encrypted
== NULL
419 || (endp
= strchr (++encrypted
, ':')) == NULL
420 || (p
= strchr (p
+ 1, ':')) == NULL
)
422 /* Invalid format of the entry. This never should happen
423 unless the data from which the NIS table is generated is
424 wrong. We simply ignore it. */
429 size_t restlen
= len
- (p
- result
);
430 if (__builtin_expect ((size_t) (namelen
+ (endp
- encrypted
)
431 + restlen
+ 2) > buflen
, 0))
436 return NSS_STATUS_TRYAGAIN
;
439 __mempcpy (__mempcpy (__mempcpy (__mempcpy (buffer
, name
, namelen
),
441 encrypted
, endp
- encrypted
),
450 if (__glibc_unlikely ((size_t) (len
+ 1) > buflen
))
454 return NSS_STATUS_TRYAGAIN
;
457 p
= strncpy (buffer
, result
, len
);
465 int parse_res
= _nss_files_parse_pwent (p
, pwd
, (void *) buffer
, buflen
,
467 if (__glibc_unlikely (parse_res
< 1))
470 return NSS_STATUS_TRYAGAIN
;
472 return NSS_STATUS_NOTFOUND
;
475 return NSS_STATUS_SUCCESS
;
479 _nss_nis_getpwuid_r (uid_t uid
, struct passwd
*pwd
,
480 char *buffer
, size_t buflen
, int *errnop
)
483 if (__glibc_unlikely (yp_get_default_domain (&domain
)))
484 return NSS_STATUS_UNAVAIL
;
487 int nlen
= snprintf (buf
, sizeof (buf
), "%lu", (unsigned long int) uid
);
491 int yperr
= yp_match (domain
, "passwd.byuid", buf
, nlen
, &result
, &len
);
493 if (__glibc_unlikely (yperr
!= YPERR_SUCCESS
))
495 enum nss_status retval
= yperr2nss (yperr
);
497 if (retval
== NSS_STATUS_TRYAGAIN
)
502 /* Check for adjunct style secret passwords. They can be recognized
503 by a password starting with "##". We do not use it if the
504 passwd.adjunct.byname table is supposed to be used as a shadow.byname
509 char *p
= strchr (result
, ':');
510 if ((_nsl_default_nss () & NSS_FLAG_ADJUNCT_AS_SHADOW
) == 0
511 && p
!= NULL
/* This better should be true in all cases. */
512 && p
[1] == '#' && p
[2] == '#'
513 && (namelen
= p
- result
,
514 yp_match (domain
, "passwd.adjunct.byname", result
, namelen
,
515 &result2
, &len2
)) == YPERR_SUCCESS
)
517 /* We found a passwd.adjunct.byname entry. Merge encrypted password
518 therein into original result. */
519 char *encrypted
= strchr (result2
, ':');
523 if (encrypted
== NULL
524 || (endp
= strchr (++encrypted
, ':')) == NULL
525 || (p
= strchr (p
+ 1, ':')) == NULL
)
527 /* Invalid format of the entry. This never should happen
528 unless the data from which the NIS table is generated is
529 wrong. We simply ignore it. */
534 restlen
= len
- (p
- result
);
535 if (__builtin_expect ((size_t) (namelen
+ (endp
- encrypted
)
536 + restlen
+ 2) > buflen
, 0))
541 return NSS_STATUS_TRYAGAIN
;
544 __mempcpy (__mempcpy (__mempcpy (__mempcpy (buffer
, result
, namelen
),
546 encrypted
, endp
- encrypted
),
555 if (__glibc_unlikely ((size_t) (len
+ 1) > buflen
))
559 return NSS_STATUS_TRYAGAIN
;
562 p
= strncpy (buffer
, result
, len
);
570 int parse_res
= _nss_files_parse_pwent (p
, pwd
, (void *) buffer
, buflen
,
572 if (__glibc_unlikely (parse_res
< 1))
575 return NSS_STATUS_TRYAGAIN
;
577 return NSS_STATUS_NOTFOUND
;
580 return NSS_STATUS_SUCCESS
;