search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Update.
[glibc.git] / nis / nss_nis / nis-publickey.c
blob73afd442a9a3fc7f0f98b4d60ea47f8ac33d2fce
1 /* Copyright (C) 1996, 1997, 1998 Free Software Foundation, Inc.
2 This file is part of the GNU C Library.
3 Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1996.
4
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Library General Public License as
7 published by the Free Software Foundation; either version 2 of the
8 License, or (at your option) any later version.
9
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Library General Public License for more details.
14
15 You should have received a copy of the GNU Library General Public
16 License along with the GNU C Library; see the file COPYING.LIB. If not,
17 write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA. */
19
20 #include <nss.h>
21 #include <ctype.h>
22 #include <errno.h>
23 #include <string.h>
24 #include <syslog.h>
25 #include <rpc/rpc.h>
26 #include <rpcsvc/yp.h>
27 #include <rpcsvc/ypclnt.h>
28 #include <rpc/key_prot.h>
29 extern int xdecrypt (char *, char *);
30
31 #include "nss-nis.h"
32
33 /* If we haven't found the entry, we give a SUCCESS and an empty key back.
34 Solaris docu says: sizeof (pkey) == HEXKEYBYTES + 1.
35 */
36 enum nss_status
37 _nss_nis_getpublickey (const char *netname, char *pkey, int *errnop)
38 {
39 enum nss_status retval;
40 char *domain, *result;
41 int len;
42
43 pkey[0] = 0;
44
45 if (netname == NULL)
46 {
47 *errnop = EINVAL;
48 return NSS_STATUS_UNAVAIL;
49 }
50
51 domain = strchr (netname, '@');
52 if (!domain)
53 return NSS_STATUS_UNAVAIL;
54 domain++;
55
56 retval = yperr2nss (yp_match (domain, "publickey.byname", netname,
57 strlen (netname), &result, &len));
58
59 if (retval != NSS_STATUS_SUCCESS)
60 {
61 if (retval == NSS_STATUS_NOTFOUND)
62 *errnop = ENOENT;
63 else if (retval == NSS_STATUS_TRYAGAIN)
64 *errnop = errno;
65 return retval;
66 }
67
68 if (result != NULL)
69 {
70 char *p = strchr (result, ':');
71 if (p != NULL)
72 *p = 0;
73 strncpy (pkey, result, HEXKEYBYTES + 1);
74 pkey[HEXKEYBYTES] = '\0';
75 }
76 return NSS_STATUS_SUCCESS;
77 }
78
79 enum nss_status
80 _nss_nis_getsecretkey (const char *netname, char *skey, char *passwd,
81 int *errnop)
82 {
83 enum nss_status retval;
84 char buf[2 * (HEXKEYBYTES + 1)];
85 char *domain, *result;
86 int len;
87
88 skey[0] = 0;
89
90 if (netname == NULL || passwd == NULL)
91 {
92 *errnop = EINVAL;
93 return NSS_STATUS_UNAVAIL;
94 }
95
96 domain = strchr (netname, '@');
97 if (!domain)
98 return NSS_STATUS_UNAVAIL;
99 domain++;
100
101 retval = yperr2nss (yp_match (domain, "publickey.byname", netname,
102 strlen (netname), &result, &len));
103
104 if (retval != NSS_STATUS_SUCCESS)
105 {
106 if (retval == NSS_STATUS_NOTFOUND)
107 *errnop = ENOENT;
108 else if (retval == NSS_STATUS_TRYAGAIN)
109 *errnop = errno;
110 return retval;
111 }
112
113 if (result != NULL)
114 {
115 char *p = strchr (result, ':');
116 if (p == NULL)
117 return NSS_STATUS_SUCCESS;
118
119 ++p;
120 strncpy (buf, p, 2 * (HEXKEYBYTES + 1));
121 buf[2 * (HEXKEYBYTES + 1)] = '\0';
122 if (!xdecrypt (buf, passwd))
123 return NSS_STATUS_SUCCESS;
124
125 if (memcmp (buf, &(buf[HEXKEYBYTES]), KEYCHECKSUMSIZE) != 0)
126 return NSS_STATUS_SUCCESS;
127
128 buf[HEXKEYBYTES] = '\0';
129 strcpy (skey, buf);
130 }
131 return NSS_STATUS_SUCCESS;
132 }
133
134 /* Parse uid and group information from the passed string.
135 The format of the string passed is uid:gid,grp,grp, ... */
136 static enum nss_status
137 parse_netid_str (const char *s, uid_t *uidp, gid_t *gidp, int *gidlenp,
138 gid_t *gidlist)
139 {
140 char *p;
141 int gidlen;
142
143 if (!s || !isdigit (*s))
144 {
145 syslog (LOG_ERR, "netname2user: expecting uid '%s'", s);
146 return NSS_STATUS_NOTFOUND; /* XXX need a better error */
147 }
148
149 /* Fetch the uid */
150 *uidp = (atoi (s));
151
152 if (*uidp == 0)
153 {
154 syslog (LOG_ERR, "netname2user: should not have uid 0");
155 return NSS_STATUS_NOTFOUND;
156 }
157
158 /* Now get the group list */
159 p = strchr (s, ':');
160 if (!p)
161 {
162 syslog (LOG_ERR, "netname2user: missing group id list in '%s'", s);
163 return NSS_STATUS_NOTFOUND;
164 }
165 ++p; /* skip ':' */
166 if (!p || (!isdigit (*p)))
167 {
168 syslog (LOG_ERR, "netname2user: missing group id list in '%s'.", p);
169 return NSS_STATUS_NOTFOUND;
170 }
171
172 *gidp = (atoi (p));
173
174 gidlen = 0;
175
176 while ((p = strchr (p, ',')) != NULL)
177 {
178 p++;
179 gidlist[gidlen++] = atoi (p);
180 }
181
182 *gidlenp = gidlen;
183
184 return NSS_STATUS_SUCCESS;
185 }
186
187
188 enum nss_status
189 _nss_nis_netname2user (char netname[MAXNETNAMELEN + 1], uid_t *uidp,
190 gid_t *gidp, int *gidlenp, gid_t *gidlist, int *errnop)
191 {
192 char *domain;
193 int yperr;
194 char *lookup;
195 int len;
196
197 domain = strchr (netname, '@');
198 if (!domain)
199 return NSS_STATUS_UNAVAIL;
200
201 /* Point past the '@' character */
202 domain++;
203 lookup = NULL;
204 yperr = yp_match (domain, "netid.byname", netname, strlen (netname),
205 &lookup, &len);
206 switch (yperr)
207 {
208 case YPERR_SUCCESS:
209 break; /* the successful case */
210 case YPERR_DOMAIN:
211 case YPERR_KEY:
212 return NSS_STATUS_NOTFOUND;
213 case YPERR_MAP:
214 default:
215 return NSS_STATUS_UNAVAIL;
216 }
217 if (lookup)
218 {
219 enum nss_status err;
220
221 lookup[len] = '\0';
222 err = parse_netid_str (lookup, uidp, gidp, gidlenp, gidlist);
223 free (lookup);
224 return err;
225 }
226 else
227 return NSS_STATUS_NOTFOUND;
228
229 return NSS_STATUS_SUCCESS;
230 }
sources.redhat.com git mirror of glibc CVS