search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
configure tweaks, support $libc_add_on_config_subdirs
[glibc/pb-stable.git] / nis / nss_compat / compat-pwd.c
blob669522f21a3d55c490ef568705fada4a3dc2a464
1 /* Copyright (C) 1996-1999, 2001-2006, 2007 Free Software Foundation, Inc.
2 This file is part of the GNU C Library.
3 Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1996.
4
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
9
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
14
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, write to the Free
17 Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
18 02111-1307 USA. */
19
20 #include <ctype.h>
21 #include <errno.h>
22 #include <fcntl.h>
23 #include <netdb.h>
24 #include <nss.h>
25 #include <nsswitch.h>
26 #include <pwd.h>
27 #include <stdio_ext.h>
28 #include <string.h>
29 #include <rpc/types.h>
30 #include <rpcsvc/ypclnt.h>
31 #include <bits/libc-lock.h>
32 #include <kernel-features.h>
33
34 #include "netgroup.h"
35
36 static service_user *ni;
37 static enum nss_status (*nss_setpwent) (int stayopen);
38 static enum nss_status (*nss_getpwnam_r) (const char *name,
39 struct passwd * pwd, char *buffer,
40 size_t buflen, int *errnop);
41 static enum nss_status (*nss_getpwuid_r) (uid_t uid, struct passwd * pwd,
42 char *buffer, size_t buflen,
43 int *errnop);
44 static enum nss_status (*nss_getpwent_r) (struct passwd * pwd, char *buffer,
45 size_t buflen, int *errnop);
46 static enum nss_status (*nss_endpwent) (void);
47
48 /* Get the declaration of the parser function. */
49 #define ENTNAME pwent
50 #define STRUCTURE passwd
51 #define EXTERN_PARSER
52 #include <nss/nss_files/files-parse.c>
53
54 /* Structure for remembering -@netgroup and -user members ... */
55 #define BLACKLIST_INITIAL_SIZE 512
56 #define BLACKLIST_INCREMENT 256
57 struct blacklist_t
58 {
59 char *data;
60 int current;
61 int size;
62 };
63
64 struct ent_t
65 {
66 bool netgroup;
67 bool first;
68 bool files;
69 enum nss_status setent_status;
70 FILE *stream;
71 struct blacklist_t blacklist;
72 struct passwd pwd;
73 struct __netgrent netgrdata;
74 };
75 typedef struct ent_t ent_t;
76
77 static ent_t ext_ent = { false, false, true, NSS_STATUS_SUCCESS, NULL,
78 { NULL, 0, 0 },
79 { NULL, NULL, 0, 0, NULL, NULL, NULL }};
80
81 /* Protect global state against multiple changers. */
82 __libc_lock_define_initialized (static, lock)
83
84 /* Positive if O_CLOEXEC is supported, negative if it is not supported,
85 zero if it is still undecided. This variable is shared with the
86 other compat functions. */
87 #ifdef __ASSUME_O_CLOEXEC
88 # define __compat_have_cloexec 1
89 #else
90 # ifdef O_CLOEXEC
91 extern int __compat_have_cloexec;
92 # else
93 # define __compat_have_cloexec -1
94 # endif
95 #endif
96
97 /* Prototypes for local functions. */
98 static void blacklist_store_name (const char *, ent_t *);
99 static int in_blacklist (const char *, int, ent_t *);
100
101 /* Initialize the NSS interface/functions. The calling function must
102 hold the lock. */
103 static void
104 init_nss_interface (void)
105 {
106 if (__nss_database_lookup ("passwd_compat", NULL, "nis", &ni) >= 0)
107 {
108 nss_setpwent = __nss_lookup_function (ni, "setpwent");
109 nss_getpwnam_r = __nss_lookup_function (ni, "getpwnam_r");
110 nss_getpwuid_r = __nss_lookup_function (ni, "getpwuid_r");
111 nss_getpwent_r = __nss_lookup_function (ni, "getpwent_r");
112 nss_endpwent = __nss_lookup_function (ni, "endpwent");
113 }
114 }
115
116 static void
117 give_pwd_free (struct passwd *pwd)
118 {
119 free (pwd->pw_name);
120 free (pwd->pw_passwd);
121 free (pwd->pw_gecos);
122 free (pwd->pw_dir);
123 free (pwd->pw_shell);
124
125 memset (pwd, '\0', sizeof (struct passwd));
126 }
127
128 static size_t
129 pwd_need_buflen (struct passwd *pwd)
130 {
131 size_t len = 0;
132
133 if (pwd->pw_passwd != NULL)
134 len += strlen (pwd->pw_passwd) + 1;
135
136 if (pwd->pw_gecos != NULL)
137 len += strlen (pwd->pw_gecos) + 1;
138
139 if (pwd->pw_dir != NULL)
140 len += strlen (pwd->pw_dir) + 1;
141
142 if (pwd->pw_shell != NULL)
143 len += strlen (pwd->pw_shell) + 1;
144
145 return len;
146 }
147
148 static void
149 copy_pwd_changes (struct passwd *dest, struct passwd *src,
150 char *buffer, size_t buflen)
151 {
152 if (src->pw_passwd != NULL && strlen (src->pw_passwd))
153 {
154 if (buffer == NULL)
155 dest->pw_passwd = strdup (src->pw_passwd);
156 else if (dest->pw_passwd &&
157 strlen (dest->pw_passwd) >= strlen (src->pw_passwd))
158 strcpy (dest->pw_passwd, src->pw_passwd);
159 else
160 {
161 dest->pw_passwd = buffer;
162 strcpy (dest->pw_passwd, src->pw_passwd);
163 buffer += strlen (dest->pw_passwd) + 1;
164 buflen = buflen - (strlen (dest->pw_passwd) + 1);
165 }
166 }
167
168 if (src->pw_gecos != NULL && strlen (src->pw_gecos))
169 {
170 if (buffer == NULL)
171 dest->pw_gecos = strdup (src->pw_gecos);
172 else if (dest->pw_gecos &&
173 strlen (dest->pw_gecos) >= strlen (src->pw_gecos))
174 strcpy (dest->pw_gecos, src->pw_gecos);
175 else
176 {
177 dest->pw_gecos = buffer;
178 strcpy (dest->pw_gecos, src->pw_gecos);
179 buffer += strlen (dest->pw_gecos) + 1;
180 buflen = buflen - (strlen (dest->pw_gecos) + 1);
181 }
182 }
183 if (src->pw_dir != NULL && strlen (src->pw_dir))
184 {
185 if (buffer == NULL)
186 dest->pw_dir = strdup (src->pw_dir);
187 else if (dest->pw_dir && strlen (dest->pw_dir) >= strlen (src->pw_dir))
188 strcpy (dest->pw_dir, src->pw_dir);
189 else
190 {
191 dest->pw_dir = buffer;
192 strcpy (dest->pw_dir, src->pw_dir);
193 buffer += strlen (dest->pw_dir) + 1;
194 buflen = buflen - (strlen (dest->pw_dir) + 1);
195 }
196 }
197
198 if (src->pw_shell != NULL && strlen (src->pw_shell))
199 {
200 if (buffer == NULL)
201 dest->pw_shell = strdup (src->pw_shell);
202 else if (dest->pw_shell &&
203 strlen (dest->pw_shell) >= strlen (src->pw_shell))
204 strcpy (dest->pw_shell, src->pw_shell);
205 else
206 {
207 dest->pw_shell = buffer;
208 strcpy (dest->pw_shell, src->pw_shell);
209 buffer += strlen (dest->pw_shell) + 1;
210 buflen = buflen - (strlen (dest->pw_shell) + 1);
211 }
212 }
213 }
214
215 static enum nss_status
216 internal_setpwent (ent_t *ent, int stayopen, int needent)
217 {
218 enum nss_status status = NSS_STATUS_SUCCESS;
219
220 ent->first = ent->netgroup = false;
221 ent->files = true;
222 ent->setent_status = NSS_STATUS_SUCCESS;
223
224 /* If something was left over free it. */
225 if (ent->netgroup)
226 __internal_endnetgrent (&ent->netgrdata);
227
228 if (ent->blacklist.data != NULL)
229 {
230 ent->blacklist.current = 1;
231 ent->blacklist.data[0] = '|';
232 ent->blacklist.data[1] = '\0';
233 }
234 else
235 ent->blacklist.current = 0;
236
237 if (ent->stream == NULL)
238 {
239 ent->stream = fopen ("/etc/passwd", "rme");
240
241 if (ent->stream == NULL)
242 status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL;
243 else
244 {
245 /* We have to make sure the file is `closed on exec'. */
246 int result = 0;
247
248 if (__compat_have_cloexec <= 0)
249 {
250 int flags;
251 result = flags = fcntl (fileno_unlocked (ent->stream), F_GETFD,
252 0);
253 if (result >= 0)
254 {
255 #if defined O_CLOEXEC && !defined __ASSUME_O_CLOEXEC
256 if (__compat_have_cloexec == 0)
257 __compat_have_cloexec = (flags & FD_CLOEXEC) ? 1 : -1;
258
259 if (__compat_have_cloexec < 0)
260 #endif
261 {
262 flags |= FD_CLOEXEC;
263 result = fcntl (fileno_unlocked (ent->stream), F_SETFD,
264 flags);
265 }
266 }
267 }
268
269 if (result < 0)
270 {
271 /* Something went wrong. Close the stream and return a
272 failure. */
273 fclose (ent->stream);
274 ent->stream = NULL;
275 status = NSS_STATUS_UNAVAIL;
276 }
277 else
278 /* We take care of locking ourself. */
279 __fsetlocking (ent->stream, FSETLOCKING_BYCALLER);
280 }
281 }
282 else
283 rewind (ent->stream);
284
285 give_pwd_free (&ent->pwd);
286
287 if (needent && status == NSS_STATUS_SUCCESS && nss_setpwent)
288 ent->setent_status = nss_setpwent (stayopen);
289
290 return status;
291 }
292
293
294 enum nss_status
295 _nss_compat_setpwent (int stayopen)
296 {
297 enum nss_status result;
298
299 __libc_lock_lock (lock);
300
301 if (ni == NULL)
302 init_nss_interface ();
303
304 result = internal_setpwent (&ext_ent, stayopen, 1);
305
306 __libc_lock_unlock (lock);
307
308 return result;
309 }
310
311
312 static enum nss_status
313 internal_endpwent (ent_t *ent)
314 {
315 if (nss_endpwent)
316 nss_endpwent ();
317
318 if (ent->stream != NULL)
319 {
320 fclose (ent->stream);
321 ent->stream = NULL;
322 }
323
324 if (ent->netgroup)
325 __internal_endnetgrent (&ent->netgrdata);
326
327 ent->first = ent->netgroup = false;
328
329 if (ent->blacklist.data != NULL)
330 {
331 ent->blacklist.current = 1;
332 ent->blacklist.data[0] = '|';
333 ent->blacklist.data[1] = '\0';
334 }
335 else
336 ent->blacklist.current = 0;
337
338 give_pwd_free (&ent->pwd);
339
340 return NSS_STATUS_SUCCESS;
341 }
342
343 enum nss_status
344 _nss_compat_endpwent (void)
345 {
346 enum nss_status result;
347
348 __libc_lock_lock (lock);
349
350 result = internal_endpwent (&ext_ent);
351
352 __libc_lock_unlock (lock);
353
354 return result;
355 }
356
357
358 static enum nss_status
359 getpwent_next_nss_netgr (const char *name, struct passwd *result, ent_t *ent,
360 char *group, char *buffer, size_t buflen,
361 int *errnop)
362 {
363 char *curdomain, *host, *user, *domain, *p2;
364 int status;
365 size_t p2len;
366
367 /* Leave function if NSS module does not support getpwnam_r,
368 we need this function here. */
369 if (!nss_getpwnam_r)
370 return NSS_STATUS_UNAVAIL;
371
372 if (yp_get_default_domain (&curdomain) != YPERR_SUCCESS)
373 {
374 ent->netgroup = false;
375 ent->first = false;
376 give_pwd_free (&ent->pwd);
377 return NSS_STATUS_UNAVAIL;
378 }
379
380 if (ent->first == true)
381 {
382 memset (&ent->netgrdata, 0, sizeof (struct __netgrent));
383 __internal_setnetgrent (group, &ent->netgrdata);
384 ent->first = false;
385 }
386
387 while (1)
388 {
389 char *saved_cursor;
390
391 saved_cursor = ent->netgrdata.cursor;
392 status = __internal_getnetgrent_r (&host, &user, &domain,
393 &ent->netgrdata, buffer, buflen,
394 errnop);
395 if (status != 1)
396 {
397 __internal_endnetgrent (&ent->netgrdata);
398 ent->netgroup = 0;
399 give_pwd_free (&ent->pwd);
400 return NSS_STATUS_RETURN;
401 }
402
403 if (user == NULL || user[0] == '-')
404 continue;
405
406 if (domain != NULL && strcmp (curdomain, domain) != 0)
407 continue;
408
409 /* If name != NULL, we are called from getpwnam. */
410 if (name != NULL)
411 if (strcmp (user, name) != 0)
412 continue;
413
414 p2len = pwd_need_buflen (&ent->pwd);
415 if (p2len > buflen)
416 {
417 *errnop = ERANGE;
418 return NSS_STATUS_TRYAGAIN;
419 }
420 p2 = buffer + (buflen - p2len);
421 buflen -= p2len;
422
423 if (nss_getpwnam_r (user, result, buffer, buflen, errnop) !=
424 NSS_STATUS_SUCCESS)
425 continue;
426
427 if (!in_blacklist (result->pw_name, strlen (result->pw_name), ent))
428 {
429 /* Store the User in the blacklist for possible the "+" at the
430 end of /etc/passwd */
431 blacklist_store_name (result->pw_name, ent);
432 copy_pwd_changes (result, &ent->pwd, p2, p2len);
433 break;
434 }
435 }
436
437 return NSS_STATUS_SUCCESS;
438 }
439
440 /* get the next user from NSS (+ entry) */
441 static enum nss_status
442 getpwent_next_nss (struct passwd *result, ent_t *ent, char *buffer,
443 size_t buflen, int *errnop)
444 {
445 enum nss_status status;
446 char *p2;
447 size_t p2len;
448
449 /* Return if NSS module does not support getpwent_r. */
450 if (!nss_getpwent_r)
451 return NSS_STATUS_UNAVAIL;
452
453 /* If the setpwent call failed, say so. */
454 if (ent->setent_status != NSS_STATUS_SUCCESS)
455 return ent->setent_status;
456
457 p2len = pwd_need_buflen (&ent->pwd);
458 if (p2len > buflen)
459 {
460 *errnop = ERANGE;
461 return NSS_STATUS_TRYAGAIN;
462 }
463 p2 = buffer + (buflen - p2len);
464 buflen -= p2len;
465
466 if (ent->first)
467 ent->first = false;
468
469 do
470 {
471 if ((status = nss_getpwent_r (result, buffer, buflen, errnop)) !=
472 NSS_STATUS_SUCCESS)
473 return status;
474 }
475 while (in_blacklist (result->pw_name, strlen (result->pw_name), ent));
476
477 copy_pwd_changes (result, &ent->pwd, p2, p2len);
478
479 return NSS_STATUS_SUCCESS;
480 }
481
482 /* This function handle the +user entrys in /etc/passwd */
483 static enum nss_status
484 getpwnam_plususer (const char *name, struct passwd *result, ent_t *ent,
485 char *buffer, size_t buflen, int *errnop)
486 {
487 if (!nss_getpwnam_r)
488 return NSS_STATUS_UNAVAIL;
489
490 struct passwd pwd;
491 memset (&pwd, '\0', sizeof (struct passwd));
492
493 copy_pwd_changes (&pwd, result, NULL, 0);
494
495 size_t plen = pwd_need_buflen (&pwd);
496 if (plen > buflen)
497 {
498 *errnop = ERANGE;
499 return NSS_STATUS_TRYAGAIN;
500 }
501 char *p = buffer + (buflen - plen);
502 buflen -= plen;
503
504 enum nss_status status = nss_getpwnam_r (name, result, buffer, buflen,
505 errnop);
506 if (status != NSS_STATUS_SUCCESS)
507 return status;
508
509 if (in_blacklist (result->pw_name, strlen (result->pw_name), ent))
510 return NSS_STATUS_NOTFOUND;
511
512 copy_pwd_changes (result, &pwd, p, plen);
513 give_pwd_free (&pwd);
514 /* We found the entry. */
515 return NSS_STATUS_SUCCESS;
516 }
517
518 static enum nss_status
519 getpwent_next_file (struct passwd *result, ent_t *ent,
520 char *buffer, size_t buflen, int *errnop)
521 {
522 struct parser_data *data = (void *) buffer;
523 while (1)
524 {
525 fpos_t pos;
526 char *p;
527 int parse_res;
528
529 do
530 {
531 /* We need at least 3 characters for one line. */
532 if (__builtin_expect (buflen < 3, 0))
533 {
534 erange:
535 *errnop = ERANGE;
536 return NSS_STATUS_TRYAGAIN;
537 }
538
539 fgetpos (ent->stream, &pos);
540 buffer[buflen - 1] = '\xff';
541 p = fgets_unlocked (buffer, buflen, ent->stream);
542 if (p == NULL && feof_unlocked (ent->stream))
543 return NSS_STATUS_NOTFOUND;
544
545 if (p == NULL || __builtin_expect (buffer[buflen - 1] != '\xff', 0))
546 {
547 erange_reset:
548 fsetpos (ent->stream, &pos);
549 goto erange;
550 }
551
552 /* Terminate the line for any case. */
553 buffer[buflen - 1] = '\0';
554
555 /* Skip leading blanks. */
556 while (isspace (*p))
557 ++p;
558 }
559 while (*p == '\0' || *p == '#' || /* Ignore empty and comment lines. */
560 /* Parse the line. If it is invalid, loop to
561 get the next line of the file to parse. */
562 !(parse_res = _nss_files_parse_pwent (p, result, data, buflen,
563 errnop)));
564
565 if (__builtin_expect (parse_res == -1, 0))
566 /* The parser ran out of space. */
567 goto erange_reset;
568
569 if (result->pw_name[0] != '+' && result->pw_name[0] != '-')
570 /* This is a real entry. */
571 break;
572
573 /* -@netgroup */
574 if (result->pw_name[0] == '-' && result->pw_name[1] == '@'
575 && result->pw_name[2] != '\0')
576 {
577 /* XXX Do not use fixed length buffer. */
578 char buf2[1024];
579 char *user, *host, *domain;
580 struct __netgrent netgrdata;
581
582 bzero (&netgrdata, sizeof (struct __netgrent));
583 __internal_setnetgrent (&result->pw_name[2], &netgrdata);
584 while (__internal_getnetgrent_r (&host, &user, &domain, &netgrdata,
585 buf2, sizeof (buf2), errnop))
586 {
587 if (user != NULL && user[0] != '-')
588 blacklist_store_name (user, ent);
589 }
590 __internal_endnetgrent (&netgrdata);
591 continue;
592 }
593
594 /* +@netgroup */
595 if (result->pw_name[0] == '+' && result->pw_name[1] == '@'
596 && result->pw_name[2] != '\0')
597 {
598 enum nss_status status;
599
600 ent->netgroup = true;
601 ent->first = true;
602 copy_pwd_changes (&ent->pwd, result, NULL, 0);
603
604 status = getpwent_next_nss_netgr (NULL, result, ent,
605 &result->pw_name[2],
606 buffer, buflen, errnop);
607 if (status == NSS_STATUS_RETURN)
608 continue;
609 else
610 return status;
611 }
612
613 /* -user */
614 if (result->pw_name[0] == '-' && result->pw_name[1] != '\0'
615 && result->pw_name[1] != '@')
616 {
617 blacklist_store_name (&result->pw_name[1], ent);
618 continue;
619 }
620
621 /* +user */
622 if (result->pw_name[0] == '+' && result->pw_name[1] != '\0'
623 && result->pw_name[1] != '@')
624 {
625 size_t len = strlen (result->pw_name);
626 char buf[len];
627 enum nss_status status;
628
629 /* Store the User in the blacklist for the "+" at the end of
630 /etc/passwd */
631 memcpy (buf, &result->pw_name[1], len);
632 status = getpwnam_plususer (&result->pw_name[1], result, ent,
633 buffer, buflen, errnop);
634 blacklist_store_name (buf, ent);
635
636 if (status == NSS_STATUS_SUCCESS) /* We found the entry. */
637 break;
638 else if (status == NSS_STATUS_RETURN /* We couldn't parse the entry */
639 || status == NSS_STATUS_NOTFOUND) /* entry doesn't exist */
640 continue;
641 else
642 {
643 if (status == NSS_STATUS_TRYAGAIN)
644 {
645 /* The parser ran out of space */
646 fsetpos (ent->stream, &pos);
647 *errnop = ERANGE;
648 }
649 return status;
650 }
651 }
652
653 /* +:... */
654 if (result->pw_name[0] == '+' && result->pw_name[1] == '\0')
655 {
656 ent->files = false;
657 ent->first = true;
658 copy_pwd_changes (&ent->pwd, result, NULL, 0);
659
660 return getpwent_next_nss (result, ent, buffer, buflen, errnop);
661 }
662 }
663
664 return NSS_STATUS_SUCCESS;
665 }
666
667
668 static enum nss_status
669 internal_getpwent_r (struct passwd *pw, ent_t *ent, char *buffer,
670 size_t buflen, int *errnop)
671 {
672 if (ent->netgroup)
673 {
674 enum nss_status status;
675
676 /* We are searching members in a netgroup */
677 /* Since this is not the first call, we don't need the group name */
678 status = getpwent_next_nss_netgr (NULL, pw, ent, NULL, buffer, buflen,
679 errnop);
680 if (status == NSS_STATUS_RETURN)
681 return getpwent_next_file (pw, ent, buffer, buflen, errnop);
682 else
683 return status;
684 }
685 else if (ent->files)
686 return getpwent_next_file (pw, ent, buffer, buflen, errnop);
687 else
688 return getpwent_next_nss (pw, ent, buffer, buflen, errnop);
689
690 }
691
692 enum nss_status
693 _nss_compat_getpwent_r (struct passwd *pwd, char *buffer, size_t buflen,
694 int *errnop)
695 {
696 enum nss_status result = NSS_STATUS_SUCCESS;
697
698 __libc_lock_lock (lock);
699
700 /* Be prepared that the setpwent function was not called before. */
701 if (ni == NULL)
702 init_nss_interface ();
703
704 if (ext_ent.stream == NULL)
705 result = internal_setpwent (&ext_ent, 1, 1);
706
707 if (result == NSS_STATUS_SUCCESS)
708 result = internal_getpwent_r (pwd, &ext_ent, buffer, buflen, errnop);
709
710 __libc_lock_unlock (lock);
711
712 return result;
713 }
714
715 /* Searches in /etc/passwd and the NIS/NIS+ map for a special user */
716 static enum nss_status
717 internal_getpwnam_r (const char *name, struct passwd *result, ent_t *ent,
718 char *buffer, size_t buflen, int *errnop)
719 {
720 struct parser_data *data = (void *) buffer;
721
722 while (1)
723 {
724 fpos_t pos;
725 char *p;
726 int parse_res;
727
728 do
729 {
730 /* We need at least 3 characters for one line. */
731 if (__builtin_expect (buflen < 3, 0))
732 {
733 erange:
734 *errnop = ERANGE;
735 return NSS_STATUS_TRYAGAIN;
736 }
737
738 fgetpos (ent->stream, &pos);
739 buffer[buflen - 1] = '\xff';
740 p = fgets_unlocked (buffer, buflen, ent->stream);
741 if (p == NULL && feof_unlocked (ent->stream))
742 {
743 return NSS_STATUS_NOTFOUND;
744 }
745 if (p == NULL || __builtin_expect (buffer[buflen - 1] != '\xff', 0))
746 {
747 erange_reset:
748 fsetpos (ent->stream, &pos);
749 goto erange;
750 }
751
752 /* Terminate the line for any case. */
753 buffer[buflen - 1] = '\0';
754
755 /* Skip leading blanks. */
756 while (isspace (*p))
757 ++p;
758 }
759 while (*p == '\0' || *p == '#' || /* Ignore empty and comment lines. */
760 /* Parse the line. If it is invalid, loop to
761 get the next line of the file to parse. */
762 !(parse_res = _nss_files_parse_pwent (p, result, data, buflen,
763 errnop)));
764
765 if (__builtin_expect (parse_res == -1, 0))
766 /* The parser ran out of space. */
767 goto erange_reset;
768
769 /* This is a real entry. */
770 if (result->pw_name[0] != '+' && result->pw_name[0] != '-')
771 {
772 if (strcmp (result->pw_name, name) == 0)
773 return NSS_STATUS_SUCCESS;
774 else
775 continue;
776 }
777
778 /* -@netgroup */
779 if (result->pw_name[0] == '-' && result->pw_name[1] == '@'
780 && result->pw_name[2] != '\0')
781 {
782 if (innetgr (&result->pw_name[2], NULL, name, NULL))
783 return NSS_STATUS_NOTFOUND;
784 continue;
785 }
786
787 /* +@netgroup */
788 if (result->pw_name[0] == '+' && result->pw_name[1] == '@'
789 && result->pw_name[2] != '\0')
790 {
791 enum nss_status status;
792
793 if (innetgr (&result->pw_name[2], NULL, name, NULL))
794 {
795 status = getpwnam_plususer (name, result, ent, buffer,
796 buflen, errnop);
797
798 if (status == NSS_STATUS_RETURN)
799 continue;
800
801 return status;
802 }
803 continue;
804 }
805
806 /* -user */
807 if (result->pw_name[0] == '-' && result->pw_name[1] != '\0'
808 && result->pw_name[1] != '@')
809 {
810 if (strcmp (&result->pw_name[1], name) == 0)
811 return NSS_STATUS_NOTFOUND;
812 else
813 continue;
814 }
815
816 /* +user */
817 if (result->pw_name[0] == '+' && result->pw_name[1] != '\0'
818 && result->pw_name[1] != '@')
819 {
820 if (strcmp (name, &result->pw_name[1]) == 0)
821 {
822 enum nss_status status;
823
824 status = getpwnam_plususer (name, result, ent, buffer, buflen,
825 errnop);
826 if (status == NSS_STATUS_RETURN)
827 /* We couldn't parse the entry */
828 return NSS_STATUS_NOTFOUND;
829 else
830 return status;
831 }
832 }
833
834 /* +:... */
835 if (result->pw_name[0] == '+' && result->pw_name[1] == '\0')
836 {
837 enum nss_status status;
838
839 status = getpwnam_plususer (name, result, ent,
840 buffer, buflen, errnop);
841 if (status == NSS_STATUS_SUCCESS) /* We found the entry. */
842 break;
843 else if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */
844 return NSS_STATUS_NOTFOUND;
845 else
846 return status;
847 }
848 }
849 return NSS_STATUS_SUCCESS;
850 }
851
852 enum nss_status
853 _nss_compat_getpwnam_r (const char *name, struct passwd *pwd,
854 char *buffer, size_t buflen, int *errnop)
855 {
856 enum nss_status result;
857 ent_t ent = { false, false, true, NSS_STATUS_SUCCESS, NULL, { NULL, 0, 0 },
858 { NULL, NULL, 0, 0, NULL, NULL, NULL }};
859
860 if (name[0] == '-' || name[0] == '+')
861 return NSS_STATUS_NOTFOUND;
862
863 __libc_lock_lock (lock);
864
865 if (ni == NULL)
866 init_nss_interface ();
867
868 __libc_lock_unlock (lock);
869
870 result = internal_setpwent (&ent, 0, 0);
871
872 if (result == NSS_STATUS_SUCCESS)
873 result = internal_getpwnam_r (name, pwd, &ent, buffer, buflen, errnop);
874
875 internal_endpwent (&ent);
876
877 return result;
878 }
879
880 /* This function handle the + entry in /etc/passwd for getpwuid */
881 static enum nss_status
882 getpwuid_plususer (uid_t uid, struct passwd *result, char *buffer,
883 size_t buflen, int *errnop)
884 {
885 struct passwd pwd;
886 char *p;
887 size_t plen;
888
889 if (!nss_getpwuid_r)
890 return NSS_STATUS_UNAVAIL;
891
892 memset (&pwd, '\0', sizeof (struct passwd));
893
894 copy_pwd_changes (&pwd, result, NULL, 0);
895
896 plen = pwd_need_buflen (&pwd);
897 if (plen > buflen)
898 {
899 *errnop = ERANGE;
900 return NSS_STATUS_TRYAGAIN;
901 }
902 p = buffer + (buflen - plen);
903 buflen -= plen;
904
905 if (nss_getpwuid_r (uid, result, buffer, buflen, errnop) ==
906 NSS_STATUS_SUCCESS)
907 {
908 copy_pwd_changes (result, &pwd, p, plen);
909 give_pwd_free (&pwd);
910 /* We found the entry. */
911 return NSS_STATUS_SUCCESS;
912 }
913 else
914 {
915 /* Give buffer the old len back */
916 buflen += plen;
917 give_pwd_free (&pwd);
918 }
919 return NSS_STATUS_RETURN;
920 }
921
922 /* Searches in /etc/passwd and the NSS subsystem for a special user id */
923 static enum nss_status
924 internal_getpwuid_r (uid_t uid, struct passwd *result, ent_t *ent,
925 char *buffer, size_t buflen, int *errnop)
926 {
927 struct parser_data *data = (void *) buffer;
928
929 while (1)
930 {
931 fpos_t pos;
932 char *p;
933 int parse_res;
934
935 do
936 {
937 /* We need at least 3 characters for one line. */
938 if (__builtin_expect (buflen < 3, 0))
939 {
940 erange:
941 *errnop = ERANGE;
942 return NSS_STATUS_TRYAGAIN;
943 }
944
945 fgetpos (ent->stream, &pos);
946 buffer[buflen - 1] = '\xff';
947 p = fgets_unlocked (buffer, buflen, ent->stream);
948 if (p == NULL && feof_unlocked (ent->stream))
949 return NSS_STATUS_NOTFOUND;
950
951 if (p == NULL || __builtin_expect (buffer[buflen - 1] != '\xff', 0))
952 {
953 erange_reset:
954 fsetpos (ent->stream, &pos);
955 goto erange;
956 }
957
958 /* Terminate the line for any case. */
959 buffer[buflen - 1] = '\0';
960
961 /* Skip leading blanks. */
962 while (isspace (*p))
963 ++p;
964 }
965 while (*p == '\0' || *p == '#' || /* Ignore empty and comment lines. */
966 /* Parse the line. If it is invalid, loop to
967 get the next line of the file to parse. */
968 !(parse_res = _nss_files_parse_pwent (p, result, data, buflen,
969 errnop)));
970
971 if (__builtin_expect (parse_res == -1, 0))
972 /* The parser ran out of space. */
973 goto erange_reset;
974
975 /* This is a real entry. */
976 if (result->pw_name[0] != '+' && result->pw_name[0] != '-')
977 {
978 if (result->pw_uid == uid)
979 return NSS_STATUS_SUCCESS;
980 else
981 continue;
982 }
983
984 /* -@netgroup */
985 if (result->pw_name[0] == '-' && result->pw_name[1] == '@'
986 && result->pw_name[2] != '\0')
987 {
988 /* -1, because we remove first two character of pw_name. */
989 size_t len = strlen (result->pw_name) - 1;
990 char buf[len];
991 enum nss_status status;
992
993 memcpy (buf, &result->pw_name[2], len);
994
995 status = getpwuid_plususer (uid, result, buffer, buflen, errnop);
996 if (status == NSS_STATUS_SUCCESS &&
997 innetgr (buf, NULL, result->pw_name, NULL))
998 return NSS_STATUS_NOTFOUND;
999
1000 continue;
1001 }
1002
1003 /* +@netgroup */
1004 if (result->pw_name[0] == '+' && result->pw_name[1] == '@'
1005 && result->pw_name[2] != '\0')
1006 {
1007 /* -1, because we remove first two characters of pw_name. */
1008 size_t len = strlen (result->pw_name) - 1;
1009 char buf[len];
1010 enum nss_status status;
1011
1012 memcpy (buf, &result->pw_name[2], len);
1013
1014 status = getpwuid_plususer (uid, result, buffer, buflen, errnop);
1015
1016 if (status == NSS_STATUS_RETURN)
1017 continue;
1018
1019 if (status == NSS_STATUS_SUCCESS)
1020 {
1021 if (innetgr (buf, NULL, result->pw_name, NULL))
1022 return NSS_STATUS_SUCCESS;
1023 }
1024 else if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */
1025 return NSS_STATUS_NOTFOUND;
1026 else
1027 return status;
1028
1029 continue;
1030 }
1031
1032 /* -user */
1033 if (result->pw_name[0] == '-' && result->pw_name[1] != '\0'
1034 && result->pw_name[1] != '@')
1035 {
1036 size_t len = strlen (result->pw_name);
1037 char buf[len];
1038 enum nss_status status;
1039
1040 memcpy (buf, &result->pw_name[1], len);
1041
1042 status = getpwuid_plususer (uid, result, buffer, buflen, errnop);
1043 if (status == NSS_STATUS_SUCCESS &&
1044 innetgr (buf, NULL, result->pw_name, NULL))
1045 return NSS_STATUS_NOTFOUND;
1046 continue;
1047 }
1048
1049 /* +user */
1050 if (result->pw_name[0] == '+' && result->pw_name[1] != '\0'
1051 && result->pw_name[1] != '@')
1052 {
1053 size_t len = strlen (result->pw_name);
1054 char buf[len];
1055 enum nss_status status;
1056
1057 memcpy (buf, &result->pw_name[1], len);
1058
1059 status = getpwuid_plususer (uid, result, buffer, buflen, errnop);
1060
1061 if (status == NSS_STATUS_RETURN)
1062 continue;
1063
1064 if (status == NSS_STATUS_SUCCESS)
1065 {
1066 if (strcmp (buf, result->pw_name) == 0)
1067 return NSS_STATUS_SUCCESS;
1068 }
1069 else if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */
1070 return NSS_STATUS_NOTFOUND;
1071 else
1072 return status;
1073
1074 continue;
1075 }
1076
1077 /* +:... */
1078 if (result->pw_name[0] == '+' && result->pw_name[1] == '\0')
1079 {
1080 enum nss_status status;
1081
1082 status = getpwuid_plususer (uid, result, buffer, buflen, errnop);
1083 if (status == NSS_STATUS_SUCCESS) /* We found the entry. */
1084 break;
1085 else if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */
1086 return NSS_STATUS_NOTFOUND;
1087 else
1088 return status;
1089 }
1090 }
1091 return NSS_STATUS_SUCCESS;
1092 }
1093
1094 enum nss_status
1095 _nss_compat_getpwuid_r (uid_t uid, struct passwd *pwd,
1096 char *buffer, size_t buflen, int *errnop)
1097 {
1098 enum nss_status result;
1099 ent_t ent = { false, false, true, NSS_STATUS_SUCCESS, NULL, { NULL, 0, 0 },
1100 { NULL, NULL, 0, 0, NULL, NULL, NULL }};
1101
1102 __libc_lock_lock (lock);
1103
1104 if (ni == NULL)
1105 init_nss_interface ();
1106
1107 __libc_lock_unlock (lock);
1108
1109 result = internal_setpwent (&ent, 0, 0);
1110
1111 if (result == NSS_STATUS_SUCCESS)
1112 result = internal_getpwuid_r (uid, pwd, &ent, buffer, buflen, errnop);
1113
1114 internal_endpwent (&ent);
1115
1116 return result;
1117 }
1118
1119
1120 /* Support routines for remembering -@netgroup and -user entries.
1121 The names are stored in a single string with `|' as separator. */
1122 static void
1123 blacklist_store_name (const char *name, ent_t *ent)
1124 {
1125 int namelen = strlen (name);
1126 char *tmp;
1127
1128 /* first call, setup cache */
1129 if (ent->blacklist.size == 0)
1130 {
1131 ent->blacklist.size = MAX (BLACKLIST_INITIAL_SIZE, 2 * namelen);
1132 ent->blacklist.data = malloc (ent->blacklist.size);
1133 if (ent->blacklist.data == NULL)
1134 return;
1135 ent->blacklist.data[0] = '|';
1136 ent->blacklist.data[1] = '\0';
1137 ent->blacklist.current = 1;
1138 }
1139 else
1140 {
1141 if (in_blacklist (name, namelen, ent))
1142 return; /* no duplicates */
1143
1144 if (ent->blacklist.current + namelen + 1 >= ent->blacklist.size)
1145 {
1146 ent->blacklist.size += MAX (BLACKLIST_INCREMENT, 2 * namelen);
1147 tmp = realloc (ent->blacklist.data, ent->blacklist.size);
1148 if (tmp == NULL)
1149 {
1150 free (ent->blacklist.data);
1151 ent->blacklist.size = 0;
1152 return;
1153 }
1154 ent->blacklist.data = tmp;
1155 }
1156 }
1157
1158 tmp = stpcpy (ent->blacklist.data + ent->blacklist.current, name);
1159 *tmp++ = '|';
1160 *tmp = '\0';
1161 ent->blacklist.current += namelen + 1;
1162
1163 return;
1164 }
1165
1166 /* Returns TRUE if ent->blacklist contains name, else FALSE. */
1167 static bool_t
1168 in_blacklist (const char *name, int namelen, ent_t *ent)
1169 {
1170 char buf[namelen + 3];
1171 char *cp;
1172
1173 if (ent->blacklist.data == NULL)
1174 return FALSE;
1175
1176 buf[0] = '|';
1177 cp = stpcpy (&buf[1], name);
1178 *cp++ = '|';
1179 *cp = '\0';
1180 return strstr (ent->blacklist.data, buf) != NULL;
1181 }
Petr Baudis' queue of bugfixes for stable glibc branches