search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'master' of ../null
[unleashed.git] / include / nss_dbdefs.h
blobb3a4bd8ea53f4ca96fb1d80b4a0aaef24d9d3fec
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2014 Garrett D'Amore <garrett@damore.org>
23 *
24 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
25 * Use is subject to license terms.
26 *
27 * Database-specific definitions for the getXXXbyYYY routines
28 * (e.g getpwuid_r(), ether_ntohost()) that use the name-service switch.
29 * Database-independent definitions are in <nss_common.h>
30 *
31 * Ideally, this is the only switch header file one would add things
32 * to in order to support a new database.
33 *
34 * NOTE: The interfaces documented in this file may change in a minor
35 * release. It is intended that in the future a stronger committment
36 * will be made to these interface definitions which will guarantee
37 * them across minor releases.
38 */
39
40 #ifndef _NSS_DBDEFS_H
41 #define _NSS_DBDEFS_H
42
43 #include <sys/types.h>
44 #include <unistd.h>
45 #include <errno.h>
46 #include <netdb.h> /* MAXALIASES, MAXADDRS */
47 #include <limits.h> /* LOGNAME_MAX */
48 #include <nss_common.h>
49
50 #ifdef __cplusplus
51 extern "C" {
52 #endif
53
54 #ifndef NSS_INCLUDE_UNSAFE
55 #define NSS_INCLUDE_UNSAFE 1 /* Build old, MT-unsafe interfaces, */
56 #endif /* NSS_INCLUDE_UNSAFE */ /* e.g. getpwnam (c.f. getpwnam_r) */
57
58 /*
59 * Names of the well-known databases.
60 */
61
62 #define NSS_DBNAM_ALIASES "aliases" /* E-mail aliases, that is */
63 #define NSS_DBNAM_AUTOMOUNT "automount"
64 #define NSS_DBNAM_BOOTPARAMS "bootparams"
65 #define NSS_DBNAM_ETHERS "ethers"
66 #define NSS_DBNAM_GROUP "group"
67 #define NSS_DBNAM_HOSTS "hosts"
68 #define NSS_DBNAM_IPNODES "ipnodes"
69 #define NSS_DBNAM_NETGROUP "netgroup"
70 #define NSS_DBNAM_NETMASKS "netmasks"
71 #define NSS_DBNAM_NETWORKS "networks"
72 #define NSS_DBNAM_PASSWD "passwd"
73 #define NSS_DBNAM_PRINTERS "printers"
74 #define NSS_DBNAM_PROJECT "project"
75 #define NSS_DBNAM_PROTOCOLS "protocols"
76 #define NSS_DBNAM_PUBLICKEY "publickey"
77 #define NSS_DBNAM_RPC "rpc"
78 #define NSS_DBNAM_SERVICES "services"
79 #define NSS_DBNAM_AUDITUSER "audit_user"
80 #define NSS_DBNAM_AUTHATTR "auth_attr"
81 #define NSS_DBNAM_EXECATTR "exec_attr"
82 #define NSS_DBNAM_PROFATTR "prof_attr"
83 #define NSS_DBNAM_USERATTR "user_attr"
84
85 /* getspnam() et al use the "passwd" config entry but the "shadow" backend */
86 #define NSS_DBNAM_SHADOW "shadow"
87
88 /* The "compat" backend gets config entries for these pseudo-databases */
89 #define NSS_DBNAM_PASSWD_COMPAT "passwd_compat"
90 #define NSS_DBNAM_GROUP_COMPAT "group_compat"
91
92 /*
93 * Default switch configuration, compiled into the front-ends.
94 *
95 * Absent good reasons to the contrary, this should be compatible with the
96 * default /etc/nsswitch.conf file.
97 */
98 #define NSS_FILES_ONLY "files"
99 #define NSS_FILES_NS "files nis"
100 #define NSS_NS_FALLBACK "nis [NOTFOUND=return] files"
101 #define NSS_NS_ONLY "nis"
102
103 #define NSS_DEFCONF_ALIASES NSS_FILES_NS
104 #define NSS_DEFCONF_AUTOMOUNT NSS_FILES_NS
105 #define NSS_DEFCONF_BOOTPARAMS NSS_NS_FALLBACK
106 #define NSS_DEFCONF_ETHERS NSS_NS_FALLBACK
107 #define NSS_DEFCONF_GROUP NSS_FILES_NS
108 #define NSS_DEFCONF_HOSTS NSS_NS_FALLBACK
109 #define NSS_DEFCONF_IPNODES NSS_NS_FALLBACK
110 #define NSS_DEFCONF_NETGROUP NSS_NS_ONLY
111 #define NSS_DEFCONF_NETMASKS NSS_NS_FALLBACK
112 #define NSS_DEFCONF_NETWORKS NSS_NS_FALLBACK
113 #define NSS_DEFCONF_PASSWD NSS_FILES_NS
114 #define NSS_DEFCONF_PRINTERS "user files nis"
115 #define NSS_DEFCONF_PROJECT NSS_FILES_NS
116 #define NSS_DEFCONF_PROTOCOLS NSS_NS_FALLBACK
117 #define NSS_DEFCONF_PUBLICKEY NSS_FILES_NS
118 #define NSS_DEFCONF_RPC NSS_NS_FALLBACK
119 #define NSS_DEFCONF_SERVICES NSS_FILES_NS /* speeds up byname() */
120
121 #define NSS_DEFCONF_GROUP_COMPAT NSS_NS_ONLY
122 #define NSS_DEFCONF_PASSWD_COMPAT NSS_NS_ONLY
123
124 #define NSS_DEFCONF_ATTRDB NSS_FILES_NS
125
126 #define NSS_DEFCONF_AUDITUSER NSS_DEFCONF_PASSWD
127 #define NSS_DEFCONF_USERATTR NSS_DEFCONF_PASSWD
128 #define NSS_DEFCONF_AUTHATTR NSS_DEFCONF_ATTRDB
129 #define NSS_DEFCONF_PROFATTR NSS_DEFCONF_ATTRDB
130 #define NSS_DEFCONF_EXECATTR NSS_DEFCONF_PROFATTR
131
132 /*
133 * Line-lengths that the "files" and "compat" backends will try to support.
134 * It may be reasonable (even advisable) to use smaller values than these.
135 */
136
137 #define NSS_BUFSIZ 1024
138
139 #define NSS_LINELEN_GROUP ((NSS_BUFSIZ) * 8)
140 #define NSS_LINELEN_HOSTS ((NSS_BUFSIZ) * 8)
141 #define NSS_LINELEN_IPNODES ((NSS_BUFSIZ) * 8)
142 #define NSS_LINELEN_NETMASKS NSS_BUFSIZ
143 #define NSS_LINELEN_NETWORKS NSS_BUFSIZ
144 #define NSS_LINELEN_PASSWD NSS_BUFSIZ
145 #define NSS_LINELEN_PRINTERS NSS_BUFSIZ
146 #define NSS_LINELEN_PROJECT ((NSS_BUFSIZ) * 4)
147 #define NSS_LINELEN_PROTOCOLS NSS_BUFSIZ
148 #define NSS_LINELEN_PUBLICKEY NSS_BUFSIZ
149 #define NSS_LINELEN_RPC NSS_BUFSIZ
150 #define NSS_LINELEN_SERVICES NSS_BUFSIZ
151 #define NSS_LINELEN_SHADOW NSS_BUFSIZ
152 #define NSS_LINELEN_ETHERS NSS_BUFSIZ
153 #define NSS_LINELEN_BOOTPARAMS NSS_BUFSIZ
154
155 #define NSS_LINELEN_ATTRDB NSS_BUFSIZ
156
157 #define NSS_LINELEN_AUDITUSER NSS_LINELEN_ATTRDB
158 #define NSS_LINELEN_AUTHATTR NSS_LINELEN_ATTRDB
159 #define NSS_LINELEN_EXECATTR NSS_LINELEN_ATTRDB
160 #define NSS_LINELEN_PROFATTR NSS_LINELEN_ATTRDB
161 #define NSS_LINELEN_USERATTR NSS_LINELEN_ATTRDB
162
163 #define NSS_MMAPLEN_EXECATTR NSS_LINELEN_EXECATTR * 8
164
165 /*
166 * Reasonable defaults for 'buflen' values passed to _r functions. The BSD
167 * and SunOS 4.x implementations of the getXXXbyYYY() functions used hard-
168 * coded array sizes; the values here are meant to handle anything that
169 * those implementations handled.
170 * === These might more reasonably go in <pwd.h>, <netdb.h> et al
171 */
172
173 #define NSS_BUFLEN_GROUP NSS_LINELEN_GROUP
174 #define NSS_BUFLEN_HOSTS \
175 (NSS_LINELEN_HOSTS + (MAXALIASES + MAXADDRS + 2) * sizeof (char *))
176 #define NSS_BUFLEN_IPNODES \
177 (NSS_LINELEN_IPNODES + (MAXALIASES + MAXADDRS + 2) * sizeof (char *))
178 #define NSS_BUFLEN_NETGROUP (MAXHOSTNAMELEN * 2 + LOGNAME_MAX + 3)
179 #define NSS_BUFLEN_NETWORKS NSS_LINELEN_NETWORKS /* === ? + 35 * 4 */
180 #define NSS_BUFLEN_PASSWD NSS_LINELEN_PASSWD
181 #define NSS_BUFLEN_PROJECT (NSS_LINELEN_PROJECT + 800 * sizeof (char *))
182 #define NSS_BUFLEN_PROTOCOLS NSS_LINELEN_PROTOCOLS /* === ? + 35 * 4 */
183 #define NSS_BUFLEN_PUBLICKEY NSS_LINELEN_PUBLICKEY
184 #define NSS_BUFLEN_RPC NSS_LINELEN_RPC /* === ? + 35 * 4 */
185 #define NSS_BUFLEN_SERVICES NSS_LINELEN_SERVICES /* === ? + 35 * 4 */
186 #define NSS_BUFLEN_SHADOW NSS_LINELEN_SHADOW
187 #define NSS_BUFLEN_ETHERS NSS_LINELEN_ETHERS
188 #define NSS_BUFLEN_BOOTPARAMS NSS_LINELEN_BOOTPARAMS
189
190 #define NSS_BUFLEN_ATTRDB NSS_LINELEN_ATTRDB
191
192 #define NSS_BUFLEN_AUDITUSER NSS_BUFLEN_ATTRDB
193 #define NSS_BUFLEN_AUTHATTR NSS_BUFLEN_ATTRDB
194 #define NSS_BUFLEN_EXECATTR NSS_BUFLEN_ATTRDB
195 #define NSS_BUFLEN_PROFATTR NSS_BUFLEN_ATTRDB
196 #define NSS_BUFLEN_USERATTR ((NSS_BUFLEN_ATTRDB) * 8)
197
198 /*
199 * Default cache door buffer size (2x largest buffer)
200 */
201
202 #define NSS_BUFLEN_DOOR ((NSS_BUFSIZ) * 16)
203
204 /*
205 * Arguments and results, passed between the frontends and backends for
206 * the well-known databases. The getXbyY_r() and getXent_r() routines
207 * use a common format that is further described below; other routines
208 * use their own formats.
209 */
210
211 /*
212 * The nss_str2ent_t routine is the data marshaller for the nsswitch.
213 * it converts 'native files' format into 'entry' format as part of the
214 * return processing for a getXbyY interface.
215 *
216 * The nss_groupstr_t routine does the real work for any backend
217 * that can supply a netgroup entry as a string in /etc/group format
218 */
219 typedef int (*nss_str2ent_t)(const char *in, int inlen,
220 void *ent, char *buf, int buflen);
221
222 struct nss_groupsbymem; /* forward definition */
223 typedef nss_status_t (*nss_groupstr_t)(const char *instr, int inlen,
224 struct nss_groupsbymem *);
225
226 /*
227 * The initgroups() function [see initgroups(3c)] needs to find all the
228 * groups to which a given user belongs. To do this it calls
229 * _getgroupsbymember(), which is part of the frontend for the "group"
230 * database.
231 * We want the same effect as if we used getgrent_r() to enumerate the
232 * entire groups database (possibly from multiple sources), but getgrent_r()
233 * is too inefficient. Most backends can do better if they know they're
234 * meant to scan all groups; hence there's a separate backend operation,
235 * NSS_DBOP_GROUP_BYMEMBER, which uses the nss_groupsbymem struct.
236 * Note that the normal return-value from such a backend, even when it
237 * successfully finds matching group entries, is NSS_NOTFOUND, because
238 * this tells the switch engine to keep searching in any more sources.
239 * In fact, the backends only return NSS_SUCCESS if they find enough
240 * matching entries that the gid_array is completely filled, in which
241 * case the switch engine should stop searching.
242 * If the force_slow_way field is set, the backend should eschew any cached
243 * information (e.g. the YP netid.byname map or the NIS+ cred.org_dir table)
244 * and should instead grind its way through the group map/table/whatever.
245 */
246
247 struct nss_groupsbymem { /* For _getgroupsbymember() */
248 /* in: */
249 const char *username;
250 gid_t *gid_array;
251 int maxgids;
252 int force_slow_way;
253 nss_str2ent_t str2ent;
254 nss_groupstr_t process_cstr;
255
256 /* in_out: */
257 int numgids;
258 };
259
260 /*
261 * The netgroup routines are handled as follows:
262 *
263 * Policy decision:
264 * If netgroup A refers to netgroup B, both must occur in the same
265 * source (other choices give very confusing semantics). This
266 * assumption is deeply embedded in the frontend and backends.
267 *
268 * - setnetgrent(), despite its name, is really a getXXXbyYYY operation:
269 * it takes a name and finds a netgroup with that name (see the
270 * nss_setnetgrent_args struct below). The "result" that it returns
271 * to the frontend is an nss_backend_t for a pseudo-backend that allows
272 * one to enumerate the members of that netgroup.
273 *
274 * - getnetgrent() calls the 'getXXXent' function in the pseudo-backend;
275 * it doesn't go through the switch engine at all. It uses the
276 * nss_getnetgrent_args struct below.
277 *
278 * - innetgr() is implemented on top of __multi_innetgr(), which replaces
279 * each (char *) argument of innetgr() with a counted vector of (char *).
280 * The semantics are the same as an OR of the results of innetgr()
281 * operations on each possible 4-tuple picked from the arguments, but
282 * it's possible to implement some cases more efficiently. This is
283 * important for mountd, which used to read YP netgroup.byhost directly
284 * in order to determine efficiently whether a given host belonged to any
285 * one of a long list of netgroups. Wildcarded arguments are indicated
286 * by a count of zero.
287 *
288 * - __multi_innetgr() uses the nss_innetgr_args struct. A backend whose
289 * source contains at least one of the groups listed in the 'groups'
290 * vector will return NSS_SUCCESS and will set the 'status' field to
291 * indicate whether any 4-tuple was satisfied. A backend will only
292 * return NSS_NOTFOUND if the source contained none of the groups
293 * listed in the 'groups' vector.
294 */
295
296 enum nss_netgr_argn { /* We need (machine, user, domain) triples */
297 NSS_NETGR_MACHINE = 0,
298 NSS_NETGR_USER = 1,
299 NSS_NETGR_DOMAIN = 2,
300 NSS_NETGR_N = 3
301 };
302
303 enum nss_netgr_status { /* Status from setnetgrent, multi_innetgr */
304 NSS_NETGR_FOUND = 0,
305 NSS_NETGR_NO = 1,
306 NSS_NETGR_NOMEM = 2
307 };
308
309 struct nss_setnetgrent_args {
310 /* in: */
311 const char *netgroup;
312 /* out: */
313 nss_backend_t *iterator; /* <==== Explain */
314 };
315
316 struct nss_getnetgrent_args {
317 /* in: */
318 char *buffer;
319 int buflen;
320 /* out: */
321 enum nss_netgr_status status;
322 char *retp[NSS_NETGR_N];
323 };
324
325 typedef unsigned nss_innetgr_argc; /* 0 means wildcard */
326 typedef char ** nss_innetgr_argv; /* === Do we really need these? */
327
328 struct nss_innetgr_1arg {
329 nss_innetgr_argc argc;
330 nss_innetgr_argv argv;
331 };
332
333 struct nss_innetgr_args {
334 /* in: */
335 struct nss_innetgr_1arg arg[NSS_NETGR_N];
336 struct nss_innetgr_1arg groups;
337 /* out: */
338 enum nss_netgr_status status;
339 };
340
341 /*
342 * nss_XbyY_buf_t -- structure containing the generic arguments passwd to
343 * getXXXbyYYY_r() and getXXXent_r() routines. The (void *) value points to
344 * a struct of the appropriate type, e.g. struct passwd or struct hostent.
345 *
346 * The functions that allocate and free these structures do no locking at
347 * all, since the routines that use them are inherently MT-unsafe anyway.
348 */
349
350 typedef struct {
351 void *result; /* "result" parameter to getXbyY_r() */
352 char *buffer; /* "buffer" " " */
353 int buflen; /* "buflen" " " */
354 } nss_XbyY_buf_t;
355
356 extern nss_XbyY_buf_t *_nss_XbyY_buf_alloc(int struct_size, int buffer_size);
357 extern void _nss_XbyY_buf_free(nss_XbyY_buf_t *);
358
359 #define NSS_XbyY_ALLOC(bufpp, str_size, buf_size) (\
360 (*bufpp) == 0 \
361 ? (*bufpp) = _nss_XbyY_buf_alloc(str_size, buf_size) \
362 : (*bufpp))
363
364 #define NSS_XbyY_FREE(bufpp) (_nss_XbyY_buf_free(*bufpp), (*bufpp) = 0)
365
366 /*
367 * The nss_XbyY_args_t struct contains all the information passed between
368 * frontends and backends for the getXbyY_r() and getXent() routines,
369 * including an nss_XbyY_buf_t and the lookup key (unused for getXXXent_r).
370 *
371 * The (*str2ent)() member converts a single XXXent from ASCII text to the
372 * appropriate struct, storing any pointer data (strings, in_addrs, arrays
373 * of these) in the buffer. The ASCII text is a counted string (*not* a
374 * zero-terminated string) whose length is specified by the instr_len
375 * parameter. The text is found at the address specified by instr and
376 * the string is treated as readonly. buffer and instr must be non-
377 * intersecting memory areas.
378 *
379 * With the exception of passwd, shadow and group, the text form for these
380 * databases allows trailing comments and arbitrary whitespace. The
381 * corresponding str2ent routine assumes that comments, leading whitespace
382 * and trailing whitespace have been stripped (and thus assumes that entries
383 * consisting only of these have been discarded).
384 *
385 * The text entries for "rpc" and for the databases described in <netdb.h>
386 * follow a common format (a canonical name with a possibly empty list
387 * of aliases, and some other value), albeit with minor variations.
388 * The function _nss_netdb_aliases() does most of the generic work involved
389 * in parsing and marshalling these into the buffer.
390 */
391
392 typedef union nss_XbyY_key { /* No tag; backend should know what to expect */
393 uid_t uid;
394 gid_t gid;
395 projid_t projid;
396 const char *name;
397 int number;
398 struct {
399 int net;
400 int type;
401 } netaddr;
402 struct {
403 const char *addr;
404 int len;
405 int type;
406 } hostaddr;
407 struct {
408 union {
409 const char *name;
410 int port;
411 } serv;
412 const char *proto;
413 } serv;
414 void *ether;
415 struct {
416 const char *name;
417 const char *keytype;
418 } pkey;
419 struct {
420 const char *name;
421 int af_family;
422 int flags;
423 } ipnode;
424 void *attrp; /* for the new attr databases */
425 } nss_XbyY_key_t;
426
427
428 typedef int (*nss_key2str_t)(void *buffer, size_t buflen,
429 nss_XbyY_key_t *key, size_t *len);
430
431
432 typedef struct nss_XbyY_args {
433
434 /* IN */
435 nss_XbyY_buf_t buf;
436 int stayopen;
437 /*
438 * Support for setXXXent(stayopen)
439 * Used only in hosts, protocols,
440 * networks, rpc, and services.
441 */
442 nss_str2ent_t str2ent;
443 union nss_XbyY_key key;
444
445 /* OUT */
446 void *returnval;
447 int erange;
448 int h_errno; /* For gethost*_r() */
449 nss_status_t status; /* from the backend last called */
450 /* NSS2 */
451 nss_key2str_t key2str; /* IN */
452 size_t returnlen; /* OUT */
453
454 /* NSCD/DOOR data */
455
456 /* ... buffer arena follows... */
457 } nss_XbyY_args_t;
458
459
460
461 /*
462 * nss/nscd v2 interface, packed buffer format
463 *
464 * A key component of the v2 name service switch is the redirection
465 * of all activity to nscd for actual processing. In the original
466 * switch most activity took place in each application, and the nscd
467 * cache component was an add-on optional interface.
468 *
469 * The nscd v1 format was a completely private interface that
470 * implemented specific bufferiing formats on a per getXbyY API basis.
471 *
472 * The nss/nscd v2 interface uses a common header and commonalizes
473 * the buffering format as consistently as possible. The general rule
474 * of thumb is that backends are required to assemble their results in
475 * "files based" format [IE the format used on a per result basis as
476 * returned by the files backend] and then call the standard str2ent
477 * interface. This is the original intended design as used in the files
478 * and nis backends.
479 *
480 * The benefit of this is that the application side library can assemble
481 * a request and provide a header and a variable length result buffer via
482 * a doors API, and then the nscd side switch can assemble a a getXbyY
483 * request providing the result buffer and a str2ent function that copies
484 * but does not unpack the result.
485 *
486 * This results is returned back via the door, and unpacked using the
487 * native library side str2ent interface.
488 *
489 * Additionally, the common header allows extensibility to add new
490 * getXbyYs, putXbyYs or other maintenance APIs to/from nscd without
491 * changing the existing "old style" backend interfaces.
492 *
493 * Finally new style getXbyY, putXbyY and backend interfaces can be
494 * by adding new operation requests to the header, while old style
495 * backwards compatability.
496 */
497
498 /*
499 * nss/nscd v2 callnumber definitions
500 */
501
502 /*
503 * callnumbers are separated by categories, such as:
504 * application to nscd requests, nscd to nscd requests,
505 * smf to nscd requests, etc.
506 */
507
508 #define NSCDV2CATMASK (0xFF000000)
509 #define NSCDV2CALLMASK (0x00FFFFFF)
510
511 /*
512 * nss/nscd v2 categories
513 */
514
515 #define NSCD_CALLCAT_APP ('a'<<24)
516 #define NSCD_CALLCAT_N2N ('n'<<24)
517
518 /* nscd v2 app-> nscd callnumbers */
519
520 #define NSCD_SEARCH (NSCD_CALLCAT_APP|0x01)
521 #define NSCD_SETENT (NSCD_CALLCAT_APP|0x02)
522 #define NSCD_GETENT (NSCD_CALLCAT_APP|0x03)
523 #define NSCD_ENDENT (NSCD_CALLCAT_APP|0x04)
524 #define NSCD_PUT (NSCD_CALLCAT_APP|0x05)
525 #define NSCD_GETHINTS (NSCD_CALLCAT_APP|0x06)
526
527 /* nscd v2 SETENT cookie markers */
528
529 #define NSCD_NEW_COOKIE 0
530 #define NSCD_LOCAL_COOKIE 1
531
532 /* nscd v2 header revision */
533 /* treated as 0xMMMMmmmm MMMM - Major Rev, mmmm - Minor Rev */
534
535 #define NSCD_HEADER_REV 0x00020000
536
537 /*
538 * ptr/uint data type used to calculate shared nscd buffer struct sizes
539 * sizes/offsets are arbitrarily limited to 32 bits for 32/64 compatibility
540 * datatype is 64 bits for possible pointer storage and future use
541 */
542
543 typedef uint64_t nssuint_t;
544
545 /*
546 * nscd v2 buffer layout overview
547 *
548 * The key interface to nscd moving forward is the doors interface
549 * between applications and nscd (NSCD_CALLCAT_APP), and nscd and
550 * it's children (NSCD_CALLCAT_N2N).
551 *
552 * Regardless of the interface used, the buffer layout is consistent.
553 * The General Layout is:
554 * [nss_pheader_t][IN key][OUT data results]{extend results}
555 *
556 * The header (nss_pheader_t) remains constant.
557 * Keys and key layouts vary between call numbers/requests
558 * NSCD_CALLCAT_APP use key layouts mimics/defines in nss_dbdefs.h
559 * NSCD_CALLCAT_NSN use layouts defined by nscd headers
560 * Data and data results vary between results
561 * NSCD_CALLCAT_APP return "file standard format" output buffers
562 * NSCD_CALLCAT_NSN return data defined by nscd headers
563 * extended results are optional and vary
564 *
565 */
566
567 /*
568 * nss_pheader_t -- buffer header structure that contains switch data
569 * "packed" by the client into a buffer suitable for transport over
570 * nscd's door, and that can be unpacked into a native form within
571 * nscd's switch. Capable of packing and unpacking data ans results.
572 *
573 * NSCD_HEADER_REV: 0x00020000 16 x uint64 = (128 byte header)
574 */
575
576 typedef struct {
577 uint32_t nsc_callnumber; /* packed buffer request */
578 uint32_t nss_dbop; /* old nss dbop */
579 uint32_t p_ruid; /* real uid */
580 uint32_t p_euid; /* effective uid */
581 uint32_t p_version; /* 0xMMMMmmmm Major/minor */
582 uint32_t p_status; /* nss_status_t */
583 uint32_t p_errno; /* errno */
584 uint32_t p_herrno; /* h_errno */
585 nssuint_t libpriv; /* reserved (for lib/client) */
586 nssuint_t pbufsiz; /* buffer size */
587 nssuint_t dbd_off; /* IN: db desc off */
588 nssuint_t dbd_len; /* IN: db desc len */
589 nssuint_t key_off; /* IN: key off */
590 nssuint_t key_len; /* IN: key len */
591 nssuint_t data_off; /* OUT: data off */
592 nssuint_t data_len; /* OUT: data len */
593 nssuint_t ext_off; /* OUT: extended results off */
594 nssuint_t ext_len; /* OUT: extended results len */
595 nssuint_t nscdpriv; /* reserved (for nscd) */
596 nssuint_t reserved1; /* reserved (TBD) */
597 } nss_pheader_t;
598
599 /*
600 * nss_pnetgr_t -- packed offset structure for holding keys used
601 * by innetgr (__multi_innetgr) key
602 * Key format is:
603 * nss_pnetgr_t
604 * (nssuint_t)[machine_argc] offsets to strings
605 * (nssuint_t)[user_argc] offsets to strings
606 * (nssuint_t)[domain_argc] offsets to strings
607 * (nssuint_t)[groups_argc] offsets to strings
608 * machine,user,domain,groups strings
609 */
610
611 typedef struct {
612 uint32_t machine_argc;
613 uint32_t user_argc;
614 uint32_t domain_argc;
615 uint32_t groups_argc;
616 nssuint_t machine_offv;
617 nssuint_t user_offv;
618 nssuint_t domain_offv;
619 nssuint_t groups_offv;
620 } nss_pnetgr_t;
621
622
623 /* status returned by the str2ent parsing routines */
624 #define NSS_STR_PARSE_SUCCESS 0
625 #define NSS_STR_PARSE_PARSE 1
626 #define NSS_STR_PARSE_ERANGE 2
627
628 #define NSS_XbyY_INIT(str, res, bufp, len, func) (\
629 (str)->buf.result = (res), \
630 (str)->buf.buffer = (bufp), \
631 (str)->buf.buflen = (len), \
632 (str)->stayopen = 0, \
633 (str)->str2ent = (func), \
634 (str)->key2str = NULL, \
635 (str)->returnval = 0, \
636 (str)->returnlen = 0, \
637 (str)->h_errno = 0, \
638 (str)->erange = 0)
639
640 #define NSS_XbyY_INIT_EXT(str, res, bufp, len, func, kfunc) (\
641 (str)->buf.result = (res), \
642 (str)->buf.buffer = (bufp), \
643 (str)->buf.buflen = (len), \
644 (str)->stayopen = 0, \
645 (str)->str2ent = (func), \
646 (str)->key2str = (kfunc), \
647 (str)->returnval = 0, \
648 (str)->returnlen = 0, \
649 (str)->h_errno = 0, \
650 (str)->erange = 0)
651
652 #define NSS_XbyY_FINI(str) _nss_XbyY_fini(str)
653
654 #define NSS_PACKED_CRED_CHECK(buf, ruid, euid) (\
655 ((nss_pheader_t *)(buf))->p_ruid == (ruid) && \
656 ((nss_pheader_t *)(buf))->p_euid == (euid))
657
658 extern void *_nss_XbyY_fini(nss_XbyY_args_t *);
659 extern char **_nss_netdb_aliases(const char *, int, char *, int);
660 extern nss_status_t nss_default_key2str(void *, size_t, nss_XbyY_args_t *,
661 const char *, int, size_t *);
662 extern nss_status_t nss_packed_arg_init(void *, size_t, nss_db_root_t *,
663 nss_db_initf_t *, int *,
664 nss_XbyY_args_t *);
665 extern nss_status_t nss_packed_context_init(void *, size_t, nss_db_root_t *,
666 nss_db_initf_t *, nss_getent_t **,
667 nss_XbyY_args_t *);
668 extern void nss_packed_set_status(void *, size_t, nss_status_t,
669 nss_XbyY_args_t *);
670 extern nss_status_t nss_packed_getkey(void *, size_t, char **, int *,
671 nss_XbyY_args_t *);
672
673 /*
674 * nss_dbop_t values for searches with various keys; values for
675 * destructor/endent/setent/getent are defined in <nss_common.h>
676 */
677
678 /*
679 * These are part of the "Over the wire" IE app->nscd getXbyY
680 * op for well known getXbyY's. Cannot use NSS_DBOP_X_Y directly
681 * because NSS_DBOP_next_iter is NOT an incrementing counter value
682 * it's a starting offset into an array value.
683 */
684
685 #define NSS_DBOP_X(x) ((x)<<16)
686 #define NSS_DBOP_XY(x, y) ((x)|(y))
687
688 #define NSS_DBOP_ALIASES NSS_DBOP_X(1)
689 #define NSS_DBOP_AUTOMOUNT NSS_DBOP_X(2)
690 #define NSS_DBOP_BOOTPARAMS NSS_DBOP_X(3)
691 #define NSS_DBOP_ETHERS NSS_DBOP_X(4)
692 #define NSS_DBOP_GROUP NSS_DBOP_X(5)
693 #define NSS_DBOP_HOSTS NSS_DBOP_X(6)
694 #define NSS_DBOP_IPNODES NSS_DBOP_X(7)
695 #define NSS_DBOP_NETGROUP NSS_DBOP_X(8)
696 #define NSS_DBOP_NETMASKS NSS_DBOP_X(9)
697 #define NSS_DBOP_NETWORKS NSS_DBOP_X(10)
698 #define NSS_DBOP_PASSWD NSS_DBOP_X(11)
699 #define NSS_DBOP_PRINTERS NSS_DBOP_X(12)
700 #define NSS_DBOP_PROJECT NSS_DBOP_X(13)
701 #define NSS_DBOP_PROTOCOLS NSS_DBOP_X(14)
702 #define NSS_DBOP_PUBLICKEY NSS_DBOP_X(15)
703 #define NSS_DBOP_RPC NSS_DBOP_X(16)
704 #define NSS_DBOP_SERVICES NSS_DBOP_X(17)
705 #define NSS_DBOP_AUDITUSER NSS_DBOP_X(18)
706 #define NSS_DBOP_AUTHATTR NSS_DBOP_X(19)
707 #define NSS_DBOP_EXECATTR NSS_DBOP_X(20)
708 #define NSS_DBOP_PROFATTR NSS_DBOP_X(21)
709 #define NSS_DBOP_USERATTR NSS_DBOP_X(22)
710
711 #define NSS_DBOP_GROUP_BYNAME (NSS_DBOP_next_iter)
712 #define NSS_DBOP_GROUP_BYGID (NSS_DBOP_GROUP_BYNAME + 1)
713 #define NSS_DBOP_GROUP_BYMEMBER (NSS_DBOP_GROUP_BYGID + 1)
714
715 #define NSS_DBOP_PASSWD_BYNAME (NSS_DBOP_next_iter)
716 #define NSS_DBOP_PASSWD_BYUID (NSS_DBOP_PASSWD_BYNAME + 1)
717
718 /* The "compat" backend requires that PASSWD_BYNAME == SHADOW_BYNAME */
719 /* (it also requires that both use key.name to pass the username). */
720 #define NSS_DBOP_SHADOW_BYNAME (NSS_DBOP_PASSWD_BYNAME)
721
722 #define NSS_DBOP_PROJECT_BYNAME (NSS_DBOP_next_iter)
723 #define NSS_DBOP_PROJECT_BYID (NSS_DBOP_PROJECT_BYNAME + 1)
724
725 #define NSS_DBOP_HOSTS_BYNAME (NSS_DBOP_next_iter)
726 #define NSS_DBOP_HOSTS_BYADDR (NSS_DBOP_HOSTS_BYNAME + 1)
727
728 #define NSS_DBOP_IPNODES_BYNAME (NSS_DBOP_next_iter)
729 #define NSS_DBOP_IPNODES_BYADDR (NSS_DBOP_IPNODES_BYNAME + 1)
730
731 /*
732 * NSS_DBOP_NAME_2ADDR
733 * NSS_DBOP_ADDR_2NAME
734 * : are defines for ipv6 api's
735 */
736
737 #define NSS_DBOP_NAME_2ADDR (NSS_DBOP_next_ipv6_iter)
738 #define NSS_DBOP_ADDR_2NAME (NSS_DBOP_NAME_2ADDR + 1)
739
740 #define NSS_DBOP_RPC_BYNAME (NSS_DBOP_next_iter)
741 #define NSS_DBOP_RPC_BYNUMBER (NSS_DBOP_RPC_BYNAME + 1)
742
743 #define NSS_DBOP_NETWORKS_BYNAME (NSS_DBOP_next_iter)
744 #define NSS_DBOP_NETWORKS_BYADDR (NSS_DBOP_NETWORKS_BYNAME + 1)
745
746 #define NSS_DBOP_SERVICES_BYNAME (NSS_DBOP_next_iter)
747 #define NSS_DBOP_SERVICES_BYPORT (NSS_DBOP_SERVICES_BYNAME + 1)
748
749 #define NSS_DBOP_PROTOCOLS_BYNAME (NSS_DBOP_next_iter)
750 #define NSS_DBOP_PROTOCOLS_BYNUMBER (NSS_DBOP_PROTOCOLS_BYNAME + 1)
751
752 #define NSS_DBOP_ETHERS_HOSTTON (NSS_DBOP_next_noiter)
753 #define NSS_DBOP_ETHERS_NTOHOST (NSS_DBOP_ETHERS_HOSTTON + 1)
754
755 #define NSS_DBOP_BOOTPARAMS_BYNAME (NSS_DBOP_next_noiter)
756 #define NSS_DBOP_NETMASKS_BYNET (NSS_DBOP_next_noiter)
757
758 #define NSS_DBOP_PRINTERS_BYNAME (NSS_DBOP_next_iter)
759
760 /*
761 * The "real" backend for netgroup (__multi_innetgr, setnetgrent)
762 */
763 #define NSS_DBOP_NETGROUP_IN (NSS_DBOP_next_iter)
764 #define NSS_DBOP_NETGROUP_SET (NSS_DBOP_NETGROUP_IN + 1)
765
766 /*
767 * The backend for getpublickey and getsecretkey (getkeys)
768 */
769 #define NSS_DBOP_KEYS_BYNAME (NSS_DBOP_next_iter)
770
771 /*
772 * The pseudo-backend for netgroup (returned by setnetgrent) doesn't have
773 * any getXXXbyYYY operations, just the usual destr/end/set/get ops,
774 * so needs no definitions here.
775 */
776
777 #define NSS_DBOP_ATTRDB_BYNAME (NSS_DBOP_next_iter)
778
779 #define NSS_DBOP_AUDITUSER_BYNAME NSS_DBOP_ATTRDB_BYNAME
780 #define NSS_DBOP_AUTHATTR_BYNAME NSS_DBOP_ATTRDB_BYNAME
781 #define NSS_DBOP_EXECATTR_BYNAME NSS_DBOP_ATTRDB_BYNAME
782 #define NSS_DBOP_EXECATTR_BYID (NSS_DBOP_EXECATTR_BYNAME + 1)
783 #define NSS_DBOP_EXECATTR_BYNAMEID (NSS_DBOP_EXECATTR_BYID + 1)
784 #define NSS_DBOP_PROFATTR_BYNAME NSS_DBOP_ATTRDB_BYNAME
785 #define NSS_DBOP_USERATTR_BYNAME NSS_DBOP_ATTRDB_BYNAME
786
787 /*
788 * Used all over in the switch code. The best home for it I can think of.
789 * Power-of-two alignments only.
790 */
791 #define ROUND_DOWN(n, align) (((uintptr_t)n) & ~((align) - 1l))
792 #define ROUND_UP(n, align) ROUND_DOWN(((uintptr_t)n) + (align) - 1l, \
793 (align))
794
795 #ifdef __cplusplus
796 }
797 #endif
798
799 #endif /* _NSS_DBDEFS_H */
Unleashed OS