d201fe46e3
adding (weak definitions to) stubs for some of the pthread functions. If the threads library is linked in, the real pthread functions will pulled in. Use the following convention for system calls wrapped by the threads library: __sys_foo - actual system call _foo - weak definition to __sys_foo foo - weak definition to __sys_foo Change all libc uses of system calls wrapped by the threads library from foo to _foo. In order to define the prototypes for _foo(), we introduce namespace.h and un-namespace.h (suggested by bde). All files that need to reference these system calls, should include namespace.h before any standard includes, then include un-namespace.h after the standard includes and before any local includes. <db.h> is an exception and shouldn't be included in between namespace.h and un-namespace.h namespace.h will define foo to _foo, and un-namespace.h will undefine foo. Try to eliminate some of the recursive calls to MT-safe functions in libc/stdio in preparation for adding a mutex to FILE. We have recursive mutexes, but would like to avoid using them if possible. Remove uneeded includes of <errno.h> from a few files. Add $FreeBSD$ to a few files in order to pass commitprep. Approved by: -arch
1165 lines
26 KiB
C
1165 lines
26 KiB
C
/* $NetBSD: getpwent.c,v 1.40.2.2 1999/04/27 22:09:45 perry Exp $ */
|
|
|
|
/*
|
|
* Copyright (c) 1988, 1993
|
|
* The Regents of the University of California. All rights reserved.
|
|
* Portions Copyright (c) 1994, 1995, Jason Downs. All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
* 3. All advertising materials mentioning features or use of this software
|
|
* must display the following acknowledgement:
|
|
* This product includes software developed by the University of
|
|
* California, Berkeley and its contributors.
|
|
* 4. Neither the name of the University nor the names of its contributors
|
|
* may be used to endorse or promote products derived from this software
|
|
* without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*/
|
|
|
|
#include <sys/cdefs.h>
|
|
#if defined(LIBC_SCCS) && !defined(lint)
|
|
static const char *rcsid[] =
|
|
"$FreeBSD$";
|
|
#endif /* LIBC_SCCS and not lint */
|
|
|
|
#include "un-namespace.h"
|
|
#include <sys/param.h>
|
|
#include <fcntl.h>
|
|
#include <db.h>
|
|
#include <syslog.h>
|
|
#include <pwd.h>
|
|
#include <utmp.h>
|
|
#include <errno.h>
|
|
#include <unistd.h>
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
#include <limits.h>
|
|
#include <nsswitch.h>
|
|
#ifdef HESIOD
|
|
#include <hesiod.h>
|
|
#endif
|
|
#ifdef YP
|
|
#include <machine/param.h>
|
|
#include <stdio.h>
|
|
#include <rpc/rpc.h>
|
|
#include <rpcsvc/yp_prot.h>
|
|
#include <rpcsvc/ypclnt.h>
|
|
#endif
|
|
#include "un-namespace.h"
|
|
|
|
extern void setnetgrent __P((char *));
|
|
extern int getnetgrent __P((char **, char **, char **));
|
|
extern int innetgr __P((const char *, const char *, const char *, const char *));
|
|
|
|
#include "pw_scan.h"
|
|
|
|
#if defined(YP) || defined(HESIOD)
|
|
#define _PASSWD_COMPAT
|
|
#endif
|
|
|
|
/*
|
|
* The lookup techniques and data extraction code here must be kept
|
|
* in sync with that in `pwd_mkdb'.
|
|
*/
|
|
|
|
static struct passwd _pw_passwd = { "", "", 0, 0, 0, "", "", "", "", 0, 0 };
|
|
static DB *_pw_db; /* password database */
|
|
static int _pw_keynum; /* key counter. no more records if -1 */
|
|
static int _pw_stayopen; /* keep fd's open */
|
|
|
|
static int __hashpw __P((DBT *));
|
|
static int __initdb __P((void));
|
|
|
|
static const ns_src compatsrc[] = {
|
|
{ NSSRC_COMPAT, NS_SUCCESS },
|
|
{ 0 }
|
|
};
|
|
|
|
#ifdef YP
|
|
static char *__ypcurrent, *__ypdomain;
|
|
static int __ypcurrentlen;
|
|
static int _pw_ypdone; /* non-zero if no more yp records */
|
|
#endif
|
|
|
|
#ifdef HESIOD
|
|
static int _pw_hesnum; /* hes counter. no more records if -1 */
|
|
#endif
|
|
|
|
#ifdef _PASSWD_COMPAT
|
|
enum _pwmode { PWMODE_NONE, PWMODE_FULL, PWMODE_USER, PWMODE_NETGRP };
|
|
static enum _pwmode __pwmode;
|
|
|
|
enum _ypmap { YPMAP_NONE, YPMAP_ADJUNCT, YPMAP_MASTER };
|
|
|
|
static struct passwd *__pwproto = (struct passwd *)NULL;
|
|
static int __pwproto_flags;
|
|
static char line[1024];
|
|
static long prbuf[1024 / sizeof(long)];
|
|
static DB *__pwexclude = (DB *)NULL;
|
|
|
|
static int __pwexclude_add __P((const char *));
|
|
static int __pwexclude_is __P((const char *));
|
|
static void __pwproto_set __P((void));
|
|
static int __ypmaptype __P((void));
|
|
static int __pwparse __P((struct passwd *, char *));
|
|
|
|
/* macros for deciding which YP maps to use. */
|
|
#define PASSWD_BYNAME (__ypmaptype() == YPMAP_MASTER \
|
|
? "master.passwd.byname" : "passwd.byname")
|
|
#define PASSWD_BYUID (__ypmaptype() == YPMAP_MASTER \
|
|
? "master.passwd.byuid" : "passwd.byuid")
|
|
|
|
/*
|
|
* add a name to the compat mode exclude list
|
|
*/
|
|
static int
|
|
__pwexclude_add(name)
|
|
const char *name;
|
|
{
|
|
DBT key;
|
|
DBT data;
|
|
|
|
/* initialize the exclusion table if needed. */
|
|
if(__pwexclude == (DB *)NULL) {
|
|
__pwexclude = dbopen(NULL, O_RDWR, 600, DB_HASH, NULL);
|
|
if(__pwexclude == (DB *)NULL)
|
|
return 1;
|
|
}
|
|
|
|
/* set up the key */
|
|
key.size = strlen(name);
|
|
/* LINTED key does not get modified */
|
|
key.data = (char *)name;
|
|
|
|
/* data is nothing. */
|
|
data.data = NULL;
|
|
data.size = 0;
|
|
|
|
/* store it */
|
|
if((__pwexclude->put)(__pwexclude, &key, &data, 0) == -1)
|
|
return 1;
|
|
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* test if a name is on the compat mode exclude list
|
|
*/
|
|
static int
|
|
__pwexclude_is(name)
|
|
const char *name;
|
|
{
|
|
DBT key;
|
|
DBT data;
|
|
|
|
if(__pwexclude == (DB *)NULL)
|
|
return 0; /* nothing excluded */
|
|
|
|
/* set up the key */
|
|
key.size = strlen(name);
|
|
/* LINTED key does not get modified */
|
|
key.data = (char *)name;
|
|
|
|
if((__pwexclude->get)(__pwexclude, &key, &data, 0) == 0)
|
|
return 1; /* excluded */
|
|
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* Setup the compat mode prototype template that may be used in
|
|
* __pwparse. Only pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, and
|
|
* pw_shell are used. The other fields are zero'd.
|
|
*/
|
|
static void
|
|
__pwproto_set()
|
|
{
|
|
char *ptr;
|
|
struct passwd *pw = &_pw_passwd;
|
|
|
|
/* make this the new prototype */
|
|
ptr = (char *)(void *)prbuf;
|
|
|
|
/* first allocate the struct. */
|
|
__pwproto = (struct passwd *)(void *)ptr;
|
|
ptr += sizeof(struct passwd);
|
|
memset(__pwproto, 0, sizeof(*__pwproto));
|
|
|
|
__pwproto_flags = 0;
|
|
|
|
/* password */
|
|
if(pw->pw_passwd && (pw->pw_passwd)[0]) {
|
|
ptr = (char *)ALIGN((u_long)ptr);
|
|
memmove(ptr, pw->pw_passwd, strlen(pw->pw_passwd) + 1);
|
|
__pwproto->pw_passwd = ptr;
|
|
ptr += (strlen(pw->pw_passwd) + 1);
|
|
__pwproto_flags |= _PWF_PASSWD;
|
|
}
|
|
|
|
/* uid, gid */
|
|
if (pw->pw_fields & _PWF_UID) {
|
|
__pwproto->pw_uid = pw->pw_uid;
|
|
__pwproto_flags |= _PWF_UID;
|
|
}
|
|
if (pw->pw_fields & _PWF_GID) {
|
|
__pwproto->pw_gid = pw->pw_gid;
|
|
__pwproto_flags |= _PWF_GID;
|
|
}
|
|
|
|
/* gecos */
|
|
if(pw->pw_gecos && (pw->pw_gecos)[0]) {
|
|
ptr = (char *)ALIGN((u_long)ptr);
|
|
memmove(ptr, pw->pw_gecos, strlen(pw->pw_gecos) + 1);
|
|
__pwproto->pw_gecos = ptr;
|
|
ptr += (strlen(pw->pw_gecos) + 1);
|
|
__pwproto_flags |= _PWF_GECOS;
|
|
}
|
|
|
|
/* dir */
|
|
if(pw->pw_dir && (pw->pw_dir)[0]) {
|
|
ptr = (char *)ALIGN((u_long)ptr);
|
|
memmove(ptr, pw->pw_dir, strlen(pw->pw_dir) + 1);
|
|
__pwproto->pw_dir = ptr;
|
|
ptr += (strlen(pw->pw_dir) + 1);
|
|
__pwproto_flags |= _PWF_DIR;
|
|
}
|
|
|
|
/* shell */
|
|
if(pw->pw_shell && (pw->pw_shell)[0]) {
|
|
ptr = (char *)ALIGN((u_long)ptr);
|
|
memmove(ptr, pw->pw_shell, strlen(pw->pw_shell) + 1);
|
|
__pwproto->pw_shell = ptr;
|
|
ptr += (strlen(pw->pw_shell) + 1);
|
|
__pwproto_flags |= _PWF_SHELL;
|
|
}
|
|
}
|
|
|
|
static int
|
|
__ypmaptype()
|
|
{
|
|
static int maptype = -1;
|
|
int order, r;
|
|
|
|
if (maptype != -1)
|
|
return (maptype);
|
|
|
|
maptype = YPMAP_NONE;
|
|
if (geteuid() != 0)
|
|
return (maptype);
|
|
|
|
if (!__ypdomain) {
|
|
if( _yp_check(&__ypdomain) == 0)
|
|
return (maptype);
|
|
}
|
|
|
|
r = yp_order(__ypdomain, "master.passwd.byname", &order);
|
|
if (r == 0) {
|
|
maptype = YPMAP_MASTER;
|
|
return (maptype);
|
|
}
|
|
|
|
/*
|
|
* NIS+ in YP compat mode doesn't support
|
|
* YPPROC_ORDER -- no point in continuing.
|
|
*/
|
|
if (r == YPERR_YPERR)
|
|
return (maptype);
|
|
|
|
/* master.passwd doesn't exist -- try passwd.adjunct */
|
|
if (r == YPERR_MAP) {
|
|
r = yp_order(__ypdomain, "passwd.adjunct.byname", &order);
|
|
if (r == 0)
|
|
maptype = YPMAP_ADJUNCT;
|
|
return (maptype);
|
|
}
|
|
|
|
return (maptype);
|
|
}
|
|
|
|
/*
|
|
* parse a passwd file line (from NIS or HESIOD).
|
|
* assumed to be `old-style' if maptype != YPMAP_MASTER.
|
|
*/
|
|
static int
|
|
__pwparse(pw, s)
|
|
struct passwd *pw;
|
|
char *s;
|
|
{
|
|
static char adjunctpw[YPMAXRECORD + 2];
|
|
int flags, maptype;
|
|
|
|
maptype = __ypmaptype();
|
|
flags = 0;
|
|
if (maptype == YPMAP_MASTER)
|
|
flags |= _PWSCAN_MASTER;
|
|
if (! __pw_scan(s, pw, flags))
|
|
return 1;
|
|
|
|
/* now let the prototype override, if set. */
|
|
if(__pwproto != (struct passwd *)NULL) {
|
|
#ifdef PW_OVERRIDE_PASSWD
|
|
if(__pwproto_flags & _PWF_PASSWD)
|
|
pw->pw_passwd = __pwproto->pw_passwd;
|
|
#endif
|
|
if(__pwproto_flags & _PWF_UID)
|
|
pw->pw_uid = __pwproto->pw_uid;
|
|
if(__pwproto_flags & _PWF_GID)
|
|
pw->pw_gid = __pwproto->pw_gid;
|
|
if(__pwproto_flags & _PWF_GECOS)
|
|
pw->pw_gecos = __pwproto->pw_gecos;
|
|
if(__pwproto_flags & _PWF_DIR)
|
|
pw->pw_dir = __pwproto->pw_dir;
|
|
if(__pwproto_flags & _PWF_SHELL)
|
|
pw->pw_shell = __pwproto->pw_shell;
|
|
}
|
|
if ((maptype == YPMAP_ADJUNCT) &&
|
|
(strstr(pw->pw_passwd, "##") != NULL)) {
|
|
char *data, *bp;
|
|
int datalen;
|
|
|
|
if (yp_match(__ypdomain, "passwd.adjunct.byname", pw->pw_name,
|
|
(int)strlen(pw->pw_name), &data, &datalen) == 0) {
|
|
if (datalen > sizeof(adjunctpw) - 1)
|
|
datalen = sizeof(adjunctpw) - 1;
|
|
strncpy(adjunctpw, data, (size_t)datalen);
|
|
|
|
/* skip name to get password */
|
|
if ((bp = strsep(&data, ":")) != NULL &&
|
|
(bp = strsep(&data, ":")) != NULL)
|
|
pw->pw_passwd = bp;
|
|
}
|
|
}
|
|
return 0;
|
|
}
|
|
#endif /* _PASSWD_COMPAT */
|
|
|
|
/*
|
|
* local files implementation of getpw*()
|
|
* varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ]
|
|
*/
|
|
static int _local_getpw __P((void *, void *, va_list));
|
|
|
|
/*ARGSUSED*/
|
|
static int
|
|
_local_getpw(rv, cb_data, ap)
|
|
void *rv;
|
|
void *cb_data;
|
|
va_list ap;
|
|
{
|
|
DBT key;
|
|
char bf[/*CONSTCOND*/ MAX(MAXLOGNAME, sizeof(_pw_keynum)) + 1];
|
|
uid_t uid;
|
|
int search, len, rval;
|
|
const char *name;
|
|
|
|
if (!_pw_db && !__initdb())
|
|
return NS_UNAVAIL;
|
|
|
|
search = va_arg(ap, int);
|
|
bf[0] = search;
|
|
switch (search) {
|
|
case _PW_KEYBYNUM:
|
|
if (_pw_keynum == -1)
|
|
return NS_NOTFOUND; /* no more local records */
|
|
++_pw_keynum;
|
|
memmove(bf + 1, &_pw_keynum, sizeof(_pw_keynum));
|
|
key.size = sizeof(_pw_keynum) + 1;
|
|
break;
|
|
case _PW_KEYBYNAME:
|
|
name = va_arg(ap, const char *);
|
|
len = strlen(name);
|
|
memmove(bf + 1, name, (size_t)MIN(len, MAXLOGNAME));
|
|
key.size = len + 1;
|
|
break;
|
|
case _PW_KEYBYUID:
|
|
uid = va_arg(ap, uid_t);
|
|
memmove(bf + 1, &uid, sizeof(len));
|
|
key.size = sizeof(uid) + 1;
|
|
break;
|
|
default:
|
|
abort();
|
|
}
|
|
|
|
key.data = (u_char *)bf;
|
|
rval = __hashpw(&key);
|
|
if (rval == NS_NOTFOUND && search == _PW_KEYBYNUM)
|
|
_pw_keynum = -1; /* flag `no more local records' */
|
|
|
|
if (!_pw_stayopen && (search != _PW_KEYBYNUM)) {
|
|
(void)(_pw_db->close)(_pw_db);
|
|
_pw_db = (DB *)NULL;
|
|
}
|
|
return (rval);
|
|
}
|
|
|
|
#ifdef HESIOD
|
|
/*
|
|
* hesiod implementation of getpw*()
|
|
* varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ]
|
|
*/
|
|
static int _dns_getpw __P((void *, void *, va_list));
|
|
|
|
/*ARGSUSED*/
|
|
static int
|
|
_dns_getpw(rv, cb_data, ap)
|
|
void *rv;
|
|
void *cb_data;
|
|
va_list ap;
|
|
{
|
|
const char *name;
|
|
uid_t uid;
|
|
int search;
|
|
|
|
const char *map;
|
|
char **hp;
|
|
void *context;
|
|
int r;
|
|
|
|
search = va_arg(ap, int);
|
|
nextdnsbynum:
|
|
switch (search) {
|
|
case _PW_KEYBYNUM:
|
|
if (_pw_hesnum == -1)
|
|
return NS_NOTFOUND; /* no more hesiod records */
|
|
snprintf(line, sizeof(line) - 1, "passwd-%u", _pw_hesnum);
|
|
_pw_hesnum++;
|
|
map = "passwd";
|
|
break;
|
|
case _PW_KEYBYNAME:
|
|
name = va_arg(ap, const char *);
|
|
strncpy(line, name, sizeof(line));
|
|
map = "passwd";
|
|
break;
|
|
case _PW_KEYBYUID:
|
|
uid = va_arg(ap, uid_t);
|
|
snprintf(line, sizeof(line), "%u", (unsigned int)uid);
|
|
map = "uid"; /* XXX this is `passwd' on ultrix */
|
|
break;
|
|
default:
|
|
abort();
|
|
}
|
|
line[sizeof(line) - 1] = '\0';
|
|
|
|
r = NS_UNAVAIL;
|
|
if (hesiod_init(&context) == -1)
|
|
return (r);
|
|
|
|
hp = hesiod_resolve(context, line, map);
|
|
if (hp == NULL) {
|
|
if (errno == ENOENT) {
|
|
/* flag `no more hesiod records' */
|
|
if (search == _PW_KEYBYNUM)
|
|
_pw_hesnum = -1;
|
|
r = NS_NOTFOUND;
|
|
}
|
|
goto cleanup_dns_getpw;
|
|
}
|
|
|
|
strncpy(line, hp[0], sizeof(line)); /* only check first elem */
|
|
line[sizeof(line) - 1] = '\0';
|
|
hesiod_free_list(context, hp);
|
|
if (__pwparse(&_pw_passwd, line)) {
|
|
if (search == _PW_KEYBYNUM)
|
|
goto nextdnsbynum; /* skip dogdy entries */
|
|
r = NS_UNAVAIL;
|
|
} else
|
|
r = NS_SUCCESS;
|
|
cleanup_dns_getpw:
|
|
hesiod_end(context);
|
|
return (r);
|
|
}
|
|
#endif
|
|
|
|
#ifdef YP
|
|
/*
|
|
* nis implementation of getpw*()
|
|
* varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ]
|
|
*/
|
|
static int _nis_getpw __P((void *, void *, va_list));
|
|
|
|
/*ARGSUSED*/
|
|
static int
|
|
_nis_getpw(rv, cb_data, ap)
|
|
void *rv;
|
|
void *cb_data;
|
|
va_list ap;
|
|
{
|
|
const char *name;
|
|
uid_t uid;
|
|
int search;
|
|
char *key, *data;
|
|
char *map;
|
|
int keylen, datalen, r, rval;
|
|
|
|
if(__ypdomain == NULL) {
|
|
if(_yp_check(&__ypdomain) == 0)
|
|
return NS_UNAVAIL;
|
|
}
|
|
|
|
map = PASSWD_BYNAME;
|
|
search = va_arg(ap, int);
|
|
switch (search) {
|
|
case _PW_KEYBYNUM:
|
|
break;
|
|
case _PW_KEYBYNAME:
|
|
name = va_arg(ap, const char *);
|
|
strncpy(line, name, sizeof(line));
|
|
break;
|
|
case _PW_KEYBYUID:
|
|
uid = va_arg(ap, uid_t);
|
|
snprintf(line, sizeof(line), "%u", (unsigned int)uid);
|
|
map = PASSWD_BYUID;
|
|
break;
|
|
default:
|
|
abort();
|
|
}
|
|
line[sizeof(line) - 1] = '\0';
|
|
rval = NS_UNAVAIL;
|
|
if (search != _PW_KEYBYNUM) {
|
|
data = NULL;
|
|
r = yp_match(__ypdomain, map, line, (int)strlen(line),
|
|
&data, &datalen);
|
|
if (r == YPERR_KEY)
|
|
rval = NS_NOTFOUND;
|
|
if (r != 0) {
|
|
if (data)
|
|
free(data);
|
|
return (rval);
|
|
}
|
|
data[datalen] = '\0'; /* clear trailing \n */
|
|
strncpy(line, data, sizeof(line));
|
|
line[sizeof(line) - 1] = '\0';
|
|
free(data);
|
|
if (__pwparse(&_pw_passwd, line))
|
|
return NS_UNAVAIL;
|
|
return NS_SUCCESS;
|
|
}
|
|
|
|
if (_pw_ypdone)
|
|
return NS_NOTFOUND;
|
|
for (;;) {
|
|
data = key = NULL;
|
|
if (__ypcurrent) {
|
|
r = yp_next(__ypdomain, map,
|
|
__ypcurrent, __ypcurrentlen,
|
|
&key, &keylen, &data, &datalen);
|
|
free(__ypcurrent);
|
|
switch (r) {
|
|
case 0:
|
|
__ypcurrent = key;
|
|
__ypcurrentlen = keylen;
|
|
break;
|
|
case YPERR_NOMORE:
|
|
__ypcurrent = NULL;
|
|
/* flag `no more yp records' */
|
|
_pw_ypdone = 1;
|
|
rval = NS_NOTFOUND;
|
|
}
|
|
} else {
|
|
r = yp_first(__ypdomain, map, &__ypcurrent,
|
|
&__ypcurrentlen, &data, &datalen);
|
|
}
|
|
if (r != 0) {
|
|
if (key)
|
|
free(key);
|
|
if (data)
|
|
free(data);
|
|
return (rval);
|
|
}
|
|
data[datalen] = '\0'; /* clear trailing \n */
|
|
strncpy(line, data, sizeof(line));
|
|
line[sizeof(line) - 1] = '\0';
|
|
free(data);
|
|
if (! __pwparse(&_pw_passwd, line))
|
|
return NS_SUCCESS;
|
|
}
|
|
/* NOTREACHED */
|
|
} /* _nis_getpw */
|
|
#endif
|
|
|
|
#ifdef _PASSWD_COMPAT
|
|
/*
|
|
* See if the compat token is in the database. Only works if pwd_mkdb knows
|
|
* about the token.
|
|
*/
|
|
static int __has_compatpw __P((void));
|
|
|
|
static int
|
|
__has_compatpw()
|
|
{
|
|
DBT key, data;
|
|
DBT pkey, pdata;
|
|
char bf[MAXLOGNAME];
|
|
u_char cyp[] = { _PW_KEYYPENABLED };
|
|
|
|
/*LINTED*/
|
|
key.data = cyp;
|
|
key.size = 1;
|
|
|
|
/* Pre-token database support. */
|
|
bf[0] = _PW_KEYBYNAME;
|
|
bf[1] = '+';
|
|
pkey.data = (u_char *)bf;
|
|
pkey.size = 2;
|
|
|
|
if ((_pw_db->get)(_pw_db, &key, &data, 0)
|
|
&& (_pw_db->get)(_pw_db, &pkey, &pdata, 0))
|
|
return 0; /* No compat token */
|
|
return 1;
|
|
}
|
|
|
|
/*
|
|
* log an error if "files" or "compat" is specified in passwd_compat database
|
|
*/
|
|
static int _bad_getpw __P((void *, void *, va_list));
|
|
|
|
/*ARGSUSED*/
|
|
static int
|
|
_bad_getpw(rv, cb_data, ap)
|
|
void *rv;
|
|
void *cb_data;
|
|
va_list ap;
|
|
{
|
|
static int warned;
|
|
if (!warned) {
|
|
syslog(LOG_ERR,
|
|
"nsswitch.conf passwd_compat database can't use '%s'",
|
|
(char *)cb_data);
|
|
}
|
|
warned = 1;
|
|
return NS_UNAVAIL;
|
|
}
|
|
|
|
/*
|
|
* when a name lookup in compat mode is required (e.g., '+name', or a name in
|
|
* '+@netgroup'), look it up in the 'passwd_compat' nsswitch database.
|
|
* only Hesiod and NIS is supported - it doesn't make sense to lookup
|
|
* compat names from 'files' or 'compat'.
|
|
*/
|
|
static int __getpwcompat __P((int, uid_t, const char *));
|
|
|
|
static int
|
|
__getpwcompat(type, uid, name)
|
|
int type;
|
|
uid_t uid;
|
|
const char *name;
|
|
{
|
|
static const ns_dtab dtab[] = {
|
|
NS_FILES_CB(_bad_getpw, "files")
|
|
NS_DNS_CB(_dns_getpw, NULL)
|
|
NS_NIS_CB(_nis_getpw, NULL)
|
|
NS_COMPAT_CB(_bad_getpw, "compat")
|
|
{ 0 }
|
|
};
|
|
static const ns_src defaultnis[] = {
|
|
{ NSSRC_NIS, NS_SUCCESS },
|
|
{ 0 }
|
|
};
|
|
|
|
switch (type) {
|
|
case _PW_KEYBYNUM:
|
|
return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "getpwcompat",
|
|
defaultnis, type);
|
|
case _PW_KEYBYNAME:
|
|
return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "getpwcompat",
|
|
defaultnis, type, name);
|
|
case _PW_KEYBYUID:
|
|
return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "getpwcompat",
|
|
defaultnis, type, uid);
|
|
default:
|
|
abort();
|
|
/*NOTREACHED*/
|
|
}
|
|
}
|
|
#endif /* _PASSWD_COMPAT */
|
|
|
|
/*
|
|
* compat implementation of getpwent()
|
|
* varargs (ignored):
|
|
* type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ]
|
|
*/
|
|
static int _compat_getpwent __P((void *, void *, va_list));
|
|
|
|
/*ARGSUSED*/
|
|
static int
|
|
_compat_getpwent(rv, cb_data, ap)
|
|
void *rv;
|
|
void *cb_data;
|
|
va_list ap;
|
|
{
|
|
DBT key;
|
|
int rval;
|
|
char bf[sizeof(_pw_keynum) + 1];
|
|
#ifdef _PASSWD_COMPAT
|
|
static char *name = NULL;
|
|
char *user, *host, *dom;
|
|
int has_compatpw;
|
|
#endif
|
|
|
|
if (!_pw_db && !__initdb())
|
|
return NS_UNAVAIL;
|
|
|
|
#ifdef _PASSWD_COMPAT
|
|
has_compatpw = __has_compatpw();
|
|
|
|
again:
|
|
if (has_compatpw && (__pwmode != PWMODE_NONE)) {
|
|
int r;
|
|
|
|
switch (__pwmode) {
|
|
case PWMODE_FULL:
|
|
r = __getpwcompat(_PW_KEYBYNUM, 0, NULL);
|
|
if (r == NS_SUCCESS)
|
|
return r;
|
|
__pwmode = PWMODE_NONE;
|
|
break;
|
|
|
|
case PWMODE_NETGRP:
|
|
r = getnetgrent(&host, &user, &dom);
|
|
if (r == 0) { /* end of group */
|
|
endnetgrent();
|
|
__pwmode = PWMODE_NONE;
|
|
break;
|
|
}
|
|
if (!user || !*user)
|
|
break;
|
|
r = __getpwcompat(_PW_KEYBYNAME, 0, user);
|
|
if (r == NS_SUCCESS)
|
|
return r;
|
|
break;
|
|
|
|
case PWMODE_USER:
|
|
if (name == NULL) {
|
|
__pwmode = PWMODE_NONE;
|
|
break;
|
|
}
|
|
r = __getpwcompat(_PW_KEYBYNAME, 0, name);
|
|
free(name);
|
|
name = NULL;
|
|
if (r == NS_SUCCESS)
|
|
return r;
|
|
break;
|
|
|
|
case PWMODE_NONE:
|
|
abort();
|
|
}
|
|
goto again;
|
|
}
|
|
#endif
|
|
|
|
if (_pw_keynum == -1)
|
|
return NS_NOTFOUND; /* no more local records */
|
|
++_pw_keynum;
|
|
bf[0] = _PW_KEYBYNUM;
|
|
memmove(bf + 1, &_pw_keynum, sizeof(_pw_keynum));
|
|
key.data = (u_char *)bf;
|
|
key.size = sizeof(_pw_keynum) + 1;
|
|
rval = __hashpw(&key);
|
|
if (rval == NS_NOTFOUND)
|
|
_pw_keynum = -1; /* flag `no more local records' */
|
|
else if (rval == NS_SUCCESS) {
|
|
#ifdef _PASSWD_COMPAT
|
|
/* if we don't have YP at all, don't bother. */
|
|
if (has_compatpw) {
|
|
if(_pw_passwd.pw_name[0] == '+') {
|
|
/* set the mode */
|
|
switch(_pw_passwd.pw_name[1]) {
|
|
case '\0':
|
|
__pwmode = PWMODE_FULL;
|
|
break;
|
|
case '@':
|
|
__pwmode = PWMODE_NETGRP;
|
|
setnetgrent(_pw_passwd.pw_name + 2);
|
|
break;
|
|
default:
|
|
__pwmode = PWMODE_USER;
|
|
name = strdup(_pw_passwd.pw_name + 1);
|
|
break;
|
|
}
|
|
|
|
/* save the prototype */
|
|
__pwproto_set();
|
|
goto again;
|
|
} else if(_pw_passwd.pw_name[0] == '-') {
|
|
/* an attempted exclusion */
|
|
switch(_pw_passwd.pw_name[1]) {
|
|
case '\0':
|
|
break;
|
|
case '@':
|
|
setnetgrent(_pw_passwd.pw_name + 2);
|
|
while(getnetgrent(&host, &user, &dom)) {
|
|
if(user && *user)
|
|
__pwexclude_add(user);
|
|
}
|
|
endnetgrent();
|
|
break;
|
|
default:
|
|
__pwexclude_add(_pw_passwd.pw_name + 1);
|
|
break;
|
|
}
|
|
goto again;
|
|
}
|
|
}
|
|
#endif
|
|
}
|
|
return (rval);
|
|
}
|
|
|
|
/*
|
|
* compat implementation of getpwnam() and getpwuid()
|
|
* varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ]
|
|
*/
|
|
static int _compat_getpw __P((void *, void *, va_list));
|
|
|
|
static int
|
|
_compat_getpw(rv, cb_data, ap)
|
|
void *rv;
|
|
void *cb_data;
|
|
va_list ap;
|
|
{
|
|
#ifdef _PASSWD_COMPAT
|
|
DBT key;
|
|
int search, rval, r, s, keynum;
|
|
uid_t uid;
|
|
char bf[sizeof(keynum) + 1];
|
|
char *name, *host, *user, *dom;
|
|
#endif
|
|
|
|
if (!_pw_db && !__initdb())
|
|
return NS_UNAVAIL;
|
|
|
|
/*
|
|
* If there isn't a compat token in the database, use files.
|
|
*/
|
|
#ifdef _PASSWD_COMPAT
|
|
if (! __has_compatpw())
|
|
#endif
|
|
return (_local_getpw(rv, cb_data, ap));
|
|
|
|
#ifdef _PASSWD_COMPAT
|
|
search = va_arg(ap, int);
|
|
uid = 0;
|
|
name = NULL;
|
|
rval = NS_NOTFOUND;
|
|
switch (search) {
|
|
case _PW_KEYBYNAME:
|
|
name = va_arg(ap, char *);
|
|
break;
|
|
case _PW_KEYBYUID:
|
|
uid = va_arg(ap, uid_t);
|
|
break;
|
|
default:
|
|
abort();
|
|
}
|
|
|
|
for (s = -1, keynum = 1 ; ; keynum++) {
|
|
bf[0] = _PW_KEYBYNUM;
|
|
memmove(bf + 1, &keynum, sizeof(keynum));
|
|
key.data = (u_char *)bf;
|
|
key.size = sizeof(keynum) + 1;
|
|
if(__hashpw(&key) != NS_SUCCESS)
|
|
break;
|
|
switch(_pw_passwd.pw_name[0]) {
|
|
case '+':
|
|
/* save the prototype */
|
|
__pwproto_set();
|
|
|
|
switch(_pw_passwd.pw_name[1]) {
|
|
case '\0':
|
|
r = __getpwcompat(search, uid, name);
|
|
if (r != NS_SUCCESS)
|
|
continue;
|
|
break;
|
|
case '@':
|
|
pwnam_netgrp:
|
|
#if 0 /* XXX: is this a hangover from pre-nsswitch? */
|
|
if(__ypcurrent) {
|
|
free(__ypcurrent);
|
|
__ypcurrent = NULL;
|
|
}
|
|
#endif
|
|
if (s == -1) /* first time */
|
|
setnetgrent(_pw_passwd.pw_name + 2);
|
|
s = getnetgrent(&host, &user, &dom);
|
|
if (s == 0) { /* end of group */
|
|
endnetgrent();
|
|
s = -1;
|
|
continue;
|
|
}
|
|
if (!user || !*user)
|
|
goto pwnam_netgrp;
|
|
|
|
r = __getpwcompat(_PW_KEYBYNAME, 0, user);
|
|
|
|
if (r == NS_UNAVAIL)
|
|
return r;
|
|
if (r == NS_NOTFOUND) {
|
|
/*
|
|
* just because this user is bad
|
|
* it doesn't mean they all are.
|
|
*/
|
|
goto pwnam_netgrp;
|
|
}
|
|
break;
|
|
default:
|
|
user = _pw_passwd.pw_name + 1;
|
|
r = __getpwcompat(_PW_KEYBYNAME, 0, user);
|
|
|
|
if (r == NS_UNAVAIL)
|
|
return r;
|
|
if (r == NS_NOTFOUND)
|
|
continue;
|
|
break;
|
|
}
|
|
if(__pwexclude_is(_pw_passwd.pw_name)) {
|
|
if(s == 1) /* inside netgroup */
|
|
goto pwnam_netgrp;
|
|
continue;
|
|
}
|
|
break;
|
|
case '-':
|
|
/* attempted exclusion */
|
|
switch(_pw_passwd.pw_name[1]) {
|
|
case '\0':
|
|
break;
|
|
case '@':
|
|
setnetgrent(_pw_passwd.pw_name + 2);
|
|
while(getnetgrent(&host, &user, &dom)) {
|
|
if(user && *user)
|
|
__pwexclude_add(user);
|
|
}
|
|
endnetgrent();
|
|
break;
|
|
default:
|
|
__pwexclude_add(_pw_passwd.pw_name + 1);
|
|
break;
|
|
}
|
|
break;
|
|
}
|
|
if ((search == _PW_KEYBYNAME &&
|
|
strcmp(_pw_passwd.pw_name, name) == 0)
|
|
|| (search == _PW_KEYBYUID && _pw_passwd.pw_uid == uid)) {
|
|
rval = NS_SUCCESS;
|
|
break;
|
|
}
|
|
if(s == 1) /* inside netgroup */
|
|
goto pwnam_netgrp;
|
|
continue;
|
|
}
|
|
__pwproto = (struct passwd *)NULL;
|
|
|
|
if (!_pw_stayopen) {
|
|
(void)(_pw_db->close)(_pw_db);
|
|
_pw_db = (DB *)NULL;
|
|
}
|
|
if(__pwexclude != (DB *)NULL) {
|
|
(void)(__pwexclude->close)(__pwexclude);
|
|
__pwexclude = (DB *)NULL;
|
|
}
|
|
return rval;
|
|
#endif /* _PASSWD_COMPAT */
|
|
}
|
|
|
|
struct passwd *
|
|
getpwent()
|
|
{
|
|
int r;
|
|
static const ns_dtab dtab[] = {
|
|
NS_FILES_CB(_local_getpw, NULL)
|
|
NS_DNS_CB(_dns_getpw, NULL)
|
|
NS_NIS_CB(_nis_getpw, NULL)
|
|
NS_COMPAT_CB(_compat_getpwent, NULL)
|
|
{ 0 }
|
|
};
|
|
|
|
r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwent", compatsrc,
|
|
_PW_KEYBYNUM);
|
|
if (r != NS_SUCCESS)
|
|
return (struct passwd *)NULL;
|
|
return &_pw_passwd;
|
|
}
|
|
|
|
struct passwd *
|
|
getpwnam(name)
|
|
const char *name;
|
|
{
|
|
int r;
|
|
static const ns_dtab dtab[] = {
|
|
NS_FILES_CB(_local_getpw, NULL)
|
|
NS_DNS_CB(_dns_getpw, NULL)
|
|
NS_NIS_CB(_nis_getpw, NULL)
|
|
NS_COMPAT_CB(_compat_getpw, NULL)
|
|
{ 0 }
|
|
};
|
|
|
|
if (name == NULL || name[0] == '\0')
|
|
return (struct passwd *)NULL;
|
|
|
|
r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwnam", compatsrc,
|
|
_PW_KEYBYNAME, name);
|
|
return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL);
|
|
}
|
|
|
|
struct passwd *
|
|
getpwuid(uid)
|
|
uid_t uid;
|
|
{
|
|
int r;
|
|
static const ns_dtab dtab[] = {
|
|
NS_FILES_CB(_local_getpw, NULL)
|
|
NS_DNS_CB(_dns_getpw, NULL)
|
|
NS_NIS_CB(_nis_getpw, NULL)
|
|
NS_COMPAT_CB(_compat_getpw, NULL)
|
|
{ 0 }
|
|
};
|
|
|
|
r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwuid", compatsrc,
|
|
_PW_KEYBYUID, uid);
|
|
return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL);
|
|
}
|
|
|
|
int
|
|
setpassent(stayopen)
|
|
int stayopen;
|
|
{
|
|
_pw_keynum = 0;
|
|
_pw_stayopen = stayopen;
|
|
#ifdef YP
|
|
__pwmode = PWMODE_NONE;
|
|
if(__ypcurrent)
|
|
free(__ypcurrent);
|
|
__ypcurrent = NULL;
|
|
_pw_ypdone = 0;
|
|
#endif
|
|
#ifdef HESIOD
|
|
_pw_hesnum = 0;
|
|
#endif
|
|
#ifdef _PASSWD_COMPAT
|
|
if(__pwexclude != (DB *)NULL) {
|
|
(void)(__pwexclude->close)(__pwexclude);
|
|
__pwexclude = (DB *)NULL;
|
|
}
|
|
__pwproto = (struct passwd *)NULL;
|
|
#endif
|
|
return 1;
|
|
}
|
|
|
|
void
|
|
setpwent()
|
|
{
|
|
(void) setpassent(0);
|
|
}
|
|
|
|
void
|
|
endpwent()
|
|
{
|
|
_pw_keynum = 0;
|
|
if (_pw_db) {
|
|
(void)(_pw_db->close)(_pw_db);
|
|
_pw_db = (DB *)NULL;
|
|
}
|
|
#ifdef _PASSWD_COMPAT
|
|
__pwmode = PWMODE_NONE;
|
|
#endif
|
|
#ifdef YP
|
|
if(__ypcurrent)
|
|
free(__ypcurrent);
|
|
__ypcurrent = NULL;
|
|
_pw_ypdone = 0;
|
|
#endif
|
|
#ifdef HESIOD
|
|
_pw_hesnum = 0;
|
|
#endif
|
|
#ifdef _PASSWD_COMPAT
|
|
if(__pwexclude != (DB *)NULL) {
|
|
(void)(__pwexclude->close)(__pwexclude);
|
|
__pwexclude = (DB *)NULL;
|
|
}
|
|
__pwproto = (struct passwd *)NULL;
|
|
#endif
|
|
}
|
|
|
|
static int
|
|
__initdb()
|
|
{
|
|
static int warned;
|
|
char *p;
|
|
|
|
#ifdef _PASSWD_COMPAT
|
|
__pwmode = PWMODE_NONE;
|
|
#endif
|
|
if (geteuid() == 0) {
|
|
_pw_db = dbopen((p = _PATH_SMP_DB), O_RDONLY, 0, DB_HASH, NULL);
|
|
if (_pw_db)
|
|
return(1);
|
|
}
|
|
_pw_db = dbopen((p = _PATH_MP_DB), O_RDONLY, 0, DB_HASH, NULL);
|
|
if (_pw_db)
|
|
return 1;
|
|
if (!warned)
|
|
syslog(LOG_ERR, "%s: %m", p);
|
|
warned = 1;
|
|
return 0;
|
|
}
|
|
|
|
static int
|
|
__hashpw(key)
|
|
DBT *key;
|
|
{
|
|
char *p, *t;
|
|
static u_int max;
|
|
static char *buf;
|
|
DBT data;
|
|
|
|
switch ((_pw_db->get)(_pw_db, key, &data, 0)) {
|
|
case 0:
|
|
break; /* found */
|
|
case 1:
|
|
return NS_NOTFOUND;
|
|
case -1:
|
|
return NS_UNAVAIL; /* error in db routines */
|
|
default:
|
|
abort();
|
|
}
|
|
|
|
p = (char *)data.data;
|
|
if (data.size > max && !(buf = realloc(buf, (max += 1024))))
|
|
return NS_UNAVAIL;
|
|
|
|
/* THIS CODE MUST MATCH THAT IN pwd_mkdb. */
|
|
t = buf;
|
|
#define EXPAND(e) e = t; while ((*t++ = *p++));
|
|
#define SCALAR(v) memmove(&(v), p, sizeof v); p += sizeof v
|
|
EXPAND(_pw_passwd.pw_name);
|
|
EXPAND(_pw_passwd.pw_passwd);
|
|
SCALAR(_pw_passwd.pw_uid);
|
|
SCALAR(_pw_passwd.pw_gid);
|
|
SCALAR(_pw_passwd.pw_change);
|
|
EXPAND(_pw_passwd.pw_class);
|
|
EXPAND(_pw_passwd.pw_gecos);
|
|
EXPAND(_pw_passwd.pw_dir);
|
|
EXPAND(_pw_passwd.pw_shell);
|
|
SCALAR(_pw_passwd.pw_expire);
|
|
SCALAR(_pw_passwd.pw_fields);
|
|
|
|
return NS_SUCCESS;
|
|
}
|