getpwent(3) or getpwuid(3) when using NIS adjunct maps. The bug was
present in the internal `nis_passwd' function. The lookup in the
adjunct map used the name passed into `nis_passwd', however no name
was of course supplied by getpwent or getpwuid. Correctly use the
name from the `struct pwd' that was found instead.
PR: bin/59962
Submitted by: Gabriel Gomez <ggomez@fing.edu.uy>
don't probe the server at all for passwd.by* maps. This fixes
interoperability with the Services For UNIX NIS server (which is
really a front end to Captive^WActiveDirectory). This server
incorrectly returns success for all YPPROC_MASTER requests,
even for maps that don't exist, which makes it impossible to
(ab)use it to probe for the existence of the master.passwd.by*
maps.
This is a little kludgey, but basically restores the original
behavior of getpwent.c as it is in -stable, and works around both
the lack of YPPROC_ORDER on NIS+ servers as well as the broken
YPPROC_MASTER on Services For UNIX servers.
technique) so that we don't wind up calling into an application's
version if the application defines them.
Inspired by: qpopper's interfering and buggy version of strlcpy
setgrent, and endgrent also. (The previous NSS implementation used to
simply twiddle the internal data of the various modules directly.)
A symptom (group list set incorrectly in sshd) was
Reported by: Glenn Johnson <gjohnson@srrc.ars.usda.gov>
Sponsored by: DARPA, Network Associates Laboratories
idea to re-initialize `struct passwd', because e.g. pw_class might
get set by one module, but not by another. Add another call to the
internal pwd_init function to accomplish this.
Sponsored by: DARPA, Network Associates Laboratories
privileges. To do so may cause the NIS server to log spurious and
annoying `access denied' messages.
Reported by: Philip Paeps <philip@paeps.cx>
Sponsored by: DARPA, Network Associates Laboratories
string was an incredibly dumb idea (of course it will be changed by an
NSS module on success!). Use a static empty string instead.
Sponsored by: DARPA, Network Associates Laboratories
may not fill in all fields, and in the case of string fields, this could
cause trouble for applications. (The only likely example is `pw_class',
because this field is not used by all modules in all cases.)
Move initialization of struct passwd from module-specific code to the
dispatch code.
The problem of a NULL pw_class was
Noticed by: Philip Paeps <philip@paeps.cx>
and the c^Htrusty ssh(1) command.
Déjà vu by: getpwent.c revision 1.56
Sponsored by: DARPA, Network Associates Laboratories
at least one consumer outside of libc and pwd_mkdb.
Adjust the versioning in libc and pwd_mkdb accordingly.
named was the application affected, and that fact was first
Reported by: Zherdev Anatoly <tolyar@mx.ru>
Sponsored by: DARPA, Network Associates Laboratories
family of functions using the new nsdispatch(3) core. Remove
arbitrary size limits when using the thread-safe versions.
= Re-implement the traditional getpwent(3)/getgrent(3) functions on
top of the thread-safe versions.
= Update the on-disk format of the hashed version of the passwd(5)
databases to allow for versioned entries. The legacy version is
`3'. (Don't ask.)
= Add support for version `4' entries in the passwd(5) database.
Entries in this format are identical to version 3 entries except
that all integers are stored as 32-bit integers in network byte
order (big endian).
= pwd_mkdb is updated to generate both version 3 and version 4
entries.
Sponsored by: DARPA, Network Associates Laboratories
Only warnings that could be fixed without changing the generated object
code and without restructuring the source code have been handled.
Reviewed by: /sbin/md5
commit.
Fixed related style bugs:
basename.c: misplaced '#if 0'
dirname.c: misplaced '#if 0'
getgrent.c: missing '#if 0', and tab lossage in vendor id (the previous
commit fixed the complete corruption of the vendor id but
lost a tab)
getpwent.c: missing '#if 0'
since that is what we use now and this insulates us from any time_t
tweaks here. We can define a record format that uses 64 bit times if/when
we need to.
adding (weak definitions to) stubs for some of the pthread
functions. If the threads library is linked in, the real
pthread functions will pulled in.
Use the following convention for system calls wrapped by the
threads library:
__sys_foo - actual system call
_foo - weak definition to __sys_foo
foo - weak definition to __sys_foo
Change all libc uses of system calls wrapped by the threads
library from foo to _foo. In order to define the prototypes
for _foo(), we introduce namespace.h and un-namespace.h
(suggested by bde). All files that need to reference these
system calls, should include namespace.h before any standard
includes, then include un-namespace.h after the standard
includes and before any local includes. <db.h> is an exception
and shouldn't be included in between namespace.h and
un-namespace.h namespace.h will define foo to _foo, and
un-namespace.h will undefine foo.
Try to eliminate some of the recursive calls to MT-safe
functions in libc/stdio in preparation for adding a mutex
to FILE. We have recursive mutexes, but would like to avoid
using them if possible.
Remove uneeded includes of <errno.h> from a few files.
Add $FreeBSD$ to a few files in order to pass commitprep.
Approved by: -arch
configure FreeBSD so that various databases such as passwd and group can be
looked up using flat files, NIS, or Hesiod.
= Hesiod has been added to libc (see hesiod(3)).
= A library routine for parsing nsswitch.conf and invoking callback
functions as specified has been added to libc (see nsdispatch(3)).
= The following C library functions have been modified to use nsdispatch:
. getgrent, getgrnam, getgrgid
. getpwent, getpwnam, getpwuid
. getusershell
. getaddrinfo
. gethostbyname, gethostbyname2, gethostbyaddr
. getnetbyname, getnetbyaddr
. getipnodebyname, getipnodebyaddr, getnodebyname, getnodebyaddr
= host.conf has been removed from src/etc. rc.network has been modified
to warn that host.conf is no longer used at boot time. In addition, if
there is a host.conf but no nsswitch.conf, the latter is created at boot
time from the former.
Obtained from: NetBSD
next try over chroot (descriptor closed). getgrnam() used already handles
endgrent() properly and honors _gr_stayopen. Automatically call
setgroupent(1) when _pw_stayopen is set (for YP/NIS code).
In some cases replace if (a == null) a = malloc(x); else a =
realloc(a, x); with simple reallocf(a, x). Per ANSI-C, this is
guaranteed to be the same thing.
I've been running these on my system here w/o ill effects for some
time. However, the CTM-express is at part 6 of 34 for the CAM
changes, so I've not been able to do a build world with the CAM in the
tree with these changes. Shouldn't impact anything, but...
plain 0 should be used. This happens to work because we #define
NULL to 0, but is stylistically wrong and can cause problems
for people trying to port bits of code to other environments.
PR: 2752
Submitted by: Arne Henrik Juul <arnej@imf.unit.no>
style and b) the wrong logic. Should be strstr(s, "##") != NULL. (Note
that the passwd.adjunct stuff has not been merged into 2.2 so this bug
is not in that branch.)
- getpwent:
o adjunctbuf should be NUL terminated after copying
o _pw_breakout_yp() needs to know the length of the buffer returned
from YP so it can properly NUL terminate its local buffer.
- getgrent:
o YP buffers should be YPMAXRECORD + 2 bytes long and NUL terminated.
(Previously they were hardcoded to 1024 bytes.)
- getnetgrent:
o YP data should be copied with snprintf(), not sprintf()
These are 2.2 candidates. I will wait a few days to make sure these don't
break anything and then, if there are no objections, move them to the 2.2
branch.
NIS map which is present on SunOS NIS servers with the SunOS C2 security
hack^Woption installed. I'm convinced that the C2 security option restricts
access to the passwd.adjunct.byname map in the same way that I restrict
access to the master.passwd.{byname,buid} maps (checking for reserved ports),
which means that we should be able to handle passwd.adjunct.byname map
correctly.
If _havemaster() doesn't find a master.passwd.byname map, it will now
test for a passwd.adjunct.byname map before defaulting back to the
standard non-shadowed passwd.{byname,byuid} maps. If _pw_breakout_yp()
sees that the adjunct map was found and the password from the standard
maps starts with ##, it will try to grab the correct password field
from the adjunct map. As with the master.passwd maps, this only happens
if the caller is root, so the shadowing feature is preserved; non-root
users just get back ##username as the encrypted password.
Note that all we do is grab the second field from the passwd.adjunct.byname
entry, which is designated to be the real encrypted password. There are
other auditing fields in the entry but they aren't of much use to us.
Also switched back to using yp_order() to probe for the maps (instead
of yp_first()). The original problem with yp_order() was that it barfed
with NIS+ servers in YP compat mode since they don't support the
YPPROC_ORDER procedure. This condition is handled a bit more gracefully
in yplib now: we can detect the error and just punt on the probing.
