getpwent.c revision 1.14.4.1
1 1.14.4.1 jtc /* $NetBSD: getpwent.c,v 1.14.4.1 1996/09/16 18:40:27 jtc Exp $ */ 2 1.12 cgd 3 1.1 cgd /* 4 1.12 cgd * Copyright (c) 1988, 1993 5 1.12 cgd * The Regents of the University of California. All rights reserved. 6 1.14 phil * Portions Copyright (c) 1994, 1995, Jason Downs. All rights reserved. 7 1.1 cgd * 8 1.1 cgd * Redistribution and use in source and binary forms, with or without 9 1.1 cgd * modification, are permitted provided that the following conditions 10 1.1 cgd * are met: 11 1.1 cgd * 1. Redistributions of source code must retain the above copyright 12 1.1 cgd * notice, this list of conditions and the following disclaimer. 13 1.1 cgd * 2. Redistributions in binary form must reproduce the above copyright 14 1.1 cgd * notice, this list of conditions and the following disclaimer in the 15 1.1 cgd * documentation and/or other materials provided with the distribution. 16 1.1 cgd * 3. All advertising materials mentioning features or use of this software 17 1.1 cgd * must display the following acknowledgement: 18 1.1 cgd * This product includes software developed by the University of 19 1.1 cgd * California, Berkeley and its contributors. 20 1.1 cgd * 4. Neither the name of the University nor the names of its contributors 21 1.1 cgd * may be used to endorse or promote products derived from this software 22 1.1 cgd * without specific prior written permission. 23 1.1 cgd * 24 1.1 cgd * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 1.1 cgd * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 1.1 cgd * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 1.1 cgd * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 1.1 cgd * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 1.1 cgd * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 1.1 cgd * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 1.1 cgd * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 1.1 cgd * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 1.1 cgd * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 1.1 cgd * SUCH DAMAGE. 35 1.1 cgd */ 36 1.1 cgd 37 1.1 cgd #if defined(LIBC_SCCS) && !defined(lint) 38 1.12 cgd #if 0 39 1.12 cgd static char sccsid[] = "@(#)getpwent.c 8.1 (Berkeley) 6/4/93"; 40 1.12 cgd #else 41 1.14.4.1 jtc static char rcsid[] = "$NetBSD: getpwent.c,v 1.14.4.1 1996/09/16 18:40:27 jtc Exp $"; 42 1.12 cgd #endif 43 1.1 cgd #endif /* LIBC_SCCS and not lint */ 44 1.1 cgd 45 1.14.4.1 jtc #include "namespace.h" 46 1.1 cgd #include <sys/param.h> 47 1.1 cgd #include <fcntl.h> 48 1.1 cgd #include <db.h> 49 1.1 cgd #include <syslog.h> 50 1.1 cgd #include <pwd.h> 51 1.1 cgd #include <utmp.h> 52 1.1 cgd #include <errno.h> 53 1.1 cgd #include <unistd.h> 54 1.1 cgd #include <stdlib.h> 55 1.1 cgd #include <string.h> 56 1.1 cgd #include <limits.h> 57 1.14 phil #include <netgroup.h> 58 1.4 deraadt #ifdef YP 59 1.14 phil #include <machine/param.h> 60 1.4 deraadt #include <stdio.h> 61 1.4 deraadt #include <rpc/rpc.h> 62 1.4 deraadt #include <rpcsvc/yp_prot.h> 63 1.4 deraadt #include <rpcsvc/ypclnt.h> 64 1.4 deraadt #endif 65 1.1 cgd 66 1.1 cgd static struct passwd _pw_passwd; /* password structure */ 67 1.1 cgd static DB *_pw_db; /* password database */ 68 1.1 cgd static int _pw_keynum; /* key counter */ 69 1.1 cgd static int _pw_stayopen; /* keep fd's open */ 70 1.14 phil static int _pw_flags; /* password flags */ 71 1.14 phil static int __hashpw __P((DBT *)); 72 1.14 phil static int __initdb __P((void)); 73 1.14 phil 74 1.14 phil const char __yp_token[] = "__YP!"; /* Let pwd_mkdb pull this in. */ 75 1.1 cgd 76 1.4 deraadt #ifdef YP 77 1.14 phil enum _ypmode { YPMODE_NONE, YPMODE_FULL, YPMODE_USER, YPMODE_NETGRP }; 78 1.14 phil static enum _ypmode __ypmode; 79 1.14 phil 80 1.4 deraadt static char *__ypcurrent, *__ypdomain; 81 1.14 phil static int __ypcurrentlen; 82 1.14 phil static struct passwd *__ypproto = (struct passwd *)NULL; 83 1.14 phil static int __ypflags; 84 1.4 deraadt static char line[1024]; 85 1.14 phil static long prbuf[1024 / sizeof(long)]; 86 1.14 phil static DB *__ypexclude = (DB *)NULL; 87 1.14 phil 88 1.14 phil static int __has_yppw __P((void)); 89 1.14 phil static int __ypexclude_add __P((const char *)); 90 1.14 phil static int __ypexclude_is __P((const char *)); 91 1.14 phil static void __ypproto_set __P((void)); 92 1.14 phil 93 1.14 phil static int 94 1.14 phil __ypexclude_add(name) 95 1.14 phil const char *name; 96 1.14 phil { 97 1.14 phil DBT key, data; 98 1.14 phil 99 1.14 phil /* initialize the exclusion table if needed. */ 100 1.14 phil if(__ypexclude == (DB *)NULL) { 101 1.14 phil __ypexclude = dbopen(NULL, O_RDWR, 600, DB_HASH, NULL); 102 1.14 phil if(__ypexclude == (DB *)NULL) 103 1.14 phil return(1); 104 1.14 phil } 105 1.14 phil 106 1.14 phil /* set up the key */ 107 1.14 phil key.data = (char *)name; 108 1.14 phil key.size = strlen(name); 109 1.14 phil 110 1.14 phil /* data is nothing. */ 111 1.14 phil data.data = NULL; 112 1.14 phil data.size = 0; 113 1.14 phil 114 1.14 phil /* store it */ 115 1.14 phil if((__ypexclude->put)(__ypexclude, &key, &data, 0) == -1) 116 1.14 phil return(1); 117 1.14 phil 118 1.14 phil return(0); 119 1.14 phil } 120 1.14 phil 121 1.14 phil static int 122 1.14 phil __ypexclude_is(name) 123 1.14 phil const char *name; 124 1.14 phil { 125 1.14 phil DBT key, data; 126 1.14 phil 127 1.14 phil if(__ypexclude == (DB *)NULL) 128 1.14 phil return(0); /* nothing excluded */ 129 1.14 phil 130 1.14 phil /* set up the key */ 131 1.14 phil key.data = (char *)name; 132 1.14 phil key.size = strlen(name); 133 1.14 phil 134 1.14 phil if((__ypexclude->get)(__ypexclude, &key, &data, 0) == 0) 135 1.14 phil return(1); /* excluded */ 136 1.14 phil 137 1.14 phil return(0); 138 1.14 phil } 139 1.14 phil 140 1.14 phil static void 141 1.14 phil __ypproto_set() 142 1.14 phil { 143 1.14 phil register char *ptr; 144 1.14 phil register struct passwd *pw = &_pw_passwd; 145 1.14 phil 146 1.14 phil /* make this the new prototype */ 147 1.14 phil ptr = (char *)prbuf; 148 1.14 phil 149 1.14 phil /* first allocate the struct. */ 150 1.14 phil __ypproto = (struct passwd *)ptr; 151 1.14 phil ptr += sizeof(struct passwd); 152 1.14 phil 153 1.14 phil /* name */ 154 1.14 phil if(pw->pw_name && (pw->pw_name)[0]) { 155 1.14 phil ptr = (char *)ALIGN(ptr); 156 1.14 phil bcopy(pw->pw_name, ptr, strlen(pw->pw_name) + 1); 157 1.14 phil __ypproto->pw_name = ptr; 158 1.14 phil ptr += (strlen(pw->pw_name) + 1); 159 1.14 phil } else 160 1.14 phil __ypproto->pw_name = (char *)NULL; 161 1.14 phil 162 1.14 phil /* password */ 163 1.14 phil if(pw->pw_passwd && (pw->pw_passwd)[0]) { 164 1.14 phil ptr = (char *)ALIGN(ptr); 165 1.14 phil bcopy(pw->pw_passwd, ptr, strlen(pw->pw_passwd) + 1); 166 1.14 phil __ypproto->pw_passwd = ptr; 167 1.14 phil ptr += (strlen(pw->pw_passwd) + 1); 168 1.14 phil } else 169 1.14 phil __ypproto->pw_passwd = (char *)NULL; 170 1.14 phil 171 1.14 phil /* uid */ 172 1.14 phil __ypproto->pw_uid = pw->pw_uid; 173 1.14 phil 174 1.14 phil /* gid */ 175 1.14 phil __ypproto->pw_gid = pw->pw_gid; 176 1.14 phil 177 1.14 phil /* change (ignored anyway) */ 178 1.14 phil __ypproto->pw_change = pw->pw_change; 179 1.14 phil 180 1.14 phil /* class (ignored anyway) */ 181 1.14 phil __ypproto->pw_class = ""; 182 1.14 phil 183 1.14 phil /* gecos */ 184 1.14 phil if(pw->pw_gecos && (pw->pw_gecos)[0]) { 185 1.14 phil ptr = (char *)ALIGN(ptr); 186 1.14 phil bcopy(pw->pw_gecos, ptr, strlen(pw->pw_gecos) + 1); 187 1.14 phil __ypproto->pw_gecos = ptr; 188 1.14 phil ptr += (strlen(pw->pw_gecos) + 1); 189 1.14 phil } else 190 1.14 phil __ypproto->pw_gecos = (char *)NULL; 191 1.14 phil 192 1.14 phil /* dir */ 193 1.14 phil if(pw->pw_dir && (pw->pw_dir)[0]) { 194 1.14 phil ptr = (char *)ALIGN(ptr); 195 1.14 phil bcopy(pw->pw_dir, ptr, strlen(pw->pw_dir) + 1); 196 1.14 phil __ypproto->pw_dir = ptr; 197 1.14 phil ptr += (strlen(pw->pw_dir) + 1); 198 1.14 phil } else 199 1.14 phil __ypproto->pw_dir = (char *)NULL; 200 1.14 phil 201 1.14 phil /* shell */ 202 1.14 phil if(pw->pw_shell && (pw->pw_shell)[0]) { 203 1.14 phil ptr = (char *)ALIGN(ptr); 204 1.14 phil bcopy(pw->pw_shell, ptr, strlen(pw->pw_shell) + 1); 205 1.14 phil __ypproto->pw_shell = ptr; 206 1.14 phil ptr += (strlen(pw->pw_shell) + 1); 207 1.14 phil } else 208 1.14 phil __ypproto->pw_shell = (char *)NULL; 209 1.14 phil 210 1.14 phil /* expire (ignored anyway) */ 211 1.14 phil __ypproto->pw_expire = pw->pw_expire; 212 1.14 phil 213 1.14 phil /* flags */ 214 1.14 phil __ypflags = _pw_flags; 215 1.14 phil } 216 1.4 deraadt 217 1.5 deraadt static int 218 1.5 deraadt __ypparse(pw, s) 219 1.4 deraadt struct passwd *pw; 220 1.4 deraadt char *s; 221 1.4 deraadt { 222 1.4 deraadt char *bp, *cp; 223 1.4 deraadt 224 1.14 phil /* since this is currently using strsep(), parse it first */ 225 1.4 deraadt bp = s; 226 1.4 deraadt pw->pw_name = strsep(&bp, ":\n"); 227 1.4 deraadt pw->pw_passwd = strsep(&bp, ":\n"); 228 1.4 deraadt if (!(cp = strsep(&bp, ":\n"))) 229 1.4 deraadt return 1; 230 1.4 deraadt pw->pw_uid = atoi(cp); 231 1.4 deraadt if (!(cp = strsep(&bp, ":\n"))) 232 1.13 mycroft return 1; 233 1.4 deraadt pw->pw_gid = atoi(cp); 234 1.4 deraadt pw->pw_change = 0; 235 1.4 deraadt pw->pw_class = ""; 236 1.4 deraadt pw->pw_gecos = strsep(&bp, ":\n"); 237 1.4 deraadt pw->pw_dir = strsep(&bp, ":\n"); 238 1.4 deraadt pw->pw_shell = strsep(&bp, ":\n"); 239 1.4 deraadt pw->pw_expire = 0; 240 1.14 phil 241 1.14 phil /* now let the prototype override, if set. */ 242 1.14 phil if(__ypproto != (struct passwd *)NULL) { 243 1.14 phil #ifdef YP_OVERRIDE_PASSWD 244 1.14 phil if(__ypproto->pw_passwd != (char *)NULL) 245 1.14 phil pw->pw_passwd = __ypproto->pw_passwd; 246 1.14 phil #endif 247 1.14 phil if(!(__ypflags & _PASSWORD_NOUID)) 248 1.14 phil pw->pw_uid = __ypproto->pw_uid; 249 1.14 phil if(!(__ypflags & _PASSWORD_NOGID)) 250 1.14 phil pw->pw_gid = __ypproto->pw_gid; 251 1.14 phil if(__ypproto->pw_gecos != (char *)NULL) 252 1.14 phil pw->pw_gecos = __ypproto->pw_gecos; 253 1.14 phil if(__ypproto->pw_dir != (char *)NULL) 254 1.14 phil pw->pw_dir = __ypproto->pw_dir; 255 1.14 phil if(__ypproto->pw_shell != (char *)NULL) 256 1.14 phil pw->pw_shell = __ypproto->pw_shell; 257 1.14 phil } 258 1.4 deraadt return 0; 259 1.4 deraadt } 260 1.4 deraadt #endif 261 1.4 deraadt 262 1.1 cgd struct passwd * 263 1.1 cgd getpwent() 264 1.1 cgd { 265 1.1 cgd DBT key; 266 1.1 cgd char bf[sizeof(_pw_keynum) + 1]; 267 1.4 deraadt #ifdef YP 268 1.13 mycroft char *cp; 269 1.14 phil static char *name = (char *)NULL; 270 1.14 phil const char *user, *host, *dom; 271 1.14 phil int has_yppw; 272 1.4 deraadt #endif 273 1.1 cgd 274 1.1 cgd if (!_pw_db && !__initdb()) 275 1.1 cgd return((struct passwd *)NULL); 276 1.1 cgd 277 1.4 deraadt #ifdef YP 278 1.14 phil has_yppw = __has_yppw(); 279 1.14 phil 280 1.4 deraadt again: 281 1.14 phil if(has_yppw && (__ypmode != YPMODE_NONE)) { 282 1.4 deraadt char *key, *data; 283 1.4 deraadt int keylen, datalen; 284 1.14 phil int r, s; 285 1.4 deraadt 286 1.4 deraadt if(!__ypdomain) { 287 1.4 deraadt if( _yp_check(&__ypdomain) == 0) { 288 1.14 phil __ypmode = YPMODE_NONE; 289 1.4 deraadt goto again; 290 1.4 deraadt } 291 1.4 deraadt } 292 1.14 phil switch(__ypmode) { 293 1.14 phil case YPMODE_FULL: 294 1.14 phil if(__ypcurrent) { 295 1.14 phil r = yp_next(__ypdomain, "passwd.byname", 296 1.14 phil __ypcurrent, __ypcurrentlen, 297 1.14 phil &key, &keylen, &data, &datalen); 298 1.14 phil free(__ypcurrent); 299 1.14 phil if(r != 0) { 300 1.14 phil __ypcurrent = NULL; 301 1.14 phil __ypmode = YPMODE_NONE; 302 1.14 phil if(data) 303 1.14 phil free(data); 304 1.14 phil data = NULL; 305 1.14 phil goto again; 306 1.14 phil } 307 1.14 phil __ypcurrent = key; 308 1.14 phil __ypcurrentlen = keylen; 309 1.14 phil bcopy(data, line, datalen); 310 1.14 phil free(data); 311 1.14 phil data = NULL; 312 1.14 phil } else { 313 1.14 phil r = yp_first(__ypdomain, "passwd.byname", 314 1.14 phil &__ypcurrent, &__ypcurrentlen, 315 1.14 phil &data, &datalen); 316 1.14 phil if(r != 0) { 317 1.14 phil __ypmode = YPMODE_NONE; 318 1.14 phil if(data) 319 1.14 phil free(data); 320 1.14 phil goto again; 321 1.14 phil } 322 1.14 phil bcopy(data, line, datalen); 323 1.4 deraadt free(data); 324 1.4 deraadt data = NULL; 325 1.14 phil } 326 1.14 phil break; 327 1.14 phil case YPMODE_NETGRP: 328 1.14 phil s = getnetgrent(&host, &user, &dom); 329 1.14 phil if(s == 0) { /* end of group */ 330 1.14 phil endnetgrent(); 331 1.14 phil __ypmode = YPMODE_NONE; 332 1.14 phil goto again; 333 1.14 phil } 334 1.14 phil if(user && *user) { 335 1.14 phil r = yp_match(__ypdomain, "passwd.byname", 336 1.14 phil user, strlen(user), 337 1.14 phil &data, &datalen); 338 1.14 phil } else 339 1.14 phil goto again; 340 1.14 phil if(r != 0) { 341 1.14 phil /* 342 1.14 phil * if the netgroup is invalid, keep looking 343 1.14 phil * as there may be valid users later on. 344 1.14 phil */ 345 1.14 phil if(data) 346 1.14 phil free(data); 347 1.4 deraadt goto again; 348 1.4 deraadt } 349 1.4 deraadt bcopy(data, line, datalen); 350 1.4 deraadt free(data); 351 1.14 phil data = (char *)NULL; 352 1.14 phil break; 353 1.14 phil case YPMODE_USER: 354 1.14 phil if(name != (char *)NULL) { 355 1.14 phil r = yp_match(__ypdomain, "passwd.byname", 356 1.14 phil name, strlen(name), 357 1.14 phil &data, &datalen); 358 1.14 phil __ypmode = YPMODE_NONE; 359 1.14 phil free(name); 360 1.14 phil name = (char *)NULL; 361 1.14 phil if(r != 0) { 362 1.14 phil if(data) 363 1.14 phil free(data); 364 1.14 phil goto again; 365 1.14 phil } 366 1.14 phil bcopy(data, line, datalen); 367 1.4 deraadt free(data); 368 1.14 phil data = (char *)NULL; 369 1.14 phil } else { /* XXX */ 370 1.14 phil __ypmode = YPMODE_NONE; 371 1.4 deraadt goto again; 372 1.4 deraadt } 373 1.14 phil break; 374 1.4 deraadt } 375 1.14 phil 376 1.4 deraadt line[datalen] = '\0'; 377 1.13 mycroft if (__ypparse(&_pw_passwd, line)) 378 1.13 mycroft goto again; 379 1.13 mycroft return &_pw_passwd; 380 1.4 deraadt } 381 1.4 deraadt #endif 382 1.4 deraadt 383 1.1 cgd ++_pw_keynum; 384 1.1 cgd bf[0] = _PW_KEYBYNUM; 385 1.1 cgd bcopy((char *)&_pw_keynum, bf + 1, sizeof(_pw_keynum)); 386 1.1 cgd key.data = (u_char *)bf; 387 1.1 cgd key.size = sizeof(_pw_keynum) + 1; 388 1.4 deraadt if(__hashpw(&key)) { 389 1.4 deraadt #ifdef YP 390 1.14 phil /* if we don't have YP at all, don't bother. */ 391 1.14 phil if(has_yppw) { 392 1.14 phil if(_pw_passwd.pw_name[0] == '+') { 393 1.14 phil /* set the mode */ 394 1.14 phil switch(_pw_passwd.pw_name[1]) { 395 1.14 phil case '\0': 396 1.14 phil __ypmode = YPMODE_FULL; 397 1.14 phil break; 398 1.14 phil case '@': 399 1.14 phil __ypmode = YPMODE_NETGRP; 400 1.14 phil setnetgrent(_pw_passwd.pw_name + 2); 401 1.14 phil break; 402 1.14 phil default: 403 1.14 phil __ypmode = YPMODE_USER; 404 1.14 phil name = strdup(_pw_passwd.pw_name + 1); 405 1.14 phil break; 406 1.14 phil } 407 1.14 phil 408 1.14 phil /* save the prototype */ 409 1.14 phil __ypproto_set(); 410 1.14 phil goto again; 411 1.14 phil } else if(_pw_passwd.pw_name[0] == '-') { 412 1.14 phil /* an attempted exclusion */ 413 1.14 phil switch(_pw_passwd.pw_name[1]) { 414 1.14 phil case '\0': 415 1.14 phil break; 416 1.14 phil case '@': 417 1.14 phil setnetgrent(_pw_passwd.pw_name + 2); 418 1.14 phil while(getnetgrent(&host, &user, &dom)) { 419 1.14 phil if(user && *user) 420 1.14 phil __ypexclude_add(user); 421 1.14 phil } 422 1.14 phil endnetgrent(); 423 1.14 phil break; 424 1.14 phil default: 425 1.14 phil __ypexclude_add(_pw_passwd.pw_name + 1); 426 1.14 phil break; 427 1.14 phil } 428 1.14 phil goto again; 429 1.14 phil } 430 1.4 deraadt } 431 1.4 deraadt #endif 432 1.4 deraadt return &_pw_passwd; 433 1.4 deraadt } 434 1.4 deraadt return (struct passwd *)NULL; 435 1.1 cgd } 436 1.1 cgd 437 1.14 phil #ifdef YP 438 1.14 phil 439 1.14 phil /* 440 1.14 phil * See if the YP token is in the database. Only works if pwd_mkdb knows 441 1.14 phil * about the token. 442 1.14 phil */ 443 1.14 phil static int 444 1.14 phil __has_yppw() 445 1.14 phil { 446 1.14 phil DBT key, data; 447 1.14 phil DBT pkey, pdata; 448 1.14 phil int len; 449 1.14 phil char bf[UT_NAMESIZE]; 450 1.14 phil 451 1.14 phil key.data = (u_char *)__yp_token; 452 1.14 phil key.size = strlen(__yp_token); 453 1.14 phil 454 1.14 phil /* Pre-token database support. */ 455 1.14 phil bf[0] = _PW_KEYBYNAME; 456 1.14 phil len = strlen("+"); 457 1.14 phil bcopy("+", bf + 1, MIN(len, UT_NAMESIZE)); 458 1.14 phil pkey.data = (u_char *)bf; 459 1.14 phil pkey.size = len + 1; 460 1.14 phil 461 1.14 phil if ((_pw_db->get)(_pw_db, &key, &data, 0) 462 1.14 phil && (_pw_db->get)(_pw_db, &pkey, &pdata, 0)) 463 1.14 phil return(0); /* No YP. */ 464 1.14 phil return(1); 465 1.14 phil } 466 1.14 phil #endif 467 1.14 phil 468 1.1 cgd struct passwd * 469 1.1 cgd getpwnam(name) 470 1.1 cgd const char *name; 471 1.1 cgd { 472 1.1 cgd DBT key; 473 1.10 deraadt int len, rval; 474 1.10 deraadt char bf[UT_NAMESIZE + 1]; 475 1.10 deraadt 476 1.10 deraadt if (!_pw_db && !__initdb()) 477 1.10 deraadt return((struct passwd *)NULL); 478 1.4 deraadt 479 1.4 deraadt #ifdef YP 480 1.10 deraadt /* 481 1.14 phil * If YP is active, we must sequence through the passwd file 482 1.14 phil * in sequence. 483 1.10 deraadt */ 484 1.14 phil if (__has_yppw()) { 485 1.10 deraadt int r; 486 1.14 phil int s = -1; 487 1.14 phil const char *host, *user, *dom; 488 1.4 deraadt 489 1.10 deraadt for(_pw_keynum=1; _pw_keynum; _pw_keynum++) { 490 1.10 deraadt bf[0] = _PW_KEYBYNUM; 491 1.10 deraadt bcopy((char *)&_pw_keynum, bf + 1, sizeof(_pw_keynum)); 492 1.10 deraadt key.data = (u_char *)bf; 493 1.10 deraadt key.size = sizeof(_pw_keynum) + 1; 494 1.10 deraadt if(__hashpw(&key) == 0) 495 1.10 deraadt break; 496 1.14 phil switch(_pw_passwd.pw_name[0]) { 497 1.14 phil case '+': 498 1.10 deraadt if(!__ypdomain) { 499 1.10 deraadt if(_yp_check(&__ypdomain) == 0) { 500 1.10 deraadt continue; 501 1.10 deraadt } 502 1.10 deraadt } 503 1.14 phil /* save the prototype */ 504 1.14 phil __ypproto_set(); 505 1.14 phil 506 1.14 phil switch(_pw_passwd.pw_name[1]) { 507 1.14 phil case '\0': 508 1.14 phil if(__ypcurrent) { 509 1.14 phil free(__ypcurrent); 510 1.14 phil __ypcurrent = NULL; 511 1.14 phil } 512 1.14 phil r = yp_match(__ypdomain, 513 1.14 phil "passwd.byname", 514 1.14 phil name, strlen(name), 515 1.14 phil &__ypcurrent, &__ypcurrentlen); 516 1.14 phil if(r != 0) { 517 1.14 phil if(__ypcurrent) 518 1.14 phil free(__ypcurrent); 519 1.14 phil __ypcurrent = NULL; 520 1.14 phil continue; 521 1.14 phil } 522 1.14 phil break; 523 1.14 phil case '@': 524 1.14 phil pwnam_netgrp: 525 1.14 phil if(__ypcurrent) { 526 1.14 phil free(__ypcurrent); 527 1.14 phil __ypcurrent = NULL; 528 1.14 phil } 529 1.14 phil if(s == -1) /* first time */ 530 1.14 phil setnetgrent(_pw_passwd.pw_name + 2); 531 1.14 phil s = getnetgrent(&host, &user, &dom); 532 1.14 phil if(s == 0) { /* end of group */ 533 1.14 phil endnetgrent(); 534 1.14 phil s = -1; 535 1.14 phil continue; 536 1.14 phil } else { 537 1.14 phil if(user && *user) { 538 1.14 phil r = yp_match(__ypdomain, 539 1.14 phil "passwd.byname", 540 1.14 phil user, strlen(user), 541 1.14 phil &__ypcurrent, 542 1.14 phil &__ypcurrentlen); 543 1.14 phil } else 544 1.14 phil goto pwnam_netgrp; 545 1.14 phil if(r != 0) { 546 1.14 phil if(__ypcurrent) 547 1.14 phil free(__ypcurrent); 548 1.14 phil __ypcurrent = NULL; 549 1.14 phil /* 550 1.14 phil * just because this 551 1.14 phil * user is bad, doesn't 552 1.14 phil * mean they all are. 553 1.14 phil */ 554 1.14 phil goto pwnam_netgrp; 555 1.14 phil } 556 1.14 phil } 557 1.10 deraadt break; 558 1.10 deraadt default: 559 1.14 phil if(__ypcurrent) { 560 1.14 phil free(__ypcurrent); 561 1.14 phil __ypcurrent = NULL; 562 1.14 phil } 563 1.14 phil user = _pw_passwd.pw_name + 1; 564 1.14 phil r = yp_match(__ypdomain, 565 1.14 phil "passwd.byname", 566 1.14 phil user, strlen(user), 567 1.14 phil &__ypcurrent, 568 1.14 phil &__ypcurrentlen); 569 1.14 phil if(r != 0) { 570 1.14 phil if(__ypcurrent) 571 1.14 phil free(__ypcurrent); 572 1.14 phil __ypcurrent = NULL; 573 1.14 phil continue; 574 1.14 phil } 575 1.14 phil break; 576 1.4 deraadt } 577 1.10 deraadt bcopy(__ypcurrent, line, __ypcurrentlen); 578 1.10 deraadt line[__ypcurrentlen] = '\0'; 579 1.14 phil if(__ypparse(&_pw_passwd, line) 580 1.14 phil || __ypexclude_is(_pw_passwd.pw_name)) { 581 1.14 phil if(s == 1) /* inside netgrp */ 582 1.14 phil goto pwnam_netgrp; 583 1.10 deraadt continue; 584 1.14 phil } 585 1.14 phil break; 586 1.14 phil case '-': 587 1.14 phil /* attempted exclusion */ 588 1.14 phil switch(_pw_passwd.pw_name[1]) { 589 1.14 phil case '\0': 590 1.14 phil break; 591 1.14 phil case '@': 592 1.14 phil setnetgrent(_pw_passwd.pw_name + 2); 593 1.14 phil while(getnetgrent(&host, &user, &dom)) { 594 1.14 phil if(user && *user) 595 1.14 phil __ypexclude_add(user); 596 1.14 phil } 597 1.14 phil endnetgrent(); 598 1.14 phil break; 599 1.14 phil default: 600 1.14 phil __ypexclude_add(_pw_passwd.pw_name + 1); 601 1.14 phil break; 602 1.14 phil } 603 1.14 phil break; 604 1.14 phil 605 1.14 phil continue; 606 1.4 deraadt } 607 1.14 phil if(strcmp(_pw_passwd.pw_name, name) == 0) { 608 1.10 deraadt if (!_pw_stayopen) { 609 1.10 deraadt (void)(_pw_db->close)(_pw_db); 610 1.10 deraadt _pw_db = (DB *)NULL; 611 1.10 deraadt } 612 1.14 phil if(__ypexclude != (DB *)NULL) { 613 1.14 phil (void)(__ypexclude->close)(__ypexclude); 614 1.14 phil __ypexclude = (DB *)NULL; 615 1.14 phil } 616 1.14 phil __ypproto = (struct passwd *)NULL; 617 1.10 deraadt return &_pw_passwd; 618 1.4 deraadt } 619 1.14 phil if(s == 1) /* inside netgrp */ 620 1.14 phil goto pwnam_netgrp; 621 1.10 deraadt continue; 622 1.4 deraadt } 623 1.10 deraadt if (!_pw_stayopen) { 624 1.10 deraadt (void)(_pw_db->close)(_pw_db); 625 1.10 deraadt _pw_db = (DB *)NULL; 626 1.4 deraadt } 627 1.14 phil if(__ypexclude != (DB *)NULL) { 628 1.14 phil (void)(__ypexclude->close)(__ypexclude); 629 1.14 phil __ypexclude = (DB *)NULL; 630 1.14 phil } 631 1.14 phil __ypproto = (struct passwd *)NULL; 632 1.10 deraadt return (struct passwd *)NULL; 633 1.4 deraadt } 634 1.10 deraadt #endif /* YP */ 635 1.1 cgd 636 1.1 cgd bf[0] = _PW_KEYBYNAME; 637 1.1 cgd len = strlen(name); 638 1.1 cgd bcopy(name, bf + 1, MIN(len, UT_NAMESIZE)); 639 1.1 cgd key.data = (u_char *)bf; 640 1.1 cgd key.size = len + 1; 641 1.1 cgd rval = __hashpw(&key); 642 1.1 cgd 643 1.1 cgd if (!_pw_stayopen) { 644 1.1 cgd (void)(_pw_db->close)(_pw_db); 645 1.1 cgd _pw_db = (DB *)NULL; 646 1.1 cgd } 647 1.1 cgd return(rval ? &_pw_passwd : (struct passwd *)NULL); 648 1.1 cgd } 649 1.1 cgd 650 1.1 cgd struct passwd * 651 1.1 cgd #ifdef __STDC__ 652 1.1 cgd getpwuid(uid_t uid) 653 1.1 cgd #else 654 1.1 cgd getpwuid(uid) 655 1.1 cgd int uid; 656 1.1 cgd #endif 657 1.1 cgd { 658 1.1 cgd DBT key; 659 1.10 deraadt char bf[sizeof(_pw_keynum) + 1]; 660 1.14 phil int keyuid, rval; 661 1.10 deraadt 662 1.10 deraadt if (!_pw_db && !__initdb()) 663 1.10 deraadt return((struct passwd *)NULL); 664 1.4 deraadt 665 1.4 deraadt #ifdef YP 666 1.10 deraadt /* 667 1.14 phil * If YP is active, we must sequence through the passwd file 668 1.14 phil * in sequence. 669 1.10 deraadt */ 670 1.14 phil if (__has_yppw()) { 671 1.10 deraadt char uidbuf[20]; 672 1.10 deraadt int r; 673 1.14 phil int s = -1; 674 1.14 phil const char *host, *user, *dom; 675 1.4 deraadt 676 1.14 phil sprintf(uidbuf, "%d", uid); 677 1.10 deraadt for(_pw_keynum=1; _pw_keynum; _pw_keynum++) { 678 1.10 deraadt bf[0] = _PW_KEYBYNUM; 679 1.10 deraadt bcopy((char *)&_pw_keynum, bf + 1, sizeof(_pw_keynum)); 680 1.10 deraadt key.data = (u_char *)bf; 681 1.10 deraadt key.size = sizeof(_pw_keynum) + 1; 682 1.10 deraadt if(__hashpw(&key) == 0) 683 1.10 deraadt break; 684 1.14 phil switch(_pw_passwd.pw_name[0]) { 685 1.14 phil case '+': 686 1.10 deraadt if(!__ypdomain) { 687 1.10 deraadt if(_yp_check(&__ypdomain) == 0) { 688 1.10 deraadt continue; 689 1.10 deraadt } 690 1.10 deraadt } 691 1.14 phil /* save the prototype */ 692 1.14 phil __ypproto_set(); 693 1.14 phil 694 1.14 phil switch(_pw_passwd.pw_name[1]) { 695 1.14 phil case '\0': 696 1.14 phil if(__ypcurrent) { 697 1.14 phil free(__ypcurrent); 698 1.14 phil __ypcurrent = NULL; 699 1.14 phil } 700 1.14 phil r = yp_match(__ypdomain, "passwd.byuid", 701 1.14 phil uidbuf, strlen(uidbuf), 702 1.14 phil &__ypcurrent, &__ypcurrentlen); 703 1.14 phil if(r != 0) { 704 1.14 phil if(__ypcurrent) 705 1.14 phil free(__ypcurrent); 706 1.14 phil __ypcurrent = NULL; 707 1.14 phil continue; 708 1.14 phil } 709 1.14 phil break; 710 1.14 phil case '@': 711 1.14 phil pwuid_netgrp: 712 1.14 phil if(__ypcurrent) { 713 1.14 phil free(__ypcurrent); 714 1.14 phil __ypcurrent = NULL; 715 1.14 phil } 716 1.14 phil if(s == -1) /* first time */ 717 1.14 phil setnetgrent(_pw_passwd.pw_name + 2); 718 1.14 phil s = getnetgrent(&host, &user, &dom); 719 1.14 phil if(s == 0) { /* end of group */ 720 1.14 phil endnetgrent(); 721 1.14 phil s = -1; 722 1.14 phil continue; 723 1.14 phil } else { 724 1.14 phil if(user && *user) { 725 1.14 phil r = yp_match(__ypdomain, 726 1.14 phil "passwd.byname", 727 1.14 phil user, strlen(user), 728 1.14 phil &__ypcurrent, 729 1.14 phil &__ypcurrentlen); 730 1.14 phil } else 731 1.14 phil goto pwuid_netgrp; 732 1.14 phil if(r != 0) { 733 1.14 phil if(__ypcurrent) 734 1.14 phil free(__ypcurrent); 735 1.14 phil __ypcurrent = NULL; 736 1.14 phil /* 737 1.14 phil * just because this 738 1.14 phil * user is bad, doesn't 739 1.14 phil * mean they all are. 740 1.14 phil */ 741 1.14 phil goto pwuid_netgrp; 742 1.14 phil } 743 1.14 phil } 744 1.10 deraadt break; 745 1.10 deraadt default: 746 1.14 phil if(__ypcurrent) { 747 1.14 phil free(__ypcurrent); 748 1.14 phil __ypcurrent = NULL; 749 1.14 phil } 750 1.14 phil user = _pw_passwd.pw_name + 1; 751 1.14 phil r = yp_match(__ypdomain, 752 1.14 phil "passwd.byname", 753 1.14 phil user, strlen(user), 754 1.14 phil &__ypcurrent, 755 1.14 phil &__ypcurrentlen); 756 1.14 phil if(r != 0) { 757 1.14 phil if(__ypcurrent) 758 1.14 phil free(__ypcurrent); 759 1.14 phil __ypcurrent = NULL; 760 1.14 phil continue; 761 1.14 phil } 762 1.14 phil break; 763 1.4 deraadt } 764 1.10 deraadt bcopy(__ypcurrent, line, __ypcurrentlen); 765 1.10 deraadt line[__ypcurrentlen] = '\0'; 766 1.14 phil if(__ypparse(&_pw_passwd, line) 767 1.14 phil || __ypexclude_is(_pw_passwd.pw_name)) { 768 1.14 phil if(s == 1) /* inside netgroup */ 769 1.14 phil goto pwuid_netgrp; 770 1.10 deraadt continue; 771 1.14 phil } 772 1.14 phil break; 773 1.14 phil case '-': 774 1.14 phil /* attempted exclusion */ 775 1.14 phil switch(_pw_passwd.pw_name[1]) { 776 1.14 phil case '\0': 777 1.14 phil break; 778 1.14 phil case '@': 779 1.14 phil setnetgrent(_pw_passwd.pw_name + 2); 780 1.14 phil while(getnetgrent(&host, &user, &dom)) { 781 1.14 phil if(user && *user) 782 1.14 phil __ypexclude_add(user); 783 1.14 phil } 784 1.14 phil endnetgrent(); 785 1.14 phil break; 786 1.14 phil default: 787 1.14 phil __ypexclude_add(_pw_passwd.pw_name + 1); 788 1.14 phil break; 789 1.14 phil } 790 1.14 phil break; 791 1.14 phil 792 1.14 phil continue; 793 1.4 deraadt } 794 1.10 deraadt if( _pw_passwd.pw_uid == uid) { 795 1.10 deraadt if (!_pw_stayopen) { 796 1.10 deraadt (void)(_pw_db->close)(_pw_db); 797 1.10 deraadt _pw_db = (DB *)NULL; 798 1.10 deraadt } 799 1.14 phil if (__ypexclude != (DB *)NULL) { 800 1.14 phil (void)(__ypexclude->close)(__ypexclude); 801 1.14 phil __ypexclude = (DB *)NULL; 802 1.14 phil } 803 1.14 phil __ypproto = NULL; 804 1.10 deraadt return &_pw_passwd; 805 1.4 deraadt } 806 1.14 phil if(s == 1) /* inside netgroup */ 807 1.14 phil goto pwuid_netgrp; 808 1.10 deraadt continue; 809 1.4 deraadt } 810 1.10 deraadt if (!_pw_stayopen) { 811 1.10 deraadt (void)(_pw_db->close)(_pw_db); 812 1.10 deraadt _pw_db = (DB *)NULL; 813 1.4 deraadt } 814 1.14 phil if(__ypexclude != (DB *)NULL) { 815 1.14 phil (void)(__ypexclude->close)(__ypexclude); 816 1.14 phil __ypexclude = (DB *)NULL; 817 1.14 phil } 818 1.14 phil __ypproto = (struct passwd *)NULL; 819 1.10 deraadt return (struct passwd *)NULL; 820 1.4 deraadt } 821 1.10 deraadt #endif /* YP */ 822 1.1 cgd 823 1.1 cgd bf[0] = _PW_KEYBYUID; 824 1.1 cgd keyuid = uid; 825 1.1 cgd bcopy(&keyuid, bf + 1, sizeof(keyuid)); 826 1.1 cgd key.data = (u_char *)bf; 827 1.1 cgd key.size = sizeof(keyuid) + 1; 828 1.1 cgd rval = __hashpw(&key); 829 1.1 cgd 830 1.1 cgd if (!_pw_stayopen) { 831 1.1 cgd (void)(_pw_db->close)(_pw_db); 832 1.1 cgd _pw_db = (DB *)NULL; 833 1.1 cgd } 834 1.1 cgd return(rval ? &_pw_passwd : (struct passwd *)NULL); 835 1.1 cgd } 836 1.1 cgd 837 1.1 cgd int 838 1.1 cgd setpassent(stayopen) 839 1.1 cgd int stayopen; 840 1.1 cgd { 841 1.1 cgd _pw_keynum = 0; 842 1.1 cgd _pw_stayopen = stayopen; 843 1.9 jtc #ifdef YP 844 1.14 phil __ypmode = YPMODE_NONE; 845 1.9 jtc if(__ypcurrent) 846 1.9 jtc free(__ypcurrent); 847 1.9 jtc __ypcurrent = NULL; 848 1.14 phil if(__ypexclude != (DB *)NULL) { 849 1.14 phil (void)(__ypexclude->close)(__ypexclude); 850 1.14 phil __ypexclude = (DB *)NULL; 851 1.14 phil } 852 1.14 phil __ypproto = (struct passwd *)NULL; 853 1.9 jtc #endif 854 1.1 cgd return(1); 855 1.1 cgd } 856 1.1 cgd 857 1.8 jtc void 858 1.1 cgd setpwent() 859 1.1 cgd { 860 1.9 jtc (void) setpassent(0); 861 1.1 cgd } 862 1.1 cgd 863 1.1 cgd void 864 1.1 cgd endpwent() 865 1.1 cgd { 866 1.1 cgd _pw_keynum = 0; 867 1.1 cgd if (_pw_db) { 868 1.1 cgd (void)(_pw_db->close)(_pw_db); 869 1.1 cgd _pw_db = (DB *)NULL; 870 1.1 cgd } 871 1.4 deraadt #ifdef YP 872 1.14 phil __ypmode = YPMODE_NONE; 873 1.4 deraadt if(__ypcurrent) 874 1.4 deraadt free(__ypcurrent); 875 1.4 deraadt __ypcurrent = NULL; 876 1.14 phil if(__ypexclude != (DB *)NULL) { 877 1.14 phil (void)(__ypexclude->close)(__ypexclude); 878 1.14 phil __ypexclude = (DB *)NULL; 879 1.14 phil } 880 1.14 phil __ypproto = (struct passwd *)NULL; 881 1.4 deraadt #endif 882 1.1 cgd } 883 1.1 cgd 884 1.4 deraadt static int 885 1.1 cgd __initdb() 886 1.1 cgd { 887 1.1 cgd static int warned; 888 1.1 cgd char *p; 889 1.1 cgd 890 1.14 phil #ifdef YP 891 1.14 phil __ypmode = YPMODE_NONE; 892 1.14 phil #endif 893 1.1 cgd p = (geteuid()) ? _PATH_MP_DB : _PATH_SMP_DB; 894 1.3 proven _pw_db = dbopen(p, O_RDONLY, 0, DB_HASH, NULL); 895 1.1 cgd if (_pw_db) 896 1.1 cgd return(1); 897 1.1 cgd if (!warned) 898 1.1 cgd syslog(LOG_ERR, "%s: %m", p); 899 1.11 deraadt warned = 1; 900 1.1 cgd return(0); 901 1.1 cgd } 902 1.1 cgd 903 1.4 deraadt static int 904 1.1 cgd __hashpw(key) 905 1.1 cgd DBT *key; 906 1.1 cgd { 907 1.1 cgd register char *p, *t; 908 1.1 cgd static u_int max; 909 1.1 cgd static char *line; 910 1.1 cgd DBT data; 911 1.1 cgd 912 1.1 cgd if ((_pw_db->get)(_pw_db, key, &data, 0)) 913 1.1 cgd return(0); 914 1.1 cgd p = (char *)data.data; 915 1.14 phil if (data.size > max && !(line = realloc(line, (max += 1024)))) 916 1.1 cgd return(0); 917 1.1 cgd 918 1.1 cgd t = line; 919 1.14 phil #define EXPAND(e) e = t; while ((*t++ = *p++)); 920 1.1 cgd EXPAND(_pw_passwd.pw_name); 921 1.1 cgd EXPAND(_pw_passwd.pw_passwd); 922 1.1 cgd bcopy(p, (char *)&_pw_passwd.pw_uid, sizeof(int)); 923 1.1 cgd p += sizeof(int); 924 1.1 cgd bcopy(p, (char *)&_pw_passwd.pw_gid, sizeof(int)); 925 1.1 cgd p += sizeof(int); 926 1.1 cgd bcopy(p, (char *)&_pw_passwd.pw_change, sizeof(time_t)); 927 1.1 cgd p += sizeof(time_t); 928 1.1 cgd EXPAND(_pw_passwd.pw_class); 929 1.1 cgd EXPAND(_pw_passwd.pw_gecos); 930 1.1 cgd EXPAND(_pw_passwd.pw_dir); 931 1.1 cgd EXPAND(_pw_passwd.pw_shell); 932 1.1 cgd bcopy(p, (char *)&_pw_passwd.pw_expire, sizeof(time_t)); 933 1.1 cgd p += sizeof(time_t); 934 1.14 phil 935 1.14 phil /* See if there's any data left. If so, read in flags. */ 936 1.14 phil if (data.size > (p - (char *)data.data)) { 937 1.14 phil bcopy(p, (char *)&_pw_flags, sizeof(int)); 938 1.14 phil p += sizeof(int); 939 1.14 phil } else 940 1.14 phil _pw_flags = _PASSWORD_NOUID|_PASSWORD_NOGID; /* default */ 941 1.14 phil 942 1.1 cgd return(1); 943 1.1 cgd } 944
Indexes created Tue Sep 30 11:09:46 GMT 2025