getpwent.c revision 1.24
1 1.24 perry /* $NetBSD: getpwent.c,v 1.24 1998/02/02 02:41:25 perry Exp $ */ 2 1.12 cgd 3 1.1 cgd /* 4 1.12 cgd * Copyright (c) 1988, 1993 5 1.12 cgd * The Regents of the University of California. All rights reserved. 6 1.14 phil * Portions Copyright (c) 1994, 1995, Jason Downs. All rights reserved. 7 1.1 cgd * 8 1.1 cgd * Redistribution and use in source and binary forms, with or without 9 1.1 cgd * modification, are permitted provided that the following conditions 10 1.1 cgd * are met: 11 1.1 cgd * 1. Redistributions of source code must retain the above copyright 12 1.1 cgd * notice, this list of conditions and the following disclaimer. 13 1.1 cgd * 2. Redistributions in binary form must reproduce the above copyright 14 1.1 cgd * notice, this list of conditions and the following disclaimer in the 15 1.1 cgd * documentation and/or other materials provided with the distribution. 16 1.1 cgd * 3. All advertising materials mentioning features or use of this software 17 1.1 cgd * must display the following acknowledgement: 18 1.1 cgd * This product includes software developed by the University of 19 1.1 cgd * California, Berkeley and its contributors. 20 1.1 cgd * 4. Neither the name of the University nor the names of its contributors 21 1.1 cgd * may be used to endorse or promote products derived from this software 22 1.1 cgd * without specific prior written permission. 23 1.1 cgd * 24 1.1 cgd * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 1.1 cgd * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 1.1 cgd * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 1.1 cgd * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 1.1 cgd * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 1.1 cgd * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 1.1 cgd * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 1.1 cgd * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 1.1 cgd * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 1.1 cgd * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 1.1 cgd * SUCH DAMAGE. 35 1.1 cgd */ 36 1.1 cgd 37 1.22 christos #include <sys/cdefs.h> 38 1.1 cgd #if defined(LIBC_SCCS) && !defined(lint) 39 1.12 cgd #if 0 40 1.24 perry static char sccsid[] = "@(#)getpwent.c 8.2 (Berkeley) 4/27/95"; 41 1.12 cgd #else 42 1.24 perry __RCSID("$NetBSD: getpwent.c,v 1.24 1998/02/02 02:41:25 perry Exp $"); 43 1.12 cgd #endif 44 1.1 cgd #endif /* LIBC_SCCS and not lint */ 45 1.1 cgd 46 1.23 jtc #include "namespace.h" 47 1.1 cgd #include <sys/param.h> 48 1.1 cgd #include <fcntl.h> 49 1.1 cgd #include <db.h> 50 1.1 cgd #include <syslog.h> 51 1.1 cgd #include <pwd.h> 52 1.1 cgd #include <utmp.h> 53 1.1 cgd #include <errno.h> 54 1.1 cgd #include <unistd.h> 55 1.1 cgd #include <stdlib.h> 56 1.1 cgd #include <string.h> 57 1.1 cgd #include <limits.h> 58 1.14 phil #include <netgroup.h> 59 1.4 deraadt #ifdef YP 60 1.14 phil #include <machine/param.h> 61 1.4 deraadt #include <stdio.h> 62 1.4 deraadt #include <rpc/rpc.h> 63 1.4 deraadt #include <rpcsvc/yp_prot.h> 64 1.4 deraadt #include <rpcsvc/ypclnt.h> 65 1.23 jtc #endif 66 1.23 jtc 67 1.23 jtc #ifdef __weak_alias 68 1.23 jtc __weak_alias(endpwent,_endpwent); 69 1.23 jtc __weak_alias(getpwent,_getpwent); 70 1.23 jtc __weak_alias(getpwnam,_getpwnam); 71 1.23 jtc __weak_alias(getpwuid,_getpwuid); 72 1.23 jtc __weak_alias(setpassent,_setpassent); 73 1.23 jtc __weak_alias(setpwent,_setpwent); 74 1.4 deraadt #endif 75 1.1 cgd 76 1.24 perry 77 1.24 perry /* 78 1.24 perry * The lookup techniques and data extraction code here must be kept 79 1.24 perry * in sync with that in `pwd_mkdb'. 80 1.24 perry */ 81 1.24 perry 82 1.1 cgd static struct passwd _pw_passwd; /* password structure */ 83 1.1 cgd static DB *_pw_db; /* password database */ 84 1.1 cgd static int _pw_keynum; /* key counter */ 85 1.1 cgd static int _pw_stayopen; /* keep fd's open */ 86 1.14 phil static int _pw_flags; /* password flags */ 87 1.14 phil static int __hashpw __P((DBT *)); 88 1.14 phil static int __initdb __P((void)); 89 1.14 phil 90 1.14 phil const char __yp_token[] = "__YP!"; /* Let pwd_mkdb pull this in. */ 91 1.1 cgd 92 1.4 deraadt #ifdef YP 93 1.14 phil enum _ypmode { YPMODE_NONE, YPMODE_FULL, YPMODE_USER, YPMODE_NETGRP }; 94 1.14 phil static enum _ypmode __ypmode; 95 1.14 phil 96 1.4 deraadt static char *__ypcurrent, *__ypdomain; 97 1.14 phil static int __ypcurrentlen; 98 1.14 phil static struct passwd *__ypproto = (struct passwd *)NULL; 99 1.14 phil static int __ypflags; 100 1.4 deraadt static char line[1024]; 101 1.14 phil static long prbuf[1024 / sizeof(long)]; 102 1.14 phil static DB *__ypexclude = (DB *)NULL; 103 1.14 phil 104 1.14 phil static int __has_yppw __P((void)); 105 1.14 phil static int __ypexclude_add __P((const char *)); 106 1.14 phil static int __ypexclude_is __P((const char *)); 107 1.14 phil static void __ypproto_set __P((void)); 108 1.22 christos static int __ypparse __P((struct passwd *, char *)); 109 1.14 phil 110 1.14 phil static int 111 1.14 phil __ypexclude_add(name) 112 1.14 phil const char *name; 113 1.14 phil { 114 1.14 phil DBT key, data; 115 1.14 phil 116 1.14 phil /* initialize the exclusion table if needed. */ 117 1.14 phil if(__ypexclude == (DB *)NULL) { 118 1.14 phil __ypexclude = dbopen(NULL, O_RDWR, 600, DB_HASH, NULL); 119 1.14 phil if(__ypexclude == (DB *)NULL) 120 1.14 phil return(1); 121 1.14 phil } 122 1.14 phil 123 1.14 phil /* set up the key */ 124 1.14 phil key.data = (char *)name; 125 1.14 phil key.size = strlen(name); 126 1.14 phil 127 1.14 phil /* data is nothing. */ 128 1.14 phil data.data = NULL; 129 1.14 phil data.size = 0; 130 1.14 phil 131 1.14 phil /* store it */ 132 1.14 phil if((__ypexclude->put)(__ypexclude, &key, &data, 0) == -1) 133 1.14 phil return(1); 134 1.14 phil 135 1.14 phil return(0); 136 1.14 phil } 137 1.14 phil 138 1.14 phil static int 139 1.14 phil __ypexclude_is(name) 140 1.14 phil const char *name; 141 1.14 phil { 142 1.14 phil DBT key, data; 143 1.14 phil 144 1.14 phil if(__ypexclude == (DB *)NULL) 145 1.14 phil return(0); /* nothing excluded */ 146 1.14 phil 147 1.14 phil /* set up the key */ 148 1.14 phil key.data = (char *)name; 149 1.14 phil key.size = strlen(name); 150 1.14 phil 151 1.14 phil if((__ypexclude->get)(__ypexclude, &key, &data, 0) == 0) 152 1.14 phil return(1); /* excluded */ 153 1.14 phil 154 1.14 phil return(0); 155 1.14 phil } 156 1.14 phil 157 1.14 phil static void 158 1.14 phil __ypproto_set() 159 1.14 phil { 160 1.17 lukem char *ptr; 161 1.17 lukem struct passwd *pw = &_pw_passwd; 162 1.14 phil 163 1.14 phil /* make this the new prototype */ 164 1.14 phil ptr = (char *)prbuf; 165 1.14 phil 166 1.14 phil /* first allocate the struct. */ 167 1.14 phil __ypproto = (struct passwd *)ptr; 168 1.14 phil ptr += sizeof(struct passwd); 169 1.14 phil 170 1.14 phil /* name */ 171 1.14 phil if(pw->pw_name && (pw->pw_name)[0]) { 172 1.14 phil ptr = (char *)ALIGN(ptr); 173 1.14 phil bcopy(pw->pw_name, ptr, strlen(pw->pw_name) + 1); 174 1.14 phil __ypproto->pw_name = ptr; 175 1.14 phil ptr += (strlen(pw->pw_name) + 1); 176 1.14 phil } else 177 1.14 phil __ypproto->pw_name = (char *)NULL; 178 1.14 phil 179 1.14 phil /* password */ 180 1.14 phil if(pw->pw_passwd && (pw->pw_passwd)[0]) { 181 1.14 phil ptr = (char *)ALIGN(ptr); 182 1.14 phil bcopy(pw->pw_passwd, ptr, strlen(pw->pw_passwd) + 1); 183 1.14 phil __ypproto->pw_passwd = ptr; 184 1.14 phil ptr += (strlen(pw->pw_passwd) + 1); 185 1.14 phil } else 186 1.14 phil __ypproto->pw_passwd = (char *)NULL; 187 1.14 phil 188 1.14 phil /* uid */ 189 1.14 phil __ypproto->pw_uid = pw->pw_uid; 190 1.14 phil 191 1.14 phil /* gid */ 192 1.14 phil __ypproto->pw_gid = pw->pw_gid; 193 1.14 phil 194 1.14 phil /* change (ignored anyway) */ 195 1.14 phil __ypproto->pw_change = pw->pw_change; 196 1.14 phil 197 1.14 phil /* class (ignored anyway) */ 198 1.14 phil __ypproto->pw_class = ""; 199 1.14 phil 200 1.14 phil /* gecos */ 201 1.14 phil if(pw->pw_gecos && (pw->pw_gecos)[0]) { 202 1.14 phil ptr = (char *)ALIGN(ptr); 203 1.14 phil bcopy(pw->pw_gecos, ptr, strlen(pw->pw_gecos) + 1); 204 1.14 phil __ypproto->pw_gecos = ptr; 205 1.14 phil ptr += (strlen(pw->pw_gecos) + 1); 206 1.14 phil } else 207 1.14 phil __ypproto->pw_gecos = (char *)NULL; 208 1.14 phil 209 1.14 phil /* dir */ 210 1.14 phil if(pw->pw_dir && (pw->pw_dir)[0]) { 211 1.14 phil ptr = (char *)ALIGN(ptr); 212 1.14 phil bcopy(pw->pw_dir, ptr, strlen(pw->pw_dir) + 1); 213 1.14 phil __ypproto->pw_dir = ptr; 214 1.14 phil ptr += (strlen(pw->pw_dir) + 1); 215 1.14 phil } else 216 1.14 phil __ypproto->pw_dir = (char *)NULL; 217 1.14 phil 218 1.14 phil /* shell */ 219 1.14 phil if(pw->pw_shell && (pw->pw_shell)[0]) { 220 1.14 phil ptr = (char *)ALIGN(ptr); 221 1.14 phil bcopy(pw->pw_shell, ptr, strlen(pw->pw_shell) + 1); 222 1.14 phil __ypproto->pw_shell = ptr; 223 1.14 phil ptr += (strlen(pw->pw_shell) + 1); 224 1.14 phil } else 225 1.14 phil __ypproto->pw_shell = (char *)NULL; 226 1.14 phil 227 1.14 phil /* expire (ignored anyway) */ 228 1.14 phil __ypproto->pw_expire = pw->pw_expire; 229 1.14 phil 230 1.14 phil /* flags */ 231 1.14 phil __ypflags = _pw_flags; 232 1.14 phil } 233 1.4 deraadt 234 1.5 deraadt static int 235 1.5 deraadt __ypparse(pw, s) 236 1.4 deraadt struct passwd *pw; 237 1.4 deraadt char *s; 238 1.4 deraadt { 239 1.19 lukem char *bp, *cp, *ep; 240 1.19 lukem unsigned long id; 241 1.4 deraadt 242 1.14 phil /* since this is currently using strsep(), parse it first */ 243 1.4 deraadt bp = s; 244 1.4 deraadt pw->pw_name = strsep(&bp, ":\n"); 245 1.4 deraadt pw->pw_passwd = strsep(&bp, ":\n"); 246 1.4 deraadt if (!(cp = strsep(&bp, ":\n"))) 247 1.4 deraadt return 1; 248 1.19 lukem id = strtoul(cp, &ep, 10); 249 1.21 lukem if (id > UID_MAX || *ep != '\0') 250 1.19 lukem return 1; 251 1.19 lukem pw->pw_uid = (uid_t)id; 252 1.4 deraadt if (!(cp = strsep(&bp, ":\n"))) 253 1.13 mycroft return 1; 254 1.19 lukem id = strtoul(cp, &ep, 10); 255 1.21 lukem if (id > GID_MAX || *ep != '\0') 256 1.19 lukem return 1; 257 1.19 lukem pw->pw_gid = (gid_t)id; 258 1.4 deraadt pw->pw_change = 0; 259 1.4 deraadt pw->pw_class = ""; 260 1.4 deraadt pw->pw_gecos = strsep(&bp, ":\n"); 261 1.4 deraadt pw->pw_dir = strsep(&bp, ":\n"); 262 1.4 deraadt pw->pw_shell = strsep(&bp, ":\n"); 263 1.4 deraadt pw->pw_expire = 0; 264 1.14 phil 265 1.14 phil /* now let the prototype override, if set. */ 266 1.14 phil if(__ypproto != (struct passwd *)NULL) { 267 1.14 phil #ifdef YP_OVERRIDE_PASSWD 268 1.14 phil if(__ypproto->pw_passwd != (char *)NULL) 269 1.14 phil pw->pw_passwd = __ypproto->pw_passwd; 270 1.14 phil #endif 271 1.14 phil if(!(__ypflags & _PASSWORD_NOUID)) 272 1.14 phil pw->pw_uid = __ypproto->pw_uid; 273 1.14 phil if(!(__ypflags & _PASSWORD_NOGID)) 274 1.14 phil pw->pw_gid = __ypproto->pw_gid; 275 1.14 phil if(__ypproto->pw_gecos != (char *)NULL) 276 1.14 phil pw->pw_gecos = __ypproto->pw_gecos; 277 1.14 phil if(__ypproto->pw_dir != (char *)NULL) 278 1.14 phil pw->pw_dir = __ypproto->pw_dir; 279 1.14 phil if(__ypproto->pw_shell != (char *)NULL) 280 1.14 phil pw->pw_shell = __ypproto->pw_shell; 281 1.14 phil } 282 1.4 deraadt return 0; 283 1.4 deraadt } 284 1.4 deraadt #endif 285 1.4 deraadt 286 1.1 cgd struct passwd * 287 1.1 cgd getpwent() 288 1.1 cgd { 289 1.1 cgd DBT key; 290 1.1 cgd char bf[sizeof(_pw_keynum) + 1]; 291 1.4 deraadt #ifdef YP 292 1.14 phil static char *name = (char *)NULL; 293 1.14 phil const char *user, *host, *dom; 294 1.14 phil int has_yppw; 295 1.4 deraadt #endif 296 1.1 cgd 297 1.1 cgd if (!_pw_db && !__initdb()) 298 1.1 cgd return((struct passwd *)NULL); 299 1.1 cgd 300 1.4 deraadt #ifdef YP 301 1.14 phil has_yppw = __has_yppw(); 302 1.14 phil 303 1.4 deraadt again: 304 1.14 phil if(has_yppw && (__ypmode != YPMODE_NONE)) { 305 1.4 deraadt char *key, *data; 306 1.4 deraadt int keylen, datalen; 307 1.14 phil int r, s; 308 1.4 deraadt 309 1.4 deraadt if(!__ypdomain) { 310 1.4 deraadt if( _yp_check(&__ypdomain) == 0) { 311 1.14 phil __ypmode = YPMODE_NONE; 312 1.4 deraadt goto again; 313 1.4 deraadt } 314 1.4 deraadt } 315 1.14 phil switch(__ypmode) { 316 1.14 phil case YPMODE_FULL: 317 1.17 lukem data = NULL; 318 1.14 phil if(__ypcurrent) { 319 1.18 lukem key = NULL; 320 1.14 phil r = yp_next(__ypdomain, "passwd.byname", 321 1.14 phil __ypcurrent, __ypcurrentlen, 322 1.14 phil &key, &keylen, &data, &datalen); 323 1.14 phil free(__ypcurrent); 324 1.18 lukem if(r != 0) { 325 1.14 phil __ypcurrent = NULL; 326 1.18 lukem if (key) 327 1.18 lukem free(key); 328 1.18 lukem } 329 1.17 lukem else { 330 1.17 lukem __ypcurrent = key; 331 1.17 lukem __ypcurrentlen = keylen; 332 1.14 phil } 333 1.14 phil } else { 334 1.14 phil r = yp_first(__ypdomain, "passwd.byname", 335 1.14 phil &__ypcurrent, &__ypcurrentlen, 336 1.14 phil &data, &datalen); 337 1.17 lukem } 338 1.17 lukem if(r != 0) { 339 1.17 lukem __ypmode = YPMODE_NONE; 340 1.17 lukem if(data) 341 1.17 lukem free(data); 342 1.4 deraadt data = NULL; 343 1.17 lukem goto again; 344 1.14 phil } 345 1.17 lukem bcopy(data, line, datalen); 346 1.17 lukem free(data); 347 1.17 lukem data = NULL; 348 1.14 phil break; 349 1.14 phil case YPMODE_NETGRP: 350 1.14 phil s = getnetgrent(&host, &user, &dom); 351 1.14 phil if(s == 0) { /* end of group */ 352 1.14 phil endnetgrent(); 353 1.14 phil __ypmode = YPMODE_NONE; 354 1.14 phil goto again; 355 1.14 phil } 356 1.14 phil if(user && *user) { 357 1.17 lukem data = NULL; 358 1.14 phil r = yp_match(__ypdomain, "passwd.byname", 359 1.14 phil user, strlen(user), 360 1.14 phil &data, &datalen); 361 1.14 phil } else 362 1.14 phil goto again; 363 1.14 phil if(r != 0) { 364 1.14 phil /* 365 1.14 phil * if the netgroup is invalid, keep looking 366 1.14 phil * as there may be valid users later on. 367 1.14 phil */ 368 1.14 phil if(data) 369 1.14 phil free(data); 370 1.4 deraadt goto again; 371 1.4 deraadt } 372 1.4 deraadt bcopy(data, line, datalen); 373 1.4 deraadt free(data); 374 1.17 lukem data = NULL; 375 1.14 phil break; 376 1.14 phil case YPMODE_USER: 377 1.14 phil if(name != (char *)NULL) { 378 1.17 lukem data = NULL; 379 1.14 phil r = yp_match(__ypdomain, "passwd.byname", 380 1.14 phil name, strlen(name), 381 1.14 phil &data, &datalen); 382 1.14 phil __ypmode = YPMODE_NONE; 383 1.14 phil free(name); 384 1.17 lukem name = NULL; 385 1.14 phil if(r != 0) { 386 1.14 phil if(data) 387 1.14 phil free(data); 388 1.14 phil goto again; 389 1.14 phil } 390 1.14 phil bcopy(data, line, datalen); 391 1.4 deraadt free(data); 392 1.14 phil data = (char *)NULL; 393 1.14 phil } else { /* XXX */ 394 1.14 phil __ypmode = YPMODE_NONE; 395 1.4 deraadt goto again; 396 1.4 deraadt } 397 1.14 phil break; 398 1.22 christos case YPMODE_NONE: 399 1.22 christos abort(); /* cannot happen */ 400 1.22 christos break; 401 1.4 deraadt } 402 1.14 phil 403 1.4 deraadt line[datalen] = '\0'; 404 1.13 mycroft if (__ypparse(&_pw_passwd, line)) 405 1.13 mycroft goto again; 406 1.13 mycroft return &_pw_passwd; 407 1.4 deraadt } 408 1.4 deraadt #endif 409 1.4 deraadt 410 1.1 cgd ++_pw_keynum; 411 1.1 cgd bf[0] = _PW_KEYBYNUM; 412 1.1 cgd bcopy((char *)&_pw_keynum, bf + 1, sizeof(_pw_keynum)); 413 1.1 cgd key.data = (u_char *)bf; 414 1.1 cgd key.size = sizeof(_pw_keynum) + 1; 415 1.4 deraadt if(__hashpw(&key)) { 416 1.4 deraadt #ifdef YP 417 1.14 phil /* if we don't have YP at all, don't bother. */ 418 1.14 phil if(has_yppw) { 419 1.14 phil if(_pw_passwd.pw_name[0] == '+') { 420 1.14 phil /* set the mode */ 421 1.14 phil switch(_pw_passwd.pw_name[1]) { 422 1.14 phil case '\0': 423 1.14 phil __ypmode = YPMODE_FULL; 424 1.14 phil break; 425 1.14 phil case '@': 426 1.14 phil __ypmode = YPMODE_NETGRP; 427 1.14 phil setnetgrent(_pw_passwd.pw_name + 2); 428 1.14 phil break; 429 1.14 phil default: 430 1.14 phil __ypmode = YPMODE_USER; 431 1.14 phil name = strdup(_pw_passwd.pw_name + 1); 432 1.14 phil break; 433 1.14 phil } 434 1.14 phil 435 1.14 phil /* save the prototype */ 436 1.14 phil __ypproto_set(); 437 1.14 phil goto again; 438 1.14 phil } else if(_pw_passwd.pw_name[0] == '-') { 439 1.14 phil /* an attempted exclusion */ 440 1.14 phil switch(_pw_passwd.pw_name[1]) { 441 1.14 phil case '\0': 442 1.14 phil break; 443 1.14 phil case '@': 444 1.14 phil setnetgrent(_pw_passwd.pw_name + 2); 445 1.14 phil while(getnetgrent(&host, &user, &dom)) { 446 1.14 phil if(user && *user) 447 1.14 phil __ypexclude_add(user); 448 1.14 phil } 449 1.14 phil endnetgrent(); 450 1.14 phil break; 451 1.14 phil default: 452 1.14 phil __ypexclude_add(_pw_passwd.pw_name + 1); 453 1.14 phil break; 454 1.14 phil } 455 1.14 phil goto again; 456 1.14 phil } 457 1.4 deraadt } 458 1.4 deraadt #endif 459 1.4 deraadt return &_pw_passwd; 460 1.4 deraadt } 461 1.4 deraadt return (struct passwd *)NULL; 462 1.1 cgd } 463 1.1 cgd 464 1.14 phil #ifdef YP 465 1.14 phil 466 1.14 phil /* 467 1.14 phil * See if the YP token is in the database. Only works if pwd_mkdb knows 468 1.14 phil * about the token. 469 1.14 phil */ 470 1.14 phil static int 471 1.14 phil __has_yppw() 472 1.14 phil { 473 1.14 phil DBT key, data; 474 1.14 phil DBT pkey, pdata; 475 1.15 sommerfe char bf[MAXLOGNAME]; 476 1.14 phil 477 1.14 phil key.data = (u_char *)__yp_token; 478 1.14 phil key.size = strlen(__yp_token); 479 1.14 phil 480 1.14 phil /* Pre-token database support. */ 481 1.14 phil bf[0] = _PW_KEYBYNAME; 482 1.15 sommerfe bf[1] = '+'; 483 1.14 phil pkey.data = (u_char *)bf; 484 1.15 sommerfe pkey.size = 2; 485 1.14 phil 486 1.14 phil if ((_pw_db->get)(_pw_db, &key, &data, 0) 487 1.14 phil && (_pw_db->get)(_pw_db, &pkey, &pdata, 0)) 488 1.14 phil return(0); /* No YP. */ 489 1.14 phil return(1); 490 1.14 phil } 491 1.14 phil #endif 492 1.14 phil 493 1.1 cgd struct passwd * 494 1.1 cgd getpwnam(name) 495 1.1 cgd const char *name; 496 1.1 cgd { 497 1.1 cgd DBT key; 498 1.10 deraadt int len, rval; 499 1.15 sommerfe char bf[MAXLOGNAME + 1]; 500 1.10 deraadt 501 1.10 deraadt if (!_pw_db && !__initdb()) 502 1.10 deraadt return((struct passwd *)NULL); 503 1.4 deraadt 504 1.4 deraadt #ifdef YP 505 1.10 deraadt /* 506 1.14 phil * If YP is active, we must sequence through the passwd file 507 1.14 phil * in sequence. 508 1.10 deraadt */ 509 1.14 phil if (__has_yppw()) { 510 1.10 deraadt int r; 511 1.14 phil int s = -1; 512 1.14 phil const char *host, *user, *dom; 513 1.4 deraadt 514 1.10 deraadt for(_pw_keynum=1; _pw_keynum; _pw_keynum++) { 515 1.10 deraadt bf[0] = _PW_KEYBYNUM; 516 1.10 deraadt bcopy((char *)&_pw_keynum, bf + 1, sizeof(_pw_keynum)); 517 1.10 deraadt key.data = (u_char *)bf; 518 1.10 deraadt key.size = sizeof(_pw_keynum) + 1; 519 1.10 deraadt if(__hashpw(&key) == 0) 520 1.10 deraadt break; 521 1.14 phil switch(_pw_passwd.pw_name[0]) { 522 1.14 phil case '+': 523 1.10 deraadt if(!__ypdomain) { 524 1.10 deraadt if(_yp_check(&__ypdomain) == 0) { 525 1.10 deraadt continue; 526 1.10 deraadt } 527 1.10 deraadt } 528 1.14 phil /* save the prototype */ 529 1.14 phil __ypproto_set(); 530 1.14 phil 531 1.14 phil switch(_pw_passwd.pw_name[1]) { 532 1.14 phil case '\0': 533 1.14 phil if(__ypcurrent) { 534 1.14 phil free(__ypcurrent); 535 1.14 phil __ypcurrent = NULL; 536 1.14 phil } 537 1.14 phil r = yp_match(__ypdomain, 538 1.14 phil "passwd.byname", 539 1.14 phil name, strlen(name), 540 1.14 phil &__ypcurrent, &__ypcurrentlen); 541 1.14 phil if(r != 0) { 542 1.14 phil if(__ypcurrent) 543 1.14 phil free(__ypcurrent); 544 1.14 phil __ypcurrent = NULL; 545 1.14 phil continue; 546 1.14 phil } 547 1.14 phil break; 548 1.14 phil case '@': 549 1.14 phil pwnam_netgrp: 550 1.14 phil if(__ypcurrent) { 551 1.14 phil free(__ypcurrent); 552 1.14 phil __ypcurrent = NULL; 553 1.14 phil } 554 1.14 phil if(s == -1) /* first time */ 555 1.14 phil setnetgrent(_pw_passwd.pw_name + 2); 556 1.14 phil s = getnetgrent(&host, &user, &dom); 557 1.14 phil if(s == 0) { /* end of group */ 558 1.14 phil endnetgrent(); 559 1.14 phil s = -1; 560 1.14 phil continue; 561 1.14 phil } else { 562 1.14 phil if(user && *user) { 563 1.14 phil r = yp_match(__ypdomain, 564 1.14 phil "passwd.byname", 565 1.14 phil user, strlen(user), 566 1.14 phil &__ypcurrent, 567 1.14 phil &__ypcurrentlen); 568 1.14 phil } else 569 1.14 phil goto pwnam_netgrp; 570 1.14 phil if(r != 0) { 571 1.14 phil if(__ypcurrent) 572 1.14 phil free(__ypcurrent); 573 1.14 phil __ypcurrent = NULL; 574 1.14 phil /* 575 1.14 phil * just because this 576 1.14 phil * user is bad, doesn't 577 1.14 phil * mean they all are. 578 1.14 phil */ 579 1.14 phil goto pwnam_netgrp; 580 1.14 phil } 581 1.14 phil } 582 1.10 deraadt break; 583 1.10 deraadt default: 584 1.14 phil if(__ypcurrent) { 585 1.14 phil free(__ypcurrent); 586 1.14 phil __ypcurrent = NULL; 587 1.14 phil } 588 1.14 phil user = _pw_passwd.pw_name + 1; 589 1.14 phil r = yp_match(__ypdomain, 590 1.14 phil "passwd.byname", 591 1.14 phil user, strlen(user), 592 1.14 phil &__ypcurrent, 593 1.14 phil &__ypcurrentlen); 594 1.14 phil if(r != 0) { 595 1.14 phil if(__ypcurrent) 596 1.14 phil free(__ypcurrent); 597 1.14 phil __ypcurrent = NULL; 598 1.14 phil continue; 599 1.14 phil } 600 1.14 phil break; 601 1.4 deraadt } 602 1.10 deraadt bcopy(__ypcurrent, line, __ypcurrentlen); 603 1.10 deraadt line[__ypcurrentlen] = '\0'; 604 1.14 phil if(__ypparse(&_pw_passwd, line) 605 1.14 phil || __ypexclude_is(_pw_passwd.pw_name)) { 606 1.14 phil if(s == 1) /* inside netgrp */ 607 1.14 phil goto pwnam_netgrp; 608 1.10 deraadt continue; 609 1.14 phil } 610 1.14 phil break; 611 1.14 phil case '-': 612 1.14 phil /* attempted exclusion */ 613 1.14 phil switch(_pw_passwd.pw_name[1]) { 614 1.14 phil case '\0': 615 1.14 phil break; 616 1.14 phil case '@': 617 1.14 phil setnetgrent(_pw_passwd.pw_name + 2); 618 1.14 phil while(getnetgrent(&host, &user, &dom)) { 619 1.14 phil if(user && *user) 620 1.14 phil __ypexclude_add(user); 621 1.14 phil } 622 1.14 phil endnetgrent(); 623 1.14 phil break; 624 1.14 phil default: 625 1.14 phil __ypexclude_add(_pw_passwd.pw_name + 1); 626 1.14 phil break; 627 1.14 phil } 628 1.14 phil break; 629 1.14 phil 630 1.14 phil continue; 631 1.4 deraadt } 632 1.14 phil if(strcmp(_pw_passwd.pw_name, name) == 0) { 633 1.10 deraadt if (!_pw_stayopen) { 634 1.10 deraadt (void)(_pw_db->close)(_pw_db); 635 1.10 deraadt _pw_db = (DB *)NULL; 636 1.10 deraadt } 637 1.14 phil if(__ypexclude != (DB *)NULL) { 638 1.14 phil (void)(__ypexclude->close)(__ypexclude); 639 1.14 phil __ypexclude = (DB *)NULL; 640 1.14 phil } 641 1.14 phil __ypproto = (struct passwd *)NULL; 642 1.10 deraadt return &_pw_passwd; 643 1.4 deraadt } 644 1.14 phil if(s == 1) /* inside netgrp */ 645 1.14 phil goto pwnam_netgrp; 646 1.10 deraadt continue; 647 1.4 deraadt } 648 1.10 deraadt if (!_pw_stayopen) { 649 1.10 deraadt (void)(_pw_db->close)(_pw_db); 650 1.10 deraadt _pw_db = (DB *)NULL; 651 1.4 deraadt } 652 1.14 phil if(__ypexclude != (DB *)NULL) { 653 1.14 phil (void)(__ypexclude->close)(__ypexclude); 654 1.14 phil __ypexclude = (DB *)NULL; 655 1.14 phil } 656 1.14 phil __ypproto = (struct passwd *)NULL; 657 1.10 deraadt return (struct passwd *)NULL; 658 1.4 deraadt } 659 1.10 deraadt #endif /* YP */ 660 1.1 cgd 661 1.1 cgd bf[0] = _PW_KEYBYNAME; 662 1.1 cgd len = strlen(name); 663 1.15 sommerfe len = MIN(len, MAXLOGNAME); 664 1.15 sommerfe bcopy(name, bf + 1, len); 665 1.1 cgd key.data = (u_char *)bf; 666 1.1 cgd key.size = len + 1; 667 1.1 cgd rval = __hashpw(&key); 668 1.1 cgd 669 1.1 cgd if (!_pw_stayopen) { 670 1.1 cgd (void)(_pw_db->close)(_pw_db); 671 1.1 cgd _pw_db = (DB *)NULL; 672 1.1 cgd } 673 1.1 cgd return(rval ? &_pw_passwd : (struct passwd *)NULL); 674 1.1 cgd } 675 1.1 cgd 676 1.1 cgd struct passwd * 677 1.1 cgd getpwuid(uid) 678 1.20 lukem uid_t uid; 679 1.1 cgd { 680 1.1 cgd DBT key; 681 1.10 deraadt char bf[sizeof(_pw_keynum) + 1]; 682 1.19 lukem uid_t keyuid; 683 1.19 lukem int rval; 684 1.10 deraadt 685 1.10 deraadt if (!_pw_db && !__initdb()) 686 1.10 deraadt return((struct passwd *)NULL); 687 1.4 deraadt 688 1.4 deraadt #ifdef YP 689 1.10 deraadt /* 690 1.14 phil * If YP is active, we must sequence through the passwd file 691 1.14 phil * in sequence. 692 1.10 deraadt */ 693 1.14 phil if (__has_yppw()) { 694 1.10 deraadt char uidbuf[20]; 695 1.10 deraadt int r; 696 1.14 phil int s = -1; 697 1.14 phil const char *host, *user, *dom; 698 1.4 deraadt 699 1.19 lukem snprintf(uidbuf, sizeof(uidbuf), "%u", uid); 700 1.10 deraadt for(_pw_keynum=1; _pw_keynum; _pw_keynum++) { 701 1.10 deraadt bf[0] = _PW_KEYBYNUM; 702 1.10 deraadt bcopy((char *)&_pw_keynum, bf + 1, sizeof(_pw_keynum)); 703 1.10 deraadt key.data = (u_char *)bf; 704 1.10 deraadt key.size = sizeof(_pw_keynum) + 1; 705 1.10 deraadt if(__hashpw(&key) == 0) 706 1.10 deraadt break; 707 1.14 phil switch(_pw_passwd.pw_name[0]) { 708 1.14 phil case '+': 709 1.10 deraadt if(!__ypdomain) { 710 1.10 deraadt if(_yp_check(&__ypdomain) == 0) { 711 1.10 deraadt continue; 712 1.10 deraadt } 713 1.10 deraadt } 714 1.14 phil /* save the prototype */ 715 1.14 phil __ypproto_set(); 716 1.14 phil 717 1.14 phil switch(_pw_passwd.pw_name[1]) { 718 1.14 phil case '\0': 719 1.14 phil if(__ypcurrent) { 720 1.14 phil free(__ypcurrent); 721 1.14 phil __ypcurrent = NULL; 722 1.14 phil } 723 1.14 phil r = yp_match(__ypdomain, "passwd.byuid", 724 1.14 phil uidbuf, strlen(uidbuf), 725 1.14 phil &__ypcurrent, &__ypcurrentlen); 726 1.14 phil if(r != 0) { 727 1.14 phil if(__ypcurrent) 728 1.14 phil free(__ypcurrent); 729 1.14 phil __ypcurrent = NULL; 730 1.14 phil continue; 731 1.14 phil } 732 1.14 phil break; 733 1.14 phil case '@': 734 1.14 phil pwuid_netgrp: 735 1.14 phil if(__ypcurrent) { 736 1.14 phil free(__ypcurrent); 737 1.14 phil __ypcurrent = NULL; 738 1.14 phil } 739 1.14 phil if(s == -1) /* first time */ 740 1.14 phil setnetgrent(_pw_passwd.pw_name + 2); 741 1.14 phil s = getnetgrent(&host, &user, &dom); 742 1.14 phil if(s == 0) { /* end of group */ 743 1.14 phil endnetgrent(); 744 1.14 phil s = -1; 745 1.14 phil continue; 746 1.14 phil } else { 747 1.14 phil if(user && *user) { 748 1.14 phil r = yp_match(__ypdomain, 749 1.14 phil "passwd.byname", 750 1.14 phil user, strlen(user), 751 1.14 phil &__ypcurrent, 752 1.14 phil &__ypcurrentlen); 753 1.14 phil } else 754 1.14 phil goto pwuid_netgrp; 755 1.14 phil if(r != 0) { 756 1.14 phil if(__ypcurrent) 757 1.14 phil free(__ypcurrent); 758 1.14 phil __ypcurrent = NULL; 759 1.14 phil /* 760 1.14 phil * just because this 761 1.14 phil * user is bad, doesn't 762 1.14 phil * mean they all are. 763 1.14 phil */ 764 1.14 phil goto pwuid_netgrp; 765 1.14 phil } 766 1.14 phil } 767 1.10 deraadt break; 768 1.10 deraadt default: 769 1.14 phil if(__ypcurrent) { 770 1.14 phil free(__ypcurrent); 771 1.14 phil __ypcurrent = NULL; 772 1.14 phil } 773 1.14 phil user = _pw_passwd.pw_name + 1; 774 1.14 phil r = yp_match(__ypdomain, 775 1.14 phil "passwd.byname", 776 1.14 phil user, strlen(user), 777 1.14 phil &__ypcurrent, 778 1.14 phil &__ypcurrentlen); 779 1.14 phil if(r != 0) { 780 1.14 phil if(__ypcurrent) 781 1.14 phil free(__ypcurrent); 782 1.14 phil __ypcurrent = NULL; 783 1.14 phil continue; 784 1.14 phil } 785 1.14 phil break; 786 1.4 deraadt } 787 1.10 deraadt bcopy(__ypcurrent, line, __ypcurrentlen); 788 1.10 deraadt line[__ypcurrentlen] = '\0'; 789 1.14 phil if(__ypparse(&_pw_passwd, line) 790 1.14 phil || __ypexclude_is(_pw_passwd.pw_name)) { 791 1.14 phil if(s == 1) /* inside netgroup */ 792 1.14 phil goto pwuid_netgrp; 793 1.10 deraadt continue; 794 1.14 phil } 795 1.14 phil break; 796 1.14 phil case '-': 797 1.14 phil /* attempted exclusion */ 798 1.14 phil switch(_pw_passwd.pw_name[1]) { 799 1.14 phil case '\0': 800 1.14 phil break; 801 1.14 phil case '@': 802 1.14 phil setnetgrent(_pw_passwd.pw_name + 2); 803 1.14 phil while(getnetgrent(&host, &user, &dom)) { 804 1.14 phil if(user && *user) 805 1.14 phil __ypexclude_add(user); 806 1.14 phil } 807 1.14 phil endnetgrent(); 808 1.14 phil break; 809 1.14 phil default: 810 1.14 phil __ypexclude_add(_pw_passwd.pw_name + 1); 811 1.14 phil break; 812 1.14 phil } 813 1.14 phil break; 814 1.14 phil 815 1.14 phil continue; 816 1.4 deraadt } 817 1.10 deraadt if( _pw_passwd.pw_uid == uid) { 818 1.10 deraadt if (!_pw_stayopen) { 819 1.10 deraadt (void)(_pw_db->close)(_pw_db); 820 1.10 deraadt _pw_db = (DB *)NULL; 821 1.10 deraadt } 822 1.14 phil if (__ypexclude != (DB *)NULL) { 823 1.14 phil (void)(__ypexclude->close)(__ypexclude); 824 1.14 phil __ypexclude = (DB *)NULL; 825 1.14 phil } 826 1.14 phil __ypproto = NULL; 827 1.10 deraadt return &_pw_passwd; 828 1.4 deraadt } 829 1.14 phil if(s == 1) /* inside netgroup */ 830 1.14 phil goto pwuid_netgrp; 831 1.10 deraadt continue; 832 1.4 deraadt } 833 1.10 deraadt if (!_pw_stayopen) { 834 1.10 deraadt (void)(_pw_db->close)(_pw_db); 835 1.10 deraadt _pw_db = (DB *)NULL; 836 1.4 deraadt } 837 1.14 phil if(__ypexclude != (DB *)NULL) { 838 1.14 phil (void)(__ypexclude->close)(__ypexclude); 839 1.14 phil __ypexclude = (DB *)NULL; 840 1.14 phil } 841 1.14 phil __ypproto = (struct passwd *)NULL; 842 1.10 deraadt return (struct passwd *)NULL; 843 1.4 deraadt } 844 1.10 deraadt #endif /* YP */ 845 1.1 cgd 846 1.1 cgd bf[0] = _PW_KEYBYUID; 847 1.1 cgd keyuid = uid; 848 1.1 cgd bcopy(&keyuid, bf + 1, sizeof(keyuid)); 849 1.1 cgd key.data = (u_char *)bf; 850 1.1 cgd key.size = sizeof(keyuid) + 1; 851 1.1 cgd rval = __hashpw(&key); 852 1.1 cgd 853 1.1 cgd if (!_pw_stayopen) { 854 1.1 cgd (void)(_pw_db->close)(_pw_db); 855 1.1 cgd _pw_db = (DB *)NULL; 856 1.1 cgd } 857 1.1 cgd return(rval ? &_pw_passwd : (struct passwd *)NULL); 858 1.1 cgd } 859 1.1 cgd 860 1.1 cgd int 861 1.1 cgd setpassent(stayopen) 862 1.1 cgd int stayopen; 863 1.1 cgd { 864 1.1 cgd _pw_keynum = 0; 865 1.1 cgd _pw_stayopen = stayopen; 866 1.9 jtc #ifdef YP 867 1.14 phil __ypmode = YPMODE_NONE; 868 1.9 jtc if(__ypcurrent) 869 1.9 jtc free(__ypcurrent); 870 1.9 jtc __ypcurrent = NULL; 871 1.14 phil if(__ypexclude != (DB *)NULL) { 872 1.14 phil (void)(__ypexclude->close)(__ypexclude); 873 1.14 phil __ypexclude = (DB *)NULL; 874 1.14 phil } 875 1.14 phil __ypproto = (struct passwd *)NULL; 876 1.9 jtc #endif 877 1.1 cgd return(1); 878 1.1 cgd } 879 1.1 cgd 880 1.8 jtc void 881 1.1 cgd setpwent() 882 1.1 cgd { 883 1.9 jtc (void) setpassent(0); 884 1.1 cgd } 885 1.1 cgd 886 1.1 cgd void 887 1.1 cgd endpwent() 888 1.1 cgd { 889 1.1 cgd _pw_keynum = 0; 890 1.1 cgd if (_pw_db) { 891 1.1 cgd (void)(_pw_db->close)(_pw_db); 892 1.1 cgd _pw_db = (DB *)NULL; 893 1.1 cgd } 894 1.4 deraadt #ifdef YP 895 1.14 phil __ypmode = YPMODE_NONE; 896 1.4 deraadt if(__ypcurrent) 897 1.4 deraadt free(__ypcurrent); 898 1.4 deraadt __ypcurrent = NULL; 899 1.14 phil if(__ypexclude != (DB *)NULL) { 900 1.14 phil (void)(__ypexclude->close)(__ypexclude); 901 1.14 phil __ypexclude = (DB *)NULL; 902 1.14 phil } 903 1.14 phil __ypproto = (struct passwd *)NULL; 904 1.4 deraadt #endif 905 1.1 cgd } 906 1.1 cgd 907 1.4 deraadt static int 908 1.1 cgd __initdb() 909 1.1 cgd { 910 1.1 cgd static int warned; 911 1.1 cgd char *p; 912 1.1 cgd 913 1.14 phil #ifdef YP 914 1.14 phil __ypmode = YPMODE_NONE; 915 1.14 phil #endif 916 1.1 cgd p = (geteuid()) ? _PATH_MP_DB : _PATH_SMP_DB; 917 1.3 proven _pw_db = dbopen(p, O_RDONLY, 0, DB_HASH, NULL); 918 1.1 cgd if (_pw_db) 919 1.1 cgd return(1); 920 1.1 cgd if (!warned) 921 1.1 cgd syslog(LOG_ERR, "%s: %m", p); 922 1.11 deraadt warned = 1; 923 1.1 cgd return(0); 924 1.1 cgd } 925 1.1 cgd 926 1.4 deraadt static int 927 1.1 cgd __hashpw(key) 928 1.1 cgd DBT *key; 929 1.1 cgd { 930 1.17 lukem char *p, *t; 931 1.1 cgd static u_int max; 932 1.1 cgd static char *line; 933 1.1 cgd DBT data; 934 1.1 cgd 935 1.1 cgd if ((_pw_db->get)(_pw_db, key, &data, 0)) 936 1.1 cgd return(0); 937 1.1 cgd p = (char *)data.data; 938 1.14 phil if (data.size > max && !(line = realloc(line, (max += 1024)))) 939 1.1 cgd return(0); 940 1.1 cgd 941 1.24 perry /* THIS CODE MUST MATCH THAT IN pwd_mkdb. */ 942 1.1 cgd t = line; 943 1.14 phil #define EXPAND(e) e = t; while ((*t++ = *p++)); 944 1.24 perry #define SCALAR(v) memmove(&(v), p, sizeof v); p += sizeof v 945 1.1 cgd EXPAND(_pw_passwd.pw_name); 946 1.1 cgd EXPAND(_pw_passwd.pw_passwd); 947 1.24 perry SCALAR(_pw_passwd.pw_uid); 948 1.24 perry SCALAR(_pw_passwd.pw_gid); 949 1.24 perry SCALAR(_pw_passwd.pw_change); 950 1.1 cgd EXPAND(_pw_passwd.pw_class); 951 1.1 cgd EXPAND(_pw_passwd.pw_gecos); 952 1.1 cgd EXPAND(_pw_passwd.pw_dir); 953 1.1 cgd EXPAND(_pw_passwd.pw_shell); 954 1.24 perry SCALAR(_pw_passwd.pw_expire); 955 1.14 phil 956 1.14 phil /* See if there's any data left. If so, read in flags. */ 957 1.14 phil if (data.size > (p - (char *)data.data)) { 958 1.24 perry SCALAR(_pw_flags); 959 1.14 phil } else 960 1.14 phil _pw_flags = _PASSWORD_NOUID|_PASSWORD_NOGID; /* default */ 961 1.14 phil 962 1.1 cgd return(1); 963 1.1 cgd } 964
Indexes created Mon Sep 22 13:09:51 GMT 2025