Home | History | Annotate | Line # | Download | only in gen
getpwent.c revision 1.36
      1  1.36     lukem /*	$NetBSD: getpwent.c,v 1.36 1999/01/19 08:30:47 lukem Exp $	*/
      2  1.12       cgd 
      3   1.1       cgd /*
      4  1.12       cgd  * Copyright (c) 1988, 1993
      5  1.12       cgd  *	The Regents of the University of California.  All rights reserved.
      6  1.14      phil  * Portions Copyright (c) 1994, 1995, Jason Downs.  All rights reserved.
      7   1.1       cgd  *
      8   1.1       cgd  * Redistribution and use in source and binary forms, with or without
      9   1.1       cgd  * modification, are permitted provided that the following conditions
     10   1.1       cgd  * are met:
     11   1.1       cgd  * 1. Redistributions of source code must retain the above copyright
     12   1.1       cgd  *    notice, this list of conditions and the following disclaimer.
     13   1.1       cgd  * 2. Redistributions in binary form must reproduce the above copyright
     14   1.1       cgd  *    notice, this list of conditions and the following disclaimer in the
     15   1.1       cgd  *    documentation and/or other materials provided with the distribution.
     16   1.1       cgd  * 3. All advertising materials mentioning features or use of this software
     17   1.1       cgd  *    must display the following acknowledgement:
     18   1.1       cgd  *	This product includes software developed by the University of
     19   1.1       cgd  *	California, Berkeley and its contributors.
     20   1.1       cgd  * 4. Neither the name of the University nor the names of its contributors
     21   1.1       cgd  *    may be used to endorse or promote products derived from this software
     22   1.1       cgd  *    without specific prior written permission.
     23   1.1       cgd  *
     24   1.1       cgd  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
     25   1.1       cgd  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     26   1.1       cgd  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
     27   1.1       cgd  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
     28   1.1       cgd  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
     29   1.1       cgd  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
     30   1.1       cgd  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     31   1.1       cgd  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     32   1.1       cgd  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
     33   1.1       cgd  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
     34   1.1       cgd  * SUCH DAMAGE.
     35   1.1       cgd  */
     36   1.1       cgd 
     37  1.22  christos #include <sys/cdefs.h>
     38   1.1       cgd #if defined(LIBC_SCCS) && !defined(lint)
     39  1.12       cgd #if 0
     40  1.24     perry static char sccsid[] = "@(#)getpwent.c	8.2 (Berkeley) 4/27/95";
     41  1.12       cgd #else
     42  1.36     lukem __RCSID("$NetBSD: getpwent.c,v 1.36 1999/01/19 08:30:47 lukem Exp $");
     43  1.12       cgd #endif
     44   1.1       cgd #endif /* LIBC_SCCS and not lint */
     45   1.1       cgd 
     46  1.23       jtc #include "namespace.h"
     47   1.1       cgd #include <sys/param.h>
     48   1.1       cgd #include <fcntl.h>
     49   1.1       cgd #include <db.h>
     50   1.1       cgd #include <syslog.h>
     51   1.1       cgd #include <pwd.h>
     52   1.1       cgd #include <utmp.h>
     53   1.1       cgd #include <errno.h>
     54   1.1       cgd #include <unistd.h>
     55   1.1       cgd #include <stdlib.h>
     56   1.1       cgd #include <string.h>
     57   1.1       cgd #include <limits.h>
     58  1.14      phil #include <netgroup.h>
     59  1.32     lukem #include <nsswitch.h>
     60  1.32     lukem #ifdef HESIOD
     61  1.32     lukem #include <hesiod.h>
     62  1.32     lukem #endif
     63   1.4   deraadt #ifdef YP
     64  1.14      phil #include <machine/param.h>
     65   1.4   deraadt #include <stdio.h>
     66   1.4   deraadt #include <rpc/rpc.h>
     67   1.4   deraadt #include <rpcsvc/yp_prot.h>
     68   1.4   deraadt #include <rpcsvc/ypclnt.h>
     69  1.23       jtc #endif
     70  1.23       jtc 
     71  1.27   thorpej #include "pw_private.h"
     72  1.27   thorpej 
     73  1.23       jtc #ifdef __weak_alias
     74  1.23       jtc __weak_alias(endpwent,_endpwent);
     75  1.23       jtc __weak_alias(getpwent,_getpwent);
     76  1.23       jtc __weak_alias(getpwnam,_getpwnam);
     77  1.23       jtc __weak_alias(getpwuid,_getpwuid);
     78  1.23       jtc __weak_alias(setpassent,_setpassent);
     79  1.23       jtc __weak_alias(setpwent,_setpwent);
     80   1.4   deraadt #endif
     81   1.1       cgd 
     82  1.24     perry 
     83  1.24     perry /*
     84  1.24     perry  * The lookup techniques and data extraction code here must be kept
     85  1.24     perry  * in sync with that in `pwd_mkdb'.
     86  1.24     perry  */
     87  1.24     perry 
     88   1.1       cgd static struct passwd _pw_passwd;	/* password structure */
     89   1.1       cgd static DB *_pw_db;			/* password database */
     90   1.1       cgd static int _pw_keynum;			/* key counter */
     91   1.1       cgd static int _pw_stayopen;		/* keep fd's open */
     92  1.14      phil static int _pw_flags;			/* password flags */
     93  1.32     lukem static int _pw_none;			/* true if getpwent got EOF */
     94  1.32     lukem 
     95  1.14      phil static int __hashpw __P((DBT *));
     96  1.14      phil static int __initdb __P((void));
     97  1.14      phil 
     98  1.14      phil const char __yp_token[] = "__YP!";	/* Let pwd_mkdb pull this in. */
     99  1.36     lukem static const ns_src compatsrc[] = {
    100  1.36     lukem 	{ NSSRC_COMPAT, NS_SUCCESS },
    101  1.36     lukem 	{ 0 }
    102  1.36     lukem };
    103   1.1       cgd 
    104   1.4   deraadt #ifdef YP
    105  1.32     lukem static char     *__ypcurrent, *__ypdomain;
    106  1.32     lukem static int      __ypcurrentlen;
    107  1.32     lukem #endif
    108  1.32     lukem 
    109  1.32     lukem #ifdef HESIOD
    110  1.32     lukem static int	_pw_hesnum;
    111  1.32     lukem #endif
    112  1.32     lukem 
    113  1.32     lukem #if defined(YP) || defined(HESIOD)
    114  1.32     lukem enum _pwmode { PWMODE_NONE, PWMODE_FULL, PWMODE_USER, PWMODE_NETGRP };
    115  1.32     lukem static enum _pwmode __pwmode;
    116  1.14      phil 
    117  1.26     lukem enum _ypmap { YPMAP_NONE, YPMAP_ADJUNCT, YPMAP_MASTER };
    118  1.26     lukem 
    119  1.32     lukem static struct passwd	*__pwproto = (struct passwd *)NULL;
    120  1.32     lukem static int		 __pwproto_flags;
    121  1.32     lukem static char		 line[1024];
    122  1.32     lukem static long		 prbuf[1024 / sizeof(long)];
    123  1.32     lukem static DB		*__pwexclude = (DB *)NULL;
    124  1.32     lukem 
    125  1.32     lukem static int	__pwexclude_add __P((const char *));
    126  1.32     lukem static int	__pwexclude_is __P((const char *));
    127  1.32     lukem static void	__pwproto_set __P((void));
    128  1.32     lukem static int	__ypmaptype __P((void));
    129  1.32     lukem static int	__pwparse __P((struct passwd *, char *));
    130  1.14      phil 
    131  1.26     lukem 	/* macros for deciding which YP maps to use. */
    132  1.26     lukem #define PASSWD_BYNAME	(__ypmaptype() == YPMAP_MASTER \
    133  1.26     lukem 			    ? "master.passwd.byname" : "passwd.byname")
    134  1.26     lukem #define PASSWD_BYUID	(__ypmaptype() == YPMAP_MASTER \
    135  1.26     lukem 			    ? "master.passwd.byuid" : "passwd.byuid")
    136  1.26     lukem 
    137  1.32     lukem /*
    138  1.32     lukem  * add a name to the compat mode exclude list
    139  1.32     lukem  */
    140  1.14      phil static int
    141  1.32     lukem __pwexclude_add(name)
    142  1.26     lukem 	const char *name;
    143  1.14      phil {
    144  1.30  christos 	DBT key;
    145  1.30  christos 	DBT data;
    146  1.14      phil 
    147  1.14      phil 	/* initialize the exclusion table if needed. */
    148  1.32     lukem 	if(__pwexclude == (DB *)NULL) {
    149  1.32     lukem 		__pwexclude = dbopen(NULL, O_RDWR, 600, DB_HASH, NULL);
    150  1.32     lukem 		if(__pwexclude == (DB *)NULL)
    151  1.32     lukem 			return 1;
    152  1.14      phil 	}
    153  1.14      phil 
    154  1.14      phil 	/* set up the key */
    155  1.30  christos 	key.size = strlen(name);
    156  1.30  christos 	/* LINTED key does not get modified */
    157  1.14      phil 	key.data = (char *)name;
    158  1.14      phil 
    159  1.14      phil 	/* data is nothing. */
    160  1.14      phil 	data.data = NULL;
    161  1.14      phil 	data.size = 0;
    162  1.14      phil 
    163  1.14      phil 	/* store it */
    164  1.32     lukem 	if((__pwexclude->put)(__pwexclude, &key, &data, 0) == -1)
    165  1.32     lukem 		return 1;
    166  1.14      phil 
    167  1.32     lukem 	return 0;
    168  1.14      phil }
    169  1.14      phil 
    170  1.32     lukem /*
    171  1.32     lukem  * test if a name is on the compat mode exclude list
    172  1.32     lukem  */
    173  1.14      phil static int
    174  1.32     lukem __pwexclude_is(name)
    175  1.26     lukem 	const char *name;
    176  1.14      phil {
    177  1.31  christos 	DBT key;
    178  1.30  christos 	DBT data;
    179  1.14      phil 
    180  1.32     lukem 	if(__pwexclude == (DB *)NULL)
    181  1.32     lukem 		return 0;	/* nothing excluded */
    182  1.14      phil 
    183  1.14      phil 	/* set up the key */
    184  1.30  christos 	key.size = strlen(name);
    185  1.30  christos 	/* LINTED key does not get modified */
    186  1.14      phil 	key.data = (char *)name;
    187  1.14      phil 
    188  1.32     lukem 	if((__pwexclude->get)(__pwexclude, &key, &data, 0) == 0)
    189  1.32     lukem 		return 1;	/* excluded */
    190  1.14      phil 
    191  1.32     lukem 	return 0;
    192  1.14      phil }
    193  1.14      phil 
    194  1.32     lukem /*
    195  1.32     lukem  * setup the compat mode prototype template
    196  1.32     lukem  */
    197  1.14      phil static void
    198  1.32     lukem __pwproto_set()
    199  1.14      phil {
    200  1.17     lukem 	char *ptr;
    201  1.17     lukem 	struct passwd *pw = &_pw_passwd;
    202  1.14      phil 
    203  1.14      phil 	/* make this the new prototype */
    204  1.30  christos 	ptr = (char *)(void *)prbuf;
    205  1.14      phil 
    206  1.14      phil 	/* first allocate the struct. */
    207  1.32     lukem 	__pwproto = (struct passwd *)ptr;
    208  1.14      phil 	ptr += sizeof(struct passwd);
    209  1.14      phil 
    210  1.14      phil 	/* name */
    211  1.14      phil 	if(pw->pw_name && (pw->pw_name)[0]) {
    212  1.32     lukem 		ptr = (char *)ALIGN(ptr);
    213  1.29     perry 		memmove(ptr, pw->pw_name, strlen(pw->pw_name) + 1);
    214  1.32     lukem 		__pwproto->pw_name = ptr;
    215  1.14      phil 		ptr += (strlen(pw->pw_name) + 1);
    216  1.14      phil 	} else
    217  1.32     lukem 		__pwproto->pw_name = (char *)NULL;
    218  1.14      phil 
    219  1.14      phil 	/* password */
    220  1.14      phil 	if(pw->pw_passwd && (pw->pw_passwd)[0]) {
    221  1.32     lukem 		ptr = (char *)ALIGN(ptr);
    222  1.29     perry 		memmove(ptr, pw->pw_passwd, strlen(pw->pw_passwd) + 1);
    223  1.32     lukem 		__pwproto->pw_passwd = ptr;
    224  1.14      phil 		ptr += (strlen(pw->pw_passwd) + 1);
    225  1.14      phil 	} else
    226  1.32     lukem 		__pwproto->pw_passwd = (char *)NULL;
    227  1.14      phil 
    228  1.14      phil 	/* uid */
    229  1.32     lukem 	__pwproto->pw_uid = pw->pw_uid;
    230  1.14      phil 
    231  1.14      phil 	/* gid */
    232  1.32     lukem 	__pwproto->pw_gid = pw->pw_gid;
    233  1.14      phil 
    234  1.14      phil 	/* change (ignored anyway) */
    235  1.32     lukem 	__pwproto->pw_change = pw->pw_change;
    236  1.14      phil 
    237  1.14      phil 	/* class (ignored anyway) */
    238  1.32     lukem 	__pwproto->pw_class = "";
    239  1.14      phil 
    240  1.14      phil 	/* gecos */
    241  1.14      phil 	if(pw->pw_gecos && (pw->pw_gecos)[0]) {
    242  1.32     lukem 		ptr = (char *)ALIGN(ptr);
    243  1.29     perry 		memmove(ptr, pw->pw_gecos, strlen(pw->pw_gecos) + 1);
    244  1.32     lukem 		__pwproto->pw_gecos = ptr;
    245  1.14      phil 		ptr += (strlen(pw->pw_gecos) + 1);
    246  1.14      phil 	} else
    247  1.32     lukem 		__pwproto->pw_gecos = (char *)NULL;
    248  1.14      phil 
    249  1.14      phil 	/* dir */
    250  1.14      phil 	if(pw->pw_dir && (pw->pw_dir)[0]) {
    251  1.32     lukem 		ptr = (char *)ALIGN(ptr);
    252  1.29     perry 		memmove(ptr, pw->pw_dir, strlen(pw->pw_dir) + 1);
    253  1.32     lukem 		__pwproto->pw_dir = ptr;
    254  1.14      phil 		ptr += (strlen(pw->pw_dir) + 1);
    255  1.14      phil 	} else
    256  1.32     lukem 		__pwproto->pw_dir = (char *)NULL;
    257  1.14      phil 
    258  1.14      phil 	/* shell */
    259  1.14      phil 	if(pw->pw_shell && (pw->pw_shell)[0]) {
    260  1.32     lukem 		ptr = (char *)ALIGN(ptr);
    261  1.29     perry 		memmove(ptr, pw->pw_shell, strlen(pw->pw_shell) + 1);
    262  1.32     lukem 		__pwproto->pw_shell = ptr;
    263  1.14      phil 		ptr += (strlen(pw->pw_shell) + 1);
    264  1.14      phil 	} else
    265  1.32     lukem 		__pwproto->pw_shell = (char *)NULL;
    266  1.14      phil 
    267  1.14      phil 	/* expire (ignored anyway) */
    268  1.32     lukem 	__pwproto->pw_expire = pw->pw_expire;
    269  1.14      phil 
    270  1.14      phil 	/* flags */
    271  1.32     lukem 	__pwproto_flags = _pw_flags;
    272  1.14      phil }
    273   1.4   deraadt 
    274   1.5   deraadt static int
    275  1.26     lukem __ypmaptype()
    276  1.26     lukem {
    277  1.26     lukem 	static int maptype = -1;
    278  1.26     lukem 	int order, r;
    279  1.26     lukem 
    280  1.26     lukem 	if (maptype != -1)
    281  1.26     lukem 		return (maptype);
    282  1.26     lukem 
    283  1.26     lukem 	maptype = YPMAP_NONE;
    284  1.26     lukem 	if (geteuid() != 0)
    285  1.26     lukem 		return (maptype);
    286  1.26     lukem 
    287  1.26     lukem 	if (!__ypdomain) {
    288  1.26     lukem 		if( _yp_check(&__ypdomain) == 0)
    289  1.26     lukem 			return (maptype);
    290  1.26     lukem 	}
    291  1.26     lukem 
    292  1.26     lukem 	r = yp_order(__ypdomain, "master.passwd.byname", &order);
    293  1.26     lukem 	if (r == 0) {
    294  1.26     lukem 		maptype = YPMAP_MASTER;
    295  1.26     lukem 		return (maptype);
    296  1.26     lukem 	}
    297  1.26     lukem 
    298  1.26     lukem 	/*
    299  1.26     lukem 	 * NIS+ in YP compat mode doesn't support
    300  1.26     lukem 	 * YPPROC_ORDER -- no point in continuing.
    301  1.26     lukem 	 */
    302  1.26     lukem 	if (r == YPERR_YPERR)
    303  1.26     lukem 		return (maptype);
    304  1.26     lukem 
    305  1.26     lukem 	/* master.passwd doesn't exist -- try passwd.adjunct */
    306  1.26     lukem 	if (r == YPERR_MAP) {
    307  1.26     lukem 		r = yp_order(__ypdomain, "passwd.adjunct.byname", &order);
    308  1.26     lukem 		if (r == 0)
    309  1.26     lukem 			maptype = YPMAP_ADJUNCT;
    310  1.26     lukem 		return (maptype);
    311  1.26     lukem 	}
    312  1.26     lukem 
    313  1.26     lukem 	return (maptype);
    314  1.26     lukem }
    315  1.26     lukem 
    316  1.32     lukem /*
    317  1.32     lukem  * parse an old-style passwd file line (from NIS or HESIOD)
    318  1.32     lukem  */
    319  1.26     lukem static int
    320  1.32     lukem __pwparse(pw, s)
    321  1.26     lukem 	struct passwd *pw;
    322  1.26     lukem 	char *s;
    323   1.4   deraadt {
    324  1.26     lukem 	static char adjunctpw[YPMAXRECORD + 2];
    325  1.26     lukem 	int flags, maptype;
    326   1.4   deraadt 
    327  1.26     lukem 	maptype = __ypmaptype();
    328  1.26     lukem 	flags = _PASSWORD_NOWARN;
    329  1.26     lukem 	if (maptype != YPMAP_MASTER)
    330  1.26     lukem 		flags |= _PASSWORD_OLDFMT;
    331  1.27   thorpej 	if (! __pw_scan(s, pw, &flags))
    332  1.13   mycroft 		return 1;
    333  1.14      phil 
    334  1.14      phil 	/* now let the prototype override, if set. */
    335  1.32     lukem 	if(__pwproto != (struct passwd *)NULL) {
    336  1.32     lukem #ifdef PW_OVERRIDE_PASSWD
    337  1.32     lukem 		if(__pwproto->pw_passwd != (char *)NULL)
    338  1.32     lukem 			pw->pw_passwd = __pwproto->pw_passwd;
    339  1.14      phil #endif
    340  1.32     lukem 		if(!(__pwproto_flags & _PASSWORD_NOUID))
    341  1.32     lukem 			pw->pw_uid = __pwproto->pw_uid;
    342  1.32     lukem 		if(!(__pwproto_flags & _PASSWORD_NOGID))
    343  1.32     lukem 			pw->pw_gid = __pwproto->pw_gid;
    344  1.32     lukem 		if(__pwproto->pw_gecos != (char *)NULL)
    345  1.32     lukem 			pw->pw_gecos = __pwproto->pw_gecos;
    346  1.32     lukem 		if(__pwproto->pw_dir != (char *)NULL)
    347  1.32     lukem 			pw->pw_dir = __pwproto->pw_dir;
    348  1.32     lukem 		if(__pwproto->pw_shell != (char *)NULL)
    349  1.32     lukem 			pw->pw_shell = __pwproto->pw_shell;
    350  1.14      phil 	}
    351  1.26     lukem 	if ((maptype == YPMAP_ADJUNCT) &&
    352  1.26     lukem 	    (strstr(pw->pw_passwd, "##") != NULL)) {
    353  1.26     lukem 		char *data, *bp;
    354  1.26     lukem 		int datalen;
    355  1.26     lukem 
    356  1.26     lukem 		if (yp_match(__ypdomain, "passwd.adjunct.byname", pw->pw_name,
    357  1.30  christos 		    (int)strlen(pw->pw_name), &data, &datalen) == 0) {
    358  1.26     lukem 			if (datalen > sizeof(adjunctpw) - 1)
    359  1.26     lukem 				datalen = sizeof(adjunctpw) - 1;
    360  1.32     lukem 			strncpy(adjunctpw, data, datalen);
    361  1.26     lukem 
    362  1.26     lukem 				/* skip name to get password */
    363  1.26     lukem 			if ((bp = strsep(&data, ":")) != NULL &&
    364  1.26     lukem 			    (bp = strsep(&data, ":")) != NULL)
    365  1.26     lukem 				pw->pw_passwd = bp;
    366  1.26     lukem 		}
    367  1.26     lukem 	}
    368   1.4   deraadt 	return 0;
    369   1.4   deraadt }
    370  1.32     lukem #endif /* YP || HESIOD */
    371  1.32     lukem 
    372  1.32     lukem /*
    373  1.32     lukem  * local files implementation of getpw*()
    374  1.32     lukem  * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ]
    375  1.32     lukem  */
    376  1.32     lukem static int	_local_getpw __P((void *, void *, va_list));
    377   1.4   deraadt 
    378  1.32     lukem static int
    379  1.32     lukem _local_getpw(rv, cb_data, ap)
    380  1.32     lukem 	void	*rv;
    381  1.32     lukem 	void	*cb_data;
    382  1.32     lukem 	va_list	 ap;
    383   1.1       cgd {
    384  1.32     lukem 	DBT		 key;
    385  1.35     lukem 	char		 bf[MAX(MAXLOGNAME, sizeof(_pw_keynum)) + 1];
    386  1.32     lukem 	uid_t		 uid;
    387  1.32     lukem 	int		 search, len, rval;
    388  1.32     lukem 	const char	*name;
    389   1.1       cgd 
    390   1.1       cgd 	if (!_pw_db && !__initdb())
    391  1.32     lukem 		return NS_UNAVAIL;
    392  1.32     lukem 
    393  1.32     lukem 	search = va_arg(ap, int);
    394  1.32     lukem 	bf[0] = search;
    395  1.32     lukem 	switch (search) {
    396  1.32     lukem 	case _PW_KEYBYNUM:
    397  1.32     lukem 		++_pw_keynum;
    398  1.32     lukem 		memmove(bf + 1, (char *)&_pw_keynum, sizeof(_pw_keynum));
    399  1.32     lukem 		key.size = sizeof(_pw_keynum) + 1;
    400  1.32     lukem 		break;
    401  1.32     lukem 	case _PW_KEYBYNAME:
    402  1.32     lukem 		name = va_arg(ap, const char *);
    403  1.32     lukem 		len = strlen(name);
    404  1.35     lukem 		memmove(bf + 1, name, MIN(len, MAXLOGNAME));
    405  1.32     lukem 		key.size = len + 1;
    406  1.32     lukem 		break;
    407  1.32     lukem 	case _PW_KEYBYUID:
    408  1.32     lukem 		uid = va_arg(ap, uid_t);
    409  1.32     lukem 		memmove(bf + 1, (char *)&uid, sizeof(len));
    410  1.32     lukem 		key.size = sizeof(uid) + 1;
    411  1.32     lukem 		break;
    412  1.32     lukem 	default:
    413  1.32     lukem 		abort();
    414  1.32     lukem 	}
    415  1.32     lukem 
    416  1.32     lukem 	key.data = (u_char *)bf;
    417  1.32     lukem 	rval = __hashpw(&key);
    418  1.32     lukem 	if (rval == NS_NOTFOUND && search == _PW_KEYBYNUM) {
    419  1.32     lukem 		_pw_none = 1;
    420  1.32     lukem 		rval = NS_SUCCESS;
    421  1.32     lukem 	}
    422  1.32     lukem 
    423  1.32     lukem 	if (!_pw_stayopen && (search != _PW_KEYBYNUM)) {
    424  1.32     lukem 		(void)(_pw_db->close)(_pw_db);
    425  1.32     lukem 		_pw_db = (DB *)NULL;
    426  1.32     lukem 	}
    427  1.32     lukem 	return (rval);
    428  1.32     lukem }
    429  1.32     lukem 
    430  1.32     lukem #ifdef HESIOD
    431  1.32     lukem /*
    432  1.32     lukem  * hesiod implementation of getpw*()
    433  1.32     lukem  * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ]
    434  1.32     lukem  */
    435  1.32     lukem static int	_dns_getpw __P((void *, void *, va_list));
    436  1.32     lukem 
    437  1.32     lukem static int
    438  1.32     lukem _dns_getpw(rv, cb_data, ap)
    439  1.32     lukem 	void	*rv;
    440  1.32     lukem 	void	*cb_data;
    441  1.32     lukem 	va_list	 ap;
    442  1.32     lukem {
    443  1.32     lukem 	const char	 *name;
    444  1.32     lukem 	uid_t		  uid;
    445  1.32     lukem 	int		  search;
    446  1.32     lukem 	char		**hp;
    447  1.32     lukem 
    448  1.32     lukem 
    449  1.32     lukem 	search = va_arg(ap, int);
    450  1.32     lukem 	switch (search) {
    451  1.32     lukem 	case _PW_KEYBYNUM:
    452  1.32     lukem 		snprintf(line, sizeof(line) - 1, "passwd-%u", _pw_hesnum);
    453  1.32     lukem 		_pw_hesnum++;
    454  1.32     lukem 		break;
    455  1.32     lukem 	case _PW_KEYBYNAME:
    456  1.32     lukem 		name = va_arg(ap, const char *);
    457  1.32     lukem 		strncpy(line, name, sizeof(line));
    458  1.32     lukem 		break;
    459  1.32     lukem 	case _PW_KEYBYUID:
    460  1.32     lukem 		uid = va_arg(ap, uid_t);
    461  1.33     lukem 		snprintf(line, sizeof(line), "%u", (unsigned int)uid);
    462  1.32     lukem 		break;
    463  1.32     lukem 	default:
    464  1.32     lukem 		abort();
    465  1.32     lukem 	}
    466  1.32     lukem 	line[sizeof(line) - 1] = '\0';
    467  1.32     lukem 
    468  1.32     lukem 	hp = hes_resolve(line, "passwd");
    469  1.32     lukem 	if (hp == NULL) {
    470  1.32     lukem 		switch (hes_error()) {
    471  1.32     lukem 		case HES_ER_NOTFOUND:
    472  1.32     lukem 			if (search == _PW_KEYBYNUM) {
    473  1.32     lukem 				_pw_hesnum = 0;
    474  1.32     lukem 				_pw_none = 1;
    475  1.32     lukem 				return NS_SUCCESS;
    476  1.32     lukem 			}
    477  1.32     lukem 			return NS_NOTFOUND;
    478  1.32     lukem 		case HES_ER_OK:
    479  1.32     lukem 			abort();
    480  1.32     lukem 		default:
    481  1.32     lukem 			return NS_UNAVAIL;
    482  1.32     lukem 		}
    483  1.32     lukem 	}
    484  1.32     lukem 
    485  1.32     lukem 	strncpy(line, hp[0], sizeof(line));	/* only check first elem */
    486  1.32     lukem 	line[sizeof(line) - 1] = '\0';
    487  1.32     lukem 	hes_free(hp);
    488  1.32     lukem 	if (__pwparse(&_pw_passwd, line))
    489  1.32     lukem 		return NS_UNAVAIL;
    490  1.32     lukem 	return NS_SUCCESS;
    491  1.32     lukem }
    492  1.32     lukem #endif
    493   1.1       cgd 
    494   1.4   deraadt #ifdef YP
    495  1.32     lukem /*
    496  1.32     lukem  * nis implementation of getpw*()
    497  1.32     lukem  * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ]
    498  1.32     lukem  */
    499  1.32     lukem static int	_nis_getpw __P((void *, void *, va_list));
    500  1.14      phil 
    501  1.32     lukem static int
    502  1.32     lukem _nis_getpw(rv, cb_data, ap)
    503  1.32     lukem 	void	*rv;
    504  1.32     lukem 	void	*cb_data;
    505  1.32     lukem 	va_list	 ap;
    506  1.32     lukem {
    507  1.32     lukem 	const char	*name;
    508  1.32     lukem 	uid_t		 uid;
    509  1.32     lukem 	int		 search;
    510  1.32     lukem 	char		*key, *data;
    511  1.32     lukem 	char		*map = PASSWD_BYNAME;
    512  1.32     lukem 	int		 keylen, datalen, r;
    513  1.32     lukem 
    514  1.32     lukem 	if(__ypdomain == NULL) {
    515  1.32     lukem 		if(_yp_check(&__ypdomain) == 0)
    516  1.32     lukem 			return NS_UNAVAIL;
    517  1.32     lukem 	}
    518  1.32     lukem 
    519  1.32     lukem 	search = va_arg(ap, int);
    520  1.32     lukem 	switch (search) {
    521  1.32     lukem 	case _PW_KEYBYNUM:
    522  1.32     lukem 		break;
    523  1.32     lukem 	case _PW_KEYBYNAME:
    524  1.32     lukem 		name = va_arg(ap, const char *);
    525  1.32     lukem 		strncpy(line, name, sizeof(line));
    526  1.32     lukem 		break;
    527  1.32     lukem 	case _PW_KEYBYUID:
    528  1.32     lukem 		uid = va_arg(ap, uid_t);
    529  1.33     lukem 		snprintf(line, sizeof(line), "%u", (unsigned int)uid);
    530  1.32     lukem 		map = PASSWD_BYUID;
    531  1.32     lukem 		break;
    532  1.32     lukem 	default:
    533  1.32     lukem 		abort();
    534  1.32     lukem 	}
    535  1.32     lukem 	line[sizeof(line) - 1] = '\0';
    536  1.32     lukem 	if (search != _PW_KEYBYNUM) {
    537  1.32     lukem 		data = NULL;
    538  1.32     lukem 		r = yp_match(__ypdomain, map, line, (int)strlen(line),
    539  1.32     lukem 				&data, &datalen);
    540  1.32     lukem 		switch (r) {
    541  1.32     lukem 		case 0:
    542  1.32     lukem 			break;
    543  1.32     lukem 		case YPERR_KEY:
    544  1.32     lukem 			r =  NS_NOTFOUND;
    545  1.32     lukem 			break;
    546  1.32     lukem 		default:
    547  1.32     lukem 			r = NS_UNAVAIL;
    548  1.32     lukem 			break;
    549  1.32     lukem 		}
    550  1.32     lukem 		if (r != 0) {
    551  1.32     lukem 			if (data)
    552  1.32     lukem 				free(data);
    553  1.32     lukem 			return r;
    554   1.4   deraadt 		}
    555  1.32     lukem 		data[datalen] = '\0';		/* clear trailing \n */
    556  1.32     lukem 		strncpy(line, data, sizeof(line));
    557  1.32     lukem 		line[sizeof(line) - 1] = '\0';
    558  1.32     lukem 		free(data);
    559  1.32     lukem 		if (__pwparse(&_pw_passwd, line))
    560  1.32     lukem 			return NS_UNAVAIL;
    561  1.32     lukem 		return NS_SUCCESS;
    562  1.32     lukem 	}
    563  1.32     lukem 
    564  1.32     lukem 	for (;;) {
    565  1.32     lukem 		data = key = NULL;
    566  1.32     lukem 		if (__ypcurrent) {
    567  1.32     lukem 			r = yp_next(__ypdomain, map,
    568  1.14      phil 					__ypcurrent, __ypcurrentlen,
    569  1.14      phil 					&key, &keylen, &data, &datalen);
    570  1.32     lukem 			free(__ypcurrent);
    571  1.32     lukem 			switch (r) {
    572  1.32     lukem 			case 0:
    573  1.32     lukem 				__ypcurrent = key;
    574  1.32     lukem 				__ypcurrentlen = keylen;
    575  1.32     lukem 				break;
    576  1.32     lukem 			case YPERR_NOMORE:
    577  1.32     lukem 				__ypcurrent = NULL;
    578  1.32     lukem 				_pw_none = 1;
    579  1.32     lukem 				if (key)
    580  1.32     lukem 					free(key);
    581  1.32     lukem 				return NS_SUCCESS;
    582  1.32     lukem 			default:
    583  1.32     lukem 				r = NS_UNAVAIL;
    584  1.32     lukem 				break;
    585  1.17     lukem 			}
    586  1.32     lukem 		} else {
    587  1.32     lukem 			r = 0;
    588  1.32     lukem 			if (yp_first(__ypdomain, map, &__ypcurrent,
    589  1.32     lukem 					&__ypcurrentlen, &data, &datalen))
    590  1.32     lukem 				r = NS_UNAVAIL;
    591  1.32     lukem 		}
    592  1.32     lukem 		if (r != 0) {
    593  1.32     lukem 			if (key)
    594  1.32     lukem 				free(key);
    595  1.32     lukem 			if (data)
    596  1.32     lukem 				free(data);
    597  1.32     lukem 			return r;
    598  1.32     lukem 		}
    599  1.32     lukem 		data[datalen] = '\0';		/* clear trailing \n */
    600  1.32     lukem 		strncpy(line, data, sizeof(line));
    601  1.32     lukem 		line[sizeof(line) - 1] = '\0';
    602  1.32     lukem 				free(data);
    603  1.32     lukem 		if (! __pwparse(&_pw_passwd, line))
    604  1.32     lukem 			return NS_SUCCESS;
    605  1.32     lukem 	}
    606  1.32     lukem 	/* NOTREACHED */
    607  1.32     lukem } /* _nis_getpw */
    608  1.32     lukem #endif
    609  1.32     lukem 
    610  1.32     lukem #if defined(YP) || defined(HESIOD)
    611  1.32     lukem /*
    612  1.32     lukem  * See if the compat token is in the database.  Only works if pwd_mkdb knows
    613  1.32     lukem  * about the token.
    614  1.32     lukem  */
    615  1.32     lukem static int	__has_compatpw __P((void));
    616  1.32     lukem 
    617  1.32     lukem static int
    618  1.32     lukem __has_compatpw()
    619  1.32     lukem {
    620  1.32     lukem 	DBT key, data;
    621  1.32     lukem 	DBT pkey, pdata;
    622  1.35     lukem 	char bf[MAXLOGNAME];
    623  1.32     lukem 
    624  1.32     lukem 	key.data = (u_char *)__yp_token;
    625  1.32     lukem 	key.size = strlen(__yp_token);
    626  1.32     lukem 
    627  1.32     lukem 	/* Pre-token database support. */
    628  1.32     lukem 	bf[0] = _PW_KEYBYNAME;
    629  1.35     lukem 	bf[1] = '+';
    630  1.32     lukem 	pkey.data = (u_char *)bf;
    631  1.35     lukem 	pkey.size = 2;
    632  1.32     lukem 
    633  1.32     lukem 	if ((_pw_db->get)(_pw_db, &key, &data, 0)
    634  1.32     lukem 	    && (_pw_db->get)(_pw_db, &pkey, &pdata, 0))
    635  1.32     lukem 		return 0;		/* No compat token */
    636  1.32     lukem 	return 1;
    637  1.32     lukem }
    638  1.32     lukem 
    639  1.32     lukem /*
    640  1.32     lukem  * log an error if "files" or "compat" is specified in passwd_compat database
    641  1.32     lukem  */
    642  1.32     lukem static int	_bad_getpw __P((void *, void *, va_list));
    643  1.32     lukem 
    644  1.32     lukem static int
    645  1.32     lukem _bad_getpw(rv, cb_data, ap)
    646  1.32     lukem 	void	*rv;
    647  1.32     lukem 	void	*cb_data;
    648  1.32     lukem 	va_list	 ap;
    649  1.32     lukem {
    650  1.32     lukem 	static int warned;
    651  1.32     lukem 	if (!warned) {
    652  1.32     lukem 		syslog(LOG_ERR,
    653  1.32     lukem 			"nsswitch.conf passwd_compat database can't use '%s'",
    654  1.32     lukem 			(char *)cb_data);
    655  1.32     lukem 	}
    656  1.32     lukem 	warned = 1;
    657  1.32     lukem 	return NS_UNAVAIL;
    658  1.32     lukem }
    659  1.32     lukem 
    660  1.32     lukem /*
    661  1.32     lukem  * when a name lookup in compat mode is required (e.g., '+name', or a name in
    662  1.32     lukem  * '+@netgroup'), look it up in the 'passwd_compat' nsswitch database.
    663  1.32     lukem  * only Hesiod and NIS is supported - it doesn't make sense to lookup
    664  1.32     lukem  * compat names from 'files' or 'compat'.
    665  1.32     lukem  */
    666  1.32     lukem static int	__getpwcompat __P((int, uid_t, const char *));
    667  1.32     lukem 
    668  1.32     lukem static int
    669  1.32     lukem __getpwcompat(type, uid, name)
    670  1.32     lukem 	int		 type;
    671  1.32     lukem 	uid_t		 uid;
    672  1.32     lukem 	const char	*name;
    673  1.32     lukem {
    674  1.36     lukem 	static const ns_dtab dtab[] = {
    675  1.35     lukem 		NS_FILES_CB(_bad_getpw, "files")
    676  1.35     lukem 		NS_DNS_CB(_dns_getpw, NULL)
    677  1.35     lukem 		NS_NIS_CB(_nis_getpw, NULL)
    678  1.35     lukem 		NS_COMPAT_CB(_bad_getpw, "compat")
    679  1.35     lukem 		{ 0 }
    680  1.32     lukem 	};
    681  1.36     lukem 	static const ns_src defaultnis[] = {
    682  1.36     lukem 		{ NSSRC_NIS, 	NS_SUCCESS },
    683  1.36     lukem 		{ 0 }
    684  1.36     lukem 	};
    685  1.32     lukem 
    686  1.32     lukem 	switch (type) {
    687  1.32     lukem 	case _PW_KEYBYNUM:
    688  1.35     lukem 		return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "getpwcompat",
    689  1.36     lukem 		    defaultnis, type);
    690  1.32     lukem 	case _PW_KEYBYNAME:
    691  1.35     lukem 		return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "getpwcompat",
    692  1.36     lukem 		    defaultnis, type, name);
    693  1.32     lukem 	case _PW_KEYBYUID:
    694  1.35     lukem 		return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "getpwcompat",
    695  1.36     lukem 		    defaultnis, type, uid);
    696  1.32     lukem 	default:
    697  1.32     lukem 		abort();
    698  1.32     lukem 	}
    699  1.32     lukem }
    700  1.32     lukem 
    701  1.32     lukem /*
    702  1.32     lukem  * compat implementation of getpwent()
    703  1.32     lukem  * varargs (ignored):
    704  1.32     lukem  *	type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ]
    705  1.32     lukem  */
    706  1.32     lukem static int	_compat_getpwent __P((void *, void *, va_list));
    707  1.32     lukem 
    708  1.32     lukem static int
    709  1.32     lukem _compat_getpwent(rv, cb_data, ap)
    710  1.32     lukem 	void	*rv;
    711  1.32     lukem 	void	*cb_data;
    712  1.32     lukem 	va_list	 ap;
    713  1.32     lukem {
    714  1.32     lukem 	DBT		 key;
    715  1.32     lukem 	char		 bf[sizeof(_pw_keynum) + 1];
    716  1.32     lukem 	static char	*name = NULL;
    717  1.32     lukem 	const char	*user, *host, *dom;
    718  1.32     lukem 	int		 has_compatpw;
    719  1.32     lukem 
    720  1.32     lukem 	if (!_pw_db && !__initdb())
    721  1.32     lukem 		return NS_UNAVAIL;
    722  1.32     lukem 
    723  1.32     lukem 	has_compatpw = __has_compatpw();
    724  1.32     lukem 
    725  1.32     lukem again:
    726  1.32     lukem 	if (has_compatpw && (__pwmode != PWMODE_NONE)) {
    727  1.32     lukem 		int r;
    728  1.32     lukem 
    729  1.32     lukem 		switch (__pwmode) {
    730  1.32     lukem 		case PWMODE_FULL:
    731  1.32     lukem 			r = __getpwcompat(_PW_KEYBYNUM, 0, NULL);
    732  1.32     lukem 			if (r == NS_SUCCESS)
    733  1.32     lukem 				return r;
    734  1.32     lukem 			__pwmode = PWMODE_NONE;
    735  1.14      phil 			break;
    736  1.32     lukem 
    737  1.32     lukem 		case PWMODE_NETGRP:
    738  1.32     lukem 			r = getnetgrent(&host, &user, &dom);
    739  1.32     lukem 			if (r == 0) {	/* end of group */
    740  1.14      phil 				endnetgrent();
    741  1.32     lukem 				__pwmode = PWMODE_NONE;
    742  1.32     lukem 				break;
    743  1.14      phil 			}
    744  1.32     lukem 			if (!user || !*user)
    745  1.32     lukem 				break;
    746  1.32     lukem 			r = __getpwcompat(_PW_KEYBYNAME, 0, user);
    747  1.32     lukem 			if (r == NS_SUCCESS)
    748  1.32     lukem 				return r;
    749  1.14      phil 			break;
    750  1.32     lukem 
    751  1.32     lukem 		case PWMODE_USER:
    752  1.32     lukem 			if (name == NULL) {
    753  1.32     lukem 				__pwmode = PWMODE_NONE;
    754  1.32     lukem 				break;
    755   1.4   deraadt 			}
    756  1.32     lukem 			r = __getpwcompat(_PW_KEYBYNAME, 0, name);
    757  1.32     lukem 			free(name);
    758  1.32     lukem 			name = NULL;
    759  1.32     lukem 			if (r == NS_SUCCESS)
    760  1.32     lukem 				return r;
    761  1.14      phil 			break;
    762  1.32     lukem 
    763  1.32     lukem 		case PWMODE_NONE:
    764  1.32     lukem 			abort();
    765   1.4   deraadt 		}
    766  1.32     lukem 		goto again;
    767   1.4   deraadt 	}
    768   1.4   deraadt 
    769   1.1       cgd 	++_pw_keynum;
    770   1.1       cgd 	bf[0] = _PW_KEYBYNUM;
    771  1.32     lukem 	memmove(bf + 1, (char *)&_pw_keynum, sizeof(_pw_keynum));
    772  1.32     lukem 	key.data = (u_char *)bf;
    773  1.32     lukem 	key.size = sizeof(_pw_keynum) + 1;
    774  1.32     lukem 	if(__hashpw(&key) == NS_SUCCESS) {
    775  1.14      phil 		/* if we don't have YP at all, don't bother. */
    776  1.32     lukem 		if (has_compatpw) {
    777  1.14      phil 			if(_pw_passwd.pw_name[0] == '+') {
    778  1.14      phil 				/* set the mode */
    779  1.14      phil 				switch(_pw_passwd.pw_name[1]) {
    780  1.14      phil 				case '\0':
    781  1.32     lukem 					__pwmode = PWMODE_FULL;
    782  1.14      phil 					break;
    783  1.14      phil 				case '@':
    784  1.32     lukem 					__pwmode = PWMODE_NETGRP;
    785  1.14      phil 					setnetgrent(_pw_passwd.pw_name + 2);
    786  1.14      phil 					break;
    787  1.14      phil 				default:
    788  1.32     lukem 					__pwmode = PWMODE_USER;
    789  1.14      phil 					name = strdup(_pw_passwd.pw_name + 1);
    790  1.14      phil 					break;
    791  1.14      phil 				}
    792  1.14      phil 
    793  1.14      phil 				/* save the prototype */
    794  1.32     lukem 				__pwproto_set();
    795  1.14      phil 				goto again;
    796  1.14      phil 			} else if(_pw_passwd.pw_name[0] == '-') {
    797  1.14      phil 				/* an attempted exclusion */
    798  1.14      phil 				switch(_pw_passwd.pw_name[1]) {
    799  1.14      phil 				case '\0':
    800  1.14      phil 					break;
    801  1.14      phil 				case '@':
    802  1.14      phil 					setnetgrent(_pw_passwd.pw_name + 2);
    803  1.14      phil 					while(getnetgrent(&host, &user, &dom)) {
    804  1.14      phil 						if(user && *user)
    805  1.32     lukem 							__pwexclude_add(user);
    806  1.14      phil 					}
    807  1.14      phil 					endnetgrent();
    808  1.14      phil 					break;
    809  1.14      phil 				default:
    810  1.32     lukem 					__pwexclude_add(_pw_passwd.pw_name + 1);
    811  1.14      phil 					break;
    812  1.14      phil 				}
    813  1.14      phil 				goto again;
    814  1.14      phil 			}
    815   1.4   deraadt 		}
    816  1.32     lukem 		return NS_SUCCESS;
    817   1.4   deraadt 	}
    818  1.32     lukem 	return NS_NOTFOUND;
    819   1.1       cgd }
    820   1.1       cgd 
    821  1.14      phil /*
    822  1.32     lukem  * compat implementation of getpwnam() and getpwuid()
    823  1.32     lukem  * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ]
    824  1.14      phil  */
    825  1.32     lukem static int	_compat_getpw __P((void *, void *, va_list));
    826  1.32     lukem 
    827  1.14      phil static int
    828  1.32     lukem _compat_getpw(rv, cb_data, ap)
    829  1.32     lukem 	void	*rv;
    830  1.32     lukem 	void	*cb_data;
    831  1.32     lukem 	va_list	 ap;
    832  1.14      phil {
    833  1.32     lukem 	DBT		key;
    834  1.34     lukem 	int		search, rval, r, s;
    835  1.32     lukem 	uid_t		uid;
    836  1.32     lukem 	char		bf[MAXLOGNAME + 1];
    837  1.34     lukem 	const char	*name, *host, *user, *dom;
    838  1.34     lukem 
    839  1.34     lukem 	if (!_pw_db && !__initdb())
    840  1.34     lukem 		return NS_UNAVAIL;
    841  1.34     lukem 
    842  1.34     lukem 		/*
    843  1.34     lukem 		 * If there isn't a compat token in the database, use files.
    844  1.34     lukem 		 */
    845  1.34     lukem 	if (! __has_compatpw())
    846  1.34     lukem 		return (_local_getpw(rv, cb_data, ap));
    847  1.32     lukem 
    848  1.32     lukem 	search = va_arg(ap, int);
    849  1.32     lukem 	uid = 0;
    850  1.32     lukem 	name = NULL;
    851  1.32     lukem 	rval = NS_NOTFOUND;
    852  1.32     lukem 	switch (search) {
    853  1.32     lukem 	case _PW_KEYBYNAME:
    854  1.32     lukem 		name = va_arg(ap, const char *);
    855  1.32     lukem 		break;
    856  1.32     lukem 	case _PW_KEYBYUID:
    857  1.32     lukem 		uid = va_arg(ap, uid_t);
    858  1.32     lukem 		break;
    859  1.32     lukem 	default:
    860  1.32     lukem 		abort();
    861  1.32     lukem 	}
    862  1.14      phil 
    863  1.34     lukem 	for(s = -1, _pw_keynum=1; _pw_keynum; _pw_keynum++) {
    864  1.34     lukem 		bf[0] = _PW_KEYBYNUM;
    865  1.34     lukem 		memmove(bf + 1, (char *)&_pw_keynum, sizeof(_pw_keynum));
    866  1.34     lukem 		key.data = (u_char *)bf;
    867  1.34     lukem 		key.size = sizeof(_pw_keynum) + 1;
    868  1.34     lukem 		if(__hashpw(&key) != NS_SUCCESS)
    869  1.34     lukem 			break;
    870  1.34     lukem 		switch(_pw_passwd.pw_name[0]) {
    871  1.34     lukem 		case '+':
    872  1.34     lukem 			/* save the prototype */
    873  1.34     lukem 			__pwproto_set();
    874  1.34     lukem 
    875  1.34     lukem 			switch(_pw_passwd.pw_name[1]) {
    876  1.34     lukem 			case '\0':
    877  1.34     lukem 				r = __getpwcompat(search, uid, name);
    878  1.34     lukem 				if (r != NS_SUCCESS)
    879  1.34     lukem 					continue;
    880  1.10   deraadt 				break;
    881  1.34     lukem 			case '@':
    882  1.14      phil pwnam_netgrp:
    883  1.34     lukem 				if(__ypcurrent) {
    884  1.34     lukem 					free(__ypcurrent);
    885  1.34     lukem 					__ypcurrent = NULL;
    886  1.34     lukem 				}
    887  1.34     lukem 				if (s == -1)		/* first time */
    888  1.34     lukem 					setnetgrent(_pw_passwd.pw_name + 2);
    889  1.34     lukem 				s = getnetgrent(&host, &user, &dom);
    890  1.34     lukem 				if (s == 0) {		/* end of group */
    891  1.34     lukem 					endnetgrent();
    892  1.34     lukem 					s = -1;
    893  1.34     lukem 					continue;
    894  1.34     lukem 				}
    895  1.34     lukem 				if (!user || !*user)
    896  1.34     lukem 					goto pwnam_netgrp;
    897  1.32     lukem 
    898  1.34     lukem 				r = __getpwcompat(_PW_KEYBYNAME, 0, user);
    899  1.32     lukem 
    900  1.34     lukem 				if (r == NS_UNAVAIL)
    901  1.34     lukem 					return r;
    902  1.34     lukem 				if (r == NS_NOTFOUND) {
    903  1.34     lukem 					/*
    904  1.34     lukem 					 * just because this user is bad
    905  1.34     lukem 					 * it doesn't mean they all are.
    906  1.34     lukem 					 */
    907  1.34     lukem 					goto pwnam_netgrp;
    908   1.4   deraadt 				}
    909  1.34     lukem 				break;
    910  1.34     lukem 			default:
    911  1.34     lukem 				user = _pw_passwd.pw_name + 1;
    912  1.34     lukem 				r = __getpwcompat(_PW_KEYBYNAME, 0, user);
    913  1.34     lukem 
    914  1.34     lukem 				if (r == NS_UNAVAIL)
    915  1.34     lukem 					return r;
    916  1.34     lukem 				if (r == NS_NOTFOUND)
    917  1.10   deraadt 					continue;
    918  1.14      phil 				break;
    919  1.34     lukem 			}
    920  1.34     lukem 			if(__pwexclude_is(_pw_passwd.pw_name)) {
    921  1.34     lukem 				if(s == 1)		/* inside netgroup */
    922  1.34     lukem 					goto pwnam_netgrp;
    923  1.34     lukem 				continue;
    924  1.34     lukem 			}
    925  1.34     lukem 			break;
    926  1.34     lukem 		case '-':
    927  1.34     lukem 			/* attempted exclusion */
    928  1.34     lukem 			switch(_pw_passwd.pw_name[1]) {
    929  1.34     lukem 			case '\0':
    930  1.34     lukem 				break;
    931  1.34     lukem 			case '@':
    932  1.34     lukem 				setnetgrent(_pw_passwd.pw_name + 2);
    933  1.34     lukem 				while(getnetgrent(&host, &user, &dom)) {
    934  1.34     lukem 					if(user && *user)
    935  1.34     lukem 						__pwexclude_add(user);
    936  1.14      phil 				}
    937  1.34     lukem 				endnetgrent();
    938  1.14      phil 				break;
    939  1.34     lukem 			default:
    940  1.34     lukem 				__pwexclude_add(_pw_passwd.pw_name + 1);
    941  1.32     lukem 				break;
    942   1.4   deraadt 			}
    943  1.34     lukem 			break;
    944  1.34     lukem 		}
    945  1.34     lukem 		if ((search == _PW_KEYBYNAME &&
    946  1.34     lukem 			    strcmp(_pw_passwd.pw_name, name) == 0)
    947  1.34     lukem 		 || (search == _PW_KEYBYUID && _pw_passwd.pw_uid == uid)) {
    948  1.34     lukem 			rval = NS_SUCCESS;
    949  1.34     lukem 			break;
    950   1.4   deraadt 		}
    951  1.34     lukem 		if(s == 1)				/* inside netgroup */
    952  1.34     lukem 			goto pwnam_netgrp;
    953  1.34     lukem 		continue;
    954   1.4   deraadt 	}
    955  1.34     lukem 	__pwproto = (struct passwd *)NULL;
    956   1.1       cgd 
    957   1.1       cgd 	if (!_pw_stayopen) {
    958   1.1       cgd 		(void)(_pw_db->close)(_pw_db);
    959   1.1       cgd 		_pw_db = (DB *)NULL;
    960   1.1       cgd 	}
    961  1.32     lukem 	if(__pwexclude != (DB *)NULL) {
    962  1.32     lukem 		(void)(__pwexclude->close)(__pwexclude);
    963  1.32     lukem 			__pwexclude = (DB *)NULL;
    964  1.32     lukem 	}
    965  1.32     lukem 	return rval;
    966   1.1       cgd }
    967  1.32     lukem #endif /* YP || HESIOD */
    968   1.1       cgd 
    969   1.1       cgd struct passwd *
    970  1.32     lukem getpwent()
    971   1.1       cgd {
    972  1.32     lukem 	int		r;
    973  1.36     lukem 	static const ns_dtab dtab[] = {
    974  1.35     lukem 		NS_FILES_CB(_local_getpw, NULL)
    975  1.35     lukem 		NS_DNS_CB(_dns_getpw, NULL)
    976  1.35     lukem 		NS_NIS_CB(_nis_getpw, NULL)
    977  1.35     lukem 		NS_COMPAT_CB(_compat_getpwent, NULL)
    978  1.35     lukem 		{ 0 }
    979  1.32     lukem 	};
    980  1.32     lukem 
    981  1.32     lukem 	_pw_none = 0;
    982  1.36     lukem 	r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwent", compatsrc,
    983  1.35     lukem 	    _PW_KEYBYNUM);
    984  1.32     lukem 	if (_pw_none || r != NS_SUCCESS)
    985  1.32     lukem 		return (struct passwd *)NULL;
    986  1.32     lukem 	return &_pw_passwd;
    987  1.32     lukem }
    988  1.10   deraadt 
    989  1.32     lukem struct passwd *
    990  1.32     lukem getpwnam(name)
    991  1.32     lukem 	const char *name;
    992  1.32     lukem {
    993  1.32     lukem 	int		r;
    994  1.36     lukem 	static const ns_dtab dtab[] = {
    995  1.35     lukem 		NS_FILES_CB(_local_getpw, NULL)
    996  1.35     lukem 		NS_DNS_CB(_dns_getpw, NULL)
    997  1.35     lukem 		NS_NIS_CB(_nis_getpw, NULL)
    998  1.35     lukem 		NS_COMPAT_CB(_compat_getpw, NULL)
    999  1.35     lukem 		{ 0 }
   1000  1.32     lukem 	};
   1001   1.4   deraadt 
   1002  1.32     lukem 	if (name == NULL || name[0] == '\0')
   1003  1.32     lukem 		return (struct passwd *)NULL;
   1004   1.4   deraadt 
   1005  1.36     lukem 	r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwnam", compatsrc,
   1006  1.35     lukem 	    _PW_KEYBYNAME, name);
   1007  1.32     lukem 	return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL);
   1008  1.32     lukem }
   1009  1.14      phil 
   1010  1.32     lukem struct passwd *
   1011  1.32     lukem getpwuid(uid)
   1012  1.32     lukem 	uid_t uid;
   1013  1.32     lukem {
   1014  1.32     lukem 	int		r;
   1015  1.36     lukem 	static const ns_dtab dtab[] = {
   1016  1.35     lukem 		NS_FILES_CB(_local_getpw, NULL)
   1017  1.35     lukem 		NS_DNS_CB(_dns_getpw, NULL)
   1018  1.35     lukem 		NS_NIS_CB(_nis_getpw, NULL)
   1019  1.35     lukem 		NS_COMPAT_CB(_compat_getpw, NULL)
   1020  1.35     lukem 		{ 0 }
   1021  1.32     lukem 	};
   1022   1.1       cgd 
   1023  1.36     lukem 	r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwuid", compatsrc,
   1024  1.35     lukem 	    _PW_KEYBYUID, uid);
   1025  1.32     lukem 	return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL);
   1026   1.1       cgd }
   1027   1.1       cgd 
   1028   1.1       cgd int
   1029   1.1       cgd setpassent(stayopen)
   1030   1.1       cgd 	int stayopen;
   1031   1.1       cgd {
   1032   1.1       cgd 	_pw_keynum = 0;
   1033   1.1       cgd 	_pw_stayopen = stayopen;
   1034   1.9       jtc #ifdef YP
   1035  1.32     lukem 	__pwmode = PWMODE_NONE;
   1036   1.9       jtc 	if(__ypcurrent)
   1037   1.9       jtc 		free(__ypcurrent);
   1038   1.9       jtc 	__ypcurrent = NULL;
   1039  1.32     lukem #endif
   1040  1.32     lukem #ifdef HESIOD
   1041  1.32     lukem 	_pw_hesnum = 0;
   1042  1.32     lukem #endif
   1043  1.32     lukem #if defined(YP) || defined(HESIOD)
   1044  1.32     lukem 	if(__pwexclude != (DB *)NULL) {
   1045  1.32     lukem 		(void)(__pwexclude->close)(__pwexclude);
   1046  1.32     lukem 		__pwexclude = (DB *)NULL;
   1047  1.14      phil 	}
   1048  1.32     lukem 	__pwproto = (struct passwd *)NULL;
   1049   1.9       jtc #endif
   1050  1.32     lukem 	return 1;
   1051   1.1       cgd }
   1052   1.1       cgd 
   1053   1.8       jtc void
   1054   1.1       cgd setpwent()
   1055   1.1       cgd {
   1056   1.9       jtc 	(void) setpassent(0);
   1057   1.1       cgd }
   1058   1.1       cgd 
   1059   1.1       cgd void
   1060   1.1       cgd endpwent()
   1061   1.1       cgd {
   1062   1.1       cgd 	_pw_keynum = 0;
   1063   1.1       cgd 	if (_pw_db) {
   1064   1.1       cgd 		(void)(_pw_db->close)(_pw_db);
   1065   1.1       cgd 		_pw_db = (DB *)NULL;
   1066   1.1       cgd 	}
   1067  1.32     lukem #if defined(YP) || defined(HESIOD)
   1068  1.32     lukem 	__pwmode = PWMODE_NONE;
   1069  1.32     lukem #endif
   1070   1.4   deraadt #ifdef YP
   1071   1.4   deraadt 	if(__ypcurrent)
   1072   1.4   deraadt 		free(__ypcurrent);
   1073   1.4   deraadt 	__ypcurrent = NULL;
   1074  1.32     lukem #endif
   1075  1.32     lukem #ifdef HESIOD
   1076  1.32     lukem 	_pw_hesnum = 0;
   1077  1.32     lukem #endif
   1078  1.32     lukem #if defined(YP) || defined(HESIOD)
   1079  1.32     lukem 	if(__pwexclude != (DB *)NULL) {
   1080  1.32     lukem 		(void)(__pwexclude->close)(__pwexclude);
   1081  1.32     lukem 		__pwexclude = (DB *)NULL;
   1082  1.14      phil 	}
   1083  1.32     lukem 	__pwproto = (struct passwd *)NULL;
   1084   1.4   deraadt #endif
   1085   1.1       cgd }
   1086   1.1       cgd 
   1087   1.4   deraadt static int
   1088   1.1       cgd __initdb()
   1089   1.1       cgd {
   1090   1.1       cgd 	static int warned;
   1091   1.1       cgd 	char *p;
   1092   1.1       cgd 
   1093  1.32     lukem #if defined(YP) || defined(HESIOD)
   1094  1.32     lukem 	__pwmode = PWMODE_NONE;
   1095  1.14      phil #endif
   1096  1.25       mrg 	if (geteuid() == 0) {
   1097  1.25       mrg 		_pw_db = dbopen((p = _PATH_SMP_DB), O_RDONLY, 0, DB_HASH, NULL);
   1098  1.25       mrg 		if (_pw_db)
   1099  1.25       mrg 			return(1);
   1100  1.25       mrg 	}
   1101  1.25       mrg 	_pw_db = dbopen((p = _PATH_MP_DB), O_RDONLY, 0, DB_HASH, NULL);
   1102   1.1       cgd 	if (_pw_db)
   1103  1.32     lukem 		return 1;
   1104   1.1       cgd 	if (!warned)
   1105   1.1       cgd 		syslog(LOG_ERR, "%s: %m", p);
   1106  1.11   deraadt 	warned = 1;
   1107  1.32     lukem 	return 0;
   1108   1.1       cgd }
   1109   1.1       cgd 
   1110   1.4   deraadt static int
   1111   1.1       cgd __hashpw(key)
   1112   1.1       cgd 	DBT *key;
   1113   1.1       cgd {
   1114  1.17     lukem 	char *p, *t;
   1115   1.1       cgd 	static u_int max;
   1116  1.30  christos 	static char *buf;
   1117   1.1       cgd 	DBT data;
   1118   1.1       cgd 
   1119  1.32     lukem 	switch ((_pw_db->get)(_pw_db, key, &data, 0)) {
   1120  1.32     lukem 	case 0:
   1121  1.32     lukem 		break;			/* found */
   1122  1.32     lukem 	case 1:
   1123  1.32     lukem 		return NS_NOTFOUND;
   1124  1.32     lukem 	case -1:
   1125  1.32     lukem 		return NS_UNAVAIL;	/* error in db routines */
   1126  1.32     lukem 	default:
   1127  1.32     lukem 		abort();
   1128  1.32     lukem 	}
   1129  1.32     lukem 
   1130   1.1       cgd 	p = (char *)data.data;
   1131  1.30  christos 	if (data.size > max && !(buf = realloc(buf, (max += 1024))))
   1132  1.32     lukem 		return NS_UNAVAIL;
   1133   1.1       cgd 
   1134  1.24     perry 	/* THIS CODE MUST MATCH THAT IN pwd_mkdb. */
   1135  1.30  christos 	t = buf;
   1136  1.14      phil #define	EXPAND(e)	e = t; while ((*t++ = *p++));
   1137  1.24     perry #define	SCALAR(v)	memmove(&(v), p, sizeof v); p += sizeof v
   1138   1.1       cgd 	EXPAND(_pw_passwd.pw_name);
   1139   1.1       cgd 	EXPAND(_pw_passwd.pw_passwd);
   1140  1.24     perry 	SCALAR(_pw_passwd.pw_uid);
   1141  1.24     perry 	SCALAR(_pw_passwd.pw_gid);
   1142  1.24     perry 	SCALAR(_pw_passwd.pw_change);
   1143   1.1       cgd 	EXPAND(_pw_passwd.pw_class);
   1144   1.1       cgd 	EXPAND(_pw_passwd.pw_gecos);
   1145   1.1       cgd 	EXPAND(_pw_passwd.pw_dir);
   1146   1.1       cgd 	EXPAND(_pw_passwd.pw_shell);
   1147  1.24     perry 	SCALAR(_pw_passwd.pw_expire);
   1148  1.14      phil 
   1149  1.14      phil 	/* See if there's any data left.  If so, read in flags. */
   1150  1.14      phil 	if (data.size > (p - (char *)data.data)) {
   1151  1.24     perry 		SCALAR(_pw_flags);
   1152  1.14      phil 	} else
   1153  1.14      phil 		_pw_flags = _PASSWORD_NOUID|_PASSWORD_NOGID;	/* default */
   1154  1.14      phil 
   1155  1.32     lukem 	return NS_SUCCESS;
   1156   1.1       cgd }
   1157