getpwent.c revision 1.41 1 1.41 lukem /* $NetBSD: getpwent.c,v 1.41 1999/04/18 02:04:05 lukem Exp $ */
2 1.12 cgd
3 1.1 cgd /*
4 1.12 cgd * Copyright (c) 1988, 1993
5 1.12 cgd * The Regents of the University of California. All rights reserved.
6 1.14 phil * Portions Copyright (c) 1994, 1995, Jason Downs. All rights reserved.
7 1.1 cgd *
8 1.1 cgd * Redistribution and use in source and binary forms, with or without
9 1.1 cgd * modification, are permitted provided that the following conditions
10 1.1 cgd * are met:
11 1.1 cgd * 1. Redistributions of source code must retain the above copyright
12 1.1 cgd * notice, this list of conditions and the following disclaimer.
13 1.1 cgd * 2. Redistributions in binary form must reproduce the above copyright
14 1.1 cgd * notice, this list of conditions and the following disclaimer in the
15 1.1 cgd * documentation and/or other materials provided with the distribution.
16 1.1 cgd * 3. All advertising materials mentioning features or use of this software
17 1.1 cgd * must display the following acknowledgement:
18 1.1 cgd * This product includes software developed by the University of
19 1.1 cgd * California, Berkeley and its contributors.
20 1.1 cgd * 4. Neither the name of the University nor the names of its contributors
21 1.1 cgd * may be used to endorse or promote products derived from this software
22 1.1 cgd * without specific prior written permission.
23 1.1 cgd *
24 1.1 cgd * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
25 1.1 cgd * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26 1.1 cgd * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27 1.1 cgd * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
28 1.1 cgd * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
29 1.1 cgd * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
30 1.1 cgd * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
31 1.1 cgd * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
32 1.1 cgd * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
33 1.1 cgd * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 1.1 cgd * SUCH DAMAGE.
35 1.1 cgd */
36 1.1 cgd
37 1.22 christos #include <sys/cdefs.h>
38 1.1 cgd #if defined(LIBC_SCCS) && !defined(lint)
39 1.12 cgd #if 0
40 1.24 perry static char sccsid[] = "@(#)getpwent.c 8.2 (Berkeley) 4/27/95";
41 1.12 cgd #else
42 1.41 lukem __RCSID("$NetBSD: getpwent.c,v 1.41 1999/04/18 02:04:05 lukem Exp $");
43 1.12 cgd #endif
44 1.1 cgd #endif /* LIBC_SCCS and not lint */
45 1.1 cgd
46 1.23 jtc #include "namespace.h"
47 1.1 cgd #include <sys/param.h>
48 1.1 cgd #include <fcntl.h>
49 1.1 cgd #include <db.h>
50 1.1 cgd #include <syslog.h>
51 1.1 cgd #include <pwd.h>
52 1.1 cgd #include <utmp.h>
53 1.1 cgd #include <errno.h>
54 1.1 cgd #include <unistd.h>
55 1.1 cgd #include <stdlib.h>
56 1.1 cgd #include <string.h>
57 1.1 cgd #include <limits.h>
58 1.14 phil #include <netgroup.h>
59 1.32 lukem #include <nsswitch.h>
60 1.32 lukem #ifdef HESIOD
61 1.32 lukem #include <hesiod.h>
62 1.32 lukem #endif
63 1.4 deraadt #ifdef YP
64 1.14 phil #include <machine/param.h>
65 1.4 deraadt #include <stdio.h>
66 1.4 deraadt #include <rpc/rpc.h>
67 1.4 deraadt #include <rpcsvc/yp_prot.h>
68 1.4 deraadt #include <rpcsvc/ypclnt.h>
69 1.41 lukem #endif
70 1.41 lukem
71 1.41 lukem #ifdef __STDC__
72 1.41 lukem #include <stdarg.h>
73 1.41 lukem #else
74 1.41 lukem #include <varargs.h>
75 1.23 jtc #endif
76 1.23 jtc
77 1.27 thorpej #include "pw_private.h"
78 1.27 thorpej
79 1.40 lukem #if defined(YP) || defined(HESIOD)
80 1.40 lukem #define _PASSWD_COMPAT
81 1.40 lukem #endif
82 1.40 lukem
83 1.23 jtc #ifdef __weak_alias
84 1.23 jtc __weak_alias(endpwent,_endpwent);
85 1.23 jtc __weak_alias(getpwent,_getpwent);
86 1.23 jtc __weak_alias(getpwnam,_getpwnam);
87 1.23 jtc __weak_alias(getpwuid,_getpwuid);
88 1.23 jtc __weak_alias(setpassent,_setpassent);
89 1.23 jtc __weak_alias(setpwent,_setpwent);
90 1.4 deraadt #endif
91 1.1 cgd
92 1.24 perry
93 1.24 perry /*
94 1.24 perry * The lookup techniques and data extraction code here must be kept
95 1.24 perry * in sync with that in `pwd_mkdb'.
96 1.24 perry */
97 1.24 perry
98 1.1 cgd static struct passwd _pw_passwd; /* password structure */
99 1.1 cgd static DB *_pw_db; /* password database */
100 1.1 cgd static int _pw_keynum; /* key counter */
101 1.1 cgd static int _pw_stayopen; /* keep fd's open */
102 1.14 phil static int _pw_flags; /* password flags */
103 1.32 lukem static int _pw_none; /* true if getpwent got EOF */
104 1.32 lukem
105 1.14 phil static int __hashpw __P((DBT *));
106 1.14 phil static int __initdb __P((void));
107 1.14 phil
108 1.14 phil const char __yp_token[] = "__YP!"; /* Let pwd_mkdb pull this in. */
109 1.36 lukem static const ns_src compatsrc[] = {
110 1.36 lukem { NSSRC_COMPAT, NS_SUCCESS },
111 1.36 lukem { 0 }
112 1.36 lukem };
113 1.1 cgd
114 1.4 deraadt #ifdef YP
115 1.32 lukem static char *__ypcurrent, *__ypdomain;
116 1.32 lukem static int __ypcurrentlen;
117 1.32 lukem #endif
118 1.32 lukem
119 1.32 lukem #ifdef HESIOD
120 1.32 lukem static int _pw_hesnum;
121 1.32 lukem #endif
122 1.32 lukem
123 1.40 lukem #ifdef _PASSWD_COMPAT
124 1.32 lukem enum _pwmode { PWMODE_NONE, PWMODE_FULL, PWMODE_USER, PWMODE_NETGRP };
125 1.32 lukem static enum _pwmode __pwmode;
126 1.14 phil
127 1.26 lukem enum _ypmap { YPMAP_NONE, YPMAP_ADJUNCT, YPMAP_MASTER };
128 1.26 lukem
129 1.32 lukem static struct passwd *__pwproto = (struct passwd *)NULL;
130 1.32 lukem static int __pwproto_flags;
131 1.32 lukem static char line[1024];
132 1.32 lukem static long prbuf[1024 / sizeof(long)];
133 1.32 lukem static DB *__pwexclude = (DB *)NULL;
134 1.32 lukem
135 1.32 lukem static int __pwexclude_add __P((const char *));
136 1.32 lukem static int __pwexclude_is __P((const char *));
137 1.32 lukem static void __pwproto_set __P((void));
138 1.32 lukem static int __ypmaptype __P((void));
139 1.32 lukem static int __pwparse __P((struct passwd *, char *));
140 1.14 phil
141 1.26 lukem /* macros for deciding which YP maps to use. */
142 1.26 lukem #define PASSWD_BYNAME (__ypmaptype() == YPMAP_MASTER \
143 1.26 lukem ? "master.passwd.byname" : "passwd.byname")
144 1.26 lukem #define PASSWD_BYUID (__ypmaptype() == YPMAP_MASTER \
145 1.26 lukem ? "master.passwd.byuid" : "passwd.byuid")
146 1.26 lukem
147 1.32 lukem /*
148 1.32 lukem * add a name to the compat mode exclude list
149 1.32 lukem */
150 1.14 phil static int
151 1.32 lukem __pwexclude_add(name)
152 1.26 lukem const char *name;
153 1.14 phil {
154 1.30 christos DBT key;
155 1.30 christos DBT data;
156 1.14 phil
157 1.14 phil /* initialize the exclusion table if needed. */
158 1.32 lukem if(__pwexclude == (DB *)NULL) {
159 1.32 lukem __pwexclude = dbopen(NULL, O_RDWR, 600, DB_HASH, NULL);
160 1.32 lukem if(__pwexclude == (DB *)NULL)
161 1.32 lukem return 1;
162 1.14 phil }
163 1.14 phil
164 1.14 phil /* set up the key */
165 1.30 christos key.size = strlen(name);
166 1.30 christos /* LINTED key does not get modified */
167 1.14 phil key.data = (char *)name;
168 1.14 phil
169 1.14 phil /* data is nothing. */
170 1.14 phil data.data = NULL;
171 1.14 phil data.size = 0;
172 1.14 phil
173 1.14 phil /* store it */
174 1.32 lukem if((__pwexclude->put)(__pwexclude, &key, &data, 0) == -1)
175 1.32 lukem return 1;
176 1.14 phil
177 1.32 lukem return 0;
178 1.14 phil }
179 1.14 phil
180 1.32 lukem /*
181 1.32 lukem * test if a name is on the compat mode exclude list
182 1.32 lukem */
183 1.14 phil static int
184 1.32 lukem __pwexclude_is(name)
185 1.26 lukem const char *name;
186 1.14 phil {
187 1.31 christos DBT key;
188 1.30 christos DBT data;
189 1.14 phil
190 1.32 lukem if(__pwexclude == (DB *)NULL)
191 1.32 lukem return 0; /* nothing excluded */
192 1.14 phil
193 1.14 phil /* set up the key */
194 1.30 christos key.size = strlen(name);
195 1.30 christos /* LINTED key does not get modified */
196 1.14 phil key.data = (char *)name;
197 1.14 phil
198 1.32 lukem if((__pwexclude->get)(__pwexclude, &key, &data, 0) == 0)
199 1.32 lukem return 1; /* excluded */
200 1.14 phil
201 1.32 lukem return 0;
202 1.14 phil }
203 1.14 phil
204 1.32 lukem /*
205 1.32 lukem * setup the compat mode prototype template
206 1.32 lukem */
207 1.14 phil static void
208 1.32 lukem __pwproto_set()
209 1.14 phil {
210 1.17 lukem char *ptr;
211 1.17 lukem struct passwd *pw = &_pw_passwd;
212 1.14 phil
213 1.14 phil /* make this the new prototype */
214 1.30 christos ptr = (char *)(void *)prbuf;
215 1.14 phil
216 1.14 phil /* first allocate the struct. */
217 1.37 christos __pwproto = (struct passwd *)(void *)ptr;
218 1.14 phil ptr += sizeof(struct passwd);
219 1.14 phil
220 1.14 phil /* name */
221 1.14 phil if(pw->pw_name && (pw->pw_name)[0]) {
222 1.37 christos ptr = (char *)ALIGN((u_long)ptr);
223 1.29 perry memmove(ptr, pw->pw_name, strlen(pw->pw_name) + 1);
224 1.32 lukem __pwproto->pw_name = ptr;
225 1.14 phil ptr += (strlen(pw->pw_name) + 1);
226 1.14 phil } else
227 1.32 lukem __pwproto->pw_name = (char *)NULL;
228 1.14 phil
229 1.14 phil /* password */
230 1.14 phil if(pw->pw_passwd && (pw->pw_passwd)[0]) {
231 1.37 christos ptr = (char *)ALIGN((u_long)ptr);
232 1.29 perry memmove(ptr, pw->pw_passwd, strlen(pw->pw_passwd) + 1);
233 1.32 lukem __pwproto->pw_passwd = ptr;
234 1.14 phil ptr += (strlen(pw->pw_passwd) + 1);
235 1.14 phil } else
236 1.32 lukem __pwproto->pw_passwd = (char *)NULL;
237 1.14 phil
238 1.14 phil /* uid */
239 1.32 lukem __pwproto->pw_uid = pw->pw_uid;
240 1.14 phil
241 1.14 phil /* gid */
242 1.32 lukem __pwproto->pw_gid = pw->pw_gid;
243 1.14 phil
244 1.14 phil /* change (ignored anyway) */
245 1.32 lukem __pwproto->pw_change = pw->pw_change;
246 1.14 phil
247 1.14 phil /* class (ignored anyway) */
248 1.32 lukem __pwproto->pw_class = "";
249 1.14 phil
250 1.14 phil /* gecos */
251 1.14 phil if(pw->pw_gecos && (pw->pw_gecos)[0]) {
252 1.37 christos ptr = (char *)ALIGN((u_long)ptr);
253 1.29 perry memmove(ptr, pw->pw_gecos, strlen(pw->pw_gecos) + 1);
254 1.32 lukem __pwproto->pw_gecos = ptr;
255 1.14 phil ptr += (strlen(pw->pw_gecos) + 1);
256 1.14 phil } else
257 1.32 lukem __pwproto->pw_gecos = (char *)NULL;
258 1.14 phil
259 1.14 phil /* dir */
260 1.14 phil if(pw->pw_dir && (pw->pw_dir)[0]) {
261 1.37 christos ptr = (char *)ALIGN((u_long)ptr);
262 1.29 perry memmove(ptr, pw->pw_dir, strlen(pw->pw_dir) + 1);
263 1.32 lukem __pwproto->pw_dir = ptr;
264 1.14 phil ptr += (strlen(pw->pw_dir) + 1);
265 1.14 phil } else
266 1.32 lukem __pwproto->pw_dir = (char *)NULL;
267 1.14 phil
268 1.14 phil /* shell */
269 1.14 phil if(pw->pw_shell && (pw->pw_shell)[0]) {
270 1.37 christos ptr = (char *)ALIGN((u_long)ptr);
271 1.29 perry memmove(ptr, pw->pw_shell, strlen(pw->pw_shell) + 1);
272 1.32 lukem __pwproto->pw_shell = ptr;
273 1.14 phil ptr += (strlen(pw->pw_shell) + 1);
274 1.14 phil } else
275 1.32 lukem __pwproto->pw_shell = (char *)NULL;
276 1.14 phil
277 1.14 phil /* expire (ignored anyway) */
278 1.32 lukem __pwproto->pw_expire = pw->pw_expire;
279 1.14 phil
280 1.14 phil /* flags */
281 1.32 lukem __pwproto_flags = _pw_flags;
282 1.14 phil }
283 1.4 deraadt
284 1.5 deraadt static int
285 1.26 lukem __ypmaptype()
286 1.26 lukem {
287 1.26 lukem static int maptype = -1;
288 1.26 lukem int order, r;
289 1.26 lukem
290 1.26 lukem if (maptype != -1)
291 1.26 lukem return (maptype);
292 1.26 lukem
293 1.26 lukem maptype = YPMAP_NONE;
294 1.26 lukem if (geteuid() != 0)
295 1.26 lukem return (maptype);
296 1.26 lukem
297 1.26 lukem if (!__ypdomain) {
298 1.26 lukem if( _yp_check(&__ypdomain) == 0)
299 1.26 lukem return (maptype);
300 1.26 lukem }
301 1.26 lukem
302 1.26 lukem r = yp_order(__ypdomain, "master.passwd.byname", &order);
303 1.26 lukem if (r == 0) {
304 1.26 lukem maptype = YPMAP_MASTER;
305 1.26 lukem return (maptype);
306 1.26 lukem }
307 1.26 lukem
308 1.26 lukem /*
309 1.26 lukem * NIS+ in YP compat mode doesn't support
310 1.26 lukem * YPPROC_ORDER -- no point in continuing.
311 1.26 lukem */
312 1.26 lukem if (r == YPERR_YPERR)
313 1.26 lukem return (maptype);
314 1.26 lukem
315 1.26 lukem /* master.passwd doesn't exist -- try passwd.adjunct */
316 1.26 lukem if (r == YPERR_MAP) {
317 1.26 lukem r = yp_order(__ypdomain, "passwd.adjunct.byname", &order);
318 1.26 lukem if (r == 0)
319 1.26 lukem maptype = YPMAP_ADJUNCT;
320 1.26 lukem return (maptype);
321 1.26 lukem }
322 1.26 lukem
323 1.26 lukem return (maptype);
324 1.26 lukem }
325 1.26 lukem
326 1.32 lukem /*
327 1.32 lukem * parse an old-style passwd file line (from NIS or HESIOD)
328 1.32 lukem */
329 1.26 lukem static int
330 1.32 lukem __pwparse(pw, s)
331 1.26 lukem struct passwd *pw;
332 1.26 lukem char *s;
333 1.4 deraadt {
334 1.26 lukem static char adjunctpw[YPMAXRECORD + 2];
335 1.26 lukem int flags, maptype;
336 1.4 deraadt
337 1.26 lukem maptype = __ypmaptype();
338 1.26 lukem flags = _PASSWORD_NOWARN;
339 1.26 lukem if (maptype != YPMAP_MASTER)
340 1.26 lukem flags |= _PASSWORD_OLDFMT;
341 1.27 thorpej if (! __pw_scan(s, pw, &flags))
342 1.13 mycroft return 1;
343 1.14 phil
344 1.14 phil /* now let the prototype override, if set. */
345 1.32 lukem if(__pwproto != (struct passwd *)NULL) {
346 1.32 lukem #ifdef PW_OVERRIDE_PASSWD
347 1.32 lukem if(__pwproto->pw_passwd != (char *)NULL)
348 1.32 lukem pw->pw_passwd = __pwproto->pw_passwd;
349 1.14 phil #endif
350 1.32 lukem if(!(__pwproto_flags & _PASSWORD_NOUID))
351 1.32 lukem pw->pw_uid = __pwproto->pw_uid;
352 1.32 lukem if(!(__pwproto_flags & _PASSWORD_NOGID))
353 1.32 lukem pw->pw_gid = __pwproto->pw_gid;
354 1.32 lukem if(__pwproto->pw_gecos != (char *)NULL)
355 1.32 lukem pw->pw_gecos = __pwproto->pw_gecos;
356 1.32 lukem if(__pwproto->pw_dir != (char *)NULL)
357 1.32 lukem pw->pw_dir = __pwproto->pw_dir;
358 1.32 lukem if(__pwproto->pw_shell != (char *)NULL)
359 1.32 lukem pw->pw_shell = __pwproto->pw_shell;
360 1.14 phil }
361 1.26 lukem if ((maptype == YPMAP_ADJUNCT) &&
362 1.26 lukem (strstr(pw->pw_passwd, "##") != NULL)) {
363 1.26 lukem char *data, *bp;
364 1.26 lukem int datalen;
365 1.26 lukem
366 1.26 lukem if (yp_match(__ypdomain, "passwd.adjunct.byname", pw->pw_name,
367 1.30 christos (int)strlen(pw->pw_name), &data, &datalen) == 0) {
368 1.26 lukem if (datalen > sizeof(adjunctpw) - 1)
369 1.26 lukem datalen = sizeof(adjunctpw) - 1;
370 1.37 christos strncpy(adjunctpw, data, (size_t)datalen);
371 1.26 lukem
372 1.26 lukem /* skip name to get password */
373 1.26 lukem if ((bp = strsep(&data, ":")) != NULL &&
374 1.26 lukem (bp = strsep(&data, ":")) != NULL)
375 1.26 lukem pw->pw_passwd = bp;
376 1.26 lukem }
377 1.26 lukem }
378 1.4 deraadt return 0;
379 1.4 deraadt }
380 1.40 lukem #endif /* _PASSWD_COMPAT */
381 1.32 lukem
382 1.32 lukem /*
383 1.32 lukem * local files implementation of getpw*()
384 1.32 lukem * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ]
385 1.32 lukem */
386 1.32 lukem static int _local_getpw __P((void *, void *, va_list));
387 1.4 deraadt
388 1.37 christos /*ARGSUSED*/
389 1.32 lukem static int
390 1.32 lukem _local_getpw(rv, cb_data, ap)
391 1.32 lukem void *rv;
392 1.32 lukem void *cb_data;
393 1.32 lukem va_list ap;
394 1.1 cgd {
395 1.32 lukem DBT key;
396 1.37 christos char bf[/*CONSTCOND*/ MAX(MAXLOGNAME, sizeof(_pw_keynum)) + 1];
397 1.32 lukem uid_t uid;
398 1.32 lukem int search, len, rval;
399 1.32 lukem const char *name;
400 1.1 cgd
401 1.1 cgd if (!_pw_db && !__initdb())
402 1.32 lukem return NS_UNAVAIL;
403 1.32 lukem
404 1.32 lukem search = va_arg(ap, int);
405 1.32 lukem bf[0] = search;
406 1.32 lukem switch (search) {
407 1.32 lukem case _PW_KEYBYNUM:
408 1.32 lukem ++_pw_keynum;
409 1.37 christos memmove(bf + 1, &_pw_keynum, sizeof(_pw_keynum));
410 1.32 lukem key.size = sizeof(_pw_keynum) + 1;
411 1.32 lukem break;
412 1.32 lukem case _PW_KEYBYNAME:
413 1.32 lukem name = va_arg(ap, const char *);
414 1.32 lukem len = strlen(name);
415 1.37 christos memmove(bf + 1, name, (size_t)MIN(len, MAXLOGNAME));
416 1.32 lukem key.size = len + 1;
417 1.32 lukem break;
418 1.32 lukem case _PW_KEYBYUID:
419 1.32 lukem uid = va_arg(ap, uid_t);
420 1.37 christos memmove(bf + 1, &uid, sizeof(len));
421 1.32 lukem key.size = sizeof(uid) + 1;
422 1.32 lukem break;
423 1.32 lukem default:
424 1.32 lukem abort();
425 1.32 lukem }
426 1.32 lukem
427 1.32 lukem key.data = (u_char *)bf;
428 1.32 lukem rval = __hashpw(&key);
429 1.32 lukem if (rval == NS_NOTFOUND && search == _PW_KEYBYNUM) {
430 1.32 lukem _pw_none = 1;
431 1.32 lukem rval = NS_SUCCESS;
432 1.32 lukem }
433 1.32 lukem
434 1.32 lukem if (!_pw_stayopen && (search != _PW_KEYBYNUM)) {
435 1.32 lukem (void)(_pw_db->close)(_pw_db);
436 1.32 lukem _pw_db = (DB *)NULL;
437 1.32 lukem }
438 1.32 lukem return (rval);
439 1.32 lukem }
440 1.32 lukem
441 1.32 lukem #ifdef HESIOD
442 1.32 lukem /*
443 1.32 lukem * hesiod implementation of getpw*()
444 1.32 lukem * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ]
445 1.32 lukem */
446 1.32 lukem static int _dns_getpw __P((void *, void *, va_list));
447 1.32 lukem
448 1.37 christos /*ARGSUSED*/
449 1.32 lukem static int
450 1.32 lukem _dns_getpw(rv, cb_data, ap)
451 1.32 lukem void *rv;
452 1.32 lukem void *cb_data;
453 1.32 lukem va_list ap;
454 1.32 lukem {
455 1.32 lukem const char *name;
456 1.32 lukem uid_t uid;
457 1.32 lukem int search;
458 1.39 lukem
459 1.38 mycroft char *map;
460 1.32 lukem char **hp;
461 1.39 lukem void *context;
462 1.39 lukem int r;
463 1.32 lukem
464 1.32 lukem search = va_arg(ap, int);
465 1.32 lukem switch (search) {
466 1.32 lukem case _PW_KEYBYNUM:
467 1.32 lukem snprintf(line, sizeof(line) - 1, "passwd-%u", _pw_hesnum);
468 1.32 lukem _pw_hesnum++;
469 1.38 mycroft map = "passwd";
470 1.32 lukem break;
471 1.32 lukem case _PW_KEYBYNAME:
472 1.32 lukem name = va_arg(ap, const char *);
473 1.32 lukem strncpy(line, name, sizeof(line));
474 1.38 mycroft map = "passwd";
475 1.32 lukem break;
476 1.32 lukem case _PW_KEYBYUID:
477 1.32 lukem uid = va_arg(ap, uid_t);
478 1.33 lukem snprintf(line, sizeof(line), "%u", (unsigned int)uid);
479 1.40 lukem map = "uid"; /* XXX this is `passwd' on ultrix */
480 1.32 lukem break;
481 1.32 lukem default:
482 1.32 lukem abort();
483 1.32 lukem }
484 1.32 lukem line[sizeof(line) - 1] = '\0';
485 1.32 lukem
486 1.39 lukem r = NS_UNAVAIL;
487 1.39 lukem if (hesiod_init(&context) == -1)
488 1.39 lukem return (r);
489 1.39 lukem
490 1.39 lukem hp = hesiod_resolve(context, line, map);
491 1.32 lukem if (hp == NULL) {
492 1.39 lukem if (errno == ENOENT) {
493 1.32 lukem if (search == _PW_KEYBYNUM) {
494 1.32 lukem _pw_hesnum = 0;
495 1.32 lukem _pw_none = 1;
496 1.39 lukem r = NS_SUCCESS;
497 1.39 lukem } else
498 1.39 lukem r = NS_NOTFOUND;
499 1.32 lukem }
500 1.39 lukem goto cleanup_dns_getpw;
501 1.32 lukem }
502 1.32 lukem
503 1.32 lukem strncpy(line, hp[0], sizeof(line)); /* only check first elem */
504 1.32 lukem line[sizeof(line) - 1] = '\0';
505 1.39 lukem hesiod_free_list(context, hp);
506 1.32 lukem if (__pwparse(&_pw_passwd, line))
507 1.39 lukem r = NS_UNAVAIL;
508 1.39 lukem else
509 1.39 lukem r = NS_SUCCESS;
510 1.39 lukem cleanup_dns_getpw:
511 1.39 lukem hesiod_end(context);
512 1.39 lukem return (r);
513 1.32 lukem }
514 1.32 lukem #endif
515 1.1 cgd
516 1.4 deraadt #ifdef YP
517 1.32 lukem /*
518 1.32 lukem * nis implementation of getpw*()
519 1.32 lukem * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ]
520 1.32 lukem */
521 1.32 lukem static int _nis_getpw __P((void *, void *, va_list));
522 1.14 phil
523 1.37 christos /*ARGSUSED*/
524 1.32 lukem static int
525 1.32 lukem _nis_getpw(rv, cb_data, ap)
526 1.32 lukem void *rv;
527 1.32 lukem void *cb_data;
528 1.32 lukem va_list ap;
529 1.32 lukem {
530 1.32 lukem const char *name;
531 1.32 lukem uid_t uid;
532 1.32 lukem int search;
533 1.32 lukem char *key, *data;
534 1.32 lukem char *map = PASSWD_BYNAME;
535 1.32 lukem int keylen, datalen, r;
536 1.32 lukem
537 1.32 lukem if(__ypdomain == NULL) {
538 1.32 lukem if(_yp_check(&__ypdomain) == 0)
539 1.32 lukem return NS_UNAVAIL;
540 1.32 lukem }
541 1.32 lukem
542 1.32 lukem search = va_arg(ap, int);
543 1.32 lukem switch (search) {
544 1.32 lukem case _PW_KEYBYNUM:
545 1.32 lukem break;
546 1.32 lukem case _PW_KEYBYNAME:
547 1.32 lukem name = va_arg(ap, const char *);
548 1.32 lukem strncpy(line, name, sizeof(line));
549 1.32 lukem break;
550 1.32 lukem case _PW_KEYBYUID:
551 1.32 lukem uid = va_arg(ap, uid_t);
552 1.33 lukem snprintf(line, sizeof(line), "%u", (unsigned int)uid);
553 1.32 lukem map = PASSWD_BYUID;
554 1.32 lukem break;
555 1.32 lukem default:
556 1.32 lukem abort();
557 1.32 lukem }
558 1.32 lukem line[sizeof(line) - 1] = '\0';
559 1.32 lukem if (search != _PW_KEYBYNUM) {
560 1.32 lukem data = NULL;
561 1.32 lukem r = yp_match(__ypdomain, map, line, (int)strlen(line),
562 1.32 lukem &data, &datalen);
563 1.32 lukem switch (r) {
564 1.32 lukem case 0:
565 1.32 lukem break;
566 1.32 lukem case YPERR_KEY:
567 1.32 lukem r = NS_NOTFOUND;
568 1.32 lukem break;
569 1.32 lukem default:
570 1.32 lukem r = NS_UNAVAIL;
571 1.32 lukem break;
572 1.32 lukem }
573 1.32 lukem if (r != 0) {
574 1.32 lukem if (data)
575 1.32 lukem free(data);
576 1.32 lukem return r;
577 1.4 deraadt }
578 1.32 lukem data[datalen] = '\0'; /* clear trailing \n */
579 1.32 lukem strncpy(line, data, sizeof(line));
580 1.32 lukem line[sizeof(line) - 1] = '\0';
581 1.32 lukem free(data);
582 1.32 lukem if (__pwparse(&_pw_passwd, line))
583 1.32 lukem return NS_UNAVAIL;
584 1.32 lukem return NS_SUCCESS;
585 1.32 lukem }
586 1.32 lukem
587 1.32 lukem for (;;) {
588 1.32 lukem data = key = NULL;
589 1.32 lukem if (__ypcurrent) {
590 1.32 lukem r = yp_next(__ypdomain, map,
591 1.14 phil __ypcurrent, __ypcurrentlen,
592 1.14 phil &key, &keylen, &data, &datalen);
593 1.32 lukem free(__ypcurrent);
594 1.32 lukem switch (r) {
595 1.32 lukem case 0:
596 1.32 lukem __ypcurrent = key;
597 1.32 lukem __ypcurrentlen = keylen;
598 1.32 lukem break;
599 1.32 lukem case YPERR_NOMORE:
600 1.32 lukem __ypcurrent = NULL;
601 1.32 lukem _pw_none = 1;
602 1.32 lukem if (key)
603 1.32 lukem free(key);
604 1.32 lukem return NS_SUCCESS;
605 1.32 lukem default:
606 1.32 lukem r = NS_UNAVAIL;
607 1.32 lukem break;
608 1.17 lukem }
609 1.32 lukem } else {
610 1.32 lukem r = 0;
611 1.32 lukem if (yp_first(__ypdomain, map, &__ypcurrent,
612 1.32 lukem &__ypcurrentlen, &data, &datalen))
613 1.32 lukem r = NS_UNAVAIL;
614 1.32 lukem }
615 1.32 lukem if (r != 0) {
616 1.32 lukem if (key)
617 1.32 lukem free(key);
618 1.32 lukem if (data)
619 1.32 lukem free(data);
620 1.32 lukem return r;
621 1.32 lukem }
622 1.32 lukem data[datalen] = '\0'; /* clear trailing \n */
623 1.32 lukem strncpy(line, data, sizeof(line));
624 1.32 lukem line[sizeof(line) - 1] = '\0';
625 1.32 lukem free(data);
626 1.32 lukem if (! __pwparse(&_pw_passwd, line))
627 1.32 lukem return NS_SUCCESS;
628 1.32 lukem }
629 1.32 lukem /* NOTREACHED */
630 1.32 lukem } /* _nis_getpw */
631 1.32 lukem #endif
632 1.32 lukem
633 1.40 lukem #ifdef _PASSWD_COMPAT
634 1.32 lukem /*
635 1.32 lukem * See if the compat token is in the database. Only works if pwd_mkdb knows
636 1.32 lukem * about the token.
637 1.32 lukem */
638 1.32 lukem static int __has_compatpw __P((void));
639 1.32 lukem
640 1.32 lukem static int
641 1.32 lukem __has_compatpw()
642 1.32 lukem {
643 1.32 lukem DBT key, data;
644 1.32 lukem DBT pkey, pdata;
645 1.35 lukem char bf[MAXLOGNAME];
646 1.32 lukem
647 1.37 christos /*LINTED*/
648 1.32 lukem key.data = (u_char *)__yp_token;
649 1.32 lukem key.size = strlen(__yp_token);
650 1.32 lukem
651 1.32 lukem /* Pre-token database support. */
652 1.32 lukem bf[0] = _PW_KEYBYNAME;
653 1.35 lukem bf[1] = '+';
654 1.32 lukem pkey.data = (u_char *)bf;
655 1.35 lukem pkey.size = 2;
656 1.32 lukem
657 1.32 lukem if ((_pw_db->get)(_pw_db, &key, &data, 0)
658 1.32 lukem && (_pw_db->get)(_pw_db, &pkey, &pdata, 0))
659 1.32 lukem return 0; /* No compat token */
660 1.32 lukem return 1;
661 1.32 lukem }
662 1.32 lukem
663 1.32 lukem /*
664 1.32 lukem * log an error if "files" or "compat" is specified in passwd_compat database
665 1.32 lukem */
666 1.32 lukem static int _bad_getpw __P((void *, void *, va_list));
667 1.32 lukem
668 1.37 christos /*ARGSUSED*/
669 1.32 lukem static int
670 1.32 lukem _bad_getpw(rv, cb_data, ap)
671 1.32 lukem void *rv;
672 1.32 lukem void *cb_data;
673 1.32 lukem va_list ap;
674 1.32 lukem {
675 1.32 lukem static int warned;
676 1.32 lukem if (!warned) {
677 1.32 lukem syslog(LOG_ERR,
678 1.32 lukem "nsswitch.conf passwd_compat database can't use '%s'",
679 1.32 lukem (char *)cb_data);
680 1.32 lukem }
681 1.32 lukem warned = 1;
682 1.32 lukem return NS_UNAVAIL;
683 1.32 lukem }
684 1.32 lukem
685 1.32 lukem /*
686 1.32 lukem * when a name lookup in compat mode is required (e.g., '+name', or a name in
687 1.32 lukem * '+@netgroup'), look it up in the 'passwd_compat' nsswitch database.
688 1.32 lukem * only Hesiod and NIS is supported - it doesn't make sense to lookup
689 1.32 lukem * compat names from 'files' or 'compat'.
690 1.32 lukem */
691 1.32 lukem static int __getpwcompat __P((int, uid_t, const char *));
692 1.32 lukem
693 1.32 lukem static int
694 1.32 lukem __getpwcompat(type, uid, name)
695 1.32 lukem int type;
696 1.32 lukem uid_t uid;
697 1.32 lukem const char *name;
698 1.32 lukem {
699 1.36 lukem static const ns_dtab dtab[] = {
700 1.35 lukem NS_FILES_CB(_bad_getpw, "files")
701 1.35 lukem NS_DNS_CB(_dns_getpw, NULL)
702 1.35 lukem NS_NIS_CB(_nis_getpw, NULL)
703 1.35 lukem NS_COMPAT_CB(_bad_getpw, "compat")
704 1.35 lukem { 0 }
705 1.32 lukem };
706 1.36 lukem static const ns_src defaultnis[] = {
707 1.36 lukem { NSSRC_NIS, NS_SUCCESS },
708 1.36 lukem { 0 }
709 1.36 lukem };
710 1.32 lukem
711 1.32 lukem switch (type) {
712 1.32 lukem case _PW_KEYBYNUM:
713 1.35 lukem return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "getpwcompat",
714 1.36 lukem defaultnis, type);
715 1.32 lukem case _PW_KEYBYNAME:
716 1.35 lukem return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "getpwcompat",
717 1.36 lukem defaultnis, type, name);
718 1.32 lukem case _PW_KEYBYUID:
719 1.35 lukem return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "getpwcompat",
720 1.36 lukem defaultnis, type, uid);
721 1.32 lukem default:
722 1.32 lukem abort();
723 1.37 christos /*NOTREACHED*/
724 1.32 lukem }
725 1.32 lukem }
726 1.40 lukem #endif /* _PASSWD_COMPAT */
727 1.32 lukem
728 1.32 lukem /*
729 1.32 lukem * compat implementation of getpwent()
730 1.32 lukem * varargs (ignored):
731 1.32 lukem * type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ]
732 1.32 lukem */
733 1.32 lukem static int _compat_getpwent __P((void *, void *, va_list));
734 1.32 lukem
735 1.37 christos /*ARGSUSED*/
736 1.32 lukem static int
737 1.32 lukem _compat_getpwent(rv, cb_data, ap)
738 1.32 lukem void *rv;
739 1.32 lukem void *cb_data;
740 1.32 lukem va_list ap;
741 1.32 lukem {
742 1.32 lukem DBT key;
743 1.32 lukem char bf[sizeof(_pw_keynum) + 1];
744 1.40 lukem #ifdef _PASSWD_COMPAT
745 1.32 lukem static char *name = NULL;
746 1.32 lukem const char *user, *host, *dom;
747 1.32 lukem int has_compatpw;
748 1.40 lukem #endif
749 1.32 lukem
750 1.32 lukem if (!_pw_db && !__initdb())
751 1.32 lukem return NS_UNAVAIL;
752 1.32 lukem
753 1.40 lukem #ifdef _PASSWD_COMPAT
754 1.32 lukem has_compatpw = __has_compatpw();
755 1.32 lukem
756 1.32 lukem again:
757 1.32 lukem if (has_compatpw && (__pwmode != PWMODE_NONE)) {
758 1.32 lukem int r;
759 1.32 lukem
760 1.32 lukem switch (__pwmode) {
761 1.32 lukem case PWMODE_FULL:
762 1.32 lukem r = __getpwcompat(_PW_KEYBYNUM, 0, NULL);
763 1.32 lukem if (r == NS_SUCCESS)
764 1.32 lukem return r;
765 1.32 lukem __pwmode = PWMODE_NONE;
766 1.14 phil break;
767 1.32 lukem
768 1.32 lukem case PWMODE_NETGRP:
769 1.32 lukem r = getnetgrent(&host, &user, &dom);
770 1.32 lukem if (r == 0) { /* end of group */
771 1.14 phil endnetgrent();
772 1.32 lukem __pwmode = PWMODE_NONE;
773 1.32 lukem break;
774 1.14 phil }
775 1.32 lukem if (!user || !*user)
776 1.32 lukem break;
777 1.32 lukem r = __getpwcompat(_PW_KEYBYNAME, 0, user);
778 1.32 lukem if (r == NS_SUCCESS)
779 1.32 lukem return r;
780 1.14 phil break;
781 1.32 lukem
782 1.32 lukem case PWMODE_USER:
783 1.32 lukem if (name == NULL) {
784 1.32 lukem __pwmode = PWMODE_NONE;
785 1.32 lukem break;
786 1.4 deraadt }
787 1.32 lukem r = __getpwcompat(_PW_KEYBYNAME, 0, name);
788 1.32 lukem free(name);
789 1.32 lukem name = NULL;
790 1.32 lukem if (r == NS_SUCCESS)
791 1.32 lukem return r;
792 1.14 phil break;
793 1.32 lukem
794 1.32 lukem case PWMODE_NONE:
795 1.32 lukem abort();
796 1.4 deraadt }
797 1.32 lukem goto again;
798 1.4 deraadt }
799 1.40 lukem #endif
800 1.4 deraadt
801 1.1 cgd ++_pw_keynum;
802 1.1 cgd bf[0] = _PW_KEYBYNUM;
803 1.37 christos memmove(bf + 1, &_pw_keynum, sizeof(_pw_keynum));
804 1.32 lukem key.data = (u_char *)bf;
805 1.32 lukem key.size = sizeof(_pw_keynum) + 1;
806 1.32 lukem if(__hashpw(&key) == NS_SUCCESS) {
807 1.40 lukem #ifdef _PASSWD_COMPAT
808 1.14 phil /* if we don't have YP at all, don't bother. */
809 1.32 lukem if (has_compatpw) {
810 1.14 phil if(_pw_passwd.pw_name[0] == '+') {
811 1.14 phil /* set the mode */
812 1.14 phil switch(_pw_passwd.pw_name[1]) {
813 1.14 phil case '\0':
814 1.32 lukem __pwmode = PWMODE_FULL;
815 1.14 phil break;
816 1.14 phil case '@':
817 1.32 lukem __pwmode = PWMODE_NETGRP;
818 1.14 phil setnetgrent(_pw_passwd.pw_name + 2);
819 1.14 phil break;
820 1.14 phil default:
821 1.32 lukem __pwmode = PWMODE_USER;
822 1.14 phil name = strdup(_pw_passwd.pw_name + 1);
823 1.14 phil break;
824 1.14 phil }
825 1.14 phil
826 1.14 phil /* save the prototype */
827 1.32 lukem __pwproto_set();
828 1.14 phil goto again;
829 1.14 phil } else if(_pw_passwd.pw_name[0] == '-') {
830 1.14 phil /* an attempted exclusion */
831 1.14 phil switch(_pw_passwd.pw_name[1]) {
832 1.14 phil case '\0':
833 1.14 phil break;
834 1.14 phil case '@':
835 1.14 phil setnetgrent(_pw_passwd.pw_name + 2);
836 1.14 phil while(getnetgrent(&host, &user, &dom)) {
837 1.14 phil if(user && *user)
838 1.32 lukem __pwexclude_add(user);
839 1.14 phil }
840 1.14 phil endnetgrent();
841 1.14 phil break;
842 1.14 phil default:
843 1.32 lukem __pwexclude_add(_pw_passwd.pw_name + 1);
844 1.14 phil break;
845 1.14 phil }
846 1.14 phil goto again;
847 1.14 phil }
848 1.4 deraadt }
849 1.40 lukem #endif
850 1.32 lukem return NS_SUCCESS;
851 1.4 deraadt }
852 1.32 lukem return NS_NOTFOUND;
853 1.1 cgd }
854 1.1 cgd
855 1.14 phil /*
856 1.32 lukem * compat implementation of getpwnam() and getpwuid()
857 1.32 lukem * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ]
858 1.14 phil */
859 1.32 lukem static int _compat_getpw __P((void *, void *, va_list));
860 1.32 lukem
861 1.14 phil static int
862 1.32 lukem _compat_getpw(rv, cb_data, ap)
863 1.32 lukem void *rv;
864 1.32 lukem void *cb_data;
865 1.32 lukem va_list ap;
866 1.14 phil {
867 1.40 lukem #ifdef _PASSWD_COMPAT
868 1.32 lukem DBT key;
869 1.34 lukem int search, rval, r, s;
870 1.32 lukem uid_t uid;
871 1.32 lukem char bf[MAXLOGNAME + 1];
872 1.34 lukem const char *name, *host, *user, *dom;
873 1.40 lukem #endif
874 1.34 lukem
875 1.34 lukem if (!_pw_db && !__initdb())
876 1.34 lukem return NS_UNAVAIL;
877 1.34 lukem
878 1.34 lukem /*
879 1.34 lukem * If there isn't a compat token in the database, use files.
880 1.34 lukem */
881 1.40 lukem #ifdef _PASSWD_COMPAT
882 1.34 lukem if (! __has_compatpw())
883 1.40 lukem #endif
884 1.34 lukem return (_local_getpw(rv, cb_data, ap));
885 1.32 lukem
886 1.40 lukem #ifdef _PASSWD_COMPAT
887 1.32 lukem search = va_arg(ap, int);
888 1.32 lukem uid = 0;
889 1.32 lukem name = NULL;
890 1.32 lukem rval = NS_NOTFOUND;
891 1.32 lukem switch (search) {
892 1.32 lukem case _PW_KEYBYNAME:
893 1.32 lukem name = va_arg(ap, const char *);
894 1.32 lukem break;
895 1.32 lukem case _PW_KEYBYUID:
896 1.32 lukem uid = va_arg(ap, uid_t);
897 1.32 lukem break;
898 1.32 lukem default:
899 1.32 lukem abort();
900 1.32 lukem }
901 1.14 phil
902 1.34 lukem for(s = -1, _pw_keynum=1; _pw_keynum; _pw_keynum++) {
903 1.34 lukem bf[0] = _PW_KEYBYNUM;
904 1.37 christos memmove(bf + 1, &_pw_keynum, sizeof(_pw_keynum));
905 1.34 lukem key.data = (u_char *)bf;
906 1.34 lukem key.size = sizeof(_pw_keynum) + 1;
907 1.34 lukem if(__hashpw(&key) != NS_SUCCESS)
908 1.34 lukem break;
909 1.34 lukem switch(_pw_passwd.pw_name[0]) {
910 1.34 lukem case '+':
911 1.34 lukem /* save the prototype */
912 1.34 lukem __pwproto_set();
913 1.34 lukem
914 1.34 lukem switch(_pw_passwd.pw_name[1]) {
915 1.34 lukem case '\0':
916 1.34 lukem r = __getpwcompat(search, uid, name);
917 1.34 lukem if (r != NS_SUCCESS)
918 1.34 lukem continue;
919 1.10 deraadt break;
920 1.34 lukem case '@':
921 1.14 phil pwnam_netgrp:
922 1.34 lukem if(__ypcurrent) {
923 1.34 lukem free(__ypcurrent);
924 1.34 lukem __ypcurrent = NULL;
925 1.34 lukem }
926 1.34 lukem if (s == -1) /* first time */
927 1.34 lukem setnetgrent(_pw_passwd.pw_name + 2);
928 1.34 lukem s = getnetgrent(&host, &user, &dom);
929 1.34 lukem if (s == 0) { /* end of group */
930 1.34 lukem endnetgrent();
931 1.34 lukem s = -1;
932 1.34 lukem continue;
933 1.34 lukem }
934 1.34 lukem if (!user || !*user)
935 1.34 lukem goto pwnam_netgrp;
936 1.32 lukem
937 1.34 lukem r = __getpwcompat(_PW_KEYBYNAME, 0, user);
938 1.32 lukem
939 1.34 lukem if (r == NS_UNAVAIL)
940 1.34 lukem return r;
941 1.34 lukem if (r == NS_NOTFOUND) {
942 1.34 lukem /*
943 1.34 lukem * just because this user is bad
944 1.34 lukem * it doesn't mean they all are.
945 1.34 lukem */
946 1.34 lukem goto pwnam_netgrp;
947 1.4 deraadt }
948 1.34 lukem break;
949 1.34 lukem default:
950 1.34 lukem user = _pw_passwd.pw_name + 1;
951 1.34 lukem r = __getpwcompat(_PW_KEYBYNAME, 0, user);
952 1.34 lukem
953 1.34 lukem if (r == NS_UNAVAIL)
954 1.34 lukem return r;
955 1.34 lukem if (r == NS_NOTFOUND)
956 1.10 deraadt continue;
957 1.14 phil break;
958 1.34 lukem }
959 1.34 lukem if(__pwexclude_is(_pw_passwd.pw_name)) {
960 1.34 lukem if(s == 1) /* inside netgroup */
961 1.34 lukem goto pwnam_netgrp;
962 1.34 lukem continue;
963 1.34 lukem }
964 1.34 lukem break;
965 1.34 lukem case '-':
966 1.34 lukem /* attempted exclusion */
967 1.34 lukem switch(_pw_passwd.pw_name[1]) {
968 1.34 lukem case '\0':
969 1.34 lukem break;
970 1.34 lukem case '@':
971 1.34 lukem setnetgrent(_pw_passwd.pw_name + 2);
972 1.34 lukem while(getnetgrent(&host, &user, &dom)) {
973 1.34 lukem if(user && *user)
974 1.34 lukem __pwexclude_add(user);
975 1.14 phil }
976 1.34 lukem endnetgrent();
977 1.14 phil break;
978 1.34 lukem default:
979 1.34 lukem __pwexclude_add(_pw_passwd.pw_name + 1);
980 1.32 lukem break;
981 1.4 deraadt }
982 1.34 lukem break;
983 1.34 lukem }
984 1.34 lukem if ((search == _PW_KEYBYNAME &&
985 1.34 lukem strcmp(_pw_passwd.pw_name, name) == 0)
986 1.34 lukem || (search == _PW_KEYBYUID && _pw_passwd.pw_uid == uid)) {
987 1.34 lukem rval = NS_SUCCESS;
988 1.34 lukem break;
989 1.4 deraadt }
990 1.34 lukem if(s == 1) /* inside netgroup */
991 1.34 lukem goto pwnam_netgrp;
992 1.34 lukem continue;
993 1.4 deraadt }
994 1.34 lukem __pwproto = (struct passwd *)NULL;
995 1.1 cgd
996 1.1 cgd if (!_pw_stayopen) {
997 1.1 cgd (void)(_pw_db->close)(_pw_db);
998 1.1 cgd _pw_db = (DB *)NULL;
999 1.1 cgd }
1000 1.32 lukem if(__pwexclude != (DB *)NULL) {
1001 1.32 lukem (void)(__pwexclude->close)(__pwexclude);
1002 1.32 lukem __pwexclude = (DB *)NULL;
1003 1.32 lukem }
1004 1.32 lukem return rval;
1005 1.40 lukem #endif /* _PASSWD_COMPAT */
1006 1.1 cgd }
1007 1.1 cgd
1008 1.1 cgd struct passwd *
1009 1.32 lukem getpwent()
1010 1.1 cgd {
1011 1.32 lukem int r;
1012 1.36 lukem static const ns_dtab dtab[] = {
1013 1.35 lukem NS_FILES_CB(_local_getpw, NULL)
1014 1.35 lukem NS_DNS_CB(_dns_getpw, NULL)
1015 1.35 lukem NS_NIS_CB(_nis_getpw, NULL)
1016 1.35 lukem NS_COMPAT_CB(_compat_getpwent, NULL)
1017 1.35 lukem { 0 }
1018 1.32 lukem };
1019 1.32 lukem
1020 1.32 lukem _pw_none = 0;
1021 1.36 lukem r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwent", compatsrc,
1022 1.35 lukem _PW_KEYBYNUM);
1023 1.32 lukem if (_pw_none || r != NS_SUCCESS)
1024 1.32 lukem return (struct passwd *)NULL;
1025 1.32 lukem return &_pw_passwd;
1026 1.32 lukem }
1027 1.10 deraadt
1028 1.32 lukem struct passwd *
1029 1.32 lukem getpwnam(name)
1030 1.32 lukem const char *name;
1031 1.32 lukem {
1032 1.32 lukem int r;
1033 1.36 lukem static const ns_dtab dtab[] = {
1034 1.35 lukem NS_FILES_CB(_local_getpw, NULL)
1035 1.35 lukem NS_DNS_CB(_dns_getpw, NULL)
1036 1.35 lukem NS_NIS_CB(_nis_getpw, NULL)
1037 1.35 lukem NS_COMPAT_CB(_compat_getpw, NULL)
1038 1.35 lukem { 0 }
1039 1.32 lukem };
1040 1.4 deraadt
1041 1.32 lukem if (name == NULL || name[0] == '\0')
1042 1.32 lukem return (struct passwd *)NULL;
1043 1.4 deraadt
1044 1.36 lukem r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwnam", compatsrc,
1045 1.35 lukem _PW_KEYBYNAME, name);
1046 1.32 lukem return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL);
1047 1.32 lukem }
1048 1.14 phil
1049 1.32 lukem struct passwd *
1050 1.32 lukem getpwuid(uid)
1051 1.32 lukem uid_t uid;
1052 1.32 lukem {
1053 1.32 lukem int r;
1054 1.36 lukem static const ns_dtab dtab[] = {
1055 1.35 lukem NS_FILES_CB(_local_getpw, NULL)
1056 1.35 lukem NS_DNS_CB(_dns_getpw, NULL)
1057 1.35 lukem NS_NIS_CB(_nis_getpw, NULL)
1058 1.35 lukem NS_COMPAT_CB(_compat_getpw, NULL)
1059 1.35 lukem { 0 }
1060 1.32 lukem };
1061 1.1 cgd
1062 1.36 lukem r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwuid", compatsrc,
1063 1.35 lukem _PW_KEYBYUID, uid);
1064 1.32 lukem return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL);
1065 1.1 cgd }
1066 1.1 cgd
1067 1.1 cgd int
1068 1.1 cgd setpassent(stayopen)
1069 1.1 cgd int stayopen;
1070 1.1 cgd {
1071 1.1 cgd _pw_keynum = 0;
1072 1.1 cgd _pw_stayopen = stayopen;
1073 1.9 jtc #ifdef YP
1074 1.32 lukem __pwmode = PWMODE_NONE;
1075 1.9 jtc if(__ypcurrent)
1076 1.9 jtc free(__ypcurrent);
1077 1.9 jtc __ypcurrent = NULL;
1078 1.32 lukem #endif
1079 1.32 lukem #ifdef HESIOD
1080 1.32 lukem _pw_hesnum = 0;
1081 1.32 lukem #endif
1082 1.40 lukem #ifdef _PASSWD_COMPAT
1083 1.32 lukem if(__pwexclude != (DB *)NULL) {
1084 1.32 lukem (void)(__pwexclude->close)(__pwexclude);
1085 1.32 lukem __pwexclude = (DB *)NULL;
1086 1.14 phil }
1087 1.32 lukem __pwproto = (struct passwd *)NULL;
1088 1.9 jtc #endif
1089 1.32 lukem return 1;
1090 1.1 cgd }
1091 1.1 cgd
1092 1.8 jtc void
1093 1.1 cgd setpwent()
1094 1.1 cgd {
1095 1.9 jtc (void) setpassent(0);
1096 1.1 cgd }
1097 1.1 cgd
1098 1.1 cgd void
1099 1.1 cgd endpwent()
1100 1.1 cgd {
1101 1.1 cgd _pw_keynum = 0;
1102 1.1 cgd if (_pw_db) {
1103 1.1 cgd (void)(_pw_db->close)(_pw_db);
1104 1.1 cgd _pw_db = (DB *)NULL;
1105 1.1 cgd }
1106 1.40 lukem #ifdef _PASSWD_COMPAT
1107 1.32 lukem __pwmode = PWMODE_NONE;
1108 1.32 lukem #endif
1109 1.4 deraadt #ifdef YP
1110 1.4 deraadt if(__ypcurrent)
1111 1.4 deraadt free(__ypcurrent);
1112 1.4 deraadt __ypcurrent = NULL;
1113 1.32 lukem #endif
1114 1.32 lukem #ifdef HESIOD
1115 1.32 lukem _pw_hesnum = 0;
1116 1.32 lukem #endif
1117 1.40 lukem #ifdef _PASSWD_COMPAT
1118 1.32 lukem if(__pwexclude != (DB *)NULL) {
1119 1.32 lukem (void)(__pwexclude->close)(__pwexclude);
1120 1.32 lukem __pwexclude = (DB *)NULL;
1121 1.14 phil }
1122 1.32 lukem __pwproto = (struct passwd *)NULL;
1123 1.4 deraadt #endif
1124 1.1 cgd }
1125 1.1 cgd
1126 1.4 deraadt static int
1127 1.1 cgd __initdb()
1128 1.1 cgd {
1129 1.1 cgd static int warned;
1130 1.1 cgd char *p;
1131 1.1 cgd
1132 1.40 lukem #ifdef _PASSWD_COMPAT
1133 1.32 lukem __pwmode = PWMODE_NONE;
1134 1.14 phil #endif
1135 1.25 mrg if (geteuid() == 0) {
1136 1.25 mrg _pw_db = dbopen((p = _PATH_SMP_DB), O_RDONLY, 0, DB_HASH, NULL);
1137 1.25 mrg if (_pw_db)
1138 1.25 mrg return(1);
1139 1.25 mrg }
1140 1.25 mrg _pw_db = dbopen((p = _PATH_MP_DB), O_RDONLY, 0, DB_HASH, NULL);
1141 1.1 cgd if (_pw_db)
1142 1.32 lukem return 1;
1143 1.1 cgd if (!warned)
1144 1.1 cgd syslog(LOG_ERR, "%s: %m", p);
1145 1.11 deraadt warned = 1;
1146 1.32 lukem return 0;
1147 1.1 cgd }
1148 1.1 cgd
1149 1.4 deraadt static int
1150 1.1 cgd __hashpw(key)
1151 1.1 cgd DBT *key;
1152 1.1 cgd {
1153 1.17 lukem char *p, *t;
1154 1.1 cgd static u_int max;
1155 1.30 christos static char *buf;
1156 1.1 cgd DBT data;
1157 1.1 cgd
1158 1.32 lukem switch ((_pw_db->get)(_pw_db, key, &data, 0)) {
1159 1.32 lukem case 0:
1160 1.32 lukem break; /* found */
1161 1.32 lukem case 1:
1162 1.32 lukem return NS_NOTFOUND;
1163 1.32 lukem case -1:
1164 1.32 lukem return NS_UNAVAIL; /* error in db routines */
1165 1.32 lukem default:
1166 1.32 lukem abort();
1167 1.32 lukem }
1168 1.32 lukem
1169 1.1 cgd p = (char *)data.data;
1170 1.30 christos if (data.size > max && !(buf = realloc(buf, (max += 1024))))
1171 1.32 lukem return NS_UNAVAIL;
1172 1.1 cgd
1173 1.24 perry /* THIS CODE MUST MATCH THAT IN pwd_mkdb. */
1174 1.30 christos t = buf;
1175 1.14 phil #define EXPAND(e) e = t; while ((*t++ = *p++));
1176 1.24 perry #define SCALAR(v) memmove(&(v), p, sizeof v); p += sizeof v
1177 1.1 cgd EXPAND(_pw_passwd.pw_name);
1178 1.1 cgd EXPAND(_pw_passwd.pw_passwd);
1179 1.24 perry SCALAR(_pw_passwd.pw_uid);
1180 1.24 perry SCALAR(_pw_passwd.pw_gid);
1181 1.24 perry SCALAR(_pw_passwd.pw_change);
1182 1.1 cgd EXPAND(_pw_passwd.pw_class);
1183 1.1 cgd EXPAND(_pw_passwd.pw_gecos);
1184 1.1 cgd EXPAND(_pw_passwd.pw_dir);
1185 1.1 cgd EXPAND(_pw_passwd.pw_shell);
1186 1.24 perry SCALAR(_pw_passwd.pw_expire);
1187 1.14 phil
1188 1.14 phil /* See if there's any data left. If so, read in flags. */
1189 1.14 phil if (data.size > (p - (char *)data.data)) {
1190 1.24 perry SCALAR(_pw_flags);
1191 1.14 phil } else
1192 1.14 phil _pw_flags = _PASSWORD_NOUID|_PASSWORD_NOGID; /* default */
1193 1.14 phil
1194 1.32 lukem return NS_SUCCESS;
1195 1.1 cgd }
1196