getpwent.c revision 1.21.2.1
1 /* $NetBSD: getpwent.c,v 1.21.2.1 1997/05/24 07:19:25 lukem Exp $ */ 2 3 /* 4 * Copyright (c) 1988, 1993 5 * The Regents of the University of California. All rights reserved. 6 * Portions Copyright (c) 1994, 1995, Jason Downs. All rights reserved. 7 * Portions Copyright (c) 1997 Luke Mewburn. All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. All advertising materials mentioning features or use of this software 18 * must display the following acknowledgement: 19 * This product includes software developed by the University of 20 * California, Berkeley and its contributors. 21 * 4. Neither the name of the University nor the names of its contributors 22 * may be used to endorse or promote products derived from this software 23 * without specific prior written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 28 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35 * SUCH DAMAGE. 36 */ 37 38 #if defined(LIBC_SCCS) && !defined(lint) 39 #if 0 40 static char sccsid[] = "@(#)getpwent.c 8.1 (Berkeley) 6/4/93"; 41 #else 42 static char rcsid[] = "$NetBSD: getpwent.c,v 1.21.2.1 1997/05/24 07:19:25 lukem Exp $"; 43 #endif 44 #endif /* LIBC_SCCS and not lint */ 45 46 #include <sys/param.h> 47 #include <fcntl.h> 48 #include <db.h> 49 #include <syslog.h> 50 #include <pwd.h> 51 #include <utmp.h> 52 #include <errno.h> 53 #include <unistd.h> 54 #include <stdlib.h> 55 #include <string.h> 56 #include <limits.h> 57 #include <netgroup.h> 58 #include <nsswitch.h> 59 #ifdef HESIOD 60 #include <hesiod.h> 61 #endif 62 #ifdef YP 63 #include <machine/param.h> 64 #include <stdio.h> 65 #include <rpc/rpc.h> 66 #include <rpcsvc/yp_prot.h> 67 #include <rpcsvc/ypclnt.h> 68 #endif 69 70 static struct passwd _pw_passwd; /* password structure */ 71 static DB *_pw_db; /* password database */ 72 static int _pw_keynum; /* key counter */ 73 static int _pw_stayopen; /* keep fd's open */ 74 static int _pw_flags; /* password flags */ 75 76 static int __hashpw __P((DBT *)); 77 static int __initdb __P((void)); 78 79 const char __yp_token[] = "__YP!"; /* Let pwd_mkdb pull this in. */ 80 81 #ifdef YP 82 static char *__ypcurrent, *__ypdomain; 83 static int __ypcurrentlen; 84 #endif 85 86 #ifdef HESIOD 87 static int _pw_hesnum; 88 #endif 89 90 #if defined(YP) || defined(HESIOD) 91 enum _pwmode { PWMODE_NONE, PWMODE_FULL, PWMODE_USER, PWMODE_NETGRP }; 92 static enum _pwmode __pwmode; 93 94 static struct passwd *__pwproto = (struct passwd *)NULL; 95 static int __pwproto_flags; 96 static char line[1024]; 97 static long prbuf[1024 / sizeof(long)]; 98 static DB *__pwexclude = (DB *)NULL; 99 100 /* 101 * add a name to the compat mode exclude list 102 */ 103 static int 104 __pwexclude_add(name) 105 const char *name; 106 { 107 DBT key, data; 108 109 /* initialize the exclusion table if needed. */ 110 if(__pwexclude == (DB *)NULL) { 111 __pwexclude = dbopen(NULL, O_RDWR, 600, DB_HASH, NULL); 112 if(__pwexclude == (DB *)NULL) 113 return 1; 114 } 115 116 /* set up the key */ 117 key.data = (char *)name; 118 key.size = strlen(name); 119 120 /* data is nothing. */ 121 data.data = NULL; 122 data.size = 0; 123 124 /* store it */ 125 if((__pwexclude->put)(__pwexclude, &key, &data, 0) == -1) 126 return 1; 127 128 return 0; 129 } 130 131 /* 132 * test if a name is on the compat mode exclude list 133 */ 134 static int 135 __pwexclude_is(name) 136 const char *name; 137 { 138 DBT key, data; 139 140 if(__pwexclude == (DB *)NULL) 141 return 0; /* nothing excluded */ 142 143 /* set up the key */ 144 key.data = (char *)name; 145 key.size = strlen(name); 146 147 if((__pwexclude->get)(__pwexclude, &key, &data, 0) == 0) 148 return 1; /* excluded */ 149 150 return 0; 151 } 152 153 /* 154 * setup the compat mode prototype template 155 */ 156 static void 157 __pwproto_set() 158 { 159 char *ptr; 160 struct passwd *pw = &_pw_passwd; 161 162 /* make this the new prototype */ 163 ptr = (char *)prbuf; 164 165 /* first allocate the struct. */ 166 __pwproto = (struct passwd *)ptr; 167 ptr += sizeof(struct passwd); 168 169 /* name */ 170 if(pw->pw_name && (pw->pw_name)[0]) { 171 ptr = (char *)ALIGN(ptr); 172 memmove(ptr, pw->pw_name, strlen(pw->pw_name) + 1); 173 __pwproto->pw_name = ptr; 174 ptr += (strlen(pw->pw_name) + 1); 175 } else 176 __pwproto->pw_name = (char *)NULL; 177 178 /* password */ 179 if(pw->pw_passwd && (pw->pw_passwd)[0]) { 180 ptr = (char *)ALIGN(ptr); 181 memmove(ptr, pw->pw_passwd, strlen(pw->pw_passwd) + 1); 182 __pwproto->pw_passwd = ptr; 183 ptr += (strlen(pw->pw_passwd) + 1); 184 } else 185 __pwproto->pw_passwd = (char *)NULL; 186 187 /* uid */ 188 __pwproto->pw_uid = pw->pw_uid; 189 190 /* gid */ 191 __pwproto->pw_gid = pw->pw_gid; 192 193 /* change (ignored anyway) */ 194 __pwproto->pw_change = pw->pw_change; 195 196 /* class (ignored anyway) */ 197 __pwproto->pw_class = ""; 198 199 /* gecos */ 200 if(pw->pw_gecos && (pw->pw_gecos)[0]) { 201 ptr = (char *)ALIGN(ptr); 202 memmove(ptr, pw->pw_gecos, strlen(pw->pw_gecos) + 1); 203 __pwproto->pw_gecos = ptr; 204 ptr += (strlen(pw->pw_gecos) + 1); 205 } else 206 __pwproto->pw_gecos = (char *)NULL; 207 208 /* dir */ 209 if(pw->pw_dir && (pw->pw_dir)[0]) { 210 ptr = (char *)ALIGN(ptr); 211 memmove(ptr, pw->pw_dir, strlen(pw->pw_dir) + 1); 212 __pwproto->pw_dir = ptr; 213 ptr += (strlen(pw->pw_dir) + 1); 214 } else 215 __pwproto->pw_dir = (char *)NULL; 216 217 /* shell */ 218 if(pw->pw_shell && (pw->pw_shell)[0]) { 219 ptr = (char *)ALIGN(ptr); 220 memmove(ptr, pw->pw_shell, strlen(pw->pw_shell) + 1); 221 __pwproto->pw_shell = ptr; 222 ptr += (strlen(pw->pw_shell) + 1); 223 } else 224 __pwproto->pw_shell = (char *)NULL; 225 226 /* expire (ignored anyway) */ 227 __pwproto->pw_expire = pw->pw_expire; 228 229 /* flags */ 230 __pwproto_flags = _pw_flags; 231 } 232 233 /* 234 * parse an old-style passwd file line (from NIS or HESIOD) 235 */ 236 static int 237 __pwparse(pw, s) 238 struct passwd *pw; 239 char *s; 240 { 241 char *bp, *cp, *ep; 242 unsigned long id; 243 244 /* since this is currently using strsep(), parse it first */ 245 bp = s; 246 pw->pw_name = strsep(&bp, ":\n"); 247 pw->pw_passwd = strsep(&bp, ":\n"); 248 if (!(cp = strsep(&bp, ":\n"))) 249 return 1; 250 id = strtoul(cp, &ep, 10); 251 if (id > UID_MAX || *ep != '\0') 252 return 1; 253 pw->pw_uid = (uid_t)id; 254 if (!(cp = strsep(&bp, ":\n"))) 255 return 1; 256 id = strtoul(cp, &ep, 10); 257 if (id > GID_MAX || *ep != '\0') 258 return 1; 259 pw->pw_gid = (gid_t)id; 260 pw->pw_change = 0; 261 pw->pw_class = ""; 262 pw->pw_gecos = strsep(&bp, ":\n"); 263 pw->pw_dir = strsep(&bp, ":\n"); 264 pw->pw_shell = strsep(&bp, ":\n"); 265 pw->pw_expire = 0; 266 267 /* now let the prototype override, if set. */ 268 if(__pwproto != (struct passwd *)NULL) { 269 #ifdef PW_OVERRIDE_PASSWD 270 if(__pwproto->pw_passwd != (char *)NULL) 271 pw->pw_passwd = __pwproto->pw_passwd; 272 #endif 273 if(!(__pwproto_flags & _PASSWORD_NOUID)) 274 pw->pw_uid = __pwproto->pw_uid; 275 if(!(__pwproto_flags & _PASSWORD_NOGID)) 276 pw->pw_gid = __pwproto->pw_gid; 277 if(__pwproto->pw_gecos != (char *)NULL) 278 pw->pw_gecos = __pwproto->pw_gecos; 279 if(__pwproto->pw_dir != (char *)NULL) 280 pw->pw_dir = __pwproto->pw_dir; 281 if(__pwproto->pw_shell != (char *)NULL) 282 pw->pw_shell = __pwproto->pw_shell; 283 } 284 return 0; 285 } 286 #endif /* YP || HESIOD */ 287 288 /* 289 * local files implementation of getpw*() 290 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 291 */ 292 static int 293 _local_getpw(rv, cb_data, ap) 294 void *rv; 295 void *cb_data; 296 va_list ap; 297 { 298 DBT key; 299 char bf[MAX(UT_NAMESIZE, sizeof(_pw_keynum)) + 1]; 300 uid_t uid; 301 int search, len, rval; 302 const char *name; 303 304 if (!_pw_db && !__initdb()) 305 return NS_UNAVAIL; 306 307 search = va_arg(ap, int); 308 bf[0] = search; 309 switch (search) { 310 case _PW_KEYBYNUM: 311 ++_pw_keynum; 312 memmove(bf + 1, (char *)&_pw_keynum, sizeof(_pw_keynum)); 313 key.size = sizeof(_pw_keynum) + 1; 314 break; 315 case _PW_KEYBYNAME: 316 name = va_arg(ap, const char *); 317 len = strlen(name); 318 memmove(bf + 1, name, MIN(len, UT_NAMESIZE)); 319 key.size = len + 1; 320 break; 321 case _PW_KEYBYUID: 322 uid = va_arg(ap, uid_t); 323 memmove(bf + 1, (char *)&uid, sizeof(len)); 324 key.size = sizeof(uid) + 1; 325 break; 326 default: 327 abort(); 328 } 329 330 key.data = (u_char *)bf; 331 rval = __hashpw(&key); 332 333 if (!_pw_stayopen && (search != _PW_KEYBYNUM)) { 334 (void)(_pw_db->close)(_pw_db); 335 _pw_db = (DB *)NULL; 336 } 337 return (rval); 338 } 339 340 #ifdef HESIOD 341 /* 342 * hesiod implementation of getpw*() 343 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 344 */ 345 static int 346 _dns_getpw(rv, cb_data, ap) 347 void *rv; 348 void *cb_data; 349 va_list ap; 350 { 351 const char *name; 352 uid_t uid; 353 int search; 354 char **hp; 355 356 357 search = va_arg(ap, int); 358 switch (search) { 359 case _PW_KEYBYNUM: 360 snprintf(line, sizeof(line) - 1, "passwd-%d", _pw_hesnum); 361 _pw_hesnum++; 362 break; 363 case _PW_KEYBYNAME: 364 name = va_arg(ap, const char *); 365 strncpy(line, name, sizeof(line)); 366 break; 367 case _PW_KEYBYUID: 368 uid = va_arg(ap, uid_t); 369 snprintf(line, sizeof(line), "%u", uid); 370 break; 371 default: 372 abort(); 373 } 374 line[sizeof(line) - 1] = '\0'; 375 376 hp = hes_resolve(line, "passwd"); 377 if (hp == NULL) { 378 switch (hes_error()) { 379 case HES_ER_NOTFOUND: 380 if (search == _PW_KEYBYNUM) 381 _pw_hesnum = 0; 382 return NS_NOTFOUND; 383 case HES_ER_OK: 384 abort(); 385 default: 386 return NS_UNAVAIL; 387 } 388 } 389 390 strncpy(line, hp[0], sizeof(line)); /* only check first elem */ 391 line[sizeof(line) - 1] = '\0'; 392 hes_free(hp); 393 if (__pwparse(&_pw_passwd, line)) 394 return NS_UNAVAIL; 395 return NS_SUCCESS; 396 } 397 #endif 398 399 #ifdef YP 400 /* 401 * nis implementation of getpw*() 402 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 403 */ 404 static int 405 _nis_getpw(rv, cb_data, ap) 406 void *rv; 407 void *cb_data; 408 va_list ap; 409 { 410 const char *name; 411 uid_t uid; 412 int search; 413 char *key, *data; 414 char *map = "passwd.byname"; 415 int keylen, datalen, r; 416 417 if(__ypdomain == NULL) { 418 if(_yp_check(&__ypdomain) == 0) 419 return NS_UNAVAIL; 420 } 421 422 search = va_arg(ap, int); 423 switch (search) { 424 case _PW_KEYBYNUM: 425 break; 426 case _PW_KEYBYNAME: 427 name = va_arg(ap, const char *); 428 strncpy(line, name, sizeof(line)); 429 break; 430 case _PW_KEYBYUID: 431 uid = va_arg(ap, uid_t); 432 snprintf(line, sizeof(line), "%u", uid); 433 map = "passwd.byuid"; 434 break; 435 default: 436 abort(); 437 } 438 line[sizeof(line) - 1] = '\0'; 439 if (search != _PW_KEYBYNUM) { 440 data = NULL; 441 r = yp_match(__ypdomain, map, line, strlen(line), 442 &data, &datalen); 443 switch (r) { 444 case 0: 445 break; 446 case YPERR_KEY: 447 r = NS_NOTFOUND; 448 break; 449 default: 450 r = NS_UNAVAIL; 451 break; 452 } 453 if (r != 0) { 454 if (data) 455 free(data); 456 return r; 457 } 458 data[datalen] = '\0'; /* clear trailing \n */ 459 strncpy(line, data, sizeof(line)); 460 line[sizeof(line) - 1] = '\0'; 461 free(data); 462 if (__pwparse(&_pw_passwd, line)) 463 return NS_UNAVAIL; 464 return NS_SUCCESS; 465 } 466 467 for (;;) { 468 data = NULL; 469 if (__ypcurrent) { 470 key = NULL; 471 r = yp_next(__ypdomain, map, 472 __ypcurrent, __ypcurrentlen, 473 &key, &keylen, &data, &datalen); 474 free(__ypcurrent); 475 switch (r) { 476 case 0: 477 __ypcurrent = key; 478 __ypcurrentlen = keylen; 479 break; 480 case YPERR_NOMORE: 481 __ypcurrent = NULL; 482 r = NS_NOTFOUND; 483 break; 484 default: 485 r = NS_UNAVAIL; 486 break; 487 } 488 if (r != 0) { 489 if (key) 490 free(key); 491 } 492 } else { 493 r = 0; 494 if (yp_first(__ypdomain, map, &__ypcurrent, 495 &__ypcurrentlen, &data, &datalen)) 496 r = NS_UNAVAIL; 497 } 498 if (r != 0) { 499 if (data) 500 free(data); 501 return r; 502 } 503 data[datalen] = '\0'; /* clear trailing \n */ 504 strncpy(line, data, sizeof(line)); 505 line[sizeof(line) - 1] = '\0'; 506 free(data); 507 if (! __pwparse(&_pw_passwd, line)) 508 return NS_SUCCESS; 509 } 510 /* NOTREACHED */ 511 } /* _nis_getpw */ 512 #endif 513 514 #if defined(YP) || defined(HESIOD) 515 /* 516 * See if the compat token is in the database. Only works if pwd_mkdb knows 517 * about the token. 518 */ 519 static int 520 __has_compatpw() 521 { 522 DBT key, data; 523 DBT pkey, pdata; 524 int len; 525 char bf[UT_NAMESIZE]; 526 527 key.data = (u_char *)__yp_token; 528 key.size = strlen(__yp_token); 529 530 /* Pre-token database support. */ 531 bf[0] = _PW_KEYBYNAME; 532 len = strlen("+"); 533 memmove(bf + 1, "+", MIN(len, UT_NAMESIZE)); 534 pkey.data = (u_char *)bf; 535 pkey.size = len + 1; 536 537 if ((_pw_db->get)(_pw_db, &key, &data, 0) 538 && (_pw_db->get)(_pw_db, &pkey, &pdata, 0)) 539 return 0; /* No compat token */ 540 return 1 ; 541 } 542 543 /* 544 * log an error if "files" or "compat" is specified in passwd_compat database 545 */ 546 static int 547 _bad_getpw(rv, cb_data, ap) 548 void *rv; 549 void *cb_data; 550 va_list ap; 551 { 552 static int warned; 553 if (!warned) { 554 syslog(LOG_ERR, 555 "nsswitch.conf passwd_compat database can't use '%s'", 556 (char *)cb_data); 557 } 558 warned = 1; 559 return NS_UNAVAIL; 560 } 561 562 /* 563 * when a name lookup in compat mode is required (e.g., '+name', or a name in 564 * '+@netgroup'), look it up in the 'passwd_compat' nsswitch database. 565 * only Hesiod and NIS is supported - it doesn't make sense to lookup 566 * compat names from 'files' or 'compat'. 567 */ 568 static int 569 __getpwcompat(type, uid, name) 570 int type; 571 uid_t uid; 572 const char *name; 573 { 574 static ns_dtab dtab; 575 576 NS_FILES_CB(dtab, _bad_getpw, "files"); 577 NS_DNS_CB(dtab, _dns_getpw, NULL); 578 NS_NIS_CB(dtab, _nis_getpw, NULL); 579 NS_COMPAT_CB(dtab, _bad_getpw, "compat"); 580 581 switch (type) { 582 case _PW_KEYBYNUM: 583 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, type); 584 case _PW_KEYBYNAME: 585 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, type, name); 586 case _PW_KEYBYUID: 587 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, type, uid); 588 default: 589 abort(); 590 } 591 } 592 593 /* 594 * compat implementation of getpwent() 595 * varargs (ignored): 596 * type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 597 */ 598 static int 599 _compat_getpwent(rv, cb_data, ap) 600 void *rv; 601 void *cb_data; 602 va_list ap; 603 { 604 DBT key; 605 char bf[sizeof(_pw_keynum) + 1]; 606 static char *name = NULL; 607 const char *user, *host, *dom; 608 int has_compatpw; 609 610 if (!_pw_db && !__initdb()) 611 return NS_UNAVAIL; 612 613 has_compatpw = __has_compatpw(); 614 615 again: 616 if (has_compatpw && (__pwmode != PWMODE_NONE)) { 617 int r; 618 619 switch (__pwmode) { 620 case PWMODE_FULL: 621 r = __getpwcompat(_PW_KEYBYNUM, 0, NULL); 622 if (r == NS_SUCCESS) 623 return r; 624 __pwmode = PWMODE_NONE; 625 break; 626 627 case PWMODE_NETGRP: 628 r = getnetgrent(&host, &user, &dom); 629 if (r == 0) { /* end of group */ 630 endnetgrent(); 631 __pwmode = PWMODE_NONE; 632 break; 633 } 634 if (!user || !*user) 635 break; 636 r = __getpwcompat(_PW_KEYBYNAME, 0, user); 637 if (r == NS_SUCCESS) 638 return r; 639 break; 640 641 case PWMODE_USER: 642 if (name == NULL) { 643 __pwmode = PWMODE_NONE; 644 break; 645 } 646 r = __getpwcompat(_PW_KEYBYNAME, 0, name); 647 free(name); 648 name = NULL; 649 if (r == NS_SUCCESS) 650 return r; 651 break; 652 653 case PWMODE_NONE: 654 abort(); 655 } 656 goto again; 657 } 658 659 ++_pw_keynum; 660 bf[0] = _PW_KEYBYNUM; 661 memmove(bf + 1, (char *)&_pw_keynum, sizeof(_pw_keynum)); 662 key.data = (u_char *)bf; 663 key.size = sizeof(_pw_keynum) + 1; 664 if(__hashpw(&key) == NS_SUCCESS) { 665 /* if we don't have YP at all, don't bother. */ 666 if (has_compatpw) { 667 if(_pw_passwd.pw_name[0] == '+') { 668 /* set the mode */ 669 switch(_pw_passwd.pw_name[1]) { 670 case '\0': 671 __pwmode = PWMODE_FULL; 672 break; 673 case '@': 674 __pwmode = PWMODE_NETGRP; 675 setnetgrent(_pw_passwd.pw_name + 2); 676 break; 677 default: 678 __pwmode = PWMODE_USER; 679 name = strdup(_pw_passwd.pw_name + 1); 680 break; 681 } 682 683 /* save the prototype */ 684 __pwproto_set(); 685 goto again; 686 } else if(_pw_passwd.pw_name[0] == '-') { 687 /* an attempted exclusion */ 688 switch(_pw_passwd.pw_name[1]) { 689 case '\0': 690 break; 691 case '@': 692 setnetgrent(_pw_passwd.pw_name + 2); 693 while(getnetgrent(&host, &user, &dom)) { 694 if(user && *user) 695 __pwexclude_add(user); 696 } 697 endnetgrent(); 698 break; 699 default: 700 __pwexclude_add(_pw_passwd.pw_name + 1); 701 break; 702 } 703 goto again; 704 } 705 } 706 return NS_SUCCESS; 707 } 708 return NS_NOTFOUND; 709 } 710 711 /* 712 * compat implementation of getpwnam() and getpwuid() 713 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 714 */ 715 716 static int 717 _compat_getpw(rv, cb_data, ap) 718 void *rv; 719 void *cb_data; 720 va_list ap; 721 { 722 DBT key; 723 int len, search, rval; 724 uid_t uid; 725 char bf[MAXLOGNAME + 1]; 726 const char *name; 727 728 search = va_arg(ap, int); 729 uid = 0; 730 name = NULL; 731 rval = NS_NOTFOUND; 732 733 if (!_pw_db && !__initdb()) 734 return NS_UNAVAIL; 735 736 switch (search) { 737 case _PW_KEYBYNAME: 738 name = va_arg(ap, const char *); 739 break; 740 case _PW_KEYBYUID: 741 uid = va_arg(ap, uid_t); 742 break; 743 default: 744 abort(); 745 } 746 747 /* 748 * If YP is active, we must sequence through the passwd file 749 * in sequence. 750 */ 751 if (__has_compatpw()) { 752 int r; 753 int s = -1; 754 const char *host, *user, *dom; 755 756 for(_pw_keynum=1; _pw_keynum; _pw_keynum++) { 757 bf[0] = _PW_KEYBYNUM; 758 memmove(bf + 1, (char *)&_pw_keynum, 759 sizeof(_pw_keynum)); 760 key.data = (u_char *)bf; 761 key.size = sizeof(_pw_keynum) + 1; 762 if(__hashpw(&key) != NS_SUCCESS) 763 break; 764 switch(_pw_passwd.pw_name[0]) { 765 case '+': 766 /* save the prototype */ 767 __pwproto_set(); 768 769 switch(_pw_passwd.pw_name[1]) { 770 case '\0': 771 r = __getpwcompat(search, uid, name); 772 if (r != NS_SUCCESS) 773 continue; 774 break; 775 case '@': 776 pwnam_netgrp: 777 if(__ypcurrent) { 778 free(__ypcurrent); 779 __ypcurrent = NULL; 780 } 781 if(s == -1) /* first time */ 782 setnetgrent(_pw_passwd.pw_name + 2); 783 s = getnetgrent(&host, &user, &dom); 784 if(s == 0) { /* end of group */ 785 endnetgrent(); 786 s = -1; 787 continue; 788 } 789 if (!user || !*user) 790 goto pwnam_netgrp; 791 792 r = __getpwcompat(_PW_KEYBYNAME, 793 0, user); 794 795 if (r == NS_UNAVAIL) 796 return r; 797 if (r == NS_NOTFOUND) { 798 /* 799 * just because this user is bad 800 * it doesn't mean they all are. 801 */ 802 goto pwnam_netgrp; 803 } 804 break; 805 default: 806 user = _pw_passwd.pw_name + 1; 807 r = __getpwcompat(_PW_KEYBYNAME, 808 0, user); 809 810 if (r == NS_UNAVAIL) 811 return r; 812 if (r == NS_NOTFOUND) 813 continue; 814 break; 815 } 816 if(__pwexclude_is(_pw_passwd.pw_name)) { 817 if(s == 1) /* inside netgrp */ 818 goto pwnam_netgrp; 819 continue; 820 } 821 break; 822 case '-': 823 /* attempted exclusion */ 824 switch(_pw_passwd.pw_name[1]) { 825 case '\0': 826 break; 827 case '@': 828 setnetgrent(_pw_passwd.pw_name + 2); 829 while(getnetgrent(&host, &user, &dom)) { 830 if(user && *user) 831 __pwexclude_add(user); 832 } 833 endnetgrent(); 834 break; 835 default: 836 __pwexclude_add(_pw_passwd.pw_name + 1); 837 break; 838 } 839 break; 840 841 continue; 842 } 843 if ((search == _PW_KEYBYNAME && 844 strcmp(_pw_passwd.pw_name, name) == 0) 845 || (search == _PW_KEYBYUID && 846 _pw_passwd.pw_uid == uid)) { 847 rval = NS_SUCCESS; 848 break; 849 } 850 if(s == 1) /* inside netgrp */ 851 goto pwnam_netgrp; 852 continue; 853 } 854 __pwproto = (struct passwd *)NULL; 855 } else { 856 bf[0] = _PW_KEYBYNAME; 857 len = strlen(name); 858 memmove(bf + 1, name, MIN(len, UT_NAMESIZE)); 859 key.data = (u_char *)bf; 860 key.size = len + 1; 861 rval = __hashpw(&key); 862 } 863 864 if (!_pw_stayopen) { 865 (void)(_pw_db->close)(_pw_db); 866 _pw_db = (DB *)NULL; 867 } 868 if(__pwexclude != (DB *)NULL) { 869 (void)(__pwexclude->close)(__pwexclude); 870 __pwexclude = (DB *)NULL; 871 } 872 return rval; 873 } 874 #endif /* YP || HESIOD */ 875 876 struct passwd * 877 getpwent() 878 { 879 int r; 880 static ns_dtab dtab; 881 882 NS_FILES_CB(dtab, _local_getpw, NULL); 883 NS_DNS_CB(dtab, _dns_getpw, NULL); 884 NS_NIS_CB(dtab, _nis_getpw, NULL); 885 NS_COMPAT_CB(dtab, _compat_getpwent, NULL); 886 887 r = nsdispatch(NULL, dtab, NSDB_PASSWD, _PW_KEYBYNUM); 888 return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL); 889 } 890 891 struct passwd * 892 getpwnam(name) 893 const char *name; 894 { 895 int r; 896 static ns_dtab dtab; 897 898 NS_FILES_CB(dtab, _local_getpw, NULL); 899 NS_DNS_CB(dtab, _dns_getpw, NULL); 900 NS_NIS_CB(dtab, _nis_getpw, NULL); 901 NS_COMPAT_CB(dtab, _compat_getpw, NULL); 902 903 if (name == NULL || name[0] == '\0') 904 return (struct passwd *)NULL; 905 906 r = nsdispatch(NULL, dtab, NSDB_PASSWD, _PW_KEYBYNAME, name); 907 return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL); 908 } 909 910 struct passwd * 911 getpwuid(uid) 912 uid_t uid; 913 { 914 int r; 915 static ns_dtab dtab; 916 917 NS_FILES_CB(dtab, _local_getpw, NULL); 918 NS_DNS_CB(dtab, _dns_getpw, NULL); 919 NS_NIS_CB(dtab, _nis_getpw, NULL); 920 NS_COMPAT_CB(dtab, _compat_getpw, NULL); 921 922 r = nsdispatch(NULL, dtab, NSDB_PASSWD, _PW_KEYBYUID, (int)uid); 923 return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL); 924 } 925 926 int 927 setpassent(stayopen) 928 int stayopen; 929 { 930 _pw_keynum = 0; 931 _pw_stayopen = stayopen; 932 #ifdef YP 933 __pwmode = PWMODE_NONE; 934 if(__ypcurrent) 935 free(__ypcurrent); 936 __ypcurrent = NULL; 937 #endif 938 #ifdef HESIOD 939 _pw_hesnum = 0; 940 #endif 941 #if defined(YP) || defined(HESIOD) 942 if(__pwexclude != (DB *)NULL) { 943 (void)(__pwexclude->close)(__pwexclude); 944 __pwexclude = (DB *)NULL; 945 } 946 __pwproto = (struct passwd *)NULL; 947 #endif 948 return 1; 949 } 950 951 void 952 setpwent() 953 { 954 (void) setpassent(0); 955 } 956 957 void 958 endpwent() 959 { 960 _pw_keynum = 0; 961 if (_pw_db) { 962 (void)(_pw_db->close)(_pw_db); 963 _pw_db = (DB *)NULL; 964 } 965 __pwmode = PWMODE_NONE; 966 #ifdef YP 967 if(__ypcurrent) 968 free(__ypcurrent); 969 __ypcurrent = NULL; 970 #endif 971 #ifdef HESIOD 972 _pw_hesnum = 0; 973 #endif 974 #if defined(YP) || defined(HESIOD) 975 if(__pwexclude != (DB *)NULL) { 976 (void)(__pwexclude->close)(__pwexclude); 977 __pwexclude = (DB *)NULL; 978 } 979 __pwproto = (struct passwd *)NULL; 980 #endif 981 } 982 983 static int 984 __initdb() 985 { 986 static int warned; 987 char *p; 988 989 #if defined(YP) || defined(HESIOD) 990 __pwmode = PWMODE_NONE; 991 #endif 992 p = (geteuid()) ? _PATH_MP_DB : _PATH_SMP_DB; 993 _pw_db = dbopen(p, O_RDONLY, 0, DB_HASH, NULL); 994 if (_pw_db) 995 return 1; 996 if (!warned) 997 syslog(LOG_ERR, "%s: %m", p); 998 warned = 1; 999 return 0; 1000 } 1001 1002 static int 1003 __hashpw(key) 1004 DBT *key; 1005 { 1006 char *p, *t; 1007 static u_int max; 1008 static char *line; 1009 DBT data; 1010 1011 switch ((_pw_db->get)(_pw_db, key, &data, 0)) { 1012 case 0: 1013 break; /* found */ 1014 case 1: 1015 return NS_NOTFOUND; 1016 case -1: 1017 return NS_UNAVAIL; /* error in db routines */ 1018 default: 1019 abort(); 1020 } 1021 1022 p = (char *)data.data; 1023 if (data.size > max && !(line = realloc(line, (max += 1024)))) 1024 return NS_UNAVAIL; 1025 1026 t = line; 1027 #define EXPAND(e) e = t; while ((*t++ = *p++)); 1028 EXPAND(_pw_passwd.pw_name); 1029 EXPAND(_pw_passwd.pw_passwd); 1030 memmove((char *)&_pw_passwd.pw_uid, p, sizeof(int)); 1031 p += sizeof(int); 1032 memmove((char *)&_pw_passwd.pw_gid, p, sizeof(int)); 1033 p += sizeof(int); 1034 memmove((char *)&_pw_passwd.pw_change, p, sizeof(time_t)); 1035 p += sizeof(time_t); 1036 EXPAND(_pw_passwd.pw_class); 1037 EXPAND(_pw_passwd.pw_gecos); 1038 EXPAND(_pw_passwd.pw_dir); 1039 EXPAND(_pw_passwd.pw_shell); 1040 memmove((char *)&_pw_passwd.pw_expire, p, sizeof(time_t)); 1041 p += sizeof(time_t); 1042 1043 /* See if there's any data left. If so, read in flags. */ 1044 if (data.size > (p - (char *)data.data)) { 1045 memmove((char *)&_pw_flags, p, sizeof(int)); 1046 p += sizeof(int); 1047 } else 1048 _pw_flags = _PASSWORD_NOUID|_PASSWORD_NOGID; /* default */ 1049 1050 return NS_SUCCESS; 1051 } 1052
Indexes created Tue Sep 30 11:09:46 GMT 2025