getpwent.c revision 1.21.2.2
1 /* $NetBSD: getpwent.c,v 1.21.2.2 1997/05/26 16:33:36 lukem Exp $ */ 2 3 /* 4 * Copyright (c) 1988, 1993 5 * The Regents of the University of California. All rights reserved. 6 * Portions Copyright (c) 1994, 1995, Jason Downs. All rights reserved. 7 * Portions Copyright (c) 1997 Luke Mewburn. All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. All advertising materials mentioning features or use of this software 18 * must display the following acknowledgement: 19 * This product includes software developed by the University of 20 * California, Berkeley and its contributors. 21 * 4. Neither the name of the University nor the names of its contributors 22 * may be used to endorse or promote products derived from this software 23 * without specific prior written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 28 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35 * SUCH DAMAGE. 36 */ 37 38 #if defined(LIBC_SCCS) && !defined(lint) 39 #if 0 40 static char sccsid[] = "@(#)getpwent.c 8.1 (Berkeley) 6/4/93"; 41 #else 42 static char rcsid[] = "$NetBSD: getpwent.c,v 1.21.2.2 1997/05/26 16:33:36 lukem Exp $"; 43 #endif 44 #endif /* LIBC_SCCS and not lint */ 45 46 #include <sys/param.h> 47 #include <fcntl.h> 48 #include <db.h> 49 #include <syslog.h> 50 #include <pwd.h> 51 #include <utmp.h> 52 #include <errno.h> 53 #include <unistd.h> 54 #include <stdlib.h> 55 #include <string.h> 56 #include <limits.h> 57 #include <netgroup.h> 58 #include <nsswitch.h> 59 #ifdef HESIOD 60 #include <hesiod.h> 61 #endif 62 #ifdef YP 63 #include <machine/param.h> 64 #include <stdio.h> 65 #include <rpc/rpc.h> 66 #include <rpcsvc/yp_prot.h> 67 #include <rpcsvc/ypclnt.h> 68 #endif 69 70 static struct passwd _pw_passwd; /* password structure */ 71 static DB *_pw_db; /* password database */ 72 static int _pw_keynum; /* key counter */ 73 static int _pw_stayopen; /* keep fd's open */ 74 static int _pw_flags; /* password flags */ 75 76 static int __hashpw __P((DBT *)); 77 static int __initdb __P((void)); 78 79 const char __yp_token[] = "__YP!"; /* Let pwd_mkdb pull this in. */ 80 81 #ifdef YP 82 static char *__ypcurrent, *__ypdomain; 83 static int __ypcurrentlen; 84 #endif 85 86 #ifdef HESIOD 87 static int _pw_hesnum; 88 #endif 89 90 #if defined(YP) || defined(HESIOD) 91 enum _pwmode { PWMODE_NONE, PWMODE_FULL, PWMODE_USER, PWMODE_NETGRP }; 92 static enum _pwmode __pwmode; 93 94 static struct passwd *__pwproto = (struct passwd *)NULL; 95 static int __pwproto_flags; 96 static char line[1024]; 97 static long prbuf[1024 / sizeof(long)]; 98 static DB *__pwexclude = (DB *)NULL; 99 100 /* 101 * add a name to the compat mode exclude list 102 */ 103 static int 104 __pwexclude_add(name) 105 const char *name; 106 { 107 DBT key, data; 108 109 /* initialize the exclusion table if needed. */ 110 if(__pwexclude == (DB *)NULL) { 111 __pwexclude = dbopen(NULL, O_RDWR, 600, DB_HASH, NULL); 112 if(__pwexclude == (DB *)NULL) 113 return 1; 114 } 115 116 /* set up the key */ 117 key.data = (char *)name; 118 key.size = strlen(name); 119 120 /* data is nothing. */ 121 data.data = NULL; 122 data.size = 0; 123 124 /* store it */ 125 if((__pwexclude->put)(__pwexclude, &key, &data, 0) == -1) 126 return 1; 127 128 return 0; 129 } 130 131 /* 132 * test if a name is on the compat mode exclude list 133 */ 134 static int 135 __pwexclude_is(name) 136 const char *name; 137 { 138 DBT key, data; 139 140 if(__pwexclude == (DB *)NULL) 141 return 0; /* nothing excluded */ 142 143 /* set up the key */ 144 key.data = (char *)name; 145 key.size = strlen(name); 146 147 if((__pwexclude->get)(__pwexclude, &key, &data, 0) == 0) 148 return 1; /* excluded */ 149 150 return 0; 151 } 152 153 /* 154 * setup the compat mode prototype template 155 */ 156 static void 157 __pwproto_set() 158 { 159 char *ptr; 160 struct passwd *pw = &_pw_passwd; 161 162 /* make this the new prototype */ 163 ptr = (char *)prbuf; 164 165 /* first allocate the struct. */ 166 __pwproto = (struct passwd *)ptr; 167 ptr += sizeof(struct passwd); 168 169 /* name */ 170 if(pw->pw_name && (pw->pw_name)[0]) { 171 ptr = (char *)ALIGN(ptr); 172 memmove(ptr, pw->pw_name, strlen(pw->pw_name) + 1); 173 __pwproto->pw_name = ptr; 174 ptr += (strlen(pw->pw_name) + 1); 175 } else 176 __pwproto->pw_name = (char *)NULL; 177 178 /* password */ 179 if(pw->pw_passwd && (pw->pw_passwd)[0]) { 180 ptr = (char *)ALIGN(ptr); 181 memmove(ptr, pw->pw_passwd, strlen(pw->pw_passwd) + 1); 182 __pwproto->pw_passwd = ptr; 183 ptr += (strlen(pw->pw_passwd) + 1); 184 } else 185 __pwproto->pw_passwd = (char *)NULL; 186 187 /* uid */ 188 __pwproto->pw_uid = pw->pw_uid; 189 190 /* gid */ 191 __pwproto->pw_gid = pw->pw_gid; 192 193 /* change (ignored anyway) */ 194 __pwproto->pw_change = pw->pw_change; 195 196 /* class (ignored anyway) */ 197 __pwproto->pw_class = ""; 198 199 /* gecos */ 200 if(pw->pw_gecos && (pw->pw_gecos)[0]) { 201 ptr = (char *)ALIGN(ptr); 202 memmove(ptr, pw->pw_gecos, strlen(pw->pw_gecos) + 1); 203 __pwproto->pw_gecos = ptr; 204 ptr += (strlen(pw->pw_gecos) + 1); 205 } else 206 __pwproto->pw_gecos = (char *)NULL; 207 208 /* dir */ 209 if(pw->pw_dir && (pw->pw_dir)[0]) { 210 ptr = (char *)ALIGN(ptr); 211 memmove(ptr, pw->pw_dir, strlen(pw->pw_dir) + 1); 212 __pwproto->pw_dir = ptr; 213 ptr += (strlen(pw->pw_dir) + 1); 214 } else 215 __pwproto->pw_dir = (char *)NULL; 216 217 /* shell */ 218 if(pw->pw_shell && (pw->pw_shell)[0]) { 219 ptr = (char *)ALIGN(ptr); 220 memmove(ptr, pw->pw_shell, strlen(pw->pw_shell) + 1); 221 __pwproto->pw_shell = ptr; 222 ptr += (strlen(pw->pw_shell) + 1); 223 } else 224 __pwproto->pw_shell = (char *)NULL; 225 226 /* expire (ignored anyway) */ 227 __pwproto->pw_expire = pw->pw_expire; 228 229 /* flags */ 230 __pwproto_flags = _pw_flags; 231 } 232 233 /* 234 * parse an old-style passwd file line (from NIS or HESIOD) 235 */ 236 static int 237 __pwparse(pw, s) 238 struct passwd *pw; 239 char *s; 240 { 241 char *bp, *cp, *ep; 242 unsigned long id; 243 244 /* since this is currently using strsep(), parse it first */ 245 bp = s; 246 pw->pw_name = strsep(&bp, ":\n"); 247 pw->pw_passwd = strsep(&bp, ":\n"); 248 if (!(cp = strsep(&bp, ":\n"))) 249 return 1; 250 id = strtoul(cp, &ep, 10); 251 if (id > UID_MAX || *ep != '\0') 252 return 1; 253 pw->pw_uid = (uid_t)id; 254 if (!(cp = strsep(&bp, ":\n"))) 255 return 1; 256 id = strtoul(cp, &ep, 10); 257 if (id > GID_MAX || *ep != '\0') 258 return 1; 259 pw->pw_gid = (gid_t)id; 260 pw->pw_change = 0; 261 pw->pw_class = ""; 262 pw->pw_gecos = strsep(&bp, ":\n"); 263 pw->pw_dir = strsep(&bp, ":\n"); 264 pw->pw_shell = strsep(&bp, ":\n"); 265 pw->pw_expire = 0; 266 267 /* now let the prototype override, if set. */ 268 if(__pwproto != (struct passwd *)NULL) { 269 #ifdef PW_OVERRIDE_PASSWD 270 if(__pwproto->pw_passwd != (char *)NULL) 271 pw->pw_passwd = __pwproto->pw_passwd; 272 #endif 273 if(!(__pwproto_flags & _PASSWORD_NOUID)) 274 pw->pw_uid = __pwproto->pw_uid; 275 if(!(__pwproto_flags & _PASSWORD_NOGID)) 276 pw->pw_gid = __pwproto->pw_gid; 277 if(__pwproto->pw_gecos != (char *)NULL) 278 pw->pw_gecos = __pwproto->pw_gecos; 279 if(__pwproto->pw_dir != (char *)NULL) 280 pw->pw_dir = __pwproto->pw_dir; 281 if(__pwproto->pw_shell != (char *)NULL) 282 pw->pw_shell = __pwproto->pw_shell; 283 } 284 return 0; 285 } 286 #endif /* YP || HESIOD */ 287 288 /* 289 * local files implementation of getpw*() 290 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 291 */ 292 static int 293 _local_getpw(rv, cb_data, ap) 294 void *rv; 295 void *cb_data; 296 va_list ap; 297 { 298 DBT key; 299 char bf[MAX(UT_NAMESIZE, sizeof(_pw_keynum)) + 1]; 300 uid_t uid; 301 int search, len, rval; 302 const char *name; 303 304 if (!_pw_db && !__initdb()) 305 return NS_UNAVAIL; 306 307 search = va_arg(ap, int); 308 bf[0] = search; 309 switch (search) { 310 case _PW_KEYBYNUM: 311 ++_pw_keynum; 312 memmove(bf + 1, (char *)&_pw_keynum, sizeof(_pw_keynum)); 313 key.size = sizeof(_pw_keynum) + 1; 314 break; 315 case _PW_KEYBYNAME: 316 name = va_arg(ap, const char *); 317 len = strlen(name); 318 memmove(bf + 1, name, MIN(len, UT_NAMESIZE)); 319 key.size = len + 1; 320 break; 321 case _PW_KEYBYUID: 322 uid = va_arg(ap, uid_t); 323 memmove(bf + 1, (char *)&uid, sizeof(len)); 324 key.size = sizeof(uid) + 1; 325 break; 326 default: 327 abort(); 328 } 329 330 key.data = (u_char *)bf; 331 rval = __hashpw(&key); 332 333 if (!_pw_stayopen && (search != _PW_KEYBYNUM)) { 334 (void)(_pw_db->close)(_pw_db); 335 _pw_db = (DB *)NULL; 336 } 337 return (rval); 338 } 339 340 #ifdef HESIOD 341 /* 342 * hesiod implementation of getpw*() 343 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 344 */ 345 static int 346 _dns_getpw(rv, cb_data, ap) 347 void *rv; 348 void *cb_data; 349 va_list ap; 350 { 351 const char *name; 352 uid_t uid; 353 int search; 354 char **hp; 355 356 357 search = va_arg(ap, int); 358 switch (search) { 359 case _PW_KEYBYNUM: 360 snprintf(line, sizeof(line) - 1, "passwd-%u", _pw_hesnum); 361 _pw_hesnum++; 362 break; 363 case _PW_KEYBYNAME: 364 name = va_arg(ap, const char *); 365 strncpy(line, name, sizeof(line)); 366 break; 367 case _PW_KEYBYUID: 368 uid = va_arg(ap, uid_t); 369 snprintf(line, sizeof(line), "%u", uid); 370 break; 371 default: 372 abort(); 373 } 374 line[sizeof(line) - 1] = '\0'; 375 376 hp = hes_resolve(line, "passwd"); 377 if (hp == NULL) { 378 switch (hes_error()) { 379 case HES_ER_NOTFOUND: 380 if (search == _PW_KEYBYNUM) 381 _pw_hesnum = 0; 382 return NS_NOTFOUND; 383 case HES_ER_OK: 384 abort(); 385 default: 386 return NS_UNAVAIL; 387 } 388 } 389 390 strncpy(line, hp[0], sizeof(line)); /* only check first elem */ 391 line[sizeof(line) - 1] = '\0'; 392 hes_free(hp); 393 if (__pwparse(&_pw_passwd, line)) 394 return NS_UNAVAIL; 395 return NS_SUCCESS; 396 } 397 #endif 398 399 #ifdef YP 400 /* 401 * nis implementation of getpw*() 402 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 403 */ 404 static int 405 _nis_getpw(rv, cb_data, ap) 406 void *rv; 407 void *cb_data; 408 va_list ap; 409 { 410 const char *name; 411 uid_t uid; 412 int search; 413 char *key, *data; 414 char *map = "passwd.byname"; 415 int keylen, datalen, r; 416 417 if(__ypdomain == NULL) { 418 if(_yp_check(&__ypdomain) == 0) 419 return NS_UNAVAIL; 420 } 421 422 search = va_arg(ap, int); 423 switch (search) { 424 case _PW_KEYBYNUM: 425 break; 426 case _PW_KEYBYNAME: 427 name = va_arg(ap, const char *); 428 strncpy(line, name, sizeof(line)); 429 break; 430 case _PW_KEYBYUID: 431 uid = va_arg(ap, uid_t); 432 snprintf(line, sizeof(line), "%u", uid); 433 map = "passwd.byuid"; 434 break; 435 default: 436 abort(); 437 } 438 line[sizeof(line) - 1] = '\0'; 439 if (search != _PW_KEYBYNUM) { 440 data = NULL; 441 r = yp_match(__ypdomain, map, line, strlen(line), 442 &data, &datalen); 443 switch (r) { 444 case 0: 445 break; 446 case YPERR_KEY: 447 r = NS_NOTFOUND; 448 break; 449 default: 450 r = NS_UNAVAIL; 451 break; 452 } 453 if (r != 0) { 454 if (data) 455 free(data); 456 return r; 457 } 458 data[datalen] = '\0'; /* clear trailing \n */ 459 strncpy(line, data, sizeof(line)); 460 line[sizeof(line) - 1] = '\0'; 461 free(data); 462 if (__pwparse(&_pw_passwd, line)) 463 return NS_UNAVAIL; 464 return NS_SUCCESS; 465 } 466 467 for (;;) { 468 data = NULL; 469 if (__ypcurrent) { 470 key = NULL; 471 r = yp_next(__ypdomain, map, 472 __ypcurrent, __ypcurrentlen, 473 &key, &keylen, &data, &datalen); 474 free(__ypcurrent); 475 switch (r) { 476 case 0: 477 __ypcurrent = key; 478 __ypcurrentlen = keylen; 479 break; 480 case YPERR_NOMORE: 481 __ypcurrent = NULL; 482 r = NS_NOTFOUND; 483 break; 484 default: 485 r = NS_UNAVAIL; 486 break; 487 } 488 if (r != 0) { 489 if (key) 490 free(key); 491 } 492 } else { 493 r = 0; 494 if (yp_first(__ypdomain, map, &__ypcurrent, 495 &__ypcurrentlen, &data, &datalen)) 496 r = NS_UNAVAIL; 497 } 498 if (r != 0) { 499 if (data) 500 free(data); 501 return r; 502 } 503 data[datalen] = '\0'; /* clear trailing \n */ 504 strncpy(line, data, sizeof(line)); 505 line[sizeof(line) - 1] = '\0'; 506 free(data); 507 if (! __pwparse(&_pw_passwd, line)) 508 return NS_SUCCESS; 509 } 510 /* NOTREACHED */ 511 } /* _nis_getpw */ 512 #endif 513 514 #if defined(YP) || defined(HESIOD) 515 /* 516 * See if the compat token is in the database. Only works if pwd_mkdb knows 517 * about the token. 518 */ 519 static int 520 __has_compatpw() 521 { 522 DBT key, data; 523 DBT pkey, pdata; 524 int len; 525 char bf[UT_NAMESIZE]; 526 527 key.data = (u_char *)__yp_token; 528 key.size = strlen(__yp_token); 529 530 /* Pre-token database support. */ 531 bf[0] = _PW_KEYBYNAME; 532 len = strlen("+"); 533 memmove(bf + 1, "+", MIN(len, UT_NAMESIZE)); 534 pkey.data = (u_char *)bf; 535 pkey.size = len + 1; 536 537 if ((_pw_db->get)(_pw_db, &key, &data, 0) 538 && (_pw_db->get)(_pw_db, &pkey, &pdata, 0)) 539 return 0; /* No compat token */ 540 return 1 ; 541 } 542 543 /* 544 * log an error if "files" or "compat" is specified in passwd_compat database 545 */ 546 static int 547 _bad_getpw(rv, cb_data, ap) 548 void *rv; 549 void *cb_data; 550 va_list ap; 551 { 552 static int warned; 553 if (!warned) { 554 syslog(LOG_ERR, 555 "nsswitch.conf passwd_compat database can't use '%s'", 556 (char *)cb_data); 557 } 558 warned = 1; 559 return NS_UNAVAIL; 560 } 561 562 /* 563 * when a name lookup in compat mode is required (e.g., '+name', or a name in 564 * '+@netgroup'), look it up in the 'passwd_compat' nsswitch database. 565 * only Hesiod and NIS is supported - it doesn't make sense to lookup 566 * compat names from 'files' or 'compat'. 567 */ 568 static int 569 __getpwcompat(type, uid, name) 570 int type; 571 uid_t uid; 572 const char *name; 573 { 574 static ns_dtab dtab; 575 576 if (dtab[NS_FILES].cb == NULL) { 577 NS_FILES_CB(dtab, _bad_getpw, "files"); 578 NS_DNS_CB(dtab, _dns_getpw, NULL); 579 NS_NIS_CB(dtab, _nis_getpw, NULL); 580 NS_COMPAT_CB(dtab, _bad_getpw, "compat"); 581 } 582 583 switch (type) { 584 case _PW_KEYBYNUM: 585 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, type); 586 case _PW_KEYBYNAME: 587 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, type, name); 588 case _PW_KEYBYUID: 589 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, type, uid); 590 default: 591 abort(); 592 } 593 } 594 595 /* 596 * compat implementation of getpwent() 597 * varargs (ignored): 598 * type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 599 */ 600 static int 601 _compat_getpwent(rv, cb_data, ap) 602 void *rv; 603 void *cb_data; 604 va_list ap; 605 { 606 DBT key; 607 char bf[sizeof(_pw_keynum) + 1]; 608 static char *name = NULL; 609 const char *user, *host, *dom; 610 int has_compatpw; 611 612 if (!_pw_db && !__initdb()) 613 return NS_UNAVAIL; 614 615 has_compatpw = __has_compatpw(); 616 617 again: 618 if (has_compatpw && (__pwmode != PWMODE_NONE)) { 619 int r; 620 621 switch (__pwmode) { 622 case PWMODE_FULL: 623 r = __getpwcompat(_PW_KEYBYNUM, 0, NULL); 624 if (r == NS_SUCCESS) 625 return r; 626 __pwmode = PWMODE_NONE; 627 break; 628 629 case PWMODE_NETGRP: 630 r = getnetgrent(&host, &user, &dom); 631 if (r == 0) { /* end of group */ 632 endnetgrent(); 633 __pwmode = PWMODE_NONE; 634 break; 635 } 636 if (!user || !*user) 637 break; 638 r = __getpwcompat(_PW_KEYBYNAME, 0, user); 639 if (r == NS_SUCCESS) 640 return r; 641 break; 642 643 case PWMODE_USER: 644 if (name == NULL) { 645 __pwmode = PWMODE_NONE; 646 break; 647 } 648 r = __getpwcompat(_PW_KEYBYNAME, 0, name); 649 free(name); 650 name = NULL; 651 if (r == NS_SUCCESS) 652 return r; 653 break; 654 655 case PWMODE_NONE: 656 abort(); 657 } 658 goto again; 659 } 660 661 ++_pw_keynum; 662 bf[0] = _PW_KEYBYNUM; 663 memmove(bf + 1, (char *)&_pw_keynum, sizeof(_pw_keynum)); 664 key.data = (u_char *)bf; 665 key.size = sizeof(_pw_keynum) + 1; 666 if(__hashpw(&key) == NS_SUCCESS) { 667 /* if we don't have YP at all, don't bother. */ 668 if (has_compatpw) { 669 if(_pw_passwd.pw_name[0] == '+') { 670 /* set the mode */ 671 switch(_pw_passwd.pw_name[1]) { 672 case '\0': 673 __pwmode = PWMODE_FULL; 674 break; 675 case '@': 676 __pwmode = PWMODE_NETGRP; 677 setnetgrent(_pw_passwd.pw_name + 2); 678 break; 679 default: 680 __pwmode = PWMODE_USER; 681 name = strdup(_pw_passwd.pw_name + 1); 682 break; 683 } 684 685 /* save the prototype */ 686 __pwproto_set(); 687 goto again; 688 } else if(_pw_passwd.pw_name[0] == '-') { 689 /* an attempted exclusion */ 690 switch(_pw_passwd.pw_name[1]) { 691 case '\0': 692 break; 693 case '@': 694 setnetgrent(_pw_passwd.pw_name + 2); 695 while(getnetgrent(&host, &user, &dom)) { 696 if(user && *user) 697 __pwexclude_add(user); 698 } 699 endnetgrent(); 700 break; 701 default: 702 __pwexclude_add(_pw_passwd.pw_name + 1); 703 break; 704 } 705 goto again; 706 } 707 } 708 return NS_SUCCESS; 709 } 710 return NS_NOTFOUND; 711 } 712 713 /* 714 * compat implementation of getpwnam() and getpwuid() 715 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 716 */ 717 718 static int 719 _compat_getpw(rv, cb_data, ap) 720 void *rv; 721 void *cb_data; 722 va_list ap; 723 { 724 DBT key; 725 int len, search, rval; 726 uid_t uid; 727 char bf[MAXLOGNAME + 1]; 728 const char *name; 729 730 search = va_arg(ap, int); 731 uid = 0; 732 name = NULL; 733 rval = NS_NOTFOUND; 734 735 if (!_pw_db && !__initdb()) 736 return NS_UNAVAIL; 737 738 switch (search) { 739 case _PW_KEYBYNAME: 740 name = va_arg(ap, const char *); 741 break; 742 case _PW_KEYBYUID: 743 uid = va_arg(ap, uid_t); 744 break; 745 default: 746 abort(); 747 } 748 749 /* 750 * If YP is active, we must sequence through the passwd file 751 * in sequence. 752 */ 753 if (__has_compatpw()) { 754 int r; 755 int s = -1; 756 const char *host, *user, *dom; 757 758 for(_pw_keynum=1; _pw_keynum; _pw_keynum++) { 759 bf[0] = _PW_KEYBYNUM; 760 memmove(bf + 1, (char *)&_pw_keynum, 761 sizeof(_pw_keynum)); 762 key.data = (u_char *)bf; 763 key.size = sizeof(_pw_keynum) + 1; 764 if(__hashpw(&key) != NS_SUCCESS) 765 break; 766 switch(_pw_passwd.pw_name[0]) { 767 case '+': 768 /* save the prototype */ 769 __pwproto_set(); 770 771 switch(_pw_passwd.pw_name[1]) { 772 case '\0': 773 r = __getpwcompat(search, uid, name); 774 if (r != NS_SUCCESS) 775 continue; 776 break; 777 case '@': 778 pwnam_netgrp: 779 if(__ypcurrent) { 780 free(__ypcurrent); 781 __ypcurrent = NULL; 782 } 783 if(s == -1) /* first time */ 784 setnetgrent(_pw_passwd.pw_name + 2); 785 s = getnetgrent(&host, &user, &dom); 786 if(s == 0) { /* end of group */ 787 endnetgrent(); 788 s = -1; 789 continue; 790 } 791 if (!user || !*user) 792 goto pwnam_netgrp; 793 794 r = __getpwcompat(_PW_KEYBYNAME, 795 0, user); 796 797 if (r == NS_UNAVAIL) 798 return r; 799 if (r == NS_NOTFOUND) { 800 /* 801 * just because this user is bad 802 * it doesn't mean they all are. 803 */ 804 goto pwnam_netgrp; 805 } 806 break; 807 default: 808 user = _pw_passwd.pw_name + 1; 809 r = __getpwcompat(_PW_KEYBYNAME, 810 0, user); 811 812 if (r == NS_UNAVAIL) 813 return r; 814 if (r == NS_NOTFOUND) 815 continue; 816 break; 817 } 818 if(__pwexclude_is(_pw_passwd.pw_name)) { 819 if(s == 1) /* inside netgrp */ 820 goto pwnam_netgrp; 821 continue; 822 } 823 break; 824 case '-': 825 /* attempted exclusion */ 826 switch(_pw_passwd.pw_name[1]) { 827 case '\0': 828 break; 829 case '@': 830 setnetgrent(_pw_passwd.pw_name + 2); 831 while(getnetgrent(&host, &user, &dom)) { 832 if(user && *user) 833 __pwexclude_add(user); 834 } 835 endnetgrent(); 836 break; 837 default: 838 __pwexclude_add(_pw_passwd.pw_name + 1); 839 break; 840 } 841 break; 842 843 continue; 844 } 845 if ((search == _PW_KEYBYNAME && 846 strcmp(_pw_passwd.pw_name, name) == 0) 847 || (search == _PW_KEYBYUID && 848 _pw_passwd.pw_uid == uid)) { 849 rval = NS_SUCCESS; 850 break; 851 } 852 if(s == 1) /* inside netgrp */ 853 goto pwnam_netgrp; 854 continue; 855 } 856 __pwproto = (struct passwd *)NULL; 857 } else { 858 bf[0] = _PW_KEYBYNAME; 859 len = strlen(name); 860 memmove(bf + 1, name, MIN(len, UT_NAMESIZE)); 861 key.data = (u_char *)bf; 862 key.size = len + 1; 863 rval = __hashpw(&key); 864 } 865 866 if (!_pw_stayopen) { 867 (void)(_pw_db->close)(_pw_db); 868 _pw_db = (DB *)NULL; 869 } 870 if(__pwexclude != (DB *)NULL) { 871 (void)(__pwexclude->close)(__pwexclude); 872 __pwexclude = (DB *)NULL; 873 } 874 return rval; 875 } 876 #endif /* YP || HESIOD */ 877 878 struct passwd * 879 getpwent() 880 { 881 int r; 882 static ns_dtab dtab; 883 884 if (dtab[NS_FILES].cb == NULL) { 885 NS_FILES_CB(dtab, _local_getpw, NULL); 886 NS_DNS_CB(dtab, _dns_getpw, NULL); 887 NS_NIS_CB(dtab, _nis_getpw, NULL); 888 NS_COMPAT_CB(dtab, _compat_getpwent, NULL); 889 } 890 891 r = nsdispatch(NULL, dtab, NSDB_PASSWD, _PW_KEYBYNUM); 892 return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL); 893 } 894 895 struct passwd * 896 getpwnam(name) 897 const char *name; 898 { 899 int r; 900 static ns_dtab dtab; 901 902 if (name == NULL || name[0] == '\0') 903 return (struct passwd *)NULL; 904 905 if (dtab[NS_FILES].cb == NULL) { 906 NS_FILES_CB(dtab, _local_getpw, NULL); 907 NS_DNS_CB(dtab, _dns_getpw, NULL); 908 NS_NIS_CB(dtab, _nis_getpw, NULL); 909 NS_COMPAT_CB(dtab, _compat_getpw, NULL); 910 } 911 912 r = nsdispatch(NULL, dtab, NSDB_PASSWD, _PW_KEYBYNAME, name); 913 return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL); 914 } 915 916 struct passwd * 917 getpwuid(uid) 918 uid_t uid; 919 { 920 int r; 921 static ns_dtab dtab; 922 923 if (dtab[NS_FILES].cb == NULL) { 924 NS_FILES_CB(dtab, _local_getpw, NULL); 925 NS_DNS_CB(dtab, _dns_getpw, NULL); 926 NS_NIS_CB(dtab, _nis_getpw, NULL); 927 NS_COMPAT_CB(dtab, _compat_getpw, NULL); 928 } 929 930 r = nsdispatch(NULL, dtab, NSDB_PASSWD, _PW_KEYBYUID, (int)uid); 931 return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL); 932 } 933 934 int 935 setpassent(stayopen) 936 int stayopen; 937 { 938 _pw_keynum = 0; 939 _pw_stayopen = stayopen; 940 #ifdef YP 941 __pwmode = PWMODE_NONE; 942 if(__ypcurrent) 943 free(__ypcurrent); 944 __ypcurrent = NULL; 945 #endif 946 #ifdef HESIOD 947 _pw_hesnum = 0; 948 #endif 949 #if defined(YP) || defined(HESIOD) 950 if(__pwexclude != (DB *)NULL) { 951 (void)(__pwexclude->close)(__pwexclude); 952 __pwexclude = (DB *)NULL; 953 } 954 __pwproto = (struct passwd *)NULL; 955 #endif 956 return 1; 957 } 958 959 void 960 setpwent() 961 { 962 (void) setpassent(0); 963 } 964 965 void 966 endpwent() 967 { 968 _pw_keynum = 0; 969 if (_pw_db) { 970 (void)(_pw_db->close)(_pw_db); 971 _pw_db = (DB *)NULL; 972 } 973 __pwmode = PWMODE_NONE; 974 #ifdef YP 975 if(__ypcurrent) 976 free(__ypcurrent); 977 __ypcurrent = NULL; 978 #endif 979 #ifdef HESIOD 980 _pw_hesnum = 0; 981 #endif 982 #if defined(YP) || defined(HESIOD) 983 if(__pwexclude != (DB *)NULL) { 984 (void)(__pwexclude->close)(__pwexclude); 985 __pwexclude = (DB *)NULL; 986 } 987 __pwproto = (struct passwd *)NULL; 988 #endif 989 } 990 991 static int 992 __initdb() 993 { 994 static int warned; 995 char *p; 996 997 #if defined(YP) || defined(HESIOD) 998 __pwmode = PWMODE_NONE; 999 #endif 1000 p = (geteuid()) ? _PATH_MP_DB : _PATH_SMP_DB; 1001 _pw_db = dbopen(p, O_RDONLY, 0, DB_HASH, NULL); 1002 if (_pw_db) 1003 return 1; 1004 if (!warned) 1005 syslog(LOG_ERR, "%s: %m", p); 1006 warned = 1; 1007 return 0; 1008 } 1009 1010 static int 1011 __hashpw(key) 1012 DBT *key; 1013 { 1014 char *p, *t; 1015 static u_int max; 1016 static char *line; 1017 DBT data; 1018 1019 switch ((_pw_db->get)(_pw_db, key, &data, 0)) { 1020 case 0: 1021 break; /* found */ 1022 case 1: 1023 return NS_NOTFOUND; 1024 case -1: 1025 return NS_UNAVAIL; /* error in db routines */ 1026 default: 1027 abort(); 1028 } 1029 1030 p = (char *)data.data; 1031 if (data.size > max && !(line = realloc(line, (max += 1024)))) 1032 return NS_UNAVAIL; 1033 1034 t = line; 1035 #define EXPAND(e) e = t; while ((*t++ = *p++)); 1036 EXPAND(_pw_passwd.pw_name); 1037 EXPAND(_pw_passwd.pw_passwd); 1038 memmove((char *)&_pw_passwd.pw_uid, p, sizeof(int)); 1039 p += sizeof(int); 1040 memmove((char *)&_pw_passwd.pw_gid, p, sizeof(int)); 1041 p += sizeof(int); 1042 memmove((char *)&_pw_passwd.pw_change, p, sizeof(time_t)); 1043 p += sizeof(time_t); 1044 EXPAND(_pw_passwd.pw_class); 1045 EXPAND(_pw_passwd.pw_gecos); 1046 EXPAND(_pw_passwd.pw_dir); 1047 EXPAND(_pw_passwd.pw_shell); 1048 memmove((char *)&_pw_passwd.pw_expire, p, sizeof(time_t)); 1049 p += sizeof(time_t); 1050 1051 /* See if there's any data left. If so, read in flags. */ 1052 if (data.size > (p - (char *)data.data)) { 1053 memmove((char *)&_pw_flags, p, sizeof(int)); 1054 p += sizeof(int); 1055 } else 1056 _pw_flags = _PASSWORD_NOUID|_PASSWORD_NOGID; /* default */ 1057 1058 return NS_SUCCESS; 1059 } 1060
Indexes created Tue Sep 30 11:09:46 GMT 2025