getpwent.c revision 1.21.2.6
1 /* $NetBSD: getpwent.c,v 1.21.2.6 1999/01/14 07:02:16 lukem Exp $ */ 2 3 /* 4 * Copyright (c) 1988, 1993 5 * The Regents of the University of California. All rights reserved. 6 * Portions Copyright (c) 1994, 1995, Jason Downs. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. All advertising materials mentioning features or use of this software 17 * must display the following acknowledgement: 18 * This product includes software developed by the University of 19 * California, Berkeley and its contributors. 20 * 4. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 */ 36 37 #include <sys/cdefs.h> 38 #if defined(LIBC_SCCS) && !defined(lint) 39 #if 0 40 static char sccsid[] = "@(#)getpwent.c 8.2 (Berkeley) 4/27/95"; 41 #else 42 __RCSID("$NetBSD: getpwent.c,v 1.21.2.6 1999/01/14 07:02:16 lukem Exp $"); 43 #endif 44 #endif /* LIBC_SCCS and not lint */ 45 46 #include "namespace.h" 47 #include <sys/param.h> 48 #include <fcntl.h> 49 #include <db.h> 50 #include <syslog.h> 51 #include <pwd.h> 52 #include <utmp.h> 53 #include <errno.h> 54 #include <unistd.h> 55 #include <stdlib.h> 56 #include <string.h> 57 #include <limits.h> 58 #include <netgroup.h> 59 #include <nsswitch.h> 60 #ifdef HESIOD 61 #include <hesiod.h> 62 #endif 63 #ifdef YP 64 #include <machine/param.h> 65 #include <stdio.h> 66 #include <rpc/rpc.h> 67 #include <rpcsvc/yp_prot.h> 68 #include <rpcsvc/ypclnt.h> 69 #endif 70 71 #include "pw_private.h" 72 73 #ifdef __weak_alias 74 __weak_alias(endpwent,_endpwent); 75 __weak_alias(getpwent,_getpwent); 76 __weak_alias(getpwnam,_getpwnam); 77 __weak_alias(getpwuid,_getpwuid); 78 __weak_alias(setpassent,_setpassent); 79 __weak_alias(setpwent,_setpwent); 80 #endif 81 82 83 /* 84 * The lookup techniques and data extraction code here must be kept 85 * in sync with that in `pwd_mkdb'. 86 */ 87 88 static struct passwd _pw_passwd; /* password structure */ 89 static DB *_pw_db; /* password database */ 90 static int _pw_keynum; /* key counter */ 91 static int _pw_stayopen; /* keep fd's open */ 92 static int _pw_flags; /* password flags */ 93 static int _pw_none; /* true if getpwent got EOF */ 94 95 static int __hashpw __P((DBT *)); 96 static int __initdb __P((void)); 97 98 const char __yp_token[] = "__YP!"; /* Let pwd_mkdb pull this in. */ 99 100 #ifdef YP 101 static char *__ypcurrent, *__ypdomain; 102 static int __ypcurrentlen; 103 #endif 104 105 #ifdef HESIOD 106 static int _pw_hesnum; 107 #endif 108 109 #if defined(YP) || defined(HESIOD) 110 enum _pwmode { PWMODE_NONE, PWMODE_FULL, PWMODE_USER, PWMODE_NETGRP }; 111 static enum _pwmode __pwmode; 112 113 enum _ypmap { YPMAP_NONE, YPMAP_ADJUNCT, YPMAP_MASTER }; 114 115 static struct passwd *__pwproto = (struct passwd *)NULL; 116 static int __pwproto_flags; 117 static char line[1024]; 118 static long prbuf[1024 / sizeof(long)]; 119 static DB *__pwexclude = (DB *)NULL; 120 121 static int __pwexclude_add __P((const char *)); 122 static int __pwexclude_is __P((const char *)); 123 static void __pwproto_set __P((void)); 124 static int __ypmaptype __P((void)); 125 static int __pwparse __P((struct passwd *, char *)); 126 127 /* macros for deciding which YP maps to use. */ 128 #define PASSWD_BYNAME (__ypmaptype() == YPMAP_MASTER \ 129 ? "master.passwd.byname" : "passwd.byname") 130 #define PASSWD_BYUID (__ypmaptype() == YPMAP_MASTER \ 131 ? "master.passwd.byuid" : "passwd.byuid") 132 133 /* 134 * add a name to the compat mode exclude list 135 */ 136 static int 137 __pwexclude_add(name) 138 const char *name; 139 { 140 DBT key, data; 141 142 /* initialize the exclusion table if needed. */ 143 if(__pwexclude == (DB *)NULL) { 144 __pwexclude = dbopen(NULL, O_RDWR, 600, DB_HASH, NULL); 145 if(__pwexclude == (DB *)NULL) 146 return 1; 147 } 148 149 /* set up the key */ 150 key.data = (char *)name; 151 key.size = strlen(name); 152 153 /* data is nothing. */ 154 data.data = NULL; 155 data.size = 0; 156 157 /* store it */ 158 if((__pwexclude->put)(__pwexclude, &key, &data, 0) == -1) 159 return 1; 160 161 return 0; 162 } 163 164 /* 165 * test if a name is on the compat mode exclude list 166 */ 167 static int 168 __pwexclude_is(name) 169 const char *name; 170 { 171 DBT key, data; 172 173 if(__pwexclude == (DB *)NULL) 174 return 0; /* nothing excluded */ 175 176 /* set up the key */ 177 key.data = (char *)name; 178 key.size = strlen(name); 179 180 if((__pwexclude->get)(__pwexclude, &key, &data, 0) == 0) 181 return 1; /* excluded */ 182 183 return 0; 184 } 185 186 /* 187 * setup the compat mode prototype template 188 */ 189 static void 190 __pwproto_set() 191 { 192 char *ptr; 193 struct passwd *pw = &_pw_passwd; 194 195 /* make this the new prototype */ 196 ptr = (char *)prbuf; 197 198 /* first allocate the struct. */ 199 __pwproto = (struct passwd *)ptr; 200 ptr += sizeof(struct passwd); 201 202 /* name */ 203 if(pw->pw_name && (pw->pw_name)[0]) { 204 ptr = (char *)ALIGN(ptr); 205 memmove(ptr, pw->pw_name, strlen(pw->pw_name) + 1); 206 __pwproto->pw_name = ptr; 207 ptr += (strlen(pw->pw_name) + 1); 208 } else 209 __pwproto->pw_name = (char *)NULL; 210 211 /* password */ 212 if(pw->pw_passwd && (pw->pw_passwd)[0]) { 213 ptr = (char *)ALIGN(ptr); 214 memmove(ptr, pw->pw_passwd, strlen(pw->pw_passwd) + 1); 215 __pwproto->pw_passwd = ptr; 216 ptr += (strlen(pw->pw_passwd) + 1); 217 } else 218 __pwproto->pw_passwd = (char *)NULL; 219 220 /* uid */ 221 __pwproto->pw_uid = pw->pw_uid; 222 223 /* gid */ 224 __pwproto->pw_gid = pw->pw_gid; 225 226 /* change (ignored anyway) */ 227 __pwproto->pw_change = pw->pw_change; 228 229 /* class (ignored anyway) */ 230 __pwproto->pw_class = ""; 231 232 /* gecos */ 233 if(pw->pw_gecos && (pw->pw_gecos)[0]) { 234 ptr = (char *)ALIGN(ptr); 235 memmove(ptr, pw->pw_gecos, strlen(pw->pw_gecos) + 1); 236 __pwproto->pw_gecos = ptr; 237 ptr += (strlen(pw->pw_gecos) + 1); 238 } else 239 __pwproto->pw_gecos = (char *)NULL; 240 241 /* dir */ 242 if(pw->pw_dir && (pw->pw_dir)[0]) { 243 ptr = (char *)ALIGN(ptr); 244 memmove(ptr, pw->pw_dir, strlen(pw->pw_dir) + 1); 245 __pwproto->pw_dir = ptr; 246 ptr += (strlen(pw->pw_dir) + 1); 247 } else 248 __pwproto->pw_dir = (char *)NULL; 249 250 /* shell */ 251 if(pw->pw_shell && (pw->pw_shell)[0]) { 252 ptr = (char *)ALIGN(ptr); 253 memmove(ptr, pw->pw_shell, strlen(pw->pw_shell) + 1); 254 __pwproto->pw_shell = ptr; 255 ptr += (strlen(pw->pw_shell) + 1); 256 } else 257 __pwproto->pw_shell = (char *)NULL; 258 259 /* expire (ignored anyway) */ 260 __pwproto->pw_expire = pw->pw_expire; 261 262 /* flags */ 263 __pwproto_flags = _pw_flags; 264 } 265 266 static int 267 __ypmaptype() 268 { 269 static int maptype = -1; 270 int order, r; 271 272 if (maptype != -1) 273 return (maptype); 274 275 maptype = YPMAP_NONE; 276 if (geteuid() != 0) 277 return (maptype); 278 279 if (!__ypdomain) { 280 if( _yp_check(&__ypdomain) == 0) 281 return (maptype); 282 } 283 284 r = yp_order(__ypdomain, "master.passwd.byname", &order); 285 if (r == 0) { 286 maptype = YPMAP_MASTER; 287 return (maptype); 288 } 289 290 /* 291 * NIS+ in YP compat mode doesn't support 292 * YPPROC_ORDER -- no point in continuing. 293 */ 294 if (r == YPERR_YPERR) 295 return (maptype); 296 297 /* master.passwd doesn't exist -- try passwd.adjunct */ 298 if (r == YPERR_MAP) { 299 r = yp_order(__ypdomain, "passwd.adjunct.byname", &order); 300 if (r == 0) 301 maptype = YPMAP_ADJUNCT; 302 return (maptype); 303 } 304 305 return (maptype); 306 } 307 308 /* 309 * parse an old-style passwd file line (from NIS or HESIOD) 310 */ 311 static int 312 __pwparse(pw, s) 313 struct passwd *pw; 314 char *s; 315 { 316 static char adjunctpw[YPMAXRECORD + 2]; 317 int flags, maptype; 318 319 maptype = __ypmaptype(); 320 flags = _PASSWORD_NOWARN; 321 if (maptype != YPMAP_MASTER) 322 flags |= _PASSWORD_OLDFMT; 323 if (! __pw_scan(s, pw, &flags)) 324 return 1; 325 326 /* now let the prototype override, if set. */ 327 if(__pwproto != (struct passwd *)NULL) { 328 #ifdef PW_OVERRIDE_PASSWD 329 if(__pwproto->pw_passwd != (char *)NULL) 330 pw->pw_passwd = __pwproto->pw_passwd; 331 #endif 332 if(!(__pwproto_flags & _PASSWORD_NOUID)) 333 pw->pw_uid = __pwproto->pw_uid; 334 if(!(__pwproto_flags & _PASSWORD_NOGID)) 335 pw->pw_gid = __pwproto->pw_gid; 336 if(__pwproto->pw_gecos != (char *)NULL) 337 pw->pw_gecos = __pwproto->pw_gecos; 338 if(__pwproto->pw_dir != (char *)NULL) 339 pw->pw_dir = __pwproto->pw_dir; 340 if(__pwproto->pw_shell != (char *)NULL) 341 pw->pw_shell = __pwproto->pw_shell; 342 } 343 if ((maptype == YPMAP_ADJUNCT) && 344 (strstr(pw->pw_passwd, "##") != NULL)) { 345 char *data, *bp; 346 int datalen; 347 348 if (yp_match(__ypdomain, "passwd.adjunct.byname", pw->pw_name, 349 (int)strlen(pw->pw_name), &data, &datalen) == 0) { 350 if (datalen > sizeof(adjunctpw) - 1) 351 datalen = sizeof(adjunctpw) - 1; 352 strncpy(adjunctpw, data, datalen); 353 354 /* skip name to get password */ 355 if ((bp = strsep(&data, ":")) != NULL && 356 (bp = strsep(&data, ":")) != NULL) 357 pw->pw_passwd = bp; 358 } 359 } 360 return 0; 361 } 362 #endif /* YP || HESIOD */ 363 364 /* 365 * local files implementation of getpw*() 366 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 367 */ 368 static int _local_getpw __P((void *, void *, va_list)); 369 370 static int 371 _local_getpw(rv, cb_data, ap) 372 void *rv; 373 void *cb_data; 374 va_list ap; 375 { 376 DBT key; 377 char bf[MAX(UT_NAMESIZE, sizeof(_pw_keynum)) + 1]; 378 uid_t uid; 379 int search, len, rval; 380 const char *name; 381 382 if (!_pw_db && !__initdb()) 383 return NS_UNAVAIL; 384 385 search = va_arg(ap, int); 386 bf[0] = search; 387 switch (search) { 388 case _PW_KEYBYNUM: 389 ++_pw_keynum; 390 memmove(bf + 1, (char *)&_pw_keynum, sizeof(_pw_keynum)); 391 key.size = sizeof(_pw_keynum) + 1; 392 break; 393 case _PW_KEYBYNAME: 394 name = va_arg(ap, const char *); 395 len = strlen(name); 396 memmove(bf + 1, name, MIN(len, UT_NAMESIZE)); 397 key.size = len + 1; 398 break; 399 case _PW_KEYBYUID: 400 uid = va_arg(ap, uid_t); 401 memmove(bf + 1, (char *)&uid, sizeof(len)); 402 key.size = sizeof(uid) + 1; 403 break; 404 default: 405 abort(); 406 } 407 408 key.data = (u_char *)bf; 409 rval = __hashpw(&key); 410 if (rval == NS_NOTFOUND && search == _PW_KEYBYNUM) { 411 _pw_none = 1; 412 rval = NS_SUCCESS; 413 } 414 415 if (!_pw_stayopen && (search != _PW_KEYBYNUM)) { 416 (void)(_pw_db->close)(_pw_db); 417 _pw_db = (DB *)NULL; 418 } 419 return (rval); 420 } 421 422 #ifdef HESIOD 423 /* 424 * hesiod implementation of getpw*() 425 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 426 */ 427 static int _dns_getpw __P((void *, void *, va_list)); 428 429 static int 430 _dns_getpw(rv, cb_data, ap) 431 void *rv; 432 void *cb_data; 433 va_list ap; 434 { 435 const char *name; 436 uid_t uid; 437 int search; 438 char **hp; 439 440 441 search = va_arg(ap, int); 442 switch (search) { 443 case _PW_KEYBYNUM: 444 snprintf(line, sizeof(line) - 1, "passwd-%u", _pw_hesnum); 445 _pw_hesnum++; 446 break; 447 case _PW_KEYBYNAME: 448 name = va_arg(ap, const char *); 449 strncpy(line, name, sizeof(line)); 450 break; 451 case _PW_KEYBYUID: 452 uid = va_arg(ap, uid_t); 453 snprintf(line, sizeof(line), "%u", uid); 454 break; 455 default: 456 abort(); 457 } 458 line[sizeof(line) - 1] = '\0'; 459 460 hp = hes_resolve(line, "passwd"); 461 if (hp == NULL) { 462 switch (hes_error()) { 463 case HES_ER_NOTFOUND: 464 if (search == _PW_KEYBYNUM) { 465 _pw_hesnum = 0; 466 _pw_none = 1; 467 return NS_SUCCESS; 468 } 469 return NS_NOTFOUND; 470 case HES_ER_OK: 471 abort(); 472 default: 473 return NS_UNAVAIL; 474 } 475 } 476 477 strncpy(line, hp[0], sizeof(line)); /* only check first elem */ 478 line[sizeof(line) - 1] = '\0'; 479 hes_free(hp); 480 if (__pwparse(&_pw_passwd, line)) 481 return NS_UNAVAIL; 482 return NS_SUCCESS; 483 } 484 #endif 485 486 #ifdef YP 487 /* 488 * nis implementation of getpw*() 489 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 490 */ 491 static int _nis_getpw __P((void *, void *, va_list)); 492 493 static int 494 _nis_getpw(rv, cb_data, ap) 495 void *rv; 496 void *cb_data; 497 va_list ap; 498 { 499 const char *name; 500 uid_t uid; 501 int search; 502 char *key, *data; 503 char *map = PASSWD_BYNAME; 504 int keylen, datalen, r; 505 506 if(__ypdomain == NULL) { 507 if(_yp_check(&__ypdomain) == 0) 508 return NS_UNAVAIL; 509 } 510 511 search = va_arg(ap, int); 512 switch (search) { 513 case _PW_KEYBYNUM: 514 break; 515 case _PW_KEYBYNAME: 516 name = va_arg(ap, const char *); 517 strncpy(line, name, sizeof(line)); 518 break; 519 case _PW_KEYBYUID: 520 uid = va_arg(ap, uid_t); 521 snprintf(line, sizeof(line), "%u", uid); 522 map = PASSWD_BYUID; 523 break; 524 default: 525 abort(); 526 } 527 line[sizeof(line) - 1] = '\0'; 528 if (search != _PW_KEYBYNUM) { 529 data = NULL; 530 r = yp_match(__ypdomain, map, line, (int)strlen(line), 531 &data, &datalen); 532 switch (r) { 533 case 0: 534 break; 535 case YPERR_KEY: 536 r = NS_NOTFOUND; 537 break; 538 default: 539 r = NS_UNAVAIL; 540 break; 541 } 542 if (r != 0) { 543 if (data) 544 free(data); 545 return r; 546 } 547 data[datalen] = '\0'; /* clear trailing \n */ 548 strncpy(line, data, sizeof(line)); 549 line[sizeof(line) - 1] = '\0'; 550 free(data); 551 if (__pwparse(&_pw_passwd, line)) 552 return NS_UNAVAIL; 553 return NS_SUCCESS; 554 } 555 556 for (;;) { 557 data = key = NULL; 558 if (__ypcurrent) { 559 r = yp_next(__ypdomain, map, 560 __ypcurrent, __ypcurrentlen, 561 &key, &keylen, &data, &datalen); 562 free(__ypcurrent); 563 switch (r) { 564 case 0: 565 __ypcurrent = key; 566 __ypcurrentlen = keylen; 567 break; 568 case YPERR_NOMORE: 569 __ypcurrent = NULL; 570 _pw_none = 1; 571 if (key) 572 free(key); 573 return NS_SUCCESS; 574 default: 575 r = NS_UNAVAIL; 576 break; 577 } 578 } else { 579 r = 0; 580 if (yp_first(__ypdomain, map, &__ypcurrent, 581 &__ypcurrentlen, &data, &datalen)) 582 r = NS_UNAVAIL; 583 } 584 if (r != 0) { 585 if (key) 586 free(key); 587 if (data) 588 free(data); 589 return r; 590 } 591 data[datalen] = '\0'; /* clear trailing \n */ 592 strncpy(line, data, sizeof(line)); 593 line[sizeof(line) - 1] = '\0'; 594 free(data); 595 if (! __pwparse(&_pw_passwd, line)) 596 return NS_SUCCESS; 597 } 598 /* NOTREACHED */ 599 } /* _nis_getpw */ 600 #endif 601 602 #if defined(YP) || defined(HESIOD) 603 /* 604 * See if the compat token is in the database. Only works if pwd_mkdb knows 605 * about the token. 606 */ 607 static int __has_compatpw __P((void)); 608 609 static int 610 __has_compatpw() 611 { 612 DBT key, data; 613 DBT pkey, pdata; 614 int len; 615 char bf[UT_NAMESIZE]; 616 617 key.data = (u_char *)__yp_token; 618 key.size = strlen(__yp_token); 619 620 /* Pre-token database support. */ 621 bf[0] = _PW_KEYBYNAME; 622 len = strlen("+"); 623 memmove(bf + 1, "+", MIN(len, UT_NAMESIZE)); 624 pkey.data = (u_char *)bf; 625 pkey.size = len + 1; 626 627 if ((_pw_db->get)(_pw_db, &key, &data, 0) 628 && (_pw_db->get)(_pw_db, &pkey, &pdata, 0)) 629 return 0; /* No compat token */ 630 return 1; 631 } 632 633 /* 634 * log an error if "files" or "compat" is specified in passwd_compat database 635 */ 636 static int _bad_getpw __P((void *, void *, va_list)); 637 638 static int 639 _bad_getpw(rv, cb_data, ap) 640 void *rv; 641 void *cb_data; 642 va_list ap; 643 { 644 static int warned; 645 if (!warned) { 646 syslog(LOG_ERR, 647 "nsswitch.conf passwd_compat database can't use '%s'", 648 (char *)cb_data); 649 } 650 warned = 1; 651 return NS_UNAVAIL; 652 } 653 654 /* 655 * when a name lookup in compat mode is required (e.g., '+name', or a name in 656 * '+@netgroup'), look it up in the 'passwd_compat' nsswitch database. 657 * only Hesiod and NIS is supported - it doesn't make sense to lookup 658 * compat names from 'files' or 'compat'. 659 */ 660 static int __getpwcompat __P((int, uid_t, const char *)); 661 662 static int 663 __getpwcompat(type, uid, name) 664 int type; 665 uid_t uid; 666 const char *name; 667 { 668 static ns_dtab dtab[] = { 669 NS_FILES_CB(_bad_getpw, NULL), 670 NS_DNS_CB(_dns_getpw, NULL), 671 NS_NIS_CB(_nis_getpw, NULL), 672 NS_COMPAT_CB(_bad_getpw, NULL), 673 { NULL, NULL, NULL } 674 }; 675 676 switch (type) { 677 case _PW_KEYBYNUM: 678 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, type); 679 case _PW_KEYBYNAME: 680 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, type, name); 681 case _PW_KEYBYUID: 682 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, type, uid); 683 default: 684 abort(); 685 } 686 } 687 688 /* 689 * compat implementation of getpwent() 690 * varargs (ignored): 691 * type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 692 */ 693 static int _compat_getpwent __P((void *, void *, va_list)); 694 695 static int 696 _compat_getpwent(rv, cb_data, ap) 697 void *rv; 698 void *cb_data; 699 va_list ap; 700 { 701 DBT key; 702 char bf[sizeof(_pw_keynum) + 1]; 703 static char *name = NULL; 704 const char *user, *host, *dom; 705 int has_compatpw; 706 707 if (!_pw_db && !__initdb()) 708 return NS_UNAVAIL; 709 710 has_compatpw = __has_compatpw(); 711 712 again: 713 if (has_compatpw && (__pwmode != PWMODE_NONE)) { 714 int r; 715 716 switch (__pwmode) { 717 case PWMODE_FULL: 718 r = __getpwcompat(_PW_KEYBYNUM, 0, NULL); 719 if (r == NS_SUCCESS) 720 return r; 721 __pwmode = PWMODE_NONE; 722 break; 723 724 case PWMODE_NETGRP: 725 r = getnetgrent(&host, &user, &dom); 726 if (r == 0) { /* end of group */ 727 endnetgrent(); 728 __pwmode = PWMODE_NONE; 729 break; 730 } 731 if (!user || !*user) 732 break; 733 r = __getpwcompat(_PW_KEYBYNAME, 0, user); 734 if (r == NS_SUCCESS) 735 return r; 736 break; 737 738 case PWMODE_USER: 739 if (name == NULL) { 740 __pwmode = PWMODE_NONE; 741 break; 742 } 743 r = __getpwcompat(_PW_KEYBYNAME, 0, name); 744 free(name); 745 name = NULL; 746 if (r == NS_SUCCESS) 747 return r; 748 break; 749 750 case PWMODE_NONE: 751 abort(); 752 } 753 goto again; 754 } 755 756 ++_pw_keynum; 757 bf[0] = _PW_KEYBYNUM; 758 memmove(bf + 1, (char *)&_pw_keynum, sizeof(_pw_keynum)); 759 key.data = (u_char *)bf; 760 key.size = sizeof(_pw_keynum) + 1; 761 if(__hashpw(&key) == NS_SUCCESS) { 762 /* if we don't have YP at all, don't bother. */ 763 if (has_compatpw) { 764 if(_pw_passwd.pw_name[0] == '+') { 765 /* set the mode */ 766 switch(_pw_passwd.pw_name[1]) { 767 case '\0': 768 __pwmode = PWMODE_FULL; 769 break; 770 case '@': 771 __pwmode = PWMODE_NETGRP; 772 setnetgrent(_pw_passwd.pw_name + 2); 773 break; 774 default: 775 __pwmode = PWMODE_USER; 776 name = strdup(_pw_passwd.pw_name + 1); 777 break; 778 } 779 780 /* save the prototype */ 781 __pwproto_set(); 782 goto again; 783 } else if(_pw_passwd.pw_name[0] == '-') { 784 /* an attempted exclusion */ 785 switch(_pw_passwd.pw_name[1]) { 786 case '\0': 787 break; 788 case '@': 789 setnetgrent(_pw_passwd.pw_name + 2); 790 while(getnetgrent(&host, &user, &dom)) { 791 if(user && *user) 792 __pwexclude_add(user); 793 } 794 endnetgrent(); 795 break; 796 default: 797 __pwexclude_add(_pw_passwd.pw_name + 1); 798 break; 799 } 800 goto again; 801 } 802 } 803 return NS_SUCCESS; 804 } 805 return NS_NOTFOUND; 806 } 807 808 /* 809 * compat implementation of getpwnam() and getpwuid() 810 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 811 */ 812 static int _compat_getpw __P((void *, void *, va_list)); 813 814 static int 815 _compat_getpw(rv, cb_data, ap) 816 void *rv; 817 void *cb_data; 818 va_list ap; 819 { 820 DBT key; 821 int len, search, rval; 822 uid_t uid; 823 char bf[MAXLOGNAME + 1]; 824 const char *name; 825 826 search = va_arg(ap, int); 827 uid = 0; 828 name = NULL; 829 rval = NS_NOTFOUND; 830 831 if (!_pw_db && !__initdb()) 832 return NS_UNAVAIL; 833 834 switch (search) { 835 case _PW_KEYBYNAME: 836 name = va_arg(ap, const char *); 837 break; 838 case _PW_KEYBYUID: 839 uid = va_arg(ap, uid_t); 840 break; 841 default: 842 abort(); 843 } 844 845 /* 846 * If YP is active, we must sequence through the passwd file 847 * in sequence. 848 */ 849 if (__has_compatpw()) { 850 int r; 851 int s = -1; 852 const char *host, *user, *dom; 853 854 for(_pw_keynum=1; _pw_keynum; _pw_keynum++) { 855 bf[0] = _PW_KEYBYNUM; 856 memmove(bf + 1, (char *)&_pw_keynum, 857 sizeof(_pw_keynum)); 858 key.data = (u_char *)bf; 859 key.size = sizeof(_pw_keynum) + 1; 860 if(__hashpw(&key) != NS_SUCCESS) 861 break; 862 switch(_pw_passwd.pw_name[0]) { 863 case '+': 864 /* save the prototype */ 865 __pwproto_set(); 866 867 switch(_pw_passwd.pw_name[1]) { 868 case '\0': 869 r = __getpwcompat(search, uid, name); 870 if (r != NS_SUCCESS) 871 continue; 872 break; 873 case '@': 874 pwnam_netgrp: 875 if(__ypcurrent) { 876 free(__ypcurrent); 877 __ypcurrent = NULL; 878 } 879 if(s == -1) /* first time */ 880 setnetgrent(_pw_passwd.pw_name + 2); 881 s = getnetgrent(&host, &user, &dom); 882 if(s == 0) { /* end of group */ 883 endnetgrent(); 884 s = -1; 885 continue; 886 } 887 if (!user || !*user) 888 goto pwnam_netgrp; 889 890 r = __getpwcompat(_PW_KEYBYNAME, 891 0, user); 892 893 if (r == NS_UNAVAIL) 894 return r; 895 if (r == NS_NOTFOUND) { 896 /* 897 * just because this user is bad 898 * it doesn't mean they all are. 899 */ 900 goto pwnam_netgrp; 901 } 902 break; 903 default: 904 user = _pw_passwd.pw_name + 1; 905 r = __getpwcompat(_PW_KEYBYNAME, 906 0, user); 907 908 if (r == NS_UNAVAIL) 909 return r; 910 if (r == NS_NOTFOUND) 911 continue; 912 break; 913 } 914 if(__pwexclude_is(_pw_passwd.pw_name)) { 915 if(s == 1) /* inside netgrp */ 916 goto pwnam_netgrp; 917 continue; 918 } 919 break; 920 case '-': 921 /* attempted exclusion */ 922 switch(_pw_passwd.pw_name[1]) { 923 case '\0': 924 break; 925 case '@': 926 setnetgrent(_pw_passwd.pw_name + 2); 927 while(getnetgrent(&host, &user, &dom)) { 928 if(user && *user) 929 __pwexclude_add(user); 930 } 931 endnetgrent(); 932 break; 933 default: 934 __pwexclude_add(_pw_passwd.pw_name + 1); 935 break; 936 } 937 break; 938 939 continue; 940 } 941 if ((search == _PW_KEYBYNAME && 942 strcmp(_pw_passwd.pw_name, name) == 0) 943 || (search == _PW_KEYBYUID && 944 _pw_passwd.pw_uid == uid)) { 945 rval = NS_SUCCESS; 946 break; 947 } 948 if(s == 1) /* inside netgrp */ 949 goto pwnam_netgrp; 950 continue; 951 } 952 __pwproto = (struct passwd *)NULL; 953 } else { 954 bf[0] = _PW_KEYBYNAME; 955 len = strlen(name); 956 memmove(bf + 1, name, MIN(len, UT_NAMESIZE)); 957 key.data = (u_char *)bf; 958 key.size = len + 1; 959 rval = __hashpw(&key); 960 } 961 962 if (!_pw_stayopen) { 963 (void)(_pw_db->close)(_pw_db); 964 _pw_db = (DB *)NULL; 965 } 966 if(__pwexclude != (DB *)NULL) { 967 (void)(__pwexclude->close)(__pwexclude); 968 __pwexclude = (DB *)NULL; 969 } 970 return rval; 971 } 972 #endif /* YP || HESIOD */ 973 974 struct passwd * 975 getpwent() 976 { 977 int r; 978 static ns_dtab dtab[] = { 979 NS_FILES_CB(_local_getpw, NULL), 980 NS_DNS_CB(_dns_getpw, NULL), 981 NS_NIS_CB(_nis_getpw, NULL), 982 NS_COMPAT_CB(_compat_getpwent, NULL), 983 { NULL, NULL, NULL } 984 }; 985 986 _pw_none = 0; 987 r = nsdispatch(NULL, dtab, NSDB_PASSWD, _PW_KEYBYNUM); 988 if (_pw_none || r != NS_SUCCESS) 989 return (struct passwd *)NULL; 990 return &_pw_passwd; 991 } 992 993 struct passwd * 994 getpwnam(name) 995 const char *name; 996 { 997 int r; 998 static ns_dtab dtab[] = { 999 NS_FILES_CB(_local_getpw, NULL), 1000 NS_DNS_CB(_dns_getpw, NULL), 1001 NS_NIS_CB(_nis_getpw, NULL), 1002 NS_COMPAT_CB(_compat_getpw, NULL), 1003 { NULL, NULL, NULL } 1004 }; 1005 1006 if (name == NULL || name[0] == '\0') 1007 return (struct passwd *)NULL; 1008 1009 r = nsdispatch(NULL, dtab, NSDB_PASSWD, _PW_KEYBYNAME, name); 1010 return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL); 1011 } 1012 1013 struct passwd * 1014 getpwuid(uid) 1015 uid_t uid; 1016 { 1017 int r; 1018 static ns_dtab dtab[] = { 1019 NS_FILES_CB(_local_getpw, NULL), 1020 NS_DNS_CB(_dns_getpw, NULL), 1021 NS_NIS_CB(_nis_getpw, NULL), 1022 NS_COMPAT_CB(_compat_getpw, NULL), 1023 { NULL, NULL, NULL } 1024 }; 1025 1026 r = nsdispatch(NULL, dtab, NSDB_PASSWD, _PW_KEYBYUID, (int)uid); 1027 return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL); 1028 } 1029 1030 int 1031 setpassent(stayopen) 1032 int stayopen; 1033 { 1034 _pw_keynum = 0; 1035 _pw_stayopen = stayopen; 1036 #ifdef YP 1037 __pwmode = PWMODE_NONE; 1038 if(__ypcurrent) 1039 free(__ypcurrent); 1040 __ypcurrent = NULL; 1041 #endif 1042 #ifdef HESIOD 1043 _pw_hesnum = 0; 1044 #endif 1045 #if defined(YP) || defined(HESIOD) 1046 if(__pwexclude != (DB *)NULL) { 1047 (void)(__pwexclude->close)(__pwexclude); 1048 __pwexclude = (DB *)NULL; 1049 } 1050 __pwproto = (struct passwd *)NULL; 1051 #endif 1052 return 1; 1053 } 1054 1055 void 1056 setpwent() 1057 { 1058 (void) setpassent(0); 1059 } 1060 1061 void 1062 endpwent() 1063 { 1064 _pw_keynum = 0; 1065 if (_pw_db) { 1066 (void)(_pw_db->close)(_pw_db); 1067 _pw_db = (DB *)NULL; 1068 } 1069 #if defined(YP) || defined(HESIOD) 1070 __pwmode = PWMODE_NONE; 1071 #endif 1072 #ifdef YP 1073 if(__ypcurrent) 1074 free(__ypcurrent); 1075 __ypcurrent = NULL; 1076 #endif 1077 #ifdef HESIOD 1078 _pw_hesnum = 0; 1079 #endif 1080 #if defined(YP) || defined(HESIOD) 1081 if(__pwexclude != (DB *)NULL) { 1082 (void)(__pwexclude->close)(__pwexclude); 1083 __pwexclude = (DB *)NULL; 1084 } 1085 __pwproto = (struct passwd *)NULL; 1086 #endif 1087 } 1088 1089 static int 1090 __initdb() 1091 { 1092 static int warned; 1093 char *p; 1094 1095 #if defined(YP) || defined(HESIOD) 1096 __pwmode = PWMODE_NONE; 1097 #endif 1098 if (geteuid() == 0) { 1099 _pw_db = dbopen((p = _PATH_SMP_DB), O_RDONLY, 0, DB_HASH, NULL); 1100 if (_pw_db) 1101 return(1); 1102 } 1103 _pw_db = dbopen((p = _PATH_MP_DB), O_RDONLY, 0, DB_HASH, NULL); 1104 if (_pw_db) 1105 return 1; 1106 if (!warned) 1107 syslog(LOG_ERR, "%s: %m", p); 1108 warned = 1; 1109 return 0; 1110 } 1111 1112 static int 1113 __hashpw(key) 1114 DBT *key; 1115 { 1116 char *p, *t; 1117 static u_int max; 1118 static char *line; 1119 DBT data; 1120 1121 switch ((_pw_db->get)(_pw_db, key, &data, 0)) { 1122 case 0: 1123 break; /* found */ 1124 case 1: 1125 return NS_NOTFOUND; 1126 case -1: 1127 return NS_UNAVAIL; /* error in db routines */ 1128 default: 1129 abort(); 1130 } 1131 1132 p = (char *)data.data; 1133 if (data.size > max && !(line = realloc(line, (max += 1024)))) 1134 return NS_UNAVAIL; 1135 1136 /* THIS CODE MUST MATCH THAT IN pwd_mkdb. */ 1137 t = line; 1138 #define EXPAND(e) e = t; while ((*t++ = *p++)); 1139 #define SCALAR(v) memmove(&(v), p, sizeof v); p += sizeof v 1140 EXPAND(_pw_passwd.pw_name); 1141 EXPAND(_pw_passwd.pw_passwd); 1142 SCALAR(_pw_passwd.pw_uid); 1143 SCALAR(_pw_passwd.pw_gid); 1144 SCALAR(_pw_passwd.pw_change); 1145 EXPAND(_pw_passwd.pw_class); 1146 EXPAND(_pw_passwd.pw_gecos); 1147 EXPAND(_pw_passwd.pw_dir); 1148 EXPAND(_pw_passwd.pw_shell); 1149 SCALAR(_pw_passwd.pw_expire); 1150 1151 /* See if there's any data left. If so, read in flags. */ 1152 if (data.size > (p - (char *)data.data)) { 1153 SCALAR(_pw_flags); 1154 } else 1155 _pw_flags = _PASSWORD_NOUID|_PASSWORD_NOGID; /* default */ 1156 1157 return NS_SUCCESS; 1158 } 1159
Indexes created Tue Sep 30 11:09:46 GMT 2025