getpwent.c revision 1.34
1 /* $NetBSD: getpwent.c,v 1.34 1999/01/18 00:59:10 lukem Exp $ */ 2 3 /* 4 * Copyright (c) 1988, 1993 5 * The Regents of the University of California. All rights reserved. 6 * Portions Copyright (c) 1994, 1995, Jason Downs. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. All advertising materials mentioning features or use of this software 17 * must display the following acknowledgement: 18 * This product includes software developed by the University of 19 * California, Berkeley and its contributors. 20 * 4. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 */ 36 37 #include <sys/cdefs.h> 38 #if defined(LIBC_SCCS) && !defined(lint) 39 #if 0 40 static char sccsid[] = "@(#)getpwent.c 8.2 (Berkeley) 4/27/95"; 41 #else 42 __RCSID("$NetBSD: getpwent.c,v 1.34 1999/01/18 00:59:10 lukem Exp $"); 43 #endif 44 #endif /* LIBC_SCCS and not lint */ 45 46 #include "namespace.h" 47 #include <sys/param.h> 48 #include <fcntl.h> 49 #include <db.h> 50 #include <syslog.h> 51 #include <pwd.h> 52 #include <utmp.h> 53 #include <errno.h> 54 #include <unistd.h> 55 #include <stdlib.h> 56 #include <string.h> 57 #include <limits.h> 58 #include <netgroup.h> 59 #include <nsswitch.h> 60 #ifdef HESIOD 61 #include <hesiod.h> 62 #endif 63 #ifdef YP 64 #include <machine/param.h> 65 #include <stdio.h> 66 #include <rpc/rpc.h> 67 #include <rpcsvc/yp_prot.h> 68 #include <rpcsvc/ypclnt.h> 69 #endif 70 71 #include "pw_private.h" 72 73 #ifdef __weak_alias 74 __weak_alias(endpwent,_endpwent); 75 __weak_alias(getpwent,_getpwent); 76 __weak_alias(getpwnam,_getpwnam); 77 __weak_alias(getpwuid,_getpwuid); 78 __weak_alias(setpassent,_setpassent); 79 __weak_alias(setpwent,_setpwent); 80 #endif 81 82 83 /* 84 * The lookup techniques and data extraction code here must be kept 85 * in sync with that in `pwd_mkdb'. 86 */ 87 88 static struct passwd _pw_passwd; /* password structure */ 89 static DB *_pw_db; /* password database */ 90 static int _pw_keynum; /* key counter */ 91 static int _pw_stayopen; /* keep fd's open */ 92 static int _pw_flags; /* password flags */ 93 static int _pw_none; /* true if getpwent got EOF */ 94 95 static int __hashpw __P((DBT *)); 96 static int __initdb __P((void)); 97 98 const char __yp_token[] = "__YP!"; /* Let pwd_mkdb pull this in. */ 99 100 #ifdef YP 101 static char *__ypcurrent, *__ypdomain; 102 static int __ypcurrentlen; 103 #endif 104 105 #ifdef HESIOD 106 static int _pw_hesnum; 107 #endif 108 109 #if defined(YP) || defined(HESIOD) 110 enum _pwmode { PWMODE_NONE, PWMODE_FULL, PWMODE_USER, PWMODE_NETGRP }; 111 static enum _pwmode __pwmode; 112 113 enum _ypmap { YPMAP_NONE, YPMAP_ADJUNCT, YPMAP_MASTER }; 114 115 static struct passwd *__pwproto = (struct passwd *)NULL; 116 static int __pwproto_flags; 117 static char line[1024]; 118 static long prbuf[1024 / sizeof(long)]; 119 static DB *__pwexclude = (DB *)NULL; 120 121 static int __pwexclude_add __P((const char *)); 122 static int __pwexclude_is __P((const char *)); 123 static void __pwproto_set __P((void)); 124 static int __ypmaptype __P((void)); 125 static int __pwparse __P((struct passwd *, char *)); 126 127 /* macros for deciding which YP maps to use. */ 128 #define PASSWD_BYNAME (__ypmaptype() == YPMAP_MASTER \ 129 ? "master.passwd.byname" : "passwd.byname") 130 #define PASSWD_BYUID (__ypmaptype() == YPMAP_MASTER \ 131 ? "master.passwd.byuid" : "passwd.byuid") 132 133 /* 134 * add a name to the compat mode exclude list 135 */ 136 static int 137 __pwexclude_add(name) 138 const char *name; 139 { 140 DBT key; 141 DBT data; 142 143 /* initialize the exclusion table if needed. */ 144 if(__pwexclude == (DB *)NULL) { 145 __pwexclude = dbopen(NULL, O_RDWR, 600, DB_HASH, NULL); 146 if(__pwexclude == (DB *)NULL) 147 return 1; 148 } 149 150 /* set up the key */ 151 key.size = strlen(name); 152 /* LINTED key does not get modified */ 153 key.data = (char *)name; 154 155 /* data is nothing. */ 156 data.data = NULL; 157 data.size = 0; 158 159 /* store it */ 160 if((__pwexclude->put)(__pwexclude, &key, &data, 0) == -1) 161 return 1; 162 163 return 0; 164 } 165 166 /* 167 * test if a name is on the compat mode exclude list 168 */ 169 static int 170 __pwexclude_is(name) 171 const char *name; 172 { 173 DBT key; 174 DBT data; 175 176 if(__pwexclude == (DB *)NULL) 177 return 0; /* nothing excluded */ 178 179 /* set up the key */ 180 key.size = strlen(name); 181 /* LINTED key does not get modified */ 182 key.data = (char *)name; 183 184 if((__pwexclude->get)(__pwexclude, &key, &data, 0) == 0) 185 return 1; /* excluded */ 186 187 return 0; 188 } 189 190 /* 191 * setup the compat mode prototype template 192 */ 193 static void 194 __pwproto_set() 195 { 196 char *ptr; 197 struct passwd *pw = &_pw_passwd; 198 199 /* make this the new prototype */ 200 ptr = (char *)(void *)prbuf; 201 202 /* first allocate the struct. */ 203 __pwproto = (struct passwd *)ptr; 204 ptr += sizeof(struct passwd); 205 206 /* name */ 207 if(pw->pw_name && (pw->pw_name)[0]) { 208 ptr = (char *)ALIGN(ptr); 209 memmove(ptr, pw->pw_name, strlen(pw->pw_name) + 1); 210 __pwproto->pw_name = ptr; 211 ptr += (strlen(pw->pw_name) + 1); 212 } else 213 __pwproto->pw_name = (char *)NULL; 214 215 /* password */ 216 if(pw->pw_passwd && (pw->pw_passwd)[0]) { 217 ptr = (char *)ALIGN(ptr); 218 memmove(ptr, pw->pw_passwd, strlen(pw->pw_passwd) + 1); 219 __pwproto->pw_passwd = ptr; 220 ptr += (strlen(pw->pw_passwd) + 1); 221 } else 222 __pwproto->pw_passwd = (char *)NULL; 223 224 /* uid */ 225 __pwproto->pw_uid = pw->pw_uid; 226 227 /* gid */ 228 __pwproto->pw_gid = pw->pw_gid; 229 230 /* change (ignored anyway) */ 231 __pwproto->pw_change = pw->pw_change; 232 233 /* class (ignored anyway) */ 234 __pwproto->pw_class = ""; 235 236 /* gecos */ 237 if(pw->pw_gecos && (pw->pw_gecos)[0]) { 238 ptr = (char *)ALIGN(ptr); 239 memmove(ptr, pw->pw_gecos, strlen(pw->pw_gecos) + 1); 240 __pwproto->pw_gecos = ptr; 241 ptr += (strlen(pw->pw_gecos) + 1); 242 } else 243 __pwproto->pw_gecos = (char *)NULL; 244 245 /* dir */ 246 if(pw->pw_dir && (pw->pw_dir)[0]) { 247 ptr = (char *)ALIGN(ptr); 248 memmove(ptr, pw->pw_dir, strlen(pw->pw_dir) + 1); 249 __pwproto->pw_dir = ptr; 250 ptr += (strlen(pw->pw_dir) + 1); 251 } else 252 __pwproto->pw_dir = (char *)NULL; 253 254 /* shell */ 255 if(pw->pw_shell && (pw->pw_shell)[0]) { 256 ptr = (char *)ALIGN(ptr); 257 memmove(ptr, pw->pw_shell, strlen(pw->pw_shell) + 1); 258 __pwproto->pw_shell = ptr; 259 ptr += (strlen(pw->pw_shell) + 1); 260 } else 261 __pwproto->pw_shell = (char *)NULL; 262 263 /* expire (ignored anyway) */ 264 __pwproto->pw_expire = pw->pw_expire; 265 266 /* flags */ 267 __pwproto_flags = _pw_flags; 268 } 269 270 static int 271 __ypmaptype() 272 { 273 static int maptype = -1; 274 int order, r; 275 276 if (maptype != -1) 277 return (maptype); 278 279 maptype = YPMAP_NONE; 280 if (geteuid() != 0) 281 return (maptype); 282 283 if (!__ypdomain) { 284 if( _yp_check(&__ypdomain) == 0) 285 return (maptype); 286 } 287 288 r = yp_order(__ypdomain, "master.passwd.byname", &order); 289 if (r == 0) { 290 maptype = YPMAP_MASTER; 291 return (maptype); 292 } 293 294 /* 295 * NIS+ in YP compat mode doesn't support 296 * YPPROC_ORDER -- no point in continuing. 297 */ 298 if (r == YPERR_YPERR) 299 return (maptype); 300 301 /* master.passwd doesn't exist -- try passwd.adjunct */ 302 if (r == YPERR_MAP) { 303 r = yp_order(__ypdomain, "passwd.adjunct.byname", &order); 304 if (r == 0) 305 maptype = YPMAP_ADJUNCT; 306 return (maptype); 307 } 308 309 return (maptype); 310 } 311 312 /* 313 * parse an old-style passwd file line (from NIS or HESIOD) 314 */ 315 static int 316 __pwparse(pw, s) 317 struct passwd *pw; 318 char *s; 319 { 320 static char adjunctpw[YPMAXRECORD + 2]; 321 int flags, maptype; 322 323 maptype = __ypmaptype(); 324 flags = _PASSWORD_NOWARN; 325 if (maptype != YPMAP_MASTER) 326 flags |= _PASSWORD_OLDFMT; 327 if (! __pw_scan(s, pw, &flags)) 328 return 1; 329 330 /* now let the prototype override, if set. */ 331 if(__pwproto != (struct passwd *)NULL) { 332 #ifdef PW_OVERRIDE_PASSWD 333 if(__pwproto->pw_passwd != (char *)NULL) 334 pw->pw_passwd = __pwproto->pw_passwd; 335 #endif 336 if(!(__pwproto_flags & _PASSWORD_NOUID)) 337 pw->pw_uid = __pwproto->pw_uid; 338 if(!(__pwproto_flags & _PASSWORD_NOGID)) 339 pw->pw_gid = __pwproto->pw_gid; 340 if(__pwproto->pw_gecos != (char *)NULL) 341 pw->pw_gecos = __pwproto->pw_gecos; 342 if(__pwproto->pw_dir != (char *)NULL) 343 pw->pw_dir = __pwproto->pw_dir; 344 if(__pwproto->pw_shell != (char *)NULL) 345 pw->pw_shell = __pwproto->pw_shell; 346 } 347 if ((maptype == YPMAP_ADJUNCT) && 348 (strstr(pw->pw_passwd, "##") != NULL)) { 349 char *data, *bp; 350 int datalen; 351 352 if (yp_match(__ypdomain, "passwd.adjunct.byname", pw->pw_name, 353 (int)strlen(pw->pw_name), &data, &datalen) == 0) { 354 if (datalen > sizeof(adjunctpw) - 1) 355 datalen = sizeof(adjunctpw) - 1; 356 strncpy(adjunctpw, data, datalen); 357 358 /* skip name to get password */ 359 if ((bp = strsep(&data, ":")) != NULL && 360 (bp = strsep(&data, ":")) != NULL) 361 pw->pw_passwd = bp; 362 } 363 } 364 return 0; 365 } 366 #endif /* YP || HESIOD */ 367 368 /* 369 * local files implementation of getpw*() 370 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 371 */ 372 static int _local_getpw __P((void *, void *, va_list)); 373 374 static int 375 _local_getpw(rv, cb_data, ap) 376 void *rv; 377 void *cb_data; 378 va_list ap; 379 { 380 DBT key; 381 char bf[MAX(UT_NAMESIZE, sizeof(_pw_keynum)) + 1]; 382 uid_t uid; 383 int search, len, rval; 384 const char *name; 385 386 if (!_pw_db && !__initdb()) 387 return NS_UNAVAIL; 388 389 search = va_arg(ap, int); 390 bf[0] = search; 391 switch (search) { 392 case _PW_KEYBYNUM: 393 ++_pw_keynum; 394 memmove(bf + 1, (char *)&_pw_keynum, sizeof(_pw_keynum)); 395 key.size = sizeof(_pw_keynum) + 1; 396 break; 397 case _PW_KEYBYNAME: 398 name = va_arg(ap, const char *); 399 len = strlen(name); 400 memmove(bf + 1, name, MIN(len, UT_NAMESIZE)); 401 key.size = len + 1; 402 break; 403 case _PW_KEYBYUID: 404 uid = va_arg(ap, uid_t); 405 memmove(bf + 1, (char *)&uid, sizeof(len)); 406 key.size = sizeof(uid) + 1; 407 break; 408 default: 409 abort(); 410 } 411 412 key.data = (u_char *)bf; 413 rval = __hashpw(&key); 414 if (rval == NS_NOTFOUND && search == _PW_KEYBYNUM) { 415 _pw_none = 1; 416 rval = NS_SUCCESS; 417 } 418 419 if (!_pw_stayopen && (search != _PW_KEYBYNUM)) { 420 (void)(_pw_db->close)(_pw_db); 421 _pw_db = (DB *)NULL; 422 } 423 return (rval); 424 } 425 426 #ifdef HESIOD 427 /* 428 * hesiod implementation of getpw*() 429 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 430 */ 431 static int _dns_getpw __P((void *, void *, va_list)); 432 433 static int 434 _dns_getpw(rv, cb_data, ap) 435 void *rv; 436 void *cb_data; 437 va_list ap; 438 { 439 const char *name; 440 uid_t uid; 441 int search; 442 char **hp; 443 444 445 search = va_arg(ap, int); 446 switch (search) { 447 case _PW_KEYBYNUM: 448 snprintf(line, sizeof(line) - 1, "passwd-%u", _pw_hesnum); 449 _pw_hesnum++; 450 break; 451 case _PW_KEYBYNAME: 452 name = va_arg(ap, const char *); 453 strncpy(line, name, sizeof(line)); 454 break; 455 case _PW_KEYBYUID: 456 uid = va_arg(ap, uid_t); 457 snprintf(line, sizeof(line), "%u", (unsigned int)uid); 458 break; 459 default: 460 abort(); 461 } 462 line[sizeof(line) - 1] = '\0'; 463 464 hp = hes_resolve(line, "passwd"); 465 if (hp == NULL) { 466 switch (hes_error()) { 467 case HES_ER_NOTFOUND: 468 if (search == _PW_KEYBYNUM) { 469 _pw_hesnum = 0; 470 _pw_none = 1; 471 return NS_SUCCESS; 472 } 473 return NS_NOTFOUND; 474 case HES_ER_OK: 475 abort(); 476 default: 477 return NS_UNAVAIL; 478 } 479 } 480 481 strncpy(line, hp[0], sizeof(line)); /* only check first elem */ 482 line[sizeof(line) - 1] = '\0'; 483 hes_free(hp); 484 if (__pwparse(&_pw_passwd, line)) 485 return NS_UNAVAIL; 486 return NS_SUCCESS; 487 } 488 #endif 489 490 #ifdef YP 491 /* 492 * nis implementation of getpw*() 493 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 494 */ 495 static int _nis_getpw __P((void *, void *, va_list)); 496 497 static int 498 _nis_getpw(rv, cb_data, ap) 499 void *rv; 500 void *cb_data; 501 va_list ap; 502 { 503 const char *name; 504 uid_t uid; 505 int search; 506 char *key, *data; 507 char *map = PASSWD_BYNAME; 508 int keylen, datalen, r; 509 510 if(__ypdomain == NULL) { 511 if(_yp_check(&__ypdomain) == 0) 512 return NS_UNAVAIL; 513 } 514 515 search = va_arg(ap, int); 516 switch (search) { 517 case _PW_KEYBYNUM: 518 break; 519 case _PW_KEYBYNAME: 520 name = va_arg(ap, const char *); 521 strncpy(line, name, sizeof(line)); 522 break; 523 case _PW_KEYBYUID: 524 uid = va_arg(ap, uid_t); 525 snprintf(line, sizeof(line), "%u", (unsigned int)uid); 526 map = PASSWD_BYUID; 527 break; 528 default: 529 abort(); 530 } 531 line[sizeof(line) - 1] = '\0'; 532 if (search != _PW_KEYBYNUM) { 533 data = NULL; 534 r = yp_match(__ypdomain, map, line, (int)strlen(line), 535 &data, &datalen); 536 switch (r) { 537 case 0: 538 break; 539 case YPERR_KEY: 540 r = NS_NOTFOUND; 541 break; 542 default: 543 r = NS_UNAVAIL; 544 break; 545 } 546 if (r != 0) { 547 if (data) 548 free(data); 549 return r; 550 } 551 data[datalen] = '\0'; /* clear trailing \n */ 552 strncpy(line, data, sizeof(line)); 553 line[sizeof(line) - 1] = '\0'; 554 free(data); 555 if (__pwparse(&_pw_passwd, line)) 556 return NS_UNAVAIL; 557 return NS_SUCCESS; 558 } 559 560 for (;;) { 561 data = key = NULL; 562 if (__ypcurrent) { 563 r = yp_next(__ypdomain, map, 564 __ypcurrent, __ypcurrentlen, 565 &key, &keylen, &data, &datalen); 566 free(__ypcurrent); 567 switch (r) { 568 case 0: 569 __ypcurrent = key; 570 __ypcurrentlen = keylen; 571 break; 572 case YPERR_NOMORE: 573 __ypcurrent = NULL; 574 _pw_none = 1; 575 if (key) 576 free(key); 577 return NS_SUCCESS; 578 default: 579 r = NS_UNAVAIL; 580 break; 581 } 582 } else { 583 r = 0; 584 if (yp_first(__ypdomain, map, &__ypcurrent, 585 &__ypcurrentlen, &data, &datalen)) 586 r = NS_UNAVAIL; 587 } 588 if (r != 0) { 589 if (key) 590 free(key); 591 if (data) 592 free(data); 593 return r; 594 } 595 data[datalen] = '\0'; /* clear trailing \n */ 596 strncpy(line, data, sizeof(line)); 597 line[sizeof(line) - 1] = '\0'; 598 free(data); 599 if (! __pwparse(&_pw_passwd, line)) 600 return NS_SUCCESS; 601 } 602 /* NOTREACHED */ 603 } /* _nis_getpw */ 604 #endif 605 606 #if defined(YP) || defined(HESIOD) 607 /* 608 * See if the compat token is in the database. Only works if pwd_mkdb knows 609 * about the token. 610 */ 611 static int __has_compatpw __P((void)); 612 613 static int 614 __has_compatpw() 615 { 616 DBT key, data; 617 DBT pkey, pdata; 618 int len; 619 char bf[UT_NAMESIZE]; 620 621 key.data = (u_char *)__yp_token; 622 key.size = strlen(__yp_token); 623 624 /* Pre-token database support. */ 625 bf[0] = _PW_KEYBYNAME; 626 len = strlen("+"); 627 memmove(bf + 1, "+", MIN(len, UT_NAMESIZE)); 628 pkey.data = (u_char *)bf; 629 pkey.size = len + 1; 630 631 if ((_pw_db->get)(_pw_db, &key, &data, 0) 632 && (_pw_db->get)(_pw_db, &pkey, &pdata, 0)) 633 return 0; /* No compat token */ 634 return 1; 635 } 636 637 /* 638 * log an error if "files" or "compat" is specified in passwd_compat database 639 */ 640 static int _bad_getpw __P((void *, void *, va_list)); 641 642 static int 643 _bad_getpw(rv, cb_data, ap) 644 void *rv; 645 void *cb_data; 646 va_list ap; 647 { 648 static int warned; 649 if (!warned) { 650 syslog(LOG_ERR, 651 "nsswitch.conf passwd_compat database can't use '%s'", 652 (char *)cb_data); 653 } 654 warned = 1; 655 return NS_UNAVAIL; 656 } 657 658 /* 659 * when a name lookup in compat mode is required (e.g., '+name', or a name in 660 * '+@netgroup'), look it up in the 'passwd_compat' nsswitch database. 661 * only Hesiod and NIS is supported - it doesn't make sense to lookup 662 * compat names from 'files' or 'compat'. 663 */ 664 static int __getpwcompat __P((int, uid_t, const char *)); 665 666 static int 667 __getpwcompat(type, uid, name) 668 int type; 669 uid_t uid; 670 const char *name; 671 { 672 static ns_dtab dtab[] = { 673 NS_FILES_CB(_bad_getpw, "files"), 674 NS_DNS_CB(_dns_getpw, NULL), 675 NS_NIS_CB(_nis_getpw, NULL), 676 NS_COMPAT_CB(_bad_getpw, "compat"), 677 { NULL, NULL, NULL } 678 }; 679 680 switch (type) { 681 case _PW_KEYBYNUM: 682 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, type); 683 case _PW_KEYBYNAME: 684 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, type, name); 685 case _PW_KEYBYUID: 686 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, type, uid); 687 default: 688 abort(); 689 } 690 } 691 692 /* 693 * compat implementation of getpwent() 694 * varargs (ignored): 695 * type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 696 */ 697 static int _compat_getpwent __P((void *, void *, va_list)); 698 699 static int 700 _compat_getpwent(rv, cb_data, ap) 701 void *rv; 702 void *cb_data; 703 va_list ap; 704 { 705 DBT key; 706 char bf[sizeof(_pw_keynum) + 1]; 707 static char *name = NULL; 708 const char *user, *host, *dom; 709 int has_compatpw; 710 711 if (!_pw_db && !__initdb()) 712 return NS_UNAVAIL; 713 714 has_compatpw = __has_compatpw(); 715 716 again: 717 if (has_compatpw && (__pwmode != PWMODE_NONE)) { 718 int r; 719 720 switch (__pwmode) { 721 case PWMODE_FULL: 722 r = __getpwcompat(_PW_KEYBYNUM, 0, NULL); 723 if (r == NS_SUCCESS) 724 return r; 725 __pwmode = PWMODE_NONE; 726 break; 727 728 case PWMODE_NETGRP: 729 r = getnetgrent(&host, &user, &dom); 730 if (r == 0) { /* end of group */ 731 endnetgrent(); 732 __pwmode = PWMODE_NONE; 733 break; 734 } 735 if (!user || !*user) 736 break; 737 r = __getpwcompat(_PW_KEYBYNAME, 0, user); 738 if (r == NS_SUCCESS) 739 return r; 740 break; 741 742 case PWMODE_USER: 743 if (name == NULL) { 744 __pwmode = PWMODE_NONE; 745 break; 746 } 747 r = __getpwcompat(_PW_KEYBYNAME, 0, name); 748 free(name); 749 name = NULL; 750 if (r == NS_SUCCESS) 751 return r; 752 break; 753 754 case PWMODE_NONE: 755 abort(); 756 } 757 goto again; 758 } 759 760 ++_pw_keynum; 761 bf[0] = _PW_KEYBYNUM; 762 memmove(bf + 1, (char *)&_pw_keynum, sizeof(_pw_keynum)); 763 key.data = (u_char *)bf; 764 key.size = sizeof(_pw_keynum) + 1; 765 if(__hashpw(&key) == NS_SUCCESS) { 766 /* if we don't have YP at all, don't bother. */ 767 if (has_compatpw) { 768 if(_pw_passwd.pw_name[0] == '+') { 769 /* set the mode */ 770 switch(_pw_passwd.pw_name[1]) { 771 case '\0': 772 __pwmode = PWMODE_FULL; 773 break; 774 case '@': 775 __pwmode = PWMODE_NETGRP; 776 setnetgrent(_pw_passwd.pw_name + 2); 777 break; 778 default: 779 __pwmode = PWMODE_USER; 780 name = strdup(_pw_passwd.pw_name + 1); 781 break; 782 } 783 784 /* save the prototype */ 785 __pwproto_set(); 786 goto again; 787 } else if(_pw_passwd.pw_name[0] == '-') { 788 /* an attempted exclusion */ 789 switch(_pw_passwd.pw_name[1]) { 790 case '\0': 791 break; 792 case '@': 793 setnetgrent(_pw_passwd.pw_name + 2); 794 while(getnetgrent(&host, &user, &dom)) { 795 if(user && *user) 796 __pwexclude_add(user); 797 } 798 endnetgrent(); 799 break; 800 default: 801 __pwexclude_add(_pw_passwd.pw_name + 1); 802 break; 803 } 804 goto again; 805 } 806 } 807 return NS_SUCCESS; 808 } 809 return NS_NOTFOUND; 810 } 811 812 /* 813 * compat implementation of getpwnam() and getpwuid() 814 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 815 */ 816 static int _compat_getpw __P((void *, void *, va_list)); 817 818 static int 819 _compat_getpw(rv, cb_data, ap) 820 void *rv; 821 void *cb_data; 822 va_list ap; 823 { 824 DBT key; 825 int search, rval, r, s; 826 uid_t uid; 827 char bf[MAXLOGNAME + 1]; 828 const char *name, *host, *user, *dom; 829 830 if (!_pw_db && !__initdb()) 831 return NS_UNAVAIL; 832 833 /* 834 * If there isn't a compat token in the database, use files. 835 */ 836 if (! __has_compatpw()) 837 return (_local_getpw(rv, cb_data, ap)); 838 839 search = va_arg(ap, int); 840 uid = 0; 841 name = NULL; 842 rval = NS_NOTFOUND; 843 switch (search) { 844 case _PW_KEYBYNAME: 845 name = va_arg(ap, const char *); 846 break; 847 case _PW_KEYBYUID: 848 uid = va_arg(ap, uid_t); 849 break; 850 default: 851 abort(); 852 } 853 854 for(s = -1, _pw_keynum=1; _pw_keynum; _pw_keynum++) { 855 bf[0] = _PW_KEYBYNUM; 856 memmove(bf + 1, (char *)&_pw_keynum, sizeof(_pw_keynum)); 857 key.data = (u_char *)bf; 858 key.size = sizeof(_pw_keynum) + 1; 859 if(__hashpw(&key) != NS_SUCCESS) 860 break; 861 switch(_pw_passwd.pw_name[0]) { 862 case '+': 863 /* save the prototype */ 864 __pwproto_set(); 865 866 switch(_pw_passwd.pw_name[1]) { 867 case '\0': 868 r = __getpwcompat(search, uid, name); 869 if (r != NS_SUCCESS) 870 continue; 871 break; 872 case '@': 873 pwnam_netgrp: 874 if(__ypcurrent) { 875 free(__ypcurrent); 876 __ypcurrent = NULL; 877 } 878 if (s == -1) /* first time */ 879 setnetgrent(_pw_passwd.pw_name + 2); 880 s = getnetgrent(&host, &user, &dom); 881 if (s == 0) { /* end of group */ 882 endnetgrent(); 883 s = -1; 884 continue; 885 } 886 if (!user || !*user) 887 goto pwnam_netgrp; 888 889 r = __getpwcompat(_PW_KEYBYNAME, 0, user); 890 891 if (r == NS_UNAVAIL) 892 return r; 893 if (r == NS_NOTFOUND) { 894 /* 895 * just because this user is bad 896 * it doesn't mean they all are. 897 */ 898 goto pwnam_netgrp; 899 } 900 break; 901 default: 902 user = _pw_passwd.pw_name + 1; 903 r = __getpwcompat(_PW_KEYBYNAME, 0, user); 904 905 if (r == NS_UNAVAIL) 906 return r; 907 if (r == NS_NOTFOUND) 908 continue; 909 break; 910 } 911 if(__pwexclude_is(_pw_passwd.pw_name)) { 912 if(s == 1) /* inside netgroup */ 913 goto pwnam_netgrp; 914 continue; 915 } 916 break; 917 case '-': 918 /* attempted exclusion */ 919 switch(_pw_passwd.pw_name[1]) { 920 case '\0': 921 break; 922 case '@': 923 setnetgrent(_pw_passwd.pw_name + 2); 924 while(getnetgrent(&host, &user, &dom)) { 925 if(user && *user) 926 __pwexclude_add(user); 927 } 928 endnetgrent(); 929 break; 930 default: 931 __pwexclude_add(_pw_passwd.pw_name + 1); 932 break; 933 } 934 break; 935 } 936 if ((search == _PW_KEYBYNAME && 937 strcmp(_pw_passwd.pw_name, name) == 0) 938 || (search == _PW_KEYBYUID && _pw_passwd.pw_uid == uid)) { 939 rval = NS_SUCCESS; 940 break; 941 } 942 if(s == 1) /* inside netgroup */ 943 goto pwnam_netgrp; 944 continue; 945 } 946 __pwproto = (struct passwd *)NULL; 947 948 if (!_pw_stayopen) { 949 (void)(_pw_db->close)(_pw_db); 950 _pw_db = (DB *)NULL; 951 } 952 if(__pwexclude != (DB *)NULL) { 953 (void)(__pwexclude->close)(__pwexclude); 954 __pwexclude = (DB *)NULL; 955 } 956 return rval; 957 } 958 #endif /* YP || HESIOD */ 959 960 struct passwd * 961 getpwent() 962 { 963 int r; 964 static ns_dtab dtab[] = { 965 NS_FILES_CB(_local_getpw, NULL), 966 NS_DNS_CB(_dns_getpw, NULL), 967 NS_NIS_CB(_nis_getpw, NULL), 968 NS_COMPAT_CB(_compat_getpwent, NULL), 969 { NULL, NULL, NULL } 970 }; 971 972 _pw_none = 0; 973 r = nsdispatch(NULL, dtab, NSDB_PASSWD, _PW_KEYBYNUM); 974 if (_pw_none || r != NS_SUCCESS) 975 return (struct passwd *)NULL; 976 return &_pw_passwd; 977 } 978 979 struct passwd * 980 getpwnam(name) 981 const char *name; 982 { 983 int r; 984 static ns_dtab dtab[] = { 985 NS_FILES_CB(_local_getpw, NULL), 986 NS_DNS_CB(_dns_getpw, NULL), 987 NS_NIS_CB(_nis_getpw, NULL), 988 NS_COMPAT_CB(_compat_getpw, NULL), 989 { NULL, NULL, NULL } 990 }; 991 992 if (name == NULL || name[0] == '\0') 993 return (struct passwd *)NULL; 994 995 r = nsdispatch(NULL, dtab, NSDB_PASSWD, _PW_KEYBYNAME, name); 996 return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL); 997 } 998 999 struct passwd * 1000 getpwuid(uid) 1001 uid_t uid; 1002 { 1003 int r; 1004 static ns_dtab dtab[] = { 1005 NS_FILES_CB(_local_getpw, NULL), 1006 NS_DNS_CB(_dns_getpw, NULL), 1007 NS_NIS_CB(_nis_getpw, NULL), 1008 NS_COMPAT_CB(_compat_getpw, NULL), 1009 { NULL, NULL, NULL } 1010 }; 1011 1012 r = nsdispatch(NULL, dtab, NSDB_PASSWD, _PW_KEYBYUID, uid); 1013 return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL); 1014 } 1015 1016 int 1017 setpassent(stayopen) 1018 int stayopen; 1019 { 1020 _pw_keynum = 0; 1021 _pw_stayopen = stayopen; 1022 #ifdef YP 1023 __pwmode = PWMODE_NONE; 1024 if(__ypcurrent) 1025 free(__ypcurrent); 1026 __ypcurrent = NULL; 1027 #endif 1028 #ifdef HESIOD 1029 _pw_hesnum = 0; 1030 #endif 1031 #if defined(YP) || defined(HESIOD) 1032 if(__pwexclude != (DB *)NULL) { 1033 (void)(__pwexclude->close)(__pwexclude); 1034 __pwexclude = (DB *)NULL; 1035 } 1036 __pwproto = (struct passwd *)NULL; 1037 #endif 1038 return 1; 1039 } 1040 1041 void 1042 setpwent() 1043 { 1044 (void) setpassent(0); 1045 } 1046 1047 void 1048 endpwent() 1049 { 1050 _pw_keynum = 0; 1051 if (_pw_db) { 1052 (void)(_pw_db->close)(_pw_db); 1053 _pw_db = (DB *)NULL; 1054 } 1055 #if defined(YP) || defined(HESIOD) 1056 __pwmode = PWMODE_NONE; 1057 #endif 1058 #ifdef YP 1059 if(__ypcurrent) 1060 free(__ypcurrent); 1061 __ypcurrent = NULL; 1062 #endif 1063 #ifdef HESIOD 1064 _pw_hesnum = 0; 1065 #endif 1066 #if defined(YP) || defined(HESIOD) 1067 if(__pwexclude != (DB *)NULL) { 1068 (void)(__pwexclude->close)(__pwexclude); 1069 __pwexclude = (DB *)NULL; 1070 } 1071 __pwproto = (struct passwd *)NULL; 1072 #endif 1073 } 1074 1075 static int 1076 __initdb() 1077 { 1078 static int warned; 1079 char *p; 1080 1081 #if defined(YP) || defined(HESIOD) 1082 __pwmode = PWMODE_NONE; 1083 #endif 1084 if (geteuid() == 0) { 1085 _pw_db = dbopen((p = _PATH_SMP_DB), O_RDONLY, 0, DB_HASH, NULL); 1086 if (_pw_db) 1087 return(1); 1088 } 1089 _pw_db = dbopen((p = _PATH_MP_DB), O_RDONLY, 0, DB_HASH, NULL); 1090 if (_pw_db) 1091 return 1; 1092 if (!warned) 1093 syslog(LOG_ERR, "%s: %m", p); 1094 warned = 1; 1095 return 0; 1096 } 1097 1098 static int 1099 __hashpw(key) 1100 DBT *key; 1101 { 1102 char *p, *t; 1103 static u_int max; 1104 static char *buf; 1105 DBT data; 1106 1107 switch ((_pw_db->get)(_pw_db, key, &data, 0)) { 1108 case 0: 1109 break; /* found */ 1110 case 1: 1111 return NS_NOTFOUND; 1112 case -1: 1113 return NS_UNAVAIL; /* error in db routines */ 1114 default: 1115 abort(); 1116 } 1117 1118 p = (char *)data.data; 1119 if (data.size > max && !(buf = realloc(buf, (max += 1024)))) 1120 return NS_UNAVAIL; 1121 1122 /* THIS CODE MUST MATCH THAT IN pwd_mkdb. */ 1123 t = buf; 1124 #define EXPAND(e) e = t; while ((*t++ = *p++)); 1125 #define SCALAR(v) memmove(&(v), p, sizeof v); p += sizeof v 1126 EXPAND(_pw_passwd.pw_name); 1127 EXPAND(_pw_passwd.pw_passwd); 1128 SCALAR(_pw_passwd.pw_uid); 1129 SCALAR(_pw_passwd.pw_gid); 1130 SCALAR(_pw_passwd.pw_change); 1131 EXPAND(_pw_passwd.pw_class); 1132 EXPAND(_pw_passwd.pw_gecos); 1133 EXPAND(_pw_passwd.pw_dir); 1134 EXPAND(_pw_passwd.pw_shell); 1135 SCALAR(_pw_passwd.pw_expire); 1136 1137 /* See if there's any data left. If so, read in flags. */ 1138 if (data.size > (p - (char *)data.data)) { 1139 SCALAR(_pw_flags); 1140 } else 1141 _pw_flags = _PASSWORD_NOUID|_PASSWORD_NOGID; /* default */ 1142 1143 return NS_SUCCESS; 1144 } 1145
Indexes created Sat Sep 27 22:09:54 GMT 2025