getpwent.c revision 1.37
1 /* $NetBSD: getpwent.c,v 1.37 1999/01/20 13:12:07 christos Exp $ */ 2 3 /* 4 * Copyright (c) 1988, 1993 5 * The Regents of the University of California. All rights reserved. 6 * Portions Copyright (c) 1994, 1995, Jason Downs. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. All advertising materials mentioning features or use of this software 17 * must display the following acknowledgement: 18 * This product includes software developed by the University of 19 * California, Berkeley and its contributors. 20 * 4. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 */ 36 37 #include <sys/cdefs.h> 38 #if defined(LIBC_SCCS) && !defined(lint) 39 #if 0 40 static char sccsid[] = "@(#)getpwent.c 8.2 (Berkeley) 4/27/95"; 41 #else 42 __RCSID("$NetBSD: getpwent.c,v 1.37 1999/01/20 13:12:07 christos Exp $"); 43 #endif 44 #endif /* LIBC_SCCS and not lint */ 45 46 #include "namespace.h" 47 #include <sys/param.h> 48 #include <fcntl.h> 49 #include <db.h> 50 #include <syslog.h> 51 #include <pwd.h> 52 #include <utmp.h> 53 #include <errno.h> 54 #include <unistd.h> 55 #include <stdlib.h> 56 #include <string.h> 57 #include <limits.h> 58 #include <netgroup.h> 59 #include <nsswitch.h> 60 #ifdef HESIOD 61 #include <hesiod.h> 62 #endif 63 #ifdef YP 64 #include <machine/param.h> 65 #include <stdio.h> 66 #include <rpc/rpc.h> 67 #include <rpcsvc/yp_prot.h> 68 #include <rpcsvc/ypclnt.h> 69 #endif 70 71 #include "pw_private.h" 72 73 #ifdef __weak_alias 74 __weak_alias(endpwent,_endpwent); 75 __weak_alias(getpwent,_getpwent); 76 __weak_alias(getpwnam,_getpwnam); 77 __weak_alias(getpwuid,_getpwuid); 78 __weak_alias(setpassent,_setpassent); 79 __weak_alias(setpwent,_setpwent); 80 #endif 81 82 83 /* 84 * The lookup techniques and data extraction code here must be kept 85 * in sync with that in `pwd_mkdb'. 86 */ 87 88 static struct passwd _pw_passwd; /* password structure */ 89 static DB *_pw_db; /* password database */ 90 static int _pw_keynum; /* key counter */ 91 static int _pw_stayopen; /* keep fd's open */ 92 static int _pw_flags; /* password flags */ 93 static int _pw_none; /* true if getpwent got EOF */ 94 95 static int __hashpw __P((DBT *)); 96 static int __initdb __P((void)); 97 98 const char __yp_token[] = "__YP!"; /* Let pwd_mkdb pull this in. */ 99 static const ns_src compatsrc[] = { 100 { NSSRC_COMPAT, NS_SUCCESS }, 101 { 0 } 102 }; 103 104 #ifdef YP 105 static char *__ypcurrent, *__ypdomain; 106 static int __ypcurrentlen; 107 #endif 108 109 #ifdef HESIOD 110 static int _pw_hesnum; 111 #endif 112 113 #if defined(YP) || defined(HESIOD) 114 enum _pwmode { PWMODE_NONE, PWMODE_FULL, PWMODE_USER, PWMODE_NETGRP }; 115 static enum _pwmode __pwmode; 116 117 enum _ypmap { YPMAP_NONE, YPMAP_ADJUNCT, YPMAP_MASTER }; 118 119 static struct passwd *__pwproto = (struct passwd *)NULL; 120 static int __pwproto_flags; 121 static char line[1024]; 122 static long prbuf[1024 / sizeof(long)]; 123 static DB *__pwexclude = (DB *)NULL; 124 125 static int __pwexclude_add __P((const char *)); 126 static int __pwexclude_is __P((const char *)); 127 static void __pwproto_set __P((void)); 128 static int __ypmaptype __P((void)); 129 static int __pwparse __P((struct passwd *, char *)); 130 131 /* macros for deciding which YP maps to use. */ 132 #define PASSWD_BYNAME (__ypmaptype() == YPMAP_MASTER \ 133 ? "master.passwd.byname" : "passwd.byname") 134 #define PASSWD_BYUID (__ypmaptype() == YPMAP_MASTER \ 135 ? "master.passwd.byuid" : "passwd.byuid") 136 137 /* 138 * add a name to the compat mode exclude list 139 */ 140 static int 141 __pwexclude_add(name) 142 const char *name; 143 { 144 DBT key; 145 DBT data; 146 147 /* initialize the exclusion table if needed. */ 148 if(__pwexclude == (DB *)NULL) { 149 __pwexclude = dbopen(NULL, O_RDWR, 600, DB_HASH, NULL); 150 if(__pwexclude == (DB *)NULL) 151 return 1; 152 } 153 154 /* set up the key */ 155 key.size = strlen(name); 156 /* LINTED key does not get modified */ 157 key.data = (char *)name; 158 159 /* data is nothing. */ 160 data.data = NULL; 161 data.size = 0; 162 163 /* store it */ 164 if((__pwexclude->put)(__pwexclude, &key, &data, 0) == -1) 165 return 1; 166 167 return 0; 168 } 169 170 /* 171 * test if a name is on the compat mode exclude list 172 */ 173 static int 174 __pwexclude_is(name) 175 const char *name; 176 { 177 DBT key; 178 DBT data; 179 180 if(__pwexclude == (DB *)NULL) 181 return 0; /* nothing excluded */ 182 183 /* set up the key */ 184 key.size = strlen(name); 185 /* LINTED key does not get modified */ 186 key.data = (char *)name; 187 188 if((__pwexclude->get)(__pwexclude, &key, &data, 0) == 0) 189 return 1; /* excluded */ 190 191 return 0; 192 } 193 194 /* 195 * setup the compat mode prototype template 196 */ 197 static void 198 __pwproto_set() 199 { 200 char *ptr; 201 struct passwd *pw = &_pw_passwd; 202 203 /* make this the new prototype */ 204 ptr = (char *)(void *)prbuf; 205 206 /* first allocate the struct. */ 207 __pwproto = (struct passwd *)(void *)ptr; 208 ptr += sizeof(struct passwd); 209 210 /* name */ 211 if(pw->pw_name && (pw->pw_name)[0]) { 212 ptr = (char *)ALIGN((u_long)ptr); 213 memmove(ptr, pw->pw_name, strlen(pw->pw_name) + 1); 214 __pwproto->pw_name = ptr; 215 ptr += (strlen(pw->pw_name) + 1); 216 } else 217 __pwproto->pw_name = (char *)NULL; 218 219 /* password */ 220 if(pw->pw_passwd && (pw->pw_passwd)[0]) { 221 ptr = (char *)ALIGN((u_long)ptr); 222 memmove(ptr, pw->pw_passwd, strlen(pw->pw_passwd) + 1); 223 __pwproto->pw_passwd = ptr; 224 ptr += (strlen(pw->pw_passwd) + 1); 225 } else 226 __pwproto->pw_passwd = (char *)NULL; 227 228 /* uid */ 229 __pwproto->pw_uid = pw->pw_uid; 230 231 /* gid */ 232 __pwproto->pw_gid = pw->pw_gid; 233 234 /* change (ignored anyway) */ 235 __pwproto->pw_change = pw->pw_change; 236 237 /* class (ignored anyway) */ 238 __pwproto->pw_class = ""; 239 240 /* gecos */ 241 if(pw->pw_gecos && (pw->pw_gecos)[0]) { 242 ptr = (char *)ALIGN((u_long)ptr); 243 memmove(ptr, pw->pw_gecos, strlen(pw->pw_gecos) + 1); 244 __pwproto->pw_gecos = ptr; 245 ptr += (strlen(pw->pw_gecos) + 1); 246 } else 247 __pwproto->pw_gecos = (char *)NULL; 248 249 /* dir */ 250 if(pw->pw_dir && (pw->pw_dir)[0]) { 251 ptr = (char *)ALIGN((u_long)ptr); 252 memmove(ptr, pw->pw_dir, strlen(pw->pw_dir) + 1); 253 __pwproto->pw_dir = ptr; 254 ptr += (strlen(pw->pw_dir) + 1); 255 } else 256 __pwproto->pw_dir = (char *)NULL; 257 258 /* shell */ 259 if(pw->pw_shell && (pw->pw_shell)[0]) { 260 ptr = (char *)ALIGN((u_long)ptr); 261 memmove(ptr, pw->pw_shell, strlen(pw->pw_shell) + 1); 262 __pwproto->pw_shell = ptr; 263 ptr += (strlen(pw->pw_shell) + 1); 264 } else 265 __pwproto->pw_shell = (char *)NULL; 266 267 /* expire (ignored anyway) */ 268 __pwproto->pw_expire = pw->pw_expire; 269 270 /* flags */ 271 __pwproto_flags = _pw_flags; 272 } 273 274 static int 275 __ypmaptype() 276 { 277 static int maptype = -1; 278 int order, r; 279 280 if (maptype != -1) 281 return (maptype); 282 283 maptype = YPMAP_NONE; 284 if (geteuid() != 0) 285 return (maptype); 286 287 if (!__ypdomain) { 288 if( _yp_check(&__ypdomain) == 0) 289 return (maptype); 290 } 291 292 r = yp_order(__ypdomain, "master.passwd.byname", &order); 293 if (r == 0) { 294 maptype = YPMAP_MASTER; 295 return (maptype); 296 } 297 298 /* 299 * NIS+ in YP compat mode doesn't support 300 * YPPROC_ORDER -- no point in continuing. 301 */ 302 if (r == YPERR_YPERR) 303 return (maptype); 304 305 /* master.passwd doesn't exist -- try passwd.adjunct */ 306 if (r == YPERR_MAP) { 307 r = yp_order(__ypdomain, "passwd.adjunct.byname", &order); 308 if (r == 0) 309 maptype = YPMAP_ADJUNCT; 310 return (maptype); 311 } 312 313 return (maptype); 314 } 315 316 /* 317 * parse an old-style passwd file line (from NIS or HESIOD) 318 */ 319 static int 320 __pwparse(pw, s) 321 struct passwd *pw; 322 char *s; 323 { 324 static char adjunctpw[YPMAXRECORD + 2]; 325 int flags, maptype; 326 327 maptype = __ypmaptype(); 328 flags = _PASSWORD_NOWARN; 329 if (maptype != YPMAP_MASTER) 330 flags |= _PASSWORD_OLDFMT; 331 if (! __pw_scan(s, pw, &flags)) 332 return 1; 333 334 /* now let the prototype override, if set. */ 335 if(__pwproto != (struct passwd *)NULL) { 336 #ifdef PW_OVERRIDE_PASSWD 337 if(__pwproto->pw_passwd != (char *)NULL) 338 pw->pw_passwd = __pwproto->pw_passwd; 339 #endif 340 if(!(__pwproto_flags & _PASSWORD_NOUID)) 341 pw->pw_uid = __pwproto->pw_uid; 342 if(!(__pwproto_flags & _PASSWORD_NOGID)) 343 pw->pw_gid = __pwproto->pw_gid; 344 if(__pwproto->pw_gecos != (char *)NULL) 345 pw->pw_gecos = __pwproto->pw_gecos; 346 if(__pwproto->pw_dir != (char *)NULL) 347 pw->pw_dir = __pwproto->pw_dir; 348 if(__pwproto->pw_shell != (char *)NULL) 349 pw->pw_shell = __pwproto->pw_shell; 350 } 351 if ((maptype == YPMAP_ADJUNCT) && 352 (strstr(pw->pw_passwd, "##") != NULL)) { 353 char *data, *bp; 354 int datalen; 355 356 if (yp_match(__ypdomain, "passwd.adjunct.byname", pw->pw_name, 357 (int)strlen(pw->pw_name), &data, &datalen) == 0) { 358 if (datalen > sizeof(adjunctpw) - 1) 359 datalen = sizeof(adjunctpw) - 1; 360 strncpy(adjunctpw, data, (size_t)datalen); 361 362 /* skip name to get password */ 363 if ((bp = strsep(&data, ":")) != NULL && 364 (bp = strsep(&data, ":")) != NULL) 365 pw->pw_passwd = bp; 366 } 367 } 368 return 0; 369 } 370 #endif /* YP || HESIOD */ 371 372 /* 373 * local files implementation of getpw*() 374 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 375 */ 376 static int _local_getpw __P((void *, void *, va_list)); 377 378 /*ARGSUSED*/ 379 static int 380 _local_getpw(rv, cb_data, ap) 381 void *rv; 382 void *cb_data; 383 va_list ap; 384 { 385 DBT key; 386 char bf[/*CONSTCOND*/ MAX(MAXLOGNAME, sizeof(_pw_keynum)) + 1]; 387 uid_t uid; 388 int search, len, rval; 389 const char *name; 390 391 if (!_pw_db && !__initdb()) 392 return NS_UNAVAIL; 393 394 search = va_arg(ap, int); 395 bf[0] = search; 396 switch (search) { 397 case _PW_KEYBYNUM: 398 ++_pw_keynum; 399 memmove(bf + 1, &_pw_keynum, sizeof(_pw_keynum)); 400 key.size = sizeof(_pw_keynum) + 1; 401 break; 402 case _PW_KEYBYNAME: 403 name = va_arg(ap, const char *); 404 len = strlen(name); 405 memmove(bf + 1, name, (size_t)MIN(len, MAXLOGNAME)); 406 key.size = len + 1; 407 break; 408 case _PW_KEYBYUID: 409 uid = va_arg(ap, uid_t); 410 memmove(bf + 1, &uid, sizeof(len)); 411 key.size = sizeof(uid) + 1; 412 break; 413 default: 414 abort(); 415 } 416 417 key.data = (u_char *)bf; 418 rval = __hashpw(&key); 419 if (rval == NS_NOTFOUND && search == _PW_KEYBYNUM) { 420 _pw_none = 1; 421 rval = NS_SUCCESS; 422 } 423 424 if (!_pw_stayopen && (search != _PW_KEYBYNUM)) { 425 (void)(_pw_db->close)(_pw_db); 426 _pw_db = (DB *)NULL; 427 } 428 return (rval); 429 } 430 431 #ifdef HESIOD 432 /* 433 * hesiod implementation of getpw*() 434 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 435 */ 436 static int _dns_getpw __P((void *, void *, va_list)); 437 438 /*ARGSUSED*/ 439 static int 440 _dns_getpw(rv, cb_data, ap) 441 void *rv; 442 void *cb_data; 443 va_list ap; 444 { 445 const char *name; 446 uid_t uid; 447 int search; 448 char **hp; 449 450 451 search = va_arg(ap, int); 452 switch (search) { 453 case _PW_KEYBYNUM: 454 snprintf(line, sizeof(line) - 1, "passwd-%u", _pw_hesnum); 455 _pw_hesnum++; 456 break; 457 case _PW_KEYBYNAME: 458 name = va_arg(ap, const char *); 459 strncpy(line, name, sizeof(line)); 460 break; 461 case _PW_KEYBYUID: 462 uid = va_arg(ap, uid_t); 463 snprintf(line, sizeof(line), "%u", (unsigned int)uid); 464 break; 465 default: 466 abort(); 467 } 468 line[sizeof(line) - 1] = '\0'; 469 470 hp = hes_resolve(line, "passwd"); 471 if (hp == NULL) { 472 switch (hes_error()) { 473 case HES_ER_NOTFOUND: 474 if (search == _PW_KEYBYNUM) { 475 _pw_hesnum = 0; 476 _pw_none = 1; 477 return NS_SUCCESS; 478 } 479 return NS_NOTFOUND; 480 case HES_ER_OK: 481 abort(); 482 break; 483 default: 484 return NS_UNAVAIL; 485 } 486 } 487 488 strncpy(line, hp[0], sizeof(line)); /* only check first elem */ 489 line[sizeof(line) - 1] = '\0'; 490 hes_free(hp); 491 if (__pwparse(&_pw_passwd, line)) 492 return NS_UNAVAIL; 493 return NS_SUCCESS; 494 } 495 #endif 496 497 #ifdef YP 498 /* 499 * nis implementation of getpw*() 500 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 501 */ 502 static int _nis_getpw __P((void *, void *, va_list)); 503 504 /*ARGSUSED*/ 505 static int 506 _nis_getpw(rv, cb_data, ap) 507 void *rv; 508 void *cb_data; 509 va_list ap; 510 { 511 const char *name; 512 uid_t uid; 513 int search; 514 char *key, *data; 515 char *map = PASSWD_BYNAME; 516 int keylen, datalen, r; 517 518 if(__ypdomain == NULL) { 519 if(_yp_check(&__ypdomain) == 0) 520 return NS_UNAVAIL; 521 } 522 523 search = va_arg(ap, int); 524 switch (search) { 525 case _PW_KEYBYNUM: 526 break; 527 case _PW_KEYBYNAME: 528 name = va_arg(ap, const char *); 529 strncpy(line, name, sizeof(line)); 530 break; 531 case _PW_KEYBYUID: 532 uid = va_arg(ap, uid_t); 533 snprintf(line, sizeof(line), "%u", (unsigned int)uid); 534 map = PASSWD_BYUID; 535 break; 536 default: 537 abort(); 538 } 539 line[sizeof(line) - 1] = '\0'; 540 if (search != _PW_KEYBYNUM) { 541 data = NULL; 542 r = yp_match(__ypdomain, map, line, (int)strlen(line), 543 &data, &datalen); 544 switch (r) { 545 case 0: 546 break; 547 case YPERR_KEY: 548 r = NS_NOTFOUND; 549 break; 550 default: 551 r = NS_UNAVAIL; 552 break; 553 } 554 if (r != 0) { 555 if (data) 556 free(data); 557 return r; 558 } 559 data[datalen] = '\0'; /* clear trailing \n */ 560 strncpy(line, data, sizeof(line)); 561 line[sizeof(line) - 1] = '\0'; 562 free(data); 563 if (__pwparse(&_pw_passwd, line)) 564 return NS_UNAVAIL; 565 return NS_SUCCESS; 566 } 567 568 for (;;) { 569 data = key = NULL; 570 if (__ypcurrent) { 571 r = yp_next(__ypdomain, map, 572 __ypcurrent, __ypcurrentlen, 573 &key, &keylen, &data, &datalen); 574 free(__ypcurrent); 575 switch (r) { 576 case 0: 577 __ypcurrent = key; 578 __ypcurrentlen = keylen; 579 break; 580 case YPERR_NOMORE: 581 __ypcurrent = NULL; 582 _pw_none = 1; 583 if (key) 584 free(key); 585 return NS_SUCCESS; 586 default: 587 r = NS_UNAVAIL; 588 break; 589 } 590 } else { 591 r = 0; 592 if (yp_first(__ypdomain, map, &__ypcurrent, 593 &__ypcurrentlen, &data, &datalen)) 594 r = NS_UNAVAIL; 595 } 596 if (r != 0) { 597 if (key) 598 free(key); 599 if (data) 600 free(data); 601 return r; 602 } 603 data[datalen] = '\0'; /* clear trailing \n */ 604 strncpy(line, data, sizeof(line)); 605 line[sizeof(line) - 1] = '\0'; 606 free(data); 607 if (! __pwparse(&_pw_passwd, line)) 608 return NS_SUCCESS; 609 } 610 /* NOTREACHED */ 611 } /* _nis_getpw */ 612 #endif 613 614 #if defined(YP) || defined(HESIOD) 615 /* 616 * See if the compat token is in the database. Only works if pwd_mkdb knows 617 * about the token. 618 */ 619 static int __has_compatpw __P((void)); 620 621 static int 622 __has_compatpw() 623 { 624 DBT key, data; 625 DBT pkey, pdata; 626 char bf[MAXLOGNAME]; 627 628 /*LINTED*/ 629 key.data = (u_char *)__yp_token; 630 key.size = strlen(__yp_token); 631 632 /* Pre-token database support. */ 633 bf[0] = _PW_KEYBYNAME; 634 bf[1] = '+'; 635 pkey.data = (u_char *)bf; 636 pkey.size = 2; 637 638 if ((_pw_db->get)(_pw_db, &key, &data, 0) 639 && (_pw_db->get)(_pw_db, &pkey, &pdata, 0)) 640 return 0; /* No compat token */ 641 return 1; 642 } 643 644 /* 645 * log an error if "files" or "compat" is specified in passwd_compat database 646 */ 647 static int _bad_getpw __P((void *, void *, va_list)); 648 649 /*ARGSUSED*/ 650 static int 651 _bad_getpw(rv, cb_data, ap) 652 void *rv; 653 void *cb_data; 654 va_list ap; 655 { 656 static int warned; 657 if (!warned) { 658 syslog(LOG_ERR, 659 "nsswitch.conf passwd_compat database can't use '%s'", 660 (char *)cb_data); 661 } 662 warned = 1; 663 return NS_UNAVAIL; 664 } 665 666 /* 667 * when a name lookup in compat mode is required (e.g., '+name', or a name in 668 * '+@netgroup'), look it up in the 'passwd_compat' nsswitch database. 669 * only Hesiod and NIS is supported - it doesn't make sense to lookup 670 * compat names from 'files' or 'compat'. 671 */ 672 static int __getpwcompat __P((int, uid_t, const char *)); 673 674 static int 675 __getpwcompat(type, uid, name) 676 int type; 677 uid_t uid; 678 const char *name; 679 { 680 static const ns_dtab dtab[] = { 681 NS_FILES_CB(_bad_getpw, "files") 682 NS_DNS_CB(_dns_getpw, NULL) 683 NS_NIS_CB(_nis_getpw, NULL) 684 NS_COMPAT_CB(_bad_getpw, "compat") 685 { 0 } 686 }; 687 static const ns_src defaultnis[] = { 688 { NSSRC_NIS, NS_SUCCESS }, 689 { 0 } 690 }; 691 692 switch (type) { 693 case _PW_KEYBYNUM: 694 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "getpwcompat", 695 defaultnis, type); 696 case _PW_KEYBYNAME: 697 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "getpwcompat", 698 defaultnis, type, name); 699 case _PW_KEYBYUID: 700 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "getpwcompat", 701 defaultnis, type, uid); 702 default: 703 abort(); 704 /*NOTREACHED*/ 705 } 706 } 707 708 /* 709 * compat implementation of getpwent() 710 * varargs (ignored): 711 * type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 712 */ 713 static int _compat_getpwent __P((void *, void *, va_list)); 714 715 /*ARGSUSED*/ 716 static int 717 _compat_getpwent(rv, cb_data, ap) 718 void *rv; 719 void *cb_data; 720 va_list ap; 721 { 722 DBT key; 723 char bf[sizeof(_pw_keynum) + 1]; 724 static char *name = NULL; 725 const char *user, *host, *dom; 726 int has_compatpw; 727 728 if (!_pw_db && !__initdb()) 729 return NS_UNAVAIL; 730 731 has_compatpw = __has_compatpw(); 732 733 again: 734 if (has_compatpw && (__pwmode != PWMODE_NONE)) { 735 int r; 736 737 switch (__pwmode) { 738 case PWMODE_FULL: 739 r = __getpwcompat(_PW_KEYBYNUM, 0, NULL); 740 if (r == NS_SUCCESS) 741 return r; 742 __pwmode = PWMODE_NONE; 743 break; 744 745 case PWMODE_NETGRP: 746 r = getnetgrent(&host, &user, &dom); 747 if (r == 0) { /* end of group */ 748 endnetgrent(); 749 __pwmode = PWMODE_NONE; 750 break; 751 } 752 if (!user || !*user) 753 break; 754 r = __getpwcompat(_PW_KEYBYNAME, 0, user); 755 if (r == NS_SUCCESS) 756 return r; 757 break; 758 759 case PWMODE_USER: 760 if (name == NULL) { 761 __pwmode = PWMODE_NONE; 762 break; 763 } 764 r = __getpwcompat(_PW_KEYBYNAME, 0, name); 765 free(name); 766 name = NULL; 767 if (r == NS_SUCCESS) 768 return r; 769 break; 770 771 case PWMODE_NONE: 772 abort(); 773 } 774 goto again; 775 } 776 777 ++_pw_keynum; 778 bf[0] = _PW_KEYBYNUM; 779 memmove(bf + 1, &_pw_keynum, sizeof(_pw_keynum)); 780 key.data = (u_char *)bf; 781 key.size = sizeof(_pw_keynum) + 1; 782 if(__hashpw(&key) == NS_SUCCESS) { 783 /* if we don't have YP at all, don't bother. */ 784 if (has_compatpw) { 785 if(_pw_passwd.pw_name[0] == '+') { 786 /* set the mode */ 787 switch(_pw_passwd.pw_name[1]) { 788 case '\0': 789 __pwmode = PWMODE_FULL; 790 break; 791 case '@': 792 __pwmode = PWMODE_NETGRP; 793 setnetgrent(_pw_passwd.pw_name + 2); 794 break; 795 default: 796 __pwmode = PWMODE_USER; 797 name = strdup(_pw_passwd.pw_name + 1); 798 break; 799 } 800 801 /* save the prototype */ 802 __pwproto_set(); 803 goto again; 804 } else if(_pw_passwd.pw_name[0] == '-') { 805 /* an attempted exclusion */ 806 switch(_pw_passwd.pw_name[1]) { 807 case '\0': 808 break; 809 case '@': 810 setnetgrent(_pw_passwd.pw_name + 2); 811 while(getnetgrent(&host, &user, &dom)) { 812 if(user && *user) 813 __pwexclude_add(user); 814 } 815 endnetgrent(); 816 break; 817 default: 818 __pwexclude_add(_pw_passwd.pw_name + 1); 819 break; 820 } 821 goto again; 822 } 823 } 824 return NS_SUCCESS; 825 } 826 return NS_NOTFOUND; 827 } 828 829 /* 830 * compat implementation of getpwnam() and getpwuid() 831 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 832 */ 833 static int _compat_getpw __P((void *, void *, va_list)); 834 835 static int 836 _compat_getpw(rv, cb_data, ap) 837 void *rv; 838 void *cb_data; 839 va_list ap; 840 { 841 DBT key; 842 int search, rval, r, s; 843 uid_t uid; 844 char bf[MAXLOGNAME + 1]; 845 const char *name, *host, *user, *dom; 846 847 if (!_pw_db && !__initdb()) 848 return NS_UNAVAIL; 849 850 /* 851 * If there isn't a compat token in the database, use files. 852 */ 853 if (! __has_compatpw()) 854 return (_local_getpw(rv, cb_data, ap)); 855 856 search = va_arg(ap, int); 857 uid = 0; 858 name = NULL; 859 rval = NS_NOTFOUND; 860 switch (search) { 861 case _PW_KEYBYNAME: 862 name = va_arg(ap, const char *); 863 break; 864 case _PW_KEYBYUID: 865 uid = va_arg(ap, uid_t); 866 break; 867 default: 868 abort(); 869 } 870 871 for(s = -1, _pw_keynum=1; _pw_keynum; _pw_keynum++) { 872 bf[0] = _PW_KEYBYNUM; 873 memmove(bf + 1, &_pw_keynum, sizeof(_pw_keynum)); 874 key.data = (u_char *)bf; 875 key.size = sizeof(_pw_keynum) + 1; 876 if(__hashpw(&key) != NS_SUCCESS) 877 break; 878 switch(_pw_passwd.pw_name[0]) { 879 case '+': 880 /* save the prototype */ 881 __pwproto_set(); 882 883 switch(_pw_passwd.pw_name[1]) { 884 case '\0': 885 r = __getpwcompat(search, uid, name); 886 if (r != NS_SUCCESS) 887 continue; 888 break; 889 case '@': 890 pwnam_netgrp: 891 if(__ypcurrent) { 892 free(__ypcurrent); 893 __ypcurrent = NULL; 894 } 895 if (s == -1) /* first time */ 896 setnetgrent(_pw_passwd.pw_name + 2); 897 s = getnetgrent(&host, &user, &dom); 898 if (s == 0) { /* end of group */ 899 endnetgrent(); 900 s = -1; 901 continue; 902 } 903 if (!user || !*user) 904 goto pwnam_netgrp; 905 906 r = __getpwcompat(_PW_KEYBYNAME, 0, user); 907 908 if (r == NS_UNAVAIL) 909 return r; 910 if (r == NS_NOTFOUND) { 911 /* 912 * just because this user is bad 913 * it doesn't mean they all are. 914 */ 915 goto pwnam_netgrp; 916 } 917 break; 918 default: 919 user = _pw_passwd.pw_name + 1; 920 r = __getpwcompat(_PW_KEYBYNAME, 0, user); 921 922 if (r == NS_UNAVAIL) 923 return r; 924 if (r == NS_NOTFOUND) 925 continue; 926 break; 927 } 928 if(__pwexclude_is(_pw_passwd.pw_name)) { 929 if(s == 1) /* inside netgroup */ 930 goto pwnam_netgrp; 931 continue; 932 } 933 break; 934 case '-': 935 /* attempted exclusion */ 936 switch(_pw_passwd.pw_name[1]) { 937 case '\0': 938 break; 939 case '@': 940 setnetgrent(_pw_passwd.pw_name + 2); 941 while(getnetgrent(&host, &user, &dom)) { 942 if(user && *user) 943 __pwexclude_add(user); 944 } 945 endnetgrent(); 946 break; 947 default: 948 __pwexclude_add(_pw_passwd.pw_name + 1); 949 break; 950 } 951 break; 952 } 953 if ((search == _PW_KEYBYNAME && 954 strcmp(_pw_passwd.pw_name, name) == 0) 955 || (search == _PW_KEYBYUID && _pw_passwd.pw_uid == uid)) { 956 rval = NS_SUCCESS; 957 break; 958 } 959 if(s == 1) /* inside netgroup */ 960 goto pwnam_netgrp; 961 continue; 962 } 963 __pwproto = (struct passwd *)NULL; 964 965 if (!_pw_stayopen) { 966 (void)(_pw_db->close)(_pw_db); 967 _pw_db = (DB *)NULL; 968 } 969 if(__pwexclude != (DB *)NULL) { 970 (void)(__pwexclude->close)(__pwexclude); 971 __pwexclude = (DB *)NULL; 972 } 973 return rval; 974 } 975 #endif /* YP || HESIOD */ 976 977 struct passwd * 978 getpwent() 979 { 980 int r; 981 static const ns_dtab dtab[] = { 982 NS_FILES_CB(_local_getpw, NULL) 983 NS_DNS_CB(_dns_getpw, NULL) 984 NS_NIS_CB(_nis_getpw, NULL) 985 NS_COMPAT_CB(_compat_getpwent, NULL) 986 { 0 } 987 }; 988 989 _pw_none = 0; 990 r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwent", compatsrc, 991 _PW_KEYBYNUM); 992 if (_pw_none || r != NS_SUCCESS) 993 return (struct passwd *)NULL; 994 return &_pw_passwd; 995 } 996 997 struct passwd * 998 getpwnam(name) 999 const char *name; 1000 { 1001 int r; 1002 static const ns_dtab dtab[] = { 1003 NS_FILES_CB(_local_getpw, NULL) 1004 NS_DNS_CB(_dns_getpw, NULL) 1005 NS_NIS_CB(_nis_getpw, NULL) 1006 NS_COMPAT_CB(_compat_getpw, NULL) 1007 { 0 } 1008 }; 1009 1010 if (name == NULL || name[0] == '\0') 1011 return (struct passwd *)NULL; 1012 1013 r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwnam", compatsrc, 1014 _PW_KEYBYNAME, name); 1015 return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL); 1016 } 1017 1018 struct passwd * 1019 getpwuid(uid) 1020 uid_t uid; 1021 { 1022 int r; 1023 static const ns_dtab dtab[] = { 1024 NS_FILES_CB(_local_getpw, NULL) 1025 NS_DNS_CB(_dns_getpw, NULL) 1026 NS_NIS_CB(_nis_getpw, NULL) 1027 NS_COMPAT_CB(_compat_getpw, NULL) 1028 { 0 } 1029 }; 1030 1031 r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwuid", compatsrc, 1032 _PW_KEYBYUID, uid); 1033 return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL); 1034 } 1035 1036 int 1037 setpassent(stayopen) 1038 int stayopen; 1039 { 1040 _pw_keynum = 0; 1041 _pw_stayopen = stayopen; 1042 #ifdef YP 1043 __pwmode = PWMODE_NONE; 1044 if(__ypcurrent) 1045 free(__ypcurrent); 1046 __ypcurrent = NULL; 1047 #endif 1048 #ifdef HESIOD 1049 _pw_hesnum = 0; 1050 #endif 1051 #if defined(YP) || defined(HESIOD) 1052 if(__pwexclude != (DB *)NULL) { 1053 (void)(__pwexclude->close)(__pwexclude); 1054 __pwexclude = (DB *)NULL; 1055 } 1056 __pwproto = (struct passwd *)NULL; 1057 #endif 1058 return 1; 1059 } 1060 1061 void 1062 setpwent() 1063 { 1064 (void) setpassent(0); 1065 } 1066 1067 void 1068 endpwent() 1069 { 1070 _pw_keynum = 0; 1071 if (_pw_db) { 1072 (void)(_pw_db->close)(_pw_db); 1073 _pw_db = (DB *)NULL; 1074 } 1075 #if defined(YP) || defined(HESIOD) 1076 __pwmode = PWMODE_NONE; 1077 #endif 1078 #ifdef YP 1079 if(__ypcurrent) 1080 free(__ypcurrent); 1081 __ypcurrent = NULL; 1082 #endif 1083 #ifdef HESIOD 1084 _pw_hesnum = 0; 1085 #endif 1086 #if defined(YP) || defined(HESIOD) 1087 if(__pwexclude != (DB *)NULL) { 1088 (void)(__pwexclude->close)(__pwexclude); 1089 __pwexclude = (DB *)NULL; 1090 } 1091 __pwproto = (struct passwd *)NULL; 1092 #endif 1093 } 1094 1095 static int 1096 __initdb() 1097 { 1098 static int warned; 1099 char *p; 1100 1101 #if defined(YP) || defined(HESIOD) 1102 __pwmode = PWMODE_NONE; 1103 #endif 1104 if (geteuid() == 0) { 1105 _pw_db = dbopen((p = _PATH_SMP_DB), O_RDONLY, 0, DB_HASH, NULL); 1106 if (_pw_db) 1107 return(1); 1108 } 1109 _pw_db = dbopen((p = _PATH_MP_DB), O_RDONLY, 0, DB_HASH, NULL); 1110 if (_pw_db) 1111 return 1; 1112 if (!warned) 1113 syslog(LOG_ERR, "%s: %m", p); 1114 warned = 1; 1115 return 0; 1116 } 1117 1118 static int 1119 __hashpw(key) 1120 DBT *key; 1121 { 1122 char *p, *t; 1123 static u_int max; 1124 static char *buf; 1125 DBT data; 1126 1127 switch ((_pw_db->get)(_pw_db, key, &data, 0)) { 1128 case 0: 1129 break; /* found */ 1130 case 1: 1131 return NS_NOTFOUND; 1132 case -1: 1133 return NS_UNAVAIL; /* error in db routines */ 1134 default: 1135 abort(); 1136 } 1137 1138 p = (char *)data.data; 1139 if (data.size > max && !(buf = realloc(buf, (max += 1024)))) 1140 return NS_UNAVAIL; 1141 1142 /* THIS CODE MUST MATCH THAT IN pwd_mkdb. */ 1143 t = buf; 1144 #define EXPAND(e) e = t; while ((*t++ = *p++)); 1145 #define SCALAR(v) memmove(&(v), p, sizeof v); p += sizeof v 1146 EXPAND(_pw_passwd.pw_name); 1147 EXPAND(_pw_passwd.pw_passwd); 1148 SCALAR(_pw_passwd.pw_uid); 1149 SCALAR(_pw_passwd.pw_gid); 1150 SCALAR(_pw_passwd.pw_change); 1151 EXPAND(_pw_passwd.pw_class); 1152 EXPAND(_pw_passwd.pw_gecos); 1153 EXPAND(_pw_passwd.pw_dir); 1154 EXPAND(_pw_passwd.pw_shell); 1155 SCALAR(_pw_passwd.pw_expire); 1156 1157 /* See if there's any data left. If so, read in flags. */ 1158 if (data.size > (p - (char *)data.data)) { 1159 SCALAR(_pw_flags); 1160 } else 1161 _pw_flags = _PASSWORD_NOUID|_PASSWORD_NOGID; /* default */ 1162 1163 return NS_SUCCESS; 1164 } 1165
Indexes created Wed Sep 24 05:09:52 GMT 2025