getpwent.c revision 1.39
1 /* $NetBSD: getpwent.c,v 1.39 1999/01/25 01:09:34 lukem Exp $ */ 2 3 /* 4 * Copyright (c) 1988, 1993 5 * The Regents of the University of California. All rights reserved. 6 * Portions Copyright (c) 1994, 1995, Jason Downs. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. All advertising materials mentioning features or use of this software 17 * must display the following acknowledgement: 18 * This product includes software developed by the University of 19 * California, Berkeley and its contributors. 20 * 4. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 */ 36 37 #include <sys/cdefs.h> 38 #if defined(LIBC_SCCS) && !defined(lint) 39 #if 0 40 static char sccsid[] = "@(#)getpwent.c 8.2 (Berkeley) 4/27/95"; 41 #else 42 __RCSID("$NetBSD: getpwent.c,v 1.39 1999/01/25 01:09:34 lukem Exp $"); 43 #endif 44 #endif /* LIBC_SCCS and not lint */ 45 46 #include "namespace.h" 47 #include <sys/param.h> 48 #include <fcntl.h> 49 #include <db.h> 50 #include <syslog.h> 51 #include <pwd.h> 52 #include <utmp.h> 53 #include <errno.h> 54 #include <unistd.h> 55 #include <stdlib.h> 56 #include <string.h> 57 #include <limits.h> 58 #include <netgroup.h> 59 #include <nsswitch.h> 60 #ifdef HESIOD 61 #include <hesiod.h> 62 #endif 63 #ifdef YP 64 #include <machine/param.h> 65 #include <stdio.h> 66 #include <rpc/rpc.h> 67 #include <rpcsvc/yp_prot.h> 68 #include <rpcsvc/ypclnt.h> 69 #endif 70 71 #include "pw_private.h" 72 73 #ifdef __weak_alias 74 __weak_alias(endpwent,_endpwent); 75 __weak_alias(getpwent,_getpwent); 76 __weak_alias(getpwnam,_getpwnam); 77 __weak_alias(getpwuid,_getpwuid); 78 __weak_alias(setpassent,_setpassent); 79 __weak_alias(setpwent,_setpwent); 80 #endif 81 82 83 /* 84 * The lookup techniques and data extraction code here must be kept 85 * in sync with that in `pwd_mkdb'. 86 */ 87 88 static struct passwd _pw_passwd; /* password structure */ 89 static DB *_pw_db; /* password database */ 90 static int _pw_keynum; /* key counter */ 91 static int _pw_stayopen; /* keep fd's open */ 92 static int _pw_flags; /* password flags */ 93 static int _pw_none; /* true if getpwent got EOF */ 94 95 static int __hashpw __P((DBT *)); 96 static int __initdb __P((void)); 97 98 const char __yp_token[] = "__YP!"; /* Let pwd_mkdb pull this in. */ 99 static const ns_src compatsrc[] = { 100 { NSSRC_COMPAT, NS_SUCCESS }, 101 { 0 } 102 }; 103 104 #ifdef YP 105 static char *__ypcurrent, *__ypdomain; 106 static int __ypcurrentlen; 107 #endif 108 109 #ifdef HESIOD 110 static int _pw_hesnum; 111 #endif 112 113 #if defined(YP) || defined(HESIOD) 114 enum _pwmode { PWMODE_NONE, PWMODE_FULL, PWMODE_USER, PWMODE_NETGRP }; 115 static enum _pwmode __pwmode; 116 117 enum _ypmap { YPMAP_NONE, YPMAP_ADJUNCT, YPMAP_MASTER }; 118 119 static struct passwd *__pwproto = (struct passwd *)NULL; 120 static int __pwproto_flags; 121 static char line[1024]; 122 static long prbuf[1024 / sizeof(long)]; 123 static DB *__pwexclude = (DB *)NULL; 124 125 static int __pwexclude_add __P((const char *)); 126 static int __pwexclude_is __P((const char *)); 127 static void __pwproto_set __P((void)); 128 static int __ypmaptype __P((void)); 129 static int __pwparse __P((struct passwd *, char *)); 130 131 /* macros for deciding which YP maps to use. */ 132 #define PASSWD_BYNAME (__ypmaptype() == YPMAP_MASTER \ 133 ? "master.passwd.byname" : "passwd.byname") 134 #define PASSWD_BYUID (__ypmaptype() == YPMAP_MASTER \ 135 ? "master.passwd.byuid" : "passwd.byuid") 136 137 /* 138 * add a name to the compat mode exclude list 139 */ 140 static int 141 __pwexclude_add(name) 142 const char *name; 143 { 144 DBT key; 145 DBT data; 146 147 /* initialize the exclusion table if needed. */ 148 if(__pwexclude == (DB *)NULL) { 149 __pwexclude = dbopen(NULL, O_RDWR, 600, DB_HASH, NULL); 150 if(__pwexclude == (DB *)NULL) 151 return 1; 152 } 153 154 /* set up the key */ 155 key.size = strlen(name); 156 /* LINTED key does not get modified */ 157 key.data = (char *)name; 158 159 /* data is nothing. */ 160 data.data = NULL; 161 data.size = 0; 162 163 /* store it */ 164 if((__pwexclude->put)(__pwexclude, &key, &data, 0) == -1) 165 return 1; 166 167 return 0; 168 } 169 170 /* 171 * test if a name is on the compat mode exclude list 172 */ 173 static int 174 __pwexclude_is(name) 175 const char *name; 176 { 177 DBT key; 178 DBT data; 179 180 if(__pwexclude == (DB *)NULL) 181 return 0; /* nothing excluded */ 182 183 /* set up the key */ 184 key.size = strlen(name); 185 /* LINTED key does not get modified */ 186 key.data = (char *)name; 187 188 if((__pwexclude->get)(__pwexclude, &key, &data, 0) == 0) 189 return 1; /* excluded */ 190 191 return 0; 192 } 193 194 /* 195 * setup the compat mode prototype template 196 */ 197 static void 198 __pwproto_set() 199 { 200 char *ptr; 201 struct passwd *pw = &_pw_passwd; 202 203 /* make this the new prototype */ 204 ptr = (char *)(void *)prbuf; 205 206 /* first allocate the struct. */ 207 __pwproto = (struct passwd *)(void *)ptr; 208 ptr += sizeof(struct passwd); 209 210 /* name */ 211 if(pw->pw_name && (pw->pw_name)[0]) { 212 ptr = (char *)ALIGN((u_long)ptr); 213 memmove(ptr, pw->pw_name, strlen(pw->pw_name) + 1); 214 __pwproto->pw_name = ptr; 215 ptr += (strlen(pw->pw_name) + 1); 216 } else 217 __pwproto->pw_name = (char *)NULL; 218 219 /* password */ 220 if(pw->pw_passwd && (pw->pw_passwd)[0]) { 221 ptr = (char *)ALIGN((u_long)ptr); 222 memmove(ptr, pw->pw_passwd, strlen(pw->pw_passwd) + 1); 223 __pwproto->pw_passwd = ptr; 224 ptr += (strlen(pw->pw_passwd) + 1); 225 } else 226 __pwproto->pw_passwd = (char *)NULL; 227 228 /* uid */ 229 __pwproto->pw_uid = pw->pw_uid; 230 231 /* gid */ 232 __pwproto->pw_gid = pw->pw_gid; 233 234 /* change (ignored anyway) */ 235 __pwproto->pw_change = pw->pw_change; 236 237 /* class (ignored anyway) */ 238 __pwproto->pw_class = ""; 239 240 /* gecos */ 241 if(pw->pw_gecos && (pw->pw_gecos)[0]) { 242 ptr = (char *)ALIGN((u_long)ptr); 243 memmove(ptr, pw->pw_gecos, strlen(pw->pw_gecos) + 1); 244 __pwproto->pw_gecos = ptr; 245 ptr += (strlen(pw->pw_gecos) + 1); 246 } else 247 __pwproto->pw_gecos = (char *)NULL; 248 249 /* dir */ 250 if(pw->pw_dir && (pw->pw_dir)[0]) { 251 ptr = (char *)ALIGN((u_long)ptr); 252 memmove(ptr, pw->pw_dir, strlen(pw->pw_dir) + 1); 253 __pwproto->pw_dir = ptr; 254 ptr += (strlen(pw->pw_dir) + 1); 255 } else 256 __pwproto->pw_dir = (char *)NULL; 257 258 /* shell */ 259 if(pw->pw_shell && (pw->pw_shell)[0]) { 260 ptr = (char *)ALIGN((u_long)ptr); 261 memmove(ptr, pw->pw_shell, strlen(pw->pw_shell) + 1); 262 __pwproto->pw_shell = ptr; 263 ptr += (strlen(pw->pw_shell) + 1); 264 } else 265 __pwproto->pw_shell = (char *)NULL; 266 267 /* expire (ignored anyway) */ 268 __pwproto->pw_expire = pw->pw_expire; 269 270 /* flags */ 271 __pwproto_flags = _pw_flags; 272 } 273 274 static int 275 __ypmaptype() 276 { 277 static int maptype = -1; 278 int order, r; 279 280 if (maptype != -1) 281 return (maptype); 282 283 maptype = YPMAP_NONE; 284 if (geteuid() != 0) 285 return (maptype); 286 287 if (!__ypdomain) { 288 if( _yp_check(&__ypdomain) == 0) 289 return (maptype); 290 } 291 292 r = yp_order(__ypdomain, "master.passwd.byname", &order); 293 if (r == 0) { 294 maptype = YPMAP_MASTER; 295 return (maptype); 296 } 297 298 /* 299 * NIS+ in YP compat mode doesn't support 300 * YPPROC_ORDER -- no point in continuing. 301 */ 302 if (r == YPERR_YPERR) 303 return (maptype); 304 305 /* master.passwd doesn't exist -- try passwd.adjunct */ 306 if (r == YPERR_MAP) { 307 r = yp_order(__ypdomain, "passwd.adjunct.byname", &order); 308 if (r == 0) 309 maptype = YPMAP_ADJUNCT; 310 return (maptype); 311 } 312 313 return (maptype); 314 } 315 316 /* 317 * parse an old-style passwd file line (from NIS or HESIOD) 318 */ 319 static int 320 __pwparse(pw, s) 321 struct passwd *pw; 322 char *s; 323 { 324 static char adjunctpw[YPMAXRECORD + 2]; 325 int flags, maptype; 326 327 maptype = __ypmaptype(); 328 flags = _PASSWORD_NOWARN; 329 if (maptype != YPMAP_MASTER) 330 flags |= _PASSWORD_OLDFMT; 331 if (! __pw_scan(s, pw, &flags)) 332 return 1; 333 334 /* now let the prototype override, if set. */ 335 if(__pwproto != (struct passwd *)NULL) { 336 #ifdef PW_OVERRIDE_PASSWD 337 if(__pwproto->pw_passwd != (char *)NULL) 338 pw->pw_passwd = __pwproto->pw_passwd; 339 #endif 340 if(!(__pwproto_flags & _PASSWORD_NOUID)) 341 pw->pw_uid = __pwproto->pw_uid; 342 if(!(__pwproto_flags & _PASSWORD_NOGID)) 343 pw->pw_gid = __pwproto->pw_gid; 344 if(__pwproto->pw_gecos != (char *)NULL) 345 pw->pw_gecos = __pwproto->pw_gecos; 346 if(__pwproto->pw_dir != (char *)NULL) 347 pw->pw_dir = __pwproto->pw_dir; 348 if(__pwproto->pw_shell != (char *)NULL) 349 pw->pw_shell = __pwproto->pw_shell; 350 } 351 if ((maptype == YPMAP_ADJUNCT) && 352 (strstr(pw->pw_passwd, "##") != NULL)) { 353 char *data, *bp; 354 int datalen; 355 356 if (yp_match(__ypdomain, "passwd.adjunct.byname", pw->pw_name, 357 (int)strlen(pw->pw_name), &data, &datalen) == 0) { 358 if (datalen > sizeof(adjunctpw) - 1) 359 datalen = sizeof(adjunctpw) - 1; 360 strncpy(adjunctpw, data, (size_t)datalen); 361 362 /* skip name to get password */ 363 if ((bp = strsep(&data, ":")) != NULL && 364 (bp = strsep(&data, ":")) != NULL) 365 pw->pw_passwd = bp; 366 } 367 } 368 return 0; 369 } 370 #endif /* YP || HESIOD */ 371 372 /* 373 * local files implementation of getpw*() 374 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 375 */ 376 static int _local_getpw __P((void *, void *, va_list)); 377 378 /*ARGSUSED*/ 379 static int 380 _local_getpw(rv, cb_data, ap) 381 void *rv; 382 void *cb_data; 383 va_list ap; 384 { 385 DBT key; 386 char bf[/*CONSTCOND*/ MAX(MAXLOGNAME, sizeof(_pw_keynum)) + 1]; 387 uid_t uid; 388 int search, len, rval; 389 const char *name; 390 391 if (!_pw_db && !__initdb()) 392 return NS_UNAVAIL; 393 394 search = va_arg(ap, int); 395 bf[0] = search; 396 switch (search) { 397 case _PW_KEYBYNUM: 398 ++_pw_keynum; 399 memmove(bf + 1, &_pw_keynum, sizeof(_pw_keynum)); 400 key.size = sizeof(_pw_keynum) + 1; 401 break; 402 case _PW_KEYBYNAME: 403 name = va_arg(ap, const char *); 404 len = strlen(name); 405 memmove(bf + 1, name, (size_t)MIN(len, MAXLOGNAME)); 406 key.size = len + 1; 407 break; 408 case _PW_KEYBYUID: 409 uid = va_arg(ap, uid_t); 410 memmove(bf + 1, &uid, sizeof(len)); 411 key.size = sizeof(uid) + 1; 412 break; 413 default: 414 abort(); 415 } 416 417 key.data = (u_char *)bf; 418 rval = __hashpw(&key); 419 if (rval == NS_NOTFOUND && search == _PW_KEYBYNUM) { 420 _pw_none = 1; 421 rval = NS_SUCCESS; 422 } 423 424 if (!_pw_stayopen && (search != _PW_KEYBYNUM)) { 425 (void)(_pw_db->close)(_pw_db); 426 _pw_db = (DB *)NULL; 427 } 428 return (rval); 429 } 430 431 #ifdef HESIOD 432 /* 433 * hesiod implementation of getpw*() 434 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 435 */ 436 static int _dns_getpw __P((void *, void *, va_list)); 437 438 /*ARGSUSED*/ 439 static int 440 _dns_getpw(rv, cb_data, ap) 441 void *rv; 442 void *cb_data; 443 va_list ap; 444 { 445 const char *name; 446 uid_t uid; 447 int search; 448 449 char *map; 450 char **hp; 451 void *context; 452 int r; 453 454 search = va_arg(ap, int); 455 switch (search) { 456 case _PW_KEYBYNUM: 457 snprintf(line, sizeof(line) - 1, "passwd-%u", _pw_hesnum); 458 _pw_hesnum++; 459 map = "passwd"; 460 break; 461 case _PW_KEYBYNAME: 462 name = va_arg(ap, const char *); 463 strncpy(line, name, sizeof(line)); 464 map = "passwd"; 465 break; 466 case _PW_KEYBYUID: 467 uid = va_arg(ap, uid_t); 468 snprintf(line, sizeof(line), "%u", (unsigned int)uid); 469 map = "uid"; 470 break; 471 default: 472 abort(); 473 } 474 line[sizeof(line) - 1] = '\0'; 475 476 r = NS_UNAVAIL; 477 if (hesiod_init(&context) == -1) 478 return (r); 479 480 hp = hesiod_resolve(context, line, map); 481 if (hp == NULL) { 482 if (errno == ENOENT) { 483 if (search == _PW_KEYBYNUM) { 484 _pw_hesnum = 0; 485 _pw_none = 1; 486 r = NS_SUCCESS; 487 } else 488 r = NS_NOTFOUND; 489 } 490 goto cleanup_dns_getpw; 491 } 492 493 strncpy(line, hp[0], sizeof(line)); /* only check first elem */ 494 line[sizeof(line) - 1] = '\0'; 495 hesiod_free_list(context, hp); 496 if (__pwparse(&_pw_passwd, line)) 497 r = NS_UNAVAIL; 498 else 499 r = NS_SUCCESS; 500 cleanup_dns_getpw: 501 hesiod_end(context); 502 return (r); 503 } 504 #endif 505 506 #ifdef YP 507 /* 508 * nis implementation of getpw*() 509 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 510 */ 511 static int _nis_getpw __P((void *, void *, va_list)); 512 513 /*ARGSUSED*/ 514 static int 515 _nis_getpw(rv, cb_data, ap) 516 void *rv; 517 void *cb_data; 518 va_list ap; 519 { 520 const char *name; 521 uid_t uid; 522 int search; 523 char *key, *data; 524 char *map = PASSWD_BYNAME; 525 int keylen, datalen, r; 526 527 if(__ypdomain == NULL) { 528 if(_yp_check(&__ypdomain) == 0) 529 return NS_UNAVAIL; 530 } 531 532 search = va_arg(ap, int); 533 switch (search) { 534 case _PW_KEYBYNUM: 535 break; 536 case _PW_KEYBYNAME: 537 name = va_arg(ap, const char *); 538 strncpy(line, name, sizeof(line)); 539 break; 540 case _PW_KEYBYUID: 541 uid = va_arg(ap, uid_t); 542 snprintf(line, sizeof(line), "%u", (unsigned int)uid); 543 map = PASSWD_BYUID; 544 break; 545 default: 546 abort(); 547 } 548 line[sizeof(line) - 1] = '\0'; 549 if (search != _PW_KEYBYNUM) { 550 data = NULL; 551 r = yp_match(__ypdomain, map, line, (int)strlen(line), 552 &data, &datalen); 553 switch (r) { 554 case 0: 555 break; 556 case YPERR_KEY: 557 r = NS_NOTFOUND; 558 break; 559 default: 560 r = NS_UNAVAIL; 561 break; 562 } 563 if (r != 0) { 564 if (data) 565 free(data); 566 return r; 567 } 568 data[datalen] = '\0'; /* clear trailing \n */ 569 strncpy(line, data, sizeof(line)); 570 line[sizeof(line) - 1] = '\0'; 571 free(data); 572 if (__pwparse(&_pw_passwd, line)) 573 return NS_UNAVAIL; 574 return NS_SUCCESS; 575 } 576 577 for (;;) { 578 data = key = NULL; 579 if (__ypcurrent) { 580 r = yp_next(__ypdomain, map, 581 __ypcurrent, __ypcurrentlen, 582 &key, &keylen, &data, &datalen); 583 free(__ypcurrent); 584 switch (r) { 585 case 0: 586 __ypcurrent = key; 587 __ypcurrentlen = keylen; 588 break; 589 case YPERR_NOMORE: 590 __ypcurrent = NULL; 591 _pw_none = 1; 592 if (key) 593 free(key); 594 return NS_SUCCESS; 595 default: 596 r = NS_UNAVAIL; 597 break; 598 } 599 } else { 600 r = 0; 601 if (yp_first(__ypdomain, map, &__ypcurrent, 602 &__ypcurrentlen, &data, &datalen)) 603 r = NS_UNAVAIL; 604 } 605 if (r != 0) { 606 if (key) 607 free(key); 608 if (data) 609 free(data); 610 return r; 611 } 612 data[datalen] = '\0'; /* clear trailing \n */ 613 strncpy(line, data, sizeof(line)); 614 line[sizeof(line) - 1] = '\0'; 615 free(data); 616 if (! __pwparse(&_pw_passwd, line)) 617 return NS_SUCCESS; 618 } 619 /* NOTREACHED */ 620 } /* _nis_getpw */ 621 #endif 622 623 #if defined(YP) || defined(HESIOD) 624 /* 625 * See if the compat token is in the database. Only works if pwd_mkdb knows 626 * about the token. 627 */ 628 static int __has_compatpw __P((void)); 629 630 static int 631 __has_compatpw() 632 { 633 DBT key, data; 634 DBT pkey, pdata; 635 char bf[MAXLOGNAME]; 636 637 /*LINTED*/ 638 key.data = (u_char *)__yp_token; 639 key.size = strlen(__yp_token); 640 641 /* Pre-token database support. */ 642 bf[0] = _PW_KEYBYNAME; 643 bf[1] = '+'; 644 pkey.data = (u_char *)bf; 645 pkey.size = 2; 646 647 if ((_pw_db->get)(_pw_db, &key, &data, 0) 648 && (_pw_db->get)(_pw_db, &pkey, &pdata, 0)) 649 return 0; /* No compat token */ 650 return 1; 651 } 652 653 /* 654 * log an error if "files" or "compat" is specified in passwd_compat database 655 */ 656 static int _bad_getpw __P((void *, void *, va_list)); 657 658 /*ARGSUSED*/ 659 static int 660 _bad_getpw(rv, cb_data, ap) 661 void *rv; 662 void *cb_data; 663 va_list ap; 664 { 665 static int warned; 666 if (!warned) { 667 syslog(LOG_ERR, 668 "nsswitch.conf passwd_compat database can't use '%s'", 669 (char *)cb_data); 670 } 671 warned = 1; 672 return NS_UNAVAIL; 673 } 674 675 /* 676 * when a name lookup in compat mode is required (e.g., '+name', or a name in 677 * '+@netgroup'), look it up in the 'passwd_compat' nsswitch database. 678 * only Hesiod and NIS is supported - it doesn't make sense to lookup 679 * compat names from 'files' or 'compat'. 680 */ 681 static int __getpwcompat __P((int, uid_t, const char *)); 682 683 static int 684 __getpwcompat(type, uid, name) 685 int type; 686 uid_t uid; 687 const char *name; 688 { 689 static const ns_dtab dtab[] = { 690 NS_FILES_CB(_bad_getpw, "files") 691 NS_DNS_CB(_dns_getpw, NULL) 692 NS_NIS_CB(_nis_getpw, NULL) 693 NS_COMPAT_CB(_bad_getpw, "compat") 694 { 0 } 695 }; 696 static const ns_src defaultnis[] = { 697 { NSSRC_NIS, NS_SUCCESS }, 698 { 0 } 699 }; 700 701 switch (type) { 702 case _PW_KEYBYNUM: 703 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "getpwcompat", 704 defaultnis, type); 705 case _PW_KEYBYNAME: 706 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "getpwcompat", 707 defaultnis, type, name); 708 case _PW_KEYBYUID: 709 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "getpwcompat", 710 defaultnis, type, uid); 711 default: 712 abort(); 713 /*NOTREACHED*/ 714 } 715 } 716 717 /* 718 * compat implementation of getpwent() 719 * varargs (ignored): 720 * type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 721 */ 722 static int _compat_getpwent __P((void *, void *, va_list)); 723 724 /*ARGSUSED*/ 725 static int 726 _compat_getpwent(rv, cb_data, ap) 727 void *rv; 728 void *cb_data; 729 va_list ap; 730 { 731 DBT key; 732 char bf[sizeof(_pw_keynum) + 1]; 733 static char *name = NULL; 734 const char *user, *host, *dom; 735 int has_compatpw; 736 737 if (!_pw_db && !__initdb()) 738 return NS_UNAVAIL; 739 740 has_compatpw = __has_compatpw(); 741 742 again: 743 if (has_compatpw && (__pwmode != PWMODE_NONE)) { 744 int r; 745 746 switch (__pwmode) { 747 case PWMODE_FULL: 748 r = __getpwcompat(_PW_KEYBYNUM, 0, NULL); 749 if (r == NS_SUCCESS) 750 return r; 751 __pwmode = PWMODE_NONE; 752 break; 753 754 case PWMODE_NETGRP: 755 r = getnetgrent(&host, &user, &dom); 756 if (r == 0) { /* end of group */ 757 endnetgrent(); 758 __pwmode = PWMODE_NONE; 759 break; 760 } 761 if (!user || !*user) 762 break; 763 r = __getpwcompat(_PW_KEYBYNAME, 0, user); 764 if (r == NS_SUCCESS) 765 return r; 766 break; 767 768 case PWMODE_USER: 769 if (name == NULL) { 770 __pwmode = PWMODE_NONE; 771 break; 772 } 773 r = __getpwcompat(_PW_KEYBYNAME, 0, name); 774 free(name); 775 name = NULL; 776 if (r == NS_SUCCESS) 777 return r; 778 break; 779 780 case PWMODE_NONE: 781 abort(); 782 } 783 goto again; 784 } 785 786 ++_pw_keynum; 787 bf[0] = _PW_KEYBYNUM; 788 memmove(bf + 1, &_pw_keynum, sizeof(_pw_keynum)); 789 key.data = (u_char *)bf; 790 key.size = sizeof(_pw_keynum) + 1; 791 if(__hashpw(&key) == NS_SUCCESS) { 792 /* if we don't have YP at all, don't bother. */ 793 if (has_compatpw) { 794 if(_pw_passwd.pw_name[0] == '+') { 795 /* set the mode */ 796 switch(_pw_passwd.pw_name[1]) { 797 case '\0': 798 __pwmode = PWMODE_FULL; 799 break; 800 case '@': 801 __pwmode = PWMODE_NETGRP; 802 setnetgrent(_pw_passwd.pw_name + 2); 803 break; 804 default: 805 __pwmode = PWMODE_USER; 806 name = strdup(_pw_passwd.pw_name + 1); 807 break; 808 } 809 810 /* save the prototype */ 811 __pwproto_set(); 812 goto again; 813 } else if(_pw_passwd.pw_name[0] == '-') { 814 /* an attempted exclusion */ 815 switch(_pw_passwd.pw_name[1]) { 816 case '\0': 817 break; 818 case '@': 819 setnetgrent(_pw_passwd.pw_name + 2); 820 while(getnetgrent(&host, &user, &dom)) { 821 if(user && *user) 822 __pwexclude_add(user); 823 } 824 endnetgrent(); 825 break; 826 default: 827 __pwexclude_add(_pw_passwd.pw_name + 1); 828 break; 829 } 830 goto again; 831 } 832 } 833 return NS_SUCCESS; 834 } 835 return NS_NOTFOUND; 836 } 837 838 /* 839 * compat implementation of getpwnam() and getpwuid() 840 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 841 */ 842 static int _compat_getpw __P((void *, void *, va_list)); 843 844 static int 845 _compat_getpw(rv, cb_data, ap) 846 void *rv; 847 void *cb_data; 848 va_list ap; 849 { 850 DBT key; 851 int search, rval, r, s; 852 uid_t uid; 853 char bf[MAXLOGNAME + 1]; 854 const char *name, *host, *user, *dom; 855 856 if (!_pw_db && !__initdb()) 857 return NS_UNAVAIL; 858 859 /* 860 * If there isn't a compat token in the database, use files. 861 */ 862 if (! __has_compatpw()) 863 return (_local_getpw(rv, cb_data, ap)); 864 865 search = va_arg(ap, int); 866 uid = 0; 867 name = NULL; 868 rval = NS_NOTFOUND; 869 switch (search) { 870 case _PW_KEYBYNAME: 871 name = va_arg(ap, const char *); 872 break; 873 case _PW_KEYBYUID: 874 uid = va_arg(ap, uid_t); 875 break; 876 default: 877 abort(); 878 } 879 880 for(s = -1, _pw_keynum=1; _pw_keynum; _pw_keynum++) { 881 bf[0] = _PW_KEYBYNUM; 882 memmove(bf + 1, &_pw_keynum, sizeof(_pw_keynum)); 883 key.data = (u_char *)bf; 884 key.size = sizeof(_pw_keynum) + 1; 885 if(__hashpw(&key) != NS_SUCCESS) 886 break; 887 switch(_pw_passwd.pw_name[0]) { 888 case '+': 889 /* save the prototype */ 890 __pwproto_set(); 891 892 switch(_pw_passwd.pw_name[1]) { 893 case '\0': 894 r = __getpwcompat(search, uid, name); 895 if (r != NS_SUCCESS) 896 continue; 897 break; 898 case '@': 899 pwnam_netgrp: 900 if(__ypcurrent) { 901 free(__ypcurrent); 902 __ypcurrent = NULL; 903 } 904 if (s == -1) /* first time */ 905 setnetgrent(_pw_passwd.pw_name + 2); 906 s = getnetgrent(&host, &user, &dom); 907 if (s == 0) { /* end of group */ 908 endnetgrent(); 909 s = -1; 910 continue; 911 } 912 if (!user || !*user) 913 goto pwnam_netgrp; 914 915 r = __getpwcompat(_PW_KEYBYNAME, 0, user); 916 917 if (r == NS_UNAVAIL) 918 return r; 919 if (r == NS_NOTFOUND) { 920 /* 921 * just because this user is bad 922 * it doesn't mean they all are. 923 */ 924 goto pwnam_netgrp; 925 } 926 break; 927 default: 928 user = _pw_passwd.pw_name + 1; 929 r = __getpwcompat(_PW_KEYBYNAME, 0, user); 930 931 if (r == NS_UNAVAIL) 932 return r; 933 if (r == NS_NOTFOUND) 934 continue; 935 break; 936 } 937 if(__pwexclude_is(_pw_passwd.pw_name)) { 938 if(s == 1) /* inside netgroup */ 939 goto pwnam_netgrp; 940 continue; 941 } 942 break; 943 case '-': 944 /* attempted exclusion */ 945 switch(_pw_passwd.pw_name[1]) { 946 case '\0': 947 break; 948 case '@': 949 setnetgrent(_pw_passwd.pw_name + 2); 950 while(getnetgrent(&host, &user, &dom)) { 951 if(user && *user) 952 __pwexclude_add(user); 953 } 954 endnetgrent(); 955 break; 956 default: 957 __pwexclude_add(_pw_passwd.pw_name + 1); 958 break; 959 } 960 break; 961 } 962 if ((search == _PW_KEYBYNAME && 963 strcmp(_pw_passwd.pw_name, name) == 0) 964 || (search == _PW_KEYBYUID && _pw_passwd.pw_uid == uid)) { 965 rval = NS_SUCCESS; 966 break; 967 } 968 if(s == 1) /* inside netgroup */ 969 goto pwnam_netgrp; 970 continue; 971 } 972 __pwproto = (struct passwd *)NULL; 973 974 if (!_pw_stayopen) { 975 (void)(_pw_db->close)(_pw_db); 976 _pw_db = (DB *)NULL; 977 } 978 if(__pwexclude != (DB *)NULL) { 979 (void)(__pwexclude->close)(__pwexclude); 980 __pwexclude = (DB *)NULL; 981 } 982 return rval; 983 } 984 #endif /* YP || HESIOD */ 985 986 struct passwd * 987 getpwent() 988 { 989 int r; 990 static const ns_dtab dtab[] = { 991 NS_FILES_CB(_local_getpw, NULL) 992 NS_DNS_CB(_dns_getpw, NULL) 993 NS_NIS_CB(_nis_getpw, NULL) 994 NS_COMPAT_CB(_compat_getpwent, NULL) 995 { 0 } 996 }; 997 998 _pw_none = 0; 999 r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwent", compatsrc, 1000 _PW_KEYBYNUM); 1001 if (_pw_none || r != NS_SUCCESS) 1002 return (struct passwd *)NULL; 1003 return &_pw_passwd; 1004 } 1005 1006 struct passwd * 1007 getpwnam(name) 1008 const char *name; 1009 { 1010 int r; 1011 static const ns_dtab dtab[] = { 1012 NS_FILES_CB(_local_getpw, NULL) 1013 NS_DNS_CB(_dns_getpw, NULL) 1014 NS_NIS_CB(_nis_getpw, NULL) 1015 NS_COMPAT_CB(_compat_getpw, NULL) 1016 { 0 } 1017 }; 1018 1019 if (name == NULL || name[0] == '\0') 1020 return (struct passwd *)NULL; 1021 1022 r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwnam", compatsrc, 1023 _PW_KEYBYNAME, name); 1024 return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL); 1025 } 1026 1027 struct passwd * 1028 getpwuid(uid) 1029 uid_t uid; 1030 { 1031 int r; 1032 static const ns_dtab dtab[] = { 1033 NS_FILES_CB(_local_getpw, NULL) 1034 NS_DNS_CB(_dns_getpw, NULL) 1035 NS_NIS_CB(_nis_getpw, NULL) 1036 NS_COMPAT_CB(_compat_getpw, NULL) 1037 { 0 } 1038 }; 1039 1040 r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwuid", compatsrc, 1041 _PW_KEYBYUID, uid); 1042 return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL); 1043 } 1044 1045 int 1046 setpassent(stayopen) 1047 int stayopen; 1048 { 1049 _pw_keynum = 0; 1050 _pw_stayopen = stayopen; 1051 #ifdef YP 1052 __pwmode = PWMODE_NONE; 1053 if(__ypcurrent) 1054 free(__ypcurrent); 1055 __ypcurrent = NULL; 1056 #endif 1057 #ifdef HESIOD 1058 _pw_hesnum = 0; 1059 #endif 1060 #if defined(YP) || defined(HESIOD) 1061 if(__pwexclude != (DB *)NULL) { 1062 (void)(__pwexclude->close)(__pwexclude); 1063 __pwexclude = (DB *)NULL; 1064 } 1065 __pwproto = (struct passwd *)NULL; 1066 #endif 1067 return 1; 1068 } 1069 1070 void 1071 setpwent() 1072 { 1073 (void) setpassent(0); 1074 } 1075 1076 void 1077 endpwent() 1078 { 1079 _pw_keynum = 0; 1080 if (_pw_db) { 1081 (void)(_pw_db->close)(_pw_db); 1082 _pw_db = (DB *)NULL; 1083 } 1084 #if defined(YP) || defined(HESIOD) 1085 __pwmode = PWMODE_NONE; 1086 #endif 1087 #ifdef YP 1088 if(__ypcurrent) 1089 free(__ypcurrent); 1090 __ypcurrent = NULL; 1091 #endif 1092 #ifdef HESIOD 1093 _pw_hesnum = 0; 1094 #endif 1095 #if defined(YP) || defined(HESIOD) 1096 if(__pwexclude != (DB *)NULL) { 1097 (void)(__pwexclude->close)(__pwexclude); 1098 __pwexclude = (DB *)NULL; 1099 } 1100 __pwproto = (struct passwd *)NULL; 1101 #endif 1102 } 1103 1104 static int 1105 __initdb() 1106 { 1107 static int warned; 1108 char *p; 1109 1110 #if defined(YP) || defined(HESIOD) 1111 __pwmode = PWMODE_NONE; 1112 #endif 1113 if (geteuid() == 0) { 1114 _pw_db = dbopen((p = _PATH_SMP_DB), O_RDONLY, 0, DB_HASH, NULL); 1115 if (_pw_db) 1116 return(1); 1117 } 1118 _pw_db = dbopen((p = _PATH_MP_DB), O_RDONLY, 0, DB_HASH, NULL); 1119 if (_pw_db) 1120 return 1; 1121 if (!warned) 1122 syslog(LOG_ERR, "%s: %m", p); 1123 warned = 1; 1124 return 0; 1125 } 1126 1127 static int 1128 __hashpw(key) 1129 DBT *key; 1130 { 1131 char *p, *t; 1132 static u_int max; 1133 static char *buf; 1134 DBT data; 1135 1136 switch ((_pw_db->get)(_pw_db, key, &data, 0)) { 1137 case 0: 1138 break; /* found */ 1139 case 1: 1140 return NS_NOTFOUND; 1141 case -1: 1142 return NS_UNAVAIL; /* error in db routines */ 1143 default: 1144 abort(); 1145 } 1146 1147 p = (char *)data.data; 1148 if (data.size > max && !(buf = realloc(buf, (max += 1024)))) 1149 return NS_UNAVAIL; 1150 1151 /* THIS CODE MUST MATCH THAT IN pwd_mkdb. */ 1152 t = buf; 1153 #define EXPAND(e) e = t; while ((*t++ = *p++)); 1154 #define SCALAR(v) memmove(&(v), p, sizeof v); p += sizeof v 1155 EXPAND(_pw_passwd.pw_name); 1156 EXPAND(_pw_passwd.pw_passwd); 1157 SCALAR(_pw_passwd.pw_uid); 1158 SCALAR(_pw_passwd.pw_gid); 1159 SCALAR(_pw_passwd.pw_change); 1160 EXPAND(_pw_passwd.pw_class); 1161 EXPAND(_pw_passwd.pw_gecos); 1162 EXPAND(_pw_passwd.pw_dir); 1163 EXPAND(_pw_passwd.pw_shell); 1164 SCALAR(_pw_passwd.pw_expire); 1165 1166 /* See if there's any data left. If so, read in flags. */ 1167 if (data.size > (p - (char *)data.data)) { 1168 SCALAR(_pw_flags); 1169 } else 1170 _pw_flags = _PASSWORD_NOUID|_PASSWORD_NOGID; /* default */ 1171 1172 return NS_SUCCESS; 1173 } 1174
Indexes created Fri Sep 26 08:10:20 GMT 2025