getpwent.c revision 1.43
1 /* $NetBSD: getpwent.c,v 1.43 1999/04/26 04:01:32 lukem Exp $ */ 2 3 /* 4 * Copyright (c) 1988, 1993 5 * The Regents of the University of California. All rights reserved. 6 * Portions Copyright (c) 1994, 1995, Jason Downs. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. All advertising materials mentioning features or use of this software 17 * must display the following acknowledgement: 18 * This product includes software developed by the University of 19 * California, Berkeley and its contributors. 20 * 4. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 */ 36 37 #include <sys/cdefs.h> 38 #if defined(LIBC_SCCS) && !defined(lint) 39 #if 0 40 static char sccsid[] = "@(#)getpwent.c 8.2 (Berkeley) 4/27/95"; 41 #else 42 __RCSID("$NetBSD: getpwent.c,v 1.43 1999/04/26 04:01:32 lukem Exp $"); 43 #endif 44 #endif /* LIBC_SCCS and not lint */ 45 46 #include "namespace.h" 47 #include <sys/param.h> 48 #include <fcntl.h> 49 #include <db.h> 50 #include <syslog.h> 51 #include <pwd.h> 52 #include <utmp.h> 53 #include <errno.h> 54 #include <unistd.h> 55 #include <stdlib.h> 56 #include <string.h> 57 #include <limits.h> 58 #include <netgroup.h> 59 #include <nsswitch.h> 60 #ifdef HESIOD 61 #include <hesiod.h> 62 #endif 63 #ifdef YP 64 #include <machine/param.h> 65 #include <stdio.h> 66 #include <rpc/rpc.h> 67 #include <rpcsvc/yp_prot.h> 68 #include <rpcsvc/ypclnt.h> 69 #endif 70 71 #ifdef __STDC__ 72 #include <stdarg.h> 73 #else 74 #include <varargs.h> 75 #endif 76 77 #include "pw_private.h" 78 79 #if defined(YP) || defined(HESIOD) 80 #define _PASSWD_COMPAT 81 #endif 82 83 #ifdef __weak_alias 84 __weak_alias(endpwent,_endpwent); 85 __weak_alias(getpwent,_getpwent); 86 __weak_alias(getpwnam,_getpwnam); 87 __weak_alias(getpwuid,_getpwuid); 88 __weak_alias(setpassent,_setpassent); 89 __weak_alias(setpwent,_setpwent); 90 #endif 91 92 93 /* 94 * The lookup techniques and data extraction code here must be kept 95 * in sync with that in `pwd_mkdb'. 96 */ 97 98 static struct passwd _pw_passwd; /* password structure */ 99 static DB *_pw_db; /* password database */ 100 static int _pw_keynum; /* key counter. no more records if -1 */ 101 static int _pw_stayopen; /* keep fd's open */ 102 static int _pw_flags; /* password flags */ 103 104 static int __hashpw __P((DBT *)); 105 static int __initdb __P((void)); 106 107 const char __yp_token[] = "__YP!"; /* Let pwd_mkdb pull this in. */ 108 static const ns_src compatsrc[] = { 109 { NSSRC_COMPAT, NS_SUCCESS }, 110 { 0 } 111 }; 112 113 #ifdef YP 114 static char *__ypcurrent, *__ypdomain; 115 static int __ypcurrentlen; 116 static int _pw_ypdone; /* non-zero if no more yp records */ 117 #endif 118 119 #ifdef HESIOD 120 static int _pw_hesnum; /* hes counter. no more records if -1 */ 121 #endif 122 123 #ifdef _PASSWD_COMPAT 124 enum _pwmode { PWMODE_NONE, PWMODE_FULL, PWMODE_USER, PWMODE_NETGRP }; 125 static enum _pwmode __pwmode; 126 127 enum _ypmap { YPMAP_NONE, YPMAP_ADJUNCT, YPMAP_MASTER }; 128 129 static struct passwd *__pwproto = (struct passwd *)NULL; 130 static int __pwproto_flags; 131 static char line[1024]; 132 static long prbuf[1024 / sizeof(long)]; 133 static DB *__pwexclude = (DB *)NULL; 134 135 static int __pwexclude_add __P((const char *)); 136 static int __pwexclude_is __P((const char *)); 137 static void __pwproto_set __P((void)); 138 static int __ypmaptype __P((void)); 139 static int __pwparse __P((struct passwd *, char *)); 140 141 /* macros for deciding which YP maps to use. */ 142 #define PASSWD_BYNAME (__ypmaptype() == YPMAP_MASTER \ 143 ? "master.passwd.byname" : "passwd.byname") 144 #define PASSWD_BYUID (__ypmaptype() == YPMAP_MASTER \ 145 ? "master.passwd.byuid" : "passwd.byuid") 146 147 /* 148 * add a name to the compat mode exclude list 149 */ 150 static int 151 __pwexclude_add(name) 152 const char *name; 153 { 154 DBT key; 155 DBT data; 156 157 /* initialize the exclusion table if needed. */ 158 if(__pwexclude == (DB *)NULL) { 159 __pwexclude = dbopen(NULL, O_RDWR, 600, DB_HASH, NULL); 160 if(__pwexclude == (DB *)NULL) 161 return 1; 162 } 163 164 /* set up the key */ 165 key.size = strlen(name); 166 /* LINTED key does not get modified */ 167 key.data = (char *)name; 168 169 /* data is nothing. */ 170 data.data = NULL; 171 data.size = 0; 172 173 /* store it */ 174 if((__pwexclude->put)(__pwexclude, &key, &data, 0) == -1) 175 return 1; 176 177 return 0; 178 } 179 180 /* 181 * test if a name is on the compat mode exclude list 182 */ 183 static int 184 __pwexclude_is(name) 185 const char *name; 186 { 187 DBT key; 188 DBT data; 189 190 if(__pwexclude == (DB *)NULL) 191 return 0; /* nothing excluded */ 192 193 /* set up the key */ 194 key.size = strlen(name); 195 /* LINTED key does not get modified */ 196 key.data = (char *)name; 197 198 if((__pwexclude->get)(__pwexclude, &key, &data, 0) == 0) 199 return 1; /* excluded */ 200 201 return 0; 202 } 203 204 /* 205 * setup the compat mode prototype template 206 */ 207 static void 208 __pwproto_set() 209 { 210 char *ptr; 211 struct passwd *pw = &_pw_passwd; 212 213 /* make this the new prototype */ 214 ptr = (char *)(void *)prbuf; 215 216 /* first allocate the struct. */ 217 __pwproto = (struct passwd *)(void *)ptr; 218 ptr += sizeof(struct passwd); 219 220 /* name */ 221 if(pw->pw_name && (pw->pw_name)[0]) { 222 ptr = (char *)ALIGN((u_long)ptr); 223 memmove(ptr, pw->pw_name, strlen(pw->pw_name) + 1); 224 __pwproto->pw_name = ptr; 225 ptr += (strlen(pw->pw_name) + 1); 226 } else 227 __pwproto->pw_name = (char *)NULL; 228 229 /* password */ 230 if(pw->pw_passwd && (pw->pw_passwd)[0]) { 231 ptr = (char *)ALIGN((u_long)ptr); 232 memmove(ptr, pw->pw_passwd, strlen(pw->pw_passwd) + 1); 233 __pwproto->pw_passwd = ptr; 234 ptr += (strlen(pw->pw_passwd) + 1); 235 } else 236 __pwproto->pw_passwd = (char *)NULL; 237 238 /* uid */ 239 __pwproto->pw_uid = pw->pw_uid; 240 241 /* gid */ 242 __pwproto->pw_gid = pw->pw_gid; 243 244 /* change (ignored anyway) */ 245 __pwproto->pw_change = pw->pw_change; 246 247 /* class (ignored anyway) */ 248 __pwproto->pw_class = ""; 249 250 /* gecos */ 251 if(pw->pw_gecos && (pw->pw_gecos)[0]) { 252 ptr = (char *)ALIGN((u_long)ptr); 253 memmove(ptr, pw->pw_gecos, strlen(pw->pw_gecos) + 1); 254 __pwproto->pw_gecos = ptr; 255 ptr += (strlen(pw->pw_gecos) + 1); 256 } else 257 __pwproto->pw_gecos = (char *)NULL; 258 259 /* dir */ 260 if(pw->pw_dir && (pw->pw_dir)[0]) { 261 ptr = (char *)ALIGN((u_long)ptr); 262 memmove(ptr, pw->pw_dir, strlen(pw->pw_dir) + 1); 263 __pwproto->pw_dir = ptr; 264 ptr += (strlen(pw->pw_dir) + 1); 265 } else 266 __pwproto->pw_dir = (char *)NULL; 267 268 /* shell */ 269 if(pw->pw_shell && (pw->pw_shell)[0]) { 270 ptr = (char *)ALIGN((u_long)ptr); 271 memmove(ptr, pw->pw_shell, strlen(pw->pw_shell) + 1); 272 __pwproto->pw_shell = ptr; 273 ptr += (strlen(pw->pw_shell) + 1); 274 } else 275 __pwproto->pw_shell = (char *)NULL; 276 277 /* expire (ignored anyway) */ 278 __pwproto->pw_expire = pw->pw_expire; 279 280 /* flags */ 281 __pwproto_flags = _pw_flags; 282 } 283 284 static int 285 __ypmaptype() 286 { 287 static int maptype = -1; 288 int order, r; 289 290 if (maptype != -1) 291 return (maptype); 292 293 maptype = YPMAP_NONE; 294 if (geteuid() != 0) 295 return (maptype); 296 297 if (!__ypdomain) { 298 if( _yp_check(&__ypdomain) == 0) 299 return (maptype); 300 } 301 302 r = yp_order(__ypdomain, "master.passwd.byname", &order); 303 if (r == 0) { 304 maptype = YPMAP_MASTER; 305 return (maptype); 306 } 307 308 /* 309 * NIS+ in YP compat mode doesn't support 310 * YPPROC_ORDER -- no point in continuing. 311 */ 312 if (r == YPERR_YPERR) 313 return (maptype); 314 315 /* master.passwd doesn't exist -- try passwd.adjunct */ 316 if (r == YPERR_MAP) { 317 r = yp_order(__ypdomain, "passwd.adjunct.byname", &order); 318 if (r == 0) 319 maptype = YPMAP_ADJUNCT; 320 return (maptype); 321 } 322 323 return (maptype); 324 } 325 326 /* 327 * parse a passwd file line (from NIS or HESIOD). 328 * assumed to be `old-style' if maptype != YPMAP_MASTER. 329 */ 330 static int 331 __pwparse(pw, s) 332 struct passwd *pw; 333 char *s; 334 { 335 static char adjunctpw[YPMAXRECORD + 2]; 336 int flags, maptype; 337 338 maptype = __ypmaptype(); 339 flags = _PASSWORD_NOWARN; 340 if (maptype != YPMAP_MASTER) 341 flags |= _PASSWORD_OLDFMT; 342 if (! __pw_scan(s, pw, &flags)) 343 return 1; 344 345 /* now let the prototype override, if set. */ 346 if(__pwproto != (struct passwd *)NULL) { 347 #ifdef PW_OVERRIDE_PASSWD 348 if(__pwproto->pw_passwd != (char *)NULL) 349 pw->pw_passwd = __pwproto->pw_passwd; 350 #endif 351 if(!(__pwproto_flags & _PASSWORD_NOUID)) 352 pw->pw_uid = __pwproto->pw_uid; 353 if(!(__pwproto_flags & _PASSWORD_NOGID)) 354 pw->pw_gid = __pwproto->pw_gid; 355 if(__pwproto->pw_gecos != (char *)NULL) 356 pw->pw_gecos = __pwproto->pw_gecos; 357 if(__pwproto->pw_dir != (char *)NULL) 358 pw->pw_dir = __pwproto->pw_dir; 359 if(__pwproto->pw_shell != (char *)NULL) 360 pw->pw_shell = __pwproto->pw_shell; 361 } 362 if ((maptype == YPMAP_ADJUNCT) && 363 (strstr(pw->pw_passwd, "##") != NULL)) { 364 char *data, *bp; 365 int datalen; 366 367 if (yp_match(__ypdomain, "passwd.adjunct.byname", pw->pw_name, 368 (int)strlen(pw->pw_name), &data, &datalen) == 0) { 369 if (datalen > sizeof(adjunctpw) - 1) 370 datalen = sizeof(adjunctpw) - 1; 371 strncpy(adjunctpw, data, (size_t)datalen); 372 373 /* skip name to get password */ 374 if ((bp = strsep(&data, ":")) != NULL && 375 (bp = strsep(&data, ":")) != NULL) 376 pw->pw_passwd = bp; 377 } 378 } 379 return 0; 380 } 381 #endif /* _PASSWD_COMPAT */ 382 383 /* 384 * local files implementation of getpw*() 385 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 386 */ 387 static int _local_getpw __P((void *, void *, va_list)); 388 389 /*ARGSUSED*/ 390 static int 391 _local_getpw(rv, cb_data, ap) 392 void *rv; 393 void *cb_data; 394 va_list ap; 395 { 396 DBT key; 397 char bf[/*CONSTCOND*/ MAX(MAXLOGNAME, sizeof(_pw_keynum)) + 1]; 398 uid_t uid; 399 int search, len, rval; 400 const char *name; 401 402 if (!_pw_db && !__initdb()) 403 return NS_UNAVAIL; 404 405 search = va_arg(ap, int); 406 bf[0] = search; 407 switch (search) { 408 case _PW_KEYBYNUM: 409 if (_pw_keynum == -1) 410 return NS_NOTFOUND; /* no more local records */ 411 ++_pw_keynum; 412 memmove(bf + 1, &_pw_keynum, sizeof(_pw_keynum)); 413 key.size = sizeof(_pw_keynum) + 1; 414 break; 415 case _PW_KEYBYNAME: 416 name = va_arg(ap, const char *); 417 len = strlen(name); 418 memmove(bf + 1, name, (size_t)MIN(len, MAXLOGNAME)); 419 key.size = len + 1; 420 break; 421 case _PW_KEYBYUID: 422 uid = va_arg(ap, uid_t); 423 memmove(bf + 1, &uid, sizeof(len)); 424 key.size = sizeof(uid) + 1; 425 break; 426 default: 427 abort(); 428 } 429 430 key.data = (u_char *)bf; 431 rval = __hashpw(&key); 432 if (rval == NS_NOTFOUND && search == _PW_KEYBYNUM) 433 _pw_keynum = -1; /* flag `no more local records' */ 434 435 if (!_pw_stayopen && (search != _PW_KEYBYNUM)) { 436 (void)(_pw_db->close)(_pw_db); 437 _pw_db = (DB *)NULL; 438 } 439 return (rval); 440 } 441 442 #ifdef HESIOD 443 /* 444 * hesiod implementation of getpw*() 445 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 446 */ 447 static int _dns_getpw __P((void *, void *, va_list)); 448 449 /*ARGSUSED*/ 450 static int 451 _dns_getpw(rv, cb_data, ap) 452 void *rv; 453 void *cb_data; 454 va_list ap; 455 { 456 const char *name; 457 uid_t uid; 458 int search; 459 460 const char *map; 461 char **hp; 462 void *context; 463 int r; 464 465 search = va_arg(ap, int); 466 nextdnsbynum: 467 switch (search) { 468 case _PW_KEYBYNUM: 469 if (_pw_hesnum == -1) 470 return NS_NOTFOUND; /* no more hesiod records */ 471 snprintf(line, sizeof(line) - 1, "passwd-%u", _pw_hesnum); 472 _pw_hesnum++; 473 map = "passwd"; 474 break; 475 case _PW_KEYBYNAME: 476 name = va_arg(ap, const char *); 477 strncpy(line, name, sizeof(line)); 478 map = "passwd"; 479 break; 480 case _PW_KEYBYUID: 481 uid = va_arg(ap, uid_t); 482 snprintf(line, sizeof(line), "%u", (unsigned int)uid); 483 map = "uid"; /* XXX this is `passwd' on ultrix */ 484 break; 485 default: 486 abort(); 487 } 488 line[sizeof(line) - 1] = '\0'; 489 490 r = NS_UNAVAIL; 491 if (hesiod_init(&context) == -1) 492 return (r); 493 494 hp = hesiod_resolve(context, line, map); 495 if (hp == NULL) { 496 if (errno == ENOENT) { 497 /* flag `no more hesiod records' */ 498 if (search == _PW_KEYBYNUM) 499 _pw_hesnum = -1; 500 r = NS_NOTFOUND; 501 } 502 goto cleanup_dns_getpw; 503 } 504 505 strncpy(line, hp[0], sizeof(line)); /* only check first elem */ 506 line[sizeof(line) - 1] = '\0'; 507 hesiod_free_list(context, hp); 508 if (__pwparse(&_pw_passwd, line)) { 509 if (search == _PW_KEYBYNUM) 510 goto nextdnsbynum; /* skip dogdy entries */ 511 r = NS_UNAVAIL; 512 } else 513 r = NS_SUCCESS; 514 cleanup_dns_getpw: 515 hesiod_end(context); 516 return (r); 517 } 518 #endif 519 520 #ifdef YP 521 /* 522 * nis implementation of getpw*() 523 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 524 */ 525 static int _nis_getpw __P((void *, void *, va_list)); 526 527 /*ARGSUSED*/ 528 static int 529 _nis_getpw(rv, cb_data, ap) 530 void *rv; 531 void *cb_data; 532 va_list ap; 533 { 534 const char *name; 535 uid_t uid; 536 int search; 537 char *key, *data; 538 const char *map; 539 int keylen, datalen, r, rval; 540 541 if(__ypdomain == NULL) { 542 if(_yp_check(&__ypdomain) == 0) 543 return NS_UNAVAIL; 544 } 545 546 map = PASSWD_BYNAME; 547 search = va_arg(ap, int); 548 switch (search) { 549 case _PW_KEYBYNUM: 550 break; 551 case _PW_KEYBYNAME: 552 name = va_arg(ap, const char *); 553 strncpy(line, name, sizeof(line)); 554 break; 555 case _PW_KEYBYUID: 556 uid = va_arg(ap, uid_t); 557 snprintf(line, sizeof(line), "%u", (unsigned int)uid); 558 map = PASSWD_BYUID; 559 break; 560 default: 561 abort(); 562 } 563 line[sizeof(line) - 1] = '\0'; 564 rval = NS_UNAVAIL; 565 if (search != _PW_KEYBYNUM) { 566 data = NULL; 567 r = yp_match(__ypdomain, map, line, (int)strlen(line), 568 &data, &datalen); 569 if (r == YPERR_KEY) 570 rval = NS_NOTFOUND; 571 if (r != 0) { 572 if (data) 573 free(data); 574 return (rval); 575 } 576 data[datalen] = '\0'; /* clear trailing \n */ 577 strncpy(line, data, sizeof(line)); 578 line[sizeof(line) - 1] = '\0'; 579 free(data); 580 if (__pwparse(&_pw_passwd, line)) 581 return NS_UNAVAIL; 582 return NS_SUCCESS; 583 } 584 585 if (_pw_ypdone) 586 return NS_NOTFOUND; 587 for (;;) { 588 data = key = NULL; 589 if (__ypcurrent) { 590 r = yp_next(__ypdomain, map, 591 __ypcurrent, __ypcurrentlen, 592 &key, &keylen, &data, &datalen); 593 free(__ypcurrent); 594 switch (r) { 595 case 0: 596 __ypcurrent = key; 597 __ypcurrentlen = keylen; 598 break; 599 case YPERR_NOMORE: 600 __ypcurrent = NULL; 601 /* flag `no more yp records' */ 602 _pw_ypdone = 1; 603 rval = NS_NOTFOUND; 604 } 605 } else { 606 r = yp_first(__ypdomain, map, &__ypcurrent, 607 &__ypcurrentlen, &data, &datalen); 608 } 609 if (r != 0) { 610 if (key) 611 free(key); 612 if (data) 613 free(data); 614 return (rval); 615 } 616 data[datalen] = '\0'; /* clear trailing \n */ 617 strncpy(line, data, sizeof(line)); 618 line[sizeof(line) - 1] = '\0'; 619 free(data); 620 if (! __pwparse(&_pw_passwd, line)) 621 return NS_SUCCESS; 622 } 623 /* NOTREACHED */ 624 } /* _nis_getpw */ 625 #endif 626 627 #ifdef _PASSWD_COMPAT 628 /* 629 * See if the compat token is in the database. Only works if pwd_mkdb knows 630 * about the token. 631 */ 632 static int __has_compatpw __P((void)); 633 634 static int 635 __has_compatpw() 636 { 637 DBT key, data; 638 DBT pkey, pdata; 639 char bf[MAXLOGNAME]; 640 641 /*LINTED*/ 642 key.data = (u_char *)__yp_token; 643 key.size = strlen(__yp_token); 644 645 /* Pre-token database support. */ 646 bf[0] = _PW_KEYBYNAME; 647 bf[1] = '+'; 648 pkey.data = (u_char *)bf; 649 pkey.size = 2; 650 651 if ((_pw_db->get)(_pw_db, &key, &data, 0) 652 && (_pw_db->get)(_pw_db, &pkey, &pdata, 0)) 653 return 0; /* No compat token */ 654 return 1; 655 } 656 657 /* 658 * log an error if "files" or "compat" is specified in passwd_compat database 659 */ 660 static int _bad_getpw __P((void *, void *, va_list)); 661 662 /*ARGSUSED*/ 663 static int 664 _bad_getpw(rv, cb_data, ap) 665 void *rv; 666 void *cb_data; 667 va_list ap; 668 { 669 static int warned; 670 if (!warned) { 671 syslog(LOG_ERR, 672 "nsswitch.conf passwd_compat database can't use '%s'", 673 (char *)cb_data); 674 } 675 warned = 1; 676 return NS_UNAVAIL; 677 } 678 679 /* 680 * when a name lookup in compat mode is required (e.g., '+name', or a name in 681 * '+@netgroup'), look it up in the 'passwd_compat' nsswitch database. 682 * only Hesiod and NIS is supported - it doesn't make sense to lookup 683 * compat names from 'files' or 'compat'. 684 */ 685 static int __getpwcompat __P((int, uid_t, const char *)); 686 687 static int 688 __getpwcompat(type, uid, name) 689 int type; 690 uid_t uid; 691 const char *name; 692 { 693 static const ns_dtab dtab[] = { 694 NS_FILES_CB(_bad_getpw, "files") 695 NS_DNS_CB(_dns_getpw, NULL) 696 NS_NIS_CB(_nis_getpw, NULL) 697 NS_COMPAT_CB(_bad_getpw, "compat") 698 { 0 } 699 }; 700 static const ns_src defaultnis[] = { 701 { NSSRC_NIS, NS_SUCCESS }, 702 { 0 } 703 }; 704 705 switch (type) { 706 case _PW_KEYBYNUM: 707 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "getpwcompat", 708 defaultnis, type); 709 case _PW_KEYBYNAME: 710 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "getpwcompat", 711 defaultnis, type, name); 712 case _PW_KEYBYUID: 713 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "getpwcompat", 714 defaultnis, type, uid); 715 default: 716 abort(); 717 /*NOTREACHED*/ 718 } 719 } 720 #endif /* _PASSWD_COMPAT */ 721 722 /* 723 * compat implementation of getpwent() 724 * varargs (ignored): 725 * type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 726 */ 727 static int _compat_getpwent __P((void *, void *, va_list)); 728 729 /*ARGSUSED*/ 730 static int 731 _compat_getpwent(rv, cb_data, ap) 732 void *rv; 733 void *cb_data; 734 va_list ap; 735 { 736 DBT key; 737 char bf[sizeof(_pw_keynum) + 1]; 738 #ifdef _PASSWD_COMPAT 739 static char *name = NULL; 740 const char *user, *host, *dom; 741 int has_compatpw, rval; 742 #endif 743 744 if (!_pw_db && !__initdb()) 745 return NS_UNAVAIL; 746 747 #ifdef _PASSWD_COMPAT 748 has_compatpw = __has_compatpw(); 749 750 again: 751 if (has_compatpw && (__pwmode != PWMODE_NONE)) { 752 int r; 753 754 switch (__pwmode) { 755 case PWMODE_FULL: 756 r = __getpwcompat(_PW_KEYBYNUM, 0, NULL); 757 if (r == NS_SUCCESS) 758 return r; 759 __pwmode = PWMODE_NONE; 760 break; 761 762 case PWMODE_NETGRP: 763 r = getnetgrent(&host, &user, &dom); 764 if (r == 0) { /* end of group */ 765 endnetgrent(); 766 __pwmode = PWMODE_NONE; 767 break; 768 } 769 if (!user || !*user) 770 break; 771 r = __getpwcompat(_PW_KEYBYNAME, 0, user); 772 if (r == NS_SUCCESS) 773 return r; 774 break; 775 776 case PWMODE_USER: 777 if (name == NULL) { 778 __pwmode = PWMODE_NONE; 779 break; 780 } 781 r = __getpwcompat(_PW_KEYBYNAME, 0, name); 782 free(name); 783 name = NULL; 784 if (r == NS_SUCCESS) 785 return r; 786 break; 787 788 case PWMODE_NONE: 789 abort(); 790 } 791 goto again; 792 } 793 #endif 794 795 if (_pw_keynum == -1) 796 return NS_NOTFOUND; /* no more local records */ 797 ++_pw_keynum; 798 bf[0] = _PW_KEYBYNUM; 799 memmove(bf + 1, &_pw_keynum, sizeof(_pw_keynum)); 800 key.data = (u_char *)bf; 801 key.size = sizeof(_pw_keynum) + 1; 802 rval = __hashpw(&key); 803 if (rval == NS_NOTFOUND) 804 _pw_keynum = -1; /* flag `no more local records' */ 805 else if (rval == NS_SUCCESS) { 806 #ifdef _PASSWD_COMPAT 807 /* if we don't have YP at all, don't bother. */ 808 if (has_compatpw) { 809 if(_pw_passwd.pw_name[0] == '+') { 810 /* set the mode */ 811 switch(_pw_passwd.pw_name[1]) { 812 case '\0': 813 __pwmode = PWMODE_FULL; 814 break; 815 case '@': 816 __pwmode = PWMODE_NETGRP; 817 setnetgrent(_pw_passwd.pw_name + 2); 818 break; 819 default: 820 __pwmode = PWMODE_USER; 821 name = strdup(_pw_passwd.pw_name + 1); 822 break; 823 } 824 825 /* save the prototype */ 826 __pwproto_set(); 827 goto again; 828 } else if(_pw_passwd.pw_name[0] == '-') { 829 /* an attempted exclusion */ 830 switch(_pw_passwd.pw_name[1]) { 831 case '\0': 832 break; 833 case '@': 834 setnetgrent(_pw_passwd.pw_name + 2); 835 while(getnetgrent(&host, &user, &dom)) { 836 if(user && *user) 837 __pwexclude_add(user); 838 } 839 endnetgrent(); 840 break; 841 default: 842 __pwexclude_add(_pw_passwd.pw_name + 1); 843 break; 844 } 845 goto again; 846 } 847 } 848 #endif 849 } 850 return (rval); 851 } 852 853 /* 854 * compat implementation of getpwnam() and getpwuid() 855 * varargs: type, [ uid (type == _PW_KEYBYUID) | name (type == _PW_KEYBYNAME) ] 856 */ 857 static int _compat_getpw __P((void *, void *, va_list)); 858 859 static int 860 _compat_getpw(rv, cb_data, ap) 861 void *rv; 862 void *cb_data; 863 va_list ap; 864 { 865 #ifdef _PASSWD_COMPAT 866 DBT key; 867 int search, rval, r, s, keynum; 868 uid_t uid; 869 char bf[sizeof(keynum) + 1]; 870 const char *name, *host, *user, *dom; 871 #endif 872 873 if (!_pw_db && !__initdb()) 874 return NS_UNAVAIL; 875 876 /* 877 * If there isn't a compat token in the database, use files. 878 */ 879 #ifdef _PASSWD_COMPAT 880 if (! __has_compatpw()) 881 #endif 882 return (_local_getpw(rv, cb_data, ap)); 883 884 #ifdef _PASSWD_COMPAT 885 search = va_arg(ap, int); 886 uid = 0; 887 name = NULL; 888 rval = NS_NOTFOUND; 889 switch (search) { 890 case _PW_KEYBYNAME: 891 name = va_arg(ap, const char *); 892 break; 893 case _PW_KEYBYUID: 894 uid = va_arg(ap, uid_t); 895 break; 896 default: 897 abort(); 898 } 899 900 for (s = -1, keynum = 1 ; ; keynum++) { 901 bf[0] = _PW_KEYBYNUM; 902 memmove(bf + 1, &keynum, sizeof(keynum)); 903 key.data = (u_char *)bf; 904 key.size = sizeof(keynum) + 1; 905 if(__hashpw(&key) != NS_SUCCESS) 906 break; 907 switch(_pw_passwd.pw_name[0]) { 908 case '+': 909 /* save the prototype */ 910 __pwproto_set(); 911 912 switch(_pw_passwd.pw_name[1]) { 913 case '\0': 914 r = __getpwcompat(search, uid, name); 915 if (r != NS_SUCCESS) 916 continue; 917 break; 918 case '@': 919 pwnam_netgrp: 920 #if 0 /* XXX: is this a hangover from pre-nsswitch? */ 921 if(__ypcurrent) { 922 free(__ypcurrent); 923 __ypcurrent = NULL; 924 } 925 #endif 926 if (s == -1) /* first time */ 927 setnetgrent(_pw_passwd.pw_name + 2); 928 s = getnetgrent(&host, &user, &dom); 929 if (s == 0) { /* end of group */ 930 endnetgrent(); 931 s = -1; 932 continue; 933 } 934 if (!user || !*user) 935 goto pwnam_netgrp; 936 937 r = __getpwcompat(_PW_KEYBYNAME, 0, user); 938 939 if (r == NS_UNAVAIL) 940 return r; 941 if (r == NS_NOTFOUND) { 942 /* 943 * just because this user is bad 944 * it doesn't mean they all are. 945 */ 946 goto pwnam_netgrp; 947 } 948 break; 949 default: 950 user = _pw_passwd.pw_name + 1; 951 r = __getpwcompat(_PW_KEYBYNAME, 0, user); 952 953 if (r == NS_UNAVAIL) 954 return r; 955 if (r == NS_NOTFOUND) 956 continue; 957 break; 958 } 959 if(__pwexclude_is(_pw_passwd.pw_name)) { 960 if(s == 1) /* inside netgroup */ 961 goto pwnam_netgrp; 962 continue; 963 } 964 break; 965 case '-': 966 /* attempted exclusion */ 967 switch(_pw_passwd.pw_name[1]) { 968 case '\0': 969 break; 970 case '@': 971 setnetgrent(_pw_passwd.pw_name + 2); 972 while(getnetgrent(&host, &user, &dom)) { 973 if(user && *user) 974 __pwexclude_add(user); 975 } 976 endnetgrent(); 977 break; 978 default: 979 __pwexclude_add(_pw_passwd.pw_name + 1); 980 break; 981 } 982 break; 983 } 984 if ((search == _PW_KEYBYNAME && 985 strcmp(_pw_passwd.pw_name, name) == 0) 986 || (search == _PW_KEYBYUID && _pw_passwd.pw_uid == uid)) { 987 rval = NS_SUCCESS; 988 break; 989 } 990 if(s == 1) /* inside netgroup */ 991 goto pwnam_netgrp; 992 continue; 993 } 994 __pwproto = (struct passwd *)NULL; 995 996 if (!_pw_stayopen) { 997 (void)(_pw_db->close)(_pw_db); 998 _pw_db = (DB *)NULL; 999 } 1000 if(__pwexclude != (DB *)NULL) { 1001 (void)(__pwexclude->close)(__pwexclude); 1002 __pwexclude = (DB *)NULL; 1003 } 1004 return rval; 1005 #endif /* _PASSWD_COMPAT */ 1006 } 1007 1008 struct passwd * 1009 getpwent() 1010 { 1011 int r; 1012 static const ns_dtab dtab[] = { 1013 NS_FILES_CB(_local_getpw, NULL) 1014 NS_DNS_CB(_dns_getpw, NULL) 1015 NS_NIS_CB(_nis_getpw, NULL) 1016 NS_COMPAT_CB(_compat_getpwent, NULL) 1017 { 0 } 1018 }; 1019 1020 r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwent", compatsrc, 1021 _PW_KEYBYNUM); 1022 if (r != NS_SUCCESS) 1023 return (struct passwd *)NULL; 1024 return &_pw_passwd; 1025 } 1026 1027 struct passwd * 1028 getpwnam(name) 1029 const char *name; 1030 { 1031 int r; 1032 static const ns_dtab dtab[] = { 1033 NS_FILES_CB(_local_getpw, NULL) 1034 NS_DNS_CB(_dns_getpw, NULL) 1035 NS_NIS_CB(_nis_getpw, NULL) 1036 NS_COMPAT_CB(_compat_getpw, NULL) 1037 { 0 } 1038 }; 1039 1040 if (name == NULL || name[0] == '\0') 1041 return (struct passwd *)NULL; 1042 1043 r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwnam", compatsrc, 1044 _PW_KEYBYNAME, name); 1045 return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL); 1046 } 1047 1048 struct passwd * 1049 getpwuid(uid) 1050 uid_t uid; 1051 { 1052 int r; 1053 static const ns_dtab dtab[] = { 1054 NS_FILES_CB(_local_getpw, NULL) 1055 NS_DNS_CB(_dns_getpw, NULL) 1056 NS_NIS_CB(_nis_getpw, NULL) 1057 NS_COMPAT_CB(_compat_getpw, NULL) 1058 { 0 } 1059 }; 1060 1061 r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwuid", compatsrc, 1062 _PW_KEYBYUID, uid); 1063 return (r == NS_SUCCESS ? &_pw_passwd : (struct passwd *)NULL); 1064 } 1065 1066 int 1067 setpassent(stayopen) 1068 int stayopen; 1069 { 1070 _pw_keynum = 0; 1071 _pw_stayopen = stayopen; 1072 #ifdef YP 1073 __pwmode = PWMODE_NONE; 1074 if(__ypcurrent) 1075 free(__ypcurrent); 1076 __ypcurrent = NULL; 1077 _pw_ypdone = 0; 1078 #endif 1079 #ifdef HESIOD 1080 _pw_hesnum = 0; 1081 #endif 1082 #ifdef _PASSWD_COMPAT 1083 if(__pwexclude != (DB *)NULL) { 1084 (void)(__pwexclude->close)(__pwexclude); 1085 __pwexclude = (DB *)NULL; 1086 } 1087 __pwproto = (struct passwd *)NULL; 1088 #endif 1089 return 1; 1090 } 1091 1092 void 1093 setpwent() 1094 { 1095 (void) setpassent(0); 1096 } 1097 1098 void 1099 endpwent() 1100 { 1101 _pw_keynum = 0; 1102 if (_pw_db) { 1103 (void)(_pw_db->close)(_pw_db); 1104 _pw_db = (DB *)NULL; 1105 } 1106 #ifdef _PASSWD_COMPAT 1107 __pwmode = PWMODE_NONE; 1108 #endif 1109 #ifdef YP 1110 if(__ypcurrent) 1111 free(__ypcurrent); 1112 __ypcurrent = NULL; 1113 _pw_ypdone = 0; 1114 #endif 1115 #ifdef HESIOD 1116 _pw_hesnum = 0; 1117 #endif 1118 #ifdef _PASSWD_COMPAT 1119 if(__pwexclude != (DB *)NULL) { 1120 (void)(__pwexclude->close)(__pwexclude); 1121 __pwexclude = (DB *)NULL; 1122 } 1123 __pwproto = (struct passwd *)NULL; 1124 #endif 1125 } 1126 1127 static int 1128 __initdb() 1129 { 1130 static int warned; 1131 char *p; 1132 1133 #ifdef _PASSWD_COMPAT 1134 __pwmode = PWMODE_NONE; 1135 #endif 1136 if (geteuid() == 0) { 1137 _pw_db = dbopen((p = _PATH_SMP_DB), O_RDONLY, 0, DB_HASH, NULL); 1138 if (_pw_db) 1139 return(1); 1140 } 1141 _pw_db = dbopen((p = _PATH_MP_DB), O_RDONLY, 0, DB_HASH, NULL); 1142 if (_pw_db) 1143 return 1; 1144 if (!warned) 1145 syslog(LOG_ERR, "%s: %m", p); 1146 warned = 1; 1147 return 0; 1148 } 1149 1150 static int 1151 __hashpw(key) 1152 DBT *key; 1153 { 1154 char *p, *t; 1155 static u_int max; 1156 static char *buf; 1157 DBT data; 1158 1159 switch ((_pw_db->get)(_pw_db, key, &data, 0)) { 1160 case 0: 1161 break; /* found */ 1162 case 1: 1163 return NS_NOTFOUND; 1164 case -1: 1165 return NS_UNAVAIL; /* error in db routines */ 1166 default: 1167 abort(); 1168 } 1169 1170 p = (char *)data.data; 1171 if (data.size > max && !(buf = realloc(buf, (max += 1024)))) 1172 return NS_UNAVAIL; 1173 1174 /* THIS CODE MUST MATCH THAT IN pwd_mkdb. */ 1175 t = buf; 1176 #define EXPAND(e) e = t; while ((*t++ = *p++)); 1177 #define SCALAR(v) memmove(&(v), p, sizeof v); p += sizeof v 1178 EXPAND(_pw_passwd.pw_name); 1179 EXPAND(_pw_passwd.pw_passwd); 1180 SCALAR(_pw_passwd.pw_uid); 1181 SCALAR(_pw_passwd.pw_gid); 1182 SCALAR(_pw_passwd.pw_change); 1183 EXPAND(_pw_passwd.pw_class); 1184 EXPAND(_pw_passwd.pw_gecos); 1185 EXPAND(_pw_passwd.pw_dir); 1186 EXPAND(_pw_passwd.pw_shell); 1187 SCALAR(_pw_passwd.pw_expire); 1188 1189 /* See if there's any data left. If so, read in flags. */ 1190 if (data.size > (p - (char *)data.data)) { 1191 SCALAR(_pw_flags); 1192 } else 1193 _pw_flags = _PASSWORD_NOUID|_PASSWORD_NOGID; /* default */ 1194 1195 return NS_SUCCESS; 1196 } 1197
Indexes created Wed Sep 24 15:09:51 GMT 2025