getpwent.c revision 1.77.8.1
1 /* $NetBSD: getpwent.c,v 1.77.8.1 2013/11/07 20:38:43 snj Exp $ */ 2 3 /*- 4 * Copyright (c) 1997-2000, 2004-2005 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Luke Mewburn. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 /* 33 * Copyright (c) 1988, 1993 34 * The Regents of the University of California. All rights reserved. 35 * 36 * Redistribution and use in source and binary forms, with or without 37 * modification, are permitted provided that the following conditions 38 * are met: 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 3. Neither the name of the University nor the names of its contributors 45 * may be used to endorse or promote products derived from this software 46 * without specific prior written permission. 47 * 48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58 * SUCH DAMAGE. 59 */ 60 61 /* 62 * Portions Copyright (c) 1994, 1995, Jason Downs. All rights reserved. 63 * 64 * Redistribution and use in source and binary forms, with or without 65 * modification, are permitted provided that the following conditions 66 * are met: 67 * 1. Redistributions of source code must retain the above copyright 68 * notice, this list of conditions and the following disclaimer. 69 * 2. Redistributions in binary form must reproduce the above copyright 70 * notice, this list of conditions and the following disclaimer in the 71 * documentation and/or other materials provided with the distribution. 72 * 73 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS 74 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 75 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 76 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, 77 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 78 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 79 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 80 * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 81 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 82 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 83 * SUCH DAMAGE. 84 */ 85 86 #include <sys/cdefs.h> 87 #if defined(LIBC_SCCS) && !defined(lint) 88 #if 0 89 static char sccsid[] = "@(#)getpwent.c 8.2 (Berkeley) 4/27/95"; 90 #else 91 __RCSID("$NetBSD: getpwent.c,v 1.77.8.1 2013/11/07 20:38:43 snj Exp $"); 92 #endif 93 #endif /* LIBC_SCCS and not lint */ 94 95 #include "namespace.h" 96 #include "reentrant.h" 97 98 #include <sys/param.h> 99 100 #include <assert.h> 101 #include <db.h> 102 #include <errno.h> 103 #include <fcntl.h> 104 #include <limits.h> 105 #include <netgroup.h> 106 #include <nsswitch.h> 107 #include <pwd.h> 108 #include <stdarg.h> 109 #include <stdio.h> 110 #include <stdlib.h> 111 #include <string.h> 112 #include <syslog.h> 113 #include <unistd.h> 114 115 #ifdef HESIOD 116 #include <hesiod.h> 117 #endif 118 119 #ifdef YP 120 #include <machine/param.h> 121 #include <rpc/rpc.h> 122 #include <rpcsvc/yp_prot.h> 123 #include <rpcsvc/ypclnt.h> 124 #endif 125 126 #include "pw_private.h" 127 128 #define _PASSWD_COMPAT /* "passwd" defaults to compat, so always provide it */ 129 130 #ifdef __weak_alias 131 __weak_alias(endpwent,_endpwent) 132 __weak_alias(setpassent,_setpassent) 133 __weak_alias(setpwent,_setpwent) 134 #endif 135 136 #ifdef _REENTRANT 137 static mutex_t _pwmutex = MUTEX_INITIALIZER; 138 #endif 139 140 const char __yp_token[] = "__YP!"; /* Let pwd_mkdb pull this in. */ 141 142 143 /* 144 * The pwd.db lookup techniques and data extraction code here must be kept 145 * in sync with that in `pwd_mkdb'. 146 */ 147 148 #if defined(YP) || defined(HESIOD) 149 /* 150 * _pw_parse 151 * Parses entry using pw_scan(3) (without the trailing \n) 152 * after copying to buf, and fills in pw with corresponding values. 153 * If old is non-zero, entry is in _PASSWORD_OLDFMT. 154 * Returns 1 if parsed successfully, 0 on parse failure. 155 */ 156 static int 157 _pw_parse(const char *entry, struct passwd *pw, char *buf, size_t buflen, 158 int old) 159 { 160 int flags; 161 162 _DIAGASSERT(entry != NULL); 163 _DIAGASSERT(pw != NULL); 164 _DIAGASSERT(buf != NULL); 165 166 if (strlcpy(buf, entry, buflen) >= buflen) 167 return 0; 168 flags = _PASSWORD_NOWARN; 169 if (old) 170 flags |= _PASSWORD_OLDFMT; 171 return __pw_scan(buf, pw, &flags); 172 } 173 #endif /* YP || HESIOD */ 174 175 /* 176 * _pw_opendb 177 * if *db is NULL, dbopen(3) /etc/spwd.db or /etc/pwd.db (depending 178 * upon permissions, etc) 179 */ 180 static int 181 _pw_opendb(DB **db, int *version) 182 { 183 static int warned; 184 DBT key; 185 DBT value; 186 187 const char *dbfile = NULL; 188 189 _DIAGASSERT(db != NULL); 190 _DIAGASSERT(version != NULL); 191 if (*db != NULL) /* open *db */ 192 return NS_SUCCESS; 193 194 if (geteuid() == 0) { 195 dbfile = _PATH_SMP_DB; 196 *db = dbopen(dbfile, O_RDONLY, 0, DB_HASH, NULL); 197 } 198 if (*db == NULL) { 199 dbfile = _PATH_MP_DB; 200 *db = dbopen(dbfile, O_RDONLY, 0, DB_HASH, NULL); 201 } 202 if (*db == NULL) { 203 if (!warned) { 204 int serrno = errno; 205 syslog(LOG_ERR, "%s: %m", dbfile); 206 errno = serrno; 207 } 208 warned = 1; 209 return NS_UNAVAIL; 210 } 211 key.data = __UNCONST("VERSION"); 212 key.size = strlen((char *)key.data) + 1; 213 switch ((*(*db)->get)(*db, &key, &value, 0)) { 214 case 0: 215 if (sizeof(*version) != value.size) 216 return NS_UNAVAIL; 217 (void)memcpy(version, value.data, value.size); 218 break; /* found */ 219 case 1: 220 *version = 0; /* not found */ 221 break; 222 case -1: 223 return NS_UNAVAIL; /* error in db routines */ 224 default: 225 abort(); 226 } 227 return NS_SUCCESS; 228 } 229 230 /* 231 * _pw_getkey 232 * Lookup key in *db, filling in pw 233 * with the result, allocating memory from buffer (size buflen). 234 * (The caller may point key.data to buffer on entry; the contents 235 * of key.data will be invalid on exit.) 236 */ 237 static int 238 _pw_getkey(DB *db, DBT *key, 239 struct passwd *pw, char *buffer, size_t buflen, int *pwflags, 240 int version) 241 { 242 char *p, *t; 243 DBT data; 244 245 _DIAGASSERT(db != NULL); 246 _DIAGASSERT(key != NULL); 247 _DIAGASSERT(pw != NULL); 248 _DIAGASSERT(buffer != NULL); 249 /* pwflags may be NULL (if we don't care about them */ 250 251 if (db == NULL) /* this shouldn't happen */ 252 return NS_UNAVAIL; 253 254 switch ((db->get)(db, key, &data, 0)) { 255 case 0: 256 break; /* found */ 257 case 1: 258 return NS_NOTFOUND; /* not found */ 259 case -1: 260 return NS_UNAVAIL; /* error in db routines */ 261 default: 262 abort(); 263 } 264 265 p = (char *)data.data; 266 if (data.size > buflen) { 267 errno = ERANGE; 268 return NS_UNAVAIL; 269 } 270 271 /* 272 * THE DECODING BELOW MUST MATCH THAT IN pwd_mkdb. 273 */ 274 t = buffer; 275 #define MACRO(a) do { a } while (/*CONSTCOND*/0) 276 #define EXPAND(e) MACRO(e = t; while ((*t++ = *p++));) 277 #define SCALAR(v) MACRO(memmove(&(v), p, sizeof v); p += sizeof v;) 278 EXPAND(pw->pw_name); 279 EXPAND(pw->pw_passwd); 280 SCALAR(pw->pw_uid); 281 SCALAR(pw->pw_gid); 282 if (version == 0) { 283 int32_t tmp; 284 SCALAR(tmp); 285 pw->pw_change = tmp; 286 } else 287 SCALAR(pw->pw_change); 288 EXPAND(pw->pw_class); 289 EXPAND(pw->pw_gecos); 290 EXPAND(pw->pw_dir); 291 EXPAND(pw->pw_shell); 292 if (version == 0) { 293 int32_t tmp; 294 SCALAR(tmp); 295 pw->pw_expire = tmp; 296 } else 297 SCALAR(pw->pw_expire); 298 if (pwflags) { 299 /* See if there's any data left. If so, read in flags. */ 300 if (data.size > (size_t) (p - (char *)data.data)) { 301 SCALAR(*pwflags); 302 } else { /* default */ 303 *pwflags = _PASSWORD_NOUID|_PASSWORD_NOGID; 304 } 305 } 306 307 return NS_SUCCESS; 308 } 309 310 /* 311 * _pw_memfrombuf 312 * Obtain want bytes from buffer (of size buflen) and return a pointer 313 * to the available memory after adjusting buffer/buflen. 314 * Returns NULL if there is insufficient space. 315 */ 316 static char * 317 _pw_memfrombuf(size_t want, char **buffer, size_t *buflen) 318 { 319 char *rv; 320 321 if (want > *buflen) { 322 errno = ERANGE; 323 return NULL; 324 } 325 rv = *buffer; 326 *buffer += want; 327 *buflen -= want; 328 return rv; 329 } 330 331 /* 332 * _pw_copy 333 * Copy the contents of frompw to pw; memory for strings 334 * and arrays will be allocated from buf (of size buflen). 335 * If proto != NULL, use various fields in proto in preference to frompw. 336 * Returns 1 if copied successfully, 0 on copy failure. 337 * NOTE: frompw must not use buf for its own pointers. 338 */ 339 static int 340 _pw_copy(const struct passwd *frompw, struct passwd *pw, 341 char *buf, size_t buflen, const struct passwd *protopw, int protoflags) 342 { 343 size_t count; 344 int useproto; 345 346 _DIAGASSERT(frompw != NULL); 347 _DIAGASSERT(pw != NULL); 348 _DIAGASSERT(buf != NULL); 349 /* protopw may be NULL */ 350 351 useproto = protopw && protopw->pw_name; 352 353 #define COPYSTR(to, from) \ 354 do { \ 355 count = strlen((from)); \ 356 (to) = _pw_memfrombuf(count+1, &buf, &buflen); \ 357 if ((to) == NULL) \ 358 return 0; \ 359 memmove((to), (from), count); \ 360 to[count] = '\0'; \ 361 } while (0) /* LINTED */ 362 363 #define COPYFIELD(field) COPYSTR(pw->field, frompw->field) 364 365 #define COPYPROTOFIELD(field) COPYSTR(pw->field, \ 366 (useproto && *protopw->field ? protopw->field : frompw->field)) 367 368 COPYFIELD(pw_name); 369 370 #ifdef PW_OVERRIDE_PASSWD 371 COPYPROTOFIELD(pw_passwd); 372 #else 373 COPYFIELD(pw_passwd); 374 #endif 375 376 if (useproto && !(protoflags & _PASSWORD_NOUID)) 377 pw->pw_uid = protopw->pw_uid; 378 else 379 pw->pw_uid = frompw->pw_uid; 380 381 if (useproto && !(protoflags & _PASSWORD_NOGID)) 382 pw->pw_gid = protopw->pw_gid; 383 else 384 pw->pw_gid = frompw->pw_gid; 385 386 pw->pw_change = frompw->pw_change; 387 COPYFIELD(pw_class); 388 COPYPROTOFIELD(pw_gecos); 389 COPYPROTOFIELD(pw_dir); 390 COPYPROTOFIELD(pw_shell); 391 392 #undef COPYSTR 393 #undef COPYFIELD 394 #undef COPYPROTOFIELD 395 396 return 1; 397 } 398 399 400 /* 401 * files methods 402 */ 403 404 /* state shared between files methods */ 405 struct files_state { 406 int stayopen; /* see getpassent(3) */ 407 DB *db; /* passwd file handle */ 408 int keynum; /* key counter, -1 if no more */ 409 int version; 410 }; 411 412 static struct files_state _files_state; 413 /* storage for non _r functions */ 414 static struct passwd _files_passwd; 415 static char _files_passwdbuf[_GETPW_R_SIZE_MAX]; 416 417 static int 418 _files_start(struct files_state *state) 419 { 420 int rv; 421 422 _DIAGASSERT(state != NULL); 423 424 state->keynum = 0; 425 rv = _pw_opendb(&state->db, &state->version); 426 if (rv != NS_SUCCESS) 427 return rv; 428 return NS_SUCCESS; 429 } 430 431 static int 432 _files_end(struct files_state *state) 433 { 434 435 _DIAGASSERT(state != NULL); 436 437 state->keynum = 0; 438 if (state->db) { 439 (void)(state->db->close)(state->db); 440 state->db = NULL; 441 } 442 return NS_SUCCESS; 443 } 444 445 /* 446 * _files_pwscan 447 * Search state->db for the next desired entry. 448 * If search is _PW_KEYBYNUM, look for state->keynum. 449 * If search is _PW_KEYBYNAME, look for name. 450 * If search is _PW_KEYBYUID, look for uid. 451 * Sets *retval to the errno if the result is not NS_SUCCESS 452 * or NS_NOTFOUND. 453 */ 454 static int 455 _files_pwscan(int *retval, struct passwd *pw, char *buffer, size_t buflen, 456 struct files_state *state, int search, const char *name, uid_t uid) 457 { 458 const void *from; 459 size_t fromlen; 460 DBT key; 461 int rv; 462 463 _DIAGASSERT(retval != NULL); 464 _DIAGASSERT(pw != NULL); 465 _DIAGASSERT(buffer != NULL); 466 _DIAGASSERT(state != NULL); 467 /* name is NULL to indicate searching for uid */ 468 469 *retval = 0; 470 471 if (state->db == NULL) { /* only start if file not open yet */ 472 rv = _files_start(state); 473 if (rv != NS_SUCCESS) 474 goto filespwscan_out; 475 } 476 477 for (;;) { /* search for a match */ 478 switch (search) { 479 case _PW_KEYBYNUM: 480 if (state->keynum == -1) 481 return NS_NOTFOUND; /* no more records */ 482 state->keynum++; 483 from = &state->keynum; 484 fromlen = sizeof(state->keynum); 485 break; 486 case _PW_KEYBYNAME: 487 from = name; 488 fromlen = strlen(name); 489 break; 490 case _PW_KEYBYUID: 491 from = &uid; 492 fromlen = sizeof(uid); 493 break; 494 default: 495 abort(); 496 } 497 498 if (buflen <= fromlen) { /* buffer too small */ 499 *retval = ERANGE; 500 return NS_UNAVAIL; 501 } 502 buffer[0] = search; /* setup key */ 503 memmove(buffer + 1, from, fromlen); 504 key.size = fromlen + 1; 505 key.data = (u_char *)buffer; 506 507 /* search for key */ 508 rv = _pw_getkey(state->db, &key, pw, buffer, buflen, NULL, 509 state->version); 510 if (rv != NS_SUCCESS) /* no match */ 511 break; 512 if (pw->pw_name[0] == '+' || pw->pw_name[0] == '-') { 513 /* if a compat line */ 514 if (search == _PW_KEYBYNUM) 515 continue; /* read next if pwent */ 516 rv = NS_NOTFOUND; /* don't match if pw{nam,uid} */ 517 break; 518 } 519 break; 520 } 521 522 if (rv == NS_NOTFOUND && search == _PW_KEYBYNUM) 523 state->keynum = -1; /* flag `no more records' */ 524 525 if (rv == NS_SUCCESS) { 526 if ((search == _PW_KEYBYUID && pw->pw_uid != uid) || 527 (search == _PW_KEYBYNAME && strcmp(pw->pw_name, name) != 0)) 528 rv = NS_NOTFOUND; 529 } 530 531 filespwscan_out: 532 if (rv != NS_SUCCESS && rv != NS_NOTFOUND) 533 *retval = errno; 534 return rv; 535 } 536 537 /*ARGSUSED*/ 538 static int 539 _files_setpwent(void *nsrv, void *nscb, va_list ap) 540 { 541 542 _files_state.stayopen = 0; 543 return _files_start(&_files_state); 544 } 545 546 /*ARGSUSED*/ 547 static int 548 _files_setpassent(void *nsrv, void *nscb, va_list ap) 549 { 550 int *retval = va_arg(ap, int *); 551 int stayopen = va_arg(ap, int); 552 553 int rv; 554 555 _files_state.stayopen = stayopen; 556 rv = _files_start(&_files_state); 557 *retval = (rv == NS_SUCCESS); 558 return rv; 559 } 560 561 /*ARGSUSED*/ 562 static int 563 _files_endpwent(void *nsrv, void *nscb, va_list ap) 564 { 565 566 _files_state.stayopen = 0; 567 return _files_end(&_files_state); 568 } 569 570 /*ARGSUSED*/ 571 static int 572 _files_getpwent(void *nsrv, void *nscb, va_list ap) 573 { 574 struct passwd **retval = va_arg(ap, struct passwd **); 575 576 int rv, rerror; 577 578 _DIAGASSERT(retval != NULL); 579 580 *retval = NULL; 581 rv = _files_pwscan(&rerror, &_files_passwd, 582 _files_passwdbuf, sizeof(_files_passwdbuf), 583 &_files_state, _PW_KEYBYNUM, NULL, 0); 584 if (rv == NS_SUCCESS) 585 *retval = &_files_passwd; 586 return rv; 587 } 588 589 /*ARGSUSED*/ 590 static int 591 _files_getpwent_r(void *nsrv, void *nscb, va_list ap) 592 { 593 int *retval = va_arg(ap, int *); 594 struct passwd *pw = va_arg(ap, struct passwd *); 595 char *buffer = va_arg(ap, char *); 596 size_t buflen = va_arg(ap, size_t); 597 struct passwd **result = va_arg(ap, struct passwd **); 598 599 int rv; 600 601 _DIAGASSERT(retval != NULL); 602 _DIAGASSERT(pw != NULL); 603 _DIAGASSERT(buffer != NULL); 604 _DIAGASSERT(result != NULL); 605 606 rv = _files_pwscan(retval, pw, buffer, buflen, &_files_state, 607 _PW_KEYBYNUM, NULL, 0); 608 if (rv == NS_SUCCESS) 609 *result = pw; 610 else 611 *result = NULL; 612 return rv; 613 } 614 615 /*ARGSUSED*/ 616 static int 617 _files_getpwnam(void *nsrv, void *nscb, va_list ap) 618 { 619 struct passwd **retval = va_arg(ap, struct passwd **); 620 const char *name = va_arg(ap, const char *); 621 622 int rv, rerror; 623 624 _DIAGASSERT(retval != NULL); 625 626 *retval = NULL; 627 rv = _files_start(&_files_state); 628 if (rv != NS_SUCCESS) 629 return rv; 630 rv = _files_pwscan(&rerror, &_files_passwd, 631 _files_passwdbuf, sizeof(_files_passwdbuf), 632 &_files_state, _PW_KEYBYNAME, name, 0); 633 if (!_files_state.stayopen) 634 _files_end(&_files_state); 635 if (rv == NS_SUCCESS) 636 *retval = &_files_passwd; 637 return rv; 638 } 639 640 /*ARGSUSED*/ 641 static int 642 _files_getpwnam_r(void *nsrv, void *nscb, va_list ap) 643 { 644 int *retval = va_arg(ap, int *); 645 const char *name = va_arg(ap, const char *); 646 struct passwd *pw = va_arg(ap, struct passwd *); 647 char *buffer = va_arg(ap, char *); 648 size_t buflen = va_arg(ap, size_t); 649 struct passwd **result = va_arg(ap, struct passwd **); 650 651 struct files_state state; 652 int rv; 653 654 _DIAGASSERT(retval != NULL); 655 _DIAGASSERT(pw != NULL); 656 _DIAGASSERT(buffer != NULL); 657 _DIAGASSERT(result != NULL); 658 659 *result = NULL; 660 memset(&state, 0, sizeof(state)); 661 rv = _files_pwscan(retval, pw, buffer, buflen, &state, 662 _PW_KEYBYNAME, name, 0); 663 _files_end(&state); 664 if (rv == NS_SUCCESS) 665 *result = pw; 666 return rv; 667 } 668 669 /*ARGSUSED*/ 670 static int 671 _files_getpwuid(void *nsrv, void *nscb, va_list ap) 672 { 673 struct passwd **retval = va_arg(ap, struct passwd **); 674 uid_t uid = va_arg(ap, uid_t); 675 676 int rv, rerror; 677 678 _DIAGASSERT(retval != NULL); 679 680 *retval = NULL; 681 rv = _files_start(&_files_state); 682 if (rv != NS_SUCCESS) 683 return rv; 684 rv = _files_pwscan(&rerror, &_files_passwd, 685 _files_passwdbuf, sizeof(_files_passwdbuf), 686 &_files_state, _PW_KEYBYUID, NULL, uid); 687 if (!_files_state.stayopen) 688 _files_end(&_files_state); 689 if (rv == NS_SUCCESS) 690 *retval = &_files_passwd; 691 return rv; 692 } 693 694 /*ARGSUSED*/ 695 static int 696 _files_getpwuid_r(void *nsrv, void *nscb, va_list ap) 697 { 698 int *retval = va_arg(ap, int *); 699 uid_t uid = va_arg(ap, uid_t); 700 struct passwd *pw = va_arg(ap, struct passwd *); 701 char *buffer = va_arg(ap, char *); 702 size_t buflen = va_arg(ap, size_t); 703 struct passwd **result = va_arg(ap, struct passwd **); 704 705 struct files_state state; 706 int rv; 707 708 _DIAGASSERT(retval != NULL); 709 _DIAGASSERT(pw != NULL); 710 _DIAGASSERT(buffer != NULL); 711 _DIAGASSERT(result != NULL); 712 713 *result = NULL; 714 memset(&state, 0, sizeof(state)); 715 rv = _files_pwscan(retval, pw, buffer, buflen, &state, 716 _PW_KEYBYUID, NULL, uid); 717 _files_end(&state); 718 if (rv == NS_SUCCESS) 719 *result = pw; 720 return rv; 721 } 722 723 724 #ifdef HESIOD 725 /* 726 * dns methods 727 */ 728 729 /* state shared between dns methods */ 730 struct dns_state { 731 int stayopen; /* see getpassent(3) */ 732 void *context; /* Hesiod context */ 733 int num; /* passwd index, -1 if no more */ 734 }; 735 736 static struct dns_state _dns_state; 737 /* storage for non _r functions */ 738 static struct passwd _dns_passwd; 739 static char _dns_passwdbuf[_GETPW_R_SIZE_MAX]; 740 741 static int 742 _dns_start(struct dns_state *state) 743 { 744 745 _DIAGASSERT(state != NULL); 746 747 state->num = 0; 748 if (state->context == NULL) { /* setup Hesiod */ 749 if (hesiod_init(&state->context) == -1) 750 return NS_UNAVAIL; 751 } 752 753 return NS_SUCCESS; 754 } 755 756 static int 757 _dns_end(struct dns_state *state) 758 { 759 760 _DIAGASSERT(state != NULL); 761 762 state->num = 0; 763 if (state->context) { 764 hesiod_end(state->context); 765 state->context = NULL; 766 } 767 return NS_SUCCESS; 768 } 769 770 /* 771 * _dns_pwscan 772 * Look for the Hesiod name provided in buffer in the NULL-terminated 773 * list of zones, 774 * and decode into pw/buffer/buflen. 775 */ 776 static int 777 _dns_pwscan(int *retval, struct passwd *pw, char *buffer, size_t buflen, 778 struct dns_state *state, const char **zones) 779 { 780 const char **curzone; 781 char **hp, *ep; 782 int rv; 783 784 _DIAGASSERT(retval != NULL); 785 _DIAGASSERT(pw != NULL); 786 _DIAGASSERT(buffer != NULL); 787 _DIAGASSERT(state != NULL); 788 _DIAGASSERT(zones != NULL); 789 790 *retval = 0; 791 792 if (state->context == NULL) { /* only start if Hesiod not setup */ 793 rv = _dns_start(state); 794 if (rv != NS_SUCCESS) 795 return rv; 796 } 797 798 hp = NULL; 799 rv = NS_NOTFOUND; 800 801 for (curzone = zones; *curzone; curzone++) { /* search zones */ 802 hp = hesiod_resolve(state->context, buffer, *curzone); 803 if (hp != NULL) 804 break; 805 if (errno != ENOENT) { 806 rv = NS_UNAVAIL; 807 goto dnspwscan_out; 808 } 809 } 810 if (*curzone == NULL) 811 goto dnspwscan_out; 812 813 if ((ep = strchr(hp[0], '\n')) != NULL) 814 *ep = '\0'; /* clear trailing \n */ 815 if (_pw_parse(hp[0], pw, buffer, buflen, 1)) /* validate line */ 816 rv = NS_SUCCESS; 817 else 818 rv = NS_UNAVAIL; 819 820 dnspwscan_out: 821 if (rv != NS_SUCCESS && rv != NS_NOTFOUND) 822 *retval = errno; 823 if (hp) 824 hesiod_free_list(state->context, hp); 825 return rv; 826 } 827 828 /*ARGSUSED*/ 829 static int 830 _dns_setpwent(void *nsrv, void *nscb, va_list ap) 831 { 832 833 _dns_state.stayopen = 0; 834 return _dns_start(&_dns_state); 835 } 836 837 /*ARGSUSED*/ 838 static int 839 _dns_setpassent(void *nsrv, void *nscb, va_list ap) 840 { 841 int *retval = va_arg(ap, int *); 842 int stayopen = va_arg(ap, int); 843 844 int rv; 845 846 _dns_state.stayopen = stayopen; 847 rv = _dns_start(&_dns_state); 848 *retval = (rv == NS_SUCCESS); 849 return rv; 850 } 851 852 /*ARGSUSED*/ 853 static int 854 _dns_endpwent(void *nsrv, void *nscb, va_list ap) 855 { 856 857 _dns_state.stayopen = 0; 858 return _dns_end(&_dns_state); 859 } 860 861 /*ARGSUSED*/ 862 static int 863 _dns_getpwent(void *nsrv, void *nscb, va_list ap) 864 { 865 struct passwd **retval = va_arg(ap, struct passwd **); 866 867 char **hp, *ep; 868 int rv; 869 870 _DIAGASSERT(retval != NULL); 871 872 *retval = NULL; 873 874 if (_dns_state.num == -1) /* exhausted search */ 875 return NS_NOTFOUND; 876 877 if (_dns_state.context == NULL) { 878 /* only start if Hesiod not setup */ 879 rv = _dns_start(&_dns_state); 880 if (rv != NS_SUCCESS) 881 return rv; 882 } 883 884 next_dns_entry: 885 hp = NULL; 886 rv = NS_NOTFOUND; 887 888 /* find passwd-NNN */ 889 snprintf(_dns_passwdbuf, sizeof(_dns_passwdbuf), 890 "passwd-%u", _dns_state.num); 891 _dns_state.num++; 892 893 hp = hesiod_resolve(_dns_state.context, _dns_passwdbuf, "passwd"); 894 if (hp == NULL) { 895 if (errno == ENOENT) 896 _dns_state.num = -1; 897 else 898 rv = NS_UNAVAIL; 899 } else { 900 if ((ep = strchr(hp[0], '\n')) != NULL) 901 *ep = '\0'; /* clear trailing \n */ 902 /* validate line */ 903 if (_pw_parse(hp[0], &_dns_passwd, 904 _dns_passwdbuf, sizeof(_dns_passwdbuf), 1)) 905 rv = NS_SUCCESS; 906 else { /* dodgy entry, try again */ 907 hesiod_free_list(_dns_state.context, hp); 908 goto next_dns_entry; 909 } 910 } 911 912 if (hp) 913 hesiod_free_list(_dns_state.context, hp); 914 if (rv == NS_SUCCESS) 915 *retval = &_dns_passwd; 916 return rv; 917 } 918 919 /*ARGSUSED*/ 920 static int 921 _dns_getpwent_r(void *nsrv, void *nscb, va_list ap) 922 { 923 int *retval = va_arg(ap, int *); 924 struct passwd *pw = va_arg(ap, struct passwd *); 925 char *buffer = va_arg(ap, char *); 926 size_t buflen = va_arg(ap, size_t); 927 struct passwd **result = va_arg(ap, struct passwd **); 928 929 char **hp, *ep; 930 int rv; 931 932 _DIAGASSERT(retval != NULL); 933 _DIAGASSERT(pw != NULL); 934 _DIAGASSERT(buffer != NULL); 935 _DIAGASSERT(result != NULL); 936 937 *retval = 0; 938 939 if (_dns_state.num == -1) /* exhausted search */ 940 return NS_NOTFOUND; 941 942 if (_dns_state.context == NULL) { 943 /* only start if Hesiod not setup */ 944 rv = _dns_start(&_dns_state); 945 if (rv != NS_SUCCESS) 946 return rv; 947 } 948 949 next_dns_entry: 950 hp = NULL; 951 rv = NS_NOTFOUND; 952 953 /* find passwd-NNN */ 954 snprintf(buffer, buflen, "passwd-%u", _dns_state.num); 955 _dns_state.num++; 956 957 hp = hesiod_resolve(_dns_state.context, buffer, "passwd"); 958 if (hp == NULL) { 959 if (errno == ENOENT) 960 _dns_state.num = -1; 961 else 962 rv = NS_UNAVAIL; 963 } else { 964 if ((ep = strchr(hp[0], '\n')) != NULL) 965 *ep = '\0'; /* clear trailing \n */ 966 /* validate line */ 967 if (_pw_parse(hp[0], pw, buffer, buflen, 1)) 968 rv = NS_SUCCESS; 969 else { /* dodgy entry, try again */ 970 hesiod_free_list(_dns_state.context, hp); 971 goto next_dns_entry; 972 } 973 } 974 975 if (hp) 976 hesiod_free_list(_dns_state.context, hp); 977 if (rv == NS_SUCCESS) 978 *result = pw; 979 else 980 *result = NULL; 981 return rv; 982 } 983 984 static const char *_dns_uid_zones[] = { 985 "uid", 986 "passwd", 987 NULL 988 }; 989 990 /*ARGSUSED*/ 991 static int 992 _dns_getpwuid(void *nsrv, void *nscb, va_list ap) 993 { 994 struct passwd **retval = va_arg(ap, struct passwd **); 995 uid_t uid = va_arg(ap, uid_t); 996 997 int rv, rerror; 998 999 _DIAGASSERT(retval != NULL); 1000 1001 *retval = NULL; 1002 rv = _dns_start(&_dns_state); 1003 if (rv != NS_SUCCESS) 1004 return rv; 1005 snprintf(_dns_passwdbuf, sizeof(_dns_passwdbuf), 1006 "%u", (unsigned int)uid); 1007 rv = _dns_pwscan(&rerror, &_dns_passwd, 1008 _dns_passwdbuf, sizeof(_dns_passwdbuf), 1009 &_dns_state, _dns_uid_zones); 1010 if (!_dns_state.stayopen) 1011 _dns_end(&_dns_state); 1012 if (rv == NS_SUCCESS && uid == _dns_passwd.pw_uid) 1013 *retval = &_dns_passwd; 1014 return rv; 1015 } 1016 1017 /*ARGSUSED*/ 1018 static int 1019 _dns_getpwuid_r(void *nsrv, void *nscb, va_list ap) 1020 { 1021 int *retval = va_arg(ap, int *); 1022 uid_t uid = va_arg(ap, uid_t); 1023 struct passwd *pw = va_arg(ap, struct passwd *); 1024 char *buffer = va_arg(ap, char *); 1025 size_t buflen = va_arg(ap, size_t); 1026 struct passwd **result = va_arg(ap, struct passwd **); 1027 1028 struct dns_state state; 1029 int rv; 1030 1031 _DIAGASSERT(retval != NULL); 1032 _DIAGASSERT(pw != NULL); 1033 _DIAGASSERT(buffer != NULL); 1034 _DIAGASSERT(result != NULL); 1035 1036 *result = NULL; 1037 memset(&state, 0, sizeof(state)); 1038 snprintf(buffer, buflen, "%u", (unsigned int)uid); 1039 rv = _dns_pwscan(retval, pw, buffer, buflen, &state, _dns_uid_zones); 1040 _dns_end(&state); 1041 if (rv != NS_SUCCESS) 1042 return rv; 1043 if (uid == pw->pw_uid) { 1044 *result = pw; 1045 return NS_SUCCESS; 1046 } else 1047 return NS_NOTFOUND; 1048 } 1049 1050 static const char *_dns_nam_zones[] = { 1051 "passwd", 1052 NULL 1053 }; 1054 1055 /*ARGSUSED*/ 1056 static int 1057 _dns_getpwnam(void *nsrv, void *nscb, va_list ap) 1058 { 1059 struct passwd **retval = va_arg(ap, struct passwd **); 1060 const char *name = va_arg(ap, const char *); 1061 1062 int rv, rerror; 1063 1064 _DIAGASSERT(retval != NULL); 1065 1066 *retval = NULL; 1067 rv = _dns_start(&_dns_state); 1068 if (rv != NS_SUCCESS) 1069 return rv; 1070 snprintf(_dns_passwdbuf, sizeof(_dns_passwdbuf), "%s", name); 1071 rv = _dns_pwscan(&rerror, &_dns_passwd, 1072 _dns_passwdbuf, sizeof(_dns_passwdbuf), 1073 &_dns_state, _dns_nam_zones); 1074 if (!_dns_state.stayopen) 1075 _dns_end(&_dns_state); 1076 if (rv == NS_SUCCESS && strcmp(name, _dns_passwd.pw_name) == 0) 1077 *retval = &_dns_passwd; 1078 return rv; 1079 } 1080 1081 /*ARGSUSED*/ 1082 static int 1083 _dns_getpwnam_r(void *nsrv, void *nscb, va_list ap) 1084 { 1085 int *retval = va_arg(ap, int *); 1086 const char *name = va_arg(ap, const char *); 1087 struct passwd *pw = va_arg(ap, struct passwd *); 1088 char *buffer = va_arg(ap, char *); 1089 size_t buflen = va_arg(ap, size_t); 1090 struct passwd **result = va_arg(ap, struct passwd **); 1091 1092 struct dns_state state; 1093 int rv; 1094 1095 _DIAGASSERT(retval != NULL); 1096 _DIAGASSERT(pw != NULL); 1097 _DIAGASSERT(buffer != NULL); 1098 _DIAGASSERT(result != NULL); 1099 1100 *result = NULL; 1101 memset(&state, 0, sizeof(state)); 1102 snprintf(buffer, buflen, "%s", name); 1103 rv = _dns_pwscan(retval, pw, buffer, buflen, &state, _dns_nam_zones); 1104 _dns_end(&state); 1105 if (rv != NS_SUCCESS) 1106 return rv; 1107 if (strcmp(name, pw->pw_name) == 0) { 1108 *result = pw; 1109 return NS_SUCCESS; 1110 } else 1111 return NS_NOTFOUND; 1112 } 1113 1114 #endif /* HESIOD */ 1115 1116 1117 #ifdef YP 1118 /* 1119 * nis methods 1120 */ 1121 /* state shared between nis methods */ 1122 struct nis_state { 1123 int stayopen; /* see getpassent(3) */ 1124 char *domain; /* NIS domain */ 1125 int done; /* non-zero if search exhausted */ 1126 char *current; /* current first/next match */ 1127 int currentlen; /* length of _nis_current */ 1128 enum { /* shadow map type */ 1129 NISMAP_UNKNOWN, /* unknown ... */ 1130 NISMAP_NONE, /* none: use "passwd.by*" */ 1131 NISMAP_ADJUNCT, /* pw_passwd from "passwd.adjunct.*" */ 1132 NISMAP_MASTER /* all from "master.passwd.by*" */ 1133 } maptype; 1134 }; 1135 1136 static struct nis_state _nis_state; 1137 /* storage for non _r functions */ 1138 static struct passwd _nis_passwd; 1139 static char _nis_passwdbuf[_GETPW_R_SIZE_MAX]; 1140 1141 /* macros for deciding which NIS maps to use. */ 1142 #define PASSWD_BYNAME(x) ((x)->maptype == NISMAP_MASTER \ 1143 ? "master.passwd.byname" : "passwd.byname") 1144 #define PASSWD_BYUID(x) ((x)->maptype == NISMAP_MASTER \ 1145 ? "master.passwd.byuid" : "passwd.byuid") 1146 1147 static int 1148 _nis_start(struct nis_state *state) 1149 { 1150 1151 _DIAGASSERT(state != NULL); 1152 1153 state->done = 0; 1154 if (state->current) { 1155 free(state->current); 1156 state->current = NULL; 1157 } 1158 if (state->domain == NULL) { /* setup NIS */ 1159 switch (yp_get_default_domain(&state->domain)) { 1160 case 0: 1161 break; 1162 case YPERR_RESRC: 1163 return NS_TRYAGAIN; 1164 default: 1165 return NS_UNAVAIL; 1166 } 1167 } 1168 1169 /* determine where to get pw_passwd from */ 1170 if (state->maptype == NISMAP_UNKNOWN) { 1171 int r, order; 1172 1173 state->maptype = NISMAP_NONE; /* default to no adjunct */ 1174 if (geteuid() != 0) /* non-root can't use adjunct */ 1175 return NS_SUCCESS; 1176 1177 /* look for "master.passwd.*" */ 1178 r = yp_order(state->domain, "master.passwd.byname", &order); 1179 if (r == 0) { 1180 state->maptype = NISMAP_MASTER; 1181 return NS_SUCCESS; 1182 } 1183 1184 /* master.passwd doesn't exist, try passwd.adjunct */ 1185 if (r == YPERR_MAP) { 1186 r = yp_order(state->domain, "passwd.adjunct.byname", 1187 &order); 1188 if (r == 0) 1189 state->maptype = NISMAP_ADJUNCT; 1190 } 1191 } 1192 return NS_SUCCESS; 1193 } 1194 1195 static int 1196 _nis_end(struct nis_state *state) 1197 { 1198 1199 _DIAGASSERT(state != NULL); 1200 1201 if (state->domain) 1202 state->domain = NULL; 1203 state->done = 0; 1204 if (state->current) 1205 free(state->current); 1206 state->current = NULL; 1207 state->maptype = NISMAP_UNKNOWN; 1208 return NS_SUCCESS; 1209 } 1210 1211 /* 1212 * nis_parse 1213 * wrapper to _pw_parse that obtains the real password from the 1214 * "passwd.adjunct.byname" NIS map if the maptype is NISMAP_ADJUNCT. 1215 */ 1216 static int 1217 _nis_parse(const char *entry, struct passwd *pw, char *buf, size_t buflen, 1218 struct nis_state *state) 1219 { 1220 size_t elen; 1221 1222 _DIAGASSERT(entry != NULL); 1223 _DIAGASSERT(pw != NULL); 1224 _DIAGASSERT(buf != NULL); 1225 _DIAGASSERT(state != NULL); 1226 1227 elen = strlen(entry) + 1; 1228 if (elen >= buflen) 1229 return 0; 1230 if (! _pw_parse(entry, pw, buf, buflen, 1231 !(state->maptype == NISMAP_MASTER))) 1232 return 0; 1233 1234 if ((state->maptype == NISMAP_ADJUNCT) && 1235 (strstr(pw->pw_passwd, "##") != NULL)) { 1236 char *data; 1237 int datalen; 1238 1239 if (yp_match(state->domain, "passwd.adjunct.byname", 1240 pw->pw_name, (int)strlen(pw->pw_name), 1241 &data, &datalen) == 0) { 1242 char *bp, *ep; 1243 /* skip name to get password */ 1244 ep = data; 1245 if (strsep(&ep, ":") != NULL && 1246 (bp = strsep(&ep, ":")) != NULL) { 1247 /* store new pw_passwd after entry */ 1248 if (strlcpy(buf + elen, bp, buflen - elen) >= 1249 buflen - elen) { 1250 free(data); 1251 return 0; 1252 } 1253 pw->pw_passwd = &buf[elen]; 1254 } 1255 free(data); 1256 } 1257 } 1258 1259 return 1; 1260 } 1261 1262 1263 /* 1264 * _nis_pwscan 1265 * Look for the yp key provided in buffer from map, 1266 * and decode into pw/buffer/buflen. 1267 */ 1268 static int 1269 _nis_pwscan(int *retval, struct passwd *pw, char *buffer, size_t buflen, 1270 struct nis_state *state, const char *map) 1271 { 1272 char *data; 1273 int nisr, rv, datalen; 1274 1275 _DIAGASSERT(retval != NULL); 1276 _DIAGASSERT(pw != NULL); 1277 _DIAGASSERT(buffer != NULL); 1278 _DIAGASSERT(state != NULL); 1279 _DIAGASSERT(map != NULL); 1280 1281 *retval = 0; 1282 1283 if (state->domain == NULL) { /* only start if NIS not setup */ 1284 rv = _nis_start(state); 1285 if (rv != NS_SUCCESS) 1286 return rv; 1287 } 1288 1289 data = NULL; 1290 rv = NS_NOTFOUND; 1291 1292 /* search map */ 1293 nisr = yp_match(state->domain, map, buffer, (int)strlen(buffer), 1294 &data, &datalen); 1295 switch (nisr) { 1296 case 0: 1297 data[datalen] = '\0'; /* clear trailing \n */ 1298 if (_nis_parse(data, pw, buffer, buflen, state)) 1299 rv = NS_SUCCESS; /* validate line */ 1300 else 1301 rv = NS_UNAVAIL; 1302 break; 1303 case YPERR_KEY: 1304 break; 1305 default: 1306 rv = NS_UNAVAIL; 1307 break; 1308 } 1309 1310 if (rv != NS_SUCCESS && rv != NS_NOTFOUND) 1311 *retval = errno; 1312 if (data) 1313 free(data); 1314 return rv; 1315 } 1316 1317 /*ARGSUSED*/ 1318 static int 1319 _nis_setpwent(void *nsrv, void *nscb, va_list ap) 1320 { 1321 1322 _nis_state.stayopen = 0; 1323 return _nis_start(&_nis_state); 1324 } 1325 1326 /*ARGSUSED*/ 1327 static int 1328 _nis_setpassent(void *nsrv, void *nscb, va_list ap) 1329 { 1330 int *retval = va_arg(ap, int *); 1331 int stayopen = va_arg(ap, int); 1332 1333 int rv; 1334 1335 _nis_state.stayopen = stayopen; 1336 rv = _nis_start(&_nis_state); 1337 *retval = (rv == NS_SUCCESS); 1338 return rv; 1339 } 1340 1341 /*ARGSUSED*/ 1342 static int 1343 _nis_endpwent(void *nsrv, void *nscb, va_list ap) 1344 { 1345 1346 return _nis_end(&_nis_state); 1347 } 1348 1349 1350 /*ARGSUSED*/ 1351 static int 1352 _nis_getpwent(void *nsrv, void *nscb, va_list ap) 1353 { 1354 struct passwd **retval = va_arg(ap, struct passwd **); 1355 1356 char *key, *data; 1357 int keylen, datalen, rv, nisr; 1358 1359 _DIAGASSERT(retval != NULL); 1360 1361 *retval = NULL; 1362 1363 if (_nis_state.done) /* exhausted search */ 1364 return NS_NOTFOUND; 1365 if (_nis_state.domain == NULL) { 1366 /* only start if NIS not setup */ 1367 rv = _nis_start(&_nis_state); 1368 if (rv != NS_SUCCESS) 1369 return rv; 1370 } 1371 1372 next_nis_entry: 1373 key = NULL; 1374 data = NULL; 1375 rv = NS_NOTFOUND; 1376 1377 if (_nis_state.current) { /* already searching */ 1378 nisr = yp_next(_nis_state.domain, PASSWD_BYNAME(&_nis_state), 1379 _nis_state.current, _nis_state.currentlen, 1380 &key, &keylen, &data, &datalen); 1381 free(_nis_state.current); 1382 _nis_state.current = NULL; 1383 switch (nisr) { 1384 case 0: 1385 _nis_state.current = key; 1386 _nis_state.currentlen = keylen; 1387 key = NULL; 1388 break; 1389 case YPERR_NOMORE: 1390 _nis_state.done = 1; 1391 goto nisent_out; 1392 default: 1393 rv = NS_UNAVAIL; 1394 goto nisent_out; 1395 } 1396 } else { /* new search */ 1397 if (yp_first(_nis_state.domain, PASSWD_BYNAME(&_nis_state), 1398 &_nis_state.current, &_nis_state.currentlen, 1399 &data, &datalen)) { 1400 rv = NS_UNAVAIL; 1401 goto nisent_out; 1402 } 1403 } 1404 1405 data[datalen] = '\0'; /* clear trailing \n */ 1406 /* validate line */ 1407 if (_nis_parse(data, &_nis_passwd, 1408 _nis_passwdbuf, sizeof(_nis_passwdbuf), &_nis_state)) 1409 rv = NS_SUCCESS; 1410 else { /* dodgy entry, try again */ 1411 free(data); 1412 goto next_nis_entry; 1413 } 1414 1415 nisent_out: 1416 if (key) 1417 free(key); 1418 if (data) 1419 free(data); 1420 if (rv == NS_SUCCESS) 1421 *retval = &_nis_passwd; 1422 return rv; 1423 } 1424 1425 /*ARGSUSED*/ 1426 static int 1427 _nis_getpwent_r(void *nsrv, void *nscb, va_list ap) 1428 { 1429 int *retval = va_arg(ap, int *); 1430 struct passwd *pw = va_arg(ap, struct passwd *); 1431 char *buffer = va_arg(ap, char *); 1432 size_t buflen = va_arg(ap, size_t); 1433 struct passwd **result = va_arg(ap, struct passwd **); 1434 1435 char *key, *data; 1436 int keylen, datalen, rv, nisr; 1437 1438 _DIAGASSERT(retval != NULL); 1439 _DIAGASSERT(pw != NULL); 1440 _DIAGASSERT(buffer != NULL); 1441 _DIAGASSERT(result != NULL); 1442 1443 *retval = 0; 1444 1445 if (_nis_state.done) /* exhausted search */ 1446 return NS_NOTFOUND; 1447 if (_nis_state.domain == NULL) { 1448 /* only start if NIS not setup */ 1449 rv = _nis_start(&_nis_state); 1450 if (rv != NS_SUCCESS) 1451 return rv; 1452 } 1453 1454 next_nis_entry: 1455 key = NULL; 1456 data = NULL; 1457 rv = NS_NOTFOUND; 1458 1459 if (_nis_state.current) { /* already searching */ 1460 nisr = yp_next(_nis_state.domain, PASSWD_BYNAME(&_nis_state), 1461 _nis_state.current, _nis_state.currentlen, 1462 &key, &keylen, &data, &datalen); 1463 free(_nis_state.current); 1464 _nis_state.current = NULL; 1465 switch (nisr) { 1466 case 0: 1467 _nis_state.current = key; 1468 _nis_state.currentlen = keylen; 1469 key = NULL; 1470 break; 1471 case YPERR_NOMORE: 1472 _nis_state.done = 1; 1473 goto nisent_out; 1474 default: 1475 rv = NS_UNAVAIL; 1476 goto nisent_out; 1477 } 1478 } else { /* new search */ 1479 if (yp_first(_nis_state.domain, PASSWD_BYNAME(&_nis_state), 1480 &_nis_state.current, &_nis_state.currentlen, 1481 &data, &datalen)) { 1482 rv = NS_UNAVAIL; 1483 goto nisent_out; 1484 } 1485 } 1486 1487 data[datalen] = '\0'; /* clear trailing \n */ 1488 /* validate line */ 1489 if (_nis_parse(data, pw, buffer, buflen, &_nis_state)) 1490 rv = NS_SUCCESS; 1491 else { /* dodgy entry, try again */ 1492 if (key) 1493 free(key); 1494 free(data); 1495 goto next_nis_entry; 1496 } 1497 1498 nisent_out: 1499 if (key) 1500 free(key); 1501 if (data) 1502 free(data); 1503 if (rv == NS_SUCCESS) 1504 *result = pw; 1505 else 1506 *result = NULL; 1507 return rv; 1508 } 1509 1510 /*ARGSUSED*/ 1511 static int 1512 _nis_getpwuid(void *nsrv, void *nscb, va_list ap) 1513 { 1514 struct passwd **retval = va_arg(ap, struct passwd **); 1515 uid_t uid = va_arg(ap, uid_t); 1516 1517 int rv, rerror; 1518 1519 _DIAGASSERT(retval != NULL); 1520 1521 *retval = NULL; 1522 rv = _nis_start(&_nis_state); 1523 if (rv != NS_SUCCESS) 1524 return rv; 1525 snprintf(_nis_passwdbuf, sizeof(_nis_passwdbuf), "%u", (unsigned int)uid); 1526 rv = _nis_pwscan(&rerror, &_nis_passwd, 1527 _nis_passwdbuf, sizeof(_nis_passwdbuf), 1528 &_nis_state, PASSWD_BYUID(&_nis_state)); 1529 if (!_nis_state.stayopen) 1530 _nis_end(&_nis_state); 1531 if (rv == NS_SUCCESS && uid == _nis_passwd.pw_uid) 1532 *retval = &_nis_passwd; 1533 return rv; 1534 } 1535 1536 /*ARGSUSED*/ 1537 static int 1538 _nis_getpwuid_r(void *nsrv, void *nscb, va_list ap) 1539 { 1540 int *retval = va_arg(ap, int *); 1541 uid_t uid = va_arg(ap, uid_t); 1542 struct passwd *pw = va_arg(ap, struct passwd *); 1543 char *buffer = va_arg(ap, char *); 1544 size_t buflen = va_arg(ap, size_t); 1545 struct passwd **result = va_arg(ap, struct passwd **); 1546 1547 struct nis_state state; 1548 int rv; 1549 1550 _DIAGASSERT(retval != NULL); 1551 _DIAGASSERT(pw != NULL); 1552 _DIAGASSERT(buffer != NULL); 1553 _DIAGASSERT(result != NULL); 1554 1555 *result = NULL; 1556 memset(&state, 0, sizeof(state)); 1557 rv = _nis_start(&state); 1558 if (rv != NS_SUCCESS) 1559 return rv; 1560 snprintf(buffer, buflen, "%u", (unsigned int)uid); 1561 rv = _nis_pwscan(retval, pw, buffer, buflen, 1562 &state, PASSWD_BYUID(&state)); 1563 _nis_end(&state); 1564 if (rv != NS_SUCCESS) 1565 return rv; 1566 if (uid == pw->pw_uid) { 1567 *result = pw; 1568 return NS_SUCCESS; 1569 } else 1570 return NS_NOTFOUND; 1571 } 1572 1573 /*ARGSUSED*/ 1574 static int 1575 _nis_getpwnam(void *nsrv, void *nscb, va_list ap) 1576 { 1577 struct passwd **retval = va_arg(ap, struct passwd **); 1578 const char *name = va_arg(ap, const char *); 1579 1580 int rv, rerror; 1581 1582 _DIAGASSERT(retval != NULL); 1583 1584 *retval = NULL; 1585 rv = _nis_start(&_nis_state); 1586 if (rv != NS_SUCCESS) 1587 return rv; 1588 snprintf(_nis_passwdbuf, sizeof(_nis_passwdbuf), "%s", name); 1589 rv = _nis_pwscan(&rerror, &_nis_passwd, 1590 _nis_passwdbuf, sizeof(_nis_passwdbuf), 1591 &_nis_state, PASSWD_BYNAME(&_nis_state)); 1592 if (!_nis_state.stayopen) 1593 _nis_end(&_nis_state); 1594 if (rv == NS_SUCCESS && strcmp(name, _nis_passwd.pw_name) == 0) 1595 *retval = &_nis_passwd; 1596 return rv; 1597 } 1598 1599 /*ARGSUSED*/ 1600 static int 1601 _nis_getpwnam_r(void *nsrv, void *nscb, va_list ap) 1602 { 1603 int *retval = va_arg(ap, int *); 1604 const char *name = va_arg(ap, const char *); 1605 struct passwd *pw = va_arg(ap, struct passwd *); 1606 char *buffer = va_arg(ap, char *); 1607 size_t buflen = va_arg(ap, size_t); 1608 struct passwd **result = va_arg(ap, struct passwd **); 1609 1610 struct nis_state state; 1611 int rv; 1612 1613 _DIAGASSERT(retval != NULL); 1614 _DIAGASSERT(pw != NULL); 1615 _DIAGASSERT(buffer != NULL); 1616 _DIAGASSERT(result != NULL); 1617 1618 *result = NULL; 1619 snprintf(buffer, buflen, "%s", name); 1620 memset(&state, 0, sizeof(state)); 1621 rv = _nis_start(&state); 1622 if (rv != NS_SUCCESS) 1623 return rv; 1624 rv = _nis_pwscan(retval, pw, buffer, buflen, 1625 &state, PASSWD_BYNAME(&state)); 1626 _nis_end(&state); 1627 if (rv != NS_SUCCESS) 1628 return rv; 1629 if (strcmp(name, pw->pw_name) == 0) { 1630 *result = pw; 1631 return NS_SUCCESS; 1632 } else 1633 return NS_NOTFOUND; 1634 } 1635 1636 #endif /* YP */ 1637 1638 1639 #ifdef _PASSWD_COMPAT 1640 /* 1641 * compat methods 1642 */ 1643 1644 /* state shared between compat methods */ 1645 1646 struct compat_state { 1647 int stayopen; /* see getpassent(3) */ 1648 DB *db; /* passwd DB */ 1649 int keynum; /* key counter, -1 if no more */ 1650 enum { /* current compat mode */ 1651 COMPAT_NOTOKEN = 0, /* no compat token present */ 1652 COMPAT_NONE, /* parsing normal pwd.db line */ 1653 COMPAT_FULL, /* parsing `+' entries */ 1654 COMPAT_USER, /* parsing `+name' entries */ 1655 COMPAT_NETGROUP /* parsing `+@netgroup' entries */ 1656 } mode; 1657 char *user; /* COMPAT_USER "+name" */ 1658 DB *exclude; /* compat exclude DB */ 1659 struct passwd proto; /* proto passwd entry */ 1660 char protobuf[_GETPW_R_SIZE_MAX]; 1661 /* buffer for proto ptrs */ 1662 int protoflags; /* proto passwd flags */ 1663 int version; 1664 }; 1665 1666 static struct compat_state _compat_state; 1667 /* storage for non _r functions */ 1668 static struct passwd _compat_passwd; 1669 static char _compat_passwdbuf[_GETPW_R_SIZE_MAX]; 1670 1671 static int 1672 _compat_start(struct compat_state *state) 1673 { 1674 int rv; 1675 1676 _DIAGASSERT(state != NULL); 1677 1678 state->keynum = 0; 1679 if (state->db == NULL) { /* not open yet */ 1680 DBT key, data; 1681 DBT pkey, pdata; 1682 char bf[MAXLOGNAME]; 1683 1684 rv = _pw_opendb(&state->db, &state->version); 1685 if (rv != NS_SUCCESS) 1686 return rv; 1687 1688 state->mode = COMPAT_NOTOKEN; 1689 1690 /* 1691 * Determine if the "compat" token is present in pwd.db; 1692 * either "__YP!" or PW_KEYBYNAME+"+". 1693 * Only works if pwd_mkdb installs the token. 1694 */ 1695 key.data = (u_char *)__UNCONST(__yp_token); 1696 key.size = strlen(__yp_token); 1697 1698 bf[0] = _PW_KEYBYNAME; /* Pre-token database support. */ 1699 bf[1] = '+'; 1700 pkey.data = (u_char *)bf; 1701 pkey.size = 2; 1702 1703 if ((state->db->get)(state->db, &key, &data, 0) == 0 1704 || (state->db->get)(state->db, &pkey, &pdata, 0) == 0) 1705 state->mode = COMPAT_NONE; 1706 } 1707 return NS_SUCCESS; 1708 } 1709 1710 static int 1711 _compat_end(struct compat_state *state) 1712 { 1713 1714 _DIAGASSERT(state != NULL); 1715 1716 state->keynum = 0; 1717 if (state->db) { 1718 (void)(state->db->close)(state->db); 1719 state->db = NULL; 1720 } 1721 state->mode = COMPAT_NOTOKEN; 1722 if (state->user) 1723 free(state->user); 1724 state->user = NULL; 1725 if (state->exclude != NULL) 1726 (void)(state->exclude->close)(state->exclude); 1727 state->exclude = NULL; 1728 state->proto.pw_name = NULL; 1729 state->protoflags = 0; 1730 return NS_SUCCESS; 1731 } 1732 1733 /* 1734 * _compat_add_exclude 1735 * add the name to the exclude list in state->exclude. 1736 */ 1737 static int 1738 _compat_add_exclude(struct compat_state *state, const char *name) 1739 { 1740 DBT key, data; 1741 1742 _DIAGASSERT(state != NULL); 1743 _DIAGASSERT(name != NULL); 1744 1745 /* initialize the exclusion table if needed */ 1746 if (state->exclude == NULL) { 1747 state->exclude = dbopen(NULL, O_RDWR, 600, DB_HASH, NULL); 1748 if (state->exclude == NULL) 1749 return 0; 1750 } 1751 1752 key.size = strlen(name); /* set up the key */ 1753 key.data = (u_char *)__UNCONST(name); 1754 1755 data.data = NULL; /* data is nothing */ 1756 data.size = 0; 1757 1758 /* store it */ 1759 if ((state->exclude->put)(state->exclude, &key, &data, 0) == -1) 1760 return 0; 1761 1762 return 1; 1763 } 1764 1765 /* 1766 * _compat_is_excluded 1767 * test if a name is on the compat mode exclude list 1768 */ 1769 static int 1770 _compat_is_excluded(struct compat_state *state, const char *name) 1771 { 1772 DBT key, data; 1773 1774 _DIAGASSERT(state != NULL); 1775 _DIAGASSERT(name != NULL); 1776 1777 if (state->exclude == NULL) 1778 return 0; /* nothing excluded */ 1779 1780 key.size = strlen(name); /* set up the key */ 1781 key.data = (u_char *)__UNCONST(name); 1782 1783 if ((state->exclude->get)(state->exclude, &key, &data, 0) == 0) 1784 return 1; /* is excluded */ 1785 1786 return 0; 1787 } 1788 1789 1790 /* 1791 * _passwdcompat_bad 1792 * log an error if "files" or "compat" is specified in 1793 * passwd_compat database 1794 */ 1795 /*ARGSUSED*/ 1796 static int 1797 _passwdcompat_bad(void *nsrv, void *nscb, va_list ap) 1798 { 1799 static int warned; 1800 1801 _DIAGASSERT(nsrv != NULL); 1802 _DIAGASSERT(nscb != NULL); 1803 1804 if (!warned) { 1805 syslog(LOG_ERR, 1806 "nsswitch.conf passwd_compat database can't use '%s'", 1807 (char *)nscb); 1808 } 1809 warned = 1; 1810 return NS_UNAVAIL; 1811 } 1812 1813 /* 1814 * _passwdcompat_setpassent 1815 * Call setpassent for all passwd_compat sources. 1816 */ 1817 static int 1818 _passwdcompat_setpassent(int stayopen) 1819 { 1820 static const ns_dtab dtab[] = { 1821 NS_FILES_CB(_passwdcompat_bad, "files") 1822 NS_DNS_CB(_dns_setpassent, NULL) 1823 NS_NIS_CB(_nis_setpassent, NULL) 1824 NS_COMPAT_CB(_passwdcompat_bad, "compat") 1825 NS_NULL_CB 1826 }; 1827 1828 int rv, result; 1829 1830 rv = nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "setpassent", 1831 __nsdefaultnis_forceall, &result, stayopen); 1832 return rv; 1833 } 1834 1835 /* 1836 * _passwdcompat_endpwent 1837 * Call endpwent for all passwd_compat sources. 1838 */ 1839 static int 1840 _passwdcompat_endpwent(void) 1841 { 1842 static const ns_dtab dtab[] = { 1843 NS_FILES_CB(_passwdcompat_bad, "files") 1844 NS_DNS_CB(_dns_endpwent, NULL) 1845 NS_NIS_CB(_nis_endpwent, NULL) 1846 NS_COMPAT_CB(_passwdcompat_bad, "compat") 1847 NS_NULL_CB 1848 }; 1849 1850 return nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "endpwent", 1851 __nsdefaultnis_forceall); 1852 } 1853 1854 /* 1855 * _passwdcompat_pwscan 1856 * When a name lookup in compat mode is required (e.g., `+name', or a 1857 * name in `+@netgroup'), look it up in the 'passwd_compat' nsswitch 1858 * database. 1859 * Fail if passwd_compat contains files or compat. 1860 */ 1861 static int 1862 _passwdcompat_pwscan(struct passwd *pw, char *buffer, size_t buflen, 1863 int search, const char *name, uid_t uid) 1864 { 1865 static const ns_dtab compatentdtab[] = { 1866 NS_FILES_CB(_passwdcompat_bad, "files") 1867 NS_DNS_CB(_dns_getpwent_r, NULL) 1868 NS_NIS_CB(_nis_getpwent_r, NULL) 1869 NS_COMPAT_CB(_passwdcompat_bad, "compat") 1870 NS_NULL_CB 1871 }; 1872 static const ns_dtab compatuiddtab[] = { 1873 NS_FILES_CB(_passwdcompat_bad, "files") 1874 NS_DNS_CB(_dns_getpwuid_r, NULL) 1875 NS_NIS_CB(_nis_getpwuid_r, NULL) 1876 NS_COMPAT_CB(_passwdcompat_bad, "compat") 1877 NS_NULL_CB 1878 }; 1879 static const ns_dtab compatnamdtab[] = { 1880 NS_FILES_CB(_passwdcompat_bad, "files") 1881 NS_DNS_CB(_dns_getpwnam_r, NULL) 1882 NS_NIS_CB(_nis_getpwnam_r, NULL) 1883 NS_COMPAT_CB(_passwdcompat_bad, "compat") 1884 NS_NULL_CB 1885 }; 1886 1887 int rv, crv; 1888 struct passwd *cpw; 1889 1890 switch (search) { 1891 case _PW_KEYBYNUM: 1892 rv = nsdispatch(NULL, compatentdtab, 1893 NSDB_PASSWD_COMPAT, "getpwent_r", __nsdefaultnis, 1894 &crv, pw, buffer, buflen, &cpw); 1895 break; 1896 case _PW_KEYBYNAME: 1897 _DIAGASSERT(name != NULL); 1898 rv = nsdispatch(NULL, compatnamdtab, 1899 NSDB_PASSWD_COMPAT, "getpwnam_r", __nsdefaultnis, 1900 &crv, name, pw, buffer, buflen, &cpw); 1901 break; 1902 case _PW_KEYBYUID: 1903 rv = nsdispatch(NULL, compatuiddtab, 1904 NSDB_PASSWD_COMPAT, "getpwuid_r", __nsdefaultnis, 1905 &crv, uid, pw, buffer, buflen, &cpw); 1906 break; 1907 default: 1908 abort(); 1909 /*NOTREACHED*/ 1910 } 1911 return rv; 1912 } 1913 1914 /* 1915 * _compat_pwscan 1916 * Search state->db for the next desired entry. 1917 * If search is _PW_KEYBYNUM, look for state->keynum. 1918 * If search is _PW_KEYBYNAME, look for name. 1919 * If search is _PW_KEYBYUID, look for uid. 1920 * Sets *retval to the errno if the result is not NS_SUCCESS 1921 * or NS_NOTFOUND. 1922 */ 1923 static int 1924 _compat_pwscan(int *retval, struct passwd *pw, char *buffer, size_t buflen, 1925 struct compat_state *state, int search, const char *name, uid_t uid) 1926 { 1927 DBT key; 1928 int rv, r, pwflags; 1929 const char *user, *host, *dom; 1930 const void *from; 1931 size_t fromlen; 1932 1933 _DIAGASSERT(retval != NULL); 1934 _DIAGASSERT(pw != NULL); 1935 _DIAGASSERT(buffer != NULL); 1936 _DIAGASSERT(state != NULL); 1937 /* name may be NULL */ 1938 1939 *retval = 0; 1940 1941 if (state->db == NULL) { 1942 rv = _compat_start(state); 1943 if (rv != NS_SUCCESS) 1944 return rv; 1945 } 1946 if (buflen <= 1) { /* buffer too small */ 1947 *retval = ERANGE; 1948 return NS_UNAVAIL; 1949 } 1950 1951 for (;;) { /* loop over pwd.db */ 1952 rv = NS_NOTFOUND; 1953 if (state->mode != COMPAT_NOTOKEN && 1954 state->mode != COMPAT_NONE) { 1955 /* doing a compat lookup */ 1956 struct passwd cpw; 1957 char cbuf[_GETPW_R_SIZE_MAX]; 1958 1959 switch (state->mode) { 1960 1961 case COMPAT_FULL: 1962 /* get next user or lookup by key */ 1963 rv = _passwdcompat_pwscan(&cpw, 1964 cbuf, sizeof(cbuf), search, name, uid); 1965 if (rv != NS_SUCCESS) 1966 state->mode = COMPAT_NONE; 1967 break; 1968 1969 case COMPAT_NETGROUP: 1970 /* XXXREENTRANT: getnetgrent is not thread safe */ 1971 /* get next user from netgroup */ 1972 r = getnetgrent(&host, &user, &dom); 1973 if (r == 0) { /* end of group */ 1974 endnetgrent(); 1975 state->mode = COMPAT_NONE; 1976 break; 1977 } 1978 if (!user || !*user) 1979 break; 1980 rv = _passwdcompat_pwscan(&cpw, 1981 cbuf, sizeof(cbuf), 1982 _PW_KEYBYNAME, user, 0); 1983 break; 1984 1985 case COMPAT_USER: 1986 /* get specific user */ 1987 if (state->user == NULL) { 1988 state->mode = COMPAT_NONE; 1989 break; 1990 } 1991 rv = _passwdcompat_pwscan(&cpw, 1992 cbuf, sizeof(cbuf), 1993 _PW_KEYBYNAME, state->user, 0); 1994 free(state->user); 1995 state->user = NULL; 1996 state->mode = COMPAT_NONE; 1997 break; 1998 1999 case COMPAT_NOTOKEN: 2000 case COMPAT_NONE: 2001 abort(); 2002 2003 } 2004 if (rv != NS_SUCCESS) /* if not matched, next loop */ 2005 continue; 2006 2007 /* copy cpw to pw, applying prototype */ 2008 if (! _pw_copy(&cpw, pw, buffer, buflen, 2009 &state->proto, state->protoflags)) { 2010 rv = NS_UNAVAIL; 2011 break; 2012 } 2013 2014 if (_compat_is_excluded(state, pw->pw_name)) 2015 continue; /* excluded; next loop */ 2016 2017 if ((search == _PW_KEYBYNAME 2018 && strcmp(pw->pw_name, name) != 0) 2019 || (search == _PW_KEYBYUID && pw->pw_uid != uid)) { 2020 continue; /* not specific; next loop */ 2021 } 2022 2023 break; /* exit loop if found */ 2024 } else { /* not a compat line */ 2025 state->proto.pw_name = NULL; 2026 /* clear prototype */ 2027 } 2028 2029 if (state->mode == COMPAT_NOTOKEN) { 2030 /* no compat token; do direct lookup */ 2031 switch (search) { 2032 case _PW_KEYBYNUM: 2033 if (state->keynum == -1) /* no more records */ 2034 return NS_NOTFOUND; 2035 state->keynum++; 2036 from = &state->keynum; 2037 fromlen = sizeof(state->keynum); 2038 break; 2039 case _PW_KEYBYNAME: 2040 from = name; 2041 fromlen = strlen(name); 2042 break; 2043 case _PW_KEYBYUID: 2044 from = &uid; 2045 fromlen = sizeof(uid); 2046 break; 2047 default: 2048 abort(); 2049 } 2050 buffer[0] = search; 2051 } else { 2052 /* compat token; do line by line */ 2053 if (state->keynum == -1) /* no more records */ 2054 return NS_NOTFOUND; 2055 state->keynum++; 2056 from = &state->keynum; 2057 fromlen = sizeof(state->keynum); 2058 buffer[0] = _PW_KEYBYNUM; 2059 } 2060 2061 if (buflen <= fromlen) { /* buffer too small */ 2062 *retval = ERANGE; 2063 return NS_UNAVAIL; 2064 } 2065 memmove(buffer + 1, from, fromlen); /* setup key */ 2066 key.size = fromlen + 1; 2067 key.data = (u_char *)buffer; 2068 2069 rv = _pw_getkey(state->db, &key, pw, buffer, buflen, &pwflags, 2070 state->version); 2071 if (rv != NS_SUCCESS) /* stop on error */ 2072 break; 2073 2074 if (state->mode == COMPAT_NOTOKEN) 2075 break; /* stop if no compat token */ 2076 2077 if (pw->pw_name[0] == '+') { 2078 /* compat inclusion */ 2079 switch(pw->pw_name[1]) { 2080 case '\0': /* `+' */ 2081 state->mode = COMPAT_FULL; 2082 /* reset passwd_compat search */ 2083 /* XXXREENTRANT: setpassent is not thread safe ? */ 2084 (void) _passwdcompat_setpassent(0); 2085 break; 2086 case '@': /* `+@netgroup' */ 2087 state->mode = COMPAT_NETGROUP; 2088 /* reset netgroup search */ 2089 /* XXXREENTRANT: setnetgrent is not thread safe */ 2090 setnetgrent(pw->pw_name + 2); 2091 break; 2092 default: /* `+name' */ 2093 state->mode = COMPAT_USER; 2094 if (state->user) 2095 free(state->user); 2096 state->user = strdup(pw->pw_name + 1); 2097 break; 2098 } 2099 /* save the prototype */ 2100 state->protoflags = pwflags; 2101 if (! _pw_copy(pw, &state->proto, state->protobuf, 2102 sizeof(state->protobuf), NULL, 0)) { 2103 rv = NS_UNAVAIL; 2104 break; 2105 } 2106 continue; /* loop again after inclusion */ 2107 } else if (pw->pw_name[0] == '-') { 2108 /* compat exclusion */ 2109 rv = NS_SUCCESS; 2110 switch(pw->pw_name[1]) { 2111 case '\0': /* `-' */ 2112 break; 2113 case '@': /* `-@netgroup' */ 2114 /* XXXREENTRANT: {set,get,end}netgrent is not thread safe */ 2115 setnetgrent(pw->pw_name + 2); 2116 while (getnetgrent(&host, &user, &dom)) { 2117 if (!user || !*user) 2118 continue; 2119 if (! _compat_add_exclude(state,user)) { 2120 rv = NS_UNAVAIL; 2121 break; 2122 } 2123 } 2124 endnetgrent(); 2125 break; 2126 default: /* `-name' */ 2127 if (! _compat_add_exclude(state, 2128 pw->pw_name + 1)) { 2129 rv = NS_UNAVAIL; 2130 } 2131 break; 2132 } 2133 if (rv != NS_SUCCESS) /* exclusion failure */ 2134 break; 2135 continue; /* loop again after exclusion */ 2136 } 2137 if (search == _PW_KEYBYNUM || 2138 (search == _PW_KEYBYUID && pw->pw_uid == uid) || 2139 (search == _PW_KEYBYNAME && strcmp(pw->pw_name, name) == 0)) 2140 break; /* token mode match found */ 2141 } 2142 2143 if (rv == NS_NOTFOUND && 2144 (search == _PW_KEYBYNUM || state->mode != COMPAT_NOTOKEN)) 2145 state->keynum = -1; /* flag `no more records' */ 2146 2147 if (rv == NS_SUCCESS) { 2148 if ((search == _PW_KEYBYNAME && strcmp(pw->pw_name, name) != 0) 2149 || (search == _PW_KEYBYUID && pw->pw_uid != uid)) 2150 rv = NS_NOTFOUND; 2151 } 2152 2153 if (rv != NS_SUCCESS && rv != NS_NOTFOUND) 2154 *retval = errno; 2155 return rv; 2156 } 2157 2158 /*ARGSUSED*/ 2159 static int 2160 _compat_setpwent(void *nsrv, void *nscb, va_list ap) 2161 { 2162 2163 /* force passwd_compat setpwent() */ 2164 (void) _passwdcompat_setpassent(0); 2165 2166 /* reset state, keep db open */ 2167 _compat_state.stayopen = 0; 2168 return _compat_start(&_compat_state); 2169 } 2170 2171 /*ARGSUSED*/ 2172 static int 2173 _compat_setpassent(void *nsrv, void *nscb, va_list ap) 2174 { 2175 int *retval = va_arg(ap, int *); 2176 int stayopen = va_arg(ap, int); 2177 2178 int rv; 2179 2180 /* force passwd_compat setpassent() */ 2181 (void) _passwdcompat_setpassent(stayopen); 2182 2183 _compat_state.stayopen = stayopen; 2184 rv = _compat_start(&_compat_state); 2185 *retval = (rv == NS_SUCCESS); 2186 return rv; 2187 } 2188 2189 /*ARGSUSED*/ 2190 static int 2191 _compat_endpwent(void *nsrv, void *nscb, va_list ap) 2192 { 2193 2194 /* force passwd_compat endpwent() */ 2195 (void) _passwdcompat_endpwent(); 2196 2197 /* reset state, close db */ 2198 _compat_state.stayopen = 0; 2199 return _compat_end(&_compat_state); 2200 } 2201 2202 2203 /*ARGSUSED*/ 2204 static int 2205 _compat_getpwent(void *nsrv, void *nscb, va_list ap) 2206 { 2207 struct passwd **retval = va_arg(ap, struct passwd **); 2208 2209 int rv, rerror; 2210 2211 _DIAGASSERT(retval != NULL); 2212 2213 *retval = NULL; 2214 rv = _compat_pwscan(&rerror, &_compat_passwd, 2215 _compat_passwdbuf, sizeof(_compat_passwdbuf), 2216 &_compat_state, _PW_KEYBYNUM, NULL, 0); 2217 if (rv == NS_SUCCESS) 2218 *retval = &_compat_passwd; 2219 return rv; 2220 } 2221 2222 /*ARGSUSED*/ 2223 static int 2224 _compat_getpwent_r(void *nsrv, void *nscb, va_list ap) 2225 { 2226 int *retval = va_arg(ap, int *); 2227 struct passwd *pw = va_arg(ap, struct passwd *); 2228 char *buffer = va_arg(ap, char *); 2229 size_t buflen = va_arg(ap, size_t); 2230 struct passwd **result = va_arg(ap, struct passwd **); 2231 2232 int rv; 2233 2234 _DIAGASSERT(retval != NULL); 2235 _DIAGASSERT(pw != NULL); 2236 _DIAGASSERT(buffer != NULL); 2237 _DIAGASSERT(result != NULL); 2238 2239 rv = _compat_pwscan(retval, pw, buffer, buflen, &_compat_state, 2240 _PW_KEYBYNUM, NULL, 0); 2241 if (rv == NS_SUCCESS) 2242 *result = pw; 2243 else 2244 *result = NULL; 2245 return rv; 2246 } 2247 2248 2249 /*ARGSUSED*/ 2250 static int 2251 _compat_getpwnam(void *nsrv, void *nscb, va_list ap) 2252 { 2253 struct passwd **retval = va_arg(ap, struct passwd **); 2254 const char *name = va_arg(ap, const char *); 2255 2256 int rv, rerror; 2257 2258 _DIAGASSERT(retval != NULL); 2259 2260 *retval = NULL; 2261 rv = _compat_start(&_compat_state); 2262 if (rv != NS_SUCCESS) 2263 return rv; 2264 rv = _compat_pwscan(&rerror, &_compat_passwd, 2265 _compat_passwdbuf, sizeof(_compat_passwdbuf), 2266 &_compat_state, _PW_KEYBYNAME, name, 0); 2267 if (!_compat_state.stayopen) 2268 _compat_end(&_compat_state); 2269 if (rv == NS_SUCCESS) 2270 *retval = &_compat_passwd; 2271 return rv; 2272 } 2273 2274 /*ARGSUSED*/ 2275 static int 2276 _compat_getpwnam_r(void *nsrv, void *nscb, va_list ap) 2277 { 2278 int *retval = va_arg(ap, int *); 2279 const char *name = va_arg(ap, const char *); 2280 struct passwd *pw = va_arg(ap, struct passwd *); 2281 char *buffer = va_arg(ap, char *); 2282 size_t buflen = va_arg(ap, size_t); 2283 struct passwd **result = va_arg(ap, struct passwd **); 2284 2285 struct compat_state state; 2286 int rv; 2287 2288 _DIAGASSERT(retval != NULL); 2289 _DIAGASSERT(pw != NULL); 2290 _DIAGASSERT(buffer != NULL); 2291 _DIAGASSERT(result != NULL); 2292 2293 *result = NULL; 2294 memset(&state, 0, sizeof(state)); 2295 rv = _compat_pwscan(retval, pw, buffer, buflen, &state, 2296 _PW_KEYBYNAME, name, 0); 2297 _compat_end(&state); 2298 if (rv == NS_SUCCESS) 2299 *result = pw; 2300 return rv; 2301 } 2302 2303 /*ARGSUSED*/ 2304 static int 2305 _compat_getpwuid(void *nsrv, void *nscb, va_list ap) 2306 { 2307 struct passwd **retval = va_arg(ap, struct passwd **); 2308 uid_t uid = va_arg(ap, uid_t); 2309 2310 int rv, rerror; 2311 2312 _DIAGASSERT(retval != NULL); 2313 2314 *retval = NULL; 2315 rv = _compat_start(&_compat_state); 2316 if (rv != NS_SUCCESS) 2317 return rv; 2318 rv = _compat_pwscan(&rerror, &_compat_passwd, 2319 _compat_passwdbuf, sizeof(_compat_passwdbuf), 2320 &_compat_state, _PW_KEYBYUID, NULL, uid); 2321 if (!_compat_state.stayopen) 2322 _compat_end(&_compat_state); 2323 if (rv == NS_SUCCESS) 2324 *retval = &_compat_passwd; 2325 return rv; 2326 } 2327 2328 /*ARGSUSED*/ 2329 static int 2330 _compat_getpwuid_r(void *nsrv, void *nscb, va_list ap) 2331 { 2332 int *retval = va_arg(ap, int *); 2333 uid_t uid = va_arg(ap, uid_t); 2334 struct passwd *pw = va_arg(ap, struct passwd *); 2335 char *buffer = va_arg(ap, char *); 2336 size_t buflen = va_arg(ap, size_t); 2337 struct passwd **result = va_arg(ap, struct passwd **); 2338 2339 struct compat_state state; 2340 int rv; 2341 2342 _DIAGASSERT(retval != NULL); 2343 _DIAGASSERT(pw != NULL); 2344 _DIAGASSERT(buffer != NULL); 2345 _DIAGASSERT(result != NULL); 2346 2347 *result = NULL; 2348 memset(&state, 0, sizeof(state)); 2349 rv = _compat_pwscan(retval, pw, buffer, buflen, &state, 2350 _PW_KEYBYUID, NULL, uid); 2351 _compat_end(&state); 2352 if (rv == NS_SUCCESS) 2353 *result = pw; 2354 return rv; 2355 } 2356 2357 #endif /* _PASSWD_COMPAT */ 2358 2359 2360 /* 2361 * public functions 2362 */ 2363 2364 struct passwd * 2365 getpwent(void) 2366 { 2367 int r; 2368 struct passwd *retval; 2369 2370 static const ns_dtab dtab[] = { 2371 NS_FILES_CB(_files_getpwent, NULL) 2372 NS_DNS_CB(_dns_getpwent, NULL) 2373 NS_NIS_CB(_nis_getpwent, NULL) 2374 NS_COMPAT_CB(_compat_getpwent, NULL) 2375 NS_NULL_CB 2376 }; 2377 2378 mutex_lock(&_pwmutex); 2379 r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwent", __nsdefaultcompat, 2380 &retval); 2381 mutex_unlock(&_pwmutex); 2382 return (r == NS_SUCCESS) ? retval : NULL; 2383 } 2384 2385 int 2386 getpwent_r(struct passwd *pwd, char *buffer, size_t buflen, 2387 struct passwd **result) 2388 { 2389 int r, retval; 2390 2391 static const ns_dtab dtab[] = { 2392 NS_FILES_CB(_files_getpwent_r, NULL) 2393 NS_DNS_CB(_dns_getpwent_r, NULL) 2394 NS_NIS_CB(_nis_getpwent_r, NULL) 2395 NS_COMPAT_CB(_compat_getpwent_r, NULL) 2396 NS_NULL_CB 2397 }; 2398 2399 _DIAGASSERT(pwd != NULL); 2400 _DIAGASSERT(buffer != NULL); 2401 _DIAGASSERT(result != NULL); 2402 2403 *result = NULL; 2404 retval = 0; 2405 mutex_lock(&_pwmutex); 2406 r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwent_r", __nsdefaultcompat, 2407 &retval, pwd, buffer, buflen, result); 2408 mutex_unlock(&_pwmutex); 2409 switch (r) { 2410 case NS_SUCCESS: 2411 case NS_NOTFOUND: 2412 return 0; 2413 default: 2414 return retval; 2415 } 2416 } 2417 2418 2419 struct passwd * 2420 getpwnam(const char *name) 2421 { 2422 int rv; 2423 struct passwd *retval; 2424 2425 static const ns_dtab dtab[] = { 2426 NS_FILES_CB(_files_getpwnam, NULL) 2427 NS_DNS_CB(_dns_getpwnam, NULL) 2428 NS_NIS_CB(_nis_getpwnam, NULL) 2429 NS_COMPAT_CB(_compat_getpwnam, NULL) 2430 NS_NULL_CB 2431 }; 2432 2433 mutex_lock(&_pwmutex); 2434 rv = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwnam", __nsdefaultcompat, 2435 &retval, name); 2436 mutex_unlock(&_pwmutex); 2437 return (rv == NS_SUCCESS) ? retval : NULL; 2438 } 2439 2440 int 2441 getpwnam_r(const char *name, struct passwd *pwd, char *buffer, size_t buflen, 2442 struct passwd **result) 2443 { 2444 int r, retval; 2445 2446 static const ns_dtab dtab[] = { 2447 NS_FILES_CB(_files_getpwnam_r, NULL) 2448 NS_DNS_CB(_dns_getpwnam_r, NULL) 2449 NS_NIS_CB(_nis_getpwnam_r, NULL) 2450 NS_COMPAT_CB(_compat_getpwnam_r, NULL) 2451 NS_NULL_CB 2452 }; 2453 2454 _DIAGASSERT(name != NULL); 2455 _DIAGASSERT(pwd != NULL); 2456 _DIAGASSERT(buffer != NULL); 2457 _DIAGASSERT(result != NULL); 2458 2459 *result = NULL; 2460 retval = 0; 2461 mutex_lock(&_pwmutex); 2462 r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwnam_r", __nsdefaultcompat, 2463 &retval, name, pwd, buffer, buflen, result); 2464 mutex_unlock(&_pwmutex); 2465 switch (r) { 2466 case NS_SUCCESS: 2467 case NS_NOTFOUND: 2468 return 0; 2469 default: 2470 return retval; 2471 } 2472 } 2473 2474 struct passwd * 2475 getpwuid(uid_t uid) 2476 { 2477 int rv; 2478 struct passwd *retval; 2479 2480 static const ns_dtab dtab[] = { 2481 NS_FILES_CB(_files_getpwuid, NULL) 2482 NS_DNS_CB(_dns_getpwuid, NULL) 2483 NS_NIS_CB(_nis_getpwuid, NULL) 2484 NS_COMPAT_CB(_compat_getpwuid, NULL) 2485 NS_NULL_CB 2486 }; 2487 2488 mutex_lock(&_pwmutex); 2489 rv = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwuid", __nsdefaultcompat, 2490 &retval, uid); 2491 mutex_unlock(&_pwmutex); 2492 return (rv == NS_SUCCESS) ? retval : NULL; 2493 } 2494 2495 int 2496 getpwuid_r(uid_t uid, struct passwd *pwd, char *buffer, size_t buflen, 2497 struct passwd **result) 2498 { 2499 int r, retval; 2500 2501 static const ns_dtab dtab[] = { 2502 NS_FILES_CB(_files_getpwuid_r, NULL) 2503 NS_DNS_CB(_dns_getpwuid_r, NULL) 2504 NS_NIS_CB(_nis_getpwuid_r, NULL) 2505 NS_COMPAT_CB(_compat_getpwuid_r, NULL) 2506 NS_NULL_CB 2507 }; 2508 2509 _DIAGASSERT(pwd != NULL); 2510 _DIAGASSERT(buffer != NULL); 2511 _DIAGASSERT(result != NULL); 2512 2513 *result = NULL; 2514 retval = 0; 2515 mutex_lock(&_pwmutex); 2516 r = nsdispatch(NULL, dtab, NSDB_PASSWD, "getpwuid_r", __nsdefaultcompat, 2517 &retval, uid, pwd, buffer, buflen, result); 2518 mutex_unlock(&_pwmutex); 2519 switch (r) { 2520 case NS_SUCCESS: 2521 case NS_NOTFOUND: 2522 return 0; 2523 default: 2524 return retval; 2525 } 2526 } 2527 2528 void 2529 endpwent(void) 2530 { 2531 static const ns_dtab dtab[] = { 2532 NS_FILES_CB(_files_endpwent, NULL) 2533 NS_DNS_CB(_dns_endpwent, NULL) 2534 NS_NIS_CB(_nis_endpwent, NULL) 2535 NS_COMPAT_CB(_compat_endpwent, NULL) 2536 NS_NULL_CB 2537 }; 2538 2539 mutex_lock(&_pwmutex); 2540 /* force all endpwent() methods */ 2541 (void) nsdispatch(NULL, dtab, NSDB_PASSWD, "endpwent", 2542 __nsdefaultcompat_forceall); 2543 mutex_unlock(&_pwmutex); 2544 } 2545 2546 /*ARGSUSED*/ 2547 int 2548 setpassent(int stayopen) 2549 { 2550 static const ns_dtab dtab[] = { 2551 NS_FILES_CB(_files_setpassent, NULL) 2552 NS_DNS_CB(_dns_setpassent, NULL) 2553 NS_NIS_CB(_nis_setpassent, NULL) 2554 NS_COMPAT_CB(_compat_setpassent, NULL) 2555 NS_NULL_CB 2556 }; 2557 int rv, retval; 2558 2559 mutex_lock(&_pwmutex); 2560 /* force all setpassent() methods */ 2561 rv = nsdispatch(NULL, dtab, NSDB_PASSWD, "setpassent", 2562 __nsdefaultcompat_forceall, &retval, stayopen); 2563 mutex_unlock(&_pwmutex); 2564 return (rv == NS_SUCCESS) ? retval : 0; 2565 } 2566 2567 void 2568 setpwent(void) 2569 { 2570 static const ns_dtab dtab[] = { 2571 NS_FILES_CB(_files_setpwent, NULL) 2572 NS_DNS_CB(_dns_setpwent, NULL) 2573 NS_NIS_CB(_nis_setpwent, NULL) 2574 NS_COMPAT_CB(_compat_setpwent, NULL) 2575 NS_NULL_CB 2576 }; 2577 2578 mutex_lock(&_pwmutex); 2579 /* force all setpwent() methods */ 2580 (void) nsdispatch(NULL, dtab, NSDB_PASSWD, "setpwent", 2581 __nsdefaultcompat_forceall); 2582 mutex_unlock(&_pwmutex); 2583 } 2584
Indexes created Tue Sep 30 11:09:46 GMT 2025