diff options
Diffstat (limited to 'nis')
-rw-r--r-- | nis/libnsl.h | 1 | ||||
-rw-r--r-- | nis/nss | 12 | ||||
-rw-r--r-- | nis/nss-default.c | 3 | ||||
-rw-r--r-- | nis/nss_nis/nis-grp.c | 250 | ||||
-rw-r--r-- | nis/nss_nis/nis-pwd.c | 259 | ||||
-rw-r--r-- | nis/nss_nis/nis-service.c | 28 |
6 files changed, 463 insertions, 90 deletions
diff --git a/nis/libnsl.h b/nis/libnsl.h index e45f24d..9f78469 100644 --- a/nis/libnsl.h +++ b/nis/libnsl.h @@ -18,6 +18,7 @@ #define NSS_FLAG_NETID_AUTHORITATIVE 1 #define NSS_FLAG_SERVICES_AUTHORITATIVE 2 +#define NSS_FLAG_SETENT_BATCH_READ 4 /* Get current set of default flags. */ @@ -1,7 +1,7 @@ # /etc/default/nss # This file can theoretically contain a bunch of customization variables -# for Name Service Switch in the GNU C library. For now there are only two -# variables: +# for Name Service Switch in the GNU C library. For now there are only +# three variables: # # NETID_AUTHORITATIVE # If set to TRUE, the initgroups() function will accept the information @@ -18,3 +18,11 @@ # primary service names and service aliases. The system administrator # has to make sure it is correctly generated. #SERVICES_AUTHORITATIVE=TRUE +# +# SETENT_BATCH_READ +# If set to TRUE, various setXXent() functions will read the entire +# database at once and then hand out the requests one by one from +# memory with every getXXent() call. Otherwise each getXXent() call +# might result into a network communication with the server to get +# the next entry. +#SETENT_BATCH_READ=TRUE diff --git a/nis/nss-default.c b/nis/nss-default.c index e3a228d..577f7c2 100644 --- a/nis/nss-default.c +++ b/nis/nss-default.c @@ -45,7 +45,8 @@ static const struct { #define STRNLEN(s) s, sizeof (s) - 1 { STRNLEN ("NETID_AUTHORITATIVE"), NSS_FLAG_NETID_AUTHORITATIVE }, - { STRNLEN ("SERVICES_AUTHORITATIVE"), NSS_FLAG_SERVICES_AUTHORITATIVE } + { STRNLEN ("SERVICES_AUTHORITATIVE"), NSS_FLAG_SERVICES_AUTHORITATIVE }, + { STRNLEN ("SETENT_BATCH_READ"), NSS_FLAG_SETENT_BATCH_READ } }; #define nvars (sizeof (vars) / sizeof (vars[0])) diff --git a/nis/nss_nis/nis-grp.c b/nis/nss_nis/nis-grp.c index 68f3ced..10af019 100644 --- a/nis/nss_nis/nis-grp.c +++ b/nis/nss_nis/nis-grp.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1996-1999, 2001-2003, 2004, 2006 Free Software Foundation, Inc. +/* Copyright (C) 1996-1999, 2001-2004, 2006 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Thorsten Kukuk <kukuk@suse.de>, 1996. @@ -17,20 +17,17 @@ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. */ -#include <nss.h> -/* The following is an ugly trick to avoid a prototype declaration for - _nss_nis_endgrent. */ -#define _nss_nis_endgrent _nss_nis_endgrent_XXX -#include <grp.h> -#undef _nss_nis_endgrent #include <ctype.h> #include <errno.h> +#include <grp.h> +#include <nss.h> #include <string.h> #include <bits/libc-lock.h> #include <rpcsvc/yp.h> #include <rpcsvc/ypclnt.h> #include "nss-nis.h" +#include <libnsl.h> /* Get the declaration of the parser function. */ #define ENTNAME grent @@ -45,11 +42,84 @@ static bool_t new_start = 1; static char *oldkey; static int oldkeylen; -enum nss_status -_nss_nis_setgrent (int stayopen) +struct response_t { - __libc_lock_lock (lock); + struct response_t *next; + size_t size; + char mem[0]; +}; + +typedef struct intern_t +{ + struct response_t *start; + struct response_t *next; + size_t offset; +} intern_t; + +static intern_t intern; + + +static int +saveit (int instatus, char *inkey, int inkeylen, char *inval, + int invallen, char *indata) +{ + if (instatus != YP_TRUE) + return 1; + + if (inkey && inkeylen > 0 && inval && invallen > 0) + { + struct response_t *bucket = intern.next; + + if (__builtin_expect (bucket == NULL, 0)) + { +#define MINSIZE 4096 - 4 * sizeof (void *) + const size_t minsize = MAX (MINSIZE, 2 * (invallen + 1)); + bucket = malloc (sizeof (struct response_t) + minsize); + if (bucket == NULL) + /* We have no error code for out of memory. */ + return 1; + + bucket->next = NULL; + bucket->size = minsize; + intern.start = intern.next = bucket; + intern.offset = 0; + } + else if (__builtin_expect (invallen + 1 > bucket->size - intern.offset, + 0)) + { + /* We need a new (larger) buffer. */ + const size_t newsize = 2 * MAX (bucket->size, invallen + 1); + struct response_t *newp = malloc (sizeof (struct response_t) + + newsize); + if (newp == NULL) + /* We have no error code for out of memory. */ + return 1; + + /* Mark the old bucket as full. */ + bucket->size = intern.offset; + + newp->next = NULL; + newp->size = newsize; + bucket = intern.next = bucket->next = newp; + intern.offset = 0; + } + + char *p = mempcpy (&bucket->mem[intern.offset], inval, invallen); + if (__builtin_expect (p[-1] != '\0', 0)) + { + *p = '\0'; + ++invallen; + } + intern.offset += invallen; + } + + return 0; +} + +static void +internal_nis_endgrent (void) +{ new_start = 1; if (oldkey != NULL) { @@ -58,21 +128,86 @@ _nss_nis_setgrent (int stayopen) oldkeylen = 0; } + struct response_t *curr = intern.next; + + while (curr != NULL) + { + struct response_t *last = curr; + curr = curr->next; + free (last); + } + + intern.next = intern.start = NULL; +} + + +enum nss_status +_nss_nis_endgrent (void) +{ + __libc_lock_lock (lock); + + internal_nis_endgrent (); + __libc_lock_unlock (lock); return NSS_STATUS_SUCCESS; } -/* Make _nss_nis_endgrent an alias of _nss_nis_setgrent. We do this - even though the prototypes don't match. The argument of setgrent - is not used so this makes no difference. */ -strong_alias (_nss_nis_setgrent, _nss_nis_endgrent) + + +enum nss_status +internal_nis_setgrent (void) +{ + /* We have to read all the data now. */ + char *domain; + if (__builtin_expect (yp_get_default_domain (&domain), 0)) + return NSS_STATUS_UNAVAIL; + + struct ypall_callback ypcb; + + ypcb.foreach = saveit; + ypcb.data = NULL; + enum nss_status status = yperr2nss (yp_all (domain, "group.byname", &ypcb)); + + + /* Mark the last buffer as full. */ + if (intern.next != NULL) + intern.next->size = intern.offset; + + intern.next = intern.start; + intern.offset = 0; + + return status; +} + + +enum nss_status +_nss_nis_setgrent (int stayopen) +{ + enum nss_status result = NSS_STATUS_SUCCESS; + + __libc_lock_lock (lock); + + internal_nis_endgrent (); + + if (_nsl_default_nss () & NSS_FLAG_SETENT_BATCH_READ) + result = internal_nis_setgrent (); + + __libc_lock_unlock (lock); + + return result; +} + static enum nss_status internal_nis_getgrent_r (struct group *grp, char *buffer, size_t buflen, int *errnop) { - char *domain; - if (__builtin_expect (yp_get_default_domain (&domain), 0)) + /* If we read the entire database at setpwent time we just iterate + over the data we have in memory. */ + bool batch_read = intern.start != NULL; + + char *domain = NULL; + if (!batch_read && __builtin_expect (yp_get_default_domain (&domain), 0)) return NSS_STATUS_UNAVAIL; /* Get the next entry until we found a correct one. */ @@ -83,23 +218,62 @@ internal_nis_getgrent_r (struct group *grp, char *buffer, size_t buflen, char *outkey; int len; int keylen; - int yperr; - if (new_start) - yperr = yp_first (domain, "group.byname", &outkey, &keylen, &result, - &len); - else - yperr = yp_next (domain, "group.byname", oldkey, oldkeylen, &outkey, - &keylen, &result, &len); + if (batch_read) + { + struct response_t *bucket; - if (__builtin_expect (yperr != YPERR_SUCCESS, 0)) - { - enum nss_status retval = yperr2nss (yperr); + handle_batch_read: + bucket = intern.next; - if (retval == NSS_STATUS_TRYAGAIN) - *errnop = errno; - return retval; - } + if (__builtin_expect (intern.offset >= bucket->size, 0)) + { + if (bucket->next == NULL) + return NSS_STATUS_NOTFOUND; + + /* We look at all the content in the current bucket. Go on + to the next. */ + bucket = intern.next = bucket->next; + intern.offset = 0; + } + + for (result = &bucket->mem[intern.offset]; isspace (*result); + ++result) + ++intern.offset; + + len = strlen (result); + } + else + { + int yperr; + + if (new_start) + { + /* Maybe we should read the database in one piece. */ + if ((_nsl_default_nss () & NSS_FLAG_SETENT_BATCH_READ) + && internal_nis_setgrent () == NSS_STATUS_SUCCESS + && intern.start != NULL) + { + batch_read = true; + goto handle_batch_read; + } + + yperr = yp_first (domain, "group.byname", &outkey, &keylen, + &result, &len); + } + else + yperr = yp_next (domain, "group.byname", oldkey, oldkeylen, + &outkey, &keylen, &result, &len); + + if (__builtin_expect (yperr != YPERR_SUCCESS, 0)) + { + enum nss_status retval = yperr2nss (yperr); + + if (retval == NSS_STATUS_TRYAGAIN) + *errnop = errno; + return retval; + } + } if (__builtin_expect ((size_t) (len + 1) > buflen, 0)) { @@ -112,7 +286,8 @@ internal_nis_getgrent_r (struct group *grp, char *buffer, size_t buflen, buffer[len] = '\0'; while (isspace (*p)) ++p; - free (result); + if (!batch_read) + free (result); parse_res = _nss_files_parse_grent (p, grp, (void *) buffer, buflen, errnop); @@ -123,10 +298,15 @@ internal_nis_getgrent_r (struct group *grp, char *buffer, size_t buflen, return NSS_STATUS_TRYAGAIN; } - free (oldkey); - oldkey = outkey; - oldkeylen = keylen; - new_start = 0; + if (batch_read) + intern.offset += len + 1; + else + { + free (oldkey); + oldkey = outkey; + oldkeylen = keylen; + new_start = 0; + } } while (parse_res < 1); diff --git a/nis/nss_nis/nis-pwd.c b/nis/nss_nis/nis-pwd.c index 457574a..a996b04 100644 --- a/nis/nss_nis/nis-pwd.c +++ b/nis/nss_nis/nis-pwd.c @@ -17,20 +17,18 @@ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. */ -#include <nss.h> -/* The following is an ugly trick to avoid a prototype declaration for - _nss_nis_endpwent. */ -#define _nss_nis_endpwent _nss_nis_endpwent_XXX -#include <pwd.h> -#undef _nss_nis_endpwent +#include <assert.h> #include <ctype.h> #include <errno.h> +#include <nss.h> +#include <pwd.h> #include <string.h> #include <bits/libc-lock.h> #include <rpcsvc/yp.h> #include <rpcsvc/ypclnt.h> #include "nss-nis.h" +#include <libnsl.h> /* Get the declaration of the parser function. */ #define ENTNAME pwent @@ -45,11 +43,84 @@ static bool_t new_start = 1; static char *oldkey; static int oldkeylen; -enum nss_status -_nss_nis_setpwent (int stayopen) +struct response_t { - __libc_lock_lock (lock); + struct response_t *next; + size_t size; + char mem[0]; +}; + +typedef struct intern_t +{ + struct response_t *start; + struct response_t *next; + size_t offset; +} intern_t; + +static intern_t intern; + + +static int +saveit (int instatus, char *inkey, int inkeylen, char *inval, + int invallen, char *indata) +{ + if (instatus != YP_TRUE) + return 1; + + if (inkey && inkeylen > 0 && inval && invallen > 0) + { + struct response_t *bucket = intern.next; + + if (__builtin_expect (bucket == NULL, 0)) + { +#define MINSIZE 4096 - 4 * sizeof (void *) + const size_t minsize = MAX (MINSIZE, 2 * (invallen + 1)); + bucket = malloc (sizeof (struct response_t) + minsize); + if (bucket == NULL) + /* We have no error code for out of memory. */ + return 1; + + bucket->next = NULL; + bucket->size = minsize; + intern.start = intern.next = bucket; + intern.offset = 0; + } + else if (__builtin_expect (invallen + 1 > bucket->size - intern.offset, + 0)) + { + /* We need a new (larger) buffer. */ + const size_t newsize = 2 * MAX (bucket->size, invallen + 1); + struct response_t *newp = malloc (sizeof (struct response_t) + + newsize); + if (newp == NULL) + /* We have no error code for out of memory. */ + return 1; + + /* Mark the old bucket as full. */ + bucket->size = intern.offset; + + newp->next = NULL; + newp->size = newsize; + bucket = intern.next = bucket->next = newp; + intern.offset = 0; + } + + char *p = mempcpy (&bucket->mem[intern.offset], inval, invallen); + if (__builtin_expect (p[-1] != '\0', 0)) + { + *p = '\0'; + ++invallen; + } + intern.offset += invallen; + } + return 0; +} + + +static void +internal_nis_endpwent (void) +{ new_start = 1; if (oldkey != NULL) { @@ -58,21 +129,86 @@ _nss_nis_setpwent (int stayopen) oldkeylen = 0; } + struct response_t *curr = intern.next; + + while (curr != NULL) + { + struct response_t *last = curr; + curr = curr->next; + free (last); + } + + intern.next = intern.start = NULL; +} + + +enum nss_status +_nss_nis_endpwent (void) +{ + __libc_lock_lock (lock); + + internal_nis_endpwent (); + __libc_lock_unlock (lock); return NSS_STATUS_SUCCESS; } -/* Make _nss_nis_endpwent an alias of _nss_nis_setpwent. We do this - even though the prototypes don't match. The argument of setpwent - is not used so this makes no difference. */ -strong_alias (_nss_nis_setpwent, _nss_nis_endpwent) + + +enum nss_status +internal_nis_setpwent (void) +{ + /* We have to read all the data now. */ + char *domain; + if (__builtin_expect (yp_get_default_domain (&domain), 0)) + return NSS_STATUS_UNAVAIL; + + struct ypall_callback ypcb; + + ypcb.foreach = saveit; + ypcb.data = NULL; + enum nss_status status = yperr2nss (yp_all (domain, "passwd.byname", &ypcb)); + + + /* Mark the last buffer as full. */ + if (intern.next != NULL) + intern.next->size = intern.offset; + + intern.next = intern.start; + intern.offset = 0; + + return status; +} + + +enum nss_status +_nss_nis_setpwent (int stayopen) +{ + enum nss_status result = NSS_STATUS_SUCCESS; + + __libc_lock_lock (lock); + + internal_nis_endpwent (); + + if (_nsl_default_nss () & NSS_FLAG_SETENT_BATCH_READ) + result = internal_nis_setpwent (); + + __libc_lock_unlock (lock); + + return result; +} + static enum nss_status internal_nis_getpwent_r (struct passwd *pwd, char *buffer, size_t buflen, int *errnop) { - char *domain; - if (__builtin_expect (yp_get_default_domain (&domain), 0)) + /* If we read the entire database at setpwent time we just iterate + over the data we have in memory. */ + bool batch_read = intern.start != NULL; + + char *domain = NULL; + if (!batch_read && __builtin_expect (yp_get_default_domain (&domain), 0)) return NSS_STATUS_UNAVAIL; /* Get the next entry until we found a correct one. */ @@ -83,23 +219,62 @@ internal_nis_getpwent_r (struct passwd *pwd, char *buffer, size_t buflen, char *outkey; int len; int keylen; - int yperr; - if (new_start) - yperr = yp_first (domain, "passwd.byname", &outkey, &keylen, &result, - &len); + if (batch_read) + { + struct response_t *bucket; + + handle_batch_read: + bucket = intern.next; + + if (__builtin_expect (intern.offset >= bucket->size, 0)) + { + if (bucket->next == NULL) + return NSS_STATUS_NOTFOUND; + + /* We look at all the content in the current bucket. Go on + to the next. */ + bucket = intern.next = bucket->next; + intern.offset = 0; + } + + for (result = &bucket->mem[intern.offset]; isspace (*result); + ++result) + ++intern.offset; + + len = strlen (result); + } else - yperr = yp_next (domain, "passwd.byname", oldkey, oldkeylen, &outkey, - &keylen, &result, &len); + { + int yperr; - if (__builtin_expect (yperr != YPERR_SUCCESS, 0)) - { - enum nss_status retval = yperr2nss (yperr); + if (new_start) + { + /* Maybe we should read the database in one piece. */ + if ((_nsl_default_nss () & NSS_FLAG_SETENT_BATCH_READ) + && internal_nis_setpwent () == NSS_STATUS_SUCCESS + && intern.start != NULL) + { + batch_read = true; + goto handle_batch_read; + } + + yperr = yp_first (domain, "passwd.byname", &outkey, &keylen, + &result, &len); + } + else + yperr = yp_next (domain, "passwd.byname", oldkey, oldkeylen, + &outkey, &keylen, &result, &len); + + if (__builtin_expect (yperr != YPERR_SUCCESS, 0)) + { + enum nss_status retval = yperr2nss (yperr); - if (retval == NSS_STATUS_TRYAGAIN) - *errnop = errno; - return retval; - } + if (retval == NSS_STATUS_TRYAGAIN) + *errnop = errno; + return retval; + } + } /* Check for adjunct style secret passwords. They can be recognized by a password starting with "##". */ @@ -140,10 +315,10 @@ internal_nis_getpwent_r (struct passwd *pwd, char *buffer, size_t buflen, return NSS_STATUS_TRYAGAIN; } - __mempcpy (__mempcpy (__mempcpy (__mempcpy (buffer, result, namelen), - ":", 1), - encrypted, endp - encrypted), - p, restlen + 1); + mempcpy (mempcpy (mempcpy (mempcpy (buffer, result, namelen), + ":", 1), + encrypted, endp - encrypted), + p, restlen + 1); p = buffer; free (result2); @@ -158,13 +333,14 @@ internal_nis_getpwent_r (struct passwd *pwd, char *buffer, size_t buflen, return NSS_STATUS_TRYAGAIN; } - p = strncpy (buffer, result, len); - buffer[len] = '\0'; + p = buffer; + *((char *) mempcpy (buffer, result, len)) = '\0'; } while (isspace (*p)) ++p; - free (result); + if (!batch_read) + free (result); parse_res = _nss_files_parse_pwent (p, pwd, (void *) buffer, buflen, errnop); @@ -175,10 +351,15 @@ internal_nis_getpwent_r (struct passwd *pwd, char *buffer, size_t buflen, return NSS_STATUS_TRYAGAIN; } - free (oldkey); - oldkey = outkey; - oldkeylen = keylen; - new_start = 0; + if (batch_read) + intern.offset += len + 1; + else + { + free (oldkey); + oldkey = outkey; + oldkeylen = keylen; + new_start = 0; + } } while (parse_res < 1); diff --git a/nis/nss_nis/nis-service.c b/nis/nss_nis/nis-service.c index f5d886f..f705ff7 100644 --- a/nis/nss_nis/nis-service.c +++ b/nis/nss_nis/nis-service.c @@ -110,9 +110,13 @@ saveit (int instatus, char *inkey, int inkeylen, char *inval, intern.offset = 0; } - *((char *) mempcpy (&bucket->mem[intern.offset], inval, invallen)) - = '\0'; - intern.offset += invallen + 1; + char *p = mempcpy (&bucket->mem[intern.offset], inval, invallen); + if (__builtin_expect (p[-1] != '\0', 0)) + { + *p = '\0'; + ++invallen; + } + intern.offset += invallen; } return 0; @@ -177,7 +181,7 @@ dosearch (int instatus, char *inkey, int inkeylen, char *inval, return 0; } -static enum nss_status +static void internal_nis_endservent (void) { struct response_t *curr = intern.next; @@ -190,22 +194,18 @@ internal_nis_endservent (void) } intern.next = intern.start = NULL; - - return NSS_STATUS_SUCCESS; } enum nss_status _nss_nis_endservent (void) { - enum nss_status status; - __libc_lock_lock (lock); - status = internal_nis_endservent (); + internal_nis_endservent (); __libc_lock_unlock (lock); - return status; + return NSS_STATUS_SUCCESS; } static enum nss_status @@ -218,16 +218,18 @@ internal_nis_setservent (void) if (yp_get_default_domain (&domainname)) return NSS_STATUS_UNAVAIL; - (void) internal_nis_endservent (); + internal_nis_endservent (); ypcb.foreach = saveit; ypcb.data = NULL; status = yperr2nss (yp_all (domainname, "services.byname", &ypcb)); /* Mark the last buffer as full. */ - intern.next->size = intern.offset; + if (intern.next != NULL) + intern.next->size = intern.offset; intern.next = intern.start; + intern.offset = 0; return status; } @@ -262,7 +264,7 @@ internal_nis_getservent_r (struct servent *serv, char *buffer, { struct response_t *bucket = intern.next; - if (intern.offset >= bucket->size) + if (__builtin_expect (intern.offset >= bucket->size, 0)) { if (bucket->next == NULL) return NSS_STATUS_NOTFOUND; |