diff options
Diffstat (limited to 'nis')
-rw-r--r-- | nis/Makefile | 51 | ||||
-rw-r--r-- | nis/TODO | 10 | ||||
-rw-r--r-- | nis/nis_call.c | 86 | ||||
-rw-r--r-- | nis/nis_intern.h | 5 | ||||
-rw-r--r-- | nis/nis_names.c | 2 | ||||
-rw-r--r-- | nis/nis_server.c | 16 | ||||
-rw-r--r-- | nis/nss_compat/compat-grp.c | 255 | ||||
-rw-r--r-- | nis/nss_compat/compat-pwd.c | 406 | ||||
-rw-r--r-- | nis/nss_compat/compat-spwd.c | 408 | ||||
-rw-r--r-- | nis/nss_nis/nis-grp.c | 8 | ||||
-rw-r--r-- | nis/nss_nis/nis-publickey.c | 16 | ||||
-rw-r--r-- | nis/nss_nisplus/nisplus-alias.c | 6 | ||||
-rw-r--r-- | nis/nss_nisplus/nisplus-ethers.c | 8 | ||||
-rw-r--r-- | nis/nss_nisplus/nisplus-grp.c | 107 | ||||
-rw-r--r-- | nis/nss_nisplus/nisplus-hosts.c | 10 | ||||
-rw-r--r-- | nis/nss_nisplus/nisplus-netgrp.c | 151 | ||||
-rw-r--r-- | nis/nss_nisplus/nisplus-network.c | 11 | ||||
-rw-r--r-- | nis/nss_nisplus/nisplus-proto.c | 10 | ||||
-rw-r--r-- | nis/nss_nisplus/nisplus-publickey.c | 16 | ||||
-rw-r--r-- | nis/nss_nisplus/nisplus-pwd.c | 8 | ||||
-rw-r--r-- | nis/nss_nisplus/nisplus-rpc.c | 10 | ||||
-rw-r--r-- | nis/nss_nisplus/nisplus-service.c | 12 | ||||
-rw-r--r-- | nis/nss_nisplus/nisplus-spwd.c | 8 | ||||
-rw-r--r-- | nis/ypclnt.c | 7 |
24 files changed, 1166 insertions, 461 deletions
diff --git a/nis/Makefile b/nis/Makefile index 31fda25..fe4dd94 100644 --- a/nis/Makefile +++ b/nis/Makefile @@ -27,7 +27,7 @@ distribute := nss-nis.h nss-nisplus.h # These are the databases available for the nis (and perhaps later nisplus) # service. This must be a superset of the services in nss. databases = proto service hosts network grp pwd rpc ethers \ - spwd netgrp alias + spwd netgrp alias publickey # Specify rules for the nss_* modules. services := nis compat nisplus @@ -55,57 +55,12 @@ libnss_nis-inhibit-o = $(filter-out .so,$(object-suffixes)) libnss_nisplus-routines := $(addprefix nisplus-,$(databases)) libnss_nisplus-inhibit-o = $(filter-out .so,$(object-suffixes)) -# Sun's header files are not too clean. -CFLAGS-compat-pwd.c = -Wno-strict-prototypes -CFLAGS-compat-spwd.c = -Wno-strict-prototypes -CFLAGS-compat-grp.c = -Wno-strict-prototypes -CFLAGS-nis-alias.c = -Wno-strict-prototypes -CFLAGS-nis-ethers.c = -Wno-strict-prototypes -CFLAGS-nis-grp.c = -Wno-strict-prototypes -CFLAGS-nis-hosts.c = -Wno-strict-prototypes -CFLAGS-nis-netgrp.c = -Wno-strict-prototypes -CFLAGS-nis-network.c = -Wno-strict-prototypes -CFLAGS-nis-proto.c = -Wno-strict-prototypes -CFLAGS-nis-publickey.c = -Wno-strict-prototypes -CFLAGS-nis-pwd.c = -Wno-strict-prototypes -CFLAGS-nis-rpc.c = -Wno-strict-prototypes -CFLAGS-nis-service.c = -Wno-strict-prototypes -CFLAGS-nis-spwd.c = -Wno-strict-prototypes -CFLAGS-ypclnt.c = -Wno-strict-prototypes -Wno-write-strings -Irpcsvc -CFLAGS-yp_xdr.c = -Wno-strict-prototypes -Irpcsvc -CFLAGS-ypupdate_xdr.c = -Wno-strict-prototypes -Irpcsvc -# For the NIS+ Code -CFLAGS-nis_call.c = -DNO_DES_RPC -Wno-strict-prototypes -CFLAGS-nis_subr.c = -Wno-strict-prototypes -CFLAGS-nis_local_names.c = -Wno-strict-prototypes -CFLAGS-nis_free.c = -Wno-strict-prototypes -CFLAGS-nis_file.c = -Wno-strict-prototypes -CFLAGS-nis_print.c = -Wno-strict-prototypes -CFLAGS-nis_error.c = -Wno-strict-prototypes -CFLAGS-nis_names.c = -Wno-strict-prototypes -CFLAGS-nis_clone.c = -Wno-strict-prototypes -CFLAGS-nis_table.c = -Wno-strict-prototypes -CFLAGS-nis_server.c = -Wno-strict-prototypes -CFLAGS-nis_xdr.c = -Wno-strict-prototypes -CFLAGS-nis_intern.c = -Wno-strict-prototypes -CFLAGS-nisplus-alias.c = -Wno-strict-prototypes -CFLAGS-nisplus-ethers.c = -Wno-strict-prototypes -CFLAGS-nisplus-grp.c = -Wno-strict-prototypes -CFLAGS-nisplus-hosts.c = -Wno-strict-prototypes -CFLAGS-nisplus-netgrp.c = -Wno-strict-prototypes -CFLAGS-nisplus-network.c = -Wno-strict-prototypes -CFLAGS-nisplus-proto.c = -Wno-strict-prototypes -CFLAGS-nisplus-publickey.c = -Wno-strict-prototypes -CFLAGS-nisplus-pwd.c = -Wno-strict-prototypes -CFLAGS-nisplus-rpc.c = -Wno-strict-prototypes -CFLAGS-nisplus-service.c = -Wno-strict-prototypes -CFLAGS-nisplus-spwd.c = -Wno-strict-prototypes - include ../Rules $(objpfx)libnss_compat.so: $(objpfx)libnsl.so$(libnsl.so-version) \ - $(common-objpfx)nss/libnss_files.so + $(common-objpfx)nss/libnss_files.so \ + $(common-objpfx)nis/libnss_nisplus.so $(objpfx)libnss_nis.so: $(objpfx)libnsl.so$(libnsl.so-version) \ $(common-objpfx)nss/libnss_files.so $(objpfx)libnss_nisplus.so: $(objpfx)libnsl.so$(libnsl.so-version) @@ -1,8 +1,9 @@ * nss_nisplus: When using parser form nss_files, rewrite parser - - * compat could use data from nisplus, too. Implement this + * nss_nisplus: Search the data in the complete NIS+ namespace + specified by NIS_PATH + * nis_server: implement nis_getservlist, nis_stats, nis_servstate * nis_groups: implement it @@ -22,10 +23,10 @@ * Possible flags: - FOLLOW_LINKS (nis_list, nis_lookup) - FOLLOW_PATH (nis_list, not supported) - - HARD_LOOKUP (__do_niscall, not supported) + - HARD_LOOKUP (__do_niscall) - ALL_RESULTS (nis_list, not supported, needs server callback) - NO_CACHE (__do_niscall, cache not supported yet) - - MASTER_ONLY (__do_niscall, not supported) + - MASTER_ONLY (__do_niscall) - EXPAND_NAME (nis_lookup, nis_list) - RETURN_RESULT (nis_table.c) - ADD_OVERWRITE (nis_table.c) @@ -37,4 +38,3 @@ - USE_DGRAM (__do_niscall) - NO_AUTHINFO (__do_niscall) - diff --git a/nis/nis_call.c b/nis/nis_call.c index bf64558..78e8767 100644 --- a/nis/nis_call.c +++ b/nis/nis_call.c @@ -60,13 +60,11 @@ __nis_dobind (const nis_server *server, u_long flags) int clnt_sock; size_t i; CLIENT *client = NULL; - /* XXX What is this variable for? */ - void *out = NULL; + memset (&clnt_saddr, '\0', sizeof clnt_saddr); + clnt_saddr.sin_family = AF_INET; for (i = 0; i < server->ep.ep_len; i++) { - memset (&clnt_saddr, '\0', sizeof clnt_saddr); - clnt_saddr.sin_family = AF_INET; if (strcmp (server->ep.ep_val[i].family,"loopback") == 0) { if (server->ep.ep_val[i].uaddr[i] == '-') @@ -79,14 +77,14 @@ __nis_dobind (const nis_server *server, u_long flags) else continue; } - else - if (strcmp (server->ep.ep_val[i].proto,"tcp") == 0) - { - if ((flags & USE_DGRAM) == USE_DGRAM) - continue; - else - clnt_saddr.sin_addr.s_addr = htonl (INADDR_LOOPBACK); - } + else + if (strcmp (server->ep.ep_val[i].proto,"tcp") == 0) + { + if ((flags & USE_DGRAM) == USE_DGRAM) + continue; + else + clnt_saddr.sin_addr.s_addr = htonl (INADDR_LOOPBACK); + } } else if (strcmp (server->ep.ep_val[i].family,"inet") == 0) @@ -115,7 +113,7 @@ __nis_dobind (const nis_server *server, u_long flags) } else continue; - + clnt_sock = RPC_ANYSOCK; if ((flags & USE_DGRAM) == USE_DGRAM) client = clntudp_create (&clnt_saddr, NIS_PROG, NIS_VERSION, @@ -123,42 +121,41 @@ __nis_dobind (const nis_server *server, u_long flags) else client = clnttcp_create (&clnt_saddr, NIS_PROG, NIS_VERSION, &clnt_sock, 0, 0); - + if (client == NULL) continue; -#if 1 if (clnt_call (client, 0, (xdrproc_t) xdr_void, NULL, - (xdrproc_t) xdr_void, out, TIMEOUT) != RPC_SUCCESS) + (xdrproc_t) xdr_void, NULL, TIMEOUT) != RPC_SUCCESS) { clnt_destroy (client); continue; } -#endif + if ((flags & NO_AUTHINFO) != NO_AUTHINFO) - { -#if !defined(NO_DES_RPC) - if (server->key_type == NIS_PK_DH) - { - char netname[MAXNETNAMELEN+1]; - char *p; - - strcpy (netname, "unix."); - strncat (netname, server->name,MAXNETNAMELEN-5); - netname[MAXNETNAMELEN-5] = '\0'; - p = strchr (netname, '.'); - *p = '@'; - client->cl_auth = - authdes_pk_create (netname, &server->pkey, 300, NULL, NULL); - if (!client->cl_auth) - client->cl_auth = authunix_create_default (); - } - else + { +#if defined(HAVE_SECURE_RPC) + if (server->key_type == NIS_PK_DH) + { + char netname[MAXNETNAMELEN+1]; + char *p; + + p = stpcpy (netname, "unix."); + strncpy (p, server->name,MAXNETNAMELEN-5); + netname[MAXNETNAMELEN] = '\0'; + p = strchr (netname, '.'); + *p = '@'; + client->cl_auth = + authdes_pk_create (netname, &server->pkey, 300, NULL, NULL); + if (!client->cl_auth) + client->cl_auth = authunix_create_default (); + } + else #endif - client->cl_auth = authunix_create_default (); - } + client->cl_auth = authunix_create_default (); + } return client; } - + return NULL; } @@ -189,14 +186,19 @@ __do_niscall (const nis_server *serv, int serv_len, u_long prog, server_len = serv_len; } + if (((flags & MASTER_ONLY) == MASTER_ONLY) && server_len > 1) + server_len = 1; /* The first entry is the master */ + try = 0; result = NIS_NAMEUNREACHABLE; while (try < MAXTRIES && result != RPC_SUCCESS) { unsigned int i; - - ++try; + + if ((flags & HARD_LOOKUP) == 0) + ++try; + for (i = 0; i < server_len; i++) { if ((clnt = __nis_dobind (&server[i], flags)) == NULL) @@ -206,9 +208,7 @@ __do_niscall (const nis_server *serv, int serv_len, u_long prog, if (result != RPC_SUCCESS) { - /* XXX Grrr. The cast is needed for now since Sun code does - note know about `const'. */ - clnt_perror (clnt, (char *) "do_niscall: clnt_call"); + clnt_perror (clnt, "do_niscall: clnt_call"); clnt_destroy (clnt); result = NIS_RPCERROR; } diff --git a/nis/nis_intern.h b/nis/nis_intern.h index b5fb605..8201ccd 100644 --- a/nis/nis_intern.h +++ b/nis/nis_intern.h @@ -27,11 +27,10 @@ __BEGIN_DECLS extern nis_error __do_niscall (__const nis_server *server, int server_len, u_long prog, xdrproc_t xargs, caddr_t req, xdrproc_t xres, caddr_t resp, u_long flags); -#if !defined(NO_DES_RPC) -extern AUTH *authdes_pk_create (char *, netobj *, u_int, +#if defined (HAVE_SECURE_RPC) +extern AUTH *authdes_pk_create (const char *, const netobj *, u_int, struct sockaddr *, des_block *); #endif - extern nis_name *__nis_expandname (__const nis_name); __END_DECLS diff --git a/nis/nis_names.c b/nis/nis_names.c index 92f8040..aa8c880 100644 --- a/nis/nis_names.c +++ b/nis/nis_names.c @@ -227,7 +227,7 @@ nis_modify (const nis_name name, const nis_object *obj) req.ns_object.ns_object_len = 1; req.ns_object.ns_object_val = nis_clone_object (obj, NULL); - if ((status = __do_niscall (NULL, 0, NIS_REMOVE, (xdrproc_t) xdr_ns_request, + if ((status = __do_niscall (NULL, 0, NIS_MODIFY, (xdrproc_t) xdr_ns_request, (caddr_t) & req, (xdrproc_t) xdr_nis_result, (caddr_t) res, 0)) != RPC_SUCCESS) res->status = status; diff --git a/nis/nis_server.c b/nis/nis_server.c index 48d2144..0ed3c81 100644 --- a/nis/nis_server.c +++ b/nis/nis_server.c @@ -30,8 +30,8 @@ nis_mkdir (const nis_name dir, const nis_server *server) { int result; if ((result = __do_niscall (NULL, 0, NIS_MKDIR, (xdrproc_t) xdr_nis_name, - (caddr_t) dir, (xdrproc_t) xdr_nis_error, - (caddr_t) & res, 0)) != RPC_SUCCESS) + (caddr_t) &dir, (xdrproc_t) xdr_nis_error, + (caddr_t) &res, 0)) != RPC_SUCCESS) { fprintf (stderr, _("__do_niscall: Error #%d\n"), result); return NIS_RPCERROR; @@ -42,8 +42,8 @@ nis_mkdir (const nis_name dir, const nis_server *server) int result; if ((result = __do_niscall (server, 1, NIS_MKDIR, (xdrproc_t) xdr_nis_name, - (caddr_t) dir, (xdrproc_t) xdr_nis_error, - (caddr_t) & res, 0)) != RPC_SUCCESS) + (caddr_t) &dir, (xdrproc_t) xdr_nis_error, + (caddr_t) &res, 0)) != RPC_SUCCESS) { fprintf (stderr, _("__do_niscall: Error #%d\n"), result); return NIS_RPCERROR; @@ -62,8 +62,8 @@ nis_rmdir (const nis_name dir, const nis_server *server) { int result; if ((result = __do_niscall (NULL, 0, NIS_RMDIR, (xdrproc_t) xdr_nis_name, - (caddr_t) dir, (xdrproc_t) xdr_nis_error, - (caddr_t) & res, 0)) != RPC_SUCCESS) + (caddr_t) &dir, (xdrproc_t) xdr_nis_error, + (caddr_t) &res, 0)) != RPC_SUCCESS) { fprintf (stderr, _("__do_niscall: Error #%d\n"), result); return NIS_RPCERROR; @@ -74,8 +74,8 @@ nis_rmdir (const nis_name dir, const nis_server *server) int result; if ((result = __do_niscall (server, 1, NIS_RMDIR, (xdrproc_t) xdr_nis_name, - (caddr_t) dir, (xdrproc_t) xdr_nis_error, - (caddr_t) & res, 0)) != RPC_SUCCESS) + (caddr_t) &dir, (xdrproc_t) xdr_nis_error, + (caddr_t) &res, 0)) != RPC_SUCCESS) { fprintf (stderr, _("__do_niscall: Error #%d\n"), result); return NIS_RPCERROR; diff --git a/nis/nss_compat/compat-grp.c b/nis/nss_compat/compat-grp.c index de96dbb..6231a1e 100644 --- a/nis/nss_compat/compat-grp.c +++ b/nis/nss_compat/compat-grp.c @@ -25,6 +25,14 @@ #include <string.h> #include <rpcsvc/yp.h> #include <rpcsvc/ypclnt.h> +#include <rpcsvc/nis.h> +#include <rpcsvc/nislib.h> +#include <nsswitch.h> + +#include "nss-nisplus.h" + +static service_user *ni = NULL; +static bool_t use_nisplus = FALSE; /* default: group_compat: nis */ /* Get the declaration of the parser function. */ #define ENTNAME grent @@ -32,7 +40,7 @@ #define EXTERN_PARSER #include "../../nss/nss_files/files-parse.c" -/* Structure for remembering -@netgroup and -user members ... */ +/* Structure for remembering -group members ... */ #define BLACKLIST_INITIAL_SIZE 512 #define BLACKLIST_INCREMENT 256 struct blacklist_t @@ -48,12 +56,15 @@ struct ent_t bool_t nis_first; char *oldkey; int oldkeylen; + nis_result *result; + nis_name *names; + u_long names_nr; FILE *stream; struct blacklist_t blacklist; - }; +}; typedef struct ent_t ent_t; -static ent_t ext_ent = {0, 0, NULL, 0, NULL, {NULL, 0, 0}}; +static ent_t ext_ent = {0, 0, NULL, 0, NULL, NULL, 0, NULL, {NULL, 0, 0}}; /* Protect global state against multiple changers. */ __libc_lock_define_initialized (static, lock) @@ -61,6 +72,8 @@ __libc_lock_define_initialized (static, lock) /* Prototypes for local functions. */ static void blacklist_store_name (const char *, ent_t *); static int in_blacklist (const char *, int, ent_t *); +extern int _nss_nisplus_parse_grent (nis_result *, struct group *, + char *, size_t); static enum nss_status internal_setgrent (ent_t *ent) @@ -75,15 +88,27 @@ internal_setgrent (ent_t *ent) ent->oldkey = NULL; ent->oldkeylen = 0; } - + + if (ent->result != NULL) + { + nis_freeresult (ent->result); + ent->result = NULL; + } + + if (ent->names != NULL) + { + nis_freenames (ent->names); + ent->names = NULL; + } + ent->names_nr = 0; ent->blacklist.current = 0; if (ent->blacklist.data != NULL) ent->blacklist.data[0] = '\0'; - + if (ent->stream == NULL) { ent->stream = fopen ("/etc/group", "r"); - + if (ent->stream == NULL) status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL; } @@ -101,6 +126,12 @@ _nss_compat_setgrent (void) __libc_lock_lock (lock); + if (ni == NULL) + { + __nss_database_lookup ("group_compat", NULL, "nis", &ni); + use_nisplus = (strcmp (ni->name, "nisplus") == 0); + } + result = internal_setgrent (&ext_ent); __libc_lock_unlock (lock); @@ -127,6 +158,18 @@ internal_endgrent (ent_t *ent) ent->oldkeylen = 0; } + if (ent->result != NULL) + { + nis_freeresult (ent->result); + ent->result = NULL; + } + + if (ent->names != NULL) + { + nis_freenames (ent->names); + ent->names = NULL; + } + ent->names_nr = 0; ent->blacklist.current = 0; if (ent->blacklist.data != NULL) ent->blacklist.data[0] = '\0'; @@ -155,7 +198,7 @@ getgrent_next_nis (struct group *result, ent_t *ent, char *buffer, struct parser_data *data = (void *) buffer; char *domain; char *outkey, *outval; - int outkeylen, outvallen; + int outkeylen, outvallen, parse_res; char *p; if (yp_get_default_domain (&domain) != YPERR_SUCCESS) @@ -202,13 +245,133 @@ getgrent_next_nis (struct group *result, ent_t *ent, char *buffer, while (isspace (*p)) ++p; + + parse_res = _nss_files_parse_grent (p, result, data, buflen); + + if (parse_res && + in_blacklist (result->gr_name, strlen (result->gr_name), ent)) + parse_res = 0; /* if result->gr_name in blacklist,search next entry */ + } + while (!parse_res); + + return NSS_STATUS_SUCCESS; +} + +static enum nss_status +getgrent_next_nisplus (struct group *result, ent_t *ent, char *buffer, + size_t buflen) +{ + int parse_res; + + if (ent->names == NULL) + { + ent->names = nis_getnames ("group.org_dir"); + if (ent->names == NULL || ent->names[0] == NULL) + { + ent->nis = 0; + return NSS_STATUS_UNAVAIL; + } } - while (!_nss_files_parse_grent (p, result, data, buflen)); + + do + { + if (ent->nis_first) + { + next_name: + ent->result = nis_first_entry(ent->names[ent->names_nr]); + if (niserr2nss (ent->result->status) != NSS_STATUS_SUCCESS) + { + ent->nis = 0; + return niserr2nss (ent->result->status); + } + ent->nis_first = FALSE; + } + else + { + nis_result *res; + + res = nis_next_entry(ent->names[ent->names_nr], + &ent->result->cookie); + nis_freeresult (ent->result); + ent->result = res; + if (niserr2nss (ent->result->status) != NSS_STATUS_SUCCESS) + { + if ((ent->result->status == NIS_NOTFOUND) && + ent->names[ent->names_nr + 1] != NULL) + { + nis_freeresult (ent->result); + ent->names_nr += 1; + goto next_name; + } + else + { + ent->nis = 0; + return niserr2nss (ent->result->status); + } + } + } + parse_res = _nss_nisplus_parse_grent (ent->result, result, buffer, + buflen); + if (parse_res && + in_blacklist (result->gr_name, strlen (result->gr_name), ent)) + parse_res = 0; /* if result->gr_name in blacklist,search next entry */ + } + while (!parse_res); + + return NSS_STATUS_SUCCESS; +} - if (!in_blacklist (result->gr_name, strlen (result->gr_name), ent)) +/* This function handle the +group entrys in /etc/group */ +static enum nss_status +getgrent_next_file_plusgroup (struct group *result, char *buffer, + size_t buflen) +{ + struct parser_data *data = (void *) buffer; + int parse_res; + + if (use_nisplus) /* Do the NIS+ query here */ + { + nis_result *res; + char buf[strlen (result->gr_name) + 24]; + + sprintf(buf, "[name=%s],group.org_dir", + &result->gr_name[1]); + res = nis_list(buf, EXPAND_NAME, NULL, NULL); + if (niserr2nss (res->status) != NSS_STATUS_SUCCESS) + { + enum nss_status status = niserr2nss (res->status); + + nis_freeresult (res); + return status; + } + parse_res = _nss_nisplus_parse_grent (res, result, buffer, buflen); + nis_freeresult (res); + } + else /* Use NIS */ + { + char *domain, *outval, *p; + int outvallen; + + if (yp_get_default_domain (&domain) != YPERR_SUCCESS) + return NSS_STATUS_TRYAGAIN; + + if (yp_match (domain, "group.byname", &result->gr_name[1], + strlen (result->gr_name) - 1, &outval, &outvallen) + != YPERR_SUCCESS) + return NSS_STATUS_TRYAGAIN; + p = strncpy (buffer, outval, + buflen < outvallen ? buflen : outvallen); + free (outval); + while (isspace (*p)) + p++; + parse_res = _nss_files_parse_grent (p, result, data, buflen); + } + + if (parse_res) + /* We found the entry. */ return NSS_STATUS_SUCCESS; else - return NSS_STATUS_NOTFOUND; + return NSS_STATUS_RETURN; } @@ -256,27 +419,16 @@ getgrent_next_file (struct group *result, ent_t *ent, if (result->gr_name[0] == '+' && result->gr_name[1] != '\0' && result->gr_name[1] != '@') { - char *domain; - char *outval; - int outvallen; - - if (yp_get_default_domain (&domain) != YPERR_SUCCESS) - /* XXX Should we regard this as an fatal error? I don't - think so. Just continue working. --drepper@gnu */ - continue; - - if (yp_match (domain, "group.byname", &result->gr_name[1], - strlen (result->gr_name) - 1, &outval, &outvallen) - != YPERR_SUCCESS) - continue; - - p = strncpy (buffer, outval, buflen); - while (isspace (*p)) - p++; - free (outval); - if (_nss_files_parse_grent (p, result, data, buflen)) - /* We found the entry. */ - break; + enum nss_status status; + + status = getgrent_next_file_plusgroup (result, buffer, buflen); + if (status == NSS_STATUS_SUCCESS) /* We found the entry. */ + break; + else + if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */ + continue; + else + return status; } /* +:... */ @@ -285,7 +437,10 @@ getgrent_next_file (struct group *result, ent_t *ent, ent->nis = TRUE; ent->nis_first = TRUE; - return getgrent_next_nis (result, ent, buffer, buflen); + if (use_nisplus) + return getgrent_next_nisplus (result, ent, buffer, buflen); + else + return getgrent_next_nis (result, ent, buffer, buflen); } } @@ -298,7 +453,12 @@ internal_getgrent_r (struct group *gr, ent_t *ent, char *buffer, size_t buflen) { if (ent->nis) - return getgrent_next_nis (gr, ent, buffer, buflen); + { + if (use_nisplus) + return getgrent_next_nisplus (gr, ent, buffer, buflen); + else + return getgrent_next_nis (gr, ent, buffer, buflen); + } else return getgrent_next_file (gr, ent, buffer, buflen); } @@ -310,6 +470,12 @@ _nss_compat_getgrent_r (struct group *grp, char *buffer, size_t buflen) __libc_lock_lock (lock); + if (ni == NULL) + { + __nss_database_lookup ("group_compat", NULL, "nis", &ni); + use_nisplus = (strcmp (ni->name, "nisplus") == 0); + } + /* Be prepared that the setgrent function was not called before. */ if (ext_ent.stream == NULL) status = internal_setgrent (&ext_ent); @@ -327,12 +493,21 @@ enum nss_status _nss_compat_getgrnam_r (const char *name, struct group *grp, char *buffer, size_t buflen) { - ent_t ent = {0, 0, NULL, 0, NULL, {NULL, 0, 0}}; + ent_t ent = {0, 0, NULL, 0, NULL, NULL, 0, NULL, {NULL, 0, 0}}; enum nss_status status; if (name[0] == '-' || name[0] == '+') return NSS_STATUS_NOTFOUND; + __libc_lock_lock (lock); + + if (ni == NULL) + { + __nss_database_lookup ("group_compat", NULL, "nis", &ni); + use_nisplus = (strcmp (ni->name, "nisplus") == 0); + } + + __libc_lock_unlock (lock); status = internal_setgrent (&ent); if (status != NSS_STATUS_SUCCESS) @@ -352,9 +527,19 @@ enum nss_status _nss_compat_getgrgid_r (gid_t gid, struct group *grp, char *buffer, size_t buflen) { - ent_t ent = {0, 0, NULL, 0, NULL, {NULL, 0, 0}}; + ent_t ent = {0, 0, NULL, 0, NULL, NULL, 0, NULL, {NULL, 0, 0}}; enum nss_status status; + __libc_lock_lock (lock); + + if (ni == NULL) + { + __nss_database_lookup ("group_compat", NULL, "nis", &ni); + use_nisplus = (strcmp (ni->name, "nisplus") == 0); + } + + __libc_lock_unlock (lock); + status = internal_setgrent (&ent); if (status != NSS_STATUS_SUCCESS) return status; diff --git a/nis/nss_compat/compat-pwd.c b/nis/nss_compat/compat-pwd.c index 56659e9..317e2d1 100644 --- a/nis/nss_compat/compat-pwd.c +++ b/nis/nss_compat/compat-pwd.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1996 Free Software Foundation, Inc. +/* Copyright (C) 1996, 1997 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1996. @@ -26,8 +26,15 @@ #include <libc-lock.h> #include <rpcsvc/yp.h> #include <rpcsvc/ypclnt.h> +#include <rpcsvc/nis.h> +#include <rpcsvc/nislib.h> +#include <nsswitch.h> #include "netgroup.h" +#include "nss-nisplus.h" + +static service_user *ni = NULL; +static bool_t use_nisplus = FALSE; /* default: passwd_compat: nis */ /* Get the declaration of the parser function. */ #define ENTNAME pwent @@ -52,6 +59,9 @@ struct ent_t bool_t first; char *oldkey; int oldkeylen; + nis_result *result; + nis_name *names; + u_long names_nr; FILE *stream; struct blacklist_t blacklist; struct passwd pwd; @@ -59,7 +69,7 @@ struct ent_t }; typedef struct ent_t ent_t; -static ent_t ext_ent = {0, 0, 0, NULL, 0, NULL, {NULL, 0, 0}, +static ent_t ext_ent = {0, 0, 0, NULL, 0, NULL, NULL, 0, NULL, {NULL, 0, 0}, {NULL, NULL, 0, 0, NULL, NULL, NULL}}; /* Protect global state against multiple changers. */ @@ -68,7 +78,8 @@ __libc_lock_define_initialized (static, lock) /* Prototypes for local functions. */ static void blacklist_store_name (const char *, ent_t *); static int in_blacklist (const char *, int, ent_t *); - +extern int _nss_nisplus_parse_pwent (nis_result *, struct passwd *, + char *, size_t); static void give_pwd_free (struct passwd *pwd) { @@ -192,6 +203,18 @@ internal_setpwent (ent_t *ent) ent->oldkeylen = 0; } + if (ent->result != NULL) + { + nis_freeresult (ent->result); + ent->result = NULL; + } + + if (ent->names != NULL) + { + nis_freenames (ent->names); + ent->names = NULL; + } + ent->names_nr = 0; ent->blacklist.current = 0; if (ent->blacklist.data != NULL) ent->blacklist.data[0] = '\0'; @@ -219,6 +242,12 @@ _nss_compat_setpwent (void) __libc_lock_lock (lock); + if (ni == NULL) + { + __nss_database_lookup ("passwd_compat", NULL, "nis", &ni); + use_nisplus = (strcmp (ni->name, "nisplus") == 0); + } + result = internal_setpwent (&ext_ent); __libc_lock_unlock (lock); @@ -245,6 +274,19 @@ internal_endpwent (ent_t *ent) ent->oldkeylen = 0; } + if (ent->result != NULL) + { + nis_freeresult (ent->result); + ent->result = NULL; + } + + if (ent->names != NULL) + { + nis_freenames (ent->names); + ent->names = NULL; + } + ent->names_nr = 0; + ent->blacklist.current = 0; if (ent->blacklist.data != NULL) ent->blacklist.data[0] = '\0'; @@ -272,14 +314,14 @@ _nss_compat_endpwent (void) } static enum nss_status -getpwent_next_netgr (struct passwd *result, ent_t *ent, char *group, - char *buffer, size_t buflen) +getpwent_next_nis_netgr (struct passwd *result, ent_t *ent, char *group, + char *buffer, size_t buflen) { struct parser_data *data = (void *) buffer; char *ypdomain, *host, *user, *domain, *outval, *p, *p2; int status, outvallen; size_t p2len; - + if (yp_get_default_domain (&ypdomain) != YPERR_SUCCESS) { ent->netgroup = 0; @@ -341,12 +383,175 @@ getpwent_next_netgr (struct passwd *result, ent_t *ent, char *group, } static enum nss_status +getpwent_next_nisplus_netgr (struct passwd *result, ent_t *ent, char *group, + char *buffer, size_t buflen) +{ + char *ypdomain, *host, *user, *domain, *p2; + int status, parse_res; + size_t p2len; + nis_result *nisres; + + /* Maybe we should use domainname here ? We need the current + domainname for the domain field in netgroups */ + if (yp_get_default_domain (&ypdomain) != YPERR_SUCCESS) + { + ent->netgroup = 0; + ent->first = 0; + give_pwd_free (&ent->pwd); + return NSS_STATUS_UNAVAIL; + } + + if (ent->first == TRUE) + { + bzero (&ent->netgrdata, sizeof (struct __netgrent)); + __internal_setnetgrent (group, &ent->netgrdata); + ent->first = FALSE; + } + + while (1) + { + status = __internal_getnetgrent_r (&host, &user, &domain, + &ent->netgrdata, buffer, buflen); + if (status != 1) + { + __internal_endnetgrent (&ent->netgrdata); + ent->netgroup = 0; + give_pwd_free (&ent->pwd); + return NSS_STATUS_RETURN; + } + + if (user == NULL || user[0] == '-') + continue; + + if (domain != NULL && strcmp (ypdomain, domain) != 0) + continue; + + p2len = pwd_need_buflen (&ent->pwd); + if (p2len > buflen) + { + __set_errno (ERANGE); + return NSS_STATUS_TRYAGAIN; + } + p2 = buffer + (buflen - p2len); + buflen -= p2len; + { + char buf[strlen (user) + 30]; + sprintf(buf, "[name=%s],passwd.org_dir", user); + nisres = nis_list(buf, EXPAND_NAME, NULL, NULL); + } + if (niserr2nss (nisres->status) != NSS_STATUS_SUCCESS) + { + nis_freeresult (nisres); + continue; + } + parse_res = _nss_nisplus_parse_pwent (nisres, result, buffer, buflen); + nis_freeresult (nisres); + + if (parse_res) + { + copy_pwd_changes (result, &ent->pwd, p2, p2len); + break; + } + } + + return NSS_STATUS_SUCCESS; +} + +static enum nss_status +getpwent_next_netgr (struct passwd *result, ent_t *ent, char *group, + char *buffer, size_t buflen) +{ + if (use_nisplus) + return getpwent_next_nisplus_netgr (result, ent, group, buffer, buflen); + else + return getpwent_next_nis_netgr (result, ent, group, buffer, buflen); +} + +static enum nss_status +getpwent_next_nisplus (struct passwd *result, ent_t *ent, char *buffer, + size_t buflen) +{ + int parse_res; + size_t p2len; + char *p2; + + if (ent->names == NULL) + { + ent->names = nis_getnames ("passwd.org_dir"); + if (ent->names == NULL || ent->names[0] == NULL) + { + ent->nis = 0; + return NSS_STATUS_UNAVAIL; + } + } + + p2len = pwd_need_buflen (&ent->pwd); + if (p2len > buflen) + { + __set_errno (ERANGE); + return NSS_STATUS_TRYAGAIN; + } + p2 = buffer + (buflen - p2len); + buflen -= p2len; + do + { + if (ent->first) + { + next_name: + ent->result = nis_first_entry(ent->names[ent->names_nr]); + if (niserr2nss (ent->result->status) != NSS_STATUS_SUCCESS) + { + ent->nis = 0; + give_pwd_free (&ent->pwd); + return niserr2nss (ent->result->status); + } + ent->first = FALSE; + } + else + { + nis_result *res; + + res = nis_next_entry(ent->names[ent->names_nr], + &ent->result->cookie); + nis_freeresult (ent->result); + ent->result = res; + if (niserr2nss (ent->result->status) != NSS_STATUS_SUCCESS) + { + if ((ent->result->status == NIS_NOTFOUND) && + ent->names[ent->names_nr + 1] != NULL) + { + nis_freeresult (ent->result); + ent->names_nr += 1; + goto next_name; + } + else + { + ent->nis = 0; + give_pwd_free (&ent->pwd); + return niserr2nss (ent->result->status); + } + } + } + parse_res = _nss_nisplus_parse_pwent (ent->result, result, buffer, + buflen); + if (parse_res && + in_blacklist (result->pw_name, strlen (result->pw_name), ent)) + parse_res = 0; /* if result->pw_name in blacklist,search next entry */ + } + while (!parse_res); + + copy_pwd_changes (result, &ent->pwd, p2, p2len); + + return NSS_STATUS_SUCCESS; +} + +static enum nss_status getpwent_next_nis (struct passwd *result, ent_t *ent, char *buffer, size_t buflen) { struct parser_data *data = (void *) buffer; char *domain, *outkey, *outval, *p, *p2; - int outkeylen, outvallen; + int outkeylen, outvallen, parse_res; size_t p2len; if (yp_get_default_domain (&domain) != YPERR_SUCCESS) @@ -404,17 +609,96 @@ getpwent_next_nis (struct passwd *result, ent_t *ent, char *buffer, while (isspace (*p)) ++p; + parse_res = _nss_files_parse_pwent (p, result, data, buflen); + if (parse_res && + in_blacklist (result->pw_name, strlen (result->pw_name), ent)) + parse_res = 0; } - while (!_nss_files_parse_pwent (p, result, data, buflen)); + while (!parse_res); copy_pwd_changes (result, &ent->pwd, p2, p2len); - if (!in_blacklist (result->pw_name, strlen (result->pw_name), ent)) - return NSS_STATUS_SUCCESS; - else - return NSS_STATUS_NOTFOUND; + return NSS_STATUS_SUCCESS; } +/* This function handle the +user entrys in /etc/passwd */ +static enum nss_status +getpwent_next_file_plususer (struct passwd *result, char *buffer, + size_t buflen) +{ + struct parser_data *data = (void *) buffer; + struct passwd pwd; + int parse_res; + char *p; + size_t plen; + + memset (&pwd, '\0', sizeof (struct passwd)); + + copy_pwd_changes (&pwd, result, NULL, 0); + + plen = pwd_need_buflen (&pwd); + if (plen > buflen) + { + __set_errno (ERANGE); + return NSS_STATUS_TRYAGAIN; + } + p = buffer + (buflen - plen); + buflen -= plen; + + if (use_nisplus) /* Do the NIS+ query here */ + { + nis_result *res; + char buf[strlen (result->pw_name) + 24]; + + sprintf(buf, "[name=%s],passwd.org_dir", + &result->pw_name[1]); + res = nis_list(buf, EXPAND_NAME, NULL, NULL); + if (niserr2nss (res->status) != NSS_STATUS_SUCCESS) + { + enum nss_status status = niserr2nss (res->status); + + nis_freeresult (res); + return status; + } + parse_res = _nss_nisplus_parse_pwent (res, result, buffer, buflen); + nis_freeresult (res); + } + else /* Use NIS */ + { + char *domain; + char *outval; + int outvallen; + + if (yp_get_default_domain (&domain) != YPERR_SUCCESS) + return NSS_STATUS_TRYAGAIN; + + if (yp_match (domain, "passwd.byname", &result->pw_name[1], + strlen (result->pw_name) - 1, &outval, &outvallen) + != YPERR_SUCCESS) + return NSS_STATUS_TRYAGAIN; + p = strncpy (buffer, outval, + buflen < outvallen ? buflen : outvallen); + free (outval); + while (isspace (*p)) + p++; + parse_res = _nss_files_parse_pwent (p, result, data, buflen); + } + + if (parse_res) + { + copy_pwd_changes (result, &pwd, p, plen); + give_pwd_free (&pwd); + /* We found the entry. */ + return NSS_STATUS_SUCCESS; + } + else + { + /* Give buffer the old len back */ + buflen += plen; + give_pwd_free (&pwd); + } + return NSS_STATUS_RETURN; +} static enum nss_status getpwent_next_file (struct passwd *result, ent_t *ent, @@ -423,8 +707,7 @@ getpwent_next_file (struct passwd *result, ent_t *ent, struct parser_data *data = (void *) buffer; while (1) { - char *p, *p2; - size_t p2len; + char *p; do { @@ -494,50 +777,16 @@ getpwent_next_file (struct passwd *result, ent_t *ent, if (result->pw_name[0] == '+' && result->pw_name[1] != '\0' && result->pw_name[1] != '@') { - char *domain; - char *outval; - int outvallen; - struct passwd pwd; - - memset (&pwd, '\0', sizeof (struct passwd)); - - if (yp_get_default_domain (&domain) != YPERR_SUCCESS) - /* XXX Should we regard this as an fatal error? I don't - think so. Just continue working. --drepper@gnu */ - continue; - - if (yp_match (domain, "passwd.byname", &result->pw_name[1], - strlen (result->pw_name) - 1, &outval, &outvallen) - != YPERR_SUCCESS) - continue; - - copy_pwd_changes (&pwd, result, NULL, 0); - - p2len = pwd_need_buflen (&pwd); - if (p2len > buflen) - { - __set_errno (ERANGE); - return NSS_STATUS_TRYAGAIN; - } - p2 = buffer + (buflen - p2len); - buflen -= p2len; - p = strncpy (buffer, outval, buflen); - while (isspace (*p)) - p++; - free (outval); - if (_nss_files_parse_pwent (p, result, data, buflen)) - { - copy_pwd_changes (result, &pwd, p2, p2len); - give_pwd_free (&pwd); - /* We found the entry. */ - break; - } + enum nss_status status; + + status = getpwent_next_file_plususer (result, buffer, buflen); + if (status == NSS_STATUS_SUCCESS) /* We found the entry. */ + break; else - { - /* Give buffer the old len back */ - buflen += p2len; - give_pwd_free (&pwd); - } + if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */ + continue; + else + return status; } /* +:... */ @@ -547,7 +796,10 @@ getpwent_next_file (struct passwd *result, ent_t *ent, ent->first = TRUE; copy_pwd_changes (&ent->pwd, result, NULL, 0); - return getpwent_next_nis (result, ent, buffer, buflen); + if (use_nisplus) + return getpwent_next_nisplus (result, ent, buffer, buflen); + else + return getpwent_next_nis (result, ent, buffer, buflen); } } @@ -572,7 +824,12 @@ internal_getpwent_r (struct passwd *pw, ent_t *ent, char *buffer, return status; } else if (ent->nis) - return getpwent_next_nis (pw, ent, buffer, buflen); + { + if (use_nisplus) + return getpwent_next_nisplus (pw, ent, buffer, buflen); + else + return getpwent_next_nis (pw, ent, buffer, buflen); + } else return getpwent_next_file (pw, ent, buffer, buflen); } @@ -585,6 +842,12 @@ _nss_compat_getpwent_r (struct passwd *pwd, char *buffer, __libc_lock_lock (lock); + if (ni == NULL) + { + __nss_database_lookup ("passwd_compat", NULL, "nis", &ni); + use_nisplus = (strcmp (ni->name, "nisplus") == 0); + } + /* Be prepared that the setpwent function was not called before. */ if (ext_ent.stream == NULL) status = internal_setpwent (&ext_ent); @@ -602,13 +865,22 @@ enum nss_status _nss_compat_getpwnam_r (const char *name, struct passwd *pwd, char *buffer, size_t buflen) { - ent_t ent = {0, 0, 0, NULL, 0, NULL, {NULL, 0, 0}, + ent_t ent = {0, 0, 0, NULL, 0, NULL, NULL, 0, NULL, {NULL, 0, 0}, {NULL, NULL, 0, 0, NULL, NULL, NULL}}; enum nss_status status; if (name[0] == '-' || name[0] == '+') return NSS_STATUS_NOTFOUND; + __libc_lock_lock (lock); + + if (ni == NULL) + { + __nss_database_lookup ("passwd_compat", NULL, "nis", &ni); + use_nisplus = (strcmp (ni->name, "nisplus") == 0); + } + + __libc_lock_unlock (lock); status = internal_setpwent (&ent); if (status != NSS_STATUS_SUCCESS) @@ -628,10 +900,20 @@ enum nss_status _nss_compat_getpwuid_r (uid_t uid, struct passwd *pwd, char *buffer, size_t buflen) { - ent_t ent = {0, 0, 0, NULL, 0, NULL, {NULL, 0, 0}, + ent_t ent = {0, 0, 0, NULL, 0, NULL, NULL, 0, NULL, {NULL, 0, 0}, {NULL, NULL, 0, 0, NULL, NULL, NULL}}; enum nss_status status; - + + __libc_lock_lock (lock); + + if (ni == NULL) + { + __nss_database_lookup ("passwd_compat", NULL, "nis", &ni); + use_nisplus = (strcmp (ni->name, "nisplus") == 0); + } + + __libc_lock_unlock (lock); + status = internal_setpwent (&ent); if (status != NSS_STATUS_SUCCESS) return status; diff --git a/nis/nss_compat/compat-spwd.c b/nis/nss_compat/compat-spwd.c index 47dd229..7c0eb24 100644 --- a/nis/nss_compat/compat-spwd.c +++ b/nis/nss_compat/compat-spwd.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1996 Free Software Foundation, Inc. +/* Copyright (C) 1996, 1997 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1996. @@ -26,6 +26,15 @@ #include <libc-lock.h> #include <rpcsvc/yp.h> #include <rpcsvc/ypclnt.h> +#include <rpcsvc/nis.h> +#include <rpcsvc/nislib.h> +#include <nsswitch.h> + +#include "netgroup.h" +#include "nss-nisplus.h" + +static service_user *ni = NULL; +static bool_t use_nisplus = FALSE; /* default: passwd_compat: nis */ /* Get the declaration of the parser function. */ #define ENTNAME spent @@ -50,13 +59,17 @@ struct ent_t bool_t first; char *oldkey; int oldkeylen; + nis_result *result; + nis_name *names; + u_long names_nr; FILE *stream; struct blacklist_t blacklist; struct spwd pwd; + struct __netgrent netgrdata; }; typedef struct ent_t ent_t; -static ent_t ext_ent = {0, 0, 0, NULL, 0, NULL, {NULL, 0, 0}, +static ent_t ext_ent = {0, 0, 0, NULL, 0, NULL, NULL, 0, NULL, {NULL, 0, 0}, {NULL, NULL, 0, 0, 0, 0, 0, 0, 0}}; /* Protect global state against multiple changers. */ @@ -65,7 +78,8 @@ __libc_lock_define_initialized (static, lock) /* Prototypes for local functions. */ static void blacklist_store_name (const char *, ent_t *); static int in_blacklist (const char *, int, ent_t *); - +extern int _nss_nisplus_parse_spent (nis_result *, struct spwd *, + char *, size_t); static void give_spwd_free (struct spwd *pwd) { @@ -130,6 +144,10 @@ internal_setspent (ent_t *ent) ent->nis = ent->first = ent->netgroup = 0; + /* If something was left over free it. */ + if (ent->netgroup) + __internal_endnetgrent (&ent->netgrdata); + if (ent->oldkey != NULL) { free (ent->oldkey); @@ -137,6 +155,18 @@ internal_setspent (ent_t *ent) ent->oldkeylen = 0; } + if (ent->result != NULL) + { + nis_freeresult (ent->result); + ent->result = NULL; + } + if (ent->names != NULL) + { + nis_freenames (ent->names); + ent->names = NULL; + } + ent->names_nr = 0; + ent->blacklist.current = 0; if (ent->blacklist.data != NULL) ent->blacklist.data[0] = '\0'; @@ -164,6 +194,12 @@ _nss_compat_setspent (void) __libc_lock_lock (lock); + if (ni == NULL) + { + __nss_database_lookup ("shadow_compat", "passwd_compat", "nis", &ni); + use_nisplus = (strcmp (ni->name, "nisplus") == 0); + } + result = internal_setspent (&ext_ent); __libc_lock_unlock (lock); @@ -181,6 +217,9 @@ internal_endspent (ent_t *ent) ent->stream = NULL; } + if (ent->netgroup) + __internal_endnetgrent (&ent->netgrdata); + ent->nis = ent->first = ent->netgroup = 0; if (ent->oldkey != NULL) @@ -190,10 +229,22 @@ internal_endspent (ent_t *ent) ent->oldkeylen = 0; } + if (ent->result != NULL) + { + nis_freeresult (ent->result); + ent->result = NULL; + } + if (ent->names != NULL) + { + nis_freenames (ent->names); + ent->names = NULL; + } + ent->names_nr = 0; + ent->blacklist.current = 0; if (ent->blacklist.data != NULL) ent->blacklist.data[0] = '\0'; - + give_spwd_free (&ent->pwd); return NSS_STATUS_SUCCESS; @@ -215,8 +266,8 @@ _nss_compat_endspent (void) static enum nss_status -getspent_next_netgr (struct spwd *result, ent_t *ent, char *group, - char *buffer, size_t buflen) +getspent_next_nis_netgr (struct spwd *result, ent_t *ent, char *group, + char *buffer, size_t buflen) { struct parser_data *data = (void *) buffer; char *ypdomain, *host, *user, *domain, *outval, *p, *p2; @@ -233,15 +284,18 @@ getspent_next_netgr (struct spwd *result, ent_t *ent, char *group, if (ent->first == TRUE) { - setnetgrent (group); + bzero (&ent->netgrdata, sizeof (struct __netgrent)); + __internal_setnetgrent (group, &ent->netgrdata); ent->first = FALSE; } while (1) { - if ((status = getnetgrent (&host, &user, &domain)) != 1) + status = __internal_getnetgrent_r (&host, &user, &domain, + &ent->netgrdata, buffer, buflen); + if (status != 1) { - endnetgrent (); + __internal_endnetgrent (&ent->netgrdata); ent->netgroup = 0; give_spwd_free (&ent->pwd); return NSS_STATUS_RETURN; @@ -281,12 +335,176 @@ getspent_next_netgr (struct spwd *result, ent_t *ent, char *group, } static enum nss_status +getspent_next_nisplus_netgr (struct spwd *result, ent_t *ent, char *group, + char *buffer, size_t buflen) +{ + char *ypdomain, *host, *user, *domain, *p2; + int status, parse_res; + size_t p2len; + nis_result *nisres; + + /* Maybe we should use domainname here ? We need the current + domainname for the domain field in netgroups */ + if (yp_get_default_domain (&ypdomain) != YPERR_SUCCESS) + { + ent->netgroup = 0; + ent->first = 0; + give_spwd_free (&ent->pwd); + return NSS_STATUS_UNAVAIL; + } + + if (ent->first == TRUE) + { + bzero (&ent->netgrdata, sizeof (struct __netgrent)); + __internal_setnetgrent (group, &ent->netgrdata); + ent->first = FALSE; + } + + while (1) + { + status = __internal_getnetgrent_r (&host, &user, &domain, + &ent->netgrdata, buffer, buflen); + if (status != 1) + { + __internal_endnetgrent (&ent->netgrdata); + ent->netgroup = 0; + give_spwd_free (&ent->pwd); + return NSS_STATUS_RETURN; + } + + if (user == NULL || user[0] == '-') + continue; + + if (domain != NULL && strcmp (ypdomain, domain) != 0) + continue; + + p2len = spwd_need_buflen (&ent->pwd); + if (p2len > buflen) + { + __set_errno (ERANGE); + return NSS_STATUS_TRYAGAIN; + } + p2 = buffer + (buflen - p2len); + buflen -= p2len; + { + char buf[strlen (user) + 30]; + sprintf(buf, "[name=%s],passwd.org_dir", user); + nisres = nis_list(buf, EXPAND_NAME, NULL, NULL); + } + if (niserr2nss (nisres->status) != NSS_STATUS_SUCCESS) + { + nis_freeresult (nisres); + continue; + } + parse_res = _nss_nisplus_parse_spent (nisres, result, buffer, buflen); + nis_freeresult (nisres); + + if (parse_res) + { + copy_spwd_changes (result, &ent->pwd, p2, p2len); + break; + } + } + + return NSS_STATUS_SUCCESS; +} + +static enum nss_status +getspent_next_netgr (struct spwd *result, ent_t *ent, char *group, + char *buffer, size_t buflen) +{ + if (use_nisplus) + return getpwent_next_nisplus_netgr (result, ent, group, buffer, buflen); + else + return getpwent_next_nis_netgr (result, ent, group, buffer, buflen); +} + +static enum nss_status +getspent_next_nisplus (struct spwd *result, ent_t *ent, char *buffer, + size_t buflen) +{ + int parse_res; + size_t p2len; + char *p2; + + if (ent->names == NULL) + { + ent->names = nis_getnames ("passwd.org_dir"); + if (ent->names == NULL || ent->names[0] == NULL) + { + ent->nis = 0; + return NSS_STATUS_UNAVAIL; + } + } + + p2len = spwd_need_buflen (&ent->pwd); + if (p2len > buflen) + { + __set_errno (ERANGE); + return NSS_STATUS_TRYAGAIN; + } + p2 = buffer + (buflen - p2len); + buflen -= p2len; + do + { + if (ent->first) + { + next_name: + ent->result = nis_first_entry(ent->names[ent->names_nr]); + if (niserr2nss (ent->result->status) != NSS_STATUS_SUCCESS) + { + ent->nis = 0; + give_spwd_free (&ent->pwd); + return niserr2nss (ent->result->status); + } + ent->first = FALSE; + } + else + { + nis_result *res; + + res = nis_next_entry(ent->names[ent->names_nr], + &ent->result->cookie); + nis_freeresult (ent->result); + ent->result = res; + if (niserr2nss (ent->result->status) != NSS_STATUS_SUCCESS) + { + if ((ent->result->status == NIS_NOTFOUND) && + ent->names[ent->names_nr + 1] != NULL) + { + nis_freeresult (ent->result); + ent->names_nr += 1; + goto next_name; + } + else + { + ent->nis = 0; + give_spwd_free (&ent->pwd); + return niserr2nss (ent->result->status); + } + } + } + parse_res = _nss_nisplus_parse_spent (ent->result, result, buffer, + buflen); + if (parse_res && + in_blacklist (result->sp_namp, strlen (result->sp_namp), ent)) + parse_res = 0; /* if result->pw_name in blacklist,search next entry */ + } + while (!parse_res); + + copy_spwd_changes (result, &ent->pwd, p2, p2len); + + return NSS_STATUS_SUCCESS; +} + + +static enum nss_status getspent_next_nis (struct spwd *result, ent_t *ent, char *buffer, size_t buflen) { struct parser_data *data = (void *) buffer; char *domain, *outkey, *outval, *p, *p2; - int outkeylen, outvallen; + int outkeylen, outvallen, parse_res; size_t p2len; if (yp_get_default_domain (&domain) != YPERR_SUCCESS) @@ -344,17 +562,96 @@ getspent_next_nis (struct spwd *result, ent_t *ent, while (isspace (*p)) ++p; + parse_res = _nss_files_parse_spent (p, result, data, buflen); + if (parse_res && + in_blacklist (result->sp_namp, strlen (result->sp_namp), ent)) + parse_res = 0; } - while (!_nss_files_parse_spent (p, result, data, buflen)); + while (!parse_res); copy_spwd_changes (result, &ent->pwd, p2, p2len); - if (!in_blacklist (result->sp_namp, strlen (result->sp_namp), ent)) - return NSS_STATUS_SUCCESS; - else - return NSS_STATUS_NOTFOUND; + return NSS_STATUS_SUCCESS; } +/* This function handle the +user entrys in /etc/shadow */ +static enum nss_status +getspent_next_file_plususer (struct spwd *result, char *buffer, + size_t buflen) +{ + struct parser_data *data = (void *) buffer; + struct spwd pwd; + int parse_res; + char *p; + size_t plen; + + memset (&pwd, '\0', sizeof (struct spwd)); + + copy_spwd_changes (&pwd, result, NULL, 0); + + plen = spwd_need_buflen (&pwd); + if (plen > buflen) + { + __set_errno (ERANGE); + return NSS_STATUS_TRYAGAIN; + } + p = buffer + (buflen - plen); + buflen -= plen; + + if (use_nisplus) /* Do the NIS+ query here */ + { + nis_result *res; + char buf[strlen (result->sp_namp) + 24]; + + sprintf(buf, "[name=%s],passwd.org_dir", + &result->sp_namp[1]); + res = nis_list(buf, EXPAND_NAME, NULL, NULL); + if (niserr2nss (res->status) != NSS_STATUS_SUCCESS) + { + enum nss_status status = niserr2nss (res->status); + + nis_freeresult (res); + return status; + } + parse_res = _nss_nisplus_parse_spent (res, result, buffer, buflen); + nis_freeresult (res); + } + else /* Use NIS */ + { + char *domain; + char *outval; + int outvallen; + + if (yp_get_default_domain (&domain) != YPERR_SUCCESS) + return NSS_STATUS_TRYAGAIN; + + if (yp_match (domain, "passwd.byname", &result->sp_namp[1], + strlen (result->sp_namp) - 1, &outval, &outvallen) + != YPERR_SUCCESS) + return NSS_STATUS_TRYAGAIN; + p = strncpy (buffer, outval, + buflen < outvallen ? buflen : outvallen); + free (outval); + while (isspace (*p)) + p++; + parse_res = _nss_files_parse_spent (p, result, data, buflen); + } + + if (parse_res) + { + copy_spwd_changes (result, &pwd, p, plen); + give_spwd_free (&pwd); + /* We found the entry. */ + return NSS_STATUS_SUCCESS; + } + else + { + /* Give buffer the old len back */ + buflen += plen; + give_spwd_free (&pwd); + } + return NSS_STATUS_RETURN; +} static enum nss_status getspent_next_file (struct spwd *result, ent_t *ent, @@ -434,50 +731,16 @@ getspent_next_file (struct spwd *result, ent_t *ent, if (result->sp_namp[0] == '+' && result->sp_namp[1] != '\0' && result->sp_namp[1] != '@') { - char *domain; - char *outval; - int outvallen; - struct spwd pwd; - - memset (&pwd, '\0', sizeof (struct spwd)); - - if (yp_get_default_domain (&domain) != YPERR_SUCCESS) - /* XXX Should we regard this as an fatal error? I don't - think so. Just continue working. --drepper@gnu */ - continue; - - if (yp_match (domain, "shadow.byname", &result->sp_namp[1], - strlen (result->sp_namp) - 1, &outval, &outvallen) - != YPERR_SUCCESS) - continue; - - copy_spwd_changes (&pwd, result, NULL, 0); - - p2len = spwd_need_buflen (&pwd); - if (p2len > buflen) - { - __set_errno (ERANGE); - return NSS_STATUS_TRYAGAIN; - } - p2 = buffer + (buflen - p2len); - buflen -= p2len; - p = strncpy (buffer, outval, buflen); - while (isspace (*p)) - p++; - free (outval); - if (_nss_files_parse_spent (p, result, data, buflen)) - { - copy_spwd_changes (result, &pwd, p2, p2len); - give_spwd_free (&pwd); - /* We found the entry. */ - break; - } - else - { - /* Give buffer the old len back */ - buflen += p2len; - give_spwd_free (&pwd); - } + enum nss_status status; + + status = getspent_next_file_plususer (result, buffer, buflen); + if (status == NSS_STATUS_SUCCESS) /* We found the entry. */ + break; + else + if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */ + continue; + else + return status; } /* +:... */ @@ -487,7 +750,10 @@ getspent_next_file (struct spwd *result, ent_t *ent, ent->first = TRUE; copy_spwd_changes (&ent->pwd, result, NULL, 0); - return getspent_next_nis (result, ent, buffer, buflen); + if (use_nisplus) + return getspent_next_nisplus (result, ent, buffer, buflen); + else + return getspent_next_nis (result, ent, buffer, buflen); } } @@ -512,7 +778,12 @@ internal_getspent_r (struct spwd *pw, ent_t *ent, return status; } else if (ent->nis) - return getspent_next_nis (pw, ent, buffer, buflen); + { + if (use_nisplus) + return getspent_next_nisplus (pw, ent, buffer, buflen); + else + return getspent_next_nis (pw, ent, buffer, buflen); + } else return getspent_next_file (pw, ent, buffer, buflen); } @@ -524,6 +795,12 @@ _nss_compat_getspent_r (struct spwd *pwd, char *buffer, size_t buflen) __libc_lock_lock (lock); + if (ni == NULL) + { + __nss_database_lookup ("shadow_compat", "passwd_compat", "nis", &ni); + use_nisplus = (strcmp (ni->name, "nisplus") == 0); + } + /* Be prepared that the setspent function was not called before. */ if (ext_ent.stream == NULL) status = internal_setspent (&ext_ent); @@ -541,13 +818,19 @@ enum nss_status _nss_compat_getspnam_r (const char *name, struct spwd *pwd, char *buffer, size_t buflen) { - ent_t ent = {0, 0, 0, NULL, 0, NULL, {NULL, 0, 0}, + ent_t ent = {0, 0, 0, NULL, 0, NULL, NULL, 0, NULL, {NULL, 0, 0}, {NULL, NULL, 0, 0, 0, 0, 0, 0, 0}}; enum nss_status status; if (name[0] == '-' || name[0] == '+') return NSS_STATUS_NOTFOUND; + if (ni == NULL) + { + __nss_database_lookup ("shadow_compat", "passwd_compat", "nis", &ni); + use_nisplus = (strcmp (ni->name, "nisplus") == 0); + } + status = internal_setspent (&ent); if (status != NSS_STATUS_SUCCESS) return status; @@ -619,3 +902,4 @@ in_blacklist (const char *name, int namelen, ent_t *ent) stpcpy (stpcpy (stpcpy (buf, "|"), name), "|"); return strstr (ent->blacklist.data, buf) != NULL; } + diff --git a/nis/nss_nis/nis-grp.c b/nis/nss_nis/nis-grp.c index d727202..139edf2 100644 --- a/nis/nss_nis/nis-grp.c +++ b/nis/nss_nis/nis-grp.c @@ -122,7 +122,7 @@ internal_nis_getgrent_r (struct group *grp, char *buffer, size_t buflen) free (result); parse_res = _nss_files_parse_grent (p, grp, data, buflen); - if (!parse_res && errno == ERANGE) + if (parse_res < 1 && errno == ERANGE) return NSS_STATUS_TRYAGAIN; free (oldkey); @@ -130,7 +130,7 @@ internal_nis_getgrent_r (struct group *grp, char *buffer, size_t buflen) oldkeylen = keylen; new_start = 0; } - while (!parse_res); + while (parse_res < 1); return NSS_STATUS_SUCCESS; } @@ -192,7 +192,7 @@ _nss_nis_getgrnam_r (const char *name, struct group *grp, parse_res = _nss_files_parse_grent (p, grp, data, buflen); - if (!parse_res) + if (parse_res < 1) { if (errno == ERANGE) return NSS_STATUS_TRYAGAIN; @@ -243,7 +243,7 @@ _nss_nis_getgrgid_r (gid_t gid, struct group *grp, parse_res = _nss_files_parse_grent (p, grp, data, buflen); - if (!parse_res) + if (parse_res < 1) { if (errno == ERANGE) return NSS_STATUS_TRYAGAIN; diff --git a/nis/nss_nis/nis-publickey.c b/nis/nss_nis/nis-publickey.c index aad4da5..f50f709 100644 --- a/nis/nss_nis/nis-publickey.c +++ b/nis/nss_nis/nis-publickey.c @@ -23,22 +23,24 @@ #include <string.h> #include <syslog.h> #include <libc-lock.h> -#include <rpc/key_prot.h> +#include <rpc/rpc.h> #include <rpcsvc/yp.h> #include <rpcsvc/ypclnt.h> +#if defined (HAVE_SECURE_RPC) +#include <rpc/key_prot.h> +extern int xdecrypt (char *, char *); +#endif #include "nss-nis.h" -extern int xdecrypt (char *, char *); - -/* If we found the entry, we give a SUCCESS and an empty key back. */ +/* If we haven't found the entry, we give a SUCCESS and an empty key back. */ enum nss_status _nss_nis_getpublickey (const char *netname, char *pkey) { enum nss_status retval; char *domain, *result; int len; - + pkey[0] = 0; if (netname == NULL) @@ -75,6 +77,7 @@ _nss_nis_getpublickey (const char *netname, char *pkey) enum nss_status _nss_nis_getsecretkey (const char *netname, char *skey, char *passwd) { +#if defined (HAVE_SECURE_RPC) enum nss_status retval; char buf[1024]; char *domain, *result; @@ -120,6 +123,9 @@ _nss_nis_getsecretkey (const char *netname, char *skey, char *passwd) buf[HEXKEYBYTES] = 0; strcpy (skey, buf); } +#else + skey[0] = 0; +#endif return NSS_STATUS_SUCCESS; } diff --git a/nis/nss_nisplus/nisplus-alias.c b/nis/nss_nisplus/nisplus-alias.c index b0f0351..b27f1a8 100644 --- a/nis/nss_nisplus/nisplus-alias.c +++ b/nis/nss_nisplus/nisplus-alias.c @@ -44,7 +44,7 @@ _nss_nisplus_parse_aliasent (nis_result *result, struct aliasent *alias, char *buffer, size_t buflen) { if (result == NULL) - return -1; + return 0; if ((result->status != NIS_SUCCESS && result->status != NIS_S_SUCCESS) || result->objects.objects_len != 1 || @@ -52,7 +52,7 @@ _nss_nisplus_parse_aliasent (nis_result *result, struct aliasent *alias, strcmp(result->objects.objects_val[0].zo_data.objdata_u.en_data.en_type, "mail_aliases") != 0 || result->objects.objects_val[0].zo_data.objdata_u.en_data.en_cols.en_cols_len < 2) - return -1; + return 0; else { char *first_unused = buffer + NISENTRYLEN(0, 1, result) + 1; @@ -67,7 +67,7 @@ _nss_nisplus_parse_aliasent (nis_result *result, struct aliasent *alias, /* The line is too long for our buffer. */ no_more_room: __set_errno (ERANGE); - return -1; + return 0; } else { diff --git a/nis/nss_nisplus/nisplus-ethers.c b/nis/nss_nisplus/nisplus-ethers.c index ac3e069..2cdc2df 100644 --- a/nis/nss_nisplus/nisplus-ethers.c +++ b/nis/nss_nisplus/nisplus-ethers.c @@ -86,7 +86,7 @@ _nss_nisplus_parse_etherent (nis_result *result, struct etherent *ether, struct parser_data *data = (void *) buffer; if (result == NULL) - return -1; + return 0; if ((result->status != NIS_SUCCESS && result->status != NIS_S_SUCCESS) || result->objects.objects_len != 1 || @@ -94,7 +94,7 @@ _nss_nisplus_parse_etherent (nis_result *result, struct etherent *ether, strcmp(result->objects.objects_val[0].zo_data.objdata_u.en_data.en_type, "ethers_tbl") != 0 || result->objects.objects_val[0].zo_data.objdata_u.en_data.en_cols.en_cols_len < 2) - return -1; + return 0; memset (p, '\0', room_left); @@ -102,7 +102,7 @@ _nss_nisplus_parse_etherent (nis_result *result, struct etherent *ether, if (NISENTRYLEN (0, 0, result) +1 > room_left) { __set_errno (ERANGE); - return -1; + return 0; } strncpy (p, NISENTRYVAL (0, 0, result), NISENTRYLEN (0, 0, result)); room_left -= (NISENTRYLEN (0, 0, result) +1); @@ -110,7 +110,7 @@ _nss_nisplus_parse_etherent (nis_result *result, struct etherent *ether, if (NISENTRYLEN (0, 1, result) +1 > room_left) { __set_errno (ERANGE); - return -1; + return 0; } strcat (p, "\t"); strncat (p, NISENTRYVAL (0, 1, result), NISENTRYLEN (0, 1, result)); diff --git a/nis/nss_nisplus/nisplus-grp.c b/nis/nss_nisplus/nisplus-grp.c index 2e56afa..1c73ca5 100644 --- a/nis/nss_nisplus/nisplus-grp.c +++ b/nis/nss_nisplus/nisplus-grp.c @@ -39,63 +39,34 @@ static nis_name *names = NULL; #define NISENTRYLEN(idx,col,res) \ ((res)->objects.objects_val[(idx)].zo_data.objdata_u.en_data.en_cols.en_cols_val[(col)].ec_value.ec_value_len) -#define STRUCTURE group -#define ENTNAME grent -struct grent_data {}; - -#define TRAILING_LIST_MEMBER gr_mem -#define TRAILING_LIST_SEPARATOR_P(c) ((c) == ',') -#include "../../nss/nss_files/files-parse.c" -LINE_PARSER -(, - STRING_FIELD (result->gr_name, ISCOLON, 0); - if (line[0] == '\0' - && (result->gr_name[0] == '+' || result->gr_name[0] == '-')) - { - result->gr_passwd = NULL; - result->gr_gid = 0; - } - else - { - STRING_FIELD (result->gr_passwd, ISCOLON, 0); - if (result->gr_name[0] == '+' || result->gr_name[0] == '-') - INT_FIELD_MAYBE_NULL (result->gr_gid, ISCOLON, 0, 10, , 0) - else - INT_FIELD (result->gr_gid, ISCOLON, 0, 10,) - } - ) - -static int +int _nss_nisplus_parse_grent (nis_result * result, struct group *gr, char *buffer, size_t buflen) { -#if 0 - /* XXX here is a bug, sometimes we get some special characters at the - end of a line */ char *first_unused = buffer; size_t room_left = buflen; char *line; int count; - + if (result == NULL) - return -1; - + return 0; + if ((result->status != NIS_SUCCESS && result->status != NIS_S_SUCCESS) || result->objects.objects_len != 1 || result->objects.objects_val[0].zo_data.zo_type != ENTRY_OBJ || - strcmp (result->objects.objects_val[0].zo_data.objdata_u.en_data.en_type, - "group_tbl") != 0 || + strcmp (result->objects.objects_val[0].zo_data.objdata_u.en_data.en_type, + "group_tbl") != 0 || result->objects.objects_val[0].zo_data.objdata_u.en_data.en_cols.en_cols_len < 4) - return -1; + return 0; if (NISENTRYLEN (0, 0, result) >= room_left) { /* The line is too long for our buffer. */ no_more_room: __set_errno (ERANGE); - return -1; + return 0; } - + strncpy (first_unused, NISENTRYVAL (0, 0, result), NISENTRYLEN (0, 0, result)); first_unused[NISENTRYLEN (0, 0, result)] = '\0'; @@ -158,8 +129,11 @@ _nss_nisplus_parse_grent (nis_result * result, struct group *gr, if (line != gr->gr_mem[count]) { - *line = '\0'; - ++line; + if (*line != '\0') + { + *line = '\0'; + ++line; + } ++count; } else @@ -171,59 +145,6 @@ _nss_nisplus_parse_grent (nis_result * result, struct group *gr, gr->gr_mem[count] = NULL; return 1; -#else - char *p = buffer; - size_t room_left = buflen; - struct parser_data *data = (void *) buffer; - - if (result == NULL) - return -1; - - if ((result->status != NIS_SUCCESS && result->status != NIS_S_SUCCESS) || - result->objects.objects_len != 1 || - result->objects.objects_val[0].zo_data.zo_type != ENTRY_OBJ || - strcmp (result->objects.objects_val[0].zo_data.objdata_u.en_data.en_type, - "group_tbl") != 0 || - result->objects.objects_val[0].zo_data.objdata_u.en_data.en_cols.en_cols_len < 4) - return -1; - - memset (p, '\0', room_left); - - if (NISENTRYLEN (0, 0, result) + 1 > room_left) - { - __set_errno (ERANGE); - return -1; - } - strncpy (p, NISENTRYVAL (0, 0, result), NISENTRYLEN (0, 0, result)); - room_left -= (NISENTRYLEN (0, 0, result) + 1); - strcat (p, ":"); - - if (NISENTRYLEN (0, 1, result) + 1 > room_left) - { - __set_errno (ERANGE); - return -1; - } - strncat (p, NISENTRYVAL (0, 1, result), NISENTRYLEN (0, 1, result)); - room_left -= (NISENTRYLEN (0, 1, result) + 1); - strcat (p, ":"); - if (NISENTRYLEN (0, 2, result) + 1 > room_left) - { - __set_errno (ERANGE); - return -1; - } - strncat (p, NISENTRYVAL (0, 2, result), NISENTRYLEN (0, 2, result)); - room_left -= (NISENTRYLEN (0, 2, result) + 1); - strcat (p, ":"); - if (NISENTRYLEN (0, 3, result) + 1 > room_left) - { - __set_errno (ERANGE); - return -1; - } - strncat (p, NISENTRYVAL (0, 3, result), NISENTRYLEN (0, 3, result)); - room_left -= (NISENTRYLEN (0, 3, result) + 1); - - return _nss_files_parse_grent (p, gr, data, buflen); -#endif } enum nss_status diff --git a/nis/nss_nisplus/nisplus-hosts.c b/nis/nss_nisplus/nisplus-hosts.c index 0a48641..1bcbe40 100644 --- a/nis/nss_nisplus/nisplus-hosts.c +++ b/nis/nss_nisplus/nisplus-hosts.c @@ -121,14 +121,14 @@ _nss_nisplus_parse_hostent (nis_result *result, struct hostent *host, struct parser_data *data = (void *) buffer; if (result == NULL) - return -1; + return 0; if ((result->status != NIS_SUCCESS && result->status != NIS_S_SUCCESS) || result->objects.objects_val[0].zo_data.zo_type != ENTRY_OBJ || strcmp(result->objects.objects_val[0].zo_data.objdata_u.en_data.en_type, "hosts_tbl") != 0 || result->objects.objects_val[0].zo_data.objdata_u.en_data.en_cols.en_cols_len < 4) - return -1; + return 0; memset (p, '\0', room_left); @@ -136,7 +136,7 @@ _nss_nisplus_parse_hostent (nis_result *result, struct hostent *host, if (NISENTRYLEN (0, 2, result) + 1 > room_left) { __set_errno (ERANGE); - return -1; + return 0; } strncpy (p, NISENTRYVAL (0, 2, result), NISENTRYLEN (0, 2, result)); @@ -145,7 +145,7 @@ _nss_nisplus_parse_hostent (nis_result *result, struct hostent *host, if (NISENTRYLEN (0, 0, result) + 1 > room_left) { __set_errno (ERANGE); - return -1; + return 0; } strcat (p, "\t"); strncat (p, NISENTRYVAL (0, 0, result), NISENTRYLEN (0, 0, result)); @@ -157,7 +157,7 @@ _nss_nisplus_parse_hostent (nis_result *result, struct hostent *host, if (NISENTRYLEN (i, 1, result) + 1 > room_left) { __set_errno (ERANGE); - return -1; + return 0; } strcat (p, " "); strcat (p, NISENTRYVAL (i, 1, result)); diff --git a/nis/nss_nisplus/nisplus-netgrp.c b/nis/nss_nisplus/nisplus-netgrp.c index 766d2bc..f2a1b30 100644 --- a/nis/nss_nisplus/nisplus-netgrp.c +++ b/nis/nss_nisplus/nisplus-netgrp.c @@ -31,13 +31,9 @@ __libc_lock_define_initialized (static, lock) -static char *data = NULL; -static size_t data_size = 0; -static char *cursor = NULL;; - -extern enum nss_status -_nss_netgroup_parseline (char **cursor, struct __netgrent *result, - char *buffer, size_t buflen); +static nis_result *data = NULL; +static unsigned long data_size = 0; +static unsigned long position = 0; #define NISENTRYVAL(idx,col,res) \ ((res)->objects.objects_val[(idx)].zo_data.objdata_u.en_data.en_cols.en_cols_val[(col)].ec_value.ec_value_val) @@ -45,15 +41,103 @@ _nss_netgroup_parseline (char **cursor, struct __netgrent *result, #define NISENTRYLEN(idx,col,res) \ ((res)->objects.objects_val[(idx)].zo_data.objdata_u.en_data.en_cols.en_cols_val[(col)].ec_value.ec_value_len) +static enum nss_status +_nss_nisplus_parse_netgroup (struct __netgrent *result, char *buffer, + size_t buflen) +{ + enum nss_status status; + + /* Some sanity checks. */ + if (data == NULL || data_size == 0) + /* User bug. setnetgrent() wasn't called before. */ + abort (); + + if (position == data_size) + return result->first ? NSS_STATUS_NOTFOUND : NSS_STATUS_RETURN; + + if (NISENTRYLEN (position, 1, data) > 0) + { + /* We have a list of other netgroups. */ + + result->type = group_val; + if (NISENTRYLEN (position, 1, data) >= buflen) + { + __set_errno (ERANGE); + return NSS_STATUS_TRYAGAIN; + } + strncpy (buffer, NISENTRYVAL (position, 1, data), + NISENTRYLEN (position, 1, data)); + buffer[NISENTRYLEN (position, 1, data)] = '\0'; + result->val.group = buffer; + ++position; + result->first = 0; + + return NSS_STATUS_SUCCESS; + } + + /* Before we can copy the entry to the private buffer we have to make + sure it is big enough. */ + if (NISENTRYLEN (position, 2, data) + NISENTRYLEN (position, 3, data) + + NISENTRYLEN (position, 4, data) + 6 > buflen) + { + __set_errno (ERANGE); + status = NSS_STATUS_UNAVAIL; + } + else + { + char *cp = buffer; + + result->type = triple_val; + + if (NISENTRYLEN (position, 2, data) == 0) + result->val.triple.host = NULL; + else + { + result->val.triple.host = cp; + cp = stpncpy (cp, NISENTRYVAL (position, 2, data), + NISENTRYLEN (position, 2, data)); + *cp = '\0'; + ++cp; + } + + if (NISENTRYLEN (position, 3, data) == 0) + result->val.triple.user = NULL; + else + { + result->val.triple.user = cp; + cp = stpncpy (cp, NISENTRYVAL (position, 3, data), + NISENTRYLEN (position, 3, data)); + *cp = '\0'; + ++cp; + } + + if (NISENTRYLEN (position, 4, data) == 0) + result->val.triple.domain = NULL; + else + { + result->val.triple.domain = cp; + cp = stpncpy (cp, NISENTRYVAL (position, 4, data), + NISENTRYLEN (position, 4, data)); + *cp = '\0'; + } + + status = NSS_STATUS_SUCCESS; + + /* Remember where we stopped reading. */ + ++position; + + result->first = 0; + } + + return status; +} + enum nss_status _nss_nisplus_setnetgrent (char *group) { enum nss_status status; - nis_result *result; char buf[strlen (group) + 30]; - int i; - size_t len; if (group == NULL || group[0] == '\0') return NSS_STATUS_UNAVAIL; @@ -64,43 +148,27 @@ _nss_nisplus_setnetgrent (char *group) if (data != NULL) { - free (data); + nis_freeresult (data); data = NULL; data_size = 0; - cursor = NULL; + position = 0; } sprintf(buf, "[name=%s],netgroup.org_dir", group); - result = nis_list(buf, EXPAND_NAME, NULL, NULL); - - if (niserr2nss (result->status) != NSS_STATUS_SUCCESS) - status = niserr2nss (result->status); - - len = 0; - for (i = 0; i < result->objects.objects_len; i++) - len += 1 + NISENTRYLEN (i, 1, result) + 1 + NISENTRYLEN(i,2,result) - + 1 + NISENTRYLEN(i,3,result) + 1 + NISENTRYLEN(i,4,result) + 2; - - data = malloc (len+1); - memset (data, '\0', len+1); + data = nis_list(buf, EXPAND_NAME, NULL, NULL); - for (i = 0; i < result->objects.objects_len; i++) + if (niserr2nss (data->status) != NSS_STATUS_SUCCESS) { - strncat (data, NISENTRYVAL (i, 1, result), NISENTRYLEN (i, 1, result)); - strcat (data," ("); - strncat (data, NISENTRYVAL(i,2,result), NISENTRYLEN (i, 2, result)); - strcat (data, ","); - strncat (data, NISENTRYVAL(i,3,result), NISENTRYLEN (i, 3, result)); - strcat (data, ","); - strncat (data, NISENTRYVAL(i,4,result), NISENTRYLEN (i, 4, result)); - strcat (data, ") "); + status = niserr2nss (data->status); + nis_freeresult (data); + data = NULL; } - - nis_freeresult (result); - + else + data_size = data->objects.objects_len; + __libc_lock_unlock (lock); - + return status; } @@ -111,10 +179,10 @@ _nss_nisplus_endnetgrent (void) if (data != NULL) { - free (data); + nis_freeresult (data); data = NULL; data_size = 0; - cursor = NULL; + position = 0; } __libc_lock_unlock (lock); @@ -128,12 +196,9 @@ _nss_nisplus_getnetgrent_r (struct __netgrent *result, { enum nss_status status; - if (cursor == NULL) - return NSS_STATUS_NOTFOUND; - __libc_lock_lock (lock); - status = _nss_netgroup_parseline (&cursor, result, buffer, buflen); + status = _nss_nisplus_parse_netgroup (result, buffer, buflen); __libc_lock_unlock (lock); diff --git a/nis/nss_nisplus/nisplus-network.c b/nis/nss_nisplus/nisplus-network.c index 28580b6..7e0ccd6 100644 --- a/nis/nss_nisplus/nisplus-network.c +++ b/nis/nss_nisplus/nisplus-network.c @@ -69,20 +69,20 @@ _nss_nisplus_parse_netent (nis_result *result, struct netent *network, struct parser_data *data = (void *) buffer; if (result == NULL) - return -1; + return 0; if ((result->status != NIS_SUCCESS && result->status != NIS_S_SUCCESS) || result->objects.objects_val[0].zo_data.zo_type != ENTRY_OBJ || strcmp(result->objects.objects_val[0].zo_data.objdata_u.en_data.en_type, "networks_tbl") != 0 || result->objects.objects_val[0].zo_data.objdata_u.en_data.en_cols.en_cols_len < 3) - return -1; + return 0; /* Generate the network entry format and use the normal parser */ if (NISENTRYLEN (0, 0, result) +1 > room_left) { __set_errno (ERANGE); - return -1; + return 0; } memset (p, '\0', room_left); @@ -93,7 +93,7 @@ _nss_nisplus_parse_netent (nis_result *result, struct netent *network, if (NISENTRYLEN (0, 2, result) +1 > room_left) { __set_errno (ERANGE); - return -1; + return 0; } strcat (p, "\t"); strncat (p, NISENTRYVAL (0, 2, result), NISENTRYLEN (0, 2, result)); @@ -101,12 +101,11 @@ _nss_nisplus_parse_netent (nis_result *result, struct netent *network, /* + 1: We overwrite the last \0 */ for (i = 1; i < result->objects.objects_len; i++) - /* XXX should we start with i = 0 or with i = 1 ? */ { if (NISENTRYLEN (i, 1, result) +1 > room_left) { __set_errno (ERANGE); - return -1; + return 0; } strcat (p, " "); strncat (p, NISENTRYVAL (i, 1, result), NISENTRYLEN (i, 1, result)); diff --git a/nis/nss_nisplus/nisplus-proto.c b/nis/nss_nisplus/nisplus-proto.c index b26cb82..5cb55d3 100644 --- a/nis/nss_nisplus/nisplus-proto.c +++ b/nis/nss_nisplus/nisplus-proto.c @@ -60,14 +60,14 @@ _nss_nisplus_parse_protoent (nis_result * result, struct protoent *proto, struct parser_data *data = (void *) buffer; if (result == NULL) - return -1; + return 0; if ((result->status != NIS_SUCCESS && result->status != NIS_S_SUCCESS) || result->objects.objects_val[0].zo_data.zo_type != ENTRY_OBJ || strcmp (result->objects.objects_val[0].zo_data.objdata_u.en_data.en_type, "protocols_tbl") != 0 || result->objects.objects_val[0].zo_data.objdata_u.en_data.en_cols.en_cols_len < 3) - return -1; + return 0; memset (p, '\0', room_left); @@ -75,7 +75,7 @@ _nss_nisplus_parse_protoent (nis_result * result, struct protoent *proto, if (NISENTRYLEN (0, 0, result) + 1 > room_left) { __set_errno (ERANGE); - return -1; + return 0; } strncpy (p, NISENTRYVAL (0, 0, result), NISENTRYLEN (0, 0, result)); room_left -= (NISENTRYLEN (0, 0, result) + 1); @@ -83,7 +83,7 @@ _nss_nisplus_parse_protoent (nis_result * result, struct protoent *proto, if (NISENTRYLEN (0, 2, result) + 1 > room_left) { __set_errno (ERANGE); - return -1; + return 0; } strcat (p, "\t"); strncat (p, NISENTRYVAL (0, 2, result), NISENTRYLEN (0, 2, result)); @@ -95,7 +95,7 @@ _nss_nisplus_parse_protoent (nis_result * result, struct protoent *proto, if (NISENTRYLEN (i, 1, result) + 1 > room_left) { __set_errno (ERANGE); - return -1; + return 0; } strcat (p, " "); strncat (p, NISENTRYVAL (i, 1, result), NISENTRYLEN (i, 1, result)); diff --git a/nis/nss_nisplus/nisplus-publickey.c b/nis/nss_nisplus/nisplus-publickey.c index 7312c91..91cfba7 100644 --- a/nis/nss_nisplus/nisplus-publickey.c +++ b/nis/nss_nisplus/nisplus-publickey.c @@ -23,15 +23,17 @@ #include <stdio.h> #include <string.h> #include <syslog.h> -#include <rpc/key_prot.h> +#include <rpc/rpc.h> #include <rpcsvc/nis.h> #include <rpcsvc/nislib.h> +#ifdef HAVE_SECURE_RPC +#include <rpc/key_prot.h> +extern int xdecrypt (char *, char *); +#endif #include <nss-nisplus.h> -extern int xdecrypt (char *, char *); - -/* If we found the entry, we give a SUCCESS and an empty key back. */ +/* If we haven't found the entry, we give a SUCCESS and an empty key back. */ enum nss_status _nss_nisplus_getpublickey (const char *netname, char *pkey) { @@ -70,6 +72,8 @@ _nss_nisplus_getpublickey (const char *netname, char *pkey) { if (retval == NSS_STATUS_TRYAGAIN) __set_errno (EAGAIN); + if (res->status == NIS_NOTFOUND) + retval = NSS_STATUS_SUCCESS; nis_freeresult (res); return retval; } @@ -100,6 +104,7 @@ _nss_nisplus_getpublickey (const char *netname, char *pkey) enum nss_status _nss_nisplus_getsecretkey (const char *netname, char *skey, char *passwd) { +#ifdef HAVE_SECURE_RPC nis_result *res; enum nss_status retval; char buf[NIS_MAXNAMELEN+2]; @@ -167,6 +172,9 @@ _nss_nisplus_getsecretkey (const char *netname, char *skey, char *passwd) buf[HEXKEYBYTES] = 0; strcpy (skey, buf); +#else + skey[0] = 0; +#endif return NSS_STATUS_SUCCESS; } diff --git a/nis/nss_nisplus/nisplus-pwd.c b/nis/nss_nisplus/nisplus-pwd.c index 3717d5e..b65a9fe 100644 --- a/nis/nss_nisplus/nisplus-pwd.c +++ b/nis/nss_nisplus/nisplus-pwd.c @@ -38,7 +38,7 @@ static nis_name *names = NULL; #define NISENTRYLEN(idx,col,res) \ ((res)->objects.objects_val[(idx)].zo_data.objdata_u.en_data.en_cols.en_cols_val[(col)].ec_value.ec_value_len) -static int +int _nss_nisplus_parse_pwent (nis_result *result, struct passwd *pw, char *buffer, size_t buflen) { @@ -46,7 +46,7 @@ _nss_nisplus_parse_pwent (nis_result *result, struct passwd *pw, size_t room_left = buflen; if (result == NULL) - return -1; + return 0; if ((result->status != NIS_SUCCESS && result->status != NIS_S_SUCCESS) || result->objects.objects_len != 1 || @@ -54,14 +54,14 @@ _nss_nisplus_parse_pwent (nis_result *result, struct passwd *pw, strcmp(result->objects.objects_val[0].zo_data.objdata_u.en_data.en_type, "passwd_tbl") != 0 || result->objects.objects_val[0].zo_data.objdata_u.en_data.en_cols.en_cols_len < 7) - return -1; + return 0; if (NISENTRYLEN(0, 0, result) >= room_left) { /* The line is too long for our buffer. */ no_more_room: __set_errno (ERANGE); - return -1; + return 0; } strncpy (first_unused, NISENTRYVAL(0, 0, result), diff --git a/nis/nss_nisplus/nisplus-rpc.c b/nis/nss_nisplus/nisplus-rpc.c index 326f262..9cf9f68 100644 --- a/nis/nss_nisplus/nisplus-rpc.c +++ b/nis/nss_nisplus/nisplus-rpc.c @@ -60,14 +60,14 @@ _nss_nisplus_parse_rpcent (nis_result *result, struct rpcent *rpc, struct parser_data *data = (void *) buffer; if (result == NULL) - return -1; + return 0; if ((result->status != NIS_SUCCESS && result->status != NIS_S_SUCCESS) || result->objects.objects_val[0].zo_data.zo_type != ENTRY_OBJ || strcmp(result->objects.objects_val[0].zo_data.objdata_u.en_data.en_type, "rpc_tbl") != 0 || result->objects.objects_val[0].zo_data.objdata_u.en_data.en_cols.en_cols_len < 3) - return -1; + return 0; memset (p, '\0', room_left); @@ -75,7 +75,7 @@ _nss_nisplus_parse_rpcent (nis_result *result, struct rpcent *rpc, if (NISENTRYLEN (0, 0, result) +1 > room_left) { __set_errno (ERANGE); - return -1; + return 0; } strncpy (p, NISENTRYVAL (0, 0, result), NISENTRYLEN (0, 0, result)); room_left -= (NISENTRYLEN (0, 0, result) +1); @@ -83,7 +83,7 @@ _nss_nisplus_parse_rpcent (nis_result *result, struct rpcent *rpc, if (NISENTRYLEN (0, 2, result) +1 > room_left) { __set_errno (ERANGE); - return -1; + return 0; } strcat (p, "\t"); strncat (p, NISENTRYVAL (0, 2, result), NISENTRYLEN (0, 2, result)); @@ -96,7 +96,7 @@ _nss_nisplus_parse_rpcent (nis_result *result, struct rpcent *rpc, if (NISENTRYLEN (i, 1, result) +1 > room_left) { __set_errno (ERANGE); - return -1; + return 0; } strcat (p, " "); strncat (p, NISENTRYVAL (i, 1, result), NISENTRYLEN (i, 1, result)); diff --git a/nis/nss_nisplus/nisplus-service.c b/nis/nss_nisplus/nisplus-service.c index 54f4f87..1a8716a 100644 --- a/nis/nss_nisplus/nisplus-service.c +++ b/nis/nss_nisplus/nisplus-service.c @@ -63,14 +63,14 @@ _nss_nisplus_parse_servent (nis_result *result, struct servent *serv, struct parser_data *data = (void *) buffer; if (result == NULL) - return -1; + return 0; if ((result->status != NIS_SUCCESS && result->status != NIS_S_SUCCESS) || result->objects.objects_val[0].zo_data.zo_type != ENTRY_OBJ || strcmp (result->objects.objects_val[0].zo_data.objdata_u.en_data.en_type, "services_tbl") != 0 || result->objects.objects_val[0].zo_data.objdata_u.en_data.en_cols.en_cols_len < 4) - return -1; + return 0; memset (p, '\0', room_left); @@ -78,7 +78,7 @@ _nss_nisplus_parse_servent (nis_result *result, struct servent *serv, if (NISENTRYLEN (0, 0, result) + 1 > room_left) { __set_errno (ERANGE); - return -1; + return 0; } strncpy (p, NISENTRYVAL (0, 0, result), NISENTRYLEN (0, 0, result)); room_left -= (NISENTRYLEN (0, 0, result) + 1); @@ -86,7 +86,7 @@ _nss_nisplus_parse_servent (nis_result *result, struct servent *serv, if (NISENTRYLEN (0, 3, result) + 1 > room_left) { __set_errno (ERANGE); - return -1; + return 0; } strcat (p, "\t"); strncat (p, NISENTRYVAL (0, 3, result), NISENTRYLEN (0, 3, result)); @@ -94,7 +94,7 @@ _nss_nisplus_parse_servent (nis_result *result, struct servent *serv, if (NISENTRYLEN (0, 2, result) + 1 > room_left) { __set_errno (ERANGE); - return -1; + return 0; } strcat (p, "/"); strncat (p, NISENTRYVAL (0, 2, result), NISENTRYLEN (0, 2, result)); @@ -105,7 +105,7 @@ _nss_nisplus_parse_servent (nis_result *result, struct servent *serv, if (NISENTRYLEN (i, 1, result) + 1 > room_left) { __set_errno (ERANGE); - return -1; + return 0; } strcat (p, " "); strcat (p, NISENTRYVAL (i, 1, result)); diff --git a/nis/nss_nisplus/nisplus-spwd.c b/nis/nss_nisplus/nisplus-spwd.c index ec4b5b3..3400e28 100644 --- a/nis/nss_nisplus/nisplus-spwd.c +++ b/nis/nss_nisplus/nisplus-spwd.c @@ -38,7 +38,7 @@ static nis_name *names = NULL; #define NISENTRYLEN(idx,col,res) \ ((res)->objects.objects_val[(idx)].zo_data.objdata_u.en_data.en_cols.en_cols_val[(col)].ec_value.ec_value_len) -static int +int _nss_nisplus_parse_spent (nis_result *result, struct spwd *sp, char *buffer, size_t buflen) { @@ -47,7 +47,7 @@ _nss_nisplus_parse_spent (nis_result *result, struct spwd *sp, char *line, *cp; if (result == NULL) - return -1; + return 0; if ((result->status != NIS_SUCCESS && result->status != NIS_S_SUCCESS) || result->objects.objects_len != 1 || @@ -55,14 +55,14 @@ _nss_nisplus_parse_spent (nis_result *result, struct spwd *sp, strcmp (result->objects.objects_val[0].zo_data.objdata_u.en_data.en_type, "passwd_tbl") != 0 || result->objects.objects_val[0].zo_data.objdata_u.en_data.en_cols.en_cols_len < 8) - return -1; + return 0; if (NISENTRYLEN(0, 0, result) >= room_left) { /* The line is too long for our buffer. */ no_more_room: __set_errno (ERANGE); - return -1; + return 0; } strncpy (first_unused, NISENTRYVAL (0, 0, result), diff --git a/nis/ypclnt.c b/nis/ypclnt.c index e4667f7..01bf8bc 100644 --- a/nis/ypclnt.c +++ b/nis/ypclnt.c @@ -21,6 +21,7 @@ #include <unistd.h> #include <fcntl.h> #include <libc-lock.h> +#include <rpc/rpc.h> #include <rpcsvc/yp.h> #include <rpcsvc/ypclnt.h> #include <rpcsvc/ypupd.h> @@ -781,7 +782,7 @@ int yp_update (char *domain, char *map, unsigned ypop, char *key, int keylen, char *data, int datalen) { -#if 0 +#if defined (HAVE_SECURE_RPC) union { ypupdate_args update_args; @@ -847,8 +848,8 @@ yp_update (char *domain, char *map, unsigned ypop, clnt->cl_auth = authunix_create_default (); again: - r = clnt_call (clnt, ypop, xdr_argument, &args, - (xdrproc_t) xdr_u_int, &res, TIMEOUT); + r = clnt_call (clnt, ypop, xdr_argument, (caddr_t) &args, + (xdrproc_t) xdr_u_int, (caddr_t) &res, TIMEOUT); if (r == RPC_AUTHERROR) { |