getgrent.c revision 20e6d5c536ad5b300e7fafb6a92e13040f492977
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2008 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#include <grp.h>
#include "ldap_common.h"
/* String which may need to be removed from beginning of group password */
#define _CRYPT "{CRYPT}"
#define _NO_PASSWD_VAL ""
/* Group attributes filters */
#define _G_NAME "cn"
#define _G_GID "gidnumber"
#define _G_PASSWD "userpassword"
#define _G_MEM "memberuid"
#define _F_GETGRNAM "(&(objectClass=posixGroup)(cn=%s))"
#define _F_GETGRNAM_SSD "(&(%%s)(cn=%s))"
#define _F_GETGRGID "(&(objectClass=posixGroup)(gidNumber=%u))"
#define _F_GETGRGID_SSD "(&(%%s)(gidNumber=%u))"
#define _F_GETGRMEM "(&(objectClass=posixGroup)(memberUid=%s))"
#define _F_GETGRMEM_SSD "(&(%%s)(memberUid=%s))"
static const char *gr_attrs[] = {
(char *)NULL
};
/*
* _nss_ldap_group2str is the data marshaling method for the group getXbyY
* (e.g., getgrnam(), getgrgid(), getgrent()) backend processes. This method
* is called after a successful ldap search has been performed. This method
* will parse the ldap search values into the file format.
* e.g.
*
* adm::4:root,adm,daemon
*
*/
static int
{
int i;
int nss_result;
int firstime = 1;
return (NSS_STR_PARSE_PARSE);
goto result_grp2str;
}
} else
goto result_grp2str;
}
/* group password could be NULL, replace it with "" */
} else {
/*
* Preen "{crypt}" if necessary.
* If the password does not include the {crypt} prefix
* then the password may be plain text. And thus
* perhaps crypt(3c) should be used to encrypt it.
* Currently the password is copied verbatim.
*/
else
}
goto result_grp2str;
}
/* no member is fine, skip processing the member list */
goto nomember;
}
for (i = 0; i < members->value_count; i++) {
goto result_grp2str;
}
if (firstime) {
firstime = 0;
} else {
}
}
/* The front end marshaller doesn't need the trailing nulls */
return (nss_result);
}
/*
* getbynam gets a group entry by name. This function constructs an ldap
* search filter using the name invocation parameter and the getgrnam search
* filter defined. Once the filter is constructed, we searche for a matching
* entry and marshal the data results into struct group for the frontend
* process. The function _nss_ldap_group2ent performs the data marshaling.
*/
static nss_status_t
{
char searchfilter[SEARCHFILTERLEN];
char userdata[SEARCHFILTERLEN];
char groupname[SEARCHFILTERLEN];
int ret;
0)
return ((nss_status_t)NSS_NOTFOUND);
return ((nss_status_t)NSS_NOTFOUND);
return ((nss_status_t)NSS_NOTFOUND);
}
/*
* getbygid gets a group entry by number. This function constructs an ldap
* search filter using the name invocation parameter and the getgrgid search
* filter defined. Once the filter is constructed, we searche for a matching
* entry and marshal the data results into struct group for the frontend
* process. The function _nss_ldap_group2ent performs the data marshaling.
*/
static nss_status_t
{
char searchfilter[SEARCHFILTERLEN];
char userdata[SEARCHFILTERLEN];
int ret;
return ((nss_status_t)NSS_NOTFOUND);
return ((nss_status_t)NSS_NOTFOUND);
}
/*
* getbymember returns all groups a user is defined in. This function
* uses different architectural procedures than the other group backend
* system calls because it's a private interface. This function constructs
* an ldap search filter using the name invocation parameter. Once the
* filter is constructed, we search for all matching groups counting
* and storing each group name, gid, etc. Data marshaling is used for
* group processing. The function _nss_ldap_group2ent() performs the
* data marshaling.
*
* (const char *)argp->username; (size_t)strlen(argp->username);
* (gid_t)argp->gid_array; (int)argp->maxgids;
* (int)argp->numgids;
*/
static nss_status_t
{
int i, j, k;
int gcnt = (int)0;
char **groupvalue, **membervalue;
char searchfilter[SEARCHFILTERLEN];
char userdata[SEARCHFILTERLEN];
char name[SEARCHFILTERLEN];
char *username;
int ret;
return ((nss_status_t)NSS_NOTFOUND);
return ((nss_status_t)NSS_NOTFOUND);
return ((nss_status_t)NSS_NOTFOUND);
return ((nss_status_t)NSS_NOTFOUND);
return ((nss_status_t)lstat);
return (NSS_NOTFOUND);
for (i = 0; i < result->entries_count; i++) {
if (membervalue) {
for (j = 0; membervalue[j]; j++) {
"gidnumber");
(char **)NULL, 10);
k++) {
== gid)
/* already exists */
break;
}
= gid;
}
break;
}
}
}
}
return ((nss_status_t)NSS_NOTFOUND);
/*
* Return NSS_SUCCESS only if array is full.
* Explained in <nss_dbdefs.h>.
*/
: NSS_NOTFOUND));
}
static ldap_backend_op_t gr_ops[] = {
};
/*ARGSUSED0*/
const char *dummy3)
{
}