getgrent.c revision 7c478bd95313f5f23a4c958a745db2134aa03244
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2003 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#include <grp.h>
#include "ldap_common.h"
/* String which may need to be removed from beginning of group password */
#define _CRYPT "{CRYPT}"
#define _NO_PASSWD_VAL ""
/* Group attributes filters */
#define _G_NAME "cn"
#define _G_GID "gidnumber"
#define _G_PASSWD "userpassword"
#define _G_MEM "memberuid"
#define _F_GETGRNAM "(&(objectClass=posixGroup)(cn=%s))"
#define _F_GETGRNAM_SSD "(&(%%s)(cn=%s))"
#define _F_GETGRGID "(&(objectClass=posixGroup)(gidNumber=%ld))"
#define _F_GETGRGID_SSD "(&(%%s)(gidNumber=%ld))"
#define _F_GETGRMEM "(&(objectClass=posixGroup)(memberUid=%s))"
#define _F_GETGRMEM_SSD "(&(%%s)(memberUid=%s))"
static const char *gr_attrs[] = {
(char *)NULL
};
/*
* _nss_ldap_group2ent is the data marshaling method for the group getXbyY
* (e.g., getgrnam(), getgrgid(), getgrent()) backend processes. This method
* is called after a successful ldap search has been performed. This method
* will parse the ldap search values into struct group = argp->buf.buffer
* which the frontend process expects. Three error conditions are expected
* and returned to nsswitch.
*/
static int
{
int i, j;
int nss_result;
int buflen = (int)0;
int firstime = (int)1;
unsigned long len = 0L;
nss_result = (int)NSS_STR_PARSE_ERANGE;
goto result_grp2ent;
}
/* initialize no group password */
nss_result = (int)NSS_STR_PARSE_SUCCESS;
nss_result = (int)NSS_STR_PARSE_PARSE;
goto result_grp2ent;
}
nss_result = (int)NSS_STR_PARSE_PARSE;
goto result_grp2ent;
}
nss_result = (int)NSS_STR_PARSE_PARSE;
goto result_grp2ent;
}
nss_result = (int)NSS_STR_PARSE_ERANGE;
goto result_grp2ent;
}
continue;
}
/*
* Preen "{crypt}" if necessary.
* If the password does not include the {crypt} prefix
* then the password may be plain text. And thus
* perhaps crypt(3c) should be used to encrypt it.
* Currently the password is copied verbatim.
*/
(sizeof (_CRYPT) - 1)) == 0)
nss_result = (int)NSS_STR_PARSE_ERANGE;
goto result_grp2ent;
}
continue;
}
nss_result = (int)NSS_STR_PARSE_PARSE;
goto result_grp2ent;
}
errno = 0;
(char **)NULL, 10);
if (errno != 0) {
nss_result = (int)NSS_STR_PARSE_PARSE;
goto result_grp2ent;
}
continue;
}
for (j = 0; j < attrptr->value_count; j++) {
if (firstime) {
sizeof (char **));
sizeof (char *) *
sizeof (char **));
(int)NSS_STR_PARSE_ERANGE;
goto result_grp2ent;
}
firstime = (int)0;
}
nss_result = (int)NSS_STR_PARSE_PARSE;
goto result_grp2ent;
}
if (len == 0)
continue;
nss_result = (int)NSS_STR_PARSE_ERANGE;
goto result_grp2ent;
}
continue;
}
}
}
/* Don't leave password as null */
/*
* The password may be missing; rfc2307bis defines
* the 'posixGroup' attributes 'authPassword' and
* 'userPassword' as being optional. Or a directory
* access control may be preventing us from reading
* the password. Currently we don't know which it is.
* If it's an access problem then perhaps the password
* should be set to "*NP*". But for now a simple empty
* string is returned.
*/
buffer += sizeof (_NO_PASSWD_VAL);
nss_result = (int)NSS_STR_PARSE_ERANGE;
goto result_grp2ent;
}
}
nss_result = (int)NSS_STR_PARSE_ERANGE;
goto result_grp2ent;
}
}
#ifdef DEBUG
}
#endif /* DEBUG */
return ((int)nss_result);
}
/*
* getbynam gets a group entry by name. This function constructs an ldap
* search filter using the name invocation parameter and the getgrnam search
* filter defined. Once the filter is constructed, we searche for a matching
* entry and marshal the data results into struct group for the frontend
* process. The function _nss_ldap_group2ent performs the data marshaling.
*/
static nss_status_t
{
char searchfilter[SEARCHFILTERLEN];
char userdata[SEARCHFILTERLEN];
char groupname[SEARCHFILTERLEN];
int ret;
#ifdef DEBUG
#endif /* DBEUG */
!= 0)
return ((nss_status_t)NSS_NOTFOUND);
return ((nss_status_t)NSS_NOTFOUND);
return ((nss_status_t)NSS_NOTFOUND);
}
/*
* getbygid gets a group entry by number. This function constructs an ldap
* search filter using the name invocation parameter and the getgrgid search
* filter defined. Once the filter is constructed, we searche for a matching
* entry and marshal the data results into struct group for the frontend
* process. The function _nss_ldap_group2ent performs the data marshaling.
*/
static nss_status_t
{
char searchfilter[SEARCHFILTERLEN];
char userdata[SEARCHFILTERLEN];
int ret;
#ifdef DEBUG
#endif /* DBEUG */
return ((nss_status_t)NSS_NOTFOUND);
return ((nss_status_t)NSS_NOTFOUND);
}
/*
* getbymember returns all groups a user is defined in. This function
* uses different architectural procedures than the other group backend
* system calls because it's a private interface. This function constructs
* an ldap search filter using the name invocation parameter. Once the
* filter is constructed, we search for all matching groups counting
* and storing each group name, gid, etc. Data marshaling is used for
* group processing. The function _nss_ldap_group2ent() performs the
* data marshaling.
*
* (const char *)argp->username; (size_t)strlen(argp->username);
* (gid_t)argp->gid_array; (int)argp->maxgids;
* (int)argp->numgids;
*/
static nss_status_t
{
int i, j, k;
int gcnt = (int)0;
char **groupvalue, **membervalue;
static nss_XbyY_buf_t *gb;
char searchfilter[SEARCHFILTERLEN];
char userdata[SEARCHFILTERLEN];
char name[SEARCHFILTERLEN];
char *username;
int ret;
#ifdef DEBUG
#endif /* DBEUG */
return ((nss_status_t)NSS_NOTFOUND);
return ((nss_status_t)NSS_NOTFOUND);
return ((nss_status_t)NSS_NOTFOUND);
return ((nss_status_t)NSS_NOTFOUND);
return ((nss_status_t)lstat);
return (NSS_NOTFOUND);
for (i = 0; i < result->entries_count; i++) {
if (membervalue) {
for (j = 0; membervalue[j]; j++) {
"gidnumber");
(char **)NULL, 10);
k++) {
/* already exists */
break;
}
= gid;
}
break;
}
}
}
}
NSS_XbyY_FREE(&gb);
return ((nss_status_t)NSS_NOTFOUND);
return ((nss_status_t)NSS_SUCCESS);
}
static ldap_backend_op_t gr_ops[] = {
};
/*ARGSUSED0*/
const char *dummy3)
{
}