lib/passwdutil/__set_authtoken_attr.c

/*
 * CDDL HEADER START
 *
 * The contents of this file are subject to the terms of the
 * Common Development and Distribution License (the "License").
 * You may not use this file except in compliance with the License.
 *
 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 * or http://www.opensolaris.org/os/licensing.
 * See the License for the specific language governing permissions
 * and limitations under the License.
 *
 * When distributing Covered Code, include this CDDL HEADER in each
 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
 * If applicable, add the following below this CDDL HEADER, with the
 * fields enclosed by brackets "[]" replaced with your own identifying
 * information: Portions Copyright [yyyy] [name of copyright owner]
 *
 * CDDL HEADER END
 */
/*
 * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
 * Use is subject to license terms.
 */

#include <errno.h>
#include <sys/types.h>
#include <sys/types.h>
#include <nsswitch.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <syslog.h>

#include "passwdutil.h"

int
__set_authtoken_attr(char *name, char *oldpw, pwu_repository_t *rep,
    attrlist *items, int *updated_reps)
{
    attrlist *p;
    int repositories;
    int i;
    void *buf;      /* workspace for repository specific funcs */
    int err = PWU_NOT_FOUND;
    int rep_success = REP_NOREP;    /* first successfull update */
    int updated = REP_NOREP;    /* (bitmask) all updates */

    /* Can't set name uid or flag */
    for (p = items; p != NULL; p = p->next) {
        switch (p->type) {
        case ATTR_NAME:
        case ATTR_UID:
        case ATTR_FLAG:
            return (EINVAL);
        }
    }

    repositories = get_ns(rep, PWU_WRITE);

    if (repositories == 0)
        return (PWU_SYSTEM_ERROR);

    /*
     * updating requires that either
     *  - PAM_REPOSITORY is set: we know what to update
     *  - PAM_REPOSITORY is not set, but we recognize the nsswitch.conf
     *    passwd: entry
     */
    if (repositories == REP_ERANGE || repositories == REP_NSS)
        return (PWU_REPOSITORY_ERROR);

    /*
     * Loop over selected repositories to update
     * We should update the remote repositories first, FILES last.
     */
    for (i = REP_LAST; i; i >>= 1) {
        if (repositories & i) {
            buf = NULL;

            if (rops[i]->lock && (err = rops[i]->lock()))  {
                return (err);
            }

            if (rops[i]->getpwnam) {
                err = rops[i]->getpwnam(name, items, rep, &buf);
            }

            if ((err == PWU_SUCCESS) && rops[i]->update)
                err = rops[i]->update(items, rep, buf);

            if ((err == PWU_SUCCESS) && rops[i]->putpwnam)
                err = rops[i]->putpwnam(name, oldpw, rep, buf);

            if (rops[i]->unlock)
                (void) rops[i]->unlock();

            if (buf) {
                (void) free(buf);
                buf = NULL;
            }
            if (err == PWU_SUCCESS) {
                rep_success = i;    /* this rep succeeded */
                updated |= i;
            } else if (err != PWU_SUCCESS && err != PWU_NOT_FOUND) {
                break;
            }
        }
    }

    if (buf)
        free(buf);

    if (updated_reps)
        *updated_reps = (updated != REP_NOREP) ? updated : i;

    /*
     * err contains either
     *  PWU_SUCCESS     : everyting went OK
     *  PWU_NOT_FOUND   : none of the repositories contained the user
     *  error-code      : the specific error that occurred
     */
    if (rep_success != REP_NOREP) {
        return (PWU_SUCCESS);
    } else {
        return (err);
    }
}