2N/A/*
2N/A * CDDL HEADER START
2N/A *
2N/A * The contents of this file are subject to the terms of the
2N/A * Common Development and Distribution License (the "License").
2N/A * You may not use this file except in compliance with the License.
2N/A *
2N/A * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
2N/A * or http://www.opensolaris.org/os/licensing.
2N/A * See the License for the specific language governing permissions
2N/A * and limitations under the License.
2N/A *
2N/A * When distributing Covered Code, include this CDDL HEADER in each
2N/A * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
2N/A * If applicable, add the following below this CDDL HEADER, with the
2N/A * fields enclosed by brackets "[]" replaced with your own identifying
2N/A * information: Portions Copyright [yyyy] [name of copyright owner]
2N/A *
2N/A * CDDL HEADER END
2N/A */
2N/A
2N/A/*
2N/A * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
2N/A * Use is subject to license terms.
2N/A */
2N/A
2N/A#include "lint.h"
2N/A#include <sys/types.h>
2N/A#include <pwd.h>
2N/A#include <nss_dbdefs.h>
2N/A#include <stdio.h>
2N/A#include <synch.h>
2N/A#include <sys/param.h>
2N/A#include <string.h>
2N/A#include <stdlib.h>
2N/A#include <sys/mman.h>
2N/A#include <errno.h>
2N/A
2N/Aint str2passwd(const char *, int, void *,
2N/A char *, int);
2N/A
2N/Astatic DEFINE_NSS_DB_ROOT(db_root);
2N/Astatic DEFINE_NSS_GETENT(context);
2N/A
2N/Avoid
2N/A_nss_initf_passwd(nss_db_params_t *p)
2N/A{
2N/A p->name = NSS_DBNAM_PASSWD;
2N/A p->default_config = NSS_DEFCONF_PASSWD;
2N/A}
2N/A
2N/A#include <getxby_door.h>
2N/A
2N/Astruct passwd *
2N/A_uncached_getpwuid_r(uid_t uid, struct passwd *result, char *buffer,
2N/A int buflen);
2N/A
2N/Astruct passwd *
2N/A_uncached_getpwnam_r(const char *name, struct passwd *result, char *buffer,
2N/A int buflen);
2N/A
2N/A/*
2N/A * POSIX.1c Draft-6 version of the function getpwnam_r.
2N/A * It was implemented by Solaris 2.3.
2N/A */
2N/Astruct passwd *
2N/Agetpwnam_r(const char *name, struct passwd *result, char *buffer, int buflen)
2N/A{
2N/A nss_XbyY_args_t arg;
2N/A
2N/A if (name == (const char *)NULL) {
2N/A errno = ERANGE;
2N/A return (NULL);
2N/A }
2N/A NSS_XbyY_INIT(&arg, result, buffer, buflen, str2passwd);
2N/A arg.key.name = name;
2N/A (void) nss_search(&db_root, _nss_initf_passwd, NSS_DBOP_PASSWD_BYNAME,
2N/A &arg);
2N/A return ((struct passwd *)NSS_XbyY_FINI(&arg));
2N/A}
2N/A
2N/A/*
2N/A * POSIX.1c Draft-6 version of the function getpwuid_r.
2N/A * It was implemented by Solaris 2.3.
2N/A */
2N/Astruct passwd *
2N/Agetpwuid_r(uid_t uid, struct passwd *result, char *buffer, int buflen)
2N/A{
2N/A nss_XbyY_args_t arg;
2N/A
2N/A NSS_XbyY_INIT(&arg, result, buffer, buflen, str2passwd);
2N/A arg.key.uid = uid;
2N/A (void) nss_search(&db_root, _nss_initf_passwd, NSS_DBOP_PASSWD_BYUID,
2N/A &arg);
2N/A return ((struct passwd *)NSS_XbyY_FINI(&arg));
2N/A}
2N/A
2N/A
2N/Astruct passwd *
2N/A_uncached_getpwuid_r(uid_t uid, struct passwd *result, char *buffer,
2N/A int buflen)
2N/A{
2N/A nss_XbyY_args_t arg;
2N/A
2N/A NSS_XbyY_INIT(&arg, result, buffer, buflen, str2passwd);
2N/A arg.key.uid = uid;
2N/A (void) nss_search(&db_root, _nss_initf_passwd, NSS_DBOP_PASSWD_BYUID,
2N/A &arg);
2N/A return ((struct passwd *)NSS_XbyY_FINI(&arg));
2N/A}
2N/A
2N/A
2N/A/*
2N/A * POSIX.1c standard version of the function getpwuid_r.
2N/A * User gets it via static getpwuid_r from the header file.
2N/A */
2N/Aint
2N/A__posix_getpwuid_r(uid_t uid, struct passwd *pwd, char *buffer,
2N/A size_t bufsize, struct passwd **result)
2N/A{
2N/A int nerrno = 0;
2N/A int oerrno = errno;
2N/A
2N/A errno = 0;
2N/A if ((*result = getpwuid_r(uid, pwd, buffer, (uintptr_t)bufsize))
2N/A == NULL) {
2N/A nerrno = errno;
2N/A }
2N/A errno = oerrno;
2N/A return (nerrno);
2N/A}
2N/A
2N/Astruct passwd *
2N/A_uncached_getpwnam_r(const char *name, struct passwd *result, char *buffer,
2N/A int buflen)
2N/A{
2N/A nss_XbyY_args_t arg;
2N/A
2N/A NSS_XbyY_INIT(&arg, result, buffer, buflen, str2passwd);
2N/A arg.key.name = name;
2N/A (void) nss_search(&db_root, _nss_initf_passwd, NSS_DBOP_PASSWD_BYNAME,
2N/A &arg);
2N/A return ((struct passwd *)NSS_XbyY_FINI(&arg));
2N/A}
2N/A
2N/A/*
2N/A * POSIX.1c standard version of the function getpwnam_r.
2N/A * User gets it via static getpwnam_r from the header file.
2N/A */
2N/Aint
2N/A__posix_getpwnam_r(const char *name, struct passwd *pwd, char *buffer,
2N/A size_t bufsize, struct passwd **result)
2N/A{
2N/A int nerrno = 0;
2N/A int oerrno = errno;
2N/A
2N/A errno = 0;
2N/A if ((*result = getpwnam_r(name, pwd, buffer, (uintptr_t)bufsize))
2N/A == NULL) {
2N/A nerrno = errno;
2N/A }
2N/A errno = oerrno;
2N/A return (nerrno);
2N/A}
2N/A
2N/Avoid
2N/Asetpwent(void)
2N/A{
2N/A nss_setent(&db_root, _nss_initf_passwd, &context);
2N/A}
2N/A
2N/Avoid
2N/Aendpwent(void)
2N/A{
2N/A nss_endent(&db_root, _nss_initf_passwd, &context);
2N/A nss_delete(&db_root);
2N/A}
2N/A
2N/Astruct passwd *
2N/Agetpwent_r(struct passwd *result, char *buffer, int buflen)
2N/A{
2N/A nss_XbyY_args_t arg;
2N/A char *nam;
2N/A
2N/A /* In getXXent_r(), protect the unsuspecting caller from +/- entries */
2N/A
2N/A do {
2N/A NSS_XbyY_INIT(&arg, result, buffer, buflen, str2passwd);
2N/A /* No key to fill in */
2N/A (void) nss_getent(&db_root, _nss_initf_passwd, &context, &arg);
2N/A } while (arg.returnval != 0 &&
2N/A (nam = ((struct passwd *)arg.returnval)->pw_name) != 0 &&
2N/A (*nam == '+' || *nam == '-'));
2N/A
2N/A return ((struct passwd *)NSS_XbyY_FINI(&arg));
2N/A}
2N/A
2N/Astruct passwd *
2N/Afgetpwent_r(FILE *f, struct passwd *result, char *buffer, int buflen)
2N/A{
2N/A extern void _nss_XbyY_fgets(FILE *, nss_XbyY_args_t *);
2N/A nss_XbyY_args_t arg;
2N/A
2N/A /* ... but in fgetXXent_r, the caller deserves any +/- entry he gets */
2N/A
2N/A /* No key to fill in */
2N/A NSS_XbyY_INIT(&arg, result, buffer, buflen, str2passwd);
2N/A _nss_XbyY_fgets(f, &arg);
2N/A return ((struct passwd *)NSS_XbyY_FINI(&arg));
2N/A}
2N/A
2N/Astatic char *
2N/Agettok(char **nextpp)
2N/A{
2N/A char *p = *nextpp;
2N/A char *q = p;
2N/A char c;
2N/A
2N/A if (p == 0)
2N/A return (0);
2N/A
2N/A while ((c = *q) != '\0' && c != ':')
2N/A q++;
2N/A
2N/A if (c == '\0')
2N/A *nextpp = 0;
2N/A else {
2N/A *q++ = '\0';
2N/A *nextpp = q;
2N/A }
2N/A return (p);
2N/A}
2N/A
2N/A/*
2N/A * Return values: 0 = success, 1 = parse error, 2 = erange ...
2N/A * The structure pointer passed in is a structure in the caller's space
2N/A * wherein the field pointers would be set to areas in the buffer if
2N/A * need be. instring and buffer should be separate areas.
2N/A */
2N/Aint
2N/Astr2passwd(const char *instr, int lenstr, void *ent, char *buffer, int buflen)
2N/A{
2N/A struct passwd *passwd = (struct passwd *)ent;
2N/A char *p, *next;
2N/A int black_magic; /* "+" or "-" entry */
2N/A ulong_t tmp;
2N/A
2N/A if (lenstr + 1 > buflen)
2N/A return (NSS_STR_PARSE_ERANGE);
2N/A
2N/A /*
2N/A * We copy the input string into the output buffer and
2N/A * operate on it in place.
2N/A */
2N/A if (instr != buffer) {
2N/A /* Overlapping buffer copies are OK */
2N/A (void) memmove(buffer, instr, lenstr);
2N/A buffer[lenstr] = '\0';
2N/A }
2N/A
2N/A /* quick exit do not entry fill if not needed */
2N/A if (ent == (void *)NULL)
2N/A return (NSS_STR_PARSE_SUCCESS);
2N/A
2N/A next = buffer;
2N/A
2N/A passwd->pw_name = p = gettok(&next); /* username */
2N/A if (*p == '\0') {
2N/A /* Empty username; not allowed */
2N/A return (NSS_STR_PARSE_PARSE);
2N/A }
2N/A black_magic = (*p == '+' || *p == '-');
2N/A if (black_magic) {
2N/A passwd->pw_uid = UID_NOBODY;
2N/A passwd->pw_gid = GID_NOBODY;
2N/A /*
2N/A * pwconv tests pw_passwd and pw_age == NULL
2N/A */
2N/A passwd->pw_passwd = "";
2N/A passwd->pw_age = "";
2N/A /*
2N/A * the rest of the passwd entry is "optional"
2N/A */
2N/A passwd->pw_comment = "";
2N/A passwd->pw_gecos = "";
2N/A passwd->pw_dir = "";
2N/A passwd->pw_shell = "";
2N/A }
2N/A
2N/A passwd->pw_passwd = p = gettok(&next); /* password */
2N/A if (p == 0) {
2N/A if (black_magic)
2N/A return (NSS_STR_PARSE_SUCCESS);
2N/A else
2N/A return (NSS_STR_PARSE_PARSE);
2N/A }
2N/A for (; *p != '\0'; p++) { /* age */
2N/A if (*p == ',') {
2N/A *p++ = '\0';
2N/A break;
2N/A }
2N/A }
2N/A passwd->pw_age = p;
2N/A
2N/A p = next; /* uid */
2N/A if (p == 0 || *p == '\0') {
2N/A if (black_magic)
2N/A return (NSS_STR_PARSE_SUCCESS);
2N/A else
2N/A return (NSS_STR_PARSE_PARSE);
2N/A }
2N/A if (!black_magic) {
2N/A /*
2N/A * strtoul returns unsigned long which is
2N/A * 8 bytes on a 64-bit system. We don't want
2N/A * to assign it directly to passwd->pw_uid
2N/A * which is 4 bytes or else we will end up
2N/A * truncating the value.
2N/A */
2N/A errno = 0;
2N/A tmp = strtoul(p, &next, 10);
2N/A if (next == p || errno != 0) {
2N/A /* uid field should be nonempty */
2N/A /* also check errno from strtoul */
2N/A return (NSS_STR_PARSE_PARSE);
2N/A }
2N/A /*
2N/A * The old code (in 2.0 through 2.5) would check
2N/A * for the uid being negative, or being greater
2N/A * than 60001 (the rfs limit). If it met either of
2N/A * these conditions, the uid was translated to 60001.
2N/A *
2N/A * Now we just check for -1 (UINT32_MAX); anything else
2N/A * is administrative policy
2N/A */
2N/A if (tmp >= UINT32_MAX)
2N/A passwd->pw_uid = UID_NOBODY;
2N/A else
2N/A passwd->pw_uid = (uid_t)tmp;
2N/A }
2N/A if (*next++ != ':') {
2N/A if (black_magic)
2N/A (void) gettok(&next);
2N/A else
2N/A return (NSS_STR_PARSE_PARSE);
2N/A }
2N/A p = next; /* gid */
2N/A if (p == 0 || *p == '\0') {
2N/A if (black_magic)
2N/A return (NSS_STR_PARSE_SUCCESS);
2N/A else
2N/A return (NSS_STR_PARSE_PARSE);
2N/A }
2N/A if (!black_magic) {
2N/A errno = 0;
2N/A tmp = strtoul(p, &next, 10);
2N/A if (next == p || errno != 0) {
2N/A /* gid field should be nonempty */
2N/A /* also check errno from strtoul */
2N/A return (NSS_STR_PARSE_PARSE);
2N/A }
2N/A /*
2N/A * gid should not be -1; anything else
2N/A * is administrative policy.
2N/A */
2N/A if (tmp >= UINT32_MAX)
2N/A passwd->pw_gid = GID_NOBODY;
2N/A else
2N/A passwd->pw_gid = (gid_t)tmp;
2N/A }
2N/A if (*next++ != ':') {
2N/A if (black_magic)
2N/A (void) gettok(&next);
2N/A else
2N/A return (NSS_STR_PARSE_PARSE);
2N/A }
2N/A
2N/A passwd->pw_gecos = passwd->pw_comment = p = gettok(&next);
2N/A if (p == 0) {
2N/A if (black_magic)
2N/A return (NSS_STR_PARSE_SUCCESS);
2N/A else
2N/A return (NSS_STR_PARSE_PARSE);
2N/A }
2N/A
2N/A passwd->pw_dir = p = gettok(&next);
2N/A if (p == 0) {
2N/A if (black_magic)
2N/A return (NSS_STR_PARSE_SUCCESS);
2N/A else
2N/A return (NSS_STR_PARSE_PARSE);
2N/A }
2N/A
2N/A passwd->pw_shell = p = gettok(&next);
2N/A if (p == 0) {
2N/A if (black_magic)
2N/A return (NSS_STR_PARSE_SUCCESS);
2N/A else
2N/A return (NSS_STR_PARSE_PARSE);
2N/A }
2N/A
2N/A /* Better not be any more fields... */
2N/A if (next == 0) {
2N/A /* Successfully parsed and stored */
2N/A return (NSS_STR_PARSE_SUCCESS);
2N/A }
2N/A return (NSS_STR_PARSE_PARSE);
2N/A}