/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
*/
/* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */
/* All Rights Reserved */
/*
* Portions of this source code were derived from Berkeley
* 4.3 BSD under license from the Regents of the University of
* California.
*/
/*
* ==== hack-attack: possibly MT-safe but definitely not MT-hot.
* ==== turn this into a real switch frontend and backends
*
* Well, at least the API doesn't involve pointers-to-static.
*/
/*
* netname utility routines convert from netnames to unix names (uid, gid)
*
* This module is operating system dependent!
* What we define here will work with any unix system that has adopted
* the Sun NIS domain architecture.
*/
#include "mt.h"
#include "rpc_mt.h"
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <alloca.h>
#include <ctype.h>
#include <grp.h>
#include <pwd.h>
#include <string.h>
#include <syslog.h>
#include <nsswitch.h>
#include <nss_dbdefs.h>
extern int _getgroupsbymember(const char *, gid_t[], int, int);
/*
* the value for NOBODY_UID is set by the SVID. The following define also
* appears in netname.c
*/
/*
* default publickey policy:
* publickey: nis [NOTFOUND = return] files
*/
/* NSW_NOTSUCCESS NSW_NOTFOUND NSW_UNAVAIL NSW_TRYAGAIN */
struct netid_userdata {
int *gidlenp;
};
static int
{
uid_t u;
if (!s || !isdigit(*s)) {
"netname2user: expecting uid '%s'", s);
return (__NSW_NOTFOUND); /* xxx need a better error */
}
/* Fetch the uid */
if (u == 0) {
return (__NSW_NOTFOUND);
}
return (__NSW_SUCCESS);
}
/* parse a comma separated gid list */
static int
{
int len;
gid_t g;
if (!p || (!isdigit(*p))) {
"netname2user: missing group id list in '%s'.",
p);
return (__NSW_NOTFOUND);
}
len = 0;
return (__NSW_SUCCESS);
}
/*
* parse_netid_str()
*
* Parse uid and group information from the passed string.
*
* The format of the string passed is
* uid:gid,grp,grp, ...
*
*/
static int
{
char *p;
int err;
/* get uid */
if (err != __NSW_SUCCESS)
return (err);
/* Now get the group list */
p = strchr(s, ':');
if (!p) {
"netname2user: missing group id list in '%s'", s);
return (__NSW_NOTFOUND);
}
++p; /* skip ':' */
return (err);
}
/*
* netname2user_files()
*
* This routine fetches the netid information from the "files" nameservice.
*/
static int
{
/* one line from the file */
char *name;
char *value;
char *res;
*err = __NSW_UNAVAIL;
return (0);
}
/*
* for each line in the file parse it appropriately
* file format is :
* netid uid:grp,grp,grp # for users
* netid 0:hostname # for hosts
*/
break;
/* Skip comments and blank lines */
continue;
name++;
continue;
value++;
if (*value == '\0') {
"netname2user: badly formatted line in %s.",
continue;
}
value++;
return (*err == __NSW_SUCCESS);
}
}
*err = __NSW_NOTFOUND;
return (0);
}
/*
* netname2user_nis()
*
* This function reads the netid from the NIS (YP) nameservice.
*/
static int
{
char *domain;
int yperr;
char *lookup;
int len;
if (!domain) {
*err = __NSW_UNAVAIL;
return (0);
}
/* Point past the '@' character */
domain++;
switch (yperr) {
case 0:
break; /* the successful case */
default :
/*
* XXX not sure about yp_match semantics.
* should err be set to NOTFOUND here?
*/
*err = __NSW_UNAVAIL;
return (0);
}
if (lookup) {
return (*err == __NSW_SUCCESS);
}
*err = __NSW_NOTFOUND;
return (0);
}
/*
* Build the uid and gid from the netname for users in LDAP.
* There is no netid container in LDAP. For this we build
* the netname to user data dynamically from the passwd and
* group data. This works only for users in a single domain.
* This function is an interim solution until we support a
* netid container in LDAP which enables us to do netname2user
* resolution for multiple domains.
*/
static int
{
int ngroups = 0;
int count;
*err = __NSW_UNAVAIL;
return (0);
}
/* get the uid from the netname */
*err = __NSW_UNAVAIL;
return (0);
}
*err = __NSW_UNAVAIL;
return (0);
}
/*
* check out the primary group and crosscheck the uid
* with the passwd data
*/
*err = __NSW_UNAVAIL;
return (0);
}
/* search through all groups for membership */
if (ngroups < 0) {
*err = __NSW_UNAVAIL;
return (0);
}
}
*err = __NSW_SUCCESS;
return (1);
}
/*
* Convert network-name into unix credential
*/
int
{
int err;
/*
* Take care of the special case of nobody. Compare the netname
* to the string "nobody". If they are equal, return the SVID
* standard value for nobody.
*/
*uidp = NOBODY_UID;
*gidp = NOBODY_UID;
*gidlenp = 0;
return (1);
}
/*
* First we do some generic sanity checks on the name we were
* passed. This lets us assume they are correct in the backends.
*
* NOTE: this code only recognizes names of the form :
* unix.UID@domainname
*/
return (0);
return (0);
(void) mutex_lock(&serialize_netname_r);
if (!conf) {
needfree = 0;
} else
else {
"netname2user: unknown nameservice for publickey"
err = __NSW_UNAVAIL;
}
case __NSW_CONTINUE :
break;
case __NSW_RETURN :
if (needfree)
(void) __nsw_freeconfig(conf);
(void) mutex_unlock(&serialize_netname_r);
return (res);
default :
"netname2user: Unknown action for "
}
}
if (needfree)
(void) __nsw_freeconfig(conf);
(void) mutex_unlock(&serialize_netname_r);
return (0);
}
/*
* Convert network-name to hostname (fully qualified)
* NOTE: this code only recognizes names of the form :
* unix.HOST@domainname
*
* This is very simple. Since the netname is of the form:
* unix.host@domainname
* We just construct the hostname using information from the domainname.
*/
int
const int hostlen)
{
char *p, *domainname;
if (!netname) {
goto bad_exit;
}
goto bad_netname;
if (*p != '.')
goto bad_netname;
++p; /* skip '.' */
if (domainname == 0)
goto bad_netname;
domainname++; /* skip '@' sign */
if (len <= 0)
goto bad_netname;
"netname2host: insufficient space for hostname");
goto bad_exit;
}
if (isdigit(*p)) /* don't want uid here */
goto bad_netname;
if (*p == '\0') /* check for null hostname */
goto bad_netname;
/* make into fully qualified hostname by concatenating domain part */
"netname2host: insufficient space for hostname");
goto bad_exit;
}
return (1);
hostname[0] = '\0';
return (0);
}