2N/A/*
2N/A * CDDL HEADER START
2N/A *
2N/A * The contents of this file are subject to the terms of the
2N/A * Common Development and Distribution License (the "License").
2N/A * You may not use this file except in compliance with the License.
2N/A *
2N/A * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
2N/A * or http://www.opensolaris.org/os/licensing.
2N/A * See the License for the specific language governing permissions
2N/A * and limitations under the License.
2N/A *
2N/A * When distributing Covered Code, include this CDDL HEADER in each
2N/A * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
2N/A * If applicable, add the following below this CDDL HEADER, with the
2N/A * fields enclosed by brackets "[]" replaced with your own identifying
2N/A * information: Portions Copyright [yyyy] [name of copyright owner]
2N/A *
2N/A * CDDL HEADER END
2N/A */
2N/A/*
2N/A * Copyright (c) 1991, 2011, Oracle and/or its affiliates. All rights reserved.
2N/A *
2N/A * files/getpwnam.c -- "files" backend for nsswitch "passwd" database
2N/A */
2N/A
2N/A#include <pwd.h>
2N/A#include <shadow.h>
2N/A#include <unistd.h> /* for PF_PATH */
2N/A#include "files_common.h"
2N/A#include <strings.h>
2N/A#include <stdlib.h>
2N/A
2N/Astatic files_hash_func hash_pw[2] = { hash_name, hash_ugid };
2N/A
2N/Astatic files_hash_t hashinfo = {
2N/A DEFAULTMUTEX,
2N/A sizeof (struct passwd),
2N/A NSS_BUFLEN_PASSWD,
2N/A 2,
2N/A hash_pw
2N/A};
2N/A
2N/Astatic int
2N/Acheck_pwname(nss_XbyY_args_t *argp, const char *line, int linelen)
2N/A{
2N/A const char *linep, *limit;
2N/A const char *keyp = argp->key.name;
2N/A
2N/A linep = line;
2N/A limit = line + linelen;
2N/A
2N/A /* +/- entries valid for compat source only */
2N/A if (linelen == 0 || *line == '+' || *line == '-')
2N/A return (0);
2N/A while (*keyp && linep < limit && *keyp == *linep) {
2N/A keyp++;
2N/A linep++;
2N/A }
2N/A return (linep < limit && *keyp == '\0' && *linep == ':');
2N/A}
2N/A
2N/Astatic nss_status_t
2N/Agetbyname(be, a)
2N/A files_backend_ptr_t be;
2N/A void *a;
2N/A{
2N/A return (_nss_files_XY_hash(be, a, 0, &hashinfo, 0, check_pwname));
2N/A}
2N/A
2N/Astatic int
2N/Acheck_pwuid(nss_XbyY_args_t *argp, const char *line, int linelen)
2N/A{
2N/A const char *linep, *limit, *end;
2N/A ulong_t pw_uid;
2N/A
2N/A linep = line;
2N/A limit = line + linelen;
2N/A
2N/A /* +/- entries valid for compat source only */
2N/A if (linelen == 0 || *line == '+' || *line == '-')
2N/A return (0);
2N/A
2N/A while (linep < limit && *linep++ != ':') /* skip username */
2N/A continue;
2N/A while (linep < limit && *linep++ != ':') /* skip password */
2N/A continue;
2N/A if (linep == limit)
2N/A return (0);
2N/A
2N/A /* uid */
2N/A end = linep;
2N/A pw_uid = strtoul(linep, (char **)&end, 10);
2N/A
2N/A /* check if the uid is empty or overflows */
2N/A if (linep == end || pw_uid > UINT32_MAX)
2N/A return (0);
2N/A
2N/A return ((uid_t)pw_uid == argp->key.uid);
2N/A}
2N/A
2N/Astatic nss_status_t
2N/Agetbyuid(be, a)
2N/A files_backend_ptr_t be;
2N/A void *a;
2N/A{
2N/A nss_XbyY_args_t *argp = (nss_XbyY_args_t *)a;
2N/A
2N/A if (argp->key.uid > MAXUID)
2N/A return (NSS_NOTFOUND);
2N/A return (_nss_files_XY_hash(be, argp, 0, &hashinfo, 1, check_pwuid));
2N/A}
2N/A
2N/A/*
2N/A * Validates passwd entry replacing uid/gid > MAXUID by ID_NOBODY.
2N/A */
2N/Aint
2N/Avalidate_passwd_ids(char *line, int *linelenp, int buflen, int extra_chars)
2N/A{
2N/A char *linep, *limit, *uidp, *gidp;
2N/A uid_t uid;
2N/A gid_t gid;
2N/A ulong_t uidl, gidl;
2N/A int olduidlen, oldgidlen, idlen;
2N/A int linelen = *linelenp, newlinelen;
2N/A
2N/A /*
2N/A * +name entries in passwd(4) do not override uid and gid
2N/A * values. Therefore no need to validate the ids in these
2N/A * entries.
2N/A */
2N/A if (linelen == 0 || *line == '+' || *line == '-')
2N/A return (NSS_STR_PARSE_SUCCESS);
2N/A
2N/A linep = line;
2N/A limit = line + linelen;
2N/A
2N/A while (linep < limit && *linep++ != ':') /* skip username */
2N/A continue;
2N/A while (linep < limit && *linep++ != ':') /* skip password */
2N/A continue;
2N/A if (linep == limit)
2N/A return (NSS_STR_PARSE_PARSE);
2N/A
2N/A uidp = linep;
2N/A uidl = strtoul(uidp, (char **)&linep, 10); /* grab uid */
2N/A olduidlen = linep - uidp;
2N/A if (++linep >= limit || olduidlen == 0)
2N/A return (NSS_STR_PARSE_PARSE);
2N/A
2N/A gidp = linep;
2N/A gidl = strtoul(gidp, (char **)&linep, 10); /* grab gid */
2N/A oldgidlen = linep - gidp;
2N/A if (linep >= limit || oldgidlen == 0)
2N/A return (NSS_STR_PARSE_PARSE);
2N/A
2N/A if (uidl <= MAXUID && gidl <= MAXUID)
2N/A return (NSS_STR_PARSE_SUCCESS);
2N/A uid = (uidl > MAXUID) ? UID_NOBODY : (uid_t)uidl;
2N/A gid = (gidl > MAXUID) ? GID_NOBODY : (gid_t)gidl;
2N/A
2N/A /* Check if we have enough space in the buffer */
2N/A idlen = snprintf(NULL, 0, "%u:%u", uid, gid);
2N/A newlinelen = linelen + idlen - olduidlen - oldgidlen - 1;
2N/A if (newlinelen + extra_chars > buflen)
2N/A return (NSS_STR_PARSE_ERANGE);
2N/A
2N/A /* Replace ephemeral ids by ID_NOBODY */
2N/A (void) bcopy(linep, uidp + idlen, limit - linep + extra_chars);
2N/A (void) snprintf(uidp, idlen + 1, "%u:%u", uid, gid);
2N/A *(uidp + idlen) = ':'; /* restore : that was overwritten by snprintf */
2N/A *linelenp = newlinelen;
2N/A return (NSS_STR_PARSE_SUCCESS);
2N/A}
2N/A
2N/Astatic files_backend_op_t passwd_ops[] = {
2N/A _nss_files_destr,
2N/A _nss_files_endent,
2N/A _nss_files_setent,
2N/A _nss_files_getent_rigid,
2N/A getbyname,
2N/A getbyuid
2N/A};
2N/A
2N/A/*ARGSUSED*/
2N/Anss_backend_t *
2N/A_nss_files_passwd_constr(dummy1, dummy2, dummy3)
2N/A const char *dummy1, *dummy2, *dummy3;
2N/A{
2N/A return (_nss_files_constr(passwd_ops,
2N/A sizeof (passwd_ops) / sizeof (passwd_ops[0]),
2N/A PF_PATH,
2N/A NSS_LINELEN_PASSWD,
2N/A &hashinfo, FC_FLAG_PASSWD));
2N/A}