src/sss_client/nss_netgroup.c

	nss_netgroup.c revision c89589fa349f38214c9cb8d9389c0fd557e5dca2
/*
    SSSD

    nss_netgroup.c

    Authors:
        Stephen Gallagher <sgallagh@redhat.com>

    Copyright (C) 2010 Red Hat

    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

#include <nss.h>
#include <errno.h>
#include <sys/types.h>
#include <unistd.h>
#include <stdlib.h>
#include <stdint.h>
#include <stdio.h>
#include <string.h>
#include "sss_cli.h"
#include "nss_compat.h"

#define MAX_NETGR_NAME_LENGTH 2048

#define CLEAR_NETGRENT_DATA(netgrent) do { \
        free(netgrent->data); \
        netgrent->data = NULL; \
        netgrent->idx.position = 0; \
        netgrent->data_size = 0; \
} while (0);

/*
 * Replies:
 *
 * 0-3: 32bit unsigned number of results N
 * 4-7: 32bit unsigned (reserved/padding)
 *  For each result:
 *  8-11: 32bit unsigned type of result
 *  12-X: \0 terminated string representing a tuple
 *        (host, user, domain)
 *        or a netgroup, depending on the type indicator
 *  ... repeated N times
 */
#define NETGR_METADATA_COUNT 2 * sizeof(uint32_t)
struct sss_nss_netgr_rep {
    struct __netgrent *result;
    char *buffer;
    size_t buflen;
};

static int sss_nss_getnetgr_readrep(struct sss_nss_netgr_rep *pr,
                                    uint8_t *buf, size_t *len)
{
    char *sbuf;
    size_t i, slen;
    ssize_t dlen;
    uint32_t type;

    if (*len < 6) {
        /* Not enough space for data, bad packet */
        return EBADMSG;
    }

    sbuf = (char *)(buf + sizeof(uint32_t));
    slen = *len - sizeof(uint32_t);
    dlen = pr->buflen;

    i = 0;

    SAFEALIGN_COPY_UINT32(&type, buf, NULL);
    switch (type) {
        case SSS_NETGR_REP_TRIPLE:
            pr->result->type = triple_val;

            /* Host value */
            pr->result->val.triple.host = &(pr->buffer[i]);
            while (slen > i && dlen > 0) {
                pr->buffer[i] = sbuf[i];
                if (pr->buffer[i] == '\0') break;
                i++;
                dlen--;
            }
            if (slen <= i) { /* premature end of buf */
                return EBADMSG;
            }
            if (dlen <= 0) { /* not enough memory */
                return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */
            }
            i++;
            dlen--;

            /* libc expects NULL instead of empty string */
            if (strlen(pr->result->val.triple.host) == 0) {
                pr->result->val.triple.host = NULL;
            }

            /* User value */
            pr->result->val.triple.user = &(pr->buffer[i]);
            while (slen > i && dlen > 0) {
                pr->buffer[i] = sbuf[i];
                if (pr->buffer[i] == '\0') break;
                i++;
                dlen--;
            }
            if (slen <= i) { /* premature end of buf */
                return EBADMSG;
            }
            if (dlen <= 0) { /* not enough memory */
                return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */
            }
            i++;
            dlen--;

            /* libc expects NULL instead of empty string */
            if (strlen(pr->result->val.triple.user) == 0) {
                pr->result->val.triple.user = NULL;
            }

            /* Domain value */
            pr->result->val.triple.domain = &(pr->buffer[i]);
            while (slen > i && dlen > 0) {
                pr->buffer[i] = sbuf[i];
                if (pr->buffer[i] == '\0') break;
                i++;
                dlen--;
            }
            if (slen <= i) { /* premature end of buf */
                return EBADMSG;
            }
            if (dlen <= 0) { /* not enough memory */
                return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */
            }
            i++;
            dlen--;

            /* libc expects NULL instead of empty string */
            if (strlen(pr->result->val.triple.domain) == 0) {
                pr->result->val.triple.domain = NULL;
            }

            break;
        case SSS_NETGR_REP_GROUP:
            pr->result->type = group_val;

            pr->result->val.group = &(pr->buffer[i]);
            while (slen > i && dlen > 0) {
                pr->buffer[i] = sbuf[i];
                if (pr->buffer[i] == '\0') break;
                i++;
                dlen--;
            }
            if (slen <= i) { /* premature end of buf */
                return EBADMSG;
            }
            if (dlen <= 0) { /* not enough memory */
                return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */
            }
            i++;
            dlen--;

            break;
        default:
            return EBADMSG;
    }


    *len = slen -i;

    return 0;
}

enum nss_status _nss_sss_setnetgrent(const char *netgroup,
                     struct __netgrent *result)
{
    uint8_t *repbuf = NULL;
    size_t replen;
    enum nss_status nret;
    struct sss_cli_req_data rd;
    int errnop;
    char *name;
    size_t name_len;
    errno_t ret;

    if (!netgroup) return NSS_STATUS_NOTFOUND;

    sss_nss_lock();

    /* make sure we do not have leftovers, and release memory */
    CLEAR_NETGRENT_DATA(result);

    ret = sss_strnlen(netgroup, MAX_NETGR_NAME_LENGTH, &name_len);
    if (ret != 0) {
        nret = NSS_STATUS_NOTFOUND;
        goto out;
    }

    name = malloc(sizeof(char)*name_len + 1);
    if (name == NULL) {
        nret = NSS_STATUS_TRYAGAIN;
        goto out;
    }
    strncpy(name, netgroup, name_len + 1);

    rd.data = name;
    rd.len = name_len + 1;

    nret = sss_nss_make_request(SSS_NSS_SETNETGRENT, &rd,
                                &repbuf, &replen, &errnop);
    free(name);
    if (nret != NSS_STATUS_SUCCESS) {
        errno = errnop;
        goto out;
    }

    /* no results if not found */
    if ((((uint32_t *)repbuf)[0] == 0) || (replen < NETGR_METADATA_COUNT)) {
        free(repbuf);
        nret = NSS_STATUS_NOTFOUND;
        goto out;
    }

    free(repbuf);
    nret = NSS_STATUS_SUCCESS;

out:
    sss_nss_unlock();
    return nret;
}

static enum nss_status internal_getnetgrent_r(struct __netgrent *result,
                                              char *buffer, size_t buflen,
                                              int *errnop)
{
    struct sss_cli_req_data rd;
    struct sss_nss_netgr_rep netgrrep;
    uint8_t *repbuf;
    size_t replen;
    enum nss_status nret;
    uint32_t num_entries;
    int ret;

    /* Caught once glibc passing in buffer == 0x0 */
    if (!buffer || !buflen) return ERANGE;

    /* If we're already processing result data, continue to
     * return it.
     */
    if (result->data != NULL &&
        result->idx.position < result->data_size) {

        repbuf = (uint8_t *) result->data + result->idx.position;
        replen = result->data_size - result->idx.position;

        netgrrep.result = result;
        netgrrep.buffer = buffer;
        netgrrep.buflen = buflen;

        ret = sss_nss_getnetgr_readrep(&netgrrep, repbuf, &replen);
        if (ret != 0) {
            *errnop = ret;
            return NSS_STATUS_TRYAGAIN;
        }

        result->idx.position = result->data_size - replen;

        return NSS_STATUS_SUCCESS;
    }

    /* Release memory, if any */
    CLEAR_NETGRENT_DATA(result);

    /* retrieve no more than SSS_NSS_MAX_ENTRIES at a time */
    num_entries = SSS_NSS_MAX_ENTRIES;
    rd.len = sizeof(uint32_t);
    rd.data = &num_entries;

    nret = sss_nss_make_request(SSS_NSS_GETNETGRENT, &rd,
                                &repbuf, &replen, errnop);
    if (nret != NSS_STATUS_SUCCESS) {
        return nret;
    }

    /* no results if not found */
    if ((((uint32_t *)repbuf)[0] == 0) || (replen <= NETGR_METADATA_COUNT)) {
        free(repbuf);
        return NSS_STATUS_RETURN;
    }

    result->data = (char *) repbuf;
    result->data_size = replen;
    /* skip metadata fields */
    result->idx.position = NETGR_METADATA_COUNT;

    /* call again ourselves, this will return the first result */
    return internal_getnetgrent_r(result, buffer, buflen, errnop);
}

enum nss_status _nss_sss_getnetgrent_r(struct __netgrent *result,
                       char *buffer, size_t buflen,
                       int *errnop)
{
    enum nss_status nret;

    sss_nss_lock();
    nret = internal_getnetgrent_r(result, buffer, buflen, errnop);
    sss_nss_unlock();

    return nret;
}

enum nss_status _nss_sss_endnetgrent(struct __netgrent *result)
{
    enum nss_status nret;
    int errnop;

    sss_nss_lock();

    /* make sure we do not have leftovers, and release memory */
    CLEAR_NETGRENT_DATA(result);

    nret = sss_nss_make_request(SSS_NSS_ENDNETGRENT,
                                NULL, NULL, NULL, &errnop);
    if (nret != NSS_STATUS_SUCCESS) {
        errno = errnop;
    }

    sss_nss_unlock();
    return nret;
}