diff options
| author | Baban Kenkre <Baban.Kenkre@Sun.COM> | 2008-11-07 12:09:53 -0800 |
|---|---|---|
| committer | Baban Kenkre <Baban.Kenkre@Sun.COM> | 2008-11-07 12:09:53 -0800 |
| commit | 2b4a78020b9c38d1b95e2f3fefa6d6e4be382d1f (patch) | |
| tree | b9f0bc817d950cefb1af4653dad8de547a17e061 /usr/src/lib/nsswitch/files/common/files_common.c | |
| parent | 0a2b1d27cac02f57e17b310f8baeb1dda082c83a (diff) | |
| download | illumos-gate-2b4a78020b9c38d1b95e2f3fefa6d6e4be382d1f.tar.gz | |
PSARC/2008/441 Active Directory name service module (nss_ad)
6722476 name service switch module for AD (nss_ad) needed
Diffstat (limited to 'usr/src/lib/nsswitch/files/common/files_common.c')
| -rw-r--r-- | usr/src/lib/nsswitch/files/common/files_common.c | 50 |
1 files changed, 44 insertions, 6 deletions
diff --git a/usr/src/lib/nsswitch/files/common/files_common.c b/usr/src/lib/nsswitch/files/common/files_common.c index 74d47f7c8c..4b7b6753c1 100644 --- a/usr/src/lib/nsswitch/files/common/files_common.c +++ b/usr/src/lib/nsswitch/files/common/files_common.c @@ -25,8 +25,6 @@ * Common code and structures used by name-service-switch "files" backends. */ -#pragma ident "%Z%%M% %I% %E% SMI" - /* * An implementation that used mmap() sensibly would be a wonderful thing, * but this here is just yer standard fgets() thang. @@ -299,9 +297,27 @@ _nss_files_XY_all(be, args, netdb, filter, check) if (check != NULL && (*check)(args, instr, linelen) == 0) continue; - func = args->str2ent; - parsestat = (*func)(instr, linelen, args->buf.result, - args->buf.buffer, args->buf.buflen); + parsestat = NSS_STR_PARSE_SUCCESS; + if (be->filename != NULL) { + /* + * Special case for passwd and group wherein we + * replace uids/gids > MAXUID by ID_NOBODY + * because files backend does not support + * ephemeral ids. + */ + if (strcmp(be->filename, PF_PATH) == 0) + parsestat = validate_passwd_ids(instr, + &linelen, be->minbuf, 2); + else if (strcmp(be->filename, GF_PATH) == 0) + parsestat = validate_group_ids(instr, + &linelen, be->minbuf, 2, check); + } + + if (parsestat == NSS_STR_PARSE_SUCCESS) { + func = args->str2ent; + parsestat = (*func)(instr, linelen, args->buf.result, + args->buf.buffer, args->buf.buflen); + } if (parsestat == NSS_STR_PARSE_SUCCESS) { args->returnval = (args->buf.result != NULL)? @@ -366,7 +382,7 @@ _nss_files_XY_hash(files_backend_ptr_t be, nss_XbyY_args_t *args, int netdb, files_hash_t *fhp, int hashop, files_XY_check_func check) { /* LINTED E_FUNC_VAR_UNUSED */ - int fd, retries, ht; + int fd, retries, ht, stat; /* LINTED E_FUNC_VAR_UNUSED */ uint_t hash, line, f; /* LINTED E_FUNC_VAR_UNUSED */ @@ -412,6 +428,28 @@ retry: if ((*check)(args, fhp->fh_line[line].l_start, fhp->fh_line[line].l_len) == 0) continue; + + if (be->filename != NULL) { + stat = NSS_STR_PARSE_SUCCESS; + if (strcmp(be->filename, PF_PATH) == 0) + stat = validate_passwd_ids( + fhp->fh_line[line].l_start, + &fhp->fh_line[line].l_len, + fhp->fh_line[line].l_len + 1, + 1); + else if (strcmp(be->filename, GF_PATH) == 0) + stat = validate_group_ids( + fhp->fh_line[line].l_start, + &fhp->fh_line[line].l_len, + fhp->fh_line[line].l_len + 1, + 1, check); + if (stat != NSS_STR_PARSE_SUCCESS) { + if (stat == NSS_STR_PARSE_ERANGE) + args->erange = 1; + continue; + } + } + if ((*args->str2ent)(fhp->fh_line[line].l_start, fhp->fh_line[line].l_len, args->buf.result, args->buf.buffer, args->buf.buflen) == |