OpenSolaris Launch

1 files changed, 347 insertions, 0 deletions

diff --git a/usr/src/lib/nsswitch/ldap/common/getpwnam.c b/usr/src/lib/nsswitch/ldap/common/getpwnam.c
new file mode 100644
index 0000000000..205513812a
--- /dev/null
+++ b/usr/src/lib/nsswitch/ldap/common/getpwnam.c
@@ -0,0 +1,347 @@
+/*
+ * CDDL HEADER START
+ *
+ * The contents of this file are subject to the terms of the
+ * Common Development and Distribution License, Version 1.0 only
+ * (the "License").  You may not use this file except in compliance
+ * with the License.
+ *
+ * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+ * or http://www.opensolaris.org/os/licensing.
+ * See the License for the specific language governing permissions
+ * and limitations under the License.
+ *
+ * When distributing Covered Code, include this CDDL HEADER in each
+ * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+ * If applicable, add the following below this CDDL HEADER, with the
+ * fields enclosed by brackets "[]" replaced with your own identifying
+ * information: Portions Copyright [yyyy] [name of copyright owner]
+ *
+ * CDDL HEADER END
+ */
+/*
+ * Copyright 2003 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ */
+
+#pragma ident	"%Z%%M%	%I%	%E% SMI"
+
+#include <pwd.h>
+#include "ldap_common.h"
+
+/* passwd attributes filters */
+#define	_PWD_CN			"cn"
+#define	_PWD_UID		"uid"
+#define	_PWD_USERPASSWORD	"userpassword"
+#define	_PWD_UIDNUMBER		"uidnumber"
+#define	_PWD_GIDNUMBER		"gidnumber"
+#define	_PWD_GECOS		"gecos"
+#define	_PWD_DESCRIPTION	"description"
+#define	_PWD_HOMEDIRECTORY	"homedirectory"
+#define	_PWD_LOGINSHELL		"loginshell"
+
+
+#define	_F_GETPWNAM		"(&(objectClass=posixAccount)(uid=%s))"
+#define	_F_GETPWNAM_SSD		"(&(%%s)(uid=%s))"
+#define	_F_GETPWUID		"(&(objectClass=posixAccount)(uidNumber=%ld))"
+#define	_F_GETPWUID_SSD		"(&(%%s)(uidNumber=%ld))"
+
+static const char *pwd_attrs[] = {
+	_PWD_CN,
+	_PWD_UID,
+	_PWD_UIDNUMBER,
+	_PWD_GIDNUMBER,
+	_PWD_GECOS,
+	_PWD_DESCRIPTION,
+	_PWD_HOMEDIRECTORY,
+	_PWD_LOGINSHELL,
+	(char *)NULL
+};
+
+
+/*
+ * _nss_ldap_passwd2ent is the data marshaling method for the passwd getXbyY
+ * (e.g., getbyuid(), getbyname(), getpwent()) backend processes. This method is
+ * called after a successful ldap search has been performed. This method will
+ * parse the ldap search values into struct passwd = argp->buf.buffer which
+ * the frontend process expects. Three error conditions are expected and
+ * returned to nsswitch.
+ */
+
+static int
+_nss_ldap_passwd2ent(ldap_backend_ptr be, nss_XbyY_args_t *argp)
+{
+	int		i = 0;
+	int		nss_result;
+	int		buflen = (int)0;
+	unsigned long	len = 0L;
+	char		*buffer = (char *)NULL;
+	char		*ptr2x;
+	char		*ceiling = (char *)NULL;
+	char		*nullstring = (char *)NULL;
+	struct passwd	*pwd = (struct passwd *)NULL;
+	ns_ldap_result_t	*result = be->result;
+	ns_ldap_attr_t	*attrptr;
+	int		have_uid = 0;
+	int		have_uidn = 0;
+	int		have_gidn = 0;
+
+#ifdef	DEBUG
+	(void) fprintf(stdout, "\n[getpwnam.c: _nss_ldap_passwd2ent]\n");
+#endif	/* DEBUG */
+
+	buffer = argp->buf.buffer;
+	buflen = (size_t)argp->buf.buflen;
+	if (!argp->buf.result) {
+		nss_result = (int)NSS_STR_PARSE_ERANGE;
+		goto result_pwd2ent;
+	}
+	pwd = (struct passwd *)argp->buf.result;
+	ceiling = buffer + buflen;
+	nullstring = (buffer + (buflen - 1));
+
+	nss_result = (int)NSS_STR_PARSE_SUCCESS;
+	(void) memset(buffer, 0, buflen);
+
+	/*
+	 * need to always return password as "x"
+	 * so put "x" at top of the buffer
+	 */
+	ptr2x = buffer;
+	*buffer++ = 'x';
+	*buffer++ = '\0';
+
+	attrptr = getattr(result, 0);
+	if (attrptr == NULL) {
+		nss_result = (int)NSS_STR_PARSE_PARSE;
+		goto result_pwd2ent;
+	}
+
+	pwd->pw_gecos = nullstring;
+	pwd->pw_dir = nullstring;
+	pwd->pw_shell = nullstring;
+
+	for (i = 0; i < result->entry->attr_count; i++) {
+		attrptr = getattr(result, i);
+		if (attrptr == NULL) {
+			nss_result = (int)NSS_STR_PARSE_PARSE;
+			goto result_pwd2ent;
+		}
+		if (strcasecmp(attrptr->attrname, _PWD_UID) == 0) {
+			if ((attrptr->attrvalue[0] == NULL) ||
+			    (len = strlen(attrptr->attrvalue[0])) < 1) {
+				nss_result = (int)NSS_STR_PARSE_PARSE;
+				goto result_pwd2ent;
+			}
+			pwd->pw_name = buffer;
+			buffer += len + 1;
+			if (buffer >= ceiling) {
+				nss_result = (int)NSS_STR_PARSE_ERANGE;
+				goto result_pwd2ent;
+			}
+			(void) strcpy(pwd->pw_name, attrptr->attrvalue[0]);
+			have_uid = 1;
+			continue;
+		}
+		if (strcasecmp(attrptr->attrname, _PWD_UIDNUMBER) == 0) {
+			if (attrptr->attrvalue[0] == '\0') {
+				nss_result = (int)NSS_STR_PARSE_PARSE;
+				goto result_pwd2ent;
+			}
+			pwd->pw_uid = strtol(attrptr->attrvalue[0],
+					    (char **)NULL, 10);
+			have_uidn = 1;
+			continue;
+		}
+		if (strcasecmp(attrptr->attrname, _PWD_GIDNUMBER) == 0) {
+			if (attrptr->attrvalue[0] == '\0') {
+				nss_result = (int)NSS_STR_PARSE_PARSE;
+				goto result_pwd2ent;
+			}
+			pwd->pw_gid = strtol(attrptr->attrvalue[0],
+					    (char **)NULL, 10);
+			have_gidn = 1;
+			continue;
+		}
+		if ((strcasecmp(attrptr->attrname, _PWD_GECOS) == 0) &&
+		    (attrptr->value_count > 0)) {
+			if ((attrptr->attrvalue[0] == NULL) ||
+			    (len = strlen(attrptr->attrvalue[0])) < 1) {
+				pwd->pw_gecos = nullstring;
+			} else {
+				pwd->pw_gecos = buffer;
+				buffer += len + 1;
+				if (buffer >= ceiling) {
+					nss_result = (int)NSS_STR_PARSE_ERANGE;
+					goto result_pwd2ent;
+				}
+				(void) strcpy(pwd->pw_gecos,
+					    attrptr->attrvalue[0]);
+			}
+			continue;
+		}
+		if ((strcasecmp(attrptr->attrname, _PWD_HOMEDIRECTORY) == 0) &&
+		    (attrptr->value_count > 0)) {
+			if ((attrptr->attrvalue[0] == NULL) ||
+			    (len = strlen(attrptr->attrvalue[0])) < 1) {
+				pwd->pw_dir = nullstring;
+			} else {
+				pwd->pw_dir = buffer;
+				buffer += len + 1;
+				if (buffer >= ceiling) {
+					nss_result = (int)NSS_STR_PARSE_ERANGE;
+					goto result_pwd2ent;
+				}
+				(void) strcpy(pwd->pw_dir,
+				    attrptr->attrvalue[0]);
+			}
+			continue;
+		}
+		if ((strcasecmp(attrptr->attrname, _PWD_LOGINSHELL) == 0) &&
+		    (attrptr->value_count > 0)) {
+			if ((attrptr->attrvalue[0] == NULL) ||
+			    (len = strlen(attrptr->attrvalue[0])) < 1) {
+				pwd->pw_shell = nullstring;
+			} else {
+				pwd->pw_shell = buffer;
+				buffer += len + 1;
+				if (buffer >= ceiling) {
+					nss_result = (int)NSS_STR_PARSE_ERANGE;
+					goto result_pwd2ent;
+				}
+				(void) strcpy(pwd->pw_shell,
+				    attrptr->attrvalue[0]);
+			}
+			continue;
+		}
+	}
+
+	/* error if missing required attributes */
+	if (have_uid == 0 || have_uidn == 0 || have_gidn == 0) {
+		nss_result = (int)NSS_STR_PARSE_PARSE;
+	}
+
+	pwd->pw_age = nullstring;
+	pwd->pw_comment = nullstring;
+	pwd->pw_passwd = ptr2x;
+
+#ifdef	DEBUG
+	(void) fprintf(stdout, "\n[getpwnam.c: _nss_ldap_passwd2ent]\n");
+	(void) fprintf(stdout, "       pw_name: [%s]\n", pwd->pw_name);
+	(void) fprintf(stdout, "        pw_uid: [%ld]\n", pwd->pw_uid);
+	(void) fprintf(stdout, "        pw_gid: [%ld]\n", pwd->pw_gid);
+	(void) fprintf(stdout, "      pw_gecos: [%s]\n", pwd->pw_gecos);
+	(void) fprintf(stdout, "        pw_dir: [%s]\n", pwd->pw_dir);
+	(void) fprintf(stdout, "      pw_shell: [%s]\n", pwd->pw_shell);
+#endif	/* DEBUG */
+
+result_pwd2ent:
+
+	(void) __ns_ldap_freeResult(&be->result);
+	return ((int)nss_result);
+}
+
+
+/*
+ * getbyname gets a passwd entry by uid name. This function constructs an ldap
+ * search filter using the name invocation parameter and the getpwnam search
+ * filter defined. Once the filter is constructed, we search for a matching
+ * entry and marshal the data results into struct passwd for the frontend
+ * process. The function _nss_ldap_passwd2ent performs the data marshaling.
+ */
+
+static nss_status_t
+getbyname(ldap_backend_ptr be, void *a)
+{
+	nss_XbyY_args_t	*argp = (nss_XbyY_args_t *)a;
+	char		searchfilter[SEARCHFILTERLEN];
+	char		userdata[SEARCHFILTERLEN];
+	char		name[SEARCHFILTERLEN];
+	int		ret;
+
+#ifdef	DEBUG
+	(void) fprintf(stdout, "\n[getpwnam.c: getbyname]\n");
+#endif	/* DEBUG */
+
+	if (_ldap_filter_name(name, argp->key.name, sizeof (name)) != 0)
+		return ((nss_status_t)NSS_NOTFOUND);
+
+	ret = snprintf(searchfilter, sizeof (searchfilter), _F_GETPWNAM, name);
+	if (ret >= sizeof (searchfilter) || ret < 0)
+		return ((nss_status_t)NSS_NOTFOUND);
+
+	ret = snprintf(userdata, sizeof (userdata), _F_GETPWNAM_SSD, name);
+	if (ret >= sizeof (userdata) || ret < 0)
+		return ((nss_status_t)NSS_NOTFOUND);
+
+	return ((nss_status_t)_nss_ldap_lookup(be, argp,
+		_PASSWD, searchfilter, NULL,
+		_merge_SSD_filter, userdata));
+}
+
+
+/*
+ * getbyuid gets a passwd entry by uid number. This function constructs an ldap
+ * search filter using the uid invocation parameter and the getpwuid search
+ * filter defined. Once the filter is constructed, we search for a matching
+ * entry and marshal the data results into struct passwd for the frontend
+ * process. The function _nss_ldap_passwd2ent performs the data marshaling.
+ */
+
+static nss_status_t
+getbyuid(ldap_backend_ptr be, void *a)
+{
+	nss_XbyY_args_t	*argp = (nss_XbyY_args_t *)a;
+	char		searchfilter[SEARCHFILTERLEN];
+	char		userdata[SEARCHFILTERLEN];
+	int		ret;
+
+#ifdef	DEBUG
+	(void) fprintf(stdout, "\n[getpwnam.c: getbyuid]\n");
+#endif	/* DEBUG */
+
+	ret = snprintf(searchfilter, sizeof (searchfilter),
+	    _F_GETPWUID, (long)argp->key.uid);
+	if (ret >= sizeof (searchfilter) || ret < 0)
+		return ((nss_status_t)NSS_NOTFOUND);
+
+	ret = snprintf(userdata, sizeof (userdata),
+	    _F_GETPWUID_SSD, (long)argp->key.uid);
+	if (ret >= sizeof (userdata) || ret < 0)
+		return ((nss_status_t)NSS_NOTFOUND);
+
+	return ((nss_status_t)_nss_ldap_lookup(be, argp,
+		_PASSWD, searchfilter, NULL,
+		_merge_SSD_filter, userdata));
+}
+
+static ldap_backend_op_t passwd_ops[] = {
+	_nss_ldap_destr,
+	_nss_ldap_endent,
+	_nss_ldap_setent,
+	_nss_ldap_getent,
+	getbyname,
+	getbyuid
+};
+
+
+/*
+ * _nss_ldap_passwd_constr is where life begins. This function calls the
+ * generic ldap constructor function to define and build the abstract
+ * data types required to support ldap operations.
+ */
+
+/*ARGSUSED0*/
+nss_backend_t *
+_nss_ldap_passwd_constr(const char *dummy1, const char *dummy2,
+			const char *dummy3)
+{
+
+#ifdef	DEBUG
+	(void) fprintf(stdout, "\n[getpwnam.c: _nss_ldap_passwd_constr]\n");
+#endif	/* DEBUG */
+
+	return ((nss_backend_t *)_nss_ldap_constr(passwd_ops,
+		    sizeof (passwd_ops)/sizeof (passwd_ops[0]),
+		    _PASSWD, pwd_attrs, _nss_ldap_passwd2ent));
+}