diff options
| author | Kenjiro Tsuji <Kenjiro.Tsuji@Sun.COM> | 2009-01-16 11:59:37 -0800 |
|---|---|---|
| committer | Kenjiro Tsuji <Kenjiro.Tsuji@Sun.COM> | 2009-01-16 11:59:37 -0800 |
| commit | b9175c69691c8949bec97fb8f689b7d1efdb05bb (patch) | |
| tree | 9c9b02d762f4cb6afa112bd1505698f027b3fbdf /usr/src | |
| parent | 65c8f1c0a342917e5c22dcf2b006e6307631ed67 (diff) | |
| download | illumos-joyent-b9175c69691c8949bec97fb8f689b7d1efdb05bb.tar.gz | |
6783069 libc must not use defread internally
Diffstat (limited to 'usr/src')
| -rw-r--r-- | usr/src/head/deflt.h | 19 | ||||
| -rw-r--r-- | usr/src/lib/libc/port/gen/deflt.c | 140 | ||||
| -rw-r--r-- | usr/src/lib/libc/port/gen/getgrnam_r.c | 9 | ||||
| -rw-r--r-- | usr/src/lib/libc/port/gen/localtime.c | 51 | ||||
| -rw-r--r-- | usr/src/lib/libc/port/mapfile-vers | 4 | ||||
| -rw-r--r-- | usr/src/lib/libgss/gssd_pname_to_uid.c | 65 | ||||
| -rw-r--r-- | usr/src/lib/libmapid/common/mapid.c | 12 | ||||
| -rw-r--r-- | usr/src/lib/libnisdb/nis_parse_ldap_conf.c | 616 | ||||
| -rw-r--r-- | usr/src/lib/libpam/pam_framework.c | 16 | ||||
| -rw-r--r-- | usr/src/lib/libsecdb/common/chkauthattr.c | 25 | ||||
| -rw-r--r-- | usr/src/lib/pam_modules/authtok_check/authtok_check.c | 61 | ||||
| -rw-r--r-- | usr/src/lib/pam_modules/unix_account/unix_acct.c | 11 | ||||
| -rw-r--r-- | usr/src/lib/pam_modules/unix_auth/unix_auth.c | 21 | ||||
| -rw-r--r-- | usr/src/lib/pam_modules/unix_cred/unix_cred.c | 17 | ||||
| -rw-r--r-- | usr/src/lib/passwdutil/utils.c | 34 |
15 files changed, 599 insertions, 502 deletions
diff --git a/usr/src/head/deflt.h b/usr/src/head/deflt.h index 6c9faabb7e..61941f6404 100644 --- a/usr/src/head/deflt.h +++ b/usr/src/head/deflt.h @@ -2,9 +2,8 @@ * CDDL HEADER START * * The contents of this file are subject to the terms of the - * Common Development and Distribution License, Version 1.0 only - * (the "License"). You may not use this file except in compliance - * with the License. + * Common Development and Distribution License (the "License"). + * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. @@ -20,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2002 Sun Microsystems, Inc. All rights reserved. + * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -33,8 +32,6 @@ #ifndef _DEFLT_H #define _DEFLT_H -#pragma ident "%Z%%M% %I% %E% SMI" - #ifdef __cplusplus extern "C" { #endif @@ -66,10 +63,20 @@ extern "C" { extern int defcntl(int, int); extern int defopen(char *); extern char *defread(char *); + +extern int defcntl_r(int, int, void *); +extern void *defopen_r(const char *); +extern char *defread_r(const char *, void *); +extern void defclose_r(void *); #else extern int defcntl(); extern int defopen(); extern char *defread(); + +extern int defcntl_r(); +extern void *defopen_r(); +extern char *defread_r(); +extern void defclose_r(); #endif #define TURNON(flags, mask) ((flags) |= (mask)) diff --git a/usr/src/lib/libc/port/gen/deflt.c b/usr/src/lib/libc/port/gen/deflt.c index 716b3dd79e..72a0f8862a 100644 --- a/usr/src/lib/libc/port/gen/deflt.c +++ b/usr/src/lib/libc/port/gen/deflt.c @@ -20,7 +20,7 @@ */ /* - * Copyright 2008 Sun Microsystems, Inc. All rights reserved. + * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -30,8 +30,6 @@ /* Copyright (c) 1987, 1988 Microsoft Corporation */ /* All Rights Reserved */ -#pragma ident "%Z%%M% %I% %E% SMI" - #include "lint.h" #include "libc.h" #include <stdio.h> @@ -45,14 +43,15 @@ #define TSTBITS(flags, mask) (((flags) & (mask)) == (mask)) -static void strip_quotes(char *); - struct thr_data { int Dcflags; /* [re-]initialized on each call to defopen() */ FILE *fp; char *buf; }; +static int defopen_common(const char *, struct thr_data *); +static void strip_quotes(char *); + #define BUFFERSIZE 1024 /* @@ -105,6 +104,46 @@ defopen(char *fn) { struct thr_data *thr_data = get_thr_data(); + return (defopen_common(fn, thr_data)); +} + +/* + * defopen_r() - declare defopen filename (reentrant) + * + * defopen_r(const char *fn) + * + * 'fn' is a full pathname of a file which becomes the one read + * by subsequent defread_r() calls. defopen_r returns a pointer + * to the internally allocated buffer containing the file descriptor. + * The pointer should be specified to the following defread_r and + * defcntl_r functions. As the pointer to be returned points to + * the libc lmalloc'd memory, defclose_r must be used to close + * the defopen file and to release the allocated memory. Caller + * must not try to release the memory by free(). + * + * see defread_r() for more details. + * + * EXIT returns non-NULL pointer if success + * returns NULL if error + */ +void * +defopen_r(const char *fn) +{ + /* memory allocated by lmalloc gets initialized to zeros */ + struct thr_data *thr_data = lmalloc(sizeof (struct thr_data)); + + if (defopen_common(fn, thr_data) < 0) { + if (thr_data != NULL) + lfree(thr_data, sizeof (struct thr_data)); + return (NULL); + } + + return ((void *)thr_data); +} + +static int +defopen_common(const char *fn, struct thr_data *thr_data) +{ if (thr_data == NULL) return (-1); @@ -121,7 +160,8 @@ defopen(char *fn) /* * We allocate the big buffer only if the fopen() succeeds. - * Notice that we deallocate the buffer only when the thread exits. + * Notice that we deallocate the buffer only when the thread exits + * for defopen(). * There are misguided applications that assume that data returned * by defread() continues to exist after defopen(NULL) is called. */ @@ -150,7 +190,7 @@ defopen(char *fn) * the matched string (*cp). If no line is found or no file * is open, defread() returns NULL. * - * Note that there is no way to simulatniously peruse multiple + * Note that there is no way to simultaneously peruse multiple * defopen files; since there is no way of indicating 'which one' * to defread(). If you want to peruse a secondary file you must * recall defopen(). If you need to go back to the first file, @@ -160,8 +200,29 @@ char * defread(char *cp) { struct thr_data *thr_data = get_thr_data(); + + return (defread_r(cp, thr_data)); +} + +/* + * defread_r() - read an entry from the defopen file + * + * defread_r(const char *cp, void *defp) + * + * defread_r scans the data file associated with the pointer + * specified by 'defp' that was returned by defopen_r(), and + * looks for a line which begins with the string '*cp'. + * If such a line is found, defread_r returns a pointer to + * the first character following the matched string (*cp). + * If no line is found or no file is open, defread_r() returns NULL. + */ +char * +defread_r(const char *cp, void *ptr) +{ + struct thr_data *thr_data = (struct thr_data *)ptr; int (*compare)(const char *, const char *, size_t); - char *buf_tmp, *ret_ptr = NULL; + char *buf_tmp; + char *ret_ptr = NULL; size_t off, patlen; if (thr_data == NULL || thr_data->fp == NULL) @@ -203,21 +264,52 @@ defread(char *cp) * * ENTRY * cmd Command. One of DC_GET, DC_SET. - * arg Depends on command. If DC_GET, ignored. If - * DC_GET, new flags value, created by ORing the DC_* bits. + * arg Depends on command. If DC_GET, ignored. + * If DC_SET, new flags value, created by ORing + * the DC_* bits. * RETURN * oldflags Old value of flags. -1 on error. * NOTES - * Currently only one bit of flags implemented, namely respect/ - * ignore case. The routine is as general as it is so that we - * leave our options open. E.g. we might want to specify rewind/ - * norewind before each defread. + * The following commands are implemented: + * + * DC_CASE: respect(on)/ignore(off) case + * DC_NOREWIND: don't(on)/do(off) reqind in defread + * DC_STRIP_QUOTES: strip(on)/leave(off) qoates */ - int defcntl(int cmd, int newflags) { struct thr_data *thr_data = get_thr_data(); + + return (defcntl_r(cmd, newflags, thr_data)); +} + +/* + * defcntl_r -- default control + * + * SYNOPSIS + * oldflags = defcntl_r(int cmd, int arg, void *defp); + * + * ENTRY + * cmd Command. One of DC_GET, DC_SET. + * arg Depends on command. If DC_GET, ignored. + * If DC_SET, new flags value, created by ORing + * the DC_* bits. + * defp pointer to the defopen'd descriptor + * + * RETURN + * oldflags Old value of flags. -1 on error. + * NOTES + * The following commands are implemented: + * + * DC_CASE: respect(on)/ignore(off) case + * DC_NOREWIND: don't(on)/do(off) reqind in defread + * DC_STRIP_QUOTES: strip(on)/leave(off) qoates + */ +int +defcntl_r(int cmd, int newflags, void *ptr) +{ + struct thr_data *thr_data = (struct thr_data *)ptr; int oldflags; if (thr_data == NULL) @@ -240,6 +332,24 @@ defcntl(int cmd, int newflags) } /* + * defclose_r() - close defopen file + * + * defclose_r(void *defp) + * + * defclose_r closes the defopen file associated with the specified + * pointer and releases the allocated resources. + */ +void +defclose_r(void *ptr) +{ + struct thr_data *thr_data = (struct thr_data *)ptr; + + (void) fclose(thr_data->fp); + lfree(thr_data->buf, BUFFERSIZE); + lfree(thr_data, sizeof (struct thr_data)); +} + +/* * strip_quotes -- strip double (") or single (') quotes from a buffer * * ENTRY diff --git a/usr/src/lib/libc/port/gen/getgrnam_r.c b/usr/src/lib/libc/port/gen/getgrnam_r.c index 7e610cd8f2..126b8c3349 100644 --- a/usr/src/lib/libc/port/gen/getgrnam_r.c +++ b/usr/src/lib/libc/port/gen/getgrnam_r.c @@ -20,7 +20,7 @@ */ /* - * Copyright 2008 Sun Microsystems, Inc. All rights reserved. + * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -242,6 +242,7 @@ _getgroupsbymember(const char *username, gid_t gid_array[], int maxgids, int numgids) { struct nss_groupsbymem arg; + void *defp; arg.username = username; arg.gid_array = gid_array; @@ -268,10 +269,10 @@ _getgroupsbymember(const char *username, gid_t gid_array[], */ arg.force_slow_way = 1; - if (defopen(__NSW_DEFAULT_FILE) == 0) { - if (defread(USE_NETID_STR) != NULL) + if ((defp = defopen_r(__NSW_DEFAULT_FILE)) != NULL) { + if (defread_r(USE_NETID_STR, defp) != NULL) arg.force_slow_way = 0; - (void) defopen(NULL); + defclose_r(defp); } (void) nss_search(&db_root, _nss_initf_group, diff --git a/usr/src/lib/libc/port/gen/localtime.c b/usr/src/lib/libc/port/gen/localtime.c index 9d406227cb..ed94ba5dc1 100644 --- a/usr/src/lib/libc/port/gen/localtime.c +++ b/usr/src/lib/libc/port/gen/localtime.c @@ -20,7 +20,7 @@ */ /* - * Copyright 2008 Sun Microsystems, Inc. All rights reserved. + * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -33,8 +33,6 @@ * (arthur_david_olson@nih.gov). */ -#pragma ident "%Z%%M% %I% %E% SMI" - /* * localtime.c * @@ -700,7 +698,7 @@ mktime(struct tm *tmptr) #ifdef _ILP32 overflow = t > LONG_MAX || t < LONG_MIN || - tmptr->tm_year < 1 || tmptr->tm_year > 138; + tmptr->tm_year < 1 || tmptr->tm_year > 138; #else overflow = t > LONG_MAX || t < LONG_MIN; #endif @@ -714,11 +712,11 @@ mktime(struct tm *tmptr) set_zone_context((time_t)t); if (is_in_dst) { (void) offtime_u((time_t)t, - -altzone, &_tm); + -altzone, &_tm); _tm.tm_isdst = 1; } else { (void) offtime_u((time_t)t, - -timezone, &_tm); + -timezone, &_tm); } } else { (void) offtime_u((time_t)t, -timezone, &_tm); @@ -731,22 +729,22 @@ mktime(struct tm *tmptr) set_zone_context((time_t)t); if (is_in_dst) { (void) offtime_u((time_t)t, - -altzone, &_tm); + -altzone, &_tm); _tm.tm_isdst = 1; } else { (void) offtime_u((time_t)t, - -timezone, &_tm); + -timezone, &_tm); } } else { /* check for ambiguous 'fallback' transition */ set_zone_context((time_t)t - dst_delta); if (is_in_dst) { /* In fallback, force DST */ t -= dst_delta; (void) offtime_u((time_t)t, - -altzone, &_tm); + -altzone, &_tm); _tm.tm_isdst = 1; } else { (void) offtime_u((time_t)t, - -timezone, &_tm); + -timezone, &_tm); } } break; @@ -1088,16 +1086,16 @@ offtime_u(time_t t, long offset, struct tm *tmptr) if (days < 0) --newy; days -= ((long)newy - (long)y) * DAYSPERNYEAR + - LEAPS_THRU_END_OF(newy > 0 ? newy - 1L : newy) - - LEAPS_THRU_END_OF(y > 0 ? y - 1L : y); + LEAPS_THRU_END_OF(newy > 0 ? newy - 1L : newy) - + LEAPS_THRU_END_OF(y > 0 ? y - 1L : y); y = newy; } tmptr->tm_year = (int)(y - TM_YEAR_BASE); tmptr->tm_yday = (int)days; ip = __mon_lengths[yleap]; for (tmptr->tm_mon = 0; days >= - (long)ip[tmptr->tm_mon]; ++(tmptr->tm_mon)) - days = days - (long)ip[tmptr->tm_mon]; + (long)ip[tmptr->tm_mon]; ++(tmptr->tm_mon)) + days = days - (long)ip[tmptr->tm_mon]; tmptr->tm_mday = (int)(days + 1); tmptr->tm_isdst = 0; @@ -1130,8 +1128,8 @@ posix_check_dst(long long t, state_t *sp) year = gmttm.tm_year + 1900; jan01 = t - ((gmttm.tm_yday * SECSPERDAY) + - (gmttm.tm_hour * SECSPERHOUR) + - (gmttm.tm_min * SECSPERMIN) + gmttm.tm_sec); + (gmttm.tm_hour * SECSPERHOUR) + + (gmttm.tm_min * SECSPERMIN) + gmttm.tm_sec); /* * If transition rules were provided for this zone, * use them, otherwise, default to USA daylight rules, @@ -1620,7 +1618,7 @@ load_posixinfo(const char *name, state_t *sp) return (-1); dstlen = name - dstname; if (dstlen < 1) - return (-1); + return (-1); if (*name == '>') ++name; if (*name != '\0' && *name != ',' && *name != ';') { @@ -1810,13 +1808,13 @@ getzname(const char *strp, int quoted) if (quoted) { while ((c = *strp) != '\0' && c != '>' && - isgraph((unsigned char)c)) - ++strp; + isgraph((unsigned char)c)) + ++strp; } else { while ((c = *strp) != '\0' && isgraph((unsigned char)c) && !isdigit((unsigned char)c) && c != ',' && c != '-' && - c != '+') - ++strp; + c != '+') + ++strp; } /* Found an excessively invalid character. Discredit whole name */ @@ -1992,13 +1990,14 @@ get_default_tz(void) char *tz = NULL; uchar_t *tzp, *tzq; int flags; + void *defp; - if (defopen(TIMEZONE) == 0) { - flags = defcntl(DC_GETFLAGS, 0); + if ((defp = defopen_r(TIMEZONE)) != NULL) { + flags = defcntl_r(DC_GETFLAGS, 0, defp); TURNON(flags, DC_STRIP_QUOTES); - (void) defcntl(DC_SETFLAGS, flags); + (void) defcntl_r(DC_SETFLAGS, flags, defp); - if ((tzp = (uchar_t *)defread(TZSTRING)) != NULL) { + if ((tzp = (uchar_t *)defread_r(TZSTRING, defp)) != NULL) { while (isspace(*tzp)) tzp++; tzq = tzp; @@ -2012,7 +2011,7 @@ get_default_tz(void) tz = strdup((char *)tzp); } - (void) defopen(NULL); + defclose_r(defp); } return (tz); } diff --git a/usr/src/lib/libc/port/mapfile-vers b/usr/src/lib/libc/port/mapfile-vers index 484070680d..d241599a27 100644 --- a/usr/src/lib/libc/port/mapfile-vers +++ b/usr/src/lib/libc/port/mapfile-vers @@ -1429,9 +1429,13 @@ SUNWprivate_1.1 { _D_cplx_div_ix; _D_cplx_div_rx; _D_cplx_mul; + defclose_r; defcntl; + defcntl_r; defopen; + defopen_r; defread; + defread_r; _delete; _dgettext; _doprnt; diff --git a/usr/src/lib/libgss/gssd_pname_to_uid.c b/usr/src/lib/libgss/gssd_pname_to_uid.c index f713bd3372..c51432f74e 100644 --- a/usr/src/lib/libgss/gssd_pname_to_uid.c +++ b/usr/src/lib/libgss/gssd_pname_to_uid.c @@ -2,9 +2,8 @@ * CDDL HEADER START * * The contents of this file are subject to the terms of the - * Common Development and Distribution License, Version 1.0 only - * (the "License"). You may not use this file except in compliance - * with the License. + * Common Development and Distribution License (the "License"). + * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. @@ -20,12 +19,10 @@ * CDDL HEADER END */ /* - * Copyright 2004 Sun Microsystems, Inc. All rights reserved. + * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ -#pragma ident "%Z%%M% %I% %E% SMI" - #include <pwd.h> #include <grp.h> #include <stdio.h> @@ -67,34 +64,24 @@ static OM_uint32 private_gsscred_expname_to_unix_cred(const gss_buffer_t, static void get_conf_options(int *uid_map) { - register int flags; + int flags; char *ptr; + void *defp; static char *conffile = "/etc/gss/gsscred.conf"; - static mutex_t deflt_lock = DEFAULTMUTEX; - *uid_map = 0; - /* - * hold the lock for the deflt file access as its - * interface does not appear to be mt-safe - */ - (void) mutex_lock(&deflt_lock); - if (defopen(conffile) == 0) { - flags = defcntl(DC_GETFLAGS, 0); + if ((defp = defopen_r(conffile)) != NULL) { + flags = defcntl_r(DC_GETFLAGS, 0, defp); /* ignore case */ TURNOFF(flags, DC_CASE); - (void) defcntl(DC_SETFLAGS, flags); + (void) defcntl_r(DC_SETFLAGS, flags, defp); - if ((ptr = defread("SYSLOG_UID_MAPPING=")) != NULL && + if ((ptr = defread_r("SYSLOG_UID_MAPPING=", defp)) != NULL && strcasecmp("yes", ptr) == 0) { - (void) defopen((char *)NULL); - (void) mutex_unlock(&deflt_lock); *uid_map = 1; - return; } - (void) defopen((char *)NULL); + defclose_r(defp); } - (void) mutex_unlock(&deflt_lock); } void @@ -149,17 +136,17 @@ gsscred_expname_to_unix_cred_ext( /* first check the mechanism for the mapping */ if (gss_import_name(&minor, expName, (gss_OID)GSS_C_NT_EXPORT_NAME, - &intName) == GSS_S_COMPLETE) { + &intName) == GSS_S_COMPLETE) { if (debug) { gss_union_name_t uintName = (gss_union_name_t)intName; if (uintName->mech_type) mechStr = __gss_oid_to_mech( - uintName->mech_type); + uintName->mech_type); major = gss_display_name(&minor, intName, - &namebuf, NULL); + &namebuf, NULL); if (major == GSS_S_COMPLETE) { nameStr = strdup(namebuf.value); (void) gss_release_buffer(&minor, &namebuf); @@ -168,7 +155,7 @@ gsscred_expname_to_unix_cred_ext( if (try_mech) { major = gss_pname_to_uid(&minor, intName, - NULL, uidOut); + NULL, uidOut); if (major == GSS_S_COMPLETE) { if (debug) { @@ -184,9 +171,7 @@ gsscred_expname_to_unix_cred_ext( (void) gss_release_name(&minor, &intName); if (gids && gidsLen && gidOut) return (gss_get_group_info(*uidOut, - gidOut, - gids, - gidsLen)); + gidOut, gids, gidsLen)); return (GSS_S_COMPLETE); } } @@ -199,7 +184,7 @@ gsscred_expname_to_unix_cred_ext( * start by making sure that the expName is an export name buffer */ major = private_gsscred_expname_to_unix_cred(expName, uidOut, gidOut, - gids, gidsLen); + gids, gidsLen); if (debug && major == GSS_S_COMPLETE) { syslog(LOG_AUTH|LOG_DEBUG, @@ -233,7 +218,7 @@ gsscred_expname_to_unix_cred( int *gidsLen) { return (gsscred_expname_to_unix_cred_ext(expName, uidOut, gidOut, gids, - gidsLen, 1)); + gidsLen, 1)); } @@ -350,7 +335,7 @@ gsscred_name_to_unix_cred_ext( /* first try the mechanism provided mapping */ if (try_mech && gss_pname_to_uid(&minor, intName, mechType, uidOut) - == GSS_S_COMPLETE) { + == GSS_S_COMPLETE) { if (debug) { char *s = make_name_str(intName, mechType); @@ -365,7 +350,7 @@ gsscred_name_to_unix_cred_ext( if (gids && gidsLen && gidOut) return (gss_get_group_info(*uidOut, gidOut, gids, - gidsLen)); + gidsLen)); return (GSS_S_COMPLETE); } /* @@ -373,7 +358,7 @@ gsscred_name_to_unix_cred_ext( * start by canonicalizing the passed in name and then export it */ if (major = gss_canonicalize_name(&minor, intName, - mechType, &canonName)) + mechType, &canonName)) return (major); major = gss_export_name(&minor, canonName, &expName); @@ -382,7 +367,7 @@ gsscred_name_to_unix_cred_ext( return (major); major = private_gsscred_expname_to_unix_cred(&expName, uidOut, gidOut, - gids, gidsLen); + gids, gidsLen); if (debug) { @@ -391,11 +376,10 @@ gsscred_name_to_unix_cred_ext( char *nameStr = NULL; if (gss_import_name(&minor, &expName, - (gss_OID)GSS_C_NT_EXPORT_NAME, - &iName) == GSS_S_COMPLETE) { + (gss_OID)GSS_C_NT_EXPORT_NAME, &iName) == GSS_S_COMPLETE) { maj = gss_display_name(&minor, iName, &namebuf, - NULL); + NULL); (void) gss_release_buffer(&minor, (gss_buffer_t)iName); if (maj == GSS_S_COMPLETE) { nameStr = strdup(namebuf.value); @@ -437,8 +421,7 @@ gsscred_name_to_unix_cred( int *gidsLen) { return (gsscred_name_to_unix_cred_ext(intName, mechType, - uidOut, gidOut, - gids, gidsLen, 1)); + uidOut, gidOut, gids, gidsLen, 1)); } diff --git a/usr/src/lib/libmapid/common/mapid.c b/usr/src/lib/libmapid/common/mapid.c index ad2c04b705..a180ba20e3 100644 --- a/usr/src/lib/libmapid/common/mapid.c +++ b/usr/src/lib/libmapid/common/mapid.c @@ -19,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2008 Sun Microsystems, Inc. All rights reserved. + * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -930,6 +930,7 @@ get_nfs_domain(void) { char *ndomain; timestruc_t ntime; + void *defp; /* * If we can't get stats for the config file, then @@ -946,16 +947,15 @@ get_nfs_domain(void) /* * Get NFSMAPID_DOMAIN value from /etc/default/nfs for now. - * Note: defread() returns a ptr to TSD. + * Note: defread_r() returns a ptr to libc internal malloc. */ - if (defopen(NFSADMIN) == 0) { + if ((defp = defopen_r(NFSADMIN)) != NULL) { char *dp = NULL; #ifdef DEBUG char *whoami = "get_nfs_domain"; char orig[NS_MAXCDNAME] = {0}; #endif - ndomain = (char *)defread("NFSMAPID_DOMAIN="); - (void) defopen(NULL); + ndomain = defread_r("NFSMAPID_DOMAIN=", defp); #ifdef DEBUG if (ndomain) (void) strncpy(orig, ndomain, NS_MAXCDNAME); @@ -972,9 +972,11 @@ get_nfs_domain(void) (void) strncpy(nfs_domain, dp, NS_MAXCDNAME); nfs_domain[NS_MAXCDNAME] = '\0'; nfs_mtime = ntime; + defclose_r(defp); return; } } + defclose_r(defp); #ifdef DEBUG if (orig[0] != '\0') { syslog(LOG_ERR, gettext("%s: Invalid domain name \"%s\"" diff --git a/usr/src/lib/libnisdb/nis_parse_ldap_conf.c b/usr/src/lib/libnisdb/nis_parse_ldap_conf.c index fd3886e4db..77d2390ca0 100644 --- a/usr/src/lib/libnisdb/nis_parse_ldap_conf.c +++ b/usr/src/lib/libnisdb/nis_parse_ldap_conf.c @@ -19,12 +19,10 @@ * CDDL HEADER END */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ -#pragma ident "%Z%%M% %I% %E% SMI" - #include <stdio.h> #include <string.h> #include <stdlib.h> @@ -147,8 +145,8 @@ parse_ldap_migration( /* NIS to LDAP does not read command line attributes */ if (!yp2ldap) rc = parse_ldap_cmd_line(cmdline_options, &proxyInfo, - &ldapConfig, &ldapTableMapping, &config_info, - &ldapDBTableMapping); + &ldapConfig, &ldapTableMapping, &config_info, + &ldapDBTableMapping); else rc = 0; } @@ -156,10 +154,10 @@ parse_ldap_migration( if (rc == 0) { if (yp2ldap) rc = yp_parse_ldap_default_conf(&proxyInfo, &ldapConfig, - &config_info, &ldapDBTableMapping); + &config_info, &ldapDBTableMapping); else rc = parse_ldap_default_conf(&proxyInfo, &ldapConfig, - &config_info, &ldapDBTableMapping); + &config_info, &ldapDBTableMapping); } if (config_file == NULL) { @@ -178,21 +176,21 @@ parse_ldap_migration( cmdline_config = cmdline_options; if (yp2ldap) rc = yp_parse_ldap_config_file(config_file, &proxyInfo, - &ldapConfig, &ldapTableMapping, &config_info, - &ldapDBTableMapping, &ypDomains); + &ldapConfig, &ldapTableMapping, &config_info, + &ldapDBTableMapping, &ypDomains); else rc = parse_ldap_config_file(config_file, &proxyInfo, - &ldapConfig, &ldapTableMapping, &config_info, - &ldapDBTableMapping); + &ldapConfig, &ldapTableMapping, &config_info, + &ldapDBTableMapping); warn_file = NULL; cmdline_config = NULL; } if (rc == 0 && (config_info.config_dn != NULL) && - (config_info.config_dn[0] != '\0')) { + (config_info.config_dn[0] != '\0')) { rc = parse_ldap_config_dn_attrs(&proxyInfo, - &ldapConfig, &ldapTableMapping, &config_info, - &ldapDBTableMapping); + &ldapConfig, &ldapTableMapping, &config_info, + &ldapDBTableMapping); } free_config_info(&config_info); @@ -301,104 +299,103 @@ parse_ldap_default_conf( char *ldap_config_attributes[n_config_keys]; char attr_buf[128]; char *attr; - static char *attr_val; + char *attr_val; int defflags; config_key attrib_num; int i; int len; int attr_len; + void *defp; - if (defopen(ETCCONFFILE) == 0) { - file_source = ETCCONFFILE; - if (verbose) - report_info( - "default configuration values: ", NULL); - /* Set defread() to be case insensitive */ - defflags = defcntl(DC_GETFLAGS, 0); - TURNOFF(defflags, DC_CASE); - (void) defcntl(DC_SETFLAGS, defflags); - - get_attribute_list(proxy_info, nis_config, config_info, - table_info, ldap_config_attributes); - i = 0; - while ((attr = ldap_config_attributes[i++]) != NULL) { - strlcpy(attr_buf, attr, sizeof (attr_buf)); - /* - * if nisplusUpdateBatching, make sure - * we don't match nisplusUpdateBatchingTimeout - */ - if (strcmp(attr, UPDATE_BATCHING) == 0) { - attr_len = strlen(attr); - attr_buf[attr_len] = '='; - attr_buf[attr_len + 1] = '\0'; - attr_val = defread(attr_buf); - - if (attr_val == 0) { - attr_buf[attr_len] = ' '; - attr_val = defread(attr_buf); - } - if (attr_val == 0) { - attr_buf[attr_len] = '\t'; - attr_val = defread(attr_buf); - } - if (attr_val == 0) { - attr_buf[attr_len] = '\n'; - attr_val = defread(attr_buf); - } - } else { - attr_val = defread(attr_buf); - } - if (attr_val == 0) - continue; - - got_config_data = TRUE; - attrib_num = get_attrib_num(attr, strlen(attr)); - if (attrib_num == key_bad) { - report_error(attr, NULL); - rc = -1; - break; - } - - /* - * Allow either entries of the form - * attr val - * or - * attr = val - */ - while (is_whitespace(*attr_val)) - attr_val++; - if (*attr_val == '=') - attr_val++; - while (is_whitespace(*attr_val)) - attr_val++; - len = strlen(attr_val); - while (len > 0 && - is_whitespace(attr_val[len - 1])) - len--; - - if (verbose) { - report_info("\t", attr); - report_info("\t\t", attr_val); + if ((defp = defopen_r(ETCCONFFILE)) != NULL) { + file_source = ETCCONFFILE; + if (verbose) + report_info("default configuration values: ", NULL); + /* Set defread_r() to be case insensitive */ + defflags = defcntl_r(DC_GETFLAGS, 0, defp); + TURNOFF(defflags, DC_CASE); + (void) defcntl_r(DC_SETFLAGS, defflags, defp); + + get_attribute_list(proxy_info, nis_config, config_info, + table_info, ldap_config_attributes); + i = 0; + while ((attr = ldap_config_attributes[i++]) != NULL) { + (void) strlcpy(attr_buf, attr, sizeof (attr_buf)); + /* + * if nisplusUpdateBatching, make sure + * we don't match nisplusUpdateBatchingTimeout + */ + if (strcmp(attr, UPDATE_BATCHING) == 0) { + attr_len = strlen(attr); + attr_buf[attr_len] = '='; + attr_buf[attr_len + 1] = '\0'; + attr_val = defread_r(attr_buf, defp); + + if (attr_val == 0) { + attr_buf[attr_len] = ' '; + attr_val = defread_r(attr_buf, defp); } - if (IS_BIND_INFO(attrib_num)) { - rc = add_bind_attribute(attrib_num, - attr_val, len, proxy_info); - } else if (IS_OPER_INFO(attrib_num)) { - rc = add_operation_attribute(attrib_num, - attr_val, len, nis_config, - table_info); + if (attr_val == 0) { + attr_buf[attr_len] = '\t'; + attr_val = defread_r(attr_buf, defp); } - if (p_error != no_parse_error) { - report_error(attr_val, attr); - rc = -1; - break; + if (attr_val == 0) { + attr_buf[attr_len] = '\n'; + attr_val = defread_r(attr_buf, defp); } + } else { + attr_val = defread_r(attr_buf, defp); + } + if (attr_val == NULL) + continue; + + got_config_data = TRUE; + attrib_num = get_attrib_num(attr, strlen(attr)); + if (attrib_num == key_bad) { + report_error(attr, NULL); + rc = -1; + break; + } + + /* + * Allow either entries of the form + * attr val + * or + * attr = val + */ + while (is_whitespace(*attr_val)) + attr_val++; + if (*attr_val == '=') + attr_val++; + while (is_whitespace(*attr_val)) + attr_val++; + len = strlen(attr_val); + while (len > 0 && is_whitespace(attr_val[len - 1])) + len--; + + if (verbose) { + report_info("\t", attr); + report_info("\t\t", attr_val); + } + if (IS_BIND_INFO(attrib_num)) { + rc = add_bind_attribute(attrib_num, + attr_val, len, proxy_info); + } else if (IS_OPER_INFO(attrib_num)) { + rc = add_operation_attribute(attrib_num, + attr_val, len, nis_config, + table_info); + } + if (p_error != no_parse_error) { + report_error(attr_val, attr); + rc = -1; + break; } - file_source = NULL; - /* Close the /etc/default file */ - (void) defopen(0); } - return (rc); + file_source = NULL; + /* Close the /etc/default file */ + defclose_r(defp); + } + return (rc); } static int @@ -412,83 +409,83 @@ yp_parse_ldap_default_conf( char *ldap_config_attributes[n_config_keys]; char attr_buf[128]; char *attr; - static char *attr_val; + char *attr_val; int defflags; config_key attrib_num; int i, len, attr_len; + void *defp; - if ((defopen(YP_ETCCONFFILE)) == 0) { + if ((defp = defopen_r(YP_ETCCONFFILE)) != NULL) { file_source = YP_ETCCONFFILE; if (verbose) report_info("default configuration values: ", NULL); - /* Set defread() to be case insensitive */ - defflags = defcntl(DC_GETFLAGS, 0); - TURNOFF(defflags, DC_CASE); - (void) defcntl(DC_SETFLAGS, defflags); - - get_attribute_list(proxy_info, nis_config, config_info, - table_info, ldap_config_attributes); - i = 0; - while ((attr = ldap_config_attributes[i++]) != NULL) { - if ((strlcpy(attr_buf, attr, - sizeof (attr_buf))) >= - sizeof (attr_buf)) { - report_error( - "Static buffer attr_buf overflow", NULL); - return (-1); - } + /* Set defread_r() to be case insensitive */ + defflags = defcntl_r(DC_GETFLAGS, 0, defp); + TURNOFF(defflags, DC_CASE); + (void) defcntl_r(DC_SETFLAGS, defflags, defp); + + get_attribute_list(proxy_info, nis_config, config_info, + table_info, ldap_config_attributes); + i = 0; + while ((attr = ldap_config_attributes[i++]) != NULL) { + if ((strlcpy(attr_buf, attr, sizeof (attr_buf))) >= + sizeof (attr_buf)) { + report_error( + "Static buffer attr_buf overflow", NULL); + defclose_r(defp); + return (-1); + } - if ((attr_val = defread(attr_buf)) == 0) - continue; + if ((attr_val = defread_r(attr_buf, defp)) == NULL) + continue; - got_config_data = TRUE; - attrib_num = get_attrib_num(attr, strlen(attr)); - if (attrib_num == key_bad) { - report_error(attr, NULL); - rc = -1; - break; - } + got_config_data = TRUE; + attrib_num = get_attrib_num(attr, strlen(attr)); + if (attrib_num == key_bad) { + report_error(attr, NULL); + rc = -1; + break; + } - /* - * Allow either entries of the form - * attr val - * or - * attr = val - */ - while (is_whitespace(*attr_val)) - attr_val++; - if (*attr_val == '=') - attr_val++; - while (is_whitespace(*attr_val)) - attr_val++; - len = strlen(attr_val); - while (len > 0 && - is_whitespace(attr_val[len - 1])) - len--; - - if (verbose) { - report_info("\t", attr); - report_info("\t\t", attr_val); - } - if (IS_YP_BIND_INFO(attrib_num)) { - rc = add_bind_attribute(attrib_num, - attr_val, len, proxy_info); - } else if (IS_YP_OPER_INFO(attrib_num)) { - rc = add_operation_attribute(attrib_num, - attr_val, len, nis_config, - table_info); - } - if (p_error != no_parse_error) { - report_error(attr_val, attr); - rc = -1; - break; - } + /* + * Allow either entries of the form + * attr val + * or + * attr = val + */ + while (is_whitespace(*attr_val)) + attr_val++; + if (*attr_val == '=') + attr_val++; + while (is_whitespace(*attr_val)) + attr_val++; + len = strlen(attr_val); + while (len > 0 && is_whitespace(attr_val[len - 1])) + len--; + + if (verbose) { + report_info("\t", attr); + report_info("\t\t", attr_val); + } + if (IS_YP_BIND_INFO(attrib_num)) { + rc = add_bind_attribute(attrib_num, + attr_val, len, proxy_info); + } else if (IS_YP_OPER_INFO(attrib_num)) { + rc = add_operation_attribute(attrib_num, + attr_val, len, nis_config, + table_info); + } + if (p_error != no_parse_error) { + report_error(attr_val, attr); + rc = -1; + break; } - file_source = NULL; - /* Close the /etc/default file */ - (void) defopen(0); } - return (rc); + file_source = NULL; + /* Close the /etc/default file */ + defclose_r(defp); + } + return (rc); } /* @@ -602,12 +599,12 @@ parse_ldap_config_file( attr_val, len, nis_config, table_info); } else { rc = add_mapping_attribute(attrib_num, - attr_val, len, table_mapping); + attr_val, len, table_mapping); } if (rc < 0) { report_error(attr_val == NULL ? - "<no attribute>" : attr_val, _key_val); + "<no attribute>" : attr_val, _key_val); if (attr_val) free(attr_val); break; @@ -672,19 +669,19 @@ yp_parse_ldap_config_file( len = attr_val == NULL ? 0 : strlen(attr_val); if (IS_YP_CONFIG_KEYWORD(attrib_num)) { rc = add_config_attribute(attrib_num, - attr_val, len, config_info); + attr_val, len, config_info); } else if (IS_YP_BIND_INFO(attrib_num)) { rc = add_bind_attribute(attrib_num, - attr_val, len, proxy_info); + attr_val, len, proxy_info); } else if (IS_YP_OPER_INFO(attrib_num)) { rc = add_operation_attribute(attrib_num, - attr_val, len, nis_config, table_info); + attr_val, len, nis_config, table_info); } else if (IS_YP_DOMAIN_INFO(attrib_num)) { rc = add_ypdomains_attribute(attrib_num, - attr_val, len, ypDomains); + attr_val, len, ypDomains); } else if (IS_YP_MAP_ATTR(attrib_num)) { rc = add_mapping_attribute(attrib_num, - attr_val, len, table_mapping); + attr_val, len, table_mapping); } else { rc = -1; p_error = parse_unsupported_format; @@ -692,7 +689,7 @@ yp_parse_ldap_config_file( if (rc < 0) { report_error(attr_val == NULL ? - "<no attribute>" : attr_val, _key_val); + "<no attribute>" : attr_val, _key_val); if (attr_val) free(attr_val); break; @@ -769,7 +766,7 @@ get_file_attr_val(int fd, char **attr_val) s--; attribute_value = - (char *)calloc(1, (size_t)(s - start_val) + 1); + calloc(1, (size_t)(s - start_val) + 1); if (attribute_value == NULL) { p_error = parse_no_mem_error; return (key_bad); @@ -784,7 +781,7 @@ get_file_attr_val(int fd, char **attr_val) cut_here = s; while (s < end_val) { if (*s == DOUBLE_QUOTE_CHAR || - *s == SINGLE_QUOTE_CHAR) { + *s == SINGLE_QUOTE_CHAR) { cut_here = 0; break; } @@ -831,7 +828,7 @@ connect_to_ldap_config_server( } } else { if ((errnum = ldapssl_client_init( - config_info->tls_cert_db, NULL)) < 0) { + config_info->tls_cert_db, NULL)) < 0) { p_error = parse_ldapssl_client_init_error; report_error(ldapssl_err2string(errnum), NULL); return (NULL); @@ -845,7 +842,7 @@ connect_to_ldap_config_server( } (void) ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, - &ldapVersion); + &ldapVersion); (void) ldap_set_option(ld, LDAP_OPT_DEREF, &derefOption); (void) ldap_set_option(ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF); (void) ldap_set_option(ld, LDAP_OPT_TIMELIMIT, &timelimit); @@ -862,17 +859,17 @@ connect_to_ldap_config_server( for (;;) { if (config_info->auth_method == simple) { errnum = ldap_simple_bind_s(ld, config_info->proxy_dn, - config_info->proxy_passwd); + config_info->proxy_passwd); } else if (config_info->auth_method == cram_md5) { cred.bv_len = strlen(config_info->proxy_passwd); cred.bv_val = config_info->proxy_passwd; errnum = ldap_sasl_cram_md5_bind_s(ld, - config_info->proxy_dn, &cred, NULL, NULL); + config_info->proxy_dn, &cred, NULL, NULL); } else if (config_info->auth_method == digest_md5) { cred.bv_len = strlen(config_info->proxy_passwd); cred.bv_val = config_info->proxy_passwd; errnum = ldap_x_sasl_digest_md5_bind_s(ld, - config_info->proxy_dn, &cred, NULL, NULL); + config_info->proxy_dn, &cred, NULL, NULL); } else { errnum = ldap_simple_bind_s(ld, NULL, NULL); } @@ -881,12 +878,12 @@ connect_to_ldap_config_server( break; if (errnum == LDAP_CONNECT_ERROR || - errnum == LDAP_SERVER_DOWN) { + errnum == LDAP_SERVER_DOWN) { if (!retrying) { if (verbose) - report_info( + report_info( "LDAP server unavailable. Retrying...", - NULL); + NULL); retrying = TRUE; } (void) sleep(sleep_seconds); @@ -945,82 +942,71 @@ process_ldap_config_result( e = ldap_first_entry(ld, resultMsg); if (e != NULL) { - for (attr = ldap_first_attribute(ld, e, &ber); - attr != NULL; - attr = ldap_next_attribute(ld, e, ber)) { - if (verbose) - report_info("\t", attr); - attrib_num = get_attrib_num(attr, strlen(attr)); - if (attrib_num == key_bad) { + for (attr = ldap_first_attribute(ld, e, &ber); attr != NULL; + attr = ldap_next_attribute(ld, e, ber)) { + if (verbose) + report_info("\t", attr); + attrib_num = get_attrib_num(attr, strlen(attr)); + if (attrib_num == key_bad) { report_error(attr, NULL); break; - } - if ((vals = ldap_get_values(ld, e, attr)) != NULL) { - n = ldap_count_values(vals); - /* parse the attribute values */ - for (i = 0; i < n; i++) { - attr_val = vals[i]; - while (is_whitespace(*attr_val)) - attr_val++; - if (verbose) - report_info("\t\t", attr_val); - len = strlen(attr_val); - while (len > 0 && - is_whitespace(attr_val[len - 1])) - len--; - if (yp2ldap) { - if (IS_YP_BIND_INFO(attrib_num)) { - rc = add_bind_attribute( - attrib_num, attr_val, - len, proxy_info); - } else if (IS_YP_OPER_INFO( - attrib_num)) { - rc = add_operation_attribute( - attrib_num, attr_val, len, - nis_config, table_info); - } else if (IS_YP_MAP_ATTR( - attrib_num)) { - rc = add_mapping_attribute( - attrib_num, attr_val, len, - table_mapping); - } else { - p_error = - parse_unsupported_format; - } - } else { - if (IS_BIND_INFO(attrib_num)) { - rc = add_bind_attribute( - attrib_num, attr_val, len, - proxy_info); - } else if (IS_OPER_INFO(attrib_num)) { - rc = add_operation_attribute( - attrib_num, attr_val, len, - nis_config, - table_info); - } else { - rc = add_mapping_attribute( - attrib_num, attr_val, len, - table_mapping); + } + if ((vals = ldap_get_values(ld, e, attr)) != NULL) { + n = ldap_count_values(vals); + /* parse the attribute values */ + for (i = 0; i < n; i++) { + attr_val = vals[i]; + while (is_whitespace(*attr_val)) + attr_val++; + if (verbose) + report_info("\t\t", attr_val); + len = strlen(attr_val); + while (len > 0 && + is_whitespace(attr_val[len - 1])) + len--; + if (yp2ldap) { + if (IS_YP_BIND_INFO(attrib_num)) { + rc = add_bind_attribute(attrib_num, attr_val, + len, proxy_info); + } else if (IS_YP_OPER_INFO(attrib_num)) { + rc = add_operation_attribute(attrib_num, + attr_val, len, nis_config, table_info); + } else if (IS_YP_MAP_ATTR(attrib_num)) { + rc = add_mapping_attribute(attrib_num, attr_val, + len, table_mapping); + } else { + p_error = parse_unsupported_format; + } + } else { + if (IS_BIND_INFO(attrib_num)) { + rc = add_bind_attribute(attrib_num, attr_val, + len, proxy_info); + } else if (IS_OPER_INFO(attrib_num)) { + rc = add_operation_attribute(attrib_num, + attr_val, len, nis_config, table_info); + } else { + rc = add_mapping_attribute(attrib_num, attr_val, + len, table_mapping); + } + } + if (p_error != no_parse_error) { + report_error(attr_val, attr); + error_reported = TRUE; + break; } } - if (p_error != no_parse_error) { - report_error(attr_val, attr); - error_reported = TRUE; - break; - } + ldap_value_free(vals); + } else { + (void) ldap_get_option(ld, + LDAP_OPT_ERROR_NUMBER, &errnum); + if (errnum != LDAP_SUCCESS) + p_error = parse_ldap_get_values_error; } - ldap_value_free(vals); - } else { - (void) ldap_get_option(ld, LDAP_OPT_ERROR_NUMBER, - &errnum); - if (errnum != LDAP_SUCCESS) - p_error = parse_ldap_get_values_error; - } - ldap_memfree(attr); - if (p_error != no_parse_error) - break; + ldap_memfree(attr); + if (p_error != no_parse_error) + break; } - } else { + } else { errnum = ldap_result2error(ld, resultMsg, FALSE); if (errnum != LDAP_SUCCESS) p_error = parse_ldap_search_error; @@ -1082,13 +1068,13 @@ process_ldap_referral( #endif if ((ld = connect_to_ldap_config_server(ludpp->lud_host, - ludpp->lud_port, config_info)) == NULL) { + ludpp->lud_port, config_info)) == NULL) { ldap_free_urldesc(ludpp); return (-1); } errnum = ldap_search_s(ld, config_info->config_dn, LDAP_SCOPE_BASE, - "objectclass=nisplusLDAPconfig", attrs, 0, &resultMsg); + "objectclass=nisplusLDAPconfig", attrs, 0, &resultMsg); ldap_source = config_info->config_dn; @@ -1098,7 +1084,7 @@ process_ldap_referral( rc = -1; } else { rc = process_ldap_config_result(ld, resultMsg, proxy_info, - nis_config, table_mapping, table_info); + nis_config, table_mapping, table_info); } ldap_source = NULL; @@ -1138,7 +1124,7 @@ process_ldap_referral_msg( int rc; rc = ldap_parse_result(ld, resultMsg, &errCode, NULL, NULL, &referralsp, - NULL, 0); + NULL, 0); if (rc != LDAP_SUCCESS || errCode != LDAP_REFERRAL) { p_error = parse_ldap_get_values_error; @@ -1147,13 +1133,13 @@ process_ldap_referral_msg( } else { for (i = 0; referralsp[i] != NULL; i++) { rc = process_ldap_referral(referralsp[i], attrs, - proxy_info, nis_config, table_mapping, - config_info, table_info); + proxy_info, nis_config, table_mapping, + config_info, table_info); if (rc <= 0) break; else report_info("Cannot use referral \n", - referralsp[i]); + referralsp[i]); } if (rc > 0) { @@ -1202,7 +1188,7 @@ parse_ldap_config_dn_attrs( (auth_method_t)NO_VALUE_SET) p_error = parse_no_config_auth_error; else if ((config_info->default_servers == NULL) || - (config_info->default_servers[0] == '\0')) + (config_info->default_servers[0] == '\0')) p_error = parse_no_config_server_addr; if (p_error != no_parse_error) { report_error(NULL, NULL); @@ -1212,8 +1198,8 @@ parse_ldap_config_dn_attrs( if (config_info->tls_method == (tls_method_t)NO_VALUE_SET) config_info->tls_method = no_tls; else if (config_info->tls_method == ssl_tls && - (config_info->tls_cert_db == NULL || - *config_info->tls_cert_db == '\0')) { + (config_info->tls_cert_db == NULL || + *config_info->tls_cert_db == '\0')) { p_error = parse_no_config_cert_db; report_error(NULL, NULL); return (-1); @@ -1221,34 +1207,34 @@ parse_ldap_config_dn_attrs( if (verbose) report_info( - "Getting configuration from LDAP server(s): ", - config_info->default_servers); + "Getting configuration from LDAP server(s): ", + config_info->default_servers); /* Determine which attributes should be retrieved */ get_attribute_list(proxy_info, nis_config, NULL, table_info, - ldap_config_attributes); + ldap_config_attributes); if ((ld = connect_to_ldap_config_server(config_info->default_servers, 0, - config_info)) == NULL) + config_info)) == NULL) return (-1); /* Get the attribute values */ errnum = ldap_search_s(ld, config_info->config_dn, LDAP_SCOPE_BASE, - "objectclass=nisplusLDAPconfig", - ldap_config_attributes, 0, &resultMsg); + "objectclass=nisplusLDAPconfig", + ldap_config_attributes, 0, &resultMsg); ldap_source = config_info->config_dn; if (errnum == LDAP_REFERRAL) { rc = process_ldap_referral_msg(ld, resultMsg, - ldap_config_attributes, proxy_info, nis_config, - table_mapping, config_info, table_info); + ldap_config_attributes, proxy_info, nis_config, + table_mapping, config_info, table_info); } else if (errnum != LDAP_SUCCESS) { p_error = parse_ldap_search_error; report_error(ldap_err2string(errnum), 0); rc = -1; } else { rc = process_ldap_config_result(ld, resultMsg, proxy_info, - nis_config, table_mapping, table_info); + nis_config, table_mapping, table_info); } ldap_source = NULL; @@ -1313,10 +1299,10 @@ get_attribute_list( if (config_info->default_servers == NULL) attributes[n_attrs++] = YP_CONFIG_SERVER_LIST; if (config_info->auth_method == - (auth_method_t)NO_VALUE_SET) + (auth_method_t)NO_VALUE_SET) attributes[n_attrs++] = YP_CONFIG_AUTH_METHOD; if (config_info->tls_method == - (tls_method_t)NO_VALUE_SET) + (tls_method_t)NO_VALUE_SET) attributes[n_attrs++] = YP_CONFIG_TLS_OPTION; if (config_info->proxy_dn == NULL) attributes[n_attrs++] = YP_CONFIG_PROXY_USER; @@ -1330,10 +1316,10 @@ get_attribute_list( if (config_info->default_servers == NULL) attributes[n_attrs++] = CONFIG_SERVER_LIST; if (config_info->auth_method == - (auth_method_t)NO_VALUE_SET) + (auth_method_t)NO_VALUE_SET) attributes[n_attrs++] = CONFIG_AUTH_METHOD; if (config_info->tls_method == - (tls_method_t)NO_VALUE_SET) + (tls_method_t)NO_VALUE_SET) attributes[n_attrs++] = CONFIG_TLS_OPTION; if (config_info->proxy_dn == NULL) attributes[n_attrs++] = CONFIG_PROXY_USER; @@ -1383,53 +1369,53 @@ get_attribute_list( if (proxy_info->default_nis_domain == NULL) attributes[n_attrs++] = YP_LDAP_BASE_DOMAIN; if (proxy_info->bind_timeout.tv_sec == - (time_t)NO_VALUE_SET) + (time_t)NO_VALUE_SET) attributes[n_attrs++] = YP_BIND_TIMEOUT; if (proxy_info->search_timeout.tv_sec == - (time_t)NO_VALUE_SET) + (time_t)NO_VALUE_SET) attributes[n_attrs++] = YP_SEARCH_TIMEOUT; if (proxy_info->modify_timeout.tv_sec == - (time_t)NO_VALUE_SET) + (time_t)NO_VALUE_SET) attributes[n_attrs++] = YP_MODIFY_TIMEOUT; if (proxy_info->add_timeout.tv_sec == (time_t)NO_VALUE_SET) attributes[n_attrs++] = YP_ADD_TIMEOUT; if (proxy_info->delete_timeout.tv_sec == - (time_t)NO_VALUE_SET) + (time_t)NO_VALUE_SET) attributes[n_attrs++] = YP_DELETE_TIMEOUT; if (proxy_info->search_time_limit == (int)NO_VALUE_SET) attributes[n_attrs++] = YP_SEARCH_TIME_LIMIT; if (proxy_info->search_size_limit == (int)NO_VALUE_SET) attributes[n_attrs++] = YP_SEARCH_SIZE_LIMIT; if (proxy_info->follow_referral == - (follow_referral_t)NO_VALUE_SET) + (follow_referral_t)NO_VALUE_SET) attributes[n_attrs++] = YP_FOLLOW_REFERRAL; if (table_info->retrieveError == - (__nis_retrieve_error_t)NO_VALUE_SET) + (__nis_retrieve_error_t)NO_VALUE_SET) attributes[n_attrs++] = YP_RETRIEVE_ERROR_ACTION; if (table_info->retrieveErrorRetry.attempts == NO_VALUE_SET) attributes[n_attrs++] = YP_RETREIVE_ERROR_ATTEMPTS; if (table_info->retrieveErrorRetry.timeout == - (time_t)NO_VALUE_SET) + (time_t)NO_VALUE_SET) attributes[n_attrs++] = YP_RETREIVE_ERROR_TIMEOUT; if (table_info->storeError == - (__nis_store_error_t)NO_VALUE_SET) + (__nis_store_error_t)NO_VALUE_SET) attributes[n_attrs++] = YP_STORE_ERROR_ACTION; if (table_info->storeErrorRetry.attempts == NO_VALUE_SET) attributes[n_attrs++] = YP_STORE_ERROR_ATTEMPTS; if (table_info->storeErrorRetry.timeout == - (time_t)NO_VALUE_SET) + (time_t)NO_VALUE_SET) attributes[n_attrs++] = YP_STORE_ERROR_TIMEOUT; if (table_info->refreshError == - (__nis_refresh_error_t)NO_VALUE_SET) + (__nis_refresh_error_t)NO_VALUE_SET) attributes[n_attrs++] = REFRESH_ERROR_ACTION; if (table_info->refreshErrorRetry.attempts == NO_VALUE_SET) attributes[n_attrs++] = REFRESH_ERROR_ATTEMPTS; if (table_info->refreshErrorRetry.timeout == - (time_t)NO_VALUE_SET) + (time_t)NO_VALUE_SET) attributes[n_attrs++] = REFRESH_ERROR_TIMEOUT; if (table_info->matchFetch == - (__nis_match_fetch_t)NO_VALUE_SET) + (__nis_match_fetch_t)NO_VALUE_SET) attributes[n_attrs++] = YP_MATCH_FETCH; } else { if (proxy_info->default_servers == NULL) @@ -1449,69 +1435,69 @@ get_attribute_list( if (proxy_info->default_nis_domain == NULL) attributes[n_attrs++] = LDAP_BASE_DOMAIN; if (proxy_info->bind_timeout.tv_sec == - (time_t)NO_VALUE_SET) + (time_t)NO_VALUE_SET) attributes[n_attrs++] = BIND_TIMEOUT; if (proxy_info->search_timeout.tv_sec == - (time_t)NO_VALUE_SET) + (time_t)NO_VALUE_SET) attributes[n_attrs++] = SEARCH_TIMEOUT; if (proxy_info->modify_timeout.tv_sec == - (time_t)NO_VALUE_SET) + (time_t)NO_VALUE_SET) attributes[n_attrs++] = MODIFY_TIMEOUT; if (proxy_info->add_timeout.tv_sec == (time_t)NO_VALUE_SET) attributes[n_attrs++] = ADD_TIMEOUT; if (proxy_info->delete_timeout.tv_sec == - (time_t)NO_VALUE_SET) + (time_t)NO_VALUE_SET) attributes[n_attrs++] = DELETE_TIMEOUT; if (proxy_info->search_time_limit == (int)NO_VALUE_SET) attributes[n_attrs++] = SEARCH_TIME_LIMIT; if (proxy_info->search_size_limit == (int)NO_VALUE_SET) attributes[n_attrs++] = SEARCH_SIZE_LIMIT; if (proxy_info->follow_referral == - (follow_referral_t)NO_VALUE_SET) + (follow_referral_t)NO_VALUE_SET) attributes[n_attrs++] = FOLLOW_REFERRAL; if (table_info->retrieveError == - (__nis_retrieve_error_t)NO_VALUE_SET) + (__nis_retrieve_error_t)NO_VALUE_SET) attributes[n_attrs++] = RETRIEVE_ERROR_ACTION; if (table_info->retrieveErrorRetry.attempts == NO_VALUE_SET) attributes[n_attrs++] = RETREIVE_ERROR_ATTEMPTS; if (table_info->retrieveErrorRetry.timeout == - (time_t)NO_VALUE_SET) + (time_t)NO_VALUE_SET) attributes[n_attrs++] = RETREIVE_ERROR_TIMEOUT; if (table_info->storeError == - (__nis_store_error_t)NO_VALUE_SET) + (__nis_store_error_t)NO_VALUE_SET) attributes[n_attrs++] = STORE_ERROR_ACTION; if (table_info->storeErrorRetry.attempts == NO_VALUE_SET) attributes[n_attrs++] = STORE_ERROR_ATTEMPTS; if (table_info->storeErrorRetry.timeout == - (time_t)NO_VALUE_SET) + (time_t)NO_VALUE_SET) attributes[n_attrs++] = STORE_ERROR_TIMEOUT; if (table_info->refreshError == - (__nis_refresh_error_t)NO_VALUE_SET) + (__nis_refresh_error_t)NO_VALUE_SET) attributes[n_attrs++] = REFRESH_ERROR_ACTION; if (table_info->refreshErrorRetry.attempts == NO_VALUE_SET) attributes[n_attrs++] = REFRESH_ERROR_ATTEMPTS; if (table_info->refreshErrorRetry.timeout == - (time_t)NO_VALUE_SET) + (time_t)NO_VALUE_SET) attributes[n_attrs++] = REFRESH_ERROR_TIMEOUT; if (table_info->matchFetch == - (__nis_match_fetch_t)NO_VALUE_SET) + (__nis_match_fetch_t)NO_VALUE_SET) attributes[n_attrs++] = MATCH_FETCH; } switch (nis_config->initialUpdate) { - case (__nis_initial_update_t)NO_VALUE_SET: - attributes[n_attrs++] = INITIAL_UPDATE_ACTION; - attributes[n_attrs++] = INITIAL_UPDATE_ONLY; - break; - case (__nis_initial_update_t)INITIAL_UPDATE_NO_ACTION: - case (__nis_initial_update_t)NO_INITIAL_UPDATE_NO_ACTION: - attributes[n_attrs++] = INITIAL_UPDATE_ACTION; - break; - case (__nis_initial_update_t)FROM_NO_INITIAL_UPDATE: - case (__nis_initial_update_t)TO_NO_INITIAL_UPDATE: - attributes[n_attrs++] = INITIAL_UPDATE_ONLY; - break; + case (__nis_initial_update_t)NO_VALUE_SET: + attributes[n_attrs++] = INITIAL_UPDATE_ACTION; + attributes[n_attrs++] = INITIAL_UPDATE_ONLY; + break; + case (__nis_initial_update_t)INITIAL_UPDATE_NO_ACTION: + case (__nis_initial_update_t)NO_INITIAL_UPDATE_NO_ACTION: + attributes[n_attrs++] = INITIAL_UPDATE_ACTION; + break; + case (__nis_initial_update_t)FROM_NO_INITIAL_UPDATE: + case (__nis_initial_update_t)TO_NO_INITIAL_UPDATE: + attributes[n_attrs++] = INITIAL_UPDATE_ONLY; + break; } if (nis_config->threadCreationError == @@ -1520,7 +1506,7 @@ get_attribute_list( if (nis_config->threadCreationErrorTimeout.attempts == NO_VALUE_SET) attributes[n_attrs++] = THREAD_CREATE_ERROR_ATTEMPTS; if (nis_config->threadCreationErrorTimeout.timeout == - (time_t)NO_VALUE_SET) + (time_t)NO_VALUE_SET) attributes[n_attrs++] = THREAD_CREATE_ERROR_TIMEOUT; if (nis_config->dumpError == (__nis_dump_error_t)NO_VALUE_SET) attributes[n_attrs++] = DUMP_ERROR_ACTION; @@ -1531,7 +1517,7 @@ get_attribute_list( if (nis_config->resyncService == (__nis_resync_service_t)NO_VALUE_SET) attributes[n_attrs++] = RESYNC; if (nis_config->updateBatching == - (__nis_update_batching_t)NO_VALUE_SET) + (__nis_update_batching_t)NO_VALUE_SET) attributes[n_attrs++] = UPDATE_BATCHING; if (nis_config->updateBatchingTimeout.timeout == (time_t)NO_VALUE_SET) attributes[n_attrs++] = UPDATE_BATCHING_TIMEOUT; diff --git a/usr/src/lib/libpam/pam_framework.c b/usr/src/lib/libpam/pam_framework.c index 520dbc3f42..6544326585 100644 --- a/usr/src/lib/libpam/pam_framework.c +++ b/usr/src/lib/libpam/pam_framework.c @@ -19,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2008 Sun Microsystems, Inc. All rights reserved. + * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -197,7 +197,9 @@ pam_trace_cname(pam_handle_t *pamh) static void pam_settrace() { - if (defopen(PAM_DEBUG) == 0) { + void *defp; + + if ((defp = defopen_r(PAM_DEBUG)) != NULL) { char *arg; int code; int facility = LOG_AUTH; @@ -205,23 +207,23 @@ pam_settrace() pam_debug = PAM_DEBUG_DEFAULT; log_priority = LOG_DEBUG; - (void) defcntl(DC_SETFLAGS, DC_CASE); - if ((arg = defread(LOG_PRIORITY)) != NULL) { + (void) defcntl_r(DC_SETFLAGS, DC_CASE, defp); + if ((arg = defread_r(LOG_PRIORITY, defp)) != NULL) { code = (int)strtol(arg, NULL, 10); if ((code & ~LOG_PRIMASK) == 0) { log_priority = code; } } - if ((arg = defread(LOG_FACILITY)) != NULL) { + if ((arg = defread_r(LOG_FACILITY, defp)) != NULL) { code = (int)strtol(arg, NULL, 10); if (code < LOG_NFACILITIES) { facility = code << 3; } } - if ((arg = defread(DEBUG_FLAGS)) != NULL) { + if ((arg = defread_r(DEBUG_FLAGS, defp)) != NULL) { pam_debug = (int)strtol(arg, NULL, 0); } - (void) defopen(NULL); /* close */ + defclose_r(defp); log_priority |= facility; } diff --git a/usr/src/lib/libsecdb/common/chkauthattr.c b/usr/src/lib/libsecdb/common/chkauthattr.c index 04b1fe8846..440de4df8a 100644 --- a/usr/src/lib/libsecdb/common/chkauthattr.c +++ b/usr/src/lib/libsecdb/common/chkauthattr.c @@ -19,12 +19,10 @@ * CDDL HEADER END */ /* - * Copyright 2008 Sun Microsystems, Inc. All rights reserved. + * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ -#pragma ident "%Z%%M% %I% %E% SMI" - #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -266,8 +264,9 @@ _get_user_defs(const char *user, char **def_auth, char **def_prof) { char *cp; char *profs; + void *defp; - if (defopen(AUTH_POLICY) != 0) { + if ((defp = defopen_r(AUTH_POLICY)) == NULL) { if (def_auth != NULL) { *def_auth = NULL; } @@ -278,9 +277,9 @@ _get_user_defs(const char *user, char **def_auth, char **def_prof) } if (def_auth != NULL) { - if ((cp = defread(DEF_AUTH)) != NULL) { + if ((cp = defread_r(DEF_AUTH, defp)) != NULL) { if ((*def_auth = strdup(cp)) == NULL) { - (void) defopen(NULL); + defclose_r(defp); return (-1); } } else { @@ -289,21 +288,21 @@ _get_user_defs(const char *user, char **def_auth, char **def_prof) } if (def_prof != NULL) { if (is_cons_user(user) && - (cp = defread(DEF_CONSUSER)) != NULL) { + (cp = defread_r(DEF_CONSUSER, defp)) != NULL) { if ((*def_prof = strdup(cp)) == NULL) { - (void) defopen(NULL); + defclose_r(defp); return (-1); } } - if ((cp = defread(DEF_PROF)) != NULL) { + if ((cp = defread_r(DEF_PROF, defp)) != NULL) { int prof_len; if (*def_prof == NULL) { if ((*def_prof = strdup(cp)) == NULL) { - (void) defopen(NULL); + defclose_r(defp); return (-1); } - (void) defopen(NULL); + defclose_r(defp); return (0); } @@ -312,7 +311,7 @@ _get_user_defs(const char *user, char **def_auth, char **def_prof) if ((profs = malloc(prof_len)) == NULL) { free(*def_prof); *def_prof = NULL; - (void) defopen(NULL); + defclose_r(defp); return (-1); } (void) snprintf(profs, prof_len, "%s,%s", *def_prof, @@ -322,7 +321,7 @@ _get_user_defs(const char *user, char **def_auth, char **def_prof) } } - (void) defopen(NULL); + defclose_r(defp); return (0); } diff --git a/usr/src/lib/pam_modules/authtok_check/authtok_check.c b/usr/src/lib/pam_modules/authtok_check/authtok_check.c index f53a77e69b..9b2cacec7b 100644 --- a/usr/src/lib/pam_modules/authtok_check/authtok_check.c +++ b/usr/src/lib/pam_modules/authtok_check/authtok_check.c @@ -2,9 +2,8 @@ * CDDL HEADER START * * The contents of this file are subject to the terms of the - * Common Development and Distribution License, Version 1.0 only - * (the "License"). You may not use this file except in compliance - * with the License. + * Common Development and Distribution License (the "License"). + * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. @@ -20,12 +19,10 @@ * CDDL HEADER END */ /* - * Copyright 2005 Sun Microsystems, Inc. All rights reserved. + * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ -#pragma ident "%Z%%M% %I% %E% SMI" - #include <sys/types.h> #include <sys/varargs.h> #include <sys/param.h> @@ -125,11 +122,11 @@ error(pam_handle_t *pamh, int flags, char *fmt, ...) } int -defread_int(char *name, uint_t *ip) +defread_int(char *name, uint_t *ip, void *defp) { char *q; int r = 0; - if ((q = defread(name)) != NULL) { + if ((q = defread_r(name, defp)) != NULL) { if (!isdigit(*q)) { syslog(LOG_ERR, "pam_authtok_check: %s contains " "non-integer value for %s: %s. " @@ -156,6 +153,7 @@ get_passwd_defaults(pam_handle_t *pamh, char *user, struct pwdefaults *p) attrlist attr[2]; int result; char *progname; + void *defp; (void) pam_get_item(pamh, PAM_SERVICE, (void **)&progname); @@ -175,74 +173,77 @@ get_passwd_defaults(pam_handle_t *pamh, char *user, struct pwdefaults *p) p->mindigit = 0; p->whitespace = B_TRUE; - if (defopen(PWADMIN) != 0) + if ((defp = defopen_r(PWADMIN)) == NULL) return (PAM_SUCCESS); - (void) defread_int("PASSLENGTH=", &p->minlength); + (void) defread_int("PASSLENGTH=", &p->minlength, defp); - if ((q = defread("NAMECHECK=")) != NULL && strcasecmp(q, "NO") == 0) + if ((q = defread_r("NAMECHECK=", defp)) != NULL && + strcasecmp(q, "NO") == 0) p->do_namecheck = B_FALSE; - if ((q = defread("DICTIONLIST=")) != NULL) { + if ((q = defread_r("DICTIONLIST=", defp)) != NULL) { if ((p->dicts = strdup(q)) == NULL) { syslog(LOG_ERR, "pam_authtok_check: out of memory"); - (void) defopen(NULL); + defclose_r(defp); return (PAM_BUF_ERR); } p->do_dictcheck = B_TRUE; - } else + } else { p->dicts = NULL; + } - if ((q = defread("DICTIONDBDIR=")) != NULL) { + if ((q = defread_r("DICTIONDBDIR=", defp)) != NULL) { if (strlcpy(p->db_location, q, sizeof (p->db_location)) >= sizeof (p->db_location)) { syslog(LOG_ERR, "pam_authtok_check: value for " "DICTIONDBDIR too large."); - (void) defopen(NULL); + defclose_r(defp); return (PAM_SYSTEM_ERR); } p->do_dictcheck = B_TRUE; - } else + } else { (void) strlcpy(p->db_location, CRACK_DIR, sizeof (p->db_location)); + } - (void) defread_int("MINDIFF=", &p->mindiff); - (void) defread_int("MINALPHA=", &p->minalpha); - (void) defread_int("MINUPPER=", &p->minupper); - (void) defread_int("MINLOWER=", &p->minlower); - if (defread_int("MINNONALPHA=", &p->minnonalpha)) + (void) defread_int("MINDIFF=", &p->mindiff, defp); + (void) defread_int("MINALPHA=", &p->minalpha, defp); + (void) defread_int("MINUPPER=", &p->minupper, defp); + (void) defread_int("MINLOWER=", &p->minlower, defp); + if (defread_int("MINNONALPHA=", &p->minnonalpha, defp)) minnonalpha_defined = B_TRUE; - (void) defread_int("MAXREPEATS=", &p->maxrepeat); + (void) defread_int("MAXREPEATS=", &p->maxrepeat, defp); - if (defread_int("MINSPECIAL=", &p->minspecial)) { + if (defread_int("MINSPECIAL=", &p->minspecial, defp)) { if (minnonalpha_defined) { syslog(LOG_ERR, "pam_authtok_check: %s contains " "definition for MINNONALPHA and for MINSPECIAL. " "These options are mutually exclusive.", PWADMIN); - (void) defopen(NULL); + defclose_r(defp); return (PAM_SYSTEM_ERR); } p->minnonalpha = 0; } - if (defread_int("MINDIGIT=", &p->mindigit)) { + if (defread_int("MINDIGIT=", &p->mindigit, defp)) { if (minnonalpha_defined) { syslog(LOG_ERR, "pam_authtok_check: %s contains " "definition for MINNONALPHA and for MINDIGIT. " "These options are mutually exclusive.", PWADMIN); - (void) defopen(NULL); + defclose_r(defp); return (PAM_SYSTEM_ERR); } p->minnonalpha = 0; } - if ((q = defread("WHITESPACE=")) != NULL) + if ((q = defread_r("WHITESPACE=", defp)) != NULL) p->whitespace = (strcasecmp(q, "no") == 0 || strcmp(q, "0") == 0) ? B_FALSE : B_TRUE; - (void) defopen(NULL); + defclose_r(defp); /* * Determine the number of significant characters in a password @@ -552,7 +553,7 @@ check_composition(char *pw, struct pwdefaults *pwdef, pam_handle_t *pamh, pwdef->minnonalpha) { error(pamh, flags, errmsg, pwdef->minnonalpha, dgettext(TEXT_DOMAIN, - "numeric or special character(s)")); + "numeric or special character(s)")); ret = 1; goto out; } diff --git a/usr/src/lib/pam_modules/unix_account/unix_acct.c b/usr/src/lib/pam_modules/unix_account/unix_acct.c index d064fc6bdb..bbeadd98ef 100644 --- a/usr/src/lib/pam_modules/unix_account/unix_acct.c +++ b/usr/src/lib/pam_modules/unix_account/unix_acct.c @@ -19,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2008 Sun Microsystems, Inc. All rights reserved. + * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -61,8 +61,6 @@ /* * Function Declarations */ -extern int defopen(char *); -extern char *defread(char *); extern void setusershell(); extern int _nfssys(int, void *); @@ -188,12 +186,13 @@ perform_passwd_aging_check( int idledays = -1; char *ptr; char messages[PAM_MAX_NUM_MSG][PAM_MAX_MSG_SIZE]; + void *defp; - if (defopen(LOGINADMIN) == 0) { - if ((ptr = defread("IDLEWEEKS=")) != NULL) + if ((defp = defopen_r(LOGINADMIN)) != NULL) { + if ((ptr = defread_r("IDLEWEEKS=", defp)) != NULL) idledays = 7 * atoi(ptr); - (void) defopen(NULL); + defclose_r(defp); } /* diff --git a/usr/src/lib/pam_modules/unix_auth/unix_auth.c b/usr/src/lib/pam_modules/unix_auth/unix_auth.c index d0e8992279..1fcda7e2b8 100644 --- a/usr/src/lib/pam_modules/unix_auth/unix_auth.c +++ b/usr/src/lib/pam_modules/unix_auth/unix_auth.c @@ -19,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2008 Sun Microsystems, Inc. All rights reserved. + * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -72,20 +72,21 @@ get_max_failed(char *user) int do_lock = 0; int retval = 0; char *p; + void *defp; if ((uattr = getusernam(user)) != NULL) val = kva_match(uattr->attr, USERATTR_LOCK_AFTER_RETRIES_KW); - if (val != NULL) + if (val != NULL) { do_lock = (strcasecmp(val, "yes") == 0); - else if (defopen(AUTH_POLICY) == 0) { + } else if ((defp = defopen_r(AUTH_POLICY)) != NULL) { int flags; - flags = defcntl(DC_GETFLAGS, 0); + flags = defcntl_r(DC_GETFLAGS, 0, defp); TURNOFF(flags, DC_CASE); - (void) defcntl(DC_SETFLAGS, flags); - if ((p = defread("LOCK_AFTER_RETRIES=")) != NULL) + (void) defcntl_r(DC_SETFLAGS, flags, defp); + if ((p = defread_r("LOCK_AFTER_RETRIES=", defp)) != NULL) do_lock = (strcasecmp(p, "yes") == 0); - (void) defopen(NULL); + defclose_r(defp); } if (uattr != NULL) @@ -93,10 +94,10 @@ get_max_failed(char *user) if (do_lock) { retval = MAXTRYS; - if (defopen(LOGINADMIN) == 0) { - if ((p = defread("RETRIES=")) != NULL) + if ((defp = defopen_r(LOGINADMIN)) != NULL) { + if ((p = defread_r("RETRIES=", defp)) != NULL) retval = atoi(p); - (void) defopen(NULL); + defclose_r(defp); } } diff --git a/usr/src/lib/pam_modules/unix_cred/unix_cred.c b/usr/src/lib/pam_modules/unix_cred/unix_cred.c index 305cbade9d..22256206ef 100644 --- a/usr/src/lib/pam_modules/unix_cred/unix_cred.c +++ b/usr/src/lib/pam_modules/unix_cred/unix_cred.c @@ -19,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2008 Sun Microsystems, Inc. All rights reserved. + * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -80,7 +80,8 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) * fall back to the default, "defname". */ static int -getset(char *keyname, char *defname, userattr_t *ua, priv_set_t **res) +getset(char *keyname, char *defname, userattr_t *ua, priv_set_t **res, + void *defp) { char *str; priv_set_t *tmp; @@ -89,7 +90,7 @@ getset(char *keyname, char *defname, userattr_t *ua, priv_set_t **res) if ((ua == NULL || ua->attr == NULL || (str = kva_match(ua->attr, keyname)) == NULL) && - (str = defread(defname)) == NULL) + (defp == NULL || (str = defread_r(defname, defp)) == NULL)) return (0); len = strlen(str) + 1; @@ -172,6 +173,7 @@ pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) char *kvs; struct passwd pwd; char pwbuf[NSS_BUFLEN_PASSWD]; + void *defp; for (i = 0; i < argc; i++) { if (strcmp(argv[i], "debug") == 0) @@ -529,12 +531,12 @@ adt_done: ua = getusernam(user); - (void) defopen(AUTH_POLICY); + defp = defopen_r(AUTH_POLICY); tset = def = lim = NULL; - if (getset(USERATTR_LIMPRIV_KW, DEF_LIMITPRIV, ua, &lim) != 0 || - getset(USERATTR_DFLTPRIV_KW, DEF_DFLTPRIV, ua, &def) != 0) { + if (getset(USERATTR_LIMPRIV_KW, DEF_LIMITPRIV, ua, &lim, defp) != 0 || + getset(USERATTR_DFLTPRIV_KW, DEF_DFLTPRIV, ua, &def, defp) != 0) { ret = PAM_SYSTEM_ERR; goto out; } @@ -596,7 +598,8 @@ adt_done: (void) setpflags(PRIV_AWARE, 0); out: - (void) defopen(NULL); + if (defp != NULL) + defclose_r(defp); if (ua != NULL) free_userattr(ua); diff --git a/usr/src/lib/passwdutil/utils.c b/usr/src/lib/passwdutil/utils.c index f723472465..2f6474ef29 100644 --- a/usr/src/lib/passwdutil/utils.c +++ b/usr/src/lib/passwdutil/utils.c @@ -2,9 +2,8 @@ * CDDL HEADER START * * The contents of this file are subject to the terms of the - * Common Development and Distribution License, Version 1.0 only - * (the "License"). You may not use this file except in compliance - * with the License. + * Common Development and Distribution License (the "License"). + * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. @@ -20,12 +19,10 @@ * CDDL HEADER END */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ -#pragma ident "%Z%%M% %I% %E% SMI" - #include <sys/types.h> #include <sys/time.h> #include <string.h> @@ -161,12 +158,12 @@ no_mem: * return the supplied default value */ int -def_getuint(char *name, int defvalue) +def_getuint(char *name, int defvalue, void *defp) { char *p; int val = -1; /* -1 is a guard to catch undefined values */ - if (p = defread(name)) + if ((p = defread_r(name, defp)) != NULL) val = atoi(p); return (val >= 0 ? val : defvalue); @@ -178,16 +175,17 @@ turn_on_default_aging(struct spwd *spw) int minweeks; int maxweeks; int warnweeks; + void *defp; - if (defopen(PWADMIN) != 0) { + if ((defp = defopen_r(PWADMIN)) == NULL) { minweeks = MINWEEKS; maxweeks = MAXWEEKS; warnweeks = WARNWEEKS; } else { - minweeks = def_getuint("MINWEEKS=", MINWEEKS); - maxweeks = def_getuint("MAXWEEKS=", MAXWEEKS); - warnweeks = def_getuint("WARNWEEKS=", WARNWEEKS); - (void) defopen(NULL); + minweeks = def_getuint("MINWEEKS=", MINWEEKS, defp); + maxweeks = def_getuint("MAXWEEKS=", MAXWEEKS, defp); + warnweeks = def_getuint("WARNWEEKS=", WARNWEEKS, defp); + defclose_r(defp); } /* @@ -219,12 +217,14 @@ int def_getint(char *name, int defvalue) { int val; + void *defp; - if (defopen(PWADMIN) != 0) + if ((defp = defopen_r(PWADMIN)) == NULL) { val = defvalue; - else - val = def_getuint(name, defvalue); + } else { + val = def_getuint(name, defvalue, defp); + defclose_r(defp); + } - (void) defopen(NULL); return (val); } |