static nss_status_t read_passwdstring(TFILE *fp,nss_XbyY_args_t *args)
{
struct passwd result;
nss_status_t retv;
char *buffer;
size_t buflen;
/* read the passwd */
retv=read_passwd(fp,&result,NSS_ARGS(args)->buf.buffer,args->buf.buflen,&errno);
if (retv!=NSS_STATUS_SUCCESS)
return retv;
/* allocate a temporary buffer */
buflen=args->buf.buflen;
buffer=(char *)malloc(buflen);
/* build the formatted string */
/* FIXME: implement proper buffer size checking */
sprintf(buffer,"%s:%s:%d:%d:%s:%s:%s",
result.pw_name,result.pw_passwd,(int)result.pw_uid,(int)result.pw_gid,result.pw_gecos,
result.pw_dir,result.pw_shell);
/* copy the result back to the result buffer and free the temporary one */
strcpy(NSS_ARGS(args)->buf.buffer,buffer);
free(buffer);
NSS_ARGS(args)->returnval=NSS_ARGS(args)->buf.buffer;
NSS_ARGS(args)->returnlen=strlen(NSS_ARGS(args)->buf.buffer);
return NSS_STATUS_SUCCESS;
}
/* read password data from an opened stream */
nss_status_t _nss_ldap_getpwent_r(
struct passwd *result,
char *buffer,size_t buflen,int *errnop)
{
NSS_GETENT(pwentfp,NSLCD_ACTION_PASSWD_ALL,
read_passwd(pwentfp,result,buffer,buflen,errnop));
}
/* get a single passwd entry by uid */
nss_status_t _nss_ldap_getpwuid_r(uid_t uid, struct passwd *result,
char *buffer, size_t buflen, int *errnop)
{
NSS_GETONE(NSLCD_ACTION_PASSWD_BYUID,
WRITE_INT32(fp, uid),
read_passwd(fp, result, buffer, buflen, errnop));
}
/* get a single passwd entry by name */
nss_status_t _nss_ldap_getpwnam_r(const char *name, struct passwd *result,
char *buffer, size_t buflen, int *errnop)
{
NSS_GETONE(NSLCD_ACTION_PASSWD_BYNAME,
WRITE_STRING(fp, name),
read_passwd(fp, result, buffer, buflen, errnop));
}
int main(void)
{
char passwd[256];
read_passwd(passwd);
printf("\n%s\n", passwd);
return 0;
}
void init_userdb() {
read_passwd();
if (passwd_cnt == 0) {
passwdtab = &defpasswd;
passwd_cnt = 1;
}
read_group();
if (group_cnt == 0) {
grouptab = &defgroup;
group_cnt = 1;
}
}
int main(int argc,char * const *argv) {
const char *hostname;
int opt;
struct servent *se;
char *x;
unsigned long u;
int s;
int t;
io_opt = ssl_io_opt_default;
io_opt.timeout = 3600;
while ((opt = getopt(argc,argv,"46dDvqQhHrR1UXx:t:T:u:g:l:b:B:c:Z:pPoO3IiEeSsaAw:nNyYuUjJ")) != opteof)
switch(opt) {
case 'b': scan_ulong(optarg,&backlog); break;
case 'c': scan_ulong(optarg,&limit); break;
case 'X': flagallownorules = 1; break;
case 'x': fnrules = optarg; break;
case 'B': banner = optarg; break;
case 'd': flagdelay = 1; break;
case 'D': flagdelay = 0; break;
case 'v': verbosity = 2; break;
case 'q': verbosity = 0; break;
case 'Q': verbosity = 1; break;
case 'P': flagparanoid = 0; break;
case 'p': flagparanoid = 1; break;
case 'O': flagkillopts = 1; break;
case 'o': flagkillopts = 0; break;
case 'H': flagremotehost = 0; break;
case 'h': flagremotehost = 1; break;
case 'R': flagremoteinfo = 0; break;
case 'r': flagremoteinfo = 1; break;
case 't': scan_ulong(optarg,&timeout); break;
case 'T': scan_ulong(optarg,&ssltimeout); break;
case 'w': scan_uint(optarg,&io_opt.timeout); break;
case 'U': x = env_get("UID"); if (x) scan_ulong(x,&uid);
x = env_get("GID"); if (x) scan_ulong(x,&gid); break;
case 'u': scan_ulong(optarg,&uid); break;
case 'g': scan_ulong(optarg,&gid); break;
case 'Z': netif=socket_getifidx(optarg); break;
case '1': flag1 = 1; break;
case '4': noipv6 = 1; break;
case '6': forcev6 = 1; break;
case 'l': localhost = optarg; break;
case '3': flag3 = 1; break;
case 'I': flagclientcert = 0; break;
case 'i': flagclientcert = 1; break;
case 'S': flagsslenv = 0; break;
case 's': flagsslenv = 1; break;
case 'E': flagtcpenv = 0; break;
case 'e': flagtcpenv = 1; break;
case 'n': case 'y': flagsslwait = 1; break;
case 'N': case 'Y': flagsslwait = 0; break;
case 'j': io_opt.just_shutdown = 1; break;
case 'J': io_opt.just_shutdown = 0; break;
default: usage();
}
argc -= optind;
argv += optind;
if (!verbosity)
buffer_2->fd = -1;
hostname = *argv++;
if (!hostname) usage();
if (str_equal(hostname,"")) hostname = "0";
x = *argv++;
if (!x) usage();
prog = argv;
if (!*argv) usage();
if (!x[scan_ulong(x,&u)])
localport = u;
else {
se = getservbyname(x,"tcp");
if (!se)
strerr_die3x(111,FATAL,"unable to figure out port number for ",x);
uint16_unpack_big((char*)&se->s_port,&localport);
}
if (x = env_get("VERIFYDEPTH")) {
scan_ulong(x,&u);
verifydepth = u;
}
if (x = env_get("CAFILE")) cafile = x;
if (cafile && str_equal(cafile,"")) cafile = 0;
if (x = env_get("CCAFILE")) ccafile = x;
if (ccafile && str_equal(ccafile,"")) ccafile = 0;
if (!flagclientcert) ccafile = 0;
if (x = env_get("CADIR")) cadir = x;
if (cadir && str_equal(cadir,"")) cadir= 0;
if (x = env_get("CERTFILE")) certfile = x;
if (certfile && str_equal(certfile,"")) certfile = 0;
if (x = env_get("KEYFILE")) keyfile = x;
if (keyfile && str_equal(keyfile,"")) keyfile = 0;
if (x = env_get("DHFILE")) dhfile = x;
if (dhfile && str_equal(dhfile,"")) dhfile = 0;
if (x = env_get("CIPHERS")) ciphers = x;
if (ciphers && str_equal(ciphers,"")) ciphers = 0;
sig_block(sig_child);
sig_catch(sig_child,sigchld);
sig_catch(sig_term,sigterm);
sig_ignore(sig_pipe);
if (str_equal(hostname,"0")) {
byte_zero(localip,sizeof localip);
} else {
if (!stralloc_copys(&tmp,hostname))
strerr_die2x(111,FATAL,"out of memory");
if (dns_ip6_qualify(&addresses,&fqdn,&tmp) == -1)
strerr_die4sys(111,FATAL,"temporarily unable to figure out IP address for ",hostname,": ");
if (addresses.len < 16)
strerr_die3x(111,FATAL,"no IP address for ",hostname);
byte_copy(localip,16,addresses.s);
if (ip6_isv4mapped(localip))
noipv6=1;
}
s = socket_tcp6();
if (s == -1)
strerr_die2sys(111,FATAL,"unable to create socket: ");
if (socket_bind6_reuse(s,localip,localport,netif) == -1)
strerr_die2sys(111,FATAL,"unable to bind: ");
if (socket_local6(s,localip,&localport,&netif) == -1)
strerr_die2sys(111,FATAL,"unable to get local address: ");
if (socket_listen(s,backlog) == -1)
strerr_die2sys(111,FATAL,"unable to listen: ");
ndelay_off(s);
localportstr[fmt_ulong(localportstr,localport)] = 0;
if (flag1) {
buffer_init(&b,buffer_unixwrite,1,bspace,sizeof bspace);
buffer_puts(&b,localportstr);
buffer_puts(&b,"\n");
buffer_flush(&b);
}
if (flag3) read_passwd();
ctx = ssl_server();
ssl_errstr();
if (!ctx) strerr_die2x(111,FATAL,"unable to create SSL context");
switch (ssl_certkey(ctx,certfile,keyfile,passwd_cb)) {
case -1: strerr_die2x(111,FATAL,"unable to load certificate");
case -2: strerr_die2x(111,FATAL,"unable to load key");
case -3: strerr_die2x(111,FATAL,"key does not match certificate");
default: break;
}
if (!ssl_ca(ctx,cafile,cadir,verifydepth))
strerr_die2x(111,FATAL,"unable to load CA list");
if (!ssl_cca(ctx,ccafile))
strerr_die2x(111,FATAL,"unable to load client CA list");
if (!ssl_params(ctx,dhfile,rsalen))
strerr_die2x(111,FATAL,"unable to set cipher parameters");
if (!ssl_ciphers(ctx,ciphers))
strerr_die2x(111,FATAL,"unable to set cipher list");
if (verbosity >= 2) {
strnum[fmt_ulong(strnum,getpid())] = 0;
strnum2[fmt_ulong(strnum2,rsalen)] = 0;
strerr_warn4("sslserver: cafile ",strnum," ",cafile,0);
strerr_warn4("sslserver: ccafile ",strnum," ",ccafile,0);
strerr_warn4("sslserver: cadir ",strnum," ",cadir,0);
strerr_warn4("sslserver: cert ",strnum," ",certfile,0);
strerr_warn4("sslserver: key ",strnum," ",keyfile,0);
strerr_warn6("sslserver: param ",strnum," ",dhfile," ",strnum2,0);
}
close(0); open_read("/dev/null");
close(1); open_append("/dev/null");
printstatus();
for (;;) {
while (numchildren >= limit) sig_pause();
sig_unblock(sig_child);
t = socket_accept6(s,remoteip,&remoteport,&netif);
sig_block(sig_child);
if (t == -1) continue;
++numchildren; printstatus();
switch(fork()) {
case 0:
close(s);
doit(t);
strerr_die4sys(111,DROP,"unable to run ",*argv,": ");
case -1:
strerr_warn2(DROP,"unable to fork: ",&strerr_sys);
--numchildren; printstatus();
}
close(t);
}
}
int main(int argc,char * const *argv) {
const char *hostname;
int opt;
char *x;
unsigned long u;
int s;
int t;
int flagv4 = 1, flagv6 = 1, rc;
struct addrinfo *localai = NULL, hints = {0}, *ai;
while ((opt = getopt(argc,argv,"dDvqQhHrR1UXx:t:T:u:g:l:b:B:c:pPoO3IiEeSsw:nN46")) != opteof)
switch(opt) {
case 'b': scan_ulong(optarg,&backlog); break;
case 'c': scan_ulong(optarg,&limit); break;
case 'X': flagallownorules = 1; break;
case 'x': fnrules = optarg; break;
case 'B': banner = optarg; break;
case 'd': flagdelay = 1; break;
case 'D': flagdelay = 0; break;
case 'v': verbosity = 2; break;
case 'q': verbosity = 0; break;
case 'Q': verbosity = 1; break;
case 'P': flagparanoid = 0; break;
case 'p': flagparanoid = 1; break;
case 'O': flagkillopts = 1; break;
case 'o': flagkillopts = 0; break;
case 'H': flagremotehost = 0; break;
case 'h': flagremotehost = 1; break;
case 'R': flagremoteinfo = 0; break;
case 'r': flagremoteinfo = 1; break;
case 't': scan_ulong(optarg,&timeout); break;
case 'T': scan_ulong(optarg,&ssltimeout); break;
case 'w': scan_uint(optarg,&progtimeout); break;
case 'U': x = env_get("UID"); if (x) scan_ulong(x,&uid);
x = env_get("GID"); if (x) scan_ulong(x,&gid); break;
case 'u': scan_ulong(optarg,&uid); break;
case 'g': scan_ulong(optarg,&gid); break;
case '1': flag1 = 1; break;
case 'l': localhost = optarg; break;
case '3': flag3 = 1; break;
case 'I': flagclientcert = 0; break;
case 'i': flagclientcert = 1; break;
case 'S': flagsslenv = 0; break;
case 's': flagsslenv = 1; break;
case 'E': flagtcpenv = 0; break;
case 'e': flagtcpenv = 1; break;
case 'n': flagsslwait = 1; break;
case 'N': flagsslwait = 0; break;
case '4': flagv6 = 0; break;
case '6': flagv4 = 0; break;
default: usage();
}
if (flagv4 == flagv6) { flagv4 = flagv6 = 1; }
argc -= optind;
argv += optind;
if (!verbosity)
buffer_2->fd = -1;
hostname = *argv++;
if (!hostname) usage();
if (str_equal(hostname,"")) hostname = NULL;
if (str_equal(hostname,"0")) hostname = NULL;
x = *argv++;
if (!x) usage();
prog = argv;
if (!*argv) usage();
hints.ai_family = flagv4 == flagv6 ? AF_UNSPEC : flagv4 ? AF_INET : AF_INET6;
hints.ai_socktype = SOCK_STREAM;
hints.ai_flags = AI_PASSIVE;
if ((rc = getaddrinfo(hostname, x, &hints, &localai))) {
strerr_die(111,FATAL "unable to figure out address for ", hostname ? hostname : "0",
" ",x,": ",gai_strerror(rc),0);
}
if (!localai) {
strerr_die2x(111,FATAL,"address not found");
}
if (x = env_get("VERIFYDEPTH")) {
scan_ulong(x,&u);
verifydepth = u;
}
if (x = env_get("CAFILE")) cafile = x;
if (cafile && str_equal(cafile,"")) cafile = 0;
if (x = env_get("CCAFILE")) ccafile = x;
if (ccafile && str_equal(ccafile,"")) ccafile = 0;
if (!flagclientcert) ccafile = 0;
if (x = env_get("CADIR")) cadir = x;
if (cadir && str_equal(cadir,"")) cadir= 0;
if (x = env_get("CERTCHAINFILE")) certchainfile = x;
if (certchainfile && str_equal(certchainfile,"")) certchainfile = 0;
if (x = env_get("CERTFILE")) certfile = x;
if (certfile && str_equal(certfile,"")) certfile = 0;
if (x = env_get("KEYFILE")) keyfile = x;
if (keyfile && str_equal(keyfile,"")) keyfile = 0;
if (x = env_get("DHFILE")) dhfile = x;
if (dhfile && str_equal(dhfile,"")) dhfile = 0;
if (x = env_get("CIPHERS")) ciphers = x;
if (ciphers && str_equal(ciphers,"")) ciphers = 0;
sig_block(sig_child);
sig_catch(sig_child,sigchld);
sig_catch(sig_term,sigterm);
sig_ignore(sig_pipe);
for (ai = localai; ai; ai = ai->ai_next) {
s = socket_tcp(ai->ai_family, ai->ai_protocol);
if (s == -1)
strerr_die2sys(111,FATAL,"unable to create socket: ");
if (socket_bind_reuse(s,ai) == -1)
strerr_die2sys(111,FATAL,"unable to bind: ");
if (socket_local(s,&localaddr,&localport) == -1)
strerr_die2sys(111,FATAL,"unable to get local address: ");
if (socket_listen(s,backlog) == -1)
strerr_die2sys(111,FATAL,"unable to listen: ");
break;
}
freeaddrinfo(localai); localai = NULL;
ndelay_off(s);
localportstr[fmt_ulong(localportstr,localport)] = 0;
if (flag1) {
buffer_init(&b,buffer_unixwrite,1,bspace,sizeof bspace);
buffer_puts(&b,localportstr);
buffer_puts(&b,"\n");
buffer_flush(&b);
}
if (flag3) read_passwd();
ctx = ssl_server();
ssl_errstr();
if (!ctx) strerr_die2x(111,FATAL,"unable to create SSL context");
if (certchainfile) {
switch (ssl_chainfile(ctx,certchainfile,keyfile,passwd_cb)) {
case -1: strerr_die2x(111,FATAL,"unable to load certificate chain file");
case -2: strerr_die2x(111,FATAL,"unable to load key");
case -3: strerr_die2x(111,FATAL,"key does not match certificate");
default: break;
}
}
else {
switch (ssl_certkey(ctx,certfile,keyfile,passwd_cb)) {
case -1: strerr_die2x(111,FATAL,"unable to load certificate");
case -2: strerr_die2x(111,FATAL,"unable to load key");
case -3: strerr_die2x(111,FATAL,"key does not match certificate");
default: break;
}
}
if (!ssl_ca(ctx,cafile,cadir,verifydepth))
strerr_die2x(111,FATAL,"unable to load CA list");
if (!ssl_cca(ctx,ccafile))
strerr_die2x(111,FATAL,"unable to load client CA list");
if (!ssl_params(ctx,dhfile,rsalen))
strerr_die2x(111,FATAL,"unable to set DH/RSA parameters");
if (!ssl_ciphers(ctx,ciphers))
strerr_die2x(111,FATAL,"unable to set cipher list");
if (verbosity >= 2) {
strnum[fmt_ulong(strnum,getpid())] = 0;
strnum2[fmt_ulong(strnum2,rsalen)] = 0;
strerr_warn4("sslserver: cafile ",strnum," ",cafile,0);
strerr_warn4("sslserver: ccafile ",strnum," ",ccafile,0);
strerr_warn4("sslserver: cadir ",strnum," ",cadir,0);
strerr_warn4("sslserver: chainfile ",strnum," ",certchainfile,0);
strerr_warn4("sslserver: cert ",strnum," ",certfile,0);
strerr_warn4("sslserver: key ",strnum," ",keyfile,0);
strerr_warn6("sslserver: param ",strnum," ",dhfile," ",strnum2,0);
}
close(0); open_read("/dev/null");
close(1); open_append("/dev/null");
printstatus();
for (;;) {
while (numchildren >= limit) sig_pause();
sig_unblock(sig_child);
t = socket_accept(s,&remoteaddr,&remoteport);
sig_block(sig_child);
if (t == -1) continue;
++numchildren; printstatus();
switch(fork()) {
case 0:
close(s);
doit(t);
strerr_die4sys(111,DROP,"unable to run ",*argv,": ");
case -1:
strerr_warn2(DROP,"unable to fork: ",&strerr_sys);
--numchildren; printstatus();
}
close(t);
}
}
int
main(int argc, char *argv[])
{
FILE *pfile, *gfile, *hfile, *mfile;
int qflag = 0, ch;
char *domain = NULL;
while ((ch = getopt(argc, argv, "d:g:h:m:p:P:q")) != -1)
switch (ch) {
case 'd':
domain = optarg;
break;
case 'g':
GroupFile = optarg;
break;
case 'h':
HostFile = optarg;
break;
case 'm':
NetidFile = optarg;
break;
case 'p':
PasswdFile = optarg;
break;
case 'P':
MasterPasswdFile = optarg;
break;
case 'q':
qflag = 1;
break;
default:
usage();
break;
}
if (argc > optind)
usage();
if (domain == NULL)
yp_get_default_domain(&domain);
pfile = fopen(PasswdFile, "r");
if (pfile == NULL)
pfile = fopen(MasterPasswdFile, "r");
if (pfile == NULL)
err(1, "%s", MasterPasswdFile);
gfile = fopen(GroupFile, "r");
if (gfile == NULL)
err(1, "%s", GroupFile);
hfile = fopen(HostFile, "r");
if (hfile == NULL)
err(1, "%s", HostFile);
mfile = fopen(NetidFile, "r");
read_passwd(pfile, PasswdFile);
read_group(gfile, GroupFile);
print_passwd_group(qflag, domain);
print_hosts(hfile, HostFile, domain);
if (mfile != NULL)
print_netid(mfile, NetidFile);
return 0;
}
