static NSS_STATUS
_nss_winbind_getpwent_solwrap (nss_backend_t* be, void *args)
{
NSS_STATUS ret;
char* buffer = NSS_ARGS(args)->buf.buffer;
int buflen = NSS_ARGS(args)->buf.buflen;
struct passwd* result = (struct passwd*) NSS_ARGS(args)->buf.result;
int* errnop = &NSS_ARGS(args)->erange;
char logmsg[80];
ret = _nss_winbind_getpwent_r(result, buffer,
buflen, errnop);
if(ret == NSS_STATUS_SUCCESS)
{
snprintf(logmsg, 79, "_nss_winbind_getpwent_solwrap: Returning user: %s\n",
result->pw_name);
NSS_DEBUG(logmsg);
NSS_ARGS(args)->returnval = (void*) result;
} else {
snprintf(logmsg, 79, "_nss_winbind_getpwent_solwrap: Returning error: %d.\n",ret);
NSS_DEBUG(logmsg);
}
return ret;
}
enum nss_status _nss_sqlite_getspnam_r(const char* name, struct spwd *spbuf,
char *buf, size_t buflen, int *errnop) {
sqlite3 *pDb;
struct sqlite3_stmt* pSquery;
int res;
struct spwd entry;
char* query;
NSS_DEBUG("getspnam_r: looking for user %s (shadow)\n", name);
if(sqlite3_open(NSS_SQLITE_SHADOW_DB, &pDb) != SQLITE_OK) {
NSS_ERROR(sqlite3_errmsg(pDb));
sqlite3_close(pDb);
return NSS_STATUS_UNAVAIL;
}
if(!(query = get_query(pDb, "getspnam_r")) ) {
NSS_ERROR(sqlite3_errmsg(pDb));
sqlite3_close(pDb);
return NSS_STATUS_UNAVAIL;
}
if(sqlite3_prepare(pDb, query, strlen(query), &pSquery, NULL) != SQLITE_OK) {
NSS_ERROR(sqlite3_errmsg(pDb));
free(query);
sqlite3_finalize(pSquery);
sqlite3_close(pDb);
return FALSE;
}
if(sqlite3_bind_text(pSquery, 1, name, -1, SQLITE_STATIC) != SQLITE_OK) {
NSS_DEBUG(sqlite3_errmsg(pDb));
free(query);
sqlite3_finalize(pSquery);
sqlite3_close(pDb);
return NSS_STATUS_UNAVAIL;
}
res = res2nss_status(sqlite3_step(pSquery), pDb, pSquery);
if(res != NSS_STATUS_SUCCESS) {
free(query);
return res;
}
fill_shadow_sql(&entry, pSquery);
res = fill_shadow(spbuf, buf, buflen, entry, errnop);
free(query);
sqlite3_finalize(pSquery);
sqlite3_close(pDb);
return res;
}
enum nss_status _nss_sqlite_getspnam_r(const char* name, struct spwd *spbuf,
char *buf, size_t buflen, int *errnop) {
sqlite3 *pDb;
int name_length;
int pw_length;
const unsigned char* pw;
struct sqlite3_stmt* pSt;
int res;
const char* sql = "SELECT passwd FROM shadow WHERE username = ?";
NSS_DEBUG("getspnam_r: looking for user %s (shadow)\n", name);
if(!open_and_prepare_sp(&pDb, &pSt, sql)) {
return NSS_STATUS_UNAVAIL;
}
if(sqlite3_bind_text(pSt, 1, name, -1, SQLITE_STATIC) != SQLITE_OK) {
NSS_DEBUG(sqlite3_errmsg(pDb));
sqlite3_finalize(pSt);
sqlite3_close(pDb);
return NSS_STATUS_UNAVAIL;
}
res = fetch_first(pDb, pSt);
if(res != NSS_STATUS_SUCCESS) {
return res;
}
/* SQLITE_ROW was returned, fetch data */
pw = sqlite3_column_text(pSt, 0);
name_length = strlen(name) + 1;
pw_length = strlen(pw) + 1;
if(buflen < name_length + pw_length) {
*errnop = ERANGE;
return NSS_STATUS_TRYAGAIN;
}
strcpy(buf, name);
spbuf->sp_namp = buf;
buf += name_length;
strcpy(buf, pw);
spbuf->sp_pwdp = buf;
spbuf->sp_lstchg = -1;
spbuf->sp_min = -1;
spbuf->sp_max = -1;
spbuf->sp_warn = -1;
spbuf->sp_inact = -1;
spbuf->sp_expire = -1;
sqlite3_finalize(pSt);
sqlite3_close(pDb);
return NSS_STATUS_SUCCESS;
}
static NSS_STATUS
_nss_winbind_group_destr (nss_backend_t* be, void* args)
{
SAFE_FREE(be);
NSS_DEBUG("_nss_winbind_group_destr");
return NSS_STATUS_SUCCESS;
}
/**
* Setup everything needed to retrieve shadow entries.
*/
enum nss_status _nss_sqlite_setspent(void) {
char* sql;
pthread_mutex_lock(&spent_mutex);
if(spent_data.pDb == NULL) {
NSS_DEBUG("setspent: opening DB connection\n");
if(sqlite3_open(NSS_SQLITE_SHADOW_DB, &spent_data.pDb) != SQLITE_OK) {
NSS_ERROR(sqlite3_errmsg(spent_data.pDb));
return NSS_STATUS_UNAVAIL;
}
if(!(sql = get_query(spent_data.pDb, "setspent")) ) {
NSS_ERROR(sqlite3_errmsg(spent_data.pDb));
sqlite3_close(spent_data.pDb);
return NSS_STATUS_UNAVAIL;
}
if(sqlite3_prepare(spent_data.pDb, sql, -1, &spent_data.pSt, NULL) != SQLITE_OK) {
NSS_ERROR(sqlite3_errmsg(spent_data.pDb));
sqlite3_finalize(spent_data.pSt);
sqlite3_close(spent_data.pDb);
free(sql);
return NSS_STATUS_UNAVAIL;
}
}
free(sql);
pthread_mutex_unlock(&spent_mutex);
return NSS_STATUS_SUCCESS;
}
static NSS_STATUS
_nss_winbind_getgroupsbymember_solwrap(nss_backend_t* be, void* args)
{
int errnop;
struct nss_groupsbymem *gmem = (struct nss_groupsbymem *)args;
long int numgids = gmem->numgids;
long int maxgids = gmem->maxgids;
NSS_DEBUG("_nss_winbind_getgroupsbymember");
_nss_winbind_initgroups_dyn(gmem->username,
gmem->gid_array[0], /* Primary Group */
&numgids,
&maxgids,
&gmem->gid_array,
gmem->maxgids,
&errnop);
gmem->numgids = numgids;
gmem->maxgids = maxgids;
/*
* If the maximum number of gids have been found, return
* SUCCESS so the switch engine will stop searching. Otherwise
* return NOTFOUND so nsswitch will continue to get groups
* from the remaining database backends specified in the
* nsswitch.conf file.
*/
return (gmem->numgids == gmem->maxgids ? NSS_STATUS_SUCCESS : NSS_STATUS_NOTFOUND);
}
enum nss_status _nss_filesplus_getgrent_r(struct group *gr, char *buffer,
size_t buflen, int *errnop)
{
NSS_DEBUG("filesplus: %s\n",__func__);
return internal_getgrent(gr, buffer, buflen, errnop, NULL, NULL);
}
enum nss_status _nss_filesplus_getgrgid_r(const gid_t gid, struct group *gr,
char *buffer, size_t buflen,
int *errnop)
{
NSS_DEBUG("filesplus: %s\n",__func__);
return internal_getgrent(gr, buffer, buflen, errnop,
(void *) &gid, cmpgid);
}
enum nss_status
_nss_sqlite_getspent_r(struct spwd *spbuf, char *buf,
size_t buflen, int *errnop) {
int res;
NSS_DEBUG("getspent_r\n");
pthread_mutex_lock(&spent_mutex);
if(spent_data.pDb == NULL) {
_nss_sqlite_setspent();
}
if(spent_data.try_again) {
res = fill_shadow(spbuf, buf, buflen, spent_data.entry, errnop);
/* buffer was long enough this time */
if(res != NSS_STATUS_TRYAGAIN || (*errnop) != ERANGE) {
spent_data.try_again = 0;
pthread_mutex_unlock(&spent_mutex);
return res;
}
}
res = res2nss_status(sqlite3_step(spent_data.pSt), spent_data.pDb, spent_data.pSt);
if(res != NSS_STATUS_SUCCESS) {
spent_data.pDb = NULL;
pthread_mutex_unlock(&spent_mutex);
return res;
}
fill_shadow_sql(&spent_data.entry, spent_data.pSt);
res = fill_shadow(spbuf, buf, buflen, spent_data.entry, errnop);
NSS_DEBUG("getspent_r: fetched user %s\n", spent_data.entry.sp_namp);
if(res == NSS_STATUS_TRYAGAIN && (*errnop) == ERANGE) {
/* cache result for next try */
spent_data.try_again = 1;
pthread_mutex_unlock(&spent_mutex);
return NSS_STATUS_TRYAGAIN;
}
pthread_mutex_unlock(&spent_mutex);
return NSS_STATUS_SUCCESS;
}
/*
* Free getspent resources.
*/
enum nss_status _nss_sqlite_endspent(void) {
NSS_DEBUG("endspent: finalizing shadow serial access facilities\n");
pthread_mutex_lock(&spent_mutex);
if(spent_data.pDb != NULL) {
sqlite3_finalize(spent_data.pSt);
sqlite3_close(spent_data.pDb);
spent_data.pDb = NULL;
}
pthread_mutex_unlock(&spent_mutex);
return NSS_STATUS_SUCCESS;
}
void get_config(CFG **cfg)
{
CFG *config;
FILE *file = fopen (FILENAME, "r");
char line[MAXBUF];
char *a, *b, *delim = "=";
if ((config = (CFG *)calloc(sizeof(CFG), 1)) == NULL) {
NSS_DEBUG("Unable to allocate memory to read conf file [%s]! \n",
FILENAME);
return;
}
if (file == NULL) {
NSS_DEBUG("Unable to open conf file [%s]\n", FILENAME);
return;
}
while(fgets(line, sizeof(line), file) != NULL) {
a = strtok(line, delim);
if (!a) {
NSS_DEBUG("Unable to find the option!\n");
return;
}
a = trim(a);
b = strtok(NULL, delim);
if (!b) {
NSS_DEBUG("Unable to find the value for [option=%s]!\n", a);
return;
}
b = trim(b);
set_option(a, b, config);
}
fclose(file);
*cfg = config;
return;
}
static void set_option(const char *option,
const char *value,
CFG *cfg)
{
if (!cfg) {
NSS_DEBUG("No configuration data to set to!\n");
return;
}
if (!strcmp(option, "database"))
cfg->database = strdup(value);
if (!strcmp(option, "user_table"))
cfg->user_table = strdup(value);
if (!strcmp(option, "user_table_uid_column"))
cfg->user_table_uid_column = strdup(value);
if (!strcmp(option, "user_table_userid_column"))
cfg->user_table_userid_column = strdup(value);
if (!strcmp(option, "user_table_passwd_column"))
cfg->user_table_passwd_column = strdup(value);
if (!strcmp(option, "user_table_name_column"))
cfg->user_table_name_column = strdup(value);
if (!strcmp(option, "user_table_expired_column"))
cfg->user_table_expired_column = strdup(value);
if (!strcmp(option, "user_table_newtok_column"))
cfg->user_table_newtok_column = strdup(value);
if (!strcmp(option, "user_table_email_column"))
cfg->user_table_email_column = strdup(value);
if (!strcmp(option, "user_table_shell_column"))
cfg->user_table_shell_column = strdup(value);
if (!strcmp(option, "user_table_homedir_column"))
cfg->user_table_homedir_column = strdup(value);
if (!strcmp(option, "group_table"))
cfg->group_table = strdup(value);
if (!strcmp(option, "group_table_gid_column"))
cfg->group_table_gid_column = strdup(value);
if (!strcmp(option, "group_table_groupid_colum "))
cfg->group_table_groupid_colum = strdup(value);
if (!strcmp(option, "user_group_map_table"))
cfg->user_group_map_table = strdup(value);
if (!strcmp(option, "user_group_map_groupid_column"))
cfg->user_group_map_groupid_column = strdup(value);
if (!strcmp(option, "user_group_map_userid_column"))
cfg->user_group_map_userid_column = strdup(value);
if (!strcmp(option, "pw_type"))
cfg->pw_type = strdup(value);
if (!strcmp(option, "debug"))
cfg->debug = strdup(value);
return;
}
nss_backend_t*
_nss_winbind_group_constr (const char* db_name,
const char* src_name,
const char* cfg_args)
{
nss_backend_t* be;
if(!(be = SMB_MALLOC_P(nss_backend_t)) )
return NULL;
be->ops = group_ops;
be->n_ops = sizeof(group_ops) / sizeof(nss_backend_op_t);
NSS_DEBUG("Initialized nss_winbind group backend");
return be;
}
enum nss_status _nss_socket_getpwuid_r(uid_t uid, struct passwd *pwbuf,
char *buf, size_t buflen, int *errnop) {
int res;
int fd;
NSS_DEBUG("getpwuid_r: looking for user #%d\n", uid);
res = open_passwd(&fd, errnop);
if(res != NSS_STATUS_SUCCESS) return res;
res = write_getpwuid(fd, uid, errnop);
if(res != NSS_STATUS_SUCCESS) return res;
res = read_getpwuid(fd, pwbuf, buf, buflen, errnop);
close_passwd(fd);
return res;
}
enum nss_status _nss_socket_getpwnam_r(const char* name, struct passwd *pwbuf,
char *buf, size_t buflen, int *errnop)
{
enum nss_status res;
int fd;
NSS_DEBUG("getpwnam_r: Looking for user %s\n", name);
res = open_passwd(&fd, errnop);
if(res != NSS_STATUS_SUCCESS) return res;
res = write_getpwnam(fd, name, errnop);
if(res != NSS_STATUS_SUCCESS) return res;
res = read_getpwnam(fd, pwbuf, buf, buflen, errnop);
close_passwd(fd);
return res;
}
static NSS_STATUS
_nss_winbind_getpwuid_solwrap(nss_backend_t* be, void* args)
{
NSS_STATUS ret;
struct passwd* result = (struct passwd*) NSS_ARGS(args)->buf.result;
NSS_DEBUG("_nss_winbind_getpwuid_solwrap");
ret = _nss_winbind_getpwuid_r (NSS_ARGS(args)->key.uid,
result,
NSS_ARGS(args)->buf.buffer,
NSS_ARGS(args)->buf.buflen,
&NSS_ARGS(args)->erange);
if(ret == NSS_STATUS_SUCCESS)
NSS_ARGS(args)->returnval = (void*) result;
return ret;
}
void free_config(CFG *cfg)
{
if (cfg->database)
free(cfg->database);
if (cfg->user_table)
free(cfg->user_table);
if (cfg->user_table_uid_column)
free(cfg->user_table_uid_column);
if (cfg->user_table_userid_column)
free(cfg->user_table_userid_column);
if (cfg->user_table_passwd_column)
free(cfg->user_table_passwd_column);
if (cfg->user_table_name_column)
free(cfg->user_table_name_column);
if (cfg->user_table_expired_column)
free(cfg->user_table_expired_column);
if (cfg->user_table_newtok_column)
free(cfg->user_table_newtok_column);
if (cfg->user_table_email_column)
free(cfg->user_table_email_column);
if (cfg->user_table_shell_column)
free(cfg->user_table_shell_column);
if (cfg->user_table_homedir_column)
free(cfg->user_table_homedir_column);
if (cfg->group_table)
free(cfg->group_table);
if (cfg->group_table_gid_column)
free(cfg->group_table_gid_column);
if (cfg->group_table_groupid_colum )
free(cfg->group_table_groupid_colum );
if (cfg->user_group_map_table)
free(cfg->user_group_map_table);
if (cfg->user_group_map_groupid_column)
free(cfg->user_group_map_groupid_column);
if (cfg->user_group_map_userid_column)
free(cfg->user_group_map_userid_column);
if (cfg->pw_type)
free(cfg->pw_type);
if (cfg->debug)
free(cfg->debug);
if (cfg)
free(cfg);
NSS_DEBUG("Free successful!\n");
return;
}
enum nss_status _nss_filesplus_endgrent(void)
{
NSS_DEBUG("filesplus: %s\n",__func__);
return internal_endent(&fgrent);
}
enum nss_status _nss_filesplus_initgroups_dyn(const char *user,
gid_t gid,
long int *start,
long int *size,
gid_t **groupsp,
long int limit,
int *errnop)
{
enum nss_status result = NSS_STATUS_SUCCESS;
struct group gr;
char *buffer;
size_t buffer_size;
int found_one = 0;
int i;
gid_t *groups = *groupsp;
NSS_DEBUG("filesplus: %s\n",__func__);
result = internal_setent(&fgrent);
if (result != NSS_STATUS_SUCCESS)
return result;
buffer_size = MAX_LINE_SIZE;
buffer = (char *) malloc(buffer_size);
while (result == NSS_STATUS_SUCCESS) {
result = internal_getgrent(&gr, buffer, buffer_size,
errnop, NULL, NULL);
if ((result == NSS_STATUS_TRYAGAIN) &&
( *errnop == ERANGE)) {
char *new_buf;
buffer_size = 2 * buffer_size;
new_buf = (char *) realloc(buffer, buffer_size);
if (new_buf == NULL) {
*errnop = errno;
result = NSS_STATUS_UNAVAIL;
break;
}
buffer = new_buf;
*errnop = 0;
result = NSS_STATUS_SUCCESS;
continue;
}
if (result != NSS_STATUS_SUCCESS)
continue;
if (gr.gr_gid == gid)
continue;
for (i = 0; ; i++) {
if (gr.gr_mem[i] == NULL)
break;
if (strcmp(gr.gr_mem[i], user) == 0) {
/* Matches user. Insert this group. */
if (*start == *size) {
/* Need a bigger buffer. */
if (limit > 0 && *size == limit)
/* We reached the maximum. */
goto out;
long int newsize;
if (limit <= 0)
newsize = 2 * *size;
else
newsize = MIN (limit, 2 * *size);
gid_t *newgroups = realloc (groups,
newsize * sizeof (*groups));
if (newgroups == NULL)
{
*errnop = ENOMEM;
result = NSS_STATUS_TRYAGAIN;
goto out;
}
*groupsp = groups = newgroups;
*size = newsize;
}
groups[*start] = gr.gr_gid;
*start += 1;
found_one = 1;
break;
}
}
}
out:
free(buffer);
internal_endent(&fgrent);
if (NSS_STATUS_NOTFOUND && found_one)
result = NSS_STATUS_SUCCESS;
return result;
}
enum nss_status
_nss_socket_getpwent_r(struct passwd *pwbuf, char *buf,
size_t buflen, int *errnop) {
NSS_DEBUG("Getting next pw entry\n");
return NSS_STATUS_UNAVAIL;
}
/*
* Free getpwent resources.
*/
enum nss_status _nss_socket_endpwent(void) {
NSS_DEBUG("Finishing pw functions\n");
return NSS_STATUS_SUCCESS;
}
/**
* Setup everything needed to retrieve passwd entries.
*/
enum nss_status _nss_socket_setpwent(void) {
NSS_DEBUG("Initializing pw functions\n");
return NSS_STATUS_SUCCESS;
}
void print_config(CFG *cfg)
{
if (!cfg) {
NSS_DEBUG("No configuration data to print!\n");
return;
}
if (cfg->database)
NSS_DEBUG("%30s -> %s\n", "database", cfg->database);
if (cfg->user_table)
NSS_DEBUG("%30s -> %s\n", "user_table",cfg->user_table);
if (cfg->user_table_uid_column)
NSS_DEBUG("%30s -> %s\n", "user_table_uid_column", cfg->user_table_uid_column);
if (cfg->user_table_userid_column)
NSS_DEBUG("%30s -> %s\n", "user_table_userid_column", cfg->user_table_userid_column);
if (cfg->user_table_passwd_column)
NSS_DEBUG("%30s -> %s\n", "user_table_userid_column", cfg->user_table_passwd_column);
if (cfg->user_table_name_column)
NSS_DEBUG("%30s -> %s\n", "user_table_name_column", cfg->user_table_name_column);
if (cfg->user_table_expired_column)
NSS_DEBUG("%30s -> %s\n", "user_table_expired_column", cfg->user_table_expired_column);
if (cfg->user_table_newtok_column)
NSS_DEBUG("%30s -> %s\n", "user_table_newtok_column", cfg->user_table_newtok_column);
if (cfg->user_table_email_column)
NSS_DEBUG("%30s -> %s\n", "user_table_email_column", cfg->user_table_email_column);
if (cfg->user_table_shell_column)
NSS_DEBUG("%30s -> %s\n", "user_table_shell_column", cfg->user_table_shell_column);
if (cfg->user_table_homedir_column)
NSS_DEBUG("%30s -> %s\n", "user_table_homedir_column", cfg->user_table_homedir_column);
if (cfg->group_table)
NSS_DEBUG("%30s -> %s\n", "group_table", cfg->group_table);
if (cfg->group_table_gid_column)
NSS_DEBUG("%30s -> %s\n", "group_table_gid_column", cfg->group_table_gid_column);
if (cfg->group_table_groupid_colum )
NSS_DEBUG("%30s -> %s\n", "group_table_groupid_colum", cfg->group_table_groupid_colum );
if (cfg->user_group_map_table)
NSS_DEBUG("%30s -> %s\n", "group_table_groupid_colum", cfg->user_group_map_table);
if (cfg->user_group_map_groupid_column)
NSS_DEBUG("%30s -> %s\n", "user_group_map_groupid_column", cfg->user_group_map_groupid_column);
if (cfg->user_group_map_userid_column)
NSS_DEBUG("%30s -> %s\n", "user_group_map_userid_column", cfg->user_group_map_userid_column);
if (cfg->pw_type)
NSS_DEBUG("%30s -> %s\n", "pw_type", cfg->pw_type);
if (cfg->debug)
NSS_DEBUG("%30s -> %s\n", "pw_type", cfg->debug);
return;
}
static NSS_STATUS
_nss_winbind_endpwent_solwrap (nss_backend_t * be, void *args)
{
NSS_DEBUG("_nss_winbind_endpwent_solwrap");
return _nss_winbind_endpwent();
}
