/* read a request message, returns <0 in case of errors, this function closes the socket */ static void handleconnection(int sock, MYLDAP_SESSION *session) { TFILE *fp; int32_t action; uid_t uid = (uid_t)-1; gid_t gid = (gid_t)-1; pid_t pid = (pid_t)-1; /* log connection */ if (getpeercred(sock, &uid, &gid, &pid)) log_log(LOG_DEBUG, "connection from unknown client: %s", strerror(errno)); else log_log(LOG_DEBUG, "connection from pid=%d uid=%d gid=%d", (int)pid, (int)uid, (int)gid); /* create a stream object */ if ((fp = tio_fdopen(sock, READ_TIMEOUT, WRITE_TIMEOUT, READBUFFER_MINSIZE, READBUFFER_MAXSIZE, WRITEBUFFER_MINSIZE, WRITEBUFFER_MAXSIZE)) == NULL) { log_log(LOG_WARNING, "cannot create stream for writing: %s", strerror(errno)); (void)close(sock); return; } /* read request */ if (read_header(fp, &action)) { (void)tio_close(fp); return; } /* handle request */ switch (action) { case NSLCD_ACTION_CONFIG_GET: (void)nslcd_config_get(fp, session); break; case NSLCD_ACTION_ALIAS_BYNAME: (void)nslcd_alias_byname(fp, session); break; case NSLCD_ACTION_ALIAS_ALL: (void)nslcd_alias_all(fp, session); break; case NSLCD_ACTION_ETHER_BYNAME: (void)nslcd_ether_byname(fp, session); break; case NSLCD_ACTION_ETHER_BYETHER: (void)nslcd_ether_byether(fp, session); break; case NSLCD_ACTION_ETHER_ALL: (void)nslcd_ether_all(fp, session); break; case NSLCD_ACTION_GROUP_BYNAME: (void)nslcd_group_byname(fp, session); break; case NSLCD_ACTION_GROUP_BYGID: (void)nslcd_group_bygid(fp, session); break; case NSLCD_ACTION_GROUP_BYMEMBER: (void)nslcd_group_bymember(fp, session); break; case NSLCD_ACTION_GROUP_ALL: (void)nslcd_group_all(fp, session); break; case NSLCD_ACTION_HOST_BYNAME: (void)nslcd_host_byname(fp, session); break; case NSLCD_ACTION_HOST_BYADDR: (void)nslcd_host_byaddr(fp, session); break; case NSLCD_ACTION_HOST_ALL: (void)nslcd_host_all(fp, session); break; case NSLCD_ACTION_NETGROUP_BYNAME: (void)nslcd_netgroup_byname(fp, session); break; case NSLCD_ACTION_NETGROUP_ALL: (void)nslcd_netgroup_all(fp, session); break; case NSLCD_ACTION_NETWORK_BYNAME: (void)nslcd_network_byname(fp, session); break; case NSLCD_ACTION_NETWORK_BYADDR: (void)nslcd_network_byaddr(fp, session); break; case NSLCD_ACTION_NETWORK_ALL: (void)nslcd_network_all(fp, session); break; case NSLCD_ACTION_PASSWD_BYNAME: (void)nslcd_passwd_byname(fp, session, uid); break; case NSLCD_ACTION_PASSWD_BYUID: (void)nslcd_passwd_byuid(fp, session, uid); break; case NSLCD_ACTION_PASSWD_ALL: (void)nslcd_passwd_all(fp, session, uid); break; case NSLCD_ACTION_PROTOCOL_BYNAME: (void)nslcd_protocol_byname(fp, session); break; case NSLCD_ACTION_PROTOCOL_BYNUMBER:(void)nslcd_protocol_bynumber(fp, session); break; case NSLCD_ACTION_PROTOCOL_ALL: (void)nslcd_protocol_all(fp, session); break; case NSLCD_ACTION_RPC_BYNAME: (void)nslcd_rpc_byname(fp, session); break; case NSLCD_ACTION_RPC_BYNUMBER: (void)nslcd_rpc_bynumber(fp, session); break; case NSLCD_ACTION_RPC_ALL: (void)nslcd_rpc_all(fp, session); break; case NSLCD_ACTION_SERVICE_BYNAME: (void)nslcd_service_byname(fp, session); break; case NSLCD_ACTION_SERVICE_BYNUMBER: (void)nslcd_service_bynumber(fp, session); break; case NSLCD_ACTION_SERVICE_ALL: (void)nslcd_service_all(fp, session); break; case NSLCD_ACTION_SHADOW_BYNAME: (void)nslcd_shadow_byname(fp, session, uid); break; case NSLCD_ACTION_SHADOW_ALL: (void)nslcd_shadow_all(fp, session, uid); break; case NSLCD_ACTION_PAM_AUTHC: (void)nslcd_pam_authc(fp, session, uid); break; case NSLCD_ACTION_PAM_AUTHZ: (void)nslcd_pam_authz(fp, session); break; case NSLCD_ACTION_PAM_SESS_O: (void)nslcd_pam_sess_o(fp, session); break; case NSLCD_ACTION_PAM_SESS_C: (void)nslcd_pam_sess_c(fp, session); break; case NSLCD_ACTION_PAM_PWMOD: (void)nslcd_pam_pwmod(fp, session, uid); break; case NSLCD_ACTION_USERMOD: (void)nslcd_usermod(fp, session, uid); break; default: log_log(LOG_WARNING, "invalid request id: 0x%08x", (unsigned int)action); break; } /* we're done with the request */ myldap_session_cleanup(session); (void)tio_close(fp); return; }
/* read a request message, returns <0 in case of errors, this function closes the socket */ static void handleconnection(nssov_info *ni,int sock,Operation *op) { TFILE *fp; int32_t action; struct timeval readtimeout,writetimeout; uid_t uid; gid_t gid; char authid[sizeof("gidNumber=4294967295+uidNumber=424967295,cn=peercred,cn=external,cn=auth")]; /* log connection */ if (lutil_getpeereid(sock,&uid,&gid)) Debug( LDAP_DEBUG_TRACE,"nssov: connection from unknown client: %s\n",strerror(errno),0,0); else Debug( LDAP_DEBUG_TRACE,"nssov: connection from uid=%d gid=%d\n", (int)uid,(int)gid,0); /* Should do authid mapping too */ op->o_dn.bv_len = sprintf(authid,"gidNumber=%d+uidNumber=%d,cn=peercred,cn=external,cn=auth", (int)uid, (int)gid ); op->o_dn.bv_val = authid; op->o_ndn = op->o_dn; /* set the timeouts */ readtimeout.tv_sec=0; /* clients should send their request quickly */ readtimeout.tv_usec=500000; writetimeout.tv_sec=5; /* clients could be taking some time to process the results */ writetimeout.tv_usec=0; /* create a stream object */ if ((fp=tio_fdopen(sock,&readtimeout,&writetimeout, READBUFFER_MINSIZE,READBUFFER_MAXSIZE, WRITEBUFFER_MINSIZE,WRITEBUFFER_MAXSIZE))==NULL) { Debug( LDAP_DEBUG_ANY,"nssov: cannot create stream for writing: %s",strerror(errno),0,0); (void)close(sock); return; } /* read request */ if (read_header(fp,&action)) { (void)tio_close(fp); return; } /* handle request */ switch (action) { case NSLCD_ACTION_ALIAS_BYNAME: (void)nssov_alias_byname(ni,fp,op); break; case NSLCD_ACTION_ALIAS_ALL: (void)nssov_alias_all(ni,fp,op); break; case NSLCD_ACTION_ETHER_BYNAME: (void)nssov_ether_byname(ni,fp,op); break; case NSLCD_ACTION_ETHER_BYETHER: (void)nssov_ether_byether(ni,fp,op); break; case NSLCD_ACTION_ETHER_ALL: (void)nssov_ether_all(ni,fp,op); break; case NSLCD_ACTION_GROUP_BYNAME: (void)nssov_group_byname(ni,fp,op); break; case NSLCD_ACTION_GROUP_BYGID: (void)nssov_group_bygid(ni,fp,op); break; case NSLCD_ACTION_GROUP_BYMEMBER: (void)nssov_group_bymember(ni,fp,op); break; case NSLCD_ACTION_GROUP_ALL: (void)nssov_group_all(ni,fp,op); break; case NSLCD_ACTION_HOST_BYNAME: (void)nssov_host_byname(ni,fp,op); break; case NSLCD_ACTION_HOST_BYADDR: (void)nssov_host_byaddr(ni,fp,op); break; case NSLCD_ACTION_HOST_ALL: (void)nssov_host_all(ni,fp,op); break; case NSLCD_ACTION_NETGROUP_BYNAME: (void)nssov_netgroup_byname(ni,fp,op); break; case NSLCD_ACTION_NETWORK_BYNAME: (void)nssov_network_byname(ni,fp,op); break; case NSLCD_ACTION_NETWORK_BYADDR: (void)nssov_network_byaddr(ni,fp,op); break; case NSLCD_ACTION_NETWORK_ALL: (void)nssov_network_all(ni,fp,op); break; case NSLCD_ACTION_PASSWD_BYNAME: (void)nssov_passwd_byname(ni,fp,op); break; case NSLCD_ACTION_PASSWD_BYUID: (void)nssov_passwd_byuid(ni,fp,op); break; case NSLCD_ACTION_PASSWD_ALL: (void)nssov_passwd_all(ni,fp,op); break; case NSLCD_ACTION_PROTOCOL_BYNAME: (void)nssov_protocol_byname(ni,fp,op); break; case NSLCD_ACTION_PROTOCOL_BYNUMBER:(void)nssov_protocol_bynumber(ni,fp,op); break; case NSLCD_ACTION_PROTOCOL_ALL: (void)nssov_protocol_all(ni,fp,op); break; case NSLCD_ACTION_RPC_BYNAME: (void)nssov_rpc_byname(ni,fp,op); break; case NSLCD_ACTION_RPC_BYNUMBER: (void)nssov_rpc_bynumber(ni,fp,op); break; case NSLCD_ACTION_RPC_ALL: (void)nssov_rpc_all(ni,fp,op); break; case NSLCD_ACTION_SERVICE_BYNAME: (void)nssov_service_byname(ni,fp,op); break; case NSLCD_ACTION_SERVICE_BYNUMBER: (void)nssov_service_bynumber(ni,fp,op); break; case NSLCD_ACTION_SERVICE_ALL: (void)nssov_service_all(ni,fp,op); break; case NSLCD_ACTION_SHADOW_BYNAME: if (uid==0) (void)nssov_shadow_byname(ni,fp,op); break; case NSLCD_ACTION_SHADOW_ALL: if (uid==0) (void)nssov_shadow_all(ni,fp,op); break; case NSLCD_ACTION_PAM_AUTHC: (void)pam_authc(ni,fp,op); break; case NSLCD_ACTION_PAM_AUTHZ: (void)pam_authz(ni,fp,op); break; case NSLCD_ACTION_PAM_SESS_O: if (uid==0) (void)pam_sess_o(ni,fp,op); break; case NSLCD_ACTION_PAM_SESS_C: if (uid==0) (void)pam_sess_c(ni,fp,op); break; case NSLCD_ACTION_PAM_PWMOD: (void)pam_pwmod(ni,fp,op); break; default: Debug( LDAP_DEBUG_ANY,"nssov: invalid request id: %d",(int)action,0,0); break; } /* we're done with the request */ (void)tio_close(fp); return; }