static enum nss_status
lookup (const char *name, const char *type, struct passwd *pwd,
char *buffer, size_t buflen, int *errnop)
{
struct parser_data *data = (void *) buffer;
size_t linebuflen;
void *context;
char **list;
int parse_res;
size_t len;
int olderr = errno;
context = _nss_hesiod_init ();
if (context == NULL)
return NSS_STATUS_UNAVAIL;
list = hesiod_resolve (context, name, type);
if (list == NULL)
{
int err = errno;
hesiod_end (context);
__set_errno (olderr);
return err == ENOENT ? NSS_STATUS_NOTFOUND : NSS_STATUS_UNAVAIL;
}
linebuflen = buffer + buflen - data->linebuffer;
len = strlen (*list) + 1;
if (linebuflen < len)
{
hesiod_free_list (context, list);
hesiod_end (context);
*errnop = ERANGE;
return NSS_STATUS_TRYAGAIN;
}
memcpy (data->linebuffer, *list, len);
hesiod_free_list (context, list);
hesiod_end (context);
parse_res = _nss_files_parse_pwent (buffer, pwd, data, buflen, errnop);
if (parse_res < 1)
{
__set_errno (olderr);
return parse_res == -1 ? NSS_STATUS_TRYAGAIN : NSS_STATUS_NOTFOUND;
}
return NSS_STATUS_SUCCESS;
}
static enum nss_status
internal_nis_getpwent_r (struct passwd *pwd, char *buffer, size_t buflen,
int *errnop)
{
/* If we read the entire database at setpwent time we just iterate
over the data we have in memory. */
bool batch_read = intern.start != NULL;
char *domain = NULL;
if (!batch_read && __builtin_expect (yp_get_default_domain (&domain), 0))
return NSS_STATUS_UNAVAIL;
/* Get the next entry until we found a correct one. */
int parse_res;
do
{
char *result;
char *outkey;
int len;
int keylen;
if (batch_read)
{
struct response_t *bucket;
handle_batch_read:
bucket = intern.next;
if (__glibc_unlikely (intern.offset >= bucket->size))
{
if (bucket->next == NULL)
return NSS_STATUS_NOTFOUND;
/* We look at all the content in the current bucket. Go on
to the next. */
bucket = intern.next = bucket->next;
intern.offset = 0;
}
for (result = &bucket->mem[intern.offset]; isspace (*result);
++result)
++intern.offset;
len = strlen (result);
}
else
{
int yperr;
if (new_start)
{
/* Maybe we should read the database in one piece. */
if ((_nsl_default_nss () & NSS_FLAG_SETENT_BATCH_READ)
&& internal_nis_setpwent () == NSS_STATUS_SUCCESS
&& intern.start != NULL)
{
batch_read = true;
goto handle_batch_read;
}
yperr = yp_first (domain, "passwd.byname", &outkey, &keylen,
&result, &len);
}
else
yperr = yp_next (domain, "passwd.byname", oldkey, oldkeylen,
&outkey, &keylen, &result, &len);
if (__glibc_unlikely (yperr != YPERR_SUCCESS))
{
enum nss_status retval = yperr2nss (yperr);
if (retval == NSS_STATUS_TRYAGAIN)
*errnop = errno;
return retval;
}
}
/* Check for adjunct style secret passwords. They can be
recognized by a password starting with "##". We do not use
it if the passwd.adjunct.byname table is supposed to be used
as a shadow.byname replacement. */
char *p = strchr (result, ':');
size_t namelen;
char *result2;
int len2;
if ((_nsl_default_nss () & NSS_FLAG_ADJUNCT_AS_SHADOW) == 0
&& p != NULL /* This better should be true in all cases. */
&& p[1] == '#' && p[2] == '#'
&& (namelen = p - result,
yp_match (domain, "passwd.adjunct.byname", result, namelen,
&result2, &len2)) == YPERR_SUCCESS)
{
/* We found a passwd.adjunct.byname entry. Merge encrypted
password therein into original result. */
char *encrypted = strchr (result2, ':');
char *endp;
size_t restlen;
if (encrypted == NULL
|| (endp = strchr (++encrypted, ':')) == NULL
|| (p = strchr (p + 1, ':')) == NULL)
{
/* Invalid format of the entry. This never should happen
unless the data from which the NIS table is generated is
wrong. We simply ignore it. */
free (result2);
goto non_adjunct;
}
restlen = len - (p - result);
if (__builtin_expect ((size_t) (namelen + (endp - encrypted)
+ restlen + 2) > buflen, 0))
{
free (result2);
free (result);
*errnop = ERANGE;
return NSS_STATUS_TRYAGAIN;
}
mempcpy (mempcpy (mempcpy (mempcpy (buffer, result, namelen),
":", 1),
encrypted, endp - encrypted),
p, restlen + 1);
p = buffer;
free (result2);
}
else
{
non_adjunct:
if (__glibc_unlikely ((size_t) (len + 1) > buflen))
{
free (result);
*errnop = ERANGE;
return NSS_STATUS_TRYAGAIN;
}
p = buffer;
*((char *) mempcpy (buffer, result, len)) = '\0';
}
while (isspace (*p))
++p;
if (!batch_read)
free (result);
parse_res = _nss_files_parse_pwent (p, pwd, (void *) buffer, buflen,
errnop);
if (__glibc_unlikely (parse_res == -1))
{
if (!batch_read)
free (outkey);
*errnop = ERANGE;
return NSS_STATUS_TRYAGAIN;
}
if (batch_read)
intern.offset += len + 1;
else
{
free (oldkey);
oldkey = outkey;
oldkeylen = keylen;
new_start = false;
}
}
while (parse_res < 1);
return NSS_STATUS_SUCCESS;
}
enum nss_status
_nss_nis_getpwuid_r (uid_t uid, struct passwd *pwd,
char *buffer, size_t buflen, int *errnop)
{
char *domain;
if (__glibc_unlikely (yp_get_default_domain (&domain)))
return NSS_STATUS_UNAVAIL;
char buf[32];
int nlen = snprintf (buf, sizeof (buf), "%lu", (unsigned long int) uid);
char *result;
int len;
int yperr = yp_match (domain, "passwd.byuid", buf, nlen, &result, &len);
if (__glibc_unlikely (yperr != YPERR_SUCCESS))
{
enum nss_status retval = yperr2nss (yperr);
if (retval == NSS_STATUS_TRYAGAIN)
*errnop = errno;
return retval;
}
/* Check for adjunct style secret passwords. They can be recognized
by a password starting with "##". We do not use it if the
passwd.adjunct.byname table is supposed to be used as a shadow.byname
replacement. */
char *result2;
int len2;
size_t namelen;
char *p = strchr (result, ':');
if ((_nsl_default_nss () & NSS_FLAG_ADJUNCT_AS_SHADOW) == 0
&& p != NULL /* This better should be true in all cases. */
&& p[1] == '#' && p[2] == '#'
&& (namelen = p - result,
yp_match (domain, "passwd.adjunct.byname", result, namelen,
&result2, &len2)) == YPERR_SUCCESS)
{
/* We found a passwd.adjunct.byname entry. Merge encrypted password
therein into original result. */
char *encrypted = strchr (result2, ':');
char *endp;
size_t restlen;
if (encrypted == NULL
|| (endp = strchr (++encrypted, ':')) == NULL
|| (p = strchr (p + 1, ':')) == NULL)
{
/* Invalid format of the entry. This never should happen
unless the data from which the NIS table is generated is
wrong. We simply ignore it. */
free (result2);
goto non_adjunct;
}
restlen = len - (p - result);
if (__builtin_expect ((size_t) (namelen + (endp - encrypted)
+ restlen + 2) > buflen, 0))
{
free (result2);
free (result);
*errnop = ERANGE;
return NSS_STATUS_TRYAGAIN;
}
__mempcpy (__mempcpy (__mempcpy (__mempcpy (buffer, result, namelen),
":", 1),
encrypted, endp - encrypted),
p, restlen + 1);
p = buffer;
free (result2);
}
else
{
non_adjunct:
if (__glibc_unlikely ((size_t) (len + 1) > buflen))
{
free (result);
*errnop = ERANGE;
return NSS_STATUS_TRYAGAIN;
}
p = strncpy (buffer, result, len);
buffer[len] = '\0';
}
while (isspace (*p))
++p;
free (result);
int parse_res = _nss_files_parse_pwent (p, pwd, (void *) buffer, buflen,
errnop);
if (__glibc_unlikely (parse_res < 1))
{
if (parse_res == -1)
return NSS_STATUS_TRYAGAIN;
else
return NSS_STATUS_NOTFOUND;
}
else
return NSS_STATUS_SUCCESS;
}
enum nss_status
_nss_nis_getpwnam_r (const char *name, struct passwd *pwd,
char *buffer, size_t buflen, int *errnop)
{
if (name == NULL)
{
*errnop = EINVAL;
return NSS_STATUS_UNAVAIL;
}
char *domain;
if (__builtin_expect (yp_get_default_domain (&domain), 0))
return NSS_STATUS_UNAVAIL;
size_t namelen = strlen (name);
char *result;
int len;
int yperr = yp_match (domain, "passwd.byname", name, namelen, &result, &len);
if (__builtin_expect (yperr != YPERR_SUCCESS, 0))
{
enum nss_status retval = yperr2nss (yperr);
if (retval == NSS_STATUS_TRYAGAIN)
*errnop = errno;
return retval;
}
/* Check for adjunct style secret passwords. They can be recognized
by a password starting with "##". */
char *result2;
int len2;
char *p = strchr (result, ':');
if (p != NULL /* This better should be true in all cases. */
&& p[1] == '#' && p[2] == '#'
&& yp_match (domain, "passwd.adjunct.byname", name, namelen,
&result2, &len2) == YPERR_SUCCESS)
{
/* We found a passwd.adjunct entry. Merge encrypted password
therein into original result. */
char *encrypted = strchr (result2, ':');
char *endp;
if (encrypted == NULL
|| (endp = strchr (++encrypted, ':')) == NULL
|| (p = strchr (p + 1, ':')) == NULL)
{
/* Invalid format of the entry. This never should happen
unless the data from which the NIS table is generated is
wrong. We simply ignore it. */
free (result2);
goto non_adjunct;
}
size_t restlen = len - (p - result);
if (__builtin_expect ((size_t) (namelen + (endp - encrypted)
+ restlen + 2) > buflen, 0))
{
free (result2);
free (result);
*errnop = ERANGE;
return NSS_STATUS_TRYAGAIN;
}
__mempcpy (__mempcpy (__mempcpy (__mempcpy (buffer, name, namelen),
":", 1),
encrypted, endp - encrypted),
p, restlen + 1);
p = buffer;
free (result2);
}
else
{
non_adjunct:
if (__builtin_expect ((size_t) (len + 1) > buflen, 0))
{
free (result);
*errnop = ERANGE;
return NSS_STATUS_TRYAGAIN;
}
p = strncpy (buffer, result, len);
buffer[len] = '\0';
}
while (isspace (*p))
++p;
free (result);
int parse_res = _nss_files_parse_pwent (p, pwd, (void *) buffer, buflen,
errnop);
if (__builtin_expect (parse_res < 1, 0))
{
if (parse_res == -1)
return NSS_STATUS_TRYAGAIN;
else
return NSS_STATUS_NOTFOUND;
}
else
return NSS_STATUS_SUCCESS;
}
