enum nss_status _nss_nisplus_getgrnam_r (const char *name, struct group *gr, char *buffer, size_t buflen, int *errnop) { int parse_res; if (grp_tablename_val == NULL) { enum nss_status status = _nss_grp_create_tablename (errnop); if (status != NSS_STATUS_SUCCESS) return status; } if (name == NULL) { *errnop = EINVAL; return NSS_STATUS_NOTFOUND; } nis_result *result; char buf[strlen (name) + 9 + grp_tablename_len]; int olderr = errno; snprintf (buf, sizeof (buf), "[name=%s],%s", name, grp_tablename_val); result = nis_list (buf, FOLLOW_LINKS | FOLLOW_PATH, NULL, NULL); if (result == NULL) { *errnop = ENOMEM; return NSS_STATUS_TRYAGAIN; } if (__glibc_unlikely (niserr2nss (result->status) != NSS_STATUS_SUCCESS)) { enum nss_status status = niserr2nss (result->status); nis_freeresult (result); return status; } parse_res = _nss_nisplus_parse_grent (result, gr, buffer, buflen, errnop); nis_freeresult (result); if (__glibc_unlikely (parse_res < 1)) { if (parse_res == -1) { *errnop = ERANGE; return NSS_STATUS_TRYAGAIN; } else { __set_errno (olderr); return NSS_STATUS_NOTFOUND; } } return NSS_STATUS_SUCCESS; }
static enum nss_status internal_nisplus_getspent_r (struct spwd *sp, char *buffer, size_t buflen, int *errnop) { int parse_res; /* Get the next entry until we found a correct one. */ do { nis_result *saved_res; if (result == NULL) { saved_res = NULL; if (tablename_val == NULL) { enum nss_status status = _nss_create_tablename (errnop); if (status != NSS_STATUS_SUCCESS) return status; } result = nis_first_entry (tablename_val); if (niserr2nss (result->status) != NSS_STATUS_SUCCESS) return niserr2nss (result->status); } else { nis_result *res; saved_res = result; res = nis_next_entry (tablename_val, &result->cookie); result = res; if (niserr2nss (result->status) != NSS_STATUS_SUCCESS) { nis_freeresult (saved_res); return niserr2nss (result->status); } } parse_res = _nss_nisplus_parse_spent (result, sp, buffer, buflen, errnop); if (parse_res == -1) { nis_freeresult (result); result = saved_res; *errnop = ERANGE; return NSS_STATUS_TRYAGAIN; } else { if (saved_res) nis_freeresult (saved_res); } } while (!parse_res); return NSS_STATUS_SUCCESS; }
enum nss_status _nss_nisplus_getpwuid_r (const uid_t uid, struct passwd *pw, char *buffer, size_t buflen, int *errnop) { if (pwd_tablename_val == NULL) { enum nss_status status = _nss_pwd_create_tablename (errnop); if (status != NSS_STATUS_SUCCESS) return status; } int parse_res; nis_result *result; char buf[8 + 3 * sizeof (unsigned long int) + pwd_tablename_len]; int olderr = errno; snprintf (buf, sizeof (buf), "[uid=%lu],%s", (unsigned long int) uid, pwd_tablename_val); result = nis_list (buf, FOLLOW_PATH | FOLLOW_LINKS | USE_DGRAM, NULL, NULL); if (result == NULL) { *errnop = ENOMEM; return NSS_STATUS_TRYAGAIN; } if (niserr2nss (result->status) != NSS_STATUS_SUCCESS) { enum nss_status status = niserr2nss (result->status); errno = olderr; nis_freeresult (result); return status; } parse_res = _nss_nisplus_parse_pwent (result, pw, buffer, buflen, errnop); nis_freeresult (result); if (parse_res < 1) { if (parse_res == -1) { *errnop = ERANGE; return NSS_STATUS_TRYAGAIN; } else { errno = olderr; return NSS_STATUS_NOTFOUND; } } return NSS_STATUS_SUCCESS; }
enum nss_status _nss_nisplus_gethostton_r (const char *name, struct etherent *eth, char *buffer, size_t buflen, int *errnop) { if (tablename_val == NULL) { enum nss_status status = _nss_create_tablename (errnop); if (status != NSS_STATUS_SUCCESS) return status; } if (name == NULL) { *errnop = EINVAL; return NSS_STATUS_UNAVAIL; } char buf[strlen (name) + 9 + tablename_len]; int olderr = errno; snprintf (buf, sizeof (buf), "[name=%s],%s", name, tablename_val); nis_result *result = nis_list (buf, FOLLOW_PATH | FOLLOW_LINKS | USE_DGRAM, NULL, NULL); if (result == NULL) { *errnop = ENOMEM; return NSS_STATUS_TRYAGAIN; } if (__glibc_unlikely (niserr2nss (result->status) != NSS_STATUS_SUCCESS)) { enum nss_status status = niserr2nss (result->status); nis_freeresult (result); return status; } int parse_res = _nss_nisplus_parse_etherent (result, eth, buffer, buflen, errnop); /* We do not need the lookup result anymore. */ nis_freeresult (result); if (__glibc_unlikely (parse_res < 1)) { __set_errno (olderr); if (parse_res == -1) return NSS_STATUS_TRYAGAIN; return NSS_STATUS_NOTFOUND; } return NSS_STATUS_SUCCESS; }
enum nss_status _nss_nisplus_getgrgid_r (const gid_t gid, struct group *gr, char *buffer, size_t buflen, int *errnop) { if (grp_tablename_val == NULL) { enum nss_status status = _nss_grp_create_tablename (errnop); if (status != NSS_STATUS_SUCCESS) return status; } int parse_res; nis_result *result; char buf[8 + 3 * sizeof (unsigned long int) + grp_tablename_len]; int olderr = errno; snprintf (buf, sizeof (buf), "[gid=%lu],%s", (unsigned long int) gid, grp_tablename_val); result = nis_list (buf, FOLLOW_PATH | FOLLOW_LINKS, NULL, NULL); if (result == NULL) { *errnop = ENOMEM; return NSS_STATUS_TRYAGAIN; } if (__glibc_unlikely (niserr2nss (result->status) != NSS_STATUS_SUCCESS)) { enum nss_status status = niserr2nss (result->status); __set_errno (olderr); nis_freeresult (result); return status; } parse_res = _nss_nisplus_parse_grent (result, gr, buffer, buflen, errnop); nis_freeresult (result); if (__glibc_unlikely (parse_res < 1)) { __set_errno (olderr); if (parse_res == -1) { *errnop = ERANGE; return NSS_STATUS_TRYAGAIN; } else return NSS_STATUS_NOTFOUND; } return NSS_STATUS_SUCCESS; }
nis_result * nis_checkpoint (const_nis_name dirname) { nis_result *res; res = calloc (1, sizeof (nis_result)); if (res == NULL) return NULL; if (dirname != NULL) { nis_result *res2; u_int i; res2 = nis_lookup (dirname, EXPAND_NAME); if (NIS_RES_STATUS (res2) != NIS_SUCCESS) { free (res); return res2; } /* Check if obj is really a diryectory object */ if (__type_of (NIS_RES_OBJECT (res2)) != NIS_DIRECTORY_OBJ) { nis_freeresult (res2); NIS_RES_STATUS (res) = NIS_INVALIDOBJ; return res; } for (i = 0; i < NIS_RES_OBJECT (res2)->DI_data.do_servers.do_servers_len; ++i) { cp_result cpres; memset (&cpres, '\0', sizeof (cp_result)); if (__do_niscall2 (&NIS_RES_OBJECT(res2)->DI_data.do_servers.do_servers_val[i], 1, NIS_CHECKPOINT, (xdrproc_t) _xdr_nis_name, (caddr_t) &dirname, (xdrproc_t) _xdr_cp_result, (caddr_t) &cpres, 0, NULL) != NIS_SUCCESS) NIS_RES_STATUS (res) = NIS_RPCERROR; else { NIS_RES_STATUS (res) = cpres.cp_status; res->zticks += cpres.cp_zticks; res->dticks += cpres.cp_dticks; } } nis_freeresult (res2); } else NIS_RES_STATUS (res) = NIS_NOSUCHNAME; return res; }
enum nss_status _nss_nisplus_getpwnam_r (const char *name, struct passwd *pw, char *buffer, size_t buflen, int *errnop) { int parse_res; if (tablename_val == NULL) { enum nss_status status = _nss_create_tablename (errnop); if (status != NSS_STATUS_SUCCESS) return status; } if (name == NULL) { *errnop = EINVAL; return NSS_STATUS_UNAVAIL; } else { nis_result *result; char buf[strlen (name) + 24 + tablename_len]; sprintf (buf, "[name=%s],%s", name, tablename_val); result = nis_list(buf, FOLLOW_PATH | FOLLOW_LINKS, NULL, NULL); if (niserr2nss (result->status) != NSS_STATUS_SUCCESS) { enum nss_status status = niserr2nss (result->status); nis_freeresult (result); return status; } parse_res = _nss_nisplus_parse_pwent (result, pw, buffer, buflen, errnop); nis_freeresult (result); if (parse_res < 1) { if (parse_res == -1) { *errnop = ERANGE; return NSS_STATUS_TRYAGAIN; } else return NSS_STATUS_NOTFOUND; } return NSS_STATUS_SUCCESS; } }
nis_error nis_destroygroup (const_nis_name group) { if (group != NULL && group[0] != '\0') { size_t grouplen = strlen (group); char buf[grouplen + 50]; char leafbuf[grouplen + 3]; char domainbuf[grouplen + 3]; nis_error status; nis_result *res; char *cp, *cp2; cp = stpcpy (buf, nis_leaf_of_r (group, leafbuf, sizeof (leafbuf) - 1)); cp = stpcpy (cp, ".groups_dir"); cp2 = nis_domain_of_r (group, domainbuf, sizeof (domainbuf) - 1); if (cp2 != NULL && cp2[0] != '\0') { *cp++ = '.'; stpcpy (cp, cp2); } res = nis_remove (buf, NULL); status = NIS_RES_STATUS (res); nis_freeresult (res); return status; } else return NIS_FAIL; }
static void internal_endnetgrent (struct __netgrent *netgrp) { nis_freeresult ((nis_result *) netgrp->data); netgrp->data = NULL; netgrp->data_size = 0; netgrp->position = 0; }
void nis_ping (const_nis_name dirname, unsigned int utime, const nis_object *dirobj) { nis_result *res = NULL; nis_object *obj; ping_args args; unsigned int i; if (dirname == NULL && dirobj == NULL) abort (); if (dirobj == NULL) { res = nis_lookup (dirname, MASTER_ONLY); if (res == NULL || NIS_RES_STATUS (res) != NIS_SUCCESS) { nis_freeresult (res); return; } obj = res->objects.objects_val; } else obj = (nis_object *) dirobj; /* Check if obj is really a diryectory object */ if (__type_of (obj) != NIS_DIRECTORY_OBJ) { nis_freeresult (res); return; } if (dirname == NULL) args.dir = obj->DI_data.do_name; else args.dir = (char *) dirname; args.stamp = utime; /* Send the ping only to replicas */ for (i = 1; i < obj->DI_data.do_servers.do_servers_len; ++i) __do_niscall2 (&obj->DI_data.do_servers.do_servers_val[i], 1, NIS_PING, (xdrproc_t) _xdr_ping_args, (caddr_t) &args, (xdrproc_t) xdr_void, (caddr_t) NULL, 0, NULL); nis_freeresult (res); }
enum nss_status _nss_nisplus_endspent (void) { __libc_lock_lock (lock); if (result) nis_freeresult (result); result = NULL; __libc_lock_unlock (lock); return NSS_STATUS_SUCCESS; }
int nisplus_reload(mnt_map *m, char *map, void (*fn) ()) { int error = 0; struct nis_callback_data data; nis_result *result; char *org; /* if map does not have ".org_dir" then append it */ nis_name map_name; size_t l; org = strstr(map, NISPLUS_ORGDIR); if (org == NULL) org = NISPLUS_ORGDIR; else org = ""; /* make some room for the NIS map_name */ l = strlen(map) + sizeof(NISPLUS_ORGDIR); map_name = xmalloc(l); if (map_name == NULL) { plog(XLOG_ERROR, "Unable to create map_name %s: %s", map, strerror(ENOMEM)); return ENOMEM; } xsnprintf(map_name, l, "%s%s", map, org); data.ncd_m = m; data.ncd_map = map_name; data.ncd_fn = fn; dlog("NISplus reload for %s", map); result = nis_list(map_name, EXPAND_NAME | FOLLOW_LINKS | FOLLOW_PATH, (int (*)()) nisplus_callback, &data); /* free off the NIS map_name */ XFREE(map_name); if (result->status != NIS_SUCCESS && result->status != NIS_CBRESULTS) error = 1; if (error) plog(XLOG_ERROR, "error grabbing nisplus map of %s: %s", map, nis_sperrno(result->status)); nis_freeresult(result); return error; }
/* Check that someone else don't have the same auth information already */ static nis_error auth_exists(char *princname, char *auth_name, char *auth_type, char *domain) { char sname[NIS_MAXNAMELEN+MAXHOSTNAMELEN+64]; nis_result *res; nis_error status; char *foundprinc; (void) sprintf(sname, "[auth_name=%s,auth_type=%s],%s.%s", auth_name, auth_type, CRED_TABLE, domain); if (sname[strlen(sname)-1] != '.') strcat(sname, "."); /* Don't want FOLLOW_PATH here */ res = nis_list(sname, MASTER_ONLY+USE_DGRAM+NO_AUTHINFO+FOLLOW_LINKS, NULL, NULL); status = res->status; switch (res->status) { case NIS_NOTFOUND: break; case NIS_TRYAGAIN : (void) fprintf(stderr, "%s: NIS+ server busy, try again later.\n", program_name); exit(1); case NIS_PERMISSION : (void) fprintf(stderr, "%s: insufficient permission to look up old credentials.\n", program_name); exit(1); case NIS_SUCCESS: foundprinc = ENTRY_VAL(res->objects.objects_val, 0); if (nis_dir_cmp(foundprinc, princname) != SAME_NAME) { (void) fprintf(stderr, "%s: %s credentials with auth_name '%s' already belong to '%s'.\n", program_name, auth_type, auth_name, foundprinc); exit(1); } break; default: (void) fprintf(stderr, "%s: error looking at cred table, NIS+ error: %s\n", program_name, nis_sperrno(res->status)); exit(1); } nis_freeresult(res); return (status); }
nis_name nis_local_principal (void) { static char __principal[NIS_MAXNAMELEN + 1]; if (__principal[0] == '\0') { char buf[NIS_MAXNAMELEN + 1]; nis_result *res; uid_t uid = geteuid (); if (uid != 0) { int len = snprintf (buf, NIS_MAXNAMELEN - 1, "[auth_name=%d,auth_type=LOCAL],cred.org_dir.%s", uid, nis_local_directory ()); if (len >= NIS_MAXNAMELEN - 1) nobody: /* XXX The buffer is too small. Can this happen??? */ return strcpy (__principal, "nobody"); if (buf[len - 1] != '.') { buf[len++] = '.'; buf[len] = '\0'; } res = nis_list (buf, USE_DGRAM + NO_AUTHINFO + FOLLOW_LINKS + FOLLOW_PATH, NULL, NULL); if (res == NULL) goto nobody; if (NIS_RES_STATUS (res) == NIS_SUCCESS) { if (res->objects.objects_len > 1) { /* More than one principal with same uid? something wrong with cred table. Should be unique. Warn user and continue. */ printf (_("\ LOCAL entry for UID %d in directory %s not unique\n"), uid, nis_local_directory ()); } strcpy (__principal, ENTRY_VAL (res->objects.objects_val, 0)); nis_freeresult (res); return __principal; }
int nisplus_init(mnt_map *m, char *map, time_t *tp) { nis_result *result; char *org; /* if map does not have ".org_dir" then append it */ nis_name map_name; int error = 0; size_t l; org = strstr(map, NISPLUS_ORGDIR); if (org == NULL) org = NISPLUS_ORGDIR; else org = ""; /* make some room for the NIS map_name */ l = strlen(map) + sizeof(NISPLUS_ORGDIR); map_name = xmalloc(l); if (map_name == NULL) { plog(XLOG_ERROR, "Unable to create map_name %s: %s", map, strerror(ENOMEM)); return ENOMEM; } xsnprintf(map_name, l, "%s%s", map, org); result = nis_lookup(map_name, (EXPAND_NAME | FOLLOW_LINKS | FOLLOW_PATH)); /* free off the NIS map_name */ XFREE(map_name); if (result == NULL) { plog(XLOG_ERROR, "NISplus init <%s>: %s", map, strerror(ENOMEM)); return ENOMEM; } if (result->status != NIS_SUCCESS) { dlog("NISplus init <%s>: %s (%d)", map, nis_sperrno(result->status), result->status); error = ENOENT; } *tp = 0; /* no time */ nis_freeresult(result); return error; }
enum nss_status _nss_nisplus_setspent (int stayopen) { enum nss_status status = NSS_STATUS_SUCCESS; int err; __libc_lock_lock (lock); if (result) nis_freeresult (result); result = NULL; if (tablename_val == NULL) status = _nss_create_tablename (&err); __libc_lock_unlock (lock); return NSS_STATUS_SUCCESS; }
enum nss_status _nss_nisplus_setetherent (int stayopen) { enum nss_status status; int err; status = NSS_STATUS_SUCCESS; __libc_lock_lock (lock); if (result != NULL) { nis_freeresult (result); result = NULL; } if (_nss_create_tablename (&err) != NSS_STATUS_SUCCESS) status = NSS_STATUS_UNAVAIL; __libc_lock_unlock (lock); return status; }
nis_result * nis_lookup (const_nis_name name, const unsigned int flags) { nis_result *res = calloc (1, sizeof (nis_result)); struct ns_request req; nis_name *names; nis_error status; int link_first_try = 0; int count_links = 0; /* We will follow only 16 links in the deep */ int done = 0; int name_nr = 0; nis_name namebuf[2] = {NULL, NULL}; if (res == NULL) return NULL; if ((flags & EXPAND_NAME) && (name[strlen (name) - 1] != '.')) { names = nis_getnames (name); if (names == NULL) { NIS_RES_STATUS (res) = NIS_NAMEUNREACHABLE; return res; } } else { names = namebuf; names[0] = (nis_name)name; } req.ns_name = names[0]; while (!done) { dir_binding bptr; directory_obj *dir = NULL; req.ns_object.ns_object_len = 0; req.ns_object.ns_object_val = NULL; status = __nisfind_server (req.ns_name, &dir); if (status != NIS_SUCCESS) { NIS_RES_STATUS (res) = status; return res; } status = __nisbind_create (&bptr, dir->do_servers.do_servers_val, dir->do_servers.do_servers_len, flags); if (status != NIS_SUCCESS) { NIS_RES_STATUS (res) = status; nis_free_directory (dir); return res; } while (__nisbind_connect (&bptr) != NIS_SUCCESS) { if (__nisbind_next (&bptr) != NIS_SUCCESS) { __nisbind_destroy (&bptr); nis_free_directory (dir); NIS_RES_STATUS (res) = NIS_NAMEUNREACHABLE; return res; } } do { static struct timeval RPCTIMEOUT = {10, 0}; enum clnt_stat result; again: result = clnt_call (bptr.clnt, NIS_LOOKUP, (xdrproc_t) _xdr_ns_request, (caddr_t) &req, (xdrproc_t) _xdr_nis_result, (caddr_t) res, RPCTIMEOUT); if (result != RPC_SUCCESS) status = NIS_RPCERROR; else { status = NIS_SUCCESS; if (NIS_RES_STATUS (res) == NIS_SUCCESS) { if (__type_of(NIS_RES_OBJECT (res)) == NIS_LINK_OBJ && flags & FOLLOW_LINKS) /* We are following links */ { if (count_links) free (req.ns_name); /* if we hit the link limit, bail */ if (count_links > NIS_MAXLINKS) { NIS_RES_STATUS (res) = NIS_LINKNAMEERROR; break; } ++count_links; req.ns_name = strdup (NIS_RES_OBJECT (res)->LI_data.li_name); if (req.ns_name == NULL) return NULL; nis_freeresult (res); res = calloc (1, sizeof (nis_result)); if (res == NULL) { __nisbind_destroy (&bptr); return NULL; } link_first_try = 1; /* Try at first the old binding */ goto again; } } else if ((NIS_RES_STATUS (res) == NIS_SYSTEMERROR) || (NIS_RES_STATUS (res) == NIS_NOSUCHNAME) || (NIS_RES_STATUS (res) == NIS_NOT_ME)) { if (link_first_try) { __nisbind_destroy (&bptr); nis_free_directory (dir); if (__nisfind_server (req.ns_name, &dir) != NIS_SUCCESS) return res; if (__nisbind_create (&bptr, dir->do_servers.do_servers_val, dir->do_servers.do_servers_len, flags) != NIS_SUCCESS) { nis_free_directory (dir); return res; } } else if (__nisbind_next (&bptr) != NIS_SUCCESS) break; /* No more servers to search */ while (__nisbind_connect (&bptr) != NIS_SUCCESS) { if (__nisbind_next (&bptr) != NIS_SUCCESS) { __nisbind_destroy (&bptr); nis_free_directory (dir); return res; } } goto again; } break; } link_first_try = 0; /* Set it back */ } while ((flags & HARD_LOOKUP) && status == NIS_RPCERROR); __nisbind_destroy (&bptr); nis_free_directory (dir); if (status != NIS_SUCCESS) { NIS_RES_STATUS (res) = status; return res; } switch (NIS_RES_STATUS (res)) { case NIS_PARTIAL: case NIS_SUCCESS: case NIS_S_SUCCESS: case NIS_LINKNAMEERROR: /* We follow to max links */ case NIS_UNAVAIL: /* NIS+ is not installed, or all servers are down */ ++done; break; default: /* Try the next domainname if we don't follow a link */ if (count_links) { free (req.ns_name); NIS_RES_STATUS (res) = NIS_LINKNAMEERROR; ++done; break; } ++name_nr; if (names[name_nr] == NULL) { ++done; break; } req.ns_name = names[name_nr]; break; } } if (names != namebuf) nis_freenames (names); return res; }
nis_error nis_addmember (const_nis_name member, const_nis_name group) { if (group != NULL && group[0] != '\0') { size_t grouplen = strlen (group); char buf[grouplen + 14 + NIS_MAXNAMELEN]; char leafbuf[grouplen + 2]; char domainbuf[grouplen + 2]; nis_result *res, *res2; nis_error status; char *cp, *cp2; cp = stpcpy (buf, nis_leaf_of_r (group, leafbuf, sizeof (leafbuf) - 1)); cp = stpcpy (cp, ".groups_dir"); cp2 = nis_domain_of_r (group, domainbuf, sizeof (domainbuf) - 1); if (cp2 != NULL && cp2[0] != '\0') { *cp++ = '.'; stpcpy (cp, cp2); } res = nis_lookup (buf, FOLLOW_LINKS|EXPAND_NAME); if (NIS_RES_STATUS (res) != NIS_SUCCESS) { status = NIS_RES_STATUS (res); nis_freeresult (res); return status; } if ((NIS_RES_NUMOBJ (res) != 1) || (__type_of (NIS_RES_OBJECT (res)) != NIS_GROUP_OBJ)) { nis_freeresult (res); return NIS_INVALIDOBJ; } NIS_RES_OBJECT (res)->GR_data.gr_members.gr_members_val = realloc (NIS_RES_OBJECT (res)->GR_data.gr_members.gr_members_val, (NIS_RES_OBJECT(res)->GR_data.gr_members.gr_members_len + 1) * sizeof (char *)); if (NIS_RES_OBJECT (res)->GR_data.gr_members.gr_members_val == NULL) goto nomem_out; NIS_RES_OBJECT (res)->GR_data.gr_members.gr_members_val[NIS_RES_OBJECT (res)->GR_data.gr_members.gr_members_len] = strdup (member); if (NIS_RES_OBJECT (res)->GR_data.gr_members.gr_members_val[NIS_RES_OBJECT (res)->GR_data.gr_members.gr_members_len] == NULL) { free (NIS_RES_OBJECT (res)->GR_data.gr_members.gr_members_val); nomem_out: nis_freeresult (res); return NIS_NOMEMORY; } ++NIS_RES_OBJECT (res)->GR_data.gr_members.gr_members_len; cp = stpcpy (buf, NIS_RES_OBJECT(res)->zo_name); *cp++ = '.'; strncpy (cp, NIS_RES_OBJECT (res)->zo_domain, NIS_MAXNAMELEN); res2 = nis_modify (buf, NIS_RES_OBJECT (res)); status = NIS_RES_STATUS (res2); nis_freeresult (res); nis_freeresult (res2); return status; } else return NIS_FAIL; }
/* * Try to locate a key using NIS+. */ int nisplus_search(mnt_map *m, char *map, char *key, char **val, time_t *tp) { nis_result *result; int error = 0; struct nisplus_search_callback_data data; nis_name index; char *org; /* if map does not have ".org_dir" then append it */ size_t l; org = strstr(map, NISPLUS_ORGDIR); if (org == NULL) org = NISPLUS_ORGDIR; else org = ""; /* make some room for the NIS index */ l = sizeof('[') /* for opening selection criteria */ + sizeof(NISPLUS_KEY) + strlen(key) + sizeof(']') /* for closing selection criteria */ + sizeof(',') /* + 1 for , separator */ + strlen(map) + sizeof(NISPLUS_ORGDIR); index = xmalloc(l); if (index == NULL) { plog(XLOG_ERROR, "Unable to create index %s: %s", map, strerror(ENOMEM)); return ENOMEM; } xsnprintf(index, l, "[%s%s],%s%s", NISPLUS_KEY, key, map, org); data.key = key; data.value = NULL; dlog("NISplus search for %s", index); result = nis_list(index, EXPAND_NAME | FOLLOW_LINKS | FOLLOW_PATH, (int (*)()) nisplus_search_callback, &data); /* free off the NIS index */ XFREE(index); if (result == NULL) { plog(XLOG_ERROR, "nisplus_search: %s: %s", map, strerror(ENOMEM)); return ENOMEM; } /* * Do something interesting with the return code */ switch (result->status) { case NIS_SUCCESS: case NIS_CBRESULTS: if (data.value == NULL) { nis_object *value = result->objects.objects_val; dlog("NISplus search found <nothing>"); dlog("NISplus search for %s: %s(%d)", map, nis_sperrno(result->status), result->status); if (value != NULL) data.value = strnsave(ENTRY_VAL(value, 1), ENTRY_LEN(value, 1)); } if (m->cfm && (m->cfm->cfm_flags & CFM_SUN_MAP_SYNTAX)) { *val = sun_entry2amd(key, data.value); XFREE(data.value); /* strnsave malloc'ed it above */ } else *val = data.value; if (*val) { error = 0; dlog("NISplus search found %s", *val); } else { error = ENOENT; dlog("NISplus search found nothing"); } *tp = 0; break; case NIS_NOSUCHNAME: dlog("NISplus search returned %d", result->status); error = ENOENT; break; default: plog(XLOG_ERROR, "nisplus_search: %s: %s", map, nis_sperrno(result->status)); error = EIO; break; } nis_freeresult(result); return error; }
static int nisplus_find(void *handle, uschar *filename, uschar *query, int length, uschar **result, uschar **errmsg, uint *do_cache) { int i; int ssize = 0; int offset = 0; int error_error = FAIL; uschar *field_name = NULL; nis_result *nrt = NULL; nis_result *nre = NULL; nis_object *tno, *eno; struct entry_obj *eo; struct table_obj *ta; uschar *p = query + length; uschar *yield = NULL; do_cache = do_cache; /* Placate picky compilers */ /* Search backwards for a colon to see if a result field name has been given. */ while (p > query && p[-1] != ':') p--; if (p > query) { field_name = p; p[-1] = 0; } else p = query + length; /* Now search backwards to find the comma that starts the table name. */ while (p > query && p[-1] != ',') p--; if (p <= query) { *errmsg = US"NIS+ query malformed"; error_error = DEFER; goto NISPLUS_EXIT; } /* Look up the data for the table, in order to get the field names, check that we got back a table, and set up pointers so the field names can be scanned. */ nrt = nis_lookup(CS p, EXPAND_NAME | NO_CACHE); if (nrt->status != NIS_SUCCESS) { *errmsg = string_sprintf("NIS+ error accessing %s table: %s", p, nis_sperrno(nrt->status)); if (nrt->status != NIS_NOTFOUND && nrt->status != NIS_NOSUCHTABLE) error_error = DEFER; goto NISPLUS_EXIT; } tno = nrt->objects.objects_val; if (tno->zo_data.zo_type != TABLE_OBJ) { *errmsg = string_sprintf("NIS+ error: %s is not a table", p); goto NISPLUS_EXIT; } ta = &(tno->zo_data.objdata_u.ta_data); /* Now look up the entry in the table, check that we got precisely one object and that it is a table entry. */ nre = nis_list(CS query, EXPAND_NAME, NULL, NULL); if (nre->status != NIS_SUCCESS) { *errmsg = string_sprintf("NIS+ error accessing entry %s: %s", query, nis_sperrno(nre->status)); goto NISPLUS_EXIT; } if (nre->objects.objects_len > 1) { *errmsg = string_sprintf("NIS+ returned more than one object for %s", query); goto NISPLUS_EXIT; } else if (nre->objects.objects_len < 1) { *errmsg = string_sprintf("NIS+ returned no data for %s", query); goto NISPLUS_EXIT; } eno = nre->objects.objects_val; if (eno->zo_data.zo_type != ENTRY_OBJ) { *errmsg = string_sprintf("NIS+ error: %s is not an entry", query); goto NISPLUS_EXIT; } /* Scan the columns in the entry and in the table. If a result field was given, look for that field; otherwise concatenate all the fields with their names. */ eo = &(eno->zo_data.objdata_u.en_data); for (i = 0; i < eo->en_cols.en_cols_len; i++) { table_col *tc = ta->ta_cols.ta_cols_val + i; entry_col *ec = eo->en_cols.en_cols_val + i; int len = ec->ec_value.ec_value_len; uschar *value = US ec->ec_value.ec_value_val; /* The value may be NULL for a zero-length field. Turn this into an empty string for consistency. Remove trailing whitespace and zero bytes. */ if (value == NULL) value = US""; else while (len > 0 && (value[len-1] == 0 || isspace(value[len-1]))) len--; /* Concatenate all fields if no specific one selected */ if (field_name == NULL) { yield = string_cat(yield, &ssize, &offset,US tc->tc_name, Ustrlen(tc->tc_name)); yield = string_cat(yield, &ssize, &offset, US"=", 1); /* Quote the value if it contains spaces or is empty */ if (value[0] == 0 || Ustrchr(value, ' ') != NULL) { int j; yield = string_cat(yield, &ssize, &offset, US"\"", 1); for (j = 0; j < len; j++) { if (value[j] == '\"' || value[j] == '\\') yield = string_cat(yield, &ssize, &offset, US"\\", 1); yield = string_cat(yield, &ssize, &offset, value+j, 1); } yield = string_cat(yield, &ssize, &offset, US"\"", 1); } else yield = string_cat(yield, &ssize, &offset, value, len); yield = string_cat(yield, &ssize, &offset, US" ", 1); } /* When the specified field is found, grab its data and finish */ else if (Ustrcmp(field_name, tc->tc_name) == 0) { yield = string_copyn(value, len); goto NISPLUS_EXIT; } } /* Error if a field name was specified and we didn't find it; if no field name, ensure the concatenated data is zero-terminated. */ if (field_name != NULL) *errmsg = string_sprintf("NIS+ field %s not found for %s", field_name, query); else { yield[offset] = 0; store_reset(yield + offset + 1); } /* Restore the colon in the query, and free result store before finishing. */ NISPLUS_EXIT: if (field_name != NULL) field_name[-1] = ':'; if (nrt != NULL) nis_freeresult(nrt); if (nre != NULL) nis_freeresult(nre); if (yield != NULL) { *result = yield; return OK; } return error_error; /* FAIL or DEFER */ }
enum nss_status _nss_nisplus_initgroups_dyn (const char *user, gid_t group, long int *start, long int *size, gid_t **groupsp, long int limit, int *errnop) { if (grp_tablename_val == NULL) { enum nss_status status = _nss_grp_create_tablename (errnop); if (status != NSS_STATUS_SUCCESS) return status; } nis_result *result; char buf[strlen (user) + 12 + grp_tablename_len]; snprintf (buf, sizeof (buf), "[members=%s],%s", user, grp_tablename_val); result = nis_list (buf, FOLLOW_LINKS | FOLLOW_PATH | ALL_RESULTS, NULL, NULL); if (result == NULL) { *errnop = ENOMEM; return NSS_STATUS_TRYAGAIN; } if (__builtin_expect (niserr2nss (result->status) != NSS_STATUS_SUCCESS, 0)) { enum nss_status status = niserr2nss (result->status); nis_freeresult (result); return status; } if (NIS_RES_NUMOBJ (result) == 0) { errout: nis_freeresult (result); return NSS_STATUS_NOTFOUND; } gid_t *groups = *groupsp; nis_object *obj = NIS_RES_OBJECT (result); for (unsigned int cnt = 0; cnt < NIS_RES_NUMOBJ (result); ++cnt, ++obj) { if (__type_of (obj) != NIS_ENTRY_OBJ || strcmp (obj->EN_data.en_type, "group_tbl") != 0 || obj->EN_data.en_cols.en_cols_len < 4) continue; char *numstr = NISOBJVAL (2, obj); size_t len = NISOBJLEN (2, obj); if (len == 0 || numstr[0] == '\0') continue; gid_t gid; char *endp; if (__builtin_expect (numstr[len - 1] != '\0', 0)) { char numstrbuf[len + 1]; memcpy (numstrbuf, numstr, len); numstrbuf[len] = '\0'; gid = strtoul (numstrbuf, &endp, 10); if (*endp) continue; } else { gid = strtoul (numstr, &endp, 10); if (*endp) continue; } if (gid == group) continue; /* Insert this group. */ if (*start == *size) { /* Need a bigger buffer. */ long int newsize; if (limit > 0 && *size == limit) /* We reached the maximum. */ break; if (limit <= 0) newsize = 2 * *size; else newsize = MIN (limit, 2 * *size); gid_t *newgroups = realloc (groups, newsize * sizeof (*groups)); if (newgroups == NULL) goto errout; *groupsp = groups = newgroups; *size = newsize; } groups[*start] = gid; *start += 1; } nis_freeresult (result); return NSS_STATUS_SUCCESS; }
nis_error nis_removemember (const_nis_name member, const_nis_name group) { if (group != NULL && group[0] != '\0') { size_t grouplen = strlen (group); char buf[grouplen + 14 + NIS_MAXNAMELEN]; char leafbuf[grouplen + 2]; char domainbuf[grouplen + 2]; nis_name *newmem; nis_result *res, *res2; nis_error status; char *cp, *cp2; unsigned long int i, j, k; cp = stpcpy (buf, nis_leaf_of_r (group, leafbuf, sizeof (leafbuf) - 1)); cp = stpcpy (cp, ".groups_dir"); cp2 = nis_domain_of_r (group, domainbuf, sizeof (domainbuf) - 1); if (cp2 != NULL && cp2[0] != '\0') { cp = stpcpy (cp, "."); stpcpy (cp, cp2); } res = nis_lookup (buf, FOLLOW_LINKS|EXPAND_NAME); if (res == NULL || NIS_RES_STATUS (res) != NIS_SUCCESS) { if (res) { status = NIS_RES_STATUS (res); nis_freeresult (res); } else return NIS_NOMEMORY; return status; } if ((res->objects.objects_len != 1) || (__type_of (NIS_RES_OBJECT (res)) != NIS_GROUP_OBJ)) { nis_freeresult (res); return NIS_INVALIDOBJ; } newmem = calloc (NIS_RES_OBJECT(res)->GR_data.gr_members.gr_members_len, sizeof (char *)); if (newmem == NULL) return NIS_NOMEMORY; k = NIS_RES_OBJECT (res)[0].GR_data.gr_members.gr_members_len; j = 0; for (i = 0; i < NIS_RES_OBJECT(res)->GR_data.gr_members.gr_members_len; ++i) { if (strcmp (NIS_RES_OBJECT(res)->GR_data.gr_members.gr_members_val[i], member) != 0) { newmem[j] = NIS_RES_OBJECT(res)->GR_data.gr_members.gr_members_val[i]; ++j; } else { free (NIS_RES_OBJECT(res)->GR_data.gr_members.gr_members_val[i]); --k; } } free (NIS_RES_OBJECT (res)->GR_data.gr_members.gr_members_val); newmem = realloc (newmem, k * sizeof (char*)); if (newmem == NULL) return NIS_NOMEMORY; NIS_RES_OBJECT (res)->GR_data.gr_members.gr_members_val = newmem; NIS_RES_OBJECT (res)->GR_data.gr_members.gr_members_len = k; cp = stpcpy (buf, NIS_RES_OBJECT (res)->zo_name); *cp++ = '.'; strncpy (cp, NIS_RES_OBJECT (res)->zo_domain, NIS_MAXNAMELEN); res2 = nis_modify (buf, NIS_RES_OBJECT (res)); status = NIS_RES_STATUS (res2); nis_freeresult (res); nis_freeresult (res2); return status; } else return NIS_FAIL; }
nis_error nis_creategroup (const_nis_name group, unsigned int flags) { if (group != NULL && group[0] != '\0') { size_t grouplen = strlen (group); char buf[grouplen + 50]; char leafbuf[grouplen + 2]; char domainbuf[grouplen + 2]; nis_error status; nis_result *res; char *cp, *cp2; nis_object *obj; cp = stpcpy (buf, nis_leaf_of_r (group, leafbuf, sizeof (leafbuf) - 1)); cp = stpcpy (cp, ".groups_dir"); cp2 = nis_domain_of_r (group, domainbuf, sizeof (domainbuf) - 1); if (cp2 != NULL && cp2[0] != '\0') { *cp++ = '.'; stpcpy (cp, cp2); } else return NIS_BADNAME; obj = calloc (1, sizeof (nis_object)); if (__builtin_expect (obj == NULL, 0)) return NIS_NOMEMORY; obj->zo_oid.ctime = obj->zo_oid.mtime = time (NULL); obj->zo_name = strdup (leafbuf); obj->zo_owner = __nis_default_owner (NULL); obj->zo_group = __nis_default_group (NULL); obj->zo_domain = strdup (domainbuf); if (obj->zo_name == NULL || obj->zo_owner == NULL || obj->zo_group == NULL || obj->zo_domain == NULL) { free (obj->zo_group); free (obj->zo_owner); free (obj->zo_name); free (obj); return NIS_NOMEMORY; } obj->zo_access = __nis_default_access (NULL, 0); obj->zo_ttl = 60 * 60; obj->zo_data.zo_type = NIS_GROUP_OBJ; obj->zo_data.objdata_u.gr_data.gr_flags = flags; obj->zo_data.objdata_u.gr_data.gr_members.gr_members_len = 0; obj->zo_data.objdata_u.gr_data.gr_members.gr_members_val = NULL; res = nis_add (buf, obj); nis_free_object (obj); if (res == NULL) return NIS_NOMEMORY; status = NIS_RES_STATUS (res); nis_freeresult (res); return status; } return NIS_FAIL; }
enum nss_status _nss_nisplus_getntohost_r (const struct ether_addr *addr, struct etherent *eth, char *buffer, size_t buflen, int *errnop) { if (tablename_val == NULL) { __libc_lock_lock (lock); enum nss_status status = _nss_create_tablename (errnop); __libc_lock_unlock (lock); if (status != NSS_STATUS_SUCCESS) return status; } if (addr == NULL) { *errnop = EINVAL; return NSS_STATUS_UNAVAIL; } char buf[26 + tablename_len]; snprintf (buf, sizeof (buf), "[addr=%" PRIx8 ":%" PRIx8 ":%" PRIx8 ":%" PRIx8 ":%" PRIx8 ":%" PRIx8 "],%s", addr->ether_addr_octet[0], addr->ether_addr_octet[1], addr->ether_addr_octet[2], addr->ether_addr_octet[3], addr->ether_addr_octet[4], addr->ether_addr_octet[5], tablename_val); nis_result *result = nis_list (buf, FOLLOW_PATH | FOLLOW_LINKS | USE_DGRAM, NULL, NULL); if (result == NULL) { *errnop = ENOMEM; return NSS_STATUS_TRYAGAIN; } if (__glibc_unlikely (niserr2nss (result->status) != NSS_STATUS_SUCCESS)) { enum nss_status status = niserr2nss (result->status); nis_freeresult (result); return status; } int parse_res = _nss_nisplus_parse_etherent (result, eth, buffer, buflen, errnop); /* We do not need the lookup result anymore. */ nis_freeresult (result); if (__glibc_unlikely (parse_res < 1)) { if (parse_res == -1) return NSS_STATUS_TRYAGAIN; return NSS_STATUS_NOTFOUND; } return NSS_STATUS_SUCCESS; }
nis_error nis_addmember (const_nis_name member, const_nis_name group) { if (group != NULL && group[0] != '\0') { size_t grouplen = strlen (group); char buf[grouplen + 14 + NIS_MAXNAMELEN]; char domainbuf[grouplen + 2]; nis_result *res, *res2; nis_error status; char *cp, *cp2; cp = rawmemchr (nis_leaf_of_r (group, buf, sizeof (buf) - 1), '\0'); cp = stpcpy (cp, ".groups_dir"); cp2 = nis_domain_of_r (group, domainbuf, sizeof (domainbuf) - 1); if (cp2 != NULL && cp2[0] != '\0') { *cp++ = '.'; stpcpy (cp, cp2); } res = nis_lookup (buf, FOLLOW_LINKS | EXPAND_NAME); if (NIS_RES_STATUS (res) != NIS_SUCCESS) { status = NIS_RES_STATUS (res); nis_freeresult (res); return status; } if (NIS_RES_NUMOBJ (res) != 1 || __type_of (NIS_RES_OBJECT (res)) != NIS_GROUP_OBJ) { nis_freeresult (res); return NIS_INVALIDOBJ; } u_int gr_members_len = NIS_RES_OBJECT(res)->GR_data.gr_members.gr_members_len; nis_name *new_gr_members_val = realloc (NIS_RES_OBJECT (res)->GR_data.gr_members.gr_members_val, (gr_members_len + 1) * sizeof (nis_name)); if (new_gr_members_val == NULL) goto nomem_out; NIS_RES_OBJECT (res)->GR_data.gr_members.gr_members_val = new_gr_members_val; new_gr_members_val[gr_members_len] = strdup (member); if (new_gr_members_val[gr_members_len] == NULL) { nomem_out: nis_freeresult (res); return NIS_NOMEMORY; } ++NIS_RES_OBJECT (res)->GR_data.gr_members.gr_members_len; /* Check the buffer bounds are not exceeded. */ assert (strlen (NIS_RES_OBJECT(res)->zo_name) + 1 < grouplen + 14); cp = stpcpy (buf, NIS_RES_OBJECT(res)->zo_name); *cp++ = '.'; strncpy (cp, NIS_RES_OBJECT (res)->zo_domain, NIS_MAXNAMELEN); res2 = nis_modify (buf, NIS_RES_OBJECT (res)); status = NIS_RES_STATUS (res2); nis_freeresult (res); nis_freeresult (res2); return status; } else return NIS_FAIL; }
void nis_print_group_entry (const_nis_name group) { if (group != NULL && group[0] != '\0') { size_t grouplen = strlen (group); char buf[grouplen + 50]; char leafbuf[grouplen + 3]; char domainbuf[grouplen + 3]; nis_result *res; char *cp, *cp2; u_int i; cp = stpcpy (buf, nis_leaf_of_r (group, leafbuf, sizeof (leafbuf) - 1)); cp = stpcpy (cp, ".groups_dir"); cp2 = nis_domain_of_r (group, domainbuf, sizeof (domainbuf) - 1); if (cp2 != NULL && cp2[0] != '\0') { *cp++ = '.'; stpcpy (cp, cp2); } res = nis_lookup (buf, FOLLOW_LINKS | EXPAND_NAME); if (res == NULL) return; if (NIS_RES_STATUS (res) != NIS_SUCCESS || NIS_RES_NUMOBJ (res) != 1 || __type_of (NIS_RES_OBJECT (res)) != NIS_GROUP_OBJ) { nis_freeresult (res); return; } char *mem_exp[NIS_RES_NUMOBJ (res)]; char *mem_imp[NIS_RES_NUMOBJ (res)]; char *mem_rec[NIS_RES_NUMOBJ (res)]; char *nomem_exp[NIS_RES_NUMOBJ (res)]; char *nomem_imp[NIS_RES_NUMOBJ (res)]; char *nomem_rec[NIS_RES_NUMOBJ (res)]; unsigned long mem_exp_cnt = 0, mem_imp_cnt = 0, mem_rec_cnt = 0; unsigned long nomem_exp_cnt = 0, nomem_imp_cnt = 0, nomem_rec_cnt = 0; for (i = 0; i < NIS_RES_OBJECT (res)->GR_data.gr_members.gr_members_len; ++i) { char *grmem = NIS_RES_OBJECT (res)->GR_data.gr_members.gr_members_val[i]; int neg = grmem[0] == '-'; switch (grmem[neg]) { case '*': if (neg) { nomem_imp[nomem_imp_cnt] = grmem; ++nomem_imp_cnt; } else { mem_imp[mem_imp_cnt] = grmem; ++mem_imp_cnt; } break; case '@': if (neg) { nomem_rec[nomem_rec_cnt] = grmem; ++nomem_rec_cnt; } else { mem_rec[mem_rec_cnt] = grmem; ++mem_rec_cnt; } break; default: if (neg) { nomem_exp[nomem_exp_cnt] = grmem; ++nomem_exp_cnt; } else { mem_exp[mem_exp_cnt] = grmem; ++mem_exp_cnt; } break; } } { char buf[strlen (NIS_RES_OBJECT (res)->zo_domain) + 10]; printf (_("Group entry for \"%s.%s\" group:\n"), NIS_RES_OBJECT (res)->zo_name, nis_domain_of_r (NIS_RES_OBJECT (res)->zo_domain, buf, strlen (NIS_RES_OBJECT (res)->zo_domain) + 10)); } if (mem_exp_cnt) { fputs (_(" Explicit members:\n"), stdout); for (i = 0; i < mem_exp_cnt; ++i) printf ("\t%s\n", mem_exp[i]); } else fputs (_(" No explicit members\n"), stdout); if (mem_imp_cnt) { fputs (_(" Implicit members:\n"), stdout); for (i = 0; i < mem_imp_cnt; ++i) printf ("\t%s\n", &mem_imp[i][2]); } else fputs (_(" No implicit members\n"), stdout); if (mem_rec_cnt) { fputs (_(" Recursive members:\n"), stdout); for (i = 0; i < mem_rec_cnt; ++i) printf ("\t%s\n", &mem_rec[i][1]); } else fputs (_(" No recursive members\n"), stdout); if (nomem_exp_cnt) { fputs (_(" Explicit nonmembers:\n"), stdout); for (i = 0; i < nomem_exp_cnt; ++i) printf ("\t%s\n", &nomem_exp[i][1]); } else fputs (_(" No explicit nonmembers\n"), stdout); if (nomem_imp_cnt) { fputs (_(" Implicit nonmembers:\n"), stdout); for (i = 0; i < nomem_imp_cnt; ++i) printf ("\t%s\n", &nomem_imp[i][3]); } else fputs (_(" No implicit nonmembers\n"), stdout); if (nomem_rec_cnt) { fputs (_(" Recursive nonmembers:\n"), stdout); for (i = 0; i < nomem_rec_cnt; ++i) printf ("\t%s=n", &nomem_rec[i][2]); } else fputs (_(" No recursive nonmembers\n"), stdout); nis_freeresult (res); } }
nis_result * nis_list (const_nis_name name, unsigned int flags, int (*callback) (const_nis_name name, const nis_object *object, const void *userdata), const void *userdata) { nis_result *res = malloc (sizeof (nis_result)); ib_request *ibreq; int status; enum clnt_stat clnt_status; int count_links = 0; /* We will only follow NIS_MAXLINKS links! */ int done = 0; nis_name *names; nis_name namebuf[2] = {NULL, NULL}; int name_nr = 0; nis_cb *cb = NULL; char *tableptr; char *tablepath = NULL; int first_try = 0; /* Do we try the old binding at first ? */ nis_result *allres = NULL; if (res == NULL) return NULL; if (name == NULL) { status = NIS_BADNAME; err_out: nis_freeresult (allres); memset (res, '\0', sizeof (nis_result)); NIS_RES_STATUS (res) = status; return res; } ibreq = __create_ib_request (name, flags); if (ibreq == NULL) { status = NIS_BADNAME; goto err_out; } if ((flags & EXPAND_NAME) && ibreq->ibr_name[strlen (ibreq->ibr_name) - 1] != '.') { names = nis_getnames (ibreq->ibr_name); free (ibreq->ibr_name); ibreq->ibr_name = NULL; if (names == NULL) { nis_free_request (ibreq); status = NIS_BADNAME; goto err_out; } ibreq->ibr_name = strdup (names[name_nr]); if (ibreq->ibr_name == NULL) { nis_freenames (names); nis_free_request (ibreq); status = NIS_NOMEMORY; goto err_out; } } else { names = namebuf; names[name_nr] = ibreq->ibr_name; } cb = NULL; while (!done) { dir_binding bptr; directory_obj *dir = NULL; memset (res, '\0', sizeof (nis_result)); status = __nisfind_server (ibreq->ibr_name, ibreq->ibr_srch.ibr_srch_val != NULL, &dir, &bptr, flags & ~MASTER_ONLY); if (status != NIS_SUCCESS) { NIS_RES_STATUS (res) = status; goto fail3; } while (__nisbind_connect (&bptr) != NIS_SUCCESS) if (__nisbind_next (&bptr) != NIS_SUCCESS) { NIS_RES_STATUS (res) = NIS_NAMEUNREACHABLE; goto fail; } if (callback != NULL) { assert (cb == NULL); cb = __nis_create_callback (callback, userdata, flags); ibreq->ibr_cbhost.ibr_cbhost_len = 1; ibreq->ibr_cbhost.ibr_cbhost_val = cb->serv; } again: clnt_status = clnt_call (bptr.clnt, NIS_IBLIST, (xdrproc_t) _xdr_ib_request, (caddr_t) ibreq, (xdrproc_t) _xdr_nis_result, (caddr_t) res, RPCTIMEOUT); if (clnt_status != RPC_SUCCESS) NIS_RES_STATUS (res) = NIS_RPCERROR; else switch (NIS_RES_STATUS (res)) { /* start switch */ case NIS_PARTIAL: case NIS_SUCCESS: case NIS_S_SUCCESS: if (__type_of (NIS_RES_OBJECT (res)) == NIS_LINK_OBJ && (flags & FOLLOW_LINKS)) /* We are following links. */ { free (ibreq->ibr_name); ibreq->ibr_name = NULL; /* If we hit the link limit, bail. */ if (count_links > NIS_MAXLINKS) { NIS_RES_STATUS (res) = NIS_LINKNAMEERROR; ++done; break; } ++count_links; ibreq->ibr_name = strdup (NIS_RES_OBJECT (res)->LI_data.li_name); if (ibreq->ibr_name == NULL) { NIS_RES_STATUS (res) = NIS_NOMEMORY; fail: __nisbind_destroy (&bptr); nis_free_directory (dir); fail3: free (tablepath); if (cb) { __nis_destroy_callback (cb); ibreq->ibr_cbhost.ibr_cbhost_len = 0; ibreq->ibr_cbhost.ibr_cbhost_val = NULL; } if (names != namebuf) nis_freenames (names); nis_free_request (ibreq); nis_freeresult (allres); return res; } if (NIS_RES_OBJECT (res)->LI_data.li_attrs.li_attrs_len) if (ibreq->ibr_srch.ibr_srch_len == 0) { ibreq->ibr_srch.ibr_srch_len = NIS_RES_OBJECT (res)->LI_data.li_attrs.li_attrs_len; ibreq->ibr_srch.ibr_srch_val = NIS_RES_OBJECT (res)->LI_data.li_attrs.li_attrs_val; } /* The following is a non-obvious optimization. A nis_freeresult call would call xdr_free as the following code. But it also would unnecessarily free the result structure. We avoid this here along with the necessary tests. */ xdr_free ((xdrproc_t) _xdr_nis_result, (char *)res); memset (res, '\0', sizeof (*res)); first_try = 1; /* Try at first the old binding */ goto again; } else if ((flags & FOLLOW_PATH) && NIS_RES_STATUS (res) == NIS_PARTIAL) { enum nis_error err = __follow_path (&tablepath, &tableptr, ibreq, &bptr); if (err != NIS_SUCCESS) { if (err == NIS_NOMEMORY) NIS_RES_STATUS (res) = err; ++done; } else { /* The following is a non-obvious optimization. A nis_freeresult call would call xdr_free as the following code. But it also would unnecessarily free the result structure. We avoid this here along with the necessary tests. */ xdr_free ((xdrproc_t) _xdr_nis_result, (char *) res); memset (res, '\0', sizeof (*res)); first_try = 1; goto again; } } else if ((flags & (FOLLOW_PATH | ALL_RESULTS)) == (FOLLOW_PATH | ALL_RESULTS)) { if (allres == NULL) { allres = res; res = malloc (sizeof (nis_result)); if (res == NULL) { res = allres; allres = NULL; NIS_RES_STATUS (res) = NIS_NOMEMORY; goto fail; } NIS_RES_STATUS (res) = NIS_RES_STATUS (allres); } else { nis_object *objects_val = realloc (NIS_RES_OBJECT (allres), (NIS_RES_NUMOBJ (allres) + NIS_RES_NUMOBJ (res)) * sizeof (nis_object)); if (objects_val == NULL) { NIS_RES_STATUS (res) = NIS_NOMEMORY; goto fail; } NIS_RES_OBJECT (allres) = objects_val; memcpy (NIS_RES_OBJECT (allres) + NIS_RES_NUMOBJ (allres), NIS_RES_OBJECT (res), NIS_RES_NUMOBJ (res) * sizeof (nis_object)); NIS_RES_NUMOBJ (allres) += NIS_RES_NUMOBJ (res); NIS_RES_NUMOBJ (res) = 0; free (NIS_RES_OBJECT (res)); NIS_RES_OBJECT (res) = NULL; NIS_RES_STATUS (allres) = NIS_RES_STATUS (res); xdr_free ((xdrproc_t) _xdr_nis_result, (char *) res); } enum nis_error err = __follow_path (&tablepath, &tableptr, ibreq, &bptr); if (err != NIS_SUCCESS) { /* Prepare for the nis_freeresult call. */ memset (res, '\0', sizeof (*res)); if (err == NIS_NOMEMORY) NIS_RES_STATUS (allres) = err; ++done; } } else ++done; break; case NIS_CBRESULTS: if (cb != NULL) { __nis_do_callback (&bptr, &res->cookie, cb); NIS_RES_STATUS (res) = cb->result; if (!(flags & ALL_RESULTS)) ++done; else { enum nis_error err = __follow_path (&tablepath, &tableptr, ibreq, &bptr); if (err != NIS_SUCCESS) { if (err == NIS_NOMEMORY) NIS_RES_STATUS (res) = err; ++done; } } } break; case NIS_SYSTEMERROR: case NIS_NOSUCHNAME: case NIS_NOT_ME: /* If we had first tried the old binding, do nothing, but get a new binding */ if (!first_try) { if (__nisbind_next (&bptr) != NIS_SUCCESS) { ++done; break; /* No more servers to search */ } while (__nisbind_connect (&bptr) != NIS_SUCCESS) { if (__nisbind_next (&bptr) != NIS_SUCCESS) { ++done; break; /* No more servers to search */ } } goto again; } break; default: if (!first_try) { /* Try the next domainname if we don't follow a link. */ free (ibreq->ibr_name); ibreq->ibr_name = NULL; if (count_links) { NIS_RES_STATUS (res) = NIS_LINKNAMEERROR; ++done; break; } ++name_nr; if (names[name_nr] == NULL) { ++done; break; } ibreq->ibr_name = strdup (names[name_nr]); if (ibreq->ibr_name == NULL) { NIS_RES_STATUS (res) = NIS_NOMEMORY; goto fail; } first_try = 1; /* Try old binding at first */ goto again; } break; } first_try = 0; if (cb) { __nis_destroy_callback (cb); ibreq->ibr_cbhost.ibr_cbhost_len = 0; ibreq->ibr_cbhost.ibr_cbhost_val = NULL; cb = NULL; } __nisbind_destroy (&bptr); nis_free_directory (dir); } free (tablepath); if (names != namebuf) nis_freenames (names); nis_free_request (ibreq); if (allres) { nis_freeresult (res); return allres; } return res; }
enum nss_status _nss_nisplus_getspnam_r (const char *name, struct spwd *sp, char *buffer, size_t buflen, int *errnop) { int parse_res; if (pwd_tablename_val == NULL) { enum nss_status status = _nss_pwd_create_tablename (errnop); if (status != NSS_STATUS_SUCCESS) return status; } if (name == NULL) { *errnop = EINVAL; return NSS_STATUS_NOTFOUND; } nis_result *result; char buf[strlen (name) + 9 + pwd_tablename_len]; int olderr = errno; snprintf (buf, sizeof (buf), "[name=%s],%s", name, pwd_tablename_val); result = nis_list (buf, FOLLOW_PATH | FOLLOW_LINKS, NULL, NULL); if (result == NULL) { *errnop = ENOMEM; return NSS_STATUS_TRYAGAIN; } if (__builtin_expect (niserr2nss (result->status) != NSS_STATUS_SUCCESS, 0)) { enum nss_status status = niserr2nss (result->status); __set_errno (olderr); nis_freeresult (result); return status; } parse_res = _nss_nisplus_parse_spent (result, sp, buffer, buflen, errnop); nis_freeresult (result); if (__builtin_expect (parse_res < 1, 0)) { if (parse_res == -1) { *errnop = ERANGE; return NSS_STATUS_TRYAGAIN; } else { __set_errno (olderr); return NSS_STATUS_NOTFOUND; } } return NSS_STATUS_SUCCESS; }
/* internal_nis_ismember () return codes: -1 principal is in -group 0 principal isn't in any group 1 pirncipal is in group */ static int internal_ismember (const_nis_name principal, const_nis_name group) { size_t grouplen = strlen (group); char buf[grouplen + 50]; char leafbuf[grouplen + 2]; char domainbuf[grouplen + 2]; nis_result *res; char *cp, *cp2; u_int i; cp = stpcpy (buf, nis_leaf_of_r (group, leafbuf, sizeof (leafbuf) - 1)); cp = stpcpy (cp, ".groups_dir"); cp2 = nis_domain_of_r (group, domainbuf, sizeof (domainbuf) - 1); if (cp2 != NULL && cp2[0] != '\0') { *cp++ = '.'; strcpy (cp, cp2); } res = nis_lookup (buf, EXPAND_NAME|FOLLOW_LINKS); if (res == NULL || NIS_RES_STATUS (res) != NIS_SUCCESS) { nis_freeresult (res); return 0; } if ((NIS_RES_NUMOBJ (res) != 1) || (__type_of (NIS_RES_OBJECT (res)) != NIS_GROUP_OBJ)) { nis_freeresult (res); return 0; } /* We search twice in the list, at first, if we have the name with a "-", then if without. "-member" has priority */ for (i = 0; i < NIS_RES_OBJECT(res)->GR_data.gr_members.gr_members_len; ++i) { cp = NIS_RES_OBJECT (res)->GR_data.gr_members.gr_members_val[i]; if (cp[0] == '-') { if (strcmp (&cp[1], principal) == 0) { nis_freeresult (res); return -1; } if (cp[1] == '@') switch (internal_ismember (principal, &cp[2])) { case -1: nis_freeresult (res); return -1; case 1: nis_freeresult (res); return 1; default: break; } else if (cp[1] == '*') { char buf1[strlen (principal) + 2]; char buf2[strlen (cp) + 2]; if (strcmp (nis_domain_of_r (principal, buf1, sizeof buf1), nis_domain_of_r (cp, buf2, sizeof buf2)) == 0) { nis_freeresult (res); return -1; } } } } for (i = 0; i < NIS_RES_OBJECT (res)->GR_data.gr_members.gr_members_len; ++i) { cp = NIS_RES_OBJECT (res)->GR_data.gr_members.gr_members_val[i]; if (cp[0] != '-') { if (strcmp (cp, principal) == 0) { nis_freeresult (res); return 1; } if (cp[0] == '@') switch (internal_ismember (principal, &cp[1])) { case -1: nis_freeresult (res); return -1; case 1: nis_freeresult (res); return 1; default: break; } else if (cp[0] == '*') { char buf1[strlen (principal) + 2]; char buf2[strlen (cp) + 2]; if (strcmp (nis_domain_of_r (principal, buf1, sizeof buf1), nis_domain_of_r (cp, buf2, sizeof buf2)) == 0) { nis_freeresult (res); return 1; } } } } nis_freeresult (res); return 0; }