]> git.ipfire.org Git - thirdparty/glibc.git/blame - nss/nss_compat/compat-pwd.c
projects / thirdparty / glibc.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Remove "Contributed by" lines
[thirdparty/glibc.git] / nss / nss_compat / compat-pwd.c
CommitLineData
2b778ceb 1/* Copyright (C) 1996-2021 Free Software Foundation, Inc.
6259ec0d 2 This file is part of the GNU C Library.
6259ec0d
UD		 3
4 The GNU C Library is free software; you can redistribute it and/or
41bdb6e2
AJ		 5 modify it under the terms of the GNU Lesser General Public
6 License as published by the Free Software Foundation; either
7 version 2.1 of the License, or (at your option) any later version.
6259ec0d
UD		 8
9 The GNU C Library is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
41bdb6e2 12 Lesser General Public License for more details.
6259ec0d 13
41bdb6e2 14 You should have received a copy of the GNU Lesser General Public
59ba27a6 15 License along with the GNU C Library; if not, see
5a82c748 16 <https://www.gnu.org/licenses/>. */
6259ec0d 17
6259ec0d 18#include <ctype.h>
b4431a72 19#include <errno.h>
3996f34b 20#include <fcntl.h>
6259ec0d 21#include <netdb.h>
b4431a72
UD		 22#include <nss.h>
23#include <nsswitch.h>
24#include <pwd.h>
25#include <stdio_ext.h>
6259ec0d 26#include <string.h>
ec999b8e 27#include <libc-lock.h>
cc783763 28#include <kernel-features.h>
23ed3673 29#include <nss_files.h>
6259ec0d
UD		 30
31#include "netgroup.h"
64d1e08e 32#include "nisdomain.h"
26dee9c4 33
ff104359
FW		 34NSS_DECLARE_MODULE_FUNCTIONS (compat)
35
f4f3b091 36static nss_action_list ni;
8a922141
FW		 37static enum nss_status (*setpwent_impl) (int stayopen);
38static enum nss_status (*getpwnam_r_impl) (const char *name,
39 struct passwd * pwd, char *buffer,
40 size_t buflen, int *errnop);
41static enum nss_status (*getpwuid_r_impl) (uid_t uid, struct passwd * pwd,
42 char *buffer, size_t buflen,
43 int *errnop);
44static enum nss_status (*getpwent_r_impl) (struct passwd * pwd, char *buffer,
45 size_t buflen, int *errnop);
46static enum nss_status (*endpwent_impl) (void);
6259ec0d 47
7e3be507
UD		 48/* Get the declaration of the parser function. */
49#define ENTNAME pwent
50#define STRUCTURE passwd
51#define EXTERN_PARSER
cc3fa755 52#include <nss/nss_files/files-parse.c>
7e3be507 53
6259ec0d
UD		 54/* Structure for remembering -@netgroup and -user members ... */
55#define BLACKLIST_INITIAL_SIZE 512
56#define BLACKLIST_INCREMENT 256
57struct blacklist_t
1e2e27fd
UD		 58{
59 char *data;
60 int current;
61 int size;
62};
6259ec0d
UD		 63
64struct ent_t
1e2e27fd 65{
cb62745a
UD		 66 bool netgroup;
67 bool first;
68 bool files;
69 enum nss_status setent_status;
1e2e27fd
UD		 70 FILE *stream;
71 struct blacklist_t blacklist;
72 struct passwd pwd;
73 struct __netgrent netgrdata;
74};
6259ec0d
UD		 75typedef struct ent_t ent_t;
76
cb62745a
UD		 77static ent_t ext_ent = { false, false, true, NSS_STATUS_SUCCESS, NULL,
78 { NULL, 0, 0 },
79 { NULL, NULL, 0, 0, NULL, NULL, NULL }};
6259ec0d
UD		 80
81/* Protect global state against multiple changers. */
82__libc_lock_define_initialized (static, lock)
83
84/* Prototypes for local functions. */
85static void blacklist_store_name (const char *, ent_t *);
64d1e08e 86static bool in_blacklist (const char *, int, ent_t *);
2d7da676 87
1e2e27fd
UD		 88/* Initialize the NSS interface/functions. The calling function must
89 hold the lock. */
90static void
91init_nss_interface (void)
92{
9b456c5d 93 if (__nss_database_get (nss_database_passwd_compat, &ni))
1e2e27fd 94 {
8a922141
FW		 95 setpwent_impl = __nss_lookup_function (ni, "setpwent");
96 getpwnam_r_impl = __nss_lookup_function (ni, "getpwnam_r");
97 getpwuid_r_impl = __nss_lookup_function (ni, "getpwuid_r");
98 getpwent_r_impl = __nss_lookup_function (ni, "getpwent_r");
99 endpwent_impl = __nss_lookup_function (ni, "endpwent");
1e2e27fd
UD		 100 }
101}
102
6259ec0d
UD		 103static void
104give_pwd_free (struct passwd *pwd)
105{
72e6cdfa
UD		 106 free (pwd->pw_name);
107 free (pwd->pw_passwd);
108 free (pwd->pw_gecos);
109 free (pwd->pw_dir);
110 free (pwd->pw_shell);
6259ec0d
UD		 111
112 memset (pwd, '\0', sizeof (struct passwd));
113}
114
115static size_t
116pwd_need_buflen (struct passwd *pwd)
117{
118 size_t len = 0;
119
120 if (pwd->pw_passwd != NULL)
121 len += strlen (pwd->pw_passwd) + 1;
122
123 if (pwd->pw_gecos != NULL)
124 len += strlen (pwd->pw_gecos) + 1;
125
126 if (pwd->pw_dir != NULL)
127 len += strlen (pwd->pw_dir) + 1;
128
129 if (pwd->pw_shell != NULL)
130 len += strlen (pwd->pw_shell) + 1;
131
132 return len;
133}
134
135static void
136copy_pwd_changes (struct passwd *dest, struct passwd *src,
137 char *buffer, size_t buflen)
138{
139 if (src->pw_passwd != NULL && strlen (src->pw_passwd))
140 {
141 if (buffer == NULL)
142 dest->pw_passwd = strdup (src->pw_passwd);
34a5a146
JM		 143 else if (dest->pw_passwd
144 && strlen (dest->pw_passwd) >= strlen (src->pw_passwd))
6259ec0d
UD		 145 strcpy (dest->pw_passwd, src->pw_passwd);
146 else
147 {
148 dest->pw_passwd = buffer;
149 strcpy (dest->pw_passwd, src->pw_passwd);
150 buffer += strlen (dest->pw_passwd) + 1;
151 buflen = buflen - (strlen (dest->pw_passwd) + 1);
152 }
153 }
154
155 if (src->pw_gecos != NULL && strlen (src->pw_gecos))
156 {
157 if (buffer == NULL)
158 dest->pw_gecos = strdup (src->pw_gecos);
34a5a146
JM		 159 else if (dest->pw_gecos
160 && strlen (dest->pw_gecos) >= strlen (src->pw_gecos))
6259ec0d
UD		 161 strcpy (dest->pw_gecos, src->pw_gecos);
162 else
163 {
164 dest->pw_gecos = buffer;
165 strcpy (dest->pw_gecos, src->pw_gecos);
166 buffer += strlen (dest->pw_gecos) + 1;
167 buflen = buflen - (strlen (dest->pw_gecos) + 1);
168 }
169 }
170 if (src->pw_dir != NULL && strlen (src->pw_dir))
171 {
172 if (buffer == NULL)
173 dest->pw_dir = strdup (src->pw_dir);
1e2e27fd 174 else if (dest->pw_dir && strlen (dest->pw_dir) >= strlen (src->pw_dir))
6259ec0d
UD		 175 strcpy (dest->pw_dir, src->pw_dir);
176 else
177 {
178 dest->pw_dir = buffer;
179 strcpy (dest->pw_dir, src->pw_dir);
180 buffer += strlen (dest->pw_dir) + 1;
181 buflen = buflen - (strlen (dest->pw_dir) + 1);
182 }
183 }
184
185 if (src->pw_shell != NULL && strlen (src->pw_shell))
186 {
187 if (buffer == NULL)
188 dest->pw_shell = strdup (src->pw_shell);
34a5a146
JM		 189 else if (dest->pw_shell
190 && strlen (dest->pw_shell) >= strlen (src->pw_shell))
6259ec0d
UD		 191 strcpy (dest->pw_shell, src->pw_shell);
192 else
193 {
194 dest->pw_shell = buffer;
195 strcpy (dest->pw_shell, src->pw_shell);
196 buffer += strlen (dest->pw_shell) + 1;
197 buflen = buflen - (strlen (dest->pw_shell) + 1);
198 }
199 }
200}
201
7ef90c15 202static enum nss_status
cb62745a 203internal_setpwent (ent_t *ent, int stayopen, int needent)
6259ec0d
UD		 204{
205 enum nss_status status = NSS_STATUS_SUCCESS;
206
cb62745a
UD		 207 ent->first = ent->netgroup = false;
208 ent->files = true;
209 ent->setent_status = NSS_STATUS_SUCCESS;
6259ec0d
UD		 210
211 /* If something was left over free it. */
212 if (ent->netgroup)
213 __internal_endnetgrent (&ent->netgrdata);
214
6259ec0d 215 if (ent->blacklist.data != NULL)
bd355af0
UD		 216 {
217 ent->blacklist.current = 1;
218 ent->blacklist.data[0] = '|';
219 ent->blacklist.data[1] = '\0';
220 }
221 else
222 ent->blacklist.current = 0;
6259ec0d
UD		 223
224 if (ent->stream == NULL)
225 {
23ed3673 226 ent->stream = __nss_files_fopen ("/etc/passwd");
6259ec0d
UD		 227
228 if (ent->stream == NULL)
229 status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL;
230 }
231 else
232 rewind (ent->stream);
233
234 give_pwd_free (&ent->pwd);
235
8a922141
FW		 236 if (needent && status == NSS_STATUS_SUCCESS && setpwent_impl)
237 ent->setent_status = setpwent_impl (stayopen);
1e2e27fd 238
6259ec0d
UD		 239 return status;
240}
241
242
243enum nss_status
51eecc4a 244_nss_compat_setpwent (int stayopen)
6259ec0d
UD		 245{
246 enum nss_status result;
247
248 __libc_lock_lock (lock);
249
26dee9c4 250 if (ni == NULL)
1e2e27fd 251 init_nss_interface ();
26dee9c4 252
cb62745a 253 result = internal_setpwent (&ext_ent, stayopen, 1);
6259ec0d
UD		 254
255 __libc_lock_unlock (lock);
256
257 return result;
258}
259
260
790b8dda 261static enum nss_status __attribute_warn_unused_result__
6259ec0d
UD		 262internal_endpwent (ent_t *ent)
263{
264 if (ent->stream != NULL)
265 {
266 fclose (ent->stream);
267 ent->stream = NULL;
268 }
269
60c96635
UD		 270 if (ent->netgroup)
271 __internal_endnetgrent (&ent->netgrdata);
3996f34b 272
cb62745a 273 ent->first = ent->netgroup = false;
26dee9c4 274
6259ec0d 275 if (ent->blacklist.data != NULL)
bd355af0
UD		 276 {
277 ent->blacklist.current = 1;
278 ent->blacklist.data[0] = '|';
1e2e27fd 279 ent->blacklist.data[1] = '\0';
bd355af0
UD		 280 }
281 else
282 ent->blacklist.current = 0;
6259ec0d
UD		 283
284 give_pwd_free (&ent->pwd);
285
286 return NSS_STATUS_SUCCESS;
287}
288
790b8dda
FW		 289/* Like internal_endpwent, but preserve errno in all cases. */
290static void
291internal_endpwent_noerror (ent_t *ent)
292{
293 int saved_errno = errno;
294 enum nss_status unused __attribute__ ((unused)) = internal_endpwent (ent);
295 __set_errno (saved_errno);
296}
297
6259ec0d
UD		 298enum nss_status
299_nss_compat_endpwent (void)
300{
301 enum nss_status result;
302
303 __libc_lock_lock (lock);
304
8a922141
FW		 305 if (endpwent_impl)
306 endpwent_impl ();
b13b96ca 307
6259ec0d
UD		 308 result = internal_endpwent (&ext_ent);
309
310 __libc_lock_unlock (lock);
311
312 return result;
313}
314
1e2e27fd 315
6259ec0d 316static enum nss_status
1e2e27fd
UD		 317getpwent_next_nss_netgr (const char *name, struct passwd *result, ent_t *ent,
318 char *group, char *buffer, size_t buflen,
319 int *errnop)
6259ec0d 320{
6d4d8e8e 321 char *curdomain = NULL, *host, *user, *domain, *p2;
1e2e27fd 322 int status;
f8b87ef0 323 size_t p2len;
c131718c 324
1e2e27fd
UD		 325 /* Leave function if NSS module does not support getpwnam_r,
326 we need this function here. */
8a922141 327 if (!getpwnam_r_impl)
1e2e27fd
UD		 328 return NSS_STATUS_UNAVAIL;
329
6d4d8e8e 330 if (ent->first)
6259ec0d 331 {
63551311 332 memset (&ent->netgrdata, 0, sizeof (struct __netgrent));
6259ec0d 333 __internal_setnetgrent (group, &ent->netgrdata);
cb62745a 334 ent->first = false;
6259ec0d
UD		 335 }
336
337 while (1)
338 {
7e3be507 339 status = __internal_getnetgrent_r (&host, &user, &domain,
d71b808a
UD		 340 &ent->netgrdata, buffer, buflen,
341 errnop);
6259ec0d
UD		 342 if (status != 1)
343 {
344 __internal_endnetgrent (&ent->netgrdata);
345 ent->netgroup = 0;
346 give_pwd_free (&ent->pwd);
347 return NSS_STATUS_RETURN;
348 }
349
350 if (user == NULL || user[0] == '-')
351 continue;
352
6d4d8e8e
AS		 353 if (domain != NULL)
354 {
355 if (curdomain == NULL
64d1e08e 356 && __nss_get_default_domain (&curdomain) != 0)
6d4d8e8e
AS		 357 {
358 __internal_endnetgrent (&ent->netgrdata);
359 ent->netgroup = false;
360 give_pwd_free (&ent->pwd);
361 return NSS_STATUS_UNAVAIL;
362 }
363 if (strcmp (curdomain, domain) != 0)
364 continue;
365 }
6259ec0d 366
6591c335 367 /* If name != NULL, we are called from getpwnam. */
cc3fa755
UD		 368 if (name != NULL)
369 if (strcmp (user, name) != 0)
370 continue;
371
6259ec0d
UD		 372 p2len = pwd_need_buflen (&ent->pwd);
373 if (p2len > buflen)
374 {
d71b808a 375 *errnop = ERANGE;
6259ec0d
UD		 376 return NSS_STATUS_TRYAGAIN;
377 }
378 p2 = buffer + (buflen - p2len);
379 buflen -= p2len;
6591c335 380
8a922141 381 if (getpwnam_r_impl (user, result, buffer, buflen, errnop)
a04549c1 382 != NSS_STATUS_SUCCESS)
26dee9c4 383 continue;
3996f34b 384
1e2e27fd 385 if (!in_blacklist (result->pw_name, strlen (result->pw_name), ent))
26dee9c4 386 {
1e2e27fd
UD		 387 /* Store the User in the blacklist for possible the "+" at the
388 end of /etc/passwd */
cc3fa755 389 blacklist_store_name (result->pw_name, ent);
26dee9c4
UD		 390 copy_pwd_changes (result, &ent->pwd, p2, p2len);
391 break;
392 }
393 }
394
395 return NSS_STATUS_SUCCESS;
396}
397
1e2e27fd 398/* get the next user from NSS (+ entry) */
26dee9c4 399static enum nss_status
1e2e27fd 400getpwent_next_nss (struct passwd *result, ent_t *ent, char *buffer,
d71b808a 401 size_t buflen, int *errnop)
6259ec0d 402{
1e2e27fd
UD		 403 enum nss_status status;
404 char *p2;
f8b87ef0 405 size_t p2len;
6259ec0d 406
1e2e27fd 407 /* Return if NSS module does not support getpwent_r. */
8a922141 408 if (!getpwent_r_impl)
1e2e27fd 409 return NSS_STATUS_UNAVAIL;
6259ec0d 410
cb62745a
UD		 411 /* If the setpwent call failed, say so. */
412 if (ent->setent_status != NSS_STATUS_SUCCESS)
413 return ent->setent_status;
414
6259ec0d
UD		 415 p2len = pwd_need_buflen (&ent->pwd);
416 if (p2len > buflen)
417 {
d71b808a 418 *errnop = ERANGE;
6259ec0d
UD		 419 return NSS_STATUS_TRYAGAIN;
420 }
421 p2 = buffer + (buflen - p2len);
422 buflen -= p2len;
3996f34b 423
1e2e27fd 424 if (ent->first)
cb62745a 425 ent->first = false;
3996f34b 426
1e2e27fd
UD		 427 do
428 {
8a922141 429 if ((status = getpwent_r_impl (result, buffer, buflen, errnop))
a04549c1 430 != NSS_STATUS_SUCCESS)
1e2e27fd 431 return status;
6259ec0d 432 }
1e2e27fd 433 while (in_blacklist (result->pw_name, strlen (result->pw_name), ent));
6259ec0d
UD		 434
435 copy_pwd_changes (result, &ent->pwd, p2, p2len);
436
26dee9c4 437 return NSS_STATUS_SUCCESS;
6259ec0d
UD		 438}
439
26dee9c4
UD		 440/* This function handle the +user entrys in /etc/passwd */
441static enum nss_status
04c216a8
UD		 442getpwnam_plususer (const char *name, struct passwd *result, ent_t *ent,
443 char *buffer, size_t buflen, int *errnop)
26dee9c4 444{
8a922141 445 if (!getpwnam_r_impl)
1e2e27fd
UD		 446 return NSS_STATUS_UNAVAIL;
447
016c70ea 448 struct passwd pwd;
26dee9c4 449 memset (&pwd, '\0', sizeof (struct passwd));
c131718c 450
26dee9c4 451 copy_pwd_changes (&pwd, result, NULL, 0);
c131718c 452
016c70ea 453 size_t plen = pwd_need_buflen (&pwd);
26dee9c4
UD		 454 if (plen > buflen)
455 {
d71b808a 456 *errnop = ERANGE;
26dee9c4
UD		 457 return NSS_STATUS_TRYAGAIN;
458 }
016c70ea 459 char *p = buffer + (buflen - plen);
26dee9c4 460 buflen -= plen;
c131718c 461
8a922141
FW		 462 enum nss_status status = getpwnam_r_impl (name, result, buffer, buflen,
463 errnop);
016c70ea
UD		 464 if (status != NSS_STATUS_SUCCESS)
465 return status;
04c216a8 466
1e2e27fd
UD		 467 if (in_blacklist (result->pw_name, strlen (result->pw_name), ent))
468 return NSS_STATUS_NOTFOUND;
c131718c 469
1e2e27fd
UD		 470 copy_pwd_changes (result, &pwd, p, plen);
471 give_pwd_free (&pwd);
472 /* We found the entry. */
473 return NSS_STATUS_SUCCESS;
26dee9c4 474}
6259ec0d
UD		 475
476static enum nss_status
477getpwent_next_file (struct passwd *result, ent_t *ent,
d71b808a 478 char *buffer, size_t buflen, int *errnop)
6259ec0d 479{
7e3be507 480 struct parser_data *data = (void *) buffer;
6259ec0d
UD		 481 while (1)
482 {
60c96635 483 fpos_t pos;
26dee9c4 484 char *p;
60c96635 485 int parse_res;
6259ec0d
UD		 486
487 do
488 {
20f8e666 489 /* We need at least 3 characters for one line. */
a1ffb40e 490 if (__glibc_unlikely (buflen < 3))
20f8e666
UD		 491 {
492 erange:
493 *errnop = ERANGE;
494 return NSS_STATUS_TRYAGAIN;
495 }
496
60c96635 497 fgetpos (ent->stream, &pos);
af69217f 498 buffer[buflen - 1] = '\xff';
1aa43890
UD		 499 p = fgets_unlocked (buffer, buflen, ent->stream);
500 if (p == NULL && feof_unlocked (ent->stream))
34816665
UD		 501 return NSS_STATUS_NOTFOUND;
502
20f8e666 503 if (p == NULL || __builtin_expect (buffer[buflen - 1] != '\xff', 0))
d71b808a 504 {
20f8e666 505 erange_reset:
af69217f 506 fsetpos (ent->stream, &pos);
20f8e666 507 goto erange;
d71b808a 508 }
6259ec0d
UD		 509
510 /* Terminate the line for any case. */
511 buffer[buflen - 1] = '\0';
512
513 /* Skip leading blanks. */
514 while (isspace (*p))
515 ++p;
516 }
a04549c1 517 while (*p == '\0' || *p == '#' /* Ignore empty and comment lines. */
1e2e27fd
UD		 518 /* Parse the line. If it is invalid, loop to
519 get the next line of the file to parse. */
a04549c1
JM		 520 || !(parse_res = _nss_files_parse_pwent (p, result, data, buflen,
521 errnop)));
60c96635 522
a1ffb40e 523 if (__glibc_unlikely (parse_res == -1))
20f8e666
UD		 524 /* The parser ran out of space. */
525 goto erange_reset;
6259ec0d
UD		 526
527 if (result->pw_name[0] != '+' && result->pw_name[0] != '-')
528 /* This is a real entry. */
529 break;
530
531 /* -@netgroup */
532 if (result->pw_name[0] == '-' && result->pw_name[1] == '@'
533 && result->pw_name[2] != '\0')
534 {
d71b808a 535 /* XXX Do not use fixed length buffer. */
c131718c 536 char buf2[1024];
6259ec0d 537 char *user, *host, *domain;
c131718c 538 struct __netgrent netgrdata;
6259ec0d 539
1c6e6f23 540 memset (&netgrdata, 0, sizeof (struct __netgrent));
c131718c 541 __internal_setnetgrent (&result->pw_name[2], &netgrdata);
d71b808a
UD		 542 while (__internal_getnetgrent_r (&host, &user, &domain, &netgrdata,
543 buf2, sizeof (buf2), errnop))
6259ec0d
UD		 544 {
545 if (user != NULL && user[0] != '-')
546 blacklist_store_name (user, ent);
547 }
c131718c 548 __internal_endnetgrent (&netgrdata);
6259ec0d
UD		 549 continue;
550 }
551
552 /* +@netgroup */
553 if (result->pw_name[0] == '+' && result->pw_name[1] == '@'
554 && result->pw_name[2] != '\0')
555 {
04c216a8 556 enum nss_status status;
6259ec0d 557
cb62745a
UD		 558 ent->netgroup = true;
559 ent->first = true;
6259ec0d
UD		 560 copy_pwd_changes (&ent->pwd, result, NULL, 0);
561
1e2e27fd
UD		 562 status = getpwent_next_nss_netgr (NULL, result, ent,
563 &result->pw_name[2],
564 buffer, buflen, errnop);
6259ec0d
UD		 565 if (status == NSS_STATUS_RETURN)
566 continue;
567 else
34816665 568 return status;
6259ec0d
UD		 569 }
570
571 /* -user */
572 if (result->pw_name[0] == '-' && result->pw_name[1] != '\0'
573 && result->pw_name[1] != '@')
574 {
575 blacklist_store_name (&result->pw_name[1], ent);
576 continue;
577 }
578
579 /* +user */
580 if (result->pw_name[0] == '+' && result->pw_name[1] != '\0'
581 && result->pw_name[1] != '@')
582 {
bbca27a4
UD		 583 size_t len = strlen (result->pw_name);
584 char buf[len];
26dee9c4 585 enum nss_status status;
c131718c 586
cc3fa755
UD		 587 /* Store the User in the blacklist for the "+" at the end of
588 /etc/passwd */
bbca27a4 589 memcpy (buf, &result->pw_name[1], len);
04c216a8
UD		 590 status = getpwnam_plususer (&result->pw_name[1], result, ent,
591 buffer, buflen, errnop);
592 blacklist_store_name (buf, ent);
593
1e2e27fd 594 if (status == NSS_STATUS_SUCCESS) /* We found the entry. */
26dee9c4 595 break;
1e2e27fd
UD		 596 else if (status == NSS_STATUS_RETURN /* We couldn't parse the entry */
597 || status == NSS_STATUS_NOTFOUND) /* entry doesn't exist */
598 continue;
6259ec0d 599 else
1e2e27fd
UD		 600 {
601 if (status == NSS_STATUS_TRYAGAIN)
602 {
603 /* The parser ran out of space */
604 fsetpos (ent->stream, &pos);
605 *errnop = ERANGE;
606 }
607 return status;
608 }
6259ec0d
UD		 609 }
610
611 /* +:... */
612 if (result->pw_name[0] == '+' && result->pw_name[1] == '\0')
613 {
cb62745a
UD		 614 ent->files = false;
615 ent->first = true;
6259ec0d
UD		 616 copy_pwd_changes (&ent->pwd, result, NULL, 0);
617
1e2e27fd 618 return getpwent_next_nss (result, ent, buffer, buflen, errnop);
6259ec0d
UD		 619 }
620 }
621
622 return NSS_STATUS_SUCCESS;
623}
624
625
626static enum nss_status
627internal_getpwent_r (struct passwd *pw, ent_t *ent, char *buffer,
d71b808a 628 size_t buflen, int *errnop)
6259ec0d
UD		 629{
630 if (ent->netgroup)
631 {
04c216a8 632 enum nss_status status;
6259ec0d
UD		 633
634 /* We are searching members in a netgroup */
635 /* Since this is not the first call, we don't need the group name */
1e2e27fd
UD		 636 status = getpwent_next_nss_netgr (NULL, pw, ent, NULL, buffer, buflen,
637 errnop);
6259ec0d 638 if (status == NSS_STATUS_RETURN)
d71b808a 639 return getpwent_next_file (pw, ent, buffer, buflen, errnop);
6259ec0d
UD		 640 else
641 return status;
642 }
1e2e27fd
UD		 643 else if (ent->files)
644 return getpwent_next_file (pw, ent, buffer, buflen, errnop);
6259ec0d 645 else
1e2e27fd
UD		 646 return getpwent_next_nss (pw, ent, buffer, buflen, errnop);
647
6259ec0d
UD		 648}
649
650enum nss_status
d71b808a
UD		 651_nss_compat_getpwent_r (struct passwd *pwd, char *buffer, size_t buflen,
652 int *errnop)
6259ec0d 653{
1e2e27fd 654 enum nss_status result = NSS_STATUS_SUCCESS;
6259ec0d
UD		 655
656 __libc_lock_lock (lock);
657
1e2e27fd 658 /* Be prepared that the setpwent function was not called before. */
26dee9c4 659 if (ni == NULL)
1e2e27fd 660 init_nss_interface ();
26dee9c4 661
6259ec0d 662 if (ext_ent.stream == NULL)
cb62745a 663 result = internal_setpwent (&ext_ent, 1, 1);
6259ec0d 664
1e2e27fd
UD		 665 if (result == NSS_STATUS_SUCCESS)
666 result = internal_getpwent_r (pwd, &ext_ent, buffer, buflen, errnop);
6259ec0d
UD		 667
668 __libc_lock_unlock (lock);
669
1e2e27fd 670 return result;
6259ec0d
UD		 671}
672
cc3fa755
UD		 673/* Searches in /etc/passwd and the NIS/NIS+ map for a special user */
674static enum nss_status
675internal_getpwnam_r (const char *name, struct passwd *result, ent_t *ent,
d71b808a 676 char *buffer, size_t buflen, int *errnop)
cc3fa755
UD		 677{
678 struct parser_data *data = (void *) buffer;
679
680 while (1)
681 {
682 fpos_t pos;
683 char *p;
684 int parse_res;
685
686 do
687 {
20f8e666 688 /* We need at least 3 characters for one line. */
a1ffb40e 689 if (__glibc_unlikely (buflen < 3))
20f8e666
UD		 690 {
691 erange:
692 *errnop = ERANGE;
693 return NSS_STATUS_TRYAGAIN;
694 }
695
cc3fa755 696 fgetpos (ent->stream, &pos);
af69217f 697 buffer[buflen - 1] = '\xff';
1aa43890
UD		 698 p = fgets_unlocked (buffer, buflen, ent->stream);
699 if (p == NULL && feof_unlocked (ent->stream))
0c6cee5d 700 {
0c6cee5d
UD		 701 return NSS_STATUS_NOTFOUND;
702 }
20f8e666 703 if (p == NULL || __builtin_expect (buffer[buflen - 1] != '\xff', 0))
cc3fa755 704 {
20f8e666 705 erange_reset:
af69217f 706 fsetpos (ent->stream, &pos);
20f8e666 707 goto erange;
cc3fa755
UD		 708 }
709
710 /* Terminate the line for any case. */
711 buffer[buflen - 1] = '\0';
712
713 /* Skip leading blanks. */
714 while (isspace (*p))
715 ++p;
716 }
a04549c1 717 while (*p == '\0' || *p == '#' /* Ignore empty and comment lines. */
cc3fa755 718 /* Parse the line. If it is invalid, loop to
1e2e27fd 719 get the next line of the file to parse. */
a04549c1
JM		 720 || !(parse_res = _nss_files_parse_pwent (p, result, data, buflen,
721 errnop)));
cc3fa755 722
a1ffb40e 723 if (__glibc_unlikely (parse_res == -1))
20f8e666
UD		 724 /* The parser ran out of space. */
725 goto erange_reset;
cc3fa755
UD		 726
727 /* This is a real entry. */
728 if (result->pw_name[0] != '+' && result->pw_name[0] != '-')
729 {
730 if (strcmp (result->pw_name, name) == 0)
731 return NSS_STATUS_SUCCESS;
732 else
733 continue;
734 }
735
736 /* -@netgroup */
737 if (result->pw_name[0] == '-' && result->pw_name[1] == '@'
738 && result->pw_name[2] != '\0')
739 {
04c216a8
UD		 740 if (innetgr (&result->pw_name[2], NULL, name, NULL))
741 return NSS_STATUS_NOTFOUND;
cc3fa755
UD		 742 continue;
743 }
744
745 /* +@netgroup */
746 if (result->pw_name[0] == '+' && result->pw_name[1] == '@'
747 && result->pw_name[2] != '\0')
748 {
04c216a8 749 enum nss_status status;
cc3fa755 750
04c216a8 751 if (innetgr (&result->pw_name[2], NULL, name, NULL))
cc3fa755 752 {
04c216a8
UD		 753 status = getpwnam_plususer (name, result, ent, buffer,
754 buflen, errnop);
cc3fa755 755
1e2e27fd
UD		 756 if (status == NSS_STATUS_RETURN)
757 continue;
04c216a8
UD		 758
759 return status;
760 }
cc3fa755
UD		 761 continue;
762 }
763
764 /* -user */
765 if (result->pw_name[0] == '-' && result->pw_name[1] != '\0'
766 && result->pw_name[1] != '@')
767 {
768 if (strcmp (&result->pw_name[1], name) == 0)
34816665 769 return NSS_STATUS_NOTFOUND;
cc3fa755
UD		 770 else
771 continue;
772 }
773
774 /* +user */
775 if (result->pw_name[0] == '+' && result->pw_name[1] != '\0'
776 && result->pw_name[1] != '@')
777 {
778 if (strcmp (name, &result->pw_name[1]) == 0)
779 {
780 enum nss_status status;
781
04c216a8 782 status = getpwnam_plususer (name, result, ent, buffer, buflen,
d71b808a 783 errnop);
cc3fa755
UD		 784 if (status == NSS_STATUS_RETURN)
785 /* We couldn't parse the entry */
786 return NSS_STATUS_NOTFOUND;
787 else
788 return status;
789 }
790 }
791
792 /* +:... */
793 if (result->pw_name[0] == '+' && result->pw_name[1] == '\0')
794 {
795 enum nss_status status;
796
04c216a8
UD		 797 status = getpwnam_plususer (name, result, ent,
798 buffer, buflen, errnop);
1e2e27fd 799 if (status == NSS_STATUS_SUCCESS) /* We found the entry. */
cc3fa755 800 break;
1e2e27fd
UD		 801 else if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */
802 return NSS_STATUS_NOTFOUND;
cc3fa755 803 else
1e2e27fd 804 return status;
cc3fa755
UD		 805 }
806 }
807 return NSS_STATUS_SUCCESS;
808}
6259ec0d
UD		 809
810enum nss_status
811_nss_compat_getpwnam_r (const char *name, struct passwd *pwd,
d71b808a 812 char *buffer, size_t buflen, int *errnop)
6259ec0d 813{
1e2e27fd 814 enum nss_status result;
cb62745a
UD		 815 ent_t ent = { false, false, true, NSS_STATUS_SUCCESS, NULL, { NULL, 0, 0 },
816 { NULL, NULL, 0, 0, NULL, NULL, NULL }};
6259ec0d
UD		 817
818 if (name[0] == '-' || name[0] == '+')
34816665 819 return NSS_STATUS_NOTFOUND;
6259ec0d 820
26dee9c4
UD		 821 __libc_lock_lock (lock);
822
823 if (ni == NULL)
1e2e27fd 824 init_nss_interface ();
c131718c 825
26dee9c4 826 __libc_lock_unlock (lock);
6259ec0d 827
cb62745a 828 result = internal_setpwent (&ent, 0, 0);
6259ec0d 829
1e2e27fd
UD		 830 if (result == NSS_STATUS_SUCCESS)
831 result = internal_getpwnam_r (name, pwd, &ent, buffer, buflen, errnop);
6259ec0d 832
790b8dda 833 internal_endpwent_noerror (&ent);
cc3fa755 834
1e2e27fd 835 return result;
6259ec0d
UD		 836}
837
cc3fa755
UD		 838/* This function handle the + entry in /etc/passwd for getpwuid */
839static enum nss_status
840getpwuid_plususer (uid_t uid, struct passwd *result, char *buffer,
1e2e27fd 841 size_t buflen, int *errnop)
cc3fa755 842{
cc3fa755 843 struct passwd pwd;
cc3fa755
UD		 844 char *p;
845 size_t plen;
846
8a922141 847 if (!getpwuid_r_impl)
1e2e27fd
UD		 848 return NSS_STATUS_UNAVAIL;
849
cc3fa755
UD		 850 memset (&pwd, '\0', sizeof (struct passwd));
851
852 copy_pwd_changes (&pwd, result, NULL, 0);
853
854 plen = pwd_need_buflen (&pwd);
855 if (plen > buflen)
856 {
d71b808a 857 *errnop = ERANGE;
cc3fa755
UD		 858 return NSS_STATUS_TRYAGAIN;
859 }
860 p = buffer + (buflen - plen);
861 buflen -= plen;
862
8a922141 863 if (getpwuid_r_impl (uid, result, buffer, buflen, errnop) ==
1e2e27fd 864 NSS_STATUS_SUCCESS)
cc3fa755
UD		 865 {
866 copy_pwd_changes (result, &pwd, p, plen);
867 give_pwd_free (&pwd);
868 /* We found the entry. */
869 return NSS_STATUS_SUCCESS;
870 }
871 else
872 {
873 /* Give buffer the old len back */
874 buflen += plen;
875 give_pwd_free (&pwd);
876 }
877 return NSS_STATUS_RETURN;
878}
879
1e2e27fd 880/* Searches in /etc/passwd and the NSS subsystem for a special user id */
cc3fa755
UD		 881static enum nss_status
882internal_getpwuid_r (uid_t uid, struct passwd *result, ent_t *ent,
1e2e27fd 883 char *buffer, size_t buflen, int *errnop)
cc3fa755
UD		 884{
885 struct parser_data *data = (void *) buffer;
886
887 while (1)
888 {
889 fpos_t pos;
890 char *p;
891 int parse_res;
892
893 do
1e2e27fd 894 {
20f8e666 895 /* We need at least 3 characters for one line. */
a1ffb40e 896 if (__glibc_unlikely (buflen < 3))
20f8e666
UD		 897 {
898 erange:
899 *errnop = ERANGE;
900 return NSS_STATUS_TRYAGAIN;
901 }
902
1e2e27fd
UD		 903 fgetpos (ent->stream, &pos);
904 buffer[buflen - 1] = '\xff';
1aa43890
UD		 905 p = fgets_unlocked (buffer, buflen, ent->stream);
906 if (p == NULL && feof_unlocked (ent->stream))
34816665
UD		 907 return NSS_STATUS_NOTFOUND;
908
20f8e666 909 if (p == NULL || __builtin_expect (buffer[buflen - 1] != '\xff', 0))
1e2e27fd 910 {
20f8e666 911 erange_reset:
1e2e27fd 912 fsetpos (ent->stream, &pos);
20f8e666 913 goto erange;
1e2e27fd
UD		 914 }
915
916 /* Terminate the line for any case. */
917 buffer[buflen - 1] = '\0';
918
919 /* Skip leading blanks. */
920 while (isspace (*p))
921 ++p;
922 }
a04549c1 923 while (*p == '\0' || *p == '#' /* Ignore empty and comment lines. */
1e2e27fd
UD		 924 /* Parse the line. If it is invalid, loop to
925 get the next line of the file to parse. */
a04549c1
JM		 926 || !(parse_res = _nss_files_parse_pwent (p, result, data, buflen,
927 errnop)));
cc3fa755 928
a1ffb40e 929 if (__glibc_unlikely (parse_res == -1))
20f8e666
UD		 930 /* The parser ran out of space. */
931 goto erange_reset;
cc3fa755
UD		 932
933 /* This is a real entry. */
934 if (result->pw_name[0] != '+' && result->pw_name[0] != '-')
1e2e27fd
UD		 935 {
936 if (result->pw_uid == uid)
937 return NSS_STATUS_SUCCESS;
938 else
939 continue;
940 }
cc3fa755
UD		 941
942 /* -@netgroup */
943 if (result->pw_name[0] == '-' && result->pw_name[1] == '@'
1e2e27fd
UD		 944 && result->pw_name[2] != '\0')
945 {
bbca27a4
UD		 946 /* -1, because we remove first two character of pw_name. */
947 size_t len = strlen (result->pw_name) - 1;
948 char buf[len];
04c216a8 949 enum nss_status status;
cc3fa755 950
bbca27a4 951 memcpy (buf, &result->pw_name[2], len);
04c216a8
UD		 952
953 status = getpwuid_plususer (uid, result, buffer, buflen, errnop);
34a5a146
JM		 954 if (status == NSS_STATUS_SUCCESS
955 && innetgr (buf, NULL, result->pw_name, NULL))
34816665
UD		 956 return NSS_STATUS_NOTFOUND;
957
1e2e27fd
UD		 958 continue;
959 }
cc3fa755
UD		 960
961 /* +@netgroup */
962 if (result->pw_name[0] == '+' && result->pw_name[1] == '@'
1e2e27fd
UD		 963 && result->pw_name[2] != '\0')
964 {
bbca27a4
UD		 965 /* -1, because we remove first two characters of pw_name. */
966 size_t len = strlen (result->pw_name) - 1;
967 char buf[len];
04c216a8 968 enum nss_status status;
cc3fa755 969
bbca27a4 970 memcpy (buf, &result->pw_name[2], len);
cc3fa755 971
04c216a8
UD		 972 status = getpwuid_plususer (uid, result, buffer, buflen, errnop);
973
974 if (status == NSS_STATUS_RETURN)
975 continue;
cc3fa755 976
04c216a8
UD		 977 if (status == NSS_STATUS_SUCCESS)
978 {
979 if (innetgr (buf, NULL, result->pw_name, NULL))
cc3fa755 980 return NSS_STATUS_SUCCESS;
04c216a8 981 }
1e2e27fd
UD		 982 else if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */
983 return NSS_STATUS_NOTFOUND;
04c216a8 984 else
1e2e27fd 985 return status;
04c216a8 986
1e2e27fd 987 continue;
cc3fa755
UD		 988 }
989
990 /* -user */
991 if (result->pw_name[0] == '-' && result->pw_name[1] != '\0'
1e2e27fd
UD		 992 && result->pw_name[1] != '@')
993 {
bbca27a4
UD		 994 size_t len = strlen (result->pw_name);
995 char buf[len];
04c216a8
UD		 996 enum nss_status status;
997
bbca27a4 998 memcpy (buf, &result->pw_name[1], len);
04c216a8
UD		 999
1000 status = getpwuid_plususer (uid, result, buffer, buflen, errnop);
34a5a146
JM		 1001 if (status == NSS_STATUS_SUCCESS
1002 && innetgr (buf, NULL, result->pw_name, NULL))
34816665 1003 return NSS_STATUS_NOTFOUND;
1e2e27fd
UD		 1004 continue;
1005 }
cc3fa755
UD		 1006
1007 /* +user */
1008 if (result->pw_name[0] == '+' && result->pw_name[1] != '\0'
1e2e27fd
UD		 1009 && result->pw_name[1] != '@')
1010 {
bbca27a4
UD		 1011 size_t len = strlen (result->pw_name);
1012 char buf[len];
cc3fa755
UD		 1013 enum nss_status status;
1014
bbca27a4 1015 memcpy (buf, &result->pw_name[1], len);
04c216a8
UD		 1016
1017 status = getpwuid_plususer (uid, result, buffer, buflen, errnop);
1018
1019 if (status == NSS_STATUS_RETURN)
cc3fa755 1020 continue;
04c216a8
UD		 1021
1022 if (status == NSS_STATUS_SUCCESS)
1023 {
1024 if (strcmp (buf, result->pw_name) == 0)
1025 return NSS_STATUS_SUCCESS;
1026 }
1e2e27fd
UD		 1027 else if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */
1028 return NSS_STATUS_NOTFOUND;
04c216a8 1029 else
1e2e27fd 1030 return status;
04c216a8 1031
1e2e27fd
UD		 1032 continue;
1033 }
cc3fa755
UD		 1034
1035 /* +:... */
1036 if (result->pw_name[0] == '+' && result->pw_name[1] == '\0')
1e2e27fd
UD		 1037 {
1038 enum nss_status status;
1039
1040 status = getpwuid_plususer (uid, result, buffer, buflen, errnop);
1041 if (status == NSS_STATUS_SUCCESS) /* We found the entry. */
1042 break;
1043 else if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */
1044 return NSS_STATUS_NOTFOUND;
1045 else
1046 return status;
1047 }
cc3fa755
UD		 1048 }
1049 return NSS_STATUS_SUCCESS;
1050}
6259ec0d
UD		 1051
1052enum nss_status
1053_nss_compat_getpwuid_r (uid_t uid, struct passwd *pwd,
1e2e27fd 1054 char *buffer, size_t buflen, int *errnop)
6259ec0d 1055{
1e2e27fd 1056 enum nss_status result;
cb62745a
UD		 1057 ent_t ent = { false, false, true, NSS_STATUS_SUCCESS, NULL, { NULL, 0, 0 },
1058 { NULL, NULL, 0, 0, NULL, NULL, NULL }};
c131718c 1059
26dee9c4 1060 __libc_lock_lock (lock);
c131718c 1061
26dee9c4 1062 if (ni == NULL)
1e2e27fd 1063 init_nss_interface ();
c131718c 1064
26dee9c4 1065 __libc_lock_unlock (lock);
c131718c 1066
cb62745a 1067 result = internal_setpwent (&ent, 0, 0);
6259ec0d 1068
1e2e27fd
UD		 1069 if (result == NSS_STATUS_SUCCESS)
1070 result = internal_getpwuid_r (uid, pwd, &ent, buffer, buflen, errnop);
6259ec0d 1071
790b8dda 1072 internal_endpwent_noerror (&ent);
cc3fa755 1073
1e2e27fd 1074 return result;
6259ec0d
UD		 1075}
1076
1077
1078/* Support routines for remembering -@netgroup and -user entries.
1079 The names are stored in a single string with `|' as separator. */
1080static void
1081blacklist_store_name (const char *name, ent_t *ent)
1082{
1083 int namelen = strlen (name);
1084 char *tmp;
1085
1086 /* first call, setup cache */
1087 if (ent->blacklist.size == 0)
1088 {
1089 ent->blacklist.size = MAX (BLACKLIST_INITIAL_SIZE, 2 * namelen);
1090 ent->blacklist.data = malloc (ent->blacklist.size);
1091 if (ent->blacklist.data == NULL)
1092 return;
1093 ent->blacklist.data[0] = '|';
1094 ent->blacklist.data[1] = '\0';
1095 ent->blacklist.current = 1;
1096 }
1097 else
1098 {
1099 if (in_blacklist (name, namelen, ent))
1100 return; /* no duplicates */
1101
1102 if (ent->blacklist.current + namelen + 1 >= ent->blacklist.size)
1103 {
1104 ent->blacklist.size += MAX (BLACKLIST_INCREMENT, 2 * namelen);
1105 tmp = realloc (ent->blacklist.data, ent->blacklist.size);
1106 if (tmp == NULL)
1107 {
1108 free (ent->blacklist.data);
1109 ent->blacklist.size = 0;
1110 return;
1111 }
1112 ent->blacklist.data = tmp;
1113 }
1114 }
1115
1116 tmp = stpcpy (ent->blacklist.data + ent->blacklist.current, name);
1117 *tmp++ = '|';
1118 *tmp = '\0';
1119 ent->blacklist.current += namelen + 1;
1120
1121 return;
1122}
1123
64d1e08e
AS		 1124/* Returns whether ent->blacklist contains name. */
1125static bool
6259ec0d
UD		 1126in_blacklist (const char *name, int namelen, ent_t *ent)
1127{
1128 char buf[namelen + 3];
c131718c 1129 char *cp;
6259ec0d
UD		 1130
1131 if (ent->blacklist.data == NULL)
64d1e08e 1132 return false;
6259ec0d 1133
c131718c
UD		 1134 buf[0] = '|';
1135 cp = stpcpy (&buf[1], name);
1e2e27fd 1136 *cp++ = '|';
c131718c 1137 *cp = '\0';
6259ec0d
UD		 1138 return strstr (ent->blacklist.data, buf) != NULL;
1139}
A mirror of the official glibc repository