usr/src/lib/nsswitch/compat/common/getspent.c

root/usr/src/lib/nsswitch/compat/common/getspent.c
/*
 * CDDL HEADER START
 *
 * The contents of this file are subject to the terms of the
 * Common Development and Distribution License (the "License").
 * You may not use this file except in compliance with the License.
 *
 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 * or http://www.opensolaris.org/os/licensing.
 * See the License for the specific language governing permissions
 * and limitations under the License.
 *
 * When distributing Covered Code, include this CDDL HEADER in each
 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
 * If applicable, add the following below this CDDL HEADER, with the
 * fields enclosed by brackets "[]" replaced with your own identifying
 * information: Portions Copyright [yyyy] [name of copyright owner]
 *
 * CDDL HEADER END
 */
/*
 * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
 * Use is subject to license terms.
 */
/*
 *      getspent.c
 *
 * lib/nsswitch/compat/getspent.c -- name-service-switch backend for getspnam()
 *   It looks in /etc/shadow; if it finds shadow entries there that begin
 *   with "+" or "-", it consults other services.  By default it uses NIS (YP),
 *   but the user can override this with a "passwd_compat" entry in
 *   /etc/nsswitch.conf, e.g.
 *                      passwd_compat: ldap
 * The main criterion for this code is that it behave in the same way as
 * the code for getpwnam() and friends (in getpwent.c).  Note that it uses
 * the same nsswitch.conf entry, not a separate entry for "shadow_compat".
 *
 * Caveats:
 *    - More than one source may be specified, with the usual switch semantics,
 *      but having multiple sources here is definitely odd.
 *    - People who recursively specify "compat" deserve what they get.
 *    - Entries that begin with "+@" or "-@" are interpreted using
 *      getnetgrent() and innetgr(), which use the "netgroup" entry in
 *      /etc/nsswitch.conf.  If the sources for "passwd_compat" and "netgroup"
 *      differ, everything should work fine, but the semantics will be pretty
 *      confusing.
 */

#include <shadow.h>
#include <string.h>
#include <stdlib.h>
#include "compat_common.h"

static DEFINE_NSS_DB_ROOT(db_root);

static void
_nss_initf_shadow_compat(p)
        nss_db_params_t *p;
{
        p->name           = NSS_DBNAM_SHADOW;
        p->config_name    = NSS_DBNAM_PASSWD_COMPAT;
        p->default_config = NSS_DEFCONF_PASSWD_COMPAT;
}

static const char *
get_spnamp(argp)
        nss_XbyY_args_t         *argp;
{
        struct spwd             *s = (struct spwd *)argp->returnval;

        return (s->sp_namp);
}

static int
check_spnamp(argp)
        nss_XbyY_args_t         *argp;
{
        struct spwd             *s = (struct spwd *)argp->returnval;

        return (strcmp(s->sp_namp, argp->key.name) == 0);
}

static nss_status_t
getbyname(be, a)
        compat_backend_ptr_t    be;
        void                    *a;
{
        nss_XbyY_args_t         *argp = (nss_XbyY_args_t *)a;

        return (_nss_compat_XY_all(be, argp, check_spnamp,
                                NSS_DBOP_SHADOW_BYNAME));
}

/*ARGSUSED*/
static int
merge_spents(be, argp, fields)
        compat_backend_ptr_t    be;
        nss_XbyY_args_t         *argp;
        const char              **fields;
{
        struct spwd             *sp     = (struct spwd *)argp->buf.result;

        /*
         * Don't allow overriding of the username;  apart from that,
         *   anything is fair game.
         */

        if (fields[1] != 0) {
                size_t  namelen = strlen(sp->sp_namp) + 1;
                size_t  passlen = strlen(fields[1])   + 1;

                /* ===> Probably merits an explanation... */
                if (namelen + passlen > argp->buf.buflen) {
                        return (NSS_STR_PARSE_ERANGE);
                }
                if (sp->sp_namp != argp->buf.buffer) {
                        (void) memmove(argp->buf.buffer,
                                sp->sp_namp, namelen);
                        sp->sp_namp = argp->buf.buffer;
                }
                (void) memcpy(argp->buf.buffer + namelen,
                        fields[1], passlen);
        }

#define override(field, longp)                          \
        if ((field) != 0) {                             \
                char    *end;                           \
                long    val = strtol(field, &end, 10);  \
                                                        \
                if (*end == '\0') {                     \
                        *(longp) = val;                 \
                } else {                                \
                        return (NSS_STR_PARSE_PARSE);   \
                }                                       \
        }

        /* do not override last changed date, it never gets reset. */
        /* override(fields[2], &sp->sp_lstchg); */
        override(fields[3], &sp->sp_min);
        override(fields[4], &sp->sp_max);
        override(fields[5], &sp->sp_warn);
        override(fields[6], &sp->sp_inact);
        override(fields[7], &sp->sp_expire);
        override(fields[8], &sp->sp_flag);

        /*
         * if asked, return the data in /etc file format
         */
        if (be->return_string_data == 1) {
                int     n;
                char    b[16 * 7];

                /* reset the result ptr to the original value */
                argp->buf.result = NULL;

#define printnum(i, num)        \
    sprintf(b + (i * 16), "%d", num)) ? b + (i * 16) : ""

                n = snprintf(argp->buf.buffer, argp->buf.buflen,
                        "%s:%s:%s:%s:%s:%s:%s:%s:%s", sp->sp_namp,
                        (sp->sp_pwdp ? sp->sp_pwdp : ""),
                        (sp->sp_lstchg >= 0 && printnum(0, sp->sp_lstchg),
                        (sp->sp_min >= 0 && printnum(1, sp->sp_min),
                        (sp->sp_max >= 0 && printnum(2, sp->sp_max),
                        (sp->sp_warn > 0 && printnum(3, sp->sp_warn),
                        (sp->sp_inact > 0 && printnum(4, sp->sp_inact),
                        (sp->sp_expire > 0 && printnum(5, sp->sp_expire),
                        (sp->sp_flag != 0 && printnum(6, sp->sp_flag));

                if (n > argp->buf.buflen)
                        return (NSS_STR_PARSE_ERANGE);
                else {
                        argp->returnlen = n - 1;
                        return (NSS_SUCCESS);
                }

        } else
                return (NSS_STR_PARSE_SUCCESS);
}

static compat_backend_op_t shadow_ops[] = {
        _nss_compat_destr,
        _nss_compat_endent,
        _nss_compat_setent,
        _nss_compat_getent,
        getbyname
};

/*ARGSUSED*/
nss_backend_t *
_nss_compat_shadow_constr(dummy1, dummy2, dummy3)
        const char      *dummy1, *dummy2, *dummy3;
{
        return (_nss_compat_constr(shadow_ops,
                                sizeof (shadow_ops) / sizeof (shadow_ops[0]),
                                SHADOW,
                                NSS_LINELEN_SHADOW,
                                &db_root,
                                _nss_initf_shadow_compat,
                                1,
                                get_spnamp,
                                merge_spents));
}
Illumos
