From 557b63be064eb8ba4a584f5260533aa7db19e65d Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 5 Nov 2007 15:38:36 +0100 Subject: r25834: nss_wrapper: add lib/nss_wrapper skeleton metze (This used to be commit 9fdde8d5f5cc3ea49c0fb4078d7989058462e1d2) --- source4/lib/nss_wrapper/nss_wrapper.c | 180 ++++++++++++++++++++++++++++++++++ 1 file changed, 180 insertions(+) create mode 100644 source4/lib/nss_wrapper/nss_wrapper.c (limited to 'source4/lib/nss_wrapper/nss_wrapper.c') diff --git a/source4/lib/nss_wrapper/nss_wrapper.c b/source4/lib/nss_wrapper/nss_wrapper.c new file mode 100644 index 0000000000..b8c65c405d --- /dev/null +++ b/source4/lib/nss_wrapper/nss_wrapper.c @@ -0,0 +1,180 @@ +/* + * Copyright (C) Stefan Metzmacher 2007 + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the author nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef _SAMBA_BUILD_ + +#define NSS_WRAPPER_NOT_REPLACE +#include "lib/replace/replace.h" +#include "system/passwd.h" +#include "system/filesys.h" + +#else /* _SAMBA_BUILD_ */ + +#error nss_wrapper_only_supported_in_samba_yet + +#endif + +#ifndef _PUBLIC_ +#define _PUBLIC_ +#endif + +/* LD_PRELOAD doesn't work yet, so REWRITE_CALLS is all we support + * for now */ +#define REWRITE_CALLS + +#ifdef REWRITE_CALLS + +#define real_getpwnam getpwnam +#define real_getpwnam_r getpwnam_r +#define real_getpwuid getpwuid +#define real_getpwuid_r getpwuid_r + +#define real_setpwent setpwent +#define real_getpwent getpwent +#define real_getpwent_r getpwent_r +#define real_endpwent endpwent + +/* +#define real_getgrlst getgrlst +#define real_getgrlst_r getgrlst_r +#define real_initgroups_dyn initgroups_dyn +*/ +#define real_initgroups initgroups + +#define real_getgrnam getgrnam +#define real_getgrnam_r getgrnam_r +#define real_getgrgid getgrgid +#define real_getgrgid_r getgrgid_r + +#define real_setgrent setgrent +#define real_getgrent getgrent +#define real_getgrent_r getgrent_r +#define real_endgrent endgrent + +#endif + +/* user functions */ +_PUBLIC_ struct passwd *nwrap_getpwnam(const char *name) +{ + return real_getpwnam(name); +} + +_PUBLIC_ int nwrap_getpwnam_r(const char *name, struct passwd *pwbuf, + char *buf, size_t buflen, struct passwd **pwbufp) +{ + return real_getpwnam_r(name, pwbuf, buf, buflen, pwbufp); +} + +_PUBLIC_ struct passwd *nwrap_getpwuid(uid_t uid) +{ + return real_getpwuid(uid); +} + +_PUBLIC_ int nwrap_getpwuid_r(uid_t uid, struct passwd *pwbuf, + char *buf, size_t buflen, struct passwd **pwbufp) +{ + return real_getpwuid_r(uid, pwbuf, buf, buflen, pwbufp); +} + +/* user enum functions */ +_PUBLIC_ void nwrap_setpwent(void) +{ + real_setpwent(); +} + +_PUBLIC_ struct passwd *nwrap_getpwent(void) +{ + return real_getpwent(); +} + +_PUBLIC_ int nwrap_getpwent_r(struct passwd *pwbuf, char *buf, + size_t buflen, struct passwd **pwbufp) +{ + return real_getpwent_r(pwbuf, buf, buflen, pwbufp); +} + +_PUBLIC_ void nwrap_endpwent(void) +{ + real_endpwent(); +} + +/* misc functions */ +_PUBLIC_ int nwrap_initgroups(const char *user, gid_t group) +{ + return real_initgroups(user, group); +} + +/* group functions */ +_PUBLIC_ struct group *nwrap_getgrnam(const char *name) +{ + return real_getgrnam(name); +} + +_PUBLIC_ int nwrap_getgrnam_r(const char *name, struct group *gbuf, + char *buf, size_t buflen, struct group **gbufp) +{ + return real_getgrnam_r(name, gbuf, buf, buflen, gbufp); +} + +_PUBLIC_ struct group *nwrap_getgrgid(gid_t gid) +{ + return real_getgrgid(gid); +} + +_PUBLIC_ int nwrap_getgrgid_r(gid_t gid, struct group *gbuf, + char *buf, size_t buflen, struct group **gbufp) +{ + return real_getgrgid_r(gid, gbuf, buf, buflen, gbufp); +} + +/* group enum functions */ +_PUBLIC_ void nwrap_setgrent(void) +{ + real_setgrent(); +} + +_PUBLIC_ struct group *nwrap_getgrent(void) +{ + return real_getgrent(); +} + +_PUBLIC_ int nwrap_getgrent_r(struct group *gbuf, char *buf, + size_t buflen, struct group **gbufp) +{ + return real_getgrent_r(gbuf, buf, buflen, gbufp); +} + +_PUBLIC_ void nwrap_endgrent(void) +{ + real_endgrent(); +} -- cgit From b8da353a028b9ce35f1d8caa7f3401563f022ae3 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 5 Nov 2007 15:39:46 +0100 Subject: r25835: nss_wrapper: add support for passwd accounts The NSS_WRAPPER_PASSWD envvar should point to the /etc/passwd style file. metze (This used to be commit c98028458ab451bdde6ec2df6a12babc52ec1625) --- source4/lib/nss_wrapper/nss_wrapper.c | 581 +++++++++++++++++++++++++++++++++- 1 file changed, 567 insertions(+), 14 deletions(-) (limited to 'source4/lib/nss_wrapper/nss_wrapper.c') diff --git a/source4/lib/nss_wrapper/nss_wrapper.c b/source4/lib/nss_wrapper/nss_wrapper.c index b8c65c405d..b746d3ea61 100644 --- a/source4/lib/nss_wrapper/nss_wrapper.c +++ b/source4/lib/nss_wrapper/nss_wrapper.c @@ -83,49 +83,602 @@ #endif +#if 0 +# ifdef DEBUG +# define NWRAP_ERROR(args) DEBUG(0, args) +# else +# define NWRAP_ERROR(args) printf args +# endif +#else +#define NWRAP_ERROR(args) +#endif + +#if 0 +# ifdef DEBUG +# define NWRAP_DEBUG(args) DEBUG(0, args) +# else +# define NWRAP_DEBUG(args) printf args +# endif +#else +#define NWRAP_DEBUG(args) +#endif + +#if 0 +# ifdef DEBUG +# define NWRAP_VERBOSE(args) DEBUG(0, args) +# else +# define NWRAP_VERBOSE(args) printf args +# endif +#else +#define NWRAP_VERBOSE(args) +#endif + +struct nwrap_cache { + const char *path; + int fd; + struct stat st; + uint8_t *buf; + void *private_data; + bool (*parse_line)(struct nwrap_cache *, char *line); + void (*unload)(struct nwrap_cache *); +}; + +struct nwrap_pw { + struct nwrap_cache *cache; + + struct passwd *list; + int num; + int idx; +}; + +struct nwrap_cache __nwrap_cache_pw; +struct nwrap_pw nwrap_pw_global; + +static bool nwrap_pw_parse_line(struct nwrap_cache *nwrap, char *line); +static void nwrap_pw_unload(struct nwrap_cache *nwrap); + +static void nwrap_init(void) +{ + static bool initialized; + + if (initialized) return; + initialized = true; + + nwrap_pw_global.cache = &__nwrap_cache_pw; + + nwrap_pw_global.cache->path = getenv("NSS_WRAPPER_PASSWD"); + nwrap_pw_global.cache->fd = -1; + nwrap_pw_global.cache->private_data = &nwrap_pw_global; + nwrap_pw_global.cache->parse_line = nwrap_pw_parse_line; + nwrap_pw_global.cache->unload = nwrap_pw_unload; +} + +static bool nwrap_enabled(void) +{ + nwrap_init(); + + if (!nwrap_pw_global.cache->path) { + return false; + } + if (nwrap_pw_global.cache->path[0] == '\0') { + return false; + } + + return true; +} + +static bool nwrap_parse_file(struct nwrap_cache *nwrap) +{ + int ret; + uint8_t *buf = NULL; + char *nline; + + if (nwrap->st.st_size == 0) { + NWRAP_DEBUG(("%s: size == 0\n", + __location__)); + goto done; + } + + if (nwrap->st.st_size > INT32_MAX) { + NWRAP_ERROR(("%s: size[%u] larger than INT32_MAX\n", + __location__, (unsigned)nwrap->st.st_size)); + goto failed; + } + + ret = lseek(nwrap->fd, 0, SEEK_SET); + if (ret != 0) { + NWRAP_ERROR(("%s: lseek - %d\n",__location__,ret)); + goto failed; + } + + buf = malloc(nwrap->st.st_size + 1); + if (!buf) { + NWRAP_ERROR(("%s: malloc failed\n",__location__)); + goto failed; + } + + ret = read(nwrap->fd, buf, nwrap->st.st_size); + if (ret != nwrap->st.st_size) { + NWRAP_ERROR(("%s: read(%u) gave %d\n", + __location__, (unsigned)nwrap->st.st_size, ret)); + goto failed; + } + + buf[nwrap->st.st_size] = '\0'; + + nline = (char *)buf; + while (nline && nline[0]) { + char *line; + char *e; + bool ok; + + line = nline; + nline = NULL; + + e = strchr(line, '\n'); + if (e) { + e[0] = '\0'; + e++; + if (e[0] == '\r') { + e[0] = '\0'; + e++; + } + nline = e; + } + + NWRAP_VERBOSE(("%s:'%s'\n",__location__, line)); + + if (strlen(line) == 0) { + continue; + } + + ok = nwrap->parse_line(nwrap, line); + if (!ok) { + goto failed; + } + } + +done: + nwrap->buf = buf; + return true; + +failed: + if (buf) free(buf); + return false; +} + +static void nwrap_cache_unload(struct nwrap_cache *nwrap) +{ + nwrap->unload(nwrap); + + if (nwrap->buf) free(nwrap->buf); + + nwrap->buf = NULL; +} + +static void nwrap_cache_reload(struct nwrap_cache *nwrap) +{ + struct stat st; + int ret; + bool ok; + bool retried = false; + +reopen: + if (nwrap->fd < 0) { + nwrap->fd = open(nwrap->path, O_RDONLY); + if (nwrap->fd < 0) { + NWRAP_ERROR(("%s: unable to open '%s' readonly %d:%s\n", + __location__, + nwrap->path, nwrap->fd, + strerror(errno))); + return; + } + NWRAP_VERBOSE(("%s: open '%s'\n", __location__, nwrap->path)); + } + + ret = fstat(nwrap->fd, &st); + if (ret != 0) { + NWRAP_ERROR(("%s: fstat(%s) - %d:%s\n", + __location__, + nwrap->path, + ret, strerror(errno))); + return; + } + + if (retried == false && st.st_nlink == 0) { + /* maybe someone has replaced the file... */ + NWRAP_DEBUG(("%s: st_nlink == 0, reopen %s\n", + __location__, nwrap->path)); + retried = true; + memset(&nwrap->st, 0, sizeof(nwrap->st)); + close(nwrap->fd); + nwrap->fd = -1; + goto reopen; + } + + if (st.st_mtime == nwrap->st.st_mtime) { + NWRAP_VERBOSE(("%s: st_mtime[%u] hasn't changed, skip reload\n", + __location__, (unsigned)st.st_mtime)); + return; + } + NWRAP_DEBUG(("%s: st_mtime has changed [%u] => [%u], start reload\n", + __location__, (unsigned)st.st_mtime, + (unsigned)nwrap->st.st_mtime)); + + nwrap->st = st; + + nwrap_cache_unload(nwrap); + + ok = nwrap_parse_file(nwrap); + if (!ok) { + NWRAP_ERROR(("%s: failed to reload %s\n", + __location__, nwrap->path)); + nwrap_cache_unload(nwrap); + } + NWRAP_DEBUG(("%s: reloaded %s\n", + __location__, nwrap->path)); +} + +/* + * the caller has to call nwrap_unload() on failure + */ +static bool nwrap_pw_parse_line(struct nwrap_cache *nwrap, char *line) +{ + struct nwrap_pw *nwrap_pw; + char *c; + char *p; + char *e; + struct passwd *pw; + size_t list_size; + + nwrap_pw = (struct nwrap_pw *)nwrap->private_data; + + list_size = sizeof(*nwrap_pw->list) * (nwrap_pw->num+1); + pw = (struct passwd *)realloc(nwrap_pw->list, list_size); + if (!pw) { + NWRAP_ERROR(("%s:realloc(%u) failed\n", + __location__, list_size)); + return false; + } + nwrap_pw->list = pw; + + pw = &nwrap_pw->list[nwrap_pw->num]; + + c = line; + + /* name */ + p = strchr(c, ':'); + if (!p) { + NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n", + __location__, line, c)); + return false; + } + *p = '\0'; + p++; + pw->pw_name = c; + c = p; + + NWRAP_VERBOSE(("name[%s]\n", pw->pw_name)); + + /* password */ + p = strchr(c, ':'); + if (!p) { + NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n", + __location__, line, c)); + return false; + } + *p = '\0'; + p++; + pw->pw_passwd = c; + c = p; + + NWRAP_VERBOSE(("password[%s]\n", pw->pw_passwd)); + + /* uid */ + p = strchr(c, ':'); + if (!p) { + NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n", + __location__, line, c)); + return false; + } + *p = '\0'; + p++; + e = NULL; + pw->pw_uid = (uid_t)strtoul(c, &e, 10); + if (c == e) { + NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n", + __location__, line, c, strerror(errno))); + return false; + } + if (e == NULL) { + NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n", + __location__, line, c, strerror(errno))); + return false; + } + if (e[0] != '\0') { + NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n", + __location__, line, c, strerror(errno))); + return false; + } + c = p; + + NWRAP_VERBOSE(("uid[%u]\n", pw->pw_uid)); + + /* gid */ + p = strchr(c, ':'); + if (!p) { + NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n", + __location__, line, c)); + return false; + } + *p = '\0'; + p++; + e = NULL; + pw->pw_gid = (gid_t)strtoul(c, &e, 10); + if (c == e) { + NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n", + __location__, line, c, strerror(errno))); + return false; + } + if (e == NULL) { + NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n", + __location__, line, c, strerror(errno))); + return false; + } + if (e[0] != '\0') { + NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n", + __location__, line, c, strerror(errno))); + return false; + } + c = p; + + NWRAP_VERBOSE(("gid[%u]\n", pw->pw_gid)); + + /* gecos */ + p = strchr(c, ':'); + if (!p) { + NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n", + __location__, line, c)); + return false; + } + *p = '\0'; + p++; + pw->pw_gecos = c; + c = p; + + NWRAP_VERBOSE(("gecos[%s]\n", pw->pw_gecos)); + + /* dir */ + p = strchr(c, ':'); + if (!p) { + NWRAP_ERROR(("%s:'%s'\n",__location__,c)); + return false; + } + *p = '\0'; + p++; + pw->pw_dir = c; + c = p; + + NWRAP_VERBOSE(("dir[%s]\n", pw->pw_dir)); + + /* shell */ + pw->pw_shell = c; + NWRAP_VERBOSE(("shell[%s]\n", pw->pw_shell)); + + NWRAP_DEBUG(("add user[%s:%s:%u:%u:%s:%s:%s]\n", + pw->pw_name, pw->pw_passwd, + pw->pw_uid, pw->pw_gid, + pw->pw_gecos, pw->pw_dir, pw->pw_shell)); + + nwrap_pw->num++; + return true; +} + +static void nwrap_pw_unload(struct nwrap_cache *nwrap) +{ + struct nwrap_pw *nwrap_pw; + nwrap_pw = (struct nwrap_pw *)nwrap->private_data; + + if (nwrap_pw->list) free(nwrap_pw->list); + + nwrap_pw->list = NULL; + nwrap_pw->num = 0; + nwrap_pw->idx = 0; +} + +static int nwrap_pw_copy_r(const struct passwd *src, struct passwd *dst, + char *buf, size_t buflen, struct passwd **destp) +{ + char *first; + char *last; + off_t ofs; + + first = src->pw_name; + + last = src->pw_shell; + while (*last) last++; + + ofs = PTR_DIFF(last + 1, first); + + if (ofs > buflen) { + return ERANGE; + } + + memcpy(buf, first, ofs); + + ofs = PTR_DIFF(src->pw_name, first); + dst->pw_name = buf + ofs; + ofs = PTR_DIFF(src->pw_passwd, first); + dst->pw_passwd = buf + ofs; + dst->pw_uid = src->pw_uid; + dst->pw_gid = src->pw_gid; + ofs = PTR_DIFF(src->pw_gecos, first); + dst->pw_gecos = buf + ofs; + ofs = PTR_DIFF(src->pw_dir, first); + dst->pw_dir = buf + ofs; + ofs = PTR_DIFF(src->pw_shell, first); + dst->pw_shell = buf + ofs; + + return 0; +} + /* user functions */ _PUBLIC_ struct passwd *nwrap_getpwnam(const char *name) { - return real_getpwnam(name); + int i; + + if (!nwrap_enabled()) { + return real_getpwnam(name); + } + + nwrap_cache_reload(nwrap_pw_global.cache); + + for (i=0; i= nwrap_pw_global.num) { + errno = ENOENT; + return NULL; + } + + pw = &nwrap_pw_global.list[nwrap_pw_global.idx++]; + + NWRAP_VERBOSE(("%s: return user[%s] uid[%u]\n", + __location__, pw->pw_name, pw->pw_uid)); + + return pw; } -_PUBLIC_ int nwrap_getpwent_r(struct passwd *pwbuf, char *buf, - size_t buflen, struct passwd **pwbufp) +_PUBLIC_ int nwrap_getpwent_r(struct passwd *pwdst, char *buf, + size_t buflen, struct passwd **pwdstp) { - return real_getpwent_r(pwbuf, buf, buflen, pwbufp); + struct passwd *pw; + + if (!nwrap_enabled()) { + return real_getpwent_r(pwdst, buf, buflen, pwdstp); + } + + pw = nwrap_getpwent(); + if (!pw) { + if (errno == 0) { + return ENOENT; + } + return errno; + } + + return nwrap_pw_copy_r(pw, pwdst, buf, buflen, pwdstp); } _PUBLIC_ void nwrap_endpwent(void) { - real_endpwent(); + if (!nwrap_enabled()) { + real_endpwent(); + } + + nwrap_pw_global.idx = 0; } /* misc functions */ -- cgit From be93d8a062471e358f1e82973bb44a5c279afe9b Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 5 Nov 2007 15:41:23 +0100 Subject: r25836: nss_wrapper: add support for groups and return EPERM in initgroups() The NSS_WRAPPER_GROUP envvar should point to the /etc/group style file. Note: NSS_WRAPPER_PASSWD and NSS_WRAPPER_GROUP both need non-empty values to enable NSS Wrapper support. metze (This used to be commit fa255cc4b5c03ffe7b0fcf6c1fe4b61ff303fdd8) --- source4/lib/nss_wrapper/nss_wrapper.c | 371 ++++++++++++++++++++++++++++++++-- 1 file changed, 356 insertions(+), 15 deletions(-) (limited to 'source4/lib/nss_wrapper/nss_wrapper.c') diff --git a/source4/lib/nss_wrapper/nss_wrapper.c b/source4/lib/nss_wrapper/nss_wrapper.c index b746d3ea61..dae3c1c626 100644 --- a/source4/lib/nss_wrapper/nss_wrapper.c +++ b/source4/lib/nss_wrapper/nss_wrapper.c @@ -137,6 +137,20 @@ struct nwrap_pw nwrap_pw_global; static bool nwrap_pw_parse_line(struct nwrap_cache *nwrap, char *line); static void nwrap_pw_unload(struct nwrap_cache *nwrap); +struct nwrap_gr { + struct nwrap_cache *cache; + + struct group *list; + int num; + int idx; +}; + +struct nwrap_cache __nwrap_cache_gr; +struct nwrap_gr nwrap_gr_global; + +static bool nwrap_gr_parse_line(struct nwrap_cache *nwrap, char *line); +static void nwrap_gr_unload(struct nwrap_cache *nwrap); + static void nwrap_init(void) { static bool initialized; @@ -151,6 +165,14 @@ static void nwrap_init(void) nwrap_pw_global.cache->private_data = &nwrap_pw_global; nwrap_pw_global.cache->parse_line = nwrap_pw_parse_line; nwrap_pw_global.cache->unload = nwrap_pw_unload; + + nwrap_gr_global.cache = &__nwrap_cache_gr; + + nwrap_gr_global.cache->path = getenv("NSS_WRAPPER_GROUP"); + nwrap_gr_global.cache->fd = -1; + nwrap_gr_global.cache->private_data = &nwrap_gr_global; + nwrap_gr_global.cache->parse_line = nwrap_gr_parse_line; + nwrap_gr_global.cache->unload = nwrap_gr_unload; } static bool nwrap_enabled(void) @@ -163,6 +185,12 @@ static bool nwrap_enabled(void) if (nwrap_pw_global.cache->path[0] == '\0') { return false; } + if (!nwrap_gr_global.cache->path) { + return false; + } + if (nwrap_gr_global.cache->path[0] == '\0') { + return false; + } return true; } @@ -522,6 +550,198 @@ static int nwrap_pw_copy_r(const struct passwd *src, struct passwd *dst, return 0; } +/* + * the caller has to call nwrap_unload() on failure + */ +static bool nwrap_gr_parse_line(struct nwrap_cache *nwrap, char *line) +{ + struct nwrap_gr *nwrap_gr; + char *c; + char *p; + char *e; + struct group *gr; + size_t list_size; + unsigned nummem; + + nwrap_gr = (struct nwrap_gr *)nwrap->private_data; + + list_size = sizeof(*nwrap_gr->list) * (nwrap_gr->num+1); + gr = (struct group *)realloc(nwrap_gr->list, list_size); + if (!gr) { + NWRAP_ERROR(("%s:realloc failed\n",__location__)); + return false; + } + nwrap_gr->list = gr; + + gr = &nwrap_gr->list[nwrap_gr->num]; + + c = line; + + /* name */ + p = strchr(c, ':'); + if (!p) { + NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n", + __location__, line, c)); + return false; + } + *p = '\0'; + p++; + gr->gr_name = c; + c = p; + + NWRAP_VERBOSE(("name[%s]\n", gr->gr_name)); + + /* password */ + p = strchr(c, ':'); + if (!p) { + NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n", + __location__, line, c)); + return false; + } + *p = '\0'; + p++; + gr->gr_passwd = c; + c = p; + + NWRAP_VERBOSE(("password[%s]\n", gr->gr_passwd)); + + /* gid */ + p = strchr(c, ':'); + if (!p) { + NWRAP_ERROR(("%s:invalid line[%s]: '%s'\n", + __location__, line, c)); + return false; + } + *p = '\0'; + p++; + e = NULL; + gr->gr_gid = (gid_t)strtoul(c, &e, 10); + if (c == e) { + NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n", + __location__, line, c, strerror(errno))); + return false; + } + if (e == NULL) { + NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n", + __location__, line, c, strerror(errno))); + return false; + } + if (e[0] != '\0') { + NWRAP_ERROR(("%s:invalid line[%s]: '%s' - %s\n", + __location__, line, c, strerror(errno))); + return false; + } + c = p; + + NWRAP_VERBOSE(("gid[%u]\n", gr->gr_gid)); + + /* members */ + gr->gr_mem = (char **)malloc(sizeof(char *)); + if (!gr->gr_mem) { + NWRAP_ERROR(("%s:calloc failed\n",__location__)); + return false; + } + gr->gr_mem[0] = NULL; + + for(nummem=0; p; nummem++) { + char **m; + size_t m_size; + c = p; + p = strchr(c, ','); + if (p) { + *p = '\0'; + p++; + } + + if (strlen(c) == 0) { + break; + } + + m_size = sizeof(char *) * (nummem+2); + m = (char **)realloc(gr->gr_mem, m_size); + if (!m) { + NWRAP_ERROR(("%s:realloc(%u) failed\n", + __location__, m_size)); + return false; + } + gr->gr_mem = m; + gr->gr_mem[nummem] = c; + gr->gr_mem[nummem+1] = NULL; + + NWRAP_VERBOSE(("member[%u]: '%s'\n", nummem, gr->gr_mem[nummem])); + } + + NWRAP_DEBUG(("add group[%s:%s:%u:] with %u members\n", + gr->gr_name, gr->gr_passwd, gr->gr_gid, nummem)); + + nwrap_gr->num++; + return true; +} + +static void nwrap_gr_unload(struct nwrap_cache *nwrap) +{ + int i; + struct nwrap_gr *nwrap_gr; + nwrap_gr = (struct nwrap_gr *)nwrap->private_data; + + if (nwrap_gr->list) { + for (i=0; i < nwrap_gr->num; i++) { + if (nwrap_gr->list[i].gr_mem) { + free(nwrap_gr->list[i].gr_mem); + } + } + free(nwrap_gr->list); + } + + nwrap_gr->list = NULL; + nwrap_gr->num = 0; + nwrap_gr->idx = 0; +} + +static int nwrap_gr_copy_r(const struct group *src, struct group *dst, + char *buf, size_t buflen, struct group **destp) +{ + char *first; + char **lastm; + char *last; + off_t ofsb; + off_t ofsm; + off_t ofs; + unsigned i; + + first = src->gr_name; + + lastm = src->gr_mem; + while (*lastm) lastm++; + + last = *lastm; + while (*last) last++; + + ofsb = PTR_DIFF(last + 1, first); + ofsm = PTR_DIFF(lastm + 1, src->gr_mem); + + if ((ofsb + ofsm) > buflen) { + return ERANGE; + } + + memcpy(buf, first, ofsb); + memcpy(buf + ofsb, src->gr_mem, ofsm); + + ofs = PTR_DIFF(src->gr_name, first); + dst->gr_name = buf + ofs; + ofs = PTR_DIFF(src->gr_passwd, first); + dst->gr_passwd = buf + ofs; + dst->gr_gid = src->gr_gid; + + dst->gr_mem = (char **)(buf + ofsb); + for (i=0; src->gr_mem[i]; i++) { + ofs = PTR_DIFF(src->gr_mem[i], first); + dst->gr_mem[i] = buf + ofs; + } + + return 0; +} + /* user functions */ _PUBLIC_ struct passwd *nwrap_getpwnam(const char *name) { @@ -684,50 +904,171 @@ _PUBLIC_ void nwrap_endpwent(void) /* misc functions */ _PUBLIC_ int nwrap_initgroups(const char *user, gid_t group) { - return real_initgroups(user, group); + if (!nwrap_enabled()) { + return real_initgroups(user, group); + } + + /* TODO: maybe we should also fake this... */ + return EPERM; } /* group functions */ _PUBLIC_ struct group *nwrap_getgrnam(const char *name) { - return real_getgrnam(name); + int i; + + if (!nwrap_enabled()) { + return real_getgrnam(name); + } + + nwrap_cache_reload(nwrap_gr_global.cache); + + for (i=0; i= nwrap_gr_global.num) { + errno = ENOENT; + return NULL; + } + + gr = &nwrap_gr_global.list[nwrap_gr_global.idx++]; + + NWRAP_VERBOSE(("%s: return group[%s] gid[%u]\n", + __location__, gr->gr_name, gr->gr_gid)); + + return gr; } -_PUBLIC_ int nwrap_getgrent_r(struct group *gbuf, char *buf, - size_t buflen, struct group **gbufp) +_PUBLIC_ int nwrap_getgrent_r(struct group *grdst, char *buf, + size_t buflen, struct group **grdstp) { - return real_getgrent_r(gbuf, buf, buflen, gbufp); + struct group *gr; + + if (!nwrap_enabled()) { + return real_getgrent_r(grdst, buf, buflen, grdstp); + } + + gr = nwrap_getgrent(); + if (!gr) { + if (errno == 0) { + return ENOENT; + } + return errno; + } + + return nwrap_gr_copy_r(gr, grdst, buf, buflen, grdstp); } _PUBLIC_ void nwrap_endgrent(void) { - real_endgrent(); + if (!nwrap_enabled()) { + real_endgrent(); + } + + nwrap_gr_global.idx = 0; } -- cgit From 70cf786aab06a45cc6f086fb44d5caee2b108369 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 6 Nov 2007 08:06:50 +0100 Subject: r25866: nss_wrapper: not all systems have get*_r calls metze (This used to be commit 6a3f97aeac81cf7dd1a28fd9f17ec2f6e35300dc) --- source4/lib/nss_wrapper/nss_wrapper.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'source4/lib/nss_wrapper/nss_wrapper.c') diff --git a/source4/lib/nss_wrapper/nss_wrapper.c b/source4/lib/nss_wrapper/nss_wrapper.c index dae3c1c626..1b75aa59e6 100644 --- a/source4/lib/nss_wrapper/nss_wrapper.c +++ b/source4/lib/nss_wrapper/nss_wrapper.c @@ -48,6 +48,26 @@ #define _PUBLIC_ #endif +/* not all systems have _r functions... */ +#ifndef HAVE_GETPWNAM_R +#define getpwnam_r(name, pwdst, buf, buflen, pwdstp) ENOSYS +#endif +#ifndef HAVE_GETPWUID_R +#define getpwuid_r(uid, pwdst, buf, buflen, pwdstp) ENOSYS +#endif +#ifndef HAVE_GETPWENT_R +#define getpwent_r(pwdst, buf, buflen, pwdstp) ENOSYS +#endif +#ifndef HAVE_GETGRNAM_R +#define getgrnam_r(name, grdst, buf, buflen, grdstp) ENOSYS +#endif +#ifndef HAVE_GETGRUID_R +#define getgrgid_r(uid, grdst, buf, buflen, grdstp) ENOSYS +#endif +#ifndef HAVE_GETGRENT_R +#define getgrent_r(grdst, buf, buflen, grdstp) ENOSYS +#endif + /* LD_PRELOAD doesn't work yet, so REWRITE_CALLS is all we support * for now */ #define REWRITE_CALLS -- cgit From 49c4a40e2f87b3e37f3248464c43118c6c8aaadb Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 6 Nov 2007 09:26:42 +0100 Subject: r25868: nss_wrapper: add solaris versions of getpwent_r and getgrent_r metze (This used to be commit 386b28f988e80989f3c0e8acdfb1b66469e0a7a5) --- source4/lib/nss_wrapper/nss_wrapper.c | 62 +++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) (limited to 'source4/lib/nss_wrapper/nss_wrapper.c') diff --git a/source4/lib/nss_wrapper/nss_wrapper.c b/source4/lib/nss_wrapper/nss_wrapper.c index 1b75aa59e6..72ddd8d5c3 100644 --- a/source4/lib/nss_wrapper/nss_wrapper.c +++ b/source4/lib/nss_wrapper/nss_wrapper.c @@ -892,6 +892,36 @@ _PUBLIC_ struct passwd *nwrap_getpwent(void) return pw; } +#ifdef SOLARIS_GETPWENT_R +_PUBLIC_ struct passwd *nwrap_getpwent_r(struct passwd *pwdst, + char *buf, + int buflen) +{ + struct passwd *pw; + struct passwd *pwdstp = NULL; + int ret; + + if (!nwrap_enabled()) { + return real_getpwent_r(pwdst, buf, buflen); + } + + pw = nwrap_getpwent(); + if (!pw) { + if (errno == 0) { + errno = ENOENT; + } + return NULL; + } + + ret = nwrap_pw_copy_r(pw, pwdst, buf, buflen, &pwdstp); + if (ret != 0) { + errno = ret; + return NULL; + } + + return pwdstp; +} +#else _PUBLIC_ int nwrap_getpwent_r(struct passwd *pwdst, char *buf, size_t buflen, struct passwd **pwdstp) { @@ -911,6 +941,7 @@ _PUBLIC_ int nwrap_getpwent_r(struct passwd *pwdst, char *buf, return nwrap_pw_copy_r(pw, pwdst, buf, buflen, pwdstp); } +#endif _PUBLIC_ void nwrap_endpwent(void) { @@ -1064,6 +1095,36 @@ _PUBLIC_ struct group *nwrap_getgrent(void) return gr; } +#ifdef SOLARIS_GETGRENT_R +_PUBLIC_ struct group *nwrap_getgrent_r(struct group *grdst, + char *buf, + int buflen) +{ + struct group *gr; + struct group *grdstp = NULL; + int ret; + + if (!nwrap_enabled()) { + return real_getgrent_r(grdst, buf, buflen); + } + + gr = nwrap_getgrent(); + if (!gr) { + if (errno == 0) { + errno = ENOENT; + } + return NULL; + } + + ret = nwrap_gr_copy_r(gr, grdst, buf, buflen, &grdstp); + if (ret != 0) { + errno = ret; + return NULL; + } + + return grdstp; +} +#else _PUBLIC_ int nwrap_getgrent_r(struct group *grdst, char *buf, size_t buflen, struct group **grdstp) { @@ -1083,6 +1144,7 @@ _PUBLIC_ int nwrap_getgrent_r(struct group *grdst, char *buf, return nwrap_gr_copy_r(gr, grdst, buf, buflen, grdstp); } +#endif _PUBLIC_ void nwrap_endgrent(void) { -- cgit From 32bed4d0fbd2acf3570ccb75cc046eee064b063b Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 6 Nov 2007 12:11:35 +0100 Subject: r25871: nss_wrapper: set the destination pointer in the get*_r functions metze (This used to be commit e68d1c9276a6696efeb7271433072b3cb3ab33cb) --- source4/lib/nss_wrapper/nss_wrapper.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'source4/lib/nss_wrapper/nss_wrapper.c') diff --git a/source4/lib/nss_wrapper/nss_wrapper.c b/source4/lib/nss_wrapper/nss_wrapper.c index 72ddd8d5c3..6d26588fff 100644 --- a/source4/lib/nss_wrapper/nss_wrapper.c +++ b/source4/lib/nss_wrapper/nss_wrapper.c @@ -535,7 +535,7 @@ static void nwrap_pw_unload(struct nwrap_cache *nwrap) } static int nwrap_pw_copy_r(const struct passwd *src, struct passwd *dst, - char *buf, size_t buflen, struct passwd **destp) + char *buf, size_t buflen, struct passwd **dstp) { char *first; char *last; @@ -567,6 +567,10 @@ static int nwrap_pw_copy_r(const struct passwd *src, struct passwd *dst, ofs = PTR_DIFF(src->pw_shell, first); dst->pw_shell = buf + ofs; + if (dstp) { + *dstp = dst; + } + return 0; } @@ -719,7 +723,7 @@ static void nwrap_gr_unload(struct nwrap_cache *nwrap) } static int nwrap_gr_copy_r(const struct group *src, struct group *dst, - char *buf, size_t buflen, struct group **destp) + char *buf, size_t buflen, struct group **dstp) { char *first; char **lastm; @@ -759,6 +763,10 @@ static int nwrap_gr_copy_r(const struct group *src, struct group *dst, dst->gr_mem[i] = buf + ofs; } + if (dstp) { + *dstp = dst; + } + return 0; } -- cgit From 8867f82611e232a0752fad27db915b20da5c56bb Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 6 Nov 2007 12:15:19 +0100 Subject: r25872: nss_wrapper: revert solaris get*ent_r() functions This was the wrong approach, as in future lib/replace should hide this special solaris stuff. metze (This used to be commit e99feb5ff5f22522b902fe523e9aee80856ba422) --- source4/lib/nss_wrapper/nss_wrapper.c | 62 ----------------------------------- 1 file changed, 62 deletions(-) (limited to 'source4/lib/nss_wrapper/nss_wrapper.c') diff --git a/source4/lib/nss_wrapper/nss_wrapper.c b/source4/lib/nss_wrapper/nss_wrapper.c index 6d26588fff..f4ea9bb6de 100644 --- a/source4/lib/nss_wrapper/nss_wrapper.c +++ b/source4/lib/nss_wrapper/nss_wrapper.c @@ -900,36 +900,6 @@ _PUBLIC_ struct passwd *nwrap_getpwent(void) return pw; } -#ifdef SOLARIS_GETPWENT_R -_PUBLIC_ struct passwd *nwrap_getpwent_r(struct passwd *pwdst, - char *buf, - int buflen) -{ - struct passwd *pw; - struct passwd *pwdstp = NULL; - int ret; - - if (!nwrap_enabled()) { - return real_getpwent_r(pwdst, buf, buflen); - } - - pw = nwrap_getpwent(); - if (!pw) { - if (errno == 0) { - errno = ENOENT; - } - return NULL; - } - - ret = nwrap_pw_copy_r(pw, pwdst, buf, buflen, &pwdstp); - if (ret != 0) { - errno = ret; - return NULL; - } - - return pwdstp; -} -#else _PUBLIC_ int nwrap_getpwent_r(struct passwd *pwdst, char *buf, size_t buflen, struct passwd **pwdstp) { @@ -949,7 +919,6 @@ _PUBLIC_ int nwrap_getpwent_r(struct passwd *pwdst, char *buf, return nwrap_pw_copy_r(pw, pwdst, buf, buflen, pwdstp); } -#endif _PUBLIC_ void nwrap_endpwent(void) { @@ -1103,36 +1072,6 @@ _PUBLIC_ struct group *nwrap_getgrent(void) return gr; } -#ifdef SOLARIS_GETGRENT_R -_PUBLIC_ struct group *nwrap_getgrent_r(struct group *grdst, - char *buf, - int buflen) -{ - struct group *gr; - struct group *grdstp = NULL; - int ret; - - if (!nwrap_enabled()) { - return real_getgrent_r(grdst, buf, buflen); - } - - gr = nwrap_getgrent(); - if (!gr) { - if (errno == 0) { - errno = ENOENT; - } - return NULL; - } - - ret = nwrap_gr_copy_r(gr, grdst, buf, buflen, &grdstp); - if (ret != 0) { - errno = ret; - return NULL; - } - - return grdstp; -} -#else _PUBLIC_ int nwrap_getgrent_r(struct group *grdst, char *buf, size_t buflen, struct group **grdstp) { @@ -1152,7 +1091,6 @@ _PUBLIC_ int nwrap_getgrent_r(struct group *grdst, char *buf, return nwrap_gr_copy_r(gr, grdst, buf, buflen, grdstp); } -#endif _PUBLIC_ void nwrap_endgrent(void) { -- cgit From 336eddb5f2cdd7e49c2ccd23f25728b0d8849bf7 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 6 Nov 2007 12:34:50 +0100 Subject: r25873: nss_wrapper: hopefully a better fix for the solaris get*ent_r functions metze (This used to be commit 084aad79807ba787a5d1560cf6152d4b26e8e1f6) --- source4/lib/nss_wrapper/nss_wrapper.c | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) (limited to 'source4/lib/nss_wrapper/nss_wrapper.c') diff --git a/source4/lib/nss_wrapper/nss_wrapper.c b/source4/lib/nss_wrapper/nss_wrapper.c index f4ea9bb6de..5bf7ebda4f 100644 --- a/source4/lib/nss_wrapper/nss_wrapper.c +++ b/source4/lib/nss_wrapper/nss_wrapper.c @@ -906,7 +906,21 @@ _PUBLIC_ int nwrap_getpwent_r(struct passwd *pwdst, char *buf, struct passwd *pw; if (!nwrap_enabled()) { +#ifdef SOLARIS_GETPWENT_R + pw = real_getpwent_r(pwdst, buf, buflen); + if (!pw) { + if (errno == 0) { + return ENOENT; + } + return errno; + } + if (pwdstp) { + *pwdstp = pw; + } + return 0; +#else return real_getpwent_r(pwdst, buf, buflen, pwdstp); +#endif } pw = nwrap_getpwent(); @@ -1078,7 +1092,21 @@ _PUBLIC_ int nwrap_getgrent_r(struct group *grdst, char *buf, struct group *gr; if (!nwrap_enabled()) { +#ifdef SOLARIS_GETGRENT_R + gr = real_getgrent_r(grdst, buf, buflen); + if (!gr) { + if (errno == 0) { + return ENOENT; + } + return errno; + } + if (grdstp) { + *grdstp = gr; + } + return 0; +#else return real_getgrent_r(grdst, buf, buflen, grdstp); +#endif } gr = nwrap_getgrent(); -- cgit