/* Copyright (c) 2004 Michael Bushkov <bushman@rsu.ru> */
/*
* Copyright (C) 1997-2003 Luke Howard. This file is part of the nss_ldap library. Contributed by Luke Howard, <lukeh@padl.com>, 1997.
*
* The nss_ldap library is free software; you can redistribute it and/or modify it under the terms of the GNU Library General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
*
* The nss_ldap library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public License for more details.
*
* You should have received a copy of the GNU Library General Public License along with the nss_ldap library; see the file COPYING.LIB. If not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
/*static char rcsId[] =
"$Id: ldap-pwd.c,v 2.36 2003/02/21 14:11:07 lukeh Exp $";*/
#include "config.h"
#ifdef HAVE_PORT_BEFORE_H
#include <port_before.h>
#endif
#ifdef HAVE_THREAD_H
#include <thread.h>
#elif defined(HAVE_PTHREAD_H)
#include <pthread.h>
#endif
#include <stdlib.h>
#include <sys/types.h>
#include <sys/param.h>
#include <string.h>
#include <pwd.h>
#ifdef HAVE_LBER_H
#include <lber.h>
#endif
#ifdef HAVE_LDAP_H
#include <ldap.h>
#endif
#include "ldap-nss.h"
#include "ldap-pwd.h"
#include "globals.h"
#include "util.h"
#include "bsdtss.h"
#ifdef HAVE_PORT_AFTER_H
#include <port_after.h>
#endif
#ifdef HAVE_NSS_H
//static ent_context_t *pw_context = NULL;
DECLARE_TSS(pw_context, ent_context_t *, 1, NULL)
#define pw_context GET_TSS(pw_context)
#endif
void _ldap_pwd_init_tss_keys()
{
INIT_TSS_KEY(pw_context);
}
static INLINE NSS_STATUS
_nss_ldap_assign_emptystring(char **valptr,
char **buffer,
size_t * buflen);
static INLINE NSS_STATUS
_nss_ldap_assign_emptystring(char **valptr, char **buffer, size_t * buflen)
{
if (*buflen < 2)
return NSS_TRYAGAIN;
*valptr = *buffer;
**valptr = '\0';
(*buffer)++;
(*buflen)--;
return NSS_SUCCESS;
}
static NSS_STATUS
_nss_ldap_parse_pw(LDAP * ld,
LDAPMessage * e,
ldap_state_t * pvt,
void *result, char *buffer, size_t buflen)
{
struct passwd *pw = (struct passwd *) result;
char *uid, *gid;
NSS_STATUS stat;
char tmpbuf[sizeof "-4294967295"];
size_t tmplen;
char *tmp;
if (_nss_ldap_oc_check(ld, e, "shadowAccount") == NSS_SUCCESS) {
/* don't include password for shadowAccount */
if (buflen < 3)
return NSS_TRYAGAIN;
pw->pw_passwd = buffer;
strcpy(buffer, "x");
buffer += 2;
buflen -= 2;
} else {
stat =
_nss_ldap_assign_userpassword(ld, e, AT(userPassword),
&pw->pw_passwd, &buffer, &buflen);
if (stat != NSS_SUCCESS)
return stat;
}
stat =
_nss_ldap_assign_attrval(ld, e, AT(uid), &pw->pw_name, &buffer,
&buflen);
if (stat != NSS_SUCCESS)
return stat;
tmp = tmpbuf;
tmplen = sizeof(tmpbuf);
stat =
_nss_ldap_assign_attrval(ld, e, AT(uidNumber), &uid, &tmp, &tmplen);
if (stat != NSS_SUCCESS)
return stat;
pw->pw_uid = (*uid == '\0') ? UID_NOBODY : (uid_t) atol(uid);
tmp = tmpbuf;
tmplen = sizeof(tmpbuf);
stat =
_nss_ldap_assign_attrval(ld, e, AT(gidNumber), &gid, &tmp, &tmplen);
if (stat != NSS_SUCCESS)
return stat;
pw->pw_gid = (*gid == '\0') ? GID_NOBODY : (gid_t) atol(gid);
stat =
_nss_ldap_assign_attrval(ld, e, AT(gecos), &pw->pw_gecos, &buffer,
&buflen);
if (stat != NSS_SUCCESS) {
pw->pw_gecos = NULL;
stat =
_nss_ldap_assign_attrval(ld, e, AT(cn), &pw->pw_gecos, &buffer,
&buflen);
if (stat != NSS_SUCCESS)
return stat;
}
stat =
_nss_ldap_assign_attrval(ld, e, AT(homeDirectory), &pw->pw_dir, &buffer,
&buflen);
if (stat != NSS_SUCCESS)
#ifdef XAD
(void)_nss_ldap_assign_emptystring(&pw->pw_dir, &buffer, &buflen);
#else
return stat;
#endif /* XAD */
stat =
_nss_ldap_assign_attrval(ld, e, AT(loginShell), &pw->pw_shell, &buffer,
&buflen);
if (stat != NSS_SUCCESS)
(void)_nss_ldap_assign_emptystring(&pw->pw_shell, &buffer, &buflen);
#ifdef HAVE_NSSWITCH_H
stat =
_nss_ldap_assign_attrval(ld, e, AT(description), &pw->pw_comment,
&buffer, &buflen);
if (stat != NSS_SUCCESS) {
/*
* Fix for recall #233
*/
pw->pw_comment = pw->pw_gecos;
}
(void)_nss_ldap_assign_emptystring(&pw->pw_age, &buffer, &buflen);
#endif /* HAVE_NSSWITCH_H */
return NSS_SUCCESS;
}
#ifdef HAVE_NSS_H
NSS_STATUS
_nss_ldap_getpwnam_r(const char *name,
struct passwd * result,
char *buffer, size_t buflen, int *errnop)
{
LOOKUP_NAME(name, result, buffer, buflen, errnop, _nss_ldap_filt_getpwnam,
LM_PASSWD, _nss_ldap_parse_pw);
}
#elif defined(HAVE_NSSWITCH_H)
static NSS_STATUS
_nss_ldap_getpwnam_r(nss_backend_t * be, void *args)
{
LOOKUP_NAME(args, _nss_ldap_filt_getpwnam, LM_PASSWD, _nss_ldap_parse_pw);
}
#endif /* HAVE_NSS_H */
#ifdef HAVE_NSS_H
NSS_STATUS
_nss_ldap_getpwuid_r(uid_t uid,
struct passwd * result,
char *buffer, size_t buflen, int *errnop)
{
LOOKUP_NUMBER(uid, result, buffer, buflen, errnop, _nss_ldap_filt_getpwuid,
LM_PASSWD, _nss_ldap_parse_pw);
}
#elif defined(HAVE_NSSWITCH_H)
static NSS_STATUS
_nss_ldap_getpwuid_r(nss_backend_t * be, void *args)
{
LOOKUP_NUMBER(args, key.uid, _nss_ldap_filt_getpwuid, LM_PASSWD,
_nss_ldap_parse_pw);
}
#endif
#if defined(HAVE_NSS_H)
NSS_STATUS
_nss_ldap_setpwent(void)
{
LOOKUP_SETENT(pw_context);
}
#elif defined(HAVE_NSSWITCH_H)
static NSS_STATUS
_nss_ldap_setpwent_r(nss_backend_t * be, void *args)
{
LOOKUP_SETENT(be);
}
#endif
#if defined(HAVE_NSS_H)
NSS_STATUS
_nss_ldap_endpwent(void)
{
LOOKUP_ENDENT(pw_context);
}
#elif defined(HAVE_NSSWITCH_H)
static NSS_STATUS
_nss_ldap_endpwent_r(nss_backend_t * be, void *args)
{
LOOKUP_ENDENT(be);
}
#endif
#ifdef HAVE_NSS_H
NSS_STATUS
_nss_ldap_getpwent_r(struct passwd * result,
char *buffer, size_t buflen, int *errnop)
{
LOOKUP_GETENT(pw_context, result, buffer, buflen, errnop,
_nss_ldap_filt_getpwent, LM_PASSWD, _nss_ldap_parse_pw);
}
#elif defined(HAVE_NSSWITCH_H)
static NSS_STATUS
_nss_ldap_getpwent_r(nss_backend_t * be, void *args)
{
LOOKUP_GETENT(args, be, _nss_ldap_filt_getpwent, LM_PASSWD,
_nss_ldap_parse_pw);
}
#endif
#ifdef HAVE_NSSWITCH_H
static NSS_STATUS
_nss_ldap_passwd_destr(nss_backend_t * pw_context, void *args)
{
return _nss_ldap_default_destr(pw_context, args);
}
static const nss_backend_op_t passwd_ops[] = {
_nss_ldap_passwd_destr,
_nss_ldap_endpwent_r, /* NSS_DBOP_ENDENT */
_nss_ldap_setpwent_r, /* NSS_DBOP_SETENT */
_nss_ldap_getpwent_r, /* NSS_DBOP_GETENT */
_nss_ldap_getpwnam_r, /* NSS_DBOP_PASSWD_BYNAME */
_nss_ldap_getpwuid_r /* NSS_DBOP_PASSWD_BYUID */
};
nss_backend_t *
_nss_ldap_passwd_constr(const char *db_name,
const char *src_name, const char *cfg_args)
{
nss_ldap_backend_t *be;
if (!(be = (nss_ldap_backend_t *) malloc(sizeof(*be))))
return NULL;
be->ops = passwd_ops;
be->n_ops = sizeof(passwd_ops) / sizeof(nss_backend_op_t);
if (_nss_ldap_default_constr(be) != NSS_SUCCESS)
return NULL;
return (nss_backend_t *) be;
}
#endif /* !HAVE_NSS_H */
#ifdef HAVE_IRS_H
#include "irs-pwd.c"
#endif /* HAVE_IRS_H */
syntax highlighted by Code2HTML, v. 0.9.1