18f55a568SDoug Rabson /*- 2*4d846d26SWarner Losh * SPDX-License-Identifier: BSD-2-Clause 31de7b4b8SPedro F. Giffuni * 48f55a568SDoug Rabson * Copyright (c) 2008 Isilon Inc http://www.isilon.com/ 58f55a568SDoug Rabson * Authors: Doug Rabson <dfr@rabson.org> 68f55a568SDoug Rabson * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org> 78f55a568SDoug Rabson * 88f55a568SDoug Rabson * Redistribution and use in source and binary forms, with or without 98f55a568SDoug Rabson * modification, are permitted provided that the following conditions 108f55a568SDoug Rabson * are met: 118f55a568SDoug Rabson * 1. Redistributions of source code must retain the above copyright 128f55a568SDoug Rabson * notice, this list of conditions and the following disclaimer. 138f55a568SDoug Rabson * 2. Redistributions in binary form must reproduce the above copyright 148f55a568SDoug Rabson * notice, this list of conditions and the following disclaimer in the 158f55a568SDoug Rabson * documentation and/or other materials provided with the distribution. 168f55a568SDoug Rabson * 178f55a568SDoug Rabson * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 188f55a568SDoug Rabson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 198f55a568SDoug Rabson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 208f55a568SDoug Rabson * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 218f55a568SDoug Rabson * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 228f55a568SDoug Rabson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 238f55a568SDoug Rabson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 248f55a568SDoug Rabson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 258f55a568SDoug Rabson * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 268f55a568SDoug Rabson * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 278f55a568SDoug Rabson * SUCH DAMAGE. 288f55a568SDoug Rabson */ 298f55a568SDoug Rabson /* $FreeBSD$ */ 308f55a568SDoug Rabson 314fb6bc36SRick Macklem #include <errno.h> 328f55a568SDoug Rabson #include <pwd.h> 338f55a568SDoug Rabson 348f55a568SDoug Rabson #include "krb5/gsskrb5_locl.h" 358f55a568SDoug Rabson 368f55a568SDoug Rabson OM_uint32 378f55a568SDoug Rabson _gsskrb5_pname_to_uid(OM_uint32 *minor_status, const gss_name_t pname, 388f55a568SDoug Rabson const gss_OID mech, uid_t *uidp) 398f55a568SDoug Rabson { 408f55a568SDoug Rabson krb5_context context; 418f55a568SDoug Rabson krb5_const_principal name = (krb5_const_principal) pname; 428f55a568SDoug Rabson krb5_error_code kret; 434fb6bc36SRick Macklem char lname[MAXLOGNAME + 1], buf[1024], *bufp; 448f55a568SDoug Rabson struct passwd pwd, *pw; 454fb6bc36SRick Macklem size_t buflen; 464fb6bc36SRick Macklem int error; 474fb6bc36SRick Macklem OM_uint32 ret; 484fb6bc36SRick Macklem static size_t buflen_hint = 1024; 498f55a568SDoug Rabson 508f55a568SDoug Rabson GSSAPI_KRB5_INIT (&context); 518f55a568SDoug Rabson 528f55a568SDoug Rabson kret = krb5_aname_to_localname(context, name, sizeof(lname), lname); 538f55a568SDoug Rabson if (kret) { 548f55a568SDoug Rabson *minor_status = kret; 558f55a568SDoug Rabson return (GSS_S_FAILURE); 568f55a568SDoug Rabson } 578f55a568SDoug Rabson 588f55a568SDoug Rabson *minor_status = 0; 594fb6bc36SRick Macklem buflen = buflen_hint; 604fb6bc36SRick Macklem for (;;) { 614fb6bc36SRick Macklem pw = NULL; 624fb6bc36SRick Macklem bufp = buf; 634fb6bc36SRick Macklem if (buflen > sizeof(buf)) 644fb6bc36SRick Macklem bufp = malloc(buflen); 654fb6bc36SRick Macklem if (bufp == NULL) 664fb6bc36SRick Macklem break; 674fb6bc36SRick Macklem error = getpwnam_r(lname, &pwd, bufp, buflen, &pw); 684fb6bc36SRick Macklem if (error != ERANGE) 694fb6bc36SRick Macklem break; 704fb6bc36SRick Macklem if (buflen > sizeof(buf)) 714fb6bc36SRick Macklem free(bufp); 724fb6bc36SRick Macklem buflen += 1024; 734fb6bc36SRick Macklem if (buflen > buflen_hint) 744fb6bc36SRick Macklem buflen_hint = buflen; 754fb6bc36SRick Macklem } 768f55a568SDoug Rabson if (pw) { 778f55a568SDoug Rabson *uidp = pw->pw_uid; 784fb6bc36SRick Macklem ret = GSS_S_COMPLETE; 798f55a568SDoug Rabson } else { 804fb6bc36SRick Macklem ret = GSS_S_FAILURE; 818f55a568SDoug Rabson } 824fb6bc36SRick Macklem if (bufp != NULL && buflen > sizeof(buf)) 834fb6bc36SRick Macklem free(bufp); 844fb6bc36SRick Macklem return (ret); 858f55a568SDoug Rabson } 86