xref: /freebsd/kerberos5/lib/libgssapi_krb5/pname_to_uid.c (revision 4fb6bc364f682db85a5e64e8f86721a4de321183) 
18f55a568SDoug Rabson /*-
28f55a568SDoug Rabson  * Copyright (c) 2008 Isilon Inc http://www.isilon.com/
38f55a568SDoug Rabson  * Authors: Doug Rabson <dfr@rabson.org>
48f55a568SDoug Rabson  * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org>
58f55a568SDoug Rabson  *
68f55a568SDoug Rabson  * Redistribution and use in source and binary forms, with or without
78f55a568SDoug Rabson  * modification, are permitted provided that the following conditions
88f55a568SDoug Rabson  * are met:
98f55a568SDoug Rabson  * 1. Redistributions of source code must retain the above copyright
108f55a568SDoug Rabson  *    notice, this list of conditions and the following disclaimer.
118f55a568SDoug Rabson  * 2. Redistributions in binary form must reproduce the above copyright
128f55a568SDoug Rabson  *    notice, this list of conditions and the following disclaimer in the
138f55a568SDoug Rabson  *    documentation and/or other materials provided with the distribution.
148f55a568SDoug Rabson  *
158f55a568SDoug Rabson  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
168f55a568SDoug Rabson  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
178f55a568SDoug Rabson  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
188f55a568SDoug Rabson  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
198f55a568SDoug Rabson  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
208f55a568SDoug Rabson  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
218f55a568SDoug Rabson  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
228f55a568SDoug Rabson  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
238f55a568SDoug Rabson  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
248f55a568SDoug Rabson  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
258f55a568SDoug Rabson  * SUCH DAMAGE.
268f55a568SDoug Rabson  */
278f55a568SDoug Rabson /* $FreeBSD$ */
288f55a568SDoug Rabson 
29*4fb6bc36SRick Macklem #include <errno.h>
308f55a568SDoug Rabson #include <pwd.h>
318f55a568SDoug Rabson 
328f55a568SDoug Rabson #include "krb5/gsskrb5_locl.h"
338f55a568SDoug Rabson 
348f55a568SDoug Rabson OM_uint32
358f55a568SDoug Rabson _gsskrb5_pname_to_uid(OM_uint32 *minor_status, const gss_name_t pname,
368f55a568SDoug Rabson     const gss_OID mech, uid_t *uidp)
378f55a568SDoug Rabson {
388f55a568SDoug Rabson 	krb5_context context;
398f55a568SDoug Rabson 	krb5_const_principal name = (krb5_const_principal) pname;
408f55a568SDoug Rabson 	krb5_error_code kret;
41*4fb6bc36SRick Macklem 	char lname[MAXLOGNAME + 1], buf[1024], *bufp;
428f55a568SDoug Rabson 	struct passwd pwd, *pw;
43*4fb6bc36SRick Macklem 	size_t buflen;
44*4fb6bc36SRick Macklem 	int error;
45*4fb6bc36SRick Macklem 	OM_uint32 ret;
46*4fb6bc36SRick Macklem 	static size_t buflen_hint = 1024;
478f55a568SDoug Rabson 
488f55a568SDoug Rabson 	GSSAPI_KRB5_INIT (&context);
498f55a568SDoug Rabson 
508f55a568SDoug Rabson 	kret = krb5_aname_to_localname(context, name, sizeof(lname), lname);
518f55a568SDoug Rabson 	if (kret) {
528f55a568SDoug Rabson 		*minor_status = kret;
538f55a568SDoug Rabson 		return (GSS_S_FAILURE);
548f55a568SDoug Rabson 	}
558f55a568SDoug Rabson 
568f55a568SDoug Rabson 	*minor_status = 0;
57*4fb6bc36SRick Macklem 	buflen = buflen_hint;
58*4fb6bc36SRick Macklem 	for (;;) {
59*4fb6bc36SRick Macklem 		pw = NULL;
60*4fb6bc36SRick Macklem 		bufp = buf;
61*4fb6bc36SRick Macklem 		if (buflen > sizeof(buf))
62*4fb6bc36SRick Macklem 			bufp = malloc(buflen);
63*4fb6bc36SRick Macklem 		if (bufp == NULL)
64*4fb6bc36SRick Macklem 			break;
65*4fb6bc36SRick Macklem 		error = getpwnam_r(lname, &pwd, bufp, buflen, &pw);
66*4fb6bc36SRick Macklem 		if (error != ERANGE)
67*4fb6bc36SRick Macklem 			break;
68*4fb6bc36SRick Macklem 		if (buflen > sizeof(buf))
69*4fb6bc36SRick Macklem 			free(bufp);
70*4fb6bc36SRick Macklem 		buflen += 1024;
71*4fb6bc36SRick Macklem 		if (buflen > buflen_hint)
72*4fb6bc36SRick Macklem 			buflen_hint = buflen;
73*4fb6bc36SRick Macklem 	}
748f55a568SDoug Rabson 	if (pw) {
758f55a568SDoug Rabson 		*uidp = pw->pw_uid;
76*4fb6bc36SRick Macklem 		ret = GSS_S_COMPLETE;
778f55a568SDoug Rabson 	} else {
78*4fb6bc36SRick Macklem 		ret = GSS_S_FAILURE;
798f55a568SDoug Rabson 	}
80*4fb6bc36SRick Macklem 	if (bufp != NULL && buflen > sizeof(buf))
81*4fb6bc36SRick Macklem 		free(bufp);
82*4fb6bc36SRick Macklem 	return (ret);
838f55a568SDoug Rabson }
84