1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 /* 26 * getspent.c 27 * 28 * lib/nsswitch/compat/getspent.c -- name-service-switch backend for getspnam() 29 * It looks in /etc/shadow; if it finds shadow entries there that begin 30 * with "+" or "-", it consults other services. By default it uses NIS (YP), 31 * but the user can override this with a "passwd_compat" entry in 32 * /etc/nsswitch.conf, e.g. 33 * passwd_compat: nisplus 34 * The main criterion for this code is that it behave in the same way as 35 * the code for getpwnam() and friends (in getpwent.c). Note that it uses 36 * the same nsswitch.conf entry, not a separate entry for "shadow_compat". 37 * 38 * Caveats: 39 * - More than one source may be specified, with the usual switch semantics, 40 * but having multiple sources here is definitely odd. 41 * - People who recursively specify "compat" deserve what they get. 42 * - Entries that begin with "+@" or "-@" are interpreted using 43 * getnetgrent() and innetgr(), which use the "netgroup" entry in 44 * /etc/nsswitch.conf. If the sources for "passwd_compat" and "netgroup" 45 * differ, everything should work fine, but the semantics will be pretty 46 * confusing. 47 */ 48 49 #pragma ident "%Z%%M% %I% %E% SMI" 50 51 #include <shadow.h> 52 #include <string.h> 53 #include <stdlib.h> 54 #include "compat_common.h" 55 56 static DEFINE_NSS_DB_ROOT(db_root); 57 58 static void 59 _nss_initf_shadow_compat(p) 60 nss_db_params_t *p; 61 { 62 p->name = NSS_DBNAM_SHADOW; 63 p->config_name = NSS_DBNAM_PASSWD_COMPAT; 64 p->default_config = NSS_DEFCONF_PASSWD_COMPAT; 65 } 66 67 static const char * 68 get_spnamp(argp) 69 nss_XbyY_args_t *argp; 70 { 71 struct spwd *s = (struct spwd *)argp->returnval; 72 73 return (s->sp_namp); 74 } 75 76 static int 77 check_spnamp(argp) 78 nss_XbyY_args_t *argp; 79 { 80 struct spwd *s = (struct spwd *)argp->returnval; 81 82 return (strcmp(s->sp_namp, argp->key.name) == 0); 83 } 84 85 static nss_status_t 86 getbyname(be, a) 87 compat_backend_ptr_t be; 88 void *a; 89 { 90 nss_XbyY_args_t *argp = (nss_XbyY_args_t *)a; 91 92 return (_nss_compat_XY_all(be, argp, check_spnamp, 93 NSS_DBOP_SHADOW_BYNAME)); 94 } 95 96 /*ARGSUSED*/ 97 static int 98 merge_spents(be, argp, fields) 99 compat_backend_ptr_t be; 100 nss_XbyY_args_t *argp; 101 const char **fields; 102 { 103 struct spwd *sp = (struct spwd *)argp->buf.result; 104 105 /* 106 * Don't allow overriding of the username; apart from that, 107 * anything is fair game. 108 */ 109 110 if (fields[1] != 0) { 111 size_t namelen = strlen(sp->sp_namp) + 1; 112 size_t passlen = strlen(fields[1]) + 1; 113 114 /* ===> Probably merits an explanation... */ 115 if (namelen + passlen > argp->buf.buflen) { 116 return (NSS_STR_PARSE_ERANGE); 117 } 118 if (sp->sp_namp != argp->buf.buffer) { 119 (void) memmove(argp->buf.buffer, 120 sp->sp_namp, namelen); 121 sp->sp_namp = argp->buf.buffer; 122 } 123 (void) memcpy(argp->buf.buffer + namelen, 124 fields[1], passlen); 125 } 126 127 #define override(field, longp) \ 128 if ((field) != 0) { \ 129 char *end; \ 130 long val = strtol(field, &end, 10); \ 131 \ 132 if (*end == '\0') { \ 133 *(longp) = val; \ 134 } else { \ 135 return (NSS_STR_PARSE_PARSE); \ 136 } \ 137 } 138 139 /* do not override last changed date, it never gets reset. */ 140 /* override(fields[2], &sp->sp_lstchg); */ 141 override(fields[3], &sp->sp_min); 142 override(fields[4], &sp->sp_max); 143 override(fields[5], &sp->sp_warn); 144 override(fields[6], &sp->sp_inact); 145 override(fields[7], &sp->sp_expire); 146 override(fields[8], &sp->sp_flag); 147 148 /* 149 * if asked, return the data in /etc file format 150 */ 151 if (be->return_string_data == 1) { 152 int n; 153 char b[16 * 7]; 154 155 /* reset the result ptr to the original value */ 156 argp->buf.result = NULL; 157 158 #define printnum(i, num) \ 159 sprintf(b + (i * 16), "%d", num)) ? b + (i * 16) : "" 160 161 n = snprintf(argp->buf.buffer, argp->buf.buflen, 162 "%s:%s:%s:%s:%s:%s:%s:%s:%s", sp->sp_namp, 163 (sp->sp_pwdp ? sp->sp_pwdp : ""), 164 (sp->sp_lstchg >= 0 && printnum(0, sp->sp_lstchg), 165 (sp->sp_min >= 0 && printnum(1, sp->sp_min), 166 (sp->sp_max >= 0 && printnum(2, sp->sp_max), 167 (sp->sp_warn > 0 && printnum(3, sp->sp_warn), 168 (sp->sp_inact > 0 && printnum(4, sp->sp_inact), 169 (sp->sp_expire > 0 && printnum(5, sp->sp_expire), 170 (sp->sp_flag != 0 && printnum(6, sp->sp_flag)); 171 172 if (n > argp->buf.buflen) 173 return (NSS_STR_PARSE_ERANGE); 174 else { 175 argp->returnlen = n - 1; 176 return (NSS_SUCCESS); 177 } 178 179 } else 180 return (NSS_STR_PARSE_SUCCESS); 181 } 182 183 static compat_backend_op_t shadow_ops[] = { 184 _nss_compat_destr, 185 _nss_compat_endent, 186 _nss_compat_setent, 187 _nss_compat_getent, 188 getbyname 189 }; 190 191 /*ARGSUSED*/ 192 nss_backend_t * 193 _nss_compat_shadow_constr(dummy1, dummy2, dummy3) 194 const char *dummy1, *dummy2, *dummy3; 195 { 196 return (_nss_compat_constr(shadow_ops, 197 sizeof (shadow_ops) / sizeof (shadow_ops[0]), 198 SHADOW, 199 NSS_LINELEN_SHADOW, 200 &db_root, 201 _nss_initf_shadow_compat, 202 1, 203 get_spnamp, 204 merge_spents)); 205 } 206