xref: /titanic_44/usr/src/lib/nsswitch/ldap/common/getauthattr.c (revision ea8dc4b6d2251b437950c0056bc626b311c73c27)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*
23  * Copyright 2003 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #pragma ident	"%Z%%M%	%I%	%E% SMI"
28 
29 #include <secdb.h>
30 #include <auth_attr.h>
31 #include "ldap_common.h"
32 
33 
34 /* auth_attr attributes filters */
35 #define	_AUTH_NAME		"cn"
36 #define	_AUTH_RES1		"SolarisAttrReserved1"
37 #define	_AUTH_RES2		"SolarisAttrReserved2"
38 #define	_AUTH_SHORTDES		"SolarisAttrShortDesc"
39 #define	_AUTH_LONGDES		"SolarisAttrLongDesc"
40 #define	_AUTH_ATTRS		"SolarisAttrKeyValue"
41 #define	_AUTH_GETAUTHNAME 	"(&(objectClass=SolarisAuthAttr)(cn=%s))"
42 #define	_AUTH_GETAUTHNAME_SSD 	"(&(%%s)(cn=%s))"
43 
44 
45 static const char *auth_attrs[] = {
46 	_AUTH_NAME,
47 	_AUTH_RES1,
48 	_AUTH_RES2,
49 	_AUTH_SHORTDES,
50 	_AUTH_LONGDES,
51 	_AUTH_ATTRS,
52 	(char *)NULL
53 };
54 
55 
56 static int
57 _nss_ldap_auth2ent(ldap_backend_ptr be, nss_XbyY_args_t *argp)
58 {
59 	int			i, nss_result;
60 	int			buflen = (int)0;
61 	unsigned long		len = 0L;
62 	char			*nullstring = (char *)NULL;
63 	char			*buffer = (char *)NULL;
64 	char			*ceiling = (char *)NULL;
65 	authstr_t		*auth = (authstr_t *)NULL;
66 	ns_ldap_attr_t		*attrptr;
67 	ns_ldap_result_t	*result = be->result;
68 
69 	buffer = argp->buf.buffer;
70 	buflen = (size_t)argp->buf.buflen;
71 	if (!argp->buf.result) {
72 		nss_result = (int)NSS_STR_PARSE_ERANGE;
73 		goto result_auth2ent;
74 	}
75 	auth = (authstr_t *)(argp->buf.result);
76 	ceiling = buffer + buflen;
77 	auth->name = (char *)NULL;
78 	auth->res1 = (char *)NULL;
79 	auth->res2 = (char *)NULL;
80 	auth->short_desc = (char *)NULL;
81 	auth->long_desc = (char *)NULL;
82 	auth->attr = (char *)NULL;
83 	nss_result = (int)NSS_STR_PARSE_SUCCESS;
84 	(void) memset(argp->buf.buffer, 0, buflen);
85 
86 	attrptr = getattr(result, 0);
87 	if (attrptr == NULL) {
88 		nss_result = (int)NSS_STR_PARSE_PARSE;
89 		goto result_auth2ent;
90 	}
91 
92 	for (i = 0; i < result->entry->attr_count; i++) {
93 		attrptr = getattr(result, i);
94 		if (attrptr == NULL) {
95 			nss_result = (int)NSS_STR_PARSE_PARSE;
96 			goto result_auth2ent;
97 		}
98 		if (strcasecmp(attrptr->attrname, _AUTH_NAME) == 0) {
99 			if ((attrptr->attrvalue[0] == NULL) ||
100 			    (len = strlen(attrptr->attrvalue[0])) < 1) {
101 				nss_result = (int)NSS_STR_PARSE_PARSE;
102 				goto result_auth2ent;
103 			}
104 			auth->name = buffer;
105 			buffer += len + 1;
106 			if (buffer >= ceiling) {
107 				nss_result = (int)NSS_STR_PARSE_ERANGE;
108 				goto result_auth2ent;
109 			}
110 			(void) strcpy(auth->name, attrptr->attrvalue[0]);
111 			continue;
112 		}
113 		if (strcasecmp(attrptr->attrname, _AUTH_RES1) == 0) {
114 			if ((attrptr->attrvalue[0] == NULL) ||
115 			    (len = strlen(attrptr->attrvalue[0])) < 1) {
116 				auth->res1 = nullstring;
117 			} else {
118 				auth->res1 = buffer;
119 				buffer += len + 1;
120 				if (buffer >= ceiling) {
121 					nss_result = (int)NSS_STR_PARSE_ERANGE;
122 					goto result_auth2ent;
123 				}
124 				(void) strcpy(auth->res1,
125 				    attrptr->attrvalue[0]);
126 			}
127 			continue;
128 		}
129 		if (strcasecmp(attrptr->attrname, _AUTH_RES2) == 0) {
130 			if ((attrptr->attrvalue[0] == NULL) ||
131 			    (len = strlen(attrptr->attrvalue[0])) < 1) {
132 				auth->res2 = nullstring;
133 			} else {
134 				auth->res2 = buffer;
135 				buffer += len + 1;
136 				if (buffer >= ceiling) {
137 					nss_result = (int)NSS_STR_PARSE_ERANGE;
138 					goto result_auth2ent;
139 				}
140 				(void) strcpy(auth->res2,
141 				    attrptr->attrvalue[0]);
142 			}
143 			continue;
144 		}
145 		if (strcasecmp(attrptr->attrname, _AUTH_SHORTDES) == 0) {
146 			if ((attrptr->attrvalue[0] == NULL) ||
147 			    (len = strlen(attrptr->attrvalue[0])) < 1) {
148 				auth->short_desc = nullstring;
149 			} else {
150 				auth->short_desc = buffer;
151 				buffer += len + 1;
152 				if (buffer >= ceiling) {
153 					nss_result = (int)NSS_STR_PARSE_ERANGE;
154 					goto result_auth2ent;
155 				}
156 				(void) strcpy(auth->short_desc,
157 				    attrptr->attrvalue[0]);
158 			}
159 			continue;
160 		}
161 		if (strcasecmp(attrptr->attrname, _AUTH_LONGDES) == 0) {
162 			if ((attrptr->attrvalue[0] == NULL) ||
163 			    (len = strlen(attrptr->attrvalue[0])) < 1) {
164 				auth->long_desc = nullstring;
165 			} else {
166 				auth->long_desc = buffer;
167 				buffer += len + 1;
168 				if (buffer >= ceiling) {
169 					nss_result = (int)NSS_STR_PARSE_ERANGE;
170 					goto result_auth2ent;
171 				}
172 				(void) strcpy(auth->long_desc,
173 				    attrptr->attrvalue[0]);
174 			}
175 			continue;
176 		}
177 		if (strcasecmp(attrptr->attrname, _AUTH_ATTRS) == 0) {
178 			if ((attrptr->attrvalue[0] == NULL) ||
179 			    (len = strlen(attrptr->attrvalue[0])) < 1) {
180 				auth->attr = nullstring;
181 			} else {
182 				auth->attr = buffer;
183 				buffer += len + 1;
184 				if (buffer >= ceiling) {
185 					nss_result = (int)NSS_STR_PARSE_ERANGE;
186 					goto result_auth2ent;
187 				}
188 				(void) strcpy(auth->attr,
189 				    attrptr->attrvalue[0]);
190 			}
191 			continue;
192 		}
193 	}
194 
195 #ifdef	DEBUG
196 	(void) fprintf(stdout, "\n[getauthattr.c: _nss_ldap_auth2ent]\n");
197 	(void) fprintf(stdout, "      auth-name: [%s]\n", auth->name);
198 	if (auth->res1 != (char *)NULL) {
199 		(void) fprintf(stdout, "      res1: [%s]\n", auth->res1);
200 	}
201 	if (auth->res2 != (char *)NULL) {
202 		(void) fprintf(stdout, "      res2: [%s]\n", auth->res2);
203 	}
204 	if (auth->short_desc != (char *)NULL) {
205 		(void) fprintf(stdout, "      short_desc: [%s]\n",
206 		    auth->short_desc);
207 	}
208 	if (auth->long_desc != (char *)NULL) {
209 		(void) fprintf(stdout, "      long_desc: [%s]\n",
210 		    auth->long_desc);
211 	}
212 	if (auth->attr != (char *)NULL) {
213 		(void) fprintf(stdout, "      attr: [%s]\n", auth->attr);
214 	}
215 #endif	/* DEBUG */
216 
217 result_auth2ent:
218 	(void) __ns_ldap_freeResult(&be->result);
219 	return ((int)nss_result);
220 }
221 
222 
223 static nss_status_t
224 getbyname(ldap_backend_ptr be, void *a)
225 {
226 	nss_XbyY_args_t	*argp = (nss_XbyY_args_t *)a;
227 	char		searchfilter[SEARCHFILTERLEN];
228 	char		userdata[SEARCHFILTERLEN];
229 	char		name[SEARCHFILTERLEN];
230 	int		ret;
231 
232 #ifdef	DEBUG
233 	(void) fprintf(stdout, "\n[getauthattr.c: getbyname]\n");
234 #endif	/* DEBUG */
235 
236 	if (_ldap_filter_name(name, argp->key.name, sizeof (name)) != 0)
237 		return ((nss_status_t)NSS_NOTFOUND);
238 
239 	ret = snprintf(searchfilter, SEARCHFILTERLEN,
240 	    _AUTH_GETAUTHNAME, name);
241 	if (ret >= sizeof (searchfilter) || ret < 0)
242 		return ((nss_status_t)NSS_NOTFOUND);
243 
244 	ret = snprintf(userdata, sizeof (userdata),
245 	    _AUTH_GETAUTHNAME_SSD, name);
246 	if (ret >= sizeof (userdata) || ret < 0)
247 		return ((nss_status_t)NSS_NOTFOUND);
248 
249 	return ((nss_status_t)_nss_ldap_lookup(be, argp,
250 	    _AUTHATTR, searchfilter, NULL, _merge_SSD_filter, userdata));
251 }
252 
253 
254 static ldap_backend_op_t authattr_ops[] = {
255 	_nss_ldap_destr,
256 	_nss_ldap_endent,
257 	_nss_ldap_setent,
258 	_nss_ldap_getent,
259 	getbyname
260 };
261 
262 
263 /*ARGSUSED0*/
264 nss_backend_t *
265 _nss_ldap_auth_attr_constr(const char *dummy1,
266     const char *dummy2,
267     const char *dummy3,
268     const char *dummy4,
269     const char *dummy5)
270 {
271 #ifdef	DEBUG
272 	(void) fprintf(stdout,
273 	    "\n[getauthattr.c: _nss_ldap_auth_attr_constr]\n");
274 #endif
275 	return ((nss_backend_t *)_nss_ldap_constr(authattr_ops,
276 		sizeof (authattr_ops)/sizeof (authattr_ops[0]), _AUTHATTR,
277 		auth_attrs, _nss_ldap_auth2ent));
278 }
279