xref: /titanic_44/usr/src/lib/nsswitch/nis/common/getspent.c (revision c13de8f6a88563211bd4432ca11ca38ed3bf0fc0)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*
23  *	Copyright (c) 1988-1992 Sun Microsystems Inc
24  *	All Rights Reserved.
25  *
26  *	nis/getspent.c -- "nis" backend for nsswitch "shadow" database
27  */
28 
29 #pragma ident	"%Z%%M%	%I%	%E% SMI"
30 
31 #include <shadow.h>
32 #include <string.h>
33 #include "nis_common.h"
34 
35 /*
36  * Most of the information in a struct spwd simply isn't available from the
37  * YP maps, we dummy out all the numeric fields and just get sp_namp and
38  * sp_pwdp (name and password) from the YP passwd map.  Thus we don't
39  * use the str2ent() routine that's passed to us, but instead have our
40  * own dummy routine:
41  *
42  * Return values: 0 = success, 1 = parse error, 2 = erange ...
43  * The structure pointer passed in is a structure in the caller's space
44  * wherein the field pointers would be set to areas in the buffer if
45  * need be. instring and buffer should be separate areas. Let's not
46  * fight over crumbs.
47  */
48 static int
49 nis_str2spent(instr, lenstr, ent, buffer, buflen)
50 	const char		*instr;
51 	int			lenstr;
52 	void	*ent; /* it is really (struct spwd *) */
53 	char	*buffer;
54 	int	buflen;
55 {
56 	struct spwd		*spwd	= (struct spwd *)ent;
57 	char			*p, *q;
58 
59 	/*
60 	 * We know that instr != 0 because we're in 'nis', not 'files'
61 	 */
62 	if ((p = memchr(instr, ':', lenstr)) == 0) {
63 		return (NSS_STR_PARSE_PARSE);
64 	}
65 	if ((q = memchr(p + 1, ':', lenstr - (p + 1 - instr))) == 0) {
66 		return (NSS_STR_PARSE_PARSE);
67 	}
68 	/* Don't bother checking the rest of the YP passwd entry... */
69 
70 	if (q + 1 - instr > buflen) {
71 		return (NSS_STR_PARSE_ERANGE);
72 	}
73 	memcpy(buffer, instr, q - instr);
74 	buffer[p - instr] = '\0';
75 	buffer[q - instr] = '\0';
76 
77 	spwd->sp_namp	= buffer;
78 	spwd->sp_pwdp	= buffer + (p + 1 - instr);
79 	spwd->sp_lstchg	= -1;
80 	spwd->sp_min	= -1;
81 	spwd->sp_max	= -1;
82 	spwd->sp_warn	= -1;
83 	spwd->sp_inact	= -1;
84 	spwd->sp_expire	= -1;
85 	spwd->sp_flag	= 0;
86 	return (NSS_STR_PARSE_SUCCESS);
87 }
88 
89 typedef int	(*cstr2ent_t)(const char *, int, void *, char *, int);
90 
91 static nss_status_t
92 getbyname(be, a)
93 	nis_backend_ptr_t	be;
94 	void			*a;
95 {
96 	nss_XbyY_args_t		*argp = (nss_XbyY_args_t *) a;
97 	cstr2ent_t		save_c2e;
98 	nss_status_t		res;
99 	struct spwd 		*spwd;
100 
101 	save_c2e	= argp->str2ent;
102 	argp->str2ent	= nis_str2spent;
103 	res = _nss_nis_lookup(be, argp, 0, "passwd.byname", argp->key.name, 0);
104 	spwd = (struct spwd *)argp->buf.result;
105 	/*
106 	 * check for the C2 security flag "##" in the passwd field.
107 	 * If the first 2 chars in the passwd field is "##", get
108 	 * the user's passwd from passwd.adjunct.byname map.
109 	 * The lookup to this passwd.adjunct.byname map will only
110 	 * succeed if the caller's uid is 0 because only root user
111 	 * can use privilege port.
112 	 */
113 	if ((res == NSS_SUCCESS) && (spwd->sp_pwdp) &&
114 	    (*(spwd->sp_pwdp) == '#') && (*(spwd->sp_pwdp + 1) == '#')) {
115 		/* get password from passwd.adjunct.byname */
116 		res = _nss_nis_lookup_rsvdport(be, argp, 0,
117 						"passwd.adjunct.byname",
118 						argp->key.name, 0);
119 	}
120 
121 	argp->str2ent	= save_c2e;
122 	return (res);
123 }
124 
125 #define	NIS_SP_GETENT
126 
127 #ifdef	NIS_SP_GETENT
128 
129 static nss_status_t
130 getent(be, a)
131 	nis_backend_ptr_t	be;
132 	void			*a;
133 {
134 	nss_XbyY_args_t		*argp = (nss_XbyY_args_t *) a;
135 	cstr2ent_t		save_c2e;
136 	nss_status_t		res;
137 	struct spwd 		*spwd;
138 
139 	save_c2e	= argp->str2ent;
140 	argp->str2ent	= nis_str2spent;
141 	res = _nss_nis_getent_rigid(be, argp);
142 	spwd = (struct spwd *)argp->buf.result;
143 	/*
144 	 * check for the C2 security flag "##" in the passwd field.
145 	 * If the first 2 chars in the passwd field is "##", get
146 	 * the user's passwd from passwd.adjunct.byname map.
147 	 * The lookup to this passwd.adjunct.byname map will only
148 	 * succeed if the caller's uid is 0 because only root user
149 	 * can use privilege port.
150 	 */
151 	if ((res == NSS_SUCCESS) && (spwd->sp_pwdp) &&
152 	    (*(spwd->sp_pwdp) == '#') && (*(spwd->sp_pwdp + 1) == '#')) {
153 		/* get password from passwd.adjunct.byname */
154 		res = _nss_nis_lookup_rsvdport(be, argp, 0,
155 					"passwd.adjunct.byname",
156 					spwd->sp_namp, 0);
157 	}
158 	argp->str2ent	= save_c2e;
159 	return (res);
160 }
161 
162 #endif	/* NIS_SP_GETENT */
163 
164 static nis_backend_op_t shadow_ops[] = {
165 	_nss_nis_destr,
166 	_nss_nis_endent,
167 	_nss_nis_setent,
168 #ifdef	NIS_SP_GETENT
169 	getent,
170 #else
171 	0,
172 #endif	/* NIS_SP_GETENT */
173 	getbyname
174 };
175 
176 nss_backend_t *
177 _nss_nis_shadow_constr(dummy1, dummy2, dummy3)
178 	const char	*dummy1, *dummy2, *dummy3;
179 {
180 	return (_nss_nis_constr(shadow_ops,
181 				sizeof (shadow_ops) / sizeof (shadow_ops[0]),
182 				"passwd.byname"));
183 }
184