xref: /titanic_52/usr/src/lib/nsswitch/ldap/common/getauuser.c (revision 10db1377dafab8ba3feedef26db9c5d8539a5cd1)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*
23  * Copyright 2003 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #pragma ident	"%Z%%M%	%I%	%E% SMI"
28 
29 #include <secdb.h>
30 #include "ldap_common.h"
31 #include <bsm/libbsm.h>
32 
33 
34 /* audit_user attributes */
35 #define	_AU_NAME		"uid"
36 #define	_AU_ALWAYS		"SolarisAuditAlways"
37 #define	_AU_NEVER		"SolarisAuditNever"
38 #define	_AU_GETAUUSERNAME	"(&(objectClass=SolarisAuditUser)(uid=%s))"
39 #define	_AU_GETAUUSERNAME_SSD	"(&(%%s)(uid=%s))"
40 
41 
42 static const char *auuser_attrs[] = {
43 	_AU_NAME,
44 	_AU_ALWAYS,
45 	_AU_NEVER,
46 	(char *)NULL
47 };
48 
49 
50 static int
51 _nss_ldap_au2ent(ldap_backend_ptr be, nss_XbyY_args_t *argp)
52 {
53 	int			i, nss_result;
54 	int			buflen = (int)0;
55 	unsigned long		len = 0L;
56 	char			*nullstring = (char *)NULL;
57 	char			*buffer = (char *)NULL;
58 	char			*ceiling = (char *)NULL;
59 	au_user_str_t		*au_user = (au_user_str_t *)NULL;
60 	ns_ldap_attr_t		*attrptr;
61 	ns_ldap_result_t	*result = be->result;
62 
63 	buffer = argp->buf.buffer;
64 	buflen = (size_t)argp->buf.buflen;
65 	if (!argp->buf.result) {
66 		nss_result = (int)NSS_STR_PARSE_ERANGE;
67 		goto result_au2ent;
68 	}
69 	au_user = (au_user_str_t *)(argp->buf.result);
70 	ceiling = buffer + buflen;
71 	au_user->au_name = (char *)NULL;
72 	au_user->au_always = (char *)NULL;
73 	au_user->au_never = (char *)NULL;
74 	nss_result = (int)NSS_STR_PARSE_SUCCESS;
75 	(void) memset(argp->buf.buffer, 0, buflen);
76 
77 	attrptr = getattr(result, 0);
78 	if (attrptr == NULL) {
79 		nss_result = (int)NSS_STR_PARSE_PARSE;
80 		goto result_au2ent;
81 	}
82 	for (i = 0; i < result->entry->attr_count; i++) {
83 		attrptr = getattr(result, i);
84 		if (attrptr == NULL) {
85 			nss_result = (int)NSS_STR_PARSE_PARSE;
86 			goto result_au2ent;
87 		}
88 		if (strcasecmp(attrptr->attrname, _AU_NAME) == 0) {
89 			if ((attrptr->attrvalue[0] == NULL) ||
90 			    (len = strlen(attrptr->attrvalue[0])) < 1) {
91 				nss_result = (int)NSS_STR_PARSE_PARSE;
92 				goto result_au2ent;
93 			}
94 			au_user->au_name = buffer;
95 			buffer += len + 1;
96 			if (buffer >= ceiling) {
97 				nss_result = (int)NSS_STR_PARSE_ERANGE;
98 				goto result_au2ent;
99 			}
100 			(void) strcpy(au_user->au_name, attrptr->attrvalue[0]);
101 			continue;
102 		}
103 		if (strcasecmp(attrptr->attrname, _AU_ALWAYS) == 0) {
104 			if ((attrptr->attrvalue[0] == NULL) ||
105 			    (len = strlen(attrptr->attrvalue[0])) < 1) {
106 				au_user->au_always = nullstring;
107 			} else {
108 				au_user->au_always = buffer;
109 				buffer += len + 1;
110 				if (buffer >= ceiling) {
111 					nss_result = (int)NSS_STR_PARSE_ERANGE;
112 					goto result_au2ent;
113 				}
114 				(void) strcpy(au_user->au_always,
115 				    attrptr->attrvalue[0]);
116 			}
117 			continue;
118 		}
119 		if (strcasecmp(attrptr->attrname, _AU_NEVER) == 0) {
120 			if ((attrptr->attrvalue[0] == NULL) ||
121 			    (len = strlen(attrptr->attrvalue[0])) < 1) {
122 				au_user->au_never = nullstring;
123 			} else {
124 				au_user->au_never = buffer;
125 				buffer += len + 1;
126 				if (buffer >= ceiling) {
127 					nss_result = (int)NSS_STR_PARSE_ERANGE;
128 					goto result_au2ent;
129 				}
130 				(void) strcpy(au_user->au_never,
131 				    attrptr->attrvalue[0]);
132 			}
133 			continue;
134 		}
135 	}
136 
137 #ifdef	DEBUG
138 	(void) fprintf(stdout, "\n[getauuser.c: _nss_ldap_au2ent]\n");
139 	(void) fprintf(stdout, "      au_name: [%s]\n", au_user->au_name);
140 	if (au_user->au_always != (char *)NULL) {
141 		(void) fprintf(stdout, "      au_always: [%s]\n",
142 		    au_user->au_always);
143 	}
144 	if (au_user->au_never != (char *)NULL) {
145 		(void) fprintf(stdout, "      au_never: [%s]\n",
146 		    au_user->au_never);
147 	}
148 #endif	/* DEBUG */
149 
150 result_au2ent:
151 	(void) __ns_ldap_freeResult(&be->result);
152 	return ((int)nss_result);
153 }
154 
155 
156 static nss_status_t
157 getbyname(ldap_backend_ptr be, void *a)
158 {
159 	char		searchfilter[SEARCHFILTERLEN];
160 	char		userdata[SEARCHFILTERLEN];
161 	char		name[SEARCHFILTERLEN];
162 	nss_XbyY_args_t	*argp = (nss_XbyY_args_t *)a;
163 	int		ret;
164 
165 #ifdef	DEBUG
166 	(void) fprintf(stdout, "\n[getauuser.c: getbyname]\n");
167 #endif	/* DEBUG */
168 
169 	if (_ldap_filter_name(name, argp->key.name, sizeof (name)) != 0)
170 		return ((nss_status_t)NSS_NOTFOUND);
171 
172 	ret = snprintf(searchfilter, sizeof (searchfilter),
173 	    _AU_GETAUUSERNAME, name);
174 
175 	if (ret >= sizeof (searchfilter) || ret < 0)
176 		return ((nss_status_t)NSS_NOTFOUND);
177 
178 	ret = snprintf(userdata, sizeof (userdata),
179 	    _AU_GETAUUSERNAME_SSD, name);
180 
181 	if (ret >= sizeof (userdata) || ret < 0)
182 		return ((nss_status_t)NSS_NOTFOUND);
183 
184 	return (_nss_ldap_lookup(be, argp, _AUUSER, searchfilter, NULL,
185 	    _merge_SSD_filter, userdata));
186 }
187 
188 
189 static ldap_backend_op_t auuser_ops[] = {
190 	_nss_ldap_destr,
191 	_nss_ldap_endent,
192 	_nss_ldap_setent,
193 	_nss_ldap_getent,
194 	getbyname
195 };
196 
197 
198 /*ARGSUSED0*/
199 nss_backend_t *
200 _nss_ldap_audit_user_constr(const char *dummy1,
201     const char *dummy2,
202     const char *dummy3,
203     const char *dummy4,
204     const char *dummy5)
205 {
206 #ifdef	DEBUG
207 	(void) fprintf(stdout,
208 	    "\n[getauuser.c: _nss_ldap_audit_user_constr]\n");
209 #endif
210 	return ((nss_backend_t *)_nss_ldap_constr(auuser_ops,
211 		sizeof (auuser_ops)/sizeof (auuser_ops[0]), _AUUSER,
212 		auuser_attrs, _nss_ldap_au2ent));
213 }
214