1/*-
2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3 *
4 * Copyright (c) 2003 Networks Associates Technology, Inc.
5 * All rights reserved.
6 *
7 * This software was developed for the FreeBSD Project by
8 * Jacques A. Vidrine, Safeport Network Services, and Network
9 * Associates Laboratories, the Security Research Division of Network
10 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
11 * ("CBOSS"), as part of the DARPA CHATS research program.
12 *
13 * Redistribution and use in source and binary forms, with or without
14 * modification, are permitted provided that the following conditions
15 * are met:
16 * 1. Redistributions of source code must retain the above copyright
17 *    notice, this list of conditions and the following disclaimer.
18 * 2. Redistributions in binary form must reproduce the above copyright
19 *    notice, this list of conditions and the following disclaimer in the
20 *    documentation and/or other materials provided with the distribution.
21 *
22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 *
34 */
35#include <sys/cdefs.h>
36__FBSDID("$FreeBSD$");
37
38#include "namespace.h"
39#include <sys/param.h>
40#ifdef YP
41#include <rpc/rpc.h>
42#include <rpcsvc/yp_prot.h>
43#include <rpcsvc/ypclnt.h>
44#endif
45#include <arpa/inet.h>
46#include <errno.h>
47#include <fcntl.h>
48#ifdef HESIOD
49#include <hesiod.h>
50#endif
51#include <netdb.h>
52#include <nsswitch.h>
53#include <pthread.h>
54#include <pthread_np.h>
55#include <pwd.h>
56#include <stdlib.h>
57#include <stdio.h>
58#include <string.h>
59#include <syslog.h>
60#include <unistd.h>
61#include "un-namespace.h"
62#include <db.h>
63#include "libc_private.h"
64#include "pw_scan.h"
65#include "nss_tls.h"
66#ifdef NS_CACHING
67#include "nscache.h"
68#endif
69
70#ifndef CTASSERT
71#define CTASSERT(x)		_CTASSERT(x, __LINE__)
72#define _CTASSERT(x, y)		__CTASSERT(x, y)
73#define __CTASSERT(x, y)	typedef char __assert_ ## y [(x) ? 1 : -1]
74#endif
75
76/* Counter as stored in /etc/pwd.db */
77typedef	int		pwkeynum;
78
79CTASSERT(MAXLOGNAME > sizeof(uid_t));
80CTASSERT(MAXLOGNAME > sizeof(pwkeynum));
81
82enum constants {
83	PWD_STORAGE_INITIAL	= 1 << 10, /* 1 KByte */
84	PWD_STORAGE_MAX		= 1 << 20, /* 1 MByte */
85	SETPWENT		= 1,
86	ENDPWENT		= 2,
87	HESIOD_NAME_MAX		= 256
88};
89
90static const ns_src defaultsrc[] = {
91	{ NSSRC_COMPAT, NS_SUCCESS },
92	{ NULL, 0 }
93};
94
95int	__pw_match_entry(const char *, size_t, enum nss_lookup_type,
96	    const char *, uid_t);
97int	__pw_parse_entry(char *, size_t, struct passwd *, int, int *errnop);
98
99union key {
100	const char	*name;
101	uid_t		 uid;
102};
103
104static	struct passwd *getpw(int (*fn)(union key, struct passwd *, char *,
105		    size_t, struct passwd **), union key);
106static	int	 wrap_getpwnam_r(union key, struct passwd *, char *,
107		    size_t, struct passwd **);
108static	int	 wrap_getpwuid_r(union key, struct passwd *, char *, size_t,
109		    struct passwd **);
110static	int	 wrap_getpwent_r(union key, struct passwd *, char *, size_t,
111		    struct passwd **);
112
113static	int	 pwdb_match_entry_v3(char *, size_t, enum nss_lookup_type,
114		    const char *, uid_t);
115static	int	 pwdb_parse_entry_v3(char *, size_t, struct passwd *, int *);
116static	int	 pwdb_match_entry_v4(char *, size_t, enum nss_lookup_type,
117		    const char *, uid_t);
118static	int	 pwdb_parse_entry_v4(char *, size_t, struct passwd *, int *);
119
120
121struct {
122	int	(*match)(char *, size_t, enum nss_lookup_type, const char *,
123		    uid_t);
124	int	(*parse)(char *, size_t, struct passwd *, int *);
125} pwdb_versions[] = {
126	{ NULL, NULL },					/* version 0 */
127	{ NULL, NULL },					/* version 1 */
128	{ NULL, NULL },					/* version 2 */
129	{ pwdb_match_entry_v3, pwdb_parse_entry_v3 },	/* version 3 */
130	{ pwdb_match_entry_v4, pwdb_parse_entry_v4 },	/* version 4 */
131};
132
133
134struct files_state {
135	DB		*db;
136	pwkeynum	 keynum;
137	int		 stayopen;
138	int		 version;
139};
140static	void	files_endstate(void *);
141NSS_TLS_HANDLING(files);
142static	DB	*pwdbopen(int *);
143static	void	 files_endstate(void *);
144static	int	 files_setpwent(void *, void *, va_list);
145static	int	 files_passwd(void *, void *, va_list);
146
147
148#ifdef HESIOD
149struct dns_state {
150	long	counter;
151};
152static	void	dns_endstate(void *);
153NSS_TLS_HANDLING(dns);
154static	int	 dns_setpwent(void *, void *, va_list);
155static	int	 dns_passwd(void *, void *, va_list);
156#endif
157
158
159#ifdef YP
160struct nis_state {
161	char	 domain[MAXHOSTNAMELEN];
162	int	 done;
163	char	*key;
164	int	 keylen;
165};
166static	void	 nis_endstate(void *);
167NSS_TLS_HANDLING(nis);
168static	int	 nis_setpwent(void *, void *, va_list);
169static	int	 nis_passwd(void *, void *, va_list);
170static	int	 nis_map(char *, enum nss_lookup_type, char *, size_t, int *);
171static	int	 nis_adjunct(char *, const char *, char *, size_t);
172#endif
173
174
175struct compat_state {
176	DB		*db;
177	pwkeynum	 keynum;
178	int		 stayopen;
179	int		 version;
180	DB		*exclude;
181	struct passwd	 template;
182	char		*name;
183	enum _compat {
184		COMPAT_MODE_OFF = 0,
185		COMPAT_MODE_ALL,
186		COMPAT_MODE_NAME,
187		COMPAT_MODE_NETGROUP
188	}		 compat;
189};
190static	void	 compat_endstate(void *);
191NSS_TLS_HANDLING(compat);
192static	int	 compat_setpwent(void *, void *, va_list);
193static	int	 compat_passwd(void *, void *, va_list);
194static	void	 compat_clear_template(struct passwd *);
195static	int	 compat_set_template(struct passwd *, struct passwd *);
196static	int	 compat_use_template(struct passwd *, struct passwd *, char *,
197		    size_t);
198static	int	 compat_redispatch(struct compat_state *, enum nss_lookup_type,
199		    enum nss_lookup_type, const char *, const char *, uid_t,
200		    struct passwd *, char *, size_t, int *);
201
202#ifdef NS_CACHING
203static	int	 pwd_id_func(char *, size_t *, va_list ap, void *);
204static	int	 pwd_marshal_func(char *, size_t *, void *, va_list, void *);
205static	int	 pwd_unmarshal_func(char *, size_t, void *, va_list, void *);
206
207static int
208pwd_id_func(char *buffer, size_t *buffer_size, va_list ap, void *cache_mdata)
209{
210	char	*name;
211	uid_t	uid;
212	size_t	size, desired_size;
213	int	res = NS_UNAVAIL;
214	enum nss_lookup_type lookup_type;
215
216	lookup_type = (enum nss_lookup_type)(uintptr_t)cache_mdata;
217	switch (lookup_type) {
218	case nss_lt_name:
219		name = va_arg(ap, char *);
220		size = strlen(name);
221		desired_size = sizeof(enum nss_lookup_type) + size + 1;
222		if (desired_size > *buffer_size) {
223			res = NS_RETURN;
224			goto fin;
225		}
226
227		memcpy(buffer, &lookup_type, sizeof(enum nss_lookup_type));
228		memcpy(buffer + sizeof(enum nss_lookup_type), name, size + 1);
229
230		res = NS_SUCCESS;
231		break;
232	case nss_lt_id:
233		uid = va_arg(ap, uid_t);
234		desired_size = sizeof(enum nss_lookup_type) + sizeof(uid_t);
235		if (desired_size > *buffer_size) {
236			res = NS_RETURN;
237			goto fin;
238		}
239
240		memcpy(buffer, &lookup_type, sizeof(enum nss_lookup_type));
241		memcpy(buffer + sizeof(enum nss_lookup_type), &uid,
242		    sizeof(uid_t));
243
244		res = NS_SUCCESS;
245		break;
246	default:
247		/* should be unreachable */
248		return (NS_UNAVAIL);
249	}
250
251fin:
252	*buffer_size = desired_size;
253	return (res);
254}
255
256static int
257pwd_marshal_func(char *buffer, size_t *buffer_size, void *retval, va_list ap,
258    void *cache_mdata)
259{
260	char *name;
261	uid_t uid;
262	struct passwd *pwd;
263	char *orig_buf;
264	size_t orig_buf_size;
265
266	struct passwd new_pwd;
267	size_t desired_size, size;
268	char *p;
269
270	switch ((enum nss_lookup_type)(uintptr_t)cache_mdata) {
271	case nss_lt_name:
272		name = va_arg(ap, char *);
273		break;
274	case nss_lt_id:
275		uid = va_arg(ap, uid_t);
276		break;
277	case nss_lt_all:
278		break;
279	default:
280		/* should be unreachable */
281		return (NS_UNAVAIL);
282	}
283
284	pwd = va_arg(ap, struct passwd *);
285	orig_buf = va_arg(ap, char *);
286	orig_buf_size = va_arg(ap, size_t);
287
288	desired_size = sizeof(struct passwd) + sizeof(char *) +
289	    strlen(pwd->pw_name) + 1;
290	if (pwd->pw_passwd != NULL)
291		desired_size += strlen(pwd->pw_passwd) + 1;
292	if (pwd->pw_class != NULL)
293		desired_size += strlen(pwd->pw_class) + 1;
294	if (pwd->pw_gecos != NULL)
295		desired_size += strlen(pwd->pw_gecos) + 1;
296	if (pwd->pw_dir != NULL)
297		desired_size += strlen(pwd->pw_dir) + 1;
298	if (pwd->pw_shell != NULL)
299		desired_size += strlen(pwd->pw_shell) + 1;
300
301	if (*buffer_size < desired_size) {
302		/* this assignment is here for future use */
303		*buffer_size = desired_size;
304		return (NS_RETURN);
305	}
306
307	memcpy(&new_pwd, pwd, sizeof(struct passwd));
308	memset(buffer, 0, desired_size);
309
310	*buffer_size = desired_size;
311	p = buffer + sizeof(struct passwd) + sizeof(char *);
312	memcpy(buffer + sizeof(struct passwd), &p, sizeof(char *));
313
314	if (new_pwd.pw_name != NULL) {
315		size = strlen(new_pwd.pw_name);
316		memcpy(p, new_pwd.pw_name, size);
317		new_pwd.pw_name = p;
318		p += size + 1;
319	}
320
321	if (new_pwd.pw_passwd != NULL) {
322		size = strlen(new_pwd.pw_passwd);
323		memcpy(p, new_pwd.pw_passwd, size);
324		new_pwd.pw_passwd = p;
325		p += size + 1;
326	}
327
328	if (new_pwd.pw_class != NULL) {
329		size = strlen(new_pwd.pw_class);
330		memcpy(p, new_pwd.pw_class, size);
331		new_pwd.pw_class = p;
332		p += size + 1;
333	}
334
335	if (new_pwd.pw_gecos != NULL) {
336		size = strlen(new_pwd.pw_gecos);
337		memcpy(p, new_pwd.pw_gecos, size);
338		new_pwd.pw_gecos = p;
339		p += size + 1;
340	}
341
342	if (new_pwd.pw_dir != NULL) {
343		size = strlen(new_pwd.pw_dir);
344		memcpy(p, new_pwd.pw_dir, size);
345		new_pwd.pw_dir = p;
346		p += size + 1;
347	}
348
349	if (new_pwd.pw_shell != NULL) {
350		size = strlen(new_pwd.pw_shell);
351		memcpy(p, new_pwd.pw_shell, size);
352		new_pwd.pw_shell = p;
353		p += size + 1;
354	}
355
356	memcpy(buffer, &new_pwd, sizeof(struct passwd));
357	return (NS_SUCCESS);
358}
359
360static int
361pwd_unmarshal_func(char *buffer, size_t buffer_size, void *retval, va_list ap,
362    void *cache_mdata)
363{
364	char *name;
365	uid_t uid;
366	struct passwd *pwd;
367	char *orig_buf;
368	size_t orig_buf_size;
369	int *ret_errno;
370
371	char *p;
372
373	switch ((enum nss_lookup_type)(uintptr_t)cache_mdata) {
374	case nss_lt_name:
375		name = va_arg(ap, char *);
376		break;
377	case nss_lt_id:
378		uid = va_arg(ap, uid_t);
379		break;
380	case nss_lt_all:
381		break;
382	default:
383		/* should be unreachable */
384		return (NS_UNAVAIL);
385	}
386
387	pwd = va_arg(ap, struct passwd *);
388	orig_buf = va_arg(ap, char *);
389	orig_buf_size = va_arg(ap, size_t);
390	ret_errno = va_arg(ap, int *);
391
392	if (orig_buf_size + sizeof(struct passwd) + sizeof(char *) <
393	    buffer_size) {
394		*ret_errno = ERANGE;
395		return (NS_RETURN);
396	} else if (buffer_size < sizeof(struct passwd) + sizeof(char *)) {
397		/*
398		 * nscd(8) sometimes returns buffer_size=1 for nonexistent
399		 * entries.
400		 */
401		*ret_errno = 0;
402		return (NS_NOTFOUND);
403	}
404
405	memcpy(pwd, buffer, sizeof(struct passwd));
406	memcpy(&p, buffer + sizeof(struct passwd), sizeof(char *));
407	memcpy(orig_buf, buffer + sizeof(struct passwd) + sizeof(char *),
408	    buffer_size - sizeof(struct passwd) - sizeof(char *));
409
410	NS_APPLY_OFFSET(pwd->pw_name, orig_buf, p, char *);
411	NS_APPLY_OFFSET(pwd->pw_passwd, orig_buf, p, char *);
412	NS_APPLY_OFFSET(pwd->pw_class, orig_buf, p, char *);
413	NS_APPLY_OFFSET(pwd->pw_gecos, orig_buf, p, char *);
414	NS_APPLY_OFFSET(pwd->pw_dir, orig_buf, p, char *);
415	NS_APPLY_OFFSET(pwd->pw_shell, orig_buf, p, char *);
416
417	if (retval != NULL)
418		*((struct passwd **)retval) = pwd;
419
420	return (NS_SUCCESS);
421}
422
423NSS_MP_CACHE_HANDLING(passwd);
424#endif /* NS_CACHING */
425
426void
427setpwent(void)
428{
429#ifdef NS_CACHING
430	static const nss_cache_info cache_info = NS_MP_CACHE_INFO_INITIALIZER(
431		passwd, (void *)nss_lt_all,
432		NULL, NULL);
433#endif
434
435	static const ns_dtab dtab[] = {
436		{ NSSRC_FILES, files_setpwent, (void *)SETPWENT },
437#ifdef HESIOD
438		{ NSSRC_DNS, dns_setpwent, (void *)SETPWENT },
439#endif
440#ifdef YP
441		{ NSSRC_NIS, nis_setpwent, (void *)SETPWENT },
442#endif
443		{ NSSRC_COMPAT, compat_setpwent, (void *)SETPWENT },
444#ifdef NS_CACHING
445		NS_CACHE_CB(&cache_info)
446#endif
447		{ NULL, NULL, NULL }
448	};
449	(void)_nsdispatch(NULL, dtab, NSDB_PASSWD, "setpwent", defaultsrc, 0);
450}
451
452
453int
454setpassent(int stayopen)
455{
456#ifdef NS_CACHING
457	static const nss_cache_info cache_info = NS_MP_CACHE_INFO_INITIALIZER(
458		passwd, (void *)nss_lt_all,
459		NULL, NULL);
460#endif
461
462	static const ns_dtab dtab[] = {
463		{ NSSRC_FILES, files_setpwent, (void *)SETPWENT },
464#ifdef HESIOD
465		{ NSSRC_DNS, dns_setpwent, (void *)SETPWENT },
466#endif
467#ifdef YP
468		{ NSSRC_NIS, nis_setpwent, (void *)SETPWENT },
469#endif
470		{ NSSRC_COMPAT, compat_setpwent, (void *)SETPWENT },
471#ifdef NS_CACHING
472		NS_CACHE_CB(&cache_info)
473#endif
474		{ NULL, NULL, NULL }
475	};
476	(void)_nsdispatch(NULL, dtab, NSDB_PASSWD, "setpwent", defaultsrc,
477	    stayopen);
478	return (1);
479}
480
481
482void
483endpwent(void)
484{
485#ifdef NS_CACHING
486	static const nss_cache_info cache_info = NS_MP_CACHE_INFO_INITIALIZER(
487		passwd, (void *)nss_lt_all,
488		NULL, NULL);
489#endif
490
491	static const ns_dtab dtab[] = {
492		{ NSSRC_FILES, files_setpwent, (void *)ENDPWENT },
493#ifdef HESIOD
494		{ NSSRC_DNS, dns_setpwent, (void *)ENDPWENT },
495#endif
496#ifdef YP
497		{ NSSRC_NIS, nis_setpwent, (void *)ENDPWENT },
498#endif
499		{ NSSRC_COMPAT, compat_setpwent, (void *)ENDPWENT },
500#ifdef NS_CACHING
501		NS_CACHE_CB(&cache_info)
502#endif
503		{ NULL, NULL, NULL }
504	};
505	(void)_nsdispatch(NULL, dtab, NSDB_PASSWD, "endpwent", defaultsrc);
506}
507
508
509int
510getpwent_r(struct passwd *pwd, char *buffer, size_t bufsize,
511    struct passwd **result)
512{
513#ifdef NS_CACHING
514	static const nss_cache_info cache_info = NS_MP_CACHE_INFO_INITIALIZER(
515		passwd, (void *)nss_lt_all,
516		pwd_marshal_func, pwd_unmarshal_func);
517#endif
518
519	static const ns_dtab dtab[] = {
520		{ NSSRC_FILES, files_passwd, (void *)nss_lt_all },
521#ifdef HESIOD
522		{ NSSRC_DNS, dns_passwd, (void *)nss_lt_all },
523#endif
524#ifdef YP
525		{ NSSRC_NIS, nis_passwd, (void *)nss_lt_all },
526#endif
527		{ NSSRC_COMPAT, compat_passwd, (void *)nss_lt_all },
528#ifdef NS_CACHING
529		NS_CACHE_CB(&cache_info)
530#endif
531		{ NULL, NULL, NULL }
532	};
533	int	rv, ret_errno;
534
535	__pw_initpwd(pwd);
536	ret_errno = 0;
537	*result = NULL;
538	rv = _nsdispatch(result, dtab, NSDB_PASSWD, "getpwent_r", defaultsrc,
539	    pwd, buffer, bufsize, &ret_errno);
540	if (rv == NS_SUCCESS)
541		return (0);
542	else
543		return (ret_errno);
544}
545
546
547int
548getpwnam_r(const char *name, struct passwd *pwd, char *buffer, size_t bufsize,
549    struct passwd **result)
550{
551#ifdef NS_CACHING
552	static const nss_cache_info cache_info =
553    		NS_COMMON_CACHE_INFO_INITIALIZER(
554		passwd, (void *)nss_lt_name,
555		pwd_id_func, pwd_marshal_func, pwd_unmarshal_func);
556#endif
557
558	static const ns_dtab dtab[] = {
559		{ NSSRC_FILES, files_passwd, (void *)nss_lt_name },
560#ifdef HESIOD
561		{ NSSRC_DNS, dns_passwd, (void *)nss_lt_name },
562#endif
563#ifdef YP
564		{ NSSRC_NIS, nis_passwd, (void *)nss_lt_name },
565#endif
566		{ NSSRC_COMPAT, compat_passwd, (void *)nss_lt_name },
567#ifdef NS_CACHING
568		NS_CACHE_CB(&cache_info)
569#endif
570		{ NULL, NULL, NULL }
571	};
572	int	rv, ret_errno;
573
574	__pw_initpwd(pwd);
575	ret_errno = 0;
576	*result = NULL;
577	rv = _nsdispatch(result, dtab, NSDB_PASSWD, "getpwnam_r", defaultsrc,
578	    name, pwd, buffer, bufsize, &ret_errno);
579	if (rv == NS_SUCCESS)
580		return (0);
581	else
582		return (ret_errno);
583}
584
585
586int
587getpwuid_r(uid_t uid, struct passwd *pwd, char *buffer, size_t bufsize,
588    struct passwd **result)
589{
590#ifdef NS_CACHING
591	static const nss_cache_info cache_info =
592    		NS_COMMON_CACHE_INFO_INITIALIZER(
593		passwd, (void *)nss_lt_id,
594		pwd_id_func, pwd_marshal_func, pwd_unmarshal_func);
595#endif
596
597	static const ns_dtab dtab[] = {
598		{ NSSRC_FILES, files_passwd, (void *)nss_lt_id },
599#ifdef HESIOD
600		{ NSSRC_DNS, dns_passwd, (void *)nss_lt_id },
601#endif
602#ifdef YP
603		{ NSSRC_NIS, nis_passwd, (void *)nss_lt_id },
604#endif
605		{ NSSRC_COMPAT, compat_passwd, (void *)nss_lt_id },
606#ifdef NS_CACHING
607		NS_CACHE_CB(&cache_info)
608#endif
609		{ NULL, NULL, NULL }
610	};
611	int	rv, ret_errno;
612
613	__pw_initpwd(pwd);
614	ret_errno = 0;
615	*result = NULL;
616	rv = _nsdispatch(result, dtab, NSDB_PASSWD, "getpwuid_r", defaultsrc,
617	    uid, pwd, buffer, bufsize, &ret_errno);
618	if (rv == NS_SUCCESS)
619		return (0);
620	else
621		return (ret_errno);
622}
623
624
625static struct passwd	 pwd;
626static char		*pwd_storage;
627static size_t		 pwd_storage_size;
628
629
630static struct passwd *
631getpw(int (*fn)(union key, struct passwd *, char *, size_t, struct passwd **),
632    union key key)
633{
634	int		 rv;
635	struct passwd	*res;
636
637	if (pwd_storage == NULL) {
638		pwd_storage = malloc(PWD_STORAGE_INITIAL);
639		if (pwd_storage == NULL)
640			return (NULL);
641		pwd_storage_size = PWD_STORAGE_INITIAL;
642	}
643	do {
644		rv = fn(key, &pwd, pwd_storage, pwd_storage_size, &res);
645		if (res == NULL && rv == ERANGE) {
646			free(pwd_storage);
647			if ((pwd_storage_size << 1) > PWD_STORAGE_MAX) {
648				pwd_storage = NULL;
649				errno = ERANGE;
650				return (NULL);
651			}
652			pwd_storage_size <<= 1;
653			pwd_storage = malloc(pwd_storage_size);
654			if (pwd_storage == NULL)
655				return (NULL);
656		}
657	} while (res == NULL && rv == ERANGE);
658	if (rv != 0)
659		errno = rv;
660	return (res);
661}
662
663
664static int
665wrap_getpwnam_r(union key key, struct passwd *pwd, char *buffer,
666    size_t bufsize, struct passwd **res)
667{
668	return (getpwnam_r(key.name, pwd, buffer, bufsize, res));
669}
670
671
672static int
673wrap_getpwuid_r(union key key, struct passwd *pwd, char *buffer,
674    size_t bufsize, struct passwd **res)
675{
676	return (getpwuid_r(key.uid, pwd, buffer, bufsize, res));
677}
678
679
680static int
681wrap_getpwent_r(union key key __unused, struct passwd *pwd, char *buffer,
682    size_t bufsize, struct passwd **res)
683{
684	return (getpwent_r(pwd, buffer, bufsize, res));
685}
686
687
688struct passwd *
689getpwnam(const char *name)
690{
691	union key key;
692
693	key.name = name;
694	return (getpw(wrap_getpwnam_r, key));
695}
696
697
698struct passwd *
699getpwuid(uid_t uid)
700{
701	union key key;
702
703	key.uid = uid;
704	return (getpw(wrap_getpwuid_r, key));
705}
706
707
708struct passwd *
709getpwent(void)
710{
711	union key key;
712
713	key.uid = 0; /* not used */
714	return (getpw(wrap_getpwent_r, key));
715}
716
717
718/*
719 * files backend
720 */
721static DB *
722pwdbopen(int *version)
723{
724	DB	*res;
725	DBT	 key, entry;
726	int	 rv;
727
728	if (geteuid() != 0 ||
729	    (res = dbopen(_PATH_SMP_DB, O_RDONLY, 0, DB_HASH, NULL)) == NULL)
730		res = dbopen(_PATH_MP_DB, O_RDONLY, 0, DB_HASH, NULL);
731	if (res == NULL)
732		return (NULL);
733	key.data = _PWD_VERSION_KEY;
734	key.size = strlen(_PWD_VERSION_KEY);
735	rv = res->get(res, &key, &entry, 0);
736	if (rv == 0)
737		*version = *(unsigned char *)entry.data;
738	else
739		*version = 3;
740	if (*version < 3 ||
741	    *version >= nitems(pwdb_versions)) {
742		syslog(LOG_CRIT, "Unsupported password database version %d",
743		    *version);
744		res->close(res);
745		res = NULL;
746	}
747	return (res);
748}
749
750
751static void
752files_endstate(void *p)
753{
754	DB	*db;
755
756	if (p == NULL)
757		return;
758	db = ((struct files_state *)p)->db;
759	if (db != NULL)
760		db->close(db);
761	free(p);
762}
763
764
765static int
766files_setpwent(void *retval, void *mdata, va_list ap)
767{
768	struct files_state	*st;
769	int			 rv, stayopen;
770
771	rv = files_getstate(&st);
772	if (rv != 0)
773		return (NS_UNAVAIL);
774	switch ((enum constants)(uintptr_t)mdata) {
775	case SETPWENT:
776		stayopen = va_arg(ap, int);
777		st->keynum = 0;
778		if (stayopen)
779			st->db = pwdbopen(&st->version);
780		st->stayopen = stayopen;
781		break;
782	case ENDPWENT:
783		if (st->db != NULL) {
784			(void)st->db->close(st->db);
785			st->db = NULL;
786		}
787		break;
788	default:
789		break;
790	}
791	return (NS_UNAVAIL);
792}
793
794
795static int
796files_passwd(void *retval, void *mdata, va_list ap)
797{
798	char			 keybuf[MAXLOGNAME + 1];
799	DBT			 key, entry;
800	struct files_state	*st;
801	enum nss_lookup_type	 how;
802	const char		*name;
803	struct passwd		*pwd;
804	char			*buffer;
805	size_t			 bufsize, namesize;
806	uid_t			 uid;
807	uint32_t		 store;
808	int			 rv, stayopen = 0, *errnop;
809
810	name = NULL;
811	uid = (uid_t)-1;
812	how = (enum nss_lookup_type)(uintptr_t)mdata;
813	switch (how) {
814	case nss_lt_name:
815		name = va_arg(ap, const char *);
816		keybuf[0] = _PW_KEYBYNAME;
817		break;
818	case nss_lt_id:
819		uid = va_arg(ap, uid_t);
820		keybuf[0] = _PW_KEYBYUID;
821		break;
822	case nss_lt_all:
823		keybuf[0] = _PW_KEYBYNUM;
824		break;
825	default:
826		rv = NS_NOTFOUND;
827		goto fin;
828	}
829	pwd = va_arg(ap, struct passwd *);
830	buffer = va_arg(ap, char *);
831	bufsize = va_arg(ap, size_t);
832	errnop = va_arg(ap, int *);
833	*errnop = files_getstate(&st);
834	if (*errnop != 0)
835		return (NS_UNAVAIL);
836	if (how == nss_lt_all && st->keynum < 0) {
837		rv = NS_NOTFOUND;
838		goto fin;
839	}
840	if (st->db == NULL &&
841	    (st->db = pwdbopen(&st->version)) == NULL) {
842		*errnop = errno;
843		rv = NS_UNAVAIL;
844		goto fin;
845	}
846	if (how == nss_lt_all)
847		stayopen = 1;
848	else
849		stayopen = st->stayopen;
850	key.data = keybuf;
851	do {
852		switch (how) {
853		case nss_lt_name:
854			/* MAXLOGNAME includes NUL byte, but we do not
855			 * include the NUL byte in the key.
856			 */
857			namesize = strlcpy(&keybuf[1], name, sizeof(keybuf)-1);
858			if (namesize >= sizeof(keybuf)-1) {
859				*errnop = EINVAL;
860				rv = NS_NOTFOUND;
861				goto fin;
862			}
863			key.size = namesize + 1;
864			break;
865		case nss_lt_id:
866			if (st->version < _PWD_CURRENT_VERSION) {
867				memcpy(&keybuf[1], &uid, sizeof(uid));
868				key.size = sizeof(uid) + 1;
869			} else {
870				store = htonl(uid);
871				memcpy(&keybuf[1], &store, sizeof(store));
872				key.size = sizeof(store) + 1;
873			}
874			break;
875		case nss_lt_all:
876			st->keynum++;
877			if (st->version < _PWD_CURRENT_VERSION) {
878				memcpy(&keybuf[1], &st->keynum,
879				    sizeof(st->keynum));
880				key.size = sizeof(st->keynum) + 1;
881			} else {
882				store = htonl(st->keynum);
883				memcpy(&keybuf[1], &store, sizeof(store));
884				key.size = sizeof(store) + 1;
885			}
886			break;
887		}
888		keybuf[0] = _PW_VERSIONED(keybuf[0], st->version);
889		rv = st->db->get(st->db, &key, &entry, 0);
890		if (rv < 0 || rv > 1) { /* should never return > 1 */
891			*errnop = errno;
892			rv = NS_UNAVAIL;
893			goto fin;
894		} else if (rv == 1) {
895			if (how == nss_lt_all)
896				st->keynum = -1;
897			rv = NS_NOTFOUND;
898			goto fin;
899		}
900		rv = pwdb_versions[st->version].match(entry.data, entry.size,
901		    how, name, uid);
902		if (rv != NS_SUCCESS)
903			continue;
904		if (entry.size > bufsize) {
905			*errnop = ERANGE;
906			rv = NS_RETURN;
907			break;
908		}
909		memcpy(buffer, entry.data, entry.size);
910		rv = pwdb_versions[st->version].parse(buffer, entry.size, pwd,
911		    errnop);
912	} while (how == nss_lt_all && !(rv & NS_TERMINATE));
913fin:
914	if (st->db != NULL && !stayopen) {
915		(void)st->db->close(st->db);
916		st->db = NULL;
917	}
918	if (rv == NS_SUCCESS) {
919		pwd->pw_fields &= ~_PWF_SOURCE;
920		pwd->pw_fields |= _PWF_FILES;
921		if (retval != NULL)
922			*(struct passwd **)retval = pwd;
923	}
924	return (rv);
925}
926
927
928static int
929pwdb_match_entry_v3(char *entry, size_t entrysize, enum nss_lookup_type how,
930    const char *name, uid_t uid)
931{
932	const char	*p, *eom;
933	uid_t		 uid2;
934
935	eom = &entry[entrysize];
936	for (p = entry; p < eom; p++)
937		if (*p == '\0')
938			break;
939	if (*p != '\0')
940		return (NS_NOTFOUND);
941	if (how == nss_lt_all)
942		return (NS_SUCCESS);
943	if (how == nss_lt_name)
944		return (strcmp(name, entry) == 0 ? NS_SUCCESS : NS_NOTFOUND);
945	for (p++; p < eom; p++)
946		if (*p == '\0')
947			break;
948	if (*p != '\0' || (++p) + sizeof(uid) >= eom)
949		return (NS_NOTFOUND);
950	memcpy(&uid2, p, sizeof(uid2));
951	return (uid == uid2 ? NS_SUCCESS : NS_NOTFOUND);
952}
953
954
955static int
956pwdb_parse_entry_v3(char *buffer, size_t bufsize, struct passwd *pwd,
957    int *errnop)
958{
959	char		*p, *eom;
960	int32_t		 pw_change, pw_expire;
961
962	/* THIS CODE MUST MATCH THAT IN pwd_mkdb. */
963	p = buffer;
964	eom = &buffer[bufsize];
965#define STRING(field)	do {			\
966		(field) = p;			\
967		while (p < eom && *p != '\0')	\
968			p++;			\
969		if (p >= eom)			\
970			return (NS_NOTFOUND);	\
971		p++;				\
972	} while (0)
973#define SCALAR(field)	do {				\
974		if (p + sizeof(field) > eom)		\
975			return (NS_NOTFOUND);		\
976		memcpy(&(field), p, sizeof(field));	\
977		p += sizeof(field);			\
978	} while (0)
979	STRING(pwd->pw_name);
980	STRING(pwd->pw_passwd);
981	SCALAR(pwd->pw_uid);
982	SCALAR(pwd->pw_gid);
983	SCALAR(pw_change);
984	STRING(pwd->pw_class);
985	STRING(pwd->pw_gecos);
986	STRING(pwd->pw_dir);
987	STRING(pwd->pw_shell);
988	SCALAR(pw_expire);
989	SCALAR(pwd->pw_fields);
990#undef STRING
991#undef SCALAR
992	pwd->pw_change = pw_change;
993	pwd->pw_expire = pw_expire;
994	return (NS_SUCCESS);
995}
996
997
998static int
999pwdb_match_entry_v4(char *entry, size_t entrysize, enum nss_lookup_type how,
1000    const char *name, uid_t uid)
1001{
1002	const char	*p, *eom;
1003	uint32_t	 uid2;
1004
1005	eom = &entry[entrysize];
1006	for (p = entry; p < eom; p++)
1007		if (*p == '\0')
1008			break;
1009	if (*p != '\0')
1010		return (NS_NOTFOUND);
1011	if (how == nss_lt_all)
1012		return (NS_SUCCESS);
1013	if (how == nss_lt_name)
1014		return (strcmp(name, entry) == 0 ? NS_SUCCESS : NS_NOTFOUND);
1015	for (p++; p < eom; p++)
1016		if (*p == '\0')
1017			break;
1018	if (*p != '\0' || (++p) + sizeof(uid) >= eom)
1019		return (NS_NOTFOUND);
1020	memcpy(&uid2, p, sizeof(uid2));
1021	uid2 = ntohl(uid2);
1022	return (uid == (uid_t)uid2 ? NS_SUCCESS : NS_NOTFOUND);
1023}
1024
1025
1026static int
1027pwdb_parse_entry_v4(char *buffer, size_t bufsize, struct passwd *pwd,
1028    int *errnop)
1029{
1030	char		*p, *eom;
1031	uint32_t	 n;
1032
1033	/* THIS CODE MUST MATCH THAT IN pwd_mkdb. */
1034	p = buffer;
1035	eom = &buffer[bufsize];
1036#define STRING(field)	do {			\
1037		(field) = p;			\
1038		while (p < eom && *p != '\0')	\
1039			p++;			\
1040		if (p >= eom)			\
1041			return (NS_NOTFOUND);	\
1042		p++;				\
1043	} while (0)
1044#define SCALAR(field)	do {				\
1045		if (p + sizeof(n) > eom)		\
1046			return (NS_NOTFOUND);		\
1047		memcpy(&n, p, sizeof(n));		\
1048		(field) = ntohl(n);			\
1049		p += sizeof(n);				\
1050	} while (0)
1051	STRING(pwd->pw_name);
1052	STRING(pwd->pw_passwd);
1053	SCALAR(pwd->pw_uid);
1054	SCALAR(pwd->pw_gid);
1055	SCALAR(pwd->pw_change);
1056	STRING(pwd->pw_class);
1057	STRING(pwd->pw_gecos);
1058	STRING(pwd->pw_dir);
1059	STRING(pwd->pw_shell);
1060	SCALAR(pwd->pw_expire);
1061	SCALAR(pwd->pw_fields);
1062#undef STRING
1063#undef SCALAR
1064	return (NS_SUCCESS);
1065}
1066
1067
1068#ifdef HESIOD
1069/*
1070 * dns backend
1071 */
1072static void
1073dns_endstate(void *p)
1074{
1075	free(p);
1076}
1077
1078
1079static int
1080dns_setpwent(void *retval, void *mdata, va_list ap)
1081{
1082	struct dns_state	*st;
1083	int			 rv;
1084
1085	rv = dns_getstate(&st);
1086	if (rv != 0)
1087		return (NS_UNAVAIL);
1088	st->counter = 0;
1089	return (NS_UNAVAIL);
1090}
1091
1092
1093static int
1094dns_passwd(void *retval, void *mdata, va_list ap)
1095{
1096	char			 buf[HESIOD_NAME_MAX];
1097	struct dns_state	*st;
1098	struct passwd		*pwd;
1099	const char		*name, *label;
1100	void			*ctx;
1101	char			*buffer, **hes;
1102	size_t			 bufsize, linesize;
1103	uid_t			 uid;
1104	enum nss_lookup_type	 how;
1105	int			 rv, *errnop;
1106
1107	ctx = NULL;
1108	hes = NULL;
1109	name = NULL;
1110	uid = (uid_t)-1;
1111	how = (enum nss_lookup_type)mdata;
1112	switch (how) {
1113	case nss_lt_name:
1114		name = va_arg(ap, const char *);
1115		break;
1116	case nss_lt_id:
1117		uid = va_arg(ap, uid_t);
1118		break;
1119	case nss_lt_all:
1120		break;
1121	}
1122	pwd     = va_arg(ap, struct passwd *);
1123	buffer  = va_arg(ap, char *);
1124	bufsize = va_arg(ap, size_t);
1125	errnop  = va_arg(ap, int *);
1126	*errnop = dns_getstate(&st);
1127	if (*errnop != 0)
1128		return (NS_UNAVAIL);
1129	if (hesiod_init(&ctx) != 0) {
1130		*errnop = errno;
1131		rv = NS_UNAVAIL;
1132		goto fin;
1133	}
1134	do {
1135		rv = NS_NOTFOUND;
1136		switch (how) {
1137		case nss_lt_name:
1138			label = name;
1139			break;
1140		case nss_lt_id:
1141			if (snprintf(buf, sizeof(buf), "%lu",
1142			    (unsigned long)uid) >= sizeof(buf))
1143				goto fin;
1144			label = buf;
1145			break;
1146		case nss_lt_all:
1147			if (st->counter < 0)
1148				goto fin;
1149			if (snprintf(buf, sizeof(buf), "passwd-%ld",
1150			    st->counter++) >= sizeof(buf))
1151				goto fin;
1152			label = buf;
1153			break;
1154		}
1155		hes = hesiod_resolve(ctx, label,
1156		    how == nss_lt_id ? "uid" : "passwd");
1157		if (hes == NULL) {
1158			if (how == nss_lt_all)
1159				st->counter = -1;
1160			if (errno != ENOENT)
1161				*errnop = errno;
1162			goto fin;
1163		}
1164		rv = __pw_match_entry(hes[0], strlen(hes[0]), how, name, uid);
1165		if (rv != NS_SUCCESS) {
1166			hesiod_free_list(ctx, hes);
1167			hes = NULL;
1168			continue;
1169		}
1170		linesize = strlcpy(buffer, hes[0], bufsize);
1171		if (linesize >= bufsize) {
1172			*errnop = ERANGE;
1173			rv = NS_RETURN;
1174			continue;
1175		}
1176		hesiod_free_list(ctx, hes);
1177		hes = NULL;
1178		rv = __pw_parse_entry(buffer, bufsize, pwd, 0, errnop);
1179	} while (how == nss_lt_all && !(rv & NS_TERMINATE));
1180fin:
1181	if (hes != NULL)
1182		hesiod_free_list(ctx, hes);
1183	if (ctx != NULL)
1184		hesiod_end(ctx);
1185	if (rv == NS_SUCCESS) {
1186		pwd->pw_fields &= ~_PWF_SOURCE;
1187		pwd->pw_fields |= _PWF_HESIOD;
1188		if (retval != NULL)
1189			*(struct passwd **)retval = pwd;
1190	}
1191	return (rv);
1192}
1193#endif /* HESIOD */
1194
1195
1196#ifdef YP
1197/*
1198 * nis backend
1199 */
1200static void
1201nis_endstate(void *p)
1202{
1203	free(((struct nis_state *)p)->key);
1204	free(p);
1205}
1206
1207/*
1208 * Test for the presence of special FreeBSD-specific master.passwd.by*
1209 * maps. We do this using yp_order(). If it fails, then either the server
1210 * doesn't have the map, or the YPPROC_ORDER procedure isn't supported by
1211 * the server (Sun NIS+ servers in YP compat mode behave this way). If
1212 * the master.passwd.by* maps don't exist, then let the lookup routine try
1213 * the regular passwd.by* maps instead. If the lookup routine fails, it
1214 * can return an error as needed.
1215 */
1216static int
1217nis_map(char *domain, enum nss_lookup_type how, char *buffer, size_t bufsize,
1218    int *master)
1219{
1220	int	rv, order;
1221
1222	*master = 0;
1223	if (geteuid() == 0) {
1224		if (snprintf(buffer, bufsize, "master.passwd.by%s",
1225		    (how == nss_lt_id) ? "uid" : "name") >= bufsize)
1226			return (NS_UNAVAIL);
1227		rv = yp_order(domain, buffer, &order);
1228		if (rv == 0) {
1229			*master = 1;
1230			return (NS_SUCCESS);
1231		}
1232	}
1233
1234	if (snprintf(buffer, bufsize, "passwd.by%s",
1235	    (how == nss_lt_id) ? "uid" : "name") >= bufsize)
1236		return (NS_UNAVAIL);
1237
1238	return (NS_SUCCESS);
1239}
1240
1241
1242static int
1243nis_adjunct(char *domain, const char *name, char *buffer, size_t bufsize)
1244{
1245	int	 rv;
1246	char	*result, *p, *q, *eor;
1247	int	 resultlen;
1248
1249	result = NULL;
1250	rv = yp_match(domain, "passwd.adjunct.byname", name, strlen(name),
1251	    &result, &resultlen);
1252	if (rv != 0)
1253		rv = 1;
1254	else {
1255		eor = &result[resultlen];
1256		p = memchr(result, ':', eor - result);
1257		if (p != NULL && ++p < eor &&
1258		    (q = memchr(p, ':', eor - p)) != NULL) {
1259			if (q - p >= bufsize)
1260				rv = -1;
1261			else {
1262				memcpy(buffer, p, q - p);
1263				buffer[q - p] ='\0';
1264			}
1265		} else
1266			rv = 1;
1267	}
1268	free(result);
1269	return (rv);
1270}
1271
1272
1273static int
1274nis_setpwent(void *retval, void *mdata, va_list ap)
1275{
1276	struct nis_state	*st;
1277	int			 rv;
1278
1279	rv = nis_getstate(&st);
1280	if (rv != 0)
1281		return (NS_UNAVAIL);
1282	st->done = 0;
1283	free(st->key);
1284	st->key = NULL;
1285	return (NS_UNAVAIL);
1286}
1287
1288
1289static int
1290nis_passwd(void *retval, void *mdata, va_list ap)
1291{
1292	char		 map[YPMAXMAP];
1293	struct nis_state *st;
1294	struct passwd	*pwd;
1295	const char	*name;
1296	char		*buffer, *key, *result;
1297	size_t		 bufsize;
1298	uid_t		 uid;
1299	enum nss_lookup_type how;
1300	int		*errnop, keylen, resultlen, rv, master;
1301
1302	name = NULL;
1303	uid = (uid_t)-1;
1304	how = (enum nss_lookup_type)(uintptr_t)mdata;
1305	switch (how) {
1306	case nss_lt_name:
1307		name = va_arg(ap, const char *);
1308		break;
1309	case nss_lt_id:
1310		uid = va_arg(ap, uid_t);
1311		break;
1312	case nss_lt_all:
1313		break;
1314	}
1315	pwd     = va_arg(ap, struct passwd *);
1316	buffer  = va_arg(ap, char *);
1317	bufsize = va_arg(ap, size_t);
1318	errnop  = va_arg(ap, int *);
1319	*errnop = nis_getstate(&st);
1320	if (*errnop != 0)
1321		return (NS_UNAVAIL);
1322	if (st->domain[0] == '\0') {
1323		if (getdomainname(st->domain, sizeof(st->domain)) != 0) {
1324			*errnop = errno;
1325			return (NS_UNAVAIL);
1326		}
1327	}
1328	rv = nis_map(st->domain, how, map, sizeof(map), &master);
1329	if (rv != NS_SUCCESS)
1330		return (rv);
1331	result = NULL;
1332	do {
1333		rv = NS_NOTFOUND;
1334		switch (how) {
1335		case nss_lt_name:
1336			if (strlcpy(buffer, name, bufsize) >= bufsize)
1337				goto erange;
1338			break;
1339		case nss_lt_id:
1340			if (snprintf(buffer, bufsize, "%lu",
1341			    (unsigned long)uid) >= bufsize)
1342				goto erange;
1343			break;
1344		case nss_lt_all:
1345			if (st->done)
1346				goto fin;
1347			break;
1348		}
1349		result = NULL;
1350		if (how == nss_lt_all) {
1351			if (st->key == NULL)
1352				rv = yp_first(st->domain, map, &st->key,
1353				    &st->keylen, &result, &resultlen);
1354			else {
1355				key = st->key;
1356				keylen = st->keylen;
1357				st->key = NULL;
1358				rv = yp_next(st->domain, map, key, keylen,
1359				    &st->key, &st->keylen, &result,
1360				    &resultlen);
1361				free(key);
1362			}
1363			if (rv != 0) {
1364				free(result);
1365				free(st->key);
1366				st->key = NULL;
1367				if (rv == YPERR_NOMORE)
1368					st->done = 1;
1369				else
1370					rv = NS_UNAVAIL;
1371				goto fin;
1372			}
1373		} else {
1374			rv = yp_match(st->domain, map, buffer, strlen(buffer),
1375			    &result, &resultlen);
1376			if (rv == YPERR_KEY) {
1377				rv = NS_NOTFOUND;
1378				continue;
1379			} else if (rv != 0) {
1380				free(result);
1381				rv = NS_UNAVAIL;
1382				continue;
1383			}
1384		}
1385		if (resultlen >= bufsize) {
1386			free(result);
1387			goto erange;
1388		}
1389		memcpy(buffer, result, resultlen);
1390		buffer[resultlen] = '\0';
1391		free(result);
1392		rv = __pw_match_entry(buffer, resultlen, how, name, uid);
1393		if (rv == NS_SUCCESS)
1394			rv = __pw_parse_entry(buffer, resultlen, pwd, master,
1395			    errnop);
1396	} while (how == nss_lt_all && !(rv & NS_TERMINATE));
1397fin:
1398	if (rv == NS_SUCCESS) {
1399		if (strstr(pwd->pw_passwd, "##") != NULL) {
1400			rv = nis_adjunct(st->domain, pwd->pw_name,
1401			    &buffer[resultlen+1], bufsize-resultlen-1);
1402			if (rv < 0)
1403				goto erange;
1404			else if (rv == 0)
1405				pwd->pw_passwd = &buffer[resultlen+1];
1406		}
1407		pwd->pw_fields &= ~_PWF_SOURCE;
1408		pwd->pw_fields |= _PWF_NIS;
1409		if (retval != NULL)
1410			*(struct passwd **)retval = pwd;
1411		rv = NS_SUCCESS;
1412	}
1413	return (rv);
1414erange:
1415	*errnop = ERANGE;
1416	return (NS_RETURN);
1417}
1418#endif /* YP */
1419
1420
1421/*
1422 * compat backend
1423 */
1424static void
1425compat_clear_template(struct passwd *template)
1426{
1427
1428	free(template->pw_passwd);
1429	free(template->pw_gecos);
1430	free(template->pw_dir);
1431	free(template->pw_shell);
1432	memset(template, 0, sizeof(*template));
1433}
1434
1435
1436static int
1437compat_set_template(struct passwd *src, struct passwd *template)
1438{
1439
1440	compat_clear_template(template);
1441#ifdef PW_OVERRIDE_PASSWD
1442	if ((src->pw_fields & _PWF_PASSWD) &&
1443	    (template->pw_passwd = strdup(src->pw_passwd)) == NULL)
1444		goto enomem;
1445#endif
1446	if (src->pw_fields & _PWF_UID)
1447		template->pw_uid = src->pw_uid;
1448	if (src->pw_fields & _PWF_GID)
1449		template->pw_gid = src->pw_gid;
1450	if ((src->pw_fields & _PWF_GECOS) &&
1451	    (template->pw_gecos = strdup(src->pw_gecos)) == NULL)
1452		goto enomem;
1453	if ((src->pw_fields & _PWF_DIR) &&
1454	    (template->pw_dir = strdup(src->pw_dir)) == NULL)
1455		goto enomem;
1456	if ((src->pw_fields & _PWF_SHELL) &&
1457	    (template->pw_shell = strdup(src->pw_shell)) == NULL)
1458		goto enomem;
1459	template->pw_fields = src->pw_fields;
1460	return (0);
1461enomem:
1462	syslog(LOG_ERR, "getpwent memory allocation failure");
1463	return (-1);
1464}
1465
1466
1467static int
1468compat_use_template(struct passwd *pwd, struct passwd *template, char *buffer,
1469    size_t bufsize)
1470{
1471	struct passwd hold;
1472	char	*copy, *p, *q, *eob;
1473	size_t	 n;
1474
1475	/* We cannot know the layout of the password fields in `buffer',
1476	 * so we have to copy everything.
1477	 */
1478	if (template->pw_fields == 0) /* nothing to fill-in */
1479		return (0);
1480	n = 0;
1481	n += pwd->pw_name != NULL ? strlen(pwd->pw_name) + 1 : 0;
1482	n += pwd->pw_passwd != NULL ? strlen(pwd->pw_passwd) + 1 : 0;
1483	n += pwd->pw_class != NULL ? strlen(pwd->pw_class) + 1 : 0;
1484	n += pwd->pw_gecos != NULL ? strlen(pwd->pw_gecos) + 1 : 0;
1485	n += pwd->pw_dir != NULL ? strlen(pwd->pw_dir) + 1 : 0;
1486	n += pwd->pw_shell != NULL ? strlen(pwd->pw_shell) + 1 : 0;
1487	copy = malloc(n);
1488	if (copy == NULL) {
1489		syslog(LOG_ERR, "getpwent memory allocation failure");
1490		return (ENOMEM);
1491	}
1492	p = copy;
1493	eob = &copy[n];
1494#define COPY(field) do {				\
1495	if (pwd->field == NULL)				\
1496		hold.field = NULL;			\
1497	else {						\
1498		hold.field = p;				\
1499		p += strlcpy(p, pwd->field, eob-p) + 1;	\
1500	}						\
1501} while (0)
1502	COPY(pw_name);
1503	COPY(pw_passwd);
1504	COPY(pw_class);
1505	COPY(pw_gecos);
1506	COPY(pw_dir);
1507	COPY(pw_shell);
1508#undef COPY
1509	p = buffer;
1510	eob = &buffer[bufsize];
1511#define COPY(field, flag) do {						 \
1512	q = (template->pw_fields & flag) ? template->field : hold.field; \
1513	if (q == NULL)							 \
1514		pwd->field = NULL;					 \
1515	else {								 \
1516		pwd->field = p;						 \
1517		if ((n = strlcpy(p, q, eob-p)) >= eob-p) {		 \
1518			free(copy);					 \
1519			return (ERANGE);				 \
1520		}							 \
1521		p += n + 1;						 \
1522	}								 \
1523} while (0)
1524	COPY(pw_name, 0);
1525#ifdef PW_OVERRIDE_PASSWD
1526	COPY(pw_passwd, _PWF_PASSWD);
1527#else
1528	COPY(pw_passwd, 0);
1529#endif
1530	COPY(pw_class, 0);
1531	COPY(pw_gecos, _PWF_GECOS);
1532	COPY(pw_dir, _PWF_DIR);
1533	COPY(pw_shell, _PWF_SHELL);
1534#undef COPY
1535#define COPY(field, flag) do {			\
1536	if (template->pw_fields & flag)		\
1537		pwd->field = template->field;	\
1538} while (0)
1539	COPY(pw_uid, _PWF_UID);
1540	COPY(pw_gid, _PWF_GID);
1541#undef COPY
1542	free(copy);
1543	return (0);
1544}
1545
1546
1547static int
1548compat_exclude(const char *name, DB **db)
1549{
1550	DBT	key, data;
1551
1552	if (*db == NULL &&
1553	    (*db = dbopen(NULL, O_RDWR, 600, DB_HASH, 0)) == NULL)
1554		return (errno);
1555	key.size = strlen(name);
1556	key.data = (char *)name;
1557	data.size = 0;
1558	data.data = NULL;
1559
1560	if ((*db)->put(*db, &key, &data, 0) == -1)
1561		return (errno);
1562	return (0);
1563}
1564
1565
1566static int
1567compat_is_excluded(const char *name, DB *db)
1568{
1569	DBT	key, data;
1570
1571	if (db == NULL)
1572		return (0);
1573	key.size = strlen(name);
1574	key.data = (char *)name;
1575	return (db->get(db, &key, &data, 0) == 0);
1576}
1577
1578
1579static int
1580compat_redispatch(struct compat_state *st, enum nss_lookup_type how,
1581    enum nss_lookup_type lookup_how, const char *name, const char *lookup_name,
1582    uid_t uid, struct passwd *pwd, char *buffer, size_t bufsize, int *errnop)
1583{
1584	static const ns_src compatsrc[] = {
1585#ifdef YP
1586		{ NSSRC_NIS, NS_SUCCESS },
1587#endif
1588		{ NULL, 0 }
1589	};
1590	ns_dtab dtab[] = {
1591#ifdef YP
1592		{ NSSRC_NIS, nis_passwd, NULL },
1593#endif
1594#ifdef HESIOD
1595		{ NSSRC_DNS, dns_passwd, NULL },
1596#endif
1597		{ NULL, NULL, NULL }
1598	};
1599	void		*discard;
1600	int		 e, i, rv;
1601
1602	for (i = 0; i < (int)(nitems(dtab) - 1); i++)
1603		dtab[i].mdata = (void *)lookup_how;
1604more:
1605	__pw_initpwd(pwd);
1606	switch (lookup_how) {
1607	case nss_lt_all:
1608		rv = _nsdispatch(&discard, dtab, NSDB_PASSWD_COMPAT,
1609		    "getpwent_r", compatsrc, pwd, buffer, bufsize,
1610		    errnop);
1611		break;
1612	case nss_lt_id:
1613		rv = _nsdispatch(&discard, dtab, NSDB_PASSWD_COMPAT,
1614		    "getpwuid_r", compatsrc, uid, pwd, buffer,
1615		    bufsize, errnop);
1616		break;
1617	case nss_lt_name:
1618		rv = _nsdispatch(&discard, dtab, NSDB_PASSWD_COMPAT,
1619		    "getpwnam_r", compatsrc, lookup_name, pwd, buffer,
1620		    bufsize, errnop);
1621		break;
1622	default:
1623		return (NS_UNAVAIL);
1624	}
1625	if (rv != NS_SUCCESS)
1626		return (rv);
1627	if (compat_is_excluded(pwd->pw_name, st->exclude)) {
1628		if (how == nss_lt_all)
1629			goto more;
1630		return (NS_NOTFOUND);
1631	}
1632	e = compat_use_template(pwd, &st->template, buffer, bufsize);
1633	if (e != 0) {
1634		*errnop = e;
1635		if (e == ERANGE)
1636			return (NS_RETURN);
1637		else
1638			return (NS_UNAVAIL);
1639	}
1640	switch (how) {
1641	case nss_lt_name:
1642		if (strcmp(name, pwd->pw_name) != 0)
1643			return (NS_NOTFOUND);
1644		break;
1645	case nss_lt_id:
1646		if (uid != pwd->pw_uid)
1647			return (NS_NOTFOUND);
1648		break;
1649	default:
1650		break;
1651	}
1652	return (NS_SUCCESS);
1653}
1654
1655
1656static void
1657compat_endstate(void *p)
1658{
1659	struct compat_state *st;
1660
1661	if (p == NULL)
1662		return;
1663	st = (struct compat_state *)p;
1664	if (st->db != NULL)
1665		st->db->close(st->db);
1666	if (st->exclude != NULL)
1667		st->exclude->close(st->exclude);
1668	compat_clear_template(&st->template);
1669	free(p);
1670}
1671
1672
1673static int
1674compat_setpwent(void *retval, void *mdata, va_list ap)
1675{
1676	static const ns_src compatsrc[] = {
1677#ifdef YP
1678		{ NSSRC_NIS, NS_SUCCESS },
1679#endif
1680		{ NULL, 0 }
1681	};
1682	ns_dtab dtab[] = {
1683#ifdef YP
1684		{ NSSRC_NIS, nis_setpwent, NULL },
1685#endif
1686#ifdef HESIOD
1687		{ NSSRC_DNS, dns_setpwent, NULL },
1688#endif
1689		{ NULL, NULL, NULL }
1690	};
1691	struct compat_state	*st;
1692	int			 rv, stayopen;
1693
1694#define set_setent(x, y) do {	 				\
1695	int i;							\
1696	for (i = 0; i < (int)(nitems(x) - 1); i++)		\
1697		x[i].mdata = (void *)y;				\
1698} while (0)
1699
1700	rv = compat_getstate(&st);
1701	if (rv != 0)
1702		return (NS_UNAVAIL);
1703	switch ((enum constants)(uintptr_t)mdata) {
1704	case SETPWENT:
1705		stayopen = va_arg(ap, int);
1706		st->keynum = 0;
1707		if (stayopen)
1708			st->db = pwdbopen(&st->version);
1709		st->stayopen = stayopen;
1710		set_setent(dtab, mdata);
1711		(void)_nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "setpwent",
1712		    compatsrc, 0);
1713		break;
1714	case ENDPWENT:
1715		if (st->db != NULL) {
1716			(void)st->db->close(st->db);
1717			st->db = NULL;
1718		}
1719		set_setent(dtab, mdata);
1720		(void)_nsdispatch(NULL, dtab, NSDB_PASSWD_COMPAT, "endpwent",
1721		    compatsrc, 0);
1722		break;
1723	default:
1724		break;
1725	}
1726	return (NS_UNAVAIL);
1727#undef set_setent
1728}
1729
1730
1731static int
1732compat_passwd(void *retval, void *mdata, va_list ap)
1733{
1734	char			 keybuf[MAXLOGNAME + 1];
1735	DBT			 key, entry;
1736	pwkeynum		 keynum;
1737	struct compat_state	*st;
1738	enum nss_lookup_type	 how;
1739	const char		*name;
1740	struct passwd		*pwd;
1741	char			*buffer, *pw_name;
1742	char			*host, *user, *domain;
1743	size_t			 bufsize;
1744	uid_t			 uid;
1745	uint32_t		 store;
1746	int			 rv, from_compat, stayopen, *errnop;
1747
1748	from_compat = 0;
1749	name = NULL;
1750	uid = (uid_t)-1;
1751	how = (enum nss_lookup_type)(uintptr_t)mdata;
1752	switch (how) {
1753	case nss_lt_name:
1754		name = va_arg(ap, const char *);
1755		break;
1756	case nss_lt_id:
1757		uid = va_arg(ap, uid_t);
1758		break;
1759	case nss_lt_all:
1760		break;
1761	default:
1762		rv = NS_NOTFOUND;
1763		goto fin;
1764	}
1765	pwd = va_arg(ap, struct passwd *);
1766	buffer = va_arg(ap, char *);
1767	bufsize = va_arg(ap, size_t);
1768	errnop = va_arg(ap, int *);
1769	*errnop = compat_getstate(&st);
1770	if (*errnop != 0)
1771		return (NS_UNAVAIL);
1772	if (how == nss_lt_all && st->keynum < 0) {
1773		rv = NS_NOTFOUND;
1774		goto fin;
1775	}
1776	if (st->db == NULL &&
1777	    (st->db = pwdbopen(&st->version)) == NULL) {
1778		*errnop = errno;
1779		rv = NS_UNAVAIL;
1780		goto fin;
1781	}
1782	if (how == nss_lt_all) {
1783		if (st->keynum < 0) {
1784			rv = NS_NOTFOUND;
1785			goto fin;
1786		}
1787		keynum = st->keynum;
1788		stayopen = 1;
1789	} else {
1790		keynum = 0;
1791		stayopen = st->stayopen;
1792	}
1793docompat:
1794	rv = NS_NOTFOUND;
1795	switch (st->compat) {
1796	case COMPAT_MODE_ALL:
1797		rv = compat_redispatch(st, how, how, name, name, uid, pwd,
1798		    buffer, bufsize, errnop);
1799		if (rv != NS_SUCCESS)
1800			st->compat = COMPAT_MODE_OFF;
1801		break;
1802	case COMPAT_MODE_NETGROUP:
1803		/* XXX getnetgrent is not thread-safe. */
1804		do {
1805			rv = getnetgrent(&host, &user, &domain);
1806			if (rv == 0) {
1807				endnetgrent();
1808				st->compat = COMPAT_MODE_OFF;
1809				rv = NS_NOTFOUND;
1810				continue;
1811			} else if (user == NULL || user[0] == '\0')
1812				continue;
1813			rv = compat_redispatch(st, how, nss_lt_name, name,
1814			    user, uid, pwd, buffer, bufsize, errnop);
1815		} while (st->compat == COMPAT_MODE_NETGROUP &&
1816		    !(rv & NS_TERMINATE));
1817		break;
1818	case COMPAT_MODE_NAME:
1819		rv = compat_redispatch(st, how, nss_lt_name, name, st->name,
1820		    uid, pwd, buffer, bufsize, errnop);
1821		free(st->name);
1822		st->name = NULL;
1823		st->compat = COMPAT_MODE_OFF;
1824		break;
1825	default:
1826		break;
1827	}
1828	if (rv & NS_TERMINATE) {
1829		from_compat = 1;
1830		goto fin;
1831	}
1832	key.data = keybuf;
1833	rv = NS_NOTFOUND;
1834	while (keynum >= 0) {
1835		keynum++;
1836		if (st->version < _PWD_CURRENT_VERSION) {
1837			memcpy(&keybuf[1], &keynum, sizeof(keynum));
1838			key.size = sizeof(keynum) + 1;
1839		} else {
1840			store = htonl(keynum);
1841			memcpy(&keybuf[1], &store, sizeof(store));
1842			key.size = sizeof(store) + 1;
1843		}
1844		keybuf[0] = _PW_VERSIONED(_PW_KEYBYNUM, st->version);
1845		rv = st->db->get(st->db, &key, &entry, 0);
1846		if (rv < 0 || rv > 1) { /* should never return > 1 */
1847			*errnop = errno;
1848			rv = NS_UNAVAIL;
1849			goto fin;
1850		} else if (rv == 1) {
1851			keynum = -1;
1852			rv = NS_NOTFOUND;
1853			goto fin;
1854		}
1855		pw_name = (char *)entry.data;
1856		switch (pw_name[0]) {
1857		case '+':
1858			switch (pw_name[1]) {
1859			case '\0':
1860				st->compat = COMPAT_MODE_ALL;
1861				break;
1862			case '@':
1863				setnetgrent(&pw_name[2]);
1864				st->compat = COMPAT_MODE_NETGROUP;
1865				break;
1866			default:
1867				st->name = strdup(&pw_name[1]);
1868				if (st->name == NULL) {
1869					syslog(LOG_ERR,
1870					 "getpwent memory allocation failure");
1871					*errnop = ENOMEM;
1872					rv = NS_UNAVAIL;
1873					break;
1874				}
1875				st->compat = COMPAT_MODE_NAME;
1876			}
1877			if (entry.size > bufsize) {
1878				*errnop = ERANGE;
1879				rv = NS_RETURN;
1880				goto fin;
1881			}
1882			memcpy(buffer, entry.data, entry.size);
1883			rv = pwdb_versions[st->version].parse(buffer,
1884			    entry.size, pwd, errnop);
1885			if (rv != NS_SUCCESS)
1886				;
1887			else if (compat_set_template(pwd, &st->template) < 0) {
1888				*errnop = ENOMEM;
1889				rv = NS_UNAVAIL;
1890				goto fin;
1891			}
1892			goto docompat;
1893		case '-':
1894			switch (pw_name[1]) {
1895			case '\0':
1896				/* XXX Maybe syslog warning */
1897				continue;
1898			case '@':
1899				setnetgrent(&pw_name[2]);
1900				while (getnetgrent(&host, &user, &domain) !=
1901				    0) {
1902					if (user != NULL && user[0] != '\0')
1903						compat_exclude(user,
1904						    &st->exclude);
1905				}
1906				endnetgrent();
1907				continue;
1908			default:
1909				compat_exclude(&pw_name[1], &st->exclude);
1910				continue;
1911			}
1912			break;
1913		default:
1914			break;
1915		}
1916		if (compat_is_excluded((char *)entry.data, st->exclude))
1917			continue;
1918		rv = pwdb_versions[st->version].match(entry.data, entry.size,
1919		    how, name, uid);
1920		if (rv == NS_RETURN)
1921			break;
1922		else if (rv != NS_SUCCESS)
1923			continue;
1924		if (entry.size > bufsize) {
1925			*errnop = ERANGE;
1926			rv = NS_RETURN;
1927			break;
1928		}
1929		memcpy(buffer, entry.data, entry.size);
1930		rv = pwdb_versions[st->version].parse(buffer, entry.size, pwd,
1931		    errnop);
1932		if (rv & NS_TERMINATE)
1933			break;
1934	}
1935fin:
1936	if (how == nss_lt_all)
1937		st->keynum = keynum;
1938	if (st->db != NULL && !stayopen) {
1939		(void)st->db->close(st->db);
1940		st->db = NULL;
1941	}
1942	if (rv == NS_SUCCESS) {
1943		if (!from_compat) {
1944			pwd->pw_fields &= ~_PWF_SOURCE;
1945			pwd->pw_fields |= _PWF_FILES;
1946		}
1947		if (retval != NULL)
1948			*(struct passwd **)retval = pwd;
1949	}
1950	return (rv);
1951}
1952
1953
1954/*
1955 * common passwd line matching and parsing
1956 */
1957int
1958__pw_match_entry(const char *entry, size_t entrysize, enum nss_lookup_type how,
1959    const char *name, uid_t uid)
1960{
1961	const char	*p, *eom;
1962	char		*q;
1963	size_t		 len;
1964	unsigned long	 m;
1965
1966	eom = entry + entrysize;
1967	for (p = entry; p < eom; p++)
1968		if (*p == ':')
1969			break;
1970	if (*p != ':')
1971		return (NS_NOTFOUND);
1972	if (how == nss_lt_all)
1973		return (NS_SUCCESS);
1974	if (how == nss_lt_name) {
1975		len = strlen(name);
1976		if (len == (p - entry) && memcmp(name, entry, len) == 0)
1977			return (NS_SUCCESS);
1978		else
1979			return (NS_NOTFOUND);
1980	}
1981	for (p++; p < eom; p++)
1982		if (*p == ':')
1983			break;
1984	if (*p != ':')
1985		return (NS_NOTFOUND);
1986	m = strtoul(++p, &q, 10);
1987	if (q[0] != ':' || (uid_t)m != uid)
1988		return (NS_NOTFOUND);
1989	else
1990		return (NS_SUCCESS);
1991}
1992
1993
1994/* XXX buffer must be NUL-terminated.  errnop is not set correctly. */
1995int
1996__pw_parse_entry(char *buffer, size_t bufsize __unused, struct passwd *pwd,
1997    int master, int *errnop __unused)
1998{
1999
2000	if (__pw_scan(buffer, pwd, master ? _PWSCAN_MASTER : 0) == 0)
2001		return (NS_NOTFOUND);
2002	else
2003		return (NS_SUCCESS);
2004}
2005