1/* 2 * $Id: uam.c,v 1.11 2009-10-15 11:39:48 didg Exp $ 3 * 4 * Copyright (c) 1999 Adrian Sun (asun@zoology.washington.edu) 5 * All Rights Reserved. See COPYRIGHT. 6 */ 7 8#ifdef HAVE_CONFIG_H 9#include "config.h" 10#endif /* HAVE_CONFIG_H */ 11 12#include <stdio.h> 13#include <stdlib.h> 14#include <string.h> 15 16/* STDC check */ 17#if STDC_HEADERS 18#include <string.h> 19#else /* STDC_HEADERS */ 20#ifndef HAVE_STRCHR 21#define strchr index 22#define strrchr index 23#endif /* HAVE_STRCHR */ 24char *strchr (), *strrchr (); 25#ifndef HAVE_MEMCPY 26#define memcpy(d,s,n) bcopy ((s), (d), (n)) 27#define memmove(d,s,n) bcopy ((s), (d), (n)) 28#endif /* ! HAVE_MEMCPY */ 29#endif /* STDC_HEADERS */ 30 31#ifdef HAVE_UNISTD_H 32#include <unistd.h> 33#endif /* HAVE_UNISTD_H */ 34#include <fcntl.h> 35#include <ctype.h> 36#include <atalk/logger.h> 37#include <sys/param.h> 38#include <sys/time.h> 39 40#include <netatalk/endian.h> 41#include <atalk/asp.h> 42#include <atalk/dsi.h> 43#include <atalk/afp.h> 44#include <atalk/util.h> 45 46#include "uam_auth.h" 47 48/* --- server uam functions -- */ 49 50/* uam_load. uams must have a uam_setup function. */ 51struct uam_mod *uam_load(const char *path, const char *name) 52{ 53 char buf[MAXPATHLEN + 1], *p; 54 struct uam_mod *mod; 55 void *module; 56 57 if ((module = mod_open(path)) == NULL) { 58 LOG(log_error, logtype_papd, "uam_load(%s): failed to load: %s", name, mod_error()); 59 return NULL; 60 } 61 62 if ((mod = (struct uam_mod *) malloc(sizeof(struct uam_mod))) == NULL) { 63 LOG(log_error, logtype_papd, "uam_load(%s): malloc failed", name); 64 goto uam_load_fail; 65 } 66 67 strlcpy(buf, name, sizeof(buf)); 68 if ((p = strchr(buf, '.'))) 69 *p = '\0'; 70 if ((mod->uam_fcn = mod_symbol(module, buf)) == NULL) { 71 goto uam_load_err; 72 } 73 74 if (mod->uam_fcn->uam_type != UAM_MODULE_SERVER) { 75 LOG(log_error, logtype_papd, "uam_load(%s): attempted to load a non-server module", 76 name); 77 goto uam_load_err; 78 } 79 80 /* version check would go here */ 81 82 if (!mod->uam_fcn->uam_setup || 83 ((*mod->uam_fcn->uam_setup)(name) < 0)) { 84 LOG(log_error, logtype_papd, "uam_load(%s): uam_setup failed", name); 85 goto uam_load_err; 86 } 87 88 mod->uam_module = module; 89 return mod; 90 91uam_load_err: 92 free(mod); 93uam_load_fail: 94 mod_close(module); 95 return NULL; 96} 97 98/* unload the module. we check for a cleanup function, but we don't 99 * die if one doesn't exist. however, things are likely to leak without one. 100 */ 101void uam_unload(struct uam_mod *mod) 102{ 103 if (mod->uam_fcn->uam_cleanup) 104 (*mod->uam_fcn->uam_cleanup)(); 105 mod_close(mod->uam_module); 106 free(mod); 107} 108 109/* -- client-side uam functions -- */ 110 111/* set up stuff for this uam. */ 112int uam_register(const int type, const char *path, const char *name, ...) 113{ 114 va_list ap; 115 struct uam_obj *uam; 116 int ret; 117 118 if (!name) 119 return -1; 120 121 /* see if it already exists. */ 122 if ((uam = auth_uamfind(type, name, strlen(name)))) { 123 if (strcmp(uam->uam_path, path)) { 124 /* it exists, but it's not the same module. */ 125 LOG(log_error, logtype_papd, "uam_register: \"%s\" already loaded by %s", 126 name, path); 127 return -1; 128 } 129 uam->uam_count++; 130 return 0; 131 } 132 133 /* allocate space for uam */ 134 if ((uam = calloc(1, sizeof(struct uam_obj))) == NULL) 135 return -1; 136 137 uam->uam_name = name; 138 uam->uam_path = strdup(path); 139 uam->uam_count++; 140 141 va_start(ap, name); 142 switch (type) { 143 case UAM_SERVER_LOGIN: /* expect three arguments */ 144 uam->u.uam_login.login = va_arg(ap, void *); 145 uam->u.uam_login.logincont = va_arg(ap, void *); 146 uam->u.uam_login.logout = va_arg(ap, void *); 147 break; 148 case UAM_SERVER_CHANGEPW: /* one argument */ 149 uam->u.uam_changepw = va_arg(ap, void *); 150 break; 151 case UAM_SERVER_PRINTAUTH: /* x arguments */ 152 uam->u.uam_printer = va_arg(ap, void *); 153 break; 154 default: 155 break; 156 } 157 va_end(ap); 158 159 /* attach to other uams */ 160 ret = auth_register(type, uam); 161 if (ret) { 162 free(uam->uam_path); 163 free(uam); 164 } 165 166 return ret; 167} 168 169void uam_unregister(const int type, const char *name) 170{ 171 struct uam_obj *uam; 172 173 if (!name) 174 return; 175 176 uam = auth_uamfind(type, name, strlen(name)); 177 if (!uam || --uam->uam_count > 0) 178 return; 179 180 auth_unregister(uam); 181 free(uam->uam_path); 182 free(uam); 183} 184 185/* Crap to support uams which call this afpd function */ 186int uam_afpserver_option(void *private _U_, const int what _U_, void *option _U_, 187 size_t *len _U_) 188{ 189 return(0); 190} 191 192/* --- helper functions for plugin uams --- */ 193 194struct passwd *uam_getname(void *dummy _U_, char *name, const int len) 195{ 196 struct passwd *pwent; 197 char *user; 198 int i; 199 200 if ((pwent = getpwnam(name))) 201 return pwent; 202 203#ifndef NO_REAL_USER_NAME 204 for (i = 0; i < len; i++) 205 name[i] = tolower(name[i]); 206 207 setpwent(); 208 while ((pwent = getpwent())) { 209 if ((user = strchr(pwent->pw_gecos, ','))) *user = '\0'; 210 user = pwent->pw_gecos; 211 212 /* check against both the gecos and the name fields. the user 213 * might have just used a different capitalization. */ 214 if ((strncasecmp(user, name, len) == 0) || 215 (strncasecmp(pwent->pw_name, name, len) == 0)) { 216 strncpy(name, pwent->pw_name, len); 217 break; 218 } 219 } 220 endpwent(); 221#endif /* NO_REAL_USER_NAME */ 222 223 /* os x server doesn't keep anything useful if we do getpwent */ 224 return pwent ? getpwnam(name) : NULL; 225} 226 227 228int uam_checkuser(const struct passwd *pwd) 229{ 230 char *p; 231 232 if (!pwd || !pwd->pw_shell || (*pwd->pw_shell == '\0')) 233 return -1; 234 235 while ((p = getusershell())) { 236 if ( strcmp( p, pwd->pw_shell ) == 0 ) 237 break; 238 } 239 endusershell(); 240 241#ifndef DISABLE_SHELLCHECK 242 if (!p) { 243 LOG(log_info, logtype_papd, "illegal shell %s for %s",pwd->pw_shell,pwd->pw_name); 244 return -1; 245 } 246#endif /* DISABLE_SHELLCHECK */ 247 248 return 0; 249} 250 251 252