return status;
}
+enum nss_status
+check_nonlocal_group(const char *user, struct group *grp, int *errnop)
+{
+ enum nss_status status = NSS_STATUS_SUCCESS;
+ int old_errno = errno;
+ char *end;
+ unsigned long gid;
+
+ errno = 0;
+ gid = strtoul(grp->gr_name, &end, 10);
+ if (errno == 0 && *end == '\0' && (gid_t)gid == gid)
+ status = check_nonlocal_gid(user, gid, errnop);
+ errno = old_errno;
+ if (status != NSS_STATUS_SUCCESS)
+ return status;
+
+ return check_nonlocal_gid(user, grp->gr_gid, errnop);
+}
+
enum nss_status
get_local_group(const char *name, struct group *grp, char **buffer, int *errnop)
{
do
status = DL_CALL_FCT(grent_fct.l, (grp, buffer, buflen, errnop));
while (status == NSS_STATUS_SUCCESS &&
- check_nonlocal_gid("(unknown)", grp->gr_gid, &nonlocal_errno) != NSS_STATUS_SUCCESS);
+ check_nonlocal_group("(unknown)", grp, &nonlocal_errno) != NSS_STATUS_SUCCESS);
}
if (status == NSS_STATUS_TRYAGAIN && *errnop == ERANGE)
return status;
if (status != NSS_STATUS_SUCCESS)
return status;
- return check_nonlocal_gid(name, grp->gr_gid, errnop);
+ if (strcmp(name, grp->gr_name) != 0) {
+ syslog(LOG_ERR, "nss_nonlocal: discarding group %s from lookup for group %s\n", grp->gr_name, name);
+ return NSS_STATUS_NOTFOUND;
+ }
+
+ return check_nonlocal_group(name, grp, errnop);
}
enum nss_status
if (status != NSS_STATUS_SUCCESS)
return status;
- return check_nonlocal_gid(grp->gr_name, grp->gr_gid, errnop);
+ if (gid != grp->gr_gid) {
+ syslog(LOG_ERR, "nss_nonlocal: discarding gid %d from lookup for gid %d\n", grp->gr_gid, gid);
+ return NSS_STATUS_NOTFOUND;
+ }
+
+ return check_nonlocal_group(grp->gr_name, grp, errnop);
}
enum nss_status