X-Git-Url: http://andersk.mit.edu/gitweb/nss_nonlocal.git/blobdiff_plain/30fb395784b5c721de8a3c208ad16093fb2f00c2..26777523e553cef6e0c8a39cc121dd028655b1e8:/nonlocal-passwd.c diff --git a/nonlocal-passwd.c b/nonlocal-passwd.c index 2810e16..0d71fe3 100644 --- a/nonlocal-passwd.c +++ b/nonlocal-passwd.c @@ -43,7 +43,13 @@ #include "nsswitch-internal.h" #include "nonlocal.h" -#define MAGIC_LOCAL_PW_BUFLEN (sysconf(_SC_GETPW_R_SIZE_MAX) + 7) + +enum nss_status +_nss_nonlocal_getpwuid_r(uid_t uid, struct passwd *pwd, + char *buffer, size_t buflen, int *errnop); +enum nss_status +_nss_nonlocal_getpwnam_r(const char *name, struct passwd *pwd, + char *buffer, size_t buflen, int *errnop); static service_user * @@ -72,7 +78,8 @@ check_nonlocal_uid(const char *user, uid_t uid, int *errnop) } fct; struct passwd pwbuf; int old_errno = errno; - int buflen = MAGIC_LOCAL_PW_BUFLEN; + + size_t buflen = sysconf(_SC_GETPW_R_SIZE_MAX); char *buf = malloc(buflen); if (buf == NULL) { *errnop = ENOMEM; @@ -88,9 +95,22 @@ check_nonlocal_uid(const char *user, uid_t uid, int *errnop) nip = startp; fct.ptr = fct_start; do { - status = DL_CALL_FCT(fct.l, (uid, &pwbuf, buf, buflen, errnop)); - if (status == NSS_STATUS_TRYAGAIN && *errnop == ERANGE) - break; + morebuf: + if (fct.l == _nss_nonlocal_getpwuid_r) + status = NSS_STATUS_NOTFOUND; + else + status = DL_CALL_FCT(fct.l, (uid, &pwbuf, buf, buflen, errnop)); + if (status == NSS_STATUS_TRYAGAIN && *errnop == ERANGE) { + free(buf); + buflen *= 2; + buf = malloc(buflen); + if (buf == NULL) { + *errnop = ENOMEM; + errno = old_errno; + return NSS_STATUS_TRYAGAIN; + } + goto morebuf; + } } while (__nss_next(&nip, fct_name, &fct.ptr, status, 0) == 0); if (status == NSS_STATUS_SUCCESS) { @@ -104,6 +124,25 @@ check_nonlocal_uid(const char *user, uid_t uid, int *errnop) return status; } +enum nss_status +check_nonlocal_passwd(const char *user, struct passwd *pwd, int *errnop) +{ + enum nss_status status = NSS_STATUS_SUCCESS; + int old_errno = errno; + char *end; + unsigned long uid; + + errno = 0; + uid = strtoul(pwd->pw_name, &end, 10); + if (errno == 0 && *end == '\0' && (uid_t)uid == uid) + status = check_nonlocal_uid(user, uid, errnop); + errno = old_errno; + if (status != NSS_STATUS_SUCCESS) + return status; + + return check_nonlocal_uid(user, pwd->pw_uid, errnop); +} + enum nss_status check_nonlocal_user(const char *user, int *errnop) { @@ -119,7 +158,8 @@ check_nonlocal_user(const char *user, int *errnop) } fct; struct passwd pwbuf; int old_errno = errno; - int buflen = MAGIC_LOCAL_PW_BUFLEN; + + size_t buflen = sysconf(_SC_GETPW_R_SIZE_MAX); char *buf = malloc(buflen); if (buf == NULL) { *errnop = ENOMEM; @@ -135,9 +175,22 @@ check_nonlocal_user(const char *user, int *errnop) nip = startp; fct.ptr = fct_start; do { - status = DL_CALL_FCT(fct.l, (user, &pwbuf, buf, buflen, errnop)); - if (status == NSS_STATUS_TRYAGAIN && *errnop == ERANGE) - break; + morebuf: + if (fct.l == _nss_nonlocal_getpwnam_r) + status = NSS_STATUS_NOTFOUND; + else + status = DL_CALL_FCT(fct.l, (user, &pwbuf, buf, buflen, errnop)); + if (status == NSS_STATUS_TRYAGAIN && *errnop == ERANGE) { + free(buf); + buflen *= 2; + buf = malloc(buflen); + if (buf == NULL) { + *errnop = ENOMEM; + errno = old_errno; + return NSS_STATUS_TRYAGAIN; + } + goto morebuf; + } } while (__nss_next(&nip, fct_name, &fct.ptr, status, 0) == 0); if (status == NSS_STATUS_SUCCESS) @@ -229,8 +282,7 @@ _nss_nonlocal_getpwent_r(struct passwd *pwd, char *buffer, size_t buflen, enum nss_status status; char *nonlocal_ignore = getenv(NONLOCAL_IGNORE_ENV); - if (buflen == MAGIC_LOCAL_PW_BUFLEN || - (nonlocal_ignore != NULL && nonlocal_ignore[0] != '\0')) + if (nonlocal_ignore != NULL && nonlocal_ignore[0] != '\0') return NSS_STATUS_UNAVAIL; if (pwent_nip == NULL) { @@ -246,7 +298,7 @@ _nss_nonlocal_getpwent_r(struct passwd *pwd, char *buffer, size_t buflen, do status = DL_CALL_FCT(pwent_fct.l, (pwd, buffer, buflen, errnop)); while (status == NSS_STATUS_SUCCESS && - check_nonlocal_uid(pwd->pw_name, pwd->pw_uid, &nonlocal_errno) != NSS_STATUS_SUCCESS); + check_nonlocal_passwd(pwd->pw_name, pwd, &nonlocal_errno) != NSS_STATUS_SUCCESS); } if (status == NSS_STATUS_TRYAGAIN && *errnop == ERANGE) return status; @@ -276,8 +328,7 @@ _nss_nonlocal_getpwnam_r(const char *name, struct passwd *pwd, int group_errno; char *nonlocal_ignore = getenv(NONLOCAL_IGNORE_ENV); - if (buflen == MAGIC_LOCAL_PW_BUFLEN || - (nonlocal_ignore != NULL && nonlocal_ignore[0] != '\0')) + if (nonlocal_ignore != NULL && nonlocal_ignore[0] != '\0') return NSS_STATUS_UNAVAIL; nip = nss_passwd_nonlocal_database(); @@ -297,7 +348,12 @@ _nss_nonlocal_getpwnam_r(const char *name, struct passwd *pwd, if (status != NSS_STATUS_SUCCESS) return status; - status = check_nonlocal_uid(name, pwd->pw_uid, errnop); + if (strcmp(name, pwd->pw_name) != 0) { + syslog(LOG_ERR, "nss_nonlocal: discarding user %s from lookup for user %s\n", pwd->pw_name, name); + return NSS_STATUS_NOTFOUND; + } + + status = check_nonlocal_passwd(name, pwd, errnop); if (status != NSS_STATUS_SUCCESS) return status; @@ -323,8 +379,7 @@ _nss_nonlocal_getpwuid_r(uid_t uid, struct passwd *pwd, int group_errno; char *nonlocal_ignore = getenv(NONLOCAL_IGNORE_ENV); - if (buflen == MAGIC_LOCAL_PW_BUFLEN || - (nonlocal_ignore != NULL && nonlocal_ignore[0] != '\0')) + if (nonlocal_ignore != NULL && nonlocal_ignore[0] != '\0') return NSS_STATUS_UNAVAIL; nip = nss_passwd_nonlocal_database(); @@ -344,7 +399,7 @@ _nss_nonlocal_getpwuid_r(uid_t uid, struct passwd *pwd, if (status != NSS_STATUS_SUCCESS) return status; - status = check_nonlocal_uid(pwd->pw_name, pwd->pw_uid, errnop); + status = check_nonlocal_passwd(pwd->pw_name, pwd, errnop); if (status != NSS_STATUS_SUCCESS) return status;