aboutsummaryrefslogtreecommitdiff
path: root/nis
diff options
context:
space:
mode:
Diffstat (limited to 'nis')
-rw-r--r--nis/Makefile51
-rw-r--r--nis/TODO10
-rw-r--r--nis/nis_call.c86
-rw-r--r--nis/nis_intern.h5
-rw-r--r--nis/nis_names.c2
-rw-r--r--nis/nis_server.c16
-rw-r--r--nis/nss_compat/compat-grp.c255
-rw-r--r--nis/nss_compat/compat-pwd.c406
-rw-r--r--nis/nss_compat/compat-spwd.c408
-rw-r--r--nis/nss_nis/nis-grp.c8
-rw-r--r--nis/nss_nis/nis-publickey.c16
-rw-r--r--nis/nss_nisplus/nisplus-alias.c6
-rw-r--r--nis/nss_nisplus/nisplus-ethers.c8
-rw-r--r--nis/nss_nisplus/nisplus-grp.c107
-rw-r--r--nis/nss_nisplus/nisplus-hosts.c10
-rw-r--r--nis/nss_nisplus/nisplus-netgrp.c151
-rw-r--r--nis/nss_nisplus/nisplus-network.c11
-rw-r--r--nis/nss_nisplus/nisplus-proto.c10
-rw-r--r--nis/nss_nisplus/nisplus-publickey.c16
-rw-r--r--nis/nss_nisplus/nisplus-pwd.c8
-rw-r--r--nis/nss_nisplus/nisplus-rpc.c10
-rw-r--r--nis/nss_nisplus/nisplus-service.c12
-rw-r--r--nis/nss_nisplus/nisplus-spwd.c8
-rw-r--r--nis/ypclnt.c7
24 files changed, 1166 insertions, 461 deletions
diff --git a/nis/Makefile b/nis/Makefile
index 31fda25a45..fe4dd94ebb 100644
--- a/nis/Makefile
+++ b/nis/Makefile
@@ -27,7 +27,7 @@ distribute := nss-nis.h nss-nisplus.h
# These are the databases available for the nis (and perhaps later nisplus)
# service. This must be a superset of the services in nss.
databases = proto service hosts network grp pwd rpc ethers \
- spwd netgrp alias
+ spwd netgrp alias publickey
# Specify rules for the nss_* modules.
services := nis compat nisplus
@@ -55,57 +55,12 @@ libnss_nis-inhibit-o = $(filter-out .so,$(object-suffixes))
libnss_nisplus-routines := $(addprefix nisplus-,$(databases))
libnss_nisplus-inhibit-o = $(filter-out .so,$(object-suffixes))
-# Sun's header files are not too clean.
-CFLAGS-compat-pwd.c = -Wno-strict-prototypes
-CFLAGS-compat-spwd.c = -Wno-strict-prototypes
-CFLAGS-compat-grp.c = -Wno-strict-prototypes
-CFLAGS-nis-alias.c = -Wno-strict-prototypes
-CFLAGS-nis-ethers.c = -Wno-strict-prototypes
-CFLAGS-nis-grp.c = -Wno-strict-prototypes
-CFLAGS-nis-hosts.c = -Wno-strict-prototypes
-CFLAGS-nis-netgrp.c = -Wno-strict-prototypes
-CFLAGS-nis-network.c = -Wno-strict-prototypes
-CFLAGS-nis-proto.c = -Wno-strict-prototypes
-CFLAGS-nis-publickey.c = -Wno-strict-prototypes
-CFLAGS-nis-pwd.c = -Wno-strict-prototypes
-CFLAGS-nis-rpc.c = -Wno-strict-prototypes
-CFLAGS-nis-service.c = -Wno-strict-prototypes
-CFLAGS-nis-spwd.c = -Wno-strict-prototypes
-CFLAGS-ypclnt.c = -Wno-strict-prototypes -Wno-write-strings -Irpcsvc
-CFLAGS-yp_xdr.c = -Wno-strict-prototypes -Irpcsvc
-CFLAGS-ypupdate_xdr.c = -Wno-strict-prototypes -Irpcsvc
-# For the NIS+ Code
-CFLAGS-nis_call.c = -DNO_DES_RPC -Wno-strict-prototypes
-CFLAGS-nis_subr.c = -Wno-strict-prototypes
-CFLAGS-nis_local_names.c = -Wno-strict-prototypes
-CFLAGS-nis_free.c = -Wno-strict-prototypes
-CFLAGS-nis_file.c = -Wno-strict-prototypes
-CFLAGS-nis_print.c = -Wno-strict-prototypes
-CFLAGS-nis_error.c = -Wno-strict-prototypes
-CFLAGS-nis_names.c = -Wno-strict-prototypes
-CFLAGS-nis_clone.c = -Wno-strict-prototypes
-CFLAGS-nis_table.c = -Wno-strict-prototypes
-CFLAGS-nis_server.c = -Wno-strict-prototypes
-CFLAGS-nis_xdr.c = -Wno-strict-prototypes
-CFLAGS-nis_intern.c = -Wno-strict-prototypes
-CFLAGS-nisplus-alias.c = -Wno-strict-prototypes
-CFLAGS-nisplus-ethers.c = -Wno-strict-prototypes
-CFLAGS-nisplus-grp.c = -Wno-strict-prototypes
-CFLAGS-nisplus-hosts.c = -Wno-strict-prototypes
-CFLAGS-nisplus-netgrp.c = -Wno-strict-prototypes
-CFLAGS-nisplus-network.c = -Wno-strict-prototypes
-CFLAGS-nisplus-proto.c = -Wno-strict-prototypes
-CFLAGS-nisplus-publickey.c = -Wno-strict-prototypes
-CFLAGS-nisplus-pwd.c = -Wno-strict-prototypes
-CFLAGS-nisplus-rpc.c = -Wno-strict-prototypes
-CFLAGS-nisplus-service.c = -Wno-strict-prototypes
-CFLAGS-nisplus-spwd.c = -Wno-strict-prototypes
-
include ../Rules
$(objpfx)libnss_compat.so: $(objpfx)libnsl.so$(libnsl.so-version) \
- $(common-objpfx)nss/libnss_files.so
+ $(common-objpfx)nss/libnss_files.so \
+ $(common-objpfx)nis/libnss_nisplus.so
$(objpfx)libnss_nis.so: $(objpfx)libnsl.so$(libnsl.so-version) \
$(common-objpfx)nss/libnss_files.so
$(objpfx)libnss_nisplus.so: $(objpfx)libnsl.so$(libnsl.so-version)
diff --git a/nis/TODO b/nis/TODO
index 9b675dfbc6..628e646d15 100644
--- a/nis/TODO
+++ b/nis/TODO
@@ -1,8 +1,9 @@
* nss_nisplus: When using parser form nss_files, rewrite parser
-
- * compat could use data from nisplus, too. Implement this
+ * nss_nisplus: Search the data in the complete NIS+ namespace
+ specified by NIS_PATH
+
* nis_server: implement nis_getservlist, nis_stats, nis_servstate
* nis_groups: implement it
@@ -22,10 +23,10 @@
* Possible flags:
- FOLLOW_LINKS (nis_list, nis_lookup)
- FOLLOW_PATH (nis_list, not supported)
- - HARD_LOOKUP (__do_niscall, not supported)
+ - HARD_LOOKUP (__do_niscall)
- ALL_RESULTS (nis_list, not supported, needs server callback)
- NO_CACHE (__do_niscall, cache not supported yet)
- - MASTER_ONLY (__do_niscall, not supported)
+ - MASTER_ONLY (__do_niscall)
- EXPAND_NAME (nis_lookup, nis_list)
- RETURN_RESULT (nis_table.c)
- ADD_OVERWRITE (nis_table.c)
@@ -37,4 +38,3 @@
- USE_DGRAM (__do_niscall)
- NO_AUTHINFO (__do_niscall)
-
diff --git a/nis/nis_call.c b/nis/nis_call.c
index bf64558adc..78e8767318 100644
--- a/nis/nis_call.c
+++ b/nis/nis_call.c
@@ -60,13 +60,11 @@ __nis_dobind (const nis_server *server, u_long flags)
int clnt_sock;
size_t i;
CLIENT *client = NULL;
- /* XXX What is this variable for? */
- void *out = NULL;
+ memset (&clnt_saddr, '\0', sizeof clnt_saddr);
+ clnt_saddr.sin_family = AF_INET;
for (i = 0; i < server->ep.ep_len; i++)
{
- memset (&clnt_saddr, '\0', sizeof clnt_saddr);
- clnt_saddr.sin_family = AF_INET;
if (strcmp (server->ep.ep_val[i].family,"loopback") == 0)
{
if (server->ep.ep_val[i].uaddr[i] == '-')
@@ -79,14 +77,14 @@ __nis_dobind (const nis_server *server, u_long flags)
else
continue;
}
- else
- if (strcmp (server->ep.ep_val[i].proto,"tcp") == 0)
- {
- if ((flags & USE_DGRAM) == USE_DGRAM)
- continue;
- else
- clnt_saddr.sin_addr.s_addr = htonl (INADDR_LOOPBACK);
- }
+ else
+ if (strcmp (server->ep.ep_val[i].proto,"tcp") == 0)
+ {
+ if ((flags & USE_DGRAM) == USE_DGRAM)
+ continue;
+ else
+ clnt_saddr.sin_addr.s_addr = htonl (INADDR_LOOPBACK);
+ }
}
else
if (strcmp (server->ep.ep_val[i].family,"inet") == 0)
@@ -115,7 +113,7 @@ __nis_dobind (const nis_server *server, u_long flags)
}
else
continue;
-
+
clnt_sock = RPC_ANYSOCK;
if ((flags & USE_DGRAM) == USE_DGRAM)
client = clntudp_create (&clnt_saddr, NIS_PROG, NIS_VERSION,
@@ -123,42 +121,41 @@ __nis_dobind (const nis_server *server, u_long flags)
else
client = clnttcp_create (&clnt_saddr, NIS_PROG, NIS_VERSION,
&clnt_sock, 0, 0);
-
+
if (client == NULL)
continue;
-#if 1
if (clnt_call (client, 0, (xdrproc_t) xdr_void, NULL,
- (xdrproc_t) xdr_void, out, TIMEOUT) != RPC_SUCCESS)
+ (xdrproc_t) xdr_void, NULL, TIMEOUT) != RPC_SUCCESS)
{
clnt_destroy (client);
continue;
}
-#endif
+
if ((flags & NO_AUTHINFO) != NO_AUTHINFO)
- {
-#if !defined(NO_DES_RPC)
- if (server->key_type == NIS_PK_DH)
- {
- char netname[MAXNETNAMELEN+1];
- char *p;
-
- strcpy (netname, "unix.");
- strncat (netname, server->name,MAXNETNAMELEN-5);
- netname[MAXNETNAMELEN-5] = '\0';
- p = strchr (netname, '.');
- *p = '@';
- client->cl_auth =
- authdes_pk_create (netname, &server->pkey, 300, NULL, NULL);
- if (!client->cl_auth)
- client->cl_auth = authunix_create_default ();
- }
- else
+ {
+#if defined(HAVE_SECURE_RPC)
+ if (server->key_type == NIS_PK_DH)
+ {
+ char netname[MAXNETNAMELEN+1];
+ char *p;
+
+ p = stpcpy (netname, "unix.");
+ strncpy (p, server->name,MAXNETNAMELEN-5);
+ netname[MAXNETNAMELEN] = '\0';
+ p = strchr (netname, '.');
+ *p = '@';
+ client->cl_auth =
+ authdes_pk_create (netname, &server->pkey, 300, NULL, NULL);
+ if (!client->cl_auth)
+ client->cl_auth = authunix_create_default ();
+ }
+ else
#endif
- client->cl_auth = authunix_create_default ();
- }
+ client->cl_auth = authunix_create_default ();
+ }
return client;
}
-
+
return NULL;
}
@@ -189,14 +186,19 @@ __do_niscall (const nis_server *serv, int serv_len, u_long prog,
server_len = serv_len;
}
+ if (((flags & MASTER_ONLY) == MASTER_ONLY) && server_len > 1)
+ server_len = 1; /* The first entry is the master */
+
try = 0;
result = NIS_NAMEUNREACHABLE;
while (try < MAXTRIES && result != RPC_SUCCESS)
{
unsigned int i;
-
- ++try;
+
+ if ((flags & HARD_LOOKUP) == 0)
+ ++try;
+
for (i = 0; i < server_len; i++)
{
if ((clnt = __nis_dobind (&server[i], flags)) == NULL)
@@ -206,9 +208,7 @@ __do_niscall (const nis_server *serv, int serv_len, u_long prog,
if (result != RPC_SUCCESS)
{
- /* XXX Grrr. The cast is needed for now since Sun code does
- note know about `const'. */
- clnt_perror (clnt, (char *) "do_niscall: clnt_call");
+ clnt_perror (clnt, "do_niscall: clnt_call");
clnt_destroy (clnt);
result = NIS_RPCERROR;
}
diff --git a/nis/nis_intern.h b/nis/nis_intern.h
index b5fb605506..8201ccd533 100644
--- a/nis/nis_intern.h
+++ b/nis/nis_intern.h
@@ -27,11 +27,10 @@ __BEGIN_DECLS
extern nis_error __do_niscall (__const nis_server *server, int server_len,
u_long prog, xdrproc_t xargs, caddr_t req,
xdrproc_t xres, caddr_t resp, u_long flags);
-#if !defined(NO_DES_RPC)
-extern AUTH *authdes_pk_create (char *, netobj *, u_int,
+#if defined (HAVE_SECURE_RPC)
+extern AUTH *authdes_pk_create (const char *, const netobj *, u_int,
struct sockaddr *, des_block *);
#endif
-
extern nis_name *__nis_expandname (__const nis_name);
__END_DECLS
diff --git a/nis/nis_names.c b/nis/nis_names.c
index 92f8040b3d..aa8c880249 100644
--- a/nis/nis_names.c
+++ b/nis/nis_names.c
@@ -227,7 +227,7 @@ nis_modify (const nis_name name, const nis_object *obj)
req.ns_object.ns_object_len = 1;
req.ns_object.ns_object_val = nis_clone_object (obj, NULL);
- if ((status = __do_niscall (NULL, 0, NIS_REMOVE, (xdrproc_t) xdr_ns_request,
+ if ((status = __do_niscall (NULL, 0, NIS_MODIFY, (xdrproc_t) xdr_ns_request,
(caddr_t) & req, (xdrproc_t) xdr_nis_result,
(caddr_t) res, 0)) != RPC_SUCCESS)
res->status = status;
diff --git a/nis/nis_server.c b/nis/nis_server.c
index 48d2144c78..0ed3c81042 100644
--- a/nis/nis_server.c
+++ b/nis/nis_server.c
@@ -30,8 +30,8 @@ nis_mkdir (const nis_name dir, const nis_server *server)
{
int result;
if ((result = __do_niscall (NULL, 0, NIS_MKDIR, (xdrproc_t) xdr_nis_name,
- (caddr_t) dir, (xdrproc_t) xdr_nis_error,
- (caddr_t) & res, 0)) != RPC_SUCCESS)
+ (caddr_t) &dir, (xdrproc_t) xdr_nis_error,
+ (caddr_t) &res, 0)) != RPC_SUCCESS)
{
fprintf (stderr, _("__do_niscall: Error #%d\n"), result);
return NIS_RPCERROR;
@@ -42,8 +42,8 @@ nis_mkdir (const nis_name dir, const nis_server *server)
int result;
if ((result = __do_niscall (server, 1, NIS_MKDIR,
(xdrproc_t) xdr_nis_name,
- (caddr_t) dir, (xdrproc_t) xdr_nis_error,
- (caddr_t) & res, 0)) != RPC_SUCCESS)
+ (caddr_t) &dir, (xdrproc_t) xdr_nis_error,
+ (caddr_t) &res, 0)) != RPC_SUCCESS)
{
fprintf (stderr, _("__do_niscall: Error #%d\n"), result);
return NIS_RPCERROR;
@@ -62,8 +62,8 @@ nis_rmdir (const nis_name dir, const nis_server *server)
{
int result;
if ((result = __do_niscall (NULL, 0, NIS_RMDIR, (xdrproc_t) xdr_nis_name,
- (caddr_t) dir, (xdrproc_t) xdr_nis_error,
- (caddr_t) & res, 0)) != RPC_SUCCESS)
+ (caddr_t) &dir, (xdrproc_t) xdr_nis_error,
+ (caddr_t) &res, 0)) != RPC_SUCCESS)
{
fprintf (stderr, _("__do_niscall: Error #%d\n"), result);
return NIS_RPCERROR;
@@ -74,8 +74,8 @@ nis_rmdir (const nis_name dir, const nis_server *server)
int result;
if ((result = __do_niscall (server, 1, NIS_RMDIR,
(xdrproc_t) xdr_nis_name,
- (caddr_t) dir, (xdrproc_t) xdr_nis_error,
- (caddr_t) & res, 0)) != RPC_SUCCESS)
+ (caddr_t) &dir, (xdrproc_t) xdr_nis_error,
+ (caddr_t) &res, 0)) != RPC_SUCCESS)
{
fprintf (stderr, _("__do_niscall: Error #%d\n"), result);
return NIS_RPCERROR;
diff --git a/nis/nss_compat/compat-grp.c b/nis/nss_compat/compat-grp.c
index de96dbbeb6..6231a1e911 100644
--- a/nis/nss_compat/compat-grp.c
+++ b/nis/nss_compat/compat-grp.c
@@ -25,6 +25,14 @@
#include <string.h>
#include <rpcsvc/yp.h>
#include <rpcsvc/ypclnt.h>
+#include <rpcsvc/nis.h>
+#include <rpcsvc/nislib.h>
+#include <nsswitch.h>
+
+#include "nss-nisplus.h"
+
+static service_user *ni = NULL;
+static bool_t use_nisplus = FALSE; /* default: group_compat: nis */
/* Get the declaration of the parser function. */
#define ENTNAME grent
@@ -32,7 +40,7 @@
#define EXTERN_PARSER
#include "../../nss/nss_files/files-parse.c"
-/* Structure for remembering -@netgroup and -user members ... */
+/* Structure for remembering -group members ... */
#define BLACKLIST_INITIAL_SIZE 512
#define BLACKLIST_INCREMENT 256
struct blacklist_t
@@ -48,12 +56,15 @@ struct ent_t
bool_t nis_first;
char *oldkey;
int oldkeylen;
+ nis_result *result;
+ nis_name *names;
+ u_long names_nr;
FILE *stream;
struct blacklist_t blacklist;
- };
+};
typedef struct ent_t ent_t;
-static ent_t ext_ent = {0, 0, NULL, 0, NULL, {NULL, 0, 0}};
+static ent_t ext_ent = {0, 0, NULL, 0, NULL, NULL, 0, NULL, {NULL, 0, 0}};
/* Protect global state against multiple changers. */
__libc_lock_define_initialized (static, lock)
@@ -61,6 +72,8 @@ __libc_lock_define_initialized (static, lock)
/* Prototypes for local functions. */
static void blacklist_store_name (const char *, ent_t *);
static int in_blacklist (const char *, int, ent_t *);
+extern int _nss_nisplus_parse_grent (nis_result *, struct group *,
+ char *, size_t);
static enum nss_status
internal_setgrent (ent_t *ent)
@@ -75,15 +88,27 @@ internal_setgrent (ent_t *ent)
ent->oldkey = NULL;
ent->oldkeylen = 0;
}
-
+
+ if (ent->result != NULL)
+ {
+ nis_freeresult (ent->result);
+ ent->result = NULL;
+ }
+
+ if (ent->names != NULL)
+ {
+ nis_freenames (ent->names);
+ ent->names = NULL;
+ }
+ ent->names_nr = 0;
ent->blacklist.current = 0;
if (ent->blacklist.data != NULL)
ent->blacklist.data[0] = '\0';
-
+
if (ent->stream == NULL)
{
ent->stream = fopen ("/etc/group", "r");
-
+
if (ent->stream == NULL)
status = errno == EAGAIN ? NSS_STATUS_TRYAGAIN : NSS_STATUS_UNAVAIL;
}
@@ -101,6 +126,12 @@ _nss_compat_setgrent (void)
__libc_lock_lock (lock);
+ if (ni == NULL)
+ {
+ __nss_database_lookup ("group_compat", NULL, "nis", &ni);
+ use_nisplus = (strcmp (ni->name, "nisplus") == 0);
+ }
+
result = internal_setgrent (&ext_ent);
__libc_lock_unlock (lock);
@@ -127,6 +158,18 @@ internal_endgrent (ent_t *ent)
ent->oldkeylen = 0;
}
+ if (ent->result != NULL)
+ {
+ nis_freeresult (ent->result);
+ ent->result = NULL;
+ }
+
+ if (ent->names != NULL)
+ {
+ nis_freenames (ent->names);
+ ent->names = NULL;
+ }
+ ent->names_nr = 0;
ent->blacklist.current = 0;
if (ent->blacklist.data != NULL)
ent->blacklist.data[0] = '\0';
@@ -155,7 +198,7 @@ getgrent_next_nis (struct group *result, ent_t *ent, char *buffer,
struct parser_data *data = (void *) buffer;
char *domain;
char *outkey, *outval;
- int outkeylen, outvallen;
+ int outkeylen, outvallen, parse_res;
char *p;
if (yp_get_default_domain (&domain) != YPERR_SUCCESS)
@@ -202,13 +245,133 @@ getgrent_next_nis (struct group *result, ent_t *ent, char *buffer,
while (isspace (*p))
++p;
+
+ parse_res = _nss_files_parse_grent (p, result, data, buflen);
+
+ if (parse_res &&
+ in_blacklist (result->gr_name, strlen (result->gr_name), ent))
+ parse_res = 0; /* if result->gr_name in blacklist,search next entry */
+ }
+ while (!parse_res);
+
+ return NSS_STATUS_SUCCESS;
+}
+
+static enum nss_status
+getgrent_next_nisplus (struct group *result, ent_t *ent, char *buffer,
+ size_t buflen)
+{
+ int parse_res;
+
+ if (ent->names == NULL)
+ {
+ ent->names = nis_getnames ("group.org_dir");
+ if (ent->names == NULL || ent->names[0] == NULL)
+ {
+ ent->nis = 0;
+ return NSS_STATUS_UNAVAIL;
+ }
}
- while (!_nss_files_parse_grent (p, result, data, buflen));
+
+ do
+ {
+ if (ent->nis_first)
+ {
+ next_name:
+ ent->result = nis_first_entry(ent->names[ent->names_nr]);
+ if (niserr2nss (ent->result->status) != NSS_STATUS_SUCCESS)
+ {
+ ent->nis = 0;
+ return niserr2nss (ent->result->status);
+ }
+ ent->nis_first = FALSE;
+ }
+ else
+ {
+ nis_result *res;
+
+ res = nis_next_entry(ent->names[ent->names_nr],
+ &ent->result->cookie);
+ nis_freeresult (ent->result);
+ ent->result = res;
+ if (niserr2nss (ent->result->status) != NSS_STATUS_SUCCESS)
+ {
+ if ((ent->result->status == NIS_NOTFOUND) &&
+ ent->names[ent->names_nr + 1] != NULL)
+ {
+ nis_freeresult (ent->result);
+ ent->names_nr += 1;
+ goto next_name;
+ }
+ else
+ {
+ ent->nis = 0;
+ return niserr2nss (ent->result->status);
+ }
+ }
+ }
+ parse_res = _nss_nisplus_parse_grent (ent->result, result, buffer,
+ buflen);
+ if (parse_res &&
+ in_blacklist (result->gr_name, strlen (result->gr_name), ent))
+ parse_res = 0; /* if result->gr_name in blacklist,search next entry */
+ }
+ while (!parse_res);
+
+ return NSS_STATUS_SUCCESS;
+}
- if (!in_blacklist (result->gr_name, strlen (result->gr_name), ent))
+/* This function handle the +group entrys in /etc/group */
+static enum nss_status
+getgrent_next_file_plusgroup (struct group *result, char *buffer,
+ size_t buflen)
+{
+ struct parser_data *data = (void *) buffer;
+ int parse_res;
+
+ if (use_nisplus) /* Do the NIS+ query here */
+ {
+ nis_result *res;
+ char buf[strlen (result->gr_name) + 24];
+
+ sprintf(buf, "[name=%s],group.org_dir",
+ &result->gr_name[1]);
+ res = nis_list(buf, EXPAND_NAME, NULL, NULL);
+ if (niserr2nss (res->status) !=