17c478bdstevel@tonic-gate/*
27c478bdstevel@tonic-gate * CDDL HEADER START
37c478bdstevel@tonic-gate *
47c478bdstevel@tonic-gate * The contents of this file are subject to the terms of the
5cb5caa9djl * Common Development and Distribution License (the "License").
6cb5caa9djl * You may not use this file except in compliance with the License.
77c478bdstevel@tonic-gate *
87c478bdstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
97c478bdstevel@tonic-gate * or http://www.opensolaris.org/os/licensing.
107c478bdstevel@tonic-gate * See the License for the specific language governing permissions
117c478bdstevel@tonic-gate * and limitations under the License.
127c478bdstevel@tonic-gate *
137c478bdstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each
147c478bdstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
157c478bdstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the
167c478bdstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying
177c478bdstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner]
187c478bdstevel@tonic-gate *
197c478bdstevel@tonic-gate * CDDL HEADER END
207c478bdstevel@tonic-gate */
2161961e0robinson
227c478bdstevel@tonic-gate/*
23e8031f0raf * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
247c478bdstevel@tonic-gate * Use is subject to license terms.
257c478bdstevel@tonic-gate */
267c478bdstevel@tonic-gate
277c478bdstevel@tonic-gate#pragma ident	"%Z%%M%	%I%	%E% SMI"
287c478bdstevel@tonic-gate
29e8031f0raf#include "mt.h"
307c478bdstevel@tonic-gate#include <stdlib.h>
317c478bdstevel@tonic-gate#include <sys/types.h>
327c478bdstevel@tonic-gate#include <nss_dbdefs.h>
337c478bdstevel@tonic-gate#include <string.h>
347c478bdstevel@tonic-gate#include <bsm/libbsm.h>
357c478bdstevel@tonic-gate#include <secdb.h>
367c478bdstevel@tonic-gate
377c478bdstevel@tonic-gate
387c478bdstevel@tonic-gate/* externs from parse.c */
397c478bdstevel@tonic-gateextern char *_strtok_escape(char *, char *, char **);
407c478bdstevel@tonic-gate
417c478bdstevel@tonic-gatestatic int auuser_stayopen;
427c478bdstevel@tonic-gate
437c478bdstevel@tonic-gate/*
447c478bdstevel@tonic-gate * Unsynchronized, but it affects only
457c478bdstevel@tonic-gate * efficiency, not correctness
467c478bdstevel@tonic-gate */
477c478bdstevel@tonic-gate
487c478bdstevel@tonic-gatestatic DEFINE_NSS_DB_ROOT(db_root);
497c478bdstevel@tonic-gatestatic DEFINE_NSS_GETENT(context);
507c478bdstevel@tonic-gate
517c478bdstevel@tonic-gate
527c478bdstevel@tonic-gatevoid
537c478bdstevel@tonic-gate_nss_initf_auuser(nss_db_params_t *p)
547c478bdstevel@tonic-gate{
557c478bdstevel@tonic-gate	p->name	= NSS_DBNAM_AUDITUSER;
567c478bdstevel@tonic-gate	p->config_name    = NSS_DBNAM_PASSWD;  /* use config for "passwd" */
577c478bdstevel@tonic-gate	p->default_config = NSS_DEFCONF_AUDITUSER;
587c478bdstevel@tonic-gate}
597c478bdstevel@tonic-gate
607c478bdstevel@tonic-gate
617c478bdstevel@tonic-gate/*
627c478bdstevel@tonic-gate * Return values: 0 = success, 1 = parse error, 2 = erange ...
637c478bdstevel@tonic-gate * The structure pointer passed in is a structure in the caller's space
647c478bdstevel@tonic-gate * wherein the field pointers would be set to areas in the buffer if
657c478bdstevel@tonic-gate * need be. instring and buffer should be separate areas.
667c478bdstevel@tonic-gate */
677c478bdstevel@tonic-gateint
687c478bdstevel@tonic-gatestr2auuser(const char *instr, int lenstr, void *ent, char *buffer, int buflen)
697c478bdstevel@tonic-gate{
7061961e0robinson	char		*last = NULL;
717c478bdstevel@tonic-gate	char		*sep = KV_TOKEN_DELIMIT;
727c478bdstevel@tonic-gate	au_user_str_t	*au_user = (au_user_str_t *)ent;
737c478bdstevel@tonic-gate
7461961e0robinson	if (lenstr >= buflen)
757c478bdstevel@tonic-gate		return (NSS_STR_PARSE_ERANGE);
76cb5caa9djl
77cb5caa9djl	if (instr != buffer)
78cb5caa9djl		(void) strncpy(buffer, instr, buflen);
79cb5caa9djl
807c478bdstevel@tonic-gate	/*
817c478bdstevel@tonic-gate	 * Remove newline that nis (yp_match) puts at the
827c478bdstevel@tonic-gate	 * end of the entry it retrieves from the map.
837c478bdstevel@tonic-gate	 */
847c478bdstevel@tonic-gate	if (buffer[lenstr] == '\n') {
857c478bdstevel@tonic-gate		buffer[lenstr] = '\0';
867c478bdstevel@tonic-gate	}
877c478bdstevel@tonic-gate
88cb5caa9djl	/* quick exit do not entry fill if not needed */
89cb5caa9djl	if (ent == (void *)NULL)
90cb5caa9djl		return (NSS_STR_PARSE_SUCCESS);
91cb5caa9djl
927c478bdstevel@tonic-gate	au_user->au_name = _strtok_escape(buffer, sep, &last);
937c478bdstevel@tonic-gate	au_user->au_always = _strtok_escape(NULL, sep, &last);
947c478bdstevel@tonic-gate	au_user->au_never = _strtok_escape(NULL, sep, &last);
957c478bdstevel@tonic-gate
967c478bdstevel@tonic-gate	return (0);
977c478bdstevel@tonic-gate}
987c478bdstevel@tonic-gate
997c478bdstevel@tonic-gate
1007c478bdstevel@tonic-gatevoid
1017c478bdstevel@tonic-gate_setauuser(void)
1027c478bdstevel@tonic-gate{
1037c478bdstevel@tonic-gate	auuser_stayopen = 0;
1047c478bdstevel@tonic-gate	nss_setent(&db_root, _nss_initf_auuser, &context);
1057c478bdstevel@tonic-gate}
1067c478bdstevel@tonic-gate
1077c478bdstevel@tonic-gate
1087c478bdstevel@tonic-gateint
1097c478bdstevel@tonic-gate_endauuser(void)
1107c478bdstevel@tonic-gate{
1117c478bdstevel@tonic-gate	auuser_stayopen = 0;
1127c478bdstevel@tonic-gate	nss_endent(&db_root, _nss_initf_auuser, &context);
1137c478bdstevel@tonic-gate	nss_delete(&db_root);
1147c478bdstevel@tonic-gate	return (0);
1157c478bdstevel@tonic-gate}
1167c478bdstevel@tonic-gate
1177c478bdstevel@tonic-gate
1187c478bdstevel@tonic-gateau_user_str_t *
1197c478bdstevel@tonic-gate_getauuserent(au_user_str_t *result, char *buffer, int buflen, int *h_errnop)
1207c478bdstevel@tonic-gate{
1217c478bdstevel@tonic-gate	nss_XbyY_args_t arg;
1227c478bdstevel@tonic-gate	nss_status_t    res;
1237c478bdstevel@tonic-gate
1247c478bdstevel@tonic-gate	NSS_XbyY_INIT(&arg, result, buffer, buflen, str2auuser);
1257c478bdstevel@tonic-gate	res = nss_getent(&db_root, _nss_initf_auuser, &context, &arg);
1267c478bdstevel@tonic-gate	arg.status = res;
1277c478bdstevel@tonic-gate	*h_errnop = arg.h_errno;
1287c478bdstevel@tonic-gate	return ((au_user_str_t *)NSS_XbyY_FINI(&arg));
1297c478bdstevel@tonic-gate}
1307c478bdstevel@tonic-gate
1317c478bdstevel@tonic-gate
1327c478bdstevel@tonic-gateau_user_str_t *
1337c478bdstevel@tonic-gate_getauusernam(const char *name, au_user_str_t *result, char *buffer,
1347c478bdstevel@tonic-gate    int buflen, int *errnop)
1357c478bdstevel@tonic-gate{
1367c478bdstevel@tonic-gate	nss_XbyY_args_t arg;
1377c478bdstevel@tonic-gate	nss_status_t    res;
1387c478bdstevel@tonic-gate
1397c478bdstevel@tonic-gate	if (result == NULL) {
1407c478bdstevel@tonic-gate		*errnop = AUDITUSER_PARSE_ERANGE;
1417c478bdstevel@tonic-gate		return (NULL);
1427c478bdstevel@tonic-gate	}
1437c478bdstevel@tonic-gate	NSS_XbyY_INIT(&arg, result, buffer, buflen, str2auuser);
1447c478bdstevel@tonic-gate	arg.key.name = name;
1457c478bdstevel@tonic-gate	arg.stayopen = auuser_stayopen;
1467c478bdstevel@tonic-gate	arg.h_errno = AUDITUSER_NOT_FOUND;
1477c478bdstevel@tonic-gate	res = nss_search(&db_root, _nss_initf_auuser,
1487c478bdstevel@tonic-gate	    NSS_DBOP_AUDITUSER_BYNAME, &arg);
1497c478bdstevel@tonic-gate	arg.status = res;
1507c478bdstevel@tonic-gate	*errnop = arg.h_errno;
1517c478bdstevel@tonic-gate	return ((au_user_str_t *)NSS_XbyY_FINI(&arg));
1527c478bdstevel@tonic-gate}
153