1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright (c) 2001, 2010, Oracle and/or its affiliates. All rights reserved.
23  * Copyright 2012 Milan Jurik. All rights reserved.
24  */
25 
26 /*
27  * ldapaddent.c
28  *
29  * Utility to add /etc files into LDAP.
30  * Can also be used to dump entries from a ldap container in /etc format.
31  */
32 
33 #include <stdio.h>
34 #include <stdlib.h>
35 #include <libintl.h>
36 #include <strings.h>
37 #include <sys/param.h>
38 #include <ctype.h>
39 #include <sys/types.h>
40 #include <sys/socket.h>
41 #include <netinet/in.h>
42 #include <arpa/inet.h>
43 #include <locale.h>
44 #include <syslog.h>
45 
46 #undef opaque
47 
48 #include <nss_dbdefs.h>
49 #include <netdb.h>
50 #include <rpc/rpcent.h>
51 #include <grp.h>
52 #include <pwd.h>
53 #include <project.h>
54 #include <shadow.h>
55 #include <sys/systeminfo.h>
56 #include "ns_internal.h"
57 #include "ldapaddent.h"
58 #include "standalone.h"
59 
60 #define	OP_ADD	0
61 #define	OP_DUMP	3
62 
63 static struct ttypelist_t {
64 	char *ttype;		/* type tag */
65 	int (*genent)(char *, int(*)());
66 				/* routine to turn line into ldap entries */
67 	void (*dump)(ns_ldap_result_t *);
68 				/* routine to print ldap containers */
69 	int (*filedbmline)();	/* routine to turn file line into dbm line */
70 	char *objclass;		/* Objectclass for the servicetype */
71 	char *sortattr;		/* Sort attr for enumeration */
72 } *tt;
73 
74 char	parse_err_msg [PARSE_ERR_MSG_LEN];
75 int	continue_onerror = 0;  /* do not exit on error */
76 
77 static int get_basedn(char *service, char **basedn);
78 static int check_ipaddr(char *addr, char **newaddr);
79 static int check_projname(char *addr);
80 
81 extern	int	optind;
82 extern	char	*optarg;
83 
84 extern	char	*__nis_quote_key(const char *, char *, int);
85 
86 static char	*inputbasedn = NULL;
87 static char	*databasetype = NULL;
88 static int	exit_val = 0;
89 static unsigned	nent_add = 0;
90 static FILE	*etcf = 0;
91 static ns_cred_t	authority;
92 unsigned	flags = 0;
93 
94 static void
perr(ns_ldap_error_t * e)95 perr(ns_ldap_error_t *e)
96 {
97 	if (e)
98 		(void) fprintf(stderr, "%d: %s\n",
99 		    e->status, e->message);
100 }
101 
102 
103 static int
ascii_to_int(char * str)104 ascii_to_int(char *str)
105 {
106 	int i;
107 	char *c = str;
108 
109 	if (c == NULL || *c == '\0')
110 		return (-1);
111 
112 	while (*c == ' ')
113 		c++;
114 	if (*c == '\0')
115 		return (-1);
116 
117 	for (i = 0; i < strlen(c); i++)
118 		if (!isdigit(c[i]))
119 			return (-1);
120 
121 	return (atoi(c));
122 }
123 
124 /*
125  * Internet network address interpretation routine.
126  * The library routines call this routine to interpret
127  * network numbers.
128  */
129 static in_addr_t
encode_network(const char * cp)130 encode_network(const char *cp)
131 {
132 	in_addr_t val;
133 	int base;
134 	ptrdiff_t n;
135 	char c;
136 	in_addr_t parts[4], *pp = parts;
137 	int i;
138 
139 again:
140 	val = 0; base = 10;
141 	if (*cp == '0') {
142 		if (*++cp == 'x' || *cp == 'X')
143 			base = 16, cp++;
144 		else
145 			base = 8;
146 	}
147 	while ((c = *cp) != '\0') {
148 		if (isdigit(c)) {
149 			if ((c - '0') >= base)
150 				break;
151 			val = (val * base) + (c - '0');
152 			cp++;
153 			continue;
154 		}
155 		if (base == 16 && isxdigit(c)) {
156 			val = (val << 4) + (c + 10 - (islower(c) ? 'a' : 'A'));
157 			cp++;
158 			continue;
159 		}
160 		break;
161 	}
162 	if (*cp == '.') {
163 		if (pp >= parts + 4)
164 			return ((in_addr_t)-1);
165 		*pp++ = val, cp++;
166 		goto again;
167 	}
168 	if (*cp && !isspace(*cp))
169 		return ((in_addr_t)-1);
170 	*pp++ = val;
171 	n = pp - parts;
172 	if (n > 4)
173 		return ((in_addr_t)-1);
174 	for (val = 0, i = 0; i < n; i++) {
175 		val <<= 8;
176 		val |= parts[i] & 0xff;
177 	}
178 	for (/* no init */; i < 4; i++)
179 		val <<= 8;
180 	return (val);
181 }
182 
183 static void
replace_tab2space(char * str)184 replace_tab2space(char *str)
185 {
186 	int i = 0;
187 
188 	while ((str) && (str[i])) {
189 		if (str[i] == '\t')
190 			str[i] = ' ';
191 		i++;
192 	}
193 }
194 
195 static int
blankline(char * line)196 blankline(char *line)
197 {
198 	char *p;
199 
200 	for (p = line; *p; p++)
201 		if (*p != ' ' && *p != '\t')
202 			return (0);
203 	return (1);
204 }
205 
206 /*
207  * check whether the token <tok> is a triplet,
208  * i. e. <tok> := (<hostname>,<username>,<domainname>)
209  * where <hostname>, <username>, <domainname> are IA5String
210  * <tok> supposes to contain NO spaces and start with '('
211  */
212 static int
is_triplet(char * tok)213 is_triplet(char *tok)
214 {
215 	char *s;
216 	return (strchr(++tok, '(') == NULL &&		/* no more '(' */
217 	    (s = strchr(tok, ')')) != NULL &&		/* find ')' */
218 	    !*++s &&					/* ')' ends token */
219 	    (tok = strchr(tok, ',')) != NULL &&		/* host up to ',' */
220 	    (tok = strchr(++tok, ',')) != NULL &&	/* user up to ',' */
221 	    strchr(++tok, ',') == NULL);		/* no more ',' */
222 }
223 
224 static void
line_buf_expand(struct line_buf * line)225 line_buf_expand(struct line_buf *line)
226 {
227 	line->alloc += BUFSIZ;
228 	line->str = (char *)realloc(line->str, line->alloc);
229 
230 	if (line->str == NULL) {
231 		(void) fprintf(stderr,
232 		    gettext("line_buf_expand: out of memory\n"));
233 		exit(1);
234 	}
235 }
236 
237 static void
line_buf_init(struct line_buf * line)238 line_buf_init(struct line_buf *line)
239 {
240 	(void) memset((char *)line, 0, sizeof (*line));
241 	line_buf_expand(line);
242 }
243 
244 static int
__s_add_attr(ns_ldap_entry_t * e,char * attrname,char * value)245 __s_add_attr(ns_ldap_entry_t *e, char *attrname, char *value)
246 {
247 	ns_ldap_attr_t	*a;
248 	char		*v;
249 
250 	a = (ns_ldap_attr_t *)calloc(1, sizeof (ns_ldap_attr_t));
251 	if (a == NULL)
252 		return (NS_LDAP_MEMORY);
253 	a->attrname = strdup(attrname);
254 	if (a->attrname == NULL) {
255 		free(a);
256 		return (NS_LDAP_MEMORY);
257 	}
258 	a->attrvalue = (char **)calloc(1, sizeof (char **));
259 	if (a->attrvalue == NULL) {
260 		free(a->attrname);
261 		free(a);
262 		return (NS_LDAP_MEMORY);
263 	}
264 	a->value_count = 1;
265 	a->attrvalue[0] = NULL;
266 	v = strdup(value);
267 	if (v == NULL) {
268 		free(a->attrname);
269 		free(a->attrvalue);
270 		free(a);
271 		return (NS_LDAP_MEMORY);
272 	}
273 	a->attrvalue[0] = v;
274 	e->attr_pair[e->attr_count] = a;
275 	e->attr_count++;
276 	return (NS_LDAP_SUCCESS);
277 }
278 
279 static int
__s_add_attrlist(ns_ldap_entry_t * e,char * attrname,char ** argv)280 __s_add_attrlist(ns_ldap_entry_t *e, char *attrname, char **argv)
281 {
282 	ns_ldap_attr_t	*a;
283 	char		*v;
284 	char		**av;
285 	int		i, j;
286 
287 	a = (ns_ldap_attr_t *)calloc(1, sizeof (ns_ldap_attr_t));
288 	if (a == NULL)
289 		return (NS_LDAP_MEMORY);
290 	a->attrname = strdup(attrname);
291 	if (a->attrname == NULL) {
292 		free(a);
293 		return (NS_LDAP_MEMORY);
294 	}
295 
296 	for (i = 0, av = argv; *av != NULL; av++, i++)
297 		;
298 
299 	a->attrvalue = (char **)calloc(i, sizeof (char **));
300 
301 	if (a->attrvalue == NULL) {
302 		free(a->attrname);
303 		free(a);
304 		return (NS_LDAP_MEMORY);
305 	}
306 	a->value_count = i;
307 	for (j = 0; j < i; j++) {
308 		v = strdup(argv[j]);
309 		if (v == NULL) {
310 			free(a->attrname);
311 			free(a->attrvalue);
312 			free(a);
313 			return (NS_LDAP_MEMORY);
314 		}
315 		a->attrvalue[j] = v;
316 	}
317 	e->attr_pair[e->attr_count] = a;
318 	e->attr_count++;
319 	return (NS_LDAP_SUCCESS);
320 }
321 
322 static ns_ldap_entry_t *
__s_mk_entry(char ** objclass,int max_attr)323 __s_mk_entry(char **objclass, int max_attr)
324 {
325 	ns_ldap_entry_t *e;
326 	e = (ns_ldap_entry_t *)calloc(1, sizeof (ns_ldap_entry_t));
327 	if (e == NULL)
328 		return (NULL);
329 	e->attr_pair = (ns_ldap_attr_t **)calloc(max_attr+1,
330 	    sizeof (ns_ldap_attr_t *));
331 	if (e->attr_pair == NULL) {
332 		free(e);
333 		return (NULL);
334 	}
335 	e->attr_count = 0;
336 	if (__s_add_attrlist(e, "objectClass", objclass) != NS_LDAP_SUCCESS) {
337 		free(e->attr_pair);
338 		free(e);
339 		return (NULL);
340 	}
341 	return (e);
342 }
343 
344 static void
ldap_freeEntry(ns_ldap_entry_t * ep)345 ldap_freeEntry(ns_ldap_entry_t *ep)
346 {
347 	int		j, k = 0;
348 
349 	if (ep == NULL)
350 		return;
351 
352 	if (ep->attr_pair == NULL) {
353 		free(ep);
354 		return;
355 	}
356 	for (j = 0; j < ep->attr_count; j++) {
357 		if (ep->attr_pair[j] == NULL)
358 			continue;
359 		if (ep->attr_pair[j]->attrname)
360 			free(ep->attr_pair[j]->attrname);
361 		if (ep->attr_pair[j]->attrvalue) {
362 			for (k = 0; (k < ep->attr_pair[j]->value_count) &&
363 			    (ep->attr_pair[j]->attrvalue[k]); k++) {
364 				free(ep->attr_pair[j]->attrvalue[k]);
365 			}
366 			free(ep->attr_pair[j]->attrvalue);
367 		}
368 		free(ep->attr_pair[j]);
369 	}
370 	free(ep->attr_pair);
371 	free(ep);
372 }
373 
374 static int
addentry(void * entry,int mod)375 addentry(void *entry, int mod)
376 {
377 	int		 result = 0;
378 	ns_ldap_error_t	 *eres = NULL;
379 	int		rc = 1;
380 
381 
382 	/*  adds entry into the LDAP tree */
383 	if (mod)
384 		result = __ns_ldap_addTypedEntry(databasetype, inputbasedn,
385 		    entry, 0, &authority, NS_LDAP_FOLLOWREF | NS_LDAP_KEEP_CONN,
386 		    &eres);
387 	else
388 		result = __ns_ldap_addTypedEntry(databasetype, inputbasedn,
389 		    entry, 1, &authority, NS_LDAP_FOLLOWREF | NS_LDAP_KEEP_CONN,
390 		    &eres);
391 	/*
392 	 *  Return	0 on success
393 	 *		LDAP_ALREADY_EXISTS if entry exists already
394 	 *		1 for all other non-fatal errors.
395 	 *  Exit on fatal errors.
396 	 */
397 	switch (result) {
398 	case NS_LDAP_SUCCESS:
399 		nent_add++;
400 		rc = 0;
401 		break;
402 
403 	case NS_LDAP_OP_FAILED:
404 		(void) fprintf(stderr, gettext("operation failed.\n"));
405 		rc = 1;
406 		break;
407 
408 	case NS_LDAP_INVALID_PARAM:
409 		(void) fprintf(stderr,
410 		    gettext("invalid parameter(s) passed.\n"));
411 		rc = 1;
412 		break;
413 
414 	case NS_LDAP_NOTFOUND:
415 		(void) fprintf(stderr, gettext("entry not found.\n"));
416 		rc = 1;
417 		break;
418 
419 	case NS_LDAP_MEMORY:
420 		(void) fprintf(stderr,
421 		    gettext("internal memory allocation error.\n"));
422 		exit(1);
423 		break;
424 
425 	case NS_LDAP_CONFIG:
426 		(void) fprintf(stderr,
427 		    gettext("LDAP Configuration problem.\n"));
428 		perr(eres);
429 		exit(1);
430 		break;
431 
432 	case NS_LDAP_PARTIAL:
433 		(void) fprintf(stderr,
434 		    gettext("partial result returned\n"));
435 		perr(eres);
436 		rc = 1;
437 		break;
438 
439 	case NS_LDAP_INTERNAL:
440 		if (eres->status == LDAP_ALREADY_EXISTS ||
441 		    eres->status == LDAP_NO_SUCH_OBJECT)
442 			rc = eres->status;
443 		else if (eres->status == LDAP_INSUFFICIENT_ACCESS) {
444 			(void) fprintf(stderr,
445 			    gettext("The user does not have permission"
446 			    " to add/modify entries\n"));
447 			perr(eres);
448 			exit(1);
449 		} else {
450 			rc = 1;
451 			perr(eres);
452 		}
453 		break;
454 	}
455 
456 	if (eres)
457 		(void) __ns_ldap_freeError(&eres);
458 	return (rc);
459 }
460 
461 /*
462  * usage(char *msg)
463  * Display usage message to STDERR.
464  */
465 static void
usage(char * msg)466 usage(char *msg)
467 {
468 
469 	if (msg)
470 		(void) fprintf(stderr, "%s\n", msg);
471 
472 	(void) fprintf(stderr, gettext(
473 	"usage: ldapaddent [-cpv] [-a authenticationMethod] [-b baseDN]\n"
474 	"-D bindDN [-w bindPassword] [-j passwdFile] [-f filename]\n"
475 	"database\n"
476 	"\n"
477 	"usage: ldapaddent  [-cpv] -asasl/GSSAPI [-b baseDN] [-f filename]\n"
478 	"database\n"
479 	"\n"
480 	"usage: ldapaddent  -d [-v] [-a authenticationMethod] [-D bindDN]\n"
481 	"[-w bindPassword] [-j passwdFile] database\n"
482 	"\n"
483 	"usage: ldapaddent [-cpv] -h LDAP_server[:serverPort] [-M domainName]\n"
484 	"[-N  profileName]  [-P certifPath]  [-a authenticationMethod]\n"
485 	"[-b baseDN] -D bindDN [-w bindPassword] [-f filename]\n"
486 	"[-j passwdFile] database\n"
487 	"\n"
488 	"usage: ldapaddent [-cpv] -h LDAP_server[:serverPort] [-M domainName]\n"
489 	"[-N  profileName]  [-P certifPath] -asasl/GSSAPI  [-b baseDN]\n"
490 	"[-f filename] database\n"
491 	"\n"
492 	"usage: ldapaddent -d [-v] -h LDAP_server[:serverPort]"
493 	" [-M domainName]\n"
494 	"[-N profileName]  [-P certifPath]  [-a authenticationMethod]\n"
495 	"[-b baseDN] -D bindDN [-w bindPassword] [-j passwdFile]\n"
496 	"database\n"));
497 	exit(1);
498 }
499 
500 /*
501  * Determine if the given string is an IP address (IPv4 or IPv6).
502  * If so, it's converted to the preferred form (rfc2373) and
503  * *newaddr will point to the new address.
504  *
505  * Returns	-2		: inet_ntop error
506  *		-1		: not an IP address
507  *		0		: unsupported IP address (future use)
508  *		AF_INET		: IPv4
509  *		AF_INET6	: IPv6
510  */
511 static int
check_ipaddr(char * addr,char ** newaddr)512 check_ipaddr(char *addr, char **newaddr)
513 {
514 	ipaddr_t	addr_ipv4 = 0;
515 	in6_addr_t	addr_ipv6;
516 
517 	/* IPv6 */
518 	if (inet_pton(AF_INET6, addr, &addr_ipv6) == 1) {
519 		if (newaddr == NULL)
520 			return (AF_INET6);
521 
522 		/* Convert IPv4-mapped IPv6 address to IPv4 */
523 		if (IN6_IS_ADDR_V4MAPPED(&addr_ipv6) ||
524 		    IN6_IS_ADDR_V4COMPAT(&addr_ipv6)) {
525 			IN6_V4MAPPED_TO_IPADDR(&addr_ipv6, addr_ipv4);
526 			if ((*newaddr = calloc(1, INET_ADDRSTRLEN)) == NULL) {
527 				(void) fprintf(stderr,
528 				    gettext("out of memory\n"));
529 				exit(1);
530 			}
531 			if (inet_ntop(AF_INET, &addr_ipv4, *newaddr,
532 			    INET_ADDRSTRLEN))
533 				return (AF_INET6);
534 			free(*newaddr);
535 			return (-2);
536 		}
537 
538 		/* Processing general IPv6 addresses */
539 		if ((*newaddr = calloc(1, INET6_ADDRSTRLEN)) == NULL) {
540 			(void) fprintf(stderr, gettext("out of memory\n"));
541 			exit(1);
542 		}
543 		if (inet_ntop(AF_INET6, &addr_ipv6, *newaddr, INET6_ADDRSTRLEN))
544 			return (AF_INET6);
545 		free(*newaddr);
546 		return (-2);
547 	}
548 
549 	/* Processing IPv4 addresses of the type d.d.d.d. */
550 	if (inet_pton(AF_INET, addr, &addr_ipv4) == 1) {
551 		if (newaddr == NULL)
552 			return (AF_INET);
553 		if ((*newaddr = calloc(1, INET_ADDRSTRLEN)) == NULL) {
554 			(void) fprintf(stderr, gettext("out of memory\n"));
555 			exit(1);
556 		}
557 		if (inet_ntop(AF_INET, &addr_ipv4, *newaddr, INET_ADDRSTRLEN))
558 			return (AF_INET);
559 		free(*newaddr);
560 		return (-2);
561 	}
562 
563 	/* Processing IPv4 addresses d.d.d , d.d and d */
564 	if (inet_addr(addr) != (in_addr_t)-1) {
565 		if (newaddr == NULL)
566 			return (AF_INET);
567 		if ((*newaddr = strdup(addr)) == NULL) {
568 			(void) fprintf(stderr, gettext("out of memory\n"));
569 			exit(1);
570 		}
571 		return (AF_INET);
572 	}
573 
574 	return (-1);
575 }
576 
577 /*
578  * Verifies that project name meets the restrictions defined by project(5).
579  */
580 static int
check_projname(char * addr)581 check_projname(char *addr)
582 {
583 	int i;
584 	if (addr == NULL || *addr == '\0')
585 		return (-1);
586 
587 	for (i = 0; i < strlen(addr); i++) {
588 		if (!isalpha(addr[i]) &&
589 		    !isdigit(addr[i]) &&
590 		    addr[i] != '_' &&
591 		    addr[i] != '-' &&
592 		    addr[i] != '.')
593 			return (-1);
594 	}
595 
596 	return (0);
597 }
598 
599 static int
genent_hosts(char * line,int (* cback)())600 genent_hosts(char *line, int (*cback)())
601 {
602 	char buf[BUFSIZ+1];
603 	char *t, *comment;
604 	entry_col ecol[4];
605 	char *cname, *pref_addr;
606 	int ctr = 0, retval = 1;
607 	int rc = GENENT_OK, af;
608 
609 	struct hostent  data;
610 	char *alias;
611 
612 	/*
613 	 * don't clobber our argument
614 	 */
615 	if (strlen(line) >= sizeof (buf)) {
616 		(void) strlcpy(parse_err_msg, gettext("line too long"),
617 		    PARSE_ERR_MSG_LEN);
618 		return (GENENT_PARSEERR);
619 	}
620 	(void) strcpy(buf, line);
621 
622 	/*
623 	 * clear column data
624 	 */
625 	(void) memset((char *)ecol, 0, sizeof (ecol));
626 
627 	/*
628 	 * comment (col 3)
629 	 * All leading spaces will be deleted from the comment
630 	 */
631 	ecol[3].ec_value.ec_value_val = "";
632 	ecol[3].ec_value.ec_value_len = 0;
633 	comment = t = strchr(buf, '#');
634 	if (comment) {
635 		do {
636 			++comment;
637 		} while (*comment != '\0' && isspace(*comment));
638 		if (*comment != '\0') {
639 			*--comment = '#';
640 			ecol[3].ec_value.ec_value_val = strdup(comment);
641 			ecol[3].ec_value.ec_value_len = strlen(comment)+1;
642 		}
643 
644 		*t = '\0';
645 	}
646 
647 	/*
648 	 * addr(col 2)
649 	 */
650 	if ((t = strtok(buf, " \t")) == 0) {
651 		(void) strlcpy(parse_err_msg, gettext("no host"),
652 		    PARSE_ERR_MSG_LEN);
653 		return (GENENT_PARSEERR);
654 	}
655 
656 	af = check_ipaddr(t, &pref_addr);
657 	if (af == -2) {
658 		(void) strlcpy(parse_err_msg, gettext("Internal error"),
659 		    PARSE_ERR_MSG_LEN);
660 	} else if (af == -1) {
661 		(void) snprintf(parse_err_msg, sizeof (parse_err_msg),
662 		    gettext("Invalid IP address: %s"), t);
663 	} else if (flags & F_VERBOSE) {
664 		if ((strncasecmp(t, pref_addr, strlen(t))) != 0) {
665 			(void) fprintf(stdout,
666 			    gettext("IP address %s converted to %s\n"),
667 			    t, pref_addr);
668 		}
669 	}
670 
671 	if (af < 0) {
672 		(void) fprintf(stderr, "%s\n", parse_err_msg);
673 		if (continue_onerror == 0)
674 			return (GENENT_CBERR);
675 		else
676 			return (rc);
677 	}
678 
679 	ecol[2].ec_value.ec_value_val = pref_addr;
680 	ecol[2].ec_value.ec_value_len = strlen(pref_addr)+1;
681 
682 	/*
683 	 * cname (col 0)
684 	 */
685 	if ((t = strtok(NULL, " \t")) == 0) {
686 		(void) strlcpy(parse_err_msg, gettext("no cname"),
687 		    PARSE_ERR_MSG_LEN);
688 		return (GENENT_PARSEERR);
689 	}
690 	ecol[0].ec_value.ec_value_val = t;
691 	ecol[0].ec_value.ec_value_len = strlen(t)+1;
692 	cname = t;
693 
694 
695 	/* build entry */
696 	if ((data.h_addr_list = (char **)calloc(2, sizeof (char **))) == NULL) {
697 		(void) fprintf(stderr, gettext("out of memory\n"));
698 		exit(1);
699 	}
700 	data.h_addr_list[0] = strdup(ecol[2].ec_value.ec_value_val);
701 	data.h_addr_list[1] = NULL;
702 
703 	free(pref_addr);
704 	data.h_name = strdup(ecol[0].ec_value.ec_value_val);
705 
706 	/*
707 	 * name (col 1)
708 	 */
709 
710 	data.h_aliases = NULL;
711 
712 	do {
713 		/*
714 		 * don't clobber comment in canonical entry
715 		 */
716 
717 		/* This call to AddEntry may move out of the loop */
718 		/* This is because we have to call the function just once */
719 		if (t != cname && strcasecmp(t, cname) == 0)
720 			continue;
721 		if (strcasecmp(t, ecol[0].ec_value.ec_value_val) == 0)
722 			continue;
723 
724 		ecol[1].ec_value.ec_value_val = t;
725 		ecol[1].ec_value.ec_value_len = strlen(t)+1;
726 
727 		ctr++;
728 		alias = strdup(ecol[1].ec_value.ec_value_val);
729 		if ((data.h_aliases = (char **)realloc(data.h_aliases,
730 		    ctr * sizeof (char **))) == NULL) {
731 			(void) fprintf(stderr, gettext("out of memory\n"));
732 			exit(1);
733 		}
734 		data.h_aliases[ctr-1] = alias;
735 	} while (t = strtok(NULL, " \t"));
736 
737 	/*
738 	 * End the list of all the aliases by NULL
739 	 * If there is some comment, it will be stored as the last entry
740 	 * in the list of the host aliases
741 	 */
742 	if ((data.h_aliases = (char **)realloc(data.h_aliases,
743 	    (ecol[3].ec_value.ec_value_len != 0 ?
744 	    ctr + 2 : ctr + 1) * sizeof (char **))) == NULL) {
745 		(void) fprintf(stderr, gettext("out of memory\n"));
746 		exit(1);
747 	}
748 
749 	if (ecol[3].ec_value.ec_value_len != 0) {
750 		data.h_aliases[ctr++] = ecol[3].ec_value.ec_value_val;
751 	}
752 	data.h_aliases[ctr] = NULL;
753 
754 	if (flags & F_VERBOSE)
755 		(void) fprintf(stdout,
756 		    gettext("Adding entry : cn=%s+ipHostNumber=%s\n"),
757 		    data.h_name, data.h_addr_list[0]);
758 
759 	retval = (*cback)(&data, 0);
760 
761 	if (ecol[3].ec_value.ec_value_len != 0) {
762 		free(ecol[3].ec_value.ec_value_val);
763 	}
764 
765 	if (retval == LDAP_ALREADY_EXISTS) {
766 		if (continue_onerror)
767 			(void) fprintf(stderr,
768 			    gettext("Entry: cn=%s+ipHostNumber=%s "
769 			    "already Exists -skipping it\n"),
770 			    data.h_name, data.h_addr_list[0]);
771 		else {
772 			rc = GENENT_CBERR;
773 			(void) fprintf(stderr,
774 			    gettext("Entry: cn=%s+ipHostNumber=%s"
775 			    " already Exists\n"),
776 			    data.h_name, data.h_addr_list[0]);
777 		}
778 	} else if (retval)
779 		rc = GENENT_CBERR;
780 
781 	free(data.h_name);
782 	free(data.h_aliases);
783 	free(data.h_addr_list);
784 
785 	return (rc);
786 }
787 
788 
789 
790 static void
dump_hosts(ns_ldap_result_t * res)791 dump_hosts(ns_ldap_result_t *res)
792 {
793 	ns_ldap_attr_t	*attrptr = NULL,
794 	    *cn = NULL,
795 	    *iphostnumber = NULL,
796 	    *desc = NULL;
797 	int		 i, j;
798 	char		*name; /* host name */
799 
800 	if (res == NULL || res->entry == NULL)
801 		return;
802 	for (i = 0; i < res->entry->attr_count; i++) {
803 		attrptr = res->entry->attr_pair[i];
804 		if (strcasecmp(attrptr->attrname, "cn") == 0)
805 			cn = attrptr;
806 		else if (strcasecmp(attrptr->attrname, "iphostnumber") == 0)
807 			iphostnumber = attrptr;
808 		else if (strcasecmp(attrptr->attrname, "description") == 0) {
809 			desc = attrptr;
810 		}
811 	}
812 	/* sanity check */
813 	if (cn == NULL || cn->attrvalue == NULL || cn->attrvalue[0] == NULL ||
814 	    iphostnumber == NULL || iphostnumber->attrvalue == NULL ||
815 	    iphostnumber->attrvalue[0] == NULL)
816 		return;
817 
818 	if ((name = __s_api_get_canonical_name(res->entry, cn, 1)) == NULL)
819 		return;
820 
821 	/* ip host/ipnode number */
822 	if (strlen(iphostnumber->attrvalue[0]) <= INET_ADDRSTRLEN)
823 		/* IPV4 or IPV6 but <= NET_ADDRSTRLEN */
824 		(void) fprintf(stdout, "%-18s", iphostnumber->attrvalue[0]);
825 	else
826 		/* IPV6 */
827 		(void) fprintf(stdout, "%-48s", iphostnumber->attrvalue[0]);
828 
829 	/* host/ipnode name */
830 	(void) fprintf(stdout, "%s ", name);
831 
832 	/* aliases */
833 	for (j = 0; j < cn->value_count; j++) {
834 		if (cn->attrvalue[j]) {
835 			if (strcasecmp(name, cn->attrvalue[j]) == 0)
836 				/* skip host name */
837 				continue;
838 			(void) fprintf(stdout, "%s ", cn->attrvalue[j]);
839 		}
840 	}
841 
842 	/* description */
843 	if (desc != NULL && desc->attrvalue != NULL &&
844 	    desc->attrvalue[0] != NULL) {
845 		(void) fprintf(stdout, "#%s", desc->attrvalue[0]);
846 	}
847 
848 	/* end of line */
849 	(void) fprintf(stdout, "\n");
850 }
851 
852 /*
853  * /etc/rpc
854  */
855 
856 static int
genent_rpc(char * line,int (* cback)())857 genent_rpc(char *line, int (*cback)())
858 {
859 	char buf[BUFSIZ+1];
860 	char *t;
861 	entry_col ecol[4];
862 	char *cname;
863 
864 	struct rpcent	data;
865 	char *alias;
866 	int ctr = 0;
867 	int retval = 1;
868 	int rc = GENENT_OK;
869 
870 	/*
871 	 * don't clobber our argument
872 	 */
873 	if (strlen(line) >= sizeof (buf)) {
874 		(void) strlcpy(parse_err_msg, gettext("line too long"),
875 		    PARSE_ERR_MSG_LEN);
876 		return (GENENT_PARSEERR);
877 	}
878 	(void) strcpy(buf, line);
879 
880 	/*
881 	 * clear column data
882 	 */
883 	(void) memset((char *)ecol, 0, sizeof (ecol));
884 
885 	/*
886 	 * comment (col 3)
887 	 */
888 	t = strchr(buf, '#');
889 	if (t) {
890 		*t++ = 0;
891 		ecol[3].ec_value.ec_value_val = t;
892 		ecol[3].ec_value.ec_value_len = strlen(t)+1;
893 	} else {
894 		ecol[3].ec_value.ec_value_val = 0;
895 		ecol[3].ec_value.ec_value_len = 0;
896 	}
897 
898 	/*
899 	 * cname(col 0)
900 	 */
901 	if ((t = strtok(buf, " \t")) == 0) {
902 		(void) strlcpy(parse_err_msg, gettext("no number"),
903 		    PARSE_ERR_MSG_LEN);
904 		return (GENENT_PARSEERR);
905 	}
906 	ecol[0].ec_value.ec_value_val = t;
907 	ecol[0].ec_value.ec_value_len = strlen(t)+1;
908 	cname = t;
909 
910 	/*
911 	 * number (col 2)
912 	 */
913 	if ((t = strtok(NULL, " \t")) == 0) {
914 		(void) strlcpy(parse_err_msg, gettext("no number"),
915 		    PARSE_ERR_MSG_LEN);
916 		return (GENENT_PARSEERR);
917 	}
918 	ecol[2].ec_value.ec_value_val = t;
919 	ecol[2].ec_value.ec_value_len = strlen(t)+1;
920 
921 
922 	/*
923 	 * build entry
924 	 */
925 
926 	data.r_name = strdup(ecol[0].ec_value.ec_value_val);
927 	if (ecol[2].ec_value.ec_value_val != NULL &&
928 	    ecol[2].ec_value.ec_value_val[0] != '\0') {
929 
930 		data.r_number = ascii_to_int(ecol[2].ec_value.ec_value_val);
931 		if (data.r_number == -1) {
932 			(void) snprintf(parse_err_msg, sizeof (parse_err_msg),
933 			    gettext("invalid program number: %s"),
934 			    ecol[2].ec_value.ec_value_val);
935 		return (GENENT_PARSEERR);
936 		}
937 	} else
938 		data.r_number = -1;
939 
940 	/*
941 	 * name (col 1)
942 	 */
943 	t = cname;
944 	data.r_aliases = NULL;
945 	do {
946 
947 		/*
948 		 * don't clobber comment in canonical entry
949 		 */
950 		if (t != cname && strcasecmp(t, cname) == 0)
951 			continue;
952 		if (strcasecmp(t, ecol[0].ec_value.ec_value_val) == 0)
953 			continue;
954 
955 		ecol[1].ec_value.ec_value_val = t;
956 		ecol[1].ec_value.ec_value_len = strlen(t)+1;
957 
958 		ctr++;
959 		alias = strdup(ecol[1].ec_value.ec_value_val);
960 		if ((data.r_aliases = (char **)realloc(data.r_aliases,
961 		    ctr * sizeof (char **))) == NULL) {
962 			(void) fprintf(stderr, gettext("out of memory\n"));
963 			exit(1);
964 		}
965 		data.r_aliases[ctr-1] = alias;
966 
967 
968 		/*
969 		 * only put comment in canonical entry
970 		 */
971 		ecol[3].ec_value.ec_value_val = 0;
972 		ecol[3].ec_value.ec_value_len = 0;
973 
974 	} while (t = strtok(NULL, " \t"));
975 
976 	/* End the list of all the aliases by NULL */
977 	if ((data.r_aliases = (char **)realloc(data.r_aliases,
978 	    (ctr + 1) * sizeof (char **))) == NULL) {
979 		(void) fprintf(stderr, gettext("out of memory\n"));
980 		exit(1);
981 	}
982 	data.r_aliases[ctr] = NULL;
983 
984 	if (flags & F_VERBOSE)
985 		(void) fprintf(stdout,
986 		    gettext("Adding entry : %s\n"), data.r_name);
987 
988 	retval = (*cback)(&data, 0);
989 
990 	if (retval == LDAP_ALREADY_EXISTS) {
991 		if (continue_onerror)
992 			(void) fprintf(stderr,
993 			    gettext("Entry: %s - already Exists,"
994 			    " skipping it.\n"), data.r_name);
995 		else {
996 			rc = GENENT_CBERR;
997 			(void) fprintf(stderr,
998 			    gettext("Entry: %s - already Exists\n"),
999 			    data.r_name);
1000 		}
1001 	} else if (retval)
1002 		rc = GENENT_CBERR;
1003 
1004 	free(data.r_name);
1005 	free(data.r_aliases);
1006 
1007 	return (rc);
1008 }
1009 
1010 
1011 
1012 static void
dump_rpc(ns_ldap_result_t * res)1013 dump_rpc(ns_ldap_result_t *res)
1014 {
1015 	ns_ldap_attr_t	*attrptr = NULL, *cn = NULL, *rpcnumber = NULL;
1016 	int		 i, j;
1017 	char		*name; /* rpc name */
1018 
1019 	if (res == NULL || res->entry == NULL)
1020 		return;
1021 	for (i = 0; i < res->entry->attr_count; i++) {
1022 		attrptr = res->entry->attr_pair[i];
1023 		if (strcasecmp(attrptr->attrname, "cn") == 0)
1024 			cn = attrptr;
1025 		else if (strcasecmp(attrptr->attrname, "oncRpcNumber") == 0)
1026 			rpcnumber = attrptr;
1027 	}
1028 	/* sanity check */
1029 	if (cn == NULL || cn->attrvalue == NULL || cn->attrvalue[0] == NULL ||
1030 	    rpcnumber == NULL || rpcnumber->attrvalue == NULL ||
1031 	    rpcnumber->attrvalue[0] == NULL)
1032 		return;
1033 
1034 	if ((name = __s_api_get_canonical_name(res->entry, cn, 1)) == NULL)
1035 		return;
1036 
1037 	/* rpc name */
1038 	if (strlen(name) < 8)
1039 		(void) fprintf(stdout, "%s\t\t", name);
1040 	else
1041 		(void) fprintf(stdout, "%s\t", name);
1042 
1043 	/* rpc number */
1044 	(void) fprintf(stdout, "%-8s", rpcnumber->attrvalue[0]);
1045 
1046 
1047 	/* aliases */
1048 	for (j = 0; j < cn->value_count; j++) {
1049 		if (cn->attrvalue[j]) {
1050 			if (strcasecmp(name, cn->attrvalue[j]) == 0)
1051 				/* skip rpc name */
1052 				continue;
1053 			(void) fprintf(stdout, "%s ", cn->attrvalue[j]);
1054 		}
1055 	}
1056 
1057 	/* end of line */
1058 	(void) fprintf(stdout, "\n");
1059 
1060 }
1061 
1062 /*
1063  * /etc/protocols
1064  *
1065  */
1066 
1067 static int
genent_protocols(char * line,int (* cback)())1068 genent_protocols(char *line, int (*cback)())
1069 {
1070 	char buf[BUFSIZ+1];
1071 	char *t;
1072 	entry_col ecol[4];
1073 	char *cname;
1074 
1075 	struct protoent	data;
1076 	char *alias;
1077 	int ctr = 0;
1078 	int retval = 1;
1079 	int rc = GENENT_OK;
1080 
1081 	/*
1082 	 * don't clobber our argument
1083 	 */
1084 	if (strlen(line) >= sizeof (buf)) {
1085 		(void) strlcpy(parse_err_msg, gettext("line too long"),
1086 		    PARSE_ERR_MSG_LEN);
1087 		return (GENENT_PARSEERR);
1088 	}
1089 	(void) strcpy(buf, line);
1090 
1091 	/*
1092 	 * clear column data
1093 	 */
1094 	(void) memset((char *)ecol, 0, sizeof (ecol));
1095 
1096 	/*
1097 	 * comment (col 3)
1098 	 */
1099 	t = strchr(buf, '#');
1100 	if (t) {
1101 		*t++ = 0;
1102 		ecol[3].ec_value.ec_value_val = t;
1103 		ecol[3].ec_value.ec_value_len = strlen(t)+1;
1104 	} else {
1105 		ecol[3].ec_value.ec_value_val = 0;
1106 		ecol[3].ec_value.ec_value_len = 0;
1107 	}
1108 
1109 	/*
1110 	 * cname(col 0)
1111 	 */
1112 	if ((t = strtok(buf, " \t")) == 0) {
1113 		(void) strlcpy(parse_err_msg, gettext("no number"),
1114 		    PARSE_ERR_MSG_LEN);
1115 		return (GENENT_PARSEERR);
1116 	}
1117 	ecol[0].ec_value.ec_value_val = t;
1118 	ecol[0].ec_value.ec_value_len = strlen(t)+1;
1119 	cname = t;
1120 
1121 	/*
1122 	 * number (col 2)
1123 	 */
1124 	if ((t = strtok(NULL, " \t")) == 0) {
1125 		(void) strlcpy(parse_err_msg, gettext("no number"),
1126 		    PARSE_ERR_MSG_LEN);
1127 		return (GENENT_PARSEERR);
1128 	}
1129 	ecol[2].ec_value.ec_value_val = t;
1130 	ecol[2].ec_value.ec_value_len = strlen(t)+1;
1131 
1132 
1133 	/*
1134 	 * build entry
1135 	 */
1136 	data.p_name = strdup(ecol[0].ec_value.ec_value_val);
1137 
1138 	if (ecol[2].ec_value.ec_value_val != NULL &&
1139 	    ecol[2].ec_value.ec_value_val[0] != '\0') {
1140 
1141 		data.p_proto = ascii_to_int(ecol[2].ec_value.ec_value_val);
1142 		if (data.p_proto == -1) {
1143 			(void) snprintf(parse_err_msg, sizeof (parse_err_msg),
1144 			    gettext("invalid protocol number: %s"),
1145 			    ecol[2].ec_value.ec_value_val);
1146 		return (GENENT_PARSEERR);
1147 		}
1148 	} else
1149 		data.p_proto = -1;
1150 
1151 	/*
1152 	 * name (col 1)
1153 	 */
1154 	t = cname;
1155 	ctr = 0;
1156 	data.p_aliases = NULL;
1157 
1158 	do {
1159 		/*
1160 		 * don't clobber comment in canonical entry
1161 		 */
1162 		if (t != cname && strcasecmp(t, cname) == 0)
1163 			continue;
1164 		if (strcasecmp(t, ecol[0].ec_value.ec_value_val) == 0)
1165 			continue;
1166 
1167 		ecol[1].ec_value.ec_value_val = t;
1168 		ecol[1].ec_value.ec_value_len = strlen(t)+1;
1169 
1170 		ctr++;
1171 		alias = strdup(ecol[1].ec_value.ec_value_val);
1172 		if ((data.p_aliases = (char **)realloc(data.p_aliases,
1173 		    ctr * sizeof (char **))) == NULL) {
1174 			(void) fprintf(stderr, gettext("out of memory\n"));
1175 			exit(1);
1176 		}
1177 		data.p_aliases[ctr-1] = alias;
1178 
1179 		/*
1180 		 * only put comment in canonical entry
1181 		 */
1182 		ecol[3].ec_value.ec_value_val = 0;
1183 		ecol[3].ec_value.ec_value_len = 0;
1184 
1185 	} while (t = strtok(NULL, " \t"));
1186 
1187 	/* End the list of all the aliases by NULL */
1188 	if ((data.p_aliases = (char **)realloc(data.p_aliases,
1189 	    (ctr + 1) * sizeof (char **))) == NULL) {
1190 		(void) fprintf(stderr, gettext("out of memory\n"));
1191 		exit(1);
1192 	}
1193 	data.p_aliases[ctr] = NULL;
1194 
1195 	if (flags & F_VERBOSE)
1196 		(void) fprintf(stdout,
1197 		    gettext("Adding entry : %s\n"), data.p_name);
1198 
1199 	retval = (*cback)(&data, 0);
1200 
1201 	if (retval == LDAP_ALREADY_EXISTS) {
1202 		if (continue_onerror)
1203 			(void) fprintf(stderr,
1204 			    gettext("Entry: %s - already Exists,"
1205 			    " skipping it.\n"), data.p_name);
1206 		else {
1207 			rc = GENENT_CBERR;
1208 			(void) fprintf(stderr,
1209 			    gettext("Entry: %s - already Exists\n"),
1210 			    data.p_name);
1211 		}
1212 	} else if (retval)
1213 		rc = GENENT_CBERR;
1214 
1215 	free(data.p_name);
1216 	free(data.p_aliases);
1217 
1218 	return (rc);
1219 }
1220 
1221 
1222 static void
dump_protocols(ns_ldap_result_t * res)1223 dump_protocols(ns_ldap_result_t *res)
1224 {
1225 	ns_ldap_attr_t	*attrptr = NULL, *cn = NULL, *protocolnumber = NULL;
1226 	int		 i, j;
1227 	char		*name, *cp;
1228 
1229 	if (res == NULL || res->entry == NULL)
1230 		return;
1231 	for (i = 0; i < res->entry->attr_count; i++) {
1232 		attrptr = res->entry->attr_pair[i];
1233 		if (strcasecmp(attrptr->attrname, "cn") == 0)
1234 			cn = attrptr;
1235 		else if (strcasecmp(attrptr->attrname, "ipProtocolNumber")
1236 		    == 0)
1237 			protocolnumber = attrptr;
1238 	}
1239 	/* sanity check */
1240 	if (cn == NULL || cn->attrvalue == NULL || cn->attrvalue[0] == NULL ||
1241 	    protocolnumber == NULL || protocolnumber->attrvalue == NULL ||
1242 	    protocolnumber->attrvalue[0] == NULL)
1243 		return;
1244 
1245 	if ((name = __s_api_get_canonical_name(res->entry, cn, 1)) == NULL)
1246 		return;
1247 
1248 	/* protocol name */
1249 	if (strlen(name) < 8)
1250 		(void) fprintf(stdout, "%s\t\t", name);
1251 	else
1252 		(void) fprintf(stdout, "%s\t", name);
1253 
1254 	/* protocol number */
1255 	(void) fprintf(stdout, "%-16s", protocolnumber->attrvalue[0]);
1256 
1257 	/* aliases */
1258 	for (j = 0; j < cn->value_count; j++) {
1259 		if (cn->attrvalue[j]) {
1260 			if (strcasecmp(name, cn->attrvalue[j]) == 0) {
1261 				if (cn->value_count > 1)
1262 					/* Do not replicate */
1263 					continue;
1264 				/*
1265 				 * Replicate name in uppercase as an aliase
1266 				 */
1267 				for (cp = cn->attrvalue[j]; *cp; cp++)
1268 					*cp = toupper(*cp);
1269 			}
1270 			(void) fprintf(stdout, "%s ", cn->attrvalue[j]);
1271 		}
1272 	}
1273 
1274 	/* end of line */
1275 	(void) fprintf(stdout, "\n");
1276 
1277 }
1278 
1279 
1280 
1281 
1282 
1283 /*
1284  * /etc/networks
1285  *
1286  */
1287 
1288 static int
genent_networks(char * line,int (* cback)())1289 genent_networks(char *line, int (*cback)())
1290 {
1291 	char buf[BUFSIZ+1];
1292 	char *t;
1293 	entry_col ecol[4];
1294 	char *cname;
1295 
1296 	struct netent	data;
1297 	char *alias;
1298 	int ctr = 0;
1299 	int retval = 1;
1300 	int enet;
1301 	int rc = GENENT_OK;
1302 
1303 	/*
1304 	 * don't clobber our argument
1305 	 */
1306 	if (strlen(line) >= sizeof (buf)) {
1307 		(void) strlcpy(parse_err_msg, gettext("line too long"),
1308 		    PARSE_ERR_MSG_LEN);
1309 		return (GENENT_PARSEERR);
1310 	}
1311 	(void) strcpy(buf, line);
1312 
1313 	/*
1314 	 * clear column data
1315 	 */
1316 	(void) memset((char *)ecol, 0, sizeof (ecol));
1317 
1318 	/*
1319 	 * comment (col 3)
1320 	 */
1321 	t = strchr(buf, '#');
1322 	if (t) {
1323 		*t++ = 0;
1324 		ecol[3].ec_value.ec_value_val = t;
1325 		ecol[3].ec_value.ec_value_len = strlen(t)+1;
1326 	} else {
1327 		ecol[3].ec_value.ec_value_val = 0;
1328 		ecol[3].ec_value.ec_value_len = 0;
1329 	}
1330 
1331 	/*
1332 	 * cname(col 0)
1333 	 */
1334 	if ((t = strtok(buf, " \t")) == 0) {
1335 		(void) strlcpy(parse_err_msg, gettext("no number"),
1336 		    PARSE_ERR_MSG_LEN);
1337 		return (GENENT_PARSEERR);
1338 	}
1339 	ecol[0].ec_value.ec_value_val = t;
1340 	ecol[0].ec_value.ec_value_len = strlen(t)+1;
1341 	cname = t;
1342 
1343 	/*
1344 	 * number (col 2)
1345 	 */
1346 	if ((t = strtok(NULL, " \t")) == 0) {
1347 		(void) strlcpy(parse_err_msg, gettext("no number"),
1348 		    PARSE_ERR_MSG_LEN);
1349 		return (GENENT_PARSEERR);
1350 	}
1351 	ecol[2].ec_value.ec_value_val = t;
1352 	ecol[2].ec_value.ec_value_len = strlen(t)+1;
1353 
1354 
1355 	/*
1356 	 * build entry
1357 	 */
1358 
1359 	data.n_name = strdup(ecol[0].ec_value.ec_value_val);
1360 	/*
1361 	 * data.n_net is an unsigned field,
1362 	 * assign -1 to it, make no sense.
1363 	 * Use enet here to avoid lint warning.
1364 	 */
1365 	enet = encode_network(ecol[2].ec_value.ec_value_val);
1366 
1367 	if (enet == -1 && continue_onerror == 0) {
1368 		(void) fprintf(stderr, gettext("Invalid network number\n"));
1369 		if (continue_onerror == 0)
1370 			return (GENENT_CBERR);
1371 	} else
1372 		data.n_net = enet;
1373 
1374 	/*
1375 	 * name (col 1)
1376 	 */
1377 	t = cname;
1378 	data.n_aliases = NULL;
1379 
1380 	do {
1381 		/*
1382 		 * don't clobber comment in canonical entry
1383 		 */
1384 		if (t != cname && strcasecmp(t, cname) == 0)
1385 			continue;
1386 		if (strcasecmp(t, ecol[0].ec_value.ec_value_val) == 0)
1387 			continue;
1388 
1389 		ecol[1].ec_value.ec_value_val = t;
1390 		ecol[1].ec_value.ec_value_len = strlen(t)+1;
1391 
1392 		ctr++;
1393 		alias = strdup(ecol[1].ec_value.ec_value_val);
1394 		if ((data.n_aliases = (char **)realloc(data.n_aliases,
1395 		    ctr * sizeof (char **))) == NULL) {
1396 			(void) fprintf(stderr, gettext("out of memory\n"));
1397 			exit(1);
1398 		}
1399 		data.n_aliases[ctr-1] = alias;
1400 
1401 		/*
1402 		 * only put comment in canonical entry
1403 		 */
1404 		ecol[3].ec_value.ec_value_val = 0;
1405 		ecol[3].ec_value.ec_value_len = 0;
1406 
1407 	} while (t = strtok(NULL, " \t"));
1408 
1409 	/* End the list of all the aliases by NULL */
1410 	if ((data.n_aliases = (char **)realloc(data.n_aliases,
1411 	    (ctr + 1) * sizeof (char **))) == NULL) {
1412 		(void) fprintf(stderr, gettext("out of memory\n"));
1413 		exit(1);
1414 	}
1415 	data.n_aliases[ctr] = NULL;
1416 
1417 	if (flags & F_VERBOSE)
1418 		(void) fprintf(stdout,
1419 		    gettext("Adding entry : %s\n"), data.n_name);
1420 
1421 	retval = (*cback)(&data, 0);
1422 
1423 	if (retval == LDAP_ALREADY_EXISTS) {
1424 		if (continue_onerror)
1425 			(void) fprintf(stderr,
1426 			    gettext("Entry: %s - already Exists,"
1427 			    " skipping it.\n"), data.n_name);
1428 		else {
1429 			rc = GENENT_CBERR;
1430 			(void) fprintf(stderr,
1431 			    gettext("Entry: %s - already Exists\n"),
1432 			    data.n_name);
1433 		}
1434 	} else if (retval)
1435 		rc = GENENT_CBERR;
1436 
1437 	free(data.n_name);
1438 	free(data.n_aliases);
1439 
1440 	return (rc);
1441 }
1442 
1443 
1444 static void
dump_networks(ns_ldap_result_t * res)1445 dump_networks(ns_ldap_result_t *res)
1446 {
1447 	ns_ldap_attr_t	*attrptr = NULL, *cn = NULL, *networknumber = NULL;
1448 	int		 i, j;
1449 	char		*name;
1450 
1451 	if (res == NULL || res->entry == NULL)
1452 		return;
1453 	for (i = 0; i < res->entry->attr_count; i++) {
1454 		attrptr = res->entry->attr_pair[i];
1455 		if (strcasecmp(attrptr->attrname, "cn") == 0)
1456 			cn = attrptr;
1457 		else if (strcasecmp(attrptr->attrname, "ipNetworkNumber")
1458 		    == 0)
1459 			networknumber = attrptr;
1460 	}
1461 	/* sanity check */
1462 	if (cn == NULL || cn->attrvalue == NULL || cn->attrvalue[0] == NULL ||
1463 	    networknumber == NULL || networknumber->attrvalue == NULL ||
1464 	    networknumber->attrvalue[0] == NULL)
1465 		return;
1466 
1467 	/*
1468 	 * cn can be a MUST attribute(RFC 2307) or MAY attribute(2307bis).
1469 	 * If the canonical name can not be found (2307bis), use the 1st
1470 	 * value as the official name.
1471 	 */
1472 
1473 	/* network name */
1474 	if ((name = __s_api_get_canonical_name(res->entry, cn, 1)) == NULL)
1475 		name = cn->attrvalue[0];
1476 
1477 	if (strlen(name) < 8)
1478 		(void) fprintf(stdout, "%s\t\t", name);
1479 	else
1480 		(void) fprintf(stdout, "%s\t", name);
1481 
1482 	/* network number */
1483 	(void) fprintf(stdout, "%-16s", networknumber->attrvalue[0]);
1484 
1485 	/* aliases */
1486 	for (j = 0; j < cn->value_count; j++) {
1487 		if (cn->attrvalue[j]) {
1488 			if (strcasecmp(name, cn->attrvalue[j]) == 0)
1489 				/* skip name */
1490 				continue;
1491 			(void) fprintf(stdout, "%s ", cn->attrvalue[j]);
1492 		}
1493 	}
1494 
1495 	/* end of line */
1496 	(void) fprintf(stdout, "\n");
1497 
1498 }
1499 
1500 
1501 
1502 
1503 /*
1504  * /etc/services
1505  *
1506  */
1507 
1508 static int
genent_services(char * line,int (* cback)())1509 genent_services(char *line, int (*cback)())
1510 {
1511 	char buf[BUFSIZ+1];
1512 	char *t, *p;
1513 	entry_col ecol[5];
1514 	char *cname;
1515 
1516 	struct servent	data;
1517 	char *alias;
1518 	int ctr = 0;
1519 	int retval = 1;
1520 	int rc = GENENT_OK;
1521 
1522 	/*
1523 	 * don't clobber our argument
1524 	 */
1525 	if (strlen(line) >= sizeof (buf)) {
1526 		(void) strlcpy(parse_err_msg, gettext("line too long"),
1527 		    PARSE_ERR_MSG_LEN);
1528 		return (GENENT_PARSEERR);
1529 	}
1530 	(void) strcpy(buf, line);
1531 
1532 	/*
1533 	 * clear column data
1534 	 */
1535 	(void) memset((char *)ecol, 0, sizeof (ecol));
1536 
1537 	/*
1538 	 * comment (col 4)
1539 	 */
1540 	t = strchr(buf, '#');
1541 	if (t) {
1542 		*t++ = 0;
1543 		ecol[4].ec_value.ec_value_val = t;
1544 		ecol[4].ec_value.ec_value_len = strlen(t)+1;
1545 	} else {
1546 		ecol[4].ec_value.ec_value_val = 0;
1547 		ecol[4].ec_value.ec_value_len = 0;
1548 	}
1549 
1550 	/*
1551 	 * cname(col 0)
1552 	 */
1553 	if ((t = strtok(buf, " \t")) == 0) {
1554 		(void) strlcpy(parse_err_msg, gettext("no port"),
1555 		    PARSE_ERR_MSG_LEN);
1556 		return (GENENT_PARSEERR);
1557 	}
1558 	ecol[0].ec_value.ec_value_val = t;
1559 	ecol[0].ec_value.ec_value_len = strlen(t)+1;
1560 	cname = t;
1561 
1562 	/*
1563 	 * port (col 3)
1564 	 */
1565 	if ((t = strtok(NULL, " \t")) == 0) {
1566 		(void) strlcpy(parse_err_msg, gettext("no protocol"),
1567 		    PARSE_ERR_MSG_LEN);
1568 		return (GENENT_PARSEERR);
1569 	}
1570 	if ((p = strchr(t, '/')) == 0) {
1571 		(void) strlcpy(parse_err_msg, gettext("bad port/proto"),
1572 		    PARSE_ERR_MSG_LEN);
1573 		return (GENENT_PARSEERR);
1574 	}
1575 	*(p++) = 0;
1576 	ecol[3].ec_value.ec_value_val = t;
1577 	ecol[3].ec_value.ec_value_len = strlen(t)+1;
1578 
1579 	/*
1580 	 * proto (col 2)
1581 	 */
1582 	ecol[2].ec_value.ec_value_val = p;
1583 	ecol[2].ec_value.ec_value_len = strlen(p)+1;
1584 
1585 
1586 	/*
1587 	 * build entry
1588 	 */
1589 
1590 	data.s_name = strdup(ecol[0].ec_value.ec_value_val);
1591 	data.s_proto = strdup(ecol[2].ec_value.ec_value_val);
1592 
1593 	if (ecol[3].ec_value.ec_value_val != NULL &&
1594 	    ecol[3].ec_value.ec_value_val[0] != '\0') {
1595 
1596 		data.s_port = ascii_to_int(ecol[3].ec_value.ec_value_val);
1597 		if (data.s_port == -1) {
1598 			(void) snprintf(parse_err_msg, sizeof (parse_err_msg),
1599 			    gettext("invalid port number: %s"),
1600 			    ecol[3].ec_value.ec_value_val);
1601 		return (GENENT_PARSEERR);
1602 		}
1603 	} else
1604 		data.s_port = -1;
1605 
1606 	/*
1607 	 * name (col 1)
1608 	 */
1609 	t = cname;
1610 	data.s_aliases = NULL;
1611 
1612 	do {
1613 		/*
1614 		 * don't clobber comment in canonical entry
1615 		 */
1616 		if (t != cname && strcasecmp(t, cname) == 0)
1617 			continue;
1618 		if (strcasecmp(t, ecol[0].ec_value.ec_value_val) == 0)
1619 			continue;
1620 
1621 		ecol[1].ec_value.ec_value_val = t;
1622 		ecol[1].ec_value.ec_value_len = strlen(t)+1;
1623 
1624 		ctr++;
1625 		alias = strdup(ecol[1].ec_value.ec_value_val);
1626 		if ((data.s_aliases = (char **)realloc(data.s_aliases,
1627 		    ctr * sizeof (char **))) == NULL) {
1628 			(void) fprintf(stderr, gettext("out of memory\n"));
1629 			exit(1);
1630 		}
1631 		data.s_aliases[ctr-1] = alias;
1632 
1633 		/*
1634 		 * only put comment in canonical entry
1635 		 */
1636 		ecol[4].ec_value.ec_value_val = 0;
1637 		ecol[4].ec_value.ec_value_len = 0;
1638 
1639 	} while (t = strtok(NULL, " \t"));
1640 
1641 	/* End the list of all the aliases by NULL */
1642 	if ((data.s_aliases = (char **)realloc(data.s_aliases,
1643 	    (ctr + 1) * sizeof (char **))) == NULL) {
1644 		(void) fprintf(stderr, gettext("out of memory\n"));
1645 		exit(1);
1646 	}
1647 	data.s_aliases[ctr] = NULL;
1648 
1649 	if (flags & F_VERBOSE)
1650 		(void) fprintf(stdout,
1651 		    gettext("Adding entry : %s\n"), line);
1652 
1653 	retval = (*cback)(&data, 0);
1654 
1655 	if (retval == LDAP_ALREADY_EXISTS) {
1656 		if (continue_onerror)
1657 			(void) fprintf(stderr, gettext(
1658 			    "Entry: cn=%s+ipServiceProtocol=%s"
1659 			    " already Exists, skipping it.\n"),
1660 			    data.s_name, data.s_proto);
1661 		else {
1662 			rc = GENENT_CBERR;
1663 			(void) fprintf(stderr,
1664 			    gettext("Entry: cn=%s+ipServiceProtocol=%s"
1665 			    " - already Exists\n"),
1666 			    data.s_name, data.s_proto);
1667 		}
1668 	} else if (retval)
1669 		rc = GENENT_CBERR;
1670 
1671 	free(data.s_name);
1672 	free(data.s_proto);
1673 	free(data.s_aliases);
1674 
1675 	return (rc);
1676 }
1677 
1678 
1679 
1680 static void
dump_services(ns_ldap_result_t * res)1681 dump_services(ns_ldap_result_t *res)
1682 {
1683 	ns_ldap_attr_t	*attrptr = NULL, *cn = NULL, *port = NULL;
1684 	ns_ldap_attr_t	*protocol = NULL;
1685 	int		i, j, len;
1686 	char		*name; /* service name */
1687 
1688 	/*
1689 	 * cn can have multiple values.(service name and its aliases)
1690 	 * In order to support RFC 2307, section 5.5, ipserviceprotocol  can
1691 	 * have multiple values too.
1692 	 * The output format should look like
1693 	 *
1694 	 * test		2345/udp mytest
1695 	 * test		2345/tcp mytest
1696 	 */
1697 	if (res == NULL || res->entry == NULL)
1698 		return;
1699 	for (i = 0; i < res->entry->attr_count; i++) {
1700 		attrptr = res->entry->attr_pair[i];
1701 		if (strcasecmp(attrptr->attrname, "cn") == 0)
1702 			cn = attrptr;
1703 		else if (strcasecmp(attrptr->attrname, "ipServicePort") == 0)
1704 			port = attrptr;
1705 		else if (strcasecmp(attrptr->attrname,
1706 		    "ipServiceProtocol") == 0)
1707 			protocol = attrptr;
1708 	}
1709 	/* sanity check */
1710 	if (cn == NULL || cn->attrvalue == NULL || cn->attrvalue[0] == NULL ||
1711 	    port == NULL || port->attrvalue == NULL ||
1712 	    port->attrvalue[0] == NULL || protocol == NULL ||
1713 	    protocol->attrvalue == NULL || protocol->attrvalue[0] == NULL)
1714 		return;
1715 
1716 	if ((name = __s_api_get_canonical_name(res->entry, cn, 1)) == NULL)
1717 		return;
1718 	for (i = 0; i < protocol->value_count; i++) {
1719 		if (protocol->attrvalue[i] == NULL)
1720 			return;
1721 		/* service name */
1722 		(void) fprintf(stdout, "%-16s", name);
1723 
1724 		/* port & protocol */
1725 		(void) fprintf(stdout, "%s/%s%n", port->attrvalue[0],
1726 		    protocol->attrvalue[i], &len);
1727 
1728 		if (len < 8)
1729 			(void) fprintf(stdout, "\t\t");
1730 		else
1731 			(void) fprintf(stdout, "\t");
1732 
1733 		/* aliases */
1734 		for (j = 0; j < cn->value_count; j++) {
1735 			if (cn->attrvalue[j]) {
1736 				if (strcasecmp(name, cn->attrvalue[j]) == 0)
1737 					/* skip service name */
1738 					continue;
1739 				(void) fprintf(stdout, "%s ", cn->attrvalue[j]);
1740 			}
1741 		}
1742 
1743 		/* end of line */
1744 		(void) fprintf(stdout, "\n");
1745 	}
1746 }
1747 
1748 
1749 /*
1750  * /etc/group
1751  */
1752 
1753 static int
genent_group(char * line,int (* cback)())1754 genent_group(char *line, int (*cback)())
1755 {
1756 	char buf[BIGBUF+1];
1757 	char *s, *t;
1758 	entry_col ecol[5];
1759 
1760 	struct group	data;
1761 	int ctr = 0;
1762 	int retval = 1;
1763 	int rc = GENENT_OK;
1764 
1765 	/*
1766 	 * don't clobber our argument
1767 	 */
1768 	if (strlen(line) >= sizeof (buf)) {
1769 		(void) strlcpy(parse_err_msg, gettext("line too long"),
1770 		    PARSE_ERR_MSG_LEN);
1771 		return (GENENT_PARSEERR);
1772 	}
1773 	(void) strcpy(buf, line);
1774 	t = buf;
1775 
1776 	/* ignore empty entries */
1777 	if (*t == '\0')
1778 		return (GENENT_OK);
1779 
1780 	/*
1781 	 * clear column data
1782 	 */
1783 	(void) memset((char *)ecol, 0, sizeof (ecol));
1784 
1785 	/*
1786 	 * name (col 0)
1787 	 */
1788 	if ((s = strchr(t, ':')) == 0) {
1789 		(void) strlcpy(parse_err_msg, gettext("no passwd"),
1790 		    PARSE_ERR_MSG_LEN);
1791 		return (GENENT_PARSEERR);
1792 	}
1793 	*s++ = 0;
1794 	ecol[0].ec_value.ec_value_val = t;
1795 	ecol[0].ec_value.ec_value_len = strlen(t)+1;
1796 	t = s;
1797 
1798 	/*
1799 	 * passwd (col 1)
1800 	 */
1801 	if ((s = strchr(t, ':')) == 0) {
1802 		(void) strlcpy(parse_err_msg, gettext("no gid"),
1803 		    PARSE_ERR_MSG_LEN);
1804 		return (GENENT_PARSEERR);
1805 	}
1806 	*s++ = 0;
1807 	ecol[1].ec_value.ec_value_val = t;
1808 	ecol[1].ec_value.ec_value_len = strlen(t)+1;
1809 	t = s;
1810 
1811 
1812 	/*
1813 	 * gid (col 2)
1814 	 */
1815 	if ((s = strchr(t, ':')) == 0 || s == t) {
1816 		(void) strlcpy(parse_err_msg, gettext("no members"),
1817 		    PARSE_ERR_MSG_LEN);
1818 		return (GENENT_PARSEERR);
1819 	}
1820 	*s++ = 0;
1821 	ecol[2].ec_value.ec_value_val = t;
1822 	ecol[2].ec_value.ec_value_len = strlen(t)+1;
1823 	t = s;
1824 
1825 	/*
1826 	 * members (col 3)
1827 	 */
1828 	ecol[3].ec_value.ec_value_val = t;
1829 	ecol[3].ec_value.ec_value_len = strlen(t)+1;
1830 
1831 
1832 	/*
1833 	 * build entry
1834 	 */
1835 	data.gr_name = strdup(ecol[0].ec_value.ec_value_val);
1836 	data.gr_passwd = strdup(ecol[1].ec_value.ec_value_val);
1837 	if (ecol[2].ec_value.ec_value_val != NULL &&
1838 	    ecol[2].ec_value.ec_value_val[0] != '\0') {
1839 
1840 		data.gr_gid = ascii_to_int(ecol[2].ec_value.ec_value_val);
1841 		if (data.gr_gid == (uid_t)-1) {
1842 			(void) snprintf(parse_err_msg, sizeof (parse_err_msg),
1843 			    gettext("invalid group id: %s"),
1844 			    ecol[2].ec_value.ec_value_val);
1845 		return (GENENT_PARSEERR);
1846 		}
1847 	} else
1848 		data.gr_gid = (uid_t)-1;
1849 
1850 	data.gr_mem = NULL;
1851 
1852 	/* Compute maximum amount of members */
1853 	s = t;
1854 	while (s = strchr(s, ',')) {
1855 		s++;
1856 		ctr++;
1857 	}
1858 
1859 	/* Allocate memory for all members */
1860 	data.gr_mem = calloc(ctr + 2, sizeof (char **));
1861 	if (data.gr_mem == NULL) {
1862 		(void) fprintf(stderr, gettext("out of memory\n"));
1863 		exit(1);
1864 	}
1865 
1866 	ctr = 0;
1867 	while (s = strchr(t, ',')) {
1868 
1869 		*s++ = 0;
1870 		ecol[3].ec_value.ec_value_val = t;
1871 		t = s;
1872 		/* Send to server only non empty member names */
1873 		if (strlen(ecol[3].ec_value.ec_value_val) != 0)
1874 			data.gr_mem[ctr++] = ecol[3].ec_value.ec_value_val;
1875 	}
1876 
1877 	/* Send to server only non empty member names */
1878 	if (strlen(t) != 0)
1879 		data.gr_mem[ctr++] = t;
1880 
1881 	/* Array of members completed, finished by NULL, see calloc() */
1882 
1883 	if (flags & F_VERBOSE)
1884 		(void) fprintf(stdout,
1885 		    gettext("Adding entry : %s\n"), data.gr_name);
1886 
1887 	retval = (*cback)(&data, 0);
1888 
1889 	if (retval == LDAP_ALREADY_EXISTS) {
1890 		if (continue_onerror)
1891 			(void) fprintf(stderr,
1892 			    gettext("Entry: %s - already Exists,"
1893 			    " skipping it.\n"), data.gr_name);
1894 		else {
1895 			rc = GENENT_CBERR;
1896 			(void) fprintf(stderr,
1897 			    gettext("Entry: %s - already Exists\n"),
1898 			    data.gr_name);
1899 		}
1900 	} else if (retval)
1901 		rc = GENENT_CBERR;
1902 
1903 	free(data.gr_name);
1904 	free(data.gr_passwd);
1905 	free(data.gr_mem);
1906 
1907 	return (rc);
1908 }
1909 
1910 static void
dump_group(ns_ldap_result_t * res)1911 dump_group(ns_ldap_result_t *res)
1912 {
1913 	char    **value = NULL;
1914 	char	pnam[256];
1915 	int	attr_count = 0;
1916 
1917 	value = __ns_ldap_getAttr(res->entry, "cn");
1918 	if (value && value[0])
1919 		(void) fprintf(stdout, "%s:", value[0]);
1920 	value = __ns_ldap_getAttr(res->entry, "userPassword");
1921 	if (value == NULL || value[0] == NULL)
1922 		(void) fprintf(stdout, "*:");
1923 	else {
1924 		(void) strcpy(pnam, value[0]);
1925 		if (strncasecmp(value[0], "{crypt}", 7) == 0)
1926 			(void) fprintf(stdout, "%s:", (pnam+7));
1927 		else
1928 			(void) fprintf(stdout, "*:");
1929 	}
1930 	value = __ns_ldap_getAttr(res->entry, "gidNumber");
1931 	if (value && value[0])
1932 		(void) fprintf(stdout, "%s:", value[0]);
1933 
1934 	value = __ns_ldap_getAttr(res->entry, "memberUid");
1935 	if (value != NULL && value[0] != NULL) {
1936 		while (value[attr_count] != NULL) {
1937 			if (value[attr_count+1] == NULL)
1938 				(void) fprintf(stdout, "%s", value[attr_count]);
1939 			else
1940 				(void) fprintf(stdout, "%s,",
1941 				    value[attr_count]);
1942 			attr_count++;
1943 		}
1944 		(void) fprintf(stdout, "\n");
1945 	}
1946 	else
1947 		(void) fprintf(stdout, "\n");
1948 }
1949 
1950 
1951 
1952 
1953 
1954 /*
1955  * /etc/ethers
1956  */
1957 
1958 static int
genent_ethers(char * line,int (* cback)())1959 genent_ethers(char *line, int (*cback)())
1960 {
1961 	char buf[BUFSIZ+1];
1962 	char *t;
1963 	entry_col ecol[3];
1964 	int retval = 1;
1965 	struct _ns_ethers	data;
1966 	int rc = GENENT_OK;
1967 
1968 	/*
1969 	 * don't clobber our argument
1970 	 */
1971 	if (strlen(line) >= sizeof (buf)) {
1972 		(void) strlcpy(parse_err_msg, gettext("line too long"),
1973 		    PARSE_ERR_MSG_LEN);
1974 		return (GENENT_PARSEERR);
1975 	}
1976 	(void) strcpy(buf, line);
1977 
1978 	/*
1979 	 * clear column data
1980 	 */
1981 	(void) memset((char *)ecol, 0, sizeof (ecol));
1982 
1983 	/*
1984 	 * comment (col 2)
1985 	 */
1986 	t = strchr(buf, '#');
1987 	if (t) {
1988 		*t++ = 0;
1989 		ecol[2].ec_value.ec_value_val = t;
1990 		ecol[2].ec_value.ec_value_len = strlen(t)+1;
1991 	} else {
1992 		ecol[2].ec_value.ec_value_val = 0;
1993 		ecol[2].ec_value.ec_value_len = 0;
1994 	}
1995 
1996 	/*
1997 	 * addr(col 0)
1998 	 */
1999 	if ((t = strtok(buf, " \t")) == 0) {
2000 		(void) strlcpy(parse_err_msg, gettext("no name"),
2001 		    PARSE_ERR_MSG_LEN);
2002 		return (GENENT_PARSEERR);
2003 	}
2004 	ecol[0].ec_value.ec_value_val = t;
2005 	ecol[0].ec_value.ec_value_len = strlen(t)+1;
2006 
2007 	/*
2008 	 * name(col 1)
2009 	 */
2010 	if ((t = strtok(NULL, " \t")) == 0) {
2011 		(void) strlcpy(parse_err_msg,
2012 		    gettext("no white space allowed in name"),
2013 		    PARSE_ERR_MSG_LEN);
2014 		return (GENENT_PARSEERR);
2015 	}
2016 	ecol[1].ec_value.ec_value_val = t;
2017 	ecol[1].ec_value.ec_value_len = strlen(t)+1;
2018 
2019 
2020 	/*
2021 	 * build entry
2022 	 */
2023 
2024 	data.ether = strdup(ecol[0].ec_value.ec_value_val);
2025 	data.name  = strdup(ecol[1].ec_value.ec_value_val);
2026 
2027 
2028 	if (flags & F_VERBOSE)
2029 		(void) fprintf(stdout,
2030 		    gettext("Adding entry : %s\n"), data.name);
2031 
2032 	retval = (*cback)(&data, 0);
2033 
2034 	if (retval == LDAP_ALREADY_EXISTS) {
2035 		if (continue_onerror)
2036 			(void) fprintf(stderr,
2037 			    gettext("Entry: %s - already Exists,"
2038 			    " skipping it.\n"), data.name);
2039 		else {
2040 			rc = GENENT_CBERR;
2041 			(void) fprintf(stderr,
2042 			    gettext("Entry: %s - already Exists\n"),
2043 			    data.name);
2044 		}
2045 	} else if (retval)
2046 		rc = GENENT_CBERR;
2047 
2048 	free(data.ether);
2049 	free(data.name);
2050 
2051 	return (rc);
2052 }
2053 
2054 
2055 static void
dump_ethers(ns_ldap_result_t * res)2056 dump_ethers(ns_ldap_result_t *res)
2057 {
2058 	char	**value = NULL;
2059 
2060 	value = __ns_ldap_getAttr(res->entry, "macAddress");
2061 	if (value && value[0])
2062 		(void) fprintf(stdout, "%s", value[0]);
2063 	else
2064 		return;
2065 	value = __ns_ldap_getAttr(res->entry, "cn");
2066 	if (value && value[0])
2067 		(void) fprintf(stdout, "	%s\n", value[0]);
2068 }
2069 
2070 static int
genent_aliases(char * line,int (* cback)())2071 genent_aliases(char *line, int (*cback)())
2072 {
2073 	char buf[BUFSIZ+1];
2074 	char *t, *aliases;
2075 	char *cname;
2076 	int ctr = 0;
2077 	int retval = 1;
2078 	int i;
2079 
2080 	struct _ns_alias data;
2081 	char *alias;
2082 	int rc = GENENT_OK;
2083 
2084 	/*
2085 	 * don't clobber our argument
2086 	 */
2087 	if (strlen(line) >= sizeof (buf)) {
2088 		(void) strlcpy(parse_err_msg, gettext("line too long"),
2089 		    PARSE_ERR_MSG_LEN);
2090 		return (GENENT_PARSEERR);
2091 	}
2092 
2093 	(void) strcpy(buf, line);
2094 
2095 	if ((t = strchr(buf, ':')) == 0) {
2096 		(void) strlcpy(parse_err_msg, gettext("no alias name"),
2097 		    PARSE_ERR_MSG_LEN);
2098 		return (GENENT_PARSEERR);
2099 	}
2100 
2101 	t[0] = '\0';
2102 	if ((++t)[0] == '\0') {
2103 		(void) strlcpy(parse_err_msg, gettext("no alias value"),
2104 		    PARSE_ERR_MSG_LEN);
2105 		return (GENENT_PARSEERR);
2106 	}
2107 
2108 	cname = buf;
2109 	aliases = t;
2110 
2111 	/* build entry */
2112 	data.alias = strdup(cname);
2113 	if (!data.alias) {
2114 		(void) fprintf(stderr, gettext("out of memory\n"));
2115 		exit(1);
2116 	}
2117 
2118 	data.member = NULL;
2119 	t = strtok(aliases, ",");
2120 	do {
2121 		ctr++;
2122 		while (t[0] == ' ')
2123 			t++;
2124 		alias = strdup(t);
2125 		if ((alias == NULL) ||
2126 		    ((data.member = (char **)realloc(data.member,
2127 		    (ctr + 1) * sizeof (char **))) == NULL)) {
2128 			(void) fprintf(stderr, gettext("out of memory\n"));
2129 			exit(1);
2130 		}
2131 		data.member[ctr-1] = alias;
2132 
2133 	} while (t = strtok(NULL, ","));
2134 
2135 	data.member[ctr] = NULL;
2136 
2137 	if (flags & F_VERBOSE)
2138 		(void) fprintf(stdout,
2139 		    gettext("Adding entry : %s\n"), data.alias);
2140 
2141 	retval = (*cback)(&data, 0);
2142 
2143 	if (retval == LDAP_ALREADY_EXISTS) {
2144 		if (continue_onerror)
2145 			(void) fprintf(stderr,
2146 			    gettext("Entry: %s - already Exists,"
2147 			    " skipping it.\n"), data.alias);
2148 		else {
2149 			rc = GENENT_CBERR;
2150 			(void) fprintf(stderr,
2151 			    gettext("Entry: %s - already Exists\n"),
2152 			    data.alias);
2153 		}
2154 	} else if (retval)
2155 		rc = GENENT_CBERR;
2156 
2157 	free(data.alias);
2158 	i = 0;
2159 	while (data.member[i])
2160 		free(data.member[i++]);
2161 	free(data.member);
2162 
2163 	return (rc);
2164 }
2165 
2166 
2167 static void
dump_aliases(ns_ldap_result_t * res)2168 dump_aliases(ns_ldap_result_t *res)
2169 {
2170 
2171 	char	**value = NULL;
2172 	int		attr_count = 0;
2173 
2174 	value = __ns_ldap_getAttr(res->entry, "mail");
2175 	if (value && value[0])
2176 		(void) fprintf(stdout, "%s:", value[0]);
2177 	value = __ns_ldap_getAttr(res->entry, "mgrpRFC822MailMember");
2178 	if (value != NULL)
2179 		while (value[attr_count] != NULL) {
2180 			(void) fprintf(stdout, "%s,", value[attr_count]);
2181 			attr_count++;
2182 		}
2183 	(void) fprintf(stdout, "\n");
2184 
2185 }
2186 
2187 /*
2188  * /etc/publickey
2189  */
2190 
2191 static char *h_errno2str(int h_errno);
2192 
2193 static int
genent_publickey(char * line,int (* cback)())2194 genent_publickey(char *line, int (*cback)())
2195 {
2196 	char buf[BUFSIZ+1], tmpbuf[BUFSIZ+1], cname[BUFSIZ+1];
2197 	char *t, *p, *tmppubkey, *tmpprivkey;
2198 	entry_col ecol[3];
2199 	int buflen, uid, retval = 1, errnum = 0;
2200 	struct passwd *pwd;
2201 	char auth_type[BUFSIZ+1], *dot;
2202 	keylen_t keylen;
2203 	algtype_t algtype;
2204 	struct _ns_pubkey data;
2205 	struct hostent *hp;
2206 	struct in_addr in;
2207 	struct in6_addr in6;
2208 	char abuf[INET6_ADDRSTRLEN];
2209 
2210 	/*
2211 	 * don't clobber our argument
2212 	 */
2213 	if (strlen(line) >= sizeof (buf)) {
2214 		(void) strlcpy(parse_err_msg, gettext("line too long"),
2215 		    PARSE_ERR_MSG_LEN);
2216 		return (GENENT_PARSEERR);
2217 	}
2218 	(void) strcpy(buf, line);
2219 
2220 	/*
2221 	 * clear column data
2222 	 */
2223 	(void) memset((char *)ecol, 0, sizeof (ecol));
2224 
2225 	if ((t = strtok(buf, " \t")) == 0) {
2226 		(void) strlcpy(parse_err_msg, gettext("no cname"),
2227 		    PARSE_ERR_MSG_LEN);
2228 		return (GENENT_PARSEERR);
2229 	}
2230 
2231 	/*
2232 	 * Special case:  /etc/publickey usually has an entry
2233 	 * for principal "nobody".  We skip it.
2234 	 */
2235 	if (strcmp(t, "nobody") == 0)
2236 		return (GENENT_OK);
2237 
2238 	/*
2239 	 * cname (col 0)
2240 	 */
2241 	if (strncmp(t, "unix.", 5)) {
2242 		(void) strlcpy(parse_err_msg, gettext("bad cname"),
2243 		    PARSE_ERR_MSG_LEN);
2244 		return (GENENT_PARSEERR);
2245 	}
2246 	(void) strcpy(tmpbuf, &(t[5]));
2247 	if ((p = strchr(tmpbuf, '@')) == 0) {
2248 		(void) strlcpy(parse_err_msg, gettext("bad cname"),
2249 		    PARSE_ERR_MSG_LEN);
2250 		return (GENENT_PARSEERR);
2251 	}
2252 	*(p++) = 0;
2253 	if (isdigit(*tmpbuf)) {
2254 
2255 		uid = atoi(tmpbuf);
2256 		/*
2257 		 * don't generate entries for uids without passwd entries
2258 		 */
2259 		if ((pwd = getpwuid(uid)) == 0) {
2260 			(void) fprintf(stderr,
2261 			gettext("can't map uid %d to username, skipping\n"),
2262 			    uid);
2263 			return (GENENT_OK);
2264 		}
2265 		(void) strcpy(cname, pwd->pw_name);
2266 		data.hostcred = NS_HOSTCRED_FALSE;
2267 	} else {
2268 		if ((hp = getipnodebyname(tmpbuf, AF_INET6,
2269 		    AI_ALL | AI_V4MAPPED, &errnum)) == NULL) {
2270 			(void) fprintf(stderr,
2271 			    gettext("can't map hostname %s to hostaddress, "
2272 			    "errnum %d %s skipping\n"), tmpbuf, errnum,
2273 			    h_errno2str(errnum));
2274 			return (GENENT_OK);
2275 		}
2276 		(void) memcpy((char *)&in6.s6_addr, hp->h_addr_list[0],
2277 		    hp->h_length);
2278 		if (IN6_IS_ADDR_V4MAPPED(&in6) ||
2279 		    IN6_IS_ADDR_V4COMPAT(&in6)) {
2280 			IN6_V4MAPPED_TO_INADDR(&in6, &in);
2281 			if (inet_ntop(AF_INET, (const void *)&in, abuf,
2282 			    INET6_ADDRSTRLEN) == NULL) {
2283 				(void) fprintf(stderr,
2284 				    gettext("can't convert IPV4 address of"
2285 				    " hostname %s to string, "
2286 				    "skipping\n"), tmpbuf);
2287 					return (GENENT_OK);
2288 			}
2289 		} else {
2290 			if (inet_ntop(AF_INET6, (const void *)&in6, abuf,
2291 			    INET6_ADDRSTRLEN) == NULL) {
2292 				(void) fprintf(stderr,
2293 				    gettext("can't convert IPV6 address of"
2294 				    " hostname %s to string, "
2295 				    "skipping\n"), tmpbuf);
2296 					return (GENENT_OK);
2297 			}
2298 		}
2299 		data.hostcred = NS_HOSTCRED_TRUE;
2300 		/*
2301 		 * tmpbuf could be an alias, use hp->h_name instead.
2302 		 * hp->h_name is in FQDN format, so extract 1st field.
2303 		 */
2304 		if ((dot = strchr(hp->h_name, '.')) != NULL)
2305 			*dot = '\0';
2306 		(void) snprintf(cname, sizeof (cname),
2307 		    "%s+ipHostNumber=%s", hp->h_name, abuf);
2308 		if (dot)
2309 			*dot = '.';
2310 	}
2311 
2312 	ecol[0].ec_value.ec_value_val = cname;
2313 	ecol[0].ec_value.ec_value_len = strlen(cname)+1;
2314 
2315 	/*
2316 	 * public_data (col 1)
2317 	 */
2318 	if ((t = strtok(NULL, " \t")) == 0) {
2319 		(void) strlcpy(parse_err_msg, gettext("no private_data"),
2320 		    PARSE_ERR_MSG_LEN);
2321 		return (GENENT_PARSEERR);
2322 	}
2323 	if ((p = strchr(t, ':')) == 0) {
2324 		(void) strlcpy(parse_err_msg, gettext("bad public_data"),
2325 		    PARSE_ERR_MSG_LEN);
2326 		return (GENENT_PARSEERR);
2327 	}
2328 	*(p++) = 0;
2329 	ecol[1].ec_value.ec_value_val = t;
2330 	ecol[1].ec_value.ec_value_len = strlen(t)+1;
2331 	keylen = (strlen(t) / 2) * 8;
2332 
2333 	/*
2334 	 * private_data (col 2) and algtype extraction
2335 	 */
2336 	if (*p == ':')
2337 		p++;
2338 	t = p;
2339 	if (!(t = strchr(t, ':'))) {
2340 		(void) fprintf(stderr,
2341 		    gettext("WARNING: No algorithm type data found "
2342 		    "in publickey file, assuming 0\n"));
2343 		algtype = 0;
2344 	} else {
2345 		*t = '\0';
2346 		t++;
2347 		algtype = atoi(t);
2348 	}
2349 	ecol[2].ec_value.ec_value_val = p;
2350 	ecol[2].ec_value.ec_value_len = strlen(p)+1;
2351 
2352 	/*
2353 	 * auth_type (col 1)
2354 	 */
2355 	if (AUTH_DES_KEY(keylen, algtype))
2356 		/*
2357 		 * {DES} and {DH192-0} means same thing.
2358 		 * However, nisplus uses "DES" and ldap uses "DH192-0"
2359 		 * internally.
2360 		 * See newkey(8), __nis_mechalias2authtype() which is
2361 		 * called by __nis_keyalg2authtype() and getkey_ldap_g()
2362 		 */
2363 		(void) strlcpy(auth_type, "DH192-0", BUFSIZ+1);
2364 	else if (!(__nis_keyalg2authtype(keylen, algtype, auth_type,
2365 	    MECH_MAXATNAME))) {
2366 		(void) fprintf(stderr,
2367 		    gettext("Could not convert algorithm type to "
2368 		    "corresponding auth type string\n"));
2369 		return (GENENT_ERR);
2370 	}
2371 
2372 	/*
2373 	 * build entry
2374 	 */
2375 	data.name = strdup(ecol[0].ec_value.ec_value_val);
2376 	if (data.name == NULL) {
2377 		(void) fprintf(stderr, gettext("out of memory\n"));
2378 		exit(1);
2379 	}
2380 
2381 	buflen = sizeof (auth_type) + strlen(ecol[1].ec_value.ec_value_val) + 3;
2382 	if ((tmppubkey = (char *)malloc(buflen)) == NULL) {
2383 		(void) fprintf(stderr, gettext("out of memory\n"));
2384 		exit(1);
2385 	}
2386 	(void) snprintf(tmppubkey, buflen, "{%s}%s", auth_type,
2387 	    ecol[1].ec_value.ec_value_val);
2388 	data.pubkey = tmppubkey;
2389 
2390 	buflen = sizeof (auth_type) + strlen(ecol[2].ec_value.ec_value_val) + 3;
2391 	if ((tmpprivkey = (char *)malloc(buflen)) == NULL) {
2392 		(void) fprintf(stderr, gettext("out of memory\n"));
2393 		exit(1);
2394 	}
2395 
2396 	(void) snprintf(tmpprivkey, buflen, "{%s}%s", auth_type,
2397 	    ecol[2].ec_value.ec_value_val);
2398 	data.privkey = tmpprivkey;
2399 
2400 	retval = (*cback)(&data, 1);
2401 	if (retval != NS_LDAP_SUCCESS) {
2402 		if (retval == LDAP_NO_SUCH_OBJECT) {
2403 			if (data.hostcred == NS_HOSTCRED_TRUE)
2404 				(void) fprintf(stdout,
2405 				    gettext("Cannot add publickey entry"" (%s),"
2406 				    " add host entry first\n"),
2407 				    tmpbuf);
2408 			else
2409 				(void) fprintf(stdout,
2410 				    gettext("Cannot add publickey entry (%s), "
2411 				    "add passwd entry first\n"),
2412 				    data.name);
2413 		}
2414 		if (continue_onerror == 0)
2415 			return (GENENT_CBERR);
2416 	}
2417 
2418 	free(data.name);
2419 	free(data.pubkey);
2420 	free(data.privkey);
2421 	return (GENENT_OK);
2422 }
2423 
2424 static void
dump_publickey(ns_ldap_result_t * res,char * container)2425 dump_publickey(ns_ldap_result_t *res, char *container)
2426 {
2427 	char	**value = NULL;
2428 	char	buf[BUFSIZ];
2429 	char	domainname[BUFSIZ];
2430 	char	*pubptr, *prvptr;
2431 
2432 	if (res == NULL)
2433 		return;
2434 
2435 	if (sysinfo(SI_SRPC_DOMAIN, domainname, BUFSIZ) < 0) {
2436 		(void) fprintf(stderr,
2437 		    gettext("could not obtain domainname\n"));
2438 		exit(1);
2439 	}
2440 
2441 	/*
2442 	 * Retrieve all the attributes, but don't print
2443 	 * until we have all the required ones.
2444 	 */
2445 
2446 	if (strcmp(container, "passwd") == 0)
2447 		value = __ns_ldap_getAttr(res->entry, "uidNumber");
2448 	else
2449 		value = __ns_ldap_getAttr(res->entry, "cn");
2450 
2451 	if (value && value[0])
2452 		(void) snprintf(buf, sizeof (buf), "unix.%s@%s",
2453 		    value[0], domainname);
2454 	else
2455 		return;
2456 
2457 	value = __ns_ldap_getAttr(res->entry, "nisPublickey");
2458 	if (value != NULL && value[0] != NULL) {
2459 		if ((pubptr = strchr(value[0], '}')) == NULL)
2460 			return;
2461 	}
2462 
2463 	value = __ns_ldap_getAttr(res->entry, "nisSecretkey");
2464 	if (value != NULL && value[0] != NULL)
2465 		if ((prvptr = strchr(value[0], '}')) == NULL)
2466 			return;
2467 
2468 	/* print the attributes, algorithm type is always 0 */
2469 	(void) fprintf(stdout, "%s	%s:%s:0\n", buf, ++pubptr, ++prvptr);
2470 }
2471 
2472 
2473 
2474 /*
2475  * /etc/netmasks
2476  */
2477 
2478 static int
genent_netmasks(char * line,int (* cback)())2479 genent_netmasks(char *line, int (*cback)())
2480 {
2481 	char buf[BUFSIZ+1];
2482 	char *t;
2483 	entry_col ecol[3];
2484 	int retval;
2485 
2486 	struct _ns_netmasks data;
2487 
2488 
2489 	/*
2490 	 * don't clobber our argument
2491 	 */
2492 	if (strlen(line) >= sizeof (buf)) {
2493 		(void) strlcpy(parse_err_msg, gettext("line too long"),
2494 		    PARSE_ERR_MSG_LEN);
2495 		return (GENENT_PARSEERR);
2496 	}
2497 	(void) strcpy(buf, line);
2498 
2499 	/*
2500 	 * clear column data
2501 	 */
2502 	(void) memset((char *)ecol, 0, sizeof (ecol));
2503 
2504 	/*
2505 	 * comment (col 2)
2506 	 */
2507 	t = strchr(buf, '#');
2508 	if (t) {
2509 		*t++ = 0;
2510 		ecol[2].ec_value.ec_value_val = t;
2511 		ecol[2].ec_value.ec_value_len = strlen(t)+1;
2512 	} else {
2513 		ecol[2].ec_value.ec_value_val = 0;
2514 		ecol[2].ec_value.ec_value_len = 0;
2515 	}
2516 
2517 	/*
2518 	 * addr(col 0)
2519 	 */
2520 	if ((t = strtok(buf, " \t")) == 0) {
2521 		(void) strlcpy(parse_err_msg, gettext("no mask"),
2522 		    PARSE_ERR_MSG_LEN);
2523 		return (GENENT_PARSEERR);
2524 	}
2525 	ecol[0].ec_value.ec_value_val = t;
2526 	ecol[0].ec_value.ec_value_len = strlen(t)+1;
2527 
2528 	/*
2529 	 * mask (col 1)
2530 	 */
2531 	if ((t = strtok(NULL, " \t")) == 0) {
2532 		(void) strlcpy(parse_err_msg, gettext("no mask"),
2533 		    PARSE_ERR_MSG_LEN);
2534 		return (GENENT_PARSEERR);
2535 	}
2536 	ecol[1].ec_value.ec_value_val = t;
2537 	ecol[1].ec_value.ec_value_len = strlen(t)+1;
2538 
2539 	/* build entry */
2540 	data.netnumber = ecol[0].ec_value.ec_value_val;
2541 	data.netmask = ecol[1].ec_value.ec_value_val;
2542 
2543 	if (flags & F_VERBOSE)
2544 		(void) fprintf(stdout,
2545 		    gettext("Adding entry : %s\n"), data.netnumber);
2546 
2547 	retval = (*cback)(&data, 1);
2548 	if (retval != NS_LDAP_SUCCESS) {
2549 		if (retval == LDAP_NO_SUCH_OBJECT)
2550 			(void) fprintf(stdout,
2551 			    gettext("Cannot add netmask entry (%s), "
2552 			    "add network entry first\n"), data.netnumber);
2553 		if (continue_onerror == 0)
2554 			return (GENENT_CBERR);
2555 	}
2556 
2557 	return (GENENT_OK);
2558 }
2559 
2560 static void
dump_netmasks(ns_ldap_result_t * res)2561 dump_netmasks(ns_ldap_result_t *res)
2562 {
2563 	char	**value = NULL;
2564 
2565 	value = __ns_ldap_getAttr(res->entry, "ipNetworkNumber");
2566 	if (value && value[0])
2567 		(void) fprintf(stdout, "%s", value[0]);
2568 	value = __ns_ldap_getAttr(res->entry, "ipNetmaskNumber");
2569 	if (value && value[0])
2570 		(void) fprintf(stdout, "	%s\n", value[0]);
2571 }
2572 
2573 
2574 /*
2575  * /etc/netgroup
2576  * column data format is:
2577  *    col 0: netgroup name (or cname)
2578  *    col 1: netgroup member, if this is a triplet
2579  *    col 2: netgroup member, if not a triplet
2580  *    col 3: comment
2581  */
2582 
2583 static int
genent_netgroup(char * line,int (* cback)())2584 genent_netgroup(char *line, int (*cback)())
2585 {
2586 	char buf[BIGBUF+1];    /* netgroup entries tend to be big */
2587 	char *t;
2588 	char *cname = NULL;
2589 	entry_col ecol[4];
2590 	char *netg_tmp = NULL, *triplet_tmp = NULL;
2591 	int netgcount = 0, tripletcount = 0, retval = 1, i;
2592 	struct _ns_netgroups data;
2593 	int rc = GENENT_OK;
2594 
2595 	/* don't clobber our argument */
2596 	if (strlen(line) >= sizeof (buf)) {
2597 		(void) strlcpy(parse_err_msg, gettext("line too long"),
2598 		    PARSE_ERR_MSG_LEN);
2599 		return (GENENT_PARSEERR);
2600 	}
2601 	(void) strcpy(buf, line);
2602 
2603 	/* clear column data */
2604 	(void) memset((char *)ecol, 0, sizeof (ecol));
2605 
2606 	/*
2607 	 * process 1st minimal entry, to validate that there is no
2608 	 * parsing error.
2609 	 * start with comment(col 3)
2610 	 */
2611 	t = strchr(buf, '#');
2612 	if (t) {
2613 		*t++ = 0;
2614 		ecol[3].ec_value.ec_value_val = t;
2615 		ecol[3].ec_value.ec_value_len = strlen(t)+1;
2616 	} else {
2617 		ecol[3].ec_value.ec_value_val = "";
2618 		ecol[3].ec_value.ec_value_len = 0;
2619 	}
2620 
2621 	ecol[1].ec_value.ec_value_val = NULL;
2622 	ecol[2].ec_value.ec_value_val = NULL;
2623 
2624 	/* cname (col 0) */
2625 	if ((t = strtok(buf, " \t")) == 0) {
2626 		(void) strlcpy(parse_err_msg, gettext("no cname"),
2627 		    PARSE_ERR_MSG_LEN);
2628 		return (GENENT_PARSEERR);
2629 	}
2630 
2631 	ecol[0].ec_value.ec_value_val = t;
2632 	ecol[0].ec_value.ec_value_len = strlen(t)+1;
2633 	cname = t;
2634 
2635 	/* addr(col 1 and 2) */
2636 	if ((t = strtok(NULL, " \t")) == 0) {
2637 		(void) strlcpy(parse_err_msg,
2638 		    gettext("no members for netgroup"), PARSE_ERR_MSG_LEN);
2639 		return (GENENT_PARSEERR);
2640 	}
2641 
2642 	if (*t == '(') {
2643 		/* if token starts with '(' it must be a valid triplet */
2644 		if (is_triplet(t)) {
2645 			ecol[1].ec_value.ec_value_val = t;
2646 			ecol[1].ec_value.ec_value_len = strlen(t)+1;
2647 		} else {
2648 			(void) strlcpy(parse_err_msg,
2649 			    gettext("invalid triplet"), PARSE_ERR_MSG_LEN);
2650 			return (GENENT_PARSEERR);
2651 		}
2652 	} else {
2653 		ecol[2].ec_value.ec_value_val = t;
2654 		ecol[2].ec_value.ec_value_len = strlen(t)+1;
2655 	}
2656 
2657 	/*
2658 	 * now build entry.
2659 	 * start by clearing entry data
2660 	 */
2661 	(void) memset((struct _ns_netgroups *)&data, 0, sizeof (data));
2662 
2663 	data.name = strdup(ecol[0].ec_value.ec_value_val);
2664 
2665 	if (ecol[1].ec_value.ec_value_val != NULL) {
2666 		if ((data.triplet = calloc(1, sizeof (char **))) == NULL) {
2667 				(void) fprintf(stderr,
2668 				    gettext("out of memory\n"));
2669 				exit(1);
2670 		}
2671 		data.triplet[tripletcount++] =
2672 		    strdup(ecol[1].ec_value.ec_value_val);
2673 	} else if (ecol[2].ec_value.ec_value_val != NULL) {
2674 			if ((data.netgroup = calloc(1, sizeof (char **)))
2675 			    == NULL) {
2676 					(void) fprintf(stderr,
2677 				    gettext("out of memory\n"));
2678 					exit(1);
2679 			}
2680 			data.netgroup[netgcount++] =
2681 			    strdup(ecol[2].ec_value.ec_value_val);
2682 	}
2683 
2684 	/*
2685 	 * we now have a valid entry (at least 1 netgroup name and
2686 	 * 1 netgroup member), proceed with the rest of the line
2687 	 */
2688 	while (rc == GENENT_OK && (t = strtok(NULL, " \t"))) {
2689 
2690 		/* if next token is equal to netgroup name, ignore */
2691 		if (t != cname && strcasecmp(t, cname) == 0)
2692 			continue;
2693 		if (strcasecmp(t, ecol[0].ec_value.ec_value_val) == 0)
2694 			continue;
2695 
2696 		if (*t == '(') {
2697 			if (is_triplet(t)) {
2698 				/* skip a triplet if it is added already */
2699 				for (i = 0; i < tripletcount &&
2700 				    strcmp(t, data.triplet[i]); i++)
2701 					;
2702 				if (i < tripletcount)
2703 					continue;
2704 
2705 				tripletcount++;
2706 				triplet_tmp = strdup(t);
2707 				if ((data.triplet = (char **)realloc(
2708 				    data.triplet,
2709 				    tripletcount * sizeof (char **))) == NULL) {
2710 					(void) fprintf(stderr,
2711 					    gettext("out of memory\n"));
2712 					exit(1);
2713 				}
2714 				data.triplet[tripletcount-1] = triplet_tmp;
2715 			} else {
2716 				(void) strlcpy(parse_err_msg,
2717 				    gettext("invalid triplet"),
2718 				    PARSE_ERR_MSG_LEN);
2719 				rc = GENENT_PARSEERR;
2720 			}
2721 		} else {
2722 			/* skip a netgroup if it is added already */
2723 			for (i = 0; i < netgcount &&
2724 			    strcmp(t, data.netgroup[i]); i++)
2725 				;
2726 			if (i < netgcount)
2727 				continue;
2728 
2729 			netgcount++;
2730 			netg_tmp = strdup(t);
2731 			if ((data.netgroup = (char **)realloc(data.netgroup,
2732 			    netgcount * sizeof (char **))) == NULL) {
2733 				(void) fprintf(stderr,
2734 				gettext("out of memory\n"));
2735 				exit(1);
2736 			}
2737 			data.netgroup[netgcount-1] = netg_tmp;
2738 		}
2739 	}
2740 
2741 	/* End the list with NULL */
2742 	if ((data.triplet = (char **)realloc(data.triplet,
2743 	    (tripletcount + 1) * sizeof (char **))) == NULL) {
2744 		(void) fprintf(stderr, gettext("out of memory\n"));
2745 		exit(1);
2746 	}
2747 	data.triplet[tripletcount] = NULL;
2748 	if ((data.netgroup = (char **)realloc(data.netgroup,
2749 	    (netgcount + 1) * sizeof (char **))) == NULL) {
2750 		(void) fprintf(stderr, gettext("out of memory\n"));
2751 		exit(1);
2752 	}
2753 	data.netgroup[netgcount] = NULL;
2754 
2755 	if (rc == GENENT_OK) {
2756 		if (flags & F_VERBOSE)
2757 			(void) fprintf(stdout,
2758 			    gettext("Adding entry : %s\n"), data.name);
2759 
2760 		retval = (*cback)(&data, 0);
2761 
2762 		if (retval == LDAP_ALREADY_EXISTS) {
2763 			if (continue_onerror)
2764 				(void) fprintf(stderr, gettext(
2765 				    "Entry: %s - already Exists,"
2766 				    " skipping it.\n"), data.name);
2767 			else {
2768 				rc = GENENT_CBERR;
2769 				(void) fprintf(stderr,
2770 				    gettext("Entry: %s - already Exists\n"),
2771 				    data.name);
2772 			}
2773 		} else if (retval)
2774 			rc = GENENT_CBERR;
2775 	}
2776 
2777 	/* release memory allocated by strdup() */
2778 	for (i = 0; i < tripletcount; i++) {
2779 		free(data.triplet[i]);
2780 	}
2781 	for (i = 0; i < netgcount; i++) {
2782 		free(data.netgroup[i]);
2783 	}
2784 
2785 	free(data.name);
2786 	free(data.triplet);
2787 	free(data.netgroup);
2788 
2789 	return (rc);
2790 }
2791 
2792 static void
dump_netgroup(ns_ldap_result_t * res)2793 dump_netgroup(ns_ldap_result_t *res)
2794 {
2795 	char	**value = NULL;
2796 	int	attr_count = 0;
2797 
2798 	value = __ns_ldap_getAttr(res->entry, "cn");
2799 	if ((value != NULL) && (value[0] != NULL))
2800 		(void) fprintf(stdout, "%s", value[0]);
2801 	else
2802 		return;
2803 	value = __ns_ldap_getAttr(res->entry, "nisNetgroupTriple");
2804 	if (value != NULL)
2805 		while (value[attr_count] != NULL) {
2806 			(void) fprintf(stdout, " %s", value[attr_count]);
2807 			attr_count++;
2808 		}
2809 	attr_count = 0;
2810 	value = __ns_ldap_getAttr(res->entry, "memberNisNetgroup");
2811 	if (value != NULL)
2812 		while (value[attr_count] != NULL) {
2813 			(void) fprintf(stdout, " %s", value[attr_count]);
2814 			attr_count++;
2815 		}
2816 	(void) fprintf(stdout, "\n");
2817 
2818 }
2819 
2820 static int
genent_automount(char * line,int (* cback)())2821 genent_automount(char *line, int (*cback)())
2822 {
2823 	char buf[BUFSIZ+1];
2824 	char *t, *s;
2825 	entry_col ecol[2];
2826 	struct _ns_automount data;
2827 	int retval = 1;
2828 	int rc = GENENT_OK;
2829 
2830 	/*
2831 	 * don't clobber our argument
2832 	 */
2833 	if (strlen(line) >= sizeof (buf)) {
2834 		(void) strlcpy(parse_err_msg, gettext("line too long"),
2835 		    PARSE_ERR_MSG_LEN);
2836 		return (GENENT_PARSEERR);
2837 	}
2838 
2839 	/* replace every tabspace with single space */
2840 	replace_tab2space(line);
2841 	(void) strcpy(buf, line);
2842 
2843 	/*
2844 	 * clear column data
2845 	 */
2846 	(void) memset((char *)ecol, 0, sizeof (ecol));
2847 
2848 	/*
2849 	 * key (col 0)
2850 	 */
2851 	t = buf;
2852 	while (t[0] == ' ')
2853 		t++;
2854 
2855 	if ((s = strchr(t, ' ')) == 0) {
2856 		return (GENENT_PARSEERR);
2857 	}
2858 	*s++ = 0;
2859 
2860 	ecol[0].ec_value.ec_value_val = t;
2861 	ecol[0].ec_value.ec_value_len = strlen(t)+1;
2862 	t = s;
2863 
2864 	while (t[0] == ' ')
2865 		t++;
2866 
2867 	/*
2868 	 * mapentry (col 1)
2869 	 */
2870 
2871 	ecol[1].ec_value.ec_value_val = t;
2872 	ecol[1].ec_value.ec_value_len = strlen(t)+1;
2873 
2874 	data.mapname = strdup(databasetype);
2875 	data.key = strdup(ecol[0].ec_value.ec_value_val);
2876 	data.value = strdup(ecol[1].ec_value.ec_value_val);
2877 
2878 	if (flags & F_VERBOSE)
2879 		(void) fprintf(stdout,
2880 		    gettext("Adding entry : %s\n"), data.key);
2881 
2882 	retval = (*cback)(&data, 0);
2883 
2884 	if (retval == LDAP_ALREADY_EXISTS) {
2885 		if (continue_onerror)
2886 			(void) fprintf(stderr,
2887 			    gettext("Entry: %s - already Exists,"
2888 			    " skipping it.\n"), data.key);
2889 		else {
2890 			rc = GENENT_CBERR;
2891 			(void) fprintf(stderr,
2892 			    gettext("Entry: %s - already Exists\n"),
2893 			    data.key);
2894 		}
2895 	} else if (retval)
2896 		rc = GENENT_CBERR;
2897 
2898 	free(data.mapname);
2899 	free(data.key);
2900 	free(data.value);
2901 	return (rc);
2902 }
2903 
2904 static void
dump_automount(ns_ldap_result_t * res)2905 dump_automount(ns_ldap_result_t *res)
2906 {
2907 	char	**value = NULL;
2908 
2909 	if (res == NULL)
2910 		return;
2911 
2912 	value = __ns_ldap_getAttr(res->entry, "automountKey");
2913 	if (value != NULL) {
2914 		(void) fprintf(stdout, "%s", value[0]);
2915 		value = __ns_ldap_getAttr(res->entry, "automountInformation");
2916 		if (value != NULL)
2917 			(void) fprintf(stdout, "	%s\n", value[0]);
2918 		else
2919 			(void) fprintf(stdout, "\n");
2920 	}
2921 }
2922 
2923 
2924 /*
2925  * /etc/passwd
2926  *
2927  */
2928 
2929 static int
genent_passwd(char * line,int (* cback)())2930 genent_passwd(char *line, int (*cback)())
2931 {
2932 	char buf[BUFSIZ+1];
2933 	char *s, *t;
2934 	entry_col ecol[8];
2935 	int retval = 1;
2936 	char pname[BUFSIZ];
2937 
2938 	struct passwd	data;
2939 	int rc = GENENT_OK;
2940 
2941 
2942 	/*
2943 	 * don't clobber our argument
2944 	 */
2945 	if (strlen(line) >= sizeof (buf)) {
2946 		(void) strlcpy(parse_err_msg, gettext("line too long"),
2947 		    PARSE_ERR_MSG_LEN);
2948 		return (GENENT_PARSEERR);
2949 	}
2950 	(void) strcpy(buf, line);
2951 	t = buf;
2952 
2953 	/* ignore empty entries */
2954 	if (*t == '\0')
2955 		return (GENENT_OK);
2956 
2957 	/*
2958 	 * clear column data
2959 	 */
2960 	(void) memset((char *)ecol, 0, sizeof (ecol));
2961 
2962 	/*
2963 	 * name (col 0)
2964 	 */
2965 	if ((s = strchr(t, ':')) == 0) {
2966 		(void) strlcpy(parse_err_msg, gettext("no password"),
2967 		    PARSE_ERR_MSG_LEN);
2968 		return (GENENT_PARSEERR);
2969 	}
2970 	*s++ = 0;
2971 	ecol[0].ec_value.ec_value_val = t;
2972 	ecol[0].ec_value.ec_value_len = strlen(t)+1;
2973 	t = s;
2974 
2975 	/*
2976 	 * passwd (col 1)
2977 	 */
2978 	if ((s = strchr(t, ':')) == 0) {
2979 		(void) strlcpy(parse_err_msg, gettext("no uid"),
2980 		    PARSE_ERR_MSG_LEN);
2981 		return (GENENT_PARSEERR);
2982 	}
2983 	*s++ = 0;
2984 
2985 	ecol[1].ec_value.ec_value_val = t;
2986 	ecol[1].ec_value.ec_value_len = strlen(t)+1;
2987 
2988 	t = s;
2989 
2990 	/*
2991 	 * uid (col 2)
2992 	 */
2993 	if ((s = strchr(t, ':')) == 0 || s == t) {
2994 		(void) strlcpy(parse_err_msg, gettext("no gid"),
2995 		    PARSE_ERR_MSG_LEN);
2996 		return (GENENT_PARSEERR);
2997 	}
2998 	*s++ = 0;
2999 	ecol[2].ec_value.ec_value_val = t;
3000 	ecol[2].ec_value.ec_value_len = strlen(t)+1;
3001 	t = s;
3002 
3003 	/*
3004 	 * gid (col 3)
3005 	 */
3006 	if ((s = strchr(t, ':')) == 0 || s == t) {
3007 		(void) strlcpy(parse_err_msg, gettext("no gcos"),
3008 		    PARSE_ERR_MSG_LEN);
3009 		return (GENENT_PARSEERR);
3010 	}
3011 	*s++ = 0;
3012 	ecol[3].ec_value.ec_value_val = t;
3013 	ecol[3].ec_value.ec_value_len = strlen(t)+1;
3014 	t = s;
3015 
3016 	/*
3017 	 * gcos (col 4)
3018 	 */
3019 	if ((s = strchr(t, ':')) == 0) {
3020 		(void) strlcpy(parse_err_msg, gettext("no home"),
3021 		    PARSE_ERR_MSG_LEN);
3022 		return (GENENT_PARSEERR);
3023 	}
3024 	*s++ = 0;
3025 	ecol[4].ec_value.ec_value_val = t;
3026 	ecol[4].ec_value.ec_value_len = strlen(t)+1;
3027 	t = s;
3028 
3029 	/*
3030 	 * home (col 5)
3031 	 */
3032 	if ((s = strchr(t, ':')) == 0) {
3033 		(void) strlcpy(parse_err_msg, gettext("no shell"),
3034 		    PARSE_ERR_MSG_LEN);
3035 		return (GENENT_PARSEERR);
3036 	}
3037 	*s++ = 0;
3038 	ecol[5].ec_value.ec_value_val = t;
3039 	ecol[5].ec_value.ec_value_len = strlen(t)+1;
3040 	t = s;
3041 
3042 	/*
3043 	 * shell (col 6)
3044 	 */
3045 	ecol[6].ec_value.ec_value_val = t;
3046 	ecol[6].ec_value.ec_value_len = strlen(t)+1;
3047 
3048 	/*
3049 	 * build entry
3050 	 */
3051 	data.pw_name = strdup(ecol[0].ec_value.ec_value_val);
3052 
3053 	if (flags & F_PASSWD) {
3054 		/* Add {crypt} before passwd entry */
3055 		(void) snprintf(pname, sizeof (pname), "{crypt}%s",
3056 		    ecol[1].ec_value.ec_value_val);
3057 		data.pw_passwd = strdup(pname);
3058 	}
3059 	else
3060 		data.pw_passwd = NULL;
3061 
3062 	if (ecol[2].ec_value.ec_value_val != NULL &&
3063 	    ecol[2].ec_value.ec_value_val[0] != '\0') {
3064 		data.pw_uid = ascii_to_int(ecol[2].ec_value.ec_value_val);
3065 		if (data.pw_uid == (uid_t)-1) {
3066 			(void) snprintf(parse_err_msg, sizeof (parse_err_msg),
3067 			    gettext("invalid uid : %s"),
3068 			    ecol[2].ec_value.ec_value_val);
3069 		return (GENENT_PARSEERR);
3070 		}
3071 	} else
3072 		data.pw_uid = (uid_t)-1;
3073 
3074 	if (ecol[3].ec_value.ec_value_val != NULL &&
3075 	    ecol[3].ec_value.ec_value_val[0] != '\0') {
3076 
3077 		data.pw_gid = ascii_to_int(ecol[3].ec_value.ec_value_val);
3078 		if (data.pw_gid == (uid_t)-1) {
3079 			(void) snprintf(parse_err_msg, sizeof (parse_err_msg),
3080 			    gettext("invalid gid : %s"),
3081 			    ecol[3].ec_value.ec_value_val);
3082 		return (GENENT_PARSEERR);
3083 		}
3084 	} else
3085 		data.pw_gid = (uid_t)-1;
3086 
3087 	data.pw_age = NULL;
3088 	data.pw_comment = NULL;
3089 	data.pw_gecos = strdup(ecol[4].ec_value.ec_value_val);
3090 	data.pw_dir = strdup(ecol[5].ec_value.ec_value_val);
3091 	data.pw_shell = strdup(ecol[6].ec_value.ec_value_val);
3092 
3093 	if (flags & F_VERBOSE)
3094 		(void) fprintf(stdout,
3095 		    gettext("Adding entry : %s\n"), data.pw_name);
3096 
3097 	retval = (*cback)(&data, 0);
3098 
3099 	if (retval == LDAP_ALREADY_EXISTS) {
3100 		if (continue_onerror)
3101 			(void) fprintf(stderr,
3102 			    gettext("Entry: %s - already Exists,"
3103 			    " skipping it.\n"), data.pw_name);
3104 		else {
3105 			rc = GENENT_CBERR;
3106 			(void) fprintf(stderr,
3107 			    gettext("Entry: %s - already Exists\n"),
3108 			    data.pw_name);
3109 		}
3110 	} else if (retval)
3111 		rc = GENENT_CBERR;
3112 
3113 	free(data.pw_name);
3114 	free(data.pw_gecos);
3115 	free(data.pw_dir);
3116 	free(data.pw_shell);
3117 	return (rc);
3118 }
3119 
3120 
3121 static void
dump_passwd(ns_ldap_result_t * res)3122 dump_passwd(ns_ldap_result_t *res)
3123 {
3124 	char    **value = NULL;
3125 
3126 	value = __ns_ldap_getAttr(res->entry, "uid");
3127 	if (value == NULL)
3128 		return;
3129 	else
3130 		(void) fprintf(stdout, "%s:", value[0]);
3131 	value = __ns_ldap_getAttr(res->entry, "userPassword");
3132 
3133 	/*
3134 	 * Don't print the encrypted password, Use x to
3135 	 * indicate it is in the shadow database.
3136 	 */
3137 	(void) fprintf(stdout, "x:");
3138 
3139 	value = __ns_ldap_getAttr(res->entry, "uidNumber");
3140 	if (value && value[0])
3141 		(void) fprintf(stdout, "%s:", value[0]);
3142 	value = __ns_ldap_getAttr(res->entry, "gidNumber");
3143 	if (value && value[0])
3144 		(void) fprintf(stdout, "%s:", value[0]);
3145 	value = __ns_ldap_getAttr(res->entry, "gecos");
3146 	if (value == NULL)
3147 		(void) fprintf(stdout, ":");
3148 	else
3149 		(void) fprintf(stdout, "%s:", value[0]);
3150 	value = __ns_ldap_getAttr(res->entry, "homeDirectory");
3151 	if (value == NULL)
3152 		(void) fprintf(stdout, ":");
3153 	else
3154 		(void) fprintf(stdout, "%s:", value[0]);
3155 	value = __ns_ldap_getAttr(res->entry, "loginShell");
3156 	if (value == NULL)
3157 		(void) fprintf(stdout, "\n");
3158 	else
3159 		(void) fprintf(stdout, "%s\n", value[0]);
3160 
3161 }
3162 
3163 /*
3164  * /etc/shadow
3165  */
3166 
3167 static int
genent_shadow(char * line,int (* cback)())3168 genent_shadow(char *line, int (*cback)())
3169 {
3170 	char buf[BUFSIZ+1];
3171 	char *s, *t;
3172 	entry_col ecol[9];
3173 	char pname[BUFSIZ];
3174 
3175 	struct spwd	data;
3176 	int spflag;
3177 	int retval;
3178 
3179 
3180 	/*
3181 	 * don't clobber our argument
3182 	 */
3183 	if (strlen(line) >= sizeof (buf)) {
3184 		(void) strlcpy(parse_err_msg, gettext("line too long"),
3185 		    PARSE_ERR_MSG_LEN);
3186 		return (GENENT_PARSEERR);
3187 	}
3188 	(void) strcpy(buf, line);
3189 	t = buf;
3190 
3191 	/* ignore empty entries */
3192 	if (*t == '\0')
3193 		return (GENENT_OK);
3194 
3195 	/*
3196 	 * clear column data
3197 	 */
3198 	(void) memset((char *)ecol, 0, sizeof (ecol));
3199 
3200 	/*
3201 	 * name (col 0)
3202 	 */
3203 	if ((s = strchr(t, ':')) == 0) {
3204 		(void) strlcpy(parse_err_msg, gettext("no uid"),
3205 		    PARSE_ERR_MSG_LEN);
3206 		return (GENENT_PARSEERR);
3207 	}
3208 	*s++ = 0;
3209 	ecol[0].ec_value.ec_value_val = t;
3210 	ecol[0].ec_value.ec_value_len = strlen(t)+1;
3211 	t = s;
3212 
3213 	/*
3214 	 * passwd (col 1)
3215 	 */
3216 	if ((s = strchr(t, ':')) == 0) {
3217 		(void) strlcpy(parse_err_msg, gettext("Improper format"),
3218 		    PARSE_ERR_MSG_LEN);
3219 		return (GENENT_PARSEERR);
3220 	}
3221 	*s++ = 0;
3222 
3223 		ecol[1].ec_value.ec_value_val = t;
3224 		ecol[1].ec_value.ec_value_len = strlen(t)+1;
3225 
3226 	t = s;
3227 
3228 	/*
3229 	 * shadow last change (col 2)
3230 	 */
3231 	if ((s = strchr(t, ':')) == 0) {
3232 		(void) strlcpy(parse_err_msg, gettext("Improper format"),
3233 		    PARSE_ERR_MSG_LEN);
3234 		return (GENENT_PARSEERR);
3235 	}
3236 	*s++ = 0;
3237 	ecol[2].ec_value.ec_value_val = t;
3238 	ecol[2].ec_value.ec_value_len = strlen(t)+1;
3239 	t = s;
3240 
3241 	/*
3242 	 * shadow min (col 3)
3243 	 */
3244 	if ((s = strchr(t, ':')) == 0) {
3245 		(void) strlcpy(parse_err_msg, gettext("Improper format"),
3246 		    PARSE_ERR_MSG_LEN);
3247 		return (GENENT_PARSEERR);
3248 	}
3249 	*s++ = 0;
3250 	ecol[3].ec_value.ec_value_val = t;
3251 	ecol[3].ec_value.ec_value_len = strlen(t)+1;
3252 	t = s;
3253 
3254 	/*
3255 	 * shadow max (col 4)
3256 	 */
3257 	if ((s = strchr(t, ':')) == 0) {
3258 		(void) strlcpy(parse_err_msg, gettext("Improper format"),
3259 		    PARSE_ERR_MSG_LEN);
3260 		return (GENENT_PARSEERR);
3261 	}
3262 	*s++ = 0;
3263 	ecol[4].ec_value.ec_value_val = t;
3264 	ecol[4].ec_value.ec_value_len = strlen(t)+1;
3265 	t = s;
3266 
3267 	/*
3268 	 * shadow warn (col 5)
3269 	 */
3270 	if ((s = strchr(t, ':')) == 0) {
3271 		(void) strlcpy(parse_err_msg, gettext("Improper format"),
3272 		    PARSE_ERR_MSG_LEN);
3273 		return (GENENT_PARSEERR);
3274 	}
3275 	*s++ = 0;
3276 	ecol[5].ec_value.ec_value_val = t;
3277 	ecol[5].ec_value.ec_value_len = strlen(t)+1;
3278 	t = s;
3279 
3280 	/*
3281 	 * shadow inactive (col 6)
3282 	 */
3283 	if ((s = strchr(t, ':')) != 0) {
3284 	*s++ = 0;
3285 	ecol[6].ec_value.ec_value_val = t;
3286 	ecol[6].ec_value.ec_value_len = strlen(t)+1;
3287 	t = s;
3288 	}
3289 
3290 	/*
3291 	 * shadow expire  (col 7)
3292 	 */
3293 	if ((s = strchr(t, ':')) != 0) {
3294 	*s++ = 0;
3295 	ecol[7].ec_value.ec_value_val = t;
3296 	ecol[7].ec_value.ec_value_len = strlen(t)+1;
3297 	t = s;
3298 
3299 	/*
3300 	 * flag (col 8)
3301 	 */
3302 	ecol[8].ec_value.ec_value_val = t;
3303 	ecol[8].ec_value.ec_value_len = strlen(t)+1;
3304 	}
3305 
3306 	/*
3307 	 * build entry
3308 	 */
3309 
3310 	data.sp_namp = strdup(ecol[0].ec_value.ec_value_val);
3311 
3312 	if (ecol[1].ec_value.ec_value_val != NULL &&
3313 	    ecol[1].ec_value.ec_value_val[0] != '\0') {
3314 		/* Add {crypt} before passwd entry */
3315 		(void) snprintf(pname, sizeof (pname), "{crypt}%s",
3316 		    ecol[1].ec_value.ec_value_val);
3317 		data.sp_pwdp = strdup(pname);
3318 	} else {
3319 		/*
3320 		 * no password (e.g., deleted by "passwd -d"):
3321 		 * use the special value NS_LDAP_NO_UNIX_PASSWORD
3322 		 * instead.
3323 		 */
3324 		(void) snprintf(pname, sizeof (pname), "{crypt}%s",
3325 		    NS_LDAP_NO_UNIX_PASSWORD);
3326 		data.sp_pwdp = strdup(pname);
3327 	}
3328 
3329 	if (ecol[2].ec_value.ec_value_val != NULL &&
3330 	    ecol[2].ec_value.ec_value_val[0] != '\0') {
3331 
3332 		data.sp_lstchg = ascii_to_int(ecol[2].ec_value.ec_value_val);
3333 		if (data.sp_lstchg < -1) {
3334 			(void) snprintf(parse_err_msg, sizeof (parse_err_msg),
3335 			    gettext("invalid last changed date: %s"),
3336 			    ecol[2].ec_value.ec_value_val);
3337 		return (GENENT_PARSEERR);
3338 		}
3339 	} else
3340 		data.sp_lstchg = -1;
3341 
3342 	if (ecol[3].ec_value.ec_value_val != NULL &&
3343 	    ecol[3].ec_value.ec_value_val[0] != '\0') {
3344 
3345 		data.sp_min = ascii_to_int(ecol[3].ec_value.ec_value_val);
3346 		if (data.sp_min < -1) {
3347 			(void) snprintf(parse_err_msg, sizeof (parse_err_msg),
3348 			    gettext("invalid sp_min : %s"),
3349 			    ecol[3].ec_value.ec_value_val);
3350 		return (GENENT_PARSEERR);
3351 		}
3352 	} else
3353 		data.sp_min = -1;
3354 
3355 	if (ecol[4].ec_value.ec_value_val != NULL &&
3356 	    ecol[4].ec_value.ec_value_val[0] != '\0') {
3357 
3358 		data.sp_max = ascii_to_int(ecol[4].ec_value.ec_value_val);
3359 		if (data.sp_max < -1) {
3360 			(void) snprintf(parse_err_msg, sizeof (parse_err_msg),
3361 			    gettext("invalid sp_max : %s"),
3362 			    ecol[4].ec_value.ec_value_val);
3363 		return (GENENT_PARSEERR);
3364 		}
3365 	} else
3366 		data.sp_max = -1;
3367 
3368 	if (ecol[5].ec_value.ec_value_val != NULL &&
3369 	    ecol[5].