17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 51f3e1ca0Ssatishk * Common Development and Distribution License (the "License"). 61f3e1ca0Ssatishk * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 22ba3594baSGarrett D'Amore * Copyright 2014 Garrett D'Amore <garrett@damore.org> 23ba3594baSGarrett D'Amore * 24*74e12c43SGordon Ross * Copyright 2012 Nexenta Systems, Inc. All rights reserved. 25*74e12c43SGordon Ross * 2636e852a1SRaja Andra * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 277c478bd9Sstevel@tonic-gate * Use is subject to license terms. 287c478bd9Sstevel@tonic-gate * 2945916cd2Sjpk * Database-specific definitions for the getXXXbyYYY routines 307c478bd9Sstevel@tonic-gate * (e.g getpwuid_r(), ether_ntohost()) that use the name-service switch. 317c478bd9Sstevel@tonic-gate * Database-independent definitions are in <nss_common.h> 327c478bd9Sstevel@tonic-gate * 337c478bd9Sstevel@tonic-gate * Ideally, this is the only switch header file one would add things 347c478bd9Sstevel@tonic-gate * to in order to support a new database. 357c478bd9Sstevel@tonic-gate * 367c478bd9Sstevel@tonic-gate * NOTE: The interfaces documented in this file may change in a minor 377c478bd9Sstevel@tonic-gate * release. It is intended that in the future a stronger committment 387c478bd9Sstevel@tonic-gate * will be made to these interface definitions which will guarantee 397c478bd9Sstevel@tonic-gate * them across minor releases. 407c478bd9Sstevel@tonic-gate */ 417c478bd9Sstevel@tonic-gate 427c478bd9Sstevel@tonic-gate #ifndef _NSS_DBDEFS_H 437c478bd9Sstevel@tonic-gate #define _NSS_DBDEFS_H 447c478bd9Sstevel@tonic-gate 45cb5caa98Sdjl #include <sys/types.h> 46cb5caa98Sdjl #include <unistd.h> 477c478bd9Sstevel@tonic-gate #include <errno.h> 487c478bd9Sstevel@tonic-gate #include <netdb.h> /* MAXALIASES, MAXADDRS */ 497c478bd9Sstevel@tonic-gate #include <limits.h> /* LOGNAME_MAX */ 507c478bd9Sstevel@tonic-gate #include <nss_common.h> 517c478bd9Sstevel@tonic-gate 527c478bd9Sstevel@tonic-gate #ifdef __cplusplus 537c478bd9Sstevel@tonic-gate extern "C" { 547c478bd9Sstevel@tonic-gate #endif 557c478bd9Sstevel@tonic-gate 567c478bd9Sstevel@tonic-gate #ifndef NSS_INCLUDE_UNSAFE 577c478bd9Sstevel@tonic-gate #define NSS_INCLUDE_UNSAFE 1 /* Build old, MT-unsafe interfaces, */ 587c478bd9Sstevel@tonic-gate #endif /* NSS_INCLUDE_UNSAFE */ /* e.g. getpwnam (c.f. getpwnam_r) */ 597c478bd9Sstevel@tonic-gate 607c478bd9Sstevel@tonic-gate /* 617c478bd9Sstevel@tonic-gate * Names of the well-known databases. 627c478bd9Sstevel@tonic-gate */ 637c478bd9Sstevel@tonic-gate 647c478bd9Sstevel@tonic-gate #define NSS_DBNAM_ALIASES "aliases" /* E-mail aliases, that is */ 657c478bd9Sstevel@tonic-gate #define NSS_DBNAM_AUTOMOUNT "automount" 667c478bd9Sstevel@tonic-gate #define NSS_DBNAM_BOOTPARAMS "bootparams" 677c478bd9Sstevel@tonic-gate #define NSS_DBNAM_ETHERS "ethers" 687c478bd9Sstevel@tonic-gate #define NSS_DBNAM_GROUP "group" 697c478bd9Sstevel@tonic-gate #define NSS_DBNAM_HOSTS "hosts" 707c478bd9Sstevel@tonic-gate #define NSS_DBNAM_IPNODES "ipnodes" 717c478bd9Sstevel@tonic-gate #define NSS_DBNAM_NETGROUP "netgroup" 727c478bd9Sstevel@tonic-gate #define NSS_DBNAM_NETMASKS "netmasks" 737c478bd9Sstevel@tonic-gate #define NSS_DBNAM_NETWORKS "networks" 747c478bd9Sstevel@tonic-gate #define NSS_DBNAM_PASSWD "passwd" 757c478bd9Sstevel@tonic-gate #define NSS_DBNAM_PRINTERS "printers" 767c478bd9Sstevel@tonic-gate #define NSS_DBNAM_PROJECT "project" 777c478bd9Sstevel@tonic-gate #define NSS_DBNAM_PROTOCOLS "protocols" 787c478bd9Sstevel@tonic-gate #define NSS_DBNAM_PUBLICKEY "publickey" 797c478bd9Sstevel@tonic-gate #define NSS_DBNAM_RPC "rpc" 807c478bd9Sstevel@tonic-gate #define NSS_DBNAM_SERVICES "services" 817c478bd9Sstevel@tonic-gate #define NSS_DBNAM_AUDITUSER "audit_user" 827c478bd9Sstevel@tonic-gate #define NSS_DBNAM_AUTHATTR "auth_attr" 837c478bd9Sstevel@tonic-gate #define NSS_DBNAM_EXECATTR "exec_attr" 847c478bd9Sstevel@tonic-gate #define NSS_DBNAM_PROFATTR "prof_attr" 857c478bd9Sstevel@tonic-gate #define NSS_DBNAM_USERATTR "user_attr" 867c478bd9Sstevel@tonic-gate 8745916cd2Sjpk #define NSS_DBNAM_TSOL_TP "tnrhtp" 8845916cd2Sjpk #define NSS_DBNAM_TSOL_RH "tnrhdb" 8945916cd2Sjpk #define NSS_DBNAM_TSOL_ZC "tnzonecfg" 9045916cd2Sjpk 917c478bd9Sstevel@tonic-gate /* getspnam() et al use the "passwd" config entry but the "shadow" backend */ 927c478bd9Sstevel@tonic-gate #define NSS_DBNAM_SHADOW "shadow" 937c478bd9Sstevel@tonic-gate 947c478bd9Sstevel@tonic-gate /* The "compat" backend gets config entries for these pseudo-databases */ 957c478bd9Sstevel@tonic-gate #define NSS_DBNAM_PASSWD_COMPAT "passwd_compat" 967c478bd9Sstevel@tonic-gate #define NSS_DBNAM_GROUP_COMPAT "group_compat" 977c478bd9Sstevel@tonic-gate 987c478bd9Sstevel@tonic-gate /* 997c478bd9Sstevel@tonic-gate * Default switch configuration, compiled into the front-ends. 1007c478bd9Sstevel@tonic-gate * 1017c478bd9Sstevel@tonic-gate * Absent good reasons to the contrary, this should be compatible with the 1027c478bd9Sstevel@tonic-gate * default /etc/nsswitch.conf file. 1037c478bd9Sstevel@tonic-gate */ 1047c478bd9Sstevel@tonic-gate #define NSS_FILES_ONLY "files" 1057c478bd9Sstevel@tonic-gate #define NSS_FILES_NS "files nis" 1067c478bd9Sstevel@tonic-gate #define NSS_NS_FALLBACK "nis [NOTFOUND=return] files" 1077c478bd9Sstevel@tonic-gate #define NSS_NS_ONLY "nis" 10845916cd2Sjpk #define NSS_TSOL_FALLBACK "files ldap" 1097c478bd9Sstevel@tonic-gate 1107c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_ALIASES NSS_FILES_NS 1117c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_AUTOMOUNT NSS_FILES_NS 1127c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_BOOTPARAMS NSS_NS_FALLBACK 1137c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_ETHERS NSS_NS_FALLBACK 1147c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_GROUP NSS_FILES_NS 1157c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_HOSTS NSS_NS_FALLBACK 1167c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_IPNODES NSS_NS_FALLBACK 1177c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_NETGROUP NSS_NS_ONLY 1187c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_NETMASKS NSS_NS_FALLBACK 1197c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_NETWORKS NSS_NS_FALLBACK 1207c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_PASSWD NSS_FILES_NS 12136e852a1SRaja Andra #define NSS_DEFCONF_PRINTERS "user files nis" 1227c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_PROJECT NSS_FILES_NS 1237c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_PROTOCOLS NSS_NS_FALLBACK 1247c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_PUBLICKEY NSS_FILES_NS 1257c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_RPC NSS_NS_FALLBACK 1267c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_SERVICES NSS_FILES_NS /* speeds up byname() */ 1277c478bd9Sstevel@tonic-gate 1287c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_GROUP_COMPAT NSS_NS_ONLY 1297c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_PASSWD_COMPAT NSS_NS_ONLY 1307c478bd9Sstevel@tonic-gate 1317c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_ATTRDB NSS_FILES_NS 1327c478bd9Sstevel@tonic-gate 1337c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_AUDITUSER NSS_DEFCONF_PASSWD 1347c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_USERATTR NSS_DEFCONF_PASSWD 1357c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_AUTHATTR NSS_DEFCONF_ATTRDB 1367c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_PROFATTR NSS_DEFCONF_ATTRDB 1377c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_EXECATTR NSS_DEFCONF_PROFATTR 1387c478bd9Sstevel@tonic-gate 13945916cd2Sjpk #define NSS_DEFCONF_TSOL_TP NSS_TSOL_FALLBACK 14045916cd2Sjpk #define NSS_DEFCONF_TSOL_RH NSS_TSOL_FALLBACK 14145916cd2Sjpk #define NSS_DEFCONF_TSOL_ZC NSS_TSOL_FALLBACK 14245916cd2Sjpk 1437c478bd9Sstevel@tonic-gate /* 1447c478bd9Sstevel@tonic-gate * Line-lengths that the "files" and "compat" backends will try to support. 1457c478bd9Sstevel@tonic-gate * It may be reasonable (even advisable) to use smaller values than these. 1467c478bd9Sstevel@tonic-gate */ 1477c478bd9Sstevel@tonic-gate 1487c478bd9Sstevel@tonic-gate #define NSS_BUFSIZ 1024 1497c478bd9Sstevel@tonic-gate 1501f3e1ca0Ssatishk #define NSS_LINELEN_GROUP ((NSS_BUFSIZ) * 8) 1517c478bd9Sstevel@tonic-gate #define NSS_LINELEN_HOSTS ((NSS_BUFSIZ) * 8) 1527c478bd9Sstevel@tonic-gate #define NSS_LINELEN_IPNODES ((NSS_BUFSIZ) * 8) 153*74e12c43SGordon Ross #define NSS_LINELEN_NETGROUP ((NSS_BUFSIZ) * 32) 1547c478bd9Sstevel@tonic-gate #define NSS_LINELEN_NETMASKS NSS_BUFSIZ 1557c478bd9Sstevel@tonic-gate #define NSS_LINELEN_NETWORKS NSS_BUFSIZ 1567c478bd9Sstevel@tonic-gate #define NSS_LINELEN_PASSWD NSS_BUFSIZ 1577c478bd9Sstevel@tonic-gate #define NSS_LINELEN_PRINTERS NSS_BUFSIZ 1587c478bd9Sstevel@tonic-gate #define NSS_LINELEN_PROJECT ((NSS_BUFSIZ) * 4) 1597c478bd9Sstevel@tonic-gate #define NSS_LINELEN_PROTOCOLS NSS_BUFSIZ 1607c478bd9Sstevel@tonic-gate #define NSS_LINELEN_PUBLICKEY NSS_BUFSIZ 1617c478bd9Sstevel@tonic-gate #define NSS_LINELEN_RPC NSS_BUFSIZ 1627c478bd9Sstevel@tonic-gate #define NSS_LINELEN_SERVICES NSS_BUFSIZ 1637c478bd9Sstevel@tonic-gate #define NSS_LINELEN_SHADOW NSS_BUFSIZ 1647c478bd9Sstevel@tonic-gate #define NSS_LINELEN_ETHERS NSS_BUFSIZ 1657c478bd9Sstevel@tonic-gate #define NSS_LINELEN_BOOTPARAMS NSS_BUFSIZ 1667c478bd9Sstevel@tonic-gate 1677c478bd9Sstevel@tonic-gate #define NSS_LINELEN_ATTRDB NSS_BUFSIZ 1687c478bd9Sstevel@tonic-gate 1697c478bd9Sstevel@tonic-gate #define NSS_LINELEN_AUDITUSER NSS_LINELEN_ATTRDB 1707c478bd9Sstevel@tonic-gate #define NSS_LINELEN_AUTHATTR NSS_LINELEN_ATTRDB 1717c478bd9Sstevel@tonic-gate #define NSS_LINELEN_EXECATTR NSS_LINELEN_ATTRDB 1727c478bd9Sstevel@tonic-gate #define NSS_LINELEN_PROFATTR NSS_LINELEN_ATTRDB 1737c478bd9Sstevel@tonic-gate #define NSS_LINELEN_USERATTR NSS_LINELEN_ATTRDB 1747c478bd9Sstevel@tonic-gate 1757c478bd9Sstevel@tonic-gate #define NSS_MMAPLEN_EXECATTR NSS_LINELEN_EXECATTR * 8 1767c478bd9Sstevel@tonic-gate 17745916cd2Sjpk #define NSS_LINELEN_TSOL NSS_BUFSIZ 17845916cd2Sjpk 17945916cd2Sjpk #define NSS_LINELEN_TSOL_TP NSS_LINELEN_TSOL 18045916cd2Sjpk #define NSS_LINELEN_TSOL_RH NSS_LINELEN_TSOL 18145916cd2Sjpk #define NSS_LINELEN_TSOL_ZC NSS_LINELEN_TSOL 18245916cd2Sjpk 1837c478bd9Sstevel@tonic-gate /* 1847c478bd9Sstevel@tonic-gate * Reasonable defaults for 'buflen' values passed to _r functions. The BSD 1857c478bd9Sstevel@tonic-gate * and SunOS 4.x implementations of the getXXXbyYYY() functions used hard- 1867c478bd9Sstevel@tonic-gate * coded array sizes; the values here are meant to handle anything that 1877c478bd9Sstevel@tonic-gate * those implementations handled. 1887c478bd9Sstevel@tonic-gate * === These might more reasonably go in <pwd.h>, <netdb.h> et al 1897c478bd9Sstevel@tonic-gate */ 1907c478bd9Sstevel@tonic-gate 1911f3e1ca0Ssatishk #define NSS_BUFLEN_GROUP NSS_LINELEN_GROUP 1927c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_HOSTS \ 1937c478bd9Sstevel@tonic-gate (NSS_LINELEN_HOSTS + (MAXALIASES + MAXADDRS + 2) * sizeof (char *)) 1947c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_IPNODES \ 1957c478bd9Sstevel@tonic-gate (NSS_LINELEN_IPNODES + (MAXALIASES + MAXADDRS + 2) * sizeof (char *)) 1967c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_NETGROUP (MAXHOSTNAMELEN * 2 + LOGNAME_MAX + 3) 1977c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_NETWORKS NSS_LINELEN_NETWORKS /* === ? + 35 * 4 */ 1987c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_PASSWD NSS_LINELEN_PASSWD 1997c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_PROJECT (NSS_LINELEN_PROJECT + 800 * sizeof (char *)) 2007c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_PROTOCOLS NSS_LINELEN_PROTOCOLS /* === ? + 35 * 4 */ 2017c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_PUBLICKEY NSS_LINELEN_PUBLICKEY 2027c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_RPC NSS_LINELEN_RPC /* === ? + 35 * 4 */ 2037c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_SERVICES NSS_LINELEN_SERVICES /* === ? + 35 * 4 */ 2047c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_SHADOW NSS_LINELEN_SHADOW 2057c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_ETHERS NSS_LINELEN_ETHERS 2067c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_BOOTPARAMS NSS_LINELEN_BOOTPARAMS 2077c478bd9Sstevel@tonic-gate 2087c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_ATTRDB NSS_LINELEN_ATTRDB 2097c478bd9Sstevel@tonic-gate 2107c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_AUDITUSER NSS_BUFLEN_ATTRDB 2117c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_AUTHATTR NSS_BUFLEN_ATTRDB 2127c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_EXECATTR NSS_BUFLEN_ATTRDB 2137c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_PROFATTR NSS_BUFLEN_ATTRDB 2141f3e1ca0Ssatishk #define NSS_BUFLEN_USERATTR ((NSS_BUFLEN_ATTRDB) * 8) 2157c478bd9Sstevel@tonic-gate 21645916cd2Sjpk #define NSS_BUFLEN_TSOL NSS_LINELEN_TSOL 21745916cd2Sjpk #define NSS_BUFLEN_TSOL_TP NSS_BUFLEN_TSOL 21845916cd2Sjpk #define NSS_BUFLEN_TSOL_RH NSS_BUFLEN_TSOL 21945916cd2Sjpk #define NSS_BUFLEN_TSOL_ZC NSS_BUFLEN_TSOL 2207c478bd9Sstevel@tonic-gate 221cb5caa98Sdjl /* 222cb5caa98Sdjl * Default cache door buffer size (2x largest buffer) 223cb5caa98Sdjl */ 224cb5caa98Sdjl 225cb5caa98Sdjl #define NSS_BUFLEN_DOOR ((NSS_BUFSIZ) * 16) 226cb5caa98Sdjl 2277c478bd9Sstevel@tonic-gate /* 2287c478bd9Sstevel@tonic-gate * Arguments and results, passed between the frontends and backends for 2297c478bd9Sstevel@tonic-gate * the well-known databases. The getXbyY_r() and getXent_r() routines 2307c478bd9Sstevel@tonic-gate * use a common format that is further described below; other routines 2317c478bd9Sstevel@tonic-gate * use their own formats. 2327c478bd9Sstevel@tonic-gate */ 2337c478bd9Sstevel@tonic-gate 234cb5caa98Sdjl /* 235cb5caa98Sdjl * The nss_str2ent_t routine is the data marshaller for the nsswitch. 236cb5caa98Sdjl * it converts 'native files' format into 'entry' format as part of the 237cb5caa98Sdjl * return processing for a getXbyY interface. 238cb5caa98Sdjl * 239cb5caa98Sdjl * The nss_groupstr_t routine does the real work for any backend 240cb5caa98Sdjl * that can supply a netgroup entry as a string in /etc/group format 241cb5caa98Sdjl */ 242cb5caa98Sdjl typedef int (*nss_str2ent_t)(const char *in, int inlen, 243cb5caa98Sdjl void *ent, char *buf, int buflen); 244cb5caa98Sdjl 245cb5caa98Sdjl struct nss_groupsbymem; /* forward definition */ 246cb5caa98Sdjl typedef nss_status_t (*nss_groupstr_t)(const char *instr, int inlen, 247cb5caa98Sdjl struct nss_groupsbymem *); 248cb5caa98Sdjl 2497c478bd9Sstevel@tonic-gate /* 2507c478bd9Sstevel@tonic-gate * The initgroups() function [see initgroups(3c)] needs to find all the 2517c478bd9Sstevel@tonic-gate * groups to which a given user belongs. To do this it calls 2527c478bd9Sstevel@tonic-gate * _getgroupsbymember(), which is part of the frontend for the "group" 2537c478bd9Sstevel@tonic-gate * database. 2547c478bd9Sstevel@tonic-gate * We want the same effect as if we used getgrent_r() to enumerate the 2557c478bd9Sstevel@tonic-gate * entire groups database (possibly from multiple sources), but getgrent_r() 2567c478bd9Sstevel@tonic-gate * is too inefficient. Most backends can do better if they know they're 2577c478bd9Sstevel@tonic-gate * meant to scan all groups; hence there's a separate backend operation, 2587c478bd9Sstevel@tonic-gate * NSS_DBOP_GROUP_BYMEMBER, which uses the nss_groupsbymem struct. 2597c478bd9Sstevel@tonic-gate * Note that the normal return-value from such a backend, even when it 2607c478bd9Sstevel@tonic-gate * successfully finds matching group entries, is NSS_NOTFOUND, because 2617c478bd9Sstevel@tonic-gate * this tells the switch engine to keep searching in any more sources. 2627c478bd9Sstevel@tonic-gate * In fact, the backends only return NSS_SUCCESS if they find enough 2637c478bd9Sstevel@tonic-gate * matching entries that the gid_array is completely filled, in which 2647c478bd9Sstevel@tonic-gate * case the switch engine should stop searching. 2657c478bd9Sstevel@tonic-gate * If the force_slow_way field is set, the backend should eschew any cached 2667c478bd9Sstevel@tonic-gate * information (e.g. the YP netid.byname map or the NIS+ cred.org_dir table) 2677c478bd9Sstevel@tonic-gate * and should instead grind its way through the group map/table/whatever. 2687c478bd9Sstevel@tonic-gate */ 2697c478bd9Sstevel@tonic-gate 2707c478bd9Sstevel@tonic-gate struct nss_groupsbymem { /* For _getgroupsbymember() */ 2717c478bd9Sstevel@tonic-gate /* in: */ 2727c478bd9Sstevel@tonic-gate const char *username; 2737c478bd9Sstevel@tonic-gate gid_t *gid_array; 2747c478bd9Sstevel@tonic-gate int maxgids; 2757c478bd9Sstevel@tonic-gate int force_slow_way; 276cb5caa98Sdjl nss_str2ent_t str2ent; 277cb5caa98Sdjl nss_groupstr_t process_cstr; 2787c478bd9Sstevel@tonic-gate 2797c478bd9Sstevel@tonic-gate /* in_out: */ 2807c478bd9Sstevel@tonic-gate int numgids; 2817c478bd9Sstevel@tonic-gate }; 2827c478bd9Sstevel@tonic-gate 2837c478bd9Sstevel@tonic-gate /* 2847c478bd9Sstevel@tonic-gate * The netgroup routines are handled as follows: 2857c478bd9Sstevel@tonic-gate * 2867c478bd9Sstevel@tonic-gate * Policy decision: 2877c478bd9Sstevel@tonic-gate * If netgroup A refers to netgroup B, both must occur in the same 2887c478bd9Sstevel@tonic-gate * source (other choices give very confusing semantics). This 2897c478bd9Sstevel@tonic-gate * assumption is deeply embedded in the frontend and backends. 2907c478bd9Sstevel@tonic-gate * 2917c478bd9Sstevel@tonic-gate * - setnetgrent(), despite its name, is really a getXXXbyYYY operation: 2927c478bd9Sstevel@tonic-gate * it takes a name and finds a netgroup with that name (see the 2937c478bd9Sstevel@tonic-gate * nss_setnetgrent_args struct below). The "result" that it returns 2947c478bd9Sstevel@tonic-gate * to the frontend is an nss_backend_t for a pseudo-backend that allows 2957c478bd9Sstevel@tonic-gate * one to enumerate the members of that netgroup. 2967c478bd9Sstevel@tonic-gate * 2977c478bd9Sstevel@tonic-gate * - getnetgrent() calls the 'getXXXent' function in the pseudo-backend; 2987c478bd9Sstevel@tonic-gate * it doesn't go through the switch engine at all. It uses the 2997c478bd9Sstevel@tonic-gate * nss_getnetgrent_args struct below. 3007c478bd9Sstevel@tonic-gate * 3017c478bd9Sstevel@tonic-gate * - innetgr() is implemented on top of __multi_innetgr(), which replaces 3027c478bd9Sstevel@tonic-gate * each (char *) argument of innetgr() with a counted vector of (char *). 3037c478bd9Sstevel@tonic-gate * The semantics are the same as an OR of the results of innetgr() 3047c478bd9Sstevel@tonic-gate * operations on each possible 4-tuple picked from the arguments, but 3057c478bd9Sstevel@tonic-gate * it's possible to implement some cases more efficiently. This is 3067c478bd9Sstevel@tonic-gate * important for mountd, which used to read YP netgroup.byhost directly 3077c478bd9Sstevel@tonic-gate * in order to determine efficiently whether a given host belonged to any 3087c478bd9Sstevel@tonic-gate * one of a long list of netgroups. Wildcarded arguments are indicated 3097c478bd9Sstevel@tonic-gate * by a count of zero. 3107c478bd9Sstevel@tonic-gate * 3117c478bd9Sstevel@tonic-gate * - __multi_innetgr() uses the nss_innetgr_args struct. A backend whose 3127c478bd9Sstevel@tonic-gate * source contains at least one of the groups listed in the 'groups' 3137c478bd9Sstevel@tonic-gate * vector will return NSS_SUCCESS and will set the 'status' field to 3147c478bd9Sstevel@tonic-gate * indicate whether any 4-tuple was satisfied. A backend will only 3157c478bd9Sstevel@tonic-gate * return NSS_NOTFOUND if the source contained none of the groups 3167c478bd9Sstevel@tonic-gate * listed in the 'groups' vector. 3177c478bd9Sstevel@tonic-gate */ 3187c478bd9Sstevel@tonic-gate 3197c478bd9Sstevel@tonic-gate enum nss_netgr_argn { /* We need (machine, user, domain) triples */ 320cb5caa98Sdjl NSS_NETGR_MACHINE = 0, 321cb5caa98Sdjl NSS_NETGR_USER = 1, 322cb5caa98Sdjl NSS_NETGR_DOMAIN = 2, 323cb5caa98Sdjl NSS_NETGR_N = 3 3247c478bd9Sstevel@tonic-gate }; 3257c478bd9Sstevel@tonic-gate 3267c478bd9Sstevel@tonic-gate enum nss_netgr_status { /* Status from setnetgrent, multi_innetgr */ 327cb5caa98Sdjl NSS_NETGR_FOUND = 0, 328cb5caa98Sdjl NSS_NETGR_NO = 1, 329cb5caa98Sdjl NSS_NETGR_NOMEM = 2 3307c478bd9Sstevel@tonic-gate }; 3317c478bd9Sstevel@tonic-gate 3327c478bd9Sstevel@tonic-gate struct nss_setnetgrent_args { 3337c478bd9Sstevel@tonic-gate /* in: */ 3347c478bd9Sstevel@tonic-gate const char *netgroup; 3357c478bd9Sstevel@tonic-gate /* out: */ 3367c478bd9Sstevel@tonic-gate nss_backend_t *iterator; /* <==== Explain */ 3377c478bd9Sstevel@tonic-gate }; 3387c478bd9Sstevel@tonic-gate 3397c478bd9Sstevel@tonic-gate struct nss_getnetgrent_args { 3407c478bd9Sstevel@tonic-gate /* in: */ 3417c478bd9Sstevel@tonic-gate char *buffer; 3427c478bd9Sstevel@tonic-gate int buflen; 3437c478bd9Sstevel@tonic-gate /* out: */ 3447c478bd9Sstevel@tonic-gate enum nss_netgr_status status; 3457c478bd9Sstevel@tonic-gate char *retp[NSS_NETGR_N]; 3467c478bd9Sstevel@tonic-gate }; 3477c478bd9Sstevel@tonic-gate 3487c478bd9Sstevel@tonic-gate typedef unsigned nss_innetgr_argc; /* 0 means wildcard */ 3497c478bd9Sstevel@tonic-gate typedef char ** nss_innetgr_argv; /* === Do we really need these? */ 3507c478bd9Sstevel@tonic-gate 3517c478bd9Sstevel@tonic-gate struct nss_innetgr_1arg { 3527c478bd9Sstevel@tonic-gate nss_innetgr_argc argc; 3537c478bd9Sstevel@tonic-gate nss_innetgr_argv argv; 3547c478bd9Sstevel@tonic-gate }; 3557c478bd9Sstevel@tonic-gate 3567c478bd9Sstevel@tonic-gate struct nss_innetgr_args { 3577c478bd9Sstevel@tonic-gate /* in: */ 3587c478bd9Sstevel@tonic-gate struct nss_innetgr_1arg arg[NSS_NETGR_N]; 3597c478bd9Sstevel@tonic-gate struct nss_innetgr_1arg groups; 3607c478bd9Sstevel@tonic-gate /* out: */ 3617c478bd9Sstevel@tonic-gate enum nss_netgr_status status; 3627c478bd9Sstevel@tonic-gate }; 3637c478bd9Sstevel@tonic-gate 364*74e12c43SGordon Ross /* For NSS_DBOP_NETGROUP_BYNAME */ 365*74e12c43SGordon Ross struct nss_netgrent { 366*74e12c43SGordon Ross char *netgr_name; 367*74e12c43SGordon Ross char *netgr_members; 368*74e12c43SGordon Ross }; 369*74e12c43SGordon Ross 3707c478bd9Sstevel@tonic-gate /* 3717c478bd9Sstevel@tonic-gate * nss_XbyY_buf_t -- structure containing the generic arguments passwd to 3727c478bd9Sstevel@tonic-gate * getXXXbyYYY_r() and getXXXent_r() routines. The (void *) value points to 3737c478bd9Sstevel@tonic-gate * a struct of the appropriate type, e.g. struct passwd or struct hostent. 3747c478bd9Sstevel@tonic-gate * 3757c478bd9Sstevel@tonic-gate * The functions that allocate and free these structures do no locking at 3767c478bd9Sstevel@tonic-gate * all, since the routines that use them are inherently MT-unsafe anyway. 3777c478bd9Sstevel@tonic-gate */ 3787c478bd9Sstevel@tonic-gate 3797c478bd9Sstevel@tonic-gate typedef struct { 3807c478bd9Sstevel@tonic-gate void *result; /* "result" parameter to getXbyY_r() */ 3817c478bd9Sstevel@tonic-gate char *buffer; /* "buffer" " " */ 3827c478bd9Sstevel@tonic-gate int buflen; /* "buflen" " " */ 3837c478bd9Sstevel@tonic-gate } nss_XbyY_buf_t; 3847c478bd9Sstevel@tonic-gate 3857c478bd9Sstevel@tonic-gate extern nss_XbyY_buf_t *_nss_XbyY_buf_alloc(int struct_size, int buffer_size); 3867c478bd9Sstevel@tonic-gate extern void _nss_XbyY_buf_free(nss_XbyY_buf_t *); 3877c478bd9Sstevel@tonic-gate 3887c478bd9Sstevel@tonic-gate #define NSS_XbyY_ALLOC(bufpp, str_size, buf_size) (\ 3897c478bd9Sstevel@tonic-gate (*bufpp) == 0 \ 3907c478bd9Sstevel@tonic-gate ? (*bufpp) = _nss_XbyY_buf_alloc(str_size, buf_size) \ 391cb5caa98Sdjl : (*bufpp)) 3927c478bd9Sstevel@tonic-gate 3937c478bd9Sstevel@tonic-gate #define NSS_XbyY_FREE(bufpp) (_nss_XbyY_buf_free(*bufpp), (*bufpp) = 0) 3947c478bd9Sstevel@tonic-gate 3957c478bd9Sstevel@tonic-gate /* 3967c478bd9Sstevel@tonic-gate * The nss_XbyY_args_t struct contains all the information passed between 3977c478bd9Sstevel@tonic-gate * frontends and backends for the getXbyY_r() and getXent() routines, 3987c478bd9Sstevel@tonic-gate * including an nss_XbyY_buf_t and the lookup key (unused for getXXXent_r). 3997c478bd9Sstevel@tonic-gate * 4007c478bd9Sstevel@tonic-gate * The (*str2ent)() member converts a single XXXent from ASCII text to the 4017c478bd9Sstevel@tonic-gate * appropriate struct, storing any pointer data (strings, in_addrs, arrays 4027c478bd9Sstevel@tonic-gate * of these) in the buffer. The ASCII text is a counted string (*not* a 4037c478bd9Sstevel@tonic-gate * zero-terminated string) whose length is specified by the instr_len 4047c478bd9Sstevel@tonic-gate * parameter. The text is found at the address specified by instr and 4057c478bd9Sstevel@tonic-gate * the string is treated as readonly. buffer and instr must be non- 4067c478bd9Sstevel@tonic-gate * intersecting memory areas. 4077c478bd9Sstevel@tonic-gate * 4087c478bd9Sstevel@tonic-gate * With the exception of passwd, shadow and group, the text form for these 4097c478bd9Sstevel@tonic-gate * databases allows trailing comments and arbitrary whitespace. The 4107c478bd9Sstevel@tonic-gate * corresponding str2ent routine assumes that comments, leading whitespace 4117c478bd9Sstevel@tonic-gate * and trailing whitespace have been stripped (and thus assumes that entries 4127c478bd9Sstevel@tonic-gate * consisting only of these have been discarded). 4137c478bd9Sstevel@tonic-gate * 4147c478bd9Sstevel@tonic-gate * The text entries for "rpc" and for the databases described in <netdb.h> 4157c478bd9Sstevel@tonic-gate * follow a common format (a canonical name with a possibly empty list 4167c478bd9Sstevel@tonic-gate * of aliases, and some other value), albeit with minor variations. 4177c478bd9Sstevel@tonic-gate * The function _nss_netdb_aliases() does most of the generic work involved 4187c478bd9Sstevel@tonic-gate * in parsing and marshalling these into the buffer. 4197c478bd9Sstevel@tonic-gate */ 4207c478bd9Sstevel@tonic-gate 421cb5caa98Sdjl typedef union nss_XbyY_key { /* No tag; backend should know what to expect */ 4227c478bd9Sstevel@tonic-gate uid_t uid; 4237c478bd9Sstevel@tonic-gate gid_t gid; 4247c478bd9Sstevel@tonic-gate projid_t projid; 4257c478bd9Sstevel@tonic-gate const char *name; 4267c478bd9Sstevel@tonic-gate int number; 4277c478bd9Sstevel@tonic-gate struct { 4287c478bd9Sstevel@tonic-gate int net; 4297c478bd9Sstevel@tonic-gate int type; 4307c478bd9Sstevel@tonic-gate } netaddr; 4317c478bd9Sstevel@tonic-gate struct { 4327c478bd9Sstevel@tonic-gate const char *addr; 4337c478bd9Sstevel@tonic-gate int len; 4347c478bd9Sstevel@tonic-gate int type; 4357c478bd9Sstevel@tonic-gate } hostaddr; 4367c478bd9Sstevel@tonic-gate struct { 4377c478bd9Sstevel@tonic-gate union { 4387c478bd9Sstevel@tonic-gate const char *name; 4397c478bd9Sstevel@tonic-gate int port; 4407c478bd9Sstevel@tonic-gate } serv; 4417c478bd9Sstevel@tonic-gate const char *proto; 4427c478bd9Sstevel@tonic-gate } serv; 4437c478bd9Sstevel@tonic-gate void *ether; 4447c478bd9Sstevel@tonic-gate struct { 4457c478bd9Sstevel@tonic-gate const char *name; 4467c478bd9Sstevel@tonic-gate const char *keytype; 4477c478bd9Sstevel@tonic-gate } pkey; 4487c478bd9Sstevel@tonic-gate struct { 4497c478bd9Sstevel@tonic-gate const char *name; 4507c478bd9Sstevel@tonic-gate int af_family; 4517c478bd9Sstevel@tonic-gate int flags; 4527c478bd9Sstevel@tonic-gate } ipnode; 4537c478bd9Sstevel@tonic-gate void *attrp; /* for the new attr databases */ 454cb5caa98Sdjl } nss_XbyY_key_t; 455cb5caa98Sdjl 456cb5caa98Sdjl 457cb5caa98Sdjl typedef int (*nss_key2str_t)(void *buffer, size_t buflen, 458cb5caa98Sdjl nss_XbyY_key_t *key, size_t *len); 459cb5caa98Sdjl 4607c478bd9Sstevel@tonic-gate 4617c478bd9Sstevel@tonic-gate typedef struct nss_XbyY_args { 4627c478bd9Sstevel@tonic-gate 4637c478bd9Sstevel@tonic-gate /* IN */ 4647c478bd9Sstevel@tonic-gate nss_XbyY_buf_t buf; 4657c478bd9Sstevel@tonic-gate int stayopen; 4667c478bd9Sstevel@tonic-gate /* 4677c478bd9Sstevel@tonic-gate * Support for setXXXent(stayopen) 4687c478bd9Sstevel@tonic-gate * Used only in hosts, protocols, 4697c478bd9Sstevel@tonic-gate * networks, rpc, and services. 4707c478bd9Sstevel@tonic-gate */ 471cb5caa98Sdjl nss_str2ent_t str2ent; 4727c478bd9Sstevel@tonic-gate union nss_XbyY_key key; 4737c478bd9Sstevel@tonic-gate 4747c478bd9Sstevel@tonic-gate /* OUT */ 4757c478bd9Sstevel@tonic-gate void *returnval; 4767c478bd9Sstevel@tonic-gate int erange; 477cb5caa98Sdjl int h_errno; /* For gethost*_r() */ 478cb5caa98Sdjl nss_status_t status; /* from the backend last called */ 479cb5caa98Sdjl /* NSS2 */ 480cb5caa98Sdjl nss_key2str_t key2str; /* IN */ 481cb5caa98Sdjl size_t returnlen; /* OUT */ 482cb5caa98Sdjl 483cb5caa98Sdjl /* NSCD/DOOR data */ 484cb5caa98Sdjl 485cb5caa98Sdjl /* ... buffer arena follows... */ 4867c478bd9Sstevel@tonic-gate } nss_XbyY_args_t; 4877c478bd9Sstevel@tonic-gate 488cb5caa98Sdjl 489cb5caa98Sdjl 490cb5caa98Sdjl /* 491cb5caa98Sdjl * nss/nscd v2 interface, packed buffer format 492cb5caa98Sdjl * 493cb5caa98Sdjl * A key component of the v2 name service switch is the redirection 494cb5caa98Sdjl * of all activity to nscd for actual processing. In the original 495cb5caa98Sdjl * switch most activity took place in each application, and the nscd 496cb5caa98Sdjl * cache component was an add-on optional interface. 497cb5caa98Sdjl * 498cb5caa98Sdjl * The nscd v1 format was a completely private interface that 499cb5caa98Sdjl * implemented specific bufferiing formats on a per getXbyY API basis. 500cb5caa98Sdjl * 501cb5caa98Sdjl * The nss/nscd v2 interface uses a common header and commonalizes 502cb5caa98Sdjl * the buffering format as consistently as possible. The general rule 503cb5caa98Sdjl * of thumb is that backends are required to assemble their results in 504cb5caa98Sdjl * "files based" format [IE the format used on a per result basis as 505cb5caa98Sdjl * returned by the files backend] and then call the standard str2ent 506cb5caa98Sdjl * interface. This is the original intended design as used in the files 507cb5caa98Sdjl * and nis backends. 508cb5caa98Sdjl * 509cb5caa98Sdjl * The benefit of this is that the application side library can assemble 510cb5caa98Sdjl * a request and provide a header and a variable length result buffer via 511cb5caa98Sdjl * a doors API, and then the nscd side switch can assemble a a getXbyY 512cb5caa98Sdjl * request providing the result buffer and a str2ent function that copies 513cb5caa98Sdjl * but does not unpack the result. 514cb5caa98Sdjl * 515cb5caa98Sdjl * This results is returned back via the door, and unpacked using the 516cb5caa98Sdjl * native library side str2ent interface. 517cb5caa98Sdjl * 518cb5caa98Sdjl * Additionally, the common header allows extensibility to add new 519cb5caa98Sdjl * getXbyYs, putXbyYs or other maintenance APIs to/from nscd without 520cb5caa98Sdjl * changing the existing "old style" backend interfaces. 521cb5caa98Sdjl * 522cb5caa98Sdjl * Finally new style getXbyY, putXbyY and backend interfaces can be 523cb5caa98Sdjl * by adding new operation requests to the header, while old style 524cb5caa98Sdjl * backwards compatability. 525cb5caa98Sdjl */ 526cb5caa98Sdjl 527cb5caa98Sdjl /* 528cb5caa98Sdjl * nss/nscd v2 callnumber definitions 529cb5caa98Sdjl */ 530cb5caa98Sdjl 531cb5caa98Sdjl /* 532cb5caa98Sdjl * callnumbers are separated by categories, such as: 533cb5caa98Sdjl * application to nscd requests, nscd to nscd requests, 534cb5caa98Sdjl * smf to nscd requests, etc. 535cb5caa98Sdjl */ 536cb5caa98Sdjl 537cb5caa98Sdjl #define NSCDV2CATMASK (0xFF000000) 538cb5caa98Sdjl #define NSCDV2CALLMASK (0x00FFFFFF) 539cb5caa98Sdjl 540cb5caa98Sdjl /* 541cb5caa98Sdjl * nss/nscd v2 categories 542cb5caa98Sdjl */ 543cb5caa98Sdjl 544cb5caa98Sdjl #define NSCD_CALLCAT_APP ('a'<<24) 545cb5caa98Sdjl #define NSCD_CALLCAT_N2N ('n'<<24) 546cb5caa98Sdjl 547cb5caa98Sdjl /* nscd v2 app-> nscd callnumbers */ 548cb5caa98Sdjl 549cb5caa98Sdjl #define NSCD_SEARCH (NSCD_CALLCAT_APP|0x01) 550cb5caa98Sdjl #define NSCD_SETENT (NSCD_CALLCAT_APP|0x02) 551cb5caa98Sdjl #define NSCD_GETENT (NSCD_CALLCAT_APP|0x03) 552cb5caa98Sdjl #define NSCD_ENDENT (NSCD_CALLCAT_APP|0x04) 553cb5caa98Sdjl #define NSCD_PUT (NSCD_CALLCAT_APP|0x05) 554cb5caa98Sdjl #define NSCD_GETHINTS (NSCD_CALLCAT_APP|0x06) 555cb5caa98Sdjl 556cb5caa98Sdjl /* nscd v2 SETENT cookie markers */ 557cb5caa98Sdjl 558cb5caa98Sdjl #define NSCD_NEW_COOKIE 0 559cb5caa98Sdjl #define NSCD_LOCAL_COOKIE 1 560cb5caa98Sdjl 561cb5caa98Sdjl /* nscd v2 header revision */ 562cb5caa98Sdjl /* treated as 0xMMMMmmmm MMMM - Major Rev, mmmm - Minor Rev */ 563cb5caa98Sdjl 564cb5caa98Sdjl #define NSCD_HEADER_REV 0x00020000 565cb5caa98Sdjl 566cb5caa98Sdjl /* 567cb5caa98Sdjl * ptr/uint data type used to calculate shared nscd buffer struct sizes 568cb5caa98Sdjl * sizes/offsets are arbitrarily limited to 32 bits for 32/64 compatibility 569cb5caa98Sdjl * datatype is 64 bits for possible pointer storage and future use 570cb5caa98Sdjl */ 571cb5caa98Sdjl 572cb5caa98Sdjl typedef uint64_t nssuint_t; 573cb5caa98Sdjl 574cb5caa98Sdjl /* 575cb5caa98Sdjl * nscd v2 buffer layout overview 576cb5caa98Sdjl * 577cb5caa98Sdjl * The key interface to nscd moving forward is the doors interface 578cb5caa98Sdjl * between applications and nscd (NSCD_CALLCAT_APP), and nscd and 579cb5caa98Sdjl * it's children (NSCD_CALLCAT_N2N). 580cb5caa98Sdjl * 581cb5caa98Sdjl * Regardless of the interface used, the buffer layout is consistent. 582cb5caa98Sdjl * The General Layout is: 583cb5caa98Sdjl * [nss_pheader_t][IN key][OUT data results]{extend results} 584cb5caa98Sdjl * 585cb5caa98Sdjl * The header (nss_pheader_t) remains constant. 586cb5caa98Sdjl * Keys and key layouts vary between call numbers/requests 587cb5caa98Sdjl * NSCD_CALLCAT_APP use key layouts mimics/defines in nss_dbdefs.h 588cb5caa98Sdjl * NSCD_CALLCAT_NSN use layouts defined by nscd headers 589cb5caa98Sdjl * Data and data results vary between results 590cb5caa98Sdjl * NSCD_CALLCAT_APP return "file standard format" output buffers 591cb5caa98Sdjl * NSCD_CALLCAT_NSN return data defined by nscd headers 592cb5caa98Sdjl * extended results are optional and vary 593cb5caa98Sdjl * 594cb5caa98Sdjl */ 595cb5caa98Sdjl 596cb5caa98Sdjl /* 597cb5caa98Sdjl * nss_pheader_t -- buffer header structure that contains switch data 598cb5caa98Sdjl * "packed" by the client into a buffer suitable for transport over 599cb5caa98Sdjl * nscd's door, and that can be unpacked into a native form within 600cb5caa98Sdjl * nscd's switch. Capable of packing and unpacking data ans results. 601cb5caa98Sdjl * 602cb5caa98Sdjl * NSCD_HEADER_REV: 0x00020000 16 x uint64 = (128 byte header) 603cb5caa98Sdjl */ 604cb5caa98Sdjl 605cb5caa98Sdjl typedef struct { 606cb5caa98Sdjl uint32_t nsc_callnumber; /* packed buffer request */ 607cb5caa98Sdjl uint32_t nss_dbop; /* old nss dbop */ 608cb5caa98Sdjl uint32_t p_ruid; /* real uid */ 609cb5caa98Sdjl uint32_t p_euid; /* effective uid */ 610cb5caa98Sdjl uint32_t p_version; /* 0xMMMMmmmm Major/minor */ 611cb5caa98Sdjl uint32_t p_status; /* nss_status_t */ 612cb5caa98Sdjl uint32_t p_errno; /* errno */ 613cb5caa98Sdjl uint32_t p_herrno; /* h_errno */ 614cb5caa98Sdjl nssuint_t libpriv; /* reserved (for lib/client) */ 615cb5caa98Sdjl nssuint_t pbufsiz; /* buffer size */ 616cb5caa98Sdjl nssuint_t dbd_off; /* IN: db desc off */ 617cb5caa98Sdjl nssuint_t dbd_len; /* IN: db desc len */ 618cb5caa98Sdjl nssuint_t key_off; /* IN: key off */ 619cb5caa98Sdjl nssuint_t key_len; /* IN: key len */ 620cb5caa98Sdjl nssuint_t data_off; /* OUT: data off */ 621cb5caa98Sdjl nssuint_t data_len; /* OUT: data len */ 622cb5caa98Sdjl nssuint_t ext_off; /* OUT: extended results off */ 623cb5caa98Sdjl nssuint_t ext_len; /* OUT: extended results len */ 624cb5caa98Sdjl nssuint_t nscdpriv; /* reserved (for nscd) */ 625cb5caa98Sdjl nssuint_t reserved1; /* reserved (TBD) */ 626cb5caa98Sdjl } nss_pheader_t; 627cb5caa98Sdjl 628cb5caa98Sdjl /* 629cb5caa98Sdjl * nss_pnetgr_t -- packed offset structure for holding keys used 630cb5caa98Sdjl * by innetgr (__multi_innetgr) key 631cb5caa98Sdjl * Key format is: 632cb5caa98Sdjl * nss_pnetgr_t 633cb5caa98Sdjl * (nssuint_t)[machine_argc] offsets to strings 634cb5caa98Sdjl * (nssuint_t)[user_argc] offsets to strings 635cb5caa98Sdjl * (nssuint_t)[domain_argc] offsets to strings 636cb5caa98Sdjl * (nssuint_t)[groups_argc] offsets to strings 637cb5caa98Sdjl * machine,user,domain,groups strings 638cb5caa98Sdjl */ 639cb5caa98Sdjl 640cb5caa98Sdjl typedef struct { 641cb5caa98Sdjl uint32_t machine_argc; 642cb5caa98Sdjl uint32_t user_argc; 643cb5caa98Sdjl uint32_t domain_argc; 644cb5caa98Sdjl uint32_t groups_argc; 645cb5caa98Sdjl nssuint_t machine_offv; 646cb5caa98Sdjl nssuint_t user_offv; 647cb5caa98Sdjl nssuint_t domain_offv; 648cb5caa98Sdjl nssuint_t groups_offv; 649cb5caa98Sdjl } nss_pnetgr_t; 650cb5caa98Sdjl 651cb5caa98Sdjl 6527c478bd9Sstevel@tonic-gate /* status returned by the str2ent parsing routines */ 6537c478bd9Sstevel@tonic-gate #define NSS_STR_PARSE_SUCCESS 0 6547c478bd9Sstevel@tonic-gate #define NSS_STR_PARSE_PARSE 1 6557c478bd9Sstevel@tonic-gate #define NSS_STR_PARSE_ERANGE 2 6567c478bd9Sstevel@tonic-gate 6577c478bd9Sstevel@tonic-gate #define NSS_XbyY_INIT(str, res, bufp, len, func) (\ 6587c478bd9Sstevel@tonic-gate (str)->buf.result = (res), \ 6597c478bd9Sstevel@tonic-gate (str)->buf.buffer = (bufp), \ 6607c478bd9Sstevel@tonic-gate (str)->buf.buflen = (len), \ 6617c478bd9Sstevel@tonic-gate (str)->stayopen = 0, \ 6627c478bd9Sstevel@tonic-gate (str)->str2ent = (func), \ 663cb5caa98Sdjl (str)->key2str = NULL, \ 6647c478bd9Sstevel@tonic-gate (str)->returnval = 0, \ 665cb5caa98Sdjl (str)->returnlen = 0, \ 666ba2b2c94SVitaliy Gusev (str)->h_errno = 0, \ 667cb5caa98Sdjl (str)->erange = 0) 668cb5caa98Sdjl 669cb5caa98Sdjl #define NSS_XbyY_INIT_EXT(str, res, bufp, len, func, kfunc) (\ 670cb5caa98Sdjl (str)->buf.result = (res), \ 671cb5caa98Sdjl (str)->buf.buffer = (bufp), \ 672cb5caa98Sdjl (str)->buf.buflen = (len), \ 673cb5caa98Sdjl (str)->stayopen = 0, \ 674cb5caa98Sdjl (str)->str2ent = (func), \ 675cb5caa98Sdjl (str)->key2str = (kfunc), \ 676cb5caa98Sdjl (str)->returnval = 0, \ 677cb5caa98Sdjl (str)->returnlen = 0, \ 678ba2b2c94SVitaliy Gusev (str)->h_errno = 0, \ 6797c478bd9Sstevel@tonic-gate (str)->erange = 0) 6807c478bd9Sstevel@tonic-gate 681d88e84ffSRichard Lowe #define NSS_XbyY_FINI(str) _nss_XbyY_fini(str) 6827c478bd9Sstevel@tonic-gate 683cb5caa98Sdjl #define NSS_PACKED_CRED_CHECK(buf, ruid, euid) (\ 684cb5caa98Sdjl ((nss_pheader_t *)(buf))->p_ruid == (ruid) && \ 685cb5caa98Sdjl ((nss_pheader_t *)(buf))->p_euid == (euid)) 686cb5caa98Sdjl 687d88e84ffSRichard Lowe extern void *_nss_XbyY_fini(nss_XbyY_args_t *); 688cb5caa98Sdjl extern char **_nss_netdb_aliases(const char *, int, char *, int); 689cb5caa98Sdjl extern nss_status_t nss_default_key2str(void *, size_t, nss_XbyY_args_t *, 690cb5caa98Sdjl const char *, int, size_t *); 691cb5caa98Sdjl extern nss_status_t nss_packed_arg_init(void *, size_t, nss_db_root_t *, 692cb5caa98Sdjl nss_db_initf_t *, int *, 693cb5caa98Sdjl nss_XbyY_args_t *); 694cb5caa98Sdjl extern nss_status_t nss_packed_context_init(void *, size_t, nss_db_root_t *, 695cb5caa98Sdjl nss_db_initf_t *, nss_getent_t **, 696cb5caa98Sdjl nss_XbyY_args_t *); 697cb5caa98Sdjl extern void nss_packed_set_status(void *, size_t, nss_status_t, 698cb5caa98Sdjl nss_XbyY_args_t *); 699cb5caa98Sdjl extern nss_status_t nss_packed_getkey(void *, size_t, char **, int *, 700cb5caa98Sdjl nss_XbyY_args_t *); 7017c478bd9Sstevel@tonic-gate 7027c478bd9Sstevel@tonic-gate /* 7037c478bd9Sstevel@tonic-gate * nss_dbop_t values for searches with various keys; values for 7047c478bd9Sstevel@tonic-gate * destructor/endent/setent/getent are defined in <nss_common.h> 7057c478bd9Sstevel@tonic-gate */ 7067c478bd9Sstevel@tonic-gate 707cb5caa98Sdjl /* 708cb5caa98Sdjl * These are part of the "Over the wire" IE app->nscd getXbyY 709cb5caa98Sdjl * op for well known getXbyY's. Cannot use NSS_DBOP_X_Y directly 710cb5caa98Sdjl * because NSS_DBOP_next_iter is NOT an incrementing counter value 711cb5caa98Sdjl * it's a starting offset into an array value. 712cb5caa98Sdjl */ 713cb5caa98Sdjl 714cb5caa98Sdjl #define NSS_DBOP_X(x) ((x)<<16) 715cb5caa98Sdjl #define NSS_DBOP_XY(x, y) ((x)|(y)) 716cb5caa98Sdjl 717cb5caa98Sdjl #define NSS_DBOP_ALIASES NSS_DBOP_X(1) 718cb5caa98Sdjl #define NSS_DBOP_AUTOMOUNT NSS_DBOP_X(2) 719cb5caa98Sdjl #define NSS_DBOP_BOOTPARAMS NSS_DBOP_X(3) 720cb5caa98Sdjl #define NSS_DBOP_ETHERS NSS_DBOP_X(4) 721cb5caa98Sdjl #define NSS_DBOP_GROUP NSS_DBOP_X(5) 722cb5caa98Sdjl #define NSS_DBOP_HOSTS NSS_DBOP_X(6) 723cb5caa98Sdjl #define NSS_DBOP_IPNODES NSS_DBOP_X(7) 724cb5caa98Sdjl #define NSS_DBOP_NETGROUP NSS_DBOP_X(8) 725cb5caa98Sdjl #define NSS_DBOP_NETMASKS NSS_DBOP_X(9) 726cb5caa98Sdjl #define NSS_DBOP_NETWORKS NSS_DBOP_X(10) 727cb5caa98Sdjl #define NSS_DBOP_PASSWD NSS_DBOP_X(11) 728cb5caa98Sdjl #define NSS_DBOP_PRINTERS NSS_DBOP_X(12) 729cb5caa98Sdjl #define NSS_DBOP_PROJECT NSS_DBOP_X(13) 730cb5caa98Sdjl #define NSS_DBOP_PROTOCOLS NSS_DBOP_X(14) 731cb5caa98Sdjl #define NSS_DBOP_PUBLICKEY NSS_DBOP_X(15) 732cb5caa98Sdjl #define NSS_DBOP_RPC NSS_DBOP_X(16) 733cb5caa98Sdjl #define NSS_DBOP_SERVICES NSS_DBOP_X(17) 734cb5caa98Sdjl #define NSS_DBOP_AUDITUSER NSS_DBOP_X(18) 735cb5caa98Sdjl #define NSS_DBOP_AUTHATTR NSS_DBOP_X(19) 736cb5caa98Sdjl #define NSS_DBOP_EXECATTR NSS_DBOP_X(20) 737cb5caa98Sdjl #define NSS_DBOP_PROFATTR NSS_DBOP_X(21) 738cb5caa98Sdjl #define NSS_DBOP_USERATTR NSS_DBOP_X(22) 739cb5caa98Sdjl 7407c478bd9Sstevel@tonic-gate #define NSS_DBOP_GROUP_BYNAME (NSS_DBOP_next_iter) 7417c478bd9Sstevel@tonic-gate #define NSS_DBOP_GROUP_BYGID (NSS_DBOP_GROUP_BYNAME + 1) 7427c478bd9Sstevel@tonic-gate #define NSS_DBOP_GROUP_BYMEMBER (NSS_DBOP_GROUP_BYGID + 1) 7437c478bd9Sstevel@tonic-gate 7447c478bd9Sstevel@tonic-gate #define NSS_DBOP_PASSWD_BYNAME (NSS_DBOP_next_iter) 7457c478bd9Sstevel@tonic-gate #define NSS_DBOP_PASSWD_BYUID (NSS_DBOP_PASSWD_BYNAME + 1) 7467c478bd9Sstevel@tonic-gate 7477c478bd9Sstevel@tonic-gate /* The "compat" backend requires that PASSWD_BYNAME == SHADOW_BYNAME */ 7487c478bd9Sstevel@tonic-gate /* (it also requires that both use key.name to pass the username). */ 7497c478bd9Sstevel@tonic-gate #define NSS_DBOP_SHADOW_BYNAME (NSS_DBOP_PASSWD_BYNAME) 7507c478bd9Sstevel@tonic-gate 7517c478bd9Sstevel@tonic-gate #define NSS_DBOP_PROJECT_BYNAME (NSS_DBOP_next_iter) 7527c478bd9Sstevel@tonic-gate #define NSS_DBOP_PROJECT_BYID (NSS_DBOP_PROJECT_BYNAME + 1) 7537c478bd9Sstevel@tonic-gate 7547c478bd9Sstevel@tonic-gate #define NSS_DBOP_HOSTS_BYNAME (NSS_DBOP_next_iter) 7557c478bd9Sstevel@tonic-gate #define NSS_DBOP_HOSTS_BYADDR (NSS_DBOP_HOSTS_BYNAME + 1) 7567c478bd9Sstevel@tonic-gate 7577c478bd9Sstevel@tonic-gate #define NSS_DBOP_IPNODES_BYNAME (NSS_DBOP_next_iter) 7587c478bd9Sstevel@tonic-gate #define NSS_DBOP_IPNODES_BYADDR (NSS_DBOP_IPNODES_BYNAME + 1) 7597c478bd9Sstevel@tonic-gate 7607c478bd9Sstevel@tonic-gate /* 7617c478bd9Sstevel@tonic-gate * NSS_DBOP_NAME_2ADDR 7627c478bd9Sstevel@tonic-gate * NSS_DBOP_ADDR_2NAME 7637c478bd9Sstevel@tonic-gate * : are defines for ipv6 api's 7647c478bd9Sstevel@tonic-gate */ 7657c478bd9Sstevel@tonic-gate 7667c478bd9Sstevel@tonic-gate #define NSS_DBOP_NAME_2ADDR (NSS_DBOP_next_ipv6_iter) 7677c478bd9Sstevel@tonic-gate #define NSS_DBOP_ADDR_2NAME (NSS_DBOP_NAME_2ADDR + 1) 7687c478bd9Sstevel@tonic-gate 7697c478bd9Sstevel@tonic-gate #define NSS_DBOP_RPC_BYNAME (NSS_DBOP_next_iter) 7707c478bd9Sstevel@tonic-gate #define NSS_DBOP_RPC_BYNUMBER (NSS_DBOP_RPC_BYNAME + 1) 7717c478bd9Sstevel@tonic-gate 7727c478bd9Sstevel@tonic-gate #define NSS_DBOP_NETWORKS_BYNAME (NSS_DBOP_next_iter) 7737c478bd9Sstevel@tonic-gate #define NSS_DBOP_NETWORKS_BYADDR (NSS_DBOP_NETWORKS_BYNAME + 1) 7747c478bd9Sstevel@tonic-gate 7757c478bd9Sstevel@tonic-gate #define NSS_DBOP_SERVICES_BYNAME (NSS_DBOP_next_iter) 7767c478bd9Sstevel@tonic-gate #define NSS_DBOP_SERVICES_BYPORT (NSS_DBOP_SERVICES_BYNAME + 1) 7777c478bd9Sstevel@tonic-gate 7787c478bd9Sstevel@tonic-gate #define NSS_DBOP_PROTOCOLS_BYNAME (NSS_DBOP_next_iter) 7797c478bd9Sstevel@tonic-gate #define NSS_DBOP_PROTOCOLS_BYNUMBER (NSS_DBOP_PROTOCOLS_BYNAME + 1) 7807c478bd9Sstevel@tonic-gate 7817c478bd9Sstevel@tonic-gate #define NSS_DBOP_ETHERS_HOSTTON (NSS_DBOP_next_noiter) 7827c478bd9Sstevel@tonic-gate #define NSS_DBOP_ETHERS_NTOHOST (NSS_DBOP_ETHERS_HOSTTON + 1) 7837c478bd9Sstevel@tonic-gate 7847c478bd9Sstevel@tonic-gate #define NSS_DBOP_BOOTPARAMS_BYNAME (NSS_DBOP_next_noiter) 7857c478bd9Sstevel@tonic-gate #define NSS_DBOP_NETMASKS_BYNET (NSS_DBOP_next_noiter) 7867c478bd9Sstevel@tonic-gate 7877c478bd9Sstevel@tonic-gate #define NSS_DBOP_PRINTERS_BYNAME (NSS_DBOP_next_iter) 7887c478bd9Sstevel@tonic-gate 7897c478bd9Sstevel@tonic-gate /* 7907c478bd9Sstevel@tonic-gate * The "real" backend for netgroup (__multi_innetgr, setnetgrent) 791*74e12c43SGordon Ross * Note: _BYNAME is implemented only in "files" (for now). 7927c478bd9Sstevel@tonic-gate */ 7937c478bd9Sstevel@tonic-gate #define NSS_DBOP_NETGROUP_IN (NSS_DBOP_next_iter) 7947c478bd9Sstevel@tonic-gate #define NSS_DBOP_NETGROUP_SET (NSS_DBOP_NETGROUP_IN + 1) 795*74e12c43SGordon Ross #define NSS_DBOP_NETGROUP_BYNAME (NSS_DBOP_NETGROUP_SET + 1) 7967c478bd9Sstevel@tonic-gate 7977c478bd9Sstevel@tonic-gate /* 7987c478bd9Sstevel@tonic-gate * The backend for getpublickey and getsecretkey (getkeys) 7997c478bd9Sstevel@tonic-gate */ 8007c478bd9Sstevel@tonic-gate #define NSS_DBOP_KEYS_BYNAME (NSS_DBOP_next_iter) 8017c478bd9Sstevel@tonic-gate 8027c478bd9Sstevel@tonic-gate /* 8037c478bd9Sstevel@tonic-gate * The pseudo-backend for netgroup (returned by setnetgrent) doesn't have 8047c478bd9Sstevel@tonic-gate * any getXXXbyYYY operations, just the usual destr/end/set/get ops, 8057c478bd9Sstevel@tonic-gate * so needs no definitions here. 8067c478bd9Sstevel@tonic-gate */ 8077c478bd9Sstevel@tonic-gate 8087c478bd9Sstevel@tonic-gate #define NSS_DBOP_ATTRDB_BYNAME (NSS_DBOP_next_iter) 8097c478bd9Sstevel@tonic-gate 8107c478bd9Sstevel@tonic-gate #define NSS_DBOP_AUDITUSER_BYNAME NSS_DBOP_ATTRDB_BYNAME 8117c478bd9Sstevel@tonic-gate #define NSS_DBOP_AUTHATTR_BYNAME NSS_DBOP_ATTRDB_BYNAME 8127c478bd9Sstevel@tonic-gate #define NSS_DBOP_EXECATTR_BYNAME NSS_DBOP_ATTRDB_BYNAME 8137c478bd9Sstevel@tonic-gate #define NSS_DBOP_EXECATTR_BYID (NSS_DBOP_EXECATTR_BYNAME + 1) 8147c478bd9Sstevel@tonic-gate #define NSS_DBOP_EXECATTR_BYNAMEID (NSS_DBOP_EXECATTR_BYID + 1) 8157c478bd9Sstevel@tonic-gate #define NSS_DBOP_PROFATTR_BYNAME NSS_DBOP_ATTRDB_BYNAME 8167c478bd9Sstevel@tonic-gate #define NSS_DBOP_USERATTR_BYNAME NSS_DBOP_ATTRDB_BYNAME 8177c478bd9Sstevel@tonic-gate 81845916cd2Sjpk #define NSS_DBOP_TSOL_TP_BYNAME (NSS_DBOP_next_iter) 81945916cd2Sjpk #define NSS_DBOP_TSOL_RH_BYADDR (NSS_DBOP_next_iter) 82045916cd2Sjpk #define NSS_DBOP_TSOL_ZC_BYNAME (NSS_DBOP_next_iter) 82145916cd2Sjpk 8227c478bd9Sstevel@tonic-gate /* 8237c478bd9Sstevel@tonic-gate * Used all over in the switch code. The best home for it I can think of. 8247c478bd9Sstevel@tonic-gate * Power-of-two alignments only. 8257c478bd9Sstevel@tonic-gate */ 8267c478bd9Sstevel@tonic-gate #define ROUND_DOWN(n, align) (((uintptr_t)n) & ~((align) - 1l)) 8277c478bd9Sstevel@tonic-gate #define ROUND_UP(n, align) ROUND_DOWN(((uintptr_t)n) + (align) - 1l, \ 8287c478bd9Sstevel@tonic-gate (align)) 8297c478bd9Sstevel@tonic-gate 8307c478bd9Sstevel@tonic-gate #ifdef __cplusplus 8317c478bd9Sstevel@tonic-gate } 8327c478bd9Sstevel@tonic-gate #endif 8337c478bd9Sstevel@tonic-gate 8347c478bd9Sstevel@tonic-gate #endif /* _NSS_DBDEFS_H */ 835