17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 51f3e1ca0Ssatishk * Common Development and Distribution License (the "License"). 61f3e1ca0Ssatishk * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 221f3e1ca0Ssatishk * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 237c478bd9Sstevel@tonic-gate * Use is subject to license terms. 247c478bd9Sstevel@tonic-gate * 2545916cd2Sjpk * Database-specific definitions for the getXXXbyYYY routines 267c478bd9Sstevel@tonic-gate * (e.g getpwuid_r(), ether_ntohost()) that use the name-service switch. 277c478bd9Sstevel@tonic-gate * Database-independent definitions are in <nss_common.h> 287c478bd9Sstevel@tonic-gate * 297c478bd9Sstevel@tonic-gate * Ideally, this is the only switch header file one would add things 307c478bd9Sstevel@tonic-gate * to in order to support a new database. 317c478bd9Sstevel@tonic-gate * 327c478bd9Sstevel@tonic-gate * NOTE: The interfaces documented in this file may change in a minor 337c478bd9Sstevel@tonic-gate * release. It is intended that in the future a stronger committment 347c478bd9Sstevel@tonic-gate * will be made to these interface definitions which will guarantee 357c478bd9Sstevel@tonic-gate * them across minor releases. 367c478bd9Sstevel@tonic-gate */ 377c478bd9Sstevel@tonic-gate 387c478bd9Sstevel@tonic-gate #ifndef _NSS_DBDEFS_H 397c478bd9Sstevel@tonic-gate #define _NSS_DBDEFS_H 407c478bd9Sstevel@tonic-gate 417c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 427c478bd9Sstevel@tonic-gate 43*cb5caa98Sdjl #include <sys/types.h> 44*cb5caa98Sdjl #include <unistd.h> 457c478bd9Sstevel@tonic-gate #include <errno.h> 467c478bd9Sstevel@tonic-gate #include <netdb.h> /* MAXALIASES, MAXADDRS */ 477c478bd9Sstevel@tonic-gate #include <limits.h> /* LOGNAME_MAX */ 487c478bd9Sstevel@tonic-gate #include <nss_common.h> 497c478bd9Sstevel@tonic-gate 507c478bd9Sstevel@tonic-gate #ifdef __cplusplus 517c478bd9Sstevel@tonic-gate extern "C" { 527c478bd9Sstevel@tonic-gate #endif 537c478bd9Sstevel@tonic-gate 547c478bd9Sstevel@tonic-gate #ifndef NSS_INCLUDE_UNSAFE 557c478bd9Sstevel@tonic-gate #define NSS_INCLUDE_UNSAFE 1 /* Build old, MT-unsafe interfaces, */ 567c478bd9Sstevel@tonic-gate #endif /* NSS_INCLUDE_UNSAFE */ /* e.g. getpwnam (c.f. getpwnam_r) */ 577c478bd9Sstevel@tonic-gate 587c478bd9Sstevel@tonic-gate /* 597c478bd9Sstevel@tonic-gate * Names of the well-known databases. 607c478bd9Sstevel@tonic-gate */ 617c478bd9Sstevel@tonic-gate 627c478bd9Sstevel@tonic-gate #define NSS_DBNAM_ALIASES "aliases" /* E-mail aliases, that is */ 637c478bd9Sstevel@tonic-gate #define NSS_DBNAM_AUTOMOUNT "automount" 647c478bd9Sstevel@tonic-gate #define NSS_DBNAM_BOOTPARAMS "bootparams" 657c478bd9Sstevel@tonic-gate #define NSS_DBNAM_ETHERS "ethers" 667c478bd9Sstevel@tonic-gate #define NSS_DBNAM_GROUP "group" 677c478bd9Sstevel@tonic-gate #define NSS_DBNAM_HOSTS "hosts" 687c478bd9Sstevel@tonic-gate #define NSS_DBNAM_IPNODES "ipnodes" 697c478bd9Sstevel@tonic-gate #define NSS_DBNAM_NETGROUP "netgroup" 707c478bd9Sstevel@tonic-gate #define NSS_DBNAM_NETMASKS "netmasks" 717c478bd9Sstevel@tonic-gate #define NSS_DBNAM_NETWORKS "networks" 727c478bd9Sstevel@tonic-gate #define NSS_DBNAM_PASSWD "passwd" 737c478bd9Sstevel@tonic-gate #define NSS_DBNAM_PRINTERS "printers" 747c478bd9Sstevel@tonic-gate #define NSS_DBNAM_PROJECT "project" 757c478bd9Sstevel@tonic-gate #define NSS_DBNAM_PROTOCOLS "protocols" 767c478bd9Sstevel@tonic-gate #define NSS_DBNAM_PUBLICKEY "publickey" 777c478bd9Sstevel@tonic-gate #define NSS_DBNAM_RPC "rpc" 787c478bd9Sstevel@tonic-gate #define NSS_DBNAM_SERVICES "services" 797c478bd9Sstevel@tonic-gate #define NSS_DBNAM_AUDITUSER "audit_user" 807c478bd9Sstevel@tonic-gate #define NSS_DBNAM_AUTHATTR "auth_attr" 817c478bd9Sstevel@tonic-gate #define NSS_DBNAM_EXECATTR "exec_attr" 827c478bd9Sstevel@tonic-gate #define NSS_DBNAM_PROFATTR "prof_attr" 837c478bd9Sstevel@tonic-gate #define NSS_DBNAM_USERATTR "user_attr" 847c478bd9Sstevel@tonic-gate 8545916cd2Sjpk #define NSS_DBNAM_TSOL_TP "tnrhtp" 8645916cd2Sjpk #define NSS_DBNAM_TSOL_RH "tnrhdb" 8745916cd2Sjpk #define NSS_DBNAM_TSOL_ZC "tnzonecfg" 8845916cd2Sjpk 897c478bd9Sstevel@tonic-gate /* getspnam() et al use the "passwd" config entry but the "shadow" backend */ 907c478bd9Sstevel@tonic-gate #define NSS_DBNAM_SHADOW "shadow" 917c478bd9Sstevel@tonic-gate 927c478bd9Sstevel@tonic-gate /* The "compat" backend gets config entries for these pseudo-databases */ 937c478bd9Sstevel@tonic-gate #define NSS_DBNAM_PASSWD_COMPAT "passwd_compat" 947c478bd9Sstevel@tonic-gate #define NSS_DBNAM_GROUP_COMPAT "group_compat" 957c478bd9Sstevel@tonic-gate 967c478bd9Sstevel@tonic-gate /* 977c478bd9Sstevel@tonic-gate * Default switch configuration, compiled into the front-ends. 987c478bd9Sstevel@tonic-gate * 997c478bd9Sstevel@tonic-gate * Absent good reasons to the contrary, this should be compatible with the 1007c478bd9Sstevel@tonic-gate * default /etc/nsswitch.conf file. 1017c478bd9Sstevel@tonic-gate */ 1027c478bd9Sstevel@tonic-gate #define NSS_FILES_ONLY "files" 1037c478bd9Sstevel@tonic-gate #define NSS_FILES_NS "files nis" 1047c478bd9Sstevel@tonic-gate #define NSS_NS_FALLBACK "nis [NOTFOUND=return] files" 1057c478bd9Sstevel@tonic-gate #define NSS_NS_ONLY "nis" 10645916cd2Sjpk #define NSS_TSOL_FALLBACK "files ldap" 1077c478bd9Sstevel@tonic-gate 1087c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_ALIASES NSS_FILES_NS 1097c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_AUTOMOUNT NSS_FILES_NS 1107c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_BOOTPARAMS NSS_NS_FALLBACK 1117c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_ETHERS NSS_NS_FALLBACK 1127c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_GROUP NSS_FILES_NS 1137c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_HOSTS NSS_NS_FALLBACK 1147c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_IPNODES NSS_NS_FALLBACK 1157c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_NETGROUP NSS_NS_ONLY 1167c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_NETMASKS NSS_NS_FALLBACK 1177c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_NETWORKS NSS_NS_FALLBACK 1187c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_PASSWD NSS_FILES_NS 1197c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_PRINTERS "user files nis nisplus" 1207c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_PROJECT NSS_FILES_NS 1217c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_PROTOCOLS NSS_NS_FALLBACK 1227c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_PUBLICKEY NSS_FILES_NS 1237c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_RPC NSS_NS_FALLBACK 1247c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_SERVICES NSS_FILES_NS /* speeds up byname() */ 1257c478bd9Sstevel@tonic-gate 1267c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_GROUP_COMPAT NSS_NS_ONLY 1277c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_PASSWD_COMPAT NSS_NS_ONLY 1287c478bd9Sstevel@tonic-gate 1297c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_ATTRDB NSS_FILES_NS 1307c478bd9Sstevel@tonic-gate 1317c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_AUDITUSER NSS_DEFCONF_PASSWD 1327c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_USERATTR NSS_DEFCONF_PASSWD 1337c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_AUTHATTR NSS_DEFCONF_ATTRDB 1347c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_PROFATTR NSS_DEFCONF_ATTRDB 1357c478bd9Sstevel@tonic-gate #define NSS_DEFCONF_EXECATTR NSS_DEFCONF_PROFATTR 1367c478bd9Sstevel@tonic-gate 13745916cd2Sjpk #define NSS_DEFCONF_TSOL_TP NSS_TSOL_FALLBACK 13845916cd2Sjpk #define NSS_DEFCONF_TSOL_RH NSS_TSOL_FALLBACK 13945916cd2Sjpk #define NSS_DEFCONF_TSOL_ZC NSS_TSOL_FALLBACK 14045916cd2Sjpk 1417c478bd9Sstevel@tonic-gate /* 1427c478bd9Sstevel@tonic-gate * Line-lengths that the "files" and "compat" backends will try to support. 1437c478bd9Sstevel@tonic-gate * It may be reasonable (even advisable) to use smaller values than these. 1447c478bd9Sstevel@tonic-gate */ 1457c478bd9Sstevel@tonic-gate 1467c478bd9Sstevel@tonic-gate #define NSS_BUFSIZ 1024 1477c478bd9Sstevel@tonic-gate 1481f3e1ca0Ssatishk #define NSS_LINELEN_GROUP ((NSS_BUFSIZ) * 8) 1497c478bd9Sstevel@tonic-gate #define NSS_LINELEN_HOSTS ((NSS_BUFSIZ) * 8) 1507c478bd9Sstevel@tonic-gate #define NSS_LINELEN_IPNODES ((NSS_BUFSIZ) * 8) 1517c478bd9Sstevel@tonic-gate #define NSS_LINELEN_NETMASKS NSS_BUFSIZ 1527c478bd9Sstevel@tonic-gate #define NSS_LINELEN_NETWORKS NSS_BUFSIZ 1537c478bd9Sstevel@tonic-gate #define NSS_LINELEN_PASSWD NSS_BUFSIZ 1547c478bd9Sstevel@tonic-gate #define NSS_LINELEN_PRINTERS NSS_BUFSIZ 1557c478bd9Sstevel@tonic-gate #define NSS_LINELEN_PROJECT ((NSS_BUFSIZ) * 4) 1567c478bd9Sstevel@tonic-gate #define NSS_LINELEN_PROTOCOLS NSS_BUFSIZ 1577c478bd9Sstevel@tonic-gate #define NSS_LINELEN_PUBLICKEY NSS_BUFSIZ 1587c478bd9Sstevel@tonic-gate #define NSS_LINELEN_RPC NSS_BUFSIZ 1597c478bd9Sstevel@tonic-gate #define NSS_LINELEN_SERVICES NSS_BUFSIZ 1607c478bd9Sstevel@tonic-gate #define NSS_LINELEN_SHADOW NSS_BUFSIZ 1617c478bd9Sstevel@tonic-gate #define NSS_LINELEN_ETHERS NSS_BUFSIZ 1627c478bd9Sstevel@tonic-gate #define NSS_LINELEN_BOOTPARAMS NSS_BUFSIZ 1637c478bd9Sstevel@tonic-gate 1647c478bd9Sstevel@tonic-gate #define NSS_LINELEN_ATTRDB NSS_BUFSIZ 1657c478bd9Sstevel@tonic-gate 1667c478bd9Sstevel@tonic-gate #define NSS_LINELEN_AUDITUSER NSS_LINELEN_ATTRDB 1677c478bd9Sstevel@tonic-gate #define NSS_LINELEN_AUTHATTR NSS_LINELEN_ATTRDB 1687c478bd9Sstevel@tonic-gate #define NSS_LINELEN_EXECATTR NSS_LINELEN_ATTRDB 1697c478bd9Sstevel@tonic-gate #define NSS_LINELEN_PROFATTR NSS_LINELEN_ATTRDB 1707c478bd9Sstevel@tonic-gate #define NSS_LINELEN_USERATTR NSS_LINELEN_ATTRDB 1717c478bd9Sstevel@tonic-gate 1727c478bd9Sstevel@tonic-gate #define NSS_MMAPLEN_EXECATTR NSS_LINELEN_EXECATTR * 8 1737c478bd9Sstevel@tonic-gate 17445916cd2Sjpk #define NSS_LINELEN_TSOL NSS_BUFSIZ 17545916cd2Sjpk 17645916cd2Sjpk #define NSS_LINELEN_TSOL_TP NSS_LINELEN_TSOL 17745916cd2Sjpk #define NSS_LINELEN_TSOL_RH NSS_LINELEN_TSOL 17845916cd2Sjpk #define NSS_LINELEN_TSOL_ZC NSS_LINELEN_TSOL 17945916cd2Sjpk 1807c478bd9Sstevel@tonic-gate /* 1817c478bd9Sstevel@tonic-gate * Reasonable defaults for 'buflen' values passed to _r functions. The BSD 1827c478bd9Sstevel@tonic-gate * and SunOS 4.x implementations of the getXXXbyYYY() functions used hard- 1837c478bd9Sstevel@tonic-gate * coded array sizes; the values here are meant to handle anything that 1847c478bd9Sstevel@tonic-gate * those implementations handled. 1857c478bd9Sstevel@tonic-gate * === These might more reasonably go in <pwd.h>, <netdb.h> et al 1867c478bd9Sstevel@tonic-gate */ 1877c478bd9Sstevel@tonic-gate 1881f3e1ca0Ssatishk #define NSS_BUFLEN_GROUP NSS_LINELEN_GROUP 1897c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_HOSTS \ 1907c478bd9Sstevel@tonic-gate (NSS_LINELEN_HOSTS + (MAXALIASES + MAXADDRS + 2) * sizeof (char *)) 1917c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_IPNODES \ 1927c478bd9Sstevel@tonic-gate (NSS_LINELEN_IPNODES + (MAXALIASES + MAXADDRS + 2) * sizeof (char *)) 1937c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_NETGROUP (MAXHOSTNAMELEN * 2 + LOGNAME_MAX + 3) 1947c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_NETWORKS NSS_LINELEN_NETWORKS /* === ? + 35 * 4 */ 1957c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_PASSWD NSS_LINELEN_PASSWD 1967c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_PROJECT (NSS_LINELEN_PROJECT + 800 * sizeof (char *)) 1977c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_PROTOCOLS NSS_LINELEN_PROTOCOLS /* === ? + 35 * 4 */ 1987c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_PUBLICKEY NSS_LINELEN_PUBLICKEY 1997c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_RPC NSS_LINELEN_RPC /* === ? + 35 * 4 */ 2007c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_SERVICES NSS_LINELEN_SERVICES /* === ? + 35 * 4 */ 2017c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_SHADOW NSS_LINELEN_SHADOW 2027c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_ETHERS NSS_LINELEN_ETHERS 2037c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_BOOTPARAMS NSS_LINELEN_BOOTPARAMS 2047c478bd9Sstevel@tonic-gate 2057c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_ATTRDB NSS_LINELEN_ATTRDB 2067c478bd9Sstevel@tonic-gate 2077c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_AUDITUSER NSS_BUFLEN_ATTRDB 2087c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_AUTHATTR NSS_BUFLEN_ATTRDB 2097c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_EXECATTR NSS_BUFLEN_ATTRDB 2107c478bd9Sstevel@tonic-gate #define NSS_BUFLEN_PROFATTR NSS_BUFLEN_ATTRDB 2111f3e1ca0Ssatishk #define NSS_BUFLEN_USERATTR ((NSS_BUFLEN_ATTRDB) * 8) 2127c478bd9Sstevel@tonic-gate 21345916cd2Sjpk #define NSS_BUFLEN_TSOL NSS_LINELEN_TSOL 21445916cd2Sjpk #define NSS_BUFLEN_TSOL_TP NSS_BUFLEN_TSOL 21545916cd2Sjpk #define NSS_BUFLEN_TSOL_RH NSS_BUFLEN_TSOL 21645916cd2Sjpk #define NSS_BUFLEN_TSOL_ZC NSS_BUFLEN_TSOL 2177c478bd9Sstevel@tonic-gate 218*cb5caa98Sdjl /* 219*cb5caa98Sdjl * Default cache door buffer size (2x largest buffer) 220*cb5caa98Sdjl */ 221*cb5caa98Sdjl 222*cb5caa98Sdjl #define NSS_BUFLEN_DOOR ((NSS_BUFSIZ) * 16) 223*cb5caa98Sdjl 2247c478bd9Sstevel@tonic-gate /* 2257c478bd9Sstevel@tonic-gate * Arguments and results, passed between the frontends and backends for 2267c478bd9Sstevel@tonic-gate * the well-known databases. The getXbyY_r() and getXent_r() routines 2277c478bd9Sstevel@tonic-gate * use a common format that is further described below; other routines 2287c478bd9Sstevel@tonic-gate * use their own formats. 2297c478bd9Sstevel@tonic-gate */ 2307c478bd9Sstevel@tonic-gate 231*cb5caa98Sdjl /* 232*cb5caa98Sdjl * The nss_str2ent_t routine is the data marshaller for the nsswitch. 233*cb5caa98Sdjl * it converts 'native files' format into 'entry' format as part of the 234*cb5caa98Sdjl * return processing for a getXbyY interface. 235*cb5caa98Sdjl * 236*cb5caa98Sdjl * The nss_groupstr_t routine does the real work for any backend 237*cb5caa98Sdjl * that can supply a netgroup entry as a string in /etc/group format 238*cb5caa98Sdjl */ 239*cb5caa98Sdjl #if defined(__STDC__) 240*cb5caa98Sdjl typedef int (*nss_str2ent_t)(const char *in, int inlen, 241*cb5caa98Sdjl void *ent, char *buf, int buflen); 242*cb5caa98Sdjl 243*cb5caa98Sdjl struct nss_groupsbymem; /* forward definition */ 244*cb5caa98Sdjl typedef nss_status_t (*nss_groupstr_t)(const char *instr, int inlen, 245*cb5caa98Sdjl struct nss_groupsbymem *); 246*cb5caa98Sdjl #else 247*cb5caa98Sdjl typedef int (*nss_str2ent_t)(); 248*cb5caa98Sdjl typedef nss_status_t (*nss_groupstr_t)(); 249*cb5caa98Sdjl #endif 250*cb5caa98Sdjl 2517c478bd9Sstevel@tonic-gate /* 2527c478bd9Sstevel@tonic-gate * The initgroups() function [see initgroups(3c)] needs to find all the 2537c478bd9Sstevel@tonic-gate * groups to which a given user belongs. To do this it calls 2547c478bd9Sstevel@tonic-gate * _getgroupsbymember(), which is part of the frontend for the "group" 2557c478bd9Sstevel@tonic-gate * database. 2567c478bd9Sstevel@tonic-gate * We want the same effect as if we used getgrent_r() to enumerate the 2577c478bd9Sstevel@tonic-gate * entire groups database (possibly from multiple sources), but getgrent_r() 2587c478bd9Sstevel@tonic-gate * is too inefficient. Most backends can do better if they know they're 2597c478bd9Sstevel@tonic-gate * meant to scan all groups; hence there's a separate backend operation, 2607c478bd9Sstevel@tonic-gate * NSS_DBOP_GROUP_BYMEMBER, which uses the nss_groupsbymem struct. 2617c478bd9Sstevel@tonic-gate * Note that the normal return-value from such a backend, even when it 2627c478bd9Sstevel@tonic-gate * successfully finds matching group entries, is NSS_NOTFOUND, because 2637c478bd9Sstevel@tonic-gate * this tells the switch engine to keep searching in any more sources. 2647c478bd9Sstevel@tonic-gate * In fact, the backends only return NSS_SUCCESS if they find enough 2657c478bd9Sstevel@tonic-gate * matching entries that the gid_array is completely filled, in which 2667c478bd9Sstevel@tonic-gate * case the switch engine should stop searching. 2677c478bd9Sstevel@tonic-gate * If the force_slow_way field is set, the backend should eschew any cached 2687c478bd9Sstevel@tonic-gate * information (e.g. the YP netid.byname map or the NIS+ cred.org_dir table) 2697c478bd9Sstevel@tonic-gate * and should instead grind its way through the group map/table/whatever. 2707c478bd9Sstevel@tonic-gate */ 2717c478bd9Sstevel@tonic-gate 2727c478bd9Sstevel@tonic-gate struct nss_groupsbymem { /* For _getgroupsbymember() */ 2737c478bd9Sstevel@tonic-gate /* in: */ 2747c478bd9Sstevel@tonic-gate const char *username; 2757c478bd9Sstevel@tonic-gate gid_t *gid_array; 2767c478bd9Sstevel@tonic-gate int maxgids; 2777c478bd9Sstevel@tonic-gate int force_slow_way; 278*cb5caa98Sdjl nss_str2ent_t str2ent; 279*cb5caa98Sdjl nss_groupstr_t process_cstr; 2807c478bd9Sstevel@tonic-gate 2817c478bd9Sstevel@tonic-gate /* in_out: */ 2827c478bd9Sstevel@tonic-gate int numgids; 2837c478bd9Sstevel@tonic-gate }; 2847c478bd9Sstevel@tonic-gate 2857c478bd9Sstevel@tonic-gate /* 2867c478bd9Sstevel@tonic-gate * The netgroup routines are handled as follows: 2877c478bd9Sstevel@tonic-gate * 2887c478bd9Sstevel@tonic-gate * Policy decision: 2897c478bd9Sstevel@tonic-gate * If netgroup A refers to netgroup B, both must occur in the same 2907c478bd9Sstevel@tonic-gate * source (other choices give very confusing semantics). This 2917c478bd9Sstevel@tonic-gate * assumption is deeply embedded in the frontend and backends. 2927c478bd9Sstevel@tonic-gate * 2937c478bd9Sstevel@tonic-gate * - setnetgrent(), despite its name, is really a getXXXbyYYY operation: 2947c478bd9Sstevel@tonic-gate * it takes a name and finds a netgroup with that name (see the 2957c478bd9Sstevel@tonic-gate * nss_setnetgrent_args struct below). The "result" that it returns 2967c478bd9Sstevel@tonic-gate * to the frontend is an nss_backend_t for a pseudo-backend that allows 2977c478bd9Sstevel@tonic-gate * one to enumerate the members of that netgroup. 2987c478bd9Sstevel@tonic-gate * 2997c478bd9Sstevel@tonic-gate * - getnetgrent() calls the 'getXXXent' function in the pseudo-backend; 3007c478bd9Sstevel@tonic-gate * it doesn't go through the switch engine at all. It uses the 3017c478bd9Sstevel@tonic-gate * nss_getnetgrent_args struct below. 3027c478bd9Sstevel@tonic-gate * 3037c478bd9Sstevel@tonic-gate * - innetgr() is implemented on top of __multi_innetgr(), which replaces 3047c478bd9Sstevel@tonic-gate * each (char *) argument of innetgr() with a counted vector of (char *). 3057c478bd9Sstevel@tonic-gate * The semantics are the same as an OR of the results of innetgr() 3067c478bd9Sstevel@tonic-gate * operations on each possible 4-tuple picked from the arguments, but 3077c478bd9Sstevel@tonic-gate * it's possible to implement some cases more efficiently. This is 3087c478bd9Sstevel@tonic-gate * important for mountd, which used to read YP netgroup.byhost directly 3097c478bd9Sstevel@tonic-gate * in order to determine efficiently whether a given host belonged to any 3107c478bd9Sstevel@tonic-gate * one of a long list of netgroups. Wildcarded arguments are indicated 3117c478bd9Sstevel@tonic-gate * by a count of zero. 3127c478bd9Sstevel@tonic-gate * 3137c478bd9Sstevel@tonic-gate * - __multi_innetgr() uses the nss_innetgr_args struct. A backend whose 3147c478bd9Sstevel@tonic-gate * source contains at least one of the groups listed in the 'groups' 3157c478bd9Sstevel@tonic-gate * vector will return NSS_SUCCESS and will set the 'status' field to 3167c478bd9Sstevel@tonic-gate * indicate whether any 4-tuple was satisfied. A backend will only 3177c478bd9Sstevel@tonic-gate * return NSS_NOTFOUND if the source contained none of the groups 3187c478bd9Sstevel@tonic-gate * listed in the 'groups' vector. 3197c478bd9Sstevel@tonic-gate */ 3207c478bd9Sstevel@tonic-gate 3217c478bd9Sstevel@tonic-gate enum nss_netgr_argn { /* We need (machine, user, domain) triples */ 322*cb5caa98Sdjl NSS_NETGR_MACHINE = 0, 323*cb5caa98Sdjl NSS_NETGR_USER = 1, 324*cb5caa98Sdjl NSS_NETGR_DOMAIN = 2, 325*cb5caa98Sdjl NSS_NETGR_N = 3 3267c478bd9Sstevel@tonic-gate }; 3277c478bd9Sstevel@tonic-gate 3287c478bd9Sstevel@tonic-gate enum nss_netgr_status { /* Status from setnetgrent, multi_innetgr */ 329*cb5caa98Sdjl NSS_NETGR_FOUND = 0, 330*cb5caa98Sdjl NSS_NETGR_NO = 1, 331*cb5caa98Sdjl NSS_NETGR_NOMEM = 2 3327c478bd9Sstevel@tonic-gate }; 3337c478bd9Sstevel@tonic-gate 3347c478bd9Sstevel@tonic-gate struct nss_setnetgrent_args { 3357c478bd9Sstevel@tonic-gate /* in: */ 3367c478bd9Sstevel@tonic-gate const char *netgroup; 3377c478bd9Sstevel@tonic-gate /* out: */ 3387c478bd9Sstevel@tonic-gate nss_backend_t *iterator; /* <==== Explain */ 3397c478bd9Sstevel@tonic-gate }; 3407c478bd9Sstevel@tonic-gate 3417c478bd9Sstevel@tonic-gate struct nss_getnetgrent_args { 3427c478bd9Sstevel@tonic-gate /* in: */ 3437c478bd9Sstevel@tonic-gate char *buffer; 3447c478bd9Sstevel@tonic-gate int buflen; 3457c478bd9Sstevel@tonic-gate /* out: */ 3467c478bd9Sstevel@tonic-gate enum nss_netgr_status status; 3477c478bd9Sstevel@tonic-gate char *retp[NSS_NETGR_N]; 3487c478bd9Sstevel@tonic-gate }; 3497c478bd9Sstevel@tonic-gate 3507c478bd9Sstevel@tonic-gate typedef unsigned nss_innetgr_argc; /* 0 means wildcard */ 3517c478bd9Sstevel@tonic-gate typedef char ** nss_innetgr_argv; /* === Do we really need these? */ 3527c478bd9Sstevel@tonic-gate 3537c478bd9Sstevel@tonic-gate struct nss_innetgr_1arg { 3547c478bd9Sstevel@tonic-gate nss_innetgr_argc argc; 3557c478bd9Sstevel@tonic-gate nss_innetgr_argv argv; 3567c478bd9Sstevel@tonic-gate }; 3577c478bd9Sstevel@tonic-gate 3587c478bd9Sstevel@tonic-gate struct nss_innetgr_args { 3597c478bd9Sstevel@tonic-gate /* in: */ 3607c478bd9Sstevel@tonic-gate struct nss_innetgr_1arg arg[NSS_NETGR_N]; 3617c478bd9Sstevel@tonic-gate struct nss_innetgr_1arg groups; 3627c478bd9Sstevel@tonic-gate /* out: */ 3637c478bd9Sstevel@tonic-gate enum nss_netgr_status status; 3647c478bd9Sstevel@tonic-gate }; 3657c478bd9Sstevel@tonic-gate 3667c478bd9Sstevel@tonic-gate /* 3677c478bd9Sstevel@tonic-gate * nss_XbyY_buf_t -- structure containing the generic arguments passwd to 3687c478bd9Sstevel@tonic-gate * getXXXbyYYY_r() and getXXXent_r() routines. The (void *) value points to 3697c478bd9Sstevel@tonic-gate * a struct of the appropriate type, e.g. struct passwd or struct hostent. 3707c478bd9Sstevel@tonic-gate * 3717c478bd9Sstevel@tonic-gate * The functions that allocate and free these structures do no locking at 3727c478bd9Sstevel@tonic-gate * all, since the routines that use them are inherently MT-unsafe anyway. 3737c478bd9Sstevel@tonic-gate */ 3747c478bd9Sstevel@tonic-gate 3757c478bd9Sstevel@tonic-gate typedef struct { 3767c478bd9Sstevel@tonic-gate void *result; /* "result" parameter to getXbyY_r() */ 3777c478bd9Sstevel@tonic-gate char *buffer; /* "buffer" " " */ 3787c478bd9Sstevel@tonic-gate int buflen; /* "buflen" " " */ 3797c478bd9Sstevel@tonic-gate } nss_XbyY_buf_t; 3807c478bd9Sstevel@tonic-gate 3817c478bd9Sstevel@tonic-gate #if defined(__STDC__) 3827c478bd9Sstevel@tonic-gate extern nss_XbyY_buf_t *_nss_XbyY_buf_alloc(int struct_size, int buffer_size); 3837c478bd9Sstevel@tonic-gate extern void _nss_XbyY_buf_free(nss_XbyY_buf_t *); 3847c478bd9Sstevel@tonic-gate #else 3857c478bd9Sstevel@tonic-gate extern nss_XbyY_buf_t *_nss_XbyY_buf_alloc(); 3867c478bd9Sstevel@tonic-gate extern void _nss_XbyY_buf_free(); 3877c478bd9Sstevel@tonic-gate #endif 3887c478bd9Sstevel@tonic-gate 3897c478bd9Sstevel@tonic-gate #define NSS_XbyY_ALLOC(bufpp, str_size, buf_size) (\ 3907c478bd9Sstevel@tonic-gate (*bufpp) == 0 \ 3917c478bd9Sstevel@tonic-gate ? (*bufpp) = _nss_XbyY_buf_alloc(str_size, buf_size) \ 392*cb5caa98Sdjl : (*bufpp)) 3937c478bd9Sstevel@tonic-gate 3947c478bd9Sstevel@tonic-gate #define NSS_XbyY_FREE(bufpp) (_nss_XbyY_buf_free(*bufpp), (*bufpp) = 0) 3957c478bd9Sstevel@tonic-gate 3967c478bd9Sstevel@tonic-gate /* 3977c478bd9Sstevel@tonic-gate * The nss_XbyY_args_t struct contains all the information passed between 3987c478bd9Sstevel@tonic-gate * frontends and backends for the getXbyY_r() and getXent() routines, 3997c478bd9Sstevel@tonic-gate * including an nss_XbyY_buf_t and the lookup key (unused for getXXXent_r). 4007c478bd9Sstevel@tonic-gate * 4017c478bd9Sstevel@tonic-gate * The (*str2ent)() member converts a single XXXent from ASCII text to the 4027c478bd9Sstevel@tonic-gate * appropriate struct, storing any pointer data (strings, in_addrs, arrays 4037c478bd9Sstevel@tonic-gate * of these) in the buffer. The ASCII text is a counted string (*not* a 4047c478bd9Sstevel@tonic-gate * zero-terminated string) whose length is specified by the instr_len 4057c478bd9Sstevel@tonic-gate * parameter. The text is found at the address specified by instr and 4067c478bd9Sstevel@tonic-gate * the string is treated as readonly. buffer and instr must be non- 4077c478bd9Sstevel@tonic-gate * intersecting memory areas. 4087c478bd9Sstevel@tonic-gate * 4097c478bd9Sstevel@tonic-gate * With the exception of passwd, shadow and group, the text form for these 4107c478bd9Sstevel@tonic-gate * databases allows trailing comments and arbitrary whitespace. The 4117c478bd9Sstevel@tonic-gate * corresponding str2ent routine assumes that comments, leading whitespace 4127c478bd9Sstevel@tonic-gate * and trailing whitespace have been stripped (and thus assumes that entries 4137c478bd9Sstevel@tonic-gate * consisting only of these have been discarded). 4147c478bd9Sstevel@tonic-gate * 4157c478bd9Sstevel@tonic-gate * The text entries for "rpc" and for the databases described in <netdb.h> 4167c478bd9Sstevel@tonic-gate * follow a common format (a canonical name with a possibly empty list 4177c478bd9Sstevel@tonic-gate * of aliases, and some other value), albeit with minor variations. 4187c478bd9Sstevel@tonic-gate * The function _nss_netdb_aliases() does most of the generic work involved 4197c478bd9Sstevel@tonic-gate * in parsing and marshalling these into the buffer. 4207c478bd9Sstevel@tonic-gate */ 4217c478bd9Sstevel@tonic-gate 422*cb5caa98Sdjl typedef union nss_XbyY_key { /* No tag; backend should know what to expect */ 4237c478bd9Sstevel@tonic-gate uid_t uid; 4247c478bd9Sstevel@tonic-gate gid_t gid; 4257c478bd9Sstevel@tonic-gate projid_t projid; 4267c478bd9Sstevel@tonic-gate const char *name; 4277c478bd9Sstevel@tonic-gate int number; 4287c478bd9Sstevel@tonic-gate struct { 4297c478bd9Sstevel@tonic-gate int net; 4307c478bd9Sstevel@tonic-gate int type; 4317c478bd9Sstevel@tonic-gate } netaddr; 4327c478bd9Sstevel@tonic-gate struct { 4337c478bd9Sstevel@tonic-gate const char *addr; 4347c478bd9Sstevel@tonic-gate int len; 4357c478bd9Sstevel@tonic-gate int type; 4367c478bd9Sstevel@tonic-gate } hostaddr; 4377c478bd9Sstevel@tonic-gate struct { 4387c478bd9Sstevel@tonic-gate union { 4397c478bd9Sstevel@tonic-gate const char *name; 4407c478bd9Sstevel@tonic-gate int port; 4417c478bd9Sstevel@tonic-gate } serv; 4427c478bd9Sstevel@tonic-gate const char *proto; 4437c478bd9Sstevel@tonic-gate } serv; 4447c478bd9Sstevel@tonic-gate void *ether; 4457c478bd9Sstevel@tonic-gate struct { 4467c478bd9Sstevel@tonic-gate const char *name; 4477c478bd9Sstevel@tonic-gate const char *keytype; 4487c478bd9Sstevel@tonic-gate } pkey; 4497c478bd9Sstevel@tonic-gate struct { 4507c478bd9Sstevel@tonic-gate const char *name; 4517c478bd9Sstevel@tonic-gate int af_family; 4527c478bd9Sstevel@tonic-gate int flags; 4537c478bd9Sstevel@tonic-gate } ipnode; 4547c478bd9Sstevel@tonic-gate void *attrp; /* for the new attr databases */ 455*cb5caa98Sdjl } nss_XbyY_key_t; 456*cb5caa98Sdjl 457*cb5caa98Sdjl 458*cb5caa98Sdjl #if defined(__STDC__) 459*cb5caa98Sdjl typedef int (*nss_key2str_t)(void *buffer, size_t buflen, 460*cb5caa98Sdjl nss_XbyY_key_t *key, size_t *len); 461*cb5caa98Sdjl #else 462*cb5caa98Sdjl typedef int (*nss_key2str_t)(); 463*cb5caa98Sdjl #endif 464*cb5caa98Sdjl 4657c478bd9Sstevel@tonic-gate 4667c478bd9Sstevel@tonic-gate typedef struct nss_XbyY_args { 4677c478bd9Sstevel@tonic-gate 4687c478bd9Sstevel@tonic-gate /* IN */ 4697c478bd9Sstevel@tonic-gate nss_XbyY_buf_t buf; 4707c478bd9Sstevel@tonic-gate int stayopen; 4717c478bd9Sstevel@tonic-gate /* 4727c478bd9Sstevel@tonic-gate * Support for setXXXent(stayopen) 4737c478bd9Sstevel@tonic-gate * Used only in hosts, protocols, 4747c478bd9Sstevel@tonic-gate * networks, rpc, and services. 4757c478bd9Sstevel@tonic-gate */ 476*cb5caa98Sdjl nss_str2ent_t str2ent; 4777c478bd9Sstevel@tonic-gate union nss_XbyY_key key; 4787c478bd9Sstevel@tonic-gate 4797c478bd9Sstevel@tonic-gate /* OUT */ 4807c478bd9Sstevel@tonic-gate void *returnval; 4817c478bd9Sstevel@tonic-gate int erange; 482*cb5caa98Sdjl int h_errno; /* For gethost*_r() */ 483*cb5caa98Sdjl nss_status_t status; /* from the backend last called */ 484*cb5caa98Sdjl /* NSS2 */ 485*cb5caa98Sdjl nss_key2str_t key2str; /* IN */ 486*cb5caa98Sdjl size_t returnlen; /* OUT */ 487*cb5caa98Sdjl 488*cb5caa98Sdjl /* NSCD/DOOR data */ 489*cb5caa98Sdjl 490*cb5caa98Sdjl /* ... buffer arena follows... */ 4917c478bd9Sstevel@tonic-gate } nss_XbyY_args_t; 4927c478bd9Sstevel@tonic-gate 493*cb5caa98Sdjl 494*cb5caa98Sdjl 495*cb5caa98Sdjl /* 496*cb5caa98Sdjl * nss/nscd v2 interface, packed buffer format 497*cb5caa98Sdjl * 498*cb5caa98Sdjl * A key component of the v2 name service switch is the redirection 499*cb5caa98Sdjl * of all activity to nscd for actual processing. In the original 500*cb5caa98Sdjl * switch most activity took place in each application, and the nscd 501*cb5caa98Sdjl * cache component was an add-on optional interface. 502*cb5caa98Sdjl * 503*cb5caa98Sdjl * The nscd v1 format was a completely private interface that 504*cb5caa98Sdjl * implemented specific bufferiing formats on a per getXbyY API basis. 505*cb5caa98Sdjl * 506*cb5caa98Sdjl * The nss/nscd v2 interface uses a common header and commonalizes 507*cb5caa98Sdjl * the buffering format as consistently as possible. The general rule 508*cb5caa98Sdjl * of thumb is that backends are required to assemble their results in 509*cb5caa98Sdjl * "files based" format [IE the format used on a per result basis as 510*cb5caa98Sdjl * returned by the files backend] and then call the standard str2ent 511*cb5caa98Sdjl * interface. This is the original intended design as used in the files 512*cb5caa98Sdjl * and nis backends. 513*cb5caa98Sdjl * 514*cb5caa98Sdjl * The benefit of this is that the application side library can assemble 515*cb5caa98Sdjl * a request and provide a header and a variable length result buffer via 516*cb5caa98Sdjl * a doors API, and then the nscd side switch can assemble a a getXbyY 517*cb5caa98Sdjl * request providing the result buffer and a str2ent function that copies 518*cb5caa98Sdjl * but does not unpack the result. 519*cb5caa98Sdjl * 520*cb5caa98Sdjl * This results is returned back via the door, and unpacked using the 521*cb5caa98Sdjl * native library side str2ent interface. 522*cb5caa98Sdjl * 523*cb5caa98Sdjl * Additionally, the common header allows extensibility to add new 524*cb5caa98Sdjl * getXbyYs, putXbyYs or other maintenance APIs to/from nscd without 525*cb5caa98Sdjl * changing the existing "old style" backend interfaces. 526*cb5caa98Sdjl * 527*cb5caa98Sdjl * Finally new style getXbyY, putXbyY and backend interfaces can be 528*cb5caa98Sdjl * by adding new operation requests to the header, while old style 529*cb5caa98Sdjl * backwards compatability. 530*cb5caa98Sdjl */ 531*cb5caa98Sdjl 532*cb5caa98Sdjl /* 533*cb5caa98Sdjl * nss/nscd v2 callnumber definitions 534*cb5caa98Sdjl */ 535*cb5caa98Sdjl 536*cb5caa98Sdjl /* 537*cb5caa98Sdjl * callnumbers are separated by categories, such as: 538*cb5caa98Sdjl * application to nscd requests, nscd to nscd requests, 539*cb5caa98Sdjl * smf to nscd requests, etc. 540*cb5caa98Sdjl */ 541*cb5caa98Sdjl 542*cb5caa98Sdjl #define NSCDV2CATMASK (0xFF000000) 543*cb5caa98Sdjl #define NSCDV2CALLMASK (0x00FFFFFF) 544*cb5caa98Sdjl 545*cb5caa98Sdjl /* 546*cb5caa98Sdjl * nss/nscd v2 categories 547*cb5caa98Sdjl */ 548*cb5caa98Sdjl 549*cb5caa98Sdjl #define NSCD_CALLCAT_APP ('a'<<24) 550*cb5caa98Sdjl #define NSCD_CALLCAT_N2N ('n'<<24) 551*cb5caa98Sdjl 552*cb5caa98Sdjl /* nscd v2 app-> nscd callnumbers */ 553*cb5caa98Sdjl 554*cb5caa98Sdjl #define NSCD_SEARCH (NSCD_CALLCAT_APP|0x01) 555*cb5caa98Sdjl #define NSCD_SETENT (NSCD_CALLCAT_APP|0x02) 556*cb5caa98Sdjl #define NSCD_GETENT (NSCD_CALLCAT_APP|0x03) 557*cb5caa98Sdjl #define NSCD_ENDENT (NSCD_CALLCAT_APP|0x04) 558*cb5caa98Sdjl #define NSCD_PUT (NSCD_CALLCAT_APP|0x05) 559*cb5caa98Sdjl #define NSCD_GETHINTS (NSCD_CALLCAT_APP|0x06) 560*cb5caa98Sdjl 561*cb5caa98Sdjl /* nscd v2 SETENT cookie markers */ 562*cb5caa98Sdjl 563*cb5caa98Sdjl #define NSCD_NEW_COOKIE 0 564*cb5caa98Sdjl #define NSCD_LOCAL_COOKIE 1 565*cb5caa98Sdjl 566*cb5caa98Sdjl /* nscd v2 header revision */ 567*cb5caa98Sdjl /* treated as 0xMMMMmmmm MMMM - Major Rev, mmmm - Minor Rev */ 568*cb5caa98Sdjl 569*cb5caa98Sdjl #define NSCD_HEADER_REV 0x00020000 570*cb5caa98Sdjl 571*cb5caa98Sdjl /* 572*cb5caa98Sdjl * ptr/uint data type used to calculate shared nscd buffer struct sizes 573*cb5caa98Sdjl * sizes/offsets are arbitrarily limited to 32 bits for 32/64 compatibility 574*cb5caa98Sdjl * datatype is 64 bits for possible pointer storage and future use 575*cb5caa98Sdjl */ 576*cb5caa98Sdjl 577*cb5caa98Sdjl typedef uint64_t nssuint_t; 578*cb5caa98Sdjl 579*cb5caa98Sdjl /* 580*cb5caa98Sdjl * nscd v2 buffer layout overview 581*cb5caa98Sdjl * 582*cb5caa98Sdjl * The key interface to nscd moving forward is the doors interface 583*cb5caa98Sdjl * between applications and nscd (NSCD_CALLCAT_APP), and nscd and 584*cb5caa98Sdjl * it's children (NSCD_CALLCAT_N2N). 585*cb5caa98Sdjl * 586*cb5caa98Sdjl * Regardless of the interface used, the buffer layout is consistent. 587*cb5caa98Sdjl * The General Layout is: 588*cb5caa98Sdjl * [nss_pheader_t][IN key][OUT data results]{extend results} 589*cb5caa98Sdjl * 590*cb5caa98Sdjl * The header (nss_pheader_t) remains constant. 591*cb5caa98Sdjl * Keys and key layouts vary between call numbers/requests 592*cb5caa98Sdjl * NSCD_CALLCAT_APP use key layouts mimics/defines in nss_dbdefs.h 593*cb5caa98Sdjl * NSCD_CALLCAT_NSN use layouts defined by nscd headers 594*cb5caa98Sdjl * Data and data results vary between results 595*cb5caa98Sdjl * NSCD_CALLCAT_APP return "file standard format" output buffers 596*cb5caa98Sdjl * NSCD_CALLCAT_NSN return data defined by nscd headers 597*cb5caa98Sdjl * extended results are optional and vary 598*cb5caa98Sdjl * 599*cb5caa98Sdjl */ 600*cb5caa98Sdjl 601*cb5caa98Sdjl /* 602*cb5caa98Sdjl * nss_pheader_t -- buffer header structure that contains switch data 603*cb5caa98Sdjl * "packed" by the client into a buffer suitable for transport over 604*cb5caa98Sdjl * nscd's door, and that can be unpacked into a native form within 605*cb5caa98Sdjl * nscd's switch. Capable of packing and unpacking data ans results. 606*cb5caa98Sdjl * 607*cb5caa98Sdjl * NSCD_HEADER_REV: 0x00020000 16 x uint64 = (128 byte header) 608*cb5caa98Sdjl */ 609*cb5caa98Sdjl 610*cb5caa98Sdjl typedef struct { 611*cb5caa98Sdjl uint32_t nsc_callnumber; /* packed buffer request */ 612*cb5caa98Sdjl uint32_t nss_dbop; /* old nss dbop */ 613*cb5caa98Sdjl uint32_t p_ruid; /* real uid */ 614*cb5caa98Sdjl uint32_t p_euid; /* effective uid */ 615*cb5caa98Sdjl uint32_t p_version; /* 0xMMMMmmmm Major/minor */ 616*cb5caa98Sdjl uint32_t p_status; /* nss_status_t */ 617*cb5caa98Sdjl uint32_t p_errno; /* errno */ 618*cb5caa98Sdjl uint32_t p_herrno; /* h_errno */ 619*cb5caa98Sdjl nssuint_t libpriv; /* reserved (for lib/client) */ 620*cb5caa98Sdjl nssuint_t pbufsiz; /* buffer size */ 621*cb5caa98Sdjl nssuint_t dbd_off; /* IN: db desc off */ 622*cb5caa98Sdjl nssuint_t dbd_len; /* IN: db desc len */ 623*cb5caa98Sdjl nssuint_t key_off; /* IN: key off */ 624*cb5caa98Sdjl nssuint_t key_len; /* IN: key len */ 625*cb5caa98Sdjl nssuint_t data_off; /* OUT: data off */ 626*cb5caa98Sdjl nssuint_t data_len; /* OUT: data len */ 627*cb5caa98Sdjl nssuint_t ext_off; /* OUT: extended results off */ 628*cb5caa98Sdjl nssuint_t ext_len; /* OUT: extended results len */ 629*cb5caa98Sdjl nssuint_t nscdpriv; /* reserved (for nscd) */ 630*cb5caa98Sdjl nssuint_t reserved1; /* reserved (TBD) */ 631*cb5caa98Sdjl } nss_pheader_t; 632*cb5caa98Sdjl 633*cb5caa98Sdjl /* 634*cb5caa98Sdjl * nss_pnetgr_t -- packed offset structure for holding keys used 635*cb5caa98Sdjl * by innetgr (__multi_innetgr) key 636*cb5caa98Sdjl * Key format is: 637*cb5caa98Sdjl * nss_pnetgr_t 638*cb5caa98Sdjl * (nssuint_t)[machine_argc] offsets to strings 639*cb5caa98Sdjl * (nssuint_t)[user_argc] offsets to strings 640*cb5caa98Sdjl * (nssuint_t)[domain_argc] offsets to strings 641*cb5caa98Sdjl * (nssuint_t)[groups_argc] offsets to strings 642*cb5caa98Sdjl * machine,user,domain,groups strings 643*cb5caa98Sdjl */ 644*cb5caa98Sdjl 645*cb5caa98Sdjl typedef struct { 646*cb5caa98Sdjl uint32_t machine_argc; 647*cb5caa98Sdjl uint32_t user_argc; 648*cb5caa98Sdjl uint32_t domain_argc; 649*cb5caa98Sdjl uint32_t groups_argc; 650*cb5caa98Sdjl nssuint_t machine_offv; 651*cb5caa98Sdjl nssuint_t user_offv; 652*cb5caa98Sdjl nssuint_t domain_offv; 653*cb5caa98Sdjl nssuint_t groups_offv; 654*cb5caa98Sdjl } nss_pnetgr_t; 655*cb5caa98Sdjl 656*cb5caa98Sdjl 6577c478bd9Sstevel@tonic-gate /* status returned by the str2ent parsing routines */ 6587c478bd9Sstevel@tonic-gate #define NSS_STR_PARSE_SUCCESS 0 6597c478bd9Sstevel@tonic-gate #define NSS_STR_PARSE_PARSE 1 6607c478bd9Sstevel@tonic-gate #define NSS_STR_PARSE_ERANGE 2 6617c478bd9Sstevel@tonic-gate 6627c478bd9Sstevel@tonic-gate #define NSS_XbyY_INIT(str, res, bufp, len, func) (\ 6637c478bd9Sstevel@tonic-gate (str)->buf.result = (res), \ 6647c478bd9Sstevel@tonic-gate (str)->buf.buffer = (bufp), \ 6657c478bd9Sstevel@tonic-gate (str)->buf.buflen = (len), \ 6667c478bd9Sstevel@tonic-gate (str)->stayopen = 0, \ 6677c478bd9Sstevel@tonic-gate (str)->str2ent = (func), \ 668*cb5caa98Sdjl (str)->key2str = NULL, \ 6697c478bd9Sstevel@tonic-gate (str)->returnval = 0, \ 670*cb5caa98Sdjl (str)->returnlen = 0, \ 671*cb5caa98Sdjl (str)->erange = 0) 672*cb5caa98Sdjl 673*cb5caa98Sdjl #define NSS_XbyY_INIT_EXT(str, res, bufp, len, func, kfunc) (\ 674*cb5caa98Sdjl (str)->buf.result = (res), \ 675*cb5caa98Sdjl (str)->buf.buffer = (bufp), \ 676*cb5caa98Sdjl (str)->buf.buflen = (len), \ 677*cb5caa98Sdjl (str)->stayopen = 0, \ 678*cb5caa98Sdjl (str)->str2ent = (func), \ 679*cb5caa98Sdjl (str)->key2str = (kfunc), \ 680*cb5caa98Sdjl (str)->returnval = 0, \ 681*cb5caa98Sdjl (str)->returnlen = 0, \ 6827c478bd9Sstevel@tonic-gate (str)->erange = 0) 6837c478bd9Sstevel@tonic-gate 6847c478bd9Sstevel@tonic-gate #define NSS_XbyY_FINI(str) (\ 6857c478bd9Sstevel@tonic-gate (str)->returnval == 0 && (str)->erange && (errno = ERANGE), \ 6867c478bd9Sstevel@tonic-gate (str)->returnval) 6877c478bd9Sstevel@tonic-gate 688*cb5caa98Sdjl #define NSS_PACKED_CRED_CHECK(buf, ruid, euid) (\ 689*cb5caa98Sdjl ((nss_pheader_t *)(buf))->p_ruid == (ruid) && \ 690*cb5caa98Sdjl ((nss_pheader_t *)(buf))->p_euid == (euid)) 691*cb5caa98Sdjl 6927c478bd9Sstevel@tonic-gate #if defined(__STDC__) 693*cb5caa98Sdjl extern char **_nss_netdb_aliases(const char *, int, char *, int); 694*cb5caa98Sdjl extern nss_status_t nss_default_key2str(void *, size_t, nss_XbyY_args_t *, 695*cb5caa98Sdjl const char *, int, size_t *); 696*cb5caa98Sdjl extern nss_status_t nss_packed_arg_init(void *, size_t, nss_db_root_t *, 697*cb5caa98Sdjl nss_db_initf_t *, int *, 698*cb5caa98Sdjl nss_XbyY_args_t *); 699*cb5caa98Sdjl extern nss_status_t nss_packed_context_init(void *, size_t, nss_db_root_t *, 700*cb5caa98Sdjl nss_db_initf_t *, nss_getent_t **, 701*cb5caa98Sdjl nss_XbyY_args_t *); 702*cb5caa98Sdjl extern void nss_packed_set_status(void *, size_t, nss_status_t, 703*cb5caa98Sdjl nss_XbyY_args_t *); 704*cb5caa98Sdjl extern nss_status_t nss_packed_getkey(void *, size_t, char **, int *, 705*cb5caa98Sdjl nss_XbyY_args_t *); 7067c478bd9Sstevel@tonic-gate #else 7077c478bd9Sstevel@tonic-gate extern char **_nss_netdb_aliases(); 708*cb5caa98Sdjl extern int nss_default_key2str(); 709*cb5caa98Sdjl extern nss_status_t nss_packed_arg_init(); 710*cb5caa98Sdjl extern nss_status_t nss_packed_context_init(); 711*cb5caa98Sdjl extern void nss_packed_set_status(); 712*cb5caa98Sdjl extern nss_status_t nss_packed_getkey(); 7137c478bd9Sstevel@tonic-gate #endif 7147c478bd9Sstevel@tonic-gate 7157c478bd9Sstevel@tonic-gate /* 7167c478bd9Sstevel@tonic-gate * nss_dbop_t values for searches with various keys; values for 7177c478bd9Sstevel@tonic-gate * destructor/endent/setent/getent are defined in <nss_common.h> 7187c478bd9Sstevel@tonic-gate */ 7197c478bd9Sstevel@tonic-gate 720*cb5caa98Sdjl /* 721*cb5caa98Sdjl * These are part of the "Over the wire" IE app->nscd getXbyY 722*cb5caa98Sdjl * op for well known getXbyY's. Cannot use NSS_DBOP_X_Y directly 723*cb5caa98Sdjl * because NSS_DBOP_next_iter is NOT an incrementing counter value 724*cb5caa98Sdjl * it's a starting offset into an array value. 725*cb5caa98Sdjl */ 726*cb5caa98Sdjl 727*cb5caa98Sdjl #define NSS_DBOP_X(x) ((x)<<16) 728*cb5caa98Sdjl #define NSS_DBOP_XY(x, y) ((x)|(y)) 729*cb5caa98Sdjl 730*cb5caa98Sdjl #define NSS_DBOP_ALIASES NSS_DBOP_X(1) 731*cb5caa98Sdjl #define NSS_DBOP_AUTOMOUNT NSS_DBOP_X(2) 732*cb5caa98Sdjl #define NSS_DBOP_BOOTPARAMS NSS_DBOP_X(3) 733*cb5caa98Sdjl #define NSS_DBOP_ETHERS NSS_DBOP_X(4) 734*cb5caa98Sdjl #define NSS_DBOP_GROUP NSS_DBOP_X(5) 735*cb5caa98Sdjl #define NSS_DBOP_HOSTS NSS_DBOP_X(6) 736*cb5caa98Sdjl #define NSS_DBOP_IPNODES NSS_DBOP_X(7) 737*cb5caa98Sdjl #define NSS_DBOP_NETGROUP NSS_DBOP_X(8) 738*cb5caa98Sdjl #define NSS_DBOP_NETMASKS NSS_DBOP_X(9) 739*cb5caa98Sdjl #define NSS_DBOP_NETWORKS NSS_DBOP_X(10) 740*cb5caa98Sdjl #define NSS_DBOP_PASSWD NSS_DBOP_X(11) 741*cb5caa98Sdjl #define NSS_DBOP_PRINTERS NSS_DBOP_X(12) 742*cb5caa98Sdjl #define NSS_DBOP_PROJECT NSS_DBOP_X(13) 743*cb5caa98Sdjl #define NSS_DBOP_PROTOCOLS NSS_DBOP_X(14) 744*cb5caa98Sdjl #define NSS_DBOP_PUBLICKEY NSS_DBOP_X(15) 745*cb5caa98Sdjl #define NSS_DBOP_RPC NSS_DBOP_X(16) 746*cb5caa98Sdjl #define NSS_DBOP_SERVICES NSS_DBOP_X(17) 747*cb5caa98Sdjl #define NSS_DBOP_AUDITUSER NSS_DBOP_X(18) 748*cb5caa98Sdjl #define NSS_DBOP_AUTHATTR NSS_DBOP_X(19) 749*cb5caa98Sdjl #define NSS_DBOP_EXECATTR NSS_DBOP_X(20) 750*cb5caa98Sdjl #define NSS_DBOP_PROFATTR NSS_DBOP_X(21) 751*cb5caa98Sdjl #define NSS_DBOP_USERATTR NSS_DBOP_X(22) 752*cb5caa98Sdjl 7537c478bd9Sstevel@tonic-gate #define NSS_DBOP_GROUP_BYNAME (NSS_DBOP_next_iter) 7547c478bd9Sstevel@tonic-gate #define NSS_DBOP_GROUP_BYGID (NSS_DBOP_GROUP_BYNAME + 1) 7557c478bd9Sstevel@tonic-gate #define NSS_DBOP_GROUP_BYMEMBER (NSS_DBOP_GROUP_BYGID + 1) 7567c478bd9Sstevel@tonic-gate 7577c478bd9Sstevel@tonic-gate #define NSS_DBOP_PASSWD_BYNAME (NSS_DBOP_next_iter) 7587c478bd9Sstevel@tonic-gate #define NSS_DBOP_PASSWD_BYUID (NSS_DBOP_PASSWD_BYNAME + 1) 7597c478bd9Sstevel@tonic-gate 7607c478bd9Sstevel@tonic-gate /* The "compat" backend requires that PASSWD_BYNAME == SHADOW_BYNAME */ 7617c478bd9Sstevel@tonic-gate /* (it also requires that both use key.name to pass the username). */ 7627c478bd9Sstevel@tonic-gate #define NSS_DBOP_SHADOW_BYNAME (NSS_DBOP_PASSWD_BYNAME) 7637c478bd9Sstevel@tonic-gate 7647c478bd9Sstevel@tonic-gate #define NSS_DBOP_PROJECT_BYNAME (NSS_DBOP_next_iter) 7657c478bd9Sstevel@tonic-gate #define NSS_DBOP_PROJECT_BYID (NSS_DBOP_PROJECT_BYNAME + 1) 7667c478bd9Sstevel@tonic-gate 7677c478bd9Sstevel@tonic-gate #define NSS_DBOP_HOSTS_BYNAME (NSS_DBOP_next_iter) 7687c478bd9Sstevel@tonic-gate #define NSS_DBOP_HOSTS_BYADDR (NSS_DBOP_HOSTS_BYNAME + 1) 7697c478bd9Sstevel@tonic-gate 7707c478bd9Sstevel@tonic-gate #define NSS_DBOP_IPNODES_BYNAME (NSS_DBOP_next_iter) 7717c478bd9Sstevel@tonic-gate #define NSS_DBOP_IPNODES_BYADDR (NSS_DBOP_IPNODES_BYNAME + 1) 7727c478bd9Sstevel@tonic-gate 7737c478bd9Sstevel@tonic-gate /* 7747c478bd9Sstevel@tonic-gate * NSS_DBOP_NAME_2ADDR 7757c478bd9Sstevel@tonic-gate * NSS_DBOP_ADDR_2NAME 7767c478bd9Sstevel@tonic-gate * : are defines for ipv6 api's 7777c478bd9Sstevel@tonic-gate */ 7787c478bd9Sstevel@tonic-gate 7797c478bd9Sstevel@tonic-gate #define NSS_DBOP_NAME_2ADDR (NSS_DBOP_next_ipv6_iter) 7807c478bd9Sstevel@tonic-gate #define NSS_DBOP_ADDR_2NAME (NSS_DBOP_NAME_2ADDR + 1) 7817c478bd9Sstevel@tonic-gate 7827c478bd9Sstevel@tonic-gate #define NSS_DBOP_RPC_BYNAME (NSS_DBOP_next_iter) 7837c478bd9Sstevel@tonic-gate #define NSS_DBOP_RPC_BYNUMBER (NSS_DBOP_RPC_BYNAME + 1) 7847c478bd9Sstevel@tonic-gate 7857c478bd9Sstevel@tonic-gate #define NSS_DBOP_NETWORKS_BYNAME (NSS_DBOP_next_iter) 7867c478bd9Sstevel@tonic-gate #define NSS_DBOP_NETWORKS_BYADDR (NSS_DBOP_NETWORKS_BYNAME + 1) 7877c478bd9Sstevel@tonic-gate 7887c478bd9Sstevel@tonic-gate #define NSS_DBOP_SERVICES_BYNAME (NSS_DBOP_next_iter) 7897c478bd9Sstevel@tonic-gate #define NSS_DBOP_SERVICES_BYPORT (NSS_DBOP_SERVICES_BYNAME + 1) 7907c478bd9Sstevel@tonic-gate 7917c478bd9Sstevel@tonic-gate #define NSS_DBOP_PROTOCOLS_BYNAME (NSS_DBOP_next_iter) 7927c478bd9Sstevel@tonic-gate #define NSS_DBOP_PROTOCOLS_BYNUMBER (NSS_DBOP_PROTOCOLS_BYNAME + 1) 7937c478bd9Sstevel@tonic-gate 7947c478bd9Sstevel@tonic-gate #define NSS_DBOP_ETHERS_HOSTTON (NSS_DBOP_next_noiter) 7957c478bd9Sstevel@tonic-gate #define NSS_DBOP_ETHERS_NTOHOST (NSS_DBOP_ETHERS_HOSTTON + 1) 7967c478bd9Sstevel@tonic-gate 7977c478bd9Sstevel@tonic-gate #define NSS_DBOP_BOOTPARAMS_BYNAME (NSS_DBOP_next_noiter) 7987c478bd9Sstevel@tonic-gate #define NSS_DBOP_NETMASKS_BYNET (NSS_DBOP_next_noiter) 7997c478bd9Sstevel@tonic-gate 8007c478bd9Sstevel@tonic-gate #define NSS_DBOP_PRINTERS_BYNAME (NSS_DBOP_next_iter) 8017c478bd9Sstevel@tonic-gate 8027c478bd9Sstevel@tonic-gate /* 8037c478bd9Sstevel@tonic-gate * The "real" backend for netgroup (__multi_innetgr, setnetgrent) 8047c478bd9Sstevel@tonic-gate */ 8057c478bd9Sstevel@tonic-gate #define NSS_DBOP_NETGROUP_IN (NSS_DBOP_next_iter) 8067c478bd9Sstevel@tonic-gate #define NSS_DBOP_NETGROUP_SET (NSS_DBOP_NETGROUP_IN + 1) 8077c478bd9Sstevel@tonic-gate 8087c478bd9Sstevel@tonic-gate /* 8097c478bd9Sstevel@tonic-gate * The backend for getpublickey and getsecretkey (getkeys) 8107c478bd9Sstevel@tonic-gate */ 8117c478bd9Sstevel@tonic-gate #define NSS_DBOP_KEYS_BYNAME (NSS_DBOP_next_iter) 8127c478bd9Sstevel@tonic-gate 8137c478bd9Sstevel@tonic-gate /* 8147c478bd9Sstevel@tonic-gate * The pseudo-backend for netgroup (returned by setnetgrent) doesn't have 8157c478bd9Sstevel@tonic-gate * any getXXXbyYYY operations, just the usual destr/end/set/get ops, 8167c478bd9Sstevel@tonic-gate * so needs no definitions here. 8177c478bd9Sstevel@tonic-gate */ 8187c478bd9Sstevel@tonic-gate 8197c478bd9Sstevel@tonic-gate #define NSS_DBOP_ATTRDB_BYNAME (NSS_DBOP_next_iter) 8207c478bd9Sstevel@tonic-gate 8217c478bd9Sstevel@tonic-gate #define NSS_DBOP_AUDITUSER_BYNAME NSS_DBOP_ATTRDB_BYNAME 8227c478bd9Sstevel@tonic-gate #define NSS_DBOP_AUTHATTR_BYNAME NSS_DBOP_ATTRDB_BYNAME 8237c478bd9Sstevel@tonic-gate #define NSS_DBOP_EXECATTR_BYNAME NSS_DBOP_ATTRDB_BYNAME 8247c478bd9Sstevel@tonic-gate #define NSS_DBOP_EXECATTR_BYID (NSS_DBOP_EXECATTR_BYNAME + 1) 8257c478bd9Sstevel@tonic-gate #define NSS_DBOP_EXECATTR_BYNAMEID (NSS_DBOP_EXECATTR_BYID + 1) 8267c478bd9Sstevel@tonic-gate #define NSS_DBOP_PROFATTR_BYNAME NSS_DBOP_ATTRDB_BYNAME 8277c478bd9Sstevel@tonic-gate #define NSS_DBOP_USERATTR_BYNAME NSS_DBOP_ATTRDB_BYNAME 8287c478bd9Sstevel@tonic-gate 82945916cd2Sjpk #define NSS_DBOP_TSOL_TP_BYNAME (NSS_DBOP_next_iter) 83045916cd2Sjpk #define NSS_DBOP_TSOL_RH_BYADDR (NSS_DBOP_next_iter) 83145916cd2Sjpk #define NSS_DBOP_TSOL_ZC_BYNAME (NSS_DBOP_next_iter) 83245916cd2Sjpk 8337c478bd9Sstevel@tonic-gate /* 8347c478bd9Sstevel@tonic-gate * Used all over in the switch code. The best home for it I can think of. 8357c478bd9Sstevel@tonic-gate * Power-of-two alignments only. 8367c478bd9Sstevel@tonic-gate */ 8377c478bd9Sstevel@tonic-gate #define ROUND_DOWN(n, align) (((uintptr_t)n) & ~((align) - 1l)) 8387c478bd9Sstevel@tonic-gate #define ROUND_UP(n, align) ROUND_DOWN(((uintptr_t)n) + (align) - 1l, \ 8397c478bd9Sstevel@tonic-gate (align)) 8407c478bd9Sstevel@tonic-gate 8417c478bd9Sstevel@tonic-gate #ifdef __cplusplus 8427c478bd9Sstevel@tonic-gate } 8437c478bd9Sstevel@tonic-gate #endif 8447c478bd9Sstevel@tonic-gate 8457c478bd9Sstevel@tonic-gate #endif /* _NSS_DBDEFS_H */ 846