1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 */
26
27 #include <sys/types.h>
28 #include <nsswitch.h>
29 #include <stdlib.h>
30 #include <stdio.h>
31 #include <string.h>
32 #include <syslog.h>
33 #include <stdlib.h>
34 #include <unistd.h>
35
36 #include "ns_sldap.h"
37 #include <nss_dbdefs.h>
38 #include <nsswitch.h>
39 #include <pwd.h>
40 #include <shadow.h>
41 #include <rpcsvc/nis.h>
42
43 #include "passwdutil.h"
44
45 /*
46 * name_to_int(rep)
47 *
48 * Translate the repository to a bitmask.
49 * if we don't recognise the repository name, we return REP_ERANGE
50 */
51 int
name_to_int(char * rep_name)52 name_to_int(char *rep_name)
53 {
54 int result = REP_ERANGE;
55
56 if (strcmp(rep_name, "files") == 0)
57 result = REP_FILES;
58 else if (strcmp(rep_name, "nis") == 0)
59 result = REP_NIS;
60 else if (strcmp(rep_name, "ldap") == 0)
61 result = REP_LDAP;
62 else if (strcmp(rep_name, "compat") == 0) {
63 struct __nsw_switchconfig *cfg;
64 enum __nsw_parse_err pserr;
65
66 cfg = __nsw_getconfig("passwd_compat", &pserr);
67 if (cfg == NULL) {
68 result = REP_FILES | REP_NIS;
69 } else {
70 if (strcmp(cfg->lookups->service_name, "ldap") == 0)
71 result = REP_FILES | REP_LDAP;
72 else
73 result = REP_ERANGE;
74 (void) __nsw_freeconfig(cfg);
75 }
76 }
77
78 return (result);
79 }
80
81 /*
82 * Figure out which repository we use in compat mode.
83 */
84 int
get_compat_mode(void)85 get_compat_mode(void)
86 {
87 struct __nsw_switchconfig *cfg;
88 enum __nsw_parse_err pserr;
89 int result = REP_COMPAT_NIS;
90
91 if ((cfg = __nsw_getconfig("passwd_compat", &pserr)) != NULL) {
92 if (strcmp(cfg->lookups->service_name, "ldap") == 0)
93 result = REP_COMPAT_LDAP;
94 }
95 (void) __nsw_freeconfig(cfg);
96
97 return (result);
98 }
99
100 /*
101 * get_ns(rep, accesstype)
102 *
103 * returns a bitmask of repositories to use based on either
104 * 1. the repository that is given as argument
105 * 2. the nsswitch.conf file
106 * 3. the type of access requested
107 *
108 * "accesstype" indicates whether we are reading from or writing to the
109 * repository. We need to know this since "compat" will translate into
110 * REP_NSS (the nss-switch) for READ access (needed to decode
111 * the black-magic '+' entries) but it translates into a bitmask
112 * on WRITE access.
113 *
114 * If we detect read-access in compat mode, we augment the result
115 * with one of REP_COMPAT_{NIS,LDAP}. We need this in order to
116 * implement ATTR_REP_NAME in nss_getpwnam.
117 *
118 * A return value of REP_NOREP indicates an error.
119 */
120 int
get_ns(pwu_repository_t * rep,int accesstype)121 get_ns(pwu_repository_t *rep, int accesstype)
122 {
123 struct __nsw_switchconfig *conf = NULL;
124 enum __nsw_parse_err pserr;
125 struct __nsw_lookup *lkp;
126 struct __nsw_lookup *lkp2;
127 struct __nsw_lookup *lkp3;
128 struct __nsw_lookup *lkpn;
129 int result = REP_NOREP;
130
131 if (rep != PWU_DEFAULT_REP) {
132 result = name_to_int(rep->type);
133 return (result);
134 }
135
136 conf = __nsw_getconfig("passwd", &pserr);
137 if (conf == NULL) {
138 /*
139 * No config found. The user didn't supply a repository,
140 * so we try to change the password in the default
141 * repositories (files and nis) even though we cannot
142 * find the name service switch entry. (Backward compat)
143 */
144 syslog(LOG_ERR, "passwdutil.so: nameservice switch entry for "
145 "passwd not found.");
146 result = REP_FILES | REP_NIS;
147 return (result);
148 }
149
150 lkp = conf->lookups;
151
152 /*
153 * Supported nsswitch.conf can have a maximum of 3 repositories.
154 * If we encounter an unsupported nsswitch.conf, we return REP_NSS
155 * to fall back to the nsswitch backend.
156 *
157 * Note that specifying 'ad' in the configuration is acceptable
158 * though changing AD users' passwords through passwd(1) is not.
159 * Therefore "ad" will be silently ignored.
160 */
161 if (conf->num_lookups == 1) {
162 /* files or compat */
163
164 if (strcmp(lkp->service_name, "files") == 0) {
165 result = name_to_int(lkp->service_name);
166 } else if (strcmp(lkp->service_name, "compat") == 0) {
167 if (accesstype == PWU_READ)
168 result = REP_NSS | get_compat_mode();
169 else
170 result = name_to_int(lkp->service_name);
171 } else
172 result = REP_NSS;
173
174 } else if (conf->num_lookups == 2) {
175 lkp2 = lkp->next;
176 if (strcmp(lkp->service_name, "files") == 0) {
177 result = REP_FILES;
178 if (strcmp(lkp2->service_name, "ldap") == 0)
179 result |= REP_LDAP;
180 else if (strcmp(lkp2->service_name, "nis") == 0)
181 result |= REP_NIS;
182 else if (strcmp(lkp2->service_name, "ad") != 0)
183 result = REP_NSS;
184 /* AD is ignored */
185 } else {
186 result = REP_NSS;
187 }
188 } else if (conf->num_lookups == 3) {
189 /*
190 * Valid configurations with 3 repositories are:
191 * files ad [nis | ldap ] OR
192 * files [nis | ldap ] ad
193 */
194 lkp2 = lkp->next;
195 lkp3 = lkp2->next;
196 if (strcmp(lkp2->service_name, "ad") == 0)
197 lkpn = lkp3;
198 else if (strcmp(lkp3->service_name, "ad") == 0)
199 lkpn = lkp2;
200 else
201 lkpn = NULL;
202 if (strcmp(lkp->service_name, "files") == 0 &&
203 lkpn != NULL) {
204 result = REP_FILES;
205 if (strcmp(lkpn->service_name, "ldap") == 0)
206 result |= REP_LDAP;
207 else if (strcmp(lkpn->service_name, "nis") == 0)
208 result |= REP_NIS;
209 else
210 result = REP_NSS;
211 } else {
212 result = REP_NSS;
213 }
214 } else {
215 result = REP_NSS;
216 }
217
218 (void) __nsw_freeconfig(conf);
219 return (result);
220 }
221
222 static void
nss_ldap_passwd(p)223 nss_ldap_passwd(p)
224 nss_db_params_t *p;
225 {
226 p->name = NSS_DBNAM_PASSWD;
227 p->flags |= NSS_USE_DEFAULT_CONFIG;
228 p->default_config = "ldap";
229 }
230
231 static void
nss_ldap_shadow(p)232 nss_ldap_shadow(p)
233 nss_db_params_t *p;
234 {
235 p->name = NSS_DBNAM_SHADOW;
236 p->config_name = NSS_DBNAM_PASSWD; /* Use config for "passwd" */
237 p->flags |= NSS_USE_DEFAULT_CONFIG;
238 p->default_config = "ldap";
239 }
240
241
242 #ifdef PAM_NIS
243 static void
nss_nis_passwd(p)244 nss_nis_passwd(p)
245 nss_db_params_t *p;
246 {
247 p->name = NSS_DBNAM_PASSWD;
248 p->flags |= NSS_USE_DEFAULT_CONFIG;
249 p->default_config = "nis";
250 }
251
252 static void
nss_nis_shadow(p)253 nss_nis_shadow(p)
254 nss_db_params_t *p;
255 {
256 p->name = NSS_DBNAM_SHADOW;
257 p->config_name = NSS_DBNAM_PASSWD; /* Use config for "passwd" */
258 p->flags |= NSS_USE_DEFAULT_CONFIG;
259 p->default_config = "nis";
260 }
261 #endif /* PAM_NIS */
262
263 static char *
gettok(nextpp)264 gettok(nextpp)
265 char **nextpp;
266 {
267 char *p = *nextpp;
268 char *q = p;
269 char c;
270
271 if (p == 0) {
272 return (0);
273 }
274 while ((c = *q) != '\0' && c != ':') {
275 q++;
276 }
277 if (c == '\0') {
278 *nextpp = 0;
279 } else {
280 *q++ = '\0';
281 *nextpp = q;
282 }
283 return (p);
284 }
285
286 /*
287 * Return values: 0 = success, 1 = parse error, 2 = erange ...
288 * The structure pointer passed in is a structure in the caller's space
289 * wherein the field pointers would be set to areas in the buffer if
290 * need be. instring and buffer should be separate areas.
291 */
292 static int
str2passwd(const char * instr,int lenstr,void * ent,char * buffer,int buflen)293 str2passwd(const char *instr, int lenstr, void *ent, char *buffer, int buflen)
294 {
295 struct passwd *passwd = (struct passwd *)ent;
296 char *p, *next;
297 int black_magic; /* "+" or "-" entry */
298
299 if (lenstr + 1 > buflen) {
300 return (NSS_STR_PARSE_ERANGE);
301 }
302 /*
303 * We copy the input string into the output buffer and
304 * operate on it in place.
305 */
306 (void) memcpy(buffer, instr, lenstr);
307 buffer[lenstr] = '\0';
308
309 next = buffer;
310
311 passwd->pw_name = p = gettok(&next); /* username */
312 if (*p == '\0') {
313 /* Empty username; not allowed */
314 return (NSS_STR_PARSE_PARSE);
315 }
316 black_magic = (*p == '+' || *p == '-');
317 if (black_magic) {
318 passwd->pw_uid = UID_NOBODY;
319 passwd->pw_gid = GID_NOBODY;
320 /*
321 * pwconv tests pw_passwd and pw_age == NULL
322 */
323 passwd->pw_passwd = "";
324 passwd->pw_age = "";
325 /*
326 * the rest of the passwd entry is "optional"
327 */
328 passwd->pw_comment = "";
329 passwd->pw_gecos = "";
330 passwd->pw_dir = "";
331 passwd->pw_shell = "";
332 }
333
334 passwd->pw_passwd = p = gettok(&next); /* password */
335 if (p == 0) {
336 if (black_magic)
337 return (NSS_STR_PARSE_SUCCESS);
338 else
339 return (NSS_STR_PARSE_PARSE);
340 }
341 for (; *p != '\0'; p++) { /* age */
342 if (*p == ',') {
343 *p++ = '\0';
344 break;
345 }
346 }
347 passwd->pw_age = p;
348
349 p = next; /* uid */
350 if (p == 0 || *p == '\0') {
351 if (black_magic)
352 return (NSS_STR_PARSE_SUCCESS);
353 else
354 return (NSS_STR_PARSE_PARSE);
355 }
356 if (!black_magic) {
357 passwd->pw_uid = strtol(p, &next, 10);
358 if (next == p) {
359 /* uid field should be nonempty */
360 return (NSS_STR_PARSE_PARSE);
361 }
362 /*
363 * The old code (in 2.0 thru 2.5) would check
364 * for the uid being negative, or being greater
365 * than 60001 (the rfs limit). If it met either of
366 * these conditions, the uid was translated to 60001.
367 *
368 * Now we just check for ephemeral uids; anything else
369 * is administrative policy
370 */
371 if (passwd->pw_uid > MAXUID)
372 passwd->pw_uid = UID_NOBODY;
373 }
374 if (*next++ != ':') {
375 if (black_magic)
376 p = gettok(&next);
377 else
378 return (NSS_STR_PARSE_PARSE);
379 }
380 p = next; /* gid */
381 if (p == 0 || *p == '\0') {
382 if (black_magic)
383 return (NSS_STR_PARSE_SUCCESS);
384 else
385 return (NSS_STR_PARSE_PARSE);
386 }
387 if (!black_magic) {
388 passwd->pw_gid = strtol(p, &next, 10);
389 if (next == p) {
390 /* gid field should be nonempty */
391 return (NSS_STR_PARSE_PARSE);
392 }
393 /*
394 * gid should be non-negative; anything else
395 * is administrative policy.
396 */
397 if (passwd->pw_gid > MAXUID)
398 passwd->pw_gid = GID_NOBODY;
399 }
400 if (*next++ != ':') {
401 if (black_magic)
402 p = gettok(&next);
403 else
404 return (NSS_STR_PARSE_PARSE);
405 }
406
407 passwd->pw_gecos = passwd->pw_comment = p = gettok(&next);
408 if (p == 0) {
409 if (black_magic)
410 return (NSS_STR_PARSE_SUCCESS);
411 else
412 return (NSS_STR_PARSE_PARSE);
413 }
414
415 passwd->pw_dir = p = gettok(&next);
416 if (p == 0) {
417 if (black_magic)
418 return (NSS_STR_PARSE_SUCCESS);
419 else
420 return (NSS_STR_PARSE_PARSE);
421 }
422
423 passwd->pw_shell = p = gettok(&next);
424 if (p == 0) {
425 if (black_magic)
426 return (NSS_STR_PARSE_SUCCESS);
427 else
428 return (NSS_STR_PARSE_PARSE);
429 }
430
431 /* Better not be any more fields... */
432 if (next == 0) {
433 /* Successfully parsed and stored */
434 return (NSS_STR_PARSE_SUCCESS);
435 }
436 return (NSS_STR_PARSE_PARSE);
437 }
438
439 typedef const char *constp;
440
441 /*
442 * Return value 1 means success and more input, 0 means error or no more
443 */
444 static int
getfield(nextp,limit,uns,valp)445 getfield(nextp, limit, uns, valp)
446 constp *nextp;
447 constp limit;
448 int uns;
449 void *valp;
450 {
451 constp p = *nextp;
452 char *endfield;
453 char numbuf[12]; /* Holds -2^31 and trailing ':' */
454 int len;
455 long x;
456 unsigned long ux;
457
458 if (p == 0 || p >= limit) {
459 return (0);
460 }
461 if (*p == ':') {
462 p++;
463 *nextp = p;
464 return (p < limit);
465 }
466 if ((len = limit - p) > sizeof (numbuf) - 1) {
467 len = sizeof (numbuf) - 1;
468 }
469 /*
470 * We want to use strtol() and we have a readonly non-zero-terminated
471 * string, so first we copy and terminate the interesting bit.
472 * Ugh. (It's convenient to terminate with a colon rather than \0).
473 */
474 if ((endfield = memccpy(numbuf, p, ':', len)) == 0) {
475 if (len != limit - p) {
476 /* Error -- field is too big to be a legit number */
477 return (0);
478 }
479 numbuf[len] = ':';
480 p = limit;
481 } else {
482 p += (endfield - numbuf);
483 }
484 if (uns) {
485 ux = strtoul(numbuf, &endfield, 10);
486 if (*endfield != ':') {
487 /* Error -- expected <integer><colon> */
488 return (0);
489 }
490 *((unsigned int *)valp) = (unsigned int)ux;
491 } else {
492 x = strtol(numbuf, &endfield, 10);
493 if (*endfield != ':') {
494 /* Error -- expected <integer><colon> */
495 return (0);
496 }
497 *((int *)valp) = (int)x;
498 }
499 *nextp = p;
500 return (p < limit);
501 }
502
503 /*
504 * str2spwd() -- convert a string to a shadow passwd entry. The parser is
505 * more liberal than the passwd or group parsers; since it's legitimate
506 * for almost all the fields here to be blank, the parser lets one omit
507 * any number of blank fields at the end of the entry. The acceptable
508 * forms for '+' and '-' entries are the same as those for normal entries.
509 * === Is this likely to do more harm than good?
510 *
511 * Return values: 0 = success, 1 = parse error, 2 = erange ...
512 * The structure pointer passed in is a structure in the caller's space
513 * wherein the field pointers would be set to areas in the buffer if
514 * need be. instring and buffer should be separate areas.
515 */
516 int
str2spwd(instr,lenstr,ent,buffer,buflen)517 str2spwd(instr, lenstr, ent, buffer, buflen)
518 const char *instr;
519 int lenstr;
520 void *ent; /* really (struct spwd *) */
521 char *buffer;
522 int buflen;
523 {
524 struct spwd *shadow = (struct spwd *)ent;
525 const char *p = instr, *limit;
526 char *bufp;
527 int lencopy, black_magic;
528
529 limit = p + lenstr;
530 if ((p = memchr(instr, ':', lenstr)) == 0 ||
531 ++p >= limit ||
532 (p = memchr(p, ':', limit - p)) == 0) {
533 lencopy = lenstr;
534 p = 0;
535 } else {
536 lencopy = p - instr;
537 p++;
538 }
539 if (lencopy + 1 > buflen) {
540 return (NSS_STR_PARSE_ERANGE);
541 }
542 (void) memcpy(buffer, instr, lencopy);
543 buffer[lencopy] = 0;
544
545 black_magic = (*instr == '+' || *instr == '-');
546 shadow->sp_namp = bufp = buffer;
547 shadow->sp_pwdp = 0;
548 shadow->sp_lstchg = -1;
549 shadow->sp_min = -1;
550 shadow->sp_max = -1;
551 shadow->sp_warn = -1;
552 shadow->sp_inact = -1;
553 shadow->sp_expire = -1;
554 shadow->sp_flag = 0;
555
556 if ((bufp = strchr(bufp, ':')) == 0) {
557 if (black_magic)
558 return (NSS_STR_PARSE_SUCCESS);
559 else
560 return (NSS_STR_PARSE_PARSE);
561 }
562 *bufp++ = '\0';
563
564 shadow->sp_pwdp = bufp;
565 if (instr == 0) {
566 if ((bufp = strchr(bufp, ':')) == 0) {
567 if (black_magic)
568 return (NSS_STR_PARSE_SUCCESS);
569 else
570 return (NSS_STR_PARSE_PARSE);
571 }
572 *bufp++ = '\0';
573 p = bufp;
574 } /* else p was set when we copied name and passwd into the buffer */
575
576 if (!getfield(&p, limit, 0, &shadow->sp_lstchg))
577 return (NSS_STR_PARSE_SUCCESS);
578 if (!getfield(&p, limit, 0, &shadow->sp_min))
579 return (NSS_STR_PARSE_SUCCESS);
580 if (!getfield(&p, limit, 0, &shadow->sp_max))
581 return (NSS_STR_PARSE_SUCCESS);
582 if (!getfield(&p, limit, 0, &shadow->sp_warn))
583 return (NSS_STR_PARSE_SUCCESS);
584 if (!getfield(&p, limit, 0, &shadow->sp_inact))
585 return (NSS_STR_PARSE_SUCCESS);
586 if (!getfield(&p, limit, 0, &shadow->sp_expire))
587 return (NSS_STR_PARSE_SUCCESS);
588 if (!getfield(&p, limit, 1, &shadow->sp_flag))
589 return (NSS_STR_PARSE_SUCCESS);
590 if (p != limit) {
591 /* Syntax error -- garbage at end of line */
592 return (NSS_STR_PARSE_PARSE);
593 }
594 return (NSS_STR_PARSE_SUCCESS);
595 }
596
597 static nss_XbyY_buf_t *buffer;
598 static DEFINE_NSS_DB_ROOT(db_root);
599
600 #define GETBUF() \
601 NSS_XbyY_ALLOC(&buffer, sizeof (struct passwd), NSS_BUFLEN_PASSWD)
602
603 #pragma fini(endutilpwent)
604
605 static void
endutilpwent(void)606 endutilpwent(void)
607 {
608 NSS_XbyY_FREE(&buffer);
609 nss_delete(&db_root);
610 }
611
612 /*ARGSUSED*/
613 struct passwd *
getpwnam_from(const char * name,pwu_repository_t * rep,int reptype)614 getpwnam_from(const char *name, pwu_repository_t *rep, int reptype)
615 {
616 nss_XbyY_buf_t *b = GETBUF();
617 nss_XbyY_args_t arg;
618
619 if (b == 0)
620 return (0);
621
622 NSS_XbyY_INIT(&arg, b->result, b->buffer, b->buflen, str2passwd);
623 arg.key.name = name;
624
625 switch (reptype) {
626 case REP_LDAP:
627 (void) nss_search(&db_root, nss_ldap_passwd,
628 NSS_DBOP_PASSWD_BYNAME, &arg);
629 break;
630 #ifdef PAM_NIS
631 case REP_NIS:
632 (void) nss_search(&db_root, nss_nis_passwd,
633 NSS_DBOP_PASSWD_BYNAME, &arg);
634 break;
635 #endif
636 default:
637 return (NULL);
638 }
639
640 return (struct passwd *)NSS_XbyY_FINI(&arg);
641 }
642
643 /*ARGSUSED*/
644 struct passwd *
getpwuid_from(uid_t uid,pwu_repository_t * rep,int reptype)645 getpwuid_from(uid_t uid, pwu_repository_t *rep, int reptype)
646 {
647 nss_XbyY_buf_t *b = GETBUF();
648 nss_XbyY_args_t arg;
649
650 if (b == 0)
651 return (0);
652
653 NSS_XbyY_INIT(&arg, b->result, b->buffer, b->buflen, str2passwd);
654 arg.key.uid = uid;
655
656 switch (reptype) {
657 case REP_LDAP:
658 (void) nss_search(&db_root, nss_ldap_passwd,
659 NSS_DBOP_PASSWD_BYUID, &arg);
660 break;
661 #ifdef PAM_NIS
662 case REP_NIS:
663 (void) nss_search(&db_root, nss_nis_passwd,
664 NSS_DBOP_PASSWD_BYUID, &arg);
665 break;
666 #endif
667 default:
668 return (NULL);
669 }
670
671 return (struct passwd *)NSS_XbyY_FINI(&arg);
672 }
673
674 static nss_XbyY_buf_t *spbuf;
675 static DEFINE_NSS_DB_ROOT(spdb_root);
676
677 #define GETSPBUF() \
678 NSS_XbyY_ALLOC(&spbuf, sizeof (struct spwd), NSS_BUFLEN_SHADOW)
679
680 #pragma fini(endutilspent)
681
682 static void
endutilspent(void)683 endutilspent(void)
684 {
685 NSS_XbyY_FREE(&spbuf);
686 nss_delete(&spdb_root);
687 }
688
689 /*ARGSUSED*/
690 struct spwd *
getspnam_from(const char * name,pwu_repository_t * rep,int reptype)691 getspnam_from(const char *name, pwu_repository_t *rep, int reptype)
692 {
693 nss_XbyY_buf_t *b = GETSPBUF();
694 nss_XbyY_args_t arg;
695
696 if (b == 0)
697 return (0);
698
699 NSS_XbyY_INIT(&arg, b->result, b->buffer, b->buflen, str2spwd);
700 arg.key.name = name;
701 switch (reptype) {
702 case REP_LDAP:
703 (void) nss_search(&spdb_root, nss_ldap_shadow,
704 NSS_DBOP_SHADOW_BYNAME, &arg);
705 break;
706 #ifdef PAM_NIS
707 case REP_NIS:
708 (void) nss_search(&spdb_root, nss_nis_shadow,
709 NSS_DBOP_SHADOW_BYNAME, &arg);
710 break;
711 #endif
712 default:
713 return (NULL);
714 }
715 return (struct spwd *)NSS_XbyY_FINI(&arg);
716 }
717