From 7cf822201abf30c1603334e0b7e664050e2e38a2 Mon Sep 17 00:00:00 2001
From: Luke Shumaker <lukeshu@sbcglobal.net>
Date: Mon, 15 Dec 2014 02:21:32 -0500
Subject: it builds!

---
 nslcd/Makefile.am     | 19 +++++++++++--------
 nslcd/cfg.h           |  2 +-
 nslcd/common.h        | 10 +++++-----
 nslcd/db_pam.c        | 25 +++++++++++++------------
 nslcd/hackers.c       | 42 ++++++++++++++++++++++++++++++++++++++++++
 nslcd/hackers.h       | 27 +++++++++++++++++++++++++++
 nslcd/hackers_watch.c |  3 +--
 nslcd/hackers_watch.h | 17 ++---------------
 nslcd/nslcd.c         | 29 +++++++++++++++--------------
 9 files changed, 117 insertions(+), 57 deletions(-)
 create mode 100644 nslcd/hackers.c
 create mode 100644 nslcd/hackers.h

diff --git a/nslcd/Makefile.am b/nslcd/Makefile.am
index 0cdb313..acc7250 100644
--- a/nslcd/Makefile.am
+++ b/nslcd/Makefile.am
@@ -20,7 +20,7 @@
 
 sbin_PROGRAMS = nslcd
 
-AM_CPPFLAGS=-I$(top_srcdir)
+AM_CPPFLAGS=-I$(top_srcdir) -D_XOPEN_SOURCE=500 # for pthread_rwlock
 AM_CFLAGS = -std=c99 $(PTHREAD_CFLAGS) -Wall -Werror -Wextra -Wno-unused-parameter
 
 nslcd_SOURCES = nslcd.c ../nslcd.h ../common/nslcd-prot.h \
@@ -31,10 +31,13 @@ nslcd_SOURCES = nslcd.c ../nslcd.h ../common/nslcd-prot.h \
                 dispatch.c dispatch.h \
                 cfg.c cfg.h \
                 nsswitch.c invalidator.c \
-                db_config.c db_pam.c db_passwd.c db_shadow.c
+                db_config.c db_pam.c db_passwd.c db_shadow.c \
+                hackers.c hackers_watch.c hackers_parse.c \
+                hackers.h hackers_watch.h hackers_parse.h
 nslcd_LDADD = ../common/libtio.a ../common/libdict.a \
-              ../common/libexpr.a ../compat/libcompat.a \
-              @nslcd_LIBS@ @PTHREAD_LIBS@
+              ../common/libexpr.a ../common/libinotify_helpers.a \
+              ../compat/libcompat.a \
+              -lcrypt -lyaml @nslcd_LIBS@ @PTHREAD_LIBS@
 
 $(patsubst %.c,%.o,$(shell grep -lF common.h *.c)): dispatch.h
 
@@ -46,7 +49,7 @@ dispatch.c: $(filter db_%.c,$(nslcd_SOURCES)) $(filter-out .deps/%,$(MAKEFILE_LI
 		{ \
 			echo '#define NSLCD_HANDLE(db, fn)     case NSLCD_ACTION_##db##_##fn: (void)nslcd_##db##_##fn(fp, session); break;' && \
 			echo '#define NSLCD_HANDLE_UID(db, fn) case NSLCD_ACTION_##db##_##fn: (void)nslcd_##db##_##fn(fp, session, uid); break;' && \
-			echo 'void dispatch(TFILE *fp, int32_t action, MYLDAP_SESSION *session, uid_t uid) {' && \
+			echo 'void dispatch(TFILE *fp, int32_t action, struct session *session, uid_t uid) {' && \
 			echo '  switch (action) {' && \
 			sed -n 's/^NSLCD_HANDLE.*/  &)/p' $(filter %.c,$^) && \
 			echo '  default:' && \
@@ -58,8 +61,8 @@ dispatch.c: $(filter db_%.c,$(nslcd_SOURCES)) $(filter-out .deps/%,$(MAKEFILE_LI
 
 dispatch.h: $(filter db_%.c,$(nslcd_SOURCES)) $(filter-out .deps/%,$(MAKEFILE_LIST))
 	{ \
-		echo '#define NSLCD_HANDLE(db, fn)     int nslcd_##db##_##fn(TFILE *fp, MYLDAP_SESSION *);' && \
-		echo '#define NSLCD_HANDLE_UID(db, fn) int nslcd_##db##_##fn(TFILE *fp, MYLDAP_SESSION *, uid_t);' && \
-		echo 'void dispatch(TFILE *fp, int32_t action, MYLDAP_SESSION *session, uid_t uid);' && \
+		echo '#define NSLCD_HANDLE(db, fn)     int nslcd_##db##_##fn(TFILE *fp, struct session *);' && \
+		echo '#define NSLCD_HANDLE_UID(db, fn) int nslcd_##db##_##fn(TFILE *fp, struct session *, uid_t);' && \
+		echo 'void dispatch(TFILE *fp, int32_t action, struct session *session, uid_t uid);' && \
 		sed -n 's/^NSLCD_HANDLE.*/&)/p' $(filter %.c,$^); \
 	} | cpp | sed '/^#/d' > $@
diff --git a/nslcd/cfg.h b/nslcd/cfg.h
index 73f9139..b7b833c 100644
--- a/nslcd/cfg.h
+++ b/nslcd/cfg.h
@@ -53,7 +53,7 @@ struct nslcd_config {
 
   int pagesize; /* set to a greater than 0 to enable handling of paged results with the specified size */
   SET *nss_initgroups_ignoreusers;  /* the users for which no initgroups() searches should be done */
-  uid_t nss_min_uid;  /* minimum uid for users retrieved from LDAP */
+  uid_t nss_min_uid;  /* minimum uid for users retrieved */
   int nss_nested_groups; /* whether to expand nested groups */
   regex_t validnames; /* the regular expression to determine valid names */
   char *validnames_str; /* string version of validnames regexp */
diff --git a/nslcd/common.h b/nslcd/common.h
index 5658fa7..558b978 100644
--- a/nslcd/common.h
+++ b/nslcd/common.h
@@ -37,12 +37,12 @@
 #include "common/tio.h"
 #include "compat/attrs.h"
 #include "cfg.h"
-#include "hackers_watch.h"
+#include "hackers.h"
 
-#define NSS_MODULE_SONAME           NSS_LDAP_SONAME
-#define NSS_MODULE_NAME             "ldap"
-#define NSS_MODULE_ID_VERSION       "_nss_ldap_version"
-#define NSS_MODULE_ID_ENABLELOOKUPS "_nss_ldap_enablelookups"
+#define NSS_MODULE_SONAME            NSS_LDAP_SONAME
+#define NSS_MODULE_NAME              "ldap"
+#define NSS_MODULE_SYM_VERSION       "_nss_ldap_version"
+#define NSS_MODULE_SYM_ENABLELOOKUPS "_nss_ldap_enablelookups"
 
 /* macros for basic read and write operations, the following
    ERROR_OUT* marcos define the action taken on errors
diff --git a/nslcd/db_pam.c b/nslcd/db_pam.c
index 99edf40..e93a04d 100644
--- a/nslcd/db_pam.c
+++ b/nslcd/db_pam.c
@@ -32,6 +32,7 @@
 #include <stdint.h>
 #endif /* HAVE_STDINT_H */
 #include <time.h>
+#include <stdbool.h>
 
 #include "common.h"
 #include "log.h"
@@ -62,7 +63,7 @@ static int check_password(const char *password, const char *hash)
 
 static int check_password_age(struct session *session, const char *username,
                               char *authzmsg, size_t authzmsgsz,
-                              int check_maxdays, int check_mindays)
+                              bool check_maxdays, bool check_mindays)
 {
   /* hackers.git doesn't use aging features */
   return NSLCD_PAM_SUCCESS;
@@ -118,11 +119,13 @@ NSLCD_HANDLE_UID(PAM, AUTHC
                   ? NSLCD_PAM_SUCCESS
                   : NSLCD_PAM_AUTH_ERR;
   entry->authz_rc = entry->authc_rc;
-  /*myldap_get_policy_response(session, &(entry->authz_rc), &(entry->authz_msg))*/
 
-  /* perform shadow attribute checks */
-  if (entry->authz_rc == NSLCD_PAM_SUCCESS)
-    entry->authz_rc = check_password_age(session, username, entry->authz_msg, sizeof(entry->authz_msg), 1, 0);
+  if (entry->authz_rc == NSLCD_PAM_SUCCESS) {
+    /* perform shadow attribute checks */
+    entry->authz_rc = check_password_age(session, username,
+      entry->authz_msg, sizeof(entry->authz_msg),
+      true, false);
+  }
 
   return entry;
   ,/* write */
@@ -172,19 +175,17 @@ NSLCD_HANDLE(PAM, AUTHZ
   if (user == NULL)
     return NULL;
 
-  /* check authorisation search */
-  /* TODO */
-  /*int rc = LDAP_SUCCESS;
-  if (rc != LDAP_SUCCESS)*/
+  /* Parabola doesn't have any weird reasons for authorization to
+     suddenly fail */
   if (0)
   {
     entry->authz_rc = NSLCD_PAM_PERM_DENIED;
-    strcpy(entry->authz_msg, "LDAP authorisation check failed");
+    strcpy(entry->authz_msg, "hackers.git authorization check failed");
   } else {
     /* perform shadow attribute checks */
     entry->authz_rc = check_password_age(session, username,
-	    entry->authz_msg, sizeof(entry->authz_msg),
-	    0, 0);
+      entry->authz_msg, sizeof(entry->authz_msg),
+      false, false);
   }
 
   return entry;
diff --git a/nslcd/hackers.c b/nslcd/hackers.c
new file mode 100644
index 0000000..57d4f97
--- /dev/null
+++ b/nslcd/hackers.c
@@ -0,0 +1,42 @@
+#include <stdbool.h>
+#include <string.h>
+#include <errno.h>
+#include <stdlib.h>
+#include <pthread.h>
+#include "hackers_watch.h"
+#include "log.h"
+
+void *hackers_session_worker(void *sess) {
+	hackers_worker(sess);
+	return NULL;
+}
+
+struct session *hackers_session_create(pthread_t *thread) {
+	struct session *session = malloc(sizeof(struct session));
+	if (session == NULL) {
+		log_log(LOG_CRIT, "hackers_session_create(): malloc() failed to allocate memory");
+		exit(EXIT_FAILURE);
+	}
+	if (pthread_create(thread, NULL, hackers_session_worker, (void*)session)) {
+		log_log(LOG_ERR, "unable to start hackers worker thread: %s",
+		        strerror(errno));
+		exit(EXIT_FAILURE);
+	}
+	return session;
+}
+
+void hackers_session_check(struct session *sess) {
+	/* do nothing */
+}
+
+void hackers_session_close(struct session *sess) {
+	/* do nothing */
+}
+
+void hackers_session_messup(struct session *sess) {
+	pthread_rwlock_rdlock(&(sess->lock));
+}
+
+void hackers_session_cleanup(struct session *sess) {
+	pthread_rwlock_unlock(&(sess->lock));
+}		                        
diff --git a/nslcd/hackers.h b/nslcd/hackers.h
new file mode 100644
index 0000000..e784ec5
--- /dev/null
+++ b/nslcd/hackers.h
@@ -0,0 +1,27 @@
+#ifndef _HACKERS_H
+#define _HACKERS_H
+
+#include <pthread.h>
+#include <pwd.h>
+
+struct session {
+	pthread_rwlock_t lock;
+	size_t cnt;
+	struct passwd *users;
+	/* The following are only for writers */
+	char *yamldir;
+	int *in_user_wds;
+	int in_fd;
+	int in_wd_home;
+	int in_wd_yaml;
+};
+
+/*struct session *hackers_session_create(void);*/ /* create */
+struct session *hackers_session_create(pthread_t *);
+void hackers_session_check(struct session *); /* maintain */
+void hackers_session_close(struct session *); /* destroy */
+
+void hackers_session_messup(struct session *); /* before dispatch */
+void hackers_session_cleanup(struct session *); /* after dispatch */
+
+#endif
diff --git a/nslcd/hackers_watch.c b/nslcd/hackers_watch.c
index ee26e4d..31e7e3b 100644
--- a/nslcd/hackers_watch.c
+++ b/nslcd/hackers_watch.c
@@ -136,7 +136,7 @@ worker_handle_del_yaml(struct session *sess, uid_t uid) {
 	pthread_rwlock_unlock(&(sess->lock));
 }
 
-int
+void
 hackers_worker(struct session *sess) {
 	chdir(sess->yamldir);
 	for (INOTIFY_ITERATOR(sess->in_fd, event)) {
@@ -183,5 +183,4 @@ hackers_worker(struct session *sess) {
 			}
 		}
 	}
-	return -1;
 }
diff --git a/nslcd/hackers_watch.h b/nslcd/hackers_watch.h
index 09ff036..dd2f372 100644
--- a/nslcd/hackers_watch.h
+++ b/nslcd/hackers_watch.h
@@ -1,22 +1,9 @@
 #ifndef _HACKERS_WATCH_H
 #define _HACKERS_WATCH_H
 
-#include <pthread.h>
-#include <pwd.h>
-
-struct session {
-	pthread_rwlock_t lock;
-	size_t cnt;
-	struct passwd *users;
-	/* The following are only for writers */
-	char *yamldir;
-	int *in_user_wds;
-	int in_fd;
-	int in_wd_home;
-	int in_wd_yaml;
-};
+#include "hackers.h"
 
 int	hackers_init(const char *yamldir, struct session *session);
-int	hackers_worker(struct session *session);
+void	hackers_worker(struct session *session);
 
 #endif
diff --git a/nslcd/nslcd.c b/nslcd/nslcd.c
index 62d67d5..77df86c 100644
--- a/nslcd/nslcd.c
+++ b/nslcd/nslcd.c
@@ -255,9 +255,10 @@ static void handleconnection(int sock, struct session *session)
     return;
   }
   /* handle request */
+  hackers_session_messup(session);
   dispatch(fp, action, session, uid);
-  /* we're done with the request */
-  myldap_session_cleanup(session);
+  hackers_session_cleanup(session);
+
   (void)tio_close(fp);
   return;
 }
@@ -281,26 +282,26 @@ static void install_sighandler(int signum, void (*handler) (int))
 static void worker_cleanup(void *arg)
 {
   struct session *session = (struct session *)arg;
-  myldap_session_close(session);
+  hackers_session_close(session);
 }
 
-static void *worker(void UNUSED(*arg))
+static void *worker(void *_sess)
 {
-  struct session *session;
+  struct session *session = _sess;
   int csock;
   int j;
   struct sockaddr_storage addr;
   socklen_t alen;
   fd_set fds;
-  /* create a new LDAP session */
-  session = myldap_create_session();
+  /* create a new session */
+  /*session = hackers_session_create();*/
   /* clean up the session if we're done */
   pthread_cleanup_push(worker_cleanup, session);
   /* start waiting for incoming connections */
   while (1)
   {
-    /* time out connection to LDAP server if needed */
-    myldap_session_check(session);
+    /* perform any maintenance on the session */
+    hackers_session_check(session);
     /* set up the set of fds to wait on */
     FD_ZERO(&fds);
     FD_SET(nslcd_serversocket, &fds);
@@ -377,7 +378,7 @@ static void disable_nss_module(void)
   /* clear any existing errors */
   dlerror();
   /* lookup the NSS version if possible */
-  version_info = (char **)dlsym(handle, NSS_MODULE_ID_VERSION);
+  version_info = (char **)dlsym(handle, NSS_MODULE_SYM_VERSION);
   error = dlerror();
   if ((version_info != NULL) && (error == NULL))
     log_log(LOG_DEBUG, "NSS " NSS_MODULE_NAME " %s %s", version_info[0], version_info[1]);
@@ -386,7 +387,7 @@ static void disable_nss_module(void)
   /* clear any existing errors */
   dlerror();
   /* try to look up the flag */
-  enable_flag = (int *)dlsym(handle, NSS_MODULE_ID_ENABLELOOKUPS);
+  enable_flag = (int *)dlsym(handle, NSS_MODULE_SYM_ENABLELOOKUPS);
   error = dlerror();
   if ((enable_flag == NULL) || (error != NULL))
   {
@@ -465,9 +466,10 @@ int main(int argc, char *argv[])
     log_log(LOG_CRIT, "main(): malloc() failed to allocate memory");
     exit(EXIT_FAILURE);
   }
-  for (i = 0; i < nslcd_cfg->threads; i++)
+  struct session *session = hackers_session_create(&nslcd_threads[0]);
+  for (i = 1; i < nslcd_cfg->threads; i++)
   {
-    if (pthread_create(&nslcd_threads[i], NULL, worker, NULL))
+    if (pthread_create(&nslcd_threads[i], NULL, worker, (void*)session))
     {
       log_log(LOG_ERR, "unable to start worker thread %d: %s",
               i, strerror(errno));
@@ -493,7 +495,6 @@ int main(int argc, char *argv[])
     {
       log_log(LOG_INFO, "caught signal %s (%d), refresh retries",
               signame(nslcd_receivedsignal), nslcd_receivedsignal);
-      myldap_immediate_reconnect();
       nslcd_receivedsignal = 0;
     }
   }
-- 
cgit v1.2.2