From 2bdd7e9a0b059ddfdb58f4a58d339ae32d206877 Mon Sep 17 00:00:00 2001 From: Luke Shumaker Date: Tue, 16 Dec 2014 14:34:47 -0500 Subject: add a way say "this is the last result" from a handler --- nslcd/common.h | 73 ++++++++++++++++++++++++++++++------------------------- nslcd/db_pam.c | 65 +++++++++++++++++++------------------------------ nslcd/db_passwd.c | 47 +++++++++++++++++------------------ nslcd/db_shadow.c | 24 +++++++++--------- 4 files changed, 102 insertions(+), 107 deletions(-) (limited to 'nslcd') diff --git a/nslcd/common.h b/nslcd/common.h index 9364031..6477284 100644 --- a/nslcd/common.h +++ b/nslcd/common.h @@ -102,42 +102,49 @@ void invalidator_do(enum nss_map_selector map); /* macros for generating service handling code */ #define NSLCD_HANDLE(db, fn, fndecls, fnread, fncheck, tentry, fnsearch, fnwrite, fnclean) \ - int nslcd_##db##_##fn(TFILE *fp, struct session *session) \ + int nslcd_##db##_##fn(TFILE *_handle_fp, struct session *_handle_session) \ NSLCD_HANDLE_BODY(db, fn, fndecls, fnread, fncheck, tentry, fnsearch, fnwrite, fnclean) -#define NSLCD_HANDLE_UID(db, fn, fndecls, fnread, fncheck, tentry, fnsearch, fnwrite, fnclean) \ - int nslcd_##db##_##fn(TFILE *fp, struct session *session, uid_t calleruid) \ +#define NSLCD_HANDLE_UID(db, fn, fndecls, fnread, fncheck, tentry, fnsearch, fnwrite, fnclean) \ + int nslcd_##db##_##fn(TFILE *_handle_fp, struct session *_handle_session, uid_t calleruid) \ NSLCD_HANDLE_BODY(db, fn, fndecls, fnread, fncheck, tentry, fnsearch, fnwrite, fnclean) #define NSLCD_HANDLE_BODY(db, fn, fndecls, fnread, fncheck, tentry, fnsearch, fnwrite, fnclean) \ - { \ - /* define common variables */ \ - tentry *entry = NULL; \ - int rc = 1; \ - fndecls \ - __extension__ tentry *search(int *rcp) { fnsearch } \ - __extension__ int write(TFILE *fp, tentry *entry) { fnwrite } \ - __extension__ void clean() { fnclean } \ - /* read request parameters */ \ - fnread \ - /* validate request parameters */ \ - fncheck \ - /* write the response header */ \ - WRITE_INT32(fp, NSLCD_VERSION); \ - WRITE_INT32(fp, NSLCD_ACTION_##db##_##fn); \ - /* go over results */ \ - while ((entry = search(&rc)) != NULL) \ - { \ - if ( write(fp, entry) ) { \ - clean(); \ - return -1; \ - } \ - } \ - /* write the final result code */ \ - if (rc == 0) \ - { \ - WRITE_INT32(fp, NSLCD_RESULT_END); \ - } \ - clean(); \ - return 0; \ + { \ + /* define common variables */ \ + tentry *_handle_entry = NULL; \ + int _handle_rc = 1; \ + bool _handle_more = true; \ + fndecls \ + __extension__ int read(TFILE *fp) { fnread } \ + __extension__ tentry *search(struct session *session, \ + int *rcp, bool *more) { fnsearch } \ + __extension__ int write(TFILE *fp, tentry *entry) { fnwrite } \ + __extension__ void clean() { fnclean } \ + /* read request parameters */ \ + if ((_handle_rc = read(_handle_fp)) != 0) \ + return _handle_rc; \ + _handle_rc = 1; \ + /* validate request parameters */ \ + fncheck \ + /* write the response header */ \ + WRITE_INT32(_handle_fp, NSLCD_VERSION); \ + WRITE_INT32(_handle_fp, NSLCD_ACTION_##db##_##fn); \ + /* go over results */ \ + while ((_handle_entry = search(_handle_session, &_handle_rc, &_handle_more)) != NULL)\ + { \ + if ( write(_handle_fp, _handle_entry) ) { \ + clean(); \ + return -1; \ + } \ + if (! _handle_more) \ + break; \ + } \ + /* write the final result code */ \ + if (_handle_rc == 0) \ + { \ + WRITE_INT32(_handle_fp, NSLCD_RESULT_END); \ + } \ + clean(); \ + return 0; \ } /* macro to compare strings which uses the ignorecase config option to diff --git a/nslcd/db_pam.c b/nslcd/db_pam.c index c617573..857c023 100644 --- a/nslcd/db_pam.c +++ b/nslcd/db_pam.c @@ -79,7 +79,7 @@ NSLCD_HANDLE_UID(PAM, AUTHC char tty[64]; char password[BUFLEN_PASSWORD]; struct authc _entry; - ,/* read */ + ,/* int read(TFILE *fp) */ READ_STRING(fp, username); READ_STRING(fp, service); READ_STRING(fp, ruser); @@ -89,25 +89,23 @@ NSLCD_HANDLE_UID(PAM, AUTHC log_setrequest("authc=\"%s\"", username); log_log(LOG_DEBUG, "nslcd_pam_authc(\"%s\",\"%s\",\"%s\")", username, service, *password ? "***" : ""); + return 0; ,/* check */ if (!isvalidname(username)) { log_log(LOG_WARNING, "request denied by validnames option"); return -1; } - ,/* search(int *rcp) */ + ,/* search(int *rcp, bool *more) */ struct authc, - static size_t i = 0; struct passwd *user = NULL; struct authc *entry = &_entry; - - for (; i < session->cnt; i++) + *more = false; + for (size_t i = 0; i < session->cnt; i++) { if (STR_CMP(username, session->users[i].pw_name)==0) { *rcp = 0; - size_t n = i; - i = session->cnt; - user = &(session->users[n]); + user = &(session->users[i]); } } if (user == NULL) @@ -129,7 +127,7 @@ NSLCD_HANDLE_UID(PAM, AUTHC } return entry; - ,/* write */ + ,/* write(TFILE *fp, tentry *entry) */ WRITE_INT32(fp, NSLCD_RESULT_BEGIN); WRITE_INT32( fp, entry->authc_rc); WRITE_STRING(fp, username); @@ -149,29 +147,28 @@ NSLCD_HANDLE(PAM, AUTHZ char rhost[HOST_NAME_MAX+1]; char tty[64]; struct authz _entry; - ,/* read */ + ,/* int read(TFILE *fp) */ READ_STRING(fp, username); READ_STRING(fp, service); READ_STRING(fp, ruser); READ_STRING(fp, rhost); READ_STRING(fp, tty); + return 0; /* log call */ log_setrequest("authz=\"%s\"", username); log_log(LOG_DEBUG, "nslcd_pam_authz(\"%s\",\"%s\",\"%s\",\"%s\",\"%s\")", username, service, ruser, rhost, tty); ,/* check */ - ,/* search(int *rcp) */ + ,/* search(int *rcp, bool *more) */ struct authz, struct passwd *user = NULL; struct authz *entry = &_entry; - + *more = false; for (size_t i = 0; i < session->cnt; i++) { if (STR_CMP(username, session->users[i].pw_name)==0) { *rcp = 0; - size_t n = i; - i = session->cnt; - user = &(session->users[n]); + user = &(session->users[i]); } } if (user == NULL) @@ -191,7 +188,7 @@ NSLCD_HANDLE(PAM, AUTHZ } return entry; - ,/* write response */ + ,/* write(TFILE *fp, tentry *entry) */ WRITE_INT32(fp, NSLCD_RESULT_BEGIN); WRITE_INT32( fp, entry->authz_rc); WRITE_STRING(fp, entry->authz_msg); @@ -211,12 +208,13 @@ NSLCD_HANDLE(PAM, SESS_O "abcdefghijklmnopqrstuvwxyz" "01234567890"; size_t i; - ,/* read */ + ,/* int read(TFILE *fp) */ READ_STRING(fp, username); READ_STRING(fp, service); READ_STRING(fp, ruser); READ_STRING(fp, rhost); READ_STRING(fp, tty); + return 0; /* generate pseudo-random session id */ for (i = 0; i < (sizeof(sessionid) - 1); i++) sessionid[i] = alphabet[rand() % (sizeof(alphabet) - 1)]; @@ -226,18 +224,11 @@ NSLCD_HANDLE(PAM, SESS_O log_log(LOG_DEBUG, "nslcd_pam_sess_o(\"%s\",\"%s\",\"%s\",\"%s\",\"%s\"): %s", username, service, tty, rhost, ruser, sessionid); ,/* check */ - ,/* search */ + ,/* search(int *rcp, bool *more) */ void, - if (*rcp != 0) /* first time through, set success=0 (no errors), return non-NULL */ - { - return (void*)1; - *rcp = 0; - } - else /* second time through, exit by returning NULL */ - { - return NULL; - } - ,/* write */ + *more = false; + return (void*)1; /* return non-NULL */ + ,/* write(TFILE *fp, tentry *entry) */ WRITE_INT32(fp, NSLCD_RESULT_BEGIN); WRITE_STRING(fp, sessionid); return 0; @@ -252,7 +243,7 @@ NSLCD_HANDLE(PAM, SESS_C char rhost[HOST_NAME_MAX+1]; char tty[64]; char sessionid[64]; - ,/* read */ + ,/* int read(TFILE *fp) */ READ_STRING(fp, username); READ_STRING(fp, service); READ_STRING(fp, ruser); @@ -262,19 +253,13 @@ NSLCD_HANDLE(PAM, SESS_C log_setrequest("sess_c=\"%s\"", username); log_log(LOG_DEBUG, "nslcd_pam_sess_c(\"%s\",\"%s\",%s)", username, service, sessionid); + return 0; ,/* check */ - ,/* search */ + ,/* tentry *search(struct session *session, int *rcp, bool *more) */ void, - if (*rcp != 0) /* first time through, set success=0 (no errors), return non-NULL */ - { - return (void*)1; - *rcp = 0; - } - else /* second time through, exit by returning NULL */ - { - return NULL; - } - ,/* write */ + *more = false; + return (void*)1; /* return non-NULL */ + ,/* int write(TFILE *fp, tentry *entry) */ WRITE_INT32(fp, NSLCD_RESULT_BEGIN); return 0; ,/* cleanup */ diff --git a/nslcd/db_passwd.c b/nslcd/db_passwd.c index 743f4bc..ed57098 100644 --- a/nslcd/db_passwd.c +++ b/nslcd/db_passwd.c @@ -84,9 +84,10 @@ static int write_passwd(TFILE *fp, struct passwd *entry, uid_t calleruid) NSLCD_HANDLE_UID(PASSWD, BYNAME ,/* decls */ char name[BUFLEN_NAME]; - ,/* read */ + ,/* int read(TFILE *fp) */ READ_STRING(fp, name); log_setrequest("passwd=\"%s\"", name); + return 0; ,/* check */ if (!isvalidname(name)) { @@ -94,21 +95,19 @@ NSLCD_HANDLE_UID(PASSWD, BYNAME return -1; } nsswitch_check_reload(); - ,/* search */ + ,/* tentry *search(struct session *session, int *rcp, bool *more) */ struct passwd, - static size_t i = 0; - for (; i < session->cnt; i++) + *more = false; + for (size_t i = 0; i < session->cnt; i++) { if (session->users[i].pw_uid != UID_INVALID && STR_CMP(name, session->users[i].pw_name)==0) { *rcp = 0; - size_t n = i; - i = session->cnt; - return &(session->users[n]); + return &(session->users[i]); } } return NULL; - ,/* write */ + ,/* int write(TFILE *fp, tentry *entry) */ return write_passwd(fp, entry, calleruid); ,/* cleanup */ ) @@ -116,46 +115,47 @@ NSLCD_HANDLE_UID(PASSWD, BYNAME NSLCD_HANDLE_UID(PASSWD, BYUID ,/* decls */ uid_t uid; - ,/* read */ + ,/* int read(TFILe *fp) */ READ_INT32(fp, uid); log_setrequest("passwd=%lu", (unsigned long int)uid); + return 0; ,/* check */ if (uid < nslcd_cfg->nss_min_uid) { /* return an empty result */ - WRITE_INT32(fp, NSLCD_VERSION); - WRITE_INT32(fp, NSLCD_ACTION_PASSWD_BYUID); - WRITE_INT32(fp, NSLCD_RESULT_END); + WRITE_INT32(_handle_fp, NSLCD_VERSION); + WRITE_INT32(_handle_fp, NSLCD_ACTION_PASSWD_BYUID); + WRITE_INT32(_handle_fp, NSLCD_RESULT_END); return 0; } nsswitch_check_reload(); - ,/* search */ + ,/* tentry *search(struct session *session, int *rcp, bool *more) */ struct passwd, - static size_t i = 0; - for (; i < session->cnt; i++) + *more = false; + for (size_t i = 0; i < session->cnt; i++) { if (uid == session->users[i].pw_uid) { *rcp = 0; - size_t n = i; - i = session->cnt; - return &(session->users[n]); + return &(session->users[i]); } } return NULL; - ,/* write */ + ,/* int write(TFILe *fp, tentry *entry */ return write_passwd(fp, entry, calleruid); ,/* cleanup */ ) NSLCD_HANDLE_UID(PASSWD, ALL ,/* decls */ - ,/* read */ + ,/* int read(TFILE *fp) */ log_setrequest("passwd(all)"); + return 0; ,/* check */ nsswitch_check_reload(); - ,/* search */ + ,/* tentry *search(struct session *session, int *rcp, bool *more) */ struct passwd, - static size_t i = 0; + static __thread size_t i = 0; + *more = true; for (; i < session->cnt; i++) { if (session->users[i].pw_uid != UID_INVALID) { @@ -163,8 +163,9 @@ NSLCD_HANDLE_UID(PASSWD, ALL return &(session->users[i]); } } + i = 0; return NULL; - ,/* write */ + ,/* int write(TFILE *fp, tentry *entry) */ return write_passwd(fp, entry, calleruid); ,/* cleanup */ ) diff --git a/nslcd/db_shadow.c b/nslcd/db_shadow.c index 4e4d8e1..4011c7e 100644 --- a/nslcd/db_shadow.c +++ b/nslcd/db_shadow.c @@ -76,32 +76,31 @@ NSLCD_HANDLE_UID(SHADOW, BYNAME ,/* decls */ char name[BUFLEN_NAME]; struct shadow ret; - ,/* read */ + ,/* int read(TFILE *fp) */ READ_STRING(fp, name); log_setrequest("shadow=\"%s\"", name); + return 0; ,/* check */ if (!isvalidname(name)) { log_log(LOG_WARNING, "request denied by validnames option"); return -1; } - ,/* search */ + ,/* tentry *search(struct session *session, int *rcp, bool *more) */ struct shadow, - static size_t i = 0; - for (; i < session->cnt; i++) + *more = false; + for (size_t i = 0; i < session->cnt; i++) { if (session->users[i].pw_uid != UID_INVALID && STR_CMP(name, session->users[i].pw_name)==0) { *rcp = 0; - size_t n = i; - i = session->cnt; - passwd2shadow(&(session->users[n]), &ret); + passwd2shadow(&(session->users[i]), &ret); return &ret; } } return NULL; - ,/* write */ + ,/* int write(TFILE *fp, tentry *entry) */ return write_shadow(fp, entry, calleruid); ,/* cleanup */ ) @@ -109,12 +108,14 @@ NSLCD_HANDLE_UID(SHADOW, BYNAME NSLCD_HANDLE_UID(SHADOW, ALL ,/* decls */ struct shadow ret; - ,/* read */ + ,/* int read(TFILE *fp) */ log_setrequest("shadow(all)"); + return 0; ,/* check */ - ,/* search */ + ,/* tentry *search(struct session *session, int *rcp, bool *more) */ struct shadow, - static size_t i = 0; + static __thread size_t i = 0; + *more = true; for (; i < session->cnt; i++) { if (session->users[i].pw_uid != UID_INVALID) { @@ -123,6 +124,7 @@ NSLCD_HANDLE_UID(SHADOW, ALL return &ret; } } + i = 0; return NULL; ,/* write */ return write_shadow(fp, entry, calleruid); -- cgit v1.2.2