1/* Copyright (C) 1996-2016 Free Software Foundation, Inc.
2 This file is part of the GNU C Library.
3
4 The GNU C Library is free software; you can redistribute it and/or
5 modify it under the terms of the GNU Lesser General Public
6 License as published by the Free Software Foundation; either
7 version 2.1 of the License, or (at your option) any later version.
8
9 The GNU C Library is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 Lesser General Public License for more details.
13
14 You should have received a copy of the GNU Lesser General Public
15 License along with the GNU C Library; if not, see
16 <http://www.gnu.org/licenses/>. */
17
18#include <assert.h>
19#include <atomic.h>
20#include <libc-lock.h>
21#include <errno.h>
22#include <netdb.h>
23#include <stdbool.h>
24#include <stdlib.h>
25#include <string.h>
26#include "netgroup.h"
27#include "nsswitch.h"
28#include <sysdep.h>
29#include <nscd/nscd_proto.h>
30
31
32/* Protect above variable against multiple uses at the same time. */
33__libc_lock_define_initialized (static, lock)
34
35/* The whole information for the set/get/endnetgrent functions are
36 kept in this structure. */
37static struct __netgrent dataset;
38
39/* The lookup function for the first entry of this service. */
40extern int __nss_netgroup_lookup (service_user **nipp, const char *name,
41 void **fctp) internal_function;
42
43/* Set up NIP to run through the services. Return nonzero if there are no
44 services (left). */
45static int
46setup (void **fctp, service_user **nipp)
47{
48 /* Remember the first service_entry, it's always the same. */
49 static bool startp_initialized;
50 static service_user *startp;
51 int no_more;
52
53 if (!startp_initialized)
54 {
55 /* Executing this more than once at the same time must yield the
56 same result every time. So we need no locking. */
57 no_more = __nss_netgroup_lookup (nipp, "setnetgrent", fctp);
58 startp = no_more ? (service_user *) -1 : *nipp;
59#ifdef PTR_MANGLE
60 PTR_MANGLE (startp);
61#endif
62 atomic_write_barrier ();
63 startp_initialized = true;
64 }
65 else
66 {
67 service_user *nip = startp;
68#ifdef PTR_DEMANGLE
69 PTR_DEMANGLE (nip);
70#endif
71 if (nip == (service_user *) -1)
72 /* No services at all. */
73 return 1;
74
75 /* Reset to the beginning of the service list. */
76 *nipp = nip;
77 /* Look up the first function. */
78 no_more = __nss_lookup (nipp, "setnetgrent", NULL, fctp);
79 }
80 return no_more;
81}
82
83/* Free used memory. */
84static void
85free_memory (struct __netgrent *data)
86{
87 while (data->known_groups != NULL)
88 {
89 struct name_list *tmp = data->known_groups;
90 data->known_groups = data->known_groups->next;
91 free (tmp);
92 }
93
94 while (data->needed_groups != NULL)
95 {
96 struct name_list *tmp = data->needed_groups;
97 data->needed_groups = data->needed_groups->next;
98 free (tmp);
99 }
100}
101
102static void
103endnetgrent_hook (struct __netgrent *datap)
104{
105 enum nss_status (*endfct) (struct __netgrent *);
106
107 if (datap->nip == NULL || datap->nip == (service_user *) -1l)
108 return;
109
110 endfct = __nss_lookup_function (datap->nip, "endnetgrent");
111 if (endfct != NULL)
112 (void) (*endfct) (datap);
113 datap->nip = NULL;
114}
115
116static int
117internal_function
118__internal_setnetgrent_reuse (const char *group, struct __netgrent *datap,
119 int *errnop)
120{
121 union
122 {
123 enum nss_status (*f) (const char *, struct __netgrent *);
124 void *ptr;
125 } fct;
126 enum nss_status status = NSS_STATUS_UNAVAIL;
127 struct name_list *new_elem;
128
129 /* Free data from previous service. */
130 endnetgrent_hook (datap);
131
132 /* Cycle through all the services and run their setnetgrent functions. */
133 int no_more = setup (&fct.ptr, &datap->nip);
134 while (! no_more)
135 {
136 assert (datap->data == NULL);
137
138 /* Ignore status, we force check in `__nss_next2'. */
139 status = DL_CALL_FCT (*fct.f, (group, datap));
140
141 service_user *old_nip = datap->nip;
142 no_more = __nss_next2 (&datap->nip, "setnetgrent", NULL, &fct.ptr,
143 status, 0);
144
145 if (status == NSS_STATUS_SUCCESS && ! no_more)
146 {
147 enum nss_status (*endfct) (struct __netgrent *);
148
149 endfct = __nss_lookup_function (old_nip, "endnetgrent");
150 if (endfct != NULL)
151 (void) DL_CALL_FCT (*endfct, (datap));
152 }
153 }
154
155 /* Add the current group to the list of known groups. */
156 size_t group_len = strlen (group) + 1;
157 new_elem = (struct name_list *) malloc (sizeof (struct name_list)
158 + group_len);
159 if (new_elem == NULL)
160 {
161 *errnop = errno;
162 status = NSS_STATUS_TRYAGAIN;
163 }
164 else
165 {
166 new_elem->next = datap->known_groups;
167 memcpy (new_elem->name, group, group_len);
168 datap->known_groups = new_elem;
169 }
170
171 return status == NSS_STATUS_SUCCESS;
172}
173
174int
175internal_function
176__internal_setnetgrent (const char *group, struct __netgrent *datap)
177{
178 /* Free list of all netgroup names from last run. */
179 free_memory (datap);
180
181 return __internal_setnetgrent_reuse (group, datap, &errno);
182}
183libc_hidden_def (__internal_setnetgrent)
184
185static int
186nscd_setnetgrent (const char *group)
187{
188#ifdef USE_NSCD
189 if (__nss_not_use_nscd_netgroup > 0
190 && ++__nss_not_use_nscd_netgroup > NSS_NSCD_RETRY)
191 __nss_not_use_nscd_netgroup = 0;
192
193 if (!__nss_not_use_nscd_netgroup
194 && !__nss_database_custom[NSS_DBSIDX_netgroup])
195 return __nscd_setnetgrent (group, &dataset);
196#endif
197 return -1;
198}
199
200int
201setnetgrent (const char *group)
202{
203 int result;
204
205 __libc_lock_lock (lock);
206
207 result = nscd_setnetgrent (group);
208 if (result < 0)
209 result = __internal_setnetgrent (group, &dataset);
210
211 __libc_lock_unlock (lock);
212
213 return result;
214}
215
216void
217internal_function
218__internal_endnetgrent (struct __netgrent *datap)
219{
220 endnetgrent_hook (datap);
221 /* Now free list of all netgroup names from last run. */
222 free_memory (datap);
223}
224libc_hidden_def (__internal_endnetgrent)
225
226
227void
228endnetgrent (void)
229{
230 __libc_lock_lock (lock);
231
232 __internal_endnetgrent (&dataset);
233
234 __libc_lock_unlock (lock);
235}
236
237#ifdef USE_NSCD
238static const char *
239get_nonempty_val (const char *in)
240{
241 if (*in == '\0')
242 return NULL;
243 return in;
244}
245
246static enum nss_status
247nscd_getnetgrent (struct __netgrent *datap, char *buffer, size_t buflen,
248 int *errnop)
249{
250 if (datap->cursor >= datap->data + datap->data_size)
251 return NSS_STATUS_UNAVAIL;
252
253 datap->type = triple_val;
254 datap->val.triple.host = get_nonempty_val (datap->cursor);
255 datap->cursor = (char *) __rawmemchr (datap->cursor, '\0') + 1;
256 datap->val.triple.user = get_nonempty_val (datap->cursor);
257 datap->cursor = (char *) __rawmemchr (datap->cursor, '\0') + 1;
258 datap->val.triple.domain = get_nonempty_val (datap->cursor);
259 datap->cursor = (char *) __rawmemchr (datap->cursor, '\0') + 1;
260
261 return NSS_STATUS_SUCCESS;
262}
263#endif
264
265int
266internal_function
267__internal_getnetgrent_r (char **hostp, char **userp, char **domainp,
268 struct __netgrent *datap,
269 char *buffer, size_t buflen, int *errnop)
270{
271 enum nss_status (*fct) (struct __netgrent *, char *, size_t, int *);
272
273 /* Initialize status to return if no more functions are found. */
274 enum nss_status status = NSS_STATUS_NOTFOUND;
275
276 /* Run through available functions, starting with the same function last
277 run. We will repeat each function as long as it succeeds, and then go
278 on to the next service action. */
279 int no_more = datap->nip == NULL;
280 if (! no_more)
281 {
282#ifdef USE_NSCD
283 /* This bogus function pointer is a special marker left by
284 __nscd_setnetgrent to tell us to use the data it left
285 before considering any modules. */
286 if (datap->nip == (service_user *) -1l)
287 fct = nscd_getnetgrent;
288 else
289#endif
290 {
291 fct = __nss_lookup_function (datap->nip, "getnetgrent_r");
292 no_more = fct == NULL;
293 }
294
295 while (! no_more)
296 {
297 status = DL_CALL_FCT (*fct, (datap, buffer, buflen, &errno));
298
299 if (status == NSS_STATUS_RETURN
300 /* The service returned a NOTFOUND, but there are more groups that
301 we need to resolve before we give up. */
302 || (status == NSS_STATUS_NOTFOUND && datap->needed_groups != NULL))
303 {
304 /* This was the last one for this group. Look at next group
305 if available. */
306 int found = 0;
307 while (datap->needed_groups != NULL && ! found)
308 {
309 struct name_list *tmp = datap->needed_groups;
310 datap->needed_groups = datap->needed_groups->next;
311 tmp->next = datap->known_groups;
312 datap->known_groups = tmp;
313
314 found = __internal_setnetgrent_reuse (datap->known_groups->name,
315 datap, errnop);
316 }
317
318 if (found && datap->nip != NULL)
319 {
320 fct = __nss_lookup_function (datap->nip, "getnetgrent_r");
321 if (fct != NULL)
322 continue;
323 }
324 }
325 else if (status == NSS_STATUS_SUCCESS && datap->type == group_val)
326 {
327 /* The last entry was a name of another netgroup. */
328 struct name_list *namep;
329
330 /* Ignore if we've seen the name before. */
331 for (namep = datap->known_groups; namep != NULL;
332 namep = namep->next)
333 if (strcmp (datap->val.group, namep->name) == 0)
334 break;
335 if (namep == NULL)
336 for (namep = datap->needed_groups; namep != NULL;
337 namep = namep->next)
338 if (strcmp (datap->val.group, namep->name) == 0)
339 break;
340 if (namep != NULL)
341 /* Really ignore. */
342 continue;
343
344 size_t group_len = strlen (datap->val.group) + 1;
345 namep = (struct name_list *) malloc (sizeof (struct name_list)
346 + group_len);
347 if (namep == NULL)
348 /* We are out of memory. */
349 status = NSS_STATUS_RETURN;
350 else
351 {
352 namep->next = datap->needed_groups;
353 memcpy (namep->name, datap->val.group, group_len);
354 datap->needed_groups = namep;
355 /* And get the next entry. */
356 continue;
357 }
358 }
359 break;
360 }
361 }
362
363 if (status == NSS_STATUS_SUCCESS)
364 {
365 *hostp = (char *) datap->val.triple.host;
366 *userp = (char *) datap->val.triple.user;
367 *domainp = (char *) datap->val.triple.domain;
368 }
369
370 return status == NSS_STATUS_SUCCESS ? 1 : 0;
371}
372libc_hidden_def (__internal_getnetgrent_r)
373
374/* The real entry point. */
375int
376__getnetgrent_r (char **hostp, char **userp, char **domainp,
377 char *buffer, size_t buflen)
378{
379 enum nss_status status;
380
381 __libc_lock_lock (lock);
382
383 status = __internal_getnetgrent_r (hostp, userp, domainp, &dataset,
384 buffer, buflen, &errno);
385
386 __libc_lock_unlock (lock);
387
388 return status;
389}
390weak_alias (__getnetgrent_r, getnetgrent_r)
391
392/* Test whether given (host,user,domain) triple is in NETGROUP. */
393int
394innetgr (const char *netgroup, const char *host, const char *user,
395 const char *domain)
396{
397#ifdef USE_NSCD
398 if (__nss_not_use_nscd_netgroup > 0
399 && ++__nss_not_use_nscd_netgroup > NSS_NSCD_RETRY)
400 __nss_not_use_nscd_netgroup = 0;
401
402 if (!__nss_not_use_nscd_netgroup
403 && !__nss_database_custom[NSS_DBSIDX_netgroup])
404 {
405 int result = __nscd_innetgr (netgroup, host, user, domain);
406 if (result >= 0)
407 return result;
408 }
409#endif
410
411 union
412 {
413 enum nss_status (*f) (const char *, struct __netgrent *);
414 void *ptr;
415 } setfct;
416 void (*endfct) (struct __netgrent *);
417 int (*getfct) (struct __netgrent *, char *, size_t, int *);
418 struct __netgrent entry;
419 int result = 0;
420 const char *current_group = netgroup;
421
422 memset (&entry, '\0', sizeof (entry));
423
424 /* Walk through the services until we found an answer or we shall
425 not work further. We can do some optimization here. Since all
426 services must provide the `setnetgrent' function we can do all
427 the work during one walk through the service list. */
428 while (1)
429 {
430 int no_more = setup (&setfct.ptr, &entry.nip);
431 while (! no_more)
432 {
433 assert (entry.data == NULL);
434
435 /* Open netgroup. */
436 enum nss_status status = DL_CALL_FCT (*setfct.f,
437 (current_group, &entry));
438
439 if (status == NSS_STATUS_SUCCESS
440 && (getfct = __nss_lookup_function (entry.nip, "getnetgrent_r"))
441 != NULL)
442 {
443 char buffer[1024];
444
445 while (DL_CALL_FCT (*getfct,
446 (&entry, buffer, sizeof buffer, &errno))
447 == NSS_STATUS_SUCCESS)
448 {
449 if (entry.type == group_val)
450 {
451 /* Make sure we haven't seen the name before. */
452 struct name_list *namep;
453
454 for (namep = entry.known_groups; namep != NULL;
455 namep = namep->next)
456 if (strcmp (entry.val.group, namep->name) == 0)
457 break;
458 if (namep == NULL)
459 for (namep = entry.needed_groups; namep != NULL;
460 namep = namep->next)
461 if (strcmp (entry.val.group, namep->name) == 0)
462 break;
463 if (namep == NULL
464 && strcmp (netgroup, entry.val.group) != 0)
465 {
466 size_t group_len = strlen (entry.val.group) + 1;
467 namep =
468 (struct name_list *) malloc (sizeof (*namep)
469 + group_len);
470 if (namep == NULL)
471 {
472 /* Out of memory, simply return. */
473 result = -1;
474 break;
475 }
476
477 namep->next = entry.needed_groups;
478 memcpy (namep->name, entry.val.group, group_len);
479 entry.needed_groups = namep;
480 }
481 }
482 else
483 {
484 if ((entry.val.triple.host == NULL || host == NULL
485 || __strcasecmp (entry.val.triple.host, host) == 0)
486 && (entry.val.triple.user == NULL || user == NULL
487 || strcmp (entry.val.triple.user, user) == 0)
488 && (entry.val.triple.domain == NULL || domain == NULL
489 || __strcasecmp (entry.val.triple.domain,
490 domain) == 0))
491 {
492 result = 1;
493 break;
494 }
495 }
496 }
497
498 /* If we found one service which does know the given
499 netgroup we don't try further. */
500 status = NSS_STATUS_RETURN;
501 }
502
503 /* Free all resources of the service. */
504 endfct = __nss_lookup_function (entry.nip, "endnetgrent");
505 if (endfct != NULL)
506 DL_CALL_FCT (*endfct, (&entry));
507
508 if (result != 0)
509 break;
510
511 /* Look for the next service. */
512 no_more = __nss_next2 (&entry.nip, "setnetgrent", NULL,
513 &setfct.ptr, status, 0);
514 }
515
516 if (result == 0 && entry.needed_groups != NULL)
517 {
518 struct name_list *tmp = entry.needed_groups;
519 entry.needed_groups = tmp->next;
520 tmp->next = entry.known_groups;
521 entry.known_groups = tmp;
522 current_group = tmp->name;
523 continue;
524 }
525
526 /* No way out. */
527 break;
528 }
529
530 /* Free the memory. */
531 free_memory (&entry);
532
533 return result == 1;
534}
535libc_hidden_def (innetgr)
536