2 * Copyright (C) Stefan Metzmacher 2007 <metze@samba.org>
3 * Copyright (C) Guenther Deschner 2009 <gd@samba.org>
4 * Copyright (C) Andreas Schneider 2013 <asn@samba.org>
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
19 * 3. Neither the name of the author nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
23 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
38 #include <sys/types.h>
40 #include <sys/socket.h>
54 * Defining _POSIX_PTHREAD_SEMANTICS before including pwd.h and grp.h gives us
55 * the posix getpwnam_r(), getpwuid_r(), getgrnam_r and getgrgid_r calls on
58 #ifndef _POSIX_PTHREAD_SEMANTICS
59 #define _POSIX_PTHREAD_SEMANTICS
67 #include <arpa/inet.h>
68 #include <netinet/in.h>
72 #if defined(HAVE_NSS_H)
76 typedef enum nss_status NSS_STATUS;
77 #elif defined(HAVE_NSS_COMMON_H)
79 #include <nss_common.h>
80 #include <nss_dbdefs.h>
83 typedef nss_status_t NSS_STATUS;
85 # define NSS_STATUS_SUCCESS NSS_SUCCESS
86 # define NSS_STATUS_NOTFOUND NSS_NOTFOUND
87 # define NSS_STATUS_UNAVAIL NSS_UNAVAIL
88 # define NSS_STATUS_TRYAGAIN NSS_TRYAGAIN
90 # error "No nsswitch support detected"
94 #define PTR_DIFF(p1, p2) ((ptrdiff_t)(((const char *)(p1)) - (const char *)(p2)))
102 #define EAI_NODATA EAI_NONAME
105 #ifndef EAI_ADDRFAMILY
106 #define EAI_ADDRFAMILY EAI_FAMILY
110 #define __STRING(x) #x
113 #ifndef __STRINGSTRING
114 #define __STRINGSTRING(x) __STRING(x)
118 #define __LINESTR__ __STRINGSTRING(__LINE__)
122 #define __location__ __FILE__ ":" __LINESTR__
126 #define DNS_NAME_MAX 255
129 /* GCC have printf type attribute check. */
130 #ifdef HAVE_ATTRIBUTE_PRINTF_FORMAT
131 #define PRINTF_ATTRIBUTE(a,b) __attribute__ ((__format__ (__printf__, a, b)))
133 #define PRINTF_ATTRIBUTE(a,b)
134 #endif /* HAVE_ATTRIBUTE_PRINTF_FORMAT */
136 #ifdef HAVE_DESTRUCTOR_ATTRIBUTE
137 #define DESTRUCTOR_ATTRIBUTE __attribute__ ((destructor))
139 #define DESTRUCTOR_ATTRIBUTE
140 #endif /* HAVE_DESTRUCTOR_ATTRIBUTE */
142 #define ZERO_STRUCTP(x) do { if ((x) != NULL) memset((char *)(x), 0, sizeof(*(x))); } while(0)
145 #define SAFE_FREE(x) do { if ((x) != NULL) {free(x); (x)=NULL;} } while(0)
149 #define NWRAP_INET_ADDRSTRLEN INET6_ADDRSTRLEN
151 #define NWRAP_INET_ADDRSTRLEN INET_ADDRSTRLEN
154 enum nwrap_dbglvl_e {
162 # define NWRAP_LOG(...)
165 static void nwrap_log(enum nwrap_dbglvl_e dbglvl, const char *func, const char *format, ...) PRINTF_ATTRIBUTE(3, 4);
166 # define NWRAP_LOG(dbglvl, ...) nwrap_log((dbglvl), __func__, __VA_ARGS__)
168 static void nwrap_log(enum nwrap_dbglvl_e dbglvl,
170 const char *format, ...)
175 unsigned int lvl = 0;
178 d = getenv("NSS_WRAPPER_DEBUGLEVEL");
183 va_start(va, format);
184 vsnprintf(buffer, sizeof(buffer), format, va);
189 case NWRAP_LOG_ERROR:
191 "NWRAP_ERROR(%d) - %s: %s\n",
196 "NWRAP_WARN(%d) - %s: %s\n",
199 case NWRAP_LOG_DEBUG:
201 "NWRAP_DEBUG(%d) - %s: %s\n",
204 case NWRAP_LOG_TRACE:
206 "NWRAP_TRACE(%d) - %s: %s\n",
212 #endif /* NDEBUG NWRAP_LOG */
214 struct nwrap_libc_fns {
215 struct passwd *(*_libc_getpwnam)(const char *name);
216 int (*_libc_getpwnam_r)(const char *name, struct passwd *pwd,
217 char *buf, size_t buflen, struct passwd **result);
218 struct passwd *(*_libc_getpwuid)(uid_t uid);
219 int (*_libc_getpwuid_r)(uid_t uid, struct passwd *pwd, char *buf, size_t buflen, struct passwd **result);
220 void (*_libc_setpwent)(void);
221 struct passwd *(*_libc_getpwent)(void);
222 #ifdef HAVE_SOLARIS_GETPWENT_R
223 struct passwd *(*_libc_getpwent_r)(struct passwd *pwbuf, char *buf, size_t buflen);
225 int (*_libc_getpwent_r)(struct passwd *pwbuf, char *buf, size_t buflen, struct passwd **pwbufp);
227 void (*_libc_endpwent)(void);
228 int (*_libc_initgroups)(const char *user, gid_t gid);
229 struct group *(*_libc_getgrnam)(const char *name);
230 int (*_libc_getgrnam_r)(const char *name, struct group *grp, char *buf, size_t buflen, struct group **result);
231 struct group *(*_libc_getgrgid)(gid_t gid);
232 int (*_libc_getgrgid_r)(gid_t gid, struct group *grp, char *buf, size_t buflen, struct group **result);
233 void (*_libc_setgrent)(void);
234 struct group *(*_libc_getgrent)(void);
235 #ifdef HAVE_SOLARIS_GETGRENT_R
236 struct group *(*_libc_getgrent_r)(struct group *group, char *buf, size_t buflen);
238 int (*_libc_getgrent_r)(struct group *group, char *buf, size_t buflen, struct group **result);
240 void (*_libc_endgrent)(void);
241 int (*_libc_getgrouplist)(const char *user, gid_t group, gid_t *groups, int *ngroups);
243 void (*_libc_sethostent)(int stayopen);
244 struct hostent *(*_libc_gethostent)(void);
245 void (*_libc_endhostent)(void);
247 struct hostent *(*_libc_gethostbyname)(const char *name);
248 #ifdef HAVE_GETHOSTBYNAME2 /* GNU extension */
249 struct hostent *(*_libc_gethostbyname2)(const char *name, int af);
251 struct hostent *(*_libc_gethostbyaddr)(const void *addr, socklen_t len, int type);
253 int (*_libc_getaddrinfo)(const char *node, const char *service,
254 const struct addrinfo *hints,
255 struct addrinfo **res);
256 int (*_libc_getnameinfo)(const struct sockaddr *sa, socklen_t salen,
257 char *host, size_t hostlen,
258 char *serv, size_t servlen,
260 int (*_libc_gethostname)(char *name, size_t len);
261 #ifdef HAVE_GETHOSTBYNAME_R
262 int (*_libc_gethostbyname_r)(const char *name,
264 char *buf, size_t buflen,
265 struct hostent **result, int *h_errnop);
267 #ifdef HAVE_GETHOSTBYADDR_R
268 int (*_libc_gethostbyaddr_r)(const void *addr, socklen_t len, int type,
270 char *buf, size_t buflen,
271 struct hostent **result, int *h_errnop);
275 struct nwrap_module_nss_fns {
276 NSS_STATUS (*_nss_getpwnam_r)(const char *name, struct passwd *result, char *buffer,
277 size_t buflen, int *errnop);
278 NSS_STATUS (*_nss_getpwuid_r)(uid_t uid, struct passwd *result, char *buffer,
279 size_t buflen, int *errnop);
280 NSS_STATUS (*_nss_setpwent)(void);
281 NSS_STATUS (*_nss_getpwent_r)(struct passwd *result, char *buffer,
282 size_t buflen, int *errnop);
283 NSS_STATUS (*_nss_endpwent)(void);
284 NSS_STATUS (*_nss_initgroups)(const char *user, gid_t group, long int *start,
285 long int *size, gid_t **groups, long int limit, int *errnop);
286 NSS_STATUS (*_nss_getgrnam_r)(const char *name, struct group *result, char *buffer,
287 size_t buflen, int *errnop);
288 NSS_STATUS (*_nss_getgrgid_r)(gid_t gid, struct group *result, char *buffer,
289 size_t buflen, int *errnop);
290 NSS_STATUS (*_nss_setgrent)(void);
291 NSS_STATUS (*_nss_getgrent_r)(struct group *result, char *buffer,
292 size_t buflen, int *errnop);
293 NSS_STATUS (*_nss_endgrent)(void);
296 struct nwrap_backend {
300 struct nwrap_ops *ops;
301 struct nwrap_module_nss_fns *fns;
305 struct passwd * (*nw_getpwnam)(struct nwrap_backend *b,
307 int (*nw_getpwnam_r)(struct nwrap_backend *b,
308 const char *name, struct passwd *pwdst,
309 char *buf, size_t buflen, struct passwd **pwdstp);
310 struct passwd * (*nw_getpwuid)(struct nwrap_backend *b,
312 int (*nw_getpwuid_r)(struct nwrap_backend *b,
313 uid_t uid, struct passwd *pwdst,
314 char *buf, size_t buflen, struct passwd **pwdstp);
315 void (*nw_setpwent)(struct nwrap_backend *b);
316 struct passwd * (*nw_getpwent)(struct nwrap_backend *b);
317 int (*nw_getpwent_r)(struct nwrap_backend *b,
318 struct passwd *pwdst, char *buf,
319 size_t buflen, struct passwd **pwdstp);
320 void (*nw_endpwent)(struct nwrap_backend *b);
321 int (*nw_initgroups)(struct nwrap_backend *b,
322 const char *user, gid_t group);
323 struct group * (*nw_getgrnam)(struct nwrap_backend *b,
325 int (*nw_getgrnam_r)(struct nwrap_backend *b,
326 const char *name, struct group *grdst,
327 char *buf, size_t buflen, struct group **grdstp);
328 struct group * (*nw_getgrgid)(struct nwrap_backend *b,
330 int (*nw_getgrgid_r)(struct nwrap_backend *b,
331 gid_t gid, struct group *grdst,
332 char *buf, size_t buflen, struct group **grdstp);
333 void (*nw_setgrent)(struct nwrap_backend *b);
334 struct group * (*nw_getgrent)(struct nwrap_backend *b);
335 int (*nw_getgrent_r)(struct nwrap_backend *b,
336 struct group *grdst, char *buf,
337 size_t buflen, struct group **grdstp);
338 void (*nw_endgrent)(struct nwrap_backend *b);
341 /* Public prototypes */
343 bool nss_wrapper_enabled(void);
344 bool nss_wrapper_shadow_enabled(void);
345 bool nss_wrapper_hosts_enabled(void);
347 /* prototypes for files backend */
350 static struct passwd *nwrap_files_getpwnam(struct nwrap_backend *b,
352 static int nwrap_files_getpwnam_r(struct nwrap_backend *b,
353 const char *name, struct passwd *pwdst,
354 char *buf, size_t buflen, struct passwd **pwdstp);
355 static struct passwd *nwrap_files_getpwuid(struct nwrap_backend *b,
357 static int nwrap_files_getpwuid_r(struct nwrap_backend *b,
358 uid_t uid, struct passwd *pwdst,
359 char *buf, size_t buflen, struct passwd **pwdstp);
360 static void nwrap_files_setpwent(struct nwrap_backend *b);
361 static struct passwd *nwrap_files_getpwent(struct nwrap_backend *b);
362 static int nwrap_files_getpwent_r(struct nwrap_backend *b,
363 struct passwd *pwdst, char *buf,
364 size_t buflen, struct passwd **pwdstp);
365 static void nwrap_files_endpwent(struct nwrap_backend *b);
366 static int nwrap_files_initgroups(struct nwrap_backend *b,
367 const char *user, gid_t group);
368 static struct group *nwrap_files_getgrnam(struct nwrap_backend *b,
370 static int nwrap_files_getgrnam_r(struct nwrap_backend *b,
371 const char *name, struct group *grdst,
372 char *buf, size_t buflen, struct group **grdstp);
373 static struct group *nwrap_files_getgrgid(struct nwrap_backend *b,
375 static int nwrap_files_getgrgid_r(struct nwrap_backend *b,
376 gid_t gid, struct group *grdst,
377 char *buf, size_t buflen, struct group **grdstp);
378 static void nwrap_files_setgrent(struct nwrap_backend *b);
379 static struct group *nwrap_files_getgrent(struct nwrap_backend *b);
380 static int nwrap_files_getgrent_r(struct nwrap_backend *b,
381 struct group *grdst, char *buf,
382 size_t buflen, struct group **grdstp);
383 static void nwrap_files_endgrent(struct nwrap_backend *b);
385 /* prototypes for module backend */
387 static struct passwd *nwrap_module_getpwent(struct nwrap_backend *b);
388 static int nwrap_module_getpwent_r(struct nwrap_backend *b,
389 struct passwd *pwdst, char *buf,
390 size_t buflen, struct passwd **pwdstp);
391 static struct passwd *nwrap_module_getpwnam(struct nwrap_backend *b,
393 static int nwrap_module_getpwnam_r(struct nwrap_backend *b,
394 const char *name, struct passwd *pwdst,
395 char *buf, size_t buflen, struct passwd **pwdstp);
396 static struct passwd *nwrap_module_getpwuid(struct nwrap_backend *b,
398 static int nwrap_module_getpwuid_r(struct nwrap_backend *b,
399 uid_t uid, struct passwd *pwdst,
400 char *buf, size_t buflen, struct passwd **pwdstp);
401 static void nwrap_module_setpwent(struct nwrap_backend *b);
402 static void nwrap_module_endpwent(struct nwrap_backend *b);
403 static struct group *nwrap_module_getgrent(struct nwrap_backend *b);
404 static int nwrap_module_getgrent_r(struct nwrap_backend *b,
405 struct group *grdst, char *buf,
406 size_t buflen, struct group **grdstp);
407 static struct group *nwrap_module_getgrnam(struct nwrap_backend *b,
409 static int nwrap_module_getgrnam_r(struct nwrap_backend *b,
410 const char *name, struct group *grdst,
411 char *buf, size_t buflen, struct group **grdstp);
412 static struct group *nwrap_module_getgrgid(struct nwrap_backend *b,
414 static int nwrap_module_getgrgid_r(struct nwrap_backend *b,
415 gid_t gid, struct group *grdst,
416 char *buf, size_t buflen, struct group **grdstp);
417 static void nwrap_module_setgrent(struct nwrap_backend *b);
418 static void nwrap_module_endgrent(struct nwrap_backend *b);
419 static int nwrap_module_initgroups(struct nwrap_backend *b,
420 const char *user, gid_t group);
422 struct nwrap_ops nwrap_files_ops = {
423 .nw_getpwnam = nwrap_files_getpwnam,
424 .nw_getpwnam_r = nwrap_files_getpwnam_r,
425 .nw_getpwuid = nwrap_files_getpwuid,
426 .nw_getpwuid_r = nwrap_files_getpwuid_r,
427 .nw_setpwent = nwrap_files_setpwent,
428 .nw_getpwent = nwrap_files_getpwent,
429 .nw_getpwent_r = nwrap_files_getpwent_r,
430 .nw_endpwent = nwrap_files_endpwent,
431 .nw_initgroups = nwrap_files_initgroups,
432 .nw_getgrnam = nwrap_files_getgrnam,
433 .nw_getgrnam_r = nwrap_files_getgrnam_r,
434 .nw_getgrgid = nwrap_files_getgrgid,
435 .nw_getgrgid_r = nwrap_files_getgrgid_r,
436 .nw_setgrent = nwrap_files_setgrent,
437 .nw_getgrent = nwrap_files_getgrent,
438 .nw_getgrent_r = nwrap_files_getgrent_r,
439 .nw_endgrent = nwrap_files_endgrent,
442 struct nwrap_ops nwrap_module_ops = {
443 .nw_getpwnam = nwrap_module_getpwnam,
444 .nw_getpwnam_r = nwrap_module_getpwnam_r,
445 .nw_getpwuid = nwrap_module_getpwuid,
446 .nw_getpwuid_r = nwrap_module_getpwuid_r,
447 .nw_setpwent = nwrap_module_setpwent,
448 .nw_getpwent = nwrap_module_getpwent,
449 .nw_getpwent_r = nwrap_module_getpwent_r,
450 .nw_endpwent = nwrap_module_endpwent,
451 .nw_initgroups = nwrap_module_initgroups,
452 .nw_getgrnam = nwrap_module_getgrnam,
453 .nw_getgrnam_r = nwrap_module_getgrnam_r,
454 .nw_getgrgid = nwrap_module_getgrgid,
455 .nw_getgrgid_r = nwrap_module_getgrgid_r,
456 .nw_setgrent = nwrap_module_setgrent,
457 .nw_getgrent = nwrap_module_getgrent,
458 .nw_getgrent_r = nwrap_module_getgrent_r,
459 .nw_endgrent = nwrap_module_endgrent,
466 struct nwrap_libc_fns *fns;
471 struct nwrap_backend *backends;
472 struct nwrap_libc *libc;
475 struct nwrap_main *nwrap_main_global;
476 struct nwrap_main __nwrap_main_global;
484 bool (*parse_line)(struct nwrap_cache *, char *line);
485 void (*unload)(struct nwrap_cache *);
490 struct nwrap_cache *cache;
497 struct nwrap_cache __nwrap_cache_pw;
498 struct nwrap_pw nwrap_pw_global;
500 static bool nwrap_pw_parse_line(struct nwrap_cache *nwrap, char *line);
501 static void nwrap_pw_unload(struct nwrap_cache *nwrap);
505 struct nwrap_cache *cache;
512 struct nwrap_cache __nwrap_cache_sp;
513 struct nwrap_sp nwrap_sp_global;
515 static bool nwrap_sp_parse_line(struct nwrap_cache *nwrap, char *line);
516 static void nwrap_sp_unload(struct nwrap_cache *nwrap);
520 struct nwrap_cache *cache;
527 struct nwrap_cache __nwrap_cache_gr;
528 struct nwrap_gr nwrap_gr_global;
531 static bool nwrap_he_parse_line(struct nwrap_cache *nwrap, char *line);
532 static void nwrap_he_unload(struct nwrap_cache *nwrap);
534 struct nwrap_addrdata {
535 unsigned char host_addr[16]; /* IPv4 or IPv6 address */
536 char *h_addr_ptrs[2]; /* host_addr pointer + NULL */
539 struct nwrap_entdata {
540 struct nwrap_addrdata *addr;
545 struct nwrap_cache *cache;
547 struct nwrap_entdata *list;
552 struct nwrap_cache __nwrap_cache_he;
553 struct nwrap_he nwrap_he_global;
556 /*********************************************************
558 *********************************************************/
560 static void nwrap_init(void);
561 static bool nwrap_gr_parse_line(struct nwrap_cache *nwrap, char *line);
562 static void nwrap_gr_unload(struct nwrap_cache *nwrap);
563 void nwrap_destructor(void) DESTRUCTOR_ATTRIBUTE;
565 /*********************************************************
566 * NWRAP LIBC LOADER FUNCTIONS
567 *********************************************************/
576 static const char *nwrap_str_lib(enum nwrap_lib lib)
583 case NWRAP_LIBSOCKET:
587 /* Compiler would warn us about unhandled enum value if we get here */
592 static void *nwrap_load_lib_handle(enum nwrap_lib lib)
594 int flags = RTLD_LAZY;
599 flags |= RTLD_DEEPBIND;
605 handle = nwrap_main_global->libc->nsl_handle;
606 if (handle == NULL) {
607 for (i = 10; i >= 0; i--) {
608 char soname[256] = {0};
610 snprintf(soname, sizeof(soname), "libnsl.so.%d", i);
611 handle = dlopen(soname, flags);
612 if (handle != NULL) {
617 nwrap_main_global->libc->nsl_handle = handle;
622 case NWRAP_LIBSOCKET:
623 #ifdef HAVE_LIBSOCKET
624 handle = nwrap_main_global->libc->sock_handle;
625 if (handle == NULL) {
626 for (i = 10; i >= 0; i--) {
627 char soname[256] = {0};
629 snprintf(soname, sizeof(soname), "libsocket.so.%d", i);
630 handle = dlopen(soname, flags);
631 if (handle != NULL) {
636 nwrap_main_global->libc->sock_handle = handle;
642 handle = nwrap_main_global->libc->handle;
643 if (handle == NULL) {
644 for (i = 10; i >= 0; i--) {
645 char soname[256] = {0};
647 snprintf(soname, sizeof(soname), "libc.so.%d", i);
648 handle = dlopen(soname, flags);
649 if (handle != NULL) {
654 nwrap_main_global->libc->handle = handle;
659 if (handle == NULL) {
661 handle = nwrap_main_global->libc->handle
662 = nwrap_main_global->libc->sock_handle
663 = nwrap_main_global->libc->nsl_handle
666 NWRAP_LOG(NWRAP_LOG_ERROR,
667 "Failed to dlopen library: %s\n",
676 static void *_nwrap_load_lib_function(enum nwrap_lib lib, const char *fn_name)
683 handle = nwrap_load_lib_handle(lib);
685 func = dlsym(handle, fn_name);
687 NWRAP_LOG(NWRAP_LOG_ERROR,
688 "Failed to find %s: %s\n",
693 NWRAP_LOG(NWRAP_LOG_TRACE,
695 fn_name, nwrap_str_lib(lib));
699 #define nwrap_load_lib_function(lib, fn_name) \
700 if (nwrap_main_global->libc->fns->_libc_##fn_name == NULL) { \
701 *(void **) (&nwrap_main_global->libc->fns->_libc_##fn_name) = \
702 _nwrap_load_lib_function(lib, #fn_name); \
708 * Functions expeciall from libc need to be loaded individually, you can't load
709 * all at once or gdb will segfault at startup. The same applies to valgrind and
710 * has probably something todo with with the linker.
711 * So we need load each function at the point it is called the first time.
713 static struct passwd *libc_getpwnam(const char *name)
715 nwrap_load_lib_function(NWRAP_LIBC, getpwnam);
717 return nwrap_main_global->libc->fns->_libc_getpwnam(name);
720 #ifdef HAVE_GETPWNAM_R
721 static int libc_getpwnam_r(const char *name,
725 struct passwd **result)
727 #ifdef HAVE___POSIX_GETPWNAM_R
728 if (nwrap_main_global->libc->fns->_libc_getpwnam_r == NULL) {
729 *(void **) (&nwrap_main_global->libc->fns->_libc_getpwnam_r) =
730 _nwrap_load_lib_function(NWRAP_LIBC, "__posix_getpwnam_r");
733 nwrap_load_lib_function(NWRAP_LIBC, getpwnam_r);
736 return nwrap_main_global->libc->fns->_libc_getpwnam_r(name,
744 static struct passwd *libc_getpwuid(uid_t uid)
746 nwrap_load_lib_function(NWRAP_LIBC, getpwuid);
748 return nwrap_main_global->libc->fns->_libc_getpwuid(uid);
751 #ifdef HAVE_GETPWUID_R
752 static int libc_getpwuid_r(uid_t uid,
756 struct passwd **result)
758 #ifdef HAVE___POSIX_GETPWUID_R
759 if (nwrap_main_global->libc->fns->_libc_getpwuid_r == NULL) {
760 *(void **) (&nwrap_main_global->libc->fns->_libc_getpwuid_r) =
761 _nwrap_load_lib_function(NWRAP_LIBC, "__posix_getpwuid_r");
764 nwrap_load_lib_function(NWRAP_LIBC, getpwuid_r);
767 return nwrap_main_global->libc->fns->_libc_getpwuid_r(uid,
775 static void libc_setpwent(void)
777 nwrap_load_lib_function(NWRAP_LIBC, setpwent);
779 nwrap_main_global->libc->fns->_libc_setpwent();
782 static struct passwd *libc_getpwent(void)
784 nwrap_load_lib_function(NWRAP_LIBC, getpwent);
786 return nwrap_main_global->libc->fns->_libc_getpwent();
789 #ifdef HAVE_SOLARIS_GETPWENT_R
790 static struct passwd *libc_getpwent_r(struct passwd *pwdst,
794 nwrap_load_lib_function(NWRAP_LIBC, getpwent_r);
796 return nwrap_main_global->libc->fns->_libc_getpwent_r(pwdst,
800 #else /* HAVE_SOLARIS_GETPWENT_R */
801 static int libc_getpwent_r(struct passwd *pwdst,
804 struct passwd **pwdstp)
806 nwrap_load_lib_function(NWRAP_LIBC, getpwent_r);
808 return nwrap_main_global->libc->fns->_libc_getpwent_r(pwdst,
813 #endif /* HAVE_SOLARIS_GETPWENT_R */
815 static void libc_endpwent(void)
817 nwrap_load_lib_function(NWRAP_LIBC, endpwent);
819 nwrap_main_global->libc->fns->_libc_endpwent();
822 static int libc_initgroups(const char *user, gid_t gid)
824 nwrap_load_lib_function(NWRAP_LIBC, initgroups);
826 return nwrap_main_global->libc->fns->_libc_initgroups(user, gid);
829 static struct group *libc_getgrnam(const char *name)
831 nwrap_load_lib_function(NWRAP_LIBC, getgrnam);
833 return nwrap_main_global->libc->fns->_libc_getgrnam(name);
836 #ifdef HAVE_GETGRNAM_R
837 static int libc_getgrnam_r(const char *name,
841 struct group **result)
843 #ifdef HAVE___POSIX_GETGRNAM_R
844 if (nwrap_main_global->libc->fns->_libc_getgrnam_r == NULL) {
845 *(void **) (&nwrap_main_global->libc->fns->_libc_getgrnam_r) =
846 _nwrap_load_lib_function(NWRAP_LIBC, "__posix_getgrnam_r");
849 nwrap_load_lib_function(NWRAP_LIBC, getgrnam_r);
852 return nwrap_main_global->libc->fns->_libc_getgrnam_r(name,
860 static struct group *libc_getgrgid(gid_t gid)
862 nwrap_load_lib_function(NWRAP_LIBC, getgrgid);
864 return nwrap_main_global->libc->fns->_libc_getgrgid(gid);
867 #ifdef HAVE_GETGRGID_R
868 static int libc_getgrgid_r(gid_t gid,
872 struct group **result)
874 #ifdef HAVE___POSIX_GETGRGID_R
875 if (nwrap_main_global->libc->fns->_libc_getgrgid_r == NULL) {
876 *(void **) (&nwrap_main_global->libc->fns->_libc_getgrgid_r) =
877 _nwrap_load_lib_function(NWRAP_LIBC, "__posix_getgrgid_r");
880 nwrap_load_lib_function(NWRAP_LIBC, getgrgid_r);
883 return nwrap_main_global->libc->fns->_libc_getgrgid_r(gid,
891 static void libc_setgrent(void)
893 nwrap_load_lib_function(NWRAP_LIBC, setgrent);
895 nwrap_main_global->libc->fns->_libc_setgrent();
898 static struct group *libc_getgrent(void)
900 nwrap_load_lib_function(NWRAP_LIBC, getgrent);
902 return nwrap_main_global->libc->fns->_libc_getgrent();
905 #ifdef HAVE_GETGRENT_R
906 #ifdef HAVE_SOLARIS_GETGRENT_R
907 static struct group *libc_getgrent_r(struct group *group,
911 nwrap_load_lib_function(NWRAP_LIBC, getgrent_r);
913 return nwrap_main_global->libc->fns->_libc_getgrent_r(group,
917 #else /* !HAVE_SOLARIS_GETGRENT_R */
918 static int libc_getgrent_r(struct group *group,
921 struct group **result)
923 nwrap_load_lib_function(NWRAP_LIBC, getgrent_r);
925 return nwrap_main_global->libc->fns->_libc_getgrent_r(group,
930 #endif /* HAVE_SOLARIS_GETGRENT_R */
931 #endif /* HAVE_GETGRENT_R */
933 static void libc_endgrent(void)
935 nwrap_load_lib_function(NWRAP_LIBC, endgrent);
937 nwrap_main_global->libc->fns->_libc_endgrent();
940 #ifdef HAVE_GETGROUPLIST
941 static int libc_getgrouplist(const char *user,
946 nwrap_load_lib_function(NWRAP_LIBC, getgrouplist);
948 return nwrap_main_global->libc->fns->_libc_getgrouplist(user,
955 static void libc_sethostent(int stayopen)
957 nwrap_load_lib_function(NWRAP_LIBNSL, sethostent);
959 nwrap_main_global->libc->fns->_libc_sethostent(stayopen);
962 static struct hostent *libc_gethostent(void)
964 nwrap_load_lib_function(NWRAP_LIBNSL, gethostent);
966 return nwrap_main_global->libc->fns->_libc_gethostent();
969 static void libc_endhostent(void)
971 nwrap_load_lib_function(NWRAP_LIBNSL, endhostent);
973 nwrap_main_global->libc->fns->_libc_endhostent();
976 static struct hostent *libc_gethostbyname(const char *name)
978 nwrap_load_lib_function(NWRAP_LIBNSL, gethostbyname);
980 return nwrap_main_global->libc->fns->_libc_gethostbyname(name);
983 #ifdef HAVE_GETHOSTBYNAME2 /* GNU extension */
984 static struct hostent *libc_gethostbyname2(const char *name, int af)
986 nwrap_load_lib_function(NWRAP_LIBNSL, gethostbyname2);
988 return nwrap_main_global->libc->fns->_libc_gethostbyname2(name, af);
992 static struct hostent *libc_gethostbyaddr(const void *addr,
996 nwrap_load_lib_function(NWRAP_LIBNSL, gethostbyaddr);
998 return nwrap_main_global->libc->fns->_libc_gethostbyaddr(addr,
1003 static int libc_gethostname(char *name, size_t len)
1005 nwrap_load_lib_function(NWRAP_LIBNSL, gethostname);
1007 return nwrap_main_global->libc->fns->_libc_gethostname(name, len);
1010 #ifdef HAVE_GETHOSTBYNAME_R
1011 static int libc_gethostbyname_r(const char *name,
1012 struct hostent *ret,
1015 struct hostent **result,
1018 nwrap_load_lib_function(NWRAP_LIBNSL, gethostbyname_r);
1020 return nwrap_main_global->libc->fns->_libc_gethostbyname_r(name,
1029 #ifdef HAVE_GETHOSTBYADDR_R
1030 static int libc_gethostbyaddr_r(const void *addr,
1033 struct hostent *ret,
1036 struct hostent **result,
1039 nwrap_load_lib_function(NWRAP_LIBNSL, gethostbyaddr_r);
1041 return nwrap_main_global->libc->fns->_libc_gethostbyaddr_r(addr,
1052 static int libc_getaddrinfo(const char *node,
1053 const char *service,
1054 const struct addrinfo *hints,
1055 struct addrinfo **res)
1057 nwrap_load_lib_function(NWRAP_LIBSOCKET, getaddrinfo);
1059 return nwrap_main_global->libc->fns->_libc_getaddrinfo(node,
1065 static int libc_getnameinfo(const struct sockaddr *sa,
1073 nwrap_load_lib_function(NWRAP_LIBSOCKET, getnameinfo);
1075 return nwrap_main_global->libc->fns->_libc_getnameinfo(sa,
1084 /*********************************************************
1085 * NWRAP NSS MODULE LOADER FUNCTIONS
1086 *********************************************************/
1088 static void *nwrap_load_module_fn(struct nwrap_backend *b,
1089 const char *fn_name)
1094 if (!b->so_handle) {
1095 NWRAP_LOG(NWRAP_LOG_ERROR, "No handle");
1099 if (asprintf(&s, "_nss_%s_%s", b->name, fn_name) == -1) {
1100 NWRAP_LOG(NWRAP_LOG_ERROR, "Out of memory");
1104 res = dlsym(b->so_handle, s);
1106 NWRAP_LOG(NWRAP_LOG_ERROR,
1107 "Cannot find function %s in %s",
1114 static struct nwrap_module_nss_fns *nwrap_load_module_fns(struct nwrap_backend *b)
1116 struct nwrap_module_nss_fns *fns;
1118 if (!b->so_handle) {
1122 fns = (struct nwrap_module_nss_fns *)malloc(sizeof(struct nwrap_module_nss_fns));
1127 *(void **)(&fns->_nss_getpwnam_r) =
1128 nwrap_load_module_fn(b, "getpwnam_r");
1129 *(void **)(&fns->_nss_getpwuid_r) =
1130 nwrap_load_module_fn(b, "getpwuid_r");
1131 *(void **)(&fns->_nss_setpwent) =
1132 nwrap_load_module_fn(b, "setpwent");
1133 *(void **)(&fns->_nss_getpwent_r) =
1134 nwrap_load_module_fn(b, "getpwent_r");
1135 *(void **)(&fns->_nss_endpwent) =
1136 nwrap_load_module_fn(b, "endpwent");
1137 *(void **)(&fns->_nss_initgroups) =
1138 nwrap_load_module_fn(b, "initgroups_dyn");
1139 *(void **)(&fns->_nss_getgrnam_r) =
1140 nwrap_load_module_fn(b, "getgrnam_r");
1141 *(void **)(&fns->_nss_getgrgid_r)=
1142 nwrap_load_module_fn(b, "getgrgid_r");
1143 *(void **)(&fns->_nss_setgrent) =
1144 nwrap_load_module_fn(b, "setgrent");
1145 *(void **)(&fns->_nss_getgrent_r) =
1146 nwrap_load_module_fn(b, "getgrent_r");
1147 *(void **)(&fns->_nss_endgrent) =
1148 nwrap_load_module_fn(b, "endgrent");
1153 static void *nwrap_load_module(const char *so_path)
1157 if (!so_path || !strlen(so_path)) {
1161 h = dlopen(so_path, RTLD_LAZY);
1163 NWRAP_LOG(NWRAP_LOG_ERROR,
1164 "Cannot open shared library %s",
1172 static bool nwrap_module_init(const char *name,
1173 struct nwrap_ops *ops,
1174 const char *so_path,
1176 struct nwrap_backend **backends)
1178 struct nwrap_backend *b;
1180 *backends = (struct nwrap_backend *)realloc(*backends,
1181 sizeof(struct nwrap_backend) * ((*num_backends) + 1));
1183 NWRAP_LOG(NWRAP_LOG_ERROR, "Out of memory");
1187 b = &((*backends)[*num_backends]);
1191 b->so_path = so_path;
1193 if (so_path != NULL) {
1194 b->so_handle = nwrap_load_module(so_path);
1195 b->fns = nwrap_load_module_fns(b);
1196 if (b->fns == NULL) {
1200 b->so_handle = NULL;
1209 static void nwrap_libc_init(struct nwrap_main *r)
1211 r->libc = malloc(sizeof(struct nwrap_libc));
1212 if (r->libc == NULL) {
1213 printf("Failed to allocate memory for libc");
1216 ZERO_STRUCTP(r->libc);
1218 r->libc->fns = malloc(sizeof(struct nwrap_libc_fns));
1219 if (r->libc->fns == NULL) {
1220 printf("Failed to allocate memory for libc functions");
1223 ZERO_STRUCTP(r->libc->fns);
1226 static void nwrap_backend_init(struct nwrap_main *r)
1228 const char *module_so_path = getenv("NSS_WRAPPER_MODULE_SO_PATH");
1229 const char *module_fn_name = getenv("NSS_WRAPPER_MODULE_FN_PREFIX");
1231 r->num_backends = 0;
1234 if (!nwrap_module_init("files", &nwrap_files_ops, NULL,
1237 NWRAP_LOG(NWRAP_LOG_ERROR,
1238 "Failed to initialize 'files' backend");
1242 if (module_so_path != NULL &&
1243 module_so_path[0] != '\0' &&
1244 module_fn_name != NULL &&
1245 module_fn_name[0] != '\0') {
1246 if (!nwrap_module_init(module_fn_name,
1251 NWRAP_LOG(NWRAP_LOG_ERROR,
1252 "Failed to initialize '%s' backend",
1259 static void nwrap_init(void)
1261 static bool initialized;
1263 if (initialized) return;
1266 nwrap_main_global = &__nwrap_main_global;
1268 nwrap_libc_init(nwrap_main_global);
1270 nwrap_backend_init(nwrap_main_global);
1273 nwrap_pw_global.cache = &__nwrap_cache_pw;
1275 nwrap_pw_global.cache->path = getenv("NSS_WRAPPER_PASSWD");
1276 nwrap_pw_global.cache->fd = -1;
1277 nwrap_pw_global.cache->private_data = &nwrap_pw_global;
1278 nwrap_pw_global.cache->parse_line = nwrap_pw_parse_line;
1279 nwrap_pw_global.cache->unload = nwrap_pw_unload;
1282 nwrap_sp_global.cache = &__nwrap_cache_sp;
1284 nwrap_sp_global.cache->path = getenv("NSS_WRAPPER_SHADOW");
1285 nwrap_sp_global.cache->fd = -1;
1286 nwrap_sp_global.cache->private_data = &nwrap_sp_global;
1287 nwrap_sp_global.cache->parse_line = nwrap_sp_parse_line;
1288 nwrap_sp_global.cache->unload = nwrap_sp_unload;
1291 nwrap_gr_global.cache = &__nwrap_cache_gr;
1293 nwrap_gr_global.cache->path = getenv("NSS_WRAPPER_GROUP");
1294 nwrap_gr_global.cache->fd = -1;
1295 nwrap_gr_global.cache->private_data = &nwrap_gr_global;
1296 nwrap_gr_global.cache->parse_line = nwrap_gr_parse_line;
1297 nwrap_gr_global.cache->unload = nwrap_gr_unload;
1300 nwrap_he_global.cache = &__nwrap_cache_he;
1302 nwrap_he_global.cache->path = getenv("NSS_WRAPPER_HOSTS");
1303 nwrap_he_global.cache->fd = -1;
1304 nwrap_he_global.cache->private_data = &nwrap_he_global;
1305 nwrap_he_global.cache->parse_line = nwrap_he_parse_line;
1306 nwrap_he_global.cache->unload = nwrap_he_unload;
1309 bool nss_wrapper_enabled(void)
1313 if (nwrap_pw_global.cache->path == NULL ||
1314 nwrap_pw_global.cache->path[0] == '\0') {
1317 if (nwrap_gr_global.cache->path == NULL ||
1318 nwrap_gr_global.cache->path[0] == '\0') {
1325 bool nss_wrapper_shadow_enabled(void)
1329 if (nwrap_sp_global.cache->path == NULL ||
1330 nwrap_sp_global.cache->path[0] == '\0') {
1337 bool nss_wrapper_hosts_enabled(void)
1341 if (nwrap_he_global.cache->path == NULL ||
1342 nwrap_he_global.cache->path[0] == '\0') {
1349 static bool nwrap_hostname_enabled(void)
1353 if (getenv("NSS_WRAPPER_HOSTNAME") == NULL) {
1360 static bool nwrap_parse_file(struct nwrap_cache *nwrap)
1363 uint8_t *buf = NULL;
1366 if (nwrap->st.st_size == 0) {
1367 NWRAP_LOG(NWRAP_LOG_DEBUG, "size == 0");
1371 if (nwrap->st.st_size > INT32_MAX) {
1372 NWRAP_LOG(NWRAP_LOG_ERROR,
1373 "Size[%u] larger than INT32_MAX",
1374 (unsigned)nwrap->st.st_size);
1378 ret = lseek(nwrap->fd, 0, SEEK_SET);
1380 NWRAP_LOG(NWRAP_LOG_ERROR, "lseek - rc=%d\n", ret);
1384 buf = (uint8_t *)malloc(nwrap->st.st_size + 1);
1386 NWRAP_LOG(NWRAP_LOG_ERROR, "Out of memory");
1390 ret = read(nwrap->fd, buf, nwrap->st.st_size);
1391 if (ret != nwrap->st.st_size) {
1392 NWRAP_LOG(NWRAP_LOG_ERROR,
1394 (unsigned)nwrap->st.st_size, ret);
1398 buf[nwrap->st.st_size] = '\0';
1400 nline = (char *)buf;
1401 while (nline != NULL && nline[0] != '\0') {
1409 e = strchr(line, '\n');
1420 if (strlen(line) == 0) {
1424 ok = nwrap->parse_line(nwrap, line);
1439 static void nwrap_files_cache_unload(struct nwrap_cache *nwrap)
1441 nwrap->unload(nwrap);
1443 SAFE_FREE(nwrap->buf);
1446 static void nwrap_files_cache_reload(struct nwrap_cache *nwrap)
1451 bool retried = false;
1454 if (nwrap->fd < 0) {
1455 nwrap->fd = open(nwrap->path, O_RDONLY);
1456 if (nwrap->fd < 0) {
1457 NWRAP_LOG(NWRAP_LOG_ERROR,
1458 "Unable to open '%s' readonly %d:%s",
1459 nwrap->path, nwrap->fd,
1463 NWRAP_LOG(NWRAP_LOG_DEBUG, "Open '%s'", nwrap->path);
1466 ret = fstat(nwrap->fd, &st);
1468 NWRAP_LOG(NWRAP_LOG_ERROR,
1469 "fstat(%s) - %d:%s",
1476 if (retried == false && st.st_nlink == 0) {
1477 /* maybe someone has replaced the file... */
1478 NWRAP_LOG(NWRAP_LOG_TRACE,
1479 "st_nlink == 0, reopen %s",
1482 memset(&nwrap->st, 0, sizeof(nwrap->st));
1488 if (st.st_mtime == nwrap->st.st_mtime) {
1489 NWRAP_LOG(NWRAP_LOG_TRACE,
1490 "st_mtime[%u] hasn't changed, skip reload",
1491 (unsigned)st.st_mtime);
1495 NWRAP_LOG(NWRAP_LOG_TRACE,
1496 "st_mtime has changed [%u] => [%u], start reload",
1497 (unsigned)st.st_mtime,
1498 (unsigned)nwrap->st.st_mtime);
1502 nwrap_files_cache_unload(nwrap);
1504 ok = nwrap_parse_file(nwrap);
1506 NWRAP_LOG(NWRAP_LOG_ERROR, "Failed to reload %s", nwrap->path);
1507 nwrap_files_cache_unload(nwrap);
1510 NWRAP_LOG(NWRAP_LOG_TRACE, "Reloaded %s", nwrap->path);
1514 * the caller has to call nwrap_unload() on failure
1516 static bool nwrap_pw_parse_line(struct nwrap_cache *nwrap, char *line)
1518 struct nwrap_pw *nwrap_pw;
1525 nwrap_pw = (struct nwrap_pw *)nwrap->private_data;
1527 list_size = sizeof(*nwrap_pw->list) * (nwrap_pw->num+1);
1528 pw = (struct passwd *)realloc(nwrap_pw->list, list_size);
1530 NWRAP_LOG(NWRAP_LOG_ERROR,
1531 "realloc(%u) failed",
1532 (unsigned)list_size);
1535 nwrap_pw->list = pw;
1537 pw = &nwrap_pw->list[nwrap_pw->num];
1544 NWRAP_LOG(NWRAP_LOG_ERROR,
1545 "Invalid line[%s]: '%s'",
1555 NWRAP_LOG(NWRAP_LOG_TRACE, "name[%s]\n", pw->pw_name);
1560 NWRAP_LOG(NWRAP_LOG_ERROR, "Invalid line[%s]: '%s'", line, c);
1568 NWRAP_LOG(NWRAP_LOG_TRACE, "password[%s]\n", pw->pw_passwd);
1573 NWRAP_LOG(NWRAP_LOG_ERROR, "Invalid line[%s]: '%s'", line, c);
1579 pw->pw_uid = (uid_t)strtoul(c, &e, 10);
1581 NWRAP_LOG(NWRAP_LOG_ERROR,
1582 "Invalid line[%s]: '%s' - %s",
1583 line, c, strerror(errno));
1587 NWRAP_LOG(NWRAP_LOG_ERROR,
1588 "Invalid line[%s]: '%s' - %s",
1589 line, c, strerror(errno));
1593 NWRAP_LOG(NWRAP_LOG_ERROR,
1594 "Invalid line[%s]: '%s' - %s",
1595 line, c, strerror(errno));
1600 NWRAP_LOG(NWRAP_LOG_TRACE, "uid[%u]", pw->pw_uid);
1605 NWRAP_LOG(NWRAP_LOG_ERROR, "Invalid line[%s]: '%s'", line, c);
1611 pw->pw_gid = (gid_t)strtoul(c, &e, 10);
1613 NWRAP_LOG(NWRAP_LOG_ERROR,
1614 "Invalid line[%s]: '%s' - %s",
1615 line, c, strerror(errno));
1619 NWRAP_LOG(NWRAP_LOG_ERROR,
1620 "Invalid line[%s]: '%s' - %s",
1621 line, c, strerror(errno));
1625 NWRAP_LOG(NWRAP_LOG_ERROR,
1626 "Invalid line[%s]: '%s' - %s",
1627 line, c, strerror(errno));
1632 NWRAP_LOG(NWRAP_LOG_TRACE, "gid[%u]\n", pw->pw_gid);
1637 NWRAP_LOG(NWRAP_LOG_ERROR, "invalid line[%s]: '%s'", line, c);
1645 NWRAP_LOG(NWRAP_LOG_TRACE, "gecos[%s]", pw->pw_gecos);
1650 NWRAP_LOG(NWRAP_LOG_ERROR, "'%s'", c);
1658 NWRAP_LOG(NWRAP_LOG_TRACE, "dir[%s]", pw->pw_dir);
1662 NWRAP_LOG(NWRAP_LOG_TRACE, "shell[%s]", pw->pw_shell);
1664 NWRAP_LOG(NWRAP_LOG_DEBUG,
1665 "Added user[%s:%s:%u:%u:%s:%s:%s]",
1666 pw->pw_name, pw->pw_passwd,
1667 pw->pw_uid, pw->pw_gid,
1668 pw->pw_gecos, pw->pw_dir, pw->pw_shell);
1674 static void nwrap_pw_unload(struct nwrap_cache *nwrap)
1676 struct nwrap_pw *nwrap_pw;
1677 nwrap_pw = (struct nwrap_pw *)nwrap->private_data;
1679 SAFE_FREE(nwrap_pw->list);
1684 static int nwrap_pw_copy_r(const struct passwd *src, struct passwd *dst,
1685 char *buf, size_t buflen, struct passwd **dstp)
1691 first = src->pw_name;
1693 last = src->pw_shell;
1694 while (*last) last++;
1696 ofs = PTR_DIFF(last + 1, first);
1698 if (ofs > (off_t) buflen) {
1702 memcpy(buf, first, ofs);
1704 ofs = PTR_DIFF(src->pw_name, first);
1705 dst->pw_name = buf + ofs;
1706 ofs = PTR_DIFF(src->pw_passwd, first);
1707 dst->pw_passwd = buf + ofs;
1708 dst->pw_uid = src->pw_uid;
1709 dst->pw_gid = src->pw_gid;
1710 ofs = PTR_DIFF(src->pw_gecos, first);
1711 dst->pw_gecos = buf + ofs;
1712 ofs = PTR_DIFF(src->pw_dir, first);
1713 dst->pw_dir = buf + ofs;
1714 ofs = PTR_DIFF(src->pw_shell, first);
1715 dst->pw_shell = buf + ofs;
1724 static bool nwrap_sp_parse_line(struct nwrap_cache *nwrap, char *line)
1726 struct nwrap_sp *nwrap_sp;
1733 nwrap_sp = (struct nwrap_sp *)nwrap->private_data;
1735 list_size = sizeof(*nwrap_sp->list) * (nwrap_sp->num+1);
1736 sp = (struct spwd *)realloc(nwrap_sp->list, list_size);
1738 NWRAP_LOG(NWRAP_LOG_ERROR,
1739 "realloc(%u) failed",
1740 (unsigned)list_size);
1743 nwrap_sp->list = sp;
1745 sp = &nwrap_sp->list[nwrap_sp->num];
1752 NWRAP_LOG(NWRAP_LOG_ERROR,
1753 "name -- Invalid line[%s]: '%s'",
1763 NWRAP_LOG(NWRAP_LOG_TRACE, "name[%s]\n", sp->sp_namp);
1768 NWRAP_LOG(NWRAP_LOG_ERROR,
1769 "pwd -- Invalid line[%s]: '%s'",
1786 NWRAP_LOG(NWRAP_LOG_ERROR,
1787 "lstchg -- Invalid line[%s]: '%s'",
1794 sp->sp_lstchg = strtol(c, &e, 10);
1796 NWRAP_LOG(NWRAP_LOG_ERROR,
1797 "lstchg -- Invalid line[%s]: '%s' - %s",
1798 line, c, strerror(errno));
1802 NWRAP_LOG(NWRAP_LOG_ERROR,
1803 "lstchg -- Invalid line[%s]: '%s' - %s",
1804 line, c, strerror(errno));
1808 NWRAP_LOG(NWRAP_LOG_ERROR,
1809 "lstchg -- Invalid line[%s]: '%s' - %s",
1810 line, c, strerror(errno));
1823 NWRAP_LOG(NWRAP_LOG_ERROR,
1824 "min -- Invalid line[%s]: '%s'",
1831 sp->sp_min = strtol(c, &e, 10);
1833 NWRAP_LOG(NWRAP_LOG_ERROR,
1834 "min -- Invalid line[%s]: '%s' - %s",
1835 line, c, strerror(errno));
1839 NWRAP_LOG(NWRAP_LOG_ERROR,
1840 "min -- Invalid line[%s]: '%s' - %s",
1841 line, c, strerror(errno));
1845 NWRAP_LOG(NWRAP_LOG_ERROR,
1846 "min -- Invalid line[%s]: '%s' - %s",
1847 line, c, strerror(errno));
1860 NWRAP_LOG(NWRAP_LOG_ERROR,
1861 "max -- Invalid line[%s]: '%s'",
1868 sp->sp_max = strtol(c, &e, 10);
1870 NWRAP_LOG(NWRAP_LOG_ERROR,
1871 "max -- Invalid line[%s]: '%s' - %s",
1872 line, c, strerror(errno));
1876 NWRAP_LOG(NWRAP_LOG_ERROR,
1877 "max -- Invalid line[%s]: '%s' - %s",
1878 line, c, strerror(errno));
1882 NWRAP_LOG(NWRAP_LOG_ERROR,
1883 "max -- Invalid line[%s]: '%s' - %s",
1884 line, c, strerror(errno));
1897 NWRAP_LOG(NWRAP_LOG_ERROR,
1898 "warn -- Invalid line[%s]: '%s'",
1905 sp->sp_warn = strtol(c, &e, 10);
1907 NWRAP_LOG(NWRAP_LOG_ERROR,
1908 "warn -- Invalid line[%s]: '%s' - %s",
1909 line, c, strerror(errno));
1913 NWRAP_LOG(NWRAP_LOG_ERROR,
1914 "warn -- Invalid line[%s]: '%s' - %s",
1915 line, c, strerror(errno));
1919 NWRAP_LOG(NWRAP_LOG_ERROR,
1920 "warn -- Invalid line[%s]: '%s' - %s",
1921 line, c, strerror(errno));
1934 NWRAP_LOG(NWRAP_LOG_ERROR,
1935 "inact -- Invalid line[%s]: '%s'",
1942 sp->sp_inact = strtol(c, &e, 10);
1944 NWRAP_LOG(NWRAP_LOG_ERROR,
1945 "inact -- Invalid line[%s]: '%s' - %s",
1946 line, c, strerror(errno));
1950 NWRAP_LOG(NWRAP_LOG_ERROR,
1951 "inact -- Invalid line[%s]: '%s' - %s",
1952 line, c, strerror(errno));
1956 NWRAP_LOG(NWRAP_LOG_ERROR,
1957 "inact -- Invalid line[%s]: '%s' - %s",
1958 line, c, strerror(errno));
1971 NWRAP_LOG(NWRAP_LOG_ERROR,
1972 "expire -- Invalid line[%s]: '%s'",
1979 sp->sp_expire = strtol(c, &e, 10);
1981 NWRAP_LOG(NWRAP_LOG_ERROR,
1982 "expire -- Invalid line[%s]: '%s' - %s",
1983 line, c, strerror(errno));
1987 NWRAP_LOG(NWRAP_LOG_ERROR,
1988 "expire -- Invalid line[%s]: '%s' - %s",
1989 line, c, strerror(errno));
1993 NWRAP_LOG(NWRAP_LOG_ERROR,
1994 "expire -- Invalid line[%s]: '%s' - %s",
1995 line, c, strerror(errno));
2005 static void nwrap_sp_unload(struct nwrap_cache *nwrap)
2007 struct nwrap_sp *nwrap_sp;
2008 nwrap_sp = (struct nwrap_sp *)nwrap->private_data;
2010 SAFE_FREE(nwrap_sp->list);
2016 * the caller has to call nwrap_unload() on failure
2018 static bool nwrap_gr_parse_line(struct nwrap_cache *nwrap, char *line)
2020 struct nwrap_gr *nwrap_gr;
2028 nwrap_gr = (struct nwrap_gr *)nwrap->private_data;
2030 list_size = sizeof(*nwrap_gr->list) * (nwrap_gr->num+1);
2031 gr = (struct group *)realloc(nwrap_gr->list, list_size);
2033 NWRAP_LOG(NWRAP_LOG_ERROR, "realloc failed");
2036 nwrap_gr->list = gr;
2038 gr = &nwrap_gr->list[nwrap_gr->num];
2045 NWRAP_LOG(NWRAP_LOG_ERROR, "Invalid line[%s]: '%s'", line, c);
2053 NWRAP_LOG(NWRAP_LOG_TRACE, "name[%s]", gr->gr_name);
2058 NWRAP_LOG(NWRAP_LOG_ERROR, "Invalid line[%s]: '%s'", line, c);
2066 NWRAP_LOG(NWRAP_LOG_TRACE, "password[%s]", gr->gr_passwd);
2071 NWRAP_LOG(NWRAP_LOG_ERROR, "Invalid line[%s]: '%s'", line, c);
2077 gr->gr_gid = (gid_t)strtoul(c, &e, 10);
2079 NWRAP_LOG(NWRAP_LOG_ERROR,
2080 "Invalid line[%s]: '%s' - %s",
2081 line, c, strerror(errno));
2085 NWRAP_LOG(NWRAP_LOG_ERROR,
2086 "Invalid line[%s]: '%s' - %s",
2087 line, c, strerror(errno));
2091 NWRAP_LOG(NWRAP_LOG_ERROR,
2092 "Invalid line[%s]: '%s' - %s",
2093 line, c, strerror(errno));
2098 NWRAP_LOG(NWRAP_LOG_TRACE, "gid[%u]", gr->gr_gid);
2101 gr->gr_mem = (char **)malloc(sizeof(char *));
2103 NWRAP_LOG(NWRAP_LOG_ERROR, "Out of memory");
2106 gr->gr_mem[0] = NULL;
2108 for(nummem=0; p; nummem++) {
2118 if (strlen(c) == 0) {
2122 m_size = sizeof(char *) * (nummem+2);
2123 m = (char **)realloc(gr->gr_mem, m_size);
2125 NWRAP_LOG(NWRAP_LOG_ERROR,
2126 "realloc(%zd) failed",
2131 gr->gr_mem[nummem] = c;
2132 gr->gr_mem[nummem+1] = NULL;
2134 NWRAP_LOG(NWRAP_LOG_TRACE,
2136 nummem, gr->gr_mem[nummem]);
2139 NWRAP_LOG(NWRAP_LOG_DEBUG,
2140 "Added group[%s:%s:%u:] with %u members",
2141 gr->gr_name, gr->gr_passwd, gr->gr_gid, nummem);
2147 static void nwrap_gr_unload(struct nwrap_cache *nwrap)
2150 struct nwrap_gr *nwrap_gr;
2151 nwrap_gr = (struct nwrap_gr *)nwrap->private_data;
2153 if (nwrap_gr->list) {
2154 for (i=0; i < nwrap_gr->num; i++) {
2155 SAFE_FREE(nwrap_gr->list[i].gr_mem);
2157 SAFE_FREE(nwrap_gr->list);
2164 static int nwrap_gr_copy_r(const struct group *src, struct group *dst,
2165 char *buf, size_t buflen, struct group **dstp)
2175 first = src->gr_name;
2177 lastm = src->gr_mem;
2184 last = src->gr_passwd;
2186 while (*last) last++;
2188 ofsb = PTR_DIFF(last + 1, first);
2189 ofsm = PTR_DIFF(lastm + 1, src->gr_mem);
2191 if ((ofsb + ofsm) > (off_t) buflen) {
2195 memcpy(buf, first, ofsb);
2196 memcpy(buf + ofsb, src->gr_mem, ofsm);
2198 ofs = PTR_DIFF(src->gr_name, first);
2199 dst->gr_name = buf + ofs;
2200 ofs = PTR_DIFF(src->gr_passwd, first);
2201 dst->gr_passwd = buf + ofs;
2202 dst->gr_gid = src->gr_gid;
2204 dst->gr_mem = (char **)(buf + ofsb);
2205 for (i=0; src->gr_mem[i]; i++) {
2206 ofs = PTR_DIFF(src->gr_mem[i], first);
2207 dst->gr_mem[i] = buf + ofs;
2217 static bool nwrap_he_parse_line(struct nwrap_cache *nwrap, char *line)
2219 struct nwrap_he *nwrap_he = (struct nwrap_he *)nwrap->private_data;
2220 struct nwrap_entdata *ed;
2222 bool do_aliases = true;
2223 ssize_t aliases_count = 0;
2228 list_size = sizeof(struct nwrap_entdata) * (nwrap_he->num + 1);
2230 ed = (struct nwrap_entdata *)realloc(nwrap_he->list, list_size);
2232 NWRAP_LOG(NWRAP_LOG_ERROR, "realloc[%zd] failed", list_size);
2235 nwrap_he->list = ed;
2237 /* set it to the last element */
2238 ed = &(nwrap_he->list[nwrap_he->num]);
2240 ed->addr = malloc(sizeof(struct nwrap_addrdata));
2241 if (ed->addr == NULL) {
2242 NWRAP_LOG(NWRAP_LOG_ERROR, "realloc[%zd] failed", list_size);
2252 /* Walk to first char */
2253 for (p = i; *p != '.' && *p != ':' && !isxdigit((int) *p); p++) {
2255 NWRAP_LOG(NWRAP_LOG_ERROR,
2256 "Invalid line[%s]: '%s'",
2262 for (i = p; !isspace((int)*p); p++) {
2264 NWRAP_LOG(NWRAP_LOG_ERROR,
2265 "Invalid line[%s]: '%s'",
2273 if (inet_pton(AF_INET, i, ed->addr->host_addr)) {
2274 ed->ht.h_addrtype = AF_INET;
2275 ed->ht.h_length = 4;
2277 } else if (inet_pton(AF_INET6, i, ed->addr->host_addr)) {
2278 ed->ht.h_addrtype = AF_INET6;
2279 ed->ht.h_length = 16;
2282 NWRAP_LOG(NWRAP_LOG_ERROR,
2283 "Invalid line[%s]: '%s'",
2289 ed->addr->h_addr_ptrs[0] = (char *)ed->addr->host_addr;
2290 ed->addr->h_addr_ptrs[1] = NULL;
2292 ed->ht.h_addr_list = ed->addr->h_addr_ptrs;
2300 /* Walk to first char */
2301 for (n = p; *p != '_' && !isalnum((int) *p); p++) {
2303 NWRAP_LOG(NWRAP_LOG_ERROR,
2304 "Invalid line[%s]: '%s'",
2311 for (n = p; !isspace((int)*p); p++) {
2322 /* glib's getent always dereferences he->h_aliases */
2323 ed->ht.h_aliases = malloc(sizeof(char *));
2324 if (ed->ht.h_aliases == NULL) {
2327 ed->ht.h_aliases[0] = NULL;
2332 while (do_aliases) {
2338 /* Walk to first char */
2339 for (a = p; *p != '_' && !isalnum((int) *p); p++) {
2345 /* Only trailing spaces are left */
2350 for (a = p; !isspace((int)*p); p++) {
2359 aliases = realloc(ed->ht.h_aliases, sizeof(char *) * (aliases_count + 2));
2360 if (aliases == NULL) {
2363 ed->ht.h_aliases = aliases;
2365 aliases[aliases_count] = a;
2366 aliases[aliases_count + 1] = NULL;
2375 static void nwrap_he_unload(struct nwrap_cache *nwrap)
2377 struct nwrap_he *nwrap_he =
2378 (struct nwrap_he *)nwrap->private_data;
2381 if (nwrap_he->list != NULL) {
2382 for (i = 0; i < nwrap_he->num; i++) {
2383 SAFE_FREE(nwrap_he->list[i].ht.h_aliases);
2384 SAFE_FREE(nwrap_he->list[i].addr);
2386 SAFE_FREE(nwrap_he->list);
2394 /* user functions */
2395 static struct passwd *nwrap_files_getpwnam(struct nwrap_backend *b,
2400 (void) b; /* unused */
2402 NWRAP_LOG(NWRAP_LOG_DEBUG, "Lookup user %s in files", name);
2404 nwrap_files_cache_reload(nwrap_pw_global.cache);
2406 for (i=0; i<nwrap_pw_global.num; i++) {
2407 if (strcmp(nwrap_pw_global.list[i].pw_name, name) == 0) {
2408 NWRAP_LOG(NWRAP_LOG_DEBUG, "user[%s] found", name);
2409 return &nwrap_pw_global.list[i];
2411 NWRAP_LOG(NWRAP_LOG_DEBUG,
2412 "user[%s] does not match [%s]",
2414 nwrap_pw_global.list[i].pw_name);
2417 NWRAP_LOG(NWRAP_LOG_DEBUG, "user[%s] not found\n", name);
2423 static int nwrap_files_getpwnam_r(struct nwrap_backend *b,
2424 const char *name, struct passwd *pwdst,
2425 char *buf, size_t buflen, struct passwd **pwdstp)
2429 pw = nwrap_files_getpwnam(b, name);
2437 return nwrap_pw_copy_r(pw, pwdst, buf, buflen, pwdstp);
2440 static struct passwd *nwrap_files_getpwuid(struct nwrap_backend *b,
2445 (void) b; /* unused */
2447 nwrap_files_cache_reload(nwrap_pw_global.cache);
2449 for (i=0; i<nwrap_pw_global.num; i++) {
2450 if (nwrap_pw_global.list[i].pw_uid == uid) {
2451 NWRAP_LOG(NWRAP_LOG_DEBUG, "uid[%u] found", uid);
2452 return &nwrap_pw_global.list[i];
2454 NWRAP_LOG(NWRAP_LOG_DEBUG,
2455 "uid[%u] does not match [%u]",
2457 nwrap_pw_global.list[i].pw_uid);
2460 NWRAP_LOG(NWRAP_LOG_DEBUG, "uid[%u] not found\n", uid);
2466 static int nwrap_files_getpwuid_r(struct nwrap_backend *b,
2467 uid_t uid, struct passwd *pwdst,
2468 char *buf, size_t buflen, struct passwd **pwdstp)
2472 pw = nwrap_files_getpwuid(b, uid);
2480 return nwrap_pw_copy_r(pw, pwdst, buf, buflen, pwdstp);
2483 /* user enum functions */
2484 static void nwrap_files_setpwent(struct nwrap_backend *b)
2486 (void) b; /* unused */
2488 nwrap_pw_global.idx = 0;
2491 static struct passwd *nwrap_files_getpwent(struct nwrap_backend *b)
2495 (void) b; /* unused */
2497 if (nwrap_pw_global.idx == 0) {
2498 nwrap_files_cache_reload(nwrap_pw_global.cache);
2501 if (nwrap_pw_global.idx >= nwrap_pw_global.num) {
2506 pw = &nwrap_pw_global.list[nwrap_pw_global.idx++];
2508 NWRAP_LOG(NWRAP_LOG_DEBUG,
2509 "return user[%s] uid[%u]",
2510 pw->pw_name, pw->pw_uid);
2515 static int nwrap_files_getpwent_r(struct nwrap_backend *b,
2516 struct passwd *pwdst, char *buf,
2517 size_t buflen, struct passwd **pwdstp)
2521 pw = nwrap_files_getpwent(b);
2529 return nwrap_pw_copy_r(pw, pwdst, buf, buflen, pwdstp);
2532 static void nwrap_files_endpwent(struct nwrap_backend *b)
2534 (void) b; /* unused */
2536 nwrap_pw_global.idx = 0;
2539 /* misc functions */
2540 static int nwrap_files_initgroups(struct nwrap_backend *b,
2549 groups = (gid_t *)malloc(size * sizeof(gid_t));
2550 if (groups == NULL) {
2551 NWRAP_LOG(NWRAP_LOG_ERROR, "Out of memory");
2557 nwrap_files_setgrent(b);
2558 while ((grp = nwrap_files_getgrent(b)) != NULL) {
2561 NWRAP_LOG(NWRAP_LOG_DEBUG,
2562 "Inspecting %s for group membership",
2565 for (i=0; grp->gr_mem && grp->gr_mem[i] != NULL; i++) {
2566 if (group != grp->gr_gid &&
2567 (strcmp(user, grp->gr_mem[i]) == 0)) {
2568 NWRAP_LOG(NWRAP_LOG_DEBUG,
2569 "%s is member of %s",
2573 groups = (gid_t *)realloc(groups,
2574 (size + 1) * sizeof(gid_t));
2575 if (groups == NULL) {
2576 NWRAP_LOG(NWRAP_LOG_ERROR,
2582 groups[size] = grp->gr_gid;
2588 nwrap_files_endgrent(b);
2590 NWRAP_LOG(NWRAP_LOG_DEBUG,
2591 "%s is member of %d groups",
2594 /* This really only works if uid_wrapper is loaded */
2595 rc = setgroups(size, groups);
2602 /* group functions */
2603 static struct group *nwrap_files_getgrnam(struct nwrap_backend *b,
2608 (void) b; /* unused */
2610 nwrap_files_cache_reload(nwrap_gr_global.cache);
2612 for (i=0; i<nwrap_gr_global.num; i++) {
2613 if (strcmp(nwrap_gr_global.list[i].gr_name, name) == 0) {
2614 NWRAP_LOG(NWRAP_LOG_DEBUG, "group[%s] found", name);
2615 return &nwrap_gr_global.list[i];
2617 NWRAP_LOG(NWRAP_LOG_DEBUG,
2618 "group[%s] does not match [%s]",
2620 nwrap_gr_global.list[i].gr_name);
2623 NWRAP_LOG(NWRAP_LOG_DEBUG, "group[%s] not found", name);
2629 static int nwrap_files_getgrnam_r(struct nwrap_backend *b,
2630 const char *name, struct group *grdst,
2631 char *buf, size_t buflen, struct group **grdstp)
2635 gr = nwrap_files_getgrnam(b, name);
2643 return nwrap_gr_copy_r(gr, grdst, buf, buflen, grdstp);
2646 static struct group *nwrap_files_getgrgid(struct nwrap_backend *b,
2651 (void) b; /* unused */
2653 nwrap_files_cache_reload(nwrap_gr_global.cache);
2655 for (i=0; i<nwrap_gr_global.num; i++) {
2656 if (nwrap_gr_global.list[i].gr_gid == gid) {
2657 NWRAP_LOG(NWRAP_LOG_DEBUG, "gid[%u] found", gid);
2658 return &nwrap_gr_global.list[i];
2660 NWRAP_LOG(NWRAP_LOG_DEBUG,
2661 "gid[%u] does not match [%u]",
2663 nwrap_gr_global.list[i].gr_gid);
2666 NWRAP_LOG(NWRAP_LOG_DEBUG, "gid[%u] not found", gid);
2672 static int nwrap_files_getgrgid_r(struct nwrap_backend *b,
2673 gid_t gid, struct group *grdst,
2674 char *buf, size_t buflen, struct group **grdstp)
2678 gr = nwrap_files_getgrgid(b, gid);
2686 return nwrap_gr_copy_r(gr, grdst, buf, buflen, grdstp);
2689 /* group enum functions */
2690 static void nwrap_files_setgrent(struct nwrap_backend *b)
2692 (void) b; /* unused */
2694 nwrap_gr_global.idx = 0;
2697 static struct group *nwrap_files_getgrent(struct nwrap_backend *b)
2701 (void) b; /* unused */
2703 if (nwrap_gr_global.idx == 0) {
2704 nwrap_files_cache_reload(nwrap_gr_global.cache);
2707 if (nwrap_gr_global.idx >= nwrap_gr_global.num) {
2712 gr = &nwrap_gr_global.list[nwrap_gr_global.idx++];
2714 NWRAP_LOG(NWRAP_LOG_DEBUG,
2715 "return group[%s] gid[%u]",
2716 gr->gr_name, gr->gr_gid);
2721 static int nwrap_files_getgrent_r(struct nwrap_backend *b,
2722 struct group *grdst, char *buf,
2723 size_t buflen, struct group **grdstp)
2727 gr = nwrap_files_getgrent(b);
2735 return nwrap_gr_copy_r(gr, grdst, buf, buflen, grdstp);
2738 static void nwrap_files_endgrent(struct nwrap_backend *b)
2740 (void) b; /* unused */
2742 nwrap_gr_global.idx = 0;
2745 /* hosts functions */
2746 static struct hostent *nwrap_files_gethostbyname(const char *name, int af)
2749 char canon_name[DNS_NAME_MAX] = { 0 };
2753 nwrap_files_cache_reload(nwrap_he_global.cache);
2755 name_len = strlen(name);
2756 if (name_len < sizeof(canon_name) && name[name_len - 1] == '.') {
2757 strncpy(canon_name, name, name_len - 1);
2761 for (i = 0; i < nwrap_he_global.num; i++) {
2764 he = &nwrap_he_global.list[i].ht;
2766 /* Filter by address familiy if provided */
2767 if (af != AF_UNSPEC && he->h_addrtype != af) {
2771 if (strcasecmp(he->h_name, name) == 0) {
2772 NWRAP_LOG(NWRAP_LOG_DEBUG, "name[%s] found", name);
2776 if (he->h_aliases == NULL) {
2780 for (j = 0; he->h_aliases[j] != NULL; j++) {
2781 if (strcasecmp(he->h_aliases[j], name) == 0) {
2782 NWRAP_LOG(NWRAP_LOG_DEBUG,
2794 #ifdef HAVE_GETHOSTBYNAME_R
2795 static int nwrap_gethostbyname_r(const char *name,
2796 struct hostent *ret,
2797 char *buf, size_t buflen,
2798 struct hostent **result, int *h_errnop)
2800 *result = nwrap_files_gethostbyname(name, AF_UNSPEC);
2801 if (*result != NULL) {
2802 memset(buf, '\0', buflen);
2806 *h_errnop = h_errno;
2811 int gethostbyname_r(const char *name,
2812 struct hostent *ret,
2813 char *buf, size_t buflen,
2814 struct hostent **result, int *h_errnop)
2816 if (!nss_wrapper_hosts_enabled()) {
2817 return libc_gethostbyname_r(name,
2825 return nwrap_gethostbyname_r(name, ret, buf, buflen, result, h_errnop);
2829 static struct hostent *nwrap_files_gethostbyaddr(const void *addr,
2830 socklen_t len, int type)
2833 char ip[NWRAP_INET_ADDRSTRLEN] = {0};
2837 (void) len; /* unused */
2839 nwrap_files_cache_reload(nwrap_he_global.cache);
2841 a = inet_ntop(type, addr, ip, sizeof(ip));
2847 for (i = 0; i < nwrap_he_global.num; i++) {
2848 he = &nwrap_he_global.list[i].ht;
2850 if (he->h_addrtype != type) {
2854 if (memcmp(addr, he->h_addr_list[0], he->h_length) == 0) {
2863 #ifdef HAVE_GETHOSTBYADDR_R
2864 static int nwrap_gethostbyaddr_r(const void *addr, socklen_t len, int type,
2865 struct hostent *ret,
2866 char *buf, size_t buflen,
2867 struct hostent **result, int *h_errnop)
2869 *result = nwrap_files_gethostbyaddr(addr, len, type);
2870 if (*result != NULL) {
2871 memset(buf, '\0', buflen);
2875 *h_errnop = h_errno;
2880 int gethostbyaddr_r(const void *addr, socklen_t len, int type,
2881 struct hostent *ret,
2882 char *buf, size_t buflen,
2883 struct hostent **result, int *h_errnop)
2885 if (!nss_wrapper_hosts_enabled()) {
2886 return libc_gethostbyaddr_r(addr,
2896 return nwrap_gethostbyaddr_r(addr, len, type, ret, buf, buflen, result, h_errnop);
2900 /* hosts enum functions */
2901 static void nwrap_files_sethostent(void)
2903 nwrap_he_global.idx = 0;
2906 static struct hostent *nwrap_files_gethostent(void)
2910 if (nwrap_he_global.idx == 0) {
2911 nwrap_files_cache_reload(nwrap_he_global.cache);
2914 if (nwrap_he_global.idx >= nwrap_he_global.num) {
2919 he = &nwrap_he_global.list[nwrap_he_global.idx++].ht;
2921 NWRAP_LOG(NWRAP_LOG_DEBUG, "return hosts[%s]", he->h_name);
2926 static void nwrap_files_endhostent(void)
2928 nwrap_he_global.idx = 0;
2936 static struct passwd *nwrap_module_getpwnam(struct nwrap_backend *b,
2939 static struct passwd pwd;
2940 static char buf[1000];
2943 if (!b->fns->_nss_getpwnam_r) {
2947 status = b->fns->_nss_getpwnam_r(name, &pwd, buf, sizeof(buf), &errno);
2948 if (status == NSS_STATUS_NOTFOUND) {
2951 if (status != NSS_STATUS_SUCCESS) {
2958 static int nwrap_module_getpwnam_r(struct nwrap_backend *b,
2959 const char *name, struct passwd *pwdst,
2960 char *buf, size_t buflen, struct passwd **pwdstp)
2964 (void) b; /* unused */
2965 (void) pwdst; /* unused */
2966 (void) pwdstp; /* unused */
2968 if (!b->fns->_nss_getpwnam_r) {
2969 return NSS_STATUS_NOTFOUND;
2972 ret = b->fns->_nss_getpwnam_r(name, pwdst, buf, buflen, &errno);
2974 case NSS_STATUS_SUCCESS:
2976 case NSS_STATUS_NOTFOUND:
2981 case NSS_STATUS_TRYAGAIN:
2994 static struct passwd *nwrap_module_getpwuid(struct nwrap_backend *b,
2997 static struct passwd pwd;
2998 static char buf[1000];
3001 if (!b->fns->_nss_getpwuid_r) {
3005 status = b->fns->_nss_getpwuid_r(uid, &pwd, buf, sizeof(buf), &errno);
3006 if (status == NSS_STATUS_NOTFOUND) {
3009 if (status != NSS_STATUS_SUCCESS) {
3015 static int nwrap_module_getpwuid_r(struct nwrap_backend *b,
3016 uid_t uid, struct passwd *pwdst,
3017 char *buf, size_t buflen, struct passwd **pwdstp)
3021 (void) pwdstp; /* unused */
3023 if (!b->fns->_nss_getpwuid_r) {
3027 ret = b->fns->_nss_getpwuid_r(uid, pwdst, buf, buflen, &errno);
3029 case NSS_STATUS_SUCCESS:
3031 case NSS_STATUS_NOTFOUND:
3036 case NSS_STATUS_TRYAGAIN:
3049 static void nwrap_module_setpwent(struct nwrap_backend *b)
3051 if (!b->fns->_nss_setpwent) {
3055 b->fns->_nss_setpwent();
3058 static struct passwd *nwrap_module_getpwent(struct nwrap_backend *b)
3060 static struct passwd pwd;
3061 static char buf[1000];
3064 if (!b->fns->_nss_getpwent_r) {
3068 status = b->fns->_nss_getpwent_r(&pwd, buf, sizeof(buf), &errno);
3069 if (status == NSS_STATUS_NOTFOUND) {
3072 if (status != NSS_STATUS_SUCCESS) {
3078 static int nwrap_module_getpwent_r(struct nwrap_backend *b,
3079 struct passwd *pwdst, char *buf,
3080 size_t buflen, struct passwd **pwdstp)
3084 (void) pwdstp; /* unused */
3086 if (!b->fns->_nss_getpwent_r) {
3090 ret = b->fns->_nss_getpwent_r(pwdst, buf, buflen, &errno);
3092 case NSS_STATUS_SUCCESS:
3094 case NSS_STATUS_NOTFOUND:
3099 case NSS_STATUS_TRYAGAIN:
3112 static void nwrap_module_endpwent(struct nwrap_backend *b)
3114 if (!b->fns->_nss_endpwent) {
3118 b->fns->_nss_endpwent();
3121 static int nwrap_module_initgroups(struct nwrap_backend *b,
3122 const char *user, gid_t group)
3128 if (!b->fns->_nss_initgroups) {
3129 return NSS_STATUS_UNAVAIL;
3132 return b->fns->_nss_initgroups(user, group, &start, &size, &groups, 0, &errno);
3135 static struct group *nwrap_module_getgrnam(struct nwrap_backend *b,
3138 static struct group grp;
3140 static int buflen = 1000;
3143 if (!b->fns->_nss_getgrnam_r) {
3148 buf = (char *)malloc(buflen);
3151 status = b->fns->_nss_getgrnam_r(name, &grp, buf, buflen, &errno);
3152 if (status == NSS_STATUS_TRYAGAIN) {
3154 buf = (char *)realloc(buf, buflen);
3160 if (status == NSS_STATUS_NOTFOUND) {
3164 if (status != NSS_STATUS_SUCCESS) {
3171 static int nwrap_module_getgrnam_r(struct nwrap_backend *b,
3172 const char *name, struct group *grdst,
3173 char *buf, size_t buflen, struct group **grdstp)
3177 (void) grdstp; /* unused */
3179 if (!b->fns->_nss_getgrnam_r) {
3183 ret = b->fns->_nss_getgrnam_r(name, grdst, buf, buflen, &errno);
3185 case NSS_STATUS_SUCCESS:
3187 case NSS_STATUS_NOTFOUND:
3192 case NSS_STATUS_TRYAGAIN:
3205 static struct group *nwrap_module_getgrgid(struct nwrap_backend *b,
3208 static struct group grp;
3210 static int buflen = 1000;
3213 if (!b->fns->_nss_getgrgid_r) {
3218 buf = (char *)malloc(buflen);
3222 status = b->fns->_nss_getgrgid_r(gid, &grp, buf, buflen, &errno);
3223 if (status == NSS_STATUS_TRYAGAIN) {
3225 buf = (char *)realloc(buf, buflen);
3231 if (status == NSS_STATUS_NOTFOUND) {
3235 if (status != NSS_STATUS_SUCCESS) {
3242 static int nwrap_module_getgrgid_r(struct nwrap_backend *b,
3243 gid_t gid, struct group *grdst,
3244 char *buf, size_t buflen, struct group **grdstp)
3248 (void) grdstp; /* unused */
3250 if (!b->fns->_nss_getgrgid_r) {
3254 ret = b->fns->_nss_getgrgid_r(gid, grdst, buf, buflen, &errno);
3256 case NSS_STATUS_SUCCESS:
3258 case NSS_STATUS_NOTFOUND:
3263 case NSS_STATUS_TRYAGAIN:
3276 static void nwrap_module_setgrent(struct nwrap_backend *b)
3278 if (!b->fns->_nss_setgrent) {
3282 b->fns->_nss_setgrent();
3285 static struct group *nwrap_module_getgrent(struct nwrap_backend *b)
3287 static struct group grp;
3289 static int buflen = 1024;
3292 if (!b->fns->_nss_getgrent_r) {
3297 buf = (char *)malloc(buflen);
3301 status = b->fns->_nss_getgrent_r(&grp, buf, buflen, &errno);
3302 if (status == NSS_STATUS_TRYAGAIN) {
3304 buf = (char *)realloc(buf, buflen);
3310 if (status == NSS_STATUS_NOTFOUND) {
3314 if (status != NSS_STATUS_SUCCESS) {
3321 static int nwrap_module_getgrent_r(struct nwrap_backend *b,
3322 struct group *grdst, char *buf,
3323 size_t buflen, struct group **grdstp)
3327 (void) grdstp; /* unused */
3329 if (!b->fns->_nss_getgrent_r) {
3333 ret = b->fns->_nss_getgrent_r(grdst, buf, buflen, &errno);
3335 case NSS_STATUS_SUCCESS:
3337 case NSS_STATUS_NOTFOUND:
3342 case NSS_STATUS_TRYAGAIN:
3355 static void nwrap_module_endgrent(struct nwrap_backend *b)
3357 if (!b->fns->_nss_endgrent) {
3361 b->fns->_nss_endgrent();
3364 /****************************************************************************
3366 ***************************************************************************/
3368 static struct passwd *nwrap_getpwnam(const char *name)
3373 for (i=0; i < nwrap_main_global->num_backends; i++) {
3374 struct nwrap_backend *b = &nwrap_main_global->backends[i];
3375 pwd = b->ops->nw_getpwnam(b, name);
3384 struct passwd *getpwnam(const char *name)
3386 if (!nss_wrapper_enabled()) {
3387 return libc_getpwnam(name);
3390 return nwrap_getpwnam(name);
3393 /****************************************************************************
3395 ***************************************************************************/
3397 static int nwrap_getpwnam_r(const char *name, struct passwd *pwdst,
3398 char *buf, size_t buflen, struct passwd **pwdstp)
3402 for (i=0; i < nwrap_main_global->num_backends; i++) {
3403 struct nwrap_backend *b = &nwrap_main_global->backends[i];
3404 ret = b->ops->nw_getpwnam_r(b, name, pwdst, buf, buflen, pwdstp);
3405 if (ret == ENOENT) {
3414 #ifdef HAVE_GETPWNAM_R
3415 # ifdef HAVE_SOLARIS_GETPWNAM_R
3416 int getpwnam_r(const char *name, struct passwd *pwdst,
3417 char *buf, int buflen, struct passwd **pwdstp)
3418 # else /* HAVE_SOLARIS_GETPWNAM_R */
3419 int getpwnam_r(const char *name, struct passwd *pwdst,
3420 char *buf, size_t buflen, struct passwd **pwdstp)
3421 # endif /* HAVE_SOLARIS_GETPWNAM_R */
3423 if (!nss_wrapper_enabled()) {
3424 return libc_getpwnam_r(name, pwdst, buf, buflen, pwdstp);
3427 return nwrap_getpwnam_r(name, pwdst, buf, buflen, pwdstp);
3431 /****************************************************************************
3433 ***************************************************************************/
3435 static struct passwd *nwrap_getpwuid(uid_t uid)
3440 for (i=0; i < nwrap_main_global->num_backends; i++) {
3441 struct nwrap_backend *b = &nwrap_main_global->backends[i];
3442 pwd = b->ops->nw_getpwuid(b, uid);
3451 struct passwd *getpwuid(uid_t uid)
3453 if (!nss_wrapper_enabled()) {
3454 return libc_getpwuid(uid);
3457 return nwrap_getpwuid(uid);
3460 /****************************************************************************
3462 ***************************************************************************/
3464 static int nwrap_getpwuid_r(uid_t uid, struct passwd *pwdst,
3465 char *buf, size_t buflen, struct passwd **pwdstp)
3469 for (i=0; i < nwrap_main_global->num_backends; i++) {
3470 struct nwrap_backend *b = &nwrap_main_global->backends[i];
3471 ret = b->ops->nw_getpwuid_r(b, uid, pwdst, buf, buflen, pwdstp);
3472 if (ret == ENOENT) {
3481 #ifdef HAVE_SOLARIS_GETPWUID_R
3482 int getpwuid_r(uid_t uid, struct passwd *pwdst,
3483 char *buf, int buflen, struct passwd **pwdstp)
3485 int getpwuid_r(uid_t uid, struct passwd *pwdst,
3486 char *buf, size_t buflen, struct passwd **pwdstp)
3489 if (!nss_wrapper_enabled()) {
3490 return libc_getpwuid_r(uid, pwdst, buf, buflen, pwdstp);
3493 return nwrap_getpwuid_r(uid, pwdst, buf, buflen, pwdstp);
3496 /****************************************************************************
3498 ***************************************************************************/
3500 static void nwrap_setpwent(void)
3504 for (i=0; i < nwrap_main_global->num_backends; i++) {
3505 struct nwrap_backend *b = &nwrap_main_global->backends[i];
3506 b->ops->nw_setpwent(b);
3512 if (!nss_wrapper_enabled()) {
3520 /****************************************************************************
3522 ***************************************************************************/
3524 static struct passwd *nwrap_getpwent(void)
3529 for (i=0; i < nwrap_main_global->num_backends; i++) {
3530 struct nwrap_backend *b = &nwrap_main_global->backends[i];
3531 pwd = b->ops->nw_getpwent(b);
3540 struct passwd *getpwent(void)
3542 if (!nss_wrapper_enabled()) {
3543 return libc_getpwent();
3546 return nwrap_getpwent();
3549 /****************************************************************************
3551 ***************************************************************************/
3553 static int nwrap_getpwent_r(struct passwd *pwdst, char *buf,
3554 size_t buflen, struct passwd **pwdstp)
3558 for (i=0; i < nwrap_main_global->num_backends; i++) {
3559 struct nwrap_backend *b = &nwrap_main_global->backends[i];
3560 ret = b->ops->nw_getpwent_r(b, pwdst, buf, buflen, pwdstp);
3561 if (ret == ENOENT) {
3570 #ifdef HAVE_SOLARIS_GETPWENT_R
3571 struct passwd *getpwent_r(struct passwd *pwdst, char *buf, int buflen)
3573 struct passwd *pwdstp = NULL;
3576 if (!nss_wrapper_enabled()) {
3577 return libc_getpwent_r(pwdst, buf, buflen);
3579 rc = nwrap_getpwent_r(pwdst, buf, buflen, &pwdstp);
3586 #else /* HAVE_SOLARIS_GETPWENT_R */
3587 int getpwent_r(struct passwd *pwdst, char *buf,
3588 size_t buflen, struct passwd **pwdstp)
3590 if (!nss_wrapper_enabled()) {
3591 return libc_getpwent_r(pwdst, buf, buflen, pwdstp);
3594 return nwrap_getpwent_r(pwdst, buf, buflen, pwdstp);
3596 #endif /* HAVE_SOLARIS_GETPWENT_R */
3598 /****************************************************************************
3600 ***************************************************************************/
3602 static void nwrap_endpwent(void)
3606 for (i=0; i < nwrap_main_global->num_backends; i++) {
3607 struct nwrap_backend *b = &nwrap_main_global->backends[i];
3608 b->ops->nw_endpwent(b);
3614 if (!nss_wrapper_enabled()) {
3622 /****************************************************************************
3624 ***************************************************************************/
3626 static int nwrap_initgroups(const char *user, gid_t group)
3630 for (i=0; i < nwrap_main_global->num_backends; i++) {
3631 struct nwrap_backend *b = &nwrap_main_global->backends[i];
3634 rc = b->ops->nw_initgroups(b, user, group);
3644 int initgroups(const char *user, gid_t group)
3646 if (!nss_wrapper_enabled()) {
3647 return libc_initgroups(user, group);
3650 return nwrap_initgroups(user, group);
3653 /****************************************************************************
3655 ***************************************************************************/
3657 static struct group *nwrap_getgrnam(const char *name)
3662 for (i=0; i < nwrap_main_global->num_backends; i++) {
3663 struct nwrap_backend *b = &nwrap_main_global->backends[i];
3664 grp = b->ops->nw_getgrnam(b, name);
3673 struct group *getgrnam(const char *name)
3675 if (!nss_wrapper_enabled()) {
3676 return libc_getgrnam(name);
3679 return nwrap_getgrnam(name);
3682 /****************************************************************************
3684 ***************************************************************************/
3686 static int nwrap_getgrnam_r(const char *name, struct group *grdst,
3687 char *buf, size_t buflen, struct group **grdstp)
3691 for (i=0; i < nwrap_main_global->num_backends; i++) {
3692 struct nwrap_backend *b = &nwrap_main_global->backends[i];
3693 ret = b->ops->nw_getgrnam_r(b, name, grdst, buf, buflen, grdstp);
3694 if (ret == ENOENT) {
3703 #ifdef HAVE_GETGRNAM_R
3704 # ifdef HAVE_SOLARIS_GETGRNAM_R
3705 int getgrnam_r(const char *name, struct group *grp,
3706 char *buf, int buflen, struct group **pgrp)
3707 # else /* HAVE_SOLARIS_GETGRNAM_R */
3708 int getgrnam_r(const char *name, struct group *grp,
3709 char *buf, size_t buflen, struct group **pgrp)
3710 # endif /* HAVE_SOLARIS_GETGRNAM_R */
3712 if (!nss_wrapper_enabled()) {
3713 return libc_getgrnam_r(name,
3720 return nwrap_getgrnam_r(name, grp, buf, buflen, pgrp);
3722 #endif /* HAVE_GETGRNAM_R */
3724 /****************************************************************************
3726 ***************************************************************************/
3728 static struct group *nwrap_getgrgid(gid_t gid)
3733 for (i=0; i < nwrap_main_global->num_backends; i++) {
3734 struct nwrap_backend *b = &nwrap_main_global->backends[i];
3735 grp = b->ops->nw_getgrgid(b, gid);
3744 struct group *getgrgid(gid_t gid)
3746 if (!nss_wrapper_enabled()) {
3747 return libc_getgrgid(gid);
3750 return nwrap_getgrgid(gid);
3753 /****************************************************************************
3755 ***************************************************************************/
3757 static int nwrap_getgrgid_r(gid_t gid, struct group *grdst,
3758 char *buf, size_t buflen, struct group **grdstp)
3762 for (i=0; i < nwrap_main_global->num_backends; i++) {
3763 struct nwrap_backend *b = &nwrap_main_global->backends[i];
3764 ret = b->ops->nw_getgrgid_r(b, gid, grdst, buf, buflen, grdstp);
3765 if (ret == ENOENT) {
3774 #ifdef HAVE_GETGRGID_R
3775 # ifdef HAVE_SOLARIS_GETGRGID_R
3776 int getgrgid_r(gid_t gid, struct group *grdst,
3777 char *buf, int buflen, struct group **grdstp)
3778 # else /* HAVE_SOLARIS_GETGRGID_R */
3779 int getgrgid_r(gid_t gid, struct group *grdst,
3780 char *buf, size_t buflen, struct group **grdstp)
3781 # endif /* HAVE_SOLARIS_GETGRGID_R */
3783 if (!nss_wrapper_enabled()) {
3784 return libc_getgrgid_r(gid, grdst, buf, buflen, grdstp);
3787 return nwrap_getgrgid_r(gid, grdst, buf, buflen, grdstp);
3791 /****************************************************************************
3793 ***************************************************************************/
3795 static void nwrap_setgrent(void)
3799 for (i=0; i < nwrap_main_global->num_backends; i++) {
3800 struct nwrap_backend *b = &nwrap_main_global->backends[i];
3801 b->ops->nw_setgrent(b);
3805 #ifdef HAVE_BSD_SETGRENT
3811 if (!nss_wrapper_enabled()) {
3819 #ifdef HAVE_BSD_SETGRENT
3826 /****************************************************************************
3828 ***************************************************************************/
3830 static struct group *nwrap_getgrent(void)
3835 for (i=0; i < nwrap_main_global->num_backends; i++) {
3836 struct nwrap_backend *b = &nwrap_main_global->backends[i];
3837 grp = b->ops->nw_getgrent(b);
3846 struct group *getgrent(void)
3848 if (!nss_wrapper_enabled()) {
3849 return libc_getgrent();
3852 return nwrap_getgrent();
3855 /****************************************************************************
3857 ***************************************************************************/
3859 static int nwrap_getgrent_r(struct group *grdst, char *buf,
3860 size_t buflen, struct group **grdstp)
3864 for (i=0; i < nwrap_main_global->num_backends; i++) {
3865 struct nwrap_backend *b = &nwrap_main_global->backends[i];
3866 ret = b->ops->nw_getgrent_r(b, grdst, buf, buflen, grdstp);
3867 if (ret == ENOENT) {
3876 #ifdef HAVE_SOLARIS_GETGRENT_R
3877 struct group *getgrent_r(struct group *src, char *buf, int buflen)
3879 struct group *grdstp = NULL;
3882 if (!nss_wrapper_enabled()) {
3883 return libc_getgrent_r(src, buf, buflen);
3886 rc = nwrap_getgrent_r(src, buf, buflen, &grdstp);
3893 #else /* HAVE_SOLARIS_GETGRENT_R */
3894 int getgrent_r(struct group *src, char *buf,
3895 size_t buflen, struct group **grdstp)
3897 if (!nss_wrapper_enabled()) {
3898 return libc_getgrent_r(src, buf, buflen, grdstp);
3901 return nwrap_getgrent_r(src, buf, buflen, grdstp);
3903 #endif /* HAVE_SOLARIS_GETGRENT_R */
3905 /****************************************************************************
3907 ***************************************************************************/
3909 static void nwrap_endgrent(void)
3913 for (i=0; i < nwrap_main_global->num_backends; i++) {
3914 struct nwrap_backend *b = &nwrap_main_global->backends[i];
3915 b->ops->nw_endgrent(b);
3921 if (!nss_wrapper_enabled()) {
3929 /****************************************************************************
3931 ***************************************************************************/
3933 #ifdef HAVE_GETGROUPLIST
3934 static int nwrap_getgrouplist(const char *user, gid_t group,
3935 gid_t *groups, int *ngroups)
3941 NWRAP_LOG(NWRAP_LOG_DEBUG, "getgrouplist called for %s", user);
3943 groups_tmp = (gid_t *)malloc(count * sizeof(gid_t));
3945 NWRAP_LOG(NWRAP_LOG_ERROR, "Out of memory");
3949 groups_tmp[0] = group;
3952 while ((grp = nwrap_getgrent()) != NULL) {
3955 NWRAP_LOG(NWRAP_LOG_DEBUG,
3956 "Inspecting %s for group membership",
3959 for (i=0; grp->gr_mem && grp->gr_mem[i] != NULL; i++) {
3961 if (group != grp->gr_gid &&
3962 (strcmp(user, grp->gr_mem[i]) == 0)) {
3964 NWRAP_LOG(NWRAP_LOG_DEBUG,
3965 "%s is member of %s",
3969 groups_tmp = (gid_t *)realloc(groups_tmp, (count + 1) * sizeof(gid_t));
3971 NWRAP_LOG(NWRAP_LOG_ERROR,
3976 groups_tmp[count] = grp->gr_gid;
3985 NWRAP_LOG(NWRAP_LOG_DEBUG,
3986 "%s is member of %d groups",
3989 if (*ngroups < count) {
3996 memcpy(groups, groups_tmp, count * sizeof(gid_t));
4002 int getgrouplist(const char *user, gid_t group, gid_t *groups, int *ngroups)
4004 if (!nss_wrapper_enabled()) {
4005 return libc_getgrouplist(user, group, groups, ngroups);
4008 return nwrap_getgrouplist(user, group, groups, ngroups);
4012 /**********************************************************
4014 **********************************************************/
4016 static void nwrap_sethostent(int stayopen) {
4017 (void) stayopen; /* ignored */
4019 nwrap_files_sethostent();
4022 #ifdef HAVE_SOLARIS_SETHOSTENT
4023 int sethostent(int stayopen)
4025 if (!nss_wrapper_hosts_enabled()) {
4026 libc_sethostent(stayopen);
4030 nwrap_sethostent(stayopen);
4034 #else /* HAVE_SOLARIS_SETHOSTENT */
4035 void sethostent(int stayopen)
4037 if (!nss_wrapper_hosts_enabled()) {
4038 libc_sethostent(stayopen);
4042 nwrap_sethostent(stayopen);
4044 #endif /* HAVE_SOLARIS_SETHOSTENT */
4046 static struct hostent *nwrap_gethostent(void)
4048 return nwrap_files_gethostent();
4051 struct hostent *gethostent(void) {
4052 if (!nss_wrapper_hosts_enabled()) {
4053 return libc_gethostent();
4056 return nwrap_gethostent();
4059 static void nwrap_endhostent(void) {
4060 nwrap_files_endhostent();
4063 #ifdef HAVE_SOLARIS_ENDHOSTENT
4064 int endhostent(void)
4066 if (!nss_wrapper_hosts_enabled()) {
4075 #else /* HAVE_SOLARIS_ENDHOSTENT */
4076 void endhostent(void)
4078 if (!nss_wrapper_hosts_enabled()) {
4085 #endif /* HAVE_SOLARIS_ENDHOSTENT */
4087 static struct hostent *nwrap_gethostbyname(const char *name)
4089 return nwrap_files_gethostbyname(name, AF_UNSPEC);
4092 struct hostent *gethostbyname(const char *name)
4094 if (!nss_wrapper_hosts_enabled()) {
4095 return libc_gethostbyname(name);
4098 return nwrap_gethostbyname(name);
4101 /* This is a GNU extension */
4102 #ifdef HAVE_GETHOSTBYNAME2
4103 static struct hostent *nwrap_gethostbyname2(const char *name, int af)
4105 return nwrap_files_gethostbyname(name, af);
4108 struct hostent *gethostbyname2(const char *name, int af)
4110 if (!nss_wrapper_hosts_enabled()) {
4111 return libc_gethostbyname2(name, af);
4114 return nwrap_gethostbyname2(name, af);
4118 static struct hostent *nwrap_gethostbyaddr(const void *addr,
4119 socklen_t len, int type)
4121 return nwrap_files_gethostbyaddr(addr, len, type);
4124 struct hostent *gethostbyaddr(const void *addr,
4125 socklen_t len, int type)
4127 if (!nss_wrapper_hosts_enabled()) {
4128 return libc_gethostbyaddr(addr, len, type);
4131 return nwrap_gethostbyaddr(addr, len, type);
4134 static const struct addrinfo default_hints =
4136 .ai_flags = AI_ADDRCONFIG|AI_V4MAPPED,
4137 .ai_family = AF_UNSPEC,
4142 .ai_canonname = NULL,
4146 static int nwrap_convert_he_ai(const struct hostent *he,
4147 unsigned short port,
4148 const struct addrinfo *hints,
4149 struct addrinfo **pai)
4151 struct addrinfo *ai;
4154 switch (he->h_addrtype) {
4156 socklen = sizeof(struct sockaddr_in);
4160 socklen = sizeof(struct sockaddr_in6);
4167 ai = (struct addrinfo *)malloc(sizeof(struct addrinfo) + socklen);
4173 ai->ai_family = he->h_addrtype;
4174 ai->ai_socktype = hints->ai_socktype;
4175 ai->ai_protocol = hints->ai_protocol;
4177 ai->ai_addrlen = socklen;
4178 ai->ai_addr = (void *)(ai + 1);
4180 #ifdef HAVE_STRUCT_SOCKADDR_SA_LEN
4181 ai->ai_addr->sa_len = socklen;
4183 ai->ai_addr->sa_family = he->h_addrtype;
4185 switch (he->h_addrtype) {
4188 struct sockaddr_in *sinp =
4189 (struct sockaddr_in *) ai->ai_addr;
4191 memset(sinp, 0, sizeof(struct sockaddr_in));
4193 sinp->sin_port = htons(port);
4194 sinp->sin_family = AF_INET;
4196 memset (sinp->sin_zero, '\0', sizeof (sinp->sin_zero));
4197 memcpy(&sinp->sin_addr, he->h_addr_list[0], he->h_length);
4204 struct sockaddr_in6 *sin6p =
4205 (struct sockaddr_in6 *) ai->ai_addr;
4207 memset(sin6p, 0, sizeof(struct sockaddr_in6));
4209 sin6p->sin6_port = htons(port);
4210 sin6p->sin6_family = AF_INET6;
4212 memcpy(&sin6p->sin6_addr, he->h_addr_list[0], he->h_length);
4221 ai->ai_canonname = strdup(he->h_name);
4222 if (ai->ai_canonname == NULL) {
4232 static int nwrap_getaddrinfo(const char *node,
4233 const char *service,
4234 const struct addrinfo *hints,
4235 struct addrinfo **res)
4237 struct addrinfo *ai = NULL;
4238 struct addrinfo *p = NULL;
4239 unsigned short port = 0;
4250 .family = AF_UNSPEC,
4252 int eai = EAI_SYSTEM;
4256 if (node == NULL && service == NULL) {
4260 ret = libc_getaddrinfo(node, service, hints, &p);
4265 /* If no node has been specified, let glibc deal with it */
4270 if (hints == NULL) {
4271 hints = &default_hints;
4274 if ((hints->ai_flags & AI_CANONNAME) && node == NULL) {
4275 return EAI_BADFLAGS;
4278 if (service != NULL && service[0] != '\0') {
4279 if (isdigit((int)service[0])) {
4280 port = (unsigned short)atoi(service);
4282 const char *proto = NULL;
4285 if (hints->ai_protocol != 0) {
4286 struct protoent *pent;
4288 pent = getprotobynumber(hints->ai_protocol);
4290 proto = pent->p_name;
4294 s = getservbyname(service, proto);
4296 port = ntohs(s->s_port);
4307 if (hints->ai_family == AF_UNSPEC || hints->ai_family == AF_INET) {
4308 rc = inet_pton(AF_INET, node, &addr.in.v4);
4311 addr.family = AF_INET;
4314 rc = inet_pton(AF_INET6, node, &addr.in.v6);
4316 addr.family = AF_INET6;
4321 if (addr.family == AF_INET) {
4322 he = nwrap_files_gethostbyaddr(&addr.in.v4,
4323 sizeof(struct in_addr),
4326 rc = nwrap_convert_he_ai(he, port, hints, &ai);
4332 } else if (addr.family == AF_INET6) {
4333 he = nwrap_files_gethostbyaddr(&addr.in.v6,
4334 sizeof(struct in6_addr),
4337 rc = nwrap_convert_he_ai(he, port, hints, &ai);
4345 he = nwrap_files_gethostbyname(node, hints->ai_family);
4347 rc = nwrap_convert_he_ai(he, port, hints, &ai);
4356 return ret == 0 ? 0 : eai;
4363 if (ai->ai_flags == 0) {
4364 ai->ai_flags = hints->ai_flags;
4366 if (ai->ai_socktype == 0) {
4367 ai->ai_socktype = SOCK_DGRAM;
4369 if (ai->ai_protocol == 0 && ai->ai_socktype == SOCK_DGRAM) {
4370 ai->ai_protocol = 17; /* UDP */
4371 } else if (ai->ai_protocol == 0 && ai->ai_socktype == SOCK_STREAM) {
4372 ai->ai_protocol = 6; /* TCP */
4375 if (hints->ai_socktype == 0) {
4377 rc = nwrap_convert_he_ai(he, port, hints, &ai->ai_next);
4383 if (ai->ai_next->ai_flags == 0) {
4384 ai->ai_next->ai_flags = hints->ai_flags;
4386 if (ai->ai_socktype == SOCK_DGRAM) {
4387 ai->ai_next->ai_socktype = SOCK_STREAM;
4388 } else if (ai->ai_socktype == SOCK_STREAM) {
4389 ai->ai_next->ai_socktype = SOCK_DGRAM;
4391 if (ai->ai_next->ai_socktype == SOCK_DGRAM) {
4392 ai->ai_next->ai_protocol = 17; /* UDP */
4393 } else if (ai->ai_next->ai_socktype == SOCK_STREAM) {
4394 ai->ai_next->ai_protocol = 6; /* TCP */
4403 int getaddrinfo(const char *node, const char *service,
4404 const struct addrinfo *hints,
4405 struct addrinfo **res)
4407 if (!nss_wrapper_hosts_enabled()) {
4408 return libc_getaddrinfo(node, service, hints, res);
4411 return nwrap_getaddrinfo(node, service, hints, res);
4414 static int nwrap_getnameinfo(const struct sockaddr *sa, socklen_t salen,
4415 char *host, size_t hostlen,
4416 char *serv, size_t servlen,
4420 struct servent *service;
4427 if (sa == NULL || salen < sizeof(sa_family_t)) {
4431 if ((flags & NI_NAMEREQD) && host == NULL && serv == NULL) {
4435 type = sa->sa_family;
4438 if (salen < sizeof(struct sockaddr_in))
4440 addr = &((const struct sockaddr_in *)sa)->sin_addr;
4441 addrlen = sizeof(((const struct sockaddr_in *)sa)->sin_addr);
4442 port = ntohs(((const struct sockaddr_in *)sa)->sin_port);
4446 if (salen < sizeof(struct sockaddr_in6))
4448 addr = &((const struct sockaddr_in6 *)sa)->sin6_addr;
4449 addrlen = sizeof(((const struct sockaddr_in6 *)sa)->sin6_addr);
4450 port = ntohs(((const struct sockaddr_in6 *)sa)->sin6_port);
4459 if ((flags & NI_NUMERICHOST) == 0) {
4460 he = nwrap_files_gethostbyaddr(addr, addrlen, type);
4461 if ((flags & NI_NAMEREQD) && (he == NULL || he->h_name == NULL))
4464 if (he != NULL && he->h_name != NULL) {
4465 if (strlen(he->h_name) >= hostlen)
4466 return EAI_OVERFLOW;
4467 strcpy(host, he->h_name);
4468 if (flags & NI_NOFQDN)
4469 host[strcspn(host, ".")] = '\0';
4471 if (inet_ntop(type, addr, host, hostlen) == NULL)
4472 return (errno == ENOSPC) ? EAI_OVERFLOW : EAI_FAIL;
4478 if ((flags & NI_NUMERICSERV) == 0) {
4479 proto = (flags & NI_DGRAM) ? "udp" : "tcp";
4480 service = getservbyport(htons(port), proto);
4482 if (service != NULL) {
4483 if (strlen(service->s_name) >= servlen)
4484 return EAI_OVERFLOW;
4485 strcpy(serv, service->s_name);
4487 if (snprintf(serv, servlen, "%u", port) >= (int) servlen)
4488 return EAI_OVERFLOW;
4495 #ifdef HAVE_LINUX_GETNAMEINFO
4496 int getnameinfo(const struct sockaddr *sa, socklen_t salen,
4497 char *host, socklen_t hostlen,
4498 char *serv, socklen_t servlen,
4500 #elif defined(HAVE_LINUX_GETNAMEINFO_UNSIGNED)
4501 int getnameinfo(const struct sockaddr *sa, socklen_t salen,
4502 char *host, socklen_t hostlen,
4503 char *serv, socklen_t servlen,
4506 int getnameinfo(const struct sockaddr *sa, socklen_t salen,
4507 char *host, size_t hostlen,
4508 char *serv, size_t servlen,
4512 if (!nss_wrapper_hosts_enabled()) {
4513 return libc_getnameinfo(sa, salen, host, hostlen, serv, servlen, flags);
4516 return nwrap_getnameinfo(sa, salen, host, hostlen, serv, servlen, flags);
4519 static int nwrap_gethostname(char *name, size_t len)
4521 const char *hostname = getenv("NSS_WRAPPER_HOSTNAME");
4523 if (strlen(hostname) >= len) {
4524 errno = ENAMETOOLONG;
4527 snprintf(name, len, "%s", hostname);
4532 #ifdef HAVE_SOLARIS_GETHOSTNAME
4533 int gethostname(char *name, int len)
4534 #else /* HAVE_SOLARIS_GETHOSTNAME */
4535 int gethostname(char *name, size_t len)
4536 #endif /* HAVE_SOLARIS_GETHOSTNAME */
4538 if (!nwrap_hostname_enabled()) {
4539 return libc_gethostname(name, len);
4542 return nwrap_gethostname(name, len);
4545 /****************************
4547 ***************************/
4550 * This function is called when the library is unloaded and makes sure that
4551 * sockets get closed and the unix file for the socket are unlinked.
4553 void nwrap_destructor(void)
4557 if (nwrap_main_global != NULL) {
4558 struct nwrap_main *m = nwrap_main_global;
4561 SAFE_FREE(m->libc->fns);
4562 if (m->libc->handle != NULL) {
4563 dlclose(m->libc->handle);
4565 if (m->libc->nsl_handle != NULL) {
4566 dlclose(m->libc->nsl_handle);
4568 if (m->libc->sock_handle != NULL) {
4569 dlclose(m->libc->sock_handle);
4574 for (i = 0; i < m->num_backends; i++) {
4575 struct nwrap_backend *b = &(m->backends[i]);
4577 if (b->so_handle != NULL) {
4578 dlclose(b->so_handle);
4582 SAFE_FREE(m->backends);
4585 if (nwrap_pw_global.cache != NULL) {
4586 struct nwrap_cache *c = nwrap_pw_global.cache;
4588 nwrap_files_cache_unload(c);
4593 SAFE_FREE(nwrap_pw_global.list);
4594 nwrap_pw_global.num = 0;
4597 if (nwrap_gr_global.cache != NULL) {
4598 struct nwrap_cache *c = nwrap_gr_global.cache;
4600 nwrap_files_cache_unload(c);
4605 SAFE_FREE(nwrap_gr_global.list);
4606 nwrap_pw_global.num = 0;
4609 if (nwrap_he_global.cache != NULL) {
4610 struct nwrap_cache *c = nwrap_he_global.cache;
4612 nwrap_files_cache_unload(c);
4617 SAFE_FREE(nwrap_he_global.list);
4618 nwrap_he_global.num = 0;