| 1 | /* Copyright (C) 1998-2022 Free Software Foundation, Inc. |
|---|
| 2 | This file is part of the GNU C Library. |
|---|
| 3 | |
|---|
| 4 | The GNU C Library is free software; you can redistribute it and/or |
|---|
| 5 | modify it under the terms of the GNU Lesser General Public |
|---|
| 6 | License as published by the Free Software Foundation; either |
|---|
| 7 | version 2.1 of the License, or (at your option) any later version. |
|---|
| 8 | |
|---|
| 9 | The GNU C Library is distributed in the hope that it will be useful, |
|---|
| 10 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
|---|
| 11 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
|---|
| 12 | Lesser General Public License for more details. |
|---|
| 13 | |
|---|
| 14 | You should have received a copy of the GNU Lesser General Public |
|---|
| 15 | License along with the GNU C Library; if not, see |
|---|
| 16 | <https://www.gnu.org/licenses/>. */ |
|---|
| 17 | |
|---|
| 18 | #include <assert.h> |
|---|
| 19 | #include <errno.h> |
|---|
| 20 | #include <pwd.h> |
|---|
| 21 | #include <stdint.h> |
|---|
| 22 | #include <stdio.h> |
|---|
| 23 | #include <stdlib.h> |
|---|
| 24 | #include <string.h> |
|---|
| 25 | #include <unistd.h> |
|---|
| 26 | #include <sys/mman.h> |
|---|
| 27 | #include <sys/socket.h> |
|---|
| 28 | #include <sys/uio.h> |
|---|
| 29 | #include <sys/un.h> |
|---|
| 30 | #include <not-cancel.h> |
|---|
| 31 | #include <_itoa.h> |
|---|
| 32 | |
|---|
| 33 | #include "nscd-client.h" |
|---|
| 34 | #include "nscd_proto.h" |
|---|
| 35 | |
|---|
| 36 | int __nss_not_use_nscd_passwd; |
|---|
| 37 | |
|---|
| 38 | static int nscd_getpw_r (const char *key, size_t keylen, request_type type, |
|---|
| 39 | struct passwd *resultbuf, char *buffer, |
|---|
| 40 | size_t buflen, struct passwd **result); |
|---|
| 41 | |
|---|
| 42 | int |
|---|
| 43 | __nscd_getpwnam_r (const char *name, struct passwd *resultbuf, char *buffer, |
|---|
| 44 | size_t buflen, struct passwd **result) |
|---|
| 45 | { |
|---|
| 46 | if (name == NULL) |
|---|
| 47 | return -1; |
|---|
| 48 | |
|---|
| 49 | return nscd_getpw_r (key: name, keylen: strlen (name) + 1, type: GETPWBYNAME, resultbuf, |
|---|
| 50 | buffer, buflen, result); |
|---|
| 51 | } |
|---|
| 52 | |
|---|
| 53 | int |
|---|
| 54 | __nscd_getpwuid_r (uid_t uid, struct passwd *resultbuf, char *buffer, |
|---|
| 55 | size_t buflen, struct passwd **result) |
|---|
| 56 | { |
|---|
| 57 | char buf[3 * sizeof (uid_t)]; |
|---|
| 58 | buf[sizeof (buf) - 1] = '\0'; |
|---|
| 59 | char *cp = _itoa_word (value: uid, buflim: buf + sizeof (buf) - 1, base: 10, upper_case: 0); |
|---|
| 60 | |
|---|
| 61 | return nscd_getpw_r (key: cp, keylen: buf + sizeof (buf) - cp, type: GETPWBYUID, resultbuf, |
|---|
| 62 | buffer, buflen, result); |
|---|
| 63 | } |
|---|
| 64 | |
|---|
| 65 | |
|---|
| 66 | libc_locked_map_ptr (static, map_handle); |
|---|
| 67 | /* Note that we only free the structure if necessary. The memory |
|---|
| 68 | mapping is not removed since it is not visible to the malloc |
|---|
| 69 | handling. */ |
|---|
| 70 | libc_freeres_fn (pw_map_free) |
|---|
| 71 | { |
|---|
| 72 | if (map_handle.mapped != NO_MAPPING) |
|---|
| 73 | { |
|---|
| 74 | void *p = map_handle.mapped; |
|---|
| 75 | map_handle.mapped = NO_MAPPING; |
|---|
| 76 | free (ptr: p); |
|---|
| 77 | } |
|---|
| 78 | } |
|---|
| 79 | |
|---|
| 80 | |
|---|
| 81 | static int |
|---|
| 82 | nscd_getpw_r (const char *key, size_t keylen, request_type type, |
|---|
| 83 | struct passwd *resultbuf, char *buffer, size_t buflen, |
|---|
| 84 | struct passwd **result) |
|---|
| 85 | { |
|---|
| 86 | int gc_cycle; |
|---|
| 87 | int nretries = 0; |
|---|
| 88 | |
|---|
| 89 | /* If the mapping is available, try to search there instead of |
|---|
| 90 | communicating with the nscd. */ |
|---|
| 91 | struct mapped_database *mapped; |
|---|
| 92 | mapped = __nscd_get_map_ref (type: GETFDPW, name: "passwd" , mapptr: &map_handle, gc_cyclep: &gc_cycle); |
|---|
| 93 | |
|---|
| 94 | retry:; |
|---|
| 95 | const char *pw_name = NULL; |
|---|
| 96 | int retval = -1; |
|---|
| 97 | const char *recend = (const char *) ~UINTMAX_C (0); |
|---|
| 98 | pw_response_header pw_resp; |
|---|
| 99 | |
|---|
| 100 | if (mapped != NO_MAPPING) |
|---|
| 101 | { |
|---|
| 102 | struct datahead *found = __nscd_cache_search (type, key, keylen, mapped, |
|---|
| 103 | datalen: sizeof pw_resp); |
|---|
| 104 | if (found != NULL) |
|---|
| 105 | { |
|---|
| 106 | pw_name = (const char *) (&found->data[0].pwdata + 1); |
|---|
| 107 | pw_resp = found->data[0].pwdata; |
|---|
| 108 | recend = (const char *) found->data + found->recsize; |
|---|
| 109 | /* Now check if we can trust pw_resp fields. If GC is |
|---|
| 110 | in progress, it can contain anything. */ |
|---|
| 111 | if (mapped->head->gc_cycle != gc_cycle) |
|---|
| 112 | { |
|---|
| 113 | retval = -2; |
|---|
| 114 | goto out; |
|---|
| 115 | } |
|---|
| 116 | } |
|---|
| 117 | } |
|---|
| 118 | |
|---|
| 119 | int sock = -1; |
|---|
| 120 | if (pw_name == NULL) |
|---|
| 121 | { |
|---|
| 122 | sock = __nscd_open_socket (key, keylen, type, response: &pw_resp, |
|---|
| 123 | responselen: sizeof (pw_resp)); |
|---|
| 124 | if (sock == -1) |
|---|
| 125 | { |
|---|
| 126 | __nss_not_use_nscd_passwd = 1; |
|---|
| 127 | goto out; |
|---|
| 128 | } |
|---|
| 129 | } |
|---|
| 130 | |
|---|
| 131 | /* No value found so far. */ |
|---|
| 132 | *result = NULL; |
|---|
| 133 | |
|---|
| 134 | if (__glibc_unlikely (pw_resp.found == -1)) |
|---|
| 135 | { |
|---|
| 136 | /* The daemon does not cache this database. */ |
|---|
| 137 | __nss_not_use_nscd_passwd = 1; |
|---|
| 138 | goto out_close; |
|---|
| 139 | } |
|---|
| 140 | |
|---|
| 141 | if (pw_resp.found == 1) |
|---|
| 142 | { |
|---|
| 143 | /* Set the information we already have. */ |
|---|
| 144 | resultbuf->pw_uid = pw_resp.pw_uid; |
|---|
| 145 | resultbuf->pw_gid = pw_resp.pw_gid; |
|---|
| 146 | |
|---|
| 147 | char *p = buffer; |
|---|
| 148 | /* get pw_name */ |
|---|
| 149 | resultbuf->pw_name = p; |
|---|
| 150 | p += pw_resp.pw_name_len; |
|---|
| 151 | /* get pw_passwd */ |
|---|
| 152 | resultbuf->pw_passwd = p; |
|---|
| 153 | p += pw_resp.pw_passwd_len; |
|---|
| 154 | /* get pw_gecos */ |
|---|
| 155 | resultbuf->pw_gecos = p; |
|---|
| 156 | p += pw_resp.pw_gecos_len; |
|---|
| 157 | /* get pw_dir */ |
|---|
| 158 | resultbuf->pw_dir = p; |
|---|
| 159 | p += pw_resp.pw_dir_len; |
|---|
| 160 | /* get pw_pshell */ |
|---|
| 161 | resultbuf->pw_shell = p; |
|---|
| 162 | p += pw_resp.pw_shell_len; |
|---|
| 163 | |
|---|
| 164 | ssize_t total = p - buffer; |
|---|
| 165 | if (__glibc_unlikely (pw_name + total > recend)) |
|---|
| 166 | goto out_close; |
|---|
| 167 | if (__glibc_unlikely (buflen < total)) |
|---|
| 168 | { |
|---|
| 169 | __set_errno (ERANGE); |
|---|
| 170 | retval = ERANGE; |
|---|
| 171 | goto out_close; |
|---|
| 172 | } |
|---|
| 173 | |
|---|
| 174 | retval = 0; |
|---|
| 175 | if (pw_name == NULL) |
|---|
| 176 | { |
|---|
| 177 | ssize_t nbytes = __readall (fd: sock, buf: buffer, len: total); |
|---|
| 178 | |
|---|
| 179 | if (__glibc_unlikely (nbytes != total)) |
|---|
| 180 | { |
|---|
| 181 | /* The `errno' to some value != ERANGE. */ |
|---|
| 182 | __set_errno (ENOENT); |
|---|
| 183 | retval = ENOENT; |
|---|
| 184 | } |
|---|
| 185 | else |
|---|
| 186 | *result = resultbuf; |
|---|
| 187 | } |
|---|
| 188 | else |
|---|
| 189 | { |
|---|
| 190 | /* Copy the various strings. */ |
|---|
| 191 | memcpy (resultbuf->pw_name, pw_name, total); |
|---|
| 192 | |
|---|
| 193 | /* Try to detect corrupt databases. */ |
|---|
| 194 | if (resultbuf->pw_name[pw_resp.pw_name_len - 1] != '\0' |
|---|
| 195 | || resultbuf->pw_passwd[pw_resp.pw_passwd_len - 1] != '\0' |
|---|
| 196 | || resultbuf->pw_gecos[pw_resp.pw_gecos_len - 1] != '\0' |
|---|
| 197 | || resultbuf->pw_dir[pw_resp.pw_dir_len - 1] != '\0' |
|---|
| 198 | || resultbuf->pw_shell[pw_resp.pw_shell_len - 1] != '\0') |
|---|
| 199 | { |
|---|
| 200 | /* We cannot use the database. */ |
|---|
| 201 | retval = mapped->head->gc_cycle != gc_cycle ? -2 : -1; |
|---|
| 202 | goto out_close; |
|---|
| 203 | } |
|---|
| 204 | |
|---|
| 205 | *result = resultbuf; |
|---|
| 206 | } |
|---|
| 207 | } |
|---|
| 208 | else |
|---|
| 209 | { |
|---|
| 210 | /* Set errno to 0 to indicate no error, just no found record. */ |
|---|
| 211 | __set_errno (0); |
|---|
| 212 | /* Even though we have not found anything, the result is zero. */ |
|---|
| 213 | retval = 0; |
|---|
| 214 | } |
|---|
| 215 | |
|---|
| 216 | out_close: |
|---|
| 217 | if (sock != -1) |
|---|
| 218 | __close_nocancel_nostatus (fd: sock); |
|---|
| 219 | out: |
|---|
| 220 | if (__nscd_drop_map_ref (map: mapped, gc_cycle: &gc_cycle) != 0) |
|---|
| 221 | { |
|---|
| 222 | /* When we come here this means there has been a GC cycle while we |
|---|
| 223 | were looking for the data. This means the data might have been |
|---|
| 224 | inconsistent. Retry if possible. */ |
|---|
| 225 | if ((gc_cycle & 1) != 0 || ++nretries == 5 || retval == -1) |
|---|
| 226 | { |
|---|
| 227 | /* nscd is just running gc now. Disable using the mapping. */ |
|---|
| 228 | if (atomic_decrement_val (&mapped->counter) == 0) |
|---|
| 229 | __nscd_unmap (mapped); |
|---|
| 230 | mapped = NO_MAPPING; |
|---|
| 231 | } |
|---|
| 232 | |
|---|
| 233 | if (retval != -1) |
|---|
| 234 | goto retry; |
|---|
| 235 | } |
|---|
| 236 | |
|---|
| 237 | return retval; |
|---|
| 238 | } |
|---|
| 239 | |
|---|
