3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
23 */
24
25 #include "ldap_common.h"
26 #include <malloc.h>
27 #include <synch.h>
28 #include <syslog.h>
29 #include <rpcsvc/ypclnt.h>
30 #include <rpcsvc/yp_prot.h>
31 #include <thread.h>
32 #include <ctype.h>
33 #include <stdlib.h>
34 #include <signal.h>
35 #include <sys/stat.h>
36
37 /* getent attributes filters */
38 #define _F_GETALIASENT "(objectClass=rfc822MailGroup)"
39 #define _F_GETAUTHNAME "(objectClass=SolarisAuthAttr)"
40 #define _F_GETAUUSERNAME "(objectClass=SolarisAuditUser)"
41 #define _F_GETEXECNAME "(objectClass=SolarisExecAttr)"
42 #define _F_GETGRENT "(objectClass=posixGroup)"
87 {(char *)_EXECATTR, (char *)_F_GETEXECNAME, (char *)_A_CN},
88 {(char *)_PROFATTR, (char *)_F_GETPROFNAME, (char *)_A_CN},
89 {(char *)_USERATTR, (char *)_F_GETUSERNAME, (char *)_A_UID},
90 {(char *)_PROJECT, (char *)_F_GETPROJENT, (char *)_A_PROJECTNAM},
91 {(char *)_PRINTERS, (char *)_F_GETPRINTERENT, (char *)_A_CN},
92 {(char *)_TNRHDB, (char *)_F_GETTNRHDB, (char *)_A_IPTNETNUM},
93 {(char *)_TNRHTP, (char *)_F_GETTNRHTP,
94 (char *)_A_IPTNETTMPLNAM},
95 {(char *)NULL, (char *)NULL, (char *)NULL}
96 };
97
98
99 nss_status_t
100 switch_err(int rc, ns_ldap_error_t *error)
101 {
102 switch (rc) {
103 case NS_LDAP_SUCCESS:
104 return (NSS_SUCCESS);
105
106 case NS_LDAP_NOTFOUND:
107 return (NSS_NOTFOUND);
108
109 case NS_LDAP_PARTIAL:
110 return (NSS_TRYAGAIN);
111
112 case NS_LDAP_INTERNAL:
113 if (error && (error->status == LDAP_SERVER_DOWN ||
114 error->status == LDAP_TIMEOUT))
115 return (NSS_TRYAGAIN);
116 else
117 return (NSS_UNAVAIL);
118
119 default:
120 return (NSS_UNAVAIL);
121 }
122 }
123 /* ARGSUSED */
124 nss_status_t
125 _nss_ldap_lookup(ldap_backend_ptr be, nss_XbyY_args_t *argp,
126 char *database, char *searchfilter, char *domain,
229 if (callbackstat == NSS_STR_PARSE_ERANGE) {
230 argp->erange = 1;
231 return ((nss_status_t)NSS_NOTFOUND);
232 }
233 if (callbackstat == NSS_STR_PARSE_NO_ADDR) {
234 /* No IPV4 address is found */
235 argp->h_errno = HOST_NOT_FOUND;
236 return ((nss_status_t)NSS_NOTFOUND);
237 }
238 return ((nss_status_t)NSS_UNAVAIL);
239 }
240
241 /*
242 * This function is similar to _nss_ldap_lookup except it does not
243 * do a callback. It is only used by getnetgrent.c
244 */
245
246 /* ARGSUSED */
247 nss_status_t
248 _nss_ldap_nocb_lookup(ldap_backend_ptr be, nss_XbyY_args_t *argp,
249 char *database, char *searchfilter, char *domain,
250 int (*init_filter_cb)(const ns_ldap_search_desc_t *desc,
251 char **realfilter, const void *userdata),
252 const void *userdata)
253 {
254 ns_ldap_error_t *error = NULL;
255 int rc;
256
257 #ifdef DEBUG
258 (void) fprintf(stdout, "\n[ldap_common.c: _nss_ldap_nocb_lookup]\n");
259 (void) fprintf(stdout, "\tsearchfilter: %s\n", searchfilter);
260 (void) fprintf(stdout, "\tdatabase: %s\n", database);
261 (void) fprintf(stdout,
262 "\tuserdata: %s\n", userdata ? userdata : "NULL");
263 #endif /* DEBUG */
264
265 (void) __ns_ldap_freeResult(&be->result);
266
267 if ((rc = __ns_ldap_list(database, searchfilter, init_filter_cb,
268 be->attrs, NULL, 0, &be->result, &error, NULL,
269 userdata)) != NS_LDAP_SUCCESS) {
270 if (argp != NULL)
271 argp->returnval = 0;
272 rc = switch_err(rc, error);
273 (void) __ns_ldap_freeError(&error);
274 return (rc);
275 }
276
277 return ((nss_status_t)NSS_SUCCESS);
278 }
279
280
281 /*
282 *
283 */
284
285 void
286 _clean_ldap_backend(ldap_backend_ptr be)
287 {
288 ns_ldap_error_t *error;
|
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright 2018 Nexenta Systems, Inc. All rights reserved.
24 */
25
26 #include "ldap_common.h"
27 #include <malloc.h>
28 #include <synch.h>
29 #include <syslog.h>
30 #include <rpcsvc/ypclnt.h>
31 #include <rpcsvc/yp_prot.h>
32 #include <thread.h>
33 #include <ctype.h>
34 #include <stdlib.h>
35 #include <signal.h>
36 #include <sys/stat.h>
37
38 /* getent attributes filters */
39 #define _F_GETALIASENT "(objectClass=rfc822MailGroup)"
40 #define _F_GETAUTHNAME "(objectClass=SolarisAuthAttr)"
41 #define _F_GETAUUSERNAME "(objectClass=SolarisAuditUser)"
42 #define _F_GETEXECNAME "(objectClass=SolarisExecAttr)"
43 #define _F_GETGRENT "(objectClass=posixGroup)"
88 {(char *)_EXECATTR, (char *)_F_GETEXECNAME, (char *)_A_CN},
89 {(char *)_PROFATTR, (char *)_F_GETPROFNAME, (char *)_A_CN},
90 {(char *)_USERATTR, (char *)_F_GETUSERNAME, (char *)_A_UID},
91 {(char *)_PROJECT, (char *)_F_GETPROJENT, (char *)_A_PROJECTNAM},
92 {(char *)_PRINTERS, (char *)_F_GETPRINTERENT, (char *)_A_CN},
93 {(char *)_TNRHDB, (char *)_F_GETTNRHDB, (char *)_A_IPTNETNUM},
94 {(char *)_TNRHTP, (char *)_F_GETTNRHTP,
95 (char *)_A_IPTNETTMPLNAM},
96 {(char *)NULL, (char *)NULL, (char *)NULL}
97 };
98
99
100 nss_status_t
101 switch_err(int rc, ns_ldap_error_t *error)
102 {
103 switch (rc) {
104 case NS_LDAP_SUCCESS:
105 return (NSS_SUCCESS);
106
107 case NS_LDAP_NOTFOUND:
108 errno = 0;
109 return (NSS_NOTFOUND);
110
111 case NS_LDAP_PARTIAL:
112 return (NSS_TRYAGAIN);
113
114 case NS_LDAP_INTERNAL:
115 if (error && (error->status == LDAP_SERVER_DOWN ||
116 error->status == LDAP_TIMEOUT))
117 return (NSS_TRYAGAIN);
118 else
119 return (NSS_UNAVAIL);
120
121 default:
122 return (NSS_UNAVAIL);
123 }
124 }
125 /* ARGSUSED */
126 nss_status_t
127 _nss_ldap_lookup(ldap_backend_ptr be, nss_XbyY_args_t *argp,
128 char *database, char *searchfilter, char *domain,
231 if (callbackstat == NSS_STR_PARSE_ERANGE) {
232 argp->erange = 1;
233 return ((nss_status_t)NSS_NOTFOUND);
234 }
235 if (callbackstat == NSS_STR_PARSE_NO_ADDR) {
236 /* No IPV4 address is found */
237 argp->h_errno = HOST_NOT_FOUND;
238 return ((nss_status_t)NSS_NOTFOUND);
239 }
240 return ((nss_status_t)NSS_UNAVAIL);
241 }
242
243 /*
244 * This function is similar to _nss_ldap_lookup except it does not
245 * do a callback. It is only used by getnetgrent.c
246 */
247
248 /* ARGSUSED */
249 nss_status_t
250 _nss_ldap_nocb_lookup(ldap_backend_ptr be, nss_XbyY_args_t *argp,
251 char *database, char *searchfilter, const char * const *attrs,
252 int (*init_filter_cb)(const ns_ldap_search_desc_t *desc,
253 char **realfilter, const void *userdata),
254 const void *userdata)
255 {
256 ns_ldap_error_t *error = NULL;
257 int rc;
258
259 if (attrs == NULL)
260 attrs = be->attrs;
261
262 #ifdef DEBUG
263 (void) fprintf(stdout, "\n[ldap_common.c: _nss_ldap_nocb_lookup]\n");
264 (void) fprintf(stdout, "\tsearchfilter: %s\n", searchfilter);
265 (void) fprintf(stdout, "\tdatabase: %s\n", database);
266 (void) fprintf(stdout,
267 "\tuserdata: %s\n", userdata ? userdata : "NULL");
268 #endif /* DEBUG */
269
270 (void) __ns_ldap_freeResult(&be->result);
271
272 if ((rc = __ns_ldap_list(database, searchfilter, init_filter_cb,
273 attrs, NULL, 0, &be->result, &error, NULL,
274 userdata)) != NS_LDAP_SUCCESS) {
275 if (argp != NULL)
276 argp->returnval = 0;
277 rc = switch_err(rc, error);
278 (void) __ns_ldap_freeError(&error);
279 return (rc);
280 }
281
282 return ((nss_status_t)NSS_SUCCESS);
283 }
284
285
286 /*
287 *
288 */
289
290 void
291 _clean_ldap_backend(ldap_backend_ptr be)
292 {
293 ns_ldap_error_t *error;
|