Print this page
NEX-18462 SMB can't view ACL if posix ID can't be mapped
Review by: Gordon Ross <gordon.ross@nexenta.com>
Review by: Evan Layton <evan.layton@nexenta.com>
NEX-14547 Get UNIX group info. from AD/LDAP with partial RFC2307 schema
NEX-13132 smbd dumping core in nss_ldap.so.1`getbymember
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/lib/nsswitch/ldap/common/ldap_common.c
+++ new/usr/src/lib/nsswitch/ldap/common/ldap_common.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
|
↓ open down ↓ |
12 lines elided |
↑ open up ↑ |
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21 /*
22 22 * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
23 + * Copyright 2018 Nexenta Systems, Inc. All rights reserved.
23 24 */
24 25
25 26 #include "ldap_common.h"
26 27 #include <malloc.h>
27 28 #include <synch.h>
28 29 #include <syslog.h>
29 30 #include <rpcsvc/ypclnt.h>
30 31 #include <rpcsvc/yp_prot.h>
31 32 #include <thread.h>
32 33 #include <ctype.h>
33 34 #include <stdlib.h>
34 35 #include <signal.h>
35 36 #include <sys/stat.h>
36 37
37 38 /* getent attributes filters */
38 39 #define _F_GETALIASENT "(objectClass=rfc822MailGroup)"
39 40 #define _F_GETAUTHNAME "(objectClass=SolarisAuthAttr)"
40 41 #define _F_GETAUUSERNAME "(objectClass=SolarisAuditUser)"
41 42 #define _F_GETEXECNAME "(objectClass=SolarisExecAttr)"
42 43 #define _F_GETGRENT "(objectClass=posixGroup)"
43 44 #define _F_GETHOSTENT "(objectClass=ipHost)"
44 45 #define _F_GETNETENT "(objectClass=ipNetwork)"
45 46 #define _F_GETPROFNAME \
46 47 "(&(objectClass=SolarisProfAttr)(!(SolarisKernelSecurityPolicy=*)))"
47 48 #define _F_GETPROTOENT "(objectClass=ipProtocol)"
48 49 #define _F_GETPWENT "(objectClass=posixAccount)"
49 50 #define _F_GETPRINTERENT "(objectClass=sunPrinter)"
50 51 #define _F_GETRPCENT "(objectClass=oncRpc)"
51 52 #define _F_GETSERVENT "(objectClass=ipService)"
52 53 #define _F_GETSPENT "(objectclass=shadowAccount)"
53 54 #define _F_GETUSERNAME "(objectClass=SolarisUserAttr)"
54 55 #define _F_GETPROJENT "(objectClass=SolarisProject)"
55 56 #define _F_GETTNRHDB "(objectClass=ipTnetHost)"
56 57 #define _F_GETTNRHTP "(&(objectClass=ipTnetTemplate)"\
57 58 "(SolarisAttrKeyValue=*))"
58 59 #define _F_GETENT_SSD "(%s)"
59 60
60 61 /* getent sort attributes */
61 62 #define _A_UID "uid"
62 63 #define _A_GIDNUMBER "gidnumber"
63 64 #define _A_CN "cn"
64 65 #define _A_IPNETWORKNUM "ipnetworknumber"
65 66 #define _A_PROJECTNAM "SolarisProjectName"
66 67 #define _A_IPTNETNUM "ipTnetNumber"
67 68 #define _A_IPTNETTMPLNAM "ipTnetTemplateName"
68 69
69 70 static struct gettablefilter {
70 71 char *tablename;
71 72 char *tablefilter;
72 73 char *sortattr;
73 74 } gettablefilterent[] = {
74 75 {(char *)_PASSWD, (char *)_F_GETPWENT, (char *)_A_UID},
75 76 {(char *)_SHADOW, (char *)_F_GETSPENT, (char *)_A_UID},
76 77 {(char *)_GROUP, (char *)_F_GETGRENT, (char *)_A_GIDNUMBER},
77 78 {(char *)_HOSTS, (char *)_F_GETHOSTENT, (char *)_A_CN},
78 79 {(char *)_NETWORKS, (char *)_F_GETNETENT,
79 80 (char *)_A_IPNETWORKNUM},
80 81 {(char *)_PROTOCOLS, (char *)_F_GETPROTOENT, (char *)_A_CN},
81 82 {(char *)_RPC, (char *)_F_GETRPCENT, (char *)_A_CN},
82 83 {(char *)_ALIASES, (char *)_F_GETALIASENT, (char *)_A_CN},
83 84 {(char *)_SERVICES, (char *)_F_GETSERVENT, (char *)_A_CN},
84 85 {(char *)_AUUSER, (char *)_F_GETAUUSERNAME,
85 86 (char *)_A_UID},
86 87 {(char *)_AUTHATTR, (char *)_F_GETAUTHNAME, (char *)_A_CN},
87 88 {(char *)_EXECATTR, (char *)_F_GETEXECNAME, (char *)_A_CN},
88 89 {(char *)_PROFATTR, (char *)_F_GETPROFNAME, (char *)_A_CN},
89 90 {(char *)_USERATTR, (char *)_F_GETUSERNAME, (char *)_A_UID},
90 91 {(char *)_PROJECT, (char *)_F_GETPROJENT, (char *)_A_PROJECTNAM},
91 92 {(char *)_PRINTERS, (char *)_F_GETPRINTERENT, (char *)_A_CN},
92 93 {(char *)_TNRHDB, (char *)_F_GETTNRHDB, (char *)_A_IPTNETNUM},
93 94 {(char *)_TNRHTP, (char *)_F_GETTNRHTP,
94 95 (char *)_A_IPTNETTMPLNAM},
95 96 {(char *)NULL, (char *)NULL, (char *)NULL}
96 97 };
|
↓ open down ↓ |
64 lines elided |
↑ open up ↑ |
97 98
98 99
99 100 nss_status_t
100 101 switch_err(int rc, ns_ldap_error_t *error)
101 102 {
102 103 switch (rc) {
103 104 case NS_LDAP_SUCCESS:
104 105 return (NSS_SUCCESS);
105 106
106 107 case NS_LDAP_NOTFOUND:
108 + errno = 0;
107 109 return (NSS_NOTFOUND);
108 110
109 111 case NS_LDAP_PARTIAL:
110 112 return (NSS_TRYAGAIN);
111 113
112 114 case NS_LDAP_INTERNAL:
113 115 if (error && (error->status == LDAP_SERVER_DOWN ||
114 116 error->status == LDAP_TIMEOUT))
115 117 return (NSS_TRYAGAIN);
116 118 else
117 119 return (NSS_UNAVAIL);
118 120
119 121 default:
120 122 return (NSS_UNAVAIL);
121 123 }
122 124 }
123 125 /* ARGSUSED */
124 126 nss_status_t
125 127 _nss_ldap_lookup(ldap_backend_ptr be, nss_XbyY_args_t *argp,
126 - char *database, char *searchfilter, char *domain,
127 - int (*init_filter_cb)(const ns_ldap_search_desc_t *desc,
128 - char **realfilter, const void *userdata),
129 - const void *userdata)
128 + char *database, char *searchfilter, char *domain,
129 + int (*init_filter_cb)(const ns_ldap_search_desc_t *desc,
130 + char **realfilter, const void *userdata),
131 + const void *userdata)
130 132 {
131 133 int callbackstat = 0;
132 134 ns_ldap_error_t *error = NULL;
133 135 int rc;
134 136
135 137 #ifdef DEBUG
136 138 (void) fprintf(stdout, "\n[ldap_common.c: _nss_ldap_lookup]\n");
137 139 (void) fprintf(stdout, "\tsearchfilter: %s\n", searchfilter);
138 140 (void) fprintf(stdout,
139 141 "\tuserdata: %s\n", userdata ? userdata : "NULL");
140 142 (void) fprintf(stdout, "\tdatabase: %s\n", database);
141 143 #endif /* DEBUG */
142 144
143 145 (void) __ns_ldap_freeResult(&be->result);
144 146
145 147 if ((rc = __ns_ldap_list(database, searchfilter, init_filter_cb,
146 148 be->attrs, NULL, 0, &be->result, &error, NULL,
147 149 userdata)) != NS_LDAP_SUCCESS) {
148 150 argp->returnval = 0;
149 151 rc = switch_err(rc, error);
150 152 (void) __ns_ldap_freeError(&error);
151 153
152 154 return (rc);
153 155 }
154 156 (void) __ns_ldap_freeError(&error);
155 157 /* callback function */
156 158 if ((callbackstat =
157 159 be->ldapobj2str(be, argp)) != NSS_STR_PARSE_SUCCESS) {
158 160 goto error_out;
159 161 }
160 162
161 163 /*
162 164 * publickey does not have a front end marshaller and expects
163 165 * a string to be returned in NSS.
164 166 * No need to convert file format -> struct.
165 167 *
166 168 */
167 169 if (be->db_type == NSS_LDAP_DB_PUBLICKEY) {
168 170 argp->returnval = argp->buf.buffer;
169 171 argp->returnlen = strlen(argp->buf.buffer);
170 172 be->db_type = NSS_LDAP_DB_NONE;
171 173 return (NSS_SUCCESS);
172 174 }
173 175 /*
174 176 * Assume the switch engine wants the returned data in the file
175 177 * format when argp->buf.result == NULL.
176 178 * The front-end marshaller str2ether(ethers) uses
177 179 * ent (argp->buf.result) and buffer (argp->buf.buffer)
178 180 * for different purpose so ethers has to be treated differently.
179 181 */
180 182 if (argp->buf.result != NULL ||
181 183 be->db_type == NSS_LDAP_DB_ETHERS) {
182 184 /* file format -> struct */
183 185 if (argp->str2ent == NULL) {
184 186 callbackstat = NSS_STR_PARSE_PARSE;
185 187 goto error_out;
186 188 }
187 189
188 190 callbackstat = (*argp->str2ent)(be->buffer,
189 191 be->buflen,
190 192 argp->buf.result,
191 193 argp->buf.buffer,
192 194 argp->buf.buflen);
193 195 if (callbackstat == NSS_STR_PARSE_SUCCESS) {
194 196 if (be->db_type == NSS_LDAP_DB_ETHERS &&
195 197 argp->buf.buffer != NULL) {
196 198 argp->returnval = argp->buf.buffer;
197 199 argp->returnlen = strlen(argp->buf.buffer);
198 200 } else {
199 201 argp->returnval = argp->buf.result;
200 202 argp->returnlen = 1; /* irrelevant */
201 203 }
202 204 if (be->buffer != NULL) {
203 205 free(be->buffer);
204 206 be->buffer = NULL;
205 207 be->buflen = 0;
206 208 be->db_type = NSS_LDAP_DB_NONE;
207 209 }
208 210 return ((nss_status_t)NSS_SUCCESS);
209 211 }
210 212 } else {
211 213 /* return file format in argp->buf.buffer */
212 214 argp->returnval = argp->buf.buffer;
213 215 argp->returnlen = strlen(argp->buf.buffer);
214 216 return ((nss_status_t)NSS_SUCCESS);
215 217 }
216 218
217 219 error_out:
218 220 if (be->buffer != NULL) {
219 221 free(be->buffer);
220 222 be->buffer = NULL;
221 223 be->buflen = 0;
222 224 be->db_type = NSS_LDAP_DB_NONE;
223 225 }
224 226 /* error */
225 227 if (callbackstat == NSS_STR_PARSE_PARSE) {
226 228 argp->returnval = 0;
227 229 return ((nss_status_t)NSS_NOTFOUND);
228 230 }
229 231 if (callbackstat == NSS_STR_PARSE_ERANGE) {
230 232 argp->erange = 1;
231 233 return ((nss_status_t)NSS_NOTFOUND);
232 234 }
233 235 if (callbackstat == NSS_STR_PARSE_NO_ADDR) {
234 236 /* No IPV4 address is found */
235 237 argp->h_errno = HOST_NOT_FOUND;
236 238 return ((nss_status_t)NSS_NOTFOUND);
237 239 }
238 240 return ((nss_status_t)NSS_UNAVAIL);
|
↓ open down ↓ |
99 lines elided |
↑ open up ↑ |
239 241 }
240 242
241 243 /*
242 244 * This function is similar to _nss_ldap_lookup except it does not
243 245 * do a callback. It is only used by getnetgrent.c
244 246 */
245 247
246 248 /* ARGSUSED */
247 249 nss_status_t
248 250 _nss_ldap_nocb_lookup(ldap_backend_ptr be, nss_XbyY_args_t *argp,
249 - char *database, char *searchfilter, char *domain,
250 - int (*init_filter_cb)(const ns_ldap_search_desc_t *desc,
251 - char **realfilter, const void *userdata),
252 - const void *userdata)
251 + char *database, char *searchfilter, const char * const *attrs,
252 + int (*init_filter_cb)(const ns_ldap_search_desc_t *desc,
253 + char **realfilter, const void *userdata),
254 + const void *userdata)
253 255 {
254 256 ns_ldap_error_t *error = NULL;
255 257 int rc;
256 258
259 + if (attrs == NULL)
260 + attrs = be->attrs;
261 +
257 262 #ifdef DEBUG
258 263 (void) fprintf(stdout, "\n[ldap_common.c: _nss_ldap_nocb_lookup]\n");
259 264 (void) fprintf(stdout, "\tsearchfilter: %s\n", searchfilter);
260 265 (void) fprintf(stdout, "\tdatabase: %s\n", database);
261 266 (void) fprintf(stdout,
262 267 "\tuserdata: %s\n", userdata ? userdata : "NULL");
263 268 #endif /* DEBUG */
264 269
265 270 (void) __ns_ldap_freeResult(&be->result);
266 271
267 272 if ((rc = __ns_ldap_list(database, searchfilter, init_filter_cb,
268 - be->attrs, NULL, 0, &be->result, &error, NULL,
273 + attrs, NULL, 0, &be->result, &error, NULL,
269 274 userdata)) != NS_LDAP_SUCCESS) {
270 275 if (argp != NULL)
271 276 argp->returnval = 0;
272 277 rc = switch_err(rc, error);
273 278 (void) __ns_ldap_freeError(&error);
274 279 return (rc);
275 280 }
276 281
277 282 return ((nss_status_t)NSS_SUCCESS);
278 283 }
279 284
280 285
281 286 /*
282 287 *
283 288 */
284 289
285 290 void
286 291 _clean_ldap_backend(ldap_backend_ptr be)
287 292 {
288 293 ns_ldap_error_t *error;
289 294
290 295 #ifdef DEBUG
291 296 (void) fprintf(stdout, "\n[ldap_common.c: _clean_ldap_backend]\n");
292 297 #endif /* DEBUG */
293 298
294 299 if (be->tablename != NULL)
295 300 free(be->tablename);
296 301 if (be->result != NULL)
297 302 (void) __ns_ldap_freeResult(&be->result);
298 303 if (be->enumcookie != NULL)
299 304 (void) __ns_ldap_endEntry(&be->enumcookie, &error);
300 305 if (be->services_cookie != NULL)
301 306 _nss_services_cookie_free((void **)&be->services_cookie);
302 307 if (be->toglue != NULL) {
303 308 free(be->toglue);
304 309 be->toglue = NULL;
305 310 }
306 311 if (be->buffer != NULL) {
307 312 free(be->buffer);
308 313 be->buffer = NULL;
309 314 }
310 315 free(be);
311 316 }
312 317
313 318
314 319 /*
315 320 * _nss_ldap_destr will free all smalloc'ed variable strings and structures
316 321 * before exiting this nsswitch shared backend library. This function is
317 322 * called before returning control back to nsswitch.
318 323 */
319 324
320 325 /*ARGSUSED1*/
321 326 nss_status_t
322 327 _nss_ldap_destr(ldap_backend_ptr be, void *a)
323 328 {
324 329
325 330 #ifdef DEBUG
326 331 (void) fprintf(stdout, "\n[ldap_common.c: _nss_ldap_destr]\n");
327 332 #endif /* DEBUG */
328 333
329 334 (void) _clean_ldap_backend(be);
330 335
331 336 return ((nss_status_t)NSS_SUCCESS);
332 337 }
333 338
334 339
335 340 /*
336 341 * _nss_ldap_setent called before _nss_ldap_getent. This function is
337 342 * required by POSIX.
338 343 */
339 344
340 345 nss_status_t
341 346 _nss_ldap_setent(ldap_backend_ptr be, void *a)
342 347 {
343 348 struct gettablefilter *gtf;
344 349
345 350 #ifdef DEBUG
346 351 (void) fprintf(stdout, "\n[ldap_common.c: _nss_ldap_setent]\n");
347 352 #endif /* DEBUG */
348 353
349 354 if (be->setcalled == 1)
350 355 (void) _nss_ldap_endent(be, a);
351 356 be->filter = NULL;
352 357 be->sortattr = NULL;
353 358 for (gtf = gettablefilterent; gtf->tablename != (char *)NULL; gtf++) {
354 359 if (strcmp(gtf->tablename, be->tablename))
355 360 continue;
356 361 be->filter = (char *)gtf->tablefilter;
357 362 be->sortattr = (char *)gtf->sortattr;
358 363 break;
359 364 }
360 365
361 366 be->setcalled = 1;
362 367 be->enumcookie = NULL;
363 368 be->result = NULL;
364 369 be->services_cookie = NULL;
365 370 be->buffer = NULL;
366 371 return ((nss_status_t)NSS_SUCCESS);
367 372 }
368 373
369 374
370 375 /*
371 376 * _nss_ldap_endent called after _nss_ldap_getent. This function is
372 377 * required by POSIX.
373 378 */
374 379
375 380 /*ARGSUSED1*/
376 381 nss_status_t
377 382 _nss_ldap_endent(ldap_backend_ptr be, void *a)
378 383 {
379 384 ns_ldap_error_t *error = NULL;
380 385
381 386 #ifdef DEBUG
382 387 (void) fprintf(stdout, "\n[ldap_common.c: _nss_ldap_endent]\n");
383 388 #endif /* DEBUG */
384 389
385 390 be->setcalled = 0;
386 391 be->filter = NULL;
387 392 be->sortattr = NULL;
388 393 if (be->enumcookie != NULL) {
389 394 (void) __ns_ldap_endEntry(&be->enumcookie, &error);
390 395 (void) __ns_ldap_freeError(&error);
391 396 }
392 397 if (be->result != NULL) {
393 398 (void) __ns_ldap_freeResult(&be->result);
394 399 }
395 400 if (be->services_cookie != NULL) {
396 401 _nss_services_cookie_free((void **)&be->services_cookie);
397 402 }
398 403 if (be->buffer != NULL) {
399 404 free(be->buffer);
400 405 be->buffer = NULL;
401 406 }
402 407
403 408 return ((nss_status_t)NSS_SUCCESS);
404 409 }
405 410
406 411
407 412 /*
408 413 *
409 414 */
410 415
411 416 nss_status_t
412 417 _nss_ldap_getent(ldap_backend_ptr be, void *a)
413 418 {
414 419 nss_XbyY_args_t *argp = (nss_XbyY_args_t *)a;
415 420 ns_ldap_error_t *error = NULL;
416 421 int parsestat = 0;
417 422 int retcode = 0;
418 423
419 424 #ifdef DEBUG
420 425 (void) fprintf(stdout, "\n[ldap_common.c: _nss_ldap_getent]\n");
421 426 #endif /* DEBUG */
422 427
423 428 if (be->setcalled == 0)
424 429 (void) _nss_ldap_setent(be, a);
425 430
426 431 next_entry:
427 432 if (be->enumcookie == NULL) {
428 433 retcode = __ns_ldap_firstEntry(be->tablename,
429 434 be->filter, be->sortattr, _merge_SSD_filter, be->attrs,
430 435 NULL, 0, &be->enumcookie,
431 436 &be->result, &error, _F_GETENT_SSD);
432 437 } else {
433 438 if (be->services_cookie == NULL) {
434 439 retcode = __ns_ldap_nextEntry(be->enumcookie,
435 440 &be->result, &error);
436 441 }
437 442 }
438 443 if (retcode != NS_LDAP_SUCCESS) {
439 444 retcode = switch_err(retcode, error);
440 445 (void) __ns_ldap_freeError(&error);
441 446 (void) _nss_ldap_endent(be, a);
442 447 return (retcode);
443 448 }
444 449
445 450 if (be->result == NULL) {
446 451 parsestat = NSS_STR_PARSE_NO_RESULT;
447 452 goto error_out;
448 453 }
449 454 /* ns_ldap_entry_t -> file format */
450 455 if ((parsestat = be->ldapobj2str(be, argp))
451 456 == NSS_STR_PARSE_SUCCESS) {
452 457 if (argp->buf.result != NULL) {
453 458 /* file format -> struct */
454 459 if (argp->str2ent == NULL) {
455 460 parsestat = NSS_STR_PARSE_NO_RESULT;
456 461 goto error_out;
457 462 }
458 463 parsestat = (*argp->str2ent)(be->buffer,
459 464 be->buflen,
460 465 argp->buf.result,
461 466 argp->buf.buffer,
462 467 argp->buf.buflen);
463 468 if (parsestat == NSS_STR_PARSE_SUCCESS) {
464 469 if (be->buffer != NULL) {
465 470 free(be->buffer);
466 471 be->buffer = NULL;
467 472 be->buflen = 0;
468 473 }
469 474 be->result = NULL;
470 475 argp->returnval = argp->buf.result;
471 476 argp->returnlen = 1; /* irrevelant */
472 477 return ((nss_status_t)NSS_SUCCESS);
473 478 }
474 479 } else {
475 480 /*
476 481 * nscd is not caching the enumerated
477 482 * entries. This code path would be dormant.
478 483 * Keep this path for the future references.
479 484 */
480 485 argp->returnval = argp->buf.buffer;
481 486 argp->returnlen =
482 487 strlen(argp->buf.buffer) + 1;
483 488 }
484 489 }
485 490 error_out:
486 491 if (be->buffer != NULL) {
487 492 free(be->buffer);
488 493 be->buffer = NULL;
489 494 be->buflen = 0;
490 495 }
491 496 be->result = NULL;
492 497 if (parsestat == NSS_STR_PARSE_NO_RESULT) {
493 498 argp->returnval = 0;
494 499 (void) _nss_ldap_endent(be, a);
495 500 return ((nss_status_t)NSS_NOTFOUND);
496 501 }
497 502
498 503 if (parsestat == NSS_STR_PARSE_ERANGE) {
499 504 argp->erange = 1;
500 505 (void) _nss_ldap_endent(be, a);
501 506 return ((nss_status_t)NSS_NOTFOUND);
502 507 }
503 508 if (parsestat == NSS_STR_PARSE_NO_ADDR)
504 509 /*
505 510 * No IPV4 address is found in the current entry.
506 511 * It indicates that the entry contains IPV6 addresses
507 512 * only. Instead of calling _nss_ldap_endent to
508 513 * terminate, get next entry to continue enumeration.
509 514 * If it returned NSS_NOTFOUND here,
510 515 * gethostent() would return NULL
511 516 * and the enumeration would stop prematurely.
512 517 */
513 518 goto next_entry;
514 519
515 520 if (parsestat == NSS_STR_PARSE_PARSE)
516 521 /*
517 522 * There has been a parse error. Most likely some
518 523 * mandatory attributes are missing. Ignore the error
519 524 * and get the next entry. If we returned an error the
520 525 * enumeration would stop prematurely.
521 526 */
522 527 goto next_entry;
523 528
|
↓ open down ↓ |
245 lines elided |
↑ open up ↑ |
524 529 return ((nss_status_t)NSS_SUCCESS);
525 530 }
526 531
527 532
528 533 /*
529 534 *
530 535 */
531 536
532 537 nss_backend_t *
533 538 _nss_ldap_constr(ldap_backend_op_t ops[], int nops, char *tablename,
534 - const char **attrs, fnf ldapobj2str)
539 + const char **attrs, fnf ldapobj2str)
535 540 {
536 541 ldap_backend_ptr be;
537 542
538 543 #ifdef DEBUG
539 544 (void) fprintf(stdout, "\n[ldap_common.c: _nss_ldap_constr]\n");
540 545 #endif /* DEBUG */
541 546
542 547 if ((be = (ldap_backend_ptr) calloc(1, sizeof (*be))) == 0)
543 548 return (0);
544 549 be->ops = ops;
545 550 be->nops = (nss_dbop_t)nops;
546 551 be->tablename = (char *)strdup(tablename);
547 552 be->attrs = attrs;
548 553 be->ldapobj2str = ldapobj2str;
549 554
550 555 return ((nss_backend_t *)be);
551 556 }
552 557
553 558
554 559 /*
555 560 *
556 561 */
557 562 int
558 563 chophostdomain(char *string, char *host, char *domain)
559 564 {
560 565 char *dot;
561 566
562 567 if (string == NULL)
563 568 return (-1);
564 569
565 570 if ((dot = strchr(string, '.')) == NULL) {
566 571 return (0);
567 572 }
568 573 *dot = '\0';
569 574 (void) strcpy(host, string);
570 575 (void) strcpy(domain, ++dot);
571 576
572 577 return (0);
573 578 }
574 579
575 580
576 581 /*
577 582 *
578 583 */
579 584 int
580 585 propersubdomain(char *domain, char *subdomain)
581 586 {
582 587 int domainlen, subdomainlen;
583 588
584 589 /* sanity check */
585 590 if (domain == NULL || subdomain == NULL)
586 591 return (-1);
587 592
588 593 domainlen = strlen(domain);
589 594 subdomainlen = strlen(subdomain);
590 595
591 596 /* is afterdot a substring of domain? */
592 597 if ((strncasecmp(domain, subdomain, subdomainlen)) != 0)
593 598 return (-1);
594 599
595 600 if (domainlen == subdomainlen)
596 601 return (1);
597 602
598 603 if (subdomainlen > domainlen)
599 604 return (-1);
600 605
601 606 if (*(domain + subdomainlen) != '.')
602 607 return (-1);
603 608
604 609 return (1);
605 610 }
|
↓ open down ↓ |
61 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX