Back to index

glibc  2.9
Functions
nis-publickey.c File Reference
#include <nss.h>
#include <ctype.h>
#include <errno.h>
#include <string.h>
#include <syslog.h>
#include <rpc/rpc.h>
#include <rpcsvc/yp.h>
#include <rpcsvc/ypclnt.h>
#include <rpc/key_prot.h>
#include "nss-nis.h"

Go to the source code of this file.

Functions

int xdecrypt (char *, char *)
enum nss_status _nss_nis_getpublickey (const char *netname, char *pkey, int *errnop)
enum nss_status _nss_nis_getsecretkey (const char *netname, char *skey, char *passwd, int *errnop)
static enum nss_status parse_netid_str (const char *s, uid_t *uidp, gid_t *gidp, int *gidlenp, gid_t *gidlist)
enum nss_status _nss_nis_netname2user (char netname[MAXNETNAMELEN+1], uid_t *uidp, gid_t *gidp, int *gidlenp, gid_t *gidlist, int *errnop)

Function Documentation

enum nss_status _nss_nis_getpublickey ( const char *  netname,
char *  pkey,
int errnop 
)

Definition at line 37 of file nis-publickey.c.

{
  pkey[0] = 0;

  if (netname == NULL)
    {
      *errnop = EINVAL;
      return NSS_STATUS_UNAVAIL;
    }

  char *domain = strchr (netname, '@');
  if (domain == NULL)
    {
      *errnop = EINVAL;
      return NSS_STATUS_UNAVAIL;
    }
  ++domain;

  char *result;
  int len;
  int yperr = yp_match (domain, "publickey.byname", netname, strlen (netname),
                     &result, &len);

  if (__builtin_expect (yperr != YPERR_SUCCESS, 0))
    {
      enum nss_status retval = yperr2nss (yperr);

      if (retval == NSS_STATUS_TRYAGAIN)
       *errnop = errno;
      return retval;
    }

  if (result != NULL)
    {
      char *p = strchr (result, ':');
      if (p != NULL)
       *p = 0;
      strncpy (pkey, result, HEXKEYBYTES + 1);
      pkey[HEXKEYBYTES] = '\0';
      free (result);
    }
  return NSS_STATUS_SUCCESS;
}

Here is the call graph for this function:

enum nss_status _nss_nis_getsecretkey ( const char *  netname,
char *  skey,
char *  passwd,
int errnop 
)

Definition at line 82 of file nis-publickey.c.

{
  skey[0] = 0;

  if (netname == NULL || passwd == NULL)
    {
      *errnop = EINVAL;
      return NSS_STATUS_UNAVAIL;
    }

  char *domain = strchr (netname, '@');
  if (domain == NULL)
    {
      *errnop = EINVAL;
      return NSS_STATUS_UNAVAIL;
    }
  ++domain;

  char *result;
  int len;
  int yperr = yp_match (domain, "publickey.byname", netname, strlen (netname),
                     &result, &len);

  if (__builtin_expect (yperr != YPERR_SUCCESS, 0))
    {
      enum nss_status retval = yperr2nss (yperr);

      if (retval == NSS_STATUS_TRYAGAIN)
       *errnop = errno;
      return retval;
    }

  if (result != NULL)
    {
      char *p = strchr (result, ':');
      if (p != NULL)
       {
         char buf[2 * (HEXKEYBYTES + 1)];

         ++p;
         strncpy (buf, p, 2 * (HEXKEYBYTES + 1));
         buf[2 * HEXKEYBYTES + 1] = '\0';
         if (xdecrypt (buf, passwd)
             && memcmp (buf, &(buf[HEXKEYBYTES]), KEYCHECKSUMSIZE) == 0)
           {
             buf[HEXKEYBYTES] = '\0';
             strcpy (skey, buf);
           }
       }

      free (result);
    }
  return NSS_STATUS_SUCCESS;
}

Here is the call graph for this function:

enum nss_status _nss_nis_netname2user ( char  netname[MAXNETNAMELEN+1],
uid_t uidp,
gid_t gidp,
int gidlenp,
gid_t gidlist,
int errnop 
)

Definition at line 196 of file nis-publickey.c.

{
  char *domain = strchr (netname, '@');
  if (domain == NULL)
    {
      *errnop = EINVAL;
      return NSS_STATUS_UNAVAIL;
    }

  /* Point past the '@' character */
  ++domain;
  char *lookup = NULL;
  int len;
  int yperr = yp_match (domain, "netid.byname", netname, strlen (netname),
                     &lookup, &len);
  switch (yperr)
    {
    case YPERR_SUCCESS:
      break;                /* the successful case */
    case YPERR_DOMAIN:
    case YPERR_KEY:
      return NSS_STATUS_NOTFOUND;
    case YPERR_MAP:
    default:
      return NSS_STATUS_UNAVAIL;
    }

  if (lookup == NULL)
    return NSS_STATUS_NOTFOUND;


  lookup[len] = '\0';

  enum nss_status err = parse_netid_str (lookup, uidp, gidp, gidlenp, gidlist);

  free (lookup);

  return err;
}

Here is the call graph for this function:

static enum nss_status parse_netid_str ( const char *  s,
uid_t uidp,
gid_t gidp,
int gidlenp,
gid_t gidlist 
) [static]

Definition at line 141 of file nis-publickey.c.

{
  char *p, *ep;
  int gidlen;

  if (!s || !isdigit (*s))
    {
      syslog (LOG_ERR, "netname2user: expecting uid '%s'", s);
      return NSS_STATUS_NOTFOUND;  /* XXX need a better error */
    }

  /* Fetch the uid */
  *uidp = strtoul (s, NULL, 10);

  if (*uidp == 0)
    {
      syslog (LOG_ERR, "netname2user: should not have uid 0");
      return NSS_STATUS_NOTFOUND;
    }

  /* Now get the group list */
  p = strchr (s, ':');
  if (!p)
    {
      syslog (LOG_ERR, "netname2user: missing group id list in '%s'", s);
      return NSS_STATUS_NOTFOUND;
    }
  ++p;                      /* skip ':' */
  if (!p || (!isdigit (*p)))
    {
      syslog (LOG_ERR, "netname2user: missing group id list in '%s'.", p);
      return NSS_STATUS_NOTFOUND;
    }

  *gidp = strtoul (p, &ep, 10);

  gidlen = 0;

  /* After strtoul() ep should point to the first invalid character.
     This is the marker "," we search for the next value.  */
  while (ep != NULL && *ep == ',')
    {
      ep++;
      p = ep;
      gidlist[gidlen++] = strtoul (p, &ep, 10);
    }

  *gidlenp = gidlen;

  return NSS_STATUS_SUCCESS;
}

Here is the call graph for this function:

Here is the caller graph for this function:

int xdecrypt ( char *  ,
char *   
)

Definition at line 139 of file xcrypt.c.

{
  char key[8];
  char ivec[8];
  char *buf;
  int err;
  int len;

  len = strlen (secret) / 2;
  buf = malloc ((unsigned) len);

  hex2bin (len, secret, buf);
  passwd2des_internal (passwd, key);
  memset (ivec, 0, 8);

  err = cbc_crypt (key, buf, len, DES_DECRYPT | DES_HW, ivec);
  if (DES_FAILED (err))
    {
      free (buf);
      return 0;
    }
  bin2hex (len, (unsigned char *) buf, secret);
  free (buf);
  return 1;
}