Back to index

openldap  2.4.31
Defines | Functions | Variables
passwd.c File Reference
#include "nssov.h"

Go to the source code of this file.

Defines

#define UID_KEY   0
#define PWD_KEY   1
#define UIDN_KEY   2
#define GIDN_KEY   3
#define GEC_KEY   4
#define CN_KEY   5
#define DIR_KEY   6
#define SHL_KEY   7
#define MAXUIDS_PER_ENTRY   5

Functions

int isvalidusername (struct berval *bv)
int nssov_dn2uid (Operation *op, nssov_info *ni, struct berval *dn, struct berval *uid)
int nssov_name2dn_cb (Operation *op, SlapReply *rs)
int nssov_uid2dn (Operation *op, nssov_info *ni, struct berval *uid, struct berval *dn)
 NSSOV_CBPRIV (passwd, char buf[256];struct berval name;struct berval id;)
static int write_passwd (nssov_passwd_cbp *cbp, Entry *entry)
 NSSOV_HANDLE (NSSOV_HANDLE(passwd, byname)
 READ_TYPE (fp, uid, uid_t)
 Debug (LDAP_DEBUG_TRACE,"nssov_passwd_byuid(%s)\n", cbp.id.bv_val, 0, 0)
 nssov_filter_byid (cbp.mi, UIDN_KEY,&cbp.id,&filter)) NSSOV_HANDLE(passwd
 Debug (LDAP_DEBUG_TRACE,"nssov_passwd_all()\n", 0, 0, 0)

Variables

static struct berval = BER_BVC("(objectClass=posixAccount)")
filter bv_val = fbuf
cbp id bv_len = snprintf(cbp.buf,sizeof(cbp.buf),"%d",uid)
BER_BVZEROcbp
 NSLCD_ACTION_PASSWD_BYUID
 all
 NSLCD_ACTION_PASSWD_ALL
 filter = cbp.mi->mi_filter

Define Documentation

#define CN_KEY   5

Definition at line 53 of file passwd.c.

#define DIR_KEY   6

Definition at line 54 of file passwd.c.

#define GEC_KEY   4

Definition at line 52 of file passwd.c.

#define GIDN_KEY   3

Definition at line 51 of file passwd.c.

#define MAXUIDS_PER_ENTRY   5

Definition at line 197 of file passwd.c.

#define PWD_KEY   1

Definition at line 49 of file passwd.c.

#define SHL_KEY   7

Definition at line 55 of file passwd.c.

#define UID_KEY   0

Definition at line 48 of file passwd.c.

#define UIDN_KEY   2

Definition at line 50 of file passwd.c.


Function Documentation

Debug ( LDAP_DEBUG_TRACE  ,
"nssov_passwd_byuid(%s)\n ,
cbp.id.  bv_val,
,
 
)
Debug ( LDAP_DEBUG_TRACE  ,
"nssov_passwd_all()\n ,
,
,
 
)
int isvalidusername ( struct berval bv)

Definition at line 79 of file passwd.c.

{
       int i;
       char *name = bv->bv_val;
       if ((name==NULL)||(name[0]=='\0'))
              return 0;
       /* check first character */
       if ( ! ( (name[0]>='A' && name[0] <= 'Z') ||
                                    (name[0]>='a' && name[0] <= 'z') ||
                                    (name[0]>='0' && name[0] <= '9') ||
                                    name[0]=='.' || name[0]=='_' ) )
              return 0;
       /* check other characters */
       for (i=1;i<bv->bv_len;i++)
       {
              if ( name[i]=='$' )
              {
                     /* if the char is $ we require it to be the last char */
                     if (name[i+1]!='\0')
                            return 0;
              }
              else if ( ! ( (name[i]>='A' && name[i] <= 'Z') ||
                                                               (name[i]>='a' && name[i] <= 'z') ||
                                                               (name[i]>='0' && name[i] <= '9') ||
                                                               name[i]=='.' || name[i]=='_'       || name[i]=='-') )
                     return 0;
       }
       /* no test failed so it must be good */
       return -1;
}

Here is the caller graph for this function:

NSSOV_CBPRIV ( passwd  ,
char buf;struct berval name;struct berval id [256] 
)
int nssov_dn2uid ( Operation op,
nssov_info ni,
struct berval dn,
struct berval uid 
)

Definition at line 111 of file passwd.c.

{
       nssov_mapinfo *mi = &ni->ni_maps[NM_passwd];
       AttributeDescription *ad = mi->mi_attrs[UID_KEY].an_desc;
       Entry *e;

       /* check for empty string */
       if (!dn->bv_len)
              return 0;
       /* try to look up uid within DN string */
       if (!strncmp(dn->bv_val,ad->ad_cname.bv_val,ad->ad_cname.bv_len) &&
              dn->bv_val[ad->ad_cname.bv_len] == '=')
       {
              struct berval bv, rdn;
              dnRdn(dn, &rdn);
              /* check if it is valid */
              bv.bv_val = dn->bv_val + ad->ad_cname.bv_len + 1;
              bv.bv_len = rdn.bv_len - ad->ad_cname.bv_len - 1;
              if (!isvalidusername(&bv))
                     return 0;
              ber_dupbv_x( uid, &bv, op->o_tmpmemctx );
              return 1;
       }
       /* look up the uid from the entry itself */
       if (be_entry_get_rw( op, dn, NULL, ad, 0, &e) == LDAP_SUCCESS)
       {
              Attribute *a = attr_find(e->e_attrs, ad);
              if (a) {
                     ber_dupbv_x(uid, &a->a_vals[0], op->o_tmpmemctx);
              }
              be_entry_release_r(op, e);
              if (a)
                     return 1;
       }
       return 0;
}

Here is the call graph for this function:

Here is the caller graph for this function:

nssov_filter_byid ( cbp.  mi,
UIDN_KEY  ,
&cbp.  id,
filter 
)
NSSOV_HANDLE ( NSSOV_HANDLE passwd,
byname   
)

Definition at line 394 of file passwd.c.

                              {sizeof(fbuf)};
       filter.bv_val = fbuf;
       READ_STRING(fp,cbp.buf);
       cbp.name.bv_len = tmpint32;
       cbp.name.bv_val = cbp.buf;
       if (!isvalidusername(&cbp.name)) {
              Debug(LDAP_DEBUG_ANY,"nssov_passwd_byname(%s): invalid user name\n",cbp.name.bv_val,0,0);
              return -1;
       }
       BER_BVZERO(&cbp.id); ,
       Debug(LDAP_DEBUG_TRACE,"nssov_passwd_byname(%s)\n",cbp.name.bv_val,0,0);,
       NSLCD_ACTION_PASSWD_BYNAME,
       nssov_filter_byname(cbp.mi,UID_KEY,&cbp.name,&filter)
)

NSSOV_HANDLE(
       passwd,byuid,
       uid_t uid;
       char fbuf[1024];
       struct berval filter = {sizeof(fbuf)};

Here is the call graph for this function:

int nssov_name2dn_cb ( Operation op,
SlapReply rs 
)

Definition at line 148 of file passwd.c.

{
       if ( rs->sr_type == REP_SEARCH )
       {
              struct berval *bv = op->o_callback->sc_private;
              if ( !BER_BVISNULL(bv)) {
                     op->o_tmpfree( bv->bv_val, op->o_tmpmemctx );
                     BER_BVZERO(bv);
                     return LDAP_ALREADY_EXISTS;
              }
              ber_dupbv_x(bv, &rs->sr_entry->e_name, op->o_tmpmemctx);
       }
       return LDAP_SUCCESS;
}

Here is the call graph for this function:

Here is the caller graph for this function:

int nssov_uid2dn ( Operation op,
nssov_info ni,
struct berval uid,
struct berval dn 
)

Definition at line 163 of file passwd.c.

{
       nssov_mapinfo *mi = &ni->ni_maps[NM_passwd];
       char fbuf[1024];
       struct berval filter = {sizeof(fbuf),fbuf};
       slap_callback cb = {0};
       SlapReply rs = {REP_RESULT};
       Operation op2;
       int rc;

       /* if it isn't a valid username, just bail out now */
       if (!isvalidusername(uid))
              return 0;
       /* we have to look up the entry */
       nssov_filter_byid(mi,UID_KEY,uid,&filter);
       BER_BVZERO(dn);
       cb.sc_private = dn;
       cb.sc_response = nssov_name2dn_cb;
       op2 = *op;
       op2.o_callback = &cb;
       op2.o_req_dn = mi->mi_base;
       op2.o_req_ndn = mi->mi_base;
       op2.ors_scope = mi->mi_scope;
       op2.ors_filterstr = filter;
       op2.ors_filter = str2filter_x( op, filter.bv_val );
       op2.ors_attrs = slap_anlist_no_attrs;
       op2.ors_tlimit = SLAP_NO_LIMIT;
       op2.ors_slimit = SLAP_NO_LIMIT;
       rc = op2.o_bd->be_search( &op2, &rs );
       filter_free_x( op, op2.ors_filter, 1 );
       return rc == LDAP_SUCCESS && !BER_BVISNULL(dn);
}

Here is the call graph for this function:

Here is the caller graph for this function:

READ_TYPE ( fp  ,
uid  ,
uid_t   
)
static int write_passwd ( nssov_passwd_cbp *  cbp,
Entry entry 
) [static]

Definition at line 206 of file passwd.c.

{
       int32_t tmpint32;
       struct berval tmparr[2], tmpuid[2];
       const char **tmpvalues;
       char *tmp;
       struct berval *names;
       struct berval *uids;
       struct berval passwd = {0};
       gid_t gid;
       struct berval gecos;
       struct berval homedir;
       struct berval shell;
       Attribute *a;
       int i,j;
       int use_shadow = 0;
       /* get the usernames for this entry */
       if (BER_BVISNULL(&cbp->name))
       {
              a = attr_find(entry->e_attrs, cbp->mi->mi_attrs[UID_KEY].an_desc);
              if (!a)
              {
                     Debug(LDAP_DEBUG_ANY,"passwd entry %s does not contain %s value\n",
                            entry->e_name.bv_val, cbp->mi->mi_attrs[UID_KEY].an_desc->ad_cname.bv_val,0);
                     return 0;
              }
              names = a->a_vals;
       }
       else
       {
              names=tmparr;
              names[0]=cbp->name;
              BER_BVZERO(&names[1]);
       }
       /* get the password for this entry */
       a = attr_find(entry->e_attrs, slap_schema.si_ad_objectClass);
       if ( a ) {
              for ( i=0; i<a->a_numvals; i++) {
                     if ( bvmatch( &shadowclass, &a->a_nvals[i] )) {
                            use_shadow = 1;
                            break;
                     }
              }
       }
       if ( use_shadow )
       {
              /* if the entry has a shadowAccount entry, point to that instead */
              passwd = shadow_passwd;
       }
       else
       {
              a = attr_find(entry->e_attrs, cbp->mi->mi_attrs[PWD_KEY].an_desc);
              if (a)
                     get_userpassword(&a->a_vals[0], &passwd);
              if (BER_BVISNULL(&passwd))
                     passwd=default_passwd_userPassword;
       }
       /* get the uids for this entry */
       if (BER_BVISNULL(&cbp->id))
       {
              a = attr_find(entry->e_attrs, cbp->mi->mi_attrs[UIDN_KEY].an_desc);
        if ( !a )
              {
                     Debug(LDAP_DEBUG_ANY,"passwd entry %s does not contain %s value\n",
                            entry->e_name.bv_val, cbp->mi->mi_attrs[UIDN_KEY].an_desc->ad_cname.bv_val,0);
                     return 0;
              }
              uids = a->a_vals;
       }
       else
       {
              uids = tmpuid;
              uids[0] = cbp->id;
              BER_BVZERO(&uids[1]);
       }
       /* get the gid for this entry */
       a = attr_find(entry->e_attrs, cbp->mi->mi_attrs[GIDN_KEY].an_desc);
       if (!a)
       {
              Debug(LDAP_DEBUG_ANY,"passwd entry %s does not contain %s value\n",
                     entry->e_name.bv_val, cbp->mi->mi_attrs[GIDN_KEY].an_desc->ad_cname.bv_val,0);
              return 0;
       }
       else if (a->a_numvals != 1)
       {
              Debug(LDAP_DEBUG_ANY,"passwd entry %s contains multiple %s values\n",
                     entry->e_name.bv_val, cbp->mi->mi_attrs[GIDN_KEY].an_desc->ad_cname.bv_val,0);
       }
       gid=(gid_t)strtol(a->a_vals[0].bv_val,&tmp,0);
       if ((a->a_vals[0].bv_val[0]=='\0')||(*tmp!='\0'))
       {
              Debug(LDAP_DEBUG_ANY,"passwd entry %s contains non-numeric %s value\n",
                     entry->e_name.bv_val, cbp->mi->mi_attrs[GIDN_KEY].an_desc->ad_cname.bv_val,0);
              return 0;
       }
       /* get the gecos for this entry (fall back to cn) */
       a = attr_find(entry->e_attrs, cbp->mi->mi_attrs[GEC_KEY].an_desc);
       if (!a)
              a = attr_find(entry->e_attrs, cbp->mi->mi_attrs[CN_KEY].an_desc);
       if (!a || !a->a_numvals)
       {
              Debug(LDAP_DEBUG_ANY,"passwd entry %s does not contain %s or %s value\n",
                     entry->e_name.bv_val,
                     cbp->mi->mi_attrs[GEC_KEY].an_desc->ad_cname.bv_val,
                     cbp->mi->mi_attrs[CN_KEY].an_desc->ad_cname.bv_val);
              return 0;
       }
       else if (a->a_numvals > 1)
       {
              Debug(LDAP_DEBUG_ANY,"passwd entry %s contains multiple %s or %s values\n",
                     entry->e_name.bv_val,
                     cbp->mi->mi_attrs[GEC_KEY].an_desc->ad_cname.bv_val,
                     cbp->mi->mi_attrs[CN_KEY].an_desc->ad_cname.bv_val);
       }
       gecos=a->a_vals[0];
       /* get the home directory for this entry */
       a = attr_find(entry->e_attrs, cbp->mi->mi_attrs[DIR_KEY].an_desc);
       if (!a)
       {
              Debug(LDAP_DEBUG_ANY,"passwd entry %s does not contain %s value\n",
                     entry->e_name.bv_val, cbp->mi->mi_attrs[DIR_KEY].an_desc->ad_cname.bv_val,0);
              homedir=default_passwd_homeDirectory;
       }
       else
       {
              if (a->a_numvals > 1)
              {
                     Debug(LDAP_DEBUG_ANY,"passwd entry %s contains multiple %s values\n",
                            entry->e_name.bv_val, cbp->mi->mi_attrs[DIR_KEY].an_desc->ad_cname.bv_val,0);
              }
              homedir=a->a_vals[0];
              if (homedir.bv_val[0]=='\0')
                     homedir=default_passwd_homeDirectory;
       }
       /* get the shell for this entry */
       a = attr_find(entry->e_attrs, cbp->mi->mi_attrs[SHL_KEY].an_desc);
       if (!a)
       {
              shell=default_passwd_loginShell;
       }
       else
       {
              if (a->a_numvals > 1)
              {
                     Debug(LDAP_DEBUG_ANY,"passwd entry %s contains multiple %s values\n",
                            entry->e_name.bv_val, cbp->mi->mi_attrs[SHL_KEY].an_desc->ad_cname.bv_val,0);
              }
              shell=a->a_vals[0];
              if (shell.bv_val[0]=='\0')
                     shell=default_passwd_loginShell;
       }
       /* write the entries */
       for (i=0;!BER_BVISNULL(&names[i]);i++)
       {
              if (!isvalidusername(&names[i]))
              {
                     Debug(LDAP_DEBUG_ANY,"nssov: passwd entry %s contains invalid user name: \"%s\"\n",
                            entry->e_name.bv_val,names[i].bv_val,0);
              }
              else
              {
                     for (j=0;!BER_BVISNULL(&uids[j]);j++)
                     {
                            char *tmp;
                            uid_t uid;
                            uid = strtol(uids[j].bv_val, &tmp, 0);
                            if ( *tmp ) {
                                   Debug(LDAP_DEBUG_ANY,"nssov: passwd entry %s contains non-numeric %s value: \"%s\"\n",
                                          entry->e_name.bv_val, cbp->mi->mi_attrs[UIDN_KEY].an_desc->ad_cname.bv_val,
                                          names[i].bv_val);
                                   continue;
                            }
                            WRITE_INT32(cbp->fp,NSLCD_RESULT_BEGIN);
                            WRITE_BERVAL(cbp->fp,&names[i]);
                            WRITE_BERVAL(cbp->fp,&passwd);
                            WRITE_TYPE(cbp->fp,uid,uid_t);
                            WRITE_TYPE(cbp->fp,gid,gid_t);
                            WRITE_BERVAL(cbp->fp,&gecos);
                            WRITE_BERVAL(cbp->fp,&homedir);
                            WRITE_BERVAL(cbp->fp,&shell);
                     }
              }
       }
       return 0;
}

Here is the call graph for this function:


Variable Documentation

all

Definition at line 428 of file passwd.c.

static struct berval = BER_BVC("(objectClass=posixAccount)") [static]

Definition at line 32 of file passwd.c.

cbp id bv_len = snprintf(cbp.buf,sizeof(cbp.buf),"%d",uid)

Definition at line 420 of file passwd.c.

Definition at line 417 of file passwd.c.

Definition at line 421 of file passwd.c.

filter = cbp.mi->mi_filter

Definition at line 435 of file passwd.c.

Definition at line 433 of file passwd.c.

Definition at line 422 of file passwd.c.