Print this page
2989 Eliminate use of LOGNAME_MAX in ON
1166 useradd have warning with name more 8 chars
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/head/nss_dbdefs.h
+++ new/usr/src/head/nss_dbdefs.h
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
|
↓ open down ↓ |
11 lines elided |
↑ open up ↑ |
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21 /*
22 + * Copyright (c) 2013 Gary Mills
23 + *
22 24 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 25 * Use is subject to license terms.
24 26 *
25 27 * Database-specific definitions for the getXXXbyYYY routines
26 28 * (e.g getpwuid_r(), ether_ntohost()) that use the name-service switch.
27 29 * Database-independent definitions are in <nss_common.h>
28 30 *
29 31 * Ideally, this is the only switch header file one would add things
30 32 * to in order to support a new database.
31 33 *
32 34 * NOTE: The interfaces documented in this file may change in a minor
33 35 * release. It is intended that in the future a stronger committment
34 36 * will be made to these interface definitions which will guarantee
35 37 * them across minor releases.
36 38 */
37 39
38 40 #ifndef _NSS_DBDEFS_H
39 41 #define _NSS_DBDEFS_H
40 42
41 43 #include <sys/types.h>
42 44 #include <unistd.h>
43 45 #include <errno.h>
44 46 #include <netdb.h> /* MAXALIASES, MAXADDRS */
45 47 #include <limits.h> /* LOGNAME_MAX */
46 48 #include <nss_common.h>
47 49
48 50 #ifdef __cplusplus
49 51 extern "C" {
50 52 #endif
51 53
52 54 #ifndef NSS_INCLUDE_UNSAFE
53 55 #define NSS_INCLUDE_UNSAFE 1 /* Build old, MT-unsafe interfaces, */
54 56 #endif /* NSS_INCLUDE_UNSAFE */ /* e.g. getpwnam (c.f. getpwnam_r) */
55 57
56 58 /*
57 59 * Names of the well-known databases.
58 60 */
59 61
60 62 #define NSS_DBNAM_ALIASES "aliases" /* E-mail aliases, that is */
61 63 #define NSS_DBNAM_AUTOMOUNT "automount"
62 64 #define NSS_DBNAM_BOOTPARAMS "bootparams"
63 65 #define NSS_DBNAM_ETHERS "ethers"
64 66 #define NSS_DBNAM_GROUP "group"
65 67 #define NSS_DBNAM_HOSTS "hosts"
66 68 #define NSS_DBNAM_IPNODES "ipnodes"
67 69 #define NSS_DBNAM_NETGROUP "netgroup"
68 70 #define NSS_DBNAM_NETMASKS "netmasks"
69 71 #define NSS_DBNAM_NETWORKS "networks"
70 72 #define NSS_DBNAM_PASSWD "passwd"
71 73 #define NSS_DBNAM_PRINTERS "printers"
72 74 #define NSS_DBNAM_PROJECT "project"
73 75 #define NSS_DBNAM_PROTOCOLS "protocols"
74 76 #define NSS_DBNAM_PUBLICKEY "publickey"
75 77 #define NSS_DBNAM_RPC "rpc"
76 78 #define NSS_DBNAM_SERVICES "services"
77 79 #define NSS_DBNAM_AUDITUSER "audit_user"
78 80 #define NSS_DBNAM_AUTHATTR "auth_attr"
79 81 #define NSS_DBNAM_EXECATTR "exec_attr"
80 82 #define NSS_DBNAM_PROFATTR "prof_attr"
81 83 #define NSS_DBNAM_USERATTR "user_attr"
82 84
83 85 #define NSS_DBNAM_TSOL_TP "tnrhtp"
84 86 #define NSS_DBNAM_TSOL_RH "tnrhdb"
85 87 #define NSS_DBNAM_TSOL_ZC "tnzonecfg"
86 88
87 89 /* getspnam() et al use the "passwd" config entry but the "shadow" backend */
88 90 #define NSS_DBNAM_SHADOW "shadow"
89 91
90 92 /* The "compat" backend gets config entries for these pseudo-databases */
91 93 #define NSS_DBNAM_PASSWD_COMPAT "passwd_compat"
92 94 #define NSS_DBNAM_GROUP_COMPAT "group_compat"
93 95
94 96 /*
95 97 * Default switch configuration, compiled into the front-ends.
96 98 *
97 99 * Absent good reasons to the contrary, this should be compatible with the
98 100 * default /etc/nsswitch.conf file.
99 101 */
100 102 #define NSS_FILES_ONLY "files"
101 103 #define NSS_FILES_NS "files nis"
102 104 #define NSS_NS_FALLBACK "nis [NOTFOUND=return] files"
103 105 #define NSS_NS_ONLY "nis"
104 106 #define NSS_TSOL_FALLBACK "files ldap"
105 107
106 108 #define NSS_DEFCONF_ALIASES NSS_FILES_NS
107 109 #define NSS_DEFCONF_AUTOMOUNT NSS_FILES_NS
108 110 #define NSS_DEFCONF_BOOTPARAMS NSS_NS_FALLBACK
109 111 #define NSS_DEFCONF_ETHERS NSS_NS_FALLBACK
110 112 #define NSS_DEFCONF_GROUP NSS_FILES_NS
111 113 #define NSS_DEFCONF_HOSTS NSS_NS_FALLBACK
112 114 #define NSS_DEFCONF_IPNODES NSS_NS_FALLBACK
113 115 #define NSS_DEFCONF_NETGROUP NSS_NS_ONLY
114 116 #define NSS_DEFCONF_NETMASKS NSS_NS_FALLBACK
115 117 #define NSS_DEFCONF_NETWORKS NSS_NS_FALLBACK
116 118 #define NSS_DEFCONF_PASSWD NSS_FILES_NS
117 119 #define NSS_DEFCONF_PRINTERS "user files nis"
118 120 #define NSS_DEFCONF_PROJECT NSS_FILES_NS
119 121 #define NSS_DEFCONF_PROTOCOLS NSS_NS_FALLBACK
120 122 #define NSS_DEFCONF_PUBLICKEY NSS_FILES_NS
121 123 #define NSS_DEFCONF_RPC NSS_NS_FALLBACK
122 124 #define NSS_DEFCONF_SERVICES NSS_FILES_NS /* speeds up byname() */
123 125
124 126 #define NSS_DEFCONF_GROUP_COMPAT NSS_NS_ONLY
125 127 #define NSS_DEFCONF_PASSWD_COMPAT NSS_NS_ONLY
126 128
127 129 #define NSS_DEFCONF_ATTRDB NSS_FILES_NS
128 130
129 131 #define NSS_DEFCONF_AUDITUSER NSS_DEFCONF_PASSWD
130 132 #define NSS_DEFCONF_USERATTR NSS_DEFCONF_PASSWD
131 133 #define NSS_DEFCONF_AUTHATTR NSS_DEFCONF_ATTRDB
132 134 #define NSS_DEFCONF_PROFATTR NSS_DEFCONF_ATTRDB
133 135 #define NSS_DEFCONF_EXECATTR NSS_DEFCONF_PROFATTR
134 136
135 137 #define NSS_DEFCONF_TSOL_TP NSS_TSOL_FALLBACK
136 138 #define NSS_DEFCONF_TSOL_RH NSS_TSOL_FALLBACK
137 139 #define NSS_DEFCONF_TSOL_ZC NSS_TSOL_FALLBACK
138 140
139 141 /*
140 142 * Line-lengths that the "files" and "compat" backends will try to support.
141 143 * It may be reasonable (even advisable) to use smaller values than these.
142 144 */
143 145
144 146 #define NSS_BUFSIZ 1024
145 147
146 148 #define NSS_LINELEN_GROUP ((NSS_BUFSIZ) * 8)
147 149 #define NSS_LINELEN_HOSTS ((NSS_BUFSIZ) * 8)
148 150 #define NSS_LINELEN_IPNODES ((NSS_BUFSIZ) * 8)
149 151 #define NSS_LINELEN_NETMASKS NSS_BUFSIZ
150 152 #define NSS_LINELEN_NETWORKS NSS_BUFSIZ
151 153 #define NSS_LINELEN_PASSWD NSS_BUFSIZ
152 154 #define NSS_LINELEN_PRINTERS NSS_BUFSIZ
153 155 #define NSS_LINELEN_PROJECT ((NSS_BUFSIZ) * 4)
154 156 #define NSS_LINELEN_PROTOCOLS NSS_BUFSIZ
155 157 #define NSS_LINELEN_PUBLICKEY NSS_BUFSIZ
156 158 #define NSS_LINELEN_RPC NSS_BUFSIZ
157 159 #define NSS_LINELEN_SERVICES NSS_BUFSIZ
158 160 #define NSS_LINELEN_SHADOW NSS_BUFSIZ
159 161 #define NSS_LINELEN_ETHERS NSS_BUFSIZ
160 162 #define NSS_LINELEN_BOOTPARAMS NSS_BUFSIZ
161 163
162 164 #define NSS_LINELEN_ATTRDB NSS_BUFSIZ
163 165
164 166 #define NSS_LINELEN_AUDITUSER NSS_LINELEN_ATTRDB
165 167 #define NSS_LINELEN_AUTHATTR NSS_LINELEN_ATTRDB
166 168 #define NSS_LINELEN_EXECATTR NSS_LINELEN_ATTRDB
167 169 #define NSS_LINELEN_PROFATTR NSS_LINELEN_ATTRDB
168 170 #define NSS_LINELEN_USERATTR NSS_LINELEN_ATTRDB
169 171
170 172 #define NSS_MMAPLEN_EXECATTR NSS_LINELEN_EXECATTR * 8
171 173
172 174 #define NSS_LINELEN_TSOL NSS_BUFSIZ
173 175
174 176 #define NSS_LINELEN_TSOL_TP NSS_LINELEN_TSOL
175 177 #define NSS_LINELEN_TSOL_RH NSS_LINELEN_TSOL
176 178 #define NSS_LINELEN_TSOL_ZC NSS_LINELEN_TSOL
177 179
178 180 /*
179 181 * Reasonable defaults for 'buflen' values passed to _r functions. The BSD
180 182 * and SunOS 4.x implementations of the getXXXbyYYY() functions used hard-
|
↓ open down ↓ |
149 lines elided |
↑ open up ↑ |
181 183 * coded array sizes; the values here are meant to handle anything that
182 184 * those implementations handled.
183 185 * === These might more reasonably go in <pwd.h>, <netdb.h> et al
184 186 */
185 187
186 188 #define NSS_BUFLEN_GROUP NSS_LINELEN_GROUP
187 189 #define NSS_BUFLEN_HOSTS \
188 190 (NSS_LINELEN_HOSTS + (MAXALIASES + MAXADDRS + 2) * sizeof (char *))
189 191 #define NSS_BUFLEN_IPNODES \
190 192 (NSS_LINELEN_IPNODES + (MAXALIASES + MAXADDRS + 2) * sizeof (char *))
193 +#ifdef LOGNAME_MAX_ILLUMOS
194 +#define NSS_BUFLEN_NETGROUP (MAXHOSTNAMELEN * 2 + LOGNAME_MAX_ILLUMOS + 3)
195 +#else /* LOGNAME_MAX_ILLUMOS */
191 196 #define NSS_BUFLEN_NETGROUP (MAXHOSTNAMELEN * 2 + LOGNAME_MAX + 3)
197 +#endif /* LOGNAME_MAX_ILLUMOS */
192 198 #define NSS_BUFLEN_NETWORKS NSS_LINELEN_NETWORKS /* === ? + 35 * 4 */
193 199 #define NSS_BUFLEN_PASSWD NSS_LINELEN_PASSWD
194 200 #define NSS_BUFLEN_PROJECT (NSS_LINELEN_PROJECT + 800 * sizeof (char *))
195 201 #define NSS_BUFLEN_PROTOCOLS NSS_LINELEN_PROTOCOLS /* === ? + 35 * 4 */
196 202 #define NSS_BUFLEN_PUBLICKEY NSS_LINELEN_PUBLICKEY
197 203 #define NSS_BUFLEN_RPC NSS_LINELEN_RPC /* === ? + 35 * 4 */
198 204 #define NSS_BUFLEN_SERVICES NSS_LINELEN_SERVICES /* === ? + 35 * 4 */
199 205 #define NSS_BUFLEN_SHADOW NSS_LINELEN_SHADOW
200 206 #define NSS_BUFLEN_ETHERS NSS_LINELEN_ETHERS
201 207 #define NSS_BUFLEN_BOOTPARAMS NSS_LINELEN_BOOTPARAMS
202 208
203 209 #define NSS_BUFLEN_ATTRDB NSS_LINELEN_ATTRDB
204 210
205 211 #define NSS_BUFLEN_AUDITUSER NSS_BUFLEN_ATTRDB
206 212 #define NSS_BUFLEN_AUTHATTR NSS_BUFLEN_ATTRDB
207 213 #define NSS_BUFLEN_EXECATTR NSS_BUFLEN_ATTRDB
208 214 #define NSS_BUFLEN_PROFATTR NSS_BUFLEN_ATTRDB
209 215 #define NSS_BUFLEN_USERATTR ((NSS_BUFLEN_ATTRDB) * 8)
210 216
211 217 #define NSS_BUFLEN_TSOL NSS_LINELEN_TSOL
212 218 #define NSS_BUFLEN_TSOL_TP NSS_BUFLEN_TSOL
213 219 #define NSS_BUFLEN_TSOL_RH NSS_BUFLEN_TSOL
214 220 #define NSS_BUFLEN_TSOL_ZC NSS_BUFLEN_TSOL
215 221
216 222 /*
217 223 * Default cache door buffer size (2x largest buffer)
218 224 */
219 225
220 226 #define NSS_BUFLEN_DOOR ((NSS_BUFSIZ) * 16)
221 227
222 228 /*
223 229 * Arguments and results, passed between the frontends and backends for
224 230 * the well-known databases. The getXbyY_r() and getXent_r() routines
225 231 * use a common format that is further described below; other routines
226 232 * use their own formats.
227 233 */
228 234
229 235 /*
230 236 * The nss_str2ent_t routine is the data marshaller for the nsswitch.
231 237 * it converts 'native files' format into 'entry' format as part of the
232 238 * return processing for a getXbyY interface.
233 239 *
234 240 * The nss_groupstr_t routine does the real work for any backend
235 241 * that can supply a netgroup entry as a string in /etc/group format
236 242 */
237 243 #if defined(__STDC__)
238 244 typedef int (*nss_str2ent_t)(const char *in, int inlen,
239 245 void *ent, char *buf, int buflen);
240 246
241 247 struct nss_groupsbymem; /* forward definition */
242 248 typedef nss_status_t (*nss_groupstr_t)(const char *instr, int inlen,
243 249 struct nss_groupsbymem *);
244 250 #else
245 251 typedef int (*nss_str2ent_t)();
246 252 typedef nss_status_t (*nss_groupstr_t)();
247 253 #endif
248 254
249 255 /*
250 256 * The initgroups() function [see initgroups(3c)] needs to find all the
251 257 * groups to which a given user belongs. To do this it calls
252 258 * _getgroupsbymember(), which is part of the frontend for the "group"
253 259 * database.
254 260 * We want the same effect as if we used getgrent_r() to enumerate the
255 261 * entire groups database (possibly from multiple sources), but getgrent_r()
256 262 * is too inefficient. Most backends can do better if they know they're
257 263 * meant to scan all groups; hence there's a separate backend operation,
258 264 * NSS_DBOP_GROUP_BYMEMBER, which uses the nss_groupsbymem struct.
259 265 * Note that the normal return-value from such a backend, even when it
260 266 * successfully finds matching group entries, is NSS_NOTFOUND, because
261 267 * this tells the switch engine to keep searching in any more sources.
262 268 * In fact, the backends only return NSS_SUCCESS if they find enough
263 269 * matching entries that the gid_array is completely filled, in which
264 270 * case the switch engine should stop searching.
265 271 * If the force_slow_way field is set, the backend should eschew any cached
266 272 * information (e.g. the YP netid.byname map or the NIS+ cred.org_dir table)
267 273 * and should instead grind its way through the group map/table/whatever.
268 274 */
269 275
270 276 struct nss_groupsbymem { /* For _getgroupsbymember() */
271 277 /* in: */
272 278 const char *username;
273 279 gid_t *gid_array;
274 280 int maxgids;
275 281 int force_slow_way;
276 282 nss_str2ent_t str2ent;
277 283 nss_groupstr_t process_cstr;
278 284
279 285 /* in_out: */
280 286 int numgids;
281 287 };
282 288
283 289 /*
284 290 * The netgroup routines are handled as follows:
285 291 *
286 292 * Policy decision:
287 293 * If netgroup A refers to netgroup B, both must occur in the same
288 294 * source (other choices give very confusing semantics). This
289 295 * assumption is deeply embedded in the frontend and backends.
290 296 *
291 297 * - setnetgrent(), despite its name, is really a getXXXbyYYY operation:
292 298 * it takes a name and finds a netgroup with that name (see the
293 299 * nss_setnetgrent_args struct below). The "result" that it returns
294 300 * to the frontend is an nss_backend_t for a pseudo-backend that allows
295 301 * one to enumerate the members of that netgroup.
296 302 *
297 303 * - getnetgrent() calls the 'getXXXent' function in the pseudo-backend;
298 304 * it doesn't go through the switch engine at all. It uses the
299 305 * nss_getnetgrent_args struct below.
300 306 *
301 307 * - innetgr() is implemented on top of __multi_innetgr(), which replaces
302 308 * each (char *) argument of innetgr() with a counted vector of (char *).
303 309 * The semantics are the same as an OR of the results of innetgr()
304 310 * operations on each possible 4-tuple picked from the arguments, but
305 311 * it's possible to implement some cases more efficiently. This is
306 312 * important for mountd, which used to read YP netgroup.byhost directly
307 313 * in order to determine efficiently whether a given host belonged to any
308 314 * one of a long list of netgroups. Wildcarded arguments are indicated
309 315 * by a count of zero.
310 316 *
311 317 * - __multi_innetgr() uses the nss_innetgr_args struct. A backend whose
312 318 * source contains at least one of the groups listed in the 'groups'
313 319 * vector will return NSS_SUCCESS and will set the 'status' field to
314 320 * indicate whether any 4-tuple was satisfied. A backend will only
315 321 * return NSS_NOTFOUND if the source contained none of the groups
316 322 * listed in the 'groups' vector.
317 323 */
318 324
319 325 enum nss_netgr_argn { /* We need (machine, user, domain) triples */
320 326 NSS_NETGR_MACHINE = 0,
321 327 NSS_NETGR_USER = 1,
322 328 NSS_NETGR_DOMAIN = 2,
323 329 NSS_NETGR_N = 3
324 330 };
325 331
326 332 enum nss_netgr_status { /* Status from setnetgrent, multi_innetgr */
327 333 NSS_NETGR_FOUND = 0,
328 334 NSS_NETGR_NO = 1,
329 335 NSS_NETGR_NOMEM = 2
330 336 };
331 337
332 338 struct nss_setnetgrent_args {
333 339 /* in: */
334 340 const char *netgroup;
335 341 /* out: */
336 342 nss_backend_t *iterator; /* <==== Explain */
337 343 };
338 344
339 345 struct nss_getnetgrent_args {
340 346 /* in: */
341 347 char *buffer;
342 348 int buflen;
343 349 /* out: */
344 350 enum nss_netgr_status status;
345 351 char *retp[NSS_NETGR_N];
346 352 };
347 353
348 354 typedef unsigned nss_innetgr_argc; /* 0 means wildcard */
349 355 typedef char ** nss_innetgr_argv; /* === Do we really need these? */
350 356
351 357 struct nss_innetgr_1arg {
352 358 nss_innetgr_argc argc;
353 359 nss_innetgr_argv argv;
354 360 };
355 361
356 362 struct nss_innetgr_args {
357 363 /* in: */
358 364 struct nss_innetgr_1arg arg[NSS_NETGR_N];
359 365 struct nss_innetgr_1arg groups;
360 366 /* out: */
361 367 enum nss_netgr_status status;
362 368 };
363 369
364 370 /*
365 371 * nss_XbyY_buf_t -- structure containing the generic arguments passwd to
366 372 * getXXXbyYYY_r() and getXXXent_r() routines. The (void *) value points to
367 373 * a struct of the appropriate type, e.g. struct passwd or struct hostent.
368 374 *
369 375 * The functions that allocate and free these structures do no locking at
370 376 * all, since the routines that use them are inherently MT-unsafe anyway.
371 377 */
372 378
373 379 typedef struct {
374 380 void *result; /* "result" parameter to getXbyY_r() */
375 381 char *buffer; /* "buffer" " " */
376 382 int buflen; /* "buflen" " " */
377 383 } nss_XbyY_buf_t;
378 384
379 385 #if defined(__STDC__)
380 386 extern nss_XbyY_buf_t *_nss_XbyY_buf_alloc(int struct_size, int buffer_size);
381 387 extern void _nss_XbyY_buf_free(nss_XbyY_buf_t *);
382 388 #else
383 389 extern nss_XbyY_buf_t *_nss_XbyY_buf_alloc();
384 390 extern void _nss_XbyY_buf_free();
385 391 #endif
386 392
387 393 #define NSS_XbyY_ALLOC(bufpp, str_size, buf_size) (\
388 394 (*bufpp) == 0 \
389 395 ? (*bufpp) = _nss_XbyY_buf_alloc(str_size, buf_size) \
390 396 : (*bufpp))
391 397
392 398 #define NSS_XbyY_FREE(bufpp) (_nss_XbyY_buf_free(*bufpp), (*bufpp) = 0)
393 399
394 400 /*
395 401 * The nss_XbyY_args_t struct contains all the information passed between
396 402 * frontends and backends for the getXbyY_r() and getXent() routines,
397 403 * including an nss_XbyY_buf_t and the lookup key (unused for getXXXent_r).
398 404 *
399 405 * The (*str2ent)() member converts a single XXXent from ASCII text to the
400 406 * appropriate struct, storing any pointer data (strings, in_addrs, arrays
401 407 * of these) in the buffer. The ASCII text is a counted string (*not* a
402 408 * zero-terminated string) whose length is specified by the instr_len
403 409 * parameter. The text is found at the address specified by instr and
404 410 * the string is treated as readonly. buffer and instr must be non-
405 411 * intersecting memory areas.
406 412 *
407 413 * With the exception of passwd, shadow and group, the text form for these
408 414 * databases allows trailing comments and arbitrary whitespace. The
409 415 * corresponding str2ent routine assumes that comments, leading whitespace
410 416 * and trailing whitespace have been stripped (and thus assumes that entries
411 417 * consisting only of these have been discarded).
412 418 *
413 419 * The text entries for "rpc" and for the databases described in <netdb.h>
414 420 * follow a common format (a canonical name with a possibly empty list
415 421 * of aliases, and some other value), albeit with minor variations.
416 422 * The function _nss_netdb_aliases() does most of the generic work involved
417 423 * in parsing and marshalling these into the buffer.
418 424 */
419 425
420 426 typedef union nss_XbyY_key { /* No tag; backend should know what to expect */
421 427 uid_t uid;
422 428 gid_t gid;
423 429 projid_t projid;
424 430 const char *name;
425 431 int number;
426 432 struct {
427 433 int net;
428 434 int type;
429 435 } netaddr;
430 436 struct {
431 437 const char *addr;
432 438 int len;
433 439 int type;
434 440 } hostaddr;
435 441 struct {
436 442 union {
437 443 const char *name;
438 444 int port;
439 445 } serv;
440 446 const char *proto;
441 447 } serv;
442 448 void *ether;
443 449 struct {
444 450 const char *name;
445 451 const char *keytype;
446 452 } pkey;
447 453 struct {
448 454 const char *name;
449 455 int af_family;
450 456 int flags;
451 457 } ipnode;
452 458 void *attrp; /* for the new attr databases */
453 459 } nss_XbyY_key_t;
454 460
455 461
456 462 #if defined(__STDC__)
457 463 typedef int (*nss_key2str_t)(void *buffer, size_t buflen,
458 464 nss_XbyY_key_t *key, size_t *len);
459 465 #else
460 466 typedef int (*nss_key2str_t)();
461 467 #endif
462 468
463 469
464 470 typedef struct nss_XbyY_args {
465 471
466 472 /* IN */
467 473 nss_XbyY_buf_t buf;
468 474 int stayopen;
469 475 /*
470 476 * Support for setXXXent(stayopen)
471 477 * Used only in hosts, protocols,
472 478 * networks, rpc, and services.
473 479 */
474 480 nss_str2ent_t str2ent;
475 481 union nss_XbyY_key key;
476 482
477 483 /* OUT */
478 484 void *returnval;
479 485 int erange;
480 486 int h_errno; /* For gethost*_r() */
481 487 nss_status_t status; /* from the backend last called */
482 488 /* NSS2 */
483 489 nss_key2str_t key2str; /* IN */
484 490 size_t returnlen; /* OUT */
485 491
486 492 /* NSCD/DOOR data */
487 493
488 494 /* ... buffer arena follows... */
489 495 } nss_XbyY_args_t;
490 496
491 497
492 498
493 499 /*
494 500 * nss/nscd v2 interface, packed buffer format
495 501 *
496 502 * A key component of the v2 name service switch is the redirection
497 503 * of all activity to nscd for actual processing. In the original
498 504 * switch most activity took place in each application, and the nscd
499 505 * cache component was an add-on optional interface.
500 506 *
501 507 * The nscd v1 format was a completely private interface that
502 508 * implemented specific bufferiing formats on a per getXbyY API basis.
503 509 *
504 510 * The nss/nscd v2 interface uses a common header and commonalizes
505 511 * the buffering format as consistently as possible. The general rule
506 512 * of thumb is that backends are required to assemble their results in
507 513 * "files based" format [IE the format used on a per result basis as
508 514 * returned by the files backend] and then call the standard str2ent
509 515 * interface. This is the original intended design as used in the files
510 516 * and nis backends.
511 517 *
512 518 * The benefit of this is that the application side library can assemble
513 519 * a request and provide a header and a variable length result buffer via
514 520 * a doors API, and then the nscd side switch can assemble a a getXbyY
515 521 * request providing the result buffer and a str2ent function that copies
516 522 * but does not unpack the result.
517 523 *
518 524 * This results is returned back via the door, and unpacked using the
519 525 * native library side str2ent interface.
520 526 *
521 527 * Additionally, the common header allows extensibility to add new
522 528 * getXbyYs, putXbyYs or other maintenance APIs to/from nscd without
523 529 * changing the existing "old style" backend interfaces.
524 530 *
525 531 * Finally new style getXbyY, putXbyY and backend interfaces can be
526 532 * by adding new operation requests to the header, while old style
527 533 * backwards compatability.
528 534 */
529 535
530 536 /*
531 537 * nss/nscd v2 callnumber definitions
532 538 */
533 539
534 540 /*
535 541 * callnumbers are separated by categories, such as:
536 542 * application to nscd requests, nscd to nscd requests,
537 543 * smf to nscd requests, etc.
538 544 */
539 545
540 546 #define NSCDV2CATMASK (0xFF000000)
541 547 #define NSCDV2CALLMASK (0x00FFFFFF)
542 548
543 549 /*
544 550 * nss/nscd v2 categories
545 551 */
546 552
547 553 #define NSCD_CALLCAT_APP ('a'<<24)
548 554 #define NSCD_CALLCAT_N2N ('n'<<24)
549 555
550 556 /* nscd v2 app-> nscd callnumbers */
551 557
552 558 #define NSCD_SEARCH (NSCD_CALLCAT_APP|0x01)
553 559 #define NSCD_SETENT (NSCD_CALLCAT_APP|0x02)
554 560 #define NSCD_GETENT (NSCD_CALLCAT_APP|0x03)
555 561 #define NSCD_ENDENT (NSCD_CALLCAT_APP|0x04)
556 562 #define NSCD_PUT (NSCD_CALLCAT_APP|0x05)
557 563 #define NSCD_GETHINTS (NSCD_CALLCAT_APP|0x06)
558 564
559 565 /* nscd v2 SETENT cookie markers */
560 566
561 567 #define NSCD_NEW_COOKIE 0
562 568 #define NSCD_LOCAL_COOKIE 1
563 569
564 570 /* nscd v2 header revision */
565 571 /* treated as 0xMMMMmmmm MMMM - Major Rev, mmmm - Minor Rev */
566 572
567 573 #define NSCD_HEADER_REV 0x00020000
568 574
569 575 /*
570 576 * ptr/uint data type used to calculate shared nscd buffer struct sizes
571 577 * sizes/offsets are arbitrarily limited to 32 bits for 32/64 compatibility
572 578 * datatype is 64 bits for possible pointer storage and future use
573 579 */
574 580
575 581 typedef uint64_t nssuint_t;
576 582
577 583 /*
578 584 * nscd v2 buffer layout overview
579 585 *
580 586 * The key interface to nscd moving forward is the doors interface
581 587 * between applications and nscd (NSCD_CALLCAT_APP), and nscd and
582 588 * it's children (NSCD_CALLCAT_N2N).
583 589 *
584 590 * Regardless of the interface used, the buffer layout is consistent.
585 591 * The General Layout is:
586 592 * [nss_pheader_t][IN key][OUT data results]{extend results}
587 593 *
588 594 * The header (nss_pheader_t) remains constant.
589 595 * Keys and key layouts vary between call numbers/requests
590 596 * NSCD_CALLCAT_APP use key layouts mimics/defines in nss_dbdefs.h
591 597 * NSCD_CALLCAT_NSN use layouts defined by nscd headers
592 598 * Data and data results vary between results
593 599 * NSCD_CALLCAT_APP return "file standard format" output buffers
594 600 * NSCD_CALLCAT_NSN return data defined by nscd headers
595 601 * extended results are optional and vary
596 602 *
597 603 */
598 604
599 605 /*
600 606 * nss_pheader_t -- buffer header structure that contains switch data
601 607 * "packed" by the client into a buffer suitable for transport over
602 608 * nscd's door, and that can be unpacked into a native form within
603 609 * nscd's switch. Capable of packing and unpacking data ans results.
604 610 *
605 611 * NSCD_HEADER_REV: 0x00020000 16 x uint64 = (128 byte header)
606 612 */
607 613
608 614 typedef struct {
609 615 uint32_t nsc_callnumber; /* packed buffer request */
610 616 uint32_t nss_dbop; /* old nss dbop */
611 617 uint32_t p_ruid; /* real uid */
612 618 uint32_t p_euid; /* effective uid */
613 619 uint32_t p_version; /* 0xMMMMmmmm Major/minor */
614 620 uint32_t p_status; /* nss_status_t */
615 621 uint32_t p_errno; /* errno */
616 622 uint32_t p_herrno; /* h_errno */
617 623 nssuint_t libpriv; /* reserved (for lib/client) */
618 624 nssuint_t pbufsiz; /* buffer size */
619 625 nssuint_t dbd_off; /* IN: db desc off */
620 626 nssuint_t dbd_len; /* IN: db desc len */
621 627 nssuint_t key_off; /* IN: key off */
622 628 nssuint_t key_len; /* IN: key len */
623 629 nssuint_t data_off; /* OUT: data off */
624 630 nssuint_t data_len; /* OUT: data len */
625 631 nssuint_t ext_off; /* OUT: extended results off */
626 632 nssuint_t ext_len; /* OUT: extended results len */
627 633 nssuint_t nscdpriv; /* reserved (for nscd) */
628 634 nssuint_t reserved1; /* reserved (TBD) */
629 635 } nss_pheader_t;
630 636
631 637 /*
632 638 * nss_pnetgr_t -- packed offset structure for holding keys used
633 639 * by innetgr (__multi_innetgr) key
634 640 * Key format is:
635 641 * nss_pnetgr_t
636 642 * (nssuint_t)[machine_argc] offsets to strings
637 643 * (nssuint_t)[user_argc] offsets to strings
638 644 * (nssuint_t)[domain_argc] offsets to strings
639 645 * (nssuint_t)[groups_argc] offsets to strings
640 646 * machine,user,domain,groups strings
641 647 */
642 648
643 649 typedef struct {
644 650 uint32_t machine_argc;
645 651 uint32_t user_argc;
646 652 uint32_t domain_argc;
647 653 uint32_t groups_argc;
648 654 nssuint_t machine_offv;
649 655 nssuint_t user_offv;
650 656 nssuint_t domain_offv;
651 657 nssuint_t groups_offv;
652 658 } nss_pnetgr_t;
653 659
654 660
655 661 /* status returned by the str2ent parsing routines */
656 662 #define NSS_STR_PARSE_SUCCESS 0
657 663 #define NSS_STR_PARSE_PARSE 1
658 664 #define NSS_STR_PARSE_ERANGE 2
659 665
660 666 #define NSS_XbyY_INIT(str, res, bufp, len, func) (\
661 667 (str)->buf.result = (res), \
662 668 (str)->buf.buffer = (bufp), \
663 669 (str)->buf.buflen = (len), \
664 670 (str)->stayopen = 0, \
665 671 (str)->str2ent = (func), \
666 672 (str)->key2str = NULL, \
667 673 (str)->returnval = 0, \
668 674 (str)->returnlen = 0, \
669 675 (str)->h_errno = 0, \
670 676 (str)->erange = 0)
671 677
672 678 #define NSS_XbyY_INIT_EXT(str, res, bufp, len, func, kfunc) (\
673 679 (str)->buf.result = (res), \
674 680 (str)->buf.buffer = (bufp), \
675 681 (str)->buf.buflen = (len), \
676 682 (str)->stayopen = 0, \
677 683 (str)->str2ent = (func), \
678 684 (str)->key2str = (kfunc), \
679 685 (str)->returnval = 0, \
680 686 (str)->returnlen = 0, \
681 687 (str)->h_errno = 0, \
682 688 (str)->erange = 0)
683 689
684 690 #define NSS_XbyY_FINI(str) (\
685 691 (str)->returnval == 0 && (str)->erange && (errno = ERANGE), \
686 692 (str)->returnval)
687 693
688 694 #define NSS_PACKED_CRED_CHECK(buf, ruid, euid) (\
689 695 ((nss_pheader_t *)(buf))->p_ruid == (ruid) && \
690 696 ((nss_pheader_t *)(buf))->p_euid == (euid))
691 697
692 698 #if defined(__STDC__)
693 699 extern char **_nss_netdb_aliases(const char *, int, char *, int);
694 700 extern nss_status_t nss_default_key2str(void *, size_t, nss_XbyY_args_t *,
695 701 const char *, int, size_t *);
696 702 extern nss_status_t nss_packed_arg_init(void *, size_t, nss_db_root_t *,
697 703 nss_db_initf_t *, int *,
698 704 nss_XbyY_args_t *);
699 705 extern nss_status_t nss_packed_context_init(void *, size_t, nss_db_root_t *,
700 706 nss_db_initf_t *, nss_getent_t **,
701 707 nss_XbyY_args_t *);
702 708 extern void nss_packed_set_status(void *, size_t, nss_status_t,
703 709 nss_XbyY_args_t *);
704 710 extern nss_status_t nss_packed_getkey(void *, size_t, char **, int *,
705 711 nss_XbyY_args_t *);
706 712 #else
707 713 extern char **_nss_netdb_aliases();
708 714 extern int nss_default_key2str();
709 715 extern nss_status_t nss_packed_arg_init();
710 716 extern nss_status_t nss_packed_context_init();
711 717 extern void nss_packed_set_status();
712 718 extern nss_status_t nss_packed_getkey();
713 719 #endif
714 720
715 721 /*
716 722 * nss_dbop_t values for searches with various keys; values for
717 723 * destructor/endent/setent/getent are defined in <nss_common.h>
718 724 */
719 725
720 726 /*
721 727 * These are part of the "Over the wire" IE app->nscd getXbyY
722 728 * op for well known getXbyY's. Cannot use NSS_DBOP_X_Y directly
723 729 * because NSS_DBOP_next_iter is NOT an incrementing counter value
724 730 * it's a starting offset into an array value.
725 731 */
726 732
727 733 #define NSS_DBOP_X(x) ((x)<<16)
728 734 #define NSS_DBOP_XY(x, y) ((x)|(y))
729 735
730 736 #define NSS_DBOP_ALIASES NSS_DBOP_X(1)
731 737 #define NSS_DBOP_AUTOMOUNT NSS_DBOP_X(2)
732 738 #define NSS_DBOP_BOOTPARAMS NSS_DBOP_X(3)
733 739 #define NSS_DBOP_ETHERS NSS_DBOP_X(4)
734 740 #define NSS_DBOP_GROUP NSS_DBOP_X(5)
735 741 #define NSS_DBOP_HOSTS NSS_DBOP_X(6)
736 742 #define NSS_DBOP_IPNODES NSS_DBOP_X(7)
737 743 #define NSS_DBOP_NETGROUP NSS_DBOP_X(8)
738 744 #define NSS_DBOP_NETMASKS NSS_DBOP_X(9)
739 745 #define NSS_DBOP_NETWORKS NSS_DBOP_X(10)
740 746 #define NSS_DBOP_PASSWD NSS_DBOP_X(11)
741 747 #define NSS_DBOP_PRINTERS NSS_DBOP_X(12)
742 748 #define NSS_DBOP_PROJECT NSS_DBOP_X(13)
743 749 #define NSS_DBOP_PROTOCOLS NSS_DBOP_X(14)
744 750 #define NSS_DBOP_PUBLICKEY NSS_DBOP_X(15)
745 751 #define NSS_DBOP_RPC NSS_DBOP_X(16)
746 752 #define NSS_DBOP_SERVICES NSS_DBOP_X(17)
747 753 #define NSS_DBOP_AUDITUSER NSS_DBOP_X(18)
748 754 #define NSS_DBOP_AUTHATTR NSS_DBOP_X(19)
749 755 #define NSS_DBOP_EXECATTR NSS_DBOP_X(20)
750 756 #define NSS_DBOP_PROFATTR NSS_DBOP_X(21)
751 757 #define NSS_DBOP_USERATTR NSS_DBOP_X(22)
752 758
753 759 #define NSS_DBOP_GROUP_BYNAME (NSS_DBOP_next_iter)
754 760 #define NSS_DBOP_GROUP_BYGID (NSS_DBOP_GROUP_BYNAME + 1)
755 761 #define NSS_DBOP_GROUP_BYMEMBER (NSS_DBOP_GROUP_BYGID + 1)
756 762
757 763 #define NSS_DBOP_PASSWD_BYNAME (NSS_DBOP_next_iter)
758 764 #define NSS_DBOP_PASSWD_BYUID (NSS_DBOP_PASSWD_BYNAME + 1)
759 765
760 766 /* The "compat" backend requires that PASSWD_BYNAME == SHADOW_BYNAME */
761 767 /* (it also requires that both use key.name to pass the username). */
762 768 #define NSS_DBOP_SHADOW_BYNAME (NSS_DBOP_PASSWD_BYNAME)
763 769
764 770 #define NSS_DBOP_PROJECT_BYNAME (NSS_DBOP_next_iter)
765 771 #define NSS_DBOP_PROJECT_BYID (NSS_DBOP_PROJECT_BYNAME + 1)
766 772
767 773 #define NSS_DBOP_HOSTS_BYNAME (NSS_DBOP_next_iter)
768 774 #define NSS_DBOP_HOSTS_BYADDR (NSS_DBOP_HOSTS_BYNAME + 1)
769 775
770 776 #define NSS_DBOP_IPNODES_BYNAME (NSS_DBOP_next_iter)
771 777 #define NSS_DBOP_IPNODES_BYADDR (NSS_DBOP_IPNODES_BYNAME + 1)
772 778
773 779 /*
774 780 * NSS_DBOP_NAME_2ADDR
775 781 * NSS_DBOP_ADDR_2NAME
776 782 * : are defines for ipv6 api's
777 783 */
778 784
779 785 #define NSS_DBOP_NAME_2ADDR (NSS_DBOP_next_ipv6_iter)
780 786 #define NSS_DBOP_ADDR_2NAME (NSS_DBOP_NAME_2ADDR + 1)
781 787
782 788 #define NSS_DBOP_RPC_BYNAME (NSS_DBOP_next_iter)
783 789 #define NSS_DBOP_RPC_BYNUMBER (NSS_DBOP_RPC_BYNAME + 1)
784 790
785 791 #define NSS_DBOP_NETWORKS_BYNAME (NSS_DBOP_next_iter)
786 792 #define NSS_DBOP_NETWORKS_BYADDR (NSS_DBOP_NETWORKS_BYNAME + 1)
787 793
788 794 #define NSS_DBOP_SERVICES_BYNAME (NSS_DBOP_next_iter)
789 795 #define NSS_DBOP_SERVICES_BYPORT (NSS_DBOP_SERVICES_BYNAME + 1)
790 796
791 797 #define NSS_DBOP_PROTOCOLS_BYNAME (NSS_DBOP_next_iter)
792 798 #define NSS_DBOP_PROTOCOLS_BYNUMBER (NSS_DBOP_PROTOCOLS_BYNAME + 1)
793 799
794 800 #define NSS_DBOP_ETHERS_HOSTTON (NSS_DBOP_next_noiter)
795 801 #define NSS_DBOP_ETHERS_NTOHOST (NSS_DBOP_ETHERS_HOSTTON + 1)
796 802
797 803 #define NSS_DBOP_BOOTPARAMS_BYNAME (NSS_DBOP_next_noiter)
798 804 #define NSS_DBOP_NETMASKS_BYNET (NSS_DBOP_next_noiter)
799 805
800 806 #define NSS_DBOP_PRINTERS_BYNAME (NSS_DBOP_next_iter)
801 807
802 808 /*
803 809 * The "real" backend for netgroup (__multi_innetgr, setnetgrent)
804 810 */
805 811 #define NSS_DBOP_NETGROUP_IN (NSS_DBOP_next_iter)
806 812 #define NSS_DBOP_NETGROUP_SET (NSS_DBOP_NETGROUP_IN + 1)
807 813
808 814 /*
809 815 * The backend for getpublickey and getsecretkey (getkeys)
810 816 */
811 817 #define NSS_DBOP_KEYS_BYNAME (NSS_DBOP_next_iter)
812 818
813 819 /*
814 820 * The pseudo-backend for netgroup (returned by setnetgrent) doesn't have
815 821 * any getXXXbyYYY operations, just the usual destr/end/set/get ops,
816 822 * so needs no definitions here.
817 823 */
818 824
819 825 #define NSS_DBOP_ATTRDB_BYNAME (NSS_DBOP_next_iter)
820 826
821 827 #define NSS_DBOP_AUDITUSER_BYNAME NSS_DBOP_ATTRDB_BYNAME
822 828 #define NSS_DBOP_AUTHATTR_BYNAME NSS_DBOP_ATTRDB_BYNAME
823 829 #define NSS_DBOP_EXECATTR_BYNAME NSS_DBOP_ATTRDB_BYNAME
824 830 #define NSS_DBOP_EXECATTR_BYID (NSS_DBOP_EXECATTR_BYNAME + 1)
825 831 #define NSS_DBOP_EXECATTR_BYNAMEID (NSS_DBOP_EXECATTR_BYID + 1)
826 832 #define NSS_DBOP_PROFATTR_BYNAME NSS_DBOP_ATTRDB_BYNAME
827 833 #define NSS_DBOP_USERATTR_BYNAME NSS_DBOP_ATTRDB_BYNAME
828 834
829 835 #define NSS_DBOP_TSOL_TP_BYNAME (NSS_DBOP_next_iter)
830 836 #define NSS_DBOP_TSOL_RH_BYADDR (NSS_DBOP_next_iter)
831 837 #define NSS_DBOP_TSOL_ZC_BYNAME (NSS_DBOP_next_iter)
832 838
833 839 /*
834 840 * Used all over in the switch code. The best home for it I can think of.
835 841 * Power-of-two alignments only.
836 842 */
837 843 #define ROUND_DOWN(n, align) (((uintptr_t)n) & ~((align) - 1l))
838 844 #define ROUND_UP(n, align) ROUND_DOWN(((uintptr_t)n) + (align) - 1l, \
839 845 (align))
840 846
841 847 #ifdef __cplusplus
842 848 }
843 849 #endif
844 850
845 851 #endif /* _NSS_DBDEFS_H */
|
↓ open down ↓ |
644 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX