1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License, Version 1.0 only
   6  * (the "License").  You may not use this file except in compliance
   7  * with the License.
   8  *
   9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  10  * or http://www.opensolaris.org/os/licensing.
  11  * See the License for the specific language governing permissions
  12  * and limitations under the License.
  13  *
  14  * When distributing Covered Code, include this CDDL HEADER in each
  15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  16  * If applicable, add the following below this CDDL HEADER, with the
  17  * fields enclosed by brackets "[]" replaced with your own identifying
  18  * information: Portions Copyright [yyyy] [name of copyright owner]
  19  *
  20  * CDDL HEADER END
  21  */
  22 /*
  23  * Copyright 2015 Gary Mills
  24  * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
  25  * Use is subject to license terms.
  26  */
  27 
  28 #include <stdio.h>
  29 #include <string.h>
  30 #include <stdlib.h>
  31 #include <ctype.h>
  32 #include <fcntl.h>
  33 #include <unistd.h>
  34 #include <errno.h>
  35 #include <locale.h>
  36 #include <lber.h>
  37 #include <ldap.h>
  38 #include <syslog.h>
  39 #include <dlfcn.h>        /* for dynamic loading only */
  40 
  41 #include "ldap_parse.h"
  42 #include "nis_parse_ldap_conf.h"
  43 #include "nis_parse_ldap_err.h"
  44 #include "ldap_util.h"
  45 #include "ldap_util.h"
  46 
  47 void append_dot(char **str);
  48 void    append_comma(char **str);
  49 bool_t make_full_dn(char **dn, const char *base);
  50 bool_t make_fqdn(__nis_object_dn_t *dn, const char *base);
  51 char *get_default_ldap_base(const char *domain);
  52 bool_t add_domain(char **objName, const char *domain);
  53 bool_t add_column(__nis_table_mapping_t *t, const char *col_name);
  54 __nis_mapping_rule_t **dup_mapping_rules(
  55         __nis_mapping_rule_t **rules, int n_rules);
  56 __nis_mapping_rule_t *dup_mapping_rule(
  57         __nis_mapping_rule_t *in);
  58 void *s_malloc(size_t size);
  59 __nis_mapping_format_t *dup_format_mapping(
  60         __nis_mapping_format_t *in);
  61 bool_t dup_mapping_element(__nis_mapping_element_t *in,
  62         __nis_mapping_element_t *out);
  63 bool_t is_string_ok(char *, int);
  64 
  65 extern FILE *cons;
  66 
  67 /*
  68  * FUNCTION:    free_parse_structs
  69  *
  70  *      Release the resources in parse results
  71  *
  72  */
  73 
  74 void
  75 free_parse_structs()
  76 {
  77         __nis_table_mapping_t   *t;
  78         __nis_table_mapping_t   *t1;
  79 
  80         free_proxy_info(&proxyInfo);
  81         for (t = ldapTableMapping; t != NULL; t = t1) {
  82                 t1 = t->next;
  83                 free_table_mapping(t);
  84         }
  85         ldapTableMapping = NULL;
  86 }
  87 
  88 /*
  89  * FUNCTION:    initialize_parse_structs
  90  *
  91  *      Initialize fields to unset values
  92  *
  93  * INPUT:               __nis_ldap_proxy_info, __nis_config_t
  94  *                      and __nisdb_table_mapping_t structures
  95  */
  96 
  97 void
  98 initialize_parse_structs(
  99         __nis_ldap_proxy_info   *proxy_info,
 100         __nis_config_t          *config_info,
 101         __nisdb_table_mapping_t *table_info)
 102 {
 103         proxy_info->default_servers = NULL;
 104         proxy_info->auth_method = (auth_method_t)NO_VALUE_SET;
 105         proxy_info->tls_method = (tls_method_t)NO_VALUE_SET;
 106         proxy_info->tls_cert_db = NULL;
 107         proxy_info->default_search_base = NULL;
 108         proxy_info->proxy_dn = NULL;
 109         proxy_info->proxy_passwd = NULL;
 110         proxy_info->default_nis_domain = NULL;
 111         proxy_info->bind_timeout.tv_sec = (time_t)NO_VALUE_SET;
 112         proxy_info->bind_timeout.tv_usec = 0;
 113         proxy_info->search_timeout.tv_sec = (time_t)NO_VALUE_SET;
 114         proxy_info->search_timeout.tv_usec = 0;
 115         proxy_info->modify_timeout.tv_sec = (time_t)NO_VALUE_SET;
 116         proxy_info->modify_timeout.tv_usec = 0;
 117         proxy_info->add_timeout.tv_sec = (time_t)NO_VALUE_SET;
 118         proxy_info->add_timeout.tv_usec = 0;
 119         proxy_info->delete_timeout.tv_sec = (time_t)NO_VALUE_SET;
 120         proxy_info->delete_timeout.tv_usec = 0;
 121         proxy_info->search_time_limit = (int)NO_VALUE_SET;
 122         proxy_info->search_size_limit = (int)NO_VALUE_SET;
 123         proxy_info->follow_referral = (follow_referral_t)NO_VALUE_SET;
 124 
 125 
 126         config_info->initialUpdate = (__nis_initial_update_t)NO_VALUE_SET;
 127         config_info->threadCreationError =
 128                 (__nis_thread_creation_error_t)NO_VALUE_SET;
 129         config_info->threadCreationErrorTimeout.attempts = NO_VALUE_SET;
 130         config_info->threadCreationErrorTimeout.timeout = (time_t)NO_VALUE_SET;
 131         config_info->dumpError = (__nis_dump_error_t)NO_VALUE_SET;
 132         config_info->dumpErrorTimeout.attempts = NO_VALUE_SET;
 133         config_info->dumpErrorTimeout.timeout = (time_t)NO_VALUE_SET;
 134         config_info->resyncService = (__nis_resync_service_t)NO_VALUE_SET;
 135         config_info->updateBatching = (__nis_update_batching_t)NO_VALUE_SET;
 136         config_info->updateBatchingTimeout.timeout = (time_t)NO_VALUE_SET;
 137         config_info->numberOfServiceThreads = (int)NO_VALUE_SET;
 138         config_info->emulate_yp = (int)NO_VALUE_SET;
 139         config_info->maxRPCRecordSize = (int)NO_VALUE_SET;
 140 
 141         table_info->retrieveError = (__nis_retrieve_error_t)NO_VALUE_SET;
 142         table_info->retrieveErrorRetry.attempts = NO_VALUE_SET;
 143         table_info->retrieveErrorRetry.timeout = (time_t)NO_VALUE_SET;
 144         table_info->storeError = (__nis_store_error_t)NO_VALUE_SET;
 145         table_info->storeErrorRetry.attempts = NO_VALUE_SET;
 146         table_info->storeErrorRetry.timeout = (time_t)NO_VALUE_SET;
 147         table_info->refreshError = (__nis_refresh_error_t)NO_VALUE_SET;
 148         table_info->refreshErrorRetry.attempts = NO_VALUE_SET;
 149         table_info->refreshErrorRetry.timeout = (time_t)NO_VALUE_SET;
 150         table_info->matchFetch = (__nis_match_fetch_t)NO_VALUE_SET;
 151 }
 152 
 153 /*
 154  * FUNCTION:    free_mapping_rule
 155  *
 156  *      Frees __nis_mapping_rule_t
 157  *
 158  * INPUT:               __nis_mapping_rule_t
 159  */
 160 
 161 void
 162 free_mapping_rule(__nis_mapping_rule_t  *rule)
 163 {
 164         int                     i;
 165         __nis_mapping_rlhs_t    *r;
 166 
 167         if (rule != NULL) {
 168                 r = &rule->lhs;
 169                 for (i = 0; i < r->numElements; i++)
 170                         free_mapping_element(&r->element[i]);
 171                 if (r->element != NULL)
 172                         free(r->element);
 173 
 174                 r = &rule->rhs;
 175                 for (i = 0; i < r->numElements; i++)
 176                         free_mapping_element(&r->element[i]);
 177                 if (r->element != NULL)
 178                         free(r->element);
 179 
 180                 free(rule);
 181         }
 182 }
 183 
 184 /*
 185  * FUNCTION:    free_mapping_element
 186  *
 187  *      Frees __nis_mapping_element_t
 188  *
 189  * INPUT:               __nis_mapping_element_t
 190  */
 191 
 192 void
 193 free_mapping_element(__nis_mapping_element_t *e)
 194 {
 195         int     i;
 196 
 197         if (e == NULL)
 198                 return;
 199 
 200         switch (e->type) {
 201             case me_item:
 202                 free_mapping_item(&e->element.item);
 203                 break;
 204             case me_print:
 205                 if (e->element.print.fmt != NULL)
 206                         free_mapping_format(e->element.print.fmt);
 207                 e->element.print.fmt = NULL;
 208                 for (i = 0; i < e->element.print.numSubElements; i++)
 209                         free_mapping_sub_element(
 210                                 &e->element.print.subElement[i]);
 211                 e->element.print.numSubElements = 0;
 212                 if (e->element.print.subElement != NULL)
 213                         free(e->element.print.subElement);
 214                 e->element.print.subElement = NULL;
 215                 break;
 216             case me_split:
 217                 free_mapping_item(&e->element.split.item);
 218                 break;
 219             case me_match:
 220                 if (e->element.match.fmt != NULL)
 221                         free_mapping_format(e->element.match.fmt);
 222                 e->element.match.fmt = NULL;
 223                 for (i = 0; i < e->element.match.numItems; i++)
 224                         free_mapping_item(&e->element.match.item[i]);
 225                 e->element.match.numItems = 0;
 226                 if (e->element.match.item != NULL)
 227                     free(e->element.match.item);
 228                 e->element.match.item = NULL;
 229                 break;
 230             case me_extract:
 231                 if (e->element.extract.fmt != NULL)
 232                         free_mapping_format(e->element.extract.fmt);
 233                 e->element.extract.fmt = NULL;
 234                 free_mapping_item(&e->element.extract.item);
 235                 break;
 236         }
 237         e = NULL;
 238 }
 239 
 240 /*
 241  * FUNCTION:    free_table_mapping
 242  *
 243  *      Frees __nis_table_mapping_t
 244  *
 245  * INPUT:               __nis_table_mapping_t
 246  */
 247 
 248 /*
 249  * free_table_mapping does not remove the table mapping from
 250  * its hashed list
 251  */
 252 
 253 void
 254 free_table_mapping(__nis_table_mapping_t *mapping)
 255 {
 256         int     i;
 257 
 258         if (mapping == NULL)
 259                 return;
 260 
 261         if (mapping->dbId != NULL)
 262                 free(mapping->dbId);
 263         mapping->dbId = NULL;
 264 
 265         if (mapping->objName != NULL)
 266                 free(mapping->objName);
 267         mapping->objName = NULL;
 268 
 269         for (i = 0; i < mapping->index.numIndexes; i++) {
 270                 free(mapping->index.name[i]);
 271                 free_mapping_format(mapping->index.value[i]);
 272         }
 273 
 274         if (mapping->index.name != NULL)
 275                 free(mapping->index.name);
 276         mapping->index.name = NULL;
 277 
 278         if (mapping->index.value != NULL)
 279                 free(mapping->index.value);
 280         mapping->index.value = NULL;
 281 
 282         mapping->index.numIndexes = 0;
 283 
 284         if (mapping->column != NULL) {
 285                 for (i = 0; i < mapping->numColumns; i++) {
 286                         free(mapping->column[i]);
 287                 }
 288                 mapping->numColumns = 0;
 289                 free(mapping->column);
 290                 mapping->column = NULL;
 291         }
 292 
 293         if (mapping->commentChar != NULL)
 294                 mapping->commentChar = NULL;
 295 
 296         if (mapping->objectDN != NULL)
 297                 free_object_dn(mapping->objectDN);
 298         mapping->objectDN = NULL;
 299 
 300         if (mapping->separatorStr != NULL)
 301                 mapping->separatorStr = NULL;
 302 
 303         for (i = 0; i < mapping->numRulesFromLDAP; i++) {
 304                 if (mapping->ruleFromLDAP[i]) /* See Comment below */
 305                         free_mapping_rule(mapping->ruleFromLDAP[i]);
 306         }
 307         mapping->numRulesFromLDAP = 0;
 308 
 309         if (mapping->ruleFromLDAP != NULL)
 310                 free(mapping->ruleFromLDAP);
 311         mapping->ruleFromLDAP = NULL;
 312 
 313         for (i = 0; i < mapping->numRulesToLDAP; i++) {
 314                 if (mapping->ruleToLDAP[i])
 315                 /*
 316                  * Normally mapping->ruleToLDAP[i] should
 317                  * always be non-null if
 318                  * mapping->numRulesToLDAP is > 0.
 319                  * However it is possible to have data
 320                  * corruption where numRulesToLDAP gets
 321                  * some integer value even though no real
 322                  * data is present in mapping->ruleToLDAP.
 323                  */
 324                         free_mapping_rule(mapping->ruleToLDAP[i]);
 325         }
 326         mapping->numRulesToLDAP = 0;
 327 
 328         if (mapping->ruleToLDAP != NULL)
 329                 free(mapping->ruleToLDAP);
 330         mapping->ruleToLDAP = NULL;
 331 
 332         if (mapping->e != NULL) {
 333                 /* Similar logic as in above comment applies. */
 334                 for (i = 0; i <= mapping->numSplits; i++) {
 335                         free_mapping_element(&mapping->e[i]);
 336                 }
 337                 free(mapping->e);
 338         }
 339         mapping->e = NULL;
 340 
 341         mapping->numSplits = 0;
 342 
 343         free(mapping);
 344 }
 345 
 346 /*
 347  * FUNCTION:    free_config_info
 348  *
 349  *      Frees __nis_config_info_t
 350  *
 351  * INPUT:               __nis_config_info_t
 352  */
 353 
 354 void
 355 free_config_info(__nis_config_info_t *config_info)
 356 {
 357         if (config_info->config_dn != NULL)
 358                 free(config_info->config_dn);
 359         config_info->config_dn = NULL;
 360 
 361         if (config_info->default_servers != NULL)
 362                 free(config_info->default_servers);
 363         config_info->default_servers = NULL;
 364 
 365         if (config_info->proxy_dn != NULL)
 366                 free(config_info->proxy_dn);
 367         config_info->proxy_dn = NULL;
 368 
 369         if (config_info->proxy_passwd != NULL)
 370                 free(config_info->proxy_passwd);
 371         config_info->proxy_passwd = NULL;
 372 
 373         if (config_info->tls_cert_db != NULL)
 374                 free(config_info->tls_cert_db);
 375         config_info->tls_cert_db = NULL;
 376 }
 377 
 378 /*
 379  * FUNCTION:    free_proxy_info
 380  *
 381  *      Frees __nis_ldap_proxy_info
 382  *
 383  * INPUT:               __nis_ldap_proxy_info
 384  */
 385 
 386 void
 387 free_proxy_info(__nis_ldap_proxy_info *proxy_info)
 388 {
 389         if (proxy_info->tls_cert_db != NULL)
 390                 free(proxy_info->tls_cert_db);
 391         proxy_info->tls_cert_db = NULL;
 392 
 393         if (proxy_info->default_servers != NULL)
 394                 free(proxy_info->default_servers);
 395         proxy_info->default_servers = NULL;
 396 
 397         if (proxy_info->default_search_base != NULL)
 398                 free(proxy_info->default_search_base);
 399         proxy_info->default_search_base = NULL;
 400 
 401         if (proxy_info->proxy_dn != NULL)
 402                 free(proxy_info->proxy_dn);
 403         proxy_info->proxy_dn = NULL;
 404 
 405         if (proxy_info->proxy_passwd != NULL)
 406                 free(proxy_info->proxy_passwd);
 407         proxy_info->proxy_passwd = NULL;
 408 
 409         if (proxy_info->default_nis_domain != NULL)
 410                 free(proxy_info->default_nis_domain);
 411         proxy_info->default_nis_domain = NULL;
 412 }
 413 
 414 /*
 415  * FUNCTION:    free_object_dn
 416  *
 417  *      Frees __nis_object_dn_t
 418  *
 419  * INPUT:               __nis_object_dn_t
 420  */
 421 
 422 void
 423 free_object_dn(__nis_object_dn_t *obj_dn)
 424 {
 425         __nis_object_dn_t       *t;
 426         int                     i;
 427 
 428         while (obj_dn != NULL) {
 429                 if (obj_dn->read.base != NULL)
 430                         free(obj_dn->read.base);
 431                 obj_dn->read.base = NULL;
 432                 if (obj_dn->read.attrs != NULL)
 433                         free(obj_dn->read.attrs);
 434                 obj_dn->read.attrs = NULL;
 435                 if (obj_dn->write.base != NULL)
 436                         free(obj_dn->write.base);
 437                 obj_dn->write.base = NULL;
 438                 if (obj_dn->write.attrs != NULL)
 439                         free(obj_dn->write.attrs);
 440                 obj_dn->write.attrs = NULL;
 441                 if (obj_dn->dbIdName != NULL)
 442                         free(obj_dn->dbIdName);
 443                 obj_dn->dbIdName = NULL;
 444                 for (i = 0; i < obj_dn->numDbIds; i++)
 445                         free_mapping_rule(obj_dn->dbId[i]);
 446                 obj_dn->numDbIds = 0;
 447 
 448                 if (obj_dn->dbId != NULL)
 449                         free(obj_dn->dbId);
 450                 obj_dn->dbId = NULL;
 451 
 452                 t = obj_dn;
 453                 obj_dn = obj_dn->next;
 454                 free(t);
 455         }
 456 }
 457 
 458 /*
 459  * FUNCTION:    free_index
 460  *
 461  *      Frees __nis_index_t
 462  *
 463  * INPUT:               __nis_index_t
 464  */
 465 
 466 void
 467 free_index(__nis_index_t *index)
 468 {
 469         int     i;
 470         for (i = 0; i < index->numIndexes; i++) {
 471                 free(index->name[i]);
 472                 free_mapping_format(index->value[i]);
 473         }
 474         index->numIndexes = 0;
 475         if (index->name != NULL)
 476                 free(index->name);
 477         index->name = NULL;
 478         if (index->value != NULL)
 479                 free(index->value);
 480         index->value = NULL;
 481 }
 482 
 483 /*
 484  * FUNCTION:    free_mapping_item
 485  *
 486  *      Frees __nis_mapping_item_t
 487  *
 488  * INPUT:               __nis_mapping_item_t
 489  */
 490 
 491 void
 492 free_mapping_item(__nis_mapping_item_t  *item)
 493 {
 494         if (item == NULL)
 495                 return;
 496 
 497         if (item->name != NULL)
 498                 free(item->name);
 499         item->name = NULL;
 500         if (item->type == mit_nisplus) {
 501                 free_index(&item->searchSpec.obj.index);
 502                 if (item->searchSpec.obj.name != NULL)
 503                         free(item->searchSpec.obj.name);
 504                 item->searchSpec.obj.name = NULL;
 505         } else if (item->type == mit_ldap) {
 506                 if (item->searchSpec.triple.base != NULL)
 507                         free(item->searchSpec.triple.base);
 508                 item->searchSpec.triple.base = NULL;
 509                 if (item->searchSpec.triple.attrs != NULL)
 510                         free(item->searchSpec.triple.attrs);
 511                 item->searchSpec.triple.attrs = NULL;
 512                 if (item->searchSpec.triple.element != NULL) {
 513                         free_mapping_element(
 514                                 item->searchSpec.triple.element);
 515                         free(item->searchSpec.triple.element);
 516                 }
 517                 item->searchSpec.triple.element = NULL;
 518         }
 519         if (item->exItem != NULL) {
 520                 free_mapping_item(item->exItem);
 521                 free(item->exItem);
 522                 item->exItem = 0;
 523         }
 524 }
 525 
 526 /*
 527  * FUNCTION:    free_mapping_format
 528  *
 529  *      Frees __nis_mapping_format_t
 530  *
 531  * INPUT:               __nis_mapping_format_t
 532  */
 533 
 534 void
 535 free_mapping_format(__nis_mapping_format_t *fmt)
 536 {
 537         __nis_mapping_format_t *f = fmt;
 538 
 539         while (fmt->type != mmt_end) {
 540                 switch (fmt->type) {
 541                     case mmt_item:
 542                         break;
 543                     case mmt_string:
 544                         if (fmt->match.string != NULL)
 545                                 free(fmt->match.string);
 546                         fmt->match.string = NULL;
 547                         break;
 548                     case mmt_single:
 549                         if (fmt->match.single.lo != NULL)
 550                                 free(fmt->match.single.lo);
 551                         fmt->match.single.lo = NULL;
 552                         if (fmt->match.single.hi != NULL)
 553                                 free(fmt->match.single.hi);
 554                         fmt->match.single.hi = NULL;
 555                         break;
 556                     case mmt_limit:
 557                         break;
 558                     case mmt_any:
 559                         break;
 560                     case mmt_berstring:
 561                     case mmt_berstring_null:
 562                         if (fmt->match.berString != NULL)
 563                                 free(fmt->match.berString);
 564                         fmt->match.berString = NULL;
 565                         break;
 566                     case mmt_begin:
 567                         break;
 568                     case mmt_end:
 569                         break;
 570                 }
 571                 fmt++;
 572         }
 573         free(f);
 574 }
 575 
 576 /*
 577  * FUNCTION:    free_mapping_sub_element
 578  *
 579  *      Frees __nis_mapping_sub_element_t
 580  *
 581  * INPUT:               __nis_mapping_sub_element_t
 582  */
 583 
 584 void
 585 free_mapping_sub_element(__nis_mapping_sub_element_t *sub)
 586 {
 587         int     i;
 588 
 589         switch (sub->type) {
 590             case me_item:
 591                 free_mapping_item(&sub->element.item);
 592                 break;
 593             case me_print:
 594                 if (sub->element.print.fmt != NULL)
 595                         free_mapping_format(sub->element.print.fmt);
 596                 sub->element.print.fmt = NULL;
 597                 for (i = 0; i < sub->element.print.numItems; i++)
 598                         free_mapping_item(&sub->element.print.item[i]);
 599                 sub->element.print.numItems = 0;
 600                 if (sub->element.print.item != NULL)
 601                         free(sub->element.print.item);
 602                 sub->element.print.item = NULL;
 603                 break;
 604             case me_split:
 605                 free_mapping_item(&sub->element.split.item);
 606                 break;
 607             case me_extract:
 608                 if (sub->element.extract.fmt != NULL)
 609                         free_mapping_format(sub->element.extract.fmt);
 610                 sub->element.extract.fmt = NULL;
 611                 free_mapping_item(&sub->element.extract.item);
 612                 break;
 613         }
 614 }
 615 
 616 /*
 617  * FUNCTION:    read_line
 618  *
 619  *      Gets next line in buffer - using '\' at end of line
 620  *  to indicate continuation. Lines beginning with # are
 621  *      ignored. start_line_num and start_line_num are
 622  *      maintained to track the line number currently being
 623  *      parsed.
 624  *
 625  * RETURN VALUE:        The number of characters read. 0 for
 626  *                      eof, -1 for error
 627  *
 628  * INPUT:               file descriptor, buffer, and buffer size
 629  */
 630 
 631 int
 632 read_line(int fd, char *buffer, int buflen)
 633 {
 634         int             linelen;
 635         int             rc;
 636         char            c;
 637         bool_t          skip_line       = FALSE;
 638         bool_t          begin_line      = TRUE;
 639         static bool_t   prev_cr         = FALSE;
 640 
 641         start_line_num = cur_line_num;
 642         (void) memset(buffer, 0, buflen);
 643         for (; p_error == no_parse_error; ) {
 644                 linelen = 0;
 645                 while (linelen < buflen) {
 646                         rc = read(fd, &c, 1);
 647                         if (1 == rc) {
 648                                 if (c == '\n' || c == '\r') {
 649                                         if (c == '\n') {
 650                                                 if (prev_cr) {
 651                                                         prev_cr = FALSE;
 652                                                         continue;
 653                                                 } else {
 654                                                         if (linelen == 0)
 655                                                             start_line_num =
 656                                                                 cur_line_num;
 657                                                         else {
 658                                                                 if (
 659                                                                 is_string_ok(
 660                                                                 buffer,
 661                                                                 linelen)) {
 662                                                                 (void) memset(
 663                                                                 buffer, 0,
 664                                                                 linelen);
 665                                                                 linelen = 0;
 666                                                                 cur_line_num++;
 667                                                                 begin_line =
 668                                                                         TRUE;
 669                                                                 continue;
 670                                                                 }
 671                                                         }
 672                                                         cur_line_num++;
 673                                                 }
 674                                                 prev_cr = FALSE;
 675                                         } else {
 676                                                 prev_cr = TRUE;
 677                                                 if (linelen == 0)
 678                                                     start_line_num =
 679                                                         cur_line_num;
 680                                                 cur_line_num++;
 681                                         }
 682                                         if (skip_line) {
 683                                                 skip_line = FALSE;
 684                                                 if (linelen == 0)
 685                                                     start_line_num =
 686                                                         cur_line_num;
 687                                         } else if (linelen > 0 &&
 688                                             buffer[linelen - 1]
 689                                             == ESCAPE_CHAR) {
 690                                                 --linelen;
 691                                         } else if (linelen > 0) {
 692                                                 buffer[linelen] = '\0';
 693                                                 return (linelen);
 694                                         }
 695                                         begin_line = TRUE;
 696                                 } else {
 697                                         if (begin_line)
 698                                                 skip_line = c == POUND_SIGN;
 699                                         begin_line = FALSE;
 700                                         if (!skip_line)
 701                                                 buffer[linelen++] = c;
 702                                 }
 703                         } else {
 704                                 if (linelen > 0 &&
 705                                     buffer[linelen - 1] == ESCAPE_CHAR) {
 706                                         /* continuation on last line */
 707                                         p_error = parse_bad_continuation_error;
 708                                         return (-1);
 709                                 } else {
 710                                         buffer[linelen] = '\0';
 711                                         return (linelen);
 712                                 }
 713                         }
 714                 }
 715                 p_error = parse_line_too_long;
 716         }
 717         return (-1);
 718 }
 719 
 720 /*
 721  * FUNCTION:    finish_parse
 722  *
 723  *      Adds any elements not configured, fully qualifies
 724  *      names
 725  *
 726  * RETURN VALUE:        0 on success, -1 on failure
 727  */
 728 
 729 int
 730 finish_parse(
 731         __nis_ldap_proxy_info   *proxy_info,
 732         __nis_table_mapping_t   **table_mapping)
 733 {
 734         __nis_table_mapping_t   *t;
 735         __nis_table_mapping_t   *t1;
 736         __nis_table_mapping_t   *t2;
 737         __nis_table_mapping_t   *t_del          = NULL;
 738         int                     i;
 739         int                     j;
 740         int                     k;
 741         __nis_object_dn_t       *objectDN;
 742         __nis_mapping_rlhs_t    *lhs;
 743         __nis_mapping_element_t *e;
 744         char                    *s;
 745         int                     errnum;
 746 
 747         /* set to default those values yet set */
 748         if (proxy_info->auth_method ==
 749             (auth_method_t)NO_VALUE_SET) {
 750                 p_error = parse_no_proxy_auth_error;
 751                 report_error(NULL, NULL);
 752                 return (-1);
 753         }
 754 
 755         if (proxy_info->default_servers == NULL) {
 756                 p_error = parse_no_ldap_server_error;
 757                 report_error(NULL, NULL);
 758                 return (-1);
 759         }
 760 
 761         if (proxy_info->tls_method == (tls_method_t)NO_VALUE_SET)
 762                 proxy_info->tls_method = no_tls;
 763         else if (proxy_info->tls_method == ssl_tls &&
 764                         (proxy_info->tls_cert_db == NULL ||
 765                         *proxy_info->tls_cert_db == '\0')) {
 766                 p_error = parse_no_cert_db;
 767                 report_error(NULL, NULL);
 768                 return (-1);
 769         }
 770 
 771         if (proxy_info->default_nis_domain == NULL)
 772                 proxy_info->default_nis_domain =
 773                         s_strdup(__nis_rpc_domain());
 774         else if (*proxy_info->default_nis_domain == '\0') {
 775                 free(proxy_info->default_nis_domain);
 776                 proxy_info->default_nis_domain =
 777                         s_strdup(__nis_rpc_domain());
 778         }
 779         if (proxy_info->default_nis_domain != NULL)
 780                 append_dot(&proxy_info->default_nis_domain);
 781 
 782         if (proxy_info->tls_method == ssl_tls) {
 783                 if ((errnum = ldapssl_client_init(
 784                                 proxy_info->tls_cert_db, NULL)) < 0) {
 785                         p_error = parse_ldapssl_client_init_error;
 786                         report_error(ldapssl_err2string(errnum), NULL);
 787                         return (-1);
 788                 }
 789         }
 790 
 791         if (proxy_info->default_search_base == NULL)
 792             proxy_info->default_search_base =
 793                 get_default_ldap_base(proxy_info->default_nis_domain);
 794 
 795         /* convert a relative dn to a fullly qualified dn */
 796         (void) make_full_dn(&proxy_info->proxy_dn,
 797                 proxy_info->default_search_base);
 798 
 799         if (p_error != no_parse_error) {
 800                 report_error(NULL, NULL);
 801                 return (-1);
 802         }
 803 
 804         /*
 805          * Create a list of potential delete mappings
 806          * those have NULL objectDNs, but badly also rules
 807          * that are missing object dn's will be included.
 808          * We will use the ttl field to determine if the
 809          * delete rule is actually used
 810          */
 811         t2 = NULL;
 812         for (t = *table_mapping; t != NULL; t = t1) {
 813                 t1 = t->next;
 814                 if (t->objectDN == NULL) {
 815                         if (t2 == NULL)
 816                                 *table_mapping = t1;
 817                         else
 818                                 t2->next = t1;
 819                         t->next = t_del;
 820                         t_del = t;
 821                         t->ttl = 0;
 822                 } else
 823                         t2 = t;
 824         }
 825 
 826         for (t = *table_mapping; t != NULL; t = t->next) {
 827             objectDN = t->objectDN;
 828             while (objectDN != NULL) {
 829                 if (objectDN->dbIdName != NULL) {
 830                         s = objectDN->dbIdName;
 831                         t1 = find_table_mapping(s, strlen(s), t_del);
 832                         if (t1 == NULL) {
 833                                 p_error = parse_no_db_del_mapping_rule;
 834                                 report_error2(objectDN->dbIdName, t->dbId);
 835                                 return (-1);
 836                         } else if (t1->objName != NULL ||
 837                             t1->numRulesToLDAP == 0 ||
 838                             t1->numRulesFromLDAP != 0) {
 839                                 p_error = parse_invalid_db_del_mapping_rule;
 840                                 report_error(t1->dbId, NULL);
 841                                 return (-1);
 842                         }
 843                         objectDN->dbId =
 844                                 dup_mapping_rules(t1->ruleToLDAP,
 845                                         t1->numRulesToLDAP);
 846                         if (objectDN->dbId == NULL) {
 847                                 break;
 848                         }
 849                         objectDN->numDbIds = t1->numRulesToLDAP;
 850                         t1->ttl++;
 851                 }
 852                 objectDN = objectDN->next;
 853             }
 854         }
 855 
 856         for (t = t_del; t != NULL; t = t1) {
 857                 t1 = t->next;
 858                 if (t->ttl == 0) {
 859                         p_error = parse_no_object_dn;
 860                         report_error(t->dbId, NULL);
 861                 }
 862                 free_table_mapping(t);
 863         }
 864 
 865         if (p_error != no_parse_error)
 866                 return (-1);
 867 
 868         /* set to default those table mapping values yet set */
 869         for (t = *table_mapping; t != NULL; t = t->next) {
 870                 if (t->objName == 0) {
 871                         p_error = parse_no_object_dn;
 872                         report_error(t->dbId, NULL);
 873                         return (-1);
 874                 }
 875                 if (!yp2ldap) {
 876                         if (!add_domain(&t->objName,
 877                                         proxy_info->default_nis_domain)) {
 878                                 report_error(NULL, NULL);
 879                                 return (-1);
 880                         }
 881                 }
 882                 if (t->initTtlHi == (time_t)NO_VALUE_SET)
 883                         t->initTtlHi = DEFAULT_TTL_HIGH;
 884                 if (t->initTtlLo == (time_t)NO_VALUE_SET)
 885                         t->initTtlLo = DEFAULT_TTL_LOW;
 886                 if (t->ttl == (time_t)NO_VALUE_SET)
 887                         t->ttl = DEFAULT_TTL;
 888                 objectDN = t->objectDN;
 889 
 890                 /* fixup relative dn's */
 891                 while (objectDN != NULL) {
 892                         if (!yp2ldap) {
 893                                 if (!make_full_dn(&objectDN->read.base,
 894                                         proxy_info->default_search_base))
 895                                                 break;
 896                         }
 897                         if (objectDN->write.scope != LDAP_SCOPE_UNKNOWN) {
 898                                 if (objectDN->write.base != NULL &&
 899                                         !make_full_dn(&objectDN->write.base,
 900                                         proxy_info->default_search_base))
 901                                                 break;
 902                                 if (objectDN->write.base == NULL) {
 903                                     objectDN->write.base =
 904                                         s_strdup(objectDN->read.base);
 905                                     if (objectDN->write.base == NULL)
 906                                         break;
 907                                 }
 908                         }
 909                         objectDN = objectDN->next;
 910                 }
 911 
 912                 if (p_error != no_parse_error) {
 913                         report_error(NULL, NULL);
 914                         return (-1);
 915                 }
 916 
 917                 /* Check for ruleToLDAP with no rhs */
 918                 for (i = 0; i < t->numRulesToLDAP; i++) {
 919                     if (t->ruleToLDAP[i]->rhs.numElements == 0) {
 920                         p_error = parse_unexpected_data_end_rule;
 921                         report_error(t->dbId, NULL);
 922                         return (-1);
 923                     }
 924                 }
 925 
 926                 /* populate cols field */
 927                 if (!yp2ldap) {
 928                         for (i = 0; i < t->numRulesFromLDAP; i++) {
 929                                 lhs = &t->ruleFromLDAP[i]->lhs;
 930                                 for (j = 0; j < lhs->numElements; j++) {
 931                                         e = &lhs->element[j];
 932                                         switch (e->type) {
 933                                                 case me_item:
 934                                                 if (!add_column(t,
 935                                                 e->element.item.name)) {
 936                                                         report_error(
 937                                                         NULL, NULL);
 938                                                         return (-1);
 939                                                 }
 940                                                 break;
 941                                                 case me_match:
 942                                                 for (k = 0;
 943                                                 k < e->element.match.numItems;
 944                                                 k++)
 945                                                         if (!add_column(t,
 946                                         e->element.match.item[k].name)) {
 947                                                                 report_error(
 948                                                                 NULL, NULL);
 949                                                                 return (-1);
 950                                                         }
 951                                                 break;
 952                                         }
 953                                 }
 954                         }
 955                 }
 956         }
 957         return (0);
 958 }
 959 
 960 /*
 961  * FUNCTION:    set_default_values
 962  *
 963  *      Sets unconfigured values to their default value
 964  */
 965 
 966 void
 967 set_default_values(__nis_ldap_proxy_info *proxy_info,
 968     __nis_config_t *config_info, __nisdb_table_mapping_t *table_info)
 969 {
 970         if (proxy_info->bind_timeout.tv_sec == (time_t)NO_VALUE_SET)
 971                 proxy_info->bind_timeout.tv_sec = DEFAULT_BIND_TIMEOUT;
 972         if (proxy_info->search_timeout.tv_sec == (time_t)NO_VALUE_SET)
 973                 proxy_info->search_timeout.tv_sec =
 974                         (yp2ldap)?DEFAULT_YP_SEARCH_TIMEOUT:
 975                                 DEFAULT_SEARCH_TIMEOUT;
 976         if (proxy_info->modify_timeout.tv_sec == (time_t)NO_VALUE_SET)
 977                 proxy_info->modify_timeout.tv_sec = DEFAULT_MODIFY_TIMEOUT;
 978         if (proxy_info->add_timeout.tv_sec == (time_t)NO_VALUE_SET)
 979                 proxy_info->add_timeout.tv_sec = DEFAULT_ADD_TIMEOUT;
 980         if (proxy_info->delete_timeout.tv_sec == (time_t)NO_VALUE_SET)
 981                 proxy_info->delete_timeout.tv_sec = DEFAULT_DELETE_TIMEOUT;
 982 
 983         if (proxy_info->search_time_limit == (int)NO_VALUE_SET)
 984                 proxy_info->search_time_limit = DEFAULT_SEARCH_TIME_LIMIT;
 985         if (proxy_info->search_size_limit == (int)NO_VALUE_SET)
 986                 proxy_info->search_size_limit = DEFAULT_SEARCH_SIZE_LIMIT;
 987 
 988         if (proxy_info->follow_referral == (follow_referral_t)NO_VALUE_SET)
 989                 proxy_info->follow_referral = no_follow;
 990 
 991         switch (config_info->initialUpdate) {
 992                 case (__nis_initial_update_t)NO_VALUE_SET:
 993                 case (__nis_initial_update_t)INITIAL_UPDATE_NO_ACTION:
 994                 case (__nis_initial_update_t)NO_INITIAL_UPDATE_NO_ACTION:
 995                         config_info->initialUpdate = ini_none;
 996                         break;
 997                 case (__nis_initial_update_t)FROM_NO_INITIAL_UPDATE:
 998                         config_info->initialUpdate = from_ldap;
 999                         break;
1000                 case (__nis_initial_update_t)TO_NO_INITIAL_UPDATE:
1001                         config_info->initialUpdate = to_ldap;
1002                         break;
1003         }
1004         if (config_info->threadCreationError ==
1005             (__nis_thread_creation_error_t)NO_VALUE_SET)
1006                 config_info->threadCreationError = pass_error;
1007         if (config_info->threadCreationErrorTimeout.attempts == NO_VALUE_SET)
1008                 config_info->threadCreationErrorTimeout.attempts =
1009                         DEFAULT_THREAD_ERROR_ATTEMPTS;
1010         if (config_info->threadCreationErrorTimeout.timeout ==
1011                         (time_t)NO_VALUE_SET)
1012                 config_info->threadCreationErrorTimeout.timeout =
1013                         DEFAULT_THREAD_ERROR_TIME_OUT;
1014         if (config_info->dumpError ==
1015             (__nis_dump_error_t)NO_VALUE_SET)
1016                 config_info->dumpError = de_retry;
1017         if (config_info->dumpErrorTimeout.attempts == NO_VALUE_SET)
1018                 config_info->dumpErrorTimeout.attempts =
1019                         DEFAULT_DUMP_ERROR_ATTEMPTS;
1020         if (config_info->dumpErrorTimeout.timeout == (time_t)NO_VALUE_SET)
1021                 config_info->dumpErrorTimeout.timeout =
1022                         DEFAULT_DUMP_ERROR_TIME_OUT;
1023         if (config_info->resyncService ==
1024             (__nis_resync_service_t)NO_VALUE_SET)
1025                 config_info->resyncService = from_copy;
1026         if (config_info->updateBatching ==
1027             (__nis_update_batching_t)NO_VALUE_SET)
1028                 config_info->updateBatching = accumulate;
1029         if (config_info->updateBatchingTimeout.timeout == (time_t)NO_VALUE_SET)
1030                 config_info->updateBatchingTimeout.timeout =
1031                         DEFAULT_BATCHING_TIME_OUT;
1032         if (config_info->numberOfServiceThreads == (int)NO_VALUE_SET)
1033                 config_info->numberOfServiceThreads =
1034                         DEFAULT_NUMBER_OF_THREADS;
1035         if (config_info->emulate_yp == (int)NO_VALUE_SET)
1036                 config_info->emulate_yp =
1037                         DEFAULT_YP_EMULATION;
1038         if (config_info->maxRPCRecordSize == (int)NO_VALUE_SET)
1039                 config_info->maxRPCRecordSize = RPC_MAXDATASIZE;
1040 
1041         if (table_info->retrieveError ==
1042             (__nis_retrieve_error_t)NO_VALUE_SET)
1043                 table_info->retrieveError = use_cached;
1044         if (table_info->retrieveErrorRetry.attempts == NO_VALUE_SET)
1045                 table_info->retrieveErrorRetry.attempts =
1046                         DEFAULT_RETRIEVE_ERROR_ATTEMPTS;
1047         if (table_info->retrieveErrorRetry.timeout == (time_t)NO_VALUE_SET)
1048                 table_info->retrieveErrorRetry.timeout =
1049                         DEFAULT_RETRIEVE_ERROR_TIME_OUT;
1050         if (table_info->storeError ==
1051             (__nis_store_error_t)NO_VALUE_SET)
1052                 table_info->storeError = sto_retry;
1053         if (table_info->storeErrorRetry.attempts == NO_VALUE_SET)
1054                 table_info->storeErrorRetry.attempts =
1055                         DEFAULT_STORE_ERROR_ATTEMPTS;
1056         if (table_info->storeErrorRetry.timeout == (time_t)NO_VALUE_SET)
1057                 table_info->storeErrorRetry.timeout =
1058                         DEFAULT_STORE_ERROR_TIME_OUT;
1059         if (table_info->refreshError ==
1060             (__nis_refresh_error_t)NO_VALUE_SET)
1061                 table_info->refreshError = continue_using;
1062         if (table_info->refreshErrorRetry.attempts == NO_VALUE_SET)
1063                 table_info->refreshErrorRetry.attempts =
1064                         DEFAULT_REFRESH_ERROR_ATTEMPTS;
1065         if (table_info->refreshErrorRetry.timeout == (time_t)NO_VALUE_SET)
1066                 table_info->refreshErrorRetry.timeout =
1067                         DEFAULT_REFRESH_ERROR_TIME_OUT;
1068         if (table_info->matchFetch ==
1069             (__nis_match_fetch_t)NO_VALUE_SET)
1070                 table_info->matchFetch = no_match_only;
1071 }
1072 
1073 __nis_table_mapping_t *
1074 find_table_mapping(const char *s, int len, __nis_table_mapping_t *table_mapping)
1075 {
1076         __nis_table_mapping_t *t;
1077 
1078         for (t = table_mapping; t != NULL; t = t->next)
1079                 if (strlen(t->dbId) == len &&
1080                     strncasecmp(t->dbId, s, len) == 0)
1081                         break;
1082         return (t);
1083 }
1084 
1085 void
1086 append_dot(char **str)
1087 {
1088         char    *s      = *str;
1089         int     len     = strlen(s);
1090 
1091         if (len == 0 || s[len - 1] != PERIOD_CHAR) {
1092                 s = s_realloc(s, len + 2);
1093                 if (s != NULL) {
1094                         s[len] = PERIOD_CHAR;
1095                         s[len+1] = '\0';
1096                         *str = s;
1097                 }
1098         }
1099 }
1100 
1101 void
1102 append_comma(char **str)
1103 {
1104 
1105         char    *s  = *str;
1106         int len = strlen(s);
1107 
1108         if (len == 0 || s[len - 1] != COMMA_CHAR) {
1109                 s = s_realloc(s, len + 2);
1110                 if (s != NULL) {
1111                         s[len] = COMMA_CHAR;
1112                         s[len+1] = '\0';
1113                         *str = s;
1114                 }
1115         }
1116 }
1117 
1118 /*
1119  * FUNCTION:    make_full_dn
1120  *
1121  *      Appends the base dn if a relative ldap dn
1122  *      (invoked only for LDAP write cycle)
1123  *
1124  * RETURN VALUE:        FALSE if error
1125  *                      TRUE if __nis_index_t returned
1126  *
1127  * INPUT:               the relative dn and ldap base
1128  */
1129 
1130 bool_t
1131 make_full_dn(char **dn, const char *base)
1132 {
1133         int len;
1134         int len1;
1135 
1136         if (*dn == NULL) {
1137                 *dn = s_strdup(base);
1138         } else {
1139                 len = strlen(*dn);
1140                 if (len > 0 && (*dn)[len-1] == COMMA_CHAR) {
1141                         len1 = strlen(base) + 1;
1142                         *dn = s_realloc(*dn, len + len1);
1143                         if (*dn != NULL)
1144                                 (void) strcpy(*dn + len, base);
1145                 }
1146         }
1147         return (*dn != NULL);
1148 }
1149 
1150 /*
1151  * FUNCTION:    make_fqdn
1152  *
1153  *      Appends the base dn if a relative ldap dn
1154  *      (invoked only for LDAP read cycle)
1155  *
1156  * RETURN VALUE:        FALSE if error
1157  *                      TRUE if success
1158  *
1159  * INPUT:               the relative dn and ldap base
1160  */
1161 bool_t
1162 make_fqdn(__nis_object_dn_t *dn, const char *base)
1163 {
1164         int len;
1165         int len1;
1166 
1167         if (dn == NULL) {
1168                 return (FALSE);
1169         } else {
1170                 while (dn != NULL && dn->read.base != NULL) {
1171                         len = strlen(dn->read.base);
1172                         if (len > 0 && (dn->read.base)[len-1] == COMMA_CHAR) {
1173                                 len1 = strlen(base) + 1;
1174                                 dn->read.base =
1175                                         s_realloc(dn->read.base, len + len1);
1176                                 if (dn->read.base != NULL)
1177                                         (void) strlcpy(dn->read.base + len,
1178                                                         base, len1);
1179                                 else
1180                                         return (FALSE);
1181                         }
1182                         dn = dn->next;
1183                 }
1184         }
1185         return (TRUE);
1186 }
1187 
1188 /*
1189  * FUNCTION:    get_default_ldap_base
1190  *
1191  *      Gets the default LDAP search base from the
1192  *      nis+ default domain
1193  *
1194  * RETURN VALUE:        NULL if error
1195  *                      the default base
1196  *
1197  * INPUT:               the nis domain
1198  */
1199 
1200 char *
1201 get_default_ldap_base(const char *domain)
1202 {
1203 
1204         int             len     = strlen(domain);
1205         int             i;
1206         int             count   = len + 4;
1207         char            *base;
1208 
1209         for (i = 0; i < len - 1; i++)
1210                 if (domain[i] == PERIOD_CHAR)
1211                         count += 4;
1212         if ((base = malloc(count)) == NULL) {
1213                 p_error = parse_no_mem_error;
1214         } else {
1215                 (void) strcpy(base, "dc=");
1216                 count = 3;
1217                 for (i = 0; i < len - 1; i++) {
1218                         if (domain[i] == PERIOD_CHAR) {
1219                                 (void) strcpy(base + count, ",dc=");
1220                                 count += 4;
1221                         } else {
1222                                 base[count++] = domain[i];
1223                         }
1224                 }
1225                 base[count] = '\0';
1226         }
1227         return (base);
1228 }
1229 
1230 /*
1231  * FUNCTION:    add_domain
1232  *
1233  *      Appends the base domain if a relative object name
1234  *
1235  * RETURN VALUE:        FALSE if error
1236  *                      TRUE if OK
1237  *
1238  * INPUT:               the relative object name and base domain
1239  *                      name
1240  */
1241 
1242 bool_t
1243 add_domain(char **objName, const char *domain)
1244 {
1245         int     len;
1246         int     len1;
1247         bool_t  trailing_dot;
1248         char    *obj_name;
1249 
1250         if (domain == NULL || *objName == NULL) {
1251                 p_error = parse_internal_error;
1252                 return (FALSE);
1253         }
1254         len1 = strlen(domain);
1255         trailing_dot = (len1 > 0 && domain[len1 - 1] == PERIOD_CHAR) ?
1256                 0 : 1;
1257         len = strlen(*objName);
1258         if (len == 0 || (*objName)[len - 1] != PERIOD_CHAR) {
1259                 obj_name = s_realloc(*objName,
1260                         len + len1 + 2 + trailing_dot);
1261                 if (obj_name != NULL) {
1262                         obj_name[len++] = PERIOD_CHAR;
1263                         (void) strcpy(obj_name + len, domain);
1264                         if (trailing_dot != 0) {
1265                                 obj_name[len + len1] = PERIOD_CHAR;
1266                                 obj_name[len + len1 + 1] = '\0';
1267                         }
1268                         *objName = obj_name;
1269                 }
1270         }
1271 
1272         return (*objName != NULL);
1273 }
1274 
1275 bool_t
1276 dup_index(__nis_index_t *in, __nis_index_t *out)
1277 {
1278         int i;
1279         int j;
1280 
1281         out->name = (char **)s_calloc(in->numIndexes, sizeof (char *));
1282         if (out->name == NULL)
1283                 return (FALSE);
1284         out->value = (__nis_mapping_format_t **)
1285                 s_calloc(in->numIndexes, sizeof (__nis_mapping_format_t *));
1286         if (out->value == NULL) {
1287                 free(out->name);
1288                 out->name = NULL;
1289                 return (FALSE);
1290         }
1291 
1292         for (i = 0; i < in->numIndexes; i++) {
1293                 out->name[i] = s_strdup(in->name[i]);
1294                 if (out->name[i] == NULL)
1295                         break;
1296                 out->value[i] = dup_format_mapping(in->value[i]);
1297                 if (out->value[i] == NULL)
1298                         break;
1299         }
1300         if (i < in->numIndexes) {
1301                 for (j = 0; j <= i; j++) {
1302                         if (out->name[j] != NULL)
1303                                 free(out->name[j]);
1304                         if (out->value[j] != NULL)
1305                                 free_mapping_format(out->value[j]);
1306                 }
1307                 free(out->name);
1308                 out->name = NULL;
1309                 free(out->value);
1310                 out->value = NULL;
1311         } else {
1312                 out->numIndexes = in->numIndexes;
1313         }
1314         return (i == in->numIndexes);
1315 }
1316 
1317 bool_t
1318 dup_mapping_item(__nis_mapping_item_t *in, __nis_mapping_item_t *out)
1319 {
1320         bool_t  ret;
1321 
1322         if (in->type == mit_nisplus) {
1323                 ret = dup_index(&in->searchSpec.obj.index,
1324                         &out->searchSpec.obj.index);
1325                 if (!ret)
1326                         return (ret);
1327                 if (in->searchSpec.obj.name != NULL) {
1328                     out->searchSpec.obj.name =
1329                         s_strdup(in->searchSpec.obj.name);
1330                         if (out->searchSpec.obj.name == NULL)
1331                                 return (FALSE);
1332                 } else
1333                         out->searchSpec.obj.name = NULL;
1334         } else if (in->type == mit_ldap) {
1335                 if (in->searchSpec.triple.base != NULL) {
1336                     out->searchSpec.triple.base =
1337                         s_strdup(in->searchSpec.triple.base);
1338                         if (out->searchSpec.triple.base == NULL)
1339                                 return (FALSE);
1340                 } else
1341                         out->searchSpec.triple.base = NULL;
1342                 out->searchSpec.triple.scope =
1343                         in->searchSpec.triple.scope;
1344                 if (in->searchSpec.triple.attrs != NULL) {
1345                     out->searchSpec.triple.attrs =
1346                         s_strdup(in->searchSpec.triple.attrs);
1347                         if (out->searchSpec.triple.attrs == NULL)
1348                                 return (FALSE);
1349                 } else
1350                         out->searchSpec.triple.attrs = NULL;
1351                 if (in->searchSpec.triple.element != NULL) {
1352                         out->searchSpec.triple.element =
1353                                 (__nis_mapping_element_t *)
1354                                 s_calloc(1, sizeof (__nis_mapping_element_t));
1355                         if (out->searchSpec.triple.element != NULL)
1356                                 dup_mapping_element(
1357                                         in->searchSpec.triple.element,
1358                                         out->searchSpec.triple.element);
1359                         if (out->searchSpec.triple.element == NULL)
1360                                 return (FALSE);
1361                 } else
1362                         out->searchSpec.triple.element = NULL;
1363         }
1364 
1365         if (in->name != NULL) {
1366                 out->name = s_strdup(in->name);
1367                 if (out->name == NULL)
1368                         return (FALSE);
1369         } else
1370                 out->name = NULL;
1371         out->type = in->type;
1372         out->repeat = in->repeat;
1373         if (in->exItem) {
1374                 out->exItem = (__nis_mapping_item_t *)s_malloc
1375                         (sizeof (__nis_mapping_item_t));
1376                 if (out->exItem == NULL)
1377                         return (FALSE);
1378                 else {
1379                         (void) memset
1380                                 (out->exItem, 0, sizeof (out->exItem[0]));
1381                         if (!dup_mapping_item
1382                                 (in->exItem, out->exItem))
1383                                 p_error = parse_internal_error;
1384                 }
1385         } else
1386                 out->exItem = NULL;
1387 
1388         return (p_error == no_parse_error);
1389 }
1390 
1391 __nis_mapping_format_t *
1392 dup_format_mapping(__nis_mapping_format_t *in)
1393 {
1394         int                     i;
1395         __nis_mapping_format_t  *out;
1396         bool_t                  got_end;
1397 
1398         i = 0;
1399         while (in[i].type != mmt_end)
1400                 i++;
1401         out = (__nis_mapping_format_t *)s_calloc(
1402                 i + 1, sizeof (__nis_mapping_format_t));
1403         if (out != NULL) {
1404                 got_end = FALSE;
1405                 for (i = 0; !got_end; i++) {
1406                     switch (in[i].type) {
1407                         case mmt_item:
1408                                 break;
1409                         case mmt_string:
1410                                 out[i].match.string =
1411                                         s_strdup(in[i].match.string);
1412                                 break;
1413                         case mmt_single:
1414                                 out[i].match.single.numRange =
1415                                         in[i].match.single.numRange;
1416                                 out[i].match.single.lo =
1417                                         s_malloc(in[i].match.single.numRange);
1418                                 if (out[i].match.single.lo == NULL)
1419                                         break;
1420                                 out[i].match.single.hi =
1421                                         s_malloc(in[i].match.single.numRange);
1422                                 if (out[i].match.single.hi == NULL)
1423                                         break;
1424                                 memcpy(out[i].match.single.lo,
1425                                         in[i].match.single.lo,
1426                                         in[i].match.single.numRange);
1427                                 memcpy(out[i].match.single.hi,
1428                                         in[i].match.single.hi,
1429                                         in[i].match.single.numRange);
1430                                 break;
1431                         case mmt_limit:
1432                                 out[i].match.limit = in[i].match.limit;
1433                                 break;
1434                         case mmt_any:
1435                                 break;
1436                         case mmt_berstring:
1437                                 out[i].match.berString =
1438                                         s_strdup(in[i].match.berString);
1439                                 break;
1440                         case mmt_begin:
1441                                 break;
1442                         case mmt_end:
1443                                 got_end = TRUE;
1444                                 break;
1445                         default:
1446                                 p_error = parse_internal_error;
1447                     }
1448                     if (p_error != no_parse_error)
1449                         break;
1450                     out[i].type = in[i].type;
1451                 }
1452                 if (p_error != no_parse_error) {
1453                         free_mapping_format(out);
1454                         out = NULL;
1455                 }
1456         }
1457 
1458         return (out);
1459 }
1460 
1461 bool_t
1462 dup_mapping_sub_element(
1463         __nis_mapping_sub_element_t     *in,
1464         __nis_mapping_sub_element_t     *out)
1465 {
1466         bool_t  ret = FALSE;
1467         int     i;
1468 
1469         switch (in->type) {
1470                 case me_item:
1471                         ret = dup_mapping_item(&in->element.item,
1472                                 &out->element.item);
1473                         break;
1474                 case me_print:
1475                         out->element.print.fmt =
1476                                 dup_format_mapping(in->element.print.fmt);
1477                         if (out->element.print.fmt == NULL)
1478                                 break;
1479                         out->element.print.numItems =
1480                                 in->element.print.numItems;
1481                         out->element.print.item = (__nis_mapping_item_t *)
1482                                 s_calloc(in->element.print.numItems,
1483                                         sizeof (__nis_mapping_item_t));
1484                         if (out->element.print.item == NULL)
1485                                 break;
1486                         for (i = 0; i < in->element.print.numItems; i++)
1487                                 if (!dup_mapping_item(
1488                                         &in->element.print.item[i],
1489                                         &out->element.print.item[i]))
1490                                                 break;
1491                         if (i < in->element.print.numItems)
1492                                 break;
1493                         ret = TRUE;
1494                         out->element.print.doElide = in->element.print.doElide;
1495                         out->element.print.elide = in->element.print.elide;
1496                         break;
1497                 case me_split:
1498                         ret = dup_mapping_item(&in->element.split.item,
1499                                 &out->element.split.item);
1500                         out->element.split.delim = in->element.split.delim;
1501                         break;
1502                 case me_extract:
1503                         out->element.extract.fmt =
1504                                 dup_format_mapping(in->element.extract.fmt);
1505                         if (out->element.extract.fmt == NULL)
1506                                 break;
1507                         ret = dup_mapping_item(&in->element.extract.item,
1508                                 &out->element.extract.item);
1509                         break;
1510                 default:
1511                         p_error = parse_internal_error;
1512         }
1513         out->type = in->type;
1514 
1515         return (ret);
1516 }
1517 
1518 bool_t
1519 dup_mapping_element(
1520         __nis_mapping_element_t *in,
1521         __nis_mapping_element_t *out)
1522 {
1523         bool_t  ret = FALSE;
1524         int     i;
1525 
1526         if (in == NULL)
1527                 return (ret);
1528 
1529         switch (in->type) {
1530                 case me_item:
1531                         ret = dup_mapping_item(&in->element.item,
1532                                 &out->element.item);
1533                         break;
1534                 case me_print:
1535                         out->element.print.fmt =
1536                                 dup_format_mapping(in->element.print.fmt);
1537                         if (out->element.print.fmt == NULL)
1538                                 break;
1539                         out->element.print.numSubElements =
1540                                 in->element.print.numSubElements;
1541                         out->element.print.subElement =
1542                                 (__nis_mapping_sub_element_t *)
1543                                 s_calloc(in->element.print.numSubElements,
1544                                         sizeof (__nis_mapping_sub_element_t));
1545                         if (out->element.print.subElement == NULL)
1546                                 break;
1547                         for (i = 0; i < in->element.print.numSubElements; i++)
1548                                 if (!dup_mapping_sub_element(
1549                                         &in->element.print.subElement[i],
1550                                         &out->element.print.subElement[i]))
1551                                                 break;
1552                         if (i < in->element.print.numSubElements)
1553                                 break;
1554                         ret = TRUE;
1555                         out->element.print.doElide = in->element.print.doElide;
1556                         out->element.print.elide = in->element.print.elide;
1557                         break;
1558                 case me_split:
1559                         ret = dup_mapping_item(&in->element.split.item,
1560                                 &out->element.split.item);
1561                         out->element.split.delim = in->element.split.delim;
1562                         break;
1563                 case me_match:
1564                         out->element.match.fmt =
1565                                 dup_format_mapping(in->element.match.fmt);
1566                         if (out->element.match.fmt == NULL)
1567                                 break;
1568                         out->element.match.numItems =
1569                                 in->element.match.numItems;
1570                         out->element.match.item = (__nis_mapping_item_t *)
1571                                 s_calloc(in->element.match.numItems,
1572                                         sizeof (__nis_mapping_item_t));
1573                         if (out->element.match.item == NULL)
1574                                 break;
1575                         for (i = 0; i < in->element.match.numItems; i++)
1576                                 if (!dup_mapping_item(
1577                                         &in->element.match.item[i],
1578                                         &out->element.match.item[i]))
1579                                                 break;
1580                         if (i < in->element.match.numItems)
1581                                 break;
1582                         ret = TRUE;
1583                         break;
1584                 case me_extract:
1585                         out->element.extract.fmt =
1586                                 dup_format_mapping(in->element.extract.fmt);
1587                         if (out->element.extract.fmt == NULL)
1588                                 break;
1589                         ret = dup_mapping_item(&in->element.extract.item,
1590                                 &out->element.extract.item);
1591                         break;
1592                 default:
1593                         p_error = parse_internal_error;
1594         }
1595         out->type = in->type;
1596 
1597         return (ret);
1598 }
1599 
1600 __nis_mapping_rule_t *
1601 dup_mapping_rule(__nis_mapping_rule_t *in)
1602 {
1603         int                     i;
1604         __nis_mapping_rlhs_t    *r_in;
1605         __nis_mapping_rlhs_t    *r_out;
1606         __nis_mapping_rule_t    *out;
1607 
1608         out = (__nis_mapping_rule_t *)
1609                 s_calloc(1, sizeof (__nis_mapping_rule_t));
1610         if (out != NULL) {
1611                 r_in = &in->lhs;
1612                 r_out = &out->lhs;
1613                 r_out->numElements = r_in->numElements;
1614                 r_out->element = (__nis_mapping_element_t *)s_calloc
1615                         (r_in->numElements, sizeof (__nis_mapping_element_t));
1616                 if (r_out->element == NULL) {
1617                         free_mapping_rule(out);
1618                         return (NULL);
1619                 }
1620                 for (i = 0; i < r_in->numElements; i++) {
1621                     if (!dup_mapping_element(&r_in->element[i],
1622                         &r_out->element[i]))
1623                                 break;
1624                 }
1625                 if (i < r_in->numElements) {
1626                         free_mapping_rule(out);
1627                         return (NULL);
1628                 }
1629 
1630                 r_in = &in->rhs;
1631                 r_out = &out->rhs;
1632                 r_out->numElements = r_in->numElements;
1633                 r_out->element = (__nis_mapping_element_t *)s_calloc
1634                         (r_in->numElements, sizeof (__nis_mapping_element_t));
1635                 if (r_out->element == NULL) {
1636                         free_mapping_rule(out);
1637                         return (NULL);
1638                 }
1639                 for (i = 0; i < r_in->numElements; i++) {
1640                     if (!dup_mapping_element(&r_in->element[i],
1641                         &r_out->element[i]))
1642                                 break;
1643                 }
1644                 if (i < r_in->numElements) {
1645                         free_mapping_rule(out);
1646                         return (NULL);
1647                 }
1648         }
1649         return (out);
1650 }
1651 
1652 __nis_mapping_rule_t **
1653 dup_mapping_rules(__nis_mapping_rule_t **rules, int n_rules)
1654 {
1655         int                     i, j;
1656         __nis_mapping_rule_t    **r;
1657 
1658         r = (__nis_mapping_rule_t **)s_calloc(n_rules,
1659                 sizeof (__nis_mapping_rule_t *));
1660         if (r != NULL) {
1661                 for (i = 0; i < n_rules; i++) {
1662                         r[i] = dup_mapping_rule(rules[i]);
1663                         if (r[i] == NULL) {
1664                                 for (j = 0; j < i; j++)
1665                                         free_mapping_rule(r[j]);
1666                                 free(r);
1667                                 r = NULL;
1668                                 break;
1669                         }
1670                 }
1671         }
1672         return (r);
1673 }
1674 
1675 /*
1676  * FUNCTION:    add_column
1677  *
1678  *      Adds a column name to the column list in __nis_table_mapping_t
1679  *
1680  * RETURN VALUE:        FALSE if error
1681  *                      TRUE if __nis_index_t returned
1682  *
1683  * INPUT:               the __nis_table_mapping_t and column name
1684  */
1685 
1686 bool_t
1687 add_column(__nis_table_mapping_t *t, const char *col_name)
1688 {
1689         int i;
1690         char **cols = NULL;
1691 
1692         if (!yp2ldap) {
1693                 for (i = 0; i < t->numColumns; i++) {
1694                         if (strcasecmp(col_name, t->column[i]) == 0)
1695                                 return (TRUE);
1696                 }
1697         }
1698         cols = (char **)s_realloc(t->column, (t->numColumns + 1) *
1699                 sizeof (char *));
1700         if (cols == NULL)
1701                 return (FALSE);
1702         t->column = cols;
1703         cols[t->numColumns] = s_strdup(col_name);
1704         if (cols[t->numColumns] == NULL)
1705                 return (FALSE);
1706         t->numColumns++;
1707         return (TRUE);
1708 }
1709 
1710 /*
1711  * FUNCTION:    add_element
1712  *
1713  *      Adds a __nis_mapping_element_t to __nis_mapping_rlhs_t
1714  *
1715  * RETURN VALUE:        FALSE if error
1716  *                      TRUE if __nis_index_t returned
1717  *
1718  * INPUT:               the __nis_mapping_element_t and
1719  *                      __nis_mapping_rlhs_t
1720  */
1721 
1722 bool_t
1723 add_element(
1724         __nis_mapping_element_t *e,
1725         __nis_mapping_rlhs_t    *m)
1726 {
1727         __nis_mapping_element_t *e1;
1728         int                     i;
1729         int                     n       = m->numElements;
1730 
1731         e1 = (__nis_mapping_element_t *)s_realloc(m->element,
1732                 (n + 1) * sizeof (__nis_mapping_element_t));
1733         if (e1 == NULL) {
1734                 e1 = m->element;
1735                 for (i = 0; i < n; i++)
1736                         free_mapping_element(e1++);
1737                 if (m->element != NULL)
1738                         free(m->element);
1739                 m->element = NULL;
1740                 m->numElements = 0;
1741         } else {
1742                 e1[m->numElements++] = *e;
1743                 free(e);
1744                 m->element = (__nis_mapping_element_t *)e1;
1745         }
1746         return (e1 != NULL);
1747 }
1748 
1749 /*
1750  * FUNCTION:    get_next_object_dn_token
1751  *
1752  *      Get the next token in parsing object_dn
1753  *
1754  * RETURN VALUE:        NULL if error
1755  *                      position of beginning next token after
1756  *                      token
1757  *
1758  * INPUT:               the attribute value
1759  */
1760 
1761 const char *
1762 get_next_object_dn_token(
1763         const char      **begin_ret,
1764         const char      **end_ret,
1765         object_dn_token *token)
1766 {
1767         object_dn_token t               = dn_no_token;
1768         const char      *s              = *begin_ret;
1769         const char      *begin;
1770         const char      *end            = *end_ret;
1771         const char      *s1;
1772         bool_t          in_quotes;
1773 
1774         while (s < end && is_whitespace(*s))
1775                 s++;
1776         if (s >= end) {
1777                 /* EMPTY */
1778         } else if (*s == SEMI_COLON_CHAR) {
1779                 t = dn_semi_token;
1780                 s++;
1781         } else if (*s == QUESTION_MARK) {
1782                 t = dn_ques_token;
1783                 s++;
1784         } else if (*s == COLON_CHAR) {
1785                 t = dn_colon_token;
1786                 s++;
1787         } else if (*s == OPEN_PAREN_CHAR) {
1788                 begin = s;
1789                 s = get_ldap_filter(&begin, &end);
1790                 if (s != NULL) {
1791                         t = dn_text_token;
1792                         *begin_ret = begin;
1793                         *end_ret = end;
1794                 }
1795         } else {
1796                 begin = s;
1797                 in_quotes = FALSE;
1798                 while (s < end) {
1799                         if (*s == ESCAPE_CHAR) {
1800                             if (s + 2 > end) {
1801                                 p_error = parse_unmatched_escape;
1802                                 s = NULL;
1803                                 break;
1804                             }
1805                             s++;
1806                         } else if (*s == DOUBLE_QUOTE_CHAR) {
1807                                 in_quotes = ! in_quotes;
1808                         } else if (in_quotes)
1809                                 ;
1810                         else if (*s == SEMI_COLON_CHAR ||
1811                                 *s == QUESTION_MARK ||
1812                                 *s == COLON_CHAR)
1813                                         break;
1814                         s++;
1815                 }
1816                 if (s != NULL) {
1817                         s1 = s - 1;
1818                         while (is_whitespace(*s1))
1819                                 s1--;
1820                         s1++;
1821                         if (same_string("base", begin, s1 - begin))
1822                                 t = dn_base_token;
1823                         else if (same_string("one", begin, s1 - begin))
1824                                 t = dn_one_token;
1825                         else if (same_string("sub", begin, s1 - begin))
1826                                 t = dn_sub_token;
1827                         else
1828                                 t = dn_text_token;
1829                         *begin_ret = begin;
1830                         *end_ret = s1;
1831                 }
1832         }
1833         *token = t;
1834         return (s);
1835 }
1836 
1837 /*
1838  * FUNCTION:    get_next_token
1839  *
1840  *      Get the next token in parsing mapping attribute
1841  *
1842  * RETURN VALUE:        NULL if error
1843  *                      position of beginning next token after
1844  *                      token
1845  *
1846  * INPUT:               the attribute value
1847  */
1848 
1849 const char *
1850 get_next_token(const char **begin_token, const char **end_token, token_type *t)
1851 {
1852         const char      *s              = *begin_token;
1853         const char      *end_s          = *end_token;
1854         const char      *s_begin;
1855 
1856         while (s < end_s && is_whitespace(*s))
1857                 s++;
1858         if (s == end_s) {
1859                 *t = no_token;
1860                 return (s);
1861         }
1862 
1863         s_begin = s;
1864 
1865         if (*s == OPEN_PAREN_CHAR) {
1866                 *begin_token = s;
1867                 s++;
1868                 *end_token = s;
1869                 while (s < end_s && is_whitespace(*s))
1870                         s++;
1871                 *t = open_paren_token;
1872         } else if (*s == DOUBLE_QUOTE_CHAR) {
1873                 s++;
1874                 while (s < end_s) {
1875                         if (*s == ESCAPE_CHAR)
1876                                 s += 2;
1877                         else if (*s == DOUBLE_QUOTE_CHAR)
1878                                 break;
1879                         else
1880                                 s++;
1881                 }
1882                 if (s >= end_s) {
1883                         p_error = parse_unmatched_escape;
1884                         return (NULL);
1885                 }
1886 
1887                 *t = quoted_string_token;
1888                 *begin_token = s_begin + 1;
1889                 *end_token = s++;
1890         } else if (*s == EQUAL_CHAR || *s == COMMA_CHAR ||
1891             *s == CLOSE_PAREN_CHAR || *s == COLON_CHAR) {
1892                 if (*s == EQUAL_CHAR)
1893                         *t = equal_token;
1894                 else if (*s == COMMA_CHAR)
1895                         *t = comma_token;
1896                 else if (*s == CLOSE_PAREN_CHAR)
1897                         *t = close_paren_token;
1898                 else
1899                         *t = colon_token;
1900                 *begin_token = s;
1901                 *end_token = ++s;
1902         } else {
1903                 s_begin = s;
1904                 while (s < end_s && !is_whitespace(*s)) {
1905                         if (*s == ESCAPE_CHAR)
1906                                 s += 2;
1907                         else if (*s == EQUAL_CHAR || *s == CLOSE_PAREN_CHAR ||
1908                             *s == OPEN_PAREN_CHAR || *s == COMMA_CHAR ||
1909                             *s == COLON_CHAR || *s == OPEN_BRACKET ||
1910                             *s == CLOSE_BRACKET)
1911                                 break;
1912                         else
1913                                 s++;
1914                 }
1915                 if (s > end_s) {
1916                         p_error = parse_unmatched_escape;
1917                         return (NULL);
1918                 }
1919                 *t = string_token;
1920                 *end_token = s;
1921                 *begin_token = s_begin;
1922         }
1923         if (s) {
1924                 while (s < end_s && is_whitespace(*s))
1925                         s++;
1926         }
1927         return (s);
1928 }
1929 
1930 /*
1931  * FUNCTION:    skip_token
1932  *
1933  *      Skip over the specified token - An error is set if
1934  *      next token does not match expected token
1935  *
1936  * RETURN VALUE:        NULL if error
1937  *                      position of beginning next token after
1938  *                      token
1939  *
1940  * INPUT:               the attribute value
1941  */
1942 
1943 const char *
1944 skip_token(const char *s, const char *end_s, token_type t)
1945 {
1946         bool_t  match;
1947         char    c       = 0;
1948 
1949         if (s == NULL)
1950                 return (s);
1951         while (s < end_s && is_whitespace(*s))
1952                 s++;
1953         c = (s == end_s) ? 0 : *s;
1954         switch (t) {
1955                 case equal_token:
1956                         match = c == EQUAL_CHAR;
1957                         if (!match)
1958                                 p_error = parse_equal_expected_error;
1959                         break;
1960                 case comma_token:
1961                         match = c == COMMA_CHAR;
1962                         if (!match)
1963                                 p_error = parse_comma_expected_error;
1964                         break;
1965                 case close_paren_token:
1966                         match = c == CLOSE_PAREN_CHAR;
1967                         if (!match)
1968                                 p_error = parse_close_paren_expected_error;
1969                         break;
1970                 default:
1971                         match = FALSE;
1972                         break;
1973         }
1974         if (match) {
1975                 s++;
1976                 while (s < end_s && is_whitespace(*s))
1977                         s++;
1978         } else {
1979                 s = NULL;
1980         }
1981         return (s);
1982 }
1983 
1984 /*
1985  * FUNCTION:    get_next_extract_format_item
1986  *
1987  *      Get the next format token from the string. Note that
1988  *      get_next_extract_format_item may change the input string.
1989  *
1990  * RETURN VALUE:        NULL if error
1991  *                      position of beginning next token after
1992  *                      token
1993  *
1994  * INPUT:               the format string
1995  */
1996 
1997 const char *
1998 get_next_extract_format_item(
1999         const char              *begin_fmt,
2000         const char              *end_fmt,
2001         __nis_mapping_format_t  *fmt)
2002 {
2003         const char      *s              = begin_fmt;
2004         const char      *s_end          = end_fmt;
2005         bool_t          escape;
2006         bool_t          in_range;
2007         bool_t          got_char;
2008         bool_t          done;
2009         int             numRange;
2010         char            *lo             = NULL;
2011         char            *hi             = NULL;
2012         bool_t          skip_ber;
2013 
2014         for (; p_error == no_parse_error; ) {
2015                 if (s >= s_end)
2016                         break;
2017 
2018                 if (*s == PERCENT_SIGN) {
2019                         s++;
2020                         /*
2021                          * If the format is %s, it is interpreted
2022                          * as a string.
2023                          */
2024                         if (s >= s_end) {
2025                                 p_error = parse_unsupported_format;
2026                                 break;
2027                         }
2028                         skip_ber = FALSE;
2029                         switch (*s) {
2030                                 case 's':
2031                                         fmt->type = mmt_item;
2032                                         break;
2033                                 case 'n':       /* null */
2034                                 case 'x':       /* skip the next element */
2035                                         skip_ber = TRUE;
2036                                         /* FALLTHRU */
2037                                 case 'b':       /* boolean */
2038                                 case 'e':       /* enumerated */
2039                                 case 'i':       /* int */
2040                                 case 'o':       /* octet string */
2041                                 case 'B':       /* bit string */
2042                                         fmt->match.berString = s_strndup(s, 1);
2043                                         fmt->type = skip_ber ?
2044                                                 mmt_berstring_null :
2045                                                 mmt_berstring;
2046                                         break;
2047                                 case 'a':       /* octet string */
2048                                         if (yp2ldap) {
2049                                                 fmt->match.berString =
2050                                                         s_strndup(s, 1);
2051                                                 fmt->type = skip_ber ?
2052                                                         mmt_berstring_null :
2053                                                         mmt_berstring;
2054                                                 break;
2055                                         } /* else FALLTHRU */
2056                                 case '{':       /* begin sequence */
2057                                 case '[':       /* begin set */
2058                                 case '}':       /* end sequence */
2059                                 case ']':       /* end set */
2060                                 case 'l':       /* length of next item */
2061                                 case 'O':       /* octet string */
2062                                 case 't':       /* tag of next item */
2063                                 case 'T':       /* skip tag of next item */
2064                                 case 'v':       /* seq of strings */
2065                                 case 'V':       /* seq of strings + lengths */
2066                                 default:
2067                                         p_error = parse_bad_ber_format;
2068                                         break;
2069                         }
2070                         s++;
2071                 } else if (*s == ASTERIX_CHAR) {
2072                         fmt->type = mmt_any;
2073                         s++;
2074                         while (s < s_end && *s == ASTERIX_CHAR)
2075                                 s++;
2076 
2077                 } else if (*s == OPEN_BRACKET) {
2078                         escape = FALSE;
2079                         in_range = FALSE;
2080                         got_char = FALSE;
2081                         numRange = 0;
2082                         done = FALSE;
2083                         s++;
2084                         for (; s < s_end; s++) {
2085                                 if (escape) {
2086                                         escape = FALSE;
2087                                 } else if (*s == DASH_CHAR) {
2088                                         if (in_range || !got_char) {
2089                                                 p_error = parse_unexpected_dash;
2090                                                 break;
2091                                         }
2092                                         in_range = TRUE;
2093                                         got_char = FALSE;
2094                                         continue;
2095                                 } else if (*s == CLOSE_BRACKET) {
2096                                         if (in_range) {
2097                                                 p_error = parse_unexpected_dash;
2098                                         }
2099                                         done = TRUE;
2100                                         break;
2101                                 } else if (*s == ESCAPE_CHAR) {
2102                                         escape = TRUE;
2103                                         continue;
2104                                 }
2105                                 if (in_range) {
2106                                         hi[numRange - 1] = *s;
2107                                         in_range = FALSE;
2108                                 } else {
2109                                         lo = s_realloc(lo, numRange + 1);
2110                                         hi = s_realloc(hi, numRange + 1);
2111                                         if (lo == NULL || hi == NULL)
2112                                                 break;
2113                                         lo[numRange] = *s;
2114                                         hi[numRange] = *s;
2115                                         numRange++;
2116                                         got_char = TRUE;
2117                                 }
2118                         }
2119                         if (p_error != no_parse_error) {
2120                                 break;
2121                         } else if (!done) {
2122                                 p_error = parse_mismatched_brackets;
2123                                 break;
2124                         }
2125                         s++;
2126                         fmt->type = mmt_single;
2127                         fmt->match.single.numRange = numRange;
2128                         fmt->match.single.lo = (unsigned char *)lo;
2129                         fmt->match.single.hi = (unsigned char *)hi;
2130                 } else {
2131                         /* go to next key symbol - copy escaped key symbols */
2132                         escape = FALSE;
2133                         done = FALSE;
2134                         while (s < s_end) {
2135                                 if (escape)
2136                                         escape = FALSE;
2137                                 else {
2138                                     switch (*s) {
2139                                         case OPEN_BRACKET:
2140                                         case ASTERIX_CHAR:
2141                                         case PERCENT_SIGN:
2142                                                 done = TRUE;
2143                                                 break;
2144                                         case ESCAPE_CHAR:
2145                                                 escape = !escape;
2146                                                 break;
2147                                         default:
2148                                                 break;
2149                                     }
2150                                 }
2151                                 if (done)
2152                                         break;
2153                                 s++;
2154                         }
2155                         if (escape) {
2156                                 p_error = parse_unmatched_escape;
2157                                 break;
2158                         }
2159                         fmt->type = mmt_string;
2160                         fmt->match.string =
2161                                 s_strndup_esc(begin_fmt, s - begin_fmt);
2162                         if (fmt->match.string == NULL)
2163                                 break;
2164                 }
2165 
2166                 if (p_error == no_parse_error)
2167                         return (s);
2168         }
2169         if (lo != NULL)
2170                 free(lo);
2171         if (hi != NULL)
2172                 free(hi);
2173         return (NULL);
2174 }
2175 
2176 /*
2177  * FUNCTION:    get_next_print_format_item
2178  *
2179  *      Get the next format token from the string
2180  *
2181  * RETURN VALUE:        NULL if error
2182  *                      position of beginning next token after
2183  *                      token
2184  *
2185  * INPUT:               the format string
2186  */
2187 
2188 const char *
2189 get_next_print_format_item(
2190         const char              *begin_fmt,
2191         const char              *end_fmt,
2192         __nis_mapping_format_t  *fmt)
2193 {
2194         const char              *s      = begin_fmt;
2195         const char              *s_end  = end_fmt;
2196         bool_t                  skip_ber;
2197 
2198         for (; p_error == no_parse_error; ) {
2199                 if (s >= s_end) {
2200                         p_error = parse_internal_error;
2201                         break;
2202                 }
2203 
2204                 if (*s == PERCENT_SIGN) {
2205                         s++;
2206                         if (s >= s_end) {
2207                                 p_error = parse_unsupported_format;
2208                                 break;
2209                         }
2210                         skip_ber = FALSE;
2211                         /*
2212                          * If the format is %s, it is interpretted
2213                          * as a string.
2214                          */
2215                         switch (*s) {
2216                                 case 's':
2217                                         fmt->type = mmt_item;
2218                                         break;
2219                                 case 'n':       /* null */
2220                                 case 'x':       /* skip the next element */
2221                                         skip_ber = TRUE;
2222                                         /* FALLTHRU */
2223                                 case 'b':       /* boolean */
2224                                 case 'e':       /* enumerated */
2225                                 case 'i':       /* int */
2226                                 case 'o':       /* octet string */
2227                                 case 'B':       /* bit string */
2228                                         fmt->match.berString = s_strndup(s, 1);
2229                                         fmt->type = skip_ber ?
2230                                                 mmt_berstring_null :
2231                                                 mmt_berstring;
2232                                         break;
2233                                 case '{':       /* begin sequence */
2234                                 case '[':       /* begin set */
2235                                 case '}':       /* end sequence */
2236                                 case ']':       /* end set */
2237                                 case 'a':       /* octet string */
2238                                 case 'l':       /* length of next item */
2239                                 case 'O':       /* octet string */
2240                                 case 't':       /* tag of next item */
2241                                 case 'T':       /* skip tag of next item */
2242                                 case 'v':       /* seq of strings */
2243                                 case 'V':       /* seq of strings + lengths */
2244                                 default:
2245                                         p_error = parse_bad_ber_format;
2246                                         break;
2247                         }
2248                         s++;
2249                 } else {
2250                         while (s < s_end) {
2251                                 if (*s == PERCENT_SIGN)
2252                                         break;
2253                                 else if (*s == ESCAPE_CHAR)
2254                                         s++;
2255                                 s++;
2256                         }
2257                         if (s > s_end) {
2258                                 p_error = parse_unmatched_escape;
2259                                 break;
2260                         }
2261                         fmt->match.string =
2262                                 s_strndup_esc(begin_fmt, s - begin_fmt);
2263                         if (fmt->match.string == NULL)
2264                                 break;
2265                         fmt->type = mmt_string;
2266                 }
2267                 if (p_error == no_parse_error)
2268                         return (s);
2269         }
2270         return (NULL);
2271 }
2272 
2273 /*
2274  * FUNCTION:    get_ldap_filter
2275  *
2276  *      Gets an LDAP filter - see RFC 2254. Note that this does not
2277  *      determine if the ldap filter is valid. This only determines
2278  *      that the parentheses are balanced.
2279  *
2280  * RETURN VALUE:        NULL if error
2281  *                      position of beginning next token after
2282  *                      filter
2283  *
2284  * INPUT:               the begin and end of string
2285  *
2286  * OUTPUT:              the begin and end of LDAP filter
2287  *
2288  */
2289 
2290 const char *
2291 get_ldap_filter(const char **begin, const char **end)
2292 {
2293         const char      *s              = *begin;
2294         const char      *s_begin;
2295         const char      *s_end          = *end;
2296         int             nParen;
2297 
2298         for (; p_error == no_parse_error; ) {
2299                 while (s < s_end && is_whitespace(*s))
2300                         s++;
2301                 if (s == s_end) {
2302                         s = NULL;
2303                         break;
2304                 }
2305 
2306                 s_begin = s;
2307                 if (*s == OPEN_PAREN_CHAR) {
2308                         nParen = 1;
2309                         s++;
2310                         while (s < s_end && nParen > 0) {
2311                                 if (*s == ESCAPE_CHAR)
2312                                         s++;
2313                                 else if (*s == OPEN_PAREN_CHAR)
2314                                         nParen++;
2315                                 else if (*s == CLOSE_PAREN_CHAR)
2316                                         nParen--;
2317                                 s++;
2318                         }
2319                         if (nParen == 0) {
2320                                 *begin = s_begin;
2321                                 *end = s;
2322                                 while (s < s_end && is_whitespace(*s))
2323                                         s++;
2324                         } else
2325                                 s = NULL;
2326                 } else
2327                         s = NULL;
2328                 if (p_error == no_parse_error)
2329                         break;
2330         }
2331         if (s == NULL)
2332                 p_error = parse_invalid_ldap_search_filter;
2333 
2334         return (s);
2335 }
2336 
2337 /*
2338  * FUNCTION:    get_ava_list
2339  *
2340  *      Gets an attribute value assertion list
2341  *
2342  * RETURN VALUE:        NULL if error
2343  *                      position of beginning next token after
2344  *                      after attribute assertion
2345  *
2346  * INPUT:               the begin and end of string
2347  *                      Indicator if ava list is part of a nisplus
2348  *                      item
2349  *
2350  * OUTPUT:              the begin and end of LDAP filter
2351  *
2352  */
2353 
2354 const char *
2355 get_ava_list(const char **begin, const char **end, bool_t end_nisplus)
2356 {
2357         const char      *s              = *begin;
2358         const char      *s_begin;
2359         const char      *s_end          = *end;
2360         bool_t          in_quote;
2361         bool_t          got_equal;
2362         bool_t          got_data;
2363 
2364         for (; p_error == no_parse_error; ) {
2365                 while (s < s_end && is_whitespace(*s))
2366                         s++;
2367                 if (s == s_end) {
2368                         s = NULL;
2369                         break;
2370                 }
2371 
2372                 in_quote = FALSE;
2373                 got_equal = FALSE;
2374                 got_data = FALSE;
2375                 s_begin = s;
2376                 while (s < s_end) {
2377                         if (*s == ESCAPE_CHAR) {
2378                             s++;
2379                             got_data = TRUE;
2380                         } else if (*s == DOUBLE_QUOTE_CHAR) {
2381                             in_quote = !in_quote;
2382                             got_data = TRUE;
2383                         } else if (in_quote)
2384                                 ;
2385                         else if (*s == EQUAL_CHAR) {
2386                             if (end_nisplus && got_data && got_equal)
2387                                 break;
2388                             if (!got_data || got_equal) {
2389                                 got_equal = FALSE;
2390                                 break;
2391                             }
2392                             got_equal = TRUE;
2393                             got_data = FALSE;
2394                         } else if (*s == COMMA_CHAR) {
2395                             if (!got_data || !got_equal)
2396                                 break;
2397                             got_data = FALSE;
2398                             got_equal = FALSE;
2399                         } else if (is_whitespace(*s))
2400                                 ;
2401                         else
2402                                 got_data = TRUE;
2403                         s++;
2404                 }
2405                 if (!got_data || !got_equal || in_quote)
2406                         s = NULL;
2407                 else {
2408                         *begin = s_begin;
2409                         *end = s;
2410                         while (s < s_end && is_whitespace(*s))
2411                                 s++;
2412                 }
2413                 if (p_error == no_parse_error)
2414                         break;
2415         }
2416         if (s == NULL)
2417                 p_error = parse_invalid_ldap_search_filter;
2418 
2419         return (s);
2420 }
2421 
2422 /* Utility functions */
2423 bool_t
2424 validate_dn(const char *s, int len)
2425 {
2426         const char *end = s + len;
2427         bool_t  valid;
2428 
2429         valid = skip_get_dn(s, end) == end;
2430 
2431         if (!valid)
2432                 p_error = parse_bad_dn;
2433         return (valid);
2434 }
2435 
2436 bool_t
2437 validate_ldap_filter(const char *s, const char *end)
2438 {
2439         const char      *s_begin;
2440         const char      *s_end;
2441 
2442         s_begin = s;
2443         s_end = end;
2444 
2445         if (*s == OPEN_PAREN_CHAR) {
2446                 s = get_ldap_filter(&s_begin, &s_end);
2447         } else {
2448                 /* Assume an attribute value list */
2449                 s = get_ava_list(&s_begin, &s_end, FALSE);
2450         }
2451         if (s == NULL || s_end != end)
2452                 p_error = parse_invalid_ldap_search_filter;
2453 
2454         return (p_error == no_parse_error);
2455 }
2456 
2457 char *
2458 s_strndup(const char *s, int n)
2459 {
2460         char *d = (char *)malloc(n + 1);
2461 
2462         if (d != NULL) {
2463                 (void) memcpy(d, s, n);
2464                 d[n] = '\0';
2465         } else {
2466                 p_error = parse_no_mem_error;
2467         }
2468 
2469         return (d);
2470 }
2471 
2472 char *
2473 s_strndup_esc(const char *s, int n)
2474 {
2475         char    *d      = (char *)malloc(n + 1);
2476         int     i;
2477         int     j;
2478 
2479         if (d != NULL) {
2480                 for (i = 0, j = 0; i < n; i++) {
2481                         if (s[i] == ESCAPE_CHAR)
2482                                 i++;
2483                         d[j++] = s[i];
2484                 }
2485                 d[j] = '\0';
2486         } else {
2487                 p_error = parse_no_mem_error;
2488         }
2489 
2490         return (d);
2491 }
2492 
2493 void *
2494 s_calloc(size_t n, size_t size)
2495 {
2496         void *d = (char *)calloc(n, size);
2497 
2498         if (d == NULL) {
2499                 p_error = parse_no_mem_error;
2500         }
2501 
2502         return (d);
2503 }
2504 
2505 void *
2506 s_malloc(size_t size)
2507 {
2508         void *d = malloc(size);
2509         if (d == NULL)
2510                 p_error = parse_no_mem_error;
2511         return (d);
2512 }
2513 
2514 void *
2515 s_realloc(void *s, size_t size)
2516 {
2517         s = realloc(s, size);
2518         if (s == NULL)
2519                 p_error = parse_no_mem_error;
2520         return (s);
2521 }
2522 
2523 char *
2524 s_strdup(const char *s)
2525 {
2526         return (s != NULL ? s_strndup(s, strlen(s)) : NULL);
2527 }
2528 
2529 bool_t
2530 is_whitespace(int c)
2531 {
2532         return (c == ' ' || c == '\t');
2533 }
2534 
2535 bool_t
2536 is_string_ok(char *buffer, int buflen)
2537 {
2538         int i;
2539 
2540         if (buffer == NULL)
2541                 return (FALSE);
2542 
2543         for (i = 0; i < buflen; i++) {
2544                 if (!is_whitespace(buffer[i])) {
2545                         if (buffer[i] == POUND_SIGN)
2546                                 return (TRUE);
2547                         else
2548                                 return (FALSE);
2549                 }
2550         }
2551         return (TRUE);
2552 }
2553 
2554 /*
2555  * Returns true if the first string is contained at the beginning of the
2556  * second string. Otherwise returns false.
2557  */
2558 
2559 bool_t
2560 contains_string(const char *s1, const char *s2)
2561 {
2562         return (strncasecmp(s1, s2, strlen(s1)) == 0);
2563 }
2564 
2565 /*
2566  * Returns the next character position in the second string, if the first
2567  * string is contained at the beginning of the second string. Otherwise
2568  * returns NULL.
2569  */
2570 
2571 const char *
2572 skip_string(const char *s1, const char *s2, int len)
2573 {
2574         int len1 = strlen(s1);
2575 
2576         if (len >= len1 && strncasecmp(s1, s2, strlen(s1)) == 0)
2577                 return (s2 + len1);
2578         else
2579                 return (NULL);
2580 }
2581 
2582 /*
2583  * The second string is not necessarily null terminated.
2584  * same_string returns true if the second string matches the first.
2585  * Otherwise returns false.
2586  */
2587 
2588 bool_t
2589 same_string(const char *s1, const char *s2, int len)
2590 {
2591         int len1 = strlen(s1);
2592 
2593         return (len1 == len && strncasecmp(s1, s2, len1) == 0);
2594 }
2595 
2596 void
2597 report_error(const char *str, const char *attr)
2598 {
2599         char    fmt_buf[1024];
2600         int     pos             = 0;
2601 
2602         if (command_line_source != NULL) {
2603                 snprintf(fmt_buf, sizeof (fmt_buf), "Error parsing %s: ",
2604                         command_line_source);
2605                 pos = strlen(fmt_buf);
2606         } else if (file_source != NULL) {
2607                 snprintf(fmt_buf, sizeof (fmt_buf), "Error parsing file '%s': ",
2608                         file_source);
2609                 pos = strlen(fmt_buf);
2610         } else if (ldap_source != NULL) {
2611                 snprintf(fmt_buf, sizeof (fmt_buf), "Error for LDAP dn '%s': ",
2612                         ldap_source);
2613                 pos = strlen(fmt_buf);
2614         }
2615 
2616         if (start_line_num != 0) {
2617                 snprintf(fmt_buf + pos, sizeof (fmt_buf) - pos, "at line %d: ",
2618                         start_line_num);
2619                 pos += strlen(fmt_buf + pos);
2620         }
2621 
2622         if (attr != NULL) {
2623                 snprintf(fmt_buf + pos, sizeof (fmt_buf) - pos,
2624                         "for attribute %s: ", attr);
2625                 pos += strlen(fmt_buf + pos);
2626         }
2627 
2628         if (cons != NULL) {
2629                 snprintf(fmt_buf + pos, sizeof (fmt_buf) - pos, "%s\n",
2630                         parse_error_msg[p_error]);
2631                 fprintf(cons, fmt_buf, str == NULL ? "" : str);
2632         } else {
2633                 snprintf(fmt_buf + pos, sizeof (fmt_buf) - pos, "%s",
2634                         parse_error_msg[p_error]);
2635                 syslog(LOG_ERR, fmt_buf, str == NULL ? "" : str);
2636         }
2637 }
2638 
2639 void
2640 report_error2(
2641         const char      *str1,
2642         const char      *str2)
2643 {
2644         char    fmt_buf[1024];
2645 
2646         if (cons != NULL) {
2647                 snprintf(fmt_buf, sizeof (fmt_buf),
2648                         "%s\n",  parse_error_msg[p_error]);
2649                 fprintf(cons, fmt_buf, str1, str2);
2650         } else {
2651                 syslog(LOG_ERR, parse_error_msg[p_error], str1, str2);
2652         }
2653 }
2654 
2655 void
2656 report_conn_error(
2657         conn_error      e,
2658         const char      *str1,
2659         const char      *str2)
2660 {
2661         char    fmt_buf[1024];
2662 
2663         if (cons != NULL) {
2664                 snprintf(fmt_buf, sizeof (fmt_buf),
2665                         "%s\n",  conn_error_msg[e]);
2666                 fprintf(cons, fmt_buf,
2667                         str1 == NULL ? "" : str1,
2668                         str2 == NULL ? "" : str2);
2669         } else {
2670                 syslog(LOG_ERR,
2671                         conn_error_msg[e],
2672                         str1 == NULL ? "" : str1,
2673                         str2 == NULL ? "" : str2);
2674         }
2675 }
2676 
2677 void
2678 report_info(
2679         const char      *str,
2680         const char      *arg)
2681 {
2682         if (cons != NULL) {
2683                 fputs(str, cons);
2684                 if (arg != NULL)
2685                         fputs(arg, cons);
2686                 fputs("\n", cons);
2687         } else
2688                 syslog(LOG_INFO, str, arg);
2689 }