1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
|
/*++
/* NAME
/* dict_nis 3
/* SUMMARY
/* dictionary manager interface to NIS maps
/* SYNOPSIS
/* #include <dict_nis.h>
/*
/* DICT *dict_nis_open(map, open_flags, dict_flags)
/* const char *map;
/* int open_flags;
/* int dict_flags;
/* DESCRIPTION
/* dict_nis_open() makes the specified NIS map accessible via
/* the generic dictionary operations described in dict_open(3).
/* SEE ALSO
/* dict(3) generic dictionary manager
/* DIAGNOSTICS
/* Fatal errors: out of memory, attempt to update NIS map.
/* LICENSE
/* .ad
/* .fi
/* The Secure Mailer license must be distributed with this software.
/* AUTHOR(S)
/* Wietse Venema
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
/* System library. */
#include "sys_defs.h"
#include <string.h>
#ifdef STRCASECMP_IN_STRINGS_H
#include <strings.h>
#endif
#ifdef HAS_NIS
#include <rpcsvc/ypclnt.h>
#ifndef YPERR_BUSY
#define YPERR_BUSY 16
#endif
#ifndef YPERR_ACCESS
#define YPERR_ACCESS 15
#endif
#endif
/* Utility library. */
#include "msg.h"
#include "mymalloc.h"
#include "vstring.h"
#include "stringops.h"
#include "dict.h"
#include "dict_nis.h"
#ifdef HAS_NIS
/* Application-specific. */
typedef struct {
DICT dict; /* generic members */
} DICT_NIS;
/*
* Class variables, so that multiple maps can share this info.
*/
static char dict_nis_disabled[1];
static char *dict_nis_domain;
/* dict_nis_init - NIS binding */
static void dict_nis_init(void)
{
const char *myname = "dict_nis_init";
if (yp_get_default_domain(&dict_nis_domain) != 0
|| dict_nis_domain == 0 || *dict_nis_domain == 0
|| strcasecmp(dict_nis_domain, "(none)") == 0) {
dict_nis_domain = dict_nis_disabled;
msg_warn("%s: NIS domain name not set - NIS lookups disabled", myname);
}
if (msg_verbose)
msg_info("%s: NIS domain %s", myname, dict_nis_domain);
}
/* dict_nis_strerror - map error number to string */
static char *dict_nis_strerror(int err)
{
/*
* Grr. There should be a standard function for this.
*/
switch (err) {
case YPERR_BADARGS:
return ("args to function are bad");
case YPERR_RPC:
return ("RPC failure - domain has been unbound");
case YPERR_DOMAIN:
return ("can't bind to server on this domain");
case YPERR_MAP:
return ("no such map in server's domain");
case YPERR_KEY:
return ("no such key in map");
case YPERR_YPERR:
return ("internal yp server or client error");
case YPERR_RESRC:
return ("resource allocation failure");
case YPERR_NOMORE:
return ("no more records in map database");
case YPERR_PMAP:
return ("can't communicate with portmapper");
case YPERR_YPBIND:
return ("can't communicate with ypbind");
case YPERR_YPSERV:
return ("can't communicate with ypserv");
case YPERR_NODOM:
return ("local domain name not set");
case YPERR_BADDB:
return ("yp database is bad");
case YPERR_VERS:
return ("yp version mismatch");
case YPERR_ACCESS:
return ("access violation");
case YPERR_BUSY:
return ("database busy");
default:
return ("unknown NIS lookup error");
}
}
/* dict_nis_lookup - find table entry */
static const char *dict_nis_lookup(DICT *dict, const char *key)
{
DICT_NIS *dict_nis = (DICT_NIS *) dict;
static char *result;
int result_len;
int err;
static VSTRING *buf;
dict->error = 0;
/*
* Sanity check.
*/
if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0)
msg_panic("dict_nis_lookup: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag");
if (dict_nis_domain == dict_nis_disabled)
return (0);
/*
* Optionally fold the key.
*/
if (dict->flags & DICT_FLAG_FOLD_FIX) {
if (dict->fold_buf == 0)
dict->fold_buf = vstring_alloc(10);
vstring_strcpy(dict->fold_buf, key);
key = lowercase(vstring_str(dict->fold_buf));
}
/*
* See if this NIS map was written with one null byte appended to key and
* value.
*/
if (dict->flags & DICT_FLAG_TRY1NULL) {
err = yp_match(dict_nis_domain, dict_nis->dict.name,
(void *) key, strlen(key) + 1,
&result, &result_len);
if (err == 0) {
dict->flags &= ~DICT_FLAG_TRY0NULL;
return (result);
}
}
/*
* See if this NIS map was written with no null byte appended to key and
* value. This should never be the case, but better play safe.
*/
if (dict->flags & DICT_FLAG_TRY0NULL) {
err = yp_match(dict_nis_domain, dict_nis->dict.name,
(void *) key, strlen(key),
&result, &result_len);
if (err == 0) {
dict->flags &= ~DICT_FLAG_TRY1NULL;
if (buf == 0)
buf = vstring_alloc(10);
vstring_strncpy(buf, result, result_len);
return (vstring_str(buf));
}
}
/*
* When the NIS lookup fails for reasons other than "key not found", keep
* logging warnings, and hope that someone will eventually notice the
* problem and fix it.
*/
if (err != YPERR_KEY) {
msg_warn("lookup %s, NIS domain %s, map %s: %s",
key, dict_nis_domain, dict_nis->dict.name,
dict_nis_strerror(err));
dict->error = DICT_ERR_RETRY;
}
return (0);
}
/* dict_nis_close - close NIS map */
static void dict_nis_close(DICT *dict)
{
if (dict->fold_buf)
vstring_free(dict->fold_buf);
dict_free(dict);
}
/* dict_nis_open - open NIS map */
DICT *dict_nis_open(const char *map, int open_flags, int dict_flags)
{
DICT_NIS *dict_nis;
if (open_flags != O_RDONLY)
return (dict_surrogate(DICT_TYPE_NIS, map, open_flags, dict_flags,
"%s:%s map requires O_RDONLY access mode",
DICT_TYPE_NIS, map));
dict_nis = (DICT_NIS *) dict_alloc(DICT_TYPE_NIS, map, sizeof(*dict_nis));
dict_nis->dict.lookup = dict_nis_lookup;
dict_nis->dict.close = dict_nis_close;
dict_nis->dict.flags = dict_flags | DICT_FLAG_FIXED;
if ((dict_flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0)
dict_nis->dict.flags |= (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL);
if (dict_flags & DICT_FLAG_FOLD_FIX)
dict_nis->dict.fold_buf = vstring_alloc(10);
if (dict_nis_domain == 0)
dict_nis_init();
dict_nis->dict.owner.status = DICT_OWNER_TRUSTED;
return (DICT_DEBUG (&dict_nis->dict));
}
#endif
|