[hcoop/debian/libnss-afs.git] / nss_afs.c


/*****************************************************************************
 * libnss-afs (nss_afs.c)
 *
 * Copyright 2008, licensed under GNU Library General Public License (LGPL)
 * see COPYING file for details
 *
 * by Adam Megacz <megacz@hcoop.net>
 * derived from Frank Burkhardt's libnss_ptdb,
 * which was derived from Todd M. Lewis' libnss_pts
 *****************************************************************************/

/*
 *  If you are reading this code for the first time, read the rest of
 *  this comment block, then start at the bottom of the file and work
 *  your way upwards.
 *
 *  All functions which return an int use zero to signal success --
 *  except cpstr(), which returns zero on *failure*.  This should be
 *  fixed.
 *
 *  A note about memory allocation:
 *
 *    NSS plugins generally ought to work without attempting to call
 *    malloc() (which may fail).  Therefore, glibc allocates a buffer
 *    before calling NSS library functions, and passes that buffer to
 *    the NSS library; library functions store their results in the
 *    buffer and return pointers into that buffer.
 *
 *    The convention used throughout this library is to pass around a
 *    char** which points to a pointer to the first unused byte in the
 *    provided buffer, and a size_t* which points to an int indicating
 *    how many bytes are left between the char** and the end of the
 *    available region.
 */

#include <ctype.h>
#include <err.h>
#include <errno.h>
#include <fcntl.h>
#include <getopt.h>
#include <grp.h>
#include <netinet/in.h>
#include <nss.h>
#include <pthread.h>
#include <pwd.h>
#include <rx/rx.h>
#include <rx/xdr.h>
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/select.h>
#include <sys/socket.h>
#include <sys/stat.h>
#include <sys/time.h>
#include <sys/types.h>
#include <unistd.h>
#include <afs/afs.h>
#include <afs/afsutil.h>
#include <afs/cellconfig.h>
#include <afs/com_err.h>
#include <afs/param.h>
#include <afs/ptclient.h>
#include <afs/pterror.h>
#include <afs/stds.h>

#define HOMEDIR_AUTO      0
#define HOMEDIR_ADMINLINK 1
#define HOMEDIR_PREFIX    2
#define SHELL_BASH        0
#define SHELL_ADMINLINK   1
#define SHELL_USERLINK    2

#define AFS_MAGIC_ANONYMOUS_USERID 32766
#define MIN_PAG_GID                0x41000000L
#define MAX_PAG_GID                0x41FFFFFFL
#define MIN_OLDPAG_GID             0x3f00
#define MAX_OLDPAG_GID             0xff00

#define MAXCELLNAMELEN             256
#define MAXUSERNAMELEN             256

static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER;

extern struct ubik_client *pruclient;

int  afs_initialized = 0;
char cellname[MAXCELLNAMELEN];
char homedir_prefix[MAXPATHLEN];
char cell_root[MAXPATHLEN];
int  homedir_prefix_len=0;
char homedirs_method=0;
char shells_method=0;

/**
 *  The cpstr() function copies a null-terminated string from str*
 *  (the first argument) into buf and updates both buf and buflen.  If
 *  the string would overflow the buffer, no action is taken.  The
 *  number of bytes copied is returned (zero indicates failure).
 */
int cpstr( char *str, char **buf, size_t *buflen) {
  int len = strlen(str);
  if ( len >= *buflen-1 ) return 0;
  strcpy(*buf,str);
  *buflen -= len + 1;
  *buf    += len + 1;
  return len;
}

/**
 * Look up the name corresponding to uid, store in buffer.
 */
enum nss_status ptsid2name(int uid, char **buffer, int *buflen) {
  int ret, i;
  idlist lid;
  namelist lnames;

  init_afs();

  if (uid==AFS_MAGIC_ANONYMOUS_USERID) {
    if (!cpstr("anonymous", buffer, buflen)) return NSS_STATUS_UNAVAIL;
    return NSS_STATUS_SUCCESS;
  }

  if (pthread_mutex_lock(&mutex)) return NSS_STATUS_UNAVAIL;
  
  lid.idlist_val = (afs_int32*)&uid;
  lid.idlist_len = 1;
  lnames.namelist_val = 0;
  lnames.namelist_len = 0;

  if (ubik_Call(PR_IDToName,pruclient,0,&lid,&lnames) != PRSUCCESS) {
    pthread_mutex_unlock(&mutex);
    return NSS_STATUS_UNAVAIL;
  }

  ret = NSS_STATUS_NOTFOUND;
  for (i=0;i<lnames.namelist_len;i++) {
    int delta = strlen(lnames.namelist_val[i]);
    if ( (delta < buflen) && islower(*(lnames.namelist_val[i])) ) {
      cpstr(lnames.namelist_val[i], buffer, buflen);
      ret = NSS_STATUS_SUCCESS;
    }
  }
  free(lnames.namelist_val);
  /* free(lid.idlist_val); */
  lid.idlist_val = 0;
  lid.idlist_len = 0;

  pthread_mutex_unlock(&mutex);
  return ret;
}

/**
 * Look up the uid corresponding to name in ptserver.
 */
enum nss_status ptsname2id(char *name, uid_t* uid) {
  int res;
  idlist lid;
  namelist lnames;
  char uname[MAXUSERNAMELEN];

  init_afs();
  
  if (!strcmp(name,"anonymous")) {
    *uid = AFS_MAGIC_ANONYMOUS_USERID;
    return NSS_STATUS_SUCCESS;
  }

  if (pthread_mutex_lock(&mutex)) return NSS_STATUS_UNAVAIL;

  lid.idlist_val = 0;
  lid.idlist_len = 0;
  lnames.namelist_val = (prname*)uname;
  // apparently ubik expects to be able to modify this?
  strncpy(uname, name, MAXUSERNAMELEN);
  lnames.namelist_len = 1;

  if (ubik_Call(PR_NameToID,pruclient,0,&lnames,&lid) != PRSUCCESS) {
    pthread_mutex_unlock(&mutex);
    return NSS_STATUS_UNAVAIL;
  }
  pthread_mutex_unlock(&mutex);

  res = (uid_t)lid.idlist_val[0];
  if (res == AFS_MAGIC_ANONYMOUS_USERID) return NSS_STATUS_NOTFOUND;
  *uid = res;
  return NSS_STATUS_SUCCESS;
}

/**
 *  Initialize the library; returns zero on success
 */
int init_afs() {
  FILE *thiscell;
  int len;
  struct stat statbuf;

  if (afs_initialized) {
    /* wait until /afs/@cell/ appears as a proxy for "the network is up" */
    if (stat(cell_root, &statbuf)) return -1;
    return 0;
  }
  
  if (pthread_mutex_lock(&mutex)) return -1;
  do {
    homedirs_method=HOMEDIR_PREFIX;
    shells_method=SHELL_USERLINK;

    len = snprintf(cellname, MAXCELLNAMELEN,
                   "%s/ThisCell", AFSDIR_CLIENT_ETC_DIRPATH);
    if (len < 0 || len >= MAXCELLNAMELEN) return -1;

    thiscell=fopen(cellname,"r");
    if (thiscell == NULL) break;
    len=fread(cellname,1,MAXCELLNAMELEN,thiscell);
    if (!feof(thiscell)) {
      // Cellname too long
      fclose(thiscell);
      strcpy(homedir_prefix,"/tmp/\0");
      homedir_prefix_len=5;
      break;
    }
    fclose(thiscell);

    if (cellname[len-1] == '\n') len--;
    cellname[len]='\0';

    /* wait until /afs/@cell/ appears as a proxy for "the network is up" */
    sprintf(cell_root,"/afs/%s/",cellname);
    if (stat(cell_root, &statbuf)) break;

    sprintf(homedir_prefix,"/afs/%s/user/",cellname);
    homedir_prefix_len=strlen(homedir_prefix);

    /* time out requests after 5 seconds to avoid hanging things */
    rx_SetRxDeadTime(5);    

    if (pr_Initialize(0L,AFSDIR_CLIENT_ETC_DIRPATH, 0)) break;
    
    afs_initialized = 1;
    pthread_mutex_unlock(&mutex);
    return 0;

  } while(0);
  pthread_mutex_unlock(&mutex);
  return -1;
}


/**
 * Retrieves the homedir for a given user; returns 0 on success.
 */
int get_homedir(char *name, char **buffer, size_t *buflen) {
  char buf[256];
  int temp;
  char *b;
  b=*buffer;
  switch (homedirs_method) {
    case HOMEDIR_PREFIX:
      homedir_prefix[homedir_prefix_len+0]=name[0];
      homedir_prefix[homedir_prefix_len+1]='/';
      homedir_prefix[homedir_prefix_len+2]=name[0];
      homedir_prefix[homedir_prefix_len+3]=name[1];
      homedir_prefix[homedir_prefix_len+4]='/';
      homedir_prefix[homedir_prefix_len+5]=0;
      strncpy(&homedir_prefix[homedir_prefix_len+5],name,40);
      if (! cpstr(homedir_prefix,buffer,buflen) ) return -1;
      break;
    case HOMEDIR_AUTO:
      homedir_prefix[homedir_prefix_len]=0;
      strncpy(&homedir_prefix[homedir_prefix_len],name,40);
      if (! cpstr(homedir_prefix,buffer,buflen) ) return -1;
      break;
    case HOMEDIR_ADMINLINK:
      if ( snprintf(buf,256,"/afs/%s/admin/homedirs/%s",cellname,name) > 0 ) {
        temp=readlink(buf,*buffer,*buflen);
        if ( temp > -1) {
          b[temp]=0;
          *buflen = *buflen - temp - 1;
          return -1;
        }
      }
      if (! cpstr("/tmp",buffer,buflen) ) return -1;
      break;
  }
  return 0;
}

/**
 * Retrieves the shell for a given user; returns 0 on success.
 */
int get_shell(char *name, char **buffer, size_t *buflen) {
  char buf[256];
  int temp;
  char *b;
  char* bufx = buf;
  int bufxlen = 256;
  b=*buffer;

  switch (shells_method) {
    case SHELL_BASH:
      break;

    case SHELL_ADMINLINK:
      if (snprintf(buf,256,"/afs/%s/admin/shells/%s",cellname,name)<=0) break;
      temp = readlink(buf,*buffer,*buflen);
      if (temp < 0) break;
      b[temp]=0;
      *buflen = *buflen - temp - 1;
      return 0;

    case SHELL_USERLINK:
      if (get_homedir(name, &bufx, &bufxlen)) break;
      if (strncpy(buf+strlen(buf),"/.loginshell",bufxlen)<=0) break;
      temp = readlink(buf,*buffer,*buflen);
      if (temp < 0) break;
      b[temp]=0;
      *buflen = *buflen - temp - 1;
      return 0;
  }
  if (! cpstr("/bin/bash",buffer,buflen) )
    return -1;
  return 0;
}


/*
 * This function is exported; glibc will invoke it in order to find
 * the name and list of members of a group specified by a numerical
 * groupid.
 */
enum nss_status _nss_afs_getgrgid_r (gid_t gid,
                                     struct group *result,
                                     char *buffer,
                                     size_t buflen,
                                     int *errnop) {
  int length;
  int showgid = 0;
  if (gid >= MIN_PAG_GID && gid <= MAX_PAG_GID) {
    showgid = gid-MIN_PAG_GID;
  } else if (gid >= MIN_OLDPAG_GID && gid <= MAX_OLDPAG_GID) {
    showgid = gid-MIN_OLDPAG_GID;
  } else {
    *errnop=ENOENT;
    return NSS_STATUS_NOTFOUND;
  }
  do {
    result->gr_gid=gid;

    result->gr_name=buffer;
    length=snprintf(buffer,buflen,"AfsPag-%x",showgid);
    
    if (length < 0) break;
    length += 1;
    buflen -= length;
    buffer += length;

    result->gr_passwd=buffer;

    if (!cpstr("x",&buffer,&buflen)) break;

    if (buflen < sizeof(char*)) break;
    result->gr_mem=buffer;
    result->gr_mem[0] = NULL;

    *errnop=errno;
    return NSS_STATUS_SUCCESS;

  } while(0);
  *errnop=ENOENT;
  return NSS_STATUS_UNAVAIL;
}

/**
 * A helper function to fill in the fields of "struct passwd"; used by
 * both _nss_afs_getpwuid_r() and _nss_afs_getpwnam_r().
 */
enum nss_status fill_result_buf(uid_t uid,
                                char* name,
                                struct passwd *result_buf,
                                char *buffer,
                                size_t buflen,
                                int *errnop) {
  result_buf->pw_name = name;
  do {
    /* set the password to "x" */
    result_buf->pw_passwd = buffer;
    if ( ! cpstr("x",&buffer, &buflen) ) break;

    /* the uid and gid are both the uid passed in */
    result_buf->pw_uid = uid;
    result_buf->pw_gid = 65534;

    /* make the gecos the same as the PTS name */
    result_buf->pw_gecos = buffer;
    if ( ! cpstr(result_buf->pw_name, &buffer, &buflen ) ) break;

    // Set the homedirectory
    result_buf->pw_dir = buffer;
    if ( get_homedir(result_buf->pw_name,&buffer,&buflen) ) break;

    // Set the login shell
    result_buf->pw_shell = buffer;
    if ( get_shell(result_buf->pw_name,&buffer,&buflen) ) break;

#ifdef LIMIT_USERNAME_CHARS
    if ( strlen(result_buf->pw_name) > LIMIT_USERNAME_CHARS ) {
      result_buf->pw_name[LIMIT_USERNAME_CHARS] = '\0';
      buflen = buflen + ( buffer - &result_buf->pw_name[LIMIT_USERNAME_CHARS+1] );
      buffer = &result_buf->pw_name[LIMIT_USERNAME_CHARS+1];
    }
#endif

    *errnop = errno;
    return NSS_STATUS_SUCCESS;
  } while(0);

  *errnop = ERANGE;
  return NSS_STATUS_UNAVAIL;
}


/**
 * This function is exported; glibc will invoke it in order to gather
 * the user information (userid, homedir, shell) associated with a
 * numerical userid.
 */
enum nss_status _nss_afs_getpwuid_r (uid_t uid,
                                     struct passwd *result_buf,
                                     char *buffer,
                                     size_t buflen,
                                     int *errnop) {
  int temp;
  char* name;

  if (init_afs()) return NSS_STATUS_UNAVAIL;

  name = buffer;
  temp = ptsid2name( uid, &buffer, &buflen);
  if (temp != NSS_STATUS_SUCCESS) {
    *errnop = ENOENT;
    return temp;
  }

  return fill_result_buf(uid, name, result_buf, buffer, buflen, errnop);
}

/**
 * This function is exported; glibc will invoke it in order to gather
 * the user information (userid, homedir, shell) associated with a
 * username.
 */
enum nss_status _nss_afs_getpwnam_r (char *name,
                                     struct passwd *result_buf,
                                     char *buffer,
                                     size_t buflen,
                                     int *errnop) {
  uid_t uid;
  int temp;

  if (init_afs()) return NSS_STATUS_UNAVAIL;

  temp = ptsname2id(name,&uid);
  if (temp != NSS_STATUS_SUCCESS) {
    *errnop = ENOENT;
    return temp;
  }

  return fill_result_buf(uid, name, result_buf, buffer, buflen, errnop);
}
Commit	Line	Data
03b6b479	1
908a6ebe	2	/*****************************************************************************
908a6ebe	3	* libnss-afs (nss_afs.c)
03b6b479	4	*
	5	* Copyright 2008, licensed under GNU Library General Public License (LGPL)
	6	* see COPYING file for details
	7	*
908a6ebe	8	* by Adam Megacz <megacz@hcoop.net>
03b6b479	9	* derived from Frank Burkhardt's libnss_ptdb,
03b6b479	10	* which was derived from Todd M. Lewis' libnss_pts
908a6ebe	11	*****************************************************************************/
03b6b479	12
03b6b479	13	/*
908a6ebe	14	* If you are reading this code for the first time, read the rest of
	15	* this comment block, then start at the bottom of the file and work
	16	* your way upwards.
	17	*
	18	* All functions which return an int use zero to signal success --
	19	* except cpstr(), which returns zero on failure. This should be
	20	* fixed.
	21	*
	22	* A note about memory allocation:
	23	*
	24	* NSS plugins generally ought to work without attempting to call
	25	* malloc() (which may fail). Therefore, glibc allocates a buffer
	26	* before calling NSS library functions, and passes that buffer to
	27	* the NSS library; library functions store their results in the
	28	* buffer and return pointers into that buffer.
	29	*
	30	* The convention used throughout this library is to pass around a
	31	* char** which points to a pointer to the first unused byte in the
	32	* provided buffer, and a size_t* which points to an int indicating
	33	* how many bytes are left between the char** and the end of the
	34	* available region.
03b6b479	35	*/
	36
	37	#include <ctype.h>
	38	#include <err.h>
	39	#include <errno.h>
	40	#include <fcntl.h>
	41	#include <getopt.h>
	42	#include <grp.h>
	43	#include <netinet/in.h>
	44	#include <nss.h>
	45	#include <pthread.h>
	46	#include <pwd.h>
	47	#include <rx/rx.h>
	48	#include <rx/xdr.h>
	49	#include <signal.h>
	50	#include <stdio.h>
	51	#include <stdlib.h>
	52	#include <string.h>
	53	#include <sys/select.h>
	54	#include <sys/socket.h>
43d1801e	55	#include <sys/stat.h>
03b6b479	56	#include <sys/time.h>
	57	#include <sys/types.h>
	58	#include <unistd.h>
	59	#include <afs/afs.h>
	60	#include <afs/afsutil.h>
	61	#include <afs/cellconfig.h>
	62	#include <afs/com_err.h>
	63	#include <afs/param.h>
	64	#include <afs/ptclient.h>
	65	#include <afs/pterror.h>
	66	#include <afs/stds.h>
	67
908a6ebe	68	#define HOMEDIR_AUTO 0
03b6b479	69	#define HOMEDIR_ADMINLINK 1
908a6ebe	70	#define HOMEDIR_PREFIX 2
	71	#define SHELL_BASH 0
	72	#define SHELL_ADMINLINK 1
	73	#define SHELL_USERLINK 2
03b6b479	74
03b6b479	75	#define AFS_MAGIC_ANONYMOUS_USERID 32766
908a6ebe	76	#define MIN_PAG_GID 0x41000000L
	77	#define MAX_PAG_GID 0x41FFFFFFL
	78	#define MIN_OLDPAG_GID 0x3f00
	79	#define MAX_OLDPAG_GID 0xff00
03b6b479	80
908a6ebe	81	#define MAXCELLNAMELEN 256
abfd757b	82	#define MAXUSERNAMELEN 256
91bb9ebc	83
03b6b479	84	static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER;
03b6b479	85
03b6b479	86	extern struct ubik_client *pruclient;
	87
	88	int afs_initialized = 0;
908a6ebe	89	char cellname[MAXCELLNAMELEN];
908a6ebe	90	char homedir_prefix[MAXPATHLEN];
43d1801e	91	char cell_root[MAXPATHLEN];
03b6b479	92	int homedir_prefix_len=0;
	93	char homedirs_method=0;
	94	char shells_method=0;
	95
908a6ebe	96	/**
	97	* The cpstr() function copies a null-terminated string from str*
	98	* (the first argument) into buf and updates both buf and buflen. If
	99	* the string would overflow the buffer, no action is taken. The
	100	* number of bytes copied is returned (zero indicates failure).
	101	*/
03b6b479	102	int cpstr( char str, char buf, size_t buflen) {
908a6ebe	103	int len = strlen(str);
	104	if ( len >= *buflen-1 ) return 0;
	105	strcpy(*buf,str);
	106	*buflen -= len + 1;
	107	*buf += len + 1;
	108	return len;
03b6b479	109	}
03b6b479	110
908a6ebe	111	/**
03b6b479	112	* Look up the name corresponding to uid, store in buffer.
03b6b479	113	*/
908a6ebe	114	enum nss_status ptsid2name(int uid, char *buffer, int buflen) {
03b6b479	115	int ret, i;
	116	idlist lid;
	117	namelist lnames;
	118
	119	init_afs();
	120
	121	if (uid==AFS_MAGIC_ANONYMOUS_USERID) {
	122	if (!cpstr("anonymous", buffer, buflen)) return NSS_STATUS_UNAVAIL;
	123	return NSS_STATUS_SUCCESS;
	124	}
	125
	126	if (pthread_mutex_lock(&mutex)) return NSS_STATUS_UNAVAIL;
	127
	128	lid.idlist_val = (afs_int32*)&uid;
	129	lid.idlist_len = 1;
	130	lnames.namelist_val = 0;
	131	lnames.namelist_len = 0;
	132
	133	if (ubik_Call(PR_IDToName,pruclient,0,&lid,&lnames) != PRSUCCESS) {
	134	pthread_mutex_unlock(&mutex);
	135	return NSS_STATUS_UNAVAIL;
	136	}
	137
	138	ret = NSS_STATUS_NOTFOUND;
	139	for (i=0;i<lnames.namelist_len;i++) {
	140	int delta = strlen(lnames.namelist_val[i]);
	141	if ( (delta < buflen) && islower(*(lnames.namelist_val[i])) ) {
	142	cpstr(lnames.namelist_val[i], buffer, buflen);
	143	ret = NSS_STATUS_SUCCESS;
	144	}
	145	}
	146	free(lnames.namelist_val);
	147	/* free(lid.idlist_val); */
	148	lid.idlist_val = 0;
	149	lid.idlist_len = 0;
	150
	151	pthread_mutex_unlock(&mutex);
	152	return ret;
	153	}
	154
908a6ebe	155	/**
908a6ebe	156	* Look up the uid corresponding to name in ptserver.
03b6b479	157	*/
908a6ebe	158	enum nss_status ptsname2id(char name, uid_t uid) {
03b6b479	159	int res;
	160	idlist lid;
	161	namelist lnames;
abfd757b	162	char uname[MAXUSERNAMELEN];
03b6b479	163
	164	init_afs();
	165
	166	if (!strcmp(name,"anonymous")) {
	167	*uid = AFS_MAGIC_ANONYMOUS_USERID;
	168	return NSS_STATUS_SUCCESS;
	169	}
	170
	171	if (pthread_mutex_lock(&mutex)) return NSS_STATUS_UNAVAIL;
	172
	173	lid.idlist_val = 0;
	174	lid.idlist_len = 0;
abfd757b	175	lnames.namelist_val = (prname*)uname;
	176	// apparently ubik expects to be able to modify this?
	177	strncpy(uname, name, MAXUSERNAMELEN);
03b6b479	178	lnames.namelist_len = 1;
	179
	180	if (ubik_Call(PR_NameToID,pruclient,0,&lnames,&lid) != PRSUCCESS) {
	181	pthread_mutex_unlock(&mutex);
	182	return NSS_STATUS_UNAVAIL;
	183	}
	184	pthread_mutex_unlock(&mutex);
	185
	186	res = (uid_t)lid.idlist_val[0];
	187	if (res == AFS_MAGIC_ANONYMOUS_USERID) return NSS_STATUS_NOTFOUND;
	188	*uid = res;
	189	return NSS_STATUS_SUCCESS;
	190	}
	191
908a6ebe	192	/**
908a6ebe	193	* Initialize the library; returns zero on success
03b6b479	194	*/
	195	int init_afs() {
	196	FILE *thiscell;
	197	int len;
43d1801e	198	struct stat statbuf;
03b6b479	199
43d1801e	200	if (afs_initialized) {
	201	/* wait until /afs/@cell/ appears as a proxy for "the network is up" */
	202	if (stat(cell_root, &statbuf)) return -1;
	203	return 0;
	204	}
	205
03b6b479	206	if (pthread_mutex_lock(&mutex)) return -1;
	207	do {
	208	homedirs_method=HOMEDIR_PREFIX;
	209	shells_method=SHELL_USERLINK;
91bb9ebc	210
908a6ebe	211	len = snprintf(cellname, MAXCELLNAMELEN,
	212	"%s/ThisCell", AFSDIR_CLIENT_ETC_DIRPATH);
	213	if (len < 0 \|\| len >= MAXCELLNAMELEN) return -1;
91bb9ebc	214
91bb9ebc	215	thiscell=fopen(cellname,"r");
03b6b479	216	if (thiscell == NULL) break;
908a6ebe	217	len=fread(cellname,1,MAXCELLNAMELEN,thiscell);
03b6b479	218	if (!feof(thiscell)) {
	219	// Cellname too long
	220	fclose(thiscell);
	221	strcpy(homedir_prefix,"/tmp/\0");
	222	homedir_prefix_len=5;
	223	break;
	224	}
	225	fclose(thiscell);
91bb9ebc	226
03b6b479	227	if (cellname[len-1] == '\n') len--;
03b6b479	228	cellname[len]='\0';
43d1801e	229
	230	/* wait until /afs/@cell/ appears as a proxy for "the network is up" */
	231	sprintf(cell_root,"/afs/%s/",cellname);
	232	if (stat(cell_root, &statbuf)) break;
	233
03b6b479	234	sprintf(homedir_prefix,"/afs/%s/user/",cellname);
03b6b479	235	homedir_prefix_len=strlen(homedir_prefix);
43d1801e	236
	237	/* time out requests after 5 seconds to avoid hanging things */
	238	rx_SetRxDeadTime(5);
	239
03b6b479	240	if (pr_Initialize(0L,AFSDIR_CLIENT_ETC_DIRPATH, 0)) break;
	241
	242	afs_initialized = 1;
	243	pthread_mutex_unlock(&mutex);
	244	return 0;
	245
	246	} while(0);
	247	pthread_mutex_unlock(&mutex);
	248	return -1;
	249	}
	250
	251
908a6ebe	252	/**
	253	* Retrieves the homedir for a given user; returns 0 on success.
	254	*/
03b6b479	255	int get_homedir(char name, char buffer, size_t buflen) {
	256	char buf[256];
	257	int temp;
	258	char *b;
	259	b=*buffer;
	260	switch (homedirs_method) {
	261	case HOMEDIR_PREFIX:
	262	homedir_prefix[homedir_prefix_len+0]=name[0];
	263	homedir_prefix[homedir_prefix_len+1]='/';
	264	homedir_prefix[homedir_prefix_len+2]=name[0];
	265	homedir_prefix[homedir_prefix_len+3]=name[1];
	266	homedir_prefix[homedir_prefix_len+4]='/';
	267	homedir_prefix[homedir_prefix_len+5]=0;
	268	strncpy(&homedir_prefix[homedir_prefix_len+5],name,40);
	269	if (! cpstr(homedir_prefix,buffer,buflen) ) return -1;
	270	break;
	271	case HOMEDIR_AUTO:
	272	homedir_prefix[homedir_prefix_len]=0;
	273	strncpy(&homedir_prefix[homedir_prefix_len],name,40);
	274	if (! cpstr(homedir_prefix,buffer,buflen) ) return -1;
	275	break;
	276	case HOMEDIR_ADMINLINK:
	277	if ( snprintf(buf,256,"/afs/%s/admin/homedirs/%s",cellname,name) > 0 ) {
	278	temp=readlink(buf,buffer,buflen);
	279	if ( temp > -1) {
	280	b[temp]=0;
	281	buflen = buflen - temp - 1;
	282	return -1;
	283	}
	284	}
	285	if (! cpstr("/tmp",buffer,buflen) ) return -1;
	286	break;
	287	}
	288	return 0;
	289	}
	290
908a6ebe	291	/**
	292	* Retrieves the shell for a given user; returns 0 on success.
	293	*/
03b6b479	294	int get_shell(char name, char buffer, size_t buflen) {
	295	char buf[256];
	296	int temp;
	297	char *b;
	298	char* bufx = buf;
	299	int bufxlen = 256;
	300	b=*buffer;
	301
	302	switch (shells_method) {
	303	case SHELL_BASH:
03b6b479	304	break;
	305
	306	case SHELL_ADMINLINK:
91bb9ebc	307	if (snprintf(buf,256,"/afs/%s/admin/shells/%s",cellname,name)<=0) break;
	308	temp = readlink(buf,buffer,buflen);
	309	if (temp < 0) break;
	310	b[temp]=0;
	311	buflen = buflen - temp - 1;
	312	return 0;
03b6b479	313
03b6b479	314	case SHELL_USERLINK:
91bb9ebc	315	if (get_homedir(name, &bufx, &bufxlen)) break;
	316	if (strncpy(buf+strlen(buf),"/.loginshell",bufxlen)<=0) break;
	317	temp = readlink(buf,buffer,buflen);
	318	if (temp < 0) break;
	319	b[temp]=0;
	320	buflen = buflen - temp - 1;
	321	return 0;
03b6b479	322	}
91bb9ebc	323	if (! cpstr("/bin/bash",buffer,buflen) )
91bb9ebc	324	return -1;
03b6b479	325	return 0;
	326	}
	327
	328
908a6ebe	329	/*
	330	* This function is exported; glibc will invoke it in order to find
	331	* the name and list of members of a group specified by a numerical
	332	* groupid.
03b6b479	333	*/
908a6ebe	334	enum nss_status _nss_afs_getgrgid_r (gid_t gid,
	335	struct group *result,
	336	char *buffer,
	337	size_t buflen,
	338	int *errnop) {
03b6b479	339	int length;
582fb19e	340	int showgid = 0;
	341	if (gid >= MIN_PAG_GID && gid <= MAX_PAG_GID) {
	342	showgid = gid-MIN_PAG_GID;
	343	} else if (gid >= MIN_OLDPAG_GID && gid <= MAX_OLDPAG_GID) {
	344	showgid = gid-MIN_OLDPAG_GID;
	345	} else {
03b6b479	346	*errnop=ENOENT;
	347	return NSS_STATUS_NOTFOUND;
	348	}
	349	do {
	350	result->gr_gid=gid;
	351
	352	result->gr_name=buffer;
582fb19e	353	length=snprintf(buffer,buflen,"AfsPag-%x",showgid);
03b6b479	354
	355	if (length < 0) break;
	356	length += 1;
	357	buflen -= length;
	358	buffer += length;
	359
	360	result->gr_passwd=buffer;
	361
	362	if (!cpstr("x",&buffer,&buflen)) break;
	363
	364	if (buflen < sizeof(char*)) break;
	365	result->gr_mem=buffer;
	366	result->gr_mem[0] = NULL;
	367
	368	*errnop=errno;
	369	return NSS_STATUS_SUCCESS;
	370
	371	} while(0);
	372	*errnop=ENOENT;
	373	return NSS_STATUS_UNAVAIL;
	374	}
	375
908a6ebe	376	/**
	377	* A helper function to fill in the fields of "struct passwd"; used by
	378	* both _nss_afs_getpwuid_r() and _nss_afs_getpwnam_r().
	379	*/
	380	enum nss_status fill_result_buf(uid_t uid,
	381	char* name,
	382	struct passwd *result_buf,
	383	char *buffer,
	384	size_t buflen,
	385	int *errnop) {
	386	result_buf->pw_name = name;
03b6b479	387	do {
	388	/* set the password to "x" */
	389	result_buf->pw_passwd = buffer;
	390	if ( ! cpstr("x",&buffer, &buflen) ) break;
908a6ebe	391
03b6b479	392	/* the uid and gid are both the uid passed in */
	393	result_buf->pw_uid = uid;
	394	result_buf->pw_gid = 65534;
908a6ebe	395
03b6b479	396	/* make the gecos the same as the PTS name */
	397	result_buf->pw_gecos = buffer;
	398	if ( ! cpstr(result_buf->pw_name, &buffer, &buflen ) ) break;
	399
	400	// Set the homedirectory
	401	result_buf->pw_dir = buffer;
	402	if ( get_homedir(result_buf->pw_name,&buffer,&buflen) ) break;
	403
	404	// Set the login shell
	405	result_buf->pw_shell = buffer;
	406	if ( get_shell(result_buf->pw_name,&buffer,&buflen) ) break;
	407
e8c23dae	408	#ifdef LIMIT_USERNAME_CHARS
	409	if ( strlen(result_buf->pw_name) > LIMIT_USERNAME_CHARS ) {
	410	result_buf->pw_name[LIMIT_USERNAME_CHARS] = '\0';
	411	buflen = buflen + ( buffer - &result_buf->pw_name[LIMIT_USERNAME_CHARS+1] );
	412	buffer = &result_buf->pw_name[LIMIT_USERNAME_CHARS+1];
	413	}
	414	#endif
	415
03b6b479	416	*errnop = errno;
	417	return NSS_STATUS_SUCCESS;
	418	} while(0);
	419
	420	*errnop = ERANGE;
	421	return NSS_STATUS_UNAVAIL;
	422	}
	423
	424
908a6ebe	425	/**
	426	* This function is exported; glibc will invoke it in order to gather
	427	* the user information (userid, homedir, shell) associated with a
	428	* numerical userid.
	429	*/
	430	enum nss_status _nss_afs_getpwuid_r (uid_t uid,
	431	struct passwd *result_buf,
	432	char *buffer,
	433	size_t buflen,
	434	int *errnop) {
	435	int temp;
	436	char* name;
	437
	438	if (init_afs()) return NSS_STATUS_UNAVAIL;
	439
	440	name = buffer;
	441	temp = ptsid2name( uid, &buffer, &buflen);
	442	if (temp != NSS_STATUS_SUCCESS) {
	443	*errnop = ENOENT;
	444	return temp;
	445	}
	446
908a6ebe	447	return fill_result_buf(uid, name, result_buf, buffer, buflen, errnop);
	448	}
	449
	450	/**
	451	* This function is exported; glibc will invoke it in order to gather
	452	* the user information (userid, homedir, shell) associated with a
	453	* username.
03b6b479	454	*/
908a6ebe	455	enum nss_status _nss_afs_getpwnam_r (char *name,
	456	struct passwd *result_buf,
	457	char *buffer,
	458	size_t buflen,
	459	int *errnop) {
03b6b479	460	uid_t uid;
	461	int temp;
	462
	463	if (init_afs()) return NSS_STATUS_UNAVAIL;
	464
	465	temp = ptsname2id(name,&uid);
	466	if (temp != NSS_STATUS_SUCCESS) {
	467	*errnop = ENOENT;
	468	return temp;
	469	}
	470
908a6ebe	471	return fill_result_buf(uid, name, result_buf, buffer, buflen, errnop);
03b6b479	472	}
03b6b479	473