[hcoop/debian/libnss-afs.git] / nss_afs.c


/*****************************************************************************
 * libnss-afs (nss_afs.c)
 *
 * Copyright 2008, licensed under GNU Library General Public License (LGPL)
 * see COPYING file for details
 *
 * by Adam Megacz <megacz@hcoop.net>
 * derived from Frank Burkhardt's libnss_ptdb,
 * which was derived from Todd M. Lewis' libnss_pts
 *****************************************************************************/

/*
 *  If you are reading this code for the first time, read the rest of
 *  this comment block, then start at the bottom of the file and work
 *  your way upwards.
 *
 *  All functions which return an int use zero to signal success --
 *  except cpstr(), which returns zero on *failure*.  This should be
 *  fixed.
 *
 *  A note about memory allocation:
 *
 *    NSS plugins generally ought to work without attempting to call
 *    malloc() (which may fail).  Therefore, glibc allocates a buffer
 *    before calling NSS library functions, and passes that buffer to
 *    the NSS library; library functions store their results in the
 *    buffer and return pointers into that buffer.
 *
 *    The convention used throughout this library is to pass around a
 *    char** which points to a pointer to the first unused byte in the
 *    provided buffer, and a size_t* which points to an int indicating
 *    how many bytes are left between the char** and the end of the
 *    available region.
 */

#include <ctype.h>
#include <err.h>
#include <errno.h>
#include <fcntl.h>
#include <getopt.h>
#include <grp.h>
#include <netinet/in.h>
#include <nss.h>
#include <pthread.h>
#include <pwd.h>
#include <rx/rx.h>
#include <rx/xdr.h>
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/select.h>
#include <sys/socket.h>
#include <sys/stat.h>
#include <sys/time.h>
#include <sys/types.h>
#include <unistd.h>
#include <afs/afs.h>
#include <afs/afsutil.h>
#include <afs/cellconfig.h>
#include <afs/com_err.h>
#include <afs/param.h>
#include <afs/ptclient.h>
#include <afs/pterror.h>
#include <afs/stds.h>

#define HOMEDIR_AUTO      0
#define HOMEDIR_ADMINLINK 1
#define HOMEDIR_PREFIX    2
#define SHELL_BASH        0
#define SHELL_ADMINLINK   1
#define SHELL_USERLINK    2

#define AFS_MAGIC_ANONYMOUS_USERID 32766
#define MIN_PAG_GID                0x41000000L
#define MAX_PAG_GID                0x41FFFFFFL
#define MIN_OLDPAG_GID             0x3f00
#define MAX_OLDPAG_GID             0xff00

#define MAXCELLNAMELEN             256
#define MAXUSERNAMELEN             256

static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER;

extern struct ubik_client *pruclient;

int  afs_initialized = 0;
char cellname[MAXCELLNAMELEN];
char homedir_prefix[MAXPATHLEN];
char cell_root[MAXPATHLEN];
int  homedir_prefix_len=0;
char homedirs_method=0;
char shells_method=0;

/**
 *  The cpstr() function copies a null-terminated string from str*
 *  (the first argument) into buf and updates both buf and buflen.  If
 *  the string would overflow the buffer, no action is taken.  The
 *  number of bytes copied is returned (zero indicates failure).
 */
int cpstr( char *str, char **buf, size_t *buflen) {
  int len = strlen(str);
  if ( len >= *buflen-1 ) return 0;
  strcpy(*buf,str);
  *buflen -= len + 1;
  *buf    += len + 1;
  return len;
}

/**
 * Look up the name corresponding to uid, store in buffer.
 */
enum nss_status ptsid2name(int uid, char **buffer, int *buflen) {
  int ret, i;
  idlist lid;
  namelist lnames;

  init_afs();

  if (uid==AFS_MAGIC_ANONYMOUS_USERID) {
    if (!cpstr("anonymous", buffer, buflen)) return NSS_STATUS_UNAVAIL;
    return NSS_STATUS_SUCCESS;
  }

  if (pthread_mutex_lock(&mutex)) return NSS_STATUS_UNAVAIL;
  
  lid.idlist_val = (afs_int32*)&uid;
  lid.idlist_len = 1;
  lnames.namelist_val = 0;
  lnames.namelist_len = 0;

  if (ubik_Call(PR_IDToName,pruclient,0,&lid,&lnames) != PRSUCCESS) {
    perror("ubik_Call() in ptsid2name() failed\n");
    pthread_mutex_unlock(&mutex);
    return NSS_STATUS_UNAVAIL;
  }

  ret = NSS_STATUS_NOTFOUND;
  for (i=0;i<lnames.namelist_len;i++) {
    int delta = strlen(lnames.namelist_val[i]);
    if ( (delta < buflen) && islower(*(lnames.namelist_val[i])) ) {
      cpstr(lnames.namelist_val[i], buffer, buflen);
      ret = NSS_STATUS_SUCCESS;
    }
  }
  free(lnames.namelist_val);
  /* free(lid.idlist_val); */
  lid.idlist_val = 0;
  lid.idlist_len = 0;

  pthread_mutex_unlock(&mutex);
  return ret;
}

/**
 * Look up the uid corresponding to name in ptserver.
 */
enum nss_status ptsname2id(char *name, uid_t* uid) {
  int res;
  idlist lid;
  namelist lnames;
  char uname[MAXUSERNAMELEN];

  init_afs();
  
  if (!strcmp(name,"anonymous")) {
    *uid = AFS_MAGIC_ANONYMOUS_USERID;
    return NSS_STATUS_SUCCESS;
  }

  if (pthread_mutex_lock(&mutex)) return NSS_STATUS_UNAVAIL;

  lid.idlist_val = 0;
  lid.idlist_len = 0;
  lnames.namelist_val = (prname*)(&uname);
  // apparently ubik expects to be able to modify this?
  strncpy(uname, name, MAXUSERNAMELEN);
  lnames.namelist_len = 1;

  if (ubik_Call(PR_NameToID,pruclient,0,&lnames,&lid) != PRSUCCESS) {
    perror("ubik_Call() in ptsname2id() failed\n");
    pthread_mutex_unlock(&mutex);
    return NSS_STATUS_UNAVAIL;
  }
  pthread_mutex_unlock(&mutex);

  res = (uid_t)lid.idlist_val[0];
  if (res == AFS_MAGIC_ANONYMOUS_USERID) return NSS_STATUS_NOTFOUND;
  *uid = res;
  return NSS_STATUS_SUCCESS;
}

/**
 *  Initialize the library; returns zero on success
 */
int init_afs() {
  FILE *thiscell;
  int len;
  struct stat statbuf;

  if (afs_initialized) {
    /* wait until /afs/@cell/ appears as a proxy for "the network is up" */
    if (stat(cell_root, &statbuf)) return -1;
    return 0;
  }
  
  if (pthread_mutex_lock(&mutex)) return -1;
  do {
    homedirs_method=HOMEDIR_PREFIX;
    shells_method=SHELL_USERLINK;

    len = snprintf(cellname, MAXCELLNAMELEN,
                   "%s/ThisCell", AFSDIR_CLIENT_ETC_DIRPATH);
    if (len < 0 || len >= MAXCELLNAMELEN) break;

    thiscell=fopen(cellname,"r");
    if (thiscell == NULL) break;
    len=fread(cellname,1,MAXCELLNAMELEN,thiscell);
    if (!feof(thiscell)) {
      // Cellname too long
      fclose(thiscell);
      strcpy(homedir_prefix,"/tmp/\0");
      homedir_prefix_len=5;
      break;
    }
    fclose(thiscell);

    if (cellname[len-1] == '\n') len--;
    cellname[len]='\0';

    /* wait until /afs/@cell/ appears as a proxy for "the network is up" */
    sprintf(cell_root,"/afs/%s/",cellname);
    if (stat(cell_root, &statbuf)) break;

    sprintf(homedir_prefix,"/afs/%s/user/",cellname);
    homedir_prefix_len=strlen(homedir_prefix);

    /* time out requests after 5 seconds to avoid hanging things */
    rx_SetRxDeadTime(5);    

    if (pr_Initialize(0L,AFSDIR_CLIENT_ETC_DIRPATH, 0)) {
      perror("pr_Initialize() failed\n");
      break;
    }
    
    afs_initialized = 1;
    pthread_mutex_unlock(&mutex);
    return 0;

  } while(0);
  pthread_mutex_unlock(&mutex);
  return -1;
}


/**
 * Retrieves the homedir for a given user; returns 0 on success.
 */
int get_homedir(char *name, char **buffer, size_t *buflen) {
  char buf[256];
  int temp;
  char *b;
  b=*buffer;
  switch (homedirs_method) {
    case HOMEDIR_PREFIX:
      homedir_prefix[homedir_prefix_len+0]=name[0];
      homedir_prefix[homedir_prefix_len+1]='/';
      homedir_prefix[homedir_prefix_len+2]=name[0];
      homedir_prefix[homedir_prefix_len+3]=name[1];
      homedir_prefix[homedir_prefix_len+4]='/';
      homedir_prefix[homedir_prefix_len+5]=0;
      strncpy(&homedir_prefix[homedir_prefix_len+5],name,40);
      if (! cpstr(homedir_prefix,buffer,buflen) ) return -1;
      break;
    case HOMEDIR_AUTO:
      homedir_prefix[homedir_prefix_len]=0;
      strncpy(&homedir_prefix[homedir_prefix_len],name,40);
      if (! cpstr(homedir_prefix,buffer,buflen) ) return -1;
      break;
    case HOMEDIR_ADMINLINK:
      if ( snprintf(buf,256,"/afs/%s/admin/homedirs/%s",cellname,name) > 0 ) {
        temp=readlink(buf,*buffer,*buflen);
        if ( temp > -1) {
          b[temp]=0;
          *buflen = *buflen - temp - 1;
          return -1;
        }
      }
      if (! cpstr("/tmp",buffer,buflen) ) return -1;
      break;
  }
  return 0;
}

/**
 * Retrieves the shell for a given user; returns 0 on success.
 */
int get_shell(char *name, char **buffer, size_t *buflen) {
  char buf[256];
  int temp;
  char *b;
  char* bufx = buf;
  int bufxlen = 256;
  b=*buffer;

  switch (shells_method) {
    case SHELL_BASH:
      break;

    case SHELL_ADMINLINK:
      if (snprintf(buf,256,"/afs/%s/admin/shells/%s",cellname,name)<=0) break;
      temp = readlink(buf,*buffer,*buflen);
      if (temp < 0) break;
      b[temp]=0;
      *buflen = *buflen - temp - 1;
      return 0;

    case SHELL_USERLINK:
      if (get_homedir(name, &bufx, &bufxlen)) break;
      if (strncpy(buf+strlen(buf),"/.loginshell",bufxlen)<=0) break;
      temp = readlink(buf,*buffer,*buflen);
      if (temp < 0) break;
      b[temp]=0;
      *buflen = *buflen - temp - 1;
      return 0;
  }
  if (! cpstr("/bin/bash",buffer,buflen) )
    return -1;
  return 0;
}


/*
 * This function is exported; glibc will invoke it in order to find
 * the name and list of members of a group specified by a numerical
 * groupid.
 */
enum nss_status _nss_afs_getgrgid_r (gid_t gid,
                                     struct group *result,
                                     char *buffer,
                                     size_t buflen,
                                     int *errnop) {
  int length;
  int showgid = 0;
  if (gid >= MIN_PAG_GID && gid <= MAX_PAG_GID) {
    showgid = gid-MIN_PAG_GID;
  } else if (gid >= MIN_OLDPAG_GID && gid <= MAX_OLDPAG_GID) {
    showgid = gid-MIN_OLDPAG_GID;
  } else {
    *errnop=ENOENT;
    return NSS_STATUS_NOTFOUND;
  }
  do {
    result->gr_gid=gid;

    result->gr_name=buffer;
    length=snprintf(buffer,buflen,"AfsPag-%x",showgid);
    
    if (length < 0) break;
    length += 1;
    buflen -= length;
    buffer += length;

    result->gr_passwd=buffer;

    if (!cpstr("x",&buffer,&buflen)) break;

    if (buflen < sizeof(char*)) break;
    result->gr_mem=buffer;
    result->gr_mem[0] = NULL;

    *errnop=errno;
    return NSS_STATUS_SUCCESS;

  } while(0);
  *errnop=ENOENT;
  return NSS_STATUS_UNAVAIL;
}

/**
 * A helper function to fill in the fields of "struct passwd"; used by
 * both _nss_afs_getpwuid_r() and _nss_afs_getpwnam_r().
 */
enum nss_status fill_result_buf(uid_t uid,
                                char* name,
                                struct passwd *result_buf,
                                char *buffer,
                                size_t buflen,
                                int *errnop) {
  result_buf->pw_name = name;
  do {
    /* set the password to "x" */
    result_buf->pw_passwd = buffer;
    if ( ! cpstr("x",&buffer, &buflen) ) break;

    /* the uid and gid are both the uid passed in */
    result_buf->pw_uid = uid;
    result_buf->pw_gid = 65534;

    /* make the gecos the same as the PTS name */
    result_buf->pw_gecos = buffer;
    if ( ! cpstr(result_buf->pw_name, &buffer, &buflen ) ) break;

    // Set the homedirectory
    result_buf->pw_dir = buffer;
    if ( get_homedir(result_buf->pw_name,&buffer,&buflen) ) break;

    // Set the login shell
    result_buf->pw_shell = buffer;
    if ( get_shell(result_buf->pw_name,&buffer,&buflen) ) break;

#ifdef LIMIT_USERNAME_CHARS
    if ( strlen(result_buf->pw_name) > LIMIT_USERNAME_CHARS ) {
      result_buf->pw_name[LIMIT_USERNAME_CHARS] = '\0';
      buflen = buflen + ( buffer - &result_buf->pw_name[LIMIT_USERNAME_CHARS+1] );
      buffer = &result_buf->pw_name[LIMIT_USERNAME_CHARS+1];
    }
#endif

    *errnop = errno;
    return NSS_STATUS_SUCCESS;
  } while(0);

  *errnop = ERANGE;
  return NSS_STATUS_UNAVAIL;
}


/**
 * This function is exported; glibc will invoke it in order to gather
 * the user information (userid, homedir, shell) associated with a
 * numerical userid.
 */
enum nss_status _nss_afs_getpwuid_r (uid_t uid,
                                     struct passwd *result_buf,
                                     char *buffer,
                                     size_t buflen,
                                     int *errnop) {
  int temp;
  char* name;

  if (init_afs()) return NSS_STATUS_UNAVAIL;

  name = buffer;
  temp = ptsid2name( uid, &buffer, &buflen);
  if (temp != NSS_STATUS_SUCCESS) {
    *errnop = ENOENT;
    return temp;
  }

  return fill_result_buf(uid, name, result_buf, buffer, buflen, errnop);
}

/**
 * This function is exported; glibc will invoke it in order to gather
 * the user information (userid, homedir, shell) associated with a
 * username.
 */
enum nss_status _nss_afs_getpwnam_r (char *name,
                                     struct passwd *result_buf,
                                     char *buffer,
                                     size_t buflen,
                                     int *errnop) {
  uid_t uid;
  int temp;

  if (init_afs()) return NSS_STATUS_UNAVAIL;

  temp = ptsname2id(name,&uid);
  if (temp != NSS_STATUS_SUCCESS) {
    *errnop = ENOENT;
    return temp;
  }

  return fill_result_buf(uid, name, result_buf, buffer, buflen, errnop);
}
Commit	Line	Data
03b6b479	1
908a6ebe	2	/*****************************************************************************
908a6ebe	3	* libnss-afs (nss_afs.c)
03b6b479	4	*
	5	* Copyright 2008, licensed under GNU Library General Public License (LGPL)
	6	* see COPYING file for details
	7	*
908a6ebe	8	* by Adam Megacz <megacz@hcoop.net>
03b6b479	9	* derived from Frank Burkhardt's libnss_ptdb,
03b6b479	10	* which was derived from Todd M. Lewis' libnss_pts
908a6ebe	11	*****************************************************************************/
03b6b479	12
03b6b479	13	/*
908a6ebe	14	* If you are reading this code for the first time, read the rest of
	15	* this comment block, then start at the bottom of the file and work
	16	* your way upwards.
	17	*
	18	* All functions which return an int use zero to signal success --
	19	* except cpstr(), which returns zero on failure. This should be
	20	* fixed.
	21	*
	22	* A note about memory allocation:
	23	*
	24	* NSS plugins generally ought to work without attempting to call
	25	* malloc() (which may fail). Therefore, glibc allocates a buffer
	26	* before calling NSS library functions, and passes that buffer to
	27	* the NSS library; library functions store their results in the
	28	* buffer and return pointers into that buffer.
	29	*
	30	* The convention used throughout this library is to pass around a
	31	* char** which points to a pointer to the first unused byte in the
	32	* provided buffer, and a size_t* which points to an int indicating
	33	* how many bytes are left between the char** and the end of the
	34	* available region.
03b6b479	35	*/
	36
	37	#include <ctype.h>
	38	#include <err.h>
	39	#include <errno.h>
	40	#include <fcntl.h>
	41	#include <getopt.h>
	42	#include <grp.h>
	43	#include <netinet/in.h>
	44	#include <nss.h>
	45	#include <pthread.h>
	46	#include <pwd.h>
	47	#include <rx/rx.h>
	48	#include <rx/xdr.h>
	49	#include <signal.h>
	50	#include <stdio.h>
	51	#include <stdlib.h>
	52	#include <string.h>
	53	#include <sys/select.h>
	54	#include <sys/socket.h>
43d1801e	55	#include <sys/stat.h>
03b6b479	56	#include <sys/time.h>
	57	#include <sys/types.h>
	58	#include <unistd.h>
	59	#include <afs/afs.h>
	60	#include <afs/afsutil.h>
	61	#include <afs/cellconfig.h>
	62	#include <afs/com_err.h>
	63	#include <afs/param.h>
	64	#include <afs/ptclient.h>
	65	#include <afs/pterror.h>
	66	#include <afs/stds.h>
	67
908a6ebe	68	#define HOMEDIR_AUTO 0
03b6b479	69	#define HOMEDIR_ADMINLINK 1
908a6ebe	70	#define HOMEDIR_PREFIX 2
	71	#define SHELL_BASH 0
	72	#define SHELL_ADMINLINK 1
	73	#define SHELL_USERLINK 2
03b6b479	74
03b6b479	75	#define AFS_MAGIC_ANONYMOUS_USERID 32766
908a6ebe	76	#define MIN_PAG_GID 0x41000000L
	77	#define MAX_PAG_GID 0x41FFFFFFL
	78	#define MIN_OLDPAG_GID 0x3f00
	79	#define MAX_OLDPAG_GID 0xff00
03b6b479	80
908a6ebe	81	#define MAXCELLNAMELEN 256
abfd757b	82	#define MAXUSERNAMELEN 256
91bb9ebc	83
03b6b479	84	static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER;
03b6b479	85
03b6b479	86	extern struct ubik_client *pruclient;
	87
	88	int afs_initialized = 0;
908a6ebe	89	char cellname[MAXCELLNAMELEN];
908a6ebe	90	char homedir_prefix[MAXPATHLEN];
43d1801e	91	char cell_root[MAXPATHLEN];
03b6b479	92	int homedir_prefix_len=0;
	93	char homedirs_method=0;
	94	char shells_method=0;
	95
908a6ebe	96	/**
	97	* The cpstr() function copies a null-terminated string from str*
	98	* (the first argument) into buf and updates both buf and buflen. If
	99	* the string would overflow the buffer, no action is taken. The
	100	* number of bytes copied is returned (zero indicates failure).
	101	*/
03b6b479	102	int cpstr( char str, char buf, size_t buflen) {
908a6ebe	103	int len = strlen(str);
	104	if ( len >= *buflen-1 ) return 0;
	105	strcpy(*buf,str);
	106	*buflen -= len + 1;
	107	*buf += len + 1;
	108	return len;
03b6b479	109	}
03b6b479	110
908a6ebe	111	/**
03b6b479	112	* Look up the name corresponding to uid, store in buffer.
03b6b479	113	*/
908a6ebe	114	enum nss_status ptsid2name(int uid, char *buffer, int buflen) {
03b6b479	115	int ret, i;
	116	idlist lid;
	117	namelist lnames;
	118
	119	init_afs();
	120
	121	if (uid==AFS_MAGIC_ANONYMOUS_USERID) {
	122	if (!cpstr("anonymous", buffer, buflen)) return NSS_STATUS_UNAVAIL;
	123	return NSS_STATUS_SUCCESS;
	124	}
	125
	126	if (pthread_mutex_lock(&mutex)) return NSS_STATUS_UNAVAIL;
	127
	128	lid.idlist_val = (afs_int32*)&uid;
	129	lid.idlist_len = 1;
	130	lnames.namelist_val = 0;
	131	lnames.namelist_len = 0;
	132
	133	if (ubik_Call(PR_IDToName,pruclient,0,&lid,&lnames) != PRSUCCESS) {
93d939f4	134	perror("ubik_Call() in ptsid2name() failed\n");
03b6b479	135	pthread_mutex_unlock(&mutex);
	136	return NSS_STATUS_UNAVAIL;
	137	}
	138
	139	ret = NSS_STATUS_NOTFOUND;
	140	for (i=0;i<lnames.namelist_len;i++) {
	141	int delta = strlen(lnames.namelist_val[i]);
	142	if ( (delta < buflen) && islower(*(lnames.namelist_val[i])) ) {
	143	cpstr(lnames.namelist_val[i], buffer, buflen);
	144	ret = NSS_STATUS_SUCCESS;
	145	}
	146	}
	147	free(lnames.namelist_val);
	148	/* free(lid.idlist_val); */
	149	lid.idlist_val = 0;
	150	lid.idlist_len = 0;
	151
	152	pthread_mutex_unlock(&mutex);
	153	return ret;
	154	}
	155
908a6ebe	156	/**
908a6ebe	157	* Look up the uid corresponding to name in ptserver.
03b6b479	158	*/
908a6ebe	159	enum nss_status ptsname2id(char name, uid_t uid) {
03b6b479	160	int res;
	161	idlist lid;
	162	namelist lnames;
abfd757b	163	char uname[MAXUSERNAMELEN];
03b6b479	164
	165	init_afs();
	166
	167	if (!strcmp(name,"anonymous")) {
	168	*uid = AFS_MAGIC_ANONYMOUS_USERID;
	169	return NSS_STATUS_SUCCESS;
	170	}
	171
	172	if (pthread_mutex_lock(&mutex)) return NSS_STATUS_UNAVAIL;
	173
	174	lid.idlist_val = 0;
	175	lid.idlist_len = 0;
8c7b34cf	176	lnames.namelist_val = (prname*)(&uname);
abfd757b	177	// apparently ubik expects to be able to modify this?
abfd757b	178	strncpy(uname, name, MAXUSERNAMELEN);
03b6b479	179	lnames.namelist_len = 1;
	180
	181	if (ubik_Call(PR_NameToID,pruclient,0,&lnames,&lid) != PRSUCCESS) {
93d939f4	182	perror("ubik_Call() in ptsname2id() failed\n");
03b6b479	183	pthread_mutex_unlock(&mutex);
	184	return NSS_STATUS_UNAVAIL;
	185	}
	186	pthread_mutex_unlock(&mutex);
	187
	188	res = (uid_t)lid.idlist_val[0];
	189	if (res == AFS_MAGIC_ANONYMOUS_USERID) return NSS_STATUS_NOTFOUND;
	190	*uid = res;
	191	return NSS_STATUS_SUCCESS;
	192	}
	193
908a6ebe	194	/**
908a6ebe	195	* Initialize the library; returns zero on success
03b6b479	196	*/
	197	int init_afs() {
	198	FILE *thiscell;
	199	int len;
43d1801e	200	struct stat statbuf;
03b6b479	201
43d1801e	202	if (afs_initialized) {
	203	/* wait until /afs/@cell/ appears as a proxy for "the network is up" */
	204	if (stat(cell_root, &statbuf)) return -1;
	205	return 0;
	206	}
	207
03b6b479	208	if (pthread_mutex_lock(&mutex)) return -1;
	209	do {
	210	homedirs_method=HOMEDIR_PREFIX;
	211	shells_method=SHELL_USERLINK;
91bb9ebc	212
908a6ebe	213	len = snprintf(cellname, MAXCELLNAMELEN,
908a6ebe	214	"%s/ThisCell", AFSDIR_CLIENT_ETC_DIRPATH);
d27f5e53	215	if (len < 0 \|\| len >= MAXCELLNAMELEN) break;
91bb9ebc	216
91bb9ebc	217	thiscell=fopen(cellname,"r");
03b6b479	218	if (thiscell == NULL) break;
908a6ebe	219	len=fread(cellname,1,MAXCELLNAMELEN,thiscell);
03b6b479	220	if (!feof(thiscell)) {
	221	// Cellname too long
	222	fclose(thiscell);
	223	strcpy(homedir_prefix,"/tmp/\0");
	224	homedir_prefix_len=5;
	225	break;
	226	}
	227	fclose(thiscell);
91bb9ebc	228
03b6b479	229	if (cellname[len-1] == '\n') len--;
03b6b479	230	cellname[len]='\0';
43d1801e	231
	232	/* wait until /afs/@cell/ appears as a proxy for "the network is up" */
	233	sprintf(cell_root,"/afs/%s/",cellname);
	234	if (stat(cell_root, &statbuf)) break;
	235
03b6b479	236	sprintf(homedir_prefix,"/afs/%s/user/",cellname);
03b6b479	237	homedir_prefix_len=strlen(homedir_prefix);
43d1801e	238
	239	/* time out requests after 5 seconds to avoid hanging things */
	240	rx_SetRxDeadTime(5);
	241
93d939f4	242	if (pr_Initialize(0L,AFSDIR_CLIENT_ETC_DIRPATH, 0)) {
	243	perror("pr_Initialize() failed\n");
	244	break;
	245	}
03b6b479	246
	247	afs_initialized = 1;
	248	pthread_mutex_unlock(&mutex);
	249	return 0;
	250
	251	} while(0);
	252	pthread_mutex_unlock(&mutex);
	253	return -1;
	254	}
	255
	256
908a6ebe	257	/**
	258	* Retrieves the homedir for a given user; returns 0 on success.
	259	*/
03b6b479	260	int get_homedir(char name, char buffer, size_t buflen) {
	261	char buf[256];
	262	int temp;
	263	char *b;
	264	b=*buffer;
	265	switch (homedirs_method) {
	266	case HOMEDIR_PREFIX:
	267	homedir_prefix[homedir_prefix_len+0]=name[0];
	268	homedir_prefix[homedir_prefix_len+1]='/';
	269	homedir_prefix[homedir_prefix_len+2]=name[0];
	270	homedir_prefix[homedir_prefix_len+3]=name[1];
	271	homedir_prefix[homedir_prefix_len+4]='/';
	272	homedir_prefix[homedir_prefix_len+5]=0;
	273	strncpy(&homedir_prefix[homedir_prefix_len+5],name,40);
	274	if (! cpstr(homedir_prefix,buffer,buflen) ) return -1;
	275	break;
	276	case HOMEDIR_AUTO:
	277	homedir_prefix[homedir_prefix_len]=0;
	278	strncpy(&homedir_prefix[homedir_prefix_len],name,40);
	279	if (! cpstr(homedir_prefix,buffer,buflen) ) return -1;
	280	break;
	281	case HOMEDIR_ADMINLINK:
	282	if ( snprintf(buf,256,"/afs/%s/admin/homedirs/%s",cellname,name) > 0 ) {
	283	temp=readlink(buf,buffer,buflen);
	284	if ( temp > -1) {
	285	b[temp]=0;
	286	buflen = buflen - temp - 1;
	287	return -1;
	288	}
	289	}
	290	if (! cpstr("/tmp",buffer,buflen) ) return -1;
	291	break;
	292	}
	293	return 0;
	294	}
	295
908a6ebe	296	/**
	297	* Retrieves the shell for a given user; returns 0 on success.
	298	*/
03b6b479	299	int get_shell(char name, char buffer, size_t buflen) {
	300	char buf[256];
	301	int temp;
	302	char *b;
	303	char* bufx = buf;
	304	int bufxlen = 256;
	305	b=*buffer;
	306
	307	switch (shells_method) {
	308	case SHELL_BASH:
03b6b479	309	break;
	310
	311	case SHELL_ADMINLINK:
91bb9ebc	312	if (snprintf(buf,256,"/afs/%s/admin/shells/%s",cellname,name)<=0) break;
	313	temp = readlink(buf,buffer,buflen);
	314	if (temp < 0) break;
	315	b[temp]=0;
	316	buflen = buflen - temp - 1;
	317	return 0;
03b6b479	318
03b6b479	319	case SHELL_USERLINK:
91bb9ebc	320	if (get_homedir(name, &bufx, &bufxlen)) break;
	321	if (strncpy(buf+strlen(buf),"/.loginshell",bufxlen)<=0) break;
	322	temp = readlink(buf,buffer,buflen);
	323	if (temp < 0) break;
	324	b[temp]=0;
	325	buflen = buflen - temp - 1;
	326	return 0;
03b6b479	327	}
91bb9ebc	328	if (! cpstr("/bin/bash",buffer,buflen) )
91bb9ebc	329	return -1;
03b6b479	330	return 0;
	331	}
	332
	333
908a6ebe	334	/*
	335	* This function is exported; glibc will invoke it in order to find
	336	* the name and list of members of a group specified by a numerical
	337	* groupid.
03b6b479	338	*/
908a6ebe	339	enum nss_status _nss_afs_getgrgid_r (gid_t gid,
	340	struct group *result,
	341	char *buffer,
	342	size_t buflen,
	343	int *errnop) {
03b6b479	344	int length;
582fb19e	345	int showgid = 0;
	346	if (gid >= MIN_PAG_GID && gid <= MAX_PAG_GID) {
	347	showgid = gid-MIN_PAG_GID;
	348	} else if (gid >= MIN_OLDPAG_GID && gid <= MAX_OLDPAG_GID) {
	349	showgid = gid-MIN_OLDPAG_GID;
	350	} else {
03b6b479	351	*errnop=ENOENT;
	352	return NSS_STATUS_NOTFOUND;
	353	}
	354	do {
	355	result->gr_gid=gid;
	356
	357	result->gr_name=buffer;
582fb19e	358	length=snprintf(buffer,buflen,"AfsPag-%x",showgid);
03b6b479	359
	360	if (length < 0) break;
	361	length += 1;
	362	buflen -= length;
	363	buffer += length;
	364
	365	result->gr_passwd=buffer;
	366
	367	if (!cpstr("x",&buffer,&buflen)) break;
	368
	369	if (buflen < sizeof(char*)) break;
	370	result->gr_mem=buffer;
	371	result->gr_mem[0] = NULL;
	372
	373	*errnop=errno;
	374	return NSS_STATUS_SUCCESS;
	375
	376	} while(0);
	377	*errnop=ENOENT;
	378	return NSS_STATUS_UNAVAIL;
	379	}
	380
908a6ebe	381	/**
	382	* A helper function to fill in the fields of "struct passwd"; used by
	383	* both _nss_afs_getpwuid_r() and _nss_afs_getpwnam_r().
	384	*/
	385	enum nss_status fill_result_buf(uid_t uid,
	386	char* name,
	387	struct passwd *result_buf,
	388	char *buffer,
	389	size_t buflen,
	390	int *errnop) {
	391	result_buf->pw_name = name;
03b6b479	392	do {
	393	/* set the password to "x" */
	394	result_buf->pw_passwd = buffer;
	395	if ( ! cpstr("x",&buffer, &buflen) ) break;
908a6ebe	396
03b6b479	397	/* the uid and gid are both the uid passed in */
	398	result_buf->pw_uid = uid;
	399	result_buf->pw_gid = 65534;
908a6ebe	400
03b6b479	401	/* make the gecos the same as the PTS name */
	402	result_buf->pw_gecos = buffer;
	403	if ( ! cpstr(result_buf->pw_name, &buffer, &buflen ) ) break;
	404
	405	// Set the homedirectory
	406	result_buf->pw_dir = buffer;
	407	if ( get_homedir(result_buf->pw_name,&buffer,&buflen) ) break;
	408
	409	// Set the login shell
	410	result_buf->pw_shell = buffer;
	411	if ( get_shell(result_buf->pw_name,&buffer,&buflen) ) break;
	412
e8c23dae	413	#ifdef LIMIT_USERNAME_CHARS
	414	if ( strlen(result_buf->pw_name) > LIMIT_USERNAME_CHARS ) {
	415	result_buf->pw_name[LIMIT_USERNAME_CHARS] = '\0';
	416	buflen = buflen + ( buffer - &result_buf->pw_name[LIMIT_USERNAME_CHARS+1] );
	417	buffer = &result_buf->pw_name[LIMIT_USERNAME_CHARS+1];
	418	}
	419	#endif
	420
03b6b479	421	*errnop = errno;
	422	return NSS_STATUS_SUCCESS;
	423	} while(0);
	424
	425	*errnop = ERANGE;
	426	return NSS_STATUS_UNAVAIL;
	427	}
	428
	429
908a6ebe	430	/**
	431	* This function is exported; glibc will invoke it in order to gather
	432	* the user information (userid, homedir, shell) associated with a
	433	* numerical userid.
	434	*/
	435	enum nss_status _nss_afs_getpwuid_r (uid_t uid,
	436	struct passwd *result_buf,
	437	char *buffer,
	438	size_t buflen,
	439	int *errnop) {
	440	int temp;
	441	char* name;
	442
	443	if (init_afs()) return NSS_STATUS_UNAVAIL;
	444
	445	name = buffer;
	446	temp = ptsid2name( uid, &buffer, &buflen);
	447	if (temp != NSS_STATUS_SUCCESS) {
	448	*errnop = ENOENT;
	449	return temp;
	450	}
	451
908a6ebe	452	return fill_result_buf(uid, name, result_buf, buffer, buflen, errnop);
	453	}
	454
	455	/**
	456	* This function is exported; glibc will invoke it in order to gather
	457	* the user information (userid, homedir, shell) associated with a
	458	* username.
03b6b479	459	*/
908a6ebe	460	enum nss_status _nss_afs_getpwnam_r (char *name,
	461	struct passwd *result_buf,
	462	char *buffer,
	463	size_t buflen,
	464	int *errnop) {
03b6b479	465	uid_t uid;
	466	int temp;
	467
	468	if (init_afs()) return NSS_STATUS_UNAVAIL;
	469
	470	temp = ptsname2id(name,&uid);
	471	if (temp != NSS_STATUS_SUCCESS) {
	472	*errnop = ENOENT;
	473	return temp;
	474	}
	475
908a6ebe	476	return fill_result_buf(uid, name, result_buf, buffer, buflen, errnop);
03b6b479	477	}
03b6b479	478