aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'nis/nss_nis/nis-publickey.c')
-rw-r--r--nis/nss_nis/nis-publickey.c220
1 files changed, 220 insertions, 0 deletions
diff --git a/nis/nss_nis/nis-publickey.c b/nis/nss_nis/nis-publickey.c
new file mode 100644
index 0000000000..b9eda6a742
--- /dev/null
+++ b/nis/nss_nis/nis-publickey.c
@@ -0,0 +1,220 @@
+/* Copyright (C) 1996 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+ Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1996.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Library General Public License as
+ published by the Free Software Foundation; either version 2 of the
+ License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Library General Public
+ License along with the GNU C Library; see the file COPYING.LIB. If not,
+ write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307, USA. */
+
+#include <nss.h>
+#include <ctype.h>
+#include <errno.h>
+#include <string.h>
+#include <syslog.h>
+#include <libc-lock.h>
+#include <rpc/key_prot.h>
+#include <rpcsvc/yp.h>
+#include <rpcsvc/ypclnt.h>
+
+#include "nss-nis.h"
+
+extern int xdecrypt (char *, char *);
+
+/* If we found the entry, we give a SUCCESS and an empty key back. */
+enum nss_status
+_nss_nis_getpublickey (const char *netname, char *pkey)
+{
+ enum nss_status retval;
+ char *domain, *result;
+ int len;
+
+ pkey[0] = 0;
+
+ if (netname == NULL)
+ {
+ __set_errno (EINVAL);
+ return NSS_STATUS_UNAVAIL;
+ }
+
+ domain = strchr (netname, '@');
+ if (!domain)
+ return NSS_STATUS_UNAVAIL;
+ domain++;
+
+ retval = yperr2nss (yp_match (domain, "publickey.byname", netname,
+ strlen (netname), &result, &len));
+
+ if (retval != NSS_STATUS_SUCCESS)
+ {
+ if (retval == NSS_STATUS_TRYAGAIN)
+ __set_errno (EAGAIN);
+ return retval;
+ }
+
+ if (result != NULL)
+ {
+ char *p = strchr (result, ':');
+ if (p != NULL)
+ *p = 0;
+ strcpy (pkey, result);
+ }
+ return NSS_STATUS_SUCCESS;
+}
+
+enum nss_status
+_nss_nis_getsecretkey (const char *netname, char *skey, char *passwd)
+{
+ enum nss_status retval;
+ char buf[1024];
+ char *domain, *result;
+ int len;
+
+ skey[0] = 0;
+
+ if (netname == NULL || passwd == NULL)
+ {
+ __set_errno (EINVAL);
+ return NSS_STATUS_UNAVAIL;
+ }
+
+ domain = strchr (netname, '@');
+ if (!domain)
+ return NSS_STATUS_UNAVAIL;
+ domain++;
+
+ retval = yperr2nss (yp_match (domain, "publickey.byname", netname,
+ strlen (netname), &result, &len));
+
+ if (retval != NSS_STATUS_SUCCESS)
+ {
+ if (retval == NSS_STATUS_TRYAGAIN)
+ __set_errno (EAGAIN);
+ return retval;
+ }
+
+ if (result != NULL)
+ {
+ char *p = strchr (result, ':');
+ if (p == NULL)
+ return NSS_STATUS_SUCCESS;
+
+ p++;
+ strcpy (buf, p);
+ if (!xdecrypt (buf, passwd))
+ return NSS_STATUS_SUCCESS;
+
+ if (memcmp (buf, &(buf[HEXKEYBYTES]), KEYCHECKSUMSIZE) != 0)
+ return NSS_STATUS_SUCCESS;
+
+ buf[HEXKEYBYTES] = 0;
+ strcpy (skey, buf);
+ }
+ return NSS_STATUS_SUCCESS;
+}
+
+/* Parse uid and group information from the passed string.
+ The format of the string passed is uid:gid,grp,grp, ... */
+static enum nss_status
+parse_netid_str (const char *s, uid_t *uidp, gid_t *gidp, int *gidlenp,
+ gid_t *gidlist)
+{
+ char *p;
+
+ if (!s || !isdigit (*s))
+ {
+ syslog (LOG_ERR, "netname2user: expecting uid '%s'", s);
+ return NSS_STATUS_NOTFOUND; /* XXX need a better error */
+ }
+
+ /* Fetch the uid */
+ *uidp = (atoi (s));
+
+ if (*uidp == 0)
+ {
+ syslog (LOG_ERR, "netname2user: should not have uid 0");
+ return NSS_STATUS_NOTFOUND;
+ }
+
+ /* Now get the group list */
+ p = strchr (s, ':');
+ if (!p)
+ {
+ syslog (LOG_ERR, "netname2user: missing group id list in '%s'", s);
+ return NSS_STATUS_NOTFOUND;
+ }
+ ++p; /* skip ':' */
+ if (!p || (!isdigit (*p)))
+ {
+ syslog (LOG_ERR, "netname2user: missing group id list in '%s'.", p);
+ return NSS_STATUS_NOTFOUND;
+ }
+
+ *gidp = (atoi (p));
+
+ *gidlenp = 0;
+#if 0
+ while ((p = strchr (p, ',')) != NULL)
+ {
+ p++;
+ gidlist[*gidlenp++] = atoi (p);
+ }
+#endif
+
+ return NSS_STATUS_SUCCESS;
+}
+
+
+enum nss_status
+_nss_nis_netname2user (char netname[MAXNETNAMELEN + 1], uid_t *uidp,
+ gid_t *gidp, int *gidlenp, gid_t *gidlist)
+{
+ char *domain;
+ int yperr;
+ char *lookup;
+ int len;
+
+ domain = strchr (netname, '@');
+ if (!domain)
+ return NSS_STATUS_UNAVAIL;
+
+ /* Point past the '@' character */
+ domain++;
+ lookup = NULL;
+ yperr = yp_match (domain, "netid.byname", netname, strlen (netname),
+ &lookup, &len);
+ switch (yperr)
+ {
+ case YPERR_SUCCESS:
+ break; /* the successful case */
+ case YPERR_DOMAIN:
+ case YPERR_KEY:
+ return NSS_STATUS_NOTFOUND;
+ case YPERR_MAP:
+ default:
+ return NSS_STATUS_UNAVAIL;
+ }
+ if (lookup)
+ {
+ enum nss_status err;
+
+ lookup[len] = '\0';
+ err = parse_netid_str (lookup, uidp, gidp, gidlenp, gidlist);
+ free (lookup);
+ return err;
+ }
+ else
+ return NSS_STATUS_NOTFOUND;
+
+ return NSS_STATUS_SUCCESS;
+}