implement NSS-side shadow lookups (plus test code)

git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/libnss_ldapd@80 ef36b2f9-881f-0410-afb5-c4e39611909c

4 files changed, 144 insertions, 3 deletions

diff --git a/nslcd.h b/nslcd.h
index 9c78cab..e194293 100644
--- a/nslcd.h
+++ b/nslcd.h
@@ -112,11 +112,21 @@
 #define LDF_RPC \
   LDF_STRING(RPC_NAME) \
   LDF_STRINGLIST(RPC_ALIASES) \
-  LDF_TYPE(RPC_NUMBER,int32_t)
+  LDF_INT32(RPC_NUMBER)
 
 /* SERVICES - TBD - getservbyname - struct servent */
 
 /* SHADOW - TBD - getspnam - struct spwd */
+#define LDF_SHADOW \
+  LDF_STRING(SHADOW_NAME) \
+  LDF_STRING(SHADOW_PASSWD) \
+  LDF_INT32(SHADOW_LASTCHANGE) \
+  LDF_INT32(SHADOW_MINDAYS) \
+  LDF_INT32(SHADOW_MAXDAYS) \
+  LDF_INT32(SHADOW_WARN) \
+  LDF_INT32(SHADOW_INACT) \
+  LDF_INT32(SHADOW_EXPIRE) \
+  LDF_INT32(SHADOW_FLAG)
 
 /* The location of the socket used for communicating. */
 #define NSLCD_SOCKET "/tmp/nslcd.socket"
@@ -143,6 +153,8 @@
 #define NSLCD_ACTION_PASSWD_BYNAME      1001
 #define NSLCD_ACTION_PASSWD_BYUID       1002
 #define NSLCD_ACTION_PASSWD_ALL         1004
+#define NSLCD_ACTION_SHADOW_BYNAME      2001
+#define NSLCD_ACTION_SHADOW_ALL         2005
 
 /* Request result codes. */
 #define NSLCD_RESULT_NOTFOUND              3 /* key was not found */
diff --git a/nss/Makefile.am b/nss/Makefile.am
index e4cb367..9f44f12 100644
--- a/nss/Makefile.am
+++ b/nss/Makefile.am
@@ -22,4 +22,5 @@ noinst_LIBRARIES = libnss.a
 
 libnss_a_SOURCES = common.c common.h exports.h ../nslcd-client.h \
                    ../nslcd.h ../nslcd-common.h \
-                   aliases.c ethers.c group.c hosts.c passwd.c
+                   aliases.c ethers.c group.c hosts.c passwd.c \
+                   shadow.c
diff --git a/nss/shadow.c b/nss/shadow.c
new file mode 100644
index 0000000..aea6dbb
--- /dev/null
+++ b/nss/shadow.c
@@ -0,0 +1,83 @@
+/*
+   shadow.c - NSS lookup functions for shadow database
+
+   Copyright (C) 2006 West Consulting
+   Copyright (C) 2006 Arthur de Jong
+
+   This library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Library General Public
+   License as published by the Free Software Foundation; either
+   version 2 of the License, or (at your option) any later version.
+
+   This library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Library General Public License for more details.
+
+   You should have received a copy of the GNU Library General Public
+   License along with this library; if not, write to the Free
+   Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
+   MA 02110-1301 USA
+*/
+
+#include "config.h"
+
+#include <string.h>
+#include <nss.h>
+#include <errno.h>
+
+#include "exports.h"
+#include "nslcd-client.h"
+#include "common.h"
+
+/* Macros for expanding the LDF_SHADOW macro. */
+#define LDF_STRING(field)    READ_STRING_BUF(fp,field)
+#define LDF_INT32(field)     READ_INT32(fp,field)
+#define SHADOW_NAME          result->sp_namp
+#define SHADOW_PASSWD        result->sp_pwdp
+#define SHADOW_LASTCHANGE    result->sp_lstchg
+#define SHADOW_MINDAYS       result->sp_min
+#define SHADOW_MAXDAYS       result->sp_max
+#define SHADOW_WARN          result->sp_warn
+#define SHADOW_INACT         result->sp_inact
+#define SHADOW_EXPIRE        result->sp_expire
+#define SHADOW_FLAG          result->sp_flag
+
+enum nss_status _nss_ldap_getspnam_r(const char *name,struct spwd *result,char *buffer,size_t buflen,int *errnop)
+{
+  FILE *fp;
+  size_t bufptr=0;
+  int32_t tmpint32;
+  /* open socket and write request */
+  OPEN_SOCK(fp);
+  WRITE_REQUEST(fp,NSLCD_ACTION_SHADOW_BYNAME);
+  WRITE_STRING(fp,name);
+  WRITE_FLUSH(fp);
+  /* read response header */
+  READ_RESPONSEHEADER(fp,NSLCD_ACTION_SHADOW_BYNAME);
+  /* read response */
+  READ_RESPONSE_CODE(fp);
+  LDF_SHADOW;
+  /* close socket and we're done */
+  fclose(fp);
+  return NSS_STATUS_SUCCESS;
+}
+
+/* thread-local file pointer to an ongoing request */
+static __thread FILE *spentfp;
+#define fp spentfp
+
+enum nss_status _nss_ldap_setspent(void)
+{
+  NSS_SETENT(NSLCD_ACTION_SHADOW_ALL);
+}
+
+enum nss_status _nss_ldap_getspent_r(struct spwd *result,char *buffer,size_t buflen,int *errnop)
+{
+  NSS_GETENT(LDF_SHADOW);
+}
+
+enum nss_status _nss_ldap_endspent(void)
+{
+  NSS_ENDENT();
+}
diff --git a/testnss.c b/testnss.c
index 8b2986a..13a3bd3 100644
--- a/testnss.c
+++ b/testnss.c
@@ -133,6 +133,24 @@ static void printether(struct etherent *ether)
          ether->e_name,ether_ntoa(&(ether->e_addr)));
 }
 
+static void printshadow(struct spwd *shadow)
+{
+  printf("struct passwd {\n"
+         "  sp_namp=\"%s\",\n"
+         "  sp_pwdp=\"%s\",\n"
+         "  sp_lstchg=%ld,\n"
+         "  sp_min=%ld,\n"
+         "  sp_max=%ld,\n"
+         "  sp_warn=%ld,\n"
+         "  sp_inact=%ld,\n"
+         "  sp_expire=%ld,\n"
+         "  sp_flag=%lu\n"
+         "}\n",
+         shadow->sp_namp,shadow->sp_pwdp,shadow->sp_lstchg,
+         shadow->sp_min,shadow->sp_max,shadow->sp_warn,
+         shadow->sp_inact,shadow->sp_expire,shadow->sp_flag);
+}
+
 /* the main program... */
 int main(int argc,char *argv[])
 {
@@ -141,6 +159,7 @@ int main(int argc,char *argv[])
   struct group groupresult;
   struct hostent hostresult;
   struct etherent etherresult;
+  struct spwd shadowresult;
   char buffer[1024];
   enum nss_status res;
   int errnocp,h_errnocp;
@@ -384,7 +403,6 @@ int main(int argc,char *argv[])
     printf("errnocp=%d:%s\n",(int)errnocp,strerror(errnocp));
   }
 
-
   /* test {set,get,end}etherent() */
   printf("\nTEST {set,get,end}etherent()\n");
   res=_nss_ldap_setetherent(1);
@@ -400,5 +418,32 @@ int main(int argc,char *argv[])
   res=_nss_ldap_endetherent();
   printf("status=%s\n",nssstatus(res));
 
+  /* test getspnam() */
+  printf("\nTEST getspnam()\n");
+  res=_nss_ldap_getspnam_r("arthur",&shadowresult,buffer,1024,&errnocp);
+  printf("status=%s\n",nssstatus(res));
+  if (res==NSS_STATUS_SUCCESS)
+    printshadow(&shadowresult);
+  else
+  {
+    printf("errno=%d:%s\n",(int)errno,strerror(errno));
+    printf("errnocp=%d:%s\n",(int)errnocp,strerror(errnocp));
+  }
+
+  /* test {set,get,end}spent() */
+  printf("\nTEST {set,get,end}spent()\n");
+  res=_nss_ldap_setspent();
+  printf("status=%s\n",nssstatus(res));
+  while ((res=_nss_ldap_getspent_r(&shadowresult,buffer,1024,&errnocp))==NSS_STATUS_SUCCESS)
+  {
+    printf("status=%s\n",nssstatus(res));
+    printshadow(&shadowresult);
+  }
+  printf("status=%s\n",nssstatus(res));
+  printf("errno=%d:%s\n",(int)errno,strerror(errno));
+  printf("errnocp=%d:%s\n",(int)errnocp,strerror(errnocp));
+  res=_nss_ldap_endspent();
+  printf("status=%s\n",nssstatus(res));
+
   return 0;
 }