implement netgroup lookups

git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/libnss_ldapd@97 ef36b2f9-881f-0410-afb5-c4e39611909c

3 files changed, 121 insertions, 6 deletions

diff --git a/nss/Makefile.am b/nss/Makefile.am
index 4bc79f7..5211caf 100644
--- a/nss/Makefile.am
+++ b/nss/Makefile.am
@@ -23,5 +23,5 @@ noinst_LIBRARIES = libnss.a
 libnss_a_SOURCES = common.c common.h prototypes.h ../nslcd-client.h \
                    ../nslcd.h ../nslcd-common.h \
                    aliases.c automount.c ethers.c group.c hosts.c \
-                   networks.c passwd.c protocols.c rpc.c services.c \
-                   shadow.c
+                   netgroup.c networks.c passwd.c protocols.c rpc.c \
+                   services.c shadow.c
diff --git a/nss/netgroup.c b/nss/netgroup.c
new file mode 100644
index 0000000..f5d9c57
--- /dev/null
+++ b/nss/netgroup.c
@@ -0,0 +1,83 @@
+/*
+   netgroup.c - NSS lookup functions for netgroup entries
+
+   Copyright (C) 2006 West Consulting
+   Copyright (C) 2006 Arthur de Jong
+
+   This library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Library General Public
+   License as published by the Free Software Foundation; either
+   version 2 of the License, or (at your option) any later version.
+
+   This library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Library General Public License for more details.
+
+   You should have received a copy of the GNU Library General Public
+   License along with this library; if not, write to the Free
+   Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
+   MA 02110-1301 USA
+*/
+
+#include "config.h"
+
+#include <stdlib.h>
+#include <string.h>
+#include <nss.h>
+#include <errno.h>
+
+#include "prototypes.h"
+#include "nslcd-client.h"
+#include "common.h"
+
+/* macros for expanding the LDF_AUTOMOUNT macro */
+#define LDF_STRING(field)     READ_STRING_BUF(fp,field)
+#define NETGROUP_HOST         result->val.triple.host
+#define NETGROUP_USER         result->val.triple.user
+#define NETGROUP_DOMAIN       result->val.triple.domain
+
+static enum nss_status read_netgrent(
+        FILE *fp,struct __netgrent *result,
+        char *buffer,size_t buflen,int *errnop)
+{
+  int32_t tmpint32;
+  size_t bufptr=0;
+  /* auto-genereted read code */
+  LDF_NETGROUP;
+  /* fix other fields */
+  result->type=triple_val;
+  /* FIXME: detect NULL or match-any values */
+  /* we're done */
+  return NSS_STATUS_SUCCESS;
+}
+
+enum nss_status _nss_ldap_setnetgrent(const char *group,struct __netgrent *result)
+{
+  int32_t tmpint32;
+  int errnocp;
+  int *errnop;
+  errnop=&errnocp;
+  /* close the existing stream if it is still open */
+  if (result->data!=NULL)
+    fclose(result->data);
+  /* open a new stream and write the request */
+  OPEN_SOCK(result->data);
+  WRITE_REQUEST(result->data,NSLCD_NETGROUP_BYNAME);
+  WRITE_STRING(result->data,group);
+  WRITE_FLUSH(result->data);
+  /* read response header */
+  READ_RESPONSEHEADER(result->data,NSLCD_NETGROUP_BYNAME);
+  return NSS_STATUS_SUCCESS;
+/* fixme: this should probably also set result->known_groups */  
+}
+
+enum nss_status _nss_ldap_getnetgrent_r(struct __netgrent *result,char *buffer,size_t buflen,int *errnop)
+{
+  NSS_GETENT(result->data,read_netgrent);
+}
+
+enum nss_status _nss_ldap_endnetgrent(struct __netgrent *result)
+{
+  NSS_ENDENT(result->data);
+}
diff --git a/nss/prototypes.h b/nss/prototypes.h
index c11862f..57d474f 100644
--- a/nss/prototypes.h
+++ b/nss/prototypes.h
@@ -35,12 +35,45 @@
 /* We define struct etherent here because it does not seem to
    be defined in any publicly available header file exposed
    by glibc. This is taken from include/netinet/ether.h
-   of the glibc source. */
+   of the glibc (2.3.6) source tarball. */
 struct etherent
 {
   const char *e_name;
   struct ether_addr e_addr;
-};   
+};
+
+/* We also define struct __netgrent because it's definition is
+   not publically available. This is taken from inet/netgroup.h
+   of the glibc (2.3.6) source tarball.
+   This definition changes the definition of the data field
+   to pass our file pointer for ongoing requests and the
+   definition of the nip field to not drag in extra unneeded
+   types. */ 
+struct __netgrent
+{
+  enum { triple_val, group_val } type;
+  union
+  {
+    struct
+    {
+      const char *host;
+      const char *user;
+      const char *domain;
+    } triple;
+    const char *group;
+  } val;
+  FILE *data; /* was `char *data' */
+  size_t data_size;
+  union
+  {
+    char *cursor;
+    unsigned long int position;
+  } insertedname;
+  int first;
+  struct name_list *known_groups;
+  struct name_list *needed_groups;
+  void *nip; /* changed from `service_user *nip' */
+};
 
 /*
    These are prototypes for functions exported from the ldap NSS module.
@@ -86,11 +119,10 @@ enum nss_status _nss_ldap_gethostent_r(struct hostent *result,char *buffer,size_
 enum nss_status _nss_ldap_endhostent(void);
 
 /* netgroup - list of host and users */
-/* DISABLED FOR NOW
 enum nss_status _nss_ldap_setnetgrent(const char *group,struct __netgrent *result);
 enum nss_status _nss_ldap_getnetgrent_r(struct __netgrent *result,char *buffer,size_t buflen,int *errnop);
 enum nss_status _nss_ldap_endnetgrent(struct __netgrent *result);
-*/
+/* TODO: should there be a innetgr() equivalent? */
 
 /* networks - network names and numbers */
 enum nss_status _nss_ldap_getnetbyname_r(const char *name,struct netent *result,char *buffer,size_t buflen,int *errnop,int *h_errnop);