diff options
| author | Arthur de Jong <arthur@arthurdejong.org> | 2006-10-12 12:32:06 +0000 |
|---|---|---|
| committer | Arthur de Jong <arthur@arthurdejong.org> | 2006-10-12 12:32:06 +0000 |
| commit | f1de6decf34b37672e2c4cc3d191b689a95d07d1 (patch) | |
| tree | 4a20e4a3761d319f2e9d698170c9b7d5f1b80065 | |
| parent | fc7cea9f90281ecc8fe97eb3e1767ea814c99a8f (diff) | |
some more small cleanups of code for non-supported systems and convert tabs to spaces
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/libnss_ldapd@13 ef36b2f9-881f-0410-afb5-c4e39611909c
| -rw-r--r-- | ANNOUNCE | 32 | ||||
| -rw-r--r-- | AUTHORS | 100 | ||||
| -rw-r--r-- | Makefile.am | 4 | ||||
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | README | 8 | ||||
| -rwxr-xr-x | certutil | 266 | ||||
| -rw-r--r-- | configure.ac | 52 | ||||
| -rw-r--r-- | dnsconfig.c | 54 | ||||
| -rw-r--r-- | dnsconfig.h | 2 | ||||
| -rw-r--r-- | exports.aix | 64 | ||||
| -rw-r--r-- | exports.hpux | 1 | ||||
| -rw-r--r-- | exports.linux | 124 | ||||
| -rw-r--r-- | exports.solaris | 54 | ||||
| -rw-r--r-- | ldap-alias.c | 22 | ||||
| -rw-r--r-- | ldap-alias.h | 6 | ||||
| -rw-r--r-- | ldap-automount.c | 94 | ||||
| -rw-r--r-- | ldap-automount.h | 6 | ||||
| -rw-r--r-- | ldap-bp.c | 2 | ||||
| -rw-r--r-- | ldap-bp.h | 6 | ||||
| -rw-r--r-- | ldap-ethers.c | 28 | ||||
| -rw-r--r-- | ldap-ethers.h | 12 | ||||
| -rw-r--r-- | ldap-grp.c | 644 | ||||
| -rw-r--r-- | ldap-grp.h | 6 | ||||
| -rw-r--r-- | ldap-hosts.c | 152 | ||||
| -rw-r--r-- | ldap-hosts.h | 6 | ||||
| -rw-r--r-- | ldap-netgrp.c | 94 | ||||
| -rw-r--r-- | ldap-netgrp.h | 2 | ||||
| -rw-r--r-- | ldap-network.c | 100 | ||||
| -rw-r--r-- | ldap-network.h | 6 | ||||
| -rw-r--r-- | ldap-nss.c | 2002 | ||||
| -rw-r--r-- | ldap-nss.h | 240 | ||||
| -rw-r--r-- | ldap-parse.h | 60 | ||||
| -rw-r--r-- | ldap-proto.c | 28 | ||||
| -rw-r--r-- | ldap-proto.h | 6 | ||||
| -rw-r--r-- | ldap-pwd.c | 52 | ||||
| -rw-r--r-- | ldap-rpc.c | 26 | ||||
| -rw-r--r-- | ldap-rpc.h | 6 | ||||
| -rw-r--r-- | ldap-schema.c | 110 | ||||
| -rw-r--r-- | ldap-schema.h | 4 | ||||
| -rw-r--r-- | ldap-service.c | 144 | ||||
| -rw-r--r-- | ldap-service.h | 6 | ||||
| -rw-r--r-- | ldap-spwd.c | 28 | ||||
| -rw-r--r-- | ldap-spwd.h | 6 | ||||
| -rw-r--r-- | ldap.conf | 34 | ||||
| -rw-r--r-- | ltf.c | 6 | ||||
| -rw-r--r-- | nsswitch.ldap | 6 | ||||
| -rw-r--r-- | pagectrl.c | 58 | ||||
| -rw-r--r-- | resolve.c | 186 | ||||
| -rw-r--r-- | resolve.h | 16 | ||||
| -rw-r--r-- | util.c | 971 | ||||
| -rw-r--r-- | util.h | 194 |
51 files changed, 3022 insertions, 3116 deletions
@@ -12,14 +12,14 @@ passwords (instead of or in addition to using flat files or NIS). nss_ldap nominally supports the following operating system libraries: - o the Nameservice Switch in Solaris 2.4 to 9 - o the Nameservice Switch in HP-UX 11 - o the Nameservice Switch in the GNU C Library 2.1 (as + o the Nameservice Switch in Solaris 2.4 to 9 + o the Nameservice Switch in HP-UX 11 + o the Nameservice Switch in the GNU C Library 2.1 (as in libc.so.6 under Linux) - o the Nameservice Switch in FreeBSD 5.x - o the Information Retrieval Service (IRS) in BIND - o the Information Retrieval Service (IRS) and proprietary - authentication and identity interface in AIX 4.3.3 + o the Nameservice Switch in FreeBSD 5.x + o the Information Retrieval Service (IRS) in BIND + o the Information Retrieval Service (IRS) and proprietary + authentication and identity interface in AIX 4.3.3 nss_ldap is an implementation of the schema specified in RFC 2307 and is compatible with that used in PADL Software Pty Ltd's @@ -68,14 +68,14 @@ Licence (LGPL). Please read the file COPYING.LIB For more information. nss_ldap is available from: - <URL:http://www.padl.com/download/nss_ldap.tgz> - <URL:ftp://ftp.padl.com/pub/nss_ldap.tgz> + <URL:http://www.padl.com/download/nss_ldap.tgz> + <URL:ftp://ftp.padl.com/pub/nss_ldap.tgz> We have also made available some Perl scripts for populating LDAP databases from existing flat files, NIS and/or NetInfo data. - <URL:http://www.padl.com/download/MigrationTools.tgz> - <URL:ftp://www.padl.com/pub/MigrationTools.tgz> + <URL:http://www.padl.com/download/MigrationTools.tgz> + <URL:ftp://www.padl.com/pub/MigrationTools.tgz> You'll need to compile a position-independent LDAP client library (libldap). You can either get the entire LDAP package from the University @@ -90,14 +90,14 @@ or download OpenLDAP from www.openldap.org. To discuss nss_ldap, ypldapd, and related technologies, you may subscribe to the following mailing list: - <URL:mailto:ldap-nis-request@padl.com> + <URL:mailto:ldap-nis-request@padl.com> Send an electronic mail message with "subscribe" in the message body to join the list. To contact the developers, email: - <URL:mailto:dev@padl.com> + <URL:mailto:dev@padl.com> Note that PADL offer commercial support on a per-incident basis. The support@padl.com is for commercial support customers only. @@ -105,12 +105,12 @@ support@padl.com is for commercial support customers only. For more information on using LDAP for name resolution, and related software, see: - <URL:http://www.padl.com> + <URL:http://www.padl.com> And if you need an LDAP server, or some general information on LDAP, see: - <URL:http://www.openldap.org> + <URL:http://www.openldap.org> 7. Who wrote it? ---------------- @@ -121,5 +121,5 @@ others have contributed, see the file AUTHORS in this directory. Please read the following document before submitting any contributions: - <URL:http://www.padl.com/Articles/GuidelinesforContributing.html> + <URL:http://www.padl.com/Articles/GuidelinesforContributing.html> @@ -9,56 +9,56 @@ and ideas to make this software available. Please note that unless specifically indicated otherwise, Luke Howard retains copyright in all contributed code. - Steven Barrus <sbarrus@eng.utah.edu> - David Begley <david@avarice.nepean.uws.edu.au> - Maxim Batourine <Batourine_M@ald.utoronto.ca> - Michael Brownea <mbrown@fensystems.co.uk> - Max Caines <Max.Caines@wlv.ac.uk> - Carlos Celso <carlos.celso@embraer.com.br> - Peter Cherny <peterc@luddite.com.au> - Howard Chu <hyc@symas.com> - Ben Collins <bcollins@debian.org> - Stephan Cremer <scremer@dohle.com> - Alejandro Forero Cuervo <azul@freaks-unidos.net> - Guenther Deschner <gd@samba.org> - Luca Filipozzi <lucaf+nssldap@ece.ubc.ca> - Andrew Findlay <Andrew.Findlay@skills-1st.co.uk> - Cristian Gafton <gafton@redhat.com> - Gabor Gombas <gombasg@inf.elte.hu> - DJ Gregor <dj@gregor.com> - Bob Guo <bob@mail.ied.ac.cn> - Daniel Hanks <hanksdc@plug.org> - Leif Hedstrom <leif@ogre.com> - Emile Heitor <eheitor@isdnet.net> - Geert Jansen <undisclosed> - Szymon Juraszczyk <szymon@ssk.pl> - Anselm Kruis <kruis@till-photonics.com> - Thorsten Kukuk <kukuk@suse.de> - Steve Langasek <vorlon@netexpress.net> - Joe Little <jlittle@open-it.org> - Phillip Liu <phillip@loudcloud.com> - Larry Lile <llile@dreamworks.com> - Jeff Mandel <jeff.mandel@probes.com> - Peter Marschall <peter@adpm.de> - Michael Mattice <mike@bmisystems.com> - Dejan Muhamedagic <dejan.muhamedagic@at.ibm.com> - Doug Nazar <nazard@dragoninc.on.ca> - Frode Nordahl <frode@nordahl.net> - Lars Oergel <lars.oergel@innominate.de> - Fredrik Ohrn <ohrn@chl.chalmers.se> - Rakesh Patel <rpatel@globix.com> - Nathan Hawkins <Nathan.Hawkins@FMR.COM> - Andrew Rechenberg <ARechenberg@shermanfinancialgroup.com> - Greg Retowski <greg@rage.net> - Alain Richard <alain.richard@equation.fr> - Michael Shuey <shuey@ecn.purdue.edu> - Oliver Schulze L. <oliver@samera.com.py> - Alexander Spannagel <spannagel@jobpilot.com> - Scott M. Stone <sstone@foo3.com> - Gero Treuner <gero@faveve.uni-stuttgart.de> - Jarkko Turkulainen <jt@wapit.com> - Stein Vrale <stein@terminator.net> - Simon Wilkinson <sxw@sxw.org.uk> + Steven Barrus <sbarrus@eng.utah.edu> + David Begley <david@avarice.nepean.uws.edu.au> + Maxim Batourine <Batourine_M@ald.utoronto.ca> + Michael Brownea <mbrown@fensystems.co.uk> + Max Caines <Max.Caines@wlv.ac.uk> + Carlos Celso <carlos.celso@embraer.com.br> + Peter Cherny <peterc@luddite.com.au> + Howard Chu <hyc@symas.com> + Ben Collins <bcollins@debian.org> + Stephan Cremer <scremer@dohle.com> + Alejandro Forero Cuervo <azul@freaks-unidos.net> + Guenther Deschner <gd@samba.org> + Luca Filipozzi <lucaf+nssldap@ece.ubc.ca> + Andrew Findlay <Andrew.Findlay@skills-1st.co.uk> + Cristian Gafton <gafton@redhat.com> + Gabor Gombas <gombasg@inf.elte.hu> + DJ Gregor <dj@gregor.com> + Bob Guo <bob@mail.ied.ac.cn> + Daniel Hanks <hanksdc@plug.org> + Leif Hedstrom <leif@ogre.com> + Emile Heitor <eheitor@isdnet.net> + Geert Jansen <undisclosed> + Szymon Juraszczyk <szymon@ssk.pl> + Anselm Kruis <kruis@till-photonics.com> + Thorsten Kukuk <kukuk@suse.de> + Steve Langasek <vorlon@netexpress.net> + Joe Little <jlittle@open-it.org> + Phillip Liu <phillip@loudcloud.com> + Larry Lile <llile@dreamworks.com> + Jeff Mandel <jeff.mandel@probes.com> + Peter Marschall <peter@adpm.de> + Michael Mattice <mike@bmisystems.com> + Dejan Muhamedagic <dejan.muhamedagic@at.ibm.com> + Doug Nazar <nazard@dragoninc.on.ca> + Frode Nordahl <frode@nordahl.net> + Lars Oergel <lars.oergel@innominate.de> + Fredrik Ohrn <ohrn@chl.chalmers.se> + Rakesh Patel <rpatel@globix.com> + Nathan Hawkins <Nathan.Hawkins@FMR.COM> + Andrew Rechenberg <ARechenberg@shermanfinancialgroup.com> + Greg Retowski <greg@rage.net> + Alain Richard <alain.richard@equation.fr> + Michael Shuey <shuey@ecn.purdue.edu> + Oliver Schulze L. <oliver@samera.com.py> + Alexander Spannagel <spannagel@jobpilot.com> + Scott M. Stone <sstone@foo3.com> + Gero Treuner <gero@faveve.uni-stuttgart.de> + Jarkko Turkulainen <jt@wapit.com> + Stein Vrale <stein@terminator.net> + Simon Wilkinson <sxw@sxw.org.uk> If I've forgotton anyone, please let me know. diff --git a/Makefile.am b/Makefile.am index 9f63ba5..60ef35f 100644 --- a/Makefile.am +++ b/Makefile.am @@ -89,8 +89,8 @@ endif install-data-local: @$(NORMAL_INSTALL) @if test ! -f $(DESTDIR)$(NSS_LDAP_PATH_CONF); then \ - $(mkinstalldirs) $(DESTDIR)$(dir $(NSS_LDAP_PATH_CONF)); \ - $(INSTALL_DATA) -o $(INST_UID) -g $(INST_GID) $(srcdir)/ldap.conf $(DESTDIR)$(NSS_LDAP_PATH_CONF); \ + $(mkinstalldirs) $(DESTDIR)$(dir $(NSS_LDAP_PATH_CONF)); \ + $(INSTALL_DATA) -o $(INST_UID) -g $(INST_GID) $(srcdir)/ldap.conf $(DESTDIR)$(NSS_LDAP_PATH_CONF); \ fi $(INSTALL_DATA) -o $(INST_UID) -g $(INST_GID) $(srcdir)/nsswitch.ldap $(DESTDIR)$(sysconfdir)/nsswitch.ldap; @@ -106,7 +106,7 @@ _nss_ldap_endnetgrent(struct __netgrent *result); NSS_STATUS _nss_ldap_getnetgrent_r(struct __netgrent *result, char *buffer, - size_t buflen, int *errnop); + size_t buflen, int *errnop); Because netgroups are just triples in LDAP, you should be able to avail yourself of the _nss_netgroup_parseline() helper function. (Having @@ -20,10 +20,10 @@ The source code is distributed under the GNU General Library Public Licence Platforms this has been built under: - o Linux 2.x - o Solaris 2.4, 2.6, 7, 8 - o FreeBSD BIND 8.x (not useful unless you recompile libc) - o AIX 4.3.3 with IRS + o Linux 2.x + o Solaris 2.4, 2.6, 7, 8 + o FreeBSD BIND 8.x (not useful unless you recompile libc) + o AIX 4.3.3 with IRS If you are willing to use an older, and possibly buggy, version of nss_ldap, you *might* find patches to get it to work with the @@ -61,7 +61,7 @@ # Print usage usage() { - cat << EOF + cat << EOF Usage: $0 -l [-d dir] -a -n name -i file [-d dir] @@ -80,64 +80,64 @@ Usage: $0 -l [-d dir] file -- Certificate file in PEM format EOF - exit 1 + exit 1 } # Check path check_path() { - # check the directory - if [ ! -d $CDIR -a $ADD -eq 1 ]; then - echo -n "$0: cannot access $CDIR, create? [y/N] " - read LINE - case $LINE in - y|Y) - mkdir $CDIR - chmod 700 $CDIR - touch $CDIR/certs.dat - chmod 600 $CDIR/certs.dat - ;; - *) - exit 1 - ;; - esac - fi + # check the directory + if [ ! -d $CDIR -a $ADD -eq 1 ]; then + echo -n "$0: cannot access $CDIR, create? [y/N] " + read LINE + case $LINE in + y|Y) + mkdir $CDIR + chmod 700 $CDIR + touch $CDIR/certs.dat + chmod 600 $CDIR/certs.dat + ;; + *) + exit 1 + ;; + esac + fi - # check certs.dat - if [ ! -e $CDIR/certs.dat ]; then - echo "$0: please specify a valid cert directory" - exit 1 - fi + # check certs.dat + if [ ! -e $CDIR/certs.dat ]; then + echo "$0: please specify a valid cert directory" + exit 1 + fi } # Add certificates add_cert() { - check_path - if [ ! -e $FILE ]; then - echo "$0: cannot find $FILE" - exit 1 - fi - HASH=`openssl x509 -in $FILE -hash -noout 2>/dev/null`.0 - if [ $? -ne 0 ]; then - echo "$0: unable to load certificate $FILE" - exit 1 - fi + check_path + if [ ! -e $FILE ]; then + echo "$0: cannot find $FILE" + exit 1 + fi + HASH=`openssl x509 -in $FILE -hash -noout 2>/dev/null`.0 + if [ $? -ne 0 ]; then + echo "$0: unable to load certificate $FILE" + exit 1 + fi - if grep "^$CNAME|" $CDIR/certs.dat 1>/dev/null 2>&1; then - echo "$0: nickname already in use" - exit 1 - fi + if grep "^$CNAME|" $CDIR/certs.dat 1>/dev/null 2>&1; then + echo "$0: nickname already in use" + exit 1 + fi - if [ -e $CDIR/$HASH ]; then - echo "$0: certificate already in directory" - echo `openssl x509 -in $CDIR/$HASH -subject -noout` - exit 1 - else - cp $FILE $CDIR/$HASH - chmod 600 $CDIR/$HASH - echo "$CNAME|$HASH" >> $CDIR/certs.dat - chmod 600 $CDIR/certs.dat - fi + if [ -e $CDIR/$HASH ]; then + echo "$0: certificate already in directory" + echo `openssl x509 -in $CDIR/$HASH -subject -noout` + exit 1 + else + cp $FILE $CDIR/$HASH + chmod 600 $CDIR/$HASH + echo "$CNAME|$HASH" >> $CDIR/certs.dat + chmod 600 $CDIR/certs.dat + fi } @@ -146,52 +146,52 @@ add_cert() { # (this is too slow...) # list_cert() { - check_path - echo - echo "Certificates in directory $CDIR" - echo - printf "%-30s%s\n" nickname subject/issuer - echo "----------------------------------------------------------------------------" - cat $CDIR/certs.dat | while read LINE; do - NICK=`echo $LINE | cut -d "|" -f 1` - HASH=`echo $LINE | cut -d "|" -f 2` - SUBJECT=`openssl x509 -in $CDIR/$HASH -subject -noout` - ISSUER=`openssl x509 -in $CDIR/$HASH -issuer -noout` - printf "%-30s%s\n" "$NICK" "$SUBJECT" - printf "%-30s%s\n\n" "" "$ISSUER" + check_path + echo + echo "Certificates in directory $CDIR" + echo + printf "%-30s%s\n" nickname subject/issuer + echo "----------------------------------------------------------------------------" + cat $CDIR/certs.dat | while read LINE; do + NICK=`echo $LINE | cut -d "|" -f 1` + HASH=`echo $LINE | cut -d "|" -f 2` + SUBJECT=`openssl x509 -in $CDIR/$HASH -subject -noout` + ISSUER=`openssl x509 -in $CDIR/$HASH -issuer -noout` + printf "%-30s%s\n" "$NICK" "$SUBJECT" + printf "%-30s%s\n\n" "" "$ISSUER" - done + done } # Remove certificates remove_cert() { - check_path - ( - cat $CDIR/certs.dat | while read LINE; do - NICK=`echo $LINE | cut -d "|" -f 1` - HASH=`echo $LINE | cut -d "|" -f 2` - if [ "$CNAME" = "$NICK" ]; then - rm $CDIR/$HASH - else - echo $LINE - fi - done - ) > /tmp/$$ - mv /tmp/$$ $CDIR/certs.dat - chmod 600 $CDIR/certs.dat + check_path + ( + cat $CDIR/certs.dat | while read LINE; do + NICK=`echo $LINE | cut -d "|" -f 1` + HASH=`echo $LINE | cut -d "|" -f 2` + if [ "$CNAME" = "$NICK" ]; then + rm $CDIR/$HASH + else + echo $LINE + fi + done + ) > /tmp/$$ + mv /tmp/$$ $CDIR/certs.dat + chmod 600 $CDIR/certs.dat } # View certificate view_cert() { - check_path - cat $CDIR/certs.dat | while read LINE; do - NICK=`echo $LINE | cut -d "|" -f 1` - HASH=`echo $LINE | cut -d "|" -f 2` - if [ "$CNAME" = "$NICK" ]; then - openssl x509 -in $CDIR/$HASH -text - return 1 - fi - done + check_path + cat $CDIR/certs.dat | while read LINE; do + NICK=`echo $LINE | cut -d "|" -f 1` + HASH=`echo $LINE | cut -d "|" -f 2` + if [ "$CNAME" = "$NICK" ]; then + openssl x509 -in $CDIR/$HASH -text + return 1 + fi + done } # Parse option string @@ -200,32 +200,32 @@ REMOVE=0 LIST=0 VIEW=0 while getopts "arlvd:n:i:" OPT; do - case $OPT in - a) - ADD=1 - ;; - r) - REMOVE=1 - ;; - l) - LIST=1 - ;; - v) - VIEW=1 - ;; - d) - CDIR=$OPTARG - ;; - n) - CNAME=$OPTARG - ;; - i) - FILE=$OPTARG - ;; - *) - usage - ;; - esac + case $OPT in + a) + ADD=1 + ;; + r) + REMOVE=1 + ;; + l) + LIST=1 + ;; + v) + VIEW=1 + ;; + d) + CDIR=$OPTARG + ;; + n) + CNAME=$OPTARG + ;; + i) + FILE=$OPTARG + ;; + *) + usage + ;; + esac done # Default options @@ -233,31 +233,31 @@ CDIR=${CDIR:=.} # Check command line options if [ $ADD -eq 1 -a $REMOVE -eq 0 -a $LIST -eq 0 -a $VIEW -eq 0 ]; then - if [ -n "$CNAME" -a -n "$FILE" ]; then - add_cert - else - echo "$0: missing certificate name or file" - usage - fi + if [ -n "$CNAME" -a -n "$FILE" ]; then + add_cert + else + echo "$0: missing certificate name or file" + usage + fi elif [ $REMOVE -eq 1 -a $ADD -eq 0 -a $LIST -eq 0 -a $VIEW -eq 0 ]; then - if [ -n "$CNAME" ]; then - remove_cert - else - echo "$0: missing certificate name" - usage - fi + if [ -n "$CNAME" ]; then + remove_cert + else + echo "$0: missing certificate name" + usage + fi elif [ $LIST -eq 1 -a $ADD -eq 0 -a $REMOVE -eq 0 -a $VIEW -eq 0 ]; then - list_cert + list_cert elif [ $VIEW -eq 1 -a $ADD -eq 0 -a $REMOVE -eq 0 -a $LIST -eq 0 ]; then - if [ -n "$CNAME" ]; then - if view_cert; then - echo "$0: cert named \"$CNAME\" not found" - exit 1 - fi - else - echo "$0: missing certificate name" - usage - fi + if [ -n "$CNAME" ]; then + if view_cert; then + echo "$0: cert named \"$CNAME\" not found" + exit 1 + fi + else + echo "$0: missing certificate name" + usage + fi else - usage + usage fi diff --git a/configure.ac b/configure.ac index f46328f..6872542 100644 --- a/configure.ac +++ b/configure.ac @@ -84,11 +84,11 @@ AC_ARG_ENABLE(configurable-krb5-ccname-gssapi, [ --enable-configurable-krb5-ccn AC_ARG_WITH(ldap-lib, [ --with-ldap-lib=type select ldap library [auto|netscape5|netscape4|netscape3|umich|openldap]]) AC_ARG_WITH(ldap-dir, [ --with-ldap-dir=DIR base directory of LDAP SDK]) AC_ARG_WITH(ldap-conf-file, [ --with-ldap-conf-file path to LDAP configuration file], - [ NSS_LDAP_PATH_CONF="$with_ldap_conf_file" ], - [ NSS_LDAP_PATH_CONF="/etc/ldap.conf" ]) + [ NSS_LDAP_PATH_CONF="$with_ldap_conf_file" ], + [ NSS_LDAP_PATH_CONF="/etc/ldap.conf" ]) AC_ARG_WITH(ldap-secret-file, [ --with-ldap-secret-file path to LDAP root secret file], - [ NSS_LDAP_PATH_ROOTPASSWD="$with_ldap_secret_file" ], - [ NSS_LDAP_PATH_ROOTPASSWD="/etc/ldap.secret" ]) + [ NSS_LDAP_PATH_ROOTPASSWD="$with_ldap_secret_file" ], + [ NSS_LDAP_PATH_ROOTPASSWD="/etc/ldap.secret" ]) AC_ARG_WITH(gssapi-dir, [ --with-gssapi-dir=DIR base directory of gssapi SDK]) ldap_nss_ngroups=64 AC_ARG_WITH(ngroups, [ --with-ngroups=num average group size hint, experts only], [ldap_nss_ngroups=$with_ngroups]) @@ -177,11 +177,11 @@ AC_CHECK_HEADERS(ldap_ssl.h) dnl AC_MSG_CHECKING(for ldap_ssl.h) dnl AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h> -dnl #include <ldap.h> -dnl #include <ldap_ssl.h>]], [[]])],[dnl -dnl AC_MSG_RESULT(yes), -dnl AC_DEFINE(HAVE_LDAP_SSL_H, 1) -dnl ],[dnl AC_MSG_RESULT(no)]) +dnl #include <ldap.h> +dnl #include <ldap_ssl.h>]], [[]])],[dnl +dnl AC_MSG_RESULT(yes), +dnl AC_DEFINE(HAVE_LDAP_SSL_H, 1) +dnl ],[dnl AC_MSG_RESULT(no)]) # For HP-UX and AIX we use private API, the headers for which # are included locally. We need to do something to stop both @@ -240,31 +240,31 @@ AC_CHECK_FUNCS(ether_ntoa) AC_MSG_CHECKING(for struct ether_addr) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h> - #include <sys/socket.h> - #include <net/if.h> - #include <netinet/in.h> - #include <netinet/if_ether.h>]], [[struct ether_addr x;]])],[ - AC_MSG_RESULT(yes) - AC_DEFINE(HAVE_STRUCT_ETHER_ADDR, 1, [Define to enable struct ether_addr definition.]) - ],[AC_MSG_RESULT(no)]) + #include <sys/socket.h> + #include <net/if.h> + #include <netinet/in.h> + #include <netinet/if_ether.h>]], [[struct ether_addr x;]])],[ + AC_MSG_RESULT(yes) + AC_DEFINE(HAVE_STRUCT_ETHER_ADDR, 1, [Define to enable struct ether_addr definition.]) + ],[AC_MSG_RESULT(no)]) AC_MSG_CHECKING(for socklen_t) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h> - #include <sys/socket.h>]], [[socklen_t len;]])],[ - AC_MSG_RESULT(yes) - AC_DEFINE(HAVE_SOCKLEN_T, 1, [Define to enable socklen_t definition.]) - ],[AC_MSG_RESULT(no)]) + #include <sys/socket.h>]], [[socklen_t len;]])],[ + AC_MSG_RESULT(yes) + AC_DEFINE(HAVE_SOCKLEN_T, 1, [Define to enable socklen_t definition.]) + ],[AC_MSG_RESULT(no)]) AC_MSG_CHECKING(for pw_change in struct passwd) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <pwd.h>]], [[struct passwd pwd; time_t t = pwd.pw_change]])],[ - AC_MSG_RESULT(yes) - AC_DEFINE(HAVE_PASSWD_PW_CHANGE, 1, [Define if struct passwd has a pw_change member.]) - ],[AC_MSG_RESULT(no)]) + AC_MSG_RESULT(yes) + AC_DEFINE(HAVE_PASSWD_PW_CHANGE, 1, [Define if struct passwd has a pw_change member.]) + ],[AC_MSG_RESULT(no)]) AC_MSG_CHECKING(for pw_expire in struct passwd) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <pwd.h>]], [[struct passwd pwd; time_t t = pwd.pw_expire]])],[ - AC_MSG_RESULT(yes) - AC_DEFINE(HAVE_PASSWD_PW_EXPIRE, 1, [Define if struct passwd has a pw_expire member.]) - ],[AC_MSG_RESULT(no)]) + AC_MSG_RESULT(yes) + AC_DEFINE(HAVE_PASSWD_PW_EXPIRE, 1, [Define if struct passwd has a pw_expire member.]) + ],[AC_MSG_RESULT(no)]) dnl check which ldap library we have dnl check which ldap library we have diff --git a/dnsconfig.c b/dnsconfig.c index 59adc4b..92e4795 100644 --- a/dnsconfig.c +++ b/dnsconfig.c @@ -57,7 +57,7 @@ /* map gnu.org into DC=gnu,DC=org */ enum nss_status _nss_ldap_getdnsdn (char *src_domain, - char **rval, char **buffer, size_t * buflen) + char **rval, char **buffer, size_t * buflen) { char *p; int len = 0; @@ -90,26 +90,26 @@ _nss_ldap_getdnsdn (char *src_domain, len = strlen (p); if (*buflen < (size_t) (len + DC_ATTR_AVA_LEN + 1 /* D C = [,|\0] */ )) - { - free (domain_copy); - return NSS_TRYAGAIN; - } + { + free (domain_copy); + return NSS_TRYAGAIN; + } if (domain == NULL) - { - strcpy (bptr, ","); - bptr++; - } + { + strcpy (bptr, ","); + bptr++; + } else - { - domain = NULL; - } + { + domain = NULL; + } strcpy (bptr, DC_ATTR_AVA); bptr += DC_ATTR_AVA_LEN; strcpy (bptr, p); - bptr += len; /* don't include comma */ + bptr += len; /* don't include comma */ *buffer += len + DC_ATTR_AVA_LEN + 1; *buflen -= len + DC_ATTR_AVA_LEN + 1; } @@ -126,7 +126,7 @@ _nss_ldap_getdnsdn (char *src_domain, enum nss_status _nss_ldap_mergeconfigfromdns (ldap_config_t * result, - char **buffer, size_t *buflen) + char **buffer, size_t *buflen) { enum nss_status stat = NSS_SUCCESS; struct dns_reply *r; @@ -158,18 +158,18 @@ _nss_ldap_mergeconfigfromdns (ldap_config_t * result, for (rr = r->head; rr != NULL; rr = rr->next) { if (rr->type == T_SRV) - { - snprintf (uribuf, sizeof(uribuf), "ldap%s:%s:%d", - (rr->u.srv->port == LDAPS_PORT) ? "s" : "", - rr->u.srv->target, - rr->u.srv->port); - - stat = _nss_ldap_add_uri (result, uribuf, buffer, buflen); - if (stat != NSS_SUCCESS) - { - break; - } - } + { + snprintf (uribuf, sizeof(uribuf), "ldap%s:%s:%d", + (rr->u.srv->port == LDAPS_PORT) ? "s" : "", + rr->u.srv->target, + rr->u.srv->port); + + stat = _nss_ldap_add_uri (result, uribuf, buffer, buflen); + if (stat != NSS_SUCCESS) + { + break; + } + } } dns_free_data (r); @@ -178,7 +178,7 @@ _nss_ldap_mergeconfigfromdns (ldap_config_t * result, if (result->ldc_base == NULL) { stat = _nss_ldap_getdnsdn (_res.defdname, &result->ldc_base, - buffer, buflen); + buffer, buflen); } return stat; diff --git a/dnsconfig.h b/dnsconfig.h index 956ec20..bd51d48 100644 --- a/dnsconfig.h +++ b/dnsconfig.h @@ -27,7 +27,7 @@ /* utility routines. */ enum nss_status _nss_ldap_getdnsdn (char *domain, - char **rval, char **buffer, size_t * buflen); + char **rval, char **buffer, size_t * buflen); enum nss_status _nss_ldap_mergeconfigfromdns (ldap_config_t * result, char **buffer, size_t *buflen); diff --git a/exports.aix b/exports.aix deleted file mode 100644 index d51fa7e..0000000 --- a/exports.aix +++ /dev/null @@ -1,64 +0,0 @@ -#! - -* Group-related routines (not used on AIX directly) -gr_pvtinit -gr_close -gr_rewind -gr_minimize -gr_next -gr_byname -gr_bygid - -* Host-related routines -ho_pvtinit -ho_close -ho_rewind -ho_minimize -ho_next -ho_byname -* No ho_byname2 -ho_byaddr - -* Netgroup-related routines -ng_pvtinit -ng_close -ng_rewind -ng_minimize -ng_next -ng_test - -* Networks-related routines -nw_pvtinit -nw_close -nw_rewind -nw_minimize -nw_next -nw_byname -nw_byaddr - -* Protocols-related routines -pr_pvtinit -pr_close -pr_rewind -pr_minimize -pr_next -pr_byname -pr_bynumber - -* Password-related routines (not used on AIX directly) -pw_pvtinit -pw_close -pw_rewind -pw_minimize -pw_next -pw_byname -pw_byuid - -* Services-related routines -sv_pvtinit -sv_close -sv_rewind -sv_minimize -sv_next -sv_byname -sv_byport diff --git a/exports.hpux b/exports.hpux deleted file mode 100644 index 4f0f2f6..0000000 --- a/exports.hpux +++ /dev/null @@ -1 +0,0 @@ -+e _nss_ldap_bootparams_constr +e _nss_ldap_ethers_constr +e _nss_ldap_group_constr +e _nss_ldap_hosts_constr +e _nss_ldap_networks_constr +e _nss_ldap_protocols_constr +e _nss_ldap_passwd_constr +e _nss_ldap_rpc_constr +e _nss_ldap_services_constr +e _nss_ldap_shadow_constr diff --git a/exports.linux b/exports.linux index d10f8f4..f2ecf08 100644 --- a/exports.linux +++ b/exports.linux @@ -1,65 +1,65 @@ #ident $Id$ EXPORTED { - global: - # Published NSS service module interfaces - _nss_ldap_endaliasent; - _nss_ldap_endautomntent; - _nss_ldap_endetherent; - _nss_ldap_endgrent; - _nss_ldap_endhostent; - _nss_ldap_endnetent; - _nss_ldap_endnetgrent; - _nss_ldap_endprotoent; - _nss_ldap_endpwent; - _nss_ldap_endrpcent; - _nss_ldap_endservent; - _nss_ldap_endspent; - _nss_ldap_getaliasbyname_r; - _nss_ldap_getaliasent_r; - _nss_ldap_getautomntbyname_r; - _nss_ldap_getautomntent_r; - _nss_ldap_getetherent_r; - _nss_ldap_getgrent_r; - _nss_ldap_getgrgid_r; - _nss_ldap_getgrnam_r; - _nss_ldap_gethostbyaddr_r; - _nss_ldap_gethostbyname_r; - _nss_ldap_gethostbyname2_r; - _nss_ldap_gethostent_r; - _nss_ldap_gethostton_r; - _nss_ldap_getnetbyaddr_r; - _nss_ldap_getnetbyname_r; - _nss_ldap_getnetent_r; - _nss_ldap_getnetgrent_r; - _nss_ldap_getntohost_r; - _nss_ldap_getprotobyname_r; - _nss_ldap_getprotobynumber_r; - _nss_ldap_getprotoent_r; - _nss_ldap_getpwent_r; - _nss_ldap_getpwnam_r; - _nss_ldap_getpwuid_r; - _nss_ldap_getrpcbyname_r; - _nss_ldap_getrpcbynumber_r; - _nss_ldap_getrpcent_r; - _nss_ldap_getservbyname_r; - _nss_ldap_getservbyport_r; - _nss_ldap_getservent_r; - _nss_ldap_getspent_r; - _nss_ldap_getspnam_r; - _nss_ldap_initgroups; - _nss_ldap_initgroups_dyn; - _nss_ldap_setaliasent; - _nss_ldap_setautomntent; - _nss_ldap_setetherent; - _nss_ldap_setgrent; - _nss_ldap_sethostent; - _nss_ldap_setnetent; - _nss_ldap_setnetgrent; - _nss_ldap_setprotoent; - _nss_ldap_setpwent; - _nss_ldap_setrpcent; - _nss_ldap_setservent; - _nss_ldap_setspent; - local: - *; + global: + # Published NSS service module interfaces + _nss_ldap_endaliasent; + _nss_ldap_endautomntent; + _nss_ldap_endetherent; + _nss_ldap_endgrent; + _nss_ldap_endhostent; + _nss_ldap_endnetent; + _nss_ldap_endnetgrent; + _nss_ldap_endprotoent; + _nss_ldap_endpwent; + _nss_ldap_endrpcent; + _nss_ldap_endservent; + _nss_ldap_endspent; + _nss_ldap_getaliasbyname_r; + _nss_ldap_getaliasent_r; + _nss_ldap_getautomntbyname_r; + _nss_ldap_getautomntent_r; + _nss_ldap_getetherent_r; + _nss_ldap_getgrent_r; + _nss_ldap_getgrgid_r; + _nss_ldap_getgrnam_r; + _nss_ldap_gethostbyaddr_r; + _nss_ldap_gethostbyname_r; + _nss_ldap_gethostbyname2_r; + _nss_ldap_gethostent_r; + _nss_ldap_gethostton_r; + _nss_ldap_getnetbyaddr_r; + _nss_ldap_getnetbyname_r; + _nss_ldap_getnetent_r; + _nss_ldap_getnetgrent_r; + _nss_ldap_getntohost_r; + _nss_ldap_getprotobyname_r; + _nss_ldap_getprotobynumber_r; + _nss_ldap_getprotoent_r; + _nss_ldap_getpwent_r; + _nss_ldap_getpwnam_r; + _nss_ldap_getpwuid_r; + _nss_ldap_getrpcbyname_r; + _nss_ldap_getrpcbynumber_r; + _nss_ldap_getrpcent_r; + _nss_ldap_getservbyname_r; + _nss_ldap_getservbyport_r; + _nss_ldap_getservent_r; + _nss_ldap_getspent_r; + _nss_ldap_getspnam_r; + _nss_ldap_initgroups; + _nss_ldap_initgroups_dyn; + _nss_ldap_setaliasent; + _nss_ldap_setautomntent; + _nss_ldap_setetherent; + _nss_ldap_setgrent; + _nss_ldap_sethostent; + _nss_ldap_setnetent; + _nss_ldap_setnetgrent; + _nss_ldap_setprotoent; + _nss_ldap_setpwent; + _nss_ldap_setrpcent; + _nss_ldap_setservent; + _nss_ldap_setspent; + local: + *; }; diff --git a/exports.solaris b/exports.solaris index 8292617..e65c6c9 100644 --- a/exports.solaris +++ b/exports.solaris @@ -1,30 +1,30 @@ #ident $Id$ nss_ldap.so.1 { - global: - # Published NSS service module interfaces - _nss_ldap_bootparams_constr; - _nss_ldap_ethers_constr; - _nss_ldap_group_constr; - _nss_ldap_hosts_constr; - _nss_ldap_networks_constr; - _nss_ldap_protocols_constr; - _nss_ldap_passwd_constr; - _nss_ldap_rpc_constr; - _nss_ldap_services_constr; - _nss_ldap_shadow_constr; - _nss_ldap_netgroup_constr; - # libsldap library interfaces - __ns_ldap_getMappedAttributes; - __ns_ldap_getMappedObjectClass; - __ns_ldap_getParam; - __ns_ldap_freeError; - __ns_ldap_freeEntry; - __ns_ldap_freeResult; - __ns_ldap_list; - __ns_ldap_err2str; - __ns_ldap_firstEntry; - __ns_ldap_nextEntry; - __ns_ldap_endEntry; - local: - *; + global: + # Published NSS service module interfaces + _nss_ldap_bootparams_constr; + _nss_ldap_ethers_constr; + _nss_ldap_group_constr; + _nss_ldap_hosts_constr; + _nss_ldap_networks_constr; + _nss_ldap_protocols_constr; + _nss_ldap_passwd_constr; + _nss_ldap_rpc_constr; + _nss_ldap_services_constr; + _nss_ldap_shadow_constr; + _nss_ldap_netgroup_constr; + # libsldap library interfaces + __ns_ldap_getMappedAttributes; + __ns_ldap_getMappedObjectClass; + __ns_ldap_getParam; + __ns_ldap_freeError; + __ns_ldap_freeEntry; + __ns_ldap_freeResult; + __ns_ldap_list; + __ns_ldap_err2str; + __ns_ldap_firstEntry; + __ns_ldap_nextEntry; + __ns_ldap_endEntry; + local: + *; }; diff --git a/ldap-alias.c b/ldap-alias.c index a57d6c2..098cadc 100644 --- a/ldap-alias.c +++ b/ldap-alias.c @@ -27,7 +27,7 @@ #include <port_before.h> #endif -#if defined(HAVE_THREAD_H) && !defined(_AIX) +#if defined(HAVE_THREAD_H) #include <thread.h> #elif defined(HAVE_PTHREAD_H) #include <pthread.h> @@ -54,8 +54,8 @@ static ent_context_t *alias_context = NULL; static enum nss_status _nss_ldap_parse_alias (LDAPMessage * e, - ldap_state_t * pvt, - void *result, char *buffer, size_t buflen) + ldap_state_t * pvt, + void *result, char *buffer, size_t buflen) { struct aliasent *alias = (struct aliasent *) result; @@ -69,8 +69,8 @@ _nss_ldap_parse_alias (LDAPMessage * e, stat = _nss_ldap_assign_attrvals (e, AT (rfc822MailMember), NULL, - &alias->alias_members, &buffer, &buflen, - &alias->alias_members_len); + &alias->alias_members, &buffer, &buflen, + &alias->alias_members_len); alias->alias_local = 0; @@ -79,11 +79,11 @@ _nss_ldap_parse_alias (LDAPMessage * e, enum nss_status _nss_ldap_getaliasbyname_r (const char *name, struct aliasent * result, - char *buffer, size_t buflen, int *errnop) + char *buffer, size_t buflen, int *errnop) { LOOKUP_NAME (name, result, buffer, buflen, errnop, - _nss_ldap_filt_getaliasbyname, LM_ALIASES, - _nss_ldap_parse_alias, LDAP_NSS_BUFLEN_DEFAULT); + _nss_ldap_filt_getaliasbyname, LM_ALIASES, + _nss_ldap_parse_alias, LDAP_NSS_BUFLEN_DEFAULT); } enum nss_status _nss_ldap_setaliasent (void) @@ -98,11 +98,11 @@ enum nss_status _nss_ldap_endaliasent (void) enum nss_status _nss_ldap_getaliasent_r (struct aliasent *result, char *buffer, size_t buflen, - int *errnop) + int *errnop) { LOOKUP_GETENT (alias_context, result, buffer, buflen, errnop, - _nss_ldap_filt_getaliasent, LM_ALIASES, - _nss_ldap_parse_alias, LDAP_NSS_BUFLEN_DEFAULT); + _nss_ldap_filt_getaliasent, LM_ALIASES, + _nss_ldap_parse_alias, LDAP_NSS_BUFLEN_DEFAULT); } #endif /* HAVE_ALIASES_H */ diff --git a/ldap-alias.h b/ldap-alias.h index 991b46f..c3d3dd8 100644 --- a/ldap-alias.h +++ b/ldap-alias.h @@ -25,8 +25,8 @@ #define _LDAP_NSS_LDAP_LDAP_ALIAS_H static enum nss_status _nss_ldap_parse_alias (LDAPMessage * e, - ldap_state_t *, - void *result, - char *buffer, size_t buflen); + ldap_state_t *, + void *result, + char *buffer, size_t buflen); #endif /* _LDAP_NSS_LDAP_LDAP_ALIAS_H */ diff --git a/ldap-automount.c b/ldap-automount.c index 5889d19..ee73ff5 100644 --- a/ldap-automount.c +++ b/ldap-automount.c @@ -27,7 +27,7 @@ #include <port_before.h> #endif -#if defined(HAVE_THREAD_H) && !defined(_AIX) +#if defined(HAVE_THREAD_H) #include <thread.h> #elif defined(HAVE_PTHREAD_H) #include <pthread.h> @@ -59,21 +59,21 @@ static enum nss_status _nss_ldap_parse_automount (LDAPMessage * e, - ldap_state_t * pvt, - void *result, char *buffer, size_t buflen) + ldap_state_t * pvt, + void *result, char *buffer, size_t buflen) { enum nss_status stat; char ***keyval = result; stat = _nss_ldap_assign_attrval (e, AT (automountKey), keyval[0], - &buffer, &buflen); + &buffer, &buflen); if (stat != NSS_SUCCESS) return stat; stat = _nss_ldap_assign_attrval (e, AT (automountInformation), keyval[1], - &buffer, &buflen); + &buffer, &buflen); if (stat != NSS_SUCCESS) return stat; @@ -99,7 +99,7 @@ _nss_ldap_am_context_alloc(ldap_automount_context_t **pContext) /* List of DNs, grown on demand */ context->lac_dn_list = (char **)malloc (context->lac_dn_size * - sizeof(char *)); + sizeof(char *)); if (context->lac_dn_list == NULL) { free (context); @@ -132,13 +132,13 @@ _nss_ldap_am_context_free(ldap_automount_context_t **pContext) if (context->lac_dn_list != NULL) { for (i = 0; i < context->lac_dn_count; i++) - { + { #ifdef HAVE_LDAP_MEMFREE - ldap_memfree (context->lac_dn_list[i]); + ldap_memfree (context->lac_dn_list[i]); #else - free (context->lac_dn_list[i]); + free (context->lac_dn_list[i]); #endif /* HAVE_LDAP_MEMFREE */ - } + } free (context->lac_dn_list); } @@ -158,8 +158,8 @@ _nss_ldap_am_context_free(ldap_automount_context_t **pContext) static enum nss_status am_context_add_dn (LDAPMessage * e, - ldap_state_t * pvt, - void *result, char *buffer, size_t buflen) + ldap_state_t * pvt, + void *result, char *buffer, size_t buflen) { ldap_automount_context_t *context = (ldap_automount_context_t *) result; char *dn; @@ -175,16 +175,16 @@ am_context_add_dn (LDAPMessage * e, char **new_dns; new_dns = (char **)realloc(context->lac_dn_list, - 2 * context->lac_dn_size * sizeof(char *)); + 2 * context->lac_dn_size * sizeof(char *)); if (new_dns == NULL) - { + { #ifdef HAVE_LDAP_MEMFREE - ldap_memfree (dn); + ldap_memfree (dn); #else - free (dn); + free (dn); #endif /* HAVE_LDAP_MEMFREE */ - return NSS_TRYAGAIN; - } + return NSS_TRYAGAIN; + } context->lac_dn_list = new_dns; context->lac_dn_size *= 2; @@ -218,12 +218,12 @@ _nss_ldap_am_context_init(const char *mapname, ldap_automount_context_t **pConte do { stat = _nss_ldap_getent_ex (&a, &key, - (void *)context, - NULL, 0, &errnop, - _nss_ldap_filt_setautomntent, - LM_AUTOMOUNT, - no_attrs, - am_context_add_dn); + (void *)context, + NULL, 0, &errnop, + _nss_ldap_filt_setautomntent, + LM_AUTOMOUNT, + no_attrs, + am_context_add_dn); } while (stat == NSS_SUCCESS); @@ -283,7 +283,7 @@ enum nss_status _nss_ldap_setautomntent(const char *mapname, void **private) } enum nss_status _nss_ldap_getautomntent_r(void *private, const char **key, const char **value, - char *buffer, size_t buflen, int *errnop) + char *buffer, size_t buflen, int *errnop) { enum nss_status stat; ldap_automount_context_t *context = (ldap_automount_context_t *)private; @@ -309,19 +309,19 @@ enum nss_status _nss_ldap_getautomntent_r(void *private, const char **key, const LA_BASE (a) = context->lac_dn_list[context->lac_dn_index]; stat = _nss_ldap_getent_ex (&a, &context->lac_state, - (void *)keyval, - buffer, buflen, errnop, - _nss_ldap_filt_getautomntent, - LM_AUTOMOUNT, - NULL, - _nss_ldap_parse_automount); + (void *)keyval, + buffer, buflen, errnop, + _nss_ldap_filt_getautomntent, + LM_AUTOMOUNT, + NULL, + _nss_ldap_parse_automount); if (stat == NSS_NOTFOUND) - { - if (context->lac_dn_index < context->lac_dn_count - 1) - context->lac_dn_index++; - else - break; /* move along, nothing more to see here */ - } + { + if (context->lac_dn_index < context->lac_dn_count - 1) + context->lac_dn_index++; + else + break; /* move along, nothing more to see here */ + } } while (stat == NSS_NOTFOUND); @@ -350,8 +350,8 @@ enum nss_status _nss_ldap_endautomntent(void **private) } enum nss_status _nss_ldap_getautomntbyname_r(void *private, const char *key, - const char **canon_key, const char **value, - char *buffer, size_t buflen, int *errnop) + const char **canon_key, const char **value, + char *buffer, size_t buflen, int *errnop) { enum nss_status stat = NSS_NOTFOUND; ldap_automount_context_t *context = (ldap_automount_context_t *)private; @@ -376,16 +376,16 @@ enum nss_status _nss_ldap_getautomntbyname_r(void *private, const char *key, /* we do not acquire lock in this case */ stat = _nss_ldap_getbyname (&a, - (void *)keyval, - buffer, buflen, errnop, - _nss_ldap_filt_getautomntbyname, - LM_AUTOMOUNT, - _nss_ldap_parse_automount); + (void *)keyval, + buffer, buflen, errnop, + _nss_ldap_filt_getautomntbyname, + LM_AUTOMOUNT, + _nss_ldap_parse_automount); if (stat != NSS_NOTFOUND) - { - break; /* on success or error other than not found */ - } + { + break; /* on success or error other than not found */ + } } debug ("<== _nss_ldap_getautomntbyname_r"); diff --git a/ldap-automount.h b/ldap-automount.h index 8a791a8..c77fe17 100644 --- a/ldap-automount.h +++ b/ldap-automount.h @@ -43,10 +43,10 @@ void _nss_ldap_am_context_free(ldap_automount_context_t **pContext); enum nss_status _nss_ldap_am_context_init(const char *mapname, ldap_automount_context_t **pContext); enum nss_status _nss_ldap_setautomntent(const char *mapname, void **context); enum nss_status _nss_ldap_getautomntent(void *context, const char **key, const char **value, - char *buffer, size_t buflen, int *errnop); + char *buffer, size_t buflen, int *errnop); enum nss_status _nss_ldap_endautomntent(void **context); enum nss_status _nss_ldap_getautomntbyname_r(void *private, const char *key, - const char **canon_key, const char **value, - char *buffer, size_t buflen, int *errnop); + const char **canon_key, const char **value, + char *buffer, size_t buflen, int *errnop); #endif /* _LDAP_NSS_LDAP_LDAP_AUTOMOUNT_H */ @@ -27,7 +27,7 @@ #include <port_before.h> #endif -#if defined(HAVE_THREAD_H) && !defined(_AIX) +#if defined(HAVE_THREAD_H) #include <thread.h> #elif defined(HAVE_PTHREAD_H) #include <pthread.h> @@ -33,8 +33,8 @@ struct bootparams static enum nss_status _nss_ldap_parse_bp (LDAPMessage * e, - ldap_state_t * pvt, - void *result, - char *buffer, size_t buflen); + ldap_state_t * pvt, + void *result, + char *buffer, size_t buflen); #endif /* _LDAP_NSS_LDAP_LDAP_BP_H */ diff --git a/ldap-ethers.c b/ldap-ethers.c index ef97233..22ecd71 100644 --- a/ldap-ethers.c +++ b/ldap-ethers.c @@ -27,7 +27,7 @@ #include <port_before.h> #endif -#if defined(HAVE_THREAD_H) && !defined(_AIX) +#if defined(HAVE_THREAD_H) #include <thread.h> #elif defined(HAVE_PTHREAD_H) #include <pthread.h> @@ -79,8 +79,8 @@ static ent_context_t *ether_context = NULL; static enum nss_status _nss_ldap_parse_ether (LDAPMessage * e, - ldap_state_t * pvt, - void *result, char *buffer, size_t buflen) + ldap_state_t * pvt, + void *result, char *buffer, size_t buflen) { struct ether *ether = (struct ether *) result; char *saddr; @@ -88,12 +88,12 @@ _nss_ldap_parse_ether (LDAPMessage * e, struct ether_addr *addr; stat = _nss_ldap_assign_attrval (e, ATM (LM_ETHERS, cn), - ðer->e_name, &buffer, &buflen); + ðer->e_name, &buffer, &buflen); if (stat != NSS_SUCCESS) return stat; stat = _nss_ldap_assign_attrval (e, AT (macAddress), &saddr, - &buffer, &buflen); + &buffer, &buflen); if (stat != NSS_SUCCESS || ((addr = ether_aton (saddr)) == NULL)) return NSS_NOTFOUND; @@ -105,23 +105,23 @@ _nss_ldap_parse_ether (LDAPMessage * e, enum nss_status _nss_ldap_gethostton_r (const char *name, struct ether * result, - char *buffer, size_t buflen, int *errnop) + char *buffer, size_t buflen, int *errnop) { LOOKUP_NAME (name, result, buffer, buflen, errnop, - _nss_ldap_filt_gethostton, LM_ETHERS, _nss_ldap_parse_ether, - LDAP_NSS_BUFLEN_DEFAULT); + _nss_ldap_filt_gethostton, LM_ETHERS, _nss_ldap_parse_ether, + LDAP_NSS_BUFLEN_DEFAULT); } enum nss_status _nss_ldap_getntohost_r (struct ether_addr * addr, struct ether * result, - char *buffer, size_t buflen, int *errnop) + char *buffer, size_t buflen, int *errnop) { /* The correct ether_ntoa call would have a struct ether instead of whatever result->e_addr is */ LOOKUP_NAME (ether_ntoa ((struct ether_addr *) (&result->e_addr)), result, - buffer, buflen, errnop, _nss_ldap_filt_getntohost, LM_ETHERS, - _nss_ldap_parse_ether, LDAP_NSS_BUFLEN_DEFAULT); + buffer, buflen, errnop, _nss_ldap_filt_getntohost, LM_ETHERS, + _nss_ldap_parse_ether, LDAP_NSS_BUFLEN_DEFAULT); } enum nss_status _nss_ldap_setetherent (void) @@ -136,9 +136,9 @@ _nss_ldap_getntohost_r (struct ether_addr * addr, struct ether * result, enum nss_status _nss_ldap_getetherent_r (struct ether * result, char *buffer, size_t buflen, - int *errnop) + int *errnop) { LOOKUP_GETENT (ether_context, result, buffer, buflen, errnop, - _nss_ldap_filt_getetherent, LM_ETHERS, - _nss_ldap_parse_ether, LDAP_NSS_BUFLEN_DEFAULT); + _nss_ldap_filt_getetherent, LM_ETHERS, + _nss_ldap_parse_ether, LDAP_NSS_BUFLEN_DEFAULT); } diff --git a/ldap-ethers.h b/ldap-ethers.h index 329209d..f21dddc 100644 --- a/ldap-ethers.h +++ b/ldap-ethers.h @@ -44,19 +44,19 @@ struct ether }; static enum nss_status _nss_ldap_parse_ether (LDAPMessage * e, - ldap_state_t * pvt, - void *result, - char *buffer, size_t buflen); + ldap_state_t * pvt, + void *result, + char *buffer, size_t buflen); /* for the record */ enum nss_status _nss_ldap_gethostton_r (const char *name, struct ether *eth, - char *buffer, size_t buflen, int *errnop); + char *buffer, size_t buflen, int *errnop); enum nss_status _nss_ldap_getntohost_r (struct ether_addr *addr, struct ether *eth, - char *buffer, size_t buflen, int *errnop); + char *buffer, size_t buflen, int *errnop); enum nss_status _nss_ldap_endetherent (void); enum nss_status _nss_ldap_setetherent (void); enum nss_status _nss_ldap_getetherent_r (struct ether *result, char *buffer, - size_t buflen, int *errnop); + size_t buflen, int *errnop); #endif /* _LDAP_NSS_LDAP_LDAP_ETHERS_H */ @@ -27,7 +27,7 @@ #include <port_before.h> #endif -#if defined(HAVE_THREAD_H) && !defined(_AIX) +#if defined(HAVE_THREAD_H) #include <thread.h> #elif defined(HAVE_PTHREAD_H) #include <pthread.h> @@ -95,7 +95,7 @@ ng_chase_backlink (const char ** membersOf, ldap_initgroups_args_t * lia); static enum nss_status do_parse_range (const char *attributeType, - const char *attributeDescription, int *start, int *end) + const char *attributeDescription, int *start, int *end) { enum nss_status stat = NSS_NOTFOUND; char *attribute; @@ -140,35 +140,35 @@ do_parse_range (const char *attributeType, char *q; if (p == attribute) - { - if (strcasecmp (p, attributeType) != 0) - { - free (attribute); - return NSS_NOTFOUND; - } - } + { + if (strcasecmp (p, attributeType) != 0) + { + free (attribute); + return NSS_NOTFOUND; + } + } else if (strncasecmp (p, "range=", sizeof ("range=") - 1) == 0) - { - p += sizeof ("range=") - 1; - - q = strchr (p, '-'); - if (q == NULL) - { - free (attribute); - return NSS_NOTFOUND; - } - - *q++ = '\0'; - - *start = strtoul (p, (char **) NULL, 10); - if (strcmp (q, "*") == 0) - *end = -1; - else - *end = strtoul (q, (char **) NULL, 10); - - stat = NSS_SUCCESS; - break; - } + { + p += sizeof ("range=") - 1; + + q = strchr (p, '-'); + if (q == NULL) + { + free (attribute); + return NSS_NOTFOUND; + } + + *q++ = '\0'; + + *start = strtoul (p, (char **) NULL, 10); + if (strcmp (q, "*") == 0) + *end = -1; + else + *end = strtoul (q, (char **) NULL, 10); + + stat = NSS_SUCCESS; + break; + } } free (attribute); @@ -177,8 +177,8 @@ do_parse_range (const char *attributeType, static enum nss_status do_get_range_values (LDAPMessage * e, - const char *attributeType, - int *start, int *end, char ***pGroupMembers) + const char *attributeType, + int *start, int *end, char ***pGroupMembers) { enum nss_status stat = NSS_NOTFOUND; BerElement *ber = NULL; @@ -191,26 +191,26 @@ do_get_range_values (LDAPMessage * e, { stat = do_parse_range (attributeType, attribute, start, end); if (stat == NSS_SUCCESS) - { - *pGroupMembers = _nss_ldap_get_values (e, attribute); - if (*pGroupMembers == NULL) - { - stat = NSS_NOTFOUND; - } - else if ((*pGroupMembers)[0] == NULL) - { - ldap_value_free (*pGroupMembers); - *pGroupMembers = NULL; - stat = NSS_NOTFOUND; - } - } + { + *pGroupMembers = _nss_ldap_get_values (e, attribute); + if (*pGroupMembers == NULL) + { + stat = NSS_NOTFOUND; + } + else if ((*pGroupMembers)[0] == NULL) + { + ldap_value_free (*pGroupMembers); + *pGroupMembers = NULL; + stat = NSS_NOTFOUND; + } + } #ifdef HAVE_LDAP_MEMFREE ldap_memfree (attribute); #endif if (stat == NSS_SUCCESS) - break; + break; } if (ber != NULL) @@ -221,15 +221,15 @@ do_get_range_values (LDAPMessage * e, /* * Format an attribute with description as: - * attribute;range=START-END + * attribute;range=START-END */ static enum nss_status do_construct_range_attribute (const char *attribute, - int start, - int end, - char **buffer, - size_t * buflen, - const char **pAttributeWithRange) + int start, + int end, + char **buffer, + size_t * buflen, + const char **pAttributeWithRange) { size_t len; char startbuf[32], endbuf[32]; @@ -243,7 +243,7 @@ do_construct_range_attribute (const char *attribute, len = strlen (attribute) + sizeof (";range=") - 1; len += strlen (startbuf) + 1 /* - */ + strlen (endbuf); - len++; /* \0 */ + len++; /* \0 */ if (*buflen < len) return NSS_TRYAGAIN; @@ -263,13 +263,13 @@ do_construct_range_attribute (const char *attribute, */ static enum nss_status do_parse_group_members (LDAPMessage * e, - char ***pGroupMembers, - size_t * pGroupMembersCount, - size_t * pGroupMembersBufferSize, - int *pGroupMembersBufferIsMalloced, - char **buffer, size_t * buflen, - int *depth, - struct name_list **pKnownGroups) /* traversed groups */ + char ***pGroupMembers, + size_t * pGroupMembersCount, + size_t * pGroupMembersBufferSize, + int *pGroupMembersBufferIsMalloced, + char **buffer, size_t * buflen, + int *depth, + struct name_list **pKnownGroups) /* traversed groups */ { enum nss_status stat = NSS_SUCCESS; char **dnValues = NULL; @@ -294,7 +294,7 @@ do_parse_group_members (LDAPMessage * e, return NSS_NOTFOUND; } - i = *pGroupMembersCount; /* index of next member */ + i = *pGroupMembersCount; /* index of next member */ groupMembers = *pGroupMembers; groupdn = _nss_ldap_get_dn (e); @@ -320,24 +320,24 @@ do_parse_group_members (LDAPMessage * e, do { if (e == NULL) - { - stat = NSS_NOTFOUND; - goto out; - } + { + stat = NSS_NOTFOUND; + goto out; + } - groupMembersCount = 0; /* number of members in this group */ + groupMembersCount = 0; /* number of members in this group */ (void) do_get_range_values (e, uniquemember_attrs[0], &start, &end, &dnValues); if (dnValues != NULL) - { - groupMembersCount += ldap_count_values (dnValues); - } + { + groupMembersCount += ldap_count_values (dnValues); + } uidValues = _nss_ldap_get_values (e, ATM (LM_GROUP, memberUid)); if (uidValues != NULL) - { - groupMembersCount += ldap_count_values (uidValues); - } + { + groupMembersCount += ldap_count_values (uidValues); + } /* * Check whether we need to increase the group membership buffer. @@ -345,148 +345,148 @@ do_parse_group_members (LDAPMessage * e, * the stack */ if ((i + groupMembersCount) * sizeof (char *) >= - *pGroupMembersBufferSize) - { - *pGroupMembersBufferSize = - (i + groupMembersCount + 1) * sizeof (char *); - *pGroupMembersBufferSize += - (LDAP_NSS_NGROUPS * sizeof (char *)) - 1; - *pGroupMembersBufferSize -= - (*pGroupMembersBufferSize % - (LDAP_NSS_NGROUPS * sizeof (char *))); - - if (*pGroupMembersBufferIsMalloced == 0) - { - groupMembers = *pGroupMembers; - *pGroupMembers = NULL; /* force malloc() */ - } - - *pGroupMembers = - (char **) realloc (*pGroupMembers, *pGroupMembersBufferSize); - if (*pGroupMembers == NULL) - { - *pGroupMembersBufferIsMalloced = 0; /* don't try to free */ - stat = NSS_TRYAGAIN; - goto out; - } - - if (*pGroupMembersBufferIsMalloced == 0) - { - memcpy (*pGroupMembers, groupMembers, i * sizeof (char *)); - groupMembers = NULL; /* defensive programming */ - *pGroupMembersBufferIsMalloced = 1; - } - } + *pGroupMembersBufferSize) + { + *pGroupMembersBufferSize = + (i + groupMembersCount + 1) * sizeof (char *); + *pGroupMembersBufferSize += + (LDAP_NSS_NGROUPS * sizeof (char *)) - 1; + *pGroupMembersBufferSize -= + (*pGroupMembersBufferSize % + (LDAP_NSS_NGROUPS * sizeof (char *))); + + if (*pGroupMembersBufferIsMalloced == 0) + { + groupMembers = *pGroupMembers; + *pGroupMembers = NULL; /* force malloc() */ + } + + *pGroupMembers = + (char **) realloc (*pGroupMembers, *pGroupMembersBufferSize); + if (*pGroupMembers == NULL) + { + *pGroupMembersBufferIsMalloced = 0; /* don't try to free */ + stat = NSS_TRYAGAIN; + goto out; + } + + if (*pGroupMembersBufferIsMalloced == 0) + { + memcpy (*pGroupMembers, groupMembers, i * sizeof (char *)); + groupMembers = NULL; /* defensive programming */ + *pGroupMembersBufferIsMalloced = 1; + } + } groupMembers = *pGroupMembers; /* Parse distinguished name members */ if (dnValues != NULL) - { - for (valiter = dnValues; *valiter != NULL; valiter++) - { - LDAPMessage *res; - enum nss_status parseStat; - int isNestedGroup = 0; - char *uid; - - uid = strrchr (*valiter, '#'); - if (uid != NULL) - { - *uid = '\0'; - } - - parseStat = _nss_ldap_dn2uid (*valiter, &groupMembers[i], - buffer, buflen, &isNestedGroup, - &res); - if (parseStat == NSS_SUCCESS) - { - if (isNestedGroup == 0) - { - /* just a normal user which we have flattened */ - i++; - continue; - } - - (*depth)++; - parseStat = - do_parse_group_members (_nss_ldap_first_entry (res), - &groupMembers, &i, - pGroupMembersBufferSize, - pGroupMembersBufferIsMalloced, - buffer, buflen, depth, - pKnownGroups); - (*depth)--; - - if (parseStat == NSS_TRYAGAIN) - { - stat = NSS_TRYAGAIN; - goto out; - } - - ldap_msgfree (res); - } - else if (parseStat == NSS_TRYAGAIN) - { - stat = NSS_TRYAGAIN; - goto out; - } - } - } + { + for (valiter = dnValues; *valiter != NULL; valiter++) + { + LDAPMessage *res; + enum nss_status parseStat; + int isNestedGroup = 0; + char *uid; + + uid = strrchr (*valiter, '#'); + if (uid != NULL) + { + *uid = '\0'; + } + + parseStat = _nss_ldap_dn2uid (*valiter, &groupMembers[i], + buffer, buflen, &isNestedGroup, + &res); + if (parseStat == NSS_SUCCESS) + { + if (isNestedGroup == 0) + { + /* just a normal user which we have flattened */ + i++; + continue; + } + + (*depth)++; + parseStat = + do_parse_group_members (_nss_ldap_first_entry (res), + &groupMembers, &i, + pGroupMembersBufferSize, + pGroupMembersBufferIsMalloced, + buffer, buflen, depth, + pKnownGroups); + (*depth)--; + + if (parseStat == NSS_TRYAGAIN) + { + stat = NSS_TRYAGAIN; + goto out; + } + + ldap_msgfree (res); + } + else if (parseStat == NSS_TRYAGAIN) + { + stat = NSS_TRYAGAIN; + goto out; + } + } + } /* Parse RFC 2307 (flat) members */ if (uidValues != NULL) - { - for (valiter = uidValues; *valiter != NULL; valiter++) - { - size_t len = strlen (*valiter) + 1; - if (*buflen < len) - { - stat = NSS_TRYAGAIN; - goto out; - } - groupMembers[i] = *buffer; - *buffer += len; - *buflen -= len; - - memcpy (groupMembers[i++], *valiter, len); - } - } + { + for (valiter = uidValues; *valiter != NULL; valiter++) + { + size_t len = strlen (*valiter) + 1; + if (*buflen < len) + { + stat = NSS_TRYAGAIN; + goto out; + } + groupMembers[i] = *buffer; + *buffer += len; + *buflen -= len; + + memcpy (groupMembers[i++], *valiter, len); + } + } /* Get next range for Active Directory compat */ if (end != -1) - { - stat = do_construct_range_attribute (uniquemember_attr, - end + 1, - -1, - buffer, - buflen, - &uniquemember_attrs[0]); - if (stat == NSS_SUCCESS) - { - if (dnValues != NULL) - { - ldap_value_free (dnValues); - dnValues = NULL; - } - if (uidValues != NULL) - { - ldap_value_free (uidValues); - uidValues = NULL; - } - if (res != NULL) - { - ldap_msgfree (res); - res = NULL; - } - - stat = _nss_ldap_read (groupdn, uniquemember_attrs, &res); - if (stat != NSS_SUCCESS) - goto out; - - e = _nss_ldap_first_entry (res); - } - } + { + stat = do_construct_range_attribute (uniquemember_attr, + end + 1, + -1, + buffer, + buflen, + &uniquemember_attrs[0]); + if (stat == NSS_SUCCESS) + { + if (dnValues != NULL) + { + ldap_value_free (dnValues); + dnValues = NULL; + } + if (uidValues != NULL) + { + ldap_value_free (uidValues); + uidValues = NULL; + } + if (res != NULL) + { + ldap_msgfree (res); + res = NULL; + } + + stat = _nss_ldap_read (groupdn, uniquemember_attrs, &res); + if (stat != NSS_SUCCESS) + goto out; + + e = _nss_ldap_first_entry (res); + } + } } while (end != -1); @@ -516,9 +516,9 @@ out: */ static enum nss_status do_fix_group_members_buffer (char **mallocedGroupMembers, - size_t groupMembersCount, - char ***pGroupMembers, - char **buffer, size_t * buflen) + size_t groupMembersCount, + char ***pGroupMembers, + char **buffer, size_t * buflen) { size_t len; @@ -535,7 +535,7 @@ do_fix_group_members_buffer (char **mallocedGroupMembers, *buflen -= len; memcpy (*pGroupMembers, mallocedGroupMembers, - groupMembersCount * sizeof (char *)); + groupMembersCount * sizeof (char *)); (*pGroupMembers)[groupMembersCount] = NULL; return NSS_SUCCESS; @@ -543,8 +543,8 @@ do_fix_group_members_buffer (char **mallocedGroupMembers, static enum nss_status _nss_ldap_parse_gr (LDAPMessage * e, - ldap_state_t * pvt, - void *result, char *buffer, size_t buflen) + ldap_state_t * pvt, + void *result, char *buffer, size_t buflen) { struct group *gr = (struct group *) result; char *gid; @@ -559,24 +559,24 @@ _nss_ldap_parse_gr (LDAPMessage * e, stat = _nss_ldap_assign_attrval (e, ATM (LM_GROUP, gidNumber), &gid, &buffer, - &buflen); + &buflen); if (stat != NSS_SUCCESS) return stat; gr->gr_gid = (*gid == '\0') ? (unsigned) GID_NOBODY : (gid_t) strtoul (gid, - (char **) NULL, - 10); + (char **) NULL, + 10); stat = _nss_ldap_getrdnvalue (e, ATM (LM_GROUP, cn), &gr->gr_name, &buffer, - &buflen); + &buflen); if (stat != NSS_SUCCESS) return stat; stat = _nss_ldap_assign_userpassword (e, ATM (LM_GROUP, userPassword), - &gr->gr_passwd, &buffer, &buflen); + &gr->gr_passwd, &buffer, &buflen); if (stat != NSS_SUCCESS) return stat; @@ -589,29 +589,29 @@ _nss_ldap_parse_gr (LDAPMessage * e, depth = 0; stat = do_parse_group_members (e, &groupMembers, &groupMembersCount, - &groupMembersBufferSize, - &groupMembersBufferIsMalloced, &buffer, - &buflen, &depth, &knownGroups); + &groupMembersBufferSize, + &groupMembersBufferIsMalloced, &buffer, + &buflen, &depth, &knownGroups); if (stat != NSS_SUCCESS) - { - if (groupMembersBufferIsMalloced) - free (groupMembers); - _nss_ldap_namelist_destroy (&knownGroups); - return stat; - } + { + if (groupMembersBufferIsMalloced) + free (groupMembers); + _nss_ldap_namelist_destroy (&knownGroups); + return stat; + } stat = do_fix_group_members_buffer (groupMembers, groupMembersCount, - &gr->gr_mem, &buffer, &buflen); + &gr->gr_mem, &buffer, &buflen); if (groupMembersBufferIsMalloced) - free (groupMembers); + free (groupMembers); _nss_ldap_namelist_destroy (&knownGroups); } else { stat = - _nss_ldap_assign_attrvals (e, ATM (LM_GROUP, memberUid), NULL, - &gr->gr_mem, &buffer, &buflen, NULL); + _nss_ldap_assign_attrvals (e, ATM (LM_GROUP, memberUid), NULL, + &gr->gr_mem, &buffer, &buflen, NULL); } return stat; @@ -624,8 +624,8 @@ _nss_ldap_parse_gr (LDAPMessage * e, */ static enum nss_status do_parse_initgroups (LDAPMessage * e, - ldap_state_t * pvt, void *result, - char *buffer, size_t buflen) + ldap_state_t * pvt, void *result, + char *buffer, size_t buflen) { char **values; ssize_t i; @@ -677,20 +677,20 @@ do_parse_initgroups (LDAPMessage * e, if (lia->limit > 0) { if (*(lia->start) >= lia->limit) - { - /* can't fit any more */ - return NSS_TRYAGAIN; - } + { + /* can't fit any more */ + return NSS_TRYAGAIN; + } } if (*(lia->start) == *(lia->size)) { /* Need a bigger buffer */ *(lia->groups) = (gid_t *) realloc (*(lia->groups), - 2 * *(lia->size) * sizeof (gid_t)); + 2 * *(lia->size) * sizeof (gid_t)); if (*(lia->groups) == NULL) - { - return NSS_TRYAGAIN; - } + { + return NSS_TRYAGAIN; + } *(lia->size) *= 2; } @@ -698,9 +698,9 @@ do_parse_initgroups (LDAPMessage * e, for (i = 0; i < *(lia->start); i++) { if ((*(lia->groups))[i] == gid) - { - return NSS_NOTFOUND; - } + { + return NSS_NOTFOUND; + } } /* add to group list */ @@ -713,8 +713,8 @@ do_parse_initgroups (LDAPMessage * e, static enum nss_status do_parse_initgroups_nested (LDAPMessage * e, - ldap_state_t * pvt, void *result, - char *buffer, size_t buflen) + ldap_state_t * pvt, void *result, + char *buffer, size_t buflen) { enum nss_status stat; ldap_initgroups_args_t *lia = (ldap_initgroups_args_t *) result; @@ -740,17 +740,17 @@ do_parse_initgroups_nested (LDAPMessage * e, */ values = _nss_ldap_get_values (e, ATM (LM_GROUP, memberOf)); if (values != NULL) - { - enum nss_status stat; + { + enum nss_status stat; - lia->depth++; - stat = ng_chase_backlink ((const char **)values, lia); - lia->depth--; + lia->depth++; + stat = ng_chase_backlink ((const char **)values, lia); + lia->depth--; - ldap_value_free (values); + ldap_value_free (values); - return stat; - } + return stat; + } } else { @@ -759,18 +759,18 @@ do_parse_initgroups_nested (LDAPMessage * e, */ groupdn = _nss_ldap_get_dn (e); if (groupdn != NULL) - { - enum nss_status stat; + { + enum nss_status stat; - lia->depth++; - stat = ng_chase (groupdn, lia); - lia->depth--; + lia->depth++; + stat = ng_chase (groupdn, lia); + lia->depth--; #ifdef HAVE_LDAP_MEMFREE - ldap_memfree (groupdn); + ldap_memfree (groupdn); #else - free (groupdn); + free (groupdn); #endif - } + } } return stat; @@ -804,9 +804,9 @@ ng_chase (const char *dn, ldap_initgroups_args_t * lia) } stat = _nss_ldap_getent_ex (&a, &ctx, lia, NULL, 0, - &erange, _nss_ldap_filt_getgroupsbydn, - LM_GROUP, gidnumber_attrs, - do_parse_initgroups_nested); + &erange, _nss_ldap_filt_getgroupsbydn, + LM_GROUP, gidnumber_attrs, + do_parse_initgroups_nested); if (stat == NSS_SUCCESS) { @@ -849,7 +849,7 @@ ng_chase_backlink (const char ** membersOf, ldap_initgroups_args_t * lia) for (i = 0; i < memberCount; i++) { if (_nss_ldap_namelist_find (lia->known_groups, membersOf[i])) - continue; + continue; *memberP = membersOf[i]; memberP++; @@ -878,23 +878,23 @@ ng_chase_backlink (const char ** membersOf, ldap_initgroups_args_t * lia) } stat = _nss_ldap_getent_ex (&a, &ctx, lia, NULL, 0, - &erange, "(distinguishedName=%s)", - LM_GROUP, gidnumber_attrs, - do_parse_initgroups_nested); + &erange, "(distinguishedName=%s)", + LM_GROUP, gidnumber_attrs, + do_parse_initgroups_nested); if (stat == NSS_SUCCESS) { enum nss_status stat2; for (memberP = filteredMembersOf; *memberP != NULL; memberP++) - { - stat2 = _nss_ldap_namelist_push (&lia->known_groups, *memberP); - if (stat2 != NSS_SUCCESS) - { - stat = stat2; - break; - } - } + { + stat2 = _nss_ldap_namelist_push (&lia->known_groups, *memberP); + if (stat2 != NSS_SUCCESS) + { + stat = stat2; + break; + } + } } free (filteredMembersOf); @@ -906,25 +906,25 @@ ng_chase_backlink (const char ** membersOf, ldap_initgroups_args_t * lia) } enum nss_status _nss_ldap_initgroups_dyn (const char *user, gid_t group, - long int *start, long int *size, - gid_t ** groupsp, long int limit, - int *errnop); + long int *start, long int *size, + gid_t ** groupsp, long int limit, + int *errnop); enum nss_status _nss_ldap_initgroups (const char *user, gid_t group, long int *start, - long int *size, gid_t * groups, long int limit, - int *errnop) + long int *size, gid_t * groups, long int limit, + int *errnop) { return (_nss_ldap_initgroups_dyn (user, group, start, size, &groups, limit, - errnop)); + errnop)); } -#define NSS_LDAP_INITGROUPS_FUNCTION "_nss_ldap_initgroups_dyn" +#define NSS_LDAP_INITGROUPS_FUNCTION "_nss_ldap_initgroups_dyn" enum nss_status _nss_ldap_initgroups_dyn (const char *user, gid_t group, long int *start, - long int *size, gid_t ** groupsp, long int limit, - int *errnop) + long int *size, gid_t ** groupsp, long int limit, + int *errnop) { ldap_initgroups_args_t lia; int erange = 0; @@ -1001,35 +1001,35 @@ _nss_ldap_initgroups_dyn (const char *user, gid_t group, long int *start, else { if (_nss_ldap_test_config_flag (NSS_LDAP_FLAGS_RFC2307BIS)) - { - /* lookup the user's DN. */ - stat = _nss_ldap_search_s (&a, _nss_ldap_filt_getpwnam, LM_PASSWD, - no_attrs, 1, &res); - if (stat == NSS_SUCCESS) - { - e = _nss_ldap_first_entry (res); - if (e != NULL) - { - userdn = _nss_ldap_get_dn (e); - } - ldap_msgfree (res); - } - } + { + /* lookup the user's DN. */ + stat = _nss_ldap_search_s (&a, _nss_ldap_filt_getpwnam, LM_PASSWD, + no_attrs, 1, &res); + if (stat == NSS_SUCCESS) + { + e = _nss_ldap_first_entry (res); + if (e != NULL) + { + userdn = _nss_ldap_get_dn (e); + } + ldap_msgfree (res); + } + } else - { - userdn = NULL; - } + { + userdn = NULL; + } if (userdn != NULL) - { - LA_STRING2 (a) = userdn; - LA_TYPE (a) = LA_TYPE_STRING_AND_STRING; - filter = _nss_ldap_filt_getgroupsbymemberanddn; - } + { + LA_STRING2 (a) = userdn; + LA_TYPE (a) = LA_TYPE_STRING_AND_STRING; + filter = _nss_ldap_filt_getgroupsbymemberanddn; + } else - { - filter = _nss_ldap_filt_getgroupsbymember; - } + { + filter = _nss_ldap_filt_getgroupsbymember; + } gidnumber_attrs[0] = ATM (LM_GROUP, gidNumber); gidnumber_attrs[1] = NULL; @@ -1047,11 +1047,11 @@ _nss_ldap_initgroups_dyn (const char *user, gid_t group, long int *start, } stat = _nss_ldap_getent_ex (&a, &ctx, (void *) &lia, NULL, 0, - errnop, - filter, - map, - gidnumber_attrs, - do_parse_initgroups_nested); + errnop, + filter, + map, + gidnumber_attrs, + do_parse_initgroups_nested); if (userdn != NULL) { @@ -1076,7 +1076,7 @@ _nss_ldap_initgroups_dyn (const char *user, gid_t group, long int *start, { debug ("<== " NSS_LDAP_INITGROUPS_FUNCTION " (not found)"); if (erange) - errno = ERANGE; + errno = ERANGE; #ifndef HAVE_USERSEC_H return stat; #else @@ -1091,20 +1091,20 @@ _nss_ldap_initgroups_dyn (const char *user, gid_t group, long int *start, enum nss_status _nss_ldap_getgrnam_r (const char *name, - struct group * result, - char *buffer, size_t buflen, int *errnop) + struct group * result, + char *buffer, size_t buflen, int *errnop) { LOOKUP_NAME (name, result, buffer, buflen, errnop, _nss_ldap_filt_getgrnam, - LM_GROUP, _nss_ldap_parse_gr, LDAP_NSS_BUFLEN_GROUP); + LM_GROUP, _nss_ldap_parse_gr, LDAP_NSS_BUFLEN_GROUP); } enum nss_status _nss_ldap_getgrgid_r (gid_t gid, - struct group *result, - char *buffer, size_t buflen, int *errnop) + struct group *result, + char *buffer, size_t buflen, int *errnop) { LOOKUP_NUMBER (gid, result, buffer, buflen, errnop, _nss_ldap_filt_getgrgid, - LM_GROUP, _nss_ldap_parse_gr, LDAP_NSS_BUFLEN_GROUP); + LM_GROUP, _nss_ldap_parse_gr, LDAP_NSS_BUFLEN_GROUP); } enum nss_status _nss_ldap_setgrent (void) @@ -1119,9 +1119,9 @@ enum nss_status _nss_ldap_endgrent (void) enum nss_status _nss_ldap_getgrent_r (struct group *result, - char *buffer, size_t buflen, int *errnop) + char *buffer, size_t buflen, int *errnop) { LOOKUP_GETENT (gr_context, result, buffer, buflen, errnop, - _nss_ldap_filt_getgrent, LM_GROUP, _nss_ldap_parse_gr, - LDAP_NSS_BUFLEN_GROUP); + _nss_ldap_filt_getgrent, LM_GROUP, _nss_ldap_parse_gr, + LDAP_NSS_BUFLEN_GROUP); } @@ -25,8 +25,8 @@ #define _LDAP_NSS_LDAP_LDAP_GRP_H static enum nss_status _nss_ldap_parse_gr (LDAPMessage * e, - ldap_state_t * pvt, - void *result, - char *buffer, size_t buflen); + ldap_state_t * pvt, + void *result, + char *buffer, size_t buflen); #endif /* _LDAP_NSS_LDAP_LDAP_GRP_H */ diff --git a/ldap-hosts.c b/ldap-hosts.c index 66aaa10..00b9008 100644 --- a/ldap-hosts.c +++ b/ldap-hosts.c @@ -27,7 +27,7 @@ #include <port_before.h> #endif -#if defined(HAVE_THREAD_H) && !defined(_AIX) +#if defined(HAVE_THREAD_H) #include <thread.h> #elif defined(HAVE_PTHREAD_H) #include <pthread.h> @@ -70,36 +70,36 @@ static ent_context_t *hosts_context = NULL; static enum nss_status _nss_ldap_parse_hostv4 (LDAPMessage * e, - ldap_state_t * pvt, - void *result, char *buffer, size_t buflen) + ldap_state_t * pvt, + void *result, char *buffer, size_t buflen) { return _nss_ldap_parse_host (e, pvt, result, buffer, buflen, - AF_INET); + AF_INET); } #ifdef INET6 static enum nss_status _nss_ldap_parse_hostv6 (LDAPMessage * e, - ldap_state_t * pvt, - void *result, char *buffer, size_t buflen) + ldap_state_t * pvt, + void *result, char *buffer, size_t buflen) { return _nss_ldap_parse_host (e, pvt, result, buffer, buflen, - AF_INET6); + AF_INET6); } #endif static enum nss_status _nss_ldap_parse_host (LDAPMessage * e, - ldap_state_t * pvt, - void *result, char *buffer, size_t buflen, - int af) + ldap_state_t * pvt, + void *result, char *buffer, size_t buflen, + int af) { /* this code needs reviewing. XXX */ struct hostent *host = (struct hostent *) result; enum nss_status stat; #ifdef INET6 char addressbuf[sizeof ("ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255") * - MAXALIASES]; + MAXALIASES]; #else char addressbuf[sizeof ("255.255.255.255") * MAXALIASES]; #endif @@ -113,7 +113,7 @@ _nss_ldap_parse_host (LDAPMessage * e, *addressbuf = *buffer = '\0'; stat = _nss_ldap_assign_attrval (e, ATM (LM_HOSTS, cn), &host->h_name, - &buffer, &buflen); + &buffer, &buflen); if (stat != NSS_SUCCESS) return stat; @@ -125,7 +125,7 @@ _nss_ldap_parse_host (LDAPMessage * e, stat = _nss_ldap_assign_attrvals (e, AT (ipHostNumber), NULL, &addresses, - &p_addressbuf, &addresslen, &addresscount); + &p_addressbuf, &addresslen, &addresscount); if (stat != NSS_SUCCESS) return stat; if (addresscount == 0) @@ -135,14 +135,14 @@ _nss_ldap_parse_host (LDAPMessage * e, if (af == AF_INET6) { if (bytesleft (buffer, buflen, char *) < - (size_t) ((addresscount + 1) * IN6ADDRSZ)) - return NSS_TRYAGAIN; + (size_t) ((addresscount + 1) * IN6ADDRSZ)) + return NSS_TRYAGAIN; } else { if (bytesleft (buffer, buflen, char *) < - (size_t) ((addresscount + 1) * INADDRSZ)) - return NSS_TRYAGAIN; + (size_t) ((addresscount + 1) * INADDRSZ)) + return NSS_TRYAGAIN; } #else if (bytesleft (buffer, buflen, char *) < @@ -173,29 +173,29 @@ _nss_ldap_parse_host (LDAPMessage * e, /* from glibc NIS parser. Thanks, Uli. */ if (af == AF_INET && inet_pton (AF_INET, addr, entdata) > 0) - { - if (_res.options & RES_USE_INET6) - { - map_v4v6_address ((char *) entdata, - (char *) entdata); - host->h_addrtype = AF_INET6; - host->h_length = IN6ADDRSZ; - } - else - { - host->h_addrtype = AF_INET; - host->h_length = INADDRSZ; - } - } + { + if (_res.options & RES_USE_INET6) + { + map_v4v6_address ((char *) entdata, + (char *) entdata); + host->h_addrtype = AF_INET6; + host->h_length = IN6ADDRSZ; + } + else + { + host->h_addrtype = AF_INET; + host->h_length = INADDRSZ; + } + } else if (af == AF_INET6 - && inet_pton (AF_INET6, addr, entdata) > 0) - { - host->h_addrtype = AF_INET6; - host->h_length = IN6ADDRSZ; - } + && inet_pton (AF_INET6, addr, entdata) > 0) + { + host->h_addrtype = AF_INET6; + host->h_length = IN6ADDRSZ; + } else - /* Illegal address: ignore line. */ - continue; + /* Illegal address: ignore line. */ + continue; #else unsigned long haddr; @@ -203,7 +203,7 @@ _nss_ldap_parse_host (LDAPMessage * e, #endif if (buflen < (size_t) host->h_length) - return NSS_TRYAGAIN; + return NSS_TRYAGAIN; #ifdef INET6 memcpy (buffer, entdata, host->h_length); @@ -233,8 +233,8 @@ _nss_ldap_parse_host (LDAPMessage * e, enum nss_status _nss_ldap_gethostbyname2_r (const char *name, int af, struct hostent * result, - char *buffer, size_t buflen, int *errnop, - int *h_errnop) + char *buffer, size_t buflen, int *errnop, + int *h_errnop) { enum nss_status status; ldap_args_t a; @@ -244,17 +244,17 @@ _nss_ldap_gethostbyname2_r (const char *name, int af, struct hostent * result, LA_TYPE (a) = LA_TYPE_STRING; status = _nss_ldap_getbyname (&a, - result, - buffer, - buflen, - errnop, - _nss_ldap_filt_gethostbyname, - LM_HOSTS, + result, + buffer, + buflen, + errnop, + _nss_ldap_filt_gethostbyname, + LM_HOSTS, #ifdef INET6 - (af == AF_INET6) ? - _nss_ldap_parse_hostv6 : + (af == AF_INET6) ? + _nss_ldap_parse_hostv6 : #endif - _nss_ldap_parse_hostv4); + _nss_ldap_parse_hostv4); MAP_H_ERRNO (status, *h_errnop); @@ -263,22 +263,22 @@ _nss_ldap_gethostbyname2_r (const char *name, int af, struct hostent * result, enum nss_status _nss_ldap_gethostbyname_r (const char *name, struct hostent * result, - char *buffer, size_t buflen, int *errnop, - int *h_errnop) + char *buffer, size_t buflen, int *errnop, + int *h_errnop) { return _nss_ldap_gethostbyname2_r (name, #ifdef INET6 - (_res.options & RES_USE_INET6) ? - AF_INET6 : + (_res.options & RES_USE_INET6) ? + AF_INET6 : #endif - AF_INET, result, buffer, buflen, - errnop, h_errnop); + AF_INET, result, buffer, buflen, + errnop, h_errnop); } enum nss_status _nss_ldap_gethostbyaddr_r (struct in_addr * addr, int len, int type, - struct hostent * result, char *buffer, - size_t buflen, int *errnop, int *h_errnop) + struct hostent * result, char *buffer, + size_t buflen, int *errnop, int *h_errnop) { enum nss_status status; ldap_args_t a; @@ -293,17 +293,17 @@ _nss_ldap_gethostbyaddr_r (struct in_addr * addr, int len, int type, LA_TYPE (a) = LA_TYPE_STRING; status = _nss_ldap_getbyname (&a, - result, - buffer, - buflen, - errnop, - _nss_ldap_filt_gethostbyaddr, - LM_HOSTS, + result, + buffer, + buflen, + errnop, + _nss_ldap_filt_gethostbyaddr, + LM_HOSTS, #ifdef INET6 - (type == AF_INET6) ? - _nss_ldap_parse_hostv6 : + (type == AF_INET6) ? + _nss_ldap_parse_hostv6 : #endif - _nss_ldap_parse_hostv4); + _nss_ldap_parse_hostv4); MAP_H_ERRNO (status, *h_errnop); @@ -322,21 +322,21 @@ _nss_ldap_gethostbyaddr_r (struct in_addr * addr, int len, int type, enum nss_status _nss_ldap_gethostent_r (struct hostent * result, char *buffer, size_t buflen, - int *errnop, int *h_errnop) + int *errnop, int *h_errnop) { enum nss_status status; status = _nss_ldap_getent (&hosts_context, - result, - buffer, - buflen, - errnop, - _nss_ldap_filt_gethostent, LM_HOSTS, + result, + buffer, + buflen, + errnop, + _nss_ldap_filt_gethostent, LM_HOSTS, #ifdef INET6 - (_res.options & RES_USE_INET6) ? - _nss_ldap_parse_hostv6 : + (_res.options & RES_USE_INET6) ? + _nss_ldap_parse_hostv6 : #endif - _nss_ldap_parse_hostv4); + _nss_ldap_parse_hostv4); MAP_H_ERRNO (status, *h_errnop); diff --git a/ldap-hosts.h b/ldap-hosts.h index f0a2889..9ec22b7 100644 --- a/ldap-hosts.h +++ b/ldap-hosts.h @@ -32,8 +32,8 @@ */ static enum nss_status _nss_ldap_parse_host (LDAPMessage * e, - ldap_state_t * pvt, - void *result, - char *buffer, size_t buflen, int af); + ldap_state_t * pvt, + void *result, + char *buffer, size_t buflen, int af); #endif /* _LDAP_NSS_LDAP_LDAP_HOSTS_H */ diff --git a/ldap-netgrp.c b/ldap-netgrp.c index c17ba02..7d59479 100644 --- a/ldap-netgrp.c +++ b/ldap-netgrp.c @@ -32,7 +32,7 @@ #include <port_before.h> #endif -#if defined(HAVE_THREAD_H) && !defined(_AIX) +#if defined(HAVE_THREAD_H) #include <thread.h> #elif defined(HAVE_PTHREAD_H) #include <pthread.h> @@ -167,23 +167,23 @@ _nss_ldap_parse_netgr (void *vresultp, char *buffer, size_t buflen) char *name = cp; while (*cp != '\0' && !isspace ((int) *cp)) - ++cp; + ++cp; if (name != cp) - { - /* It is another netgroup name. */ - int last = *cp == '\0'; - - result->type = group_val; - result->val.group = name; - *cp = '\0'; - if (!last) - ++cp; - result->cursor = cp; - result->first = 0; - - return NSS_SUCCESS; - } + { + /* It is another netgroup name. */ + int last = *cp == '\0'; + + result->type = group_val; + result->val.group = name; + *cp = '\0'; + if (!last) + ++cp; + result->cursor = cp; + result->first = 0; + + return NSS_SUCCESS; + } return result->first ? NSS_NOTFOUND : NSS_RETURN; } @@ -232,8 +232,8 @@ _nss_ldap_parse_netgr (void *vresultp, char *buffer, size_t buflen) static enum nss_status _nss_ldap_load_netgr (LDAPMessage * e, - ldap_state_t * pvt, - void *vresultp, char *buffer, size_t buflen) + ldap_state_t * pvt, + void *vresultp, char *buffer, size_t buflen) { int attr; int nvals; @@ -246,47 +246,47 @@ _nss_ldap_load_netgr (LDAPMessage * e, for (attr = 0; attr < 2; attr++) { switch (attr) - { - case 1: - vals = _nss_ldap_get_values (e, AT (nisNetgroupTriple)); - break; - default: - vals = _nss_ldap_get_values (e, AT (memberNisNetgroup)); - break; - } + { + case 1: + vals = _nss_ldap_get_values (e, AT (nisNetgroupTriple)); + break; + default: + vals = _nss_ldap_get_values (e, AT (memberNisNetgroup)); + break; + } nvals = ldap_count_values (vals); if (vals == NULL) - continue; + continue; if (nvals == 0) - { - ldap_value_free (vals); - continue; - } + { + ldap_value_free (vals); + continue; + } if (result->data_size > 0 - && result->cursor - result->data + 1 > result->data_size) - EXPAND (1); + && result->cursor - result->data + 1 > result->data_size) + EXPAND (1); if (result->data_size > 0) - *result->cursor++ = ' '; + *result->cursor++ = ' '; valcount += nvals; valiter = vals; while (*valiter != NULL) - { - int curlen = strlen (*valiter); - if (result->cursor - result->data + curlen + 1 > result->data_size) - EXPAND (curlen + 1); - memcpy (result->cursor, *valiter, curlen + 1); - result->cursor += curlen; - valiter++; - if (*valiter != NULL) - *result->cursor++ = ' '; - } + { + int curlen = strlen (*valiter); + if (result->cursor - result->data + curlen + 1 > result->data_size) + EXPAND (curlen + 1); + memcpy (result->cursor, *valiter, curlen + 1); + result->cursor += curlen; + valiter++; + if (*valiter != NULL) + *result->cursor++ = ' '; + } ldap_value_free (vals); } @@ -334,15 +334,15 @@ _nss_ldap_setnetgrent (char *group, struct __netgrent *result) stat = _nss_ldap_getbyname (&a, result, buffer, buflen, &errnop, - _nss_ldap_filt_getnetgrent, LM_NETGROUP, - _nss_ldap_load_netgr); + _nss_ldap_filt_getnetgrent, LM_NETGROUP, + _nss_ldap_load_netgr); LOOKUP_SETENT (_ngbe); } enum nss_status _nss_ldap_getnetgrent_r (struct __netgrent *result, - char *buffer, size_t buflen, int *errnop) + char *buffer, size_t buflen, int *errnop) { return _nss_ldap_parse_netgr (result, buffer, buflen); } diff --git a/ldap-netgrp.h b/ldap-netgrp.h index 0f89492..32a207d 100644 --- a/ldap-netgrp.h +++ b/ldap-netgrp.h @@ -26,7 +26,7 @@ static enum nss_status _nss_ldap_parse_netgr (void *result, - char *buffer, size_t buflen); + char *buffer, size_t buflen); #endif /* _LDAP_NSS_LDAP_LDAP_NETGRP_H */ diff --git a/ldap-network.c b/ldap-network.c index bb94cb1..b25df79 100644 --- a/ldap-network.c +++ b/ldap-network.c @@ -29,7 +29,7 @@ #include <port_before.h> #endif -#if defined(HAVE_THREAD_H) && !defined(_AIX) +#if defined(HAVE_THREAD_H) #include <thread.h> #elif defined(HAVE_PTHREAD_H) #include <pthread.h> @@ -69,8 +69,8 @@ static ent_context_t *net_context = NULL; static enum nss_status _nss_ldap_parse_net (LDAPMessage * e, - ldap_state_t * pvt, - void *result, char *buffer, size_t buflen) + ldap_state_t * pvt, + void *result, char *buffer, size_t buflen) { char *tmp; @@ -81,13 +81,13 @@ _nss_ldap_parse_net (LDAPMessage * e, network->n_addrtype = AF_INET; stat = _nss_ldap_assign_attrval (e, ATM (LM_NETWORKS, cn), &network->n_name, - &buffer, &buflen); + &buffer, &buflen); if (stat != NSS_SUCCESS) return stat; stat = _nss_ldap_assign_attrval (e, AT (ipNetworkNumber), &tmp, &buffer, - &buflen); + &buflen); if (stat != NSS_SUCCESS) return stat; @@ -95,7 +95,7 @@ _nss_ldap_parse_net (LDAPMessage * e, stat = _nss_ldap_assign_attrvals (e, ATM (LM_NETWORKS, cn), network->n_name, - &network->n_aliases, &buffer, &buflen, NULL); + &network->n_aliases, &buffer, &buflen, NULL); if (stat != NSS_SUCCESS) return stat; @@ -104,8 +104,8 @@ _nss_ldap_parse_net (LDAPMessage * e, enum nss_status _nss_ldap_getnetbyname_r (const char *name, struct netent * result, - char *buffer, size_t buflen, int *errnop, - int *herrnop) + char *buffer, size_t buflen, int *errnop, + int *herrnop) { enum nss_status status; ldap_args_t a; @@ -115,12 +115,12 @@ _nss_ldap_getnetbyname_r (const char *name, struct netent * result, LA_TYPE (a) = LA_TYPE_STRING; status = _nss_ldap_getbyname (&a, - result, - buffer, - buflen, - errnop, - _nss_ldap_filt_getnetbyname, - LM_NETWORKS, _nss_ldap_parse_net); + result, + buffer, + buflen, + errnop, + _nss_ldap_filt_getnetbyname, + LM_NETWORKS, _nss_ldap_parse_net); MAP_H_ERRNO (status, *herrnop); @@ -129,8 +129,8 @@ _nss_ldap_getnetbyname_r (const char *name, struct netent * result, enum nss_status _nss_ldap_getnetbyaddr_r (unsigned long addr, int type, - struct netent * result, char *buffer, size_t buflen, - int *errnop, int *herrnop) + struct netent * result, char *buffer, size_t buflen, + int *errnop, int *herrnop) { struct in_addr in; char buf[256]; @@ -149,36 +149,36 @@ _nss_ldap_getnetbyaddr_r (unsigned long addr, int type, while (1) { retval = _nss_ldap_getbyname (&a, result, buffer, buflen, errnop, - _nss_ldap_filt_getnetbyaddr, - LM_NETWORKS, _nss_ldap_parse_net); + _nss_ldap_filt_getnetbyaddr, + LM_NETWORKS, _nss_ldap_parse_net); if (retval != NSS_SUCCESS) - { - if (retval == NSS_NOTFOUND) - { - if (buf[blen - 2] == '.' && buf[blen - 1] == '\0') - { - buf[blen - 2] = '\0'; - blen -= 2; - continue; - } - else - { - MAP_H_ERRNO (retval, *herrnop); - return NSS_NOTFOUND; - } - } - else - { - MAP_H_ERRNO (retval, *herrnop); - return retval; - } - } + { + if (retval == NSS_NOTFOUND) + { + if (buf[blen - 2] == '.' && buf[blen - 1] == '\0') + { + buf[blen - 2] = '\0'; + blen -= 2; + continue; + } + else + { + MAP_H_ERRNO (retval, *herrnop); + return NSS_NOTFOUND; + } + } + else + { + MAP_H_ERRNO (retval, *herrnop); + return retval; + } + } else - { - /* retval == NSS_SUCCESS */ - break; - } + { + /* retval == NSS_SUCCESS */ + break; + } } MAP_H_ERRNO (NSS_SUCCESS, *herrnop); @@ -198,17 +198,17 @@ _nss_ldap_getnetbyaddr_r (unsigned long addr, int type, enum nss_status _nss_ldap_getnetent_r (struct netent * result, char *buffer, size_t buflen, - int *errnop, int *herrnop) + int *errnop, int *herrnop) { enum nss_status status; status = _nss_ldap_getent (&net_context, - result, - buffer, - buflen, - errnop, - _nss_ldap_filt_getnetent, - LM_NETWORKS, _nss_ldap_parse_net); + result, + buffer, + buflen, + errnop, + _nss_ldap_filt_getnetent, + LM_NETWORKS, _nss_ldap_parse_net); MAP_H_ERRNO (status, *herrnop); diff --git a/ldap-network.h b/ldap-network.h index 97edf67..9a11131 100644 --- a/ldap-network.h +++ b/ldap-network.h @@ -25,9 +25,9 @@ #define _LDAP_NSS_LDAP_LDAP_NETWORK_H static enum nss_status _nss_ldap_parse_net (LDAPMessage * e, - ldap_state_t * pvt, - void *result, - char *buffer, size_t buflen); + ldap_state_t * pvt, + void *result, + char *buffer, size_t buflen); #endif /* _LDAP_NSS_LDAP_LDAP_NETWORK_H */ @@ -29,7 +29,7 @@ #include <port_before.h> #endif -#if defined(HAVE_THREAD_H) && !defined(_AIX) +#if defined(HAVE_THREAD_H) #include <thread.h> #elif defined(HAVE_PTHREAD_H) #include <pthread.h> @@ -90,7 +90,7 @@ #include "dnsconfig.h" #include "pagectrl.h" -#if defined(HAVE_THREAD_H) && !defined(_AIX) +#if defined(HAVE_THREAD_H) #ifdef HAVE_PTHREAD_ATFORK #undef HAVE_PTHREAD_ATFORK #endif @@ -110,7 +110,7 @@ #ifdef HAVE_LDAP_LD_FREE #if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000) extern int ldap_ld_free (LDAP * ld, int close, LDAPControl **, - LDAPControl **); + LDAPControl **); #else extern int ldap_ld_free (LDAP * ld, int close); #endif /* OPENLDAP 2.x */ @@ -217,15 +217,15 @@ static enum nss_status do_open (void); * Perform an asynchronous search. */ static int do_search (const char *base, int scope, - const char *filter, const char **attrs, - int sizelimit, int *); + const char *filter, const char **attrs, + int sizelimit, int *); /* * Perform a synchronous search. */ static int do_search_s (const char *base, int scope, - const char *filter, const char **attrs, - int sizelimit, LDAPMessage **); + const char *filter, const char **attrs, + int sizelimit, LDAPMessage **); /* * Fetch an LDAP result. @@ -236,23 +236,23 @@ static enum nss_status do_result (ent_context_t * ctx, int all); * Format a filter given a prototype. */ static enum nss_status do_filter (const ldap_args_t * args, const char *filterprot, - ldap_service_search_descriptor_t * sd, - char *filter, size_t filterlen, - char **dynamicFilter, const char **retFilter); + ldap_service_search_descriptor_t * sd, + char *filter, size_t filterlen, + char **dynamicFilter, const char **retFilter); /* * Parse a result, fetching new results until a successful parse * or exceptional condition. */ static enum nss_status do_parse (ent_context_t * ctx, void *result, char *buffer, - size_t buflen, int *errnop, parser_t parser); + size_t buflen, int *errnop, parser_t parser); /* * Parse a result, fetching results from the result chain * rather than the server. */ static enum nss_status do_parse_s (ent_context_t * ctx, void *result, char *buffer, - size_t buflen, int *errnop, parser_t parser); + size_t buflen, int *errnop, parser_t parser); /* * Function to be braced by reconnect harness. Used so we @@ -260,15 +260,15 @@ static enum nss_status do_parse_s (ent_context_t * ctx, void *result, char *buff * synchronous searches. */ typedef int (*search_func_t) (const char *, int, const char *, - const char **, int, void *); + const char **, int, void *); /* * Do a search with a reconnect harness. */ static enum nss_status do_with_reconnect (const char *base, int scope, - const char *filter, const char **attrs, int sizelimit, - void *private, search_func_t func); + const char *filter, const char **attrs, int sizelimit, + void *private, search_func_t func); /* * Map error from LDAP status code to NSS status code @@ -279,11 +279,11 @@ static enum nss_status do_map_error (int rc); * Do a bind with a defined timeout */ static int do_bind (LDAP * ld, int timelimit, const char *dn, const char *pw, - int with_sasl); + int with_sasl); #if defined(HAVE_LDAP_SASL_INTERACTIVE_BIND_S) && (defined(HAVE_SASL_H) || defined(HAVE_SASL_SASL_H)) static int do_sasl_interact (LDAP * ld, unsigned flags, void *defaults, - void *p); + void *p); #endif static int @@ -345,7 +345,7 @@ do_map_error (int rc) #if LDAP_SET_REBIND_PROC_ARGS == 3 static int do_rebind (LDAP * ld, LDAP_CONST char *url, ber_tag_t request, - ber_int_t msgid, void *arg) + ber_int_t msgid, void *arg) #else static int do_rebind (LDAP * ld, LDAP_CONST char *url, int request, ber_int_t msgid) @@ -361,15 +361,15 @@ do_rebind (LDAP * ld, LDAP_CONST char *url, int request, ber_int_t msgid) #if defined(HAVE_LDAP_SASL_INTERACTIVE_BIND_S) && (defined(HAVE_SASL_H) || defined(HAVE_SASL_SASL_H)) with_sasl = __session.ls_config->ldc_rootusesasl; if (with_sasl) - { - cred = __session.ls_config->ldc_rootsaslid; - } + { + cred = __session.ls_config->ldc_rootsaslid; + } else - { + { #endif - cred = __session.ls_config->ldc_rootbindpw; + cred = __session.ls_config->ldc_rootbindpw; #if defined(HAVE_LDAP_SASL_INTERACTIVE_BIND_S) && (defined(HAVE_SASL_H) || defined(HAVE_SASL_SASL_H)) - } + } #endif } else @@ -378,15 +378,15 @@ do_rebind (LDAP * ld, LDAP_CONST char *url, int request, ber_int_t msgid) #if defined(HAVE_LDAP_SASL_INTERACTIVE_BIND_S) && (defined(HAVE_SASL_H) || defined(HAVE_SASL_SASL_H)) with_sasl = __session.ls_config->ldc_usesasl; if (with_sasl) - { - cred = __session.ls_config->ldc_saslid; - } + { + cred = __session.ls_config->ldc_saslid; + } else - { + { #endif - cred = __session.ls_config->ldc_bindpw; + cred = __session.ls_config->ldc_bindpw; #if defined(HAVE_LDAP_SASL_INTERACTIVE_BIND_S) && (defined(HAVE_SASL_H) || defined(HAVE_SASL_SASL_H)) - } + } #endif } @@ -398,26 +398,26 @@ do_rebind (LDAP * ld, LDAP_CONST char *url, int request, ber_int_t msgid) int version; if (ldap_get_option - (__session.ls_conn, LDAP_OPT_PROTOCOL_VERSION, - &version) == LDAP_OPT_SUCCESS) - { - if (version < LDAP_VERSION3) - { - version = LDAP_VERSION3; - ldap_set_option (__session.ls_conn, LDAP_OPT_PROTOCOL_VERSION, - &version); - } - } + (__session.ls_conn, LDAP_OPT_PROTOCOL_VERSION, + &version) == LDAP_OPT_SUCCESS) + { + if (version < LDAP_VERSION3) + { + version = LDAP_VERSION3; + ldap_set_option (__session.ls_conn, LDAP_OPT_PROTOCOL_VERSION, + &version); + } + } if (do_start_tls (&__session) == LDAP_SUCCESS) - { - debug ("TLS startup succeeded"); - } + { + debug ("TLS startup succeeded"); + } else - { - debug ("TLS startup failed"); - return NSS_UNAVAIL; - } + { + debug ("TLS startup failed"); + return NSS_UNAVAIL; + } } #endif /* HAVE_LDAP_START_TLS_S */ @@ -427,7 +427,7 @@ do_rebind (LDAP * ld, LDAP_CONST char *url, int request, ber_int_t msgid) #if LDAP_SET_REBIND_PROC_ARGS == 3 static int do_rebind (LDAP * ld, char **whop, char **credp, int *methodp, - int freeit, void *arg) + int freeit, void *arg) #elif LDAP_SET_REBIND_PROC_ARGS == 2 static int do_rebind (LDAP * ld, char **whop, char **credp, int *methodp, int freeit) @@ -436,9 +436,9 @@ do_rebind (LDAP * ld, char **whop, char **credp, int *methodp, int freeit) if (freeit) { if (*whop != NULL) - free (*whop); + free (*whop); if (*credp != NULL) - free (*credp); + free (*credp); } *whop = *credp = NULL; @@ -446,14 +446,14 @@ do_rebind (LDAP * ld, char **whop, char **credp, int *methodp, int freeit) { *whop = strdup (__session.ls_config->ldc_rootbinddn); if (__session.ls_config->ldc_rootbindpw != NULL) - *credp = strdup (__session.ls_config->ldc_rootbindpw); + *credp = strdup (__session.ls_config->ldc_rootbindpw); } else { if (__session.ls_config->ldc_binddn != NULL) - *whop = strdup (__session.ls_config->ldc_binddn); + *whop = strdup (__session.ls_config->ldc_binddn); if (__session.ls_config->ldc_bindpw != NULL) - *credp = strdup (__session.ls_config->ldc_bindpw); + *credp = strdup (__session.ls_config->ldc_bindpw); } *methodp = LDAP_AUTH_SIMPLE; @@ -497,7 +497,7 @@ do_atfork_setup (void) #ifdef HAVE_PTHREAD_ATFORK (void) pthread_atfork (do_atfork_prepare, do_atfork_parent, - do_atfork_child); + do_atfork_child); #elif defined(HAVE_LIBC_LOCK_H) || defined(HAVE_BITS_LIBC_LOCK_H) (void) __libc_atfork (do_atfork_prepare, do_atfork_parent, do_atfork_child); #endif @@ -555,7 +555,7 @@ _nss_ldap_unblock_sigpipe (void) (void) sigset (SIGPIPE, __sigpipe_handler); # else (void) signal (SIGPIPE, __sigpipe_handler); -# endif /* HAVE_SIGSET */ +# endif /* HAVE_SIGSET */ } #endif /* HAVE_SIGACTION */ } @@ -610,7 +610,7 @@ do_set_sockopts (void) NSS_LDAP_SOCKLEN_T peernamelen = sizeof (NSS_LDAP_SOCKADDR_STORAGE); (void) setsockopt (sd, SOL_SOCKET, SO_KEEPALIVE, (void *) &off, - sizeof (off)); + sizeof (off)); (void) fcntl (sd, F_SETFD, FD_CLOEXEC); /* * NSS modules shouldn't open file descriptors that the program/utility @@ -625,9 +625,9 @@ do_set_sockopts (void) * sockaddr_in structures for later comparison. */ (void) getsockname (sd, (struct sockaddr *) &__session.ls_sockname, - &socknamelen); + &socknamelen); (void) getpeername (sd, (struct sockaddr *) &__session.ls_peername, - &peernamelen); + &peernamelen); } debug ("<== do_set_sockopts"); #endif /* HAVE_LDAPSSL_CLIENT_INIT */ @@ -659,7 +659,7 @@ do_close (void) sd = __session.ls_conn->ld_sb.sb_sd; # endif /* LDAP_OPT_DESC */ syslog (LOG_AUTHPRIV | LOG_INFO, "nss_ldap: closing connection %p fd %d", - __session.ls_conn, sd); + __session.ls_conn, sd); #endif /* DEBUG */ ldap_unbind (__session.ls_conn); @@ -672,9 +672,9 @@ do_close (void) static int do_sockaddr_isequal (NSS_LDAP_SOCKADDR_STORAGE *_s1, - NSS_LDAP_SOCKLEN_T _slen1, - NSS_LDAP_SOCKADDR_STORAGE *_s2, - NSS_LDAP_SOCKLEN_T _slen2) + NSS_LDAP_SOCKLEN_T _slen1, + NSS_LDAP_SOCKADDR_STORAGE *_s2, + NSS_LDAP_SOCKLEN_T _slen2) { int ret; @@ -689,38 +689,38 @@ do_sockaddr_isequal (NSS_LDAP_SOCKADDR_STORAGE *_s1, switch (_s1->ss_family) { case AF_INET: - { - struct sockaddr_in *s1 = (struct sockaddr_in *) _s1; - struct sockaddr_in *s2 = (struct sockaddr_in *) _s2; - - ret = (s1->sin_port == s2->sin_port && - memcmp (&s1->sin_addr, &s2->sin_addr, sizeof(struct in_addr)) == 0); - break; - } + { + struct sockaddr_in *s1 = (struct sockaddr_in *) _s1; + struct sockaddr_in *s2 = (struct sockaddr_in *) _s2; + + ret = (s1->sin_port == s2->sin_port && + memcmp (&s1->sin_addr, &s2->sin_addr, sizeof(struct in_addr)) == 0); + break; + } case AF_UNIX: - { - struct sockaddr_un *s1 = (struct sockaddr_un *) _s1; - struct sockaddr_un *s2 = (struct sockaddr_un *) _s2; - - ret = (memcmp (s1->sun_path, s2->sun_path, - _slen1 - sizeof (_s1->ss_family)) == 0); - break; - } + { + struct sockaddr_un *s1 = (struct sockaddr_un *) _s1; + struct sockaddr_un *s2 = (struct sockaddr_un *) _s2; + + ret = (memcmp (s1->sun_path, s2->sun_path, + _slen1 - sizeof (_s1->ss_family)) == 0); + break; + } #ifdef INET6 case AF_INET6: - { - struct sockaddr_in6 *s1 = (struct sockaddr_in6 *) _s1; - struct sockaddr_in6 *s2 = (struct sockaddr_in6 *) _s2; - - ret = (s1->sin6_port == s2->sin6_port && - memcmp (&s1->sin6_addr, &s2->sin6_addr, sizeof(struct in6_addr)) == 0 && - s1->sin6_scope_id == s2->sin6_scope_id); - break; - } + { + struct sockaddr_in6 *s1 = (struct sockaddr_in6 *) _s1; + struct sockaddr_in6 *s2 = (struct sockaddr_in6 *) _s2; + + ret = (s1->sin6_port == s2->sin6_port && + memcmp (&s1->sin6_addr, &s2->sin6_addr, sizeof(struct in6_addr)) == 0 && + s1->sin6_scope_id == s2->sin6_scope_id); + break; + } #endif default: - ret = (memcmp (_s1, _s2, _slen1) == 0); - break; + ret = (memcmp (_s1, _s2, _slen1) == 0); + break; } return ret; @@ -755,23 +755,23 @@ do_get_our_socket(int *sd) if (getsockname (*sd, (struct sockaddr *) &sockname, &socknamelen) != 0 || getpeername (*sd, (struct sockaddr *) &peername, &peernamelen) != 0) - { - isOurSocket = 0; - } + { + isOurSocket = 0; + } else - { - isOurSocket = do_sockaddr_isequal (&__session.ls_sockname, - socknamelen, - &sockname, - socknamelen); - if (isOurSocket) - { - isOurSocket = do_sockaddr_isequal (&__session.ls_peername, - peernamelen, - &peername, - peernamelen); - } - } + { + isOurSocket = do_sockaddr_isequal (&__session.ls_sockname, + socknamelen, + &sockname, + socknamelen); + if (isOurSocket) + { + isOurSocket = do_sockaddr_isequal (&__session.ls_peername, + peernamelen, + &peername, + peernamelen); + } + } } #endif /* HAVE_LDAPSSL_CLIENT_INIT */ return isOurSocket; @@ -789,17 +789,17 @@ do_dupfd(int oldfd, int newfd) { d = (newfd > -1) ? dup2 (oldfd, newfd) : dup (oldfd); if (d > -1) - break; + break; if (errno == EBADF) - return -1; /* not open */ + return -1; /* not open */ if (errno != EINTR #ifdef EBUSY - && errno != EBUSY + && errno != EBUSY #endif - ) - return -1; + ) + return -1; } /* duplicate close-on-exec flag */ @@ -823,23 +823,23 @@ static void do_drop_connection(int sd, int closeSd) { /* Close the LDAP connection without writing anything to the - underlying socket. The socket will be left open afterwards if - closeSd is 0 */ + underlying socket. The socket will be left open afterwards if + closeSd is 0 */ #ifndef HAVE_LDAPSSL_CLIENT_INIT { int dummyfd = -1, savedfd = -1; /* Under OpenLDAP 2.x, ldap_set_option (..., LDAP_OPT_DESC, ...) is - a no-op, so to shut down the LDAP connection without writing - anything to the socket, we swap a dummy socket onto that file - descriptor, and then swap the real fd back once the shutdown is - done. */ + a no-op, so to shut down the LDAP connection without writing + anything to the socket, we swap a dummy socket onto that file + descriptor, and then swap the real fd back once the shutdown is + done. */ savedfd = do_dupfd (sd, -1); dummyfd = socket (AF_INET, SOCK_STREAM, 0); if (dummyfd > -1 && dummyfd != sd) { - do_closefd (sd); - do_dupfd (dummyfd, sd); - do_closefd (dummyfd); + do_closefd (sd); + do_dupfd (dummyfd, sd); + do_closefd (dummyfd); } #ifdef HAVE_LDAP_LD_FREE @@ -856,9 +856,9 @@ do_drop_connection(int sd, int closeSd) do_closefd (sd); if (savedfd > -1) { - if (closeSd == 0) - do_dupfd (savedfd, sd); - do_closefd (savedfd); + if (closeSd == 0) + do_dupfd (savedfd, sd); + do_closefd (savedfd); } } #else /* No sd available */ @@ -866,12 +866,12 @@ do_drop_connection(int sd, int closeSd) int bogusSd = -1; if (closeSd == 0) { - sd = -1; /* don't want to really close the socket */ + sd = -1; /* don't want to really close the socket */ #ifdef HAVE_LDAP_LD_FREE #if defined(HAVE_LDAP_GET_OPTION) && defined(LDAP_OPT_DESC) - (void) ldap_set_option (__session.ls_conn, LDAP_OPT_DESC, &sd); + (void) ldap_set_option (__session.ls_conn, LDAP_OPT_DESC, &sd); #else - __session.ls_conn->ld_sb.sb_sd = -1; + __session.ls_conn->ld_sb.sb_sd = -1; #endif /* LDAP_OPT_DESC */ #endif /* HAVE_LDAP_LD_FREE */ } @@ -935,7 +935,7 @@ do_close_no_unbind (void) #if defined(DEBUG) || defined(DEBUG_SOCKETS) syslog (LOG_AUTHPRIV | LOG_INFO, "nss_ldap: %sclosing connection (no unbind) %p fd %d", - closeSd ? "" : "not ", __session.ls_conn, sd); + closeSd ? "" : "not ", __session.ls_conn, sd); #endif /* DEBUG */ do_drop_connection(sd, closeSd); @@ -1004,9 +1004,9 @@ do_init_session (LDAP ** ld, const char *uri, int defport) size_t urilen = (p - uri); if (urilen >= sizeof (uribuf)) - { - return NSS_UNAVAIL; - } + { + return NSS_UNAVAIL; + } memcpy (uribuf, uri, urilen); uribuf[urilen] = '\0'; @@ -1079,7 +1079,7 @@ do_init (void) if (__pthread_once == NULL) pid = getpid (); else - pid = -1; /* linked against libpthreads, don't care */ + pid = -1; /* linked against libpthreads, don't care */ #else pid = getpid (); #endif /* HAVE_LIBC_LOCK_H || HAVE_BITS_LIBC_LOCK_H */ @@ -1090,20 +1090,20 @@ do_init (void) #ifdef DEBUG #ifdef HAVE_PTHREAD_ATFORK syslog (LOG_AUTHPRIV | LOG_DEBUG, - "nss_ldap: __session.ls_state=%d, __session.ls_conn=%p, __euid=%i, euid=%i", - __session.ls_state, __session.ls_conn, __euid, euid); + "nss_ldap: __session.ls_state=%d, __session.ls_conn=%p, __euid=%i, euid=%i", + __session.ls_state, __session.ls_conn, __euid, euid); #elif defined(HAVE_LIBC_LOCK_H) || defined(HAVE_BITS_LIBC_LOCK_H) syslog (LOG_AUTHPRIV | LOG_DEBUG, - "nss_ldap: libpthreads=%s, __session.ls_state=%d, __session.ls_conn=%p, __pid=%i, pid=%i, __euid=%i, euid=%i", - (__pthread_once == NULL ? "FALSE" : "TRUE"), - __session.ls_state, - __session.ls_conn, - (__pthread_once == NULL ? __pid : -1), - (__pthread_once == NULL ? pid : -1), __euid, euid); + "nss_ldap: libpthreads=%s, __session.ls_state=%d, __session.ls_conn=%p, __pid=%i, pid=%i, __euid=%i, euid=%i", + (__pthread_once == NULL ? "FALSE" : "TRUE"), + __session.ls_state, + __session.ls_conn, + (__pthread_once == NULL ? __pid : -1), + (__pthread_once == NULL ? pid : -1), __euid, euid); #else syslog (LOG_AUTHPRIV | LOG_DEBUG, - "nss_ldap: __session.ls_state=%d, __session.ls_conn=%p, __pid=%i, pid=%i, __euid=%i, euid=%i", - __session.ls_state, __session.ls_conn, __pid, pid, __euid, euid); + "nss_ldap: __session.ls_state=%d, __session.ls_conn=%p, __pid=%i, pid=%i, __euid=%i, euid=%i", + __session.ls_state, __session.ls_conn, __pid, pid, __euid, euid); #endif #endif /* DEBUG */ @@ -1150,25 +1150,25 @@ do_init (void) assert (__session.ls_config != NULL); if (__session.ls_config->ldc_idle_timelimit) - { - time (¤t_time); - if ((__session.ls_timestamp + - __session.ls_config->ldc_idle_timelimit) < current_time) - { - debug ("idle_timelimit reached"); - do_close (); - } - } + { + time (¤t_time); + if ((__session.ls_timestamp + + __session.ls_config->ldc_idle_timelimit) < current_time) + { + debug ("idle_timelimit reached"); + do_close (); + } + } /* * If the connection is still there (ie. do_close() wasn't * called) then we can return the cached connection. */ if (__session.ls_state == LS_CONNECTED_TO_DSA) - { - debug ("<== do_init (cached session)"); - return NSS_SUCCESS; - } + { + debug ("<== do_init (cached session)"); + return NSS_SUCCESS; + } } __session.ls_conn = NULL; @@ -1205,16 +1205,16 @@ do_init (void) stat = _nss_ldap_readconfig (&__config, &configbufp, &configbuflen); if (stat == NSS_NOTFOUND) - { - /* Config was read but no host information specified; try DNS */ - stat = _nss_ldap_mergeconfigfromdns (__config, &configbufp, &configbuflen); - } + { + /* Config was read but no host information specified; try DNS */ + stat = _nss_ldap_mergeconfigfromdns (__config, &configbufp, &configbuflen); + } if (stat != NSS_SUCCESS) - { - debug ("<== do_init (failed to read config)"); - return NSS_UNAVAIL; - } + { + debug ("<== do_init (failed to read config)"); + return NSS_UNAVAIL; + } } cfg = __config; @@ -1227,26 +1227,26 @@ do_init (void) { # ifdef LBER_OPT_LOG_PRINT_FILE if (cfg->ldc_logdir && !__debugfile) - { - char namebuf[PATH_MAX]; - - snprintf (namebuf, sizeof (namebuf), "%s/ldap.%d", cfg->ldc_logdir, - (int) getpid ()); - __debugfile = fopen (namebuf, "a"); - - if (__debugfile != NULL) - { - ber_set_option (NULL, LBER_OPT_LOG_PRINT_FILE, __debugfile); - } - } -# endif /* LBER_OPT_LOG_PRINT_FILE */ + { + char namebuf[PATH_MAX]; + + snprintf (namebuf, sizeof (namebuf), "%s/ldap.%d", cfg->ldc_logdir, + (int) getpid ()); + __debugfile = fopen (namebuf, "a"); + + if (__debugfile != NULL) + { + ber_set_option (NULL, LBER_OPT_LOG_PRINT_FILE, __debugfile); + } + } +# endif /* LBER_OPT_LOG_PRINT_FILE */ # ifdef LBER_OPT_DEBUG_LEVEL if (cfg->ldc_debug) - { - ber_set_option (NULL, LBER_OPT_DEBUG_LEVEL, &cfg->ldc_debug); - ldap_set_option (NULL, LDAP_OPT_DEBUG_LEVEL, &cfg->ldc_debug); - } -# endif /* LBER_OPT_DEBUG_LEVEL */ + { + ber_set_option (NULL, LBER_OPT_DEBUG_LEVEL, &cfg->ldc_debug); + ldap_set_option (NULL, LDAP_OPT_DEBUG_LEVEL, &cfg->ldc_debug); + } +# endif /* LBER_OPT_DEBUG_LEVEL */ } #endif /* HAVE_LDAP_SET_OPTION */ @@ -1258,11 +1258,11 @@ do_init (void) { int rc = 0; if (__ssl_initialized == 0 - && (rc = ldapssl_client_init (cfg->ldc_sslpath, NULL)) != LDAP_SUCCESS) - { + && (rc = ldapssl_client_init (cfg->ldc_sslpath, NULL)) != LDAP_SUCCESS) + { debug ("<== do_init (ldapssl_client_init failed with rc = %d)", rc); - return NSS_UNAVAIL; - } + return NSS_UNAVAIL; + } __ssl_initialized = 1; } #endif /* SSL */ @@ -1273,8 +1273,8 @@ do_init (void) assert (cfg->ldc_uris[__session.ls_current_uri] != NULL); stat = do_init_session (&__session.ls_conn, - cfg->ldc_uris[__session.ls_current_uri], - cfg->ldc_port); + cfg->ldc_uris[__session.ls_current_uri], + cfg->ldc_port); if (stat != NSS_SUCCESS) { debug ("<== do_init (failed to initialize LDAP session)"); @@ -1324,9 +1324,9 @@ do_start_tls (ldap_session_t * session) { #if defined(HAVE_LDAP_GET_OPTION) && defined(LDAP_OPT_ERROR_NUMBER) if (ldap_get_option (session->ls_conn, LDAP_OPT_ERROR_NUMBER, &rc) != LDAP_SUCCESS) - { - rc = LDAP_UNAVAILABLE; - } + { + rc = LDAP_UNAVAILABLE; + } #else rc = ld->ld_errno; #endif /* LDAP_OPT_ERROR_NUMBER */ @@ -1419,7 +1419,7 @@ do_open (void) #if defined(HAVE_LDAP_SET_OPTION) && defined(LDAP_OPT_PROTOCOL_VERSION) ldap_set_option (__session.ls_conn, LDAP_OPT_PROTOCOL_VERSION, - &cfg->ldc_version); + &cfg->ldc_version); #else __session.ls_conn->ld_version = cfg->ldc_version; #endif /* LDAP_OPT_PROTOCOL_VERSION */ @@ -1432,7 +1432,7 @@ do_open (void) #if defined(HAVE_LDAP_SET_OPTION) && defined(LDAP_OPT_TIMELIMIT) ldap_set_option (__session.ls_conn, LDAP_OPT_TIMELIMIT, - &cfg->ldc_timelimit); + &cfg->ldc_timelimit); #else __session.ls_conn->ld_timelimit = cfg->ldc_timelimit; #endif /* LDAP_OPT_TIMELIMIT */ @@ -1455,12 +1455,12 @@ do_open (void) #if defined(HAVE_LDAP_SET_OPTION) && defined(LDAP_OPT_REFERRALS) ldap_set_option (__session.ls_conn, LDAP_OPT_REFERRALS, - cfg->ldc_referrals ? LDAP_OPT_ON : LDAP_OPT_OFF); + cfg->ldc_referrals ? LDAP_OPT_ON : LDAP_OPT_OFF); #endif #if defined(HAVE_LDAP_SET_OPTION) && defined(LDAP_OPT_RESTART) ldap_set_option (__session.ls_conn, LDAP_OPT_RESTART, - cfg->ldc_restart ? LDAP_OPT_ON : LDAP_OPT_OFF); + cfg->ldc_restart ? LDAP_OPT_ON : LDAP_OPT_OFF); #endif #if defined(HAVE_LDAP_START_TLS_S) || defined(HAVE_LDAP_START_TLS) @@ -1469,36 +1469,36 @@ do_open (void) int version; if (ldap_get_option - (__session.ls_conn, LDAP_OPT_PROTOCOL_VERSION, - &version) == LDAP_OPT_SUCCESS) - { - if (version < LDAP_VERSION3) - { - version = LDAP_VERSION3; - ldap_set_option (__session.ls_conn, LDAP_OPT_PROTOCOL_VERSION, - &version); - } - } + (__session.ls_conn, LDAP_OPT_PROTOCOL_VERSION, + &version) == LDAP_OPT_SUCCESS) + { + if (version < LDAP_VERSION3) + { + version = LDAP_VERSION3; + ldap_set_option (__session.ls_conn, LDAP_OPT_PROTOCOL_VERSION, + &version); + } + } /* set up SSL context */ if (do_ssl_options (cfg) != LDAP_SUCCESS) - { - do_close (); - debug ("<== do_open (SSL setup failed)"); - return NSS_UNAVAIL; - } + { + do_close (); + debug ("<== do_open (SSL setup failed)"); + return NSS_UNAVAIL; + } stat = do_map_error (do_start_tls (&__session)); if (stat == NSS_SUCCESS) - { - debug (":== do_open (TLS startup succeeded)"); - } + { + debug (":== do_open (TLS startup succeeded)"); + } else - { - do_close (); - debug ("<== do_open (TLS startup failed)"); - return stat; - } + { + do_close (); + debug ("<== do_open (TLS startup failed)"); + return stat; + } } else #endif /* HAVE_LDAP_START_TLS_S || HAVE_LDAP_START_TLS */ @@ -1511,39 +1511,39 @@ do_open (void) #if defined(HAVE_LDAP_SET_OPTION) && defined(LDAP_OPT_X_TLS) int tls = LDAP_OPT_X_TLS_HARD; if (ldap_set_option (__session.ls_conn, LDAP_OPT_X_TLS, &tls) != - LDAP_SUCCESS) - { - do_close (); - debug ("<== do_open (TLS setup failed)"); - return NSS_UNAVAIL; - } + LDAP_SUCCESS) + { + do_close (); + debug ("<== do_open (TLS setup failed)"); + return NSS_UNAVAIL; + } /* set up SSL context */ if (do_ssl_options (cfg) != LDAP_SUCCESS) - { - do_close (); - debug ("<== do_open (SSL setup failed)"); - return NSS_UNAVAIL; - } + { + do_close (); + debug ("<== do_open (SSL setup failed)"); + return NSS_UNAVAIL; + } #elif defined(HAVE_LDAPSSL_CLIENT_INIT) if (ldapssl_install_routines (__session.ls_conn) != LDAP_SUCCESS) - { - do_close (); - debug ("<== do_open (SSL setup failed)"); - return NSS_UNAVAIL; - } + { + do_close (); + debug ("<== do_open (SSL setup failed)"); + return NSS_UNAVAIL; + } /* not in Solaris 9? */ #ifndef LDAP_OPT_SSL #define LDAP_OPT_SSL 0x0A #endif if (ldap_set_option (__session.ls_conn, LDAP_OPT_SSL, LDAP_OPT_ON) != - LDAP_SUCCESS) - { - do_close (); - debug ("<== do_open (SSL setup failed)"); - return NSS_UNAVAIL; - } + LDAP_SUCCESS) + { + do_close (); + debug ("<== do_open (SSL setup failed)"); + return NSS_UNAVAIL; + } #endif } @@ -1558,15 +1558,15 @@ do_open (void) #if defined(HAVE_LDAP_SASL_INTERACTIVE_BIND_S) && (defined(HAVE_SASL_H) || defined(HAVE_SASL_SASL_H)) usesasl = cfg->ldc_rootusesasl; bindarg = - cfg->ldc_rootusesasl ? cfg->ldc_rootsaslid : cfg->ldc_rootbindpw; + cfg->ldc_rootusesasl ? cfg->ldc_rootsaslid : cfg->ldc_rootbindpw; #else usesasl = 0; bindarg = cfg->ldc_rootbindpw; #endif rc = do_bind (__session.ls_conn, - cfg->ldc_bind_timelimit, - cfg->ldc_rootbinddn, bindarg, usesasl); + cfg->ldc_bind_timelimit, + cfg->ldc_rootbinddn, bindarg, usesasl); } else { @@ -1579,18 +1579,18 @@ do_open (void) #endif rc = do_bind (__session.ls_conn, - cfg->ldc_bind_timelimit, - cfg->ldc_binddn, - cfg->ldc_bindpw, usesasl); + cfg->ldc_bind_timelimit, + cfg->ldc_binddn, + cfg->ldc_bindpw, usesasl); } if (rc != LDAP_SUCCESS) { /* log actual LDAP error code */ syslog (LOG_AUTHPRIV | LOG_INFO, - "nss_ldap: failed to bind to LDAP server %s: %s", - cfg->ldc_uris[__session.ls_current_uri], - ldap_err2string (rc)); + "nss_ldap: failed to bind to LDAP server %s: %s", + cfg->ldc_uris[__session.ls_current_uri], + ldap_err2string (rc)); stat = do_map_error (rc); do_close (); debug ("<== do_open (failed to bind to DSA"); @@ -1620,13 +1620,13 @@ do_ssl_options (ldap_config_t * cfg) { /* rand file */ rc = ldap_set_option (NULL, LDAP_OPT_X_TLS_RANDOM_FILE, - cfg->ldc_tls_randfile); + cfg->ldc_tls_randfile); if (rc != LDAP_SUCCESS) - { - debug - ("<== do_ssl_options: Setting of LDAP_OPT_X_TLS_RANDOM_FILE failed"); - return LDAP_OPERATIONS_ERROR; - } + { + debug + ("<== do_ssl_options: Setting of LDAP_OPT_X_TLS_RANDOM_FILE failed"); + return LDAP_OPERATIONS_ERROR; + } } #endif /* LDAP_OPT_X_TLS_RANDOM_FILE */ @@ -1634,74 +1634,74 @@ do_ssl_options (ldap_config_t * cfg) { /* ca cert file */ rc = ldap_set_option (NULL, LDAP_OPT_X_TLS_CACERTFILE, - cfg->ldc_tls_cacertfile); + cfg->ldc_tls_cacertfile); if (rc != LDAP_SUCCESS) - { - debug - ("<== do_ssl_options: Setting of LDAP_OPT_X_TLS_CACERTFILE failed"); - return LDAP_OPERATIONS_ERROR; - } + { + debug + ("<== do_ssl_options: Setting of LDAP_OPT_X_TLS_CACERTFILE failed"); + return LDAP_OPERATIONS_ERROR; + } } if (cfg->ldc_tls_cacertdir != NULL) { /* ca cert directory */ rc = ldap_set_option (NULL, LDAP_OPT_X_TLS_CACERTDIR, - cfg->ldc_tls_cacertdir); + cfg->ldc_tls_cacertdir); if (rc != LDAP_SUCCESS) - { - debug - ("<== do_ssl_options: Setting of LDAP_OPT_X_TLS_CACERTDIR failed"); - return LDAP_OPERATIONS_ERROR; - } + { + debug + ("<== do_ssl_options: Setting of LDAP_OPT_X_TLS_CACERTDIR failed"); + return LDAP_OPERATIONS_ERROR; + } } /* require cert? */ if (cfg->ldc_tls_checkpeer > -1) { rc = ldap_set_option (NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, - &cfg->ldc_tls_checkpeer); + &cfg->ldc_tls_checkpeer); if (rc != LDAP_SUCCESS) - { - debug - ("<== do_ssl_options: Setting of LDAP_OPT_X_TLS_REQUIRE_CERT failed"); - return LDAP_OPERATIONS_ERROR; - } + { + debug + ("<== do_ssl_options: Setting of LDAP_OPT_X_TLS_REQUIRE_CERT failed"); + return LDAP_OPERATIONS_ERROR; + } } if (cfg->ldc_tls_ciphers != NULL) { /* set cipher suite, certificate and private key: */ rc = ldap_set_option (NULL, LDAP_OPT_X_TLS_CIPHER_SUITE, - cfg->ldc_tls_ciphers); + cfg->ldc_tls_ciphers); if (rc != LDAP_SUCCESS) - { - debug - ("<== do_ssl_options: Setting of LDAP_OPT_X_TLS_CIPHER_SUITE failed"); - return LDAP_OPERATIONS_ERROR; - } + { + debug + ("<== do_ssl_options: Setting of LDAP_OPT_X_TLS_CIPHER_SUITE failed"); + return LDAP_OPERATIONS_ERROR; + } } if (cfg->ldc_tls_cert != NULL) { rc = ldap_set_option (NULL, LDAP_OPT_X_TLS_CERTFILE, cfg->ldc_tls_cert); if (rc != LDAP_SUCCESS) - { - debug - ("<== do_ssl_options: Setting of LDAP_OPT_X_TLS_CERTFILE failed"); - return LDAP_OPERATIONS_ERROR; - } + { + debug + ("<== do_ssl_options: Setting of LDAP_OPT_X_TLS_CERTFILE failed"); + return LDAP_OPERATIONS_ERROR; + } } if (cfg->ldc_tls_key != NULL) { rc = ldap_set_option (NULL, LDAP_OPT_X_TLS_KEYFILE, cfg->ldc_tls_key); if (rc != LDAP_SUCCESS) - { - debug - ("<== do_ssl_options: Setting of LDAP_OPT_X_TLS_KEYFILE failed"); - return LDAP_OPERATIONS_ERROR; - } + { + debug + ("<== do_ssl_options: Setting of LDAP_OPT_X_TLS_KEYFILE failed"); + return LDAP_OPERATIONS_ERROR; + } } debug ("<== do_ssl_options"); @@ -1712,7 +1712,7 @@ do_ssl_options (ldap_config_t * cfg) static int do_bind (LDAP * ld, int timelimit, const char *dn, const char *pw, - int with_sasl) + int with_sasl) { int rc; int msgid; @@ -1735,43 +1735,43 @@ do_bind (LDAP * ld, int timelimit, const char *dn, const char *pw, msgid = ldap_simple_bind (ld, dn, pw); if (msgid < 0) - { + { #if defined(HAVE_LDAP_GET_OPTION) && defined(LDAP_OPT_ERROR_NUMBER) - if (ldap_get_option (ld, LDAP_OPT_ERROR_NUMBER, &rc) != - LDAP_SUCCESS) - { - rc = LDAP_UNAVAILABLE; - } + if (ldap_get_option (ld, LDAP_OPT_ERROR_NUMBER, &rc) != + LDAP_SUCCESS) + { + rc = LDAP_UNAVAILABLE; + } #else - rc = ld->ld_errno; + rc = ld->ld_errno; #endif /* LDAP_OPT_ERROR_NUMBER */ - /* Notify if we failed. */ - syslog (LOG_AUTHPRIV | LOG_ERR, "nss_ldap: could not connect to any LDAP server as %s - %s", - dn, ldap_err2string (rc)); - debug ("<== do_bind"); + /* Notify if we failed. */ + syslog (LOG_AUTHPRIV | LOG_ERR, "nss_ldap: could not connect to any LDAP server as %s - %s", + dn, ldap_err2string (rc)); + debug ("<== do_bind"); - return rc; - } + return rc; + } rc = ldap_result (ld, msgid, 0, &tv, &result); if (rc > 0) - { - debug ("<== do_bind"); - return ldap_result2error (ld, result, 1); - } + { + debug ("<== do_bind"); + return ldap_result2error (ld, result, 1); + } /* took too long */ if (rc == 0) - { - ldap_abandon (ld, msgid); - } + { + ldap_abandon (ld, msgid); + } #if (defined(HAVE_LDAP_SASL_INTERACTIVE_BIND_S) && (defined(HAVE_SASL_H) || defined(HAVE_SASL_SASL_H))) || defined(HAVE_LDAP_GSS_BIND) } else { #ifdef HAVE_LDAP_GSS_BIND return ldap_gss_bind (ld, dn, pw, GSSSASL_NO_SECURITY_LAYER, - LDAP_SASL_GSSAPI); + LDAP_SASL_GSSAPI); #else # ifdef CONFIGURE_KRB5_CCNAME # ifndef CONFIGURE_KRB5_CCNAME_GSSAPI @@ -1781,72 +1781,72 @@ do_bind (LDAP * ld, int timelimit, const char *dn, const char *pw, char *ccname; const char *oldccname = NULL; int retval; -# endif /* CONFIGURE_KRB5_CCNAME */ +# endif /* CONFIGURE_KRB5_CCNAME */ if (__config->ldc_sasl_secprops != NULL) - { - rc = - ldap_set_option (ld, LDAP_OPT_X_SASL_SECPROPS, - (void *) __config->ldc_sasl_secprops); - if (rc != LDAP_SUCCESS) - { - debug ("do_bind: unable to set SASL security properties"); - return rc; - } - } + { + rc = + ldap_set_option (ld, LDAP_OPT_X_SASL_SECPROPS, + (void *) __config->ldc_sasl_secprops); + if (rc != LDAP_SUCCESS) + { + debug ("do_bind: unable to set SASL security properties"); + return rc; + } + } # ifdef CONFIGURE_KRB5_CCNAME /* Set default Kerberos ticket cache for SASL-GSSAPI */ /* There are probably race conditions here XXX */ if (__config->ldc_krb5_ccname != NULL) - { - ccname = __config->ldc_krb5_ccname; + { + ccname = __config->ldc_krb5_ccname; # ifdef CONFIGURE_KRB5_CCNAME_ENV - oldccname = getenv ("KRB5CCNAME"); - if (oldccname != NULL) - { - strncpy (tmpbuf, oldccname, sizeof (tmpbuf)); - tmpbuf[sizeof (tmpbuf) - 1] = '\0'; - } - else - { - tmpbuf[0] = '\0'; - } - oldccname = tmpbuf; - snprintf (envbuf, sizeof (envbuf), "KRB5CCNAME=%s", ccname); - putenv (envbuf); + oldccname = getenv ("KRB5CCNAME"); + if (oldccname != NULL) + { + strncpy (tmpbuf, oldccname, sizeof (tmpbuf)); + tmpbuf[sizeof (tmpbuf) - 1] = '\0'; + } + else + { + tmpbuf[0] = '\0'; + } + oldccname = tmpbuf; + snprintf (envbuf, sizeof (envbuf), "KRB5CCNAME=%s", ccname); + putenv (envbuf); # elif defined(CONFIGURE_KRB5_CCNAME_GSSAPI) - if (gss_krb5_ccache_name (&retval, ccname, &oldccname) != - GSS_S_COMPLETE) - { - debug ("do_bind: unable to set default credential cache"); - return -1; - } + if (gss_krb5_ccache_name (&retval, ccname, &oldccname) != + GSS_S_COMPLETE) + { + debug ("do_bind: unable to set default credential cache"); + return -1; + } # endif - } -# endif /* CONFIGURE_KRB5_CCNAME */ + } +# endif /* CONFIGURE_KRB5_CCNAME */ rc = ldap_sasl_interactive_bind_s (ld, dn, "GSSAPI", NULL, NULL, - LDAP_SASL_QUIET, - do_sasl_interact, (void *) pw); + LDAP_SASL_QUIET, + do_sasl_interact, (void *) pw); # ifdef CONFIGURE_KRB5_CCNAME /* Restore default Kerberos ticket cache. */ if (oldccname != NULL) - { + { # ifdef CONFIGURE_KRB5_CCNAME_ENV - snprintf (envbuf, sizeof (envbuf), "KRB5CCNAME=%s", oldccname); - putenv (envbuf); + snprintf (envbuf, sizeof (envbuf), "KRB5CCNAME=%s", oldccname); + putenv (envbuf); # elif defined(CONFIGURE_KRB5_CCNAME_GSSAPI) - if (gss_krb5_ccache_name (&retval, oldccname, NULL) != - GSS_S_COMPLETE) - { - debug ("do_bind: unable to restore default credential cache"); - return -1; - } + if (gss_krb5_ccache_name (&retval, oldccname, NULL) != + GSS_S_COMPLETE) + { + debug ("do_bind: unable to restore default credential cache"); + return -1; + } # endif - } -# endif /* CONFIGURE_KRB5_CCNAME */ + } +# endif /* CONFIGURE_KRB5_CCNAME */ return rc; #endif /* HAVE_LDAP_GSS_BIND */ @@ -1898,26 +1898,26 @@ _nss_ldap_ent_context_init_locked (ent_context_t ** pctx) { ctx = (ent_context_t *) malloc (sizeof (*ctx)); if (ctx == NULL) - { - debug ("<== _nss_ldap_ent_context_init_locked"); - return NULL; - } + { + debug ("<== _nss_ldap_ent_context_init_locked"); + return NULL; + } *pctx = ctx; } else { if (ctx->ec_res != NULL) - { - ldap_msgfree (ctx->ec_res); - } + { + ldap_msgfree (ctx->ec_res); + } if (ctx->ec_cookie != NULL) - { - ber_bvfree (ctx->ec_cookie); - } + { + ber_bvfree (ctx->ec_cookie); + } if (ctx->ec_msgid > -1 && do_result (ctx, LDAP_MSG_ONE) == NSS_SUCCESS) - { - ldap_abandon (__session.ls_conn, ctx->ec_msgid); - } + { + ldap_abandon (__session.ls_conn, ctx->ec_msgid); + } } ctx->ec_cookie = NULL; @@ -1987,8 +1987,8 @@ _nss_ldap_ent_context_release (ent_context_t * ctx) */ static enum nss_status do_aggregate_filter (const char **values, - ldap_args_types_t type, - const char *filterprot, char *bufptr, size_t buflen) + ldap_args_types_t type, + const char *filterprot, char *bufptr, size_t buflen) { enum nss_status stat; const char **valueP; @@ -2007,15 +2007,15 @@ do_aggregate_filter (const char **values, char filter[LDAP_FILT_MAXSIZ], escapedBuf[LDAP_FILT_MAXSIZ]; stat = - _nss_ldap_escape_string (*valueP, escapedBuf, sizeof (escapedBuf)); + _nss_ldap_escape_string (*valueP, escapedBuf, sizeof (escapedBuf)); if (stat != NSS_SUCCESS) - return stat; + return stat; snprintf (filter, sizeof (filter), filterprot, escapedBuf); len = strlen (filter); if (buflen < len + 1 /* ')' */ ) - return NSS_TRYAGAIN; + return NSS_TRYAGAIN; memcpy (bufptr, filter, len); bufptr[len] = '\0'; @@ -2039,8 +2039,8 @@ do_aggregate_filter (const char **values, */ static enum nss_status do_filter (const ldap_args_t * args, const char *filterprot, - ldap_service_search_descriptor_t * sd, char *userBuf, - size_t userBufSiz, char **dynamicUserBuf, const char **retFilter) + ldap_service_search_descriptor_t * sd, char *userBuf, + size_t userBufSiz, char **dynamicUserBuf, const char **retFilter) { char buf1[LDAP_FILT_MAXSIZ], buf2[LDAP_FILT_MAXSIZ]; char *filterBufP, filterBuf[LDAP_FILT_MAXSIZ]; @@ -2056,132 +2056,132 @@ do_filter (const ldap_args_t * args, const char *filterprot, /* choose what to use for temporary storage */ if (sd != NULL && sd->lsd_filter != NULL) - { - filterBufP = filterBuf; - filterSiz = sizeof (filterBuf); - } + { + filterBufP = filterBuf; + filterSiz = sizeof (filterBuf); + } else - { - filterBufP = userBuf; - filterSiz = userBufSiz; - } + { + filterBufP = userBuf; + filterSiz = userBufSiz; + } switch (args->la_type) - { - case LA_TYPE_STRING: - stat = _nss_ldap_escape_string (args->la_arg1.la_string, buf1, - sizeof (buf1)); - if (stat != NSS_SUCCESS) - break; - - snprintf (filterBufP, filterSiz, filterprot, buf1); - break; - case LA_TYPE_NUMBER: - snprintf (filterBufP, filterSiz, filterprot, - args->la_arg1.la_number); - break; - case LA_TYPE_STRING_AND_STRING: - stat = _nss_ldap_escape_string (args->la_arg1.la_string, buf1, - sizeof (buf1)); - if (stat != NSS_SUCCESS) - break; - - stat = _nss_ldap_escape_string (args->la_arg2.la_string, buf2, - sizeof (buf2)); - if (stat != NSS_SUCCESS) - break; - - snprintf (filterBufP, filterSiz, filterprot, buf1, buf2); - break; - case LA_TYPE_NUMBER_AND_STRING: - stat = _nss_ldap_escape_string (args->la_arg2.la_string, buf1, - sizeof (buf1)); - if (stat != NSS_SUCCESS) - break; - - snprintf (filterBufP, filterSiz, filterprot, - args->la_arg1.la_number, buf1); - break; - case LA_TYPE_STRING_LIST_OR: - case LA_TYPE_STRING_LIST_AND: - do - { - stat = do_aggregate_filter (args->la_arg1.la_string_list, - args->la_type, - filterprot, filterBufP, filterSiz); - if (stat == NSS_TRYAGAIN) - { - filterBufP = *dynamicUserBuf = realloc (*dynamicUserBuf, - 2 * filterSiz); - if (filterBufP == NULL) - return NSS_UNAVAIL; - filterSiz *= 2; - } - } - while (stat == NSS_TRYAGAIN); - break; - default: - return NSS_UNAVAIL; - break; - } + { + case LA_TYPE_STRING: + stat = _nss_ldap_escape_string (args->la_arg1.la_string, buf1, + sizeof (buf1)); + if (stat != NSS_SUCCESS) + break; + + snprintf (filterBufP, filterSiz, filterprot, buf1); + break; + case LA_TYPE_NUMBER: + snprintf (filterBufP, filterSiz, filterprot, + args->la_arg1.la_number); + break; + case LA_TYPE_STRING_AND_STRING: + stat = _nss_ldap_escape_string (args->la_arg1.la_string, buf1, + sizeof (buf1)); + if (stat != NSS_SUCCESS) + break; + + stat = _nss_ldap_escape_string (args->la_arg2.la_string, buf2, + sizeof (buf2)); + if (stat != NSS_SUCCESS) + break; + + snprintf (filterBufP, filterSiz, filterprot, buf1, buf2); + break; + case LA_TYPE_NUMBER_AND_STRING: + stat = _nss_ldap_escape_string (args->la_arg2.la_string, buf1, + sizeof (buf1)); + if (stat != NSS_SUCCESS) + break; + + snprintf (filterBufP, filterSiz, filterprot, + args->la_arg1.la_number, buf1); + break; + case LA_TYPE_STRING_LIST_OR: + case LA_TYPE_STRING_LIST_AND: + do + { + stat = do_aggregate_filter (args->la_arg1.la_string_list, + args->la_type, + filterprot, filterBufP, filterSiz); + if (stat == NSS_TRYAGAIN) + { + filterBufP = *dynamicUserBuf = realloc (*dynamicUserBuf, + 2 * filterSiz); + if (filterBufP == NULL) + return NSS_UNAVAIL; + filterSiz *= 2; + } + } + while (stat == NSS_TRYAGAIN); + break; + default: + return NSS_UNAVAIL; + break; + } if (stat != NSS_SUCCESS) - return stat; + return stat; /* * This code really needs to be cleaned up. */ if (sd != NULL && sd->lsd_filter != NULL) - { - size_t filterBufPLen = strlen (filterBufP); - - /* remove trailing bracket */ - if (filterBufP[filterBufPLen - 1] == ')') - filterBufP[filterBufPLen - 1] = '\0'; - - if (*dynamicUserBuf != NULL) - { - char *oldDynamicUserBuf = *dynamicUserBuf; - size_t dynamicUserBufSiz; - - dynamicUserBufSiz = filterBufPLen + strlen (sd->lsd_filter) + - sizeof ("())"); - *dynamicUserBuf = malloc (dynamicUserBufSiz); - if (*dynamicUserBuf == NULL) - { - free (oldDynamicUserBuf); - return NSS_UNAVAIL; - } - - snprintf (*dynamicUserBuf, dynamicUserBufSiz, "%s(%s))", - filterBufP, sd->lsd_filter); - free (oldDynamicUserBuf); - } - else - { - snprintf (userBuf, userBufSiz, "%s(%s))", - filterBufP, sd->lsd_filter); - } - } + { + size_t filterBufPLen = strlen (filterBufP); + + /* remove trailing bracket */ + if (filterBufP[filterBufPLen - 1] == ')') + filterBufP[filterBufPLen - 1] = '\0'; + + if (*dynamicUserBuf != NULL) + { + char *oldDynamicUserBuf = *dynamicUserBuf; + size_t dynamicUserBufSiz; + + dynamicUserBufSiz = filterBufPLen + strlen (sd->lsd_filter) + + sizeof ("())"); + *dynamicUserBuf = malloc (dynamicUserBufSiz); + if (*dynamicUserBuf == NULL) + { + free (oldDynamicUserBuf); + return NSS_UNAVAIL; + } + + snprintf (*dynamicUserBuf, dynamicUserBufSiz, "%s(%s))", + filterBufP, sd->lsd_filter); + free (oldDynamicUserBuf); + } + else + { + snprintf (userBuf, userBufSiz, "%s(%s))", + filterBufP, sd->lsd_filter); + } + } if (*dynamicUserBuf != NULL) - *retFilter = *dynamicUserBuf; + *retFilter = *dynamicUserBuf; else - *retFilter = userBuf; + *retFilter = userBuf; } else { /* no arguments, probably an enumeration filter */ if (sd != NULL && sd->lsd_filter != NULL) - { - snprintf (userBuf, userBufSiz, "(&%s(%s))", - filterprot, sd->lsd_filter); - *retFilter = userBuf; - } + { + snprintf (userBuf, userBufSiz, "(&%s(%s))", + filterprot, sd->lsd_filter); + *retFilter = userBuf; + } else - { - *retFilter = filterprot; - } + { + *retFilter = filterprot; + } } debug (":== do_filter: %s", *retFilter); @@ -2218,85 +2218,85 @@ do_result (ent_context_t * ctx, int all) do { if (ctx->ec_res != NULL) - { - ldap_msgfree (ctx->ec_res); - ctx->ec_res = NULL; - } + { + ldap_msgfree (ctx->ec_res); + ctx->ec_res = NULL; + } rc = - ldap_result (__session.ls_conn, ctx->ec_msgid, all, tvp, - &ctx->ec_res); + ldap_result (__session.ls_conn, ctx->ec_msgid, all, tvp, + &ctx->ec_res); switch (rc) - { - case -1: - case 0: + { + case -1: + case 0: #if defined(HAVE_LDAP_GET_OPTION) && defined(LDAP_OPT_ERROR_NUMBER) - if (ldap_get_option - (__session.ls_conn, LDAP_OPT_ERROR_NUMBER, &rc) != LDAP_SUCCESS) - { - rc = LDAP_UNAVAILABLE; - } + if (ldap_get_option + (__session.ls_conn, LDAP_OPT_ERROR_NUMBER, &rc) != LDAP_SUCCESS) + { + rc = LDAP_UNAVAILABLE; + } #else - rc = __session.ls_conn->ld_errno; + rc = __session.ls_conn->ld_errno; #endif /* LDAP_OPT_ERROR_NUMBER */ - syslog (LOG_AUTHPRIV | LOG_ERR, "nss_ldap: could not get LDAP result - %s", - ldap_err2string (rc)); - stat = NSS_UNAVAIL; - break; - case LDAP_RES_SEARCH_ENTRY: - stat = NSS_SUCCESS; - break; - case LDAP_RES_SEARCH_RESULT: - if (all == LDAP_MSG_ALL) - { - /* we asked for the result chain, we got it. */ - stat = NSS_SUCCESS; - } - else - { + syslog (LOG_AUTHPRIV | LOG_ERR, "nss_ldap: could not get LDAP result - %s", + ldap_err2string (rc)); + stat = NSS_UNAVAIL; + break; + case LDAP_RES_SEARCH_ENTRY: + stat = NSS_SUCCESS; + break; + case LDAP_RES_SEARCH_RESULT: + if (all == LDAP_MSG_ALL) + { + /* we asked for the result chain, we got it. */ + stat = NSS_SUCCESS; + } + else + { #ifdef LDAP_MORE_RESULTS_TO_RETURN - int parserc; - /* NB: this frees ctx->ec_res */ - LDAPControl **resultControls = NULL; - - ctx->ec_cookie = NULL; - - parserc = - ldap_parse_result (__session.ls_conn, ctx->ec_res, &rc, NULL, - NULL, NULL, &resultControls, 1); - if (parserc != LDAP_SUCCESS - && parserc != LDAP_MORE_RESULTS_TO_RETURN) - { - stat = NSS_UNAVAIL; - ldap_abandon (__session.ls_conn, ctx->ec_msgid); - syslog (LOG_AUTHPRIV | LOG_ERR, - "nss_ldap: could not get LDAP result - %s", - ldap_err2string (rc)); - } - else if (resultControls != NULL) - { - /* See if there are any more pages to come */ - parserc = ldap_parse_page_control (__session.ls_conn, - resultControls, NULL, - &(ctx->ec_cookie)); - ldap_controls_free (resultControls); - stat = NSS_NOTFOUND; - } - else - { - stat = NSS_NOTFOUND; - } + int parserc; + /* NB: this frees ctx->ec_res */ + LDAPControl **resultControls = NULL; + + ctx->ec_cookie = NULL; + + parserc = + ldap_parse_result (__session.ls_conn, ctx->ec_res, &rc, NULL, + NULL, NULL, &resultControls, 1); + if (parserc != LDAP_SUCCESS + && parserc != LDAP_MORE_RESULTS_TO_RETURN) + { + stat = NSS_UNAVAIL; + ldap_abandon (__session.ls_conn, ctx->ec_msgid); + syslog (LOG_AUTHPRIV | LOG_ERR, + "nss_ldap: could not get LDAP result - %s", + ldap_err2string (rc)); + } + else if (resultControls != NULL) + { + /* See if there are any more pages to come */ + parserc = ldap_parse_page_control (__session.ls_conn, + resultControls, NULL, + &(ctx->ec_cookie)); + ldap_controls_free (resultControls); + stat = NSS_NOTFOUND; + } + else + { + stat = NSS_NOTFOUND; + } #else - stat = NSS_NOTFOUND; + stat = NSS_NOTFOUND; #endif /* LDAP_MORE_RESULTS_TO_RETURN */ - ctx->ec_res = NULL; - ctx->ec_msgid = -1; - } - break; - default: - stat = NSS_UNAVAIL; - break; - } + ctx->ec_res = NULL; + ctx->ec_msgid = -1; + } + break; + default: + stat = NSS_UNAVAIL; + break; + } } #ifdef LDAP_RES_SEARCH_REFERENCE while (rc == LDAP_RES_SEARCH_REFERENCE); @@ -2318,8 +2318,8 @@ do_result (ent_context_t * ctx, int all) */ static enum nss_status do_with_reconnect (const char *base, int scope, - const char *filter, const char **attrs, int sizelimit, - void *private, search_func_t search_func) + const char *filter, const char **attrs, int sizelimit, + void *private, search_func_t search_func) { int rc = LDAP_UNAVAILABLE, tries = 0, backoff = 0; int hard = 1, start_uri = 0, log = 0; @@ -2332,111 +2332,111 @@ do_with_reconnect (const char *base, int scope, assert (__session.ls_config != NULL); maxtries = __session.ls_config->ldc_reconnect_maxconntries + - __session.ls_config->ldc_reconnect_tries; + __session.ls_config->ldc_reconnect_tries; while (stat == NSS_UNAVAIL && hard && tries < maxtries) { if (tries >= __session.ls_config->ldc_reconnect_maxconntries) - { - if (backoff == 0) - backoff = __session.ls_config->ldc_reconnect_sleeptime; - else if (backoff < __session.ls_config->ldc_reconnect_maxsleeptime) - backoff *= 2; - - syslog (LOG_AUTHPRIV | LOG_INFO, - "nss_ldap: reconnecting to LDAP server (sleeping %d seconds)...", - backoff); - (void) sleep (backoff); - } + { + if (backoff == 0) + backoff = __session.ls_config->ldc_reconnect_sleeptime; + else if (backoff < __session.ls_config->ldc_reconnect_maxsleeptime) + backoff *= 2; + + syslog (LOG_AUTHPRIV | LOG_INFO, + "nss_ldap: reconnecting to LDAP server (sleeping %d seconds)...", + backoff); + (void) sleep (backoff); + } else if (tries > 1) - { - /* Don't sleep, reconnect immediately. */ - syslog (LOG_AUTHPRIV | LOG_INFO, "nss_ldap: reconnecting to LDAP server..."); - } + { + /* Don't sleep, reconnect immediately. */ + syslog (LOG_AUTHPRIV | LOG_INFO, "nss_ldap: reconnecting to LDAP server..."); + } /* For each "try", attempt to connect to all specified URIs */ start_uri = __session.ls_current_uri; do - { - stat = do_open (); - if (stat == NSS_SUCCESS) - { - stat = do_map_error (search_func (base, scope, filter, - attrs, sizelimit, private)); - } - if (stat != NSS_UNAVAIL) - break; - - log++; - - /* test in case config file could not be read */ - if (__session.ls_config != NULL) - { - assert (__session.ls_config-> - ldc_uris[__session.ls_current_uri] != NULL); - - __session.ls_current_uri++; - - if (__session.ls_config->ldc_uris[__session.ls_current_uri] == - NULL) - __session.ls_current_uri = 0; - } - } + { + stat = do_open (); + if (stat == NSS_SUCCESS) + { + stat = do_map_error (search_func (base, scope, filter, + attrs, sizelimit, private)); + } + if (stat != NSS_UNAVAIL) + break; + + log++; + + /* test in case config file could not be read */ + if (__session.ls_config != NULL) + { + assert (__session.ls_config-> + ldc_uris[__session.ls_current_uri] != NULL); + + __session.ls_current_uri++; + + if (__session.ls_config->ldc_uris[__session.ls_current_uri] == + NULL) + __session.ls_current_uri = 0; + } + } while (__session.ls_current_uri != start_uri); if (stat == NSS_UNAVAIL) - { - do_close (); - - /* - * If a soft reconnect policy is specified, then do not - * try to reconnect to the LDAP server if it is down. - */ - if (__session.ls_config->ldc_reconnect_pol == LP_RECONNECT_SOFT) - hard = 0; - - /* - * If the file /lib/init/rw/libnss-ldap.bind_policy_soft exists, - * then ignore the actual bind_policy definition and use the - * soft semantics. This file should only exist during early - * boot and late shutdown, points at which the networking or - * the LDAP server itself are likely to be unavailable anyway. - */ - if (access("/lib/init/rw/libnss-ldap.bind_policy_soft",R_OK) == 0) - hard = 0; - - ++tries; - } + { + do_close (); + + /* + * If a soft reconnect policy is specified, then do not + * try to reconnect to the LDAP server if it is down. + */ + if (__session.ls_config->ldc_reconnect_pol == LP_RECONNECT_SOFT) + hard = 0; + + /* + * If the file /lib/init/rw/libnss-ldap.bind_policy_soft exists, + * then ignore the actual bind_policy definition and use the + * soft semantics. This file should only exist during early + * boot and late shutdown, points at which the networking or + * the LDAP server itself are likely to be unavailable anyway. + */ + if (access("/lib/init/rw/libnss-ldap.bind_policy_soft",R_OK) == 0) + hard = 0; + + ++tries; + } } switch (stat) { case NSS_UNAVAIL: syslog (LOG_AUTHPRIV | LOG_ERR, "nss_ldap: could not search LDAP server - %s", - ldap_err2string (rc)); + ldap_err2string (rc)); break; case NSS_TRYAGAIN: syslog (LOG_AUTHPRIV | LOG_ERR, - "nss_ldap: could not %s %sconnect to LDAP server - %s", - hard ? "hard" : "soft", tries ? "re" : "", - ldap_err2string (rc)); + "nss_ldap: could not %s %sconnect to LDAP server - %s", + hard ? "hard" : "soft", tries ? "re" : "", + ldap_err2string (rc)); stat = NSS_UNAVAIL; break; case NSS_SUCCESS: if (log) - { - char *uri = __session.ls_config->ldc_uris[__session.ls_current_uri]; - - if (uri == NULL) - uri = "(null)"; - - if (tries) - syslog (LOG_AUTHPRIV | LOG_INFO, - "nss_ldap: reconnected to LDAP server %s after %d attempt%s", - uri, tries, (tries == 1) ? "" : "s"); - else - syslog (LOG_AUTHPRIV | LOG_INFO, "nss_ldap: reconnected to LDAP server %s", uri); - } + { + char *uri = __session.ls_config->ldc_uris[__session.ls_current_uri]; + + if (uri == NULL) + uri = "(null)"; + + if (tries) + syslog (LOG_AUTHPRIV | LOG_INFO, + "nss_ldap: reconnected to LDAP server %s after %d attempt%s", + uri, tries, (tries == 1) ? "" : "s"); + else + syslog (LOG_AUTHPRIV | LOG_INFO, "nss_ldap: reconnected to LDAP server %s", uri); + } time (&__session.ls_timestamp); break; default: @@ -2454,8 +2454,8 @@ do_with_reconnect (const char *base, int scope, */ static int do_search_s (const char *base, int scope, - const char *filter, const char **attrs, int sizelimit, - LDAPMessage ** res) + const char *filter, const char **attrs, int sizelimit, + LDAPMessage ** res) { int rc; struct timeval tv, *tvp; @@ -2464,7 +2464,7 @@ do_search_s (const char *base, int scope, #if defined(HAVE_LDAP_SET_OPTION) && defined(LDAP_OPT_SIZELIMIT) ldap_set_option (__session.ls_conn, LDAP_OPT_SIZELIMIT, - (void *) &sizelimit); + (void *) &sizelimit); #else __session.ls_conn->ld_sizelimit = sizelimit; #endif /* LDAP_OPT_SIZELIMIT */ @@ -2481,7 +2481,7 @@ do_search_s (const char *base, int scope, } rc = ldap_search_st (__session.ls_conn, base, scope, filter, - (char **) attrs, 0, tvp, res); + (char **) attrs, 0, tvp, res); debug ("<== do_search_s"); @@ -2495,7 +2495,7 @@ do_search_s (const char *base, int scope, */ static int do_search (const char *base, int scope, - const char *filter, const char **attrs, int sizelimit, int *msgid) + const char *filter, const char **attrs, int sizelimit, int *msgid) { int rc; LDAPControl *serverCtrls[2]; @@ -2507,10 +2507,10 @@ do_search (const char *base, int scope, if (_nss_ldap_test_config_flag (NSS_LDAP_FLAGS_PAGED_RESULTS)) { rc = ldap_create_page_control (__session.ls_conn, - __session.ls_config->ldc_pagesize, - NULL, 0, &serverCtrls[0]); + __session.ls_config->ldc_pagesize, + NULL, 0, &serverCtrls[0]); if (rc != LDAP_SUCCESS) - return rc; + return rc; serverCtrls[1] = NULL; pServerCtrls = serverCtrls; @@ -2521,8 +2521,8 @@ do_search (const char *base, int scope, } rc = ldap_search_ext (__session.ls_conn, base, scope, filter, - (char **) attrs, 0, pServerCtrls, NULL, - LDAP_NO_LIMIT, sizelimit, msgid); + (char **) attrs, 0, pServerCtrls, NULL, + LDAP_NO_LIMIT, sizelimit, msgid); if (pServerCtrls != NULL) { @@ -2533,21 +2533,21 @@ do_search (const char *base, int scope, #else #if defined(HAVE_LDAP_SET_OPTION) && defined(LDAP_OPT_SIZELIMIT) ldap_set_option (__session.ls_conn, LDAP_OPT_SIZELIMIT, - (void *) &sizelimit); + (void *) &sizelimit); #else __session.ls_conn->ld_sizelimit = sizelimit; #endif /* LDAP_OPT_SIZELIMIT */ *msgid = ldap_search (__session.ls_conn, base, scope, filter, - (char **) attrs, 0); + (char **) attrs, 0); if (*msgid < 0) { #if defined(HAVE_LDAP_GET_OPTION) && defined(LDAP_OPT_ERROR_NUMBER) if (ldap_get_option - (__session.ls_conn, LDAP_OPT_ERROR_NUMBER, &rc) != LDAP_SUCCESS) - { - rc = LDAP_UNAVAILABLE; - } + (__session.ls_conn, LDAP_OPT_ERROR_NUMBER, &rc) != LDAP_SUCCESS) + { + rc = LDAP_UNAVAILABLE; + } #else rc = __session.ls_conn->ld_errno; #endif /* LDAP_OPT_ERROR_NUMBER */ @@ -2587,7 +2587,7 @@ do_map_errno (enum nss_status status, int *errnop) */ static enum nss_status do_parse (ent_context_t * ctx, void *result, char - *buffer, size_t buflen, int *errnop, parser_t parser) + *buffer, size_t buflen, int *errnop, parser_t parser) { enum nss_status parseStat = NSS_NOTFOUND; @@ -2605,18 +2605,18 @@ do_parse (ent_context_t * ctx, void *result, char enum nss_status resultStat = NSS_SUCCESS; if (ctx->ec_state.ls_retry == 0 && - (ctx->ec_state.ls_type == LS_TYPE_KEY - || ctx->ec_state.ls_info.ls_index == -1)) - { - resultStat = do_result (ctx, LDAP_MSG_ONE); - } + (ctx->ec_state.ls_type == LS_TYPE_KEY + || ctx->ec_state.ls_info.ls_index == -1)) + { + resultStat = do_result (ctx, LDAP_MSG_ONE); + } if (resultStat != NSS_SUCCESS) - { - /* Could not get a result; bail */ - parseStat = resultStat; - break; - } + { + /* Could not get a result; bail */ + parseStat = resultStat; + break; + } /* * We have an entry; now, try to parse it. @@ -2628,20 +2628,20 @@ do_parse (ent_context_t * ctx, void *result, char * entries, whichever is first. */ parseStat = parser (ctx->ec_res, &ctx->ec_state, result, - buffer, buflen); + buffer, buflen); /* hold onto the state if we're out of memory XXX */ ctx->ec_state.ls_retry = (parseStat == NSS_TRYAGAIN && buffer != NULL ? 1 : 0); /* free entry is we're moving on */ if (ctx->ec_state.ls_retry == 0 && - (ctx->ec_state.ls_type == LS_TYPE_KEY - || ctx->ec_state.ls_info.ls_index == -1)) - { - /* we don't need the result anymore, ditch it. */ - ldap_msgfree (ctx->ec_res); - ctx->ec_res = NULL; - } + (ctx->ec_state.ls_type == LS_TYPE_KEY + || ctx->ec_state.ls_info.ls_index == -1)) + { + /* we don't need the result anymore, ditch it. */ + ldap_msgfree (ctx->ec_res); + ctx->ec_res = NULL; + } } while (parseStat == NSS_NOTFOUND); @@ -2657,7 +2657,7 @@ do_parse (ent_context_t * ctx, void *result, char */ static enum nss_status do_parse_s (ent_context_t * ctx, void *result, char - *buffer, size_t buflen, int *errnop, parser_t parser) + *buffer, size_t buflen, int *errnop, parser_t parser) { enum nss_status parseStat = NSS_NOTFOUND; LDAPMessage *e = NULL; @@ -2674,21 +2674,21 @@ do_parse_s (ent_context_t * ctx, void *result, char do { if (ctx->ec_state.ls_retry == 0 && - (ctx->ec_state.ls_type == LS_TYPE_KEY - || ctx->ec_state.ls_info.ls_index == -1)) - { - if (e == NULL) - e = ldap_first_entry (__session.ls_conn, ctx->ec_res); - else - e = ldap_next_entry (__session.ls_conn, e); - } + (ctx->ec_state.ls_type == LS_TYPE_KEY + || ctx->ec_state.ls_info.ls_index == -1)) + { + if (e == NULL) + e = ldap_first_entry (__session.ls_conn, ctx->ec_res); + else + e = ldap_next_entry (__session.ls_conn, e); + } if (e == NULL) - { - /* Could not get a result; bail */ - parseStat = NSS_NOTFOUND; - break; - } + { + /* Could not get a result; bail */ + parseStat = NSS_NOTFOUND; + break; + } /* * We have an entry; now, try to parse it. @@ -2722,8 +2722,8 @@ enum nss_status _nss_ldap_read (const char *dn, const char **attributes, LDAPMessage ** res) { return do_with_reconnect (dn, LDAP_SCOPE_BASE, "(objectclass=*)", - attributes, 1, /* sizelimit */ res, - (search_func_t) do_search_s); + attributes, 1, /* sizelimit */ res, + (search_func_t) do_search_s); } /* @@ -2820,8 +2820,8 @@ _nss_ldap_next_attribute (LDAPMessage * entry, BerElement * ber) */ enum nss_status _nss_ldap_search_s (const ldap_args_t * args, - const char *filterprot, ldap_map_selector_t sel, const - char **user_attrs, int sizelimit, LDAPMessage ** res) + const char *filterprot, ldap_map_selector_t sel, const + char **user_attrs, int sizelimit, LDAPMessage ** res) { char sdBase[LDAP_FILT_MAXSIZ]; const char *base = NULL; @@ -2856,38 +2856,38 @@ _nss_ldap_search_s (const ldap_args_t * args, sd = __session.ls_config->ldc_sds[sel]; next: if (sd != NULL) - { - size_t len = strlen (sd->lsd_base); - if (sd->lsd_base[len - 1] == ',') - { - /* is relative */ - snprintf (sdBase, sizeof (sdBase), - "%s%s", sd->lsd_base, - __session.ls_config->ldc_base); - base = sdBase; - } - else - { - base = sd->lsd_base; - } - - if (sd->lsd_scope != -1) - { - scope = sd->lsd_scope; - } - } + { + size_t len = strlen (sd->lsd_base); + if (sd->lsd_base[len - 1] == ',') + { + /* is relative */ + snprintf (sdBase, sizeof (sdBase), + "%s%s", sd->lsd_base, + __session.ls_config->ldc_base); + base = sdBase; + } + else + { + base = sd->lsd_base; + } + + if (sd->lsd_scope != -1) + { + scope = sd->lsd_scope; + } + } attrs = __session.ls_config->ldc_attrtab[sel]; } stat = do_filter (args, filterprot, sd, filterBuf, sizeof (filterBuf), - &dynamicFilterBuf, &filter); + &dynamicFilterBuf, &filter); if (stat != NSS_SUCCESS) return stat; stat = do_with_reconnect (base, scope, filter, - (user_attrs != NULL) ? user_attrs : attrs, - sizelimit, res, (search_func_t) do_search_s); + (user_attrs != NULL) ? user_attrs : attrs, + sizelimit, res, (search_func_t) do_search_s); if (dynamicFilterBuf != NULL) { @@ -2899,12 +2899,12 @@ _nss_ldap_search_s (const ldap_args_t * args, if (sd != NULL && sd->lsd_next != NULL) { if (stat == NSS_NOTFOUND || - (stat == NSS_SUCCESS && - ldap_first_entry (__session.ls_conn, *res) == NULL)) - { - sd = sd->lsd_next; - goto next; - } + (stat == NSS_SUCCESS && + ldap_first_entry (__session.ls_conn, *res) == NULL)) + { + sd = sd->lsd_next; + goto next; + } } debug ("<== _nss_ldap_search_s"); @@ -2918,9 +2918,9 @@ _nss_ldap_search_s (const ldap_args_t * args, */ enum nss_status _nss_ldap_search (const ldap_args_t * args, - const char *filterprot, ldap_map_selector_t sel, - const char **user_attrs, int sizelimit, int *msgid, - ldap_service_search_descriptor_t ** csd) + const char *filterprot, ldap_map_selector_t sel, + const char **user_attrs, int sizelimit, int *msgid, + ldap_service_search_descriptor_t ** csd) { char sdBase[LDAP_FILT_MAXSIZ]; const char *base = NULL; @@ -2959,50 +2959,50 @@ _nss_ldap_search (const ldap_args_t * args, * just quit with NSS_NOTFOUND. */ if (*csd != NULL) - { - sd = (*csd)->lsd_next; - if (sd == NULL) - return NSS_NOTFOUND; - } + { + sd = (*csd)->lsd_next; + if (sd == NULL) + return NSS_NOTFOUND; + } else - { - sd = __session.ls_config->ldc_sds[sel]; - } + { + sd = __session.ls_config->ldc_sds[sel]; + } *csd = sd; if (sd != NULL) - { - size_t len = strlen (sd->lsd_base); - if (sd->lsd_base[len - 1] == ',') - { - /* is relative */ - snprintf (sdBase, sizeof (sdBase), "%s%s", sd->lsd_base, - __session.ls_config->ldc_base); - base = sdBase; - } - else - { - base = sd->lsd_base; - } - - if (sd->lsd_scope != -1) - { - scope = sd->lsd_scope; - } - } + { + size_t len = strlen (sd->lsd_base); + if (sd->lsd_base[len - 1] == ',') + { + /* is relative */ + snprintf (sdBase, sizeof (sdBase), "%s%s", sd->lsd_base, + __session.ls_config->ldc_base); + base = sdBase; + } + else + { + base = sd->lsd_base; + } + + if (sd->lsd_scope != -1) + { + scope = sd->lsd_scope; + } + } attrs = __session.ls_config->ldc_attrtab[sel]; } stat = do_filter (args, filterprot, sd, filterBuf, sizeof (filterBuf), - &dynamicFilterBuf, &filter); + &dynamicFilterBuf, &filter); if (stat != NSS_SUCCESS) return stat; stat = do_with_reconnect (base, scope, filter, - (user_attrs != NULL) ? user_attrs : attrs, - sizelimit, msgid, (search_func_t) do_search); + (user_attrs != NULL) ? user_attrs : attrs, + sizelimit, msgid, (search_func_t) do_search); if (dynamicFilterBuf != NULL) free (dynamicFilterBuf); @@ -3015,8 +3015,8 @@ _nss_ldap_search (const ldap_args_t * args, #ifdef HAVE_LDAP_SEARCH_EXT static enum nss_status do_next_page (const ldap_args_t * args, - const char *filterprot, ldap_map_selector_t sel, int - sizelimit, int *msgid, struct berval *pCookie) + const char *filterprot, ldap_map_selector_t sel, int + sizelimit, int *msgid, struct berval *pCookie) { char sdBase[LDAP_FILT_MAXSIZ]; const char *base = NULL; @@ -3044,30 +3044,30 @@ do_next_page (const ldap_args_t * args, { sd = __session.ls_config->ldc_sds[sel]; if (sd != NULL) - { - size_t len = strlen (sd->lsd_base); - if (sd->lsd_base[len - 1] == ',') - { - snprintf (sdBase, sizeof (sdBase), "%s%s", sd->lsd_base, - __session.ls_config->ldc_base); - base = sdBase; - } - else - { - base = sd->lsd_base; - } - - if (sd->lsd_scope != -1) - { - scope = sd->lsd_scope; - } - } + { + size_t len = strlen (sd->lsd_base); + if (sd->lsd_base[len - 1] == ',') + { + snprintf (sdBase, sizeof (sdBase), "%s%s", sd->lsd_base, + __session.ls_config->ldc_base); + base = sdBase; + } + else + { + base = sd->lsd_base; + } + + if (sd->lsd_scope != -1) + { + scope = sd->lsd_scope; + } + } attrs = __session.ls_config->ldc_attrtab[sel]; } stat = do_filter (args, filterprot, sd, filterBuf, sizeof (filterBuf), - &dynamicFilterBuf, &filter); + &dynamicFilterBuf, &filter); if (stat != NSS_SUCCESS) { return stat; @@ -3075,21 +3075,21 @@ do_next_page (const ldap_args_t * args, stat = ldap_create_page_control (__session.ls_conn, - __session.ls_config->ldc_pagesize, - pCookie, 0, &serverctrls[0]); + __session.ls_config->ldc_pagesize, + pCookie, 0, &serverctrls[0]); if (stat != LDAP_SUCCESS) { if (dynamicFilterBuf != NULL) - free (dynamicFilterBuf); + free (dynamicFilterBuf); return NSS_UNAVAIL; } stat = ldap_search_ext (__session.ls_conn, base, - __session.ls_config->ldc_scope, - filter, - (char **) attrs, 0, serverctrls, NULL, LDAP_NO_LIMIT, - sizelimit, msgid); + __session.ls_config->ldc_scope, + filter, + (char **) attrs, 0, serverctrls, NULL, LDAP_NO_LIMIT, + sizelimit, msgid); ldap_control_free (serverctrls[0]); if (dynamicFilterBuf != NULL) @@ -3108,9 +3108,9 @@ do_next_page (const ldap_args_t * args, */ enum nss_status _nss_ldap_getent (ent_context_t ** ctx, - void *result, char *buffer, size_t buflen, - int *errnop, const char *filterprot, - ldap_map_selector_t sel, parser_t parser) + void *result, char *buffer, size_t buflen, + int *errnop, const char *filterprot, + ldap_map_selector_t sel, parser_t parser) { enum nss_status status; @@ -3122,8 +3122,8 @@ _nss_ldap_getent (ent_context_t ** ctx, _nss_ldap_enter (); status = _nss_ldap_getent_ex (NULL, ctx, result, - buffer, buflen, - errnop, filterprot, sel, NULL, parser); + buffer, buflen, + errnop, filterprot, sel, NULL, parser); _nss_ldap_leave (); return status; @@ -3135,11 +3135,11 @@ _nss_ldap_getent (ent_context_t ** ctx, */ enum nss_status _nss_ldap_getent_ex (ldap_args_t * args, - ent_context_t ** ctx, void *result, - char *buffer, size_t buflen, int *errnop, - const char *filterprot, - ldap_map_selector_t sel, - const char **user_attrs, parser_t parser) + ent_context_t ** ctx, void *result, + char *buffer, size_t buflen, int *errnop, + const char *filterprot, + ldap_map_selector_t sel, + const char **user_attrs, parser_t parser) { enum nss_status stat = NSS_SUCCESS; @@ -3152,10 +3152,10 @@ _nss_ldap_getent_ex (ldap_args_t * args, * or there is no active search */ if (_nss_ldap_ent_context_init_locked (ctx) == NULL) - { - debug ("<== _nss_ldap_getent_ex"); - return NSS_UNAVAIL; - } + { + debug ("<== _nss_ldap_getent_ex"); + return NSS_UNAVAIL; + } } next: @@ -3167,12 +3167,12 @@ next: int msgid; stat = _nss_ldap_search (args, filterprot, sel, user_attrs, - LDAP_NO_LIMIT, &msgid, &(*ctx)->ec_sd); + LDAP_NO_LIMIT, &msgid, &(*ctx)->ec_sd); if (stat != NSS_SUCCESS) - { - debug ("<== _nss_ldap_getent_ex"); - return stat; - } + { + debug ("<== _nss_ldap_getent_ex"); + return stat; + } (*ctx)->ec_msgid = msgid; } @@ -3184,20 +3184,20 @@ next: { /* Is there another page of results? */ if ((*ctx)->ec_cookie != NULL && (*ctx)->ec_cookie->bv_len != 0) - { - int msgid; - - stat = - do_next_page (NULL, filterprot, sel, LDAP_NO_LIMIT, &msgid, - (*ctx)->ec_cookie); - if (stat != NSS_SUCCESS) - { - debug ("<== _nss_ldap_getent_ex"); - return stat; - } - (*ctx)->ec_msgid = msgid; - stat = do_parse (*ctx, result, buffer, buflen, errnop, parser); - } + { + int msgid; + + stat = + do_next_page (NULL, filterprot, sel, LDAP_NO_LIMIT, &msgid, + (*ctx)->ec_cookie); + if (stat != NSS_SUCCESS) + { + debug ("<== _nss_ldap_getent_ex"); + return stat; + } + (*ctx)->ec_msgid = msgid; + stat = do_parse (*ctx, result, buffer, buflen, errnop, parser); + } } #endif /* HAVE_LDAP_SEARCH_EXT */ @@ -3218,9 +3218,9 @@ next: */ enum nss_status _nss_ldap_getbyname (ldap_args_t * args, - void *result, char *buffer, size_t buflen, int - *errnop, const char *filterprot, - ldap_map_selector_t sel, parser_t parser) + void *result, char *buffer, size_t buflen, int + *errnop, const char *filterprot, + ldap_map_selector_t sel, parser_t parser) { enum nss_status stat = NSS_NOTFOUND; ent_context_t ctx; @@ -3272,9 +3272,9 @@ _nss_ldap_getbyname (ldap_args_t * args, */ enum nss_status _nss_ldap_assign_attrvals (LDAPMessage * e, - const char *attr, const char *omitvalue, - char ***valptr, char **pbuffer, size_t * - pbuflen, size_t * pvalcount) + const char *attr, const char *omitvalue, + char ***valptr, char **pbuffer, size_t * + pbuflen, size_t * pvalcount) { char **vals; char **valiter; @@ -3325,28 +3325,28 @@ _nss_ldap_assign_attrvals (LDAPMessage * e, char *elt = NULL; if (omitvalue != NULL && strcmp (*valiter, omitvalue) == 0) - { - valcount--; - } + { + valcount--; + } else - { - vallen = strlen (*valiter); - if (buflen < (size_t) (vallen + 1)) - { - ldap_value_free (vals); - return NSS_TRYAGAIN; - } - - /* copy this value into the next block of buffer space */ - elt = buffer; - buffer += vallen + 1; - buflen -= vallen + 1; - - strncpy (elt, *valiter, vallen); - elt[vallen] = '\0'; - *p = elt; - p++; - } + { + vallen = strlen (*valiter); + if (buflen < (size_t) (vallen + 1)) + { + ldap_value_free (vals); + return NSS_TRYAGAIN; + } + + /* copy this value into the next block of buffer space */ + elt = buffer; + buffer += vallen + 1; + buflen -= vallen + 1; + + strncpy (elt, *valiter, vallen); + elt[vallen] = '\0'; + *p = elt; + p++; + } valiter++; } @@ -3366,8 +3366,8 @@ _nss_ldap_assign_attrvals (LDAPMessage * e, /* Assign a single value to *valptr. */ enum nss_status _nss_ldap_assign_attrval (LDAPMessage * e, - const char *attr, char **valptr, char **buffer, - size_t * buflen) + const char *attr, char **valptr, char **buffer, + size_t * buflen) { char **vals; int vallen; @@ -3378,9 +3378,9 @@ _nss_ldap_assign_attrval (LDAPMessage * e, { vallen = strlen (ovr); if (*buflen < (size_t) (vallen + 1)) - { - return NSS_TRYAGAIN; - } + { + return NSS_TRYAGAIN; + } *valptr = *buffer; @@ -3403,27 +3403,27 @@ _nss_ldap_assign_attrval (LDAPMessage * e, { def = DF (attr); if (def != NULL) - { - vallen = strlen (def); - if (*buflen < (size_t) (vallen + 1)) - { - return NSS_TRYAGAIN; - } + { + vallen = strlen (def); + if (*buflen < (size_t) (vallen + 1)) + { + return NSS_TRYAGAIN; + } - *valptr = *buffer; + *valptr = *buffer; - strncpy (*valptr, def, vallen); - (*valptr)[vallen] = '\0'; + strncpy (*valptr, def, vallen); + (*valptr)[vallen] = '\0'; - *buffer += vallen + 1; - *buflen -= vallen + 1; + *buffer += vallen + 1; + *buflen -= vallen + 1; - return NSS_SUCCESS; - } + return NSS_SUCCESS; + } else - { - return NSS_NOTFOUND; - } + { + return NSS_NOTFOUND; + } } vallen = strlen (*vals); @@ -3457,31 +3457,31 @@ _nss_ldap_locate_userpassword (char **vals) if (__config != NULL) { switch (__config->ldc_password_type) - { - case LU_RFC2307_USERPASSWORD: - token = "{CRYPT}"; - token_length = sizeof ("{CRYPT}") - 1; - break; - case LU_RFC3112_AUTHPASSWORD: - token = "CRYPT$"; - token_length = sizeof ("CRYPT$") - 1; - break; - case LU_OTHER_PASSWORD: - break; - } + { + case LU_RFC2307_USERPASSWORD: + token = "{CRYPT}"; + token_length = sizeof ("{CRYPT}") - 1; + break; + case LU_RFC3112_AUTHPASSWORD: + token = "CRYPT$"; + token_length = sizeof ("CRYPT$") - 1; + break; + case LU_OTHER_PASSWORD: + break; + } } if (vals != NULL) { for (valiter = vals; *valiter != NULL; valiter++) - { - if (token_length == 0 || - strncasecmp (*valiter, token, token_length) == 0) - { - pwd = *valiter; - break; - } - } + { + if (token_length == 0 || + strncasecmp (*valiter, token, token_length) == 0) + { + pwd = *valiter; + break; + } + } } if (pwd == NULL) @@ -3498,8 +3498,8 @@ _nss_ldap_locate_userpassword (char **vals) */ enum nss_status _nss_ldap_assign_userpassword (LDAPMessage * e, - const char *attr, char **valptr, - char **buffer, size_t * buflen) + const char *attr, char **valptr, + char **buffer, size_t * buflen) { char **vals; const char *pwd; @@ -3520,9 +3520,9 @@ _nss_ldap_assign_userpassword (LDAPMessage * e, if (*buflen < (size_t) (vallen + 1)) { if (vals != NULL) - { - ldap_value_free (vals); - } + { + ldap_value_free (vals); + } debug ("<== _nss_ldap_assign_userpassword"); return NSS_TRYAGAIN; } @@ -3560,13 +3560,13 @@ _nss_ldap_oc_check (LDAPMessage * e, const char *oc) if (vals != NULL) { for (valiter = vals; *valiter != NULL; valiter++) - { - if (strcasecmp (*valiter, oc) == 0) - { - ret = NSS_SUCCESS; - break; - } - } + { + if (strcasecmp (*valiter, oc) == 0) + { + ret = NSS_SUCCESS; + break; + } + } } if (vals != NULL) @@ -3602,7 +3602,7 @@ _nss_ldap_shadow_handle_flag (struct spwd *sp) if (__config->ldc_shadow_type == LS_AD_SHADOW) { if (sp->sp_flag & UF_DONT_EXPIRE_PASSWD) - sp->sp_max = 99999; + sp->sp_max = 99999; sp->sp_flag = 0; } } @@ -3674,10 +3674,10 @@ _nss_ldap_map_df (const char *attribute) enum nss_status _nss_ldap_map_put (ldap_config_t * config, - ldap_map_selector_t sel, - ldap_map_type_t type, - const char *from, - const char *to) + ldap_map_selector_t sel, + ldap_map_type_t type, + const char *from, + const char *to) { ldap_datum_t key, val; void **map; @@ -3687,25 +3687,25 @@ _nss_ldap_map_put (ldap_config_t * config, { case MAP_ATTRIBUTE: /* special handling for attribute mapping */ if (strcmp - (from, - "userPassword") == 0) - { - if (strcasecmp (to, "userPassword") == 0) - config->ldc_password_type = LU_RFC2307_USERPASSWORD; - else if (strcasecmp (to, "authPassword") == 0) - config->ldc_password_type = LU_RFC3112_AUTHPASSWORD; - else - config->ldc_password_type = LU_OTHER_PASSWORD; - } + (from, + "userPassword") == 0) + { + if (strcasecmp (to, "userPassword") == 0) + config->ldc_password_type = LU_RFC2307_USERPASSWORD; + else if (strcasecmp (to, "authPassword") == 0) + config->ldc_password_type = LU_RFC3112_AUTHPASSWORD; + else + config->ldc_password_type = LU_OTHER_PASSWORD; + } else if (strcmp (from, "shadowLastChange") == 0) - { - if (strcasecmp (to, "shadowLastChange") == 0) - config->ldc_shadow_type = LS_RFC2307_SHADOW; - else if (strcasecmp (to, "pwdLastSet") == 0) - config->ldc_shadow_type = LS_AD_SHADOW; - else - config->ldc_shadow_type = LS_OTHER_SHADOW; - } + { + if (strcasecmp (to, "shadowLastChange") == 0) + config->ldc_shadow_type = LS_RFC2307_SHADOW; + else if (strcasecmp (to, "pwdLastSet") == 0) + config->ldc_shadow_type = LS_AD_SHADOW; + else + config->ldc_shadow_type = LS_OTHER_SHADOW; + } break; case MAP_OBJECTCLASS: case MAP_OVERRIDE: @@ -3743,9 +3743,9 @@ _nss_ldap_map_put (ldap_config_t * config, enum nss_status _nss_ldap_map_get (ldap_config_t * config, - ldap_map_selector_t sel, - ldap_map_type_t type, - const char *from, const char **to) + ldap_map_selector_t sel, + ldap_map_type_t type, + const char *from, const char **to) { ldap_datum_t key, val; void *map; @@ -3794,11 +3794,11 @@ static ldap_proxy_bind_args_t __proxy_args = { NULL, NULL }; #if LDAP_SET_REBIND_PROC_ARGS == 3 static int do_proxy_rebind (LDAP * ld, LDAP_CONST char *url, ber_tag_t request, - ber_int_t msgid, void *arg) + ber_int_t msgid, void *arg) #else static int do_proxy_rebind (LDAP * ld, LDAP_CONST char *url, int request, - ber_int_t msgid) + ber_int_t msgid) #endif { int timelimit; @@ -3816,11 +3816,11 @@ do_proxy_rebind (LDAP * ld, LDAP_CONST char *url, int request, #if LDAP_SET_REBIND_PROC_ARGS == 3 static int do_proxy_rebind (LDAP * ld, char **whop, char **credp, int *methodp, - int freeit, void *arg) + int freeit, void *arg) #elif LDAP_SET_REBIND_PROC_ARGS == 2 static int do_proxy_rebind (LDAP * ld, char **whop, char **credp, int *methodp, - int freeit) + int freeit) #endif { #if LDAP_SET_REBIND_PROC_ARGS == 3 @@ -3831,9 +3831,9 @@ do_proxy_rebind (LDAP * ld, char **whop, char **credp, int *methodp, if (freeit) { if (*whop != NULL) - free (*whop); + free (*whop); if (*credp != NULL) - free (*credp); + free (*credp); } *whop = who->binddn ? strdup (who->binddn) : NULL; @@ -3879,63 +3879,63 @@ _nss_ldap_proxy_bind (const char *user, const char *password) _nss_ldap_enter (); stat = _nss_ldap_search_s (&args, _nss_ldap_filt_getpwnam, - LM_PASSWD, NULL, 1, &res); + LM_PASSWD, NULL, 1, &res); if (stat == NSS_SUCCESS) { e = _nss_ldap_first_entry (res); if (e != NULL) - { - proxy_args->binddn = _nss_ldap_get_dn (e); - proxy_args->bindpw = password; + { + proxy_args->binddn = _nss_ldap_get_dn (e); + proxy_args->bindpw = password; - if (proxy_args->binddn != NULL) - { - /* Use our special rebind procedure. */ + if (proxy_args->binddn != NULL) + { + /* Use our special rebind procedure. */ #if LDAP_SET_REBIND_PROC_ARGS == 3 - ldap_set_rebind_proc (__session.ls_conn, do_proxy_rebind, NULL); + ldap_set_rebind_proc (__session.ls_conn, do_proxy_rebind, NULL); #elif LDAP_SET_REBIND_PROC_ARGS == 2 - ldap_set_rebind_proc (__session.ls_conn, do_proxy_rebind); + ldap_set_rebind_proc (__session.ls_conn, do_proxy_rebind); #endif - debug (":== _nss_ldap_proxy_bind: %s", proxy_args->binddn); - - rc = do_bind (__session.ls_conn, - __session.ls_config->ldc_bind_timelimit, - proxy_args->binddn, proxy_args->bindpw, 0); - switch (rc) - { - case LDAP_INVALID_CREDENTIALS: - /* XXX overload */ - stat = NSS_TRYAGAIN; - break; - case LDAP_NO_SUCH_OBJECT: - stat = NSS_NOTFOUND; - break; - case LDAP_SUCCESS: - stat = NSS_SUCCESS; - break; - default: - stat = NSS_UNAVAIL; - break; - } - /* - * Close the connection, don't want to continue - * being bound as this user or using this rebind proc. - */ - do_close (); - ldap_memfree (proxy_args->binddn); - } - else - { - stat = NSS_NOTFOUND; - } - proxy_args->binddn = NULL; - proxy_args->bindpw = NULL; - } + debug (":== _nss_ldap_proxy_bind: %s", proxy_args->binddn); + + rc = do_bind (__session.ls_conn, + __session.ls_config->ldc_bind_timelimit, + proxy_args->binddn, proxy_args->bindpw, 0); + switch (rc) + { + case LDAP_INVALID_CREDENTIALS: + /* XXX overload */ + stat = NSS_TRYAGAIN; + break; + case LDAP_NO_SUCH_OBJECT: + stat = NSS_NOTFOUND; + break; + case LDAP_SUCCESS: + stat = NSS_SUCCESS; + break; + default: + stat = NSS_UNAVAIL; + break; + } + /* + * Close the connection, don't want to continue + * being bound as this user or using this rebind proc. + */ + do_close (); + ldap_memfree (proxy_args->binddn); + } + else + { + stat = NSS_NOTFOUND; + } + proxy_args->binddn = NULL; + proxy_args->bindpw = NULL; + } else - { - stat = NSS_NOTFOUND; - } + { + stat = NSS_NOTFOUND; + } ldap_msgfree (res); } @@ -3956,34 +3956,34 @@ do_sasl_interact (LDAP * ld, unsigned flags, void *defaults, void *_interact) while (interact->id != SASL_CB_LIST_END) { if (interact->id == SASL_CB_USER) - { - if (authzid != NULL) - { - interact->result = authzid; - interact->len = strlen (authzid); - } - else if (interact->defresult != NULL) - { - interact->result = interact->defresult; - interact->len = strlen (interact->defresult); - } - else - { - interact->result = ""; - interact->len = 0; - } + { + if (authzid != NULL) + { + interact->result = authzid; + interact->len = strlen (authzid); + } + else if (interact->defresult != NULL) + { + interact->result = interact->defresult; + interact->len = strlen (interact->defresult); + } + else + { + interact->result = ""; + interact->len = 0; + } #if SASL_VERSION_MAJOR < 2 - interact->result = strdup (interact->result); - if (interact->result == NULL) - { - return LDAP_NO_MEMORY; - } + interact->result = strdup (interact->result); + if (interact->result == NULL) + { + return LDAP_NO_MEMORY; + } #endif /* SASL_VERSION_MAJOR < 2 */ - } + } else - { - return LDAP_PARAM_ERROR; - } + { + return LDAP_PARAM_ERROR; + } interact++; } return LDAP_SUCCESS; @@ -4000,10 +4000,10 @@ _nss_ldap_get_attributes (ldap_map_selector_t sel) if (sel < LM_NONE) { if (do_init () != NSS_SUCCESS) - { - debug ("<== _nss_ldap_get_attributes (init failed)"); - return NULL; - } + { + debug ("<== _nss_ldap_get_attributes (init failed)"); + return NULL; + } attrs = __session.ls_config->ldc_attrtab[sel]; } @@ -4036,7 +4036,7 @@ _nss_ldap_test_initgroups_ignoreuser (const char *user) for (p = __config->ldc_initgroups_ignoreusers; *p != NULL; p++) { if (strcmp (*p, user) == 0) - return 1; + return 1; } return 0; @@ -4069,7 +4069,7 @@ _nss_ldap_get_ld_errno (char **m, char **s) #if defined(HAVE_LDAP_GET_OPTION) && defined(LDAP_OPT_ERROR_STRING) rc = ldap_get_option (__session.ls_conn, LDAP_OPT_ERROR_STRING, s); if (rc != LDAP_SUCCESS) - return rc; + return rc; #else *s = ld->ld_error; #endif @@ -4080,7 +4080,7 @@ _nss_ldap_get_ld_errno (char **m, char **s) #if defined(HAVE_LDAP_GET_OPTION) && defined(LDAP_OPT_MATCHED_DN) rc = ldap_get_option (__session.ls_conn, LDAP_OPT_MATCHED_DN, m); if (rc != LDAP_SUCCESS) - return rc; + return rc; #else *m = ld->ld_matched; #endif @@ -87,23 +87,23 @@ * unacceptable, in which case you may wish to adjust * the constants below. */ -#define LDAP_NSS_TRIES 5 /* number of sleeping reconnect attempts */ -#define LDAP_NSS_SLEEPTIME 4 /* seconds to sleep; doubled until max */ -#define LDAP_NSS_MAXSLEEPTIME 64 /* maximum seconds to sleep */ -#define LDAP_NSS_MAXCONNTRIES 2 /* reconnect attempts before sleeping */ +#define LDAP_NSS_TRIES 5 /* number of sleeping reconnect attempts */ +#define LDAP_NSS_SLEEPTIME 4 /* seconds to sleep; doubled until max */ +#define LDAP_NSS_MAXSLEEPTIME 64 /* maximum seconds to sleep */ +#define LDAP_NSS_MAXCONNTRIES 2 /* reconnect attempts before sleeping */ #define LDAP_NSS_MAXGR_DEPTH 16 /* maximum depth of group nesting for getgrent()/initgroups() */ #if LDAP_NSS_NGROUPS > 64 -#define LDAP_NSS_BUFLEN_GROUP (NSS_BUFSIZ + (LDAP_NSS_NGROUPS * (sizeof (char *) + LOGNAME_MAX))) +#define LDAP_NSS_BUFLEN_GROUP (NSS_BUFSIZ + (LDAP_NSS_NGROUPS * (sizeof (char *) + LOGNAME_MAX))) #else -#define LDAP_NSS_BUFLEN_GROUP NSS_BUFSIZ +#define LDAP_NSS_BUFLEN_GROUP NSS_BUFSIZ #endif /* LDAP_NSS_NGROUPS > 64 */ -#define LDAP_NSS_BUFLEN_DEFAULT 0 +#define LDAP_NSS_BUFLEN_DEFAULT 0 #ifdef HAVE_USERSEC_H -#define LDAP_NSS_MAXUESS_ATTRS 8 /* maximum number of attributes in a getentry call */ +#define LDAP_NSS_MAXUESS_ATTRS 8 /* maximum number of attributes in a getentry call */ #endif /* HAVE_USERSEC_H */ #define LDAP_PAGESIZE 1000 @@ -169,11 +169,11 @@ debug (char *fmt, ...) #endif /* __GNUC__ */ #define align(ptr, blen, TYPE) do { \ - char *qtr = ptr; \ - ptr += alignof(TYPE) - 1; \ - ptr -= ((ptr - (char *)NULL) % alignof(TYPE)); \ - blen -= (ptr - qtr); \ - } while (0) + char *qtr = ptr; \ + ptr += alignof(TYPE) - 1; \ + ptr -= ((ptr - (char *)NULL) % alignof(TYPE)); \ + blen -= (ptr - qtr); \ + } while (0) /* worst case */ #define bytesleft(ptr, blen, TYPE) ( (blen < alignof(TYPE)) ? \ @@ -261,7 +261,7 @@ typedef struct ldap_service_search_descriptor ldap_service_search_descriptor_t; /* maximum number of URIs */ -#define NSS_LDAP_CONFIG_URI_MAX 31 +#define NSS_LDAP_CONFIG_URI_MAX 31 /* * linked list of configurations pointing to LDAP servers. The first @@ -483,19 +483,19 @@ struct ldap_args typedef struct ldap_args ldap_args_t; -#define LA_INIT(q) do { \ - (q).la_type = LA_TYPE_STRING; \ - (q).la_arg1.la_string = NULL; \ - (q).la_arg2.la_string = NULL; \ - (q).la_base = NULL; \ - } while (0) -#define LA_TYPE(q) ((q).la_type) -#define LA_STRING(q) ((q).la_arg1.la_string) -#define LA_NUMBER(q) ((q).la_arg1.la_number) -#define LA_TRIPLE(q) ((q).la_arg1.la_triple) -#define LA_STRING_LIST(q) ((q).la_arg1.la_string_list) -#define LA_STRING2(q) ((q).la_arg2.la_string) -#define LA_BASE(q) ((q).la_base) +#define LA_INIT(q) do { \ + (q).la_type = LA_TYPE_STRING; \ + (q).la_arg1.la_string = NULL; \ + (q).la_arg2.la_string = NULL; \ + (q).la_base = NULL; \ + } while (0) +#define LA_TYPE(q) ((q).la_type) +#define LA_STRING(q) ((q).la_arg1.la_string) +#define LA_NUMBER(q) ((q).la_arg1.la_number) +#define LA_TRIPLE(q) ((q).la_arg1.la_triple) +#define LA_STRING_LIST(q) ((q).la_arg1.la_string_list) +#define LA_STRING2(q) ((q).la_arg2.la_string) +#define LA_BASE(q) ((q).la_base) #include "ldap-parse.h" @@ -514,8 +514,8 @@ struct ldap_state { int ls_type; int ls_retry; -#define LS_TYPE_KEY (0) -#define LS_TYPE_INDEX (1) +#define LS_TYPE_KEY (0) +#define LS_TYPE_INDEX (1) union { /* ls_key is the requested attribute value. @@ -531,17 +531,17 @@ typedef struct ldap_state ldap_state_t; /* * LS_INIT only used for enumeration contexts */ -#define LS_INIT(state) do { state.ls_type = LS_TYPE_INDEX; state.ls_retry = 0; state.ls_info.ls_index = -1; } while (0) +#define LS_INIT(state) do { state.ls_type = LS_TYPE_INDEX; state.ls_retry = 0; state.ls_info.ls_index = -1; } while (0) /* * thread specific context: result chain, and state data */ struct ent_context { - ldap_state_t ec_state; /* eg. for services */ - int ec_msgid; /* message ID */ - LDAPMessage *ec_res; /* result chain */ - ldap_service_search_descriptor_t *ec_sd; /* current sd */ + ldap_state_t ec_state; /* eg. for services */ + int ec_msgid; /* message ID */ + LDAPMessage *ec_res; /* result chain */ + ldap_service_search_descriptor_t *ec_sd; /* current sd */ struct berval *ec_cookie; /* cookie for paged searches */ }; @@ -553,11 +553,11 @@ struct name_list struct name_list *next; }; -#define NSS_SUCCESS NSS_STATUS_SUCCESS -#define NSS_NOTFOUND NSS_STATUS_NOTFOUND -#define NSS_UNAVAIL NSS_STATUS_UNAVAIL -#define NSS_TRYAGAIN NSS_STATUS_TRYAGAIN -#define NSS_RETURN NSS_STATUS_RETURN +#define NSS_SUCCESS NSS_STATUS_SUCCESS +#define NSS_NOTFOUND NSS_STATUS_NOTFOUND +#define NSS_UNAVAIL NSS_STATUS_UNAVAIL +#define NSS_TRYAGAIN NSS_STATUS_TRYAGAIN +#define NSS_RETURN NSS_STATUS_RETURN /* to let us index a lookup table on enum nss_statuses */ @@ -568,39 +568,23 @@ struct name_list #endif typedef enum nss_status (*parser_t) (LDAPMessage *, ldap_state_t *, void *, - char *, size_t); + char *, size_t); /* * Portable locking macro. */ -#if defined(HAVE_THREAD_H) && !defined(_AIX) -#define NSS_LDAP_LOCK(m) mutex_lock(&m) -#define NSS_LDAP_UNLOCK(m) mutex_unlock(&m) -#define NSS_LDAP_DEFINE_LOCK(m) static mutex_t m = DEFAULTMUTEX +#if defined(HAVE_THREAD_H) +#define NSS_LDAP_LOCK(m) mutex_lock(&m) +#define NSS_LDAP_UNLOCK(m) mutex_unlock(&m) +#define NSS_LDAP_DEFINE_LOCK(m) static mutex_t m = DEFAULTMUTEX #elif defined(HAVE_LIBC_LOCK_H) || defined(HAVE_BITS_LIBC_LOCK_H) -#define NSS_LDAP_LOCK(m) __libc_lock_lock(m) -#define NSS_LDAP_UNLOCK(m) __libc_lock_unlock(m) -#define NSS_LDAP_DEFINE_LOCK(m) static pthread_mutex_t m = PTHREAD_MUTEX_INITIALIZER +#define NSS_LDAP_LOCK(m) __libc_lock_lock(m) +#define NSS_LDAP_UNLOCK(m) __libc_lock_unlock(m) +#define NSS_LDAP_DEFINE_LOCK(m) static pthread_mutex_t m = PTHREAD_MUTEX_INITIALIZER #elif defined(HAVE_PTHREAD_H) -#ifdef HPUX -# define NSS_LDAP_LOCK(m) __thread_mutex_lock(&m) -# define NSS_LDAP_UNLOCK(m) __thread_mutex_unlock(&m) -# define NSS_LDAP_DEFINE_LOCK(m) static pthread_mutex_t m = PTHREAD_MUTEX_INITIALIZER -#elif defined(_AIX) -# define NSS_LDAP_LOCK(m) do { \ - if (__multi_threaded) \ - pthread_mutex_lock(&m); \ - } while (0) -# define NSS_LDAP_UNLOCK(m) do { \ - if (__multi_threaded) \ - pthread_mutex_unlock(&m); \ - } while (0) -# define NSS_LDAP_DEFINE_LOCK(m) static pthread_mutex_t m = PTHREAD_MUTEX_INITIALIZER -#else -# define NSS_LDAP_LOCK(m) pthread_mutex_lock(&m) -# define NSS_LDAP_UNLOCK(m) pthread_mutex_unlock(&m) -# define NSS_LDAP_DEFINE_LOCK(m) static pthread_mutex_t m = PTHREAD_MUTEX_INITIALIZER -#endif /* HPUX || _AIX */ +# define NSS_LDAP_LOCK(m) pthread_mutex_lock(&m) +# define NSS_LDAP_UNLOCK(m) pthread_mutex_unlock(&m) +# define NSS_LDAP_DEFINE_LOCK(m) static pthread_mutex_t m = PTHREAD_MUTEX_INITIALIZER #else #define NSS_LDAP_LOCK(m) #define NSS_LDAP_UNLOCK(m) @@ -673,94 +657,94 @@ const char **_nss_ldap_get_attributes (ldap_map_selector_t sel); /* * Synchronous search cover (caller acquires lock). */ -enum nss_status _nss_ldap_search_s (const ldap_args_t * args, /* IN */ - const char *filterprot, /* IN */ - ldap_map_selector_t sel, /* IN */ - const char **user_attrs, /* IN */ - int sizelimit, /* IN */ - LDAPMessage ** pRes /* OUT */ ); +enum nss_status _nss_ldap_search_s (const ldap_args_t * args, /* IN */ + const char *filterprot, /* IN */ + ldap_map_selector_t sel, /* IN */ + const char **user_attrs, /* IN */ + int sizelimit, /* IN */ + LDAPMessage ** pRes /* OUT */ ); /* * Asynchronous search cover (caller acquires lock). */ -enum nss_status _nss_ldap_search (const ldap_args_t * args, /* IN */ - const char *filterprot, /* IN */ - ldap_map_selector_t sel, /* IN */ - const char **user_attrs, /* IN */ - int sizelimit, /* IN */ - int *pMsgid, /* OUT */ - ldap_service_search_descriptor_t **s /*IN/OUT*/ ); +enum nss_status _nss_ldap_search (const ldap_args_t * args, /* IN */ + const char *filterprot, /* IN */ + ldap_map_selector_t sel, /* IN */ + const char **user_attrs, /* IN */ + int sizelimit, /* IN */ + int *pMsgid, /* OUT */ + ldap_service_search_descriptor_t **s /*IN/OUT*/ ); /* * Emulate X.500 read operation. */ -enum nss_status _nss_ldap_read (const char *dn, /* IN */ - const char **attributes, /* IN */ - LDAPMessage ** pRes /* OUT */ ); +enum nss_status _nss_ldap_read (const char *dn, /* IN */ + const char **attributes, /* IN */ + LDAPMessage ** pRes /* OUT */ ); /* * extended enumeration routine; uses asynchronous API. * Caller must have acquired the global mutex */ enum nss_status _nss_ldap_getent_ex (ldap_args_t * args, /* IN */ - ent_context_t ** key, /* IN/OUT */ - void *result, /* IN/OUT */ - char *buffer, /* IN */ - size_t buflen, /* IN */ - int *errnop, /* OUT */ - const char *filterprot, /* IN */ - ldap_map_selector_t sel, /* IN */ - const char **user_attrs, /* IN */ - parser_t parser /* IN */ ); + ent_context_t ** key, /* IN/OUT */ + void *result, /* IN/OUT */ + char *buffer, /* IN */ + size_t buflen, /* IN */ + int *errnop, /* OUT */ + const char *filterprot, /* IN */ + ldap_map_selector_t sel, /* IN */ + const char **user_attrs, /* IN */ + parser_t parser /* IN */ ); /* * common enumeration routine; uses asynchronous API. * Acquires the global mutex */ -enum nss_status _nss_ldap_getent (ent_context_t ** key, /* IN/OUT */ - void *result, /* IN/OUT */ - char *buffer, /* IN */ - size_t buflen, /* IN */ - int *errnop, /* OUT */ - const char *filterprot, /* IN */ - ldap_map_selector_t sel, /* IN */ - parser_t parser /* IN */ ); +enum nss_status _nss_ldap_getent (ent_context_t ** key, /* IN/OUT */ + void *result, /* IN/OUT */ + char *buffer, /* IN */ + size_t buflen, /* IN */ + int *errnop, /* OUT */ + const char *filterprot, /* IN */ + ldap_map_selector_t sel, /* IN */ + parser_t parser /* IN */ ); /* * common lookup routine; uses synchronous API. */ -enum nss_status _nss_ldap_getbyname (ldap_args_t * args, /* IN/OUT */ - void *result, /* IN/OUT */ - char *buffer, /* IN */ - size_t buflen, /* IN */ - int *errnop, /* OUT */ - const char *filterprot, /* IN */ - ldap_map_selector_t sel, /* IN */ - parser_t parser /* IN */ ); +enum nss_status _nss_ldap_getbyname (ldap_args_t * args, /* IN/OUT */ + void *result, /* IN/OUT */ + char *buffer, /* IN */ + size_t buflen, /* IN */ + int *errnop, /* OUT */ + const char *filterprot, /* IN */ + ldap_map_selector_t sel, /* IN */ + parser_t parser /* IN */ ); /* parsing utility functions */ -enum nss_status _nss_ldap_assign_attrvals (LDAPMessage * e, /* IN */ - const char *attr, /* IN */ - const char *omitvalue, /* IN */ - char ***valptr, /* OUT */ - char **buffer, /* IN/OUT */ - size_t * buflen, /* IN/OUT */ - size_t * pvalcount /* OUT */ ); +enum nss_status _nss_ldap_assign_attrvals (LDAPMessage * e, /* IN */ + const char *attr, /* IN */ + const char *omitvalue, /* IN */ + char ***valptr, /* OUT */ + char **buffer, /* IN/OUT */ + size_t * buflen, /* IN/OUT */ + size_t * pvalcount /* OUT */ ); -enum nss_status _nss_ldap_assign_attrval (LDAPMessage * e, /* IN */ - const char *attr, /* IN */ - char **valptr, /* OUT */ - char **buffer, /* IN/OUT */ - size_t * buflen /* IN/OUT */ ); +enum nss_status _nss_ldap_assign_attrval (LDAPMessage * e, /* IN */ + const char *attr, /* IN */ + char **valptr, /* OUT */ + char **buffer, /* IN/OUT */ + size_t * buflen /* IN/OUT */ ); const char *_nss_ldap_locate_userpassword (char **vals); -enum nss_status _nss_ldap_assign_userpassword (LDAPMessage * e, /* IN */ - const char *attr, /* IN */ - char **valptr, /* OUT */ - char **buffer, /* IN/OUT */ - size_t * buflen); /* IN/OUT */ +enum nss_status _nss_ldap_assign_userpassword (LDAPMessage * e, /* IN */ + const char *attr, /* IN */ + char **valptr, /* OUT */ + char **buffer, /* IN/OUT */ + size_t * buflen); /* IN/OUT */ enum nss_status _nss_ldap_oc_check (LDAPMessage * e, const char *oc); @@ -768,19 +752,19 @@ enum nss_status _nss_ldap_oc_check (LDAPMessage * e, const char *oc); int _nss_ldap_shadow_date(const char *val); void _nss_ldap_shadow_handle_flag(struct spwd *sp); #else -#define _nss_ldap_shadow_date(_v) atol((_v)) -#define _nss_ldap_shadow_handle_flag(_sp) do { /* nothing */ } while (0) +#define _nss_ldap_shadow_date(_v) atol((_v)) +#define _nss_ldap_shadow_handle_flag(_sp) do { /* nothing */ } while (0) #endif /* HAVE_SHADOW_H */ enum nss_status _nss_ldap_map_put (ldap_config_t * config, ldap_map_selector_t sel, ldap_map_type_t map, - const char *key, const char *value); + const char *key, const char *value); enum nss_status _nss_ldap_map_get (ldap_config_t * config, ldap_map_selector_t sel, ldap_map_type_t map, - const char *key, const char **value); + const char *key, const char **value); const char *_nss_ldap_map_at (ldap_map_selector_t sel, const char *pChar2); const char *_nss_ldap_unmap_at (ldap_map_selector_t sel, const char *attribute); diff --git a/ldap-parse.h b/ldap-parse.h index 083e9c7..90ff301 100644 --- a/ldap-parse.h +++ b/ldap-parse.h @@ -26,40 +26,40 @@ #define _LDAP_NSS_LDAP_LDAP_PARSE_H #define LOOKUP_NAME(name, result, buffer, buflen, errnop, filter, selector, parser, req_buflen) \ - ldap_args_t a; \ - if (buflen < req_buflen) { \ - *errnop = ERANGE; \ - return NSS_TRYAGAIN; \ - } \ - LA_INIT(a); \ - LA_STRING(a) = name; \ - LA_TYPE(a) = LA_TYPE_STRING; \ - return _nss_ldap_getbyname(&a, result, buffer, buflen, errnop, filter, selector, parser); + ldap_args_t a; \ + if (buflen < req_buflen) { \ + *errnop = ERANGE; \ + return NSS_TRYAGAIN; \ + } \ + LA_INIT(a); \ + LA_STRING(a) = name; \ + LA_TYPE(a) = LA_TYPE_STRING; \ + return _nss_ldap_getbyname(&a, result, buffer, buflen, errnop, filter, selector, parser); #define LOOKUP_NUMBER(number, result, buffer, buflen, errnop, filter, selector, parser, req_buflen) \ - ldap_args_t a; \ - if (buflen < req_buflen) { \ - *errnop = ERANGE; \ - return NSS_TRYAGAIN; \ - } \ - LA_INIT(a); \ - LA_NUMBER(a) = number; \ - LA_TYPE(a) = LA_TYPE_NUMBER; \ - return _nss_ldap_getbyname(&a, result, buffer, buflen, errnop, filter, selector, parser) + ldap_args_t a; \ + if (buflen < req_buflen) { \ + *errnop = ERANGE; \ + return NSS_TRYAGAIN; \ + } \ + LA_INIT(a); \ + LA_NUMBER(a) = number; \ + LA_TYPE(a) = LA_TYPE_NUMBER; \ + return _nss_ldap_getbyname(&a, result, buffer, buflen, errnop, filter, selector, parser) #define LOOKUP_GETENT(key, result, buffer, buflen, errnop, filter, selector, parser, req_buflen) \ - if (buflen < req_buflen) { \ - *errnop = ERANGE; \ - return NSS_TRYAGAIN; \ - } \ - return _nss_ldap_getent(&key, result, buffer, buflen, errnop, filter, selector, parser) + if (buflen < req_buflen) { \ + *errnop = ERANGE; \ + return NSS_TRYAGAIN; \ + } \ + return _nss_ldap_getent(&key, result, buffer, buflen, errnop, filter, selector, parser) #define LOOKUP_SETENT(key) \ - if (_nss_ldap_ent_context_init(&key) == NULL) \ - return NSS_UNAVAIL; \ - return NSS_SUCCESS + if (_nss_ldap_ent_context_init(&key) == NULL) \ + return NSS_UNAVAIL; \ + return NSS_SUCCESS #define LOOKUP_ENDENT(key) \ - _nss_ldap_enter(); \ - _nss_ldap_ent_context_release(key); \ - _nss_ldap_leave(); \ - return NSS_SUCCESS + _nss_ldap_enter(); \ + _nss_ldap_ent_context_release(key); \ + _nss_ldap_leave(); \ + return NSS_SUCCESS #endif /* _LDAP_NSS_LDAP_LDAP_PARSE_H */ diff --git a/ldap-proto.c b/ldap-proto.c index 95328c0..3808cb4 100644 --- a/ldap-proto.c +++ b/ldap-proto.c @@ -33,7 +33,7 @@ #include <port_before.h> #endif -#if defined(HAVE_THREAD_H) && !defined(_AIX) +#if defined(HAVE_THREAD_H) #include <thread.h> #elif defined(HAVE_PTHREAD_H) #include <pthread.h> @@ -63,8 +63,8 @@ static ent_context_t *proto_context = NULL; static enum nss_status _nss_ldap_parse_proto (LDAPMessage * e, - ldap_state_t * pvt, - void *result, char *buffer, size_t buflen) + ldap_state_t * pvt, + void *result, char *buffer, size_t buflen) { struct protoent *proto = (struct protoent *) result; @@ -79,7 +79,7 @@ _nss_ldap_parse_proto (LDAPMessage * e, stat = _nss_ldap_assign_attrval (e, AT (ipProtocolNumber), &number, &buffer, - &buflen); + &buflen); if (stat != NSS_SUCCESS) return stat; @@ -87,7 +87,7 @@ _nss_ldap_parse_proto (LDAPMessage * e, stat = _nss_ldap_assign_attrvals (e, ATM (LM_PROTOCOLS, cn), proto->p_name, - &proto->p_aliases, &buffer, &buflen, NULL); + &proto->p_aliases, &buffer, &buflen, NULL); if (stat != NSS_SUCCESS) return stat; @@ -96,20 +96,20 @@ _nss_ldap_parse_proto (LDAPMessage * e, enum nss_status _nss_ldap_getprotobyname_r (const char *name, struct protoent *result, - char *buffer, size_t buflen, int *errnop) + char *buffer, size_t buflen, int *errnop) { LOOKUP_NAME (name, result, buffer, buflen, errnop, - _nss_ldap_filt_getprotobyname, LM_PROTOCOLS, - _nss_ldap_parse_proto, LDAP_NSS_BUFLEN_DEFAULT); + _nss_ldap_filt_getprotobyname, LM_PROTOCOLS, + _nss_ldap_parse_proto, LDAP_NSS_BUFLEN_DEFAULT); } enum nss_status _nss_ldap_getprotobynumber_r (int number, struct protoent *result, - char *buffer, size_t buflen, int *errnop) + char *buffer, size_t buflen, int *errnop) { LOOKUP_NUMBER (number, result, buffer, buflen, errnop, - _nss_ldap_filt_getprotobynumber, LM_PROTOCOLS, - _nss_ldap_parse_proto, LDAP_NSS_BUFLEN_DEFAULT); + _nss_ldap_filt_getprotobynumber, LM_PROTOCOLS, + _nss_ldap_parse_proto, LDAP_NSS_BUFLEN_DEFAULT); } enum nss_status _nss_ldap_setprotoent (void) @@ -124,9 +124,9 @@ _nss_ldap_getprotobynumber_r (int number, struct protoent *result, enum nss_status _nss_ldap_getprotoent_r (struct protoent *result, char *buffer, size_t buflen, - int *errnop) + int *errnop) { LOOKUP_GETENT (proto_context, result, buffer, buflen, errnop, - _nss_ldap_filt_getprotoent, LM_PROTOCOLS, - _nss_ldap_parse_proto, LDAP_NSS_BUFLEN_DEFAULT); + _nss_ldap_filt_getprotoent, LM_PROTOCOLS, + _nss_ldap_parse_proto, LDAP_NSS_BUFLEN_DEFAULT); } diff --git a/ldap-proto.h b/ldap-proto.h index f075d72..587dc62 100644 --- a/ldap-proto.h +++ b/ldap-proto.h @@ -32,8 +32,8 @@ static enum nss_status _nss_ldap_parse_proto (LDAPMessage * e, - ldap_state_t * pvt, - void *result, - char *buffer, size_t buflen); + ldap_state_t * pvt, + void *result, + char *buffer, size_t buflen); #endif /* _LDAP_NSS_LDAP_LDAP_PROTO_H */ @@ -25,7 +25,7 @@ #include <port_before.h> #endif -#if defined(HAVE_THREAD_H) && !defined(_AIX) +#if defined(HAVE_THREAD_H) #include <thread.h> #elif defined(HAVE_PTHREAD_H) #include <pthread.h> @@ -55,8 +55,8 @@ static ent_context_t *pw_context = NULL; static INLINE enum nss_status _nss_ldap_assign_emptystring (char **valptr, - char **buffer, - size_t * buflen); + char **buffer, + size_t * buflen); static INLINE enum nss_status _nss_ldap_assign_emptystring (char **valptr, char **buffer, size_t * buflen) @@ -76,8 +76,8 @@ _nss_ldap_assign_emptystring (char **valptr, char **buffer, size_t * buflen) static enum nss_status _nss_ldap_parse_pw (LDAPMessage * e, - ldap_state_t * pvt, - void *result, char *buffer, size_t buflen) + ldap_state_t * pvt, + void *result, char *buffer, size_t buflen) { struct passwd *pw = (struct passwd *) result; char *uid, *gid; @@ -92,7 +92,7 @@ _nss_ldap_parse_pw (LDAPMessage * e, { /* don't include password for shadowAccount */ if (buflen < 3) - return NSS_TRYAGAIN; + return NSS_TRYAGAIN; pw->pw_passwd = buffer; strcpy (buffer, "x"); @@ -102,15 +102,15 @@ _nss_ldap_parse_pw (LDAPMessage * e, else { stat = - _nss_ldap_assign_userpassword (e, ATM (LM_PASSWD, userPassword), - &pw->pw_passwd, &buffer, &buflen); + _nss_ldap_assign_userpassword (e, ATM (LM_PASSWD, userPassword), + &pw->pw_passwd, &buffer, &buflen); if (stat != NSS_SUCCESS) - return stat; + return stat; } stat = _nss_ldap_assign_attrval (e, ATM (LM_PASSWD, uid), &pw->pw_name, &buffer, - &buflen); + &buflen); if (stat != NSS_SUCCESS) return stat; @@ -133,26 +133,26 @@ _nss_ldap_parse_pw (LDAPMessage * e, stat = _nss_ldap_assign_attrval (e, AT (gecos), &pw->pw_gecos, &buffer, - &buflen); + &buflen); if (stat != NSS_SUCCESS) { pw->pw_gecos = NULL; stat = - _nss_ldap_assign_attrval (e, ATM (LM_PASSWD, cn), &pw->pw_gecos, + _nss_ldap_assign_attrval (e, ATM (LM_PASSWD, cn), &pw->pw_gecos, &buffer, &buflen); if (stat != NSS_SUCCESS) - return stat; + return stat; } stat = _nss_ldap_assign_attrval (e, AT (homeDirectory), &pw->pw_dir, &buffer, - &buflen); + &buflen); if (stat != NSS_SUCCESS) (void) _nss_ldap_assign_emptystring (&pw->pw_dir, &buffer, &buflen); stat = _nss_ldap_assign_attrval (e, AT (loginShell), &pw->pw_shell, &buffer, - &buflen); + &buflen); if (stat != NSS_SUCCESS) (void) _nss_ldap_assign_emptystring (&pw->pw_shell, &buffer, &buflen); @@ -167,11 +167,11 @@ _nss_ldap_parse_pw (LDAPMessage * e, tmp = NULL; stat = _nss_ldap_assign_attrval (e, AT (shadowLastChange), &tmp, &buffer, - &buflen); + &buflen); if (stat == NSS_SUCCESS) pw->pw_change += atol(tmp); else - pw->pw_change = 0; + pw->pw_change = 0; } #endif /* HAVE_PASSWD_PW_CHANGE */ @@ -187,20 +187,20 @@ _nss_ldap_parse_pw (LDAPMessage * e, enum nss_status _nss_ldap_getpwnam_r (const char *name, - struct passwd * result, - char *buffer, size_t buflen, int *errnop) + struct passwd * result, + char *buffer, size_t buflen, int *errnop) { LOOKUP_NAME (name, result, buffer, buflen, errnop, _nss_ldap_filt_getpwnam, - LM_PASSWD, _nss_ldap_parse_pw, LDAP_NSS_BUFLEN_DEFAULT); + LM_PASSWD, _nss_ldap_parse_pw, LDAP_NSS_BUFLEN_DEFAULT); } enum nss_status _nss_ldap_getpwuid_r (uid_t uid, - struct passwd *result, - char *buffer, size_t buflen, int *errnop) + struct passwd *result, + char *buffer, size_t buflen, int *errnop) { LOOKUP_NUMBER (uid, result, buffer, buflen, errnop, _nss_ldap_filt_getpwuid, - LM_PASSWD, _nss_ldap_parse_pw, LDAP_NSS_BUFLEN_DEFAULT); + LM_PASSWD, _nss_ldap_parse_pw, LDAP_NSS_BUFLEN_DEFAULT); } enum nss_status @@ -217,9 +217,9 @@ _nss_ldap_endpwent (void) enum nss_status _nss_ldap_getpwent_r (struct passwd *result, - char *buffer, size_t buflen, int *errnop) + char *buffer, size_t buflen, int *errnop) { LOOKUP_GETENT (pw_context, result, buffer, buflen, errnop, - _nss_ldap_filt_getpwent, LM_PASSWD, _nss_ldap_parse_pw, - LDAP_NSS_BUFLEN_DEFAULT); + _nss_ldap_filt_getpwent, LM_PASSWD, _nss_ldap_parse_pw, + LDAP_NSS_BUFLEN_DEFAULT); } @@ -33,7 +33,7 @@ #include <port_before.h> #endif -#if defined(HAVE_THREAD_H) && !defined(_AIX) +#if defined(HAVE_THREAD_H) #include <thread.h> #elif defined(HAVE_PTHREAD_H) #include <pthread.h> @@ -68,8 +68,8 @@ static ent_context_t *rpc_context = NULL; static enum nss_status _nss_ldap_parse_rpc (LDAPMessage * e, - ldap_state_t * pvt, - void *result, char *buffer, size_t buflen) + ldap_state_t * pvt, + void *result, char *buffer, size_t buflen) { struct rpcent *rpc = (struct rpcent *) result; @@ -84,7 +84,7 @@ _nss_ldap_parse_rpc (LDAPMessage * e, stat = _nss_ldap_assign_attrval (e, AT (oncRpcNumber), &number, &buffer, - &buflen); + &buflen); if (stat != NSS_SUCCESS) return stat; @@ -101,20 +101,20 @@ _nss_ldap_parse_rpc (LDAPMessage * e, enum nss_status _nss_ldap_getrpcbyname_r (const char *name, struct rpcent *result, - char *buffer, size_t buflen, int *errnop) + char *buffer, size_t buflen, int *errnop) { LOOKUP_NAME (name, result, buffer, buflen, errnop, - _nss_ldap_filt_getrpcbyname, LM_RPC, _nss_ldap_parse_rpc, - LDAP_NSS_BUFLEN_DEFAULT); + _nss_ldap_filt_getrpcbyname, LM_RPC, _nss_ldap_parse_rpc, + LDAP_NSS_BUFLEN_DEFAULT); } enum nss_status _nss_ldap_getrpcbynumber_r (int number, struct rpcent *result, - char *buffer, size_t buflen, int *errnop) + char *buffer, size_t buflen, int *errnop) { LOOKUP_NUMBER (number, result, buffer, buflen, errnop, - _nss_ldap_filt_getrpcbynumber, LM_RPC, _nss_ldap_parse_rpc, - LDAP_NSS_BUFLEN_DEFAULT); + _nss_ldap_filt_getrpcbynumber, LM_RPC, _nss_ldap_parse_rpc, + LDAP_NSS_BUFLEN_DEFAULT); } enum nss_status _nss_ldap_setrpcent (void) @@ -129,9 +129,9 @@ _nss_ldap_getrpcbynumber_r (int number, struct rpcent *result, enum nss_status _nss_ldap_getrpcent_r (struct rpcent *result, char *buffer, size_t buflen, - int *errnop) + int *errnop) { LOOKUP_GETENT (rpc_context, result, buffer, buflen, errnop, - _nss_ldap_filt_getrpcent, LM_RPC, _nss_ldap_parse_rpc, - LDAP_NSS_BUFLEN_DEFAULT); + _nss_ldap_filt_getrpcent, LM_RPC, _nss_ldap_parse_rpc, + LDAP_NSS_BUFLEN_DEFAULT); } @@ -31,8 +31,8 @@ */ static enum nss_status _nss_ldap_parse_rpc (LDAPMessage * e, - ldap_state_t * pvt, - void *result, - char *buffer, size_t buflen); + ldap_state_t * pvt, + void *result, + char *buffer, size_t buflen); #endif /* _LDAP_NSS_LDAP_LDAP_RPC_H */ diff --git a/ldap-schema.c b/ldap-schema.c index 746a301..f636292 100644 --- a/ldap-schema.c +++ b/ldap-schema.c @@ -27,7 +27,7 @@ #include <port_before.h> #endif -#if defined(HAVE_THREAD_H) && !defined(_AIX) +#if defined(HAVE_THREAD_H) #include <thread.h> #elif defined(HAVE_PTHREAD_H) #include <pthread.h> @@ -134,136 +134,136 @@ _nss_ldap_init_filters () { /* rfc822 mail aliases */ snprintf (_nss_ldap_filt_getaliasbyname, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (nisMailAlias), + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (nisMailAlias), ATM (LM_ALIASES, cn), "%s"); snprintf (_nss_ldap_filt_getaliasent, LDAP_FILT_MAXSIZ, - "(%s=%s)", AT (objectClass), OC (nisMailAlias)); + "(%s=%s)", AT (objectClass), OC (nisMailAlias)); /* boot parameters */ snprintf (_nss_ldap_filt_getbootparamsbyname, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (bootableDevice), + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (bootableDevice), ATM (LM_BOOTPARAMS, cn), "%d"); /* MAC address mappings */ snprintf (_nss_ldap_filt_gethostton, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (ieee802Device), + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (ieee802Device), ATM (LM_ETHERS, cn), "%s"); snprintf (_nss_ldap_filt_getntohost, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (ieee802Device), AT (macAddress), - "%s"); + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (ieee802Device), AT (macAddress), + "%s"); snprintf (_nss_ldap_filt_getetherent, LDAP_FILT_MAXSIZ, "(%s=%s)", - AT (objectClass), OC (ieee802Device)); + AT (objectClass), OC (ieee802Device)); /* groups */ snprintf (_nss_ldap_filt_getgrnam, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (posixGroup), + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (posixGroup), ATM (LM_GROUP, cn), "%s"); snprintf (_nss_ldap_filt_getgrgid, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (posixGroup), + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (posixGroup), ATM (LM_GROUP, gidNumber), "%d"); snprintf (_nss_ldap_filt_getgrent, LDAP_FILT_MAXSIZ, "(&(%s=%s))", - AT (objectClass), OC (posixGroup)); + AT (objectClass), OC (posixGroup)); snprintf (_nss_ldap_filt_getgroupsbymemberanddn, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(|(%s=%s)(%s=%s)))", - AT (objectClass), OC (posixGroup), AT (memberUid), "%s", AT (uniqueMember), "%s"); + "(&(%s=%s)(|(%s=%s)(%s=%s)))", + AT (objectClass), OC (posixGroup), AT (memberUid), "%s", AT (uniqueMember), "%s"); snprintf (_nss_ldap_filt_getgroupsbydn, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", - AT (objectClass), OC (posixGroup), AT (uniqueMember), "%s"); + "(&(%s=%s)(%s=%s))", + AT (objectClass), OC (posixGroup), AT (uniqueMember), "%s"); snprintf (_nss_ldap_filt_getpwnam_groupsbymember, LDAP_FILT_MAXSIZ, - "(|(&(%s=%s)(%s=%s))(&(%s=%s)(%s=%s)))", - AT (objectClass), OC (posixGroup), AT (memberUid), "%s", - AT (objectClass), OC (posixAccount), ATM (LM_PASSWD, uid), "%s"); + "(|(&(%s=%s)(%s=%s))(&(%s=%s)(%s=%s)))", + AT (objectClass), OC (posixGroup), AT (memberUid), "%s", + AT (objectClass), OC (posixAccount), ATM (LM_PASSWD, uid), "%s"); snprintf (_nss_ldap_filt_getgroupsbymember, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (posixGroup), AT (memberUid), - "%s"); + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (posixGroup), AT (memberUid), + "%s"); /* IP hosts */ snprintf (_nss_ldap_filt_gethostbyname, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (ipHost), ATM (LM_HOSTS, cn), + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (ipHost), ATM (LM_HOSTS, cn), "%s"); snprintf (_nss_ldap_filt_gethostbyaddr, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (ipHost), AT (ipHostNumber), - "%s"); + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (ipHost), AT (ipHostNumber), + "%s"); snprintf (_nss_ldap_filt_gethostent, LDAP_FILT_MAXSIZ, "(%s=%s)", - AT (objectClass), OC (ipHost)); + AT (objectClass), OC (ipHost)); /* IP networks */ snprintf (_nss_ldap_filt_getnetbyname, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (ipNetwork), + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (ipNetwork), ATM (LM_NETWORKS, cn), "%s"); snprintf (_nss_ldap_filt_getnetbyaddr, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (ipNetwork), - AT (ipNetworkNumber), "%s"); + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (ipNetwork), + AT (ipNetworkNumber), "%s"); snprintf (_nss_ldap_filt_getnetent, LDAP_FILT_MAXSIZ, "(%s=%s)", - AT (objectClass), OC (ipNetwork)); + AT (objectClass), OC (ipNetwork)); /* IP protocols */ snprintf (_nss_ldap_filt_getprotobyname, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (ipProtocol), + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (ipProtocol), ATM (LM_PROTOCOLS, cn), "%s"); snprintf (_nss_ldap_filt_getprotobynumber, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (ipProtocol), - AT (ipProtocolNumber), "%d"); + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (ipProtocol), + AT (ipProtocolNumber), "%d"); snprintf (_nss_ldap_filt_getprotoent, LDAP_FILT_MAXSIZ, "(%s=%s)", - AT (objectClass), OC (ipProtocol)); + AT (objectClass), OC (ipProtocol)); /* users */ snprintf (_nss_ldap_filt_getpwnam, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (posixAccount), + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (posixAccount), ATM (LM_PASSWD, uid), "%s"); snprintf (_nss_ldap_filt_getpwuid, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", - AT (objectClass), OC (posixAccount), AT (uidNumber), "%d"); + "(&(%s=%s)(%s=%s))", + AT (objectClass), OC (posixAccount), AT (uidNumber), "%d"); snprintf (_nss_ldap_filt_getpwent, LDAP_FILT_MAXSIZ, - "(%s=%s)", AT (objectClass), OC (posixAccount)); + "(%s=%s)", AT (objectClass), OC (posixAccount)); /* RPCs */ snprintf (_nss_ldap_filt_getrpcbyname, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (oncRpc), ATM (LM_RPC, cn), "%s"); + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (oncRpc), ATM (LM_RPC, cn), "%s"); snprintf (_nss_ldap_filt_getrpcbynumber, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (oncRpc), AT (oncRpcNumber), - "%d"); + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (oncRpc), AT (oncRpcNumber), + "%d"); snprintf (_nss_ldap_filt_getrpcent, LDAP_FILT_MAXSIZ, "(%s=%s)", - AT (objectClass), OC (oncRpc)); + AT (objectClass), OC (oncRpc)); /* IP services */ snprintf (_nss_ldap_filt_getservbyname, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (ipService), ATM (LM_SERVICES, cn), + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (ipService), ATM (LM_SERVICES, cn), "%s"); snprintf (_nss_ldap_filt_getservbynameproto, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s)(%s=%s))", - AT (objectClass), OC (ipService), ATM (LM_SERVICES, cn), "%s", AT (ipServiceProtocol), + "(&(%s=%s)(%s=%s)(%s=%s))", + AT (objectClass), OC (ipService), ATM (LM_SERVICES, cn), "%s", AT (ipServiceProtocol), "%s"); snprintf (_nss_ldap_filt_getservbyport, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (ipService), AT (ipServicePort), - "%d"); + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (ipService), AT (ipServicePort), + "%d"); snprintf (_nss_ldap_filt_getservbyportproto, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s)(%s=%s))", AT (objectClass), OC (ipService), - AT (ipServicePort), "%d", AT (ipServiceProtocol), "%s"); + "(&(%s=%s)(%s=%s)(%s=%s))", AT (objectClass), OC (ipService), + AT (ipServicePort), "%d", AT (ipServiceProtocol), "%s"); snprintf (_nss_ldap_filt_getservent, LDAP_FILT_MAXSIZ, "(%s=%s)", - AT (objectClass), OC (ipService)); + AT (objectClass), OC (ipService)); /* shadow users */ snprintf (_nss_ldap_filt_getspnam, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (shadowAccount), + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (shadowAccount), ATM (LM_SHADOW, uid), "%s"); snprintf (_nss_ldap_filt_getspent, LDAP_FILT_MAXSIZ, - "(%s=%s)", AT (objectClass), OC (shadowAccount)); + "(%s=%s)", AT (objectClass), OC (shadowAccount)); /* netgroups */ snprintf (_nss_ldap_filt_getnetgrent, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (nisNetgroup), + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (nisNetgroup), ATM (LM_NETGROUP, cn), "%s"); snprintf (_nss_ldap_filt_innetgr, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (nisNetgroup), AT (memberNisNetgroup), "%s"); + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (nisNetgroup), AT (memberNisNetgroup), "%s"); /* automounts */ snprintf (_nss_ldap_filt_setautomntent, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (automountMap), AT (automountMapName), "%s"); + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (automountMap), AT (automountMapName), "%s"); snprintf (_nss_ldap_filt_getautomntent, LDAP_FILT_MAXSIZ, - "(%s=%s)", AT (objectClass), OC (automount)); + "(%s=%s)", AT (objectClass), OC (automount)); snprintf (_nss_ldap_filt_getautomntbyname, LDAP_FILT_MAXSIZ, - "(&(%s=%s)(%s=%s))", AT (objectClass), OC (automount), AT (automountKey), "%s"); + "(&(%s=%s)(%s=%s))", AT (objectClass), OC (automount), AT (automountKey), "%s"); } static void init_pwd_attributes (const char ***pwd_attrs); diff --git a/ldap-schema.h b/ldap-schema.h index 4d2d900..9875532 100644 --- a/ldap-schema.h +++ b/ldap-schema.h @@ -25,7 +25,7 @@ #define _LDAP_NSS_LDAP_LDAP_SCHEMA_H /* max number of attributes per object class */ -#define ATTRTAB_SIZE 15 +#define ATTRTAB_SIZE 15 /** * function to initialize global lookup filters. @@ -132,7 +132,7 @@ extern char _nss_ldap_filt_getautomntbyname[]; * Vendor-specific attributes and object classes. * (Mainly from Sun.) */ -#define OC_nisMailAlias "nisMailAlias" +#define OC_nisMailAlias "nisMailAlias" #define AT_rfc822MailMember "rfc822MailMember" /** diff --git a/ldap-service.c b/ldap-service.c index 7f137e0..5f1a02d 100644 --- a/ldap-service.c +++ b/ldap-service.c @@ -33,7 +33,7 @@ #include <port_before.h> #endif -#if defined(HAVE_THREAD_H) && !defined(_AIX) +#if defined(HAVE_THREAD_H) #include <thread.h> #elif defined(HAVE_PTHREAD_H) #include <pthread.h> @@ -68,8 +68,8 @@ static ent_context_t *serv_context = NULL; static enum nss_status _nss_ldap_parse_serv (LDAPMessage * e, - ldap_state_t * state, - void *result, char *buffer, size_t buflen) + ldap_state_t * state, + void *result, char *buffer, size_t buflen) { struct servent *service = (struct servent *) result; char *port; @@ -83,66 +83,66 @@ _nss_ldap_parse_serv (LDAPMessage * e, if (state->ls_type == LS_TYPE_KEY) { if (state->ls_info.ls_key == NULL) - { - /* non-deterministic behaviour is ok */ - stat = - _nss_ldap_assign_attrval (e, AT (ipServiceProtocol), - &service->s_proto, &buffer, &buflen); - if (stat != NSS_SUCCESS) - { - return stat; - } - } + { + /* non-deterministic behaviour is ok */ + stat = + _nss_ldap_assign_attrval (e, AT (ipServiceProtocol), + &service->s_proto, &buffer, &buflen); + if (stat != NSS_SUCCESS) + { + return stat; + } + } else - { - register int len; - len = strlen (state->ls_info.ls_key); - if (buflen < (size_t) (len + 1)) - { - return NSS_TRYAGAIN; - } - strncpy (buffer, state->ls_info.ls_key, len); - buffer[len] = '\0'; - service->s_proto = buffer; - buffer += len + 1; - buflen -= len + 1; - } + { + register int len; + len = strlen (state->ls_info.ls_key); + if (buflen < (size_t) (len + 1)) + { + return NSS_TRYAGAIN; + } + strncpy (buffer, state->ls_info.ls_key, len); + buffer[len] = '\0'; + service->s_proto = buffer; + buffer += len + 1; + buflen -= len + 1; + } } else { char **vals = _nss_ldap_get_values (e, AT (ipServiceProtocol)); int len; if (vals == NULL) - { - state->ls_info.ls_index = -1; - return NSS_NOTFOUND; - } + { + state->ls_info.ls_index = -1; + return NSS_NOTFOUND; + } switch (state->ls_info.ls_index) - { - case 0: - /* last time. decrementing ls_index to -1 AND returning !NSS_SUCCESS - will force this entry to be discarded. - */ - stat = NSS_NOTFOUND; - break; - case -1: - /* first time */ - state->ls_info.ls_index = ldap_count_values (vals); - /* fall off to default ... */ - default: - len = strlen (vals[state->ls_info.ls_index - 1]); - if (buflen < (size_t) (len + 1)) - { - return NSS_TRYAGAIN; - } - strncpy (buffer, vals[state->ls_info.ls_index - 1], len); - buffer[len] = '\0'; - service->s_proto = buffer; - buffer += len + 1; - buflen -= len + 1; - stat = NSS_SUCCESS; - } + { + case 0: + /* last time. decrementing ls_index to -1 AND returning !NSS_SUCCESS + will force this entry to be discarded. + */ + stat = NSS_NOTFOUND; + break; + case -1: + /* first time */ + state->ls_info.ls_index = ldap_count_values (vals); + /* fall off to default ... */ + default: + len = strlen (vals[state->ls_info.ls_index - 1]); + if (buflen < (size_t) (len + 1)) + { + return NSS_TRYAGAIN; + } + strncpy (buffer, vals[state->ls_info.ls_index - 1], len); + buffer[len] = '\0'; + service->s_proto = buffer; + buffer += len + 1; + buflen -= len + 1; + stat = NSS_SUCCESS; + } ldap_value_free (vals); state->ls_info.ls_index--; @@ -163,7 +163,7 @@ _nss_ldap_parse_serv (LDAPMessage * e, stat = _nss_ldap_assign_attrvals (e, ATM (LM_SERVICES, cn), service->s_name, - &service->s_aliases, &buffer, &buflen, NULL); + &service->s_aliases, &buffer, &buflen, NULL); if (stat != NSS_SUCCESS) { return stat; @@ -171,7 +171,7 @@ _nss_ldap_parse_serv (LDAPMessage * e, stat = _nss_ldap_assign_attrval (e, AT (ipServicePort), &port, &buffer, - &buflen); + &buflen); if (stat != NSS_SUCCESS) { return stat; @@ -184,9 +184,9 @@ _nss_ldap_parse_serv (LDAPMessage * e, enum nss_status _nss_ldap_getservbyname_r (const char *name, - const char *proto, - struct servent * result, - char *buffer, size_t buflen, int *errnop) + const char *proto, + struct servent * result, + char *buffer, size_t buflen, int *errnop) { ldap_args_t a; @@ -196,16 +196,16 @@ _nss_ldap_getservbyname_r (const char *name, LA_STRING2 (a) = proto; return _nss_ldap_getbyname (&a, result, buffer, buflen, errnop, - ((proto == NULL) ? _nss_ldap_filt_getservbyname - : _nss_ldap_filt_getservbynameproto), - LM_SERVICES, _nss_ldap_parse_serv); + ((proto == NULL) ? _nss_ldap_filt_getservbyname + : _nss_ldap_filt_getservbynameproto), + LM_SERVICES, _nss_ldap_parse_serv); } enum nss_status _nss_ldap_getservbyport_r (int port, - const char *proto, - struct servent * result, - char *buffer, size_t buflen, int *errnop) + const char *proto, + struct servent * result, + char *buffer, size_t buflen, int *errnop) { ldap_args_t a; @@ -214,10 +214,10 @@ _nss_ldap_getservbyport_r (int port, LA_TYPE (a) = (proto == NULL) ? LA_TYPE_NUMBER : LA_TYPE_NUMBER_AND_STRING; LA_STRING2 (a) = proto; return _nss_ldap_getbyname (&a, result, buffer, buflen, errnop, - (proto == - NULL) ? _nss_ldap_filt_getservbyport : - _nss_ldap_filt_getservbyportproto, - LM_SERVICES, _nss_ldap_parse_serv); + (proto == + NULL) ? _nss_ldap_filt_getservbyport : + _nss_ldap_filt_getservbyportproto, + LM_SERVICES, _nss_ldap_parse_serv); } enum nss_status _nss_ldap_setservent (void) @@ -232,9 +232,9 @@ _nss_ldap_getservbyport_r (int port, enum nss_status _nss_ldap_getservent_r (struct servent *result, char *buffer, size_t buflen, - int *errnop) + int *errnop) { LOOKUP_GETENT (serv_context, result, buffer, buflen, errnop, - _nss_ldap_filt_getservent, LM_SERVICES, - _nss_ldap_parse_serv, LDAP_NSS_BUFLEN_DEFAULT); + _nss_ldap_filt_getservent, LM_SERVICES, + _nss_ldap_parse_serv, LDAP_NSS_BUFLEN_DEFAULT); } diff --git a/ldap-service.h b/ldap-service.h index e4dbc53..e0f8d27 100644 --- a/ldap-service.h +++ b/ldap-service.h @@ -36,8 +36,8 @@ static enum nss_status _nss_ldap_parse_serv (LDAPMessage * e, - ldap_state_t * pvt, - void *result, - char *buffer, size_t buflen); + ldap_state_t * pvt, + void *result, + char *buffer, size_t buflen); #endif /* _LDAP_NSS_LDAP_LDAP_SERVICE_H */ diff --git a/ldap-spwd.c b/ldap-spwd.c index e026e2e..7a20120 100644 --- a/ldap-spwd.c +++ b/ldap-spwd.c @@ -29,7 +29,7 @@ #include <port_before.h> #endif -#if defined(HAVE_THREAD_H) && !defined(_AIX) +#if defined(HAVE_THREAD_H) #include <thread.h> #elif defined(HAVE_PTHREAD_H) #include <pthread.h> @@ -61,8 +61,8 @@ static ent_context_t *sp_context = NULL; static enum nss_status _nss_ldap_parse_sp (LDAPMessage * e, - ldap_state_t * pvt, - void *result, char *buffer, size_t buflen) + ldap_state_t * pvt, + void *result, char *buffer, size_t buflen) { struct spwd *sp = (struct spwd *) result; enum nss_status stat; @@ -76,13 +76,13 @@ _nss_ldap_parse_sp (LDAPMessage * e, stat = _nss_ldap_assign_attrval (e, ATM (LM_SHADOW, uid), &sp->sp_namp, &buffer, - &buflen); + &buflen); if (stat != NSS_SUCCESS) return stat; stat = _nss_ldap_assign_attrval (e, AT (shadowLastChange), &tmp, &buffer, - &buflen); + &buflen); sp->sp_lstchg = (stat == NSS_SUCCESS) ? _nss_ldap_shadow_date (tmp) : -1; stat = @@ -95,17 +95,17 @@ _nss_ldap_parse_sp (LDAPMessage * e, stat = _nss_ldap_assign_attrval (e, AT (shadowWarning), &tmp, &buffer, - &buflen); + &buflen); sp->sp_warn = (stat == NSS_SUCCESS) ? atol (tmp) : -1; stat = _nss_ldap_assign_attrval (e, AT (shadowInactive), &tmp, &buffer, - &buflen); + &buflen); sp->sp_inact = (stat == NSS_SUCCESS) ? atol (tmp) : -1; stat = _nss_ldap_assign_attrval (e, AT (shadowExpire), &tmp, &buffer, - &buflen); + &buflen); sp->sp_expire = (stat == NSS_SUCCESS) ? _nss_ldap_shadow_date (tmp) : -1; stat = @@ -119,11 +119,11 @@ _nss_ldap_parse_sp (LDAPMessage * e, enum nss_status _nss_ldap_getspnam_r (const char *name, - struct spwd * result, - char *buffer, size_t buflen, int *errnop) + struct spwd * result, + char *buffer, size_t buflen, int *errnop) { LOOKUP_NAME (name, result, buffer, buflen, errnop, _nss_ldap_filt_getspnam, - LM_SHADOW, _nss_ldap_parse_sp, LDAP_NSS_BUFLEN_DEFAULT); + LM_SHADOW, _nss_ldap_parse_sp, LDAP_NSS_BUFLEN_DEFAULT); } enum nss_status _nss_ldap_setspent (void) @@ -138,11 +138,11 @@ enum nss_status _nss_ldap_endspent (void) enum nss_status _nss_ldap_getspent_r (struct spwd *result, - char *buffer, size_t buflen, int *errnop) + char *buffer, size_t buflen, int *errnop) { LOOKUP_GETENT (sp_context, result, buffer, buflen, errnop, - _nss_ldap_filt_getspent, LM_SHADOW, _nss_ldap_parse_sp, - LDAP_NSS_BUFLEN_DEFAULT); + _nss_ldap_filt_getspent, LM_SHADOW, _nss_ldap_parse_sp, + LDAP_NSS_BUFLEN_DEFAULT); } #endif /* HAVE_SHADOW_H */ diff --git a/ldap-spwd.h b/ldap-spwd.h index bc6844c..67b054d 100644 --- a/ldap-spwd.h +++ b/ldap-spwd.h @@ -25,8 +25,8 @@ #define _LDAP_NSS_LDAP_LDAP_SPWD_H static enum nss_status _nss_ldap_parse_sp (LDAPMessage * e, - ldap_state_t * pvt, - void *result, - char *buffer, size_t buflen); + ldap_state_t * pvt, + void *result, + char *buffer, size_t buflen); #endif /* _LDAP_NSS_LDAP_LDAP_SPWD_H */ @@ -177,32 +177,32 @@ base dc=padl,dc=com # RFC2307bis naming contexts # Syntax: -# nss_base_XXX base?scope?filter +# nss_base_XXX base?scope?filter # where scope is {base,one,sub} # and filter is a filter to be &'d with the # default filter. # You can omit the suffix eg: -# nss_base_passwd ou=People, +# nss_base_passwd ou=People, # to append the default base DN but this # may incur a small performance impact. -#nss_base_passwd ou=People,dc=padl,dc=com?one -#nss_base_shadow ou=People,dc=padl,dc=com?one -#nss_base_group ou=Group,dc=padl,dc=com?one -#nss_base_hosts ou=Hosts,dc=padl,dc=com?one -#nss_base_services ou=Services,dc=padl,dc=com?one -#nss_base_networks ou=Networks,dc=padl,dc=com?one -#nss_base_protocols ou=Protocols,dc=padl,dc=com?one -#nss_base_rpc ou=Rpc,dc=padl,dc=com?one -#nss_base_ethers ou=Ethers,dc=padl,dc=com?one -#nss_base_netmasks ou=Networks,dc=padl,dc=com?ne -#nss_base_bootparams ou=Ethers,dc=padl,dc=com?one -#nss_base_aliases ou=Aliases,dc=padl,dc=com?one -#nss_base_netgroup ou=Netgroup,dc=padl,dc=com?one +#nss_base_passwd ou=People,dc=padl,dc=com?one +#nss_base_shadow ou=People,dc=padl,dc=com?one +#nss_base_group ou=Group,dc=padl,dc=com?one +#nss_base_hosts ou=Hosts,dc=padl,dc=com?one +#nss_base_services ou=Services,dc=padl,dc=com?one +#nss_base_networks ou=Networks,dc=padl,dc=com?one +#nss_base_protocols ou=Protocols,dc=padl,dc=com?one +#nss_base_rpc ou=Rpc,dc=padl,dc=com?one +#nss_base_ethers ou=Ethers,dc=padl,dc=com?one +#nss_base_netmasks ou=Networks,dc=padl,dc=com?ne +#nss_base_bootparams ou=Ethers,dc=padl,dc=com?one +#nss_base_aliases ou=Aliases,dc=padl,dc=com?one +#nss_base_netgroup ou=Netgroup,dc=padl,dc=com?one # attribute/objectclass mapping # Syntax: -#nss_map_attribute rfc2307attribute mapped_attribute -#nss_map_objectclass rfc2307objectclass mapped_objectclass +#nss_map_attribute rfc2307attribute mapped_attribute +#nss_map_objectclass rfc2307objectclass mapped_objectclass # configure --enable-nds is no longer supported. # NDS mappings @@ -27,7 +27,7 @@ #include <port_before.h> #endif -#if defined(HAVE_THREAD_H) && !defined(_AIX) +#if defined(HAVE_THREAD_H) #include <thread.h> #elif defined(HAVE_PTHREAD_H) #include <pthread.h> @@ -52,12 +52,12 @@ static void *ltf_mutex_alloc (void); static void ltf_mutex_free (void *m); static enum nss_status ltf_tsd_setup (void); static void ltf_set_ld_error (int err, char *matched, char *errmsg, - void *dummy); + void *dummy); static int ltf_get_ld_error (char **matched, char **errmsg, void *dummy); static void ltf_set_errno (int err); static int ltf_get_errno (void); -#ifndef HAVE_THREAD_H /* thus, pthreads */ +#ifndef HAVE_THREAD_H /* thus, pthreads */ /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- * The contents of this file are subject to the Netscape Public License diff --git a/nsswitch.ldap b/nsswitch.ldap index 68fb91a..76b2fcd 100644 --- a/nsswitch.ldap +++ b/nsswitch.ldap @@ -7,13 +7,13 @@ # /etc/netconfig file has a "-" for nametoaddr_libs of "inet" transports. # the following two lines obviate the "+" entry in /etc/passwd and /etc/group. -passwd: files ldap -group: files ldap +passwd: files ldap +group: files ldap # consult DNS first, we will need it to resolve the LDAP host. (If we # can't resolve it, we're in infinite recursion, because libldap calls # gethostbyname(). Careful!) -hosts: dns ldap +hosts: dns ldap # LDAP is nominally authoritative for the following maps. services: ldap [NOTFOUND=return] files @@ -46,7 +46,7 @@ Create and encode the Paged Results control. ld (IN) An LDAP session handle, as obtained from a call to - ldap_init(). + ldap_init(). pagesize (IN) The number of entries to return in each page @@ -58,24 +58,24 @@ iscritical (IN) Is this control critical to the search? ctrlp (OUT) A result parameter that will be assigned the address - of an LDAPControl structure that contains the - PagedResult control created by this function. - The memory occupied by the LDAPControl structure - SHOULD be freed when it is no longer in use by - calling ldap_control_free(). - + of an LDAPControl structure that contains the + PagedResult control created by this function. + The memory occupied by the LDAPControl structure + SHOULD be freed when it is no longer in use by + calling ldap_control_free(). + Ber encoding PageResult ::= SEQUENCE { - pageSize INTEGER - cookie OCTET STRING } - + pageSize INTEGER + cookie OCTET STRING } + Note: The first time the Page control is created, the cookie - should be set to a zero-length string. The cookie obtained - from calling ldap_parse_page_control() should be used as - the cookie in the next ldap_create_page_control call. + should be set to a zero-length string. The cookie obtained + from calling ldap_parse_page_control() should be used as + the cookie in the next ldap_create_page_control call. ---*/ @@ -84,9 +84,9 @@ #else int ldap_create_page_control (LDAP * ld, - unsigned long pagesize, - struct berval *cookiep, - int iscritical, LDAPControl ** ctrlp) + unsigned long pagesize, + struct berval *cookiep, + int iscritical, LDAPControl ** ctrlp) { ber_tag_t tag; BerElement *ber; @@ -139,19 +139,19 @@ exit: ld (IN) An LDAP session handle. ctrls (IN) The address of a NULL-terminated array of - LDAPControl structures, typically obtained - by a call to ldap_parse_result(). + LDAPControl structures, typically obtained + by a call to ldap_parse_result(). list_countp (OUT) This result parameter is filled in with the number - of entries returned in this page + of entries returned in this page cookiep (OUT) This result parameter is filled in with the address - of a struct berval that contains the server- - generated cookie. - The returned cookie SHOULD be used in the next call - to create a Page sort control. The struct berval - returned SHOULD be disposed of by calling ber_bvfree() - when it is no longer needed. + of a struct berval that contains the server- + generated cookie. + The returned cookie SHOULD be used in the next call + to create a Page sort control. The struct berval + returned SHOULD be disposed of by calling ber_bvfree() + when it is no longer needed. ---*/ @@ -160,8 +160,8 @@ exit: #else int ldap_parse_page_control (LDAP * ld, - LDAPControl ** ctrls, - unsigned long *list_countp, struct berval **cookiep) + LDAPControl ** ctrls, + unsigned long *list_countp, struct berval **cookiep) { BerElement *ber; LDAPControl *pControl; @@ -171,7 +171,7 @@ ldap_parse_page_control (LDAP * ld, if (cookiep) { - *cookiep = NULL; /* Make sure we return a NULL if error occurs. */ + *cookiep = NULL; /* Make sure we return a NULL if error occurs. */ } if (ld == NULL) @@ -189,7 +189,7 @@ ldap_parse_page_control (LDAP * ld, { pControl = ctrls[i]; if (!strcmp (LDAP_CONTROL_PAGE_OID, pControl->ldctl_oid)) - goto foundPageControl; + goto foundPageControl; } /* No page control was found. */ @@ -102,9 +102,9 @@ dns_free_data (struct dns_reply *r) { struct resource_record *tmp = rr; if (rr->domain) - free (rr->domain); + free (rr->domain); if (rr->u.data) - free (rr->u.data); + free (rr->u.data); rr = rr->next; free (tmp); } @@ -157,10 +157,10 @@ parse_reply (unsigned char *data, int len) unsigned int type, class, ttl, size; status = dn_expand (data, data + len, p, host, sizeof (host)); if (status < 0) - { - dns_free_data (r); - return NULL; - } + { + dns_free_data (r); + return NULL; + } p += status; if (p + 10 > data + len) { @@ -181,87 +181,87 @@ parse_reply (unsigned char *data, int len) return NULL; } *rr = (struct resource_record *) calloc (1, - sizeof (struct - resource_record)); + sizeof (struct + resource_record)); (*rr)->domain = strdup (host); (*rr)->type = type; (*rr)->class = class; (*rr)->ttl = ttl; (*rr)->size = size; switch (type) - { - case T_NS: - case T_CNAME: - case T_PTR: - status = dn_expand (data, data + len, p, host, sizeof (host)); - if (status < 0) - { - dns_free_data (r); - return NULL; - } - (*rr)->u.txt = strdup (host); - break; - case T_MX: - case T_AFSDB: - { + { + case T_NS: + case T_CNAME: + case T_PTR: + status = dn_expand (data, data + len, p, host, sizeof (host)); + if (status < 0) + { + dns_free_data (r); + return NULL; + } + (*rr)->u.txt = strdup (host); + break; + case T_MX: + case T_AFSDB: + { if (p + 2 > data + len) { dns_free_data (r); return NULL; } - status = dn_expand (data, data + len, p + 2, host, sizeof (host)); - if (status < 0) - { - dns_free_data (r); - return NULL; - } + status = dn_expand (data, data + len, p + 2, host, sizeof (host)); + if (status < 0) + { + dns_free_data (r); + return NULL; + } - (*rr)->u.mx = - (struct mx_record *) malloc (sizeof (struct mx_record) + - strlen (host)); - (*rr)->u.mx->preference = (p[0] << 8) | p[1]; - strcpy ((*rr)->u.mx->domain, host); - break; - } - case T_SRV: - { + (*rr)->u.mx = + (struct mx_record *) malloc (sizeof (struct mx_record) + + strlen (host)); + (*rr)->u.mx->preference = (p[0] << 8) | p[1]; + strcpy ((*rr)->u.mx->domain, host); + break; + } + case T_SRV: + { if (p + 6 > data + len) { dns_free_data (r); return NULL; } - status = dn_expand (data, data + len, p + 6, host, sizeof (host)); - if (status < 0) - { - dns_free_data (r); - return NULL; - } - (*rr)->u.srv = - (struct srv_record *) malloc (sizeof (struct srv_record) + - strlen (host)); - (*rr)->u.srv->priority = (p[0] << 8) | p[1]; - (*rr)->u.srv->weight = (p[2] << 8) | p[3]; - (*rr)->u.srv->port = (p[4] << 8) | p[5]; - strcpy ((*rr)->u.srv->target, host); - break; - } - case T_TXT: - { + status = dn_expand (data, data + len, p + 6, host, sizeof (host)); + if (status < 0) + { + dns_free_data (r); + return NULL; + } + (*rr)->u.srv = + (struct srv_record *) malloc (sizeof (struct srv_record) + + strlen (host)); + (*rr)->u.srv->priority = (p[0] << 8) | p[1]; + (*rr)->u.srv->weight = (p[2] << 8) | p[3]; + (*rr)->u.srv->port = (p[4] << 8) | p[5]; + strcpy ((*rr)->u.srv->target, host); + break; + } + case T_TXT: + { if (p + *p > data + len) { dns_free_data (r); return NULL; } - (*rr)->u.txt = (char *) malloc (size + 1); - strncpy ((*rr)->u.txt, (char *) p + 1, *p); - (*rr)->u.txt[*p] = 0; - break; - } + (*rr)->u.txt = (char *) malloc (size + 1); + strncpy ((*rr)->u.txt, (char *) p + 1, *p); + (*rr)->u.txt[*p] = 0; + break; + } - default: - (*rr)->u.data = (unsigned char *) malloc (size); - memcpy ((*rr)->u.data, p, size); - } + default: + (*rr)->u.data = (unsigned char *) malloc (size); + memcpy ((*rr)->u.data, p, size); + } p += size; rr = &(*rr)->next; } @@ -331,35 +331,35 @@ main (int argc, char **argv) { printf ("%s %s %d ", rr->domain, type_to_string (rr->type), rr->ttl); switch (rr->type) - { - case T_NS: - printf ("%s\n", (char *) rr->data); - break; - case T_A: - printf ("%d.%d.%d.%d\n", - ((unsigned char *) rr->data)[0], - ((unsigned char *) rr->data)[1], - ((unsigned char *) rr->data)[2], - ((unsigned char *) rr->data)[3]); - break; - case T_MX: - case T_AFSDB: - { - struct mx_record *mx = (struct mx_record *) rr->data; - printf ("%d %s\n", mx->preference, mx->domain); - break; - } - case T_SRV: - { - struct srv_record *srv = (struct srv_record *) rr->data; - printf ("%d %d %d %s\n", srv->priority, srv->weight, - srv->port, srv->target); - break; - } - default: - printf ("\n"); - break; - } + { + case T_NS: + printf ("%s\n", (char *) rr->data); + break; + case T_A: + printf ("%d.%d.%d.%d\n", + ((unsigned char *) rr->data)[0], + ((unsigned char *) rr->data)[1], + ((unsigned char *) rr->data)[2], + ((unsigned char *) rr->data)[3]); + break; + case T_MX: + case T_AFSDB: + { + struct mx_record *mx = (struct mx_record *) rr->data; + printf ("%d %s\n", mx->preference, mx->domain); + break; + } + case T_SRV: + { + struct srv_record *srv = (struct srv_record *) rr->data; + printf ("%d %d %d %s\n", srv->priority, srv->weight, + srv->port, srv->target); + break; + } + default: + printf ("\n"); + break; + } } return 0; @@ -47,13 +47,13 @@ /* We use these, but they are not always present in <arpa/nameser.h> */ #ifndef T_TXT -#define T_TXT 16 +#define T_TXT 16 #endif #ifndef T_AFSDB -#define T_AFSDB 18 +#define T_AFSDB 18 #endif #ifndef T_SRV -#define T_SRV 33 +#define T_SRV 33 #endif struct dns_query @@ -88,7 +88,7 @@ struct resource_record { void *data; struct mx_record *mx; - struct mx_record *afsdb; /* mx and afsdb are identical */ + struct mx_record *afsdb; /* mx and afsdb are identical */ struct srv_record *srv; struct in_addr *a; char *txt; @@ -98,8 +98,8 @@ struct resource_record }; -#ifndef HAVE_ARPA_NAMESER_H /* XXX */ -typedef int HEADER; /* will never be used */ +#ifndef HAVE_ARPA_NAMESER_H /* XXX */ +typedef int HEADER; /* will never be used */ #endif struct dns_reply @@ -109,8 +109,8 @@ struct dns_reply struct resource_record *head; }; -#define dns_lookup _nss_ldap_dns_lookup -#define dns_free_data _nss_ldap_dns_free_data +#define dns_lookup _nss_ldap_dns_lookup +#define dns_free_data _nss_ldap_dns_free_data struct dns_reply *dns_lookup (const char *, const char *); @@ -23,7 +23,7 @@ #include "config.h" -#if defined(HAVE_THREAD_H) && !defined(_AIX) +#if defined(HAVE_THREAD_H) #include <thread.h> #elif defined(HAVE_PTHREAD_H) #include <pthread.h> @@ -56,21 +56,21 @@ #include "util.h" static enum nss_status do_getrdnvalue (const char *dn, - const char *rdntype, - char **rval, char **buffer, - size_t * buflen); + const char *rdntype, + char **rval, char **buffer, + size_t * buflen); static enum nss_status do_parse_map_statement (ldap_config_t * cfg, - const char *statement, - ldap_map_type_t type); + const char *statement, + ldap_map_type_t type); static enum nss_status do_searchdescriptorconfig (const char *key, - const char *value, - size_t valueLength, - ldap_service_search_descriptor_t - ** result, char **buffer, - size_t * buflen); + const char *value, + size_t valueLength, + ldap_service_search_descriptor_t + ** result, char **buffer, + size_t * buflen); #include <fcntl.h> static void *__cache = NULL; @@ -92,10 +92,10 @@ dn2uid_cache_put (const char *dn, const char *uid) { __cache = _nss_ldap_db_open (); if (__cache == NULL) - { - cache_unlock (); - return NSS_TRYAGAIN; - } + { + cache_unlock (); + return NSS_TRYAGAIN; + } } key.data = (void *) dn; @@ -150,13 +150,9 @@ dn2uid_cache_get (const char *dn, char **uid, char **buffer, size_t * buflen) return NSS_SUCCESS; } -#ifdef HPUX -static int lock_inited = 0; -#endif - enum nss_status _nss_ldap_dn2uid (const char *dn, char **uid, char **buffer, size_t * buflen, - int *pIsNestedGroup, LDAPMessage ** pRes) + int *pIsNestedGroup, LDAPMessage ** pRes) { enum nss_status stat; @@ -164,15 +160,6 @@ _nss_ldap_dn2uid (const char *dn, char **uid, char **buffer, size_t * buflen, *pIsNestedGroup = 0; -#ifdef HPUX - /* XXX this is not thread-safe */ - if (!lock_inited) - { - __thread_mutex_init (&__cache_lock, NULL); - lock_inited = 1; - } -#endif - stat = dn2uid_cache_get (dn, uid, buffer, buflen); if (stat == NSS_NOTFOUND) { @@ -185,25 +172,25 @@ _nss_ldap_dn2uid (const char *dn, char **uid, char **buffer, size_t * buflen, attrs[3] = NULL; if (_nss_ldap_read (dn, attrs, &res) == NSS_SUCCESS) - { - LDAPMessage *e = _nss_ldap_first_entry (res); - if (e != NULL) - { - if (_nss_ldap_oc_check (e, OC (posixGroup)) == NSS_SUCCESS) - { - *pIsNestedGroup = 1; - *pRes = res; - debug ("<== _nss_ldap_dn2uid (nested group)"); - return NSS_SUCCESS; - } - - stat = - _nss_ldap_assign_attrval (e, ATM (LM_PASSWD, uid), uid, - buffer, buflen); - if (stat == NSS_SUCCESS) - dn2uid_cache_put (dn, *uid); - } - } + { + LDAPMessage *e = _nss_ldap_first_entry (res); + if (e != NULL) + { + if (_nss_ldap_oc_check (e, OC (posixGroup)) == NSS_SUCCESS) + { + *pIsNestedGroup = 1; + *pRes = res; + debug ("<== _nss_ldap_dn2uid (nested group)"); + return NSS_SUCCESS; + } + + stat = + _nss_ldap_assign_attrval (e, ATM (LM_PASSWD, uid), uid, + buffer, buflen); + if (stat == NSS_SUCCESS) + dn2uid_cache_put (dn, *uid); + } + } ldap_msgfree (res); } @@ -214,8 +201,8 @@ _nss_ldap_dn2uid (const char *dn, char **uid, char **buffer, size_t * buflen, enum nss_status _nss_ldap_getrdnvalue (LDAPMessage * entry, - const char *rdntype, - char **rval, char **buffer, size_t * buflen) + const char *rdntype, + char **rval, char **buffer, size_t * buflen) { char *dn; enum nss_status status; @@ -245,24 +232,24 @@ _nss_ldap_getrdnvalue (LDAPMessage * entry, vals = _nss_ldap_get_values (entry, rdntype); if (vals != NULL) - { - int rdnlen = strlen (*vals); - if (*buflen > rdnlen) - { - char *rdnvalue = *buffer; - strncpy (rdnvalue, *vals, rdnlen); - rdnvalue[rdnlen] = '\0'; - *buffer += rdnlen + 1; - *buflen -= rdnlen + 1; - *rval = rdnvalue; - status = NSS_SUCCESS; - } - else - { - status = NSS_TRYAGAIN; - } - ldap_value_free (vals); - } + { + int rdnlen = strlen (*vals); + if (*buflen > rdnlen) + { + char *rdnvalue = *buffer; + strncpy (rdnvalue, *vals, rdnlen); + rdnvalue[rdnlen] = '\0'; + *buffer += rdnlen + 1; + *buflen -= rdnlen + 1; + *rval = rdnvalue; + status = NSS_SUCCESS; + } + else + { + status = NSS_TRYAGAIN; + } + ldap_value_free (vals); + } } return status; @@ -270,8 +257,8 @@ _nss_ldap_getrdnvalue (LDAPMessage * entry, static enum nss_status do_getrdnvalue (const char *dn, - const char *rdntype, - char **rval, char **buffer, size_t * buflen) + const char *rdntype, + char **rval, char **buffer, size_t * buflen) { char **exploded_dn; char *rdnvalue = NULL; @@ -300,27 +287,27 @@ do_getrdnvalue (const char *dn, exploded_rdn = ldap_explode_rdn (*exploded_dn, 0); if (exploded_rdn != NULL) - { - for (p = exploded_rdn; *p != NULL; p++) - { - if (strncasecmp (*p, rdnava, rdnavalen) == 0) - { - char *r = *p + rdnavalen; - - rdnlen = strlen (r); - if (*buflen <= rdnlen) - { - ldap_value_free (exploded_rdn); - ldap_value_free (exploded_dn); - return NSS_TRYAGAIN; - } - rdnvalue = *buffer; - strncpy (rdnvalue, r, rdnlen); - break; - } - } - ldap_value_free (exploded_rdn); - } + { + for (p = exploded_rdn; *p != NULL; p++) + { + if (strncasecmp (*p, rdnava, rdnavalen) == 0) + { + char *r = *p + rdnavalen; + + rdnlen = strlen (r); + if (*buflen <= rdnlen) + { + ldap_value_free (exploded_rdn); + ldap_value_free (exploded_dn); + return NSS_TRYAGAIN; + } + rdnvalue = *buffer; + strncpy (rdnvalue, r, rdnlen); + break; + } + } + ldap_value_free (exploded_rdn); + } #else /* * we don't have Netscape's ldap_explode_rdn() API, @@ -337,28 +324,28 @@ do_getrdnvalue (const char *dn, #else for (p = strtok_r (r, "+", &st); #endif - p != NULL; + p != NULL; #ifndef HAVE_STRTOK_R - p = strtok (NULL, "+")) + p = strtok (NULL, "+")) #else - p = strtok_r (NULL, "+", &st)) + p = strtok_r (NULL, "+", &st)) #endif { - if (strncasecmp (p, rdnava, rdnavalen) == 0) - { - p += rdnavalen; - rdnlen = strlen (p); - if (*buflen <= rdnlen) - { - ldap_value_free (exploded_dn); - return NSS_TRYAGAIN; - } - rdnvalue = *buffer; - strncpy (rdnvalue, p, rdnlen); - break; - } - if (r != NULL) - r = NULL; + if (strncasecmp (p, rdnava, rdnavalen) == 0) + { + p += rdnavalen; + rdnlen = strlen (p); + if (*buflen <= rdnlen) + { + ldap_value_free (exploded_dn); + return NSS_TRYAGAIN; + } + rdnvalue = *buffer; + strncpy (rdnvalue, p, rdnlen); + break; + } + if (r != NULL) + r = NULL; } #endif /* HAVE_LDAP_EXPLODE_RDN */ } @@ -382,7 +369,7 @@ do_getrdnvalue (const char *dn, static enum nss_status do_parse_map_statement (ldap_config_t * cfg, - const char *statement, ldap_map_type_t type) + const char *statement, ldap_map_type_t type) { char *key, *val; ldap_map_selector_t sel = LM_NONE; @@ -401,9 +388,9 @@ do_parse_map_statement (ldap_config_t * cfg, if (p != NULL) { - *p = '\0'; - sel = _nss_ldap_str2selector (key); - key = ++p; + *p = '\0'; + sel = _nss_ldap_str2selector (key); + key = ++p; } } @@ -413,7 +400,7 @@ do_parse_map_statement (ldap_config_t * cfg, /* parse a comma-separated list */ static enum nss_status do_parse_list (char *values, char ***valptr, - char **pbuffer, size_t *pbuflen) + char **pbuffer, size_t *pbuflen) { char *s, **p; #ifdef HAVE_STRTOK_R @@ -428,7 +415,7 @@ do_parse_list (char *values, char ***valptr, for (valcount = 1, s = values; *s != '\0'; s++) { if (*s == ',') - valcount++; + valcount++; } if (bytesleft (buffer, buflen, char *) < (valcount + 1) * sizeof (char *)) @@ -455,8 +442,8 @@ do_parse_list (char *values, char ***valptr, vallen = strlen (s); if (buflen < (size_t) (vallen + 1)) { - return NSS_UNAVAIL; - } + return NSS_UNAVAIL; + } /* copy this value into the next block of buffer space */ elt = buffer; @@ -516,8 +503,8 @@ _nss_ldap_str2selector (const char *key) static enum nss_status do_searchdescriptorconfig (const char *key, const char *value, size_t len, - ldap_service_search_descriptor_t ** result, - char **buffer, size_t * buflen) + ldap_service_search_descriptor_t ** result, + char **buffer, size_t * buflen) { ldap_service_search_descriptor_t **t, *cur; char *base; @@ -530,7 +517,7 @@ do_searchdescriptorconfig (const char *key, const char *value, size_t len, scope = -1; if (strncasecmp (key, NSS_LDAP_KEY_NSS_BASE_PREFIX, - NSS_LDAP_KEY_NSS_BASE_PREFIX_LEN) != 0) + NSS_LDAP_KEY_NSS_BASE_PREFIX_LEN) != 0) return NSS_SUCCESS; sel = _nss_ldap_str2selector (&key[NSS_LDAP_KEY_NSS_BASE_PREFIX_LEN]); @@ -555,17 +542,17 @@ do_searchdescriptorconfig (const char *key, const char *value, size_t len, *s = '\0'; s++; if (!strcasecmp (s, "sub")) - scope = LDAP_SCOPE_SUBTREE; + scope = LDAP_SCOPE_SUBTREE; else if (!strcasecmp (s, "one")) - scope = LDAP_SCOPE_ONELEVEL; + scope = LDAP_SCOPE_ONELEVEL; else if (!strcasecmp (s, "base")) - scope = LDAP_SCOPE_BASE; + scope = LDAP_SCOPE_BASE; filter = strchr (s, '?'); if (filter != NULL) - { - *filter = '\0'; - filter++; - } + { + *filter = '\0'; + filter++; + } } if (bytesleft (*buffer, *buflen, ldap_service_search_descriptor_t) < @@ -659,11 +646,11 @@ enum nss_status _nss_ldap_init_config (ldap_config_t * result) for (i = 0; i <= LM_NONE; i++) { for (j = 0; j <= MAP_MAX; j++) - { - result->ldc_maps[i][j] = _nss_ldap_db_open (); - if (result->ldc_maps[i][j] == NULL) - return NSS_UNAVAIL; - } + { + result->ldc_maps[i][j] = _nss_ldap_db_open (); + if (result->ldc_maps[i][j] == NULL) + return NSS_UNAVAIL; + } } return NSS_SUCCESS; @@ -671,7 +658,7 @@ enum nss_status _nss_ldap_init_config (ldap_config_t * result) enum nss_status _nss_ldap_add_uri (ldap_config_t *result, const char *uri, - char **buffer, size_t *buflen) + char **buffer, size_t *buflen) { /* add a single URI to the list of URIs in the configuration */ int i; @@ -710,7 +697,7 @@ _nss_ldap_add_uri (ldap_config_t *result, const char *uri, static enum nss_status do_add_uris (ldap_config_t *result, char *uris, - char **buffer, size_t *buflen) + char **buffer, size_t *buflen) { /* Add a space separated list of URIs */ char *p; @@ -720,14 +707,14 @@ do_add_uris (ldap_config_t *result, char *uris, { char *q = strchr (p, ' '); if (q != NULL) - *q = '\0'; + *q = '\0'; stat = _nss_ldap_add_uri (result, p, buffer, buflen); p = (q != NULL) ? ++q : NULL; if (stat != NSS_SUCCESS) - break; + break; } return stat; @@ -735,7 +722,7 @@ do_add_uris (ldap_config_t *result, char *uris, static enum nss_status do_add_hosts (ldap_config_t *result, char *hosts, - char **buffer, size_t *buflen) + char **buffer, size_t *buflen) { /* Add a space separated list of hosts */ char *p; @@ -747,7 +734,7 @@ do_add_hosts (ldap_config_t *result, char *hosts, char *q = strchr (p, ' '); if (q != NULL) - *q = '\0'; + *q = '\0'; snprintf (b, sizeof(b), "ldap://%s", p); @@ -756,7 +743,7 @@ do_add_hosts (ldap_config_t *result, char *hosts, p = (q != NULL) ? ++q : NULL; if (stat != NSS_SUCCESS) - break; + break; } return stat; @@ -804,17 +791,17 @@ _nss_ldap_readconfig (ldap_config_t ** presult, char **buffer, size_t *buflen) char **t = NULL; if (*b == '\n' || *b == '\r' || *b == '#') - continue; + continue; k = b; v = k; /* skip past all characters in keyword */ while (*v != '\0' && *v != ' ' && *v != '\t') - v++; + v++; if (*v == '\0') - continue; + continue; /* terminate keyword */ *(v++) = '\0'; @@ -822,12 +809,12 @@ _nss_ldap_readconfig (ldap_config_t ** presult, char **buffer, size_t *buflen) /* skip empty lines with more than 3 spaces at the start of the line */ /* rds.oliver@samera.com.py 01-set-2004 */ if (*v == '\n') - continue; + continue; /* skip all whitespaces between keyword and value */ /* Lars Oergel <lars.oergel@innominate.de>, 05.10.2000 */ while (*v == ' ' || *v == '\t') - v++; + v++; /* kick off all whitespaces and newline at the end of value */ /* Bob Guo <bob@mail.ied.ac.cn>, 08.10.2001 */ @@ -838,339 +825,339 @@ _nss_ldap_readconfig (ldap_config_t ** presult, char **buffer, size_t *buflen) len = strlen (v) - 1; while (v[len] == ' ' || v[len] == '\t' || v[len] == '\n' || v[len] == '\r') - --len; + --len; v[++len] = '\0'; if (*buflen < (size_t) (len + 1)) - { - stat = NSS_TRYAGAIN; - break; - } + { + stat = NSS_TRYAGAIN; + break; + } if (!strcasecmp (k, NSS_LDAP_KEY_HOST)) - { - stat = do_add_hosts (result, v, buffer, buflen); - if (stat != NSS_SUCCESS) - break; - } + { + stat = do_add_hosts (result, v, buffer, buflen); + if (stat != NSS_SUCCESS) + break; + } else if (!strcasecmp (k, NSS_LDAP_KEY_URI)) - { - stat = do_add_uris (result, v, buffer, buflen); - if (stat != NSS_SUCCESS) - break; - } + { + stat = do_add_uris (result, v, buffer, buflen); + if (stat != NSS_SUCCESS) + break; + } else if (!strcasecmp (k, NSS_LDAP_KEY_BASE)) - { - t = &result->ldc_base; - } + { + t = &result->ldc_base; + } else if (!strcasecmp (k, NSS_LDAP_KEY_BINDDN)) - { - t = &result->ldc_binddn; - } + { + t = &result->ldc_binddn; + } else if (!strcasecmp (k, NSS_LDAP_KEY_BINDPW)) - { - t = &result->ldc_bindpw; - } + { + t = &result->ldc_bindpw; + } else if (!strcasecmp (k, NSS_LDAP_KEY_USESASL)) - { - result->ldc_usesasl = (!strcasecmp (v, "on") - || !strcasecmp (v, "yes") - || !strcasecmp (v, "true")); - } + { + result->ldc_usesasl = (!strcasecmp (v, "on") + || !strcasecmp (v, "yes") + || !strcasecmp (v, "true")); + } else if (!strcasecmp (k, NSS_LDAP_KEY_SASLID)) - { - t = &result->ldc_saslid; - } + { + t = &result->ldc_saslid; + } else if (!strcasecmp (k, NSS_LDAP_KEY_ROOTBINDDN)) - { - t = &result->ldc_rootbinddn; - } + { + t = &result->ldc_rootbinddn; + } else if (!strcasecmp (k, NSS_LDAP_KEY_ROOTUSESASL)) - { - result->ldc_rootusesasl = (!strcasecmp (v, "on") - || !strcasecmp (v, "yes") - || !strcasecmp (v, "true")); - } + { + result->ldc_rootusesasl = (!strcasecmp (v, "on") + || !strcasecmp (v, "yes") + || !strcasecmp (v, "true")); + } else if (!strcasecmp (k, NSS_LDAP_KEY_ROOTSASLID)) - { - t = &result->ldc_rootsaslid; - } + { + t = &result->ldc_rootsaslid; + } else if (!strcasecmp (k, NSS_LDAP_KEY_SSLPATH)) - { - t = &result->ldc_sslpath; - } + { + t = &result->ldc_sslpath; + } else if (!strcasecmp (k, NSS_LDAP_KEY_SCOPE)) - { - if (!strcasecmp (v, "sub")) - { - result->ldc_scope = LDAP_SCOPE_SUBTREE; - } - else if (!strcasecmp (v, "one")) - { - result->ldc_scope = LDAP_SCOPE_ONELEVEL; - } - else if (!strcasecmp (v, "base")) - { - result->ldc_scope = LDAP_SCOPE_BASE; - } - } + { + if (!strcasecmp (v, "sub")) + { + result->ldc_scope = LDAP_SCOPE_SUBTREE; + } + else if (!strcasecmp (v, "one")) + { + result->ldc_scope = LDAP_SCOPE_ONELEVEL; + } + else if (!strcasecmp (v, "base")) + { + result->ldc_scope = LDAP_SCOPE_BASE; + } + } else if (!strcasecmp (k, NSS_LDAP_KEY_DEREF)) - { - if (!strcasecmp (v, "never")) - { - result->ldc_deref = LDAP_DEREF_NEVER; - } - else if (!strcasecmp (v, "searching")) - { - result->ldc_deref = LDAP_DEREF_SEARCHING; - } - else if (!strcasecmp (v, "finding")) - { - result->ldc_deref = LDAP_DEREF_FINDING; - } - else if (!strcasecmp (v, "always")) - { - result->ldc_deref = LDAP_DEREF_ALWAYS; - } - } + { + if (!strcasecmp (v, "never")) + { + result->ldc_deref = LDAP_DEREF_NEVER; + } + else if (!strcasecmp (v, "searching")) + { + result->ldc_deref = LDAP_DEREF_SEARCHING; + } + else if (!strcasecmp (v, "finding")) + { + result->ldc_deref = LDAP_DEREF_FINDING; + } + else if (!strcasecmp (v, "always")) + { + result->ldc_deref = LDAP_DEREF_ALWAYS; + } + } else if (!strcasecmp (k, NSS_LDAP_KEY_PORT)) - { - result->ldc_port = atoi (v); - } + { + result->ldc_port = atoi (v); + } else if (!strcasecmp (k, NSS_LDAP_KEY_SSL)) - { - if (!strcasecmp (v, "on") || !strcasecmp (v, "yes") - || !strcasecmp (v, "true")) - { - result->ldc_ssl_on = SSL_LDAPS; - } - else if (!strcasecmp (v, "start_tls")) - { - result->ldc_ssl_on = SSL_START_TLS; - } - } + { + if (!strcasecmp (v, "on") || !strcasecmp (v, "yes") + || !strcasecmp (v, "true")) + { + result->ldc_ssl_on = SSL_LDAPS; + } + else if (!strcasecmp (v, "start_tls")) + { + result->ldc_ssl_on = SSL_START_TLS; + } + } else if (!strcasecmp (k, NSS_LDAP_KEY_REFERRALS)) - { - result->ldc_referrals = (!strcasecmp (v, "on") - || !strcasecmp (v, "yes") - || !strcasecmp (v, "true")); - } + { + result->ldc_referrals = (!strcasecmp (v, "on") + || !strcasecmp (v, "yes") + || !strcasecmp (v, "true")); + } else if (!strcasecmp (k, NSS_LDAP_KEY_RESTART)) - { - result->ldc_restart = (!strcasecmp (v, "on") - || !strcasecmp (v, "yes") - || !strcasecmp (v, "true")); - } + { + result->ldc_restart = (!strcasecmp (v, "on") + || !strcasecmp (v, "yes") + || !strcasecmp (v, "true")); + } else if (!strcasecmp (k, NSS_LDAP_KEY_LDAP_VERSION)) - { - result->ldc_version = atoi (v); - } + { + result->ldc_version = atoi (v); + } else if (!strcasecmp (k, NSS_LDAP_KEY_TIMELIMIT)) - { - result->ldc_timelimit = atoi (v); - } + { + result->ldc_timelimit = atoi (v); + } else if (!strcasecmp (k, NSS_LDAP_KEY_BIND_TIMELIMIT)) - { - result->ldc_bind_timelimit = atoi (v); - } + { + result->ldc_bind_timelimit = atoi (v); + } else if (!strcasecmp (k, NSS_LDAP_KEY_IDLE_TIMELIMIT)) - { - result->ldc_idle_timelimit = atoi (v); - } + { + result->ldc_idle_timelimit = atoi (v); + } else if (!strcasecmp (k, NSS_LDAP_KEY_RECONNECT_POLICY)) - { - if (!strcasecmp (v, "hard") || - !strcasecmp (v, "hard_open")) - { - result->ldc_reconnect_pol = LP_RECONNECT_HARD_OPEN; - } - else if (!strcasecmp (v, "hard_init")) - { - result->ldc_reconnect_pol = LP_RECONNECT_HARD_INIT; - } - else if (!strcasecmp (v, "soft")) - { - result->ldc_reconnect_pol = LP_RECONNECT_SOFT; - } - } + { + if (!strcasecmp (v, "hard") || + !strcasecmp (v, "hard_open")) + { + result->ldc_reconnect_pol = LP_RECONNECT_HARD_OPEN; + } + else if (!strcasecmp (v, "hard_init")) + { + result->ldc_reconnect_pol = LP_RECONNECT_HARD_INIT; + } + else if (!strcasecmp (v, "soft")) + { + result->ldc_reconnect_pol = LP_RECONNECT_SOFT; + } + } else if (!strcasecmp (k, NSS_LDAP_KEY_RECONNECT_TRIES)) - { - result->ldc_reconnect_tries = atoi (v); - } + { + result->ldc_reconnect_tries = atoi (v); + } else if (!strcasecmp (k, NSS_LDAP_KEY_RECONNECT_SLEEPTIME)) - { - result->ldc_reconnect_sleeptime = atoi (v); - } + { + result->ldc_reconnect_sleeptime = atoi (v); + } else if (!strcasecmp (k, NSS_LDAP_KEY_RECONNECT_MAXSLEEPTIME)) - { - result->ldc_reconnect_maxsleeptime = atoi (v); - } + { + result->ldc_reconnect_maxsleeptime = atoi (v); + } else if (!strcasecmp (k, NSS_LDAP_KEY_RECONNECT_MAXCONNTRIES)) - { - result->ldc_reconnect_maxconntries = atoi (v); - } + { + result->ldc_reconnect_maxconntries = atoi (v); + } else if (!strcasecmp (k, NSS_LDAP_KEY_SASL_SECPROPS)) - { - t = &result->ldc_sasl_secprops; - } + { + t = &result->ldc_sasl_secprops; + } else if (!strcasecmp (k, NSS_LDAP_KEY_LOGDIR)) - { - t = &result->ldc_logdir; - } + { + t = &result->ldc_logdir; + } else if (!strcasecmp (k, NSS_LDAP_KEY_DEBUG)) - { - result->ldc_debug = atoi (v); - } + { + result->ldc_debug = atoi (v); + } else if (!strcasecmp (k, NSS_LDAP_KEY_PAGESIZE)) - { - result->ldc_pagesize = atoi (v); - } + { + result->ldc_pagesize = atoi (v); + } #ifdef CONFIGURE_KRB5_CCNAME else if (!strcasecmp (k, NSS_LDAP_KEY_KRB5_CCNAME)) - { - t = &result->ldc_krb5_ccname; - } + { + t = &result->ldc_krb5_ccname; + } #endif /* CONFIGURE_KRB5_CCNAME */ else if (!strcasecmp (k, "tls_checkpeer")) - { - if (!strcasecmp (v, "on") || !strcasecmp (v, "yes") - || !strcasecmp (v, "true")) - { - result->ldc_tls_checkpeer = 1; - } - else if (!strcasecmp (v, "off") || !strcasecmp (v, "no") - || !strcasecmp (v, "false")) - { - result->ldc_tls_checkpeer = 0; - } - } + { + if (!strcasecmp (v, "on") || !strcasecmp (v, "yes") + || !strcasecmp (v, "true")) + { + result->ldc_tls_checkpeer = 1; + } + else if (!strcasecmp (v, "off") || !strcasecmp (v, "no") + || !strcasecmp (v, "false")) + { + result->ldc_tls_checkpeer = 0; + } + } else if (!strcasecmp (k, "tls_cacertfile")) - { - t = &result->ldc_tls_cacertfile; - } + { + t = &result->ldc_tls_cacertfile; + } else if (!strcasecmp (k, "tls_cacertdir")) - { - t = &result->ldc_tls_cacertdir; - } + { + t = &result->ldc_tls_cacertdir; + } else if (!strcasecmp (k, "tls_ciphers")) - { - t = &result->ldc_tls_ciphers; - } + { + t = &result->ldc_tls_ciphers; + } else if (!strcasecmp (k, "tls_cert")) - { - t = &result->ldc_tls_cert; - } + { + t = &result->ldc_tls_cert; + } else if (!strcasecmp (k, "tls_key")) - { - t = &result->ldc_tls_key; - } + { + t = &result->ldc_tls_key; + } else if (!strcasecmp (k, "tls_randfile")) - { - t = &result->ldc_tls_randfile; - } + { + t = &result->ldc_tls_randfile; + } else if (!strncasecmp (k, NSS_LDAP_KEY_MAP_ATTRIBUTE, - strlen (NSS_LDAP_KEY_MAP_ATTRIBUTE))) - { - do_parse_map_statement (result, v, MAP_ATTRIBUTE); - } + strlen (NSS_LDAP_KEY_MAP_ATTRIBUTE))) + { + do_parse_map_statement (result, v, MAP_ATTRIBUTE); + } else if (!strncasecmp (k, NSS_LDAP_KEY_MAP_OBJECTCLASS, - strlen (NSS_LDAP_KEY_MAP_OBJECTCLASS))) - { - do_parse_map_statement (result, v, MAP_OBJECTCLASS); - } + strlen (NSS_LDAP_KEY_MAP_OBJECTCLASS))) + { + do_parse_map_statement (result, v, MAP_OBJECTCLASS); + } else if (!strncasecmp (k, NSS_LDAP_KEY_SET_OVERRIDE, - strlen (NSS_LDAP_KEY_SET_OVERRIDE))) - { - do_parse_map_statement (result, v, MAP_OVERRIDE); - } + strlen (NSS_LDAP_KEY_SET_OVERRIDE))) + { + do_parse_map_statement (result, v, MAP_OVERRIDE); + } else if (!strncasecmp (k, NSS_LDAP_KEY_SET_DEFAULT, - strlen (NSS_LDAP_KEY_SET_DEFAULT))) - { - do_parse_map_statement (result, v, MAP_DEFAULT); - } + strlen (NSS_LDAP_KEY_SET_DEFAULT))) + { + do_parse_map_statement (result, v, MAP_DEFAULT); + } else if (!strcasecmp (k, NSS_LDAP_KEY_INITGROUPS)) - { - if (!strcasecmp (v, "backlink")) - { - result->ldc_flags |= NSS_LDAP_FLAGS_INITGROUPS_BACKLINK; - } - else - { - result->ldc_flags &= ~(NSS_LDAP_FLAGS_INITGROUPS_BACKLINK); - } - } + { + if (!strcasecmp (v, "backlink")) + { + result->ldc_flags |= NSS_LDAP_FLAGS_INITGROUPS_BACKLINK; + } + else + { + result->ldc_flags &= ~(NSS_LDAP_FLAGS_INITGROUPS_BACKLINK); + } + } else if (!strcasecmp (k, NSS_LDAP_KEY_SCHEMA)) - { - if (!strcasecmp (v, "rfc2307bis")) - { - result->ldc_flags |= NSS_LDAP_FLAGS_RFC2307BIS; - } - else if (!strcasecmp (v, "rfc2307")) - { - result->ldc_flags &= ~(NSS_LDAP_FLAGS_RFC2307BIS); - } - } + { + if (!strcasecmp (v, "rfc2307bis")) + { + result->ldc_flags |= NSS_LDAP_FLAGS_RFC2307BIS; + } + else if (!strcasecmp (v, "rfc2307")) + { + result->ldc_flags &= ~(NSS_LDAP_FLAGS_RFC2307BIS); + } + } else if (!strcasecmp (k, NSS_LDAP_KEY_PAGED_RESULTS)) - { - if (!strcasecmp (v, "on") - || !strcasecmp (v, "yes") - || !strcasecmp (v, "true")) - { - result->ldc_flags |= NSS_LDAP_FLAGS_PAGED_RESULTS; - } - else - { - result->ldc_flags &= ~(NSS_LDAP_FLAGS_PAGED_RESULTS); - } - } + { + if (!strcasecmp (v, "on") + || !strcasecmp (v, "yes") + || !strcasecmp (v, "true")) + { + result->ldc_flags |= NSS_LDAP_FLAGS_PAGED_RESULTS; + } + else + { + result->ldc_flags &= ~(NSS_LDAP_FLAGS_PAGED_RESULTS); + } + } else if (!strcasecmp (k, NSS_LDAP_KEY_INITGROUPS_IGNOREUSERS)) - { - stat = do_parse_list (v, &result->ldc_initgroups_ignoreusers, - buffer, buflen); - if (stat == NSS_UNAVAIL) - { - break; - } - } + { + stat = do_parse_list (v, &result->ldc_initgroups_ignoreusers, + buffer, buflen); + if (stat == NSS_UNAVAIL) + { + break; + } + } else if (!strcasecmp (k, NSS_LDAP_KEY_CONNECT_POLICY)) { - if (!strcasecmp (v, "oneshot")) - { - result->ldc_flags |= NSS_LDAP_FLAGS_CONNECT_POLICY_ONESHOT; - } - else if (!strcasecmp (v, "persist")) - { - result->ldc_flags &= ~(NSS_LDAP_FLAGS_CONNECT_POLICY_ONESHOT); - } - } + if (!strcasecmp (v, "oneshot")) + { + result->ldc_flags |= NSS_LDAP_FLAGS_CONNECT_POLICY_ONESHOT; + } + else if (!strcasecmp (v, "persist")) + { + result->ldc_flags &= ~(NSS_LDAP_FLAGS_CONNECT_POLICY_ONESHOT); + } + } else if (!strcasecmp (k, NSS_LDAP_KEY_SRV_DOMAIN)) - { - t = &result->ldc_srv_domain; - } + { + t = &result->ldc_srv_domain; + } else - { - /* - * check whether the key is a naming context key - * if yes, parse; otherwise just return NSS_SUCCESS - * so we can ignore keys we don't understand. - */ - stat = - do_searchdescriptorconfig (k, v, len, result->ldc_sds, - buffer, buflen); - if (stat == NSS_UNAVAIL) - { - break; - } - } + { + /* + * check whether the key is a naming context key + * if yes, parse; otherwise just return NSS_SUCCESS + * so we can ignore keys we don't understand. + */ + stat = + do_searchdescriptorconfig (k, v, len, result->ldc_sds, + buffer, buflen); + if (stat == NSS_UNAVAIL) + { + break; + } + } if (t != NULL) - { - strncpy (*buffer, v, len); - (*buffer)[len] = '\0'; - *t = *buffer; - *buffer += len + 1; - *buflen -= len + 1; - } + { + strncpy (*buffer, v, len); + (*buffer)[len] = '\0'; + *t = *buffer; + *buffer += len + 1; + *buflen -= len + 1; + } } fclose (fp); @@ -1184,45 +1171,45 @@ _nss_ldap_readconfig (ldap_config_t ** presult, char **buffer, size_t *buflen) { fp = fopen (NSS_LDAP_PATH_ROOTPASSWD, "r"); if (fp) - { - if (fgets (b, sizeof (b), fp) != NULL) - { - int len; - - len = strlen (b); - /* BUG#138: check for newline before removing */ - if (len > 0 && b[len - 1] == '\n') - len--; - - if (*buflen < (size_t) (len + 1)) - { - return NSS_UNAVAIL; - } - - strncpy (*buffer, b, len); - (*buffer)[len] = '\0'; - result->ldc_rootbindpw = *buffer; - *buffer += len + 1; - *buflen -= len + 1; - } - fclose (fp); - } + { + if (fgets (b, sizeof (b), fp) != NULL) + { + int len; + + len = strlen (b); + /* BUG#138: check for newline before removing */ + if (len > 0 && b[len - 1] == '\n') + len--; + + if (*buflen < (size_t) (len + 1)) + { + return NSS_UNAVAIL; + } + + strncpy (*buffer, b, len); + (*buffer)[len] = '\0'; + result->ldc_rootbindpw = *buffer; + *buffer += len + 1; + *buflen -= len + 1; + } + fclose (fp); + } else if (!result->ldc_rootusesasl) - { - result->ldc_rootbinddn = NULL; - } + { + result->ldc_rootbinddn = NULL; + } } if (result->ldc_port == 0) { if (result->ldc_ssl_on == SSL_LDAPS) - { - result->ldc_port = LDAPS_PORT; - } + { + result->ldc_port = LDAPS_PORT; + } else - { - result->ldc_port = LDAP_PORT; - } + { + result->ldc_port = LDAP_PORT; + } } if (result->ldc_uris[0] == NULL) @@ -1244,27 +1231,27 @@ _nss_ldap_escape_string (const char *str, char *buf, size_t buflen) while (p < limit && *s) { switch (*s) - { - case '*': - strcpy (p, "\\2a"); - p += 3; - break; - case '(': - strcpy (p, "\\28"); - p += 3; - break; - case ')': - strcpy (p, "\\29"); - p += 3; - break; - case '\\': - strcpy (p, "\\5c"); - p += 3; - break; - default: - *p++ = *s; - break; - } + { + case '*': + strcpy (p, "\\2a"); + p += 3; + break; + case '(': + strcpy (p, "\\28"); + p += 3; + break; + case ')': + strcpy (p, "\\29"); + p += 3; + break; + case '\\': + strcpy (p, "\\5c"); + p += 3; + break; + default: + *p++ = *s; + break; + } s++; } @@ -1372,9 +1359,9 @@ _nss_ldap_db_close (void *db) enum nss_status _nss_ldap_db_get (void *db, - unsigned flags, - const ldap_datum_t * key, - ldap_datum_t * value) + unsigned flags, + const ldap_datum_t * key, + ldap_datum_t * value) { struct ldap_dictionary *dict = (struct ldap_dictionary *) db; struct ldap_dictionary *p; @@ -1384,20 +1371,20 @@ _nss_ldap_db_get (void *db, int cmp; if (p->key.size != key->size) - continue; + continue; if (flags & NSS_LDAP_DB_NORMALIZE_CASE) - cmp = strncasecmp ((char *)p->key.data, (char *)key->data, key->size); + cmp = strncasecmp ((char *)p->key.data, (char *)key->data, key->size); else - cmp = memcmp (p->key.data, key->data, key->size); + cmp = memcmp (p->key.data, key->data, key->size); if (cmp == 0) - { - value->data = p->value.data; - value->size = p->value.size; + { + value->data = p->value.data; + value->size = p->value.size; - return NSS_SUCCESS; - } + return NSS_SUCCESS; + } } return NSS_NOTFOUND; @@ -1405,9 +1392,9 @@ _nss_ldap_db_get (void *db, enum nss_status _nss_ldap_db_put (void *db, - unsigned flags, - const ldap_datum_t * key, - const ldap_datum_t * value) + unsigned flags, + const ldap_datum_t * key, + const ldap_datum_t * value) { struct ldap_dictionary *dict = (struct ldap_dictionary *) db; struct ldap_dictionary *p, *q; @@ -1428,7 +1415,7 @@ _nss_ldap_db_put (void *db, assert (p->next == NULL); q = do_alloc_dictionary (); if (q == NULL) - return NSS_TRYAGAIN; + return NSS_TRYAGAIN; } if (do_dup_datum (flags, &q->key, key) != NSS_SUCCESS) @@ -1520,7 +1507,7 @@ _nss_ldap_namelist_destroy (struct name_list **head) next = p->next; if (p->name != NULL) - free (p->name); + free (p->name); free (p); } @@ -1544,10 +1531,10 @@ _nss_ldap_namelist_find (struct name_list *head, const char *netgroup) for (p = head; p != NULL; p = p->next) { if (strcasecmp (p->name, netgroup) == 0) - { - found++; - break; - } + { + found++; + break; + } } debug ("<== _nss_ldap_namelist_find"); @@ -26,91 +26,91 @@ /* utility routines. */ -#define CN_ATTR "CN" +#define CN_ATTR "CN" -#define DC_ATTR "DC" -#define DC_ATTR_AVA DC_ATTR"=" -#define DC_ATTR_AVA_LEN (sizeof(DC_ATTR_AVA) - 1) +#define DC_ATTR "DC" +#define DC_ATTR_AVA DC_ATTR"=" +#define DC_ATTR_AVA_LEN (sizeof(DC_ATTR_AVA) - 1) /* * get the RDN's value: eg. if the RDN was cn=lukeh, getrdnvalue(entry) * would return lukeh. */ enum nss_status _nss_ldap_getrdnvalue (LDAPMessage * entry, - const char *rdntype, - char **rval, char **buf, size_t * len); + const char *rdntype, + char **rval, char **buf, size_t * len); /* * map a distinguished name to a login name, or group entry */ enum nss_status _nss_ldap_dn2uid (const char *dn, - char **uid, char **buf, size_t * len, - int *pIsNestedGroup, LDAPMessage ** pRes); + char **uid, char **buf, size_t * len, + int *pIsNestedGroup, LDAPMessage ** pRes); #define NSS_LDAP_KEY_MAP_ATTRIBUTE "nss_map_attribute" #define NSS_LDAP_KEY_MAP_OBJECTCLASS "nss_map_objectclass" #define NSS_LDAP_KEY_SET_OVERRIDE "nss_override_attribute_value" #define NSS_LDAP_KEY_SET_DEFAULT "nss_default_attribute_value" -#define NSS_LDAP_CONFIG_BUFSIZ 4096 -#define NSS_LDAP_KEY_HOST "host" -#define NSS_LDAP_KEY_SCOPE "scope" -#define NSS_LDAP_KEY_BASE "base" -#define NSS_LDAP_KEY_PORT "port" -#define NSS_LDAP_KEY_BINDDN "binddn" -#define NSS_LDAP_KEY_BINDPW "bindpw" -#define NSS_LDAP_KEY_USESASL "use_sasl" -#define NSS_LDAP_KEY_SASLID "sasl_auth_id" -#define NSS_LDAP_KEY_DEREF "deref" -#define NSS_LDAP_KEY_ROOTBINDDN "rootbinddn" -#define NSS_LDAP_KEY_ROOTUSESASL "rootuse_sasl" -#define NSS_LDAP_KEY_ROOTSASLID "rootsasl_auth_id" -#define NSS_LDAP_KEY_LDAP_VERSION "ldap_version" -#define NSS_LDAP_KEY_TIMELIMIT "timelimit" -#define NSS_LDAP_KEY_BIND_TIMELIMIT "bind_timelimit" -#define NSS_LDAP_KEY_SSL "ssl" -#define NSS_LDAP_KEY_SSLPATH "sslpath" -#define NSS_LDAP_KEY_REFERRALS "referrals" -#define NSS_LDAP_KEY_RESTART "restart" -#define NSS_LDAP_KEY_URI "uri" +#define NSS_LDAP_CONFIG_BUFSIZ 4096 +#define NSS_LDAP_KEY_HOST "host" +#define NSS_LDAP_KEY_SCOPE "scope" +#define NSS_LDAP_KEY_BASE "base" +#define NSS_LDAP_KEY_PORT "port" +#define NSS_LDAP_KEY_BINDDN "binddn" +#define NSS_LDAP_KEY_BINDPW "bindpw" +#define NSS_LDAP_KEY_USESASL "use_sasl" +#define NSS_LDAP_KEY_SASLID "sasl_auth_id" +#define NSS_LDAP_KEY_DEREF "deref" +#define NSS_LDAP_KEY_ROOTBINDDN "rootbinddn" +#define NSS_LDAP_KEY_ROOTUSESASL "rootuse_sasl" +#define NSS_LDAP_KEY_ROOTSASLID "rootsasl_auth_id" +#define NSS_LDAP_KEY_LDAP_VERSION "ldap_version" +#define NSS_LDAP_KEY_TIMELIMIT "timelimit" +#define NSS_LDAP_KEY_BIND_TIMELIMIT "bind_timelimit" +#define NSS_LDAP_KEY_SSL "ssl" +#define NSS_LDAP_KEY_SSLPATH "sslpath" +#define NSS_LDAP_KEY_REFERRALS "referrals" +#define NSS_LDAP_KEY_RESTART "restart" +#define NSS_LDAP_KEY_URI "uri" #define NSS_LDAP_KEY_IDLE_TIMELIMIT "idle_timelimit" -#define NSS_LDAP_KEY_RECONNECT_POLICY "bind_policy" +#define NSS_LDAP_KEY_RECONNECT_POLICY "bind_policy" #define NSS_LDAP_KEY_SASL_SECPROPS "sasl_secprops" #ifdef CONFIGURE_KRB5_CCNAME #define NSS_LDAP_KEY_KRB5_CCNAME "krb5_ccname" #endif /* CONFIGURE_KRB5_CCNAME */ -#define NSS_LDAP_KEY_LOGDIR "logdir" -#define NSS_LDAP_KEY_DEBUG "debug" -#define NSS_LDAP_KEY_PAGESIZE "pagesize" -#define NSS_LDAP_KEY_INITGROUPS "nss_initgroups" -#define NSS_LDAP_KEY_INITGROUPS_IGNOREUSERS "nss_initgroups_ignoreusers" +#define NSS_LDAP_KEY_LOGDIR "logdir" +#define NSS_LDAP_KEY_DEBUG "debug" +#define NSS_LDAP_KEY_PAGESIZE "pagesize" +#define NSS_LDAP_KEY_INITGROUPS "nss_initgroups" +#define NSS_LDAP_KEY_INITGROUPS_IGNOREUSERS "nss_initgroups_ignoreusers" /* more reconnect policy fine-tuning */ -#define NSS_LDAP_KEY_RECONNECT_TRIES "nss_reconnect_tries" -#define NSS_LDAP_KEY_RECONNECT_SLEEPTIME "nss_reconnect_sleeptime" -#define NSS_LDAP_KEY_RECONNECT_MAXSLEEPTIME "nss_reconnect_maxsleeptime" -#define NSS_LDAP_KEY_RECONNECT_MAXCONNTRIES "nss_reconnect_maxconntries" +#define NSS_LDAP_KEY_RECONNECT_TRIES "nss_reconnect_tries" +#define NSS_LDAP_KEY_RECONNECT_SLEEPTIME "nss_reconnect_sleeptime" +#define NSS_LDAP_KEY_RECONNECT_MAXSLEEPTIME "nss_reconnect_maxsleeptime" +#define NSS_LDAP_KEY_RECONNECT_MAXCONNTRIES "nss_reconnect_maxconntries" -#define NSS_LDAP_KEY_PAGED_RESULTS "nss_paged_results" -#define NSS_LDAP_KEY_SCHEMA "nss_schema" -#define NSS_LDAP_KEY_SRV_DOMAIN "nss_srv_domain" -#define NSS_LDAP_KEY_CONNECT_POLICY "nss_connect_policy" +#define NSS_LDAP_KEY_PAGED_RESULTS "nss_paged_results" +#define NSS_LDAP_KEY_SCHEMA "nss_schema" +#define NSS_LDAP_KEY_SRV_DOMAIN "nss_srv_domain" +#define NSS_LDAP_KEY_CONNECT_POLICY "nss_connect_policy" /* * support separate naming contexts for each map * eventually this will support the syntax defined in * the DUAConfigProfile searchDescriptor attribute */ -#define NSS_LDAP_KEY_NSS_BASE_PREFIX "nss_base_" -#define NSS_LDAP_KEY_NSS_BASE_PREFIX_LEN ( sizeof(NSS_LDAP_KEY_NSS_BASE_PREFIX) - 1 ) +#define NSS_LDAP_KEY_NSS_BASE_PREFIX "nss_base_" +#define NSS_LDAP_KEY_NSS_BASE_PREFIX_LEN ( sizeof(NSS_LDAP_KEY_NSS_BASE_PREFIX) - 1 ) /* * Flags that are exposed via _nss_ldap_test_config_flag() */ -#define NSS_LDAP_FLAGS_INITGROUPS_BACKLINK 0x0001 -#define NSS_LDAP_FLAGS_PAGED_RESULTS 0x0002 -#define NSS_LDAP_FLAGS_RFC2307BIS 0x0004 -#define NSS_LDAP_FLAGS_CONNECT_POLICY_ONESHOT 0x0008 +#define NSS_LDAP_FLAGS_INITGROUPS_BACKLINK 0x0001 +#define NSS_LDAP_FLAGS_PAGED_RESULTS 0x0002 +#define NSS_LDAP_FLAGS_RFC2307BIS 0x0004 +#define NSS_LDAP_FLAGS_CONNECT_POLICY_ONESHOT 0x0008 /* * There are a number of means of obtaining configuration information. @@ -134,44 +134,44 @@ enum nss_status _nss_ldap_validateconfig (ldap_config_t *config); */ enum nss_status _nss_ldap_escape_string (const char *str, - char *buf, size_t buflen); - -#define MAP_H_ERRNO(nss_status, herr) do { \ - switch ((nss_status)) { \ - case NSS_SUCCESS: \ - (herr) = 0; \ - break; \ - case NSS_TRYAGAIN: \ - (herr) = TRY_AGAIN; \ - break; \ - case NSS_NOTFOUND: \ - (herr) = HOST_NOT_FOUND;\ - break; \ - case NSS_UNAVAIL: \ - default: \ - (herr) = NO_RECOVERY; \ - break; \ - } \ - } while (0) + char *buf, size_t buflen); + +#define MAP_H_ERRNO(nss_status, herr) do { \ + switch ((nss_status)) { \ + case NSS_SUCCESS: \ + (herr) = 0; \ + break; \ + case NSS_TRYAGAIN: \ + (herr) = TRY_AGAIN; \ + break; \ + case NSS_NOTFOUND: \ + (herr) = HOST_NOT_FOUND;\ + break; \ + case NSS_UNAVAIL: \ + default: \ + (herr) = NO_RECOVERY; \ + break; \ + } \ + } while (0) #ifdef HAVE_IRS_H -#define MAP_ERRNO(nss_status, err) do { \ - switch ((nss_status)) { \ - case NSS_SUCCESS: \ - (err) = 0; \ - break; \ - case NSS_TRYAGAIN: \ - (err) = ERANGE; \ - break; \ - case NSS_NOTFOUND: \ - (err) = ENOENT; \ - break; \ - case NSS_UNAVAIL: \ - default: \ - (err) = EPERM; \ - break; \ - } \ - } while (0) +#define MAP_ERRNO(nss_status, err) do { \ + switch ((nss_status)) { \ + case NSS_SUCCESS: \ + (err) = 0; \ + break; \ + case NSS_TRYAGAIN: \ + (err) = ERANGE; \ + break; \ + case NSS_NOTFOUND: \ + (err) = ENOENT; \ + break; \ + case NSS_UNAVAIL: \ + default: \ + (err) = EPERM; \ + break; \ + } \ + } while (0) #endif /* HAVE_IRS_H */ struct ldap_datum @@ -182,23 +182,23 @@ struct ldap_datum typedef struct ldap_datum ldap_datum_t; -#define NSS_LDAP_DATUM_ZERO(d) do { \ - (d)->data = NULL; \ - (d)->size = 0; \ - } while (0) +#define NSS_LDAP_DATUM_ZERO(d) do { \ + (d)->data = NULL; \ + (d)->size = 0; \ + } while (0) -#define NSS_LDAP_DB_NORMALIZE_CASE 0x1 +#define NSS_LDAP_DB_NORMALIZE_CASE 0x1 void *_nss_ldap_db_open (void); void _nss_ldap_db_close (void *db); enum nss_status _nss_ldap_db_put (void *db, - unsigned flags, - const ldap_datum_t * key, - const ldap_datum_t * value); + unsigned flags, + const ldap_datum_t * key, + const ldap_datum_t * value); enum nss_status _nss_ldap_db_get (void *db, - unsigned flags, - const ldap_datum_t * key, - ldap_datum_t * value); + unsigned flags, + const ldap_datum_t * key, + ldap_datum_t * value); /* Routines for managing namelists */ @@ -209,7 +209,7 @@ void _nss_ldap_namelist_destroy (struct name_list **head); enum nss_status _nss_ldap_add_uri (ldap_config_t *result, const char *uri, - char **buffer, size_t *buflen); + char **buffer, size_t *buflen); ldap_map_selector_t _nss_ldap_str2selector (const char *key); |