diff options
| author | Arthur de Jong <arthur@arthurdejong.org> | 2010-12-16 20:25:41 +0000 |
|---|---|---|
| committer | Arthur de Jong <arthur@arthurdejong.org> | 2010-12-16 20:25:41 +0000 |
| commit | 08f01639626bb2ec2537df7d9f8c5459867c0afb (patch) | |
| tree | c729b889c359b6fa7f0252b54efa32d1193b6c21 /HACKING | |
| parent | 669d8ae73e5a56aafa422e76e4179e22c29a99df (diff) | |
split NSS notes into a Glibc and a Solaris section and add Solaris documentation pointers
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd-solaris@1332 ef36b2f9-881f-0410-afb5-c4e39611909c
Diffstat (limited to 'HACKING')
| -rw-r--r-- | HACKING | 42 |
1 files changed, 38 insertions, 4 deletions
@@ -91,7 +91,17 @@ NSS MODULE ========== The NSS module is implemented in the nss directory. The functions are split -into files according to the database they support. Functions look like: +into files according to the database they support. The files support multiple +NSS implementations. + +The NSS interface is specific to the C library that is used. The original +implementation was for the GNU C Library but now also includes an +implementation for Solaris' C Library and has some support for FreeBSD. + +GNU C Library notes +------------------- + +Function definitions for glibc look like: _nss_ldap_FUNCTION_r(...) This function opens the connection to the nslcd (with a time-out), builds @@ -99,17 +109,41 @@ _nss_ldap_FUNCTION_r(...) waiting for an answer (again with a time-out) The complete list of exported functions can be found in exports.linux and -prototypes.h. The NSS interface seems to be fairly libc-specific and is -currently tuned towards GNU Libc, although FreeBSD has a port based on this -code. +prototypes.h. Currently a number of macros are used to build most of the function bodies for these functions. Part of this is defined in the common/nslcd-prot.h file and the NSS-specific stuff is in nss/common.h. +For memory management, the general mechanism that is expected to be used is +to return NSS_STATUS_TRYAGAIN and set errno to ERANGE. This causes glibc to +retry the request with a larger buffer. + Some useful links: http://www.gnu.org/software/libc/manual/html_node/index.html +Solaris C Library notes +----------------------- + +The Solaris C library uses a different mechanism. For each map a back-end +object is allocated per thread which is used to do queries. The object is +created with a constructor (e.g. _nss_ldap_passwd_constr()) that returns a +back-end that contains a list of function pointer to lookup methods and a +destructor. + +A buffer is passed with every request but a local buffer that is stored in the +back-end can presumably also be created. + +Earlier versions of Solaris expected the NSS functions to return the binary +representation of the lookups (e.g. struct passwd) but later versions expect a +string representation of the data to be returned (just like a single line out +of /etc/passwd was read). + +Source and documentation pointers for Solaris NSS: +http://src.opensolaris.org/source/xref/onnv/onnv-gate/usr/src/lib/nsswitch/ +http://src.opensolaris.org/source/xref/onnv/onnv-gate/usr/src/head/nss_common.h +http://src.opensolaris.org/source/xref/onnv/onnv-gate/usr/src/head/nss_dbdefs.h + PAM MODULE ========== |