combine isvalidusername() and isvalidgroupname() into isvalidname() because they are similar enough and we just want to check to see if it is a reasonable name (e.g. not a DN)

git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@759 ef36b2f9-881f-0410-afb5-c4e39611909c
author: Arthur de Jong <arthur@arthurdejong.org> 2008-06-13 20:55:10 +0000
committer: Arthur de Jong <arthur@arthurdejong.org> 2008-06-13 20:55:10 +0000
commit: 8fc785087daefbff19f35cd4e89e30a6d90f3374 (patch)
tree: a7103a69396f5a398630e97ae89b0267a0ed63b9 /nslcd
parent: 0d860441e3ff58b4faa033073235ad9c3b9a87c7 (diff)
4 files changed, 43 insertions, 90 deletions
diff --git a/nslcd/common.c b/nslcd/common.c
index a181dca..840be1c 100644
--- a/nslcd/common.c
+++ b/nslcd/common.c
@@ -73,6 +73,38 @@ const char *get_userpassword(MYLDAP_ENTRY *entry,const char *attr)
     (any code for this is more than welcome) */
 }
 
+/*
+   Checks to see if the specified name seems to be a valid user or group name.
+
+   This test is based on the definition from POSIX (IEEE Std 1003.1, 2004,
+   3.426 User Name, 3.189 Group Name and 3.276 Portable Filename Character Set):
+   http://www.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap03.html#tag_03_426
+   http://www.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap03.html#tag_03_189
+   http://www.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap03.html#tag_03_276
+
+   The standard defines user names valid if they contain characters from
+   the set [A-Za-z0-9._-] where the hyphen should not be used as first
+   character. As an extension this test allows the at '@' and dolar '$' signs.
+*/
+int isvalidname(const char *name)
+{
+  int i;
+  if ((name==NULL)||(name[0]=='\0'))
+    return 0;
+  /* check characters */
+  for (i=0;name[i]!='\0';i++)
+  {
+    if ( ! ( ( (i!=0) && (name[i]=='-') ) ||
+             (name[i]>='@' && name[i] <= 'Z') ||
+             (name[i]>='a' && name[i] <= 'z') ||
+             (name[i]>='0' && name[i] <= '9') ||
+             name[i]=='.' || name[i]=='_'  || name[i]=='$') )
+      return 0;
+  }
+  /* no test failed so it must be good */
+  return -1;
+}
+
 /* this writes a single address to the stream */
 int write_address(TFILE *fp,const char *addr)
 {
diff --git a/nslcd/common.h b/nslcd/common.h
index 87d6298..8d91a2c 100644
--- a/nslcd/common.h
+++ b/nslcd/common.h
@@ -76,8 +76,8 @@ int read_address(TFILE *fp,char *addr,int *addrlen,int *af);
   if (read_address(fp,addr,&(len),&(af))) \
     return -1;
 
-/* checks to see if the specified string is a valid username */
-MUST_USE int isvalidusername(const char *name);
+/* checks to see if the specified string is a valid user or group name */
+MUST_USE int isvalidname(const char *name);
 
 /* transforms the DN info a uid doing an LDAP lookup if needed */
 MUST_USE char *dn2uid(MYLDAP_SESSION *session,const char *dn,char *buf,size_t buflen);
diff --git a/nslcd/group.c b/nslcd/group.c
index c101947..23721e8 100644
--- a/nslcd/group.c
+++ b/nslcd/group.c
@@ -141,42 +141,6 @@ static void group_init(void)
   group_attrs[5]=NULL;
 }
 
-/*
-   Checks to see if the specified name is a valid group name.
-
-   This test is based on the definition from POSIX (IEEE Std 1003.1, 2004,
-   3.189 Group Name and 3.276 Portable Filename Character Set):
-   http://www.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap03.html#tag_03_189
-   http://www.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap03.html#tag_03_276
-
-   The standard defines group names valid if they only contain characters from
-   the set [A-Za-z0-9._-] where the hyphen should not be used as first
-   character.
-*/
-static int isvalidgroupname(const char *name)
-{
-  int i;
-  if ((name==NULL)||(name[0]=='\0'))
-    return 0;
-  /* check first character */
-  if ( ! ( (name[0]>='A' && name[0] <= 'Z') ||
-           (name[0]>='a' && name[0] <= 'z') ||
-           (name[0]>='0' && name[0] <= '9') ||
-           name[0]=='.' || name[0]=='_' ) )
-    return 0;
-  /* check other characters */
-  for (i=1;name[i]!='\0';i++)
-  {
-    if ( ! ( (name[i]>='A' && name[i] <= 'Z') ||
-             (name[i]>='a' && name[i] <= 'z') ||
-             (name[i]>='0' && name[i] <= '9') ||
-             name[i]=='.' || name[i]=='_'  || name[i]=='-') )
-      return 0;
-  }
-  /* no test failed so it must be good */
-  return -1;
-}
-
 static int do_write_group(
     TFILE *fp,MYLDAP_ENTRY *entry,const char **names,gid_t gids[],int numgids,
     const char *passwd,SET *members)
@@ -196,7 +160,7 @@ static int do_write_group(
   /* write entries for all names and gids */
   for (i=0;names[i]!=NULL;i++)
   {
-    if (!isvalidgroupname(names[i]))
+    if (!isvalidname(names[i]))
     {
       log_log(LOG_WARNING,"group entry %s contains invalid group name: \"%s\"",
                           myldap_get_dn(entry),names[i]);
@@ -240,7 +204,7 @@ static SET *getmembers(MYLDAP_ENTRY *entry,MYLDAP_SESSION *session)
     for (i=0;values[i]!=NULL;i++)
     {
       /* only add valid usernames */
-      if (isvalidusername(values[i]))
+      if (isvalidname(values[i]))
         set_add(set,values[i]);
     }
   /* add the uniqueMember values */
@@ -337,7 +301,7 @@ NSLCD_HANDLE(
   char name[256];
   char filter[1024];
   READ_STRING_BUF2(fp,name,sizeof(name));
-  if (!isvalidgroupname(name)) {
+  if (!isvalidname(name)) {
     log_log(LOG_WARNING,"nslcd_group_byname(%s): invalid group name",name);
     return -1;
   },
@@ -363,7 +327,7 @@ NSLCD_HANDLE(
   char name[256];
   char filter[1024];
   READ_STRING_BUF2(fp,name,sizeof(name));
-  if (!isvalidusername(name)) {
+  if (!isvalidname(name)) {
     log_log(LOG_WARNING,"nslcd_group_bymember(%s): invalid user name",name);
     return -1;
   },
diff --git a/nslcd/passwd.c b/nslcd/passwd.c
index d28d6f2..d5616ee 100644
--- a/nslcd/passwd.c
+++ b/nslcd/passwd.c
@@ -120,49 +120,6 @@ static void passwd_init(void)
   passwd_attrs[9]=NULL;
 }
 
-/*
-   Checks to see if the specified name is a valid user name.
-
-   This test is based on the definition from POSIX (IEEE Std 1003.1, 2004, 3.426 User Name
-   and 3.276 Portable Filename Character Set):
-   http://www.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap03.html#tag_03_426
-   http://www.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap03.html#tag_03_276
-
-   The standard defines user names valid if they contain characters from
-   the set [A-Za-z0-9._-] where the hyphen should not be used as first
-   character. As an extension this test allows the dolar '$' sign as the last
-   character to support Samba special accounts.
-*/
-int isvalidusername(const char *name)
-{
-  int i;
-  if ((name==NULL)||(name[0]=='\0'))
-    return 0;
-  /* check first character */
-  if ( ! ( (name[0]>='A' && name[0] <= 'Z') ||
-           (name[0]>='a' && name[0] <= 'z') ||
-           (name[0]>='0' && name[0] <= '9') ||
-           name[0]=='.' || name[0]=='_' ) )
-    return 0;
-  /* check other characters */
-  for (i=1;name[i]!='\0';i++)
-  {
-    if ( name[i]=='$' )
-    {
-      /* if the char is $ we require it to be the last char */
-      if (name[i+1]!='\0')
-        return 0;
-    }
-    else if ( ! ( (name[i]>='A' && name[i] <= 'Z') ||
-                  (name[i]>='a' && name[i] <= 'z') ||
-                  (name[i]>='0' && name[i] <= '9') ||
-                  name[i]=='.' || name[i]=='_'  || name[i]=='-') )
-      return 0;
-  }
-  /* no test failed so it must be good */
-  return -1;
-}
-
 /* the cache that is used in dn2uid() */
 static pthread_mutex_t dn2uid_cache_mutex=PTHREAD_MUTEX_INITIALIZER;
 static DICT *dn2uid_cache=NULL;
@@ -202,7 +159,7 @@ static char *lookup_dn2uid(MYLDAP_SESSION *session,const char *dn)
   /* get uid (just use first one) */
   values=myldap_get_values(entry,attmap_passwd_uid);
   /* check the result for presence and validity */
-  if ((values!=NULL)&&(values[0]!=NULL)&&isvalidusername(values[0]))
+  if ((values!=NULL)&&(values[0]!=NULL)&&isvalidname(values[0]))
     uid=strdup(values[0]);
   else
     uid=NULL;
@@ -221,7 +178,7 @@ char *dn2uid(MYLDAP_SESSION *session,const char *dn,char *buf,size_t buflen)
   if (myldap_cpy_rdn_value(dn,attmap_passwd_uid,buf,buflen)!=NULL)
   {
     /* check if it is valid */
-    if (!isvalidusername(buf))
+    if (!isvalidname(buf))
       return NULL;
     return buf;
   }
@@ -281,7 +238,7 @@ char *uid2dn(MYLDAP_SESSION *session,const char *uid,char *buf,size_t buflen)
   const char *dn;
   char filter[1024];
   /* if it isn't a valid username, just bail out now */
-  if (!isvalidusername(uid))
+  if (!isvalidname(uid))
     return NULL;
   /* set up attributes (we don't care, we just want the DN) */
   attrs[0]=NULL;
@@ -460,7 +417,7 @@ static int write_passwd(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser,
   /* write the entries */
   for (i=0;usernames[i]!=NULL;i++)
   {
-    if (!isvalidusername(usernames[i]))
+    if (!isvalidname(usernames[i]))
     {
       log_log(LOG_WARNING,"passwd entry %s contains invalid user name: \"%s\"",
                           myldap_get_dn(entry),usernames[i]);
@@ -488,7 +445,7 @@ NSLCD_HANDLE(
   char name[256];
   char filter[1024];
   READ_STRING_BUF2(fp,name,sizeof(name));
-  if (!isvalidusername(name)) {
+  if (!isvalidname(name)) {
     log_log(LOG_WARNING,"nslcd_passwd_byname(%s): invalid user name",name);
     return -1;
   },
author	Arthur de Jong <arthur@arthurdejong.org>	2008-06-13 20:55:10 +0000
committer	Arthur de Jong <arthur@arthurdejong.org>	2008-06-13 20:55:10 +0000
commit	8fc785087daefbff19f35cd4e89e30a6d90f3374 (patch)
tree	a7103a69396f5a398630e97ae89b0267a0ed63b9 /nslcd
parent	0d860441e3ff58b4faa033073235ad9c3b9a87c7 (diff)