release/src/router/libnfsidmap/static.c

   1 /*
   2  *  static.c
   3  *
   4  *  static idmapping functions for gss principals.
   5  *
   6  *  Copyright (c) 2008 David Härdeman <david@hardeman.nu>.
   7  *  All rights reserved.
   8  *
   9  *  Redistribution and use in source and binary forms, with or without
  10  *  modification, are permitted provided that the following conditions
  11  *  are met:
  12  *
  13  *  1. Redistributions of source code must retain the above copyright
  14  *     notice, this list of conditions and the following disclaimer.
  15  *  2. Redistributions in binary form must reproduce the above copyright
  16  *     notice, this list of conditions and the following disclaimer in the
  17  *     documentation and/or other materials provided with the distribution.
  18  *  3. Neither the name of the University nor the names of its
  19  *     contributors may be used to endorse or promote products derived
  20  *     from this software without specific prior written permission.
  21  *
  22  *  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
  23  *  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
  24  *  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  25  *  DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  26  *  FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  27  *  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  28  *  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
  29  *  BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
  30  *  LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  31  *  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  32  *  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  33  */
  34
  35 #include <unistd.h>
  36 #include <stdlib.h>
  37 #include <string.h>
  38 #include <sys/types.h>
  39 #include <pwd.h>
  40 #include <grp.h>
  41 #include <errno.h>
  42
  43 #include "cfg.h"
  44 #include "nfsidmap.h"
  45 #include "nfsidmap_internal.h"
  46
  47 /*
  48  * Static Translation Methods
  49  *
  50  * These functions use getpwnam to find uid/gid(s) for gss principals
  51  * which are first mapped to local user names using static mappings
  52  * in idmapd.conf.
  53  */
  54
  55 struct pwbuf {
  56         struct passwd pwbuf;
  57         char buf[1];
  58 };
  59
  60 static struct passwd *static_getpwnam(const char *name, const char *domain,
  61                                       int *err_p)
  62 {
  63         struct passwd *pw;
  64         struct pwbuf *buf;
  65         size_t buflen = sysconf(_SC_GETPW_R_SIZE_MAX);
  66         char *localname;
  67         int err;
  68
  69         buf = malloc(sizeof(*buf) + buflen);
  70         if (!buf) {
  71                 err = ENOMEM;
  72                 goto err;
  73         }
  74
  75         localname = conf_get_str("Static", (char *)name);
  76         if (!localname) {
  77                 err = ENOENT;
  78                 goto err;
  79         }
  80
  81         IDMAP_LOG(4, ("static_getpwnam: name '%s' mapped to '%s'\n",
  82                   name, localname));
  83
  84 again:
  85         err = getpwnam_r(localname, &buf->pwbuf, buf->buf, buflen, &pw);
  86
  87         if (err == EINTR)
  88                 goto again;
  89
  90         if (!pw) {
  91                 if (err == 0)
  92                         err = ENOENT;
  93
  94                 IDMAP_LOG(0, ("static_getpwnam: name '%s' not found\n",
  95                           localname));
  96
  97                 goto err_free_buf;
  98         }
  99
 100         *err_p = 0;
 101         return pw;
 102
 103 err_free_buf:
 104         free(buf);
 105 err:
 106         *err_p = err;
 107         return NULL;
 108 }
 109
 110 static int static_gss_princ_to_ids(char *secname, char *princ,
 111                                    uid_t *uid, uid_t *gid,
 112                                    extra_mapping_params **ex)
 113 {
 114         struct passwd *pw;
 115         int err;
 116
 117         /* XXX: Is this necessary? */
 118         if (strcmp(secname, "krb5") != 0 && strcmp(secname, "spkm3") != 0)
 119                 return -EINVAL;
 120
 121         pw = static_getpwnam(princ, NULL, &err);
 122
 123         if (pw) {
 124                 *uid = pw->pw_uid;
 125                 *gid = pw->pw_gid;
 126                 free(pw);
 127         }
 128
 129         return -err;
 130 }
 131
 132 static int static_gss_princ_to_grouplist(char *secname, char *princ,
 133                                          gid_t *groups, int *ngroups,
 134                                          extra_mapping_params **ex)
 135 {
 136         struct passwd *pw;
 137         int err;
 138
 139         /* XXX: Is this necessary? */
 140         if (strcmp(secname, "krb5") != 0 && strcmp(secname, "spkm3") != 0)
 141                 return -EINVAL;
 142
 143         pw = static_getpwnam(princ, NULL, &err);
 144
 145         if (pw) {
 146                 if (getgrouplist(pw->pw_name, pw->pw_gid, groups, ngroups) < 0)
 147                         err = -ERANGE;
 148                 free(pw);
 149         }
 150
 151         return -err;
 152 }
 153
 154
 155 struct trans_func static_trans = {
 156         .name                   = "static",
 157         .init                   = NULL,
 158         .name_to_uid            = NULL,
 159         .name_to_gid            = NULL,
 160         .uid_to_name            = NULL,
 161         .gid_to_name            = NULL,
 162         .princ_to_ids           = static_gss_princ_to_ids,
 163         .gss_princ_to_grouplist = static_gss_princ_to_grouplist,
 164 };
 165
 166 struct trans_func *libnfsidmap_plugin_init()
 167 {
 168         return (&static_trans);
 169 }
 170