1 /* $NetBSD: nsdispatch.c,v 1.9 1999/01/25 00:16:17 lukem Exp $ */
4 * SPDX-License-Identifier: BSD-2-Clause-NetBSD
6 * Copyright (c) 1997, 1998, 1999 The NetBSD Foundation, Inc.
9 * This code is derived from software contributed to The NetBSD Foundation
12 * Redistribution and use in source and binary forms, with or without
13 * modification, are permitted provided that the following conditions
15 * 1. Redistributions of source code must retain the above copyright
16 * notice, this list of conditions and the following disclaimer.
17 * 2. Redistributions in binary form must reproduce the above copyright
18 * notice, this list of conditions and the following disclaimer in the
19 * documentation and/or other materials provided with the distribution.
21 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
23 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
24 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
25 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31 * POSSIBILITY OF SUCH DAMAGE.
34 * Copyright (c) 2003 Networks Associates Technology, Inc.
35 * All rights reserved.
37 * Portions of this software were developed for the FreeBSD Project by
38 * Jacques A. Vidrine, Safeport Network Services, and Network
39 * Associates Laboratories, the Security Research Division of Network
40 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
41 * ("CBOSS"), as part of the DARPA CHATS research program.
43 * Redistribution and use in source and binary forms, with or without
44 * modification, are permitted provided that the following conditions
46 * 1. Redistributions of source code must retain the above copyright
47 * notice, this list of conditions and the following disclaimer.
48 * 2. Redistributions in binary form must reproduce the above copyright
49 * notice, this list of conditions and the following disclaimer in the
50 * documentation and/or other materials provided with the distribution.
52 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
53 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
54 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
55 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
56 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
57 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
58 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
59 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
60 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
61 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
65 #include <sys/cdefs.h>
66 __FBSDID("$FreeBSD$");
68 #include "namespace.h"
69 #include <sys/param.h>
78 #include <pthread_np.h>
84 #include "un-namespace.h"
86 #include "libc_private.h"
92 /* Number of elements allocated when we grow a vector */
97 * Global NSS data structures are mostly read-only, but we update
98 * them when we read or re-read the nsswitch.conf.
100 static pthread_rwlock_t nss_lock = PTHREAD_RWLOCK_INITIALIZER;
103 * Runtime determination of whether we are dynamically linked or not.
105 extern int _DYNAMIC __attribute__ ((weak));
106 #define is_dynamic() (&_DYNAMIC != NULL)
109 * default sourcelist: `files'
111 const ns_src __nsdefaultsrc[] = {
112 { NSSRC_FILES, NS_SUCCESS },
116 /* Database, source mappings. */
117 static unsigned int _nsmapsize;
118 static ns_dbt *_nsmap = NULL;
121 static unsigned int _nsmodsize;
122 static ns_mod *_nsmod;
124 /* Placeholder for builtin modules' dlopen `handle'. */
125 static int __nss_builtin_handle;
126 static void *nss_builtin_handle = &__nss_builtin_handle;
130 * Cache lookup cycle prevention function - if !NULL then no cache lookups
133 static void *nss_cache_cycle_prevention_func = NULL;
137 * We keep track of nsdispatch() nesting depth in dispatch_depth. When a
138 * fallback method is invoked from nsdispatch(), we temporarily set
139 * fallback_depth to the current dispatch depth plus one. Subsequent
140 * calls at that exact depth will run in fallback mode (restricted to the
141 * same source as the call that was handled by the fallback method), while
142 * calls below that depth will be handled normally, allowing fallback
143 * methods to perform arbitrary lookups.
149 static void fb_endstate(void *);
150 NSS_TLS_HANDLING(fb);
153 * Attempt to spew relatively uniform messages to syslog.
155 #define nss_log(level, fmt, ...) \
156 syslog((level), "NSSWITCH(%s): " fmt, __func__, __VA_ARGS__)
157 #define nss_log_simple(level, s) \
158 syslog((level), "NSSWITCH(%s): " s, __func__)
161 * Dynamically growable arrays are used for lists of databases, sources,
162 * and modules. The following `vector' interface is used to isolate the
165 typedef int (*vector_comparison)(const void *, const void *);
166 typedef void (*vector_free_elem)(void *);
167 static void vector_sort(void *, unsigned int, size_t,
169 static void vector_free(void *, unsigned int *, size_t,
171 static void *vector_ref(unsigned int, void *, unsigned int, size_t);
172 static void *vector_search(const void *, void *, unsigned int, size_t,
174 static void *vector_append(const void *, void *, unsigned int *, size_t);
178 * Internal interfaces.
180 static int string_compare(const void *, const void *);
181 static int mtab_compare(const void *, const void *);
182 static int nss_configure(void);
183 static void ns_dbt_free(ns_dbt *);
184 static void ns_mod_free(ns_mod *);
185 static void ns_src_free(ns_src **, int);
186 static void nss_load_builtin_modules(void);
187 static void nss_load_module(const char *, nss_module_register_fn);
188 static void nss_atexit(void);
190 extern FILE *_nsyyin;
194 * The vector operations
197 vector_sort(void *vec, unsigned int count, size_t esize,
198 vector_comparison comparison)
200 qsort(vec, count, esize, comparison);
205 vector_search(const void *key, void *vec, unsigned int count, size_t esize,
206 vector_comparison comparison)
208 return (bsearch(key, vec, count, esize, comparison));
213 vector_append(const void *elem, void *vec, unsigned int *count, size_t esize)
217 if ((*count % ELEMSPERCHUNK) == 0) {
218 p = reallocarray(vec, *count + ELEMSPERCHUNK, esize);
220 nss_log_simple(LOG_ERR, "memory allocation failure");
225 memmove((void *)(((uintptr_t)vec) + (*count * esize)), elem, esize);
232 vector_ref(unsigned int i, void *vec, unsigned int count, size_t esize)
235 return (void *)((uintptr_t)vec + (i * esize));
241 #define VECTOR_FREE(v, c, s, f) \
242 do { vector_free(v, c, s, f); v = NULL; } while (0)
244 vector_free(void *vec, unsigned int *count, size_t esize,
245 vector_free_elem free_elem)
250 for (i = 0; i < *count; i++) {
251 elem = vector_ref(i, vec, *count, esize);
260 * Comparison functions for vector_search.
263 string_compare(const void *a, const void *b)
265 return (strcasecmp(*(const char * const *)a, *(const char * const *)b));
270 mtab_compare(const void *a, const void *b)
274 cmp = strcmp(((const ns_mtab *)a)->name, ((const ns_mtab *)b)->name);
278 return (strcmp(((const ns_mtab *)a)->database,
279 ((const ns_mtab *)b)->database));
283 * NSS nsmap management.
286 _nsdbtaddsrc(ns_dbt *dbt, const ns_src *src)
290 dbt->srclist = vector_append(src, dbt->srclist, &dbt->srclistsize,
292 modp = vector_search(&src->name, _nsmod, _nsmodsize, sizeof(*_nsmod),
295 nss_load_module(src->name, NULL);
301 _nsdbtdump(const ns_dbt *dbt)
305 printf("%s (%d source%s):", dbt->name, dbt->srclistsize,
306 dbt->srclistsize == 1 ? "" : "s");
307 for (i = 0; i < (int)dbt->srclistsize; i++) {
308 printf(" %s", dbt->srclist[i].name);
309 if (!(dbt->srclist[i].flags &
310 (NS_UNAVAIL|NS_NOTFOUND|NS_TRYAGAIN)) &&
311 (dbt->srclist[i].flags & NS_SUCCESS))
314 if (!(dbt->srclist[i].flags & NS_SUCCESS))
315 printf(" SUCCESS=continue");
316 if (dbt->srclist[i].flags & NS_UNAVAIL)
317 printf(" UNAVAIL=return");
318 if (dbt->srclist[i].flags & NS_NOTFOUND)
319 printf(" NOTFOUND=return");
320 if (dbt->srclist[i].flags & NS_TRYAGAIN)
321 printf(" TRYAGAIN=return");
330 * The first time nsdispatch is called (during a process's lifetime,
331 * or after nsswitch.conf has been updated), nss_configure will
332 * prepare global data needed by NSS.
337 static time_t confmod;
338 static int already_initialized = 0;
340 int result, isthreaded;
347 isthreaded = __isthreaded;
348 #if defined(_NSS_DEBUG) && defined(_NSS_SHOOT_FOOT)
349 /* NOTE WELL: THIS IS A SECURITY HOLE. This must only be built
350 * for debugging purposes and MUST NEVER be used in production.
352 path = getenv("NSSWITCH_CONF");
355 path = _PATH_NS_CONF;
356 #ifndef NS_REREAD_CONF
358 * Define NS_REREAD_CONF to have nsswitch notice changes
359 * to nsswitch.conf(5) during runtime. This involves calling
360 * stat(2) every time, which can result in performance hit.
362 if (already_initialized)
364 already_initialized = 1;
365 #endif /* NS_REREAD_CONF */
366 if (stat(path, &statbuf) != 0)
368 if (statbuf.st_mtime <= confmod)
371 (void)_pthread_rwlock_unlock(&nss_lock);
372 result = _pthread_rwlock_wrlock(&nss_lock);
375 if (stat(path, &statbuf) != 0)
377 if (statbuf.st_mtime <= confmod)
380 _nsyyin = fopen(path, "re");
383 VECTOR_FREE(_nsmap, &_nsmapsize, sizeof(*_nsmap),
384 (vector_free_elem)ns_dbt_free);
385 VECTOR_FREE(_nsmod, &_nsmodsize, sizeof(*_nsmod),
386 (vector_free_elem)ns_mod_free);
388 (void)atexit(nss_atexit);
389 nss_load_builtin_modules();
391 (void)fclose(_nsyyin);
392 vector_sort(_nsmap, _nsmapsize, sizeof(*_nsmap), string_compare);
393 confmod = statbuf.st_mtime;
396 handle = libc_dlopen(NULL, RTLD_LAZY | RTLD_GLOBAL);
397 if (handle != NULL) {
398 nss_cache_cycle_prevention_func = dlsym(handle,
399 "_nss_cache_cycle_prevention_function");
405 (void)_pthread_rwlock_unlock(&nss_lock);
407 result = _pthread_rwlock_rdlock(&nss_lock);
414 _nsdbtput(const ns_dbt *dbt)
419 for (i = 0; i < _nsmapsize; i++) {
420 p = vector_ref(i, _nsmap, _nsmapsize, sizeof(*_nsmap));
421 if (string_compare(&dbt->name, &p->name) == 0) {
422 /* overwrite existing entry */
423 if (p->srclist != NULL)
424 ns_src_free(&p->srclist, p->srclistsize);
425 memmove(p, dbt, sizeof(*dbt));
429 _nsmap = vector_append(dbt, _nsmap, &_nsmapsize, sizeof(*_nsmap));
434 ns_dbt_free(ns_dbt *dbt)
436 ns_src_free(&dbt->srclist, dbt->srclistsize);
438 free((void *)dbt->name);
443 ns_src_free(ns_src **src, int srclistsize)
447 for (i = 0; i < srclistsize; i++)
448 if ((*src)[i].name != NULL)
449 /* This one was allocated by nslexer. You'll just
452 free((void *)((*src)[i].name));
460 * NSS module management.
462 /* The built-in NSS modules are all loaded at once. */
463 #define NSS_BACKEND(name, reg) \
464 ns_mtab *reg(unsigned int *, nss_module_unregister_fn *);
465 #include "nss_backends.h"
469 nss_load_builtin_modules(void)
471 #define NSS_BACKEND(name, reg) nss_load_module(#name, reg);
472 #include "nss_backends.h"
477 /* Load a built-in or dynamically linked module. If the `reg_fn'
478 * argument is non-NULL, assume a built-in module and use reg_fn to
479 * register it. Otherwise, search for a dynamic NSS module.
482 nss_load_module(const char *source, nss_module_register_fn reg_fn)
486 nss_module_register_fn fn;
488 memset(&mod, 0, sizeof(mod));
489 mod.name = strdup(source);
490 if (mod.name == NULL) {
491 nss_log_simple(LOG_ERR, "memory allocation failure");
494 if (reg_fn != NULL) {
495 /* The placeholder is required, as a NULL handle
496 * represents an invalid module.
498 mod.handle = nss_builtin_handle;
500 } else if (!is_dynamic()) {
502 } else if (strcmp(source, NSSRC_CACHE) == 0 ||
503 strcmp(source, NSSRC_COMPAT) == 0 ||
504 strcmp(source, NSSRC_DB) == 0 ||
505 strcmp(source, NSSRC_DNS) == 0 ||
506 strcmp(source, NSSRC_FILES) == 0 ||
507 strcmp(source, NSSRC_NIS) == 0) {
509 * Avoid calling dlopen(3) for built-in modules.
513 if (snprintf(buf, sizeof(buf), "nss_%s.so.%d", mod.name,
514 NSS_MODULE_INTERFACE_VERSION) >= (int)sizeof(buf))
516 mod.handle = libc_dlopen(buf, RTLD_LOCAL|RTLD_LAZY);
517 if (mod.handle == NULL) {
519 /* This gets pretty annoying since the built-in
520 * sources aren't modules yet.
522 nss_log(LOG_DEBUG, "%s, %s", mod.name, dlerror());
526 fn = (nss_module_register_fn)dlfunc(mod.handle,
527 "nss_module_register");
529 (void)dlclose(mod.handle);
531 nss_log(LOG_ERR, "%s, %s", mod.name, dlerror());
535 mod.mtab = fn(mod.name, &mod.mtabsize, &mod.unregister);
536 if (mod.mtab == NULL || mod.mtabsize == 0) {
537 if (mod.handle != nss_builtin_handle)
538 (void)dlclose(mod.handle);
540 nss_log(LOG_ERR, "%s, registration failed", mod.name);
543 if (mod.mtabsize > 1)
544 qsort(mod.mtab, mod.mtabsize, sizeof(mod.mtab[0]),
547 _nsmod = vector_append(&mod, _nsmod, &_nsmodsize, sizeof(*_nsmod));
548 vector_sort(_nsmod, _nsmodsize, sizeof(*_nsmod), string_compare);
551 static int exiting = 0;
554 ns_mod_free(ns_mod *mod)
558 if (mod->handle == NULL)
560 if (mod->unregister != NULL)
561 mod->unregister(mod->mtab, mod->mtabsize);
562 if (mod->handle != nss_builtin_handle && !exiting)
563 (void)dlclose(mod->handle);
575 isthreaded = __isthreaded;
577 (void)_pthread_rwlock_wrlock(&nss_lock);
578 VECTOR_FREE(_nsmap, &_nsmapsize, sizeof(*_nsmap),
579 (vector_free_elem)ns_dbt_free);
580 VECTOR_FREE(_nsmod, &_nsmodsize, sizeof(*_nsmod),
581 (vector_free_elem)ns_mod_free);
583 (void)_pthread_rwlock_unlock(&nss_lock);
587 * Finally, the actual implementation.
590 nss_method_lookup(const char *source, const char *database,
591 const char *method, const ns_dtab disp_tab[], void **mdata)
597 if (disp_tab != NULL)
598 for (i = 0; disp_tab[i].src != NULL; i++)
599 if (strcasecmp(source, disp_tab[i].src) == 0) {
600 *mdata = disp_tab[i].mdata;
601 return (disp_tab[i].method);
603 mod = vector_search(&source, _nsmod, _nsmodsize, sizeof(*_nsmod),
605 if (mod != NULL && mod->handle != NULL) {
606 key.database = database;
608 match = bsearch(&key, mod->mtab, mod->mtabsize,
609 sizeof(mod->mtab[0]), mtab_compare);
611 *mdata = match->mdata;
612 return (match->method);
626 __weak_reference(_nsdispatch, nsdispatch);
629 _nsdispatch(void *retval, const ns_dtab disp_tab[], const char *database,
630 const char *method_name, const ns_src defaults[], ...)
634 const ns_src *srclist;
635 nss_method method, fb_method;
637 int isthreaded, serrno, i, result, srclistsize;
642 nss_cache_data cache_data;
643 nss_cache_data *cache_data_p;
650 isthreaded = __isthreaded;
653 result = _pthread_rwlock_rdlock(&nss_lock);
660 result = fb_getstate(&st);
666 result = nss_configure();
671 ++st->dispatch_depth;
672 if (st->dispatch_depth > st->fallback_depth) {
673 dbt = vector_search(&database, _nsmap, _nsmapsize, sizeof(*_nsmap),
675 fb_method = nss_method_lookup(NSSRC_FALLBACK, database,
676 method_name, disp_tab, &mdata);
680 srclist = dbt->srclist;
681 srclistsize = dbt->srclistsize;
685 while (srclist[srclistsize].name != NULL)
693 for (i = 0; i < srclistsize; i++) {
694 result = NS_NOTFOUND;
695 method = nss_method_lookup(srclist[i].name, database,
696 method_name, disp_tab, &mdata);
698 if (method != NULL) {
700 if (strcmp(srclist[i].name, NSSRC_CACHE) == 0 &&
701 nss_cache_cycle_prevention_func == NULL) {
702 #ifdef NS_STRICT_LIBC_EID_CHECKING
703 if (issetugid() != 0)
708 memset(&cache_data, 0, sizeof(nss_cache_data));
709 cache_data.info = (nss_cache_info const *)mdata;
710 cache_data_p = &cache_data;
712 va_start(ap, defaults);
713 if (cache_data.info->id_func != NULL)
714 result = __nss_common_cache_read(retval,
716 else if (cache_data.info->marshal_func != NULL)
717 result = __nss_mp_cache_read(retval,
720 result = __nss_mp_cache_end(retval,
726 va_start(ap, defaults);
727 result = method(retval, mdata, ap);
730 #else /* NS_CACHING */
732 va_start(ap, defaults);
733 result = method(retval, mdata, ap);
735 #endif /* NS_CACHING */
737 if (result & (srclist[i].flags))
740 if (fb_method != NULL) {
741 saved_depth = st->fallback_depth;
742 st->fallback_depth = st->dispatch_depth + 1;
743 va_start(ap, defaults);
744 result = fb_method(retval,
745 (void *)srclist[i].name, ap);
747 st->fallback_depth = saved_depth;
749 nss_log(LOG_DEBUG, "%s, %s, %s, not found, "
750 "and no fallback provided",
751 srclist[i].name, database, method_name);
756 if (cache_data_p != NULL &&
757 (result & (NS_NOTFOUND | NS_SUCCESS)) && cache_flag == 0) {
758 va_start(ap, defaults);
759 if (result == NS_SUCCESS) {
760 if (cache_data.info->id_func != NULL)
761 __nss_common_cache_write(retval, cache_data_p,
763 else if (cache_data.info->marshal_func != NULL)
764 __nss_mp_cache_write(retval, cache_data_p, ap);
765 } else if (result == NS_NOTFOUND) {
766 if (cache_data.info->id_func == NULL) {
767 if (cache_data.info->marshal_func != NULL)
768 __nss_mp_cache_write_submit(retval,
771 __nss_common_cache_write_negative(cache_data_p);
775 #endif /* NS_CACHING */
778 (void)_pthread_rwlock_unlock(&nss_lock);
779 --st->dispatch_depth;