From owner-p4-projects@FreeBSD.ORG Fri Nov 10 13:40:17 2006 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 7502116A417; Fri, 10 Nov 2006 13:40:17 +0000 (UTC) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4CC6916A40F for ; Fri, 10 Nov 2006 13:40:17 +0000 (UTC) (envelope-from bushman@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id E836F43D45 for ; Fri, 10 Nov 2006 13:40:16 +0000 (GMT) (envelope-from bushman@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id kAADeGNc021775 for ; Fri, 10 Nov 2006 13:40:16 GMT (envelope-from bushman@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.6/8.13.4/Submit) id kAADeGVN021772 for perforce@freebsd.org; Fri, 10 Nov 2006 13:40:16 GMT (envelope-from bushman@freebsd.org) Date: Fri, 10 Nov 2006 13:40:16 GMT Message-Id: <200611101340.kAADeGVN021772@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to bushman@freebsd.org using -f From: Michael Bushkov To: Perforce Change Reviews Cc: Subject: PERFORCE change 109682 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Nov 2006 13:40:17 -0000 http://perforce.freebsd.org/chv.cgi?CH=109682 Change 109682 by bushman@bushman_nss_ldap_cached on 2006/11/10 13:40:14 + more diagnostic log messages added - should be useful when setting up an LDAP environment Affected files ... .. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_group.c#16 edit .. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_passwd.c#17 edit .. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_serv.c#13 edit .. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconf.c#17 edit .. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/nss_ldap.c#18 edit .. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/nss_ldap.h#14 edit Differences ... ==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_group.c#16 (text+ko) ==== @@ -101,22 +101,20 @@ static int __pg_ht_item_cmp_func(const void *, const void *); static hashtable_index_t __pg_ht_item_hash_func(const void *, size_t); HASHTABLE_PROTOTYPE(__pg_ht, __pg_he, struct processed_group); - + +static int ldap_getgrnam_r(const char *, struct group *, char *, size_t, + struct group **); +static int ldap_getgrgid_r(gid_t, struct group *, char *, size_t, + struct group **); +static int ldap_getgrent_r(struct group *, char *, size_t, struct group **); +static void ldap_setgrent(); static int nss_ldap_map_group_dn(struct nss_ldap_search_context *, char const *, char **, size_t *, char *, size_t, void *); +static int nss_ldap_parse_group(struct nss_ldap_parse_context *); static int nss_ldap_parse_nested_group(struct nss_ldap_search_context *, char const *, struct map_group_dn_request *, char ***, size_t *, size_t *, char *, size_t); - -static int nss_ldap_parse_group(struct nss_ldap_parse_context *); static void nss_ldap_destroy_group_ctx(struct nss_ldap_parse_context *); - -static int ldap_getgrnam_r(const char *, struct group *, char *, size_t, - struct group **); -static int ldap_getgrgid_r(gid_t, struct group *, char *, size_t, - struct group **); -static int ldap_getgrent_r(struct group *, char *, size_t, struct group **); -static void ldap_setgrent(); static int __mu_ht_item_cmp_func(const void *p1, const void *p2) @@ -458,23 +456,36 @@ rv = __nss_ldap_assign_attr_gid(sctx, _ATM(schema, GROUP, gidNumber), &grp->gr_gid); - if (rv != NSS_LDAP_SUCCESS) + if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN, "nss_ldap_parse_group: " + "can't assign %s, error %d (%s)", + _ATM(schema, GROUP, gidNumber), rv, __nss_ldap_err2str(rv)); goto errfin; + } //printf("__ %s %d\n", __FILE__, __LINE__); rv = __nss_ldap_assign_rdn_str(sctx, _ATM(schema, GROUP, cn), &grp->gr_name, &len, buf, rbuf - buf); - if (rv != NSS_LDAP_SUCCESS) + if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN, "nss_ldap_parse_group: " + "can't assign %s, error %d (%s)", + _ATM(schema, GROUP, cn), rv, __nss_ldap_err2str(rv)); goto errfin; + } // printf("__ %s %d %s\n", __FILE__, __LINE__, grp->gr_name); buf += len; rv = __nss_ldap_assign_attr_password(sctx, _ATM(schema, GROUP, userPassword), &grp->gr_passwd, &len, buf, rbuf - buf); - if (rv != NSS_LDAP_SUCCESS) + if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN, "nss_ldap_parse_group: " + "can't assign %s, error %d (%s)", + _ATM(schema, GROUP, userPassword), rv, + __nss_ldap_err2str(rv)); goto errfin; + } buf += len; grp->gr_mem = NULL; @@ -491,6 +502,11 @@ buf += len; grp->gr_mem = res; + + __nss_ldap_log(NSS_LDAP_LL_WARN_INT, "nss_ldap_parse_group: " + "can't assign %s, error %d (%s)", + _ATM(schema, GROUP, memberUid), rv, + __nss_ldap_err2str(rv)); } if (gmdata == NULL) { @@ -591,7 +607,12 @@ // printf("__ %s %d %d %d %d\n", __FILE__, __LINE__, memlen, len, buflen); // for (cp = res; *cp; ++cp) // printf("__ %s %d %s\n", __FILE__, __LINE__, *cp); - } + } else + __nss_ldap_log(NSS_LDAP_LL_WARN_INT, + "nss_ldap_parse_group: can't assign %s, error %d (%s)", + _ATM(schema, GROUP, uniqueMember), rv, + __nss_ldap_err2str(rv)); + // char **cp; // for (cp = grp->gr_mem; *cp; ++cp) { @@ -617,6 +638,13 @@ } sl_free(dnreq.next_requests, 0); + + if (rv != NSS_LDAP_SUCCESS) + __nss_ldap_log(NSS_LDAP_LL_WARN, + "nss_ldap_parse_group: can't assign %s and %s, error %d (%s)", + _ATM(schema, GROUP, memberUid), + _ATM(schema, GROUP, uniqueMember), rv, + __nss_ldap_err2str(rv)); errfin: // printf("__ %s %d %d\n", __FILE__, __LINE__, rv); return (rv); @@ -634,11 +662,9 @@ struct processed_group *group_hash_data; assert(pctx != NULL); - printf("%s %d\n", __FILE__, __LINE__); if (pctx->mdata_ext != NULL) { gmdata = pctx->mdata_ext; - printf("%s %d\n", __FILE__, __LINE__); if (gmdata->users != NULL) { HASHTABLE_FOREACH(gmdata->users, user_hash_entry) { HASHTABLE_ENTRY_FOREACH(user_hash_entry, data, @@ -651,10 +677,8 @@ } HASHTABLE_DESTROY(gmdata->users, data); free(gmdata->users); - printf("%s %d\n", __FILE__, __LINE__); } - printf("%s %d\n", __FILE__, __LINE__); if (gmdata->groups != NULL) { HASHTABLE_FOREACH(gmdata->groups, group_hash_entry) { HASHTABLE_ENTRY_FOREACH(group_hash_entry, data, @@ -665,7 +689,6 @@ } HASHTABLE_DESTROY(gmdata->groups, data); free(gmdata->groups); - printf("%s %d\n", __FILE__, __LINE__); } free(gmdata); @@ -688,6 +711,8 @@ __nss_ldap_format_filter(fmt, NSS_LDAP_FILTER_ARGS_STR, filter, sizeof(filter), name); + __nss_ldap_log(NSS_LDAP_LL_DEBUG, "ldap_getgrnam_r: doing ldap query " + "with filter: %s", filter); rv = __nss_ldap_getby(NSS_LDAP_MAP_GROUP, filter, (void *)grp, buffer, bufsize, nss_ldap_parse_group, nss_ldap_destroy_group_ctx); @@ -714,6 +739,8 @@ __nss_ldap_format_filter(fmt, NSS_LDAP_FILTER_ARGS_GID, filter, sizeof(filter), gid); + __nss_ldap_log(NSS_LDAP_LL_DEBUG, "ldap_getgrgid_r: doing ldap query " + "with filter: %s", filter); rv = __nss_ldap_getby(NSS_LDAP_MAP_GROUP, filter, (void *)grp, buffer, bufsize, nss_ldap_parse_group, nss_ldap_destroy_group_ctx); @@ -736,6 +763,8 @@ if (filter == NULL) return (NS_UNAVAIL); + __nss_ldap_log(NSS_LDAP_LL_DEBUG, "ldap_getgrent_r: doing ldap query " + "with filter: %s", filter); rv = __nss_ldap_getent(NSS_LDAP_MAP_GROUP, filter, (void *)grp, buffer, bufsize, nss_ldap_parse_group, nss_ldap_destroy_group_ctx); ==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_passwd.c#17 (text+ko) ==== @@ -43,15 +43,98 @@ #include "ldapconf.h" #include "nss_ldap.h" -static int nss_ldap_parse_passwd(struct nss_ldap_parse_context *); - static int ldap_getpwnam_r(const char *, struct passwd *, char *, size_t, struct passwd **); static int ldap_getpwuid_r(uid_t, struct passwd *, char *, size_t, struct passwd **); static int ldap_getpwent_r(struct passwd *, char *, size_t, struct passwd **); static void ldap_setpwent(); +static int nss_ldap_parse_passwd(struct nss_ldap_parse_context *); +static int +ldap_getpwnam_r(const char *name, struct passwd *pwd, + char *buffer, size_t bufsize, struct passwd **result) +{ + char filter[NSS_LDAP_FILTER_MAX_SIZE]; + char const *fmt; + int rv; + + fmt = __nss_ldap_get_schema_filter(&__nss_ldap_conf->schema, + NSS_LDAP_FILTER_GETPWNAM); + if (fmt == NULL) + return (NS_UNAVAIL); + + __nss_ldap_format_filter(fmt, NSS_LDAP_FILTER_ARGS_STR, filter, + sizeof(filter), name); + + __nss_ldap_log(NSS_LDAP_LL_DEBUG, "ldap_getpwnam_r: doing ldap query " + "with filter: %s", filter); + rv = __nss_ldap_getby(NSS_LDAP_MAP_PASSWD, filter, (void *)pwd, + buffer, bufsize, nss_ldap_parse_passwd, NULL); + + if (rv == NS_SUCCESS) + *result = pwd; + + return (rv); +} + +static int +ldap_getpwuid_r(uid_t uid, struct passwd *pwd, + char *buffer, size_t bufsize, struct passwd **result) +{ + char filter[NSS_LDAP_FILTER_MAX_SIZE]; + char const *fmt; + int rv; + + fmt = __nss_ldap_get_schema_filter(&__nss_ldap_conf->schema, + NSS_LDAP_FILTER_GETPWUID); + if (fmt == NULL) + return (NS_UNAVAIL); + + __nss_ldap_format_filter(fmt, NSS_LDAP_FILTER_ARGS_UID, filter, + sizeof(filter), uid); + + __nss_ldap_log(NSS_LDAP_LL_DEBUG, "ldap_getpwuid_r: doing ldap query " + "with filter: %s", filter); + rv = __nss_ldap_getby(NSS_LDAP_MAP_PASSWD, filter, (void *)pwd, + buffer, bufsize, nss_ldap_parse_passwd, NULL); + + if (rv == NS_SUCCESS) + *result = pwd; + + return (rv); +} + +static int +ldap_getpwent_r(struct passwd *pwd, char *buffer, size_t bufsize, + struct passwd **result) +{ + char const *filter; + int rv; + + filter = __nss_ldap_get_schema_filter(&__nss_ldap_conf->schema, + NSS_LDAP_FILTER_GETPWENT); + if (filter == NULL) + return (NS_UNAVAIL); + + __nss_ldap_log(NSS_LDAP_LL_DEBUG, "ldap_getpwent_r: doing ldap query " + "with filter: %s", filter); + rv = __nss_ldap_getent(NSS_LDAP_MAP_PASSWD, filter, (void *)pwd, + buffer, bufsize, nss_ldap_parse_passwd, NULL); + + if (rv == NS_SUCCESS) + *result = pwd; + + return (rv); +} + +static void +ldap_setpwent() +{ + + __nss_ldap_setent(NSS_LDAP_MAP_PASSWD); +} + static int nss_ldap_parse_passwd(struct nss_ldap_parse_context *pctx) { @@ -74,24 +157,40 @@ schema = &sctx->conf->schema; if ((__nss_ldap_check_oc(sctx, "shadowAccount") == NSS_LDAP_SUCCESS) - || (geteuid() != 0)) - rv = __nss_ldap_assign_str("*", &pwd->pw_dir, &len, buf, + || (geteuid() != 0)) { + rv = __nss_ldap_assign_str("*", &pwd->pw_passwd, &len, buf, buflen); - else + if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN, "nss_ldap_parse_passwd: " + "can't assign '*' as the password, error %d (%s)", + rv, __nss_ldap_err2str(rv)); + goto errfin; + } + } else { rv = __nss_ldap_assign_attr_password(sctx, _ATM(schema, PASSWD, userPassword), &pwd->pw_passwd, &len, buf, buflen); + if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN, "nss_ldap_parse_passwd: " + "can't assign %s, error %d (%s)", + _ATM(schema, PASSWD, userPassword), rv, + __nss_ldap_err2str(rv)); + goto errfin; + } + } - if (rv != NSS_LDAP_SUCCESS) - goto errfin; buflen -= len; buf += len; rv = __nss_ldap_assign_attr_str(sctx, _ATM(schema, PASSWD, uid), &pwd->pw_name, &len, buf, buflen); - if (rv != NSS_LDAP_SUCCESS) + if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN, "nss_ldap_parse_passwd: ", + "can't assign %s, error %d (%s)", + _ATM(schema, PASSWD, uid), rv, __nss_ldap_err2str(rv)); goto errfin; + } buflen -= len; buf += len; @@ -99,169 +198,154 @@ _ATM(schema, PASSWD, gecos), &pwd->pw_gecos, &len, buf, buflen); if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN_INT, "nss_ldap_parse_passwd: ", + "can't assign %s, error %d (%s), falling back to %s", + _ATM(schema, PASSWD, gecos), rv, + __nss_ldap_err2str(rv), _ATM(schema, PASSWD, cn)); pwd->pw_gecos = NULL; rv = __nss_ldap_assign_attr_str(sctx, _ATM(schema, PASSWD, cn), &pwd->pw_gecos, &len, buf, buflen); + + if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN, "nss_ldap_parse_passwd: ", + "can't assign %s, error %d (%s)", + _ATM(schema, PASSWD, cn), rv, __nss_ldap_err2str(rv)); + goto errfin; + } } - if (rv != NSS_LDAP_SUCCESS) - goto errfin; buflen -= len; buf += len; rv = __nss_ldap_assign_attr_str(sctx, _ATM(schema, PASSWD, homeDirectory), &pwd->pw_dir, &len, buf, buflen); - if (rv != NSS_LDAP_SUCCESS) + if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN_INT, "nss_ldap_parse_passwd: ", + "can't assign %s, error %d (%s), falling back to empty " + "value", _ATM(schema, PASSWD, homeDirectory), rv, + __nss_ldap_err2str(rv)); rv = __nss_ldap_assign_str("", &pwd->pw_dir, &len, buf, buflen); - if (rv != NSS_LDAP_SUCCESS) - goto errfin; + if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN, "nss_ldap_parse_passwd: ", + "can't assign empty value as home directory, " + "error %d (%s)", rv, __nss_ldap_err2str(rv)); + goto errfin; + } + } buflen -= len; buf += len; rv = __nss_ldap_assign_attr_str(sctx, _ATM(schema, PASSWD, loginShell), &pwd->pw_shell, &len, buf, buflen); - if (rv != NSS_LDAP_SUCCESS) + if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN_INT, "nss_ldap_parse_passwd: ", + "can't assign %s, error %d (%s), falling back to empty " + "value", _ATM(schema, PASSWD, loginShell), rv, + __nss_ldap_err2str(rv)); + rv = __nss_ldap_assign_str("", &pwd->pw_shell, &len, buf, buflen); - if (rv != NSS_LDAP_SUCCESS) - goto errfin; + if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN, "nss_ldap_parse_passwd: ", + "can't assign empty value as user shell, " + "error %d (%s)", rv, __nss_ldap_err2str(rv)); + goto errfin; + } + } buflen -= len; buf += len; rv = __nss_ldap_assign_attr_str(sctx, _ATM(schema, PASSWD, loginClass), &pwd->pw_class, &len, buf, buflen); - if (rv != NSS_LDAP_SUCCESS) + if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN_INT, "nss_ldap_parse_passwd: ", + "can't assign %s, error %d (%s), falling back to empty " + "value", _ATM(schema, PASSWD, loginClass), rv, + __nss_ldap_err2str(rv)); + rv = __nss_ldap_assign_str("", &pwd->pw_class, &len, buf, buflen); - if (rv != NSS_LDAP_SUCCESS) - goto errfin; + if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN, "nss_ldap_parse_passwd: ", + "can't assign empty value as login class, " + "error %d (%s)", rv, __nss_ldap_err2str(rv)); + goto errfin; + } + } buflen -= len; buf += len; rv = __nss_ldap_assign_attr_uid(sctx, _ATM(schema, PASSWD, uidNumber), &pwd->pw_uid); - if (rv != NSS_LDAP_SUCCESS) + if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN, "nss_ldap_parse_passwd: ", + "can't assign %s, error %d (%s)", + _ATM(schema, PASSWD, uidNumber), rv, __nss_ldap_err2str(rv)); goto errfin; + } rv = __nss_ldap_assign_attr_gid(sctx, _ATM(schema, PASSWD, gidNumber), &pwd->pw_gid); - if (rv != NSS_LDAP_SUCCESS) + if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN, "nss_ldap_parse_passwd: ", + "can't assign %s, error %d (%s)", + _ATM(schema, PASSWD, gidNumber), rv, + __nss_ldap_err2str(rv)); goto errfin; + } rv = __nss_ldap_assign_attr_time(sctx, _ATM(schema, PASSWD, shadowMax), &pwd->pw_change); if (rv == NSS_LDAP_SUCCESS) pwd->pw_change *= 24*60*60; - else + else { + __nss_ldap_log(NSS_LDAP_LL_WARN_INT, "nss_ldap_parse_passwd: ", + "can't assign %s, error %d (%s)", + _ATM(schema, PASSWD, shadowMax), rv, + __nss_ldap_err2str(rv)); pwd->pw_change = 0; + } if (pwd->pw_change > 0) { rv = __nss_ldap_assign_attr_time(sctx, _ATM(schema, PASSWD, shadowLastChange), &temp_time); if (rv == NSS_LDAP_SUCCESS) pwd->pw_change += temp_time; - else + else { pwd->pw_change = 0; + __nss_ldap_log(NSS_LDAP_LL_WARN_INT, + "nss_ldap_parse_passwd: ", + "can't assign %s, error %d (%s)", + _ATM(schema, PASSWD, shadowLastChange), rv, + __nss_ldap_err2str(rv)); + } } rv = __nss_ldap_assign_attr_time(sctx, _ATM(schema, PASSWD, shadowExpire), &pwd->pw_expire); if (rv == NSS_LDAP_SUCCESS) pwd->pw_expire *= 24*60*60; - else + else { pwd->pw_expire = 0; + __nss_ldap_log(NSS_LDAP_LL_WARN_INT, + "nss_ldap_parse_passwd: ", + "can't assign %s, error %d (%s)", + _ATM(schema, PASSWD, shadowExpire), rv, + __nss_ldap_err2str(rv)); + } rv = NSS_LDAP_SUCCESS; errfin: return (rv); } -static int -ldap_getpwnam_r(const char *name, struct passwd *pwd, - char *buffer, size_t bufsize, struct passwd **result) -{ - char filter[NSS_LDAP_FILTER_MAX_SIZE]; - char const *fmt; - int rv; - - fmt = __nss_ldap_get_schema_filter(&__nss_ldap_conf->schema, - NSS_LDAP_FILTER_GETPWNAM); - if (fmt == NULL) - return (NS_UNAVAIL); - - __nss_ldap_format_filter(fmt, NSS_LDAP_FILTER_ARGS_STR, filter, - sizeof(filter), name); - - rv = __nss_ldap_getby(NSS_LDAP_MAP_PASSWD, filter, (void *)pwd, - buffer, bufsize, nss_ldap_parse_passwd, NULL); - - if (rv == NS_SUCCESS) - *result = pwd; - - return (rv); -} - -static int -ldap_getpwuid_r(uid_t uid, struct passwd *pwd, - char *buffer, size_t bufsize, struct passwd **result) -{ - char filter[NSS_LDAP_FILTER_MAX_SIZE]; - char const *fmt; - int rv; - - fmt = __nss_ldap_get_schema_filter(&__nss_ldap_conf->schema, - NSS_LDAP_FILTER_GETPWUID); - if (fmt == NULL) - return (NS_UNAVAIL); - - __nss_ldap_format_filter(fmt, NSS_LDAP_FILTER_ARGS_UID, filter, - sizeof(filter), uid); - - rv = __nss_ldap_getby(NSS_LDAP_MAP_PASSWD, filter, (void *)pwd, - buffer, bufsize, nss_ldap_parse_passwd, NULL); - - if (rv == NS_SUCCESS) - *result = pwd; - - return (rv); -} - -static int -ldap_getpwent_r(struct passwd *pwd, char *buffer, size_t bufsize, - struct passwd **result) -{ - char const *filter; - int rv; - - filter = __nss_ldap_get_schema_filter(&__nss_ldap_conf->schema, - NSS_LDAP_FILTER_GETPWENT); - if (filter == NULL) - return (NS_UNAVAIL); - - rv = __nss_ldap_getent(NSS_LDAP_MAP_PASSWD, filter, (void *)pwd, - buffer, bufsize, nss_ldap_parse_passwd, NULL); - - if (rv == NS_SUCCESS) - *result = pwd; - - return (rv); -} - -static void -ldap_setpwent() -{ - - __nss_ldap_setent(NSS_LDAP_MAP_PASSWD); -} - - int __ldap_setpwent(void *retval, void *mdata, va_list ap) { ==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldap_serv.c#13 (text+ko) ==== @@ -57,9 +57,6 @@ ssize_t offset; size_t count; }; - -static int nss_ldap_parse_servent(struct nss_ldap_parse_context *); -static void nss_ldap_destroy_servent_ctx(struct nss_ldap_parse_context *); static int ldap_getservbyname_r(const char *, const char *, struct servent *, char *, size_t, struct servent **); @@ -68,8 +65,126 @@ static int ldap_getservent_r(struct servent *, char *, size_t, struct servent **); static void ldap_setservent(); +static int nss_ldap_parse_servent(struct nss_ldap_parse_context *); +static void nss_ldap_destroy_servent_ctx(struct nss_ldap_parse_context *); + +static int +ldap_getservbyname_r(const char *name, const char *proto, struct servent *serv, + char *buffer, size_t bufsize, struct servent **result) +{ + char filter[NSS_LDAP_FILTER_MAX_SIZE]; + struct services_mdata mdata; + char const *fmt; + int rv; + + fmt = __nss_ldap_get_schema_filter(&__nss_ldap_conf->schema, + NSS_LDAP_FILTER_GETSERVBYNAME); + if (fmt == NULL) + return (NS_UNAVAIL); + + if (proto != NULL) + __nss_ldap_format_filter(fmt, NSS_LDAP_FILTER_ARGS_STR_STR, filter, + sizeof(filter), name, proto); + else + __nss_ldap_format_filter(fmt, NSS_LDAP_FILTER_ARGS_STR_ANY, filter, + sizeof(filter), name); + + __nss_ldap_log(NSS_LDAP_LL_DEBUG, + "ldap_getservbyport_r: doing ldap query with filter: %s", filter); + + memset(&mdata, 0, sizeof(struct services_mdata)); + mdata.serv = serv; + mdata.proto = proto; + mdata.type = NSS_LDAP_SERVICES_BY_KEY; + + rv = __nss_ldap_getby(NSS_LDAP_MAP_SERVICES, filter, + (void *)&mdata, buffer, bufsize, + nss_ldap_parse_servent, NULL); + + if (rv == NS_SUCCESS) + *result = serv; + + return (rv); +} + +static int +ldap_getservbyport_r(int port, const char *proto, struct servent *serv, + char *buffer, size_t bufsize, struct servent **result) +{ + char filter[NSS_LDAP_FILTER_MAX_SIZE]; + struct services_mdata mdata; + char const *fmt; + int rv; + + fmt = __nss_ldap_get_schema_filter(&__nss_ldap_conf->schema, + NSS_LDAP_FILTER_GETSERVBYPORT); + if (fmt == NULL) + return (NS_UNAVAIL); + + if (proto != NULL) + __nss_ldap_format_filter(fmt, NSS_LDAP_FILTER_ARGS_INT_STR, filter, + sizeof(filter), htons(port), proto); + else + __nss_ldap_format_filter(fmt, NSS_LDAP_FILTER_ARGS_INT_ANY, filter, + sizeof(filter), htons(port)); + + __nss_ldap_log(NSS_LDAP_LL_DEBUG, + "ldap_getservbyport_r: doing ldap query with filter: %s", filter); + + memset(&mdata, 0, sizeof(struct services_mdata)); + mdata.serv = serv; + mdata.proto = proto; + mdata.type = NSS_LDAP_SERVICES_BY_KEY; + + rv = __nss_ldap_getby(NSS_LDAP_MAP_SERVICES, filter, + (void *)&mdata, buffer, bufsize, + nss_ldap_parse_servent, NULL); + + printf("== %d\n", rv); + if (rv == NS_SUCCESS) + *result = serv; + + return (rv); +} static int +ldap_getservent_r(struct servent *serv, char *buffer, size_t bufsize, + struct servent **result) +{ + struct services_mdata mdata; + char const *filter; + int rv; + + filter = __nss_ldap_get_schema_filter(&__nss_ldap_conf->schema, + NSS_LDAP_FILTER_GETSERVENT); + if (filter == NULL) + return (NS_UNAVAIL); + + __nss_ldap_log(NSS_LDAP_LL_DEBUG, "ldap_getservent_r: doing ldap query " + "with filter: %s", filter); + + memset(&mdata, 0, sizeof(struct services_mdata)); + mdata.serv = serv; + mdata.type = NSS_LDAP_SERVICES_ALL; + + rv = __nss_ldap_getent(NSS_LDAP_MAP_SERVICES, filter, (void *)&mdata, + buffer, bufsize, nss_ldap_parse_servent, + nss_ldap_destroy_servent_ctx); + + if (rv == NS_SUCCESS) + *result = serv; + + return (rv); +} + +static void +ldap_setservent() +{ + + __nss_ldap_setent(NSS_LDAP_MAP_SERVICES); +} + +static int nss_ldap_parse_servent(struct nss_ldap_parse_context *pctx) { struct nss_ldap_schema *schema; @@ -99,16 +214,29 @@ if (serv_mdata->proto != NULL) { rv = __nss_ldap_assign_str(serv_mdata->proto, &serv->s_proto, &len, buf, buflen); - if (rv != NSS_LDAP_SUCCESS) - goto errfin; + if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN, + "nss_ldap_parse_servent: can't assign " + "'%s', as the protocol, error %d (%s)", + serv_mdata->proto, rv, + __nss_ldap_err2str(rv)); + + goto errfin; + } buflen -= len; buf += len; } else { rv = __nss_ldap_assign_attr_str(sctx, _ATM(schema, SERVICES, ipServiceProtocol), &serv->s_proto, &len, buf, buflen); - if (rv != NSS_LDAP_SUCCESS) + if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN, + "nss_ldap_parse_servent: can't assign %s, " + "error %d (%s)", + _ATM(schema, SERVICES, ipServiceProtocol), + rv, __nss_ldap_err2str(rv)); goto errfin; + } buflen -= len; buf += len; } @@ -132,8 +260,14 @@ _ATM(schema, SERVICES, ipServiceProtocol), serv_mdata_ext->offset, &serv_mdata_ext->count, &serv->s_proto, &len, buf, buflen); - if (rv != NSS_LDAP_SUCCESS) + if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN, + "nss_ldap_parse_servent: can't assign %s" + " values number, error %d (%s)", + _ATM(schema, SERVICES, ipServiceProtocol), + rv, __nss_ldap_err2str(rv)); goto errfin; + } serv_mdata_ext->offset = 0; } @@ -143,6 +277,15 @@ _ATM(schema, SERVICES, ipServiceProtocol), serv_mdata_ext->offset, NULL, &serv->s_proto, &len, buf, buflen); + if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN, + "nss_ldap_parse_servent: can't assign %s" + " value number #%d of %d, error %d (%s)", + _ATM(schema, SERVICES, ipServiceProtocol), + serv_mdata_ext->offset, + serv_mdata_ext->count, + rv, __nss_ldap_err2str(rv)); + } if (++serv_mdata_ext->offset >= serv_mdata_ext->count) { serv_mdata_ext->offset = -1; @@ -165,8 +308,14 @@ rv = __nss_ldap_assign_rdn_str(sctx, _ATM(schema, SERVICES, cn), &serv->s_name, &len, buf, buflen); - if (rv != NSS_LDAP_SUCCESS) + if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN, + "nss_ldap_parse_servent: can't assign %s part of the rdn, " + "error %d (%s)", + _ATM(schema, SERVICES, cn), + rv, __nss_ldap_err2str(rv)); goto errfin; + } buflen -= len; buf += len; @@ -174,8 +323,14 @@ rv = __nss_ldap_assign_attr_multi_str(sctx, _ATM(schema, SERVICES, cn), &serv->s_aliases, &memlen, &len, buf, buflen); - if (rv != NSS_LDAP_SUCCESS) + if (rv != NSS_LDAP_SUCCESS) { + __nss_ldap_log(NSS_LDAP_LL_WARN, + "nss_ldap_parse_servent: can't assign %s, " + "error %d (%s)", + _ATM(schema, SERVICES, cn), + rv, __nss_ldap_err2str(rv)); goto errfin; + } buflen -= len; buf += len; @@ -184,9 +339,15 @@ &serv->s_port); if (rv == NSS_LDAP_SUCCESS) serv->s_port = ntohs(serv->s_port); - + else + __nss_ldap_log(NSS_LDAP_LL_WARN, + "nss_ldap_parse_servent: can't assign %s, " + "error %d (%s)", + _ATM(schema, SERVICES, ipServicePort), + rv, __nss_ldap_err2str(rv)); + errfin: - return (rv); + return (rv); } static void @@ -197,116 +358,10 @@ free(pctx->mdata_ext); } -static int -ldap_getservbyname_r(const char *name, const char *proto, struct servent *serv, - char *buffer, size_t bufsize, struct servent **result) -{ - char filter[NSS_LDAP_FILTER_MAX_SIZE]; - struct services_mdata mdata; - char const *fmt; - int rv; - - fmt = __nss_ldap_get_schema_filter(&__nss_ldap_conf->schema, - NSS_LDAP_FILTER_GETSERVBYNAME); - if (fmt == NULL) - return (NS_UNAVAIL); - - if (proto != NULL) - __nss_ldap_format_filter(fmt, NSS_LDAP_FILTER_ARGS_STR_STR, filter, - sizeof(filter), name, proto); - else - __nss_ldap_format_filter(fmt, NSS_LDAP_FILTER_ARGS_STR_ANY, filter, - sizeof(filter), name); - - memset(&mdata, 0, sizeof(struct services_mdata)); - mdata.serv = serv; - mdata.proto = proto; - mdata.type = NSS_LDAP_SERVICES_BY_KEY; - - rv = __nss_ldap_getby(NSS_LDAP_MAP_SERVICES, filter, - (void *)&mdata, buffer, bufsize, - nss_ldap_parse_servent, NULL); - - if (rv == NS_SUCCESS) - *result = serv; - - return (rv); -} - -static int -ldap_getservbyport_r(int port, const char *proto, struct servent *serv, - char *buffer, size_t bufsize, struct servent **result) -{ - char filter[NSS_LDAP_FILTER_MAX_SIZE]; - struct services_mdata mdata; - char const *fmt; - int rv; - - fmt = __nss_ldap_get_schema_filter(&__nss_ldap_conf->schema, - NSS_LDAP_FILTER_GETSERVBYPORT); - if (fmt == NULL) - return (NS_UNAVAIL); - - if (proto != NULL) - __nss_ldap_format_filter(fmt, NSS_LDAP_FILTER_ARGS_INT_STR, filter, - sizeof(filter), htons(port), proto); - else - __nss_ldap_format_filter(fmt, NSS_LDAP_FILTER_ARGS_INT_ANY, filter, - sizeof(filter), htons(port)); - - memset(&mdata, 0, sizeof(struct services_mdata)); - mdata.serv = serv; - mdata.proto = proto; - mdata.type = NSS_LDAP_SERVICES_BY_KEY; - - rv = __nss_ldap_getby(NSS_LDAP_MAP_SERVICES, filter, - (void *)&mdata, buffer, bufsize, - nss_ldap_parse_servent, NULL); - - printf("== %d\n", rv); - if (rv == NS_SUCCESS) - *result = serv; - - return (rv); -} - -static int -ldap_getservent_r(struct servent *serv, char *buffer, size_t bufsize, - struct servent **result) -{ - struct services_mdata mdata; - char const *filter; - int rv; - - filter = __nss_ldap_get_schema_filter(&__nss_ldap_conf->schema, - NSS_LDAP_FILTER_GETSERVENT); - if (filter == NULL) - return (NS_UNAVAIL); - - memset(&mdata, 0, sizeof(struct services_mdata)); - mdata.serv = serv; - mdata.type = NSS_LDAP_SERVICES_ALL; - - rv = __nss_ldap_getent(NSS_LDAP_MAP_SERVICES, filter, (void *)&mdata, - buffer, bufsize, nss_ldap_parse_servent, - nss_ldap_destroy_servent_ctx); - - if (rv == NS_SUCCESS) - *result = serv; - - return (rv); -} - -static void -ldap_setservent() -{ - - __nss_ldap_setent(NSS_LDAP_MAP_SERVICES); -} - int __ldap_setservent(void *retval, void *mdata, va_list ap) { + if (__nss_ldap_configure() != NSS_LDAP_SUCCESS) return (NS_UNAVAIL); ==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconf.c#17 (text+ko) ==== @@ -322,6 +322,11 @@ char *str; int i, rv, value; + /* + * We ensure compatibility with PADL, but define, where appropriate, + * aliases for configuration keywords - in hope that with these + * aliases configuration file will look more consistent. + */ switch (fields[0][0]) { case 'b': case 'B': @@ -400,20 +405,14 @@ /* NOTE: we'd probably better use * NSS_LDAP_PROTO_VERSION_2 and * NSS_LDAP_PROTO_VERSION_3 constants here */ - if (strcasecmp(fields[0], "ldap-version") == 0) { + if ((strcasecmp(fields[0], "ldap-version") == 0) || + (strcasecmp(fields[0], "ldap_version") == 0)) { if ((field_count == 2) && (get_number(fields[1], 2, 3, &value) == NSS_LDAP_SUCCESS)) { conf->proto_version = value; return (NSS_LDAP_SUCCESS); } - } else if (strcasecmp(fields[0], "logdir") == 0) { - if (field_count == 2) { - free(conf->logdir); - conf->logdir = strdup(fields[1]); - if (conf->logdir != NULL) - return (NSS_LDAP_SUCCESS); - } } break; case 'n': @@ -445,7 +444,8 @@ return (NSS_LDAP_SUCCESS);; >>> TRUNCATED FOR MAIL (1000 lines) <<<