Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 3 Dec 1996 09:55:51 -0800 (PST)
From:      Bill Paul <wpaul>
To:        CVS-committers, cvs-all, cvs-lib
Subject:   cvs commit:  src/lib/libc/gen getpwent.c
Message-ID:  <199612031755.JAA02153@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 
wpaul       96/12/03 09:55:51

  Modified:    lib/libc/gen  getpwent.c
  Log:
  Add support for detecting and hopefully using the passwd.adjunct.byname
  NIS map which is present on SunOS NIS servers with the SunOS C2 security
  hack^Woption installed. I'm convinced that the C2 security option restricts
  access to the passwd.adjunct.byname map in the same way that I restrict
  access to the master.passwd.{byname,buid} maps (checking for reserved ports),
  which means that we should be able to handle passwd.adjunct.byname map
  correctly.
  
  If _havemaster() doesn't find a master.passwd.byname map, it will now
  test for a passwd.adjunct.byname map before defaulting back to the
  standard non-shadowed passwd.{byname,byuid} maps. If _pw_breakout_yp()
  sees that the adjunct map was found and the password from the standard
  maps starts with ##, it will try to grab the correct password field
  from the adjunct map. As with the master.passwd maps, this only happens
  if the caller is root, so the shadowing feature is preserved; non-root
  users just get back ##username as the encrypted password.
  
  Note that all we do is grab the second field from the passwd.adjunct.byname
  entry, which is designated to be the real encrypted password. There are
  other auditing fields in the entry but they aren't of much use to us.
  
  Also switched back to using yp_order() to probe for the maps (instead
  of yp_first()). The original problem with yp_order() was that it barfed
  with NIS+ servers in YP compat mode since they don't support the
  YPPROC_ORDER procedure. This condition is handled a bit more gracefully
  in yplib now: we can detect the error and just punt on the probing.
  
  Revision  Changes    Path
  1.36      +65 -13    src/lib/libc/gen/getpwent.c

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199612031755.JAA02153>