]> sourceware.org Git - glibc.git/blob - nscd/pwdcache.c
git://sourceware.org / glibc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Update.
[glibc.git] / nscd / pwdcache.c
1 /* Cache handling for passwd lookup.
2 Copyright (C) 1998-2002, 2003, 2004 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
4 Contributed by Ulrich Drepper <drepper@cygnus.com>, 1998.
5
6 The GNU C Library is free software; you can redistribute it and/or
7 modify it under the terms of the GNU Lesser General Public
8 License as published by the Free Software Foundation; either
9 version 2.1 of the License, or (at your option) any later version.
10
11 The GNU C Library is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
15
16 You should have received a copy of the GNU Lesser General Public
17 License along with the GNU C Library; if not, write to the Free
18 Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
19 02111-1307 USA. */
20
21 #include <alloca.h>
22 #include <assert.h>
23 #include <errno.h>
24 #include <error.h>
25 #include <libintl.h>
26 #include <pwd.h>
27 #include <stdbool.h>
28 #include <stddef.h>
29 #include <stdio.h>
30 #include <stdlib.h>
31 #include <string.h>
32 #include <time.h>
33 #include <unistd.h>
34 #include <sys/mman.h>
35 #include <stackinfo.h>
36
37 #include "nscd.h"
38 #include "dbg_log.h"
39
40 /* This is the standard reply in case the service is disabled. */
41 static const pw_response_header disabled =
42 {
43 .version = NSCD_VERSION,
44 .found = -1,
45 .pw_name_len = 0,
46 .pw_passwd_len = 0,
47 .pw_uid = -1,
48 .pw_gid = -1,
49 .pw_gecos_len = 0,
50 .pw_dir_len = 0,
51 .pw_shell_len = 0
52 };
53
54 /* This is the struct describing how to write this record. */
55 const struct iovec pwd_iov_disabled =
56 {
57 .iov_base = (void *) &disabled,
58 .iov_len = sizeof (disabled)
59 };
60
61
62 /* This is the standard reply in case we haven't found the dataset. */
63 static const pw_response_header notfound =
64 {
65 .version = NSCD_VERSION,
66 .found = 0,
67 .pw_name_len = 0,
68 .pw_passwd_len = 0,
69 .pw_uid = -1,
70 .pw_gid = -1,
71 .pw_gecos_len = 0,
72 .pw_dir_len = 0,
73 .pw_shell_len = 0
74 };
75
76
77 static void
78 cache_addpw (struct database_dyn *db, int fd, request_header *req,
79 const void *key, struct passwd *pwd, uid_t owner,
80 struct hashentry *he, struct datahead *dh, int errval)
81 {
82 ssize_t total;
83 ssize_t written;
84 time_t t = time (NULL);
85
86 /* We allocate all data in one memory block: the iov vector,
87 the response header and the dataset itself. */
88 struct dataset
89 {
90 struct datahead head;
91 pw_response_header resp;
92 char strdata[0];
93 } *dataset;
94
95 assert (offsetof (struct dataset, resp) == offsetof (struct datahead, data));
96
97 if (pwd == NULL)
98 {
99 if (he != NULL && errval == EAGAIN)
100 {
101 /* If we have an old record available but cannot find one
102 now because the service is not available we keep the old
103 record and make sure it does not get removed. */
104 if (reload_count != UINT_MAX && dh->nreloads == reload_count)
105 /* Do not reset the value if we never not reload the record. */
106 dh->nreloads = reload_count - 1;
107
108 written = total = 0;
109 }
110 else
111 {
112 /* We have no data. This means we send the standard reply for this
113 case. */
114 written = total = sizeof (notfound);
115
116 if (fd != -1)
117 written = TEMP_FAILURE_RETRY (write (fd, &notfound, total));
118
119 dataset = mempool_alloc (db, sizeof (struct dataset) + req->key_len);
120 /* If we cannot permanently store the result, so be it. */
121 if (dataset != NULL)
122 {
123 dataset->head.allocsize = sizeof (struct dataset) + req->key_len;
124 dataset->head.recsize = total;
125 dataset->head.notfound = true;
126 dataset->head.nreloads = 0;
127 dataset->head.usable = true;
128
129 /* Compute the timeout time. */
130 dataset->head.timeout = t + db->negtimeout;
131
132 /* This is the reply. */
133 memcpy (&dataset->resp, &notfound, total);
134
135 /* Copy the key data. */
136 char *key_copy = memcpy (dataset->strdata, key, req->key_len);
137
138 /* Now get the lock to safely insert the records. */
139 pthread_rwlock_rdlock (&db->lock);
140
141 if (cache_add (req->type, key_copy, req->key_len,
142 &dataset->head, true, db, owner) < 0)
143 /* Ensure the data can be recovered. */
144 dataset->head.usable = false;
145
146
147 pthread_rwlock_unlock (&db->lock);
148
149 /* Mark the old entry as obsolete. */
150 if (dh != NULL)
151 dh->usable = false;
152 }
153 else
154 ++db->head->addfailed;
155 }
156 }
157 else
158 {
159 /* Determine the I/O structure. */
160 size_t pw_name_len = strlen (pwd->pw_name) + 1;
161 size_t pw_passwd_len = strlen (pwd->pw_passwd) + 1;
162 size_t pw_gecos_len = strlen (pwd->pw_gecos) + 1;
163 size_t pw_dir_len = strlen (pwd->pw_dir) + 1;
164 size_t pw_shell_len = strlen (pwd->pw_shell) + 1;
165 char *cp;
166 const size_t key_len = strlen (key);
167 const size_t buf_len = 3 * sizeof (pwd->pw_uid) + key_len + 1;
168 char *buf = alloca (buf_len);
169 ssize_t n;
170
171 /* We need this to insert the `byuid' entry. */
172 int key_offset;
173 n = snprintf (buf, buf_len, "%d%c%n%s", pwd->pw_uid, '\0',
174 &key_offset, (char *) key) + 1;
175
176 written = total = (sizeof (struct dataset) + pw_name_len + pw_passwd_len
177 + pw_gecos_len + pw_dir_len + pw_shell_len);
178
179 /* If we refill the cache, first assume the reconrd did not
180 change. Allocate memory on the cache since it is likely
181 discarded anyway. If it turns out to be necessary to have a
182 new record we can still allocate real memory. */
183 bool alloca_used = false;
184 dataset = NULL;
185
186 if (he == NULL)
187 {
188 dataset = (struct dataset *) mempool_alloc (db, total + n);
189 if (dataset == NULL)
190 ++db->head->addfailed;
191 }
192
193 if (dataset == NULL)
194 {
195 /* We cannot permanently add the result in the moment. But
196 we can provide the result as is. Store the data in some
197 temporary memory. */
198 dataset = (struct dataset *) alloca (total + n);
199
200 /* We cannot add this record to the permanent database. */
201 alloca_used = true;
202 }
203
204 dataset->head.allocsize = total + n;
205 dataset->head.recsize = total - offsetof (struct dataset, resp);
206 dataset->head.notfound = false;
207 dataset->head.nreloads = he == NULL ? 0 : (dh->nreloads + 1);
208 dataset->head.usable = true;
209
210 /* Compute the timeout time. */
211 dataset->head.timeout = t + db->postimeout;
212
213 dataset->resp.version = NSCD_VERSION;
214 dataset->resp.found = 1;
215 dataset->resp.pw_name_len = pw_name_len;
216 dataset->resp.pw_passwd_len = pw_passwd_len;
217 dataset->resp.pw_uid = pwd->pw_uid;
218 dataset->resp.pw_gid = pwd->pw_gid;
219 dataset->resp.pw_gecos_len = pw_gecos_len;
220 dataset->resp.pw_dir_len = pw_dir_len;
221 dataset->resp.pw_shell_len = pw_shell_len;
222
223 cp = dataset->strdata;
224
225 /* Copy the strings over into the buffer. */
226 cp = mempcpy (cp, pwd->pw_name, pw_name_len);
227 cp = mempcpy (cp, pwd->pw_passwd, pw_passwd_len);
228 cp = mempcpy (cp, pwd->pw_gecos, pw_gecos_len);
229 cp = mempcpy (cp, pwd->pw_dir, pw_dir_len);
230 cp = mempcpy (cp, pwd->pw_shell, pw_shell_len);
231
232 /* Finally the stringified UID value. */
233 memcpy (cp, buf, n);
234 char *key_copy = cp + key_offset;
235 assert (key_copy == (char *) rawmemchr (cp, '\0') + 1);
236
237 /* Now we can determine whether on refill we have to create a new
238 record or not. */
239 if (he != NULL)
240 {
241 assert (fd == -1);
242
243 if (total + n == dh->allocsize
244 && total - offsetof (struct dataset, resp) == dh->recsize
245 && memcmp (&dataset->resp, dh->data,
246 dh->allocsize - offsetof (struct dataset, resp)) == 0)
247 {
248 /* The sata has not changed. We will just bump the
249 timeout value. Note that the new record has been
250 allocated on the stack and need not be freed. */
251 dh->timeout = dataset->head.timeout;
252 ++dh->nreloads;
253 }
254 else
255 {
256 /* We have to create a new record. Just allocate
257 appropriate memory and copy it. */
258 struct dataset *newp
259 = (struct dataset *) mempool_alloc (db, total + n);
260 if (newp != NULL)
261 {
262 /* Adjust pointer into the memory block. */
263 cp = (char *) newp + (cp - (char *) dataset);
264
265 dataset = memcpy (newp, dataset, total + n);
266 alloca_used = false;
267 }
268
269 /* Mark the old record as obsolete. */
270 dh->usable = false;
271 }
272 }
273 else
274 {
275 /* We write the dataset before inserting it to the database
276 since while inserting this thread might block and so would
277 unnecessarily let the receiver wait. */
278 assert (fd != -1);
279
280 written = TEMP_FAILURE_RETRY (write (fd, &dataset->resp, total));
281 }
282
283
284 /* Add the record to the database. But only if it has not been
285 stored on the stack. */
286 if (! alloca_used)
287 {
288 /* If necessary, we also propagate the data to disk. */
289 if (db->persistent)
290 {
291 // XXX async OK?
292 uintptr_t pval = (uintptr_t) dataset & ~pagesize_m1;
293 msync ((void *) pval,
294 ((uintptr_t) dataset & pagesize_m1) + total + n,
295 MS_ASYNC);
296 }
297
298 /* Now get the lock to safely insert the records. */
299 pthread_rwlock_rdlock (&db->lock);
300
301 /* NB: in the following code we always must add the entry
302 marked with FIRST first. Otherwise we end up with
303 dangling "pointers" in case a latter hash entry cannot be
304 added. */
305 bool first = req->type == GETPWBYNAME;
306
307 /* If the request was by UID, add that entry first. */
308 if (req->type != GETPWBYNAME)
309 {
310 if (cache_add (GETPWBYUID, cp, key_offset, &dataset->head, true,
311 db, owner) < 0)
312 {
313 /* Could not allocate memory. Make sure the data gets
314 discarded. */
315 dataset->head.usable = false;
316 goto out;
317 }
318 }
319 /* If the key is different from the name add a separate entry. */
320 else if (strcmp (key_copy, dataset->strdata) != 0)
321 {
322 if (cache_add (GETPWBYNAME, key_copy, key_len + 1,
323 &dataset->head, first, db, owner) < 0)
324 {
325 /* Could not allocate memory. Make sure the data gets
326 discarded. */
327 dataset->head.usable = false;
328 goto out;
329 }
330
331 first = false;
332 }
333
334 /* We have to add the value for both, byname and byuid. */
335 if (__builtin_expect (cache_add (GETPWBYNAME, dataset->strdata,
336 pw_name_len, &dataset->head, first,
337 db, owner) == 0, 1))
338 {
339 if (req->type == GETPWBYNAME)
340 (void) cache_add (GETPWBYUID, cp, key_offset, &dataset->head,
341 req->type != GETPWBYNAME, db, owner);
342 }
343 else if (first)
344 /* Could not allocate memory. Make sure the data gets
345 discarded. */
346 dataset->head.usable = false;
347
348 out:
349 pthread_rwlock_unlock (&db->lock);
350 }
351 }
352
353 if (__builtin_expect (written != total, 0) && debug_level > 0)
354 {
355 char buf[256];
356 dbg_log (_("short write in %s: %s"), __FUNCTION__,
357 strerror_r (errno, buf, sizeof (buf)));
358 }
359 }
360
361
362 union keytype
363 {
364 void *v;
365 uid_t u;
366 };
367
368
369 static int
370 lookup (int type, union keytype key, struct passwd *resultbufp, char *buffer,
371 size_t buflen, struct passwd **pwd)
372 {
373 if (type == GETPWBYNAME)
374 return __getpwnam_r (key.v, resultbufp, buffer, buflen, pwd);
375 else
376 return __getpwuid_r (key.u, resultbufp, buffer, buflen, pwd);
377 }
378
379
380 static void
381 addpwbyX (struct database_dyn *db, int fd, request_header *req,
382 union keytype key, const char *keystr, uid_t c_uid,
383 struct hashentry *he, struct datahead *dh)
384 {
385 /* Search for the entry matching the key. Please note that we don't
386 look again in the table whether the dataset is now available. We
387 simply insert it. It does not matter if it is in there twice. The
388 pruning function only will look at the timestamp. */
389 size_t buflen = 1024;
390 char *buffer = (char *) alloca (buflen);
391 struct passwd resultbuf;
392 struct passwd *pwd;
393 uid_t oldeuid = 0;
394 bool use_malloc = false;
395 int errval = 0;
396
397 if (__builtin_expect (debug_level > 0, 0))
398 {
399 if (he == NULL)
400 dbg_log (_("Haven't found \"%s\" in password cache!"), keystr);
401 else
402 dbg_log (_("Reloading \"%s\" in password cache!"), keystr);
403 }
404
405 if (db->secure)
406 {
407 oldeuid = geteuid ();
408 seteuid (c_uid);
409 }
410
411 while (lookup (req->type, key, &resultbuf, buffer, buflen, &pwd) != 0
412 && (errval = errno) == ERANGE)
413 {
414 char *old_buffer = buffer;
415 errno = 0;
416 #define INCR 1024
417
418 if (__builtin_expect (buflen > 32768, 0))
419 {
420 buflen += INCR;
421 buffer = (char *) realloc (use_malloc ? buffer : NULL, buflen);
422 if (buffer == NULL)
423 {
424 /* We ran out of memory. We cannot do anything but
425 sending a negative response. In reality this should
426 never happen. */
427 pwd = NULL;
428 buffer = old_buffer;
429
430 /* We set the error to indicate this is (possibly) a
431 temporary error and that it does not mean the entry
432 is not available at all. */
433 errval = EAGAIN;
434 break;
435 }
436 use_malloc = true;
437 }
438 else
439 /* Allocate a new buffer on the stack. If possible combine it
440 with the previously allocated buffer. */
441 buffer = (char *) extend_alloca (buffer, buflen, buflen + INCR);
442 }
443
444 if (db->secure)
445 seteuid (oldeuid);
446
447 /* Add the entry to the cache. */
448 cache_addpw (db, fd, req, keystr, pwd, c_uid, he, dh, errval);
449
450 if (use_malloc)
451 free (buffer);
452 }
453
454
455 void
456 addpwbyname (struct database_dyn *db, int fd, request_header *req,
457 void *key, uid_t c_uid)
458 {
459 union keytype u = { .v = key };
460
461 addpwbyX (db, fd, req, u, key, c_uid, NULL, NULL);
462 }
463
464
465 void
466 readdpwbyname (struct database_dyn *db, struct hashentry *he,
467 struct datahead *dh)
468 {
469 request_header req =
470 {
471 .type = GETPWBYNAME,
472 .key_len = he->len
473 };
474 union keytype u = { .v = db->data + he->key };
475
476 addpwbyX (db, -1, &req, u, db->data + he->key, he->owner, he, dh);
477 }
478
479
480 void
481 addpwbyuid (struct database_dyn *db, int fd, request_header *req,
482 void *key, uid_t c_uid)
483 {
484 char *ep;
485 uid_t uid = strtoul ((char *) key, &ep, 10);
486
487 if (*(char *) key == '\0' || *ep != '\0') /* invalid numeric uid */
488 {
489 if (debug_level > 0)
490 dbg_log (_("Invalid numeric uid \"%s\"!"), (char *) key);
491
492 errno = EINVAL;
493 return;
494 }
495
496 union keytype u = { .u = uid };
497
498 addpwbyX (db, fd, req, u, key, c_uid, NULL, NULL);
499 }
500
501
502 void
503 readdpwbyuid (struct database_dyn *db, struct hashentry *he,
504 struct datahead *dh)
505 {
506 char *ep;
507 uid_t uid = strtoul (db->data + he->key, &ep, 10);
508
509 /* Since the key has been added before it must be OK. */
510 assert (*(db->data + he->key) != '\0' && *ep == '\0');
511
512 request_header req =
513 {
514 .type = GETPWBYUID,
515 .key_len = he->len
516 };
517 union keytype u = { .u = uid };
518
519 addpwbyX (db, -1, &req, u, db->data + he->key, he->owner, he, dh);
520 }
GNU C Library master sources
This page took 0.068334 seconds and 6 git commands to generate.