= Implement name service switch modules (NSS modules). NSS modules

may be built into libc (`static NSS modules') or dynamically loaded via dlopen (`dynamic NSS modules'). Modules are loaded/initialized at configuration time (i.e. when nsdispatch is called and nsswitch.conf is read or re-read). = Make the nsdispatch(3) core thread-safe. = New status code for nsdispatch(3) `NS_RETURN', currently used to signal ERANGE-type issues. = syslog(3) problems, don't warn/err/abort. = Try harder to avoid namespace pollution. = Implement some shims to assist in porting NSS modules written for the GNU C Library nsswitch interface. Sponsored by: DARPA, Network Associates Laboratories
author: nectar <nectar@FreeBSD.org> 2003-04-17 14:14:22 +0000
committer: nectar <nectar@FreeBSD.org> 2003-04-17 14:14:22 +0000
commit: 1b1f6bb4f50d42bbbb1291be0c60741c12f8201a (patch)
tree: 72f30804c92fca1b7ff1088806b0e3f696dce64c /include
parent: 7ec422366401f961c808e40fd6b4c95c955ea58f (diff)
download: FreeBSD-src-1b1f6bb4f50d42bbbb1291be0c60741c12f8201a.zip
FreeBSD-src-1b1f6bb4f50d42bbbb1291be0c60741c12f8201a.tar.gz
3 files changed, 133 insertions, 14 deletions
diff --git a/include/Makefile b/include/Makefile
index 983a939..d5058e0 100644
--- a/include/Makefile
+++ b/include/Makefile
@@ -13,7 +13,8 @@ INCS=	a.out.h ar.h assert.h bitstring.h complex.h cpio.h ctype.h db.h \
 	fts.h getopt.h glob.h grp.h hesiod.h histedit.h ieeefp.h ifaddrs.h \
 	inttypes.h iso646.h kenv.h langinfo.h libgen.h limits.h link.h \
 	locale.h malloc.h memory.h monetary.h mpool.h ndbm.h netconfig.h \
-	netdb.h nl_types.h nlist.h nsswitch.h objformat.h paths.h pthread.h \
+	netdb.h nl_types.h nlist.h nss.h nsswitch.h objformat.h paths.h \
+	pthread.h \
 	pthread_np.h pwd.h ranlib.h readpassphrase.h regex.h regexp.h \
 	resolv.h rune.h runetype.h search.h setjmp.h sgtty.h signal.h stab.h \
 	stdbool.h stddef.h stdio.h stdlib.h strhash.h string.h stringlist.h \
diff --git a/include/nss.h b/include/nss.h
new file mode 100644
index 0000000..86a08ed
--- /dev/null
+++ b/include/nss.h
@@ -0,0 +1,56 @@
+/*-
+ * Copyright (c) 2003 Networks Associates Technology, Inc.
+ * All rights reserved.
+ *
+ * This software was developed for the FreeBSD Project by
+ * Jacques A. Vidrine, Safeport Network Services, and Network
+ * Associates Laboratories, the Security Research Division of Network
+ * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
+ * ("CBOSS"), as part of the DARPA CHATS research program.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ *
+ * Compatibility header for the GNU C Library-style nsswitch interface.
+ */
+#ifndef _NSS_H_
+#define _NSS_H_
+
+#include <nsswitch.h>
+
+enum nss_status {
+	NSS_STATUS_TRYAGAIN = -2,
+	NSS_STATUS_UNAVAIL,
+	NSS_STATUS_NOTFOUND,
+	NSS_STATUS_SUCCESS,
+	NSS_STATUS_RETURN
+};
+
+#define __nss_compat_result(rv)			\
+((rv == NSS_STATUS_TRYAGAIN) ? NS_TRYAGAIN :	\
+ (rv == NSS_STATUS_UNAVAIL)  ? NS_UNAVAIL  :	\
+ (rv == NSS_STATUS_NOTFOUND) ? NS_NOTFOUND :	\
+ (rv == NSS_STATUS_SUCCESS)  ? NS_SUCCESS  :	\
+ (rv == NSS_STATUS_RETURN)   ? NS_RETURN   : 0)
+
+#endif
diff --git a/include/nsswitch.h b/include/nsswitch.h
index 74e5a90..22e482c 100644
--- a/include/nsswitch.h
+++ b/include/nsswitch.h
@@ -41,20 +41,24 @@
 #define _NSSWITCH_H	1
 
 #include <sys/types.h>
-
 #include <stdarg.h>
 
+#define NSS_MODULE_INTERFACE_VERSION 1
+
 #ifndef _PATH_NS_CONF
 #define _PATH_NS_CONF	"/etc/nsswitch.conf"
 #endif
 
-#define	NS_CONTINUE	0
-#define	NS_RETURN	1
+/* NSS source actions */
+#define	NS_ACTION_CONTINUE	0	/* try the next source */
+#define	NS_ACTION_RETURN	1	/* look no further */
 
 #define	NS_SUCCESS	(1<<0)		/* entry was found */
 #define	NS_UNAVAIL	(1<<1)		/* source not responding, or corrupt */
 #define	NS_NOTFOUND	(1<<2)		/* source responded 'no such entry' */
-#define	NS_TRYAGAIN	(1<<3)		/* source busy, may respond to retrys */
+#define	NS_TRYAGAIN	(1<<3)		/* source busy, may respond to retry */
+#define NS_RETURN	(1<<4)		/* stop search, e.g. for ERANGE */
+#define NS_TERMINATE	(NS_SUCCESS|NS_RETURN) /* flags that end search */
 #define	NS_STATUSMASK	0x000000ff	/* bitmask to get the status flags */
 
 /*
@@ -98,13 +102,26 @@
 #define NSDB_TTYS		"ttys"
 
 /*
+ * ns_dtab `method' function signature.
+ */ 
+typedef int (*nss_method)(void *_retval, void *_mdata, va_list _ap);
+
+/*
+ * Macro for generating method prototypes.
+ */
+#define NSS_METHOD_PROTOTYPE(method) \
+	int method(void *, void *, va_list)
+
+/*
  * ns_dtab - `nsswitch dispatch table'
- * contains an entry for each source and the appropriate function to call
+ * Contains an entry for each source and the appropriate function to
+ * call.  ns_dtabs are used in the nsdispatch() API in order to allow
+ * the application to override built-in actions.
  */
-typedef struct {
-	const char	 *src;
-	int		(*callback)(void *retval, void *cb_data, va_list ap);
-	void		 *cb_data;
+typedef struct _ns_dtab {
+	const char	 *src;		/* Source this entry implements */
+	nss_method	  method;	/* Method to be called */
+	void		 *mdata;	/* Data passed to method */
 } ns_dtab;
 
 /*
@@ -130,7 +147,7 @@ typedef struct {
  * used by the nsparser routines to store a mapping between a source
  * and its dispatch control flags for a given database.
  */
-typedef struct {
+typedef struct _ns_src {
 	const char	*name;
 	u_int32_t	 flags;
 } ns_src;
@@ -142,6 +159,38 @@ typedef struct {
  */
 extern const ns_src __nsdefaultsrc[];
 
+/*
+ * ns_mtab - NSS method table
+ * An NSS module provides a mapping from (database name, method name)
+ * tuples to the nss_method and associated data.
+ */
+typedef struct _ns_mtab {
+	const char	*database;
+	const char	*name;
+	nss_method	 method;
+	void		*mdata;
+} ns_mtab;
+
+/*
+ * NSS module de-registration, called at module unload.
+ */
+typedef void	 (*nss_module_unregister_fn)(ns_mtab *, unsigned int);
+
+/*
+ * NSS module registration, called at module load.
+ */
+typedef ns_mtab *(*nss_module_register_fn)(const char *, unsigned int *,
+		       nss_module_unregister_fn *);
+
+/* 
+ * Many NSS interfaces follow the getXXnam, getXXid, getXXent pattern.
+ * Developers are encouraged to use nss_lookup_type where approriate.
+ */
+enum nss_lookup_type {
+	nss_lt_name = 1,
+	nss_lt_id   = 2,
+	nss_lt_all  = 3
+};
 
 #ifdef _NS_PRIVATE
 
@@ -154,12 +203,23 @@ extern const ns_src __nsdefaultsrc[];
  * for each database in /etc/nsswitch.conf there is a ns_dbt, with its
  * name and a list of ns_src's containing the source information.
  */
-typedef struct {
+typedef struct _ns_dbt {
 	const char	*name;		/* name of database */
 	ns_src		*srclist;	/* list of sources */
 	int		 srclistsize;	/* size of srclist */
 } ns_dbt;
 
+/*
+ * ns_mod - NSS module
+ */
+typedef struct _ns_mod {
+	char		*name;		/* module name */
+	void		*handle;	/* handle from dlopen */
+	ns_mtab		*mtab;		/* method table */
+	unsigned int	 mtabsize;	/* count of entries in method table */
+	nss_module_unregister_fn unregister; /* called to unload module */
+} ns_mod;
+
 #endif /* _NS_PRIVATE */
 
 
@@ -171,12 +231,14 @@ extern	int	nsdispatch(void *, const ns_dtab [], const char *,
 
 #ifdef _NS_PRIVATE
 extern	void		 _nsdbtaddsrc(ns_dbt *, const ns_src *);
-extern	void		 _nsdbtdump(const ns_dbt *);
-extern	const ns_dbt	*_nsdbtget(const char *);
 extern	void		 _nsdbtput(const ns_dbt *);
 extern	void		 _nsyyerror(const char *);
 extern	int		 _nsyylex(void);
+extern	int		 _nsyyparse(void);
 extern	int		 _nsyylineno;
+#ifdef _NSS_DEBUG
+extern	void		 _nsdbtdump(const ns_dbt *);
+#endif
 #endif /* _NS_PRIVATE */
 
 __END_DECLS
author	nectar <nectar@FreeBSD.org>	2003-04-17 14:14:22 +0000
committer	nectar <nectar@FreeBSD.org>	2003-04-17 14:14:22 +0000
commit	1b1f6bb4f50d42bbbb1291be0c60741c12f8201a (patch)
tree	72f30804c92fca1b7ff1088806b0e3f696dce64c /include
parent	7ec422366401f961c808e40fd6b4c95c955ea58f (diff)
download	FreeBSD-src-1b1f6bb4f50d42bbbb1291be0c60741c12f8201a.zip FreeBSD-src-1b1f6bb4f50d42bbbb1291be0c60741c12f8201a.tar.gz