summaryrefslogtreecommitdiffstats
path: root/lib/libc/gen/getpwent.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* The "always hint that getpw operation is happening with access() the YPderaadt2019-07-021-1/+2
| | | | | | | lock file" would trash errno, creating confusion. One instance found by richardipsum@fastmail, other two identified from original commit ok millert
* Use an mmap()'d buffer instead of a static buffer for the contentsmillert2018-08-211-48/+109
| | | | | | | | of the pointer returned by getpw{ent,nam,uid}(). We unmap the buffer each time to catch callers using a stale passwd struct pointer. As a special case, we do not unmap the buffer if the previous lookup was for the same name or uid. This special case may be removed in the future. OK deraadt@
* stop opening the shadow database by default. only programs that request ittedu2016-05-071-5/+3
| | | | | | via the _shadow functions will open now, preventing some programs running as root from accidentally loading password hashes it into their memory. ok deraadt
* Remove NULL-checks before free() and a few related dead assignments.mmcc2015-12-281-13/+7
| | | | ok and valuable input from millert@
* modify getpw*(), getgr*(), and getgrouplist() functions to access thederaadt2015-12-011-2/+6
| | | | | | | | | YP lock file unconditionally. This hints to the kernel that a "getpw" operation is happening, even in the non-YP case. This looks like a gruesome hack, but helps refine the ways these functions are called and mandates the right pledge requests. Once the tree is fully annotated we will know better how to improve the backing store management. ok semarie espie beck
* Use reentrant versions of getpw{nam,uid} and getgr{nam,gid} withinmillert2015-11-241-3/+1
| | | | | | | libc to avoid reusing the static buffers returned by the non-reentrant versions. Since this is inside libc we can use constants for the buffer sizes instead of having to call sysconf(). OK guenther@ deraadt@
* Add _shadow variants to the two popular getpw functions (uid and nam).tedu2015-11-181-14/+66
| | | | | | | | | This version of the function will always open the secure/shadow/master password files. Soon, the regular variants of these functions will not. (Intermixing shadow and regular gets a little weird; don't do that.) Not using struct spwd and getspwnam functions to reduce churn in callers. Should just be a one line diff in most places. ok deraadt
* remove null check before free. from Michael McConvilletedu2015-09-141-23/+12
| | | | ok semarie
* Wrap <pwd.h> so that calls go direct and the symbols are all weak.guenther2015-09-131-1/+6
| | | | Hide bcrypt_autorounds(), prefixing with an underbar for static builds.
* Do not assume that asprintf() clears the pointer on failure, whichmillert2015-06-031-3/+9
| | | | | is non-portable. Also add missing asprintf() return value checks. OK deraadt@ guenther@ doug@
* Move to the <limits.h> universe.deraadt2015-01-161-4/+6
| | | | review by millert, binary checking process with doug, concept with guenther
* Make sure that setgrent(), endgrent(), and endpwent() do not clobberschwarze2014-03-121-1/+5
| | | | | | | | | | errno; they might do so on open() and close() failures, but by POSIX, they are not supposed to fail. Note that ignoring failures inside setgrent() does not matter, the following getgrent() is bound to fail the same way again, anyway. If you insist on detecting open() failure, use setgroupent(), even though that is less portable. While here, remove two pointless (void) casts. ok millert@ jca@
* The functions getpw{nam,uid}_r() no longer set errno, not even if anschwarze2014-03-121-7/+15
| | | | | | | error occurs, but of course they do return the error. This matches what getgr{nam,gid}_r() have already been doing. Original idea by kettenis@, and deraadt@ called that idea "the only sane approach". ok kettenis@ millert@
* Fix getpw{nam,uid}{,_r}() errno handling for the non-YP case.schwarze2014-03-081-6/+15
| | | | | | Prevent close(2) and syslog(3) from stomping on errno; from guenther@. Set ERANGE if the buf is too small, required by POSIX; from jca@. ok millert@
* Fix the return values of getpwnam_r(), getpwuid_r(), getgrnam_r(),schwarze2014-03-051-3/+19
| | | | | | | | and getgrgid_r() to agree with POSIX. Not touching errno handling yet, which will also need fixing. Problem originally reported by william at 25thandClement dot com on bugs@. OK sthen@, and kettenis@ agrees it's "a step in the right direction".
* getpwnam_r() and getpwuid_r() reopen the passwd even when called withbenno2013-11-151-7/+3
| | | | | | | setpassent(stayopen). Bug found and fixed by Erik Lax <erik-AT-halon-DOT-se> ok millert@ guenther@
* ANSI prototypesderaadt2013-11-121-3/+3
|
* Align stack yp buffers to 64-bit boundaries now, for they might containmiod2013-08-151-5/+5
| | | | a struct passwd. ok deraadt@ guenther@ kettenis@
* Do not need machine/param.hderaadt2013-03-211-2/+1
|
* use a size_t instead of an int to avoid signed comparederaadt2013-01-071-2/+3
| | | | | spotted by Ilja Van Sprundel ok millert
* Preserve errno across calls to open the password database(s), soguenther2011-09-051-2/+5
| | | | | | | that errno isn't changed when a normal user (who can't open spwd.db) does a lookup. Problem pointed out by Tim van der Molen (tbvdm at xs4all.nl)
* remove unused variablechl2009-11-211-2/+1
| | | | ok deraadt@
* simplify the code looking for + in the password database, after analysisderaadt2009-11-121-5/+4
| | | | of a false positive made by parfait; ok millert
* Take advantage of the surprise libc bump to bring inschwarze2009-06-031-59/+2
| | | | | | | | YP group(5) exclusion, i.e. support -groupname:*:: in /etc/group. Such groups will be excluded from later +:*::, in just the same was as it is already done for passwd(5). I have been running this since the autumn of 2008. Discussed with several (including deraadt@, millert@, jmc@).
* getgrouplist: If YP is #defined and enabled in /etc/group(5) and /etc/netid(5)schwarze2009-03-271-11/+13
| | | | | | | | | | | | | | contains a matching entry, use that and refrain from accessing YP. getpwnam/getpwuid: If YP is #defined and /etc/master.passwd(5) contains a matching entry before the first YP entry, use that and stay away from YP. Taken together, this allows a solution to the following problem pointed out by deraadt@: When YP was configured but temporarily unavailable, even root login would block, hindering you when trying to do repairs. To avoid this, you can now provide a static entry for root in /etc/netid. Using suggestions from miod@ otto@ blambert@ jmc@. "commit" deraadt@, "cool" ajacoutot@, "looks fine" jmc@.
* Avoid an occasional double free in getpwent() which corrupted memory. Itderaadt2008-07-231-6/+2
| | | | | | happened only in the case of a + record indicating to use YP, but with ypbind not actually running. Problem found by pyr; solution found with millert ok millert pyr
* oops, fix getpwent() use of wrong buffersderaadt2008-07-061-3/+4
| | | | found by alexander.schrijver
* Add _PW_BUF_LEN define and use it instead of hard-coding 1024 formillert2008-06-251-6/+6
| | | | the buffer size. OK deraadt@
* implement getpwnam_r() and getpwuid_r() -- very nearly a rewrite of thederaadt2008-06-241-469/+403
| | | | entire file. much help from kurt, and tested by many
* zap remaining rcsid.espie2005-08-081-4/+1
| | | | | | Kill old files that are no longer compiled. okay theo
* deregister (and deauto!). ok millert@ marco@otto2005-03-251-4/+4
|
* ansify function definitions and zap some `register'jfb2004-05-181-22/+15
| | | | ok millert@
* protosderaadt2003-06-251-1/+2
|
* Remove the advertising clause in the UCB license which Berkeleymillert2003-06-021-6/+2
| | | | rescinded 22 July 1999. Proofed by myself and Theo.
* add missing enumeration case to select to kill gcc warningavsm2003-05-011-1/+4
| | | | millert@ ok
* Add a "shadow" group and make the shadow passwd db readable by thatmillert2002-11-211-6/+4
| | | | | | | | | | | | | | | group. This changes getpw* to always try the shadow db first and then fall back to the db w/o password hashes. In the future, /usr/libexec/auth/login_passwd (and others) will be setgid shadow instead of setuid root. OK deraadt@ If you track -current you should do the following: o add group shadow to /etc/group o chgrp shadow /etc/spwd.db o chmod 640 /etc/spwd.db o rebuild and install src/usr.sbin/pwd_mkdb You do not need to rebuild libc yet, but it would't hurt to do so.
* KNFderaadt2002-07-061-20/+20
|
* cope better if realloc fails; better fix than cloder@acm.orgderaadt2002-07-061-1/+2
|
* try to use strlcpy and snprintf more; ok variousderaadt2002-05-241-2/+2
|
* We live in an ANSI C world. Remove lots of gratuitous #ifdef __STDC__ cruft.millert2002-02-191-6/+1
|
* Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.millert2002-02-161-9/+9
|
* put another YP-only piece inside the ifdefderaadt2001-07-101-1/+3
|
* Avoid theoretical potential buffer overflowpjanzen2001-02-131-2/+2
|
* move utmp to large format, usernames to 32 chars; downsjderaadt2001-01-311-9/+8
|
* well if you cannot do a libc commit properly a week before 2.7 tree lock, surely it can wait till after 2.7deraadt2000-04-251-132/+10
|
* getpw*_r()d2000-04-251-10/+132
|
* redo master.passwd.byname check if either the uid or euid changes, this wasderaadt1999-09-151-4/+18
| | | | a case of bad caching; peter and I
* indentderaadt1999-09-141-114/+114
|
* Use strtol() and strtoul() instead of atoi(). This allows us to catchmillert1999-09-031-6/+21
| | | | errors reasonably and deal correctly with unsigned quantities.
* realloc repairderaadt1998-08-141-3/+10
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.