diff options
| author | Nalin Dahyabhai <nalin@redhat.com> | 2012-08-23 18:09:10 -0400 |
|---|---|---|
| committer | Nalin Dahyabhai <nalin@redhat.com> | 2012-08-23 18:11:33 -0400 |
| commit | 0ca2bd6370e617112ce90b892149453461a323be (patch) | |
| tree | 9b77c74b9b47de64d763a368015e4c085a406cec /src | |
| parent | 9f3506ddb0c33d72dad44dc82e3e1f45075d3d0b (diff) | |
| download | slapi-nis-0ca2bd6370e617112ce90b892149453461a323be.tar.gz slapi-nis-0ca2bd6370e617112ce90b892149453461a323be.tar.xz slapi-nis-0ca2bd6370e617112ce90b892149453461a323be.zip | |
add shadow, passwd.adjuct, base64-encode nis-disallowed-chars
* add a definition for shadow.byname
* add a definition for passwd.adjunct.byname
* make passwd.byname/passwd.byuid hide userPassword if objectClass==shadowAccount
* base64-encode nis-disallowed-chars when we are printing defaults
Diffstat (limited to 'src')
| -rw-r--r-- | src/defs-nis.c | 71 |
1 files changed, 67 insertions, 4 deletions
diff --git a/src/defs-nis.c b/src/defs-nis.c index b4a7d33..efd9a37 100644 --- a/src/defs-nis.c +++ b/src/defs-nis.c @@ -23,6 +23,7 @@ #include "config.h" #endif +#include <sys/param.h> #include <rpc/xdr.h> #include <fnmatch.h> #include <paths.h> @@ -51,12 +52,22 @@ static struct configuration { {"passwd.byname", config_exact, FALSE, NULL, "(objectClass=posixAccount)", "%{uid}", NULL, - "%{uid}:%regsubi(\"%{userPassword}\",\"^\\\\{CRYPT\\\\}(..*)\",\"%1\",\"*\"):%regmatch(\"%{uidNumber}\",\"[0-9]+\"):%regmatch(\"%{gidNumber}\",\"[0-9]+\"):%{gecos:-%{cn:-}}:%{homeDirectory:-/}:%{loginShell:-" _PATH_BSHELL "}", NULL, + "%{uid}:%ifeq(\"objectClass\",\"shadowAccount\",\"x\",\"%regsubi(\\\"%{userPassword}\\\",\\\"^\\\\\\\\{CRYPT\\\\\\\\}(..*)\\\",\\\"%1\\\",\\\"*\\\")\"):%regmatch(\"%{uidNumber}\",\"[0-9]+\"):%regmatch(\"%{gidNumber}\",\"[0-9]+\"):%{gecos:-%{cn:-}}:%{homeDirectory:-/}:%{loginShell:-" _PATH_BSHELL "}", NULL, ":\r\n"}, {"passwd.byuid", config_exact, FALSE, NULL, "(objectClass=posixAccount)", "%{uidNumber}", NULL, - "%{uid}:%regsubi(\"%{userPassword}\",\"^\\\\{CRYPT\\\\}(..*)\",\"%1\",\"*\"):%regmatch(\"%{uidNumber}\",\"[0-9]+\"):%regmatch(\"%{gidNumber}\",\"[0-9]+\"):%{gecos:-%{cn:-}}:%{homeDirectory:-/}:%{loginShell:-" _PATH_BSHELL "}", NULL, + "%{uid}:%ifeq(\"objectClass\",\"shadowAccount\",\"x\",\"%regsubi(\\\"%{userPassword}\\\",\\\"^\\\\\\\\{CRYPT\\\\\\\\}(..*)\\\",\\\"%1\\\",\\\"*\\\")\"):%regmatch(\"%{uidNumber}\",\"[0-9]+\"):%regmatch(\"%{gidNumber}\",\"[0-9]+\"):%{gecos:-%{cn:-}}:%{homeDirectory:-/}:%{loginShell:-" _PATH_BSHELL "}", NULL, + ":\r\n"}, + {"shadow.byname", config_exact, TRUE, NULL, + "(objectClass=shadowAccount)", + "%{uid}", NULL, + "%{uid}:%regsubi(\"%{userPassword}\",\"^\\\\{CRYPT\\\\}(..*)\",\"%1\",\"*\"):%{shadowLastChange:-}:%{shadowMin:-}:%{shadowMax:-}:%{shadowWarning:-}:%{shadowInactive:-}:%{shadowExpire:-}:%{shadowFlag:-}", NULL, + ":\r\n"}, + {"passwd.adjunct.byname", config_exact, TRUE, NULL, + "(objectClass=shadowAccount)", + "%{uid}", NULL, + "%{uid}:%regsubi(\"%{userPassword}\",\"^\\\\{CRYPT\\\\}(..*)\",\"%1\",\"*\")::::::", NULL, ":\r\n"}, {"group.byname", config_exact, FALSE, NULL, "(objectClass=posixGroup)", @@ -264,6 +275,56 @@ usage(const char *argv0) fprintf(stderr, "Usage: %s [-d domain] [-s suffix] [-m map]\n", strchr(argv0, '/') ? strrchr(argv0, '/') + 1 : argv0); } +static char * +base64enc(const char *s) +{ + size_t len; + uint32_t i; + int c; + const char *p, *alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "abcdefghijklmnopqrstuvwxyz" + "0123456789" + "+/"; + char *ret, *r; + + len = howmany(strlen(s), 3) * 4; + ret = malloc(len + 1); + if (ret == NULL) { + return NULL; + } + memset(ret, '\0', len + 1); + for (p = s, r = ret, i = 0, c = 0; *p != '\0'; p++) { + i <<= 8; + i |= *p; + c++; + if (c == 3) { + *r++ = alphabet[((i >> 18) & 0x3f)]; + *r++ = alphabet[((i >> 12) & 0x3f)]; + *r++ = alphabet[((i >> 6) & 0x3f)]; + *r++ = alphabet[((i ) & 0x3f)]; + c = 0; + i = 0; + } + } + switch (c) { + case 1: + i <<= 16; + *r++ = alphabet[((i >> 18) & 0x3f)]; + *r++ = alphabet[((i >> 12) & 0x3f)]; + *r++ = '='; + *r++ = '='; + break; + case 2: + i <<= 8; + *r++ = alphabet[((i >> 18) & 0x3f)]; + *r++ = alphabet[((i >> 12) & 0x3f)]; + *r++ = alphabet[((i >> 6) & 0x3f)]; + *r++ = '='; + break; + } + *r++ = '\0'; + return ret; +} int main(int argc, char **argv) { @@ -349,9 +410,11 @@ main(int argc, char **argv) config[i].value_format : ""); } if (config[i].disallowed_chars != NULL) { - printf("%s: %s\n", + char *p; + printf("%s:: %s\n", NIS_MAP_CONFIGURATION_DISALLOWED_CHARS_ATTR, - config[i].disallowed_chars); + p = base64enc(config[i].disallowed_chars)); + free(p); } if (config[i].secure) { printf("%s: yes\n", NIS_MAP_CONFIGURATION_SECURE_ATTR); |