| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | fix format strings for uid/gid values in putpwent/putgrent•••commit 648c3b4e18b2ce2b6af7d44783e42ca267ea49f5 omitted this change,
which is needed to be able to use uid/gid values greater than INT_MAX
with these interfaces. it fixes alpine linux bug #10460.
| Rich Felker | 2019-05-16 | 2 | -2/+2 |
| * | halt getspnam[_r] search on error accessing TCB shadow•••fallback to /etc/shadow should happen only when the entry is not found
in the TCB shadow. otherwise transient errors or permission errors can
cause inconsistent results.
| Rich Felker | 2018-12-28 | 1 | -0/+2 |
| * | don't set errno or return an error when getspnam[_r] finds no entry•••this case is specified as success with a null result, rather than an
error, and errno is not to be set on success.
| Rich Felker | 2018-12-28 | 2 | -3/+9 |
| * | reduce spurious inclusion of libc.h•••libc.h was intended to be a header for access to global libc state and
related interfaces, but ended up included all over the place because
it was the way to get the weak_alias macro. most of the inclusions
removed here are places where weak_alias was needed. a few were
recently introduced for hidden. some go all the way back to when
libc.h defined CANCELPT_BEGIN and _END, and all (wrongly implemented)
cancellation points had to include it.
remaining spurious users are mostly callers of the LOCK/UNLOCK macros
and files that use the LFS64 macro to define the awful *64 aliases.
in a few places, new inclusion of libc.h is added because several
internal headers no longer implicitly include libc.h.
declarations for __lockfile and __unlockfile are moved from libc.h to
stdio_impl.h so that the latter does not need libc.h. putting them in
libc.h made no sense at all, since the macros in stdio_impl.h are
needed to use them correctly anyway.
| Rich Felker | 2018-09-12 | 1 | -1/+1 |
| * | apply hidden visibility to various remaining internal interfaces | Rich Felker | 2018-09-12 | 2 | -6/+6 |
| * | fix regression in getspnam[_r] error code for insufficient buffer size•••commit 2d7d05f031e014068a61d3076c6178513395d2ae wrongly changed ERANGE
to EINVAL, likely as the result of copy-and-paste error.
| Rich Felker | 2017-06-21 | 1 | -1/+1 |
| * | set errno when getpw*_r, getgr*_r, and getspnam_r fail•••these functions return an error code, and are not explicitly
documented to set errno, but they are nonstandard and the historical
implementations do set errno as well, and some applications expect
this behavior. do likewise for compatibility.
patch by Rudolph Pereira.
| Rich Felker | 2017-06-15 | 3 | -3/+7 |
| * | revert unrelated change that slipped into last commit | Rich Felker | 2016-07-13 | 1 | -1/+1 |
| * | fix regression in tcsetattr on all mips archs•••revert commit 8c316e9e49d37ad92c2e7493e16166a2afca419f. it was wrong
and does not match how the kernel API works.
| Rich Felker | 2016-07-13 | 1 | -1/+1 |
| * | fix spurious errors from pwd/grp functions when nscd backend is absent•••for several pwd/grp functions, the only way the caller can distinguish
between a successful negative result ("no such user/group") and an
internal error is by clearing errno before the call and checking errno
afterwards. the nscd backend support code correctly simulated a
not-found response on systems where such a backend is not running, but
failed to restore errno.
this commit also fixed an outdated/incorrect comment.
| Rich Felker | 2015-06-09 | 1 | -4/+8 |
| * | fix mishandling of ENOMEM return case in internal getgrent_a function•••due to an incorrect return statement in this error case, the
previously blocked cancellation state was not restored and no result
was stored. this could lead to invalid (read) accesses in the caller
resulting in crashes or nonsensical result data in the event of memory
exhaustion.
| Rich Felker | 2015-05-01 | 1 | -1/+2 |
| * | avoid sending huge names as nscd passwd/group queries•••overly long user/group names are potentially a DoS vector and source
of other problems like partial writes by sendmsg, and not useful.
| Rich Felker | 2015-03-15 | 1 | -2/+3 |
| * | simplify nscd lookup code for alt passwd/group backends•••previously, a sentinel value of (FILE *)-1 was used to inform the
caller of __nscd_query that nscd is not in use. aside from being an
ugly hack, this resulted in duplicate code paths for two logically
equivalent cases: no nscd, and "not found" result from nscd.
now, __nscd_query simply skips closing the socket and returns a valid
FILE pointer when nscd is not in use, and produces a fake "not found"
response header. the caller is then responsible for closing the socket
just like it would do if it had gotten a real "not found" response.
| Rich Felker | 2015-03-15 | 4 | -15/+15 |
| * | add alternate backend support for getgrouplist•••This completes the alternate backend support that was previously added
to the getpw* and getgr* functions. Unlike those, though, it
unconditionally queries nscd. Any groups from nscd that aren't in the
/etc/groups file are added to the returned list, and any that are
present in the file are ignored. The purpose of this behavior is to
provide a view of the group database consistent with what is observed
by the getgr* functions. If group memberships reported by nscd were
honored when the corresponding group already has a definition in the
/etc/groups file, the user's getgrouplist-based membership in the
group would conflict with their non-membership in the reported
gr_mem[] for the group.
The changes made also make getgrouplist thread-safe and eliminate its
clobbering of the global getgrent state.
| Josiah Worcester | 2015-03-15 | 2 | -0/+86 |
| * | support alternate backends for the passwd and group dbs•••when we fail to find the entry in the commonly accepted files, we
query a server over a Unix domain socket on /var/run/nscd/socket.
the protocol used here is compatible with glibc's nscd protocol on
most systems (all that use 32-bit numbers for all the protocol fields,
which appears to be everything but Alpha).
| Josiah Worcester | 2015-02-23 | 4 | -2/+390 |
| * | fix spurious errors in refactored passwd/group code•••errno was treated as the error status when the return value of getline
was negative, but this condition can simply indicate EOF and is not
necessarily an error.
the spurious errors caused by this bug masked the bug which was fixed
in commit fc5a96c9c8aa186effad7520d5df6b616bbfd29d.
| Rich Felker | 2015-02-23 | 2 | -2/+2 |
| * | fix crashes in refactored passwd/group code•••the wrong condition was used in determining the presence of a result
that needs space/copying for the _r functions. a zero return value
does not necessarily mean success; it can also be a non-error negative
result: no such user/group.
| Rich Felker | 2015-02-23 | 2 | -4/+4 |
| * | refactor group file access code•••this allows getgrnam and getgrgid to share code with the _r versions
in preparation for alternate backend support.
| Josiah Worcester | 2015-02-13 | 6 | -51/+71 |
| * | refactor passwd file access code•••this allows getpwnam and getpwuid to share code with the _r versions
in preparation for alternate backend support.
| Josiah Worcester | 2015-02-10 | 6 | -49/+65 |
| * | fix erroneous return of partial username matches by getspnam[_r]•••when using /etc/shadow (rather than tcb) as its backend, getspnam_r
matched any username starting with the caller-provided string rather
than requiring an exact match. in practice this seems to have affected
only systems where one valid username is a prefix for another valid
username, and where the longer username appears first in the shadow
file.
| Rich Felker | 2015-01-21 | 1 | -1/+1 |
| * | include cleanups: remove unused headers and add feature test macros | Szabolcs Nagy | 2013-12-12 | 4 | -0/+4 |
| * | shadow: Implement fgetspent | Michael Forney | 2013-11-24 | 1 | -1/+10 |
| * | shadow: Move spent parsing to internal function | Michael Forney | 2013-11-24 | 2 | -31/+40 |
| * | shadow: Implement putspent | Michael Forney | 2013-11-24 | 2 | -5/+13 |
| * | putgrent: Add missing newline | Michael Forney | 2013-11-23 | 1 | -0/+1 |
| * | putgrent: Stop writing output on first failure•••This way, if an fprintf fails, we get an incomplete group entry rather
than a corrupted one.
| Michael Forney | 2013-11-23 | 1 | -2/+3 |
| * | fix off-by-one error in getgrnam_r and getgrgid_r, clobbering gr_name•••bug report and patch by Michael Forney. the terminating null pointer
at the end of the gr_mem array was overwriting the beginning of the
string data, causing the gr_name member to always be a zero-length
string.
| Rich Felker | 2013-09-29 | 1 | -2/+2 |
| * | change uid_t, gid_t, and id_t to unsigned types•••this change is both to fix one of the remaining type (and thus C++
ABI) mismatches with glibc/LSB and to allow use of the full range of
uid and gid values, if so desired.
passwd/group access functions were not prepared to deal with unsigned
values, so they too have been fixed with this commit.
| Rich Felker | 2013-07-19 | 2 | -6/+20 |
| * | add put*ent functions for passwd/group files and similar for shadow•••since shadow does not yet support enumeration (getspent), the
corresponding FILE-based get and put versions are also subbed out for
now. this is partly out of laziness and partly because it's not clear
how they should work in the presence of TCB shadow files. the stubs
should make it possible to compile some software that expects them to
exist, but such software still may not work properly.
| Rich Felker | 2013-04-04 | 3 | -0/+34 |
| * | add fgetgrent function•••based on patch by Isaac Dunham, moved to its own file to avoid
increasing bss on static linked programs not using this nonstandard
function but using the standard getgrent function, and vice versa.
| Rich Felker | 2013-02-17 | 1 | -0/+9 |
| * | more close-on-exec fixes, mostly using new "e" flag to fopen | Rich Felker | 2012-09-29 | 5 | -6/+6 |
| * | make passwd/group functions safe against cancellation in stdio•••these changes are a prerequisite to making stdio cancellable.
| Rich Felker | 2012-02-01 | 4 | -6/+35 |
| * | add fgetpwent (nonstandard function)•••based on patch by Jeremy Huntwork
| Rich Felker | 2012-01-29 | 1 | -0/+9 |
| * | fix clobbering of errno in get(pw|gr)([ug]id|nam) by fclose | Rich Felker | 2011-09-27 | 2 | -0/+12 |
| * | protect against/handle cancellation reading shadow passwords | Rich Felker | 2011-09-21 | 1 | -1/+11 |
| * | fix buffer overrun in getgrent code when there are no group members | Rich Felker | 2011-06-30 | 1 | -4/+8 |
| * | it's called getgrgid_r, not getgruid_r... | Rich Felker | 2011-06-08 | 1 | -1/+1 |
| * | shadow password fixes: empty fields should read as -1 not 0 | Rich Felker | 2011-04-20 | 1 | -7/+13 |
| * | guard against hard links to non-ordinary-files when reading tcb shadow | Rich Felker | 2011-02-14 | 1 | -2/+4 |
| * | initial check-in, version 0.5.0 | Rich Felker | 2011-02-12 | 11 | -0/+404 |
