From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 25052 invoked by alias); 2 Apr 2004 09:01:09 -0000 Mailing-List: contact libc-hacker-help@sources.redhat.com; run by ezmlm Precedence: bulk List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-hacker-owner@sources.redhat.com Received: (qmail 24983 invoked from network); 2 Apr 2004 09:01:04 -0000 Received: from unknown (HELO sunsite.ms.mff.cuni.cz) (195.113.15.26) by sources.redhat.com with SMTP; 2 Apr 2004 09:01:04 -0000 Received: from sunsite.ms.mff.cuni.cz (sunsite.mff.cuni.cz [127.0.0.1]) by sunsite.ms.mff.cuni.cz (8.12.8/8.12.8) with ESMTP id i326omHS017501; Fri, 2 Apr 2004 08:50:48 +0200 Received: (from jakub@localhost) by sunsite.ms.mff.cuni.cz (8.12.8/8.12.8/Submit) id i326omcS017497; Fri, 2 Apr 2004 08:50:48 +0200 Date: Fri, 02 Apr 2004 09:01:00 -0000 From: Jakub Jelinek To: Ulrich Drepper , Thorsten Kukuk Cc: Glibc hackers Subject: [PATCH] SERVICES_AUTHORITATIVE Message-ID: <20040402065048.GI514@sunsite.ms.mff.cuni.cz> Reply-To: Jakub Jelinek Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="+SfteS7bOf3dGlBC" Content-Disposition: inline User-Agent: Mutt/1.4i X-SW-Source: 2004-04/txt/msg00007.txt.bz2 --+SfteS7bOf3dGlBC Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-length: 748 Hi! For compatibility reasons, still getservbyname{,_r} needs to read whole servyces.byname map for requests for non-existent protocols. This patch allows the admin to say in /etc/default/nss that services.byservicename exists and is authoritative and thus avoid fetching the whole map ever by getservbyname*. Attached are also incremental patch to ypserv (on top of the one from yesterday) and a full ypserv patch. Apparently at least Solaris 9 is building the services.byservicename map properly (i.e. say for qotd 17/tcp quote qotd 17/udp quote there will be qotd/tcp, qotd, quote/tcp, quote, qotd/udp and quote/udp keys) while the Makefile I googled up would not add in the case above "quote". Jakub --+SfteS7bOf3dGlBC Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="glibc-services-authoritative.patch" Content-length: 8078 2004-04-02 Jakub Jelinek * nis/nss: Add SERVICES_AUTHORITATIVE. * nis/nss-nis.h (NSS_FLAG_SET, NSS_FLAG_NETID_AUTHORITATIVE, NSS_FLAG_SERVICES_AUTHORITATIVE): Define. (_nis_default_nss_flags, _nis_check_default_nss): New decls. (_nis_default_nss): New inline. * nis/nss-nis.c: Include ctype.h, stdio.h and stdio_ext.h. (_nis_default_nss_flags, default_nss): New variables. (_nis_check_default_nss): New function. * nis/nss_nis/nis-initgroups.c: Don't include stdio.h and stdio_ext.h. (check_default_nss, default_nss): Move to nss-nis.c. (init): Removed. (_nss_nis_initgroups_dyn): Use _nis_default_nss (). * nis/nss_nis/nis-services.c (_nss_nis_getservbyname_r): If NSS_FLAG_SERVICES_AUTHORITATIVE and services.byservicename lookup fails, return immediately. --- libc/nis/nss.jj 2004-03-30 20:32:38.000000000 +0200 +++ libc/nis/nss 2004-04-02 10:35:18.525894354 +0200 @@ -1,12 +1,20 @@ # /etc/default/nss # This file can theoretically contain a bunch of customization variables -# for Name Service Switch in the GNU C library. For now there is only one -# variable: +# for Name Service Switch in the GNU C library. For now there are only two +# variables: # # NETID_AUTHORITATIVE -# If set to TRUE the initgroups() function will accept the information +# If set to TRUE, the initgroups() function will accept the information # from the netid.byname NIS map as authoritative. This can speed up the # function significantly if the group.byname map is large. The content # of the netid.byname map is used AS IS. The system administrator has # to make sure it is correctly generated. #NETID_AUTHORITATIVE=TRUE +# +# SERVICES_AUTHORITATIVE +# If set to TRUE, the getservbyname{,_r}() function will assume +# services.byservicename NIS map exists and is authoritative, particularly +# that it contains both keys with /proto and without /proto for both +# primary service names and service aliases. The system administrator +# has to make sure it is correctly generated. +#SERVICES_AUTHORITATIVE=TRUE --- libc/nis/nss-nis.h.jj 2001-07-06 06:55:36.000000000 +0200 +++ libc/nis/nss-nis.h 2004-04-02 10:19:32.816377812 +0200 @@ -1,4 +1,4 @@ -/* Copyright (C) 1996 Free Software Foundation, Inc. +/* Copyright (C) 1996, 2004 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -36,4 +36,16 @@ yperr2nss (int errval) return __yperr2nss_tab[(unsigned int) errval]; } +#define NSS_FLAG_SET 1 +#define NSS_FLAG_NETID_AUTHORITATIVE 2 +#define NSS_FLAG_SERVICES_AUTHORITATIVE 4 +extern int _nis_default_nss_flags attribute_hidden; +extern int _nis_check_default_nss (void) attribute_hidden; + +extern inline __attribute__((always_inline)) int +_nis_default_nss (void) +{ + return _nis_default_nss_flags ?: _nis_check_default_nss (); +} + #endif /* nis/nss-nis.h */ --- libc/nis/nss-nis.c.jj 2001-07-06 06:55:36.000000000 +0200 +++ libc/nis/nss-nis.c 2004-04-02 10:32:11.116480561 +0200 @@ -1,4 +1,4 @@ -/* Copyright (C) 1996, 2001 Free Software Foundation, Inc. +/* Copyright (C) 1996, 2001, 2004 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -16,6 +16,9 @@ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. */ +#include +#include +#include #include #include "nss-nis.h" @@ -45,3 +48,81 @@ const enum nss_status __yperr2nss_tab[] }; const unsigned int __yperr2nss_count = (sizeof (__yperr2nss_tab) / sizeof (__yperr2nss_tab[0])); + +int _nis_default_nss_flags; + +static const char default_nss[] = "/etc/default/nss"; + +int +_nis_check_default_nss (void) +{ + FILE *fp = fopen (default_nss, "rc"); + int flags = NSS_FLAG_SET; + if (fp != NULL) + { + char *line = NULL; + size_t linelen = 0; + + __fsetlocking (fp, FSETLOCKING_BYCALLER); + + while (!feof_unlocked (fp)) + { + ssize_t n = getline (&line, &linelen, fp); + if (n <= 0) + break; + + /* There currently are only two variables we expect, so + simplify the parsing. Recognize only + + NETID_AUTHORITATIVE = TRUE + SERVICES_AUTHORITATIVE = TRUE + + with arbitrary white spaces. */ + char *cp = line; + while (isspace (*cp)) + ++cp; + + /* Recognize comment lines. */ + if (*cp == '#') + continue; + + static const char netid_authoritative[] = "NETID_AUTHORITATIVE"; + static const char services_authoritative[] + = "SERVICES_AUTHORITATIVE"; + size_t flag_len; + if (strncmp (cp, netid_authoritative, + flag_len = sizeof (netid_authoritative) - 1) != 0 + && strncmp (cp, services_authoritative, + flag_len = sizeof (services_authoritative) - 1) + != 0) + continue; + + cp += flag_len; + while (isspace (*cp)) + ++cp; + if (*cp++ != '=') + continue; + while (isspace (*cp)) + ++cp; + + if (strncmp (cp, "TRUE", 4) != 0) + continue; + cp += 4; + + while (isspace (*cp)) + ++cp; + + if (*cp == '\0') + flags |= flag_len == sizeof (netid_authoritative) - 1 + ? NSS_FLAG_NETID_AUTHORITATIVE + : NSS_FLAG_SERVICES_AUTHORITATIVE; + } + + free (line); + + fclose (fp); + } + + _nis_default_nss_flags = flags; + return flags; +} --- libc/nis/nss_nis/nis-service.c.jj 2004-04-02 10:06:51.000000000 +0200 +++ libc/nis/nss_nis/nis-service.c 2004-04-02 10:44:50.672358259 +0200 @@ -330,6 +330,10 @@ _nss_nis_getservbyname_r (const char *na return NSS_STATUS_SUCCESS; } + /* Check if it is safe to rely on services.byservicename. */ + if (_nis_default_nss () & NSS_FLAG_SERVICES_AUTHORITATIVE) + return status; + struct ypall_callback ypcb; struct search_t req; --- libc/nis/nss_nis/nis-initgroups.c.jj 2004-04-02 09:55:51.000000000 +0200 +++ libc/nis/nss_nis/nis-initgroups.c 2004-04-02 10:26:41.217602735 +0200 @@ -23,8 +23,6 @@ #include #include #include -#include -#include #include #include #include @@ -129,78 +127,6 @@ internal_getgrent_r (struct group *grp, } -static int init; -static int use_netid; - - -static const char default_nss[] = "/etc/default/nss"; - -static void -check_default_nss (void) -{ - FILE *fp = fopen (default_nss, "rc"); - if (fp != NULL) - { - char *line = NULL; - size_t linelen = 0; - - __fsetlocking (fp, FSETLOCKING_BYCALLER); - - while (!feof_unlocked (fp)) - { - ssize_t n = getline (&line, &linelen, fp); - if (n <= 0) - break; - - /* There currently is only one variable we expect, so - simplify the parsing. Recognize only - - NETID_AUTHORITATIVE = TRUE - - with arbitrary white spaces. */ - char *cp = line; - while (isspace (*cp)) - ++cp; - - /* Recognize comment lines. */ - if (*cp == '#') - continue; - - static const char netid_authoritative[] = "NETID_AUTHORITATIVE"; - if (strncmp (cp, netid_authoritative, - sizeof (netid_authoritative) - 1) != 0) - continue; - - cp += sizeof (netid_authoritative) - 1; - while (isspace (*cp)) - ++cp; - if (*cp++ != '=') - continue; - while (isspace (*cp)) - ++cp; - - if (strncmp (cp, "TRUE", 4) != 0) - continue; - cp +=4; - - while (isspace (*cp)) - ++cp; - - if (*cp == '\0') - use_netid = 1; - - /* For now, just drop out of the loop. */ - break; - } - - free (line); - - fclose (fp); - } - init = 1; -} - - static int get_uid (const char *user, uid_t *uidp) { @@ -321,10 +247,7 @@ _nss_nis_initgroups_dyn (const char *use return NSS_STATUS_UNAVAIL; /* Check whether we are supposed to use the netid.byname map. */ - if (!init) - check_default_nss (); - - if (use_netid) + if (_nis_default_nss () & NSS_FLAG_NETID_AUTHORITATIVE) { /* We need the user ID. */ uid_t uid; --+SfteS7bOf3dGlBC Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="ypserv-servicesbyname-incremental.patch" Content-length: 615 --- ypserv-2.12.1/scripts/ypMakefile.in.jj 2004-04-01 10:08:27.000000000 +0200 +++ ypserv-2.12.1/scripts/ypMakefile.in 2004-04-02 10:40:48.734716634 +0200 @@ -278,7 +278,8 @@ services.byservicename: $(SERVICES) $(YP print $$1 TMP"\t"$$0 ; \ if (! seen[$$1]) { seen[$$1] = 1 ; print $$1"\t"$$0 ; } \ for (N = 3; N <= NF && $$N !~ "#" ; N++) { \ - if ($$N !~ "#" && $$N != "") print $$N TMP"\t"$$0 \ + if ($$N !~ "#" && $$N != "") print $$N TMP"\t"$$0 ; \ + if (! seen[$$N]) { seen[$$N] = 1 ; print $$N"\t"$$0 ; } \ } } } ' \ $(SERVICES) | $(DBLOAD) -r -i $(SERVICES) \ -o $(YPMAPDIR)/$@ - $@ --+SfteS7bOf3dGlBC Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="ypserv-servicesbyname-full.patch" Content-length: 825 --- ypserv-2.12.1/scripts/ypMakefile.in.jj 2004-01-20 10:44:54.000000000 +0100 +++ ypserv-2.12.1/scripts/ypMakefile.in 2004-04-02 10:40:48.734716634 +0200 @@ -274,10 +274,12 @@ services.byname: $(SERVICES) $(YPDIR)/Ma services.byservicename: $(SERVICES) $(YPDIR)/Makefile @echo "Updating $@..." @$(AWK) '{ if ($$1 !~ "#" && $$1 != "") { \ - TMP = $$2 ; gsub("[0-9]+","",TMP) ; \ + split($$2,A,"/") ; TMP = "/" A[2] ; \ print $$1 TMP"\t"$$0 ; \ + if (! seen[$$1]) { seen[$$1] = 1 ; print $$1"\t"$$0 ; } \ for (N = 3; N <= NF && $$N !~ "#" ; N++) { \ - if ($$N !~ "#" && $$N != "") print $$N TMP"\t"$$0 \ + if ($$N !~ "#" && $$N != "") print $$N TMP"\t"$$0 ; \ + if (! seen[$$N]) { seen[$$N] = 1 ; print $$N"\t"$$0 ; } \ } } } ' \ $(SERVICES) | $(DBLOAD) -r -i $(SERVICES) \ -o $(YPMAPDIR)/$@ - $@ --+SfteS7bOf3dGlBC--