/* liblxcapi
 *
 * Copyright © 2018 Christian Brauner <christian.brauner@ubuntu.com>.
 * Copyright © 2018 Canonical Ltd.
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2, as
 * published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program; if not, write to the Free Software Foundation, Inc.,
 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * This function has been copied from musl.
 */

#define _GNU_SOURCE
#include <byteswap.h>
#include <errno.h>
#include <grp.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/socket.h>
#include <pthread.h>
#include <unistd.h>

#define LOGIN_NAME_MAX 256
#define NSCDVERSION 2
#define GETPWBYNAME 0
#define GETPWBYUID 1
#define GETGRBYNAME 2
#define GETGRBYGID 3
#define GETINITGR 15

#define REQVERSION 0
#define REQTYPE 1
#define REQKEYLEN 2
#define REQ_LEN 3

#define PWVERSION 0
#define PWFOUND 1
#define PWNAMELEN 2
#define PWPASSWDLEN 3
#define PWUID 4
#define PWGID 5
#define PWGECOSLEN 6
#define PWDIRLEN 7
#define PWSHELLLEN 8
#define PW_LEN 9

#define GRVERSION 0
#define GRFOUND 1
#define GRNAMELEN 2
#define GRPASSWDLEN 3
#define GRGID 4
#define GRMEMCNT 5
#define GR_LEN 6

#define INITGRVERSION 0
#define INITGRFOUND 1
#define INITGRNGRPS 2
#define INITGR_LEN 3

#define FIX(x) (gr->gr_##x = gr->gr_##x - line + buf)

static unsigned atou(char **s)
{
	unsigned x;
	for (x = 0; **s - '0' < 10U; ++*s)
		x = 10 * x + (**s - '0');
	return x;
}

static int __getgrent_a(FILE *f, struct group *gr, char **line, size_t *size,
			char ***mem, size_t *nmem, struct group **res)
{
	ssize_t l;
	char *s, *mems;
	size_t i;
	int rv = 0;

#ifdef HAVE_PTHREAD_SETCANCELSTATE
	int cs;

	pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, &cs);
#endif

	for (;;) {
		if ((l = getline(line, size, f)) < 0) {
			rv = ferror(f) ? errno : 0;
			free(*line);
			*line = 0;
			gr = 0;
			goto end;
		}
		line[0][l - 1] = 0;

		s = line[0];
		gr->gr_name = s++;
		if (!(s = strchr(s, ':')))
			continue;

		*s++ = 0;
		gr->gr_passwd = s;
		if (!(s = strchr(s, ':')))
			continue;

		*s++ = 0;
		gr->gr_gid = atou(&s);
		if (*s != ':')
			continue;

		*s++ = 0;
		mems = s;
		break;
	}

	for (*nmem = !!*s; *s; s++)
		if (*s == ',')
			++*nmem;
	free(*mem);
	*mem = calloc(sizeof(char *), *nmem + 1);
	if (!*mem) {
		rv = errno;
		free(*line);
		*line = 0;
		gr = 0;
		goto end;
	}
	if (*mems) {
		mem[0][0] = mems;
		for (s = mems, i = 0; *s; s++)
			if (*s == ',')
				*s++ = 0, mem[0][++i] = s;
		mem[0][++i] = 0;
	} else {
		mem[0][0] = 0;
	}
	gr->gr_mem = *mem;
end:

#ifdef HAVE_PTHREAD_SETCANCELSTATE
	pthread_setcancelstate(cs, 0);
#endif

	*res = gr;
	if (rv)
		errno = rv;
	return rv;
}

static char *itoa(char *p, uint32_t x)
{
	// number of digits in a uint32_t + NUL
	p += 11;
	*--p = 0;
	do {
		*--p = '0' + x % 10;
		x /= 10;
	} while (x);
	return p;
}

static const struct {
	short sun_family;
	char sun_path[21];
} addr = {AF_UNIX, "/var/run/nscd/socket"};

static FILE *__nscd_query(int32_t req, const char *key, int32_t *buf,
			  size_t len, int *swap)
{
	size_t i;
	int fd;
	FILE *f = 0;
	int32_t req_buf[REQ_LEN] = {NSCDVERSION, req,
				    strnlen(key, LOGIN_NAME_MAX) + 1};
	struct msghdr msg = {.msg_iov =
				 (struct iovec[]){{&req_buf, sizeof(req_buf)},
						  {(char *)key, strlen(key) + 1}},
			     .msg_iovlen = 2};
	int errno_save = errno;

	*swap = 0;
retry:
	memset(buf, 0, len);
	buf[0] = NSCDVERSION;

	fd = socket(PF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
	if (fd < 0)
		return NULL;

	if (!(f = fdopen(fd, "r"))) {
		close(fd);
		return 0;
	}

	if (req_buf[2] > LOGIN_NAME_MAX)
		return f;

	if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
		/* If there isn't a running nscd we simulate a "not found"
		 * result and the caller is responsible for calling
		 * fclose on the (unconnected) socket. The value of
		 * errno must be left unchanged in this case.  */
		if (errno == EACCES || errno == ECONNREFUSED || errno == ENOENT) {
			errno = errno_save;
			return f;
		}
		goto error;
	}

	if (sendmsg(fd, &msg, MSG_NOSIGNAL) < 0)
		goto error;

	if (!fread(buf, len, 1, f)) {
		/* If the VERSION entry mismatches nscd will disconnect. The
		 * most likely cause is that the endianness mismatched. So, we
		 * byteswap and try once more. (if we already swapped, just
		 * fail out)
		 */
		if (ferror(f))
			goto error;
		if (!*swap) {
			fclose(f);
			for (i = 0; i < sizeof(req_buf) / sizeof(req_buf[0]);
			     i++) {
				req_buf[i] = bswap_32(req_buf[i]);
			}
			*swap = 1;
			goto retry;
		} else {
			errno = EIO;
			goto error;
		}
	}

	if (*swap) {
		for (i = 0; i < len / sizeof(buf[0]); i++) {
			buf[i] = bswap_32(buf[i]);
		}
	}

	/* The first entry in every nscd response is the version number. This
	 * really shouldn't happen, and is evidence of some form of malformed
	 * response.
	 */
	if (buf[0] != NSCDVERSION) {
		errno = EIO;
		goto error;
	}

	return f;
error:
	fclose(f);
	return 0;
}

static int __getgr_a(const char *name, gid_t gid, struct group *gr, char **buf,
		     size_t *size, char ***mem, size_t *nmem, struct group **res)
{
	FILE *f;
	int rv = 0;
#ifdef HAVE_PTHREAD_SETCANCELSTATE
	int cs;

	pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, &cs);
#endif

	*res = 0;

	f = fopen("/etc/group", "rbe");
	if (!f) {
		rv = errno;
		goto done;
	}

	while (!(rv = __getgrent_a(f, gr, buf, size, mem, nmem, res)) && *res) {
		if ((name && !strcmp(name, (*res)->gr_name)) ||
		    (!name && (*res)->gr_gid == gid)) {
			break;
		}
	}
	fclose(f);

	if (!*res && (rv == 0 || rv == ENOENT || rv == ENOTDIR)) {
		int32_t req = name ? GETGRBYNAME : GETGRBYGID;
		int32_t i;
		const char *key;
		int32_t groupbuf[GR_LEN] = {0};
		size_t len = 0;
		size_t grlist_len = 0;
		char gidbuf[11] = {0};
		int swap = 0;
		char *ptr;

		if (name) {
			key = name;
		} else {
			if (gid < 0 || gid > UINT32_MAX) {
				rv = 0;
				goto done;
			}
			key = itoa(gidbuf, gid);
		}

		f = __nscd_query(req, key, groupbuf, sizeof groupbuf, &swap);
		if (!f) {
			rv = errno;
			goto done;
		}

		if (!groupbuf[GRFOUND]) {
			rv = 0;
			goto cleanup_f;
		}

		if (!groupbuf[GRNAMELEN] || !groupbuf[GRPASSWDLEN]) {
			rv = EIO;
			goto cleanup_f;
		}

		if ((int64_t)groupbuf[GRNAMELEN] >
		    (int64_t)(SIZE_MAX - groupbuf[GRPASSWDLEN])) {
			rv = ENOMEM;
			goto cleanup_f;
		}
		len = groupbuf[GRNAMELEN] + groupbuf[GRPASSWDLEN];

		for (i = 0; i < groupbuf[GRMEMCNT]; i++) {
			uint32_t name_len;
			if (fread(&name_len, sizeof name_len, 1, f) < 1) {
				rv = ferror(f) ? errno : EIO;
				goto cleanup_f;
			}
			if (swap) {
				name_len = bswap_32(name_len);
			}
			if (name_len > SIZE_MAX - grlist_len ||
			    name_len > SIZE_MAX - len) {
				rv = ENOMEM;
				goto cleanup_f;
			}
			len += name_len;
			grlist_len += name_len;
		}

		if (len > *size || !*buf) {
			char *tmp = realloc(*buf, len);
			if (!tmp) {
				rv = errno;
				goto cleanup_f;
			}
			*buf = tmp;
			*size = len;
		}

		if (!fread(*buf, len, 1, f)) {
			rv = ferror(f) ? errno : EIO;
			goto cleanup_f;
		}

		if (((size_t)(groupbuf[GRMEMCNT] + 1)) > *nmem) {
			if (((size_t)(groupbuf[GRMEMCNT] + 1)) >
			    (SIZE_MAX / sizeof(char *))) {
				rv = ENOMEM;
				goto cleanup_f;
			}
			char **tmp = realloc(*mem, (groupbuf[GRMEMCNT] + 1) *
						       sizeof(char *));
			if (!tmp) {
				rv = errno;
				goto cleanup_f;
			}
			*mem = tmp;
			*nmem = groupbuf[GRMEMCNT] + 1;
		}

		if (groupbuf[GRMEMCNT]) {
			mem[0][0] =
			    *buf + groupbuf[GRNAMELEN] + groupbuf[GRPASSWDLEN];
			for (ptr = mem[0][0], i = 0;
			     ptr != mem[0][0] + grlist_len; ptr++)
				if (!*ptr)
					mem[0][++i] = ptr + 1;
			mem[0][i] = 0;

			if (i != groupbuf[GRMEMCNT]) {
				rv = EIO;
				goto cleanup_f;
			}
		} else {
			mem[0][0] = 0;
		}

		gr->gr_name = *buf;
		gr->gr_passwd = gr->gr_name + groupbuf[GRNAMELEN];
		gr->gr_gid = groupbuf[GRGID];
		gr->gr_mem = *mem;

		if (gr->gr_passwd[-1] ||
		    gr->gr_passwd[groupbuf[GRPASSWDLEN] - 1]) {
			rv = EIO;
			goto cleanup_f;
		}

		if ((name && strcmp(name, gr->gr_name)) ||
		    (!name && gid != gr->gr_gid)) {
			rv = EIO;
			goto cleanup_f;
		}

		*res = gr;

	cleanup_f:
		fclose(f);
		goto done;
	}

done:

#ifdef HAVE_PTHREAD_SETCANCELSTATE
	pthread_setcancelstate(cs, 0);
#endif

	if (rv)
		errno = rv;
	return rv;
}

static int getgr_r(const char *name, gid_t gid, struct group *gr, char *buf,
		   size_t size, struct group **res)
{
	char *line = 0;
	size_t len = 0;
	char **mem = 0;
	size_t nmem = 0;
	int rv = 0;
	size_t i;

#ifdef HAVE_PTHREAD_SETCANCELSTATE
	int cs;

	pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, &cs);
#endif

	rv = __getgr_a(name, gid, gr, &line, &len, &mem, &nmem, res);
	if (*res && size < len + (nmem + 1) * sizeof(char *) + 32) {
		*res = 0;
		rv = ERANGE;
	}
	if (*res) {
		buf += (16 - (uintptr_t)buf) % 16;
		gr->gr_mem = (void *)buf;
		buf += (nmem + 1) * sizeof(char *);
		memcpy(buf, line, len);
		FIX(name);
		FIX(passwd);
		for (i = 0; mem[i]; i++)
			gr->gr_mem[i] = mem[i] - line + buf;
		gr->gr_mem[i] = 0;
	}
	free(mem);
	free(line);

#ifdef HAVE_PTHREAD_SETCANCELSTATE
	pthread_setcancelstate(cs, 0);
#endif

	if (rv)
		errno = rv;
	return rv;
}

int getgrgid_r(gid_t gid, struct group *gr, char *buf, size_t size, struct group **res)
{
	return getgr_r(0, gid, gr, buf, size, res);
}