Coming late to the discussion.
Darren J Moffat schrieb:
Solaris currently documents a maximum username length of 8 characters
in passwd(4).
Other Operating Systems don't have such a small limit. In fact Solaris
mostly works and has for quite some time with usernames upto 32
characters.
The 8 character limit is manifest in three places
1) the LOGNAME_MAX constant in <limits.h> (8)
2) L_cuserid in stdio.h (when __EXTENSIONS__) is defined (9)
This symbol is deprecated for XPG6 / SUSv3 onwards.
3) getconf _POSIX_LOGIN_NAME_MAX / LOGIN_NAME_MAX (9)
The OpenGroup limits.h documentation says that LOGIN_NAME_MAX returns
the number maximum number length of a login name and that _POSIX_LOGIN_NAME_MAX
is the minumum acceptable value. That implies that they need not be
the same.
This case changes so that we have:
1) the LOGNAME_MAX constant in <limits.h> (32)
As others have commented that breaks ABI for any libraries that use
character arrays of this size in their interfaces.
That makes such changes risky for customers, in particular ISVs.
2) L_cuserid in stdio.h (when __EXTENSIONS__) is defined (33)
This symbol is deprecated for XPG6 / SUSv3 onwards.
I don't see the point of changing this value. Its only real use is the
length of a character array to pass to cuserid(3C).
You cannot change cuserid(3C) to use more than 9 bytes of a
caller-provided buffer, as existing binaries have the old value of
L_cuserid compiled in. Changing that would require a major release that
makes sure all uses of this API are recompiled.
3) getconf _POSIX_LOGIN_NAME_MAX (9)
4) getconf LOGIN_NAME_MAX (33)
Unfortunately the getlogin(3C) man page documents for getlogin_r that
'The name buffer must be at least _POSIX_LOGIN_NAME_MAX bytes in size',
suggesting that that size would be sufficient to hold any result. Even
if that documentation is changed to suggest use of LOGIN_NAME_MAX,
existing code following that recommendation may break when encountering
long user names. At least the getlogin_r(3C) call can signal the error
properly (as opposed to cuserid(3C)).
Ideally code should use sysconf to lookup LOGIN_NAME_MAX but there is
also a lot of exsting that derives the size using something like this:
(sizeof (((struct utmpx *)0)->ut_name))
The method for fixing utilities that are currently restricted to 8
character usernames is outside the scope of the ARC case and is really
an issue for the codereviewers and CRT advocates. Though it is highly
recommended that "32" not be hardcoded into a local constant but
instead either LOGNAME_MAX from <limits.h> be used or if possible
sysconf(3C), the method of using the ut_name field is acceptable
particularly if it means minimal code change.
Of course the real bulk of code affected and left in need of fixing is
customer and ISV code.
Changing fixed length defines creates the risk of breaking ISV ABI and
creating buffer overrun bugs in code that is correct today.
Changing getconf values is much less harmful, as code that dynamically
queries such values should already be prepared to use the dynamic values.
- Jörg
--
Joerg Barfurth phone: +49 40 23646662 / x66662
Software Engineer mailto:joerg.barfu...@sun.com
Desktop Technology http://blogs.sun.com/joergb/
Thin Client Software http://www.sun.com/software/sunray/
Sun Microsystems GmbH http://www.sun.com/software/vdi/
_______________________________________________
opensolaris-arc mailing list
opensolaris-arc@opensolaris.org
