version 1.25, 2001/06/25 17:54:48 |
version 1.26, 2001/06/27 04:48:52 |
|
|
allowed_user(struct passwd * pw) |
allowed_user(struct passwd * pw) |
{ |
{ |
struct stat st; |
struct stat st; |
|
const char *hostname = NULL, *ipaddr = NULL; |
char *shell; |
char *shell; |
int i; |
int i; |
|
|
|
|
if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)))) |
if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)))) |
return 0; |
return 0; |
|
|
|
if (options.num_deny_users > 0 || options.num_allow_users > 0) { |
|
hostname = get_canonical_hostname(options.reverse_mapping_check); |
|
ipaddr = get_remote_ipaddr(); |
|
} |
|
|
/* Return false if user is listed in DenyUsers */ |
/* Return false if user is listed in DenyUsers */ |
if (options.num_deny_users > 0) { |
if (options.num_deny_users > 0) { |
for (i = 0; i < options.num_deny_users; i++) |
for (i = 0; i < options.num_deny_users; i++) |
if (match_pattern(pw->pw_name, options.deny_users[i])) |
if (match_user(pw->pw_name, hostname, ipaddr, |
|
options.deny_users[i])) |
return 0; |
return 0; |
} |
} |
/* Return false if AllowUsers isn't empty and user isn't listed there */ |
/* Return false if AllowUsers isn't empty and user isn't listed there */ |
if (options.num_allow_users > 0) { |
if (options.num_allow_users > 0) { |
for (i = 0; i < options.num_allow_users; i++) |
for (i = 0; i < options.num_allow_users; i++) |
if (match_pattern(pw->pw_name, options.allow_users[i])) |
if (match_user(pw->pw_name, hostname, ipaddr, |
|
options.allow_users[i])) |
break; |
break; |
/* i < options.num_allow_users iff we break for loop */ |
/* i < options.num_allow_users iff we break for loop */ |
if (i >= options.num_allow_users) |
if (i >= options.num_allow_users) |