Annotation of src/usr.bin/ssh/groupaccess.c, Revision 1.5
1.1 markus 1: /*
2: * Copyright (c) 2001 Kevin Steves. All rights reserved.
3: *
4: * Redistribution and use in source and binary forms, with or without
5: * modification, are permitted provided that the following conditions
6: * are met:
7: * 1. Redistributions of source code must retain the above copyright
8: * notice, this list of conditions and the following disclaimer.
9: * 2. Redistributions in binary form must reproduce the above copyright
10: * notice, this list of conditions and the following disclaimer in the
11: * documentation and/or other materials provided with the distribution.
12: *
13: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16: * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22: * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23: */
24:
25: #include "includes.h"
1.5 ! stevesk 26: RCSID("$OpenBSD:$");
1.1 markus 27:
28: #include "groupaccess.h"
29: #include "xmalloc.h"
30: #include "match.h"
1.2 markus 31: #include "log.h"
1.1 markus 32:
33: static int ngroups;
34: static char *groups_byname[NGROUPS_MAX + 1]; /* +1 for base/primary group */
35:
1.4 markus 36: /*
37: * Initialize group access list for user with primary (base) and
38: * supplementary groups. Return the number of groups in the list.
39: */
1.1 markus 40: int
41: ga_init(const char *user, gid_t base)
42: {
43: gid_t groups_bygid[NGROUPS_MAX + 1];
44: int i, j;
45: struct group *gr;
46:
47: if (ngroups > 0)
48: ga_free();
49:
50: ngroups = sizeof(groups_bygid) / sizeof(gid_t);
51: if (getgrouplist(user, base, groups_bygid, &ngroups) == -1)
52: log("getgrouplist: groups list too small");
53: for (i = 0, j = 0; i < ngroups; i++)
54: if ((gr = getgrgid(groups_bygid[i])) != NULL)
55: groups_byname[j++] = xstrdup(gr->gr_name);
56: return (ngroups = j);
57: }
58:
1.4 markus 59: /*
60: * Return 1 if one of user's groups is contained in groups.
61: * Return 0 otherwise. Use match_pattern() for string comparison.
62: */
1.1 markus 63: int
64: ga_match(char * const *groups, int n)
65: {
66: int i, j;
67:
68: for (i = 0; i < ngroups; i++)
69: for (j = 0; j < n; j++)
70: if (match_pattern(groups_byname[i], groups[j]))
71: return 1;
72: return 0;
73: }
74:
1.4 markus 75: /*
76: * Free memory allocated for group access list.
77: */
1.1 markus 78: void
79: ga_free(void)
80: {
81: int i;
82:
83: if (ngroups > 0) {
84: for (i = 0; i < ngroups; i++)
85: xfree(groups_byname[i]);
86: ngroups = 0;
87: }
88: }