Annotation of src/usr.bin/ssh/groupaccess.c, Revision 1.7
1.1 markus 1: /*
2: * Copyright (c) 2001 Kevin Steves. All rights reserved.
3: *
4: * Redistribution and use in source and binary forms, with or without
5: * modification, are permitted provided that the following conditions
6: * are met:
7: * 1. Redistributions of source code must retain the above copyright
8: * notice, this list of conditions and the following disclaimer.
9: * 2. Redistributions in binary form must reproduce the above copyright
10: * notice, this list of conditions and the following disclaimer in the
11: * documentation and/or other materials provided with the distribution.
12: *
13: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16: * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22: * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23: */
24:
25: #include "includes.h"
26:
27: #include "groupaccess.h"
28: #include "xmalloc.h"
29: #include "match.h"
1.2 markus 30: #include "log.h"
1.1 markus 31:
32: static int ngroups;
33: static char *groups_byname[NGROUPS_MAX + 1]; /* +1 for base/primary group */
34:
1.4 markus 35: /*
36: * Initialize group access list for user with primary (base) and
37: * supplementary groups. Return the number of groups in the list.
38: */
1.1 markus 39: int
40: ga_init(const char *user, gid_t base)
41: {
42: gid_t groups_bygid[NGROUPS_MAX + 1];
43: int i, j;
44: struct group *gr;
45:
46: if (ngroups > 0)
47: ga_free();
48:
49: ngroups = sizeof(groups_bygid) / sizeof(gid_t);
50: if (getgrouplist(user, base, groups_bygid, &ngroups) == -1)
1.6 itojun 51: logit("getgrouplist: groups list too small");
1.1 markus 52: for (i = 0, j = 0; i < ngroups; i++)
53: if ((gr = getgrgid(groups_bygid[i])) != NULL)
54: groups_byname[j++] = xstrdup(gr->gr_name);
55: return (ngroups = j);
56: }
57:
1.4 markus 58: /*
59: * Return 1 if one of user's groups is contained in groups.
60: * Return 0 otherwise. Use match_pattern() for string comparison.
61: */
1.1 markus 62: int
63: ga_match(char * const *groups, int n)
64: {
65: int i, j;
66:
67: for (i = 0; i < ngroups; i++)
68: for (j = 0; j < n; j++)
69: if (match_pattern(groups_byname[i], groups[j]))
70: return 1;
71: return 0;
72: }
73:
1.4 markus 74: /*
75: * Free memory allocated for group access list.
76: */
1.1 markus 77: void
78: ga_free(void)
79: {
80: int i;
81:
82: if (ngroups > 0) {
83: for (i = 0; i < ngroups; i++)
84: xfree(groups_byname[i]);
85: ngroups = 0;
86: }
87: }