version 1.185, 2008/07/02 02:24:18 |
version 1.186, 2008/07/04 03:44:59 |
|
|
match_cfg_line_group(const char *grps, int line, const char *user) |
match_cfg_line_group(const char *grps, int line, const char *user) |
{ |
{ |
int result = 0; |
int result = 0; |
u_int ngrps = 0; |
|
char *arg, *p, *cp, *grplist[MAX_MATCH_GROUPS]; |
|
struct passwd *pw; |
struct passwd *pw; |
|
|
/* |
|
* Even if we do not have a user yet, we still need to check for |
|
* valid syntax. |
|
*/ |
|
arg = cp = xstrdup(grps); |
|
while ((p = strsep(&cp, ",")) != NULL && *p != '\0') { |
|
if (ngrps >= MAX_MATCH_GROUPS) { |
|
error("line %d: too many groups in Match Group", line); |
|
result = -1; |
|
goto out; |
|
} |
|
grplist[ngrps++] = p; |
|
} |
|
|
|
if (user == NULL) |
if (user == NULL) |
goto out; |
goto out; |
|
|
|
|
} else if (ga_init(pw->pw_name, pw->pw_gid) == 0) { |
} else if (ga_init(pw->pw_name, pw->pw_gid) == 0) { |
debug("Can't Match group because user %.100s not in any group " |
debug("Can't Match group because user %.100s not in any group " |
"at line %d", user, line); |
"at line %d", user, line); |
} else if (ga_match(grplist, ngrps) != 1) { |
} else if (ga_match_pattern_list(grps) != 1) { |
debug("user %.100s does not match group %.100s at line %d", |
debug("user %.100s does not match group list %.100s at line %d", |
user, arg, line); |
user, grps, line); |
} else { |
} else { |
debug("user %.100s matched group %.100s at line %d", user, |
debug("user %.100s matched group list %.100s at line %d", user, |
arg, line); |
grps, line); |
result = 1; |
result = 1; |
} |
} |
out: |
out: |
ga_free(); |
ga_free(); |
xfree(arg); |
|
return result; |
return result; |
} |
} |
|
|