3 * Utility functions for outputting ACLs
5 * Copyright (C) 1999 by the Massachusetts Institute of Technology.
6 * For copying and distribution information, please see the file
10 #include <mit-copyright.h>
12 #include <moira_site.h>
26 EXEC SQL INCLUDE sqlca;
30 static char *defaultrealm = NULL;
32 static struct hash *users, *strings;
34 static void save_imember(struct save_queue *sq, char *type, int id, char *tag);
35 static struct imember *imember(char type, char *name, char *tag);
36 static struct save_queue *merge_imembers(struct save_queue *sq,
37 char *(merge_func)(char *, char *));
41 krb5_context context = NULL;
44 users = create_hash(2000);
45 strings = create_hash(2000);
47 code = krb5_init_context(&context);
51 code = krb5_get_default_realm(context, &defaultrealm);
57 krb5_free_context(context);
60 void dump_krb_acl(FILE *out, char *type, int id, int vers)
62 struct save_queue *sq;
64 char kbuf[MAX_K_NAME_SZ];
66 sq = get_acl(type, id, NULL);
67 while (sq_remove_data(sq, &m))
71 fprintf(stderr, "Found string_id with no associated string. Exiting.\n");
76 canon_krb(m, vers, kbuf, sizeof(kbuf));
77 fprintf(out, "%s\n", kbuf);
84 void canon_krb(struct imember *m, int vers, char *buf, int len)
87 char kbuf[MAX_K_NAME_SZ];
92 snprintf(buf, len, "%s@%s", m->name, defaultrealm);
96 /* We assume we have a krb4-style namespace. If we want a krb5 acl, we need to
97 * krb5_425_conv_principal() on it. For krb4, do nothing special.
99 at = strchr(m->name, '@');
101 at = strchr(m->name, '\0');
102 snprintf(kbuf, len, "%s", m->name);
106 int plen = strlen(kbuf);
107 snprintf(kbuf + plen, len - plen, "@%s", defaultrealm);
112 char name[ANAME_SZ] = "\0", inst[INST_SZ] = "\0", realm[REALM_SZ] = "\0";
114 krb5_context context = NULL;
115 krb5_principal client = NULL;
118 if (mr_kname_parse(name, inst, realm, kbuf) != 0)
121 status = krb5_init_context(&context);
125 status = krb5_425_conv_principal(context, name, inst, realm, &client);
129 status = krb5_unparse_name(context, client, &kuser);
133 strncpy(buf, kuser, MAX_K_NAME_SZ);
134 buf[MAX_K_NAME_SZ - 1] = '\0';
138 krb5_free_unparsed_name(context, kuser);
140 krb5_free_principal(context, client);
142 krb5_free_context(context);
146 /* v4 output, and we should already have added a realm. */
147 snprintf(buf, len, "%s", kbuf);
153 void dump_user_list(FILE *out, char *type, int id)
155 struct save_queue *sq;
158 sq = get_acl(type, id, NULL);
159 while (sq_remove_data(sq, &m))
161 if (m->type == 'U' || (m->type == 'S' && !strchr(m->name, '@')))
162 fprintf(out, "%s\n", m->name);
168 struct save_queue *get_acl(char *type, int id,
169 char *(merge_func)(char *, char *))
171 struct save_queue *sq;
174 save_imember(sq, type, id, NULL);
175 return merge_imembers(sq, merge_func);
178 static void save_imember(struct save_queue *sq, char *type, int id, char *tag)
180 EXEC SQL BEGIN DECLARE SECTION;
181 int lid = id, mid, mid2, tagid, status;
182 char mtype[IMEMBERS_MEMBER_TYPE_SIZE];
183 EXEC SQL END DECLARE SECTION;
189 EXEC SQL SELECT status INTO :status FROM users WHERE users_id = :id;
191 sq_save_data(sq, imember('U', user_lookup(id), tag));
196 sq_save_data(sq, imember(*type, string_lookup(id), tag));
200 EXEC SQL DECLARE csr_acl_mem CURSOR FOR
201 SELECT member_type, member_id, tag FROM imembers
202 WHERE list_id = :lid AND direct = 1;
203 EXEC SQL OPEN csr_acl_mem;
206 EXEC SQL FETCH csr_acl_mem INTO :mtype, :mid, :tagid;
213 mtag = string_lookup(tagid);
216 EXEC SQL DECLARE csr_list CURSOR FOR
217 SELECT member_type, member_id FROM imembers
218 WHERE list_id = :mid AND member_type != 'LIST';
219 EXEC SQL OPEN csr_list;
222 EXEC SQL FETCH csr_list INTO :mtype, :mid;
226 save_imember(sq, mtype, mid, mtag);
228 EXEC SQL CLOSE csr_list;
231 save_imember(sq, mtype, mid, mtag);
236 static struct save_queue *merge_imembers(struct save_queue *sq,
237 char *(merge_func)(char *, char *))
240 struct imember *m1, *m2;
241 struct save_queue *out;
245 while (sq_remove_data(sq, &m1))
247 while (sq_get_data(sq, &m2))
249 if (m1->type == m2->type && !strcmp(m1->name, m2->name))
251 sq_remove_last_data(sq);
255 m1->tag = merge_func(m1->tag, m2->tag);
261 sq_save_data(out, m1);
267 static struct imember *imember(char type, char *name, char *tag)
270 m = malloc(sizeof(struct imember));
273 m->tag = strdup(tag ? tag : "");
277 void freeimember(struct imember *m)
283 char *user_lookup(int users_id)
287 u = hash_lookup(users, users_id);
292 EXEC SQL BEGIN DECLARE SECTION;
293 char login[USERS_LOGIN_SIZE];
294 EXEC SQL END DECLARE SECTION;
296 EXEC SQL SELECT login INTO :login FROM users
297 WHERE users_id = :users_id;
301 u = strdup(strtrim(login));
302 hash_store(users, users_id, u);
307 char *string_lookup(int string_id)
311 s = hash_lookup(strings, string_id);
316 EXEC SQL BEGIN DECLARE SECTION;
317 char string[STRINGS_STRING_SIZE];
318 EXEC SQL END DECLARE SECTION;
320 EXEC SQL SELECT string INTO :string FROM strings
321 WHERE string_id = :string_id;
325 s = strdup(strtrim(string));
326 hash_store(strings, string_id, s);