-/* $OpenBSD: groupaccess.c,v 1.3 2001/01/29 01:58:15 niklas Exp $ */
-
+/* $OpenBSD: groupaccess.c,v 1.12 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2001 Kevin Steves. All rights reserved.
*
#include "includes.h"
-#include "groupaccess.h"
+#include <sys/types.h>
+#include <sys/param.h>
+
+#include <grp.h>
+#include <unistd.h>
+#include <stdarg.h>
+
#include "xmalloc.h"
+#include "groupaccess.h"
#include "match.h"
#include "log.h"
static int ngroups;
-static char *groups_byname[NGROUPS_MAX + 1]; /* +1 for base/primary group */
+static char **groups_byname;
+/*
+ * Initialize group access list for user with primary (base) and
+ * supplementary groups. Return the number of groups in the list.
+ */
int
ga_init(const char *user, gid_t base)
{
- gid_t groups_bygid[NGROUPS_MAX + 1];
+ gid_t *groups_bygid;
int i, j;
struct group *gr;
if (ngroups > 0)
ga_free();
- ngroups = sizeof(groups_bygid) / sizeof(gid_t);
+ ngroups = NGROUPS_MAX;
+#if defined(HAVE_SYSCONF) && defined(_SC_NGROUPS_MAX)
+ ngroups = MAX(NGROUPS_MAX, sysconf(_SC_NGROUPS_MAX));
+#endif
+
+ groups_bygid = xcalloc(ngroups, sizeof(*groups_bygid));
+ groups_byname = xcalloc(ngroups, sizeof(*groups_byname));
+
if (getgrouplist(user, base, groups_bygid, &ngroups) == -1)
- log("getgrouplist: groups list too small");
+ logit("getgrouplist: groups list too small");
for (i = 0, j = 0; i < ngroups; i++)
if ((gr = getgrgid(groups_bygid[i])) != NULL)
groups_byname[j++] = xstrdup(gr->gr_name);
+ xfree(groups_bygid);
return (ngroups = j);
}
+/*
+ * Return 1 if one of user's groups is contained in groups.
+ * Return 0 otherwise. Use match_pattern() for string comparison.
+ */
int
ga_match(char * const *groups, int n)
{
return 0;
}
+/*
+ * Free memory allocated for group access list.
+ */
void
ga_free(void)
{
for (i = 0; i < ngroups; i++)
xfree(groups_byname[i]);
ngroups = 0;
+ xfree(groups_byname);
}
}
andersk / openssh.git / blobdiff