X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/23c2a7a5276426c153d5b7bdc10635e145a624b2..b5765e1d53dbb9696187d1ad465a02582b5fbafe:/groupaccess.c diff --git a/groupaccess.c b/groupaccess.c index ac9e00ac..f50879f8 100644 --- a/groupaccess.c +++ b/groupaccess.c @@ -1,5 +1,3 @@ -/* $OpenBSD: groupaccess.c,v 1.3 2001/01/29 01:58:15 niklas Exp $ */ - /* * Copyright (c) 2001 Kevin Steves. All rights reserved. * @@ -25,6 +23,7 @@ */ #include "includes.h" +RCSID("$OpenBSD: groupaccess.c,v 1.6 2003/04/08 20:21:28 itojun Exp $"); #include "groupaccess.h" #include "xmalloc.h" @@ -32,27 +31,43 @@ #include "log.h" static int ngroups; -static char *groups_byname[NGROUPS_MAX + 1]; /* +1 for base/primary group */ +static char **groups_byname; +/* + * Initialize group access list for user with primary (base) and + * supplementary groups. Return the number of groups in the list. + */ int ga_init(const char *user, gid_t base) { - gid_t groups_bygid[NGROUPS_MAX + 1]; + gid_t *groups_bygid; int i, j; struct group *gr; if (ngroups > 0) ga_free(); - ngroups = sizeof(groups_bygid) / sizeof(gid_t); + ngroups = NGROUPS_MAX; +#if defined(HAVE_SYSCONF) && defined(_SC_NGROUPS_MAX) + ngroups = MAX(NGROUPS_MAX, sysconf(_SC_NGROUPS_MAX)); +#endif + + groups_bygid = xmalloc(ngroups * sizeof(*groups_bygid)); + groups_byname = xmalloc(ngroups * sizeof(*groups_byname)); + if (getgrouplist(user, base, groups_bygid, &ngroups) == -1) - log("getgrouplist: groups list too small"); + logit("getgrouplist: groups list too small"); for (i = 0, j = 0; i < ngroups; i++) if ((gr = getgrgid(groups_bygid[i])) != NULL) groups_byname[j++] = xstrdup(gr->gr_name); + xfree(groups_bygid); return (ngroups = j); } +/* + * Return 1 if one of user's groups is contained in groups. + * Return 0 otherwise. Use match_pattern() for string comparison. + */ int ga_match(char * const *groups, int n) { @@ -65,6 +80,9 @@ ga_match(char * const *groups, int n) return 0; } +/* + * Free memory allocated for group access list. + */ void ga_free(void) { @@ -74,5 +92,6 @@ ga_free(void) for (i = 0; i < ngroups; i++) xfree(groups_byname[i]); ngroups = 0; + xfree(groups_byname); } }