← Back to branch summary

~ubuntu-branches/ubuntu/karmic/dante/karmic

« back to all changes in this revision

Viewing changes to sockd/accesscheck.c

  • Committer: Bazaar Package Importer
  • Author(s): Thijs Kinkhorst
  • Date: 2006-10-19 12:09:39 UTC
  • mfrom: (3.1.1 dapper)
  • Revision ID: james.westby@ubuntu.com-20061019120939-t818x24e2tn8be5k
Tags: 1.1.18-2.1
http://bugs.debian.org/393568
* Non-maintainer upload for RC bug.
* Make sure changelogs are installed into all packages (Closes: #393568).

Show diffs side-by-side

added added

removed removed

Lines of Context:
sockd/accesscheck.c
44
44
#include "common.h"
45
45
 
46
46
static const char rcsid[] =
47
 
"$Id: accesscheck.c,v 1.19 2003/07/01 13:21:39 michaels Exp $";
 
47
"$Id: accesscheck.c,v 1.22 2005/05/13 13:37:32 michaels Exp $";
 
48
 
 
49
 
 
50
int
 
51
usermatch(auth, userlist)
 
52
        const struct authmethod_t *auth;
 
53
        const struct linkedname_t *userlist;
 
54
{
 
55
/*      const char *function = "usermatch()"; */
 
56
        const char *name;
 
57
 
 
58
        switch (auth->method) {
 
59
                case AUTHMETHOD_UNAME:
 
60
                        name            = (const char *)auth->mdata.uname.name;
 
61
                        break;
 
62
 
 
63
                case AUTHMETHOD_RFC931:
 
64
                        name            = (const char *)auth->mdata.rfc931.name;
 
65
                        break;
 
66
 
 
67
                case AUTHMETHOD_PAM:
 
68
                        name            = (const char *)auth->mdata.pam.name;
 
69
                        break;
 
70
 
 
71
                default:
 
72
                        /*
 
73
                         * adding non-username based methods to rules requiring usernames
 
74
                         * should not be possible.
 
75
                        */
 
76
                        SERRX(auth->method);
 
77
        }
 
78
 
 
79
        do
 
80
                if (strcmp(name, userlist->name) == 0)
 
81
                        break;
 
82
        while ((userlist = userlist->next) != NULL);
 
83
 
 
84
        if (userlist == NULL)
 
85
                return 0; /* no match. */
 
86
        return 1;
 
87
}
48
88
 
49
89
 
50
90
/* ARGSUSED */
51
91
int
52
 
accessmatch(s, auth, src, dst, userlist, emsg, emsgsize)
 
92
accesscheck(s, auth, src, dst, emsg, emsgsize)
53
93
        int s;
54
94
        struct authmethod_t *auth;
55
95
        const struct sockaddr *src, *dst;
56
 
        const struct linkedname_t *userlist;
57
96
        char *emsg;
58
97
        size_t emsgsize;
59
98
{
60
 
        const char *function = "accessmatch()";
 
99
        const char *function = "accesscheck()";
61
100
        char srcstr[MAXSOCKADDRSTRING], dststr[sizeof(srcstr)];
62
101
        int match;
63
102
 
66
105
        src == NULL ? "<unknown>" : sockaddr2string(src, srcstr, sizeof(srcstr)),
67
106
        dst == NULL ? "<unknown>" : sockaddr2string(dst, dststr, sizeof(dststr)));
68
107
 
69
 
        if (userlist != NULL) {
70
 
                const struct linkedname_t *ruleuser;
71
 
                const char *name;
72
 
 
73
 
                /*
74
 
                 * The userlist names restricts access further, only names
75
 
                 * appearing there are checked.
76
 
                 */
77
 
 
78
 
                ruleuser = userlist;
79
 
                switch (auth->method) {
80
 
                        case AUTHMETHOD_UNAME:
81
 
                                name            = (const char *)auth->mdata.uname.name;
82
 
                                break;
83
 
 
84
 
                        case AUTHMETHOD_RFC931:
85
 
                                name            = (const char *)auth->mdata.rfc931.name;
86
 
                                break;
87
 
 
88
 
                        case AUTHMETHOD_PAM:
89
 
                                name            = (const char *)auth->mdata.pam.name;
90
 
                                break;
91
 
 
92
 
                        default:
93
 
                                /*
94
 
                                 * adding non-username based methods to rules requiring usernames
95
 
                                 * should not be possible.
96
 
                                */
97
 
                                SERRX(auth->method);
98
 
                }
99
 
 
100
 
                do
101
 
                        if (strcmp(name, ruleuser->name) == 0)
102
 
                                break;
103
 
                while ((ruleuser = ruleuser->next) != NULL);
104
 
 
105
 
                if (ruleuser == NULL)
106
 
                        return 0; /* no match. */
107
 
        }
108
 
 
109
108
        /*
110
109
         * We don't want to re-check the same method.  This could
111
110
         * happen in several cases:
169
168
                 * same client, others can not.  Mark those who can't as
170
169
                 * "tried" so we don't waste time on re-trying them.
171
170
                 */
 
171
#if HAVE_PAM
172
172
                case AUTHMETHOD_PAM:
173
 
                        if (sockscf.state.unfixedpamdata)
 
173
                        if (sockscf.state.pamservicename == NULL)
174
174
                                break;
175
175
                        /* else; */ /* FALLTHROUGH */
 
176
#endif
176
177
 
177
178
                case AUTHMETHOD_NONE:
178
179
                case AUTHMETHOD_UNAME: