| login_ok.c (116344) | login_ok.c (121193) |
|---|---|
| 1/*- 2 * Copyright (c) 1996 by 3 * David Nugent <davidn@blaze.net.au> 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, is permitted provided that the following conditions 8 * are met: --- 8 unchanged lines hidden (view full) --- 17 * 4. Absolutely no warranty of function or purpose is made by the authors. 18 * 5. Modifications may be freely made to this file providing the above 19 * conditions are met. 20 * 21 * Support allow/deny lists in login class capabilities 22 */ 23 24#include <sys/cdefs.h> | 1/*- 2 * Copyright (c) 1996 by 3 * David Nugent <davidn@blaze.net.au> 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, is permitted provided that the following conditions 8 * are met: --- 8 unchanged lines hidden (view full) --- 17 * 4. Absolutely no warranty of function or purpose is made by the authors. 18 * 5. Modifications may be freely made to this file providing the above 19 * conditions are met. 20 * 21 * Support allow/deny lists in login class capabilities 22 */ 23 24#include <sys/cdefs.h> |
| 25__FBSDID("$FreeBSD: head/lib/libutil/login_ok.c 116344 2003-06-14 18:42:37Z markm $"); | 25__FBSDID("$FreeBSD: head/lib/libutil/login_ok.c 121193 2003-10-18 10:04:16Z markm $"); |
| 26 27#include <sys/types.h> 28#include <sys/time.h> 29#include <sys/resource.h> 30#include <sys/param.h> 31#include <errno.h> 32#include <fnmatch.h> 33#include <login_cap.h> --- 9 unchanged lines hidden (view full) --- 43 * login_strinlist() 44 * This function is intentionally public - reused by TAS. 45 * Returns TRUE (non-zero) if a string matches a pattern 46 * in a given array of patterns. 'flags' is passed directly 47 * to fnmatch(3). 48 */ 49 50int | 26 27#include <sys/types.h> 28#include <sys/time.h> 29#include <sys/resource.h> 30#include <sys/param.h> 31#include <errno.h> 32#include <fnmatch.h> 33#include <login_cap.h> --- 9 unchanged lines hidden (view full) --- 43 * login_strinlist() 44 * This function is intentionally public - reused by TAS. 45 * Returns TRUE (non-zero) if a string matches a pattern 46 * in a given array of patterns. 'flags' is passed directly 47 * to fnmatch(3). 48 */ 49 50int |
| 51login_strinlist(char **list, char const *str, int flags) | 51login_strinlist(const char **list, char const *str, int flags) |
| 52{ 53 int rc = 0; 54 55 if (str != NULL && *str != '\0') { 56 int i = 0; 57 58 while (rc == 0 && list[i] != NULL) 59 rc = fnmatch(list[i++], str, flags) == 0; 60 } 61 return rc; 62} 63 64 65/* 66 * login_str2inlist() 67 * Locate either or two strings in a given list 68 */ 69 70int | 52{ 53 int rc = 0; 54 55 if (str != NULL && *str != '\0') { 56 int i = 0; 57 58 while (rc == 0 && list[i] != NULL) 59 rc = fnmatch(list[i++], str, flags) == 0; 60 } 61 return rc; 62} 63 64 65/* 66 * login_str2inlist() 67 * Locate either or two strings in a given list 68 */ 69 70int |
| 71login_str2inlist(char **ttlst, const char *str1, const char *str2, int flags) | 71login_str2inlist(const char **ttlst, const char *str1, const char *str2, int flags) |
| 72{ 73 int rc = 0; 74 75 if (login_strinlist(ttlst, str1, flags)) 76 rc = 1; 77 else if (login_strinlist(ttlst, str2, flags)) 78 rc = 1; 79 return rc; --- 8 unchanged lines hidden (view full) --- 88 */ 89 90login_time_t * 91login_timelist(login_cap_t *lc, char const *cap, int *ltno, 92 login_time_t **ltptr) 93{ 94 int j = 0; 95 struct login_time *lt = NULL; | 72{ 73 int rc = 0; 74 75 if (login_strinlist(ttlst, str1, flags)) 76 rc = 1; 77 else if (login_strinlist(ttlst, str2, flags)) 78 rc = 1; 79 return rc; --- 8 unchanged lines hidden (view full) --- 88 */ 89 90login_time_t * 91login_timelist(login_cap_t *lc, char const *cap, int *ltno, 92 login_time_t **ltptr) 93{ 94 int j = 0; 95 struct login_time *lt = NULL; |
| 96 char **tl; | 96 const char **tl; |
| 97 98 if ((tl = login_getcaplist(lc, cap, NULL)) != NULL) { 99 100 while (tl[j++] != NULL) 101 ; 102 if (*ltno >= j) 103 lt = *ltptr; 104 else if ((lt = realloc(*ltptr, j * sizeof(struct login_time))) != NULL) { --- 23 unchanged lines hidden (view full) --- 128login_ttyok(login_cap_t *lc, const char *tty, const char *allowcap, 129 const char *denycap) 130{ 131 int rc = 1; 132 133 if (lc != NULL && tty != NULL && *tty != '\0') { 134 struct ttyent *te; 135 char *grp; | 97 98 if ((tl = login_getcaplist(lc, cap, NULL)) != NULL) { 99 100 while (tl[j++] != NULL) 101 ; 102 if (*ltno >= j) 103 lt = *ltptr; 104 else if ((lt = realloc(*ltptr, j * sizeof(struct login_time))) != NULL) { --- 23 unchanged lines hidden (view full) --- 128login_ttyok(login_cap_t *lc, const char *tty, const char *allowcap, 129 const char *denycap) 130{ 131 int rc = 1; 132 133 if (lc != NULL && tty != NULL && *tty != '\0') { 134 struct ttyent *te; 135 char *grp; |
| 136 char **ttl; | 136 const char **ttl; |
| 137 138 te = getttynam(tty); /* Need group name */ 139 grp = te ? te->ty_group : NULL; 140 ttl = login_getcaplist(lc, allowcap, NULL); 141 142 if (ttl != NULL && !login_str2inlist(ttl, tty, grp, 0)) 143 rc = 0; /* tty or ttygroup not in allow list */ 144 else { --- 31 unchanged lines hidden (view full) --- 176int 177login_hostok(login_cap_t *lc, const char *host, const char *ip, 178 const char *allowcap, const char *denycap) 179{ 180 int rc = 1; /* Default is ok */ 181 182 if (lc != NULL && 183 ((host != NULL && *host != '\0') || (ip != NULL && *ip != '\0'))) { | 137 138 te = getttynam(tty); /* Need group name */ 139 grp = te ? te->ty_group : NULL; 140 ttl = login_getcaplist(lc, allowcap, NULL); 141 142 if (ttl != NULL && !login_str2inlist(ttl, tty, grp, 0)) 143 rc = 0; /* tty or ttygroup not in allow list */ 144 else { --- 31 unchanged lines hidden (view full) --- 176int 177login_hostok(login_cap_t *lc, const char *host, const char *ip, 178 const char *allowcap, const char *denycap) 179{ 180 int rc = 1; /* Default is ok */ 181 182 if (lc != NULL && 183 ((host != NULL && *host != '\0') || (ip != NULL && *ip != '\0'))) { |
| 184 char **hl; | 184 const char **hl; |
| 185 186 hl = login_getcaplist(lc, allowcap, NULL); 187 if (hl != NULL && !login_str2inlist(hl, host, ip, FNM_CASEFOLD)) 188 rc = 0; /* host or IP not in allow list */ 189 else { 190 191 hl = login_getcaplist(lc, denycap, NULL); 192 if (hl != NULL && login_str2inlist(hl, host, ip, FNM_CASEFOLD)) --- 58 unchanged lines hidden --- | 185 186 hl = login_getcaplist(lc, allowcap, NULL); 187 if (hl != NULL && !login_str2inlist(hl, host, ip, FNM_CASEFOLD)) 188 rc = 0; /* host or IP not in allow list */ 189 else { 190 191 hl = login_getcaplist(lc, denycap, NULL); 192 if (hl != NULL && login_str2inlist(hl, host, ip, FNM_CASEFOLD)) --- 58 unchanged lines hidden --- |