![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to chkpth.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 42BSD / usr.bin / uucp|
Return to chkpth.c CVS log | Up to [CSRG BSD Unix] / 42BSD / usr.bin / uucp |
1.1 root 1: #ifndef lint
2: static char sccsid[] = "@(#)chkpth.c 5.1 (Berkeley) 7/2/83";
3: #endif
4:
5: /*
6: * Doug Kingston, 30 July 82 to fix handling of the "userpath" structures.
7: * (brl-bmd)
8: * rti!trt: the code here is bizarre. There must be a zillion holes.
9: * chkpth should not be called for implied Spool requests .
10: * But explicit requests (foo!/usr/spoo/uucp/*) should use chkpth.
11: */
12: #include "uucp.h"
13: #include <sys/types.h>
14: #include <sys/stat.h>
15:
16:
17: struct userpath {
18: char *us_lname;
19: char *us_mname;
20: char us_callback;
21: char **us_path;
22: struct userpath *unext;
23: };
24: struct userpath *Uhead = NULL;
25: struct userpath *Mchdef = NULL, *Logdef = NULL;
26: int Uptfirst = 1;
27:
28:
29: /*******
30: * chkpth(logname, mchname, path)
31: * char *path, *logname, *mchname;
32: *
33: * chkpth - this routine will check the path table for the
34: * machine or log name (non-null parameter) to see if the
35: * input path (path)
36: * starts with an acceptable prefix.
37: *
38: * return codes: 0 | FAIL
39: */
40:
41: chkpth(logname, mchname, path)
42: char *path, *logname, *mchname;
43: {
44: register struct userpath *u;
45: extern char *lastpart();
46: register char **p, *s;
47:
48: /* Allow only rooted pathnames. Security wish. rti!trt */
49: if (*path != '/')
50: return(FAIL);
51:
52: if (Uptfirst) {
53: rdpth();
54: ASSERT(Uhead != NULL, "INIT USERFILE, No entrys!", "", 0);
55: Uptfirst = 0;
56: }
57: for (u = Uhead; u != NULL; ) {
58: if (*logname != '\0' && strcmp(logname, u->us_lname) == SAME)
59: break;
60: if (*mchname != '\0' && strncmp(mchname, u->us_mname, 7) == SAME)
61: break;
62: u = u->unext;
63: }
64: if (u == NULL) {
65: if (*logname == '\0')
66: u = Mchdef;
67: else
68: u = Logdef;
69: if (u == NULL)
70: return(FAIL);
71: }
72: /* found user name */
73: p = u->us_path;
74:
75: /* check for /../ in path name */
76: for (s = path; *s != '\0'; s++) {
77: if (prefix("/../",s))
78: return(FAIL);
79: }
80:
81: /* Check for access permission */
82: for (p = u->us_path; *p != NULL; p++)
83: if (prefix(*p, path))
84: return(0);
85:
86: /* path name not valid */
87: return(FAIL);
88: }
89:
90:
91: /***
92: * rdpth()
93: *
94: * rdpth - this routine will read the USERFILE and
95: * construct the userpath structure pointed to by (u);
96: *
97: * return codes: 0 | FAIL
98: *
99: * 5/3/81 - changed to enforce the uucp-wide convention that system
100: * names be 7 chars or less in length
101: */
102:
103: rdpth()
104: {
105: char buf[100 + 1], *pbuf[50 + 1];
106: register struct userpath *u;
107: register char *pc, **cp;
108: FILE *uf;
109:
110: if ((uf = fopen(USERFILE, "r")) == NULL) {
111: /* can not open file */
112: return;
113: }
114:
115: while (cfgets(buf, sizeof(buf), uf) != NULL) {
116: int nargs, i;
117:
118: if ((u = (struct userpath *)malloc(sizeof (struct userpath))) == NULL) {
119: DEBUG (1, "*** Userpath malloc failed\n", 0);
120: fclose (uf);
121: return;
122: }
123: if ((pc = calloc((unsigned)strlen(buf) + 1, sizeof (char)))
124: == NULL) {
125: /* can not allocate space */
126: DEBUG (1, "Userpath calloc 1 failed\n", 0);
127: fclose(uf);
128: return;
129: }
130:
131: strcpy(pc, buf);
132: nargs = getargs(pc, pbuf);
133: u->us_lname = pbuf[0];
134: pc = index(u->us_lname, ',');
135: if (pc != NULL)
136: *pc++ = '\0';
137: else
138: pc = u->us_lname + strlen(u->us_lname);
139: u->us_mname = pc;
140: if (strlen(u->us_mname) > 7)
141: u->us_mname[7] = '\0';
142: if (*u->us_lname == '\0' && Logdef == NULL)
143: Logdef = u;
144: /* rti!trt: commented following else so
145: * chkpth("","",file) works okay.
146: * I don't understand this, though.
147: */
148: /*else*/ if (*u->us_mname == '\0' && Mchdef == NULL)
149: Mchdef = u;
150: i = 1;
151: if (strcmp(pbuf[1], "c") == SAME) {
152: u->us_callback = 1;
153: i++;
154: }
155: else
156: u->us_callback = 0;
157: if ((cp = u->us_path =
158: (char **)calloc((unsigned)(nargs-i+1), sizeof(char *))) == NULL) {
159: /* can not allocate space */
160: DEBUG (1, "Userpath calloc 2 failed!\n", 0);
161: fclose(uf);
162: return;
163: }
164:
165: while (i < nargs)
166: *cp++ = pbuf[i++];
167: *cp = NULL;
168: u->unext = Uhead;
169: Uhead = u;
170: }
171:
172: fclose(uf);
173: return;
174: }
175:
176: /***
177: * callback(name) check for callback
178: * char *name;
179: *
180: * return codes:
181: * 0 - no call back
182: * 1 - call back
183: */
184:
185: callback(name)
186: register char *name;
187: {
188: register struct userpath *u;
189:
190: if (Uptfirst) {
191: rdpth();
192: ASSERT(Uhead != NULL, "INIT USERFILE, No Users!", "", 0);
193: Uptfirst = 0;
194: }
195:
196: for (u = Uhead; u != NULL; ) {
197: if (strcmp(u->us_lname, name) == SAME)
198: /* found user name */
199: return(u->us_callback);
200: u = u->unext;
201: }
202:
203: /* userid not found */
204: return(0);
205: }
206:
207:
208: /***
209: * chkperm(file, mopt) check write permission of file
210: * char *mopt; none NULL - create directories
211: *
212: * if mopt != NULL and permissions are ok,
213: * a side effect of this routine is to make
214: * directories up to the last part of the
215: * filename (if they do not exist).
216: *
217: * return 0 | FAIL
218: */
219:
220: chkperm(file, mopt)
221: char *file, *mopt;
222: {
223: struct stat s;
224: int ret;
225: char dir[MAXFULLNAME];
226: extern char *lastpart();
227:
228: if (stat(subfile(file), &s) == 0) {
229: /* Forbid scribbling on a not-generally-writable file */
230: /* rti!trt */
231: if ((s.st_mode & ANYWRITE) == 0)
232: return(FAIL);
233: return(0);
234: }
235:
236: strcpy(dir, file);
237: *lastpart(dir) = '\0';
238: if ((ret = stat(subfile(dir), &s)) == -1
239: && mopt == NULL)
240: return(FAIL);
241:
242: if (ret != -1) {
243: if ((s.st_mode & ANYWRITE) == 0)
244: return(FAIL);
245: else
246: return(0);
247: }
248:
249: /* make directories */
250: return(mkdirs(file));
251: }
252:
253: /*
254: * Check for sufficient privilege to request debugging.
255: * Suggested by seismo!stewart, John Stewart.
256: */
257: chkdebug(uid)
258: int uid;
259: {
260: if (uid > PRIV_UIDS) {
261: fprintf(stderr, "Sorry, uid must be <= %d for debugging\n",
262: PRIV_UIDS);
263: cleanup(1);
264: exit(1); /* Just in case */
265: }
266: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.