![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to acl.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / contrib / isode-beta / dsap / common|
Return to acl.c CVS log | Up to [CSRG BSD Unix] / 43BSDReno / contrib / isode-beta / dsap / common |
1.1 ! root 1: /* acl.c - General Access Control routines */ ! 2: ! 3: #ifndef lint ! 4: static char *rcsid = "$Header: /f/osi/dsap/common/RCS/acl.c,v 7.1 89/12/19 16:19:09 mrose Exp $"; ! 5: #endif ! 6: ! 7: /* ! 8: * $Header: /f/osi/dsap/common/RCS/acl.c,v 7.1 89/12/19 16:19:09 mrose Exp $ ! 9: * ! 10: * ! 11: * $Log: acl.c,v $ ! 12: * Revision 7.1 89/12/19 16:19:09 mrose ! 13: * sync ! 14: * ! 15: * Revision 7.0 89/11/23 21:41:28 mrose ! 16: * Release 6.0 ! 17: * ! 18: */ ! 19: ! 20: /* ! 21: * NOTICE ! 22: * ! 23: * Acquisition, use, and distribution of this module and related ! 24: * materials are subject to the restrictions of a license agreement. ! 25: * Consult the Preface in the User's Manual for the full terms of ! 26: * this agreement. ! 27: * ! 28: */ ! 29: ! 30: ! 31: /* LINTLIBRARY */ ! 32: ! 33: #include "quipu/util.h" ! 34: #include "quipu/entry.h" ! 35: #include "cmd_srch.h" ! 36: ! 37: static struct acl_info * defaultacl = (struct acl_info *) NULL; ! 38: ! 39: static acl_free (aclptr) ! 40: register struct acl * aclptr; ! 41: { ! 42: acl_info_free (aclptr->ac_child); ! 43: acl_info_free (aclptr->ac_entry); ! 44: acl_info_free (aclptr->ac_default); ! 45: acl_attr_free (aclptr); ! 46: free ((char *) aclptr); ! 47: } ! 48: ! 49: static acl_attr_free (aclptr) ! 50: register struct acl * aclptr; ! 51: { ! 52: register struct acl_attr * ptr; ! 53: register struct acl_attr * next; ! 54: ! 55: for (ptr=aclptr->ac_attributes ; ptr!=NULLACL_ATTR; ptr=next ) { ! 56: next = ptr->aa_next; ! 57: oid_seq_free (ptr->aa_types); ! 58: if (ptr->aa_acl != aclptr->ac_default) ! 59: acl_info_free (ptr->aa_acl); ! 60: free ((char *) ptr); ! 61: } ! 62: } ! 63: ! 64: static acl_info_free (aclptr) ! 65: register struct acl_info * aclptr; ! 66: { ! 67: register struct acl_info * ptr; ! 68: register struct acl_info * next; ! 69: ! 70: if (test_acl_default(aclptr) == OK) ! 71: return; ! 72: ! 73: for (ptr=aclptr ; ptr!=NULLACL_INFO; ptr=next ) { ! 74: next = ptr->acl_next; ! 75: dn_seq_free (ptr->acl_name); ! 76: free ((char *) ptr); ! 77: } ! 78: ! 79: } ! 80: ! 81: int acl_cmp (acl1, acl2) ! 82: struct acl * acl1; ! 83: struct acl * acl2; ! 84: { ! 85: int i; ! 86: ! 87: if((acl1 == NULLACL) && (acl2 == NULLACL)) ! 88: return(0); ! 89: ! 90: if(acl1 == NULLACL) ! 91: return(-1); ! 92: ! 93: if(acl2 == NULLACL) ! 94: return(1); ! 95: ! 96: if((i = acl_info_cmp(acl1->ac_child, acl2->ac_child)) != 0) ! 97: return(i); ! 98: ! 99: if((i = acl_info_cmp(acl1->ac_entry, acl2->ac_entry)) != 0) ! 100: return(i); ! 101: ! 102: if((i = acl_info_cmp(acl1->ac_default, acl2->ac_default)) != 0) ! 103: return(i); ! 104: ! 105: if((i = acl_attr_cmp(acl1->ac_attributes, acl2->ac_attributes)) != 0) ! 106: return(i); ! 107: ! 108: return(0); ! 109: } ! 110: ! 111: static int acl_attr_cmp (acl_attr1, acl_attr2) ! 112: struct acl_attr * acl_attr1; ! 113: struct acl_attr * acl_attr2; ! 114: { ! 115: struct acl_attr * aa1; ! 116: struct acl_attr * aa2; ! 117: ! 118: if((acl_attr1 == NULLACL_ATTR) && (acl_attr2 == NULLACL_ATTR)) ! 119: return(0); ! 120: ! 121: if(acl_attr1 == NULLACL_ATTR) ! 122: return(-1); ! 123: ! 124: if(acl_attr2 == NULLACL_ATTR) ! 125: return(1); ! 126: ! 127: for(aa1=acl_attr1; aa1 != NULLACL_ATTR; aa1=aa1->aa_next) ! 128: { ! 129: for(aa2=acl_attr2; aa2 != NULLACL_ATTR; aa2=aa2->aa_next) ! 130: { ! 131: if(acl_attr_comp_cmp(aa1, aa2) == 0) ! 132: break; ! 133: } ! 134: if(aa2 == NULLACL_ATTR) ! 135: return(1); ! 136: } ! 137: ! 138: for(aa2=acl_attr2; aa2 != NULLACL_ATTR; aa2=aa2->aa_next) ! 139: { ! 140: for(aa1=acl_attr1; aa1 != NULLACL_ATTR; aa1=aa1->aa_next) ! 141: { ! 142: if(acl_attr_comp_cmp(aa1, aa2) == 0) ! 143: break; ! 144: } ! 145: if(aa1 == NULLACL_ATTR) ! 146: return(-1); ! 147: } ! 148: ! 149: return(0); ! 150: ! 151: } ! 152: ! 153: static int acl_attr_comp_cmp (acl_attr1, acl_attr2) ! 154: struct acl_attr * acl_attr1; ! 155: struct acl_attr * acl_attr2; ! 156: { ! 157: int i; ! 158: ! 159: if((acl_attr1 == NULLACL_ATTR) && (acl_attr2 == NULLACL_ATTR)) ! 160: return(0); ! 161: ! 162: if(acl_attr1 == NULLACL_ATTR) ! 163: return(-1); ! 164: ! 165: if(acl_attr2 == NULLACL_ATTR) ! 166: return(1); ! 167: ! 168: if((i = oid_seq_cmp(acl_attr1->aa_types, acl_attr2->aa_types)) != 0) ! 169: return(i); ! 170: ! 171: if((i = acl_info_cmp(acl_attr1->aa_acl, acl_attr2->aa_acl)) != 0) ! 172: return(i); ! 173: ! 174: return(0); ! 175: } ! 176: ! 177: static int acl_info_cmp (acl_info1, acl_info2) ! 178: struct acl_info * acl_info1; ! 179: struct acl_info * acl_info2; ! 180: { ! 181: struct acl_info * ai1; ! 182: struct acl_info * ai2; ! 183: ! 184: if((acl_info1 == NULLACL_INFO) && (acl_info2 == NULLACL_INFO)) ! 185: return(0); ! 186: ! 187: if(acl_info1 == NULLACL_INFO) ! 188: if (test_acl_default(acl_info2) == OK) ! 189: return(0); ! 190: else ! 191: return(-1); ! 192: ! 193: if(acl_info2 == NULLACL_INFO) ! 194: if (test_acl_default(acl_info1) == OK) ! 195: return(0); ! 196: else ! 197: return(11); ! 198: ! 199: for(ai1=acl_info1; ai1 != NULLACL_INFO; ai1=ai1->acl_next) ! 200: { ! 201: for(ai2=acl_info2; ai2 != NULLACL_INFO; ai2=ai2->acl_next) ! 202: { ! 203: if(acl_info_comp_cmp(ai1, ai2) == 0) ! 204: break; ! 205: } ! 206: if(ai2 == NULLACL_INFO) ! 207: return(1); ! 208: } ! 209: ! 210: for(ai2=acl_info2; ai2 != NULLACL_INFO; ai2=ai2->acl_next) ! 211: { ! 212: for(ai1=acl_info1; ai1 != NULLACL_INFO; ai1=ai1->acl_next) ! 213: { ! 214: if(acl_info_comp_cmp(ai2, ai1) == 0) ! 215: break; ! 216: } ! 217: if(ai1 == NULLACL_INFO) ! 218: return(-1); ! 219: } ! 220: ! 221: return(0); ! 222: } ! 223: ! 224: static int acl_info_comp_cmp (acl_info1, acl_info2) ! 225: struct acl_info * acl_info1; ! 226: struct acl_info * acl_info2; ! 227: { ! 228: int i; ! 229: ! 230: if((acl_info1 == NULLACL_INFO) && (acl_info2 == NULLACL_INFO)) ! 231: return(0); ! 232: ! 233: if(acl_info1 == NULLACL_INFO) ! 234: return(-1); ! 235: ! 236: if(acl_info2 == NULLACL_INFO) ! 237: return(1); ! 238: ! 239: if(acl_info1->acl_categories > acl_info2->acl_categories) ! 240: return(1); ! 241: ! 242: if(acl_info2->acl_categories > acl_info1->acl_categories) ! 243: return(-1); ! 244: ! 245: if(acl_info1->acl_selector_type > acl_info2->acl_selector_type) ! 246: return(1); ! 247: ! 248: if(acl_info2->acl_selector_type > acl_info1->acl_selector_type) ! 249: return(-1); ! 250: ! 251: if((i = dn_seq_cmp(acl_info1->acl_name, acl_info2->acl_name)) != 0) ! 252: return(i); ! 253: ! 254: return(0); ! 255: } ! 256: ! 257: ! 258: struct acl_info * acl_info_new (x,y,z) ! 259: register int x,y; ! 260: struct dn_seq * z; ! 261: { ! 262: register struct acl_info * ptr; ! 263: ! 264: ptr = acl_info_alloc (); ! 265: acl_info_fill (ptr,x,y,z); ! 266: ptr->acl_next = NULLACL_INFO; ! 267: return (ptr); ! 268: } ! 269: ! 270: static struct acl * acl_cpy (aclptr) ! 271: register struct acl * aclptr; ! 272: { ! 273: register struct acl * ptr; ! 274: ! 275: ptr = (struct acl *) smalloc (sizeof (struct acl)); ! 276: ptr->ac_child = acl_info_cpy (aclptr->ac_child); ! 277: ptr->ac_entry = acl_info_cpy (aclptr->ac_entry); ! 278: ptr->ac_default = acl_info_cpy (aclptr->ac_default); ! 279: ptr->ac_attributes = acl_attr_cpy (aclptr->ac_attributes,ptr->ac_default); ! 280: return (ptr); ! 281: ! 282: } ! 283: ! 284: static struct acl * acl_decode (pe) ! 285: PE pe; ! 286: { ! 287: struct acl * aclptr; ! 288: ! 289: aclptr = acl_alloc (); ! 290: if (decode_Quipu_ACLSyntax(pe,1,NULLIP,NULLVP,aclptr) == NOTOK) { ! 291: free ((char *)aclptr); ! 292: return (struct acl *) NULL; ! 293: } ! 294: return (aclptr); ! 295: ! 296: } ! 297: ! 298: static struct acl_attr * acl_attr_cpy (aclptr,dflt) ! 299: struct acl_attr * aclptr; ! 300: struct acl_info * dflt; ! 301: { ! 302: register struct acl_attr * ptr; ! 303: register struct acl_attr * ptr2; ! 304: register struct acl_attr * result = NULLACL_ATTR; ! 305: ! 306: for (ptr=aclptr ; ptr!=NULLACL_ATTR; ptr=ptr->aa_next ) { ! 307: ptr2 = acl_attr_alloc (); ! 308: ptr2->aa_next = result; ! 309: result = ptr2; ! 310: ptr2->aa_types = oid_seq_cpy (ptr->aa_types); ! 311: if (ptr->aa_acl != dflt) ! 312: ptr2->aa_acl = acl_info_cpy (ptr->aa_acl); ! 313: else ! 314: ptr2->aa_acl = dflt; ! 315: } ! 316: return (result); ! 317: } ! 318: ! 319: ! 320: static struct acl_info * acl_info_cpy (aclptr) ! 321: struct acl_info * aclptr; ! 322: { ! 323: register struct acl_info * ptr; ! 324: register struct acl_info * ptr2; ! 325: register struct acl_info * result = NULLACL_INFO; ! 326: ! 327: if (test_acl_default(aclptr) == OK) { ! 328: return (defaultacl); ! 329: } ! 330: ! 331: for (ptr=aclptr ; ptr!=NULLACL_INFO; ptr=ptr->acl_next ) { ! 332: ptr2 = acl_info_alloc(); ! 333: ptr2 -> acl_next = result; ! 334: result = ptr2; ! 335: result->acl_categories = ptr->acl_categories; ! 336: result->acl_selector_type = ptr->acl_selector_type; ! 337: result->acl_name = dn_seq_cpy (ptr->acl_name); ! 338: } ! 339: return (result); ! 340: } ! 341: ! 342: struct acl_info * acl_default () ! 343: { ! 344: return (defaultacl); ! 345: } ! 346: ! 347: get_default_acl () ! 348: { ! 349: defaultacl = acl_info_alloc (); ! 350: set_default_acl(defaultacl); ! 351: } ! 352: ! 353: set_default_acl (ai_ptr) ! 354: struct acl_info * ai_ptr; ! 355: ! 356: { ! 357: /* default - others # read & self # write */ ! 358: ! 359: ai_ptr ->acl_categories = ACL_READ; ! 360: ai_ptr ->acl_selector_type = ACL_OTHER; ! 361: ai_ptr ->acl_name = NULLDNSEQ; ! 362: ai_ptr ->acl_next = acl_info_alloc(); ! 363: ai_ptr ->acl_next->acl_categories = ACL_WRITE; ! 364: ai_ptr ->acl_next->acl_selector_type = ACL_ENTRY; ! 365: ai_ptr ->acl_next->acl_next = NULLACL_INFO; ! 366: ai_ptr ->acl_next->acl_name = NULLDNSEQ; ! 367: ! 368: } ! 369: ! 370: test_acl_default (a) ! 371: struct acl_info * a; ! 372: { ! 373: if (a == NULLACL_INFO) ! 374: return (OK); /* used to NOTOK, is OK safe !!! */ ! 375: ! 376: if (a ->acl_categories != ACL_READ) { ! 377: ! 378: if (a ->acl_categories != ACL_WRITE) ! 379: return (NOTOK); ! 380: if (a ->acl_selector_type != ACL_ENTRY) ! 381: return (NOTOK); ! 382: if (a ->acl_next == NULLACL_INFO) ! 383: return (NOTOK); ! 384: if (a ->acl_next->acl_categories != ACL_READ) ! 385: return (NOTOK); ! 386: if (a ->acl_next->acl_selector_type != ACL_OTHER) ! 387: return (NOTOK); ! 388: if (a ->acl_next->acl_next != NULLACL_INFO) ! 389: return (NOTOK); ! 390: return (OK); ! 391: ! 392: } if (a ->acl_selector_type != ACL_OTHER) ! 393: return (NOTOK); ! 394: if (a ->acl_next == NULLACL_INFO) ! 395: return (NOTOK); ! 396: if (a ->acl_next->acl_categories != ACL_WRITE) ! 397: return (NOTOK); ! 398: if (a ->acl_next->acl_selector_type != ACL_ENTRY) ! 399: return (NOTOK); ! 400: if (a ->acl_next->acl_next != NULLACL_INFO) ! 401: return (NOTOK); ! 402: ! 403: return (OK); ! 404: } ! 405: ! 406: static struct acl_attr * acl_attr_merge (a,b) ! 407: struct acl_attr *a; ! 408: struct acl_attr *b; ! 409: { ! 410: struct acl_attr *c; ! 411: ! 412: if (b == NULLACL_ATTR) ! 413: return (a); ! 414: ! 415: for (c=a ; c!= NULLACL_ATTR; c=c->aa_next) { ! 416: if (oid_seq_cmp (c->aa_types,b->aa_types) == 0) { ! 417: b->aa_acl->acl_next = c->aa_acl; ! 418: c->aa_acl = b->aa_acl; ! 419: return (a); ! 420: } ! 421: } ! 422: ! 423: b->aa_next = a; ! 424: return (b); ! 425: ! 426: ! 427: ! 428: } ! 429: ! 430: static acl_merge (a,str) ! 431: AV_Sequence a; ! 432: char * str; ! 433: { ! 434: struct acl * aclptr, aclstr; ! 435: struct acl * newacl, *str2acl_aux(); ! 436: ! 437: bzero ((char*)&aclstr,sizeof(struct acl)); ! 438: ! 439: if ((newacl = str2acl_aux(str,&aclstr)) == NULLACL) ! 440: return; ! 441: ! 442: aclptr = (struct acl *) a->avseq_av.av_struct; ! 443: ! 444: if (newacl->ac_child != NULLACL_INFO) { ! 445: newacl->ac_child->acl_next = aclptr->ac_child; ! 446: aclptr->ac_child = newacl->ac_child; ! 447: } ! 448: if (newacl->ac_entry != NULLACL_INFO) { ! 449: newacl->ac_entry->acl_next = aclptr->ac_entry; ! 450: aclptr->ac_entry = newacl->ac_entry; ! 451: } ! 452: if (newacl->ac_default != NULLACL_INFO) { ! 453: newacl->ac_default->acl_next = aclptr->ac_default; ! 454: aclptr->ac_default = newacl->ac_default; ! 455: } ! 456: if (newacl->ac_attributes != NULLACL_ATTR) ! 457: aclptr->ac_attributes = acl_attr_merge (aclptr->ac_attributes,newacl->ac_attributes); ! 458: } ! 459: ! 460: ! 461: static char * acl_cat [] = { ! 462: "none", ! 463: "detect", ! 464: "compare", ! 465: "read", ! 466: "add", ! 467: "write" ! 468: }; ! 469: static char * acl_sel [] = { ! 470: "self", ! 471: "others", ! 472: "prefix", ! 473: "group" ! 474: }; ! 475: ! 476: static acl_info_comp_print (ps,aclptr,format) ! 477: register PS ps; ! 478: register struct acl_info * aclptr; ! 479: register int format; ! 480: { ! 481: if (format == READOUT) { ! 482: switch (aclptr->acl_selector_type) { ! 483: case ACL_PREFIX: ! 484: case ACL_GROUP: ! 485: ps_printf (ps,"%s ( ",acl_sel[aclptr->acl_selector_type]); ! 486: dn_seq_print (ps,aclptr->acl_name,format); ! 487: ps_printf (ps," ) can %s ",acl_cat[aclptr->acl_categories]); ! 488: break; ! 489: default: ! 490: ps_printf (ps,"%s can %s ", acl_sel[aclptr->acl_selector_type], acl_cat[aclptr->acl_categories]); ! 491: } ! 492: } else { ! 493: switch (aclptr->acl_selector_type) { ! 494: case ACL_PREFIX: ! 495: case ACL_GROUP: ! 496: ps_printf (ps,"%s # ",acl_sel[aclptr->acl_selector_type]); ! 497: dn_seq_print (ps,aclptr->acl_name,format); ! 498: ps_printf (ps," # %s ",acl_cat[aclptr->acl_categories]); ! 499: break; ! 500: default: ! 501: ps_printf (ps,"%s # %s ", acl_sel[aclptr->acl_selector_type], acl_cat[aclptr->acl_categories]); ! 502: } ! 503: } ! 504: } ! 505: ! 506: static acl_info_print (ps,aclptr,format,acl_type,oidseq) ! 507: register PS ps; ! 508: struct acl_info * aclptr; ! 509: register int format; ! 510: char * acl_type; ! 511: struct oid_seq *oidseq; ! 512: { ! 513: register struct acl_info * ptr; ! 514: char printed = FALSE; ! 515: ! 516: if (test_acl_default(aclptr) == OK) ! 517: return; ! 518: ! 519: for (ptr=aclptr ; ptr!=NULLACL_INFO; ptr=ptr->acl_next ) { ! 520: ! 521: if (printed) ! 522: if (format != READOUT) ! 523: ps_print (ps,"\nacl= "); ! 524: else ! 525: ps_print (ps,"\n\t\t\t"); ! 526: else ! 527: printed = TRUE; ! 528: ! 529: acl_info_comp_print (ps,ptr,format); ! 530: ! 531: if (format == READOUT) { ! 532: if (oidseq != NULLOIDSEQ) { ! 533: ps_printf (ps,"the %s: ",acl_type); ! 534: oid_seq_print (ps,oidseq,format) ; ! 535: } else ! 536: ps_printf (ps,"the %s",acl_type); ! 537: ! 538: } else { ! 539: ps_printf (ps,"# %s",acl_type); ! 540: if (oidseq != NULLOIDSEQ) { ! 541: ps_print (ps," # "); ! 542: oid_seq_print (ps,oidseq,format) ; ! 543: } ! 544: } ! 545: } ! 546: } ! 547: ! 548: static acl_print (ps,aclptr,format) ! 549: register PS ps; ! 550: struct acl * aclptr; ! 551: register int format; ! 552: { ! 553: char printed = FALSE; ! 554: register struct acl_attr * ptr; ! 555: ! 556: ! 557: if (test_acl_default(aclptr->ac_child) != OK) { ! 558: acl_info_print (ps,aclptr->ac_child,format, "child", NULLOIDSEQ); ! 559: printed = TRUE; ! 560: } ! 561: ! 562: if (test_acl_default(aclptr->ac_entry) != OK) { ! 563: if (printed) ! 564: if (format != READOUT) ! 565: ps_print (ps,"\nacl= "); ! 566: else ! 567: ps_print (ps,"\n\t\t\t"); ! 568: else ! 569: printed = TRUE; ! 570: acl_info_print (ps,aclptr->ac_entry,format,"entry", NULLOIDSEQ); ! 571: } ! 572: ! 573: if (test_acl_default(aclptr->ac_default) != OK) { ! 574: if (printed) ! 575: if (format != READOUT) ! 576: ps_print (ps,"\nacl= "); ! 577: else ! 578: ps_print (ps,"\n\t\t\t"); ! 579: else { ! 580: printed = TRUE; ! 581: } ! 582: acl_info_print (ps,aclptr->ac_default,format,"default", NULLOIDSEQ); ! 583: } ! 584: ! 585: for (ptr=aclptr->ac_attributes ; ptr!=NULLACL_ATTR; ptr=ptr->aa_next ) { ! 586: if (test_acl_default(ptr->aa_acl) == OK) ! 587: continue; ! 588: ! 589: if (acl_info_cmp(ptr->aa_acl,aclptr->ac_default) == 0) ! 590: continue; ! 591: ! 592: if (printed) ! 593: if (format != READOUT) ! 594: ps_print (ps,"\nacl= "); ! 595: else ! 596: ps_print (ps,"\n\t\t\t"); ! 597: else { ! 598: printed = TRUE; ! 599: } ! 600: acl_info_print (ps,ptr->aa_acl,format, "attributes", ptr->aa_types); ! 601: } ! 602: ! 603: if (! printed) ! 604: if (format == READOUT) ! 605: ps_print (ps,"(default)"); ! 606: } ! 607: ! 608: static struct acl_info * str2acl_info (strptr) ! 609: char ** strptr; ! 610: { ! 611: char * ptr; ! 612: char * save,val; ! 613: int class,what; ! 614: struct dn_seq * dnseq = NULLDNSEQ; ! 615: ! 616: static CMD_TABLE cmd_what [] = { ! 617: "none", ACL_NONE, ! 618: "detect", ACL_DETECT, ! 619: "compare", ACL_COMPARE, ! 620: "read", ACL_READ, ! 621: "add", ACL_ADD, ! 622: "write", ACL_WRITE, ! 623: 0, -1 ! 624: } ; ! 625: ! 626: static CMD_TABLE cmd_class [] = { ! 627: "SELF", ACL_ENTRY, ! 628: "OTHERS", ACL_OTHER, ! 629: "GROUP", ACL_GROUP, ! 630: "PREFIX", ACL_PREFIX, ! 631: 0, -1, ! 632: } ; ! 633: ! 634: if ((ptr = index (*strptr,'#')) == 0) { ! 635: parse_error ("# missing in acl syntax '%s'",*strptr); ! 636: return (NULLACL_INFO); ! 637: } ! 638: ! 639: save = ptr++; ! 640: if (**strptr == '#') { ! 641: parse_error ("acl class missing before first '#' ",NULLCP); ! 642: return (NULLACL_INFO); ! 643: } else { ! 644: if (! isspace (*--save)) ! 645: save++; ! 646: val = *save; ! 647: *save = 0; ! 648: ! 649: if (( class = cmd_srch (*strptr,cmd_class)) == -1) { ! 650: parse_error ("unknown acl class '%s'",*strptr); ! 651: *save = val; ! 652: return (NULLACL_INFO); ! 653: } ! 654: *save = val; ! 655: } ! 656: ! 657: *strptr = SkipSpace(ptr); ! 658: if ((ptr = index (*strptr,'#')) == 0) { ! 659: parse_error ("2nd # missing in acl syntax ",NULLCP); ! 660: return (NULLACL_INFO); ! 661: } ! 662: ! 663: if ( (class == ACL_GROUP) || (class == ACL_PREFIX) ) { /* group or prefix */ ! 664: save = ptr++; ! 665: if (**strptr == '#') { ! 666: parse_error ("acl class missing before first '#' ",NULLCP); ! 667: return (NULLACL_INFO); ! 668: } else { ! 669: if (! isspace (*--save)) ! 670: save++; ! 671: val = *save; ! 672: *save = 0; ! 673: ! 674: if ((dnseq = str2dnseq (*strptr)) == NULLDNSEQ) ! 675: return (NULLACL_INFO); ! 676: ! 677: *save = val; ! 678: } ! 679: *strptr = SkipSpace(ptr); ! 680: if ((ptr = index (*strptr,'#')) == 0) { ! 681: parse_error ("3rd # missing in acl syntax ",NULLCP); ! 682: return (NULLACL_INFO); ! 683: } ! 684: } ! 685: ! 686: save = ptr++; ! 687: if (**strptr == '#') { ! 688: parse_error ("acl level missing",NULLCP); ! 689: return (NULLACL_INFO); ! 690: } else { ! 691: if (! isspace (*--save)) ! 692: save++; ! 693: val = *save; ! 694: *save = 0; ! 695: ! 696: if (( what = cmd_srch (*strptr,cmd_what)) == -1) { ! 697: parse_error ("unknown level '%s'",*strptr); ! 698: *save = val; ! 699: return (NULLACL_INFO); ! 700: } ! 701: *save = val; ! 702: } ! 703: ! 704: *strptr = SkipSpace(ptr); ! 705: ! 706: return (acl_info_new (what,class,dnseq)); ! 707: } ! 708: ! 709: static struct acl * str2acl_aux (str,the_acl) ! 710: char * str; ! 711: struct acl * the_acl; ! 712: { ! 713: struct acl_info * info; ! 714: char * save, *ptr, val = 0; ! 715: int oidlist; ! 716: struct oid_seq * str2oidseq(); ! 717: ! 718: static CMD_TABLE cmd_who [] = { ! 719: "child", 0, ! 720: "entry", 1, ! 721: "default", 2, ! 722: 0, -1, ! 723: }; ! 724: ! 725: if ((info = str2acl_info (&str)) == NULLACL_INFO) ! 726: return ( (struct acl *) NULL ); ! 727: ! 728: /* this has left us with "string [#oidlist] [#]" */ ! 729: ! 730: if ((ptr = index (str,'#')) != 0) { ! 731: save = ptr++; ! 732: if (*ptr == 0) ! 733: oidlist = FALSE; ! 734: else ! 735: oidlist = TRUE; ! 736: ! 737: if (! isspace (*--save)) ! 738: save++; ! 739: val = *save; ! 740: *save = 0; ! 741: ! 742: } else ! 743: oidlist = FALSE; ! 744: ! 745: if (oidlist) { ! 746: struct acl_attr * at_acl; ! 747: ! 748: if (lexequ (str,"attributes") != 0) { ! 749: parse_error ("\"attributes\" expected",NULLCP); ! 750: if (val != 0) ! 751: *save = val; ! 752: return ( (struct acl *) NULL ); ! 753: } ! 754: at_acl = acl_attr_alloc(); ! 755: at_acl->aa_next = NULLACL_ATTR; ! 756: at_acl->aa_acl = info; ! 757: ! 758: if ((str = rindex(ptr,'#')) != NULLCP) { ! 759: *str-- = 0; ! 760: if (isspace (*str)) ! 761: *str = 0; ! 762: } ! 763: ! 764: if ((at_acl->aa_types = str2oidseq (SkipSpace(ptr))) == NULLOIDSEQ) { ! 765: if (val != 0) ! 766: *save = val; ! 767: return ( (struct acl *) NULL ); ! 768: } ! 769: the_acl->ac_child = NULLACL_INFO; ! 770: the_acl->ac_entry = NULLACL_INFO; ! 771: the_acl->ac_default = NULLACL_INFO; ! 772: the_acl->ac_attributes = at_acl; ! 773: ! 774: } else { ! 775: int who; ! 776: if ((who = cmd_srch (str,cmd_who)) == -1) { ! 777: parse_error ("unknown acl type specifier '%s'",str); ! 778: if (val != 0) ! 779: *save = val; ! 780: return ( (struct acl *) NULL ); ! 781: } ! 782: the_acl->ac_child = NULLACL_INFO; ! 783: the_acl->ac_entry = NULLACL_INFO; ! 784: the_acl->ac_default = NULLACL_INFO; ! 785: the_acl->ac_attributes = NULLACL_ATTR; ! 786: switch (who) { ! 787: case 0: ! 788: the_acl->ac_child = info; ! 789: break; ! 790: case 1: ! 791: the_acl->ac_entry = info; ! 792: break; ! 793: case 2: ! 794: the_acl->ac_default = info; ! 795: break; ! 796: } ! 797: } ! 798: ! 799: if (val != 0) ! 800: *save = val; ! 801: ! 802: return (the_acl); ! 803: } ! 804: ! 805: static struct acl * str2acl (str) ! 806: char * str; ! 807: { ! 808: struct acl * the_acl; ! 809: ! 810: the_acl = acl_alloc (); ! 811: if (str2acl_aux(str,the_acl) != NULLACL) ! 812: return (the_acl); ! 813: free ((char *)the_acl); ! 814: return (NULLACL); ! 815: } ! 816: ! 817: ! 818: static PE acl_enc (acl) ! 819: struct acl * acl; ! 820: { ! 821: PE ret_pe; ! 822: ! 823: (void) encode_Quipu_ACLSyntax (&ret_pe,0,0,NULLCP,acl); ! 824: return (ret_pe); ! 825: } ! 826: ! 827: ! 828: acl_syntax () ! 829: { ! 830: extern short acl_sntx; ! 831: extern IFP merge_acl; ! 832: extern IFP acl_fn; ! 833: ! 834: acl_sntx = add_attribute_syntax ("acl", ! 835: (IFP) acl_enc, (IFP) acl_decode, ! 836: (IFP) str2acl, acl_print, ! 837: (IFP) acl_cpy, acl_cmp, ! 838: acl_free, NULLCP, ! 839: NULLIFP, TRUE); ! 840: ! 841: merge_acl = (IFP) acl_merge; ! 842: acl_fn = (IFP) acl_default; ! 843: get_default_acl(); ! 844: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.