![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to acl_info.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / contrib / isode-beta / quipu|
Return to acl_info.c CVS log | Up to [CSRG BSD Unix] / 43BSDReno / contrib / isode-beta / quipu |
1.1 root 1: /* acl_info.c - ? */
2:
3: #ifndef lint
4: static char *rcsid = "$Header: /f/osi/quipu/RCS/acl_info.c,v 7.0 89/11/23 22:16:37 mrose Rel $";
5: #endif
6:
7: /*
8: * $Header: /f/osi/quipu/RCS/acl_info.c,v 7.0 89/11/23 22:16:37 mrose Rel $
9: *
10: *
11: * $Log: acl_info.c,v $
12: * Revision 7.0 89/11/23 22:16:37 mrose
13: * Release 6.0
14: *
15: */
16:
17: /*
18: * NOTICE
19: *
20: * Acquisition, use, and distribution of this module and related
21: * materials are subject to the restrictions of a license agreement.
22: * Consult the Preface in the User's Manual for the full terms of
23: * this agreement.
24: *
25: */
26:
27:
28: #include "quipu/util.h"
29: #include "quipu/entry.h"
30:
31: extern AV_Sequence super_user;
32: extern LLog * log_dsap;
33: extern int dn_print ();
34:
35: check_acl (who,mode,acl,node)
36: register DN who;
37: register int mode;
38: struct acl_info *acl;
39: DN node;
40: {
41: register struct acl_info *ptr;
42:
43: for (ptr=acl; ptr!= NULLACL_INFO; ptr=ptr->acl_next) {
44: switch (ptr->acl_selector_type) {
45: case ACL_ENTRY:
46: if ( mode <= ptr->acl_categories ) {
47: if (who == NULLDN) {
48: break;
49: } if (dn_cmp (who,node) == OK)
50: return (OK);
51: }
52: break;
53: case ACL_OTHER:
54: if ( mode <= ptr->acl_categories )
55: return (OK);
56: break;
57: case ACL_PREFIX:
58: if ( mode <= ptr->acl_categories ) {
59: if ( who == NULLDN)
60: break;
61: if (check_dnseq_prefix (ptr->acl_name,who) == OK)
62: return (OK);
63: }
64: break;
65: case ACL_GROUP:
66: if ( mode <= ptr->acl_categories ) {
67: if ( who == NULLDN) {
68: break;
69: }
70: if (check_dnseq (ptr->acl_name,who) == OK)
71: return (OK);
72: }
73: break;
74: }
75: }
76:
77: /* one last try for access */
78: if (manager(who))
79: return (OK);
80:
81: pslog (log_dsap,LLOG_TRACE,"access denied for user ",
82: dn_print,(caddr_t)who);
83: LLOG (log_dsap,LLOG_TRACE,(" attempting mode=%d", mode));
84: pslog (log_dsap,LLOG_TRACE," on entry ",dn_print,(caddr_t)node);
85:
86: return (NOTOK);
87: }
88:
89:
90: manager (dn)
91: DN dn;
92: {
93: AV_Sequence avs;
94:
95: for (avs=super_user; avs != NULLAV; avs=avs->avseq_next)
96: if ( dn_cmp (dn,(DN) avs->avseq_av.av_struct) == OK)
97: return (TRUE);
98:
99: return (FALSE);
100: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.