![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to acl_files.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / kerberosIV / acl|
Return to acl_files.c CVS log | Up to [CSRG BSD Unix] / 43BSDReno / kerberosIV / acl |
1.1 ! root 1: /* ! 2: * $Source: /usr/src/kerberosIV/acl/RCS/acl_files.c,v $ ! 3: * $Author: kfall $ ! 4: * ! 5: * Copyright 1987,1989 by the Massachusetts Institute of Technology. ! 6: * ! 7: * For copying and distribution information, please see the file ! 8: * <mit-copyright.h>. ! 9: * ! 10: */ ! 11: ! 12: #ifndef lint ! 13: static char rcsid_acl_files_c[] = "$Id: acl_files.c,v 4.5 90/06/25 20:58:42 kfall Exp $"; ! 14: #endif lint ! 15: ! 16: ! 17: /*** Routines for manipulating access control list files ***/ ! 18: ! 19: #include <stdio.h> ! 20: #include <strings.h> ! 21: #include <sys/file.h> ! 22: #include <sys/types.h> ! 23: #include <sys/stat.h> ! 24: #include <sys/errno.h> ! 25: #include <ctype.h> ! 26: #include "des.h" ! 27: #include "krb.h" ! 28: ! 29: #ifndef KRB_REALM ! 30: #define KRB_REALM "CS.BERKELEY.EDU" ! 31: #endif ! 32: ! 33: /* "aname.inst@realm" */ ! 34: #define MAX_PRINCIPAL_SIZE (ANAME_SZ + INST_SZ + REALM_SZ + 3) ! 35: #define INST_SEP '.' ! 36: #define REALM_SEP '@' ! 37: ! 38: #define LINESIZE 2048 /* Maximum line length in an acl file */ ! 39: ! 40: #define NEW_FILE "%s.~NEWACL~" /* Format for name of altered acl file */ ! 41: #define WAIT_TIME 300 /* Maximum time allowed write acl file */ ! 42: ! 43: #define CACHED_ACLS 8 /* How many acls to cache */ ! 44: /* Each acl costs 1 open file descriptor */ ! 45: #define ACL_LEN 16 /* Twice a reasonable acl length */ ! 46: ! 47: #define MAX(a,b) (((a)>(b))?(a):(b)) ! 48: #define MIN(a,b) (((a)<(b))?(a):(b)) ! 49: ! 50: #define COR(a,b) ((a!=NULL)?(a):(b)) ! 51: ! 52: extern int errno; ! 53: ! 54: extern char *malloc(), *calloc(); ! 55: extern time_t time(); ! 56: ! 57: /* Canonicalize a principal name */ ! 58: /* If instance is missing, it becomes "" */ ! 59: /* If realm is missing, it becomes the local realm */ ! 60: /* Canonicalized form is put in canon, which must be big enough to hold ! 61: MAX_PRINCIPAL_SIZE characters */ ! 62: acl_canonicalize_principal(principal, canon) ! 63: char *principal; ! 64: char *canon; ! 65: { ! 66: char *dot, *atsign, *end; ! 67: int len; ! 68: ! 69: dot = index(principal, INST_SEP); ! 70: atsign = index(principal, REALM_SEP); ! 71: ! 72: /* Maybe we're done already */ ! 73: if(dot != NULL && atsign != NULL) { ! 74: if(dot < atsign) { ! 75: /* It's for real */ ! 76: /* Copy into canon */ ! 77: strncpy(canon, principal, MAX_PRINCIPAL_SIZE); ! 78: canon[MAX_PRINCIPAL_SIZE-1] = '\0'; ! 79: return; ! 80: } else { ! 81: /* Nope, it's part of the realm */ ! 82: dot = NULL; ! 83: } ! 84: } ! 85: ! 86: /* No such luck */ ! 87: end = principal + strlen(principal); ! 88: ! 89: /* Get the principal name */ ! 90: len = MIN(ANAME_SZ, COR(dot, COR(atsign, end)) - principal); ! 91: strncpy(canon, principal, len); ! 92: canon += len; ! 93: ! 94: /* Add INST_SEP */ ! 95: *canon++ = INST_SEP; ! 96: ! 97: /* Get the instance, if it exists */ ! 98: if(dot != NULL) { ! 99: ++dot; ! 100: len = MIN(INST_SZ, COR(atsign, end) - dot); ! 101: strncpy(canon, dot, len); ! 102: canon += len; ! 103: } ! 104: ! 105: /* Add REALM_SEP */ ! 106: *canon++ = REALM_SEP; ! 107: ! 108: /* Get the realm, if it exists */ ! 109: /* Otherwise, default to local realm */ ! 110: if(atsign != NULL) { ! 111: ++atsign; ! 112: len = MIN(REALM_SZ, end - atsign); ! 113: strncpy(canon, atsign, len); ! 114: canon += len; ! 115: *canon++ = '\0'; ! 116: } else if(krb_get_lrealm(canon, 1) != KSUCCESS) { ! 117: strcpy(canon, KRB_REALM); ! 118: } ! 119: } ! 120: ! 121: /* Get a lock to modify acl_file */ ! 122: /* Return new FILE pointer */ ! 123: /* or NULL if file cannot be modified */ ! 124: /* REQUIRES WRITE PERMISSION TO CONTAINING DIRECTORY */ ! 125: static FILE *acl_lock_file(acl_file) ! 126: char *acl_file; ! 127: { ! 128: struct stat s; ! 129: char new[LINESIZE]; ! 130: int nfd; ! 131: FILE *nf; ! 132: int mode; ! 133: ! 134: if(stat(acl_file, &s) < 0) return(NULL); ! 135: mode = s.st_mode; ! 136: sprintf(new, NEW_FILE, acl_file); ! 137: for(;;) { ! 138: /* Open the new file */ ! 139: if((nfd = open(new, O_WRONLY|O_CREAT|O_EXCL, mode)) < 0) { ! 140: if(errno == EEXIST) { ! 141: /* Maybe somebody got here already, maybe it's just old */ ! 142: if(stat(new, &s) < 0) return(NULL); ! 143: if(time(0) - s.st_ctime > WAIT_TIME) { ! 144: /* File is stale, kill it */ ! 145: unlink(new); ! 146: continue; ! 147: } else { ! 148: /* Wait and try again */ ! 149: sleep(1); ! 150: continue; ! 151: } ! 152: } else { ! 153: /* Some other error, we lose */ ! 154: return(NULL); ! 155: } ! 156: } ! 157: ! 158: /* If we got to here, the lock file is ours and ok */ ! 159: /* Reopen it under stdio */ ! 160: if((nf = fdopen(nfd, "w")) == NULL) { ! 161: /* Oops, clean up */ ! 162: unlink(new); ! 163: } ! 164: return(nf); ! 165: } ! 166: } ! 167: ! 168: /* Commit changes to acl_file written onto FILE *f */ ! 169: /* Returns zero if successful */ ! 170: /* Returns > 0 if lock was broken */ ! 171: /* Returns < 0 if some other error occurs */ ! 172: /* Closes f */ ! 173: static int acl_commit(acl_file, f) ! 174: char *acl_file; ! 175: FILE *f; ! 176: { ! 177: char new[LINESIZE]; ! 178: int ret; ! 179: struct stat s; ! 180: ! 181: sprintf(new, NEW_FILE, acl_file); ! 182: if(fflush(f) < 0 ! 183: || fstat(fileno(f), &s) < 0 ! 184: || s.st_nlink == 0) { ! 185: acl_abort(acl_file, f); ! 186: return(-1); ! 187: } ! 188: ! 189: ret = rename(new, acl_file); ! 190: fclose(f); ! 191: return(ret); ! 192: } ! 193: ! 194: /* Abort changes to acl_file written onto FILE *f */ ! 195: /* Returns 0 if successful, < 0 otherwise */ ! 196: /* Closes f */ ! 197: static int acl_abort(acl_file, f) ! 198: char *acl_file; ! 199: FILE *f; ! 200: { ! 201: char new[LINESIZE]; ! 202: int ret; ! 203: struct stat s; ! 204: ! 205: /* make sure we aren't nuking someone else's file */ ! 206: if(fstat(fileno(f), &s) < 0 ! 207: || s.st_nlink == 0) { ! 208: fclose(f); ! 209: return(-1); ! 210: } else { ! 211: sprintf(new, NEW_FILE, acl_file); ! 212: ret = unlink(new); ! 213: fclose(f); ! 214: return(ret); ! 215: } ! 216: } ! 217: ! 218: /* Initialize an acl_file */ ! 219: /* Creates the file with permissions perm if it does not exist */ ! 220: /* Erases it if it does */ ! 221: /* Returns return value of acl_commit */ ! 222: int acl_initialize(acl_file, perm) ! 223: char *acl_file; ! 224: int perm; ! 225: { ! 226: FILE *new; ! 227: int fd; ! 228: ! 229: /* Check if the file exists already */ ! 230: if((new = acl_lock_file(acl_file)) != NULL) { ! 231: return(acl_commit(acl_file, new)); ! 232: } else { ! 233: /* File must be readable and writable by owner */ ! 234: if((fd = open(acl_file, O_CREAT|O_EXCL, perm|0600)) < 0) { ! 235: return(-1); ! 236: } else { ! 237: close(fd); ! 238: return(0); ! 239: } ! 240: } ! 241: } ! 242: ! 243: /* Eliminate all whitespace character in buf */ ! 244: /* Modifies its argument */ ! 245: static nuke_whitespace(buf) ! 246: char *buf; ! 247: { ! 248: register char *pin, *pout; ! 249: ! 250: for(pin = pout = buf; *pin != '\0'; pin++) ! 251: if(!isspace(*pin)) *pout++ = *pin; ! 252: *pout = '\0'; /* Terminate the string */ ! 253: } ! 254: ! 255: /* Hash table stuff */ ! 256: ! 257: struct hashtbl { ! 258: int size; /* Max number of entries */ ! 259: int entries; /* Actual number of entries */ ! 260: char **tbl; /* Pointer to start of table */ ! 261: }; ! 262: ! 263: /* Make an empty hash table of size s */ ! 264: static struct hashtbl *make_hash(size) ! 265: int size; ! 266: { ! 267: struct hashtbl *h; ! 268: ! 269: if(size < 1) size = 1; ! 270: h = (struct hashtbl *) malloc(sizeof(struct hashtbl)); ! 271: h->size = size; ! 272: h->entries = 0; ! 273: h->tbl = (char **) calloc(size, sizeof(char *)); ! 274: return(h); ! 275: } ! 276: ! 277: /* Destroy a hash table */ ! 278: static destroy_hash(h) ! 279: struct hashtbl *h; ! 280: { ! 281: int i; ! 282: ! 283: for(i = 0; i < h->size; i++) { ! 284: if(h->tbl[i] != NULL) free(h->tbl[i]); ! 285: } ! 286: free(h->tbl); ! 287: free(h); ! 288: } ! 289: ! 290: /* Compute hash value for a string */ ! 291: static unsigned hashval(s) ! 292: register char *s; ! 293: { ! 294: register unsigned hv; ! 295: ! 296: for(hv = 0; *s != '\0'; s++) { ! 297: hv ^= ((hv << 3) ^ *s); ! 298: } ! 299: return(hv); ! 300: } ! 301: ! 302: /* Add an element to a hash table */ ! 303: static add_hash(h, el) ! 304: struct hashtbl *h; ! 305: char *el; ! 306: { ! 307: unsigned hv; ! 308: char *s; ! 309: char **old; ! 310: int i; ! 311: ! 312: /* Make space if it isn't there already */ ! 313: if(h->entries + 1 > (h->size >> 1)) { ! 314: old = h->tbl; ! 315: h->tbl = (char **) calloc(h->size << 1, sizeof(char *)); ! 316: for(i = 0; i < h->size; i++) { ! 317: if(old[i] != NULL) { ! 318: hv = hashval(old[i]) % (h->size << 1); ! 319: while(h->tbl[hv] != NULL) hv = (hv+1) % (h->size << 1); ! 320: h->tbl[hv] = old[i]; ! 321: } ! 322: } ! 323: h->size = h->size << 1; ! 324: free(old); ! 325: } ! 326: ! 327: hv = hashval(el) % h->size; ! 328: while(h->tbl[hv] != NULL && strcmp(h->tbl[hv], el)) hv = (hv+1) % h->size; ! 329: s = malloc(strlen(el)+1); ! 330: strcpy(s, el); ! 331: h->tbl[hv] = s; ! 332: h->entries++; ! 333: } ! 334: ! 335: /* Returns nonzero if el is in h */ ! 336: static check_hash(h, el) ! 337: struct hashtbl *h; ! 338: char *el; ! 339: { ! 340: unsigned hv; ! 341: ! 342: for(hv = hashval(el) % h->size; ! 343: h->tbl[hv] != NULL; ! 344: hv = (hv + 1) % h->size) { ! 345: if(!strcmp(h->tbl[hv], el)) return(1); ! 346: } ! 347: return(0); ! 348: } ! 349: ! 350: struct acl { ! 351: char filename[LINESIZE]; /* Name of acl file */ ! 352: int fd; /* File descriptor for acl file */ ! 353: struct stat status; /* File status at last read */ ! 354: struct hashtbl *acl; /* Acl entries */ ! 355: }; ! 356: ! 357: static struct acl acl_cache[CACHED_ACLS]; ! 358: ! 359: static int acl_cache_count = 0; ! 360: static int acl_cache_next = 0; ! 361: ! 362: /* Returns < 0 if unsuccessful in loading acl */ ! 363: /* Returns index into acl_cache otherwise */ ! 364: /* Note that if acl is already loaded, this is just a lookup */ ! 365: static int acl_load(name) ! 366: char *name; ! 367: { ! 368: int i; ! 369: FILE *f; ! 370: struct stat s; ! 371: char buf[MAX_PRINCIPAL_SIZE]; ! 372: char canon[MAX_PRINCIPAL_SIZE]; ! 373: ! 374: /* See if it's there already */ ! 375: for(i = 0; i < acl_cache_count; i++) { ! 376: if(!strcmp(acl_cache[i].filename, name) ! 377: && acl_cache[i].fd >= 0) goto got_it; ! 378: } ! 379: ! 380: /* It isn't, load it in */ ! 381: /* maybe there's still room */ ! 382: if(acl_cache_count < CACHED_ACLS) { ! 383: i = acl_cache_count++; ! 384: } else { ! 385: /* No room, clean one out */ ! 386: i = acl_cache_next; ! 387: acl_cache_next = (acl_cache_next + 1) % CACHED_ACLS; ! 388: close(acl_cache[i].fd); ! 389: if(acl_cache[i].acl) { ! 390: destroy_hash(acl_cache[i].acl); ! 391: acl_cache[i].acl = (struct hashtbl *) 0; ! 392: } ! 393: } ! 394: ! 395: /* Set up the acl */ ! 396: strcpy(acl_cache[i].filename, name); ! 397: if((acl_cache[i].fd = open(name, O_RDONLY, 0)) < 0) return(-1); ! 398: /* Force reload */ ! 399: acl_cache[i].acl = (struct hashtbl *) 0; ! 400: ! 401: got_it: ! 402: /* ! 403: * See if the stat matches ! 404: * ! 405: * Use stat(), not fstat(), as the file may have been re-created by ! 406: * acl_add or acl_delete. If this happens, the old inode will have ! 407: * no changes in the mod-time and the following test will fail. ! 408: */ ! 409: if(stat(acl_cache[i].filename, &s) < 0) return(-1); ! 410: if(acl_cache[i].acl == (struct hashtbl *) 0 ! 411: || s.st_nlink != acl_cache[i].status.st_nlink ! 412: || s.st_mtime != acl_cache[i].status.st_mtime ! 413: || s.st_ctime != acl_cache[i].status.st_ctime) { ! 414: /* Gotta reload */ ! 415: if(acl_cache[i].fd >= 0) close(acl_cache[i].fd); ! 416: if((acl_cache[i].fd = open(name, O_RDONLY, 0)) < 0) return(-1); ! 417: if((f = fdopen(acl_cache[i].fd, "r")) == NULL) return(-1); ! 418: if(acl_cache[i].acl) destroy_hash(acl_cache[i].acl); ! 419: acl_cache[i].acl = make_hash(ACL_LEN); ! 420: while(fgets(buf, sizeof(buf), f) != NULL) { ! 421: nuke_whitespace(buf); ! 422: acl_canonicalize_principal(buf, canon); ! 423: add_hash(acl_cache[i].acl, canon); ! 424: } ! 425: fclose(f); ! 426: acl_cache[i].status = s; ! 427: } ! 428: return(i); ! 429: } ! 430: ! 431: /* Returns nonzero if it can be determined that acl contains principal */ ! 432: /* Principal is not canonicalized, and no wildcarding is done */ ! 433: acl_exact_match(acl, principal) ! 434: char *acl; ! 435: char *principal; ! 436: { ! 437: int idx; ! 438: ! 439: return((idx = acl_load(acl)) >= 0 ! 440: && check_hash(acl_cache[idx].acl, principal)); ! 441: } ! 442: ! 443: /* Returns nonzero if it can be determined that acl contains principal */ ! 444: /* Recognizes wildcards in acl of the form ! 445: name.*@realm, *.*@realm, and *.*@* */ ! 446: acl_check(acl, principal) ! 447: char *acl; ! 448: char *principal; ! 449: { ! 450: char buf[MAX_PRINCIPAL_SIZE]; ! 451: char canon[MAX_PRINCIPAL_SIZE]; ! 452: char *realm; ! 453: ! 454: acl_canonicalize_principal(principal, canon); ! 455: ! 456: /* Is it there? */ ! 457: if(acl_exact_match(acl, canon)) return(1); ! 458: ! 459: /* Try the wildcards */ ! 460: realm = index(canon, REALM_SEP); ! 461: *index(canon, INST_SEP) = '\0'; /* Chuck the instance */ ! 462: ! 463: sprintf(buf, "%s.*%s", canon, realm); ! 464: if(acl_exact_match(acl, buf)) return(1); ! 465: ! 466: sprintf(buf, "*.*%s", realm); ! 467: if(acl_exact_match(acl, buf) || acl_exact_match(acl, "*.*@*")) return(1); ! 468: ! 469: return(0); ! 470: } ! 471: ! 472: /* Adds principal to acl */ ! 473: /* Wildcards are interpreted literally */ ! 474: acl_add(acl, principal) ! 475: char *acl; ! 476: char *principal; ! 477: { ! 478: int idx; ! 479: int i; ! 480: FILE *new; ! 481: char canon[MAX_PRINCIPAL_SIZE]; ! 482: ! 483: acl_canonicalize_principal(principal, canon); ! 484: ! 485: if((new = acl_lock_file(acl)) == NULL) return(-1); ! 486: if((acl_exact_match(acl, canon)) ! 487: || (idx = acl_load(acl)) < 0) { ! 488: acl_abort(acl, new); ! 489: return(-1); ! 490: } ! 491: /* It isn't there yet, copy the file and put it in */ ! 492: for(i = 0; i < acl_cache[idx].acl->size; i++) { ! 493: if(acl_cache[idx].acl->tbl[i] != NULL) { ! 494: if(fputs(acl_cache[idx].acl->tbl[i], new) == NULL ! 495: || putc('\n', new) != '\n') { ! 496: acl_abort(acl, new); ! 497: return(-1); ! 498: } ! 499: } ! 500: } ! 501: fputs(canon, new); ! 502: putc('\n', new); ! 503: return(acl_commit(acl, new)); ! 504: } ! 505: ! 506: /* Removes principal from acl */ ! 507: /* Wildcards are interpreted literally */ ! 508: acl_delete(acl, principal) ! 509: char *acl; ! 510: char *principal; ! 511: { ! 512: int idx; ! 513: int i; ! 514: FILE *new; ! 515: char canon[MAX_PRINCIPAL_SIZE]; ! 516: ! 517: acl_canonicalize_principal(principal, canon); ! 518: ! 519: if((new = acl_lock_file(acl)) == NULL) return(-1); ! 520: if((!acl_exact_match(acl, canon)) ! 521: || (idx = acl_load(acl)) < 0) { ! 522: acl_abort(acl, new); ! 523: return(-1); ! 524: } ! 525: /* It isn't there yet, copy the file and put it in */ ! 526: for(i = 0; i < acl_cache[idx].acl->size; i++) { ! 527: if(acl_cache[idx].acl->tbl[i] != NULL ! 528: && strcmp(acl_cache[idx].acl->tbl[i], canon)) { ! 529: fputs(acl_cache[idx].acl->tbl[i], new); ! 530: putc('\n', new); ! 531: } ! 532: } ! 533: return(acl_commit(acl, new)); ! 534: } ! 535:
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.