/* acl_info.c - ? */ #ifndef lint static char *rcsid = "$Header: /var/lib/cvsd/repos/CSRG/43BSDReno/contrib/isode-beta/quipu/acl_info.c,v 1.1.1.1 2018/04/24 16:12:56 root Exp $"; #endif /* * $Header: /var/lib/cvsd/repos/CSRG/43BSDReno/contrib/isode-beta/quipu/acl_info.c,v 1.1.1.1 2018/04/24 16:12:56 root Exp $ * * * $Log: acl_info.c,v $ * Revision 1.1.1.1 2018/04/24 16:12:56 root * BSD 4.3reno * * Revision 7.0 89/11/23 22:16:37 mrose * Release 6.0 * */ /* * NOTICE * * Acquisition, use, and distribution of this module and related * materials are subject to the restrictions of a license agreement. * Consult the Preface in the User's Manual for the full terms of * this agreement. * */ #include "quipu/util.h" #include "quipu/entry.h" extern AV_Sequence super_user; extern LLog * log_dsap; extern int dn_print (); check_acl (who,mode,acl,node) register DN who; register int mode; struct acl_info *acl; DN node; { register struct acl_info *ptr; for (ptr=acl; ptr!= NULLACL_INFO; ptr=ptr->acl_next) { switch (ptr->acl_selector_type) { case ACL_ENTRY: if ( mode <= ptr->acl_categories ) { if (who == NULLDN) { break; } if (dn_cmp (who,node) == OK) return (OK); } break; case ACL_OTHER: if ( mode <= ptr->acl_categories ) return (OK); break; case ACL_PREFIX: if ( mode <= ptr->acl_categories ) { if ( who == NULLDN) break; if (check_dnseq_prefix (ptr->acl_name,who) == OK) return (OK); } break; case ACL_GROUP: if ( mode <= ptr->acl_categories ) { if ( who == NULLDN) { break; } if (check_dnseq (ptr->acl_name,who) == OK) return (OK); } break; } } /* one last try for access */ if (manager(who)) return (OK); pslog (log_dsap,LLOG_TRACE,"access denied for user ", dn_print,(caddr_t)who); LLOG (log_dsap,LLOG_TRACE,(" attempting mode=%d", mode)); pslog (log_dsap,LLOG_TRACE," on entry ",dn_print,(caddr_t)node); return (NOTOK); } manager (dn) DN dn; { AV_Sequence avs; for (avs=super_user; avs != NULLAV; avs=avs->avseq_next) if ( dn_cmp (dn,(DN) avs->avseq_av.av_struct) == OK) return (TRUE); return (FALSE); }