diff options
| author | markm <markm@FreeBSD.org> | 1999-09-19 14:19:32 +0000 |
|---|---|---|
| committer | markm <markm@FreeBSD.org> | 1999-09-19 14:19:32 +0000 |
| commit | fe83e8abf357ee11114856a5278bb38431a9517c (patch) | |
| tree | 36ce70fe2e8419130e546c38a7790e8ab224a362 /crypto/kerberosIV/lib/krb/kuserok.c | |
| parent | a8a89cfaf983bc64f4b42f7c35209a5a36dd0fe8 (diff) | |
| download | FreeBSD-src-fe83e8abf357ee11114856a5278bb38431a9517c.zip FreeBSD-src-fe83e8abf357ee11114856a5278bb38431a9517c.tar.gz | |
Clean import of KTH krb4-0.10.1.
Diffstat (limited to 'crypto/kerberosIV/lib/krb/kuserok.c')
| -rw-r--r-- | crypto/kerberosIV/lib/krb/kuserok.c | 48 |
1 files changed, 33 insertions, 15 deletions
diff --git a/crypto/kerberosIV/lib/krb/kuserok.c b/crypto/kerberosIV/lib/krb/kuserok.c index e3d5e6b..4a2be44 100644 --- a/crypto/kerberosIV/lib/krb/kuserok.c +++ b/crypto/kerberosIV/lib/krb/kuserok.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -38,12 +38,29 @@ #include "krb_locl.h" -RCSID("$Id: kuserok.c,v 1.21 1997/04/01 08:18:35 joda Exp $"); +RCSID("$Id: kuserok.c,v 1.24 1999/06/23 10:12:37 assar Exp $"); #define OK 0 #define NOTOK 1 #define MAX_USERNAME 10 +/* + * Return OK if `r' is one of the local realms, else NOTOK + */ + +static int +is_local_realm (const char *r) +{ + char lrealm[REALM_SZ]; + int n; + + for (n = 1; krb_get_lrealm(lrealm, n) == KSUCCESS; ++n) { + if (strcmp (r, lrealm) == 0) + return OK; + } + return NOTOK; +} + /* * Given a Kerberos principal and a local username, determine whether * user is authorized to login according to the authorization file @@ -83,7 +100,6 @@ int krb_kuserok(char *name, char *instance, char *realm, char *luser) { struct passwd *pwd; - char lrealm[REALM_SZ]; FILE *f; char line[1024]; char file[MaxPathLen]; @@ -92,15 +108,13 @@ krb_kuserok(char *name, char *instance, char *realm, char *luser) pwd = getpwnam(luser); if(pwd == NULL) return NOTOK; - if(krb_get_lrealm(lrealm, 1)) - return NOTOK; - if(pwd->pw_uid != 0 && - strcmp(name, luser) == 0 && - strcmp(instance, "") == 0 && - strcmp(realm, lrealm) == 0) + if (pwd->pw_uid != 0 + && strcmp (name, luser) == 0 + && strcmp (instance, "") == 0 + && is_local_realm (realm) == OK) return OK; - strcpy(file, pwd->pw_dir); - strcat(file, "/.klogin"); + + snprintf(file, sizeof(file), "%s/.klogin", pwd->pw_dir); f = fopen(file, "r"); if(f == NULL) @@ -135,10 +149,15 @@ krb_kuserok(char *name, char *instance, char *realm, char *luser) continue; if(strcmp(instance, finst)) continue; - if(frealm[0] == 0) - strcpy(frealm, lrealm); - if(strcmp(realm, frealm)) +#if 0 /* don't support principals without realm any longer */ + if(frealm[0] == 0) { + if (is_local_realm (realm) != OK) + continue; + } else +#endif + if (strcmp (realm, frealm)) continue; + fclose(f); return OK; } @@ -153,4 +172,3 @@ kuserok(AUTH_DAT *auth, char *luser) { return krb_kuserok(auth->pname, auth->pinst, auth->prealm, luser); } - |
