diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2008-07-04 13:51:12 +1000 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2008-07-04 13:51:12 +1000 |
| commit | b03fd02aede5cb796aea417a7a68e42e7f998d62 (patch) | |
| tree | 8975ee0b3277378bc72e6a34aa3ad274c435d321 /groupaccess.c | |
| parent | f5cafb0c850a3b6cc7db27fa79afbd4fb185f8f2 (diff) | |
| download | openssh-git-b03fd02aede5cb796aea417a7a68e42e7f998d62.tar.gz | |
- djm@cvs.openbsd.org 2008/07/04 03:44:59
[servconf.c groupaccess.h groupaccess.c]
support negation of groups in "Match group" block (bz#1315); ok dtucker@
Diffstat (limited to 'groupaccess.c')
| -rw-r--r-- | groupaccess.c | 27 |
1 files changed, 26 insertions, 1 deletions
diff --git a/groupaccess.c b/groupaccess.c index e73f62b2..2381aeb1 100644 --- a/groupaccess.c +++ b/groupaccess.c @@ -1,4 +1,4 @@ -/* $OpenBSD: groupaccess.c,v 1.12 2006/08/03 03:34:42 deraadt Exp $ */ +/* $OpenBSD: groupaccess.c,v 1.13 2008/07/04 03:44:59 djm Exp $ */ /* * Copyright (c) 2001 Kevin Steves. All rights reserved. * @@ -31,6 +31,7 @@ #include <grp.h> #include <unistd.h> #include <stdarg.h> +#include <string.h> #include "xmalloc.h" #include "groupaccess.h" @@ -88,6 +89,30 @@ ga_match(char * const *groups, int n) } /* + * Return 1 if one of user's groups matches group_pattern list. + * Return 0 on negated or no match. + */ +int +ga_match_pattern_list(const char *group_pattern) +{ + int i, found = 0; + size_t len = strlen(group_pattern); + + for (i = 0; i < ngroups; i++) { + switch (match_pattern_list(groups_byname[i], + group_pattern, len, 0)) { + case -1: + return 0; /* Negated match wins */ + case 0: + continue; + case 1: + found = 1; + } + } + return found; +} + +/* * Free memory allocated for group access list. */ void |