X-Git-Url: http://git.tuebingen.mpg.de/?a=blobdiff_plain;f=user.c;h=1bdd34bbc9274ebe74ffd8d0401e9ecdae3cdf9e;hb=e23b8a9551b07e7fa289f8fbac047565e88a8c04;hp=233764fe40089e387d03b783f01295b180112636;hpb=4113e8c585d3da46bfa5326b866621cff854a737;p=adu.git diff --git a/user.c b/user.c index 233764f..1bdd34b 100644 --- a/user.c +++ b/user.c @@ -50,6 +50,12 @@ static struct user_info *uid_hash_table; /** This is always a power of two. It is set in create_hash_table(). */ static uint32_t uid_hash_table_size; +/* Array of indices to the entries of \a uid_hash_table. */ +static int *uid_hash_table_sort_idx; + +/** The number of used slots in the hash table. */ +static uint32_t num_uids = 0; + /* * The columns of the per-user tables. * @@ -169,6 +175,54 @@ int parse_uid_arg(const char *orig_arg, struct uid_range **ur) return n; } +static int uid_is_admissible(uint32_t uid, struct uid_range *urs) +{ + struct uid_range *ur; + int ret = 1; + + if (!urs) /* empty array means all uids are allowed */ + return 1; + FOR_EACH_UID_RANGE(ur, urs) + if (ur->low <= uid && ur->high >= uid) + goto out; + ret = 0; +out: + DEBUG_LOG("uid %u is %sadmissible\n", (unsigned)uid, + ret? "" : "not "); + return ret; +} + +int append_users(char **users, int num_users, + struct uid_range **admissible_uids, int num_uid_ranges) +{ + int i; + struct uid_range *au = *admissible_uids; + + for (i = 0; i < num_users; i++) { + char *u = users[i]; + struct uid_range *ur; + struct passwd *pw = getpwnam(u); + + if (!pw) { + ERROR_LOG("user %s not found\n", u); + return -ERRNO_TO_ERROR(EINVAL); + } + if (au && uid_is_admissible(pw->pw_uid, au)) + continue; /* nothing to do */ + /* add a range consisting of this uid only */ + num_uid_ranges++; + au = adu_realloc(au, (num_uid_ranges + 1) * + sizeof(struct uid_range)); + *admissible_uids = au; + ur = au + num_uid_ranges - 1; /* the new uid range */ + ur->low = ur->high = pw->pw_uid; + /* terminate the list */ + ur++; + ur->low = 1; + ur->high = 0; + } + return num_uid_ranges; +} static inline int ui_used(struct user_info *ui) { @@ -195,8 +249,7 @@ static int open_user_table(struct user_info *ui, int create) if (pw && pw->pw_name) ui->pw_name = adu_strdup(pw->pw_name); - INFO_LOG(".............................uid #%u: %u\n", - (unsigned)num_uids, (unsigned)ui->uid); + INFO_LOG("opening table for uid %u\n", (unsigned)ui->uid); if (create) { ret = osl(osl_create_table(ui->desc)); if (ret < 0) @@ -220,16 +273,19 @@ err: return ret; } +#define FOR_EACH_USER(ui) for (ui = uid_hash_table; ui < \ + uid_hash_table + uid_hash_table_size; ui++) + int for_each_admissible_user(int (*func)(struct user_info *, void *), void *data) { - struct user_info *ui = uid_hash_table; + int i; - if (!ui) - return -ERRNO_TO_ERROR(EFAULT); - - for (; ui < uid_hash_table + uid_hash_table_size; ui++) { + assert(uid_hash_table); + for (i = 0; i < uid_hash_table_size; i++) { int ret; + struct user_info *ui = uid_hash_table + + uid_hash_table_sort_idx[i]; if (!ui_used(ui) || !ui_admissible(ui)) continue; @@ -245,41 +301,47 @@ int for_each_admissible_user(int (*func)(struct user_info *, void *), void create_hash_table(unsigned bits) { + int i; + uid_hash_table_size = 1 << bits; uid_hash_table = adu_calloc(uid_hash_table_size * sizeof(struct user_info)); + uid_hash_table_sort_idx = adu_malloc(uid_hash_table_size * sizeof(int)); + for (i = 0; i < uid_hash_table_size; i++) + uid_hash_table_sort_idx[i] = i; } -void free_hash_table(void) -{ - free(uid_hash_table); - uid_hash_table = NULL; -} - -static int close_user_table(struct user_info *ui, __a_unused void *data) +void close_user_tables(void) { - int ret; + struct user_info *ui; - ret = osl(osl_close_table(ui->table, OSL_MARK_CLEAN)); - if (ret < 0) - ERROR_LOG("failed to close user table %u: %s\n", - (unsigned) ui->uid, adu_strerror(-ret)); - free((char *)ui->desc->name); - ui->desc->name = NULL; - free((char *)ui->desc->dir); - ui->desc->dir = NULL; - free(ui->pw_name); - ui->pw_name = NULL; - free(ui->desc); - ui->desc = NULL; - ui->table = NULL; - ui->flags = 0; - return 1; -} + FOR_EACH_USER(ui) { + int ret; -void close_user_tables(void) -{ - for_each_admissible_user(close_user_table, NULL); + if (!ui_used(ui)) + continue; + if (!ui->table) + continue; + INFO_LOG("closing user table for uid %u\n", (unsigned)ui->uid); + ret = osl(osl_close_table(ui->table, OSL_MARK_CLEAN)); + if (ret < 0) + ERROR_LOG("failed to close user table %u: %s\n", + (unsigned)ui->uid, adu_strerror(-ret)); + free((char *)ui->desc->name); + ui->desc->name = NULL; + free((char *)ui->desc->dir); + ui->desc->dir = NULL; + free(ui->pw_name); + ui->pw_name = NULL; + free(ui->desc); + ui->desc = NULL; + ui->table = NULL; + ui->flags = 0; + } + free(uid_hash_table); + uid_hash_table = NULL; + free(uid_hash_table_sort_idx); + uid_hash_table_sort_idx = NULL; } /* @@ -304,55 +366,32 @@ static uint32_t double_hash(uint32_t uid, uint32_t probe_num) % uid_hash_table_size; } -static int uid_is_admissible(uint32_t uid, struct uid_range *urs) -{ - struct uid_range *ur; - int ret = 1; - - if (!urs) /* empty array means all uids are allowed */ - return 1; - FOR_EACH_UID_RANGE(ur, urs) - if (ur->low <= uid && ur->high >= uid) - goto out; - ret = 0; -out: - DEBUG_LOG("uid %u is %sadmissible\n", (unsigned)uid, - ret? "" : "not "); - return ret; -} - -int search_uid(uint32_t uid, struct uid_range *urs, - enum search_uid_flags flags, struct user_info **ui_ptr) +static struct user_info *lookup_uid(uint32_t uid) { uint32_t p; for (p = 0; p < uid_hash_table_size; p++) { struct user_info *ui = uid_hash_table + double_hash(uid, p); - - if (!ui_used(ui)) { - int ret; - if (!flags) - return -E_BAD_UID; - ui->uid = uid; - ui->flags |= UI_FL_SLOT_USED; - if (!uid_is_admissible(uid, urs)) - return 0; - ui->flags |= UI_FL_ADMISSIBLE; - ret = open_user_table(ui, flags & CREATE_USER_TABLE); - if (ret < 0) - return ret; - - if (ui_ptr) - *ui_ptr = ui; - return 1; - } - if (ui->uid != uid) - continue; - if (ui_ptr) - *ui_ptr = ui; - return 0; + if (!ui_used(ui)) + return ui; + if (ui->uid == uid) + return ui; } - return flags? -E_HASH_TABLE_OVERFLOW : -E_BAD_UID; + return NULL; +} + +int create_user_table(uint32_t uid, struct user_info **ui_ptr) +{ + struct user_info *ui = lookup_uid(uid); + + if (!ui) + return -E_HASH_TABLE_OVERFLOW; + *ui_ptr = ui; + if (ui_used(ui)) + return 1; + ui->uid = uid; + ui->flags |= UI_FL_SLOT_USED; + return open_user_table(ui, 1); } static char *get_uid_list_name(void) @@ -360,13 +399,50 @@ static char *get_uid_list_name(void) return make_message("%s/uid_list", conf.database_dir_arg); } -void sort_hash_table(int (*comp)(const void *, const void *)) +static int (*hash_table_comparator)(struct user_info *a, struct user_info *b); + +static int comp_wrapper(const void *a, const void *b) +{ + struct user_info *x = uid_hash_table + *(unsigned *)a; + struct user_info *y = uid_hash_table + *(unsigned *)b; + return hash_table_comparator(x, y); +} + +void sort_hash_table(int (*comp)(struct user_info *, struct user_info *)) { - qsort(uid_hash_table, uid_hash_table_size, sizeof(struct user_info), - comp); + hash_table_comparator = comp; + qsort(uid_hash_table_sort_idx, uid_hash_table_size, + sizeof(*uid_hash_table_sort_idx), comp_wrapper); } -int read_uid_file(struct uid_range *admissible_uids) +int open_admissible_user_tables(struct uid_range *admissible_uids) +{ + struct user_info *ui; + + assert(uid_hash_table); + DEBUG_LOG("size: %d\n", uid_hash_table_size); + FOR_EACH_USER(ui) { + int ret; + + if (!ui_used(ui)) { + continue; + } + if (!uid_is_admissible(ui->uid, admissible_uids)) { + DEBUG_LOG("uid %u is not admissible\n", ui->uid); + ui->flags &= ~UI_FL_ADMISSIBLE; + continue; + } + ui->flags |= UI_FL_ADMISSIBLE; + if (ui->table) + continue; + ret = open_user_table(ui, 0); + if (ret < 0) + return ret; + } + return 1; +} + +int read_uid_file(void) { size_t size; uint32_t n; @@ -375,7 +451,7 @@ int read_uid_file(struct uid_range *admissible_uids) unsigned bits; if (ret < 0) { - INFO_LOG("failed to map %s\n", filename); + ERROR_LOG("failed to map %s\n", filename); free(filename); return ret; } @@ -392,40 +468,41 @@ int read_uid_file(struct uid_range *admissible_uids) create_hash_table(bits); for (n = 0; n < num_uids; n++) { uint32_t uid = read_u32(map + n * sizeof(uid)); - ret = search_uid(uid, admissible_uids, OPEN_USER_TABLE, NULL); - if (ret < 0) + struct user_info *ui = lookup_uid(uid); + assert(ui); + if (ui_used(ui)) { /* impossible */ + ERROR_LOG("duplicate user id!?\n"); + ret = -EFAULT; goto out; + } + ui->uid = uid; + ui->flags |= UI_FL_SLOT_USED; } + ret = 1; out: adu_munmap(map, size); return ret; } -static int write_uid(struct user_info *ui, void *data) -{ - char **p = data; - - write_u32(*p, ui->uid); - *p += sizeof(uint32_t); - return 1; -} - int write_uid_file(void) { char *buf, *p, *filename; size_t size = num_uids * sizeof(uint32_t); int ret; + struct user_info *ui; if (!num_uids) return 0; buf = p = adu_malloc(size); - ret = for_each_admissible_user(write_uid, &p); - if (ret < 0) - goto out; + FOR_EACH_USER(ui) { + if (!ui_used(ui)) + continue; + write_u32(p, ui->uid); + p += sizeof(uint32_t); + } filename = get_uid_list_name(); ret = adu_write_file(filename, buf, size); free(filename); -out: free(buf); return ret; }