X-Git-Url: http://git.tuebingen.mpg.de/?a=blobdiff_plain;f=user.c;h=497af156905862fda844d81d832deb2ac39702d7;hb=f140630786827b6405f62a4a8871a48a64325cc5;hp=233764fe40089e387d03b783f01295b180112636;hpb=4113e8c585d3da46bfa5326b866621cff854a737;p=adu.git diff --git a/user.c b/user.c index 233764f..497af15 100644 --- a/user.c +++ b/user.c @@ -50,6 +50,9 @@ static struct user_info *uid_hash_table; /** This is always a power of two. It is set in create_hash_table(). */ static uint32_t uid_hash_table_size; +/** The number of used slots in the hash table. */ +static uint32_t num_uids = 0; + /* * The columns of the per-user tables. * @@ -169,6 +172,54 @@ int parse_uid_arg(const char *orig_arg, struct uid_range **ur) return n; } +static int uid_is_admissible(uint32_t uid, struct uid_range *urs) +{ + struct uid_range *ur; + int ret = 1; + + if (!urs) /* empty array means all uids are allowed */ + return 1; + FOR_EACH_UID_RANGE(ur, urs) + if (ur->low <= uid && ur->high >= uid) + goto out; + ret = 0; +out: + DEBUG_LOG("uid %u is %sadmissible\n", (unsigned)uid, + ret? "" : "not "); + return ret; +} + +int append_users(char **users, int num_users, + struct uid_range **admissible_uids, int num_uid_ranges) +{ + int i; + struct uid_range *au = *admissible_uids; + + for (i = 0; i < num_users; i++) { + char *u = users[i]; + struct uid_range *ur; + struct passwd *pw = getpwnam(u); + + if (!pw) { + ERROR_LOG("user %s not found\n", u); + return -ERRNO_TO_ERROR(EINVAL); + } + if (au && uid_is_admissible(pw->pw_uid, au)) + continue; /* nothing to do */ + /* add a range consisting of this uid only */ + num_uid_ranges++; + au = adu_realloc(au, (num_uid_ranges + 1) * + sizeof(struct uid_range)); + *admissible_uids = au; + ur = au + num_uid_ranges - 1; /* the new uid range */ + ur->low = ur->high = pw->pw_uid; + /* terminate the list */ + ur++; + ur->low = 1; + ur->high = 0; + } + return num_uid_ranges; +} static inline int ui_used(struct user_info *ui) { @@ -195,8 +246,7 @@ static int open_user_table(struct user_info *ui, int create) if (pw && pw->pw_name) ui->pw_name = adu_strdup(pw->pw_name); - INFO_LOG(".............................uid #%u: %u\n", - (unsigned)num_uids, (unsigned)ui->uid); + DEBUG_LOG("opening table for uid %u\n", (unsigned)ui->uid); if (create) { ret = osl(osl_create_table(ui->desc)); if (ret < 0) @@ -220,15 +270,16 @@ err: return ret; } +#define FOR_EACH_USER(ui) for (ui = uid_hash_table; ui < \ + uid_hash_table + uid_hash_table_size; ui++) + int for_each_admissible_user(int (*func)(struct user_info *, void *), void *data) { - struct user_info *ui = uid_hash_table; + struct user_info *ui; - if (!ui) - return -ERRNO_TO_ERROR(EFAULT); - - for (; ui < uid_hash_table + uid_hash_table_size; ui++) { + assert(uid_hash_table); + FOR_EACH_USER(ui) { int ret; if (!ui_used(ui) || !ui_admissible(ui)) @@ -250,36 +301,35 @@ void create_hash_table(unsigned bits) sizeof(struct user_info)); } -void free_hash_table(void) -{ - free(uid_hash_table); - uid_hash_table = NULL; -} - -static int close_user_table(struct user_info *ui, __a_unused void *data) +void close_user_tables(void) { - int ret; + struct user_info *ui; - ret = osl(osl_close_table(ui->table, OSL_MARK_CLEAN)); - if (ret < 0) - ERROR_LOG("failed to close user table %u: %s\n", - (unsigned) ui->uid, adu_strerror(-ret)); - free((char *)ui->desc->name); - ui->desc->name = NULL; - free((char *)ui->desc->dir); - ui->desc->dir = NULL; - free(ui->pw_name); - ui->pw_name = NULL; - free(ui->desc); - ui->desc = NULL; - ui->table = NULL; - ui->flags = 0; - return 1; -} + FOR_EACH_USER(ui) { + int ret; -void close_user_tables(void) -{ - for_each_admissible_user(close_user_table, NULL); + if (!ui_used(ui)) + continue; + if (!ui->table) + continue; + DEBUG_LOG("closing user table for uid %u\n", (unsigned)ui->uid); + ret = osl(osl_close_table(ui->table, OSL_MARK_CLEAN)); + if (ret < 0) + ERROR_LOG("failed to close user table %u: %s\n", + (unsigned)ui->uid, adu_strerror(-ret)); + free((char *)ui->desc->name); + ui->desc->name = NULL; + free((char *)ui->desc->dir); + ui->desc->dir = NULL; + free(ui->pw_name); + ui->pw_name = NULL; + free(ui->desc); + ui->desc = NULL; + ui->table = NULL; + ui->flags = 0; + } + free(uid_hash_table); + uid_hash_table = NULL; } /* @@ -304,55 +354,32 @@ static uint32_t double_hash(uint32_t uid, uint32_t probe_num) % uid_hash_table_size; } -static int uid_is_admissible(uint32_t uid, struct uid_range *urs) -{ - struct uid_range *ur; - int ret = 1; - - if (!urs) /* empty array means all uids are allowed */ - return 1; - FOR_EACH_UID_RANGE(ur, urs) - if (ur->low <= uid && ur->high >= uid) - goto out; - ret = 0; -out: - DEBUG_LOG("uid %u is %sadmissible\n", (unsigned)uid, - ret? "" : "not "); - return ret; -} - -int search_uid(uint32_t uid, struct uid_range *urs, - enum search_uid_flags flags, struct user_info **ui_ptr) +static struct user_info *lookup_uid(uint32_t uid) { uint32_t p; for (p = 0; p < uid_hash_table_size; p++) { struct user_info *ui = uid_hash_table + double_hash(uid, p); - - if (!ui_used(ui)) { - int ret; - if (!flags) - return -E_BAD_UID; - ui->uid = uid; - ui->flags |= UI_FL_SLOT_USED; - if (!uid_is_admissible(uid, urs)) - return 0; - ui->flags |= UI_FL_ADMISSIBLE; - ret = open_user_table(ui, flags & CREATE_USER_TABLE); - if (ret < 0) - return ret; - - if (ui_ptr) - *ui_ptr = ui; - return 1; - } - if (ui->uid != uid) - continue; - if (ui_ptr) - *ui_ptr = ui; - return 0; + if (!ui_used(ui)) + return ui; + if (ui->uid == uid) + return ui; } - return flags? -E_HASH_TABLE_OVERFLOW : -E_BAD_UID; + return NULL; +} + +int create_user_table(uint32_t uid, struct user_info **ui_ptr) +{ + struct user_info *ui = lookup_uid(uid); + + if (!ui) + return -E_HASH_TABLE_OVERFLOW; + *ui_ptr = ui; + if (ui_used(ui)) + return 1; + ui->uid = uid; + ui->flags |= UI_FL_SLOT_USED; + return open_user_table(ui, 1); } static char *get_uid_list_name(void) @@ -375,7 +402,7 @@ int read_uid_file(struct uid_range *admissible_uids) unsigned bits; if (ret < 0) { - INFO_LOG("failed to map %s\n", filename); + ERROR_LOG("failed to map %s\n", filename); free(filename); return ret; } @@ -392,40 +419,47 @@ int read_uid_file(struct uid_range *admissible_uids) create_hash_table(bits); for (n = 0; n < num_uids; n++) { uint32_t uid = read_u32(map + n * sizeof(uid)); - ret = search_uid(uid, admissible_uids, OPEN_USER_TABLE, NULL); - if (ret < 0) + struct user_info *ui = lookup_uid(uid); + assert(ui); + if (ui_used(ui)) { /* impossible */ + ERROR_LOG("duplicate user id!?\n"); + ret =-EFAULT; goto out; + } + ui->uid = uid; + ui->flags |= UI_FL_SLOT_USED; + if (!uid_is_admissible(uid, admissible_uids)) + continue; + ui->flags |= UI_FL_ADMISSIBLE; + ret = open_user_table(ui, 0); + if (ret < 0) + return ret; } + ret = 1; out: adu_munmap(map, size); return ret; } -static int write_uid(struct user_info *ui, void *data) -{ - char **p = data; - - write_u32(*p, ui->uid); - *p += sizeof(uint32_t); - return 1; -} - int write_uid_file(void) { char *buf, *p, *filename; size_t size = num_uids * sizeof(uint32_t); int ret; + struct user_info *ui; if (!num_uids) return 0; buf = p = adu_malloc(size); - ret = for_each_admissible_user(write_uid, &p); - if (ret < 0) - goto out; + FOR_EACH_USER(ui) { + if (!ui_used(ui)) + continue; + write_u32(p, ui->uid); + p += sizeof(uint32_t); + } filename = get_uid_list_name(); ret = adu_write_file(filename, buf, size); free(filename); -out: free(buf); return ret; }