Example #1
0
File: Group.C Project: juddy/edcde
AllowedGroupConnectors::AllowedGroupConnectors(GroupConnector::Type c1,
					       GroupConnector::Type c2)
: flags_(0)
{
  allow(c1);
  allow(c2);
}
Example #2
0
File: Group.C Project: juddy/edcde
AllowedGroupTokens::AllowedGroupTokens(GroupToken::Type t1, GroupToken::Type t2,
				       GroupToken::Type t3, GroupToken::Type t4)
: flags_(0)
{
  allow(t1);
  allow(t2);
  allow(t3);
  allow(t4);
}
CookieExceptionsDialog::CookieExceptionsDialog(QWidget *parent) :
    QDialog(parent),
    ui(new Ui::CookieExceptionsDialog),
    m_cookieJar(0)
{
    ui->setupUi(this);
    setWindowFlags(Qt::Sheet);
    connect(ui->removeButton, SIGNAL(clicked()), this, SLOT(remove()));
    connect(ui->removeAllButton, SIGNAL(clicked()), this, SLOT(removeAll()));
    m_exceptionsModel = new CookieExceptionsModel(this);
    m_proxyModel = new QSortFilterProxyModel(this);
    m_proxyModel->setSourceModel(m_exceptionsModel);
    connect(ui->search, SIGNAL(textChanged(QString)),
            m_proxyModel, SLOT(setFilterFixedString(QString)));
    ui->exceptionTable->setModel(m_proxyModel);

    CookieModel *cookieModel = new CookieModel(this);
    ui->domainLineEdit->setCompleter(new QCompleter(cookieModel, ui->domainLineEdit));

    connect(ui->domainLineEdit, SIGNAL(textChanged(QString)),
            this, SLOT(textChanged(QString)));
    connect(ui->blockButton, SIGNAL(clicked()), this, SLOT(block()));
    connect(ui->allowButton, SIGNAL(clicked()), this, SLOT(allow()));
    connect(ui->allowForSessionButton, SIGNAL(clicked()), this, SLOT(allowForSession()));

    adjustColumns();
}
Example #4
0
std::auto_ptr<IOChannel>
StreamProvider::getStream(const URL& url, bool namedCacheFile) const
{

    std::auto_ptr<IOChannel> stream;

	if (url.protocol() == "file") {

		std::string path = url.path();
		if (path == "-") {
            // TODO: only allow this as the *very first* call ?
            //       Rationale is a movie might request load of
            //       standard input, being a security issue.
            //       Note also that the FB gui will use stdin
            //       for key events.
            //
			FILE *newin = fdopen(dup(0), "rb");

			// Close on destruction.
			stream = makeFileChannel(newin, true);
			return stream;
		}
		else {
            // check security here !!
		    if (!allow(url)) return stream;

			FILE *newin = std::fopen(path.c_str(), "rb");
			if (!newin)  { 
				log_error(_("Could not open file %1%: %2%"),
				          path, std::strerror(errno));
				return stream;
			}
			// Close on destruction
			stream = makeFileChannel(newin, true);
			return stream;
		}
	}
	else {
		if (allow(url)) {
			stream = NetworkAdapter::makeStream(url.str(), 
                    namedCacheFile ? namingPolicy()(url) : "");
		}

        // Will return 0 auto_ptr if not allowed.
		return stream;
	}
}
Example #5
0
int spi_read_buf(const char* str, size_t len) {
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wcast-qual"
  // in lieu of RO allow
  void* buf = (void*) str;
#pragma GCC diagnostic pop
  return allow(DRIVER_NUM_SPI, 0, buf, len);
}
Example #6
0
std::auto_ptr<IOChannel>
StreamProvider::getStream(const URL& url, const std::string& postdata,
       bool namedCacheFile) const
{

    std::auto_ptr<IOChannel> stream;

	if (url.protocol() == "file") {
        if (!postdata.empty()) {    
		    log_error(_("POST data discarded while getting a stream "
                        "from file: uri"));
        }
		std::string path = url.path();
		if (path == "-") {
			FILE *newin = fdopen(dup(0), "rb");
			stream = makeFileChannel(newin, false);
			return stream;
		}
		else {
			if (!allow(url)) return stream;

			FILE *newin = std::fopen(path.c_str(), "rb");
			if (!newin)  { 
				log_error(_("Could not open file %1%: %2%"),
				          path, std::strerror(errno));
				return stream;
			}
			stream = makeFileChannel(newin, false);
			return stream;
		}
	}
	else {
		if (allow(url)) {
			stream = NetworkAdapter::makeStream(url.str(), postdata,
                    namedCacheFile ? namingPolicy()(url) : "");
		}
        // Will return 0 auto_ptr if not allowed.
		return stream;		

	}
}
Example #7
0
AllowedParams::AllowedParams(Param::Type p1,
			     Param::Type p2,
			     Param::Type p3,
			     Param::Type p4,
			     Param::Type p5,
			     Param::Type p6,
			     Param::Type p7,
			     Param::Type p8,
			     Param::Type p9,
			     Param::Type p10)
{
  init();
  allow(p1);
  allow(p2);
  allow(p3);
  allow(p4);
  allow(p5);
  allow(p6);
  allow(p7);
  allow(p8);
  allow(p9);
  allow(p10);
}
// -----------------------------------------------------------------------------
// CAknPhysicsRestrictor::AllowedViewPosition()
// -----------------------------------------------------------------------------
//
TBool CAknPhysicsRestrictor::AllowedViewPosition( TPoint& aPosition )
    {
    // No restrictions to empty space, view position always allowed
    if ( !iEmptySpaceRestricted )
        {
        return ETrue;
        }
    
    TBool allow( EFalse );

    TInt *coord;
    if ( iLandscape )
        {
        coord = &aPosition.iX;
        }
    else
        {
        coord = &aPosition.iY;
        }

    // View position is allowed
    if ( *coord >= iPositionTopLimit && *coord <= iPositionBottomLimit )
        {
        allow = ETrue;
        iViewReachedLimit = EFalse;
        }

    // View has reached the limit for the first time - adjust the position
    // exactly to limit position
    else if ( !iViewReachedLimit )
        {
        allow = ETrue;
        iViewReachedLimit = ETrue;
        if ( *coord < iPositionTopLimit )
            {
            *coord = iPositionTopLimit;
            }
        else
            {
            *coord = iPositionBottomLimit;
            }
        }

    // Else view has already reached the limit, view position is not allowed
    // and no need to notify physics observer

    return allow;
    }
Example #9
0
int
main()
{
	session_t sess;
	datum id;
	time_t create_time, last_seen;
	bool do_allow;
	char *reason;

	openlog("dorian/query", LOG_PID, LOG_MAIL);
	for (;;) {
		do_allow = false;
		if ((sess = sess_req(stdin)) == NULL)
			break;

		/* white listing */
		for_each(i, whitelist_prefix)
			if (!strncasecmp(whitelist_prefix[i], sess->attr[Krecipient],
						strlen(whitelist_prefix[i]))) {
				do_allow = true;
				reason = "whitelist address";
				break;
			}

		if (!do_allow) {
			sess_derive_key(sess, &id);
			{
				if (seen(id, &create_time, &last_seen)) {
					if (create_time < expired()) {
						bump(id, create_time);
						do_allow = true;
						reason = "in database";
					}
				} else
					add(id);
			}
			free(id.dptr);
		}
		sess_free(&sess);
		if (do_allow)
			allow(reason);
		else
			defer();
	}
	closelog();
	return 0;
}
Example #10
0
std::auto_ptr<IOChannel>
StreamProvider::getStream(const URL& url, const std::string& postdata,
        const NetworkAdapter::RequestHeaders& headers, bool namedCacheFile)
        const
{

    if (url.protocol() == "file") {
        if (!headers.empty()) {
            log_error(_("Request Headers discarded while getting stream from file: uri"));
        }
        return getStream(url, postdata);
    }

	if (allow(url) ) {
		return NetworkAdapter::makeStream(url.str(), postdata, headers,
                    namedCacheFile ? namingPolicy()(url) : "");
	}

	return std::auto_ptr<IOChannel>();

}
Example #11
0
void CCC_LoadCFG::Execute(LPCSTR args)
{
    Msg("Executing config-script \"%s\"...", args);
    string_path cfg_name;

    xr_strcpy(cfg_name, args);
    if (strext(cfg_name)) *strext(cfg_name) = 0;
    xr_strcat(cfg_name, ".ltx");

    string_path cfg_full_name;

    FS.update_path(cfg_full_name, "$app_data_root$", cfg_name);

    if (NULL == FS.exist(cfg_full_name))
        FS.update_path(cfg_full_name, "$fs_root$", cfg_name);

    if (NULL == FS.exist(cfg_full_name))
        xr_strcpy(cfg_full_name, cfg_name);

    IReader* F = FS.r_open(cfg_full_name);

    string1024 str;
    if (F != NULL)
    {
        while (!F->eof())
        {
            F->r_string(str, sizeof(str));
            if (allow(str))
                Console->Execute(str);
        }
        FS.r_close(F);
        Msg("[%s] successfully loaded.", cfg_full_name);
    }
    else
    {
        Msg("! Cannot open script file [%s]", cfg_full_name);
    }
}
Example #12
0
int
put_note (struct io_f *io, struct daddr_f *where, struct newt *newt, int flags)
{
  static uid_t anon;
  static short anon_is_set = FALSE;

  struct note_f note;
  struct flock dlock, nlock;
  int notenum;

  if (!anon_is_set)
    {
      struct passwd *pw = getpwnam (ANON);

      anon = pw->pw_uid;
      anon_is_set = TRUE;
      endpwent ();
    }

  if (io == NULL || where == NULL || newt == NULL)
    return -1;

  /* Save the provided disk address information. */

  note.n_addr.addr = where->addr;
  note.n_addr.textlen = where->textlen;

  /* Save the author information. */

  strncpy (note.n_auth.aname, newt->auth.name, NAMESZ);
  strncpy (note.n_auth.asystem, newt->auth.system, HOMESYSSZ);
  note.n_auth.aid = (int) newt->auth.uid;
  strncpy (note.n_from, newt->auth.system, SYSSZ);
  note.n_from[SYSSZ - 1] = '\0';

  /* Save the title. */

  strncpy (note.ntitle, newt->title, TITLEN);
  note.ntitle[TITLEN - 1] = '\0';

  /* Initialize response storage. */

  note.n_nresp = 0;
  note.n_rindx = -1;

  /* Save note options - director message, write-only. */

  note.n_stat = 0;

  if (newt->director_message && allow (io, DRCTOK))
    note.n_stat |= DIRMES;

  if (newt->options & NOTE_WRITE_ONLY)
    note.n_stat |= WRITONLY;

  /* Adjust moderation flag appropriately. */

  if (flags & SKIP_MODERATION)
    {
      if (newt->options & NOTE_UNAPPROVED)
        note.n_stat |= ISUNAPPROVED;
    }
  else if (io->descr.d_stat & ISMODERATED && !allow (io, DRCTOK))
    note.n_stat |= ISUNAPPROVED;

  if (newt->options & NOTE_ANONYMOUS)
    {
      strncpy (note.n_auth.aname, "anonymous", NAMESZ);
      note.n_auth.aid = (int) anon;
    }

  /* Prepare to alter the descriptor. */

  dlock.l_type = F_RDLCK;
  dlock.l_whence = SEEK_SET;
  dlock.l_start = 0;
  dlock.l_len = (off_t) sizeof (struct descr_f);
  TEMP_FAILURE_RETRY (fcntl (io->fidndx, F_SETLKW, &dlock));

  getdescr (io, &io->descr);

  /* If specified, generate a new ID for the note.  Otherwise, use the already
   * existing ID.
   */

  if (flags & ADD_ID)
    {
      strncpy (note.n_id.sys, newt->auth.system, SYSSZ);
      note.n_id.sys[SYSSZ - 1] = '\0';
      note.n_id.uniqid = ++io->descr.d_id.uniqid;
      note.n_id.uniqid += UNIQPLEX * io->descr.d_nfnum;
    }
  else
    {
      strncpy (note.n_id.sys, newt->id.system, SYSSZ);
      note.n_id.sys[SYSSZ - 1] = '\0';
      note.n_id.uniqid = newt->id.number;
    }

  /* Set up flags for a policy note or a regular note, depending. */

  if (flags & ADD_POLICY)
    {
      if (!allow (io, DRCTOK))
        {
          closenf (io);
          return -2;
        }
      io->descr.d_plcy = 1;
      notenum = 0;
    }
  else
    {
      notenum = ++io->descr.d_nnote;
    }

  /* Save the current time into the note. */

  if (flags & UPDATE_TIMES)
    get_uiuc_time (&io->descr.d_lastm, newt->created);
  get_uiuc_time (&note.n_date, newt->created);
  get_uiuc_time (&note.n_rcvd, newt->created);
  get_uiuc_time (&note.n_lmod, newt->modified);

  /* Save to disk. */

  nlock.l_type = F_WRLCK;
  nlock.l_whence = SEEK_SET;
  nlock.l_start = (off_t) (sizeof (struct descr_f) +
                           (notenum * sizeof (struct note_f)));
  nlock.l_len = (off_t) sizeof (struct note_f);
  TEMP_FAILURE_RETRY (fcntl (io->fidndx, F_SETLKW, &nlock));
  dlock.l_type = F_WRLCK;
  TEMP_FAILURE_RETRY (fcntl (io->fidndx, F_SETLKW, &dlock));

  putnoterec (io, notenum, &note);

  nlock.l_type = F_UNLCK;
  fcntl (io->fidndx, F_SETLK, &nlock);

  io->descr.d_notwrit++;

  putdescr (io, &io->descr);

  fdatasync (io->fidndx);
  dlock.l_type = F_UNLCK;
  fcntl (io->fidndx, F_SETLK, &dlock);

  return notenum;
}
Example #13
0
AllowedParams::AllowedParams(const Param::Type *v, int n)
{
  init();
  for (int i = 0; i < n; i++)
    allow(v[i]);
}
Example #14
0
int
uiuc_modify_note_text (struct newt *newt)
{
  static uid_t anon;
  static short anon_is_set = FALSE;

  struct io_f io;
  struct daddr_f daddr;
  struct note_f note;
  struct stat statbuf;
  struct flock dlock, nlock;
  time_t timet;

  if (!anon_is_set)
    {
      struct passwd *pw = getpwnam (ANON);

      anon = pw->pw_uid;
      anon_is_set = TRUE;
      endpwent ();
    }

  init (&io, &newt->nr.nfr);

  if (io.descr.d_stat & NFINVALID)
    {
      closenf (&io);
      return -1;
    }

  if (newt->nr.notenum < -1 || newt->nr.notenum > io.descr.d_nnote)
    {
      closenf (&io);
      return -1;
    }

  nlock.l_type = F_RDLCK;
  nlock.l_whence = SEEK_SET;
  nlock.l_start = (off_t) (sizeof (struct descr_f) +
                           (newt->nr.notenum * sizeof (struct note_f)));
  nlock.l_len = (off_t) sizeof (struct note_f);

  if (newt->nr.respnum == 0)
    {
      TEMP_FAILURE_RETRY (fcntl (io.fidndx, F_SETLKW, &nlock));

      getnoterec (&io, newt->nr.notenum, &note);

      fstat (io.fidtxt, &statbuf);

      time (&timet);
      if (note.n_addr.textlen > HARDMAX ||
          note.n_nresp < 0 || convert_time (&note.n_lmod) > timet ||
          convert_time (&note.n_date) > timet ||
          (off_t) (note.n_addr.textlen + note.n_addr.addr) > statbuf.st_size)
        {
          closenf (&io);
          return -1;
        }

      /* We're allowed to change the director message here; saves time. */

      if (newt->director_message)
        note.n_stat |= DIRMES;
      else
        note.n_stat &= ~DIRMES;

      if (!allow (&io, DRCTOK))
        {
          if (io.descr.d_stat & ISMODERATED)
            note.n_stat |= ISUNAPPROVED;
          else
            note.n_stat &= ~ISUNAPPROVED;
        }
      else
        note.n_stat &= ~ISUNAPPROVED;

      /* Update the note's text record */

      puttextrec (&io, newt->text, &daddr, -1);
      note.n_addr.addr = daddr.addr;
      note.n_addr.textlen = daddr.textlen;

      /* We could be dealing with a newly anonymous note.  Stupid, huh? */

      if (newt->options & NOTE_ANONYMOUS)
        {
          strncpy (note.n_auth.aname, "anonymous", NAMESZ);
          note.n_auth.aid = (int) anon;
        }

      /* Set the descriptor lock; we'll be updating modification time. */

      dlock.l_type = F_RDLCK;
      dlock.l_whence = SEEK_SET;
      dlock.l_start = 0;
      dlock.l_len = (off_t) sizeof (struct descr_f);
      TEMP_FAILURE_RETRY (fcntl (io.fidndx, F_SETLKW, &dlock));

      getdescr (&io, &io.descr);

      get_uiuc_time (&io.descr.d_lastm, newt->modified);
      get_uiuc_time (&note.n_lmod, newt->modified);
      io.descr.d_delnote++;

      nlock.l_type = F_WRLCK;
      TEMP_FAILURE_RETRY (fcntl (io.fidndx, F_SETLKW, &nlock));
      dlock.l_type = F_WRLCK;
      TEMP_FAILURE_RETRY (fcntl (io.fidndx, F_SETLKW, &dlock));

      putnoterec (&io, newt->nr.notenum, &note);

      nlock.l_type = F_UNLCK;
      fcntl (io.fidndx, F_SETLK, &nlock);

      putdescr (&io, &io.descr);

      fdatasync (io.fidndx);
      dlock.l_type = F_UNLCK;
      fcntl (io.fidndx, F_SETLK, &dlock);

      closenf (&io);
      return 0;
    }
  else
    {
      struct resp_f resp, oldresp;
      struct flock rlock;
      int offset, record;

      TEMP_FAILURE_RETRY (fcntl (io.fidndx, F_SETLKW, &nlock));

      getnoterec (&io, newt->nr.notenum, &note);

      fstat (io.fidtxt, &statbuf);

      time (&timet);
      if (note.n_addr.textlen > HARDMAX ||
          note.n_nresp < 0 || convert_time (&note.n_lmod) > timet ||
          convert_time (&note.n_date) > timet ||
          (off_t) (note.n_addr.textlen + note.n_addr.addr) > statbuf.st_size)
        {
          closenf (&io);
          return -1;
        }

      if (logical_resp (&io, newt->nr.notenum, newt->nr.respnum, &oldresp,
                        &offset, &record) == -1)
        return -1;

      rlock.l_type = F_RDLCK;
      rlock.l_whence = SEEK_SET;
      rlock.l_start = (off_t) (sizeof (int) +
                               (record * sizeof (struct resp_f)));
      rlock.l_len = (off_t) sizeof (struct resp_f);
      TEMP_FAILURE_RETRY (fcntl (io.fidrdx, F_SETLKW, &rlock));

      memcpy (&resp, &oldresp, sizeof (struct resp_f));

      /* We're allowed to change the director message here; it'll save time. */

      if (newt->director_message)
        resp.r_stat[offset] |= DIRMES;
      else
        resp.r_stat[offset] &= ~DIRMES;

      if (!allow (&io, DRCTOK))
        {
          if (io.descr.d_stat & ISMODERATED)
            note.n_stat |= ISUNAPPROVED;
          else
            note.n_stat &= ~ISUNAPPROVED;
        }
      else
        note.n_stat &= ~ISUNAPPROVED;
      /* Update the response's text record */

      puttextrec (&io, newt->text, &daddr, -1);
      resp.r_addr[offset].addr = daddr.addr;
      resp.r_addr[offset].textlen = daddr.textlen;

      /* We could be dealing with a newly anonymous note.  Stupid, huh? */

      if (newt->options & NOTE_ANONYMOUS)
        {
          strncpy (resp.r_auth[offset].aname, "anonymous", NAMESZ);
          note.n_auth.aid = (int) anon;
        }

      /* Set up the descriptor lock (we update the "updated time") */

      dlock.l_type = F_RDLCK;
      dlock.l_whence = SEEK_SET;
      dlock.l_start = 0;
      dlock.l_len = (off_t) sizeof (struct descr_f);
      TEMP_FAILURE_RETRY (fcntl (io.fidndx, F_SETLKW, &dlock));

      getdescr (&io, &io.descr);

      get_uiuc_time (&io.descr.d_lastm, newt->modified);
      get_uiuc_time (&note.n_lmod, newt->modified);
      io.descr.d_delresp++;

      rlock.l_type = F_WRLCK;
      TEMP_FAILURE_RETRY (fcntl (io.fidrdx, F_SETLKW, &rlock));
      nlock.l_type = F_WRLCK;
      TEMP_FAILURE_RETRY (fcntl (io.fidndx, F_SETLKW, &nlock));
      dlock.l_type = F_WRLCK;
      TEMP_FAILURE_RETRY (fcntl (io.fidndx, F_SETLKW, &dlock));

      putresprec (&io, record, &resp);

      putnoterec (&io, newt->nr.notenum, &note);

      nlock.l_type = F_UNLCK;
      fcntl (io.fidndx, F_SETLK, &nlock);

      putdescr (&io, &io.descr);

      fdatasync (io.fidrdx);
      fdatasync (io.fidndx);
      dlock.l_type = F_UNLCK;
      fcntl (io.fidndx, F_SETLK, &dlock);
      rlock.l_type = F_UNLCK;
      fcntl (io.fidrdx, F_SETLK, &rlock);

      closenf (&io);
      return 0;
    }
}
Example #15
0
int main(int argc, char *argv[])
{
    struct stat st;
    static int socket_serv_fd = -1;
    char buf[64], shell[PATH_MAX], *result, debuggable[PROPERTY_VALUE_MAX];
    char enabled[PROPERTY_VALUE_MAX], build_type[PROPERTY_VALUE_MAX];
    char root_settings[PROPERTY_VALUE_MAX];
    int i, dballow;
    mode_t orig_umask;

    for (i = 1; i < argc; i++) {
        if (!strcmp(argv[i], "-c") || !strcmp(argv[i], "--command")) {
            if (++i < argc) {
                su_to.command = argv[i];
            } else {
                usage();
            }
        } else if (!strcmp(argv[i], "-s") || !strcmp(argv[i], "--shell")) {
            if (++i < argc) {
                strncpy(shell, argv[i], sizeof(shell));
                shell[sizeof(shell) - 1] = 0;
            } else {
                usage();
            }
        } else if (!strcmp(argv[i], "-v") || !strcmp(argv[i], "--version")) {
            printf("%s\n", VERSION);
            exit(EXIT_SUCCESS);
        } else if (!strcmp(argv[i], "-V")) {
            printf("%d\n", VERSION_CODE);
            exit(EXIT_SUCCESS);
        } else if (!strcmp(argv[i], "-h") || !strcmp(argv[i], "--help")) {
            usage();
        } else if (!strcmp(argv[i], "-") || !strcmp(argv[i], "-l") ||
                !strcmp(argv[i], "--login")) {
            ++i;
            break;
        } else {
            break;
        }
    }
    if (i < argc-1) {
        usage();
    }
    if (i == argc-1) {
        struct passwd *pw;
        pw = getpwnam(argv[i]);
        if (!pw) {
            su_to.uid = atoi(argv[i]);
        } else {
            su_to.uid = pw->pw_uid;
        }
    }

    if (from_init(&su_from) < 0) {
        deny();
    }

    property_get("ro.debuggable", debuggable, "0");
    property_get(ROOT_ACCESS_PROPERTY, enabled, ROOT_ACCESS_DEFAULT);
    property_get("ro.build.type", build_type, "");
    property_get(ROOT_SETTINGS_PROPERTY, root_settings, "");

    orig_umask = umask(027);

    // Root Settings-specific behavior
    if (strcmp("1", root_settings) == 0) {
        // only allow su on debuggable builds
        if (strcmp("1", debuggable) != 0) {
            LOGE("Root access is disabled on non-debug builds");
            deny();
        }

        // enforce persist.sys.root_access on non-eng builds
        if (strcmp("eng", build_type) != 0 &&
               (atoi(enabled) & 1) != 1 ) {
            LOGE("Root access is disabled by system setting - enable it under settings -> developer options");
            deny();
        }

        // disallow su in a shell if appropriate
        if (su_from.uid == AID_SHELL && (atoi(enabled) == 1)) {
            LOGE("Root access is disabled by a system setting - enable it under settings -> developer options");
            deny();
        }
    }

    if (su_from.uid == AID_ROOT || su_from.uid == AID_SHELL)
        allow(shell, orig_umask);

    if (stat(REQUESTOR_DATA_PATH, &st) < 0) {
        PLOGE("stat");
        deny();
    }

    if (st.st_gid != st.st_uid)
    {
        LOGE("Bad uid/gid %d/%d for Superuser Requestor application",
                (int)st.st_uid, (int)st.st_gid);
        deny();
    }

    if (mkdir(REQUESTOR_CACHE_PATH, 0770) >= 0) {
        chown(REQUESTOR_CACHE_PATH, st.st_uid, st.st_gid);
    }

    setgroups(0, NULL);
    setegid(st.st_gid);
    seteuid(st.st_uid);

    LOGE("sudb - Opening database");
    db = database_init();
    if (!db) {
        LOGE("sudb - Could not open database, prompt user");
        // if the database could not be opened, we can assume we need to
        // prompt the user
        dballow = DB_INTERACTIVE;
    } else {
        LOGE("sudb - Database opened");
        dballow = database_check(db, &su_from, &su_to);
        // Close the database, we're done with it. If it stays open,
        // it will cause problems
        sqlite3_close(db);
        db = NULL;
        LOGE("sudb - Database closed");
    }

    switch (dballow) {
        case DB_DENY: deny();
        case DB_ALLOW: allow(shell, orig_umask);
        case DB_INTERACTIVE: break;
        default: deny();
    }
    
    socket_serv_fd = socket_create_temp();
    if (socket_serv_fd < 0) {
        deny();
    }

    signal(SIGHUP, cleanup_signal);
    signal(SIGPIPE, cleanup_signal);
    signal(SIGTERM, cleanup_signal);
    signal(SIGABRT, cleanup_signal);
    atexit(cleanup);

    if (send_intent(&su_from, &su_to, socket_path, -1, 0) < 0) {
        deny();
    }

    if (socket_receive_result(socket_serv_fd, buf, sizeof(buf)) < 0) {
        deny();
    }

    close(socket_serv_fd);
    socket_cleanup();

    result = buf;

    if (!strcmp(result, "DENY")) {
        deny();
    } else if (!strcmp(result, "ALLOW")) {
        allow(shell, orig_umask);
    } else {
        LOGE("unknown response from Superuser Requestor: %s", result);
        deny();
    }

    deny();
    return -1;
}
Example #16
0
void portthread (void * port_ptr)
{
 SOCKET s;
 BT_PORT port_info ;

 port_info = *(BT_PORT*) port_ptr ;

 s = bt_listen (port_info.port);

 if (!s)
  _endthread();

 while (1)
 {
  socklen_t addrlen = sizeof(SOCKADDR_IN);
  SOCKADDR_IN addr ; 
  SOCKET client_sock;
  BT_CLIENT * client ;
  char reason, *ip;

  client_sock = accept (s, (SOCKADDR*) &addr, &addrlen);

  if (client_sock == -1)
   continue;

  ip = inet_ntoa (addr.sin_addr);

  if ((reason = allow(ip)) <= 0)
  {
   switch (reason)
   {
   case 0:
	logevent("Refused %s:%i (filter)", 
	 ip,port_info.port);
	break;
   case -1:
	logevent("Refused %s:%i (connection limit)", 
	 ip,port_info.port);
	break;
   case -2:
	logevent("Refused %s:%i (clone limit)", 
	 ip,port_info.port);
	break;
   }
   bt_close(client_sock);
   continue;
  }

  client = addconn(ip,port_info.port);
  client->sock = client_sock;
  client->use_pass = port_info.use_pass ;

  if (client->use_pass)
   bt_cpy (client->password, port_info.password);

  if (_beginthread (proxythread,0,client) == -1)
  {
   logevent ("Could not create proxy thread for %s:%i",
	client->ip,client->port);

   bt_close(client->sock);
   delconn(client);

   _endthread();
  }
 }

 _endthread();
}
Example #17
0
File: toolbar.cpp Project: BGmot/Qt
void ToolBar::allowTop(bool a)
{ allow(Qt::TopToolBarArea, a); }
Example #18
0
File: toolbar.cpp Project: BGmot/Qt
void ToolBar::allowLeft(bool a)
{ allow(Qt::LeftToolBarArea, a); }
Example #19
0
int sdcard_set_write_buffer (uint8_t* buffer, uint32_t len) {
  return allow(DRIVER_NUM_SDCARD, 1, (void*) buffer, len);
}
Example #20
0
int filter_frame(u_char *buffer, session_t *sp)
{
    struct ethhdr *eth;
    struct iphdr *iph;
    struct ip6_hdr *ipv6h;
    struct udphdr *udph;
    struct tcphdr *tcph;
    struct icmp *icmph;
    char meth[3];
    struct in_addr insaddr,indaddr;
    struct in6_addr in6src,in6dst;
    int cnt, i;
    char dest[20];
    enum layer3 {ipv4, ipv6} NET_PROTO;
    enum layer4 {tcp, udp} TRANS_PROTO;
    static u_int32_t last_tcpseq, tcpseq;
    static u_int16_t last_icmpseq, icmpseq;
    char src_addr6[40], dst_addr6[40];

    eth = (struct ethhdr *)buffer;

//    printf("%x %d %x %x\n",sp->destnet, sp->destmask, sp->network, (inet_addr(DEST_NET)));
    /* IP layer process */
    if(ntohs(eth->h_proto) == ETH_P_IP){
        NET_PROTO = ipv4;
        iph = (struct iphdr *)(buffer+sizeof(struct ethhdr));
    } else if(ntohs(eth->h_proto) == ETH_P_IPV6){
//        return deny(500);
        NET_PROTO = ipv6;
        ipv6h = (struct ip6_hdr *)(buffer+sizeof(struct ethhdr));
    } else {
        /* Receive unsupporting protocol */
        return deny(400);
    }
#if 0
    /* Transport layer process */
    if(NET_PROTO == ipv4){
        if(iph->protocol == IPPROTO_TCP){
        } else if(iph->protocol == IPPROTO_UDP){
                udph = (struct udphdr *)(buffer + sizeof(struct ethhdr) + iph->ihl*UNIT);
            printf("%d\n", ntohs(udph->len));
        }
    }
#endif
#if 1
    /* Transport layer process */
    if(NET_PROTO == ipv4){
        if(iph->protocol == IPPROTO_TCP){
            /* フラグメントしていない時 */
            if((htons(iph->frag_off) & IP_OFFMASK) == 0){
                tcph = (struct tcphdr *)(buffer + sizeof(struct ethhdr) + iph->ihl*UNIT);
//            last_tcpseq = tcpseq;
//            tcpseq = tcph->seq;
                TRANS_PROTO = tcp;
            }
        } else if(iph->protocol == IPPROTO_UDP){
            /* フラグメントしていない時 */
            if((htons(iph->frag_off) & IP_OFFMASK) == 0){
                udph = (struct udphdr *)(buffer + sizeof(struct ethhdr) + iph->ihl*UNIT);
                TRANS_PROTO = udp;
            }
        } else if(iph->protocol == IPPROTO_ICMP){
            icmph = (struct icmp *)(buffer+sizeof(struct ethhdr)+iph->ihl*UNIT);
//            last_icmpseq = icmpseq;
//            icmpseq = icmph->icmp_seq;
//            if(last_icmpseq == icmpseq){
//                    return deny(2);
//            }
            TRANS_PROTO = 98;
        } else {
            TRANS_PROTO = 99;
        /* Do Nothing */
//   return deny();
        }
    } else if(NET_PROTO == ipv6){
        in6src = ipv6h->ip6_src;
        in6dst = ipv6h->ip6_dst;

        if(ipv6h->ip6_nxt == IPPROTO_TCP){
            tcph = (struct tcphdr *)(buffer + sizeof(struct ethhdr) + sizeof(struct ip6_hdr));
            TRANS_PROTO = tcp;
        } else if(ipv6h->ip6_nxt == IPPROTO_UDP){
            udph = (struct udphdr *)(buffer + sizeof(struct ethhdr) + sizeof(struct ip6_hdr));
            TRANS_PROTO = udp;
        } else {
            TRANS_PROTO = 99;
        }
    } else {
        NET_PROTO = 99;
    }

    /* Filtering Rule */
    /* avoid well-known port */
//    printf("%d %x\n", iph->id, htons(iph->frag_off)&(IP_OFFMASK) );
    if((TRANS_PROTO == udp) && (udph != NULL)){
        assert(udph != NULL);
        for(i = 0;i < sp->d_port_cnt;i++){
            if(ntohs(udph->dest) == sp->d_port[i]){
                return deny(412);
            }
        }
/*  if(ntohs(udph->dest) < 1024){
            return deny(410);
  }
  if(ntohs(udph->source) < 1024){
   return deny(411);
  }
  if(ntohs(udph->dest) == 9004){
   return deny(412);
  }
  if(ntohs(udph->source) == 9004){
   return deny(413);
  }
*/
    }

    if((TRANS_PROTO == tcp) && (tcph != NULL)){
/*  if(last_tcpseq == tcpseq){
//   return deny(4);
  }
  if(ntohs(tcph->dest) == 22){
   return deny(422);
  }
  if(ntohs(tcph->source) == 22){
   return deny(422);
  }
  if(ntohs(tcph->dest) == 20){
   return allow(220);
  }
  if(ntohs(tcph->dest) == 21){
   return allow(220);
  }
  if(ntohs(tcph->dest) == 80){
   return allow(220);
  }
  if(ntohs(tcph->dest) < 1024){
   return deny(420);
  }
  if(ntohs(tcph->source) < 1024){
   return deny(421);
  }
        */
 }
// packet_dump(buffer);
#endif

    if(NET_PROTO == ipv4){
        /*
  for(cnt = 0; cnt < sp->session_num; cnt++){
   sprintf(dest,"%s",sp->ESendAddr[cnt]);
   // avoid correspond node 
   if(iph->saddr == inet_addr(dest)){
    return deny(431);
   }
  }
    */

    /* basic ipv4 filter rule */
    /* avoid broadcast packet */
//        printf("%x\n",sp->netmask^v4MASK);
//  if(((ntohl(iph->daddr)&0xff)) == 0xff){
    if(((ntohl(iph->daddr)&(sp->netmask^v4MASK))) == (sp->netmask^v4MASK)){
        return deny(430);
    }

    /* avoid sending packet */
//printf("%x %x\n", ntohl(sp->hostip), (iph->saddr));
    if(ntohl(sp->hostip) == (iph->saddr)){
        return deny(432);
    }

    /* avoid incoming packet */
    if((sp->hostip) == (iph->daddr)){
        return deny(433);
    }

/*        if((inet_addr(sp->localnet)&(NETMASK[24].mask)) == (iph->daddr&(NETMASK[24].mask))){
            return deny(7);
        }
        */

    /* For Multicast */
    /* Multicastパケットの場合 */
    if(IN_MULTICAST(ntohl(iph->daddr))){
        /* 他ネットワークからのマルチキャストパケットの場合 */
        if(sp->m_taddr){
/*            if(iph->saddr == sp->m_taddr){
                return m_allow(200);
            }
*/
        }
        /* 送信パケットが自ネットワークのもの以外は拒否 */
        if(sp->network != (iph->saddr&ntohl(sp->netmask))){
//   if((inet_addr(sp->localnet)&(NETMASK[24].mask)) != (iph->saddr&(NETMASK[24].mask))){
            return deny(440);
        }
        /* Avoid local multicast loop */
//   if(inet_addr(sp->localnet) == inet_addr(DEST_NET)){
//   if(sp->network == inet_addr(DEST_NET)){
        /* 自ネットワークと宛先が同じマルチキャストパケットを拒否 */
        /* これはパケットを見ていないんで意味がないかも */
#if 0
        if(sp->network == sp->destnet){
            return deny(441);
        }
#endif
        return m_allow(200);
    }

    if((sp->destnet&(NETMASK[sp->destmask].mask)) == (iph->daddr&(NETMASK[sp->destmask].mask))){
        if(sp->network == (iph->saddr&ntohl(sp->netmask))){
//   if((inet_addr(sp->localnet)&(NETMASK[24].mask)) == (iph->saddr&(NETMASK[24].mask))){
//   if((inet_addr(LOCAL_NET)&(NETMASK[24].mask)) == (iph->saddr&(NETMASK[24].mask))){
            return allow(230);
        }
    }

    } else if(NET_PROTO == ipv6){
  /* For Multicast */
//  IN6_IS_ADDR_MULTICAST
/*  if(ntohs(in6dst.s6_addr16[0]) == 0xff02){
   return m_allow(300);
  }
*/
        sprintf(dst_addr6, "%04x:%04x:%04x:%04x:%04x:%04x:%04x:%04x\n",
                ntohs(in6dst.s6_addr16[0]),
                ntohs(in6dst.s6_addr16[1]),
                ntohs(in6dst.s6_addr16[2]),
                ntohs(in6dst.s6_addr16[3]),
                ntohs(in6dst.s6_addr16[4]),
                ntohs(in6dst.s6_addr16[5]),
                ntohs(in6dst.s6_addr16[6]),
                ntohs(in6dst.s6_addr16[7])
                );
        sprintf(src_addr6, "%04x:%04x:%04x:%04x:%04x:%04x:%04x:%04x\n",
                ntohs(in6src.s6_addr16[0]),
                ntohs(in6src.s6_addr16[1]),
                ntohs(in6src.s6_addr16[2]),
                ntohs(in6src.s6_addr16[3]),
                ntohs(in6src.s6_addr16[4]),
                ntohs(in6src.s6_addr16[5]),
                ntohs(in6src.s6_addr16[6]),
                ntohs(in6src.s6_addr16[7])
                );

//        printf("%s -> %s\n",src_addr6, dst_addr6);
        if((ntohs(in6dst.s6_addr16[0])&0xfff0) == 0xff10){
//      if(ntohs(in6dst.s6_addr16[0]) == 0xff1e){
//printf("host %s src %s\n", sp->hostip6, src_addr6);
            /* 送信先が自ネットワークのもののみ送出 */
            if(strncmp(sp->hostip6, src_addr6, sp->prefix/OCTET_BITS*OCTET_UNIT) == 0)
            {
                return m_allow(301);
            }

            /* マルチキャスト転送オプションがセットされている場合 */
            if(sp->m_taddr6){
                if(strncmp(sp->m_taddr6, src_addr6, sp->prefix/OCTET_BITS*OCTET_UNIT) == 0)
                {
                    return m_allow(301);
                }
            }

            /* 送信元がリンクローカルアドレスでも送出 */
            if(ntohs(in6src.s6_addr16[0]) == 0xfe80){
                return m_allow(302);
            }

            return deny(533);
/*          if(ntohs(in6src.s6_addr16[2]) != 0x5102){
                return deny(530);
            }
            return m_allow(300);
*/
        }
    }
    return deny(499);
}
Example #21
0
    bool isNumber(const char *s) {
        if(s == NULL)
            return false;
        while(*s == ' ')
            s++;
        string str(s);
        while(str.back() == ' ')
            str.pop_back();
        if(str.length() == 0)
            return false;
        bool firstDigit = false;
        for(unsigned int i = 0; i < str.length(); ++i){
            char c = str[i];
            if(!allow(c))
                return false;
            if(!firstDigit && '0' <= c && c <= '9')
                firstDigit = true;
        }
        if(!firstDigit)
            return false;
        // str.length > 0, all characters are allowed, at least one digit
        State state;
        firstDigit = false;
        // initialize state
        switch(str[0]){
            case '+':
            case '-':
                state = PI;
                break;
            case '.':
                state = PD;
                break;
            case 'e':
            case 'E':
                state = F;
                break;
            default: // [0-9]
                state = I;
                firstDigit = true;
        }

        for(unsigned int i = 1; i < str.length() && state != F; ++i){
            char c = str[i];
            if(c == '+' || c == '-'){
                switch(state){
                    case PE:
                    {
                        char prevChar = str[i-1];
                        if(prevChar != '+' || prevChar != '-')
                            state = PE;
                        else
                            state = F;
                        break;
                    }
                    default:
                        state = F;
                }
            }else if(c == 'e' || c == 'E'){
                switch(state){
                    case I:
                    case D:
                        state = PE;
                        break;
                    case PD:
                        if(firstDigit)
                            state = PE;
                        else
                            state = F;
                        break;
                    default:
                        state = F;
                }
            }else if(c == '.'){
                switch(state){
                    case I:
                    case PI:
                        state = PD;
                        break;
                    default:
                        state = F;
                }
            }else{ // c = [0-9]
                firstDigit = true;
                switch(state){
                    case I:
                    case PI:
                        state = I;
                        break;
                    case D:
                    case PD:
                        state = D;
                        break;
                    case E:
                    case PE:
                        state = E;
                }
            }
        }

        return state == I || state == D || state == PD || state == E;
    }
Example #22
0
static void setup_call(SIG_ENTITY *sig,unsigned long call_ref)
{
    SOCKET *sock,*this,**walk;
    struct sockaddr_atmsvc in_addr;
    struct atm_sap in_sap;
    struct atm_qos in_qos;
    unsigned int problem;
    int i;

    problem = sap_decode(&in_dsc,&in_addr,&in_sap,&in_qos,sig->uni);
    if (problem) {
	send_release_complete(sig,call_ref,IE_PB_CAUSE(problem),
	  IE_PB_IE(problem));
	return;
    }
    if (!atmsvc_addr_in_use(in_addr)) {
	send_release_complete(sig,call_ref,ATM_CV_UNALLOC);
	return;
    }
    if (!allow(&in_addr,ACL_IN)) {
	send_release_complete(sig,call_ref,ATM_CV_REJ_CLIR);
	return;
    }
    this = new_sock(kptr_null);
    this->sig = sig;
    sock = lookup_sap(&in_addr,&in_sap,&in_qos,&this->local,&this->sap,
      &this->qos,0);
    if (!sock) {
	free_sock(this);
	send_release_complete(sig,call_ref,ATM_CV_INCOMP_DEST);
	return;
    }
    this->state = sig->mode == sm_net ? ss_proceeding : ss_indicated;
    this->call_state = cs_in_proc;
    this->call_ref = call_ref;
    if (q_present(&in_dsc,QF_ep_ref))
	this->ep_ref = cvt_ep_ref(sig,q_fetch(&in_dsc,QF_ep_ref));
#ifdef CISCO
    else
#endif
    if (sig->mode == sm_net) {
	int error;

	error = send_call_proceeding(this);
	if (error) {
	    free_sock(this);
	    send_release_complete(sig,call_ref,ATM_CV_NO_CI);
	    return;
	}
    }
    /* if (sock->local) *this->local->sas_addr = sock->local->sas_addr; ??? */
    diag(COMPONENT,DIAG_DEBUG,"AAL type %ld",q_fetch(&in_dsc,QF_aal_type));
    if (sig->mode == sm_user) { /* already set by send_call_proceeding */
	int vpci;

	vpci = q_fetch(&in_dsc,QF_vpi);
	this->pvc.sap_family = AF_ATMPVC;
	this->pvc.sap_addr.itf = get_itf(sig,&vpci);
	this->pvc.sap_addr.vpi = vpci;
	this->pvc.sap_addr.vci = q_fetch(&in_dsc,QF_vci);
    }
    diag(COMPONENT,DIAG_DEBUG,"ITF.VPI.VCI: %d.%d.%d",this->pvc.sap_addr.itf,
      this->pvc.sap_addr.vpi,this->pvc.sap_addr.vci);
    if (q_present(&in_dsc,QF_cgpn)) { /* should handle E.164 too */
	char buffer[MAX_ATM_ADDR_LEN+1];
	int plan;

	plan = q_fetch(&in_dsc,QF_cgpn_plan);
	switch (plan) {
	    case ATM_NP_AEA:
		i = q_read(&in_dsc,QF_cgpn,(void *) this->remote.sas_addr.prv,
		  ATM_ESA_LEN);
		break;
	    case ATM_NP_E164:
		i = q_read(&in_dsc,QF_cgpn,(void *) this->remote.sas_addr.pub,
		  ATM_E164_LEN);
		break;
	    default:
		diag(COMPONENT,DIAG_WARN,"Ignoring cgpn with unrecognized "
		  "numbering plan 0x%x\n",plan);
		i = 0;
	}
	if (i) {
	    this->remote.sas_family = AF_ATMSVC;
	    if (atm2text(buffer,MAX_ATM_ADDR_LEN+1,
	      (struct sockaddr *) &this->remote,pretty) < 0)
		strcpy(buffer,"<invalid address>");
	    diag(COMPONENT,DIAG_DEBUG,"Incoming call from %s",buffer);
	}
    }
    send_kernel(kptr_null,sock->id,as_indicate,0,&this->pvc,&this->remote,
      &in_addr,&this->sap,&this->qos);
    for (walk = &sock->listen; *walk; walk = &(*walk)->listen);
    *walk = this;
    diag(COMPONENT,DIAG_DEBUG,"SE vpi.vci=%d.%d",this->pvc.sap_addr.vpi,
      this->pvc.sap_addr.vci);
}
Example #23
0
int
put_resp (struct io_f *io, struct daddr_f *where, struct newt *newt, int flags)
{
  struct note_f note;
  struct resp_f resp;
  struct flock dlock, nlock, rlock;
  int lastin, phys, i;

  rlock.l_whence = SEEK_SET;

  nlock.l_type = F_RDLCK;
  nlock.l_whence = SEEK_SET;
  nlock.l_start = (off_t) (sizeof (struct descr_f) +
                           (newt->nr.notenum * sizeof (struct note_f)));
  nlock.l_len = (off_t) sizeof (struct note_f);
  TEMP_FAILURE_RETRY (fcntl (io->fidndx, F_SETLKW, &nlock));

  getnoterec (io, newt->nr.notenum, &note);

  if (note.n_rindx < 0)
    {
      lastin = note.n_rindx = get_new_resp_block (io);
      resp.r_first = 1;
      resp.r_last = 0;
      resp.r_previous = -1;
      resp.r_next = -1;
      for (i=0; i<RESPSZ; i++)
        resp.r_stat[i] = 0;
    }
  else
    {
      rlock.l_type = F_RDLCK;
      rlock.l_start = (off_t) (sizeof (int) +
                               (note.n_rindx * sizeof (struct resp_f)));
      rlock.l_len = (off_t) sizeof (struct resp_f);
      TEMP_FAILURE_RETRY (fcntl (io->fidrdx, F_SETLKW, &rlock));

      getresprec (io, lastin = note.n_rindx, &resp);

      rlock.l_type = F_UNLCK;
      fcntl (io->fidrdx, F_SETLK, &rlock);
    }

  i = phys = 0;

  while (i < note.n_nresp)
    {
      if (phys >= RESPSZ)
        {
          rlock.l_type = F_RDLCK;
          rlock.l_start = (off_t) (sizeof (int) +
                                   (resp.r_next * sizeof (struct resp_f)));
          rlock.l_len = (off_t) sizeof (struct resp_f);
          TEMP_FAILURE_RETRY (fcntl (io->fidrdx, F_SETLKW, &rlock));

          phys = 0;
          getresprec (io, lastin = resp.r_next, &resp);

          rlock.l_type = F_UNLCK;
          fcntl (io->fidrdx, F_SETLK, &rlock);
        }
      if ((resp.r_stat[phys] & NOTE_DELETED) == 0)
        i++;
      phys++;
    }

  if (phys >= RESPSZ)  /* We are in a new block of responses. */
    {
      phys = 0;
      resp.r_next = get_new_resp_block (io);

      rlock.l_type = F_WRLCK;
      rlock.l_start = (off_t) (sizeof (int) +
                               (lastin * sizeof (struct resp_f)));
      rlock.l_len = (off_t) sizeof (struct resp_f);
      TEMP_FAILURE_RETRY (fcntl (io->fidrdx, F_SETLKW, &rlock));

      putresprec (io, lastin, &resp);

      resp.r_previous = lastin;
      lastin = resp.r_next;
      resp.r_next = -1;
      resp.r_first = note.n_nresp + 1;
      resp.r_last = resp.r_first - 1;
      for (i=0; i<RESPSZ; i++)
        resp.r_stat[i] = 0;
    }

  fdatasync (io->fidrdx);
  rlock.l_type = F_RDLCK;
  rlock.l_start = (off_t) (sizeof (int) +
                           (lastin * sizeof (struct resp_f)));
  rlock.l_len = (off_t) sizeof (struct resp_f);
  TEMP_FAILURE_RETRY (fcntl (io->fidrdx, F_SETLKW, &rlock));

  note.n_nresp++;

  resp.r_addr[phys].addr = where->addr;
  resp.r_addr[phys].textlen = where->textlen;

  strncpy (resp.r_auth[phys].aname, newt->auth.name, NAMESZ);
  strncpy (resp.r_auth[phys].asystem, newt->auth.system, HOMESYSSZ);
  resp.r_auth[phys].aid = (int) newt->auth.uid;
  strncpy (resp.r_from[phys], newt->auth.system, SYSSZ);

  resp.r_stat[phys] = 0;

  if (newt->director_message && allow (io, DRCTOK))
    resp.r_stat[phys] |= DIRMES;

  /* Adjust moderation flag appropriately. */

  if (flags & SKIP_MODERATION)
    {
      if (newt->options & NOTE_UNAPPROVED)
        resp.r_stat[phys] |= ISUNAPPROVED;
    }
  else if (io->descr.d_stat & ISMODERATED && !allow (io, DRCTOK))
    resp.r_stat[phys] |= ISUNAPPROVED;

  if (newt->options & NOTE_ANONYMOUS)
    strncpy (resp.r_auth[phys].aname, "anonymous", NAMESZ);

  /* Prepare to alter the descriptor. */

  dlock.l_type = F_RDLCK;
  dlock.l_whence = SEEK_SET;
  dlock.l_start = 0;
  dlock.l_len = (off_t) sizeof (struct descr_f);
  TEMP_FAILURE_RETRY (fcntl (io->fidndx, F_SETLKW, &dlock));

  getdescr (io, &io->descr);

  if (flags & ADD_ID)
    {
      strncpy (resp.r_id[phys].sys, newt->auth.system, SYSSZ);
      resp.r_id[phys].uniqid = ++io->descr.d_id.uniqid;
      resp.r_id[phys].uniqid += UNIQPLEX * io->descr.d_nfnum;
    }
  else
    {
      strncpy (resp.r_id[phys].sys, newt->id.system, SYSSZ);
      resp.r_id[phys].sys[SYSSZ - 1] = '\0';
      resp.r_id[phys].uniqid = newt->id.number;
    }

  if (flags & UPDATE_TIMES)
    {
      get_uiuc_time (&io->descr.d_lastm, newt->created);
      get_uiuc_time (&note.n_lmod, newt->modified);
    }
  get_uiuc_time (&resp.r_when[phys], newt->created);
  get_uiuc_time (&resp.r_rcvd[phys], newt->created);

  resp.r_last++;

  rlock.l_type = F_WRLCK;
  TEMP_FAILURE_RETRY (fcntl (io->fidrdx, F_SETLKW, &rlock));
  nlock.l_type = F_WRLCK;
  TEMP_FAILURE_RETRY (fcntl (io->fidndx, F_SETLKW, &nlock));
  dlock.l_type = F_WRLCK;
  TEMP_FAILURE_RETRY (fcntl (io->fidndx, F_SETLKW, &dlock));

  putresprec (io, lastin, &resp);

  putnoterec (io, newt->nr.notenum, &note);
  io->descr.d_rspwrit++;

  nlock.l_type = F_UNLCK;
  fcntl (io->fidndx, F_SETLK, &nlock);

  putdescr (io, &io->descr);

  fdatasync (io->fidrdx);
  fdatasync (io->fidndx);
  dlock.l_type = F_UNLCK;
  fcntl (io->fidndx, F_SETLK, &dlock);
  rlock.l_type = F_UNLCK;
  fcntl (io->fidrdx, F_SETLK, &rlock);

  return note.n_nresp;
}
Example #24
0
File: toolbar.cpp Project: BGmot/Qt
void ToolBar::allowRight(bool a)
{ allow(Qt::RightToolBarArea, a); }
Example #25
0
int
uiuc_write_note (struct notesfile *nf, struct newt *newt, int flags)
{
  struct io_f io;
  struct daddr_f daddr;
  int result;
  int error;

  if (newt->nr.notenum < -1 || newt->nr.notenum > nf->total_notes)
    return -1;

  flags &= ~SKIP_MODERATION;  /* Not allowed via the public interface. */

  error = init (&io, nf->ref);
  if (error != NEWTS_NO_ERROR)
    return error;

  if (io.descr.d_stat & NFINVALID)
    {
      closenf (&io);
      return -1;
    }

  if (io.descr.d_stat & ISARCHIVE && !allow (&io, DRCTOK))
    {
      closenf (&io);
      return -2;
    }

  if (newt->nr.notenum == -1)
    {
      /* We have a new basenote here. */

      if (!allow (&io, WRITOK))
        {
          closenf (&io);
          return -2;
        }

      puttextrec (&io, newt->text, &daddr, -1);

      result = put_note (&io, &daddr, newt, flags);

      if (result < 0)
        {
          closenf (&io);
          return result;
        }

      if (!(flags & ADD_POLICY))
      nf->total_notes++;

      closenf (&io);
      return result;
    }
  else
    {
      /* Reject responses to the policy note ... for now. */

      if (newt->nr.notenum == 0)
        return -1;

      if (!allow (&io, RESPOK))
        {
          closenf (&io);
          return -2;
        }

      puttextrec (&io, newt->text, &daddr, -1);
      result = put_resp (&io, &daddr, newt, flags);

      closenf (&io);
      return result;
    }
}
Example #26
0
File: toolbar.cpp Project: BGmot/Qt
void ToolBar::allowBottom(bool a)
{ allow(Qt::BottomToolBarArea, a); }
Example #27
0
 bool				operator()(const std::wstring& name)		{
     return allow(name);
 }