static bool is_allowed_user(cmd_rec *cmd, const char *account) { config_rec *c; /* ハッシュテーブルにアカウントがあるか否か */ c = find_config(cmd->server->conf, CONF_PARAM, "LMDBAllowedUser", FALSE); if(c && c->argv[0]) { pr_table_t *explicit_users = c->argv[0]; if(pr_table_exists(explicit_users, account) > 0 ) { pr_log_debug(DEBUG2, "%s: '%s' match with LMDBAllowedUser", MODULE_NAME, account); return true; } } /* 正規表現にマッチするか否か */ c = find_config(cmd->server->conf, CONF_PARAM, "LMDBAllowedUserRegex", FALSE); if(c && c->argv[0]) { int i; array_header *regex_list = c->argv[0]; regex_t ** elts = regex_list->elts; for (i = 0; i < regex_list->nelts; i++) { regex_t *preg = elts[i]; if(regexec(preg, account, 0, NULL, 0) == 0) { pr_log_debug(DEBUG2, "%s: '%s' match with LMDBAllowedUserRegex", MODULE_NAME, account); return true; } } } return false; }
int pr_session_set_protocol(const char *sess_proto) { int count, res; if (sess_proto == NULL) { errno = EINVAL; return -1; } count = pr_table_exists(session.notes, "protocol"); if (count > 0) { res = pr_table_set(session.notes, pstrdup(session.pool, "protocol"), pstrdup(session.pool, sess_proto), 0); if (res == 0) { /* Update the scoreboard entry for this session with the protocol. */ pr_scoreboard_entry_update(session.pid, PR_SCORE_PROTOCOL, sess_proto, NULL); } return res; } res = pr_table_add(session.notes, pstrdup(session.pool, "protocol"), pstrdup(session.pool, sess_proto), 0); if (res == 0) { /* Update the scoreboard entry for this session with the protocol. */ pr_scoreboard_entry_update(session.pid, PR_SCORE_PROTOCOL, sess_proto, NULL); } return res; }
int pr_var_exists(const char *name) { if (var_tab == NULL) { errno = EPERM; return -1; } if (name == NULL) { errno = EINVAL; return -1; } return pr_table_exists(var_tab, name) > 0 ? TRUE : FALSE; }
MODRET add_lmd_allow_user(cmd_rec *cmd) { config_rec *c; int i; pr_table_t *explicit_users; if(cmd->argc < 2) CONF_ERROR(cmd, "missing argument"); CHECK_CONF(cmd, CONF_ROOT|CONF_GLOBAL); /* argv => LMDBAllowedUser nobody nobody1 nobody2 */ c = find_config(main_server->conf, CONF_PARAM, "LMDBAllowedUser", FALSE); if(c && c->argv[0]) { explicit_users = c->argv[0]; } else { c = add_config_param(cmd->argv[0], 0, NULL); c->argv[0] = explicit_users = pr_table_alloc(main_server->pool, 0); } for(i=1; i < cmd->argc; i++) { const char *account = pstrdup(main_server->pool, cmd->argv[i]); if(pr_table_exists(explicit_users, account) > 0) { pr_log_debug(DEBUG2, "%s: %s is already registerd", MODULE_NAME, account); continue; } if(pr_table_add_dup(explicit_users, account, "y", 0) < 0){ pr_log_pri(PR_LOG_ERR, "%s: failed pr_table_add_dup(): %s", MODULE_NAME, strerror(errno)); exit(1); } pr_log_debug(DEBUG2, "%s: add LMDBAllowedUser[%d] %s", MODULE_NAME, i, account); } return PR_HANDLED(cmd); }
int pr_trace_set_levels(const char *channel, int min_level, int max_level) { if (channel == NULL) { void *v; if (trace_tab == NULL) { errno = EINVAL; return -1; } v = pr_table_remove(trace_tab, channel, NULL); if (v == NULL) { errno = EINVAL; return -1; } return 0; } if (min_level > max_level) { errno = EINVAL; return -1; } if (trace_tab == NULL && min_level < 0) { return 0; } if (trace_pool == NULL) { trace_pool = make_sub_pool(permanent_pool); pr_pool_tag(trace_pool, "Trace API"); trace_tab = pr_table_alloc(trace_pool, 0); /* Register a handler for churning the log pool during HUP. */ pr_event_register(NULL, "core.restart", trace_restart_ev, NULL); } if (min_level >= 0) { struct trace_levels *levels; levels = pcalloc(trace_pool, sizeof(struct trace_levels)); levels->min_level = min_level; levels->max_level = max_level; if (strcmp(channel, PR_TRACE_DEFAULT_CHANNEL) != 0) { int count = pr_table_exists(trace_tab, channel); if (count <= 0) { if (pr_table_add(trace_tab, pstrdup(trace_pool, channel), levels, sizeof(struct trace_levels)) < 0) { return -1; } } else { if (pr_table_set(trace_tab, pstrdup(trace_pool, channel), levels, sizeof(struct trace_levels)) < 0) return -1; } } else { register unsigned int i; for (i = 0; trace_channels[i]; i++) { (void) pr_trace_set_levels(trace_channels[i], min_level, max_level); } } } else { if (strcmp(channel, PR_TRACE_DEFAULT_CHANNEL) != 0) { (void) pr_table_remove(trace_tab, channel, NULL); } else { register unsigned int i; for (i = 0; trace_channels[i]; i++) { (void) pr_table_remove(trace_tab, trace_channels[i], NULL); } } } return 0; }
struct passwd *pr_auth_getpwnam(pool *p, const char *name) { cmd_rec *cmd = NULL; modret_t *mr = NULL; struct passwd *res = NULL; module *m = NULL; cmd = make_cmd(p, 1, name); mr = dispatch_auth(cmd, "getpwnam", &m); if (MODRET_ISHANDLED(mr) && MODRET_HASDATA(mr)) res = mr->data; if (cmd->tmp_pool) { destroy_pool(cmd->tmp_pool); cmd->tmp_pool = NULL; } /* Sanity check */ if (res == NULL) { errno = ENOENT; return NULL; } /* Make sure the UID and GID are not -1 */ if (res->pw_uid == (uid_t) -1) { pr_log_pri(PR_LOG_ERR, "error: UID of -1 not allowed"); return NULL; } if (res->pw_gid == (gid_t) -1) { pr_log_pri(PR_LOG_ERR, "error: GID of -1 not allowed"); return NULL; } if ((auth_caching & PR_AUTH_CACHE_FL_AUTH_MODULE) && !auth_tab && auth_pool) { auth_tab = pr_table_alloc(auth_pool, 0); } if (m && auth_tab) { int count = 0; void *value = NULL; value = palloc(auth_pool, sizeof(module *)); *((module **) value) = m; count = pr_table_exists(auth_tab, name); if (count <= 0) { if (pr_table_add(auth_tab, pstrdup(auth_pool, name), value, sizeof(module *)) < 0) { pr_trace_msg(trace_channel, 3, "error adding module 'mod_%s.c' for user '%s' to the authcache: %s", m->name, name, strerror(errno)); } else { pr_trace_msg(trace_channel, 5, "stashed module 'mod_%s.c' for user '%s' in the authcache", m->name, name); } } else { if (pr_table_set(auth_tab, pstrdup(auth_pool, name), value, sizeof(module *)) < 0) { pr_trace_msg(trace_channel, 3, "error setting module 'mod_%s.c' for user '%s' in the authcache: %s", m->name, name, strerror(errno)); } else { pr_trace_msg(trace_channel, 5, "stashed module 'mod_%s.c' for user '%s' in the authcache", m->name, name); } } } uidcache_add(res->pw_uid, name); /* Get the (possibly rewritten) home directory. */ res->pw_dir = pr_auth_get_home(p, res->pw_dir); pr_log_debug(DEBUG10, "retrieved UID %lu for user '%s'", (unsigned long) res->pw_uid, name); return res; }