/*---------------------------------------------------------------------- Check to see if user is allowed to read or write this folder. Args: s -- the name to check Result: Returns 1 if OK Returns 0 and posts an error message if access is denied ----*/ int context_allowed(char *s) { struct variable *vars = ps_global ? ps_global->vars : NULL; int retval = 1; MAILSTREAM stream; /* fake stream for error message in mm_notify */ if(ps_global && ps_global->restricted && (strindex("./~", s[0]) || srchstr(s, "/../"))){ stream.mailbox = s; mm_notify(&stream, "Restricted mode doesn't allow operation", WARN); retval = 0; } else if(vars && VAR_OPER_DIR && s[0] != '{' && !(s[0] == '*' && s[1] == '{') && strucmp(s,ps_global->inbox_name) != 0 && strcmp(s, ps_global->VAR_INBOX_PATH) != 0){ char *p, *free_this = NULL; p = s; if(strindex(s, '~')){ p = strindex(s, '~'); free_this = (char *)fs_get(strlen(p) + 200); strncpy(free_this, p, strlen(p)+200); fnexpand(free_this, strlen(p)+200); p = free_this; } else if(p[0] != '/'){ /* add home dir to relative paths */ free_this = p = (char *)fs_get(strlen(s) + strlen(ps_global->home_dir) + 2); build_path(p, ps_global->home_dir, s, strlen(s)+strlen(ps_global->home_dir)+2); } if(!in_dir(VAR_OPER_DIR, p)){ char err[200]; /* TRANSLATORS: User is restricted to operating within a certain directory */ snprintf(err, sizeof(err), _("Not allowed outside of %.150s"), VAR_OPER_DIR); stream.mailbox = p; mm_notify(&stream, err, WARN); retval = 0; } else if(srchstr(p, "/../")){ /* check for .. in path */ stream.mailbox = p; mm_notify(&stream, "\"..\" not allowed in name", WARN); retval = 0; } if(free_this) fs_give((void **)&free_this); } return retval; }
fstring FixFuxedUpColladaPaths( fstring uri ) { fstring _uri = uri; _uri.replace(FC('\\'), FC('/')); //////////////////////////////////////////////// fstring mystr( _uri.c_str() ); fstring srchstr("file:///"); size_t ipos= mystr.find(srchstr); if( ipos != fstring::npos ) { mystr.erase(7, 8 ); _uri = fstring(mystr.c_str()); } mystr = fstring( _uri.c_str() ); if( mystr.length() > 3 ) { char ch0 = mystr.c_str()[0]; char ch1 = mystr.c_str()[1]; char ch2 = mystr.c_str()[2]; if( ch0 == '/' && isalpha(ch1) && isalpha(ch2) ) { mystr = mystr.substr( 1, mystr.length()-1 ); _uri = fstring(mystr.c_str()); } } //////////////////////////////////////////////// return _uri; }
/* * Break up the ldap-server string stored in the pinerc into its * parts. The structure is allocated here and should be freed by the caller. * * The original string looks like * <servername>[:port] <SPACE> "/base=<base>/impl=1/..." * * Args serv_str -- The original string from the pinerc to parse. * * Returns A pointer to a structure with filled in answers. * * Some of the members have defaults. If port is -1, that means to use * the default LDAP_PORT. If base is NULL, use "". Type and srch have * defaults defined in alpine.h. If cust is non-NULL, it overrides type and * srch. */ LDAP_SERV_S * break_up_ldap_server(char *serv_str) { char *lserv; char *q, *p, *tail; int i, only_one = 1; LDAP_SERV_S *info = NULL; if(!serv_str) return(info); info = (LDAP_SERV_S *)fs_get(sizeof(LDAP_SERV_S)); /* * Initialize to defaults. */ memset((void *)info, 0, sizeof(*info)); info->port = -1; info->srch = -1; info->type = -1; info->time = -1; info->size = -1; info->scope = -1; /* copy the whole string to work on */ lserv = cpystr(serv_str); if(lserv) removing_trailing_white_space(lserv); if(!lserv || !*lserv || *lserv == '"'){ if(lserv) fs_give((void **)&lserv); if(info) free_ldap_server_info(&info); return(NULL); } tail = lserv; while((tail = strindex(tail, SPACE)) != NULL){ tail++; if(*tail == '"' || *tail == '/'){ *(tail-1) = '\0'; break; } else only_one = 0; } /* tail is the part after server[:port] <SPACE> */ if(tail && *tail){ removing_leading_white_space(tail); (void)removing_double_quotes(tail); } /* get the optional port number */ if(only_one && (q = strindex(lserv, ':')) != NULL){ int ldapport = -1; *q = '\0'; if((ldapport = atoi(q+1)) >= 0) info->port = ldapport; } /* use lserv for serv even though it has a few extra bytes alloced */ info->serv = lserv; if(tail && *tail){ /* get the search base */ if((q = srchstr(tail, "/base=")) != NULL) info->base = remove_backslash_escapes(q+6); if((q = srchstr(tail, "/binddn=")) != NULL) info->binddn = remove_backslash_escapes(q+8); /* get the implicit parameter */ if((q = srchstr(tail, "/impl=1")) != NULL) info->impl = 1; /* get the rhs parameter */ if((q = srchstr(tail, "/rhs=1")) != NULL) info->rhs = 1; /* get the ref parameter */ if((q = srchstr(tail, "/ref=1")) != NULL) info->ref = 1; /* get the nosub parameter */ if((q = srchstr(tail, "/nosub=1")) != NULL) info->nosub = 1; /* get the tls parameter */ if((q = srchstr(tail, "/tls=1")) != NULL) info->tls = 1; /* get the tlsmust parameter */ if((q = srchstr(tail, "/tlsm=1")) != NULL) info->tlsmust = 1; /* get the search type value */ if((q = srchstr(tail, "/type=")) != NULL){ NAMEVAL_S *v; q += 6; if((p = strindex(q, '/')) != NULL) *p = '\0'; for(i = 0; (v = ldap_search_types(i)); i++) if(!strucmp(q, v->name)){ info->type = v->value; break; } if(p) *p = '/'; } /* get the search rule value */ if((q = srchstr(tail, "/srch=")) != NULL){ NAMEVAL_S *v; q += 6; if((p = strindex(q, '/')) != NULL) *p = '\0'; for(i = 0; (v = ldap_search_rules(i)); i++) if(!strucmp(q, v->name)){ info->srch = v->value; break; } if(p) *p = '/'; } /* get the scope */ if((q = srchstr(tail, "/scope=")) != NULL){ NAMEVAL_S *v; q += 7; if((p = strindex(q, '/')) != NULL) *p = '\0'; for(i = 0; (v = ldap_search_scope(i)); i++) if(!strucmp(q, v->name)){ info->scope = v->value; break; } if(p) *p = '/'; } /* get the time limit */ if((q = srchstr(tail, "/time=")) != NULL){ q += 6; if((p = strindex(q, '/')) != NULL) *p = '\0'; /* This one's a number */ if(*q){ char *err; err = strtoval(q, &i, 0, 500, 0, tmp_20k_buf, SIZEOF_20KBUF, "ldap timelimit"); if(err){ dprint((1, "%s\n", err ? err : "?")); } else info->time = i; } if(p) *p = '/'; } /* get the size limit */ if((q = srchstr(tail, "/size=")) != NULL){ q += 6; if((p = strindex(q, '/')) != NULL) *p = '\0'; /* This one's a number */ if(*q){ char *err; err = strtoval(q, &i, 0, 500, 0, tmp_20k_buf, SIZEOF_20KBUF, "ldap sizelimit"); if(err){ dprint((1, "%s\n", err ? err : "?")); } else info->size = i; } if(p) *p = '/'; } /* get the custom search filter */ if((q = srchstr(tail, "/cust=")) != NULL) info->cust = remove_backslash_escapes(q+6); /* get the nickname */ if((q = srchstr(tail, "/nick=")) != NULL) info->nick = remove_backslash_escapes(q+6); /* get the mail attribute name */ if((q = srchstr(tail, "/matr=")) != NULL) info->mailattr = remove_backslash_escapes(q+6); /* get the sn attribute name */ if((q = srchstr(tail, "/satr=")) != NULL) info->snattr = remove_backslash_escapes(q+6); /* get the gn attribute name */ if((q = srchstr(tail, "/gatr=")) != NULL) info->gnattr = remove_backslash_escapes(q+6); /* get the cn attribute name */ if((q = srchstr(tail, "/catr=")) != NULL) info->cnattr = remove_backslash_escapes(q+6); /* get the backup mail address */ if((q = srchstr(tail, "/mail=")) != NULL) info->mail = remove_backslash_escapes(q+6); } return(info); }