/*----------------------------------------------------------------------
Check to see if user is allowed to read or write this folder.
Args: s -- the name to check
Result: Returns 1 if OK
Returns 0 and posts an error message if access is denied
----*/
int
context_allowed(char *s)
{
struct variable *vars = ps_global ? ps_global->vars : NULL;
int retval = 1;
MAILSTREAM stream; /* fake stream for error message in mm_notify */
if(ps_global
&& ps_global->restricted
&& (strindex("./~", s[0]) || srchstr(s, "/../"))){
stream.mailbox = s;
mm_notify(&stream, "Restricted mode doesn't allow operation", WARN);
retval = 0;
}
else if(vars && VAR_OPER_DIR
&& s[0] != '{' && !(s[0] == '*' && s[1] == '{')
&& strucmp(s,ps_global->inbox_name) != 0
&& strcmp(s, ps_global->VAR_INBOX_PATH) != 0){
char *p, *free_this = NULL;
p = s;
if(strindex(s, '~')){
p = strindex(s, '~');
free_this = (char *)fs_get(strlen(p) + 200);
strncpy(free_this, p, strlen(p)+200);
fnexpand(free_this, strlen(p)+200);
p = free_this;
}
else if(p[0] != '/'){ /* add home dir to relative paths */
free_this = p = (char *)fs_get(strlen(s)
+ strlen(ps_global->home_dir) + 2);
build_path(p, ps_global->home_dir, s,
strlen(s)+strlen(ps_global->home_dir)+2);
}
if(!in_dir(VAR_OPER_DIR, p)){
char err[200];
/* TRANSLATORS: User is restricted to operating within a certain directory */
snprintf(err, sizeof(err), _("Not allowed outside of %.150s"), VAR_OPER_DIR);
stream.mailbox = p;
mm_notify(&stream, err, WARN);
retval = 0;
}
else if(srchstr(p, "/../")){ /* check for .. in path */
stream.mailbox = p;
mm_notify(&stream, "\"..\" not allowed in name", WARN);
retval = 0;
}
if(free_this)
fs_give((void **)&free_this);
}
return retval;
}
fstring FixFuxedUpColladaPaths( fstring uri )
{
fstring _uri = uri;
_uri.replace(FC('\\'), FC('/'));
////////////////////////////////////////////////
fstring mystr( _uri.c_str() );
fstring srchstr("file:///");
size_t ipos= mystr.find(srchstr);
if( ipos != fstring::npos )
{
mystr.erase(7, 8 );
_uri = fstring(mystr.c_str());
}
mystr = fstring( _uri.c_str() );
if( mystr.length() > 3 )
{
char ch0 = mystr.c_str()[0];
char ch1 = mystr.c_str()[1];
char ch2 = mystr.c_str()[2];
if( ch0 == '/' && isalpha(ch1) && isalpha(ch2) )
{
mystr = mystr.substr( 1, mystr.length()-1 );
_uri = fstring(mystr.c_str());
}
}
////////////////////////////////////////////////
return _uri;
}
/*
* Break up the ldap-server string stored in the pinerc into its
* parts. The structure is allocated here and should be freed by the caller.
*
* The original string looks like
* <servername>[:port] <SPACE> "/base=<base>/impl=1/..."
*
* Args serv_str -- The original string from the pinerc to parse.
*
* Returns A pointer to a structure with filled in answers.
*
* Some of the members have defaults. If port is -1, that means to use
* the default LDAP_PORT. If base is NULL, use "". Type and srch have
* defaults defined in alpine.h. If cust is non-NULL, it overrides type and
* srch.
*/
LDAP_SERV_S *
break_up_ldap_server(char *serv_str)
{
char *lserv;
char *q, *p, *tail;
int i, only_one = 1;
LDAP_SERV_S *info = NULL;
if(!serv_str)
return(info);
info = (LDAP_SERV_S *)fs_get(sizeof(LDAP_SERV_S));
/*
* Initialize to defaults.
*/
memset((void *)info, 0, sizeof(*info));
info->port = -1;
info->srch = -1;
info->type = -1;
info->time = -1;
info->size = -1;
info->scope = -1;
/* copy the whole string to work on */
lserv = cpystr(serv_str);
if(lserv)
removing_trailing_white_space(lserv);
if(!lserv || !*lserv || *lserv == '"'){
if(lserv)
fs_give((void **)&lserv);
if(info)
free_ldap_server_info(&info);
return(NULL);
}
tail = lserv;
while((tail = strindex(tail, SPACE)) != NULL){
tail++;
if(*tail == '"' || *tail == '/'){
*(tail-1) = '\0';
break;
}
else
only_one = 0;
}
/* tail is the part after server[:port] <SPACE> */
if(tail && *tail){
removing_leading_white_space(tail);
(void)removing_double_quotes(tail);
}
/* get the optional port number */
if(only_one && (q = strindex(lserv, ':')) != NULL){
int ldapport = -1;
*q = '\0';
if((ldapport = atoi(q+1)) >= 0)
info->port = ldapport;
}
/* use lserv for serv even though it has a few extra bytes alloced */
info->serv = lserv;
if(tail && *tail){
/* get the search base */
if((q = srchstr(tail, "/base=")) != NULL)
info->base = remove_backslash_escapes(q+6);
if((q = srchstr(tail, "/binddn=")) != NULL)
info->binddn = remove_backslash_escapes(q+8);
/* get the implicit parameter */
if((q = srchstr(tail, "/impl=1")) != NULL)
info->impl = 1;
/* get the rhs parameter */
if((q = srchstr(tail, "/rhs=1")) != NULL)
info->rhs = 1;
/* get the ref parameter */
if((q = srchstr(tail, "/ref=1")) != NULL)
info->ref = 1;
/* get the nosub parameter */
if((q = srchstr(tail, "/nosub=1")) != NULL)
info->nosub = 1;
/* get the tls parameter */
if((q = srchstr(tail, "/tls=1")) != NULL)
info->tls = 1;
/* get the tlsmust parameter */
if((q = srchstr(tail, "/tlsm=1")) != NULL)
info->tlsmust = 1;
/* get the search type value */
if((q = srchstr(tail, "/type=")) != NULL){
NAMEVAL_S *v;
q += 6;
if((p = strindex(q, '/')) != NULL)
*p = '\0';
for(i = 0; (v = ldap_search_types(i)); i++)
if(!strucmp(q, v->name)){
info->type = v->value;
break;
}
if(p)
*p = '/';
}
/* get the search rule value */
if((q = srchstr(tail, "/srch=")) != NULL){
NAMEVAL_S *v;
q += 6;
if((p = strindex(q, '/')) != NULL)
*p = '\0';
for(i = 0; (v = ldap_search_rules(i)); i++)
if(!strucmp(q, v->name)){
info->srch = v->value;
break;
}
if(p)
*p = '/';
}
/* get the scope */
if((q = srchstr(tail, "/scope=")) != NULL){
NAMEVAL_S *v;
q += 7;
if((p = strindex(q, '/')) != NULL)
*p = '\0';
for(i = 0; (v = ldap_search_scope(i)); i++)
if(!strucmp(q, v->name)){
info->scope = v->value;
break;
}
if(p)
*p = '/';
}
/* get the time limit */
if((q = srchstr(tail, "/time=")) != NULL){
q += 6;
if((p = strindex(q, '/')) != NULL)
*p = '\0';
/* This one's a number */
if(*q){
char *err;
err = strtoval(q, &i, 0, 500, 0, tmp_20k_buf, SIZEOF_20KBUF, "ldap timelimit");
if(err){
dprint((1, "%s\n", err ? err : "?"));
}
else
info->time = i;
}
if(p)
*p = '/';
}
/* get the size limit */
if((q = srchstr(tail, "/size=")) != NULL){
q += 6;
if((p = strindex(q, '/')) != NULL)
*p = '\0';
/* This one's a number */
if(*q){
char *err;
err = strtoval(q, &i, 0, 500, 0, tmp_20k_buf, SIZEOF_20KBUF, "ldap sizelimit");
if(err){
dprint((1, "%s\n", err ? err : "?"));
}
else
info->size = i;
}
if(p)
*p = '/';
}
/* get the custom search filter */
if((q = srchstr(tail, "/cust=")) != NULL)
info->cust = remove_backslash_escapes(q+6);
/* get the nickname */
if((q = srchstr(tail, "/nick=")) != NULL)
info->nick = remove_backslash_escapes(q+6);
/* get the mail attribute name */
if((q = srchstr(tail, "/matr=")) != NULL)
info->mailattr = remove_backslash_escapes(q+6);
/* get the sn attribute name */
if((q = srchstr(tail, "/satr=")) != NULL)
info->snattr = remove_backslash_escapes(q+6);
/* get the gn attribute name */
if((q = srchstr(tail, "/gatr=")) != NULL)
info->gnattr = remove_backslash_escapes(q+6);
/* get the cn attribute name */
if((q = srchstr(tail, "/catr=")) != NULL)
info->cnattr = remove_backslash_escapes(q+6);
/* get the backup mail address */
if((q = srchstr(tail, "/mail=")) != NULL)
info->mail = remove_backslash_escapes(q+6);
}
return(info);
}
