static bool is_allowed_user(cmd_rec *cmd, const char *account) {
config_rec *c;
/* ハッシュテーブルにアカウントがあるか否か */
c = find_config(cmd->server->conf, CONF_PARAM, "LMDBAllowedUser", FALSE);
if(c && c->argv[0]) {
pr_table_t *explicit_users = c->argv[0];
if(pr_table_exists(explicit_users, account) > 0 ) {
pr_log_debug(DEBUG2,
"%s: '%s' match with LMDBAllowedUser", MODULE_NAME, account);
return true;
}
}
/* 正規表現にマッチするか否か */
c = find_config(cmd->server->conf, CONF_PARAM, "LMDBAllowedUserRegex", FALSE);
if(c && c->argv[0]) {
int i;
array_header *regex_list = c->argv[0];
regex_t ** elts = regex_list->elts;
for (i = 0; i < regex_list->nelts; i++) {
regex_t *preg = elts[i];
if(regexec(preg, account, 0, NULL, 0) == 0) {
pr_log_debug(DEBUG2,
"%s: '%s' match with LMDBAllowedUserRegex", MODULE_NAME, account);
return true;
}
}
}
return false;
}
int pr_session_set_protocol(const char *sess_proto) {
int count, res;
if (sess_proto == NULL) {
errno = EINVAL;
return -1;
}
count = pr_table_exists(session.notes, "protocol");
if (count > 0) {
res = pr_table_set(session.notes, pstrdup(session.pool, "protocol"),
pstrdup(session.pool, sess_proto), 0);
if (res == 0) {
/* Update the scoreboard entry for this session with the protocol. */
pr_scoreboard_entry_update(session.pid, PR_SCORE_PROTOCOL, sess_proto,
NULL);
}
return res;
}
res = pr_table_add(session.notes, pstrdup(session.pool, "protocol"),
pstrdup(session.pool, sess_proto), 0);
if (res == 0) {
/* Update the scoreboard entry for this session with the protocol. */
pr_scoreboard_entry_update(session.pid, PR_SCORE_PROTOCOL, sess_proto,
NULL);
}
return res;
}
int pr_var_exists(const char *name) {
if (var_tab == NULL) {
errno = EPERM;
return -1;
}
if (name == NULL) {
errno = EINVAL;
return -1;
}
return pr_table_exists(var_tab, name) > 0 ? TRUE : FALSE;
}
MODRET add_lmd_allow_user(cmd_rec *cmd) {
config_rec *c;
int i;
pr_table_t *explicit_users;
if(cmd->argc < 2)
CONF_ERROR(cmd, "missing argument");
CHECK_CONF(cmd, CONF_ROOT|CONF_GLOBAL);
/* argv => LMDBAllowedUser nobody nobody1 nobody2 */
c = find_config(main_server->conf, CONF_PARAM, "LMDBAllowedUser", FALSE);
if(c && c->argv[0]) {
explicit_users = c->argv[0];
} else {
c = add_config_param(cmd->argv[0], 0, NULL);
c->argv[0] = explicit_users = pr_table_alloc(main_server->pool, 0);
}
for(i=1; i < cmd->argc; i++) {
const char *account = pstrdup(main_server->pool, cmd->argv[i]);
if(pr_table_exists(explicit_users, account) > 0) {
pr_log_debug(DEBUG2,
"%s: %s is already registerd", MODULE_NAME, account);
continue;
}
if(pr_table_add_dup(explicit_users, account, "y", 0) < 0){
pr_log_pri(PR_LOG_ERR,
"%s: failed pr_table_add_dup(): %s",
MODULE_NAME, strerror(errno));
exit(1);
}
pr_log_debug(DEBUG2,
"%s: add LMDBAllowedUser[%d] %s", MODULE_NAME, i, account);
}
return PR_HANDLED(cmd);
}
int pr_trace_set_levels(const char *channel, int min_level, int max_level) {
if (channel == NULL) {
void *v;
if (trace_tab == NULL) {
errno = EINVAL;
return -1;
}
v = pr_table_remove(trace_tab, channel, NULL);
if (v == NULL) {
errno = EINVAL;
return -1;
}
return 0;
}
if (min_level > max_level) {
errno = EINVAL;
return -1;
}
if (trace_tab == NULL &&
min_level < 0) {
return 0;
}
if (trace_pool == NULL) {
trace_pool = make_sub_pool(permanent_pool);
pr_pool_tag(trace_pool, "Trace API");
trace_tab = pr_table_alloc(trace_pool, 0);
/* Register a handler for churning the log pool during HUP. */
pr_event_register(NULL, "core.restart", trace_restart_ev, NULL);
}
if (min_level >= 0) {
struct trace_levels *levels;
levels = pcalloc(trace_pool, sizeof(struct trace_levels));
levels->min_level = min_level;
levels->max_level = max_level;
if (strcmp(channel, PR_TRACE_DEFAULT_CHANNEL) != 0) {
int count = pr_table_exists(trace_tab, channel);
if (count <= 0) {
if (pr_table_add(trace_tab, pstrdup(trace_pool, channel), levels,
sizeof(struct trace_levels)) < 0) {
return -1;
}
} else {
if (pr_table_set(trace_tab, pstrdup(trace_pool, channel), levels,
sizeof(struct trace_levels)) < 0)
return -1;
}
} else {
register unsigned int i;
for (i = 0; trace_channels[i]; i++) {
(void) pr_trace_set_levels(trace_channels[i], min_level, max_level);
}
}
} else {
if (strcmp(channel, PR_TRACE_DEFAULT_CHANNEL) != 0) {
(void) pr_table_remove(trace_tab, channel, NULL);
} else {
register unsigned int i;
for (i = 0; trace_channels[i]; i++) {
(void) pr_table_remove(trace_tab, trace_channels[i], NULL);
}
}
}
return 0;
}
struct passwd *pr_auth_getpwnam(pool *p, const char *name) {
cmd_rec *cmd = NULL;
modret_t *mr = NULL;
struct passwd *res = NULL;
module *m = NULL;
cmd = make_cmd(p, 1, name);
mr = dispatch_auth(cmd, "getpwnam", &m);
if (MODRET_ISHANDLED(mr) &&
MODRET_HASDATA(mr))
res = mr->data;
if (cmd->tmp_pool) {
destroy_pool(cmd->tmp_pool);
cmd->tmp_pool = NULL;
}
/* Sanity check */
if (res == NULL) {
errno = ENOENT;
return NULL;
}
/* Make sure the UID and GID are not -1 */
if (res->pw_uid == (uid_t) -1) {
pr_log_pri(PR_LOG_ERR, "error: UID of -1 not allowed");
return NULL;
}
if (res->pw_gid == (gid_t) -1) {
pr_log_pri(PR_LOG_ERR, "error: GID of -1 not allowed");
return NULL;
}
if ((auth_caching & PR_AUTH_CACHE_FL_AUTH_MODULE) &&
!auth_tab &&
auth_pool) {
auth_tab = pr_table_alloc(auth_pool, 0);
}
if (m &&
auth_tab) {
int count = 0;
void *value = NULL;
value = palloc(auth_pool, sizeof(module *));
*((module **) value) = m;
count = pr_table_exists(auth_tab, name);
if (count <= 0) {
if (pr_table_add(auth_tab, pstrdup(auth_pool, name), value,
sizeof(module *)) < 0) {
pr_trace_msg(trace_channel, 3,
"error adding module 'mod_%s.c' for user '%s' to the authcache: %s",
m->name, name, strerror(errno));
} else {
pr_trace_msg(trace_channel, 5,
"stashed module 'mod_%s.c' for user '%s' in the authcache",
m->name, name);
}
} else {
if (pr_table_set(auth_tab, pstrdup(auth_pool, name), value,
sizeof(module *)) < 0) {
pr_trace_msg(trace_channel, 3,
"error setting module 'mod_%s.c' for user '%s' in the authcache: %s",
m->name, name, strerror(errno));
} else {
pr_trace_msg(trace_channel, 5,
"stashed module 'mod_%s.c' for user '%s' in the authcache",
m->name, name);
}
}
}
uidcache_add(res->pw_uid, name);
/* Get the (possibly rewritten) home directory. */
res->pw_dir = pr_auth_get_home(p, res->pw_dir);
pr_log_debug(DEBUG10, "retrieved UID %lu for user '%s'",
(unsigned long) res->pw_uid, name);
return res;
}
