From: didg Date: Tue, 11 Jan 2005 20:58:42 +0000 (+0000) Subject: NGROUPS is not always the maximum number of groups for a user, use a 'calloced' X-Git-Tag: netatalk-2-0-3~38 X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?p=netatalk.git;a=commitdiff_plain;h=4872dbe1baf18038ba168ab1803b25a86860db05 NGROUPS is not always the maximum number of groups for a user, use a 'calloced' array, not freed but afpd exit on logout. --- diff --git a/etc/afpd/auth.c b/etc/afpd/auth.c index ef92c64d..24701332 100644 --- a/etc/afpd/auth.c +++ b/etc/afpd/auth.c @@ -1,5 +1,5 @@ /* - * $Id: auth.c,v 1.44.2.3.2.15 2004-07-01 01:27:34 didg Exp $ + * $Id: auth.c,v 1.44.2.3.2.15.2.1 2005-01-11 20:58:42 didg Exp $ * * Copyright (c) 1990,1993 Regents of The University of Michigan. * All Rights Reserved. See COPYRIGHT. @@ -52,17 +52,18 @@ int afp_version = 11; static int afp_version_index; uid_t uuid; -#if defined( __svr4__ ) && !defined( NGROUPS ) -#define NGROUPS NGROUPS_MAX -#endif /* __svr4__ NGROUPS */ + #if defined( sun ) && !defined( __svr4__ ) || defined( ultrix ) -int groups[ NGROUPS ]; + +int *groups; +#define GROUPS_SIZE sizeof(int) + #else /* sun __svr4__ ultrix */ -#if defined( __svr4__ ) && !defined( NGROUPS ) -#define NGROUPS NGROUPS_MAX -#endif /* __svr4__ NGROUPS */ -gid_t groups[ NGROUPS ]; + +gid_t *groups; +#define GROUPS_SIZE sizeof(gid_t) #endif /* sun ultrix */ + int ngroups; /* @@ -281,7 +282,17 @@ static int login(AFPObj *obj, struct passwd *pwd, void (*logout)(void), int expi /* Basically if the user is in the admin group, we stay root */ - if (( ngroups = getgroups( NGROUPS, groups )) < 0 ) { + if (( ngroups = getgroups( 0, NULL )) < 0 ) { + LOG(log_error, logtype_afpd, "login: %s getgroups: %s", pwd->pw_name, strerror(errno) ); + return AFPERR_BADUAM; + } + + if ( NULL == (groups = calloc(ngroups, GROUPS_SIZE)) ) { + LOG(log_error, logtype_afpd, "login: %s calloc: %d", ngroups); + return AFPERR_BADUAM; + } + + if (( ngroups = getgroups( ngroups, groups )) < 0 ) { LOG(log_error, logtype_afpd, "login: %s getgroups: %s", pwd->pw_name, strerror(errno) ); return AFPERR_BADUAM; } diff --git a/etc/afpd/auth.h b/etc/afpd/auth.h index cb6bd507..9f6adb73 100644 --- a/etc/afpd/auth.h +++ b/etc/afpd/auth.h @@ -1,5 +1,5 @@ /* - * $Id: auth.h,v 1.5 2003-03-12 15:07:02 didg Exp $ + * $Id: auth.h,v 1.5.8.1 2005-01-11 20:58:42 didg Exp $ * * Copyright (c) 1990,1993 Regents of The University of Michigan. * All Rights Reserved. See COPYRIGHT. @@ -29,13 +29,10 @@ struct afp_versions { #define USERIBIT_ALL (USERIBIT_USER | USERIBIT_GROUP) extern uid_t uuid; -#if defined( __svr4__ ) && !defined( NGROUPS ) -#define NGROUPS NGROUPS_MAX -#endif /*__svr4__ NGROUPS*/ #if defined( sun ) && !defined( __svr4__ ) || defined( ultrix ) -extern int groups[ NGROUPS ]; +extern int *groups; #else /*sun __svr4__ ultrix*/ -extern gid_t groups[ NGROUPS ]; +extern gid_t *groups; #endif /*sun __svr4__ ultrix*/ extern int ngroups;