Bugzilla – Attachment 1430 Details for
Bug 1081
AIX port does not support group allow/ deny via nss_ldap
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Implement getgroupslist via getgrset (diff against 4.7p1).
openssh-4.7p1-getgrset.patch (text/plain), 4.17 KB, created by
Darren Tucker
on 2008-01-01 02:49:57 AEDT
(
hide
)
Description:
Implement getgroupslist via getgrset (diff against 4.7p1).
Filename:
MIME Type:
Creator:
Darren Tucker
Created:
2008-01-01 02:49:57 AEDT
Size:
4.17 KB
patch
obsolete
>diff -ru openssh-4.7p1/config.h.in openssh-4.7p1-getgrset/config.h.in >--- openssh-4.7p1/config.h.in 2007-09-04 16:50:04.000000000 +1000 >+++ openssh-4.7p1-getgrset/config.h.in 2007-12-19 17:26:12.000000000 +1100 >@@ -344,6 +344,9 @@ > /* Define to 1 if you have the `getgrouplist' function. */ > #undef HAVE_GETGROUPLIST > >+/* Define to 1 if you have the `getgrset' function. */ >+#undef HAVE_GETGRSET >+ > /* Define to 1 if you have the `getluid' function. */ > #undef HAVE_GETLUID > >diff -ru openssh-4.7p1/configure openssh-4.7p1-getgrset/configure >--- openssh-4.7p1/configure 2007-09-04 16:50:09.000000000 +1000 >+++ openssh-4.7p1-getgrset/configure 2007-12-19 17:26:10.000000000 +1100 >@@ -6761,7 +6761,8 @@ > > > >-for ac_func in setauthdb >+ >+for ac_func in getgrset setauthdb > do > as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` > { echo "$as_me:$LINENO: checking for $ac_func" >&5 >diff -ru openssh-4.7p1/configure.ac openssh-4.7p1-getgrset/configure.ac >--- openssh-4.7p1/configure.ac 2007-08-10 14:36:12.000000000 +1000 >+++ openssh-4.7p1-getgrset/configure.ac 2007-12-19 17:25:48.000000000 +1100 >@@ -343,7 +343,7 @@ > [], > [#include <usersec.h>] > ) >- AC_CHECK_FUNCS(setauthdb) >+ AC_CHECK_FUNCS(getgrset setauthdb) > AC_CHECK_DECL(F_CLOSEM, > AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]), > [], >diff -ru openssh-4.7p1/openbsd-compat/port-aix.c openssh-4.7p1-getgrset/openbsd-compat/port-aix.c >--- openssh-4.7p1/openbsd-compat/port-aix.c 2007-08-09 14:29:48.000000000 +1000 >+++ openssh-4.7p1-getgrset/openbsd-compat/port-aix.c 2007-12-19 17:25:48.000000000 +1100 >@@ -1,7 +1,7 @@ > /* > * > * Copyright (c) 2001 Gert Doering. All rights reserved. >- * Copyright (c) 2003,2004,2005 Darren Tucker. All rights reserved. >+ * Copyright (c) 2003,2004,2005,2006 Darren Tucker. All rights reserved. > * > * Redistribution and use in source and binary forms, with or without > * modification, are permitted provided that the following conditions >@@ -394,4 +394,58 @@ > } > # endif /* AIX_GETNAMEINFO_HACK */ > >+# if defined(USE_GETGRSET) >+# include <stdlib.h> >+int >+getgrouplist(const char *user, gid_t pgid, gid_t *groups, int *grpcnt) >+{ >+ char *cp, *grplist, *grp; >+ gid_t gid; >+ int ret = 0, ngroups = 0, maxgroups; >+ long l; >+ >+ maxgroups = *grpcnt; >+ >+ if ((cp = grplist = getgrset(user)) == NULL) >+ return -1; >+ >+ /* handle zero-length case */ >+ if (maxgroups <= 0) { >+ *grpcnt = 0; >+ return -1; >+ } >+ >+ /* copy primary group */ >+ groups[ngroups++] = pgid; >+ >+ /* copy each entry from getgrset into group list */ >+ while ((grp = strsep(&grplist, ",")) != NULL) { >+ l = strtol(grp, NULL, 10); >+ if (ngroups >= maxgroups || l == LONG_MIN || l == LONG_MAX) { >+ ret = -1; >+ goto out; >+ } >+ gid = (gid_t)l; >+ if (gid == pgid) >+ continue; /* we have already added primary gid */ >+ groups[ngroups++] = gid; >+ } >+out: >+ free(cp); >+ *grpcnt = ngroups; >+ return ret; >+} >+ >+int >+ssh_initgroups(const char *user, gid_t group) >+{ >+ gid_t grps[NGROUPS_MAX]; >+ int grpcnt = NGROUPS_MAX; >+ >+ if (getgrouplist(user, group, grps, &grpcnt) == -1) >+ return -1; >+ return setgroups(grpcnt, grps); >+} >+# endif /* USE_GETGRSET */ >+ > #endif /* _AIX */ >diff -ru openssh-4.7p1/openbsd-compat/port-aix.h openssh-4.7p1-getgrset/openbsd-compat/port-aix.h >--- openssh-4.7p1/openbsd-compat/port-aix.h 2006-09-18 23:54:33.000000000 +1000 >+++ openssh-4.7p1-getgrset/openbsd-compat/port-aix.h 2007-12-19 17:25:48.000000000 +1100 >@@ -3,7 +3,7 @@ > /* > * > * Copyright (c) 2001 Gert Doering. All rights reserved. >- * Copyright (c) 2004, 2005 Darren Tucker. All rights reserved. >+ * Copyright (c) 2004,2005,2006 Darren Tucker. All rights reserved. > * > * Redistribution and use in source and binary forms, with or without > * modification, are permitted provided that the following conditions >@@ -103,4 +103,13 @@ > # define getnameinfo(a,b,c,d,e,f,g) (sshaix_getnameinfo(a,b,c,d,e,f,g)) > #endif > >+/* We use getgrset in preference to multiple getgrent calls for efficiency */ >+#if !defined(HAVE_GETGROUPLIST) && defined(HAVE_GETGRSET) >+# define HAVE_GETGROUPLIST >+# define USE_GETGRSET >+int getgrouplist(const char *, gid_t, gid_t *, int *); >+int ssh_initgroups(const char *, gid_t); >+# define initgroups(a, b) ssh_initgroups((a), (b)) >+#endif >+ > #endif /* _AIX */
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1430">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1081
:
1144
| 1430