Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/external/gpl2/xcvs/dist/src acl support
details: https://anonhg.NetBSD.org/src/rev/38c15a6b56fa
branches: trunk
changeset: 777878:38c15a6b56fa
user: christos <christos%NetBSD.org@localhost>
date: Thu Mar 08 20:32:31 2012 +0000
description:
acl support
diffstat:
external/gpl2/xcvs/dist/src/acl.c | 2162 +++++++++++++++++++++++++++++++++++++
1 files changed, 2162 insertions(+), 0 deletions(-)
diffs (truncated from 2166 to 300 lines):
diff -r fed17f5ed7a3 -r 38c15a6b56fa external/gpl2/xcvs/dist/src/acl.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/external/gpl2/xcvs/dist/src/acl.c Thu Mar 08 20:32:31 2012 +0000
@@ -0,0 +1,2162 @@
+/*
+ * Copyright (C) 2006 The Free Software Foundation, Inc.
+ *
+ * Portions Copyright (C) 2006, Baris Sahin <sbaris at users.sourceforge.net>
+ * <http://cvsacl.sourceforge.net>
+ *
+ *
+ * You may distribute under the terms of the GNU General Public License as
+ * specified in the README file that comes with the CVS source distribution.
+ *
+ *
+ *
+ * CVS ACCESS CONTROL LIST EXTENSION
+ *
+ * It provides advanced access control definitions per modules,
+ * directories, and files on branch/tag for remote cvs repository
+ * connections.Execution of all CVS subcommands can be controlled
+ * with eight different permissions.
+ *
+ * Permission Types:
+ * - no permission (n) (1)
+ * - all permissions (a) (2)
+ * - write permission (w) (3)
+ * - tag permission (t) (4)
+ * - read permission (r) (5)
+ * - add permission (c) (6)
+ * - remove permission (d) (7)
+ * - permission change (p) (8)
+ *
+ */
+#include "cvs.h"
+#include "getline.h"
+#include <grp.h>
+
+#define free(x) (void)(x)
+
+static int acl_fileproc (void *callerdat, struct file_info *finfo);
+
+static Dtype acl_dirproc (void *callerdat, const char *dir, const char *repos,
+ const char *update_dir, List *entries);
+
+static int acllist_fileproc (void *callerdat, struct file_info *finfo);
+static Dtype acllist_dirproc (void *callerdat, const char *dir,
+ const char *repos, const char *update_dir,
+ List *entries);
+
+static void acllist_print (char *line, const char *obj);
+
+static int racl_proc (int argc, char **argv, char *xwhere,
+ char *mwhere, char *mfile, int shorten,
+ int local_specified, char *mname, char *msg);
+
+static FILE *open_accessfile (char *xmode, const char *repos, char **fname);
+static FILE *open_groupfile (char *xmode);
+
+static char *get_perms (const char *xperms);
+static char *make_perms (char *xperms, char *xfounduserpart, char **xerrmsg);
+
+static char *findusername (const char *string1, const char *string2);
+static char *findgroupname (const char *string1, const char *string2);
+static int valid_tag (const char *part_tag, const char *tag);
+static int valid_perm (const char *part_perms, int perm);
+static int write_perms (const char *user, const char *perms,
+ const char *founduserpart, int foundline,
+ char *otheruserparts, const char *part_type,
+ const char *part_object, const char *part_tag, int pos,
+ const char *arepos);
+
+static char *cache_repository;
+static int cache_retval;
+static int founddeniedfile;
+static int cache_perm;
+
+static int is_racl;
+static int debug = 0;
+
+int use_cvs_acl = 0;
+char *cvs_acl_default_permissions;
+int use_cvs_groups = 0;
+int use_system_groups = 0;
+int use_separate_acl_file_for_each_dir = 0;
+char *cvs_acl_file_location = NULL;
+char *cvs_groups_file_location = NULL;
+char *cvs_server_run_as = NULL;
+int stop_at_first_permission_denied = 0;
+
+char *tag = NULL;
+
+char *muser;
+char *mperms;
+static int defaultperms;
+
+static char *default_perms_object;
+char *default_part_perms_accessfile;
+int aclconfig_default_used;
+
+int acldir = 0;
+int aclfile = 0;
+int listacl = 0;
+
+int userfound = 0;
+int groupfound = 0;
+
+/* directory depth ... */
+char *dirs[255];
+
+static const char *const acl_usage[] =
+ {
+ "Usage: %s %s [user||group:permissions] [-Rl] [-r tag] [directories...] [files...]\n",
+ "\t-R\tProcess directories recursively.\n",
+ "\t-r rev\tExisting revision/tag.\n",
+ "\t-l\tList defined ACLs.\n",
+ "(Specify the --help global option for a list of other help options)\n",
+ NULL
+ };
+
+static const char *const racl_usage[] =
+{
+ "Usage: %s %s [user||group:permissions] [-Rl] [-r tag] [directories...]"
+ " [files...]\n",
+ "\t-R\tProcess directories recursively.\n",
+ "\t-r rev\tExisting revision/tag.\n",
+ "\t-l\tList defined ACLs.\n",
+ "(Specify the --help global option for a list of other help options)\n",
+ NULL
+};
+
+
+int
+access_allowed (const char *file, const char *repos, const char *tag,
+ int perm, char **mline, int *mpos, int usecache)
+{
+ int retval = 0;
+ int foundline = 0;
+ FILE *accessfp;
+
+ int flag = 1;
+
+ char *iline;
+ char *tempv;
+ char *tempc;
+ size_t tempsize;
+
+ int intcount;
+ int accessfilecount;
+ int signlevel = -1;
+ int dadmin = 0;
+
+ const char *repository;
+ char *filefullname = NULL;
+ userfound = 0;
+ groupfound = 0;
+
+ if (defaultperms)
+ {
+ repository = xstrdup ("ALL");
+ }
+ else {
+ if (strlen(repository = Short_Repository (repos)) == 0)
+ {
+ repository = xstrdup (".");
+ }
+ }
+
+ /* cache */
+ if (usecache && cache_repository != NULL &&
+ strcmp (cache_repository, repository) == 0 && !founddeniedfile
+ && perm == cache_perm)
+ return (cache_retval);
+ else
+ {
+ free (cache_repository);
+ cache_repository = xstrdup (repository);
+ cache_perm = perm;
+ }
+
+ iline = xstrdup(repository);
+
+ tempv = strtok(iline, "/\t");
+ tempc = xstrdup(tempv);
+ tempsize = ( tempc != NULL ) ? strlen(tempc) : 0;
+
+ intcount = 0;
+ /* store paths from object to cvsroot */
+ dirs[intcount] = xstrdup(tempc);
+ while ((tempv = strtok(NULL, "/\t")) != NULL)
+ {
+ intcount++;
+
+ xrealloc_and_strcat(&tempc, &tempsize, "/");
+ xrealloc_and_strcat(&tempc, &tempsize, tempv);
+
+ dirs[intcount] = xstrdup(tempc);
+ }
+
+ /* free not needed variables here */
+ free (tempv);
+ free (tempc);
+ free (iline);
+
+ /* accessfilecount will used
+ * if UseSeparateACLFile keyword is set to yes*/
+ accessfilecount = intcount;
+
+ /* if file is not null add it to dirs array */
+ if (file != NULL)
+ {
+ filefullname = Xasprintf("%s/%s", repository, file);
+ intcount++;
+ dirs[intcount] = xstrdup(filefullname);
+ }
+
+ for (accessfilecount; accessfilecount >= 0 && flag; accessfilecount--)
+ {
+ if (!use_separate_acl_file_for_each_dir) {
+ flag = 0;
+ accessfp = open_accessfile ("r", repository, NULL);
+ }
+ else
+ {
+ flag = 1;
+ accessfp = open_accessfile ("r", dirs[accessfilecount], NULL);
+ }
+
+ if (accessfp != NULL)
+ {
+ char *line = NULL;
+ size_t line_allocated = 0;
+
+ char *xline;
+ char *part_type = NULL;
+ char *part_object = NULL;
+ char *part_tag = NULL;
+ char *part_perms = NULL;
+
+ int x;
+
+ while (getline (&line, &line_allocated, accessfp) >= 0)
+ {
+
+ if (line[0] == '#' || line[0] == '\0' || line[0] == '\n')
+ continue;
+
+ xline = xstrdup (line);
+ part_type = strtok (line, ":\t");
+ part_object = strtok (NULL, ":\t");
+ part_tag = strtok (NULL, ":\t");
+ part_perms = strtok (NULL, ":\t");
+
+ if (part_type == NULL || part_object == NULL ||
+ part_tag == NULL || part_perms == NULL)
+ {
+ free (line);
+ error(1, 0, "access file is corrupted or has invalid"
+ " format");
+ }
+
+ if (debug) fprintf (stderr, "type %s object %s tag %s perms"
+ "%s\n", part_type, part_object, part_tag,
+ part_perms);
+ for (x = intcount; x >= signlevel && x != -1; x--)
+ {
+ if (debug) fprintf (stderr, "dirs[%d] = %s, part_object="
+ "%s\n", x, dirs[x], part_object);
+ if (strcmp (dirs[x], part_object) == 0)
+ {
+ if (debug) fprintf(stderr, "tag %s \n", tag);
+ if (valid_tag (part_tag, tag))
+ {
+ foundline = 1;
+ if (debug) fprintf(stderr, "foundline\n");
+
+ if (listacl || ((acldir || aclfile) &&
+ x == intcount) &&
+ strcmp(part_tag, tag) == 0)
+ {
+ *mline = xstrdup (xline);
+ *mpos = ftell (accessfp);
+ }
+
+ if (debug) fprintf(stderr, "perm %d\n", perm);
+ if (valid_perm (part_perms, perm))
+ {
+ if (signlevel == x)
+ {
+ if (strcmp(part_tag, "ALL") != 0 &&
+ !aclconfig_default_used)
+ retval = 1;
+ }
+ else if (!aclconfig_default_used)
+ {
+ signlevel = x;
+ retval = 1;
+ }
+ else {
+ /* nothing... */
Home |
Main Index |
Thread Index |
Old Index