Initial Windows port
This commit is contained in:
Asanka Herath
committed by
Love Hornquist Astrand
Love Hornquist Astrand
parent
25a2ac726b
commit
b1063ea8fc
@@ -65,6 +65,7 @@ check_one_file(krb5_context context,
|
||||
fclose (f);
|
||||
return EISDIR;
|
||||
}
|
||||
#ifndef _WIN32
|
||||
if (st.st_uid != pwd->pw_uid && st.st_uid != 0) {
|
||||
fclose (f);
|
||||
return EACCES;
|
||||
@@ -73,6 +74,7 @@ check_one_file(krb5_context context,
|
||||
fclose (f);
|
||||
return EACCES;
|
||||
}
|
||||
#endif
|
||||
|
||||
while (fgets (buf, sizeof(buf), f) != NULL) {
|
||||
krb5_principal tmp;
|
||||
@@ -124,10 +126,12 @@ check_directory(krb5_context context,
|
||||
if (!S_ISDIR(st.st_mode))
|
||||
return ENOTDIR;
|
||||
|
||||
#ifndef _WIN32
|
||||
if (st.st_uid != pwd->pw_uid && st.st_uid != 0)
|
||||
return EACCES;
|
||||
if ((st.st_mode & (S_IWGRP | S_IWOTH)) != 0)
|
||||
return EACCES;
|
||||
#endif
|
||||
|
||||
if((d = opendir(dirname)) == NULL)
|
||||
return errno;
|
||||
@@ -228,14 +232,17 @@ match_local_principals(krb5_context context,
|
||||
* @ingroup krb5_support
|
||||
*/
|
||||
|
||||
krb5_boolean KRB5_LIB_FUNCTION
|
||||
KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
|
||||
krb5_kuserok (krb5_context context,
|
||||
krb5_principal principal,
|
||||
const char *luser)
|
||||
{
|
||||
#ifndef _WIN32
|
||||
char *buf;
|
||||
size_t buflen;
|
||||
struct passwd *pwd;
|
||||
struct passwd *pwd = NULL;
|
||||
char *profile_dir = NULL;
|
||||
krb5_boolean free_profile_dir = FALSE;
|
||||
krb5_error_code ret;
|
||||
krb5_boolean result = FALSE;
|
||||
|
||||
@@ -252,14 +259,15 @@ krb5_kuserok (krb5_context context,
|
||||
#endif
|
||||
if (pwd == NULL)
|
||||
return FALSE;
|
||||
profile_dir = pwd->pw_dir;
|
||||
|
||||
#define KLOGIN "/.k5login"
|
||||
buflen = strlen(pwd->pw_dir) + sizeof(KLOGIN) + 2; /* 2 for .d */
|
||||
buflen = strlen(profile_dir) + sizeof(KLOGIN) + 2; /* 2 for .d */
|
||||
buf = malloc(buflen);
|
||||
if(buf == NULL)
|
||||
return FALSE;
|
||||
/* check user's ~/.k5login */
|
||||
strlcpy(buf, pwd->pw_dir, buflen);
|
||||
strlcpy(buf, profile_dir, buflen);
|
||||
strlcat(buf, KLOGIN, buflen);
|
||||
ret = check_one_file(context, buf, pwd, principal, &result);
|
||||
|
||||
@@ -286,4 +294,11 @@ krb5_kuserok (krb5_context context,
|
||||
return match_local_principals(context, principal, luser);
|
||||
|
||||
return FALSE;
|
||||
#else
|
||||
/* On Windows, for now we always return TRUE. The .k5login file
|
||||
may be on a remote profile and we don't have access to the
|
||||
profile until we have a token handle for the user's
|
||||
credentials. */
|
||||
return TRUE;
|
||||
#endif
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user