static afs_int32
CorrectGroupName(struct ubik_trans *ut, char aname[PR_MAXNAMELEN], /* name for group */
afs_int32 cid, /* caller id */
- afs_int32 oid, /* owner of group */
+ afs_int32 *oid, /* owner of group */
char cname[PR_MAXNAMELEN]) /* correct name for group */
{
afs_int32 code;
return PRBADNAM;
admin = pr_noAuth || IsAMemberOf(ut, cid, SYSADMINID);
- if (oid == 0)
- oid = cid;
+ if (((*oid == 0) || (*oid == ANONYMOUSID)) && !admin)
+ *oid = cid;
/* Determine the correct prefix for the name. */
- if (oid == SYSADMINID)
+ if (*oid == SYSADMINID)
prefix = "system";
else {
- afs_int32 loc = FindByID(ut, oid);
+ afs_int32 loc = FindByID(ut, *oid);
if (loc == 0) {
/* let admin create groups owned by non-existent ids (probably
* setting a group to own itself). Check that they look like
strcpy(name, aname); /* in case aname & cname are same */
suffix = strchr(name, ':');
+ /* let e.g. pt_util create groups with "wrong" names (like
+ * an orphan whose parent ID was reused). Check that they look like
+ * groups (with a colon) or otherwise are good user names. */
+ if (pr_noAuth) {
+ strcpy(cname, aname);
+ goto done;
+ }
if (suffix == 0) {
/* sysadmin can make groups w/o ':', but they must still look like
* legal user names. */
memset(&tentry, 0, sizeof(tentry));
- if ((oid == 0) || (oid == ANONYMOUSID))
- oid = creator;
-
if (flag & PRGRP) {
- code = CorrectGroupName(at, aname, creator, oid, tentry.name);
+ code = CorrectGroupName(at, aname, creator, &oid, tentry.name);
if (code)
return code;
if (strcmp(aname, tentry.name) != 0)
newEntry = AllocBlock(at);
if (!newEntry)
return PRDBFAIL;
-#ifdef PR_REMEMBER_TIMES
tentry.createTime = time(0);
-#endif
if (flag & PRGRP) {
tentry.flags = PRGRP;
/* To create the user <name>@<cell> the group AUTHUSER_GROUP@<cell>
* must exist.
*/
- cellGroup =
- (char *)malloc(strlen(AUTHUSER_GROUP) + strlen(atsign) + 1);
- strcpy(cellGroup, AUTHUSER_GROUP);
- strcat(cellGroup, atsign);
+ asprintf(&cellGroup, "%s%s", AUTHUSER_GROUP, atsign);
pos = FindByName(at, cellGroup, ¢ry);
free(cellGroup);
if (!pos)
/* write updated entry for group */
code = pr_Write(at, 0, pos, ¢ry, sizeof(centry));
+ if (code)
+ return PRDBFAIL;
/* Now add the new user entry to the database */
tentry.creator = creator;
code = pr_ReadEntry(at, 0, temp, &tentry);
if (code != 0)
return code;
-#ifdef PR_REMEMBER_TIMES
tentry.removeTime = time(0);
-#endif
for (i = 0; i < PRSIZE; i++) {
if (tentry.entries[i] == aid) {
tentry.entries[i] = PRBADID;
code = pr_ReadEntry(at, 0, temp, &tentry);
if (code != 0)
return code;
-#ifdef PR_REMEMBER_TIMES
tentry.removeTime = time(NULL);
-#endif
tentryg = (struct prentryg *)&tentry;
for (i = 0; i < SGSIZE; i++) {
if (tentryg->supergroup[i] == aid) {
if (entry->id == aid)
return PRINCONSISTENT;
-#ifdef PR_REMEMBER_TIMES
entry->addTime = time(0);
-#endif
for (i = 0; i < PRSIZE; i++) {
if (entry->entries[i] == aid)
return PRIDEXIST;
if (entry->id == aid)
return PRINCONSISTENT;
-#ifdef PR_REMEMBER_TIMES
entry->addTime = time(NULL);
-#endif
entryg = (struct prentryg *)entry;
for (i = 0; i < SGSIZE; i++) {
if (entryg->supergroup[i] == aid)
afs_int32
AddToPRList(prlist *alist, int *sizeP, afs_int32 id)
{
- char *tmp;
+ afs_int32 *tmp;
int count;
if (alist->prlist_len >= *sizeP) {
count = alist->prlist_len + 100;
if (alist->prlist_val) {
- tmp =
- (char *)realloc(alist->prlist_val, count * sizeof(afs_int32));
+ tmp = realloc(alist->prlist_val, count * sizeof(afs_int32));
} else {
- tmp = (char *)malloc(count * sizeof(afs_int32));
+ tmp = malloc(count * sizeof(afs_int32));
}
if (!tmp)
return (PRNOMEM);
- alist->prlist_val = (afs_int32 *) tmp;
+ alist->prlist_val = tmp;
*sizeP = count;
}
alist->prlist_val[alist->prlist_len++] = id;
if (tentry.owner != cid && !IsAMemberOf(at, cid, SYSADMINID)
&& !IsAMemberOf(at, cid, tentry.owner) && !pr_noAuth)
return PRPERM;
-#ifdef PR_REMEMBER_TIMES
tentry.changeTime = time(0);
-#endif
/* we're actually trying to change the id */
if (newid && (newid != aid)) {
/* don't let foreign cell groups change name */
if (atsign != NULL)
return PRPERM;
- code = CorrectGroupName(at, name, cid, tentry.owner, tentry.name);
+ code = CorrectGroupName(at, name, cid, &tentry.owner, tentry.name);
if (code)
return code;
git://git.openafs.org / openafs.git / blobdiff