Lines Matching +full:system +full:- +full:auth
1 /*-
26 * Low-level routines relating to the user capabilities database
205 /* count the sub-strings */ in arrayize()
258 free(lc->lc_style); in login_close()
259 free(lc->lc_class); in login_close()
260 free(lc->lc_cap); in login_close()
262 if (--lc_object_count == 0) { in login_close()
281 * 'pwd' argument is non-NULL and contains an non-NULL
283 * up from that directory and used before the system
284 * login database. In that case the system login database
286 * Return a filled-out login_cap_t structure, including
306 dir = (!me || pwd == NULL) ? NULL : pwd->pw_dir; in login_getclassbyname()
309 * - some NFSes have root read access disabled. in login_getclassbyname()
316 (void)setegid(pwd->pw_gid); in login_getclassbyname()
317 (void)seteuid(pwd->pw_uid); in login_getclassbyname()
322 if (_secure_path(userpath, pwd->pw_uid, pwd->pw_gid) != -1) in login_getclassbyname()
326 * XXX: Why to add the system database if the class is `me'? in login_getclassbyname()
328 if (_secure_path(path_login_conf, 0, 0) != -1) in login_getclassbyname()
335 switch (cgetent(&lc->lc_cap, login_dbarray, name)) { in login_getclassbyname()
336 case -1: /* Failed, entry does not exist */ in login_getclassbyname()
340 r = -1; in login_getclassbyname()
346 * then complain about a non-existent class. in login_getclassbyname()
350 /* fall-back to default class */ in login_getclassbyname()
353 if (cgetent(&lc->lc_cap, login_dbarray, name) != 0 && r >= 0) in login_getclassbyname()
355 /* FALLTHROUGH - just return system defaults */ in login_getclassbyname()
357 if ((lc->lc_class = strdup(name)) != NULL) { in login_getclassbyname()
367 case -2: in login_getclassbyname()
370 case -3: in login_getclassbyname()
396 * Get the login class for the system (only) login class database.
397 * Return a filled-out login_cap_t structure, including
411 * the system (only) login class database.
415 * user or that of LOGIN_DEFROOTCLASS (i.e., "root") for a super-user.
416 * Return a filled-out login_cap_t structure, including
426 cls = pwd->pw_class; in login_getpwclass()
428 cls = (pwd->pw_uid == 0) ? LOGIN_DEFROOTCLASS : LOGIN_DEFCLASS; in login_getpwclass()
464 if (lc == NULL || cap == NULL || lc->lc_cap == NULL || *cap == '\0') in login_getcapstr()
467 if ((ret = cgetstr(lc->lc_cap, cap, &res)) == -1) in login_getcapstr()
530 "-1", in isinfinite()
566 while (((u_quad_t)1 << (bpw-1)) == 0) in rmultiply()
567 --bpw; in rmultiply()
575 for (b1 = bpw; (((u_quad_t)1 << (b1-1)) & n1) == 0; --b1) in rmultiply()
577 for (b2 = bpw; (((u_quad_t)1 << (b2-1)) & n2) == 0; --b2) in rmultiply()
579 if (b1 + b2 - 2 > bpw) { in rmultiply()
597 * So if (h1>>1 * h2>>1) > (1<<(bpw - 2)) then the result will in rmultiply()
600 * Finally, if MAX - ((h1 * l2) + (l1 * h2) + (l1 * l2)) < (h1*h2) in rmultiply()
605 if (m >= ((u_quad_t)1 << (bpw-2))) { in rmultiply()
641 if (lc == NULL || lc->lc_cap == NULL) in login_getcaptime()
646 * If it's not there (-1), return <def>. in login_getcaptime()
650 if ((r = cgetstr(lc->lc_cap, cap, &res)) == -1) in login_getcaptime()
674 lc->lc_class, cap, oval); in login_getcaptime()
681 ep--; in login_getcaptime()
697 case 'y': case 'Y': /* 365-day years */ in login_getcaptime()
729 if (lc == NULL || lc->lc_cap == NULL) in login_getcapnum()
735 r = cgetstr(lc->lc_cap, cap, &res); in login_getcapnum()
736 if (r == -1) { in login_getcapnum()
739 if ((r = cgetnum(lc->lc_cap, cap, &lval)) == -1) in login_getcapnum()
755 lc->lc_class, cap, res); in login_getcapnum()
766 * 'values' must be a NULL-terminated array of strings listing the possible
769 * A non-negative return code indicates success, and is the index of the value
773 * -4: 'lc' or 'cap' insufficiently initialized or not valid.
774 * -3: System error (allocation failure).
775 * -2: Capability not found or not a string.
776 * -1: Capability has a string value, but not one listed in 'values'.
785 if (lc == NULL || lc->lc_cap == NULL || cap == NULL || *cap == '\0') in login_getcapenum()
786 return (-4); in login_getcapenum()
788 ret = cgetstr(lc->lc_cap, cap, &cand); in login_getcapenum()
790 if (ret == -1) in login_getcapenum()
792 return (-2); in login_getcapenum()
794 /* System error (normally, allocation failure). */ in login_getcapenum()
795 return (-3); in login_getcapenum()
797 ret = -1; in login_getcapenum()
826 if (lc == NULL || lc->lc_cap == NULL) in login_getcapsize()
829 if ((r = cgetstr(lc->lc_cap, cap, &res)) == -1) in login_getcapsize()
847 lc->lc_class, cap, oval); in login_getcapsize()
853 ep--; in login_getcapsize()
855 case 'b': case 'B': /* 512-byte blocks */ in login_getcapsize()
858 case 'k': case 'K': /* 1024-byte Kilobytes */ in login_getcapsize()
861 case 'm': case 'M': /* 1024-k kbytes */ in login_getcapsize()
886 * of <cap>. Return <def> if <lc>->lc_cap is NULL, otherwise return
893 if (lc == NULL || lc->lc_cap == NULL) in login_getcapbool()
895 return (cgetcap(lc->lc_cap, cap, ':') != NULL); in login_getcapbool()
901 * Given a login_cap entry <lc>, and optionally a type of auth <auth>,
904 * 1. If <auth> is non-null, look for an "auth-<auth>=" string
905 * in the capability; if not present, default to "auth=".
906 * 2. If there is no auth list found from (1), default to
908 * 3. If <style> is non-null, look for <style> in the list of
920 login_getstyle(login_cap_t *lc, const char *style, const char *auth) in login_getstyle() argument
929 if (auth != NULL && *auth != '\0') { in login_getstyle()
930 if (snprintf(realauth, sizeof realauth, "auth-%s", auth) < (int)sizeof(realauth)) in login_getstyle()
935 authtypes = login_getcaplist(lc, "auth", NULL); in login_getstyle()
941 * We have at least one authtype now; auths is a comma-separated in login_getstyle()
942 * (or space-separated) list of authentication types. We have to in login_getstyle()
951 lc->lc_style = NULL; in login_getstyle()
953 lc->lc_style = auths; in login_getstyle()
955 if (lc->lc_style != NULL) in login_getstyle()
956 lc->lc_style = strdup(lc->lc_style); in login_getstyle()
958 return lc->lc_style; in login_getstyle()