remove libnsl from linux makefile

Mon, 11 Feb 2019 09:18:33 +0100

author
Olaf Wintermann <olaf.wintermann@gmail.com>
date
Mon, 11 Feb 2019 09:18:33 +0100
changeset 202
c374d11d6720
parent 201
196a3caebdc7
child 203
7fe53d5d587c

remove libnsl from linux makefile

make/linux.mk file | annotate | diff | comparison | revisions
src/server/daemon/acl.c file | annotate | diff | comparison | revisions
--- a/make/linux.mk	Sun Jan 06 14:38:57 2019 +0100
+++ b/make/linux.mk	Mon Feb 11 09:18:33 2019 +0100
@@ -29,7 +29,7 @@
 
 # compiler and linker flags
 CFLAGS += -DLINUX
-LDFLAGS += -lpthread -ldl -lnsl -lm -lldap
+LDFLAGS += -lpthread -ldl -lm -lldap
 
 
 # platform dependend source files
--- a/src/server/daemon/acl.c	Sun Jan 06 14:38:57 2019 +0100
+++ b/src/server/daemon/acl.c	Mon Feb 11 09:18:33 2019 +0100
@@ -55,11 +55,11 @@
         acllist_createhandle(sn, rq);
     }
     ACLListHandle *list = rq->acllist;
-    
+
     if(!list->defaultauthdb && acl->authdb) {
         list->defaultauthdb = acl->authdb;
     }
-    
+
     ACLListElm *elm = pool_malloc(sn->pool, sizeof(ACLListElm));
     elm->acl = acl;
     elm->next = NULL;
@@ -103,7 +103,7 @@
     if(!sn || !rq || !list) {
         return NULL;
     }
-    
+
     // get user
     User *user = NULL;
     if(list->defaultauthdb) {
@@ -129,7 +129,7 @@
                     rq->vars);
         }
     }
-    
+
     return user;
 }
 
@@ -137,7 +137,7 @@
     if(sn == NULL || rq == NULL) {
         return;
     }
-    
+
     if(!user) {
         char *value = NULL;
         if(acl->authprompt) {
@@ -167,13 +167,13 @@
     if(!list) {
         return REQ_PROCEED;
     }
-    
+
     // we combine access_mask with the required access rights
     access_mask |= rq->aclreqaccess;
-    
+
     // get user
     User *user = acllist_getuser(sn, rq, list);
-    
+
     // evalutate all ACLs
     ACLList *acl = acl_evallist(list, user, access_mask, NULL);
     if(acl) {
@@ -184,12 +184,12 @@
         }
         return REQ_ABORTED;
     }
-    
+
     // access allowed, we can free the user
     if(user) {
         user->free(user);
     }
-    
+
     return REQ_PROCEED;
 }
 
@@ -205,7 +205,7 @@
     if(externacl) {
         *externacl = NULL;
     }
-    
+
     // evaluate each acl until one denies access
     ACLListElm *elm = list->listhead;
     while(elm) {
@@ -218,30 +218,30 @@
         } else if(!acl->check(acl, user, access_mask)) {
             // the acl denies access
             return acl;
-        } 
+        }
         elm = elm->next;
     }
-    
+
     // ok - all acls allowed access
-    
+
     return NULL;
 }
 
 int wsacl_affects_user(WSAce *ace, User *user) {
     int check_access = 0;
-    
+
     /*
      * an ace can affect
      *   a named user or group (ace->who is set)
      *   the owner of the resource (ACL_OWNER is set)
      *   the owning group of the resource (ACL_GROUP is set)
      *   everyone (ACL_EVERYONE is set)
-     * 
+     *
      * Only one of this conditions should be true. The behavior on
      * illegal flag combination is undefined. We assume that the acls
      * are created correctly by the configuration loader.
      */
-    
+
     if(ace->who && user) {
         // this ace is defined for a named user or group
         if((ace->flags & ACL_IDENTIFIER_GROUP) == ACL_IDENTIFIER_GROUP) {
@@ -261,19 +261,19 @@
     } else if((ace->flags & ACL_EVERYONE) == ACL_EVERYONE) {
         check_access = 1;
     }
-    
+
     return check_access;
 }
 
-int wsacl_check(WSAcl *acl, User *user, int access_mask) { 
+int wsacl_check(WSAcl *acl, User *user, int access_mask) {
     int allow = 0;
     uint32_t allowed_access = 0;
     // check each access control entry
     for(int i=0;i<acl->acenum;i++) {
-        WSAce *ace = acl->ace[i];   
+        WSAce *ace = acl->ace[i];
         if(wsacl_affects_user(ace, user)) {
             if(ace->type == ACL_TYPE_ALLOWED) {
-                // add all new access rights 
+                // add all new access rights
                 allowed_access |= (access_mask & ace->access_mask);
                 // check if we have all requested rights
                 if((allowed_access & access_mask) == access_mask) {
@@ -282,7 +282,7 @@
                 }
             } else {
                 // ACL_TYPE_DENIED
-                
+
                 if((ace->access_mask & access_mask) != 0) {
                     // access denied
                     break;
@@ -290,9 +290,9 @@
             }
         }
     }
-    
+
     // TODO: events
-    
+
     return allow; // allow is 0, if no ace set it to 1
 }
 
@@ -332,7 +332,7 @@
         }
         sstr_t wd = sstr(cwd);
         sstr_t pp = sstr(path);
-        
+
         p = sstrcat(3, wd, sstrn("/", 1), pp);
     } else {
         p = sstrdup(sstr(path));
@@ -341,7 +341,7 @@
         p.ptr[p.length-1] = 0;
         p.length--;
     }
-    
+
     // get uid/gid
     struct passwd pw;
     if(user) {
@@ -362,7 +362,7 @@
         acl->user_uid = -1;
         acl->user_gid = -1;
     }
-    
+
     // translate access_mask
     uint32_t mask = 0;
     if((access_mask & ACL_READ_DATA) == ACL_READ_DATA) {
@@ -407,7 +407,7 @@
     if((access_mask & ACL_SYNCHRONIZE) == ACL_SYNCHRONIZE) {
         mask |= ACE_SYNCHRONIZE;
     }
-    
+
     /*
      * If the vfs wants to create new files, path does not name an existing
      * file. In this case, we check if the user has the ACE_ADD_FILE
@@ -428,11 +428,11 @@
             }
         }
     }
-    
+
     /*
      * perform a acl check for the path and each parent directory
      * we don't check the file system root
-     * 
+     *
      * after the first check, we check only search permission for the
      * directories
      */
@@ -440,7 +440,7 @@
         free(p.ptr);
         return 0;
     }
-    
+
     p = util_path_remove_last(p);
     mask = ACE_LIST_DIRECTORY;
     while(p.length > 1) {
@@ -452,12 +452,12 @@
             free(p.ptr);
             return 0;
         }
-        
+
         // cut the last file name from the path
         p = util_path_remove_last(p);
     }
-    
-    
+
+
     return 1;
 }
 
@@ -469,7 +469,7 @@
         gid_t gid)
 {
     //printf("solaris_acl_check %s\n", path);
-    
+
     int nace = acl(path, ACE_GETACLCNT, 0, NULL);
     if(nace == -1) {
         perror("acl: ACE_GETACLCNT");
@@ -483,14 +483,14 @@
         free(aces);
         return 0;
     }
-    
+
     int allow = 0;
     uint32_t allowed_access = 0;
     for(int i=0;i<nace;i++) {
         ace_t ace = aces[i];
         if(solaris_acl_affects_user(&ace, uid, gid, s->st_uid, s->st_gid)) {
             if(ace.a_type == ACE_ACCESS_ALLOWED_ACE_TYPE) {
-                // add all new access rights 
+                // add all new access rights
                 allowed_access |= (mask & ace.a_access_mask);
                 // check if we have all requested rights
                 if((allowed_access & mask) == mask) {
@@ -499,7 +499,7 @@
                 }
             } else if(ace.a_type == ACE_ACCESS_DENIED_ACE_TYPE) {
                 // ACL_TYPE_DENIED
-                
+
                 if((ace.a_access_mask & mask) != 0) {
                     // access denied
                     break;
@@ -507,9 +507,9 @@
             }
         }
     }
-    
+
     free(aces);
-    
+
     //printf("return %d\n", allow);
     return allow;
 }
@@ -524,9 +524,9 @@
     /*
      * mostly the same as wsacl_affects_user
      */
-    
+
     int check_access = 0;
-    
+
     if((ace->a_flags & ACE_OWNER) == ACE_OWNER) {
         if(uid == owner) {
             check_access = 1;
@@ -551,12 +551,12 @@
             }
         }
     }
-    
+
     return check_access;
 }
 
 void fs_acl_finish() {
-    
+
 }
 
 #endif
@@ -572,7 +572,7 @@
 }
 
 void fs_acl_finish() {
-    
+
 }
 
 #endif
@@ -584,7 +584,7 @@
 }
 
 void fs_acl_finish() {
-  
+
 }
 
 #endif
@@ -600,7 +600,7 @@
         log_ereport(LOG_FAILURE, "fs_acl_check: unknown webserver uid/gid");
         return 1;
     }
-    
+
     // get uid/gid
     struct passwd pw;
     if(user) {
@@ -619,7 +619,7 @@
         acl->user_uid = 0;
         acl->user_gid = 0;
     }
-    
+
     // set fs uid/gid
     if(acl->user_uid != 0) {
         if(setfsuid(pw.pw_uid)) {
@@ -633,8 +633,8 @@
                     "Cannot set fsgid to gid: %u", pw.pw_gid);
         }
     }
-    
-    
+
+
     return 1;
 }
 

mercurial