Sync with HEAD

[openldap] / servers / slapd / user.c

diff --git a/servers/slapd/user.c b/servers/slapd/user.c
index e12c6032a300d8a12a86f90e4d04e2dc6c2b32f8..358e6f38116fab2bb7179e719b93dd45befbcb3a 100644 (file)
--- a/servers/slapd/user.c
+++ b/servers/slapd/user.c
@@ -1,18 +1,19 @@
+/* user.c - set user id, group id and group access list */
 /* $OpenLDAP$ */
-/*
- * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
- */
-/* user.c - set user id, group id and group access list
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1999 by PM Lashley.
+ * Copyright 1998-2006 The OpenLDAP Foundation.
+ * Portions Copyright 1999 PM Lashley.
  * All rights reserved.
  *
- * Redistribution and use in source and binary forms are permitted only
- * as authorized by the OpenLDAP Public License.  A copy of this
- * license is available at http://www.OpenLDAP.org/license.html or
- * in file LICENSE in the top-level directory of the distribution.
-*/
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
+ */
 
 #include "portable.h"
 
@@ -33,7 +34,7 @@
 #include <ac/unistd.h>
 
 #include "slap.h"
-
+#include "lutil.h"
 
 /*
  * Set real and effective user id and group id, and group access list
@@ -49,9 +50,17 @@ slap_init_user( char *user, char *group )
 
     if ( user ) {
        struct passwd *pwd;
-       if ( isdigit( (unsigned char) *user )) {
+       if ( isdigit( (unsigned char) *user ) ) {
+           unsigned u;
+
            got_uid = 1;
-           uid = atoi( user );
+           if ( lutil_atou( &u, user ) != 0 ) {
+               Debug( LDAP_DEBUG_ANY, "Unble to parse user %s\n",
+                      user, 0, 0 );
+
+               exit( EXIT_FAILURE );
+           }
+           uid = (uid_t)u;
 #ifdef HAVE_GETPWUID
            pwd = getpwuid( uid );
            goto did_getpw;
@@ -63,14 +72,8 @@ slap_init_user( char *user, char *group )
            pwd = getpwnam( user );
        did_getpw:
            if ( pwd == NULL ) {
-#ifdef NEW_LOGGING
-                   LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
-                              "slap_init_user: No passwd entry for user %s\n",
-                              user ));
-#else
                Debug( LDAP_DEBUG_ANY, "No passwd entry for user %s\n",
                       user, 0, 0 );
-#endif
 
                exit( EXIT_FAILURE );
            }
@@ -92,7 +95,15 @@ slap_init_user( char *user, char *group )
     if ( group ) {
        struct group *grp;
        if ( isdigit( (unsigned char) *group )) {
-           gid = atoi( group );
+           unsigned g;
+
+           if ( lutil_atou( &g, group ) != 0 ) {
+               Debug( LDAP_DEBUG_ANY, "Unble to parse group %s\n",
+                      group, 0, 0 );
+
+               exit( EXIT_FAILURE );
+           }
+           gid = (uid_t)g;
 #ifdef HAVE_GETGRGID
            grp = getgrgid( gid );
            goto did_group;
@@ -103,13 +114,8 @@ slap_init_user( char *user, char *group )
                gid = grp->gr_gid;
        did_group:
            if ( grp == NULL ) {
-#ifdef NEW_LOGGING
-               LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
-                          "slap_init_user: No group entry for group %s\n", group));
-#else
                Debug( LDAP_DEBUG_ANY, "No group entry for group %s\n",
                       group, 0, 0 );
-#endif
 
                exit( EXIT_FAILURE );
            }
@@ -120,13 +126,8 @@ slap_init_user( char *user, char *group )
 
     if ( user ) {
        if ( getuid() == 0 && initgroups( user, gid ) != 0 ) {
-#ifdef NEW_LOGGING
-           LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
-                      "slap_init_user: Could not set the group access (gid) list.\n" ));
-#else
            Debug( LDAP_DEBUG_ANY,
                   "Could not set the group access (gid) list\n", 0, 0, 0 );
-#endif
 
            exit( EXIT_FAILURE );
        }
@@ -139,25 +140,15 @@ slap_init_user( char *user, char *group )
 
     if ( got_gid ) {
        if ( setgid( gid ) != 0 ) {
-#ifdef NEW_LOGGING
-           LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
-                      "slap_init_user: could not set real group id to %d\n", (int)gid));
-#else
            Debug( LDAP_DEBUG_ANY, "Could not set real group id to %d\n",
                       (int) gid, 0, 0 );
-#endif
 
            exit( EXIT_FAILURE );
        }
 #ifdef HAVE_SETEGID
        if ( setegid( gid ) != 0 ) {
-#ifdef NEW_LOGGING
-           LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
-                      "slap_init_user: Could not set effective group id to %d\n",(int)gid));
-#else
            Debug( LDAP_DEBUG_ANY, "Could not set effective group id to %d\n",
                       (int) gid, 0, 0 );
-#endif
 
            exit( EXIT_FAILURE );
        }
@@ -166,25 +157,15 @@ slap_init_user( char *user, char *group )
 
     if ( got_uid ) {
        if ( setuid( uid ) != 0 ) {
-#ifdef NEW_LOGGING
-           LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
-                      "slap_init_user: Could not set real user id to %d\n", (int)uid ));
-#else
            Debug( LDAP_DEBUG_ANY, "Could not set real user id to %d\n",
                       (int) uid, 0, 0 );
-#endif
 
            exit( EXIT_FAILURE );
        }
 #ifdef HAVE_SETEUID
        if ( seteuid( uid ) != 0 ) {
-#ifdef NEW_LOGGING
-           LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
-                      "slap_init_user: Could not set effective user id to %d\n", (int)uid ));
-#else
            Debug( LDAP_DEBUG_ANY, "Could not set effective user id to %d\n",
                       (int) uid, 0, 0 );
-#endif
 
            exit( EXIT_FAILURE );
        }