X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fuser.c;h=2de0ffd17c7e224d877c3f28b13d83b52e52e652;hb=20965abe9c5bb80d79e5ad791cd2b59ec60259b5;hp=e32a61ad3f57dda23021daf8835014b72885f7ce;hpb=21c70857f1029309d6bc5a5b6a93d7537494b742;p=openldap
diff --git a/servers/slapd/user.c b/servers/slapd/user.c
index e32a61ad3f..2de0ffd17c 100644
--- a/servers/slapd/user.c
+++ b/servers/slapd/user.c
@@ -1,13 +1,19 @@
-/* user.c - set user id, group id and group access list
+/* user.c - set user id, group id and group access list */
+/* $OpenLDAP$ */
+/* This work is part of OpenLDAP Software .
*
- * Copyright 1999 by PM Lashley and The OpenLDAP Foundation.
+ * Copyright 1998-2004 The OpenLDAP Foundation.
+ * Portions Copyright 1999 PM Lashley.
* All rights reserved.
*
- * Redistribution and use in source and binary forms are permitted only
- * as authorized by the OpenLDAP Public License. A copy of this
- * license is available at http://www.OpenLDAP.org/license.html or
- * in file LICENSE in the top-level directory of the distribution.
-*/
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * .
+ */
#include "portable.h"
@@ -29,24 +35,29 @@
#include "slap.h"
-
/*
* Set real and effective user id and group id, and group access list
+ * The user and group arguments are freed.
*/
void
slap_init_user( char *user, char *group )
{
- uid_t uid = (uid_t) -1;
- gid_t gid = (gid_t) -1;
+ uid_t uid = 0;
+ gid_t gid = 0;
+ int got_uid = 0, got_gid = 0;
if ( user ) {
struct passwd *pwd;
if ( isdigit( (unsigned char) *user )) {
+ got_uid = 1;
uid = atoi( user );
#ifdef HAVE_GETPWUID
pwd = getpwuid( uid );
goto did_getpw;
+#else
+ free( user );
+ user = NULL;
#endif
} else {
pwd = getpwnam( user );
@@ -54,14 +65,17 @@ slap_init_user( char *user, char *group )
if ( pwd == NULL ) {
Debug( LDAP_DEBUG_ANY, "No passwd entry for user %s\n",
user, 0, 0 );
- exit( 1 );
+
+ exit( EXIT_FAILURE );
}
- if ( uid >= 0 ) {
+ if ( got_uid ) {
free( user );
user = (pwd != NULL ? ch_strdup( pwd->pw_name ) : NULL);
} else {
+ got_uid = 1;
uid = pwd->pw_uid;
}
+ got_gid = 1;
gid = pwd->pw_gid;
#ifdef HAVE_ENDPWENT
endpwent();
@@ -85,17 +99,20 @@ slap_init_user( char *user, char *group )
if ( grp == NULL ) {
Debug( LDAP_DEBUG_ANY, "No group entry for group %s\n",
group, 0, 0 );
- exit( 1 );
+
+ exit( EXIT_FAILURE );
}
}
free( group );
+ got_gid = 1;
}
if ( user ) {
if ( getuid() == 0 && initgroups( user, gid ) != 0 ) {
Debug( LDAP_DEBUG_ANY,
"Could not set the group access (gid) list\n", 0, 0, 0 );
- exit( 1 );
+
+ exit( EXIT_FAILURE );
}
free( user );
}
@@ -104,32 +121,36 @@ slap_init_user( char *user, char *group )
endgrent();
#endif
- if ( gid >= 0 ) {
+ if ( got_gid ) {
if ( setgid( gid ) != 0 ) {
Debug( LDAP_DEBUG_ANY, "Could not set real group id to %d\n",
- gid, 0, 0 );
- exit( 1 );
+ (int) gid, 0, 0 );
+
+ exit( EXIT_FAILURE );
}
#ifdef HAVE_SETEGID
if ( setegid( gid ) != 0 ) {
Debug( LDAP_DEBUG_ANY, "Could not set effective group id to %d\n",
- gid, 0, 0 );
- exit( 1 );
+ (int) gid, 0, 0 );
+
+ exit( EXIT_FAILURE );
}
#endif
}
- if ( uid >= 0 ) {
+ if ( got_uid ) {
if ( setuid( uid ) != 0 ) {
- Debug( LDAP_DEBUG_ANY, "Could not set effective user id to %d\n",
- uid, 0, 0 );
- exit( 1 );
+ Debug( LDAP_DEBUG_ANY, "Could not set real user id to %d\n",
+ (int) uid, 0, 0 );
+
+ exit( EXIT_FAILURE );
}
#ifdef HAVE_SETEUID
if ( seteuid( uid ) != 0 ) {
- Debug( LDAP_DEBUG_ANY, "Could not set real user id to %d\n",
- uid, 0, 0 );
- exit( 1 );
+ Debug( LDAP_DEBUG_ANY, "Could not set effective user id to %d\n",
+ (int) uid, 0, 0 );
+
+ exit( EXIT_FAILURE );
}
#endif
}