X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fuser.c;h=3db5b7c6c1dd256542b5d8d1365da2b292c33bc7;hb=fbc6a7e8ac780fd421e057c34caa9d4ecb166807;hp=e7d7252e01394f2af3dcc443f229b037bcb4e12e;hpb=9ebd9a02892b0233080df2c2b435930b3b9f683b;p=openldap

diff --git a/servers/slapd/user.c b/servers/slapd/user.c
index e7d7252e01..3db5b7c6c1 100644
--- a/servers/slapd/user.c
+++ b/servers/slapd/user.c
@@ -1,6 +1,11 @@
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
 /* user.c - set user id, group id and group access list
  *
- * Copyright 1999 by PM Lashley and The OpenLDAP Foundation.
+ * Copyright 1999 by PM Lashley.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms are permitted only
@@ -11,51 +16,70 @@
 
 #include "portable.h"
 
-#if defined(HAVE_PWD_H) && defined(HAVE_GRP_H)
+#if defined(HAVE_SETUID) && defined(HAVE_SETGID)
 
 #include <stdio.h>
-#include <stdlib.h>
+
+#include <ac/stdlib.h>
+
+#ifdef HAVE_PWD_H
 #include <pwd.h>
+#endif
+#ifdef HAVE_GRP_H
 #include <grp.h>
+#endif
 
 #include <ac/ctype.h>
 #include <ac/unistd.h>
 
 #include "slap.h"
 
-
 /*
  * Set real and effective user id and group id, and group access list
+ * The user and group arguments are freed.
  */
 
 void
 slap_init_user( char *user, char *group )
 {
-    uid_t	uid = (gid_t) -1;
-    gid_t	gid = (gid_t) -1;
+    uid_t	uid = 0;
+    gid_t	gid = 0;
+    int		got_uid = 0, got_gid = 0;
 
     if ( user ) {
 	struct passwd *pwd;
 	if ( isdigit( (unsigned char) *user )) {
+	    got_uid = 1;
 	    uid = atoi( user );
 #ifdef HAVE_GETPWUID
 	    pwd = getpwuid( uid );
 	    goto did_getpw;
+#else
+	    free( user );
+	    user = NULL;
 #endif
 	} else {
 	    pwd = getpwnam( user );
 	did_getpw:
 	    if ( pwd == NULL ) {
+#ifdef NEW_LOGGING
+		    LDAP_LOG( OPERATION, INFO, 
+				"slap_init_user: No passwd entry for user %s\n", user, 0, 0 );
+#else
 		Debug( LDAP_DEBUG_ANY, "No passwd entry for user %s\n",
 		       user, 0, 0 );
-		exit( 1 );
+#endif
+
+		exit( EXIT_FAILURE );
 	    }
-	    if ( uid >= 0 ) {
+	    if ( got_uid ) {
 		free( user );
 		user = (pwd != NULL ? ch_strdup( pwd->pw_name ) : NULL);
 	    } else {
+		got_uid = 1;
 		uid = pwd->pw_uid;
 	    }
+	    got_gid = 1;
 	    gid = pwd->pw_gid;
 #ifdef HAVE_ENDPWENT
 	    endpwent();
@@ -77,19 +101,33 @@ slap_init_user( char *user, char *group )
 		gid = grp->gr_gid;
 	did_group:
 	    if ( grp == NULL ) {
+#ifdef NEW_LOGGING
+		LDAP_LOG( OPERATION, INFO, 
+			"slap_init_user: No group entry for group %s\n", group, 0, 0 );
+#else
 		Debug( LDAP_DEBUG_ANY, "No group entry for group %s\n",
 		       group, 0, 0 );
-		exit( 1 );
+#endif
+
+		exit( EXIT_FAILURE );
 	    }
 	}
 	free( group );
+	got_gid = 1;
     }
 
     if ( user ) {
 	if ( getuid() == 0 && initgroups( user, gid ) != 0 ) {
+#ifdef NEW_LOGGING
+	    LDAP_LOG( OPERATION, INFO,
+			"slap_init_user: Could not set the group access (gid) list.\n", 
+			0, 0, 0 );
+#else
 	    Debug( LDAP_DEBUG_ANY,
 		   "Could not set the group access (gid) list\n", 0, 0, 0 );
-	    exit( 1 );
+#endif
+
+	    exit( EXIT_FAILURE );
 	}
 	free( user );
     }
@@ -98,30 +136,62 @@ slap_init_user( char *user, char *group )
     endgrent();
 #endif
 
-    if ( gid >= 0 ) {
+    if ( got_gid ) {
 	if ( setgid( gid ) != 0 ) {
+#ifdef NEW_LOGGING
+	    LDAP_LOG( OPERATION, INFO, 
+			"slap_init_user: could not set real group id to %d\n", 
+			(int)gid, 0, 0);
+#else
 	    Debug( LDAP_DEBUG_ANY, "Could not set real group id to %d\n",
-		   gid, 0, 0 );
-	    exit( 1 );
+		       (int) gid, 0, 0 );
+#endif
+
+	    exit( EXIT_FAILURE );
 	}
+#ifdef HAVE_SETEGID
 	if ( setegid( gid ) != 0 ) {
+#ifdef NEW_LOGGING
+	    LDAP_LOG( OPERATION, INFO, 
+		   "slap_init_user: Could not set effective group id to %d\n",
+		   (int)gid, 0, 0);
+#else
 	    Debug( LDAP_DEBUG_ANY, "Could not set effective group id to %d\n",
-		   gid, 0, 0 );
-	    exit( 1 );
+		       (int) gid, 0, 0 );
+#endif
+
+	    exit( EXIT_FAILURE );
 	}
+#endif
     }
 
-    if ( uid >= 0 ) {
+    if ( got_uid ) {
 	if ( setuid( uid ) != 0 ) {
-	    Debug( LDAP_DEBUG_ANY, "Could not set effective user id to %d\n",
-		   uid, 0, 0 );
-	    exit( 1 );
+#ifdef NEW_LOGGING
+	    LDAP_LOG( OPERATION, INFO, 
+			"slap_init_user: Could not set real user id to %d\n", 
+			(int)uid, 0, 0 );
+#else
+	    Debug( LDAP_DEBUG_ANY, "Could not set real user id to %d\n",
+		       (int) uid, 0, 0 );
+#endif
+
+	    exit( EXIT_FAILURE );
 	}
+#ifdef HAVE_SETEUID
 	if ( seteuid( uid ) != 0 ) {
-	    Debug( LDAP_DEBUG_ANY, "Could not set real user id to %d\n",
-		   uid, 0, 0 );
-	    exit( 1 );
+#ifdef NEW_LOGGING
+	    LDAP_LOG( OPERATION, INFO, 
+			"slap_init_user: Could not set effective user id to %d\n", 
+			(int)uid, 0, 0 );
+#else
+	    Debug( LDAP_DEBUG_ANY, "Could not set effective user id to %d\n",
+		       (int) uid, 0, 0 );
+#endif
+
+	    exit( EXIT_FAILURE );
 	}
+#endif
     }
 }