rpms/autofs/devel autofs-5.0.0_beta4-exports-access-list.patch, NONE, 1.1 autofs.spec, 1.103, 1.104
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed Jun 14 10:28:16 UTC 2006
- Previous message (by thread): rpms/kernel/devel kernel-2.6.spec,1.2279,1.2280
- Next message (by thread): rpms/kernel/devel/configs config-xen-xen0, 1.7, NONE config-xen-xen0-PAE, 1.2, NONE config-xen-xenU, 1.5, NONE config-xen-xenU-PAE, 1.3, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: ikent
Update of /cvs/dist/rpms/autofs/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv27279
Modified Files:
autofs.spec
Added Files:
autofs-5.0.0_beta4-exports-access-list.patch
Log Message:
* Wed Jun 14 2006 Ian Kent <ikent at redhat.com> - 5.0.0_beta4-10
- add export access list matching to "hosts" lookup module (bz # 193585).
autofs-5.0.0_beta4-exports-access-list.patch:
CHANGELOG | 1
Makefile.rules | 2
lib/rpc_subs.c | 198 +++++++++++++++++++++++++++++++++++++++++++++++++++----
modules/Makefile | 11 ---
4 files changed, 188 insertions(+), 24 deletions(-)
--- NEW FILE autofs-5.0.0_beta4-exports-access-list.patch ---
diff --git a/CHANGELOG b/CHANGELOG
index c3bc17d..80ee4b3 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -26,6 +26,7 @@
- fix handling of master map entry update.
- fix program map handling of iinvalid multi-mount offsets.
- move autofs4 module loading back to init script.
+- add export access list matching to "hosts" lookup module.
2/6/2006 autofs-5.0.0_beta4
---------------------------
diff --git a/Makefile.rules b/Makefile.rules
index 31d2706..7796269 100644
--- a/Makefile.rules
+++ b/Makefile.rules
@@ -61,5 +61,5 @@ # Standard rules
$(CC) $(CFLAGS) -S $<
.c.so:
- $(CC) $(SOLDFLAGS) $(CFLAGS) -o $*.so $< $(AUTOFS_LIB) $(DMALLOCLIB)
+ $(CC) $(SOLDFLAGS) $(CFLAGS) -o $*.so $< $(AUTOFS_LIB) $(DMALLOCLIB) $(LIBNSL)
$(STRIP) $*.so
diff --git a/lib/rpc_subs.c b/lib/rpc_subs.c
index d87362b..143dbdd 100644
--- a/lib/rpc_subs.c
+++ b/lib/rpc_subs.c
@@ -712,32 +712,204 @@ void rpc_exports_free(exports list)
return;
}
-static int rpc_export_allowed(groups grouplist)
+static int masked_match(const char *myname, const char *addr, const char *mask)
+{
+ struct hostent he;
+ struct hostent *phe = &he;
+ struct hostent *result;
+ char buf[HOST_ENT_BUF_SIZE], **haddr;
+ struct sockaddr_in saddr, maddr;
+ int h_errno, ret;
+
+ memset(buf, 0, HOST_ENT_BUF_SIZE);
+ memset(&he, 0, sizeof(struct hostent));
+
+ ret = gethostbyname_r(myname, phe,
+ buf, HOST_ENT_BUF_SIZE, &result, &h_errno);
+ if (ret || !result)
+ return 0;
+
+ ret = inet_aton(addr, &saddr.sin_addr);
+ if (!ret)
+ return 0;
+
+ if (strchr(mask, '.')) {
+ ret = inet_aton(mask, &maddr.sin_addr);
+ if (!ret)
+ return 0;
+ } else {
+ uint32_t m = -1;
+ int msize = atoi(mask);
+
+ m = m << (32 - msize);
+ maddr.sin_addr.s_addr = htonl(m);
+ }
+
+ for (haddr = phe->h_addr_list; *haddr; haddr++) {
+ uint32_t ca, ma, ha;
+
+ ca = (uint32_t) saddr.sin_addr.s_addr;
+ ma = (uint32_t) maddr.sin_addr.s_addr;
+ ha = (uint32_t) ((struct in_addr *) *haddr)->s_addr;
+
+ ret = ((ca & ma) == (ha & ma));
+ if (ret)
+ return 1;
+ }
+ return 0;
+}
+
+/*
+ * This function has been adapted from the match_patern function
+ * found in OpenSSH and is used in accordance with the copyright
+ * notice found their.
+ *
+ * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland.
+ */
+/*
+ * Returns true if the given string matches the pattern (which
+ * may contain ? and * as wildcards), and zero if it does not
+ * match.
+ */
+static int pattern_match(const char *s, const char *pattern)
+{
+ for (;;) {
+ /* If at end of pattern, accept if also at end of string. */
+ if (!*pattern)
+ return !*s;
+
+ if (*pattern == '*') {
+ /* Skip the asterisk. */
+ pattern++;
+
+ /* If at end of pattern, accept immediately. */
+ if (!*pattern)
+ return 1;
+
+ /* If next character in pattern is known, optimize. */
+ if (*pattern != '?' && *pattern != '*') {
+ /*
+ * Look instances of the next character in
+ * pattern, and try to match starting from
+ * those.
+ */
+ for (; *s; s++)
+ if (*s == *pattern &&
+ pattern_match(s + 1, pattern + 1))
+ return 1;
+
+ /* Failed. */
+ return 0;
+ }
+ /*
+ * Move ahead one character at a time and try to
+ * match at each position.
+ */
+ for (; *s; s++)
+ if (pattern_match(s, pattern))
+ return 1;
+ /* Failed. */
+ return 0;
+ }
+ /*
+ * There must be at least one more character in the string.
+ * If we are at the end, fail.
+ */
+ if (!*s)
+ return 0;
+
+ /* Check if the next character of the string is acceptable. */
+ if (*pattern != '?' && *pattern != *s)
+ return 0;
+
+ /* Move to the next character, both in string and in pattern. */
+ s++;
+ pattern++;
+ }
+ /* NOTREACHED */
+}
+
+static int string_match(const char *myname, const char *pattern)
{
- groups grp = grouplist;
- char myname[MAXHOSTNAMELEN + 1];
struct hostent he;
struct hostent *phe = &he;
struct hostent *result;
char buf[HOST_ENT_BUF_SIZE];
int ret;
+ memset(buf, 0, HOST_ENT_BUF_SIZE);
+ memset(&he, 0, sizeof(struct hostent));
+
+ ret = gethostbyname_r(myname, phe,
+ buf, HOST_ENT_BUF_SIZE, &result, &h_errno);
+ if (ret || !result)
+ return 0;
+
+ if (strchr(pattern, '*') || strchr(pattern, '?')) {
+ ret = pattern_match(myname, pattern);
+ if (!ret)
+ ret = pattern_match(phe->h_name, pattern);
+ } else {
+ if (strchr(pattern, '.'))
+ ret = !memcmp(phe->h_name, pattern, strlen(pattern));
+ else
+ ret = !memcmp(myname, pattern, strlen(pattern));
+ }
+ return ret;
+}
+
+static int host_match(char *pattern)
+{
+ static char *ypdomain = NULL;
+ static char myname[MAXHOSTNAMELEN + 1] = "\0";
+ struct in_addr tmp;
+ int ret = 0;
+
+ if (!*myname)
+ if (gethostname(myname, MAXHOSTNAMELEN))
+ return 0;
+
+ if (*pattern == '@') {
+ if (!ypdomain)
+ if (yp_get_default_domain(&ypdomain))
+ return 0;
+ ret = innetgr(pattern + 1, myname, (char *) 0, ypdomain);
+ } else if (inet_aton(pattern, &tmp) || strchr(pattern, '/')) {
+ int len = strlen(pattern) + 1;
+ char *addr, *mask;
+
+ addr = alloca(len);
+ if (!addr)
+ return 0;
+
+ memset(addr, 0, len);
+ memcpy(addr, pattern, len - 1);
+ mask = strchr(addr, '/');
+ if (mask) {
+ *mask++ = '\0';
+ ret = masked_match(myname, addr, mask);
+ } else
+ ret = masked_match(myname, addr, "32");
+ } else if (!strcmp(pattern, "gss/krb5")) {
+ /* Leave this to the GSS layer */
+ ret = 1;
+ } else
+ ret = string_match(myname, pattern);
+
+ return ret;
+}
+
+static int rpc_export_allowed(groups grouplist)
+{
+ groups grp = grouplist;
+
/* NULL group list => everyone */
if (!grp)
return 1;
- if (gethostname(myname, MAXHOSTNAMELEN))
- return 0;
-
while (grp) {
- if (*grp->gr_name == '*')
+ if (host_match(grp->gr_name))
return 1;
- ret = gethostbyname_r(grp->gr_name, phe,
- buf, HOST_ENT_BUF_SIZE, &result, &h_errno);
- if (!ret) {
- if (!strcmp(myname, phe->h_name))
- return 1;
- }
grp = grp->gr_next;
}
return 0;
diff --git a/modules/Makefile b/modules/Makefile
index d72d43c..608e99c 100644
--- a/modules/Makefile
+++ b/modules/Makefile
@@ -77,15 +77,6 @@ endif
#
# Ad hoc compilation rules for modules which need auxilliary libraries
#
-lookup_yp.so: lookup_yp.c
- $(CC) $(SOLDFLAGS) $(CFLAGS) -o lookup_yp.so lookup_yp.c $(AUTOFS_LIB) $(LIBNSL)
- $(STRIP) lookup_yp.so
-
-lookup_nisplus.so: lookup_nisplus.c
- $(CC) $(SOLDFLAGS) $(CFLAGS) -o lookup_nisplus.so lookup_nisplus.c \
- $(AUTOFS_LIB) $(LIBNSL)
- $(STRIP) lookup_nisplus.so
-
lookup_hesiod.so: lookup_hesiod.c
$(CC) $(SOLDFLAGS) $(CFLAGS) $(HESIOD_FLAGS) -o lookup_hesiod.so \
lookup_hesiod.c $(AUTOFS_LIB) $(LIBHESIOD) $(LIBRESOLV)
@@ -101,6 +92,6 @@ lookup_ldap.so: lookup_ldap.c $(SASL_OBJ
mount_nfs.so: mount_nfs.c replicated.o
$(CC) $(SOLDFLAGS) $(CFLAGS) -o mount_nfs.so \
- mount_nfs.c replicated.o $(AUTOFS_LIB)
+ mount_nfs.c replicated.o $(AUTOFS_LIB) $(LIBNSL)
$(STRIP) mount_nfs.so
Index: autofs.spec
===================================================================
RCS file: /cvs/dist/rpms/autofs/devel/autofs.spec,v
retrieving revision 1.103
retrieving revision 1.104
diff -u -r1.103 -r1.104
--- autofs.spec 13 Jun 2006 22:00:52 -0000 1.103
+++ autofs.spec 14 Jun 2006 10:28:14 -0000 1.104
@@ -4,7 +4,7 @@
Summary: A tool for automatically mounting and unmounting filesystems.
Name: autofs
%define version 5.0.0_beta4
-%define release 10
+%define release 11
Version: %{version}
Release: %{release}
Epoch: 1
@@ -28,6 +28,7 @@
Patch14: autofs-5.0.0_beta4-map-update.patch
Patch15: autofs-5.0.0_beta4-program-map-offset-handling.patch
Patch16: autofs-5.0.0_beta4-module-load-to-init.patch
+Patch17: autofs-5.0.0_beta4-exports-access-list.patch
Buildroot: /var/tmp/autofs-tmp
BuildPrereq: autoconf, hesiod-devel, openldap-devel, bison, flex, cyrus-sasl-devel
Prereq: chkconfig
@@ -83,6 +84,7 @@
%patch14 -p1
%patch15 -p1
%patch16 -p1
+%patch17 -p1
%build
#CFLAGS="$RPM_OPT_FLAGS" ./configure --prefix=/usr --libdir=%{_libdir}
@@ -138,6 +140,9 @@
%{_libdir}/autofs/*
%changelog
+* Wed Jun 14 2006 Ian Kent <ikent at redhat.com> - 5.0.0_beta4-10
+- add export access list matching to "hosts" lookup module (bz # 193585).
+
* Tue Jun 13 2006 Jeff Moyer <jmoyer at redhat.com> - 5.0.0_beta4-10
- Add a BuildPrereq for cyrus-sasl-devel
- Previous message (by thread): rpms/kernel/devel kernel-2.6.spec,1.2279,1.2280
- Next message (by thread): rpms/kernel/devel/configs config-xen-xen0, 1.7, NONE config-xen-xen0-PAE, 1.2, NONE config-xen-xenU, 1.5, NONE config-xen-xenU-PAE, 1.3, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list