2015-10-02 05:55:07 +08:00
|
|
|
/*
|
2016-01-15 05:50:22 +08:00
|
|
|
Copyright (c) 2016, Antonio SJ Musumeci <trapexit@spawn.link>
|
|
|
|
|
|
|
|
Permission to use, copy, modify, and/or distribute this software for any
|
|
|
|
purpose with or without fee is hereby granted, provided that the above
|
|
|
|
copyright notice and this permission notice appear in all copies.
|
|
|
|
|
|
|
|
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
|
|
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
|
|
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
|
|
|
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
|
|
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
|
|
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
|
|
|
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
2015-10-02 05:55:07 +08:00
|
|
|
*/
|
|
|
|
|
2016-09-14 20:36:06 +08:00
|
|
|
#include <grp.h>
|
|
|
|
#include <pwd.h>
|
2015-10-02 05:55:07 +08:00
|
|
|
#include <stdlib.h>
|
|
|
|
#include <sys/types.h>
|
|
|
|
#include <unistd.h>
|
|
|
|
|
2015-10-30 11:20:37 +08:00
|
|
|
#if defined __linux__ and UGID_USE_RWLOCK == 0
|
|
|
|
# include <sys/syscall.h>
|
2017-04-08 02:21:06 +08:00
|
|
|
#elif __APPLE__
|
|
|
|
# include <sys/param.h>
|
2015-10-30 11:20:37 +08:00
|
|
|
#endif
|
|
|
|
|
2015-10-02 05:55:07 +08:00
|
|
|
#include <cstdlib>
|
|
|
|
#include <algorithm>
|
|
|
|
|
|
|
|
#include "gidcache.hpp"
|
|
|
|
|
2015-10-30 11:20:37 +08:00
|
|
|
inline
|
2015-10-02 05:55:07 +08:00
|
|
|
bool
|
|
|
|
gid_t_rec::operator<(const struct gid_t_rec &b) const
|
|
|
|
{
|
|
|
|
return uid < b.uid;
|
|
|
|
}
|
|
|
|
|
|
|
|
inline
|
|
|
|
gid_t_rec *
|
|
|
|
gid_t_cache::begin(void)
|
|
|
|
{
|
|
|
|
return recs;
|
|
|
|
}
|
|
|
|
|
|
|
|
inline
|
|
|
|
gid_t_rec *
|
|
|
|
gid_t_cache::end(void)
|
|
|
|
{
|
|
|
|
return recs + size;
|
|
|
|
}
|
|
|
|
|
|
|
|
inline
|
|
|
|
gid_t_rec *
|
|
|
|
gid_t_cache::allocrec(void)
|
|
|
|
{
|
|
|
|
if(size == MAXRECS)
|
|
|
|
return &recs[rand() % MAXRECS];
|
|
|
|
else
|
|
|
|
return &recs[size++];
|
|
|
|
}
|
|
|
|
|
|
|
|
inline
|
|
|
|
gid_t_rec *
|
|
|
|
gid_t_cache::lower_bound(gid_t_rec *begin,
|
|
|
|
gid_t_rec *end,
|
|
|
|
const uid_t uid)
|
|
|
|
{
|
|
|
|
int step;
|
|
|
|
int count;
|
|
|
|
gid_t_rec *iter;
|
|
|
|
|
|
|
|
count = std::distance(begin,end);
|
|
|
|
while(count > 0)
|
|
|
|
{
|
|
|
|
iter = begin;
|
|
|
|
step = count / 2;
|
|
|
|
std::advance(iter,step);
|
|
|
|
if(iter->uid < uid)
|
|
|
|
{
|
|
|
|
begin = ++iter;
|
|
|
|
count -= step + 1;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
count = step;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return begin;
|
|
|
|
}
|
|
|
|
|
2017-04-08 02:21:06 +08:00
|
|
|
static
|
|
|
|
int
|
|
|
|
_getgrouplist(const char *user,
|
|
|
|
const gid_t group,
|
|
|
|
gid_t *groups,
|
|
|
|
int *ngroups)
|
|
|
|
{
|
|
|
|
#if __APPLE__
|
|
|
|
return ::getgrouplist(user,group,(int*)groups,ngroups);
|
|
|
|
#else
|
|
|
|
return ::getgrouplist(user,group,groups,ngroups);
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
2015-10-02 05:55:07 +08:00
|
|
|
gid_t_rec *
|
|
|
|
gid_t_cache::cache(const uid_t uid,
|
|
|
|
const gid_t gid)
|
|
|
|
{
|
|
|
|
int rv;
|
|
|
|
char buf[4096];
|
|
|
|
struct passwd pwd;
|
|
|
|
struct passwd *pwdrv;
|
|
|
|
gid_t_rec *rec;
|
|
|
|
|
|
|
|
rec = allocrec();
|
|
|
|
|
|
|
|
rec->uid = uid;
|
|
|
|
rv = ::getpwuid_r(uid,&pwd,buf,sizeof(buf),&pwdrv);
|
|
|
|
if(pwdrv != NULL && rv == 0)
|
|
|
|
{
|
|
|
|
rec->size = 0;
|
2017-04-08 02:21:06 +08:00
|
|
|
::_getgrouplist(pwd.pw_name,gid,NULL,&rec->size);
|
2015-10-02 05:55:07 +08:00
|
|
|
rec->size = std::min(MAXGIDS,rec->size);
|
2017-04-08 02:21:06 +08:00
|
|
|
rv = ::_getgrouplist(pwd.pw_name,gid,rec->gids,&rec->size);
|
2015-10-02 05:55:07 +08:00
|
|
|
if(rv == -1)
|
|
|
|
{
|
|
|
|
rec->gids[0] = gid;
|
|
|
|
rec->size = 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return rec;
|
|
|
|
}
|
|
|
|
|
2015-10-30 11:20:37 +08:00
|
|
|
static
|
|
|
|
inline
|
|
|
|
int
|
|
|
|
setgroups(const gid_t_rec *rec)
|
|
|
|
{
|
|
|
|
#if defined __linux__ and UGID_USE_RWLOCK == 0
|
2016-09-20 05:04:11 +08:00
|
|
|
# if defined SYS_setgroups32
|
|
|
|
return ::syscall(SYS_setgroups32,rec->size,rec->gids);
|
|
|
|
# else
|
2015-10-30 11:20:37 +08:00
|
|
|
return ::syscall(SYS_setgroups,rec->size,rec->gids);
|
2016-09-20 05:04:11 +08:00
|
|
|
# endif
|
2015-10-30 11:20:37 +08:00
|
|
|
#else
|
|
|
|
return ::setgroups(rec->size,rec->gids);
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
|
|
|
int
|
2015-10-02 05:55:07 +08:00
|
|
|
gid_t_cache::initgroups(const uid_t uid,
|
|
|
|
const gid_t gid)
|
|
|
|
{
|
2015-10-30 11:20:37 +08:00
|
|
|
int rv;
|
2015-10-02 05:55:07 +08:00
|
|
|
gid_t_rec *rec;
|
|
|
|
|
|
|
|
rec = lower_bound(begin(),end(),uid);
|
|
|
|
if(rec == end() || rec->uid != uid)
|
|
|
|
{
|
|
|
|
rec = cache(uid,gid);
|
2015-10-30 11:20:37 +08:00
|
|
|
rv = ::setgroups(rec);
|
2015-10-02 05:55:07 +08:00
|
|
|
std::sort(begin(),end());
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
2015-10-30 11:20:37 +08:00
|
|
|
rv = ::setgroups(rec);
|
2015-10-02 05:55:07 +08:00
|
|
|
}
|
2015-10-30 11:20:37 +08:00
|
|
|
|
|
|
|
return rv;
|
2015-10-02 05:55:07 +08:00
|
|
|
}
|