| 83 | #define VARBUF_INIT_LEN 512 |
| 84 | #define VARBUF_MAX_LEN (16*1024*1024) |
| 85 | static apr_status_t groups_for_user(apr_pool_t *p, char *user, char *grpfile, |
| 86 | apr_table_t ** out) |
| 87 | { |
| 88 | ap_configfile_t *f; |
| 89 | apr_table_t *grps = apr_table_make(p, 15); |
| 90 | apr_pool_t *sp; |
| 91 | struct ap_varbuf vb; |
| 92 | const char *group_name, *ll, *w; |
| 93 | apr_status_t status; |
| 94 | apr_size_t group_len; |
| 95 | |
| 96 | if ((status = ap_pcfg_openfile(&f, p, grpfile)) != APR_SUCCESS) { |
| 97 | return status ; |
| 98 | } |
| 99 | |
| 100 | apr_pool_create(&sp, p); |
| 101 | apr_pool_tag(sp, "authz_groupfile (groups_for_user)"); |
| 102 | |
| 103 | ap_varbuf_init(p, &vb, VARBUF_INIT_LEN); |
| 104 | |
| 105 | while (!(ap_varbuf_cfg_getline(&vb, f, VARBUF_MAX_LEN))) { |
| 106 | if ((vb.buf[0] == '#') || (!vb.buf[0])) { |
| 107 | continue; |
| 108 | } |
| 109 | ll = vb.buf; |
| 110 | apr_pool_clear(sp); |
| 111 | |
| 112 | group_name = ap_getword(sp, &ll, ':'); |
| 113 | group_len = strlen(group_name); |
| 114 | |
| 115 | while (group_len && apr_isspace(*(group_name + group_len - 1))) { |
| 116 | --group_len; |
| 117 | } |
| 118 | |
| 119 | while (ll[0]) { |
| 120 | w = ap_getword_conf(sp, &ll); |
| 121 | if (!strcmp(w, user)) { |
| 122 | apr_table_setn(grps, apr_pstrmemdup(p, group_name, group_len), |
| 123 | "in"); |
| 124 | break; |
| 125 | } |
| 126 | } |
| 127 | } |
| 128 | ap_cfg_closefile(f); |
| 129 | apr_pool_destroy(sp); |
| 130 | ap_varbuf_free(&vb); |
| 131 | |
| 132 | *out = grps; |
| 133 | return APR_SUCCESS; |
| 134 | } |
| 135 | |
| 136 | static authz_status group_check_authorization(request_rec *r, |
| 137 | const char *require_args, |
no test coverage detected