From dfee20f45922c8d804d7fd180d69716c6ca982ed Mon Sep 17 00:00:00 2001 From: Jeffrey Hutzelman Date: Thu, 21 Feb 2013 22:29:43 -0500 Subject: Add opstaff_check() Add a function to check whether a sender is on the opstaff ACL, which lives in $sysconfdir/zephyr/acl/opstaff.acl. This is in preparation for a number of features which grant additional access to people on that ACL. --- server/access.c | 27 +++++++++++++++++++++++++-- server/zserver.h | 1 + 2 files changed, 26 insertions(+), 2 deletions(-) diff --git a/server/access.c b/server/access.c index 918d6e2..0f38be5 100644 --- a/server/access.c +++ b/server/access.c @@ -22,12 +22,15 @@ static const char rcsid_access_c[] = * * External routines: * - * int access_check(notice, who, acl, accesstype) - * ZNotice_t *notice; + * int access_check(sender, who, acl, accesstype) + * char *sender; * struct sockaddr_in *who; * Acl *acl; * Access accesstype; * + * int opstaff_check(sender) + * char *sender; + * * void access_init(); * * void access_reinit(); @@ -105,6 +108,26 @@ access_check(char *sender, return acl_check(buf, sender, who); } +int +opstaff_check(char *sender) +{ + char buf[1024]; /* holds the real acl name */ + int retval; + + snprintf(buf, sizeof buf, "%s/opstaff.acl", acl_dir); + /* + * If we can't load it (because it probably doesn't exist), + * we deny access. + */ + retval = acl_load(buf); + if (retval < 0) { + syslog(LOG_DEBUG, "Error in acl_load of %s for %s", + buf, sender ? sender : "unauth client"); + return 0; + } + return acl_check(buf, sender, NULL); +} + static void check_acl(Acl *acl) { diff --git a/server/zserver.h b/server/zserver.h index 5249f86..28b8fdb 100644 --- a/server/zserver.h +++ b/server/zserver.h @@ -391,6 +391,7 @@ char *get_version(void); /* found in access.c */ int access_check(char *, struct sockaddr_in *, Acl *, Access); +int opstaff_check(char *); /* global identifiers */ -- cgit v1.2.3