Coherent4.2.10/coh.386/lib/cred_match.c

/* $Header: $ */
/*
 * Part of the credentials system. This file deals with working out whether a
 * credentials set matches a given user- and group-id pair.
 *
 * $Log: $
 */

#include <common/ccompat.h>
#include <common/_imode.h>
#include <kernel/cred_lib.h>
#include <sys/debug.h>
#include <sys/types.h>
#include <sys/cred.h>
#include <stddef.h>


/*
 * Return an enumeration constant for the level of match between the given
 * credentials and the supplied user- and group-id pair.
 */

#if	__USE_PROTO__
int (cred_match) (cred_t * credp, n_uid_t uid, n_gid_t gid)
#else
int
cred_match __ARGS ((credp, uid, gid))
cred_t	      *	credp;
n_uid_t		uid;
n_gid_t		gid;
#endif
{
	int		i;

	ASSERT (credp != NULL);

	/*
	 * Note that we do not check "credp->cr_ref" on entry here, because
	 * cred_fake () creates such entities.
	 */

	if (credp->cr_uid == uid)
	    	return _CRED_OWNER;

	if (credp->cr_gid == gid)
	    	return _CRED_GROUP;

	for (i = 0 ; i < credp->cr_ngroups ; i ++)
		if (credp->cr_groups [i] == gid)
			return _CRED_GROUP;

	/*
	 * We do not try matching against superuser permissions here; that is
	 * not what we are here for. Our clients will usually want to check
	 * for this, but using a strategy of their choosing.
	 */

	return _CRED_OTHER;
}