#include <stdlib.h>
#include <stdarg.h>
#include <unistd.h>
+#include <errno.h>
+#include <ctype.h>
#include <netdb.h>
-#define BASE_ZONE "itkacl.samfundet.no"
+struct itkacl_config {
+ char nszone[256];
+};
+
+#define CONFIG_FILENAME "/etc/itkacl.conf"
+
+static int itkacl_read_config(const char * const filename,
+ struct itkacl_config *config,
+ char *errmsg, size_t errmsg_size)
+{
+ FILE *fp;
+ int lineno = 0;
+
+ strcpy(config->nszone, "");
+
+ fp = fopen(CONFIG_FILENAME, "r");
+ if (fp == NULL) {
+ if (errmsg)
+ snprintf(errmsg, errmsg_size, "%s: %s",
+ CONFIG_FILENAME, strerror(errno));
+ return -1;
+ }
+
+ while (!feof(fp)) {
+ char line[256], arg[256], *ptr;
+
+ if (fgets(line, sizeof(line), fp) == NULL) {
+ break;
+ }
+ ++lineno;
+
+ /* Remove trailing newlines and then comments. */
+ ptr = strchr(line, '\n');
+ if (ptr != NULL)
+ *ptr = 0;
+
+ ptr = strchr(line, '\r');
+ if (ptr != NULL)
+ *ptr = 0;
+
+ ptr = strchr(line, '#');
+ if (ptr != NULL)
+ *ptr = 0;
+
+ /* Remove trailing whitespace, if any. */
+ ptr = line + strlen(line) - 1;
+ while (ptr >= line && isspace(*ptr))
+ *ptr-- = 0;
+
+ /* Skip lines that now ended up blank. */
+ if (line[0] == 0)
+ continue;
+
+ if (sscanf(line, "zone %255s", arg) == 1) {
+ strcpy(config->nszone, arg);
+ continue;
+ }
+
+ if (errmsg)
+ snprintf(errmsg, errmsg_size, "%s: Could not parse line %d",
+ CONFIG_FILENAME, lineno);
+ fclose(fp);
+ return -1;
+ }
+
+ if (strlen(config->nszone) == 0) {
+ if (errmsg)
+ snprintf(errmsg, errmsg_size, "%s: Missing 'zone' directive",
+ CONFIG_FILENAME);
+ fclose(fp);
+ return -1;
+ }
+
+ fclose(fp);
+ return 0;
+}
int itkacl_check(const char * const realm, const char * const user,
char *errmsg, size_t errmsg_size)
{
+ struct itkacl_config config;
struct hostent he, *he_ptr;
int ret, host_errno;
const char *ptr;
- char nszone[256] = BASE_ZONE;
+ char nszone[256];
char temp[256], ns_temp[1024];
+ if (itkacl_read_config(CONFIG_FILENAME, &config, errmsg, errmsg_size) != 0) {
+ return -1;
+ }
+
if (realm[0] != '/') {
if (errmsg)
snprintf(errmsg, errmsg_size, "Invalid realm '%s' (missing leading /)",
/* traverse the realm entry by entry from the root,
* creating a DNS zone name as we go */
+ strcpy(nszone, config.nszone);
ptr = realm;
while (*ptr) {
/* copy all characters to next / or end of string */