Better conformance to SunOS behavior: if we can't match a user to one

of the plus or minus lists at all, reject him. This lets you create a +@netgroup list of users that you want to admit and reject everybody else. If you end your +@netgroup list with the wildcard line (+:::::::::) then you'll have a +@netgroup list that remaps the specified people but leaves people not in any netgroup unaffected.
svn path=/head/; revision=7815
2024-12-18 10:35:55 +00:00 · 1995-04-14 14:56:28 +00:00 · 1995-04-14 14:56:28 +00:00 · c98fda6ec8 · 2020-12-20 02:59:44 +00:00
commit c98fda6ec8
parent 09a901eb60
1 changed files with 8 additions and 2 deletions
--- a/lib/libc/gen/getpwent.c
+++ b/lib/libc/gen/getpwent.c
@ -604,7 +604,7 @@ _getyppass(struct passwd *pw, const char *name, const char *map)
 	if(resultlen >= sizeof resultbuf) return 0;
 	strcpy(resultbuf, result);
 	sprintf (user, "%.*s", (strchr(result, ':') - result), result);
-	_pw_passwd.pw_fields = 0;
+	_pw_passwd.pw_fields = -1; /* Impossible value */
 	if (_minuscnt && _minushead) {
 		m = _minushead;
 		while (m) {
@ -633,6 +633,9 @@ _getyppass(struct passwd *pw, const char *name, const char *map)
 		}
 	}
 	free(result);
+	/* No hits in the plus or minus lists: Bzzt! reject. */
+	if (_pw_passwd.pw_fields == -1)
+		return(0);
 	result = resultbuf;
 	_pw_breakout_yp(pw, resultbuf, gotmaster);

@ -694,7 +697,7 @@ _nextyppass(struct passwd *pw)

 		strcpy(resultbuf, result);
 		sprintf(user, "%.*s", (strchr(result, ':') - result), result);
-		_pw_passwd.pw_fields = 0;
+		_pw_passwd.pw_fields = -1; /* Impossible value */
 		if (_minuscnt && _minushead) {
 			m = _minushead;
 			while (m) {
@ -723,6 +726,9 @@ _nextyppass(struct passwd *pw)
 			}
 		}
 		free(result);
+		/* No plus or minus hits: Bzzzt! reject. */
+		if (_pw_passwd.pw_fields == -1)
+			goto tryagain;
 		if(result = strchr(resultbuf, '\n')) *result = '\0';
 		_pw_breakout_yp(pw, resultbuf, gotmaster);
 	}