[asterisk-commits] eliel: branch eliel/cli-permissions r151880 - in /team/eliel/cli-permissions:...

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Fri Oct 24 10:54:15 CDT 2008 

Author: eliel
Date: Fri Oct 24 10:54:15 2008
New Revision: 151880

URL: http://svn.digium.com/view/asterisk?view=rev&rev=151880
Log:
Conform to CODING GUIDELINES.

Modified:
    team/eliel/cli-permissions/CHANGES
    team/eliel/cli-permissions/main/asterisk.c
    team/eliel/cli-permissions/main/cli.c

Modified: team/eliel/cli-permissions/CHANGES
URL: http://svn.digium.com/view/asterisk/team/eliel/cli-permissions/CHANGES?view=diff&rev=151880&r1=151879&r2=151880
==============================================================================
--- team/eliel/cli-permissions/CHANGES (original)
+++ team/eliel/cli-permissions/CHANGES Fri Oct 24 10:54:15 2008
@@ -359,9 +359,9 @@
   * Added CLI permissions, config file: permissions.conf
      default is to allow all commands for every local user/group.
      Also this new feature added three new CLI commands:
-      - cli permissions check {<username>|@<groupname>|<username>@<groupname>} [<command>]
-      - cli permissions reload
-      - cli permissions show 
+      - cli check permissions {<username>|@<groupname>|<username>@<groupname>} [<command>]
+      - cli reload permissions
+      - cli show permissions
   * New CLI command "core show hint" (usage: core show hint <exten>)
   * New CLI command "core show settings"
   * Added 'core show channels count' CLI command.

Modified: team/eliel/cli-permissions/main/asterisk.c
URL: http://svn.digium.com/view/asterisk/team/eliel/cli-permissions/main/asterisk.c?view=diff&rev=151880&r1=151879&r2=151880
==============================================================================
--- team/eliel/cli-permissions/main/asterisk.c (original)
+++ team/eliel/cli-permissions/main/asterisk.c Fri Oct 24 10:54:15 2008
@@ -174,8 +174,8 @@
 	int p[2];			/*!< Pipe */
 	pthread_t t;			/*!< Thread of handler */
 	int mute;			/*!< Is the console muted for logs */
-	int uid;			/*!< Remote user ID. */
-	int gid;			/*!< Remote group ID. */
+	const int uid;			/*!< Remote user ID. */
+	const int gid;			/*!< Remote group ID. */
 	int levels[NUMLOGLEVELS];	/*!< Which log levels are enabled for the console */
 };
 
@@ -996,13 +996,14 @@
 static pthread_t lthread;
 
 /*!
- * \brief read function supporting the reception of user credentials.
+ * \brief read() function supporting the reception of user credentials.
  *
  * \param fd Socket file descriptor.
  * \param buffer Receive buffer.
  * \param size 'buffer' size.
  * \param con Console structure to set received credentials
- * \return -1 on error, or the number of bytes received.
+ * \retval -1 on error
+ * \retval the number of bytes received on success.
  */
 static int read_credentials(int fd, char *buffer, size_t size, struct console *con)
 {
@@ -1019,7 +1020,7 @@
 	};
 
 	memset(&cred, 0, sizeof(cred));
-	
+
 	iov.iov_len = size;
 	iov.iov_base = buffer;
 
@@ -1057,7 +1058,6 @@
 		ast_copy_string(hostname, "<Unknown>", sizeof(hostname));
 	snprintf(tmp, sizeof(tmp), "%s/%ld/%s\n", hostname, (long)ast_mainpid, ast_get_version());
 	fdprint(con->fd, tmp);
-
 	for (;;) {
 		fds[0].fd = con->fd;
 		fds[0].events = POLLIN;
@@ -3460,8 +3460,7 @@
 		printf("%s", term_quit());
 		exit(1);
 	}
-	/* loads the permissoins.conf file needed to implement 
- 	   cli restrictions. */
+	/* loads the permissoins.conf file needed to implement cli restrictions. */
 	ast_cli_perms_init(0);
 
 	dnsmgr_start_refresh();

Modified: team/eliel/cli-permissions/main/cli.c
URL: http://svn.digium.com/view/asterisk/team/eliel/cli-permissions/main/cli.c?view=diff&rev=151880&r1=151879&r2=151880
==============================================================================
--- team/eliel/cli-permissions/main/cli.c (original)
+++ team/eliel/cli-permissions/main/cli.c Fri Oct 24 10:54:15 2008
@@ -63,9 +63,9 @@
  * \brief list of users to apply restrictions.
  */
 struct usergroup_cli_perm {
-	int uid;				/*!< User ID (-1 disabled) */
-	int gid;				/*!< Group ID (-1 disabled) */
-	struct cli_perm_head *perms;	
+	const int uid;				/*!< User ID (-1 disabled) */
+	const int gid;				/*!< Group ID (-1 disabled) */
+	struct cli_perm_head *perms;
 	AST_LIST_ENTRY(usergroup_cli_perm) list;/*!< List mechanics */
 };
 
@@ -150,15 +150,16 @@
 	return res;
 }
 
-/*! \brief Check if the user with 'uid' and 'gid' is allow to execute 'command' 
- *         ,if command starts with '_' then not check permissions, just permit 
+/*! \brief Check if the user with 'uid' and 'gid' is allow to execute 'command',
+ *         if command starts with '_' then not check permissions, just permit
  *         to run the 'command'.
  *  \param uid User ID.
  *  \param gid Group ID.
  *  \param command Command name to check permissions.
  *  \return 1 if has permission, 0 if it is not allowed.
  */
-static int cli_has_permissions (int uid, int gid, char *command) {
+static int cli_has_permissions(const int uid, const int gid, char *command)
+{
 	struct usergroup_cli_perm *user_perm;
 	struct cli_perm *perm;
 
@@ -168,7 +169,9 @@
 	/* if uid == -1 or gid == -1 do not check permissions.
 	   if uid == -2 and gid == -2 is because rasterisk client didn't send
 	   the credentials, so the default_perm will be applied. */
-	if ((uid == CLI_NO_PERMS && gid == CLI_NO_PERMS) || command[0] == '_') return 1;
+	if ((uid == CLI_NO_PERMS && gid == CLI_NO_PERMS) || command[0] == '_') {
+		return 1;
+	}
 
 	if (gid >= 0) {
 		/* First check group permissions */
@@ -594,7 +597,7 @@
 {
 	if (e) {
 		return AST_LIST_NEXT(e, list);
-	} else {	
+	} else {
 		return AST_LIST_FIRST(&helpers);
 	}
 }
@@ -896,12 +899,14 @@
 	AST_LIST_TRAVERSE(&cli_perms, cp, list) {
 		if (cp->uid >= 0) {
 			pw = getpwuid(cp->uid);
-			if (pw)
+			if (pw) {
 				ast_cli(a->fd, "user: %s [uid=%d]\n", pw->pw_name, cp->uid);
+			}
 		} else {
 			gr = getgrgid(cp->gid);
-			if (gr)
+			if (gr) {
 				ast_cli(a->fd, "group: %s [gid=%d]\n", gr->gr_name, cp->gid);
+			}
 		}
 		ast_cli(a->fd, "Permissions:\n");
 		if (cp->perms) {
@@ -912,7 +917,7 @@
 		ast_cli(a->fd, "\n");
 	}
 	AST_LIST_UNLOCK(&cli_perms);
-	
+
 	return CLI_SUCCESS;
 }
 
@@ -942,7 +947,7 @@
 	struct group *gr;
 	int gid = -1, uid = -1;
 	char command[AST_MAX_ARGS] = "";
-	struct ast_cli_entry *ce = NULL;	
+	struct ast_cli_entry *ce = NULL;
 	int found = 0;
 	char *group, *tmp;
 
@@ -958,9 +963,10 @@
 		return NULL;
 	}
 
-	if (a->argc < 4)
+	if (a->argc < 4) {
 		return CLI_SHOWUSAGE;
-	
+	}
+
 	tmp = ast_strdupa(a->argv[3]);
 	group = strchr(tmp, '@');
 	if (group) {
@@ -978,24 +984,28 @@
 	} else if (!ast_strlen_zero(tmp) && !(pw = getpwnam(tmp))) {
 		ast_cli(a->fd, "Unknown user '%s'\n", tmp);
 		return CLI_FAILURE;
-	} else if (pw) 
+	} else if (pw) {
 		uid = pw->pw_uid;
+	}
 
 	if (a->argc == 4) {
 		while ((ce = cli_next(ce))) {
 			/* Hide commands that start with '_' */
-			if (ce->_full_cmd[0] == '_')
+			if (ce->_full_cmd[0] == '_') {
 				continue;
+			}
 			/* Hide commands that are marked as deprecated. */
-			if (ce->deprecated)
+			if (ce->deprecated) {
 				continue;
+			}
 			if (cli_has_permissions(uid, gid, ce->_full_cmd)) {
 				ast_cli(a->fd, "%30.30s %s\n", ce->_full_cmd, S_OR(ce->summary, "<no description available>"));
 				found++;
 			}
 		}
-		if (!found) 
+		if (!found) {
 			ast_cli(a->fd, "You are not allowed to run any command on Asterisk\n");
+		}
 	} else {
 		ast_join(command, sizeof(command), a->argv + 4);
 		ast_cli(a->fd, "%s '%s%s%s' is %s to run command: '%s'\n", uid >= 0 ? "User" : "Group", tmp, 
@@ -1497,15 +1507,8 @@
 		ast_free(user_perm);
 	}
 	AST_LIST_UNLOCK(&cli_perms);
-
-}
-
-/*! \brief Loads permissions config file (permissions.conf) 
- *  
- *  \param reload If reload is 1 do not re-load configuration unless
- *                the file permissions.conf was changed.
- *  \return 1 on error, 0 on success.
- */
+}
+
 int ast_cli_perms_init(int reload) {
 	struct ast_flags config_flags = { reload ? CONFIG_FLAG_FILEUNCHANGED : 0 };
 	struct ast_config *cfg;
@@ -1552,8 +1555,9 @@
 			} else {
 				/* This is a user */
 				pw = getpwnam(cat);
-				if (!pw)
+				if (!pw) {
 					ast_log (LOG_WARNING, "Unknown user '%s'\n", cat);
+				}
 			}
 			if (pw || gr) {
 				user_group = NULL;
@@ -1616,9 +1620,7 @@
 	}
 
 	ast_config_destroy(cfg);
-	
 	ast_mutex_unlock(&permsconfiglock);
-	
 	return 0;
 }
 
@@ -2221,7 +2223,7 @@
 	return __ast_cli_generator(text, word, state, 1);
 }
 
-int ast_cli_command(int uid, int gid, int fd, const char *s)
+int ast_cli_command(const int uid, const int gid, int fd, const char *s)
 {
 	char *args[AST_MAX_ARGS + 1];
 	struct ast_cli_entry *e;
@@ -2286,7 +2288,7 @@
 	return 0;
 }
 
-int ast_cli_command_multiple(int uid, int gid, int fd, size_t size, const char *s)
+int ast_cli_command_multiple(const int uid, const int gid, int fd, size_t size, const char *s)
 {
 	char cmd[512];
 	int x, y = 0, count = 0;

More information about the asterisk-commits mailing list