summary refs log tree commit diff
path: root/grp/initgroups.c
diff options
context:
space:
mode:
Diffstat (limited to 'grp/initgroups.c')
-rw-r--r--grp/initgroups.c119
1 files changed, 79 insertions, 40 deletions
diff --git a/grp/initgroups.c b/grp/initgroups.c
index 89dc4d64fc..ee809d726e 100644
--- a/grp/initgroups.c
+++ b/grp/initgroups.c
@@ -136,50 +136,18 @@ compat_call (service_user *nip, const char *user, gid_t group, long int *start,
   return NSS_STATUS_SUCCESS;
 }
 
-/* Initialize the group set for the current user
-   by reading the group database and using all groups
-   of which USER is a member.  Also include GROUP.  */
-int
-initgroups (user, group)
-     const char *user;
-     gid_t group;
+static int
+internal_getgrouplist (const char *user, gid_t group, long int *size,
+		       gid_t **groupsp, long int limit)
 {
-#if defined NGROUPS_MAX && NGROUPS_MAX == 0
-
-  /* No extra groups allowed.  */
-  return 0;
-
-#else
-
   service_user *nip = NULL;
   initgroups_dyn_function fct;
   enum nss_status status = NSS_STATUS_UNAVAIL;
   int no_more;
   /* Start is one, because we have the first group as parameter.  */
   long int start = 1;
-  long int size;
-  gid_t *groups;
-  int result;
 
-  /* We always use sysconf even if NGROUPS_MAX is defined.  That way, the
-     limit can be raised in the kernel configuration without having to
-     recompile libc.  */
-  long int limit = __sysconf (_SC_NGROUPS_MAX);
-
-  if (limit > 0)
-    size = limit;
-  else
-    {
-      /* No fixed limit on groups.  Pick a starting buffer size.  */
-      size = 16;
-    }
-
-  groups = (gid_t *) malloc (size * sizeof (gid_t));
-  if (__builtin_expect (groups == NULL, 0))
-    /* No more memory.  */
-    return -1;
-
-  groups[0] = group;
+  *groupsp[0] = group;
 
   if (__nss_group_database != NULL)
     {
@@ -196,14 +164,14 @@ initgroups (user, group)
 
       if (fct == NULL)
 	{
-	  status = compat_call (nip, user, group, &start, &size, &groups,
+	  status = compat_call (nip, user, group, &start, size, groupsp,
 				limit, &errno);
 
 	  if (nss_next_action (nip, NSS_STATUS_UNAVAIL) != NSS_ACTION_CONTINUE)
 	    break;
 	}
       else
-	status = DL_CALL_FCT (fct, (user, group, &start, &size, &groups,
+	status = DL_CALL_FCT (fct, (user, group, &start, size, groupsp,
 				    limit, &errno));
 
       /* This is really only for debugging.  */
@@ -220,10 +188,81 @@ initgroups (user, group)
 	nip = nip->next;
     }
 
+  return start;
+}
+
+/* Store at most *NGROUPS members of the group set for USER into
+   *GROUPS.  Also include GROUP.  The actual number of groups found is
+   returned in *NGROUPS.  Return -1 if the if *NGROUPS is too small.  */
+int
+getgrouplist (const char *user, gid_t group, gid_t *groups, int *ngroups)
+{
+  gid_t *newgroups;
+  long int size = *ngroups;
+  int result;
+
+  newgroups = (gid_t *) malloc (size * sizeof (gid_t));
+  if (__builtin_expect (newgroups == NULL, 0))
+    /* No more memory.  */
+    return -1;
+
+  result = internal_getgrouplist (user, group, &size, &newgroups, -1);
+  if (result > *ngroups)
+    {
+      *ngroups = result;
+      result = -1;
+    }
+  else
+    *ngroups = result;
+      
+  memcpy (groups, newgroups, *ngroups * sizeof (gid_t));
+
+  free (newgroups);
+  return result;
+}
+
+/* Initialize the group set for the current user
+   by reading the group database and using all groups
+   of which USER is a member.  Also include GROUP.  */
+int
+initgroups (const char *user, gid_t group)
+{
+#if defined NGROUPS_MAX && NGROUPS_MAX == 0
+
+  /* No extra groups allowed.  */
+  return 0;
+
+#else
+
+  long int size;
+  gid_t *groups;
+  int ngroups;
+  int result;
+
+ /* We always use sysconf even if NGROUPS_MAX is defined.  That way, the
+     limit can be raised in the kernel configuration without having to
+     recompile libc.  */
+  long int limit = __sysconf (_SC_NGROUPS_MAX);
+
+  if (limit > 0)
+    size = limit;
+  else
+    {
+      /* No fixed limit on groups.  Pick a starting buffer size.  */
+      size = 16;
+    }
+
+  groups = (gid_t *) malloc (size * sizeof (gid_t));
+  if (__builtin_expect (groups == NULL, 0))
+    /* No more memory.  */
+    return -1;
+
+  ngroups = internal_getgrouplist (user, group, &size, &groups, limit);
+
   /* Try to set the maximum number of groups the kernel can handle.  */
   do
-    result = setgroups (start, groups);
-  while (result == -1 && errno == EINVAL && --start > 0);
+    result = setgroups (ngroups, groups);
+  while (result == -1 && errno == EINVAL && --ngroups > 0);
 
   free (groups);