krb5_acl_match_file man page

krb5_acl_match_file, krb5_acl_match_string ā€” ACL matching functions

Library

Kerberos 5 Library (libkrb5, -lkrb5)

Synopsis

krb5_error_code
krb5_acl_match_file(krb5_context context, const char *file, const char *format, ...);

krb5_error_code
krb5_acl_match_string(krb5_context context, const char *string, const char *format, ...);

Description

krb5_acl_match_file matches ACL format against each line in a file. Lines starting with # are treated like comments and ignored.

krb5_acl_match_string matches ACL format against a string.

The ACL format has three format specifiers: s, f, and r. Each specifier will retrieve one argument from the variable arguments for either matching or storing data. The input string is split up using " " and "\t" as a delimiter; multiple " " and "\t" in a row are considered to be the same.

s

Matches a string using strcmp(3) (case sensitive).

f

Matches the string with fnmatch(3). The flags argument (the last argument) passed to the fnmatch function is 0.

r

Returns a copy of the string in the char ** passed in; the copy must be freed with free(3). There is no need to free(3) the string on error: the function will clean up and set the pointer to NULL.

All unknown format specifiers cause an error.

Examples

char *s; 
 
ret = krb5_acl_match_string(context, "foo", "s", "foo"); 
if (ret) 
    krb5_errx(context, 1, "acl didn't match"); 
ret = krb5_acl_match_string(context, "foo foo baz/kaka", 
    "ss", "foo", &s, "foo/*"); 
if (ret) { 
    /* no need to free(s) on error */ 
    assert(s == NULL); 
    krb5_errx(context, 1, "acl didn't match"); 
} 
free(s);

See Also

krb5(3)

Referenced By

The man page krb5_acl_match_string(3) is an alias of krb5_acl_match_file(3).

May 12, 2006