OSSP CVS Repository

ossp - Check-in [283]
Not logged in
[Honeypot]  [Browse]  [Home]  [Login]  [Reports
[Search]  [Ticket]  [Timeline
  [Patchset]  [Tagging/Branching

Check-in Number: 283
Date: 2001-Jan-16 11:45:21 (local)
2001-Jan-16 10:45:21 (UTC)
User:simons
Branch:
Comment: Moved the call to checkACL() before anything else is tested regarding authorization. Combined with the new "approve" action in the ACL file, this allows to pass all other authentication mechanisms with the ACL.
Tickets:
Inspections:
Files:
ossp-pkg/petidomo/hermes.c      1.9 -> 1.10     19 inserted, 19 deleted

ossp-pkg/petidomo/hermes.c 1.9 -> 1.10

--- hermes.c     2001/01/15 19:18:49     1.9
+++ hermes.c     2001/01/16 10:45:21     1.10
@@ -1,6 +1,6 @@
 /*
    $Source: /v/ossp/cvs/ossp-pkg/petidomo/hermes.c,v $
-   $Revision: 1.9 $
+   $Revision: 1.10 $
 
    Copyright (C) 2000 by CyberSolutions GmbH, Germany.
 
@@ -46,6 +46,7 @@
 
     /* Initialize internals. */
 
+    MasterConfig = getMasterConfig();
     ListConfig = getListConfig(listname);
 
     /* Parse the incoming mail. */
@@ -83,7 +84,6 @@
         exit(1);
         }
     PostingHeaders = xmalloc(strlen(MailStruct->Header)+1024);
-    MasterConfig = getMasterConfig();
     sprintf(envelope, "%s-owner@%s", listname, ListConfig->fqdn);
     sprintf(owner, "%s-owner@%s", listname, ListConfig->fqdn);
 
@@ -92,6 +92,23 @@
     if (FindBodyPassword(MailStruct) != 0)
         exit(1);
 
+    if (checkACL(MailStruct, listname, &operation, &parameter) != 0)
+        {
+        syslog(LOG_ERR, "checkACL() failed with an error.");
+        exit(1);
+        }
+    rc = handleACL(MailStruct, listname, operation, parameter);
+    switch(rc)
+        {
+        case -1:
+            syslog(LOG_ERR, "handleACL() failed with an error.");
+            exit(1);
+        case 0:
+            break;
+        case 1:
+            return 0;
+        }
+
     if (isValidPostingPassword(MailStruct->Approve, listname) == FALSE)
         {
         /* No valid password found. Reject the article, if the list is
@@ -182,23 +199,6 @@
                 }
             return 0;
             }
-
-        if (checkACL(MailStruct, listname, &operation, &parameter) != 0)
-            {
-            syslog(LOG_ERR, "checkACL() failed with an error.");
-            exit(1);
-            }
-        rc = handleACL(MailStruct, listname, operation, parameter);
-        switch(rc)
-            {
-            case -1:
-                syslog(LOG_ERR, "handleACL() failed with an error.");
-                exit(1);
-            case 0:
-                break;
-            case 1:
-                return 0;
-            }
         }
 
     /* Copy the desired headers from the original mail to our own

CVSTrac 2.0.1