1KRB5_ACL_MATCH_FILE(3) BSD Library Functions Manual KRB5_ACL_MATCH_FILE(3)
2
4 krb5_acl_match_file, krb5_acl_match_string — ACL matching functions
5
7 Kerberos 5 Library (libkrb5, -lkrb5)
8
10 krb5_error_code
11 krb5_acl_match_file(krb5_context context, const char *file,
12 const char *format, ...);
13 krb5_error_code
15 krb5_acl_match_string(krb5_context context, const char *string,
16 const char *format, ...);
17
19 krb5_acl_match_file matches ACL format against each line in a file.
20 Lines starting with # are treated like comments and ignored.
21 krb5_acl_match_string matches ACL format against a string.
23 The ACL format has three format specifiers: s, f, and r. Each specifier
25 will retrieve one argument from the variable arguments for either match‐
26 ing or storing data. The input string is split up using " " and "\t" as
27 a delimiter; multiple " " and "\t" in a row are considered to be the
28 same.
29 s Matches a string using strcmp(3) (case sensitive).
31 f Matches the string with fnmatch(3). The flags argument (the
33 last argument) passed to the fnmatch function is 0.
34 r Returns a copy of the string in the char ** passed in; the
36 copy must be freed with free(3). There is no need to free(3)
37 the string on error: the function will clean up and set the
38 pointer to NULL.
39 All unknown format specifiers cause an error.
41
43 char *s;
44 ret = krb5_acl_match_string(context, "foo", "s", "foo");
46 if (ret)
47 krb5_errx(context, 1, "acl didn't match");
48 ret = krb5_acl_match_string(context, "foo foo baz/kaka",
49 "ss", "foo", &s, "foo/*");
50 if (ret) {
51 /* no need to free(s) on error */
52 assert(s == NULL);
53 krb5_errx(context, 1, "acl didn't match");
54 }
55 free(s);
56
58 krb5(3)
59HEIMDAL May 12, 2006 HEIMDAL