man krb5_acl_match_string (Fonctions bibliothèques) - krb5_acl_match_file ,
NAME
LIBRARY
Kerberos 5 Library (libkrb5, -lkrb5)
SYNOPSIS
DESCRIPTION
matches ACL format against each line in a file. Lines starting with # are treated like comments and ignored.
krb5_acl_match_string matches ACL format against a string.
The ACL format have tree format specifiers, s, f, r. Each specifier will pull of one argument from the varable arguments for ether maching or storing data. The input string is split up using " " and "t" as delimiter, multiple " " and "t" in a row are considered to be the same.
- s
- matches a string using strcmp (case sensetive).
- f
- matches the string with fnmatch(3) . The flags argument (the last argument) passed to the fnmatch function is 0.
- r
- returns a copy the string in the char ** passed in, the copy must be freed with free(3) . There is no need to free() the string on error, the function will clean up and set the pointer to NULL .
All unknown format specifiers causes an error.
EXAMPLES
char *s;
ret = krb5_acl_match_string(context, "foo", "s", "foo"); if (ret) krb5_errx(context, 1, "acl didn't match"); ret = krb5_acl_match_string(context, "foo foo baz/kaka", "ss", "foo", &s, "foo/*"); if (ret) { /* no need to free(s) on error */ assert(s == NULL); krb5_errx(context, 1, "acl didn't match"); } free(s);