capabilities: Handle ERANGE in user and group lookups
authorTobias Brunner <tobias@strongswan.org>
Tue, 23 Jun 2015 07:46:18 +0000 (09:46 +0200)
committerTobias Brunner <tobias@strongswan.org>
Tue, 23 Jun 2015 08:03:38 +0000 (10:03 +0200)
commitb01b331afe1f7215a4bae465928db5d050f8c2b9
tree565f2215be8effbea2ce938ca5184dd4de4a51a1
parent5fbc709224ed12dd8d7ec1630a1c3ce12bf56545
capabilities: Handle ERANGE in user and group lookups

As it turns out, getpwnam_r, getgrnam_r, and friends will return
ERANGE if _any_ user or group on the system is larger than will fit
into the scratch buffer you pass to them.

This reworks the resolve_uid and resolve_gid methods plus
init_supplementary_groups to use a variable-size buffer that is grown
until the results fit.

Based on a patch by Evan Broder.

Closes strongswan/strongswan#12.
src/libstrongswan/utils/capabilities.c