simple-access-provider: break matching allowed users

Stop matching username with names in simple_allow_users after positive match. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
author: Pavel Reichl <preichl@redhat.com> 2014-06-04 18:24:08 +0100
committer: Jakub Hrozek <jhrozek@redhat.com> 2014-12-08 10:55:47 +0100
commit: 958037cf32ea156dfdde426a45ac1d972fe46618 (patch)
tree: dc236273a986798d897c04bf140f696c46caec39
parent: 79f128801d598ca57a6acebade01136525a47e00 (diff)
download: sssd-958037cf32ea156dfdde426a45ac1d972fe46618.tar.gz
sssd-958037cf32ea156dfdde426a45ac1d972fe46618.tar.xz
sssd-958037cf32ea156dfdde426a45ac1d972fe46618.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/src/providers/simple/simple_access_check.c b/src/providers/simple/simple_access_check.c
index d66628719..c8217f6d4 100644
--- a/src/providers/simple/simple_access_check.c
+++ b/src/providers/simple/simple_access_check.c
@@ -73,9 +73,11 @@ simple_check_users(struct simple_ctx *ctx, const char *username,
 
                 /* Do not return immediately on explicit allow
                  * We need to make sure none of the user's groups
-                 * are denied.
+                 * are denied. But there's no need to check username
+                 * matches any more.
                  */
                 *access_granted = true;
+                break;
             }
         }
     } else if (!ctx->allow_groups) {
author	Pavel Reichl <preichl@redhat.com>	2014-06-04 18:24:08 +0100
committer	Jakub Hrozek <jhrozek@redhat.com>	2014-12-08 10:55:47 +0100
commit	958037cf32ea156dfdde426a45ac1d972fe46618 (patch)
tree	dc236273a986798d897c04bf140f696c46caec39
parent	79f128801d598ca57a6acebade01136525a47e00 (diff)
download	sssd-958037cf32ea156dfdde426a45ac1d972fe46618.tar.gz sssd-958037cf32ea156dfdde426a45ac1d972fe46618.tar.xz sssd-958037cf32ea156dfdde426a45ac1d972fe46618.zip