test_acl_platform_nfs4.c (315432) | test_acl_platform_nfs4.c (316337) |
---|---|
1/*- 2 * Copyright (c) 2003-2010 Tim Kientzle 3 * Copyright (c) 2017 Martin Matuska 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: --- 12 unchanged lines hidden (view full) --- 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 */ 26#include "test.h" 27__FBSDID("$FreeBSD$"); 28 | 1/*- 2 * Copyright (c) 2003-2010 Tim Kientzle 3 * Copyright (c) 2017 Martin Matuska 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: --- 12 unchanged lines hidden (view full) --- 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 */ 26#include "test.h" 27__FBSDID("$FreeBSD$"); 28 |
29#if HAVE_POSIX_ACL || HAVE_NFS4_ACL | 29#if ARCHIVE_ACL_NFS4 30#if HAVE_SYS_ACL_H |
30#define _ACL_PRIVATE 31#include <sys/acl.h> | 31#define _ACL_PRIVATE 32#include <sys/acl.h> |
32#if HAVE_DARWIN_ACL 33#include <membership.h> | |
34#endif | 33#endif |
34#if HAVE_SYS_RICHACL_H 35#include <sys/richacl.h> |
|
35#endif | 36#endif |
37#if HAVE_MEMBERSHIP_H 38#include <membership.h> 39#endif |
|
36 | 40 |
37#if HAVE_NFS4_ACL | |
38struct myacl_t { 39 int type; 40 int permset; 41 int tag; 42 int qual; /* GID or UID of user/group, depending on tag. */ 43 const char *name; /* Name of user/group, depending on tag. */ 44}; 45 46static struct myacl_t acls_reg[] = { | 41struct myacl_t { 42 int type; 43 int permset; 44 int tag; 45 int qual; /* GID or UID of user/group, depending on tag. */ 46 const char *name; /* Name of user/group, depending on tag. */ 47}; 48 49static struct myacl_t acls_reg[] = { |
47#if !HAVE_DARWIN_ACL | 50#if !ARCHIVE_ACL_DARWIN |
48 /* For this test, we need the file owner to be able to read and write the ACL. */ 49 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, 50 ARCHIVE_ENTRY_ACL_READ_DATA | ARCHIVE_ENTRY_ACL_READ_ACL | ARCHIVE_ENTRY_ACL_WRITE_ACL | ARCHIVE_ENTRY_ACL_READ_NAMED_ATTRS | ARCHIVE_ENTRY_ACL_READ_ATTRIBUTES, 51 ARCHIVE_ENTRY_ACL_USER_OBJ, -1, ""}, 52#endif 53 /* An entry for each type. */ 54 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_EXECUTE, 55 ARCHIVE_ENTRY_ACL_USER, 108, "user108" }, --- 30 unchanged lines hidden (view full) --- 86 87 /* One entry for each qualifier. */ 88 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_EXECUTE, 89 ARCHIVE_ENTRY_ACL_USER, 135, "user135" }, 90// { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_EXECUTE, 91// ARCHIVE_ENTRY_ACL_USER_OBJ, -1, "" }, 92 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_EXECUTE, 93 ARCHIVE_ENTRY_ACL_GROUP, 136, "group136" }, | 51 /* For this test, we need the file owner to be able to read and write the ACL. */ 52 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, 53 ARCHIVE_ENTRY_ACL_READ_DATA | ARCHIVE_ENTRY_ACL_READ_ACL | ARCHIVE_ENTRY_ACL_WRITE_ACL | ARCHIVE_ENTRY_ACL_READ_NAMED_ATTRS | ARCHIVE_ENTRY_ACL_READ_ATTRIBUTES, 54 ARCHIVE_ENTRY_ACL_USER_OBJ, -1, ""}, 55#endif 56 /* An entry for each type. */ 57 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_EXECUTE, 58 ARCHIVE_ENTRY_ACL_USER, 108, "user108" }, --- 30 unchanged lines hidden (view full) --- 89 90 /* One entry for each qualifier. */ 91 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_EXECUTE, 92 ARCHIVE_ENTRY_ACL_USER, 135, "user135" }, 93// { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_EXECUTE, 94// ARCHIVE_ENTRY_ACL_USER_OBJ, -1, "" }, 95 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_EXECUTE, 96 ARCHIVE_ENTRY_ACL_GROUP, 136, "group136" }, |
94#if !HAVE_DARWIN_ACL | 97#if !ARCHIVE_ACL_DARWIN |
95 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_EXECUTE, 96 ARCHIVE_ENTRY_ACL_GROUP_OBJ, -1, "" }, 97 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_EXECUTE, 98 ARCHIVE_ENTRY_ACL_EVERYONE, -1, "" } 99#else /* MacOS - mode 0654 */ 100 { ARCHIVE_ENTRY_ACL_TYPE_DENY, ARCHIVE_ENTRY_ACL_EXECUTE, 101 ARCHIVE_ENTRY_ACL_USER_OBJ, -1, "" }, 102 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, --- 26 unchanged lines hidden (view full) --- 129 ARCHIVE_ENTRY_ACL_EVERYONE, -1, "" } 130#endif 131}; 132 133static const int acls_reg_cnt = (int)(sizeof(acls_reg)/sizeof(acls_reg[0])); 134 135static struct myacl_t acls_dir[] = { 136 /* For this test, we need to be able to read and write the ACL. */ | 98 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_EXECUTE, 99 ARCHIVE_ENTRY_ACL_GROUP_OBJ, -1, "" }, 100 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_EXECUTE, 101 ARCHIVE_ENTRY_ACL_EVERYONE, -1, "" } 102#else /* MacOS - mode 0654 */ 103 { ARCHIVE_ENTRY_ACL_TYPE_DENY, ARCHIVE_ENTRY_ACL_EXECUTE, 104 ARCHIVE_ENTRY_ACL_USER_OBJ, -1, "" }, 105 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, --- 26 unchanged lines hidden (view full) --- 132 ARCHIVE_ENTRY_ACL_EVERYONE, -1, "" } 133#endif 134}; 135 136static const int acls_reg_cnt = (int)(sizeof(acls_reg)/sizeof(acls_reg[0])); 137 138static struct myacl_t acls_dir[] = { 139 /* For this test, we need to be able to read and write the ACL. */ |
137#if !HAVE_DARWIN_ACL | 140#if !ARCHIVE_ACL_DARWIN |
138 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_READ_DATA | ARCHIVE_ENTRY_ACL_READ_ACL, 139 ARCHIVE_ENTRY_ACL_USER_OBJ, -1, ""}, 140#endif 141 142 /* An entry for each type. */ 143 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_LIST_DIRECTORY, 144 ARCHIVE_ENTRY_ACL_USER, 101, "user101" }, 145 { ARCHIVE_ENTRY_ACL_TYPE_DENY, ARCHIVE_ENTRY_ACL_LIST_DIRECTORY, --- 29 unchanged lines hidden (view full) --- 175 176 /* One entry with each inheritance value. */ 177 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, 178 ARCHIVE_ENTRY_ACL_READ_DATA | ARCHIVE_ENTRY_ACL_ENTRY_FILE_INHERIT, 179 ARCHIVE_ENTRY_ACL_USER, 301, "user301" }, 180 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, 181 ARCHIVE_ENTRY_ACL_READ_DATA | ARCHIVE_ENTRY_ACL_ENTRY_DIRECTORY_INHERIT, 182 ARCHIVE_ENTRY_ACL_USER, 302, "user302" }, | 141 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_READ_DATA | ARCHIVE_ENTRY_ACL_READ_ACL, 142 ARCHIVE_ENTRY_ACL_USER_OBJ, -1, ""}, 143#endif 144 145 /* An entry for each type. */ 146 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_LIST_DIRECTORY, 147 ARCHIVE_ENTRY_ACL_USER, 101, "user101" }, 148 { ARCHIVE_ENTRY_ACL_TYPE_DENY, ARCHIVE_ENTRY_ACL_LIST_DIRECTORY, --- 29 unchanged lines hidden (view full) --- 178 179 /* One entry with each inheritance value. */ 180 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, 181 ARCHIVE_ENTRY_ACL_READ_DATA | ARCHIVE_ENTRY_ACL_ENTRY_FILE_INHERIT, 182 ARCHIVE_ENTRY_ACL_USER, 301, "user301" }, 183 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, 184 ARCHIVE_ENTRY_ACL_READ_DATA | ARCHIVE_ENTRY_ACL_ENTRY_DIRECTORY_INHERIT, 185 ARCHIVE_ENTRY_ACL_USER, 302, "user302" }, |
183#if 0 | |
184 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, | 186 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, |
185 ARCHIVE_ENTRY_ACL_READ_DATA | ARCHIVE_ENTRY_ACL_ENTRY_NO_PROPAGATE_INHERIT, | 187 ARCHIVE_ENTRY_ACL_READ_DATA | 188 ARCHIVE_ENTRY_ACL_ENTRY_FILE_INHERIT | 189 ARCHIVE_ENTRY_ACL_ENTRY_NO_PROPAGATE_INHERIT, |
186 ARCHIVE_ENTRY_ACL_USER, 303, "user303" }, 187 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, | 190 ARCHIVE_ENTRY_ACL_USER, 303, "user303" }, 191 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, |
188 ARCHIVE_ENTRY_ACL_READ_DATA | ARCHIVE_ENTRY_ACL_ENTRY_INHERIT_ONLY, | 192 ARCHIVE_ENTRY_ACL_READ_DATA | 193 ARCHIVE_ENTRY_ACL_ENTRY_DIRECTORY_INHERIT | 194 ARCHIVE_ENTRY_ACL_ENTRY_INHERIT_ONLY, |
189 ARCHIVE_ENTRY_ACL_USER, 304, "user304" }, | 195 ARCHIVE_ENTRY_ACL_USER, 304, "user304" }, |
196#if !defined(ARCHIVE_ACL_SUNOS_NFS4) || defined(ACE_INHERITED_ACE) |
|
190 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, 191 ARCHIVE_ENTRY_ACL_READ_DATA | ARCHIVE_ENTRY_ACL_ENTRY_INHERITED, 192 ARCHIVE_ENTRY_ACL_USER, 305, "user305" }, 193#endif 194 195#if 0 196 /* FreeBSD does not support audit entries. */ 197 { ARCHIVE_ENTRY_ACL_TYPE_AUDIT, --- 4 unchanged lines hidden (view full) --- 202 ARCHIVE_ENTRY_ACL_USER, 402, "user402" }, 203#endif 204 205 /* One entry for each qualifier. */ 206 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_LIST_DIRECTORY, 207 ARCHIVE_ENTRY_ACL_USER, 501, "user501" }, 208 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_LIST_DIRECTORY, 209 ARCHIVE_ENTRY_ACL_GROUP, 502, "group502" }, | 197 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, 198 ARCHIVE_ENTRY_ACL_READ_DATA | ARCHIVE_ENTRY_ACL_ENTRY_INHERITED, 199 ARCHIVE_ENTRY_ACL_USER, 305, "user305" }, 200#endif 201 202#if 0 203 /* FreeBSD does not support audit entries. */ 204 { ARCHIVE_ENTRY_ACL_TYPE_AUDIT, --- 4 unchanged lines hidden (view full) --- 209 ARCHIVE_ENTRY_ACL_USER, 402, "user402" }, 210#endif 211 212 /* One entry for each qualifier. */ 213 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_LIST_DIRECTORY, 214 ARCHIVE_ENTRY_ACL_USER, 501, "user501" }, 215 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_LIST_DIRECTORY, 216 ARCHIVE_ENTRY_ACL_GROUP, 502, "group502" }, |
210#if !HAVE_DARWIN_ACL | 217#if !ARCHIVE_ACL_DARWIN |
211 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_LIST_DIRECTORY, 212 ARCHIVE_ENTRY_ACL_GROUP_OBJ, -1, "" }, 213 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_LIST_DIRECTORY, 214 ARCHIVE_ENTRY_ACL_EVERYONE, -1, "" } 215#else /* MacOS - mode 0654 */ 216 { ARCHIVE_ENTRY_ACL_TYPE_DENY, ARCHIVE_ENTRY_ACL_EXECUTE, 217 ARCHIVE_ENTRY_ACL_USER_OBJ, -1, "" }, 218 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, --- 30 unchanged lines hidden (view full) --- 249static const int acls_dir_cnt = (int)(sizeof(acls_dir)/sizeof(acls_dir[0])); 250 251static void 252set_acls(struct archive_entry *ae, struct myacl_t *acls, int start, int end) 253{ 254 int i; 255 256 archive_entry_acl_clear(ae); | 218 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_LIST_DIRECTORY, 219 ARCHIVE_ENTRY_ACL_GROUP_OBJ, -1, "" }, 220 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, ARCHIVE_ENTRY_ACL_LIST_DIRECTORY, 221 ARCHIVE_ENTRY_ACL_EVERYONE, -1, "" } 222#else /* MacOS - mode 0654 */ 223 { ARCHIVE_ENTRY_ACL_TYPE_DENY, ARCHIVE_ENTRY_ACL_EXECUTE, 224 ARCHIVE_ENTRY_ACL_USER_OBJ, -1, "" }, 225 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW, --- 30 unchanged lines hidden (view full) --- 256static const int acls_dir_cnt = (int)(sizeof(acls_dir)/sizeof(acls_dir[0])); 257 258static void 259set_acls(struct archive_entry *ae, struct myacl_t *acls, int start, int end) 260{ 261 int i; 262 263 archive_entry_acl_clear(ae); |
257#if !HAVE_DARWIN_ACL | 264#if !ARCHIVE_ACL_DARWIN |
258 if (start > 0) { 259 assertEqualInt(ARCHIVE_OK, 260 archive_entry_acl_add_entry(ae, 261 acls[0].type, acls[0].permset, acls[0].tag, 262 acls[0].qual, acls[0].name)); 263 } 264#endif 265 for (i = start; i < end; i++) { 266 assertEqualInt(ARCHIVE_OK, 267 archive_entry_acl_add_entry(ae, 268 acls[i].type, acls[i].permset, acls[i].tag, 269 acls[i].qual, acls[i].name)); 270 } 271} 272 273static int | 265 if (start > 0) { 266 assertEqualInt(ARCHIVE_OK, 267 archive_entry_acl_add_entry(ae, 268 acls[0].type, acls[0].permset, acls[0].tag, 269 acls[0].qual, acls[0].name)); 270 } 271#endif 272 for (i = start; i < end; i++) { 273 assertEqualInt(ARCHIVE_OK, 274 archive_entry_acl_add_entry(ae, 275 acls[i].type, acls[i].permset, acls[i].tag, 276 acls[i].qual, acls[i].name)); 277 } 278} 279 280static int |
274#ifdef HAVE_SUN_NFS4_ACL 275acl_permset_to_bitmap(uint32_t a_access_mask) | 281#if ARCHIVE_ACL_SUNOS_NFS4 282acl_permset_to_bitmap(uint32_t mask) 283#elif ARCHIVE_ACL_LIBRICHACL 284acl_permset_to_bitmap(unsigned int mask) |
276#else 277acl_permset_to_bitmap(acl_permset_t opaque_ps) 278#endif 279{ | 285#else 286acl_permset_to_bitmap(acl_permset_t opaque_ps) 287#endif 288{ |
280 static struct { int machine; int portable; } perms[] = { 281#ifdef HAVE_SUN_NFS4_ACL /* Solaris NFSv4 ACL permissions */ 282 {ACE_EXECUTE, ARCHIVE_ENTRY_ACL_EXECUTE}, 283 {ACE_READ_DATA, ARCHIVE_ENTRY_ACL_READ_DATA}, 284 {ACE_LIST_DIRECTORY, ARCHIVE_ENTRY_ACL_LIST_DIRECTORY}, 285 {ACE_WRITE_DATA, ARCHIVE_ENTRY_ACL_WRITE_DATA}, 286 {ACE_ADD_FILE, ARCHIVE_ENTRY_ACL_ADD_FILE}, 287 {ACE_APPEND_DATA, ARCHIVE_ENTRY_ACL_APPEND_DATA}, 288 {ACE_ADD_SUBDIRECTORY, ARCHIVE_ENTRY_ACL_ADD_SUBDIRECTORY}, 289 {ACE_READ_NAMED_ATTRS, ARCHIVE_ENTRY_ACL_READ_NAMED_ATTRS}, 290 {ACE_WRITE_NAMED_ATTRS, ARCHIVE_ENTRY_ACL_WRITE_NAMED_ATTRS}, 291 {ACE_DELETE_CHILD, ARCHIVE_ENTRY_ACL_DELETE_CHILD}, 292 {ACE_READ_ATTRIBUTES, ARCHIVE_ENTRY_ACL_READ_ATTRIBUTES}, 293 {ACE_WRITE_ATTRIBUTES, ARCHIVE_ENTRY_ACL_WRITE_ATTRIBUTES}, 294 {ACE_DELETE, ARCHIVE_ENTRY_ACL_DELETE}, 295 {ACE_READ_ACL, ARCHIVE_ENTRY_ACL_READ_ACL}, 296 {ACE_WRITE_ACL, ARCHIVE_ENTRY_ACL_WRITE_ACL}, 297 {ACE_WRITE_OWNER, ARCHIVE_ENTRY_ACL_WRITE_OWNER}, 298 {ACE_SYNCHRONIZE, ARCHIVE_ENTRY_ACL_SYNCHRONIZE} 299#elif HAVE_DARWIN_ACL /* MacOS NFSv4 ACL permissions */ 300 {ACL_READ_DATA, ARCHIVE_ENTRY_ACL_READ_DATA}, 301 {ACL_LIST_DIRECTORY, ARCHIVE_ENTRY_ACL_LIST_DIRECTORY}, 302 {ACL_WRITE_DATA, ARCHIVE_ENTRY_ACL_WRITE_DATA}, 303 {ACL_ADD_FILE, ARCHIVE_ENTRY_ACL_ADD_FILE}, 304 {ACL_EXECUTE, ARCHIVE_ENTRY_ACL_EXECUTE}, 305 {ACL_DELETE, ARCHIVE_ENTRY_ACL_DELETE}, 306 {ACL_APPEND_DATA, ARCHIVE_ENTRY_ACL_APPEND_DATA}, 307 {ACL_ADD_SUBDIRECTORY, ARCHIVE_ENTRY_ACL_ADD_SUBDIRECTORY}, 308 {ACL_DELETE_CHILD, ARCHIVE_ENTRY_ACL_DELETE_CHILD}, 309 {ACL_READ_ATTRIBUTES, ARCHIVE_ENTRY_ACL_READ_ATTRIBUTES}, 310 {ACL_WRITE_ATTRIBUTES, ARCHIVE_ENTRY_ACL_WRITE_ATTRIBUTES}, 311 {ACL_READ_EXTATTRIBUTES, ARCHIVE_ENTRY_ACL_READ_NAMED_ATTRS}, 312 {ACL_WRITE_EXTATTRIBUTES, ARCHIVE_ENTRY_ACL_WRITE_NAMED_ATTRS}, 313 {ACL_READ_SECURITY, ARCHIVE_ENTRY_ACL_READ_ACL}, 314 {ACL_WRITE_SECURITY, ARCHIVE_ENTRY_ACL_WRITE_ACL}, 315 {ACL_CHANGE_OWNER, ARCHIVE_ENTRY_ACL_WRITE_OWNER}, | 289 static struct { int portable; int machine; } perms[] = { 290#ifdef ARCHIVE_ACL_SUNOS_NFS4 /* Solaris NFSv4 ACL permissions */ 291 {ARCHIVE_ENTRY_ACL_EXECUTE, ACE_EXECUTE}, 292 {ARCHIVE_ENTRY_ACL_READ_DATA, ACE_READ_DATA}, 293 {ARCHIVE_ENTRY_ACL_LIST_DIRECTORY, ACE_LIST_DIRECTORY}, 294 {ARCHIVE_ENTRY_ACL_WRITE_DATA, ACE_WRITE_DATA}, 295 {ARCHIVE_ENTRY_ACL_ADD_FILE, ACE_ADD_FILE}, 296 {ARCHIVE_ENTRY_ACL_APPEND_DATA, ACE_APPEND_DATA}, 297 {ARCHIVE_ENTRY_ACL_ADD_SUBDIRECTORY, ACE_ADD_SUBDIRECTORY}, 298 {ARCHIVE_ENTRY_ACL_READ_NAMED_ATTRS, ACE_READ_NAMED_ATTRS}, 299 {ARCHIVE_ENTRY_ACL_WRITE_NAMED_ATTRS, ACE_WRITE_NAMED_ATTRS}, 300 {ARCHIVE_ENTRY_ACL_DELETE_CHILD, ACE_DELETE_CHILD}, 301 {ARCHIVE_ENTRY_ACL_READ_ATTRIBUTES, ACE_READ_ATTRIBUTES}, 302 {ARCHIVE_ENTRY_ACL_WRITE_ATTRIBUTES, ACE_WRITE_ATTRIBUTES}, 303 {ARCHIVE_ENTRY_ACL_DELETE, ACE_DELETE}, 304 {ARCHIVE_ENTRY_ACL_READ_ACL, ACE_READ_ACL}, 305 {ARCHIVE_ENTRY_ACL_WRITE_ACL, ACE_WRITE_ACL}, 306 {ARCHIVE_ENTRY_ACL_WRITE_OWNER, ACE_WRITE_OWNER}, 307 {ARCHIVE_ENTRY_ACL_SYNCHRONIZE, ACE_SYNCHRONIZE} 308#elif ARCHIVE_ACL_DARWIN /* MacOS NFSv4 ACL permissions */ 309 {ARCHIVE_ENTRY_ACL_READ_DATA, ACL_READ_DATA}, 310 {ARCHIVE_ENTRY_ACL_LIST_DIRECTORY, ACL_LIST_DIRECTORY}, 311 {ARCHIVE_ENTRY_ACL_WRITE_DATA, ACL_WRITE_DATA}, 312 {ARCHIVE_ENTRY_ACL_ADD_FILE, ACL_ADD_FILE}, 313 {ARCHIVE_ENTRY_ACL_EXECUTE, ACL_EXECUTE}, 314 {ARCHIVE_ENTRY_ACL_DELETE, ACL_DELETE}, 315 {ARCHIVE_ENTRY_ACL_APPEND_DATA, ACL_APPEND_DATA}, 316 {ARCHIVE_ENTRY_ACL_ADD_SUBDIRECTORY, ACL_ADD_SUBDIRECTORY}, 317 {ARCHIVE_ENTRY_ACL_DELETE_CHILD, ACL_DELETE_CHILD}, 318 {ARCHIVE_ENTRY_ACL_READ_ATTRIBUTES, ACL_READ_ATTRIBUTES}, 319 {ARCHIVE_ENTRY_ACL_WRITE_ATTRIBUTES, ACL_WRITE_ATTRIBUTES}, 320 {ARCHIVE_ENTRY_ACL_READ_NAMED_ATTRS, ACL_READ_EXTATTRIBUTES}, 321 {ARCHIVE_ENTRY_ACL_WRITE_NAMED_ATTRS, ACL_WRITE_EXTATTRIBUTES}, 322 {ARCHIVE_ENTRY_ACL_READ_ACL, ACL_READ_SECURITY}, 323 {ARCHIVE_ENTRY_ACL_WRITE_ACL, ACL_WRITE_SECURITY}, 324 {ARCHIVE_ENTRY_ACL_WRITE_OWNER, ACL_CHANGE_OWNER}, |
316#if HAVE_DECL_ACL_SYNCHRONIZE | 325#if HAVE_DECL_ACL_SYNCHRONIZE |
317 {ACL_SYNCHRONIZE, ARCHIVE_ENTRY_ACL_SYNCHRONIZE}, | 326 {ARCHIVE_ENTRY_ACL_SYNCHRONIZE, ACL_SYNCHRONIZE} |
318#endif | 327#endif |
328#elif ARCHIVE_ACL_LIBRICHACL 329 {ARCHIVE_ENTRY_ACL_EXECUTE, RICHACE_EXECUTE}, 330 {ARCHIVE_ENTRY_ACL_READ_DATA, RICHACE_READ_DATA}, 331 {ARCHIVE_ENTRY_ACL_LIST_DIRECTORY, RICHACE_LIST_DIRECTORY}, 332 {ARCHIVE_ENTRY_ACL_WRITE_DATA, RICHACE_WRITE_DATA}, 333 {ARCHIVE_ENTRY_ACL_ADD_FILE, RICHACE_ADD_FILE}, 334 {ARCHIVE_ENTRY_ACL_APPEND_DATA, RICHACE_APPEND_DATA}, 335 {ARCHIVE_ENTRY_ACL_ADD_SUBDIRECTORY, RICHACE_ADD_SUBDIRECTORY}, 336 {ARCHIVE_ENTRY_ACL_READ_NAMED_ATTRS, RICHACE_READ_NAMED_ATTRS}, 337 {ARCHIVE_ENTRY_ACL_WRITE_NAMED_ATTRS, RICHACE_WRITE_NAMED_ATTRS}, 338 {ARCHIVE_ENTRY_ACL_DELETE_CHILD, RICHACE_DELETE_CHILD}, 339 {ARCHIVE_ENTRY_ACL_READ_ATTRIBUTES, RICHACE_READ_ATTRIBUTES}, 340 {ARCHIVE_ENTRY_ACL_WRITE_ATTRIBUTES, RICHACE_WRITE_ATTRIBUTES}, 341 {ARCHIVE_ENTRY_ACL_DELETE, RICHACE_DELETE}, 342 {ARCHIVE_ENTRY_ACL_READ_ACL, RICHACE_READ_ACL}, 343 {ARCHIVE_ENTRY_ACL_WRITE_ACL, RICHACE_WRITE_ACL}, 344 {ARCHIVE_ENTRY_ACL_WRITE_OWNER, RICHACE_WRITE_OWNER}, 345 {ARCHIVE_ENTRY_ACL_SYNCHRONIZE, RICHACE_SYNCHRONIZE} |
|
319#else /* FreeBSD NFSv4 ACL permissions */ | 346#else /* FreeBSD NFSv4 ACL permissions */ |
320 {ACL_EXECUTE, ARCHIVE_ENTRY_ACL_EXECUTE}, 321 {ACL_WRITE, ARCHIVE_ENTRY_ACL_WRITE}, 322 {ACL_READ, ARCHIVE_ENTRY_ACL_READ}, 323 {ACL_READ_DATA, ARCHIVE_ENTRY_ACL_READ_DATA}, 324 {ACL_LIST_DIRECTORY, ARCHIVE_ENTRY_ACL_LIST_DIRECTORY}, 325 {ACL_WRITE_DATA, ARCHIVE_ENTRY_ACL_WRITE_DATA}, 326 {ACL_ADD_FILE, ARCHIVE_ENTRY_ACL_ADD_FILE}, 327 {ACL_APPEND_DATA, ARCHIVE_ENTRY_ACL_APPEND_DATA}, 328 {ACL_ADD_SUBDIRECTORY, ARCHIVE_ENTRY_ACL_ADD_SUBDIRECTORY}, 329 {ACL_READ_NAMED_ATTRS, ARCHIVE_ENTRY_ACL_READ_NAMED_ATTRS}, 330 {ACL_WRITE_NAMED_ATTRS, ARCHIVE_ENTRY_ACL_WRITE_NAMED_ATTRS}, 331 {ACL_DELETE_CHILD, ARCHIVE_ENTRY_ACL_DELETE_CHILD}, 332 {ACL_READ_ATTRIBUTES, ARCHIVE_ENTRY_ACL_READ_ATTRIBUTES}, 333 {ACL_WRITE_ATTRIBUTES, ARCHIVE_ENTRY_ACL_WRITE_ATTRIBUTES}, 334 {ACL_DELETE, ARCHIVE_ENTRY_ACL_DELETE}, 335 {ACL_READ_ACL, ARCHIVE_ENTRY_ACL_READ_ACL}, 336 {ACL_WRITE_ACL, ARCHIVE_ENTRY_ACL_WRITE_ACL}, 337 {ACL_WRITE_OWNER, ARCHIVE_ENTRY_ACL_WRITE_OWNER}, 338 {ACL_SYNCHRONIZE, ARCHIVE_ENTRY_ACL_SYNCHRONIZE} | 347 {ARCHIVE_ENTRY_ACL_EXECUTE, ACL_EXECUTE}, 348 {ARCHIVE_ENTRY_ACL_READ_DATA, ACL_READ_DATA}, 349 {ARCHIVE_ENTRY_ACL_LIST_DIRECTORY, ACL_LIST_DIRECTORY}, 350 {ARCHIVE_ENTRY_ACL_WRITE_DATA, ACL_WRITE_DATA}, 351 {ARCHIVE_ENTRY_ACL_ADD_FILE, ACL_ADD_FILE}, 352 {ARCHIVE_ENTRY_ACL_APPEND_DATA, ACL_APPEND_DATA}, 353 {ARCHIVE_ENTRY_ACL_ADD_SUBDIRECTORY, ACL_ADD_SUBDIRECTORY}, 354 {ARCHIVE_ENTRY_ACL_READ_NAMED_ATTRS, ACL_READ_NAMED_ATTRS}, 355 {ARCHIVE_ENTRY_ACL_WRITE_NAMED_ATTRS, ACL_WRITE_NAMED_ATTRS}, 356 {ARCHIVE_ENTRY_ACL_DELETE_CHILD, ACL_DELETE_CHILD}, 357 {ARCHIVE_ENTRY_ACL_READ_ATTRIBUTES, ACL_READ_ATTRIBUTES}, 358 {ARCHIVE_ENTRY_ACL_WRITE_ATTRIBUTES, ACL_WRITE_ATTRIBUTES}, 359 {ARCHIVE_ENTRY_ACL_DELETE, ACL_DELETE}, 360 {ARCHIVE_ENTRY_ACL_READ_ACL, ACL_READ_ACL}, 361 {ARCHIVE_ENTRY_ACL_WRITE_ACL, ACL_WRITE_ACL}, 362 {ARCHIVE_ENTRY_ACL_WRITE_OWNER, ACL_WRITE_OWNER}, 363 {ARCHIVE_ENTRY_ACL_SYNCHRONIZE, ACL_SYNCHRONIZE} |
339#endif 340 }; 341 int i, permset = 0; 342 343 for (i = 0; i < (int)(sizeof(perms)/sizeof(perms[0])); ++i) | 364#endif 365 }; 366 int i, permset = 0; 367 368 for (i = 0; i < (int)(sizeof(perms)/sizeof(perms[0])); ++i) |
344#if HAVE_SUN_NFS4_ACL 345 if (a_access_mask & perms[i].machine) | 369#if ARCHIVE_ACL_SUNOS_NFS4 || ARCHIVE_ACL_LIBRICHACL 370 if (mask & perms[i].machine) |
346#else 347 if (acl_get_perm_np(opaque_ps, perms[i].machine)) 348#endif 349 permset |= perms[i].portable; 350 return permset; 351} 352 353static int | 371#else 372 if (acl_get_perm_np(opaque_ps, perms[i].machine)) 373#endif 374 permset |= perms[i].portable; 375 return permset; 376} 377 378static int |
354#if HAVE_SUN_NFS4_ACL 355acl_flagset_to_bitmap(uint16_t a_flags) | 379#if ARCHIVE_ACL_SUNOS_NFS4 380acl_flagset_to_bitmap(uint16_t flags) 381#elif ARCHIVE_ACL_LIBRICHACL 382acl_flagset_to_bitmap(int flags) |
356#else 357acl_flagset_to_bitmap(acl_flagset_t opaque_fs) 358#endif 359{ | 383#else 384acl_flagset_to_bitmap(acl_flagset_t opaque_fs) 385#endif 386{ |
360 static struct { int machine; int portable; } flags[] = { 361#if HAVE_SUN_NFS4_ACL /* Solaris NFSv4 ACL inheritance flags */ 362 {ACE_FILE_INHERIT_ACE, ARCHIVE_ENTRY_ACL_ENTRY_FILE_INHERIT}, 363 {ACE_DIRECTORY_INHERIT_ACE, ARCHIVE_ENTRY_ACL_ENTRY_DIRECTORY_INHERIT}, 364 {ACE_NO_PROPAGATE_INHERIT_ACE, ARCHIVE_ENTRY_ACL_ENTRY_NO_PROPAGATE_INHERIT}, 365 {ACE_INHERIT_ONLY_ACE, ARCHIVE_ENTRY_ACL_ENTRY_INHERIT_ONLY}, 366 {ACE_SUCCESSFUL_ACCESS_ACE_FLAG, ARCHIVE_ENTRY_ACL_ENTRY_SUCCESSFUL_ACCESS}, 367 {ACE_FAILED_ACCESS_ACE_FLAG, ARCHIVE_ENTRY_ACL_ENTRY_FAILED_ACCESS}, | 387 static struct { int portable; int machine; } perms[] = { 388#if ARCHIVE_ACL_SUNOS_NFS4 /* Solaris NFSv4 ACL inheritance flags */ 389 {ARCHIVE_ENTRY_ACL_ENTRY_FILE_INHERIT, ACE_FILE_INHERIT_ACE}, 390 {ARCHIVE_ENTRY_ACL_ENTRY_DIRECTORY_INHERIT, ACE_DIRECTORY_INHERIT_ACE}, 391 {ARCHIVE_ENTRY_ACL_ENTRY_NO_PROPAGATE_INHERIT, ACE_NO_PROPAGATE_INHERIT_ACE}, 392 {ARCHIVE_ENTRY_ACL_ENTRY_INHERIT_ONLY, ACE_INHERIT_ONLY_ACE}, 393 {ARCHIVE_ENTRY_ACL_ENTRY_SUCCESSFUL_ACCESS, ACE_SUCCESSFUL_ACCESS_ACE_FLAG}, 394 {ARCHIVE_ENTRY_ACL_ENTRY_FAILED_ACCESS, ACE_FAILED_ACCESS_ACE_FLAG}, |
368#ifdef ACE_INHERITED_ACE | 395#ifdef ACE_INHERITED_ACE |
369 {ACE_INHERITED_ACE, ARCHIVE_ENTRY_ACL_ENTRY_INHERITED} | 396 {ARCHIVE_ENTRY_ACL_ENTRY_INHERITED, ACE_INHERITED_ACE} |
370#endif | 397#endif |
371#elif HAVE_DARWIN_ACL /* MacOS NFSv4 ACL inheritance flags */ 372 {ACL_ENTRY_INHERITED, ARCHIVE_ENTRY_ACL_ENTRY_INHERITED}, 373 {ACL_ENTRY_FILE_INHERIT, ARCHIVE_ENTRY_ACL_ENTRY_FILE_INHERIT}, 374 {ACL_ENTRY_DIRECTORY_INHERIT, ARCHIVE_ENTRY_ACL_ENTRY_DIRECTORY_INHERIT}, 375 {ACL_ENTRY_LIMIT_INHERIT, ARCHIVE_ENTRY_ACL_ENTRY_NO_PROPAGATE_INHERIT}, 376 {ACL_ENTRY_ONLY_INHERIT, ARCHIVE_ENTRY_ACL_ENTRY_INHERIT_ONLY} | 398#elif ARCHIVE_ACL_DARWIN /* MacOS NFSv4 ACL inheritance flags */ 399 {ARCHIVE_ENTRY_ACL_ENTRY_INHERITED, ACL_ENTRY_INHERITED}, 400 {ARCHIVE_ENTRY_ACL_ENTRY_FILE_INHERIT, ACL_ENTRY_FILE_INHERIT}, 401 {ARCHIVE_ENTRY_ACL_ENTRY_DIRECTORY_INHERIT, ACL_ENTRY_DIRECTORY_INHERIT}, 402 {ARCHIVE_ENTRY_ACL_ENTRY_NO_PROPAGATE_INHERIT, ACL_ENTRY_LIMIT_INHERIT}, 403 {ARCHIVE_ENTRY_ACL_ENTRY_INHERIT_ONLY, ACL_ENTRY_ONLY_INHERIT} 404#elif ARCHIVE_ACL_LIBRICHACL 405 {ARCHIVE_ENTRY_ACL_ENTRY_FILE_INHERIT, RICHACE_FILE_INHERIT_ACE}, 406 {ARCHIVE_ENTRY_ACL_ENTRY_DIRECTORY_INHERIT, RICHACE_DIRECTORY_INHERIT_ACE}, 407 {ARCHIVE_ENTRY_ACL_ENTRY_NO_PROPAGATE_INHERIT, RICHACE_NO_PROPAGATE_INHERIT_ACE}, 408 {ARCHIVE_ENTRY_ACL_ENTRY_INHERIT_ONLY, RICHACE_INHERIT_ONLY_ACE}, 409 {ARCHIVE_ENTRY_ACL_ENTRY_INHERITED, RICHACE_INHERITED_ACE} |
377#else /* FreeBSD NFSv4 ACL inheritance flags */ | 410#else /* FreeBSD NFSv4 ACL inheritance flags */ |
378 {ACL_ENTRY_FILE_INHERIT, ARCHIVE_ENTRY_ACL_ENTRY_FILE_INHERIT}, 379 {ACL_ENTRY_DIRECTORY_INHERIT, ARCHIVE_ENTRY_ACL_ENTRY_DIRECTORY_INHERIT}, 380 {ACL_ENTRY_NO_PROPAGATE_INHERIT, ARCHIVE_ENTRY_ACL_ENTRY_NO_PROPAGATE_INHERIT}, 381 {ACL_ENTRY_SUCCESSFUL_ACCESS, ARCHIVE_ENTRY_ACL_ENTRY_SUCCESSFUL_ACCESS}, 382 {ACL_ENTRY_NO_PROPAGATE_INHERIT, ARCHIVE_ENTRY_ACL_ENTRY_FAILED_ACCESS}, 383 {ACL_ENTRY_INHERIT_ONLY, ARCHIVE_ENTRY_ACL_ENTRY_INHERIT_ONLY}, | 411 {ARCHIVE_ENTRY_ACL_ENTRY_INHERITED, ACL_ENTRY_INHERITED}, 412 {ARCHIVE_ENTRY_ACL_ENTRY_FILE_INHERIT, ACL_ENTRY_FILE_INHERIT}, 413 {ARCHIVE_ENTRY_ACL_ENTRY_DIRECTORY_INHERIT, ACL_ENTRY_DIRECTORY_INHERIT}, 414 {ARCHIVE_ENTRY_ACL_ENTRY_NO_PROPAGATE_INHERIT, ACL_ENTRY_NO_PROPAGATE_INHERIT}, 415 {ARCHIVE_ENTRY_ACL_ENTRY_SUCCESSFUL_ACCESS, ACL_ENTRY_SUCCESSFUL_ACCESS}, 416 {ARCHIVE_ENTRY_ACL_ENTRY_FAILED_ACCESS, ACL_ENTRY_FAILED_ACCESS}, 417 {ARCHIVE_ENTRY_ACL_ENTRY_INHERIT_ONLY, ACL_ENTRY_INHERIT_ONLY} |
384#endif 385 }; 386 int i, flagset = 0; 387 | 418#endif 419 }; 420 int i, flagset = 0; 421 |
388 for (i = 0; i < (int)(sizeof(flags)/sizeof(flags[0])); ++i) 389#if HAVE_SUN_NFS4_ACL 390 if (a_flags & flags[i].machine) | 422 for (i = 0; i < (int)(sizeof(perms)/sizeof(perms[0])); ++i) 423#if ARCHIVE_ACL_SUNOS_NFS4 || ARCHIVE_ACL_LIBRICHACL 424 if (flags & perms[i].machine) |
391#else | 425#else |
392 if (acl_get_flag_np(opaque_fs, flags[i].machine)) | 426 if (acl_get_flag_np(opaque_fs, perms[i].machine)) |
393#endif | 427#endif |
394 flagset |= flags[i].portable; | 428 flagset |= perms[i].portable; |
395 return flagset; 396} 397 | 429 return flagset; 430} 431 |
432#if ARCHIVE_ACL_SUNOS_NFS4 |
|
398static int | 433static int |
399#if HAVE_SUN_NFS4_ACL | |
400acl_match(ace_t *ace, struct myacl_t *myacl) | 434acl_match(ace_t *ace, struct myacl_t *myacl) |
401#else 402acl_match(acl_entry_t aclent, struct myacl_t *myacl) 403#endif | |
404{ | 435{ |
405#if !HAVE_SUN_NFS4_ACL 406#if HAVE_DARWIN_ACL 407 void *q; 408 uid_t ugid; 409 int r, idtype; 410#else 411 gid_t g, *gp; 412 uid_t u, *up; 413 acl_entry_type_t entry_type; 414#endif /* !HAVE_DARWIN_ACL */ 415 acl_tag_t tag_type; 416 acl_permset_t opaque_ps; 417 acl_flagset_t opaque_fs; 418#endif /* !HAVE_SUN_NFS4_ACL */ | |
419 int perms; 420 | 436 int perms; 437 |
421#if HAVE_SUN_NFS4_ACL | |
422 perms = acl_permset_to_bitmap(ace->a_access_mask) | acl_flagset_to_bitmap(ace->a_flags); | 438 perms = acl_permset_to_bitmap(ace->a_access_mask) | acl_flagset_to_bitmap(ace->a_flags); |
423#else 424 acl_get_tag_type(aclent, &tag_type); 425#if !HAVE_DARWIN_ACL 426 acl_get_entry_type_np(aclent, &entry_type); 427#endif | |
428 | 439 |
429 /* translate the silly opaque permset to a bitmap */ 430 acl_get_permset(aclent, &opaque_ps); 431 acl_get_flagset_np(aclent, &opaque_fs); 432 perms = acl_permset_to_bitmap(opaque_ps) | acl_flagset_to_bitmap(opaque_fs); 433#endif | |
434 if (perms != myacl->permset) 435 return (0); 436 | 440 if (perms != myacl->permset) 441 return (0); 442 |
437#if HAVE_SUN_NFS4_ACL | |
438 switch (ace->a_type) { 439 case ACE_ACCESS_ALLOWED_ACE_TYPE: 440 if (myacl->type != ARCHIVE_ENTRY_ACL_TYPE_ALLOW) 441 return (0); 442 break; 443 case ACE_ACCESS_DENIED_ACE_TYPE: 444 if (myacl->type != ARCHIVE_ENTRY_ACL_TYPE_DENY) 445 return (0); --- 25 unchanged lines hidden (view full) --- 471 if ((gid_t)myacl->qual != ace->a_who) 472 return (0); 473 } else { 474 if (myacl->tag != ARCHIVE_ENTRY_ACL_USER) 475 return (0); 476 if ((uid_t)myacl->qual != ace->a_who) 477 return (0); 478 } | 443 switch (ace->a_type) { 444 case ACE_ACCESS_ALLOWED_ACE_TYPE: 445 if (myacl->type != ARCHIVE_ENTRY_ACL_TYPE_ALLOW) 446 return (0); 447 break; 448 case ACE_ACCESS_DENIED_ACE_TYPE: 449 if (myacl->type != ARCHIVE_ENTRY_ACL_TYPE_DENY) 450 return (0); --- 25 unchanged lines hidden (view full) --- 476 if ((gid_t)myacl->qual != ace->a_who) 477 return (0); 478 } else { 479 if (myacl->tag != ARCHIVE_ENTRY_ACL_USER) 480 return (0); 481 if ((uid_t)myacl->qual != ace->a_who) 482 return (0); 483 } |
479#elif HAVE_DARWIN_ACL | 484 return (1); 485} 486#elif ARCHIVE_ACL_LIBRICHACL 487static int 488acl_match(struct richace *richace, struct myacl_t *myacl) 489{ 490 int perms; 491 492 perms = acl_permset_to_bitmap(richace->e_mask) | 493 acl_flagset_to_bitmap(richace->e_flags); 494 495 if (perms != myacl->permset) 496 return (0); 497 498 switch (richace->e_type) { 499 case RICHACE_ACCESS_ALLOWED_ACE_TYPE: 500 if (myacl->type != ARCHIVE_ENTRY_ACL_TYPE_ALLOW) 501 return (0); 502 break; 503 case RICHACE_ACCESS_DENIED_ACE_TYPE: 504 if (myacl->type != ARCHIVE_ENTRY_ACL_TYPE_DENY) 505 return (0); 506 break; 507 default: 508 return (0); 509 } 510 511 if (richace->e_flags & RICHACE_SPECIAL_WHO) { 512 switch (richace->e_id) { 513 case RICHACE_OWNER_SPECIAL_ID: 514 if (myacl->tag != ARCHIVE_ENTRY_ACL_USER_OBJ) 515 return (0); 516 break; 517 case RICHACE_GROUP_SPECIAL_ID: 518 if (myacl->tag != ARCHIVE_ENTRY_ACL_GROUP_OBJ) 519 return (0); 520 break; 521 case RICHACE_EVERYONE_SPECIAL_ID: 522 if (myacl->tag != ARCHIVE_ENTRY_ACL_EVERYONE) 523 return (0); 524 break; 525 default: 526 /* Invalid e_id */ 527 return (0); 528 } 529 } else if (richace->e_flags & RICHACE_IDENTIFIER_GROUP) { 530 if (myacl->tag != ARCHIVE_ENTRY_ACL_GROUP) 531 return (0); 532 if ((gid_t)myacl->qual != richace->e_id) 533 return (0); 534 } else { 535 if (myacl->tag != ARCHIVE_ENTRY_ACL_USER) 536 return (0); 537 if ((uid_t)myacl->qual != richace->e_id) 538 return (0); 539 } 540 return (1); 541} 542#elif ARCHIVE_ACL_DARWIN 543static int 544acl_match(acl_entry_t aclent, struct myacl_t *myacl) 545{ 546 void *q; 547 uid_t ugid; 548 int r, idtype; 549 acl_tag_t tag_type; 550 acl_permset_t opaque_ps; 551 acl_flagset_t opaque_fs; 552 int perms; 553 554 acl_get_tag_type(aclent, &tag_type); 555 556 /* translate the silly opaque permset to a bitmap */ 557 acl_get_permset(aclent, &opaque_ps); 558 acl_get_flagset_np(aclent, &opaque_fs); 559 perms = acl_permset_to_bitmap(opaque_ps) | acl_flagset_to_bitmap(opaque_fs); 560 if (perms != myacl->permset) 561 return (0); 562 |
480 r = 0; 481 switch (tag_type) { 482 case ACL_EXTENDED_ALLOW: 483 if (myacl->type != ARCHIVE_ENTRY_ACL_TYPE_ALLOW) 484 return (0); 485 break; 486 case ACL_EXTENDED_DENY: 487 if (myacl->type != ARCHIVE_ENTRY_ACL_TYPE_DENY) --- 20 unchanged lines hidden (view full) --- 508 if (myacl->tag != ARCHIVE_ENTRY_ACL_GROUP) 509 return (0); 510 if ((gid_t)myacl->qual != ugid) 511 return (0); 512 break; 513 default: 514 return (0); 515 } | 563 r = 0; 564 switch (tag_type) { 565 case ACL_EXTENDED_ALLOW: 566 if (myacl->type != ARCHIVE_ENTRY_ACL_TYPE_ALLOW) 567 return (0); 568 break; 569 case ACL_EXTENDED_DENY: 570 if (myacl->type != ARCHIVE_ENTRY_ACL_TYPE_DENY) --- 20 unchanged lines hidden (view full) --- 591 if (myacl->tag != ARCHIVE_ENTRY_ACL_GROUP) 592 return (0); 593 if ((gid_t)myacl->qual != ugid) 594 return (0); 595 break; 596 default: 597 return (0); 598 } |
516#else /* !HAVE_SUN_NFS4_ACL && !HAVE_DARWIN_ACL */ | 599 return (1); 600} 601#else /* ARCHIVE_ACL_FREEBSD_NFS4 */ 602static int 603acl_match(acl_entry_t aclent, struct myacl_t *myacl) 604{ 605 gid_t g, *gp; 606 uid_t u, *up; 607 acl_entry_type_t entry_type; 608 acl_tag_t tag_type; 609 acl_permset_t opaque_ps; 610 acl_flagset_t opaque_fs; 611 int perms; 612 613 acl_get_tag_type(aclent, &tag_type); 614 acl_get_entry_type_np(aclent, &entry_type); 615 616 /* translate the silly opaque permset to a bitmap */ 617 acl_get_permset(aclent, &opaque_ps); 618 acl_get_flagset_np(aclent, &opaque_fs); 619 perms = acl_permset_to_bitmap(opaque_ps) | acl_flagset_to_bitmap(opaque_fs); 620 if (perms != myacl->permset) 621 return (0); 622 |
517 switch (entry_type) { 518 case ACL_ENTRY_TYPE_ALLOW: 519 if (myacl->type != ARCHIVE_ENTRY_ACL_TYPE_ALLOW) 520 return (0); 521 break; 522 case ACL_ENTRY_TYPE_DENY: 523 if (myacl->type != ARCHIVE_ENTRY_ACL_TYPE_DENY) 524 return (0); --- 35 unchanged lines hidden (view full) --- 560 break; 561 case ACL_MASK: 562 if (myacl->tag != ARCHIVE_ENTRY_ACL_MASK) return (0); 563 break; 564 case ACL_EVERYONE: 565 if (myacl->tag != ARCHIVE_ENTRY_ACL_EVERYONE) return (0); 566 break; 567 } | 623 switch (entry_type) { 624 case ACL_ENTRY_TYPE_ALLOW: 625 if (myacl->type != ARCHIVE_ENTRY_ACL_TYPE_ALLOW) 626 return (0); 627 break; 628 case ACL_ENTRY_TYPE_DENY: 629 if (myacl->type != ARCHIVE_ENTRY_ACL_TYPE_DENY) 630 return (0); --- 35 unchanged lines hidden (view full) --- 666 break; 667 case ACL_MASK: 668 if (myacl->tag != ARCHIVE_ENTRY_ACL_MASK) return (0); 669 break; 670 case ACL_EVERYONE: 671 if (myacl->tag != ARCHIVE_ENTRY_ACL_EVERYONE) return (0); 672 break; 673 } |
568#endif /* !HAVE_SUN_NFS4_ACL && !HAVE_DARWIN_ACL */ | |
569 return (1); 570} | 674 return (1); 675} |
676#endif /* various ARCHIVE_ACL_NFS4 implementations */ |
|
571 572static void 573compare_acls( | 677 678static void 679compare_acls( |
574#if HAVE_SUN_NFS4_ACL | 680#if ARCHIVE_ACL_SUNOS_NFS4 |
575 void *aclp, 576 int aclcnt, | 681 void *aclp, 682 int aclcnt, |
683#elif ARCHIVE_ACL_LIBRICHACL 684 struct richacl *richacl, |
|
577#else 578 acl_t acl, 579#endif 580 struct myacl_t *myacls, const char *filename, int start, int end) 581{ 582 int *marker; 583 int matched; 584 int i, n; | 685#else 686 acl_t acl, 687#endif 688 struct myacl_t *myacls, const char *filename, int start, int end) 689{ 690 int *marker; 691 int matched; 692 int i, n; |
585#if HAVE_SUN_NFS4_ACL | 693#if ARCHIVE_ACL_SUNOS_NFS4 |
586 int e; 587 ace_t *acl_entry; | 694 int e; 695 ace_t *acl_entry; |
696#elif ARCHIVE_ACL_LIBRICHACL 697 int e; 698 struct richace *acl_entry; 699 int aclcnt; |
|
588#else 589 int entry_id = ACL_FIRST_ENTRY; 590 acl_entry_t acl_entry; | 700#else 701 int entry_id = ACL_FIRST_ENTRY; 702 acl_entry_t acl_entry; |
703#if ARCHIVE_ACL_DARWIN 704 const int acl_get_entry_ret = 0; 705#else 706 const int acl_get_entry_ret = 1; |
|
591#endif | 707#endif |
708#endif |
|
592 | 709 |
710#if ARCHIVE_ACL_SUNOS_NFS4 711 if (aclp == NULL) 712 return; 713#elif ARCHIVE_ACL_LIBRICHACL 714 if (richacl == NULL) 715 return; 716 aclcnt = richacl->a_count; 717#else 718 if (acl == NULL) 719 return; 720#endif 721 |
|
593 n = end - start; 594 marker = malloc(sizeof(marker[0]) * (n + 1)); 595 for (i = 0; i < n; i++) 596 marker[i] = i + start; | 722 n = end - start; 723 marker = malloc(sizeof(marker[0]) * (n + 1)); 724 for (i = 0; i < n; i++) 725 marker[i] = i + start; |
597#if !HAVE_DARWIN_ACL | 726#if !ARCHIVE_ACL_DARWIN |
598 /* Always include the first ACE. */ 599 if (start > 0) { 600 marker[n] = 0; 601 ++n; 602 } 603#endif 604 605 /* 606 * Iterate over acls in system acl object, try to match each 607 * one with an item in the myacls array. 608 */ | 727 /* Always include the first ACE. */ 728 if (start > 0) { 729 marker[n] = 0; 730 ++n; 731 } 732#endif 733 734 /* 735 * Iterate over acls in system acl object, try to match each 736 * one with an item in the myacls array. 737 */ |
609#if HAVE_SUN_NFS4_ACL | 738#if ARCHIVE_ACL_SUNOS_NFS4 || ARCHIVE_ACL_LIBRICHACL |
610 for (e = 0; e < aclcnt; e++) | 739 for (e = 0; e < aclcnt; e++) |
611#elif HAVE_DARWIN_ACL 612 while (0 == acl_get_entry(acl, entry_id, &acl_entry)) | |
613#else | 740#else |
614 while (1 == acl_get_entry(acl, entry_id, &acl_entry)) | 741 while (acl_get_entry_ret == acl_get_entry(acl, entry_id, &acl_entry)) |
615#endif 616 { | 742#endif 743 { |
617#if HAVE_SUN_NFS4_ACL | 744#if ARCHIVE_ACL_SUNOS_NFS4 |
618 acl_entry = &((ace_t *)aclp)[e]; | 745 acl_entry = &((ace_t *)aclp)[e]; |
746#elif ARCHIVE_ACL_LIBRICHACL 747 acl_entry = &(richacl->a_entries[e]); |
|
619#else 620 /* After the first time... */ 621 entry_id = ACL_NEXT_ENTRY; 622#endif 623 /* Search for a matching entry (tag and qualifier) */ 624 for (i = 0, matched = 0; i < n && !matched; i++) { 625 if (acl_match(acl_entry, &myacls[marker[i]])) { 626 /* We found a match; remove it. */ --- 76 unchanged lines hidden (view full) --- 703 marker[i], filename, 704 myacls[marker[i]].type, myacls[marker[i]].permset, 705 myacls[marker[i]].tag, myacls[marker[i]].qual, 706 myacls[marker[i]].name); 707 assert(0); /* Record this as a failure. */ 708 } 709 free(marker); 710} | 748#else 749 /* After the first time... */ 750 entry_id = ACL_NEXT_ENTRY; 751#endif 752 /* Search for a matching entry (tag and qualifier) */ 753 for (i = 0, matched = 0; i < n && !matched; i++) { 754 if (acl_match(acl_entry, &myacls[marker[i]])) { 755 /* We found a match; remove it. */ --- 76 unchanged lines hidden (view full) --- 832 marker[i], filename, 833 myacls[marker[i]].type, myacls[marker[i]].permset, 834 myacls[marker[i]].tag, myacls[marker[i]].qual, 835 myacls[marker[i]].name); 836 assert(0); /* Record this as a failure. */ 837 } 838 free(marker); 839} |
711#endif /* HAVE_NFS4_ACL */ | 840#endif /* ARCHIVE_ACL_NFS4 */ |
712 713/* 714 * Verify ACL restore-to-disk. This test is Platform-specific. 715 */ 716 717DEFINE_TEST(test_acl_platform_nfs4) 718{ | 841 842/* 843 * Verify ACL restore-to-disk. This test is Platform-specific. 844 */ 845 846DEFINE_TEST(test_acl_platform_nfs4) 847{ |
719#if !HAVE_NFS4_ACL | 848#if !ARCHIVE_ACL_NFS4 |
720 skipping("NFS4 ACLs are not supported on this platform"); | 849 skipping("NFS4 ACLs are not supported on this platform"); |
721#else | 850#else /* ARCHIVE_ACL_NFS4 */ |
722 char buff[64]; 723 int i; 724 struct stat st; 725 struct archive *a; 726 struct archive_entry *ae; | 851 char buff[64]; 852 int i; 853 struct stat st; 854 struct archive *a; 855 struct archive_entry *ae; |
727#if HAVE_DARWIN_ACL /* On MacOS we skip trivial ACLs in some tests */ | 856#if ARCHIVE_ACL_DARWIN /* On MacOS we skip trivial ACLs in some tests */ |
728 const int regcnt = acls_reg_cnt - 4; 729 const int dircnt = acls_dir_cnt - 4; 730#else 731 const int regcnt = acls_reg_cnt; 732 const int dircnt = acls_dir_cnt; 733#endif | 857 const int regcnt = acls_reg_cnt - 4; 858 const int dircnt = acls_dir_cnt - 4; 859#else 860 const int regcnt = acls_reg_cnt; 861 const int dircnt = acls_dir_cnt; 862#endif |
734#if HAVE_SUN_NFS4_ACL | 863#if ARCHIVE_ACL_SUNOS_NFS4 |
735 void *aclp; 736 int aclcnt; | 864 void *aclp; 865 int aclcnt; |
737#else /* !HAVE_SUN_NFS4_ACL */ | 866#elif ARCHIVE_ACL_LIBRICHACL 867 struct richacl *richacl; 868#else /* !ARCHIVE_ACL_SUNOS_NFS4 */ |
738 acl_t acl; 739#endif 740 741 assertMakeFile("pretest", 0644, "a"); 742 743 if (setTestAcl("pretest") != ARCHIVE_TEST_ACL_TYPE_NFS4) { 744 skipping("NFS4 ACLs are not writable on this filesystem"); 745 return; --- 39 unchanged lines hidden (view full) --- 785 786 /* Close the archive. */ 787 assertEqualIntA(a, ARCHIVE_OK, archive_write_close(a)); 788 assertEqualInt(ARCHIVE_OK, archive_write_free(a)); 789 790 /* Verify the data on disk. */ 791 assertEqualInt(0, stat("testall", &st)); 792 assertEqualInt(st.st_mtime, 123456); | 869 acl_t acl; 870#endif 871 872 assertMakeFile("pretest", 0644, "a"); 873 874 if (setTestAcl("pretest") != ARCHIVE_TEST_ACL_TYPE_NFS4) { 875 skipping("NFS4 ACLs are not writable on this filesystem"); 876 return; --- 39 unchanged lines hidden (view full) --- 916 917 /* Close the archive. */ 918 assertEqualIntA(a, ARCHIVE_OK, archive_write_close(a)); 919 assertEqualInt(ARCHIVE_OK, archive_write_free(a)); 920 921 /* Verify the data on disk. */ 922 assertEqualInt(0, stat("testall", &st)); 923 assertEqualInt(st.st_mtime, 123456); |
793#if HAVE_SUN_NFS4_ACL | 924#if ARCHIVE_ACL_SUNOS_NFS4 |
794 aclp = sunacl_get(ACE_GETACL, &aclcnt, 0, "testall"); | 925 aclp = sunacl_get(ACE_GETACL, &aclcnt, 0, "testall"); |
795 failure("acl(): errno = %d (%s)", errno, strerror(errno)); | 926 failure("acl(\"%s\"): errno = %d (%s)", "testall", errno, 927 strerror(errno)); |
796 assert(aclp != NULL); | 928 assert(aclp != NULL); |
929#elif ARCHIVE_ACL_LIBRICHACL 930 richacl = richacl_get_file("testall"); 931 failure("richacl_get_file(\"%s\"): errno = %d (%s)", "testall", errno, 932 strerror(errno)); 933 assert(richacl != NULL); |
|
797#else | 934#else |
798#if HAVE_DARWIN_ACL | 935#if ARCHIVE_ACL_DARWIN |
799 acl = acl_get_file("testall", ACL_TYPE_EXTENDED); 800#else 801 acl = acl_get_file("testall", ACL_TYPE_NFS4); 802#endif | 936 acl = acl_get_file("testall", ACL_TYPE_EXTENDED); 937#else 938 acl = acl_get_file("testall", ACL_TYPE_NFS4); 939#endif |
803 failure("acl_get_file(): errno = %d (%s)", errno, strerror(errno)); | 940 failure("acl_get_file(\"%s\"): errno = %d (%s)", "testall", errno, 941 strerror(errno)); |
804 assert(acl != (acl_t)NULL); 805#endif | 942 assert(acl != (acl_t)NULL); 943#endif |
806#if HAVE_SUN_NFS4_ACL | 944#if ARCHIVE_ACL_SUNOS_NFS4 |
807 compare_acls(aclp, aclcnt, acls_reg, "testall", 0, regcnt); 808 free(aclp); 809 aclp = NULL; | 945 compare_acls(aclp, aclcnt, acls_reg, "testall", 0, regcnt); 946 free(aclp); 947 aclp = NULL; |
948#elif ARCHIVE_ACL_LIBRICHACL 949 compare_acls(richacl, acls_reg, "testall", 0, regcnt); 950 richacl_free(richacl); |
|
810#else 811 compare_acls(acl, acls_reg, "testall", 0, regcnt); 812 acl_free(acl); 813#endif 814 815 816 /* Verify single-permission dirs on disk. */ 817 for (i = 0; i < dircnt; ++i) { 818 sprintf(buff, "dir%d", i); 819 assertEqualInt(0, stat(buff, &st)); 820 assertEqualInt(st.st_mtime, 123456 + i); | 951#else 952 compare_acls(acl, acls_reg, "testall", 0, regcnt); 953 acl_free(acl); 954#endif 955 956 957 /* Verify single-permission dirs on disk. */ 958 for (i = 0; i < dircnt; ++i) { 959 sprintf(buff, "dir%d", i); 960 assertEqualInt(0, stat(buff, &st)); 961 assertEqualInt(st.st_mtime, 123456 + i); |
821#if HAVE_SUN_NFS4_ACL | 962#if ARCHIVE_ACL_SUNOS_NFS4 |
822 aclp = sunacl_get(ACE_GETACL, &aclcnt, 0, buff); | 963 aclp = sunacl_get(ACE_GETACL, &aclcnt, 0, buff); |
823 failure("acl(): errno = %d (%s)", errno, strerror(errno)); | 964 failure("acl(\"%s\"): errno = %d (%s)", buff, errno, 965 strerror(errno)); |
824 assert(aclp != NULL); | 966 assert(aclp != NULL); |
967#elif ARCHIVE_ACL_LIBRICHACL 968 richacl = richacl_get_file(buff); 969 /* First and last two dir do not return a richacl */ 970 if ((i == 0 || i >= dircnt - 2) && richacl == NULL && 971 errno == ENODATA) 972 continue; 973 failure("richacl_get_file(\"%s\"): errno = %d (%s)", buff, 974 errno, strerror(errno)); 975 assert(richacl != NULL); |
|
825#else | 976#else |
826#if HAVE_DARWIN_ACL | 977#if ARCHIVE_ACL_DARWIN |
827 acl = acl_get_file(buff, ACL_TYPE_EXTENDED); 828#else 829 acl = acl_get_file(buff, ACL_TYPE_NFS4); 830#endif | 978 acl = acl_get_file(buff, ACL_TYPE_EXTENDED); 979#else 980 acl = acl_get_file(buff, ACL_TYPE_NFS4); 981#endif |
831 failure("acl_get_file(): errno = %d (%s)", errno, | 982 failure("acl_get_file(\"%s\"): errno = %d (%s)", buff, errno, |
832 strerror(errno)); 833 assert(acl != (acl_t)NULL); 834#endif | 983 strerror(errno)); 984 assert(acl != (acl_t)NULL); 985#endif |
835#if HAVE_SUN_NFS4_ACL | 986#if ARCHIVE_ACL_SUNOS_NFS4 |
836 compare_acls(aclp, aclcnt, acls_dir, buff, i, i + 1); 837 free(aclp); 838 aclp = NULL; | 987 compare_acls(aclp, aclcnt, acls_dir, buff, i, i + 1); 988 free(aclp); 989 aclp = NULL; |
990#elif ARCHIVE_ACL_LIBRICHACL 991 compare_acls(richacl, acls_dir, buff, i, i + 1); 992 richacl_free(richacl); |
|
839#else 840 compare_acls(acl, acls_dir, buff, i, i + 1); 841 acl_free(acl); 842#endif 843 } 844 845 /* Verify "dirall" on disk. */ 846 assertEqualInt(0, stat("dirall", &st)); 847 assertEqualInt(st.st_mtime, 123456); | 993#else 994 compare_acls(acl, acls_dir, buff, i, i + 1); 995 acl_free(acl); 996#endif 997 } 998 999 /* Verify "dirall" on disk. */ 1000 assertEqualInt(0, stat("dirall", &st)); 1001 assertEqualInt(st.st_mtime, 123456); |
848#if HAVE_SUN_NFS4_ACL | 1002#if ARCHIVE_ACL_SUNOS_NFS4 |
849 aclp = sunacl_get(ACE_GETACL, &aclcnt, 0, "dirall"); | 1003 aclp = sunacl_get(ACE_GETACL, &aclcnt, 0, "dirall"); |
850 failure("acl(): errno = %d (%s)", errno, strerror(errno)); | 1004 failure("acl(\"%s\"): errno = %d (%s)", "dirall", errno, 1005 strerror(errno)); |
851 assert(aclp != NULL); | 1006 assert(aclp != NULL); |
1007#elif ARCHIVE_ACL_LIBRICHACL 1008 richacl = richacl_get_file("dirall"); 1009 failure("richacl_get_file(\"%s\"): errno = %d (%s)", "dirall", 1010 errno, strerror(errno)); 1011 assert(richacl != NULL); |
|
852#else | 1012#else |
853#if HAVE_DARWIN_ACL | 1013#if ARCHIVE_ACL_DARWIN |
854 acl = acl_get_file("dirall", ACL_TYPE_EXTENDED); 855#else 856 acl = acl_get_file("dirall", ACL_TYPE_NFS4); 857#endif | 1014 acl = acl_get_file("dirall", ACL_TYPE_EXTENDED); 1015#else 1016 acl = acl_get_file("dirall", ACL_TYPE_NFS4); 1017#endif |
858 failure("acl_get_file(): errno = %d (%s)", errno, strerror(errno)); | 1018 failure("acl_get_file(\"%s\"): errno = %d (%s)", "dirall", errno, 1019 strerror(errno)); |
859 assert(acl != (acl_t)NULL); 860#endif | 1020 assert(acl != (acl_t)NULL); 1021#endif |
861#if HAVE_SUN_NFS4_ACL | 1022#if ARCHIVE_ACL_SUNOS_NFS4 |
862 compare_acls(aclp, aclcnt, acls_dir, "dirall", 0, dircnt); 863 free(aclp); 864 aclp = NULL; | 1023 compare_acls(aclp, aclcnt, acls_dir, "dirall", 0, dircnt); 1024 free(aclp); 1025 aclp = NULL; |
1026#elif ARCHIVE_ACL_LIBRICHACL 1027 compare_acls(richacl, acls_dir, "dirall", 0, dircnt); 1028 richacl_free(richacl); |
|
865#else 866 compare_acls(acl, acls_dir, "dirall", 0, dircnt); 867 acl_free(acl); 868#endif 869 870 /* Read and compare ACL via archive_read_disk */ 871 a = archive_read_disk_new(); 872 assert(a != NULL); --- 12 unchanged lines hidden (view full) --- 885 ae = archive_entry_new(); 886 assert(ae != NULL); 887 archive_entry_set_pathname(ae, "dirall"); 888 assertEqualInt(ARCHIVE_OK, 889 archive_read_disk_entry_from_file(a, ae, -1, NULL)); 890 compare_entry_acls(ae, acls_dir, "dirall", 0, acls_dir_cnt); 891 archive_entry_free(ae); 892 assertEqualInt(ARCHIVE_OK, archive_read_free(a)); | 1029#else 1030 compare_acls(acl, acls_dir, "dirall", 0, dircnt); 1031 acl_free(acl); 1032#endif 1033 1034 /* Read and compare ACL via archive_read_disk */ 1035 a = archive_read_disk_new(); 1036 assert(a != NULL); --- 12 unchanged lines hidden (view full) --- 1049 ae = archive_entry_new(); 1050 assert(ae != NULL); 1051 archive_entry_set_pathname(ae, "dirall"); 1052 assertEqualInt(ARCHIVE_OK, 1053 archive_read_disk_entry_from_file(a, ae, -1, NULL)); 1054 compare_entry_acls(ae, acls_dir, "dirall", 0, acls_dir_cnt); 1055 archive_entry_free(ae); 1056 assertEqualInt(ARCHIVE_OK, archive_read_free(a)); |
893#endif /* HAVE_NFS4_ACL */ | 1057#endif /* ARCHIVE_ACL_NFS4 */ |
894} | 1058} |