xref: /freebsd/lib/libc/posix1e/acl_from_text.c (revision 9f23cbd6cae82fd77edfad7173432fa8dccd0a95)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause
3  *
4  * Copyright (c) 1999, 2000, 2001 Robert N. M. Watson
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  *
16  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26  * SUCH DAMAGE.
27  */
28 /*
29  * acl_from_text: Convert a text-form ACL from a string to an acl_t.
30  */
31 
32 #include <sys/cdefs.h>
33 __FBSDID("$FreeBSD$");
34 
35 #include <sys/types.h>
36 #include "namespace.h"
37 #include <sys/acl.h>
38 #include "un-namespace.h"
39 #include <sys/errno.h>
40 #include <grp.h>
41 #include <pwd.h>
42 #include <stdio.h>
43 #include <stdlib.h>
44 #include <string.h>
45 #include <assert.h>
46 
47 #include "acl_support.h"
48 
49 static acl_tag_t acl_string_to_tag(char *tag, char *qualifier);
50 
51 int _nfs4_acl_entry_from_text(acl_t aclp, char *entry);
52 int _text_could_be_nfs4_acl(const char *entry);
53 
54 static acl_tag_t
55 acl_string_to_tag(char *tag, char *qualifier)
56 {
57 
58 	if (*qualifier == '\0') {
59 		if ((!strcmp(tag, "user")) || (!strcmp(tag, "u"))) {
60 			return (ACL_USER_OBJ);
61 		} else
62 		if ((!strcmp(tag, "group")) || (!strcmp(tag, "g"))) {
63 			return (ACL_GROUP_OBJ);
64 		} else
65 		if ((!strcmp(tag, "mask")) || (!strcmp(tag, "m"))) {
66 			return (ACL_MASK);
67 		} else
68 		if ((!strcmp(tag, "other")) || (!strcmp(tag, "o"))) {
69 			return (ACL_OTHER);
70 		} else
71 			return(-1);
72 	} else {
73 		if ((!strcmp(tag, "user")) || (!strcmp(tag, "u"))) {
74 			return(ACL_USER);
75 		} else
76 		if ((!strcmp(tag, "group")) || (!strcmp(tag, "g"))) {
77 			return(ACL_GROUP);
78 		} else
79 			return(-1);
80 	}
81 }
82 
83 static int
84 _posix1e_acl_entry_from_text(acl_t aclp, char *entry)
85 {
86 	acl_tag_t	 t;
87 	acl_perm_t	 p;
88 	char		*tag, *qualifier, *permission;
89 	uid_t		 id;
90 	int		 error;
91 
92 	assert(_acl_brand(aclp) == ACL_BRAND_POSIX);
93 
94 	/* Split into three ':' delimited fields. */
95 	tag = strsep(&entry, ":");
96 	if (tag == NULL) {
97 		errno = EINVAL;
98 		return (-1);
99 	}
100 	tag = string_skip_whitespace(tag);
101 	if ((*tag == '\0') && (!entry)) {
102 		/*
103 		 * Is an entirely comment line, skip to next
104 		 * comma.
105 		 */
106 		return (0);
107 	}
108 	string_trim_trailing_whitespace(tag);
109 
110 	qualifier = strsep(&entry, ":");
111 	if (qualifier == NULL) {
112 		errno = EINVAL;
113 		return (-1);
114 	}
115 	qualifier = string_skip_whitespace(qualifier);
116 	string_trim_trailing_whitespace(qualifier);
117 
118 	permission = strsep(&entry, ":");
119 	if (permission == NULL || entry) {
120 		errno = EINVAL;
121 		return (-1);
122 	}
123 	permission = string_skip_whitespace(permission);
124 	string_trim_trailing_whitespace(permission);
125 
126 	t = acl_string_to_tag(tag, qualifier);
127 	if (t == -1) {
128 		errno = EINVAL;
129 		return (-1);
130 	}
131 
132 	error = _posix1e_acl_string_to_perm(permission, &p);
133 	if (error == -1) {
134 		errno = EINVAL;
135 		return (-1);
136 	}
137 
138 	switch(t) {
139 		case ACL_USER_OBJ:
140 		case ACL_GROUP_OBJ:
141 		case ACL_MASK:
142 		case ACL_OTHER:
143 			if (*qualifier != '\0') {
144 				errno = EINVAL;
145 				return (-1);
146 			}
147 			id = 0;
148 			break;
149 
150 		case ACL_USER:
151 		case ACL_GROUP:
152 			error = _acl_name_to_id(t, qualifier, &id);
153 			if (error == -1)
154 				return (-1);
155 			break;
156 
157 		default:
158 			errno = EINVAL;
159 			return (-1);
160 	}
161 
162 	error = _posix1e_acl_add_entry(aclp, t, id, p);
163 	if (error == -1)
164 		return (-1);
165 
166 	return (0);
167 }
168 
169 static int
170 _text_is_nfs4_entry(const char *entry)
171 {
172 	int count = 0;
173 
174 	assert(strlen(entry) > 0);
175 
176 	while (*entry != '\0') {
177 		if (*entry == ':' || *entry == '@')
178 			count++;
179 		entry++;
180 	}
181 
182 	if (count <= 2)
183 		return (0);
184 
185 	return (1);
186 }
187 
188 /*
189  * acl_from_text -- Convert a string into an ACL.
190  * Postpone most validity checking until the end and call acl_valid() to do
191  * that.
192  */
193 acl_t
194 acl_from_text(const char *buf_p)
195 {
196 	acl_t		 acl;
197 	char		*mybuf_p, *line, *cur, *notcomment, *comment, *entry;
198 	int		 error;
199 
200 	/* Local copy we can mess up. */
201 	mybuf_p = strdup(buf_p);
202 	if (mybuf_p == NULL)
203 		return(NULL);
204 
205 	acl = acl_init(3); /* XXX: WTF, 3? */
206 	if (acl == NULL) {
207 		free(mybuf_p);
208 		return(NULL);
209 	}
210 
211 	/* Outer loop: delimit at \n boundaries. */
212 	cur = mybuf_p;
213 	while ((line = strsep(&cur, "\n"))) {
214 		/* Now split the line on the first # to strip out comments. */
215 		comment = line;
216 		notcomment = strsep(&comment, "#");
217 
218 		/* Inner loop: delimit at ',' boundaries. */
219 		while ((entry = strsep(&notcomment, ","))) {
220 
221 			/* Skip empty lines. */
222 			if (strlen(string_skip_whitespace(entry)) == 0)
223 				continue;
224 
225 			if (_acl_brand(acl) == ACL_BRAND_UNKNOWN) {
226 				if (_text_is_nfs4_entry(entry))
227 					_acl_brand_as(acl, ACL_BRAND_NFS4);
228 				else
229 					_acl_brand_as(acl, ACL_BRAND_POSIX);
230 			}
231 
232 			switch (_acl_brand(acl)) {
233 			case ACL_BRAND_NFS4:
234 				error = _nfs4_acl_entry_from_text(acl, entry);
235 				break;
236 
237 			case ACL_BRAND_POSIX:
238 				error = _posix1e_acl_entry_from_text(acl, entry);
239 				break;
240 
241 			default:
242 				error = EINVAL;
243 				break;
244 			}
245 
246 			if (error)
247 				goto error_label;
248 		}
249 	}
250 
251 #if 0
252 	/* XXX Should we only return ACLs valid according to acl_valid? */
253 	/* Verify validity of the ACL we read in. */
254 	if (acl_valid(acl) == -1) {
255 		errno = EINVAL;
256 		goto error_label;
257 	}
258 #endif
259 
260 	free(mybuf_p);
261 	return(acl);
262 
263 error_label:
264 	acl_free(acl);
265 	free(mybuf_p);
266 	return(NULL);
267 }
268 
269 /*
270  * Given a username/groupname from a text form of an ACL, return the uid/gid
271  * XXX NOT THREAD SAFE, RELIES ON GETPWNAM, GETGRNAM
272  * XXX USES *PW* AND *GR* WHICH ARE STATEFUL AND THEREFORE THIS ROUTINE
273  * MAY HAVE SIDE-EFFECTS
274  */
275 int
276 _acl_name_to_id(acl_tag_t tag, char *name, uid_t *id)
277 {
278 	struct group	*g;
279 	struct passwd	*p;
280 	unsigned long	l;
281 	char 		*endp;
282 
283 	switch(tag) {
284 	case ACL_USER:
285 		p = getpwnam(name);
286 		if (p == NULL) {
287 			l = strtoul(name, &endp, 0);
288 			if (*endp != '\0' || l != (unsigned long)(uid_t)l) {
289 				errno = EINVAL;
290 				return (-1);
291 			}
292 			*id = (uid_t)l;
293 			return (0);
294 		}
295 		*id = p->pw_uid;
296 		return (0);
297 
298 	case ACL_GROUP:
299 		g = getgrnam(name);
300 		if (g == NULL) {
301 			l = strtoul(name, &endp, 0);
302 			if (*endp != '\0' || l != (unsigned long)(gid_t)l) {
303 				errno = EINVAL;
304 				return (-1);
305 			}
306 			*id = (gid_t)l;
307 			return (0);
308 		}
309 		*id = g->gr_gid;
310 		return (0);
311 
312 	default:
313 		return (EINVAL);
314 	}
315 }
316