1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2008, 2009 Edward Tomasz Napierała <trasz@FreeBSD.org> 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25 * SUCH DAMAGE. 26 */ 27 28 #include <stdio.h> 29 #include <stdlib.h> 30 #include <unistd.h> 31 #include <errno.h> 32 #include <assert.h> 33 #include <string.h> 34 #include <pwd.h> 35 #include <grp.h> 36 #include <sys/syscall.h> 37 #include <sys/types.h> 38 #include <sys/acl.h> 39 40 #include "acl_support.h" 41 42 #define MAX_ENTRY_LENGTH 512 43 44 static int 45 format_who(char *str, size_t size, const acl_entry_t entry, int numeric) 46 { 47 int error; 48 acl_tag_t tag; 49 struct passwd *pwd; 50 struct group *grp; 51 uid_t *id; 52 53 error = acl_get_tag_type(entry, &tag); 54 if (error) 55 return (error); 56 57 switch (tag) { 58 case ACL_USER_OBJ: 59 snprintf(str, size, "owner@"); 60 break; 61 62 case ACL_USER: 63 id = (uid_t *)acl_get_qualifier(entry); 64 if (id == NULL) 65 return (-1); 66 /* XXX: Thread-unsafe. */ 67 if (!numeric) 68 pwd = getpwuid(*id); 69 else 70 pwd = NULL; 71 if (pwd == NULL) 72 snprintf(str, size, "user:%d", (unsigned int)*id); 73 else 74 snprintf(str, size, "user:%s", pwd->pw_name); 75 break; 76 77 case ACL_GROUP_OBJ: 78 snprintf(str, size, "group@"); 79 break; 80 81 case ACL_GROUP: 82 id = (uid_t *)acl_get_qualifier(entry); 83 if (id == NULL) 84 return (-1); 85 /* XXX: Thread-unsafe. */ 86 if (!numeric) 87 grp = getgrgid(*id); 88 else 89 grp = NULL; 90 if (grp == NULL) 91 snprintf(str, size, "group:%d", (unsigned int)*id); 92 else 93 snprintf(str, size, "group:%s", grp->gr_name); 94 break; 95 96 case ACL_EVERYONE: 97 snprintf(str, size, "everyone@"); 98 break; 99 100 default: 101 return (-1); 102 } 103 104 return (0); 105 } 106 107 static int 108 format_entry_type(char *str, size_t size, const acl_entry_t entry) 109 { 110 int error; 111 acl_entry_type_t entry_type; 112 113 error = acl_get_entry_type_np(entry, &entry_type); 114 if (error) 115 return (error); 116 117 switch (entry_type) { 118 case ACL_ENTRY_TYPE_ALLOW: 119 snprintf(str, size, "allow"); 120 break; 121 case ACL_ENTRY_TYPE_DENY: 122 snprintf(str, size, "deny"); 123 break; 124 case ACL_ENTRY_TYPE_AUDIT: 125 snprintf(str, size, "audit"); 126 break; 127 case ACL_ENTRY_TYPE_ALARM: 128 snprintf(str, size, "alarm"); 129 break; 130 default: 131 return (-1); 132 } 133 134 return (0); 135 } 136 137 static int 138 format_additional_id(char *str, size_t size, const acl_entry_t entry) 139 { 140 int error; 141 acl_tag_t tag; 142 uid_t *id; 143 144 error = acl_get_tag_type(entry, &tag); 145 if (error) 146 return (error); 147 148 switch (tag) { 149 case ACL_USER_OBJ: 150 case ACL_GROUP_OBJ: 151 case ACL_EVERYONE: 152 str[0] = '\0'; 153 break; 154 155 default: 156 id = (uid_t *)acl_get_qualifier(entry); 157 if (id == NULL) 158 return (-1); 159 snprintf(str, size, ":%d", (unsigned int)*id); 160 } 161 162 return (0); 163 } 164 165 static int 166 format_entry(char *str, size_t size, const acl_entry_t entry, int flags) 167 { 168 size_t off = 0, min_who_field_length = 18; 169 acl_permset_t permset; 170 acl_flagset_t flagset; 171 int error, len; 172 char buf[MAX_ENTRY_LENGTH + 1]; 173 174 assert(_entry_brand(entry) == ACL_BRAND_NFS4); 175 176 error = acl_get_flagset_np(entry, &flagset); 177 if (error) 178 return (error); 179 180 error = acl_get_permset(entry, &permset); 181 if (error) 182 return (error); 183 184 error = format_who(buf, sizeof(buf), entry, 185 flags & ACL_TEXT_NUMERIC_IDS); 186 if (error) 187 return (error); 188 len = strlen(buf); 189 if (len < min_who_field_length) 190 len = min_who_field_length; 191 off += snprintf(str + off, size - off, "%*s:", len, buf); 192 193 error = _nfs4_format_access_mask(buf, sizeof(buf), *permset, 194 flags & ACL_TEXT_VERBOSE); 195 if (error) 196 return (error); 197 off += snprintf(str + off, size - off, "%s:", buf); 198 199 error = _nfs4_format_flags(buf, sizeof(buf), *flagset, 200 flags & ACL_TEXT_VERBOSE); 201 if (error) 202 return (error); 203 off += snprintf(str + off, size - off, "%s:", buf); 204 205 error = format_entry_type(buf, sizeof(buf), entry); 206 if (error) 207 return (error); 208 off += snprintf(str + off, size - off, "%s", buf); 209 210 if (flags & ACL_TEXT_APPEND_ID) { 211 error = format_additional_id(buf, sizeof(buf), entry); 212 if (error) 213 return (error); 214 off += snprintf(str + off, size - off, "%s", buf); 215 } 216 217 off += snprintf(str + off, size - off, "\n"); 218 219 /* Make sure we didn't truncate anything. */ 220 assert (off < size); 221 222 return (0); 223 } 224 225 char * 226 _nfs4_acl_to_text_np(const acl_t aclp, ssize_t *len_p, int flags) 227 { 228 int error, off = 0, size, entry_id = ACL_FIRST_ENTRY; 229 char *str; 230 acl_entry_t entry; 231 232 if (aclp->ats_acl.acl_cnt == 0) 233 return strdup(""); 234 235 size = aclp->ats_acl.acl_cnt * MAX_ENTRY_LENGTH; 236 str = malloc(size); 237 if (str == NULL) 238 return (NULL); 239 240 while (acl_get_entry(aclp, entry_id, &entry) == 1) { 241 entry_id = ACL_NEXT_ENTRY; 242 243 assert(off < size); 244 245 error = format_entry(str + off, size - off, entry, flags); 246 if (error) { 247 free(str); 248 errno = EINVAL; 249 return (NULL); 250 } 251 252 off = strlen(str); 253 } 254 255 assert(off < size); 256 str[off] = '\0'; 257 258 if (len_p != NULL) 259 *len_p = off; 260 261 return (str); 262 } 263