xref: /freebsd/lib/libc/posix1e/acl_to_text_nfs4.c (revision 4d65a7c6951cea0333f1a0c1b32c38489cdfa6c5)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause
3  *
4  * Copyright (c) 2008, 2009 Edward Tomasz Napierała <trasz@FreeBSD.org>
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  *    notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in the
13  *    documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25  * SUCH DAMAGE.
26  */
27 
28 #include <stdio.h>
29 #include <stdlib.h>
30 #include <unistd.h>
31 #include <errno.h>
32 #include <assert.h>
33 #include <string.h>
34 #include <pwd.h>
35 #include <grp.h>
36 #include <sys/syscall.h>
37 #include <sys/types.h>
38 #include <sys/acl.h>
39 
40 #include "acl_support.h"
41 
42 #define MAX_ENTRY_LENGTH 512
43 
44 static int
45 format_who(char *str, size_t size, const acl_entry_t entry, int numeric)
46 {
47 	int error;
48 	acl_tag_t tag;
49 	struct passwd *pwd;
50 	struct group *grp;
51 	uid_t *id;
52 
53 	error = acl_get_tag_type(entry, &tag);
54 	if (error)
55 		return (error);
56 
57 	switch (tag) {
58 	case ACL_USER_OBJ:
59 		snprintf(str, size, "owner@");
60 		break;
61 
62 	case ACL_USER:
63 		id = (uid_t *)acl_get_qualifier(entry);
64 		if (id == NULL)
65 			return (-1);
66 		/* XXX: Thread-unsafe. */
67 		if (!numeric)
68 			pwd = getpwuid(*id);
69 		else
70 			pwd = NULL;
71 		if (pwd == NULL)
72 			snprintf(str, size, "user:%d", (unsigned int)*id);
73 		else
74 			snprintf(str, size, "user:%s", pwd->pw_name);
75 		break;
76 
77 	case ACL_GROUP_OBJ:
78 		snprintf(str, size, "group@");
79 		break;
80 
81 	case ACL_GROUP:
82 		id = (uid_t *)acl_get_qualifier(entry);
83 		if (id == NULL)
84 			return (-1);
85 		/* XXX: Thread-unsafe. */
86 		if (!numeric)
87 			grp = getgrgid(*id);
88 		else
89 			grp = NULL;
90 		if (grp == NULL)
91 			snprintf(str, size, "group:%d", (unsigned int)*id);
92 		else
93 			snprintf(str, size, "group:%s", grp->gr_name);
94 		break;
95 
96 	case ACL_EVERYONE:
97 		snprintf(str, size, "everyone@");
98 		break;
99 
100 	default:
101 		return (-1);
102 	}
103 
104 	return (0);
105 }
106 
107 static int
108 format_entry_type(char *str, size_t size, const acl_entry_t entry)
109 {
110 	int error;
111 	acl_entry_type_t entry_type;
112 
113 	error = acl_get_entry_type_np(entry, &entry_type);
114 	if (error)
115 		return (error);
116 
117 	switch (entry_type) {
118 	case ACL_ENTRY_TYPE_ALLOW:
119 		snprintf(str, size, "allow");
120 		break;
121 	case ACL_ENTRY_TYPE_DENY:
122 		snprintf(str, size, "deny");
123 		break;
124 	case ACL_ENTRY_TYPE_AUDIT:
125 		snprintf(str, size, "audit");
126 		break;
127 	case ACL_ENTRY_TYPE_ALARM:
128 		snprintf(str, size, "alarm");
129 		break;
130 	default:
131 		return (-1);
132 	}
133 
134 	return (0);
135 }
136 
137 static int
138 format_additional_id(char *str, size_t size, const acl_entry_t entry)
139 {
140 	int error;
141 	acl_tag_t tag;
142 	uid_t *id;
143 
144 	error = acl_get_tag_type(entry, &tag);
145 	if (error)
146 		return (error);
147 
148 	switch (tag) {
149 	case ACL_USER_OBJ:
150 	case ACL_GROUP_OBJ:
151 	case ACL_EVERYONE:
152 		str[0] = '\0';
153 		break;
154 
155 	default:
156 		id = (uid_t *)acl_get_qualifier(entry);
157 		if (id == NULL)
158 			return (-1);
159 		snprintf(str, size, ":%d", (unsigned int)*id);
160 	}
161 
162 	return (0);
163 }
164 
165 static int
166 format_entry(char *str, size_t size, const acl_entry_t entry, int flags)
167 {
168 	size_t off = 0, min_who_field_length = 18;
169 	acl_permset_t permset;
170 	acl_flagset_t flagset;
171 	int error, len;
172 	char buf[MAX_ENTRY_LENGTH + 1];
173 
174 	assert(_entry_brand(entry) == ACL_BRAND_NFS4);
175 
176 	error = acl_get_flagset_np(entry, &flagset);
177 	if (error)
178 		return (error);
179 
180 	error = acl_get_permset(entry, &permset);
181 	if (error)
182 		return (error);
183 
184 	error = format_who(buf, sizeof(buf), entry,
185 	    flags & ACL_TEXT_NUMERIC_IDS);
186 	if (error)
187 		return (error);
188 	len = strlen(buf);
189 	if (len < min_who_field_length)
190 		len = min_who_field_length;
191 	off += snprintf(str + off, size - off, "%*s:", len, buf);
192 
193 	error = _nfs4_format_access_mask(buf, sizeof(buf), *permset,
194 	    flags & ACL_TEXT_VERBOSE);
195 	if (error)
196 		return (error);
197 	off += snprintf(str + off, size - off, "%s:", buf);
198 
199 	error = _nfs4_format_flags(buf, sizeof(buf), *flagset,
200 	    flags & ACL_TEXT_VERBOSE);
201 	if (error)
202 		return (error);
203 	off += snprintf(str + off, size - off, "%s:", buf);
204 
205 	error = format_entry_type(buf, sizeof(buf), entry);
206 	if (error)
207 		return (error);
208 	off += snprintf(str + off, size - off, "%s", buf);
209 
210 	if (flags & ACL_TEXT_APPEND_ID) {
211 		error = format_additional_id(buf, sizeof(buf), entry);
212 		if (error)
213 			return (error);
214 		off += snprintf(str + off, size - off, "%s", buf);
215 	}
216 
217 	off += snprintf(str + off, size - off, "\n");
218 
219 	/* Make sure we didn't truncate anything. */
220 	assert (off < size);
221 
222 	return (0);
223 }
224 
225 char *
226 _nfs4_acl_to_text_np(const acl_t aclp, ssize_t *len_p, int flags)
227 {
228 	int error, off = 0, size, entry_id = ACL_FIRST_ENTRY;
229 	char *str;
230 	acl_entry_t entry;
231 
232 	if (aclp->ats_acl.acl_cnt == 0)
233 		return strdup("");
234 
235 	size = aclp->ats_acl.acl_cnt * MAX_ENTRY_LENGTH;
236 	str = malloc(size);
237 	if (str == NULL)
238 		return (NULL);
239 
240 	while (acl_get_entry(aclp, entry_id, &entry) == 1) {
241 		entry_id = ACL_NEXT_ENTRY;
242 
243 		assert(off < size);
244 
245 		error = format_entry(str + off, size - off, entry, flags);
246 		if (error) {
247 			free(str);
248 			errno = EINVAL;
249 			return (NULL);
250 		}
251 
252 		off = strlen(str);
253 	}
254 
255 	assert(off < size);
256 	str[off] = '\0';
257 
258 	if (len_p != NULL)
259 		*len_p = off;
260 
261 	return (str);
262 }
263