xref: /freebsd/lib/libc/posix1e/acl_to_text_nfs4.c (revision 7ef62cebc2f965b0f640263e179276928885e33d)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause
3  *
4  * Copyright (c) 2008, 2009 Edward Tomasz Napierała <trasz@FreeBSD.org>
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  *    notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in the
13  *    documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25  * SUCH DAMAGE.
26  */
27 
28 #include <sys/cdefs.h>
29 __FBSDID("$FreeBSD$");
30 
31 #include <stdio.h>
32 #include <stdlib.h>
33 #include <unistd.h>
34 #include <errno.h>
35 #include <assert.h>
36 #include <string.h>
37 #include <pwd.h>
38 #include <grp.h>
39 #include <sys/syscall.h>
40 #include <sys/types.h>
41 #include <sys/acl.h>
42 
43 #include "acl_support.h"
44 
45 #define MAX_ENTRY_LENGTH 512
46 
47 static int
48 format_who(char *str, size_t size, const acl_entry_t entry, int numeric)
49 {
50 	int error;
51 	acl_tag_t tag;
52 	struct passwd *pwd;
53 	struct group *grp;
54 	uid_t *id;
55 
56 	error = acl_get_tag_type(entry, &tag);
57 	if (error)
58 		return (error);
59 
60 	switch (tag) {
61 	case ACL_USER_OBJ:
62 		snprintf(str, size, "owner@");
63 		break;
64 
65 	case ACL_USER:
66 		id = (uid_t *)acl_get_qualifier(entry);
67 		if (id == NULL)
68 			return (-1);
69 		/* XXX: Thread-unsafe. */
70 		if (!numeric)
71 			pwd = getpwuid(*id);
72 		else
73 			pwd = NULL;
74 		if (pwd == NULL)
75 			snprintf(str, size, "user:%d", (unsigned int)*id);
76 		else
77 			snprintf(str, size, "user:%s", pwd->pw_name);
78 		break;
79 
80 	case ACL_GROUP_OBJ:
81 		snprintf(str, size, "group@");
82 		break;
83 
84 	case ACL_GROUP:
85 		id = (uid_t *)acl_get_qualifier(entry);
86 		if (id == NULL)
87 			return (-1);
88 		/* XXX: Thread-unsafe. */
89 		if (!numeric)
90 			grp = getgrgid(*id);
91 		else
92 			grp = NULL;
93 		if (grp == NULL)
94 			snprintf(str, size, "group:%d", (unsigned int)*id);
95 		else
96 			snprintf(str, size, "group:%s", grp->gr_name);
97 		break;
98 
99 	case ACL_EVERYONE:
100 		snprintf(str, size, "everyone@");
101 		break;
102 
103 	default:
104 		return (-1);
105 	}
106 
107 	return (0);
108 }
109 
110 static int
111 format_entry_type(char *str, size_t size, const acl_entry_t entry)
112 {
113 	int error;
114 	acl_entry_type_t entry_type;
115 
116 	error = acl_get_entry_type_np(entry, &entry_type);
117 	if (error)
118 		return (error);
119 
120 	switch (entry_type) {
121 	case ACL_ENTRY_TYPE_ALLOW:
122 		snprintf(str, size, "allow");
123 		break;
124 	case ACL_ENTRY_TYPE_DENY:
125 		snprintf(str, size, "deny");
126 		break;
127 	case ACL_ENTRY_TYPE_AUDIT:
128 		snprintf(str, size, "audit");
129 		break;
130 	case ACL_ENTRY_TYPE_ALARM:
131 		snprintf(str, size, "alarm");
132 		break;
133 	default:
134 		return (-1);
135 	}
136 
137 	return (0);
138 }
139 
140 static int
141 format_additional_id(char *str, size_t size, const acl_entry_t entry)
142 {
143 	int error;
144 	acl_tag_t tag;
145 	uid_t *id;
146 
147 	error = acl_get_tag_type(entry, &tag);
148 	if (error)
149 		return (error);
150 
151 	switch (tag) {
152 	case ACL_USER_OBJ:
153 	case ACL_GROUP_OBJ:
154 	case ACL_EVERYONE:
155 		str[0] = '\0';
156 		break;
157 
158 	default:
159 		id = (uid_t *)acl_get_qualifier(entry);
160 		if (id == NULL)
161 			return (-1);
162 		snprintf(str, size, ":%d", (unsigned int)*id);
163 	}
164 
165 	return (0);
166 }
167 
168 static int
169 format_entry(char *str, size_t size, const acl_entry_t entry, int flags)
170 {
171 	size_t off = 0, min_who_field_length = 18;
172 	acl_permset_t permset;
173 	acl_flagset_t flagset;
174 	int error, len;
175 	char buf[MAX_ENTRY_LENGTH + 1];
176 
177 	assert(_entry_brand(entry) == ACL_BRAND_NFS4);
178 
179 	error = acl_get_flagset_np(entry, &flagset);
180 	if (error)
181 		return (error);
182 
183 	error = acl_get_permset(entry, &permset);
184 	if (error)
185 		return (error);
186 
187 	error = format_who(buf, sizeof(buf), entry,
188 	    flags & ACL_TEXT_NUMERIC_IDS);
189 	if (error)
190 		return (error);
191 	len = strlen(buf);
192 	if (len < min_who_field_length)
193 		len = min_who_field_length;
194 	off += snprintf(str + off, size - off, "%*s:", len, buf);
195 
196 	error = _nfs4_format_access_mask(buf, sizeof(buf), *permset,
197 	    flags & ACL_TEXT_VERBOSE);
198 	if (error)
199 		return (error);
200 	off += snprintf(str + off, size - off, "%s:", buf);
201 
202 	error = _nfs4_format_flags(buf, sizeof(buf), *flagset,
203 	    flags & ACL_TEXT_VERBOSE);
204 	if (error)
205 		return (error);
206 	off += snprintf(str + off, size - off, "%s:", buf);
207 
208 	error = format_entry_type(buf, sizeof(buf), entry);
209 	if (error)
210 		return (error);
211 	off += snprintf(str + off, size - off, "%s", buf);
212 
213 	if (flags & ACL_TEXT_APPEND_ID) {
214 		error = format_additional_id(buf, sizeof(buf), entry);
215 		if (error)
216 			return (error);
217 		off += snprintf(str + off, size - off, "%s", buf);
218 	}
219 
220 	off += snprintf(str + off, size - off, "\n");
221 
222 	/* Make sure we didn't truncate anything. */
223 	assert (off < size);
224 
225 	return (0);
226 }
227 
228 char *
229 _nfs4_acl_to_text_np(const acl_t aclp, ssize_t *len_p, int flags)
230 {
231 	int error, off = 0, size, entry_id = ACL_FIRST_ENTRY;
232 	char *str;
233 	acl_entry_t entry;
234 
235 	if (aclp->ats_acl.acl_cnt == 0)
236 		return strdup("");
237 
238 	size = aclp->ats_acl.acl_cnt * MAX_ENTRY_LENGTH;
239 	str = malloc(size);
240 	if (str == NULL)
241 		return (NULL);
242 
243 	while (acl_get_entry(aclp, entry_id, &entry) == 1) {
244 		entry_id = ACL_NEXT_ENTRY;
245 
246 		assert(off < size);
247 
248 		error = format_entry(str + off, size - off, entry, flags);
249 		if (error) {
250 			free(str);
251 			errno = EINVAL;
252 			return (NULL);
253 		}
254 
255 		off = strlen(str);
256 	}
257 
258 	assert(off < size);
259 	str[off] = '\0';
260 
261 	if (len_p != NULL)
262 		*len_p = off;
263 
264 	return (str);
265 }
266