FreeBSD compatibility fixes

[netatalk.git] / etc / afpd / acls.c

diff --git a/etc/afpd/acls.c b/etc/afpd/acls.c
index 76d87c12645e60e618e28256df65b5faaa6acc97..4dd127b1fb33ef2e8e61f5089c34bb1076d3ea95 100644 (file)
--- a/etc/afpd/acls.c
+++ b/etc/afpd/acls.c
@@ -28,6 +28,8 @@
 #endif
 #ifdef HAVE_POSIX_ACLS
 #include <sys/acl.h>
+#endif
+#ifdef HAVE_ACL_LIBACL_H
 #include <acl/libacl.h>
 #endif
 
@@ -96,10 +98,8 @@ static int solaris_acl_rights(const char *path,
     /* Get ACL from file/dir */
     EC_NEG1_LOG(ace_count = get_nfsv4_acl(path, &aces));
 
-    if (ace_count == 0) {
-        LOG(log_warning, logtype_afpd, "Zero ACEs from get_nfsv4_acl");
-        EC_FAIL;
-    }
+    if (ace_count == 0)
+        goto EC_CLEANUP;
 
     /* Now check requested rights */
     i = 0;
@@ -130,9 +130,9 @@ static int solaris_acl_rights(const char *path,
             ||
             ((flags & ACE_OWNER) && (uuid == sb->st_uid))
             ||
-            ((flags & ACE_GROUP) && gmem(sb->st_gid))
+            ((flags & ACE_GROUP) && !(uuid == sb->st_uid) && gmem(sb->st_gid))
             ||
-            (flags & ACE_EVERYONE)
+            (flags & ACE_EVERYONE && !(uuid == sb->st_uid) && !gmem(sb->st_gid))
             ) {
             /* Found an applicable ACE */
             if (type == ACE_ACCESS_ALLOWED_ACE_TYPE)
@@ -344,12 +344,20 @@ static uint32_t posix_permset_to_darwin_rights(acl_entry_t e, int is_dir)
 
     EC_ZERO_LOG(acl_get_permset(e, &permset));
 
+#ifdef HAVE_ACL_GET_PERM_NP
+    if (acl_get_perm_np(permset, ACL_READ))
+#else
     if (acl_get_perm(permset, ACL_READ))
+#endif
         rights = DARWIN_ACE_READ_DATA
             | DARWIN_ACE_READ_EXTATTRIBUTES
             | DARWIN_ACE_READ_ATTRIBUTES
             | DARWIN_ACE_READ_SECURITY;
+#ifdef HAVE_ACL_GET_PERM_NP
+    if (acl_get_perm_np(permset, ACL_WRITE)) {
+#else
     if (acl_get_perm(permset, ACL_WRITE)) {
+#endif
         rights |= DARWIN_ACE_WRITE_DATA
             | DARWIN_ACE_APPEND_DATA
             | DARWIN_ACE_WRITE_EXTATTRIBUTES
@@ -357,7 +365,11 @@ static uint32_t posix_permset_to_darwin_rights(acl_entry_t e, int is_dir)
         if (is_dir)
             rights |= DARWIN_ACE_DELETE_CHILD;
     }
+#ifdef HAVE_ACL_GET_PERM_NP
+    if (acl_get_perm_np(permset, ACL_EXECUTE))
+#else
     if (acl_get_perm(permset, ACL_EXECUTE))
+#endif
         rights |= DARWIN_ACE_EXECUTE;
 
 EC_CLEANUP:
@@ -440,14 +452,16 @@ static int posix_acl_rights(const char *path,
             gid = NULL;
             break;
         case ACL_GROUP_OBJ:
-            if (gmem(sb->st_gid)) {
+            if (!(sb->st_uid == uuid) && gmem(sb->st_gid)) {
                 LOG(log_maxdebug, logtype_afpd, "ACL_GROUP_OBJ: %u", sb->st_gid);
                 rights |= posix_permset_to_darwin_rights(e, S_ISDIR(sb->st_mode));            
             }
             break;
         case ACL_OTHER:
-            LOG(log_maxdebug, logtype_afpd, "ACL_OTHER");
-            rights |= posix_permset_to_darwin_rights(e, S_ISDIR(sb->st_mode));
+            if (!(sb->st_uid == uuid) && !gmem(sb->st_gid)) {
+                LOG(log_maxdebug, logtype_afpd, "ACL_OTHER");
+                rights |= posix_permset_to_darwin_rights(e, S_ISDIR(sb->st_mode));
+            }
             break;
         default:
             continue;
@@ -1043,8 +1057,11 @@ static int set_acl(const struct vol *vol,
     /* for files def_acl will be NULL */
 
     /* create access acl from mode */
+#ifdef HAVE_ACL_FROM_MODE
     EC_NULL_LOG_ERR(acc_acl = acl_from_mode(st.st_mode), AFPERR_MISC);
-
+#else
+#error "Missing acl_from_mode() replacement"
+#endif
     /* adds the clients aces */
     EC_ZERO_ERR(map_aces_darwin_to_posix(daces, &def_acl, &acc_acl, ace_count), AFPERR_MISC);
 
@@ -1295,11 +1312,14 @@ int afp_getacl(AFPObj *obj, char *ibuf, size_t ibuflen _U_, char *rbuf _U_, size
     /* Shall we return owner UUID ? */
     if (bitmap & kFileSec_UUID) {
         LOG(log_debug, logtype_afpd, "afp_getacl: client requested files owner user UUID");
-        if (NULL == (pw = getpwuid(s_path->st.st_uid)))
-            return AFPERR_MISC;
-        LOG(log_debug, logtype_afpd, "afp_getacl: got uid: %d, name: %s", s_path->st.st_uid, pw->pw_name);
-        if ((ret = getuuidfromname(pw->pw_name, UUID_USER, rbuf)) != 0)
-            return AFPERR_MISC;
+        if (NULL == (pw = getpwuid(s_path->st.st_uid))) {
+            LOG(log_debug, logtype_afpd, "afp_getacl: local uid: %u", s_path->st.st_uid);
+            localuuid_from_id(rbuf, UUID_USER, s_path->st.st_uid);
+        } else {
+            LOG(log_debug, logtype_afpd, "afp_getacl: got uid: %d, name: %s", s_path->st.st_uid, pw->pw_name);
+            if ((ret = getuuidfromname(pw->pw_name, UUID_USER, rbuf)) != 0)
+                return AFPERR_MISC;
+        }
         rbuf += UUID_BINSIZE;
         *rbuflen += UUID_BINSIZE;
     }
@@ -1307,11 +1327,14 @@ int afp_getacl(AFPObj *obj, char *ibuf, size_t ibuflen _U_, char *rbuf _U_, size
     /* Shall we return group UUID ? */
     if (bitmap & kFileSec_GRPUUID) {
         LOG(log_debug, logtype_afpd, "afp_getacl: client requested files owner group UUID");
-        if (NULL == (gr = getgrgid(s_path->st.st_gid)))
-            return AFPERR_MISC;
-        LOG(log_debug, logtype_afpd, "afp_getacl: got gid: %d, name: %s", s_path->st.st_gid, gr->gr_name);
-        if ((ret = getuuidfromname(gr->gr_name, UUID_GROUP, rbuf)) != 0)
-            return AFPERR_MISC;
+        if (NULL == (gr = getgrgid(s_path->st.st_gid))) {
+            LOG(log_debug, logtype_afpd, "afp_getacl: local gid: %u", s_path->st.st_gid);
+            localuuid_from_id(rbuf, UUID_GROUP, s_path->st.st_gid);
+        } else {
+            LOG(log_debug, logtype_afpd, "afp_getacl: got gid: %d, name: %s", s_path->st.st_gid, gr->gr_name);
+            if ((ret = getuuidfromname(gr->gr_name, UUID_GROUP, rbuf)) != 0)
+                return AFPERR_MISC;
+        }
         rbuf += UUID_BINSIZE;
         *rbuflen += UUID_BINSIZE;
     }