From 4767e5debd1974ec5e186aabc5e334a0e8362308 Mon Sep 17 00:00:00 2001 From: Frank Lahm Date: Fri, 18 Jun 2010 17:15:38 +0200 Subject: [PATCH] acl_get_file --- configure.in | 1 + etc/afpd/Makefile.am | 13 +++++---- etc/afpd/acls.c | 63 +++++++++++++++++++++++++++++++++++++++----- 3 files changed, 66 insertions(+), 11 deletions(-) diff --git a/configure.in b/configure.in index b7123436..69a81edb 100644 --- a/configure.in +++ b/configure.in @@ -1144,6 +1144,7 @@ fi if test x"$with_acl_support" = x"yes" ; then AC_DEFINE(HAVE_ACLS,1,[Whether ACLs support is available]) + AC_SUBST(ACL_LIBS) fi dnl --------------------- check for Extended Attributes support diff --git a/etc/afpd/Makefile.am b/etc/afpd/Makefile.am index e1c5415e..431437ef 100644 --- a/etc/afpd/Makefile.am +++ b/etc/afpd/Makefile.am @@ -11,11 +11,9 @@ afpd_SOURCES = unix.c ofork.c main.c switch.c auth.c volume.c directory.c \ afp_config.c nfsquota.c quota.c uam.c afs.c uid.c afp_util.c \ catsearch.c afprun.c hash.c extattrs.c dircache.c -if HAVE_ACLS -afpd_SOURCES += acls.c -endif - -afpd_LDADD = $(top_builddir)/libatalk/cnid/libcnid.la $(top_builddir)/libatalk/libatalk.la @QUOTA_LIBS@ @SLP_LIBS@ @WRAP_LIBS@ @LIBADD_DL@ +afpd_LDADD = $(top_builddir)/libatalk/cnid/libcnid.la \ + $(top_builddir)/libatalk/libatalk.la \ + @QUOTA_LIBS@ @SLP_LIBS@ @WRAP_LIBS@ @LIBADD_DL@ @ACL_LIBS@ afpd_LDFLAGS = -export-dynamic afpd_CFLAGS = -I$(top_srcdir)/include -I$(top_srcdir)/sys \ @SLP_CFLAGS@ \ @@ -29,6 +27,11 @@ afpd_CFLAGS = -I$(top_srcdir)/include -I$(top_srcdir)/sys \ -DAPPLCNAME \ -DSERVERTEXT=\"$(SERVERTEXT)/\" +if HAVE_ACLS +afpd_SOURCES += acls.c +endif + + noinst_HEADERS = auth.h afp_config.h desktop.h directory.h file.h \ filedir.h fork.h globals.h icon.h mangle.h misc.h status.h switch.h \ uam_auth.h uid.h unix.h volume.h hash.h acls.h acl_mappings.h extattrs.h \ diff --git a/etc/afpd/acls.c b/etc/afpd/acls.c index 4e0caebd..f2d8f232 100644 --- a/etc/afpd/acls.c +++ b/etc/afpd/acls.c @@ -24,7 +24,9 @@ #include #include #include +#if defined HAVE_SOLARIS_ACLS || defined HAVE_POSIX_ACLS #include +#endif #include #include @@ -46,6 +48,8 @@ /* for map_acl() */ #define SOLARIS_2_DARWIN 1 #define DARWIN_2_SOLARIS 2 +#define POSIX_2_DARWIN 3 +#define DARWIN_2_POSIX 4 /******************************************************** * Basic and helper funcs @@ -356,21 +360,25 @@ int map_aces_darwin_to_solaris(darwin_ace_t *darwin_aces, ace_t *nfsv4_aces, int return mapped_aces; } +#endif /* HAVE_SOLARIS_ACLS */ - -/* Map between ACL styles (SOLARIS_2_DARWIN, DARWIN_2_SOLARIS). +/* Map between ACL styles (SOLARIS_2_DARWIN, DARWIN_2_SOLARIS, POSIX_2_DARWIN, DARWIN_2_POSIX). Reads from 'aces' buffer, writes to 'rbuf' buffer. Caller must provide buffer. Darwin ACEs are read and written in network byte order. Needs to know how many ACEs are in the ACL (ace_count). Ignores trivial ACEs. Return no of mapped ACEs or -1 on error. */ -static int map_acl(int type, ace_t *nfsv4_aces, darwin_ace_t *buf, int ace_count) +static int map_acl(int type, const void *aces, darwin_ace_t *buf, int ace_count) { int mapped_aces; - +#ifdef HAVE_SOLARIS_ACLS + ace_t *nfsv4_aces = (ace_t *)aces; +#endif LOG(log_debug9, logtype_afpd, "map_acl: BEGIN"); switch (type) { + +#ifdef HAVE_SOLARIS_ACLS case SOLARIS_2_DARWIN: mapped_aces = map_aces_solaris_to_darwin( nfsv4_aces, buf, ace_count); break; @@ -378,6 +386,15 @@ static int map_acl(int type, ace_t *nfsv4_aces, darwin_ace_t *buf, int ace_count case DARWIN_2_SOLARIS: mapped_aces = map_aces_darwin_to_solaris( buf, nfsv4_aces, ace_count); break; +#endif /* HAVE_SOLARIS_ACLS */ + +#ifdef HAVE_POSIX_ACLS + case POSIX_2_DARWIN: + break; + + case DARWIN_2_POSIX: + break; +#endif /* HAVE_POSIX_ACLS */ default: mapped_aces = -1; @@ -387,7 +404,6 @@ static int map_acl(int type, ace_t *nfsv4_aces, darwin_ace_t *buf, int ace_count LOG(log_debug9, logtype_afpd, "map_acl: END"); return mapped_aces; } -#endif /* HAVE_SOLARIS_ACLS */ /* Get ACL from object omitting trivial ACEs. Map to Darwin ACL style and store Darwin ACL at rbuf. Add length of ACL written to rbuf to *rbuflen. @@ -419,16 +435,51 @@ static int get_and_map_acl(char *name, char *rbuf, size_t *rbuflen) } #endif /* HAVE_SOLARIS_ACLS */ +#ifdef HAVE_POSIX_ACLS + acl_t defacl = NULL , accacl = NULL; + if ((defacl = acl_get_file(name, ACL_TYPE_DEFAULT)) == NULL && errno != ENOTDIR) { + LOG(log_error, logtype_afpd, "get_and_map_acl: couldnt get default ACL"); + err = -1; + goto cleanup; + } + + if (defacl && (mapped_aces = map_acl(POSIX_2_DARWIN, + defacl, + (darwin_ace_t *)rbuf, + 0)) == -1) { + err = -1; + goto cleanup; + } + + if ((accacl = acl_get_file(name, ACL_TYPE_ACCESS)) == NULL) { + LOG(log_error, logtype_afpd, "get_and_map_acl: couldnt get access ACL"); + err = -1; + goto cleanup; + } + + if (accacl && (mapped_aces += map_acl(POSIX_2_DARWIN, + accacl, + (darwin_ace_t *)rbuf + mapped_aces * sizeof(darwin_ace_t), + 0)) == -1) { + err = -1; + goto cleanup; + } +#endif /* HAVE_POSIX_ACLS */ + LOG(log_debug, logtype_afpd, "get_and_map_acl: mapped %d ACEs", mapped_aces); err = 0; *darwin_ace_count = htonl(mapped_aces); *rbuflen += sizeof(darwin_acl_header_t) + (mapped_aces * sizeof(darwin_ace_t)); -#ifdef HAVE_SOLARIS_ACLS cleanup: +#ifdef HAVE_SOLARIS_ACLS free(aces); #endif +#ifdef HAVE_POSIX_ACLS + if (defacl) acl_free(defacl); + if (accacl) acl_free(accacl); +#endif /* HAVE_POSIX_ACLS */ LOG(log_debug9, logtype_afpd, "get_and_map_acl: END"); return err; -- 2.39.2