legacy/libisoburn/trunk/test/aaip_0_2.c

1684 lines
51 KiB
C
Raw Normal View History

/*
Arbitrary Attribute Interchange Protocol , AAIP version 0.2
Demonstration implementation of encoding and decoding EA and ACL.
See test/aaip_0_2.h
http://libburnia-project.org/wiki/AAIP
*/
#include <ctype.h>
#include <sys/types.h>
#include <unistd.h>
#include <stdlib.h>
#include <string.h>
#include <stdio.h>
2008-12-25 14:01:36 +00:00
#include <pwd.h>
#include <grp.h>
/* <<< */
#define Aaip_encode_debuG 1
#include "aaip_0_2.h"
2008-12-25 14:01:36 +00:00
#define Aaip_EXEC 1
#define Aaip_WRITE 2
#define Aaip_READ 4
#define Aaip_TRANSLATE 0
#define Aaip_ACL_USER_OBJ 1
#define Aaip_ACL_USER 2
#define Aaip_ACL_GROUP_OBJ 3
#define Aaip_ACL_GROUP 4
#define Aaip_ACL_MASK 5
#define Aaip_ACL_OTHER 6
#define Aaip_SWITCH_MARK 8
#define Aaip_ACL_USER_N 10
#define Aaip_ACL_GROUP_N 12
#define Aaip_FUTURE_VERSION 15
/* --------------------------------- Encoder ---------------------------- */
static int aaip_encode_pair(char *name, size_t attr_length, char *attr,
unsigned int *num_recs, size_t *comp_size,
unsigned char *result, size_t result_fill,
int flag);
/* Convert an array of Arbitrary Attributes into a series of AAIP fields.
@param aa_name The 2 byte SUSP Signature Word of the fields
@param num_attrs Number of attributes
@param names Array of pointers to 0 terminated name strings
@param value_lengths Array of byte lengths for each value
@param values Array of pointers to the value bytes
@param result_len Number of bytes in the resulting SUSP field string
@param result *result will point to the start of the result string.
This is malloc() memory which needs to be freed when
no longer needed
@param flag Bitfield for control purposes
bit0= set CONTINUE bit of last AA field to 1
@return >0 is the number of SUSP fields generated,
0 means error
*/
unsigned int aaip_encode(char aa_name[2],
unsigned int num_attrs, char **names,
size_t *value_lengths, char **values,
size_t *result_len, unsigned char **result, int flag)
{
size_t mem_size= 0, comp_size;
unsigned int number_of_fields, i, num_recs, total_recs= 0, ret;
/* Predict memory needs, number of SUSP fields and component records */
*result_len= 0;
for(i= 0; i < num_attrs; i++) {
ret= aaip_encode_pair(names[i], value_lengths[i], values[i],
&num_recs, &comp_size, NULL, (size_t) 0, 1);
if(ret <= 0)
return(ret);
mem_size+= comp_size;
total_recs= num_recs;
}
number_of_fields= mem_size / 250 + !!(mem_size % 250);
mem_size+= number_of_fields * 5;
#ifdef Aaip_encode_debuG
*result= (unsigned char *) calloc(1, mem_size + 1024000);
/* generous honeypot for overflows */
#else
*result= (unsigned char *) calloc(1, mem_size);
#endif
/* Encode pairs into result */
for(i= 0; i < num_attrs; i++) {
ret= aaip_encode_pair(names[i], value_lengths[i], values[i],
&num_recs, &comp_size, *result, *result_len, 0);
if(ret <= 0)
return(ret);
(*result_len)+= comp_size;
}
/* write the field headers */
for(i= 0; i < number_of_fields; i++) {
(*result)[i * 255 + 0]= aa_name[0];
(*result)[i * 255 + 1]= aa_name[1];
if(i < number_of_fields - 1 || (mem_size % 255) == 0)
(*result)[i * 255 + 2]= 255;
else
(*result)[i * 255 + 2]= mem_size % 255;
(*result)[i * 255 + 3]= 1;
(*result)[i * 255 + 4]= (flag & 1) || (i < number_of_fields - 1);
}
(*result_len)+= number_of_fields * 5;
#ifdef Aaip_encode_debuG
if(*result_len != mem_size) {
fprintf(stderr, "aaip_encode(): MEMORY MISMATCH BY %d BYTES\n",
(int) (mem_size - *result_len));
}
ret= 0;
for(i= 0; i < *result_len; i+= ((unsigned char *) (*result))[i + 2])
ret++;
if(ret != number_of_fields) {
fprintf(stderr, "aaip_encode(): WRONG NUMBER OF FIELDS %d <> %d\n",
number_of_fields, ret);
}
#endif /* Aaip_encode_debuG */
return(number_of_fields);
}
static void aaip_encode_byte(unsigned char *result, size_t *result_fill,
unsigned char value)
{
result[(*result_fill / 250) * 255 + 5 + (*result_fill % 250)]= value;
(*result_fill)++;
}
static int aaip_encode_comp(unsigned char *result, size_t *result_fill,
char *data, size_t l, int flag)
{
size_t todo;
char *rpt, *comp_start;
if(l == 0) {
aaip_encode_byte(result, result_fill, 0);
aaip_encode_byte(result, result_fill, 0);
return(1);
}
for(rpt= data; rpt - data < l;) {
todo= l - (rpt - data);
aaip_encode_byte(result, result_fill, (todo > 255));
if(todo > 255)
todo= 255;
aaip_encode_byte(result, result_fill, todo);
for(comp_start= rpt; rpt - comp_start < todo; rpt++)
aaip_encode_byte(result, result_fill, *((unsigned char *) rpt));
}
return(1);
}
/* Write the component records for name and attr. Skip the positions of
AA field headers.
@param flag bit0= only count but do not produce result
*/
static int aaip_encode_pair(char *name, size_t attr_length, char *attr,
unsigned int *num_recs, size_t *comp_size,
unsigned char *result, size_t result_fill,
int flag)
{
size_t l;
l= strlen(name);
*num_recs= l / 255 + (!!(l % 255)) + (l == 0) +
attr_length / 255 + (!!(attr_length % 255)) + (attr_length == 0);
*comp_size= l + attr_length + 2 * *num_recs;
if(flag & 1)
return(1);
aaip_encode_comp(result, &result_fill, name, l, 0);
aaip_encode_comp(result, &result_fill, attr, attr_length, 0);
return(1);
}
2008-12-25 14:01:36 +00:00
/* ----------- Encoder for ACLs ----------- */
static ssize_t aaip_encode_acl_text(char *acl_text,
size_t result_size, unsigned char *result, int flag);
/* Convert an ACL text as of acl_to_text(3) into the value of an Arbitrary
Attribute. According to AAIP 0.2 this value is to be stored together with
an empty name.
@param acl_text The ACL in long text form
@param result_len Number of bytes in the resulting value
@param result *result will point to the start of the result string.
This is malloc() memory which needs to be freed when
no longer needed
@param flag Bitfield for control purposes
bit0= count only
bit1= use numeric qualifiers rather than names
2008-12-26 12:40:04 +00:00
bit2= this is a default ACL, prepend SWITCH_MARK
2008-12-25 14:01:36 +00:00
@return >0 means ok
0 means error
*/
int aaip_encode_acl(char *acl_text,
size_t *result_len, unsigned char **result, int flag)
{
ssize_t bytes;
*result= NULL;
*result_len= 0;
2008-12-26 12:40:04 +00:00
bytes= aaip_encode_acl_text(acl_text, (size_t) 0, NULL, 1 | (flag & 6));
2008-12-25 14:01:36 +00:00
if(bytes < 0)
return(0);
if(flag & 1) {
*result_len= bytes;
return(1);
}
*result= calloc(bytes + 1, 1);
if(*result == NULL)
return(-1);
(*result)[bytes]= 0;
*result_len= bytes;
2008-12-26 12:40:04 +00:00
bytes= aaip_encode_acl_text(acl_text, *result_len, *result, (flag & 6));
2008-12-25 14:01:36 +00:00
if(bytes != *result_len) {
*result_len= 0;
return(0);
}
return(1);
}
static double aaip_numeric_id(char *name, int flag)
{
double num;
char *cpt;
for(cpt= name; *cpt != 0; cpt++)
if(*cpt < '0' || *cpt >'9')
break;
if(*cpt != 0)
return(-1);
sscanf(name, "%lf", &num);
return(num);
}
/*
2008-12-26 12:40:04 +00:00
@param result_size Number of bytes to store result
@param result Pointer to the start of the result string.
2008-12-25 14:01:36 +00:00
@param flag Bitfield for control purposes
bit0= count only, do not really produce bytes
bit1= use numeric qualifiers
2008-12-26 12:40:04 +00:00
bit2= this is a default ACL, prepend SWITCH_MARK 1
2008-12-25 14:01:36 +00:00
@return >=0 number of bytes produced resp. counted
<0 means error
*/
static ssize_t aaip_encode_acl_text(char *acl_text,
size_t result_size, unsigned char *result, int flag)
{
char *rpt, *npt, *cpt;
int qualifier= 0, perms, type, i, qualifier_len, num_recs;
uid_t uid, huid;
gid_t gid, hgid;
ssize_t count= 0;
struct passwd *pwd;
struct group *grp;
char name[1024];
double num;
2008-12-26 12:40:04 +00:00
if(flag & 4) {
/* set SWITCH_MARK to indicate a default ACL */;
if(!(flag & 1)) {
if(count >= result_size)
return(-1);
result[count]= (Aaip_SWITCH_MARK << 4) | Aaip_EXEC;
}
count++;
}
2008-12-25 14:01:36 +00:00
for(rpt= acl_text; *rpt != 0; rpt= npt) {
npt= strchr(rpt, '\n');
if(npt == 0)
npt= rpt + strlen(rpt);
else
npt++;
if(*rpt == '#')
continue;
cpt= strchr(rpt, ':');
if(cpt == NULL)
continue;
cpt= strchr(cpt + 1, ':');
if(cpt == NULL)
continue;
qualifier= 0;
if(strncmp(rpt, "user:", 5) == 0) {
if(cpt - rpt == 5)
type= Aaip_ACL_USER_OBJ;
else {
if(cpt - (rpt + 5) >= sizeof(name))
continue;
strncpy(name, rpt + 5, cpt - (rpt + 5));
name[cpt - (rpt + 5)]= 0;
if(flag & 2) {
type= Aaip_ACL_USER_N;
pwd= getpwnam(name);
if(pwd == NULL) {
num= aaip_numeric_id(name, 0);
if(num <= 0)
goto user_by_name;
uid= huid= num;
} else
uid= huid= pwd->pw_uid;
/* Convert uid into Qualifier Record */
for(i= 0; huid != 0; i++)
huid= huid >> 8;
qualifier_len= i;
for(i= 0; i < qualifier_len ; i++)
name[i]= uid >> (8 * (qualifier_len - i - 1));
} else {
user_by_name:;
type= Aaip_ACL_USER;
qualifier_len= strlen(name);
}
qualifier= 1;
}
} else if(strncmp(rpt, "group:", 6) == 0) {
if(cpt - rpt == 6)
type= Aaip_ACL_GROUP_OBJ;
else {
if(cpt - (rpt + 6) >= sizeof(name))
continue;
strncpy(name, rpt + 6, cpt - (rpt + 6));
if(flag & 2) {
type= Aaip_ACL_GROUP_N;
grp= getgrnam(name);
if(grp == NULL) {
num= aaip_numeric_id(name, 0);
if(num <= 0)
goto group_by_name;
gid= hgid= num;
} else
gid= hgid= grp->gr_gid;
/* Convert gid into Qualifier Record */
for(i= 0; hgid != 0; i++)
hgid= hgid >> 8;
qualifier_len= i;
for(i= 0; i < qualifier_len ; i++)
name[i]= gid >> (8 * (qualifier_len - i - 1));
} else {
group_by_name:;
type= Aaip_ACL_GROUP;
qualifier_len= strlen(name);
}
qualifier= 1;
}
} else if(strncmp(rpt, "other:", 6) == 0) {
type= Aaip_ACL_OTHER;
} else if(strncmp(rpt, "mask:", 5) == 0) {
type= Aaip_ACL_MASK;
} else
continue;
2008-12-26 12:40:04 +00:00
if(npt - cpt < 3)
continue;
2008-12-25 14:01:36 +00:00
perms= 0;
if(cpt[1] == 'r')
perms|= Aaip_READ;
if(cpt[2] == 'w')
perms|= Aaip_WRITE;
if(cpt[3] == 'x')
perms|= Aaip_EXEC;
2008-12-26 12:40:04 +00:00
if(!(flag & 1)) {
if(count >= result_size)
return(-1);
2008-12-25 14:01:36 +00:00
result[count]= perms | ((!!qualifier) << 3) | (type << 4);
2008-12-26 12:40:04 +00:00
}
2008-12-25 14:01:36 +00:00
count++;
if(qualifier) {
num_recs= (qualifier_len / 127) + !!(qualifier_len % 127);
if(!(flag & 1)) {
2008-12-26 12:40:04 +00:00
if(count + 1 > result_size)
return(-1);
2008-12-25 14:01:36 +00:00
for(i= 0; i < num_recs; i++) {
if(i < num_recs - 1)
result[count++]= 255;
else {
result[count++]= (qualifier_len % 127);
if(result[count - 1] == 0)
result[count - 1]= 127;
}
2008-12-26 12:40:04 +00:00
if(count + (result[count - 1] & 127) > result_size)
return(-1);
2008-12-25 14:01:36 +00:00
memcpy(result + count, name + i * 127, result[count - 1] & 127);
count+= result[count - 1] & 127;
}
} else
count+= qualifier_len + num_recs;
}
}
return(count);
}
/* --------------------------------- Decoder ---------------------------- */
/* --- private --- */
/* Not less than 2 * 2048 */
#define Aaip_buffer_sizE 4096
/* Enough for one full component record and three empty ones which might get
added in case of unclean end of attribute list.
*/
#define Aaip_buffer_reservE (257 + 3 * 2)
struct aaip_state {
/* AA field status */
unsigned char aa_name[2];
int aa_head_missing; /* number of bytes needed to complete AA field header */
int aa_missing; /* number of bytes needed to complete current AA field */
int aa_ends; /* 0= still AA fields expected, 1= last AA being processed,
2= all AA fields processed, 3= all is delivered */
/* Buffer for component records */
int recs_invalid; /* number of components to skip */
unsigned char recs[Aaip_buffer_sizE + Aaip_buffer_reservE];
size_t recs_fill;
unsigned char *recs_start;
int rec_head_missing; /* number of bytes needed to complete rec header */
int rec_missing; /* number of bytes needed to complete current rec */
int rec_ends;
/* Counter for completed data */
unsigned int num_recs;
size_t ready_bytes;
/* Counter and meaning for completed components */
unsigned int num_components;
size_t end_of_components; /* start index of eventual incomplete component */
int first_is_name;
/* Last return value of aaip_decode_pair() */
int pair_status;
unsigned int pairs_skipped;
/* status of aaip_decode_attrs() */
size_t list_mem_used;
size_t list_size;
size_t list_num_attrs;
char **list_names;
size_t *list_value_lengths;
char **list_values;
char *name_buf;
size_t name_buf_size;
size_t name_buf_fill;
char *value_buf;
size_t value_buf_size;
size_t value_buf_fill;
int list_pending_pair;
};
/* ------- functions ------ */
size_t aaip_sizeof_aaip_state(void)
{
return((size_t) sizeof(struct aaip_state));
}
int aaip_init_aaip_state(struct aaip_state *aaip, char aa_name[2], int flag)
{
aaip->aa_name[0]= aa_name[0];
aaip->aa_name[1]= aa_name[1];
aaip->aa_head_missing= 5;
aaip->aa_missing= 0;
aaip->recs_invalid= 0;
memset(aaip->recs, 0, Aaip_buffer_sizE + Aaip_buffer_reservE);
aaip->recs_fill= 0;
aaip->recs_start= aaip->recs;
aaip->rec_head_missing= 2;
aaip->rec_missing= 0;
aaip->rec_ends= 0;
aaip->num_recs= 0;
aaip->ready_bytes= 0;
aaip->num_components= 0;
aaip->end_of_components= 0;
aaip->first_is_name= 1;
aaip->pair_status= 2;
aaip->pairs_skipped= 0;
aaip->list_mem_used= 0;
aaip->list_size= 0;
aaip->list_num_attrs= 0;
aaip->list_names= NULL;
aaip->list_value_lengths= NULL;
aaip->list_values= NULL;
aaip->name_buf= NULL;
aaip->name_buf_size= 0;
aaip->name_buf_fill= 0;
aaip->value_buf= NULL;
aaip->value_buf_size= 0;
aaip->value_buf_fill= 0;
aaip->list_pending_pair= 0;
return(1);
}
/*
*/
#define Aaip_with_ring_buffeR yes
#ifdef Aaip_with_ring_buffeR
/* Compute the one or two byte intervals in the ring buffer which form a
given byte interval in the virtual shift fifo.
@param idx The byte start index in the virtual shift fifo.
@param todo Number of bytes to cover
@param start_pt Will return the start address of the first interval
@param at_start_pt Will return the size of the first interval
@param at_recs Will return the size of the second interval which
always starts at aaip->recs
@param flag Bitfield for control purposes
@return 1= next start_pt is *start_pt + *at_start_pt
2= next start_pt is aaip->recs + *at_recs
*/
static int aaip_ring_adr(struct aaip_state *aaip, size_t idx, size_t todo,
unsigned char **start_pt, size_t *at_start_pt,
size_t *at_recs, int flag)
{
size_t ahead;
ahead= Aaip_buffer_sizE + Aaip_buffer_reservE
- (aaip->recs_start - aaip->recs);
if(idx < ahead)
*start_pt= (aaip->recs_start + idx);
else
*start_pt= aaip->recs + (idx - ahead);
ahead= Aaip_buffer_sizE + Aaip_buffer_reservE - (*start_pt - aaip->recs);
if(todo >= ahead) {
*at_start_pt= ahead;
*at_recs= todo - ahead;
return(2);
}
*at_start_pt= todo;
*at_recs= 0;
return(1);
}
/*
@param flag Bitfield for control purposes
bit0= count as ready_bytes
*/
static int aaip_push_to_recs(struct aaip_state *aaip, unsigned char *data,
size_t todo, int flag)
{
unsigned char *start_pt;
size_t at_start_pt, at_recs;
aaip_ring_adr(aaip, aaip->recs_fill, todo,
&start_pt, &at_start_pt, &at_recs, 0);
if(at_start_pt > 0)
memcpy(start_pt, data, at_start_pt);
if(at_recs > 0)
memcpy(aaip->recs, data + at_start_pt, at_recs);
aaip->recs_fill+= todo;
if(flag & 1)
aaip->ready_bytes+= todo;
return(1);
}
static int aaip_read_from_recs(struct aaip_state *aaip, size_t idx,
unsigned char *data, size_t num_data, int flag)
{
unsigned char *start_pt;
size_t at_start_pt, at_recs;
aaip_ring_adr(aaip, idx, num_data,
&start_pt, &at_start_pt, &at_recs, 0);
if(at_start_pt > 0)
memcpy(data, start_pt, at_start_pt);
if(at_recs > 0)
memcpy(data + at_start_pt, aaip->recs, at_recs);
return(1);
}
static int aaip_set_buffer_byte(struct aaip_state *aaip, size_t idx,
unsigned char data, int flag)
{
unsigned char *start_pt;
size_t at_start_pt, at_recs;
aaip_ring_adr(aaip, idx, 1,
&start_pt, &at_start_pt, &at_recs, 0);
*start_pt= data;
return(1);
}
static int aaip_get_buffer_byte(struct aaip_state *aaip, size_t idx, int flag)
{
unsigned char *start_pt;
size_t at_start_pt, at_recs;
aaip_ring_adr(aaip, idx, 1,
&start_pt, &at_start_pt, &at_recs, 0);
return((int) *start_pt);
}
static int aaip_shift_recs(struct aaip_state *aaip, size_t todo, int flag)
{
int ret;
unsigned char *start_pt;
size_t at_start_pt, at_recs;
if(todo < aaip->recs_fill) {
ret= aaip_ring_adr(aaip, 0, todo, &start_pt, &at_start_pt, &at_recs, 0);
if(ret == 1)
aaip->recs_start= start_pt + todo;
else
aaip->recs_start= aaip->recs + at_recs;
} else {
aaip->recs_start= aaip->recs;
}
aaip->recs_fill-= todo;
if(aaip->end_of_components >= todo)
aaip->end_of_components-= todo;
else
aaip->end_of_components= 0;
return(1);
}
#else /* Aaip_with_ring_buffeR */
/*
@param flag Bitfield for control purposes
bit0= count as ready_bytes
*/
static int aaip_push_to_recs(struct aaip_state *aaip, unsigned char *data,
size_t todo, int flag)
{
memcpy(aaip->recs + aaip->recs_fill, data, todo);
aaip->recs_fill+= todo;
if(flag & 1)
aaip->ready_bytes+= todo;
return(1);
}
static int aaip_read_from_recs(struct aaip_state *aaip, size_t idx,
unsigned char *data, size_t num_data, int flag)
{
memcpy(data, aaip->recs + idx, num_data);
return(1);
}
static int aaip_set_buffer_byte(struct aaip_state *aaip, size_t idx,
unsigned char data, int flag)
{
aaip->recs[idx]= data;
return(1);
}
static int aaip_get_buffer_byte(struct aaip_state *aaip, size_t idx, int flag)
{
return((int) aaip->recs[idx]);
}
static int aaip_shift_recs(struct aaip_state *aaip, size_t todo, int flag)
{
if(todo < aaip->recs_fill)
memmove(aaip->recs, aaip->recs + todo, aaip->recs_fill - todo);
aaip->recs_fill-= todo;
if(aaip->end_of_components >= todo)
aaip->end_of_components-= todo;
else
aaip->end_of_components= 0;
return(1);
}
#endif /* ! Aaip_with_ring_buffeR */
static int aaip_consume_rec_head(struct aaip_state *aaip,
unsigned char **data, size_t *num_data, int flag)
{
size_t todo;
todo= *num_data;
if(todo > aaip->aa_missing)
todo= aaip->aa_missing;
if(todo >= aaip->rec_head_missing)
todo= aaip->rec_head_missing;
if(!aaip->recs_invalid)
aaip_push_to_recs(aaip, *data, todo, 0);
aaip->rec_head_missing-= todo;
if(aaip->rec_head_missing == 0) {
aaip->rec_missing= aaip_get_buffer_byte(aaip, aaip->recs_fill - 1, 0);
aaip->rec_ends= !(aaip_get_buffer_byte(aaip, aaip->recs_fill - 2, 0) & 1);
}
aaip->aa_missing-= todo;
(*num_data)-= todo;
(*data)+= todo;
return(1);
}
static int aaip_consume_rec_data(struct aaip_state *aaip,
unsigned char **data, size_t *num_data, int flag)
{
size_t todo;
todo= *num_data;
if(todo > aaip->aa_missing)
todo= aaip->aa_missing;
if(todo > aaip->rec_missing)
todo= aaip->rec_missing;
if(!aaip->recs_invalid)
aaip_push_to_recs(aaip, *data, todo, 1);
aaip->rec_missing-= todo;
aaip->aa_missing-= todo;
(*num_data)-= todo;
(*data)+= todo;
if(aaip->rec_missing <= 0) {
if(aaip->recs_invalid > 0) {
if(aaip->rec_ends)
aaip->recs_invalid--;
} else {
aaip->num_recs++;
if(aaip->rec_ends) {
aaip->num_components++;
aaip->end_of_components= aaip->recs_fill;
}
}
aaip->rec_head_missing= 2;
}
return(0);
}
static int aaip_consume_aa_head(struct aaip_state *aaip,
unsigned char **data, size_t *num_data, int flag)
{
size_t todo;
unsigned char aa_head[5];
todo= *num_data;
if(todo >= aaip->aa_head_missing)
todo= aaip->aa_head_missing;
aaip_push_to_recs(aaip, *data, todo, 0);
aaip->aa_head_missing-= todo;
if(aaip->aa_head_missing == 0) {
aaip_read_from_recs(aaip, aaip->recs_fill - 5, aa_head, 5, 0);
if(aa_head[0] != aaip->aa_name[0] || aa_head[1] != aaip->aa_name[1] ||
aa_head[3] != 1)
return(-1);
aaip->aa_missing= aa_head[2];
aaip->aa_ends= !(aa_head[4] & 1);
aaip->recs_fill-= 5; /* AA heads do not get delivered */
if(aaip->aa_missing >= 5)
aaip->aa_missing-= 5;
else
aaip->aa_missing= 0;
}
(*num_data)-= todo;
(*data)+= todo;
return(1);
}
static int aaip_consume_aa_data(struct aaip_state *aaip,
unsigned char **data, size_t *num_data, int flag)
{
size_t i;
static unsigned char zero_char[2]= {0, 0};
while(*num_data > 0 && aaip->aa_missing > 0) {
if(aaip->rec_head_missing > 0) {
aaip_consume_rec_head(aaip, data, num_data, 0);
if(*num_data == 0 || aaip->aa_missing <= 0)
return(1);
}
aaip_consume_rec_data(aaip, data, num_data, 0);
}
if(aaip->aa_missing <= 0) {
if(aaip->aa_ends) {
/* Check for incomplete pair and eventually make emergency closure */
if(aaip->rec_head_missing != 2) { /* incomplete record detected */
if(aaip->rec_head_missing) {
/* fake 0 length record */
aaip_set_buffer_byte(aaip, aaip->recs_fill - 1, (unsigned char) 0, 0);
aaip_push_to_recs(aaip, zero_char, 1, 0);
} else {
/* fill in missing btes */
for(i= 0; i < aaip->rec_missing; i++)
aaip_push_to_recs(aaip, zero_char, 1, 1);
}
aaip->rec_head_missing= 2;
aaip->rec_missing= 0;
aaip->num_recs++;
if(aaip->rec_ends) {
aaip->num_components++;
aaip->end_of_components= aaip->recs_fill;
}
}
if(aaip->end_of_components != aaip->recs_fill &&
aaip->end_of_components != 0) {
/* incomplete component detected */
/* add empty end record */
aaip_push_to_recs(aaip, zero_char, 2, 0);
aaip->num_recs++;
aaip->num_components++;
aaip->end_of_components= aaip->recs_fill;
}
if(!(aaip->first_is_name ^ (aaip->num_components % 2))) {
/* value component is missing */
/* add dummy component */
aaip_push_to_recs(aaip, zero_char, 2, 0);
aaip->num_recs++;
aaip->num_components++;
aaip->end_of_components= aaip->recs_fill;
}
aaip->aa_ends= 2;
} else
aaip->aa_head_missing= 5;
}
return(0);
}
/* Submit small data chunk for decoding.
The return value will tell whether data are pending for being fetched.
@param aaip The AAIP decoder context
@param data Not more than 2048 bytes input for the decoder
@parm num_data Number of bytes in data
0 inquires the buffer status avoiding replies <= 0
@param ready_bytes Number of decoded bytes ready for delivery
@param flag Bitfield for control purposes
@return -1= non-AA field detected
*ready_bytes gives number of consumed bytes in data
0= cannot accept data because buffer full
1= no component record complete, submit more data
2= component record complete, may be delivered
3= component complete, may be delivered
4= no component available, no more data expected, done
*/
int aaip_submit_data(struct aaip_state *aaip,
unsigned char *data, size_t num_data,
size_t *ready_bytes, int flag)
{
int ret;
unsigned char *in_data;
if(aaip->aa_ends == 3)
return(4);
in_data= data;
if(num_data == 0)
goto ex;
if(aaip->recs_fill + num_data > Aaip_buffer_sizE)
return(0);
while(num_data > 0) {
if(aaip->aa_head_missing > 0) {
ret= aaip_consume_aa_head(aaip, &data, &num_data, 0);
if(ret < 0) {
*ready_bytes= data - in_data;
return(-1);
}
if(num_data == 0 || aaip->aa_missing <= 0)
goto ex;
}
aaip_consume_aa_data(aaip, &data, &num_data, 0);
if(aaip->aa_missing)
break;
}
ex:;
*ready_bytes= aaip->ready_bytes;
if(aaip->num_components > 0)
return(3);
if(aaip->num_recs > 0)
return(2);
if(aaip->aa_ends && aaip->aa_head_missing == 0 && aaip->aa_missing == 0)
aaip->aa_ends= 2;
if(aaip->aa_ends == 2 && aaip->num_recs == 0)
aaip->aa_ends= 3;
if(aaip->aa_ends == 3)
return(4);
return(1);
}
/* Fetch the available part of current component.
The return value will tell whether it belongs to name or to value and
whether that name or value is completed now.
@param aaip The AAIP decoder context
@param result Has to point to storage for the component data
@param result_size Gives the amount of provided result storage
@param num_result Will tell the number of fetched result bytes
@param flag Bitfield for control purposes
bit0= discard data rather than copying to result
@return -2 = insufficient result_size
-1 = no data ready for delivery
0 = result holds the final part of a name
1 = result holds an intermediate part of a name
2 = result holds the final part of a value
3 = result holds an intermediate part of a value
*/
int aaip_fetch_data(struct aaip_state *aaip,
char *result, size_t result_size, size_t *num_result,
int flag)
{
int ret= -1, complete= 0, payload;
unsigned int i, num_bytes= 0, h;
if(aaip->num_recs == 0)
return(-1);
/* Copy data until end of buffer or end of component */
h= 0;
for(i= 0; i < aaip->num_recs && !complete; i++) {
payload= aaip_get_buffer_byte(aaip, h + 1, 0);
if(!(flag & 1)) {
if(num_bytes + payload > result_size)
return(-2);
aaip_read_from_recs(aaip, h + 2, (unsigned char *) (result + num_bytes),
payload, 0);
*num_result= num_bytes + payload;
}
num_bytes+= payload;
if(!(aaip_get_buffer_byte(aaip, h, 0) & 1))
complete= 1;
h+= payload + 2;
}
aaip->ready_bytes-= num_bytes;
aaip->num_recs-= i;
/* Shift buffer */
aaip_shift_recs(aaip, h, 0);
/* Compute reply */
ret= 2 * !aaip->first_is_name;
if(complete) {
aaip->first_is_name= !aaip->first_is_name;
if(aaip->num_components > 0)
aaip->num_components--;
} else
ret|= 1;
return(ret);
}
/* Skip the current component and eventually the following value component.
This has to be called if fetching of a component shall be aborted
but the next component resp. pair shall be fetchable again.
aaip_submit_data() will not indicate readiness for fetching until all
bytes of the skipped components are submitted. Those bytes get discarded.
@param aaip The AAIP decoder context
@param flag Bitfield for control purposes
bit0= do not skip value if current component is name
@return <=0 error , 1= now in skip state, 2= not in skip state
*/
int aaip_skip_component(struct aaip_state *aaip, int flag)
{
int to_skip= 1;
if(aaip->first_is_name && !(flag & 1))
to_skip= 2;
if(aaip->recs_invalid) {
aaip->recs_invalid+= to_skip;
return(1);
}
if(aaip->num_components) {
/* null-fetch */
aaip_fetch_data(aaip, NULL, (size_t) 0, NULL, 1);
to_skip--;
}
if(aaip->num_components && to_skip) {
/* null-fetch */
aaip_fetch_data(aaip, NULL, (size_t) 0, NULL, 1);
to_skip--;
}
if(to_skip) {
aaip->recs_fill= 0;
aaip->num_recs= 0;
aaip->ready_bytes= 0;
}
aaip->recs_invalid= to_skip;
if(aaip->aa_ends == 2 && aaip->num_recs == 0)
aaip->aa_ends= 3;
return(1 + (aaip->num_recs > 0));
}
/* ------------------------- Pair Level Interface ------------------------ */
/*
@param flag Bitfield for control purposes
bit0= do not skip oversized component but return -2
@return see aaip_decode_pair
*/
static int aaip_advance_pair(struct aaip_state *aaip,
char *name, size_t name_size, size_t *name_fill,
char *value, size_t value_size, size_t *value_fill,
int flag)
{
int ret;
char *wpt;
size_t size, num;
retry:;
if(aaip->first_is_name) {
wpt= name + *name_fill;
size= name_size - *name_fill;
} else {
wpt= value + *value_fill;
size= value_size - *value_fill;
}
ret= aaip_fetch_data(aaip, wpt, size, &num, 0);
if(ret == -2) { /* insufficient result size */
if(flag & 1)
return(-2);
ret= aaip_skip_component(aaip, 0);
*name_fill= *value_fill= 0;
aaip->pairs_skipped++;
if(ret == 2) /* Skip performed, valid data pending */
goto retry;
} else if(ret == -1) { /* No data ready for delivery : may not happen */
return(-1);
} else if(ret == 0) { /* result holds the final part of a name */
(*name_fill)+= num;
/* peek for value data */
ret= aaip_submit_data(aaip, NULL, (size_t) 0, &num, 0);
if(ret == 2 || ret == 3) {
/* fetch value data */;
ret= aaip_advance_pair(aaip, name, name_size, name_fill,
value, value_size, value_fill, flag);
return ret;
} else if(ret == 4)
return(5);
} else if(ret == 1) { /* result holds an intermediate part of a name */
(*name_fill)+= num;
} else if(ret == 2) { /* result holds the final part of a value */
(*value_fill)+= num;
if(aaip->num_components >= 2)
return(3);
if(aaip->aa_ends == 2 && aaip->num_recs == 0)
aaip->aa_ends= 3;
if(aaip->aa_ends == 3)
return(4);
return(2);
} else if(ret == 3) {
/* result holds an intermediate part of a value */;
(*value_fill)+= num;
} else {
return(-1); /* unknown reply from aaip_fetch_data() */
}
return(1);
}
/* Accept raw input data and collect a pair of name and value.
The return value will indicate whether the pair is complete, whether more
pairs are complete or whether more data are desired. No input data will be
accepted as long as complete pairs are pending. The end of the attribute
list will be indicated.
@param aaip The AAIP decoder context
@param data The raw data to decode
@param num_data Number of data bytes provided
@param consumed Returns the number of consumed data bytes
@param name Buffer to build the name string
@param name_size Maximum number of bytes in name
@param name_fill Holds the current buffer fill of name
@param value Buffer to build the value string
@param value_size Maximum number of bytes in value
@param value_fill Holds the current buffer fill of value
@param flag Bitfield for control purposes
bit0= do not skip oversized pair but return -2
@return <0 error
-3 buffer full (program error)
-2 insufficient result_size (only with flag bit0)
-1 non-AA field detected
0 data not accepted, first fetch pending pairs with num_data == 0
1 name and value are not valid yet, submit more data
2 name and value are valid, submit more data
3 name and value are valid, pairs pending, fetch with num_data == 0
4 name and value are valid, no more data expected
5 name and value are not valid, no more data expected
*/
int aaip_decode_pair(struct aaip_state *aaip,
unsigned char *data, size_t num_data, size_t *consumed,
char *name, size_t name_size, size_t *name_fill,
char *value, size_t value_size, size_t *value_fill,
int flag)
{
int ret;
size_t ready_bytes;
*consumed= 0;
if(aaip->pair_status < 0 || aaip->pair_status == 4 ||
aaip->pair_status == 5) { /* dead ends */
ret= aaip->pair_status;
goto ex;
} else if(aaip->pair_status == 2 || aaip->pair_status == 3) {
if(aaip->pair_status == 3 && num_data > 0)
{ret= 0; goto ex;}
/* Start a new pair */
if(!aaip->first_is_name) /* Eventually skip orphaned value */
aaip_fetch_data(aaip, NULL, (size_t) 0, NULL, 1);
*name_fill= *value_fill= 0;
}
if(num_data > 0) {
ret= aaip_submit_data(aaip, data, num_data, &ready_bytes, 0);
} else {
ret= 1;
if(aaip->num_components)
ret= 3;
else if(aaip->num_recs)
ret= 2;
}
if(ret < 0) { /* non-AA field detected */
*consumed= ready_bytes;
{ret= -1; goto ex;}
} else if(ret == 0) { /* buffer overflow */;
/* should not happen with correct usage */
{ret= -3; goto ex;}
} else if(ret == 1) { /* no component record complete */
goto ex;
} else if(ret == 2) { /* component record complete, may be delivered */
;
} else if(ret == 3) { /* component complete, may be delivered */
;
} else if(ret == 4) { /* no component available, no more data expected */
{ret= 5; goto ex;}
} else
{ret= -1; goto ex;} /* unknown reply from aaip_submit_data() */
*consumed= num_data;
ret= aaip_advance_pair(aaip, name, name_size, name_fill,
value, value_size, value_fill, flag & 1);
if(aaip->aa_ends == 3) {
if(ret >= 2 && ret <= 4)
ret= 4;
else
ret= 5;
}
ex:;
aaip->pair_status= ret;
return(ret);
}
unsigned int aaip_get_pairs_skipped(struct aaip_state *aaip, int flag)
{
return(aaip->pairs_skipped);
}
/* ------------------------- List Level Interface ------------------------ */
#define Aaip_initial_name_leN 256
#define Aaip_initial_value_leN 256
#define Aaip_initial_list_sizE 2
#define Aaip_list_enlargeR 1.5
/*
@param flag Bitfield for control purposes
bit0= do not update *buf_size
*/
static int aaip_enlarge_buf(struct aaip_state *aaip, size_t memory_limit,
size_t item_size, char **buf, size_t *buf_size, int flag)
{
size_t new_size;
char *new_buf;
new_size= *buf_size * Aaip_list_enlargeR;
if(aaip->list_mem_used + (new_size - *buf_size) * item_size >= memory_limit)
return(3);
aaip->list_mem_used+= (new_size - *buf_size) * item_size;
new_buf= realloc(*buf, new_size * item_size);
if(new_buf == NULL)
return(-1);
*buf= new_buf;
if(!(flag & 1))
*buf_size= new_size;
return(1);
}
/* Accept raw input data and collect arrays of name pointers, value lengths
and value pointers. A handle object will emerge which finally has to be
be freed by a call with bit 15.
@param handle The decoding context.
It will be created by this call with flag bit 0 or if
*handle == NULL. This handle has to be the same as long
as decoding goes on and finally has to be freed by a
call with bit15.
@param aa_name The Signature Word (advised is "AA")
@param memory_limit Maximum number of bytes to allocate
@param num_attr_limit Maximum number of name-value pairs to allocate
@param data The raw data to decode
@param num_data Number of data bytes provided
@param consumed Returns the number of consumed data bytes
@param flag Bitfield for control purposes
bit0= this is the first call with the given handle
(also in effect if *handle is NULL)
bit15= end decoding :
Free handle and its intermediate list memory.
@return <=0 error
-3 program error, unexpected reply from lower layers
-2 non-AA-field detected, arrays are complete,
call aaip_get_decoded_attrs()
-1 out of memory
1 not complete yet, submit more data
2 arrays are complete, call aaip_get_decoded_attrs()
3 limit exceeded, not complete yet,
enlarge memory_limit or call with bit15 and give up
4 limit exceeded, call aaip_get_decoded_attrs() and try again
*/
int aaip_decode_attrs(struct aaip_state **handle, char aa_name[2],
size_t memory_limit, size_t num_attr_limit,
unsigned char *data, size_t num_data, size_t *consumed,
int flag)
{
int ret, was_non_aa= 0;
struct aaip_state *aaip;
size_t h_num, *h_lengths, i, new_mem;
char **h_names, **h_values;
if(flag & (1 << 15)) {
if(*handle == NULL)
return(0);
ret= aaip_get_decoded_attrs(handle, &h_num, &h_names, &h_lengths, &h_values,
0);
if(ret > 0)
aaip_get_decoded_attrs(handle, &h_num, &h_names, &h_lengths, &h_values,
1 << 15);
if((*handle)->name_buf != NULL)
free((*handle)->name_buf);
if((*handle)->value_buf != NULL)
free((*handle)->value_buf);
free((char *) *handle);
*handle= NULL;
return(1);
}
aaip= *handle;
if(aaip == NULL || (flag & 1)) {
aaip= *handle= calloc(1, sizeof(struct aaip_state));
if(*handle == NULL)
return(-1);
aaip_init_aaip_state(*handle, aa_name, 0);
}
if(aaip->list_names == NULL || aaip->list_values == NULL ||
aaip->list_value_lengths == NULL) {
/* Initialize arrays */
aaip->list_size= Aaip_initial_list_sizE;
if(num_attr_limit > 0 && num_attr_limit < aaip->list_size)
aaip->list_size= num_attr_limit;
new_mem= aaip->list_size * (2*sizeof(char *) + sizeof(size_t)) +
Aaip_initial_name_leN + Aaip_initial_value_leN;
if(aaip->list_mem_used + new_mem >= memory_limit)
return(3);
aaip->list_mem_used+= new_mem;
aaip->list_names= calloc(sizeof(char *), aaip->list_size);
aaip->list_value_lengths= calloc(sizeof(size_t), aaip->list_size);
aaip->list_values= calloc(sizeof(char *), aaip->list_size);
if(aaip->list_names == NULL || aaip->list_value_lengths == NULL ||
aaip->list_values == NULL)
return(-1);
for(i= 0; i < aaip->list_size; i++) {
aaip->list_names[i]= NULL;
aaip->list_value_lengths[i]= 0;
aaip->list_values[i]= NULL;
}
}
if(aaip->name_buf == NULL || aaip->value_buf == NULL) {
new_mem= Aaip_initial_name_leN + Aaip_initial_value_leN;
if(aaip->list_mem_used >= memory_limit)
return(3);
aaip->list_mem_used+= new_mem;
aaip->name_buf= calloc(sizeof(char *), Aaip_initial_name_leN);
aaip->value_buf= calloc(sizeof(char *), Aaip_initial_value_leN);
if(aaip->name_buf == NULL || aaip->value_buf == NULL)
return(-1);
aaip->name_buf_size= Aaip_initial_name_leN;
aaip->value_buf_size= Aaip_initial_name_leN;
}
while(1) {
if(aaip->list_pending_pair > 0) {
/* the buffer holds a complete pair from a previous memory limit refusal */
ret= aaip->list_pending_pair;
aaip->list_pending_pair= 0;
} else {
ret= aaip_decode_pair(aaip, data, num_data, consumed,
aaip->name_buf, aaip->name_buf_size, &aaip->name_buf_fill,
aaip->value_buf, aaip->value_buf_size, &aaip->value_buf_fill,
1);
}
if(ret == -2) { /* insufficient result_size */
if(aaip->first_is_name)
ret= aaip_enlarge_buf(aaip, memory_limit, (size_t) 1, &(aaip->name_buf),
&(aaip->name_buf_size), 0);
else
ret= aaip_enlarge_buf(aaip, memory_limit, (size_t) 1,
&(aaip->value_buf), &(aaip->value_buf_size), 0);
if(ret != 1)
return(ret);
} else if(ret == -1) { /* non-AA field detected */
was_non_aa= 1;
} else if(ret < 0) { /* other error */
return(-3);
} else if(ret == 0) { /* first fetch pending pairs with num_data == 0 */
/* should not happen, fetch more pairs */;
} else if(ret == 1) {
/* name and value are not valid yet, submit more data */
return(1);
} else if(ret == 2 || ret == 3 || ret == 4) {
/* name and value are valid, submit more data */
/* name and value are valid, pairs pending, fetch with num_data == 0 */
/* name and value are valid, no more data expected */
aaip->list_pending_pair= ret;
if(aaip->list_num_attrs >= aaip->list_size) {
ret= aaip_enlarge_buf(aaip, memory_limit, sizeof(char *),
(char **) &(aaip->list_names), &(aaip->list_size), 1);
if(ret != 1)
return(ret);
ret= aaip_enlarge_buf(aaip, memory_limit, sizeof(char *),
(char **) &(aaip->list_values), &(aaip->list_size), 1);
if(ret != 1)
return(ret);
ret= aaip_enlarge_buf(aaip, memory_limit, sizeof(size_t),
(char **) &(aaip->list_value_lengths), &(aaip->list_size), 0);
if(ret != 1)
return(ret);
}
/* Allocate name and value in list */;
if(aaip->list_mem_used + aaip->name_buf_fill + aaip->value_buf_fill + 2
> memory_limit) {
return(3);
}
aaip->list_mem_used+= aaip->name_buf_fill + aaip->value_buf_fill + 2;
i= aaip->list_num_attrs;
aaip->list_names[i]= calloc(aaip->name_buf_fill + 1, 1);
aaip->list_values[i]= calloc(aaip->value_buf_fill + 1, 1);
memcpy(aaip->list_names[i], aaip->name_buf, aaip->name_buf_fill);
aaip->list_names[i][aaip->name_buf_fill]= 0;
memcpy(aaip->list_values[i], aaip->value_buf, aaip->value_buf_fill);
aaip->list_values[i][aaip->value_buf_fill]= 0;
aaip->list_value_lengths[i]= aaip->value_buf_fill;
aaip->list_num_attrs++;
aaip->name_buf_fill= aaip->value_buf_fill= 0;
aaip->list_pending_pair= 0;
if(ret == 2)
return(1);
if(ret == 4)
break;
} else if(ret == 5)
break;
else
return(-2);
num_data= 0; /* consume pending pairs */
}
aaip->list_pending_pair= 5;
return(2);
}
/* Obtain the resulting attributes when aaip_decode_attrs() indicates to
be done or to have the maximum possible amount of result ready.
The returned data objects finally have to be freed by a call with flag
bit 15.
@param handle The decoding context created by aaip_decode_attrs()
@param num_attrs Will return the number of name-value pairs
@param names Will return an array of pointers to 0-terminated names
@param value_lengths Will return an arry with the lenghts of values
@param values Will return an array of pointers to 8-bit values
@param flag Bitfield for control purposes
bit15= free memory of names, value_lengths, values
@return <0 error
0 no attribute list ready
1 ok
*/
int aaip_get_decoded_attrs(struct aaip_state **handle, size_t *num_attrs,
char ***names, size_t **value_lengths, char ***values,
int flag)
{
size_t i;
struct aaip_state *aaip;
aaip= *((struct aaip_state **) handle);
if(flag & (1 << 15)) {
if(*names != NULL) {
for(i= 0; i < *num_attrs; i++) {
if((*names)[i] != NULL)
free((*names)[i]);
(*names)[i]= NULL;
}
free(*names);
*names= NULL;
}
if(*values != NULL) {
for(i= 0; i < *num_attrs; i++) {
if((*values)[i] != NULL)
free((*values)[i]);
(*values)[i]= NULL;
}
free(*values);
*values= NULL;
}
if(*value_lengths != NULL)
free(*value_lengths);
*value_lengths= NULL;
*num_attrs= 0;
return(1);
}
/* Check whether decoding is finished yet */
if(aaip->list_pending_pair != 5)
return(0);
*num_attrs= aaip->list_num_attrs;
*names= aaip->list_names;
*value_lengths= aaip->list_value_lengths;
*values= aaip->list_values;
/* Now the memory is owned by the caller */
aaip->list_num_attrs= 0;
aaip->list_names= NULL;
aaip->list_value_lengths= NULL;
aaip->list_values= NULL;
aaip->list_size= 0;
aaip->list_pending_pair= 0;
return(1);
}
2008-12-26 12:40:04 +00:00
/* ------ Decoder for ACLs ------ */
static int aaip_write_acl_line(char **result, size_t *result_size,
char *tag_type, char *qualifier,
char *permissions, int flag)
{
size_t needed, tag_len, perm_len, qualifier_len;
tag_len= strlen(tag_type);
qualifier_len= strlen(qualifier);
perm_len= strlen(permissions);
needed= tag_len + qualifier_len + perm_len + 3;
if((flag & 1)) {
(*result_size)+= needed;
return(1);
}
if(needed + 1 > *result_size) /* +1 : want to append a trailing 0 */
return(-1);
memcpy((*result), tag_type, tag_len);
(*result)[tag_len]= ':';
memcpy((*result) + tag_len + 1, qualifier, qualifier_len);
(*result)[tag_len + 1 + qualifier_len]= ':';
memcpy((*result) + tag_len + 1 + qualifier_len + 1, permissions, perm_len);
(*result)[tag_len + 1 + qualifier_len + 1 + perm_len]= '\n';
(*result)[tag_len + 1 + qualifier_len + 1 + perm_len + 1] = 0;
(*result)+= needed;
(*result_size)-= needed;
return(1);
}
static int aaip_read_qualifier(unsigned char *data, size_t num_data,
char *name, size_t name_size, size_t *name_fill,
int flag)
{
int is_done= 0, rec_len= 0;
unsigned char *rpt;
*name_fill= 0;
for(rpt= data; !is_done; rpt+= rec_len) {
rec_len= (*rpt) & 127;
is_done= !((*rpt) & 128);
if(*name_fill + rec_len >= name_size || rpt + 1 + rec_len - data > num_data)
return(-1);
memcpy(name + *name_fill, rpt + 1, rec_len);
rpt+= 1 + rec_len;
(*name_fill)+= rec_len;
name[*name_fill]= 0;
}
return(1);
}
/* Convert an AAIP ACL attribute value into the long text form of ACL.
@param data The raw data to decode
@param num_data Number of data bytes provided
@param consumed Returns the number of consumed data bytes
@param acl_text Will be filled with ACL long text form
@param acl_text_size Maximum number of bytes to be written to acl_text
@param acl_text_fill Will return the number of bytes in acl_text
@param flag Bitfield for control purposes
bit0= count only, do not really produce bytes:
acl_text will not be touched,
acl_text_size will be ignored,
*acl_text_fill will return the counted number
plus 1 for a trailing zero.
bit1= expected is a default ACL (see return value 2)
@return 1 success
2 success, begin of default/access ACL encountered,
submit data + *consumed for access/default ACL
-1 error with reading of qualifier
-2 error with writing of ACL text line
-3 version mismatch
-4 unknown tag type encountered
*/
int aaip_decode_acl(unsigned char *data, size_t num_data, size_t *consumed,
char *acl_text, size_t acl_text_size,
size_t *acl_text_fill, int flag)
{
unsigned char *rpt;
char perm_text[4], *wpt, name[1024];
int type, qualifier= 0, perm, ret, i, cnt;
size_t w_size, name_fill;
uid_t uid;
gid_t gid;
struct passwd *pwd;
struct group *grp;
cnt= flag & 1;
*consumed= 0;
wpt= acl_text;
w_size= acl_text_size;
*acl_text_fill= 0;
for(rpt= data; rpt - data < num_data; ) {
perm= *rpt;
strcpy(perm_text, "---");
if(perm & Aaip_READ)
perm_text[0]= 'r';
if(perm & Aaip_WRITE)
perm_text[1]= 'w';
if(perm & Aaip_EXEC)
perm_text[2]= 'x';
type= (*rpt) >> 4;
if(type == Aaip_FUTURE_VERSION) /* indicate to caller: version mismatch */
return(-3);
qualifier= !!((*rpt) & 8);
if(qualifier) {
ret= aaip_read_qualifier(rpt + 1, num_data - (rpt + 1 - data),
name, sizeof(name), &name_fill, 0);
if(ret <= 0)
return(-1);
}
/* Advance read pointer */
(*consumed)+= 1 + (qualifier ? name_fill + 1 : 0);
rpt+= 1 + (qualifier ? name_fill + 1 : 0);
ret= 1;
if(type == Aaip_TRANSLATE) {
/* rightfully ignored yet */;
continue;
} else if(type == Aaip_ACL_USER_OBJ) {
/* user::rwx */
ret= aaip_write_acl_line(&wpt, &w_size, "user", "", perm_text, cnt);
} else if(type == Aaip_ACL_USER) {
/* user:<username>:rwx */;
ret= aaip_write_acl_line(&wpt, &w_size, "user", name, perm_text, cnt);
} else if(type == Aaip_ACL_GROUP_OBJ) {
/* user::rwx */
ret= aaip_write_acl_line(&wpt, &w_size, "group", "", perm_text, cnt);
} else if(type == Aaip_ACL_GROUP) {
/* group:<groupname>:rwx */;
ret= aaip_write_acl_line(&wpt, &w_size, "group", name, perm_text, cnt);
} else if(type == Aaip_ACL_MASK) {
/* mask::rwx */
ret= aaip_write_acl_line(&wpt, &w_size, "mask", "", perm_text, cnt);
} else if(type == Aaip_ACL_OTHER) {
/* other::rwx */
ret= aaip_write_acl_line(&wpt, &w_size, "other", "", perm_text, cnt);
} else if(type == Aaip_SWITCH_MARK) {
/* Indicate to caller: end of desired ACL type access/default */
if((!(perm & Aaip_EXEC)) ^ (!!(flag & 2)))
return(2);
} else if(type == Aaip_ACL_USER_N) {
/* determine username from uid */
uid= 0;
for(i= 0; i < name_fill; i++)
uid= (uid << 8) | ((unsigned char *) name)[i];
pwd= getpwuid(uid);
if(pwd == NULL)
sprintf(name, "%.f", (double) uid);
else if(strlen(pwd->pw_name) >= sizeof(name))
sprintf(name, "%.f", (double) uid);
else
strcpy(name, pwd->pw_name);
/* user:<username>:rwx */;
ret= aaip_write_acl_line(&wpt, &w_size, "user", name, perm_text, cnt);
} else if(type == Aaip_ACL_GROUP_N) {
/* determine username from gid */;
gid= 0;
for(i= 0; i < name_fill; i++)
gid= (gid << 8) | ((unsigned char *) name)[i];
grp= getgrgid(gid);
if(grp == NULL)
sprintf(name, "%.f", (double) gid);
else if(strlen(grp->gr_name) >= sizeof(name))
sprintf(name, "%.f", (double) gid);
else
strcpy(name, grp->gr_name);
/* user:<username>:rwx */;
ret= aaip_write_acl_line(&wpt, &w_size, "group", name, perm_text, cnt);
} else {
/* indicate to caller: unknown type */
return(-4);
}
if(ret <= 0)
return(-2);
}
if(flag & 1)
*acl_text_fill= w_size + 1;
return(1);
}
/* ----------------------- Adapter for operating systems ----------------- */
#ifdef __FreeBSD__
#include "aaip-os-freebsd.c"
#else
#include "aaip-os-linux.c"
#endif