New flag bit2 of iso_node_set_acl_text() to be verbous about failures
This commit is contained in:
parent
eb7dc408e0
commit
130b46cf71
@ -7,7 +7,7 @@
|
|||||||
See libisofs/aaip_0_2.h
|
See libisofs/aaip_0_2.h
|
||||||
http://libburnia-project.org/wiki/AAIP
|
http://libburnia-project.org/wiki/AAIP
|
||||||
|
|
||||||
Copyright (c) 2009 - 2016 Thomas Schmitt
|
Copyright (c) 2009 - 2019 Thomas Schmitt
|
||||||
|
|
||||||
This file is part of the libisofs project; you can redistribute it and/or
|
This file is part of the libisofs project; you can redistribute it and/or
|
||||||
modify it under the terms of the GNU General Public License version 2
|
modify it under the terms of the GNU General Public License version 2
|
||||||
@ -32,6 +32,7 @@
|
|||||||
|
|
||||||
#include "libisofs.h"
|
#include "libisofs.h"
|
||||||
#include "util.h"
|
#include "util.h"
|
||||||
|
#include "messages.h"
|
||||||
|
|
||||||
/*
|
/*
|
||||||
#define Aaip_encode_debuG 1
|
#define Aaip_encode_debuG 1
|
||||||
@ -280,6 +281,7 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode,
|
|||||||
bit2= this is a default ACL, prepend SWITCH_MARK
|
bit2= this is a default ACL, prepend SWITCH_MARK
|
||||||
bit3= check for completeness of list and eventually
|
bit3= check for completeness of list and eventually
|
||||||
fill up with entries deduced from st_mode
|
fill up with entries deduced from st_mode
|
||||||
|
bit4= be verbous about failure causes
|
||||||
@return >0 means ok
|
@return >0 means ok
|
||||||
<=0 means error
|
<=0 means error
|
||||||
-1= out of memory
|
-1= out of memory
|
||||||
@ -295,7 +297,7 @@ int aaip_encode_acl(char *acl_text, mode_t st_mode,
|
|||||||
*result= NULL;
|
*result= NULL;
|
||||||
*result_len= 0;
|
*result_len= 0;
|
||||||
bytes= aaip_encode_acl_text(acl_text, st_mode,
|
bytes= aaip_encode_acl_text(acl_text, st_mode,
|
||||||
(size_t) 0, NULL, 1 | (flag & (2 | 4 | 8)));
|
(size_t) 0, NULL, 1 | (flag & (2 | 4 | 8 | 16)));
|
||||||
if(bytes < -2)
|
if(bytes < -2)
|
||||||
return(bytes);
|
return(bytes);
|
||||||
if(bytes < 0)
|
if(bytes < 0)
|
||||||
@ -310,7 +312,7 @@ int aaip_encode_acl(char *acl_text, mode_t st_mode,
|
|||||||
(*result)[bytes]= 0;
|
(*result)[bytes]= 0;
|
||||||
*result_len= bytes;
|
*result_len= bytes;
|
||||||
bytes= aaip_encode_acl_text(acl_text, st_mode, *result_len, *result,
|
bytes= aaip_encode_acl_text(acl_text, st_mode, *result_len, *result,
|
||||||
(flag & (2 | 4 | 8)));
|
(flag & (2 | 4 | 8 | 16)));
|
||||||
if(bytes < -2)
|
if(bytes < -2)
|
||||||
return(bytes);
|
return(bytes);
|
||||||
if(bytes < 0)
|
if(bytes < 0)
|
||||||
@ -362,6 +364,7 @@ static int aaip_make_aaip_perms(int r, int w, int x)
|
|||||||
bit2= this is a default ACL, prepend SWITCH_MARK 1
|
bit2= this is a default ACL, prepend SWITCH_MARK 1
|
||||||
bit3= check for completeness of list and eventually
|
bit3= check for completeness of list and eventually
|
||||||
fill up with entries deduced from st_mode
|
fill up with entries deduced from st_mode
|
||||||
|
bit4= be verbous about failure causes
|
||||||
@return >=0 number of bytes produced resp. counted
|
@return >=0 number of bytes produced resp. counted
|
||||||
<0 means error
|
<0 means error
|
||||||
-1: result size overflow
|
-1: result size overflow
|
||||||
@ -388,7 +391,7 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode,
|
|||||||
/* set SWITCH_MARK to indicate a default ACL */;
|
/* set SWITCH_MARK to indicate a default ACL */;
|
||||||
if(!(flag & 1)) {
|
if(!(flag & 1)) {
|
||||||
if((size_t) count >= result_size)
|
if((size_t) count >= result_size)
|
||||||
{ret= -1; goto ex;}
|
goto result_size_overflow;
|
||||||
result[count]= (Aaip_SWITCH_MARK << 4) | Aaip_EXEC;
|
result[count]= (Aaip_SWITCH_MARK << 4) | Aaip_EXEC;
|
||||||
}
|
}
|
||||||
count++;
|
count++;
|
||||||
@ -417,6 +420,9 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode,
|
|||||||
/* >>> Duplicate u:: entry. */;
|
/* >>> Duplicate u:: entry. */;
|
||||||
/* >>> ??? If it matches the previous one: ignore */
|
/* >>> ??? If it matches the previous one: ignore */
|
||||||
|
|
||||||
|
if(flag & 16)
|
||||||
|
iso_msg_submit(-1, ISO_AAIP_ACL_MULT_OBJ, 0,
|
||||||
|
"Duplicate u:: entry detected in ACL text");
|
||||||
ret = ISO_AAIP_ACL_MULT_OBJ;
|
ret = ISO_AAIP_ACL_MULT_OBJ;
|
||||||
goto ex;
|
goto ex;
|
||||||
}
|
}
|
||||||
@ -434,6 +440,9 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode,
|
|||||||
num= aaip_numeric_id(name, 0);
|
num= aaip_numeric_id(name, 0);
|
||||||
if(num <= 0) {
|
if(num <= 0) {
|
||||||
/* ACL_USER is not part of AAIP 2.0 */
|
/* ACL_USER is not part of AAIP 2.0 */
|
||||||
|
if(flag & 16)
|
||||||
|
iso_msg_submit(-1, ISO_AAIP_BAD_ACL_TEXT, 0,
|
||||||
|
"Unknown user name found in ACL text: '%s'", name);
|
||||||
{ret= -2; goto ex;}
|
{ret= -2; goto ex;}
|
||||||
}
|
}
|
||||||
uid= huid= num;
|
uid= huid= num;
|
||||||
@ -463,6 +472,9 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode,
|
|||||||
/* >>> Duplicate g:: entry. */;
|
/* >>> Duplicate g:: entry. */;
|
||||||
/* >>> ??? If it matches the previous one: ignore */
|
/* >>> ??? If it matches the previous one: ignore */
|
||||||
|
|
||||||
|
if(flag & 16)
|
||||||
|
iso_msg_submit(-1, ISO_AAIP_ACL_MULT_OBJ, 0,
|
||||||
|
"Duplicate g:: entry detected in ACL text");
|
||||||
ret = ISO_AAIP_ACL_MULT_OBJ;
|
ret = ISO_AAIP_ACL_MULT_OBJ;
|
||||||
goto ex;
|
goto ex;
|
||||||
}
|
}
|
||||||
@ -480,6 +492,9 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode,
|
|||||||
num= aaip_numeric_id(name, 0);
|
num= aaip_numeric_id(name, 0);
|
||||||
if(num <= 0) {
|
if(num <= 0) {
|
||||||
/* ACL_GROUP is not part of AAIP 2.0 */
|
/* ACL_GROUP is not part of AAIP 2.0 */
|
||||||
|
if(flag & 16)
|
||||||
|
iso_msg_submit(-1, ISO_AAIP_BAD_ACL_TEXT, 0,
|
||||||
|
"Unknown group name found in ACL text: '%s'", name);
|
||||||
{ret= -2; goto ex;}
|
{ret= -2; goto ex;}
|
||||||
}
|
}
|
||||||
gid= hgid= num;
|
gid= hgid= num;
|
||||||
@ -508,6 +523,9 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode,
|
|||||||
/* >>> Duplicate o:: entry. */;
|
/* >>> Duplicate o:: entry. */;
|
||||||
/* >>> ??? If it matches the previous one: ignore */
|
/* >>> ??? If it matches the previous one: ignore */
|
||||||
|
|
||||||
|
if(flag & 16)
|
||||||
|
iso_msg_submit(-1, ISO_AAIP_ACL_MULT_OBJ, 0,
|
||||||
|
"Duplicate o:: entry detected in ACL text");
|
||||||
ret = ISO_AAIP_ACL_MULT_OBJ;
|
ret = ISO_AAIP_ACL_MULT_OBJ;
|
||||||
goto ex;
|
goto ex;
|
||||||
}
|
}
|
||||||
@ -524,7 +542,7 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode,
|
|||||||
|
|
||||||
if(!(flag & 1)) {
|
if(!(flag & 1)) {
|
||||||
if((size_t) count >= result_size)
|
if((size_t) count >= result_size)
|
||||||
{ret= -1; goto ex;}
|
goto result_size_overflow;
|
||||||
result[count]= perms | ((!!qualifier) << 3) | (type << 4);
|
result[count]= perms | ((!!qualifier) << 3) | (type << 4);
|
||||||
}
|
}
|
||||||
count++;
|
count++;
|
||||||
@ -533,7 +551,7 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode,
|
|||||||
num_recs= (qualifier_len / 127) + !!(qualifier_len % 127);
|
num_recs= (qualifier_len / 127) + !!(qualifier_len % 127);
|
||||||
if(!(flag & 1)) {
|
if(!(flag & 1)) {
|
||||||
if((size_t) (count + 1) > result_size)
|
if((size_t) (count + 1) > result_size)
|
||||||
{ret= -1; goto ex;}
|
goto result_size_overflow;
|
||||||
for(i= 0; i < num_recs; i++) {
|
for(i= 0; i < num_recs; i++) {
|
||||||
if(i < num_recs - 1)
|
if(i < num_recs - 1)
|
||||||
result[count++]= 255;
|
result[count++]= 255;
|
||||||
@ -543,7 +561,7 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode,
|
|||||||
result[count - 1]= 127;
|
result[count - 1]= 127;
|
||||||
}
|
}
|
||||||
if((size_t) (count + (result[count - 1] & 127)) > result_size)
|
if((size_t) (count + (result[count - 1] & 127)) > result_size)
|
||||||
{ret= -1; goto ex;}
|
goto result_size_overflow;
|
||||||
memcpy(result + count, name + i * 127, result[count - 1] & 127);
|
memcpy(result + count, name + i * 127, result[count - 1] & 127);
|
||||||
count+= result[count - 1] & 127;
|
count+= result[count - 1] & 127;
|
||||||
}
|
}
|
||||||
@ -558,7 +576,7 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode,
|
|||||||
count+= needed;
|
count+= needed;
|
||||||
else {
|
else {
|
||||||
if((size_t) (count + needed) > result_size)
|
if((size_t) (count + needed) > result_size)
|
||||||
{ret= -1; goto ex;}
|
goto result_size_overflow;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ((flag & 8) && needed > 0 && !(flag & 1)) {
|
if ((flag & 8) && needed > 0 && !(flag & 1)) {
|
||||||
@ -587,6 +605,13 @@ static ssize_t aaip_encode_acl_text(char *acl_text, mode_t st_mode,
|
|||||||
ex:;
|
ex:;
|
||||||
LIBISO_FREE_MEM(name);
|
LIBISO_FREE_MEM(name);
|
||||||
return(ret);
|
return(ret);
|
||||||
|
|
||||||
|
result_size_overflow:;
|
||||||
|
if(flag & 16)
|
||||||
|
iso_msg_submit(-1, ISO_ASSERT_FAILURE, 0,
|
||||||
|
"Program error: Text to ACL conversion result size overflow");
|
||||||
|
ret= -1;
|
||||||
|
goto ex;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -598,13 +623,14 @@ int aaip_encode_both_acl(char *a_acl_text, char *d_acl_text, mode_t st_mode,
|
|||||||
unsigned char *a_acl= NULL, *d_acl= NULL, *acl= NULL;
|
unsigned char *a_acl= NULL, *d_acl= NULL, *acl= NULL;
|
||||||
|
|
||||||
if(a_acl_text != NULL) {
|
if(a_acl_text != NULL) {
|
||||||
ret= aaip_encode_acl(a_acl_text, st_mode, &a_acl_len, &a_acl, flag & 11);
|
ret= aaip_encode_acl(a_acl_text, st_mode, &a_acl_len, &a_acl,
|
||||||
|
flag & (1 | 2 | 8 | 16));
|
||||||
if(ret <= 0)
|
if(ret <= 0)
|
||||||
goto ex;
|
goto ex;
|
||||||
}
|
}
|
||||||
if(d_acl_text != NULL) {
|
if(d_acl_text != NULL) {
|
||||||
ret= aaip_encode_acl(d_acl_text, (mode_t) 0, &d_acl_len, &d_acl,
|
ret= aaip_encode_acl(d_acl_text, (mode_t) 0, &d_acl_len, &d_acl,
|
||||||
(flag & 3) | 4);
|
(flag & (1 | 2 | 16)) | 4);
|
||||||
if(ret <= 0)
|
if(ret <= 0)
|
||||||
goto ex;
|
goto ex;
|
||||||
}
|
}
|
||||||
|
@ -7416,9 +7416,13 @@ int iso_node_get_acl_text(IsoNode *node,
|
|||||||
* the permissions of newly created files.)
|
* the permissions of newly created files.)
|
||||||
* @param flag
|
* @param flag
|
||||||
* Bitfield for control purposes
|
* Bitfield for control purposes
|
||||||
* bit1= ignore text parameters but rather update eventual "access" ACL
|
* bit0= Do not change the stat(2) permissions.
|
||||||
|
* Caution: This can make the node's permission set inconsistent.
|
||||||
|
* bit1= Ignore text parameters but rather update the "access" ACL
|
||||||
* to the stat(2) permissions of node. If no "access" ACL exists,
|
* to the stat(2) permissions of node. If no "access" ACL exists,
|
||||||
* then do nothing and return success.
|
* then do nothing and return success.
|
||||||
|
* bit2= Be verbous about failure causes.
|
||||||
|
* @since 1.5.2
|
||||||
* @return
|
* @return
|
||||||
* > 0 success
|
* > 0 success
|
||||||
* < 0 failure
|
* < 0 failure
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2007 Vreixo Formoso
|
* Copyright (c) 2007 Vreixo Formoso
|
||||||
* Copyright (c) 2009 - 2016 Thomas Schmitt
|
* Copyright (c) 2009 - 2019 Thomas Schmitt
|
||||||
*
|
*
|
||||||
* This file is part of the libisofs project; you can redistribute it and/or
|
* This file is part of the libisofs project; you can redistribute it and/or
|
||||||
* modify it under the terms of the GNU General Public License version 2
|
* modify it under the terms of the GNU General Public License version 2
|
||||||
@ -2261,12 +2261,14 @@ int iso_node_set_acl_text(IsoNode *node, char *access_text, char *default_text,
|
|||||||
goto ex;
|
goto ex;
|
||||||
}
|
}
|
||||||
ret = aaip_encode_both_acl(a_text, d_text, st_mode,
|
ret = aaip_encode_both_acl(a_text, d_text, st_mode,
|
||||||
&acl_len, &acl, 2 | 8);
|
&acl_len, &acl,
|
||||||
|
2 | 8 | ((flag & 4) << 2));
|
||||||
} else {
|
} else {
|
||||||
ret = 1;
|
ret = 1;
|
||||||
if (access_text != NULL || default_text != NULL)
|
if (access_text != NULL || default_text != NULL)
|
||||||
ret = aaip_encode_both_acl(access_text, default_text, st_mode,
|
ret = aaip_encode_both_acl(access_text, default_text, st_mode,
|
||||||
&acl_len, &acl, 2 | 8);
|
&acl_len, &acl,
|
||||||
|
2 | 8 | ((flag & 4) << 2));
|
||||||
}
|
}
|
||||||
if (ret == -1)
|
if (ret == -1)
|
||||||
ret = ISO_OUT_OF_MEM;
|
ret = ISO_OUT_OF_MEM;
|
||||||
@ -2325,7 +2327,8 @@ int iso_node_set_acl_text(IsoNode *node, char *access_text, char *default_text,
|
|||||||
goto ex;
|
goto ex;
|
||||||
}
|
}
|
||||||
ret = aaip_encode_both_acl(access_text, default_text,
|
ret = aaip_encode_both_acl(access_text, default_text,
|
||||||
st_mode, &acl_len, &acl, 2 | 8);
|
st_mode, &acl_len, &acl,
|
||||||
|
2 | 8 | ((flag & 4) << 2));
|
||||||
if (ret < -3)
|
if (ret < -3)
|
||||||
goto ex;
|
goto ex;
|
||||||
if (ret <= 0) {
|
if (ret <= 0) {
|
||||||
|
Loading…
Reference in New Issue
Block a user