search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add an entry for the "check" command to the tdbtool manpage.
[Samba/gebeck_regimport.git] / source3 / libsmb / libsmb_xattr.c
blobea2c46953c7a612a9993a86f263063a660dd3242
1 /*
2 Unix SMB/Netbios implementation.
3 SMB client library implementation
4 Copyright (C) Andrew Tridgell 1998
5 Copyright (C) Richard Sharpe 2000, 2002
6 Copyright (C) John Terpstra 2000
7 Copyright (C) Tom Jansen (Ninja ISD) 2002
8 Copyright (C) Derrell Lipman 2003-2008
9 Copyright (C) Jeremy Allison 2007, 2008
10
11 This program is free software; you can redistribute it and/or modify
12 it under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 3 of the License, or
14 (at your option) any later version.
15
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
20
21 You should have received a copy of the GNU General Public License
22 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 */
24
25 #include "includes.h"
26 #include "libsmbclient.h"
27 #include "libsmb_internal.h"
28
29
30 /*
31 * Find an lsa pipe handle associated with a cli struct.
32 */
33 static struct rpc_pipe_client *
34 find_lsa_pipe_hnd(struct cli_state *ipc_cli)
35 {
36 struct rpc_pipe_client *pipe_hnd;
37
38 for (pipe_hnd = ipc_cli->pipe_list;
39 pipe_hnd;
40 pipe_hnd = pipe_hnd->next) {
41
42 if (ndr_syntax_id_equal(&pipe_hnd->abstract_syntax,
43 &ndr_table_lsarpc.syntax_id)) {
44 return pipe_hnd;
45 }
46 }
47
48 return NULL;
49 }
50
51 /*
52 * Sort ACEs according to the documentation at
53 * http://support.microsoft.com/kb/269175, at least as far as it defines the
54 * order.
55 */
56
57 static int
58 ace_compare(SEC_ACE *ace1,
59 SEC_ACE *ace2)
60 {
61 bool b1;
62 bool b2;
63
64 /* If the ACEs are equal, we have nothing more to do. */
65 if (sec_ace_equal(ace1, ace2)) {
66 return 0;
67 }
68
69 /* Inherited follow non-inherited */
70 b1 = ((ace1->flags & SEC_ACE_FLAG_INHERITED_ACE) != 0);
71 b2 = ((ace2->flags & SEC_ACE_FLAG_INHERITED_ACE) != 0);
72 if (b1 != b2) {
73 return (b1 ? 1 : -1);
74 }
75
76 /*
77 * What shall we do with AUDITs and ALARMs? It's undefined. We'll
78 * sort them after DENY and ALLOW.
79 */
80 b1 = (ace1->type != SEC_ACE_TYPE_ACCESS_ALLOWED &&
81 ace1->type != SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT &&
82 ace1->type != SEC_ACE_TYPE_ACCESS_DENIED &&
83 ace1->type != SEC_ACE_TYPE_ACCESS_DENIED_OBJECT);
84 b2 = (ace2->type != SEC_ACE_TYPE_ACCESS_ALLOWED &&
85 ace2->type != SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT &&
86 ace2->type != SEC_ACE_TYPE_ACCESS_DENIED &&
87 ace2->type != SEC_ACE_TYPE_ACCESS_DENIED_OBJECT);
88 if (b1 != b2) {
89 return (b1 ? 1 : -1);
90 }
91
92 /* Allowed ACEs follow denied ACEs */
93 b1 = (ace1->type == SEC_ACE_TYPE_ACCESS_ALLOWED ||
94 ace1->type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT);
95 b2 = (ace2->type == SEC_ACE_TYPE_ACCESS_ALLOWED ||
96 ace2->type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT);
97 if (b1 != b2) {
98 return (b1 ? 1 : -1);
99 }
100
101 /*
102 * ACEs applying to an entity's object follow those applying to the
103 * entity itself
104 */
105 b1 = (ace1->type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT ||
106 ace1->type == SEC_ACE_TYPE_ACCESS_DENIED_OBJECT);
107 b2 = (ace2->type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT ||
108 ace2->type == SEC_ACE_TYPE_ACCESS_DENIED_OBJECT);
109 if (b1 != b2) {
110 return (b1 ? 1 : -1);
111 }
112
113 /*
114 * If we get this far, the ACEs are similar as far as the
115 * characteristics we typically care about (those defined by the
116 * referenced MS document). We'll now sort by characteristics that
117 * just seems reasonable.
118 */
119
120 if (ace1->type != ace2->type) {
121 return ace2->type - ace1->type;
122 }
123
124 if (sid_compare(&ace1->trustee, &ace2->trustee)) {
125 return sid_compare(&ace1->trustee, &ace2->trustee);
126 }
127
128 if (ace1->flags != ace2->flags) {
129 return ace1->flags - ace2->flags;
130 }
131
132 if (ace1->access_mask != ace2->access_mask) {
133 return ace1->access_mask - ace2->access_mask;
134 }
135
136 if (ace1->size != ace2->size) {
137 return ace1->size - ace2->size;
138 }
139
140 return memcmp(ace1, ace2, sizeof(SEC_ACE));
141 }
142
143
144 static void
145 sort_acl(SEC_ACL *the_acl)
146 {
147 uint32 i;
148 if (!the_acl) return;
149
150 qsort(the_acl->aces, the_acl->num_aces, sizeof(the_acl->aces[0]),
151 QSORT_CAST ace_compare);
152
153 for (i=1;i<the_acl->num_aces;) {
154 if (sec_ace_equal(&the_acl->aces[i-1], &the_acl->aces[i])) {
155 int j;
156 for (j=i; j<the_acl->num_aces-1; j++) {
157 the_acl->aces[j] = the_acl->aces[j+1];
158 }
159 the_acl->num_aces--;
160 } else {
161 i++;
162 }
163 }
164 }
165
166 /* convert a SID to a string, either numeric or username/group */
167 static void
168 convert_sid_to_string(struct cli_state *ipc_cli,
169 POLICY_HND *pol,
170 fstring str,
171 bool numeric,
172 DOM_SID *sid)
173 {
174 char **domains = NULL;
175 char **names = NULL;
176 enum lsa_SidType *types = NULL;
177 struct rpc_pipe_client *pipe_hnd = find_lsa_pipe_hnd(ipc_cli);
178 TALLOC_CTX *ctx;
179
180 sid_to_fstring(str, sid);
181
182 if (numeric) {
183 return; /* no lookup desired */
184 }
185
186 if (!pipe_hnd) {
187 return;
188 }
189
190 /* Ask LSA to convert the sid to a name */
191
192 ctx = talloc_stackframe();
193
194 if (!NT_STATUS_IS_OK(rpccli_lsa_lookup_sids(pipe_hnd, ctx,
195 pol, 1, sid, &domains,
196 &names, &types)) ||
197 !domains || !domains[0] || !names || !names[0]) {
198 TALLOC_FREE(ctx);
199 return;
200 }
201
202 TALLOC_FREE(ctx);
203 /* Converted OK */
204
205 slprintf(str, sizeof(fstring) - 1, "%s%s%s",
206 domains[0], lp_winbind_separator(),
207 names[0]);
208 }
209
210 /* convert a string to a SID, either numeric or username/group */
211 static bool
212 convert_string_to_sid(struct cli_state *ipc_cli,
213 POLICY_HND *pol,
214 bool numeric,
215 DOM_SID *sid,
216 const char *str)
217 {
218 enum lsa_SidType *types = NULL;
219 DOM_SID *sids = NULL;
220 bool result = True;
221 TALLOC_CTX *ctx = NULL;
222 struct rpc_pipe_client *pipe_hnd = find_lsa_pipe_hnd(ipc_cli);
223
224 if (!pipe_hnd) {
225 return False;
226 }
227
228 if (numeric) {
229 if (strncmp(str, "S-", 2) == 0) {
230 return string_to_sid(sid, str);
231 }
232
233 result = False;
234 goto done;
235 }
236
237 ctx = talloc_stackframe();
238 if (!NT_STATUS_IS_OK(rpccli_lsa_lookup_names(pipe_hnd, ctx,
239 pol, 1, &str,
240 NULL, 1, &sids,
241 &types))) {
242 result = False;
243 goto done;
244 }
245
246 sid_copy(sid, &sids[0]);
247 done:
248
249 TALLOC_FREE(ctx);
250 return result;
251 }
252
253
254 /* parse an ACE in the same format as print_ace() */
255 static bool
256 parse_ace(struct cli_state *ipc_cli,
257 POLICY_HND *pol,
258 SEC_ACE *ace,
259 bool numeric,
260 char *str)
261 {
262 char *p;
263 const char *cp;
264 char *tok;
265 unsigned int atype;
266 unsigned int aflags;
267 unsigned int amask;
268 DOM_SID sid;
269 uint32_t mask;
270 const struct perm_value *v;
271 struct perm_value {
272 const char *perm;
273 uint32 mask;
274 };
275 TALLOC_CTX *frame = talloc_stackframe();
276
277 /* These values discovered by inspection */
278 static const struct perm_value special_values[] = {
279 { "R", 0x00120089 },
280 { "W", 0x00120116 },
281 { "X", 0x001200a0 },
282 { "D", 0x00010000 },
283 { "P", 0x00040000 },
284 { "O", 0x00080000 },
285 { NULL, 0 },
286 };
287
288 static const struct perm_value standard_values[] = {
289 { "READ", 0x001200a9 },
290 { "CHANGE", 0x001301bf },
291 { "FULL", 0x001f01ff },
292 { NULL, 0 },
293 };
294
295
296 ZERO_STRUCTP(ace);
297 p = strchr_m(str,':');
298 if (!p) {
299 TALLOC_FREE(frame);
300 return False;
301 }
302 *p = '\0';
303 p++;
304 /* Try to parse numeric form */
305
306 if (sscanf(p, "%i/%i/%i", &atype, &aflags, &amask) == 3 &&
307 convert_string_to_sid(ipc_cli, pol, numeric, &sid, str)) {
308 goto done;
309 }
310
311 /* Try to parse text form */
312
313 if (!convert_string_to_sid(ipc_cli, pol, numeric, &sid, str)) {
314 TALLOC_FREE(frame);
315 return false;
316 }
317
318 cp = p;
319 if (!next_token_talloc(frame, &cp, &tok, "/")) {
320 TALLOC_FREE(frame);
321 return false;
322 }
323
324 if (StrnCaseCmp(tok, "ALLOWED", strlen("ALLOWED")) == 0) {
325 atype = SEC_ACE_TYPE_ACCESS_ALLOWED;
326 } else if (StrnCaseCmp(tok, "DENIED", strlen("DENIED")) == 0) {
327 atype = SEC_ACE_TYPE_ACCESS_DENIED;
328 } else {
329 TALLOC_FREE(frame);
330 return false;
331 }
332
333 /* Only numeric form accepted for flags at present */
334
335 if (!(next_token_talloc(frame, &cp, &tok, "/") &&
336 sscanf(tok, "%i", &aflags))) {
337 TALLOC_FREE(frame);
338 return false;
339 }
340
341 if (!next_token_talloc(frame, &cp, &tok, "/")) {
342 TALLOC_FREE(frame);
343 return false;
344 }
345
346 if (strncmp(tok, "0x", 2) == 0) {
347 if (sscanf(tok, "%i", &amask) != 1) {
348 TALLOC_FREE(frame);
349 return false;
350 }
351 goto done;
352 }
353
354 for (v = standard_values; v->perm; v++) {
355 if (strcmp(tok, v->perm) == 0) {
356 amask = v->mask;
357 goto done;
358 }
359 }
360
361 p = tok;
362
363 while(*p) {
364 bool found = False;
365
366 for (v = special_values; v->perm; v++) {
367 if (v->perm[0] == *p) {
368 amask |= v->mask;
369 found = True;
370 }
371 }
372
373 if (!found) {
374 TALLOC_FREE(frame);
375 return false;
376 }
377 p++;
378 }
379
380 if (*p) {
381 TALLOC_FREE(frame);
382 return false;
383 }
384
385 done:
386 mask = amask;
387 init_sec_ace(ace, &sid, atype, mask, aflags);
388 TALLOC_FREE(frame);
389 return true;
390 }
391
392 /* add an ACE to a list of ACEs in a SEC_ACL */
393 static bool
394 add_ace(SEC_ACL **the_acl,
395 SEC_ACE *ace,
396 TALLOC_CTX *ctx)
397 {
398 SEC_ACL *newacl;
399 SEC_ACE *aces;
400
401 if (! *the_acl) {
402 (*the_acl) = make_sec_acl(ctx, 3, 1, ace);
403 return True;
404 }
405
406 if ((aces = SMB_CALLOC_ARRAY(SEC_ACE,
407 1+(*the_acl)->num_aces)) == NULL) {
408 return False;
409 }
410 memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(SEC_ACE));
411 memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE));
412 newacl = make_sec_acl(ctx, (*the_acl)->revision,
413 1+(*the_acl)->num_aces, aces);
414 SAFE_FREE(aces);
415 (*the_acl) = newacl;
416 return True;
417 }
418
419
420 /* parse a ascii version of a security descriptor */
421 static SEC_DESC *
422 sec_desc_parse(TALLOC_CTX *ctx,
423 struct cli_state *ipc_cli,
424 POLICY_HND *pol,
425 bool numeric,
426 char *str)
427 {
428 const char *p = str;
429 char *tok;
430 SEC_DESC *ret = NULL;
431 size_t sd_size;
432 DOM_SID *group_sid=NULL;
433 DOM_SID *owner_sid=NULL;
434 SEC_ACL *dacl=NULL;
435 int revision=1;
436
437 while (next_token_talloc(ctx, &p, &tok, "\t,\r\n")) {
438
439 if (StrnCaseCmp(tok,"REVISION:", 9) == 0) {
440 revision = strtol(tok+9, NULL, 16);
441 continue;
442 }
443
444 if (StrnCaseCmp(tok,"OWNER:", 6) == 0) {
445 if (owner_sid) {
446 DEBUG(5,("OWNER specified more than once!\n"));
447 goto done;
448 }
449 owner_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
450 if (!owner_sid ||
451 !convert_string_to_sid(ipc_cli, pol,
452 numeric,
453 owner_sid, tok+6)) {
454 DEBUG(5, ("Failed to parse owner sid\n"));
455 goto done;
456 }
457 continue;
458 }
459
460 if (StrnCaseCmp(tok,"OWNER+:", 7) == 0) {
461 if (owner_sid) {
462 DEBUG(5,("OWNER specified more than once!\n"));
463 goto done;
464 }
465 owner_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
466 if (!owner_sid ||
467 !convert_string_to_sid(ipc_cli, pol,
468 False,
469 owner_sid, tok+7)) {
470 DEBUG(5, ("Failed to parse owner sid\n"));
471 goto done;
472 }
473 continue;
474 }
475
476 if (StrnCaseCmp(tok,"GROUP:", 6) == 0) {
477 if (group_sid) {
478 DEBUG(5,("GROUP specified more than once!\n"));
479 goto done;
480 }
481 group_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
482 if (!group_sid ||
483 !convert_string_to_sid(ipc_cli, pol,
484 numeric,
485 group_sid, tok+6)) {
486 DEBUG(5, ("Failed to parse group sid\n"));
487 goto done;
488 }
489 continue;
490 }
491
492 if (StrnCaseCmp(tok,"GROUP+:", 7) == 0) {
493 if (group_sid) {
494 DEBUG(5,("GROUP specified more than once!\n"));
495 goto done;
496 }
497 group_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
498 if (!group_sid ||
499 !convert_string_to_sid(ipc_cli, pol,
500 False,
501 group_sid, tok+6)) {
502 DEBUG(5, ("Failed to parse group sid\n"));
503 goto done;
504 }
505 continue;
506 }
507
508 if (StrnCaseCmp(tok,"ACL:", 4) == 0) {
509 SEC_ACE ace;
510 if (!parse_ace(ipc_cli, pol, &ace, numeric, tok+4)) {
511 DEBUG(5, ("Failed to parse ACL %s\n", tok));
512 goto done;
513 }
514 if(!add_ace(&dacl, &ace, ctx)) {
515 DEBUG(5, ("Failed to add ACL %s\n", tok));
516 goto done;
517 }
518 continue;
519 }
520
521 if (StrnCaseCmp(tok,"ACL+:", 5) == 0) {
522 SEC_ACE ace;
523 if (!parse_ace(ipc_cli, pol, &ace, False, tok+5)) {
524 DEBUG(5, ("Failed to parse ACL %s\n", tok));
525 goto done;
526 }
527 if(!add_ace(&dacl, &ace, ctx)) {
528 DEBUG(5, ("Failed to add ACL %s\n", tok));
529 goto done;
530 }
531 continue;
532 }
533
534 DEBUG(5, ("Failed to parse security descriptor\n"));
535 goto done;
536 }
537
538 ret = make_sec_desc(ctx, revision, SEC_DESC_SELF_RELATIVE,
539 owner_sid, group_sid, NULL, dacl, &sd_size);
540
541 done:
542 SAFE_FREE(group_sid);
543 SAFE_FREE(owner_sid);
544
545 return ret;
546 }
547
548
549 /* Obtain the current dos attributes */
550 static DOS_ATTR_DESC *
551 dos_attr_query(SMBCCTX *context,
552 TALLOC_CTX *ctx,
553 const char *filename,
554 SMBCSRV *srv)
555 {
556 struct timespec create_time_ts;
557 struct timespec write_time_ts;
558 struct timespec access_time_ts;
559 struct timespec change_time_ts;
560 SMB_OFF_T size = 0;
561 uint16 mode = 0;
562 SMB_INO_T inode = 0;
563 DOS_ATTR_DESC *ret;
564
565 ret = TALLOC_P(ctx, DOS_ATTR_DESC);
566 if (!ret) {
567 errno = ENOMEM;
568 return NULL;
569 }
570
571 /* Obtain the DOS attributes */
572 if (!SMBC_getatr(context, srv, CONST_DISCARD(char *, filename),
573 &mode, &size,
574 &create_time_ts,
575 &access_time_ts,
576 &write_time_ts,
577 &change_time_ts,
578 &inode)) {
579 errno = SMBC_errno(context, srv->cli);
580 DEBUG(5, ("dos_attr_query Failed to query old attributes\n"));
581 return NULL;
582 }
583
584 ret->mode = mode;
585 ret->size = size;
586 ret->create_time = convert_timespec_to_time_t(create_time_ts);
587 ret->access_time = convert_timespec_to_time_t(access_time_ts);
588 ret->write_time = convert_timespec_to_time_t(write_time_ts);
589 ret->change_time = convert_timespec_to_time_t(change_time_ts);
590 ret->inode = inode;
591
592 return ret;
593 }
594
595
596 /* parse a ascii version of a security descriptor */
597 static void
598 dos_attr_parse(SMBCCTX *context,
599 DOS_ATTR_DESC *dad,
600 SMBCSRV *srv,
601 char *str)
602 {
603 int n;
604 const char *p = str;
605 char *tok = NULL;
606 TALLOC_CTX *frame = NULL;
607 struct {
608 const char * create_time_attr;
609 const char * access_time_attr;
610 const char * write_time_attr;
611 const char * change_time_attr;
612 } attr_strings;
613
614 /* Determine whether to use old-style or new-style attribute names */
615 if (context->internal->full_time_names) {
616 /* new-style names */
617 attr_strings.create_time_attr = "CREATE_TIME";
618 attr_strings.access_time_attr = "ACCESS_TIME";
619 attr_strings.write_time_attr = "WRITE_TIME";
620 attr_strings.change_time_attr = "CHANGE_TIME";
621 } else {
622 /* old-style names */
623 attr_strings.create_time_attr = NULL;
624 attr_strings.access_time_attr = "A_TIME";
625 attr_strings.write_time_attr = "M_TIME";
626 attr_strings.change_time_attr = "C_TIME";
627 }
628
629 /* if this is to set the entire ACL... */
630 if (*str == '*') {
631 /* ... then increment past the first colon if there is one */
632 if ((p = strchr(str, ':')) != NULL) {
633 ++p;
634 } else {
635 p = str;
636 }
637 }
638
639 frame = talloc_stackframe();
640 while (next_token_talloc(frame, &p, &tok, "\t,\r\n")) {
641 if (StrnCaseCmp(tok, "MODE:", 5) == 0) {
642 long request = strtol(tok+5, NULL, 16);
643 if (request == 0) {
644 dad->mode = (request |
645 (IS_DOS_DIR(dad->mode)
646 ? FILE_ATTRIBUTE_DIRECTORY
647 : FILE_ATTRIBUTE_NORMAL));
648 } else {
649 dad->mode = request;
650 }
651 continue;
652 }
653
654 if (StrnCaseCmp(tok, "SIZE:", 5) == 0) {
655 dad->size = (SMB_OFF_T)atof(tok+5);
656 continue;
657 }
658
659 n = strlen(attr_strings.access_time_attr);
660 if (StrnCaseCmp(tok, attr_strings.access_time_attr, n) == 0) {
661 dad->access_time = (time_t)strtol(tok+n+1, NULL, 10);
662 continue;
663 }
664
665 n = strlen(attr_strings.change_time_attr);
666 if (StrnCaseCmp(tok, attr_strings.change_time_attr, n) == 0) {
667 dad->change_time = (time_t)strtol(tok+n+1, NULL, 10);
668 continue;
669 }
670
671 n = strlen(attr_strings.write_time_attr);
672 if (StrnCaseCmp(tok, attr_strings.write_time_attr, n) == 0) {
673 dad->write_time = (time_t)strtol(tok+n+1, NULL, 10);
674 continue;
675 }
676
677 if (attr_strings.create_time_attr != NULL) {
678 n = strlen(attr_strings.create_time_attr);
679 if (StrnCaseCmp(tok, attr_strings.create_time_attr,
680 n) == 0) {
681 dad->create_time = (time_t)strtol(tok+n+1,
682 NULL, 10);
683 continue;
684 }
685 }
686
687 if (StrnCaseCmp(tok, "INODE:", 6) == 0) {
688 dad->inode = (SMB_INO_T)atof(tok+6);
689 continue;
690 }
691 }
692 TALLOC_FREE(frame);
693 }
694
695 /*****************************************************
696 Retrieve the acls for a file.
697 *******************************************************/
698
699 static int
700 cacl_get(SMBCCTX *context,
701 TALLOC_CTX *ctx,
702 SMBCSRV *srv,
703 struct cli_state *ipc_cli,
704 POLICY_HND *pol,
705 char *filename,
706 char *attr_name,
707 char *buf,
708 int bufsize)
709 {
710 uint32 i;
711 int n = 0;
712 int n_used;
713 bool all;
714 bool all_nt;
715 bool all_nt_acls;
716 bool all_dos;
717 bool some_nt;
718 bool some_dos;
719 bool exclude_nt_revision = False;
720 bool exclude_nt_owner = False;
721 bool exclude_nt_group = False;
722 bool exclude_nt_acl = False;
723 bool exclude_dos_mode = False;
724 bool exclude_dos_size = False;
725 bool exclude_dos_create_time = False;
726 bool exclude_dos_access_time = False;
727 bool exclude_dos_write_time = False;
728 bool exclude_dos_change_time = False;
729 bool exclude_dos_inode = False;
730 bool numeric = True;
731 bool determine_size = (bufsize == 0);
732 int fnum = -1;
733 SEC_DESC *sd;
734 fstring sidstr;
735 fstring name_sandbox;
736 char *name;
737 char *pExclude;
738 char *p;
739 struct timespec create_time_ts;
740 struct timespec write_time_ts;
741 struct timespec access_time_ts;
742 struct timespec change_time_ts;
743 time_t create_time = (time_t)0;
744 time_t write_time = (time_t)0;
745 time_t access_time = (time_t)0;
746 time_t change_time = (time_t)0;
747 SMB_OFF_T size = 0;
748 uint16 mode = 0;
749 SMB_INO_T ino = 0;
750 struct cli_state *cli = srv->cli;
751 struct {
752 const char * create_time_attr;
753 const char * access_time_attr;
754 const char * write_time_attr;
755 const char * change_time_attr;
756 } attr_strings;
757 struct {
758 const char * create_time_attr;
759 const char * access_time_attr;
760 const char * write_time_attr;
761 const char * change_time_attr;
762 } excl_attr_strings;
763
764 /* Determine whether to use old-style or new-style attribute names */
765 if (context->internal->full_time_names) {
766 /* new-style names */
767 attr_strings.create_time_attr = "CREATE_TIME";
768 attr_strings.access_time_attr = "ACCESS_TIME";
769 attr_strings.write_time_attr = "WRITE_TIME";
770 attr_strings.change_time_attr = "CHANGE_TIME";
771
772 excl_attr_strings.create_time_attr = "CREATE_TIME";
773 excl_attr_strings.access_time_attr = "ACCESS_TIME";
774 excl_attr_strings.write_time_attr = "WRITE_TIME";
775 excl_attr_strings.change_time_attr = "CHANGE_TIME";
776 } else {
777 /* old-style names */
778 attr_strings.create_time_attr = NULL;
779 attr_strings.access_time_attr = "A_TIME";
780 attr_strings.write_time_attr = "M_TIME";
781 attr_strings.change_time_attr = "C_TIME";
782
783 excl_attr_strings.create_time_attr = NULL;
784 excl_attr_strings.access_time_attr = "dos_attr.A_TIME";
785 excl_attr_strings.write_time_attr = "dos_attr.M_TIME";
786 excl_attr_strings.change_time_attr = "dos_attr.C_TIME";
787 }
788
789 /* Copy name so we can strip off exclusions (if any are specified) */
790 strncpy(name_sandbox, attr_name, sizeof(name_sandbox) - 1);
791
792 /* Ensure name is null terminated */
793 name_sandbox[sizeof(name_sandbox) - 1] = '\0';
794
795 /* Play in the sandbox */
796 name = name_sandbox;
797
798 /* If there are any exclusions, point to them and mask them from name */
799 if ((pExclude = strchr(name, '!')) != NULL)
800 {
801 *pExclude++ = '\0';
802 }
803
804 all = (StrnCaseCmp(name, "system.*", 8) == 0);
805 all_nt = (StrnCaseCmp(name, "system.nt_sec_desc.*", 20) == 0);
806 all_nt_acls = (StrnCaseCmp(name, "system.nt_sec_desc.acl.*", 24) == 0);
807 all_dos = (StrnCaseCmp(name, "system.dos_attr.*", 17) == 0);
808 some_nt = (StrnCaseCmp(name, "system.nt_sec_desc.", 19) == 0);
809 some_dos = (StrnCaseCmp(name, "system.dos_attr.", 16) == 0);
810 numeric = (* (name + strlen(name) - 1) != '+');
811
812 /* Look for exclusions from "all" requests */
813 if (all || all_nt || all_dos) {
814
815 /* Exclusions are delimited by '!' */
816 for (;
817 pExclude != NULL;
818 pExclude = (p == NULL ? NULL : p + 1)) {
819
820 /* Find end of this exclusion name */
821 if ((p = strchr(pExclude, '!')) != NULL)
822 {
823 *p = '\0';
824 }
825
826 /* Which exclusion name is this? */
827 if (StrCaseCmp(pExclude,
828 "nt_sec_desc.revision") == 0) {
829 exclude_nt_revision = True;
830 }
831 else if (StrCaseCmp(pExclude,
832 "nt_sec_desc.owner") == 0) {
833 exclude_nt_owner = True;
834 }
835 else if (StrCaseCmp(pExclude,
836 "nt_sec_desc.group") == 0) {
837 exclude_nt_group = True;
838 }
839 else if (StrCaseCmp(pExclude,
840 "nt_sec_desc.acl") == 0) {
841 exclude_nt_acl = True;
842 }
843 else if (StrCaseCmp(pExclude,
844 "dos_attr.mode") == 0) {
845 exclude_dos_mode = True;
846 }
847 else if (StrCaseCmp(pExclude,
848 "dos_attr.size") == 0) {
849 exclude_dos_size = True;
850 }
851 else if (excl_attr_strings.create_time_attr != NULL &&
852 StrCaseCmp(pExclude,
853 excl_attr_strings.change_time_attr) == 0) {
854 exclude_dos_create_time = True;
855 }
856 else if (StrCaseCmp(pExclude,
857 excl_attr_strings.access_time_attr) == 0) {
858 exclude_dos_access_time = True;
859 }
860 else if (StrCaseCmp(pExclude,
861 excl_attr_strings.write_time_attr) == 0) {
862 exclude_dos_write_time = True;
863 }
864 else if (StrCaseCmp(pExclude,
865 excl_attr_strings.change_time_attr) == 0) {
866 exclude_dos_change_time = True;
867 }
868 else if (StrCaseCmp(pExclude, "dos_attr.inode") == 0) {
869 exclude_dos_inode = True;
870 }
871 else {
872 DEBUG(5, ("cacl_get received unknown exclusion: %s\n",
873 pExclude));
874 errno = ENOATTR;
875 return -1;
876 }
877 }
878 }
879
880 n_used = 0;
881
882 /*
883 * If we are (possibly) talking to an NT or new system and some NT
884 * attributes have been requested...
885 */
886 if (ipc_cli && (all || some_nt || all_nt_acls)) {
887 char *targetpath = NULL;
888 struct cli_state *targetcli = NULL;
889
890 /* Point to the portion after "system.nt_sec_desc." */
891 name += 19; /* if (all) this will be invalid but unused */
892
893 if (!cli_resolve_path(ctx, "", cli, filename,
894 &targetcli, &targetpath)) {
895 DEBUG(5, ("cacl_get Could not resolve %s\n",
896 filename));
897 errno = ENOENT;
898 return -1;
899 }
900
901 /* ... then obtain any NT attributes which were requested */
902 fnum = cli_nt_create(targetcli, targetpath, CREATE_ACCESS_READ);
903
904 if (fnum == -1) {
905 DEBUG(5, ("cacl_get failed to open %s: %s\n",
906 targetpath, cli_errstr(targetcli)));
907 errno = 0;
908 return -1;
909 }
910
911 sd = cli_query_secdesc(targetcli, fnum, ctx);
912
913 if (!sd) {
914 DEBUG(5,
915 ("cacl_get Failed to query old descriptor\n"));
916 errno = 0;
917 return -1;
918 }
919
920 cli_close(targetcli, fnum);
921
922 if (! exclude_nt_revision) {
923 if (all || all_nt) {
924 if (determine_size) {
925 p = talloc_asprintf(ctx,
926 "REVISION:%d",
927 sd->revision);
928 if (!p) {
929 errno = ENOMEM;
930 return -1;
931 }
932 n = strlen(p);
933 } else {
934 n = snprintf(buf, bufsize,
935 "REVISION:%d",
936 sd->revision);
937 }
938 } else if (StrCaseCmp(name, "revision") == 0) {
939 if (determine_size) {
940 p = talloc_asprintf(ctx, "%d",
941 sd->revision);
942 if (!p) {
943 errno = ENOMEM;
944 return -1;
945 }
946 n = strlen(p);
947 } else {
948 n = snprintf(buf, bufsize, "%d",
949 sd->revision);
950 }
951 }
952
953 if (!determine_size && n > bufsize) {
954 errno = ERANGE;
955 return -1;
956 }
957 buf += n;
958 n_used += n;
959 bufsize -= n;
960 n = 0;
961 }
962
963 if (! exclude_nt_owner) {
964 /* Get owner and group sid */
965 if (sd->owner_sid) {
966 convert_sid_to_string(ipc_cli, pol,
967 sidstr,
968 numeric,
969 sd->owner_sid);
970 } else {
971 fstrcpy(sidstr, "");
972 }
973
974 if (all || all_nt) {
975 if (determine_size) {
976 p = talloc_asprintf(ctx, ",OWNER:%s",
977 sidstr);
978 if (!p) {
979 errno = ENOMEM;
980 return -1;
981 }
982 n = strlen(p);
983 } else if (sidstr[0] != '\0') {
984 n = snprintf(buf, bufsize,
985 ",OWNER:%s", sidstr);
986 }
987 } else if (StrnCaseCmp(name, "owner", 5) == 0) {
988 if (determine_size) {
989 p = talloc_asprintf(ctx, "%s", sidstr);
990 if (!p) {
991 errno = ENOMEM;
992 return -1;
993 }
994 n = strlen(p);
995 } else {
996 n = snprintf(buf, bufsize, "%s",
997 sidstr);
998 }
999 }
1000
1001 if (!determine_size && n > bufsize) {
1002 errno = ERANGE;
1003 return -1;
1004 }
1005 buf += n;
1006 n_used += n;
1007 bufsize -= n;
1008 n = 0;
1009 }
1010
1011 if (! exclude_nt_group) {
1012 if (sd->group_sid) {
1013 convert_sid_to_string(ipc_cli, pol,
1014 sidstr, numeric,
1015 sd->group_sid);
1016 } else {
1017 fstrcpy(sidstr, "");
1018 }
1019
1020 if (all || all_nt) {
1021 if (determine_size) {
1022 p = talloc_asprintf(ctx, ",GROUP:%s",
1023 sidstr);
1024 if (!p) {
1025 errno = ENOMEM;
1026 return -1;
1027 }
1028 n = strlen(p);
1029 } else if (sidstr[0] != '\0') {
1030 n = snprintf(buf, bufsize,
1031 ",GROUP:%s", sidstr);
1032 }
1033 } else if (StrnCaseCmp(name, "group", 5) == 0) {
1034 if (determine_size) {
1035 p = talloc_asprintf(ctx, "%s", sidstr);
1036 if (!p) {
1037 errno = ENOMEM;
1038 return -1;
1039 }
1040 n = strlen(p);
1041 } else {
1042 n = snprintf(buf, bufsize,
1043 "%s", sidstr);
1044 }
1045 }
1046
1047 if (!determine_size && n > bufsize) {
1048 errno = ERANGE;
1049 return -1;
1050 }
1051 buf += n;
1052 n_used += n;
1053 bufsize -= n;
1054 n = 0;
1055 }
1056
1057 if (! exclude_nt_acl) {
1058 /* Add aces to value buffer */
1059 for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
1060
1061 SEC_ACE *ace = &sd->dacl->aces[i];
1062 convert_sid_to_string(ipc_cli, pol,
1063 sidstr, numeric,
1064 &ace->trustee);
1065
1066 if (all || all_nt) {
1067 if (determine_size) {
1068 p = talloc_asprintf(
1069 ctx,
1070 ",ACL:"
1071 "%s:%d/%d/0x%08x",
1072 sidstr,
1073 ace->type,
1074 ace->flags,
1075 ace->access_mask);
1076 if (!p) {
1077 errno = ENOMEM;
1078 return -1;
1079 }
1080 n = strlen(p);
1081 } else {
1082 n = snprintf(
1083 buf, bufsize,
1084 ",ACL:%s:%d/%d/0x%08x",
1085 sidstr,
1086 ace->type,
1087 ace->flags,
1088 ace->access_mask);
1089 }
1090 } else if ((StrnCaseCmp(name, "acl", 3) == 0 &&
1091 StrCaseCmp(name+3, sidstr) == 0) ||
1092 (StrnCaseCmp(name, "acl+", 4) == 0 &&
1093 StrCaseCmp(name+4, sidstr) == 0)) {
1094 if (determine_size) {
1095 p = talloc_asprintf(
1096 ctx,
1097 "%d/%d/0x%08x",
1098 ace->type,
1099 ace->flags,
1100 ace->access_mask);
1101 if (!p) {
1102 errno = ENOMEM;
1103 return -1;
1104 }
1105 n = strlen(p);
1106 } else {
1107 n = snprintf(buf, bufsize,
1108 "%d/%d/0x%08x",
1109 ace->type,
1110 ace->flags,
1111 ace->access_mask);
1112 }
1113 } else if (all_nt_acls) {
1114 if (determine_size) {
1115 p = talloc_asprintf(
1116 ctx,
1117 "%s%s:%d/%d/0x%08x",
1118 i ? "," : "",
1119 sidstr,
1120 ace->type,
1121 ace->flags,
1122 ace->access_mask);
1123 if (!p) {
1124 errno = ENOMEM;
1125 return -1;
1126 }
1127 n = strlen(p);
1128 } else {
1129 n = snprintf(buf, bufsize,
1130 "%s%s:%d/%d/0x%08x",
1131 i ? "," : "",
1132 sidstr,
1133 ace->type,
1134 ace->flags,
1135 ace->access_mask);
1136 }
1137 }
1138 if (!determine_size && n > bufsize) {
1139 errno = ERANGE;
1140 return -1;
1141 }
1142 buf += n;
1143 n_used += n;
1144 bufsize -= n;
1145 n = 0;
1146 }
1147 }
1148
1149 /* Restore name pointer to its original value */
1150 name -= 19;
1151 }
1152
1153 if (all || some_dos) {
1154 /* Point to the portion after "system.dos_attr." */
1155 name += 16; /* if (all) this will be invalid but unused */
1156
1157 /* Obtain the DOS attributes */
1158 if (!SMBC_getatr(context, srv, filename, &mode, &size,
1159 &create_time_ts,
1160 &access_time_ts,
1161 &write_time_ts,
1162 &change_time_ts,
1163 &ino)) {
1164
1165 errno = SMBC_errno(context, srv->cli);
1166 return -1;
1167
1168 }
1169
1170 create_time = convert_timespec_to_time_t(create_time_ts);
1171 access_time = convert_timespec_to_time_t(access_time_ts);
1172 write_time = convert_timespec_to_time_t(write_time_ts);
1173 change_time = convert_timespec_to_time_t(change_time_ts);
1174
1175 if (! exclude_dos_mode) {
1176 if (all || all_dos) {
1177 if (determine_size) {
1178 p = talloc_asprintf(ctx,
1179 "%sMODE:0x%x",
1180 (ipc_cli &&
1181 (all || some_nt)
1182 ? ","
1183 : ""),
1184 mode);
1185 if (!p) {
1186 errno = ENOMEM;
1187 return -1;
1188 }
1189 n = strlen(p);
1190 } else {
1191 n = snprintf(buf, bufsize,
1192 "%sMODE:0x%x",
1193 (ipc_cli &&
1194 (all || some_nt)
1195 ? ","
1196 : ""),
1197 mode);
1198 }
1199 } else if (StrCaseCmp(name, "mode") == 0) {
1200 if (determine_size) {
1201 p = talloc_asprintf(ctx, "0x%x", mode);
1202 if (!p) {
1203 errno = ENOMEM;
1204 return -1;
1205 }
1206 n = strlen(p);
1207 } else {
1208 n = snprintf(buf, bufsize,
1209 "0x%x", mode);
1210 }
1211 }
1212
1213 if (!determine_size && n > bufsize) {
1214 errno = ERANGE;
1215 return -1;
1216 }
1217 buf += n;
1218 n_used += n;
1219 bufsize -= n;
1220 n = 0;
1221 }
1222
1223 if (! exclude_dos_size) {
1224 if (all || all_dos) {
1225 if (determine_size) {
1226 p = talloc_asprintf(
1227 ctx,
1228 ",SIZE:%.0f",
1229 (double)size);
1230 if (!p) {
1231 errno = ENOMEM;
1232 return -1;
1233 }
1234 n = strlen(p);
1235 } else {
1236 n = snprintf(buf, bufsize,
1237 ",SIZE:%.0f",
1238 (double)size);
1239 }
1240 } else if (StrCaseCmp(name, "size") == 0) {
1241 if (determine_size) {
1242 p = talloc_asprintf(
1243 ctx,
1244 "%.0f",
1245 (double)size);
1246 if (!p) {
1247 errno = ENOMEM;
1248 return -1;
1249 }
1250 n = strlen(p);
1251 } else {
1252 n = snprintf(buf, bufsize,
1253 "%.0f",
1254 (double)size);
1255 }
1256 }
1257
1258 if (!determine_size && n > bufsize) {
1259 errno = ERANGE;
1260 return -1;
1261 }
1262 buf += n;
1263 n_used += n;
1264 bufsize -= n;
1265 n = 0;
1266 }
1267
1268 if (! exclude_dos_create_time &&
1269 attr_strings.create_time_attr != NULL) {
1270 if (all || all_dos) {
1271 if (determine_size) {
1272 p = talloc_asprintf(ctx,
1273 ",%s:%lu",
1274 attr_strings.create_time_attr,
1275 create_time);
1276 if (!p) {
1277 errno = ENOMEM;
1278 return -1;
1279 }
1280 n = strlen(p);
1281 } else {
1282 n = snprintf(buf, bufsize,
1283 ",%s:%lu",
1284 attr_strings.create_time_attr,
1285 create_time);
1286 }
1287 } else if (StrCaseCmp(name, attr_strings.create_time_attr) == 0) {
1288 if (determine_size) {
1289 p = talloc_asprintf(ctx, "%lu", create_time);
1290 if (!p) {
1291 errno = ENOMEM;
1292 return -1;
1293 }
1294 n = strlen(p);
1295 } else {
1296 n = snprintf(buf, bufsize,
1297 "%lu", create_time);
1298 }
1299 }
1300
1301 if (!determine_size && n > bufsize) {
1302 errno = ERANGE;
1303 return -1;
1304 }
1305 buf += n;
1306 n_used += n;
1307 bufsize -= n;
1308 n = 0;
1309 }
1310
1311 if (! exclude_dos_access_time) {
1312 if (all || all_dos) {
1313 if (determine_size) {
1314 p = talloc_asprintf(ctx,
1315 ",%s:%lu",
1316 attr_strings.access_time_attr,
1317 access_time);
1318 if (!p) {
1319 errno = ENOMEM;
1320 return -1;
1321 }
1322 n = strlen(p);
1323 } else {
1324 n = snprintf(buf, bufsize,
1325 ",%s:%lu",
1326 attr_strings.access_time_attr,
1327 access_time);
1328 }
1329 } else if (StrCaseCmp(name, attr_strings.access_time_attr) == 0) {
1330 if (determine_size) {
1331 p = talloc_asprintf(ctx, "%lu", access_time);
1332 if (!p) {
1333 errno = ENOMEM;
1334 return -1;
1335 }
1336 n = strlen(p);
1337 } else {
1338 n = snprintf(buf, bufsize,
1339 "%lu", access_time);
1340 }
1341 }
1342
1343 if (!determine_size && n > bufsize) {
1344 errno = ERANGE;
1345 return -1;
1346 }
1347 buf += n;
1348 n_used += n;
1349 bufsize -= n;
1350 n = 0;
1351 }
1352
1353 if (! exclude_dos_write_time) {
1354 if (all || all_dos) {
1355 if (determine_size) {
1356 p = talloc_asprintf(ctx,
1357 ",%s:%lu",
1358 attr_strings.write_time_attr,
1359 write_time);
1360 if (!p) {
1361 errno = ENOMEM;
1362 return -1;
1363 }
1364 n = strlen(p);
1365 } else {
1366 n = snprintf(buf, bufsize,
1367 ",%s:%lu",
1368 attr_strings.write_time_attr,
1369 write_time);
1370 }
1371 } else if (StrCaseCmp(name, attr_strings.write_time_attr) == 0) {
1372 if (determine_size) {
1373 p = talloc_asprintf(ctx, "%lu", write_time);
1374 if (!p) {
1375 errno = ENOMEM;
1376 return -1;
1377 }
1378 n = strlen(p);
1379 } else {
1380 n = snprintf(buf, bufsize,
1381 "%lu", write_time);
1382 }
1383 }
1384
1385 if (!determine_size && n > bufsize) {
1386 errno = ERANGE;
1387 return -1;
1388 }
1389 buf += n;
1390 n_used += n;
1391 bufsize -= n;
1392 n = 0;
1393 }
1394
1395 if (! exclude_dos_change_time) {
1396 if (all || all_dos) {
1397 if (determine_size) {
1398 p = talloc_asprintf(ctx,
1399 ",%s:%lu",
1400 attr_strings.change_time_attr,
1401 change_time);
1402 if (!p) {
1403 errno = ENOMEM;
1404 return -1;
1405 }
1406 n = strlen(p);
1407 } else {
1408 n = snprintf(buf, bufsize,
1409 ",%s:%lu",
1410 attr_strings.change_time_attr,
1411 change_time);
1412 }
1413 } else if (StrCaseCmp(name, attr_strings.change_time_attr) == 0) {
1414 if (determine_size) {
1415 p = talloc_asprintf(ctx, "%lu", change_time);
1416 if (!p) {
1417 errno = ENOMEM;
1418 return -1;
1419 }
1420 n = strlen(p);
1421 } else {
1422 n = snprintf(buf, bufsize,
1423 "%lu", change_time);
1424 }
1425 }
1426
1427 if (!determine_size && n > bufsize) {
1428 errno = ERANGE;
1429 return -1;
1430 }
1431 buf += n;
1432 n_used += n;
1433 bufsize -= n;
1434 n = 0;
1435 }
1436
1437 if (! exclude_dos_inode) {
1438 if (all || all_dos) {
1439 if (determine_size) {
1440 p = talloc_asprintf(
1441 ctx,
1442 ",INODE:%.0f",
1443 (double)ino);
1444 if (!p) {
1445 errno = ENOMEM;
1446 return -1;
1447 }
1448 n = strlen(p);
1449 } else {
1450 n = snprintf(buf, bufsize,
1451 ",INODE:%.0f",
1452 (double) ino);
1453 }
1454 } else if (StrCaseCmp(name, "inode") == 0) {
1455 if (determine_size) {
1456 p = talloc_asprintf(
1457 ctx,
1458 "%.0f",
1459 (double) ino);
1460 if (!p) {
1461 errno = ENOMEM;
1462 return -1;
1463 }
1464 n = strlen(p);
1465 } else {
1466 n = snprintf(buf, bufsize,
1467 "%.0f",
1468 (double) ino);
1469 }
1470 }
1471
1472 if (!determine_size && n > bufsize) {
1473 errno = ERANGE;
1474 return -1;
1475 }
1476 buf += n;
1477 n_used += n;
1478 bufsize -= n;
1479 n = 0;
1480 }
1481
1482 /* Restore name pointer to its original value */
1483 name -= 16;
1484 }
1485
1486 if (n_used == 0) {
1487 errno = ENOATTR;
1488 return -1;
1489 }
1490
1491 return n_used;
1492 }
1493
1494 /*****************************************************
1495 set the ACLs on a file given an ascii description
1496 *******************************************************/
1497 static int
1498 cacl_set(TALLOC_CTX *ctx,
1499 struct cli_state *cli,
1500 struct cli_state *ipc_cli,
1501 POLICY_HND *pol,
1502 const char *filename,
1503 const char *the_acl,
1504 int mode,
1505 int flags)
1506 {
1507 int fnum;
1508 int err = 0;
1509 SEC_DESC *sd = NULL, *old;
1510 SEC_ACL *dacl = NULL;
1511 DOM_SID *owner_sid = NULL;
1512 DOM_SID *group_sid = NULL;
1513 uint32 i, j;
1514 size_t sd_size;
1515 int ret = 0;
1516 char *p;
1517 bool numeric = True;
1518 char *targetpath = NULL;
1519 struct cli_state *targetcli = NULL;
1520
1521 /* the_acl will be null for REMOVE_ALL operations */
1522 if (the_acl) {
1523 numeric = ((p = strchr(the_acl, ':')) != NULL &&
1524 p > the_acl &&
1525 p[-1] != '+');
1526
1527 /* if this is to set the entire ACL... */
1528 if (*the_acl == '*') {
1529 /* ... then increment past the first colon */
1530 the_acl = p + 1;
1531 }
1532
1533 sd = sec_desc_parse(ctx, ipc_cli, pol, numeric,
1534 CONST_DISCARD(char *, the_acl));
1535
1536 if (!sd) {
1537 errno = EINVAL;
1538 return -1;
1539 }
1540 }
1541
1542 /* SMBC_XATTR_MODE_REMOVE_ALL is the only caller
1543 that doesn't deref sd */
1544
1545 if (!sd && (mode != SMBC_XATTR_MODE_REMOVE_ALL)) {
1546 errno = EINVAL;
1547 return -1;
1548 }
1549
1550 if (!cli_resolve_path(ctx, "", cli, filename,
1551 &targetcli, &targetpath)) {
1552 DEBUG(5,("cacl_set: Could not resolve %s\n", filename));
1553 errno = ENOENT;
1554 return -1;
1555 }
1556
1557 /* The desired access below is the only one I could find that works
1558 with NT4, W2KP and Samba */
1559
1560 fnum = cli_nt_create(targetcli, targetpath, CREATE_ACCESS_READ);
1561
1562 if (fnum == -1) {
1563 DEBUG(5, ("cacl_set failed to open %s: %s\n",
1564 targetpath, cli_errstr(targetcli)));
1565 errno = 0;
1566 return -1;
1567 }
1568
1569 old = cli_query_secdesc(targetcli, fnum, ctx);
1570
1571 if (!old) {
1572 DEBUG(5, ("cacl_set Failed to query old descriptor\n"));
1573 errno = 0;
1574 return -1;
1575 }
1576
1577 cli_close(targetcli, fnum);
1578
1579 switch (mode) {
1580 case SMBC_XATTR_MODE_REMOVE_ALL:
1581 old->dacl->num_aces = 0;
1582 dacl = old->dacl;
1583 break;
1584
1585 case SMBC_XATTR_MODE_REMOVE:
1586 for (i=0;sd->dacl && i<sd->dacl->num_aces;i++) {
1587 bool found = False;
1588
1589 for (j=0;old->dacl && j<old->dacl->num_aces;j++) {
1590 if (sec_ace_equal(&sd->dacl->aces[i],
1591 &old->dacl->aces[j])) {
1592 uint32 k;
1593 for (k=j; k<old->dacl->num_aces-1;k++) {
1594 old->dacl->aces[k] =
1595 old->dacl->aces[k+1];
1596 }
1597 old->dacl->num_aces--;
1598 found = True;
1599 dacl = old->dacl;
1600 break;
1601 }
1602 }
1603
1604 if (!found) {
1605 err = ENOATTR;
1606 ret = -1;
1607 goto failed;
1608 }
1609 }
1610 break;
1611
1612 case SMBC_XATTR_MODE_ADD:
1613 for (i=0;sd->dacl && i<sd->dacl->num_aces;i++) {
1614 bool found = False;
1615
1616 for (j=0;old->dacl && j<old->dacl->num_aces;j++) {
1617 if (sid_equal(&sd->dacl->aces[i].trustee,
1618 &old->dacl->aces[j].trustee)) {
1619 if (!(flags & SMBC_XATTR_FLAG_CREATE)) {
1620 err = EEXIST;
1621 ret = -1;
1622 goto failed;
1623 }
1624 old->dacl->aces[j] = sd->dacl->aces[i];
1625 ret = -1;
1626 found = True;
1627 }
1628 }
1629
1630 if (!found && (flags & SMBC_XATTR_FLAG_REPLACE)) {
1631 err = ENOATTR;
1632 ret = -1;
1633 goto failed;
1634 }
1635
1636 for (i=0;sd->dacl && i<sd->dacl->num_aces;i++) {
1637 add_ace(&old->dacl, &sd->dacl->aces[i], ctx);
1638 }
1639 }
1640 dacl = old->dacl;
1641 break;
1642
1643 case SMBC_XATTR_MODE_SET:
1644 old = sd;
1645 owner_sid = old->owner_sid;
1646 group_sid = old->group_sid;
1647 dacl = old->dacl;
1648 break;
1649
1650 case SMBC_XATTR_MODE_CHOWN:
1651 owner_sid = sd->owner_sid;
1652 break;
1653
1654 case SMBC_XATTR_MODE_CHGRP:
1655 group_sid = sd->group_sid;
1656 break;
1657 }
1658
1659 /* Denied ACE entries must come before allowed ones */
1660 sort_acl(old->dacl);
1661
1662 /* Create new security descriptor and set it */
1663 sd = make_sec_desc(ctx, old->revision, SEC_DESC_SELF_RELATIVE,
1664 owner_sid, group_sid, NULL, dacl, &sd_size);
1665
1666 fnum = cli_nt_create(targetcli, targetpath,
1667 WRITE_DAC_ACCESS | WRITE_OWNER_ACCESS);
1668
1669 if (fnum == -1) {
1670 DEBUG(5, ("cacl_set failed to open %s: %s\n",
1671 targetpath, cli_errstr(targetcli)));
1672 errno = 0;
1673 return -1;
1674 }
1675
1676 if (!cli_set_secdesc(targetcli, fnum, sd)) {
1677 DEBUG(5, ("ERROR: secdesc set failed: %s\n",
1678 cli_errstr(targetcli)));
1679 ret = -1;
1680 }
1681
1682 /* Clean up */
1683
1684 failed:
1685 cli_close(targetcli, fnum);
1686
1687 if (err != 0) {
1688 errno = err;
1689 }
1690
1691 return ret;
1692 }
1693
1694
1695 int
1696 SMBC_setxattr_ctx(SMBCCTX *context,
1697 const char *fname,
1698 const char *name,
1699 const void *value,
1700 size_t size,
1701 int flags)
1702 {
1703 int ret;
1704 int ret2;
1705 SMBCSRV *srv = NULL;
1706 SMBCSRV *ipc_srv = NULL;
1707 char *server = NULL;
1708 char *share = NULL;
1709 char *user = NULL;
1710 char *password = NULL;
1711 char *workgroup = NULL;
1712 char *path = NULL;
1713 DOS_ATTR_DESC *dad = NULL;
1714 struct {
1715 const char * create_time_attr;
1716 const char * access_time_attr;
1717 const char * write_time_attr;
1718 const char * change_time_attr;
1719 } attr_strings;
1720 TALLOC_CTX *frame = talloc_stackframe();
1721
1722 if (!context || !context->internal->initialized) {
1723
1724 errno = EINVAL; /* Best I can think of ... */
1725 TALLOC_FREE(frame);
1726 return -1;
1727 }
1728
1729 if (!fname) {
1730 errno = EINVAL;
1731 TALLOC_FREE(frame);
1732 return -1;
1733 }
1734
1735 DEBUG(4, ("smbc_setxattr(%s, %s, %.*s)\n",
1736 fname, name, (int) size, (const char*)value));
1737
1738 if (SMBC_parse_path(frame,
1739 context,
1740 fname,
1741 &workgroup,
1742 &server,
1743 &share,
1744 &path,
1745 &user,
1746 &password,
1747 NULL)) {
1748 errno = EINVAL;
1749 TALLOC_FREE(frame);
1750 return -1;
1751 }
1752
1753 if (!user || user[0] == (char)0) {
1754 user = talloc_strdup(frame, smbc_getUser(context));
1755 if (!user) {
1756 errno = ENOMEM;
1757 TALLOC_FREE(frame);
1758 return -1;
1759 }
1760 }
1761
1762 srv = SMBC_server(frame, context, True,
1763 server, share, &workgroup, &user, &password);
1764 if (!srv) {
1765 TALLOC_FREE(frame);
1766 return -1; /* errno set by SMBC_server */
1767 }
1768
1769 if (! srv->no_nt_session) {
1770 ipc_srv = SMBC_attr_server(frame, context, server, share,
1771 &workgroup, &user, &password);
1772 if (! ipc_srv) {
1773 srv->no_nt_session = True;
1774 }
1775 } else {
1776 ipc_srv = NULL;
1777 }
1778
1779 /*
1780 * Are they asking to set the entire set of known attributes?
1781 */
1782 if (StrCaseCmp(name, "system.*") == 0 ||
1783 StrCaseCmp(name, "system.*+") == 0) {
1784 /* Yup. */
1785 char *namevalue =
1786 talloc_asprintf(talloc_tos(), "%s:%s",
1787 name+7, (const char *) value);
1788 if (! namevalue) {
1789 errno = ENOMEM;
1790 ret = -1;
1791 TALLOC_FREE(frame);
1792 return -1;
1793 }
1794
1795 if (ipc_srv) {
1796 ret = cacl_set(talloc_tos(), srv->cli,
1797 ipc_srv->cli, &ipc_srv->pol, path,
1798 namevalue,
1799 (*namevalue == '*'
1800 ? SMBC_XATTR_MODE_SET
1801 : SMBC_XATTR_MODE_ADD),
1802 flags);
1803 } else {
1804 ret = 0;
1805 }
1806
1807 /* get a DOS Attribute Descriptor with current attributes */
1808 dad = dos_attr_query(context, talloc_tos(), path, srv);
1809 if (dad) {
1810 /* Overwrite old with new, using what was provided */
1811 dos_attr_parse(context, dad, srv, namevalue);
1812
1813 /* Set the new DOS attributes */
1814 if (! SMBC_setatr(context, srv, path,
1815 dad->create_time,
1816 dad->access_time,
1817 dad->write_time,
1818 dad->change_time,
1819 dad->mode)) {
1820
1821 /* cause failure if NT failed too */
1822 dad = NULL;
1823 }
1824 }
1825
1826 /* we only fail if both NT and DOS sets failed */
1827 if (ret < 0 && ! dad) {
1828 ret = -1; /* in case dad was null */
1829 }
1830 else {
1831 ret = 0;
1832 }
1833
1834 TALLOC_FREE(frame);
1835 return ret;
1836 }
1837
1838 /*
1839 * Are they asking to set an access control element or to set
1840 * the entire access control list?
1841 */
1842 if (StrCaseCmp(name, "system.nt_sec_desc.*") == 0 ||
1843 StrCaseCmp(name, "system.nt_sec_desc.*+") == 0 ||
1844 StrCaseCmp(name, "system.nt_sec_desc.revision") == 0 ||
1845 StrnCaseCmp(name, "system.nt_sec_desc.acl", 22) == 0 ||
1846 StrnCaseCmp(name, "system.nt_sec_desc.acl+", 23) == 0) {
1847
1848 /* Yup. */
1849 char *namevalue =
1850 talloc_asprintf(talloc_tos(), "%s:%s",
1851 name+19, (const char *) value);
1852
1853 if (! ipc_srv) {
1854 ret = -1; /* errno set by SMBC_server() */
1855 }
1856 else if (! namevalue) {
1857 errno = ENOMEM;
1858 ret = -1;
1859 } else {
1860 ret = cacl_set(talloc_tos(), srv->cli,
1861 ipc_srv->cli, &ipc_srv->pol, path,
1862 namevalue,
1863 (*namevalue == '*'
1864 ? SMBC_XATTR_MODE_SET
1865 : SMBC_XATTR_MODE_ADD),
1866 flags);
1867 }
1868 TALLOC_FREE(frame);
1869 return ret;
1870 }
1871
1872 /*
1873 * Are they asking to set the owner?
1874 */
1875 if (StrCaseCmp(name, "system.nt_sec_desc.owner") == 0 ||
1876 StrCaseCmp(name, "system.nt_sec_desc.owner+") == 0) {
1877
1878 /* Yup. */
1879 char *namevalue =
1880 talloc_asprintf(talloc_tos(), "%s:%s",
1881 name+19, (const char *) value);
1882
1883 if (! ipc_srv) {
1884 ret = -1; /* errno set by SMBC_server() */
1885 }
1886 else if (! namevalue) {
1887 errno = ENOMEM;
1888 ret = -1;
1889 } else {
1890 ret = cacl_set(talloc_tos(), srv->cli,
1891 ipc_srv->cli, &ipc_srv->pol, path,
1892 namevalue, SMBC_XATTR_MODE_CHOWN, 0);
1893 }
1894 TALLOC_FREE(frame);
1895 return ret;
1896 }
1897
1898 /*
1899 * Are they asking to set the group?
1900 */
1901 if (StrCaseCmp(name, "system.nt_sec_desc.group") == 0 ||
1902 StrCaseCmp(name, "system.nt_sec_desc.group+") == 0) {
1903
1904 /* Yup. */
1905 char *namevalue =
1906 talloc_asprintf(talloc_tos(), "%s:%s",
1907 name+19, (const char *) value);
1908
1909 if (! ipc_srv) {
1910 /* errno set by SMBC_server() */
1911 ret = -1;
1912 }
1913 else if (! namevalue) {
1914 errno = ENOMEM;
1915 ret = -1;
1916 } else {
1917 ret = cacl_set(talloc_tos(), srv->cli,
1918 ipc_srv->cli, &ipc_srv->pol, path,
1919 namevalue, SMBC_XATTR_MODE_CHGRP, 0);
1920 }
1921 TALLOC_FREE(frame);
1922 return ret;
1923 }
1924
1925 /* Determine whether to use old-style or new-style attribute names */
1926 if (context->internal->full_time_names) {
1927 /* new-style names */
1928 attr_strings.create_time_attr = "system.dos_attr.CREATE_TIME";
1929 attr_strings.access_time_attr = "system.dos_attr.ACCESS_TIME";
1930 attr_strings.write_time_attr = "system.dos_attr.WRITE_TIME";
1931 attr_strings.change_time_attr = "system.dos_attr.CHANGE_TIME";
1932 } else {
1933 /* old-style names */
1934 attr_strings.create_time_attr = NULL;
1935 attr_strings.access_time_attr = "system.dos_attr.A_TIME";
1936 attr_strings.write_time_attr = "system.dos_attr.M_TIME";
1937 attr_strings.change_time_attr = "system.dos_attr.C_TIME";
1938 }
1939
1940 /*
1941 * Are they asking to set a DOS attribute?
1942 */
1943 if (StrCaseCmp(name, "system.dos_attr.*") == 0 ||
1944 StrCaseCmp(name, "system.dos_attr.mode") == 0 ||
1945 (attr_strings.create_time_attr != NULL &&
1946 StrCaseCmp(name, attr_strings.create_time_attr) == 0) ||
1947 StrCaseCmp(name, attr_strings.access_time_attr) == 0 ||
1948 StrCaseCmp(name, attr_strings.write_time_attr) == 0 ||
1949 StrCaseCmp(name, attr_strings.change_time_attr) == 0) {
1950
1951 /* get a DOS Attribute Descriptor with current attributes */
1952 dad = dos_attr_query(context, talloc_tos(), path, srv);
1953 if (dad) {
1954 char *namevalue =
1955 talloc_asprintf(talloc_tos(), "%s:%s",
1956 name+16, (const char *) value);
1957 if (! namevalue) {
1958 errno = ENOMEM;
1959 ret = -1;
1960 } else {
1961 /* Overwrite old with provided new params */
1962 dos_attr_parse(context, dad, srv, namevalue);
1963
1964 /* Set the new DOS attributes */
1965 ret2 = SMBC_setatr(context, srv, path,
1966 dad->create_time,
1967 dad->access_time,
1968 dad->write_time,
1969 dad->change_time,
1970 dad->mode);
1971
1972 /* ret2 has True (success) / False (failure) */
1973 if (ret2) {
1974 ret = 0;
1975 } else {
1976 ret = -1;
1977 }
1978 }
1979 } else {
1980 ret = -1;
1981 }
1982
1983 TALLOC_FREE(frame);
1984 return ret;
1985 }
1986
1987 /* Unsupported attribute name */
1988 errno = EINVAL;
1989 TALLOC_FREE(frame);
1990 return -1;
1991 }
1992
1993 int
1994 SMBC_getxattr_ctx(SMBCCTX *context,
1995 const char *fname,
1996 const char *name,
1997 const void *value,
1998 size_t size)
1999 {
2000 int ret;
2001 SMBCSRV *srv = NULL;
2002 SMBCSRV *ipc_srv = NULL;
2003 char *server = NULL;
2004 char *share = NULL;
2005 char *user = NULL;
2006 char *password = NULL;
2007 char *workgroup = NULL;
2008 char *path = NULL;
2009 struct {
2010 const char * create_time_attr;
2011 const char * access_time_attr;
2012 const char * write_time_attr;
2013 const char * change_time_attr;
2014 } attr_strings;
2015 TALLOC_CTX *frame = talloc_stackframe();
2016
2017 if (!context || !context->internal->initialized) {
2018
2019 errno = EINVAL; /* Best I can think of ... */
2020 TALLOC_FREE(frame);
2021 return -1;
2022 }
2023
2024 if (!fname) {
2025 errno = EINVAL;
2026 TALLOC_FREE(frame);
2027 return -1;
2028 }
2029
2030 DEBUG(4, ("smbc_getxattr(%s, %s)\n", fname, name));
2031
2032 if (SMBC_parse_path(frame,
2033 context,
2034 fname,
2035 &workgroup,
2036 &server,
2037 &share,
2038 &path,
2039 &user,
2040 &password,
2041 NULL)) {
2042 errno = EINVAL;
2043 TALLOC_FREE(frame);
2044 return -1;
2045 }
2046
2047 if (!user || user[0] == (char)0) {
2048 user = talloc_strdup(frame, smbc_getUser(context));
2049 if (!user) {
2050 errno = ENOMEM;
2051 TALLOC_FREE(frame);
2052 return -1;
2053 }
2054 }
2055
2056 srv = SMBC_server(frame, context, True,
2057 server, share, &workgroup, &user, &password);
2058 if (!srv) {
2059 TALLOC_FREE(frame);
2060 return -1; /* errno set by SMBC_server */
2061 }
2062
2063 if (! srv->no_nt_session) {
2064 ipc_srv = SMBC_attr_server(frame, context, server, share,
2065 &workgroup, &user, &password);
2066 if (! ipc_srv) {
2067 srv->no_nt_session = True;
2068 }
2069 } else {
2070 ipc_srv = NULL;
2071 }
2072
2073 /* Determine whether to use old-style or new-style attribute names */
2074 if (context->internal->full_time_names) {
2075 /* new-style names */
2076 attr_strings.create_time_attr = "system.dos_attr.CREATE_TIME";
2077 attr_strings.access_time_attr = "system.dos_attr.ACCESS_TIME";
2078 attr_strings.write_time_attr = "system.dos_attr.WRITE_TIME";
2079 attr_strings.change_time_attr = "system.dos_attr.CHANGE_TIME";
2080 } else {
2081 /* old-style names */
2082 attr_strings.create_time_attr = NULL;
2083 attr_strings.access_time_attr = "system.dos_attr.A_TIME";
2084 attr_strings.write_time_attr = "system.dos_attr.M_TIME";
2085 attr_strings.change_time_attr = "system.dos_attr.C_TIME";
2086 }
2087
2088 /* Are they requesting a supported attribute? */
2089 if (StrCaseCmp(name, "system.*") == 0 ||
2090 StrnCaseCmp(name, "system.*!", 9) == 0 ||
2091 StrCaseCmp(name, "system.*+") == 0 ||
2092 StrnCaseCmp(name, "system.*+!", 10) == 0 ||
2093 StrCaseCmp(name, "system.nt_sec_desc.*") == 0 ||
2094 StrnCaseCmp(name, "system.nt_sec_desc.*!", 21) == 0 ||
2095 StrCaseCmp(name, "system.nt_sec_desc.*+") == 0 ||
2096 StrnCaseCmp(name, "system.nt_sec_desc.*+!", 22) == 0 ||
2097 StrCaseCmp(name, "system.nt_sec_desc.revision") == 0 ||
2098 StrCaseCmp(name, "system.nt_sec_desc.owner") == 0 ||
2099 StrCaseCmp(name, "system.nt_sec_desc.owner+") == 0 ||
2100 StrCaseCmp(name, "system.nt_sec_desc.group") == 0 ||
2101 StrCaseCmp(name, "system.nt_sec_desc.group+") == 0 ||
2102 StrnCaseCmp(name, "system.nt_sec_desc.acl", 22) == 0 ||
2103 StrnCaseCmp(name, "system.nt_sec_desc.acl+", 23) == 0 ||
2104 StrCaseCmp(name, "system.dos_attr.*") == 0 ||
2105 StrnCaseCmp(name, "system.dos_attr.*!", 18) == 0 ||
2106 StrCaseCmp(name, "system.dos_attr.mode") == 0 ||
2107 StrCaseCmp(name, "system.dos_attr.size") == 0 ||
2108 (attr_strings.create_time_attr != NULL &&
2109 StrCaseCmp(name, attr_strings.create_time_attr) == 0) ||
2110 StrCaseCmp(name, attr_strings.access_time_attr) == 0 ||
2111 StrCaseCmp(name, attr_strings.write_time_attr) == 0 ||
2112 StrCaseCmp(name, attr_strings.change_time_attr) == 0 ||
2113 StrCaseCmp(name, "system.dos_attr.inode") == 0) {
2114
2115 /* Yup. */
2116 ret = cacl_get(context, talloc_tos(), srv,
2117 ipc_srv == NULL ? NULL : ipc_srv->cli,
2118 &ipc_srv->pol, path,
2119 CONST_DISCARD(char *, name),
2120 CONST_DISCARD(char *, value), size);
2121 if (ret < 0 && errno == 0) {
2122 errno = SMBC_errno(context, srv->cli);
2123 }
2124 TALLOC_FREE(frame);
2125 return ret;
2126 }
2127
2128 /* Unsupported attribute name */
2129 errno = EINVAL;
2130 TALLOC_FREE(frame);
2131 return -1;
2132 }
2133
2134
2135 int
2136 SMBC_removexattr_ctx(SMBCCTX *context,
2137 const char *fname,
2138 const char *name)
2139 {
2140 int ret;
2141 SMBCSRV *srv = NULL;
2142 SMBCSRV *ipc_srv = NULL;
2143 char *server = NULL;
2144 char *share = NULL;
2145 char *user = NULL;
2146 char *password = NULL;
2147 char *workgroup = NULL;
2148 char *path = NULL;
2149 TALLOC_CTX *frame = talloc_stackframe();
2150
2151 if (!context || !context->internal->initialized) {
2152
2153 errno = EINVAL; /* Best I can think of ... */
2154 TALLOC_FREE(frame);
2155 return -1;
2156 }
2157
2158 if (!fname) {
2159 errno = EINVAL;
2160 TALLOC_FREE(frame);
2161 return -1;
2162 }
2163
2164 DEBUG(4, ("smbc_removexattr(%s, %s)\n", fname, name));
2165
2166 if (SMBC_parse_path(frame,
2167 context,
2168 fname,
2169 &workgroup,
2170 &server,
2171 &share,
2172 &path,
2173 &user,
2174 &password,
2175 NULL)) {
2176 errno = EINVAL;
2177 TALLOC_FREE(frame);
2178 return -1;
2179 }
2180
2181 if (!user || user[0] == (char)0) {
2182 user = talloc_strdup(frame, smbc_getUser(context));
2183 if (!user) {
2184 errno = ENOMEM;
2185 TALLOC_FREE(frame);
2186 return -1;
2187 }
2188 }
2189
2190 srv = SMBC_server(frame, context, True,
2191 server, share, &workgroup, &user, &password);
2192 if (!srv) {
2193 TALLOC_FREE(frame);
2194 return -1; /* errno set by SMBC_server */
2195 }
2196
2197 if (! srv->no_nt_session) {
2198 ipc_srv = SMBC_attr_server(frame, context, server, share,
2199 &workgroup, &user, &password);
2200 if (! ipc_srv) {
2201 srv->no_nt_session = True;
2202 }
2203 } else {
2204 ipc_srv = NULL;
2205 }
2206
2207 if (! ipc_srv) {
2208 TALLOC_FREE(frame);
2209 return -1; /* errno set by SMBC_attr_server */
2210 }
2211
2212 /* Are they asking to set the entire ACL? */
2213 if (StrCaseCmp(name, "system.nt_sec_desc.*") == 0 ||
2214 StrCaseCmp(name, "system.nt_sec_desc.*+") == 0) {
2215
2216 /* Yup. */
2217 ret = cacl_set(talloc_tos(), srv->cli,
2218 ipc_srv->cli, &ipc_srv->pol, path,
2219 NULL, SMBC_XATTR_MODE_REMOVE_ALL, 0);
2220 TALLOC_FREE(frame);
2221 return ret;
2222 }
2223
2224 /*
2225 * Are they asking to remove one or more spceific security descriptor
2226 * attributes?
2227 */
2228 if (StrCaseCmp(name, "system.nt_sec_desc.revision") == 0 ||
2229 StrCaseCmp(name, "system.nt_sec_desc.owner") == 0 ||
2230 StrCaseCmp(name, "system.nt_sec_desc.owner+") == 0 ||
2231 StrCaseCmp(name, "system.nt_sec_desc.group") == 0 ||
2232 StrCaseCmp(name, "system.nt_sec_desc.group+") == 0 ||
2233 StrnCaseCmp(name, "system.nt_sec_desc.acl", 22) == 0 ||
2234 StrnCaseCmp(name, "system.nt_sec_desc.acl+", 23) == 0) {
2235
2236 /* Yup. */
2237 ret = cacl_set(talloc_tos(), srv->cli,
2238 ipc_srv->cli, &ipc_srv->pol, path,
2239 name + 19, SMBC_XATTR_MODE_REMOVE, 0);
2240 TALLOC_FREE(frame);
2241 return ret;
2242 }
2243
2244 /* Unsupported attribute name */
2245 errno = EINVAL;
2246 TALLOC_FREE(frame);
2247 return -1;
2248 }
2249
2250 int
2251 SMBC_listxattr_ctx(SMBCCTX *context,
2252 const char *fname,
2253 char *list,
2254 size_t size)
2255 {
2256 /*
2257 * This isn't quite what listxattr() is supposed to do. This returns
2258 * the complete set of attribute names, always, rather than only those
2259 * attribute names which actually exist for a file. Hmmm...
2260 */
2261 size_t retsize;
2262 const char supported_old[] =
2263 "system.*\0"
2264 "system.*+\0"
2265 "system.nt_sec_desc.revision\0"
2266 "system.nt_sec_desc.owner\0"
2267 "system.nt_sec_desc.owner+\0"
2268 "system.nt_sec_desc.group\0"
2269 "system.nt_sec_desc.group+\0"
2270 "system.nt_sec_desc.acl.*\0"
2271 "system.nt_sec_desc.acl\0"
2272 "system.nt_sec_desc.acl+\0"
2273 "system.nt_sec_desc.*\0"
2274 "system.nt_sec_desc.*+\0"
2275 "system.dos_attr.*\0"
2276 "system.dos_attr.mode\0"
2277 "system.dos_attr.c_time\0"
2278 "system.dos_attr.a_time\0"
2279 "system.dos_attr.m_time\0"
2280 ;
2281 const char supported_new[] =
2282 "system.*\0"
2283 "system.*+\0"
2284 "system.nt_sec_desc.revision\0"
2285 "system.nt_sec_desc.owner\0"
2286 "system.nt_sec_desc.owner+\0"
2287 "system.nt_sec_desc.group\0"
2288 "system.nt_sec_desc.group+\0"
2289 "system.nt_sec_desc.acl.*\0"
2290 "system.nt_sec_desc.acl\0"
2291 "system.nt_sec_desc.acl+\0"
2292 "system.nt_sec_desc.*\0"
2293 "system.nt_sec_desc.*+\0"
2294 "system.dos_attr.*\0"
2295 "system.dos_attr.mode\0"
2296 "system.dos_attr.create_time\0"
2297 "system.dos_attr.access_time\0"
2298 "system.dos_attr.write_time\0"
2299 "system.dos_attr.change_time\0"
2300 ;
2301 const char * supported;
2302
2303 if (context->internal->full_time_names) {
2304 supported = supported_new;
2305 retsize = sizeof(supported_new);
2306 } else {
2307 supported = supported_old;
2308 retsize = sizeof(supported_old);
2309 }
2310
2311 if (size == 0) {
2312 return retsize;
2313 }
2314
2315 if (retsize > size) {
2316 errno = ERANGE;
2317 return -1;
2318 }
2319
2320 /* this can't be strcpy() because there are embedded null characters */
2321 memcpy(list, supported, retsize);
2322 return retsize;
2323 }
reg import