search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Initial revamp of the libsmbclient interface.
[Samba/gebeck_regimport.git] / source3 / libsmb / libsmb_xattr.c
blob93ca0706b2b316f1609c423074c17d1ab804a16a
1 /*
2 Unix SMB/Netbios implementation.
3 SMB client library implementation
4 Copyright (C) Andrew Tridgell 1998
5 Copyright (C) Richard Sharpe 2000, 2002
6 Copyright (C) John Terpstra 2000
7 Copyright (C) Tom Jansen (Ninja ISD) 2002
8 Copyright (C) Derrell Lipman 2003-2008
9 Copyright (C) Jeremy Allison 2007, 2008
10
11 This program is free software; you can redistribute it and/or modify
12 it under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 3 of the License, or
14 (at your option) any later version.
15
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
20
21 You should have received a copy of the GNU General Public License
22 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 */
24
25 #include "includes.h"
26 #include "libsmbclient.h"
27 #include "libsmb_internal.h"
28
29
30 /*
31 * Find an lsa pipe handle associated with a cli struct.
32 */
33 static struct rpc_pipe_client *
34 find_lsa_pipe_hnd(struct cli_state *ipc_cli)
35 {
36 struct rpc_pipe_client *pipe_hnd;
37
38 for (pipe_hnd = ipc_cli->pipe_list;
39 pipe_hnd;
40 pipe_hnd = pipe_hnd->next) {
41
42 if (pipe_hnd->pipe_idx == PI_LSARPC) {
43 return pipe_hnd;
44 }
45 }
46
47 return NULL;
48 }
49
50 /*
51 * Sort ACEs according to the documentation at
52 * http://support.microsoft.com/kb/269175, at least as far as it defines the
53 * order.
54 */
55
56 static int
57 ace_compare(SEC_ACE *ace1,
58 SEC_ACE *ace2)
59 {
60 bool b1;
61 bool b2;
62
63 /* If the ACEs are equal, we have nothing more to do. */
64 if (sec_ace_equal(ace1, ace2)) {
65 return 0;
66 }
67
68 /* Inherited follow non-inherited */
69 b1 = ((ace1->flags & SEC_ACE_FLAG_INHERITED_ACE) != 0);
70 b2 = ((ace2->flags & SEC_ACE_FLAG_INHERITED_ACE) != 0);
71 if (b1 != b2) {
72 return (b1 ? 1 : -1);
73 }
74
75 /*
76 * What shall we do with AUDITs and ALARMs? It's undefined. We'll
77 * sort them after DENY and ALLOW.
78 */
79 b1 = (ace1->type != SEC_ACE_TYPE_ACCESS_ALLOWED &&
80 ace1->type != SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT &&
81 ace1->type != SEC_ACE_TYPE_ACCESS_DENIED &&
82 ace1->type != SEC_ACE_TYPE_ACCESS_DENIED_OBJECT);
83 b2 = (ace2->type != SEC_ACE_TYPE_ACCESS_ALLOWED &&
84 ace2->type != SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT &&
85 ace2->type != SEC_ACE_TYPE_ACCESS_DENIED &&
86 ace2->type != SEC_ACE_TYPE_ACCESS_DENIED_OBJECT);
87 if (b1 != b2) {
88 return (b1 ? 1 : -1);
89 }
90
91 /* Allowed ACEs follow denied ACEs */
92 b1 = (ace1->type == SEC_ACE_TYPE_ACCESS_ALLOWED ||
93 ace1->type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT);
94 b2 = (ace2->type == SEC_ACE_TYPE_ACCESS_ALLOWED ||
95 ace2->type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT);
96 if (b1 != b2) {
97 return (b1 ? 1 : -1);
98 }
99
100 /*
101 * ACEs applying to an entity's object follow those applying to the
102 * entity itself
103 */
104 b1 = (ace1->type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT ||
105 ace1->type == SEC_ACE_TYPE_ACCESS_DENIED_OBJECT);
106 b2 = (ace2->type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT ||
107 ace2->type == SEC_ACE_TYPE_ACCESS_DENIED_OBJECT);
108 if (b1 != b2) {
109 return (b1 ? 1 : -1);
110 }
111
112 /*
113 * If we get this far, the ACEs are similar as far as the
114 * characteristics we typically care about (those defined by the
115 * referenced MS document). We'll now sort by characteristics that
116 * just seems reasonable.
117 */
118
119 if (ace1->type != ace2->type) {
120 return ace2->type - ace1->type;
121 }
122
123 if (sid_compare(&ace1->trustee, &ace2->trustee)) {
124 return sid_compare(&ace1->trustee, &ace2->trustee);
125 }
126
127 if (ace1->flags != ace2->flags) {
128 return ace1->flags - ace2->flags;
129 }
130
131 if (ace1->access_mask != ace2->access_mask) {
132 return ace1->access_mask - ace2->access_mask;
133 }
134
135 if (ace1->size != ace2->size) {
136 return ace1->size - ace2->size;
137 }
138
139 return memcmp(ace1, ace2, sizeof(SEC_ACE));
140 }
141
142
143 static void
144 sort_acl(SEC_ACL *the_acl)
145 {
146 uint32 i;
147 if (!the_acl) return;
148
149 qsort(the_acl->aces, the_acl->num_aces, sizeof(the_acl->aces[0]),
150 QSORT_CAST ace_compare);
151
152 for (i=1;i<the_acl->num_aces;) {
153 if (sec_ace_equal(&the_acl->aces[i-1], &the_acl->aces[i])) {
154 int j;
155 for (j=i; j<the_acl->num_aces-1; j++) {
156 the_acl->aces[j] = the_acl->aces[j+1];
157 }
158 the_acl->num_aces--;
159 } else {
160 i++;
161 }
162 }
163 }
164
165 /* convert a SID to a string, either numeric or username/group */
166 static void
167 convert_sid_to_string(struct cli_state *ipc_cli,
168 POLICY_HND *pol,
169 fstring str,
170 bool numeric,
171 DOM_SID *sid)
172 {
173 char **domains = NULL;
174 char **names = NULL;
175 enum lsa_SidType *types = NULL;
176 struct rpc_pipe_client *pipe_hnd = find_lsa_pipe_hnd(ipc_cli);
177 TALLOC_CTX *ctx;
178
179 sid_to_fstring(str, sid);
180
181 if (numeric) {
182 return; /* no lookup desired */
183 }
184
185 if (!pipe_hnd) {
186 return;
187 }
188
189 /* Ask LSA to convert the sid to a name */
190
191 ctx = talloc_stackframe();
192
193 if (!NT_STATUS_IS_OK(rpccli_lsa_lookup_sids(pipe_hnd, ctx,
194 pol, 1, sid, &domains,
195 &names, &types)) ||
196 !domains || !domains[0] || !names || !names[0]) {
197 TALLOC_FREE(ctx);
198 return;
199 }
200
201 TALLOC_FREE(ctx);
202 /* Converted OK */
203
204 slprintf(str, sizeof(fstring) - 1, "%s%s%s",
205 domains[0], lp_winbind_separator(),
206 names[0]);
207 }
208
209 /* convert a string to a SID, either numeric or username/group */
210 static bool
211 convert_string_to_sid(struct cli_state *ipc_cli,
212 POLICY_HND *pol,
213 bool numeric,
214 DOM_SID *sid,
215 const char *str)
216 {
217 enum lsa_SidType *types = NULL;
218 DOM_SID *sids = NULL;
219 bool result = True;
220 TALLOC_CTX *ctx = NULL;
221 struct rpc_pipe_client *pipe_hnd = find_lsa_pipe_hnd(ipc_cli);
222
223 if (!pipe_hnd) {
224 return False;
225 }
226
227 if (numeric) {
228 if (strncmp(str, "S-", 2) == 0) {
229 return string_to_sid(sid, str);
230 }
231
232 result = False;
233 goto done;
234 }
235
236 ctx = talloc_stackframe();
237 if (!NT_STATUS_IS_OK(rpccli_lsa_lookup_names(pipe_hnd, ctx,
238 pol, 1, &str, NULL, 1, &sids,
239 &types))) {
240 result = False;
241 goto done;
242 }
243
244 sid_copy(sid, &sids[0]);
245 done:
246
247 TALLOC_FREE(ctx);
248 return result;
249 }
250
251
252 /* parse an ACE in the same format as print_ace() */
253 static bool
254 parse_ace(struct cli_state *ipc_cli,
255 POLICY_HND *pol,
256 SEC_ACE *ace,
257 bool numeric,
258 char *str)
259 {
260 char *p;
261 const char *cp;
262 char *tok;
263 unsigned int atype;
264 unsigned int aflags;
265 unsigned int amask;
266 DOM_SID sid;
267 SEC_ACCESS mask;
268 const struct perm_value *v;
269 struct perm_value {
270 const char *perm;
271 uint32 mask;
272 };
273 TALLOC_CTX *frame = talloc_stackframe();
274
275 /* These values discovered by inspection */
276 static const struct perm_value special_values[] = {
277 { "R", 0x00120089 },
278 { "W", 0x00120116 },
279 { "X", 0x001200a0 },
280 { "D", 0x00010000 },
281 { "P", 0x00040000 },
282 { "O", 0x00080000 },
283 { NULL, 0 },
284 };
285
286 static const struct perm_value standard_values[] = {
287 { "READ", 0x001200a9 },
288 { "CHANGE", 0x001301bf },
289 { "FULL", 0x001f01ff },
290 { NULL, 0 },
291 };
292
293
294 ZERO_STRUCTP(ace);
295 p = strchr_m(str,':');
296 if (!p) {
297 TALLOC_FREE(frame);
298 return False;
299 }
300 *p = '\0';
301 p++;
302 /* Try to parse numeric form */
303
304 if (sscanf(p, "%i/%i/%i", &atype, &aflags, &amask) == 3 &&
305 convert_string_to_sid(ipc_cli, pol, numeric, &sid, str)) {
306 goto done;
307 }
308
309 /* Try to parse text form */
310
311 if (!convert_string_to_sid(ipc_cli, pol, numeric, &sid, str)) {
312 TALLOC_FREE(frame);
313 return false;
314 }
315
316 cp = p;
317 if (!next_token_talloc(frame, &cp, &tok, "/")) {
318 TALLOC_FREE(frame);
319 return false;
320 }
321
322 if (StrnCaseCmp(tok, "ALLOWED", strlen("ALLOWED")) == 0) {
323 atype = SEC_ACE_TYPE_ACCESS_ALLOWED;
324 } else if (StrnCaseCmp(tok, "DENIED", strlen("DENIED")) == 0) {
325 atype = SEC_ACE_TYPE_ACCESS_DENIED;
326 } else {
327 TALLOC_FREE(frame);
328 return false;
329 }
330
331 /* Only numeric form accepted for flags at present */
332
333 if (!(next_token_talloc(frame, &cp, &tok, "/") &&
334 sscanf(tok, "%i", &aflags))) {
335 TALLOC_FREE(frame);
336 return false;
337 }
338
339 if (!next_token_talloc(frame, &cp, &tok, "/")) {
340 TALLOC_FREE(frame);
341 return false;
342 }
343
344 if (strncmp(tok, "0x", 2) == 0) {
345 if (sscanf(tok, "%i", &amask) != 1) {
346 TALLOC_FREE(frame);
347 return false;
348 }
349 goto done;
350 }
351
352 for (v = standard_values; v->perm; v++) {
353 if (strcmp(tok, v->perm) == 0) {
354 amask = v->mask;
355 goto done;
356 }
357 }
358
359 p = tok;
360
361 while(*p) {
362 bool found = False;
363
364 for (v = special_values; v->perm; v++) {
365 if (v->perm[0] == *p) {
366 amask |= v->mask;
367 found = True;
368 }
369 }
370
371 if (!found) {
372 TALLOC_FREE(frame);
373 return false;
374 }
375 p++;
376 }
377
378 if (*p) {
379 TALLOC_FREE(frame);
380 return false;
381 }
382
383 done:
384 mask = amask;
385 init_sec_ace(ace, &sid, atype, mask, aflags);
386 TALLOC_FREE(frame);
387 return true;
388 }
389
390 /* add an ACE to a list of ACEs in a SEC_ACL */
391 static bool
392 add_ace(SEC_ACL **the_acl,
393 SEC_ACE *ace,
394 TALLOC_CTX *ctx)
395 {
396 SEC_ACL *newacl;
397 SEC_ACE *aces;
398
399 if (! *the_acl) {
400 (*the_acl) = make_sec_acl(ctx, 3, 1, ace);
401 return True;
402 }
403
404 if ((aces = SMB_CALLOC_ARRAY(SEC_ACE, 1+(*the_acl)->num_aces)) == NULL) {
405 return False;
406 }
407 memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(SEC_ACE));
408 memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE));
409 newacl = make_sec_acl(ctx, (*the_acl)->revision,
410 1+(*the_acl)->num_aces, aces);
411 SAFE_FREE(aces);
412 (*the_acl) = newacl;
413 return True;
414 }
415
416
417 /* parse a ascii version of a security descriptor */
418 static SEC_DESC *
419 sec_desc_parse(TALLOC_CTX *ctx,
420 struct cli_state *ipc_cli,
421 POLICY_HND *pol,
422 bool numeric,
423 char *str)
424 {
425 const char *p = str;
426 char *tok;
427 SEC_DESC *ret = NULL;
428 size_t sd_size;
429 DOM_SID *group_sid=NULL;
430 DOM_SID *owner_sid=NULL;
431 SEC_ACL *dacl=NULL;
432 int revision=1;
433
434 while (next_token_talloc(ctx, &p, &tok, "\t,\r\n")) {
435
436 if (StrnCaseCmp(tok,"REVISION:", 9) == 0) {
437 revision = strtol(tok+9, NULL, 16);
438 continue;
439 }
440
441 if (StrnCaseCmp(tok,"OWNER:", 6) == 0) {
442 if (owner_sid) {
443 DEBUG(5, ("OWNER specified more than once!\n"));
444 goto done;
445 }
446 owner_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
447 if (!owner_sid ||
448 !convert_string_to_sid(ipc_cli, pol,
449 numeric,
450 owner_sid, tok+6)) {
451 DEBUG(5, ("Failed to parse owner sid\n"));
452 goto done;
453 }
454 continue;
455 }
456
457 if (StrnCaseCmp(tok,"OWNER+:", 7) == 0) {
458 if (owner_sid) {
459 DEBUG(5, ("OWNER specified more than once!\n"));
460 goto done;
461 }
462 owner_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
463 if (!owner_sid ||
464 !convert_string_to_sid(ipc_cli, pol,
465 False,
466 owner_sid, tok+7)) {
467 DEBUG(5, ("Failed to parse owner sid\n"));
468 goto done;
469 }
470 continue;
471 }
472
473 if (StrnCaseCmp(tok,"GROUP:", 6) == 0) {
474 if (group_sid) {
475 DEBUG(5, ("GROUP specified more than once!\n"));
476 goto done;
477 }
478 group_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
479 if (!group_sid ||
480 !convert_string_to_sid(ipc_cli, pol,
481 numeric,
482 group_sid, tok+6)) {
483 DEBUG(5, ("Failed to parse group sid\n"));
484 goto done;
485 }
486 continue;
487 }
488
489 if (StrnCaseCmp(tok,"GROUP+:", 7) == 0) {
490 if (group_sid) {
491 DEBUG(5, ("GROUP specified more than once!\n"));
492 goto done;
493 }
494 group_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
495 if (!group_sid ||
496 !convert_string_to_sid(ipc_cli, pol,
497 False,
498 group_sid, tok+6)) {
499 DEBUG(5, ("Failed to parse group sid\n"));
500 goto done;
501 }
502 continue;
503 }
504
505 if (StrnCaseCmp(tok,"ACL:", 4) == 0) {
506 SEC_ACE ace;
507 if (!parse_ace(ipc_cli, pol, &ace, numeric, tok+4)) {
508 DEBUG(5, ("Failed to parse ACL %s\n", tok));
509 goto done;
510 }
511 if(!add_ace(&dacl, &ace, ctx)) {
512 DEBUG(5, ("Failed to add ACL %s\n", tok));
513 goto done;
514 }
515 continue;
516 }
517
518 if (StrnCaseCmp(tok,"ACL+:", 5) == 0) {
519 SEC_ACE ace;
520 if (!parse_ace(ipc_cli, pol, &ace, False, tok+5)) {
521 DEBUG(5, ("Failed to parse ACL %s\n", tok));
522 goto done;
523 }
524 if(!add_ace(&dacl, &ace, ctx)) {
525 DEBUG(5, ("Failed to add ACL %s\n", tok));
526 goto done;
527 }
528 continue;
529 }
530
531 DEBUG(5, ("Failed to parse security descriptor\n"));
532 goto done;
533 }
534
535 ret = make_sec_desc(ctx, revision, SEC_DESC_SELF_RELATIVE,
536 owner_sid, group_sid, NULL, dacl, &sd_size);
537
538 done:
539 SAFE_FREE(group_sid);
540 SAFE_FREE(owner_sid);
541
542 return ret;
543 }
544
545
546 /* Obtain the current dos attributes */
547 static DOS_ATTR_DESC *
548 dos_attr_query(SMBCCTX *context,
549 TALLOC_CTX *ctx,
550 const char *filename,
551 SMBCSRV *srv)
552 {
553 struct timespec create_time_ts;
554 struct timespec write_time_ts;
555 struct timespec access_time_ts;
556 struct timespec change_time_ts;
557 SMB_OFF_T size = 0;
558 uint16 mode = 0;
559 SMB_INO_T inode = 0;
560 DOS_ATTR_DESC *ret;
561
562 ret = TALLOC_P(ctx, DOS_ATTR_DESC);
563 if (!ret) {
564 errno = ENOMEM;
565 return NULL;
566 }
567
568 /* Obtain the DOS attributes */
569 if (!SMBC_getatr(context, srv, CONST_DISCARD(char *, filename),
570 &mode, &size,
571 &create_time_ts,
572 &access_time_ts,
573 &write_time_ts,
574 &change_time_ts,
575 &inode)) {
576 errno = SMBC_errno(context, srv->cli);
577 DEBUG(5, ("dos_attr_query Failed to query old attributes\n"));
578 return NULL;
579 }
580
581 ret->mode = mode;
582 ret->size = size;
583 ret->create_time = convert_timespec_to_time_t(create_time_ts);
584 ret->access_time = convert_timespec_to_time_t(access_time_ts);
585 ret->write_time = convert_timespec_to_time_t(write_time_ts);
586 ret->change_time = convert_timespec_to_time_t(change_time_ts);
587 ret->inode = inode;
588
589 return ret;
590 }
591
592
593 /* parse a ascii version of a security descriptor */
594 static void
595 dos_attr_parse(SMBCCTX *context,
596 DOS_ATTR_DESC *dad,
597 SMBCSRV *srv,
598 char *str)
599 {
600 int n;
601 const char *p = str;
602 char *tok = NULL;
603 TALLOC_CTX *frame = NULL;
604 struct {
605 const char * create_time_attr;
606 const char * access_time_attr;
607 const char * write_time_attr;
608 const char * change_time_attr;
609 } attr_strings;
610
611 /* Determine whether to use old-style or new-style attribute names */
612 if (context->full_time_names) {
613 /* new-style names */
614 attr_strings.create_time_attr = "CREATE_TIME";
615 attr_strings.access_time_attr = "ACCESS_TIME";
616 attr_strings.write_time_attr = "WRITE_TIME";
617 attr_strings.change_time_attr = "CHANGE_TIME";
618 } else {
619 /* old-style names */
620 attr_strings.create_time_attr = NULL;
621 attr_strings.access_time_attr = "A_TIME";
622 attr_strings.write_time_attr = "M_TIME";
623 attr_strings.change_time_attr = "C_TIME";
624 }
625
626 /* if this is to set the entire ACL... */
627 if (*str == '*') {
628 /* ... then increment past the first colon if there is one */
629 if ((p = strchr(str, ':')) != NULL) {
630 ++p;
631 } else {
632 p = str;
633 }
634 }
635
636 frame = talloc_stackframe();
637 while (next_token_talloc(frame, &p, &tok, "\t,\r\n")) {
638 if (StrnCaseCmp(tok, "MODE:", 5) == 0) {
639 long request = strtol(tok+5, NULL, 16);
640 if (request == 0) {
641 dad->mode = (request |
642 (IS_DOS_DIR(dad->mode)
643 ? FILE_ATTRIBUTE_DIRECTORY
644 : FILE_ATTRIBUTE_NORMAL));
645 } else {
646 dad->mode = request;
647 }
648 continue;
649 }
650
651 if (StrnCaseCmp(tok, "SIZE:", 5) == 0) {
652 dad->size = (SMB_OFF_T)atof(tok+5);
653 continue;
654 }
655
656 n = strlen(attr_strings.access_time_attr);
657 if (StrnCaseCmp(tok, attr_strings.access_time_attr, n) == 0) {
658 dad->access_time = (time_t)strtol(tok+n+1, NULL, 10);
659 continue;
660 }
661
662 n = strlen(attr_strings.change_time_attr);
663 if (StrnCaseCmp(tok, attr_strings.change_time_attr, n) == 0) {
664 dad->change_time = (time_t)strtol(tok+n+1, NULL, 10);
665 continue;
666 }
667
668 n = strlen(attr_strings.write_time_attr);
669 if (StrnCaseCmp(tok, attr_strings.write_time_attr, n) == 0) {
670 dad->write_time = (time_t)strtol(tok+n+1, NULL, 10);
671 continue;
672 }
673
674 if (attr_strings.create_time_attr != NULL) {
675 n = strlen(attr_strings.create_time_attr);
676 if (StrnCaseCmp(tok, attr_strings.create_time_attr,
677 n) == 0) {
678 dad->create_time = (time_t)strtol(tok+n+1,
679 NULL, 10);
680 continue;
681 }
682 }
683
684 if (StrnCaseCmp(tok, "INODE:", 6) == 0) {
685 dad->inode = (SMB_INO_T)atof(tok+6);
686 continue;
687 }
688 }
689 TALLOC_FREE(frame);
690 }
691
692 /*****************************************************
693 Retrieve the acls for a file.
694 *******************************************************/
695
696 static int
697 cacl_get(SMBCCTX *context,
698 TALLOC_CTX *ctx,
699 SMBCSRV *srv,
700 struct cli_state *ipc_cli,
701 POLICY_HND *pol,
702 char *filename,
703 char *attr_name,
704 char *buf,
705 int bufsize)
706 {
707 uint32 i;
708 int n = 0;
709 int n_used;
710 bool all;
711 bool all_nt;
712 bool all_nt_acls;
713 bool all_dos;
714 bool some_nt;
715 bool some_dos;
716 bool exclude_nt_revision = False;
717 bool exclude_nt_owner = False;
718 bool exclude_nt_group = False;
719 bool exclude_nt_acl = False;
720 bool exclude_dos_mode = False;
721 bool exclude_dos_size = False;
722 bool exclude_dos_create_time = False;
723 bool exclude_dos_access_time = False;
724 bool exclude_dos_write_time = False;
725 bool exclude_dos_change_time = False;
726 bool exclude_dos_inode = False;
727 bool numeric = True;
728 bool determine_size = (bufsize == 0);
729 int fnum = -1;
730 SEC_DESC *sd;
731 fstring sidstr;
732 fstring name_sandbox;
733 char *name;
734 char *pExclude;
735 char *p;
736 struct timespec create_time_ts;
737 struct timespec write_time_ts;
738 struct timespec access_time_ts;
739 struct timespec change_time_ts;
740 time_t create_time = (time_t)0;
741 time_t write_time = (time_t)0;
742 time_t access_time = (time_t)0;
743 time_t change_time = (time_t)0;
744 SMB_OFF_T size = 0;
745 uint16 mode = 0;
746 SMB_INO_T ino = 0;
747 struct cli_state *cli = srv->cli;
748 struct {
749 const char * create_time_attr;
750 const char * access_time_attr;
751 const char * write_time_attr;
752 const char * change_time_attr;
753 } attr_strings;
754 struct {
755 const char * create_time_attr;
756 const char * access_time_attr;
757 const char * write_time_attr;
758 const char * change_time_attr;
759 } excl_attr_strings;
760
761 /* Determine whether to use old-style or new-style attribute names */
762 if (context->full_time_names) {
763 /* new-style names */
764 attr_strings.create_time_attr = "CREATE_TIME";
765 attr_strings.access_time_attr = "ACCESS_TIME";
766 attr_strings.write_time_attr = "WRITE_TIME";
767 attr_strings.change_time_attr = "CHANGE_TIME";
768
769 excl_attr_strings.create_time_attr = "CREATE_TIME";
770 excl_attr_strings.access_time_attr = "ACCESS_TIME";
771 excl_attr_strings.write_time_attr = "WRITE_TIME";
772 excl_attr_strings.change_time_attr = "CHANGE_TIME";
773 } else {
774 /* old-style names */
775 attr_strings.create_time_attr = NULL;
776 attr_strings.access_time_attr = "A_TIME";
777 attr_strings.write_time_attr = "M_TIME";
778 attr_strings.change_time_attr = "C_TIME";
779
780 excl_attr_strings.create_time_attr = NULL;
781 excl_attr_strings.access_time_attr = "dos_attr.A_TIME";
782 excl_attr_strings.write_time_attr = "dos_attr.M_TIME";
783 excl_attr_strings.change_time_attr = "dos_attr.C_TIME";
784 }
785
786 /* Copy name so we can strip off exclusions (if any are specified) */
787 strncpy(name_sandbox, attr_name, sizeof(name_sandbox) - 1);
788
789 /* Ensure name is null terminated */
790 name_sandbox[sizeof(name_sandbox) - 1] = '\0';
791
792 /* Play in the sandbox */
793 name = name_sandbox;
794
795 /* If there are any exclusions, point to them and mask them from name */
796 if ((pExclude = strchr(name, '!')) != NULL)
797 {
798 *pExclude++ = '\0';
799 }
800
801 all = (StrnCaseCmp(name, "system.*", 8) == 0);
802 all_nt = (StrnCaseCmp(name, "system.nt_sec_desc.*", 20) == 0);
803 all_nt_acls = (StrnCaseCmp(name, "system.nt_sec_desc.acl.*", 24) == 0);
804 all_dos = (StrnCaseCmp(name, "system.dos_attr.*", 17) == 0);
805 some_nt = (StrnCaseCmp(name, "system.nt_sec_desc.", 19) == 0);
806 some_dos = (StrnCaseCmp(name, "system.dos_attr.", 16) == 0);
807 numeric = (* (name + strlen(name) - 1) != '+');
808
809 /* Look for exclusions from "all" requests */
810 if (all || all_nt || all_dos) {
811
812 /* Exclusions are delimited by '!' */
813 for (;
814 pExclude != NULL;
815 pExclude = (p == NULL ? NULL : p + 1)) {
816
817 /* Find end of this exclusion name */
818 if ((p = strchr(pExclude, '!')) != NULL)
819 {
820 *p = '\0';
821 }
822
823 /* Which exclusion name is this? */
824 if (StrCaseCmp(pExclude, "nt_sec_desc.revision") == 0) {
825 exclude_nt_revision = True;
826 }
827 else if (StrCaseCmp(pExclude, "nt_sec_desc.owner") == 0) {
828 exclude_nt_owner = True;
829 }
830 else if (StrCaseCmp(pExclude, "nt_sec_desc.group") == 0) {
831 exclude_nt_group = True;
832 }
833 else if (StrCaseCmp(pExclude, "nt_sec_desc.acl") == 0) {
834 exclude_nt_acl = True;
835 }
836 else if (StrCaseCmp(pExclude, "dos_attr.mode") == 0) {
837 exclude_dos_mode = True;
838 }
839 else if (StrCaseCmp(pExclude, "dos_attr.size") == 0) {
840 exclude_dos_size = True;
841 }
842 else if (excl_attr_strings.create_time_attr != NULL &&
843 StrCaseCmp(pExclude,
844 excl_attr_strings.change_time_attr) == 0) {
845 exclude_dos_create_time = True;
846 }
847 else if (StrCaseCmp(pExclude,
848 excl_attr_strings.access_time_attr) == 0) {
849 exclude_dos_access_time = True;
850 }
851 else if (StrCaseCmp(pExclude,
852 excl_attr_strings.write_time_attr) == 0) {
853 exclude_dos_write_time = True;
854 }
855 else if (StrCaseCmp(pExclude,
856 excl_attr_strings.change_time_attr) == 0) {
857 exclude_dos_change_time = True;
858 }
859 else if (StrCaseCmp(pExclude, "dos_attr.inode") == 0) {
860 exclude_dos_inode = True;
861 }
862 else {
863 DEBUG(5, ("cacl_get received unknown exclusion: %s\n",
864 pExclude));
865 errno = ENOATTR;
866 return -1;
867 }
868 }
869 }
870
871 n_used = 0;
872
873 /*
874 * If we are (possibly) talking to an NT or new system and some NT
875 * attributes have been requested...
876 */
877 if (ipc_cli && (all || some_nt || all_nt_acls)) {
878 /* Point to the portion after "system.nt_sec_desc." */
879 name += 19; /* if (all) this will be invalid but unused */
880
881 /* ... then obtain any NT attributes which were requested */
882 fnum = cli_nt_create(cli, filename, CREATE_ACCESS_READ);
883
884 if (fnum == -1) {
885 DEBUG(5, ("cacl_get failed to open %s: %s\n",
886 filename, cli_errstr(cli)));
887 errno = 0;
888 return -1;
889 }
890
891 sd = cli_query_secdesc(cli, fnum, ctx);
892
893 if (!sd) {
894 DEBUG(5,
895 ("cacl_get Failed to query old descriptor\n"));
896 errno = 0;
897 return -1;
898 }
899
900 cli_close(cli, fnum);
901
902 if (! exclude_nt_revision) {
903 if (all || all_nt) {
904 if (determine_size) {
905 p = talloc_asprintf(ctx,
906 "REVISION:%d",
907 sd->revision);
908 if (!p) {
909 errno = ENOMEM;
910 return -1;
911 }
912 n = strlen(p);
913 } else {
914 n = snprintf(buf, bufsize,
915 "REVISION:%d",
916 sd->revision);
917 }
918 } else if (StrCaseCmp(name, "revision") == 0) {
919 if (determine_size) {
920 p = talloc_asprintf(ctx, "%d",
921 sd->revision);
922 if (!p) {
923 errno = ENOMEM;
924 return -1;
925 }
926 n = strlen(p);
927 } else {
928 n = snprintf(buf, bufsize, "%d",
929 sd->revision);
930 }
931 }
932
933 if (!determine_size && n > bufsize) {
934 errno = ERANGE;
935 return -1;
936 }
937 buf += n;
938 n_used += n;
939 bufsize -= n;
940 n = 0;
941 }
942
943 if (! exclude_nt_owner) {
944 /* Get owner and group sid */
945 if (sd->owner_sid) {
946 convert_sid_to_string(ipc_cli, pol,
947 sidstr,
948 numeric,
949 sd->owner_sid);
950 } else {
951 fstrcpy(sidstr, "");
952 }
953
954 if (all || all_nt) {
955 if (determine_size) {
956 p = talloc_asprintf(ctx, ",OWNER:%s",
957 sidstr);
958 if (!p) {
959 errno = ENOMEM;
960 return -1;
961 }
962 n = strlen(p);
963 } else if (sidstr[0] != '\0') {
964 n = snprintf(buf, bufsize,
965 ",OWNER:%s", sidstr);
966 }
967 } else if (StrnCaseCmp(name, "owner", 5) == 0) {
968 if (determine_size) {
969 p = talloc_asprintf(ctx, "%s", sidstr);
970 if (!p) {
971 errno = ENOMEM;
972 return -1;
973 }
974 n = strlen(p);
975 } else {
976 n = snprintf(buf, bufsize, "%s",
977 sidstr);
978 }
979 }
980
981 if (!determine_size && n > bufsize) {
982 errno = ERANGE;
983 return -1;
984 }
985 buf += n;
986 n_used += n;
987 bufsize -= n;
988 n = 0;
989 }
990
991 if (! exclude_nt_group) {
992 if (sd->group_sid) {
993 convert_sid_to_string(ipc_cli, pol,
994 sidstr, numeric,
995 sd->group_sid);
996 } else {
997 fstrcpy(sidstr, "");
998 }
999
1000 if (all || all_nt) {
1001 if (determine_size) {
1002 p = talloc_asprintf(ctx, ",GROUP:%s",
1003 sidstr);
1004 if (!p) {
1005 errno = ENOMEM;
1006 return -1;
1007 }
1008 n = strlen(p);
1009 } else if (sidstr[0] != '\0') {
1010 n = snprintf(buf, bufsize,
1011 ",GROUP:%s", sidstr);
1012 }
1013 } else if (StrnCaseCmp(name, "group", 5) == 0) {
1014 if (determine_size) {
1015 p = talloc_asprintf(ctx, "%s", sidstr);
1016 if (!p) {
1017 errno = ENOMEM;
1018 return -1;
1019 }
1020 n = strlen(p);
1021 } else {
1022 n = snprintf(buf, bufsize,
1023 "%s", sidstr);
1024 }
1025 }
1026
1027 if (!determine_size && n > bufsize) {
1028 errno = ERANGE;
1029 return -1;
1030 }
1031 buf += n;
1032 n_used += n;
1033 bufsize -= n;
1034 n = 0;
1035 }
1036
1037 if (! exclude_nt_acl) {
1038 /* Add aces to value buffer */
1039 for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
1040
1041 SEC_ACE *ace = &sd->dacl->aces[i];
1042 convert_sid_to_string(ipc_cli, pol,
1043 sidstr, numeric,
1044 &ace->trustee);
1045
1046 if (all || all_nt) {
1047 if (determine_size) {
1048 p = talloc_asprintf(
1049 ctx,
1050 ",ACL:"
1051 "%s:%d/%d/0x%08x",
1052 sidstr,
1053 ace->type,
1054 ace->flags,
1055 ace->access_mask);
1056 if (!p) {
1057 errno = ENOMEM;
1058 return -1;
1059 }
1060 n = strlen(p);
1061 } else {
1062 n = snprintf(
1063 buf, bufsize,
1064 ",ACL:%s:%d/%d/0x%08x",
1065 sidstr,
1066 ace->type,
1067 ace->flags,
1068 ace->access_mask);
1069 }
1070 } else if ((StrnCaseCmp(name, "acl", 3) == 0 &&
1071 StrCaseCmp(name+3, sidstr) == 0) ||
1072 (StrnCaseCmp(name, "acl+", 4) == 0 &&
1073 StrCaseCmp(name+4, sidstr) == 0)) {
1074 if (determine_size) {
1075 p = talloc_asprintf(
1076 ctx,
1077 "%d/%d/0x%08x",
1078 ace->type,
1079 ace->flags,
1080 ace->access_mask);
1081 if (!p) {
1082 errno = ENOMEM;
1083 return -1;
1084 }
1085 n = strlen(p);
1086 } else {
1087 n = snprintf(buf, bufsize,
1088 "%d/%d/0x%08x",
1089 ace->type,
1090 ace->flags,
1091 ace->access_mask);
1092 }
1093 } else if (all_nt_acls) {
1094 if (determine_size) {
1095 p = talloc_asprintf(
1096 ctx,
1097 "%s%s:%d/%d/0x%08x",
1098 i ? "," : "",
1099 sidstr,
1100 ace->type,
1101 ace->flags,
1102 ace->access_mask);
1103 if (!p) {
1104 errno = ENOMEM;
1105 return -1;
1106 }
1107 n = strlen(p);
1108 } else {
1109 n = snprintf(buf, bufsize,
1110 "%s%s:%d/%d/0x%08x",
1111 i ? "," : "",
1112 sidstr,
1113 ace->type,
1114 ace->flags,
1115 ace->access_mask);
1116 }
1117 }
1118 if (!determine_size && n > bufsize) {
1119 errno = ERANGE;
1120 return -1;
1121 }
1122 buf += n;
1123 n_used += n;
1124 bufsize -= n;
1125 n = 0;
1126 }
1127 }
1128
1129 /* Restore name pointer to its original value */
1130 name -= 19;
1131 }
1132
1133 if (all || some_dos) {
1134 /* Point to the portion after "system.dos_attr." */
1135 name += 16; /* if (all) this will be invalid but unused */
1136
1137 /* Obtain the DOS attributes */
1138 if (!SMBC_getatr(context, srv, filename, &mode, &size,
1139 &create_time_ts,
1140 &access_time_ts,
1141 &write_time_ts,
1142 &change_time_ts,
1143 &ino)) {
1144
1145 errno = SMBC_errno(context, srv->cli);
1146 return -1;
1147
1148 }
1149
1150 create_time = convert_timespec_to_time_t(create_time_ts);
1151 access_time = convert_timespec_to_time_t(access_time_ts);
1152 write_time = convert_timespec_to_time_t(write_time_ts);
1153 change_time = convert_timespec_to_time_t(change_time_ts);
1154
1155 if (! exclude_dos_mode) {
1156 if (all || all_dos) {
1157 if (determine_size) {
1158 p = talloc_asprintf(ctx,
1159 "%sMODE:0x%x",
1160 (ipc_cli &&
1161 (all || some_nt)
1162 ? ","
1163 : ""),
1164 mode);
1165 if (!p) {
1166 errno = ENOMEM;
1167 return -1;
1168 }
1169 n = strlen(p);
1170 } else {
1171 n = snprintf(buf, bufsize,
1172 "%sMODE:0x%x",
1173 (ipc_cli &&
1174 (all || some_nt)
1175 ? ","
1176 : ""),
1177 mode);
1178 }
1179 } else if (StrCaseCmp(name, "mode") == 0) {
1180 if (determine_size) {
1181 p = talloc_asprintf(ctx, "0x%x", mode);
1182 if (!p) {
1183 errno = ENOMEM;
1184 return -1;
1185 }
1186 n = strlen(p);
1187 } else {
1188 n = snprintf(buf, bufsize,
1189 "0x%x", mode);
1190 }
1191 }
1192
1193 if (!determine_size && n > bufsize) {
1194 errno = ERANGE;
1195 return -1;
1196 }
1197 buf += n;
1198 n_used += n;
1199 bufsize -= n;
1200 n = 0;
1201 }
1202
1203 if (! exclude_dos_size) {
1204 if (all || all_dos) {
1205 if (determine_size) {
1206 p = talloc_asprintf(
1207 ctx,
1208 ",SIZE:%.0f",
1209 (double)size);
1210 if (!p) {
1211 errno = ENOMEM;
1212 return -1;
1213 }
1214 n = strlen(p);
1215 } else {
1216 n = snprintf(buf, bufsize,
1217 ",SIZE:%.0f",
1218 (double)size);
1219 }
1220 } else if (StrCaseCmp(name, "size") == 0) {
1221 if (determine_size) {
1222 p = talloc_asprintf(
1223 ctx,
1224 "%.0f",
1225 (double)size);
1226 if (!p) {
1227 errno = ENOMEM;
1228 return -1;
1229 }
1230 n = strlen(p);
1231 } else {
1232 n = snprintf(buf, bufsize,
1233 "%.0f",
1234 (double)size);
1235 }
1236 }
1237
1238 if (!determine_size && n > bufsize) {
1239 errno = ERANGE;
1240 return -1;
1241 }
1242 buf += n;
1243 n_used += n;
1244 bufsize -= n;
1245 n = 0;
1246 }
1247
1248 if (! exclude_dos_create_time &&
1249 attr_strings.create_time_attr != NULL) {
1250 if (all || all_dos) {
1251 if (determine_size) {
1252 p = talloc_asprintf(ctx,
1253 ",%s:%lu",
1254 attr_strings.create_time_attr,
1255 create_time);
1256 if (!p) {
1257 errno = ENOMEM;
1258 return -1;
1259 }
1260 n = strlen(p);
1261 } else {
1262 n = snprintf(buf, bufsize,
1263 ",%s:%lu",
1264 attr_strings.create_time_attr,
1265 create_time);
1266 }
1267 } else if (StrCaseCmp(name, attr_strings.create_time_attr) == 0) {
1268 if (determine_size) {
1269 p = talloc_asprintf(ctx, "%lu", create_time);
1270 if (!p) {
1271 errno = ENOMEM;
1272 return -1;
1273 }
1274 n = strlen(p);
1275 } else {
1276 n = snprintf(buf, bufsize,
1277 "%lu", create_time);
1278 }
1279 }
1280
1281 if (!determine_size && n > bufsize) {
1282 errno = ERANGE;
1283 return -1;
1284 }
1285 buf += n;
1286 n_used += n;
1287 bufsize -= n;
1288 n = 0;
1289 }
1290
1291 if (! exclude_dos_access_time) {
1292 if (all || all_dos) {
1293 if (determine_size) {
1294 p = talloc_asprintf(ctx,
1295 ",%s:%lu",
1296 attr_strings.access_time_attr,
1297 access_time);
1298 if (!p) {
1299 errno = ENOMEM;
1300 return -1;
1301 }
1302 n = strlen(p);
1303 } else {
1304 n = snprintf(buf, bufsize,
1305 ",%s:%lu",
1306 attr_strings.access_time_attr,
1307 access_time);
1308 }
1309 } else if (StrCaseCmp(name, attr_strings.access_time_attr) == 0) {
1310 if (determine_size) {
1311 p = talloc_asprintf(ctx, "%lu", access_time);
1312 if (!p) {
1313 errno = ENOMEM;
1314 return -1;
1315 }
1316 n = strlen(p);
1317 } else {
1318 n = snprintf(buf, bufsize,
1319 "%lu", access_time);
1320 }
1321 }
1322
1323 if (!determine_size && n > bufsize) {
1324 errno = ERANGE;
1325 return -1;
1326 }
1327 buf += n;
1328 n_used += n;
1329 bufsize -= n;
1330 n = 0;
1331 }
1332
1333 if (! exclude_dos_write_time) {
1334 if (all || all_dos) {
1335 if (determine_size) {
1336 p = talloc_asprintf(ctx,
1337 ",%s:%lu",
1338 attr_strings.write_time_attr,
1339 write_time);
1340 if (!p) {
1341 errno = ENOMEM;
1342 return -1;
1343 }
1344 n = strlen(p);
1345 } else {
1346 n = snprintf(buf, bufsize,
1347 ",%s:%lu",
1348 attr_strings.write_time_attr,
1349 write_time);
1350 }
1351 } else if (StrCaseCmp(name, attr_strings.write_time_attr) == 0) {
1352 if (determine_size) {
1353 p = talloc_asprintf(ctx, "%lu", write_time);
1354 if (!p) {
1355 errno = ENOMEM;
1356 return -1;
1357 }
1358 n = strlen(p);
1359 } else {
1360 n = snprintf(buf, bufsize,
1361 "%lu", write_time);
1362 }
1363 }
1364
1365 if (!determine_size && n > bufsize) {
1366 errno = ERANGE;
1367 return -1;
1368 }
1369 buf += n;
1370 n_used += n;
1371 bufsize -= n;
1372 n = 0;
1373 }
1374
1375 if (! exclude_dos_change_time) {
1376 if (all || all_dos) {
1377 if (determine_size) {
1378 p = talloc_asprintf(ctx,
1379 ",%s:%lu",
1380 attr_strings.change_time_attr,
1381 change_time);
1382 if (!p) {
1383 errno = ENOMEM;
1384 return -1;
1385 }
1386 n = strlen(p);
1387 } else {
1388 n = snprintf(buf, bufsize,
1389 ",%s:%lu",
1390 attr_strings.change_time_attr,
1391 change_time);
1392 }
1393 } else if (StrCaseCmp(name, attr_strings.change_time_attr) == 0) {
1394 if (determine_size) {
1395 p = talloc_asprintf(ctx, "%lu", change_time);
1396 if (!p) {
1397 errno = ENOMEM;
1398 return -1;
1399 }
1400 n = strlen(p);
1401 } else {
1402 n = snprintf(buf, bufsize,
1403 "%lu", change_time);
1404 }
1405 }
1406
1407 if (!determine_size && n > bufsize) {
1408 errno = ERANGE;
1409 return -1;
1410 }
1411 buf += n;
1412 n_used += n;
1413 bufsize -= n;
1414 n = 0;
1415 }
1416
1417 if (! exclude_dos_inode) {
1418 if (all || all_dos) {
1419 if (determine_size) {
1420 p = talloc_asprintf(
1421 ctx,
1422 ",INODE:%.0f",
1423 (double)ino);
1424 if (!p) {
1425 errno = ENOMEM;
1426 return -1;
1427 }
1428 n = strlen(p);
1429 } else {
1430 n = snprintf(buf, bufsize,
1431 ",INODE:%.0f",
1432 (double) ino);
1433 }
1434 } else if (StrCaseCmp(name, "inode") == 0) {
1435 if (determine_size) {
1436 p = talloc_asprintf(
1437 ctx,
1438 "%.0f",
1439 (double) ino);
1440 if (!p) {
1441 errno = ENOMEM;
1442 return -1;
1443 }
1444 n = strlen(p);
1445 } else {
1446 n = snprintf(buf, bufsize,
1447 "%.0f",
1448 (double) ino);
1449 }
1450 }
1451
1452 if (!determine_size && n > bufsize) {
1453 errno = ERANGE;
1454 return -1;
1455 }
1456 buf += n;
1457 n_used += n;
1458 bufsize -= n;
1459 n = 0;
1460 }
1461
1462 /* Restore name pointer to its original value */
1463 name -= 16;
1464 }
1465
1466 if (n_used == 0) {
1467 errno = ENOATTR;
1468 return -1;
1469 }
1470
1471 return n_used;
1472 }
1473
1474 /*****************************************************
1475 set the ACLs on a file given an ascii description
1476 *******************************************************/
1477 static int
1478 cacl_set(TALLOC_CTX *ctx,
1479 struct cli_state *cli,
1480 struct cli_state *ipc_cli,
1481 POLICY_HND *pol,
1482 const char *filename,
1483 const char *the_acl,
1484 int mode,
1485 int flags)
1486 {
1487 int fnum;
1488 int err = 0;
1489 SEC_DESC *sd = NULL, *old;
1490 SEC_ACL *dacl = NULL;
1491 DOM_SID *owner_sid = NULL;
1492 DOM_SID *group_sid = NULL;
1493 uint32 i, j;
1494 size_t sd_size;
1495 int ret = 0;
1496 char *p;
1497 bool numeric = True;
1498
1499 /* the_acl will be null for REMOVE_ALL operations */
1500 if (the_acl) {
1501 numeric = ((p = strchr(the_acl, ':')) != NULL &&
1502 p > the_acl &&
1503 p[-1] != '+');
1504
1505 /* if this is to set the entire ACL... */
1506 if (*the_acl == '*') {
1507 /* ... then increment past the first colon */
1508 the_acl = p + 1;
1509 }
1510
1511 sd = sec_desc_parse(ctx, ipc_cli, pol, numeric,
1512 CONST_DISCARD(char *, the_acl));
1513
1514 if (!sd) {
1515 errno = EINVAL;
1516 return -1;
1517 }
1518 }
1519
1520 /* SMBC_XATTR_MODE_REMOVE_ALL is the only caller
1521 that doesn't deref sd */
1522
1523 if (!sd && (mode != SMBC_XATTR_MODE_REMOVE_ALL)) {
1524 errno = EINVAL;
1525 return -1;
1526 }
1527
1528 /* The desired access below is the only one I could find that works
1529 with NT4, W2KP and Samba */
1530
1531 fnum = cli_nt_create(cli, filename, CREATE_ACCESS_READ);
1532
1533 if (fnum == -1) {
1534 DEBUG(5, ("cacl_set failed to open %s: %s\n",
1535 filename, cli_errstr(cli)));
1536 errno = 0;
1537 return -1;
1538 }
1539
1540 old = cli_query_secdesc(cli, fnum, ctx);
1541
1542 if (!old) {
1543 DEBUG(5, ("cacl_set Failed to query old descriptor\n"));
1544 errno = 0;
1545 return -1;
1546 }
1547
1548 cli_close(cli, fnum);
1549
1550 switch (mode) {
1551 case SMBC_XATTR_MODE_REMOVE_ALL:
1552 old->dacl->num_aces = 0;
1553 dacl = old->dacl;
1554 break;
1555
1556 case SMBC_XATTR_MODE_REMOVE:
1557 for (i=0;sd->dacl && i<sd->dacl->num_aces;i++) {
1558 bool found = False;
1559
1560 for (j=0;old->dacl && j<old->dacl->num_aces;j++) {
1561 if (sec_ace_equal(&sd->dacl->aces[i],
1562 &old->dacl->aces[j])) {
1563 uint32 k;
1564 for (k=j; k<old->dacl->num_aces-1;k++) {
1565 old->dacl->aces[k] =
1566 old->dacl->aces[k+1];
1567 }
1568 old->dacl->num_aces--;
1569 found = True;
1570 dacl = old->dacl;
1571 break;
1572 }
1573 }
1574
1575 if (!found) {
1576 err = ENOATTR;
1577 ret = -1;
1578 goto failed;
1579 }
1580 }
1581 break;
1582
1583 case SMBC_XATTR_MODE_ADD:
1584 for (i=0;sd->dacl && i<sd->dacl->num_aces;i++) {
1585 bool found = False;
1586
1587 for (j=0;old->dacl && j<old->dacl->num_aces;j++) {
1588 if (sid_equal(&sd->dacl->aces[i].trustee,
1589 &old->dacl->aces[j].trustee)) {
1590 if (!(flags & SMBC_XATTR_FLAG_CREATE)) {
1591 err = EEXIST;
1592 ret = -1;
1593 goto failed;
1594 }
1595 old->dacl->aces[j] = sd->dacl->aces[i];
1596 ret = -1;
1597 found = True;
1598 }
1599 }
1600
1601 if (!found && (flags & SMBC_XATTR_FLAG_REPLACE)) {
1602 err = ENOATTR;
1603 ret = -1;
1604 goto failed;
1605 }
1606
1607 for (i=0;sd->dacl && i<sd->dacl->num_aces;i++) {
1608 add_ace(&old->dacl, &sd->dacl->aces[i], ctx);
1609 }
1610 }
1611 dacl = old->dacl;
1612 break;
1613
1614 case SMBC_XATTR_MODE_SET:
1615 old = sd;
1616 owner_sid = old->owner_sid;
1617 group_sid = old->group_sid;
1618 dacl = old->dacl;
1619 break;
1620
1621 case SMBC_XATTR_MODE_CHOWN:
1622 owner_sid = sd->owner_sid;
1623 break;
1624
1625 case SMBC_XATTR_MODE_CHGRP:
1626 group_sid = sd->group_sid;
1627 break;
1628 }
1629
1630 /* Denied ACE entries must come before allowed ones */
1631 sort_acl(old->dacl);
1632
1633 /* Create new security descriptor and set it */
1634 sd = make_sec_desc(ctx, old->revision, SEC_DESC_SELF_RELATIVE,
1635 owner_sid, group_sid, NULL, dacl, &sd_size);
1636
1637 fnum = cli_nt_create(cli, filename,
1638 WRITE_DAC_ACCESS | WRITE_OWNER_ACCESS);
1639
1640 if (fnum == -1) {
1641 DEBUG(5, ("cacl_set failed to open %s: %s\n",
1642 filename, cli_errstr(cli)));
1643 errno = 0;
1644 return -1;
1645 }
1646
1647 if (!cli_set_secdesc(cli, fnum, sd)) {
1648 DEBUG(5, ("ERROR: secdesc set failed: %s\n", cli_errstr(cli)));
1649 ret = -1;
1650 }
1651
1652 /* Clean up */
1653
1654 failed:
1655 cli_close(cli, fnum);
1656
1657 if (err != 0) {
1658 errno = err;
1659 }
1660
1661 return ret;
1662 }
1663
1664
1665 int
1666 SMBC_setxattr_ctx(SMBCCTX *context,
1667 const char *fname,
1668 const char *name,
1669 const void *value,
1670 size_t size,
1671 int flags)
1672 {
1673 int ret;
1674 int ret2;
1675 SMBCSRV *srv = NULL;
1676 SMBCSRV *ipc_srv = NULL;
1677 char *server = NULL;
1678 char *share = NULL;
1679 char *user = NULL;
1680 char *password = NULL;
1681 char *workgroup = NULL;
1682 char *path = NULL;
1683 DOS_ATTR_DESC *dad = NULL;
1684 struct {
1685 const char * create_time_attr;
1686 const char * access_time_attr;
1687 const char * write_time_attr;
1688 const char * change_time_attr;
1689 } attr_strings;
1690 TALLOC_CTX *frame = talloc_stackframe();
1691
1692 if (!context || !context->initialized) {
1693
1694 errno = EINVAL; /* Best I can think of ... */
1695 TALLOC_FREE(frame);
1696 return -1;
1697 }
1698
1699 if (!fname) {
1700 errno = EINVAL;
1701 TALLOC_FREE(frame);
1702 return -1;
1703 }
1704
1705 DEBUG(4, ("smbc_setxattr(%s, %s, %.*s)\n",
1706 fname, name, (int) size, (const char*)value));
1707
1708 if (SMBC_parse_path(frame,
1709 context,
1710 fname,
1711 &workgroup,
1712 &server,
1713 &share,
1714 &path,
1715 &user,
1716 &password,
1717 NULL)) {
1718 errno = EINVAL;
1719 TALLOC_FREE(frame);
1720 return -1;
1721 }
1722
1723 if (!user || user[0] == (char)0) {
1724 user = talloc_strdup(frame, context->user);
1725 if (!user) {
1726 errno = ENOMEM;
1727 TALLOC_FREE(frame);
1728 return -1;
1729 }
1730 }
1731
1732 srv = SMBC_server(frame, context, True,
1733 server, share, &workgroup, &user, &password);
1734 if (!srv) {
1735 TALLOC_FREE(frame);
1736 return -1; /* errno set by SMBC_server */
1737 }
1738
1739 if (! srv->no_nt_session) {
1740 ipc_srv = SMBC_attr_server(frame, context, server, share,
1741 &workgroup, &user, &password);
1742 if (! ipc_srv) {
1743 srv->no_nt_session = True;
1744 }
1745 } else {
1746 ipc_srv = NULL;
1747 }
1748
1749 /*
1750 * Are they asking to set the entire set of known attributes?
1751 */
1752 if (StrCaseCmp(name, "system.*") == 0 ||
1753 StrCaseCmp(name, "system.*+") == 0) {
1754 /* Yup. */
1755 char *namevalue =
1756 talloc_asprintf(talloc_tos(), "%s:%s",
1757 name+7, (const char *) value);
1758 if (! namevalue) {
1759 errno = ENOMEM;
1760 ret = -1;
1761 TALLOC_FREE(frame);
1762 return -1;
1763 }
1764
1765 if (ipc_srv) {
1766 ret = cacl_set(talloc_tos(), srv->cli,
1767 ipc_srv->cli, &ipc_srv->pol, path,
1768 namevalue,
1769 (*namevalue == '*'
1770 ? SMBC_XATTR_MODE_SET
1771 : SMBC_XATTR_MODE_ADD),
1772 flags);
1773 } else {
1774 ret = 0;
1775 }
1776
1777 /* get a DOS Attribute Descriptor with current attributes */
1778 dad = dos_attr_query(context, talloc_tos(), path, srv);
1779 if (dad) {
1780 /* Overwrite old with new, using what was provided */
1781 dos_attr_parse(context, dad, srv, namevalue);
1782
1783 /* Set the new DOS attributes */
1784 if (! SMBC_setatr(context, srv, path,
1785 dad->create_time,
1786 dad->access_time,
1787 dad->write_time,
1788 dad->change_time,
1789 dad->mode)) {
1790
1791 /* cause failure if NT failed too */
1792 dad = NULL;
1793 }
1794 }
1795
1796 /* we only fail if both NT and DOS sets failed */
1797 if (ret < 0 && ! dad) {
1798 ret = -1; /* in case dad was null */
1799 }
1800 else {
1801 ret = 0;
1802 }
1803
1804 TALLOC_FREE(frame);
1805 return ret;
1806 }
1807
1808 /*
1809 * Are they asking to set an access control element or to set
1810 * the entire access control list?
1811 */
1812 if (StrCaseCmp(name, "system.nt_sec_desc.*") == 0 ||
1813 StrCaseCmp(name, "system.nt_sec_desc.*+") == 0 ||
1814 StrCaseCmp(name, "system.nt_sec_desc.revision") == 0 ||
1815 StrnCaseCmp(name, "system.nt_sec_desc.acl", 22) == 0 ||
1816 StrnCaseCmp(name, "system.nt_sec_desc.acl+", 23) == 0) {
1817
1818 /* Yup. */
1819 char *namevalue =
1820 talloc_asprintf(talloc_tos(), "%s:%s",
1821 name+19, (const char *) value);
1822
1823 if (! ipc_srv) {
1824 ret = -1; /* errno set by SMBC_server() */
1825 }
1826 else if (! namevalue) {
1827 errno = ENOMEM;
1828 ret = -1;
1829 } else {
1830 ret = cacl_set(talloc_tos(), srv->cli,
1831 ipc_srv->cli, &ipc_srv->pol, path,
1832 namevalue,
1833 (*namevalue == '*'
1834 ? SMBC_XATTR_MODE_SET
1835 : SMBC_XATTR_MODE_ADD),
1836 flags);
1837 }
1838 TALLOC_FREE(frame);
1839 return ret;
1840 }
1841
1842 /*
1843 * Are they asking to set the owner?
1844 */
1845 if (StrCaseCmp(name, "system.nt_sec_desc.owner") == 0 ||
1846 StrCaseCmp(name, "system.nt_sec_desc.owner+") == 0) {
1847
1848 /* Yup. */
1849 char *namevalue =
1850 talloc_asprintf(talloc_tos(), "%s:%s",
1851 name+19, (const char *) value);
1852
1853 if (! ipc_srv) {
1854 ret = -1; /* errno set by SMBC_server() */
1855 }
1856 else if (! namevalue) {
1857 errno = ENOMEM;
1858 ret = -1;
1859 } else {
1860 ret = cacl_set(talloc_tos(), srv->cli,
1861 ipc_srv->cli, &ipc_srv->pol, path,
1862 namevalue, SMBC_XATTR_MODE_CHOWN, 0);
1863 }
1864 TALLOC_FREE(frame);
1865 return ret;
1866 }
1867
1868 /*
1869 * Are they asking to set the group?
1870 */
1871 if (StrCaseCmp(name, "system.nt_sec_desc.group") == 0 ||
1872 StrCaseCmp(name, "system.nt_sec_desc.group+") == 0) {
1873
1874 /* Yup. */
1875 char *namevalue =
1876 talloc_asprintf(talloc_tos(), "%s:%s",
1877 name+19, (const char *) value);
1878
1879 if (! ipc_srv) {
1880 /* errno set by SMBC_server() */
1881 ret = -1;
1882 }
1883 else if (! namevalue) {
1884 errno = ENOMEM;
1885 ret = -1;
1886 } else {
1887 ret = cacl_set(talloc_tos(), srv->cli,
1888 ipc_srv->cli, &ipc_srv->pol, path,
1889 namevalue, SMBC_XATTR_MODE_CHGRP, 0);
1890 }
1891 TALLOC_FREE(frame);
1892 return ret;
1893 }
1894
1895 /* Determine whether to use old-style or new-style attribute names */
1896 if (context->full_time_names) {
1897 /* new-style names */
1898 attr_strings.create_time_attr = "system.dos_attr.CREATE_TIME";
1899 attr_strings.access_time_attr = "system.dos_attr.ACCESS_TIME";
1900 attr_strings.write_time_attr = "system.dos_attr.WRITE_TIME";
1901 attr_strings.change_time_attr = "system.dos_attr.CHANGE_TIME";
1902 } else {
1903 /* old-style names */
1904 attr_strings.create_time_attr = NULL;
1905 attr_strings.access_time_attr = "system.dos_attr.A_TIME";
1906 attr_strings.write_time_attr = "system.dos_attr.M_TIME";
1907 attr_strings.change_time_attr = "system.dos_attr.C_TIME";
1908 }
1909
1910 /*
1911 * Are they asking to set a DOS attribute?
1912 */
1913 if (StrCaseCmp(name, "system.dos_attr.*") == 0 ||
1914 StrCaseCmp(name, "system.dos_attr.mode") == 0 ||
1915 (attr_strings.create_time_attr != NULL &&
1916 StrCaseCmp(name, attr_strings.create_time_attr) == 0) ||
1917 StrCaseCmp(name, attr_strings.access_time_attr) == 0 ||
1918 StrCaseCmp(name, attr_strings.write_time_attr) == 0 ||
1919 StrCaseCmp(name, attr_strings.change_time_attr) == 0) {
1920
1921 /* get a DOS Attribute Descriptor with current attributes */
1922 dad = dos_attr_query(context, talloc_tos(), path, srv);
1923 if (dad) {
1924 char *namevalue =
1925 talloc_asprintf(talloc_tos(), "%s:%s",
1926 name+16, (const char *) value);
1927 if (! namevalue) {
1928 errno = ENOMEM;
1929 ret = -1;
1930 } else {
1931 /* Overwrite old with provided new params */
1932 dos_attr_parse(context, dad, srv, namevalue);
1933
1934 /* Set the new DOS attributes */
1935 ret2 = SMBC_setatr(context, srv, path,
1936 dad->create_time,
1937 dad->access_time,
1938 dad->write_time,
1939 dad->change_time,
1940 dad->mode);
1941
1942 /* ret2 has True (success) / False (failure) */
1943 if (ret2) {
1944 ret = 0;
1945 } else {
1946 ret = -1;
1947 }
1948 }
1949 } else {
1950 ret = -1;
1951 }
1952
1953 TALLOC_FREE(frame);
1954 return ret;
1955 }
1956
1957 /* Unsupported attribute name */
1958 errno = EINVAL;
1959 TALLOC_FREE(frame);
1960 return -1;
1961 }
1962
1963 int
1964 SMBC_getxattr_ctx(SMBCCTX *context,
1965 const char *fname,
1966 const char *name,
1967 const void *value,
1968 size_t size)
1969 {
1970 int ret;
1971 SMBCSRV *srv = NULL;
1972 SMBCSRV *ipc_srv = NULL;
1973 char *server = NULL;
1974 char *share = NULL;
1975 char *user = NULL;
1976 char *password = NULL;
1977 char *workgroup = NULL;
1978 char *path = NULL;
1979 struct {
1980 const char * create_time_attr;
1981 const char * access_time_attr;
1982 const char * write_time_attr;
1983 const char * change_time_attr;
1984 } attr_strings;
1985 TALLOC_CTX *frame = talloc_stackframe();
1986
1987 if (!context || !context->initialized) {
1988
1989 errno = EINVAL; /* Best I can think of ... */
1990 TALLOC_FREE(frame);
1991 return -1;
1992 }
1993
1994 if (!fname) {
1995 errno = EINVAL;
1996 TALLOC_FREE(frame);
1997 return -1;
1998 }
1999
2000 DEBUG(4, ("smbc_getxattr(%s, %s)\n", fname, name));
2001
2002 if (SMBC_parse_path(frame,
2003 context,
2004 fname,
2005 &workgroup,
2006 &server,
2007 &share,
2008 &path,
2009 &user,
2010 &password,
2011 NULL)) {
2012 errno = EINVAL;
2013 TALLOC_FREE(frame);
2014 return -1;
2015 }
2016
2017 if (!user || user[0] == (char)0) {
2018 user = talloc_strdup(frame, context->user);
2019 if (!user) {
2020 errno = ENOMEM;
2021 TALLOC_FREE(frame);
2022 return -1;
2023 }
2024 }
2025
2026 srv = SMBC_server(frame, context, True,
2027 server, share, &workgroup, &user, &password);
2028 if (!srv) {
2029 TALLOC_FREE(frame);
2030 return -1; /* errno set by SMBC_server */
2031 }
2032
2033 if (! srv->no_nt_session) {
2034 ipc_srv = SMBC_attr_server(frame, context, server, share,
2035 &workgroup, &user, &password);
2036 if (! ipc_srv) {
2037 srv->no_nt_session = True;
2038 }
2039 } else {
2040 ipc_srv = NULL;
2041 }
2042
2043 /* Determine whether to use old-style or new-style attribute names */
2044 if (context->full_time_names) {
2045 /* new-style names */
2046 attr_strings.create_time_attr = "system.dos_attr.CREATE_TIME";
2047 attr_strings.access_time_attr = "system.dos_attr.ACCESS_TIME";
2048 attr_strings.write_time_attr = "system.dos_attr.WRITE_TIME";
2049 attr_strings.change_time_attr = "system.dos_attr.CHANGE_TIME";
2050 } else {
2051 /* old-style names */
2052 attr_strings.create_time_attr = NULL;
2053 attr_strings.access_time_attr = "system.dos_attr.A_TIME";
2054 attr_strings.write_time_attr = "system.dos_attr.M_TIME";
2055 attr_strings.change_time_attr = "system.dos_attr.C_TIME";
2056 }
2057
2058 /* Are they requesting a supported attribute? */
2059 if (StrCaseCmp(name, "system.*") == 0 ||
2060 StrnCaseCmp(name, "system.*!", 9) == 0 ||
2061 StrCaseCmp(name, "system.*+") == 0 ||
2062 StrnCaseCmp(name, "system.*+!", 10) == 0 ||
2063 StrCaseCmp(name, "system.nt_sec_desc.*") == 0 ||
2064 StrnCaseCmp(name, "system.nt_sec_desc.*!", 21) == 0 ||
2065 StrCaseCmp(name, "system.nt_sec_desc.*+") == 0 ||
2066 StrnCaseCmp(name, "system.nt_sec_desc.*+!", 22) == 0 ||
2067 StrCaseCmp(name, "system.nt_sec_desc.revision") == 0 ||
2068 StrCaseCmp(name, "system.nt_sec_desc.owner") == 0 ||
2069 StrCaseCmp(name, "system.nt_sec_desc.owner+") == 0 ||
2070 StrCaseCmp(name, "system.nt_sec_desc.group") == 0 ||
2071 StrCaseCmp(name, "system.nt_sec_desc.group+") == 0 ||
2072 StrnCaseCmp(name, "system.nt_sec_desc.acl", 22) == 0 ||
2073 StrnCaseCmp(name, "system.nt_sec_desc.acl+", 23) == 0 ||
2074 StrCaseCmp(name, "system.dos_attr.*") == 0 ||
2075 StrnCaseCmp(name, "system.dos_attr.*!", 18) == 0 ||
2076 StrCaseCmp(name, "system.dos_attr.mode") == 0 ||
2077 StrCaseCmp(name, "system.dos_attr.size") == 0 ||
2078 (attr_strings.create_time_attr != NULL &&
2079 StrCaseCmp(name, attr_strings.create_time_attr) == 0) ||
2080 StrCaseCmp(name, attr_strings.access_time_attr) == 0 ||
2081 StrCaseCmp(name, attr_strings.write_time_attr) == 0 ||
2082 StrCaseCmp(name, attr_strings.change_time_attr) == 0 ||
2083 StrCaseCmp(name, "system.dos_attr.inode") == 0) {
2084
2085 /* Yup. */
2086 ret = cacl_get(context, talloc_tos(), srv,
2087 ipc_srv == NULL ? NULL : ipc_srv->cli,
2088 &ipc_srv->pol, path,
2089 CONST_DISCARD(char *, name),
2090 CONST_DISCARD(char *, value), size);
2091 if (ret < 0 && errno == 0) {
2092 errno = SMBC_errno(context, srv->cli);
2093 }
2094 TALLOC_FREE(frame);
2095 return ret;
2096 }
2097
2098 /* Unsupported attribute name */
2099 errno = EINVAL;
2100 TALLOC_FREE(frame);
2101 return -1;
2102 }
2103
2104
2105 int
2106 SMBC_removexattr_ctx(SMBCCTX *context,
2107 const char *fname,
2108 const char *name)
2109 {
2110 int ret;
2111 SMBCSRV *srv = NULL;
2112 SMBCSRV *ipc_srv = NULL;
2113 char *server = NULL;
2114 char *share = NULL;
2115 char *user = NULL;
2116 char *password = NULL;
2117 char *workgroup = NULL;
2118 char *path = NULL;
2119 TALLOC_CTX *frame = talloc_stackframe();
2120
2121 if (!context || !context->initialized) {
2122
2123 errno = EINVAL; /* Best I can think of ... */
2124 TALLOC_FREE(frame);
2125 return -1;
2126 }
2127
2128 if (!fname) {
2129 errno = EINVAL;
2130 TALLOC_FREE(frame);
2131 return -1;
2132 }
2133
2134 DEBUG(4, ("smbc_removexattr(%s, %s)\n", fname, name));
2135
2136 if (SMBC_parse_path(frame,
2137 context,
2138 fname,
2139 &workgroup,
2140 &server,
2141 &share,
2142 &path,
2143 &user,
2144 &password,
2145 NULL)) {
2146 errno = EINVAL;
2147 TALLOC_FREE(frame);
2148 return -1;
2149 }
2150
2151 if (!user || user[0] == (char)0) {
2152 user = talloc_strdup(frame, context->user);
2153 if (!user) {
2154 errno = ENOMEM;
2155 TALLOC_FREE(frame);
2156 return -1;
2157 }
2158 }
2159
2160 srv = SMBC_server(frame, context, True,
2161 server, share, &workgroup, &user, &password);
2162 if (!srv) {
2163 TALLOC_FREE(frame);
2164 return -1; /* errno set by SMBC_server */
2165 }
2166
2167 if (! srv->no_nt_session) {
2168 ipc_srv = SMBC_attr_server(frame, context, server, share,
2169 &workgroup, &user, &password);
2170 if (! ipc_srv) {
2171 srv->no_nt_session = True;
2172 }
2173 } else {
2174 ipc_srv = NULL;
2175 }
2176
2177 if (! ipc_srv) {
2178 TALLOC_FREE(frame);
2179 return -1; /* errno set by SMBC_attr_server */
2180 }
2181
2182 /* Are they asking to set the entire ACL? */
2183 if (StrCaseCmp(name, "system.nt_sec_desc.*") == 0 ||
2184 StrCaseCmp(name, "system.nt_sec_desc.*+") == 0) {
2185
2186 /* Yup. */
2187 ret = cacl_set(talloc_tos(), srv->cli,
2188 ipc_srv->cli, &ipc_srv->pol, path,
2189 NULL, SMBC_XATTR_MODE_REMOVE_ALL, 0);
2190 TALLOC_FREE(frame);
2191 return ret;
2192 }
2193
2194 /*
2195 * Are they asking to remove one or more spceific security descriptor
2196 * attributes?
2197 */
2198 if (StrCaseCmp(name, "system.nt_sec_desc.revision") == 0 ||
2199 StrCaseCmp(name, "system.nt_sec_desc.owner") == 0 ||
2200 StrCaseCmp(name, "system.nt_sec_desc.owner+") == 0 ||
2201 StrCaseCmp(name, "system.nt_sec_desc.group") == 0 ||
2202 StrCaseCmp(name, "system.nt_sec_desc.group+") == 0 ||
2203 StrnCaseCmp(name, "system.nt_sec_desc.acl", 22) == 0 ||
2204 StrnCaseCmp(name, "system.nt_sec_desc.acl+", 23) == 0) {
2205
2206 /* Yup. */
2207 ret = cacl_set(talloc_tos(), srv->cli,
2208 ipc_srv->cli, &ipc_srv->pol, path,
2209 name + 19, SMBC_XATTR_MODE_REMOVE, 0);
2210 TALLOC_FREE(frame);
2211 return ret;
2212 }
2213
2214 /* Unsupported attribute name */
2215 errno = EINVAL;
2216 TALLOC_FREE(frame);
2217 return -1;
2218 }
2219
2220 int
2221 SMBC_listxattr_ctx(SMBCCTX *context,
2222 const char *fname,
2223 char *list,
2224 size_t size)
2225 {
2226 /*
2227 * This isn't quite what listxattr() is supposed to do. This returns
2228 * the complete set of attribute names, always, rather than only those
2229 * attribute names which actually exist for a file. Hmmm...
2230 */
2231 size_t retsize;
2232 const char supported_old[] =
2233 "system.*\0"
2234 "system.*+\0"
2235 "system.nt_sec_desc.revision\0"
2236 "system.nt_sec_desc.owner\0"
2237 "system.nt_sec_desc.owner+\0"
2238 "system.nt_sec_desc.group\0"
2239 "system.nt_sec_desc.group+\0"
2240 "system.nt_sec_desc.acl.*\0"
2241 "system.nt_sec_desc.acl\0"
2242 "system.nt_sec_desc.acl+\0"
2243 "system.nt_sec_desc.*\0"
2244 "system.nt_sec_desc.*+\0"
2245 "system.dos_attr.*\0"
2246 "system.dos_attr.mode\0"
2247 "system.dos_attr.c_time\0"
2248 "system.dos_attr.a_time\0"
2249 "system.dos_attr.m_time\0"
2250 ;
2251 const char supported_new[] =
2252 "system.*\0"
2253 "system.*+\0"
2254 "system.nt_sec_desc.revision\0"
2255 "system.nt_sec_desc.owner\0"
2256 "system.nt_sec_desc.owner+\0"
2257 "system.nt_sec_desc.group\0"
2258 "system.nt_sec_desc.group+\0"
2259 "system.nt_sec_desc.acl.*\0"
2260 "system.nt_sec_desc.acl\0"
2261 "system.nt_sec_desc.acl+\0"
2262 "system.nt_sec_desc.*\0"
2263 "system.nt_sec_desc.*+\0"
2264 "system.dos_attr.*\0"
2265 "system.dos_attr.mode\0"
2266 "system.dos_attr.create_time\0"
2267 "system.dos_attr.access_time\0"
2268 "system.dos_attr.write_time\0"
2269 "system.dos_attr.change_time\0"
2270 ;
2271 const char * supported;
2272
2273 if (context->full_time_names) {
2274 supported = supported_new;
2275 retsize = sizeof(supported_new);
2276 } else {
2277 supported = supported_old;
2278 retsize = sizeof(supported_old);
2279 }
2280
2281 if (size == 0) {
2282 return retsize;
2283 }
2284
2285 if (retsize > size) {
2286 errno = ERANGE;
2287 return -1;
2288 }
2289
2290 /* this can't be strcpy() because there are embedded null characters */
2291 memcpy(list, supported, retsize);
2292 return retsize;
2293 }
reg import