Avoid error in TLS connections due to incorrect format
[emacs.git] / lib / acl-internal.c
blob1a2f8c44bf71dec09a1de90e4f5cf9172baafb26
1 /* Test whether a file has a nontrivial access control list.
3 Copyright (C) 2002-2003, 2005-2015 Free Software Foundation, Inc.
5 This program is free software: you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 3 of the License, or
8 (at your option) any later version.
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 Written by Paul Eggert, Andreas Grünbacher, and Bruno Haible. */
20 #include <config.h>
22 #include "acl.h"
24 #include "acl-internal.h"
26 #if USE_ACL && HAVE_ACL_GET_FILE
28 # if HAVE_ACL_TYPE_EXTENDED /* Mac OS X */
30 /* ACL is an ACL, from a file, stored as type ACL_TYPE_EXTENDED.
31 Return 1 if the given ACL is non-trivial.
32 Return 0 if it is trivial. */
33 int
34 acl_extended_nontrivial (acl_t acl)
36 /* acl is non-trivial if it is non-empty. */
37 return (acl_entries (acl) > 0);
40 # else /* Linux, FreeBSD, IRIX, Tru64 */
42 /* ACL is an ACL, from a file, stored as type ACL_TYPE_ACCESS.
43 Return 1 if the given ACL is non-trivial.
44 Return 0 if it is trivial, i.e. equivalent to a simple stat() mode.
45 Return -1 and set errno upon failure to determine it. */
46 int
47 acl_access_nontrivial (acl_t acl)
49 /* acl is non-trivial if it has some entries other than for "user::",
50 "group::", and "other::". Normally these three should be present
51 at least, allowing us to write
52 return (3 < acl_entries (acl));
53 but the following code is more robust. */
54 # if HAVE_ACL_FIRST_ENTRY /* Linux, FreeBSD */
56 acl_entry_t ace;
57 int got_one;
59 for (got_one = acl_get_entry (acl, ACL_FIRST_ENTRY, &ace);
60 got_one > 0;
61 got_one = acl_get_entry (acl, ACL_NEXT_ENTRY, &ace))
63 acl_tag_t tag;
64 if (acl_get_tag_type (ace, &tag) < 0)
65 return -1;
66 if (!(tag == ACL_USER_OBJ || tag == ACL_GROUP_OBJ || tag == ACL_OTHER))
67 return 1;
69 return got_one;
71 # elif HAVE_ACL_TO_SHORT_TEXT /* IRIX */
72 /* Don't use acl_get_entry: it is undocumented. */
74 int count = acl->acl_cnt;
75 int i;
77 for (i = 0; i < count; i++)
79 acl_entry_t ace = &acl->acl_entry[i];
80 acl_tag_t tag = ace->ae_tag;
82 if (!(tag == ACL_USER_OBJ || tag == ACL_GROUP_OBJ
83 || tag == ACL_OTHER_OBJ))
84 return 1;
86 return 0;
88 # elif HAVE_ACL_FREE_TEXT /* Tru64 */
89 /* Don't use acl_get_entry: it takes only one argument and does not work. */
91 int count = acl->acl_num;
92 acl_entry_t ace;
94 for (ace = acl->acl_first; count > 0; ace = ace->next, count--)
96 acl_tag_t tag;
97 acl_perm_t perm;
99 tag = ace->entry->acl_type;
100 if (!(tag == ACL_USER_OBJ || tag == ACL_GROUP_OBJ || tag == ACL_OTHER))
101 return 1;
103 perm = ace->entry->acl_perm;
104 /* On Tru64, perm can also contain non-standard bits such as
105 PERM_INSERT, PERM_DELETE, PERM_MODIFY, PERM_LOOKUP, ... */
106 if ((perm & ~(ACL_READ | ACL_WRITE | ACL_EXECUTE)) != 0)
107 return 1;
109 return 0;
111 # else
113 errno = ENOSYS;
114 return -1;
115 # endif
118 # endif
120 #elif USE_ACL && HAVE_FACL && defined GETACL /* Solaris, Cygwin, not HP-UX */
122 /* Test an ACL retrieved with GETACL.
123 Return 1 if the given ACL, consisting of COUNT entries, is non-trivial.
124 Return 0 if it is trivial, i.e. equivalent to a simple stat() mode. */
126 acl_nontrivial (int count, aclent_t *entries)
128 int i;
130 for (i = 0; i < count; i++)
132 aclent_t *ace = &entries[i];
134 /* Note: If ace->a_type = USER_OBJ, ace->a_id is the st_uid from stat().
135 If ace->a_type = GROUP_OBJ, ace->a_id is the st_gid from stat().
136 We don't need to check ace->a_id in these cases. */
137 if (!(ace->a_type == USER_OBJ
138 || ace->a_type == GROUP_OBJ
139 || ace->a_type == OTHER_OBJ
140 /* Note: Cygwin does not return a CLASS_OBJ ("mask:") entry
141 sometimes. */
142 || ace->a_type == CLASS_OBJ))
143 return 1;
145 return 0;
148 # ifdef ACE_GETACL
150 /* A shortcut for a bitmask. */
151 # define NEW_ACE_WRITEA_DATA (NEW_ACE_WRITE_DATA | NEW_ACE_APPEND_DATA)
153 /* Test an ACL retrieved with ACE_GETACL.
154 Return 1 if the given ACL, consisting of COUNT entries, is non-trivial.
155 Return 0 if it is trivial, i.e. equivalent to a simple stat() mode. */
157 acl_ace_nontrivial (int count, ace_t *entries)
159 int i;
161 /* The flags in the ace_t structure changed in a binary incompatible way
162 when ACL_NO_TRIVIAL etc. were introduced in <sys/acl.h> version 1.15.
163 How to distinguish the two conventions at runtime?
164 In the old convention, usually three ACEs have a_flags = ACE_OWNER /
165 ACE_GROUP / ACE_OTHER, in the range 0x0100..0x0400. In the new
166 convention, these values are not used. */
167 int old_convention = 0;
169 for (i = 0; i < count; i++)
170 if (entries[i].a_flags & (OLD_ACE_OWNER | OLD_ACE_GROUP | OLD_ACE_OTHER))
172 old_convention = 1;
173 break;
176 if (old_convention)
177 /* Running on Solaris 10. */
178 for (i = 0; i < count; i++)
180 ace_t *ace = &entries[i];
182 /* Note:
183 If ace->a_flags = ACE_OWNER, ace->a_who is the st_uid from stat().
184 If ace->a_flags = ACE_GROUP, ace->a_who is the st_gid from stat().
185 We don't need to check ace->a_who in these cases. */
186 if (!(ace->a_type == OLD_ALLOW
187 && (ace->a_flags == OLD_ACE_OWNER
188 || ace->a_flags == OLD_ACE_GROUP
189 || ace->a_flags == OLD_ACE_OTHER)))
190 return 1;
192 else
194 /* Running on Solaris 10 (newer version) or Solaris 11. */
195 unsigned int access_masks[6] =
197 0, /* owner@ deny */
198 0, /* owner@ allow */
199 0, /* group@ deny */
200 0, /* group@ allow */
201 0, /* everyone@ deny */
202 0 /* everyone@ allow */
205 for (i = 0; i < count; i++)
207 ace_t *ace = &entries[i];
208 unsigned int index1;
209 unsigned int index2;
211 if (ace->a_type == NEW_ACE_ACCESS_ALLOWED_ACE_TYPE)
212 index1 = 1;
213 else if (ace->a_type == NEW_ACE_ACCESS_DENIED_ACE_TYPE)
214 index1 = 0;
215 else
216 return 1;
218 if (ace->a_flags == NEW_ACE_OWNER)
219 index2 = 0;
220 else if (ace->a_flags == (NEW_ACE_GROUP | NEW_ACE_IDENTIFIER_GROUP))
221 index2 = 2;
222 else if (ace->a_flags == NEW_ACE_EVERYONE)
223 index2 = 4;
224 else
225 return 1;
227 access_masks[index1 + index2] |= ace->a_access_mask;
230 /* The same bit shouldn't be both allowed and denied. */
231 if (access_masks[0] & access_masks[1])
232 return 1;
233 if (access_masks[2] & access_masks[3])
234 return 1;
235 if (access_masks[4] & access_masks[5])
236 return 1;
238 /* Check minimum masks. */
239 if ((NEW_ACE_WRITE_NAMED_ATTRS
240 | NEW_ACE_WRITE_ATTRIBUTES
241 | NEW_ACE_WRITE_ACL
242 | NEW_ACE_WRITE_OWNER)
243 & ~ access_masks[1])
244 return 1;
245 access_masks[1] &= ~(NEW_ACE_WRITE_NAMED_ATTRS
246 | NEW_ACE_WRITE_ATTRIBUTES
247 | NEW_ACE_WRITE_ACL
248 | NEW_ACE_WRITE_OWNER);
249 if ((NEW_ACE_READ_NAMED_ATTRS
250 | NEW_ACE_READ_ATTRIBUTES
251 | NEW_ACE_READ_ACL
252 | NEW_ACE_SYNCHRONIZE)
253 & ~ access_masks[5])
254 return 1;
255 access_masks[5] &= ~(NEW_ACE_READ_NAMED_ATTRS
256 | NEW_ACE_READ_ATTRIBUTES
257 | NEW_ACE_READ_ACL
258 | NEW_ACE_SYNCHRONIZE);
260 /* Check the allowed or denied bits. */
261 switch ((access_masks[0] | access_masks[1])
262 & ~(NEW_ACE_READ_NAMED_ATTRS
263 | NEW_ACE_READ_ATTRIBUTES
264 | NEW_ACE_READ_ACL
265 | NEW_ACE_SYNCHRONIZE))
267 case 0:
268 case NEW_ACE_READ_DATA:
269 case NEW_ACE_WRITEA_DATA:
270 case NEW_ACE_READ_DATA | NEW_ACE_WRITEA_DATA:
271 case NEW_ACE_EXECUTE:
272 case NEW_ACE_READ_DATA | NEW_ACE_EXECUTE:
273 case NEW_ACE_WRITEA_DATA | NEW_ACE_EXECUTE:
274 case NEW_ACE_READ_DATA | NEW_ACE_WRITEA_DATA | NEW_ACE_EXECUTE:
275 break;
276 default:
277 return 1;
279 switch ((access_masks[2] | access_masks[3])
280 & ~(NEW_ACE_READ_NAMED_ATTRS
281 | NEW_ACE_READ_ATTRIBUTES
282 | NEW_ACE_READ_ACL
283 | NEW_ACE_SYNCHRONIZE))
285 case 0:
286 case NEW_ACE_READ_DATA:
287 case NEW_ACE_WRITEA_DATA:
288 case NEW_ACE_READ_DATA | NEW_ACE_WRITEA_DATA:
289 case NEW_ACE_EXECUTE:
290 case NEW_ACE_READ_DATA | NEW_ACE_EXECUTE:
291 case NEW_ACE_WRITEA_DATA | NEW_ACE_EXECUTE:
292 case NEW_ACE_READ_DATA | NEW_ACE_WRITEA_DATA | NEW_ACE_EXECUTE:
293 break;
294 default:
295 return 1;
297 switch ((access_masks[4] | access_masks[5])
298 & ~(NEW_ACE_WRITE_NAMED_ATTRS
299 | NEW_ACE_WRITE_ATTRIBUTES
300 | NEW_ACE_WRITE_ACL
301 | NEW_ACE_WRITE_OWNER))
303 case 0:
304 case NEW_ACE_READ_DATA:
305 case NEW_ACE_WRITEA_DATA:
306 case NEW_ACE_READ_DATA | NEW_ACE_WRITEA_DATA:
307 case NEW_ACE_EXECUTE:
308 case NEW_ACE_READ_DATA | NEW_ACE_EXECUTE:
309 case NEW_ACE_WRITEA_DATA | NEW_ACE_EXECUTE:
310 case NEW_ACE_READ_DATA | NEW_ACE_WRITEA_DATA | NEW_ACE_EXECUTE:
311 break;
312 default:
313 return 1;
316 /* Check that the NEW_ACE_WRITE_DATA and NEW_ACE_APPEND_DATA bits are
317 either both allowed or both denied. */
318 if (((access_masks[0] & NEW_ACE_WRITE_DATA) != 0)
319 != ((access_masks[0] & NEW_ACE_APPEND_DATA) != 0))
320 return 1;
321 if (((access_masks[2] & NEW_ACE_WRITE_DATA) != 0)
322 != ((access_masks[2] & NEW_ACE_APPEND_DATA) != 0))
323 return 1;
324 if (((access_masks[4] & NEW_ACE_WRITE_DATA) != 0)
325 != ((access_masks[4] & NEW_ACE_APPEND_DATA) != 0))
326 return 1;
329 return 0;
332 # endif
334 #elif USE_ACL && HAVE_GETACL /* HP-UX */
336 /* Return 1 if the given ACL is non-trivial.
337 Return 0 if it is trivial, i.e. equivalent to a simple stat() mode. */
339 acl_nontrivial (int count, struct acl_entry *entries)
341 int i;
343 if (count > 3)
344 return 1;
346 for (i = 0; i < count; i++)
348 struct acl_entry *ace = &entries[i];
350 if (ace->uid != ACL_NSUSER && ace->gid != ACL_NSGROUP)
351 return 1;
353 return 0;
356 # if HAVE_ACLV_H /* HP-UX >= 11.11 */
358 /* Return 1 if the given ACL is non-trivial.
359 Return 0 if it is trivial, i.e. equivalent to a simple stat() mode. */
361 aclv_nontrivial (int count, struct acl *entries)
363 int i;
365 for (i = 0; i < count; i++)
367 struct acl *ace = &entries[i];
369 /* Note: If ace->a_type = USER_OBJ, ace->a_id is the st_uid from stat().
370 If ace->a_type = GROUP_OBJ, ace->a_id is the st_gid from stat().
371 We don't need to check ace->a_id in these cases. */
372 if (!(ace->a_type == USER_OBJ /* no need to check ace->a_id here */
373 || ace->a_type == GROUP_OBJ /* no need to check ace->a_id here */
374 || ace->a_type == CLASS_OBJ
375 || ace->a_type == OTHER_OBJ))
376 return 1;
378 return 0;
381 # endif
383 #elif USE_ACL && (HAVE_ACLX_GET || HAVE_STATACL) /* AIX */
385 /* Return 1 if the given ACL is non-trivial.
386 Return 0 if it is trivial, i.e. equivalent to a simple stat() mode. */
388 acl_nontrivial (struct acl *a)
390 /* The normal way to iterate through an ACL is like this:
391 struct acl_entry *ace;
392 for (ace = a->acl_ext; ace != acl_last (a); ace = acl_nxt (ace))
394 struct ace_id *aei;
395 switch (ace->ace_type)
397 case ACC_PERMIT:
398 case ACC_DENY:
399 case ACC_SPECIFY:
400 ...;
402 for (aei = ace->ace_id; aei != id_last (ace); aei = id_nxt (aei))
406 return (acl_last (a) != a->acl_ext ? 1 : 0);
409 # if HAVE_ACLX_GET && defined ACL_AIX_WIP /* newer AIX */
411 /* Return 1 if the given ACL is non-trivial.
412 Return 0 if it is trivial, i.e. equivalent to a simple stat() mode. */
414 acl_nfs4_nontrivial (nfs4_acl_int_t *a)
416 # if 1 /* let's try this first */
417 return (a->aclEntryN > 0 ? 1 : 0);
418 # else
419 int count = a->aclEntryN;
420 int i;
422 for (i = 0; i < count; i++)
424 nfs4_ace_int_t *ace = &a->aclEntry[i];
426 if (!((ace->flags & ACE4_ID_SPECIAL) != 0
427 && (ace->aceWho.special_whoid == ACE4_WHO_OWNER
428 || ace->aceWho.special_whoid == ACE4_WHO_GROUP
429 || ace->aceWho.special_whoid == ACE4_WHO_EVERYONE)
430 && ace->aceType == ACE4_ACCESS_ALLOWED_ACE_TYPE
431 && ace->aceFlags == 0
432 && (ace->aceMask & ~(ACE4_READ_DATA | ACE4_LIST_DIRECTORY
433 | ACE4_WRITE_DATA | ACE4_ADD_FILE
434 | ACE4_EXECUTE)) == 0))
435 return 1;
437 return 0;
438 # endif
441 # endif
443 #elif USE_ACL && HAVE_ACLSORT /* NonStop Kernel */
445 /* Test an ACL retrieved with ACL_GET.
446 Return 1 if the given ACL, consisting of COUNT entries, is non-trivial.
447 Return 0 if it is trivial, i.e. equivalent to a simple stat() mode. */
449 acl_nontrivial (int count, struct acl *entries)
451 int i;
453 for (i = 0; i < count; i++)
455 struct acl *ace = &entries[i];
457 /* Note: If ace->a_type = USER_OBJ, ace->a_id is the st_uid from stat().
458 If ace->a_type = GROUP_OBJ, ace->a_id is the st_gid from stat().
459 We don't need to check ace->a_id in these cases. */
460 if (!(ace->a_type == USER_OBJ /* no need to check ace->a_id here */
461 || ace->a_type == GROUP_OBJ /* no need to check ace->a_id here */
462 || ace->a_type == CLASS_OBJ
463 || ace->a_type == OTHER_OBJ))
464 return 1;
466 return 0;
469 #endif
471 void
472 free_permission_context (struct permission_context *ctx)
474 #ifdef USE_ACL
475 # if HAVE_ACL_GET_FILE /* Linux, FreeBSD, Mac OS X, IRIX, Tru64 */
476 if (ctx->acl)
477 acl_free (ctx->acl);
478 # if !HAVE_ACL_TYPE_EXTENDED
479 if (ctx->default_acl)
480 acl_free (ctx->default_acl);
481 # endif
483 # elif defined GETACL /* Solaris, Cygwin */
484 free (ctx->entries);
485 # ifdef ACE_GETACL
486 free (ctx->ace_entries);
487 # endif
489 # elif HAVE_GETACL /* HP-UX */
491 # if HAVE_ACLV_H
492 # endif
494 # elif HAVE_STATACL /* older AIX */
496 # elif HAVE_ACLSORT /* NonStop Kernel */
498 # endif
499 #endif