search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix LIST showing non-existant element paths.
[pwmd.git] / src / xml.c
blob6757604938f619d97c97dbc9d1c1b6c33ebe4f18
1 /*
2 Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015
3 Ben Kibbey <bjk@luxsci.net>
4
5 This file is part of pwmd.
6
7 Pwmd is free software: you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation, either version 2 of the License, or
10 (at your option) any later version.
11
12 Pwmd is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with Pwmd. If not, see <http://www.gnu.org/licenses/>.
19 */
20 #ifdef HAVE_CONFIG_H
21 #include <config.h>
22 #endif
23
24 #include <stdio.h>
25 #include <stdlib.h>
26 #include <unistd.h>
27 #include <err.h>
28 #include <string.h>
29 #include <sys/stat.h>
30 #include <fcntl.h>
31 #include <ctype.h>
32 #include <libxml/xmlwriter.h>
33 #include <wctype.h>
34 #include <sys/types.h>
35 #include <pwd.h>
36
37 #ifndef _
38 #include "gettext.h"
39 #define _(msgid) gettext(msgid)
40 #endif
41
42 #include "pwmd-error.h"
43 #include "util-misc.h"
44 #include "xml.h"
45 #include "mem.h"
46 #include "rcfile.h"
47 #include "commands.h"
48
49 extern void log_write (const char *fmt, ...);
50
51 /*
52 * 'element' must be allocated.
53 */
54 int
55 is_literal_element (char **element)
56 {
57 char *p;
58
59 if (!element || !*element)
60 return 0;
61
62 if (*(*element) == '!')
63 {
64 char *c;
65
66 for (p = *element, c = p + 1; *c; c++)
67 *p++ = *c;
68
69 *p = 0;
70 return 1;
71 }
72
73 return 0;
74 }
75
76 int
77 valid_xml_attribute (const char *str)
78 {
79 wchar_t *wc;
80 size_t len, c;
81 int ret = valid_xml_element ((xmlChar *)str);
82
83 if (!ret)
84 return ret;
85
86 wc = str_to_wchar ((const char *)str);
87 if (!wc)
88 return 0;
89
90 len = wcslen (wc);
91 for (c = 0; c < len; c++)
92 {
93 switch (wc[c])
94 {
95 case '-':
96 case '.':
97 case '0' ... '9':
98 case 0xB7:
99 case 0x0300 ... 0x036F:
100 case 0x203F ... 0x2040:
101 if (!c)
102 {
103 xfree (wc);
104 return 0;
105 }
106 case ':': break;
107 case '_': break;
108 case 'A' ... 'Z': break;
109 case 'a' ... 'z': break;
110 case 0xC0 ... 0xD6: break;
111 case 0xD8 ... 0xF6: break;
112 case 0xF8 ... 0x2FF: break;
113 case 0x370 ... 0x37D: break;
114 case 0x37F ... 0x1FFF: break;
115 case 0x200C ... 0x200D: break;
116 case 0x2070 ... 0x218F: break;
117 case 0x2C00 ... 0x2FEF: break;
118 case 0x3001 ... 0xD7FF: break;
119 case 0xF900 ... 0xFDCF: break;
120 case 0xFDF0 ... 0xFFFD: break;
121 case 0x10000 ... 0xEFFFF: break;
122 default:
123 xfree (wc);
124 return 0;
125 }
126 }
127
128 xfree (wc);
129 return 1;
130 }
131
132 int
133 valid_xml_element (xmlChar *str)
134 {
135 wchar_t *wc;
136 size_t len, c;
137
138 if (!str || !*str || *str == '!')
139 return 0;
140
141 wc = str_to_wchar ((const char *)str);
142 if (!wc)
143 return 0;
144
145 len = wcslen (wc);
146 for (c = 0; c < len; c++)
147 {
148 if (iswspace(wc[c]))
149 {
150 xfree (wc);
151 return 0;
152 }
153 }
154
155 xfree (wc);
156 return 1;
157 }
158
159 int
160 valid_element_path (char **path, int with_content)
161 {
162 char **dup = NULL, **p;
163
164 if (!path || !*path)
165 return 0;
166
167 /* Save some memory by not duplicating the element content. */
168 if (with_content)
169 {
170 int i, t = strv_length (path);
171
172 for (i = 0; i < t - 1; i++)
173 {
174 char **tmp = xrealloc (dup, (i + 2) * sizeof (char *));
175
176 if (!tmp)
177 {
178 strv_free (dup);
179 return 0;
180 }
181
182 dup = tmp;
183 dup[i] = str_dup (path[i]);
184 dup[i + 1] = NULL;
185 }
186 }
187 else
188 dup = strv_dup (path);
189
190 if (!dup)
191 return 0;
192
193 for (p = dup; *p && *(*p); p++)
194 {
195 is_literal_element (&(*p));
196 if (!valid_xml_element ((xmlChar *) * p))
197 {
198 strv_free (dup);
199 return 0;
200 }
201 }
202
203 strv_free (dup);
204 return 1;
205 }
206
207 gpg_error_t
208 attr_ctime (struct client_s *client, xmlNodePtr n)
209 {
210 char *buf = str_asprintf ("%li", time (NULL));
211 gpg_error_t rc;
212
213 if (!buf)
214 return GPG_ERR_ENOMEM;
215
216 rc = add_attribute (client, n, "_ctime", buf);
217 xfree (buf);
218 return rc;
219 }
220
221 static gpg_error_t
222 acl_check (struct client_s *client, xmlNodePtr n)
223 {
224 gpg_error_t rc = GPG_ERR_EACCES;
225 xmlChar *acl = node_has_attribute (n, (xmlChar *) "_acl");
226 char **users = acl ? str_split((char *)acl, ",", 0) : NULL;
227 char **p;
228 int allowed = 0;
229
230 if (!acl || !*acl || !users || !*users)
231 {
232 xmlFree (acl);
233 strv_free(users);
234 return peer_is_invoker(client);
235 }
236
237 if (!peer_is_invoker(client))
238 return 0;
239
240 for (p = users; *p; p++)
241 {
242 #ifdef WITH_GNUTLS
243 rc = acl_check_common (client, *p,
244 client->thd->remote ? 0 : client->thd->peer->uid,
245 client->thd->remote ? 0 : client->thd->peer->gid,
246 &allowed);
247 #else
248 rc = acl_check_common (client, *p, client->thd->peer->uid,
249 client->thd->peer->gid, &allowed);
250 #endif
251 }
252
253 xmlFree(acl);
254 strv_free(users);
255
256 // ATTR LIST makes use of FLAG_ACL_IGNORE to allow listing of element
257 // attributes that the client is not normally allowed access to.
258 if ((rc == GPG_ERR_EACCES || !allowed) && client->flags & FLAG_ACL_IGNORE)
259 {
260 rc = 0;
261 client->flags &= ~FLAG_ACL_IGNORE;
262
263 // This flag is used in ATTR LIST to prevent listing attributes of
264 // children whose parent ACL does not allow access to the client.
265 client->flags |= FLAG_ACL_ERROR;
266 allowed = 1;
267 }
268
269 if (rc)
270 return rc;
271
272 return allowed ? 0 : GPG_ERR_EACCES;
273 }
274
275 static char *
276 create_acl_user (struct client_s *client)
277 {
278 #ifdef WITH_GNUTLS
279 if (client->thd->remote)
280 return str_asprintf ("#%s", client->thd->tls->fp);
281 #endif
282
283 return get_username (client->thd->peer->uid);
284 }
285
286 static gpg_error_t
287 create_new_element (struct client_s *client, int verify, xmlNodePtr parent,
288 const char *name, xmlNodePtr * result)
289 {
290 xmlNodePtr n;
291 gpg_error_t rc;
292
293 // Allow any client to create a non-existing root element.
294 if (parent->parent->type != XML_DOCUMENT_NODE)
295 {
296 rc = acl_check(client, parent);
297 if (rc)
298 return rc;
299 }
300
301 n = xmlNewNode (NULL, (xmlChar *) "element");
302 if (!n)
303 return GPG_ERR_ENOMEM;
304
305 rc = add_attribute (client, n, "_name", name);
306 if (!rc)
307 rc = attr_ctime (client, n);
308
309 if (!rc && verify && parent->parent->type != XML_DOCUMENT_NODE)
310 rc = is_element_owner (client, parent);
311
312 if (!rc)
313 {
314 xmlNodePtr p = xmlAddChild (parent, n);
315 char *user = create_acl_user (client);
316
317 if (result)
318 *result = p;
319
320 rc = add_attribute(client, p, "_acl", user);
321 xfree (user);
322 }
323 else
324 xmlFreeNode (n);
325
326 return rc;
327 }
328
329 gpg_error_t
330 new_root_element (struct client_s *client, xmlDocPtr doc, char *name)
331 {
332 xmlNodePtr root = xmlDocGetRootElement (doc);
333 char *p = name;
334
335 if (!p || !root)
336 return GPG_ERR_BAD_DATA;
337
338 if (*p == '!')
339 p++;
340
341 if (!valid_xml_element ((xmlChar *) p))
342 return GPG_ERR_INV_VALUE;
343
344 return create_new_element (client, 0, root, p, NULL);
345 }
346
347 static xmlDocPtr
348 create_dtd ()
349 {
350 xmlDocPtr doc;
351 xmlTextWriterPtr wr = xmlNewTextWriterDoc (&doc, 0);
352
353 if (!wr)
354 return NULL;
355
356 if (xmlTextWriterStartDocument (wr, NULL, "UTF-8", "yes"))
357 goto fail;
358
359 if (xmlTextWriterStartDTD (wr, (xmlChar *) "pwmd", NULL, NULL) == -1)
360 goto fail;
361
362 if (xmlTextWriterWriteDTDElement (wr, (xmlChar *) "pwmd",
363 (xmlChar *) "(element)") == -1)
364 goto fail;
365
366 xmlTextWriterEndDTDElement (wr);
367
368 if (xmlTextWriterWriteDTDAttlist (wr, (xmlChar *) "element",
369 (xmlChar *) "_name CDATA #REQUIRED") ==
370 -1)
371 goto fail;
372
373 xmlTextWriterEndDTDAttlist (wr);
374 xmlTextWriterEndDTD (wr);
375
376 if (xmlTextWriterStartElement (wr, (xmlChar *) "pwmd"))
377 goto fail;
378
379 xmlTextWriterEndElement (wr);
380 xmlTextWriterEndDocument (wr);
381 xmlFreeTextWriter (wr);
382 return doc;
383
384 fail:
385 xmlTextWriterEndDocument (wr);
386 xmlFreeTextWriter (wr);
387 xmlFreeDoc (doc);
388 return NULL;
389 }
390
391 xmlDocPtr
392 new_document ()
393 {
394 return create_dtd ();
395 }
396
397 xmlNodePtr
398 find_element_node (xmlNodePtr node)
399 {
400 xmlNodePtr n = node;
401
402 if (n && n->type == XML_ELEMENT_NODE)
403 return n;
404
405 for (n = node; n; n = n->next)
406 {
407 if (n->type == XML_ELEMENT_NODE)
408 return n;
409 }
410
411 return NULL;
412 }
413
414 static xmlNodePtr
415 resolve_path (struct client_s *client, xmlDocPtr doc, xmlChar * path,
416 char ***result, gpg_error_t * rc)
417 {
418 xmlNodePtr n;
419 char **req;
420
421 req = str_split ((char *) path, "\t", 0);
422 if (!req)
423 {
424 *rc = GPG_ERR_ENOMEM;
425 return NULL;
426 }
427
428 n = find_root_element (client, doc, &req, rc, NULL, 0, 0);
429 if (!n)
430 {
431 strv_free (req);
432 return NULL;
433 }
434
435 if (req[1])
436 n = find_elements (client, doc, n->children, req + 1, rc, NULL, NULL, NULL,
437 0, 0, NULL, 0);
438
439 if (*rc)
440 strv_free (req);
441 else
442 *result = req;
443
444 return n;
445 }
446
447 /*
448 * Lists root element names; the value of the attribute "_name" of an element
449 * "element". If there's a target attribute both literal and non-literal
450 * element names will be added. This is the primary reason why XML entities
451 * cannot be used. There wouldn't be a way to get the literal an non-literal
452 * element paths.
453 */
454 gpg_error_t
455 list_root_elements (struct client_s *client, xmlDocPtr doc,
456 struct string_s ** result, int verbose, int with_target)
457 {
458 xmlNodePtr n = NULL;
459 struct slist_s *list = NULL;
460 int total, i;
461 struct string_s *string;
462 gpg_error_t rc = 0;
463
464 n = xmlDocGetRootElement (doc);
465 if (!n || !n->children)
466 return GPG_ERR_NO_DATA;
467
468 for (n = n->children; n; n = n->next)
469 {
470 xmlAttrPtr a;
471 xmlChar *val, *target;
472 struct slist_s *tlist;
473 char *tmp;
474
475 if (n->type != XML_ELEMENT_NODE)
476 continue;
477
478 a = xmlHasProp (n, (xmlChar *) "_name");
479 if (!a || !a->children->content)
480 continue;
481
482 val = xmlNodeGetContent (a->children);
483 if (!val)
484 {
485 rc = GPG_ERR_ENOMEM;
486 goto fail;
487 }
488
489 tmp = str_asprintf ("!%s%s", (char *) val,
490 verbose ? find_element_node (n->children) ? " +"
491 : "" : "");
492
493 if (!tmp)
494 {
495 xmlFree (val);
496 rc = GPG_ERR_ENOMEM;
497 goto fail;
498 }
499
500 tlist = slist_append (list, tmp);
501 if (!tlist)
502 {
503 xmlFree (val);
504 rc = GPG_ERR_ENOMEM;
505 goto fail;
506 }
507
508 list = tlist;
509 target = node_has_attribute (n, (xmlChar *) "target");
510 if (target)
511 {
512 char *t = NULL;
513
514 if (verbose)
515 {
516 char **req = NULL;
517 xmlNodePtr tnode = resolve_path (client, doc, target, &req, &rc);
518
519 if (rc == GPG_ERR_ELEMENT_NOT_FOUND || rc == GPG_ERR_ELOOP
520 || rc == GPG_ERR_EACCES)
521 {
522 t = str_asprintf ("%s %s", (char *) val,
523 rc == GPG_ERR_ELOOP ? "O" :
524 rc == GPG_ERR_EACCES ? "P" : "E");
525 rc = 0;
526 }
527 else if (!rc)
528 {
529 struct string_s *realpath = NULL;
530
531 if (with_target)
532 {
533 rc = build_realpath (client, doc, (char *) target,
534 &realpath);
535 if (rc)
536 {
537 strv_free (req);
538 xmlFree (val);
539 xmlFree (target);
540 goto fail;
541 }
542
543 realpath = string_prepend (realpath, "T ");
544 }
545
546 t = str_asprintf ("%s%s%s%s", (char *) val,
547 (tnode
548 && find_element_node (tnode->children))
549 || realpath ? " " : "", tnode
550 && find_element_node (tnode->children) ?
551 "+" : "", realpath ? realpath->str : "");
552
553 if (realpath)
554 string_free (realpath, 1);
555 }
556
557 if (req)
558 strv_free (req);
559 }
560 else
561 t = str_dup ((char *) val);
562
563 if (!t || rc)
564 {
565 xmlFree (val);
566 xmlFree (target);
567 rc = rc ? rc : GPG_ERR_ENOMEM;
568 goto fail;
569 }
570
571 tlist = slist_append (list, t);
572 if (!tlist)
573 {
574 xmlFree (val);
575 xfree (t);
576 xmlFree (target);
577 rc = GPG_ERR_ENOMEM;
578 goto fail;
579 }
580
581 list = tlist;
582 }
583
584 xmlFree (val);
585 xmlFree (target);
586 }
587
588 total = slist_length (list);
589 if (!total)
590 return GPG_ERR_NO_DATA;
591
592 string = string_new (NULL);
593 if (!string)
594 {
595 rc = GPG_ERR_ENOMEM;
596 goto fail;
597 }
598
599 for (i = 0; i < total; i++)
600 {
601 char *val = slist_nth_data (list, i);
602
603 string_append_printf (string, "%s\n", val);
604 }
605
606 string = string_truncate (string, string->len - 1);
607 *result = string;
608
609 fail:
610 total = slist_length (list);
611 for (i = 0; i < total; i++)
612 xfree (slist_nth_data (list, i));
613
614 slist_free (list);
615 return rc;
616 }
617
618 /*
619 * Prevents a sibling element past the current element path with the same
620 * element name.
621 */
622 static xmlNodePtr
623 find_stop_node (xmlNodePtr node)
624 {
625 xmlNodePtr n;
626
627 for (n = node->parent->children; n; n = n->next)
628 {
629 if (n == node)
630 return n->next;
631 }
632
633 return NULL;
634 }
635
636 xmlNodePtr
637 create_target_elements_cb (struct client_s *client, int verify,
638 xmlNodePtr node, char **path, gpg_error_t *rc,
639 void *data)
640 {
641 int i;
642 char **req = path;
643 xmlNodePtr parent = data;
644
645 for (i = 0; req[i] && *req[i]; i++)
646 {
647 xmlNodePtr n;
648
649 if (parent && node == parent)
650 {
651 *rc = GPG_ERR_CONFLICT;
652 return NULL;
653 }
654
655 is_literal_element (&req[i]);
656
657 if ((n = find_element (client, node, req[i],
658 find_stop_node (node), rc)) == NULL ||
659 (n && n->parent == node->parent))
660 {
661
662 if (!*rc)
663 *rc = create_new_element (client, verify, node, req[i], &node);
664
665 if (*rc)
666 return NULL;
667 }
668 else
669 node = n;
670 }
671
672 return node;
673 }
674
675 xmlNodePtr
676 find_text_node (xmlNodePtr node)
677 {
678 xmlNodePtr n = node;
679
680 if (n && n->type == XML_TEXT_NODE)
681 return n;
682
683 for (n = node; n; n = n->next)
684 {
685 if (n->type == XML_TEXT_NODE)
686 return n;
687 }
688
689 return NULL;
690 }
691
692 xmlNodePtr
693 create_elements_cb (struct client_s *client, int verify, xmlNodePtr node,
694 char **elements, gpg_error_t * rc, void *data)
695 {
696 int i;
697 char **req = elements;
698
699 if (node->type == XML_TEXT_NODE)
700 node = node->parent;
701
702 for (i = 0; req[i] && *req[i]; i++)
703 {
704 xmlNodePtr n;
705
706 /*
707 * Strip the first '!' if needed. If there's another, it's an
708 * rc. The syntax has already been checked before calling this
709 * function.
710 */
711 is_literal_element (&req[i]);
712 n = find_element (client, node, req[i], find_stop_node (node), rc);
713 if (*rc)
714 return NULL;
715
716 /*
717 * If the found element has the same parent as the current element,
718 * they are siblings and the new element needs to be created as a
719 * child of the current element (node).
720 */
721 if (n && n->parent == node->parent)
722 n = NULL;
723
724 if (!n)
725 {
726 *rc = create_new_element (client, 0, node, req[i], &node);
727 if (*rc)
728 return NULL;
729 }
730 else
731 node = n;
732 }
733
734 return node;
735 }
736
737 /* The root element is really req[0]. It is need as a pointer in case there is
738 * a target attribute so it can be updated. */
739 xmlNodePtr
740 find_root_element (struct client_s *client, xmlDocPtr doc, char ***req,
741 gpg_error_t * rc, int *target, int recursion_depth,
742 int stop)
743 {
744 xmlNodePtr n = xmlDocGetRootElement (doc);
745 int depth = 0;
746 char *root = str_dup (*req[0]);
747 int literal = is_literal_element (&root);
748
749 if (!root)
750 {
751 *rc = GPG_ERR_ENOMEM;
752 return NULL;
753 }
754
755 *rc = 0;
756 recursion_depth++;
757
758 if (max_recursion_depth >= 1 && recursion_depth > max_recursion_depth)
759 {
760 xmlChar *t = xmlGetNodePath (n);
761
762 log_write ("%s: %s", pwmd_strerror (GPG_ERR_ELOOP), t);
763 xmlFree (t);
764 xfree (root);
765 *rc = GPG_ERR_ELOOP;
766 return NULL;
767 }
768
769 while (n)
770 {
771 if (n->type == XML_ELEMENT_NODE)
772 {
773 if (depth == 0 && xmlStrEqual (n->name, (xmlChar *) "pwmd"))
774 {
775 n = n->children;
776 depth++;
777 continue;
778 }
779
780 if (depth == 1 && xmlStrEqual (n->name, (xmlChar *) "element"))
781 {
782 xmlChar *content = node_has_attribute (n, (xmlChar *) "_name");
783
784 if (!content)
785 continue;
786
787 if (xmlStrEqual (content, (xmlChar *) root))
788 {
789 char **nreq, **tmp = NULL;
790 int acl = client->flags & FLAG_ACL_IGNORE;
791
792 *rc = acl_check(client, n);
793 if ((*rc && *rc != GPG_ERR_EACCES)
794 || (*rc == GPG_ERR_EACCES && !acl))
795 {
796 xmlFree (content);
797 xfree (root);
798 return NULL;
799 }
800
801 if (acl)
802 {
803 *rc = 0;
804 // This flag is cleared in acl_check() but we always
805 // allow ATTR LIST of root elements.
806 client->flags |= FLAG_ACL_IGNORE;
807 }
808
809 if (literal == 1)
810 {
811 xmlFree (content);
812 xfree (root);
813 return n;
814 }
815
816 xmlFree (content);
817 content = node_has_attribute (n, (xmlChar *) "target");
818
819 if (content && target)
820 *target = 1;
821
822 if (!content || stop)
823 {
824 if (content)
825 xmlFree (content);
826
827 xfree (root);
828 return n;
829 }
830
831 if (strchr ((char *) content, '\t'))
832 {
833 nreq = str_split ((char *) content, "\t", 0);
834 xmlFree (content);
835
836 #if 0
837 /*
838 * FIXME ENOMEM
839 */
840 if (!nreq)
841 {
842 *rc = GPG_ERR_ENOMEM;
843 return NULL;
844 }
845 #endif
846
847 tmp = *req;
848 tmp = strv_catv (nreq, tmp + 1);
849 strv_free (nreq);
850
851 if (!tmp)
852 {
853 xfree (root);
854 *rc = GPG_ERR_ENOMEM;
855 return NULL;
856 }
857
858 strv_free (*req);
859 *req = tmp;
860 }
861 else
862 {
863 if (strv_printf (&tmp, "%s", content) == 0)
864 {
865 xmlFree (content);
866 xfree (root);
867 *rc = GPG_ERR_ENOMEM;
868 return NULL;
869 }
870
871 xmlFree (content);
872 nreq = *req;
873 nreq = strv_catv (tmp, nreq + 1);
874 strv_free (tmp);
875
876 if (!nreq)
877 {
878 *rc = GPG_ERR_ENOMEM;
879 xfree (root);
880 return NULL;
881 }
882
883 strv_free (*req);
884 *req = nreq;
885 }
886
887 xfree (root);
888 n = find_root_element (client, doc, req, rc, target,
889 recursion_depth, 0);
890 return n;
891 }
892
893 xmlFree (content);
894 }
895 }
896
897 n = n->next;
898 }
899
900 xfree (root);
901 *rc = GPG_ERR_ELEMENT_NOT_FOUND;
902 return NULL;
903 }
904
905 xmlNodePtr
906 find_element (struct client_s *client, xmlNodePtr node, char *element,
907 xmlNodePtr stop, gpg_error_t *rc)
908 {
909 xmlNodePtr n;
910
911 *rc = 0;
912
913 if (!node || !element)
914 return NULL;
915
916 for (n = node; n; n = n->next)
917 {
918 if (n->type != XML_ELEMENT_NODE)
919 continue;
920
921 if (n == stop)
922 break;
923
924 xmlChar *a = node_has_attribute (n, (xmlChar *) "_name");
925
926 if (a && xmlStrEqual (a, (xmlChar *) element))
927 {
928 xmlFree (a);
929
930 // Prevent ATTR LIST showing child element attributes for a parent
931 // whos ACL denies the client.
932 if (client->flags & FLAG_ACL_ERROR)
933 {
934 *rc = GPG_ERR_EACCES;
935 return NULL;
936 }
937
938 *rc = acl_check(client, n);
939 if (*rc)
940 n = NULL;
941
942 return n;
943 }
944
945 xmlFree (a);
946 }
947
948 return NULL;
949 }
950
951 xmlChar *
952 node_has_attribute (xmlNodePtr n, xmlChar * attr)
953 {
954 xmlAttrPtr a = xmlHasProp (n, attr);
955
956 if (!a)
957 return NULL;
958
959 if (!a->children || !a->children->content)
960 return NULL;
961
962 return xmlGetProp (n, attr);
963 }
964
965 static int
966 element_to_literal (char **element)
967 {
968 char *p = str_asprintf ("!%s", *element);
969
970 if (!p)
971 return 0;
972
973 xfree (*element);
974 *element = p;
975 return 1;
976 }
977
978 /* Resolves elements in 'req' one at a time. It's recursive in case of
979 * "target" attributes. */
980 xmlNodePtr
981 find_elements (struct client_s *client, xmlDocPtr doc, xmlNodePtr node,
982 char **req, gpg_error_t * rc, int *target,
983 xmlNodePtr (*found_fn) (struct client_s *, xmlNodePtr, char **,
984 gpg_error_t *, char **, void *),
985 xmlNodePtr (*not_found_fn) (struct client_s *, int, xmlNodePtr,
986 char **, gpg_error_t *, void *),
987 int is_list_command, int recursion_depth, void *data, int stop)
988 {
989 xmlNodePtr n, last, last_node;
990 char **p;
991 int found = 0;
992
993 *rc = 0;
994 recursion_depth++;
995
996 if (max_recursion_depth >= 1 && recursion_depth > max_recursion_depth)
997 {
998 xmlChar *t = xmlGetNodePath (node);
999
1000 log_write ("%s: %s", pwmd_strerror (GPG_ERR_ELOOP), t);
1001 xmlFree (t);
1002 recursion_depth--;
1003 *rc = GPG_ERR_ELOOP;
1004 return NULL;
1005 }
1006
1007 for (last_node = last = n = node, p = req; *p; p++)
1008 {
1009 xmlNodePtr tmp;
1010 char *t;
1011 int literal;
1012
1013 if (!*(*p))
1014 {
1015 *rc = GPG_ERR_ELEMENT_NOT_FOUND;
1016 return NULL;
1017 }
1018
1019 t = str_dup (*p);
1020 if (!t)
1021 {
1022 *rc = GPG_ERR_ENOMEM;
1023 return NULL;
1024 }
1025
1026 literal = is_literal_element (&t);
1027 n = find_element (client, last, t, NULL, rc);
1028 xfree (t);
1029
1030 if (*rc && *rc != GPG_ERR_ELEMENT_NOT_FOUND)
1031 return NULL;
1032
1033 if (!n)
1034 {
1035 if (!*rc)
1036 *rc = GPG_ERR_ELEMENT_NOT_FOUND;
1037
1038 if (not_found_fn)
1039 return not_found_fn (client, 0,
1040 found ? last_node : last_node->parent, p,
1041 rc, data);
1042 return NULL;
1043 }
1044
1045 last = n->children;
1046 last_node = n;
1047 found = 1;
1048
1049 if (literal == 0)
1050 {
1051 xmlChar *content = node_has_attribute (n, (xmlChar *) "target");
1052 char **nreq = NULL, **nnreq;
1053
1054 if (!content)
1055 {
1056 if (is_list_command == 1)
1057 {
1058 if (element_to_literal (&(*p)) == 0)
1059 {
1060 *rc = GPG_ERR_ENOMEM;
1061 return NULL;
1062 }
1063 }
1064
1065 continue;
1066 }
1067
1068 if (target)
1069 *target = 1;
1070
1071 if (!*(p + 1) && stop)
1072 {
1073 xmlFree (content);
1074 return n;
1075 }
1076
1077 if (strchr ((char *) content, '\t') != NULL)
1078 {
1079 if ((nreq = str_split ((char *) content, "\t", 0)) == NULL)
1080 {
1081 xmlFree (content);
1082 *rc = GPG_ERR_INV_VALUE;
1083 return NULL;
1084 }
1085 }
1086 else
1087 {
1088 if ((nreq = str_split ((char *) content, " ", 0)) == NULL)
1089 {
1090 xmlFree (content);
1091 *rc = GPG_ERR_INV_VALUE;
1092 return NULL;
1093 }
1094 }
1095
1096 xmlFree (content);
1097 tmp = find_root_element (client, doc, &nreq, rc, target, 0, 0);
1098 if (!tmp)
1099 {
1100 strv_free (nreq);
1101 if (not_found_fn && *rc == GPG_ERR_EACCES)
1102 return not_found_fn (client, 0, NULL, p, rc, data);
1103 return NULL;
1104 }
1105
1106
1107 if (found_fn)
1108 {
1109 found_fn (client, tmp, nreq, rc, p + 1, data);
1110
1111 if (*rc)
1112 {
1113 strv_free (nreq);
1114 return NULL;
1115 }
1116 }
1117
1118 if (!*(nreq + 1) && !*(p + 1))
1119 {
1120 strv_free (nreq);
1121 return tmp;
1122 }
1123
1124 nnreq = strv_catv (nreq + 1, p + 1);
1125 strv_free (nreq);
1126
1127 // FIXME ENOMEM
1128 if (!nnreq || !*nnreq)
1129 {
1130 if (nnreq)
1131 strv_free (nnreq);
1132
1133 return tmp;
1134 }
1135
1136 if (tmp->children)
1137 n = find_elements (client, doc, tmp->children, nnreq, rc, NULL,
1138 found_fn, not_found_fn, is_list_command,
1139 recursion_depth, data, stop);
1140 else
1141 {
1142 strv_free (nnreq);
1143
1144 if (not_found_fn)
1145 return not_found_fn (client, 0, tmp, p + 1, rc, data);
1146
1147 *rc = GPG_ERR_ELEMENT_NOT_FOUND;
1148 return NULL;
1149 }
1150
1151 if (*(p + 1))
1152 {
1153 char **zz = p + 1, **qq = nnreq;
1154
1155 if (strv_length (nnreq) > strv_length (p + 1))
1156 qq = nnreq + 1;
1157
1158 for (; *qq && *zz; zz++)
1159 {
1160 xfree (*zz);
1161 *zz = str_dup (*qq++);
1162
1163 if (!*zz)
1164 {
1165 *rc = GPG_ERR_ENOMEM;
1166 n = NULL;
1167 break;
1168 }
1169 }
1170 }
1171
1172 strv_free (nnreq);
1173 return n;
1174 }
1175 }
1176
1177 return n;
1178 }
1179
1180 static int
1181 update_element_list (struct element_list_s *elements)
1182 {
1183 char *line;
1184 struct slist_s *l;
1185
1186 if (!elements || !elements->elements)
1187 return 1;
1188
1189 line = strv_join ("\t", elements->elements);
1190
1191 if (!line)
1192 return 0;
1193
1194 strv_free (elements->elements);
1195 elements->elements = NULL;
1196 l = slist_append (elements->list, line);
1197
1198 if (!l)
1199 return 0;
1200
1201 elements->list = l;
1202 return 1;
1203 }
1204
1205 static gpg_error_t
1206 path_list_recurse (struct client_s *client, xmlDocPtr doc, xmlNodePtr node,
1207 struct element_list_s *elements)
1208 {
1209 gpg_error_t rc = 0;
1210 xmlNodePtr n;
1211 gpg_error_t error_flag = 0;
1212
1213 for (n = node; n; n = n->next)
1214 {
1215 xmlChar *target = NULL;
1216 xmlChar *a = node_has_attribute (n, (xmlChar *) "_name");
1217 gpg_error_t err = 0;
1218 char *path = NULL;
1219
1220 rc = 0;
1221 if (!a)
1222 continue;
1223
1224 if (n->type != XML_ELEMENT_NODE)
1225 goto children;
1226
1227 rc = acl_check(client, n);
1228
1229 if (elements->verbose)
1230 {
1231 if (strv_printf
1232 (&elements->elements, "%s\t!%s%s%s", elements->prefix, a,
1233 !rc && find_element_node (n->children) ? " +" : "",
1234 rc == GPG_ERR_EACCES ? " P" : rc ? " E" : "") == 0)
1235 {
1236 xmlFree (a);
1237 return GPG_ERR_ENOMEM;
1238 }
1239 }
1240 else
1241 if (strv_printf (&elements->elements, "%s\t!%s", elements->prefix, a)
1242 == 0)
1243 {
1244 xmlFree (a);
1245 return GPG_ERR_ENOMEM;
1246 }
1247
1248 if (update_element_list (elements) == 0)
1249 {
1250 xmlFree (a);
1251 return GPG_ERR_ENOMEM;
1252 }
1253
1254 if (rc == GPG_ERR_EACCES)
1255 {
1256 xmlFree(a);
1257 error_flag = rc;
1258 continue;
1259 }
1260 else if (rc)
1261 {
1262 xmlFree (a);
1263 return rc;
1264 }
1265
1266 target = node_has_attribute (n, (xmlChar *) "target");
1267 if (target)
1268 {
1269 char *tmp;
1270 char *save = elements->prefix;
1271 int r = elements->resolving;
1272 char **req = NULL;
1273 xmlNodePtr tnode;
1274 struct string_s *realpath = NULL;
1275
1276 tnode = resolve_path (client, doc, target, &req, &rc);
1277 if (rc == GPG_ERR_ELOOP || rc == GPG_ERR_ELEMENT_NOT_FOUND
1278 || rc == GPG_ERR_EACCES)
1279 {
1280 if (rc == GPG_ERR_ELOOP)
1281 {
1282 xmlChar *t = xmlGetNodePath (n);
1283
1284 log_write ("%s: %s", pwmd_strerror (GPG_ERR_ELOOP), t);
1285 xmlFree (t);
1286 }
1287
1288 if (elements->verbose)
1289 {
1290 error_flag = err = rc;
1291 rc = 0;
1292 }
1293 }
1294 else if (!elements->verbose && rc)
1295 {
1296 xmlFree (a);
1297 xmlFree (target);
1298 return rc;
1299 }
1300
1301 path = str_asprintf("%s\t%s", elements->prefix, a);
1302 rc = validate_target_attribute (client, client->doc, path, tnode);
1303 xfree (path);
1304 if (rc == GPG_ERR_ELOOP || rc == GPG_ERR_EACCES
1305 || rc == GPG_ERR_ELEMENT_NOT_FOUND)
1306 {
1307 if (rc != GPG_ERR_ELEMENT_NOT_FOUND)
1308 error_flag = err = rc;
1309
1310 rc = 0;
1311 }
1312 else if (rc)
1313 {
1314 xmlFree (a);
1315 xmlFree (target);
1316 return rc;
1317 }
1318
1319 if (err)
1320 {
1321 strv_printf (&elements->elements, "%s\t%s %s", elements->prefix,
1322 a,
1323 err == GPG_ERR_ELOOP ? "O" :
1324 err == GPG_ERR_EACCES ? "P" : "E");
1325 }
1326
1327 if (!err && elements->with_target)
1328 {
1329 rc = build_realpath (client, doc, (char *) target, &realpath);
1330 if (rc)
1331 {
1332 xmlFree (a);
1333 xmlFree (target);
1334 return rc;
1335 }
1336
1337 realpath = string_prepend (realpath, "T ");
1338 }
1339
1340 if (!err && elements->verbose)
1341 {
1342 if (!strv_printf (&elements->elements, "%s\t%s%s%s%s",
1343 elements->prefix, a,
1344 (tnode && find_element_node (tnode->children))
1345 || realpath ? " " : "", tnode
1346 && find_element_node (tnode->children) ? "+" :
1347 "", realpath ? realpath->str : ""))
1348 {
1349 xmlFree (a);
1350 xmlFree (target);
1351 return GPG_ERR_ENOMEM;
1352 }
1353 }
1354 else if (!err)
1355 if (!strv_printf
1356 (&elements->elements, "%s\t%s", elements->prefix, a))
1357 {
1358 xmlFree (a);
1359 xmlFree (target);
1360 return GPG_ERR_ENOMEM;
1361 }
1362
1363 if (realpath)
1364 string_free (realpath, 1);
1365
1366 tmp = strv_join ("\t", elements->elements);
1367 if (!tmp)
1368 {
1369 xmlFree (a);
1370 xmlFree (target);
1371 return GPG_ERR_ENOMEM;
1372 }
1373
1374 if (update_element_list (elements) == 0)
1375 {
1376 xfree (tmp);
1377 xmlFree (a);
1378 xmlFree (target);
1379 return GPG_ERR_ENOMEM;
1380 }
1381
1382 if (!err && elements->recurse)
1383 {
1384 /* Prune element flags. */
1385 if (elements->verbose && strchr (tmp, ' '))
1386 {
1387 char *p;
1388
1389 for (p = tmp; *p; p++)
1390 {
1391 if (*p == ' ')
1392 {
1393 *p = 0;
1394 break;
1395 }
1396 }
1397 }
1398
1399 elements->prefix = tmp;
1400 elements->resolving = 1;
1401 rc = create_path_list (client, doc, elements, (char *) target);
1402 elements->resolving = r;
1403 elements->prefix = save;
1404
1405 if (rc && gpg_err_code (rc) != GPG_ERR_ELOOP
1406 && gpg_err_code(rc) != GPG_ERR_EACCES)
1407 {
1408 xfree (tmp);
1409 xmlFree (target);
1410 xmlFree (a);
1411 return rc;
1412 }
1413
1414 error_flag = err = rc;
1415 rc = 0;
1416 }
1417
1418 xfree (tmp);
1419 xmlFree (target);
1420 }
1421
1422 children:
1423 if (n->children && elements->recurse && err != GPG_ERR_EACCES)
1424 {
1425 char *tmp = str_asprintf ("%s\t!%s", elements->prefix, a);
1426 char *save = elements->prefix;
1427
1428 if (!tmp)
1429 {
1430 xmlFree (a);
1431 return GPG_ERR_ENOMEM;
1432 }
1433
1434 elements->prefix = tmp;
1435 rc = path_list_recurse (client, doc, n->children, elements);
1436 xfree (elements->prefix);
1437 elements->prefix = save;
1438
1439 if (rc)
1440 {
1441 if (gpg_err_code(rc) == GPG_ERR_ELOOP
1442 || gpg_err_code (rc) == GPG_ERR_EACCES
1443 || gpg_err_code (rc) == GPG_ERR_ELEMENT_NOT_FOUND)
1444 {
1445 error_flag = err = rc;
1446 rc = 0;
1447 }
1448 else
1449 {
1450 xmlFree (a);
1451 return rc;
1452 }
1453 }
1454 }
1455
1456 xmlFree (a);
1457 }
1458
1459 return error_flag == GPG_ERR_ELOOP || error_flag == GPG_ERR_EACCES
1460 ? error_flag : rc;
1461 }
1462
1463 gpg_error_t
1464 add_attribute (struct client_s *client, xmlNodePtr node, const char *name,
1465 const char *value)
1466 {
1467 char *buf;
1468 gpg_error_t rc = 0;
1469
1470 if (client && name && !strcmp (name, "target"))
1471 {
1472 rc = is_element_owner (client, node);
1473 if (rc)
1474 return rc;
1475 }
1476
1477 if (name && !xmlSetProp (node, (xmlChar *) name, (xmlChar *) value))
1478 return GPG_ERR_BAD_DATA;
1479
1480 if (client && name && !xmlStrEqual ((xmlChar *) name, (xmlChar *) "_acl"))
1481 {
1482 xmlChar *acl = node_has_attribute (node, (xmlChar *) "_acl");
1483
1484 if (!acl)
1485 {
1486 char *user = create_acl_user (client);
1487
1488 if (user)
1489 {
1490 rc = add_attribute (client, node, (char *) "_acl", user);
1491 xfree (user);
1492 }
1493
1494 return rc;
1495 }
1496
1497 xmlFree (acl);
1498 }
1499
1500 if (name && xmlStrEqual ((xmlChar *) name, (xmlChar *) "_mtime"))
1501 return 0;
1502
1503 buf = str_asprintf ("%li", time (NULL));
1504 rc = add_attribute (client, node, "_mtime", buf);
1505 xfree (buf);
1506 return rc;
1507 }
1508
1509 static xmlNodePtr
1510 list_not_found_cb (struct client_s *client, int i, xmlNodePtr node,
1511 char **req, gpg_error_t *rc, void *data)
1512 {
1513 struct element_list_s *elements = data;
1514
1515 if (*rc != GPG_ERR_EACCES)
1516 return NULL;
1517
1518 elements->data = req;
1519 return NULL;
1520 }
1521
1522 /*
1523 * From the element path 'path', find sub-nodes and append them to the list.
1524 */
1525 gpg_error_t
1526 create_path_list (struct client_s *client, xmlDocPtr doc,
1527 struct element_list_s * elements, char *path)
1528 {
1529 gpg_error_t rc;
1530 char **req, **req_orig;
1531 xmlNodePtr n;
1532 int a_target = 0;
1533 int root_only = 0;
1534
1535 req = str_split (path, "\t", 0);
1536 if (!req)
1537 {
1538 req = str_split (path, " ", 0);
1539 if (!req)
1540 return GPG_ERR_SYNTAX;
1541 }
1542
1543 req_orig = strv_dup (req);
1544 if (!req_orig)
1545 {
1546 rc = GPG_ERR_ENOMEM;
1547 goto fail;
1548 }
1549
1550 n = find_root_element (client, doc, &req, &rc, &a_target, 0, 0);
1551 if ((rc == GPG_ERR_ELEMENT_NOT_FOUND || rc == GPG_ERR_ELOOP
1552 || rc == GPG_ERR_EACCES)
1553 && elements->verbose && a_target)
1554 {
1555 if (rc != GPG_ERR_EACCES)
1556 rc = 0;
1557 else
1558 root_only = 1;
1559
1560 goto done;
1561 }
1562
1563 if (rc == GPG_ERR_EACCES)
1564 {
1565 root_only = 1;
1566 goto done;
1567 }
1568
1569 if (!n && rc == GPG_ERR_ELEMENT_NOT_FOUND && elements->resolving == 1)
1570 {
1571 rc = 0;
1572 goto fail;
1573 }
1574 else if (!n)
1575 goto fail;
1576
1577 if (a_target == 1)
1578 {
1579 xfree (*req);
1580 *req = str_dup (*req_orig);
1581 }
1582
1583 if (*(req + 1))
1584 {
1585 int e_target = 0;
1586
1587 n = find_elements (client, doc, n->children, req + 1, &rc, &e_target,
1588 NULL, list_not_found_cb, 1, 0, elements, 0);
1589 if (!n && rc == GPG_ERR_ELEMENT_NOT_FOUND && elements->resolving == 1)
1590 {
1591 rc = 0;
1592 goto fail;
1593 }
1594 else if (!n && rc && rc != GPG_ERR_EACCES)
1595 goto fail;
1596 }
1597
1598 done:
1599 if (!elements->prefix)
1600 {
1601 /*
1602 * FIXME
1603 *
1604 * If any req_orig element contains no target the element should be
1605 * prefixed with the literal character. Not really crucial if the
1606 * client isn't human because child elements are prefixed for the
1607 * current path. But may be confusing if editing by hand.
1608 */
1609 if (elements->data)
1610 {
1611 /* This is needed to prune the original requested element path to the
1612 * length of the failed element in the path. */
1613 int x = strv_length (req_orig)-strv_length ((char **)elements->data);
1614 int i;
1615 char **tmp = NULL;
1616
1617 for (i = 0; i <= x; i++)
1618 tmp = strv_cat (tmp, str_dup (req_orig[i]));
1619
1620 elements->prefix = strv_join ("\t", tmp);
1621 strv_free (tmp);
1622 elements->data = NULL;
1623 }
1624 else
1625 {
1626 if (root_only)
1627 elements->prefix = str_dup (*req_orig);
1628 else
1629 elements->prefix = strv_join ("\t", req_orig);
1630 }
1631
1632 if (!elements->prefix)
1633 {
1634 rc = GPG_ERR_ENOMEM;
1635 goto fail;
1636 }
1637
1638 if (elements->verbose)
1639 {
1640 int ret;
1641 struct string_s *realpath = NULL;
1642 gpg_error_t allowed = rc;
1643
1644 rc = 0;
1645
1646 if (!allowed && a_target && elements->with_target)
1647 {
1648 rc = build_realpath (client, doc, path, &realpath);
1649 if (rc)
1650 goto fail;
1651
1652 realpath = string_prepend (realpath, "T ");
1653 }
1654
1655 ret = strv_printf (&elements->elements, "%s%s%s%s%s",
1656 elements->prefix,
1657 (!allowed && n && find_element_node (n->children))
1658 || realpath ? " " : "",
1659 (!allowed && n && find_element_node (n->children)) ? "+" : "",
1660 !allowed && realpath ? realpath->str : "",
1661 allowed ? " P" : "");
1662 string_free (realpath, 1);
1663 if (!ret)
1664 {
1665 rc = GPG_ERR_ENOMEM;
1666 goto fail;
1667 }
1668 }
1669 else if (strv_printf (&elements->elements, "%s", elements->prefix) == 0)
1670 {
1671 rc = GPG_ERR_ENOMEM;
1672 goto fail;
1673 }
1674
1675 if (update_element_list (elements) == 0)
1676 {
1677 rc = GPG_ERR_ENOMEM;
1678 goto fail;
1679 }
1680 }
1681
1682 rc = path_list_recurse (client, doc, n ? n->children : n, elements);
1683
1684 fail:
1685 strv_free (req_orig);
1686 strv_free (req);
1687 return rc;
1688 }
1689
1690 gpg_error_t
1691 recurse_xpath_nodeset (struct client_s *client, xmlDocPtr doc,
1692 xmlNodeSetPtr nodes, xmlChar * value,
1693 xmlBufferPtr * result, int cmd, const xmlChar * attr)
1694 {
1695 int i = value ? nodes->nodeNr - 1 : 0;
1696 xmlBufferPtr buf;
1697
1698 buf = xmlBufferCreate ();
1699
1700 if (!buf)
1701 return GPG_ERR_ENOMEM;
1702
1703 for (; value ? i >= 0 : i < nodes->nodeNr; value ? i-- : i++)
1704 {
1705 xmlNodePtr n = nodes->nodeTab[i];
1706 gpg_error_t rc;
1707
1708 if (!n)
1709 continue;
1710
1711 if (!value && !attr)
1712 {
1713 if (xmlNodeDump (buf, doc, n, 0, 0) == -1)
1714 {
1715 *result = buf;
1716 return GPG_ERR_BAD_DATA;
1717 }
1718
1719 continue;
1720 }
1721
1722 if (!attr)
1723 {
1724 xmlNodeSetContent (n, value);
1725 rc = update_element_mtime (client, n);
1726
1727 if (rc)
1728 return rc;
1729 }
1730 else
1731 {
1732 if (!cmd)
1733 rc = add_attribute (client, n, (char *) attr, (char *) value);
1734 else
1735 rc = delete_attribute (client, n, attr);
1736
1737 if (rc)
1738 return rc;
1739 }
1740 }
1741
1742 *result = buf;
1743 return 0;
1744 }
1745
1746 static gpg_error_t
1747 convert_root_element (struct client_s *client, xmlNodePtr n)
1748 {
1749 xmlChar *a = xmlGetProp (n, (xmlChar *) "_name");
1750 gpg_error_t rc;
1751
1752 if (a)
1753 {
1754 xmlFree (a);
1755 xmlChar *t = xmlGetNodePath (n);
1756
1757 log_write (_
1758 ("An existing \"_name\" attribute already exists. Please rename this attribute before converting. Path is: %s"),
1759 t);
1760 xmlFree (t);
1761 return GPG_ERR_AMBIGUOUS_NAME;
1762 }
1763
1764 a = xmlGetProp (n, (xmlChar *) "name");
1765
1766 if (a)
1767 {
1768 rc = add_attribute (client, n, "_name", (char *) a);
1769 xmlFree (a);
1770
1771 if (rc)
1772 return rc;
1773
1774 rc = delete_attribute (client, n, (xmlChar *) "name");
1775
1776 if (rc)
1777 return rc;
1778
1779 xmlNodeSetName (n, (xmlChar *) "element");
1780 }
1781
1782 return 0;
1783 }
1784
1785 gpg_error_t
1786 delete_attribute (struct client_s *client, xmlNodePtr n, const xmlChar * name)
1787 {
1788 xmlAttrPtr a;
1789 gpg_error_t rc = 0;
1790
1791 if ((a = xmlHasProp (n, name)) == NULL)
1792 return GPG_ERR_NOT_FOUND;
1793
1794 if (xmlRemoveProp (a) == -1)
1795 return GPG_ERR_BAD_DATA;
1796
1797 if (client && xmlStrEqual (name, (xmlChar *) "_acl"))
1798 {
1799 char *user = create_acl_user (client);
1800
1801 rc = add_attribute (client, n, (char *) "_acl", user);
1802 xfree (user);
1803
1804 if (rc)
1805 return rc;
1806 }
1807
1808 return update_element_mtime (client, n);
1809 }
1810
1811 static gpg_error_t
1812 convert_elements_recurse (struct client_s *client, xmlDocPtr doc,
1813 xmlNodePtr n, unsigned depth)
1814 {
1815 gpg_error_t rc;
1816
1817 depth++;
1818
1819 for (n = n->children; n; n = n->next)
1820 {
1821 if (n->type == XML_ELEMENT_NODE)
1822 {
1823 if (depth > 1)
1824 {
1825 xmlChar *a = NULL;
1826
1827 if (xmlStrEqual (n->name, (xmlChar *) "element"))
1828 {
1829 xmlChar *t = xmlGetNodePath (n);
1830
1831 log_write (_
1832 ("An existing \"element\" already exists. Please rename this element before converting. Path is: %s"),
1833 t);
1834 xmlFree (t);
1835 return GPG_ERR_AMBIGUOUS_NAME;
1836 }
1837
1838 a = xmlGetProp (n, (xmlChar *) "_name");
1839 if (a)
1840 {
1841 xmlFree (a);
1842 xmlChar *t = xmlGetNodePath (n);
1843
1844 log_write (_
1845 ("An existing \"_name\" attribute already exists. Please rename this attribute before converting. Path is: %s"),
1846 t);
1847 xmlFree (t);
1848 return GPG_ERR_AMBIGUOUS_NAME;
1849 }
1850
1851 xmlChar *tmp = xmlStrdup (n->name);
1852
1853 if (!tmp)
1854 return GPG_ERR_ENOMEM;
1855
1856 xmlNodeSetName (n, (xmlChar *) "element");
1857 rc = add_attribute (client, n, "_name", (char *) tmp);
1858 xmlFree (tmp);
1859
1860 if (rc)
1861 return rc;
1862 }
1863 else
1864 {
1865 rc = convert_root_element (client, n);
1866
1867 if (rc)
1868 return rc;
1869 }
1870 }
1871
1872 if (n->children)
1873 {
1874 rc = convert_elements_recurse (client, doc, n, depth);
1875
1876 if (rc)
1877 return rc;
1878 }
1879 }
1880
1881 return 0;
1882 }
1883
1884 /* Renames ALL elements to the new "element" name. Existing element names are
1885 * stored as an attribute "_name". This was introduced in pwmd 2.12 so
1886 * elements can contain common characters that the XML parser barfs on (an
1887 * email address for example. */
1888 gpg_error_t
1889 convert_pre_212_elements (xmlDocPtr doc)
1890 {
1891 xmlNodePtr n = xmlDocGetRootElement (doc);
1892
1893 log_write (_("Converting pre 2.12 data file..."));
1894 return convert_elements_recurse (NULL, doc, n, 0);
1895 }
1896
1897 gpg_error_t
1898 validate_import (struct client_s *client, xmlNodePtr node)
1899 {
1900 gpg_error_t rc = 0;
1901
1902 if (!node)
1903 return 0;
1904
1905 for (xmlNodePtr n = node; n; n = n->next)
1906 {
1907 if (n->type == XML_ELEMENT_NODE)
1908 {
1909 if (xmlStrEqual (n->name, (xmlChar *) "element"))
1910 {
1911 xmlChar *a = xmlGetProp (n, (xmlChar *) "_name");
1912
1913 if (!a)
1914 {
1915 xmlChar *t = xmlGetNodePath (n);
1916
1917 log_write (_("Missing attribute '_name' at %s."), t);
1918 xmlFree (t);
1919 return GPG_ERR_INV_VALUE;
1920 }
1921
1922 if (!valid_xml_element (a))
1923 {
1924 xmlChar *t = xmlGetNodePath (n);
1925
1926 log_write (_("'%s' is not a valid element name at %s."), a,
1927 t);
1928 xmlFree (a);
1929 xmlFree (t);
1930 return GPG_ERR_INV_VALUE;
1931 }
1932
1933 xmlFree (a);
1934 a = xmlGetProp (n, (xmlChar *) "_ctime");
1935 if (!a)
1936 attr_ctime (client, n);
1937
1938 xmlFree (a);
1939 a = xmlGetProp (n, (xmlChar *) "_mtime");
1940 if (!a)
1941 update_element_mtime (client, n);
1942 xmlFree (a);
1943 }
1944 else
1945 {
1946 xmlChar *t = xmlGetNodePath (n);
1947
1948 log_write (_("Warning: unknown element '%s' at %s. Ignoring."),
1949 n->name, t);
1950 xmlFree (t);
1951 continue;
1952 }
1953 }
1954
1955 if (n->children)
1956 {
1957 rc = validate_import (client, n->children);
1958
1959 if (rc)
1960 return rc;
1961 }
1962 }
1963
1964 return rc;
1965 }
1966
1967 gpg_error_t
1968 update_element_mtime (struct client_s *client, xmlNodePtr n)
1969 {
1970 return add_attribute (client, n, NULL, NULL);
1971 }
1972
1973 gpg_error_t
1974 unlink_node (struct client_s *client, xmlNodePtr n)
1975 {
1976 gpg_error_t rc = 0;
1977
1978 if (!n)
1979 return rc;
1980
1981 if (n->parent)
1982 rc = update_element_mtime (client, n->parent);
1983
1984 xmlUnlinkNode (n);
1985 return rc;
1986 }
1987
1988 gpg_error_t
1989 parse_doc (const char *xml, size_t len, xmlDocPtr *result)
1990 {
1991 xmlDocPtr doc;
1992
1993 xmlResetLastError ();
1994 doc = xmlReadMemory (xml, len, NULL, "UTF-8", XML_PARSE_NOBLANKS);
1995 if (!doc && xmlGetLastError ())
1996 return GPG_ERR_BAD_DATA;
1997
1998 *result = doc;
1999 return !doc ? GPG_ERR_ENOMEM : 0;
2000 }
2001
2002 static xmlNodePtr
2003 realpath_elements_cb (struct client_s *client, xmlNodePtr node, char **target,
2004 gpg_error_t * rc, char **req_orig, void *data)
2005 {
2006 char *path = *(char **) data;
2007 char *tmp = NULL, *result;
2008
2009 if (path)
2010 {
2011 xfree (path);
2012 *(char **) data = NULL;
2013 }
2014
2015 path = strv_join ("\t", target);
2016
2017 if (!path)
2018 {
2019 *rc = GPG_ERR_ENOMEM;
2020 return NULL;
2021 }
2022
2023 if (req_orig)
2024 {
2025 tmp = strv_join ("\t", req_orig);
2026
2027 if (!tmp)
2028 {
2029 xfree (path);
2030 *rc = GPG_ERR_ENOMEM;
2031 return NULL;
2032 }
2033 }
2034
2035 if (tmp && *tmp)
2036 result = str_asprintf ("%s\t%s", path, tmp);
2037 else
2038 result = str_dup (path);
2039
2040 if (!result)
2041 {
2042 *rc = GPG_ERR_ENOMEM;
2043 xfree (path);
2044 xfree (tmp);
2045 return NULL;
2046 }
2047
2048 xfree (path);
2049 xfree (tmp);
2050 *(char **) data = result;
2051 return node;
2052 }
2053
2054 gpg_error_t
2055 build_realpath (struct client_s *client, xmlDocPtr doc, char *line,
2056 struct string_s ** result)
2057 {
2058 gpg_error_t rc;
2059 char **req;
2060 char *t;
2061 int i;
2062 xmlNodePtr n;
2063 struct string_s *string;
2064 char *rp = NULL;
2065
2066 if (strchr (line, '\t') != NULL)
2067 {
2068 if ((req = str_split (line, "\t", 0)) == NULL)
2069 return GPG_ERR_SYNTAX;
2070 }
2071 else
2072 {
2073 if ((req = str_split (line, " ", 0)) == NULL)
2074 return GPG_ERR_SYNTAX;
2075 }
2076
2077 n = find_root_element (client, doc, &req, &rc, NULL, 0, 0);
2078 if (!n)
2079 {
2080 strv_free (req);
2081 return rc;
2082 }
2083
2084 rp = strv_join ("\t", req);
2085 if (!rp)
2086 {
2087 strv_free (req);
2088 return GPG_ERR_ENOMEM;
2089 }
2090
2091 if (req[1])
2092 {
2093 n = find_elements (client, doc, n->children, req + 1, &rc, NULL,
2094 realpath_elements_cb, NULL, 0, 0, &rp, 0);
2095 if (!n)
2096 {
2097 xfree (rp);
2098 strv_free (req);
2099 return rc;
2100 }
2101 }
2102
2103 string = string_new (rp);
2104 xfree (rp);
2105 strv_free (req);
2106 if (!string)
2107 return GPG_ERR_ENOMEM;
2108
2109 again:
2110 for (i = 0, t = string->str + i; *t; t++, i++)
2111 {
2112 if ((!i && *t != '!') || (*t == '\t' && *(t + 1) && *(t + 1) != '!'))
2113 {
2114 struct string_s *s = string_insert_c (string, !i ? i++ : ++i, '!');
2115
2116 if (!s)
2117 {
2118 string_free (string, 1);
2119 return GPG_ERR_ENOMEM;
2120 }
2121
2122 string = s;
2123 goto again;
2124 }
2125 }
2126
2127 *result = string;
2128 return rc;
2129 }
2130
2131 #if 0
2132 static char *
2133 node_to_element_path (xmlNodePtr node)
2134 {
2135 xmlNodePtr n;
2136 struct string_s *str = string_new ("");
2137 char *result;
2138
2139 for (n = node; n; n = n->parent)
2140 {
2141 xmlNodePtr child;
2142
2143 for (child = n; child; child = child->next)
2144 {
2145 if (child->type != XML_ELEMENT_NODE)
2146 continue;
2147
2148 xmlChar *name = node_has_attribute (n, (xmlChar *) "_name");
2149 if (name)
2150 {
2151 str = string_prepend (str, (char *) name);
2152 xmlFree (name);
2153 name = node_has_attribute (n, (xmlChar *) "target");
2154 if (name)
2155 str = string_prepend (str, "\t");
2156 else
2157 str = string_prepend (str, "\t!");
2158 xmlFree (name);
2159 }
2160 break;
2161 }
2162 }
2163
2164 str = string_erase (str, 0, 1);
2165 result = str->str;
2166 string_free (str, 0);
2167 return result;
2168 }
2169 #endif
2170
2171 /*
2172 * Recurse the element tree beginning at 'node' and find elements who point
2173 * back to 'src' or 'dst'. Also follows target attributes.
2174 */
2175 static gpg_error_t
2176 find_child_to_target (struct client_s *client, xmlDocPtr doc, xmlNodePtr node,
2177 xmlNodePtr src, xmlNodePtr dst, unsigned depth,
2178 int is_target)
2179 {
2180 xmlNodePtr n;
2181 gpg_error_t rc = 0;
2182
2183 if (max_recursion_depth >= 1 && depth > max_recursion_depth)
2184 return gpg_error (GPG_ERR_ELOOP);
2185
2186 for (n = node; n; n = n->next)
2187 {
2188 xmlChar *target;
2189
2190 if (n->type != XML_ELEMENT_NODE)
2191 continue;
2192
2193 if (n == src || n == dst)
2194 return GPG_ERR_ELOOP;
2195
2196 target = node_has_attribute (n, (xmlChar *) "target");
2197 if (target)
2198 {
2199 xmlNodePtr tmp;
2200 char **result = NULL;
2201
2202 tmp = resolve_path (client, doc, target, &result, &rc);
2203 xmlFree (target);
2204 strv_free (result);
2205 if (!rc)
2206 {
2207 rc = find_child_to_target (client, doc, tmp, src, dst, ++depth,
2208 1);
2209 depth--;
2210 }
2211
2212 if (rc && gpg_err_code (rc) != GPG_ERR_ELEMENT_NOT_FOUND)
2213 return rc;
2214
2215 if (is_target)
2216 break;
2217
2218 continue;
2219 }
2220
2221 if (n->children)
2222 {
2223 rc = find_child_to_target (client, doc, n->children, src, dst,
2224 ++depth,0);
2225 depth--;
2226 if (rc)
2227 return rc;
2228 }
2229
2230 if (is_target)
2231 break;
2232 }
2233
2234 return rc;
2235 }
2236
2237 static gpg_error_t
2238 find_child_of_parent (xmlDocPtr doc, xmlNodePtr src, xmlNodePtr dst)
2239 {
2240 xmlNodePtr n;
2241 gpg_error_t rc = 0;
2242
2243 for (n = src; n; n = n->next)
2244 {
2245 if (n->type != XML_ELEMENT_NODE)
2246 continue;
2247
2248 if (n == dst)
2249 {
2250 rc = GPG_ERR_ELOOP;
2251 break;
2252 }
2253
2254 rc = find_child_of_parent (doc, n->children, dst);
2255 }
2256
2257 return rc;
2258 }
2259
2260 static gpg_error_t
2261 find_parent_of_child (xmlDocPtr doc, xmlNodePtr node, xmlNodePtr dst)
2262 {
2263 xmlNodePtr n;
2264 gpg_error_t rc = 0;
2265
2266 for (n = node; n; n = n->parent)
2267 {
2268 if (n->type != XML_ELEMENT_NODE)
2269 {
2270 xmlNodePtr tmp;
2271
2272 for (tmp = n->next; tmp; n = n->next)
2273 {
2274 if (n->type != XML_ELEMENT_NODE)
2275 continue;
2276
2277 if (tmp == dst)
2278 return GPG_ERR_ELOOP;
2279 }
2280 }
2281
2282 if (n == dst)
2283 return GPG_ERR_ELOOP;
2284 }
2285
2286 return rc;
2287 }
2288
2289 gpg_error_t
2290 validate_target_attribute (struct client_s *client, xmlDocPtr doc,
2291 const char *src, xmlNodePtr dst_node)
2292 {
2293 gpg_error_t rc;
2294 xmlNodePtr src_node;
2295 char **src_req = NULL;
2296
2297 src_node = resolve_path (client, doc, (xmlChar *) src, &src_req, &rc);
2298 if (rc)
2299 goto fail;
2300
2301 /* A destination element is a child of the source element. */
2302 rc = find_child_of_parent (doc, src_node->children, dst_node);
2303 if (rc)
2304 goto fail;
2305
2306 /* The destination element is a parent of the source element. */
2307 rc = find_parent_of_child (doc, src_node->parent, dst_node);
2308 if (rc)
2309 goto fail;
2310
2311 /* A destination child element contains a target to the source element. */
2312 rc = find_child_to_target (client, doc, dst_node->children, src_node,
2313 dst_node, 0, 0);
2314 if (rc)
2315 goto fail;
2316
2317 fail:
2318 strv_free (src_req);
2319 return rc;
2320 }
2321
2322 /* The owner of the element is the first user listed in the _acl attribute
2323 * list. acl_check() should be called before calling this function. An empty
2324 * ACL is an error if the client is not invoking_user.
2325 */
2326 gpg_error_t
2327 is_element_owner (struct client_s *client, xmlNodePtr n)
2328 {
2329 xmlChar *acl = node_has_attribute (n, (xmlChar *) "_acl");
2330 char **users;
2331 gpg_error_t rc = GPG_ERR_EACCES;
2332
2333 if (!acl || !*acl)
2334 {
2335 xmlFree (acl);
2336 return peer_is_invoker (client);
2337 }
2338
2339 users = str_split((char *)acl, ",", 0);
2340 if (users && *users)
2341 {
2342 char *user;
2343
2344 #ifdef WITH_GNUTLS
2345 if (client->thd->remote)
2346 user = str_asprintf ("#%s", client->thd->tls->fp);
2347 else
2348 user = get_username (client->thd->peer->uid);
2349 #else
2350 user = get_username (client->thd->peer->uid);
2351 #endif
2352
2353 if (*user == '#')
2354 rc = !strcasecmp (*users, user) ? 0 : GPG_ERR_EACCES;
2355 else
2356 rc = !strcmp (*users, user) ? 0 : GPG_ERR_EACCES;
2357
2358 if (rc)
2359 rc = peer_is_invoker (client);
2360
2361 xfree (user);
2362 }
2363
2364 strv_free (users);
2365 return rc;
2366 }
A server for managing passphrases and anything else.