lib/libposix1e/acl_from_text.c

*86d7f5d3SJohn Marino/*-
*86d7f5d3SJohn Marino * Copyright (c) 1999 Robert N. M. Watson
*86d7f5d3SJohn Marino * All rights reserved.
*86d7f5d3SJohn Marino *
*86d7f5d3SJohn Marino * Redistribution and use in source and binary forms, with or without
*86d7f5d3SJohn Marino * modification, are permitted provided that the following conditions
*86d7f5d3SJohn Marino * are met:
*86d7f5d3SJohn Marino * 1. Redistributions of source code must retain the above copyright
*86d7f5d3SJohn Marino *    notice, this list of conditions and the following disclaimer.
*86d7f5d3SJohn Marino * 2. Redistributions in binary form must reproduce the above copyright
*86d7f5d3SJohn Marino *    notice, this list of conditions and the following disclaimer in the
*86d7f5d3SJohn Marino *    documentation and/or other materials provided with the distribution.
*86d7f5d3SJohn Marino *
*86d7f5d3SJohn Marino * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
*86d7f5d3SJohn Marino * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
*86d7f5d3SJohn Marino * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
*86d7f5d3SJohn Marino * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
*86d7f5d3SJohn Marino * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
*86d7f5d3SJohn Marino * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
*86d7f5d3SJohn Marino * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
*86d7f5d3SJohn Marino * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
*86d7f5d3SJohn Marino * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
*86d7f5d3SJohn Marino * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
*86d7f5d3SJohn Marino * SUCH DAMAGE.
*86d7f5d3SJohn Marino *
*86d7f5d3SJohn Marino *$FreeBSD: src/lib/libposix1e/acl_from_text.c,v 1.1 2000/01/15 19:44:24 rwatson Exp $
*86d7f5d3SJohn Marino *$DragonFly: src/lib/libposix1e/acl_from_text.c,v 1.3 2005/08/04 17:27:09 drhodus Exp $
*86d7f5d3SJohn Marino */
*86d7f5d3SJohn Marino/*
*86d7f5d3SJohn Marino * acl_from_text: convert a text-form ACL from a string to an acl_t
*86d7f5d3SJohn Marino */
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino#include <sys/types.h>
*86d7f5d3SJohn Marino#include <sys/acl.h>
*86d7f5d3SJohn Marino#include <sys/errno.h>
*86d7f5d3SJohn Marino#include <stdio.h>
*86d7f5d3SJohn Marino#include <stdlib.h>
*86d7f5d3SJohn Marino#include <string.h>
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino#include "acl_support.h"
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marinoenum PARSE_MODE {
*86d7f5d3SJohn Marino	PM_BASE,		/* initial, begin line, or after , */
*86d7f5d3SJohn Marino	PM_QUALIFIER,		/* in qualifier field */
*86d7f5d3SJohn Marino	PM_PERM,		/* in permission field */
*86d7f5d3SJohn Marino	PM_COMMENT,		/* in comment */
*86d7f5d3SJohn Marino};
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marinostatic char *
*86d7f5d3SJohn Marinostring_skip_whitespace(char *string)
*86d7f5d3SJohn Marino{
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino	while (*string && ((*string == ' ') || (*string == '\t'))) {
*86d7f5d3SJohn Marino		string++;
*86d7f5d3SJohn Marino	}
*86d7f5d3SJohn Marino	return (string);
*86d7f5d3SJohn Marino}
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marinostatic void
*86d7f5d3SJohn Marinostring_trim_trailing_whitespace(char *string)
*86d7f5d3SJohn Marino{
*86d7f5d3SJohn Marino	char	*end;
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino	if (*string == '\0')
*86d7f5d3SJohn Marino		return;
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino	end = string + strlen(string) - 1;
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino	while (end != string) {
*86d7f5d3SJohn Marino		if ((*end == ' ') || (*end == '\t')) {
*86d7f5d3SJohn Marino			*end = '\0';
*86d7f5d3SJohn Marino			end--;
*86d7f5d3SJohn Marino		} else {
*86d7f5d3SJohn Marino			return;
*86d7f5d3SJohn Marino		}
*86d7f5d3SJohn Marino	}
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino	return;
*86d7f5d3SJohn Marino}
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marinoacl_tag_t
*86d7f5d3SJohn Marinoacl_string_to_tag(char *tag, char *qualifier)
*86d7f5d3SJohn Marino{
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino	if (*qualifier == '\0') {
*86d7f5d3SJohn Marino		if ((!strcmp(tag, "user")) || (!strcmp(tag, "u"))) {
*86d7f5d3SJohn Marino			return (ACL_USER_OBJ);
*86d7f5d3SJohn Marino		} else
*86d7f5d3SJohn Marino		if ((!strcmp(tag, "group")) || (!strcmp(tag, "g"))) {
*86d7f5d3SJohn Marino			return (ACL_GROUP_OBJ);
*86d7f5d3SJohn Marino		} else
*86d7f5d3SJohn Marino		if ((!strcmp(tag, "mask")) || (!strcmp(tag, "m"))) {
*86d7f5d3SJohn Marino			return (ACL_MASK);
*86d7f5d3SJohn Marino		} else
*86d7f5d3SJohn Marino		if ((!strcmp(tag, "other")) || (!strcmp(tag, "o"))) {
*86d7f5d3SJohn Marino			return (ACL_OTHER);
*86d7f5d3SJohn Marino		} else
*86d7f5d3SJohn Marino			return(-1);
*86d7f5d3SJohn Marino	} else {
*86d7f5d3SJohn Marino		if ((!strcmp(tag, "user")) || (!strcmp(tag, "u"))) {
*86d7f5d3SJohn Marino			return(ACL_USER);
*86d7f5d3SJohn Marino		} else
*86d7f5d3SJohn Marino		if ((!strcmp(tag, "group")) || (!strcmp(tag, "g"))) {
*86d7f5d3SJohn Marino			return(ACL_GROUP);
*86d7f5d3SJohn Marino		} else
*86d7f5d3SJohn Marino			return(-1);
*86d7f5d3SJohn Marino	}
*86d7f5d3SJohn Marino}
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino/*
*86d7f5d3SJohn Marino * acl_from_text -- convert a string into an ACL
*86d7f5d3SJohn Marino * postpone most validity checking until the end and cal acl_valid to do
*86d7f5d3SJohn Marino * that.
*86d7f5d3SJohn Marino */
*86d7f5d3SJohn Marinoacl_t
*86d7f5d3SJohn Marinoacl_from_text(const char *buf_p)
*86d7f5d3SJohn Marino{
*86d7f5d3SJohn Marino	acl_tag_t	t;
*86d7f5d3SJohn Marino	acl_perm_t	p;
*86d7f5d3SJohn Marino	acl_t	acl;
*86d7f5d3SJohn Marino	uid_t	id;
*86d7f5d3SJohn Marino	char	*mybuf_p, *line, *cur, *notcomment, *comment, *entry;
*86d7f5d3SJohn Marino	char	*tag, *qualifier, *permission;
*86d7f5d3SJohn Marino	int	error;
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino	/* local copy we can mess up */
*86d7f5d3SJohn Marino	mybuf_p = strdup(buf_p);
*86d7f5d3SJohn Marino	if (!mybuf_p) {
*86d7f5d3SJohn Marino		errno = ENOMEM;
*86d7f5d3SJohn Marino		return(0);
*86d7f5d3SJohn Marino	}
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino	acl = acl_init(3);
*86d7f5d3SJohn Marino	if (!acl) {
*86d7f5d3SJohn Marino		free(mybuf_p);
*86d7f5d3SJohn Marino		errno = ENOMEM;
*86d7f5d3SJohn Marino		return(0);
*86d7f5d3SJohn Marino	}
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino	/* outer loop: delimit at \n boundaries */
*86d7f5d3SJohn Marino	cur = mybuf_p;
*86d7f5d3SJohn Marino	while ((line = strsep(&cur, "\n"))) {
*86d7f5d3SJohn Marino		/* now split the line on the first # to strip out comments */
*86d7f5d3SJohn Marino		comment = line;
*86d7f5d3SJohn Marino		notcomment = strsep(&comment, "#");
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino		/* inner loop: delimit at , boundaries */
*86d7f5d3SJohn Marino		while ((entry = strsep(&notcomment, ","))) {
*86d7f5d3SJohn Marino			/* now split into three :-delimited fields */
*86d7f5d3SJohn Marino			tag = strsep(&entry, ":");
*86d7f5d3SJohn Marino			if (!tag) {
*86d7f5d3SJohn Marino				/* printf("no tag\n"); */
*86d7f5d3SJohn Marino				errno = EINVAL;
*86d7f5d3SJohn Marino				goto error_label;
*86d7f5d3SJohn Marino			}
*86d7f5d3SJohn Marino			tag = string_skip_whitespace(tag);
*86d7f5d3SJohn Marino			if ((*tag == '\0') && (!entry)) {
*86d7f5d3SJohn Marino				/*
*86d7f5d3SJohn Marino				 * is an entirely comment line, skip to next
*86d7f5d3SJohn Marino				 * comma
*86d7f5d3SJohn Marino				 */
*86d7f5d3SJohn Marino				continue;
*86d7f5d3SJohn Marino			}
*86d7f5d3SJohn Marino			string_trim_trailing_whitespace(tag);
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino			qualifier = strsep(&entry, ":");
*86d7f5d3SJohn Marino			if (!qualifier) {
*86d7f5d3SJohn Marino				/* printf("no qualifier\n"); */
*86d7f5d3SJohn Marino				errno = EINVAL;
*86d7f5d3SJohn Marino				goto error_label;
*86d7f5d3SJohn Marino			}
*86d7f5d3SJohn Marino			qualifier = string_skip_whitespace(qualifier);
*86d7f5d3SJohn Marino			string_trim_trailing_whitespace(qualifier);
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino			permission = strsep(&entry, ":");
*86d7f5d3SJohn Marino			if ((!permission) || (entry)) {
*86d7f5d3SJohn Marino				/* printf("no permission, or more stuff\n"); */
*86d7f5d3SJohn Marino				errno = EINVAL;
*86d7f5d3SJohn Marino				goto error_label;
*86d7f5d3SJohn Marino			}
*86d7f5d3SJohn Marino			permission = string_skip_whitespace(permission);
*86d7f5d3SJohn Marino			string_trim_trailing_whitespace(permission);
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino			/* printf("[%s/%s/%s]\n", tag, qualifier,
*86d7f5d3SJohn Marino			    permission); */
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino			t = acl_string_to_tag(tag, qualifier);
*86d7f5d3SJohn Marino			if (t == -1) {
*86d7f5d3SJohn Marino				errno = EINVAL;
*86d7f5d3SJohn Marino				goto error_label;
*86d7f5d3SJohn Marino			}
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino			error = acl_string_to_perm(permission, &p);
*86d7f5d3SJohn Marino			if (error == -1) {
*86d7f5d3SJohn Marino				errno = EINVAL;
*86d7f5d3SJohn Marino				goto error_label;
*86d7f5d3SJohn Marino			}
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino			switch(t) {
*86d7f5d3SJohn Marino			case ACL_USER_OBJ:
*86d7f5d3SJohn Marino			case ACL_GROUP_OBJ:
*86d7f5d3SJohn Marino			case ACL_MASK:
*86d7f5d3SJohn Marino			case ACL_OTHER:
*86d7f5d3SJohn Marino				if (*qualifier != '\0') {
*86d7f5d3SJohn Marino					errno = EINVAL;
*86d7f5d3SJohn Marino					goto error_label;
*86d7f5d3SJohn Marino				}
*86d7f5d3SJohn Marino				id = 0;
*86d7f5d3SJohn Marino				break;
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino			case ACL_USER:
*86d7f5d3SJohn Marino			case ACL_GROUP:
*86d7f5d3SJohn Marino				error = acl_name_to_id(t, qualifier, &id);
*86d7f5d3SJohn Marino				if (error == -1)
*86d7f5d3SJohn Marino					goto error_label;
*86d7f5d3SJohn Marino				break;
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino			default:
*86d7f5d3SJohn Marino				errno = EINVAL;
*86d7f5d3SJohn Marino				goto error_label;
*86d7f5d3SJohn Marino			}
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino			error = acl_add_entry(acl, t, id, p);
*86d7f5d3SJohn Marino			if (error == -1)
*86d7f5d3SJohn Marino				goto error_label;
*86d7f5d3SJohn Marino		}
*86d7f5d3SJohn Marino	}
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino#if 0
*86d7f5d3SJohn Marino	/* XXX should we only return ACLs valid according to acl_valid? */
*86d7f5d3SJohn Marino	/* verify validity of the ACL we read in */
*86d7f5d3SJohn Marino	if (acl_valid(acl) == -1) {
*86d7f5d3SJohn Marino		errno = EINVAL;
*86d7f5d3SJohn Marino		goto error_label;
*86d7f5d3SJohn Marino	}
*86d7f5d3SJohn Marino#endif
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino	return(acl);
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marinoerror_label:
*86d7f5d3SJohn Marino	acl_free(acl);
*86d7f5d3SJohn Marino	free(mybuf_p);
*86d7f5d3SJohn Marino	return(0);
*86d7f5d3SJohn Marino}
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino
*86d7f5d3SJohn Marino