Change Solaris ACL support to use acl() and facl()
This removes dependency on libsec and enables compilation on Solaris 10.
diff --git a/CMakeLists.txt b/CMakeLists.txt
index dbbf797..be4be67 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1628,19 +1628,16 @@
int main(void) { return ACL_TYPE_EXTENDED; }" HAVE_ACL_TYPE_EXTENDED)
# Solaris and derivates ACLs
- CHECK_LIBRARY_EXISTS(sec "acl_get" "" HAVE_LIBSEC)
- IF(HAVE_LIBSEC)
- SET(CMAKE_REQUIRED_LIBRARIES "sec")
- FIND_LIBRARY(SEC_LIBRARY NAMES sec)
- LIST(APPEND ADDITIONAL_LIBS ${SEC_LIBRARY})
- ENDIF(HAVE_LIBSEC)
- #
CHECK_TYPE_EXISTS(aclent_t "${INCLUDES}" HAVE_ACLENT_T)
CHECK_TYPE_EXISTS(ace_t "${INCLUDES}" HAVE_ACE_T)
- CHECK_FUNCTION_EXISTS(acl_get HAVE_FACL_GET)
- CHECK_FUNCTION_EXISTS(facl_get HAVE_FACL_GET)
- CHECK_FUNCTION_EXISTS(acl_set HAVE_FACL_SET)
- CHECK_FUNCTION_EXISTS(facl_set HAVE_FACL_SET)
+ CHECK_FUNCTION_EXISTS(acl HAVE_ACL)
+ CHECK_FUNCTION_EXISTS(facl HAVE_FACL)
+ CHECK_SYMBOL_EXISTS(GETACL "${INCLUDES}" HAVE_DECL_GETACL)
+ CHECK_SYMBOL_EXISTS(GETACLCNT "${INCLUDES}" HAVE_DECL_GETACLCNT)
+ CHECK_SYMBOL_EXISTS(SETACL "${INCLUDES}" HAVE_DECL_SETACL)
+ CHECK_SYMBOL_EXISTS(ACE_GETACL "${INCLUDES}" HAVE_DECL_ACE_GETACL)
+ CHECK_SYMBOL_EXISTS(ACE_GETACLCNT "${INCLUDES}" HAVE_DECL_ACE_GETACLCNT)
+ CHECK_SYMBOL_EXISTS(ACE_SETACL "${INCLUDES}" HAVE_DECL_ACE_SETACL)
ELSE(ENABLE_ACL)
# If someone runs cmake, then disables ACL support, we need
# to forcibly override the cached values for these.
@@ -1658,12 +1655,10 @@
SET(HAVE_ACL_TYPE_NFS4 FALSE)
SET(HAVE_ACL_USER FALSE)
SET(HAVE_ACL_TYPE_EXTENDED FALSE)
- SET(HAVE_ACL_GET FALSE)
SET(HAVE_ACLENT_T FALSE)
SET(HAVE_ACE_T FALSE)
- SET(HAVE_FACL_GET FALSE)
- SET(HAVE_ACL_SET FALSE)
- SET(HAVE_FACL_SET FALSE)
+ SET(HAVE_FACL FALSE)
+ SET(HAVE_ACL FALSE)
ENDIF(ENABLE_ACL)
#
diff --git a/build/cmake/config.h.in b/build/cmake/config.h.in
index 923a78e..a246282 100644
--- a/build/cmake/config.h.in
+++ b/build/cmake/config.h.in
@@ -371,6 +371,18 @@
/* Define to 1 if you have the `cygwin_conv_path' function. */
#cmakedefine HAVE_CYGWIN_CONV_PATH 1
+/* Define to 1 if you have the declaration of `ACE_GETACL', and to 0 if you
+ don't. */
+#cmakedefine HAVE_DECL_ACE_GETACL 1
+
+/* Define to 1 if you have the declaration of `ACE_GETACLCNT', and to 0 if you
+ don't. */
+#cmakedefine HAVE_DECL_ACE_GETACLCNT 1
+
+/* Define to 1 if you have the declaration of `ACE_SETACL', and to 0 if you
+ don't. */
+#cmakedefine HAVE_DECL_ACE_SETACL 1
+
/* Define to 1 if you have the declaration of `INT32_MAX', and to 0 if you
don't. */
#cmakedefine HAVE_DECL_INT32_MAX 1
@@ -395,6 +407,10 @@
don't. */
#cmakedefine HAVE_DECL_INTMAX_MIN 1
+/* Define to 1 if you have the declaration of `SETACL', and to 0 if you don't.
+ */
+#cmakedefine HAVE_DECL_SETACL 1
+
/* Define to 1 if you have the declaration of `SIZE_MAX', and to 0 if you
don't. */
#cmakedefine HAVE_DECL_SIZE_MAX 1
@@ -468,6 +484,14 @@
/* Define to 1 if EXTATTR_NAMESPACE_USER is defined in sys/extattr.h. */
#cmakedefine HAVE_DECL_EXTATTR_NAMESPACE_USER 1
+/* Define to 1 if you have the declaration of `GETACL', and to 0 if you don't.
+ */
+#cmakedefine HAVE_DECL_GETACL 1
+
+/* Define to 1 if you have the declaration of `GETACLCNT', and to 0 if you
+ don't. */
+#cmakedefine HAVE_DECL_GETACLCNT 1
+
/* Define to 1 if you have the `fchdir' function. */
#cmakedefine HAVE_FCHDIR 1
diff --git a/configure.ac b/configure.ac
index 8577cad..af7226f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -758,10 +758,11 @@
#include <sys/acl.h>])
# Solaris and derivates ACLs
- AC_CHECK_LIB([sec], [acl_get])
AC_CHECK_TYPES([aclent_t], [], [], [[#include <sys/acl.h>]])
AC_CHECK_TYPES([ace_t], [], [], [[#include <sys/acl.h>]])
- AC_CHECK_FUNCS(acl_get facl_get acl_set facl_set)
+ AC_CHECK_FUNCS(acl facl)
+ AC_CHECK_DECLS([GETACL, SETACL, GETACLCNT], [], [], [#include <sys/acl.h>])
+ AC_CHECK_DECLS([ACE_GETACL, ACE_SETACL, ACE_GETACLCNT], [], [], [#include <sys/acl.h>])
fi
# Additional requirements
diff --git a/libarchive/archive_platform.h b/libarchive/archive_platform.h
index c9a9602..9a5c7c7 100644
--- a/libarchive/archive_platform.h
+++ b/libarchive/archive_platform.h
@@ -156,15 +156,20 @@
#endif
/*
- * If this platform has <sys/acl.h>, acl_get(), facl_get(), acl_set(),
+ * If this platform has <sys/acl.h>, acl(), facl() and ACLENT_T
* facl_set() and types aclent_t and ace_t it uses Solaris-style ACL functions
*/
-#if HAVE_SYS_ACL_H && HAVE_ACL_GET && HAVE_FACL_GET && HAVE_ACL_SET && HAVE_FACL_SET && HAVE_ACLENT_T && HAVE_ACE_T
+#if HAVE_SYS_ACL_H && HAVE_ACL && HAVE_FACL && HAVE_ACLENT_T && \
+ HAVE_DECL_GETACL && HAVE_DECL_GETACLCNT && HAVE_DECL_SETACL
#define HAVE_SUN_ACL 1
+#if HAVE_ACE_T && HAVE_DECL_ACE_GETACL && HAVE_DECL_ACE_GETACLCNT && \
+ HAVE_DECL_ACE_SETACL
+#define HAVE_SUN_NFS4_ACL 1
+#endif
#endif
/* Define if platform supports NFSv4 ACLs */
-#if (HAVE_POSIX_ACL && HAVE_ACL_TYPE_NFS4) || HAVE_SUN_ACL || HAVE_DARWIN_ACL
+#if (HAVE_POSIX_ACL && HAVE_ACL_TYPE_NFS4) || HAVE_SUN_NFS4_ACL || HAVE_DARWIN_ACL
#define HAVE_NFS4_ACL 1
#endif
diff --git a/libarchive/archive_read_disk_entry_from_file.c b/libarchive/archive_read_disk_entry_from_file.c
index 4e1de0e..61710df 100644
--- a/libarchive/archive_read_disk_entry_from_file.c
+++ b/libarchive/archive_read_disk_entry_from_file.c
@@ -124,9 +124,7 @@
#endif
/* NFSv4 platform ACL type */
-#if HAVE_SUN_ACL
-#define ARCHIVE_PLATFORM_ACL_TYPE_NFS4 ACE_T
-#elif HAVE_DARWIN_ACL
+#if HAVE_DARWIN_ACL
#define ARCHIVE_PLATFORM_ACL_TYPE_NFS4 ACL_TYPE_EXTENDED
#elif HAVE_ACL_TYPE_NFS4
#define ARCHIVE_PLATFORM_ACL_TYPE_NFS4 ACL_TYPE_NFS4
@@ -435,14 +433,71 @@
#if HAVE_SUN_ACL
static int
-sun_acl_is_trivial(acl_t *, mode_t, int *trivialp);
+sun_acl_is_trivial(void *, int, mode_t, int, int, int *);
+
+static void *
+sunacl_get(int cmd, int *aclcnt, int fd, const char *path)
+{
+ int cnt, cntcmd;
+ size_t size;
+ void *aclp;
+
+ if (cmd == GETACL) {
+ cntcmd = GETACLCNT;
+ size = sizeof(aclent_t);
+ }
+#if HAVE_SUN_NFS4_ACL
+ else if (cmd == ACE_GETACL) {
+ cntcmd = ACE_GETACLCNT;
+ size = sizeof(ace_t);
+ }
#endif
+ else {
+ errno = EINVAL;
+ *aclcnt = -1;
+ return (NULL);
+ }
+
+ aclp = NULL;
+ cnt = -2;
+
+ while (cnt == -2 || (cnt == -1 && errno == ENOSPC)) {
+ if (path != NULL)
+ cnt = acl(path, cntcmd, 0, NULL);
+ else
+ cnt = facl(fd, cntcmd, 0, NULL);
+
+ if (cnt > 0) {
+ if (aclp == NULL)
+ aclp = malloc(cnt * size);
+ else
+ aclp = realloc(NULL, cnt * size);
+ if (aclp != NULL) {
+ if (path != NULL)
+ cnt = acl(path, cmd, cnt, aclp);
+ else
+ cnt = facl(fd, cmd, cnt, aclp);
+ }
+ } else {
+ if (aclp != NULL) {
+ free(aclp);
+ aclp = NULL;
+ }
+ break;
+ }
+ }
+
+ *aclcnt = cnt;
+ return (aclp);
+}
+#endif /* HAVE_SUN_ACL */
#if HAVE_POSIX_ACL || HAVE_NFS4_ACL
static int translate_acl(struct archive_read_disk *a,
struct archive_entry *entry,
#if HAVE_SUN_ACL
- acl_t *acl,
+ void *acl,
+ int aclcnt,
#else
acl_t acl,
#endif
@@ -454,7 +509,8 @@
{
const char *accpath;
#if HAVE_SUN_ACL
- acl_t *acl;
+ void *acl;
+ int aclcnt;
#else
acl_t acl;
#endif
@@ -497,8 +553,7 @@
/* Try NFSv4 ACL first. */
if (*fd >= 0)
#if HAVE_SUN_ACL
- /* Solaris reads both POSIX.1e and NFSv4 ACL here */
- facl_get(*fd, 0, &acl);
+ acl = sunacl_get(ACE_GETACL, &aclcnt, *fd, NULL);
#elif HAVE_ACL_GET_FD_NP
acl = acl_get_fd_np(*fd, ARCHIVE_PLATFORM_ACL_TYPE_NFS4);
#else
@@ -517,7 +572,7 @@
else
#if HAVE_SUN_ACL
/* Solaris reads both POSIX.1e and NFSv4 ACLs here */
- acl_get(accpath, 0, &acl);
+ acl = sunacl_get(ACE_GETACL, &aclcnt, 0, accpath);
#else
acl = acl_get_file(accpath, ARCHIVE_PLATFORM_ACL_TYPE_NFS4);
#endif
@@ -527,13 +582,17 @@
/* Ignore "trivial" ACLs that just mirror the file mode. */
if (acl != NULL) {
#if HAVE_SUN_ACL
- if (sun_acl_is_trivial(acl, archive_entry_mode(entry),
- &r) == 0 && r == 1)
+ if (sun_acl_is_trivial(acl, aclcnt, archive_entry_mode(entry),
+ 1, S_ISDIR(archive_entry_mode(entry)), &r) == 0 && r == 1)
#elif HAVE_ACL_IS_TRIVIAL_NP
if (acl_is_trivial_np(acl, &r) == 0 && r == 1)
#endif
{
+#if HAVE_SUN_ACL
+ free(acl);
+#else
acl_free(acl);
+#endif
acl = NULL;
/*
* Simultaneous NFSv4 and POSIX.1e ACLs for the same
@@ -544,15 +603,19 @@
}
#endif /* HAVE_ACL_IS_TRIVIAL_NP || HAVE_SUN_ACL */
if (acl != NULL) {
- r = translate_acl(a, entry, acl, ARCHIVE_ENTRY_ACL_TYPE_NFS4);
+ r = translate_acl(a, entry, acl,
+#if HAVE_SUN_ACL
+ aclcnt,
+#endif
+ ARCHIVE_ENTRY_ACL_TYPE_NFS4);
+#if HAVE_SUN_ACL
+ free(acl);
+#else
acl_free(acl);
+#endif
if (r != ARCHIVE_OK) {
archive_set_error(&a->archive, errno,
- "Couldn't translate "
-#if !HAVE_SUN_ACL
- "NFSv4 "
-#endif
- "ACLs");
+ "Couldn't translate NFSv4 ACLs");
}
#if HAVE_DARWIN_ACL
/*
@@ -569,12 +632,16 @@
}
#endif /* HAVE_NFS4_ACL */
-#if HAVE_POSIX_ACL
- /* This code path is skipped on MacOS and Solaris */
+#if HAVE_POSIX_ACL || HAVE_SUN_ACL
+ /* This code path is skipped on MacOS */
/* Retrieve access ACL from file. */
if (*fd >= 0)
+#if HAVE_SUN_ACL
+ acl = sunacl_get(GETACL, &aclcnt, *fd, NULL);
+#else
acl = acl_get_fd(*fd);
+#endif
#if HAVE_ACL_GET_LINK_NP
else if (!a->follow_symlinks)
acl = acl_get_link_np(accpath, ACL_TYPE_ACCESS);
@@ -586,21 +653,46 @@
acl = NULL;
#endif
else
+#if HAVE_SUN_ACL
+ acl = sunacl_get(GETACL, &aclcnt, 0, accpath);
+#else
acl = acl_get_file(accpath, ACL_TYPE_ACCESS);
+#endif
-#if HAVE_ACL_IS_TRIVIAL_NP
+
+#if HAVE_ACL_IS_TRIVIAL_NP || HAVE_SUN_ACL
/* Ignore "trivial" ACLs that just mirror the file mode. */
- if (acl != NULL && acl_is_trivial_np(acl, &r) == 0) {
- if (r) {
- acl_free(acl);
- acl = NULL;
+ if (acl != NULL) {
+#if HAVE_SUN_ACL
+ if (sun_acl_is_trivial(acl, aclcnt, archive_entry_mode(entry),
+ 0, S_ISDIR(archive_entry_mode(entry)), &r) == 0 && r == 1)
+#else
+ if (acl_is_trivial_np(acl, &r) == 0)
+#endif
+ {
+ if (r) {
+#if HAVE_SUN_ACL
+ free(acl);
+#else
+ acl_free(acl);
+#endif
+ acl = NULL;
+ }
}
}
#endif
if (acl != NULL) {
- r = translate_acl(a, entry, acl, ARCHIVE_ENTRY_ACL_TYPE_ACCESS);
+ r = translate_acl(a, entry, acl,
+#if HAVE_SUN_ACL
+ aclcnt,
+#endif
+ ARCHIVE_ENTRY_ACL_TYPE_ACCESS);
+#if HAVE_SUN_ACL
+ free(acl);
+#else
acl_free(acl);
+#endif
acl = NULL;
if (r != ARCHIVE_OK) {
archive_set_error(&a->archive, errno,
@@ -609,6 +701,7 @@
}
}
+#if !HAVE_SUN_ACL
/* Only directories can have default ACLs. */
if (S_ISDIR(archive_entry_mode(entry))) {
#if HAVE_ACL_GET_FD_NP
@@ -628,7 +721,8 @@
}
}
}
-#endif /* HAVE_POSIX_ACL */
+#endif /* !HAVE_SUN_ACL */
+#endif /* HAVE_POSIX_ACL || HAVE_SUN_ACL */
return (ARCHIVE_OK);
}
@@ -710,14 +804,16 @@
const int archive_inherit;
const int platform_inherit;
} acl_inherit_map[] = {
-#if HAVE_SUN_ACL /* Solaris ACL inheritance flags */
+#if HAVE_SUN_NFS4_ACL /* Solaris ACL inheritance flags */
{ARCHIVE_ENTRY_ACL_ENTRY_FILE_INHERIT, ACE_FILE_INHERIT_ACE},
{ARCHIVE_ENTRY_ACL_ENTRY_DIRECTORY_INHERIT, ACE_DIRECTORY_INHERIT_ACE},
{ARCHIVE_ENTRY_ACL_ENTRY_NO_PROPAGATE_INHERIT, ACE_NO_PROPAGATE_INHERIT_ACE},
{ARCHIVE_ENTRY_ACL_ENTRY_INHERIT_ONLY, ACE_INHERIT_ONLY_ACE},
{ARCHIVE_ENTRY_ACL_ENTRY_SUCCESSFUL_ACCESS, ACE_SUCCESSFUL_ACCESS_ACE_FLAG},
{ARCHIVE_ENTRY_ACL_ENTRY_FAILED_ACCESS, ACE_FAILED_ACCESS_ACE_FLAG},
+#ifdef ACE_INHERITED_ACE
{ARCHIVE_ENTRY_ACL_ENTRY_INHERITED, ACE_INHERITED_ACE}
+#endif
#elif HAVE_DARWIN_ACL /* MacOS NFSv4 inheritance flags */
{ARCHIVE_ENTRY_ACL_ENTRY_INHERITED, ACL_ENTRY_INHERITED},
{ARCHIVE_ENTRY_ACL_ENTRY_FILE_INHERIT, ACL_ENTRY_FILE_INHERIT},
@@ -732,7 +828,7 @@
{ARCHIVE_ENTRY_ACL_ENTRY_SUCCESSFUL_ACCESS, ACL_ENTRY_SUCCESSFUL_ACCESS},
{ARCHIVE_ENTRY_ACL_ENTRY_FAILED_ACCESS, ACL_ENTRY_FAILED_ACCESS},
{ARCHIVE_ENTRY_ACL_ENTRY_INHERITED, ACL_ENTRY_INHERITED}
-#endif /* !HAVE_SUN_ACL && !HAVE_DARWIN_ACL */
+#endif /* !HAVE_SUN_NFS4_ACL && !HAVE_DARWIN_ACL */
};
#endif /* HAVE_NFS4_ACL */
@@ -875,9 +971,11 @@
* This is a FreeBSD acl_is_trivial_np() implementation for Solaris
*/
static int
-sun_acl_is_trivial(acl_t *acl, mode_t mode, int *trivialp)
+sun_acl_is_trivial(void *aclp, int aclcnt, mode_t mode, int is_nfs4,
+ int is_dir, int *trivialp)
{
int i, p;
+#if HAVE_SUN_NFS4_ACL
const uint32_t rperm = ACE_READ_DATA;
const uint32_t wperm = ACE_WRITE_DATA | ACE_APPEND_DATA;
const uint32_t eperm = ACE_EXECUTE;
@@ -888,30 +986,25 @@
ace_t *ace;
ace_t tace[6];
+#endif
- if (acl == NULL || trivialp == NULL)
+ if (aclp == NULL || trivialp == NULL)
return (-1);
*trivialp = 0;
- /* ACL_IS_TRIVIAL flag must be set for both POSIX.1e and NFSv4 ACLs */
- if ((acl->acl_flags & ACL_IS_TRIVIAL) == 0)
- return (0);
-
/*
* POSIX.1e ACLs marked with ACL_IS_TRIVIAL are compatible with
* FreeBSD acl_is_trivial_np(). On Solaris they have 4 entries,
* including mask.
*/
- if (acl->acl_type == ACLENT_T) {
- if (acl->acl_cnt == 4)
+ if (!is_nfs4) {
+ if (aclcnt == 4)
*trivialp = 1;
return (0);
}
- if (acl->acl_type != ACE_T || acl->acl_entry_size != sizeof(ace_t))
- return (-1);
-
+#if HAVE_SUN_NFS4_ACL
/*
* Continue with checking NFSv4 ACLs
*
@@ -996,13 +1089,13 @@
if (tace[i].a_access_mask != 0)
p++;
}
- if (acl->acl_cnt != p)
+ if (aclcnt != p)
return (0);
p = 0;
for (i = 0; i < 6; i++) {
if (tace[i].a_access_mask != 0) {
- ace = &((ace_t *)acl->acl_aclp)[p];
+ ace = &((ace_t *)aclp)[p];
/*
* Illumos added ACE_DELETE_CHILD to write perms for
* directories. We have to check against that, too.
@@ -1010,8 +1103,7 @@
if (ace->a_flags != tace[i].a_flags ||
ace->a_type != tace[i].a_type ||
(ace->a_access_mask != tace[i].a_access_mask &&
- ((acl->acl_flags & ACL_IS_DIR) == 0 ||
- (tace[i].a_access_mask & wperm) == 0 ||
+ (!is_dir || (tace[i].a_access_mask & wperm) == 0 ||
ace->a_access_mask !=
(tace[i].a_access_mask | ACE_DELETE_CHILD))))
return (0);
@@ -1020,6 +1112,9 @@
}
*trivialp = 1;
+#else /* !HAVE_SUN_NFS4_ACL */
+ (void)aclp; /* UNUSED */
+#endif /* !HAVE_SUN_NFS4_ACL */
return (0);
}
#endif /* HAVE_SUN_ACL */
@@ -1030,27 +1125,29 @@
*/
static int
translate_acl(struct archive_read_disk *a,
- struct archive_entry *entry, acl_t *acl, int default_entry_acl_type)
+ struct archive_entry *entry, void *aclp, int aclcnt,
+ int default_entry_acl_type)
{
int e, i;
int ae_id, ae_tag, ae_perm;
int entry_acl_type;
const char *ae_name;
aclent_t *aclent;
+#if HAVE_SUN_NFS4_ACL
ace_t *ace;
+#endif
- (void)default_entry_acl_type;
-
- if (acl->acl_cnt <= 0)
+ if (aclcnt <= 0)
return (ARCHIVE_OK);
- for (e = 0; e < acl->acl_cnt; e++) {
+ for (e = 0; e < aclcnt; e++) {
ae_name = NULL;
ae_tag = 0;
ae_perm = 0;
- if (acl->acl_type == ACE_T) {
- ace = &((ace_t *)acl->acl_aclp)[e];
+#if HAVE_SUN_NFS4_ACL
+ if (default_entry_acl_type == ARCHIVE_ENTRY_ACL_TYPE_NFS4) {
+ ace = &((ace_t *)aclp)[e];
ae_id = ace->a_who;
switch(ace->a_type) {
@@ -1102,8 +1199,10 @@
ae_perm |=
acl_perm_map[i].archive_perm;
}
- } else {
- aclent = &((aclent_t *)acl->acl_aclp)[e];
+ } else
+#endif /* HAVE_SUN_NFS4_ACL */
+ if (default_entry_acl_type == ARCHIVE_ENTRY_ACL_TYPE_ACCESS) {
+ aclent = &((aclent_t *)aclp)[e];
if ((aclent->a_type & ACL_DEFAULT) != 0)
entry_acl_type = ARCHIVE_ENTRY_ACL_TYPE_DEFAULT;
else
@@ -1150,7 +1249,8 @@
ae_perm |= ARCHIVE_ENTRY_ACL_WRITE;
if ((aclent->a_perm & 4) != 0)
ae_perm |= ARCHIVE_ENTRY_ACL_READ;
- } /* default_entry_acl_type != ARCHIVE_ENTRY_ACL_TYPE_NFS4 */
+ } else
+ return (ARCHIVE_WARN);
archive_entry_acl_add_entry(entry, entry_acl_type,
ae_perm, ae_tag, ae_id, ae_name);
diff --git a/libarchive/archive_write_disk_acl.c b/libarchive/archive_write_disk_acl.c
index 30727fb..c98eda0 100644
--- a/libarchive/archive_write_disk_acl.c
+++ b/libarchive/archive_write_disk_acl.c
@@ -61,9 +61,7 @@
#else /* HAVE_POSIX_ACL || HAVE_NFS4_ACL */
-#if HAVE_SUN_ACL
-#define ARCHIVE_PLATFORM_ACL_TYPE_NFS4 ACE_T
-#elif HAVE_DARWIN_ACL
+#if HAVE_DARWIN_ACL
#define ARCHIVE_PLATFORM_ACL_TYPE_NFS4 ACL_TYPE_EXTENDED
#elif HAVE_ACL_TYPE_NFS4
#define ARCHIVE_PLATFORM_ACL_TYPE_NFS4 ACL_TYPE_NFS4
@@ -71,7 +69,10 @@
static int set_acl(struct archive *, int fd, const char *,
struct archive_acl *,
- acl_type_t, int archive_entry_acl_type, const char *tn);
+#if !HAVE_SUN_ACL
+ acl_type_t,
+#endif
+ int archive_entry_acl_type, const char *tn);
int
archive_write_disk_set_acls(struct archive *a, int fd, const char *name,
@@ -84,7 +85,7 @@
& ARCHIVE_ENTRY_ACL_TYPE_POSIX1E) != 0) {
#if HAVE_SUN_ACL
/* Solaris writes POSIX.1e access and default ACLs together */
- ret = set_acl(a, fd, name, abstract_acl, ACLENT_T,
+ ret = set_acl(a, fd, name, abstract_acl,
ARCHIVE_ENTRY_ACL_TYPE_POSIX1E, "posix1e");
#else /* HAVE_POSIX_ACL */
if ((archive_acl_types(abstract_acl)
@@ -109,13 +110,16 @@
if ((archive_acl_types(abstract_acl) &
ARCHIVE_ENTRY_ACL_TYPE_NFS4) != 0) {
ret = set_acl(a, fd, name, abstract_acl,
+#if !HAVE_SUN_ACL
ARCHIVE_PLATFORM_ACL_TYPE_NFS4,
+#endif
ARCHIVE_ENTRY_ACL_TYPE_NFS4, "nfs4");
}
#endif /* HAVE_NFS4_ACL */
return (ret);
}
+#if !HAVE_SUN_ACL || HAVE_SUN_NFS4_ACL
/*
* Translate system ACL permissions into libarchive internal structure
*/
@@ -123,7 +127,7 @@
const int archive_perm;
const int platform_perm;
} acl_perm_map[] = {
-#if HAVE_SUN_ACL /* Solaris NFSv4 ACL permissions */
+#if HAVE_SUN_NFS4_ACL /* Solaris NFSv4 ACL permissions */
{ARCHIVE_ENTRY_ACL_EXECUTE, ACE_EXECUTE},
{ARCHIVE_ENTRY_ACL_READ_DATA, ACE_READ_DATA},
{ARCHIVE_ENTRY_ACL_LIST_DIRECTORY, ACE_LIST_DIRECTORY},
@@ -185,6 +189,7 @@
#endif
#endif /* !HAVE_SUN_ACL && !HAVE_DARWIN_ACL */
};
+#endif /* !HAVE_SUN_ACL || HAVE_SUN_NFS4_ACL */
#if HAVE_NFS4_ACL
/*
@@ -194,14 +199,16 @@
const int archive_inherit;
const int platform_inherit;
} acl_inherit_map[] = {
-#if HAVE_SUN_ACL /* Solaris NFSv4 inheritance flags */
+#if HAVE_SUN_NFS4_ACL /* Solaris NFSv4 inheritance flags */
{ARCHIVE_ENTRY_ACL_ENTRY_FILE_INHERIT, ACE_FILE_INHERIT_ACE},
{ARCHIVE_ENTRY_ACL_ENTRY_DIRECTORY_INHERIT, ACE_DIRECTORY_INHERIT_ACE},
{ARCHIVE_ENTRY_ACL_ENTRY_NO_PROPAGATE_INHERIT, ACE_NO_PROPAGATE_INHERIT_ACE},
{ARCHIVE_ENTRY_ACL_ENTRY_INHERIT_ONLY, ACE_INHERIT_ONLY_ACE},
{ARCHIVE_ENTRY_ACL_ENTRY_SUCCESSFUL_ACCESS, ACE_SUCCESSFUL_ACCESS_ACE_FLAG},
{ARCHIVE_ENTRY_ACL_ENTRY_FAILED_ACCESS, ACE_FAILED_ACCESS_ACE_FLAG},
+#ifdef ACE_INHERITED_ACE
{ARCHIVE_ENTRY_ACL_ENTRY_INHERITED, ACE_INHERITED_ACE}
+#endif
#elif HAVE_DARWIN_ACL /* MacOS NFSv4 inheritance flags */
{ARCHIVE_ENTRY_ACL_ENTRY_INHERITED, ACL_ENTRY_INHERITED},
{ARCHIVE_ENTRY_ACL_ENTRY_FILE_INHERIT, ACL_ENTRY_FILE_INHERIT},
@@ -216,20 +223,25 @@
{ARCHIVE_ENTRY_ACL_ENTRY_SUCCESSFUL_ACCESS, ACL_ENTRY_SUCCESSFUL_ACCESS},
{ARCHIVE_ENTRY_ACL_ENTRY_FAILED_ACCESS, ACL_ENTRY_FAILED_ACCESS},
{ARCHIVE_ENTRY_ACL_ENTRY_INHERITED, ACL_ENTRY_INHERITED}
-#endif /* !HAVE_SUN_ACL && !HAVE_DARWIN_ACL */
+#endif /* !HAVE_SUN_NFS4_ACL && !HAVE_DARWIN_ACL */
};
#endif /* HAVE_NFS4_ACL */
static int
set_acl(struct archive *a, int fd, const char *name,
struct archive_acl *abstract_acl,
- acl_type_t acl_type, int ae_requested_type, const char *tname)
+#if !HAVE_SUN_ACL
+ acl_type_t acl_type,
+#endif
+ int ae_requested_type, const char *tname)
{
#if HAVE_SUN_ACL
aclent_t *aclent;
+#if HAVE_SUN_NFS4_ACL
ace_t *ace;
- int e, r;
- acl_t *acl;
+#endif
+ int cmd, e, r;
+ void *aclp;
#else
acl_t acl;
acl_entry_t acl_entry;
@@ -258,31 +270,26 @@
return (ARCHIVE_OK);
#if HAVE_SUN_ACL
- acl = NULL;
- acl = malloc(sizeof(acl_t));
- if (acl == NULL) {
- archive_set_error(a, ARCHIVE_ERRNO_MISC,
- "Invalid ACL type");
+ switch (ae_requested_type) {
+ case ARCHIVE_ENTRY_ACL_TYPE_POSIX1E:
+ cmd = SETACL;
+ aclp = malloc(entries * sizeof(aclent_t));
+ break;
+#if HAVE_SUN_NFS4_ACL
+ case ARCHIVE_ENTRY_ACL_TYPE_NFS4:
+ cmd = ACE_SETACL;
+ aclp = malloc(entries * sizeof(ace_t));
+ break;
+#endif
+ default:
+ errno = ENOENT;
+ archive_set_error(a, errno, "Invalid ACL type");
return (ARCHIVE_FAILED);
}
- if (acl_type == ACE_T)
- acl->acl_entry_size = sizeof(ace_t);
- else if (acl_type == ACLENT_T)
- acl->acl_entry_size = sizeof(aclent_t);
- else {
- archive_set_error(a, ARCHIVE_ERRNO_MISC,
- "Invalid ACL type");
- acl_free(acl);
- return (ARCHIVE_FAILED);
- }
- acl->acl_type = acl_type;
- acl->acl_cnt = entries;
- acl->acl_aclp = malloc(entries * acl->acl_entry_size);
- if (acl->acl_aclp == NULL) {
+ if (aclp == NULL) {
archive_set_error(a, errno,
"Can't allocate memory for acl buffer");
- acl_free(acl);
return (ARCHIVE_FAILED);
}
#else /* !HAVE_SUN_ACL */
@@ -299,19 +306,24 @@
while (archive_acl_next(a, abstract_acl, ae_requested_type, &ae_type,
&ae_permset, &ae_tag, &ae_id, &ae_name) == ARCHIVE_OK) {
#if HAVE_SUN_ACL
- ace = NULL;
aclent = NULL;
- if (acl->acl_type == ACE_T) {
- ace = &((ace_t *)acl->acl_aclp)[e];
- ace->a_who = -1;
- ace->a_access_mask = 0;
- ace->a_flags = 0;
- } else {
- aclent = &((aclent_t *)acl->acl_aclp)[e];
+#if HAVE_SUN_NFS4_ACL
+ ace = NULL;
+#endif
+ if (cmd == SETACL) {
+ aclent = &((aclent_t *)aclp)[e];
aclent->a_id = -1;
aclent->a_type = 0;
aclent->a_perm = 0;
}
+#if HAVE_SUN_NFS4_ACL
+ else { /* cmd == ACE_SETACL */
+ ace = &((ace_t *)aclp)[e];
+ ace->a_who = -1;
+ ace->a_access_mask = 0;
+ ace->a_flags = 0;
+ }
+#endif /* HAVE_SUN_NFS4_ACL */
#else /* !HAVE_SUN_ACL */
#if HAVE_DARWIN_ACL
/*
@@ -348,45 +360,63 @@
#if HAVE_SUN_ACL
case ARCHIVE_ENTRY_ACL_USER:
ae_uid = archive_write_disk_uid(a, ae_name, ae_id);
- if (acl->acl_type == ACE_T)
- ace->a_who = ae_uid;
- else {
+ if (aclent != NULL) {
aclent->a_id = ae_uid;
aclent->a_type |= USER;
}
+#if HAVE_SUN_NFS4_ACL
+ else {
+ ace->a_who = ae_uid;
+ }
+#endif
break;
case ARCHIVE_ENTRY_ACL_GROUP:
ae_gid = archive_write_disk_gid(a, ae_name, ae_id);
- if (acl->acl_type == ACE_T) {
- ace->a_who = ae_gid;
- ace->a_flags |= ACE_IDENTIFIER_GROUP;
- } else {
+ if (aclent != NULL) {
aclent->a_id = ae_gid;
aclent->a_type |= GROUP;
}
+#if HAVE_SUN_NFS4_ACL
+ else {
+ ace->a_who = ae_gid;
+ ace->a_flags |= ACE_IDENTIFIER_GROUP;
+ }
+#endif
break;
case ARCHIVE_ENTRY_ACL_USER_OBJ:
- if (acl->acl_type == ACE_T)
- ace->a_flags |= ACE_OWNER;
- else
+ if (aclent != NULL)
aclent->a_type |= USER_OBJ;
+#if HAVE_SUN_NFS4_ACL
+ else {
+ ace->a_flags |= ACE_OWNER;
+ }
+#endif
break;
case ARCHIVE_ENTRY_ACL_GROUP_OBJ:
- if (acl->acl_type == ACE_T) {
+ if (aclent != NULL)
+ aclent->a_type |= GROUP_OBJ;
+#if HAVE_SUN_NFS4_ACL
+ else {
ace->a_flags |= ACE_GROUP;
ace->a_flags |= ACE_IDENTIFIER_GROUP;
- } else
- aclent->a_type |= GROUP_OBJ;
+ }
+
+#endif
break;
case ARCHIVE_ENTRY_ACL_MASK:
- aclent->a_type |= CLASS_OBJ;
+ if (aclent != NULL)
+ aclent->a_type |= CLASS_OBJ;
break;
case ARCHIVE_ENTRY_ACL_OTHER:
- aclent->a_type |= OTHER_OBJ;
+ if (aclent != NULL)
+ aclent->a_type |= OTHER_OBJ;
break;
+#if HAVE_SUN_NFS4_ACL
case ARCHIVE_ENTRY_ACL_EVERYONE:
- ace->a_flags |= ACE_EVERYONE;
+ if (ace != NULL)
+ ace->a_flags |= ACE_EVERYONE;
break;
+#endif
#else /* !HAVE_SUN_ACL */
case ARCHIVE_ENTRY_ACL_USER:
ae_uid = archive_write_disk_uid(a, ae_name, ae_id);
@@ -445,6 +475,7 @@
r = 0;
switch (ae_type) {
#if HAVE_SUN_ACL
+#if HAVE_SUN_NFS4_ACL
case ARCHIVE_ENTRY_ACL_TYPE_ALLOW:
if (ace != NULL)
ace->a_type = ACE_ACCESS_ALLOWED_ACE_TYPE;
@@ -469,6 +500,7 @@
else
r = -1;
break;
+#endif
case ARCHIVE_ENTRY_ACL_TYPE_ACCESS:
if (aclent == NULL)
r = -1;
@@ -499,7 +531,7 @@
#endif /* !HAVE_SUN_ACL */
default:
archive_set_error(a, ARCHIVE_ERRNO_MISC,
- "Unknown ACL entry type");
+ "Unsupported ACL entry type");
ret = ARCHIVE_FAILED;
goto exit_free;
}
@@ -516,14 +548,17 @@
#endif /* HAVE_ACL_TYPE_NFS4 || HAVE_SUN_ACL */
#if HAVE_SUN_ACL
- if (acl->acl_type == ACLENT_T) {
+ if (aclent != NULL) {
if (ae_permset & ARCHIVE_ENTRY_ACL_EXECUTE)
aclent->a_perm |= 1;
if (ae_permset & ARCHIVE_ENTRY_ACL_WRITE)
aclent->a_perm |= 2;
if (ae_permset & ARCHIVE_ENTRY_ACL_READ)
aclent->a_perm |= 4;
- } else
+ }
+#if HAVE_SUN_NFS4_ACL
+ else /* falls through to for statement below, ace != NULL */
+#endif
#else
if (acl_get_permset(acl_entry, &acl_permset) != 0) {
archive_set_error(a, errno,
@@ -538,6 +573,7 @@
goto exit_free;
}
#endif /* !HAVE_SUN_ACL */
+#if HAVE_POSIX_ACL || HAVE_NFS4_ACL
for (i = 0; i < (int)(sizeof(acl_perm_map) / sizeof(acl_perm_map[0])); ++i) {
if (ae_permset & acl_perm_map[i].archive_perm) {
#if HAVE_SUN_ACL
@@ -554,10 +590,11 @@
#endif
}
}
+#endif /* HAVE_POSIX_ACL || HAVE_NFS4_ACL */
#if HAVE_NFS4_ACL
-#if HAVE_SUN_ACL
- if (acl_type == ACE_T)
+#if HAVE_SUN_NFS4_ACL
+ if (ace != NULL)
#elif HAVE_DARWIN_ACL
if (acl_type == ACL_TYPE_EXTENDED)
#else /* FreeBSD */
@@ -613,7 +650,7 @@
#endif
{
#if HAVE_SUN_ACL
- if (facl_set(fd, acl) == 0)
+ if (facl(fd, cmd, entries, aclp) == 0)
#elif HAVE_ACL_SET_FD_NP
if (acl_set_fd_np(fd, acl, acl_type) == 0)
#else /* !HAVE_SUN_ACL && !HAVE_ACL_SET_FD_NP */
@@ -632,7 +669,7 @@
} else
#endif /* HAVE_ACL_SET_FD_NP || HAVE_ACL_SET_FD || HAVE_SUN_ACL */
#if HAVE_SUN_ACL
- if (acl_set(name, acl) != 0)
+ if (acl(name, cmd, entries, aclp) != 0)
#elif HAVE_ACL_SET_LINK_NP
if (acl_set_link_np(name, acl_type, acl) != 0)
#else
@@ -650,7 +687,11 @@
}
}
exit_free:
+#if HAVE_SUN_ACL
+ free(aclp);
+#else
acl_free(acl);
+#endif
return (ret);
}
#endif /* HAVE_POSIX_ACL || HAVE_NFS4_ACL */
diff --git a/libarchive/test/test_acl_platform_nfs4.c b/libarchive/test/test_acl_platform_nfs4.c
index 01c1dc5..9260cfb 100644
--- a/libarchive/test/test_acl_platform_nfs4.c
+++ b/libarchive/test/test_acl_platform_nfs4.c
@@ -248,6 +248,63 @@
static const int acls_dir_cnt = (int)(sizeof(acls_dir)/sizeof(acls_dir[0]));
+#if HAVE_SUN_ACL
+static void *
+sunacl_get(int cmd, int *aclcnt, int fd, const char *path)
+{
+ int cnt, cntcmd;
+ size_t size;
+ void *aclp;
+
+ if (cmd == GETACL) {
+ cntcmd = GETACLCNT;
+ size = sizeof(aclent_t);
+ }
+#if HAVE_SUN_NFS4_ACL
+ else if (cmd == ACE_GETACL) {
+ cntcmd = ACE_GETACLCNT;
+ size = sizeof(ace_t);
+ }
+#endif
+ else {
+ errno = EINVAL;
+ *aclcnt = -1;
+ return (NULL);
+ }
+
+ aclp = NULL;
+ cnt = -2;
+ while (cnt == -2 || (cnt == -1 && errno == ENOSPC)) {
+ if (path != NULL)
+ cnt = acl(path, cntcmd, 0, NULL);
+ else
+ cnt = facl(fd, cntcmd, 0, NULL);
+
+ if (cnt > 0) {
+ if (aclp == NULL)
+ aclp = malloc(cnt * size);
+ else
+ aclp = realloc(NULL, cnt * size);
+ if (aclp != NULL) {
+ if (path != NULL)
+ cnt = acl(path, cmd, cnt, aclp);
+ else
+ cnt = facl(fd, cmd, cnt, aclp);
+ }
+ } else {
+ if (aclp != NULL) {
+ free(aclp);
+ aclp = NULL;
+ }
+ break;
+ }
+ }
+
+ *aclcnt = cnt;
+ return (aclp);
+}
+#endif /* HAVE_SUN_ACL */
+
static void
set_acls(struct archive_entry *ae, struct myacl_t *acls, int start, int end)
{
@@ -269,14 +326,14 @@
}
static int
-#ifdef HAVE_SUN_ACL
+#ifdef HAVE_SUN_NFS4_ACL
acl_permset_to_bitmap(uint32_t a_access_mask)
#else
acl_permset_to_bitmap(acl_permset_t opaque_ps)
#endif
{
static struct { int machine; int portable; } perms[] = {
-#ifdef HAVE_SUN_ACL /* Solaris NFSv4 ACL permissions */
+#ifdef HAVE_SUN_NFS4_ACL /* Solaris NFSv4 ACL permissions */
{ACE_EXECUTE, ARCHIVE_ENTRY_ACL_EXECUTE},
{ACE_READ_DATA, ARCHIVE_ENTRY_ACL_READ_DATA},
{ACE_LIST_DIRECTORY, ARCHIVE_ENTRY_ACL_LIST_DIRECTORY},
@@ -337,7 +394,7 @@
int i, permset = 0;
for (i = 0; i < (int)(sizeof(perms)/sizeof(perms[0])); ++i)
-#if HAVE_SUN_ACL
+#if HAVE_SUN_NFS4_ACL
if (a_access_mask & perms[i].machine)
#else
if (acl_get_perm_np(opaque_ps, perms[i].machine))
@@ -347,21 +404,23 @@
}
static int
-#if HAVE_SUN_ACL
+#if HAVE_SUN_NFS4_ACL
acl_flagset_to_bitmap(uint16_t a_flags)
#else
acl_flagset_to_bitmap(acl_flagset_t opaque_fs)
#endif
{
static struct { int machine; int portable; } flags[] = {
-#if HAVE_SUN_ACL /* Solaris NFSv4 ACL inheritance flags */
+#if HAVE_SUN_NFS4_ACL /* Solaris NFSv4 ACL inheritance flags */
{ACE_FILE_INHERIT_ACE, ARCHIVE_ENTRY_ACL_ENTRY_FILE_INHERIT},
{ACE_DIRECTORY_INHERIT_ACE, ARCHIVE_ENTRY_ACL_ENTRY_DIRECTORY_INHERIT},
{ACE_NO_PROPAGATE_INHERIT_ACE, ARCHIVE_ENTRY_ACL_ENTRY_NO_PROPAGATE_INHERIT},
{ACE_INHERIT_ONLY_ACE, ARCHIVE_ENTRY_ACL_ENTRY_INHERIT_ONLY},
{ACE_SUCCESSFUL_ACCESS_ACE_FLAG, ARCHIVE_ENTRY_ACL_ENTRY_SUCCESSFUL_ACCESS},
{ACE_FAILED_ACCESS_ACE_FLAG, ARCHIVE_ENTRY_ACL_ENTRY_FAILED_ACCESS},
+#ifdef ACE_INHERITED_ACE
{ACE_INHERITED_ACE, ARCHIVE_ENTRY_ACL_ENTRY_INHERITED}
+#endif
#elif HAVE_DARWIN_ACL /* MacOS NFSv4 ACL inheritance flags */
{ACL_ENTRY_INHERITED, ARCHIVE_ENTRY_ACL_ENTRY_INHERITED},
{ACL_ENTRY_FILE_INHERIT, ARCHIVE_ENTRY_ACL_ENTRY_FILE_INHERIT},
@@ -380,7 +439,7 @@
int i, flagset = 0;
for (i = 0; i < (int)(sizeof(flags)/sizeof(flags[0])); ++i)
-#if HAVE_SUN_ACL
+#if HAVE_SUN_NFS4_ACL
if (a_flags & flags[i].machine)
#else
if (acl_get_flag_np(opaque_fs, flags[i].machine))
@@ -390,13 +449,13 @@
}
static int
-#if HAVE_SUN_ACL
+#if HAVE_SUN_NFS4_ACL
acl_match(ace_t *ace, struct myacl_t *myacl)
#else
acl_match(acl_entry_t aclent, struct myacl_t *myacl)
#endif
{
-#if !HAVE_SUN_ACL
+#if !HAVE_SUN_NFS4_ACL
#if HAVE_DARWIN_ACL
void *q;
uid_t ugid;
@@ -409,10 +468,10 @@
acl_tag_t tag_type;
acl_permset_t opaque_ps;
acl_flagset_t opaque_fs;
-#endif /* !HAVE_SUN_ACL */
+#endif /* !HAVE_SUN_NFS4_ACL */
int perms;
-#if HAVE_SUN_ACL
+#if HAVE_SUN_NFS4_ACL
perms = acl_permset_to_bitmap(ace->a_access_mask) | acl_flagset_to_bitmap(ace->a_flags);
#else
acl_get_tag_type(aclent, &tag_type);
@@ -428,7 +487,7 @@
if (perms != myacl->permset)
return (0);
-#if HAVE_SUN_ACL
+#if HAVE_SUN_NFS4_ACL
switch (ace->a_type) {
case ACE_ACCESS_ALLOWED_ACE_TYPE:
if (myacl->type != ARCHIVE_ENTRY_ACL_TYPE_ALLOW)
@@ -507,7 +566,7 @@
default:
return (0);
}
-#else /* !HAVE_SUN_ACL && !HAVE_DARWIN_ACL */
+#else /* !HAVE_SUN_NFS4_ACL && !HAVE_DARWIN_ACL */
switch (entry_type) {
case ACL_ENTRY_TYPE_ALLOW:
if (myacl->type != ARCHIVE_ENTRY_ACL_TYPE_ALLOW)
@@ -559,14 +618,15 @@
if (myacl->tag != ARCHIVE_ENTRY_ACL_EVERYONE) return (0);
break;
}
-#endif /* !HAVE_SUN_ACL && !HAVE_DARWIN_ACL */
+#endif /* !HAVE_SUN_NFS4_ACL && !HAVE_DARWIN_ACL */
return (1);
}
static void
compare_acls(
-#if HAVE_SUN_ACL
- acl_t *acl,
+#if HAVE_SUN_NFS4_ACL
+ void *aclp,
+ int aclcnt,
#else
acl_t acl,
#endif
@@ -575,7 +635,7 @@
int *marker;
int matched;
int i, n;
-#if HAVE_SUN_ACL
+#if HAVE_SUN_NFS4_ACL
int e;
ace_t *acl_entry;
#else
@@ -597,16 +657,16 @@
* Iterate over acls in system acl object, try to match each
* one with an item in the myacls array.
*/
-#if HAVE_SUN_ACL
- for (e = 0; e < acl->acl_cnt; e++)
+#if HAVE_SUN_NFS4_ACL
+ for (e = 0; e < aclcnt; e++)
#elif HAVE_DARWIN_ACL
while (0 == acl_get_entry(acl, entry_id, &acl_entry))
#else
while (1 == acl_get_entry(acl, entry_id, &acl_entry))
#endif
{
-#if HAVE_SUN_ACL
- acl_entry = &((ace_t *)acl->acl_aclp)[e];
+#if HAVE_SUN_NFS4_ACL
+ acl_entry = &((ace_t *)aclp)[e];
#else
/* After the first time... */
entry_id = ACL_NEXT_ENTRY;
@@ -714,7 +774,7 @@
struct stat st;
struct archive *a;
struct archive_entry *ae;
- int i, n;
+ int i;
char *func;
#if HAVE_DARWIN_ACL /* On MacOS we skip trivial ACLs in some tests */
const int regcnt = acls_reg_cnt - 4;
@@ -723,17 +783,19 @@
const int regcnt = acls_reg_cnt;
const int dircnt = acls_dir_cnt;
#endif
-#if HAVE_SUN_ACL
- acl_t *acl;
-#else /* !HAVE_SUN_ACL */
+#if HAVE_SUN_NFS4_ACL
+ void *aclp;
+ int aclcnt;
+#else /* !HAVE_SUN_NFS4_ACL */
#if HAVE_DARWIN_ACL
acl_entry_t aclent;
acl_permset_t permset;
const uid_t uid = 1000;
uuid_t uuid;
#endif /* HAVE_DARWIN_ACL */
+ int n;
acl_t acl;
-#endif /* !HAVE_SUN_ACL */
+#endif /* !HAVE_SUN_NFS4_ACL */
/*
* First, do a quick manual set/read of ACL data to
@@ -762,15 +824,22 @@
/* Create a test dir and try to set an ACL on it. */
if (!assertMakeDir("pretest", 0755)) {
-#if !HAVE_SUN_ACL
+#if !HAVE_SUN_NFS4_ACL
acl_free(acl);
#endif
return;
}
-#if HAVE_SUN_ACL
- func = "acl_get()";
- n = acl_get("pretest", 0, &acl);
+#if HAVE_SUN_NFS4_ACL
+ func = "acl()";
+ aclp = sunacl_get(GETACL, &aclcnt, 0, "pretest");
+ if (aclp != NULL) {
+ skipping("NFS4 ACL is not supported on this filesystem");
+ free(aclp);
+ return;
+ }
+ free(aclp);
+ aclp = sunacl_get(ACE_GETACL, &aclcnt, 0, "pretest");
#else
func = "acl_set_file()";
#if HAVE_DARWIN_ACL
@@ -780,9 +849,14 @@
#endif
acl_free(acl);
#endif
- if (n != 0) {
-#if HAVE_SUN_ACL
- if (errno == ENOSYS)
+#if HAVE_SUN_NFS4_ACL
+ if (aclp == NULL)
+#else
+ if (n != 0)
+#endif
+ {
+#if HAVE_SUN_NFS4_ACL
+ if (errno == ENOSYS || errno == ENOTSUP)
#else
if (errno == EOPNOTSUPP || errno == EINVAL)
#endif
@@ -792,15 +866,12 @@
}
}
failure("%s: errno = %d (%s)", func, errno, strerror(errno));
+#if HAVE_SUN_NFS4_ACL
+ assert(aclp != NULL);
+ free(aclp);
+ aclp = NULL;
+#else
assertEqualInt(0, n);
-
-#if HAVE_SUN_ACL
- if (acl->acl_type != ACE_T) {
- acl_free(acl);
- skipping("NFS4 ACL is not supported on this filesystem");
- return;
- }
- acl_free(acl);
#endif
/* Create a write-to-disk object. */
@@ -848,10 +919,10 @@
/* Verify the data on disk. */
assertEqualInt(0, stat("testall", &st));
assertEqualInt(st.st_mtime, 123456);
-#if HAVE_SUN_ACL
- n = acl_get("testall", 0, &acl);
- failure("acl_get(): errno = %d (%s)", errno, strerror(errno));
- assertEqualInt(0, n);
+#if HAVE_SUN_NFS4_ACL
+ aclp = sunacl_get(ACE_GETACL, &aclcnt, 0, "testall");
+ failure("acl(): errno = %d (%s)", errno, strerror(errno));
+ assert(aclp != NULL);
#else
#if HAVE_DARWIN_ACL
acl = acl_get_file("testall", ACL_TYPE_EXTENDED);
@@ -861,18 +932,25 @@
failure("acl_get_file(): errno = %d (%s)", errno, strerror(errno));
assert(acl != (acl_t)NULL);
#endif
+#if HAVE_SUN_NFS4_ACL
+ compare_acls(aclp, aclcnt, acls_reg, "testall", 0, regcnt);
+ free(aclp);
+ aclp = NULL;
+#else
compare_acls(acl, acls_reg, "testall", 0, regcnt);
acl_free(acl);
+#endif
+
/* Verify single-permission dirs on disk. */
for (i = 0; i < dircnt; ++i) {
sprintf(buff, "dir%d", i);
assertEqualInt(0, stat(buff, &st));
assertEqualInt(st.st_mtime, 123456 + i);
-#if HAVE_SUN_ACL
- n = acl_get(buff, 0, &acl);
- failure("acl_get(): errno = %d (%s)", errno, strerror(errno));
- assertEqualInt(0, n);
+#if HAVE_SUN_NFS4_ACL
+ aclp = sunacl_get(ACE_GETACL, &aclcnt, 0, buff);
+ failure("acl(): errno = %d (%s)", errno, strerror(errno));
+ assert(aclp != NULL);
#else
#if HAVE_DARWIN_ACL
acl = acl_get_file(buff, ACL_TYPE_EXTENDED);
@@ -883,17 +961,23 @@
strerror(errno));
assert(acl != (acl_t)NULL);
#endif
+#if HAVE_SUN_NFS4_ACL
+ compare_acls(aclp, aclcnt, acls_dir, buff, i, i + 1);
+ free(aclp);
+ aclp = NULL;
+#else
compare_acls(acl, acls_dir, buff, i, i + 1);
acl_free(acl);
+#endif
}
/* Verify "dirall" on disk. */
assertEqualInt(0, stat("dirall", &st));
assertEqualInt(st.st_mtime, 123456);
-#if HAVE_SUN_ACL
- n = acl_get("dirall", 0, &acl);
- failure("acl_get(): errno = %d (%s)", errno, strerror(errno));
- assertEqualInt(0, n);
+#if HAVE_SUN_NFS4_ACL
+ aclp = sunacl_get(ACE_GETACL, &aclcnt, 0, "dirall");
+ failure("acl(): errno = %d (%s)", errno, strerror(errno));
+ assert(aclp != NULL);
#else
#if HAVE_DARWIN_ACL
acl = acl_get_file("dirall", ACL_TYPE_EXTENDED);
@@ -903,8 +987,14 @@
failure("acl_get_file(): errno = %d (%s)", errno, strerror(errno));
assert(acl != (acl_t)NULL);
#endif
+#if HAVE_SUN_NFS4_ACL
+ compare_acls(aclp, aclcnt, acls_dir, "dirall", 0, dircnt);
+ free(aclp);
+ aclp = NULL;
+#else
compare_acls(acl, acls_dir, "dirall", 0, dircnt);
acl_free(acl);
+#endif
/* Read and compare ACL via archive_read_disk */
a = archive_read_disk_new();
diff --git a/libarchive/test/test_acl_platform_posix1e.c b/libarchive/test/test_acl_platform_posix1e.c
index b46f658..a0da227 100644
--- a/libarchive/test/test_acl_platform_posix1e.c
+++ b/libarchive/test/test_acl_platform_posix1e.c
@@ -35,6 +35,63 @@
#define ACL_GET_PERM acl_get_perm_np
#endif
+#if HAVE_SUN_ACL
+static void *
+sunacl_get(int cmd, int *aclcnt, int fd, const char *path)
+{
+ int cnt, cntcmd;
+ size_t size;
+ void *aclp;
+
+ if (cmd == GETACL) {
+ cntcmd = GETACLCNT;
+ size = sizeof(aclent_t);
+ }
+#if HAVE_SUN_NFS4_ACL
+ else if (cmd == ACE_GETACL) {
+ cntcmd = ACE_GETACLCNT;
+ size = sizeof(ace_t);
+ }
+#endif
+ else {
+ errno = EINVAL;
+ *aclcnt = -1;
+ return (NULL);
+ }
+
+ aclp = NULL;
+ cnt = -2;
+ while (cnt == -2 || (cnt == -1 && errno == ENOSPC)) {
+ if (path != NULL)
+ cnt = acl(path, cntcmd, 0, NULL);
+ else
+ cnt = facl(fd, cntcmd, 0, NULL);
+
+ if (cnt > 0) {
+ if (aclp == NULL)
+ aclp = malloc(cnt * size);
+ else
+ aclp = realloc(NULL, cnt * size);
+ if (aclp != NULL) {
+ if (path != NULL)
+ cnt = acl(path, cmd, cnt, aclp);
+ else
+ cnt = facl(fd, cmd, cnt, aclp);
+ }
+ } else {
+ if (aclp != NULL) {
+ free(aclp);
+ aclp = NULL;
+ }
+ break;
+ }
+ }
+
+ *aclcnt = cnt;
+ return (aclp);
+}
+#endif /* HAVE_SUN_ACL */
+
static struct archive_test_acl_t acls2[] = {
{ ARCHIVE_ENTRY_ACL_TYPE_ACCESS, ARCHIVE_ENTRY_ACL_EXECUTE | ARCHIVE_ENTRY_ACL_READ,
ARCHIVE_ENTRY_ACL_USER_OBJ, -1, "" },
@@ -226,7 +283,7 @@
static void
#if HAVE_SUN_ACL
-compare_acls(acl_t *acl, struct archive_test_acl_t *myacls, int n)
+compare_acls(void *aclp, int aclcnt, struct archive_test_acl_t *myacls, int n)
#else
compare_acls(acl_t acl, struct archive_test_acl_t *myacls, int n)
#endif
@@ -254,8 +311,8 @@
* one with an item in the myacls array.
*/
#if HAVE_SUN_ACL
- for(e = 0; e < acl->acl_cnt; e++) {
- acl_entry = &((aclent_t *)acl->acl_aclp)[e];
+ for(e = 0; e < aclcnt; e++) {
+ acl_entry = &((aclent_t *)aclp)[e];
#else
while (1 == acl_get_entry(acl, entry_id, &acl_entry)) {
/* After the first time... */
@@ -307,7 +364,8 @@
int n, fd;
char *func;
#if HAVE_SUN_ACL
- acl_t *acl, *acl2;
+ void *aclp;
+ int aclcnt;
#else
acl_t acl;
#endif
@@ -318,9 +376,14 @@
* If it doesn't, we'll simply skip the remaining tests.
*/
#if HAVE_SUN_ACL
- n = acl_fromtext("user::rwx,user:1:rw-,group::rwx,group:15:r-x,other:rwx,mask:rwx", &acl);
- failure("acl_fromtext(): errno = %d (%s)", errno, strerror(errno));
- assertEqualInt(0, n);
+ aclent_t aclp1[] = {
+ { USER_OBJ, -1, 4 | 2 | 1 },
+ { USER, 1, 4 | 2 },
+ { GROUP_OBJ, -1, 4 | 2 | 1 },
+ { GROUP, 15, 4 | 1 },
+ { CLASS_OBJ, -1, 4 | 2 | 1 },
+ { OTHER_OBJ, -1, 4 | 2 | 1 }
+ };
#else
acl = acl_from_text("u::rwx,u:1:rw,g::rwx,g:15:rx,o::rwx,m::rwx");
failure("acl_from_text(): errno = %d (%s)", errno, strerror(errno));
@@ -331,40 +394,40 @@
fd = open("pretest", O_WRONLY | O_CREAT | O_EXCL, 0777);
failure("Could not create test file?!");
if (!assert(fd >= 0)) {
+#if !HAVE_SUN_ACL
acl_free(acl);
+#endif
return;
}
#if HAVE_SUN_ACL
- n = facl_get(fd, 0, &acl2);
- if (n != 0) {
+ aclp = sunacl_get(GETACL, &aclcnt, fd, NULL);
+ if (aclp == NULL)
close(fd);
- acl_free(acl);
- }
- if (errno == ENOSYS) {
+ if (errno == ENOSYS || errno == ENOTSUP) {
skipping("POSIX.1e ACLs are not supported on this filesystem");
return;
}
- failure("facl_get(): errno = %d (%s)", errno, strerror(errno));
- assertEqualInt(0, n);
-
- if (acl2->acl_type != ACLENT_T) {
- acl_free(acl2);
- skipping("POSIX.1e ACLs are not supported on this filesystem");
+ failure("facl(): errno = %d (%s)", errno, strerror(errno));
+ if (assert(aclp != NULL) == 0) {
+ free(aclp);
return;
}
- acl_free(acl2);
+ free(aclp);
+ aclp = NULL;
- func = "facl_set()";
- n = facl_set(fd, acl);
+ func = "facl()";
+ n = facl(fd, SETACL, (int)(sizeof(aclp1)/sizeof(aclp1[0])), &aclp1);
#else
func = "acl_set_fd()";
n = acl_set_fd(fd, acl);
#endif
+#if !HAVE_SUN_ACL
acl_free(acl);
+#endif
if (n != 0) {
#if HAVE_SUN_ACL
- if (errno == ENOSYS)
+ if (errno == ENOSYS || errno == ENOTSUP)
#else
if (errno == EOPNOTSUPP || errno == EINVAL)
#endif
@@ -377,9 +440,6 @@
failure("%s: errno = %d (%s)", func, errno, strerror(errno));
assertEqualInt(0, n);
-#if HAVE_SUN_ACL
-
-#endif
close(fd);
/* Create a write-to-disk object. */
@@ -405,16 +465,23 @@
assertEqualInt(0, stat("test0", &st));
assertEqualInt(st.st_mtime, 123456);
#if HAVE_SUN_ACL
- n = acl_get("test0", 0, &acl);
- failure("acl_get(): errno = %d (%s)", errno, strerror(errno));
- assertEqualInt(0, n);
+ aclp = sunacl_get(GETACL, &aclcnt, 0, "test0");
+ failure("acl(): errno = %d (%s)", errno, strerror(errno));
+ assert(aclp != NULL);
#else
acl = acl_get_file("test0", ACL_TYPE_ACCESS);
failure("acl_get_file(): errno = %d (%s)", errno, strerror(errno));
assert(acl != (acl_t)NULL);
#endif
+#if HAVE_SUN_ACL
+ compare_acls(aclp, aclcnt, acls2, sizeof(acls2)/sizeof(acls2[0]));
+ free(aclp);
+ aclp = NULL;
+#else
compare_acls(acl, acls2, sizeof(acls2)/sizeof(acls2[0]));
acl_free(acl);
+#endif
+
#endif /* HAVE_SUN_ACL || HAVE_POSIX_ACL */
}
@@ -432,7 +499,8 @@
char *func, *acl_text;
const char *acl1_text, *acl2_text, *acl3_text;
#if HAVE_SUN_ACL
- acl_t *acl, *acl1, *acl2, *acl3;
+ void *aclp;
+ int aclcnt;
#else
acl_t acl1, acl2, acl3;
#endif
@@ -451,9 +519,14 @@
"user:1:rw-,"
"group:15:r-x,"
"mask:rwx";
- n = acl_fromtext(acl1_text, &acl1);
- failure("acl_fromtext(): errno = %d (%s)", errno, strerror(errno));
- assertEqualInt(0, n);
+ aclent_t aclp1[] = {
+ { USER_OBJ, -1, 4 | 2 | 1 },
+ { USER, 1, 4 | 2 },
+ { GROUP_OBJ, -1, 4 | 2 | 1 },
+ { GROUP, 15, 4 | 1 },
+ { CLASS_OBJ, -1, 4 | 2 | 1 },
+ { OTHER_OBJ, -1, 4 | 2 | 1 }
+ };
#else
acl1_text = "user::rwx\n"
"group::rwx\n"
@@ -468,41 +541,36 @@
fd = open("f1", O_WRONLY | O_CREAT | O_EXCL, 0777);
failure("Could not create test file?!");
if (!assert(fd >= 0)) {
+#if !HAVE_SUN_ACL
acl_free(acl1);
+#endif
return;
}
#if HAVE_SUN_ACL
/* Check if Solaris filesystem supports POSIX.1e ACLs */
- n = facl_get(fd, 0, &acl);
- if (n != 0)
+ aclp = sunacl_get(GETACL, &aclcnt, fd, NULL);
+ if (aclp == 0)
close(fd);
- if (n != 0 && errno == ENOSYS) {
- acl_free(acl1);
+ if (errno == ENOSYS || errno == ENOTSUP) {
skipping("POSIX.1e ACLs are not supported on this filesystem");
return;
}
- failure("facl_get(): errno = %d (%s)", errno, strerror(errno));
- assertEqualInt(0, n);
+ failure("facl(): errno = %d (%s)", errno, strerror(errno));
+ assert(aclp != NULL);
- if (acl->acl_type != ACLENT_T) {
- acl_free(acl);
- acl_free(acl1);
- close(fd);
- skipping("POSIX.1e ACLs are not supported on this filesystem");
- return;
- }
-
- func = "facl_set()";
- n = facl_set(fd, acl1);
+ func = "facl()";
+ n = facl(fd, SETACL, (int)(sizeof(aclp1)/sizeof(aclp1[0])), aclp1);
#else
func = "acl_set_fd()";
n = acl_set_fd(fd, acl1);
#endif
+#if !HAVE_SUN_ACL
acl_free(acl1);
+#endif
if (n != 0) {
#if HAVE_SUN_ACL
- if (errno == ENOSYS)
+ if (errno == ENOSYS || errno == ENOTSUP)
#else
if (errno == EOPNOTSUPP || errno == EINVAL)
#endif
@@ -537,9 +605,14 @@
"user:1:r--,"
"group:15:r--,"
"mask:rwx";
- n = acl_fromtext(acl2_text, &acl2);
- failure("acl_fromtext(): errno = %d (%s)", errno, strerror(errno));
- assertEqualInt(0, n);
+ aclent_t aclp2[] = {
+ { USER_OBJ, -1, 4 | 2 | 1 },
+ { USER, 1, 4 },
+ { GROUP_OBJ, -1, 4 | 2 | 1},
+ { GROUP, 15, 4 },
+ { CLASS_OBJ, -1, 4 | 2 | 1},
+ { OTHER_OBJ, -1, 0 }
+ };
#else
acl2_text = "user::rwx\n"
"group::rwx\n"
@@ -554,17 +627,19 @@
fd = open("d/f1", O_WRONLY | O_CREAT | O_EXCL, 0777);
failure("Could not create test file?!");
if (!assert(fd >= 0)) {
+#if !HAVE_SUN_ACL
acl_free(acl2);
+#endif
return;
}
#if HAVE_SUN_ACL
- func = "facl_set()";
- n = facl_set(fd, acl2);
+ func = "facl()";
+ n = facl(fd, SETACL, (int)(sizeof(aclp2) / sizeof(aclp2[0])), aclp2);
#else
func = "acl_set_fd()";
n = acl_set_fd(fd, acl2);
-#endif
acl_free(acl2);
+#endif
if (n != 0)
close(fd);
failure("%s: errno = %d (%s)", func, errno, strerror(errno));
@@ -587,9 +662,20 @@
"default:group:15:r--,"
"default:mask:rwx,"
"default:other:r-x";
- n = acl_fromtext(acl3_text, &acl3);
- failure("acl_fromtext(): errno = %d (%s)", errno, strerror(errno));
- assertEqualInt(0, n);
+ aclent_t aclp3[] = {
+ { USER_OBJ, -1, 4 | 2 | 1 },
+ { USER, 2, 4 },
+ { GROUP_OBJ, -1, 4 | 1 },
+ { GROUP, 16, 2 },
+ { CLASS_OBJ, -1, 4 | 2 | 1 },
+ { OTHER_OBJ, -1, 4 | 1 },
+ { USER_OBJ | ACL_DEFAULT, -1, 4 | 2 | 1 },
+ { USER | ACL_DEFAULT, 1, 4 },
+ { GROUP_OBJ | ACL_DEFAULT, -1, 4 | 1 },
+ { GROUP | ACL_DEFAULT, 15, 4 },
+ { CLASS_OBJ | ACL_DEFAULT, -1, 4 | 2 | 1},
+ { OTHER_OBJ | ACL_DEFAULT, -1, 4 | 1 }
+ };
#else
acl3_text = "user::rwx\n"
"user:1:r--\n"
@@ -603,14 +689,13 @@
#endif
#if HAVE_SUN_ACL
- func = "acl_set()";
- n = acl_set("d/d2", acl3);
+ func = "acl()";
+ n = acl("d/d2", SETACL, (int)(sizeof(aclp3) / sizeof(aclp3[0])), aclp3);
#else
func = "acl_set_file()";
n = acl_set_file("d/d2", ACL_TYPE_DEFAULT, acl3);
-#endif
acl_free(acl3);
-
+#endif
failure("%s: errno = %d (%s)", func, errno, strerror(errno));
assertEqualInt(0, n);
diff --git a/test_utils/test_common.h b/test_utils/test_common.h
index 88ef04c..6cb26ae 100644
--- a/test_utils/test_common.h
+++ b/test_utils/test_common.h
@@ -138,13 +138,18 @@
* If this platform has <sys/acl.h>, acl_get(), facl_get(), acl_set(),
* facl_set() and types aclent_t and ace_t it uses Solaris-style ACL functions
*/
-#if HAVE_SYS_ACL_H && HAVE_ACL_GET && HAVE_FACL_GET && HAVE_ACL_SET && HAVE_FACL_SET && HAVE_ACLENT_T && HAVE_ACE_T
-#define HAVE_SUN_ACL 1
+#if HAVE_SYS_ACL_H && HAVE_ACL && HAVE_FACL && HAVE_ACLENT_T && \
+ HAVE_DECL_GETACL && HAVE_DECL_GETACLCNT && HAVE_DECL_SETACL
+#define HAVE_SUN_ACL 1
+#if HAVE_ACE_T && HAVE_DECL_ACE_GETACL && HAVE_DECL_ACE_GETACLCNT && \
+ HAVE_DECL_ACE_SETACL
+#define HAVE_SUN_NFS4_ACL 1
+#endif
#endif
/* Define if platform supports NFSv4 ACLs */
-#if (HAVE_POSIX_ACL && HAVE_ACL_TYPE_NFS4) || HAVE_SUN_ACL || HAVE_DARWIN_ACL
-#define HAVE_NFS4_ACL 1
+#if (HAVE_POSIX_ACL && HAVE_ACL_TYPE_NFS4) || HAVE_SUN_NFS4_ACL || HAVE_DARWIN_ACL
+#define HAVE_NFS4_ACL 1
#endif
/*