diff options
author | trasz <trasz@FreeBSD.org> | 2010-05-13 16:42:01 +0000 |
---|---|---|
committer | trasz <trasz@FreeBSD.org> | 2010-05-13 16:42:01 +0000 |
commit | b01f1cf8e0327e684c81ef23d61839ad46b887c1 (patch) | |
tree | 8a6918b2440191aab158fccd28fe01c3c31290fe /lib/libc/posix1e | |
parent | b0594437d3592f327e0de8d42a32e52b82506a96 (diff) | |
download | FreeBSD-src-b01f1cf8e0327e684c81ef23d61839ad46b887c1.zip FreeBSD-src-b01f1cf8e0327e684c81ef23d61839ad46b887c1.tar.gz |
Make it possible to actually use NFSv4 permission bits with acl_set_perm(3)
and acl_delete_perm(3). It went undetected, because neither setfacl(1)
nor Samba use this routines. D'oh.
MFC after: 1 week
Diffstat (limited to 'lib/libc/posix1e')
-rw-r--r-- | lib/libc/posix1e/acl_perm.c | 52 |
1 files changed, 32 insertions, 20 deletions
diff --git a/lib/libc/posix1e/acl_perm.c b/lib/libc/posix1e/acl_perm.c index 37d29d6..b5108ca 100644 --- a/lib/libc/posix1e/acl_perm.c +++ b/lib/libc/posix1e/acl_perm.c @@ -35,6 +35,20 @@ __FBSDID("$FreeBSD$"); #include <errno.h> #include <string.h> +static int +_perm_is_invalid(acl_perm_t perm) +{ + + /* Check if more than a single bit is set. */ + if ((perm & -perm) == perm && + (perm & (ACL_POSIX1E_BITS | ACL_NFS4_PERM_BITS)) == perm) + return (0); + + errno = EINVAL; + + return (1); +} + /* * acl_add_perm() (23.4.1): add the permission contained in perm to the * permission set permset_d @@ -43,18 +57,17 @@ int acl_add_perm(acl_permset_t permset_d, acl_perm_t perm) { - if (permset_d) { - switch(perm) { - case ACL_READ: - case ACL_WRITE: - case ACL_EXECUTE: - *permset_d |= perm; - return (0); - } + if (permset_d == NULL) { + errno = EINVAL; + return (-1); } - errno = EINVAL; - return (-1); + if (_perm_is_invalid(perm)) + return (-1); + + *permset_d |= perm; + + return (0); } /* @@ -83,16 +96,15 @@ int acl_delete_perm(acl_permset_t permset_d, acl_perm_t perm) { - if (permset_d) { - switch(perm) { - case ACL_READ: - case ACL_WRITE: - case ACL_EXECUTE: - *permset_d &= ~(perm & ACL_PERM_BITS); - return (0); - } + if (permset_d == NULL) { + errno = EINVAL; + return (-1); } - errno = EINVAL; - return (-1); + if (_perm_is_invalid(perm)) + return (-1); + + *permset_d &= ~perm; + + return (0); } |