Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/contrib/libarchive/tar/test/test_option_acls.c
39507 views
1
/*-

2
 * SPDX-License-Identifier: BSD-2-Clause

3
 *

4
 * Copyright (c) 2017 Martin Matuska

5
 * All rights reserved.

6
 */

7
#include "test.h"

8


9
#if ARCHIVE_ACL_FREEBSD || ARCHIVE_ACL_DARWIN || ARCHIVE_ACL_LIBACL

10
static const acl_perm_t acl_perms[] = {

11
#if ARCHIVE_ACL_DARWIN

12
    ACL_READ_DATA,

13
    ACL_LIST_DIRECTORY,

14
    ACL_WRITE_DATA,

15
    ACL_ADD_FILE,

16
    ACL_EXECUTE,

17
    ACL_SEARCH,

18
    ACL_DELETE,

19
    ACL_APPEND_DATA,

20
    ACL_ADD_SUBDIRECTORY,

21
    ACL_DELETE_CHILD,

22
    ACL_READ_ATTRIBUTES,

23
    ACL_WRITE_ATTRIBUTES,

24
    ACL_READ_EXTATTRIBUTES,

25
    ACL_WRITE_EXTATTRIBUTES,

26
    ACL_READ_SECURITY,

27
    ACL_WRITE_SECURITY,

28
    ACL_CHANGE_OWNER,

29
    ACL_SYNCHRONIZE

30
#else /* !ARCHIVE_ACL_DARWIN */

31
    ACL_EXECUTE,

32
    ACL_WRITE,

33
    ACL_READ,

34
#if ARCHIVE_ACL_FREEBSD_NFS4

35
    ACL_READ_DATA,

36
    ACL_LIST_DIRECTORY,

37
    ACL_WRITE_DATA,

38
    ACL_ADD_FILE,

39
    ACL_APPEND_DATA,

40
    ACL_ADD_SUBDIRECTORY,

41
    ACL_READ_NAMED_ATTRS,

42
    ACL_WRITE_NAMED_ATTRS,

43
    ACL_DELETE_CHILD,

44
    ACL_READ_ATTRIBUTES,

45
    ACL_WRITE_ATTRIBUTES,

46
    ACL_DELETE,

47
    ACL_READ_ACL,

48
    ACL_WRITE_ACL,

49
    ACL_WRITE_OWNER,

50
    ACL_SYNCHRONIZE

51
#endif	/* ARCHIVE_ACL_FREEBSD_NFS4 */

52
#endif /* !ARCHIVE_ACL_DARWIN */

53
};

54
#if ARCHIVE_ACL_DARWIN || ARCHIVE_ACL_FREEBSD_NFS4

55
static const acl_flag_t acl_flags[] = {

56
#if ARCHIVE_ACL_DARWIN

57
    ACL_ENTRY_INHERITED,

58
    ACL_ENTRY_FILE_INHERIT,

59
    ACL_ENTRY_DIRECTORY_INHERIT,

60
    ACL_ENTRY_LIMIT_INHERIT,

61
    ACL_ENTRY_ONLY_INHERIT

62
#else	/* ARCHIVE_ACL_FREEBSD_NFS4 */

63
    ACL_ENTRY_FILE_INHERIT,

64
    ACL_ENTRY_DIRECTORY_INHERIT,

65
    ACL_ENTRY_NO_PROPAGATE_INHERIT,

66
    ACL_ENTRY_INHERIT_ONLY,

67
    ACL_ENTRY_SUCCESSFUL_ACCESS,

68
    ACL_ENTRY_FAILED_ACCESS,

69
#ifdef ACL_ENTRY_INHERITED

70
    ACL_ENTRY_INHERITED

71
#endif

72
#endif	/* ARCHIVE_ACL_FREEBSD_NFS4 */

73
};

74
#endif /* ARCHIVE_ACL_DARWIN || ARCHIVE_ACL_FREEBSD_NFS4 */

75


76
/*

77
 * Compare two ACL entries on FreeBSD or on Mac OS X

78
 */

79
static int

80
compare_acl_entry(acl_entry_t ae_a, acl_entry_t ae_b, int is_nfs4)

81
{

82
	acl_tag_t tag_a, tag_b;

83
	acl_permset_t permset_a, permset_b;

84
	int perm_a, perm_b, perm_start, perm_end;

85
	void *qual_a, *qual_b;

86
#if ARCHIVE_ACL_FREEBSD_NFS4

87
	acl_entry_type_t type_a, type_b;

88
#endif

89
#if ARCHIVE_ACL_FREEBSD_NFS4 || ARCHIVE_ACL_DARWIN

90
	acl_flagset_t flagset_a, flagset_b;

91
	int flag_a, flag_b;

92
#endif

93
	int i, r;

94


95


96
	/* Compare ACL tag */

97
	r = acl_get_tag_type(ae_a, &tag_a);

98
	failure("acl_get_tag_type() error: %s", strerror(errno));

99
	if (assertEqualInt(r, 0) == 0)

100
		return (-1);

101
	r = acl_get_tag_type(ae_b, &tag_b);

102
	failure("acl_get_tag_type() error: %s", strerror(errno));

103
	if (assertEqualInt(r, 0) == 0)

104
		return (-1);

105
	if (tag_a != tag_b)

106
		return (0);

107


108
	/* Compare ACL qualifier */

109
#if ARCHIVE_ACL_DARWIN

110
	if (tag_a == ACL_EXTENDED_ALLOW || tag_b == ACL_EXTENDED_DENY)

111
#else

112
	if (tag_a == ACL_USER || tag_a == ACL_GROUP)

113
#endif

114
	{

115
		qual_a = acl_get_qualifier(ae_a);

116
		failure("acl_get_qualifier() error: %s", strerror(errno));

117
		if (assert(qual_a != NULL) == 0)

118
			return (-1);

119
		qual_b = acl_get_qualifier(ae_b);

120
		failure("acl_get_qualifier() error: %s", strerror(errno));

121
		if (assert(qual_b != NULL) == 0) {

122
			acl_free(qual_a);

123
			return (-1);

124
		}

125
#if ARCHIVE_ACL_DARWIN

126
		if (memcmp(((guid_t *)qual_a)->g_guid,

127
		    ((guid_t *)qual_b)->g_guid, KAUTH_GUID_SIZE) != 0)

128
#else

129
		if ((tag_a == ACL_USER &&

130
		    (*(uid_t *)qual_a != *(uid_t *)qual_b)) ||

131
		    (tag_a == ACL_GROUP &&

132
		    (*(gid_t *)qual_a != *(gid_t *)qual_b)))

133
#endif

134
		{

135
			acl_free(qual_a);

136
			acl_free(qual_b);

137
			return (0);

138
		}

139
		acl_free(qual_a);

140
		acl_free(qual_b);

141
	}

142


143
#if ARCHIVE_ACL_FREEBSD_NFS4

144
	if (is_nfs4) {

145
		/* Compare NFS4 ACL type */

146
		r = acl_get_entry_type_np(ae_a, &type_a);

147
		failure("acl_get_entry_type_np() error: %s", strerror(errno));

148
		if (assertEqualInt(r, 0) == 0)

149
			return (-1);

150
		r = acl_get_entry_type_np(ae_b, &type_b);

151
		failure("acl_get_entry_type_np() error: %s", strerror(errno));

152
		if (assertEqualInt(r, 0) == 0)

153
			return (-1);

154
		if (type_a != type_b)

155
			return (0);

156
	}

157
#endif

158


159
	/* Compare ACL perms */

160
	r = acl_get_permset(ae_a, &permset_a);

161
	failure("acl_get_permset() error: %s", strerror(errno));

162
	if (assertEqualInt(r, 0) == 0)

163
		return (-1);

164
	r = acl_get_permset(ae_b, &permset_b);

165
	failure("acl_get_permset() error: %s", strerror(errno));

166
	if (assertEqualInt(r, 0) == 0)

167
		return (-1);

168


169
	perm_start = 0;

170
	perm_end = (int)(sizeof(acl_perms) / sizeof(acl_perms[0]));

171
#if ARCHIVE_ACL_FREEBSD_NFS4

172
	if (is_nfs4)

173
		perm_start = 3;

174
	else

175
		perm_end = 3;

176
#endif

177
	/* Cycle through all perms and compare their value */

178
	for (i = perm_start; i < perm_end; i++) {

179
#if ARCHIVE_ACL_LIBACL

180
		perm_a = acl_get_perm(permset_a, acl_perms[i]);

181
		perm_b = acl_get_perm(permset_b, acl_perms[i]);

182
#else

183
		perm_a = acl_get_perm_np(permset_a, acl_perms[i]);

184
		perm_b = acl_get_perm_np(permset_b, acl_perms[i]);

185
#endif

186
		if (perm_a == -1 || perm_b == -1)

187
			return (-1);

188
		if (perm_a != perm_b)

189
			return (0);

190
	}

191


192
#if ARCHIVE_ACL_FREEBSD_NFS4 || ARCHIVE_ACL_DARWIN

193
	if (is_nfs4) {

194
		r = acl_get_flagset_np(ae_a, &flagset_a);

195
		failure("acl_get_flagset_np() error: %s", strerror(errno));

196
		if (assertEqualInt(r, 0) == 0)

197
			return (-1);

198
		r = acl_get_flagset_np(ae_b, &flagset_b);

199
		failure("acl_get_flagset_np() error: %s", strerror(errno));

200
		if (assertEqualInt(r, 0) == 0)

201
			return (-1);

202
		/* Cycle through all flags and compare their status */

203
		for (i = 0; i < (int)(sizeof(acl_flags) / sizeof(acl_flags[0]));

204
		    i++) {

205
			flag_a = acl_get_flag_np(flagset_a, acl_flags[i]);

206
			flag_b = acl_get_flag_np(flagset_b, acl_flags[i]);

207
			if (flag_a == -1 || flag_b == -1)

208
				return (-1);

209
			if (flag_a != flag_b)

210
				return (0);

211
		}

212
	}

213
#else	/* ARCHIVE_ACL_FREEBSD_NFS4 || ARCHIVE_ACL_DARWIN */

214
	(void)is_nfs4;	/* UNUSED */

215
#endif

216
	return (1);

217
}

218
#endif	/* ARCHIVE_ACL_FREEBSD || ARCHIVE_ACL_DARWIN || ARCHIVE_ACL_LIBACL */

219


220
#if ARCHIVE_ACL_SUPPORT

221
/*

222
 * Clear default ACLs or inheritance flags

223
 */

224
static void

225
clear_inheritance_flags(const char *path, int type)

226
{

227
	switch (type) {

228
	case ARCHIVE_TEST_ACL_TYPE_POSIX1E:

229
#if ARCHIVE_ACL_POSIX1E

230
#if !ARCHIVE_ACL_SUNOS

231
		acl_delete_def_file(path);

232
#else

233
		/* Solaris */

234
		setTestAcl(path);

235
#endif

236
#endif	/* ARCHIVE_ACL_POSIX1E */

237
		break;

238
	case ARCHIVE_TEST_ACL_TYPE_NFS4:

239
#if ARCHIVE_ACL_NFS4

240
		setTestAcl(path);

241
#endif

242
		break;

243
	default:

244
		(void)path;	/* UNUSED */

245
		break;

246
	}

247
}

248


249
static int

250
compare_acls(const char *path_a, const char *path_b)

251
{

252
	int ret = 1;

253
	int is_nfs4 = 0;

254
#if ARCHIVE_ACL_SUNOS

255
	void *acl_a, *acl_b;

256
	int aclcnt_a, aclcnt_b;

257
        aclent_t *aclent_a, *aclent_b;

258
        ace_t *ace_a, *ace_b;

259
	int e;

260
#elif ARCHIVE_ACL_DARWIN || ARCHIVE_ACL_FREEBSD || ARCHIVE_ACL_LIBACL

261
	acl_t acl_a, acl_b;

262
	acl_entry_t aclent_a, aclent_b;

263
	int a, b, r;

264
#endif

265
#if ARCHIVE_ACL_LIBRICHACL

266
	struct richacl *richacl_a, *richacl_b;

267


268
	richacl_a = NULL;

269
	richacl_b = NULL;

270
#endif

271


272
#if ARCHIVE_ACL_DARWIN || ARCHIVE_ACL_FREEBSD || ARCHIVE_ACL_LIBACL || \

273
    ARCHIVE_ACL_SUNOS

274
	acl_a = NULL;

275
	acl_b = NULL;

276
#endif

277
#if ARCHIVE_ACL_SUNOS

278
	acl_a = sunacl_get(GETACL, &aclcnt_a, 0, path_a);

279
	if (acl_a == NULL) {

280
#if ARCHIVE_ACL_SUNOS_NFS4

281
		is_nfs4 = 1;

282
		acl_a = sunacl_get(ACE_GETACL, &aclcnt_a, 0, path_a);

283
#endif

284
		failure("acl_get() error: %s", strerror(errno));

285
		if (assert(acl_a != NULL) == 0)

286
			return (-1);

287
#if ARCHIVE_ACL_SUNOS_NFS4

288
		acl_b = sunacl_get(ACE_GETACL, &aclcnt_b, 0, path_b);

289
#endif

290
	} else

291
		acl_b = sunacl_get(GETACL, &aclcnt_b, 0, path_b);

292
	if (acl_b == NULL && (errno == ENOSYS || errno == ENOTSUP)) {

293
		free(acl_a);

294
		return (0);

295
	}

296
	failure("acl_get() error: %s", strerror(errno));

297
	if (assert(acl_b != NULL) == 0) {

298
		free(acl_a);

299
		return (-1);

300
	}

301


302
	if (aclcnt_a != aclcnt_b) {

303
		ret = 0;

304
		goto exit_free;

305
	}

306


307
	for (e = 0; e < aclcnt_a; e++) {

308
		if (!is_nfs4) {

309
			aclent_a = &((aclent_t *)acl_a)[e];

310
			aclent_b = &((aclent_t *)acl_b)[e];

311
			if (aclent_a->a_type != aclent_b->a_type ||

312
			    aclent_a->a_id != aclent_b->a_id ||

313
			    aclent_a->a_perm != aclent_b->a_perm) {

314
				ret = 0;

315
				goto exit_free;

316
			}

317
		}

318
#if ARCHIVE_ACL_SUNOS_NFS4

319
		else {

320
			ace_a = &((ace_t *)acl_a)[e];

321
			ace_b = &((ace_t *)acl_b)[e];

322
			if (ace_a->a_who != ace_b->a_who ||

323
			    ace_a->a_access_mask != ace_b->a_access_mask ||

324
			    ace_a->a_flags != ace_b->a_flags ||

325
			    ace_a->a_type != ace_b->a_type) {

326
				ret = 0;

327
				goto exit_free;

328
			}

329
		}

330
#endif

331
	}

332
#else	/* !ARCHIVE_ACL_SUNOS */

333
#if ARCHIVE_ACL_LIBRICHACL

334
	richacl_a = richacl_get_file(path_a);

335
#if !ARCHIVE_ACL_LIBACL

336
	if (richacl_a == NULL &&

337
	    (errno == ENODATA || errno == ENOTSUP || errno == ENOSYS))

338
		return (0);

339
	failure("richacl_get_file() error: %s (%s)", path_a, strerror(errno));

340
	if (assert(richacl_a != NULL) == 0)

341
		return (-1);

342
#endif

343
	if (richacl_a != NULL) {

344
		richacl_b = richacl_get_file(path_b);

345
		if (richacl_b == NULL &&

346
		    (errno == ENODATA || errno == ENOTSUP || errno == ENOSYS)) {

347
			richacl_free(richacl_a);

348
			return (0);

349
		}

350
		failure("richacl_get_file() error: %s (%s)", path_b,

351
		    strerror(errno));

352
		if (assert(richacl_b != NULL) == 0) {

353
			richacl_free(richacl_a);

354
			return (-1);

355
		}

356
		if (richacl_compare(richacl_a, richacl_b) == 0)

357
			ret = 0;

358
		richacl_free(richacl_a);

359
		richacl_free(richacl_b);

360
		return (ret);

361
        }

362
#endif /* ARCHIVE_ACL_LIBRICHACL */

363
#if ARCHIVE_ACL_DARWIN || ARCHIVE_ACL_FREEBSD || ARCHIVE_ACL_LIBACL

364
#if ARCHIVE_ACL_DARWIN

365
	is_nfs4 = 1;

366
	acl_a = acl_get_file(path_a, ACL_TYPE_EXTENDED);

367
#elif ARCHIVE_ACL_FREEBSD_NFS4

368
	acl_a = acl_get_file(path_a, ACL_TYPE_NFS4);

369
	if (acl_a != NULL)

370
		is_nfs4 = 1;

371
#endif

372
	if (acl_a == NULL)

373
		acl_a = acl_get_file(path_a, ACL_TYPE_ACCESS);

374
	failure("acl_get_file() error: %s (%s)", path_a, strerror(errno));

375
	if (assert(acl_a != NULL) == 0)

376
		return (-1);

377
#if ARCHIVE_ACL_DARWIN

378
	acl_b = acl_get_file(path_b, ACL_TYPE_EXTENDED);

379
#elif ARCHIVE_ACL_FREEBSD_NFS4

380
	acl_b = acl_get_file(path_b, ACL_TYPE_NFS4);

381
#endif

382
#if !ARCHIVE_ACL_DARWIN

383
	if (acl_b == NULL) {

384
#if ARCHIVE_ACL_FREEBSD_NFS4

385
		if (is_nfs4) {

386
			acl_free(acl_a);

387
			return (0);

388
		}

389
#endif

390
		acl_b = acl_get_file(path_b, ACL_TYPE_ACCESS);

391
	}

392
	failure("acl_get_file() error: %s (%s)", path_b, strerror(errno));

393
	if (assert(acl_b != NULL) == 0) {

394
		acl_free(acl_a);

395
		return (-1);

396
	}

397
#endif

398
	a = acl_get_entry(acl_a, ACL_FIRST_ENTRY, &aclent_a);

399
	if (a == -1) {

400
		ret = 0;

401
		goto exit_free;

402
	}

403
	b = acl_get_entry(acl_b, ACL_FIRST_ENTRY, &aclent_b);

404
	if (b == -1) {

405
		ret = 0;

406
		goto exit_free;

407
	}

408
#if ARCHIVE_ACL_DARWIN

409
	while (a == 0 && b == 0)

410
#else	/* FreeBSD, Linux */

411
	while (a == 1 && b == 1)

412
#endif

413
	{

414
		r = compare_acl_entry(aclent_a, aclent_b, is_nfs4);

415
		if (r != 1) {

416
			ret = r;

417
			goto exit_free;

418
		}

419
		a = acl_get_entry(acl_a, ACL_NEXT_ENTRY, &aclent_a);

420
		b = acl_get_entry(acl_b, ACL_NEXT_ENTRY, &aclent_b);

421
	}

422
	/* Entry count must match */

423
	if (a != b)

424
		ret = 0;

425
#endif	/* ARCHIVE_ACL_DARWIN || ARCHIVE_ACL_FREEBSD || ARCHIVE_ACL_LIBACL */

426
#endif	/* !ARCHIVE_ACL_SUNOS */

427
exit_free:

428
#if ARCHIVE_ACL_SUNOS

429
	free(acl_a);

430
	free(acl_b);

431
#else

432
	acl_free(acl_a);

433
	acl_free(acl_b);

434
#endif

435
	return (ret);

436
}

437
#endif	/* ARCHIVE_ACL_SUPPORT */

438


439
DEFINE_TEST(test_option_acls)

440
{

441
#if !ARCHIVE_ACL_SUPPORT

442
        skipping("ACLs are not supported on this platform");

443
#else   /* ARCHIVE_ACL_SUPPORT */

444
	int acltype, r;

445


446
	assertMakeFile("f", 0644, "a");

447
	acltype = setTestAcl("f");

448
	if (acltype == 0) {

449
		skipping("Can't write ACLs on the filesystem");

450
		return;

451
	}

452


453
	/* Archive it with acls */

454
        r = systemf("%s -c --no-mac-metadata --acls -f acls.tar f >acls.out 2>acls.err", testprog);

455
        assertEqualInt(r, 0);

456


457
	/* Archive it without acls */

458
	r = systemf("%s -c --no-mac-metadata --no-acls -f noacls.tar f >noacls.out 2>noacls.err", testprog);

459
	assertEqualInt(r, 0);

460


461
	/* Extract acls with acls */

462
	assertMakeDir("acls_acls", 0755);

463
	clear_inheritance_flags("acls_acls", acltype);

464
	r = systemf("%s -x -C acls_acls --no-same-permissions --acls -f acls.tar >acls_acls.out 2>acls_acls.err", testprog);

465
	assertEqualInt(r, 0);

466
	r = compare_acls("f", "acls_acls/f");

467
	assertEqualInt(r, 1);

468


469
	/* Extract acls without acls */

470
	assertMakeDir("acls_noacls", 0755);

471
	clear_inheritance_flags("acls_noacls", acltype);

472
	r = systemf("%s -x -C acls_noacls -p --no-acls -f acls.tar >acls_noacls.out 2>acls_noacls.err", testprog);

473
	assertEqualInt(r, 0);

474
	r = compare_acls("f", "acls_noacls/f");

475
	assertEqualInt(r, 0);

476


477
	/* Extract noacls with acls flag */

478
	assertMakeDir("noacls_acls", 0755);

479
	clear_inheritance_flags("noacls_acls", acltype);

480
	r = systemf("%s -x -C noacls_acls --no-same-permissions --acls -f noacls.tar >noacls_acls.out 2>noacls_acls.err", testprog);

481
	assertEqualInt(r, 0);

482
	r = compare_acls("f", "noacls_acls/f");

483
	assertEqualInt(r, 0);

484


485
	/* Extract noacls with noacls */

486
	assertMakeDir("noacls_noacls", 0755);

487
	clear_inheritance_flags("noacls_noacls", acltype);

488
	r = systemf("%s -x -C noacls_noacls -p --no-acls -f noacls.tar >noacls_noacls.out 2>noacls_noacls.err", testprog);

489
	assertEqualInt(r, 0);

490
	r = compare_acls("f", "noacls_noacls/f");

491
	assertEqualInt(r, 0);

492
#endif	/* ARCHIVE_ACL_SUPPORT */

493
}

494


495