svn commit: r208033 - head/lib/libc/posix1e

Thu, 13 May 2010 09:42:21 -0700 

Author: trasz
Date: Thu May 13 16:42:01 2010
New Revision: 208033
URL: http://svn.freebsd.org/changeset/base/208033

Log:
  Make it possible to actually use NFSv4 permission bits with acl_set_perm(3)
  and acl_delete_perm(3).  It went undetected, because neither setfacl(1)
  nor Samba use this routines.  D'oh.
  
  MFC after:    1 week

Modified:
  head/lib/libc/posix1e/acl_perm.c

Modified: head/lib/libc/posix1e/acl_perm.c
==============================================================================
--- head/lib/libc/posix1e/acl_perm.c    Thu May 13 15:44:49 2010        
(r208032)
+++ head/lib/libc/posix1e/acl_perm.c    Thu May 13 16:42:01 2010        
(r208033)
@@ -35,6 +35,20 @@ __FBSDID("$FreeBSD$");
 #include <errno.h>
 #include <string.h>
 
+static int
+_perm_is_invalid(acl_perm_t perm)
+{
+
+       /* Check if more than a single bit is set. */
+       if ((perm & -perm) == perm &&
+           (perm & (ACL_POSIX1E_BITS | ACL_NFS4_PERM_BITS)) == perm)
+               return (0);
+
+       errno = EINVAL;
+
+       return (1);
+}
+
 /*
  * acl_add_perm() (23.4.1): add the permission contained in perm to the
  * permission set permset_d
@@ -43,18 +57,17 @@ int
 acl_add_perm(acl_permset_t permset_d, acl_perm_t perm)
 {
 
-       if (permset_d) {
-               switch(perm) {
-               case ACL_READ:
-               case ACL_WRITE:
-               case ACL_EXECUTE:
-                       *permset_d |= perm;
-                       return (0);
-               }
+       if (permset_d == NULL) {
+               errno = EINVAL;
+               return (-1);
        }
 
-       errno = EINVAL;
-       return (-1);
+       if (_perm_is_invalid(perm))
+               return (-1);
+
+       *permset_d |= perm;
+
+       return (0);
 }
 
 /*
@@ -83,16 +96,15 @@ int
 acl_delete_perm(acl_permset_t permset_d, acl_perm_t perm)
 {
 
-       if (permset_d) {
-               switch(perm) {
-               case ACL_READ:
-               case ACL_WRITE:
-               case ACL_EXECUTE:
-                       *permset_d &= ~(perm & ACL_PERM_BITS);
-                       return (0);
-               }
+       if (permset_d == NULL) {
+               errno = EINVAL;
+               return (-1);
        }
 
-       errno = EINVAL;
-       return (-1);
+       if (_perm_is_invalid(perm))
+               return (-1);
+
+       *permset_d &= ~perm;
+
+       return (0);
 }
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Reply via email to