root/source3/libsmb/libsmb_xattr.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. find_lsa_pipe_hnd
  2. ace_compare
  3. sort_acl
  4. convert_sid_to_string
  5. convert_string_to_sid
  6. parse_ace
  7. add_ace
  8. sec_desc_parse
  9. dos_attr_query
  10. dos_attr_parse
  11. cacl_get
  12. cacl_set
  13. SMBC_setxattr_ctx
  14. SMBC_getxattr_ctx
  15. SMBC_removexattr_ctx
  16. SMBC_listxattr_ctx

   1 /* 
   2    Unix SMB/Netbios implementation.
   3    SMB client library implementation
   4    Copyright (C) Andrew Tridgell 1998
   5    Copyright (C) Richard Sharpe 2000, 2002
   6    Copyright (C) John Terpstra 2000
   7    Copyright (C) Tom Jansen (Ninja ISD) 2002 
   8    Copyright (C) Derrell Lipman 2003-2008
   9    Copyright (C) Jeremy Allison 2007, 2008
  10    
  11    This program is free software; you can redistribute it and/or modify
  12    it under the terms of the GNU General Public License as published by
  13    the Free Software Foundation; either version 3 of the License, or
  14    (at your option) any later version.
  15    
  16    This program is distributed in the hope that it will be useful,
  17    but WITHOUT ANY WARRANTY; without even the implied warranty of
  18    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  19    GNU General Public License for more details.
  20    
  21    You should have received a copy of the GNU General Public License
  22    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  23 */
  24 
  25 #include "includes.h"
  26 #include "libsmbclient.h"
  27 #include "libsmb_internal.h"
  28 
  29 
  30 /*
  31  * Find an lsa pipe handle associated with a cli struct.
  32  */
  33 static struct rpc_pipe_client *
  34 find_lsa_pipe_hnd(struct cli_state *ipc_cli)
     /* [<][>][^][v][top][bottom][index][help] */
  35 {
  36         struct rpc_pipe_client *pipe_hnd;
  37         
  38         for (pipe_hnd = ipc_cli->pipe_list;
  39              pipe_hnd;
  40              pipe_hnd = pipe_hnd->next) {
  41                 
  42                 if (ndr_syntax_id_equal(&pipe_hnd->abstract_syntax,
  43                                         &ndr_table_lsarpc.syntax_id)) {
  44                         return pipe_hnd;
  45                 }
  46         }
  47         
  48         return NULL;
  49 }
  50 
  51 /*
  52  * Sort ACEs according to the documentation at
  53  * http://support.microsoft.com/kb/269175, at least as far as it defines the
  54  * order.
  55  */
  56 
  57 static int
  58 ace_compare(SEC_ACE *ace1,
     /* [<][>][^][v][top][bottom][index][help] */
  59             SEC_ACE *ace2)
  60 {
  61         bool b1;
  62         bool b2;
  63         
  64         /* If the ACEs are equal, we have nothing more to do. */
  65         if (sec_ace_equal(ace1, ace2)) {
  66                 return 0;
  67         }
  68         
  69         /* Inherited follow non-inherited */
  70         b1 = ((ace1->flags & SEC_ACE_FLAG_INHERITED_ACE) != 0);
  71         b2 = ((ace2->flags & SEC_ACE_FLAG_INHERITED_ACE) != 0);
  72         if (b1 != b2) {
  73                 return (b1 ? 1 : -1);
  74         }
  75         
  76         /*
  77          * What shall we do with AUDITs and ALARMs?  It's undefined.  We'll
  78          * sort them after DENY and ALLOW.
  79          */
  80         b1 = (ace1->type != SEC_ACE_TYPE_ACCESS_ALLOWED &&
  81               ace1->type != SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT &&
  82               ace1->type != SEC_ACE_TYPE_ACCESS_DENIED &&
  83               ace1->type != SEC_ACE_TYPE_ACCESS_DENIED_OBJECT);
  84         b2 = (ace2->type != SEC_ACE_TYPE_ACCESS_ALLOWED &&
  85               ace2->type != SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT &&
  86               ace2->type != SEC_ACE_TYPE_ACCESS_DENIED &&
  87               ace2->type != SEC_ACE_TYPE_ACCESS_DENIED_OBJECT);
  88         if (b1 != b2) {
  89                 return (b1 ? 1 : -1);
  90         }
  91         
  92         /* Allowed ACEs follow denied ACEs */
  93         b1 = (ace1->type == SEC_ACE_TYPE_ACCESS_ALLOWED ||
  94               ace1->type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT);
  95         b2 = (ace2->type == SEC_ACE_TYPE_ACCESS_ALLOWED ||
  96               ace2->type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT);
  97         if (b1 != b2) {
  98                 return (b1 ? 1 : -1);
  99         }
 100         
 101         /*
 102          * ACEs applying to an entity's object follow those applying to the
 103          * entity itself
 104          */
 105         b1 = (ace1->type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT ||
 106               ace1->type == SEC_ACE_TYPE_ACCESS_DENIED_OBJECT);
 107         b2 = (ace2->type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT ||
 108               ace2->type == SEC_ACE_TYPE_ACCESS_DENIED_OBJECT);
 109         if (b1 != b2) {
 110                 return (b1 ? 1 : -1);
 111         }
 112         
 113         /*
 114          * If we get this far, the ACEs are similar as far as the
 115          * characteristics we typically care about (those defined by the
 116          * referenced MS document).  We'll now sort by characteristics that
 117          * just seems reasonable.
 118          */
 119         
 120         if (ace1->type != ace2->type) {
 121                 return ace2->type - ace1->type;
 122         }
 123         
 124         if (sid_compare(&ace1->trustee, &ace2->trustee)) {
 125                 return sid_compare(&ace1->trustee, &ace2->trustee);
 126         }
 127         
 128         if (ace1->flags != ace2->flags) {
 129                 return ace1->flags - ace2->flags;
 130         }
 131         
 132         if (ace1->access_mask != ace2->access_mask) {
 133                 return ace1->access_mask - ace2->access_mask;
 134         }
 135         
 136         if (ace1->size != ace2->size) {
 137                 return ace1->size - ace2->size;
 138         }
 139         
 140         return memcmp(ace1, ace2, sizeof(SEC_ACE));
 141 }
 142 
 143 
 144 static void
 145 sort_acl(SEC_ACL *the_acl)
     /* [<][>][^][v][top][bottom][index][help] */
 146 {
 147         uint32 i;
 148         if (!the_acl) return;
 149         
 150         qsort(the_acl->aces, the_acl->num_aces, sizeof(the_acl->aces[0]),
 151               QSORT_CAST ace_compare);
 152         
 153         for (i=1;i<the_acl->num_aces;) {
 154                 if (sec_ace_equal(&the_acl->aces[i-1], &the_acl->aces[i])) {
 155                         int j;
 156                         for (j=i; j<the_acl->num_aces-1; j++) {
 157                                 the_acl->aces[j] = the_acl->aces[j+1];
 158                         }
 159                         the_acl->num_aces--;
 160                 } else {
 161                         i++;
 162                 }
 163         }
 164 }
 165 
 166 /* convert a SID to a string, either numeric or username/group */
 167 static void
 168 convert_sid_to_string(struct cli_state *ipc_cli,
     /* [<][>][^][v][top][bottom][index][help] */
 169                       struct policy_handle *pol,
 170                       fstring str,
 171                       bool numeric,
 172                       DOM_SID *sid)
 173 {
 174         char **domains = NULL;
 175         char **names = NULL;
 176         enum lsa_SidType *types = NULL;
 177         struct rpc_pipe_client *pipe_hnd = find_lsa_pipe_hnd(ipc_cli);
 178         TALLOC_CTX *ctx;
 179         
 180         sid_to_fstring(str, sid);
 181         
 182         if (numeric) {
 183                 return;     /* no lookup desired */
 184         }
 185         
 186         if (!pipe_hnd) {
 187                 return;
 188         }
 189         
 190         /* Ask LSA to convert the sid to a name */
 191         
 192         ctx = talloc_stackframe();
 193         
 194         if (!NT_STATUS_IS_OK(rpccli_lsa_lookup_sids(pipe_hnd, ctx,
 195                                                     pol, 1, sid, &domains,
 196                                                     &names, &types)) ||
 197             !domains || !domains[0] || !names || !names[0]) {
 198                 TALLOC_FREE(ctx);
 199                 return;
 200         }
 201         
 202         /* Converted OK */
 203         
 204         slprintf(str, sizeof(fstring) - 1, "%s%s%s",
 205                  domains[0], lp_winbind_separator(),
 206                  names[0]);
 207 
 208         TALLOC_FREE(ctx);
 209 }
 210 
 211 /* convert a string to a SID, either numeric or username/group */
 212 static bool
 213 convert_string_to_sid(struct cli_state *ipc_cli,
     /* [<][>][^][v][top][bottom][index][help] */
 214                       struct policy_handle *pol,
 215                       bool numeric,
 216                       DOM_SID *sid,
 217                       const char *str)
 218 {
 219         enum lsa_SidType *types = NULL;
 220         DOM_SID *sids = NULL;
 221         bool result = True;
 222         TALLOC_CTX *ctx = NULL;
 223         struct rpc_pipe_client *pipe_hnd = find_lsa_pipe_hnd(ipc_cli);
 224         
 225         if (!pipe_hnd) {
 226                 return False;
 227         }
 228         
 229         if (numeric) {
 230                 if (strncmp(str, "S-", 2) == 0) {
 231                         return string_to_sid(sid, str);
 232                 }
 233                 
 234                 result = False;
 235                 goto done;
 236         }
 237         
 238         ctx = talloc_stackframe();
 239         if (!NT_STATUS_IS_OK(rpccli_lsa_lookup_names(pipe_hnd, ctx,
 240                                                      pol, 1, &str,
 241                                                      NULL, 1, &sids,
 242                                                      &types))) {
 243                 result = False;
 244                 goto done;
 245         }
 246         
 247         sid_copy(sid, &sids[0]);
 248 done:
 249         
 250         TALLOC_FREE(ctx);
 251         return result;
 252 }
 253 
 254 
 255 /* parse an ACE in the same format as print_ace() */
 256 static bool
 257 parse_ace(struct cli_state *ipc_cli,
     /* [<][>][^][v][top][bottom][index][help] */
 258           struct policy_handle *pol,
 259           SEC_ACE *ace,
 260           bool numeric,
 261           char *str)
 262 {
 263         char *p;
 264         const char *cp;
 265         char *tok;
 266         unsigned int atype;
 267         unsigned int aflags;
 268         unsigned int amask;
 269         DOM_SID sid;
 270         uint32_t mask;
 271         const struct perm_value *v;
 272         struct perm_value {
 273                 const char *perm;
 274                 uint32 mask;
 275         };
 276         TALLOC_CTX *frame = talloc_stackframe();
 277         
 278         /* These values discovered by inspection */
 279         static const struct perm_value special_values[] = {
 280                 { "R", 0x00120089 },
 281                 { "W", 0x00120116 },
 282                 { "X", 0x001200a0 },
 283                 { "D", 0x00010000 },
 284                 { "P", 0x00040000 },
 285                 { "O", 0x00080000 },
 286                 { NULL, 0 },
 287         };
 288         
 289         static const struct perm_value standard_values[] = {
 290                 { "READ",   0x001200a9 },
 291                 { "CHANGE", 0x001301bf },
 292                 { "FULL",   0x001f01ff },
 293                 { NULL, 0 },
 294         };
 295         
 296         
 297         ZERO_STRUCTP(ace);
 298         p = strchr_m(str,':');
 299         if (!p) {
 300                 TALLOC_FREE(frame);
 301                 return False;
 302         }
 303         *p = '\0';
 304         p++;
 305         /* Try to parse numeric form */
 306         
 307         if (sscanf(p, "%i/%i/%i", &atype, &aflags, &amask) == 3 &&
 308             convert_string_to_sid(ipc_cli, pol, numeric, &sid, str)) {
 309                 goto done;
 310         }
 311         
 312         /* Try to parse text form */
 313         
 314         if (!convert_string_to_sid(ipc_cli, pol, numeric, &sid, str)) {
 315                 TALLOC_FREE(frame);
 316                 return false;
 317         }
 318         
 319         cp = p;
 320         if (!next_token_talloc(frame, &cp, &tok, "/")) {
 321                 TALLOC_FREE(frame);
 322                 return false;
 323         }
 324         
 325         if (StrnCaseCmp(tok, "ALLOWED", strlen("ALLOWED")) == 0) {
 326                 atype = SEC_ACE_TYPE_ACCESS_ALLOWED;
 327         } else if (StrnCaseCmp(tok, "DENIED", strlen("DENIED")) == 0) {
 328                 atype = SEC_ACE_TYPE_ACCESS_DENIED;
 329         } else {
 330                 TALLOC_FREE(frame);
 331                 return false;
 332         }
 333         
 334         /* Only numeric form accepted for flags at present */
 335         
 336         if (!(next_token_talloc(frame, &cp, &tok, "/") &&
 337               sscanf(tok, "%i", &aflags))) {
 338                 TALLOC_FREE(frame);
 339                 return false;
 340         }
 341         
 342         if (!next_token_talloc(frame, &cp, &tok, "/")) {
 343                 TALLOC_FREE(frame);
 344                 return false;
 345         }
 346         
 347         if (strncmp(tok, "0x", 2) == 0) {
 348                 if (sscanf(tok, "%i", &amask) != 1) {
 349                         TALLOC_FREE(frame);
 350                         return false;
 351                 }
 352                 goto done;
 353         }
 354         
 355         for (v = standard_values; v->perm; v++) {
 356                 if (strcmp(tok, v->perm) == 0) {
 357                         amask = v->mask;
 358                         goto done;
 359                 }
 360         }
 361         
 362         p = tok;
 363         
 364         while(*p) {
 365                 bool found = False;
 366                 
 367                 for (v = special_values; v->perm; v++) {
 368                         if (v->perm[0] == *p) {
 369                                 amask |= v->mask;
 370                                 found = True;
 371                         }
 372                 }
 373                 
 374                 if (!found) {
 375                         TALLOC_FREE(frame);
 376                         return false;
 377                 }
 378                 p++;
 379         }
 380         
 381         if (*p) {
 382                 TALLOC_FREE(frame);
 383                 return false;
 384         }
 385         
 386 done:
 387         mask = amask;
 388         init_sec_ace(ace, &sid, atype, mask, aflags);
 389         TALLOC_FREE(frame);
 390         return true;
 391 }
 392 
 393 /* add an ACE to a list of ACEs in a SEC_ACL */
 394 static bool
 395 add_ace(SEC_ACL **the_acl,
     /* [<][>][^][v][top][bottom][index][help] */
 396         SEC_ACE *ace,
 397         TALLOC_CTX *ctx)
 398 {
 399         SEC_ACL *newacl;
 400         SEC_ACE *aces;
 401         
 402         if (! *the_acl) {
 403                 (*the_acl) = make_sec_acl(ctx, 3, 1, ace);
 404                 return True;
 405         }
 406         
 407         if ((aces = SMB_CALLOC_ARRAY(SEC_ACE,
 408                                      1+(*the_acl)->num_aces)) == NULL) {
 409                 return False;
 410         }
 411         memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(SEC_ACE));
 412         memcpy(aces+(*the_acl)->num_aces, ace, sizeof(SEC_ACE));
 413         newacl = make_sec_acl(ctx, (*the_acl)->revision,
 414                               1+(*the_acl)->num_aces, aces);
 415         SAFE_FREE(aces);
 416         (*the_acl) = newacl;
 417         return True;
 418 }
 419 
 420 
 421 /* parse a ascii version of a security descriptor */
 422 static SEC_DESC *
 423 sec_desc_parse(TALLOC_CTX *ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 424                struct cli_state *ipc_cli,
 425                struct policy_handle *pol,
 426                bool numeric,
 427                const char *str)
 428 {
 429         const char *p = str;
 430         char *tok;
 431         SEC_DESC *ret = NULL;
 432         size_t sd_size;
 433         DOM_SID *group_sid=NULL;
 434         DOM_SID *owner_sid=NULL;
 435         SEC_ACL *dacl=NULL;
 436         int revision=1;
 437         
 438         while (next_token_talloc(ctx, &p, &tok, "\t,\r\n")) {
 439                 
 440                 if (StrnCaseCmp(tok,"REVISION:", 9) == 0) {
 441                         revision = strtol(tok+9, NULL, 16);
 442                         continue;
 443                 }
 444                 
 445                 if (StrnCaseCmp(tok,"OWNER:", 6) == 0) {
 446                         if (owner_sid) {
 447                                 DEBUG(5,("OWNER specified more than once!\n"));
 448                                 goto done;
 449                         }
 450                         owner_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
 451                         if (!owner_sid ||
 452                             !convert_string_to_sid(ipc_cli, pol,
 453                                                    numeric,
 454                                                    owner_sid, tok+6)) {
 455                                 DEBUG(5, ("Failed to parse owner sid\n"));
 456                                 goto done;
 457                         }
 458                         continue;
 459                 }
 460                 
 461                 if (StrnCaseCmp(tok,"OWNER+:", 7) == 0) {
 462                         if (owner_sid) {
 463                                 DEBUG(5,("OWNER specified more than once!\n"));
 464                                 goto done;
 465                         }
 466                         owner_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
 467                         if (!owner_sid ||
 468                             !convert_string_to_sid(ipc_cli, pol,
 469                                                    False,
 470                                                    owner_sid, tok+7)) {
 471                                 DEBUG(5, ("Failed to parse owner sid\n"));
 472                                 goto done;
 473                         }
 474                         continue;
 475                 }
 476                 
 477                 if (StrnCaseCmp(tok,"GROUP:", 6) == 0) {
 478                         if (group_sid) {
 479                                 DEBUG(5,("GROUP specified more than once!\n"));
 480                                 goto done;
 481                         }
 482                         group_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
 483                         if (!group_sid ||
 484                             !convert_string_to_sid(ipc_cli, pol,
 485                                                    numeric,
 486                                                    group_sid, tok+6)) {
 487                                 DEBUG(5, ("Failed to parse group sid\n"));
 488                                 goto done;
 489                         }
 490                         continue;
 491                 }
 492                 
 493                 if (StrnCaseCmp(tok,"GROUP+:", 7) == 0) {
 494                         if (group_sid) {
 495                                 DEBUG(5,("GROUP specified more than once!\n"));
 496                                 goto done;
 497                         }
 498                         group_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
 499                         if (!group_sid ||
 500                             !convert_string_to_sid(ipc_cli, pol,
 501                                                    False,
 502                                                    group_sid, tok+6)) {
 503                                 DEBUG(5, ("Failed to parse group sid\n"));
 504                                 goto done;
 505                         }
 506                         continue;
 507                 }
 508                 
 509                 if (StrnCaseCmp(tok,"ACL:", 4) == 0) {
 510                         SEC_ACE ace;
 511                         if (!parse_ace(ipc_cli, pol, &ace, numeric, tok+4)) {
 512                                 DEBUG(5, ("Failed to parse ACL %s\n", tok));
 513                                 goto done;
 514                         }
 515                         if(!add_ace(&dacl, &ace, ctx)) {
 516                                 DEBUG(5, ("Failed to add ACL %s\n", tok));
 517                                 goto done;
 518                         }
 519                         continue;
 520                 }
 521                 
 522                 if (StrnCaseCmp(tok,"ACL+:", 5) == 0) {
 523                         SEC_ACE ace;
 524                         if (!parse_ace(ipc_cli, pol, &ace, False, tok+5)) {
 525                                 DEBUG(5, ("Failed to parse ACL %s\n", tok));
 526                                 goto done;
 527                         }
 528                         if(!add_ace(&dacl, &ace, ctx)) {
 529                                 DEBUG(5, ("Failed to add ACL %s\n", tok));
 530                                 goto done;
 531                         }
 532                         continue;
 533                 }
 534                 
 535                 DEBUG(5, ("Failed to parse security descriptor\n"));
 536                 goto done;
 537         }
 538         
 539         ret = make_sec_desc(ctx, revision, SEC_DESC_SELF_RELATIVE, 
 540                             owner_sid, group_sid, NULL, dacl, &sd_size);
 541         
 542 done:
 543         SAFE_FREE(group_sid);
 544         SAFE_FREE(owner_sid);
 545         
 546         return ret;
 547 }
 548 
 549 
 550 /* Obtain the current dos attributes */
 551 static DOS_ATTR_DESC *
 552 dos_attr_query(SMBCCTX *context,
     /* [<][>][^][v][top][bottom][index][help] */
 553                TALLOC_CTX *ctx,
 554                const char *filename,
 555                SMBCSRV *srv)
 556 {
 557         struct timespec create_time_ts;
 558         struct timespec write_time_ts;
 559         struct timespec access_time_ts;
 560         struct timespec change_time_ts;
 561         SMB_OFF_T size = 0;
 562         uint16 mode = 0;
 563         SMB_INO_T inode = 0;
 564         DOS_ATTR_DESC *ret;
 565         
 566         ret = TALLOC_P(ctx, DOS_ATTR_DESC);
 567         if (!ret) {
 568                 errno = ENOMEM;
 569                 return NULL;
 570         }
 571         
 572         /* Obtain the DOS attributes */
 573         if (!SMBC_getatr(context, srv, CONST_DISCARD(char *, filename),
 574                          &mode, &size,
 575                          &create_time_ts,
 576                          &access_time_ts,
 577                          &write_time_ts,
 578                          &change_time_ts,
 579                          &inode)) {
 580                 errno = SMBC_errno(context, srv->cli);
 581                 DEBUG(5, ("dos_attr_query Failed to query old attributes\n"));
 582                 return NULL;
 583         }
 584         
 585         ret->mode = mode;
 586         ret->size = size;
 587         ret->create_time = convert_timespec_to_time_t(create_time_ts);
 588         ret->access_time = convert_timespec_to_time_t(access_time_ts);
 589         ret->write_time = convert_timespec_to_time_t(write_time_ts);
 590         ret->change_time = convert_timespec_to_time_t(change_time_ts);
 591         ret->inode = inode;
 592         
 593         return ret;
 594 }
 595 
 596 
 597 /* parse a ascii version of a security descriptor */
 598 static void
 599 dos_attr_parse(SMBCCTX *context,
     /* [<][>][^][v][top][bottom][index][help] */
 600                DOS_ATTR_DESC *dad,
 601                SMBCSRV *srv,
 602                char *str)
 603 {
 604         int n;
 605         const char *p = str;
 606         char *tok = NULL;
 607         TALLOC_CTX *frame = NULL;
 608         struct {
 609                 const char * create_time_attr;
 610                 const char * access_time_attr;
 611                 const char * write_time_attr;
 612                 const char * change_time_attr;
 613         } attr_strings;
 614         
 615         /* Determine whether to use old-style or new-style attribute names */
 616         if (context->internal->full_time_names) {
 617                 /* new-style names */
 618                 attr_strings.create_time_attr = "CREATE_TIME";
 619                 attr_strings.access_time_attr = "ACCESS_TIME";
 620                 attr_strings.write_time_attr = "WRITE_TIME";
 621                 attr_strings.change_time_attr = "CHANGE_TIME";
 622         } else {
 623                 /* old-style names */
 624                 attr_strings.create_time_attr = NULL;
 625                 attr_strings.access_time_attr = "A_TIME";
 626                 attr_strings.write_time_attr = "M_TIME";
 627                 attr_strings.change_time_attr = "C_TIME";
 628         }
 629         
 630         /* if this is to set the entire ACL... */
 631         if (*str == '*') {
 632                 /* ... then increment past the first colon if there is one */
 633                 if ((p = strchr(str, ':')) != NULL) {
 634                         ++p;
 635                 } else {
 636                         p = str;
 637                 }
 638         }
 639         
 640         frame = talloc_stackframe();
 641         while (next_token_talloc(frame, &p, &tok, "\t,\r\n")) {
 642                 if (StrnCaseCmp(tok, "MODE:", 5) == 0) {
 643                         long request = strtol(tok+5, NULL, 16);
 644                         if (request == 0) {
 645                                 dad->mode = (request |
 646                                              (IS_DOS_DIR(dad->mode)
 647                                               ? FILE_ATTRIBUTE_DIRECTORY
 648                                               : FILE_ATTRIBUTE_NORMAL));
 649                         } else {
 650                                 dad->mode = request;
 651                         }
 652                         continue;
 653                 }
 654                 
 655                 if (StrnCaseCmp(tok, "SIZE:", 5) == 0) {
 656                         dad->size = (SMB_OFF_T)atof(tok+5);
 657                         continue;
 658                 }
 659                 
 660                 n = strlen(attr_strings.access_time_attr);
 661                 if (StrnCaseCmp(tok, attr_strings.access_time_attr, n) == 0) {
 662                         dad->access_time = (time_t)strtol(tok+n+1, NULL, 10);
 663                         continue;
 664                 }
 665                 
 666                 n = strlen(attr_strings.change_time_attr);
 667                 if (StrnCaseCmp(tok, attr_strings.change_time_attr, n) == 0) {
 668                         dad->change_time = (time_t)strtol(tok+n+1, NULL, 10);
 669                         continue;
 670                 }
 671                 
 672                 n = strlen(attr_strings.write_time_attr);
 673                 if (StrnCaseCmp(tok, attr_strings.write_time_attr, n) == 0) {
 674                         dad->write_time = (time_t)strtol(tok+n+1, NULL, 10);
 675                         continue;
 676                 }
 677                 
 678                 if (attr_strings.create_time_attr != NULL) {
 679                         n = strlen(attr_strings.create_time_attr);
 680                         if (StrnCaseCmp(tok, attr_strings.create_time_attr,
 681                                         n) == 0) {
 682                                 dad->create_time = (time_t)strtol(tok+n+1,
 683                                                                   NULL, 10);
 684                                 continue;
 685                         }
 686                 }
 687                 
 688                 if (StrnCaseCmp(tok, "INODE:", 6) == 0) {
 689                         dad->inode = (SMB_INO_T)atof(tok+6);
 690                         continue;
 691                 }
 692         }
 693         TALLOC_FREE(frame);
 694 }
 695 
 696 /*****************************************************
 697  Retrieve the acls for a file.
 698 *******************************************************/
 699 
 700 static int
 701 cacl_get(SMBCCTX *context,
     /* [<][>][^][v][top][bottom][index][help] */
 702          TALLOC_CTX *ctx,
 703          SMBCSRV *srv,
 704          struct cli_state *ipc_cli,
 705          struct policy_handle *pol,
 706          char *filename,
 707          char *attr_name,
 708          char *buf,
 709          int bufsize)
 710 {
 711         uint32 i;
 712         int n = 0;
 713         int n_used;
 714         bool all;
 715         bool all_nt;
 716         bool all_nt_acls;
 717         bool all_dos;
 718         bool some_nt;
 719         bool some_dos;
 720         bool exclude_nt_revision = False;
 721         bool exclude_nt_owner = False;
 722         bool exclude_nt_group = False;
 723         bool exclude_nt_acl = False;
 724         bool exclude_dos_mode = False;
 725         bool exclude_dos_size = False;
 726         bool exclude_dos_create_time = False;
 727         bool exclude_dos_access_time = False;
 728         bool exclude_dos_write_time = False;
 729         bool exclude_dos_change_time = False;
 730         bool exclude_dos_inode = False;
 731         bool numeric = True;
 732         bool determine_size = (bufsize == 0);
 733         int fnum = -1;
 734         SEC_DESC *sd;
 735         fstring sidstr;
 736         fstring name_sandbox;
 737         char *name;
 738         char *pExclude;
 739         char *p;
 740         struct timespec create_time_ts;
 741         struct timespec write_time_ts;
 742         struct timespec access_time_ts;
 743         struct timespec change_time_ts;
 744         time_t create_time = (time_t)0;
 745         time_t write_time = (time_t)0;
 746         time_t access_time = (time_t)0;
 747         time_t change_time = (time_t)0;
 748         SMB_OFF_T size = 0;
 749         uint16 mode = 0;
 750         SMB_INO_T ino = 0;
 751         struct cli_state *cli = srv->cli;
 752         struct {
 753                 const char * create_time_attr;
 754                 const char * access_time_attr;
 755                 const char * write_time_attr;
 756                 const char * change_time_attr;
 757         } attr_strings;
 758         struct {
 759                 const char * create_time_attr;
 760                 const char * access_time_attr;
 761                 const char * write_time_attr;
 762                 const char * change_time_attr;
 763         } excl_attr_strings;
 764         
 765         /* Determine whether to use old-style or new-style attribute names */
 766         if (context->internal->full_time_names) {
 767                 /* new-style names */
 768                 attr_strings.create_time_attr = "CREATE_TIME";
 769                 attr_strings.access_time_attr = "ACCESS_TIME";
 770                 attr_strings.write_time_attr = "WRITE_TIME";
 771                 attr_strings.change_time_attr = "CHANGE_TIME";
 772                 
 773                 excl_attr_strings.create_time_attr = "CREATE_TIME";
 774                 excl_attr_strings.access_time_attr = "ACCESS_TIME";
 775                 excl_attr_strings.write_time_attr = "WRITE_TIME";
 776                 excl_attr_strings.change_time_attr = "CHANGE_TIME";
 777         } else {
 778                 /* old-style names */
 779                 attr_strings.create_time_attr = NULL;
 780                 attr_strings.access_time_attr = "A_TIME";
 781                 attr_strings.write_time_attr = "M_TIME";
 782                 attr_strings.change_time_attr = "C_TIME";
 783                 
 784                 excl_attr_strings.create_time_attr = NULL;
 785                 excl_attr_strings.access_time_attr = "dos_attr.A_TIME";
 786                 excl_attr_strings.write_time_attr = "dos_attr.M_TIME";
 787                 excl_attr_strings.change_time_attr = "dos_attr.C_TIME";
 788         }
 789         
 790         /* Copy name so we can strip off exclusions (if any are specified) */
 791         strncpy(name_sandbox, attr_name, sizeof(name_sandbox) - 1);
 792         
 793         /* Ensure name is null terminated */
 794         name_sandbox[sizeof(name_sandbox) - 1] = '\0';
 795         
 796         /* Play in the sandbox */
 797         name = name_sandbox;
 798         
 799         /* If there are any exclusions, point to them and mask them from name */
 800         if ((pExclude = strchr(name, '!')) != NULL)
 801         {
 802                 *pExclude++ = '\0';
 803         }
 804         
 805         all = (StrnCaseCmp(name, "system.*", 8) == 0);
 806         all_nt = (StrnCaseCmp(name, "system.nt_sec_desc.*", 20) == 0);
 807         all_nt_acls = (StrnCaseCmp(name, "system.nt_sec_desc.acl.*", 24) == 0);
 808         all_dos = (StrnCaseCmp(name, "system.dos_attr.*", 17) == 0);
 809         some_nt = (StrnCaseCmp(name, "system.nt_sec_desc.", 19) == 0);
 810         some_dos = (StrnCaseCmp(name, "system.dos_attr.", 16) == 0);
 811         numeric = (* (name + strlen(name) - 1) != '+');
 812         
 813         /* Look for exclusions from "all" requests */
 814         if (all || all_nt || all_dos) {
 815                 
 816                 /* Exclusions are delimited by '!' */
 817                 for (;
 818                      pExclude != NULL;
 819                      pExclude = (p == NULL ? NULL : p + 1)) {
 820                         
 821                         /* Find end of this exclusion name */
 822                         if ((p = strchr(pExclude, '!')) != NULL)
 823                         {
 824                                 *p = '\0';
 825                         }
 826                         
 827                         /* Which exclusion name is this? */
 828                         if (StrCaseCmp(pExclude,
 829                                        "nt_sec_desc.revision") == 0) {
 830                                 exclude_nt_revision = True;
 831                         }
 832                         else if (StrCaseCmp(pExclude,
 833                                             "nt_sec_desc.owner") == 0) {
 834                                 exclude_nt_owner = True;
 835                         }
 836                         else if (StrCaseCmp(pExclude,
 837                                             "nt_sec_desc.group") == 0) {
 838                                 exclude_nt_group = True;
 839                         }
 840                         else if (StrCaseCmp(pExclude,
 841                                             "nt_sec_desc.acl") == 0) {
 842                                 exclude_nt_acl = True;
 843                         }
 844                         else if (StrCaseCmp(pExclude,
 845                                             "dos_attr.mode") == 0) {
 846                                 exclude_dos_mode = True;
 847                         }
 848                         else if (StrCaseCmp(pExclude,
 849                                             "dos_attr.size") == 0) {
 850                                 exclude_dos_size = True;
 851                         }
 852                         else if (excl_attr_strings.create_time_attr != NULL &&
 853                                  StrCaseCmp(pExclude,
 854                                             excl_attr_strings.change_time_attr) == 0) {
 855                                 exclude_dos_create_time = True;
 856                         }
 857                         else if (StrCaseCmp(pExclude,
 858                                             excl_attr_strings.access_time_attr) == 0) {
 859                                 exclude_dos_access_time = True;
 860                         }
 861                         else if (StrCaseCmp(pExclude,
 862                                             excl_attr_strings.write_time_attr) == 0) {
 863                                 exclude_dos_write_time = True;
 864                         }
 865                         else if (StrCaseCmp(pExclude,
 866                                             excl_attr_strings.change_time_attr) == 0) {
 867                                 exclude_dos_change_time = True;
 868                         }
 869                         else if (StrCaseCmp(pExclude, "dos_attr.inode") == 0) {
 870                                 exclude_dos_inode = True;
 871                         }
 872                         else {
 873                                 DEBUG(5, ("cacl_get received unknown exclusion: %s\n",
 874                                           pExclude));
 875                                 errno = ENOATTR;
 876                                 return -1;
 877                         }
 878                 }
 879         }
 880         
 881         n_used = 0;
 882         
 883         /*
 884          * If we are (possibly) talking to an NT or new system and some NT
 885          * attributes have been requested...
 886          */
 887         if (ipc_cli && (all || some_nt || all_nt_acls)) {
 888                 char *targetpath = NULL;
 889                 struct cli_state *targetcli = NULL;
 890 
 891                 /* Point to the portion after "system.nt_sec_desc." */
 892                 name += 19;     /* if (all) this will be invalid but unused */
 893 
 894                 if (!cli_resolve_path(ctx, "", context->internal->auth_info,
 895                                 cli, filename,
 896                                 &targetcli, &targetpath)) {
 897                         DEBUG(5, ("cacl_get Could not resolve %s\n",
 898                                 filename));
 899                         errno = ENOENT;
 900                         return -1;
 901                 }
 902 
 903                 /* ... then obtain any NT attributes which were requested */
 904                 fnum = cli_nt_create(targetcli, targetpath, CREATE_ACCESS_READ);
 905 
 906                 if (fnum == -1) {
 907                         DEBUG(5, ("cacl_get failed to open %s: %s\n",
 908                                 targetpath, cli_errstr(targetcli)));
 909                         errno = 0;
 910                         return -1;
 911                 }
 912 
 913                 sd = cli_query_secdesc(targetcli, fnum, ctx);
 914 
 915                 if (!sd) {
 916                         DEBUG(5,
 917                               ("cacl_get Failed to query old descriptor\n"));
 918                         errno = 0;
 919                         return -1;
 920                 }
 921 
 922                 cli_close(targetcli, fnum);
 923 
 924                 if (! exclude_nt_revision) {
 925                         if (all || all_nt) {
 926                                 if (determine_size) {
 927                                         p = talloc_asprintf(ctx,
 928                                                             "REVISION:%d",
 929                                                             sd->revision);
 930                                         if (!p) {
 931                                                 errno = ENOMEM;
 932                                                 return -1;
 933                                         }
 934                                         n = strlen(p);
 935                                 } else {
 936                                         n = snprintf(buf, bufsize,
 937                                                      "REVISION:%d",
 938                                                      sd->revision);
 939                                 }
 940                         } else if (StrCaseCmp(name, "revision") == 0) {
 941                                 if (determine_size) {
 942                                         p = talloc_asprintf(ctx, "%d",
 943                                                             sd->revision);
 944                                         if (!p) {
 945                                                 errno = ENOMEM;
 946                                                 return -1;
 947                                         }
 948                                         n = strlen(p);
 949                                 } else {
 950                                         n = snprintf(buf, bufsize, "%d",
 951                                                      sd->revision);
 952                                 }
 953                         }
 954                         
 955                         if (!determine_size && n > bufsize) {
 956                                 errno = ERANGE;
 957                                 return -1;
 958                         }
 959                         buf += n;
 960                         n_used += n;
 961                         bufsize -= n;
 962                         n = 0;
 963                 }
 964                 
 965                 if (! exclude_nt_owner) {
 966                         /* Get owner and group sid */
 967                         if (sd->owner_sid) {
 968                                 convert_sid_to_string(ipc_cli, pol,
 969                                                       sidstr,
 970                                                       numeric,
 971                                                       sd->owner_sid);
 972                         } else {
 973                                 fstrcpy(sidstr, "");
 974                         }
 975                         
 976                         if (all || all_nt) {
 977                                 if (determine_size) {
 978                                         p = talloc_asprintf(ctx, ",OWNER:%s",
 979                                                             sidstr);
 980                                         if (!p) {
 981                                                 errno = ENOMEM;
 982                                                 return -1;
 983                                         }
 984                                         n = strlen(p);
 985                                 } else if (sidstr[0] != '\0') {
 986                                         n = snprintf(buf, bufsize,
 987                                                      ",OWNER:%s", sidstr);
 988                                 }
 989                         } else if (StrnCaseCmp(name, "owner", 5) == 0) {
 990                                 if (determine_size) {
 991                                         p = talloc_asprintf(ctx, "%s", sidstr);
 992                                         if (!p) {
 993                                                 errno = ENOMEM;
 994                                                 return -1;
 995                                         }
 996                                         n = strlen(p);
 997                                 } else {
 998                                         n = snprintf(buf, bufsize, "%s",
 999                                                      sidstr);
1000                                 }
1001                         }
1002                         
1003                         if (!determine_size && n > bufsize) {
1004                                 errno = ERANGE;
1005                                 return -1;
1006                         }
1007                         buf += n;
1008                         n_used += n;
1009                         bufsize -= n;
1010                         n = 0;
1011                 }
1012                 
1013                 if (! exclude_nt_group) {
1014                         if (sd->group_sid) {
1015                                 convert_sid_to_string(ipc_cli, pol,
1016                                                       sidstr, numeric,
1017                                                       sd->group_sid);
1018                         } else {
1019                                 fstrcpy(sidstr, "");
1020                         }
1021                         
1022                         if (all || all_nt) {
1023                                 if (determine_size) {
1024                                         p = talloc_asprintf(ctx, ",GROUP:%s",
1025                                                             sidstr);
1026                                         if (!p) {
1027                                                 errno = ENOMEM;
1028                                                 return -1;
1029                                         }
1030                                         n = strlen(p);
1031                                 } else if (sidstr[0] != '\0') {
1032                                         n = snprintf(buf, bufsize,
1033                                                      ",GROUP:%s", sidstr);
1034                                 }
1035                         } else if (StrnCaseCmp(name, "group", 5) == 0) {
1036                                 if (determine_size) {
1037                                         p = talloc_asprintf(ctx, "%s", sidstr);
1038                                         if (!p) {
1039                                                 errno = ENOMEM;
1040                                                 return -1;
1041                                         }
1042                                         n = strlen(p);
1043                                 } else {
1044                                         n = snprintf(buf, bufsize,
1045                                                      "%s", sidstr);
1046                                 }
1047                         }
1048                         
1049                         if (!determine_size && n > bufsize) {
1050                                 errno = ERANGE;
1051                                 return -1;
1052                         }
1053                         buf += n;
1054                         n_used += n;
1055                         bufsize -= n;
1056                         n = 0;
1057                 }
1058                 
1059                 if (! exclude_nt_acl) {
1060                         /* Add aces to value buffer  */
1061                         for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
1062                                 
1063                                 SEC_ACE *ace = &sd->dacl->aces[i];
1064                                 convert_sid_to_string(ipc_cli, pol,
1065                                                       sidstr, numeric,
1066                                                       &ace->trustee);
1067                                 
1068                                 if (all || all_nt) {
1069                                         if (determine_size) {
1070                                                 p = talloc_asprintf(
1071                                                         ctx, 
1072                                                         ",ACL:"
1073                                                         "%s:%d/%d/0x%08x", 
1074                                                         sidstr,
1075                                                         ace->type,
1076                                                         ace->flags,
1077                                                         ace->access_mask);
1078                                                 if (!p) {
1079                                                         errno = ENOMEM;
1080                                                         return -1;
1081                                                 }
1082                                                 n = strlen(p);
1083                                         } else {
1084                                                 n = snprintf(
1085                                                         buf, bufsize,
1086                                                         ",ACL:%s:%d/%d/0x%08x", 
1087                                                         sidstr,
1088                                                         ace->type,
1089                                                         ace->flags,
1090                                                         ace->access_mask);
1091                                         }
1092                                 } else if ((StrnCaseCmp(name, "acl", 3) == 0 &&
1093                                             StrCaseCmp(name+3, sidstr) == 0) ||
1094                                            (StrnCaseCmp(name, "acl+", 4) == 0 &&
1095                                             StrCaseCmp(name+4, sidstr) == 0)) {
1096                                         if (determine_size) {
1097                                                 p = talloc_asprintf(
1098                                                         ctx, 
1099                                                         "%d/%d/0x%08x", 
1100                                                         ace->type,
1101                                                         ace->flags,
1102                                                         ace->access_mask);
1103                                                 if (!p) {
1104                                                         errno = ENOMEM;
1105                                                         return -1;
1106                                                 }
1107                                                 n = strlen(p);
1108                                         } else {
1109                                                 n = snprintf(buf, bufsize,
1110                                                              "%d/%d/0x%08x", 
1111                                                              ace->type,
1112                                                              ace->flags,
1113                                                              ace->access_mask);
1114                                         }
1115                                 } else if (all_nt_acls) {
1116                                         if (determine_size) {
1117                                                 p = talloc_asprintf(
1118                                                         ctx, 
1119                                                         "%s%s:%d/%d/0x%08x",
1120                                                         i ? "," : "",
1121                                                         sidstr,
1122                                                         ace->type,
1123                                                         ace->flags,
1124                                                         ace->access_mask);
1125                                                 if (!p) {
1126                                                         errno = ENOMEM;
1127                                                         return -1;
1128                                                 }
1129                                                 n = strlen(p);
1130                                         } else {
1131                                                 n = snprintf(buf, bufsize,
1132                                                              "%s%s:%d/%d/0x%08x",
1133                                                              i ? "," : "",
1134                                                              sidstr,
1135                                                              ace->type,
1136                                                              ace->flags,
1137                                                              ace->access_mask);
1138                                         }
1139                                 }
1140                                 if (!determine_size && n > bufsize) {
1141                                         errno = ERANGE;
1142                                         return -1;
1143                                 }
1144                                 buf += n;
1145                                 n_used += n;
1146                                 bufsize -= n;
1147                                 n = 0;
1148                         }
1149                 }
1150                 
1151                 /* Restore name pointer to its original value */
1152                 name -= 19;
1153         }
1154         
1155         if (all || some_dos) {
1156                 /* Point to the portion after "system.dos_attr." */
1157                 name += 16;     /* if (all) this will be invalid but unused */
1158                 
1159                 /* Obtain the DOS attributes */
1160                 if (!SMBC_getatr(context, srv, filename, &mode, &size, 
1161                                  &create_time_ts,
1162                                  &access_time_ts,
1163                                  &write_time_ts,
1164                                  &change_time_ts,
1165                                  &ino)) {
1166                         
1167                         errno = SMBC_errno(context, srv->cli);
1168                         return -1;
1169                         
1170                 }
1171                 
1172                 create_time = convert_timespec_to_time_t(create_time_ts);
1173                 access_time = convert_timespec_to_time_t(access_time_ts);
1174                 write_time = convert_timespec_to_time_t(write_time_ts);
1175                 change_time = convert_timespec_to_time_t(change_time_ts);
1176                 
1177                 if (! exclude_dos_mode) {
1178                         if (all || all_dos) {
1179                                 if (determine_size) {
1180                                         p = talloc_asprintf(ctx,
1181                                                             "%sMODE:0x%x",
1182                                                             (ipc_cli &&
1183                                                              (all || some_nt)
1184                                                              ? ","
1185                                                              : ""),
1186                                                             mode);
1187                                         if (!p) {
1188                                                 errno = ENOMEM;
1189                                                 return -1;
1190                                         }
1191                                         n = strlen(p);
1192                                 } else {
1193                                         n = snprintf(buf, bufsize,
1194                                                      "%sMODE:0x%x",
1195                                                      (ipc_cli &&
1196                                                       (all || some_nt)
1197                                                       ? ","
1198                                                       : ""),
1199                                                      mode);
1200                                 }
1201                         } else if (StrCaseCmp(name, "mode") == 0) {
1202                                 if (determine_size) {
1203                                         p = talloc_asprintf(ctx, "0x%x", mode);
1204                                         if (!p) {
1205                                                 errno = ENOMEM;
1206                                                 return -1;
1207                                         }
1208                                         n = strlen(p);
1209                                 } else {
1210                                         n = snprintf(buf, bufsize,
1211                                                      "0x%x", mode);
1212                                 }
1213                         }
1214                         
1215                         if (!determine_size && n > bufsize) {
1216                                 errno = ERANGE;
1217                                 return -1;
1218                         }
1219                         buf += n;
1220                         n_used += n;
1221                         bufsize -= n;
1222                         n = 0;
1223                 }
1224                 
1225                 if (! exclude_dos_size) {
1226                         if (all || all_dos) {
1227                                 if (determine_size) {
1228                                         p = talloc_asprintf(
1229                                                 ctx,
1230                                                 ",SIZE:%.0f",
1231                                                 (double)size);
1232                                         if (!p) {
1233                                                 errno = ENOMEM;
1234                                                 return -1;
1235                                         }
1236                                         n = strlen(p);
1237                                 } else {
1238                                         n = snprintf(buf, bufsize,
1239                                                      ",SIZE:%.0f",
1240                                                      (double)size);
1241                                 }
1242                         } else if (StrCaseCmp(name, "size") == 0) {
1243                                 if (determine_size) {
1244                                         p = talloc_asprintf(
1245                                                 ctx,
1246                                                 "%.0f",
1247                                                 (double)size);
1248                                         if (!p) {
1249                                                 errno = ENOMEM;
1250                                                 return -1;
1251                                         }
1252                                         n = strlen(p);
1253                                 } else {
1254                                         n = snprintf(buf, bufsize,
1255                                                      "%.0f",
1256                                                      (double)size);
1257                                 }
1258                         }
1259                         
1260                         if (!determine_size && n > bufsize) {
1261                                 errno = ERANGE;
1262                                 return -1;
1263                         }
1264                         buf += n;
1265                         n_used += n;
1266                         bufsize -= n;
1267                         n = 0;
1268                 }
1269                 
1270                 if (! exclude_dos_create_time &&
1271                     attr_strings.create_time_attr != NULL) {
1272                         if (all || all_dos) {
1273                                 if (determine_size) {
1274                                         p = talloc_asprintf(ctx,
1275                                                             ",%s:%lu",
1276                                                             attr_strings.create_time_attr,
1277                                                             (unsigned long) create_time);
1278                                         if (!p) {
1279                                                 errno = ENOMEM;
1280                                                 return -1;
1281                                         }
1282                                         n = strlen(p);
1283                                 } else {
1284                                         n = snprintf(buf, bufsize,
1285                                                      ",%s:%lu",
1286                                                      attr_strings.create_time_attr,
1287                                                      (unsigned long) create_time);
1288                                 }
1289                         } else if (StrCaseCmp(name, attr_strings.create_time_attr) == 0) {
1290                                 if (determine_size) {
1291                                         p = talloc_asprintf(ctx, "%lu", (unsigned long) create_time);
1292                                         if (!p) {
1293                                                 errno = ENOMEM;
1294                                                 return -1;
1295                                         }
1296                                         n = strlen(p);
1297                                 } else {
1298                                         n = snprintf(buf, bufsize,
1299                                                      "%lu", (unsigned long) create_time);
1300                                 }
1301                         }
1302                         
1303                         if (!determine_size && n > bufsize) {
1304                                 errno = ERANGE;
1305                                 return -1;
1306                         }
1307                         buf += n;
1308                         n_used += n;
1309                         bufsize -= n;
1310                         n = 0;
1311                 }
1312                 
1313                 if (! exclude_dos_access_time) {
1314                         if (all || all_dos) {
1315                                 if (determine_size) {
1316                                         p = talloc_asprintf(ctx,
1317                                                             ",%s:%lu",
1318                                                             attr_strings.access_time_attr,
1319                                                             (unsigned long) access_time);
1320                                         if (!p) {
1321                                                 errno = ENOMEM;
1322                                                 return -1;
1323                                         }
1324                                         n = strlen(p);
1325                                 } else {
1326                                         n = snprintf(buf, bufsize,
1327                                                      ",%s:%lu",
1328                                                      attr_strings.access_time_attr,
1329                                                      (unsigned long) access_time);
1330                                 }
1331                         } else if (StrCaseCmp(name, attr_strings.access_time_attr) == 0) {
1332                                 if (determine_size) {
1333                                         p = talloc_asprintf(ctx, "%lu", (unsigned long) access_time);
1334                                         if (!p) {
1335                                                 errno = ENOMEM;
1336                                                 return -1;
1337                                         }
1338                                         n = strlen(p);
1339                                 } else {
1340                                         n = snprintf(buf, bufsize,
1341                                                      "%lu", (unsigned long) access_time);
1342                                 }
1343                         }
1344                         
1345                         if (!determine_size && n > bufsize) {
1346                                 errno = ERANGE;
1347                                 return -1;
1348                         }
1349                         buf += n;
1350                         n_used += n;
1351                         bufsize -= n;
1352                         n = 0;
1353                 }
1354                 
1355                 if (! exclude_dos_write_time) {
1356                         if (all || all_dos) {
1357                                 if (determine_size) {
1358                                         p = talloc_asprintf(ctx,
1359                                                             ",%s:%lu",
1360                                                             attr_strings.write_time_attr,
1361                                                             (unsigned long) write_time);
1362                                         if (!p) {
1363                                                 errno = ENOMEM;
1364                                                 return -1;
1365                                         }
1366                                         n = strlen(p);
1367                                 } else {
1368                                         n = snprintf(buf, bufsize,
1369                                                      ",%s:%lu",
1370                                                      attr_strings.write_time_attr,
1371                                                      (unsigned long) write_time);
1372                                 }
1373                         } else if (StrCaseCmp(name, attr_strings.write_time_attr) == 0) {
1374                                 if (determine_size) {
1375                                         p = talloc_asprintf(ctx, "%lu", (unsigned long) write_time);
1376                                         if (!p) {
1377                                                 errno = ENOMEM;
1378                                                 return -1;
1379                                         }
1380                                         n = strlen(p);
1381                                 } else {
1382                                         n = snprintf(buf, bufsize,
1383                                                      "%lu", (unsigned long) write_time);
1384                                 }
1385                         }
1386                         
1387                         if (!determine_size && n > bufsize) {
1388                                 errno = ERANGE;
1389                                 return -1;
1390                         }
1391                         buf += n;
1392                         n_used += n;
1393                         bufsize -= n;
1394                         n = 0;
1395                 }
1396                 
1397                 if (! exclude_dos_change_time) {
1398                         if (all || all_dos) {
1399                                 if (determine_size) {
1400                                         p = talloc_asprintf(ctx,
1401                                                             ",%s:%lu",
1402                                                             attr_strings.change_time_attr,
1403                                                             (unsigned long) change_time);
1404                                         if (!p) {
1405                                                 errno = ENOMEM;
1406                                                 return -1;
1407                                         }
1408                                         n = strlen(p);
1409                                 } else {
1410                                         n = snprintf(buf, bufsize,
1411                                                      ",%s:%lu",
1412                                                      attr_strings.change_time_attr,
1413                                                      (unsigned long) change_time);
1414                                 }
1415                         } else if (StrCaseCmp(name, attr_strings.change_time_attr) == 0) {
1416                                 if (determine_size) {
1417                                         p = talloc_asprintf(ctx, "%lu", (unsigned long) change_time);
1418                                         if (!p) {
1419                                                 errno = ENOMEM;
1420                                                 return -1;
1421                                         }
1422                                         n = strlen(p);
1423                                 } else {
1424                                         n = snprintf(buf, bufsize,
1425                                                      "%lu", (unsigned long) change_time);
1426                                 }
1427                         }
1428                         
1429                         if (!determine_size && n > bufsize) {
1430                                 errno = ERANGE;
1431                                 return -1;
1432                         }
1433                         buf += n;
1434                         n_used += n;
1435                         bufsize -= n;
1436                         n = 0;
1437                 }
1438                 
1439                 if (! exclude_dos_inode) {
1440                         if (all || all_dos) {
1441                                 if (determine_size) {
1442                                         p = talloc_asprintf(
1443                                                 ctx,
1444                                                 ",INODE:%.0f",
1445                                                 (double)ino);
1446                                         if (!p) {
1447                                                 errno = ENOMEM;
1448                                                 return -1;
1449                                         }
1450                                         n = strlen(p);
1451                                 } else {
1452                                         n = snprintf(buf, bufsize,
1453                                                      ",INODE:%.0f",
1454                                                      (double) ino);
1455                                 }
1456                         } else if (StrCaseCmp(name, "inode") == 0) {
1457                                 if (determine_size) {
1458                                         p = talloc_asprintf(
1459                                                 ctx,
1460                                                 "%.0f",
1461                                                 (double) ino);
1462                                         if (!p) {
1463                                                 errno = ENOMEM;
1464                                                 return -1;
1465                                         }
1466                                         n = strlen(p);
1467                                 } else {
1468                                         n = snprintf(buf, bufsize,
1469                                                      "%.0f",
1470                                                      (double) ino);
1471                                 }
1472                         }
1473                         
1474                         if (!determine_size && n > bufsize) {
1475                                 errno = ERANGE;
1476                                 return -1;
1477                         }
1478                         buf += n;
1479                         n_used += n;
1480                         bufsize -= n;
1481                         n = 0;
1482                 }
1483                 
1484                 /* Restore name pointer to its original value */
1485                 name -= 16;
1486         }
1487         
1488         if (n_used == 0) {
1489                 errno = ENOATTR;
1490                 return -1;
1491         }
1492         
1493         return n_used;
1494 }
1495 
1496 /*****************************************************
1497 set the ACLs on a file given an ascii description
1498 *******************************************************/
1499 static int
1500 cacl_set(SMBCCTX *context,
     /* [<][>][^][v][top][bottom][index][help] */
1501         TALLOC_CTX *ctx,
1502         struct cli_state *cli,
1503         struct cli_state *ipc_cli,
1504         struct policy_handle *pol,
1505         const char *filename,
1506         char *the_acl,
1507         int mode,
1508         int flags)
1509 {
1510         int fnum;
1511         int err = 0;
1512         SEC_DESC *sd = NULL, *old;
1513         SEC_ACL *dacl = NULL;
1514         DOM_SID *owner_sid = NULL;
1515         DOM_SID *group_sid = NULL;
1516         uint32 i, j;
1517         size_t sd_size;
1518         int ret = 0;
1519         char *p;
1520         bool numeric = True;
1521         char *targetpath = NULL;
1522         struct cli_state *targetcli = NULL;
1523 
1524         /* the_acl will be null for REMOVE_ALL operations */
1525         if (the_acl) {
1526                 numeric = ((p = strchr(the_acl, ':')) != NULL &&
1527                            p > the_acl &&
1528                            p[-1] != '+');
1529                 
1530                 /* if this is to set the entire ACL... */
1531                 if (*the_acl == '*') {
1532                         /* ... then increment past the first colon */
1533                         the_acl = p + 1;
1534                 }
1535                 
1536                 sd = sec_desc_parse(ctx, ipc_cli, pol, numeric, the_acl);
1537                 
1538                 if (!sd) {
1539                         errno = EINVAL;
1540                         return -1;
1541                 }
1542         }
1543         
1544         /* SMBC_XATTR_MODE_REMOVE_ALL is the only caller
1545            that doesn't deref sd */
1546         
1547         if (!sd && (mode != SMBC_XATTR_MODE_REMOVE_ALL)) {
1548                 errno = EINVAL;
1549                 return -1;
1550         }
1551 
1552         if (!cli_resolve_path(ctx, "", context->internal->auth_info,
1553                         cli, filename,
1554                         &targetcli, &targetpath)) {
1555                 DEBUG(5,("cacl_set: Could not resolve %s\n", filename));
1556                 errno = ENOENT;
1557                 return -1;
1558         }
1559 
1560         /* The desired access below is the only one I could find that works
1561            with NT4, W2KP and Samba */
1562 
1563         fnum = cli_nt_create(targetcli, targetpath, CREATE_ACCESS_READ);
1564 
1565         if (fnum == -1) {
1566                 DEBUG(5, ("cacl_set failed to open %s: %s\n",
1567                           targetpath, cli_errstr(targetcli)));
1568                 errno = 0;
1569                 return -1;
1570         }
1571 
1572         old = cli_query_secdesc(targetcli, fnum, ctx);
1573 
1574         if (!old) {
1575                 DEBUG(5, ("cacl_set Failed to query old descriptor\n"));
1576                 errno = 0;
1577                 return -1;
1578         }
1579 
1580         cli_close(targetcli, fnum);
1581 
1582         switch (mode) {
1583         case SMBC_XATTR_MODE_REMOVE_ALL:
1584                 old->dacl->num_aces = 0;
1585                 dacl = old->dacl;
1586                 break;
1587 
1588         case SMBC_XATTR_MODE_REMOVE:
1589                 for (i=0;sd->dacl && i<sd->dacl->num_aces;i++) {
1590                         bool found = False;
1591 
1592                         for (j=0;old->dacl && j<old->dacl->num_aces;j++) {
1593                                 if (sec_ace_equal(&sd->dacl->aces[i],
1594                                                   &old->dacl->aces[j])) {
1595                                         uint32 k;
1596                                         for (k=j; k<old->dacl->num_aces-1;k++) {
1597                                                 old->dacl->aces[k] =
1598                                                         old->dacl->aces[k+1];
1599                                         }
1600                                         old->dacl->num_aces--;
1601                                         found = True;
1602                                         dacl = old->dacl;
1603                                         break;
1604                                 }
1605                         }
1606                         
1607                         if (!found) {
1608                                 err = ENOATTR;
1609                                 ret = -1;
1610                                 goto failed;
1611                         }
1612                 }
1613                 break;
1614                 
1615         case SMBC_XATTR_MODE_ADD:
1616                 for (i=0;sd->dacl && i<sd->dacl->num_aces;i++) {
1617                         bool found = False;
1618                         
1619                         for (j=0;old->dacl && j<old->dacl->num_aces;j++) {
1620                                 if (sid_equal(&sd->dacl->aces[i].trustee,
1621                                               &old->dacl->aces[j].trustee)) {
1622                                         if (!(flags & SMBC_XATTR_FLAG_CREATE)) {
1623                                                 err = EEXIST;
1624                                                 ret = -1;
1625                                                 goto failed;
1626                                         }
1627                                         old->dacl->aces[j] = sd->dacl->aces[i];
1628                                         ret = -1;
1629                                         found = True;
1630                                 }
1631                         }
1632                         
1633                         if (!found && (flags & SMBC_XATTR_FLAG_REPLACE)) {
1634                                 err = ENOATTR;
1635                                 ret = -1;
1636                                 goto failed;
1637                         }
1638                         
1639                         for (i=0;sd->dacl && i<sd->dacl->num_aces;i++) {
1640                                 add_ace(&old->dacl, &sd->dacl->aces[i], ctx);
1641                         }
1642                 }
1643                 dacl = old->dacl;
1644                 break;
1645                 
1646         case SMBC_XATTR_MODE_SET:
1647                 old = sd;
1648                 owner_sid = old->owner_sid;
1649                 group_sid = old->group_sid;
1650                 dacl = old->dacl;
1651                 break;
1652                 
1653         case SMBC_XATTR_MODE_CHOWN:
1654                 owner_sid = sd->owner_sid;
1655                 break;
1656                 
1657         case SMBC_XATTR_MODE_CHGRP:
1658                 group_sid = sd->group_sid;
1659                 break;
1660         }
1661         
1662         /* Denied ACE entries must come before allowed ones */
1663         sort_acl(old->dacl);
1664         
1665         /* Create new security descriptor and set it */
1666         sd = make_sec_desc(ctx, old->revision, SEC_DESC_SELF_RELATIVE,
1667                            owner_sid, group_sid, NULL, dacl, &sd_size);
1668         
1669         fnum = cli_nt_create(targetcli, targetpath,
1670                              WRITE_DAC_ACCESS | WRITE_OWNER_ACCESS);
1671         
1672         if (fnum == -1) {
1673                 DEBUG(5, ("cacl_set failed to open %s: %s\n",
1674                           targetpath, cli_errstr(targetcli)));
1675                 errno = 0;
1676                 return -1;
1677         }
1678         
1679         if (!cli_set_secdesc(targetcli, fnum, sd)) {
1680                 DEBUG(5, ("ERROR: secdesc set failed: %s\n",
1681                         cli_errstr(targetcli)));
1682                 ret = -1;
1683         }
1684         
1685         /* Clean up */
1686         
1687 failed:
1688         cli_close(targetcli, fnum);
1689         
1690         if (err != 0) {
1691                 errno = err;
1692         }
1693         
1694         return ret;
1695 }
1696 
1697 
1698 int
1699 SMBC_setxattr_ctx(SMBCCTX *context,
     /* [<][>][^][v][top][bottom][index][help] */
1700                   const char *fname,
1701                   const char *name,
1702                   const void *value,
1703                   size_t size,
1704                   int flags)
1705 {
1706         int ret;
1707         int ret2;
1708         SMBCSRV *srv = NULL;
1709         SMBCSRV *ipc_srv = NULL;
1710         char *server = NULL;
1711         char *share = NULL;
1712         char *user = NULL;
1713         char *password = NULL;
1714         char *workgroup = NULL;
1715         char *path = NULL;
1716         DOS_ATTR_DESC *dad = NULL;
1717         struct {
1718                 const char * create_time_attr;
1719                 const char * access_time_attr;
1720                 const char * write_time_attr;
1721                 const char * change_time_attr;
1722         } attr_strings;
1723         TALLOC_CTX *frame = talloc_stackframe();
1724         
1725         if (!context || !context->internal->initialized) {
1726                 
1727                 errno = EINVAL;  /* Best I can think of ... */
1728                 TALLOC_FREE(frame);
1729                 return -1;
1730         }
1731         
1732         if (!fname) {
1733                 errno = EINVAL;
1734                 TALLOC_FREE(frame);
1735                 return -1;
1736         }
1737         
1738         DEBUG(4, ("smbc_setxattr(%s, %s, %.*s)\n",
1739                   fname, name, (int) size, (const char*)value));
1740         
1741         if (SMBC_parse_path(frame,
1742                             context,
1743                             fname,
1744                             &workgroup,
1745                             &server,
1746                             &share,
1747                             &path,
1748                             &user,
1749                             &password,
1750                             NULL)) {
1751                 errno = EINVAL;
1752                 TALLOC_FREE(frame);
1753                 return -1;
1754         }
1755         
1756         if (!user || user[0] == (char)0) {
1757                 user = talloc_strdup(frame, smbc_getUser(context));
1758                 if (!user) {
1759                         errno = ENOMEM;
1760                         TALLOC_FREE(frame);
1761                         return -1;
1762                 }
1763         }
1764         
1765         srv = SMBC_server(frame, context, True,
1766                           server, share, &workgroup, &user, &password);
1767         if (!srv) {
1768                 TALLOC_FREE(frame);
1769                 return -1;  /* errno set by SMBC_server */
1770         }
1771         
1772         if (! srv->no_nt_session) {
1773                 ipc_srv = SMBC_attr_server(frame, context, server, share,
1774                                            &workgroup, &user, &password);
1775                 if (! ipc_srv) {
1776                         srv->no_nt_session = True;
1777                 }
1778         } else {
1779                 ipc_srv = NULL;
1780         }
1781         
1782         /*
1783          * Are they asking to set the entire set of known attributes?
1784          */
1785         if (StrCaseCmp(name, "system.*") == 0 ||
1786             StrCaseCmp(name, "system.*+") == 0) {
1787                 /* Yup. */
1788                 char *namevalue =
1789                         talloc_asprintf(talloc_tos(), "%s:%s",
1790                                         name+7, (const char *) value);
1791                 if (! namevalue) {
1792                         errno = ENOMEM;
1793                         ret = -1;
1794                         TALLOC_FREE(frame);
1795                         return -1;
1796                 }
1797                 
1798                 if (ipc_srv) {
1799                         ret = cacl_set(context, talloc_tos(), srv->cli,
1800                                        ipc_srv->cli, &ipc_srv->pol, path,
1801                                        namevalue,
1802                                        (*namevalue == '*'
1803                                         ? SMBC_XATTR_MODE_SET
1804                                         : SMBC_XATTR_MODE_ADD),
1805                                        flags);
1806                 } else {
1807                         ret = 0;
1808                 }
1809                 
1810                 /* get a DOS Attribute Descriptor with current attributes */
1811                 dad = dos_attr_query(context, talloc_tos(), path, srv);
1812                 if (dad) {
1813                         /* Overwrite old with new, using what was provided */
1814                         dos_attr_parse(context, dad, srv, namevalue);
1815                         
1816                         /* Set the new DOS attributes */
1817                         if (! SMBC_setatr(context, srv, path,
1818                                           dad->create_time,
1819                                           dad->access_time,
1820                                           dad->write_time,
1821                                           dad->change_time,
1822                                           dad->mode)) {
1823                                 
1824                                 /* cause failure if NT failed too */
1825                                 dad = NULL; 
1826                         }
1827                 }
1828                 
1829                 /* we only fail if both NT and DOS sets failed */
1830                 if (ret < 0 && ! dad) {
1831                         ret = -1; /* in case dad was null */
1832                 }
1833                 else {
1834                         ret = 0;
1835                 }
1836                 
1837                 TALLOC_FREE(frame);
1838                 return ret;
1839         }
1840         
1841         /*
1842          * Are they asking to set an access control element or to set
1843          * the entire access control list?
1844          */
1845         if (StrCaseCmp(name, "system.nt_sec_desc.*") == 0 ||
1846             StrCaseCmp(name, "system.nt_sec_desc.*+") == 0 ||
1847             StrCaseCmp(name, "system.nt_sec_desc.revision") == 0 ||
1848             StrnCaseCmp(name, "system.nt_sec_desc.acl", 22) == 0 ||
1849             StrnCaseCmp(name, "system.nt_sec_desc.acl+", 23) == 0) {
1850                 
1851                 /* Yup. */
1852                 char *namevalue =
1853                         talloc_asprintf(talloc_tos(), "%s:%s",
1854                                         name+19, (const char *) value);
1855                 
1856                 if (! ipc_srv) {
1857                         ret = -1; /* errno set by SMBC_server() */
1858                 }
1859                 else if (! namevalue) {
1860                         errno = ENOMEM;
1861                         ret = -1;
1862                 } else {
1863                         ret = cacl_set(context, talloc_tos(), srv->cli,
1864                                        ipc_srv->cli, &ipc_srv->pol, path,
1865                                        namevalue,
1866                                        (*namevalue == '*'
1867                                         ? SMBC_XATTR_MODE_SET
1868                                         : SMBC_XATTR_MODE_ADD),
1869                                        flags);
1870                 }
1871                 TALLOC_FREE(frame);
1872                 return ret;
1873         }
1874         
1875         /*
1876          * Are they asking to set the owner?
1877          */
1878         if (StrCaseCmp(name, "system.nt_sec_desc.owner") == 0 ||
1879             StrCaseCmp(name, "system.nt_sec_desc.owner+") == 0) {
1880                 
1881                 /* Yup. */
1882                 char *namevalue =
1883                         talloc_asprintf(talloc_tos(), "%s:%s",
1884                                         name+19, (const char *) value);
1885                 
1886                 if (! ipc_srv) {
1887                         ret = -1; /* errno set by SMBC_server() */
1888                 }
1889                 else if (! namevalue) {
1890                         errno = ENOMEM;
1891                         ret = -1;
1892                 } else {
1893                         ret = cacl_set(context, talloc_tos(), srv->cli,
1894                                        ipc_srv->cli, &ipc_srv->pol, path,
1895                                        namevalue, SMBC_XATTR_MODE_CHOWN, 0);
1896                 }
1897                 TALLOC_FREE(frame);
1898                 return ret;
1899         }
1900         
1901         /*
1902          * Are they asking to set the group?
1903          */
1904         if (StrCaseCmp(name, "system.nt_sec_desc.group") == 0 ||
1905             StrCaseCmp(name, "system.nt_sec_desc.group+") == 0) {
1906                 
1907                 /* Yup. */
1908                 char *namevalue =
1909                         talloc_asprintf(talloc_tos(), "%s:%s",
1910                                         name+19, (const char *) value);
1911                 
1912                 if (! ipc_srv) {
1913                         /* errno set by SMBC_server() */
1914                         ret = -1;
1915                 }
1916                 else if (! namevalue) {
1917                         errno = ENOMEM;
1918                         ret = -1;
1919                 } else {
1920                         ret = cacl_set(context, talloc_tos(), srv->cli,
1921                                        ipc_srv->cli, &ipc_srv->pol, path,
1922                                        namevalue, SMBC_XATTR_MODE_CHGRP, 0);
1923                 }
1924                 TALLOC_FREE(frame);
1925                 return ret;
1926         }
1927         
1928         /* Determine whether to use old-style or new-style attribute names */
1929         if (context->internal->full_time_names) {
1930                 /* new-style names */
1931                 attr_strings.create_time_attr = "system.dos_attr.CREATE_TIME";
1932                 attr_strings.access_time_attr = "system.dos_attr.ACCESS_TIME";
1933                 attr_strings.write_time_attr = "system.dos_attr.WRITE_TIME";
1934                 attr_strings.change_time_attr = "system.dos_attr.CHANGE_TIME";
1935         } else {
1936                 /* old-style names */
1937                 attr_strings.create_time_attr = NULL;
1938                 attr_strings.access_time_attr = "system.dos_attr.A_TIME";
1939                 attr_strings.write_time_attr = "system.dos_attr.M_TIME";
1940                 attr_strings.change_time_attr = "system.dos_attr.C_TIME";
1941         }
1942         
1943         /*
1944          * Are they asking to set a DOS attribute?
1945          */
1946         if (StrCaseCmp(name, "system.dos_attr.*") == 0 ||
1947             StrCaseCmp(name, "system.dos_attr.mode") == 0 ||
1948             (attr_strings.create_time_attr != NULL &&
1949              StrCaseCmp(name, attr_strings.create_time_attr) == 0) ||
1950             StrCaseCmp(name, attr_strings.access_time_attr) == 0 ||
1951             StrCaseCmp(name, attr_strings.write_time_attr) == 0 ||
1952             StrCaseCmp(name, attr_strings.change_time_attr) == 0) {
1953                 
1954                 /* get a DOS Attribute Descriptor with current attributes */
1955                 dad = dos_attr_query(context, talloc_tos(), path, srv);
1956                 if (dad) {
1957                         char *namevalue =
1958                                 talloc_asprintf(talloc_tos(), "%s:%s",
1959                                                 name+16, (const char *) value);
1960                         if (! namevalue) {
1961                                 errno = ENOMEM;
1962                                 ret = -1;
1963                         } else {
1964                                 /* Overwrite old with provided new params */
1965                                 dos_attr_parse(context, dad, srv, namevalue);
1966                                 
1967                                 /* Set the new DOS attributes */
1968                                 ret2 = SMBC_setatr(context, srv, path,
1969                                                    dad->create_time,
1970                                                    dad->access_time,
1971                                                    dad->write_time,
1972                                                    dad->change_time,
1973                                                    dad->mode);
1974                                 
1975                                 /* ret2 has True (success) / False (failure) */
1976                                 if (ret2) {
1977                                         ret = 0;
1978                                 } else {
1979                                         ret = -1;
1980                                 }
1981                         }
1982                 } else {
1983                         ret = -1;
1984                 }
1985                 
1986                 TALLOC_FREE(frame);
1987                 return ret;
1988         }
1989         
1990         /* Unsupported attribute name */
1991         errno = EINVAL;
1992         TALLOC_FREE(frame);
1993         return -1;
1994 }
1995 
1996 int
1997 SMBC_getxattr_ctx(SMBCCTX *context,
     /* [<][>][^][v][top][bottom][index][help] */
1998                   const char *fname,
1999                   const char *name,
2000                   const void *value,
2001                   size_t size)
2002 {
2003         int ret;
2004         SMBCSRV *srv = NULL;
2005         SMBCSRV *ipc_srv = NULL;
2006         char *server = NULL;
2007         char *share = NULL;
2008         char *user = NULL;
2009         char *password = NULL;
2010         char *workgroup = NULL;
2011         char *path = NULL;
2012         struct {
2013                 const char * create_time_attr;
2014                 const char * access_time_attr;
2015                 const char * write_time_attr;
2016                 const char * change_time_attr;
2017         } attr_strings;
2018         TALLOC_CTX *frame = talloc_stackframe();
2019         
2020         if (!context || !context->internal->initialized) {
2021                 
2022                 errno = EINVAL;  /* Best I can think of ... */
2023                 TALLOC_FREE(frame);
2024                 return -1;
2025         }
2026         
2027         if (!fname) {
2028                 errno = EINVAL;
2029                 TALLOC_FREE(frame);
2030                 return -1;
2031         }
2032         
2033         DEBUG(4, ("smbc_getxattr(%s, %s)\n", fname, name));
2034         
2035         if (SMBC_parse_path(frame,
2036                             context,
2037                             fname,
2038                             &workgroup,
2039                             &server,
2040                             &share,
2041                             &path,
2042                             &user,
2043                             &password,
2044                             NULL)) {
2045                 errno = EINVAL;
2046                 TALLOC_FREE(frame);
2047                 return -1;
2048         }
2049         
2050         if (!user || user[0] == (char)0) {
2051                 user = talloc_strdup(frame, smbc_getUser(context));
2052                 if (!user) {
2053                         errno = ENOMEM;
2054                         TALLOC_FREE(frame);
2055                         return -1;
2056                 }
2057         }
2058         
2059         srv = SMBC_server(frame, context, True,
2060                           server, share, &workgroup, &user, &password);
2061         if (!srv) {
2062                 TALLOC_FREE(frame);
2063                 return -1;  /* errno set by SMBC_server */
2064         }
2065         
2066         if (! srv->no_nt_session) {
2067                 ipc_srv = SMBC_attr_server(frame, context, server, share,
2068                                            &workgroup, &user, &password);
2069                 if (! ipc_srv) {
2070                         srv->no_nt_session = True;
2071                 }
2072         } else {
2073                 ipc_srv = NULL;
2074         }
2075         
2076         /* Determine whether to use old-style or new-style attribute names */
2077         if (context->internal->full_time_names) {
2078                 /* new-style names */
2079                 attr_strings.create_time_attr = "system.dos_attr.CREATE_TIME";
2080                 attr_strings.access_time_attr = "system.dos_attr.ACCESS_TIME";
2081                 attr_strings.write_time_attr = "system.dos_attr.WRITE_TIME";
2082                 attr_strings.change_time_attr = "system.dos_attr.CHANGE_TIME";
2083         } else {
2084                 /* old-style names */
2085                 attr_strings.create_time_attr = NULL;
2086                 attr_strings.access_time_attr = "system.dos_attr.A_TIME";
2087                 attr_strings.write_time_attr = "system.dos_attr.M_TIME";
2088                 attr_strings.change_time_attr = "system.dos_attr.C_TIME";
2089         }
2090         
2091         /* Are they requesting a supported attribute? */
2092         if (StrCaseCmp(name, "system.*") == 0 ||
2093             StrnCaseCmp(name, "system.*!", 9) == 0 ||
2094             StrCaseCmp(name, "system.*+") == 0 ||
2095             StrnCaseCmp(name, "system.*+!", 10) == 0 ||
2096             StrCaseCmp(name, "system.nt_sec_desc.*") == 0 ||
2097             StrnCaseCmp(name, "system.nt_sec_desc.*!", 21) == 0 ||
2098             StrCaseCmp(name, "system.nt_sec_desc.*+") == 0 ||
2099             StrnCaseCmp(name, "system.nt_sec_desc.*+!", 22) == 0 ||
2100             StrCaseCmp(name, "system.nt_sec_desc.revision") == 0 ||
2101             StrCaseCmp(name, "system.nt_sec_desc.owner") == 0 ||
2102             StrCaseCmp(name, "system.nt_sec_desc.owner+") == 0 ||
2103             StrCaseCmp(name, "system.nt_sec_desc.group") == 0 ||
2104             StrCaseCmp(name, "system.nt_sec_desc.group+") == 0 ||
2105             StrnCaseCmp(name, "system.nt_sec_desc.acl", 22) == 0 ||
2106             StrnCaseCmp(name, "system.nt_sec_desc.acl+", 23) == 0 ||
2107             StrCaseCmp(name, "system.dos_attr.*") == 0 ||
2108             StrnCaseCmp(name, "system.dos_attr.*!", 18) == 0 ||
2109             StrCaseCmp(name, "system.dos_attr.mode") == 0 ||
2110             StrCaseCmp(name, "system.dos_attr.size") == 0 ||
2111             (attr_strings.create_time_attr != NULL &&
2112              StrCaseCmp(name, attr_strings.create_time_attr) == 0) ||
2113             StrCaseCmp(name, attr_strings.access_time_attr) == 0 ||
2114             StrCaseCmp(name, attr_strings.write_time_attr) == 0 ||
2115             StrCaseCmp(name, attr_strings.change_time_attr) == 0 ||
2116             StrCaseCmp(name, "system.dos_attr.inode") == 0) {
2117                 
2118                 /* Yup. */
2119                 char *filename = (char *) name;
2120                 ret = cacl_get(context, talloc_tos(), srv,
2121                                ipc_srv == NULL ? NULL : ipc_srv->cli, 
2122                                &ipc_srv->pol, path,
2123                                filename,
2124                                CONST_DISCARD(char *, value),
2125                                size);
2126                 if (ret < 0 && errno == 0) {
2127                         errno = SMBC_errno(context, srv->cli);
2128                 }
2129                 TALLOC_FREE(frame);
2130                 return ret;
2131         }
2132         
2133         /* Unsupported attribute name */
2134         errno = EINVAL;
2135         TALLOC_FREE(frame);
2136         return -1;
2137 }
2138 
2139 
2140 int
2141 SMBC_removexattr_ctx(SMBCCTX *context,
     /* [<][>][^][v][top][bottom][index][help] */
2142                      const char *fname,
2143                      const char *name)
2144 {
2145         int ret;
2146         SMBCSRV *srv = NULL;
2147         SMBCSRV *ipc_srv = NULL;
2148         char *server = NULL;
2149         char *share = NULL;
2150         char *user = NULL;
2151         char *password = NULL;
2152         char *workgroup = NULL;
2153         char *path = NULL;
2154         TALLOC_CTX *frame = talloc_stackframe();
2155         
2156         if (!context || !context->internal->initialized) {
2157                 
2158                 errno = EINVAL;  /* Best I can think of ... */
2159                 TALLOC_FREE(frame);
2160                 return -1;
2161         }
2162         
2163         if (!fname) {
2164                 errno = EINVAL;
2165                 TALLOC_FREE(frame);
2166                 return -1;
2167         }
2168         
2169         DEBUG(4, ("smbc_removexattr(%s, %s)\n", fname, name));
2170         
2171         if (SMBC_parse_path(frame,
2172                             context,
2173                             fname,
2174                             &workgroup,
2175                             &server,
2176                             &share,
2177                             &path,
2178                             &user,
2179                             &password,
2180                             NULL)) {
2181                 errno = EINVAL;
2182                 TALLOC_FREE(frame);
2183                 return -1;
2184         }
2185         
2186         if (!user || user[0] == (char)0) {
2187                 user = talloc_strdup(frame, smbc_getUser(context));
2188                 if (!user) {
2189                         errno = ENOMEM;
2190                         TALLOC_FREE(frame);
2191                         return -1;
2192                 }
2193         }
2194         
2195         srv = SMBC_server(frame, context, True,
2196                           server, share, &workgroup, &user, &password);
2197         if (!srv) {
2198                 TALLOC_FREE(frame);
2199                 return -1;  /* errno set by SMBC_server */
2200         }
2201         
2202         if (! srv->no_nt_session) {
2203                 ipc_srv = SMBC_attr_server(frame, context, server, share,
2204                                            &workgroup, &user, &password);
2205                 if (! ipc_srv) {
2206                         srv->no_nt_session = True;
2207                 }
2208         } else {
2209                 ipc_srv = NULL;
2210         }
2211         
2212         if (! ipc_srv) {
2213                 TALLOC_FREE(frame);
2214                 return -1; /* errno set by SMBC_attr_server */
2215         }
2216         
2217         /* Are they asking to set the entire ACL? */
2218         if (StrCaseCmp(name, "system.nt_sec_desc.*") == 0 ||
2219             StrCaseCmp(name, "system.nt_sec_desc.*+") == 0) {
2220                 
2221                 /* Yup. */
2222                 ret = cacl_set(context, talloc_tos(), srv->cli,
2223                                ipc_srv->cli, &ipc_srv->pol, path,
2224                                NULL, SMBC_XATTR_MODE_REMOVE_ALL, 0);
2225                 TALLOC_FREE(frame);
2226                 return ret;
2227         }
2228         
2229         /*
2230          * Are they asking to remove one or more spceific security descriptor
2231          * attributes?
2232          */
2233         if (StrCaseCmp(name, "system.nt_sec_desc.revision") == 0 ||
2234             StrCaseCmp(name, "system.nt_sec_desc.owner") == 0 ||
2235             StrCaseCmp(name, "system.nt_sec_desc.owner+") == 0 ||
2236             StrCaseCmp(name, "system.nt_sec_desc.group") == 0 ||
2237             StrCaseCmp(name, "system.nt_sec_desc.group+") == 0 ||
2238             StrnCaseCmp(name, "system.nt_sec_desc.acl", 22) == 0 ||
2239             StrnCaseCmp(name, "system.nt_sec_desc.acl+", 23) == 0) {
2240                 
2241                 /* Yup. */
2242                 ret = cacl_set(context, talloc_tos(), srv->cli,
2243                                ipc_srv->cli, &ipc_srv->pol, path,
2244                                CONST_DISCARD(char *, name) + 19,
2245                                SMBC_XATTR_MODE_REMOVE, 0);
2246                 TALLOC_FREE(frame);
2247                 return ret;
2248         }
2249         
2250         /* Unsupported attribute name */
2251         errno = EINVAL;
2252         TALLOC_FREE(frame);
2253         return -1;
2254 }
2255 
2256 int
2257 SMBC_listxattr_ctx(SMBCCTX *context,
     /* [<][>][^][v][top][bottom][index][help] */
2258                    const char *fname,
2259                    char *list,
2260                    size_t size)
2261 {
2262         /*
2263          * This isn't quite what listxattr() is supposed to do.  This returns
2264          * the complete set of attribute names, always, rather than only those
2265          * attribute names which actually exist for a file.  Hmmm...
2266          */
2267         size_t retsize;
2268         const char supported_old[] =
2269                 "system.*\0"
2270                 "system.*+\0"
2271                 "system.nt_sec_desc.revision\0"
2272                 "system.nt_sec_desc.owner\0"
2273                 "system.nt_sec_desc.owner+\0"
2274                 "system.nt_sec_desc.group\0"
2275                 "system.nt_sec_desc.group+\0"
2276                 "system.nt_sec_desc.acl.*\0"
2277                 "system.nt_sec_desc.acl\0"
2278                 "system.nt_sec_desc.acl+\0"
2279                 "system.nt_sec_desc.*\0"
2280                 "system.nt_sec_desc.*+\0"
2281                 "system.dos_attr.*\0"
2282                 "system.dos_attr.mode\0"
2283                 "system.dos_attr.c_time\0"
2284                 "system.dos_attr.a_time\0"
2285                 "system.dos_attr.m_time\0"
2286                 ;
2287         const char supported_new[] =
2288                 "system.*\0"
2289                 "system.*+\0"
2290                 "system.nt_sec_desc.revision\0"
2291                 "system.nt_sec_desc.owner\0"
2292                 "system.nt_sec_desc.owner+\0"
2293                 "system.nt_sec_desc.group\0"
2294                 "system.nt_sec_desc.group+\0"
2295                 "system.nt_sec_desc.acl.*\0"
2296                 "system.nt_sec_desc.acl\0"
2297                 "system.nt_sec_desc.acl+\0"
2298                 "system.nt_sec_desc.*\0"
2299                 "system.nt_sec_desc.*+\0"
2300                 "system.dos_attr.*\0"
2301                 "system.dos_attr.mode\0"
2302                 "system.dos_attr.create_time\0"
2303                 "system.dos_attr.access_time\0"
2304                 "system.dos_attr.write_time\0"
2305                 "system.dos_attr.change_time\0"
2306                 ;
2307         const char * supported;
2308         
2309         if (context->internal->full_time_names) {
2310                 supported = supported_new;
2311                 retsize = sizeof(supported_new);
2312         } else {
2313                 supported = supported_old;
2314                 retsize = sizeof(supported_old);
2315         }
2316         
2317         if (size == 0) {
2318                 return retsize;
2319         }
2320         
2321         if (retsize > size) {
2322                 errno = ERANGE;
2323                 return -1;
2324         }
2325         
2326         /* this can't be strcpy() because there are embedded null characters */
2327         memcpy(list, supported, retsize);
2328         return retsize;
2329 }

/* [<][>][^][v][top][bottom][index][help] */