2 * Copyright (c) 2016 Martin Matuska
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 __FBSDID("$FreeBSD$");
29 * Test converting ACLs to text, both wide and non-wide
31 * This should work on all systems, regardless of whether local
32 * filesystems support ACLs or not.
35 static struct archive_test_acl_t acls0[] = {
36 { ARCHIVE_ENTRY_ACL_TYPE_ACCESS,
37 ARCHIVE_ENTRY_ACL_EXECUTE |
38 ARCHIVE_ENTRY_ACL_READ |
39 ARCHIVE_ENTRY_ACL_WRITE,
40 ARCHIVE_ENTRY_ACL_USER_OBJ, -1, "" },
41 { ARCHIVE_ENTRY_ACL_TYPE_ACCESS,
42 ARCHIVE_ENTRY_ACL_EXECUTE |
43 ARCHIVE_ENTRY_ACL_READ,
44 ARCHIVE_ENTRY_ACL_USER, 100, "user100" },
45 { ARCHIVE_ENTRY_ACL_TYPE_ACCESS, 0,
46 ARCHIVE_ENTRY_ACL_USER, 1000, "user1000" },
47 { ARCHIVE_ENTRY_ACL_TYPE_ACCESS,
48 ARCHIVE_ENTRY_ACL_EXECUTE |
49 ARCHIVE_ENTRY_ACL_READ,
50 ARCHIVE_ENTRY_ACL_GROUP_OBJ, -1, "" },
51 { ARCHIVE_ENTRY_ACL_TYPE_ACCESS,
52 ARCHIVE_ENTRY_ACL_EXECUTE |
53 ARCHIVE_ENTRY_ACL_READ |
54 ARCHIVE_ENTRY_ACL_WRITE,
55 ARCHIVE_ENTRY_ACL_GROUP, 78, "group78" },
56 { ARCHIVE_ENTRY_ACL_TYPE_ACCESS,
57 ARCHIVE_ENTRY_ACL_READ |
58 ARCHIVE_ENTRY_ACL_EXECUTE,
59 ARCHIVE_ENTRY_ACL_OTHER, -1, "" },
60 { ARCHIVE_ENTRY_ACL_TYPE_DEFAULT,
61 ARCHIVE_ENTRY_ACL_EXECUTE |
62 ARCHIVE_ENTRY_ACL_READ,
63 ARCHIVE_ENTRY_ACL_USER_OBJ, -1, "" },
64 { ARCHIVE_ENTRY_ACL_TYPE_DEFAULT,
65 ARCHIVE_ENTRY_ACL_EXECUTE |
66 ARCHIVE_ENTRY_ACL_READ,
67 ARCHIVE_ENTRY_ACL_GROUP_OBJ, -1, "" },
68 { ARCHIVE_ENTRY_ACL_TYPE_DEFAULT, 0,
69 ARCHIVE_ENTRY_ACL_OTHER, -1, "" },
70 { ARCHIVE_ENTRY_ACL_TYPE_DEFAULT,
71 ARCHIVE_ENTRY_ACL_EXECUTE |
72 ARCHIVE_ENTRY_ACL_READ,
73 ARCHIVE_ENTRY_ACL_USER, 101, "user101"},
74 { ARCHIVE_ENTRY_ACL_TYPE_DEFAULT,
75 ARCHIVE_ENTRY_ACL_EXECUTE,
76 ARCHIVE_ENTRY_ACL_GROUP, 79, "group79" },
79 static struct archive_test_acl_t acls1[] = {
80 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW,
81 ARCHIVE_ENTRY_ACL_READ_DATA |
82 ARCHIVE_ENTRY_ACL_WRITE_DATA |
83 ARCHIVE_ENTRY_ACL_APPEND_DATA |
84 ARCHIVE_ENTRY_ACL_READ_ATTRIBUTES |
85 ARCHIVE_ENTRY_ACL_READ_NAMED_ATTRS |
86 ARCHIVE_ENTRY_ACL_READ_ACL |
87 ARCHIVE_ENTRY_ACL_WRITE_OWNER,
88 ARCHIVE_ENTRY_ACL_USER, 77, "user77" },
89 { ARCHIVE_ENTRY_ACL_TYPE_DENY,
90 ARCHIVE_ENTRY_ACL_WRITE_DATA |
91 ARCHIVE_ENTRY_ACL_APPEND_DATA |
92 ARCHIVE_ENTRY_ACL_DELETE_CHILD |
93 ARCHIVE_ENTRY_ACL_DELETE |
94 ARCHIVE_ENTRY_ACL_ENTRY_FILE_INHERIT |
95 ARCHIVE_ENTRY_ACL_ENTRY_DIRECTORY_INHERIT |
96 ARCHIVE_ENTRY_ACL_ENTRY_INHERIT_ONLY |
97 ARCHIVE_ENTRY_ACL_ENTRY_NO_PROPAGATE_INHERIT,
98 ARCHIVE_ENTRY_ACL_USER, 101, "user101" },
99 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW,
100 ARCHIVE_ENTRY_ACL_READ_DATA |
101 ARCHIVE_ENTRY_ACL_READ_ATTRIBUTES |
102 ARCHIVE_ENTRY_ACL_READ_NAMED_ATTRS |
103 ARCHIVE_ENTRY_ACL_READ_ACL |
104 ARCHIVE_ENTRY_ACL_ENTRY_INHERITED,
105 ARCHIVE_ENTRY_ACL_GROUP, 78, "group78" },
106 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW,
107 ARCHIVE_ENTRY_ACL_READ_DATA |
108 ARCHIVE_ENTRY_ACL_WRITE_DATA |
109 ARCHIVE_ENTRY_ACL_EXECUTE |
110 ARCHIVE_ENTRY_ACL_APPEND_DATA |
111 ARCHIVE_ENTRY_ACL_READ_ATTRIBUTES |
112 ARCHIVE_ENTRY_ACL_WRITE_ATTRIBUTES |
113 ARCHIVE_ENTRY_ACL_READ_NAMED_ATTRS |
114 ARCHIVE_ENTRY_ACL_WRITE_NAMED_ATTRS |
115 ARCHIVE_ENTRY_ACL_READ_ACL |
116 ARCHIVE_ENTRY_ACL_WRITE_ACL |
117 ARCHIVE_ENTRY_ACL_WRITE_OWNER,
118 ARCHIVE_ENTRY_ACL_USER_OBJ, 0, "" },
119 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW,
120 ARCHIVE_ENTRY_ACL_READ_DATA |
121 ARCHIVE_ENTRY_ACL_WRITE_DATA |
122 ARCHIVE_ENTRY_ACL_APPEND_DATA |
123 ARCHIVE_ENTRY_ACL_READ_ATTRIBUTES |
124 ARCHIVE_ENTRY_ACL_READ_NAMED_ATTRS |
125 ARCHIVE_ENTRY_ACL_READ_ACL,
126 ARCHIVE_ENTRY_ACL_GROUP_OBJ, 0, "" },
127 { ARCHIVE_ENTRY_ACL_TYPE_ALLOW,
128 ARCHIVE_ENTRY_ACL_READ_DATA |
129 ARCHIVE_ENTRY_ACL_READ_ATTRIBUTES |
130 ARCHIVE_ENTRY_ACL_READ_NAMED_ATTRS |
131 ARCHIVE_ENTRY_ACL_READ_ACL |
132 ARCHIVE_ENTRY_ACL_SYNCHRONIZE,
133 ARCHIVE_ENTRY_ACL_EVERYONE, 0, "" },
136 const char* acltext[] = {
141 "user:user1000:---\n"
142 "group:group78:rwx\n"
143 "default:user::r-x\n"
144 "default:group::r-x\n"
145 "default:other::---\n"
146 "default:user:user101:r-x\n"
147 "default:group:group79:--x",
152 "user:user100:r-x:100\n"
153 "user:user1000:---:1000\n"
154 "group:group78:rwx:78\n"
155 "default:user::r-x\n"
156 "default:group::r-x\n"
157 "default:other::---\n"
158 "default:user:user101:r-x:101\n"
159 "default:group:group79:--x:79",
164 "u:user100:r-x:100\n"
165 "u:user1000:---:1000\n"
170 "d:user:user101:r-x:101\n"
171 "d:group:group79:--x:79",
177 "user:user1000:---\n"
190 "user:user100:r-x:100\n"
191 "user:user1000:---:1000\n"
192 "group:group78:rwx:78",
203 "user:user101:r-x:101\n"
204 "group:group79:--x:79",
206 "default:user::r-x\n"
207 "default:group::r-x\n"
208 "default:other::---\n"
209 "default:user:user101:r-x\n"
210 "default:group:group79:--x",
212 "user:user77:rw-p--a-R-c-o-:-------:allow\n"
213 "user:user101:-w-pdD--------:fdin---:deny\n"
214 "group:group78:r-----a-R-c---:------I:allow\n"
215 "owner@:rwxp--aARWcCo-:-------:allow\n"
216 "group@:rw-p--a-R-c---:-------:allow\n"
217 "everyone@:r-----a-R-c--s:-------:allow",
219 "user:user77:rw-p--a-R-c-o-:-------:allow:77\n"
220 "user:user101:-w-pdD--------:fdin---:deny:101\n"
221 "group:group78:r-----a-R-c---:------I:allow:78\n"
222 "owner@:rwxp--aARWcCo-:-------:allow\n"
223 "group@:rw-p--a-R-c---:-------:allow\n"
224 "everyone@:r-----a-R-c--s:-------:allow"
228 convert_s_to_ws(const char *s)
235 ws = malloc(len * sizeof(wchar_t));
236 assert(mbstowcs(ws, s, len) != (size_t)-1);
243 compare_acl_text(struct archive_entry *ae, int flags, const char *s)
250 ws = convert_s_to_ws(s);
252 text = archive_entry_acl_to_text(ae, &slen, flags);
253 assertEqualString(text, s);
255 assertEqualInt(strlen(text), slen);
256 wtext = archive_entry_acl_to_text_w(ae, &slen, flags);
257 assertEqualWString(wtext, ws);
259 assertEqualInt(wcslen(wtext), slen);
266 DEFINE_TEST(test_acl_from_text)
268 struct archive_entry *ae;
271 /* Create an empty archive_entry. */
272 assert((ae = archive_entry_new()) != NULL);
274 /* 1a. Read POSIX.1e access ACLs from text */
275 assertEqualInt(ARCHIVE_OK,
276 archive_entry_acl_from_text(ae, acltext[5],
277 ARCHIVE_ENTRY_ACL_TYPE_ACCESS));
278 archive_test_compare_acls(ae, acls0, sizeof(acls0)/sizeof(acls0[0]),
279 ARCHIVE_ENTRY_ACL_TYPE_ACCESS, 0755);
280 assertEqualInt(6, archive_entry_acl_reset(ae,
281 ARCHIVE_ENTRY_ACL_TYPE_ACCESS));
283 /* 1b. Now read POSIX.1e default ACLs and append them */
284 assertEqualInt(ARCHIVE_OK,
285 archive_entry_acl_from_text(ae, acltext[7],
286 ARCHIVE_ENTRY_ACL_TYPE_DEFAULT));
287 archive_test_compare_acls(ae, acls0, sizeof(acls0)/sizeof(acls0[0]),
288 ARCHIVE_ENTRY_ACL_TYPE_POSIX1E, 0755);
289 assertEqualInt(11, archive_entry_acl_reset(ae,
290 ARCHIVE_ENTRY_ACL_TYPE_POSIX1E));
291 archive_entry_acl_clear(ae);
293 /* 1a and 1b with wide strings */
294 ws = convert_s_to_ws(acltext[5]);
296 assertEqualInt(ARCHIVE_OK,
297 archive_entry_acl_from_text_w(ae, ws,
298 ARCHIVE_ENTRY_ACL_TYPE_ACCESS));
299 archive_test_compare_acls(ae, acls0, sizeof(acls0)/sizeof(acls0[0]),
300 ARCHIVE_ENTRY_ACL_TYPE_ACCESS, 0755);
301 assertEqualInt(6, archive_entry_acl_reset(ae,
302 ARCHIVE_ENTRY_ACL_TYPE_ACCESS));
305 ws = convert_s_to_ws(acltext[7]);
307 assertEqualInt(ARCHIVE_OK,
308 archive_entry_acl_from_text_w(ae, ws,
309 ARCHIVE_ENTRY_ACL_TYPE_DEFAULT));
310 archive_test_compare_acls(ae, acls0, sizeof(acls0)/sizeof(acls0[0]),
311 ARCHIVE_ENTRY_ACL_TYPE_POSIX1E, 0755);
312 assertEqualInt(11, archive_entry_acl_reset(ae,
313 ARCHIVE_ENTRY_ACL_TYPE_POSIX1E));
314 archive_entry_acl_clear(ae);
316 /* 2. Read POSIX.1e default ACLs from text */
317 assertEqualInt(ARCHIVE_OK,
318 archive_entry_acl_from_text(ae, acltext[7],
319 ARCHIVE_ENTRY_ACL_TYPE_DEFAULT));
320 archive_test_compare_acls(ae, acls0, sizeof(acls0)/sizeof(acls0[0]),
321 ARCHIVE_ENTRY_ACL_TYPE_DEFAULT, 0);
322 assertEqualInt(5, archive_entry_acl_reset(ae,
323 ARCHIVE_ENTRY_ACL_TYPE_DEFAULT));
324 archive_entry_acl_clear(ae);
326 /* ws is still acltext[7] */
327 assertEqualInt(ARCHIVE_OK,
328 archive_entry_acl_from_text_w(ae, ws,
329 ARCHIVE_ENTRY_ACL_TYPE_DEFAULT));
330 archive_test_compare_acls(ae, acls0, sizeof(acls0)/sizeof(acls0[0]),
331 ARCHIVE_ENTRY_ACL_TYPE_DEFAULT, 0);
332 assertEqualInt(5, archive_entry_acl_reset(ae,
333 ARCHIVE_ENTRY_ACL_TYPE_DEFAULT));
334 archive_entry_acl_clear(ae);
336 /* 3. Read POSIX.1e access and default ACLs from text */
337 assertEqualInt(ARCHIVE_OK,
338 archive_entry_acl_from_text(ae, acltext[1],
339 ARCHIVE_ENTRY_ACL_TYPE_POSIX1E));
340 archive_test_compare_acls(ae, acls0, sizeof(acls0)/sizeof(acls0[0]),
341 ARCHIVE_ENTRY_ACL_TYPE_POSIX1E, 0755);
342 assertEqualInt(11, archive_entry_acl_reset(ae,
343 ARCHIVE_ENTRY_ACL_TYPE_POSIX1E));
344 archive_entry_acl_clear(ae);
347 ws = convert_s_to_ws(acltext[1]);
348 assertEqualInt(ARCHIVE_OK,
349 archive_entry_acl_from_text_w(ae, ws,
350 ARCHIVE_ENTRY_ACL_TYPE_POSIX1E));
351 archive_test_compare_acls(ae, acls0, sizeof(acls0)/sizeof(acls0[0]),
352 ARCHIVE_ENTRY_ACL_TYPE_POSIX1E, 0755);
353 assertEqualInt(11, archive_entry_acl_reset(ae,
354 ARCHIVE_ENTRY_ACL_TYPE_POSIX1E));
355 archive_entry_acl_clear(ae);
357 /* 4. Read POSIX.1e access and default ACLs from text (short form) */
358 assertEqualInt(ARCHIVE_OK,
359 archive_entry_acl_from_text(ae, acltext[2],
360 ARCHIVE_ENTRY_ACL_TYPE_POSIX1E));
361 archive_test_compare_acls(ae, acls0, sizeof(acls0)/sizeof(acls0[0]),
362 ARCHIVE_ENTRY_ACL_TYPE_POSIX1E, 0755);
363 assertEqualInt(11, archive_entry_acl_reset(ae,
364 ARCHIVE_ENTRY_ACL_TYPE_POSIX1E));
365 archive_entry_acl_clear(ae);
368 ws = convert_s_to_ws(acltext[2]);
369 assertEqualInt(ARCHIVE_OK,
370 archive_entry_acl_from_text_w(ae, ws,
371 ARCHIVE_ENTRY_ACL_TYPE_POSIX1E));
372 archive_test_compare_acls(ae, acls0, sizeof(acls0)/sizeof(acls0[0]),
373 ARCHIVE_ENTRY_ACL_TYPE_POSIX1E, 0755);
374 assertEqualInt(11, archive_entry_acl_reset(ae,
375 ARCHIVE_ENTRY_ACL_TYPE_POSIX1E));
376 archive_entry_acl_clear(ae);
378 /* 5. Read NFSv4 ACLs from text */
379 assertEqualInt(ARCHIVE_OK,
380 archive_entry_acl_from_text(ae, acltext[10],
381 ARCHIVE_ENTRY_ACL_TYPE_NFS4));
382 archive_test_compare_acls(ae, acls1, sizeof(acls1)/sizeof(acls1[0]),
383 ARCHIVE_ENTRY_ACL_TYPE_NFS4, 0);
384 assertEqualInt(6, archive_entry_acl_reset(ae,
385 ARCHIVE_ENTRY_ACL_TYPE_NFS4));
386 archive_entry_acl_clear(ae);
389 ws = convert_s_to_ws(acltext[10]);
391 assertEqualInt(ARCHIVE_OK,
392 archive_entry_acl_from_text_w(ae, ws,
393 ARCHIVE_ENTRY_ACL_TYPE_NFS4));
394 archive_test_compare_acls(ae, acls1, sizeof(acls1)/sizeof(acls1[0]),
395 ARCHIVE_ENTRY_ACL_TYPE_NFS4, 0);
396 assertEqualInt(6, archive_entry_acl_reset(ae,
397 ARCHIVE_ENTRY_ACL_TYPE_NFS4));
398 archive_entry_acl_clear(ae);
401 archive_entry_free(ae);
404 DEFINE_TEST(test_acl_to_text)
406 struct archive_entry *ae;
408 /* Create an empty archive_entry. */
409 assert((ae = archive_entry_new()) != NULL);
411 /* Write POSIX.1e ACLs */
412 archive_test_set_acls(ae, acls0, sizeof(acls0)/sizeof(acls0[0]));
414 /* No flags should give output like getfacl(1) on linux */
415 compare_acl_text(ae, 0, acltext[0]);
417 /* This should give the same output as previous test */
418 compare_acl_text(ae, ARCHIVE_ENTRY_ACL_TYPE_ACCESS |
419 ARCHIVE_ENTRY_ACL_TYPE_DEFAULT, acltext[0]);
421 /* This should give the same output as previous two tests */
422 compare_acl_text(ae, ARCHIVE_ENTRY_ACL_TYPE_ACCESS |
423 ARCHIVE_ENTRY_ACL_TYPE_DEFAULT |
424 ARCHIVE_ENTRY_ACL_STYLE_MARK_DEFAULT, acltext[0]);
426 /* POSIX.1e access and default ACLs with appended ID */
427 compare_acl_text(ae, ARCHIVE_ENTRY_ACL_STYLE_EXTRA_ID, acltext[1]);
429 /* POSIX.1e access acls only, like getfacl(1) on FreeBSD */
430 compare_acl_text(ae, ARCHIVE_ENTRY_ACL_TYPE_ACCESS, acltext[3]);
432 /* POSIX.1e access acls separated with comma */
433 compare_acl_text(ae, ARCHIVE_ENTRY_ACL_TYPE_ACCESS |
434 ARCHIVE_ENTRY_ACL_STYLE_SEPARATOR_COMMA,
437 /* POSIX.1e access acls with appended user or group ID */
438 compare_acl_text(ae, ARCHIVE_ENTRY_ACL_TYPE_ACCESS |
439 ARCHIVE_ENTRY_ACL_STYLE_EXTRA_ID, acltext[5]);
441 /* POSIX.1e default acls */
442 compare_acl_text(ae, ARCHIVE_ENTRY_ACL_TYPE_DEFAULT, acltext[6]);
444 /* POSIX.1e default acls with appended user or group ID */
445 compare_acl_text(ae, ARCHIVE_ENTRY_ACL_TYPE_DEFAULT |
446 ARCHIVE_ENTRY_ACL_STYLE_EXTRA_ID, acltext[7]);
448 /* POSIX.1e default acls prefixed with default: */
449 compare_acl_text(ae, ARCHIVE_ENTRY_ACL_TYPE_DEFAULT |
450 ARCHIVE_ENTRY_ACL_STYLE_MARK_DEFAULT, acltext[8]);
452 /* Write NFSv4 ACLs */
453 archive_test_set_acls(ae, acls1, sizeof(acls1)/sizeof(acls1[0]));
455 /* NFSv4 ACLs like getfacl(1) on FreeBSD */
456 compare_acl_text(ae, 0, acltext[9]);
458 /* NFSv4 ACLs like "getfacl -i" on FreeBSD */
459 compare_acl_text(ae, ARCHIVE_ENTRY_ACL_STYLE_EXTRA_ID, acltext[10]);
461 archive_entry_free(ae);