2
* $Id: volume.c,v 1.51.2.7.2.33.2.15 2008/11/25 15:16:33 didg Exp $
2
* $Id: volume.c,v 1.51.2.7.2.33.2.24 2009/03/26 11:53:32 franklahm Exp $
4
4
* Copyright (c) 1990,1993 Regents of The University of Michigan.
5
5
* All Rights Reserved. See COPYRIGHT.
115
115
#define VOLOPT_FORCEUID 19 /* force uid for username x */
116
116
#define VOLOPT_FORCEGID 20 /* force gid for group x */
117
#endif /* FORCE_UIDGID */
117
119
#define VOLOPT_UMASK 21
118
#define VOLOPT_DFLTPERM 22
120
#define VOLOPT_UMASK 19
121
#define VOLOPT_DFLTPERM 20
122
#endif /* FORCE_UIDGID */
120
#define VOLOPT_ALLOWED_HOSTS 22
121
#define VOLOPT_DENIED_HOSTS 23
122
#define VOLOPT_DPERM 24 /* dperm default directories perms */
123
#define VOLOPT_FPERM 25 /* fperm default files perms */
124
#define VOLOPT_DFLTPERM 26 /* perm */
124
126
#define VOLOPT_MAX (VOLOPT_DFLTPERM +1)
171
173
* maybe because it will be mounted later in preexec */
172
174
{AFPVOL_UNIX_PRIV, "UNIXPRIV"}, /* support unix privileges */
173
175
{AFPVOL_NODEV, "NODEV"}, /* always use 0 for device number in cnid calls */
176
{AFPVOL_EILSEQ, "ILLEGALSEQ"}, /* encode illegal sequence */
174
177
{AFPVOL_CACHE, "CACHEID"}, /* Use adouble v2 CNID caching, default don't use it */
473
476
options[VOLOPT_FLAGS].i_value |= AFPVOL_UNIX_PRIV;
474
477
else if (strcasecmp(p, "nodev") == 0)
475
478
options[VOLOPT_FLAGS].i_value |= AFPVOL_NODEV;
479
else if (strcasecmp(p, "illegalseq") == 0)
480
options[VOLOPT_FLAGS].i_value |= AFPVOL_EILSEQ;
476
481
else if (strcasecmp(p, "cachecnid") == 0)
477
482
options[VOLOPT_FLAGS].i_value |= AFPVOL_CACHE;
485
490
} else if (optionok(tmp, "umask:", val)) {
486
491
options[VOLOPT_UMASK].i_value = (int)strtol(val +1, NULL, 8);
492
} else if (optionok(tmp, "dperm:", val)) {
493
options[VOLOPT_DPERM].i_value = (int)strtol(val+1, NULL, 8);
494
} else if (optionok(tmp, "fperm:", val)) {
495
options[VOLOPT_FPERM].i_value = (int)strtol(val+1, NULL, 8);
487
496
} else if (optionok(tmp, "perm:", val)) {
488
497
options[VOLOPT_DFLTPERM].i_value = (int)strtol(val+1, NULL, 8);
489
498
} else if (optionok(tmp, "mapchars:",val)) {
513
522
} else if (optionok(tmp, "postexec:", val)) {
514
523
setoption(options, save, VOLOPT_POSTEXEC, val);
525
} else if (optionok(tmp, "allowed_hosts:", val)) {
526
setoption(options, save, VOLOPT_ALLOWED_HOSTS, val);
528
} else if (optionok(tmp, "denied_hosts:", val)) {
529
setoption(options, save, VOLOPT_DENIED_HOSTS, val);
517
532
/* ignore unknown options */
518
533
LOG(log_debug, logtype_afpd, "ignoring unknown volume option: %s", tmp);
535
550
/* -----------------
536
551
* FIXME should be define elsewhere
553
static int netatalk_name(const char *name)
555
return strcasecmp(name,".AppleDB") &&
556
strcasecmp(name,".AppleDouble") &&
557
strcasecmp(name,".AppleDesktop");
538
560
static int validupath_adouble(const struct vol *vol, const char *name)
540
562
return (vol->v_flags & AFPVOL_USEDOTS) ?
541
strcasecmp(name,".AppleDB") &&
542
strcasecmp(name,".AppleDouble") &&
543
strcasecmp(name,".AppleDesktop") &&
544
strcasecmp(name,".Parent")
563
netatalk_name(name) && strcasecmp(name,".Parent"): name[0] != '.';
548
566
/* ----------------- */
549
567
static int validupath_osx(const struct vol *vol _U_, const char *name)
551
return strncasecmp(name,".Apple", 6) && strncasecmp(name,"._", 2);
569
return strncmp(name,"._", 2) && (
570
(vol->v_flags & AFPVOL_USEDOTS) ? netatalk_name(name): name[0] != '.');
554
573
/* ---------------- */
672
691
if (options[VOLOPT_UMASK].i_value)
673
692
volume->v_umask = (mode_t)options[VOLOPT_UMASK].i_value;
694
if (options[VOLOPT_DPERM].i_value)
695
volume->v_dperm = (mode_t)options[VOLOPT_DPERM].i_value;
697
if (options[VOLOPT_FPERM].i_value)
698
volume->v_fperm = (mode_t)options[VOLOPT_FPERM].i_value;
675
700
if (options[VOLOPT_DFLTPERM].i_value)
676
701
volume->v_perm = (mode_t)options[VOLOPT_DFLTPERM].i_value;
708
733
volume->v_root_postexec = volxlate(obj, NULL, MAXPATHLEN, options[VOLOPT_ROOTPOSTEXEC].c_value, pwd, path, name);
736
volume->v_dperm |= volume->v_perm;
737
volume->v_fperm |= volume->v_perm;
712
739
initvoladouble(volume);
713
740
volume->v_next = Volumes;
827
static int hostaccessvol(type, volname, args, obj)
833
char buf[MAXPATHLEN + 1], *p, *b;
834
DSI *dsi = obj->handle;
839
strlcpy(buf, args, sizeof(buf));
840
if ((p = strtok_r(buf, ",", &b)) == NULL) /* nothing, return okay */
844
if (obj->proto == AFPPROTO_DSI) {
845
struct in_addr mask, net;
846
char *net_char, *mask_char;
849
net_char = strtok(p, "/");
850
mask_char = strtok(NULL,"/");
851
if (mask_char == NULL) {
854
mask_int = atoi(mask_char);
857
// convert the integer netmask to a bitmask in network order
858
mask.s_addr = htonl(-1 - ((1 << (32 - mask_int)) - 1));
859
net.s_addr = inet_addr(net_char) & mask.s_addr;
861
if ((dsi->client.sin_addr.s_addr & mask.s_addr) == net.s_addr) {
862
if (type == VOLOPT_DENIED_HOSTS)
863
LOG(log_info, logtype_afpd, "AFP access denied for client IP '%s' to volume '%s' by denied list",
864
inet_ntoa(dsi->client.sin_addr), volname);
868
p = strtok_r(NULL, ",", &b);
870
if (type == VOLOPT_ALLOWED_HOSTS)
871
LOG(log_info, logtype_afpd, "AFP access denied for client IP '%s' to volume '%s', not in allowed list",
872
inet_ntoa(dsi->client.sin_addr), volname);
795
876
static void setextmap( ext, type, creator, user)
796
877
char *ext, *type, *creator;
1047
1128
allow -> either no list (-1), or in list (1)
1048
1129
deny -> either no list (-1), or not in list (0) */
1049
1130
if (accessvol(options[VOLOPT_ALLOW].c_value, obj->username) &&
1050
(accessvol(options[VOLOPT_DENY].c_value, obj->username) < 1)) {
1131
(accessvol(options[VOLOPT_DENY].c_value, obj->username) < 1) &&
1132
hostaccessvol(VOLOPT_ALLOWED_HOSTS, volname, options[VOLOPT_ALLOWED_HOSTS].c_value, obj) &&
1133
(hostaccessvol(VOLOPT_DENIED_HOSTS, volname, options[VOLOPT_DENIED_HOSTS].c_value, obj) < 1)) {
1052
1135
/* handle read-only behaviour. semantics:
1053
1136
* 1) neither the rolist nor the rwlist exist -> rw
2318
2401
LOG(log_debug, logtype_afpd,"Error writing .volinfo file: buffer too small, %s", buf);
2321
if (write( fd, buf, strlen(buf)) < 0) {
2404
if (write( fd, buf, strlen(buf)) < 0 || ftruncate(fd, strlen(buf)) < 0 ) {
2322
2405
LOG(log_debug, logtype_afpd,"Error writing .volinfo file: %s", strerror(errno));
2325
ftruncate(fd, strlen(buf));
2328
2408
lock.l_type = F_UNLCK;
2329
2409
fcntl(fd, F_SETLK, &lock);