static dav_error *check_copy(request_rec *r, const dav_resource *resource,
davacl_dir_cfg *conf,
const dav_hooks_repository *repos)
{
if (r->main == NULL) { /* source */
const dav_prop_name privs[] = { { NS_DAV, "read" } };
return acl_check_req(r, r->filename, resource, conf, ARRAY(privs), 0);
}
else { /* destination */
const dav_prop_name privs[] = {
{ NS_DAV, "write-content" }, /* 0 */
{ NS_DAV, "write-properties" }, /* 1 */
{ NS_DAV, "write" }, /* 2 */
{ NS_DAV, "bind" } }; /* 3 */
if (resource->exists) {
dav_error *err = acl_check_req(r, r->filename,
resource, conf, privs + 2, 1, 0);
if (err == NULL)
return NULL;
else if (acl_check_req(r, r->filename, resource,
conf, privs, 1, 0) == NULL &&
acl_check_req(r, r->filename, resource,
conf, privs + 1, 1, 0) == NULL)
return NULL;
return err;
}
else {
return parent_check(r, resource, conf, repos, privs + 2, 2);
}
}
}
static dav_error *check_mkcol(request_rec *r, const dav_resource *resource,
davacl_dir_cfg *conf,
const dav_hooks_repository *repos)
{
const dav_prop_name privs[] = {
{ NS_DAV, "write" },
{ NS_DAV, "bind" } };
return parent_check(r, resource, conf, repos, ARRAY(privs));
}
static dav_error *check_delete(request_rec *r, const dav_resource *resource,
davacl_dir_cfg *conf,
const dav_hooks_repository *repos)
{
const dav_prop_name privs[] = { { NS_DAV, "write" }, { NS_DAV, "unbind" } };
/* this is more liberal than rfc3744, i.e. the write privilege on a
* resource will allow delete to happen */
if (acl_check_req(r, r->filename, resource, conf, privs, 1, 0) == NULL)
return NULL;
return parent_check(r, resource, conf, repos, privs + 1, 1);
}
int
parent_f(int argc, char **argv)
{
int c;
int listpath_flag = 0;
int check_flag = 0;
fs_path_t *fs;
static int tab_init;
if (!tab_init) {
tab_init = 1;
fs_table_initialise(0, NULL, 0, NULL);
}
fs = fs_table_lookup(file->name, FS_MOUNT_POINT);
if (!fs) {
fprintf(stderr, _("file argument, \"%s\", is not in a mounted XFS filesystem\n"),
file->name);
return 1;
}
mntpt = fs->fs_dir;
verbose_flag = 0;
while ((c = getopt(argc, argv, "cpv")) != EOF) {
switch (c) {
case 'c':
check_flag = 1;
break;
case 'p':
listpath_flag = 1;
break;
case 'v':
verbose_flag++;
break;
default:
return command_usage(&parent_cmd);
}
}
if (!check_flag && !listpath_flag) /* default case */
exitcode = parent_list(listpath_flag);
else {
if (listpath_flag)
exitcode = parent_list(listpath_flag);
if (check_flag)
exitcode = parent_check();
}
return 0;
}
static dav_error *check_lock(request_rec *r, const dav_resource *resource,
davacl_dir_cfg *conf,
const dav_hooks_repository *repos)
{
if (resource->exists) {
const dav_prop_name privs[] = {
{ NS_DAV, "write" },
{ NS_DAV, "write-content" } };
return acl_check_req(r, r->filename, resource, conf, ARRAY(privs), 0);
}
else {
const dav_prop_name privs[] = {
{ NS_DAV, "write" },
{ NS_DAV, "bind" } };
return parent_check(r, resource, conf, repos, ARRAY(privs));
}
}
END_TEST
START_TEST(test_parent_check) {
struct parent_req mreq = {};
mark_point();
mreq.op = PARENT_OPEN;
fail_unless(parent_check(&mreq) == EXIT_SUCCESS,
"PARENT_OPEN check failed");
mark_point();
mreq.op = PARENT_CLOSE;
fail_unless(parent_check(&mreq) == EXIT_SUCCESS,
"PARENT_CLOSE check failed");
#ifdef HAVE_LINUX_ETHTOOL_H
mark_point();
mreq.op = PARENT_ETHTOOL_GSET;
mreq.index = ifindex;
mreq.len = sizeof(struct ethtool_cmd);
fail_unless(parent_check(&mreq) == EXIT_SUCCESS,
"PARENT_ETHTOOL_GSET check failed");
mark_point();
mreq.op = PARENT_ETHTOOL_GDRV;
mreq.index = ifindex;
mreq.len = sizeof(struct ethtool_drvinfo);
fail_unless(parent_check(&mreq) == EXIT_SUCCESS,
"PARENT_ETHTOOL_GDRV check failed");
#endif
#ifdef SIOCSIFDESCR
mark_point();
mreq.op = PARENT_DESCR;
mreq.index = ifindex;
mreq.len = 0;
fail_unless(parent_check(&mreq) == EXIT_SUCCESS,
"PARENT_DESCR check failed");
#endif
#ifndef HAVE_LINUX_ETHTOOL_H
mark_point();
mreq.op = PARENT_ETHTOOL_GSET;
fail_unless(parent_check(&mreq) == EXIT_FAILURE,
"parent_check should fail");
#endif
}
