int
acl_get_entry(acl_t acl, int entry_id, acl_entry_t *entry_p)
{
_ACL_VALIDATE_ACL(acl);
if ((entry_id != ACL_FIRST_ENTRY) &&
(entry_id != ACL_NEXT_ENTRY) &&
(entry_id != ACL_LAST_ENTRY) &&
((entry_id < 0) || (entry_id >= acl->a_entries))) {
errno = EINVAL;
return(-1);
}
if (entry_id == ACL_FIRST_ENTRY)
entry_id = 0;
else
if (entry_id == ACL_NEXT_ENTRY) {
entry_id = acl->a_last_get + 1;
}
else
if (entry_id == ACL_LAST_ENTRY)
entry_id = acl->a_entries - 1;
if (entry_id >= acl->a_entries) {
errno = EINVAL;
return (-1);
}
*entry_p = &acl->a_ace[entry_id];
acl->a_last_get = entry_id;
return(0);
}
int
acl_create_entry_np(acl_t *acl_p, acl_entry_t *entry_p, int index)
{
struct _acl *ap = *acl_p;
int i;
/* validate arguments */
_ACL_VALIDATE_ACL(ap);
if (ap->a_entries >= ACL_MAX_ENTRIES) {
errno = ENOMEM;
return(-1);
}
if (index == ACL_LAST_ENTRY)
index = ap->a_entries;
if (index > ap->a_entries) {
errno = ERANGE;
return(-1);
}
/* move following entries out of the way */
for (i = ap->a_entries; i > index; i--)
ap->a_ace[i] = ap->a_ace[i - 1];
ap->a_entries++;
/* initialise new entry */
ap->a_ace[index].ae_magic = _ACL_ENTRY_MAGIC;
ap->a_ace[index].ae_tag = ACL_UNDEFINED_TAG;
*entry_p = &ap->a_ace[index];
return(0);
}
ssize_t
acl_size(acl_t acl)
{
/* special case for _FILESEC_REMOVE_ACL */
if (acl == (acl_t)_FILESEC_REMOVE_ACL)
return KAUTH_FILESEC_SIZE(0);
_ACL_VALIDATE_ACL(acl);
return(KAUTH_FILESEC_SIZE(acl->a_entries));
}
int
acl_delete_entry(acl_t acl, acl_entry_t entry)
{
int i;
_ACL_VALIDATE_ACL(acl);
_ACL_VALIDATE_ENTRY(entry);
_ACL_VALIDATE_ENTRY_CONTAINED(acl, entry);
/* copy following entries down & invalidate last slot */
acl->a_entries--;
for (i = entry - &acl->a_ace[0]; i < acl->a_entries; i++)
acl->a_ace[i] = acl->a_ace[i + 1];
acl->a_ace[acl->a_entries].ae_magic = 0;
/* Sync up the iterator's position if necessary */
if (acl->a_last_get >= (entry - &acl->a_ace[0]))
acl->a_last_get--;
return(0);
}
