int acl_get_entry(acl_t acl, int entry_id, acl_entry_t *entry_p) { _ACL_VALIDATE_ACL(acl); if ((entry_id != ACL_FIRST_ENTRY) && (entry_id != ACL_NEXT_ENTRY) && (entry_id != ACL_LAST_ENTRY) && ((entry_id < 0) || (entry_id >= acl->a_entries))) { errno = EINVAL; return(-1); } if (entry_id == ACL_FIRST_ENTRY) entry_id = 0; else if (entry_id == ACL_NEXT_ENTRY) { entry_id = acl->a_last_get + 1; } else if (entry_id == ACL_LAST_ENTRY) entry_id = acl->a_entries - 1; if (entry_id >= acl->a_entries) { errno = EINVAL; return (-1); } *entry_p = &acl->a_ace[entry_id]; acl->a_last_get = entry_id; return(0); }
int acl_create_entry_np(acl_t *acl_p, acl_entry_t *entry_p, int index) { struct _acl *ap = *acl_p; int i; /* validate arguments */ _ACL_VALIDATE_ACL(ap); if (ap->a_entries >= ACL_MAX_ENTRIES) { errno = ENOMEM; return(-1); } if (index == ACL_LAST_ENTRY) index = ap->a_entries; if (index > ap->a_entries) { errno = ERANGE; return(-1); } /* move following entries out of the way */ for (i = ap->a_entries; i > index; i--) ap->a_ace[i] = ap->a_ace[i - 1]; ap->a_entries++; /* initialise new entry */ ap->a_ace[index].ae_magic = _ACL_ENTRY_MAGIC; ap->a_ace[index].ae_tag = ACL_UNDEFINED_TAG; *entry_p = &ap->a_ace[index]; return(0); }
ssize_t acl_size(acl_t acl) { /* special case for _FILESEC_REMOVE_ACL */ if (acl == (acl_t)_FILESEC_REMOVE_ACL) return KAUTH_FILESEC_SIZE(0); _ACL_VALIDATE_ACL(acl); return(KAUTH_FILESEC_SIZE(acl->a_entries)); }
int acl_delete_entry(acl_t acl, acl_entry_t entry) { int i; _ACL_VALIDATE_ACL(acl); _ACL_VALIDATE_ENTRY(entry); _ACL_VALIDATE_ENTRY_CONTAINED(acl, entry); /* copy following entries down & invalidate last slot */ acl->a_entries--; for (i = entry - &acl->a_ace[0]; i < acl->a_entries; i++) acl->a_ace[i] = acl->a_ace[i + 1]; acl->a_ace[acl->a_entries].ae_magic = 0; /* Sync up the iterator's position if necessary */ if (acl->a_last_get >= (entry - &acl->a_ace[0])) acl->a_last_get--; return(0); }