After applying this patch, run these commands for a successful build:
- autoconf
- autoheader
- ./configure --with-acl-support
- make proto
+ ./prepare-source
+ ./configure --enable-acl-support
make
The program currently complains when the --acls (-A) option is used to copy
notice that no ACLs are available to copy. Of course, trying to write out
ACLs to a non-ACL-supporting disk should complain.
---- orig/Makefile.in 2004-08-13 07:18:58
-+++ Makefile.in 2004-07-03 20:11:58
-@@ -25,7 +25,7 @@ VERSION=@VERSION@
+--- old/Makefile.in
++++ new/Makefile.in
+@@ -25,15 +25,15 @@ VERSION=@VERSION@
.SUFFIXES:
.SUFFIXES: .c .o
-HEADERS=byteorder.h config.h errcode.h proto.h rsync.h lib/pool_alloc.h
+HEADERS=byteorder.h config.h errcode.h proto.h rsync.h smb_acls.h lib/pool_alloc.h
LIBOBJ=lib/wildmatch.o lib/compat.o lib/snprintf.o lib/mdfour.o \
- lib/permstring.o lib/pool_alloc.o @LIBOBJS@
- ZLIBOBJ=zlib/deflate.o zlib/infblock.o zlib/infcodes.o zlib/inffast.o \
-@@ -34,7 +34,7 @@ ZLIBOBJ=zlib/deflate.o zlib/infblock.o z
+- lib/permstring.o lib/pool_alloc.o @LIBOBJS@
++ lib/permstring.o lib/pool_alloc.o lib/sysacls.o @LIBOBJS@
+ ZLIBOBJ=zlib/deflate.o zlib/inffast.o zlib/inflate.o zlib/inftrees.o \
+ zlib/trees.o zlib/zutil.o zlib/adler32.o zlib/compress.o zlib/crc32.o
OBJS1=rsync.o generator.o receiver.o cleanup.o sender.o exclude.o util.o \
main.o checksum.o match.o syscall.o log.o backup.o
OBJS2=options.o flist.o io.o compat.o hlink.o token.o uidlist.o socket.o \
-- fileio.o batch.o clientname.o
-+ fileio.o batch.o clientname.o sysacls.o acls.o
+- fileio.o batch.o clientname.o chmod.o
++ fileio.o batch.o clientname.o chmod.o acls.o
OBJS3=progress.o pipe.o
DAEMON_OBJ = params.o loadparm.o clientserver.o access.o connection.o authenticate.o
popt_OBJS=popt/findme.o popt/popt.o popt/poptconfig.o \
---- orig/acls.c 2004-09-08 06:09:30
-+++ acls.c 2004-09-08 06:09:30
-@@ -0,0 +1,1144 @@
+--- old/acls.c
++++ new/acls.c
+@@ -0,0 +1,1202 @@
+/* -*- c-file-style: "linux" -*-
+ Copyright (C) Andrew Tridgell 1996
+ Copyright (C) Paul Mackerras 1996
+/* handle passing ACLs between systems */
+
+#include "rsync.h"
++#include "lib/sysacls.h"
+
-+#if SUPPORT_ACLS
++#ifdef SUPPORT_ACLS
+
+extern int preserve_acls;
+extern int am_root;
+extern int dry_run;
++extern int orig_umask;
+
+typedef struct {
+ id_t id;
+
+static void expand_rsync_acl(rsync_acl *racl)
+{
-+ /* first time through, 0 <= 0, so list is expanded:
-+ * diabolical, rsync guys! */
++ /* First time through, 0 <= 0, so list is expanded.
++ * (Diabolical, rsync guys!) */
+ if (racl->malloced <= racl->count) {
-+ void *new_ptr;
-+ size_t new_size;
-+ racl->malloced += 10;
-+ new_size = racl->malloced * sizeof racl->races[0];
-+ if (racl->races)
-+ new_ptr = realloc(racl->races, new_size);
-+ else
-+ new_ptr = malloc(new_size);
++ rsync_ace *new_ptr;
++ size_t new_size = racl->malloced + 10;
++ new_ptr = realloc_array(racl->races, rsync_ace, new_size);
+ if (verbose >= 4) {
+ rprintf(FINFO, "expand rsync_acl to %.0f bytes, did%s move\n",
-+ (double) new_size,
++ (double) new_size * sizeof racl->races[0],
+ racl->races ? "" : " not");
+ }
+
-+ racl->races = (rsync_ace *) new_ptr;
++ racl->races = new_ptr;
++ racl->malloced = new_size;
+
+ if (!racl->races)
+ out_of_memory("expand_rsync_acl");
+
+static void expand_rsync_acl_list(rsync_acl_list *racl_list)
+{
-+ /* first time through, 0 <= 0, so list is expanded:
-+ * diabolical, rsync guys! */
++ /* First time through, 0 <= 0, so list is expanded.
++ * (Diabolical, rsync guys!) */
+ if (racl_list->malloced <= racl_list->count) {
-+ void *new_ptr;
++ rsync_acl *new_ptr;
+ size_t new_size;
+ if (racl_list->malloced < 1000)
-+ racl_list->malloced += 1000;
++ new_size = racl_list->malloced + 1000;
+ else
-+ racl_list->malloced *= 2;
-+ new_size = racl_list->malloced * sizeof racl_list->racls[0];
-+ if (racl_list->racls)
-+ new_ptr = realloc(racl_list->racls, new_size);
-+ else
-+ new_ptr = malloc(new_size);
++ new_size = racl_list->malloced * 2;
++ new_ptr = realloc_array(racl_list->racls, rsync_acl, new_size);
+ if (verbose >= 3) {
+ rprintf(FINFO, "expand_rsync_acl_list to %.0f bytes, did%s move\n",
-+ (double) new_size,
++ (double) new_size * sizeof racl_list->racls[0],
+ racl_list->racls ? "" : " not");
+ }
+
-+ racl_list->racls = (rsync_acl *) new_ptr;
++ racl_list->racls = new_ptr;
++ racl_list->malloced = new_size;
+
+ if (!racl_list->racls)
+ out_of_memory("expand_rsync_acl_list");
+#if 0
+static void free_rsync_acl_list(rsync_acl_list *racl_list)
+{
-+ /* run this in reverse, so references are freed before referents, */
-+ /* although not currently necessary */
++ /* Run this in reverse, so references are freed before referents,
++ * although not currently necessary. */
+ while (racl_list->count--) {
+ rsync_acl *racl = &racl_list->racls[racl_list->count];
+ if (racl)
+ int *match = (type == SMB_ACL_TYPE_ACCESS) ?
+ &access_match : &default_match;
+ size_t count = racl_list->count;
-+ /* if this is the first time through or we didn't match the last
++ /* If this is the first time through or we didn't match the last
+ * time, then start at the end of the list, which should be the
-+ * best place to start hunting */
++ * best place to start hunting. */
+ if (*match == -1)
+ *match = racl_list->count - 1;
+ while (count--) {
+ return *match;
+}
+
-+/* the general strategy with the tag_type <-> character mapping is that
++/* The general strategy with the tag_type <-> character mapping is that
+ * lowercase implies that no qualifier follows, where uppercase does.
-+ * same sorta thing for the acl type (access or default) itself, but
++ * A similar idiom for the acl type (access or default) itself, but
+ * lowercase in this instance means there's no ACL following, so the
+ * ACL is a repeat, so the receiver should reuse the last of the same
-+ * type ACL */
++ * type ACL. */
+
+static void send_rsync_acl(int f, const rsync_acl *racl)
+{
+ write_byte(f, race->access);
+ if (isupper((int)ch)) {
+ write_int(f, race->id);
-+ /* FIXME: sorta wasteful. we should maybe buffer as
++ /* FIXME: sorta wasteful: we should maybe buffer as
+ * many ids as max(ACL_USER + ACL_GROUP) objects to
-+ * keep from making so many calls */
++ * keep from making so many calls. */
+ if (ch == 'U')
+ add_uid(race->id);
+ else
+ "unknown SMB_ACL_TYPE_T";
+}
+
-+/* generate the ACL(s) for this flist entry;
-+ * ACL(s) are either sent or cleaned-up by send_acl() below */
++/* Generate the ACL(s) for this flist entry;
++ * ACL(s) are either sent or cleaned-up by send_acl() below. */
+
-+BOOL make_acl(const struct file_struct *file, const char *fname)
++int make_acl(const struct file_struct *file, const char *fname)
+{
+ SMB_ACL_TYPE_T *type,
+ types[] = {SMB_ACL_TYPE_ACCESS, SMB_ACL_TYPE_DEFAULT};
+ rsync_acl *curr_racl;
+ if (!preserve_acls || S_ISLNK(file->mode))
-+ return True;
++ return 1;
+ for (type = &types[0], curr_racl = &_curr_rsync_acls[0];
+ type < &types[0] + sizeof types / sizeof types[0]
+ && (*type == SMB_ACL_TYPE_ACCESS || S_ISDIR(file->mode));
+ if (!(sacl = sys_acl_get_file(fname, *type))) {
+ rprintf(FERROR, "send_acl: sys_acl_get_file(%s, %s): %s\n",
+ fname, str_acl_type(*type), strerror(errno));
-+ return False;
++ return -1;
+ }
+ ok = unpack_smb_acl(curr_racl, sacl);
+ sys_acl_free_acl(sacl);
+ if (!ok)
-+ return False;
++ return -1;
+ }
-+ return True;
++ return 0;
+}
+
-+/* send the make_acl()-generated ACLs for this flist entry,
-+ * or clean up after an flist entry that's not being sent (f == -1) */
++/* Send the make_acl()-generated ACLs for this flist entry,
++ * or clean up after an flist entry that's not being sent (f == -1). */
+
+void send_acl(const struct file_struct *file, int f)
+{
+ }
+}
+
-+/* the below stuff is only used by the receiver */
++/* The below stuff is only used by the receiver: */
+
+/* structure to hold index to rsync_acl_list member corresponding to
+ * flist->files[i] */
+
+static void expand_file_acl_index_list(file_acl_index_list *fileaclidx_list)
+{
-+ /* first time through, 0 <= 0, so list is expanded:
-+ * diabolical, rsync guys! */
++ /* First time through, 0 <= 0, so list is expanded.
++ * (Diabolical, rsync guys!) */
+ if (fileaclidx_list->malloced <= fileaclidx_list->count) {
-+ void *new_ptr;
++ file_acl_index *new_ptr;
+ size_t new_size;
+ if (fileaclidx_list->malloced < 1000)
-+ fileaclidx_list->malloced += 1000;
-+ else
-+ fileaclidx_list->malloced *= 2;
-+ new_size = fileaclidx_list->malloced
-+ * sizeof fileaclidx_list->fileaclidxs[0];
-+ if (fileaclidx_list->fileaclidxs)
-+ new_ptr = realloc(fileaclidx_list->fileaclidxs, new_size);
++ new_size = fileaclidx_list->malloced + 1000;
+ else
-+ new_ptr = malloc(new_size);
++ new_size = fileaclidx_list->malloced * 2;
++ new_ptr = realloc_array(fileaclidx_list->fileaclidxs, file_acl_index, new_size);
+ if (verbose >= 3) {
+ rprintf(FINFO, "expand_file_acl_index_list to %.0f bytes, did%s move\n",
-+ (double) new_size,
++ (double) new_size * sizeof fileaclidx_list->fileaclidxs[0],
+ fileaclidx_list->fileaclidxs ? "" : " not");
+ }
+
-+ fileaclidx_list->fileaclidxs = (file_acl_index *) new_ptr;
++ fileaclidx_list->fileaclidxs = new_ptr;
++ fileaclidx_list->malloced = new_size;
+
+ if (!fileaclidx_list->fileaclidxs)
+ out_of_memory("expand_file_acl_index_list");
+
+static void expand_smb_acl_list(smb_acl_list *sacl_list)
+{
-+ /* first time through, 0 <= 0, so list is expanded:
-+ * diabolical, rsync guys! */
++ /* First time through, 0 <= 0, so list is expanded.
++ * (Diabolical, rsync guys!) */
+ if (sacl_list->malloced <= sacl_list->count) {
-+ void *new_ptr;
++ SMB_ACL_T *new_ptr;
+ size_t new_size;
+ if (sacl_list->malloced < 1000)
-+ sacl_list->malloced += 1000;
++ new_size = sacl_list->malloced + 1000;
+ else
-+ sacl_list->malloced *= 2;
-+ new_size = sacl_list->malloced
-+ * sizeof sacl_list->sacls[0];
-+ if (sacl_list->sacls)
-+ new_ptr = realloc(sacl_list->sacls, new_size);
-+ else
-+ new_ptr = malloc(new_size);
++ new_size = sacl_list->malloced * 2;
++ new_ptr = realloc_array(sacl_list->sacls, SMB_ACL_T, new_size);
+ if (verbose >= 3) {
+ rprintf(FINFO, "expand_smb_acl_list to %.0f bytes, did%s move\n",
-+ (double) new_size,
++ (double) new_size * sizeof sacl_list->sacls[0],
+ sacl_list->sacls ? "" : " not");
+ }
+
-+ sacl_list->sacls = (SMB_ACL_T *) new_ptr;
++ sacl_list->sacls = new_ptr;
++ sacl_list->malloced = new_size;
+
+ if (!sacl_list->sacls)
+ out_of_memory("expand_smb_acl_list");
+ char *fname;
+ if (!preserve_acls || S_ISLNK(file->mode))
+ return;
-+ fname = f_name(file);
++ fname = f_name(file, NULL);
+ for (type = &types[0];
+ type < &types[0] + sizeof types / sizeof types[0]
+ && (*type == SMB_ACL_TYPE_ACCESS || S_ISDIR(file->mode));
+ types[] = {SMB_ACL_TYPE_ACCESS, SMB_ACL_TYPE_DEFAULT};
+ int ret = 0;
+ if (!preserve_acls)
-+ return 0;
++ return 1;
+ for (type = &types[0];
+ type < &types[0] + sizeof types / sizeof types[0]
+ && (*type == SMB_ACL_TYPE_ACCESS || S_ISDIR(mode));
+ return ret;
+}
+
-+/* stuff for redirecting calls to set_acl() from set_perms()
-+ * for keep_backup() */
++/* Stuff for redirecting calls to set_acl() from set_file_attrs()
++ * for keep_backup(). */
+static const struct file_struct *backup_orig_file = NULL;
+static const char null_string[] = "";
+static const char *backup_orig_fname = null_string;
+ }
+ return ret;
+ }
-+ return 0;
++ return 1;
+}
+
+void cleanup_keep_backup_acl()
+ SMB_ACL_TYPE_T *type,
+ types[] = {SMB_ACL_TYPE_ACCESS, SMB_ACL_TYPE_DEFAULT};
+ if (dry_run || !preserve_acls || S_ISLNK(file->mode))
-+ return 0;
++ return 1;
+ if (file == backup_orig_file) {
+ if (!strcmp(fname, backup_dest_fname))
+ return set_keep_backup_acl();
+ return updated;
+}
+
-+/* enumeration functions for uid mapping */
++/* Enumeration functions for uid mapping: */
+
-+/* context -- one and only one. should be cycled through once on uid mapping
-+ * and once on gid mapping */
++/* Context -- one and only one. Should be cycled through once on uid
++ * mapping and once on gid mapping. */
+static rsync_acl_list *_enum_racl_lists[] = {
+ &_rsync_acl_lists[0], &_rsync_acl_lists[1], NULL
+};
+static size_t enum_racl_index = 0;
+static size_t enum_race_index = 0;
+
-+/* this returns the next tag_type id from the given acl for the next entry,
-+ * or it returns 0 if there are no more tag_type ids in the acl */
++/* This returns the next tag_type id from the given acl for the next entry,
++ * or it returns 0 if there are no more tag_type ids in the acl. */
+
+static id_t next_ace_id(SMB_ACL_TAG_T tag_type, const rsync_acl *racl)
+{
+ set_acl_id(gid);
+}
+
++#define PERMS_SPLICE(perms,newbits,where) (((perms) & ~(7 << (where))) | ((newbits) << (where)))
++
++int default_perms_for_dir(const char *dir)
++{
++ rsync_acl racl;
++ SMB_ACL_T sacl;
++ BOOL ok, saw_mask = False;
++ size_t i;
++ int perms;
++
++ if (dir == NULL)
++ dir = ".";
++ perms = ACCESSPERMS & ~orig_umask;
++ /* Read the directory's default ACL. If it has none, this will successfully return an empty ACL. */
++ sacl = sys_acl_get_file(dir, SMB_ACL_TYPE_DEFAULT);
++ if (sacl == NULL) {
++ /* Couldn't get an ACL. Darn. */
++ switch (errno) {
++ case ENOTSUP:
++ /* ACLs are disabled. We could yell at the user to turn them on, but... */
++ break;
++ case ENOENT:
++ if (dry_run) {
++ /* We're doing a dry run, so the containing directory
++ * wasn't actually created. Don't worry about it. */
++ break;
++ }
++ /* Otherwise fall through. */
++ default:
++ rprintf(FERROR, "default_perms_for_dir: sys_acl_get_file(%s, %s): %s, falling back on umask\n",
++ dir, str_acl_type(SMB_ACL_TYPE_DEFAULT), strerror(errno));
++ }
++ return perms;
++ }
++
++ /* Convert it. */
++ ok = unpack_smb_acl(&racl, sacl);
++ sys_acl_free_acl(sacl);
++ if (!ok) {
++ rprintf(FERROR, "default_perms_for_dir: unpack_smb_acl failed, falling back on umask\n");
++ return perms;
++ }
++
++ /* Look at each default ACL entry and possibly modify three bits of `perms' accordingly.
++ * If there's "no" default ACL, there will be zero entries and the umask-based perms is unchanged. */
++ for (i = 0; i < racl.count; i++) {
++ switch (racl.races[i].tag_type) {
++ case SMB_ACL_USER_OBJ:
++ perms = PERMS_SPLICE(perms, racl.races[i].access, 6);
++ break;
++ case SMB_ACL_GROUP_OBJ:
++ if (!saw_mask)
++ perms = PERMS_SPLICE(perms, racl.races[i].access, 3);
++ break;
++ case SMB_ACL_MASK:
++ saw_mask = True;
++ perms = PERMS_SPLICE(perms, racl.races[i].access, 3);
++ break;
++ case SMB_ACL_OTHER:
++ perms = PERMS_SPLICE(perms, racl.races[i].access, 0);
++ break;
++ default:
++ break;
++ }
++ }
++ rsync_acl_free(&racl);
++ if (verbose > 2)
++ rprintf(FINFO, "got ACL-based default perms %o for directory %s\n", perms, dir);
++ return perms;
++}
++
+#endif /* SUPPORT_ACLS */
---- orig/backup.c 2004-09-07 21:45:30
-+++ backup.c 2004-09-07 21:45:57
-@@ -121,6 +121,7 @@ static int make_bak_dir(char *fullpath)
+--- old/backup.c
++++ new/backup.c
+@@ -135,6 +135,7 @@ static int make_bak_dir(char *fullpath)
} else {
do_lchown(fullpath, st.st_uid, st.st_gid);
do_chmod(fullpath, st.st_mode);
}
}
*p = '/';
-@@ -178,6 +179,8 @@ static int keep_backup(char *fname)
+@@ -188,6 +189,8 @@ static int keep_backup(char *fname)
if (!(buf = get_backup_name(fname)))
return 0;
+ PUSH_KEEP_BACKUP_ACL(file, fname, buf);
+
- #ifdef HAVE_MKNOD
/* Check to see if this is a device file, or link */
- if (IS_DEVICE(file->mode)) {
-@@ -253,6 +256,7 @@ static int keep_backup(char *fname)
+ if ((am_root && preserve_devices && IS_DEVICE(file->mode))
+ || (preserve_specials && IS_SPECIAL(file->mode))) {
+@@ -263,6 +266,7 @@ static int keep_backup(char *fname)
}
}
- set_perms(buf, file, NULL, 0);
+ set_file_attrs(buf, file, NULL, 0);
+ CLEANUP_KEEP_BACKUP_ACL();
free(file);
- if (verbose > 1)
---- orig/configure.in 2004-08-13 07:18:59
-+++ configure.in 2004-08-19 19:53:27
-@@ -434,6 +434,11 @@ if test x"$ac_cv_func_strcasecmp" = x"no
+ if (verbose > 1) {
+--- old/configure.in
++++ new/configure.in
+@@ -478,6 +478,11 @@ if test x"$ac_cv_func_strcasecmp" = x"no
AC_CHECK_LIB(resolv, strcasecmp)
fi
dnl At the moment we don't test for a broken memcmp(), because all we
dnl need to do is test for equality, not comparison, and it seems that
dnl every platform has a memcmp that can do at least that.
-@@ -656,6 +661,77 @@ AC_SUBST(OBJ_RESTORE)
+@@ -734,6 +739,77 @@ AC_SUBST(OBJ_RESTORE)
AC_SUBST(CC_SHOBJ_FLAG)
AC_SUBST(BUILD_POPT)
+# check for ACL support
+
+AC_MSG_CHECKING(whether to support ACLs)
-+AC_ARG_WITH(acl-support,
-+[ --with-acl-support Include ACL support (default=no)],
-+[ case "$withval" in
++AC_ARG_ENABLE(acl-support,
++AC_HELP_STRING([--enable-acl-support], [Include ACL support (default=no)]),
++[ case "$enableval" in
+ yes)
+
+ case "$host_os" in
AC_CONFIG_FILES([Makefile lib/dummy zlib/dummy popt/dummy shconfig])
AC_OUTPUT
---- orig/flist.c 2004-08-12 18:34:38
-+++ flist.c 2004-07-03 20:11:58
-@@ -944,6 +944,8 @@ void send_file_name(int f, struct file_l
-
+--- old/flist.c
++++ new/flist.c
+@@ -967,6 +967,8 @@ static struct file_struct *send_file_nam
+ f == -2 ? SERVER_FILTERS : ALL_FILTERS);
if (!file)
- return;
-+ if (!MAKE_ACL(file, fname))
-+ return;
-
- maybe_emit_filelist_progress(flist);
+ return NULL;
++ if (MAKE_ACL(file, fname) < 0)
++ return NULL;
-@@ -952,6 +954,10 @@ void send_file_name(int f, struct file_l
+ if (chmod_modes && !S_ISLNK(file->mode))
+ file->mode = tweak_mode(file->mode, chmod_modes);
+@@ -978,6 +980,10 @@ static struct file_struct *send_file_nam
if (file->basename[0]) {
flist->files[flist->count++] = file;
- send_file_entry(file, f, base_flags);
+ send_file_entry(file, f);
+ SEND_ACL(file, f);
+ } else {
+ /* Cleanup unsent ACL(s). */
+ SEND_ACL(file, -1);
}
-
- if (recursive && S_ISDIR(file->mode)
-@@ -1268,6 +1274,8 @@ struct file_list *recv_file_list(int f)
+ return file;
+ }
+@@ -1366,6 +1372,8 @@ struct file_list *recv_file_list(int f)
flags |= read_byte(f) << 8;
- receive_file_entry(&flist->files[i], flags, flist, f);
+ file = receive_file_entry(flist, flags, f);
-+ RECEIVE_ACL(flist->files[i], f);
++ RECEIVE_ACL(file, f);
+
- if (S_ISREG(flist->files[i]->mode))
- stats.total_size += flist->files[i]->length;
+ if (S_ISREG(file->mode))
+ stats.total_size += file->length;
-@@ -1290,6 +1298,8 @@ struct file_list *recv_file_list(int f)
+@@ -1388,6 +1396,8 @@ struct file_list *recv_file_list(int f)
clean_flist(flist, relative_paths, 1);
+ SORT_FILE_ACL_INDEX_LISTS();
+
- if (f != -1) {
- /* Now send the uid/gid list. This was introduced in
- * protocol version 15 */
---- orig/generator.c 2004-09-07 21:45:30
-+++ generator.c 2004-07-03 20:11:58
-@@ -338,6 +338,10 @@ static void recv_generator(char *fname,
- if (set_perms(fname, file, statret ? NULL : &st, 0)
- && verbose && f_out != -1)
- rprintf(FINFO, "%s/\n", safe_fname(fname));
-+#if SUPPORT_ACLS
-+ if (f_out == -1)
-+ SET_ACL(fname, file);
-+#endif
- return;
- }
+ if (f >= 0) {
+ recv_uid_list(f, flist);
---- orig/mkproto.awk 2004-01-01 21:10:50
-+++ mkproto.awk 2004-06-30 00:04:06
-@@ -58,7 +58,7 @@ BEGIN {
- next;
+--- old/generator.c
++++ new/generator.c
+@@ -754,6 +754,7 @@ static int try_dests_non(struct file_str
}
--!/^OFF_T|^size_t|^off_t|^pid_t|^unsigned|^mode_t|^DIR|^user|^int|^char|^uint|^struct|^BOOL|^void|^time|^const/ {
-+!/^OFF_T|^size_t|^off_t|^pid_t|^unsigned|^mode_t|^DIR|^user|^int|^char|^uint|^struct|^BOOL|^void|^time|^const|^SMB_ACL_T|^id_t/ {
- next;
- }
+ static int phase = 0;
++static int dflt_perms;
---- orig/options.c 2004-09-07 21:45:30
-+++ options.c 2004-08-19 17:38:57
-@@ -43,6 +43,7 @@ int keep_dirlinks = 0;
- int copy_links = 0;
- int preserve_links = 0;
- int preserve_hard_links = 0;
-+int preserve_acls = 0;
- int preserve_perms = 0;
- int preserve_devices = 0;
- int preserve_uid = 0;
-@@ -152,6 +153,7 @@ static void print_rsync_version(enum log
- char const *got_socketpair = "no ";
- char const *have_inplace = "no ";
- char const *hardlinks = "no ";
-+ char const *acls = "no ";
- char const *links = "no ";
- char const *ipv6 = "no ";
- STRUCT_STAT *dumstat;
-@@ -168,6 +170,10 @@ static void print_rsync_version(enum log
- hardlinks = "";
- #endif
+ /* Acts on the_file_list->file's ndx'th item, whose name is fname. If a dir,
+ * make sure it exists, and has the right permissions/timestamp info. For
+@@ -770,7 +771,7 @@ static void recv_generator(char *fname,
+ enum logcode code, int f_out)
+ {
+ static int missing_below = -1, excluded_below = -1;
+- static char *fuzzy_dirname = "";
++ static char *parent_dirname = "";
+ static struct file_list *fuzzy_dirlist = NULL;
+ struct file_struct *fuzzy_file = NULL;
+ int fd = -1, f_copy = -1;
+@@ -789,12 +790,12 @@ static void recv_generator(char *fname,
+ if (fuzzy_dirlist) {
+ flist_free(fuzzy_dirlist);
+ fuzzy_dirlist = NULL;
+- fuzzy_dirname = "";
+ }
+ if (missing_below >= 0) {
+ dry_run--;
+ missing_below = -1;
+ }
++ parent_dirname = "";
+ return;
+ }
-+#if SUPPORT_ACLS
-+ acls = "";
+@@ -829,15 +830,24 @@ static void recv_generator(char *fname,
+ statret = -1;
+ stat_errno = ENOENT;
+ } else {
+- if (fuzzy_basis && S_ISREG(file->mode)) {
++ if ((fuzzy_basis && S_ISREG(file->mode))
++#ifdef SUPPORT_ACLS
++ || !preserve_perms
+#endif
-+
- #if SUPPORT_LINKS
- links = "";
- #endif
-@@ -182,9 +188,9 @@ static void print_rsync_version(enum log
- "Copyright (C) 1996-2004 by Andrew Tridgell and others\n");
- rprintf(f, "<http://rsync.samba.org/>\n");
- rprintf(f, "Capabilities: %d-bit files, %ssocketpairs, "
-- "%shard links, %ssymlinks, batchfiles, \n",
-+ "%shard links, %sACLs, %ssymlinks, batchfiles, \n",
- (int) (sizeof (OFF_T) * 8),
-- got_socketpair, hardlinks, links);
-+ got_socketpair, hardlinks, acls, links);
-
- /* Note that this field may not have type ino_t. It depends
- * on the complicated interaction between largefile feature
-@@ -249,6 +255,7 @@ void usage(enum logcode F)
- rprintf(F," --safe-links ignore \"unsafe\" symlinks\n");
- rprintf(F," -H, --hard-links preserve hard links\n");
- rprintf(F," -p, --perms preserve permissions\n");
-+ rprintf(F," -A, --acls preserve ACLs (implies --perms)\n");
- rprintf(F," -o, --owner preserve owner (root only)\n");
- rprintf(F," -g, --group preserve group\n");
- rprintf(F," -D, --devices preserve devices (root only)\n");
-@@ -358,6 +365,7 @@ static struct poptOption long_options[]
- {"no-whole-file", 0, POPT_ARG_VAL, &whole_file, 0, 0, 0 },
- {"copy-unsafe-links", 0, POPT_ARG_NONE, ©_unsafe_links, 0, 0, 0 },
- {"perms", 'p', POPT_ARG_NONE, &preserve_perms, 0, 0, 0 },
-+ {"acls", 'A', POPT_ARG_NONE, 0, 'A', 0, 0 },
- {"owner", 'o', POPT_ARG_NONE, &preserve_uid, 0, 0, 0 },
- {"group", 'g', POPT_ARG_NONE, &preserve_gid, 0, 0, 0 },
- {"devices", 'D', POPT_ARG_NONE, &preserve_devices, 0, 0, 0 },
-@@ -616,6 +624,24 @@ int parse_arguments(int *argc, const cha
- return 0;
- #endif
-
-+ case 'A':
-+#if SUPPORT_ACLS
-+ preserve_acls = 1;
-+ preserve_perms = 1;
-+#else
-+ /* FIXME: this should probably be ignored with a
-+ * warning and then countermeasures taken to
-+ * restrict group and other access in the presence
-+ * of any more restrictive ACLs, but this is safe
-+ * for now */
-+ snprintf(err_buf,sizeof(err_buf),
-+ "ACLs are not supported on this %s\n",
-+ am_server ? "server" : "client");
-+ return 0;
-+#endif /* SUPPORT_ACLS */
-+ break;
-+
-+
- default:
- /* A large opt value means that set_refuse_options()
- * turned this option off (opt-BASE is its index). */
-@@ -934,6 +960,8 @@ void server_options(char **args,int *arg
++ ) {
+ char *dn = file->dirname ? file->dirname : ".";
+- if (fuzzy_dirname != dn
+- && strcmp(fuzzy_dirname, dn) != 0) {
++ if (parent_dirname != dn
++ && strcmp(parent_dirname, dn) != 0) {
+ if (fuzzy_dirlist)
+ flist_free(fuzzy_dirlist);
+- fuzzy_dirlist = get_dirlist(dn, -1, 1);
++ if (fuzzy_basis && S_ISREG(file->mode))
++ fuzzy_dirlist = get_dirlist(dn, -1, 1);
++#ifdef SUPPORT_ACLS
++ if (!preserve_perms)
++ dflt_perms = default_perms_for_dir(dn);
++#endif
+ }
+- fuzzy_dirname = dn;
++ parent_dirname = dn;
+ }
- if (preserve_hard_links)
- argstr[x++] = 'H';
-+ if (preserve_acls)
-+ argstr[x++] = 'A';
- if (preserve_uid)
- argstr[x++] = 'o';
- if (preserve_gid)
---- orig/rsync.c 2004-09-07 21:45:30
-+++ rsync.c 2004-07-03 20:11:58
-@@ -207,6 +207,14 @@ int set_perms(char *fname,struct file_st
+ statret = link_stat(fname, &st,
+@@ -859,7 +869,8 @@ static void recv_generator(char *fname,
+ if (!preserve_perms) {
+ int exists = statret == 0
+ && S_ISDIR(st.st_mode) == S_ISDIR(file->mode);
+- file->mode = dest_mode(file->mode, st.st_mode, exists);
++ file->mode = dest_mode(file->mode, st.st_mode, dflt_perms,
++ exists);
}
- #endif
-
-+ /* If this is a directory, SET_ACL() will be called on the cleanup
-+ * receive_generator() pass--if we called it here, we might clobber
-+ * writability on the directory. everything else is OK to do now. */
-+ if (!S_ISDIR(st->st_mode)) {
-+ if (SET_ACL(fname, file) == 0)
-+ updated = 1;
-+ }
-+
- if (verbose > 1 && flags & PERMS_REPORT) {
- if (updated)
- rprintf(FINFO,"%s\n",fname);
---- orig/rsync.h 2004-08-03 15:41:32
-+++ rsync.h 2004-07-03 20:11:58
-@@ -541,6 +541,40 @@ static inline int flist_up(struct file_l
- #include "lib/permstring.h"
- #include "lib/addrinfo.h"
-+#define SUPPORT_ACLS HAVE_POSIX_ACLS|HAVE_UNIXWARE_ACLS|HAVE_SOLARIS_ACLS|\
-+ HAVE_HPUX_ACLS|HAVE_IRIX_ACLS|HAVE_AIX_ACLS|HAVE_TRU64_ACLS
-+
-+#define ACLS_NEED_MASK HAVE_UNIXWARE_ACLS|HAVE_SOLARIS_ACLS|HAVE_HPUX_ACLS
-+
-+#if SUPPORT_ACLS
-+#ifdef HAVE_SYS_ACL_H
-+#include <sys/acl.h>
+ if (S_ISDIR(file->mode)) {
+@@ -893,6 +904,10 @@ static void recv_generator(char *fname,
+ if (set_file_attrs(fname, file, statret ? NULL : &st, 0)
+ && verbose && code && f_out != -1)
+ rprintf(code, "%s/\n", fname);
++#ifdef SUPPORT_ACLS
++ if (f_out == -1)
++ SET_ACL(fname, file);
+#endif
-+#define MAKE_ACL(file, fname) make_acl(file, fname)
-+#define SEND_ACL(file, f) send_acl(file, f)
-+#define RECEIVE_ACL(file, f) receive_acl(file, f)
-+#define SORT_FILE_ACL_INDEX_LISTS() sort_file_acl_index_lists()
-+#define SET_ACL(fname, file) set_acl(fname, file)
-+#define NEXT_ACL_UID() next_acl_uid()
-+#define ACL_UID_MAP(uid) acl_uid_map(uid)
-+#define PUSH_KEEP_BACKUP_ACL(file, orig, dest) \
-+ push_keep_backup_acl(file, orig, dest)
-+#define CLEANUP_KEEP_BACKUP_ACL() cleanup_keep_backup_acl()
-+#define DUP_ACL(orig, dest, mode) dup_acl(orig, dest, mode)
-+#else /* SUPPORT_ACLS */
-+#define MAKE_ACL(file, fname) 1 /* checked return value */
-+#define SEND_ACL(file, f)
-+#define RECEIVE_ACL(file, f)
-+#define SORT_FILE_ACL_INDEX_LISTS()
-+#define SET_ACL(fname, file) 0 /* checked return value */
-+#define NEXT_ACL_UID()
-+#define ACL_UID_MAP(uid)
-+#define PUSH_KEEP_BACKUP_ACL(file, orig, dest)
-+#define CLEANUP_KEEP_BACKUP_ACL()
-+#define DUP_ACL(src, orig, mode) 0 /* checked return value */
-+#endif /* SUPPORT_ACLS */
-+#include "smb_acls.h"
-+
- #include "proto.h"
+ if (delete_during && f_out != -1 && !phase && dry_run < 2
+ && (file->flags & FLAG_DEL_HERE))
+ delete_in_dir(the_file_list, fname, file, &st);
+@@ -1328,6 +1343,8 @@ void generate_files(int f_out, struct fi
+ * notice that and let us know via the redo pipe (or its closing). */
+ ignore_timeout = 1;
- /* We have replacement versions of these if they're missing. */
---- orig/rsync.yo 2004-09-07 19:54:51
-+++ rsync.yo 2004-07-03 20:11:58
-@@ -326,6 +326,7 @@ verb(
- --safe-links ignore "unsafe" symlinks
- -H, --hard-links preserve hard links
- -p, --perms preserve permissions
-+ -A, --acls preserve ACLs (implies -p) [local option]
- -o, --owner preserve owner (root only)
- -g, --group preserve group
- -D, --devices preserve devices (root only)
-@@ -578,6 +579,11 @@ source file's permissions and the umask
- other files (including updated files) retain their existing permissions
- (which is the same behavior as other file-copy utilities, such as cp).
++ dflt_perms = (ACCESSPERMS & ~orig_umask);
++
+ for (i = 0; i < flist->count; i++) {
+ struct file_struct *file = flist->files[i];
-+dit(bf(-A, --acls)) This option causes rsync to update the remote
-+ACLs to be the same as the local ACLs. This will work only if the
-+remote machine's rsync supports this option also. This is a non-standard
-+option.
-+
- dit(bf(-o, --owner)) This option causes rsync to set the owner of the
- destination file to be the same as the source file. On most systems,
- only the super-user can set file ownership. By default, the preservation
---- orig/smb_acls.h 2004-06-30 00:04:07
-+++ smb_acls.h 2004-06-30 00:04:07
-@@ -0,0 +1,277 @@
+--- old/lib/sysacls.c
++++ new/lib/sysacls.c
+@@ -0,0 +1,3242 @@
+/*
-+ Unix SMB/Netbios implementation.
-+ Version 2.2.x
-+ Portable SMB ACL interface
-+ Copyright (C) Jeremy Allison 2000
++ Unix SMB/CIFS implementation.
++ Samba system utilities for ACL support.
++ Copyright (C) Jeremy Allison 2000.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
-+#ifndef _SMB_ACLS_H
-+#define _SMB_ACLS_H
++#include "rsync.h"
++#include "sysacls.h" /****** ADDED ******/
+
-+#if defined(HAVE_POSIX_ACLS)
++/****** EXTRAS -- THESE ITEMS ARE NOT FROM THE SAMBA SOURCE ******/
++void SAFE_FREE(void *mem)
++{
++ if (mem)
++ free(mem);
++}
+
-+/* This is an identity mapping (just remove the SMB_). */
++char *uidtoname(uid_t uid)
++{
++ static char idbuf[12];
++ struct passwd *pw;
+
-+#define SMB_ACL_TAG_T acl_tag_t
-+#define SMB_ACL_TYPE_T acl_type_t
-+#define SMB_ACL_PERMSET_T acl_permset_t
-+#define SMB_ACL_PERM_T acl_perm_t
-+#define SMB_ACL_READ ACL_READ
-+#define SMB_ACL_WRITE ACL_WRITE
-+#define SMB_ACL_EXECUTE ACL_EXECUTE
++ if ((pw = getpwuid(uid)) == NULL) {
++ slprintf(idbuf, sizeof(idbuf)-1, "%ld", (long)uid);
++ return idbuf;
++ }
++ return pw->pw_name;
++}
++/****** EXTRAS -- END ******/
+
-+/* Types of ACLs. */
-+#define SMB_ACL_USER ACL_USER
-+#define SMB_ACL_USER_OBJ ACL_USER_OBJ
-+#define SMB_ACL_GROUP ACL_GROUP
-+#define SMB_ACL_GROUP_OBJ ACL_GROUP_OBJ
-+#define SMB_ACL_OTHER ACL_OTHER
-+#define SMB_ACL_MASK ACL_MASK
++/*
++ This file wraps all differing system ACL interfaces into a consistent
++ one based on the POSIX interface. It also returns the correct errors
++ for older UNIX systems that don't support ACLs.
+
-+#define SMB_ACL_T acl_t
++ The interfaces that each ACL implementation must support are as follows :
+
-+#define SMB_ACL_ENTRY_T acl_entry_t
++ int sys_acl_get_entry( SMB_ACL_T theacl, int entry_id, SMB_ACL_ENTRY_T *entry_p)
++ int sys_acl_get_tag_type( SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p)
++ int sys_acl_get_permset( SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p
++ void *sys_acl_get_qualifier( SMB_ACL_ENTRY_T entry_d)
++ SMB_ACL_T sys_acl_get_file( const char *path_p, SMB_ACL_TYPE_T type)
++ SMB_ACL_T sys_acl_get_fd(int fd)
++ int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset);
++ int sys_acl_add_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm);
++ char *sys_acl_to_text( SMB_ACL_T theacl, ssize_t *plen)
++ SMB_ACL_T sys_acl_init( int count)
++ int sys_acl_create_entry( SMB_ACL_T *pacl, SMB_ACL_ENTRY_T *pentry)
++ int sys_acl_set_tag_type( SMB_ACL_ENTRY_T entry, SMB_ACL_TAG_T tagtype)
++ int sys_acl_set_qualifier( SMB_ACL_ENTRY_T entry, void *qual)
++ int sys_acl_set_permset( SMB_ACL_ENTRY_T entry, SMB_ACL_PERMSET_T permset)
++ int sys_acl_valid( SMB_ACL_T theacl )
++ int sys_acl_set_file( const char *name, SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl)
++ int sys_acl_set_fd( int fd, SMB_ACL_T theacl)
++ int sys_acl_delete_def_file(const char *path)
+
-+#define SMB_ACL_FIRST_ENTRY ACL_FIRST_ENTRY
-+#define SMB_ACL_NEXT_ENTRY ACL_NEXT_ENTRY
++ This next one is not POSIX complient - but we *have* to have it !
++ More POSIX braindamage.
+
-+#define SMB_ACL_TYPE_ACCESS ACL_TYPE_ACCESS
-+#define SMB_ACL_TYPE_DEFAULT ACL_TYPE_DEFAULT
++ int sys_acl_get_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
+
-+#elif defined(HAVE_TRU64_ACLS)
++ The generic POSIX free is the following call. We split this into
++ several different free functions as we may need to add tag info
++ to structures when emulating the POSIX interface.
+
-+/* This is for DEC/Compaq Tru64 UNIX */
++ int sys_acl_free( void *obj_p)
+
-+#define SMB_ACL_TAG_T acl_tag_t
-+#define SMB_ACL_TYPE_T acl_type_t
-+#define SMB_ACL_PERMSET_T acl_permset_t
-+#define SMB_ACL_PERM_T acl_perm_t
-+#define SMB_ACL_READ ACL_READ
-+#define SMB_ACL_WRITE ACL_WRITE
-+#define SMB_ACL_EXECUTE ACL_EXECUTE
++ The calls we actually use are :
+
-+/* Types of ACLs. */
-+#define SMB_ACL_USER ACL_USER
-+#define SMB_ACL_USER_OBJ ACL_USER_OBJ
-+#define SMB_ACL_GROUP ACL_GROUP
-+#define SMB_ACL_GROUP_OBJ ACL_GROUP_OBJ
-+#define SMB_ACL_OTHER ACL_OTHER
-+#define SMB_ACL_MASK ACL_MASK
++ int sys_acl_free_text(char *text) - free acl_to_text
++ int sys_acl_free_acl(SMB_ACL_T posix_acl)
++ int sys_acl_free_qualifier(void *qualifier, SMB_ACL_TAG_T tagtype)
+
-+#define SMB_ACL_T acl_t
++*/
+
-+#define SMB_ACL_ENTRY_T acl_entry_t
++#if defined(HAVE_POSIX_ACLS)
+
-+#define SMB_ACL_FIRST_ENTRY 0
-+#define SMB_ACL_NEXT_ENTRY 1
++/* Identity mapping - easy. */
+
-+#define SMB_ACL_TYPE_ACCESS ACL_TYPE_ACCESS
-+#define SMB_ACL_TYPE_DEFAULT ACL_TYPE_DEFAULT
++int sys_acl_get_entry( SMB_ACL_T the_acl, int entry_id, SMB_ACL_ENTRY_T *entry_p)
++{
++ return acl_get_entry( the_acl, entry_id, entry_p);
++}
+
-+#elif defined(HAVE_UNIXWARE_ACLS) || defined(HAVE_SOLARIS_ACLS)
-+/*
-+ * Donated by Michael Davidson <md@sco.COM> for UnixWare / OpenUNIX.
-+ * Modified by Toomas Soome <tsoome@ut.ee> for Solaris.
-+ */
++int sys_acl_get_tag_type( SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p)
++{
++ return acl_get_tag_type( entry_d, tag_type_p);
++}
+
-+/* SVR4.2 ES/MP ACLs */
-+typedef int SMB_ACL_TAG_T;
-+typedef int SMB_ACL_TYPE_T;
-+typedef ushort *SMB_ACL_PERMSET_T;
-+typedef ushort SMB_ACL_PERM_T;
-+#define SMB_ACL_READ 4
-+#define SMB_ACL_WRITE 2
-+#define SMB_ACL_EXECUTE 1
-+
-+/* Types of ACLs. */
-+#define SMB_ACL_USER USER
-+#define SMB_ACL_USER_OBJ USER_OBJ
-+#define SMB_ACL_GROUP GROUP
-+#define SMB_ACL_GROUP_OBJ GROUP_OBJ
-+#define SMB_ACL_OTHER OTHER_OBJ
-+#define SMB_ACL_MASK CLASS_OBJ
-+
-+typedef struct SMB_ACL_T {
-+ int size;
-+ int count;
-+ int next;
-+ struct acl acl[1];
-+} *SMB_ACL_T;
-+
-+typedef struct acl *SMB_ACL_ENTRY_T;
-+
-+#define SMB_ACL_FIRST_ENTRY 0
-+#define SMB_ACL_NEXT_ENTRY 1
-+
-+#define SMB_ACL_TYPE_ACCESS 0
-+#define SMB_ACL_TYPE_DEFAULT 1
-+
-+#elif defined(HAVE_HPUX_ACLS)
-+
-+/*
-+ * Based on the Solaris & UnixWare code.
-+ */
-+
-+#undef GROUP
-+#include <sys/aclv.h>
-+
-+/* SVR4.2 ES/MP ACLs */
-+typedef int SMB_ACL_TAG_T;
-+typedef int SMB_ACL_TYPE_T;
-+typedef ushort *SMB_ACL_PERMSET_T;
-+typedef ushort SMB_ACL_PERM_T;
-+#define SMB_ACL_READ 4
-+#define SMB_ACL_WRITE 2
-+#define SMB_ACL_EXECUTE 1
-+
-+/* Types of ACLs. */
-+#define SMB_ACL_USER USER
-+#define SMB_ACL_USER_OBJ USER_OBJ
-+#define SMB_ACL_GROUP GROUP
-+#define SMB_ACL_GROUP_OBJ GROUP_OBJ
-+#define SMB_ACL_OTHER OTHER_OBJ
-+#define SMB_ACL_MASK CLASS_OBJ
-+
-+typedef struct SMB_ACL_T {
-+ int size;
-+ int count;
-+ int next;
-+ struct acl acl[1];
-+} *SMB_ACL_T;
-+
-+typedef struct acl *SMB_ACL_ENTRY_T;
-+
-+#define SMB_ACL_FIRST_ENTRY 0
-+#define SMB_ACL_NEXT_ENTRY 1
-+
-+#define SMB_ACL_TYPE_ACCESS 0
-+#define SMB_ACL_TYPE_DEFAULT 1
-+
-+#elif defined(HAVE_IRIX_ACLS)
-+
-+#define SMB_ACL_TAG_T acl_tag_t
-+#define SMB_ACL_TYPE_T acl_type_t
-+#define SMB_ACL_PERMSET_T acl_permset_t
-+#define SMB_ACL_PERM_T acl_perm_t
-+#define SMB_ACL_READ ACL_READ
-+#define SMB_ACL_WRITE ACL_WRITE
-+#define SMB_ACL_EXECUTE ACL_EXECUTE
-+
-+/* Types of ACLs. */
-+#define SMB_ACL_USER ACL_USER
-+#define SMB_ACL_USER_OBJ ACL_USER_OBJ
-+#define SMB_ACL_GROUP ACL_GROUP
-+#define SMB_ACL_GROUP_OBJ ACL_GROUP_OBJ
-+#define SMB_ACL_OTHER ACL_OTHER_OBJ
-+#define SMB_ACL_MASK ACL_MASK
-+
-+typedef struct SMB_ACL_T {
-+ int next;
-+ BOOL freeaclp;
-+ struct acl *aclp;
-+} *SMB_ACL_T;
-+
-+#define SMB_ACL_ENTRY_T acl_entry_t
-+
-+#define SMB_ACL_FIRST_ENTRY 0
-+#define SMB_ACL_NEXT_ENTRY 1
-+
-+#define SMB_ACL_TYPE_ACCESS ACL_TYPE_ACCESS
-+#define SMB_ACL_TYPE_DEFAULT ACL_TYPE_DEFAULT
-+
-+#elif defined(HAVE_AIX_ACLS)
-+
-+/* Donated by Medha Date, mdate@austin.ibm.com, for IBM */
-+
-+#include "/usr/include/acl.h"
-+
-+typedef uint *SMB_ACL_PERMSET_T;
-+
-+struct acl_entry_link{
-+ struct acl_entry_link *prevp;
-+ struct new_acl_entry *entryp;
-+ struct acl_entry_link *nextp;
-+ int count;
-+};
-+
-+struct new_acl_entry{
-+ unsigned short ace_len;
-+ unsigned short ace_type;
-+ unsigned int ace_access;
-+ struct ace_id ace_id[1];
-+};
-+
-+#define SMB_ACL_ENTRY_T struct new_acl_entry*
-+#define SMB_ACL_T struct acl_entry_link*
-+
-+#define SMB_ACL_TAG_T unsigned short
-+#define SMB_ACL_TYPE_T int
-+#define SMB_ACL_PERM_T uint
-+#define SMB_ACL_READ S_IRUSR
-+#define SMB_ACL_WRITE S_IWUSR
-+#define SMB_ACL_EXECUTE S_IXUSR
-+
-+/* Types of ACLs. */
-+#define SMB_ACL_USER ACEID_USER
-+#define SMB_ACL_USER_OBJ 3
-+#define SMB_ACL_GROUP ACEID_GROUP
-+#define SMB_ACL_GROUP_OBJ 4
-+#define SMB_ACL_OTHER 5
-+#define SMB_ACL_MASK 6
-+
-+
-+#define SMB_ACL_FIRST_ENTRY 1
-+#define SMB_ACL_NEXT_ENTRY 2
-+
-+#define SMB_ACL_TYPE_ACCESS 0
-+#define SMB_ACL_TYPE_DEFAULT 1
-+
-+#else /* No ACLs. */
-+
-+/* No ACLS - fake it. */
-+#define SMB_ACL_TAG_T int
-+#define SMB_ACL_TYPE_T int
-+#define SMB_ACL_PERMSET_T mode_t
-+#define SMB_ACL_PERM_T mode_t
-+#define SMB_ACL_READ S_IRUSR
-+#define SMB_ACL_WRITE S_IWUSR
-+#define SMB_ACL_EXECUTE S_IXUSR
-+
-+/* Types of ACLs. */
-+#define SMB_ACL_USER 0
-+#define SMB_ACL_USER_OBJ 1
-+#define SMB_ACL_GROUP 2
-+#define SMB_ACL_GROUP_OBJ 3
-+#define SMB_ACL_OTHER 4
-+#define SMB_ACL_MASK 5
-+
-+typedef struct SMB_ACL_T {
-+ int dummy;
-+} *SMB_ACL_T;
-+
-+typedef struct SMB_ACL_ENTRY_T {
-+ int dummy;
-+} *SMB_ACL_ENTRY_T;
-+
-+#define SMB_ACL_FIRST_ENTRY 0
-+#define SMB_ACL_NEXT_ENTRY 1
-+
-+#define SMB_ACL_TYPE_ACCESS 0
-+#define SMB_ACL_TYPE_DEFAULT 1
-+
-+#endif /* No ACLs. */
-+#endif /* _SMB_ACLS_H */
---- orig/sysacls.c 2004-08-19 17:38:21
-+++ sysacls.c 2004-08-19 17:38:21
-@@ -0,0 +1,3117 @@
-+/*
-+ Unix SMB/Netbios implementation.
-+ Version 2.2.
-+ Samba system utilities for ACL support.
-+ Copyright (C) Jeremy Allison 2000.
-+
-+ This program is free software; you can redistribute it and/or modify
-+ it under the terms of the GNU General Public License as published by
-+ the Free Software Foundation; either version 2 of the License, or
-+ (at your option) any later version.
-+
-+ This program is distributed in the hope that it will be useful,
-+ but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-+ GNU General Public License for more details.
-+
-+ You should have received a copy of the GNU General Public License
-+ along with this program; if not, write to the Free Software
-+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-+*/
-+
-+#include "rsync.h"
-+
-+/*
-+ This file wraps all differing system ACL interfaces into a consistent
-+ one based on the POSIX interface. It also returns the correct errors
-+ for older UNIX systems that don't support ACLs.
-+
-+ The interfaces that each ACL implementation must support are as follows:
-+
-+ int sys_acl_get_entry(SMB_ACL_T theacl, int entry_id, SMB_ACL_ENTRY_T *entry_p)
-+ int sys_acl_get_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p)
-+ int sys_acl_get_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p
-+ void *sys_acl_get_qualifier(SMB_ACL_ENTRY_T entry_d)
-+ SMB_ACL_T sys_acl_get_file(const char *path_p, SMB_ACL_TYPE_T type)
-+ SMB_ACL_T sys_acl_get_fd(int fd)
-+ int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset);
-+ int sys_acl_add_perm(SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm);
-+ char *sys_acl_to_text(SMB_ACL_T theacl, ssize_t *plen)
-+ SMB_ACL_T sys_acl_init(int count)
-+ int sys_acl_create_entry(SMB_ACL_T *pacl, SMB_ACL_ENTRY_T *pentry)
-+ int sys_acl_set_tag_type(SMB_ACL_ENTRY_T entry, SMB_ACL_TAG_T tagtype)
-+ int sys_acl_set_qualifier(SMB_ACL_ENTRY_T entry, void *qual)
-+ int sys_acl_set_permset(SMB_ACL_ENTRY_T entry, SMB_ACL_PERMSET_T permset)
-+ int sys_acl_valid(SMB_ACL_T theacl)
-+ int sys_acl_set_file(const char *name, SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl)
-+ int sys_acl_set_fd(int fd, SMB_ACL_T theacl)
-+ int sys_acl_delete_def_file(const char *path)
-+
-+ This next one is not POSIX complient - but we *have* to have it !
-+ More POSIX braindamage.
-+
-+ int sys_acl_get_perm(SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
-+
-+ The generic POSIX free is the following call. We split this into
-+ several different free functions as we may need to add tag info
-+ to structures when emulating the POSIX interface.
-+
-+ int sys_acl_free(void *obj_p)
-+
-+ The calls we actually use are:
-+
-+ int sys_acl_free_text(char *text) - free acl_to_text
-+ int sys_acl_free_acl(SMB_ACL_T posix_acl)
-+ int sys_acl_free_qualifier(void *qualifier, SMB_ACL_TAG_T tagtype)
-+
-+*/
-+
-+#if defined(HAVE_POSIX_ACLS)
-+
-+/* Identity mapping - easy. */
-+
-+int sys_acl_get_entry(SMB_ACL_T the_acl, int entry_id, SMB_ACL_ENTRY_T *entry_p)
-+{
-+ return acl_get_entry(the_acl, entry_id, entry_p);
-+}
-+
-+int sys_acl_get_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p)
-+{
-+ return acl_get_tag_type(entry_d, tag_type_p);
-+}
-+
-+int sys_acl_get_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
++int sys_acl_get_permset( SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
+{
-+ return acl_get_permset(entry_d, permset_p);
++ return acl_get_permset( entry_d, permset_p);
+}
+
-+void *sys_acl_get_qualifier(SMB_ACL_ENTRY_T entry_d)
++void *sys_acl_get_qualifier( SMB_ACL_ENTRY_T entry_d)
+{
-+ return acl_get_qualifier(entry_d);
++ return acl_get_qualifier( entry_d);
+}
+
-+SMB_ACL_T sys_acl_get_file(const char *path_p, SMB_ACL_TYPE_T type)
++SMB_ACL_T sys_acl_get_file( const char *path_p, SMB_ACL_TYPE_T type)
+{
-+ return acl_get_file(path_p, type);
++ return acl_get_file( path_p, type);
+}
+
+SMB_ACL_T sys_acl_get_fd(int fd)
+ return acl_clear_perms(permset);
+}
+
-+int sys_acl_add_perm(SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
++int sys_acl_add_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
+{
+ return acl_add_perm(permset, perm);
+}
+
-+int sys_acl_get_perm(SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
++int sys_acl_get_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
+{
+#if defined(HAVE_ACL_GET_PERM_NP)
-+ /* Required for TrustedBSD-based ACL implementations where
++ /*
++ * Required for TrustedBSD-based ACL implementations where
+ * non-POSIX.1e functions are denoted by a _np (non-portable)
-+ * suffix. */
++ * suffix.
++ */
+ return acl_get_perm_np(permset, perm);
+#else
+ return acl_get_perm(permset, perm);
+#endif
+}
+
-+char *sys_acl_to_text(SMB_ACL_T the_acl, ssize_t *plen)
++char *sys_acl_to_text( SMB_ACL_T the_acl, ssize_t *plen)
+{
-+ return acl_to_text(the_acl, plen);
++ return acl_to_text( the_acl, plen);
+}
+
-+SMB_ACL_T sys_acl_init(int count)
++SMB_ACL_T sys_acl_init( int count)
+{
+ return acl_init(count);
+}
+
-+int sys_acl_create_entry(SMB_ACL_T *pacl, SMB_ACL_ENTRY_T *pentry)
++int sys_acl_create_entry( SMB_ACL_T *pacl, SMB_ACL_ENTRY_T *pentry)
+{
+ return acl_create_entry(pacl, pentry);
+}
+
-+int sys_acl_set_tag_type(SMB_ACL_ENTRY_T entry, SMB_ACL_TAG_T tagtype)
++int sys_acl_set_tag_type( SMB_ACL_ENTRY_T entry, SMB_ACL_TAG_T tagtype)
+{
+ return acl_set_tag_type(entry, tagtype);
+}
+
-+int sys_acl_set_qualifier(SMB_ACL_ENTRY_T entry, void *qual)
++int sys_acl_set_qualifier( SMB_ACL_ENTRY_T entry, void *qual)
+{
+ return acl_set_qualifier(entry, qual);
+}
+
-+int sys_acl_set_permset(SMB_ACL_ENTRY_T entry, SMB_ACL_PERMSET_T permset)
++int sys_acl_set_permset( SMB_ACL_ENTRY_T entry, SMB_ACL_PERMSET_T permset)
+{
+ return acl_set_permset(entry, permset);
+}
+
-+int sys_acl_valid(SMB_ACL_T theacl)
++int sys_acl_valid( SMB_ACL_T theacl )
+{
+ return acl_valid(theacl);
+}
+ return acl_set_file(name, acltype, theacl);
+}
+
-+int sys_acl_set_fd(int fd, SMB_ACL_T theacl)
++int sys_acl_set_fd( int fd, SMB_ACL_T theacl)
+{
+ return acl_set_fd(fd, theacl);
+}
+ return acl_free(text);
+}
+
-+int sys_acl_free_acl(SMB_ACL_T the_acl)
++int sys_acl_free_acl(SMB_ACL_T the_acl)
+{
+ return acl_free(the_acl);
+}
+
-+int sys_acl_free_qualifier(void *qual, SMB_ACL_TAG_T tagtype)
++int sys_acl_free_qualifier(void *qual, UNUSED(SMB_ACL_TAG_T tagtype))
+{
+ return acl_free(qual);
+}
+
+#elif defined(HAVE_TRU64_ACLS)
-+/* The interface to DEC/Compaq Tru64 UNIX ACLs
++/*
++ * The interface to DEC/Compaq Tru64 UNIX ACLs
+ * is based on Draft 13 of the POSIX spec which is
+ * slightly different from the Draft 16 interface.
-+ *
++ *
+ * Also, some of the permset manipulation functions
+ * such as acl_clear_perm() and acl_add_perm() appear
+ * to be broken on Tru64 so we have to manipulate
-+ * the permission bits in the permset directly. */
-+ int sys_acl_get_entry(SMB_ACL_T the_acl, int entry_id, SMB_ACL_ENTRY_T *entry_p)
++ * the permission bits in the permset directly.
++ */
++int sys_acl_get_entry( SMB_ACL_T the_acl, int entry_id, SMB_ACL_ENTRY_T *entry_p)
+{
-+ SMB_ACL_ENTRY_T entry;
++ SMB_ACL_ENTRY_T entry;
+
+ if (entry_id == SMB_ACL_FIRST_ENTRY && acl_first_entry(the_acl) != 0) {
+ return -1;
+ return errno ? -1 : 0;
+}
+
-+ int sys_acl_get_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p)
++int sys_acl_get_tag_type( SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p)
+{
-+ return acl_get_tag_type(entry_d, tag_type_p);
++ return acl_get_tag_type( entry_d, tag_type_p);
+}
+
-+ int sys_acl_get_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
++int sys_acl_get_permset( SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
+{
-+ return acl_get_permset(entry_d, permset_p);
++ return acl_get_permset( entry_d, permset_p);
+}
+
-+ void *sys_acl_get_qualifier(SMB_ACL_ENTRY_T entry_d)
++void *sys_acl_get_qualifier( SMB_ACL_ENTRY_T entry_d)
+{
-+ return acl_get_qualifier(entry_d);
++ return acl_get_qualifier( entry_d);
+}
+
-+ SMB_ACL_T sys_acl_get_file(const char *path_p, SMB_ACL_TYPE_T type)
++SMB_ACL_T sys_acl_get_file( const char *path_p, SMB_ACL_TYPE_T type)
+{
+ return acl_get_file((char *)path_p, type);
+}
+
-+ SMB_ACL_T sys_acl_get_fd(int fd)
++SMB_ACL_T sys_acl_get_fd(int fd)
+{
+ return acl_get_fd(fd, ACL_TYPE_ACCESS);
+}
+
-+ int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset)
++int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset)
+{
-+ *permset = 0; /* acl_clear_perm() is broken on Tru64 */
++ *permset = 0; /* acl_clear_perm() is broken on Tru64 */
+
+ return 0;
+}
+
-+ int sys_acl_add_perm(SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
++int sys_acl_add_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
+{
+ if (perm & ~(SMB_ACL_READ | SMB_ACL_WRITE | SMB_ACL_EXECUTE)) {
+ errno = EINVAL;
+ return -1;
+ }
+
-+ *permset |= perm; /* acl_add_perm() is broken on Tru64 */
++ *permset |= perm; /* acl_add_perm() is broken on Tru64 */
+
+ return 0;
+}
+
-+ int sys_acl_get_perm(SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
++int sys_acl_get_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
+{
+ return *permset & perm; /* Tru64 doesn't have acl_get_perm() */
+}
+
-+ char *sys_acl_to_text(SMB_ACL_T the_acl, ssize_t *plen)
++char *sys_acl_to_text( SMB_ACL_T the_acl, ssize_t *plen)
+{
-+ return acl_to_text(the_acl, plen);
++ return acl_to_text( the_acl, plen);
+}
+
-+ SMB_ACL_T sys_acl_init(int count)
++SMB_ACL_T sys_acl_init( int count)
+{
+ return acl_init(count);
+}
+
-+ int sys_acl_create_entry(SMB_ACL_T *pacl, SMB_ACL_ENTRY_T *pentry)
++int sys_acl_create_entry( SMB_ACL_T *pacl, SMB_ACL_ENTRY_T *pentry)
+{
+ SMB_ACL_ENTRY_T entry;
+
+ return 0;
+}
+
-+ int sys_acl_set_tag_type(SMB_ACL_ENTRY_T entry, SMB_ACL_TAG_T tagtype)
++int sys_acl_set_tag_type( SMB_ACL_ENTRY_T entry, SMB_ACL_TAG_T tagtype)
+{
+ return acl_set_tag_type(entry, tagtype);
+}
+
-+ int sys_acl_set_qualifier(SMB_ACL_ENTRY_T entry, void *qual)
++int sys_acl_set_qualifier( SMB_ACL_ENTRY_T entry, void *qual)
+{
+ return acl_set_qualifier(entry, qual);
+}
+
-+ int sys_acl_set_permset(SMB_ACL_ENTRY_T entry, SMB_ACL_PERMSET_T permset)
++int sys_acl_set_permset( SMB_ACL_ENTRY_T entry, SMB_ACL_PERMSET_T permset)
+{
+ return acl_set_permset(entry, permset);
+}
+
-+ int sys_acl_valid(SMB_ACL_T theacl)
++int sys_acl_valid( SMB_ACL_T theacl )
+{
-+ acl_entry_t entry;
++ acl_entry_t entry;
+
+ return acl_valid(theacl, &entry);
+}
+
-+ int sys_acl_set_file(const char *name, SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl)
++int sys_acl_set_file( const char *name, SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl)
+{
+ return acl_set_file((char *)name, acltype, theacl);
+}
+
-+ int sys_acl_set_fd(int fd, SMB_ACL_T theacl)
++int sys_acl_set_fd( int fd, SMB_ACL_T theacl)
+{
+ return acl_set_fd(fd, ACL_TYPE_ACCESS, theacl);
+}
+
-+ int sys_acl_delete_def_file(const char *name)
++int sys_acl_delete_def_file(const char *name)
+{
+ return acl_delete_def_file((char *)name);
+}
+
-+ int sys_acl_free_text(char *text)
++int sys_acl_free_text(char *text)
+{
-+ /* (void) cast and explicit return 0 are for DEC UNIX
-+ * which just #defines acl_free_text() to be free(). */
++ /*
++ * (void) cast and explicit return 0 are for DEC UNIX
++ * which just #defines acl_free_text() to be free()
++ */
+ (void) acl_free_text(text);
+ return 0;
+}
+
-+ int sys_acl_free_acl(SMB_ACL_T the_acl)
++int sys_acl_free_acl(SMB_ACL_T the_acl)
+{
+ return acl_free(the_acl);
+}
+
-+ int sys_acl_free_qualifier(void *qual, SMB_ACL_TAG_T tagtype)
++int sys_acl_free_qualifier(void *qual, SMB_ACL_TAG_T tagtype)
+{
+ return acl_free_qualifier(qual, tagtype);
+}
+
+#elif defined(HAVE_UNIXWARE_ACLS) || defined(HAVE_SOLARIS_ACLS)
+
-+/* Donated by Michael Davidson <md@sco.COM> for UnixWare / OpenUNIX.
-+ * Modified by Toomas Soome <tsoome@ut.ee> for Solaris. */
++/*
++ * Donated by Michael Davidson <md@sco.COM> for UnixWare / OpenUNIX.
++ * Modified by Toomas Soome <tsoome@ut.ee> for Solaris.
++ */
+
-+/* Note that while this code implements sufficient functionality
++/*
++ * Note that while this code implements sufficient functionality
+ * to support the sys_acl_* interfaces it does not provide all
+ * of the semantics of the POSIX ACL interfaces.
+ *
+ * sys_acl_set_fd()
+ */
+
-+/* The only difference between Solaris and UnixWare / OpenUNIX is
-+ * that the #defines for the ACL operations have different names. */
++/*
++ * The only difference between Solaris and UnixWare / OpenUNIX is
++ * that the #defines for the ACL operations have different names
++ */
+#if defined(HAVE_UNIXWARE_ACLS)
+
-+#define SETACL ACL_SET
-+#define GETACL ACL_GET
-+#define GETACLCNT ACL_CNT
++#define SETACL ACL_SET
++#define GETACL ACL_GET
++#define GETACLCNT ACL_CNT
+
+#endif
+
+
-+ int sys_acl_get_entry(SMB_ACL_T acl_d, int entry_id, SMB_ACL_ENTRY_T *entry_p)
++int sys_acl_get_entry(SMB_ACL_T acl_d, int entry_id, SMB_ACL_ENTRY_T *entry_p)
+{
+ if (entry_id != SMB_ACL_FIRST_ENTRY && entry_id != SMB_ACL_NEXT_ENTRY) {
+ errno = EINVAL;
+ return 1;
+}
+
-+ int sys_acl_get_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *type_p)
++int sys_acl_get_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *type_p)
+{
+ *type_p = entry_d->a_type;
+
+ return 0;
+}
+
-+ int sys_acl_get_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
++int sys_acl_get_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
+{
+ *permset_p = &entry_d->a_perm;
+
+ return 0;
+}
+
-+ void *sys_acl_get_qualifier(SMB_ACL_ENTRY_T entry_d)
++void *sys_acl_get_qualifier(SMB_ACL_ENTRY_T entry_d)
+{
+ if (entry_d->a_type != SMB_ACL_USER
+ && entry_d->a_type != SMB_ACL_GROUP) {
+ return &entry_d->a_id;
+}
+
-+/* There is no way of knowing what size the ACL returned by
++/*
++ * There is no way of knowing what size the ACL returned by
+ * GETACL will be unless you first call GETACLCNT which means
+ * making an additional system call.
+ *
+ * call in most cases, we initially allocate enough space for
+ * an ACL with INITIAL_ACL_SIZE entries. If this turns out to
+ * be too small then we use GETACLCNT to find out the actual
-+ * size, reallocate the ACL buffer, and then call GETACL again. */
++ * size, reallocate the ACL buffer, and then call GETACL again.
++ */
+
-+#define INITIAL_ACL_SIZE 16
++#define INITIAL_ACL_SIZE 16
+
-+ SMB_ACL_T sys_acl_get_file(const char *path_p, SMB_ACL_TYPE_T type)
++SMB_ACL_T sys_acl_get_file(const char *path_p, SMB_ACL_TYPE_T type)
+{
-+ SMB_ACL_T acl_d;
-+ int count; /* # of ACL entries allocated */
-+ int naccess; /* # of access ACL entries */
-+ int ndefault; /* # of default ACL entries */
++ SMB_ACL_T acl_d;
++ int count; /* # of ACL entries allocated */
++ int naccess; /* # of access ACL entries */
++ int ndefault; /* # of default ACL entries */
+
+ if (type != SMB_ACL_TYPE_ACCESS && type != SMB_ACL_TYPE_DEFAULT) {
+ errno = EINVAL;
+ return NULL;
+ }
+
-+ /* If there isn't enough space for the ACL entries we use
++ /*
++ * If there isn't enough space for the ACL entries we use
+ * GETACLCNT to determine the actual number of ACL entries
+ * reallocate and try again. This is in a loop because it
+ * is possible that someone else could modify the ACL and
+ * increase the number of entries between the call to
-+ * GETACLCNT and the call to GETACL. */
++ * GETACLCNT and the call to GETACL.
++ */
+ while ((count = acl(path_p, GETACL, count, &acl_d->acl[0])) < 0
+ && errno == ENOSPC) {
+
+ return NULL;
+ }
+
-+ /* Calculate the number of access and default ACL entries.
++ /*
++ * calculate the number of access and default ACL entries
+ *
+ * Note: we assume that the acl() system call returned a
+ * well formed ACL which is sorted so that all of the
-+ * access ACL entries preceed any default ACL entries. */
++ * access ACL entries preceed any default ACL entries
++ */
+ for (naccess = 0; naccess < count; naccess++) {
+ if (acl_d->acl[naccess].a_type & ACL_DEFAULT)
+ break;
+ }
+ ndefault = count - naccess;
-+
-+ /* If the caller wants the default ACL we have to copy
++
++ /*
++ * if the caller wants the default ACL we have to copy
+ * the entries down to the start of the acl[] buffer
-+ * and mask out the ACL_DEFAULT flag from the type field. */
++ * and mask out the ACL_DEFAULT flag from the type field
++ */
+ if (type == SMB_ACL_TYPE_DEFAULT) {
-+ int i, j;
++ int i, j;
+
+ for (i = 0, j = naccess; i < ndefault; i++, j++) {
+ acl_d->acl[i] = acl_d->acl[j];
+ return acl_d;
+}
+
-+ SMB_ACL_T sys_acl_get_fd(int fd)
++SMB_ACL_T sys_acl_get_fd(int fd)
+{
-+ SMB_ACL_T acl_d;
-+ int count; /* # of ACL entries allocated */
-+ int naccess; /* # of access ACL entries */
++ SMB_ACL_T acl_d;
++ int count; /* # of ACL entries allocated */
++ int naccess; /* # of access ACL entries */
+
+ count = INITIAL_ACL_SIZE;
+ if ((acl_d = sys_acl_init(count)) == NULL) {
+ return NULL;
+ }
+
-+ /* Calculate the number of access ACL entries. */
++ /*
++ * calculate the number of access ACL entries
++ */
+ for (naccess = 0; naccess < count; naccess++) {
+ if (acl_d->acl[naccess].a_type & ACL_DEFAULT)
+ break;
+ }
-+
++
+ acl_d->count = naccess;
+
+ return acl_d;
+}
+
-+ int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset_d)
++int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset_d)
+{
+ *permset_d = 0;
+
+ return 0;
+}
+
-+ int sys_acl_add_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm)
++int sys_acl_add_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm)
+{
+ if (perm != SMB_ACL_READ && perm != SMB_ACL_WRITE
+ && perm != SMB_ACL_EXECUTE) {
+ return 0;
+}
+
-+ int sys_acl_get_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm)
++int sys_acl_get_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm)
+{
+ return *permset_d & perm;
+}
+
-+ char *sys_acl_to_text(SMB_ACL_T acl_d, ssize_t *len_p)
++char *sys_acl_to_text(SMB_ACL_T acl_d, ssize_t *len_p)
+{
-+ int i;
-+ int len, maxlen;
-+ char *text;
++ int i;
++ int len, maxlen;
++ char *text;
+
-+ /* Use an initial estimate of 20 bytes per ACL entry
++ /*
++ * use an initial estimate of 20 bytes per ACL entry
+ * when allocating memory for the text representation
-+ * of the ACL. */
-+ len = 0;
-+ maxlen = 20 * acl_d->count;
-+ if ((text = malloc(maxlen)) == NULL) {
++ * of the ACL
++ */
++ len = 0;
++ maxlen = 20 * acl_d->count;
++ if ((text = SMB_MALLOC(maxlen)) == NULL) {
+ errno = ENOMEM;
+ return NULL;
+ }
+
+ for (i = 0; i < acl_d->count; i++) {
-+ struct acl *ap = &acl_d->acl[i];
-+ struct passwd *pw;
-+ struct group *gr;
-+ char tagbuf[12];
-+ char idbuf[12];
-+ char *tag;
-+ char *id = "";
-+ char perms[4];
-+ int nbytes;
++ struct acl *ap = &acl_d->acl[i];
++ struct passwd *pw;
++ struct group *gr;
++ char tagbuf[12];
++ char idbuf[12];
++ char *tag;
++ char *id = "";
++ char perms[4];
++ int nbytes;
+
+ switch (ap->a_type) {
-+ /* For debugging purposes it's probably more
++ /*
++ * for debugging purposes it's probably more
+ * useful to dump unknown tag types rather
-+ * than just returning an error. */
++ * than just returning an error
++ */
+ default:
-+ snprintf(tagbuf, sizeof tagbuf - 1, "0x%x",
++ slprintf(tagbuf, sizeof(tagbuf)-1, "0x%x",
+ ap->a_type);
+ tag = tagbuf;
-+ snprintf(idbuf, sizeof idbuf - 1, "%ld",
++ slprintf(idbuf, sizeof(idbuf)-1, "%ld",
+ (long)ap->a_id);
+ id = idbuf;
+ break;
+
+ case SMB_ACL_USER:
-+ if ((pw = getpwuid(ap->a_id)) == NULL) {
-+ snprintf(idbuf, sizeof idbuf - 1, "%ld",
-+ (long)ap->a_id);
-+ id = idbuf;
-+ } else {
-+ id = pw->pw_name;
-+ }
++ id = uidtoname(ap->a_id);
+ case SMB_ACL_USER_OBJ:
+ tag = "user";
+ break;
+
+ case SMB_ACL_GROUP:
+ if ((gr = getgrgid(ap->a_id)) == NULL) {
-+ snprintf(idbuf, sizeof idbuf - 1, "%ld",
++ slprintf(idbuf, sizeof(idbuf)-1, "%ld",
+ (long)ap->a_id);
+ id = idbuf;
+ } else {
+ /* <tag> : <qualifier> : rwx \n \0 */
+ nbytes = strlen(tag) + 1 + strlen(id) + 1 + 3 + 1 + 1;
+
-+ /* If this entry would overflow the buffer
++ /*
++ * If this entry would overflow the buffer
+ * allocate enough additional memory for this
+ * entry and an estimate of another 20 bytes
-+ * for each entry still to be processed. */
++ * for each entry still to be processed
++ */
+ if ((len + nbytes) > maxlen) {
+ char *oldtext = text;
+
+ maxlen += nbytes + 20 * (acl_d->count - i);
+
-+ if ((text = Realloc(oldtext, maxlen)) == NULL) {
-+ free(oldtext);
++ if ((text = SMB_REALLOC(oldtext, maxlen)) == NULL) {
++ SAFE_FREE(oldtext);
+ errno = ENOMEM;
+ return NULL;
+ }
+ }
+
-+ snprintf(&text[len], nbytes-1, "%s:%s:%s\n", tag, id, perms);
++ slprintf(&text[len], nbytes-1, "%s:%s:%s\n", tag, id, perms);
+ len += nbytes - 1;
+ }
+
+ return text;
+}
+
-+ SMB_ACL_T sys_acl_init(int count)
++SMB_ACL_T sys_acl_init(int count)
+{
-+ SMB_ACL_T a;
++ SMB_ACL_T a;
+
+ if (count < 0) {
+ errno = EINVAL;
+ return NULL;
+ }
+
-+ /* Note that since the definition of the structure pointed
++ /*
++ * note that since the definition of the structure pointed
+ * to by the SMB_ACL_T includes the first element of the
+ * acl[] array, this actually allocates an ACL with room
-+ * for (count+1) entries. */
-+ if ((a = malloc(sizeof a[0] + count * sizeof (struct acl))) == NULL) {
++ * for (count+1) entries
++ */
++ if ((a = SMB_MALLOC(sizeof(struct SMB_ACL_T) + count * sizeof(struct acl))) == NULL) {
+ errno = ENOMEM;
+ return NULL;
+ }
+}
+
+
-+ int sys_acl_create_entry(SMB_ACL_T *acl_p, SMB_ACL_ENTRY_T *entry_p)
++int sys_acl_create_entry(SMB_ACL_T *acl_p, SMB_ACL_ENTRY_T *entry_p)
+{
-+ SMB_ACL_T acl_d;
-+ SMB_ACL_ENTRY_T entry_d;
++ SMB_ACL_T acl_d;
++ SMB_ACL_ENTRY_T entry_d;
+
+ if (acl_p == NULL || entry_p == NULL || (acl_d = *acl_p) == NULL) {
+ errno = EINVAL;
+ return -1;
+ }
+
-+ entry_d = &acl_d->acl[acl_d->count++];
-+ entry_d->a_type = 0;
-+ entry_d->a_id = -1;
-+ entry_d->a_perm = 0;
-+ *entry_p = entry_d;
++ entry_d = &acl_d->acl[acl_d->count++];
++ entry_d->a_type = 0;
++ entry_d->a_id = -1;
++ entry_d->a_perm = 0;
++ *entry_p = entry_d;
+
+ return 0;
+}
+
-+ int sys_acl_set_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T tag_type)
++int sys_acl_set_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T tag_type)
+{
+ switch (tag_type) {
+ case SMB_ACL_USER:
+ return 0;
+}
+
-+ int sys_acl_set_qualifier(SMB_ACL_ENTRY_T entry_d, void *qual_p)
++int sys_acl_set_qualifier(SMB_ACL_ENTRY_T entry_d, void *qual_p)
+{
+ if (entry_d->a_type != SMB_ACL_GROUP
+ && entry_d->a_type != SMB_ACL_USER) {
+ return 0;
+}
+
-+ int sys_acl_set_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T permset_d)
++int sys_acl_set_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T permset_d)
+{
+ if (*permset_d & ~(SMB_ACL_READ|SMB_ACL_WRITE|SMB_ACL_EXECUTE)) {
+ return EINVAL;
+ return 0;
+}
+
-+/* Sort the ACL and check it for validity.
++/*
++ * sort the ACL and check it for validity
+ *
-+ * If it's a minimal ACL with only 4 entries then we
++ * if it's a minimal ACL with only 4 entries then we
+ * need to recalculate the mask permissions to make
+ * sure that they are the same as the GROUP_OBJ
+ * permissions as required by the UnixWare acl() system call.
+ *
-+ * (Note: since POSIX allows minimal ACLs which only contain
++ * (note: since POSIX allows minimal ACLs which only contain
+ * 3 entries - ie there is no mask entry - we should, in theory,
+ * check for this and add a mask entry if necessary - however
+ * we "know" that the caller of this interface always specifies
+ * a mask so, in practice "this never happens" (tm) - if it *does*
+ * happen aclsort() will fail and return an error and someone will
-+ * have to fix it ...) */
++ * have to fix it ...)
++ */
+
+static int acl_sort(SMB_ACL_T acl_d)
+{
+ }
+ return 0;
+}
-+
-+ int sys_acl_valid(SMB_ACL_T acl_d)
++
++int sys_acl_valid(SMB_ACL_T acl_d)
+{
+ return acl_sort(acl_d);
+}
+
-+ int sys_acl_set_file(const char *name, SMB_ACL_TYPE_T type, SMB_ACL_T acl_d)
++int sys_acl_set_file(const char *name, SMB_ACL_TYPE_T type, SMB_ACL_T acl_d)
+{
-+ struct stat s;
-+ struct acl *acl_p;
-+ int acl_count;
-+ struct acl *acl_buf = NULL;
-+ int ret;
++ struct stat s;
++ struct acl *acl_p;
++ int acl_count;
++ struct acl *acl_buf = NULL;
++ int ret;
+
+ if (type != SMB_ACL_TYPE_ACCESS && type != SMB_ACL_TYPE_DEFAULT) {
+ errno = EINVAL;
+ return -1;
+ }
+
-+ acl_p = &acl_d->acl[0];
-+ acl_count = acl_d->count;
++ acl_p = &acl_d->acl[0];
++ acl_count = acl_d->count;
+
-+ /* If it's a directory there is extra work to do since the acl()
-+ * system call will replace both the access ACLs and the default
-+ * ACLs (if any). */
++ /*
++ * if it's a directory there is extra work to do
++ * since the acl() system call will replace both
++ * the access ACLs and the default ACLs (if any)
++ */
+ if (stat(name, &s) != 0) {
+ return -1;
+ }
+ if (S_ISDIR(s.st_mode)) {
-+ SMB_ACL_T acc_acl;
-+ SMB_ACL_T def_acl;
-+ SMB_ACL_T tmp_acl;
-+ int i;
++ SMB_ACL_T acc_acl;
++ SMB_ACL_T def_acl;
++ SMB_ACL_T tmp_acl;
++ int i;
+
+ if (type == SMB_ACL_TYPE_ACCESS) {
+ acc_acl = acl_d;
+ return -1;
+ }
+
-+ /* Allocate a temporary buffer for the complete ACL. */
++ /*
++ * allocate a temporary buffer for the complete ACL
++ */
+ acl_count = acc_acl->count + def_acl->count;
-+ acl_p = acl_buf = malloc(acl_count * sizeof acl_buf[0]);
++ acl_p = acl_buf = SMB_MALLOC_ARRAY(struct acl, acl_count);
+
+ if (acl_buf == NULL) {
+ sys_acl_free_acl(tmp_acl);
+ return -1;
+ }
+
-+ /* Copy the access control and default entries into the buffer. */
++ /*
++ * copy the access control and default entries into the buffer
++ */
+ memcpy(&acl_buf[0], &acc_acl->acl[0],
-+ acc_acl->count * sizeof acl_buf[0]);
++ acc_acl->count * sizeof(acl_buf[0]));
+
+ memcpy(&acl_buf[acc_acl->count], &def_acl->acl[0],
-+ def_acl->count * sizeof acl_buf[0]);
++ def_acl->count * sizeof(acl_buf[0]));
+
-+ /* Set the ACL_DEFAULT flag on the default entries. */
++ /*
++ * set the ACL_DEFAULT flag on the default entries
++ */
+ for (i = acc_acl->count; i < acl_count; i++) {
+ acl_buf[i].a_type |= ACL_DEFAULT;
+ }
+
+ ret = acl(name, SETACL, acl_count, acl_p);
+
-+ free(acl_buf);
++ SAFE_FREE(acl_buf);
+
+ return ret;
+}
+
-+ int sys_acl_set_fd(int fd, SMB_ACL_T acl_d)
++int sys_acl_set_fd(int fd, SMB_ACL_T acl_d)
+{
+ if (acl_sort(acl_d) != 0) {
+ return -1;
+ return facl(fd, SETACL, acl_d->count, &acl_d->acl[0]);
+}
+
-+ int sys_acl_delete_def_file(const char *path)
++int sys_acl_delete_def_file(const char *path)
+{
-+ SMB_ACL_T acl_d;
-+ int ret;
++ SMB_ACL_T acl_d;
++ int ret;
+
-+ /* Fetching the access ACL and rewriting it has the effect of
-+ * deleting the default ACL. */
++ /*
++ * fetching the access ACL and rewriting it has
++ * the effect of deleting the default ACL
++ */
+ if ((acl_d = sys_acl_get_file(path, SMB_ACL_TYPE_ACCESS)) == NULL) {
+ return -1;
+ }
+ ret = acl(path, SETACL, acl_d->count, acl_d->acl);
+
+ sys_acl_free_acl(acl_d);
-+
++
+ return ret;
+}
+
-+ int sys_acl_free_text(char *text)
++int sys_acl_free_text(char *text)
+{
-+ free(text);
++ SAFE_FREE(text);
+ return 0;
+}
+
-+ int sys_acl_free_acl(SMB_ACL_T acl_d)
++int sys_acl_free_acl(SMB_ACL_T acl_d)
+{
-+ free(acl_d);
++ SAFE_FREE(acl_d);
+ return 0;
+}
+
-+ int sys_acl_free_qualifier(void *qual, SMB_ACL_TAG_T tagtype)
++int sys_acl_free_qualifier(void *qual, SMB_ACL_TAG_T tagtype)
+{
+ return 0;
+}
+#elif defined(HAVE_HPUX_ACLS)
+#include <dl.h>
+
-+/* Based on the Solaris/SCO code - with modifications. */
++/*
++ * Based on the Solaris/SCO code - with modifications.
++ */
+
-+/* Note that while this code implements sufficient functionality
++/*
++ * Note that while this code implements sufficient functionality
+ * to support the sys_acl_* interfaces it does not provide all
+ * of the semantics of the POSIX ACL interfaces.
+ *
+ * sys_acl_set_fd()
+ */
+
-+/* This checks if the POSIX ACL system call is defined which basically
-+ * corresponds to whether JFS 3.3 or higher is installed. If acl() was
-+ * called when it isn't defined, it causes the process to core dump so
-+ * it is important to check this and avoid acl() calls if it isn't
-+ * there. */
++/* This checks if the POSIX ACL system call is defined */
++/* which basically corresponds to whether JFS 3.3 or */
++/* higher is installed. If acl() was called when it */
++/* isn't defined, it causes the process to core dump */
++/* so it is important to check this and avoid acl() */
++/* calls if it isn't there. */
+
+static BOOL hpux_acl_call_presence(void)
+{
+ int ret_val=0;
+ static BOOL already_checked=0;
+
-+ if (already_checked)
++ if(already_checked)
+ return True;
+
+
+ ret_val = shl_findsym(&handle, "acl", TYPE_PROCEDURE, &value);
+
-+ if (ret_val != 0) {
++ if(ret_val != 0) {
+ DEBUG(5, ("hpux_acl_call_presence: shl_findsym() returned %d, errno = %d, error %s\n",
+ ret_val, errno, strerror(errno)));
+ DEBUG(5,("hpux_acl_call_presence: acl() system call is not present. Check if you have JFS 3.3 and above?\n"));
+ return True;
+}
+
-+ int sys_acl_get_entry(SMB_ACL_T acl_d, int entry_id, SMB_ACL_ENTRY_T *entry_p)
++int sys_acl_get_entry(SMB_ACL_T acl_d, int entry_id, SMB_ACL_ENTRY_T *entry_p)
+{
+ if (entry_id != SMB_ACL_FIRST_ENTRY && entry_id != SMB_ACL_NEXT_ENTRY) {
+ errno = EINVAL;
+ return 1;
+}
+
-+ int sys_acl_get_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *type_p)
++int sys_acl_get_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *type_p)
+{
+ *type_p = entry_d->a_type;
+
+ return 0;
+}
+
-+ int sys_acl_get_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
++int sys_acl_get_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
+{
+ *permset_p = &entry_d->a_perm;
+
+ return 0;
+}
+
-+ void *sys_acl_get_qualifier(SMB_ACL_ENTRY_T entry_d)
++void *sys_acl_get_qualifier(SMB_ACL_ENTRY_T entry_d)
+{
+ if (entry_d->a_type != SMB_ACL_USER
+ && entry_d->a_type != SMB_ACL_GROUP) {
+ return &entry_d->a_id;
+}
+
-+/* There is no way of knowing what size the ACL returned by
++/*
++ * There is no way of knowing what size the ACL returned by
+ * ACL_GET will be unless you first call ACL_CNT which means
+ * making an additional system call.
+ *
+ * size, reallocate the ACL buffer, and then call ACL_GET again.
+ */
+
-+#define INITIAL_ACL_SIZE 16
++#define INITIAL_ACL_SIZE 16
+
-+ SMB_ACL_T sys_acl_get_file(const char *path_p, SMB_ACL_TYPE_T type)
++SMB_ACL_T sys_acl_get_file(const char *path_p, SMB_ACL_TYPE_T type)
+{
-+ SMB_ACL_T acl_d;
-+ int count; /* # of ACL entries allocated */
-+ int naccess; /* # of access ACL entries */
-+ int ndefault; /* # of default ACL entries */
++ SMB_ACL_T acl_d;
++ int count; /* # of ACL entries allocated */
++ int naccess; /* # of access ACL entries */
++ int ndefault; /* # of default ACL entries */
+
-+ if (hpux_acl_call_presence() == False) {
-+ /* Looks like we don't have the acl() system call on HPUX.
-+ * May be the system doesn't have the latest version of JFS. */
-+ return NULL;
++ if(hpux_acl_call_presence() == False) {
++ /* Looks like we don't have the acl() system call on HPUX.
++ * May be the system doesn't have the latest version of JFS.
++ */
++ return NULL;
+ }
+
+ if (type != SMB_ACL_TYPE_ACCESS && type != SMB_ACL_TYPE_DEFAULT) {
+ return NULL;
+ }
+
-+ /* If there isn't enough space for the ACL entries we use
++ /*
++ * If there isn't enough space for the ACL entries we use
+ * ACL_CNT to determine the actual number of ACL entries
+ * reallocate and try again. This is in a loop because it
+ * is possible that someone else could modify the ACL and
+ * increase the number of entries between the call to
-+ * ACL_CNT and the call to ACL_GET. */
++ * ACL_CNT and the call to ACL_GET.
++ */
+ while ((count = acl(path_p, ACL_GET, count, &acl_d->acl[0])) < 0 && errno == ENOSPC) {
+
+ sys_acl_free_acl(acl_d);
+ return NULL;
+ }
+
-+ /* Calculate the number of access and default ACL entries.
++ /*
++ * calculate the number of access and default ACL entries
+ *
+ * Note: we assume that the acl() system call returned a
+ * well formed ACL which is sorted so that all of the
-+ * access ACL entries preceed any default ACL entries. */
++ * access ACL entries preceed any default ACL entries
++ */
+ for (naccess = 0; naccess < count; naccess++) {
+ if (acl_d->acl[naccess].a_type & ACL_DEFAULT)
+ break;
+ }
+ ndefault = count - naccess;
-+
-+ /* If the caller wants the default ACL we have to copy
++
++ /*
++ * if the caller wants the default ACL we have to copy
+ * the entries down to the start of the acl[] buffer
-+ * and mask out the ACL_DEFAULT flag from the type field. */
++ * and mask out the ACL_DEFAULT flag from the type field
++ */
+ if (type == SMB_ACL_TYPE_DEFAULT) {
-+ int i, j;
++ int i, j;
+
+ for (i = 0, j = naccess; i < ndefault; i++, j++) {
+ acl_d->acl[i] = acl_d->acl[j];
+ return acl_d;
+}
+
-+ SMB_ACL_T sys_acl_get_fd(int fd)
++SMB_ACL_T sys_acl_get_fd(int fd)
+{
-+ /* HPUX doesn't have the facl call. Fake it using the path.... JRA. */
++ /*
++ * HPUX doesn't have the facl call. Fake it using the path.... JRA.
++ */
+
+ files_struct *fsp = file_find_fd(fd);
+
+ return NULL;
+ }
+
-+ /* We know we're in the same conn context. So we can use the
-+ * relative path. */
++ /*
++ * We know we're in the same conn context. So we
++ * can use the relative path.
++ */
+
-+ return sys_acl_get_file(dos_to_unix_static(fsp->fsp_name), SMB_ACL_TYPE_ACCESS);
++ return sys_acl_get_file(fsp->fsp_name, SMB_ACL_TYPE_ACCESS);
+}
+
-+ int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset_d)
++int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset_d)
+{
+ *permset_d = 0;
+
+ return 0;
+}
+
-+ int sys_acl_add_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm)
++int sys_acl_add_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm)
+{
+ if (perm != SMB_ACL_READ && perm != SMB_ACL_WRITE
+ && perm != SMB_ACL_EXECUTE) {
+ return 0;
+}
+
-+ int sys_acl_get_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm)
++int sys_acl_get_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm)
+{
+ return *permset_d & perm;
+}
+
-+ char *sys_acl_to_text(SMB_ACL_T acl_d, ssize_t *len_p)
++char *sys_acl_to_text(SMB_ACL_T acl_d, ssize_t *len_p)
+{
-+ int i;
-+ int len, maxlen;
-+ char *text;
-+
-+ /* Use an initial estimate of 20 bytes per ACL entry when
-+ * allocating memory for the text representation of the ACL. */
-+ len = 0;
-+ maxlen = 20 * acl_d->count;
-+ if ((text = malloc(maxlen)) == NULL) {
++ int i;
++ int len, maxlen;
++ char *text;
++
++ /*
++ * use an initial estimate of 20 bytes per ACL entry
++ * when allocating memory for the text representation
++ * of the ACL
++ */
++ len = 0;
++ maxlen = 20 * acl_d->count;
++ if ((text = SMB_MALLOC(maxlen)) == NULL) {
+ errno = ENOMEM;
+ return NULL;
+ }
+
+ for (i = 0; i < acl_d->count; i++) {
-+ struct acl *ap = &acl_d->acl[i];
-+ struct passwd *pw;
-+ struct group *gr;
-+ char tagbuf[12];
-+ char idbuf[12];
-+ char *tag;
-+ char *id = "";
-+ char perms[4];
-+ int nbytes;
++ struct acl *ap = &acl_d->acl[i];
++ struct passwd *pw;
++ struct group *gr;
++ char tagbuf[12];
++ char idbuf[12];
++ char *tag;
++ char *id = "";
++ char perms[4];
++ int nbytes;
+
+ switch (ap->a_type) {
-+ /* For debugging purposes it's probably more
++ /*
++ * for debugging purposes it's probably more
+ * useful to dump unknown tag types rather
-+ * than just returning an error. */
++ * than just returning an error
++ */
+ default:
-+ snprintf(tagbuf, sizeof tagbuf - 1, "0x%x",
++ slprintf(tagbuf, sizeof(tagbuf)-1, "0x%x",
+ ap->a_type);
+ tag = tagbuf;
-+ snprintf(idbuf, sizeof idbuf - 1, "%ld",
++ slprintf(idbuf, sizeof(idbuf)-1, "%ld",
+ (long)ap->a_id);
+ id = idbuf;
+ break;
+
+ case SMB_ACL_USER:
-+ if ((pw = getpwuid(ap->a_id)) == NULL) {
-+ snprintf(idbuf, sizeof idbuf - 1, "%ld",
-+ (long)ap->a_id);
-+ id = idbuf;
-+ } else {
-+ id = pw->pw_name;
-+ }
++ id = uidtoname(ap->a_id);
+ case SMB_ACL_USER_OBJ:
+ tag = "user";
+ break;
+
+ case SMB_ACL_GROUP:
+ if ((gr = getgrgid(ap->a_id)) == NULL) {
-+ snprintf(idbuf, sizeof idbuf - 1, "%ld",
++ slprintf(idbuf, sizeof(idbuf)-1, "%ld",
+ (long)ap->a_id);
+ id = idbuf;
+ } else {
+ /* <tag> : <qualifier> : rwx \n \0 */
+ nbytes = strlen(tag) + 1 + strlen(id) + 1 + 3 + 1 + 1;
+
-+ /* If this entry would overflow the buffer
++ /*
++ * If this entry would overflow the buffer
+ * allocate enough additional memory for this
+ * entry and an estimate of another 20 bytes
-+ * for each entry still to be processed. */
++ * for each entry still to be processed
++ */
+ if ((len + nbytes) > maxlen) {
+ char *oldtext = text;
+
+ maxlen += nbytes + 20 * (acl_d->count - i);
+
-+ if ((text = Realloc(oldtext, maxlen)) == NULL) {
++ if ((text = SMB_REALLOC(oldtext, maxlen)) == NULL) {
+ free(oldtext);
+ errno = ENOMEM;
+ return NULL;
+ }
+ }
+
-+ snprintf(&text[len], nbytes-1, "%s:%s:%s\n", tag, id, perms);
++ slprintf(&text[len], nbytes-1, "%s:%s:%s\n", tag, id, perms);
+ len += nbytes - 1;
+ }
+
+ return text;
+}
+
-+ SMB_ACL_T sys_acl_init(int count)
++SMB_ACL_T sys_acl_init(int count)
+{
-+ SMB_ACL_T a;
++ SMB_ACL_T a;
+
+ if (count < 0) {
+ errno = EINVAL;
+ return NULL;
+ }
+
-+ /* Note that since the definition of the structure pointed
++ /*
++ * note that since the definition of the structure pointed
+ * to by the SMB_ACL_T includes the first element of the
+ * acl[] array, this actually allocates an ACL with room
-+ * for (count+1) entries. */
-+ if ((a = malloc(sizeof a[0] + count * sizeof (struct acl))) == NULL) {
++ * for (count+1) entries
++ */
++ if ((a = SMB_MALLOC(sizeof(struct SMB_ACL_T) + count * sizeof(struct acl))) == NULL) {
+ errno = ENOMEM;
+ return NULL;
+ }
+}
+
+
-+ int sys_acl_create_entry(SMB_ACL_T *acl_p, SMB_ACL_ENTRY_T *entry_p)
++int sys_acl_create_entry(SMB_ACL_T *acl_p, SMB_ACL_ENTRY_T *entry_p)
+{
-+ SMB_ACL_T acl_d;
-+ SMB_ACL_ENTRY_T entry_d;
++ SMB_ACL_T acl_d;
++ SMB_ACL_ENTRY_T entry_d;
+
+ if (acl_p == NULL || entry_p == NULL || (acl_d = *acl_p) == NULL) {
+ errno = EINVAL;
+ return -1;
+ }
+
-+ entry_d = &acl_d->acl[acl_d->count++];
-+ entry_d->a_type = 0;
-+ entry_d->a_id = -1;
-+ entry_d->a_perm = 0;
-+ *entry_p = entry_d;
++ entry_d = &acl_d->acl[acl_d->count++];
++ entry_d->a_type = 0;
++ entry_d->a_id = -1;
++ entry_d->a_perm = 0;
++ *entry_p = entry_d;
+
+ return 0;
+}
+
-+ int sys_acl_set_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T tag_type)
++int sys_acl_set_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T tag_type)
+{
+ switch (tag_type) {
+ case SMB_ACL_USER:
+ return 0;
+}
+
-+ int sys_acl_set_qualifier(SMB_ACL_ENTRY_T entry_d, void *qual_p)
++int sys_acl_set_qualifier(SMB_ACL_ENTRY_T entry_d, void *qual_p)
+{
+ if (entry_d->a_type != SMB_ACL_GROUP
+ && entry_d->a_type != SMB_ACL_USER) {
+ return 0;
+}
+
-+ int sys_acl_set_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T permset_d)
++int sys_acl_set_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T permset_d)
+{
+ if (*permset_d & ~(SMB_ACL_READ|SMB_ACL_WRITE|SMB_ACL_EXECUTE)) {
+ return EINVAL;
+ * aclp - Array of ACL structures.
+ * acl_type_count - Pointer to acl_types structure. Should already be
+ * allocated.
-+ * Output:
++ * Output:
+ *
-+ * acl_type_count - This structure is filled up with counts of various
++ * acl_type_count - This structure is filled up with counts of various
+ * acl types.
+ */
+
+{
+ int i;
+
-+ memset(acl_type_count, 0, sizeof (struct hpux_acl_types));
++ memset(acl_type_count, 0, sizeof(struct hpux_acl_types));
+
-+ for (i=0;i<acl_count;i++) {
-+ switch (aclp[i].a_type) {
-+ case USER:
++ for(i=0;i<acl_count;i++) {
++ switch(aclp[i].a_type) {
++ case USER:
+ acl_type_count->n_user++;
+ break;
-+ case USER_OBJ:
++ case USER_OBJ:
+ acl_type_count->n_user_obj++;
+ break;
-+ case DEF_USER_OBJ:
++ case DEF_USER_OBJ:
+ acl_type_count->n_def_user_obj++;
+ break;
-+ case GROUP:
++ case GROUP:
+ acl_type_count->n_group++;
+ break;
-+ case GROUP_OBJ:
++ case GROUP_OBJ:
+ acl_type_count->n_group_obj++;
+ break;
-+ case DEF_GROUP_OBJ:
++ case DEF_GROUP_OBJ:
+ acl_type_count->n_def_group_obj++;
+ break;
-+ case OTHER_OBJ:
++ case OTHER_OBJ:
+ acl_type_count->n_other_obj++;
+ break;
-+ case DEF_OTHER_OBJ:
++ case DEF_OTHER_OBJ:
+ acl_type_count->n_def_other_obj++;
+ break;
+ case CLASS_OBJ:
+ case DEF_GROUP:
+ acl_type_count->n_def_group++;
+ break;
-+ default:
++ default:
+ acl_type_count->n_illegal_obj++;
+ break;
+ }
+ }
+}
+
-+/* swap_acl_entries: Swaps two ACL entries.
++/* swap_acl_entries: Swaps two ACL entries.
+ *
+ * Inputs: aclp0, aclp1 - ACL entries to be swapped.
+ */
+}
+
+/* prohibited_duplicate_type
-+ * Identifies if given ACL type can have duplicate entries or
++ * Identifies if given ACL type can have duplicate entries or
+ * not.
+ *
+ * Inputs: acl_type - ACL Type.
+ *
-+ * Outputs:
++ * Outputs:
+ *
-+ * Return..
++ * Return..
+ *
+ * True - If the ACL type matches any of the prohibited types.
+ * False - If the ACL type doesn't match any of the prohibited types.
-+ */
++ */
+
+static BOOL hpux_prohibited_duplicate_type(int acl_type)
+{
-+ switch (acl_type) {
++ switch(acl_type) {
+ case USER:
+ case GROUP:
-+ case DEF_USER:
++ case DEF_USER:
+ case DEF_GROUP:
+ return True;
++ default:
++ return False;
+ }
-+ return False;
+}
+
+/* get_needed_class_perm
+ * Returns the permissions of a ACL structure only if the ACL
-+ * type matches one of the pre-determined types for computing
++ * type matches one of the pre-determined types for computing
+ * CLASS_OBJ permissions.
+ *
+ * Inputs: aclp - Pointer to ACL structure.
+
+static int hpux_get_needed_class_perm(struct acl *aclp)
+{
-+ switch (aclp->a_type) {
-+ case USER:
-+ case GROUP_OBJ:
-+ case GROUP:
-+ case DEF_USER_OBJ:
++ switch(aclp->a_type) {
++ case USER:
++ case GROUP_OBJ:
++ case GROUP:
++ case DEF_USER_OBJ:
+ case DEF_USER:
-+ case DEF_GROUP_OBJ:
++ case DEF_GROUP_OBJ:
+ case DEF_GROUP:
+ case DEF_CLASS_OBJ:
-+ case DEF_OTHER_OBJ:
++ case DEF_OTHER_OBJ:
+ return aclp->a_perm;
-+ default:
++ default:
+ return 0;
+ }
+}
+static int hpux_acl_sort(int acl_count, int calclass, struct acl *aclp)
+{
+#if !defined(HAVE_HPUX_ACLSORT)
-+ /* The aclsort() system call is availabe on the latest HPUX General
-+ * Patch Bundles. So for HPUX, we developed our version of acl_sort
-+ * function. Because, we don't want to update to a new
-+ * HPUX GR bundle just for aclsort() call. */
++ /*
++ * The aclsort() system call is availabe on the latest HPUX General
++ * Patch Bundles. So for HPUX, we developed our version of acl_sort
++ * function. Because, we don't want to update to a new
++ * HPUX GR bundle just for aclsort() call.
++ */
+
+ struct hpux_acl_types acl_obj_count;
+ int n_class_obj_perm = 0;
+ int i, j;
-+
-+ if (!acl_count) {
++
++ if(!acl_count) {
+ DEBUG(10,("Zero acl count passed. Returning Success\n"));
+ return 0;
+ }
+
-+ if (aclp == NULL) {
++ if(aclp == NULL) {
+ DEBUG(0,("Null ACL pointer in hpux_acl_sort. Returning Failure. \n"));
+ return -1;
+ }
+
+ hpux_count_obj(acl_count, aclp, &acl_obj_count);
+
-+ /* There should be only one entry each of type USER_OBJ, GROUP_OBJ,
-+ * CLASS_OBJ and OTHER_OBJ
++ /* There should be only one entry each of type USER_OBJ, GROUP_OBJ,
++ * CLASS_OBJ and OTHER_OBJ
+ */
+
-+ if (acl_obj_count.n_user_obj != 1
-+ || acl_obj_count.n_group_obj != 1
-+ || acl_obj_count.n_class_obj != 1
-+ || acl_obj_count.n_other_obj != 1) {
++ if( (acl_obj_count.n_user_obj != 1) ||
++ (acl_obj_count.n_group_obj != 1) ||
++ (acl_obj_count.n_class_obj != 1) ||
++ (acl_obj_count.n_other_obj != 1)
++ ) {
+ DEBUG(0,("hpux_acl_sort: More than one entry or no entries for \
+USER OBJ or GROUP_OBJ or OTHER_OBJ or CLASS_OBJ\n"));
+ return -1;
+ * one of them each.
+ */
+
-+ if (acl_obj_count.n_def_user_obj > 1 || acl_obj_count.n_def_group_obj > 1 ||
-+ acl_obj_count.n_def_other_obj > 1 || acl_obj_count.n_def_class_obj > 1) {
++ if( (acl_obj_count.n_def_user_obj > 1) || (acl_obj_count.n_def_group_obj > 1) ||
++ (acl_obj_count.n_def_other_obj > 1) || (acl_obj_count.n_def_class_obj > 1) ) {
+ DEBUG(0,("hpux_acl_sort: More than one entry for DEF_CLASS_OBJ \
+or DEF_USER_OBJ or DEF_GROUP_OBJ or DEF_OTHER_OBJ\n"));
+ return -1;
+ }
+
-+ /* We now have proper number of OBJ and DEF_OBJ entries. Now sort the acl
-+ * structures.
++ /* We now have proper number of OBJ and DEF_OBJ entries. Now sort the acl
++ * structures.
+ *
+ * Sorting crieteria - First sort by ACL type. If there are multiple entries of
+ * same ACL type, sort by ACL id.
+ *
-+ * I am using the trival kind of sorting method here because, performance isn't
++ * I am using the trival kind of sorting method here because, performance isn't
+ * really effected by the ACLs feature. More over there aren't going to be more
-+ * than 17 entries on HPUX.
++ * than 17 entries on HPUX.
+ */
+
-+ for (i=0; i<acl_count;i++) {
++ for(i=0; i<acl_count;i++) {
+ for (j=i+1; j<acl_count; j++) {
-+ if (aclp[i].a_type > aclp[j].a_type) {
++ if( aclp[i].a_type > aclp[j].a_type ) {
+ /* ACL entries out of order, swap them */
+
+ hpux_swap_acl_entries((aclp+i), (aclp+j));
+
-+ } else if (aclp[i].a_type == aclp[j].a_type) {
++ } else if ( aclp[i].a_type == aclp[j].a_type ) {
+
+ /* ACL entries of same type, sort by id */
+
-+ if (aclp[i].a_id > aclp[j].a_id) {
++ if(aclp[i].a_id > aclp[j].a_id) {
+ hpux_swap_acl_entries((aclp+i), (aclp+j));
+ } else if (aclp[i].a_id == aclp[j].a_id) {
+ /* We have a duplicate entry. */
-+ if (hpux_prohibited_duplicate_type(aclp[i].a_type)) {
++ if(hpux_prohibited_duplicate_type(aclp[i].a_type)) {
+ DEBUG(0, ("hpux_acl_sort: Duplicate entry: Type(hex): %x Id: %d\n",
+ aclp[i].a_type, aclp[i].a_id));
+ return -1;
+ }
+
+ /* set the class obj permissions to the computed one. */
-+ if (calclass) {
++ if(calclass) {
+ int n_class_obj_index = -1;
+
-+ for (i=0;i<acl_count;i++) {
++ for(i=0;i<acl_count;i++) {
+ n_class_obj_perm |= hpux_get_needed_class_perm((aclp+i));
+
-+ if (aclp[i].a_type == CLASS_OBJ)
++ if(aclp[i].a_type == CLASS_OBJ)
+ n_class_obj_index = i;
+ }
+ aclp[n_class_obj_index].a_perm = n_class_obj_perm;
+#endif
+}
+
-+/* Sort the ACL and check it for validity.
++/*
++ * sort the ACL and check it for validity
+ *
-+ * If it's a minimal ACL with only 4 entries then we
++ * if it's a minimal ACL with only 4 entries then we
+ * need to recalculate the mask permissions to make
+ * sure that they are the same as the GROUP_OBJ
+ * permissions as required by the UnixWare acl() system call.
+ *
-+ * (Note: since POSIX allows minimal ACLs which only contain
++ * (note: since POSIX allows minimal ACLs which only contain
+ * 3 entries - ie there is no mask entry - we should, in theory,
+ * check for this and add a mask entry if necessary - however
+ * we "know" that the caller of this interface always specifies
+ * a mask so, in practice "this never happens" (tm) - if it *does*
+ * happen aclsort() will fail and return an error and someone will
-+ * have to fix it ...) */
++ * have to fix it ...)
++ */
+
+static int acl_sort(SMB_ACL_T acl_d)
+{
+ }
+ return 0;
+}
-+
-+ int sys_acl_valid(SMB_ACL_T acl_d)
++
++int sys_acl_valid(SMB_ACL_T acl_d)
+{
+ return acl_sort(acl_d);
+}
+
-+ int sys_acl_set_file(const char *name, SMB_ACL_TYPE_T type, SMB_ACL_T acl_d)
++int sys_acl_set_file(const char *name, SMB_ACL_TYPE_T type, SMB_ACL_T acl_d)
+{
-+ struct stat s;
-+ struct acl *acl_p;
-+ int acl_count;
-+ struct acl *acl_buf = NULL;
-+ int ret;
++ struct stat s;
++ struct acl *acl_p;
++ int acl_count;
++ struct acl *acl_buf = NULL;
++ int ret;
+
-+ if (hpux_acl_call_presence() == False) {
-+ /* Looks like we don't have the acl() system call on HPUX.
-+ * May be the system doesn't have the latest version of JFS. */
-+ errno = ENOSYS;
-+ return -1;
++ if(hpux_acl_call_presence() == False) {
++ /* Looks like we don't have the acl() system call on HPUX.
++ * May be the system doesn't have the latest version of JFS.
++ */
++ errno=ENOSYS;
++ return -1;
+ }
+
+ if (type != SMB_ACL_TYPE_ACCESS && type != SMB_ACL_TYPE_DEFAULT) {
+ return -1;
+ }
+
-+ acl_p = &acl_d->acl[0];
-+ acl_count = acl_d->count;
++ acl_p = &acl_d->acl[0];
++ acl_count = acl_d->count;
+
-+ /* If it's a directory there is extra work to do since the acl()
-+ * system call will replace both the access ACLs and the default
-+ * ACLs (if any). */
++ /*
++ * if it's a directory there is extra work to do
++ * since the acl() system call will replace both
++ * the access ACLs and the default ACLs (if any)
++ */
+ if (stat(name, &s) != 0) {
+ return -1;
+ }
+ if (S_ISDIR(s.st_mode)) {
-+ SMB_ACL_T acc_acl;
-+ SMB_ACL_T def_acl;
-+ SMB_ACL_T tmp_acl;
-+ int i;
++ SMB_ACL_T acc_acl;
++ SMB_ACL_T def_acl;
++ SMB_ACL_T tmp_acl;
++ int i;
+
+ if (type == SMB_ACL_TYPE_ACCESS) {
+ acc_acl = acl_d;
+ return -1;
+ }
+
-+ /* Allocate a temporary buffer for the complete ACL. */
++ /*
++ * allocate a temporary buffer for the complete ACL
++ */
+ acl_count = acc_acl->count + def_acl->count;
-+ acl_p = acl_buf = malloc(acl_count * sizeof acl_buf[0]);
++ acl_p = acl_buf = SMB_MALLOC_ARRAY(struct acl, acl_count);
+
+ if (acl_buf == NULL) {
+ sys_acl_free_acl(tmp_acl);
+ return -1;
+ }
+
-+ /* Copy the access control and default entries into the buffer. */
++ /*
++ * copy the access control and default entries into the buffer
++ */
+ memcpy(&acl_buf[0], &acc_acl->acl[0],
-+ acc_acl->count * sizeof acl_buf[0]);
++ acc_acl->count * sizeof(acl_buf[0]));
+
+ memcpy(&acl_buf[acc_acl->count], &def_acl->acl[0],
-+ def_acl->count * sizeof acl_buf[0]);
++ def_acl->count * sizeof(acl_buf[0]));
+
-+ /* Set the ACL_DEFAULT flag on the default entries. */
++ /*
++ * set the ACL_DEFAULT flag on the default entries
++ */
+ for (i = acc_acl->count; i < acl_count; i++) {
+ acl_buf[i].a_type |= ACL_DEFAULT;
+ }
+
+ ret = acl(name, ACL_SET, acl_count, acl_p);
+
-+ free(acl_buf);
++ if (acl_buf) {
++ free(acl_buf);
++ }
+
+ return ret;
+}
+
-+ int sys_acl_set_fd(int fd, SMB_ACL_T acl_d)
++int sys_acl_set_fd(int fd, SMB_ACL_T acl_d)
+{
-+ /* HPUX doesn't have the facl call. Fake it using the path.... JRA. */
++ /*
++ * HPUX doesn't have the facl call. Fake it using the path.... JRA.
++ */
+
+ files_struct *fsp = file_find_fd(fd);
+
+ return -1;
+ }
+
-+ /* We know we're in the same conn context. So we can use the
-+ * relative path. */
++ /*
++ * We know we're in the same conn context. So we
++ * can use the relative path.
++ */
+
-+ return sys_acl_set_file(dos_to_unix_static(fsp->fsp_name), SMB_ACL_TYPE_ACCESS, acl_d);
++ return sys_acl_set_file(fsp->fsp_name, SMB_ACL_TYPE_ACCESS, acl_d);
+}
+
-+ int sys_acl_delete_def_file(const char *path)
++int sys_acl_delete_def_file(const char *path)
+{
-+ SMB_ACL_T acl_d;
-+ int ret;
++ SMB_ACL_T acl_d;
++ int ret;
+
-+ /* Fetching the access ACL and rewriting it has the effect of
-+ * deleting the default ACL. */
++ /*
++ * fetching the access ACL and rewriting it has
++ * the effect of deleting the default ACL
++ */
+ if ((acl_d = sys_acl_get_file(path, SMB_ACL_TYPE_ACCESS)) == NULL) {
+ return -1;
+ }
+ ret = acl(path, ACL_SET, acl_d->count, acl_d->acl);
+
+ sys_acl_free_acl(acl_d);
-+
++
+ return ret;
+}
+
-+ int sys_acl_free_text(char *text)
++int sys_acl_free_text(char *text)
+{
+ free(text);
+ return 0;
+}
+
-+ int sys_acl_free_acl(SMB_ACL_T acl_d)
++int sys_acl_free_acl(SMB_ACL_T acl_d)
+{
+ free(acl_d);
+ return 0;
+}
+
-+ int sys_acl_free_qualifier(void *qual, SMB_ACL_TAG_T tagtype)
++int sys_acl_free_qualifier(void *qual, SMB_ACL_TAG_T tagtype)
+{
+ return 0;
+}
+
+#elif defined(HAVE_IRIX_ACLS)
+
-+ int sys_acl_get_entry(SMB_ACL_T acl_d, int entry_id, SMB_ACL_ENTRY_T *entry_p)
++int sys_acl_get_entry(SMB_ACL_T acl_d, int entry_id, SMB_ACL_ENTRY_T *entry_p)
+{
+ if (entry_id != SMB_ACL_FIRST_ENTRY && entry_id != SMB_ACL_NEXT_ENTRY) {
+ errno = EINVAL;
+ return 1;
+}
+
-+ int sys_acl_get_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *type_p)
++int sys_acl_get_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *type_p)
+{
+ *type_p = entry_d->ae_tag;
+
+ return 0;
+}
+
-+ int sys_acl_get_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
++int sys_acl_get_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
+{
+ *permset_p = entry_d;
+
+ return 0;
+}
+
-+ void *sys_acl_get_qualifier(SMB_ACL_ENTRY_T entry_d)
++void *sys_acl_get_qualifier(SMB_ACL_ENTRY_T entry_d)
+{
+ if (entry_d->ae_tag != SMB_ACL_USER
+ && entry_d->ae_tag != SMB_ACL_GROUP) {
+ return &entry_d->ae_id;
+}
+
-+ SMB_ACL_T sys_acl_get_file(const char *path_p, SMB_ACL_TYPE_T type)
++SMB_ACL_T sys_acl_get_file(const char *path_p, SMB_ACL_TYPE_T type)
+{
-+ SMB_ACL_T a;
++ SMB_ACL_T a;
+
-+ if ((a = malloc(sizeof a[0])) == NULL) {
++ if ((a = SMB_MALLOC_P(struct SMB_ACL_T)) == NULL) {
+ errno = ENOMEM;
+ return NULL;
+ }
+ if ((a->aclp = acl_get_file(path_p, type)) == NULL) {
-+ free(a);
++ SAFE_FREE(a);
+ return NULL;
+ }
+ a->next = -1;
+ return a;
+}
+
-+ SMB_ACL_T sys_acl_get_fd(int fd)
++SMB_ACL_T sys_acl_get_fd(int fd)
+{
-+ SMB_ACL_T a;
++ SMB_ACL_T a;
+
-+ if ((a = malloc(sizeof a[0])) == NULL) {
++ if ((a = SMB_MALLOC_P(struct SMB_ACL_T)) == NULL) {
+ errno = ENOMEM;
+ return NULL;
+ }
+ if ((a->aclp = acl_get_fd(fd)) == NULL) {
-+ free(a);
++ SAFE_FREE(a);
+ return NULL;
+ }
+ a->next = -1;
+ return a;
+}
+
-+ int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset_d)
++int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset_d)
+{
+ permset_d->ae_perm = 0;
+
+ return 0;
+}
+
-+ int sys_acl_add_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm)
++int sys_acl_add_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm)
+{
+ if (perm != SMB_ACL_READ && perm != SMB_ACL_WRITE
+ && perm != SMB_ACL_EXECUTE) {
+ return 0;
+}
+
-+ int sys_acl_get_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm)
++int sys_acl_get_perm(SMB_ACL_PERMSET_T permset_d, SMB_ACL_PERM_T perm)
+{
+ return permset_d->ae_perm & perm;
+}
+
-+ char *sys_acl_to_text(SMB_ACL_T acl_d, ssize_t *len_p)
++char *sys_acl_to_text(SMB_ACL_T acl_d, ssize_t *len_p)
+{
+ return acl_to_text(acl_d->aclp, len_p);
+}
+
-+ SMB_ACL_T sys_acl_init(int count)
++SMB_ACL_T sys_acl_init(int count)
+{
-+ SMB_ACL_T a;
++ SMB_ACL_T a;
+
+ if (count < 0) {
+ errno = EINVAL;
+ return NULL;
+ }
+
-+ if ((a = malloc(sizeof a[0] + sizeof (struct acl))) == NULL) {
++ if ((a = SMB_MALLOC(sizeof(struct SMB_ACL_T) + sizeof(struct acl))) == NULL) {
+ errno = ENOMEM;
+ return NULL;
+ }
+
+ a->next = -1;
+ a->freeaclp = False;
-+ a->aclp = (struct acl *)(&a->aclp + sizeof (struct acl *));
++ a->aclp = (struct acl *)(&a->aclp + sizeof(struct acl *));
+ a->aclp->acl_cnt = 0;
+
+ return a;
+}
+
+
-+ int sys_acl_create_entry(SMB_ACL_T *acl_p, SMB_ACL_ENTRY_T *entry_p)
++int sys_acl_create_entry(SMB_ACL_T *acl_p, SMB_ACL_ENTRY_T *entry_p)
+{
-+ SMB_ACL_T acl_d;
-+ SMB_ACL_ENTRY_T entry_d;
++ SMB_ACL_T acl_d;
++ SMB_ACL_ENTRY_T entry_d;
+
+ if (acl_p == NULL || entry_p == NULL || (acl_d = *acl_p) == NULL) {
+ errno = EINVAL;
+ return -1;
+ }
+
-+ entry_d = &acl_d->aclp->acl_entry[acl_d->aclp->acl_cnt++];
-+ entry_d->ae_tag = 0;
-+ entry_d->ae_id = 0;
-+ entry_d->ae_perm = 0;
-+ *entry_p = entry_d;
++ entry_d = &acl_d->aclp->acl_entry[acl_d->aclp->acl_cnt++];
++ entry_d->ae_tag = 0;
++ entry_d->ae_id = 0;
++ entry_d->ae_perm = 0;
++ *entry_p = entry_d;
+
+ return 0;
+}
+
-+ int sys_acl_set_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T tag_type)
++int sys_acl_set_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T tag_type)
+{
+ switch (tag_type) {
+ case SMB_ACL_USER:
+ return 0;
+}
+
-+ int sys_acl_set_qualifier(SMB_ACL_ENTRY_T entry_d, void *qual_p)
++int sys_acl_set_qualifier(SMB_ACL_ENTRY_T entry_d, void *qual_p)
+{
+ if (entry_d->ae_tag != SMB_ACL_GROUP
+ && entry_d->ae_tag != SMB_ACL_USER) {
+ return 0;
+}
+
-+ int sys_acl_set_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T permset_d)
++int sys_acl_set_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T permset_d)
+{
+ if (permset_d->ae_perm & ~(SMB_ACL_READ|SMB_ACL_WRITE|SMB_ACL_EXECUTE)) {
+ return EINVAL;
+ return 0;
+}
+
-+ int sys_acl_valid(SMB_ACL_T acl_d)
++int sys_acl_valid(SMB_ACL_T acl_d)
+{
+ return acl_valid(acl_d->aclp);
+}
+
-+ int sys_acl_set_file(const char *name, SMB_ACL_TYPE_T type, SMB_ACL_T acl_d)
++int sys_acl_set_file(const char *name, SMB_ACL_TYPE_T type, SMB_ACL_T acl_d)
+{
+ return acl_set_file(name, type, acl_d->aclp);
+}
+
-+ int sys_acl_set_fd(int fd, SMB_ACL_T acl_d)
++int sys_acl_set_fd(int fd, SMB_ACL_T acl_d)
+{
+ return acl_set_fd(fd, acl_d->aclp);
+}
+
-+ int sys_acl_delete_def_file(const char *name)
++int sys_acl_delete_def_file(const char *name)
+{
+ return acl_delete_def_file(name);
+}
+
-+ int sys_acl_free_text(char *text)
++int sys_acl_free_text(char *text)
+{
+ return acl_free(text);
+}
+
-+ int sys_acl_free_acl(SMB_ACL_T acl_d)
++int sys_acl_free_acl(SMB_ACL_T acl_d)
+{
+ if (acl_d->freeaclp) {
+ acl_free(acl_d->aclp);
+ return 0;
+}
+
-+ int sys_acl_free_qualifier(void *qual, SMB_ACL_TAG_T tagtype)
++int sys_acl_free_qualifier(void *qual, SMB_ACL_TAG_T tagtype)
+{
+ return 0;
+}
+
+/* Donated by Medha Date, mdate@austin.ibm.com, for IBM */
+
-+ int sys_acl_get_entry(SMB_ACL_T theacl, int entry_id, SMB_ACL_ENTRY_T *entry_p)
++int sys_acl_get_entry( SMB_ACL_T theacl, int entry_id, SMB_ACL_ENTRY_T *entry_p)
+{
+ struct acl_entry_link *link;
+ struct new_acl_entry *entry;
+
+ DEBUG(10,("This is the count: %d\n",theacl->count));
+
-+ /* Check if count was previously set to -1. If it was, that
-+ * means we reached the end of the acl last time. */
-+ if (theacl->count == -1)
-+ return 0;
++ /* Check if count was previously set to -1. *
++ * If it was, that means we reached the end *
++ * of the acl last time. */
++ if(theacl->count == -1)
++ return(0);
+
+ link = theacl;
-+ /* To get to the next acl, traverse linked list until index of
-+ * acl matches the count we are keeping. This count is
-+ * incremented each time we return an acl entry. */
++ /* To get to the next acl, traverse linked list until index *
++ * of acl matches the count we are keeping. This count is *
++ * incremented each time we return an acl entry. */
+
-+ for (keep_going = 0; keep_going < theacl->count; keep_going++)
++ for(keep_going = 0; keep_going < theacl->count; keep_going++)
+ link = link->nextp;
+
+ entry = *entry_p = link->entryp;
+
+ /* Increment count */
+ theacl->count++;
-+ if (link->nextp == NULL)
++ if(link->nextp == NULL)
+ theacl->count = -1;
+
-+ return 1;
++ return(1);
+}
+
-+ int sys_acl_get_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p)
++int sys_acl_get_tag_type( SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p)
+{
+ /* Initialize tag type */
+
+ *tag_type_p = -1;
+ DEBUG(10,("the tagtype is %d\n",entry_d->ace_id->id_type));
+
-+ /* Depending on what type of entry we have, return tag type. */
-+ switch (entry_d->ace_id->id_type) {
++ /* Depending on what type of entry we have, *
++ * return tag type. */
++ switch(entry_d->ace_id->id_type) {
+ case ACEID_USER:
+ *tag_type_p = SMB_ACL_USER;
+ break;
+ case SMB_ACL_OTHER:
+ *tag_type_p = entry_d->ace_id->id_type;
+ break;
-+
++
+ default:
-+ return -1;
++ return(-1);
+ }
+
-+ return 0;
++ return(0);
+}
+
-+ int sys_acl_get_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
++int sys_acl_get_permset( SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p)
+{
+ DEBUG(10,("Starting AIX sys_acl_get_permset\n"));
+ *permset_p = &entry_d->ace_access;
+ DEBUG(10,("**permset_p is %d\n",**permset_p));
-+ if (!(**permset_p & S_IXUSR)
-+ && !(**permset_p & S_IWUSR)
-+ && !(**permset_p & S_IRUSR)
-+ && **permset_p != 0)
-+ return -1;
++ if(!(**permset_p & S_IXUSR) &&
++ !(**permset_p & S_IWUSR) &&
++ !(**permset_p & S_IRUSR) &&
++ (**permset_p != 0))
++ return(-1);
+
+ DEBUG(10,("Ending AIX sys_acl_get_permset\n"));
-+ return 0;
++ return(0);
+}
+
-+ void *sys_acl_get_qualifier(SMB_ACL_ENTRY_T entry_d)
++void *sys_acl_get_qualifier( SMB_ACL_ENTRY_T entry_d)
+{
-+ return entry_d->ace_id->id_data;
++ return(entry_d->ace_id->id_data);
+}
+
-+ SMB_ACL_T sys_acl_get_file(const char *path_p, SMB_ACL_TYPE_T type)
++SMB_ACL_T sys_acl_get_file( const char *path_p, SMB_ACL_TYPE_T type)
+{
+ struct acl *file_acl = (struct acl *)NULL;
+ struct acl_entry *acl_entry;
+ int rc = 0;
+ uid_t user_id;
+
-+ /* Get the acl using statacl */
++ /* AIX has no DEFAULT */
++ if ( type == SMB_ACL_TYPE_DEFAULT )
++ return NULL;
+
++ /* Get the acl using statacl */
++
+ DEBUG(10,("Entering sys_acl_get_file\n"));
+ DEBUG(10,("path_p is %s\n",path_p));
+
-+ file_acl = (struct acl *)malloc(BUFSIZ);
-+
-+ if (file_acl == NULL) {
++ file_acl = (struct acl *)SMB_MALLOC(BUFSIZ);
++
++ if(file_acl == NULL) {
+ errno=ENOMEM;
+ DEBUG(0,("Error in AIX sys_acl_get_file: %d\n",errno));
-+ return NULL;
++ return(NULL);
+ }
+
+ memset(file_acl,0,BUFSIZ);
+
+ rc = statacl((char *)path_p,0,file_acl,BUFSIZ);
-+ if (rc == -1) {
++ if(rc == -1) {
+ DEBUG(0,("statacl returned %d with errno %d\n",rc,errno));
-+ free(file_acl);
-+ return NULL;
++ SAFE_FREE(file_acl);
++ return(NULL);
+ }
+
+ DEBUG(10,("Got facl and returned it\n"));
+ /* Point to the first acl entry in the acl */
+ acl_entry = file_acl->acl_ext;
+
-+ /* Begin setting up the head of the linked list that will be
-+ * used for the storing the acl in a way that is useful for the
-+ * posix_acls.c code. */
++ /* Begin setting up the head of the linked list *
++ * that will be used for the storing the acl *
++ * in a way that is useful for the posix_acls.c *
++ * code. */
+
+ acl_entry_link_head = acl_entry_link = sys_acl_init(0);
-+ if (acl_entry_link_head == NULL)
-+ return NULL;
++ if(acl_entry_link_head == NULL)
++ return(NULL);
+
-+ acl_entry_link->entryp = (struct new_acl_entry *)malloc(sizeof (struct new_acl_entry));
-+ if (acl_entry_link->entryp == NULL) {
-+ free(file_acl);
++ acl_entry_link->entryp = SMB_MALLOC_P(struct new_acl_entry);
++ if(acl_entry_link->entryp == NULL) {
++ SAFE_FREE(file_acl);
+ errno = ENOMEM;
+ DEBUG(0,("Error in AIX sys_acl_get_file is %d\n",errno));
-+ return NULL;
++ return(NULL);
+ }
+
+ DEBUG(10,("acl_entry is %d\n",acl_entry));
+ DEBUG(10,("acl_last(file_acl) id %d\n",acl_last(file_acl)));
+
-+ /* Check if the extended acl bit is on. If it isn't, do not
-+ * show the contents of the acl since AIX intends the extended
-+ * info to remain unused. */
++ /* Check if the extended acl bit is on. *
++ * If it isn't, do not show the *
++ * contents of the acl since AIX intends *
++ * the extended info to remain unused */
+
-+ if (file_acl->acl_mode & S_IXACL){
++ if(file_acl->acl_mode & S_IXACL){
+ /* while we are not pointing to the very end */
-+ while (acl_entry < acl_last(file_acl)) {
++ while(acl_entry < acl_last(file_acl)) {
+ /* before we malloc anything, make sure this is */
+ /* a valid acl entry and one that we want to map */
+ idp = id_nxt(acl_entry->ace_id);
-+ if ((acl_entry->ace_type == ACC_SPECIFY
-+ || acl_entry->ace_type == ACC_PERMIT)
-+ && idp != id_last(acl_entry)) {
-+ acl_entry = acl_nxt(acl_entry);
-+ continue;
++ if((acl_entry->ace_type == ACC_SPECIFY ||
++ (acl_entry->ace_type == ACC_PERMIT)) && (idp != id_last(acl_entry))) {
++ acl_entry = acl_nxt(acl_entry);
++ continue;
+ }
+
+ idp = acl_entry->ace_id;
+
-+ /* Check if this is the first entry in the linked list.
-+ * The first entry needs to keep prevp pointing to NULL
-+ * and already has entryp allocated. */
++ /* Check if this is the first entry in the linked list. *
++ * The first entry needs to keep prevp pointing to NULL *
++ * and already has entryp allocated. */
+
-+ if (acl_entry_link_head->count != 0) {
-+ acl_entry_link->nextp = (struct acl_entry_link *)malloc(sizeof (struct acl_entry_link));
++ if(acl_entry_link_head->count != 0) {
++ acl_entry_link->nextp = SMB_MALLOC_P(struct acl_entry_link);
+
-+ if (acl_entry_link->nextp == NULL) {
-+ free(file_acl);
++ if(acl_entry_link->nextp == NULL) {
++ SAFE_FREE(file_acl);
+ errno = ENOMEM;
+ DEBUG(0,("Error in AIX sys_acl_get_file is %d\n",errno));
-+ return NULL;
++ return(NULL);
+ }
+
+ acl_entry_link->nextp->prevp = acl_entry_link;
+ acl_entry_link = acl_entry_link->nextp;
-+ acl_entry_link->entryp = (struct new_acl_entry *)malloc(sizeof (struct new_acl_entry));
-+ if (acl_entry_link->entryp == NULL) {
-+ free(file_acl);
++ acl_entry_link->entryp = SMB_MALLOC_P(struct new_acl_entry);
++ if(acl_entry_link->entryp == NULL) {
++ SAFE_FREE(file_acl);
+ errno = ENOMEM;
+ DEBUG(0,("Error in AIX sys_acl_get_file is %d\n",errno));
-+ return NULL;
++ return(NULL);
+ }
+ acl_entry_link->nextp = NULL;
+ }
+
+ acl_entry_link->entryp->ace_len = acl_entry->ace_len;
+
-+ /* Don't really need this since all types are going
-+ * to be specified but, it's better than leaving it 0. */
++ /* Don't really need this since all types are going *
++ * to be specified but, it's better than leaving it 0 */
+
+ acl_entry_link->entryp->ace_type = acl_entry->ace_type;
-+
++
+ acl_entry_link->entryp->ace_access = acl_entry->ace_access;
++
++ memcpy(acl_entry_link->entryp->ace_id,idp,sizeof(struct ace_id));
+
-+ memcpy(acl_entry_link->entryp->ace_id,idp,sizeof (struct ace_id));
-+
-+ /* The access in the acl entries must be left shifted by
-+ * three bites, because they will ultimately be compared
-+ * to S_IRUSR, S_IWUSR, and S_IXUSR. */
++ /* The access in the acl entries must be left shifted by *
++ * three bites, because they will ultimately be compared *
++ * to S_IRUSR, S_IWUSR, and S_IXUSR. */
+
-+ switch (acl_entry->ace_type){
++ switch(acl_entry->ace_type){
+ case ACC_PERMIT:
+ case ACC_SPECIFY:
+ acl_entry_link->entryp->ace_access = acl_entry->ace_access;
+ acl_entry_link_head->count++;
+ break;
+ case ACC_DENY:
-+ /* Since there is no way to return a DENY acl entry
-+ * change to PERMIT and then shift. */
++ /* Since there is no way to return a DENY acl entry *
++ * change to PERMIT and then shift. */
+ DEBUG(10,("acl_entry->ace_access is %d\n",acl_entry->ace_access));
+ acl_entry_link->entryp->ace_access = ~acl_entry->ace_access & 7;
+ DEBUG(10,("acl_entry_link->entryp->ace_access is %d\n",acl_entry_link->entryp->ace_access));
+ acl_entry_link_head->count++;
+ break;
+ default:
-+ return 0;
++ return(0);
+ }
+
+ DEBUG(10,("acl_entry = %d\n",acl_entry));
+ DEBUG(10,("The ace_type is %d\n",acl_entry->ace_type));
-+
++
+ acl_entry = acl_nxt(acl_entry);
+ }
+ } /* end of if enabled */
+
-+ /* Since owner, group, other acl entries are not part of the acl
-+ * entries in an acl, they must be dummied up to become part of
-+ * the list. */
++ /* Since owner, group, other acl entries are not *
++ * part of the acl entries in an acl, they must *
++ * be dummied up to become part of the list. */
+
-+ for (i = 1; i < 4; i++) {
++ for( i = 1; i < 4; i++) {
+ DEBUG(10,("i is %d\n",i));
-+ if (acl_entry_link_head->count != 0) {
-+ acl_entry_link->nextp = (struct acl_entry_link *)malloc(sizeof (struct acl_entry_link));
-+ if (acl_entry_link->nextp == NULL) {
-+ free(file_acl);
++ if(acl_entry_link_head->count != 0) {
++ acl_entry_link->nextp = SMB_MALLOC_P(struct acl_entry_link);
++ if(acl_entry_link->nextp == NULL) {
++ SAFE_FREE(file_acl);
+ errno = ENOMEM;
+ DEBUG(0,("Error in AIX sys_acl_get_file is %d\n",errno));
-+ return NULL;
++ return(NULL);
+ }
+
+ acl_entry_link->nextp->prevp = acl_entry_link;
+ acl_entry_link = acl_entry_link->nextp;
-+ acl_entry_link->entryp = (struct new_acl_entry *)malloc(sizeof (struct new_acl_entry));
-+ if (acl_entry_link->entryp == NULL) {
-+ free(file_acl);
++ acl_entry_link->entryp = SMB_MALLOC_P(struct new_acl_entry);
++ if(acl_entry_link->entryp == NULL) {
++ SAFE_FREE(file_acl);
+ errno = ENOMEM;
+ DEBUG(0,("Error in AIX sys_acl_get_file is %d\n",errno));
-+ return NULL;
++ return(NULL);
+ }
+ }
+
+ new_acl_entry = acl_entry_link->entryp;
+ idp = new_acl_entry->ace_id;
+
-+ new_acl_entry->ace_len = sizeof (struct acl_entry);
++ new_acl_entry->ace_len = sizeof(struct acl_entry);
+ new_acl_entry->ace_type = ACC_PERMIT;
-+ idp->id_len = sizeof (struct ace_id);
++ idp->id_len = sizeof(struct ace_id);
+ DEBUG(10,("idp->id_len = %d\n",idp->id_len));
-+ memset(idp->id_data,0,sizeof (uid_t));
++ memset(idp->id_data,0,sizeof(uid_t));
+
-+ switch (i) {
++ switch(i) {
+ case 2:
+ new_acl_entry->ace_access = file_acl->g_access << 6;
+ idp->id_type = SMB_ACL_GROUP_OBJ;
+ new_acl_entry->ace_access = file_acl->o_access << 6;
+ idp->id_type = SMB_ACL_OTHER;
+ break;
-+
++
+ case 1:
+ new_acl_entry->ace_access = file_acl->u_access << 6;
+ idp->id_type = SMB_ACL_USER_OBJ;
+ break;
-+
++
+ default:
-+ return NULL;
++ return(NULL);
+
+ }
+
+ }
+
+ acl_entry_link_head->count = 0;
-+ free(file_acl);
++ SAFE_FREE(file_acl);
+
-+ return acl_entry_link_head;
++ return(acl_entry_link_head);
+}
+
-+ SMB_ACL_T sys_acl_get_fd(int fd)
++SMB_ACL_T sys_acl_get_fd(int fd)
+{
+ struct acl *file_acl = (struct acl *)NULL;
+ struct acl_entry *acl_entry;
+ uid_t user_id;
+
+ /* Get the acl using fstatacl */
-+
++
+ DEBUG(10,("Entering sys_acl_get_fd\n"));
+ DEBUG(10,("fd is %d\n",fd));
-+ file_acl = (struct acl *)malloc(BUFSIZ);
++ file_acl = (struct acl *)SMB_MALLOC(BUFSIZ);
+
-+ if (file_acl == NULL) {
++ if(file_acl == NULL) {
+ errno=ENOMEM;
+ DEBUG(0,("Error in sys_acl_get_fd is %d\n",errno));
-+ return NULL;
++ return(NULL);
+ }
+
+ memset(file_acl,0,BUFSIZ);
+
+ rc = fstatacl(fd,0,file_acl,BUFSIZ);
-+ if (rc == -1) {
++ if(rc == -1) {
+ DEBUG(0,("The fstatacl call returned %d with errno %d\n",rc,errno));
-+ free(file_acl);
-+ return NULL;
++ SAFE_FREE(file_acl);
++ return(NULL);
+ }
+
+ DEBUG(10,("Got facl and returned it\n"));
+ /* Point to the first acl entry in the acl */
+
+ acl_entry = file_acl->acl_ext;
-+
-+ /* Begin setting up the head of the linked list that will be
-+ * used for the storing the acl in a way that is useful for the
-+ * posix_acls.c code. */
++ /* Begin setting up the head of the linked list *
++ * that will be used for the storing the acl *
++ * in a way that is useful for the posix_acls.c *
++ * code. */
+
+ acl_entry_link_head = acl_entry_link = sys_acl_init(0);
-+ if (acl_entry_link_head == NULL){
-+ free(file_acl);
-+ return NULL;
++ if(acl_entry_link_head == NULL){
++ SAFE_FREE(file_acl);
++ return(NULL);
+ }
+
-+ acl_entry_link->entryp = (struct new_acl_entry *)malloc(sizeof (struct new_acl_entry));
++ acl_entry_link->entryp = SMB_MALLOC_P(struct new_acl_entry);
+
-+ if (acl_entry_link->entryp == NULL) {
++ if(acl_entry_link->entryp == NULL) {
+ errno = ENOMEM;
+ DEBUG(0,("Error in sys_acl_get_fd is %d\n",errno));
-+ free(file_acl);
-+ return NULL;
++ SAFE_FREE(file_acl);
++ return(NULL);
+ }
+
+ DEBUG(10,("acl_entry is %d\n",acl_entry));
+ DEBUG(10,("acl_last(file_acl) id %d\n",acl_last(file_acl)));
-+
-+ /* Check if the extended acl bit is on. If it isn't, do not
-+ * show the contents of the acl since AIX intends the extended
-+ * info to remain unused. */
-+
-+ if (file_acl->acl_mode & S_IXACL){
++
++ /* Check if the extended acl bit is on. *
++ * If it isn't, do not show the *
++ * contents of the acl since AIX intends *
++ * the extended info to remain unused */
++
++ if(file_acl->acl_mode & S_IXACL){
+ /* while we are not pointing to the very end */
-+ while (acl_entry < acl_last(file_acl)) {
++ while(acl_entry < acl_last(file_acl)) {
+ /* before we malloc anything, make sure this is */
+ /* a valid acl entry and one that we want to map */
+
+ idp = id_nxt(acl_entry->ace_id);
-+ if ((acl_entry->ace_type == ACC_SPECIFY
-+ || acl_entry->ace_type == ACC_PERMIT)
-+ && (idp != id_last(acl_entry))) {
-+ acl_entry = acl_nxt(acl_entry);
-+ continue;
++ if((acl_entry->ace_type == ACC_SPECIFY ||
++ (acl_entry->ace_type == ACC_PERMIT)) && (idp != id_last(acl_entry))) {
++ acl_entry = acl_nxt(acl_entry);
++ continue;
+ }
+
+ idp = acl_entry->ace_id;
++
++ /* Check if this is the first entry in the linked list. *
++ * The first entry needs to keep prevp pointing to NULL *
++ * and already has entryp allocated. */
+
-+ /* Check if this is the first entry in the linked list.
-+ * The first entry needs to keep prevp pointing to NULL
-+ * and already has entryp allocated. */
-+
-+ if (acl_entry_link_head->count != 0) {
-+ acl_entry_link->nextp = (struct acl_entry_link *)malloc(sizeof (struct acl_entry_link));
-+ if (acl_entry_link->nextp == NULL) {
++ if(acl_entry_link_head->count != 0) {
++ acl_entry_link->nextp = SMB_MALLOC_P(struct acl_entry_link);
++ if(acl_entry_link->nextp == NULL) {
+ errno = ENOMEM;
+ DEBUG(0,("Error in sys_acl_get_fd is %d\n",errno));
-+ free(file_acl);
-+ return NULL;
++ SAFE_FREE(file_acl);
++ return(NULL);
+ }
+ acl_entry_link->nextp->prevp = acl_entry_link;
+ acl_entry_link = acl_entry_link->nextp;
-+ acl_entry_link->entryp = (struct new_acl_entry *)malloc(sizeof (struct new_acl_entry));
-+ if (acl_entry_link->entryp == NULL) {
++ acl_entry_link->entryp = SMB_MALLOC_P(struct new_acl_entry);
++ if(acl_entry_link->entryp == NULL) {
+ errno = ENOMEM;
+ DEBUG(0,("Error in sys_acl_get_fd is %d\n",errno));
-+ free(file_acl);
-+ return NULL;
++ SAFE_FREE(file_acl);
++ return(NULL);
+ }
+
+ acl_entry_link->nextp = NULL;
+
+ acl_entry_link->entryp->ace_len = acl_entry->ace_len;
+
-+ /* Don't really need this since all types are going
-+ * to be specified but, it's better than leaving it 0. */
++ /* Don't really need this since all types are going *
++ * to be specified but, it's better than leaving it 0 */
+
+ acl_entry_link->entryp->ace_type = acl_entry->ace_type;
+ acl_entry_link->entryp->ace_access = acl_entry->ace_access;
+
-+ memcpy(acl_entry_link->entryp->ace_id, idp, sizeof (struct ace_id));
++ memcpy(acl_entry_link->entryp->ace_id, idp, sizeof(struct ace_id));
+
-+ /* The access in the acl entries must be left shifted by
-+ * three bites, because they will ultimately be compared
-+ * to S_IRUSR, S_IWUSR, and S_IXUSR. */
++ /* The access in the acl entries must be left shifted by *
++ * three bites, because they will ultimately be compared *
++ * to S_IRUSR, S_IWUSR, and S_IXUSR. */
+
-+ switch (acl_entry->ace_type){
++ switch(acl_entry->ace_type){
+ case ACC_PERMIT:
+ case ACC_SPECIFY:
+ acl_entry_link->entryp->ace_access = acl_entry->ace_access;
+ acl_entry_link_head->count++;
+ break;
+ case ACC_DENY:
-+ /* Since there is no way to return a DENY acl entry
-+ * change to PERMIT and then shift. */
++ /* Since there is no way to return a DENY acl entry *
++ * change to PERMIT and then shift. */
+ DEBUG(10,("acl_entry->ace_access is %d\n",acl_entry->ace_access));
+ acl_entry_link->entryp->ace_access = ~acl_entry->ace_access & 7;
+ DEBUG(10,("acl_entry_link->entryp->ace_access is %d\n",acl_entry_link->entryp->ace_access));
+ acl_entry_link_head->count++;
+ break;
+ default:
-+ return 0;
++ return(0);
+ }
+
+ DEBUG(10,("acl_entry = %d\n",acl_entry));
+ DEBUG(10,("The ace_type is %d\n",acl_entry->ace_type));
-+
++
+ acl_entry = acl_nxt(acl_entry);
+ }
+ } /* end of if enabled */
+
-+ /* Since owner, group, other acl entries are not
-+ * part of the acl entries in an acl, they must
-+ * be dummied up to become part of the list. */
++ /* Since owner, group, other acl entries are not *
++ * part of the acl entries in an acl, they must *
++ * be dummied up to become part of the list. */
+
-+ for (i = 1; i < 4; i++) {
++ for( i = 1; i < 4; i++) {
+ DEBUG(10,("i is %d\n",i));
-+ if (acl_entry_link_head->count != 0){
-+ acl_entry_link->nextp = (struct acl_entry_link *)malloc(sizeof (struct acl_entry_link));
-+ if (acl_entry_link->nextp == NULL) {
++ if(acl_entry_link_head->count != 0){
++ acl_entry_link->nextp = SMB_MALLOC_P(struct acl_entry_link);
++ if(acl_entry_link->nextp == NULL) {
+ errno = ENOMEM;
+ DEBUG(0,("Error in sys_acl_get_fd is %d\n",errno));
-+ free(file_acl);
-+ return NULL;
++ SAFE_FREE(file_acl);
++ return(NULL);
+ }
+
+ acl_entry_link->nextp->prevp = acl_entry_link;
+ acl_entry_link = acl_entry_link->nextp;
-+ acl_entry_link->entryp = (struct new_acl_entry *)malloc(sizeof (struct new_acl_entry));
++ acl_entry_link->entryp = SMB_MALLOC_P(struct new_acl_entry);
+
-+ if (acl_entry_link->entryp == NULL) {
-+ free(file_acl);
++ if(acl_entry_link->entryp == NULL) {
++ SAFE_FREE(file_acl);
+ errno = ENOMEM;
+ DEBUG(0,("Error in sys_acl_get_fd is %d\n",errno));
-+ return NULL;
++ return(NULL);
+ }
+ }
+
+ acl_entry_link->nextp = NULL;
-+
++
+ new_acl_entry = acl_entry_link->entryp;
+ idp = new_acl_entry->ace_id;
-+
-+ new_acl_entry->ace_len = sizeof (struct acl_entry);
++
++ new_acl_entry->ace_len = sizeof(struct acl_entry);
+ new_acl_entry->ace_type = ACC_PERMIT;
-+ idp->id_len = sizeof (struct ace_id);
++ idp->id_len = sizeof(struct ace_id);
+ DEBUG(10,("idp->id_len = %d\n",idp->id_len));
-+ memset(idp->id_data,0,sizeof (uid_t));
-+
-+ switch (i) {
++ memset(idp->id_data,0,sizeof(uid_t));
++
++ switch(i) {
+ case 2:
+ new_acl_entry->ace_access = file_acl->g_access << 6;
+ idp->id_type = SMB_ACL_GROUP_OBJ;
+ break;
-+
++
+ case 3:
+ new_acl_entry->ace_access = file_acl->o_access << 6;
+ idp->id_type = SMB_ACL_OTHER;
+ break;
-+
++
+ case 1:
+ new_acl_entry->ace_access = file_acl->u_access << 6;
+ idp->id_type = SMB_ACL_USER_OBJ;
+ break;
-+
++
+ default:
-+ return NULL;
++ return(NULL);
+ }
-+
++
+ acl_entry_link_head->count++;
+ DEBUG(10,("new_acl_entry->ace_access = %d\n",new_acl_entry->ace_access));
+ }
+
+ acl_entry_link_head->count = 0;
-+ free(file_acl);
-+
-+ return acl_entry_link_head;
++ SAFE_FREE(file_acl);
++
++ return(acl_entry_link_head);
+}
+
-+ int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset)
++int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset)
+{
+ *permset = *permset & ~0777;
-+ return 0;
++ return(0);
+}
+
-+ int sys_acl_add_perm(SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
++int sys_acl_add_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
+{
-+ if (perm != 0 && (perm & (S_IXUSR | S_IWUSR | S_IRUSR)) == 0)
-+ return -1;
++ if((perm != 0) &&
++ (perm & (S_IXUSR | S_IWUSR | S_IRUSR)) == 0)
++ return(-1);
+
+ *permset |= perm;
+ DEBUG(10,("This is the permset now: %d\n",*permset));
-+ return 0;
++ return(0);
+}
+
-+ char *sys_acl_to_text(SMB_ACL_T theacl, ssize_t *plen)
++char *sys_acl_to_text( SMB_ACL_T theacl, ssize_t *plen)
+{
-+ return NULL;
++ return(NULL);
+}
+
-+ SMB_ACL_T sys_acl_init(int count)
++SMB_ACL_T sys_acl_init( int count)
+{
+ struct acl_entry_link *theacl = NULL;
-+
++
+ DEBUG(10,("Entering sys_acl_init\n"));
+
-+ theacl = (struct acl_entry_link *)malloc(sizeof (struct acl_entry_link));
-+ if (theacl == NULL) {
++ theacl = SMB_MALLOC_P(struct acl_entry_link);
++ if(theacl == NULL) {
+ errno = ENOMEM;
+ DEBUG(0,("Error in sys_acl_init is %d\n",errno));
-+ return NULL;
++ return(NULL);
+ }
+
+ theacl->count = 0;
+ theacl->prevp = NULL;
+ theacl->entryp = NULL;
+ DEBUG(10,("Exiting sys_acl_init\n"));
-+ return theacl;
++ return(theacl);
+}
+
-+ int sys_acl_create_entry(SMB_ACL_T *pacl, SMB_ACL_ENTRY_T *pentry)
++int sys_acl_create_entry( SMB_ACL_T *pacl, SMB_ACL_ENTRY_T *pentry)
+{
+ struct acl_entry_link *theacl;
+ struct acl_entry_link *acl_entryp;
+
+ /* Get to the end of the acl before adding entry */
+
-+ for (counting=0; counting < theacl->count; counting++){
++ for(counting=0; counting < theacl->count; counting++){
+ DEBUG(10,("The acl_entryp is %d\n",acl_entryp));
+ temp_entry = acl_entryp;
+ acl_entryp = acl_entryp->nextp;
+ }
+
-+ if (theacl->count != 0){
-+ temp_entry->nextp = acl_entryp = (struct acl_entry_link *)malloc(sizeof (struct acl_entry_link));
-+ if (acl_entryp == NULL) {
++ if(theacl->count != 0){
++ temp_entry->nextp = acl_entryp = SMB_MALLOC_P(struct acl_entry_link);
++ if(acl_entryp == NULL) {
+ errno = ENOMEM;
+ DEBUG(0,("Error in sys_acl_create_entry is %d\n",errno));
-+ return -1;
++ return(-1);
+ }
+
+ DEBUG(10,("The acl_entryp is %d\n",acl_entryp));
+ DEBUG(10,("The acl_entryp->prevp is %d\n",acl_entryp->prevp));
+ }
+
-+ *pentry = acl_entryp->entryp = (struct new_acl_entry *)malloc(sizeof (struct new_acl_entry));
-+ if (*pentry == NULL) {
++ *pentry = acl_entryp->entryp = SMB_MALLOC_P(struct new_acl_entry);
++ if(*pentry == NULL) {
+ errno = ENOMEM;
+ DEBUG(0,("Error in sys_acl_create_entry is %d\n",errno));
-+ return -1;
++ return(-1);
+ }
+
-+ memset(*pentry,0,sizeof (struct new_acl_entry));
-+ acl_entryp->entryp->ace_len = sizeof (struct acl_entry);
++ memset(*pentry,0,sizeof(struct new_acl_entry));
++ acl_entryp->entryp->ace_len = sizeof(struct acl_entry);
+ acl_entryp->entryp->ace_type = ACC_PERMIT;
-+ acl_entryp->entryp->ace_id->id_len = sizeof (struct ace_id);
++ acl_entryp->entryp->ace_id->id_len = sizeof(struct ace_id);
+ acl_entryp->nextp = NULL;
+ theacl->count++;
+ DEBUG(10,("Exiting sys_acl_create_entry\n"));
-+ return 0;
++ return(0);
+}
+
-+ int sys_acl_set_tag_type(SMB_ACL_ENTRY_T entry, SMB_ACL_TAG_T tagtype)
++int sys_acl_set_tag_type( SMB_ACL_ENTRY_T entry, SMB_ACL_TAG_T tagtype)
+{
+ DEBUG(10,("Starting AIX sys_acl_set_tag_type\n"));
+ entry->ace_id->id_type = tagtype;
+ DEBUG(10,("Ending AIX sys_acl_set_tag_type\n"));
+}
+
-+ int sys_acl_set_qualifier(SMB_ACL_ENTRY_T entry, void *qual)
++int sys_acl_set_qualifier( SMB_ACL_ENTRY_T entry, void *qual)
+{
+ DEBUG(10,("Starting AIX sys_acl_set_qualifier\n"));
-+ memcpy(entry->ace_id->id_data,qual,sizeof (uid_t));
++ memcpy(entry->ace_id->id_data,qual,sizeof(uid_t));
+ DEBUG(10,("Ending AIX sys_acl_set_qualifier\n"));
-+ return 0;
++ return(0);
+}
+
-+ int sys_acl_set_permset(SMB_ACL_ENTRY_T entry, SMB_ACL_PERMSET_T permset)
++int sys_acl_set_permset( SMB_ACL_ENTRY_T entry, SMB_ACL_PERMSET_T permset)
+{
+ DEBUG(10,("Starting AIX sys_acl_set_permset\n"));
-+ if (!(*permset & S_IXUSR)
-+ && !(*permset & S_IWUSR)
-+ && !(*permset & S_IRUSR)
-+ && *permset != 0)
-+ return -1;
++ if(!(*permset & S_IXUSR) &&
++ !(*permset & S_IWUSR) &&
++ !(*permset & S_IRUSR) &&
++ (*permset != 0))
++ return(-1);
+
+ entry->ace_access = *permset;
+ DEBUG(10,("entry->ace_access = %d\n",entry->ace_access));
+ DEBUG(10,("Ending AIX sys_acl_set_permset\n"));
-+ return 0;
++ return(0);
+}
+
-+ int sys_acl_valid(SMB_ACL_T theacl)
++int sys_acl_valid( SMB_ACL_T theacl )
+{
+ int user_obj = 0;
+ int group_obj = 0;
+ int other_obj = 0;
+ struct acl_entry_link *acl_entry;
+
-+ for (acl_entry=theacl; acl_entry != NULL; acl_entry = acl_entry->nextp) {
++ for(acl_entry=theacl; acl_entry != NULL; acl_entry = acl_entry->nextp) {
+ user_obj += (acl_entry->entryp->ace_id->id_type == SMB_ACL_USER_OBJ);
+ group_obj += (acl_entry->entryp->ace_id->id_type == SMB_ACL_GROUP_OBJ);
+ other_obj += (acl_entry->entryp->ace_id->id_type == SMB_ACL_OTHER);
+ }
+
+ DEBUG(10,("user_obj=%d, group_obj=%d, other_obj=%d\n",user_obj,group_obj,other_obj));
++
++ if(user_obj != 1 || group_obj != 1 || other_obj != 1)
++ return(-1);
+
-+ if (user_obj != 1 || group_obj != 1 || other_obj != 1)
-+ return -1;
-+
-+ return 0;
++ return(0);
+}
+
-+ int sys_acl_set_file(const char *name, SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl)
++int sys_acl_set_file( const char *name, SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl)
+{
+ struct acl_entry_link *acl_entry_link = NULL;
+ struct acl *file_acl = NULL;
+
+ DEBUG(10,("Entering sys_acl_set_file\n"));
+ DEBUG(10,("File name is %s\n",name));
-+
++
+ /* AIX has no default ACL */
-+ if (acltype == SMB_ACL_TYPE_DEFAULT)
-+ return 0;
++ if(acltype == SMB_ACL_TYPE_DEFAULT)
++ return(0);
+
+ acl_length = BUFSIZ;
-+ file_acl = (struct acl *)malloc(BUFSIZ);
++ file_acl = (struct acl *)SMB_MALLOC(BUFSIZ);
+
-+ if (file_acl == NULL) {
++ if(file_acl == NULL) {
+ errno = ENOMEM;
+ DEBUG(0,("Error in sys_acl_set_file is %d\n",errno));
-+ return -1;
++ return(-1);
+ }
+
+ memset(file_acl,0,BUFSIZ);
+ file_acl->acl_len = ACL_SIZ;
+ file_acl->acl_mode = S_IXACL;
+
-+ for (acl_entry_link=theacl; acl_entry_link != NULL; acl_entry_link = acl_entry_link->nextp) {
++ for(acl_entry_link=theacl; acl_entry_link != NULL; acl_entry_link = acl_entry_link->nextp) {
+ acl_entry_link->entryp->ace_access >>= 6;
+ id_type = acl_entry_link->entryp->ace_id->id_type;
+
-+ switch (id_type) {
++ switch(id_type) {
+ case SMB_ACL_USER_OBJ:
+ file_acl->u_access = acl_entry_link->entryp->ace_access;
+ continue;
+ continue;
+ }
+
-+ if ((file_acl->acl_len + sizeof (struct acl_entry)) > acl_length) {
-+ acl_length += sizeof (struct acl_entry);
-+ file_acl_temp = (struct acl *)malloc(acl_length);
-+ if (file_acl_temp == NULL) {
-+ free(file_acl);
++ if((file_acl->acl_len + sizeof(struct acl_entry)) > acl_length) {
++ acl_length += sizeof(struct acl_entry);
++ file_acl_temp = (struct acl *)SMB_MALLOC(acl_length);
++ if(file_acl_temp == NULL) {
++ SAFE_FREE(file_acl);
+ errno = ENOMEM;
+ DEBUG(0,("Error in sys_acl_set_file is %d\n",errno));
-+ return -1;
-+ }
++ return(-1);
++ }
+
+ memcpy(file_acl_temp,file_acl,file_acl->acl_len);
-+ free(file_acl);
++ SAFE_FREE(file_acl);
+ file_acl = file_acl_temp;
+ }
+
+ acl_entry = (struct acl_entry *)((char *)file_acl + file_acl->acl_len);
-+ file_acl->acl_len += sizeof (struct acl_entry);
++ file_acl->acl_len += sizeof(struct acl_entry);
+ acl_entry->ace_len = acl_entry_link->entryp->ace_len;
+ acl_entry->ace_access = acl_entry_link->entryp->ace_access;
-+
++
+ /* In order to use this, we'll need to wait until we can get denies */
-+ /* if (!acl_entry->ace_access && acl_entry->ace_type == ACC_PERMIT)
-+ acl_entry->ace_type = ACC_SPECIFY; */
++ /* if(!acl_entry->ace_access && acl_entry->ace_type == ACC_PERMIT)
++ acl_entry->ace_type = ACC_SPECIFY; */
+
+ acl_entry->ace_type = ACC_SPECIFY;
-+
++
+ ace_id = acl_entry->ace_id;
-+
++
+ ace_id->id_type = acl_entry_link->entryp->ace_id->id_type;
+ DEBUG(10,("The id type is %d\n",ace_id->id_type));
+ ace_id->id_len = acl_entry_link->entryp->ace_id->id_len;
-+ memcpy(&user_id, acl_entry_link->entryp->ace_id->id_data, sizeof (uid_t));
-+ memcpy(acl_entry->ace_id->id_data, &user_id, sizeof (uid_t));
++ memcpy(&user_id, acl_entry_link->entryp->ace_id->id_data, sizeof(uid_t));
++ memcpy(acl_entry->ace_id->id_data, &user_id, sizeof(uid_t));
+ }
+
-+ rc = chacl((char *)name,file_acl,file_acl->acl_len);
++ rc = chacl(name,file_acl,file_acl->acl_len);
+ DEBUG(10,("errno is %d\n",errno));
+ DEBUG(10,("return code is %d\n",rc));
-+ free(file_acl);
++ SAFE_FREE(file_acl);
+ DEBUG(10,("Exiting the sys_acl_set_file\n"));
-+ return rc;
++ return(rc);
+}
+
-+ int sys_acl_set_fd(int fd, SMB_ACL_T theacl)
++int sys_acl_set_fd( int fd, SMB_ACL_T theacl)
+{
+ struct acl_entry_link *acl_entry_link = NULL;
+ struct acl *file_acl = NULL;
+ uint user_id;
+ uint acl_length;
+ uint rc;
-+
++
+ DEBUG(10,("Entering sys_acl_set_fd\n"));
+ acl_length = BUFSIZ;
-+ file_acl = (struct acl *)malloc(BUFSIZ);
++ file_acl = (struct acl *)SMB_MALLOC(BUFSIZ);
+
-+ if (file_acl == NULL) {
++ if(file_acl == NULL) {
+ errno = ENOMEM;
+ DEBUG(0,("Error in sys_acl_set_fd is %d\n",errno));
-+ return -1;
++ return(-1);
+ }
+
+ memset(file_acl,0,BUFSIZ);
-+
++
+ file_acl->acl_len = ACL_SIZ;
+ file_acl->acl_mode = S_IXACL;
+
-+ for (acl_entry_link=theacl; acl_entry_link != NULL; acl_entry_link = acl_entry_link->nextp) {
++ for(acl_entry_link=theacl; acl_entry_link != NULL; acl_entry_link = acl_entry_link->nextp) {
+ acl_entry_link->entryp->ace_access >>= 6;
+ id_type = acl_entry_link->entryp->ace_id->id_type;
+ DEBUG(10,("The id_type is %d\n",id_type));
+
-+ switch (id_type) {
++ switch(id_type) {
+ case SMB_ACL_USER_OBJ:
+ file_acl->u_access = acl_entry_link->entryp->ace_access;
+ continue;
+ continue;
+ }
+
-+ if ((file_acl->acl_len + sizeof (struct acl_entry)) > acl_length) {
-+ acl_length += sizeof (struct acl_entry);
-+ file_acl_temp = (struct acl *)malloc(acl_length);
-+ if (file_acl_temp == NULL) {
-+ free(file_acl);
++ if((file_acl->acl_len + sizeof(struct acl_entry)) > acl_length) {
++ acl_length += sizeof(struct acl_entry);
++ file_acl_temp = (struct acl *)SMB_MALLOC(acl_length);
++ if(file_acl_temp == NULL) {
++ SAFE_FREE(file_acl);
+ errno = ENOMEM;
+ DEBUG(0,("Error in sys_acl_set_fd is %d\n",errno));
-+ return -1;
++ return(-1);
+ }
+
+ memcpy(file_acl_temp,file_acl,file_acl->acl_len);
-+ free(file_acl);
++ SAFE_FREE(file_acl);
+ file_acl = file_acl_temp;
+ }
+
+ acl_entry = (struct acl_entry *)((char *)file_acl + file_acl->acl_len);
-+ file_acl->acl_len += sizeof (struct acl_entry);
++ file_acl->acl_len += sizeof(struct acl_entry);
+ acl_entry->ace_len = acl_entry_link->entryp->ace_len;
+ acl_entry->ace_access = acl_entry_link->entryp->ace_access;
-+
++
+ /* In order to use this, we'll need to wait until we can get denies */
-+ /* if (!acl_entry->ace_access && acl_entry->ace_type == ACC_PERMIT)
++ /* if(!acl_entry->ace_access && acl_entry->ace_type == ACC_PERMIT)
+ acl_entry->ace_type = ACC_SPECIFY; */
-+
++
+ acl_entry->ace_type = ACC_SPECIFY;
-+
++
+ ace_id = acl_entry->ace_id;
-+
++
+ ace_id->id_type = acl_entry_link->entryp->ace_id->id_type;
+ DEBUG(10,("The id type is %d\n",ace_id->id_type));
+ ace_id->id_len = acl_entry_link->entryp->ace_id->id_len;
-+ memcpy(&user_id, acl_entry_link->entryp->ace_id->id_data, sizeof (uid_t));
-+ memcpy(ace_id->id_data, &user_id, sizeof (uid_t));
++ memcpy(&user_id, acl_entry_link->entryp->ace_id->id_data, sizeof(uid_t));
++ memcpy(ace_id->id_data, &user_id, sizeof(uid_t));
+ }
-+
++
+ rc = fchacl(fd,file_acl,file_acl->acl_len);
+ DEBUG(10,("errno is %d\n",errno));
+ DEBUG(10,("return code is %d\n",rc));
-+ free(file_acl);
++ SAFE_FREE(file_acl);
+ DEBUG(10,("Exiting sys_acl_set_fd\n"));
-+ return rc;
++ return(rc);
+}
+
-+ int sys_acl_delete_def_file(const char *name)
++int sys_acl_delete_def_file(const char *name)
+{
+ /* AIX has no default ACL */
+ return 0;
+}
+
-+ int sys_acl_get_perm(SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
++int sys_acl_get_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
+{
-+ return *permset & perm;
++ return(*permset & perm);
+}
+
-+ int sys_acl_free_text(char *text)
++int sys_acl_free_text(char *text)
+{
-+ return 0;
++ return(0);
+}
+
-+ int sys_acl_free_acl(SMB_ACL_T posix_acl)
++int sys_acl_free_acl(SMB_ACL_T posix_acl)
+{
+ struct acl_entry_link *acl_entry_link;
+
-+ for (acl_entry_link = posix_acl->nextp; acl_entry_link->nextp != NULL; acl_entry_link = acl_entry_link->nextp) {
-+ free(acl_entry_link->prevp->entryp);
-+ free(acl_entry_link->prevp);
++ for(acl_entry_link = posix_acl->nextp; acl_entry_link->nextp != NULL; acl_entry_link = acl_entry_link->nextp) {
++ SAFE_FREE(acl_entry_link->prevp->entryp);
++ SAFE_FREE(acl_entry_link->prevp);
+ }
+
-+ free(acl_entry_link->prevp->entryp);
-+ free(acl_entry_link->prevp);
-+ free(acl_entry_link->entryp);
-+ free(acl_entry_link);
-+
-+ return 0;
++ SAFE_FREE(acl_entry_link->prevp->entryp);
++ SAFE_FREE(acl_entry_link->prevp);
++ SAFE_FREE(acl_entry_link->entryp);
++ SAFE_FREE(acl_entry_link);
++
++ return(0);
+}
+
-+ int sys_acl_free_qualifier(void *qual, SMB_ACL_TAG_T tagtype)
++int sys_acl_free_qualifier(void *qual, SMB_ACL_TAG_T tagtype)
+{
-+ return 0;
++ return(0);
+}
+
+#else /* No ACLs. */
+
-+ int sys_acl_get_entry(UNUSED(SMB_ACL_T the_acl), UNUSED(int entry_id), UNUSED(SMB_ACL_ENTRY_T *entry_p))
++int sys_acl_get_entry(UNUSED(SMB_ACL_T the_acl), UNUSED(int entry_id), UNUSED(SMB_ACL_ENTRY_T *entry_p))
+{
+ errno = ENOSYS;
+ return -1;
+}
+
-+ int sys_acl_get_tag_type(UNUSED(SMB_ACL_ENTRY_T entry_d), UNUSED(SMB_ACL_TAG_T *tag_type_p))
++int sys_acl_get_tag_type(UNUSED(SMB_ACL_ENTRY_T entry_d), UNUSED(SMB_ACL_TAG_T *tag_type_p))
+{
+ errno = ENOSYS;
+ return -1;
+}
+
-+ int sys_acl_get_permset(UNUSED(SMB_ACL_ENTRY_T entry_d), UNUSED(SMB_ACL_PERMSET_T *permset_p))
++int sys_acl_get_permset(UNUSED(SMB_ACL_ENTRY_T entry_d), UNUSED(SMB_ACL_PERMSET_T *permset_p))
+{
+ errno = ENOSYS;
+ return -1;
+}
+
-+ void *sys_acl_get_qualifier(UNUSED(SMB_ACL_ENTRY_T entry_d))
++void *sys_acl_get_qualifier(UNUSED(SMB_ACL_ENTRY_T entry_d))
+{
+ errno = ENOSYS;
+ return NULL;
+}
+
-+ SMB_ACL_T sys_acl_get_file(UNUSED(const char *path_p), UNUSED(SMB_ACL_TYPE_T type))
++SMB_ACL_T sys_acl_get_file(UNUSED(const char *path_p), UNUSED(SMB_ACL_TYPE_T type))
+{
+ errno = ENOSYS;
-+ return 0;
++ return (SMB_ACL_T)NULL;
+}
+
-+ SMB_ACL_T sys_acl_get_fd(UNUSED(int fd))
++SMB_ACL_T sys_acl_get_fd(UNUSED(int fd))
+{
+ errno = ENOSYS;
-+ return 0;
++ return (SMB_ACL_T)NULL;
+}
+
-+ int sys_acl_clear_perms(UNUSED(SMB_ACL_PERMSET_T permset))
++int sys_acl_clear_perms(UNUSED(SMB_ACL_PERMSET_T permset))
+{
+ errno = ENOSYS;
+ return -1;
+}
+
-+ int sys_acl_add_perm(UNUSED(SMB_ACL_PERMSET_T permset), UNUSED(SMB_ACL_PERM_T perm))
++int sys_acl_add_perm( UNUSED(SMB_ACL_PERMSET_T permset), UNUSED(SMB_ACL_PERM_T perm))
+{
+ errno = ENOSYS;
+ return -1;
+}
+
-+ int sys_acl_get_perm(UNUSED(SMB_ACL_PERMSET_T permset), UNUSED(SMB_ACL_PERM_T perm))
++int sys_acl_get_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm)
+{
+ errno = ENOSYS;
-+ return permset & perm ? 1 : 0;
++ return (permset & perm) ? 1 : 0;
+}
+
-+ char *sys_acl_to_text(UNUSED(SMB_ACL_T the_acl), UNUSED(ssize_t *plen))
++char *sys_acl_to_text(UNUSED(SMB_ACL_T the_acl), UNUSED(ssize_t *plen))
+{
+ errno = ENOSYS;
+ return NULL;
+}
+
-+ int sys_acl_free_text(UNUSED(char *text))
++int sys_acl_free_text(UNUSED(char *text))
+{
+ errno = ENOSYS;
+ return -1;
+}
+
-+ SMB_ACL_T sys_acl_init(UNUSED(int count))
++SMB_ACL_T sys_acl_init(UNUSED(int count))
+{
+ errno = ENOSYS;
+ return NULL;
+}
+
-+ int sys_acl_create_entry(UNUSED(SMB_ACL_T *pacl), UNUSED(SMB_ACL_ENTRY_T *pentry))
++int sys_acl_create_entry(UNUSED(SMB_ACL_T *pacl), UNUSED(SMB_ACL_ENTRY_T *pentry))
+{
+ errno = ENOSYS;
+ return -1;
+}
+
-+ int sys_acl_set_tag_type(UNUSED(SMB_ACL_ENTRY_T entry), UNUSED(SMB_ACL_TAG_T tagtype))
++int sys_acl_set_tag_type(UNUSED(SMB_ACL_ENTRY_T entry), UNUSED(SMB_ACL_TAG_T tagtype))
+{
+ errno = ENOSYS;
+ return -1;
+}
+
-+ int sys_acl_set_qualifier(UNUSED(SMB_ACL_ENTRY_T entry), UNUSED(void *qual))
++int sys_acl_set_qualifier(UNUSED(SMB_ACL_ENTRY_T entry), UNUSED(void *qual))
+{
+ errno = ENOSYS;
+ return -1;
+}
+
-+ int sys_acl_set_permset(UNUSED(SMB_ACL_ENTRY_T entry), UNUSED(SMB_ACL_PERMSET_T permset))
++int sys_acl_set_permset(UNUSED(SMB_ACL_ENTRY_T entry), UNUSED(SMB_ACL_PERMSET_T permset))
+{
+ errno = ENOSYS;
+ return -1;
+}
+
-+ int sys_acl_valid(UNUSED(SMB_ACL_T theacl))
++int sys_acl_valid(UNUSED(SMB_ACL_T theacl))
+{
+ errno = ENOSYS;
+ return -1;
+}
+
-+ int sys_acl_set_file(UNUSED(const char *name), UNUSED(SMB_ACL_TYPE_T acltype), UNUSED(SMB_ACL_T theacl))
++int sys_acl_set_file(UNUSED(const char *name), UNUSED(SMB_ACL_TYPE_T acltype), UNUSED(SMB_ACL_T theacl))
+{
+ errno = ENOSYS;
+ return -1;
+}
+
-+ int sys_acl_set_fd(UNUSED(int fd), UNUSED(SMB_ACL_T theacl))
++int sys_acl_set_fd(UNUSED(int fd), UNUSED(SMB_ACL_T theacl))
+{
+ errno = ENOSYS;
+ return -1;
+}
+
-+ int sys_acl_delete_def_file(UNUSED(const char *name))
++int sys_acl_delete_def_file(UNUSED(const char *name))
+{
+ errno = ENOSYS;
+ return -1;
+}
+
-+ int sys_acl_free_acl(UNUSED(SMB_ACL_T the_acl))
++int sys_acl_free_acl(UNUSED(SMB_ACL_T the_acl))
+{
+ errno = ENOSYS;
+ return -1;
+}
+
-+ int sys_acl_free_qualifier(UNUSED(void *qual), UNUSED(SMB_ACL_TAG_T tagtype))
++int sys_acl_free_qualifier(UNUSED(void *qual), UNUSED(SMB_ACL_TAG_T tagtype))
+{
+ errno = ENOSYS;
+ return -1;
+}
+
+#endif /* No ACLs. */
---- orig/uidlist.c 2004-04-29 19:37:25
-+++ uidlist.c 2004-07-03 20:11:58
-@@ -34,6 +34,7 @@
- extern int verbose;
- extern int preserve_uid;
- extern int preserve_gid;
-+extern int preserve_acls;
- extern int numeric_ids;
- extern int am_root;
++
++/************************************************************************
++ Deliberately outside the ACL defines. Return 1 if this is a "no acls"
++ errno, 0 if not.
++************************************************************************/
++
++int no_acl_syscall_error(int err)
++{
++#if defined(ENOSYS)
++ if (err == ENOSYS) {
++ return 1;
++ }
++#endif
++#if defined(ENOTSUP)
++ if (err == ENOTSUP) {
++ return 1;
++ }
++#endif
++ return 0;
++}
+--- old/lib/sysacls.h
++++ new/lib/sysacls.h
+@@ -0,0 +1,28 @@
++#define SMB_MALLOC(cnt) new_array(char, cnt)
++#define SMB_MALLOC_P(obj) new_array(obj, 1)
++#define SMB_MALLOC_ARRAY(obj, cnt) new_array(obj, cnt)
++#define SMB_REALLOC(mem, cnt) realloc_array(mem, char, cnt)
++#define slprintf snprintf
++
++int sys_acl_get_entry(SMB_ACL_T the_acl, int entry_id, SMB_ACL_ENTRY_T *entry_p);
++int sys_acl_get_tag_type(SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p);
++int sys_acl_get_permset(SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p);
++void *sys_acl_get_qualifier(SMB_ACL_ENTRY_T entry_d);
++SMB_ACL_T sys_acl_get_file(const char *path_p, SMB_ACL_TYPE_T type);
++SMB_ACL_T sys_acl_get_fd(int fd);
++int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset);
++int sys_acl_add_perm(SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm);
++int sys_acl_get_perm(SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm);
++char *sys_acl_to_text(SMB_ACL_T the_acl, ssize_t *plen);
++SMB_ACL_T sys_acl_init(int count);
++int sys_acl_create_entry(SMB_ACL_T *pacl, SMB_ACL_ENTRY_T *pentry);
++int sys_acl_set_tag_type(SMB_ACL_ENTRY_T entry, SMB_ACL_TAG_T tagtype);
++int sys_acl_set_qualifier(SMB_ACL_ENTRY_T entry, void *qual);
++int sys_acl_set_permset(SMB_ACL_ENTRY_T entry, SMB_ACL_PERMSET_T permset);
++int sys_acl_valid(SMB_ACL_T theacl);
++int sys_acl_set_file(const char *name, SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl);
++int sys_acl_set_fd(int fd, SMB_ACL_T theacl);
++int sys_acl_delete_def_file(const char *name);
++int sys_acl_free_text(char *text);
++int sys_acl_free_acl(SMB_ACL_T the_acl);
++int sys_acl_free_qualifier(void *qual, SMB_ACL_TAG_T tagtype);
+--- old/mkproto.awk
++++ new/mkproto.awk
+@@ -58,7 +58,7 @@ BEGIN {
+ next;
+ }
-@@ -274,7 +275,7 @@ void send_uid_list(int f)
+-!/^OFF_T|^size_t|^off_t|^pid_t|^unsigned|^mode_t|^DIR|^user|^int|^char|^uint|^uchar|^short|^struct|^BOOL|^void|^time|^const|^RETSIGTYPE/ {
++!/^OFF_T|^size_t|^off_t|^pid_t|^id_t|^unsigned|^mode_t|^DIR|^user|^int|^char|^uint|^uchar|^short|^struct|^BOOL|^void|^time|^const|^RETSIGTYPE/ {
+ next;
+ }
+
+--- old/options.c
++++ new/options.c
+@@ -44,6 +44,7 @@ int keep_dirlinks = 0;
+ int copy_links = 0;
+ int preserve_links = 0;
+ int preserve_hard_links = 0;
++int preserve_acls = 0;
+ int preserve_perms = 0;
+ int preserve_executability = 0;
+ int preserve_devices = 0;
+@@ -193,6 +194,7 @@ static void print_rsync_version(enum log
+ char const *got_socketpair = "no ";
+ char const *have_inplace = "no ";
+ char const *hardlinks = "no ";
++ char const *acls = "no ";
+ char const *links = "no ";
+ char const *ipv6 = "no ";
+ STRUCT_STAT *dumstat;
+@@ -209,6 +211,10 @@ static void print_rsync_version(enum log
+ hardlinks = "";
+ #endif
+
++#ifdef SUPPORT_ACLS
++ acls = "";
++#endif
++
+ #ifdef SUPPORT_LINKS
+ links = "";
+ #endif
+@@ -222,9 +228,9 @@ static void print_rsync_version(enum log
+ rprintf(f, "Copyright (C) 1996-2006 by Andrew Tridgell, Wayne Davison, and others.\n");
+ rprintf(f, "<http://rsync.samba.org/>\n");
+ rprintf(f, "Capabilities: %d-bit files, %ssocketpairs, "
+- "%shard links, %ssymlinks, batchfiles,\n",
++ "%shard links, %sACLs, %ssymlinks, batchfiles,\n",
+ (int) (sizeof (OFF_T) * 8),
+- got_socketpair, hardlinks, links);
++ got_socketpair, hardlinks, acls, links);
+
+ /* Note that this field may not have type ino_t. It depends
+ * on the complicated interaction between largefile feature
+@@ -293,6 +299,9 @@ void usage(enum logcode F)
+ rprintf(F," -K, --keep-dirlinks treat symlinked dir on receiver as dir\n");
+ rprintf(F," -p, --perms preserve permissions\n");
+ rprintf(F," -E, --executability preserve the file's executability\n");
++#ifdef SUPPORT_ACLS
++ rprintf(F," -A, --acls preserve ACLs (implies --perms)\n");
++#endif
+ rprintf(F," --chmod=CHMOD change destination permissions\n");
+ rprintf(F," -o, --owner preserve owner (super-user only)\n");
+ rprintf(F," -g, --group preserve group\n");
+@@ -409,6 +418,9 @@ static struct poptOption long_options[]
+ {"no-perms", 0, POPT_ARG_VAL, &preserve_perms, 0, 0, 0 },
+ {"no-p", 0, POPT_ARG_VAL, &preserve_perms, 0, 0, 0 },
+ {"executability", 'E', POPT_ARG_NONE, &preserve_executability, 0, 0, 0 },
++ {"acls", 'A', POPT_ARG_NONE, 0, 'A', 0, 0 },
++ {"no-acls", 0, POPT_ARG_VAL, &preserve_acls, 0, 0, 0 },
++ {"no-A", 0, POPT_ARG_VAL, &preserve_acls, 0, 0, 0 },
+ {"times", 't', POPT_ARG_VAL, &preserve_times, 1, 0, 0 },
+ {"no-times", 0, POPT_ARG_VAL, &preserve_times, 0, 0, 0 },
+ {"no-t", 0, POPT_ARG_VAL, &preserve_times, 0, 0, 0 },
+@@ -1057,6 +1069,23 @@ int parse_arguments(int *argc, const cha
+ usage(FINFO);
+ exit_cleanup(0);
+
++ case 'A':
++#ifdef SUPPORT_ACLS
++ preserve_acls = preserve_perms = 1;
++ break;
++#else
++ /* FIXME: this should probably be ignored with a
++ * warning and then countermeasures taken to
++ * restrict group and other access in the presence
++ * of any more restrictive ACLs, but this is safe
++ * for now */
++ snprintf(err_buf,sizeof(err_buf),
++ "ACLs are not supported on this %s\n",
++ am_server ? "server" : "client");
++ return 0;
++#endif
++
++
+ default:
+ /* A large opt value means that set_refuse_options()
+ * turned this option off. */
+@@ -1497,6 +1526,10 @@ void server_options(char **args,int *arg
+
+ if (preserve_hard_links)
+ argstr[x++] = 'H';
++#ifdef SUPPORT_ACLS
++ if (preserve_acls)
++ argstr[x++] = 'A';
++#endif
+ if (preserve_uid)
+ argstr[x++] = 'o';
+ if (preserve_gid)
+--- old/receiver.c
++++ new/receiver.c
+@@ -410,6 +410,10 @@ int recv_files(int f_in, struct file_lis
+ int itemizing = am_daemon ? daemon_log_format_has_i
+ : !am_server && log_format_has_i;
+ int max_phase = protocol_version >= 29 ? 2 : 1;
++ int dflt_perms = (ACCESSPERMS & ~orig_umask);
++#ifdef SUPPORT_ACLS
++ char *parent_dirname = "";
++#endif
+ int i, recv_ok;
+
+ if (verbose > 2)
+@@ -607,7 +611,16 @@ int recv_files(int f_in, struct file_lis
+ * mode based on the local permissions and some heuristics. */
+ if (!preserve_perms) {
+ int exists = fd1 != -1;
+- file->mode = dest_mode(file->mode, st.st_mode, exists);
++#ifdef SUPPORT_ACLS
++ char *dn = file->dirname ? file->dirname : ".";
++ if (parent_dirname != dn
++ && strcmp(parent_dirname, dn) != 0) {
++ dflt_perms = default_perms_for_dir(dn);
++ parent_dirname = dn;
++ }
++#endif
++ file->mode = dest_mode(file->mode, st.st_mode,
++ dflt_perms, exists);
+ }
+
+ /* We now check to see if we are writing file "inplace" */
+--- old/rsync.c
++++ new/rsync.c
+@@ -91,7 +91,8 @@ void free_sums(struct sum_struct *s)
+
+ /* This is only called when we aren't preserving permissions. Figure out what
+ * the permissions should be and return them merged back into the mode. */
+-mode_t dest_mode(mode_t flist_mode, mode_t dest_mode, int exists)
++mode_t dest_mode(mode_t flist_mode, mode_t dest_mode, int dflt_perms,
++ int exists)
+ {
+ /* If the file already exists, we'll return the local permissions,
+ * possibly tweaked by the --executability option. */
+@@ -106,7 +107,7 @@ mode_t dest_mode(mode_t flist_mode, mode
+ dest_mode |= (dest_mode & 0444) >> 2;
+ }
+ } else
+- dest_mode = flist_mode & ACCESSPERMS & ~orig_umask;
++ dest_mode = (flist_mode & ACCESSPERMS & dflt_perms) | S_IWUSR;
+ return (flist_mode & ~CHMOD_BITS) | (dest_mode & CHMOD_BITS);
+ }
+
+@@ -205,6 +206,14 @@ int set_file_attrs(char *fname, struct f
+ }
+ #endif
+
++ /* If this is a directory, SET_ACL() will be called on the cleanup
++ * receive_generator() pass (if we called it here, we might clobber
++ * writability on the directory). Everything else is OK to do now. */
++ if (!S_ISDIR(st->st_mode)) {
++ if (SET_ACL(fname, file) == 0)
++ updated = 1;
++ }
++
+ if (verbose > 1 && flags & ATTRS_REPORT) {
+ enum logcode code = daemon_log_format_has_i || dry_run
+ ? FCLIENT : FINFO;
+--- old/rsync.h
++++ new/rsync.h
+@@ -657,6 +657,44 @@ struct chmod_mode_struct;
+
+ #define UNUSED(x) x __attribute__((__unused__))
+
++#if HAVE_POSIX_ACLS|HAVE_UNIXWARE_ACLS|HAVE_SOLARIS_ACLS|\
++ HAVE_HPUX_ACLS|HAVE_IRIX_ACLS|HAVE_AIX_ACLS|HAVE_TRU64_ACLS
++#define SUPPORT_ACLS 1
++#endif
++
++#if HAVE_UNIXWARE_ACLS|HAVE_SOLARIS_ACLS|HAVE_HPUX_ACLS
++#define ACLS_NEED_MASK 1
++#endif
++
++#ifdef SUPPORT_ACLS
++#ifdef HAVE_SYS_ACL_H
++#include <sys/acl.h>
++#endif
++#define MAKE_ACL(file, fname) make_acl(file, fname)
++#define SEND_ACL(file, f) send_acl(file, f)
++#define RECEIVE_ACL(file, f) receive_acl(file, f)
++#define SORT_FILE_ACL_INDEX_LISTS() sort_file_acl_index_lists()
++#define SET_ACL(fname, file) set_acl(fname, file)
++#define NEXT_ACL_UID() next_acl_uid()
++#define ACL_UID_MAP(uid) acl_uid_map(uid)
++#define PUSH_KEEP_BACKUP_ACL(file, orig, dest) \
++ push_keep_backup_acl(file, orig, dest)
++#define CLEANUP_KEEP_BACKUP_ACL() cleanup_keep_backup_acl()
++#define DUP_ACL(orig, dest, mode) dup_acl(orig, dest, mode)
++#else /* SUPPORT_ACLS */
++#define MAKE_ACL(file, fname) 1 /* checked return value */
++#define SEND_ACL(file, f)
++#define RECEIVE_ACL(file, f)
++#define SORT_FILE_ACL_INDEX_LISTS()
++#define SET_ACL(fname, file) 1 /* checked return value */
++#define NEXT_ACL_UID()
++#define ACL_UID_MAP(uid)
++#define PUSH_KEEP_BACKUP_ACL(file, orig, dest)
++#define CLEANUP_KEEP_BACKUP_ACL()
++#define DUP_ACL(src, orig, mode) 1 /* checked return value */
++#endif /* SUPPORT_ACLS */
++#include "smb_acls.h"
++
+ #include "proto.h"
+
+ /* We have replacement versions of these if they're missing. */
+--- old/rsync.yo
++++ new/rsync.yo
+@@ -317,6 +317,7 @@ to the detailed description below for a
+ -K, --keep-dirlinks treat symlinked dir on receiver as dir
+ -p, --perms preserve permissions
+ -E, --executability preserve executability
++ -A, --acls preserve ACLs (implies -p) [non-standard]
+ --chmod=CHMOD change destination permissions
+ -o, --owner preserve owner (super-user only)
+ -g, --group preserve group
+@@ -691,7 +692,9 @@ quote(itemize(
+ permissions, though the bf(--executability) option might change just
+ the execute permission for the file.
+ it() New files get their "normal" permission bits set to the source
+- file's permissions masked with the receiving end's umask setting, and
++ file's permissions masked with the receiving directory's default
++ permissions (either the receiving process's umask, or the permissions
++ specified via the destination directory's default ACL), and
+ their special permission bits disabled except in the case where a new
+ directory inherits a setgid bit from its parent directory.
+ ))
+@@ -722,9 +725,11 @@ The preservation of the destination's se
+ directories when bf(--perms) is off was added in rsync 2.6.7. Older rsync
+ versions erroneously preserved the three special permission bits for
+ newly-created files when bf(--perms) was off, while overriding the
+-destination's setgid bit setting on a newly-created directory. (Keep in
+-mind that it is the version of the receiving rsync that affects this
+-behavior.)
++destination's setgid bit setting on a newly-created directory. Default ACL
++observance was added to the ACL patch for rsync 2.6.7, so older (or
++non-ACL-enabled) rsyncs use the umask even if default ACLs are present.
++(Keep in mind that it is the version of the receiving rsync that affects
++these behaviors.)
+
+ dit(bf(-E, --executability)) This option causes rsync to preserve the
+ executability (or non-executability) of regular files when bf(--perms) is
+@@ -742,6 +747,10 @@ quote(itemize(
+
+ If bf(--perms) is enabled, this option is ignored.
+
++dit(bf(-A, --acls)) This option causes rsync to update the destination
++ACLs to be the same as the source ACLs. This nonstandard option only
++works if the remote rsync also supports it. bf(--acls) implies bf(--perms).
++
+ dit(bf(--chmod)) This option tells rsync to apply one or more
+ comma-separated "chmod" strings to the permission of the files in the
+ transfer. The resulting value is treated as though it was the permissions
+--- old/smb_acls.h
++++ new/smb_acls.h
+@@ -0,0 +1,277 @@
++/*
++ Unix SMB/Netbios implementation.
++ Version 2.2.x
++ Portable SMB ACL interface
++ Copyright (C) Jeremy Allison 2000
++
++ This program is free software; you can redistribute it and/or modify
++ it under the terms of the GNU General Public License as published by
++ the Free Software Foundation; either version 2 of the License, or
++ (at your option) any later version.
++
++ This program is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ GNU General Public License for more details.
++
++ You should have received a copy of the GNU General Public License
++ along with this program; if not, write to the Free Software
++ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
++*/
++
++#ifndef _SMB_ACLS_H
++#define _SMB_ACLS_H
++
++#if defined(HAVE_POSIX_ACLS)
++
++/* This is an identity mapping (just remove the SMB_). */
++
++#define SMB_ACL_TAG_T acl_tag_t
++#define SMB_ACL_TYPE_T acl_type_t
++#define SMB_ACL_PERMSET_T acl_permset_t
++#define SMB_ACL_PERM_T acl_perm_t
++#define SMB_ACL_READ ACL_READ
++#define SMB_ACL_WRITE ACL_WRITE
++#define SMB_ACL_EXECUTE ACL_EXECUTE
++
++/* Types of ACLs. */
++#define SMB_ACL_USER ACL_USER
++#define SMB_ACL_USER_OBJ ACL_USER_OBJ
++#define SMB_ACL_GROUP ACL_GROUP
++#define SMB_ACL_GROUP_OBJ ACL_GROUP_OBJ
++#define SMB_ACL_OTHER ACL_OTHER
++#define SMB_ACL_MASK ACL_MASK
++
++#define SMB_ACL_T acl_t
++
++#define SMB_ACL_ENTRY_T acl_entry_t
++
++#define SMB_ACL_FIRST_ENTRY ACL_FIRST_ENTRY
++#define SMB_ACL_NEXT_ENTRY ACL_NEXT_ENTRY
++
++#define SMB_ACL_TYPE_ACCESS ACL_TYPE_ACCESS
++#define SMB_ACL_TYPE_DEFAULT ACL_TYPE_DEFAULT
++
++#elif defined(HAVE_TRU64_ACLS)
++
++/* This is for DEC/Compaq Tru64 UNIX */
++
++#define SMB_ACL_TAG_T acl_tag_t
++#define SMB_ACL_TYPE_T acl_type_t
++#define SMB_ACL_PERMSET_T acl_permset_t
++#define SMB_ACL_PERM_T acl_perm_t
++#define SMB_ACL_READ ACL_READ
++#define SMB_ACL_WRITE ACL_WRITE
++#define SMB_ACL_EXECUTE ACL_EXECUTE
++
++/* Types of ACLs. */
++#define SMB_ACL_USER ACL_USER
++#define SMB_ACL_USER_OBJ ACL_USER_OBJ
++#define SMB_ACL_GROUP ACL_GROUP
++#define SMB_ACL_GROUP_OBJ ACL_GROUP_OBJ
++#define SMB_ACL_OTHER ACL_OTHER
++#define SMB_ACL_MASK ACL_MASK
++
++#define SMB_ACL_T acl_t
++
++#define SMB_ACL_ENTRY_T acl_entry_t
++
++#define SMB_ACL_FIRST_ENTRY 0
++#define SMB_ACL_NEXT_ENTRY 1
++
++#define SMB_ACL_TYPE_ACCESS ACL_TYPE_ACCESS
++#define SMB_ACL_TYPE_DEFAULT ACL_TYPE_DEFAULT
++
++#elif defined(HAVE_UNIXWARE_ACLS) || defined(HAVE_SOLARIS_ACLS)
++/*
++ * Donated by Michael Davidson <md@sco.COM> for UnixWare / OpenUNIX.
++ * Modified by Toomas Soome <tsoome@ut.ee> for Solaris.
++ */
++
++/* SVR4.2 ES/MP ACLs */
++typedef int SMB_ACL_TAG_T;
++typedef int SMB_ACL_TYPE_T;
++typedef ushort *SMB_ACL_PERMSET_T;
++typedef ushort SMB_ACL_PERM_T;
++#define SMB_ACL_READ 4
++#define SMB_ACL_WRITE 2
++#define SMB_ACL_EXECUTE 1
++
++/* Types of ACLs. */
++#define SMB_ACL_USER USER
++#define SMB_ACL_USER_OBJ USER_OBJ
++#define SMB_ACL_GROUP GROUP
++#define SMB_ACL_GROUP_OBJ GROUP_OBJ
++#define SMB_ACL_OTHER OTHER_OBJ
++#define SMB_ACL_MASK CLASS_OBJ
++
++typedef struct SMB_ACL_T {
++ int size;
++ int count;
++ int next;
++ struct acl acl[1];
++} *SMB_ACL_T;
++
++typedef struct acl *SMB_ACL_ENTRY_T;
++
++#define SMB_ACL_FIRST_ENTRY 0
++#define SMB_ACL_NEXT_ENTRY 1
++
++#define SMB_ACL_TYPE_ACCESS 0
++#define SMB_ACL_TYPE_DEFAULT 1
++
++#elif defined(HAVE_HPUX_ACLS)
++
++/*
++ * Based on the Solaris & UnixWare code.
++ */
++
++#undef GROUP
++#include <sys/aclv.h>
++
++/* SVR4.2 ES/MP ACLs */
++typedef int SMB_ACL_TAG_T;
++typedef int SMB_ACL_TYPE_T;
++typedef ushort *SMB_ACL_PERMSET_T;
++typedef ushort SMB_ACL_PERM_T;
++#define SMB_ACL_READ 4
++#define SMB_ACL_WRITE 2
++#define SMB_ACL_EXECUTE 1
++
++/* Types of ACLs. */
++#define SMB_ACL_USER USER
++#define SMB_ACL_USER_OBJ USER_OBJ
++#define SMB_ACL_GROUP GROUP
++#define SMB_ACL_GROUP_OBJ GROUP_OBJ
++#define SMB_ACL_OTHER OTHER_OBJ
++#define SMB_ACL_MASK CLASS_OBJ
++
++typedef struct SMB_ACL_T {
++ int size;
++ int count;
++ int next;
++ struct acl acl[1];
++} *SMB_ACL_T;
++
++typedef struct acl *SMB_ACL_ENTRY_T;
++
++#define SMB_ACL_FIRST_ENTRY 0
++#define SMB_ACL_NEXT_ENTRY 1
++
++#define SMB_ACL_TYPE_ACCESS 0
++#define SMB_ACL_TYPE_DEFAULT 1
++
++#elif defined(HAVE_IRIX_ACLS)
++
++#define SMB_ACL_TAG_T acl_tag_t
++#define SMB_ACL_TYPE_T acl_type_t
++#define SMB_ACL_PERMSET_T acl_permset_t
++#define SMB_ACL_PERM_T acl_perm_t
++#define SMB_ACL_READ ACL_READ
++#define SMB_ACL_WRITE ACL_WRITE
++#define SMB_ACL_EXECUTE ACL_EXECUTE
++
++/* Types of ACLs. */
++#define SMB_ACL_USER ACL_USER
++#define SMB_ACL_USER_OBJ ACL_USER_OBJ
++#define SMB_ACL_GROUP ACL_GROUP
++#define SMB_ACL_GROUP_OBJ ACL_GROUP_OBJ
++#define SMB_ACL_OTHER ACL_OTHER_OBJ
++#define SMB_ACL_MASK ACL_MASK
++
++typedef struct SMB_ACL_T {
++ int next;
++ BOOL freeaclp;
++ struct acl *aclp;
++} *SMB_ACL_T;
++
++#define SMB_ACL_ENTRY_T acl_entry_t
++
++#define SMB_ACL_FIRST_ENTRY 0
++#define SMB_ACL_NEXT_ENTRY 1
++
++#define SMB_ACL_TYPE_ACCESS ACL_TYPE_ACCESS
++#define SMB_ACL_TYPE_DEFAULT ACL_TYPE_DEFAULT
++
++#elif defined(HAVE_AIX_ACLS)
++
++/* Donated by Medha Date, mdate@austin.ibm.com, for IBM */
++
++#include "/usr/include/acl.h"
++
++typedef uint *SMB_ACL_PERMSET_T;
++
++struct acl_entry_link{
++ struct acl_entry_link *prevp;
++ struct new_acl_entry *entryp;
++ struct acl_entry_link *nextp;
++ int count;
++};
++
++struct new_acl_entry{
++ unsigned short ace_len;
++ unsigned short ace_type;
++ unsigned int ace_access;
++ struct ace_id ace_id[1];
++};
++
++#define SMB_ACL_ENTRY_T struct new_acl_entry*
++#define SMB_ACL_T struct acl_entry_link*
++
++#define SMB_ACL_TAG_T unsigned short
++#define SMB_ACL_TYPE_T int
++#define SMB_ACL_PERM_T uint
++#define SMB_ACL_READ S_IRUSR
++#define SMB_ACL_WRITE S_IWUSR
++#define SMB_ACL_EXECUTE S_IXUSR
++
++/* Types of ACLs. */
++#define SMB_ACL_USER ACEID_USER
++#define SMB_ACL_USER_OBJ 3
++#define SMB_ACL_GROUP ACEID_GROUP
++#define SMB_ACL_GROUP_OBJ 4
++#define SMB_ACL_OTHER 5
++#define SMB_ACL_MASK 6
++
++
++#define SMB_ACL_FIRST_ENTRY 1
++#define SMB_ACL_NEXT_ENTRY 2
++
++#define SMB_ACL_TYPE_ACCESS 0
++#define SMB_ACL_TYPE_DEFAULT 1
++
++#else /* No ACLs. */
++
++/* No ACLS - fake it. */
++#define SMB_ACL_TAG_T int
++#define SMB_ACL_TYPE_T int
++#define SMB_ACL_PERMSET_T mode_t
++#define SMB_ACL_PERM_T mode_t
++#define SMB_ACL_READ S_IRUSR
++#define SMB_ACL_WRITE S_IWUSR
++#define SMB_ACL_EXECUTE S_IXUSR
++
++/* Types of ACLs. */
++#define SMB_ACL_USER 0
++#define SMB_ACL_USER_OBJ 1
++#define SMB_ACL_GROUP 2
++#define SMB_ACL_GROUP_OBJ 3
++#define SMB_ACL_OTHER 4
++#define SMB_ACL_MASK 5
++
++typedef struct SMB_ACL_T {
++ int dummy;
++} *SMB_ACL_T;
++
++typedef struct SMB_ACL_ENTRY_T {
++ int dummy;
++} *SMB_ACL_ENTRY_T;
++
++#define SMB_ACL_FIRST_ENTRY 0
++#define SMB_ACL_NEXT_ENTRY 1
++
++#define SMB_ACL_TYPE_ACCESS 0
++#define SMB_ACL_TYPE_DEFAULT 1
++
++#endif /* No ACLs. */
++#endif /* _SMB_ACLS_H */
+--- old/testsuite/default-acls.test
++++ new/testsuite/default-acls.test
+@@ -0,0 +1,55 @@
++#! /bin/sh
++
++# This program is distributable under the terms of the GNU GPL see
++# COPYING).
++
++# Test that rsync obeys default ACLs. -- Matt McCutchen
++
++. $srcdir/testsuite/rsync.fns
++
++$RSYNC --version | grep ", ACLs" >/dev/null || test_skipped "Rsync is configured without ACL support"
++setfacl -dm u::rwx,g::---,o::--- "$scratchdir" || test_skipped "Your filesystem has ACLs disabled"
++
++# Call as: testit <dirname> <default-acl> <file-expected> <program-expected>
++testit() {
++ todir="$scratchdir/$1"
++ mkdir "$todir"
++ # FIXME This doesn't work on solaris...
++ setfacl -k "$todir"
++ [ "$2" ] && setfacl -dm "$2" "$todir"
++ # Make sure we obey ACLs when creating a directory to hold multiple transferred files,
++ # even though the directory itself is outside the transfer
++ $RSYNC -rvv "$scratchdir/dir" "$scratchdir/file" "$scratchdir/program" "$todir/to/"
++ check_perms "$todir/to" $4 "Target $1"
++ check_perms "$todir/to/dir" $4 "Target $1"
++ check_perms "$todir/to/file" $3 "Target $1"
++ check_perms "$todir/to/program" $4 "Target $1"
++ # Make sure get_local_name doesn't mess us up when transferring only one file
++ $RSYNC -rvv "$scratchdir/file" "$todir/to/anotherfile"
++ check_perms "$todir/to/anotherfile" $3 "Target $1"
++ # Make sure we obey default ACLs when not transferring a regular file
++ $RSYNC -rvv "$scratchdir/dir" "$todir/to/anotherdir"
++ check_perms "$todir/to/anotherdir" $4 "Target $1"
++}
++
++mkdir "$scratchdir/dir"
++echo "File!" >"$scratchdir/file"
++echo "#!/bin/sh" >"$scratchdir/program"
++chmod 777 "$scratchdir/dir"
++chmod 666 "$scratchdir/file"
++chmod 777 "$scratchdir/program"
++
++# Test some target directories
++umask 0077
++testit da777 u::rwx,g::rwx,o::rwx rw-rw-rw- rwxrwxrwx
++testit da775 u::rwx,g::rwx,o::r-x rw-rw-r-- rwxrwxr-x
++testit da750 u::rwx,g::r-x,o::--- rw-r----- rwxr-x---
++testit da770mask u::rwx,g::---,m::rwx,o::--- rw-rw---- rwxrwx---
++testit noda1 '' rw------- rwx------
++umask 0000
++testit noda2 '' rw-rw-rw- rwxrwxrwx
++umask 0022
++testit noda3 '' rw-r--r-- rwxr-xr-x
++
++# Hooray
++exit 0
+--- old/uidlist.c
++++ new/uidlist.c
+@@ -34,6 +34,7 @@
+ extern int verbose;
+ extern int preserve_uid;
+ extern int preserve_gid;
++extern int preserve_acls;
+ extern int numeric_ids;
+ extern int am_root;
+
+@@ -274,7 +275,7 @@ void send_uid_list(int f)
if (numeric_ids)
return;
/* read the uid list */
while ((id = read_int(f)) != 0) {
int len = read_byte(f);
-@@ -325,7 +326,7 @@ void recv_uid_list(int f, struct file_li
+@@ -324,7 +325,7 @@ void recv_uid_list(int f, struct file_li
+ }
}
-
- if (preserve_gid && !numeric_ids) {
+ if ((preserve_gid || preserve_acls) && !numeric_ids) {
/* read the gid list */
while ((id = read_int(f)) != 0) {
int len = read_byte(f);
-@@ -337,6 +338,18 @@ void recv_uid_list(int f, struct file_li
+@@ -336,6 +337,18 @@ void recv_uid_list(int f, struct file_li
}
}
-+#if SUPPORT_ACLS
++#ifdef SUPPORT_ACLS
+ if (preserve_acls && !numeric_ids) {
+ id_t id;
-+ /* the enumerations don't return 0 except to flag the last
-+ * entry, since uidlist doesn't munge 0 anyway */
-+ while ((id = next_acl_uid(flist)))
++ /* The enumerations don't return 0 except to flag the last
++ * entry, since uidlist doesn't munge 0 anyway. */
++ while ((id = next_acl_uid(flist)) != 0)
+ acl_uid_map(match_uid(id));
-+ while ((id = next_acl_gid(flist)))
++ while ((id = next_acl_gid(flist)) != 0)
+ acl_gid_map(match_gid(id));
+ }
+#endif /* SUPPORT_ACLS */
+
- /* now convert the uid/gid of all files in the list to the mapped
- * uid/gid */
+ /* Now convert all the uids/gids from sender values to our values. */
if (am_root && preserve_uid && !numeric_ids) {
+ for (i = 0; i < flist->count; i++)