4 * Copyright (c) 2012-2013 Samsung Electronics Co., Ltd.
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
20 #include "bt-share-cynara.h"
23 #include "bt-share-common.h"
25 #include <cynara-client.h>
26 #include <cynara-session.h>
27 #include <cynara-creds-dbus.h>
28 #include <cynara-error.h>
31 static cynara *_cynara = NULL;
32 const unsigned int error_msg_size = 256;
36 int _bt_share_cynara_init(void)
38 char error_msg[error_msg_size];
41 ret = cynara_initialize(&_cynara, NULL);
42 if (ret != CYNARA_API_SUCCESS) {
43 cynara_strerror(ret, error_msg, error_msg_size);
44 ERR("cynara_initialize failed: %s\n", error_msg);
48 return BT_SHARE_ERROR_NONE;
51 // fill creds structure with data needed to perform checks using cynara-creds lib
52 int _bt_share_cynara_get_creds(DBusConnection *conn, const char *sender,
53 bt_share_cynara_creds *creds)
55 char error_msg[error_msg_size];
58 ret = cynara_creds_dbus_get_pid(conn, sender, &(creds->pid));
60 cynara_strerror(ret, error_msg, error_msg_size);
61 ERR("cynara_creds_dbus_get_pid fail\n");
65 ret = cynara_creds_dbus_get_user(conn, sender, USER_METHOD_UID, &(creds->uid));
67 cynara_strerror(ret, error_msg, error_msg_size);
68 ERR("cynara_creds_dbus_get_user failed\n");
72 ret = cynara_creds_dbus_get_client(conn, sender, CLIENT_METHOD_SMACK, &(creds->smack));
74 cynara_strerror(ret, error_msg, error_msg_size);
75 ERR("cynara_creds_dbus_get_client failed\n");
79 return BT_SHARE_ERROR_NONE;
82 // check if client has required privilege
83 int _bt_share_cynara_check(const bt_share_cynara_creds *creds, const char *privilege)
87 char error_msg[error_msg_size];
89 if (!creds || !privilege)
92 client_session = cynara_session_from_pid(creds->pid);
93 if (!client_session) {
94 ERR("cynara_session_from_pid failed\n");
98 ret = cynara_check(_cynara, creds->smack, client_session, creds->uid, privilege);
99 if (ret != CYNARA_API_ACCESS_ALLOWED) {
100 cynara_strerror(ret, error_msg, error_msg_size);
101 ERR("cynara_check error: %s\n", error_msg);
104 free(client_session);
105 return ret == CYNARA_API_ACCESS_ALLOWED ? BT_SHARE_ERROR_NONE : BT_SHARE_FAIL;
108 // finish working with cynara
109 void _bt_share_cynara_finish(void)
111 cynara_finish(_cynara);