email-core/email-core-cynara.c

   1 /*
   2 *  email-service
   3 *
   4 * Copyright (c) 2015 Samsung Electronics Co., Ltd. All rights reserved.
   5 *
   6 * Contact: Sunghyun Kwon <sh0701.kwon@samsung.com>, Minsoo Kim <minnsoo.kim@samsung.com>
   7 *
   8 * Licensed under the Apache License, Version 2.0 (the "License");
   9 * you may not use this file except in compliance with the License.
  10 * You may obtain a copy of the License at
  11 *
  12 * http://www.apache.org/licenses/LICENSE-2.0
  13 *
  14 * Unless required by applicable law or agreed to in writing, software
  15 * distributed under the License is distributed on an "AS IS" BASIS,
  16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  17 * See the License for the specific language governing permissions and
  18 * limitations under the License.
  19 *
  20 */
  21
  22 /**
  23  *
  24  * This file contains functionality related to cynara(privilege)
  25  * to interact with email-service.
  26  * @file        email-core-cynara.c
  27  * @author      sh0701.kwon@samsung.com
  28  * @version     0.1
  29  * @brief       This file contains functionality to provide cynara support in email-service.
  30  */
  31
  32 #include <pthread.h>
  33 #include <cynara-error.h>
  34 #include <cynara-client.h>
  35 #include <cynara-session.h>
  36 #include <cynara-creds-commons.h>
  37 #include <cynara-creds-socket.h>
  38
  39 #include "email-debug-log.h"
  40 #include "email-utilities.h"
  41
  42 typedef struct _cynara_info_t {
  43         cynara *email_cynara;
  44         enum cynara_client_creds client_method;
  45         enum cynara_user_creds user_method;
  46 } cynara_info_t;
  47
  48 static cynara_info_t *cynara_info = NULL;
  49 pthread_mutex_t cynara_mutex = PTHREAD_MUTEX_INITIALIZER;
  50
  51 INTERNAL_FUNC int emcore_init_cynara()
  52 {
  53         EM_DEBUG_FUNC_BEGIN();
  54         int ret = CYNARA_API_SUCCESS;
  55         int err = EMAIL_ERROR_NONE;
  56         char errno_buf[ERRNO_BUF_SIZE] = {0};
  57
  58         ENTER_CRITICAL_SECTION(cynara_mutex);
  59         cynara_info = (cynara_info_t *)em_malloc(sizeof(cynara_info));
  60         if (cynara_info == NULL) {
  61                 EM_DEBUG_EXCEPTION("em_mallocfailed");
  62                 err = EMAIL_ERROR_OUT_OF_MEMORY;
  63                 goto FINISH_OFF;
  64         }
  65
  66         ret = cynara_initialize(&(cynara_info->email_cynara), NULL);
  67         if (ret != CYNARA_API_SUCCESS) {
  68                 cynara_strerror(ret, errno_buf, ERRNO_BUF_SIZE);
  69                 EM_DEBUG_EXCEPTION("cynara_initialize failed : [%d], error : [%s]",
  70                                                         ret,
  71                                                         errno_buf);
  72                 err = EMAIL_ERROR_NOT_INITIALIZED;
  73                 goto FINISH_OFF;
  74         }
  75
  76         ret = cynara_creds_get_default_client_method(&(cynara_info->client_method));
  77         if (ret != CYNARA_API_SUCCESS) {
  78                 cynara_strerror(ret, errno_buf, ERRNO_BUF_SIZE);
  79                 EM_DEBUG_EXCEPTION("cynara_creds_get_default_client_method failed : [%d], error : [%s]",
  80                                                         ret,
  81                                                         errno_buf);
  82                 err = EMAIL_ERROR_NOT_INITIALIZED;
  83                 goto FINISH_OFF;
  84         }
  85
  86         ret = cynara_creds_get_default_user_method(&(cynara_info->user_method));
  87         if (ret != CYNARA_API_SUCCESS) {
  88                 cynara_strerror(ret, errno_buf, ERRNO_BUF_SIZE);
  89                 EM_DEBUG_EXCEPTION("cynara_creds_get_default_user_method failed : [%d], error : [%s]",
  90                                                         ret,
  91                                                         errno_buf);
  92                 err = EMAIL_ERROR_NOT_INITIALIZED;
  93                 goto FINISH_OFF;
  94         }
  95
  96 FINISH_OFF:
  97
  98         LEAVE_CRITICAL_SECTION(cynara_mutex);
  99
 100         EM_DEBUG_FUNC_END();
 101         return err;
 102 }
 103
 104 INTERNAL_FUNC void emcore_finish_cynara()
 105 {
 106         EM_DEBUG_FUNC_BEGIN();
 107         int ret = CYNARA_API_SUCCESS;
 108         char errno_buf[ERRNO_BUF_SIZE] = {0};
 109
 110         if (cynara_info == NULL) {
 111                 EM_DEBUG_EXCEPTION("cynara did not initialize");
 112                 return;
 113         }
 114
 115         ENTER_CRITICAL_SECTION(cynara_mutex);
 116         ret = cynara_finish(cynara_info->email_cynara);
 117         if (ret != CYNARA_API_SUCCESS) {
 118                 cynara_strerror(ret, errno_buf, ERRNO_BUF_SIZE);
 119                 EM_DEBUG_EXCEPTION("cynara_finish failed : [%d], error : [%s]",
 120                                                         ret,
 121                                                         errno_buf);
 122         }
 123         EM_SAFE_FREE(cynara_info);
 124         LEAVE_CRITICAL_SECTION(cynara_mutex);
 125
 126         EM_DEBUG_FUNC_END();
 127 }
 128
 129 INTERNAL_FUNC int emcore_check_privilege(unsigned int socket_fd)
 130 {
 131         EM_DEBUG_FUNC_BEGIN();
 132         int ret = CYNARA_API_SUCCESS;
 133         int     err = EMAIL_ERROR_NONE;
 134         char errno_buf[ERRNO_BUF_SIZE] = {0};
 135
 136         if (socket_fd < 0) {
 137                 EM_DEBUG_EXCEPTION("Invalid parameter");
 138                 err = EMAIL_ERROR_INVALID_PARAM;
 139                 return err;
 140         }
 141
 142         if (cynara_info->email_cynara == NULL) {
 143                 err = emcore_init_cynara();
 144                 if (err != EMAIL_ERROR_NONE) {
 145                         EM_DEBUG_EXCEPTION("emcore_init_cynara failed : [%d]", err);
 146                         return err;
 147                 }
 148         }
 149
 150         err = EMAIL_ERROR_PERMISSION_DENIED;
 151
 152         pid_t client_pid = 0;
 153         char *client_uid = NULL;
 154         char *client_smack = NULL;
 155         char *client_session = NULL;
 156
 157         ENTER_CRITICAL_SECTION(cynara_mutex);
 158
 159         ret = cynara_creds_socket_get_client(socket_fd, cynara_info->client_method, &client_smack);
 160         if (ret != CYNARA_API_SUCCESS) {
 161                 cynara_strerror(ret, errno_buf, ERRNO_BUF_SIZE);
 162                 EM_DEBUG_EXCEPTION("cynara_creds_socket_get_client failed : [%d], error : [%s]",
 163                                                         ret,
 164                                                         errno_buf);
 165                 goto FINISH_OFF;
 166         }
 167
 168         ret = cynara_creds_socket_get_user(socket_fd, cynara_info->user_method, &client_uid);
 169         if (ret != CYNARA_API_SUCCESS) {
 170                 cynara_strerror(ret, errno_buf, ERRNO_BUF_SIZE);
 171                 EM_DEBUG_EXCEPTION("cynara_creds_socket_get_user failed : [%d], error : [%s]",
 172                                                         ret,
 173                                                         errno_buf);
 174                 goto FINISH_OFF;
 175         }
 176
 177         ret = cynara_creds_socket_get_pid(socket_fd, &client_pid);
 178         if (ret != CYNARA_API_SUCCESS) {
 179                 cynara_strerror(ret, errno_buf, ERRNO_BUF_SIZE);
 180                 EM_DEBUG_EXCEPTION("cynara_creds_socket_get_pid failed : [%d], error : [%s]",
 181                                                         ret,
 182                                                         errno_buf);
 183                 goto FINISH_OFF;
 184         }
 185
 186         client_session = cynara_session_from_pid(client_pid);
 187         if (client_session == NULL) {
 188                 cynara_strerror(ret, errno_buf, ERRNO_BUF_SIZE);
 189                 EM_DEBUG_EXCEPTION("cynara_session_from_pid failed error : [%s]",
 190                                                         errno_buf);
 191                 goto FINISH_OFF;
 192         }
 193
 194         ret = cynara_check(cynara_info->email_cynara, client_smack, client_session, client_uid,
 195                                         "http://tizen.org/privilege/email");
 196         if (ret != CYNARA_API_ACCESS_ALLOWED) {
 197                 cynara_strerror(ret, errno_buf, ERRNO_BUF_SIZE);
 198                 EM_DEBUG_EXCEPTION("cynara_check failed : [%d], error : [%s]",
 199                                                         ret,
 200                                                         errno_buf);
 201                 goto FINISH_OFF;
 202         }
 203
 204         err = EMAIL_ERROR_NONE;
 205
 206 FINISH_OFF:
 207
 208         LEAVE_CRITICAL_SECTION(cynara_mutex);
 209
 210         EM_SAFE_FREE(client_uid);
 211         EM_SAFE_FREE(client_smack);
 212         EM_SAFE_FREE(client_session);
 213
 214         EM_DEBUG_FUNC_END();
 215         return err;
 216 }