email-core/email-core-cynara.c

   1 /*
   2 *  email-service
   3 *
   4 * Copyright (c) 2015 Samsung Electronics Co., Ltd. All rights reserved.
   5 *
   6 * Contact: Sunghyun Kwon <sh0701.kwon@samsung.com>, Minsoo Kim <minnsoo.kim@samsung.com>
   7 *
   8 * Licensed under the Apache License, Version 2.0 (the "License");
   9 * you may not use this file except in compliance with the License.
  10 * You may obtain a copy of the License at
  11 *
  12 * http://www.apache.org/licenses/LICENSE-2.0
  13 *
  14 * Unless required by applicable law or agreed to in writing, software
  15 * distributed under the License is distributed on an "AS IS" BASIS,
  16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  17 * See the License for the specific language governing permissions and
  18 * limitations under the License.
  19 *
  20 */
  21
  22 /**
  23  *
  24  * This file contains functionality related to cynara(privilege)
  25  * to interact with email-service.
  26  * @file        email-core-cynara.c
  27  * @author      sh0701.kwon@samsung.com
  28  * @version     0.1
  29  * @brief       This file contains functionality to provide cynara support in email-service.
  30  */
  31
  32 #include <pthread.h>
  33 #include <cynara-error.h>
  34 #include <cynara-client.h>
  35 #include <cynara-session.h>
  36 #include <cynara-creds-commons.h>
  37 #include <cynara-creds-socket.h>
  38
  39 #include "email-debug-log.h"
  40 #include "email-utilities.h"
  41
  42 typedef struct _cynara_info_t {
  43         cynara *email_cynara;
  44         enum cynara_client_creds client_method;
  45         enum cynara_user_creds user_method;
  46 } cynara_info_t;
  47
  48 static cynara_info_t *cynara_info = NULL;
  49 pthread_mutex_t cynara_mutex = PTHREAD_MUTEX_INITIALIZER;
  50
  51 INTERNAL_FUNC int emcore_init_cynara()
  52 {
  53         EM_DEBUG_FUNC_BEGIN();
  54         int ret = CYNARA_API_SUCCESS;
  55         int err = EMAIL_ERROR_NONE;
  56         char errno_buf[ERRNO_BUF_SIZE] = {0};
  57
  58         ENTER_CRITICAL_SECTION(cynara_mutex);
  59         cynara_info = (cynara_info_t *)em_malloc(sizeof(cynara_info_t));
  60         if (cynara_info == NULL) {
  61                 EM_DEBUG_EXCEPTION("em_mallocfailed");
  62                 err = EMAIL_ERROR_OUT_OF_MEMORY;
  63                 goto FINISH_OFF;
  64         }
  65
  66         ret = cynara_initialize(&(cynara_info->email_cynara), NULL);
  67         if (ret != CYNARA_API_SUCCESS) {
  68                 cynara_strerror(ret, errno_buf, ERRNO_BUF_SIZE);
  69                 EM_DEBUG_EXCEPTION("cynara_initialize failed : [%d], error : [%s]",
  70                                                         ret,
  71                                                         errno_buf);
  72                 err = EMAIL_ERROR_NOT_INITIALIZED;
  73                 goto FINISH_OFF;
  74         }
  75
  76         ret = cynara_creds_get_default_client_method(&(cynara_info->client_method));
  77         if (ret != CYNARA_API_SUCCESS) {
  78                 cynara_strerror(ret, errno_buf, ERRNO_BUF_SIZE);
  79                 EM_DEBUG_EXCEPTION("cynara_creds_get_default_client_method failed : [%d], error : [%s]",
  80                                                         ret,
  81                                                         errno_buf);
  82                 err = EMAIL_ERROR_NOT_INITIALIZED;
  83                 goto FINISH_OFF;
  84         }
  85
  86         ret = cynara_creds_get_default_user_method(&(cynara_info->user_method));
  87         if (ret != CYNARA_API_SUCCESS) {
  88                 cynara_strerror(ret, errno_buf, ERRNO_BUF_SIZE);
  89                 EM_DEBUG_EXCEPTION("cynara_creds_get_default_user_method failed : [%d], error : [%s]",
  90                                                         ret,
  91                                                         errno_buf);
  92                 err = EMAIL_ERROR_NOT_INITIALIZED;
  93                 goto FINISH_OFF;
  94         }
  95
  96 FINISH_OFF:
  97
  98         LEAVE_CRITICAL_SECTION(cynara_mutex);
  99
 100         EM_DEBUG_FUNC_END();
 101         return err;
 102 }
 103
 104 INTERNAL_FUNC void emcore_finish_cynara()
 105 {
 106         EM_DEBUG_FUNC_BEGIN();
 107         int ret = CYNARA_API_SUCCESS;
 108         char errno_buf[ERRNO_BUF_SIZE] = {0};
 109
 110         if (cynara_info == NULL) {
 111                 EM_DEBUG_EXCEPTION("cynara did not initialize");
 112                 return;
 113         }
 114
 115         ENTER_CRITICAL_SECTION(cynara_mutex);
 116         ret = cynara_finish(cynara_info->email_cynara);
 117         if (ret != CYNARA_API_SUCCESS) {
 118                 cynara_strerror(ret, errno_buf, ERRNO_BUF_SIZE);
 119                 EM_DEBUG_EXCEPTION("cynara_finish failed : [%d], error : [%s]",
 120                                                         ret,
 121                                                         errno_buf);
 122         }
 123         EM_SAFE_FREE(cynara_info);
 124         LEAVE_CRITICAL_SECTION(cynara_mutex);
 125
 126         EM_DEBUG_FUNC_END();
 127 }
 128
 129 INTERNAL_FUNC int emcore_check_privilege(unsigned int socket_fd)
 130 {
 131         EM_DEBUG_FUNC_BEGIN();
 132         int ret = CYNARA_API_SUCCESS;
 133         int     err = EMAIL_ERROR_NONE;
 134         char errno_buf[ERRNO_BUF_SIZE] = {0};
 135
 136         if (cynara_info->email_cynara == NULL) {
 137                 err = emcore_init_cynara();
 138                 if (err != EMAIL_ERROR_NONE) {
 139                         EM_DEBUG_EXCEPTION("emcore_init_cynara failed : [%d]", err);
 140                         return err;
 141                 }
 142         }
 143
 144         err = EMAIL_ERROR_PERMISSION_DENIED;
 145
 146         pid_t client_pid = 0;
 147         char *client_uid = NULL;
 148         char *client_smack = NULL;
 149         char *client_session = NULL;
 150
 151         ENTER_CRITICAL_SECTION(cynara_mutex);
 152
 153         ret = cynara_creds_socket_get_client(socket_fd, cynara_info->client_method, &client_smack);
 154         if (ret != CYNARA_API_SUCCESS) {
 155                 cynara_strerror(ret, errno_buf, ERRNO_BUF_SIZE);
 156                 EM_DEBUG_EXCEPTION("cynara_creds_socket_get_client failed : [%d], error : [%s]",
 157                                                         ret,
 158                                                         errno_buf);
 159                 goto FINISH_OFF;
 160         }
 161
 162         ret = cynara_creds_socket_get_user(socket_fd, cynara_info->user_method, &client_uid);
 163         if (ret != CYNARA_API_SUCCESS) {
 164                 cynara_strerror(ret, errno_buf, ERRNO_BUF_SIZE);
 165                 EM_DEBUG_EXCEPTION("cynara_creds_socket_get_user failed : [%d], error : [%s]",
 166                                                         ret,
 167                                                         errno_buf);
 168                 goto FINISH_OFF;
 169         }
 170
 171         ret = cynara_creds_socket_get_pid(socket_fd, &client_pid);
 172         if (ret != CYNARA_API_SUCCESS) {
 173                 cynara_strerror(ret, errno_buf, ERRNO_BUF_SIZE);
 174                 EM_DEBUG_EXCEPTION("cynara_creds_socket_get_pid failed : [%d], error : [%s]",
 175                                                         ret,
 176                                                         errno_buf);
 177                 goto FINISH_OFF;
 178         }
 179
 180         client_session = cynara_session_from_pid(client_pid);
 181         if (client_session == NULL) {
 182                 cynara_strerror(ret, errno_buf, ERRNO_BUF_SIZE);
 183                 EM_DEBUG_EXCEPTION("cynara_session_from_pid failed error : [%s]",
 184                                                         errno_buf);
 185                 goto FINISH_OFF;
 186         }
 187
 188         ret = cynara_check(cynara_info->email_cynara, client_smack, client_session, client_uid,
 189                                         "http://tizen.org/privilege/email");
 190         if (ret != CYNARA_API_ACCESS_ALLOWED) {
 191                 cynara_strerror(ret, errno_buf, ERRNO_BUF_SIZE);
 192                 EM_DEBUG_EXCEPTION("cynara_check failed : [%d], error : [%s]",
 193                                                         ret,
 194                                                         errno_buf);
 195                 goto FINISH_OFF;
 196         }
 197
 198         err = EMAIL_ERROR_NONE;
 199
 200 FINISH_OFF:
 201
 202         LEAVE_CRITICAL_SECTION(cynara_mutex);
 203
 204         EM_SAFE_FREE(client_uid);
 205         EM_SAFE_FREE(client_smack);
 206         EM_SAFE_FREE(client_session);
 207
 208         EM_DEBUG_FUNC_END();
 209         return err;
 210 }