1 /* vi: set et sw=4 ts=4 cino=t0,(0: */
2 /* -*- Mode: C; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
4 * This file is part of gsignond
6 * Copyright (C) 2012 Intel Corporation.
8 * Contact: Jussi Laako <jussi.laako@linux.intel.com>
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2.1 of the License, or (at your option) any later version.
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
26 #include "gsignond/gsignond-security-context.h"
29 _security_context_free (gpointer ptr)
31 GSignondSecurityContext *ctx = (GSignondSecurityContext *) ptr;
33 gsignond_security_context_free (ctx);
37 * gsignond_security_context_new:
39 * Allocates a new security context item.
41 * Returns: (transfer full) allocated #GSignondSecurityContext.
43 GSignondSecurityContext *
44 gsignond_security_context_new ()
46 GSignondSecurityContext *ctx;
48 ctx = g_slice_new0 (GSignondSecurityContext);
49 ctx->sys_ctx = g_strdup ("");
50 ctx->app_ctx = g_strdup ("");
56 * gsignond_security_context_new_from_vaues:
57 * @system_context: system security context (such as SMACK/MSSF label/token).
58 * @application_context: application security context (such as a script name).
60 * Allocates and initializes a new security context item.
62 * Returns: (transfer full) allocated #GSignondSecurityContext.
64 GSignondSecurityContext *
65 gsignond_security_context_new_from_values (const gchar *system_context,
66 const gchar *application_context)
68 GSignondSecurityContext *ctx;
70 g_return_val_if_fail (system_context != NULL, NULL);
72 ctx = g_slice_new0 (GSignondSecurityContext);
73 ctx->sys_ctx = g_strdup (system_context);
74 if (application_context)
75 ctx->app_ctx = g_strdup (application_context);
77 ctx->app_ctx = g_strdup ("");
83 * gsignond_security_context_copy:
84 * @src_ctx: source security context to copy.
86 * Copy a security context item.
88 * Returns: (transfer full) a copy of the #GSignondSecurityContext item.
90 GSignondSecurityContext *
91 gsignond_security_context_copy (const GSignondSecurityContext *src_ctx)
93 g_return_val_if_fail (src_ctx != NULL, NULL);
95 return gsignond_security_context_new_from_values (src_ctx->sys_ctx,
100 * gsignond_security_context_free:
101 * @ctx: #GSignondSecurityContext to be freed.
103 * Frees a security context item.
106 gsignond_security_context_free (GSignondSecurityContext *ctx)
108 if (ctx == NULL) return;
110 g_free (ctx->sys_ctx);
111 g_free (ctx->app_ctx);
112 g_slice_free (GSignondSecurityContext, ctx);
116 * gsignond_security_context_set_system_context:
117 * @ctx: #GSignondSecurityContext item.
118 * @system_context: system security context.
120 * Sets the system context part (such as SMACK label or MSSF token) of the
121 * #GSignondSecurityContext.
124 gsignond_security_context_set_system_context (GSignondSecurityContext *ctx,
125 const gchar *system_context)
127 g_return_if_fail (ctx != NULL);
129 g_free (ctx->sys_ctx);
130 ctx->sys_ctx = (system_context) ?
131 g_strdup (system_context) : g_strdup ("");
135 * gsignond_security_context_get_system_context:
136 * @ctx: #GSignondSecurityContext item.
138 * Get the system context part (such as SMACK label or MSSF token) of the
139 * #GSignondSecurityContext.
141 * Returns: (transfer none) system context.
144 gsignond_security_context_get_system_context (
145 const GSignondSecurityContext *ctx)
147 g_return_val_if_fail (ctx != NULL, NULL);
153 * gsignond_security_context_set_application_context:
154 * @ctx: #GSignondSecurityContext item.
155 * @application_context: application security context.
157 * Sets the application context part (such as a script name or a web page) of
158 * the #GSignondSecurityContext.
161 gsignond_security_context_set_application_context (
162 GSignondSecurityContext *ctx,
163 const gchar *application_context)
165 g_return_if_fail (ctx != NULL);
167 g_free (ctx->app_ctx);
168 ctx->app_ctx = (application_context) ?
169 g_strdup (application_context) : g_strdup ("");
173 * gsignond_security_context_get_application_context:
174 * @ctx: #GSignondSecurityContext item.
176 * Get the application context part (such as script name or a web page) of
177 * the #GSignondSecurityContext.
179 * Returns: (transfer none) application context.
182 gsignond_security_context_get_application_context (
183 const GSignondSecurityContext *ctx)
185 g_return_val_if_fail (ctx != NULL, NULL);
191 * signon_security_conetxt_to_variant:
192 * @ctx: #GSignondSecurityContext item.
194 * Build a GVariant of type "(ss)" from a #GSignondSecurityContext item.
196 * Returns: (transfer full) GVariant construct of a #GSignondSecurityContext.
199 gsignond_security_context_to_variant (const GSignondSecurityContext *ctx)
203 g_return_val_if_fail (ctx != NULL, NULL);
205 variant = g_variant_new ("(ss)",
206 ctx->sys_ctx ? ctx->sys_ctx : "",
207 ctx->app_ctx ? ctx->app_ctx : "");
213 * gsignond_security_context_from_variant:
214 * @variant: GVariant item with a #GSignondSecurityContext construct.
216 * Builds a #GSignondSecurityContext item from a GVariant of type "(ss)".
218 * Returns: (transfer full) #GSignondSecurityContext item.
220 GSignondSecurityContext *
221 gsignond_security_context_from_variant (GVariant *variant)
223 gchar *sys_ctx = NULL;
224 gchar *app_ctx = NULL;
225 GSignondSecurityContext *ctx;
227 g_return_val_if_fail (variant != NULL, NULL);
229 g_variant_get (variant, "(ss)", &sys_ctx, &app_ctx);
230 ctx = gsignond_security_context_new_from_values (sys_ctx, app_ctx);
237 * gsignond_security_context_compare:
238 * @ctx1: first item to compare.
239 * @ctx2: second item to compare.
241 * Compare two #GSignondSecurityContext items similar in a way to strcmp().
243 * Returns: negative if ctx1 < ctx2, 0 if ctx1 == ctx2 and positive if ctx1 > ctx2.
246 gsignond_security_context_compare (const GSignondSecurityContext *ctx1,
247 const GSignondSecurityContext *ctx2)
251 if (ctx1 == ctx2) return 0;
253 g_return_val_if_fail (ctx1 != NULL, -1);
254 g_return_val_if_fail (ctx2 != NULL, 1);
256 res = g_strcmp0(ctx1->sys_ctx, ctx2->sys_ctx);
258 res = g_strcmp0(ctx1->app_ctx, ctx2->app_ctx);
264 * gsignond_security_context_match:
265 * @ctx1: first item to compare.
266 * @ctx2: second item to compare.
268 * Compare two #GSignondSecurityContext items match.
270 * Returns: TRUE if contexts are equal or either side has wildcard match, otherwise FALSE. Two NULL contexts match.
273 gsignond_security_context_match (const GSignondSecurityContext *ctx1,
274 const GSignondSecurityContext *ctx2)
276 if (ctx1 == ctx2) return TRUE;
278 g_return_val_if_fail (ctx1 != NULL && ctx2 != NULL, FALSE);
280 if (g_strcmp0(ctx1->sys_ctx, "*") == 0 ||
281 g_strcmp0(ctx2->sys_ctx, "*") == 0) return TRUE;
283 if (g_strcmp0(ctx1->sys_ctx, ctx2->sys_ctx) == 0) {
284 if (g_strcmp0(ctx1->app_ctx, "*") == 0 ||
285 g_strcmp0(ctx2->app_ctx, "*") == 0) return TRUE;
286 if (g_strcmp0(ctx1->app_ctx, ctx2->app_ctx) == 0) return TRUE;
293 * gsignond_security_context_check:
294 * @reference: reference security context item to check against.
295 * @test: security context item to be checked.
297 * Check if item @test is covered by @reference.
299 * Returns: TRUE if contexts are equal or wildcards of the @reference arguments match, otherwise FALSE. If either or both contexts are NULL, FALSE is returned.
302 gsignond_security_context_check (const GSignondSecurityContext *reference,
303 const GSignondSecurityContext *test)
305 g_return_val_if_fail (reference != NULL && test != NULL, FALSE);
307 if (g_strcmp0(reference->sys_ctx, "*") == 0) return TRUE;
308 if (g_strcmp0(reference->sys_ctx, test->sys_ctx) == 0) {
309 if (g_strcmp0(reference->app_ctx, "*") == 0) return TRUE;
310 if (g_strcmp0(reference->app_ctx, test->app_ctx) == 0) return TRUE;
317 * gsignond_security_context_list_to_variant:
318 * @list: #GSignondSecurityContextList item.
320 * Builds a GVariant of type "a(ss)" from a GList of #GSignondSecurityContext
323 * Returns: (transfer full) GVariant construct of a #GSignondSecurityContextList.
326 gsignond_security_context_list_to_variant (
327 const GSignondSecurityContextList *list)
329 GVariantBuilder builder;
331 GSignondSecurityContext *ctx;
333 g_variant_builder_init (&builder, G_VARIANT_TYPE_ARRAY);
334 for ( ; list != NULL; list = g_list_next (list)) {
335 ctx = (GSignondSecurityContext *) list->data;
336 g_variant_builder_add_value (
338 gsignond_security_context_to_variant (ctx));
340 variant = g_variant_builder_end (&builder);
346 * gsignond_security_context_list_from_variant:
347 * @variant: GVariant item with a list of security context tuples.
349 * Builds a GList of #GSignondSecurityContext items from a GVariant of type
352 * Returns: (transfer full) #GSignondSecurityContextList item.
354 GSignondSecurityContextList *
355 gsignond_security_context_list_from_variant (GVariant *variant)
357 GSignondSecurityContextList *list = NULL;
361 g_return_val_if_fail (variant != NULL, NULL);
363 g_variant_iter_init (&iter, variant);
364 while ((value = g_variant_iter_next_value (&iter))) {
365 list = g_list_append (list,
366 gsignond_security_context_from_variant (value));
367 g_variant_unref (value);
374 * gsignond_security_context_list_copy:
375 * @src_list: source #GSignondSecurityContextList.
377 * Copies a GList of #GSignondSecurityContext items.
379 * Returns: (transfer full) #GSignondSecurityContextList item.
381 GSignondSecurityContextList *
382 gsignond_security_context_list_copy (
383 const GSignondSecurityContextList *src_list)
385 GSignondSecurityContext *ctx;
386 GSignondSecurityContextList *dst_list = NULL;
388 for ( ; src_list != NULL; src_list = g_list_next (src_list)) {
389 ctx = (GSignondSecurityContext *) src_list->data;
390 dst_list = g_list_append (dst_list,
391 gsignond_security_context_copy (ctx));
398 * gsignond_security_context_list_free:
399 * @seclist: (transfer full) #GSignondSecurityContextList item.
401 * Frees all items and the GList of #GSignondSecurityContext.
404 gsignond_security_context_list_free (GSignondSecurityContextList *seclist)
406 g_list_free_full (seclist, _security_context_free);