4 * Copyright (c) 2000 - 2011 Samsung Electronics Co., Ltd All Rights Reserved
6 * Contact: Bumjin Im <bj.im@samsung.com>
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License
26 #include <sys/socket.h>
27 #include <sys/types.h>
28 #include <sys/smack.h>
39 #include "security-server-common.h"
40 #include "security-server-comm.h"
42 void printhex(const unsigned char *data, int size)
50 printf("%X ", data[i]);
51 if(((i+1) % 16) == 0 && i != 0)
57 char *read_exe_path_from_proc(pid_t pid)
64 // get link to executable
65 snprintf(link, sizeof(link), "/proc/%d/exe", pid);
71 SEC_SVR_DBG("Out of memory");
76 cnt = readlink(link, exe, size);
79 if (cnt < 0 || (size_t)cnt > size) {
80 SEC_SVR_DBG("Can't locate process binary for pid[%d]", pid);
85 // read less than requested
86 if ((size_t)cnt < size)
89 // read exactly the number of bytes requested
91 if (size > (SIZE_MAX >> 1)) {
92 SEC_SVR_DBG("Exe path too long (more than %d characters)", size);
97 // readlink does not append null byte to buffer.
102 /* Return code in packet is positive integer *
103 * We need to convert them to error code which are negative integer */
104 int return_code_to_error_code(int ret_code)
109 case SECURITY_SERVER_RETURN_CODE_SUCCESS:
110 case SECURITY_SERVER_RETURN_CODE_ACCESS_GRANTED:
111 ret = SECURITY_SERVER_SUCCESS;
113 case SECURITY_SERVER_RETURN_CODE_BAD_REQUEST:
114 ret = SECURITY_SERVER_ERROR_BAD_REQUEST;
116 case SECURITY_SERVER_RETURN_CODE_AUTHENTICATION_FAILED:
117 ret = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
119 case SECURITY_SERVER_RETURN_CODE_ACCESS_DENIED:
120 ret = SECURITY_SERVER_ERROR_ACCESS_DENIED;
122 case SECURITY_SERVER_RETURN_CODE_NO_SUCH_OBJECT:
123 ret = SECURITY_SERVER_ERROR_NO_SUCH_OBJECT;
125 case SECURITY_SERVER_RETURN_CODE_SERVER_ERROR:
126 ret = SECURITY_SERVER_ERROR_SERVER_ERROR;
128 case SECURITY_SERVER_RETURN_CODE_NO_SUCH_COOKIE:
129 ret = SECURITY_SERVER_ERROR_NO_SUCH_COOKIE;
131 case SECURITY_SERVER_RETURN_CODE_NO_PASSWORD:
132 ret = SECURITY_SERVER_ERROR_NO_PASSWORD;
134 case SECURITY_SERVER_RETURN_CODE_PASSWORD_EXIST:
135 ret = SECURITY_SERVER_ERROR_PASSWORD_EXIST;
137 case SECURITY_SERVER_RETURN_CODE_PASSWORD_MISMATCH:
138 ret = SECURITY_SERVER_ERROR_PASSWORD_MISMATCH;
140 case SECURITY_SERVER_RETURN_CODE_PASSWORD_RETRY_TIMER:
141 ret = SECURITY_SERVER_ERROR_PASSWORD_RETRY_TIMER;
143 case SECURITY_SERVER_RETURN_CODE_PASSWORD_EXPIRED:
144 ret = SECURITY_SERVER_ERROR_PASSWORD_EXPIRED;
146 case SECURITY_SERVER_RETURN_CODE_PASSWORD_MAX_ATTEMPTS_EXCEEDED:
147 ret = SECURITY_SERVER_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED;
149 case SECURITY_SERVER_RETURN_CODE_PASSWORD_REUSED:
150 ret = SECURITY_SERVER_ERROR_PASSWORD_REUSED;
153 ret = SECURITY_SERVER_ERROR_UNKNOWN;
159 int check_socket_poll(int sockfd, int event, int timeout)
161 struct pollfd poll_fd[1];
162 int retval = SECURITY_SERVER_ERROR_POLL;
164 poll_fd[0].fd = sockfd;
165 poll_fd[0].events = event;
166 retval = poll(poll_fd, 1, timeout);
169 SEC_SVR_DBG("poll() error. errno=%d", errno);
171 return SECURITY_SERVER_ERROR_POLL;
174 /* Chile process has been closed. Not poll() problem. Call it once again */
175 return check_socket_poll(sockfd, event, timeout);
182 return SECURITY_SERVER_ERROR_TIMEOUT;
185 if(poll_fd[0].revents != event)
187 SEC_SVR_DBG("Something wrong on the peer socket. event=0x%x", poll_fd[0].revents);
188 return SECURITY_SERVER_ERROR_POLL;
190 return SECURITY_SERVER_SUCCESS;
193 int safe_server_sock_close(int client_sockfd)
195 struct pollfd poll_fd[1];
197 retval = SECURITY_SERVER_ERROR_POLL;
198 poll_fd[0].fd = client_sockfd;
199 poll_fd[0].events = POLLRDHUP;
200 retval = poll(poll_fd, 1, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
201 SEC_SVR_DBG("%s", "Server: Closing server socket");
202 close(client_sockfd);
203 return SECURITY_SERVER_SUCCESS;
206 /* Create a Unix domain socket and bind */
207 int create_new_socket(int *sockfd)
209 int retval = 0, localsockfd = 0, flags;
210 struct sockaddr_un serveraddr;
213 /* Deleted garbage Unix domain socket file */
214 retval = remove(SECURITY_SERVER_SOCK_PATH);
216 if (retval == -1 && errno != ENOENT) {
217 retval = SECURITY_SERVER_ERROR_UNKNOWN;
219 SEC_SVR_DBG("%s", "Unable to remove /tmp/.security_server.sock");
223 /* Create Unix domain socket */
224 if((localsockfd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0 )
226 retval = SECURITY_SERVER_ERROR_SOCKET;
228 SEC_SVR_DBG("%s", "Socket creation failed");
232 // If SMACK is present we have to label our sockets regardless of SMACK_ENABLED flag
233 if (smack_runtime_check()) {
234 if(smack_fsetlabel(localsockfd, "@", SMACK_LABEL_IPOUT) != 0)
236 SEC_SVR_DBG("%s", "SMACK labeling failed");
237 if(errno != EOPNOTSUPP)
239 retval = SECURITY_SERVER_ERROR_SOCKET;
245 if(smack_fsetlabel(localsockfd, "*", SMACK_LABEL_IPIN) != 0)
246 { SEC_SVR_DBG("%s", "SMACK labeling failed");
247 if(errno != EOPNOTSUPP)
249 retval = SECURITY_SERVER_ERROR_SOCKET;
257 SEC_SVR_DBG("SMACK is not available. Sockets won't be labeled.");
260 /* Make socket as non blocking */
261 if((flags = fcntl(localsockfd, F_GETFL, 0)) < 0 ||
262 fcntl(localsockfd, F_SETFL, flags | O_NONBLOCK) < 0)
264 retval = SECURITY_SERVER_ERROR_SOCKET;
267 SEC_SVR_DBG("%s", "Cannot go to nonblocking mode");
271 bzero (&serveraddr, sizeof(serveraddr));
272 serveraddr.sun_family = AF_UNIX;
273 strncpy(serveraddr.sun_path, SECURITY_SERVER_SOCK_PATH,
274 strlen(SECURITY_SERVER_SOCK_PATH));
275 serveraddr.sun_path[strlen(SECURITY_SERVER_SOCK_PATH)] = 0;
277 /* Bind the socket */
278 if((bind(localsockfd, (struct sockaddr *)&serveraddr, sizeof(serveraddr))) < 0)
280 retval = SECURITY_SERVER_ERROR_SOCKET_BIND;
281 SEC_SVR_DBG("%s", "Cannot bind");
288 /* Change permission to accept all processes that has different uID/gID */
289 sock_mode = (S_IRWXU | S_IRWXG | S_IRWXO);
290 /* Flawfinder hits this chmod function as level 5 CRITICAL as race condition flaw *
291 * Flawfinder recommends to user fchmod insted of chmod
292 * But, fchmod doesn't work on socket file so there is no other choice at this point */
293 if(chmod(SECURITY_SERVER_SOCK_PATH, sock_mode) < 0) /* Flawfinder: ignore */
295 SEC_SVR_DBG("%s", "chmod() error");
296 retval = SECURITY_SERVER_ERROR_SOCKET;
302 retval = SECURITY_SERVER_SUCCESS;
305 *sockfd = localsockfd;
309 /* Authenticate peer that it's really security server.
310 * Check UID that is root
312 int authenticate_server(int sockfd)
316 unsigned int cl = sizeof(cr);
317 /* char *exe = NULL;*/
319 /* get socket peer credential */
320 if(getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &cr, &cl) != 0)
322 retval = SECURITY_SERVER_ERROR_SOCKET;
323 SEC_SVR_DBG("%s", "getsockopt() failed");
327 /* Security server must run as root */
330 retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
331 SEC_SVR_DBG("Peer is not root: uid=%d", cr.uid);
335 retval = SECURITY_SERVER_SUCCESS;
337 /* Read command line of the PID from proc fs */
338 /* This is commented out because non root process cannot read link of /proc/pid/exe */
339 /* exe = read_exe_path_from_proc(cr.pid);
341 if(strcmp(exe, SECURITY_SERVER_DAEMON_PATH) != 0)
343 retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
344 SEC_SVR_DBG("Executable path is different. auth failed. Exe path=%s", exe);
348 retval = SECURITY_SERVER_SUCCESS;
349 SEC_SVR_DBG("Server authenticatd. %s, sockfd=%d", exe, sockfd);
359 /* Create a socket and connect to Security Server */
360 int connect_to_server(int *fd)
362 struct sockaddr_un clientaddr;
363 int client_len = 0, localsockfd, ret, flags;
366 /* Create a socket */
367 localsockfd = socket(AF_UNIX, SOCK_STREAM, 0);
370 SEC_SVR_DBG("%s", "Error on socket()");
371 return SECURITY_SERVER_ERROR_SOCKET;
374 /* Make socket as non blocking */
375 if((flags = fcntl(localsockfd, F_GETFL, 0)) < 0 ||
376 fcntl(localsockfd, F_SETFL, flags | O_NONBLOCK) < 0)
379 SEC_SVR_DBG("%s", "Cannot go to nonblocking mode");
380 return SECURITY_SERVER_ERROR_SOCKET;
383 bzero(&clientaddr, sizeof(clientaddr));
384 clientaddr.sun_family = AF_UNIX;
385 strncpy(clientaddr.sun_path, SECURITY_SERVER_SOCK_PATH, strlen(SECURITY_SERVER_SOCK_PATH));
386 clientaddr.sun_path[strlen(SECURITY_SERVER_SOCK_PATH)] = 0;
387 client_len = sizeof(clientaddr);
389 ret = connect(localsockfd, (struct sockaddr*)&clientaddr, client_len);
392 if(errno == EINPROGRESS)
394 SEC_SVR_DBG("%s", "Connection is in progress");
395 ret = check_socket_poll(localsockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
396 if(ret == SECURITY_SERVER_ERROR_POLL)
398 SEC_SVR_DBG("%s", "poll() error");
400 return SECURITY_SERVER_ERROR_SOCKET;
402 if(ret == SECURITY_SERVER_ERROR_TIMEOUT)
404 SEC_SVR_DBG("%s", "poll() timeout");
406 return SECURITY_SERVER_ERROR_SOCKET;
408 ret = connect(localsockfd, (struct sockaddr*)&clientaddr, client_len);
411 SEC_SVR_DBG("%s", "connection failed");
413 return SECURITY_SERVER_ERROR_SOCKET;
418 SEC_SVR_DBG("%s", "Connection failed");
420 return SECURITY_SERVER_ERROR_SOCKET;
424 /* Authenticate the peer is actually security server */
425 ret = authenticate_server(localsockfd);
426 if(ret != SECURITY_SERVER_SUCCESS)
429 SEC_SVR_DBG("Authentication failed. %d", ret);
433 return SECURITY_SERVER_SUCCESS;
436 /* Accept a new client connection */
437 int accept_client(int server_sockfd)
439 /* Call poll() to wait for socket connection */
440 int retval, localsockfd;
441 struct sockaddr_un clientaddr;
442 unsigned int client_len;
444 client_len = sizeof(clientaddr);
447 retval = check_socket_poll(server_sockfd, POLLIN, SECURITY_SERVER_ACCEPT_TIMEOUT_MILISECOND);
448 if(retval == SECURITY_SERVER_ERROR_POLL)
450 SEC_SVR_DBG("%s", "Error on polling");
451 return SECURITY_SERVER_ERROR_SOCKET;
455 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
457 /*SEC_SVR_DBG("%s", "accept() timeout");*/
458 return SECURITY_SERVER_ERROR_TIMEOUT;
461 localsockfd = accept(server_sockfd,
462 (struct sockaddr *)&clientaddr,
467 SEC_SVR_DBG("Cannot accept client. errno=%d", errno);
468 return SECURITY_SERVER_ERROR_SOCKET;
473 /* Minimal check of request packet */
474 int validate_header(basic_header hdr)
476 if(hdr.version != SECURITY_SERVER_MSG_VERSION)
477 return SECURITY_SERVER_ERROR_BAD_REQUEST;
479 return SECURITY_SERVER_SUCCESS;
482 /* Send generic response packet to client
484 * Generic Response Packet Format
486 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
487 |---------------------------------------------------------------|
488 | version=0x01 | Message ID |Message Length (without header)|
489 |---------------------------------------------------------------|
493 int send_generic_response (int sockfd, unsigned char msgid, unsigned char return_code)
498 /* Assemble header */
499 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
500 hdr.basic_hdr.msg_id = msgid;
501 hdr.basic_hdr.msg_len = 0;
502 hdr.return_code = return_code;
505 size = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
506 if(size == SECURITY_SERVER_ERROR_POLL)
508 SEC_SVR_DBG("%s", "poll() error");
509 return SECURITY_SERVER_ERROR_SEND_FAILED;
511 if(size == SECURITY_SERVER_ERROR_TIMEOUT)
513 SEC_SVR_DBG("%s", "poll() timeout");
514 return SECURITY_SERVER_ERROR_SEND_FAILED;
518 size = TEMP_FAILURE_RETRY(write(sockfd, &hdr, sizeof(hdr)));
520 if(size < (int)sizeof(hdr))
521 return SECURITY_SERVER_ERROR_SEND_FAILED;
522 return SECURITY_SERVER_SUCCESS;
525 /* Send cookie response to client
527 * Get Cookie response packet format
529 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
530 * |---------------------------------------------------------------|
531 * | version=0x01 |MessageID=0x02 | Message Length =20 |
532 * |---------------------------------------------------------------|
534 * ----------------- |
535 * | cookie (20 bytes) |
536 * |---------------------------------------------------------------|
538 int send_cookie(int sockfd, unsigned char *cookie)
541 unsigned char msg[SECURITY_SERVER_COOKIE_LEN + sizeof(hdr)];
544 /* Assemble header */
545 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
546 hdr.basic_hdr.msg_id = SECURITY_SERVER_MSG_TYPE_COOKIE_RESPONSE;
547 hdr.basic_hdr.msg_len = SECURITY_SERVER_COOKIE_LEN;
548 hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
550 memcpy(msg, &hdr, sizeof(hdr));
551 memcpy(msg + sizeof(hdr), cookie, SECURITY_SERVER_COOKIE_LEN);
554 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
555 if(ret == SECURITY_SERVER_ERROR_POLL)
557 SEC_SVR_DBG("%s", "poll() error");
558 return SECURITY_SERVER_ERROR_SEND_FAILED;
560 if(ret == SECURITY_SERVER_ERROR_TIMEOUT)
562 SEC_SVR_DBG("%s", "poll() timeout");
563 return SECURITY_SERVER_ERROR_SEND_FAILED;
566 ret = TEMP_FAILURE_RETRY(write(sockfd, msg, sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN));
567 if(ret < (int)(sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN))
569 /* Error on writing */
570 SEC_SVR_DBG("Error on write: %d", ret);
571 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
574 return SECURITY_SERVER_SUCCESS;
577 /* Send Object name response *
578 * Get Object name response packet format
580 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
581 * |---------------------------------------------------------------|
582 * | version=0x01 |MessageID=0x06 | Message Length |
583 * |---------------------------------------------------------------|
585 * ----------------- |
587 * |---------------------------------------------------------------|
589 int send_object_name(int sockfd, char *obj)
592 unsigned char msg[strlen(obj) + sizeof(hdr)];
595 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
596 hdr.basic_hdr.msg_id = 0x06;
597 hdr.basic_hdr.msg_len = strlen(obj);
598 hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
600 memcpy(msg, &hdr, sizeof(hdr));
601 memcpy(msg + sizeof(hdr), obj, strlen(obj));
604 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
605 if(ret == SECURITY_SERVER_ERROR_POLL)
607 SEC_SVR_DBG("%s", "poll() error");
608 return SECURITY_SERVER_ERROR_SEND_FAILED;
610 if(ret == SECURITY_SERVER_ERROR_TIMEOUT)
612 SEC_SVR_DBG("%s", "poll() timeout");
613 return SECURITY_SERVER_ERROR_SEND_FAILED;
616 ret = TEMP_FAILURE_RETRY(write(sockfd, msg, sizeof(hdr) + strlen(obj)));
617 if(ret < sizeof(hdr) + strlen(obj))
619 /* Error on writing */
620 SEC_SVR_DBG("Error on write: %d", ret);
621 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
624 return SECURITY_SERVER_SUCCESS;
627 /* Send GID response to client
629 * Get GID response packet format
631 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
632 * |---------------------------------------------------------------|
633 * | version=0x01 |MessageID=0x08 | Message Length = 4 |
634 * |---------------------------------------------------------------|
635 * | return code | gid (first 3 words) |
636 * |---------------------------------------------------------------|
640 int send_gid(int sockfd, int gid)
643 unsigned char msg[sizeof(gid) + sizeof(hdr)];
646 /* Assemble header */
647 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
648 hdr.basic_hdr.msg_id = SECURITY_SERVER_MSG_TYPE_GID_RESPONSE;
649 hdr.basic_hdr.msg_len = sizeof(gid);
650 hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
653 memcpy(msg, &hdr, sizeof(hdr));
654 memcpy(msg + sizeof(hdr), &gid, sizeof(gid));
657 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
658 if(ret == SECURITY_SERVER_ERROR_POLL)
660 SEC_SVR_DBG("%s", "poll() error");
661 return SECURITY_SERVER_ERROR_SEND_FAILED;
663 if(ret == SECURITY_SERVER_ERROR_TIMEOUT)
665 SEC_SVR_DBG("%s", "poll() timeout");
666 return SECURITY_SERVER_ERROR_SEND_FAILED;
670 ret = TEMP_FAILURE_RETRY(write(sockfd, msg, sizeof(hdr) + sizeof(gid)));
671 if(ret < sizeof(hdr) + sizeof(gid))
673 /* Error on writing */
674 SEC_SVR_DBG("Error on write(): %d", ret);
675 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
678 return SECURITY_SERVER_SUCCESS;
681 /* Send PID response to client
683 * Get PID response packet format
685 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
686 * |---------------------------------------------------------------|
687 * | version=0x01 |MessageID=0x0a | Message Length = 4 |
688 * |---------------------------------------------------------------|
689 * | return code | pid (first 3 words) |
690 * |---------------------------------------------------------------|
694 int send_pid(int sockfd, int pid)
697 unsigned char msg[sizeof(pid) + sizeof(hdr)];
700 /* Assemble header */
701 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
702 hdr.basic_hdr.msg_id = SECURITY_SERVER_MSG_TYPE_PID_RESPONSE;
703 hdr.basic_hdr.msg_len = sizeof(pid);
704 hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
707 memcpy(msg, &hdr, sizeof(hdr));
708 memcpy(msg + sizeof(hdr), &pid, sizeof(pid));
711 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
712 if(ret == SECURITY_SERVER_ERROR_POLL)
714 SEC_SVR_DBG("%s", "poll() error");
715 return SECURITY_SERVER_ERROR_SEND_FAILED;
717 if(ret == SECURITY_SERVER_ERROR_TIMEOUT)
719 SEC_SVR_DBG("%s", "poll() timeout");
720 return SECURITY_SERVER_ERROR_SEND_FAILED;
724 ret = TEMP_FAILURE_RETRY(write(sockfd, msg, sizeof(hdr) + sizeof(pid)));
725 if(ret < sizeof(hdr) + sizeof(pid))
727 /* Error on writing */
728 SEC_SVR_DBG("Error on write(): %d", ret);
729 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
732 return SECURITY_SERVER_SUCCESS;
735 /* Send SMACK label to client with lenght N
737 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
738 * |---------------------------------------------------------------|
739 * | version=0x01 |MessageID=0x1e | Message Length = SMACK_LABEL_LEN + 1
740 * |---------------------------------------------------------------|
741 * | return code | SMACK label byte 0 |
742 * |---------------------------------------------------------------|
743 * | .................. |
744 * |---------------------------------------------------------------|
745 * | SMACK label byte N |
746 * |---------------------------------------------------------------|
748 int send_smack(int sockfd, char * label)
751 //added 1 to the size is for NULL terminating label
752 int LABEL_SIZE = SMACK_LABEL_LEN + 1;
753 int PACKET_SIZE = sizeof(hdr) + LABEL_SIZE;
754 unsigned char msg[PACKET_SIZE];
757 /* Assemble header */
758 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
759 hdr.basic_hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SMACK_RESPONSE;
760 hdr.basic_hdr.msg_len = LABEL_SIZE;
761 hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
764 memcpy(msg, &hdr, sizeof(hdr));
765 memcpy(msg + sizeof(hdr), label, LABEL_SIZE);
766 memset(msg + sizeof(hdr) + SMACK_LABEL_LEN, 0x00, 1); //adding NULL ad the label end
769 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
770 if(ret == SECURITY_SERVER_ERROR_POLL)
772 SEC_SVR_DBG("%s", "poll() error");
773 return SECURITY_SERVER_ERROR_SEND_FAILED;
775 if(ret == SECURITY_SERVER_ERROR_TIMEOUT)
777 SEC_SVR_DBG("%s", "poll() timeout");
778 return SECURITY_SERVER_ERROR_SEND_FAILED;
782 ret = TEMP_FAILURE_RETRY(write(sockfd, msg, PACKET_SIZE));
783 if(ret < PACKET_SIZE)
785 /* Error on writing */
786 SEC_SVR_DBG("Error on write(): %d", ret);
787 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
790 return SECURITY_SERVER_SUCCESS;
793 /* Send Check password response to client
795 * Check password response packet format
797 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
798 * |---------------------------------------------------------------|
799 * | version=0x01 | MessageID | Message Length = 12 |
800 * |---------------------------------------------------------------|
801 * | return code | attempts (first 3 words) |
802 * |---------------------------------------------------------------|
803 * |attempts(rest) | max_attempts (first 3 words) |
804 * |---------------|-----------------------------------------------|
805 * | max_attempts | expire_in_days (first 3 words) |
806 * |---------------------------------------------------------------|
810 int send_pwd_response(const int sockfd,
811 const unsigned char msg_id,
812 const unsigned char return_code,
813 const unsigned int current_attempts,
814 const unsigned int max_attempts,
815 const unsigned int expire_time)
818 unsigned int expire_secs;
819 unsigned char msg[sizeof(hdr) + sizeof(current_attempts) + sizeof(max_attempts) + sizeof(expire_secs)];
823 /* Assemble header */
824 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
825 hdr.basic_hdr.msg_id = msg_id;
826 hdr.basic_hdr.msg_len = sizeof(unsigned int) * 3;
827 hdr.return_code = return_code;
830 memcpy(msg, &hdr, sizeof(hdr));
832 memcpy(msg + ptr, ¤t_attempts, sizeof(current_attempts));
833 ptr += sizeof(current_attempts);
834 memcpy(msg + ptr, &max_attempts, sizeof(max_attempts));
835 ptr += sizeof(max_attempts);
836 memcpy(msg + ptr, &expire_time, sizeof(expire_time));
837 ptr += sizeof(expire_time);
840 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
841 if(ret == SECURITY_SERVER_ERROR_POLL)
843 SEC_SVR_DBG("%s", "Server: poll() error");
844 return SECURITY_SERVER_ERROR_SEND_FAILED;
846 if(ret == SECURITY_SERVER_ERROR_TIMEOUT)
848 SEC_SVR_DBG("%s", "Server: poll() timeout");
849 return SECURITY_SERVER_ERROR_SEND_FAILED;
853 ret = TEMP_FAILURE_RETRY(write(sockfd, msg, ptr));
856 /* Error on writing */
857 SEC_SVR_DBG("Server: ERROR on write(): %d", ret);
858 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
861 return SECURITY_SERVER_SUCCESS;
864 /* Send cookie request packet to security server *
867 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
868 * |---------------------------------------------------------------|
869 * | version=0x01 |MessageID=0x01 | Message Length = 0 |
870 * |---------------------------------------------------------------|
872 int send_cookie_request(int sock_fd)
877 /* Assemble header */
878 hdr.version = SECURITY_SERVER_MSG_VERSION;
879 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_COOKIE_REQUEST;
883 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
884 if(retval == SECURITY_SERVER_ERROR_POLL)
886 SEC_SVR_DBG("%s", "poll() error");
887 return SECURITY_SERVER_ERROR_SEND_FAILED;
889 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
891 SEC_SVR_DBG("%s", "poll() timeout");
892 return SECURITY_SERVER_ERROR_SEND_FAILED;
896 retval = TEMP_FAILURE_RETRY(write(sock_fd, &hdr, sizeof(hdr)));
897 if(retval < sizeof(hdr))
900 SEC_SVR_DBG("Error on write(): %d", retval);
901 return SECURITY_SERVER_ERROR_SEND_FAILED;
903 return SECURITY_SERVER_SUCCESS;
906 /* Send GID request message to security server
909 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
910 * |---------------------------------------------------------------|
911 * | version=0x01 |MessageID=0x07 | Message Length = variable |
912 * |---------------------------------------------------------------|
914 * | Object name (variable) |
916 * |---------------------------------------------------------------|
918 int send_gid_request(int sock_fd, const char* object)
921 int retval = 0, send_len = 0;
922 unsigned char *buf = NULL;
924 if(strlen(object) > SECURITY_SERVER_MAX_OBJ_NAME)
926 /* Object name is too big*/
927 SEC_SVR_DBG("Object name is too big %dbytes", strlen(object));
928 return SECURITY_SERVER_ERROR_INPUT_PARAM;
931 hdr.version = SECURITY_SERVER_MSG_VERSION;
932 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_GID_REQUEST;
933 hdr.msg_len = strlen(object);
935 send_len = sizeof(hdr) + strlen(object);
937 buf = malloc(send_len);
940 SEC_SVR_DBG("%s", "out of memory");
941 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
944 memcpy(buf, &hdr, sizeof(hdr));
945 memcpy(buf + sizeof(hdr), object, strlen(object));
948 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
949 if(retval == SECURITY_SERVER_ERROR_POLL)
951 SEC_SVR_DBG("%s", "poll() error");
952 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
955 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
957 SEC_SVR_DBG("%s", "poll() timeout");
958 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
962 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, send_len));
963 if(retval < send_len)
966 SEC_SVR_DBG("Error on write(): %d. errno=%d, sockfd=%d", retval, errno, sock_fd);
967 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
970 retval = SECURITY_SERVER_SUCCESS;
979 /* Send object name request message to security server *
982 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
983 * |---------------------------------------------------------------|
984 * | version=0x01 |MessageID=0x05 | Message Length = 4 |
985 * |---------------------------------------------------------------|
987 * |---------------------------------------------------------------|
989 int send_object_name_request(int sock_fd, int gid)
993 unsigned char buf[sizeof(hdr) + sizeof(gid)];
995 /* Assemble header */
996 hdr.version = SECURITY_SERVER_MSG_VERSION;
997 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_OBJECT_NAME_REQUEST;
998 hdr.msg_len = sizeof(gid);
1000 memcpy(buf, &hdr, sizeof(hdr));
1001 memcpy(buf + sizeof(hdr), &gid, sizeof(gid));
1004 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1005 if(retval == SECURITY_SERVER_ERROR_POLL)
1007 SEC_SVR_DBG("%s", "poll() error");
1008 return SECURITY_SERVER_ERROR_SEND_FAILED;
1010 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1012 SEC_SVR_DBG("%s", "poll() timeout");
1013 return SECURITY_SERVER_ERROR_SEND_FAILED;
1016 /* Send to server */
1017 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, sizeof(buf)));
1018 if(retval < sizeof(buf))
1021 SEC_SVR_DBG("Error on write(): %d", retval);
1022 return SECURITY_SERVER_ERROR_SEND_FAILED;
1024 return SECURITY_SERVER_SUCCESS;
1027 /* Send privilege check request message to security server *
1030 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1031 * |---------------------------------------------------------------|
1032 * | version=0x01 |MessageID=0x03 | Message Length = 24 |
1033 * |---------------------------------------------------------------|
1036 * | Cookie (20bytes) |
1039 * |---------------------------------------------------------------|
1041 * |---------------------------------------------------------------|
1043 int send_privilege_check_request(int sock_fd, const char*cookie, int gid)
1047 unsigned char buf[sizeof(hdr) + sizeof(gid) + SECURITY_SERVER_COOKIE_LEN];
1049 /* Assemble header */
1050 hdr.version = SECURITY_SERVER_MSG_VERSION;
1051 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_REQUEST;
1052 hdr.msg_len = sizeof(gid) + SECURITY_SERVER_COOKIE_LEN;
1054 memcpy(buf, &hdr, sizeof(hdr));
1055 memcpy(buf + sizeof(hdr), cookie, SECURITY_SERVER_COOKIE_LEN);
1056 memcpy(buf + sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN, &gid, sizeof(gid));
1059 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1060 if(retval == SECURITY_SERVER_ERROR_POLL)
1062 SEC_SVR_DBG("%s", "poll() error");
1063 return SECURITY_SERVER_ERROR_SEND_FAILED;
1065 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1067 SEC_SVR_DBG("%s", "poll() timeout");
1068 return SECURITY_SERVER_ERROR_SEND_FAILED;
1071 /* Send to server */
1072 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, sizeof(buf)));
1073 if(retval < sizeof(buf))
1076 SEC_SVR_DBG("Error on write(): %d", retval);
1077 return SECURITY_SERVER_ERROR_SEND_FAILED;
1079 return SECURITY_SERVER_SUCCESS;
1082 int send_privilege_check_new_request(int sock_fd,
1085 const char *access_rights)
1092 olen = strlen(object);
1093 alen = strlen(access_rights);
1094 if (olen > MAX_OBJECT_LABEL_LEN || alen > MAX_MODE_STR_LEN)
1096 return SECURITY_SERVER_ERROR_INPUT_PARAM;
1099 unsigned char buf[sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN +
1100 2*sizeof(int) + MAX_OBJECT_LABEL_LEN + MAX_MODE_STR_LEN];
1102 /* Assemble header */
1103 hdr.version = SECURITY_SERVER_MSG_VERSION;
1104 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_NEW_REQUEST;
1105 hdr.msg_len = SECURITY_SERVER_COOKIE_LEN + 2*sizeof(int) + olen + alen;
1107 memcpy(buf, &hdr, sizeof(hdr));
1108 memcpy(buf + sizeof(hdr), cookie, SECURITY_SERVER_COOKIE_LEN);
1109 memcpy(buf + sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN, &olen, sizeof(int));
1110 memcpy(buf + sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN + sizeof(int),
1111 &alen, sizeof(int));
1112 memcpy(buf + sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN + 2*sizeof(int), object, olen);
1113 memcpy(buf + sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN + 2*sizeof(int) + olen,
1114 access_rights, alen);
1117 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1118 if(retval == SECURITY_SERVER_ERROR_POLL)
1120 SEC_SVR_DBG("%s", "poll() error");
1121 return SECURITY_SERVER_ERROR_SEND_FAILED;
1123 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1125 SEC_SVR_DBG("%s", "poll() timeout");
1126 return SECURITY_SERVER_ERROR_SEND_FAILED;
1129 size = sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN + 2*sizeof(int) + olen + alen;
1130 /* Send to server */
1131 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, size));
1135 SEC_SVR_DBG("Error on write(): %d", retval);
1136 return SECURITY_SERVER_ERROR_SEND_FAILED;
1138 return SECURITY_SERVER_SUCCESS;
1141 /* Send SMACK request message to security server *
1144 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1145 * |---------------------------------------------------------------|
1146 * | version=0x01 |MessageID=0x1d | Message Length = 20 |
1147 * |---------------------------------------------------------------|
1150 * | Cookie (20bytes) |
1153 * |---------------------------------------------------------------|
1155 int send_smack_request(int sock_fd, const char * cookie)
1159 unsigned char buf[sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN];
1161 /* Assemble header */
1162 hdr.version = SECURITY_SERVER_MSG_VERSION;
1163 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SMACK_REQUEST;
1164 hdr.msg_len = SECURITY_SERVER_COOKIE_LEN;
1166 memcpy(buf, &hdr, sizeof(hdr));
1167 memcpy(buf + sizeof(hdr), cookie, SECURITY_SERVER_COOKIE_LEN);
1170 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1171 if(retval == SECURITY_SERVER_ERROR_POLL)
1173 SEC_SVR_DBG("%s", "poll() error");
1174 return SECURITY_SERVER_ERROR_SEND_FAILED;
1176 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1178 SEC_SVR_DBG("%s", "poll() timeout");
1179 return SECURITY_SERVER_ERROR_SEND_FAILED;
1182 /* Send to server */
1183 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, sizeof(buf)));
1184 if(retval < sizeof(buf))
1187 SEC_SVR_DBG("Error on write(): %d", retval);
1188 return SECURITY_SERVER_ERROR_SEND_FAILED;
1190 return SECURITY_SERVER_SUCCESS;
1194 //MSG_ID: 0x1f (SECURITY_SERVER_MSG_TYPE_CHECK_PID_PRIVILEGE_REQUEST)
1195 //DATA_SIZE: strlen(object) + 1 + strlen(access_rights) + 1
1196 int send_pid_privilege_request(int sockfd, int pid, const char *object, const char *access_rights)
1207 SEC_SVR_DBG("%s", "Error input param");
1208 retval = SECURITY_SERVER_ERROR_INPUT_PARAM;
1212 if (object == NULL) {
1213 SEC_SVR_DBG("%s", "Error input param");
1214 retval = SECURITY_SERVER_ERROR_INPUT_PARAM;
1219 //+1 for the '\0' at string end
1221 message_size = sizeof(int) + strlen(object) + 1 + strlen(access_rights) + 1;
1222 buff = (char *)malloc(message_size + sizeof(hdr));
1224 SEC_SVR_DBG("%s", "malloc() error");
1225 retval = SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1230 bzero(buff, message_size + sizeof(hdr));
1233 hdr.version = SECURITY_SERVER_MSG_VERSION;
1235 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_CHECK_PID_PRIVILEGE_REQUEST;
1236 //set message size without header (data size)
1237 hdr.msg_len = message_size;
1239 //copy message fields to buffer
1241 memcpy(&buff[offset], &hdr, sizeof(hdr));
1242 offset += sizeof(hdr);
1244 memcpy(&buff[offset], &pid, sizeof(pid));
1245 offset += sizeof(pid);
1246 //add *object with NULL at the end
1247 memcpy(&buff[offset], object, strlen(object));
1248 offset += strlen(object);
1251 //add *access_rights with NULL at the end
1252 memcpy(&buff[offset], access_rights, strlen(access_rights));
1253 offset += strlen(access_rights);
1257 retval = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1258 if (retval == SECURITY_SERVER_ERROR_POLL) {
1259 SEC_SVR_DBG("%s", "poll() error");
1260 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1264 if (retval == SECURITY_SERVER_ERROR_TIMEOUT) {
1265 SEC_SVR_DBG("%s", "poll() timeout");
1266 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1271 retval = TEMP_FAILURE_RETRY(write(sockfd, buff, message_size + sizeof(hdr)));
1272 if (retval < message_size) {
1274 SEC_SVR_DBG("Error on write(): %d", retval);
1275 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1278 retval = SECURITY_SERVER_SUCCESS;
1286 /* Send PID check request message to security server *
1289 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1290 * |---------------------------------------------------------------|
1291 * | version=0x01 |MessageID=0x09 | Message Length = 20 |
1292 * |---------------------------------------------------------------|
1295 * | Cookie (20bytes) |
1298 * |---------------------------------------------------------------|
1300 int send_pid_request(int sock_fd, const char*cookie)
1304 unsigned char buf[sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN];
1306 /* Assemble header */
1307 hdr.version = SECURITY_SERVER_MSG_VERSION;
1308 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_PID_REQUEST;
1309 hdr.msg_len = SECURITY_SERVER_COOKIE_LEN;
1311 memcpy(buf, &hdr, sizeof(hdr));
1312 memcpy(buf + sizeof(hdr), cookie, SECURITY_SERVER_COOKIE_LEN);
1315 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1316 if(retval == SECURITY_SERVER_ERROR_POLL)
1318 SEC_SVR_DBG("%s", "poll() error");
1319 return SECURITY_SERVER_ERROR_SEND_FAILED;
1321 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1323 SEC_SVR_DBG("%s", "poll() timeout");
1324 return SECURITY_SERVER_ERROR_SEND_FAILED;
1327 /* Send to server */
1328 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, sizeof(buf)));
1329 if(retval < sizeof(buf))
1332 SEC_SVR_DBG("Error on write(): %d", retval);
1333 return SECURITY_SERVER_ERROR_SEND_FAILED;
1335 return SECURITY_SERVER_SUCCESS;
1339 /* Send debug tool launch request message to security server *
1342 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1343 * |---------------------------------------------------------------|
1344 * | version=0x01 |MessageID=0x0b | Message Length |
1345 * |---------------------------------------------------------------|
1346 * | total # of args |
1347 * |---------------------------------------------------------------|
1348 * | 1st argv length |
1349 * |---------------------------------------------------------------|
1353 * |---------------------------------------------------------------|
1354 * | 2nd argv length |
1355 * |---------------------------------------------------------------|
1359 * |---------------------------------------------------------------|
1361 * |---------------------------------------------------------------|
1362 * | nth argv length |
1363 * |---------------------------------------------------------------|
1367 * |---------------------------------------------------------------|
1369 int send_launch_tool_request(int sock_fd, int argc, const char **argv)
1372 int retval, total_length = 0, ptr, i, tempnum;
1373 unsigned char *buf = NULL;
1375 for (i=0;i<argc;i++)
1379 SEC_SVR_DBG("Error: %dth argv is NULL", i);
1380 return SECURITY_SERVER_ERROR_INPUT_PARAM;
1382 total_length += strlen(argv[i]);
1385 if(total_length < 1)
1387 SEC_SVR_DBG("Error: There is a problem in argv. [%d]", total_length);
1388 return SECURITY_SERVER_ERROR_INPUT_PARAM;
1390 total_length += sizeof(hdr) + sizeof(int) +(argc * sizeof(int));
1392 if(total_length > 0xffff)
1394 SEC_SVR_DBG("Buffer overflow. too big payload. [%d]", total_length);
1395 return SECURITY_SERVER_ERROR_INPUT_PARAM;
1398 buf = malloc(total_length);
1401 SEC_SVR_DBG("%s", "Error: failed to malloc()");
1402 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1405 /* Assemble header */
1406 hdr.version = SECURITY_SERVER_MSG_VERSION;
1407 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_TOOL_REQUEST;
1408 hdr.msg_len = (unsigned short)total_length;
1409 memcpy(buf, &hdr, sizeof(hdr));
1411 memcpy(buf + ptr, &argc, sizeof(int));
1414 /* Assemple each argv length and value */
1417 tempnum = strlen(argv[i]);
1418 memcpy(buf + ptr, &tempnum, sizeof(int));
1420 memcpy(buf + ptr, argv[i], tempnum);
1425 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1426 if(retval == SECURITY_SERVER_ERROR_POLL)
1428 SEC_SVR_DBG("%s", "poll() error");
1429 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1433 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1435 SEC_SVR_DBG("%s", "poll() timeout");
1436 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1440 /* Send to server */
1441 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, total_length));
1442 if(retval < sizeof(buf))
1445 SEC_SVR_DBG("Error on write(): %d", retval);
1446 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1449 retval = SECURITY_SERVER_SUCCESS;
1457 /* Send validate password request message to security server *
1460 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1461 * |---------------------------------------------------------------|
1462 * | version=0x01 |MessageID=0x0d | Message Length |
1463 * |---------------------------------------------------------------|
1465 int send_valid_pwd_request(int sock_fd)
1470 hdr.version = SECURITY_SERVER_MSG_VERSION;
1471 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_VALID_PWD_REQUEST;
1475 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1476 if(retval == SECURITY_SERVER_ERROR_POLL)
1478 SEC_SVR_DBG("%s", "poll() error");
1479 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1483 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1485 SEC_SVR_DBG("%s", "poll() timeout");
1486 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1490 /* Send to server */
1491 retval = TEMP_FAILURE_RETRY(write(sock_fd, &hdr, sizeof(hdr)));
1492 if(retval < sizeof(hdr))
1495 SEC_SVR_DBG("Error on write(): %d", retval);
1496 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1499 retval = SECURITY_SERVER_SUCCESS;
1505 /* Send password set request message to security server *
1508 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1509 * |---------------------------------------------------------------|
1510 * | version=0x01 |MessageID=0x0f | Message Length |
1511 * |---------------------------------------------------------------|
1512 * | cur_pwd_len | new_pwd_len | |
1513 * |-------------------------------- |
1515 * |---------------------------------------------------------------|
1519 * |---------------------------------------------------------------|
1521 * |---------------------------------------------------------------|
1523 * |---------------------------------------------------------------|
1525 int send_set_pwd_request(int sock_fd,
1528 const unsigned int max_challenge,
1529 const unsigned int valid_period_in_days)
1532 int retval, total_length = 0, ptr;
1533 unsigned char *buf = NULL, cur_pwd_len, new_pwd_len;
1538 cur_pwd_len = strlen(cur_pwd);
1539 new_pwd_len = strlen(new_pwd);
1541 total_length += sizeof(hdr) + sizeof(char) + sizeof(char) + cur_pwd_len
1542 + new_pwd_len + sizeof(unsigned int) + sizeof(unsigned int);
1544 buf = malloc(total_length);
1547 SEC_SVR_DBG("%s", "Error: failed to malloc()");
1548 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1551 /* Assemble header */
1552 hdr.version = SECURITY_SERVER_MSG_VERSION;
1553 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SET_PWD_REQUEST;
1554 hdr.msg_len = (unsigned short)total_length;
1555 memcpy(buf, &hdr, sizeof(hdr));
1557 memcpy(buf + ptr, &cur_pwd_len, sizeof(char));
1558 ptr += sizeof(char);
1559 memcpy(buf + ptr, &new_pwd_len, sizeof(char));
1560 ptr += sizeof(char);
1563 memcpy(buf + ptr, cur_pwd, cur_pwd_len);
1566 memcpy(buf + ptr, new_pwd, new_pwd_len);
1568 memcpy(buf + ptr, &max_challenge, sizeof(unsigned int));
1569 ptr += sizeof(unsigned int);
1570 memcpy(buf + ptr, &valid_period_in_days, sizeof(unsigned int));
1573 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1574 if(retval == SECURITY_SERVER_ERROR_POLL)
1576 SEC_SVR_DBG("%s", "poll() error");
1577 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1581 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1583 SEC_SVR_DBG("%s", "poll() timeout");
1584 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1588 /* Send to server */
1589 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, total_length));
1590 if(retval < sizeof(buf))
1593 SEC_SVR_DBG("Error on write(): %d", retval);
1594 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1597 retval = SECURITY_SERVER_SUCCESS;
1605 /* Send password validity change request message to security server *
1608 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1609 * |---------------------------------------------------------------|
1610 * | version=0x01 |MessageID=0x0f | Message Length |
1611 * |---------------------------------------------------------------|
1613 * |---------------------------------------------------------------|
1615 int send_set_pwd_validity_request(int sock_fd, const unsigned int valid_period_in_days)
1618 int retval, total_length = 0, ptr;
1619 unsigned char *buf = NULL;
1621 total_length = sizeof(hdr) + sizeof(unsigned int);
1623 buf = malloc(total_length);
1626 SEC_SVR_DBG("%s", "Error: failed to malloc()");
1627 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1630 /* Assemble header */
1631 hdr.version = SECURITY_SERVER_MSG_VERSION;
1632 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SET_PWD_VALIDITY_REQUEST;
1633 hdr.msg_len = (unsigned short)total_length;
1634 memcpy(buf, &hdr, sizeof(hdr));
1636 memcpy(buf + ptr, &valid_period_in_days, sizeof(unsigned int));
1639 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1640 if(retval == SECURITY_SERVER_ERROR_POLL)
1642 SEC_SVR_DBG("%s", "poll() error");
1643 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1647 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1649 SEC_SVR_DBG("%s", "poll() timeout");
1650 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1654 /* Send to server */
1655 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, total_length));
1656 if(retval < sizeof(buf))
1659 SEC_SVR_DBG("Error on write(): %d", retval);
1660 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1663 retval = SECURITY_SERVER_SUCCESS;
1671 /* Send password max challenge request message to security server *
1674 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1675 * |---------------------------------------------------------------|
1676 * | version=0x01 |MessageID=0x0f | Message Length |
1677 * |---------------------------------------------------------------|
1679 * |---------------------------------------------------------------|
1681 int send_set_pwd_max_challenge_request(int sock_fd, const unsigned int max_challenge)
1684 int retval, total_length = 0, ptr;
1685 unsigned char *buf = NULL;
1687 total_length = sizeof(hdr) + sizeof(unsigned int);
1689 buf = malloc(total_length);
1692 SEC_SVR_DBG("%s", "Error: failed to malloc()");
1693 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1696 /* Assemble header */
1697 hdr.version = SECURITY_SERVER_MSG_VERSION;
1698 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SET_PWD_MAX_CHALLENGE_REQUEST;
1699 hdr.msg_len = (unsigned short)total_length;
1700 memcpy(buf, &hdr, sizeof(hdr));
1702 memcpy(buf + ptr, &max_challenge, sizeof(unsigned int));
1705 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1706 if(retval == SECURITY_SERVER_ERROR_POLL)
1708 SEC_SVR_DBG("%s", "poll() error");
1709 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1713 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1715 SEC_SVR_DBG("%s", "poll() timeout");
1716 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1720 /* Send to server */
1721 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, total_length));
1722 if(retval < sizeof(buf))
1725 SEC_SVR_DBG("Error on write(): %d", retval);
1726 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1729 retval = SECURITY_SERVER_SUCCESS;
1737 /* Send password reset request message to security server *
1740 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1741 * |---------------------------------------------------------------|
1742 * | version=0x01 |MessageID=0x11 | Message Length |
1743 * |---------------------------------------------------------------|
1745 * |---------------------------------------------------------------|
1749 * |---------------------------------------------------------------|
1751 * |---------------------------------------------------------------|
1753 * |---------------------------------------------------------------|
1755 int send_reset_pwd_request(int sock_fd,
1757 const unsigned int max_challenge,
1758 const unsigned int valid_period_in_days)
1761 int retval, total_length = 0, ptr;
1762 unsigned char *buf = NULL, new_pwd_len;
1764 new_pwd_len = strlen(new_pwd);
1766 total_length += sizeof(hdr) + sizeof(char) + new_pwd_len + sizeof(unsigned int) +
1767 sizeof(unsigned int);
1769 buf = malloc(total_length);
1772 SEC_SVR_DBG("%s", "Error: failed to malloc()");
1773 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1776 /* Assemble header */
1777 hdr.version = SECURITY_SERVER_MSG_VERSION;
1778 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_RESET_PWD_REQUEST;
1779 hdr.msg_len = (unsigned short)total_length;
1780 memcpy(buf, &hdr, sizeof(hdr));
1782 memcpy(buf + ptr, &new_pwd_len, sizeof(char));
1783 ptr += sizeof(char);
1784 memcpy(buf + ptr, new_pwd, new_pwd_len);
1786 memcpy(buf + ptr, &max_challenge, sizeof(unsigned int));
1787 ptr += sizeof(unsigned int);
1788 memcpy(buf + ptr, &valid_period_in_days, sizeof(unsigned int));
1791 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1792 if(retval == SECURITY_SERVER_ERROR_POLL)
1794 SEC_SVR_DBG("%s", "poll() error");
1795 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1799 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1801 SEC_SVR_DBG("%s", "poll() timeout");
1802 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1806 /* Send to server */
1807 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, total_length));
1808 if(retval < sizeof(buf))
1811 SEC_SVR_DBG("Error on write(): %d", retval);
1812 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1815 retval = SECURITY_SERVER_SUCCESS;
1823 /* Send password check request message to security server *
1826 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1827 * |---------------------------------------------------------------|
1828 * | version=0x01 |MessageID=0x13 | Message Length |
1829 * |---------------------------------------------------------------|
1830 * | challenge_len | |
1831 * |--------------- |
1833 * |---------------------------------------------------------------|
1835 int send_chk_pwd_request(int sock_fd, const char*challenge)
1838 int retval, total_length = 0, ptr;
1839 unsigned char *buf = NULL, challenge_len;
1841 challenge_len = strlen(challenge);
1843 total_length += sizeof(hdr) + sizeof(char) + challenge_len;
1845 buf = malloc(total_length);
1848 SEC_SVR_DBG("%s", "Error: failed to malloc()");
1849 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1852 /* Assemble header */
1853 hdr.version = SECURITY_SERVER_MSG_VERSION;
1854 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_CHK_PWD_REQUEST;
1855 hdr.msg_len = (unsigned short)total_length;
1856 memcpy(buf, &hdr, sizeof(hdr));
1858 memcpy(buf + ptr, &challenge_len, sizeof(char));
1859 ptr += sizeof(char);
1860 memcpy(buf + ptr, challenge, challenge_len);
1861 ptr += sizeof(char);
1864 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1865 if(retval == SECURITY_SERVER_ERROR_POLL)
1867 SEC_SVR_DBG("%s", "poll() error");
1868 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1872 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1874 SEC_SVR_DBG("%s", "poll() timeout");
1875 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1879 /* Send to server */
1880 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, total_length));
1881 if(retval < sizeof(buf))
1884 SEC_SVR_DBG("Error on write(): %d", retval);
1885 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1888 retval = SECURITY_SERVER_SUCCESS;
1896 /* Send password history set request message to security server *
1899 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1900 * |---------------------------------------------------------------|
1901 * | version=0x01 |MessageID=0x15 | Message Length |
1902 * |---------------------------------------------------------------|
1906 int send_set_pwd_history_request(int sock_fd, int num)
1909 int retval, total_length = 0, ptr;
1910 unsigned char history;
1911 unsigned char buf[sizeof(hdr) + sizeof(history)];
1913 total_length = sizeof(hdr) + sizeof(char);
1914 history = (unsigned char) num;
1916 /* Assemble header */
1917 hdr.version = SECURITY_SERVER_MSG_VERSION;
1918 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SET_PWD_HISTORY_REQUEST;
1919 hdr.msg_len = (unsigned short)total_length;
1920 memcpy(buf, &hdr, sizeof(hdr));
1922 memcpy(buf + ptr, &history, sizeof(char));
1923 ptr += sizeof(char);
1926 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1927 if(retval == SECURITY_SERVER_ERROR_POLL)
1929 SEC_SVR_DBG("%s", "poll() error");
1930 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1934 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1936 SEC_SVR_DBG("%s", "poll() timeout");
1937 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1941 /* Send to server */
1942 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, ptr));
1943 if(retval < sizeof(buf))
1946 SEC_SVR_DBG("Error on write(): %d", retval);
1947 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1950 retval = SECURITY_SERVER_SUCCESS;
1956 /* Receive request header */
1957 int recv_hdr(int client_sockfd, basic_header *basic_hdr)
1962 retval = check_socket_poll(client_sockfd, POLLIN, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1963 if(retval == SECURITY_SERVER_ERROR_POLL)
1965 SEC_SVR_DBG("%s", "poll() error");
1966 return SECURITY_SERVER_ERROR_SOCKET;
1968 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1970 SEC_SVR_DBG("%s", "poll() timeout");
1971 return SECURITY_SERVER_ERROR_TIMEOUT;
1974 /* Receive request header first */
1975 retval = TEMP_FAILURE_RETRY(read(client_sockfd, basic_hdr, sizeof(basic_header)));
1976 if(retval < sizeof(basic_header))
1978 SEC_SVR_DBG("read failed. closing socket %d", retval);
1979 return SECURITY_SERVER_ERROR_RECV_FAILED;
1982 /* Validate header */
1983 retval = validate_header(*basic_hdr);
1988 /* Receive check privilege request packet body */
1989 int recv_check_privilege_request(int sockfd, unsigned char *requested_cookie, int *requested_privilege)
1992 retval = TEMP_FAILURE_RETRY(read(sockfd, requested_cookie, SECURITY_SERVER_COOKIE_LEN));
1993 if(retval < SECURITY_SERVER_COOKIE_LEN)
1995 SEC_SVR_DBG("Received cookie size is too small: %d", retval);
1996 return SECURITY_SERVER_ERROR_RECV_FAILED;
1999 retval = TEMP_FAILURE_RETRY(read(sockfd, requested_privilege, sizeof(int)));
2000 if(retval < sizeof(int))
2002 SEC_SVR_DBG("privilege size is too small: %d", retval);
2003 return SECURITY_SERVER_ERROR_RECV_FAILED;
2005 return SECURITY_SERVER_SUCCESS;
2008 /* Receive check privilege request packet body (new mode)*/
2009 int recv_check_privilege_new_request(int sockfd,
2010 unsigned char *requested_cookie,
2012 char *access_rights)
2017 retval = TEMP_FAILURE_RETRY(read(sockfd, requested_cookie, SECURITY_SERVER_COOKIE_LEN));
2018 if(retval < SECURITY_SERVER_COOKIE_LEN)
2020 SEC_SVR_DBG("Received cookie size is too small: %d", retval);
2021 return SECURITY_SERVER_ERROR_RECV_FAILED;
2024 retval = TEMP_FAILURE_RETRY(read(sockfd, &olen, sizeof(int)));
2025 if(retval < sizeof(int) || olen < 0 || olen > MAX_OBJECT_LABEL_LEN)
2027 SEC_SVR_DBG("error reading object_label len: %d", retval);
2028 return SECURITY_SERVER_ERROR_RECV_FAILED;
2031 retval = TEMP_FAILURE_RETRY(read(sockfd, &alen, sizeof(int)));
2032 if(retval < sizeof(int) || alen < 0 || alen > MAX_MODE_STR_LEN)
2034 SEC_SVR_DBG("error reading access_rights len: %d", retval);
2035 return SECURITY_SERVER_ERROR_RECV_FAILED;
2038 retval = TEMP_FAILURE_RETRY(read(sockfd, object_label, olen));
2041 SEC_SVR_DBG("error reading object_label: %d", retval);
2042 return SECURITY_SERVER_ERROR_RECV_FAILED;
2044 object_label[olen] = '\0';
2046 retval = TEMP_FAILURE_RETRY(read(sockfd, access_rights, alen));
2049 SEC_SVR_DBG("error reading access_rights: %d", retval);
2050 return SECURITY_SERVER_ERROR_RECV_FAILED;
2052 access_rights[alen] = '\0';
2054 return SECURITY_SERVER_SUCCESS;
2057 /* Receive pid request packet body */
2058 int recv_pid_request(int sockfd, unsigned char *requested_cookie)
2061 retval = TEMP_FAILURE_RETRY(read(sockfd, requested_cookie, SECURITY_SERVER_COOKIE_LEN));
2062 if(retval < SECURITY_SERVER_COOKIE_LEN)
2064 SEC_SVR_DBG("Received cookie size is too small: %d", retval);
2065 return SECURITY_SERVER_ERROR_RECV_FAILED;
2067 return SECURITY_SERVER_SUCCESS;
2070 /* receiving cookie from package */
2071 int recv_smack_request(int sockfd, unsigned char *requested_cookie)
2074 retval = TEMP_FAILURE_RETRY(read(sockfd, requested_cookie, SECURITY_SERVER_COOKIE_LEN));
2075 if(retval < SECURITY_SERVER_COOKIE_LEN)
2077 SEC_SVR_DBG("Received cookie size is too small: %d", retval);
2078 return SECURITY_SERVER_ERROR_RECV_FAILED;
2080 return SECURITY_SERVER_SUCCESS;
2083 int recv_pid_privilege_request(int sockfd, int datasize, int * pid, char ** object, char ** access_rights)
2087 int object_size = 0;
2088 int access_rights_size = 0;
2090 buff = (char *)malloc(datasize);
2092 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
2094 //receive all data to buffer
2095 retval = TEMP_FAILURE_RETRY(read(sockfd, buff, datasize));
2096 if (retval < datasize) {
2097 SEC_SVR_DBG("Received data size is too small: %d / %d", retval, datasize);
2098 retval = SECURITY_SERVER_ERROR_RECV_FAILED;
2103 memcpy(pid, buff, sizeof(int));
2106 while (buff[sizeof(int) + object_size] != '\0') {
2109 if (object_size > datasize) {
2110 SEC_SVR_DBG("%s", "Wrong object_size");
2111 retval = SECURITY_SERVER_ERROR_UNKNOWN;
2115 object_size++; //for '\0' at end
2117 *object = (char *)malloc(object_size);
2118 memcpy(*object, buff + sizeof(int), object_size);
2121 access_rights_size = datasize - sizeof(int) - object_size;
2122 *access_rights = (char *)malloc(access_rights_size);
2123 memcpy(*access_rights, buff + sizeof(int) + object_size, access_rights_size);
2125 SEC_SVR_DBG("%s %d", "Received PID:", *pid);
2126 SEC_SVR_DBG("%s %s", "Received object:", *object);
2127 SEC_SVR_DBG("%s %s", "Received privileges:", *access_rights);
2129 retval = SECURITY_SERVER_SUCCESS;
2138 /* Receive pid request packet body */
2139 /* Table argv and content will be freed by function caller */
2140 int recv_launch_tool_request(int sockfd, int argc, char *argv[])
2142 int retval, i, argv_len;
2144 argv[0] = malloc(strlen(SECURITY_SERVER_DEBUG_TOOL_PATH) + 1);
2145 strncpy(argv[0], SECURITY_SERVER_DEBUG_TOOL_PATH, (strlen(SECURITY_SERVER_DEBUG_TOOL_PATH) + 1));
2149 retval = TEMP_FAILURE_RETRY(read(sockfd, &argv_len, sizeof(int)));
2150 if(retval < sizeof(int))
2152 SEC_SVR_DBG("Error: argv length recieve failed: %d", retval);
2153 return SECURITY_SERVER_ERROR_RECV_FAILED;
2156 if(argv_len <= 0 || argv_len >= INT_MAX)
2158 SEC_SVR_DBG("Error: argv length out of boundaries");
2159 return SECURITY_SERVER_ERROR_RECV_FAILED;
2162 argv[i] = malloc(argv_len + 1);
2165 SEC_SVR_DBG("Error: malloc() failed: %d", retval);
2166 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
2169 memset(argv[i], 0x00, argv_len + 1);
2170 retval = TEMP_FAILURE_RETRY(read(sockfd, argv[i], argv_len));
2171 if(retval < argv_len)
2173 SEC_SVR_DBG("Error: argv recieve failed: %d", retval);
2174 return SECURITY_SERVER_ERROR_RECV_FAILED;
2178 return SECURITY_SERVER_SUCCESS;
2181 int recv_generic_response(int sockfd, response_header *hdr)
2186 retval = check_socket_poll(sockfd, POLLIN, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
2187 if(retval == SECURITY_SERVER_ERROR_POLL)
2189 SEC_SVR_DBG("%s", "Client: poll() error");
2190 return SECURITY_SERVER_ERROR_RECV_FAILED;
2192 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
2194 SEC_SVR_DBG("%s", "Client: poll() timeout");
2195 return SECURITY_SERVER_ERROR_RECV_FAILED;
2198 /* Receive response */
2199 retval = TEMP_FAILURE_RETRY(read(sockfd, hdr, sizeof(response_header)));
2200 if(retval < sizeof(response_header) )
2202 /* Error on socket */
2203 SEC_SVR_DBG("Client: Receive failed %d", retval);
2204 return SECURITY_SERVER_ERROR_RECV_FAILED;
2207 if(hdr->return_code != SECURITY_SERVER_RETURN_CODE_SUCCESS)
2209 SEC_SVR_DBG("Client: return code is not success: %d", hdr->return_code);
2210 return return_code_to_error_code(hdr->return_code);
2212 return SECURITY_SERVER_SUCCESS;
2215 int recv_get_gid_response(int sockfd, response_header *hdr, int *gid)
2219 retval = recv_generic_response(sockfd, hdr);
2220 if(retval != SECURITY_SERVER_SUCCESS)
2221 return return_code_to_error_code(hdr->return_code);
2223 retval = TEMP_FAILURE_RETRY(read(sockfd, gid, sizeof(int)));
2224 if(retval < sizeof(int))
2226 /* Error on socket */
2227 SEC_SVR_DBG("Receive failed %d", retval);
2228 return SECURITY_SERVER_ERROR_RECV_FAILED;
2230 return SECURITY_SERVER_SUCCESS;
2233 int recv_get_object_name(int sockfd, response_header *hdr, char *object, int max_object_size)
2236 char *local_obj_name = NULL;
2239 retval = check_socket_poll(sockfd, POLLIN, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
2240 if(retval == SECURITY_SERVER_ERROR_POLL)
2242 SEC_SVR_DBG("%s", "poll() error");
2243 return SECURITY_SERVER_ERROR_RECV_FAILED;
2245 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
2247 SEC_SVR_DBG("%s", "poll() timeout");
2248 return SECURITY_SERVER_ERROR_RECV_FAILED;
2252 retval = TEMP_FAILURE_RETRY(read(sockfd, hdr, sizeof(response_header)));
2253 if(retval < sizeof(response_header))
2255 /* Error on socket */
2256 SEC_SVR_DBG("cannot recv respons: %d", retval);
2257 return SECURITY_SERVER_ERROR_RECV_FAILED;
2260 if(hdr->return_code == SECURITY_SERVER_RETURN_CODE_SUCCESS)
2262 if(max_object_size < hdr->basic_hdr.msg_len)
2264 SEC_SVR_DBG("Object name is too small need %d bytes, but %d bytes", hdr->basic_hdr.msg_len, max_object_size);
2265 return SECURITY_SERVER_ERROR_BUFFER_TOO_SMALL;
2267 if(hdr->basic_hdr.msg_len > SECURITY_SERVER_MAX_OBJ_NAME)
2269 SEC_SVR_DBG("Received object name is too big. %d", hdr->basic_hdr.msg_len);
2270 return SECURITY_SERVER_ERROR_BAD_RESPONSE;
2273 local_obj_name = malloc(hdr->basic_hdr.msg_len + 1);
2274 if(local_obj_name == NULL)
2276 SEC_SVR_DBG("%s", "Out of memory error");
2277 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
2280 retval = TEMP_FAILURE_RETRY(read(sockfd, local_obj_name, hdr->basic_hdr.msg_len));
2281 if(retval < (hdr->basic_hdr.msg_len))
2283 /* Error on socket */
2284 SEC_SVR_DBG("read() failed: %d", retval);
2285 if(local_obj_name != NULL)
2286 free(local_obj_name);
2287 return SECURITY_SERVER_ERROR_RECV_FAILED;
2289 memcpy(object, local_obj_name, hdr->basic_hdr.msg_len);
2290 object[hdr->basic_hdr.msg_len] = 0;
2291 retval = SECURITY_SERVER_SUCCESS;
2295 SEC_SVR_DBG("Error received. return code: %d", hdr->return_code);
2296 retval = return_code_to_error_code(hdr->return_code);
2300 if(local_obj_name != NULL)
2301 free(local_obj_name);
2302 return SECURITY_SERVER_SUCCESS;
2305 int recv_cookie(int sockfd, response_header *hdr, char *cookie)
2309 retval = recv_generic_response(sockfd, hdr);
2310 if(retval != SECURITY_SERVER_SUCCESS)
2311 return return_code_to_error_code(hdr->return_code);
2313 retval = TEMP_FAILURE_RETRY(read(sockfd, cookie, SECURITY_SERVER_COOKIE_LEN));
2314 if(retval < SECURITY_SERVER_COOKIE_LEN)
2316 /* Error on socket */
2317 SEC_SVR_DBG("read() failed: %d", retval);
2318 return SECURITY_SERVER_ERROR_RECV_FAILED;
2320 return SECURITY_SERVER_SUCCESS;
2323 int recv_privilege_check_response(int sockfd, response_header *hdr)
2327 retval = recv_generic_response(sockfd, hdr);
2328 if(hdr->return_code != SECURITY_SERVER_RETURN_CODE_ACCESS_GRANTED &&
2329 hdr->return_code != SECURITY_SERVER_RETURN_CODE_ACCESS_DENIED)
2331 SEC_SVR_DBG("response error: %d", hdr->return_code);
2332 return return_code_to_error_code(hdr->return_code);
2334 return SECURITY_SERVER_SUCCESS;
2337 int recv_privilege_check_new_response(int sockfd, response_header *hdr)
2341 retval = recv_generic_response(sockfd, hdr);
2342 if(hdr->return_code != SECURITY_SERVER_RETURN_CODE_ACCESS_GRANTED &&
2343 hdr->return_code != SECURITY_SERVER_RETURN_CODE_ACCESS_DENIED)
2345 SEC_SVR_DBG("response error: %d", hdr->return_code);
2346 return return_code_to_error_code(hdr->return_code);
2348 return SECURITY_SERVER_SUCCESS;
2351 int recv_smack_response(int sockfd, response_header *hdr, char * label)
2355 retval = recv_generic_response(sockfd, hdr);
2356 if(retval != SECURITY_SERVER_SUCCESS)
2357 return return_code_to_error_code(hdr->return_code);
2359 retval = TEMP_FAILURE_RETRY(read(sockfd, label, SMACK_LABEL_LEN + 1));
2360 if(retval < sizeof(int))
2362 /* Error on socket */
2363 SEC_SVR_DBG("Client: Receive failed %d", retval);
2364 return SECURITY_SERVER_ERROR_RECV_FAILED;
2366 return SECURITY_SERVER_SUCCESS;
2369 int recv_pid_privilege_response(int sockfd, response_header *hdr)
2373 retval = recv_generic_response(sockfd, hdr);
2375 if (retval != SECURITY_SERVER_SUCCESS)
2376 return return_code_to_error_code(hdr->return_code);
2378 return SECURITY_SERVER_SUCCESS;
2381 int recv_pid_response(int sockfd, response_header *hdr, int *pid)
2385 retval = recv_generic_response(sockfd, hdr);
2386 if(retval != SECURITY_SERVER_SUCCESS)
2387 return return_code_to_error_code(hdr->return_code);
2389 retval = TEMP_FAILURE_RETRY(read(sockfd, pid, sizeof(int)));
2390 if(retval < sizeof(int))
2392 /* Error on socket */
2393 SEC_SVR_DBG("Client: Receive failed %d", retval);
2394 return SECURITY_SERVER_ERROR_RECV_FAILED;
2396 return SECURITY_SERVER_SUCCESS;
2399 int recv_pwd_response(int sockfd, response_header *hdr,
2400 unsigned int *current_attempts,
2401 unsigned int *max_attempts,
2402 unsigned int *valid_secs)
2405 *current_attempts = 0;
2409 retval = recv_generic_response(sockfd, hdr);
2413 case SECURITY_SERVER_ERROR_PASSWORD_EXIST:
2414 case SECURITY_SERVER_ERROR_NO_PASSWORD:
2415 case SECURITY_SERVER_ERROR_PASSWORD_MISMATCH:
2416 case SECURITY_SERVER_ERROR_PASSWORD_RETRY_TIMER:
2417 case SECURITY_SERVER_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED:
2418 case SECURITY_SERVER_ERROR_PASSWORD_EXPIRED:
2419 case SECURITY_SERVER_ERROR_PASSWORD_REUSED:
2420 case SECURITY_SERVER_SUCCESS:
2423 return return_code_to_error_code(hdr->return_code);
2426 retval = TEMP_FAILURE_RETRY(read(sockfd, current_attempts, sizeof(unsigned int)));
2427 if(retval < sizeof(unsigned int))
2429 /* Error on socket */
2430 SEC_SVR_DBG("Client: Receive failed %d", retval);
2431 return SECURITY_SERVER_ERROR_RECV_FAILED;
2433 retval = TEMP_FAILURE_RETRY(read(sockfd, max_attempts, sizeof(unsigned int)));
2434 if(retval < sizeof(unsigned int))
2436 /* Error on socket */
2437 SEC_SVR_DBG("Client: Receive failed %d", retval);
2438 return SECURITY_SERVER_ERROR_RECV_FAILED;
2440 retval = TEMP_FAILURE_RETRY(read(sockfd, valid_secs, sizeof(unsigned int)));
2441 if(retval < sizeof(unsigned int))
2443 /* Error on socket */
2444 SEC_SVR_DBG("Client: Receive failed %d", retval);
2445 return SECURITY_SERVER_ERROR_RECV_FAILED;
2448 //if come here there were no errors
2449 return SECURITY_SERVER_SUCCESS;
2452 /* Authenticate client application *
2453 * Currently it only gets peer's credential information only *
2454 * If we need, we can extend in the futer */
2455 int authenticate_client_application(int sockfd, int *pid, int *uid)
2459 unsigned int cl = sizeof(cr);
2461 /* get PID of socket peer */
2462 if(getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &cr, &cl) != 0)
2464 retval = SECURITY_SERVER_ERROR_SOCKET;
2465 SEC_SVR_DBG("%s", "getsockopt failed");
2472 /* Authenticate client that it's real client application */
2479 /* Authenticate the application is middleware daemon
2480 * The middleware must run as root (or middleware user) and the cmd line must be
2481 * pre listed for authentication to succeed */
2482 int authenticate_client_middleware(int sockfd, int *pid)
2484 return SECURITY_SERVER_SUCCESS;
2486 int retval = SECURITY_SERVER_SUCCESS;
2488 unsigned int cl = sizeof(cr);
2490 struct passwd pw, *ppw;
2493 static uid_t middleware_uid = 0;
2497 /* get PID of socket peer */
2498 if(getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &cr, &cl) != 0)
2500 retval = SECURITY_SERVER_ERROR_SOCKET;
2501 SEC_SVR_DBG("%s", "Error on getsockopt");
2505 if (!middleware_uid)
2507 buf_size = sysconf(_SC_GETPW_R_SIZE_MAX);
2511 buf = malloc(buf_size);
2513 /* This test isn't essential, skip it in case of error */
2515 if (getpwnam_r(SECURITY_SERVER_MIDDLEWARE_USER, &pw, buf, buf_size, &ppw) == 0 && ppw)
2516 middleware_uid = pw.pw_uid;
2522 /* Middleware services need to run as root or middleware/app user */
2523 if(cr.uid != 0 && cr.uid != middleware_uid)
2525 retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
2526 SEC_SVR_DBG("Non root process has called API: %d", cr.uid);
2530 /* Read command line of the PID from proc fs */
2531 exe = read_exe_path_from_proc(cr.pid);
2534 /* It's weired. no file in proc file system, */
2535 retval = SECURITY_SERVER_ERROR_FILE_OPERATION;
2536 SEC_SVR_DBG("Error on opening /proc/%d/exe", cr.pid);
2550 /* Get app PID from socked and read its privilege (GID) list
2551 * from /proc/<PID>/status.
2553 * param 1: socket descriptor
2554 * param 2: pointer for hold returned array
2556 * ret: size of array or -1 in case of error
2558 * Notice that user must free space allocated in this function and
2559 * returned by second parameter (int * privileges)
2561 int get_client_gid_list(int sockfd, int ** privileges)
2564 //for read socket options
2565 struct ucred socopt;
2566 unsigned int socoptSize = sizeof(socopt);
2567 //buffer for store /proc/<PID>/status filepath
2568 const int PATHSIZE = 24;
2569 char path[PATHSIZE];
2572 //buffer for filelines
2573 const int LINESIZE = 256;
2574 char fileLine[LINESIZE];
2576 char delim[] = ": ";
2577 char * token = NULL;
2583 //read socket options
2584 ret = getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &socopt, &socoptSize);
2587 SEC_SVR_DBG("%s", "Error on getsockopt");
2591 //now we have PID in sockopt.pid
2592 bzero(path, PATHSIZE);
2593 snprintf(path, PATHSIZE, "/proc/%d/status", socopt.pid);
2595 fp = fopen(path, "r");
2598 SEC_SVR_DBG("%s", "Error on fopen");
2602 bzero(fileLine, LINESIZE);
2604 //search for line beginning with "Groups:"
2605 while(strncmp(fileLine, "Groups:", 7) != 0)
2607 if(NULL == fgets(fileLine, LINESIZE, fp))
2609 SEC_SVR_DBG("%s", "Error on fgets");
2617 //now we have "Groups:" line in fileLine[]
2619 strtok(fileLine, delim);
2620 while(token = strtok(NULL, delim))
2623 if(*privileges == NULL)
2626 *privileges = (int *)malloc(sizeof(int) * 1);
2627 if(*privileges == NULL)
2629 SEC_SVR_DBG("%s", "Error on malloc");
2632 (*privileges)[0] = atoi(token);
2636 *privileges = realloc(*privileges, sizeof(int) * (ret + 1));
2637 (*privileges)[ret] = atoi(token);
2643 //check if we found any GIDs for process
2644 if(*privileges == NULL)
2646 SEC_SVR_DBG("%s %d", "No GIDs found for PID:", socopt.pid);
2650 SEC_SVR_DBG("%s %d", "Number of GIDs found:", ret);
2656 /* Authenticate the application is middleware daemon
2657 * The middleware must run as root and the cmd line must be pre listed */
2658 int authenticate_developer_shell(int sockfd)
2660 int retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
2662 unsigned int cl = sizeof(cr);
2665 /* get PID of socket peer */
2666 if(getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &cr, &cl) != 0)
2668 retval = SECURITY_SERVER_ERROR_SOCKET;
2669 SEC_SVR_DBG("%s", "Error on getsockopt");
2673 /* All middlewares will run as root */
2674 if(cr.uid != SECURITY_SERVER_DEVELOPER_UID)
2676 retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
2677 SEC_SVR_DBG("Non root process has called API: %d", cr.uid);
2681 /* Read executable path of the PID from proc fs */
2682 exe = read_exe_path_from_proc(cr.pid);
2685 /* It's weired. no file in proc file system, */
2686 retval = SECURITY_SERVER_ERROR_FILE_OPERATION;
2687 SEC_SVR_DBG("Error on opening /proc/%d/exe", cr.pid);
2691 /* Search exe of the peer that is really debug tool */
2692 if(strcmp(exe, SECURITY_SERVER_DEBUG_TOOL_PATH) != 0)
2694 SEC_SVR_DBG("Error: Wrong exe path [%s]", exe);
2695 retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
2698 retval = SECURITY_SERVER_SUCCESS;
2699 SEC_SVR_DBG("%s", "Client Authenticated");
2708 int free_argv(char **argv, int argc)
2713 SEC_SVR_DBG("%s", "Cannot free NULL pointer");
2714 return SECURITY_SERVER_ERROR_INPUT_PARAM;
2716 for (i=0;i<argc;i++)
2722 return SECURITY_SERVER_SUCCESS;
2725 int send_app_give_access(int sock_fd, const char* customer_label, int customer_pid)
2728 unsigned char *buff = NULL;
2729 size_t total_len = 0;
2732 msg_len = strlen(customer_label);
2733 total_len = sizeof(hdr) + sizeof(int) + msg_len;
2735 buff = malloc(total_len);
2737 SEC_SVR_DBG("%s", "Error: failed on malloc()");
2738 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
2741 hdr.version = SECURITY_SERVER_MSG_VERSION;
2742 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_APP_GIVE_ACCESS_REQUEST;
2743 hdr.msg_len = (unsigned short)total_len;
2745 memcpy(buff, &hdr, sizeof(hdr));
2746 memcpy(buff + sizeof(hdr), &customer_pid, sizeof(int));
2747 memcpy(buff + sizeof(hdr) + sizeof(int), customer_label, msg_len);
2750 int retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
2751 if(retval == SECURITY_SERVER_ERROR_POLL)
2753 SEC_SVR_DBG("%s", "poll() error");
2754 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
2758 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
2760 SEC_SVR_DBG("%s", "poll() timeout");
2761 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
2765 /* Send to server */
2766 retval = TEMP_FAILURE_RETRY(write(sock_fd, buff, total_len));
2767 if(retval != (int)total_len)
2770 SEC_SVR_DBG("Error on write(): %d", retval);
2771 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
2774 retval = SECURITY_SERVER_SUCCESS;