4 * Copyright (c) 2000 - 2011 Samsung Electronics Co., Ltd All Rights Reserved
6 * Contact: Bumjin Im <bj.im@samsung.com>
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License
26 #include <sys/socket.h>
27 #include <sys/types.h>
28 #include <sys/smack.h>
38 #include <systemd/sd-daemon.h>
40 #include "security-server-common.h"
41 #include "security-server-comm.h"
43 void printhex(const unsigned char *data, int size)
46 for (i = 0; i < size; i++)
51 printf("%X ", data[i]);
52 if (((i + 1) % 16) == 0 && i != 0)
58 /* Return code in packet is positive integer *
59 * We need to convert them to error code which are negative integer */
60 int return_code_to_error_code(int ret_code)
65 case SECURITY_SERVER_RETURN_CODE_SUCCESS:
66 case SECURITY_SERVER_RETURN_CODE_ACCESS_GRANTED:
67 ret = SECURITY_SERVER_SUCCESS;
69 case SECURITY_SERVER_RETURN_CODE_BAD_REQUEST:
70 ret = SECURITY_SERVER_ERROR_BAD_REQUEST;
72 case SECURITY_SERVER_RETURN_CODE_AUTHENTICATION_FAILED:
73 ret = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
75 case SECURITY_SERVER_RETURN_CODE_ACCESS_DENIED:
76 ret = SECURITY_SERVER_ERROR_ACCESS_DENIED;
78 case SECURITY_SERVER_RETURN_CODE_NO_SUCH_OBJECT:
79 ret = SECURITY_SERVER_ERROR_NO_SUCH_OBJECT;
81 case SECURITY_SERVER_RETURN_CODE_SERVER_ERROR:
82 ret = SECURITY_SERVER_ERROR_SERVER_ERROR;
84 case SECURITY_SERVER_RETURN_CODE_NO_SUCH_COOKIE:
85 ret = SECURITY_SERVER_ERROR_NO_SUCH_COOKIE;
87 case SECURITY_SERVER_RETURN_CODE_NO_PASSWORD:
88 ret = SECURITY_SERVER_ERROR_NO_PASSWORD;
90 case SECURITY_SERVER_RETURN_CODE_PASSWORD_EXIST:
91 ret = SECURITY_SERVER_ERROR_PASSWORD_EXIST;
93 case SECURITY_SERVER_RETURN_CODE_PASSWORD_MISMATCH:
94 ret = SECURITY_SERVER_ERROR_PASSWORD_MISMATCH;
96 case SECURITY_SERVER_RETURN_CODE_PASSWORD_RETRY_TIMER:
97 ret = SECURITY_SERVER_ERROR_PASSWORD_RETRY_TIMER;
99 case SECURITY_SERVER_RETURN_CODE_PASSWORD_EXPIRED:
100 ret = SECURITY_SERVER_ERROR_PASSWORD_EXPIRED;
102 case SECURITY_SERVER_RETURN_CODE_PASSWORD_MAX_ATTEMPTS_EXCEEDED:
103 ret = SECURITY_SERVER_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED;
105 case SECURITY_SERVER_RETURN_CODE_PASSWORD_REUSED:
106 ret = SECURITY_SERVER_ERROR_PASSWORD_REUSED;
109 ret = SECURITY_SERVER_ERROR_UNKNOWN;
115 int check_socket_poll(int sockfd, int event, int timeout)
117 struct pollfd poll_fd[1];
118 int retval = SECURITY_SERVER_ERROR_POLL;
120 poll_fd[0].fd = sockfd;
121 poll_fd[0].events = event;
122 retval = poll(poll_fd, 1, timeout);
125 SEC_SVR_ERR("poll() error. errno=%d", errno);
127 return SECURITY_SERVER_ERROR_POLL;
130 /* Chile process has been closed. Not poll() problem. Call it once again */
131 return check_socket_poll(sockfd, event, timeout);
138 return SECURITY_SERVER_ERROR_TIMEOUT;
141 if (poll_fd[0].revents != event)
143 SEC_SVR_ERR("Something wrong on the peer socket. event=0x%x", poll_fd[0].revents);
144 return SECURITY_SERVER_ERROR_POLL;
146 return SECURITY_SERVER_SUCCESS;
149 int safe_server_sock_close(int client_sockfd)
151 struct pollfd poll_fd[1];
153 retval = SECURITY_SERVER_ERROR_POLL;
154 poll_fd[0].fd = client_sockfd;
155 poll_fd[0].events = POLLRDHUP;
156 retval = poll(poll_fd, 1, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
157 SEC_SVR_DBG("%s", "Server: Closing server socket");
158 close(client_sockfd);
159 return SECURITY_SERVER_SUCCESS;
162 /* Get socket from systemd */
163 int get_socket_from_systemd(int *sockfd)
165 int n = sd_listen_fds(0);
168 for(fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START+n; ++fd) {
169 if (0 < sd_is_socket_unix(fd, SOCK_STREAM, 1,
170 SECURITY_SERVER_SOCK_PATH, 0))
173 return SECURITY_SERVER_SUCCESS;
176 return SECURITY_SERVER_ERROR_SOCKET;
179 /* Create a Unix domain socket and bind */
180 int create_new_socket(int *sockfd)
182 int retval = 0, localsockfd = 0, flags;
183 struct sockaddr_un serveraddr;
186 /* Deleted garbage Unix domain socket file */
187 retval = remove(SECURITY_SERVER_SOCK_PATH);
189 if (retval == -1 && errno != ENOENT) {
190 retval = SECURITY_SERVER_ERROR_UNKNOWN;
192 SECURE_SLOGE("%s", "Unable to remove /tmp/.security_server.sock");
196 /* Create Unix domain socket */
197 if ((localsockfd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0)
199 retval = SECURITY_SERVER_ERROR_SOCKET;
201 SEC_SVR_ERR("%s", "Socket creation failed");
205 // If SMACK is present we have to label our sockets regardless of SMACK_ENABLED flag
206 if (smack_runtime_check()) {
207 if (smack_fsetlabel(localsockfd, "@", SMACK_LABEL_IPOUT) != 0)
209 SEC_SVR_ERR("%s", "SMACK labeling failed");
210 if (errno != EOPNOTSUPP)
212 retval = SECURITY_SERVER_ERROR_SOCKET;
218 if (smack_fsetlabel(localsockfd, "*", SMACK_LABEL_IPIN) != 0)
219 { SEC_SVR_ERR("%s", "SMACK labeling failed");
220 if (errno != EOPNOTSUPP)
222 retval = SECURITY_SERVER_ERROR_SOCKET;
229 SEC_SVR_DBG("SMACK is not available. Sockets won't be labeled.");
232 /* Make socket as non blocking */
233 if ((flags = fcntl(localsockfd, F_GETFL, 0)) < 0 ||
234 fcntl(localsockfd, F_SETFL, flags | O_NONBLOCK) < 0)
236 retval = SECURITY_SERVER_ERROR_SOCKET;
239 SEC_SVR_ERR("%s", "Cannot go to nonblocking mode");
243 bzero (&serveraddr, sizeof(serveraddr));
244 serveraddr.sun_family = AF_UNIX;
245 strncpy(serveraddr.sun_path, SECURITY_SERVER_SOCK_PATH,
246 strlen(SECURITY_SERVER_SOCK_PATH));
247 serveraddr.sun_path[strlen(SECURITY_SERVER_SOCK_PATH)] = 0;
249 /* Bind the socket */
250 if ((bind(localsockfd, (struct sockaddr*)&serveraddr, sizeof(serveraddr))) < 0)
252 retval = SECURITY_SERVER_ERROR_SOCKET_BIND;
253 SEC_SVR_ERR("%s", "Cannot bind");
260 /* Change permission to accept all processes that has different uID/gID */
261 sock_mode = (S_IRWXU | S_IRWXG | S_IRWXO);
262 /* Flawfinder hits this chmod function as level 5 CRITICAL as race condition flaw *
263 * Flawfinder recommends to user fchmod insted of chmod
264 * But, fchmod doesn't work on socket file so there is no other choice at this point */
265 if (chmod(SECURITY_SERVER_SOCK_PATH, sock_mode) < 0) /* Flawfinder: ignore */
267 SEC_SVR_ERR("%s", "chmod() error");
268 retval = SECURITY_SERVER_ERROR_SOCKET;
274 retval = SECURITY_SERVER_SUCCESS;
277 *sockfd = localsockfd;
281 /* Authenticate peer that it's really security server.
282 * Check UID that is root
284 int authenticate_server(int sockfd)
288 unsigned int cl = sizeof(cr);
289 /* char *exe = NULL;*/
291 /* get socket peer credential */
292 if (getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &cr, &cl) != 0)
294 retval = SECURITY_SERVER_ERROR_SOCKET;
295 SEC_SVR_ERR("%s", "getsockopt() failed");
299 /* Security server must run as root */
302 retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
303 SEC_SVR_ERR("Peer is not root: uid=%d", cr.uid);
307 retval = SECURITY_SERVER_SUCCESS;
309 /* Read command line of the PID from proc fs */
310 /* This is commented out because non root process cannot read link of /proc/pid/exe */
311 /* exe = read_exe_path_from_proc(cr.pid);
313 if(strcmp(exe, SECURITY_SERVER_DAEMON_PATH) != 0)
315 retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
316 SEC_SVR_DBG("Executable path is different. auth failed. Exe path=%s", exe);
320 retval = SECURITY_SERVER_SUCCESS;
321 SEC_SVR_DBG("Server authenticatd. %s, sockfd=%d", exe, sockfd);
331 /* Create a socket and connect to Security Server */
332 int connect_to_server(int *fd)
334 struct sockaddr_un clientaddr;
335 int client_len = 0, localsockfd, ret, flags;
338 /* Create a socket */
339 localsockfd = socket(AF_UNIX, SOCK_STREAM, 0);
342 SEC_SVR_ERR("%s", "Error on socket()");
343 return SECURITY_SERVER_ERROR_SOCKET;
346 /* Make socket as non blocking */
347 if ((flags = fcntl(localsockfd, F_GETFL, 0)) < 0 ||
348 fcntl(localsockfd, F_SETFL, flags | O_NONBLOCK) < 0)
351 SEC_SVR_ERR("%s", "Cannot go to nonblocking mode");
352 return SECURITY_SERVER_ERROR_SOCKET;
355 bzero(&clientaddr, sizeof(clientaddr));
356 clientaddr.sun_family = AF_UNIX;
357 strncpy(clientaddr.sun_path, SECURITY_SERVER_SOCK_PATH, strlen(SECURITY_SERVER_SOCK_PATH));
358 clientaddr.sun_path[strlen(SECURITY_SERVER_SOCK_PATH)] = 0;
359 client_len = sizeof(clientaddr);
361 ret = connect(localsockfd, (struct sockaddr*)&clientaddr, client_len);
364 if (errno == EINPROGRESS)
366 SEC_SVR_DBG("%s", "Connection is in progress");
367 ret = check_socket_poll(localsockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
368 if (ret == SECURITY_SERVER_ERROR_POLL)
370 SEC_SVR_ERR("%s", "poll() error");
372 return SECURITY_SERVER_ERROR_SOCKET;
374 if (ret == SECURITY_SERVER_ERROR_TIMEOUT)
376 SEC_SVR_ERR("%s", "poll() timeout");
378 return SECURITY_SERVER_ERROR_SOCKET;
380 ret = connect(localsockfd, (struct sockaddr*)&clientaddr, client_len);
383 SEC_SVR_ERR("%s", "connection failed");
385 return SECURITY_SERVER_ERROR_SOCKET;
390 SEC_SVR_ERR("%s", "Connection failed");
392 return SECURITY_SERVER_ERROR_SOCKET;
396 /* Authenticate the peer is actually security server */
397 ret = authenticate_server(localsockfd);
398 if (ret != SECURITY_SERVER_SUCCESS)
401 SEC_SVR_ERR("Authentication failed. %d", ret);
405 return SECURITY_SERVER_SUCCESS;
408 /* Accept a new client connection */
409 int accept_client(int server_sockfd)
411 /* Call poll() to wait for socket connection */
412 int retval, localsockfd;
413 struct sockaddr_un clientaddr;
414 unsigned int client_len;
416 client_len = sizeof(clientaddr);
419 retval = check_socket_poll(server_sockfd, POLLIN, SECURITY_SERVER_ACCEPT_TIMEOUT_MILISECOND);
420 if (retval == SECURITY_SERVER_ERROR_POLL)
422 SEC_SVR_ERR("%s", "Error on polling");
423 return SECURITY_SERVER_ERROR_SOCKET;
427 if (retval == SECURITY_SERVER_ERROR_TIMEOUT)
429 /*SEC_SVR_DBG("%s", "accept() timeout");*/
430 return SECURITY_SERVER_ERROR_TIMEOUT;
433 localsockfd = accept(server_sockfd,
434 (struct sockaddr*)&clientaddr,
439 SEC_SVR_ERR("Cannot accept client. errno=%d", errno);
440 return SECURITY_SERVER_ERROR_SOCKET;
445 /* Minimal check of request packet */
446 int validate_header(basic_header hdr)
448 if (hdr.version != SECURITY_SERVER_MSG_VERSION)
449 return SECURITY_SERVER_ERROR_BAD_REQUEST;
451 return SECURITY_SERVER_SUCCESS;
454 /* Send generic response packet to client
456 * Generic Response Packet Format
458 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
459 |---------------------------------------------------------------|
460 | version=0x01 | Message ID |Message Length (without header)|
461 |---------------------------------------------------------------|
465 int send_generic_response (int sockfd, unsigned char msgid, unsigned char return_code)
470 /* Assemble header */
471 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
472 hdr.basic_hdr.msg_id = msgid;
473 hdr.basic_hdr.msg_len = 0;
474 hdr.return_code = return_code;
477 size = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
478 if (size == SECURITY_SERVER_ERROR_POLL)
480 SEC_SVR_ERR("%s", "poll() error");
481 return SECURITY_SERVER_ERROR_SEND_FAILED;
483 if (size == SECURITY_SERVER_ERROR_TIMEOUT)
485 SEC_SVR_ERR("%s", "poll() timeout");
486 return SECURITY_SERVER_ERROR_SEND_FAILED;
490 size = TEMP_FAILURE_RETRY(write(sockfd, &hdr, sizeof(hdr)));
492 if (size < (int)sizeof(hdr))
493 return SECURITY_SERVER_ERROR_SEND_FAILED;
494 return SECURITY_SERVER_SUCCESS;
497 /* Send cookie response to client
499 * Get Cookie response packet format
501 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
502 * |---------------------------------------------------------------|
503 * | version=0x01 |MessageID=0x02 | Message Length =20 |
504 * |---------------------------------------------------------------|
506 * ----------------- |
507 * | cookie (20 bytes) |
508 * |---------------------------------------------------------------|
510 int send_cookie(int sockfd, unsigned char *cookie)
513 unsigned char msg[SECURITY_SERVER_COOKIE_LEN + sizeof(hdr)];
516 /* Assemble header */
517 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
518 hdr.basic_hdr.msg_id = SECURITY_SERVER_MSG_TYPE_COOKIE_RESPONSE;
519 hdr.basic_hdr.msg_len = SECURITY_SERVER_COOKIE_LEN;
520 hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
522 memcpy(msg, &hdr, sizeof(hdr));
523 memcpy(msg + sizeof(hdr), cookie, SECURITY_SERVER_COOKIE_LEN);
526 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
527 if (ret == SECURITY_SERVER_ERROR_POLL)
529 SEC_SVR_ERR("%s", "poll() error");
530 return SECURITY_SERVER_ERROR_SEND_FAILED;
532 if (ret == SECURITY_SERVER_ERROR_TIMEOUT)
534 SEC_SVR_ERR("%s", "poll() timeout");
535 return SECURITY_SERVER_ERROR_SEND_FAILED;
538 ret = TEMP_FAILURE_RETRY(write(sockfd, msg, sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN));
539 if (ret < (int)(sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN))
541 /* Error on writing */
542 SEC_SVR_ERR("Error on write: %d", ret);
543 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
546 return SECURITY_SERVER_SUCCESS;
549 /* Send Object name response *
550 * Get Object name response packet format
552 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
553 * |---------------------------------------------------------------|
554 * | version=0x01 |MessageID=0x06 | Message Length |
555 * |---------------------------------------------------------------|
557 * ----------------- |
559 * |---------------------------------------------------------------|
561 int send_object_name(int sockfd, char *obj)
564 unsigned char msg[strlen(obj) + sizeof(hdr)];
567 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
568 hdr.basic_hdr.msg_id = 0x06;
569 hdr.basic_hdr.msg_len = strlen(obj);
570 hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
572 memcpy(msg, &hdr, sizeof(hdr));
573 memcpy(msg + sizeof(hdr), obj, strlen(obj));
576 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
577 if (ret == SECURITY_SERVER_ERROR_POLL)
579 SEC_SVR_ERR("%s", "poll() error");
580 return SECURITY_SERVER_ERROR_SEND_FAILED;
582 if (ret == SECURITY_SERVER_ERROR_TIMEOUT)
584 SEC_SVR_ERR("%s", "poll() timeout");
585 return SECURITY_SERVER_ERROR_SEND_FAILED;
588 ret = TEMP_FAILURE_RETRY(write(sockfd, msg, sizeof(hdr) + strlen(obj)));
589 if (ret < sizeof(hdr) + strlen(obj))
591 /* Error on writing */
592 SEC_SVR_ERR("Error on write: %d", ret);
593 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
596 return SECURITY_SERVER_SUCCESS;
599 /* Send GID response to client
601 * Get GID response packet format
603 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
604 * |---------------------------------------------------------------|
605 * | version=0x01 |MessageID=0x08 | Message Length = 4 |
606 * |---------------------------------------------------------------|
607 * | return code | gid (first 3 words) |
608 * |---------------------------------------------------------------|
612 int send_gid(int sockfd, int gid)
615 unsigned char msg[sizeof(gid) + sizeof(hdr)];
618 /* Assemble header */
619 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
620 hdr.basic_hdr.msg_id = SECURITY_SERVER_MSG_TYPE_GID_RESPONSE;
621 hdr.basic_hdr.msg_len = sizeof(gid);
622 hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
625 memcpy(msg, &hdr, sizeof(hdr));
626 memcpy(msg + sizeof(hdr), &gid, sizeof(gid));
629 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
630 if (ret == SECURITY_SERVER_ERROR_POLL)
632 SEC_SVR_ERR("%s", "poll() error");
633 return SECURITY_SERVER_ERROR_SEND_FAILED;
635 if (ret == SECURITY_SERVER_ERROR_TIMEOUT)
637 SEC_SVR_ERR("%s", "poll() timeout");
638 return SECURITY_SERVER_ERROR_SEND_FAILED;
642 ret = TEMP_FAILURE_RETRY(write(sockfd, msg, sizeof(hdr) + sizeof(gid)));
643 if (ret < sizeof(hdr) + sizeof(gid))
645 /* Error on writing */
646 SEC_SVR_ERR("Error on write(): %d", ret);
647 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
650 return SECURITY_SERVER_SUCCESS;
653 /* Send PID response to client
655 * Get PID response packet format
657 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
658 * |---------------------------------------------------------------|
659 * | version=0x01 |MessageID=0x0a | Message Length = 4 |
660 * |---------------------------------------------------------------|
661 * | return code | pid (first 3 words) |
662 * |---------------------------------------------------------------|
666 int send_pid(int sockfd, int pid)
669 unsigned char msg[sizeof(pid) + sizeof(hdr)];
672 /* Assemble header */
673 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
674 hdr.basic_hdr.msg_id = SECURITY_SERVER_MSG_TYPE_PID_RESPONSE;
675 hdr.basic_hdr.msg_len = sizeof(pid);
676 hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
679 memcpy(msg, &hdr, sizeof(hdr));
680 memcpy(msg + sizeof(hdr), &pid, sizeof(pid));
683 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
684 if (ret == SECURITY_SERVER_ERROR_POLL)
686 SEC_SVR_ERR("%s", "poll() error");
687 return SECURITY_SERVER_ERROR_SEND_FAILED;
689 if (ret == SECURITY_SERVER_ERROR_TIMEOUT)
691 SEC_SVR_ERR("%s", "poll() timeout");
692 return SECURITY_SERVER_ERROR_SEND_FAILED;
696 ret = TEMP_FAILURE_RETRY(write(sockfd, msg, sizeof(hdr) + sizeof(pid)));
697 if (ret < sizeof(hdr) + sizeof(pid))
699 /* Error on writing */
700 SEC_SVR_ERR("Error on write(): %d", ret);
701 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
704 return SECURITY_SERVER_SUCCESS;
707 /* Send SMACK label to client with lenght N
709 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
710 * |---------------------------------------------------------------|
711 * | version=0x01 |MessageID=0x1e | Message Length = SMACK_LABEL_LEN + 1
712 * |---------------------------------------------------------------|
713 * | return code | SMACK label byte 0 |
714 * |---------------------------------------------------------------|
715 * | .................. |
716 * |---------------------------------------------------------------|
717 * | SMACK label byte N |
718 * |---------------------------------------------------------------|
720 int send_smack(int sockfd, char *label)
723 //added 1 to the size is for NULL terminating label
724 int LABEL_SIZE = SMACK_LABEL_LEN + 1;
725 int PACKET_SIZE = sizeof(hdr) + LABEL_SIZE;
726 unsigned char msg[PACKET_SIZE];
729 /* Assemble header */
730 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
731 hdr.basic_hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SMACK_RESPONSE;
732 hdr.basic_hdr.msg_len = LABEL_SIZE;
733 hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
736 memcpy(msg, &hdr, sizeof(hdr));
737 memcpy(msg + sizeof(hdr), label, LABEL_SIZE);
738 memset(msg + sizeof(hdr) + SMACK_LABEL_LEN, 0x00, 1); //adding NULL ad the label end
741 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
742 if (ret == SECURITY_SERVER_ERROR_POLL)
744 SEC_SVR_ERR("%s", "poll() error");
745 return SECURITY_SERVER_ERROR_SEND_FAILED;
747 if (ret == SECURITY_SERVER_ERROR_TIMEOUT)
749 SEC_SVR_ERR("%s", "poll() timeout");
750 return SECURITY_SERVER_ERROR_SEND_FAILED;
754 ret = TEMP_FAILURE_RETRY(write(sockfd, msg, PACKET_SIZE));
755 if (ret < PACKET_SIZE)
757 /* Error on writing */
758 SEC_SVR_ERR("Error on write(): %d", ret);
759 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
762 return SECURITY_SERVER_SUCCESS;
765 /* Send Check password response to client
767 * Check password response packet format
769 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
770 * |---------------------------------------------------------------|
771 * | version=0x01 | MessageID | Message Length = 12 |
772 * |---------------------------------------------------------------|
773 * | return code | attempts (first 3 words) |
774 * |---------------------------------------------------------------|
775 * |attempts(rest) | max_attempts (first 3 words) |
776 * |---------------|-----------------------------------------------|
777 * | max_attempts | expire_in_days (first 3 words) |
778 * |---------------------------------------------------------------|
782 int send_pwd_response(const int sockfd,
783 const unsigned char msg_id,
784 const unsigned char return_code,
785 const unsigned int current_attempts,
786 const unsigned int max_attempts,
787 const unsigned int expire_time)
790 unsigned int expire_secs;
791 unsigned char msg[sizeof(hdr) + sizeof(current_attempts) + sizeof(max_attempts) + sizeof(expire_secs)];
795 /* Assemble header */
796 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
797 hdr.basic_hdr.msg_id = msg_id;
798 hdr.basic_hdr.msg_len = sizeof(unsigned int) * 3;
799 hdr.return_code = return_code;
802 memcpy(msg, &hdr, sizeof(hdr));
804 memcpy(msg + ptr, ¤t_attempts, sizeof(current_attempts));
805 ptr += sizeof(current_attempts);
806 memcpy(msg + ptr, &max_attempts, sizeof(max_attempts));
807 ptr += sizeof(max_attempts);
808 memcpy(msg + ptr, &expire_time, sizeof(expire_time));
809 ptr += sizeof(expire_time);
812 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
813 if (ret == SECURITY_SERVER_ERROR_POLL)
815 SEC_SVR_ERR("%s", "Server: poll() error");
816 return SECURITY_SERVER_ERROR_SEND_FAILED;
818 if (ret == SECURITY_SERVER_ERROR_TIMEOUT)
820 SEC_SVR_ERR("%s", "Server: poll() timeout");
821 return SECURITY_SERVER_ERROR_SEND_FAILED;
825 ret = TEMP_FAILURE_RETRY(write(sockfd, msg, ptr));
828 /* Error on writing */
829 SEC_SVR_ERR("Server: ERROR on write(): %d", ret);
830 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
833 return SECURITY_SERVER_SUCCESS;
836 /* Send cookie request packet to security server *
839 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
840 * |---------------------------------------------------------------|
841 * | version=0x01 |MessageID=0x01 | Message Length = 0 |
842 * |---------------------------------------------------------------|
844 int send_cookie_request(int sock_fd)
849 /* Assemble header */
850 hdr.version = SECURITY_SERVER_MSG_VERSION;
851 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_COOKIE_REQUEST;
855 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
856 if (retval == SECURITY_SERVER_ERROR_POLL)
858 SEC_SVR_ERR("%s", "poll() error");
859 return SECURITY_SERVER_ERROR_SEND_FAILED;
861 if (retval == SECURITY_SERVER_ERROR_TIMEOUT)
863 SEC_SVR_ERR("%s", "poll() timeout");
864 return SECURITY_SERVER_ERROR_SEND_FAILED;
868 retval = TEMP_FAILURE_RETRY(write(sock_fd, &hdr, sizeof(hdr)));
869 if (retval < sizeof(hdr))
872 SEC_SVR_ERR("Error on write(): %d", retval);
873 return SECURITY_SERVER_ERROR_SEND_FAILED;
875 return SECURITY_SERVER_SUCCESS;
878 /* Send GID request message to security server
881 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
882 * |---------------------------------------------------------------|
883 * | version=0x01 |MessageID=0x07 | Message Length = variable |
884 * |---------------------------------------------------------------|
886 * | Object name (variable) |
888 * |---------------------------------------------------------------|
890 int send_gid_request(int sock_fd, const char *object)
893 int retval = 0, send_len = 0;
894 unsigned char *buf = NULL;
896 if (strlen(object) > SECURITY_SERVER_MAX_OBJ_NAME)
898 /* Object name is too big*/
899 SEC_SVR_ERR("Object name is too big %dbytes", strlen(object));
900 return SECURITY_SERVER_ERROR_INPUT_PARAM;
903 hdr.version = SECURITY_SERVER_MSG_VERSION;
904 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_GID_REQUEST;
905 hdr.msg_len = strlen(object);
907 send_len = sizeof(hdr) + strlen(object);
909 buf = malloc(send_len);
912 SEC_SVR_ERR("%s", "out of memory");
913 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
916 memcpy(buf, &hdr, sizeof(hdr));
917 memcpy(buf + sizeof(hdr), object, strlen(object));
920 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
921 if (retval == SECURITY_SERVER_ERROR_POLL)
923 SEC_SVR_ERR("%s", "poll() error");
924 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
927 if (retval == SECURITY_SERVER_ERROR_TIMEOUT)
929 SEC_SVR_ERR("%s", "poll() timeout");
930 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
934 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, send_len));
935 if (retval < send_len)
938 SEC_SVR_ERR("Error on write(): %d. errno=%d, sockfd=%d", retval, errno, sock_fd);
939 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
942 retval = SECURITY_SERVER_SUCCESS;
951 /* Send object name request message to security server *
954 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
955 * |---------------------------------------------------------------|
956 * | version=0x01 |MessageID=0x05 | Message Length = 4 |
957 * |---------------------------------------------------------------|
959 * |---------------------------------------------------------------|
961 int send_object_name_request(int sock_fd, int gid)
965 unsigned char buf[sizeof(hdr) + sizeof(gid)];
967 /* Assemble header */
968 hdr.version = SECURITY_SERVER_MSG_VERSION;
969 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_OBJECT_NAME_REQUEST;
970 hdr.msg_len = sizeof(gid);
972 memcpy(buf, &hdr, sizeof(hdr));
973 memcpy(buf + sizeof(hdr), &gid, sizeof(gid));
976 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
977 if (retval == SECURITY_SERVER_ERROR_POLL)
979 SEC_SVR_ERR("%s", "poll() error");
980 return SECURITY_SERVER_ERROR_SEND_FAILED;
982 if (retval == SECURITY_SERVER_ERROR_TIMEOUT)
984 SEC_SVR_ERR("%s", "poll() timeout");
985 return SECURITY_SERVER_ERROR_SEND_FAILED;
989 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, sizeof(buf)));
990 if (retval < sizeof(buf))
993 SEC_SVR_ERR("Error on write(): %d", retval);
994 return SECURITY_SERVER_ERROR_SEND_FAILED;
996 return SECURITY_SERVER_SUCCESS;
999 /* Send privilege check request message to security server *
1002 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1003 * |---------------------------------------------------------------|
1004 * | version=0x01 |MessageID=0x03 | Message Length = 24 |
1005 * |---------------------------------------------------------------|
1008 * | Cookie (20bytes) |
1011 * |---------------------------------------------------------------|
1013 * |---------------------------------------------------------------|
1015 int send_privilege_check_request(int sock_fd, const char *cookie, int gid)
1019 unsigned char buf[sizeof(hdr) + sizeof(gid) + SECURITY_SERVER_COOKIE_LEN];
1021 /* Assemble header */
1022 hdr.version = SECURITY_SERVER_MSG_VERSION;
1023 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_REQUEST;
1024 hdr.msg_len = sizeof(gid) + SECURITY_SERVER_COOKIE_LEN;
1026 memcpy(buf, &hdr, sizeof(hdr));
1027 memcpy(buf + sizeof(hdr), cookie, SECURITY_SERVER_COOKIE_LEN);
1028 memcpy(buf + sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN, &gid, sizeof(gid));
1031 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1032 if (retval == SECURITY_SERVER_ERROR_POLL)
1034 SEC_SVR_ERR("%s", "poll() error");
1035 return SECURITY_SERVER_ERROR_SEND_FAILED;
1037 if (retval == SECURITY_SERVER_ERROR_TIMEOUT)
1039 SEC_SVR_ERR("%s", "poll() timeout");
1040 return SECURITY_SERVER_ERROR_SEND_FAILED;
1043 /* Send to server */
1044 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, sizeof(buf)));
1045 if (retval < sizeof(buf))
1048 SEC_SVR_ERR("Error on write(): %d", retval);
1049 return SECURITY_SERVER_ERROR_SEND_FAILED;
1051 return SECURITY_SERVER_SUCCESS;
1054 int send_privilege_check_new_request(int sock_fd,
1057 const char *access_rights)
1064 olen = strlen(object);
1065 alen = strlen(access_rights);
1066 if (olen > MAX_OBJECT_LABEL_LEN || alen > MAX_MODE_STR_LEN)
1068 return SECURITY_SERVER_ERROR_INPUT_PARAM;
1071 unsigned char buf[sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN +
1072 2 * sizeof(int) + MAX_OBJECT_LABEL_LEN + MAX_MODE_STR_LEN];
1074 /* Assemble header */
1075 hdr.version = SECURITY_SERVER_MSG_VERSION;
1076 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_NEW_REQUEST;
1077 hdr.msg_len = SECURITY_SERVER_COOKIE_LEN + 2 * sizeof(int) + olen + alen;
1079 memcpy(buf, &hdr, sizeof(hdr));
1080 memcpy(buf + sizeof(hdr), cookie, SECURITY_SERVER_COOKIE_LEN);
1081 memcpy(buf + sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN, &olen, sizeof(int));
1082 memcpy(buf + sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN + sizeof(int),
1083 &alen, sizeof(int));
1084 memcpy(buf + sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN + 2 * sizeof(int), object, olen);
1085 memcpy(buf + sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN + 2 * sizeof(int) + olen,
1086 access_rights, alen);
1089 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1090 if (retval == SECURITY_SERVER_ERROR_POLL)
1092 SEC_SVR_ERR("%s", "poll() error");
1093 return SECURITY_SERVER_ERROR_SEND_FAILED;
1095 if (retval == SECURITY_SERVER_ERROR_TIMEOUT)
1097 SEC_SVR_ERR("%s", "poll() timeout");
1098 return SECURITY_SERVER_ERROR_SEND_FAILED;
1101 size = sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN + 2 * sizeof(int) + olen + alen;
1102 /* Send to server */
1103 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, size));
1107 SEC_SVR_ERR("Error on write(): %d", retval);
1108 return SECURITY_SERVER_ERROR_SEND_FAILED;
1110 return SECURITY_SERVER_SUCCESS;
1113 /* Send SMACK request message to security server *
1116 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1117 * |---------------------------------------------------------------|
1118 * | version=0x01 |MessageID=0x1d | Message Length = 20 |
1119 * |---------------------------------------------------------------|
1122 * | Cookie (20bytes) |
1125 * |---------------------------------------------------------------|
1127 int send_smack_request(int sock_fd, const char *cookie)
1131 unsigned char buf[sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN];
1133 /* Assemble header */
1134 hdr.version = SECURITY_SERVER_MSG_VERSION;
1135 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SMACK_REQUEST;
1136 hdr.msg_len = SECURITY_SERVER_COOKIE_LEN;
1138 memcpy(buf, &hdr, sizeof(hdr));
1139 memcpy(buf + sizeof(hdr), cookie, SECURITY_SERVER_COOKIE_LEN);
1142 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1143 if (retval == SECURITY_SERVER_ERROR_POLL)
1145 SEC_SVR_ERR("%s", "poll() error");
1146 return SECURITY_SERVER_ERROR_SEND_FAILED;
1148 if (retval == SECURITY_SERVER_ERROR_TIMEOUT)
1150 SEC_SVR_ERR("%s", "poll() timeout");
1151 return SECURITY_SERVER_ERROR_SEND_FAILED;
1154 /* Send to server */
1155 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, sizeof(buf)));
1156 if (retval < sizeof(buf))
1159 SEC_SVR_ERR("Error on write(): %d", retval);
1160 return SECURITY_SERVER_ERROR_SEND_FAILED;
1162 return SECURITY_SERVER_SUCCESS;
1166 //MSG_ID: 0x1f (SECURITY_SERVER_MSG_TYPE_CHECK_PID_PRIVILEGE_REQUEST)
1167 //DATA_SIZE: strlen(object) + 1 + strlen(access_rights) + 1
1168 int send_pid_privilege_request(int sockfd, int pid, const char *object, const char *access_rights)
1179 SEC_SVR_ERR("%s", "Error input param");
1180 retval = SECURITY_SERVER_ERROR_INPUT_PARAM;
1184 if (object == NULL) {
1185 SEC_SVR_ERR("%s", "Error input param");
1186 retval = SECURITY_SERVER_ERROR_INPUT_PARAM;
1191 //+1 for the '\0' at string end
1193 message_size = sizeof(int) + strlen(object) + 1 + strlen(access_rights) + 1;
1194 buff = (char*)malloc(message_size + sizeof(hdr));
1196 SEC_SVR_ERR("%s", "malloc() error");
1197 retval = SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1202 bzero(buff, message_size + sizeof(hdr));
1205 hdr.version = SECURITY_SERVER_MSG_VERSION;
1207 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_CHECK_PID_PRIVILEGE_REQUEST;
1208 //set message size without header (data size)
1209 hdr.msg_len = message_size;
1211 //copy message fields to buffer
1213 memcpy(&buff[offset], &hdr, sizeof(hdr));
1214 offset += sizeof(hdr);
1216 memcpy(&buff[offset], &pid, sizeof(pid));
1217 offset += sizeof(pid);
1218 //add *object with NULL at the end
1219 memcpy(&buff[offset], object, strlen(object));
1220 offset += strlen(object);
1223 //add *access_rights with NULL at the end
1224 memcpy(&buff[offset], access_rights, strlen(access_rights));
1225 offset += strlen(access_rights);
1229 retval = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1230 if (retval == SECURITY_SERVER_ERROR_POLL) {
1231 SEC_SVR_ERR("%s", "poll() error");
1232 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1235 if (retval == SECURITY_SERVER_ERROR_TIMEOUT) {
1236 SEC_SVR_ERR("%s", "poll() timeout");
1237 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1242 retval = TEMP_FAILURE_RETRY(write(sockfd, buff, message_size + sizeof(hdr)));
1243 if (retval < message_size) {
1245 SEC_SVR_ERR("Error on write(): %d", retval);
1246 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1249 retval = SECURITY_SERVER_SUCCESS;
1257 /* Send PID check request message to security server *
1260 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1261 * |---------------------------------------------------------------|
1262 * | version=0x01 |MessageID=0x09 | Message Length = 20 |
1263 * |---------------------------------------------------------------|
1266 * | Cookie (20bytes) |
1269 * |---------------------------------------------------------------|
1271 int send_pid_request(int sock_fd, const char *cookie)
1275 unsigned char buf[sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN];
1277 /* Assemble header */
1278 hdr.version = SECURITY_SERVER_MSG_VERSION;
1279 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_PID_REQUEST;
1280 hdr.msg_len = SECURITY_SERVER_COOKIE_LEN;
1282 memcpy(buf, &hdr, sizeof(hdr));
1283 memcpy(buf + sizeof(hdr), cookie, SECURITY_SERVER_COOKIE_LEN);
1286 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1287 if (retval == SECURITY_SERVER_ERROR_POLL)
1289 SEC_SVR_ERR("%s", "poll() error");
1290 return SECURITY_SERVER_ERROR_SEND_FAILED;
1292 if (retval == SECURITY_SERVER_ERROR_TIMEOUT)
1294 SEC_SVR_ERR("%s", "poll() timeout");
1295 return SECURITY_SERVER_ERROR_SEND_FAILED;
1298 /* Send to server */
1299 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, sizeof(buf)));
1300 if (retval < sizeof(buf))
1303 SEC_SVR_ERR("Error on write(): %d", retval);
1304 return SECURITY_SERVER_ERROR_SEND_FAILED;
1306 return SECURITY_SERVER_SUCCESS;
1310 /* Send debug tool launch request message to security server *
1313 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1314 * |---------------------------------------------------------------|
1315 * | version=0x01 |MessageID=0x0b | Message Length |
1316 * |---------------------------------------------------------------|
1317 * | total # of args |
1318 * |---------------------------------------------------------------|
1319 * | 1st argv length |
1320 * |---------------------------------------------------------------|
1324 * |---------------------------------------------------------------|
1325 * | 2nd argv length |
1326 * |---------------------------------------------------------------|
1330 * |---------------------------------------------------------------|
1332 * |---------------------------------------------------------------|
1333 * | nth argv length |
1334 * |---------------------------------------------------------------|
1338 * |---------------------------------------------------------------|
1340 int send_launch_tool_request(int sock_fd, int argc, const char **argv)
1343 int retval, total_length = 0, ptr, i, tempnum;
1344 unsigned char *buf = NULL;
1346 for (i = 0; i < argc; i++)
1348 if (argv[i] == NULL)
1350 SEC_SVR_ERR("Error: %dth argv is NULL", i);
1351 return SECURITY_SERVER_ERROR_INPUT_PARAM;
1353 total_length += strlen(argv[i]);
1356 if (total_length < 1)
1358 SEC_SVR_ERR("Error: There is a problem in argv. [%d]", total_length);
1359 return SECURITY_SERVER_ERROR_INPUT_PARAM;
1361 total_length += sizeof(hdr) + sizeof(int) + (argc * sizeof(int));
1363 if (total_length > 0xffff)
1365 SEC_SVR_ERR("Buffer overflow. too big payload. [%d]", total_length);
1366 return SECURITY_SERVER_ERROR_INPUT_PARAM;
1369 buf = malloc(total_length);
1372 SEC_SVR_ERR("%s", "Error: failed to malloc()");
1373 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1376 /* Assemble header */
1377 hdr.version = SECURITY_SERVER_MSG_VERSION;
1378 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_TOOL_REQUEST;
1379 hdr.msg_len = (unsigned short)total_length;
1380 memcpy(buf, &hdr, sizeof(hdr));
1382 memcpy(buf + ptr, &argc, sizeof(int));
1385 /* Assemple each argv length and value */
1386 for (i = 0; i < argc; i++)
1388 tempnum = strlen(argv[i]);
1389 memcpy(buf + ptr, &tempnum, sizeof(int));
1391 memcpy(buf + ptr, argv[i], tempnum);
1396 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1397 if (retval == SECURITY_SERVER_ERROR_POLL)
1399 SEC_SVR_ERR("%s", "poll() error");
1400 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1403 if (retval == SECURITY_SERVER_ERROR_TIMEOUT)
1405 SEC_SVR_ERR("%s", "poll() timeout");
1406 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1410 /* Send to server */
1411 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, total_length));
1412 if (retval < sizeof(buf))
1415 SEC_SVR_ERR("Error on write(): %d", retval);
1416 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1419 retval = SECURITY_SERVER_SUCCESS;
1427 /* Send validate password request message to security server *
1430 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1431 * |---------------------------------------------------------------|
1432 * | version=0x01 |MessageID=0x0d | Message Length |
1433 * |---------------------------------------------------------------|
1435 int send_valid_pwd_request(int sock_fd)
1440 hdr.version = SECURITY_SERVER_MSG_VERSION;
1441 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_VALID_PWD_REQUEST;
1445 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1446 if (retval == SECURITY_SERVER_ERROR_POLL)
1448 SEC_SVR_ERR("%s", "poll() error");
1449 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1452 if (retval == SECURITY_SERVER_ERROR_TIMEOUT)
1454 SEC_SVR_ERR("%s", "poll() timeout");
1455 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1459 /* Send to server */
1460 retval = TEMP_FAILURE_RETRY(write(sock_fd, &hdr, sizeof(hdr)));
1461 if (retval < sizeof(hdr))
1464 SEC_SVR_ERR("Error on write(): %d", retval);
1465 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1468 retval = SECURITY_SERVER_SUCCESS;
1474 /* Send password set request message to security server *
1477 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1478 * |---------------------------------------------------------------|
1479 * | version=0x01 |MessageID=0x0f | Message Length |
1480 * |---------------------------------------------------------------|
1481 * | cur_pwd_len | new_pwd_len | |
1482 * |-------------------------------- |
1484 * |---------------------------------------------------------------|
1488 * |---------------------------------------------------------------|
1490 * |---------------------------------------------------------------|
1492 * |---------------------------------------------------------------|
1494 int send_set_pwd_request(int sock_fd,
1495 const char *cur_pwd,
1496 const char *new_pwd,
1497 const unsigned int max_challenge,
1498 const unsigned int valid_period_in_days)
1501 int retval, total_length = 0, ptr;
1502 unsigned char *buf = NULL, cur_pwd_len, new_pwd_len;
1504 if (cur_pwd == NULL)
1507 cur_pwd_len = strlen(cur_pwd);
1508 new_pwd_len = strlen(new_pwd);
1510 total_length += sizeof(hdr) + sizeof(char) + sizeof(char) + cur_pwd_len
1511 + new_pwd_len + sizeof(unsigned int) + sizeof(unsigned int);
1513 buf = malloc(total_length);
1516 SEC_SVR_ERR("%s", "Error: failed to malloc()");
1517 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1520 /* Assemble header */
1521 hdr.version = SECURITY_SERVER_MSG_VERSION;
1522 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SET_PWD_REQUEST;
1523 hdr.msg_len = (unsigned short)total_length;
1524 memcpy(buf, &hdr, sizeof(hdr));
1526 memcpy(buf + ptr, &cur_pwd_len, sizeof(char));
1527 ptr += sizeof(char);
1528 memcpy(buf + ptr, &new_pwd_len, sizeof(char));
1529 ptr += sizeof(char);
1530 if (cur_pwd != NULL)
1532 memcpy(buf + ptr, cur_pwd, cur_pwd_len);
1535 memcpy(buf + ptr, new_pwd, new_pwd_len);
1537 memcpy(buf + ptr, &max_challenge, sizeof(unsigned int));
1538 ptr += sizeof(unsigned int);
1539 memcpy(buf + ptr, &valid_period_in_days, sizeof(unsigned int));
1542 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1543 if (retval == SECURITY_SERVER_ERROR_POLL)
1545 SEC_SVR_ERR("%s", "poll() error");
1546 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1549 if (retval == SECURITY_SERVER_ERROR_TIMEOUT)
1551 SEC_SVR_ERR("%s", "poll() timeout");
1552 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1556 /* Send to server */
1557 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, total_length));
1558 if (retval < sizeof(buf))
1561 SEC_SVR_ERR("Error on write(): %d", retval);
1562 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1565 retval = SECURITY_SERVER_SUCCESS;
1573 /* Send password validity change request message to security server *
1576 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1577 * |---------------------------------------------------------------|
1578 * | version=0x01 |MessageID=0x0f | Message Length |
1579 * |---------------------------------------------------------------|
1581 * |---------------------------------------------------------------|
1583 int send_set_pwd_validity_request(int sock_fd, const unsigned int valid_period_in_days)
1586 int retval, total_length = 0, ptr;
1587 unsigned char *buf = NULL;
1589 total_length = sizeof(hdr) + sizeof(unsigned int);
1591 buf = malloc(total_length);
1594 SEC_SVR_ERR("%s", "Error: failed to malloc()");
1595 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1598 /* Assemble header */
1599 hdr.version = SECURITY_SERVER_MSG_VERSION;
1600 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SET_PWD_VALIDITY_REQUEST;
1601 hdr.msg_len = (unsigned short)total_length;
1602 memcpy(buf, &hdr, sizeof(hdr));
1604 memcpy(buf + ptr, &valid_period_in_days, sizeof(unsigned int));
1607 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1608 if (retval == SECURITY_SERVER_ERROR_POLL)
1610 SEC_SVR_ERR("%s", "poll() error");
1611 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1614 if (retval == SECURITY_SERVER_ERROR_TIMEOUT)
1616 SEC_SVR_ERR("%s", "poll() timeout");
1617 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1621 /* Send to server */
1622 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, total_length));
1623 if (retval < sizeof(buf))
1626 SEC_SVR_ERR("Error on write(): %d", retval);
1627 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1630 retval = SECURITY_SERVER_SUCCESS;
1638 /* Send password max challenge request message to security server *
1641 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1642 * |---------------------------------------------------------------|
1643 * | version=0x01 |MessageID=0x0f | Message Length |
1644 * |---------------------------------------------------------------|
1646 * |---------------------------------------------------------------|
1648 int send_set_pwd_max_challenge_request(int sock_fd, const unsigned int max_challenge)
1651 int retval, total_length = 0, ptr;
1652 unsigned char *buf = NULL;
1654 total_length = sizeof(hdr) + sizeof(unsigned int);
1656 buf = malloc(total_length);
1659 SEC_SVR_ERR("%s", "Error: failed to malloc()");
1660 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1663 /* Assemble header */
1664 hdr.version = SECURITY_SERVER_MSG_VERSION;
1665 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SET_PWD_MAX_CHALLENGE_REQUEST;
1666 hdr.msg_len = (unsigned short)total_length;
1667 memcpy(buf, &hdr, sizeof(hdr));
1669 memcpy(buf + ptr, &max_challenge, sizeof(unsigned int));
1672 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1673 if (retval == SECURITY_SERVER_ERROR_POLL)
1675 SEC_SVR_ERR("%s", "poll() error");
1676 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1679 if (retval == SECURITY_SERVER_ERROR_TIMEOUT)
1681 SEC_SVR_ERR("%s", "poll() timeout");
1682 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1686 /* Send to server */
1687 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, total_length));
1688 if (retval < sizeof(buf))
1691 SEC_SVR_ERR("Error on write(): %d", retval);
1692 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1695 retval = SECURITY_SERVER_SUCCESS;
1703 /* Send password reset request message to security server *
1706 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1707 * |---------------------------------------------------------------|
1708 * | version=0x01 |MessageID=0x11 | Message Length |
1709 * |---------------------------------------------------------------|
1711 * |---------------------------------------------------------------|
1715 * |---------------------------------------------------------------|
1717 * |---------------------------------------------------------------|
1719 * |---------------------------------------------------------------|
1721 int send_reset_pwd_request(int sock_fd,
1722 const char *new_pwd,
1723 const unsigned int max_challenge,
1724 const unsigned int valid_period_in_days)
1727 int retval, total_length = 0, ptr;
1728 unsigned char *buf = NULL, new_pwd_len;
1730 new_pwd_len = strlen(new_pwd);
1732 total_length += sizeof(hdr) + sizeof(char) + new_pwd_len + sizeof(unsigned int) +
1733 sizeof(unsigned int);
1735 buf = malloc(total_length);
1738 SEC_SVR_ERR("%s", "Error: failed to malloc()");
1739 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1742 /* Assemble header */
1743 hdr.version = SECURITY_SERVER_MSG_VERSION;
1744 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_RESET_PWD_REQUEST;
1745 hdr.msg_len = (unsigned short)total_length;
1746 memcpy(buf, &hdr, sizeof(hdr));
1748 memcpy(buf + ptr, &new_pwd_len, sizeof(char));
1749 ptr += sizeof(char);
1750 memcpy(buf + ptr, new_pwd, new_pwd_len);
1752 memcpy(buf + ptr, &max_challenge, sizeof(unsigned int));
1753 ptr += sizeof(unsigned int);
1754 memcpy(buf + ptr, &valid_period_in_days, sizeof(unsigned int));
1757 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1758 if (retval == SECURITY_SERVER_ERROR_POLL)
1760 SEC_SVR_ERR("%s", "poll() error");
1761 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1764 if (retval == SECURITY_SERVER_ERROR_TIMEOUT)
1766 SEC_SVR_ERR("%s", "poll() timeout");
1767 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1771 /* Send to server */
1772 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, total_length));
1773 if (retval < sizeof(buf))
1776 SEC_SVR_ERR("Error on write(): %d", retval);
1777 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1780 retval = SECURITY_SERVER_SUCCESS;
1788 /* Send password check request message to security server *
1791 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1792 * |---------------------------------------------------------------|
1793 * | version=0x01 |MessageID=0x13 | Message Length |
1794 * |---------------------------------------------------------------|
1795 * | challenge_len | |
1796 * |--------------- |
1798 * |---------------------------------------------------------------|
1800 int send_chk_pwd_request(int sock_fd, const char *challenge)
1803 int retval, total_length = 0, ptr;
1804 unsigned char *buf = NULL, challenge_len;
1806 challenge_len = strlen(challenge);
1808 total_length += sizeof(hdr) + sizeof(char) + challenge_len;
1810 buf = malloc(total_length);
1813 SEC_SVR_ERR("%s", "Error: failed to malloc()");
1814 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1817 /* Assemble header */
1818 hdr.version = SECURITY_SERVER_MSG_VERSION;
1819 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_CHK_PWD_REQUEST;
1820 hdr.msg_len = (unsigned short)total_length;
1821 memcpy(buf, &hdr, sizeof(hdr));
1823 memcpy(buf + ptr, &challenge_len, sizeof(char));
1824 ptr += sizeof(char);
1825 memcpy(buf + ptr, challenge, challenge_len);
1826 ptr += sizeof(char);
1829 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1830 if (retval == SECURITY_SERVER_ERROR_POLL)
1832 SEC_SVR_ERR("%s", "poll() error");
1833 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1836 if (retval == SECURITY_SERVER_ERROR_TIMEOUT)
1838 SEC_SVR_ERR("%s", "poll() timeout");
1839 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1843 /* Send to server */
1844 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, total_length));
1845 if (retval < sizeof(buf))
1848 SEC_SVR_ERR("Error on write(): %d", retval);
1849 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1852 retval = SECURITY_SERVER_SUCCESS;
1860 /* Send password history set request message to security server *
1863 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1864 * |---------------------------------------------------------------|
1865 * | version=0x01 |MessageID=0x15 | Message Length |
1866 * |---------------------------------------------------------------|
1870 int send_set_pwd_history_request(int sock_fd, int num)
1873 int retval, total_length = 0, ptr;
1874 unsigned char history;
1875 unsigned char buf[sizeof(hdr) + sizeof(history)];
1877 total_length = sizeof(hdr) + sizeof(char);
1878 history = (unsigned char) num;
1880 /* Assemble header */
1881 hdr.version = SECURITY_SERVER_MSG_VERSION;
1882 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SET_PWD_HISTORY_REQUEST;
1883 hdr.msg_len = (unsigned short)total_length;
1884 memcpy(buf, &hdr, sizeof(hdr));
1886 memcpy(buf + ptr, &history, sizeof(char));
1887 ptr += sizeof(char);
1890 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1891 if (retval == SECURITY_SERVER_ERROR_POLL)
1893 SEC_SVR_ERR("%s", "poll() error");
1894 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1897 if (retval == SECURITY_SERVER_ERROR_TIMEOUT)
1899 SEC_SVR_ERR("%s", "poll() timeout");
1900 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1904 /* Send to server */
1905 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, ptr));
1906 if (retval < sizeof(buf))
1909 SEC_SVR_ERR("Error on write(): %d", retval);
1910 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1913 retval = SECURITY_SERVER_SUCCESS;
1919 /* Receive request header */
1920 int recv_hdr(int client_sockfd, basic_header *basic_hdr)
1925 retval = check_socket_poll(client_sockfd, POLLIN, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1926 if (retval == SECURITY_SERVER_ERROR_POLL)
1928 SEC_SVR_ERR("%s", "poll() error");
1929 return SECURITY_SERVER_ERROR_SOCKET;
1931 if (retval == SECURITY_SERVER_ERROR_TIMEOUT)
1933 SEC_SVR_ERR("%s", "poll() timeout");
1934 return SECURITY_SERVER_ERROR_TIMEOUT;
1937 /* Receive request header first */
1938 retval = TEMP_FAILURE_RETRY(read(client_sockfd, basic_hdr, sizeof(basic_header)));
1939 if (retval < sizeof(basic_header))
1941 SEC_SVR_ERR("read failed. closing socket %d", retval);
1942 return SECURITY_SERVER_ERROR_RECV_FAILED;
1945 /* Validate header */
1946 retval = validate_header(*basic_hdr);
1951 /* Receive check privilege request packet body */
1952 int recv_check_privilege_request(int sockfd, unsigned char *requested_cookie, int *requested_privilege)
1955 retval = TEMP_FAILURE_RETRY(read(sockfd, requested_cookie, SECURITY_SERVER_COOKIE_LEN));
1956 if (retval < SECURITY_SERVER_COOKIE_LEN)
1958 SEC_SVR_ERR("Received cookie size is too small: %d", retval);
1959 return SECURITY_SERVER_ERROR_RECV_FAILED;
1962 retval = TEMP_FAILURE_RETRY(read(sockfd, requested_privilege, sizeof(int)));
1963 if (retval < sizeof(int))
1965 SEC_SVR_ERR("privilege size is too small: %d", retval);
1966 return SECURITY_SERVER_ERROR_RECV_FAILED;
1968 return SECURITY_SERVER_SUCCESS;
1971 /* Receive check privilege request packet body (new mode)*/
1972 int recv_check_privilege_new_request(int sockfd,
1973 unsigned char *requested_cookie,
1975 char *access_rights)
1980 retval = TEMP_FAILURE_RETRY(read(sockfd, requested_cookie, SECURITY_SERVER_COOKIE_LEN));
1981 if (retval < SECURITY_SERVER_COOKIE_LEN)
1983 SEC_SVR_ERR("Received cookie size is too small: %d", retval);
1984 return SECURITY_SERVER_ERROR_RECV_FAILED;
1987 retval = TEMP_FAILURE_RETRY(read(sockfd, &olen, sizeof(int)));
1988 if (retval < sizeof(int) || olen < 0 || olen > MAX_OBJECT_LABEL_LEN)
1990 SEC_SVR_ERR("error reading object_label len: %d", retval);
1991 return SECURITY_SERVER_ERROR_RECV_FAILED;
1994 retval = TEMP_FAILURE_RETRY(read(sockfd, &alen, sizeof(int)));
1995 if (retval < sizeof(int) || alen < 0 || alen > MAX_MODE_STR_LEN)
1997 SEC_SVR_ERR("error reading access_rights len: %d", retval);
1998 return SECURITY_SERVER_ERROR_RECV_FAILED;
2001 retval = TEMP_FAILURE_RETRY(read(sockfd, object_label, olen));
2004 SEC_SVR_ERR("error reading object_label: %d", retval);
2005 return SECURITY_SERVER_ERROR_RECV_FAILED;
2007 object_label[olen] = '\0';
2009 retval = TEMP_FAILURE_RETRY(read(sockfd, access_rights, alen));
2012 SEC_SVR_ERR("error reading access_rights: %d", retval);
2013 return SECURITY_SERVER_ERROR_RECV_FAILED;
2015 access_rights[alen] = '\0';
2017 return SECURITY_SERVER_SUCCESS;
2020 /* Receive pid request packet body */
2021 int recv_pid_request(int sockfd, unsigned char *requested_cookie)
2024 retval = TEMP_FAILURE_RETRY(read(sockfd, requested_cookie, SECURITY_SERVER_COOKIE_LEN));
2025 if (retval < SECURITY_SERVER_COOKIE_LEN)
2027 SEC_SVR_ERR("Received cookie size is too small: %d", retval);
2028 return SECURITY_SERVER_ERROR_RECV_FAILED;
2030 return SECURITY_SERVER_SUCCESS;
2033 /* receiving cookie from package */
2034 int recv_smack_request(int sockfd, unsigned char *requested_cookie)
2037 retval = TEMP_FAILURE_RETRY(read(sockfd, requested_cookie, SECURITY_SERVER_COOKIE_LEN));
2038 if (retval < SECURITY_SERVER_COOKIE_LEN)
2040 SEC_SVR_ERR("Received cookie size is too small: %d", retval);
2041 return SECURITY_SERVER_ERROR_RECV_FAILED;
2043 return SECURITY_SERVER_SUCCESS;
2046 int recv_pid_privilege_request(int sockfd, int datasize, int *pid, char **object, char **access_rights)
2050 int object_size = 0;
2051 int access_rights_size = 0;
2053 buff = (char*)malloc(datasize);
2055 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
2057 //receive all data to buffer
2058 retval = TEMP_FAILURE_RETRY(read(sockfd, buff, datasize));
2059 if (retval < datasize) {
2060 SEC_SVR_ERR("Received data size is too small: %d / %d", retval, datasize);
2061 retval = SECURITY_SERVER_ERROR_RECV_FAILED;
2066 memcpy(pid, buff, sizeof(int));
2069 while (buff[sizeof(int) + object_size] != '\0') {
2072 if (object_size > datasize) {
2073 SEC_SVR_ERR("%s", "Wrong object_size");
2074 retval = SECURITY_SERVER_ERROR_UNKNOWN;
2078 object_size++; //for '\0' at end
2080 *object = (char*)malloc(object_size);
2081 memcpy(*object, buff + sizeof(int), object_size);
2084 access_rights_size = datasize - object_size - sizeof(int);
2085 *access_rights = (char*)malloc(access_rights_size);
2086 memcpy(*access_rights, buff + sizeof(int) + object_size, access_rights_size);
2088 SEC_SVR_DBG("%s %d", "Received PID:", *pid);
2089 SEC_SVR_DBG("%s %s", "Received object:", *object);
2090 SEC_SVR_DBG("%s %s", "Received privileges:", *access_rights);
2092 retval = SECURITY_SERVER_SUCCESS;
2101 /* Receive pid request packet body */
2102 /* Table argv and content will be freed by function caller */
2103 int recv_launch_tool_request(int sockfd, int argc, char *argv[])
2105 int retval, i, argv_len;
2107 argv[0] = malloc(strlen(SECURITY_SERVER_DEBUG_TOOL_PATH) + 1);
2108 strncpy(argv[0], SECURITY_SERVER_DEBUG_TOOL_PATH, (strlen(SECURITY_SERVER_DEBUG_TOOL_PATH) + 1));
2110 for (i = 1; i < argc; i++)
2112 retval = TEMP_FAILURE_RETRY(read(sockfd, &argv_len, sizeof(int)));
2113 if (retval < sizeof(int))
2115 SEC_SVR_ERR("Error: argv length recieve failed: %d", retval);
2116 return SECURITY_SERVER_ERROR_RECV_FAILED;
2119 if (argv_len <= 0 || argv_len >= INT_MAX)
2121 SEC_SVR_ERR("Error: argv length out of boundaries");
2122 return SECURITY_SERVER_ERROR_RECV_FAILED;
2125 argv[i] = malloc(argv_len + 1);
2126 if (argv[i] == NULL)
2128 SEC_SVR_ERR("Error: malloc() failed: %d", retval);
2129 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
2132 memset(argv[i], 0x00, argv_len + 1);
2133 retval = TEMP_FAILURE_RETRY(read(sockfd, argv[i], argv_len));
2134 if (retval < argv_len)
2136 SEC_SVR_ERR("Error: argv recieve failed: %d", retval);
2137 return SECURITY_SERVER_ERROR_RECV_FAILED;
2141 return SECURITY_SERVER_SUCCESS;
2144 int recv_generic_response(int sockfd, response_header *hdr)
2149 retval = check_socket_poll(sockfd, POLLIN, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
2150 if (retval == SECURITY_SERVER_ERROR_POLL)
2152 SEC_SVR_ERR("%s", "Client: poll() error");
2153 return SECURITY_SERVER_ERROR_RECV_FAILED;
2155 if (retval == SECURITY_SERVER_ERROR_TIMEOUT)
2157 SEC_SVR_ERR("%s", "Client: poll() timeout");
2158 return SECURITY_SERVER_ERROR_RECV_FAILED;
2161 /* Receive response */
2162 retval = TEMP_FAILURE_RETRY(read(sockfd, hdr, sizeof(response_header)));
2163 if (retval < sizeof(response_header))
2165 /* Error on socket */
2166 SEC_SVR_ERR("Client: Receive failed %d", retval);
2167 return SECURITY_SERVER_ERROR_RECV_FAILED;
2170 if (hdr->return_code != SECURITY_SERVER_RETURN_CODE_SUCCESS)
2173 * SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_REQUEST
2174 * SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_RESPONSE
2175 * are not errors but warnings
2177 SEC_SVR_WRN("Client: return code is not success: %d", hdr->return_code);
2178 return return_code_to_error_code(hdr->return_code);
2180 return SECURITY_SERVER_SUCCESS;
2183 int recv_get_gid_response(int sockfd, response_header *hdr, int *gid)
2187 retval = recv_generic_response(sockfd, hdr);
2188 if (retval != SECURITY_SERVER_SUCCESS)
2189 return return_code_to_error_code(hdr->return_code);
2191 retval = TEMP_FAILURE_RETRY(read(sockfd, gid, sizeof(int)));
2192 if (retval < sizeof(int))
2194 /* Error on socket */
2195 SEC_SVR_ERR("Receive failed %d", retval);
2196 return SECURITY_SERVER_ERROR_RECV_FAILED;
2198 return SECURITY_SERVER_SUCCESS;
2201 int recv_get_object_name(int sockfd, response_header *hdr, char *object, int max_object_size)
2204 char *local_obj_name = NULL;
2207 retval = check_socket_poll(sockfd, POLLIN, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
2208 if (retval == SECURITY_SERVER_ERROR_POLL)
2210 SEC_SVR_ERR("%s", "poll() error");
2211 return SECURITY_SERVER_ERROR_RECV_FAILED;
2213 if (retval == SECURITY_SERVER_ERROR_TIMEOUT)
2215 SEC_SVR_ERR("%s", "poll() timeout");
2216 return SECURITY_SERVER_ERROR_RECV_FAILED;
2220 retval = TEMP_FAILURE_RETRY(read(sockfd, hdr, sizeof(response_header)));
2221 if (retval < sizeof(response_header))
2223 /* Error on socket */
2224 SEC_SVR_ERR("cannot recv respons: %d", retval);
2225 return SECURITY_SERVER_ERROR_RECV_FAILED;
2228 if (hdr->return_code == SECURITY_SERVER_RETURN_CODE_SUCCESS)
2230 if (max_object_size < hdr->basic_hdr.msg_len)
2232 SEC_SVR_ERR("Object name is too small need %d bytes, but %d bytes", hdr->basic_hdr.msg_len, max_object_size);
2233 return SECURITY_SERVER_ERROR_BUFFER_TOO_SMALL;
2235 if (hdr->basic_hdr.msg_len > SECURITY_SERVER_MAX_OBJ_NAME)
2237 SEC_SVR_ERR("Received object name is too big. %d", hdr->basic_hdr.msg_len);
2238 return SECURITY_SERVER_ERROR_BAD_RESPONSE;
2241 local_obj_name = malloc(hdr->basic_hdr.msg_len + 1);
2242 if (local_obj_name == NULL)
2244 SEC_SVR_ERR("%s", "Out of memory error");
2245 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
2248 retval = TEMP_FAILURE_RETRY(read(sockfd, local_obj_name, hdr->basic_hdr.msg_len));
2249 if (retval < (hdr->basic_hdr.msg_len))
2251 /* Error on socket */
2252 SEC_SVR_ERR("read() failed: %d", retval);
2253 if (local_obj_name != NULL)
2254 free(local_obj_name);
2255 return SECURITY_SERVER_ERROR_RECV_FAILED;
2257 memcpy(object, local_obj_name, hdr->basic_hdr.msg_len);
2258 object[hdr->basic_hdr.msg_len] = 0;
2259 retval = SECURITY_SERVER_SUCCESS;
2263 SEC_SVR_ERR("Error received. return code: %d", hdr->return_code);
2264 retval = return_code_to_error_code(hdr->return_code);
2268 if (local_obj_name != NULL)
2269 free(local_obj_name);
2270 return SECURITY_SERVER_SUCCESS;
2273 int recv_cookie(int sockfd, response_header *hdr, char *cookie)
2277 retval = recv_generic_response(sockfd, hdr);
2278 if (retval != SECURITY_SERVER_SUCCESS)
2279 return return_code_to_error_code(hdr->return_code);
2281 retval = TEMP_FAILURE_RETRY(read(sockfd, cookie, SECURITY_SERVER_COOKIE_LEN));
2282 if (retval < SECURITY_SERVER_COOKIE_LEN)
2284 /* Error on socket */
2285 SEC_SVR_ERR("read() failed: %d", retval);
2286 return SECURITY_SERVER_ERROR_RECV_FAILED;
2288 return SECURITY_SERVER_SUCCESS;
2291 int recv_privilege_check_response(int sockfd, response_header *hdr)
2295 retval = recv_generic_response(sockfd, hdr);
2296 if (hdr->return_code != SECURITY_SERVER_RETURN_CODE_ACCESS_GRANTED &&
2297 hdr->return_code != SECURITY_SERVER_RETURN_CODE_ACCESS_DENIED)
2299 SEC_SVR_ERR("response error: %d", hdr->return_code);
2300 return return_code_to_error_code(hdr->return_code);
2302 return SECURITY_SERVER_SUCCESS;
2305 int recv_privilege_check_new_response(int sockfd, response_header *hdr)
2309 retval = recv_generic_response(sockfd, hdr);
2310 if (hdr->return_code != SECURITY_SERVER_RETURN_CODE_ACCESS_GRANTED &&
2311 hdr->return_code != SECURITY_SERVER_RETURN_CODE_ACCESS_DENIED)
2313 SEC_SVR_ERR("response error: %d", hdr->return_code);
2314 return return_code_to_error_code(hdr->return_code);
2316 return SECURITY_SERVER_SUCCESS;
2319 int recv_smack_response(int sockfd, response_header *hdr, char *label)
2323 retval = recv_generic_response(sockfd, hdr);
2324 if (retval != SECURITY_SERVER_SUCCESS)
2325 return return_code_to_error_code(hdr->return_code);
2327 retval = TEMP_FAILURE_RETRY(read(sockfd, label, SMACK_LABEL_LEN + 1));
2328 if (retval < sizeof(int))
2330 /* Error on socket */
2331 SEC_SVR_ERR("Client: Receive failed %d", retval);
2332 return SECURITY_SERVER_ERROR_RECV_FAILED;
2334 return SECURITY_SERVER_SUCCESS;
2337 int recv_pid_privilege_response(int sockfd, response_header *hdr)
2341 retval = recv_generic_response(sockfd, hdr);
2343 if (retval != SECURITY_SERVER_SUCCESS)
2344 return return_code_to_error_code(hdr->return_code);
2346 return SECURITY_SERVER_SUCCESS;
2349 int recv_pid_response(int sockfd, response_header *hdr, int *pid)
2353 retval = recv_generic_response(sockfd, hdr);
2354 if (retval != SECURITY_SERVER_SUCCESS)
2355 return return_code_to_error_code(hdr->return_code);
2357 retval = TEMP_FAILURE_RETRY(read(sockfd, pid, sizeof(int)));
2358 if (retval < sizeof(int))
2360 /* Error on socket */
2361 SEC_SVR_ERR("Client: Receive failed %d", retval);
2362 return SECURITY_SERVER_ERROR_RECV_FAILED;
2364 return SECURITY_SERVER_SUCCESS;
2367 int recv_pwd_response(int sockfd, response_header *hdr,
2368 unsigned int *current_attempts,
2369 unsigned int *max_attempts,
2370 unsigned int *valid_secs)
2373 *current_attempts = 0;
2377 retval = recv_generic_response(sockfd, hdr);
2381 case SECURITY_SERVER_ERROR_PASSWORD_EXIST:
2382 case SECURITY_SERVER_ERROR_NO_PASSWORD:
2383 case SECURITY_SERVER_ERROR_PASSWORD_MISMATCH:
2384 case SECURITY_SERVER_ERROR_PASSWORD_RETRY_TIMER:
2385 case SECURITY_SERVER_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED:
2386 case SECURITY_SERVER_ERROR_PASSWORD_EXPIRED:
2387 case SECURITY_SERVER_ERROR_PASSWORD_REUSED:
2388 case SECURITY_SERVER_SUCCESS:
2391 return return_code_to_error_code(hdr->return_code);
2394 retval = TEMP_FAILURE_RETRY(read(sockfd, current_attempts, sizeof(unsigned int)));
2395 if (retval < sizeof(unsigned int))
2397 /* Error on socket */
2398 SEC_SVR_ERR("Client: Receive failed %d", retval);
2399 return SECURITY_SERVER_ERROR_RECV_FAILED;
2401 retval = TEMP_FAILURE_RETRY(read(sockfd, max_attempts, sizeof(unsigned int)));
2402 if (retval < sizeof(unsigned int))
2404 /* Error on socket */
2405 SEC_SVR_ERR("Client: Receive failed %d", retval);
2406 return SECURITY_SERVER_ERROR_RECV_FAILED;
2408 retval = TEMP_FAILURE_RETRY(read(sockfd, valid_secs, sizeof(unsigned int)));
2409 if (retval < sizeof(unsigned int))
2411 /* Error on socket */
2412 SEC_SVR_ERR("Client: Receive failed %d", retval);
2413 return SECURITY_SERVER_ERROR_RECV_FAILED;
2416 //if come here there were no errors
2417 return SECURITY_SERVER_SUCCESS;
2420 /* Authenticate client application *
2421 * Currently it only gets peer's credential information only *
2422 * If we need, we can extend in the futer */
2423 int authenticate_client_application(int sockfd, int *pid, int *uid)
2426 unsigned int cl = sizeof(cr);
2428 /* get PID of socket peer */
2429 if (getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &cr, &cl) != 0)
2431 SEC_SVR_DBG("%s", "getsockopt failed");
2432 return SECURITY_SERVER_ERROR_SOCKET;
2436 return SECURITY_SERVER_SUCCESS;
2439 /* Authenticate the application is middleware daemon
2440 * The middleware must run as root (or middleware user) and the cmd line must be
2441 * pre listed for authentication to succeed */
2442 int authenticate_client_middleware(int sockfd, int *pid)
2445 return authenticate_client_application(sockfd, pid, &uid);
2447 int retval = SECURITY_SERVER_SUCCESS;
2449 unsigned int cl = sizeof(cr);
2451 struct passwd pw, *ppw;
2454 static uid_t middleware_uid = 0;
2458 /* get PID of socket peer */
2459 if (getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &cr, &cl) != 0)
2461 retval = SECURITY_SERVER_ERROR_SOCKET;
2462 SEC_SVR_ERR("%s", "Error on getsockopt");
2466 if (!middleware_uid)
2468 buf_size = sysconf(_SC_GETPW_R_SIZE_MAX);
2472 buf = malloc(buf_size);
2474 /* This test isn't essential, skip it in case of error */
2476 if (getpwnam_r(SECURITY_SERVER_MIDDLEWARE_USER, &pw, buf, buf_size, &ppw) == 0 && ppw)
2477 middleware_uid = pw.pw_uid;
2483 /* Middleware services need to run as root or middleware/app user */
2484 if (cr.uid != 0 && cr.uid != middleware_uid)
2486 retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
2487 SEC_SVR_ERR("Non root process has called API: %d", cr.uid);
2491 /* Read command line of the PID from proc fs */
2492 exe = read_exe_path_from_proc(cr.pid);
2495 /* It's weired. no file in proc file system, */
2496 retval = SECURITY_SERVER_ERROR_FILE_OPERATION;
2497 SEC_SVR_ERR("Error on opening /proc/%d/exe", cr.pid);
2511 /* Get app PID from socked and read its privilege (GID) list
2512 * from /proc/<PID>/status.
2514 * param 1: socket descriptor
2515 * param 2: pointer for hold returned array
2517 * ret: size of array or -1 in case of error
2519 * Notice that user must free space allocated in this function and
2520 * returned by second parameter (int * privileges)
2522 int get_client_gid_list(int sockfd, int **privileges)
2525 //for read socket options
2526 struct ucred socopt;
2527 unsigned int socoptSize = sizeof(socopt);
2528 //buffer for store /proc/<PID>/status filepath
2529 const int PATHSIZE = 24;
2530 char path[PATHSIZE];
2533 //buffer for filelines
2534 const int LINESIZE = 256;
2535 char fileLine[LINESIZE];
2537 char delim[] = ": ";
2544 //read socket options
2545 ret = getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &socopt, &socoptSize);
2548 SEC_SVR_ERR("%s", "Error on getsockopt");
2552 //now we have PID in sockopt.pid
2553 bzero(path, PATHSIZE);
2554 snprintf(path, PATHSIZE, "/proc/%d/status", socopt.pid);
2556 fp = fopen(path, "r");
2559 SEC_SVR_ERR("%s", "Error on fopen");
2563 bzero(fileLine, LINESIZE);
2565 //search for line beginning with "Groups:"
2566 while (strncmp(fileLine, "Groups:", 7) != 0)
2568 if (NULL == fgets(fileLine, LINESIZE, fp))
2570 SEC_SVR_ERR("%s", "Error on fgets");
2578 //now we have "Groups:" line in fileLine[]
2580 strtok(fileLine, delim);
2581 while (token = strtok(NULL, delim))
2584 if (*privileges == NULL)
2587 *privileges = (int*)malloc(sizeof(int) * 1);
2588 if (*privileges == NULL)
2590 SEC_SVR_ERR("%s", "Error on malloc");
2593 (*privileges)[0] = atoi(token);
2597 *privileges = realloc(*privileges, sizeof(int) * (ret + 1));
2598 (*privileges)[ret] = atoi(token);
2604 //check if we found any GIDs for process
2605 if (*privileges == NULL)
2607 SEC_SVR_DBG("%s %d", "No GIDs found for PID:", socopt.pid);
2611 SEC_SVR_DBG("%s %d", "Number of GIDs found:", ret);
2617 int free_argv(char **argv, int argc)
2622 SEC_SVR_ERR("%s", "Cannot free NULL pointer");
2623 return SECURITY_SERVER_ERROR_INPUT_PARAM;
2625 for (i = 0; i < argc; i++)
2627 if (argv[i] != NULL)
2631 return SECURITY_SERVER_SUCCESS;