4 * Copyright (c) 2000 - 2011 Samsung Electronics Co., Ltd All Rights Reserved
6 * Contact: Bumjin Im <bj.im@samsung.com>
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License
25 #include <sys/socket.h>
26 #include <sys/types.h>
27 #include <sys/smack.h>
36 #include "security-server-common.h"
37 #include "security-server-comm.h"
39 void printhex(const unsigned char *data, int size)
47 printf("%X ", data[i]);
48 if(((i+1) % 16) == 0 && i != 0)
54 char *read_cmdline_from_proc(pid_t pid)
58 char *cmdline = NULL, *tempptr = NULL;
61 snprintf(path, sizeof(path), "/proc/%d/cmdline", pid);
63 fp = fopen(path, "r");
66 SEC_SVR_DBG("Cannot open cmdline on pid[%d]", pid);
73 SEC_SVR_DBG("%s", "Out of memory");
78 bzero(cmdline, memsize);
79 if(fgets(cmdline, 32, fp) == NULL)
81 SEC_SVR_DBG("%s", "Cannot read cmdline");
87 while(cmdline[memsize -2] != 0)
89 cmdline[memsize -1] = (char) fgetc(fp);
90 tempptr = realloc(cmdline, memsize + 32);
94 SEC_SVR_DBG("%s", "Out of memory");
98 bzero(cmdline + memsize, 32);
99 fgets(cmdline + memsize, 32, fp);
108 /* Return code in packet is positive integer *
109 * We need to convert them to error code which are negative integer */
110 int return_code_to_error_code(int ret_code)
115 case SECURITY_SERVER_RETURN_CODE_SUCCESS:
116 case SECURITY_SERVER_RETURN_CODE_ACCESS_GRANTED:
117 ret = SECURITY_SERVER_SUCCESS;
119 case SECURITY_SERVER_RETURN_CODE_BAD_REQUEST:
120 ret = SECURITY_SERVER_ERROR_BAD_REQUEST;
122 case SECURITY_SERVER_RETURN_CODE_AUTHENTICATION_FAILED:
123 ret = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
125 case SECURITY_SERVER_RETURN_CODE_ACCESS_DENIED:
126 ret = SECURITY_SERVER_ERROR_ACCESS_DENIED;
128 case SECURITY_SERVER_RETURN_CODE_NO_SUCH_OBJECT:
129 ret = SECURITY_SERVER_ERROR_NO_SUCH_OBJECT;
131 case SECURITY_SERVER_RETURN_CODE_SERVER_ERROR:
132 ret = SECURITY_SERVER_ERROR_SERVER_ERROR;
134 case SECURITY_SERVER_RETURN_CODE_NO_SUCH_COOKIE:
135 ret = SECURITY_SERVER_ERROR_NO_SUCH_COOKIE;
137 case SECURITY_SERVER_RETURN_CODE_NO_PASSWORD:
138 ret = SECURITY_SERVER_ERROR_NO_PASSWORD;
140 case SECURITY_SERVER_RETURN_CODE_PASSWORD_EXIST:
141 ret = SECURITY_SERVER_ERROR_PASSWORD_EXIST;
143 case SECURITY_SERVER_RETURN_CODE_PASSWORD_MISMATCH:
144 ret = SECURITY_SERVER_ERROR_PASSWORD_MISMATCH;
146 case SECURITY_SERVER_RETURN_CODE_PASSWORD_RETRY_TIMER:
147 ret = SECURITY_SERVER_ERROR_PASSWORD_RETRY_TIMER;
149 case SECURITY_SERVER_RETURN_CODE_PASSWORD_EXPIRED:
150 ret = SECURITY_SERVER_ERROR_PASSWORD_EXPIRED;
152 case SECURITY_SERVER_RETURN_CODE_PASSWORD_MAX_ATTEMPTS_EXCEEDED:
153 ret = SECURITY_SERVER_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED;
155 case SECURITY_SERVER_RETURN_CODE_PASSWORD_REUSED:
156 ret = SECURITY_SERVER_ERROR_PASSWORD_REUSED;
159 ret = SECURITY_SERVER_ERROR_UNKNOWN;
165 int check_socket_poll(int sockfd, int event, int timeout)
167 struct pollfd poll_fd[1];
168 int retval = SECURITY_SERVER_ERROR_POLL;
170 poll_fd[0].fd = sockfd;
171 poll_fd[0].events = event;
172 retval = poll(poll_fd, 1, timeout);
175 SEC_SVR_DBG("poll() error. errno=%d", errno);
177 return SECURITY_SERVER_ERROR_POLL;
180 /* Chile process has been closed. Not poll() problem. Call it once again */
181 return check_socket_poll(sockfd, event, timeout);
188 return SECURITY_SERVER_ERROR_TIMEOUT;
191 if(poll_fd[0].revents != event)
193 SEC_SVR_DBG("Something wrong on the peer socket. event=0x%x", poll_fd[0].revents);
194 return SECURITY_SERVER_ERROR_POLL;
196 return SECURITY_SERVER_SUCCESS;
199 int safe_server_sock_close(int client_sockfd)
201 struct pollfd poll_fd[1];
203 retval = SECURITY_SERVER_ERROR_POLL;
204 poll_fd[0].fd = client_sockfd;
205 poll_fd[0].events = POLLRDHUP;
206 retval = poll(poll_fd, 1, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
207 SEC_SVR_DBG("%s", "Server: Closing server socket");
208 close(client_sockfd);
209 return SECURITY_SERVER_SUCCESS;
212 /* Create a Unix domain socket and bind */
213 int create_new_socket(int *sockfd)
215 int retval = 0, localsockfd = 0, flags;
216 struct sockaddr_un serveraddr;
219 /* Deleted garbage Unix domain socket file */
220 retval = remove(SECURITY_SERVER_SOCK_PATH);
222 if (retval == -1 && errno != ENOENT) {
223 retval = SECURITY_SERVER_ERROR_UNKNOWN;
225 SEC_SVR_DBG("%s", "Unable to remove /tmp/.security_server.sock");
229 /* Create Unix domain socket */
230 if((localsockfd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0 )
232 retval = SECURITY_SERVER_ERROR_SOCKET;
234 SEC_SVR_DBG("%s", "Socket creation failed");
238 if(smack_fsetlabel(localsockfd, "@", SMACK_LABEL_IPOUT) != 0)
240 SEC_SVR_DBG("%s", "SMACK labeling failed");
241 if(errno != EOPNOTSUPP)
243 retval = SECURITY_SERVER_ERROR_SOCKET;
249 if(smack_fsetlabel(localsockfd, "*", SMACK_LABEL_IPIN) != 0)
250 { SEC_SVR_DBG("%s", "SMACK labeling failed");
251 if(errno != EOPNOTSUPP)
253 retval = SECURITY_SERVER_ERROR_SOCKET;
260 /* Make socket as non blocking */
261 if((flags = fcntl(localsockfd, F_GETFL, 0)) < 0 ||
262 fcntl(localsockfd, F_SETFL, flags | O_NONBLOCK) < 0)
264 retval = SECURITY_SERVER_ERROR_SOCKET;
267 SEC_SVR_DBG("%s", "Cannot go to nonblocking mode");
271 bzero (&serveraddr, sizeof(serveraddr));
272 serveraddr.sun_family = AF_UNIX;
273 strncpy(serveraddr.sun_path, SECURITY_SERVER_SOCK_PATH,
274 strlen(SECURITY_SERVER_SOCK_PATH));
275 serveraddr.sun_path[strlen(SECURITY_SERVER_SOCK_PATH)] = 0;
277 /* Bind the socket */
278 if((bind(localsockfd, (struct sockaddr *)&serveraddr, sizeof(serveraddr))) < 0)
280 retval = SECURITY_SERVER_ERROR_SOCKET_BIND;
281 SEC_SVR_DBG("%s", "Cannot bind");
288 /* Change permission to accept all processes that has different uID/gID */
289 sock_mode = (S_IRWXU | S_IRWXG | S_IRWXO);
290 /* Flawfinder hits this chmod function as level 5 CRITICAL as race condition flaw *
291 * Flawfinder recommends to user fchmod insted of chmod
292 * But, fchmod doesn't work on socket file so there is no other choice at this point */
293 if(chmod(SECURITY_SERVER_SOCK_PATH, sock_mode) < 0) /* Flawfinder: ignore */
295 SEC_SVR_DBG("%s", "chmod() error");
296 retval = SECURITY_SERVER_ERROR_SOCKET;
302 retval = SECURITY_SERVER_SUCCESS;
305 *sockfd = localsockfd;
309 /* Authenticate peer that it's really security server.
310 * Check UID that is root
312 int authenticate_server(int sockfd)
316 unsigned int cl = sizeof(cr);
317 /* char *cmdline = NULL;*/
319 /* get socket peer credential */
320 if(getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &cr, &cl) != 0)
322 retval = SECURITY_SERVER_ERROR_SOCKET;
323 SEC_SVR_DBG("%s", "getsockopt() failed");
327 /* Security server must run as root */
330 retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
331 SEC_SVR_DBG("Peer is not root: uid=%d", cr.uid);
335 retval = SECURITY_SERVER_SUCCESS;
337 /* Read command line of the PID from proc fs */
338 /* This is commented out because non root process cannot read link of /proc/pid/exe */
339 /* cmdline = read_cmdline_from_proc(cr.pid);
341 if(strcmp(cmdline, SECURITY_SERVER_DAEMON_PATH) != 0)
343 retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
344 SEC_SVR_DBG("Cmdline is different. auth failed. cmdline=%s", cmdline);
348 retval = SECURITY_SERVER_SUCCESS;
349 SEC_SVR_DBG("Server authenticatd. %s, sockfd=%d", cmdline, sockfd);
353 /* if(cmdline != NULL)
359 /* Create a socket and connect to Security Server */
360 int connect_to_server(int *fd)
362 struct sockaddr_un clientaddr;
363 int client_len = 0, localsockfd, ret, flags;
366 /* Create a socket */
367 localsockfd = socket(AF_UNIX, SOCK_STREAM, 0);
370 SEC_SVR_DBG("%s", "Error on socket()");
371 return SECURITY_SERVER_ERROR_SOCKET;
374 /* Make socket as non blocking */
375 if((flags = fcntl(localsockfd, F_GETFL, 0)) < 0 ||
376 fcntl(localsockfd, F_SETFL, flags | O_NONBLOCK) < 0)
379 SEC_SVR_DBG("%s", "Cannot go to nonblocking mode");
380 return SECURITY_SERVER_ERROR_SOCKET;
383 bzero(&clientaddr, sizeof(clientaddr));
384 clientaddr.sun_family = AF_UNIX;
385 strncpy(clientaddr.sun_path, SECURITY_SERVER_SOCK_PATH, strlen(SECURITY_SERVER_SOCK_PATH));
386 clientaddr.sun_path[strlen(SECURITY_SERVER_SOCK_PATH)] = 0;
387 client_len = sizeof(clientaddr);
389 ret = connect(localsockfd, (struct sockaddr*)&clientaddr, client_len);
392 if(errno == EINPROGRESS)
394 SEC_SVR_DBG("%s", "Connection is in progress");
395 ret = check_socket_poll(localsockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
396 if(ret == SECURITY_SERVER_ERROR_POLL)
398 SEC_SVR_DBG("%s", "poll() error");
400 return SECURITY_SERVER_ERROR_SOCKET;
402 if(ret == SECURITY_SERVER_ERROR_TIMEOUT)
404 SEC_SVR_DBG("%s", "poll() timeout");
406 return SECURITY_SERVER_ERROR_SOCKET;
408 ret = connect(localsockfd, (struct sockaddr*)&clientaddr, client_len);
411 SEC_SVR_DBG("%s", "connection failed");
413 return SECURITY_SERVER_ERROR_SOCKET;
418 SEC_SVR_DBG("%s", "Connection failed");
420 return SECURITY_SERVER_ERROR_SOCKET;
424 /* Authenticate the peer is actually security server */
425 ret = authenticate_server(localsockfd);
426 if(ret != SECURITY_SERVER_SUCCESS)
429 SEC_SVR_DBG("Authentication failed. %d", ret);
433 return SECURITY_SERVER_SUCCESS;
436 /* Accept a new client connection */
437 int accept_client(int server_sockfd)
439 /* Call poll() to wait for socket connection */
440 int retval, localsockfd;
441 struct sockaddr_un clientaddr;
442 unsigned int client_len;
444 client_len = sizeof(clientaddr);
447 retval = check_socket_poll(server_sockfd, POLLIN, SECURITY_SERVER_ACCEPT_TIMEOUT_MILISECOND);
448 if(retval == SECURITY_SERVER_ERROR_POLL)
450 SEC_SVR_DBG("%s", "Error on polling");
451 return SECURITY_SERVER_ERROR_SOCKET;
455 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
457 /*SEC_SVR_DBG("%s", "accept() timeout");*/
458 return SECURITY_SERVER_ERROR_TIMEOUT;
461 localsockfd = accept(server_sockfd,
462 (struct sockaddr *)&clientaddr,
467 SEC_SVR_DBG("Cannot accept client. errno=%d", errno);
468 return SECURITY_SERVER_ERROR_SOCKET;
473 /* Minimal check of request packet */
474 int validate_header(basic_header hdr)
476 if(hdr.version != SECURITY_SERVER_MSG_VERSION)
477 return SECURITY_SERVER_ERROR_BAD_REQUEST;
479 return SECURITY_SERVER_SUCCESS;
482 /* Send generic response packet to client
484 * Generic Response Packet Format
486 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
487 |---------------------------------------------------------------|
488 | version=0x01 | Message ID |Message Length (without header)|
489 |---------------------------------------------------------------|
493 int send_generic_response (int sockfd, unsigned char msgid, unsigned char return_code)
498 /* Assemble header */
499 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
500 hdr.basic_hdr.msg_id = msgid;
501 hdr.basic_hdr.msg_len = 0;
502 hdr.return_code = return_code;
505 size = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
506 if(size == SECURITY_SERVER_ERROR_POLL)
508 SEC_SVR_DBG("%s", "poll() error");
509 return SECURITY_SERVER_ERROR_SEND_FAILED;
511 if(size == SECURITY_SERVER_ERROR_TIMEOUT)
513 SEC_SVR_DBG("%s", "poll() timeout");
514 return SECURITY_SERVER_ERROR_SEND_FAILED;
518 size = write(sockfd, &hdr, sizeof(hdr));
520 if(size < sizeof(hdr))
521 return SECURITY_SERVER_ERROR_SEND_FAILED;
522 return SECURITY_SERVER_SUCCESS;
525 /* Send cookie response to client
527 * Get Cookie response packet format
529 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
530 * |---------------------------------------------------------------|
531 * | version=0x01 |MessageID=0x02 | Message Length =20 |
532 * |---------------------------------------------------------------|
534 * ----------------- |
535 * | cookie (20 bytes) |
536 * |---------------------------------------------------------------|
538 int send_cookie(int sockfd, unsigned char *cookie)
541 unsigned char msg[SECURITY_SERVER_COOKIE_LEN + sizeof(hdr)];
544 /* Assemble header */
545 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
546 hdr.basic_hdr.msg_id = SECURITY_SERVER_MSG_TYPE_COOKIE_RESPONSE;
547 hdr.basic_hdr.msg_len = SECURITY_SERVER_COOKIE_LEN;
548 hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
550 memcpy(msg, &hdr, sizeof(hdr));
551 memcpy(msg + sizeof(hdr), cookie, SECURITY_SERVER_COOKIE_LEN);
554 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
555 if(ret == SECURITY_SERVER_ERROR_POLL)
557 SEC_SVR_DBG("%s", "poll() error");
558 return SECURITY_SERVER_ERROR_SEND_FAILED;
560 if(ret == SECURITY_SERVER_ERROR_TIMEOUT)
562 SEC_SVR_DBG("%s", "poll() timeout");
563 return SECURITY_SERVER_ERROR_SEND_FAILED;
566 ret = write(sockfd, msg, sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN);
567 if(ret < sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN)
569 /* Error on writing */
570 SEC_SVR_DBG("Error on write: %d", ret);
571 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
574 return SECURITY_SERVER_SUCCESS;
577 /* Send Object name response *
578 * Get Object name response packet format
580 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
581 * |---------------------------------------------------------------|
582 * | version=0x01 |MessageID=0x06 | Message Length |
583 * |---------------------------------------------------------------|
585 * ----------------- |
587 * |---------------------------------------------------------------|
589 int send_object_name(int sockfd, char *obj)
592 unsigned char msg[strlen(obj) + sizeof(hdr)];
595 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
596 hdr.basic_hdr.msg_id = 0x06;
597 hdr.basic_hdr.msg_len = strlen(obj);
598 hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
600 memcpy(msg, &hdr, sizeof(hdr));
601 memcpy(msg + sizeof(hdr), obj, strlen(obj));
604 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
605 if(ret == SECURITY_SERVER_ERROR_POLL)
607 SEC_SVR_DBG("%s", "poll() error");
608 return SECURITY_SERVER_ERROR_SEND_FAILED;
610 if(ret == SECURITY_SERVER_ERROR_TIMEOUT)
612 SEC_SVR_DBG("%s", "poll() timeout");
613 return SECURITY_SERVER_ERROR_SEND_FAILED;
616 ret = write(sockfd, msg, sizeof(hdr) + strlen(obj));
617 if(ret < sizeof(hdr) + strlen(obj))
619 /* Error on writing */
620 SEC_SVR_DBG("Error on write: %d", ret);
621 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
624 return SECURITY_SERVER_SUCCESS;
627 /* Send GID response to client
629 * Get GID response packet format
631 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
632 * |---------------------------------------------------------------|
633 * | version=0x01 |MessageID=0x08 | Message Length = 4 |
634 * |---------------------------------------------------------------|
635 * | return code | gid (first 3 words) |
636 * |---------------------------------------------------------------|
640 int send_gid(int sockfd, int gid)
643 unsigned char msg[sizeof(gid) + sizeof(hdr)];
646 /* Assemble header */
647 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
648 hdr.basic_hdr.msg_id = SECURITY_SERVER_MSG_TYPE_GID_RESPONSE;
649 hdr.basic_hdr.msg_len = sizeof(gid);
650 hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
653 memcpy(msg, &hdr, sizeof(hdr));
654 memcpy(msg + sizeof(hdr), &gid, sizeof(gid));
657 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
658 if(ret == SECURITY_SERVER_ERROR_POLL)
660 SEC_SVR_DBG("%s", "poll() error");
661 return SECURITY_SERVER_ERROR_SEND_FAILED;
663 if(ret == SECURITY_SERVER_ERROR_TIMEOUT)
665 SEC_SVR_DBG("%s", "poll() timeout");
666 return SECURITY_SERVER_ERROR_SEND_FAILED;
670 ret = write(sockfd, msg, sizeof(hdr) + sizeof(gid));
671 if(ret < sizeof(hdr) + sizeof(gid))
673 /* Error on writing */
674 SEC_SVR_DBG("Error on write(): %d", ret);
675 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
678 return SECURITY_SERVER_SUCCESS;
681 /* Send PID response to client
683 * Get PID response packet format
685 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
686 * |---------------------------------------------------------------|
687 * | version=0x01 |MessageID=0x0a | Message Length = 4 |
688 * |---------------------------------------------------------------|
689 * | return code | pid (first 3 words) |
690 * |---------------------------------------------------------------|
694 int send_pid(int sockfd, int pid)
697 unsigned char msg[sizeof(pid) + sizeof(hdr)];
700 /* Assemble header */
701 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
702 hdr.basic_hdr.msg_id = SECURITY_SERVER_MSG_TYPE_PID_RESPONSE;
703 hdr.basic_hdr.msg_len = sizeof(pid);
704 hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
707 memcpy(msg, &hdr, sizeof(hdr));
708 memcpy(msg + sizeof(hdr), &pid, sizeof(pid));
711 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
712 if(ret == SECURITY_SERVER_ERROR_POLL)
714 SEC_SVR_DBG("%s", "poll() error");
715 return SECURITY_SERVER_ERROR_SEND_FAILED;
717 if(ret == SECURITY_SERVER_ERROR_TIMEOUT)
719 SEC_SVR_DBG("%s", "poll() timeout");
720 return SECURITY_SERVER_ERROR_SEND_FAILED;
724 ret = write(sockfd, msg, sizeof(hdr) + sizeof(pid));
725 if(ret < sizeof(hdr) + sizeof(pid))
727 /* Error on writing */
728 SEC_SVR_DBG("Error on write(): %d", ret);
729 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
732 return SECURITY_SERVER_SUCCESS;
735 /* Send SMACK label to client with lenght N
737 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
738 * |---------------------------------------------------------------|
739 * | version=0x01 |MessageID=0x1e | Message Length = SMACK_LABEL_LEN + 1
740 * |---------------------------------------------------------------|
741 * | return code | SMACK label byte 0 |
742 * |---------------------------------------------------------------|
743 * | .................. |
744 * |---------------------------------------------------------------|
745 * | SMACK label byte N |
746 * |---------------------------------------------------------------|
748 int send_smack(int sockfd, char * label)
751 //added 1 to the size is for NULL terminating label
752 int LABEL_SIZE = SMACK_LABEL_LEN + 1;
753 int PACKET_SIZE = sizeof(hdr) + LABEL_SIZE;
754 unsigned char msg[PACKET_SIZE];
757 /* Assemble header */
758 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
759 hdr.basic_hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SMACK_RESPONSE;
760 hdr.basic_hdr.msg_len = LABEL_SIZE;
761 hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
764 memcpy(msg, &hdr, sizeof(hdr));
765 memcpy(msg + sizeof(hdr), label, LABEL_SIZE);
766 memset(msg + sizeof(hdr) + SMACK_LABEL_LEN, 0x00, 1); //adding NULL ad the label end
769 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
770 if(ret == SECURITY_SERVER_ERROR_POLL)
772 SEC_SVR_DBG("%s", "poll() error");
773 return SECURITY_SERVER_ERROR_SEND_FAILED;
775 if(ret == SECURITY_SERVER_ERROR_TIMEOUT)
777 SEC_SVR_DBG("%s", "poll() timeout");
778 return SECURITY_SERVER_ERROR_SEND_FAILED;
782 ret = write(sockfd, msg, PACKET_SIZE);
783 if(ret < PACKET_SIZE)
785 /* Error on writing */
786 SEC_SVR_DBG("Error on write(): %d", ret);
787 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
790 return SECURITY_SERVER_SUCCESS;
793 /* Send Check password response to client
795 * Check password response packet format
797 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
798 * |---------------------------------------------------------------|
799 * | version=0x01 | MessageID | Message Length = 12 |
800 * |---------------------------------------------------------------|
801 * | return code | attempts (first 3 words) |
802 * |---------------------------------------------------------------|
803 * |attempts(rest) | max_attempts (first 3 words) |
804 * |---------------|-----------------------------------------------|
805 * | max_attempts | expire_in_days (first 3 words) |
806 * |---------------------------------------------------------------|
810 int send_pwd_response(const int sockfd,
811 const unsigned char msg_id,
812 const unsigned char return_code,
813 const unsigned int current_attempts,
814 const unsigned int max_attempts,
815 const unsigned int expire_time)
818 unsigned int expire_secs;
819 unsigned char msg[sizeof(hdr) + sizeof(current_attempts) + sizeof(max_attempts) + sizeof(expire_secs)];
823 /* Assemble header */
824 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
825 hdr.basic_hdr.msg_id = msg_id;
826 hdr.basic_hdr.msg_len = sizeof(unsigned int) * 3;
827 hdr.return_code = return_code;
830 memcpy(msg, &hdr, sizeof(hdr));
832 memcpy(msg + ptr, ¤t_attempts, sizeof(current_attempts));
833 ptr += sizeof(current_attempts);
834 memcpy(msg + ptr, &max_attempts, sizeof(max_attempts));
835 ptr += sizeof(max_attempts);
836 memcpy(msg + ptr, &expire_time, sizeof(expire_time));
837 ptr += sizeof(expire_time);
840 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
841 if(ret == SECURITY_SERVER_ERROR_POLL)
843 SEC_SVR_DBG("%s", "Server: poll() error");
844 return SECURITY_SERVER_ERROR_SEND_FAILED;
846 if(ret == SECURITY_SERVER_ERROR_TIMEOUT)
848 SEC_SVR_DBG("%s", "Server: poll() timeout");
849 return SECURITY_SERVER_ERROR_SEND_FAILED;
853 ret = write(sockfd, msg, ptr);
856 /* Error on writing */
857 SEC_SVR_DBG("Server: ERROR on write(): %d", ret);
858 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
861 return SECURITY_SERVER_SUCCESS;
864 /* Send cookie request packet to security server *
867 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
868 * |---------------------------------------------------------------|
869 * | version=0x01 |MessageID=0x01 | Message Length = 0 |
870 * |---------------------------------------------------------------|
872 int send_cookie_request(int sock_fd)
877 /* Assemble header */
878 hdr.version = SECURITY_SERVER_MSG_VERSION;
879 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_COOKIE_REQUEST;
883 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
884 if(retval == SECURITY_SERVER_ERROR_POLL)
886 SEC_SVR_DBG("%s", "poll() error");
887 return SECURITY_SERVER_ERROR_SEND_FAILED;
889 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
891 SEC_SVR_DBG("%s", "poll() timeout");
892 return SECURITY_SERVER_ERROR_SEND_FAILED;
896 retval = write(sock_fd, &hdr, sizeof(hdr));
897 if(retval < sizeof(hdr))
900 SEC_SVR_DBG("Error on write(): %d", retval);
901 return SECURITY_SERVER_ERROR_SEND_FAILED;
903 return SECURITY_SERVER_SUCCESS;
906 /* Send GID request message to security server
909 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
910 * |---------------------------------------------------------------|
911 * | version=0x01 |MessageID=0x07 | Message Length = variable |
912 * |---------------------------------------------------------------|
914 * | Object name (variable) |
916 * |---------------------------------------------------------------|
918 int send_gid_request(int sock_fd, const char* object)
921 int retval = 0, send_len = 0;
922 unsigned char *buf = NULL;
924 if(strlen(object) > SECURITY_SERVER_MAX_OBJ_NAME)
926 /* Object name is too big*/
927 SEC_SVR_DBG("Object name is too big %dbytes", strlen(object));
928 return SECURITY_SERVER_ERROR_INPUT_PARAM;
931 hdr.version = SECURITY_SERVER_MSG_VERSION;
932 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_GID_REQUEST;
933 hdr.msg_len = strlen(object);
935 send_len = sizeof(hdr) + strlen(object);
937 buf = malloc(send_len);
940 SEC_SVR_DBG("%s", "out of memory");
941 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
944 memcpy(buf, &hdr, sizeof(hdr));
945 memcpy(buf + sizeof(hdr), object, strlen(object));
948 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
949 if(retval == SECURITY_SERVER_ERROR_POLL)
951 SEC_SVR_DBG("%s", "poll() error");
952 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
955 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
957 SEC_SVR_DBG("%s", "poll() timeout");
958 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
962 retval = write(sock_fd, buf, send_len);
963 if(retval < send_len)
966 SEC_SVR_DBG("Error on write(): %d. errno=%d, sockfd=%d", retval, errno, sock_fd);
967 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
970 retval = SECURITY_SERVER_SUCCESS;
979 /* Send object name request message to security server *
982 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
983 * |---------------------------------------------------------------|
984 * | version=0x01 |MessageID=0x05 | Message Length = 4 |
985 * |---------------------------------------------------------------|
987 * |---------------------------------------------------------------|
989 int send_object_name_request(int sock_fd, int gid)
993 unsigned char buf[sizeof(hdr) + sizeof(gid)];
995 /* Assemble header */
996 hdr.version = SECURITY_SERVER_MSG_VERSION;
997 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_OBJECT_NAME_REQUEST;
998 hdr.msg_len = sizeof(gid);
1000 memcpy(buf, &hdr, sizeof(hdr));
1001 memcpy(buf + sizeof(hdr), &gid, sizeof(gid));
1004 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1005 if(retval == SECURITY_SERVER_ERROR_POLL)
1007 SEC_SVR_DBG("%s", "poll() error");
1008 return SECURITY_SERVER_ERROR_SEND_FAILED;
1010 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1012 SEC_SVR_DBG("%s", "poll() timeout");
1013 return SECURITY_SERVER_ERROR_SEND_FAILED;
1016 /* Send to server */
1017 retval = write(sock_fd, buf, sizeof(buf));
1018 if(retval < sizeof(buf))
1021 SEC_SVR_DBG("Error on write(): %d", retval);
1022 return SECURITY_SERVER_ERROR_SEND_FAILED;
1024 return SECURITY_SERVER_SUCCESS;
1027 /* Send privilege check request message to security server *
1030 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1031 * |---------------------------------------------------------------|
1032 * | version=0x01 |MessageID=0x03 | Message Length = 24 |
1033 * |---------------------------------------------------------------|
1036 * | Cookie (20bytes) |
1039 * |---------------------------------------------------------------|
1041 * |---------------------------------------------------------------|
1043 int send_privilege_check_request(int sock_fd, const char*cookie, int gid)
1047 unsigned char buf[sizeof(hdr) + sizeof(gid) + SECURITY_SERVER_COOKIE_LEN];
1049 /* Assemble header */
1050 hdr.version = SECURITY_SERVER_MSG_VERSION;
1051 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_REQUEST;
1052 hdr.msg_len = sizeof(gid) + SECURITY_SERVER_COOKIE_LEN;
1054 memcpy(buf, &hdr, sizeof(hdr));
1055 memcpy(buf + sizeof(hdr), cookie, SECURITY_SERVER_COOKIE_LEN);
1056 memcpy(buf + sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN, &gid, sizeof(gid));
1059 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1060 if(retval == SECURITY_SERVER_ERROR_POLL)
1062 SEC_SVR_DBG("%s", "poll() error");
1063 return SECURITY_SERVER_ERROR_SEND_FAILED;
1065 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1067 SEC_SVR_DBG("%s", "poll() timeout");
1068 return SECURITY_SERVER_ERROR_SEND_FAILED;
1071 /* Send to server */
1072 retval = write(sock_fd, buf, sizeof(buf));
1073 if(retval < sizeof(buf))
1076 SEC_SVR_DBG("Error on write(): %d", retval);
1077 return SECURITY_SERVER_ERROR_SEND_FAILED;
1079 return SECURITY_SERVER_SUCCESS;
1082 int send_privilege_check_new_request(int sock_fd,
1085 const char *access_rights)
1092 olen = strlen(object);
1093 alen = strlen(access_rights);
1094 if (olen > MAX_OBJECT_LABEL_LEN || alen > MAX_MODE_STR_LEN)
1096 return SECURITY_SERVER_ERROR_INPUT_PARAM;
1099 unsigned char buf[sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN +
1100 2*sizeof(int) + MAX_OBJECT_LABEL_LEN + MAX_MODE_STR_LEN];
1102 /* Assemble header */
1103 hdr.version = SECURITY_SERVER_MSG_VERSION;
1104 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_NEW_REQUEST;
1105 hdr.msg_len = SECURITY_SERVER_COOKIE_LEN + 2*sizeof(int) + olen + alen;
1107 memcpy(buf, &hdr, sizeof(hdr));
1108 memcpy(buf + sizeof(hdr), cookie, SECURITY_SERVER_COOKIE_LEN);
1109 memcpy(buf + sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN, &olen, sizeof(int));
1110 memcpy(buf + sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN + sizeof(int),
1111 &alen, sizeof(int));
1112 memcpy(buf + sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN + 2*sizeof(int), object, olen);
1113 memcpy(buf + sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN + 2*sizeof(int) + olen,
1114 access_rights, alen);
1117 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1118 if(retval == SECURITY_SERVER_ERROR_POLL)
1120 SEC_SVR_DBG("%s", "poll() error");
1121 return SECURITY_SERVER_ERROR_SEND_FAILED;
1123 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1125 SEC_SVR_DBG("%s", "poll() timeout");
1126 return SECURITY_SERVER_ERROR_SEND_FAILED;
1129 size = sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN + 2*sizeof(int) + olen + alen;
1130 /* Send to server */
1131 retval = write(sock_fd, buf, size);
1135 SEC_SVR_DBG("Error on write(): %d", retval);
1136 return SECURITY_SERVER_ERROR_SEND_FAILED;
1138 return SECURITY_SERVER_SUCCESS;
1141 /* Send SMACK request message to security server *
1144 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1145 * |---------------------------------------------------------------|
1146 * | version=0x01 |MessageID=0x1d | Message Length = 20 |
1147 * |---------------------------------------------------------------|
1150 * | Cookie (20bytes) |
1153 * |---------------------------------------------------------------|
1155 int send_smack_request(int sock_fd, const char * cookie)
1159 unsigned char buf[sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN];
1161 /* Assemble header */
1162 hdr.version = SECURITY_SERVER_MSG_VERSION;
1163 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SMACK_REQUEST;
1164 hdr.msg_len = SECURITY_SERVER_COOKIE_LEN;
1166 memcpy(buf, &hdr, sizeof(hdr));
1167 memcpy(buf + sizeof(hdr), cookie, SECURITY_SERVER_COOKIE_LEN);
1170 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1171 if(retval == SECURITY_SERVER_ERROR_POLL)
1173 SEC_SVR_DBG("%s", "poll() error");
1174 return SECURITY_SERVER_ERROR_SEND_FAILED;
1176 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1178 SEC_SVR_DBG("%s", "poll() timeout");
1179 return SECURITY_SERVER_ERROR_SEND_FAILED;
1182 /* Send to server */
1183 retval = write(sock_fd, buf, sizeof(buf));
1184 if(retval < sizeof(buf))
1187 SEC_SVR_DBG("Error on write(): %d", retval);
1188 return SECURITY_SERVER_ERROR_SEND_FAILED;
1190 return SECURITY_SERVER_SUCCESS;
1193 /* Send PID check request message to security server *
1196 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1197 * |---------------------------------------------------------------|
1198 * | version=0x01 |MessageID=0x09 | Message Length = 20 |
1199 * |---------------------------------------------------------------|
1202 * | Cookie (20bytes) |
1205 * |---------------------------------------------------------------|
1207 int send_pid_request(int sock_fd, const char*cookie)
1211 unsigned char buf[sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN];
1213 /* Assemble header */
1214 hdr.version = SECURITY_SERVER_MSG_VERSION;
1215 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_PID_REQUEST;
1216 hdr.msg_len = SECURITY_SERVER_COOKIE_LEN;
1218 memcpy(buf, &hdr, sizeof(hdr));
1219 memcpy(buf + sizeof(hdr), cookie, SECURITY_SERVER_COOKIE_LEN);
1222 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1223 if(retval == SECURITY_SERVER_ERROR_POLL)
1225 SEC_SVR_DBG("%s", "poll() error");
1226 return SECURITY_SERVER_ERROR_SEND_FAILED;
1228 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1230 SEC_SVR_DBG("%s", "poll() timeout");
1231 return SECURITY_SERVER_ERROR_SEND_FAILED;
1234 /* Send to server */
1235 retval = write(sock_fd, buf, sizeof(buf));
1236 if(retval < sizeof(buf))
1239 SEC_SVR_DBG("Error on write(): %d", retval);
1240 return SECURITY_SERVER_ERROR_SEND_FAILED;
1242 return SECURITY_SERVER_SUCCESS;
1246 /* Send debug tool launch request message to security server *
1249 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1250 * |---------------------------------------------------------------|
1251 * | version=0x01 |MessageID=0x0b | Message Length |
1252 * |---------------------------------------------------------------|
1253 * | total # of args |
1254 * |---------------------------------------------------------------|
1255 * | 1st argv length |
1256 * |---------------------------------------------------------------|
1260 * |---------------------------------------------------------------|
1261 * | 2nd argv length |
1262 * |---------------------------------------------------------------|
1266 * |---------------------------------------------------------------|
1268 * |---------------------------------------------------------------|
1269 * | nth argv length |
1270 * |---------------------------------------------------------------|
1274 * |---------------------------------------------------------------|
1276 int send_launch_tool_request(int sock_fd, int argc, const char **argv)
1279 int retval, total_length = 0, ptr, i, tempnum;
1280 unsigned char *buf = NULL;
1282 for (i=0;i<argc;i++)
1286 SEC_SVR_DBG("Error: %dth argv is NULL", i);
1287 return SECURITY_SERVER_ERROR_INPUT_PARAM;
1289 total_length += strlen(argv[i]);
1292 if(total_length < 1)
1294 SEC_SVR_DBG("Error: There is a problem in argv. [%d]", total_length);
1295 return SECURITY_SERVER_ERROR_INPUT_PARAM;
1297 total_length += sizeof(hdr) + sizeof(int) +(argc * sizeof(int));
1299 if(total_length > 0xffff)
1301 SEC_SVR_DBG("Buffer overflow. too big payload. [%d]", total_length);
1302 return SECURITY_SERVER_ERROR_INPUT_PARAM;
1305 buf = malloc(total_length);
1308 SEC_SVR_DBG("%s", "Error: failed to malloc()");
1309 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1312 /* Assemble header */
1313 hdr.version = SECURITY_SERVER_MSG_VERSION;
1314 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_TOOL_REQUEST;
1315 hdr.msg_len = (unsigned short)total_length;
1316 memcpy(buf, &hdr, sizeof(hdr));
1318 memcpy(buf + ptr, &argc, sizeof(int));
1321 /* Assemple each argv length and value */
1324 tempnum = strlen(argv[i]);
1325 memcpy(buf + ptr, &tempnum, sizeof(int));
1327 memcpy(buf + ptr, argv[i], tempnum);
1332 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1333 if(retval == SECURITY_SERVER_ERROR_POLL)
1335 SEC_SVR_DBG("%s", "poll() error");
1336 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1340 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1342 SEC_SVR_DBG("%s", "poll() timeout");
1343 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1347 /* Send to server */
1348 retval = write(sock_fd, buf, total_length);
1349 if(retval < sizeof(buf))
1352 SEC_SVR_DBG("Error on write(): %d", retval);
1353 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1356 retval = SECURITY_SERVER_SUCCESS;
1364 /* Send validate password request message to security server *
1367 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1368 * |---------------------------------------------------------------|
1369 * | version=0x01 |MessageID=0x0d | Message Length |
1370 * |---------------------------------------------------------------|
1372 int send_valid_pwd_request(int sock_fd)
1377 hdr.version = SECURITY_SERVER_MSG_VERSION;
1378 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_VALID_PWD_REQUEST;
1382 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1383 if(retval == SECURITY_SERVER_ERROR_POLL)
1385 SEC_SVR_DBG("%s", "poll() error");
1386 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1390 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1392 SEC_SVR_DBG("%s", "poll() timeout");
1393 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1397 /* Send to server */
1398 retval = write(sock_fd, &hdr, sizeof(hdr));
1399 if(retval < sizeof(hdr))
1402 SEC_SVR_DBG("Error on write(): %d", retval);
1403 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1406 retval = SECURITY_SERVER_SUCCESS;
1412 /* Send password set request message to security server *
1415 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1416 * |---------------------------------------------------------------|
1417 * | version=0x01 |MessageID=0x0f | Message Length |
1418 * |---------------------------------------------------------------|
1419 * | cur_pwd_len | new_pwd_len | |
1420 * |-------------------------------- |
1422 * |---------------------------------------------------------------|
1426 * |---------------------------------------------------------------|
1428 * |---------------------------------------------------------------|
1430 * |---------------------------------------------------------------|
1432 int send_set_pwd_request(int sock_fd,
1435 const unsigned int max_challenge,
1436 const unsigned int valid_period_in_days)
1439 int retval, total_length = 0, ptr;
1440 unsigned char *buf = NULL, cur_pwd_len, new_pwd_len;
1445 cur_pwd_len = strlen(cur_pwd);
1446 new_pwd_len = strlen(new_pwd);
1448 total_length += sizeof(hdr) + sizeof(char) + sizeof(char) + cur_pwd_len
1449 + new_pwd_len + sizeof(unsigned int) + sizeof(unsigned int);
1451 buf = malloc(total_length);
1454 SEC_SVR_DBG("%s", "Error: failed to malloc()");
1455 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1458 /* Assemble header */
1459 hdr.version = SECURITY_SERVER_MSG_VERSION;
1460 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SET_PWD_REQUEST;
1461 hdr.msg_len = (unsigned short)total_length;
1462 memcpy(buf, &hdr, sizeof(hdr));
1464 memcpy(buf + ptr, &cur_pwd_len, sizeof(char));
1465 ptr += sizeof(char);
1466 memcpy(buf + ptr, &new_pwd_len, sizeof(char));
1467 ptr += sizeof(char);
1470 memcpy(buf + ptr, cur_pwd, cur_pwd_len);
1473 memcpy(buf + ptr, new_pwd, new_pwd_len);
1475 memcpy(buf + ptr, &max_challenge, sizeof(unsigned int));
1476 ptr += sizeof(unsigned int);
1477 memcpy(buf + ptr, &valid_period_in_days, sizeof(unsigned int));
1480 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1481 if(retval == SECURITY_SERVER_ERROR_POLL)
1483 SEC_SVR_DBG("%s", "poll() error");
1484 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1488 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1490 SEC_SVR_DBG("%s", "poll() timeout");
1491 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1495 /* Send to server */
1496 retval = write(sock_fd, buf, total_length);
1497 if(retval < sizeof(buf))
1500 SEC_SVR_DBG("Error on write(): %d", retval);
1501 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1504 retval = SECURITY_SERVER_SUCCESS;
1512 /* Send password validity change request message to security server *
1515 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1516 * |---------------------------------------------------------------|
1517 * | version=0x01 |MessageID=0x0f | Message Length |
1518 * |---------------------------------------------------------------|
1520 * |---------------------------------------------------------------|
1522 int send_set_pwd_validity_request(int sock_fd, const unsigned int valid_period_in_days)
1525 int retval, total_length = 0, ptr;
1526 unsigned char *buf = NULL;
1528 total_length = sizeof(hdr) + sizeof(unsigned int);
1530 buf = malloc(total_length);
1533 SEC_SVR_DBG("%s", "Error: failed to malloc()");
1534 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1537 /* Assemble header */
1538 hdr.version = SECURITY_SERVER_MSG_VERSION;
1539 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SET_PWD_VALIDITY_REQUEST;
1540 hdr.msg_len = (unsigned short)total_length;
1541 memcpy(buf, &hdr, sizeof(hdr));
1543 memcpy(buf + ptr, &valid_period_in_days, sizeof(unsigned int));
1546 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1547 if(retval == SECURITY_SERVER_ERROR_POLL)
1549 SEC_SVR_DBG("%s", "poll() error");
1550 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1554 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1556 SEC_SVR_DBG("%s", "poll() timeout");
1557 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1561 /* Send to server */
1562 retval = write(sock_fd, buf, total_length);
1563 if(retval < sizeof(buf))
1566 SEC_SVR_DBG("Error on write(): %d", retval);
1567 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1570 retval = SECURITY_SERVER_SUCCESS;
1578 /* Send password max challenge request message to security server *
1581 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1582 * |---------------------------------------------------------------|
1583 * | version=0x01 |MessageID=0x0f | Message Length |
1584 * |---------------------------------------------------------------|
1586 * |---------------------------------------------------------------|
1588 int send_set_pwd_max_challenge_request(int sock_fd, const unsigned int max_challenge)
1591 int retval, total_length = 0, ptr;
1592 unsigned char *buf = NULL;
1594 total_length = sizeof(hdr) + sizeof(unsigned int);
1596 buf = malloc(total_length);
1599 SEC_SVR_DBG("%s", "Error: failed to malloc()");
1600 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1603 /* Assemble header */
1604 hdr.version = SECURITY_SERVER_MSG_VERSION;
1605 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SET_PWD_MAX_CHALLENGE_REQUEST;
1606 hdr.msg_len = (unsigned short)total_length;
1607 memcpy(buf, &hdr, sizeof(hdr));
1609 memcpy(buf + ptr, &max_challenge, sizeof(unsigned int));
1612 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1613 if(retval == SECURITY_SERVER_ERROR_POLL)
1615 SEC_SVR_DBG("%s", "poll() error");
1616 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1620 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1622 SEC_SVR_DBG("%s", "poll() timeout");
1623 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1627 /* Send to server */
1628 retval = write(sock_fd, buf, total_length);
1629 if(retval < sizeof(buf))
1632 SEC_SVR_DBG("Error on write(): %d", retval);
1633 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1636 retval = SECURITY_SERVER_SUCCESS;
1644 /* Send password reset request message to security server *
1647 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1648 * |---------------------------------------------------------------|
1649 * | version=0x01 |MessageID=0x11 | Message Length |
1650 * |---------------------------------------------------------------|
1652 * |---------------------------------------------------------------|
1656 * |---------------------------------------------------------------|
1658 * |---------------------------------------------------------------|
1660 * |---------------------------------------------------------------|
1662 int send_reset_pwd_request(int sock_fd,
1664 const unsigned int max_challenge,
1665 const unsigned int valid_period_in_days)
1668 int retval, total_length = 0, ptr;
1669 unsigned char *buf = NULL, new_pwd_len;
1671 new_pwd_len = strlen(new_pwd);
1673 total_length += sizeof(hdr) + sizeof(char) + new_pwd_len + sizeof(unsigned int) +
1674 sizeof(unsigned int);
1676 buf = malloc(total_length);
1679 SEC_SVR_DBG("%s", "Error: failed to malloc()");
1680 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1683 /* Assemble header */
1684 hdr.version = SECURITY_SERVER_MSG_VERSION;
1685 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_RESET_PWD_REQUEST;
1686 hdr.msg_len = (unsigned short)total_length;
1687 memcpy(buf, &hdr, sizeof(hdr));
1689 memcpy(buf + ptr, &new_pwd_len, sizeof(char));
1690 ptr += sizeof(char);
1691 memcpy(buf + ptr, new_pwd, new_pwd_len);
1693 memcpy(buf + ptr, &max_challenge, sizeof(unsigned int));
1694 ptr += sizeof(unsigned int);
1695 memcpy(buf + ptr, &valid_period_in_days, sizeof(unsigned int));
1698 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1699 if(retval == SECURITY_SERVER_ERROR_POLL)
1701 SEC_SVR_DBG("%s", "poll() error");
1702 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1706 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1708 SEC_SVR_DBG("%s", "poll() timeout");
1709 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1713 /* Send to server */
1714 retval = write(sock_fd, buf, total_length);
1715 if(retval < sizeof(buf))
1718 SEC_SVR_DBG("Error on write(): %d", retval);
1719 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1722 retval = SECURITY_SERVER_SUCCESS;
1730 /* Send password check request message to security server *
1733 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1734 * |---------------------------------------------------------------|
1735 * | version=0x01 |MessageID=0x13 | Message Length |
1736 * |---------------------------------------------------------------|
1737 * | challenge_len | |
1738 * |--------------- |
1740 * |---------------------------------------------------------------|
1742 int send_chk_pwd_request(int sock_fd, const char*challenge)
1745 int retval, total_length = 0, ptr;
1746 unsigned char *buf = NULL, challenge_len;
1748 challenge_len = strlen(challenge);
1750 total_length += sizeof(hdr) + sizeof(char) + challenge_len;
1752 buf = malloc(total_length);
1755 SEC_SVR_DBG("%s", "Error: failed to malloc()");
1756 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1759 /* Assemble header */
1760 hdr.version = SECURITY_SERVER_MSG_VERSION;
1761 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_CHK_PWD_REQUEST;
1762 hdr.msg_len = (unsigned short)total_length;
1763 memcpy(buf, &hdr, sizeof(hdr));
1765 memcpy(buf + ptr, &challenge_len, sizeof(char));
1766 ptr += sizeof(char);
1767 memcpy(buf + ptr, challenge, challenge_len);
1768 ptr += sizeof(char);
1771 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1772 if(retval == SECURITY_SERVER_ERROR_POLL)
1774 SEC_SVR_DBG("%s", "poll() error");
1775 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1779 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1781 SEC_SVR_DBG("%s", "poll() timeout");
1782 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1786 /* Send to server */
1787 retval = write(sock_fd, buf, total_length);
1788 if(retval < sizeof(buf))
1791 SEC_SVR_DBG("Error on write(): %d", retval);
1792 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1795 retval = SECURITY_SERVER_SUCCESS;
1803 /* Send password history set request message to security server *
1806 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1807 * |---------------------------------------------------------------|
1808 * | version=0x01 |MessageID=0x15 | Message Length |
1809 * |---------------------------------------------------------------|
1813 int send_set_pwd_history_request(int sock_fd, int num)
1816 int retval, total_length = 0, ptr;
1817 unsigned char history;
1818 unsigned char buf[sizeof(hdr) + sizeof(history)];
1820 total_length = sizeof(hdr) + sizeof(char);
1821 history = (unsigned char) num;
1823 /* Assemble header */
1824 hdr.version = SECURITY_SERVER_MSG_VERSION;
1825 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SET_PWD_HISTORY_REQUEST;
1826 hdr.msg_len = (unsigned short)total_length;
1827 memcpy(buf, &hdr, sizeof(hdr));
1829 memcpy(buf + ptr, &history, sizeof(char));
1830 ptr += sizeof(char);
1833 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1834 if(retval == SECURITY_SERVER_ERROR_POLL)
1836 SEC_SVR_DBG("%s", "poll() error");
1837 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1841 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1843 SEC_SVR_DBG("%s", "poll() timeout");
1844 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1848 /* Send to server */
1849 retval = write(sock_fd, buf, ptr);
1850 if(retval < sizeof(buf))
1853 SEC_SVR_DBG("Error on write(): %d", retval);
1854 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1857 retval = SECURITY_SERVER_SUCCESS;
1863 /* Receive request header */
1864 int recv_hdr(int client_sockfd, basic_header *basic_hdr)
1869 retval = check_socket_poll(client_sockfd, POLLIN, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1870 if(retval == SECURITY_SERVER_ERROR_POLL)
1872 SEC_SVR_DBG("%s", "poll() error");
1873 return SECURITY_SERVER_ERROR_SOCKET;
1875 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1877 SEC_SVR_DBG("%s", "poll() timeout");
1878 return SECURITY_SERVER_ERROR_TIMEOUT;
1881 /* Receive request header first */
1882 retval = read(client_sockfd, basic_hdr, sizeof(basic_header));
1883 if(retval < sizeof(basic_header))
1885 SEC_SVR_DBG("read failed. closing socket %d", retval);
1886 return SECURITY_SERVER_ERROR_RECV_FAILED;
1889 /* Validate header */
1890 retval = validate_header(*basic_hdr);
1895 /* Receive check privilege request packet body */
1896 int recv_check_privilege_request(int sockfd, unsigned char *requested_cookie, int *requested_privilege)
1899 retval = read(sockfd, requested_cookie, SECURITY_SERVER_COOKIE_LEN);
1900 if(retval < SECURITY_SERVER_COOKIE_LEN)
1902 SEC_SVR_DBG("Received cookie size is too small: %d", retval);
1903 return SECURITY_SERVER_ERROR_RECV_FAILED;
1906 retval = read(sockfd, requested_privilege, sizeof(int));
1907 if(retval < sizeof(int))
1909 SEC_SVR_DBG("privilege size is too small: %d", retval);
1910 return SECURITY_SERVER_ERROR_RECV_FAILED;
1912 return SECURITY_SERVER_SUCCESS;
1915 /* Receive check privilege request packet body (new mode)*/
1916 int recv_check_privilege_new_request(int sockfd,
1917 unsigned char *requested_cookie,
1919 char *access_rights)
1924 retval = read(sockfd, requested_cookie, SECURITY_SERVER_COOKIE_LEN);
1925 if(retval < SECURITY_SERVER_COOKIE_LEN)
1927 SEC_SVR_DBG("Received cookie size is too small: %d", retval);
1928 return SECURITY_SERVER_ERROR_RECV_FAILED;
1931 retval = read(sockfd, &olen, sizeof(int));
1932 if(retval < sizeof(int) || olen < 0 || olen > MAX_OBJECT_LABEL_LEN)
1934 SEC_SVR_DBG("error reading object_label len: %d", retval);
1935 return SECURITY_SERVER_ERROR_RECV_FAILED;
1938 retval = read(sockfd, &alen, sizeof(int));
1939 if(retval < sizeof(int) || alen < 0 || alen > MAX_MODE_STR_LEN)
1941 SEC_SVR_DBG("error reading access_rights len: %d", retval);
1942 return SECURITY_SERVER_ERROR_RECV_FAILED;
1945 retval = read(sockfd, object_label, olen);
1948 SEC_SVR_DBG("error reading object_label: %d", retval);
1949 return SECURITY_SERVER_ERROR_RECV_FAILED;
1951 object_label[olen] = '\0';
1953 retval = read(sockfd, access_rights, olen);
1956 SEC_SVR_DBG("error reading access_rights: %d", retval);
1957 return SECURITY_SERVER_ERROR_RECV_FAILED;
1959 access_rights[alen] = '\0';
1961 return SECURITY_SERVER_SUCCESS;
1964 /* Receive pid request packet body */
1965 int recv_pid_request(int sockfd, unsigned char *requested_cookie)
1968 retval = read(sockfd, requested_cookie, SECURITY_SERVER_COOKIE_LEN);
1969 if(retval < SECURITY_SERVER_COOKIE_LEN)
1971 SEC_SVR_DBG("Received cookie size is too small: %d", retval);
1972 return SECURITY_SERVER_ERROR_RECV_FAILED;
1974 return SECURITY_SERVER_SUCCESS;
1977 /* receiving cookie from package */
1978 int recv_smack_request(int sockfd, unsigned char *requested_cookie)
1981 retval = read(sockfd, requested_cookie, SECURITY_SERVER_COOKIE_LEN);
1982 if(retval < SECURITY_SERVER_COOKIE_LEN)
1984 SEC_SVR_DBG("Received cookie size is too small: %d", retval);
1985 return SECURITY_SERVER_ERROR_RECV_FAILED;
1987 return SECURITY_SERVER_SUCCESS;
1990 /* Receive pid request packet body */
1991 int recv_launch_tool_request(int sockfd, int argc, char *argv[])
1993 int retval, i, argv_len;
1995 argv[0] = malloc(strlen(SECURITY_SERVER_DEBUG_TOOL_PATH) + 1);
1996 strncpy(argv[0], SECURITY_SERVER_DEBUG_TOOL_PATH, (strlen(SECURITY_SERVER_DEBUG_TOOL_PATH) + 1));
2000 retval = read(sockfd, &argv_len, sizeof(int));
2001 if(retval < sizeof(int))
2003 SEC_SVR_DBG("Error: argv length recieve failed: %d", retval);
2004 free_argv(argv, argc);
2005 return SECURITY_SERVER_ERROR_RECV_FAILED;
2008 if(argv_len <= 0 || argv_len >= INT_MAX)
2010 SEC_SVR_DBG("Error: argv length out of boundaries");
2011 free_argv(argv, argc);
2012 return SECURITY_SERVER_ERROR_RECV_FAILED;
2015 argv[i] = malloc(argv_len + 1);
2018 SEC_SVR_DBG("Error: malloc() failed: %d", retval);
2019 free_argv(argv, argc);
2020 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
2023 memset(argv[i], 0x00, argv_len + 1);
2024 retval = read(sockfd, argv[i], argv_len);
2025 if(retval < argv_len)
2027 SEC_SVR_DBG("Error: argv recieve failed: %d", retval);
2028 free_argv(argv, argc);
2029 return SECURITY_SERVER_ERROR_RECV_FAILED;
2033 return SECURITY_SERVER_SUCCESS;
2036 int recv_generic_response(int sockfd, response_header *hdr)
2041 retval = check_socket_poll(sockfd, POLLIN, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
2042 if(retval == SECURITY_SERVER_ERROR_POLL)
2044 SEC_SVR_DBG("%s", "Client: poll() error");
2045 return SECURITY_SERVER_ERROR_RECV_FAILED;
2047 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
2049 SEC_SVR_DBG("%s", "Client: poll() timeout");
2050 return SECURITY_SERVER_ERROR_RECV_FAILED;
2053 /* Receive response */
2054 retval = read(sockfd, hdr, sizeof(response_header));
2055 if(retval < sizeof(response_header) )
2057 /* Error on socket */
2058 SEC_SVR_DBG("Client: Receive failed %d", retval);
2059 return SECURITY_SERVER_ERROR_RECV_FAILED;
2062 if(hdr->return_code != SECURITY_SERVER_RETURN_CODE_SUCCESS)
2064 SEC_SVR_DBG("Client: return code is not success: %d", hdr->return_code);
2065 return return_code_to_error_code(hdr->return_code);
2067 return SECURITY_SERVER_SUCCESS;
2070 int recv_get_gid_response(int sockfd, response_header *hdr, int *gid)
2074 retval = recv_generic_response(sockfd, hdr);
2075 if(retval != SECURITY_SERVER_SUCCESS)
2076 return return_code_to_error_code(hdr->return_code);
2078 retval = read(sockfd, gid, sizeof(int));
2079 if(retval < sizeof(int))
2081 /* Error on socket */
2082 SEC_SVR_DBG("Receive failed %d", retval);
2083 return SECURITY_SERVER_ERROR_RECV_FAILED;
2085 return SECURITY_SERVER_SUCCESS;
2088 int recv_get_object_name(int sockfd, response_header *hdr, char *object, int max_object_size)
2091 char *local_obj_name = NULL;
2094 retval = check_socket_poll(sockfd, POLLIN, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
2095 if(retval == SECURITY_SERVER_ERROR_POLL)
2097 SEC_SVR_DBG("%s", "poll() error");
2098 return SECURITY_SERVER_ERROR_RECV_FAILED;
2100 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
2102 SEC_SVR_DBG("%s", "poll() timeout");
2103 return SECURITY_SERVER_ERROR_RECV_FAILED;
2107 retval = read(sockfd, hdr, sizeof(response_header));
2108 if(retval < sizeof(hdr) )
2110 /* Error on socket */
2111 SEC_SVR_DBG("cannot recv respons: %d", retval);
2112 return SECURITY_SERVER_ERROR_RECV_FAILED;
2115 if(hdr->return_code == SECURITY_SERVER_RETURN_CODE_SUCCESS)
2117 if(max_object_size < hdr->basic_hdr.msg_len)
2119 SEC_SVR_DBG("Object name is too small need %d bytes, but %d bytes", hdr->basic_hdr.msg_len, max_object_size);
2120 return SECURITY_SERVER_ERROR_BUFFER_TOO_SMALL;
2122 if(hdr->basic_hdr.msg_len > SECURITY_SERVER_MAX_OBJ_NAME)
2124 SEC_SVR_DBG("Received object name is too big. %d", hdr->basic_hdr.msg_len);
2125 return SECURITY_SERVER_ERROR_BAD_RESPONSE;
2128 local_obj_name = malloc(hdr->basic_hdr.msg_len + 1);
2129 if(local_obj_name == NULL)
2131 SEC_SVR_DBG("%s", "Out of memory error");
2132 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
2135 retval = read(sockfd, local_obj_name, hdr->basic_hdr.msg_len);
2136 if(retval < (hdr->basic_hdr.msg_len))
2138 /* Error on socket */
2139 SEC_SVR_DBG("read() failed: %d", retval);
2140 if(local_obj_name != NULL)
2141 free(local_obj_name);
2142 return SECURITY_SERVER_ERROR_RECV_FAILED;
2144 memcpy(object, local_obj_name, hdr->basic_hdr.msg_len);
2145 object[hdr->basic_hdr.msg_len] = 0;
2146 retval = SECURITY_SERVER_SUCCESS;
2150 SEC_SVR_DBG("Error received. return code: %d", hdr->return_code);
2151 retval = return_code_to_error_code(hdr->return_code);
2155 if(local_obj_name != NULL)
2156 free(local_obj_name);
2157 return SECURITY_SERVER_SUCCESS;
2160 int recv_cookie(int sockfd, response_header *hdr, char *cookie)
2164 retval = recv_generic_response(sockfd, hdr);
2165 if(retval != SECURITY_SERVER_SUCCESS)
2166 return return_code_to_error_code(hdr->return_code);
2168 retval = read(sockfd, cookie, SECURITY_SERVER_COOKIE_LEN);
2169 if(retval < SECURITY_SERVER_COOKIE_LEN)
2171 /* Error on socket */
2172 SEC_SVR_DBG("read() failed: %d", retval);
2173 return SECURITY_SERVER_ERROR_RECV_FAILED;
2175 return SECURITY_SERVER_SUCCESS;
2178 int recv_privilege_check_response(int sockfd, response_header *hdr)
2182 retval = recv_generic_response(sockfd, hdr);
2183 if(hdr->return_code != SECURITY_SERVER_RETURN_CODE_ACCESS_GRANTED &&
2184 hdr->return_code != SECURITY_SERVER_RETURN_CODE_ACCESS_DENIED)
2186 SEC_SVR_DBG("response error: %d", hdr->return_code);
2187 return return_code_to_error_code(hdr->return_code);
2189 return SECURITY_SERVER_SUCCESS;
2192 int recv_privilege_check_new_response(int sockfd, response_header *hdr)
2196 retval = recv_generic_response(sockfd, hdr);
2197 if(hdr->return_code != SECURITY_SERVER_RETURN_CODE_ACCESS_GRANTED &&
2198 hdr->return_code != SECURITY_SERVER_RETURN_CODE_ACCESS_DENIED)
2200 SEC_SVR_DBG("response error: %d", hdr->return_code);
2201 return return_code_to_error_code(hdr->return_code);
2203 return SECURITY_SERVER_SUCCESS;
2206 int recv_smack_response(int sockfd, response_header *hdr, char * label)
2210 retval = recv_generic_response(sockfd, hdr);
2211 if(retval != SECURITY_SERVER_SUCCESS)
2212 return return_code_to_error_code(hdr->return_code);
2214 retval = read(sockfd, label, SMACK_LABEL_LEN + 1);
2215 if(retval < sizeof(int))
2217 /* Error on socket */
2218 SEC_SVR_DBG("Client: Receive failed %d", retval);
2219 return SECURITY_SERVER_ERROR_RECV_FAILED;
2221 return SECURITY_SERVER_SUCCESS;
2224 int recv_pid_response(int sockfd, response_header *hdr, int *pid)
2228 retval = recv_generic_response(sockfd, hdr);
2229 if(retval != SECURITY_SERVER_SUCCESS)
2230 return return_code_to_error_code(hdr->return_code);
2232 retval = read(sockfd, pid, sizeof(int));
2233 if(retval < sizeof(int))
2235 /* Error on socket */
2236 SEC_SVR_DBG("Client: Receive failed %d", retval);
2237 return SECURITY_SERVER_ERROR_RECV_FAILED;
2239 return SECURITY_SERVER_SUCCESS;
2242 int recv_pwd_response(int sockfd, response_header *hdr,
2243 unsigned int *current_attempts,
2244 unsigned int *max_attempts,
2245 unsigned int *valid_secs)
2248 *current_attempts = 0;
2252 retval = recv_generic_response(sockfd, hdr);
2256 case SECURITY_SERVER_ERROR_PASSWORD_EXIST:
2257 case SECURITY_SERVER_ERROR_NO_PASSWORD:
2258 case SECURITY_SERVER_ERROR_PASSWORD_MISMATCH:
2259 case SECURITY_SERVER_ERROR_PASSWORD_RETRY_TIMER:
2260 case SECURITY_SERVER_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED:
2261 case SECURITY_SERVER_ERROR_PASSWORD_EXPIRED:
2262 case SECURITY_SERVER_ERROR_PASSWORD_REUSED:
2263 case SECURITY_SERVER_SUCCESS:
2266 return return_code_to_error_code(hdr->return_code);
2269 retval = read(sockfd, current_attempts, sizeof(unsigned int));
2270 if(retval < sizeof(unsigned int))
2272 /* Error on socket */
2273 SEC_SVR_DBG("Client: Receive failed %d", retval);
2274 return SECURITY_SERVER_ERROR_RECV_FAILED;
2276 retval = read(sockfd, max_attempts, sizeof(unsigned int));
2277 if(retval < sizeof(unsigned int))
2279 /* Error on socket */
2280 SEC_SVR_DBG("Client: Receive failed %d", retval);
2281 return SECURITY_SERVER_ERROR_RECV_FAILED;
2283 retval = read(sockfd, valid_secs, sizeof(unsigned int));
2284 if(retval < sizeof(unsigned int))
2286 /* Error on socket */
2287 SEC_SVR_DBG("Client: Receive failed %d", retval);
2288 return SECURITY_SERVER_ERROR_RECV_FAILED;
2291 //if come here there were no errors
2292 return SECURITY_SERVER_SUCCESS;
2295 /* Authenticate client application *
2296 * Currently it only gets peer's credential information only *
2297 * If we need, we can extend in the futer */
2298 int authenticate_client_application(int sockfd, int *pid, int *uid)
2302 unsigned int cl = sizeof(cr);
2304 /* get PID of socket peer */
2305 if(getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &cr, &cl) != 0)
2307 retval = SECURITY_SERVER_ERROR_SOCKET;
2308 SEC_SVR_DBG("%s", "getsockopt failed");
2315 /* Authenticate client that it's real client application */
2322 /* Checking client is pre-defined middleware daemons *
2323 * Check privilege API is only allowed to middleware daemons *
2324 * cmd line list of middleware daemons are listed in
2325 * /usr/share/security-server/mw-list */
2326 int search_middleware_cmdline(char *cmdline)
2330 char middleware[SECURITY_SERVER_MAX_PATH_LEN];
2332 /* Open the list file */
2333 fp = fopen(SECURITY_SERVER_MIDDLEWARE_LIST_PATH, "r");
2337 SEC_SVR_DBG("%s", "Error oening mw-list file");
2338 return SECURITY_SERVER_ERROR_FILE_OPERATION;
2341 /* Search each line */
2342 ret = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
2343 while(fgets(middleware, SECURITY_SERVER_MAX_PATH_LEN, fp) != NULL)
2345 if(strncmp(middleware, cmdline, strlen(middleware)-1) == 0)
2348 SEC_SVR_DBG("%s", "found matching cmd line");
2349 ret = SECURITY_SERVER_SUCCESS;
2359 /* Authenticate the application is middleware daemon
2360 * The middleware must run as root (or middleware user) and the cmd line must be
2361 * pre listed for authentication to succeed */
2362 int authenticate_client_middleware(int sockfd, int *pid)
2364 int retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
2366 unsigned int cl = sizeof(cr);
2367 char *cmdline = NULL;
2368 struct passwd pw, *ppw;
2371 static uid_t middleware_uid = 0;
2375 /* get PID of socket peer */
2376 if(getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &cr, &cl) != 0)
2378 retval = SECURITY_SERVER_ERROR_SOCKET;
2379 SEC_SVR_DBG("%s", "Error on getsockopt");
2383 if (!middleware_uid)
2385 buf_size = sysconf(_SC_GETPW_R_SIZE_MAX);
2389 buf = malloc(buf_size);
2391 /* This test isn't essential, skip it in case of error */
2393 if (getpwnam_r(SECURITY_SERVER_MIDDLEWARE_USER, &pw, buf, buf_size, &ppw) == 0 && ppw)
2394 middleware_uid = pw.pw_uid;
2400 /* Middleware services need to run as root or middleware/app user */
2401 if(cr.uid != 0 && cr.uid != middleware_uid)
2403 retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
2404 SEC_SVR_DBG("Non root process has called API: %d", cr.uid);
2408 /* Read command line of the PID from proc fs */
2409 cmdline = read_cmdline_from_proc(cr.pid);
2412 /* It's weired. no file in proc file system, */
2413 retval = SECURITY_SERVER_ERROR_FILE_OPERATION;
2414 SEC_SVR_DBG("Error on opening /proc/%d/cmdline", cr.pid);
2418 /* Search cmdline of the peer that is really middleware executable */
2419 retval = search_middleware_cmdline(cmdline);
2429 /* Get app PID from socked and read its privilege (GID) list
2430 * from /proc/<PDI>/status.
2432 * param 1: socket descriptor
2433 * param 2: pointer for hold returned array
2435 * ret: size of array or -1 in case of error
2437 * Notice that user must free space allocated in this function and
2438 * returned by second parameter (int * privileges)
2440 int get_client_gid_list(int sockfd, int ** privileges)
2443 //for read socket options
2444 struct ucred socopt;
2445 unsigned int socoptSize = sizeof(socopt);
2446 //privileges to be returned
2448 //buffer for store /proc/<PID>/status filepath
2449 const int PATHSIZE = 24;
2450 char path[PATHSIZE];
2453 //buffer for filelines
2454 const int LINESIZE = 128;
2455 char fileLine[LINESIZE];
2457 char delim[] = ": ";
2458 char * token = NULL;
2464 //read socket options
2465 ret = getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &socopt, &socoptSize);
2468 SEC_SVR_DBG("%s", "Error on getsockopt");
2472 //now we have PID in sockopt.pid
2473 bzero(path, PATHSIZE);
2474 snprintf(path, PATHSIZE, "/proc/%d/status", socopt.pid);
2476 fp = fopen(path, "r");
2479 SEC_SVR_DBG("%s", "Error on fopen");
2483 bzero(fileLine, LINESIZE);
2485 //search for line beginning with "Groups:"
2486 while(strncmp(fileLine, "Groups:", 7) != 0)
2488 ret = fgets(fileLine, LINESIZE, fp);
2491 SEC_SVR_DBG("%s", "Error on fgets");
2499 //now we have "Groups:" line in fileLine[]
2501 token = strtok(fileLine, delim);
2502 while(token = strtok(NULL, delim))
2505 if(*privileges == NULL)
2508 *privileges = (int *)malloc(sizeof(int) * 1);
2509 if(*privileges == NULL)
2511 SEC_SVR_DBG("%s", "Error on malloc");
2514 (*privileges)[0] = atoi(token);
2518 *privileges = realloc(*privileges, sizeof(int) * (ret + 1));
2519 (*privileges)[ret] = atoi(token);
2525 //check if we found any GIDs for process
2526 if(*privileges == NULL)
2528 SEC_SVR_DBG("%s %d", "No GIDs found for PID:", socopt.pid);
2532 SEC_SVR_DBG("%s %d", "Number of GIDs found:", ret);
2538 /* Authenticate the application is middleware daemon
2539 * The middleware must run as root and the cmd line must be pre listed */
2540 int authenticate_developer_shell(int sockfd)
2542 int retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
2544 unsigned int cl = sizeof(cr);
2545 char *cmdline = NULL;
2547 /* get PID of socket peer */
2548 if(getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &cr, &cl) != 0)
2550 retval = SECURITY_SERVER_ERROR_SOCKET;
2551 SEC_SVR_DBG("%s", "Error on getsockopt");
2555 /* All middlewares will run as root */
2556 if(cr.uid != SECURITY_SERVER_DEVELOPER_UID)
2558 retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
2559 SEC_SVR_DBG("Non root process has called API: %d", cr.uid);
2563 /* Read command line of the PID from proc fs */
2564 cmdline = read_cmdline_from_proc(cr.pid);
2567 /* It's weired. no file in proc file system, */
2568 retval = SECURITY_SERVER_ERROR_FILE_OPERATION;
2569 SEC_SVR_DBG("Error on opening /proc/%d/cmdline", cr.pid);
2573 /* Search cmdline of the peer that is really debug tool */
2574 if(strncmp(cmdline, SECURITY_SERVER_DEBUG_TOOL_PATH, strlen(SECURITY_SERVER_DEBUG_TOOL_PATH)) != 0)
2576 SEC_SVR_DBG("Error: Wrong cmdline [%s]", cmdline);
2577 retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
2580 retval = SECURITY_SERVER_SUCCESS;
2581 SEC_SVR_DBG("%s", "Client Authenticated");
2590 int free_argv(char **argv, int argc)
2595 SEC_SVR_DBG("%s", "Cannot free NULL pointer");
2596 return SECURITY_SERVER_ERROR_INPUT_PARAM;
2598 for (i=0;i<argc;i++)
2604 return SECURITY_SERVER_SUCCESS;