4 * Copyright (c) 2000 - 2011 Samsung Electronics Co., Ltd All Rights Reserved
6 * Contact: Bumjin Im <bj.im@samsung.com>
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License
25 #include <sys/socket.h>
26 #include <sys/types.h>
27 #include <sys/smack.h>
38 #include "security-server-common.h"
39 #include "security-server-comm.h"
41 void printhex(const unsigned char *data, int size)
49 printf("%X ", data[i]);
50 if(((i+1) % 16) == 0 && i != 0)
56 char *read_exe_path_from_proc(pid_t pid)
63 // get link to executable
64 snprintf(link, sizeof(link), "/proc/%d/exe", pid);
70 SEC_SVR_DBG("Out of memory");
75 cnt = readlink(link, exe, size);
78 if (cnt < 0 || (size_t)cnt > size) {
79 SEC_SVR_DBG("Can't locate process binary for pid[%d]", pid);
84 // read less than requested
85 if ((size_t)cnt < size)
88 // read exactly the number of bytes requested
90 if (size > (SIZE_MAX >> 1)) {
91 SEC_SVR_DBG("Exe path too long (more than %d characters)", size);
96 // readlink does not append null byte to buffer.
101 /* Return code in packet is positive integer *
102 * We need to convert them to error code which are negative integer */
103 int return_code_to_error_code(int ret_code)
108 case SECURITY_SERVER_RETURN_CODE_SUCCESS:
109 case SECURITY_SERVER_RETURN_CODE_ACCESS_GRANTED:
110 ret = SECURITY_SERVER_SUCCESS;
112 case SECURITY_SERVER_RETURN_CODE_BAD_REQUEST:
113 ret = SECURITY_SERVER_ERROR_BAD_REQUEST;
115 case SECURITY_SERVER_RETURN_CODE_AUTHENTICATION_FAILED:
116 ret = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
118 case SECURITY_SERVER_RETURN_CODE_ACCESS_DENIED:
119 ret = SECURITY_SERVER_ERROR_ACCESS_DENIED;
121 case SECURITY_SERVER_RETURN_CODE_NO_SUCH_OBJECT:
122 ret = SECURITY_SERVER_ERROR_NO_SUCH_OBJECT;
124 case SECURITY_SERVER_RETURN_CODE_SERVER_ERROR:
125 ret = SECURITY_SERVER_ERROR_SERVER_ERROR;
127 case SECURITY_SERVER_RETURN_CODE_NO_SUCH_COOKIE:
128 ret = SECURITY_SERVER_ERROR_NO_SUCH_COOKIE;
130 case SECURITY_SERVER_RETURN_CODE_NO_PASSWORD:
131 ret = SECURITY_SERVER_ERROR_NO_PASSWORD;
133 case SECURITY_SERVER_RETURN_CODE_PASSWORD_EXIST:
134 ret = SECURITY_SERVER_ERROR_PASSWORD_EXIST;
136 case SECURITY_SERVER_RETURN_CODE_PASSWORD_MISMATCH:
137 ret = SECURITY_SERVER_ERROR_PASSWORD_MISMATCH;
139 case SECURITY_SERVER_RETURN_CODE_PASSWORD_RETRY_TIMER:
140 ret = SECURITY_SERVER_ERROR_PASSWORD_RETRY_TIMER;
142 case SECURITY_SERVER_RETURN_CODE_PASSWORD_EXPIRED:
143 ret = SECURITY_SERVER_ERROR_PASSWORD_EXPIRED;
145 case SECURITY_SERVER_RETURN_CODE_PASSWORD_MAX_ATTEMPTS_EXCEEDED:
146 ret = SECURITY_SERVER_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED;
148 case SECURITY_SERVER_RETURN_CODE_PASSWORD_REUSED:
149 ret = SECURITY_SERVER_ERROR_PASSWORD_REUSED;
152 ret = SECURITY_SERVER_ERROR_UNKNOWN;
158 int check_socket_poll(int sockfd, int event, int timeout)
160 struct pollfd poll_fd[1];
161 int retval = SECURITY_SERVER_ERROR_POLL;
163 poll_fd[0].fd = sockfd;
164 poll_fd[0].events = event;
165 retval = poll(poll_fd, 1, timeout);
168 SEC_SVR_DBG("poll() error. errno=%d", errno);
170 return SECURITY_SERVER_ERROR_POLL;
173 /* Chile process has been closed. Not poll() problem. Call it once again */
174 return check_socket_poll(sockfd, event, timeout);
181 return SECURITY_SERVER_ERROR_TIMEOUT;
184 if(poll_fd[0].revents != event)
186 SEC_SVR_DBG("Something wrong on the peer socket. event=0x%x", poll_fd[0].revents);
187 return SECURITY_SERVER_ERROR_POLL;
189 return SECURITY_SERVER_SUCCESS;
192 int safe_server_sock_close(int client_sockfd)
194 struct pollfd poll_fd[1];
196 retval = SECURITY_SERVER_ERROR_POLL;
197 poll_fd[0].fd = client_sockfd;
198 poll_fd[0].events = POLLRDHUP;
199 retval = poll(poll_fd, 1, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
200 SEC_SVR_DBG("%s", "Server: Closing server socket");
201 close(client_sockfd);
202 return SECURITY_SERVER_SUCCESS;
205 /* Create a Unix domain socket and bind */
206 int create_new_socket(int *sockfd)
208 int retval = 0, localsockfd = 0, flags;
209 struct sockaddr_un serveraddr;
212 /* Deleted garbage Unix domain socket file */
213 retval = remove(SECURITY_SERVER_SOCK_PATH);
215 if (retval == -1 && errno != ENOENT) {
216 retval = SECURITY_SERVER_ERROR_UNKNOWN;
218 SEC_SVR_DBG("%s", "Unable to remove /tmp/.security_server.sock");
222 /* Create Unix domain socket */
223 if((localsockfd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0 )
225 retval = SECURITY_SERVER_ERROR_SOCKET;
227 SEC_SVR_DBG("%s", "Socket creation failed");
231 if(smack_fsetlabel(localsockfd, "@", SMACK_LABEL_IPOUT) != 0)
233 SEC_SVR_DBG("%s", "SMACK labeling failed");
234 if(errno != EOPNOTSUPP)
236 retval = SECURITY_SERVER_ERROR_SOCKET;
242 if(smack_fsetlabel(localsockfd, "*", SMACK_LABEL_IPIN) != 0)
243 { SEC_SVR_DBG("%s", "SMACK labeling failed");
244 if(errno != EOPNOTSUPP)
246 retval = SECURITY_SERVER_ERROR_SOCKET;
253 /* Make socket as non blocking */
254 if((flags = fcntl(localsockfd, F_GETFL, 0)) < 0 ||
255 fcntl(localsockfd, F_SETFL, flags | O_NONBLOCK) < 0)
257 retval = SECURITY_SERVER_ERROR_SOCKET;
260 SEC_SVR_DBG("%s", "Cannot go to nonblocking mode");
264 bzero (&serveraddr, sizeof(serveraddr));
265 serveraddr.sun_family = AF_UNIX;
266 strncpy(serveraddr.sun_path, SECURITY_SERVER_SOCK_PATH,
267 strlen(SECURITY_SERVER_SOCK_PATH));
268 serveraddr.sun_path[strlen(SECURITY_SERVER_SOCK_PATH)] = 0;
270 /* Bind the socket */
271 if((bind(localsockfd, (struct sockaddr *)&serveraddr, sizeof(serveraddr))) < 0)
273 retval = SECURITY_SERVER_ERROR_SOCKET_BIND;
274 SEC_SVR_DBG("%s", "Cannot bind");
281 /* Change permission to accept all processes that has different uID/gID */
282 sock_mode = (S_IRWXU | S_IRWXG | S_IRWXO);
283 /* Flawfinder hits this chmod function as level 5 CRITICAL as race condition flaw *
284 * Flawfinder recommends to user fchmod insted of chmod
285 * But, fchmod doesn't work on socket file so there is no other choice at this point */
286 if(chmod(SECURITY_SERVER_SOCK_PATH, sock_mode) < 0) /* Flawfinder: ignore */
288 SEC_SVR_DBG("%s", "chmod() error");
289 retval = SECURITY_SERVER_ERROR_SOCKET;
295 retval = SECURITY_SERVER_SUCCESS;
298 *sockfd = localsockfd;
302 /* Authenticate peer that it's really security server.
303 * Check UID that is root
305 int authenticate_server(int sockfd)
309 unsigned int cl = sizeof(cr);
310 /* char *exe = NULL;*/
312 /* get socket peer credential */
313 if(getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &cr, &cl) != 0)
315 retval = SECURITY_SERVER_ERROR_SOCKET;
316 SEC_SVR_DBG("%s", "getsockopt() failed");
320 /* Security server must run as root */
323 retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
324 SEC_SVR_DBG("Peer is not root: uid=%d", cr.uid);
328 retval = SECURITY_SERVER_SUCCESS;
330 /* Read command line of the PID from proc fs */
331 /* This is commented out because non root process cannot read link of /proc/pid/exe */
332 /* exe = read_exe_path_from_proc(cr.pid);
334 if(strcmp(exe, SECURITY_SERVER_DAEMON_PATH) != 0)
336 retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
337 SEC_SVR_DBG("Executable path is different. auth failed. Exe path=%s", exe);
341 retval = SECURITY_SERVER_SUCCESS;
342 SEC_SVR_DBG("Server authenticatd. %s, sockfd=%d", exe, sockfd);
352 /* Create a socket and connect to Security Server */
353 int connect_to_server(int *fd)
355 struct sockaddr_un clientaddr;
356 int client_len = 0, localsockfd, ret, flags;
359 /* Create a socket */
360 localsockfd = socket(AF_UNIX, SOCK_STREAM, 0);
363 SEC_SVR_DBG("%s", "Error on socket()");
364 return SECURITY_SERVER_ERROR_SOCKET;
367 /* Make socket as non blocking */
368 if((flags = fcntl(localsockfd, F_GETFL, 0)) < 0 ||
369 fcntl(localsockfd, F_SETFL, flags | O_NONBLOCK) < 0)
372 SEC_SVR_DBG("%s", "Cannot go to nonblocking mode");
373 return SECURITY_SERVER_ERROR_SOCKET;
376 bzero(&clientaddr, sizeof(clientaddr));
377 clientaddr.sun_family = AF_UNIX;
378 strncpy(clientaddr.sun_path, SECURITY_SERVER_SOCK_PATH, strlen(SECURITY_SERVER_SOCK_PATH));
379 clientaddr.sun_path[strlen(SECURITY_SERVER_SOCK_PATH)] = 0;
380 client_len = sizeof(clientaddr);
382 ret = connect(localsockfd, (struct sockaddr*)&clientaddr, client_len);
385 if(errno == EINPROGRESS)
387 SEC_SVR_DBG("%s", "Connection is in progress");
388 ret = check_socket_poll(localsockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
389 if(ret == SECURITY_SERVER_ERROR_POLL)
391 SEC_SVR_DBG("%s", "poll() error");
393 return SECURITY_SERVER_ERROR_SOCKET;
395 if(ret == SECURITY_SERVER_ERROR_TIMEOUT)
397 SEC_SVR_DBG("%s", "poll() timeout");
399 return SECURITY_SERVER_ERROR_SOCKET;
401 ret = connect(localsockfd, (struct sockaddr*)&clientaddr, client_len);
404 SEC_SVR_DBG("%s", "connection failed");
406 return SECURITY_SERVER_ERROR_SOCKET;
411 SEC_SVR_DBG("%s", "Connection failed");
413 return SECURITY_SERVER_ERROR_SOCKET;
417 /* Authenticate the peer is actually security server */
418 ret = authenticate_server(localsockfd);
419 if(ret != SECURITY_SERVER_SUCCESS)
422 SEC_SVR_DBG("Authentication failed. %d", ret);
426 return SECURITY_SERVER_SUCCESS;
429 /* Accept a new client connection */
430 int accept_client(int server_sockfd)
432 /* Call poll() to wait for socket connection */
433 int retval, localsockfd;
434 struct sockaddr_un clientaddr;
435 unsigned int client_len;
437 client_len = sizeof(clientaddr);
440 retval = check_socket_poll(server_sockfd, POLLIN, SECURITY_SERVER_ACCEPT_TIMEOUT_MILISECOND);
441 if(retval == SECURITY_SERVER_ERROR_POLL)
443 SEC_SVR_DBG("%s", "Error on polling");
444 return SECURITY_SERVER_ERROR_SOCKET;
448 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
450 /*SEC_SVR_DBG("%s", "accept() timeout");*/
451 return SECURITY_SERVER_ERROR_TIMEOUT;
454 localsockfd = accept(server_sockfd,
455 (struct sockaddr *)&clientaddr,
460 SEC_SVR_DBG("Cannot accept client. errno=%d", errno);
461 return SECURITY_SERVER_ERROR_SOCKET;
466 /* Minimal check of request packet */
467 int validate_header(basic_header hdr)
469 if(hdr.version != SECURITY_SERVER_MSG_VERSION)
470 return SECURITY_SERVER_ERROR_BAD_REQUEST;
472 return SECURITY_SERVER_SUCCESS;
475 /* Send generic response packet to client
477 * Generic Response Packet Format
479 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
480 |---------------------------------------------------------------|
481 | version=0x01 | Message ID |Message Length (without header)|
482 |---------------------------------------------------------------|
486 int send_generic_response (int sockfd, unsigned char msgid, unsigned char return_code)
491 /* Assemble header */
492 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
493 hdr.basic_hdr.msg_id = msgid;
494 hdr.basic_hdr.msg_len = 0;
495 hdr.return_code = return_code;
498 size = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
499 if(size == SECURITY_SERVER_ERROR_POLL)
501 SEC_SVR_DBG("%s", "poll() error");
502 return SECURITY_SERVER_ERROR_SEND_FAILED;
504 if(size == SECURITY_SERVER_ERROR_TIMEOUT)
506 SEC_SVR_DBG("%s", "poll() timeout");
507 return SECURITY_SERVER_ERROR_SEND_FAILED;
511 size = TEMP_FAILURE_RETRY(write(sockfd, &hdr, sizeof(hdr)));
513 if(size < (int)sizeof(hdr))
514 return SECURITY_SERVER_ERROR_SEND_FAILED;
515 return SECURITY_SERVER_SUCCESS;
518 /* Send cookie response to client
520 * Get Cookie response packet format
522 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
523 * |---------------------------------------------------------------|
524 * | version=0x01 |MessageID=0x02 | Message Length =20 |
525 * |---------------------------------------------------------------|
527 * ----------------- |
528 * | cookie (20 bytes) |
529 * |---------------------------------------------------------------|
531 int send_cookie(int sockfd, unsigned char *cookie)
534 unsigned char msg[SECURITY_SERVER_COOKIE_LEN + sizeof(hdr)];
537 /* Assemble header */
538 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
539 hdr.basic_hdr.msg_id = SECURITY_SERVER_MSG_TYPE_COOKIE_RESPONSE;
540 hdr.basic_hdr.msg_len = SECURITY_SERVER_COOKIE_LEN;
541 hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
543 memcpy(msg, &hdr, sizeof(hdr));
544 memcpy(msg + sizeof(hdr), cookie, SECURITY_SERVER_COOKIE_LEN);
547 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
548 if(ret == SECURITY_SERVER_ERROR_POLL)
550 SEC_SVR_DBG("%s", "poll() error");
551 return SECURITY_SERVER_ERROR_SEND_FAILED;
553 if(ret == SECURITY_SERVER_ERROR_TIMEOUT)
555 SEC_SVR_DBG("%s", "poll() timeout");
556 return SECURITY_SERVER_ERROR_SEND_FAILED;
559 ret = TEMP_FAILURE_RETRY(write(sockfd, msg, sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN));
560 if(ret < (int)(sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN))
562 /* Error on writing */
563 SEC_SVR_DBG("Error on write: %d", ret);
564 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
567 return SECURITY_SERVER_SUCCESS;
570 /* Send Object name response *
571 * Get Object name response packet format
573 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
574 * |---------------------------------------------------------------|
575 * | version=0x01 |MessageID=0x06 | Message Length |
576 * |---------------------------------------------------------------|
578 * ----------------- |
580 * |---------------------------------------------------------------|
582 int send_object_name(int sockfd, char *obj)
585 unsigned char msg[strlen(obj) + sizeof(hdr)];
588 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
589 hdr.basic_hdr.msg_id = 0x06;
590 hdr.basic_hdr.msg_len = strlen(obj);
591 hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
593 memcpy(msg, &hdr, sizeof(hdr));
594 memcpy(msg + sizeof(hdr), obj, strlen(obj));
597 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
598 if(ret == SECURITY_SERVER_ERROR_POLL)
600 SEC_SVR_DBG("%s", "poll() error");
601 return SECURITY_SERVER_ERROR_SEND_FAILED;
603 if(ret == SECURITY_SERVER_ERROR_TIMEOUT)
605 SEC_SVR_DBG("%s", "poll() timeout");
606 return SECURITY_SERVER_ERROR_SEND_FAILED;
609 ret = TEMP_FAILURE_RETRY(write(sockfd, msg, sizeof(hdr) + strlen(obj)));
610 if(ret < sizeof(hdr) + strlen(obj))
612 /* Error on writing */
613 SEC_SVR_DBG("Error on write: %d", ret);
614 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
617 return SECURITY_SERVER_SUCCESS;
620 /* Send GID response to client
622 * Get GID response packet format
624 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
625 * |---------------------------------------------------------------|
626 * | version=0x01 |MessageID=0x08 | Message Length = 4 |
627 * |---------------------------------------------------------------|
628 * | return code | gid (first 3 words) |
629 * |---------------------------------------------------------------|
633 int send_gid(int sockfd, int gid)
636 unsigned char msg[sizeof(gid) + sizeof(hdr)];
639 /* Assemble header */
640 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
641 hdr.basic_hdr.msg_id = SECURITY_SERVER_MSG_TYPE_GID_RESPONSE;
642 hdr.basic_hdr.msg_len = sizeof(gid);
643 hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
646 memcpy(msg, &hdr, sizeof(hdr));
647 memcpy(msg + sizeof(hdr), &gid, sizeof(gid));
650 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
651 if(ret == SECURITY_SERVER_ERROR_POLL)
653 SEC_SVR_DBG("%s", "poll() error");
654 return SECURITY_SERVER_ERROR_SEND_FAILED;
656 if(ret == SECURITY_SERVER_ERROR_TIMEOUT)
658 SEC_SVR_DBG("%s", "poll() timeout");
659 return SECURITY_SERVER_ERROR_SEND_FAILED;
663 ret = TEMP_FAILURE_RETRY(write(sockfd, msg, sizeof(hdr) + sizeof(gid)));
664 if(ret < sizeof(hdr) + sizeof(gid))
666 /* Error on writing */
667 SEC_SVR_DBG("Error on write(): %d", ret);
668 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
671 return SECURITY_SERVER_SUCCESS;
674 /* Send PID response to client
676 * Get PID response packet format
678 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
679 * |---------------------------------------------------------------|
680 * | version=0x01 |MessageID=0x0a | Message Length = 4 |
681 * |---------------------------------------------------------------|
682 * | return code | pid (first 3 words) |
683 * |---------------------------------------------------------------|
687 int send_pid(int sockfd, int pid)
690 unsigned char msg[sizeof(pid) + sizeof(hdr)];
693 /* Assemble header */
694 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
695 hdr.basic_hdr.msg_id = SECURITY_SERVER_MSG_TYPE_PID_RESPONSE;
696 hdr.basic_hdr.msg_len = sizeof(pid);
697 hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
700 memcpy(msg, &hdr, sizeof(hdr));
701 memcpy(msg + sizeof(hdr), &pid, sizeof(pid));
704 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
705 if(ret == SECURITY_SERVER_ERROR_POLL)
707 SEC_SVR_DBG("%s", "poll() error");
708 return SECURITY_SERVER_ERROR_SEND_FAILED;
710 if(ret == SECURITY_SERVER_ERROR_TIMEOUT)
712 SEC_SVR_DBG("%s", "poll() timeout");
713 return SECURITY_SERVER_ERROR_SEND_FAILED;
717 ret = TEMP_FAILURE_RETRY(write(sockfd, msg, sizeof(hdr) + sizeof(pid)));
718 if(ret < sizeof(hdr) + sizeof(pid))
720 /* Error on writing */
721 SEC_SVR_DBG("Error on write(): %d", ret);
722 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
725 return SECURITY_SERVER_SUCCESS;
728 /* Send SMACK label to client with lenght N
730 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
731 * |---------------------------------------------------------------|
732 * | version=0x01 |MessageID=0x1e | Message Length = SMACK_LABEL_LEN + 1
733 * |---------------------------------------------------------------|
734 * | return code | SMACK label byte 0 |
735 * |---------------------------------------------------------------|
736 * | .................. |
737 * |---------------------------------------------------------------|
738 * | SMACK label byte N |
739 * |---------------------------------------------------------------|
741 int send_smack(int sockfd, char * label)
744 //added 1 to the size is for NULL terminating label
745 int LABEL_SIZE = SMACK_LABEL_LEN + 1;
746 int PACKET_SIZE = sizeof(hdr) + LABEL_SIZE;
747 unsigned char msg[PACKET_SIZE];
750 /* Assemble header */
751 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
752 hdr.basic_hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SMACK_RESPONSE;
753 hdr.basic_hdr.msg_len = LABEL_SIZE;
754 hdr.return_code = SECURITY_SERVER_RETURN_CODE_SUCCESS;
757 memcpy(msg, &hdr, sizeof(hdr));
758 memcpy(msg + sizeof(hdr), label, LABEL_SIZE);
759 memset(msg + sizeof(hdr) + SMACK_LABEL_LEN, 0x00, 1); //adding NULL ad the label end
762 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
763 if(ret == SECURITY_SERVER_ERROR_POLL)
765 SEC_SVR_DBG("%s", "poll() error");
766 return SECURITY_SERVER_ERROR_SEND_FAILED;
768 if(ret == SECURITY_SERVER_ERROR_TIMEOUT)
770 SEC_SVR_DBG("%s", "poll() timeout");
771 return SECURITY_SERVER_ERROR_SEND_FAILED;
775 ret = TEMP_FAILURE_RETRY(write(sockfd, msg, PACKET_SIZE));
776 if(ret < PACKET_SIZE)
778 /* Error on writing */
779 SEC_SVR_DBG("Error on write(): %d", ret);
780 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
783 return SECURITY_SERVER_SUCCESS;
786 /* Send Check password response to client
788 * Check password response packet format
790 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
791 * |---------------------------------------------------------------|
792 * | version=0x01 | MessageID | Message Length = 12 |
793 * |---------------------------------------------------------------|
794 * | return code | attempts (first 3 words) |
795 * |---------------------------------------------------------------|
796 * |attempts(rest) | max_attempts (first 3 words) |
797 * |---------------|-----------------------------------------------|
798 * | max_attempts | expire_in_days (first 3 words) |
799 * |---------------------------------------------------------------|
803 int send_pwd_response(const int sockfd,
804 const unsigned char msg_id,
805 const unsigned char return_code,
806 const unsigned int current_attempts,
807 const unsigned int max_attempts,
808 const unsigned int expire_time)
811 unsigned int expire_secs;
812 unsigned char msg[sizeof(hdr) + sizeof(current_attempts) + sizeof(max_attempts) + sizeof(expire_secs)];
816 /* Assemble header */
817 hdr.basic_hdr.version = SECURITY_SERVER_MSG_VERSION;
818 hdr.basic_hdr.msg_id = msg_id;
819 hdr.basic_hdr.msg_len = sizeof(unsigned int) * 3;
820 hdr.return_code = return_code;
823 memcpy(msg, &hdr, sizeof(hdr));
825 memcpy(msg + ptr, ¤t_attempts, sizeof(current_attempts));
826 ptr += sizeof(current_attempts);
827 memcpy(msg + ptr, &max_attempts, sizeof(max_attempts));
828 ptr += sizeof(max_attempts);
829 memcpy(msg + ptr, &expire_time, sizeof(expire_time));
830 ptr += sizeof(expire_time);
833 ret = check_socket_poll(sockfd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
834 if(ret == SECURITY_SERVER_ERROR_POLL)
836 SEC_SVR_DBG("%s", "Server: poll() error");
837 return SECURITY_SERVER_ERROR_SEND_FAILED;
839 if(ret == SECURITY_SERVER_ERROR_TIMEOUT)
841 SEC_SVR_DBG("%s", "Server: poll() timeout");
842 return SECURITY_SERVER_ERROR_SEND_FAILED;
846 ret = TEMP_FAILURE_RETRY(write(sockfd, msg, ptr));
849 /* Error on writing */
850 SEC_SVR_DBG("Server: ERROR on write(): %d", ret);
851 ret = SECURITY_SERVER_ERROR_SEND_FAILED;
854 return SECURITY_SERVER_SUCCESS;
857 /* Send cookie request packet to security server *
860 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
861 * |---------------------------------------------------------------|
862 * | version=0x01 |MessageID=0x01 | Message Length = 0 |
863 * |---------------------------------------------------------------|
865 int send_cookie_request(int sock_fd)
870 /* Assemble header */
871 hdr.version = SECURITY_SERVER_MSG_VERSION;
872 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_COOKIE_REQUEST;
876 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
877 if(retval == SECURITY_SERVER_ERROR_POLL)
879 SEC_SVR_DBG("%s", "poll() error");
880 return SECURITY_SERVER_ERROR_SEND_FAILED;
882 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
884 SEC_SVR_DBG("%s", "poll() timeout");
885 return SECURITY_SERVER_ERROR_SEND_FAILED;
889 retval = TEMP_FAILURE_RETRY(write(sock_fd, &hdr, sizeof(hdr)));
890 if(retval < sizeof(hdr))
893 SEC_SVR_DBG("Error on write(): %d", retval);
894 return SECURITY_SERVER_ERROR_SEND_FAILED;
896 return SECURITY_SERVER_SUCCESS;
899 /* Send GID request message to security server
902 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
903 * |---------------------------------------------------------------|
904 * | version=0x01 |MessageID=0x07 | Message Length = variable |
905 * |---------------------------------------------------------------|
907 * | Object name (variable) |
909 * |---------------------------------------------------------------|
911 int send_gid_request(int sock_fd, const char* object)
914 int retval = 0, send_len = 0;
915 unsigned char *buf = NULL;
917 if(strlen(object) > SECURITY_SERVER_MAX_OBJ_NAME)
919 /* Object name is too big*/
920 SEC_SVR_DBG("Object name is too big %dbytes", strlen(object));
921 return SECURITY_SERVER_ERROR_INPUT_PARAM;
924 hdr.version = SECURITY_SERVER_MSG_VERSION;
925 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_GID_REQUEST;
926 hdr.msg_len = strlen(object);
928 send_len = sizeof(hdr) + strlen(object);
930 buf = malloc(send_len);
933 SEC_SVR_DBG("%s", "out of memory");
934 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
937 memcpy(buf, &hdr, sizeof(hdr));
938 memcpy(buf + sizeof(hdr), object, strlen(object));
941 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
942 if(retval == SECURITY_SERVER_ERROR_POLL)
944 SEC_SVR_DBG("%s", "poll() error");
945 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
948 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
950 SEC_SVR_DBG("%s", "poll() timeout");
951 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
955 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, send_len));
956 if(retval < send_len)
959 SEC_SVR_DBG("Error on write(): %d. errno=%d, sockfd=%d", retval, errno, sock_fd);
960 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
963 retval = SECURITY_SERVER_SUCCESS;
972 /* Send object name request message to security server *
975 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
976 * |---------------------------------------------------------------|
977 * | version=0x01 |MessageID=0x05 | Message Length = 4 |
978 * |---------------------------------------------------------------|
980 * |---------------------------------------------------------------|
982 int send_object_name_request(int sock_fd, int gid)
986 unsigned char buf[sizeof(hdr) + sizeof(gid)];
988 /* Assemble header */
989 hdr.version = SECURITY_SERVER_MSG_VERSION;
990 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_OBJECT_NAME_REQUEST;
991 hdr.msg_len = sizeof(gid);
993 memcpy(buf, &hdr, sizeof(hdr));
994 memcpy(buf + sizeof(hdr), &gid, sizeof(gid));
997 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
998 if(retval == SECURITY_SERVER_ERROR_POLL)
1000 SEC_SVR_DBG("%s", "poll() error");
1001 return SECURITY_SERVER_ERROR_SEND_FAILED;
1003 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1005 SEC_SVR_DBG("%s", "poll() timeout");
1006 return SECURITY_SERVER_ERROR_SEND_FAILED;
1009 /* Send to server */
1010 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, sizeof(buf)));
1011 if(retval < sizeof(buf))
1014 SEC_SVR_DBG("Error on write(): %d", retval);
1015 return SECURITY_SERVER_ERROR_SEND_FAILED;
1017 return SECURITY_SERVER_SUCCESS;
1020 /* Send privilege check request message to security server *
1023 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1024 * |---------------------------------------------------------------|
1025 * | version=0x01 |MessageID=0x03 | Message Length = 24 |
1026 * |---------------------------------------------------------------|
1029 * | Cookie (20bytes) |
1032 * |---------------------------------------------------------------|
1034 * |---------------------------------------------------------------|
1036 int send_privilege_check_request(int sock_fd, const char*cookie, int gid)
1040 unsigned char buf[sizeof(hdr) + sizeof(gid) + SECURITY_SERVER_COOKIE_LEN];
1042 /* Assemble header */
1043 hdr.version = SECURITY_SERVER_MSG_VERSION;
1044 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_REQUEST;
1045 hdr.msg_len = sizeof(gid) + SECURITY_SERVER_COOKIE_LEN;
1047 memcpy(buf, &hdr, sizeof(hdr));
1048 memcpy(buf + sizeof(hdr), cookie, SECURITY_SERVER_COOKIE_LEN);
1049 memcpy(buf + sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN, &gid, sizeof(gid));
1052 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1053 if(retval == SECURITY_SERVER_ERROR_POLL)
1055 SEC_SVR_DBG("%s", "poll() error");
1056 return SECURITY_SERVER_ERROR_SEND_FAILED;
1058 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1060 SEC_SVR_DBG("%s", "poll() timeout");
1061 return SECURITY_SERVER_ERROR_SEND_FAILED;
1064 /* Send to server */
1065 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, sizeof(buf)));
1066 if(retval < sizeof(buf))
1069 SEC_SVR_DBG("Error on write(): %d", retval);
1070 return SECURITY_SERVER_ERROR_SEND_FAILED;
1072 return SECURITY_SERVER_SUCCESS;
1075 int send_privilege_check_new_request(int sock_fd,
1078 const char *access_rights)
1085 olen = strlen(object);
1086 alen = strlen(access_rights);
1087 if (olen > MAX_OBJECT_LABEL_LEN || alen > MAX_MODE_STR_LEN)
1089 return SECURITY_SERVER_ERROR_INPUT_PARAM;
1092 unsigned char buf[sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN +
1093 2*sizeof(int) + MAX_OBJECT_LABEL_LEN + MAX_MODE_STR_LEN];
1095 /* Assemble header */
1096 hdr.version = SECURITY_SERVER_MSG_VERSION;
1097 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_NEW_REQUEST;
1098 hdr.msg_len = SECURITY_SERVER_COOKIE_LEN + 2*sizeof(int) + olen + alen;
1100 memcpy(buf, &hdr, sizeof(hdr));
1101 memcpy(buf + sizeof(hdr), cookie, SECURITY_SERVER_COOKIE_LEN);
1102 memcpy(buf + sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN, &olen, sizeof(int));
1103 memcpy(buf + sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN + sizeof(int),
1104 &alen, sizeof(int));
1105 memcpy(buf + sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN + 2*sizeof(int), object, olen);
1106 memcpy(buf + sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN + 2*sizeof(int) + olen,
1107 access_rights, alen);
1110 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1111 if(retval == SECURITY_SERVER_ERROR_POLL)
1113 SEC_SVR_DBG("%s", "poll() error");
1114 return SECURITY_SERVER_ERROR_SEND_FAILED;
1116 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1118 SEC_SVR_DBG("%s", "poll() timeout");
1119 return SECURITY_SERVER_ERROR_SEND_FAILED;
1122 size = sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN + 2*sizeof(int) + olen + alen;
1123 /* Send to server */
1124 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, size));
1128 SEC_SVR_DBG("Error on write(): %d", retval);
1129 return SECURITY_SERVER_ERROR_SEND_FAILED;
1131 return SECURITY_SERVER_SUCCESS;
1134 /* Send SMACK request message to security server *
1137 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1138 * |---------------------------------------------------------------|
1139 * | version=0x01 |MessageID=0x1d | Message Length = 20 |
1140 * |---------------------------------------------------------------|
1143 * | Cookie (20bytes) |
1146 * |---------------------------------------------------------------|
1148 int send_smack_request(int sock_fd, const char * cookie)
1152 unsigned char buf[sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN];
1154 /* Assemble header */
1155 hdr.version = SECURITY_SERVER_MSG_VERSION;
1156 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SMACK_REQUEST;
1157 hdr.msg_len = SECURITY_SERVER_COOKIE_LEN;
1159 memcpy(buf, &hdr, sizeof(hdr));
1160 memcpy(buf + sizeof(hdr), cookie, SECURITY_SERVER_COOKIE_LEN);
1163 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1164 if(retval == SECURITY_SERVER_ERROR_POLL)
1166 SEC_SVR_DBG("%s", "poll() error");
1167 return SECURITY_SERVER_ERROR_SEND_FAILED;
1169 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1171 SEC_SVR_DBG("%s", "poll() timeout");
1172 return SECURITY_SERVER_ERROR_SEND_FAILED;
1175 /* Send to server */
1176 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, sizeof(buf)));
1177 if(retval < sizeof(buf))
1180 SEC_SVR_DBG("Error on write(): %d", retval);
1181 return SECURITY_SERVER_ERROR_SEND_FAILED;
1183 return SECURITY_SERVER_SUCCESS;
1186 /* Send PID check request message to security server *
1189 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1190 * |---------------------------------------------------------------|
1191 * | version=0x01 |MessageID=0x09 | Message Length = 20 |
1192 * |---------------------------------------------------------------|
1195 * | Cookie (20bytes) |
1198 * |---------------------------------------------------------------|
1200 int send_pid_request(int sock_fd, const char*cookie)
1204 unsigned char buf[sizeof(hdr) + SECURITY_SERVER_COOKIE_LEN];
1206 /* Assemble header */
1207 hdr.version = SECURITY_SERVER_MSG_VERSION;
1208 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_PID_REQUEST;
1209 hdr.msg_len = SECURITY_SERVER_COOKIE_LEN;
1211 memcpy(buf, &hdr, sizeof(hdr));
1212 memcpy(buf + sizeof(hdr), cookie, SECURITY_SERVER_COOKIE_LEN);
1215 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1216 if(retval == SECURITY_SERVER_ERROR_POLL)
1218 SEC_SVR_DBG("%s", "poll() error");
1219 return SECURITY_SERVER_ERROR_SEND_FAILED;
1221 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1223 SEC_SVR_DBG("%s", "poll() timeout");
1224 return SECURITY_SERVER_ERROR_SEND_FAILED;
1227 /* Send to server */
1228 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, sizeof(buf)));
1229 if(retval < sizeof(buf))
1232 SEC_SVR_DBG("Error on write(): %d", retval);
1233 return SECURITY_SERVER_ERROR_SEND_FAILED;
1235 return SECURITY_SERVER_SUCCESS;
1239 /* Send debug tool launch request message to security server *
1242 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1243 * |---------------------------------------------------------------|
1244 * | version=0x01 |MessageID=0x0b | Message Length |
1245 * |---------------------------------------------------------------|
1246 * | total # of args |
1247 * |---------------------------------------------------------------|
1248 * | 1st argv length |
1249 * |---------------------------------------------------------------|
1253 * |---------------------------------------------------------------|
1254 * | 2nd argv length |
1255 * |---------------------------------------------------------------|
1259 * |---------------------------------------------------------------|
1261 * |---------------------------------------------------------------|
1262 * | nth argv length |
1263 * |---------------------------------------------------------------|
1267 * |---------------------------------------------------------------|
1269 int send_launch_tool_request(int sock_fd, int argc, const char **argv)
1272 int retval, total_length = 0, ptr, i, tempnum;
1273 unsigned char *buf = NULL;
1275 for (i=0;i<argc;i++)
1279 SEC_SVR_DBG("Error: %dth argv is NULL", i);
1280 return SECURITY_SERVER_ERROR_INPUT_PARAM;
1282 total_length += strlen(argv[i]);
1285 if(total_length < 1)
1287 SEC_SVR_DBG("Error: There is a problem in argv. [%d]", total_length);
1288 return SECURITY_SERVER_ERROR_INPUT_PARAM;
1290 total_length += sizeof(hdr) + sizeof(int) +(argc * sizeof(int));
1292 if(total_length > 0xffff)
1294 SEC_SVR_DBG("Buffer overflow. too big payload. [%d]", total_length);
1295 return SECURITY_SERVER_ERROR_INPUT_PARAM;
1298 buf = malloc(total_length);
1301 SEC_SVR_DBG("%s", "Error: failed to malloc()");
1302 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1305 /* Assemble header */
1306 hdr.version = SECURITY_SERVER_MSG_VERSION;
1307 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_TOOL_REQUEST;
1308 hdr.msg_len = (unsigned short)total_length;
1309 memcpy(buf, &hdr, sizeof(hdr));
1311 memcpy(buf + ptr, &argc, sizeof(int));
1314 /* Assemple each argv length and value */
1317 tempnum = strlen(argv[i]);
1318 memcpy(buf + ptr, &tempnum, sizeof(int));
1320 memcpy(buf + ptr, argv[i], tempnum);
1325 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1326 if(retval == SECURITY_SERVER_ERROR_POLL)
1328 SEC_SVR_DBG("%s", "poll() error");
1329 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1333 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1335 SEC_SVR_DBG("%s", "poll() timeout");
1336 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1340 /* Send to server */
1341 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, total_length));
1342 if(retval < sizeof(buf))
1345 SEC_SVR_DBG("Error on write(): %d", retval);
1346 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1349 retval = SECURITY_SERVER_SUCCESS;
1357 /* Send validate password request message to security server *
1360 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1361 * |---------------------------------------------------------------|
1362 * | version=0x01 |MessageID=0x0d | Message Length |
1363 * |---------------------------------------------------------------|
1365 int send_valid_pwd_request(int sock_fd)
1370 hdr.version = SECURITY_SERVER_MSG_VERSION;
1371 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_VALID_PWD_REQUEST;
1375 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1376 if(retval == SECURITY_SERVER_ERROR_POLL)
1378 SEC_SVR_DBG("%s", "poll() error");
1379 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1383 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1385 SEC_SVR_DBG("%s", "poll() timeout");
1386 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1390 /* Send to server */
1391 retval = TEMP_FAILURE_RETRY(write(sock_fd, &hdr, sizeof(hdr)));
1392 if(retval < sizeof(hdr))
1395 SEC_SVR_DBG("Error on write(): %d", retval);
1396 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1399 retval = SECURITY_SERVER_SUCCESS;
1405 /* Send password set request message to security server *
1408 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1409 * |---------------------------------------------------------------|
1410 * | version=0x01 |MessageID=0x0f | Message Length |
1411 * |---------------------------------------------------------------|
1412 * | cur_pwd_len | new_pwd_len | |
1413 * |-------------------------------- |
1415 * |---------------------------------------------------------------|
1419 * |---------------------------------------------------------------|
1421 * |---------------------------------------------------------------|
1423 * |---------------------------------------------------------------|
1425 int send_set_pwd_request(int sock_fd,
1428 const unsigned int max_challenge,
1429 const unsigned int valid_period_in_days)
1432 int retval, total_length = 0, ptr;
1433 unsigned char *buf = NULL, cur_pwd_len, new_pwd_len;
1438 cur_pwd_len = strlen(cur_pwd);
1439 new_pwd_len = strlen(new_pwd);
1441 total_length += sizeof(hdr) + sizeof(char) + sizeof(char) + cur_pwd_len
1442 + new_pwd_len + sizeof(unsigned int) + sizeof(unsigned int);
1444 buf = malloc(total_length);
1447 SEC_SVR_DBG("%s", "Error: failed to malloc()");
1448 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1451 /* Assemble header */
1452 hdr.version = SECURITY_SERVER_MSG_VERSION;
1453 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SET_PWD_REQUEST;
1454 hdr.msg_len = (unsigned short)total_length;
1455 memcpy(buf, &hdr, sizeof(hdr));
1457 memcpy(buf + ptr, &cur_pwd_len, sizeof(char));
1458 ptr += sizeof(char);
1459 memcpy(buf + ptr, &new_pwd_len, sizeof(char));
1460 ptr += sizeof(char);
1463 memcpy(buf + ptr, cur_pwd, cur_pwd_len);
1466 memcpy(buf + ptr, new_pwd, new_pwd_len);
1468 memcpy(buf + ptr, &max_challenge, sizeof(unsigned int));
1469 ptr += sizeof(unsigned int);
1470 memcpy(buf + ptr, &valid_period_in_days, sizeof(unsigned int));
1473 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1474 if(retval == SECURITY_SERVER_ERROR_POLL)
1476 SEC_SVR_DBG("%s", "poll() error");
1477 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1481 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1483 SEC_SVR_DBG("%s", "poll() timeout");
1484 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1488 /* Send to server */
1489 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, total_length));
1490 if(retval < sizeof(buf))
1493 SEC_SVR_DBG("Error on write(): %d", retval);
1494 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1497 retval = SECURITY_SERVER_SUCCESS;
1505 /* Send password validity change request message to security server *
1508 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1509 * |---------------------------------------------------------------|
1510 * | version=0x01 |MessageID=0x0f | Message Length |
1511 * |---------------------------------------------------------------|
1513 * |---------------------------------------------------------------|
1515 int send_set_pwd_validity_request(int sock_fd, const unsigned int valid_period_in_days)
1518 int retval, total_length = 0, ptr;
1519 unsigned char *buf = NULL;
1521 total_length = sizeof(hdr) + sizeof(unsigned int);
1523 buf = malloc(total_length);
1526 SEC_SVR_DBG("%s", "Error: failed to malloc()");
1527 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1530 /* Assemble header */
1531 hdr.version = SECURITY_SERVER_MSG_VERSION;
1532 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SET_PWD_VALIDITY_REQUEST;
1533 hdr.msg_len = (unsigned short)total_length;
1534 memcpy(buf, &hdr, sizeof(hdr));
1536 memcpy(buf + ptr, &valid_period_in_days, sizeof(unsigned int));
1539 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1540 if(retval == SECURITY_SERVER_ERROR_POLL)
1542 SEC_SVR_DBG("%s", "poll() error");
1543 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1547 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1549 SEC_SVR_DBG("%s", "poll() timeout");
1550 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1554 /* Send to server */
1555 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, total_length));
1556 if(retval < sizeof(buf))
1559 SEC_SVR_DBG("Error on write(): %d", retval);
1560 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1563 retval = SECURITY_SERVER_SUCCESS;
1571 /* Send password max challenge request message to security server *
1574 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1575 * |---------------------------------------------------------------|
1576 * | version=0x01 |MessageID=0x0f | Message Length |
1577 * |---------------------------------------------------------------|
1579 * |---------------------------------------------------------------|
1581 int send_set_pwd_max_challenge_request(int sock_fd, const unsigned int max_challenge)
1584 int retval, total_length = 0, ptr;
1585 unsigned char *buf = NULL;
1587 total_length = sizeof(hdr) + sizeof(unsigned int);
1589 buf = malloc(total_length);
1592 SEC_SVR_DBG("%s", "Error: failed to malloc()");
1593 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1596 /* Assemble header */
1597 hdr.version = SECURITY_SERVER_MSG_VERSION;
1598 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SET_PWD_MAX_CHALLENGE_REQUEST;
1599 hdr.msg_len = (unsigned short)total_length;
1600 memcpy(buf, &hdr, sizeof(hdr));
1602 memcpy(buf + ptr, &max_challenge, sizeof(unsigned int));
1605 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1606 if(retval == SECURITY_SERVER_ERROR_POLL)
1608 SEC_SVR_DBG("%s", "poll() error");
1609 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1613 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1615 SEC_SVR_DBG("%s", "poll() timeout");
1616 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1620 /* Send to server */
1621 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, total_length));
1622 if(retval < sizeof(buf))
1625 SEC_SVR_DBG("Error on write(): %d", retval);
1626 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1629 retval = SECURITY_SERVER_SUCCESS;
1637 /* Send password reset request message to security server *
1640 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1641 * |---------------------------------------------------------------|
1642 * | version=0x01 |MessageID=0x11 | Message Length |
1643 * |---------------------------------------------------------------|
1645 * |---------------------------------------------------------------|
1649 * |---------------------------------------------------------------|
1651 * |---------------------------------------------------------------|
1653 * |---------------------------------------------------------------|
1655 int send_reset_pwd_request(int sock_fd,
1657 const unsigned int max_challenge,
1658 const unsigned int valid_period_in_days)
1661 int retval, total_length = 0, ptr;
1662 unsigned char *buf = NULL, new_pwd_len;
1664 new_pwd_len = strlen(new_pwd);
1666 total_length += sizeof(hdr) + sizeof(char) + new_pwd_len + sizeof(unsigned int) +
1667 sizeof(unsigned int);
1669 buf = malloc(total_length);
1672 SEC_SVR_DBG("%s", "Error: failed to malloc()");
1673 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1676 /* Assemble header */
1677 hdr.version = SECURITY_SERVER_MSG_VERSION;
1678 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_RESET_PWD_REQUEST;
1679 hdr.msg_len = (unsigned short)total_length;
1680 memcpy(buf, &hdr, sizeof(hdr));
1682 memcpy(buf + ptr, &new_pwd_len, sizeof(char));
1683 ptr += sizeof(char);
1684 memcpy(buf + ptr, new_pwd, new_pwd_len);
1686 memcpy(buf + ptr, &max_challenge, sizeof(unsigned int));
1687 ptr += sizeof(unsigned int);
1688 memcpy(buf + ptr, &valid_period_in_days, sizeof(unsigned int));
1691 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1692 if(retval == SECURITY_SERVER_ERROR_POLL)
1694 SEC_SVR_DBG("%s", "poll() error");
1695 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1699 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1701 SEC_SVR_DBG("%s", "poll() timeout");
1702 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1706 /* Send to server */
1707 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, total_length));
1708 if(retval < sizeof(buf))
1711 SEC_SVR_DBG("Error on write(): %d", retval);
1712 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1715 retval = SECURITY_SERVER_SUCCESS;
1723 /* Send password check request message to security server *
1726 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1727 * |---------------------------------------------------------------|
1728 * | version=0x01 |MessageID=0x13 | Message Length |
1729 * |---------------------------------------------------------------|
1730 * | challenge_len | |
1731 * |--------------- |
1733 * |---------------------------------------------------------------|
1735 int send_chk_pwd_request(int sock_fd, const char*challenge)
1738 int retval, total_length = 0, ptr;
1739 unsigned char *buf = NULL, challenge_len;
1741 challenge_len = strlen(challenge);
1743 total_length += sizeof(hdr) + sizeof(char) + challenge_len;
1745 buf = malloc(total_length);
1748 SEC_SVR_DBG("%s", "Error: failed to malloc()");
1749 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
1752 /* Assemble header */
1753 hdr.version = SECURITY_SERVER_MSG_VERSION;
1754 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_CHK_PWD_REQUEST;
1755 hdr.msg_len = (unsigned short)total_length;
1756 memcpy(buf, &hdr, sizeof(hdr));
1758 memcpy(buf + ptr, &challenge_len, sizeof(char));
1759 ptr += sizeof(char);
1760 memcpy(buf + ptr, challenge, challenge_len);
1761 ptr += sizeof(char);
1764 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1765 if(retval == SECURITY_SERVER_ERROR_POLL)
1767 SEC_SVR_DBG("%s", "poll() error");
1768 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1772 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1774 SEC_SVR_DBG("%s", "poll() timeout");
1775 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1779 /* Send to server */
1780 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, total_length));
1781 if(retval < sizeof(buf))
1784 SEC_SVR_DBG("Error on write(): %d", retval);
1785 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1788 retval = SECURITY_SERVER_SUCCESS;
1796 /* Send password history set request message to security server *
1799 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
1800 * |---------------------------------------------------------------|
1801 * | version=0x01 |MessageID=0x15 | Message Length |
1802 * |---------------------------------------------------------------|
1806 int send_set_pwd_history_request(int sock_fd, int num)
1809 int retval, total_length = 0, ptr;
1810 unsigned char history;
1811 unsigned char buf[sizeof(hdr) + sizeof(history)];
1813 total_length = sizeof(hdr) + sizeof(char);
1814 history = (unsigned char) num;
1816 /* Assemble header */
1817 hdr.version = SECURITY_SERVER_MSG_VERSION;
1818 hdr.msg_id = SECURITY_SERVER_MSG_TYPE_SET_PWD_HISTORY_REQUEST;
1819 hdr.msg_len = (unsigned short)total_length;
1820 memcpy(buf, &hdr, sizeof(hdr));
1822 memcpy(buf + ptr, &history, sizeof(char));
1823 ptr += sizeof(char);
1826 retval = check_socket_poll(sock_fd, POLLOUT, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1827 if(retval == SECURITY_SERVER_ERROR_POLL)
1829 SEC_SVR_DBG("%s", "poll() error");
1830 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1834 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1836 SEC_SVR_DBG("%s", "poll() timeout");
1837 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1841 /* Send to server */
1842 retval = TEMP_FAILURE_RETRY(write(sock_fd, buf, ptr));
1843 if(retval < sizeof(buf))
1846 SEC_SVR_DBG("Error on write(): %d", retval);
1847 retval = SECURITY_SERVER_ERROR_SEND_FAILED;
1850 retval = SECURITY_SERVER_SUCCESS;
1856 /* Receive request header */
1857 int recv_hdr(int client_sockfd, basic_header *basic_hdr)
1862 retval = check_socket_poll(client_sockfd, POLLIN, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
1863 if(retval == SECURITY_SERVER_ERROR_POLL)
1865 SEC_SVR_DBG("%s", "poll() error");
1866 return SECURITY_SERVER_ERROR_SOCKET;
1868 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
1870 SEC_SVR_DBG("%s", "poll() timeout");
1871 return SECURITY_SERVER_ERROR_TIMEOUT;
1874 /* Receive request header first */
1875 retval = TEMP_FAILURE_RETRY(read(client_sockfd, basic_hdr, sizeof(basic_header)));
1876 if(retval < sizeof(basic_header))
1878 SEC_SVR_DBG("read failed. closing socket %d", retval);
1879 return SECURITY_SERVER_ERROR_RECV_FAILED;
1882 /* Validate header */
1883 retval = validate_header(*basic_hdr);
1888 /* Receive check privilege request packet body */
1889 int recv_check_privilege_request(int sockfd, unsigned char *requested_cookie, int *requested_privilege)
1892 retval = TEMP_FAILURE_RETRY(read(sockfd, requested_cookie, SECURITY_SERVER_COOKIE_LEN));
1893 if(retval < SECURITY_SERVER_COOKIE_LEN)
1895 SEC_SVR_DBG("Received cookie size is too small: %d", retval);
1896 return SECURITY_SERVER_ERROR_RECV_FAILED;
1899 retval = TEMP_FAILURE_RETRY(read(sockfd, requested_privilege, sizeof(int)));
1900 if(retval < sizeof(int))
1902 SEC_SVR_DBG("privilege size is too small: %d", retval);
1903 return SECURITY_SERVER_ERROR_RECV_FAILED;
1905 return SECURITY_SERVER_SUCCESS;
1908 /* Receive check privilege request packet body (new mode)*/
1909 int recv_check_privilege_new_request(int sockfd,
1910 unsigned char *requested_cookie,
1912 char *access_rights)
1917 retval = TEMP_FAILURE_RETRY(read(sockfd, requested_cookie, SECURITY_SERVER_COOKIE_LEN));
1918 if(retval < SECURITY_SERVER_COOKIE_LEN)
1920 SEC_SVR_DBG("Received cookie size is too small: %d", retval);
1921 return SECURITY_SERVER_ERROR_RECV_FAILED;
1924 retval = TEMP_FAILURE_RETRY(read(sockfd, &olen, sizeof(int)));
1925 if(retval < sizeof(int) || olen < 0 || olen > MAX_OBJECT_LABEL_LEN)
1927 SEC_SVR_DBG("error reading object_label len: %d", retval);
1928 return SECURITY_SERVER_ERROR_RECV_FAILED;
1931 retval = TEMP_FAILURE_RETRY(read(sockfd, &alen, sizeof(int)));
1932 if(retval < sizeof(int) || alen < 0 || alen > MAX_MODE_STR_LEN)
1934 SEC_SVR_DBG("error reading access_rights len: %d", retval);
1935 return SECURITY_SERVER_ERROR_RECV_FAILED;
1938 retval = TEMP_FAILURE_RETRY(read(sockfd, object_label, olen));
1941 SEC_SVR_DBG("error reading object_label: %d", retval);
1942 return SECURITY_SERVER_ERROR_RECV_FAILED;
1944 object_label[olen] = '\0';
1946 retval = TEMP_FAILURE_RETRY(read(sockfd, access_rights, alen));
1949 SEC_SVR_DBG("error reading access_rights: %d", retval);
1950 return SECURITY_SERVER_ERROR_RECV_FAILED;
1952 access_rights[alen] = '\0';
1954 return SECURITY_SERVER_SUCCESS;
1957 /* Receive pid request packet body */
1958 int recv_pid_request(int sockfd, unsigned char *requested_cookie)
1961 retval = TEMP_FAILURE_RETRY(read(sockfd, requested_cookie, SECURITY_SERVER_COOKIE_LEN));
1962 if(retval < SECURITY_SERVER_COOKIE_LEN)
1964 SEC_SVR_DBG("Received cookie size is too small: %d", retval);
1965 return SECURITY_SERVER_ERROR_RECV_FAILED;
1967 return SECURITY_SERVER_SUCCESS;
1970 /* receiving cookie from package */
1971 int recv_smack_request(int sockfd, unsigned char *requested_cookie)
1974 retval = TEMP_FAILURE_RETRY(read(sockfd, requested_cookie, SECURITY_SERVER_COOKIE_LEN));
1975 if(retval < SECURITY_SERVER_COOKIE_LEN)
1977 SEC_SVR_DBG("Received cookie size is too small: %d", retval);
1978 return SECURITY_SERVER_ERROR_RECV_FAILED;
1980 return SECURITY_SERVER_SUCCESS;
1983 /* Receive pid request packet body */
1984 /* Table argv and content will be freed by function caller */
1985 int recv_launch_tool_request(int sockfd, int argc, char *argv[])
1987 int retval, i, argv_len;
1989 argv[0] = malloc(strlen(SECURITY_SERVER_DEBUG_TOOL_PATH) + 1);
1990 strncpy(argv[0], SECURITY_SERVER_DEBUG_TOOL_PATH, (strlen(SECURITY_SERVER_DEBUG_TOOL_PATH) + 1));
1994 retval = TEMP_FAILURE_RETRY(read(sockfd, &argv_len, sizeof(int)));
1995 if(retval < sizeof(int))
1997 SEC_SVR_DBG("Error: argv length recieve failed: %d", retval);
1998 return SECURITY_SERVER_ERROR_RECV_FAILED;
2001 if(argv_len <= 0 || argv_len >= INT_MAX)
2003 SEC_SVR_DBG("Error: argv length out of boundaries");
2004 return SECURITY_SERVER_ERROR_RECV_FAILED;
2007 argv[i] = malloc(argv_len + 1);
2010 SEC_SVR_DBG("Error: malloc() failed: %d", retval);
2011 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
2014 memset(argv[i], 0x00, argv_len + 1);
2015 retval = TEMP_FAILURE_RETRY(read(sockfd, argv[i], argv_len));
2016 if(retval < argv_len)
2018 SEC_SVR_DBG("Error: argv recieve failed: %d", retval);
2019 return SECURITY_SERVER_ERROR_RECV_FAILED;
2023 return SECURITY_SERVER_SUCCESS;
2026 int recv_generic_response(int sockfd, response_header *hdr)
2031 retval = check_socket_poll(sockfd, POLLIN, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
2032 if(retval == SECURITY_SERVER_ERROR_POLL)
2034 SEC_SVR_DBG("%s", "Client: poll() error");
2035 return SECURITY_SERVER_ERROR_RECV_FAILED;
2037 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
2039 SEC_SVR_DBG("%s", "Client: poll() timeout");
2040 return SECURITY_SERVER_ERROR_RECV_FAILED;
2043 /* Receive response */
2044 retval = TEMP_FAILURE_RETRY(read(sockfd, hdr, sizeof(response_header)));
2045 if(retval < sizeof(response_header) )
2047 /* Error on socket */
2048 SEC_SVR_DBG("Client: Receive failed %d", retval);
2049 return SECURITY_SERVER_ERROR_RECV_FAILED;
2052 if(hdr->return_code != SECURITY_SERVER_RETURN_CODE_SUCCESS)
2054 SEC_SVR_DBG("Client: return code is not success: %d", hdr->return_code);
2055 return return_code_to_error_code(hdr->return_code);
2057 return SECURITY_SERVER_SUCCESS;
2060 int recv_get_gid_response(int sockfd, response_header *hdr, int *gid)
2064 retval = recv_generic_response(sockfd, hdr);
2065 if(retval != SECURITY_SERVER_SUCCESS)
2066 return return_code_to_error_code(hdr->return_code);
2068 retval = TEMP_FAILURE_RETRY(read(sockfd, gid, sizeof(int)));
2069 if(retval < sizeof(int))
2071 /* Error on socket */
2072 SEC_SVR_DBG("Receive failed %d", retval);
2073 return SECURITY_SERVER_ERROR_RECV_FAILED;
2075 return SECURITY_SERVER_SUCCESS;
2078 int recv_get_object_name(int sockfd, response_header *hdr, char *object, int max_object_size)
2081 char *local_obj_name = NULL;
2084 retval = check_socket_poll(sockfd, POLLIN, SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND);
2085 if(retval == SECURITY_SERVER_ERROR_POLL)
2087 SEC_SVR_DBG("%s", "poll() error");
2088 return SECURITY_SERVER_ERROR_RECV_FAILED;
2090 if(retval == SECURITY_SERVER_ERROR_TIMEOUT)
2092 SEC_SVR_DBG("%s", "poll() timeout");
2093 return SECURITY_SERVER_ERROR_RECV_FAILED;
2097 retval = TEMP_FAILURE_RETRY(read(sockfd, hdr, sizeof(response_header)));
2098 if(retval < sizeof(response_header))
2100 /* Error on socket */
2101 SEC_SVR_DBG("cannot recv respons: %d", retval);
2102 return SECURITY_SERVER_ERROR_RECV_FAILED;
2105 if(hdr->return_code == SECURITY_SERVER_RETURN_CODE_SUCCESS)
2107 if(max_object_size < hdr->basic_hdr.msg_len)
2109 SEC_SVR_DBG("Object name is too small need %d bytes, but %d bytes", hdr->basic_hdr.msg_len, max_object_size);
2110 return SECURITY_SERVER_ERROR_BUFFER_TOO_SMALL;
2112 if(hdr->basic_hdr.msg_len > SECURITY_SERVER_MAX_OBJ_NAME)
2114 SEC_SVR_DBG("Received object name is too big. %d", hdr->basic_hdr.msg_len);
2115 return SECURITY_SERVER_ERROR_BAD_RESPONSE;
2118 local_obj_name = malloc(hdr->basic_hdr.msg_len + 1);
2119 if(local_obj_name == NULL)
2121 SEC_SVR_DBG("%s", "Out of memory error");
2122 return SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
2125 retval = TEMP_FAILURE_RETRY(read(sockfd, local_obj_name, hdr->basic_hdr.msg_len));
2126 if(retval < (hdr->basic_hdr.msg_len))
2128 /* Error on socket */
2129 SEC_SVR_DBG("read() failed: %d", retval);
2130 if(local_obj_name != NULL)
2131 free(local_obj_name);
2132 return SECURITY_SERVER_ERROR_RECV_FAILED;
2134 memcpy(object, local_obj_name, hdr->basic_hdr.msg_len);
2135 object[hdr->basic_hdr.msg_len] = 0;
2136 retval = SECURITY_SERVER_SUCCESS;
2140 SEC_SVR_DBG("Error received. return code: %d", hdr->return_code);
2141 retval = return_code_to_error_code(hdr->return_code);
2145 if(local_obj_name != NULL)
2146 free(local_obj_name);
2147 return SECURITY_SERVER_SUCCESS;
2150 int recv_cookie(int sockfd, response_header *hdr, char *cookie)
2154 retval = recv_generic_response(sockfd, hdr);
2155 if(retval != SECURITY_SERVER_SUCCESS)
2156 return return_code_to_error_code(hdr->return_code);
2158 retval = TEMP_FAILURE_RETRY(read(sockfd, cookie, SECURITY_SERVER_COOKIE_LEN));
2159 if(retval < SECURITY_SERVER_COOKIE_LEN)
2161 /* Error on socket */
2162 SEC_SVR_DBG("read() failed: %d", retval);
2163 return SECURITY_SERVER_ERROR_RECV_FAILED;
2165 return SECURITY_SERVER_SUCCESS;
2168 int recv_privilege_check_response(int sockfd, response_header *hdr)
2172 retval = recv_generic_response(sockfd, hdr);
2173 if(hdr->return_code != SECURITY_SERVER_RETURN_CODE_ACCESS_GRANTED &&
2174 hdr->return_code != SECURITY_SERVER_RETURN_CODE_ACCESS_DENIED)
2176 SEC_SVR_DBG("response error: %d", hdr->return_code);
2177 return return_code_to_error_code(hdr->return_code);
2179 return SECURITY_SERVER_SUCCESS;
2182 int recv_privilege_check_new_response(int sockfd, response_header *hdr)
2186 retval = recv_generic_response(sockfd, hdr);
2187 if(hdr->return_code != SECURITY_SERVER_RETURN_CODE_ACCESS_GRANTED &&
2188 hdr->return_code != SECURITY_SERVER_RETURN_CODE_ACCESS_DENIED)
2190 SEC_SVR_DBG("response error: %d", hdr->return_code);
2191 return return_code_to_error_code(hdr->return_code);
2193 return SECURITY_SERVER_SUCCESS;
2196 int recv_smack_response(int sockfd, response_header *hdr, char * label)
2200 retval = recv_generic_response(sockfd, hdr);
2201 if(retval != SECURITY_SERVER_SUCCESS)
2202 return return_code_to_error_code(hdr->return_code);
2204 retval = TEMP_FAILURE_RETRY(read(sockfd, label, SMACK_LABEL_LEN + 1));
2205 if(retval < sizeof(int))
2207 /* Error on socket */
2208 SEC_SVR_DBG("Client: Receive failed %d", retval);
2209 return SECURITY_SERVER_ERROR_RECV_FAILED;
2211 return SECURITY_SERVER_SUCCESS;
2214 int recv_pid_response(int sockfd, response_header *hdr, int *pid)
2218 retval = recv_generic_response(sockfd, hdr);
2219 if(retval != SECURITY_SERVER_SUCCESS)
2220 return return_code_to_error_code(hdr->return_code);
2222 retval = TEMP_FAILURE_RETRY(read(sockfd, pid, sizeof(int)));
2223 if(retval < sizeof(int))
2225 /* Error on socket */
2226 SEC_SVR_DBG("Client: Receive failed %d", retval);
2227 return SECURITY_SERVER_ERROR_RECV_FAILED;
2229 return SECURITY_SERVER_SUCCESS;
2232 int recv_pwd_response(int sockfd, response_header *hdr,
2233 unsigned int *current_attempts,
2234 unsigned int *max_attempts,
2235 unsigned int *valid_secs)
2238 *current_attempts = 0;
2242 retval = recv_generic_response(sockfd, hdr);
2246 case SECURITY_SERVER_ERROR_PASSWORD_EXIST:
2247 case SECURITY_SERVER_ERROR_NO_PASSWORD:
2248 case SECURITY_SERVER_ERROR_PASSWORD_MISMATCH:
2249 case SECURITY_SERVER_ERROR_PASSWORD_RETRY_TIMER:
2250 case SECURITY_SERVER_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED:
2251 case SECURITY_SERVER_ERROR_PASSWORD_EXPIRED:
2252 case SECURITY_SERVER_ERROR_PASSWORD_REUSED:
2253 case SECURITY_SERVER_SUCCESS:
2256 return return_code_to_error_code(hdr->return_code);
2259 retval = TEMP_FAILURE_RETRY(read(sockfd, current_attempts, sizeof(unsigned int)));
2260 if(retval < sizeof(unsigned int))
2262 /* Error on socket */
2263 SEC_SVR_DBG("Client: Receive failed %d", retval);
2264 return SECURITY_SERVER_ERROR_RECV_FAILED;
2266 retval = TEMP_FAILURE_RETRY(read(sockfd, max_attempts, sizeof(unsigned int)));
2267 if(retval < sizeof(unsigned int))
2269 /* Error on socket */
2270 SEC_SVR_DBG("Client: Receive failed %d", retval);
2271 return SECURITY_SERVER_ERROR_RECV_FAILED;
2273 retval = TEMP_FAILURE_RETRY(read(sockfd, valid_secs, sizeof(unsigned int)));
2274 if(retval < sizeof(unsigned int))
2276 /* Error on socket */
2277 SEC_SVR_DBG("Client: Receive failed %d", retval);
2278 return SECURITY_SERVER_ERROR_RECV_FAILED;
2281 //if come here there were no errors
2282 return SECURITY_SERVER_SUCCESS;
2285 /* Authenticate client application *
2286 * Currently it only gets peer's credential information only *
2287 * If we need, we can extend in the futer */
2288 int authenticate_client_application(int sockfd, int *pid, int *uid)
2292 unsigned int cl = sizeof(cr);
2294 /* get PID of socket peer */
2295 if(getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &cr, &cl) != 0)
2297 retval = SECURITY_SERVER_ERROR_SOCKET;
2298 SEC_SVR_DBG("%s", "getsockopt failed");
2305 /* Authenticate client that it's real client application */
2312 /* Authenticate the application is middleware daemon
2313 * The middleware must run as root (or middleware user) and the cmd line must be
2314 * pre listed for authentication to succeed */
2315 int authenticate_client_middleware(int sockfd, int *pid)
2317 int retval = SECURITY_SERVER_SUCCESS;
2319 unsigned int cl = sizeof(cr);
2321 struct passwd pw, *ppw;
2324 static uid_t middleware_uid = 0;
2328 /* get PID of socket peer */
2329 if(getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &cr, &cl) != 0)
2331 retval = SECURITY_SERVER_ERROR_SOCKET;
2332 SEC_SVR_DBG("%s", "Error on getsockopt");
2336 if (!middleware_uid)
2338 buf_size = sysconf(_SC_GETPW_R_SIZE_MAX);
2342 buf = malloc(buf_size);
2344 /* This test isn't essential, skip it in case of error */
2346 if (getpwnam_r(SECURITY_SERVER_MIDDLEWARE_USER, &pw, buf, buf_size, &ppw) == 0 && ppw)
2347 middleware_uid = pw.pw_uid;
2353 /* Middleware services need to run as root or middleware/app user */
2354 if(cr.uid != 0 && cr.uid != middleware_uid)
2356 retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
2357 SEC_SVR_DBG("Non root process has called API: %d", cr.uid);
2361 /* Read command line of the PID from proc fs */
2362 exe = read_exe_path_from_proc(cr.pid);
2365 /* It's weired. no file in proc file system, */
2366 retval = SECURITY_SERVER_ERROR_FILE_OPERATION;
2367 SEC_SVR_DBG("Error on opening /proc/%d/exe", cr.pid);
2380 /* Get app PID from socked and read its privilege (GID) list
2381 * from /proc/<PID>/status.
2383 * param 1: socket descriptor
2384 * param 2: pointer for hold returned array
2386 * ret: size of array or -1 in case of error
2388 * Notice that user must free space allocated in this function and
2389 * returned by second parameter (int * privileges)
2391 int get_client_gid_list(int sockfd, int ** privileges)
2394 //for read socket options
2395 struct ucred socopt;
2396 unsigned int socoptSize = sizeof(socopt);
2397 //privileges to be returned
2399 //buffer for store /proc/<PID>/status filepath
2400 const int PATHSIZE = 24;
2401 char path[PATHSIZE];
2404 //buffer for filelines
2405 const int LINESIZE = 256;
2406 char fileLine[LINESIZE];
2408 char delim[] = ": ";
2409 char * token = NULL;
2415 //read socket options
2416 ret = getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &socopt, &socoptSize);
2419 SEC_SVR_DBG("%s", "Error on getsockopt");
2423 //now we have PID in sockopt.pid
2424 bzero(path, PATHSIZE);
2425 snprintf(path, PATHSIZE, "/proc/%d/status", socopt.pid);
2427 fp = fopen(path, "r");
2430 SEC_SVR_DBG("%s", "Error on fopen");
2434 bzero(fileLine, LINESIZE);
2436 //search for line beginning with "Groups:"
2437 while(strncmp(fileLine, "Groups:", 7) != 0)
2439 ret = fgets(fileLine, LINESIZE, fp);
2442 SEC_SVR_DBG("%s", "Error on fgets");
2450 //now we have "Groups:" line in fileLine[]
2452 strtok(fileLine, delim);
2453 while(token = strtok(NULL, delim))
2456 if(*privileges == NULL)
2459 *privileges = (int *)malloc(sizeof(int) * 1);
2460 if(*privileges == NULL)
2462 SEC_SVR_DBG("%s", "Error on malloc");
2465 (*privileges)[0] = atoi(token);
2469 *privileges = realloc(*privileges, sizeof(int) * (ret + 1));
2470 (*privileges)[ret] = atoi(token);
2476 //check if we found any GIDs for process
2477 if(*privileges == NULL)
2479 SEC_SVR_DBG("%s %d", "No GIDs found for PID:", socopt.pid);
2483 SEC_SVR_DBG("%s %d", "Number of GIDs found:", ret);
2489 /* Authenticate the application is middleware daemon
2490 * The middleware must run as root and the cmd line must be pre listed */
2491 int authenticate_developer_shell(int sockfd)
2493 int retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
2495 unsigned int cl = sizeof(cr);
2498 /* get PID of socket peer */
2499 if(getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &cr, &cl) != 0)
2501 retval = SECURITY_SERVER_ERROR_SOCKET;
2502 SEC_SVR_DBG("%s", "Error on getsockopt");
2506 /* All middlewares will run as root */
2507 if(cr.uid != SECURITY_SERVER_DEVELOPER_UID)
2509 retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
2510 SEC_SVR_DBG("Non root process has called API: %d", cr.uid);
2514 /* Read executable path of the PID from proc fs */
2515 exe = read_exe_path_from_proc(cr.pid);
2518 /* It's weired. no file in proc file system, */
2519 retval = SECURITY_SERVER_ERROR_FILE_OPERATION;
2520 SEC_SVR_DBG("Error on opening /proc/%d/exe", cr.pid);
2524 /* Search exe of the peer that is really debug tool */
2525 if(strcmp(exe, SECURITY_SERVER_DEBUG_TOOL_PATH) != 0)
2527 SEC_SVR_DBG("Error: Wrong exe path [%s]", exe);
2528 retval = SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED;
2531 retval = SECURITY_SERVER_SUCCESS;
2532 SEC_SVR_DBG("%s", "Client Authenticated");
2541 int free_argv(char **argv, int argc)
2546 SEC_SVR_DBG("%s", "Cannot free NULL pointer");
2547 return SECURITY_SERVER_ERROR_INPUT_PARAM;
2549 for (i=0;i<argc;i++)
2555 return SECURITY_SERVER_SUCCESS;