projects / platform / core / security / security-manager.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Fix for several issues detected by Prevent
[platform/core/security/security-manager.git] / src / include / security-server-comm.h
1 /*
2  *  security-server
3  *
4  *  Copyright (c) 2000 - 2012 Samsung Electronics Co., Ltd All Rights Reserved
5  *
6  *  Contact: Bumjin Im <bj.im@samsung.com>
7  *
8  *  Licensed under the Apache License, Version 2.0 (the "License");
9  *  you may not use this file except in compliance with the License.
10  *  You may obtain a copy of the License at
11  *
12  *      http://www.apache.org/licenses/LICENSE-2.0
13  *
14  *  Unless required by applicable law or agreed to in writing, software
15  *  distributed under the License is distributed on an "AS IS" BASIS,
16  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17  *  See the License for the specific language governing permissions and
18  *  limitations under the License
19  *
20  */
21
22 #ifndef SECURITY_SERVER_COMM_H
23 #define SECURITY_SERVER_COMM_H
24
25 /* Message */
26 typedef struct
27 {
28         unsigned char version;
29         unsigned char msg_id;
30         unsigned short msg_len;
31 } basic_header;
32
33 typedef struct
34 {
35         basic_header basic_hdr;
36         unsigned char return_code;
37 } response_header;
38
39 #define SECURITY_SERVER_MIDDLEWARE_USER "app"
40
41 /* Message Types */
42 #define SECURITY_SERVER_MSG_TYPE_COOKIE_REQUEST         0x01
43 #define SECURITY_SERVER_MSG_TYPE_COOKIE_RESPONSE        0x02
44 #define SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_REQUEST        0x03
45 #define SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_RESPONSE       0x04
46 #define SECURITY_SERVER_MSG_TYPE_OBJECT_NAME_REQUEST    0x05
47 #define SECURITY_SERVER_MSG_TYPE_OBJECT_NAME_RESPONSE   0x06
48 #define SECURITY_SERVER_MSG_TYPE_GID_REQUEST            0x07
49 #define SECURITY_SERVER_MSG_TYPE_GID_RESPONSE           0x08
50 #define SECURITY_SERVER_MSG_TYPE_PID_REQUEST            0x09
51 #define SECURITY_SERVER_MSG_TYPE_PID_RESPONSE           0x0a
52 #define SECURITY_SERVER_MSG_TYPE_TOOL_REQUEST           0x0b
53 #define SECURITY_SERVER_MSG_TYPE_TOOL_RESPONSE          0x0c
54 #define SECURITY_SERVER_MSG_TYPE_VALID_PWD_REQUEST      0x0d
55 #define SECURITY_SERVER_MSG_TYPE_VALID_PWD_RESPONSE     0x0e
56 #define SECURITY_SERVER_MSG_TYPE_SET_PWD_REQUEST        0x0f
57 #define SECURITY_SERVER_MSG_TYPE_SET_PWD_RESPONSE       0x10
58 #define SECURITY_SERVER_MSG_TYPE_RESET_PWD_REQUEST      0x11
59 #define SECURITY_SERVER_MSG_TYPE_RESET_PWD_RESPONSE     0x12
60 #define SECURITY_SERVER_MSG_TYPE_CHK_PWD_REQUEST        0x13
61 #define SECURITY_SERVER_MSG_TYPE_CHK_PWD_RESPONSE       0x14
62 #define SECURITY_SERVER_MSG_TYPE_SET_PWD_HISTORY_REQUEST        0x15
63 #define SECURITY_SERVER_MSG_TYPE_SET_PWD_HISTORY_RESPONSE       0x16
64 #define SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_NEW_REQUEST    0x17
65 #define SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_NEW_RESPONSE   0x18
66 #define SECURITY_SERVER_MSG_TYPE_SET_PWD_MAX_CHALLENGE_REQUEST   0x19
67 #define SECURITY_SERVER_MSG_TYPE_SET_PWD_MAX_CHALLENGE_RESPONSE  0x1a
68 #define SECURITY_SERVER_MSG_TYPE_SET_PWD_VALIDITY_REQUEST    0x1b
69 #define SECURITY_SERVER_MSG_TYPE_SET_PWD_VALIDITY_RESPONSE   0x1c
70 #define SECURITY_SERVER_MSG_TYPE_SMACK_REQUEST          0x1d
71 #define SECURITY_SERVER_MSG_TYPE_SMACK_RESPONSE 0x1e
72 #define SECURITY_SERVER_MSG_TYPE_GENERIC_RESPONSE       0xff
73
74 /* Return code */
75 #define SECURITY_SERVER_RETURN_CODE_SUCCESS             0x00
76 #define SECURITY_SERVER_RETURN_CODE_BAD_REQUEST         0x01
77 #define SECURITY_SERVER_RETURN_CODE_AUTHENTICATION_FAILED       0x02
78 #define SECURITY_SERVER_RETURN_CODE_ACCESS_GRANTED      0x03
79 #define SECURITY_SERVER_RETURN_CODE_ACCESS_DENIED       0x04
80 #define SECURITY_SERVER_RETURN_CODE_NO_SUCH_OBJECT      0x05
81 #define SECURITY_SERVER_RETURN_CODE_NO_SUCH_COOKIE      0x06
82 #define SECURITY_SERVER_RETURN_CODE_NO_PASSWORD         0x07
83 #define SECURITY_SERVER_RETURN_CODE_PASSWORD_EXIST              0x08
84 #define SECURITY_SERVER_RETURN_CODE_PASSWORD_MISMATCH   0x09
85 #define SECURITY_SERVER_RETURN_CODE_PASSWORD_MAX_ATTEMPTS_EXCEEDED      0x0a
86 #define SECURITY_SERVER_RETURN_CODE_PASSWORD_EXPIRED    0x0b
87 #define SECURITY_SERVER_RETURN_CODE_PASSWORD_REUSED     0x0c
88 #define SECURITY_SERVER_RETURN_CODE_PASSWORD_RETRY_TIMER        0x0d
89 #define SECURITY_SERVER_RETURN_CODE_SERVER_ERROR        0x0e
90
91 int return_code_to_error_code(int ret_code);
92 int create_new_socket(int *sockfd);
93 int safe_server_sock_close(int client_sockfd);
94 int connect_to_server(int *fd);
95 int accept_client(int server_sockfd);
96 int authenticate_client_application(int sockfd, int *pid, int *uid);
97 int authenticate_client_middleware(int sockfd, int *pid);
98 int authenticate_developer_shell(int sockfd);
99 char *read_cmdline_from_proc(pid_t pid);
100 int send_generic_response (int sockfd, unsigned char msgid, unsigned char return_code);
101 int send_cookie(int sockfd, unsigned char *cookie);
102 int send_object_name(int sockfd, char *obj);
103 int send_gid(int sockfd, int gid);
104 int send_cookie_request(int sock_fd);
105 int send_gid_request(int sock_fd, const char* object);
106 int send_object_name_request(int sock_fd, int gid);
107 int send_privilege_check_request(int sock_fd, const char*cookie, int gid);
108 int send_privilege_check_new_request(int sock_fd,
109                                      const char *cookie,
110                                      const char *object,
111                                      const char *access_rights);
112 int recv_get_gid_response(int sockfd, response_header *hdr, int *gid);
113 int recv_get_object_name(int sockfd, response_header *hdr, char *object, int max_object_size);
114 int recv_cookie(int sockfd, response_header *hdr, char *cookie);
115 int recv_privilege_check_response(int sockfd, response_header *hdr);
116 int recv_privilege_check_new_response(int sockfd, response_header *hdr);
117 int recv_hdr(int client_sockfd, basic_header *basic_hdr);
118 int recv_check_privilege_request(int sockfd, unsigned char *requested_cookie, int *requested_privilege);
119 int recv_check_privilege_new_request(int sockfd,
120                                      unsigned char *requested_cookie,
121                                      char *object_label,
122                                      char *access_rights);
123 int send_pid_request(int sock_fd, const char*cookie);
124 int recv_pid_response(int sockfd, response_header *hdr, int *pid);
125 int recv_pid_request(int sockfd, unsigned char *requested_cookie);
126 int send_pid(int sockfd, int pid);
127 int send_smack_request(int sockfd, const char * cookie);
128 int recv_smack_response(int sockfd, response_header *hdr, char * label);
129 int recv_smack_request(int sockfd, unsigned char *requested_cookie);
130 int send_smack(int sockfd, char * label);
131 int send_launch_tool_request(int sock_fd, int argc, const char **argv);
132 int recv_generic_response(int sockfd, response_header *hdr);
133 int recv_launch_tool_request(int sockfd, int argc, char *argv[]);
134 int recv_pwd_response(int sockfd, response_header *hdr, unsigned int *current_attempts,
135         unsigned int *max_attempts, unsigned int *valid_days);
136 int send_set_pwd_request(int sock_fd, const char*cur_pwd, const char*new_pwd,
137         const unsigned int max_challenge, const unsigned int valid_period_in_days);
138 int send_set_pwd_validity_request(int sock_fd, const unsigned int valid_period_in_days);
139 int send_set_pwd_max_challenge_request(int sock_fd, const unsigned int max_challenge);
140 int send_chk_pwd_request(int sock_fd, const char*challenge);
141 int check_socket_poll(int sockfd, int event, int timeout);
142 int free_argv(char **argv, int argc);
143
144 #endif
Domain: Security / Access Control;