-/* -*- mode: C; c-file-style: "gnu" -*- */
+/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
/* dbus-credentials.c Credentials provable through authentication
*
* Copyright (C) 2007 Red Hat Inc.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*
*/
#include <config.h>
struct DBusCredentials {
int refcount;
dbus_uid_t unix_uid;
- dbus_pid_t unix_pid;
+ dbus_pid_t pid;
char *windows_sid;
+ void *adt_audit_data;
+ dbus_int32_t adt_audit_data_size;
};
/** @} */
creds->refcount = 1;
creds->unix_uid = DBUS_UID_UNSET;
- creds->unix_pid = DBUS_PID_UNSET;
+ creds->pid = DBUS_PID_UNSET;
creds->windows_sid = NULL;
+ creds->adt_audit_data = NULL;
+ creds->adt_audit_data_size = 0;
return creds;
}
if (credentials->refcount == 0)
{
dbus_free (credentials->windows_sid);
+ dbus_free (credentials->adt_audit_data);
dbus_free (credentials);
}
}
* @returns #FALSE if no memory
*/
dbus_bool_t
-_dbus_credentials_add_unix_pid (DBusCredentials *credentials,
- dbus_pid_t pid)
+_dbus_credentials_add_pid (DBusCredentials *credentials,
+ dbus_pid_t pid)
{
- credentials->unix_pid = pid;
+ credentials->pid = pid;
return TRUE;
}
}
/**
+ * Add ADT audit data to the credentials.
+ *
+ * @param credentials the object
+ * @param audit_data the audit data
+ * @param size the length of audit data
+ * @returns #FALSE if no memory
+ */
+dbus_bool_t
+_dbus_credentials_add_adt_audit_data (DBusCredentials *credentials,
+ void *audit_data,
+ dbus_int32_t size)
+{
+ void *copy;
+ copy = _dbus_memdup (audit_data, size);
+ if (copy == NULL)
+ return FALSE;
+
+ dbus_free (credentials->adt_audit_data);
+ credentials->adt_audit_data = copy;
+ credentials->adt_audit_data_size = size;
+
+ return TRUE;
+}
+
+/**
* Checks whether the given credential is present.
*
* @param credentials the object
switch (type)
{
case DBUS_CREDENTIAL_UNIX_PROCESS_ID:
- return credentials->unix_pid != DBUS_PID_UNSET;
+ return credentials->pid != DBUS_PID_UNSET;
case DBUS_CREDENTIAL_UNIX_USER_ID:
return credentials->unix_uid != DBUS_UID_UNSET;
case DBUS_CREDENTIAL_WINDOWS_SID:
return credentials->windows_sid != NULL;
+ case DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID:
+ return credentials->adt_audit_data != NULL;
}
_dbus_assert_not_reached ("Unknown credential enum value");
* @returns UNIX process ID
*/
dbus_pid_t
-_dbus_credentials_get_unix_pid (DBusCredentials *credentials)
+_dbus_credentials_get_pid (DBusCredentials *credentials)
{
- return credentials->unix_pid;
+ return credentials->pid;
}
/**
}
/**
+ * Gets the ADT audit data in the credentials, or #NULL if
+ * the credentials object doesn't contain ADT audit data.
+ *
+ * @param credentials the object
+ * @returns Solaris ADT audit data
+ */
+void *
+_dbus_credentials_get_adt_audit_data (DBusCredentials *credentials)
+{
+ return credentials->adt_audit_data;
+}
+
+/**
+ * Gets the ADT audit data size in the credentials, or 0 if
+ * the credentials object doesn't contain ADT audit data.
+ *
+ * @param credentials the object
+ * @returns Solaris ADT audit data size
+ */
+dbus_int32_t
+_dbus_credentials_get_adt_audit_data_size (DBusCredentials *credentials)
+{
+ return credentials->adt_audit_data_size;
+}
+
+/**
* Checks whether the first credentials object contains
* all the credentials found in the second credentials object.
*
DBusCredentials *possible_subset)
{
return
- (possible_subset->unix_pid == DBUS_PID_UNSET ||
- possible_subset->unix_pid == credentials->unix_pid) &&
+ (possible_subset->pid == DBUS_PID_UNSET ||
+ possible_subset->pid == credentials->pid) &&
(possible_subset->unix_uid == DBUS_UID_UNSET ||
possible_subset->unix_uid == credentials->unix_uid) &&
(possible_subset->windows_sid == NULL ||
(credentials->windows_sid && strcmp (possible_subset->windows_sid,
- credentials->windows_sid) == 0));
+ credentials->windows_sid) == 0)) &&
+ (possible_subset->adt_audit_data == NULL ||
+ (credentials->adt_audit_data && memcmp (possible_subset->adt_audit_data,
+ credentials->adt_audit_data,
+ credentials->adt_audit_data_size) == 0));
}
/**
_dbus_credentials_are_empty (DBusCredentials *credentials)
{
return
- credentials->unix_pid == DBUS_PID_UNSET &&
+ credentials->pid == DBUS_PID_UNSET &&
+ credentials->unix_uid == DBUS_UID_UNSET &&
+ credentials->windows_sid == NULL &&
+ credentials->adt_audit_data == NULL;
+}
+
+/**
+ * Checks whether a credentials object contains a user identity.
+ *
+ * @param credentials the object
+ * @returns #TRUE if there are no user identities in the object
+ */
+dbus_bool_t
+_dbus_credentials_are_anonymous (DBusCredentials *credentials)
+{
+ return
credentials->unix_uid == DBUS_UID_UNSET &&
credentials->windows_sid == NULL;
}
DBUS_CREDENTIAL_UNIX_USER_ID,
other_credentials) &&
_dbus_credentials_add_credential (credentials,
+ DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID,
+ other_credentials) &&
+ _dbus_credentials_add_credential (credentials,
DBUS_CREDENTIAL_WINDOWS_SID,
other_credentials);
}
DBusCredentials *other_credentials)
{
if (which == DBUS_CREDENTIAL_UNIX_PROCESS_ID &&
- other_credentials->unix_pid != DBUS_PID_UNSET)
+ other_credentials->pid != DBUS_PID_UNSET)
{
- if (!_dbus_credentials_add_unix_pid (credentials, other_credentials->unix_pid))
+ if (!_dbus_credentials_add_pid (credentials, other_credentials->pid))
return FALSE;
}
else if (which == DBUS_CREDENTIAL_UNIX_USER_ID &&
{
if (!_dbus_credentials_add_windows_sid (credentials, other_credentials->windows_sid))
return FALSE;
+ }
+ else if (which == DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID &&
+ other_credentials->adt_audit_data != NULL)
+ {
+ if (!_dbus_credentials_add_adt_audit_data (credentials, other_credentials->adt_audit_data, other_credentials->adt_audit_data_size))
+ return FALSE;
}
return TRUE;
void
_dbus_credentials_clear (DBusCredentials *credentials)
{
- credentials->unix_pid = DBUS_PID_UNSET;
+ credentials->pid = DBUS_PID_UNSET;
credentials->unix_uid = DBUS_UID_UNSET;
dbus_free (credentials->windows_sid);
credentials->windows_sid = NULL;
+ dbus_free (credentials->adt_audit_data);
+ credentials->adt_audit_data = NULL;
+ credentials->adt_audit_data_size = 0;
}
/**
strcmp (credentials->windows_sid, other_credentials->windows_sid) == 0));
}
+/**
+ * Convert the credentials in this object to a human-readable
+ * string format, and append to the given string.
+ *
+ * @param credentials the object
+ * @param string append to this string
+ * @returns #FALSE if no memory
+ */
+dbus_bool_t
+_dbus_credentials_to_string_append (DBusCredentials *credentials,
+ DBusString *string)
+{
+ dbus_bool_t join;
+
+ join = FALSE;
+ if (credentials->unix_uid != DBUS_UID_UNSET)
+ {
+ if (!_dbus_string_append_printf (string, "uid=" DBUS_UID_FORMAT, credentials->unix_uid))
+ goto oom;
+ join = TRUE;
+ }
+ if (credentials->pid != DBUS_PID_UNSET)
+ {
+ if (!_dbus_string_append_printf (string, "%spid=" DBUS_PID_FORMAT, join ? " " : "", credentials->pid))
+ goto oom;
+ join = TRUE;
+ }
+ else
+ join = FALSE;
+ if (credentials->windows_sid != NULL)
+ {
+ if (!_dbus_string_append_printf (string, "%ssid=%s", join ? " " : "", credentials->windows_sid))
+ goto oom;
+ join = TRUE;
+ }
+ else
+ join = FALSE;
+
+ return TRUE;
+oom:
+ return FALSE;
+}
+
/** @} */
/* tests in dbus-credentials-util.c */