/*
- * Media Server
+ * Media Server
*
* Copyright (c) 2015 Samsung Electronics Co., Ltd. All rights reserved.
*
- * Contact: Yong Yeon Kim <yy9875.kim@samsung.com>
- *
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
/**
* This file contains Cynara integration code
*
- * @file media-util-cynara.c
- * @author Jacek Bukarewicz (j.bukarewicz@samsung.com)
- * @version 1.0
+ * @file media-util-cynara.c
+ * @author Jacek Bukarewicz (j.bukarewicz@samsung.com)
+ * @version 1.0
* @brief
*/
-#define _GNU_SOURCE
-
-#include <errno.h>
#include <glib.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <sys/socket.h>
#include <unistd.h>
#include <media-util-cynara.h>
#include <media-util-dbg.h>
#include <media-util-err.h>
-#include <media-util-ipc.h>
-#include <media-util-internal.h>
#include <cynara-client.h>
#include <cynara-session.h>
#include <cynara-error.h>
#include <cynara-creds-socket.h>
-
-/* this definition is missing in glibc headers (version 2.21). It was introduced in kernel version 2.6.17 */
-#ifndef SCM_SECURITY
-#define SCM_SECURITY 0x03
-#endif
-
static cynara *_cynara = NULL;
+static cynara_configuration *_p_conf = NULL;
G_LOCK_DEFINE_STATIC(cynara_mutex);
static void ms_cynara_dbg_err(const char *prefix, int error_code)
error_buffer[0] = '\0';
err = cynara_strerror(error_code, error_buffer, sizeof(error_buffer));
- if (err == CYNARA_API_SUCCESS) {
+ if (err == CYNARA_API_SUCCESS)
MSAPI_DBG_ERR("%s: %s", prefix, error_buffer);
- } else {
+ else
MSAPI_DBG_ERR("%s: error code %i", prefix, error_code);
- }
}
int ms_cynara_initialize(void)
{
- int ret = cynara_initialize(&_cynara, NULL);
- if (ret != CYNARA_API_SUCCESS) {
+ int ret = 0;
+
+ ret = cynara_configuration_create(&_p_conf);
+ if (ret != CYNARA_API_SUCCESS) {
+ ms_cynara_dbg_err("cynara_configuration_create", ret);
+ return MS_MEDIA_ERR_INTERNAL;
+ }
+ ret = cynara_configuration_set_cache_size(_p_conf, 100);
+ if (ret != CYNARA_API_SUCCESS) {
+ ms_cynara_dbg_err("cynara_configuration_set_cache_size", ret);
+ return MS_MEDIA_ERR_INTERNAL;
+ }
+ ret = cynara_initialize(&_cynara, _p_conf);
+ if (ret != CYNARA_API_SUCCESS) {
ms_cynara_dbg_err("cynara_initialize", ret);
return MS_MEDIA_ERR_INTERNAL;
}
+ cynara_configuration_destroy(_p_conf);
+
return MS_MEDIA_ERR_NONE;
}
return MS_MEDIA_ERR_INVALID_PARAMETER;
if ((recv_msg_size = read(sockfd, recv_msg, sizeof(ms_comm_msg_s))) < 0) {
- if (errno == EWOULDBLOCK) {
- MSAPI_DBG_ERR("Timeout. Can't try any more");
- return MS_MEDIA_ERR_SOCKET_RECEIVE_TIMEOUT;
- } else {
- MSAPI_DBG_ERR("recv failed");
- return MS_MEDIA_ERR_SOCKET_RECEIVE;
- }
+ MSAPI_DBG_STRERROR("recv failed");
+ return MS_MEDIA_ERR_IPC;
}
- MSAPI_DBG_SLOG("receive msg from [%d] %d, %s", recv_msg->pid, recv_msg->msg_type, recv_msg->msg);
+ MSAPI_RETVM_IF(!ms_ipc_is_valid_msg(recv_msg->msg), MS_MEDIA_ERR_IPC, "Invalid msg");
- if (!(recv_msg->msg_size > 0 && recv_msg->msg_size < MAX_FILEPATH_LEN)) {
- MSAPI_DBG_ERR("IPC message is wrong. message size is %d", recv_msg->msg_size);
- return MS_MEDIA_ERR_INVALID_IPC_MESSAGE;
+ MSAPI_DBG_SLOG("receive msg from P[%d] T[%d] M[%.*s] S[%.*s]", recv_msg->pid, recv_msg->msg_type, MAX_MSG_SIZE, recv_msg->msg, MS_UUID_SIZE, recv_msg->storage_id);
+
+ if (strlen(recv_msg->storage_id) >= MS_UUID_SIZE) {
+ MSAPI_DBG_ERR("IPC message is wrong. storage_id size is over MS_UUID_SIZE");
+ return MS_MEDIA_ERR_IPC;
}
ret = cynara_creds_socket_get_pid(sockfd, &(credentials->pid));
- if (ret < 0) {
- MSAPI_DBG_ERR("cynara_creds_socket_get_pid failed");
- return MS_MEDIA_ERR_INTERNAL;
- }
+ MSAPI_RETVM_IF(ret != 0, MS_MEDIA_ERR_INTERNAL, "[CYNARA]Failed to get pid");
ret = cynara_creds_socket_get_user(sockfd, USER_METHOD_UID, &(credentials->uid));
- if (ret < 0) {
- MSAPI_DBG_ERR("cynara_creds_socket_get_user failed");
- return MS_MEDIA_ERR_INTERNAL;
- }
+ MSAPI_RETVM_IF(ret != 0, MS_MEDIA_ERR_INTERNAL, "[CYNARA]Failed to get uid");
ret = cynara_creds_socket_get_client(sockfd, CLIENT_METHOD_SMACK, &(credentials->smack));
- if (ret < 0) {
- MSAPI_DBG_ERR("cynara_creds_socket_get_client failed");
- return MS_MEDIA_ERR_INTERNAL;
- }
-
-// MSAPI_DBG_ERR("cynara_creds_info : P[%d]U[%s]S[%s]", credentials->pid, credentials->uid, credentials->smack);
-
- return MS_MEDIA_ERR_NONE;
-}
-
-int ms_cynara_receive_untrusted_message_thumb(int sockfd, thumbMsg *recv_msg, ms_peer_credentials *credentials)
-{
- int ret = 0;
- int header_size = 0;
- int recv_msg_size = 0;
- unsigned char *buf = NULL;
-
- if (!recv_msg || !credentials)
- return MS_MEDIA_ERR_INVALID_PARAMETER;
-
- header_size = sizeof(thumbMsg) -(MAX_FILEPATH_LEN * 2) - sizeof(unsigned char *);
- MS_MALLOC(buf, header_size);
-
- if ((recv_msg_size = recv(sockfd, buf, header_size, 0)) < 0) {
- if (errno == EWOULDBLOCK) {
- MSAPI_DBG_ERR("Timeout. Can't try any more");
- return MS_MEDIA_ERR_SOCKET_RECEIVE_TIMEOUT;
- } else {
- MSAPI_DBG_ERR("recv failed");
- return MS_MEDIA_ERR_SOCKET_RECEIVE;
- }
- }
-
- memcpy(recv_msg, buf, header_size);
-
- MS_SAFE_FREE(buf);
-
- if (recv_msg->origin_path_size <= 0) {
- MS_SAFE_FREE(buf);
- MSAPI_DBG_ERR("msg->origin_path_size is invalid %d", recv_msg->origin_path_size);
- return MS_MEDIA_ERR_INVALID_PARAMETER;
- }
-
- MS_MALLOC(buf, (unsigned int)(recv_msg->origin_path_size));
- if (buf == NULL) {
- MSAPI_DBG_STRERROR("malloc failed");
- return MS_MEDIA_ERR_OUT_OF_MEMORY;
- }
-
- if ((recv_msg_size = recv(sockfd, buf, recv_msg->origin_path_size, 0)) < 0) {
- MS_SAFE_FREE(buf);
- if (errno == EWOULDBLOCK) {
- MSAPI_DBG_ERR("Timeout. Can't try any more");
- return MS_MEDIA_ERR_SOCKET_RECEIVE_TIMEOUT;
- } else {
- MSAPI_DBG_ERR("recv failed");
- return MS_MEDIA_ERR_SOCKET_RECEIVE;
+ if (ret != 0) {
+ MSAPI_DBG_ERR("[CYNARA]Failed to get smack");
+ if (credentials->uid) {
+ free(credentials->uid);
+ credentials->uid = NULL;
}
- }
-
- strncpy(recv_msg->org_path, (char*)buf, recv_msg->origin_path_size);
- MS_SAFE_FREE(buf);
-
- if (recv_msg->dest_path_size <= 0) {
- MS_SAFE_FREE(buf);
- MSAPI_DBG_ERR("msg->origin_path_size is invalid %d", recv_msg->dest_path_size);
- return MS_MEDIA_ERR_INVALID_PARAMETER;
- }
-
- MS_MALLOC(buf, (unsigned int)(recv_msg->dest_path_size));
- if (buf == NULL) {
- MSAPI_DBG_STRERROR("malloc failed");
- return MS_MEDIA_ERR_OUT_OF_MEMORY;
- }
-
- if ((recv_msg_size = recv(sockfd, buf, recv_msg->dest_path_size, 0)) < 0) {
- MS_SAFE_FREE(buf);
- if (errno == EWOULDBLOCK) {
- MSAPI_DBG_ERR("Timeout. Can't try any more");
- return MS_MEDIA_ERR_SOCKET_RECEIVE_TIMEOUT;
- } else {
- MSAPI_DBG_ERR("recv failed");
- return MS_MEDIA_ERR_SOCKET_RECEIVE;
- }
-
- }
-
- strncpy(recv_msg->dst_path, (char*)buf, recv_msg->dest_path_size);
- MS_SAFE_FREE(buf);
-
-
- ret = cynara_creds_socket_get_pid(sockfd, &(credentials->pid));
- if (ret < 0) {
- MSAPI_DBG_ERR("cynara_creds_socket_get_pid failed");
- return MS_MEDIA_ERR_INTERNAL;
- }
-
- ret = cynara_creds_socket_get_user(sockfd, USER_METHOD_UID, &(credentials->uid));
- if (ret < 0) {
- MSAPI_DBG_ERR("cynara_creds_socket_get_user failed");
- return MS_MEDIA_ERR_INTERNAL;
- }
-
- ret = cynara_creds_socket_get_client(sockfd, CLIENT_METHOD_SMACK, &(credentials->smack));
- if (ret < 0) {
- MSAPI_DBG_ERR("cynara_creds_socket_get_client failed");
return MS_MEDIA_ERR_INTERNAL;
}
-// MSAPI_DBG_ERR("cynara_creds_info : P[%d]U[%s]S[%s]", credentials->pid, credentials->uid, credentials->smack);
-
return MS_MEDIA_ERR_NONE;
}
int ms_cynara_check(const ms_peer_credentials *creds, const char *privilege)
{
- int result;
- char *session;
+ int result = 0;
+ char *session = NULL;
if (!creds || !privilege)
return MS_MEDIA_ERR_INVALID_PARAMETER;
session = cynara_session_from_pid(creds->pid);
- if (session == NULL) {
- MSAPI_DBG_ERR("cynara_session_from_pid failed");
- return MS_MEDIA_ERR_INTERNAL;
- }
+ MSAPI_RETVM_IF(session == NULL, MS_MEDIA_ERR_INTERNAL, "cynara_session_from_pid failed");
G_LOCK(cynara_mutex);
result = cynara_check(_cynara, creds->smack, session, creds->uid, privilege);
if (result != CYNARA_API_ACCESS_ALLOWED)
ms_cynara_dbg_err("cynara_check", result);
- MS_SAFE_FREE(session);
+ if (session)
+ free(session);
+
return result == CYNARA_API_ACCESS_ALLOWED ? MS_MEDIA_ERR_NONE : MS_MEDIA_ERR_PERMISSION_DENIED;
}
int err;
err = setsockopt(fd, SOL_SOCKET, SO_PASSSEC, &optval, sizeof(optval));
- if (err != 0) {
- MSAPI_DBG_ERR("Failed to set SO_PASSSEC socket option");
- return MS_MEDIA_ERR_SOCKET_INTERNAL;
- }
+ MSAPI_RETVM_IF(err != 0, MS_MEDIA_ERR_IPC, "Failed to set SO_PASSSEC socket option");
err = setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &optval, sizeof(optval));
- if (err != 0) {
- MSAPI_DBG_ERR("Failed to set SO_PASSCRED socket option");
- return MS_MEDIA_ERR_SOCKET_INTERNAL;
- }
+ MSAPI_RETVM_IF(err != 0, MS_MEDIA_ERR_IPC, "Failed to set SO_PASSCRED socket option");
return MS_MEDIA_ERR_NONE;
}
-
-