sxp->pattern = _free(sxp->pattern);
sxp->type = _free(sxp->type);
sxp->context = _free(sxp->context);
+ regfree(sxp->preg);
+ sxp->preg = _free(sxp->preg);
}
/*@=branchstate@*/
return i;
}
+const char * rpmsxPattern(const rpmsx sx)
+{
+ const char * pattern = NULL;
+
+ if (sx != NULL && sx->i >= 0 && sx->i < sx->Count)
+ pattern = (sx->sxp + sx->i)->pattern;
+ return pattern;
+}
+
+const char * rpmsxType(const rpmsx sx)
+{
+ const char * type = NULL;
+
+ if (sx != NULL && sx->i >= 0 && sx->i < sx->Count)
+ type = (sx->sxp + sx->i)->type;
+ return type;
+}
+
+const char * rpmsxContext(const rpmsx sx)
+{
+ const char * context = NULL;
+
+ if (sx != NULL && sx->i >= 0 && sx->i < sx->Count)
+ context = (sx->sxp + sx->i)->context;
+ return context;
+}
+
+regex_t * rpmsxRE(const rpmsx sx)
+{
+ regex_t * preg = NULL;
+
+ if (sx != NULL && sx->i >= 0 && sx->i < sx->Count)
+ preg = (sx->sxp + sx->i)->preg;
+ return preg;
+}
+
int rpmsxNext(/*@null@*/ rpmsx sx)
/*@modifies sx @*/
{
int i = -1;
- if (sx != NULL && ++sx->i >= 0) {
- if (sx->i < sx->Count) {
- i = sx->i;
- } else
- sx->i = -1;
+ if (sx != NULL) {
+ if (sx->reverse != 0) {
+ i = --sx->i;
+ if (sx->i < 0) {
+ sx->i = sx->Count;
+ i = -1;
+ }
+ } else {
+ i = ++sx->i;
+ if (sx->i >= sx->Count) {
+ sx->i = -1;
+ i = -1;
+ }
+ }
/*@-modfilesys @*/
-if (_rpmsx_debug < 0 && i != -1)
-fprintf(stderr, "*** sx %p\t%s[%d]\n", sx, __func__, i);
+if (_rpmsx_debug < 0 && i != -1) {
+rpmsxp sxp = sx->sxp + i;
+fprintf(stderr, "*** sx %p\t%s[%d]\t%s\t%s\n", sx, __func__, i, sxp->pattern, sxp->context);
/*@=modfilesys @*/
+}
}
return i;
}
-rpmsx rpmsxInit(/*@null@*/ rpmsx sx)
+rpmsx rpmsxInit(/*@null@*/ rpmsx sx, int reverse)
/*@modifies sx @*/
{
- if (sx != NULL)
- sx->i = -1;
+ if (sx != NULL) {
+ sx->reverse = reverse;
+ sx->i = (sx->reverse ? sx->Count : -1);
+ }
/*@-refcounttrans@*/
return sx;
/*@=refcounttrans@*/
}
+
+const char * rpmsxApply(rpmsx sx, const char * fn)
+{
+ const char * context = NULL;
+
+ sx = rpmsxInit(sx, 1);
+ if (sx != NULL)
+ while (rpmsxNext(sx) >= 0) {
+ }
+
+ return context;
+}
*/
#include <regex.h>
+#include "selinux.h"
/**
*/
/*@only@*/ /*@null@*/
const char * pattern; /*!< File path regex pattern. */
/*@only@*/ /*@null@*/
- const char * type; /*!< File type. */
+ const char * type; /*!< File type string. */
/*@only@*/ /*@null@*/
const char * context; /*!< Security context. */
/*@only@*/ /*@null@*/
regex_t * preg; /*!< Compiled regex. */
+ mode_t mode; /*!< File type. */
+ int matches;
+ int hasMetaChars;
+ int stem_id;
};
/**
* File security context patterns container.
*/
struct rpmsx_s {
- int Count; /*!< No. of elements */
- int i; /*!< Current element index. */
/*@only@*/ /*@null@*/
rpmsxp sxp; /*!< File context patterns. */
+ int Count; /*!< No. of elements */
+ int i; /*!< Current element index. */
+ int reverse; /*!< Reverse traversal? */
int nrefs; /*!< Reference count. */
};
#endif /* defined(_RPMSX_INTERNAL) */
/*@null@*/
rpmsx rpmsxFree(/*@killref@*/ /*@only@*/ /*@null@*/ rpmsx sx)
/*@modifies sx@*/;
+
+/**
+ * Parse selinux file security context patterns.
+ * @param sx security context patterns
+ * @param fn file name to parse
+ * @return 0 on success
+ */
+int rpmsxParse(rpmsx sx, /*@null@*/ const char *fn)
+ /*modifies sx @*/;
+
/**
* Create and load security context patterns.
* @param fn header
/*@modifies sx @*/;
/**
+ * Return current pattern.
+ * @param sx security context patterns
+ * @return current pattern, NULL on invalid
+ */
+/*@observer@*/ /*@null@*/
+extern const char * rpmsxPattern(/*@null@*/ const rpmsx sx)
+ /*@*/;
+
+/**
+ * Return current type.
+ * @param sx security context patterns
+ * @return current type, NULL on invalid/missing
+ */
+/*@observer@*/ /*@null@*/
+extern const char * rpmsxType(/*@null@*/ const rpmsx sx)
+ /*@*/;
+
+/**
+ * Return current context.
+ * @param sx security context patterns
+ * @return current context, NULL on invalid
+ */
+/*@observer@*/ /*@null@*/
+extern const char * rpmsxContext(/*@null@*/ const rpmsx sx)
+ /*@*/;
+
+/**
+ * Return current regex.
+ * @param sx security context patterns
+ * @return current context, NULL on invalid
+ */
+/*@observer@*/ /*@null@*/
+extern regex_t * rpmsxRE(/*@null@*/ const rpmsx sx)
+ /*@*/;
+
+/**
* Return next security context patterns iterator index.
* @param sx security context patterns
* @return security context patterns iterator index, -1 on termination
/**
* Initialize security context patterns iterator.
* @param sx security context patterns
+ * @param reverse iterate in reverse order?
* @return security context patterns
*/
/*@null@*/
-rpmsx rpmsxInit(/*@null@*/ rpmsx sx)
+rpmsx rpmsxInit(/*@null@*/ rpmsx sx, int reverse)
/*@modifies sx @*/;
#ifdef __cplusplus
poptContext optCon;
const char ** av;
rpmsx sx;
- rpmsxp sxp;
int ec = EXIT_FAILURE; /* assume failure. */
int rc;
int i;
av = poptGetArgs(optCon);
+ _rpmsx_debug = -1;
/* Parse the specification file. */
sx = rpmsxNew(NULL);
- sx = rpmsxInit(sx);
+ sx = rpmsxInit(sx, 1);
if (sx != NULL)
while ((i = rpmsxNext(sx)) >= 0) {
- sxp = sx->sxp + i;
+ const char * pattern = rpmsxPattern(sx);
+ const char * type = rpmsxType(sx);
+ const char * context = rpmsxContext(sx);
+
fprintf(stderr, "%5d: %s\t%s\t%s\n", i,
- sxp->pattern, (sxp->type ? sxp->type : ""), sxp->context);
+ pattern, (type ? type : ""), context);
}
sx = rpmsxFree(sx);