#include <uthash.h>
#include <pthread.h>
#include <sys/stat.h>
+#include <sys/socket.h>
#define SMACK_LEN 23
return res;
}
+int smack_get_peer_label(int sock_fd, char **label)
+{
+ *label = NULL;
+ char *value;
+ int ret;
+ socklen_t length = SMACK_LEN + 1;
+
+ value = calloc(length, 1);
+ if (!value)
+ return -1;
+
+ ret = getsockopt(sock_fd, SOL_SOCKET, SO_PEERSEC, value, &length);
+ if (ret == -1)
+ {
+ if (errno == ERANGE)
+ {
+ char *val2;
+ val2 = realloc(value, length);
+ if (!val2)
+ goto err;
+
+ value = val2;
+ ret = getsockopt(sock_fd, SOL_SOCKET, SO_PEERSEC, value, &length);
+ }
+ }
+
+ if (ret == 0)
+ *label = strndup(value, length);
+
+err:
+ free(value);
+ return ret;
+}
+
static int update_rule(struct smack_subject **subjects,
const char *subject_str,
const char *object_str, unsigned ac)
extern int smack_have_access(const char *path, const char *subject,
const char *object, const char *access_type);
+/*!
+ * Get the label that is associated with a peer on the other
+ * end of a socket.
+ *
+ * @param sock_fd The file descriptor of the socket
+ * @param label (out) The NULL terminated label of the socket if it exists, the caller is responsible to call free on label.
+ * @return 0 on success, -1 otherwise.
+ */
+extern int smack_get_peer_label(int sock_fd, char **label);
+
#ifdef __cplusplus
}
#endif