return buf[0] == '1';
}
-char *smack_get_self_label()
+int smack_new_label_from_self(char **label)
{
- char *label;
+ char *result;
int fd;
int ret;
- label = calloc(LABEL_LEN + 1, 1);
- if (label == NULL)
- return NULL;
+ result = calloc(LABEL_LEN + 1, 1);
+ if (result == NULL)
+ return -1;
fd = open(SELF_LABEL_FILE, O_RDONLY);
if (fd < 0) {
- free(label);
- return NULL;
+ free(result);
+ return -1;
}
- ret = read(fd, label, LABEL_LEN);
+ ret = read(fd, result, LABEL_LEN);
close(fd);
if (ret < 0) {
- free(label);
- return NULL;
+ free(result);
+ return -1;
}
- return label;
+ *label = result;
+ return 0;
}
-char *smack_get_peer_label(int fd)
+int smack_new_label_from_socket(int fd, char **label)
{
char dummy;
int ret;
socklen_t length = 1;
- char *label;
+ char *result;
ret = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, &dummy, &length);
if (ret < 0 && errno != ERANGE)
- return NULL;
+ return -1;
- label = calloc(length, 1);
- if (label == NULL)
- return NULL;
+ result = calloc(length, 1);
+ if (result == NULL)
+ return -1;
- ret = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, label, &length);
+ ret = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, result, &length);
if (ret < 0) {
- free(label);
- return NULL;
+ free(result);
+ return -1;
}
- return label;
+ *label = result;
+ return 0;
}
inline int access_type_to_int(const char *access_type)
/*!
* Creates a new empty smack_accesses instance.
*
- * @param created instance
+ * @param accesses created instance
* @return 0 on success and negative value on failure.
*/
int smack_accesses_new(struct smack_accesses **accesses);
* file descriptor.
*
* @param fd file descriptor
- * @param created instance
+ * @param accesses created instance
* @return 0 on success and negative value on failure.
*/
int smack_accesses_new_from_file(int fd, struct smack_accesses **accesses);
* Get the label that is associated with the callers process.
* Caller is responsible of freeing the returned label.
*
- * @return Callers label on success and NULL of failure.
+ * @param label returned label
+ * @return 0 on success and negative value on failure.
*/
-char *smack_get_self_label();
+int smack_new_label_from_self(char **label);
/*!
* Get the label that is associated with a peer on the other end of an
- * Unix socket. Caller is responsible of freeing the returned label.
+ * Unix socket (SO_PEERSEC). Caller is responsible of freeing the
+ * returned label.
*
* @param fd socket file descriptor
- * @return Peers label on success and NULL of failure.
+ * @param label returned label
+ * @return 0 on success and negative value on failure.
*/
-char *smack_get_peer_label(int fd);
+int smack_new_label_from_socket(int fd, char **label);
#ifdef __cplusplus
}
smack_accesses_apply;
smack_accesses_add;
smack_have_access;
- smack_get_self_label;
- smack_get_peer_label;
+ smack_new_label_from_self;
+ smack_new_label_from_socket;
local:
*;
};
{
char *label = NULL;
- label = smack_get_self_label();
- if (label == NULL) {
- perror("smack_get_self_label");
+ if (smack_new_label_from_self(&label)) {
+ perror("smack_new_label_from_self");
return EXIT_FAILURE;
}
projects / framework / security / smack.git / commitdiff