Destroy tizen context, get right uid of client

Change-Id: I85cbd1773a304d376c61477e9b1202e366e3f32c

diff --git a/simulatordaemon/inc/SecurityContext.h b/simulatordaemon/inc/SecurityContext.h
index b9b7655..2ebf6b6 100644 (file)
--- a/simulatordaemon/inc/SecurityContext.h
+++ b/simulatordaemon/inc/SecurityContext.h
@@ -44,7 +44,7 @@ private:
                TEE_TASTORE_ROOT,
        };
 
-       static std::string getCaFullPathFromPkgId(char*);
+       std::string getCaFullPathFromPkgId(char*);
 
 public:
        SecurityContext();

diff --git a/simulatordaemon/src/SecurityContext.cpp b/simulatordaemon/src/SecurityContext.cpp
index 699f6be..a70c9e8 100644 (file)
--- a/simulatordaemon/src/SecurityContext.cpp
+++ b/simulatordaemon/src/SecurityContext.cpp
@@ -32,10 +32,12 @@
 #include <stdexcept>
 #include <tzplatform_config.h>
 #include <unistd.h>
+#include <sys/types.h>
+#include <sys/socket.h>
 
 using p_char = std::unique_ptr<char, std::function<void(void*)>>;
 using p_cynara_conf = std::unique_ptr<cynara_configuration, std::function<void(cynara_configuration*)>>;
-using p_tzplatform_context= std::unique_ptr<tzplatform_context, std::function<void(tzplatform_context*)>>;
+using p_tzplatform_context = std::unique_ptr<tzplatform_context, std::function<void(tzplatform_context*)>>;
 
 namespace fs = boost::filesystem;
 
@@ -51,40 +53,54 @@ pthread_mutex_t cynara_mutex = PTHREAD_MUTEX_INITIALIZER;
 #define BOOST_FILESYSTEM_VERSION 3
 #define RETURN_UNLOCK(ret, mtx) {pthread_mutex_unlock(&mtx); return ret;}
 
-/* TODO: this function needs to be tested.
- */
+
 std::string SecurityContext::getCaFullPathFromPkgId(char* pkgid) {
 
        std::string path;
 
        tzplatform_variable ids[3] = {TZ_USER_APP, TZ_SYS_RW_APP, TZ_SYS_RO_APP};
        tzplatform_context *ctx;
-       if (! tzplatform_context_create(&ctx)) {
-           LOGE(SIM_DAEMON, "Can't create tizen context");
-           return path;
+       if (tzplatform_context_create(&ctx) != 0) {
+               LOGE(SIM_DAEMON, "Can't create tizen context");
+               return "";
+       }
+
+       p_tzplatform_context p_ctx(ctx, &tzplatform_context_destroy);
+
+       auto len = sizeof(struct ucred);
+       struct ucred ucred;
+
+       if (getsockopt(connFd, SOL_SOCKET, SO_PEERCRED, &ucred, &len) == -1) {
+               LOGE(SIM_DAEMON, "Can't get uid of client");
+               return "";
        }
 
-       p_tzplatform_context p_ctx(ctx, &free);
+       auto clientUID = ucred.uid;
 
-       if (! tzplatform_context_set_user(p_ctx.get(), getuid())) {
-           LOGE(SIM_DAEMON, "Can not set user for context");
-           return path;
+       if (tzplatform_context_set_user(p_ctx.get(), clientUID) != 0) {
+               LOGE(SIM_DAEMON, "Can not set user for context");
+               return "";
        }
 
        for (auto &id : ids) {
-           path = std::move(tzplatform_context_getenv(p_ctx.get(), id));
-           LOGD(SIM_DAEMON, "Path is : %s", path.c_str());
-           if (! path.empty()) break;
+               path = std::move(tzplatform_context_getenv(p_ctx.get(), id));
+               LOGD(SIM_DAEMON, "Path is : %s", path.c_str());
+               if (!path.empty()) break;
+       }
+
+       if (!fs::exists(path)) {
+               LOGE(SIM_DAEMON, "Path doesn't exist: %s", path.c_str());
+               return "";
        }
 
-       path = fs::read_symlink(fs::path(path)).parent_path().string();
+       path = fs::read_symlink(fs::path(path)).string();
 
        if (path.empty()) {
                LOGE(SIM_DAEMON, "Bad CA path. Does this directory exist: %s ?", path.c_str());
        }
 
        path += "/" + std::string(pkgid) + TA_LOCAL_PATH;
-       LOGD(SIM_DAEMON, "Path::::: &s", path.c_str());
+       LOGD(SIM_DAEMON, "Path: %s", path.c_str());
 
        return path;
 }