extern void smack_rule_set_delete(SmackRuleSet handle);
/*!
+ * Attach label set to rule set to enabled transparent long name conversion.
+ * Note: does not take ownership of label set so caller must take care of
+ * freeing it.
+ *
+ * @param rules rule set
+ * @param labels label set
+ */
+extern void smack_rule_set_attach_label_set(SmackRuleSet rules,
+ SmackLabelSet labels);
+
+/*!
* Write rules to a given file.
*
* @param handle handle to a rules
const char *long_name)
{
struct smack_label *l;
+
HASH_FIND(long_name_hh, handle->label_by_long_name, long_name, strlen(long_name), l);
+
+ if (l == NULL)
+ return NULL;
+
return l->short_name;
}
const char *short_name)
{
struct smack_label *l;
+
HASH_FIND(short_name_hh, handle->label_by_short_name, short_name, strlen(short_name), l);
+
+ if (l == NULL)
+ return NULL;
+
return l->long_name;
}
struct _SmackRuleSet {
struct smack_subject *subjects;
+ SmackLabelSet labels;
};
static int update_rule(struct smack_subject **subjects,
}
SmackRuleSet smack_rule_set_new_from_file(const char *path,
- const char *subject_filter)
+ const char *subject_filter)
{
SmackRuleSet rules;
FILE *file;
}
while (ret == 0 && getline(&buf, &size, file) != -1) {
- subject = strtok(buf, " \n");
- object = strtok(NULL, " \n");
- access = strtok(NULL, " \n");
+ subject = strtok(buf, " \t\n");
+ object = strtok(NULL, " \t\n");
+ access = strtok(NULL, " \t\n");
if (subject == NULL || object == NULL || access == NULL ||
- strtok(NULL, " \n") != NULL) {
+ strtok(NULL, " \t\n") != NULL) {
ret = -1;
} else if (subject_filter == NULL ||
strcmp(subject, subject_filter) == 0) {
ac = str_to_ac(access);
- ret = update_rule(&rules->subjects, subject, object, ac);
+ ret = update_rule(&rules->subjects, subject, object,
+ ac);
}
free(buf);
free(handle);
}
+void smack_rule_set_attach_label_set(SmackRuleSet rules,
+ SmackLabelSet labels)
+{
+ rules->labels = labels;
+}
+
int smack_rule_set_save_to_file(SmackRuleSet handle, const char *path)
{
struct smack_subject *s, *stmp;
fclose(file);
return 0;
-
}
-int smack_rule_set_add(SmackRuleSet handle, const char *subject,
- const char *object, const char *access_str)
+int smack_rule_set_add(SmackRuleSet handle, const char *subject,
+ const char *object, const char *access_str)
{
unsigned access;
int ret;
+
+ if (handle->labels != NULL) {
+ subject = smack_label_set_to_short_name(handle->labels, subject);
+ object = smack_label_set_to_short_name(handle->labels, object);
+
+ if (subject == NULL || object == NULL)
+ return -1;
+ }
+
access = str_to_ac(access_str);
ret = update_rule(&handle->subjects, subject, object, access);
return ret == 0 ? 0 : -1;
}
int smack_rule_set_remove(SmackRuleSet handle, const char *subject,
- const char *object)
+ const char *object)
{
struct smack_subject *s = NULL;
struct smack_object *o = NULL;
+ if (handle->labels != NULL) {
+ subject = smack_label_set_to_short_name(handle->labels, subject);
+ object = smack_label_set_to_short_name(handle->labels, object);
+
+ if (subject == NULL || object == NULL)
+ return -1;
+ }
+
HASH_FIND_STR(handle->subjects, subject, s);
if (s == NULL)
return -1;
struct smack_subject *s = NULL;
struct smack_object *o = NULL, *tmp = NULL;
+ if (handle->labels != NULL) {
+ subject = smack_label_set_to_short_name(handle->labels, subject);
+
+ if (subject == NULL)
+ return;
+ }
+
HASH_FIND_STR(handle->subjects, subject, s);
if (s == NULL)
return;
struct smack_subject *s = NULL, *tmp = NULL;
struct smack_object *o = NULL;
+ if (handle->labels != NULL) {
+ object = smack_label_set_to_short_name(handle->labels, object);
+
+ if (object == NULL)
+ return;
+ }
+
HASH_ITER(hh, handle->subjects, s, tmp) {
HASH_FIND_STR(s->objects, object, o);
HASH_DEL(s->objects, o);
}
int smack_rule_set_have_access(SmackRuleSet handle, const char *subject,
- const char *object, const char *access_str)
+ const char *object, const char *access_str)
{
struct smack_subject *s = NULL;
struct smack_object *o = NULL;
unsigned ac;
+ if (handle->labels != NULL) {
+ subject = smack_label_set_to_short_name(handle->labels, subject);
+ object = smack_label_set_to_short_name(handle->labels, object);
+
+ if (subject == NULL || object == NULL)
+ return -1;
+ }
+
ac = str_to_ac(access_str);
HASH_FIND_STR(handle->subjects, subject, s);
#include <check.h>
#include "../src/smack.h"
+#define LONG_LABEL_1 "FooFooFooFooFooFooFooFooFooFooFooFooFoo"
+#define LONG_LABEL_2 "BarBarBarBarBarBarBarBarBarBarBarBarBar"
+
static int files_equal(const char *filename1, const char *filename2);
START_TEST(test_add_new_rule)
}
END_TEST
+
START_TEST(test_modify_existing_rule)
{
int rc;
}
END_TEST
+START_TEST(test_rule_set_attach_label_set_add_remove_rule)
+{
+ int rc;
+
+ SmackRuleSet rules = smack_rule_set_new();
+ fail_unless(rules != NULL, "Creating rule set failed");
+
+ SmackLabelSet labels = smack_label_set_new();
+ fail_unless(labels != NULL, "Creating label set failed");
+
+ smack_rule_set_attach_label_set(rules, labels);
+
+ rc = smack_label_set_add(labels, LONG_LABEL_1);
+ fail_unless(rc == 0, "Adding label was not succesful");
+
+ rc = smack_label_set_add(labels, LONG_LABEL_2);
+ fail_unless(rc == 0, "Adding label was not succesful");
+
+ rc = smack_rule_set_add(rules, LONG_LABEL_1, LONG_LABEL_2, "rx");
+ fail_unless(rc == 0, "Adding rule was not succesful");
+
+ rc = smack_rule_set_remove(rules, LONG_LABEL_1, LONG_LABEL_2);
+ fail_unless(rc == 0, "Removign rule was not succesful");
+
+ smack_rule_set_delete(rules);
+ smack_label_set_delete(labels);
+}
+END_TEST
+
+START_TEST(test_rule_set_attach_label_set_add_rule_no_labels)
+{
+ int rc;
+
+ SmackRuleSet rules = smack_rule_set_new();
+ fail_unless(rules != NULL, "Creating rule set failed");
+
+ SmackLabelSet labels = smack_label_set_new();
+ fail_unless(labels != NULL, "Creating label set failed");
+
+ smack_rule_set_attach_label_set(rules, labels);
+
+ rc = smack_rule_set_add(rules, LONG_LABEL_1, LONG_LABEL_2, "rx");
+ fail_unless(rc != 0, "Adding rule was succesful");
+
+ smack_rule_set_delete(rules);
+ smack_label_set_delete(labels);
+}
+END_TEST
+
+START_TEST(test_rule_set_attach_label_set_save_rules)
+{
+ int rc;
+
+ SmackRuleSet rules = smack_rule_set_new();
+ fail_unless(rules != NULL, "Creating rule set failed");
+
+ SmackLabelSet labels = smack_label_set_new();
+ fail_unless(labels != NULL, "Creating label set failed");
+
+ smack_rule_set_attach_label_set(rules, labels);
+
+ rc = smack_label_set_add(labels, LONG_LABEL_1);
+ fail_unless(rc == 0, "Adding label was not succesful");
+
+ rc = smack_label_set_add(labels, LONG_LABEL_2);
+ fail_unless(rc == 0, "Adding label was not succesful");
+
+ rc = smack_rule_set_add(rules, LONG_LABEL_1, LONG_LABEL_2, "rx");
+ fail_unless(rc == 0, "Adding rule was not succesful");
+
+ rc = smack_rule_set_save_to_file(rules, "rule_set_attach_label_set_save_rules-result.txt");
+ fail_unless(rc == 0, "Saving rule set was not succesful");
+
+ rc = files_equal("rule_set_attach_label_set_save_rules-result.txt",
+ "data/rule_set_attach_label_set_save_rules-excepted.txt");
+ fail_unless(rc == 1, "Unexcepted result");
+
+ smack_rule_set_delete(rules);
+ smack_label_set_delete(labels);
+}
+END_TEST
+
Suite *ruleset_suite (void)
{
Suite *s;
tcase_add_test(tc_core, test_remove_rules_by_object);
tcase_add_test(tc_core, test_have_access_rule);
tcase_add_test(tc_core, test_have_access_removed_rule);
+ tcase_add_test(tc_core, test_rule_set_attach_label_set_add_remove_rule);
+ tcase_add_test(tc_core, test_rule_set_attach_label_set_add_rule_no_labels);
+ tcase_add_test(tc_core, test_rule_set_attach_label_set_save_rules);
suite_add_tcase(s, tc_core);
return s;
--- /dev/null
+ooFooFooFooFooFooFooFoo arBarBarBarBarBarBarBar rx
projects / platform / upstream / smack.git / commitdiff