static int update_rule(struct smack_subject **subjects,
const char *subject_str, const char *object_str,
unsigned ac);
-static void destroy_rules(struct smack_subject **subjects);
inline unsigned str_to_ac(const char *str);
inline void ac_to_config_str(unsigned ac, char *str);
inline void ac_to_kernel_str(unsigned ac, char *str);
void smack_destroy_rules(smack_rules_t handle)
{
- destroy_rules(&handle->subjects);
+ struct smack_subject *s;
+ struct smack_object *o;
+
+ while (handle->subjects != NULL) {
+ s = handle->subjects;
+ while (s->objects != NULL) {
+ o = s->objects;
+ HASH_DEL(s->objects, o);
+ free(o->object);
+ free(o);
+ }
+ HASH_DEL(handle->subjects, s);
+ free(s->subject);
+ free(s);
+ }
+
free(handle);
}
-int smack_read_rules_from_file(smack_rules_t handle, const char *path,
- const char *subject_filter)
+smack_rules_t smack_read_rules_from_file(const char *path,
+ const char *subject_filter)
{
FILE *file;
char *buf = NULL;
const char *subject, *object, *access;
unsigned ac;
size_t size;
- struct smack_subject *subjects = NULL;
int ret = 0;
file = fopen(path, "r");
if (file == NULL)
- return -1;
+ return NULL;
+
+ smack_rules_t rules = smack_create_rules();
+ if (rules == NULL) {
+ fclose(file);
+ return NULL;
+ }
while (ret == 0 && getline(&buf, &size, file) != -1) {
subject = strtok(buf, " \n");
} else if (subject_filter == NULL ||
strcmp(subject, subject_filter) == 0) {
ac = str_to_ac(access);
- ret = update_rule(&subjects, subject, object, ac);
+ ret = update_rule(&rules->subjects, subject, object, ac);
}
free(buf);
buf = NULL;
}
- if (ferror(file))
- ret = -1;
-
- if (ret == 0) {
- destroy_rules(&handle->subjects);
- handle->subjects = subjects;
- } else {
- destroy_rules(&subjects);
+ if (ret != 0 || ferror(file)) {
+ smack_destroy_rules(rules);
+ rules = NULL;
}
free(buf);
fclose(file);
- return ret;
+ return rules;
}
int smack_write_rules_to_file(smack_rules_t handle, const char *path)
return 0;
}
-static void destroy_rules(struct smack_subject **subjects)
-{
- struct smack_subject *s;
- struct smack_object *o;
-
- while (*subjects != NULL) {
- s = *subjects;
- while (s->objects != NULL) {
- o = s->objects;
- HASH_DEL(s->objects, o);
- free(o->object);
- free(o);
- }
- HASH_DEL(*subjects, s);
- free(s->subject);
- free(s);
- }
-}
-
inline unsigned str_to_ac(const char *str)
{
int i, count;
START_TEST(test_add_new_rule)
{
int rc;
- smack_rules_t rules = smack_create_rules();
- fail_unless(rules != NULL, "Ruleset creation failed");
- rc = smack_read_rules_from_file(rules, "data/add_new_rule-in.txt", NULL);
- fail_unless(rc == 0, "Failed to read ruleset");
+ smack_rules_t rules = smack_read_rules_from_file("data/add_new_rule-in.txt", NULL);
+ fail_unless(rules != NULL, "Reading rules failed");
rc = smack_add_rule(rules, "Orange", "Apple", "ra");
fail_unless(rc == 0, "Failed to add rule");
rc = smack_write_rules_to_kernel(rules, "add_new_rule-result.txt");
START_TEST(test_modify_existing_rule)
{
int rc;
- smack_rules_t rules = smack_create_rules();
- fail_unless(rules != NULL, "Ruleset creation failed");
- rc = smack_read_rules_from_file(rules, "data/modify_existing_rule-in.txt", NULL);
- fail_unless(rc == 0, "Failed to read ruleset");
+ smack_rules_t rules = smack_read_rules_from_file("data/modify_existing_rule-in.txt", NULL);
+ fail_unless(rules != NULL, "Reading rules failed");
rc = smack_add_rule(rules, "Foo", "Bar", "wx");
fail_unless(rc == 0, "Failed to add rule");
rc = smack_write_rules_to_kernel(rules, "modify_existing_rule-result.txt");
START_TEST(test_rw_rules_config)
{
int rc;
- smack_rules_t rules = smack_create_rules();
- fail_unless(rules != NULL, "Ruleset creation failed");
- rc = smack_read_rules_from_file(rules, "data/write_rules_config-excepted.txt", NULL);
- fail_unless(rc == 0, "Failed to read ruleset");
+ smack_rules_t rules = smack_read_rules_from_file("data/write_rules_config-excepted.txt", NULL);
+ fail_unless(rules != NULL, "Reading rules failed");
rc = smack_write_rules_to_file(rules, "write_rules_config-result.txt");
fail_unless(rc == 0, "Failed to write ruleset");
rc = files_equal("write_rules_config-result.txt", "data/write_rules_config-excepted.txt");
START_TEST(test_rw_rules_kernel)
{
int rc;
- smack_rules_t rules = smack_create_rules();
- fail_unless(rules != NULL, "Ruleset creation failed");
- rc = smack_read_rules_from_file(rules, "data/write_rules_config-excepted.txt", NULL);
- fail_unless(rc == 0, "Failed to read ruleset");
+ smack_rules_t rules = smack_read_rules_from_file("data/write_rules_config-excepted.txt", NULL);
+ fail_unless(rules != NULL, "Reading rules failed");
rc = smack_write_rules_to_kernel(rules, "write_rules_kernel-result.txt");
fail_unless(rc == 0, "Failed to write ruleset");
rc = files_equal("write_rules_kernel-result.txt", "data/write_rules_kernel-excepted.txt");
START_TEST(test_remove_rule)
{
int rc;
- smack_rules_t rules = smack_create_rules();
- fail_unless(rules != NULL, "Ruleset creation failed");
- rc = smack_read_rules_from_file(rules, "data/remove_rule-in.txt", NULL);
- fail_unless(rc == 0, "Failed to read ruleset");
+ smack_rules_t rules = smack_read_rules_from_file("data/remove_rule-in.txt", NULL);
+ fail_unless(rules != NULL, "Reading rules failed");
rc = smack_remove_rule(rules, "Orange", "Apple");
fail_unless(rc == 0, "Failed to remove rule");
rc = smack_write_rules_to_kernel(rules, "remove_rule-result.txt");
START_TEST(test_remove_rules_by_subject)
{
int rc;
- smack_rules_t rules = smack_create_rules();
- fail_unless(rules != NULL, "Ruleset creation failed");
- rc = smack_read_rules_from_file(rules, "data/remove_rules_by_subject-in.txt", NULL);
- fail_unless(rc == 0, "Failed to read ruleset");
+ smack_rules_t rules = smack_read_rules_from_file("data/remove_rules_by_subject-in.txt", NULL);
+ fail_unless(rules != NULL, "Reading rules failed");
smack_remove_rules_by_subject(rules, "Foo");
rc = smack_write_rules_to_kernel(rules, "remove_rules_by_subject-result.txt");
fail_unless(rc == 0, "Failed to write ruleset");
START_TEST(test_remove_rules_by_object)
{
int rc;
- smack_rules_t rules = smack_create_rules();
- fail_unless(rules != NULL, "Ruleset creation failed");
- rc = smack_read_rules_from_file(rules, "data/remove_rules_by_object-in.txt", NULL);
- fail_unless(rc == 0, "Failed to read ruleset");
+ smack_rules_t rules = smack_read_rules_from_file("data/remove_rules_by_object-in.txt", NULL);
+ fail_unless(rules != NULL, "Reading rules failed");
smack_remove_rules_by_object(rules, "Apple");
rc = smack_write_rules_to_kernel(rules, "remove_rules_by_object-result.txt");
fail_unless(rc == 0, "Failed to write ruleset");
START_TEST(test_have_access_rule)
{
int rc;
- smack_rules_t rules = smack_create_rules();
- fail_unless(rules != NULL, "Ruleset creation failed");
- rc = smack_read_rules_from_file(rules, "data/have_access_rule-in.txt", "Orange");
- fail_unless(rc == 0, "Failed to read ruleset");
+ smack_rules_t rules = smack_read_rules_from_file("data/have_access_rule-in.txt", "Orange");
+ fail_unless(rules != NULL, "Reading rules failed");
rc = smack_have_access_rule(rules, "Orange", "Apple", "a");
fail_unless(rc, "Have access \"a\" failed");
smack_destroy_rules(rules);
START_TEST(test_have_access_removed_rule)
{
int rc;
- smack_rules_t rules = smack_create_rules();
- fail_unless(rules != NULL, "Rules creation failed");
- rc = smack_read_rules_from_file(rules, "data/have_access_rule-in.txt", "Orange");
- fail_unless(rc == 0, "Failed to read rules");
+ smack_rules_t rules = smack_read_rules_from_file("data/have_access_rule-in.txt", "Orange");
+ fail_unless(rules != NULL, "Reading rules failed");
rc = smack_remove_rule(rules, "Orange", "Apple");
fail_unless(rc == 0, "Failed to remove rule");
rc = smack_have_access_rule(rules, "Orange", "Apple", "a");
projects / framework / security / smack.git / commitdiff