#include "pepper-keyrouter.h"
#include "pepper-internal.h"
#include <tizen-extension-server-protocol.h>
-#ifdef HAVE_CYNARA
-#include <cynara-session.h>
-#include <cynara-client.h>
-#include <cynara-creds-socket.h>
-#include <sys/smack.h>
-#include <stdio.h>
-#include <stdarg.h>
-#endif
+#include <pepper-utils.h>
#define MIN(a,b) ((a)<(b)?(a):(b))
pepper_view_t *focus_view;
pepper_view_t *top_view;
-#ifdef HAVE_CYNARA
- cynara *p_cynara;
-#endif
+ pepper_bool_t pepper_security_init_done;
};
struct resources_data {
int err;
};
-#ifdef HAVE_CYNARA
-static void
-_pepper_keyrouter_util_cynara_log(int err, const char *fmt, ...)
-{
-#define CYNARA_BUFSIZE 128
- char buf[CYNARA_BUFSIZE] = "\0", tmp[CYNARA_BUFSIZE + CYNARA_BUFSIZE] = "\0";
- va_list args;
- int ret;
-
- if (fmt) {
- va_start(args, fmt);
- vsnprintf(tmp, CYNARA_BUFSIZE + CYNARA_BUFSIZE, fmt, args);
- va_end(args);
- }
-
- ret = cynara_strerror(err, buf, CYNARA_BUFSIZE);
- if (ret != CYNARA_API_SUCCESS) {
- PEPPER_ERROR("Failed to cynara_strerror: %d (error log about %s: %d)\n", ret, tmp, err);
- return;
- }
-
- PEPPER_ERROR("%s is failed: %s\n", tmp, buf);
-}
-#endif
-
-static pepper_bool_t
-_pepper_keyrouter_util_cynara_init(pepper_keyrouter_t *pepper_keyrouter)
-{
-#ifdef HAVE_CYNARA
- int ret;
- if (pepper_keyrouter->p_cynara) return PEPPER_TRUE;
-
- ret = cynara_initialize(&pepper_keyrouter->p_cynara, NULL);
- if (CYNARA_API_SUCCESS != ret) {
- _pepper_keyrouter_util_cynara_log(ret, "cynara_initialize");
- return PEPPER_FALSE;
- }
-#endif
- return PEPPER_TRUE;
-}
-
-static void
-_pepper_keyrouter_util_cynara_deinit(pepper_keyrouter_t *pepper_keyrouter)
-{
-#ifdef HAVE_CYNARA
- if (pepper_keyrouter->p_cynara) cynara_finish(pepper_keyrouter->p_cynara);
-#else
- ;
-#endif
-}
-
static pepper_bool_t
_pepper_keyrouter_util_do_privilege_check(pepper_keyrouter_t *pepper_keyrouter, struct wl_client *client, uint32_t mode, uint32_t keycode)
{
- pepper_bool_t res = PEPPER_TRUE;
-#ifdef HAVE_CYNARA
- int ret, retry_cnt = 0, len = 0;
- char *clientSmack = NULL, *client_session = NULL, uid2[16]={0, };
clients_data_t *cdata;
- static pepper_bool_t retried = PEPPER_FALSE;
+
pid_t pid = 0;
uid_t uid = 0;
gid_t gid = 0;
- res = PEPPER_FALSE;
-
/* Top position grab is always allowed. This mode do not need privilege.*/
if (mode == TIZEN_KEYROUTER_MODE_TOPMOST) return PEPPER_TRUE;
if (!client) return PEPPER_FALSE;
- /* If initialize cynara is failed, allow keygrabs regardless of the previlege permition. */
- if (pepper_keyrouter->p_cynara == NULL) {
- if (retried == PEPPER_FALSE) {
- retried = PEPPER_TRUE;
- for(retry_cnt = 0; retry_cnt < 5; retry_cnt++) {
- PEPPER_TRACE("Retry cynara initialize: %d\n", retry_cnt + 1);
-
- ret = cynara_initialize(&pepper_keyrouter->p_cynara, NULL);
- if (CYNARA_API_SUCCESS != ret) {
- _pepper_keyrouter_util_cynara_log(ret, "cynara_initialize retry..");
- pepper_keyrouter->p_cynara = NULL;
- } else {
- PEPPER_TRACE("Success cynara initialize to try %d times\n", retry_cnt + 1);
- break;
- }
- }
- }
- if (!pepper_keyrouter->p_cynara) return PEPPER_TRUE;
- }
-
- pepper_list_for_each(cdata, &pepper_keyrouter->grabbed_clients, link) {
+ pepper_list_for_each(cdata, &pepper_keyrouter->grabbed_clients, link) {
if (cdata->client == client) return PEPPER_TRUE;
}
wl_client_get_credentials(client, &pid, &uid, &gid);
- len = smack_new_label_from_process((int)pid, &clientSmack);
- if (len <= 0) goto finish;
-
- snprintf(uid2, 15, "%d", (int)uid);
- client_session = cynara_session_from_pid(pid);
-
- ret = cynara_check(pepper_keyrouter->p_cynara, clientSmack, client_session, uid2, "http://tizen.org/privilege/keygrab");
- if (CYNARA_API_ACCESS_ALLOWED == ret) {
- res = PEPPER_TRUE;
- PEPPER_TRACE("Success to check cynara, clientSmack: %s client_session: %s, uid2: %s\n", clientSmack, client_session, uid2);
- } else {
- //PEPPER_TRACE("Fail to check cynara, error : %d (pid : %d)", ret, pid);
- _pepper_keyrouter_util_cynara_log(ret, "clientsmack: %s, pid: %d", clientSmack, pid);
- }
-
-finish:
- if (client_session) free(client_session);
- if (clientSmack) free(clientSmack);
-#endif
- return res;
+ return pepper_security_privilege_check(pid, uid, "http://tizen.org/privilege/keygrab");
}
static struct wl_client *
pepper_keyrouter->keyrouter = keyrouter_create();
PEPPER_CHECK(pepper_keyrouter->keyrouter, goto failed, "Failed to create keyrouter\n");
- ret = _pepper_keyrouter_util_cynara_init(pepper_keyrouter);
- if (!ret) PEPPER_TRACE("cynara initialize is failed, process keyrouter without cynara\n");
+ pepper_keyrouter->pepper_security_init_done = ret = pepper_security_init();
+ if (!ret) PEPPER_TRACE("pepper_security_init() is failed. Keyrouter will work without pepper_security.\n");
return pepper_keyrouter;
if (pepper_keyrouter->global)
wl_global_destroy(pepper_keyrouter->global);
- _pepper_keyrouter_util_cynara_deinit(pepper_keyrouter);
+ if (pepper_keyrouter->pepper_security_init_done)
+ pepper_security_deinit();
+ pepper_keyrouter->pepper_security_init_done = PEPPER_FALSE;
free(pepper_keyrouter);
pepper_keyrouter = NULL;
projects / platform / core / uifw / pepper.git / commitdiff