}
SocketBuffer send, recv;
- Serialization ser;
- ser.Serialize(send, std::string(objectName));
+ Serialization::Serialize(send, std::string(objectName));
int retCode = sendToServer(
SERVICE_SOCKET_GET_GID,
if (retCode != SECURITY_SERVER_API_SUCCESS)
return retCode;
- Deserialization des;
- des.Deserialize(recv, retCode);
+ Deserialization::Deserialize(recv, retCode);
// Return if errors
if (retCode < 0)
// No errors, return gid
gid_t gid;
- des.Deserialize(recv, gid);
+ Deserialization::Deserialize(recv, gid);
return gid;
} catch (SocketBuffer::Exception::Base &e) {
LogDebug("SecurityServer::SocketBuffer::Exception " << e.DumpToString());
}
SocketBuffer send, recv;
- Serialization ser;
- ser.Serialize(send, gid);
+ Serialization::Serialize(send, gid);
int result = sendToServer(
SERVICE_SOCKET_GET_OBJECT_NAME,
if (result != SECURITY_SERVER_API_SUCCESS)
return result;
- Deserialization des;
- des.Deserialize(recv, result);
+ Deserialization::Deserialize(recv, result);
std::string retObjectName;
- des.Deserialize(recv, retObjectName);
+ Deserialization::Deserialize(recv, retObjectName);
if(retObjectName.size() > maxObjectSize){
LogError("Objects name is too big. Need more space in pObjectName buffer.");
return SECURITY_SERVER_API_SUCCESS;
SocketBuffer send, recv;
- Serialization ser;
- ser.Serialize(send, pid);
- ser.Serialize(send, std::string(object));
- ser.Serialize(send, std::string(access_rights));
+ Serialization::Serialize(send, pid);
+ Serialization::Serialize(send, std::string(object));
+ Serialization::Serialize(send, std::string(access_rights));
int result = sendToServer(
SERVICE_SOCKET_PRIVILEGE_BY_PID,
if (result != SECURITY_SERVER_API_SUCCESS)
return result;
- Deserialization des;
- des.Deserialize(recv, result);
+ Deserialization::Deserialize(recv, result);
return result;
} catch (SocketBuffer::Exception::Base &e) {
LogDebug("SecurityServer::SocketBuffer::Exception " << e.DumpToString());
}
SocketBuffer send, recv;
- Serialization ser;
- ser.Serialize(send, std::string(customer_label));
- ser.Serialize(send, customer_pid);
+ Serialization::Serialize(send, std::string(customer_label));
+ Serialization::Serialize(send, customer_pid);
int result = sendToServer(
SERVICE_SOCKET_SHARED_MEMORY,
if (result != SECURITY_SERVER_API_SUCCESS)
return result;
- Deserialization des;
- des.Deserialize(recv, result);
+ Deserialization::Deserialize(recv, result);
return result;
} catch (SocketBuffer::Exception::Base &e) {
LogDebug("SecurityServer::SocketBuffer::Exception " << e.DumpToString());
try{
SocketBuffer send, recv;
- Serialization ser;
- ser.Serialize(send, pid);
+ Serialization::Serialize(send, pid);
int result = sendToServer(
SERVICE_SOCKET_EXEC_PATH,
if(result != SECURITY_SERVER_API_SUCCESS)
return result;
- Deserialization des;
- des.Deserialize(recv, result);
+ Deserialization::Deserialize(recv, result);
if(result != SECURITY_SERVER_API_SUCCESS)
return result;
- des.Deserialize(recv, exe);
+ Deserialization::Deserialize(recv, exe);
return result;
} catch (SocketBuffer::Exception::Base &e) {
LogDebug("SecurityServer::SocketBuffer::Exception " << e.DumpToString());
#include <sys/smack.h>
#include <fstream>
#include <linux/limits.h>
+#include <signal.h>
+#include <errno.h>
namespace SecurityServer {
CookieJar::CookieJar(void)
+ : m_position(0)
{
LogDebug("Created CookieJar for handling cookies");
}
};
}
+void CookieJar::GarbageCollector(size_t howMany)
+{
+ if ((howMany == 0) || (howMany > m_cookieList.size())) {
+ howMany = m_cookieList.size();
+ }
+
+ for (size_t i = 0; i < howMany; ++i) {
+
+ if (m_position >= m_cookieList.size()) {
+ m_position = 0;
+ }
+
+ if (kill(m_cookieList[m_position].pid, 0) && (errno == ESRCH)) {
+ LogDebug("Cookie deleted " << " PID:" << m_cookieList[m_position].pid);
+ if (m_position != (m_cookieList.size()-1))
+ m_cookieList[m_position] = *m_cookieList.rbegin();
+ m_cookieList.pop_back();
+ } else {
+ ++m_position;
+ }
+ }
+}
+
} // namespace SecurityServer
{
public:
CookieJar(void);
- ~CookieJar(void);
+ virtual ~CookieJar(void);
const Cookie * GenerateCookie(int pid);
void DeleteCookie(const Cookie &pattern, CompareType criterion);
const Cookie * SearchCookie(const Cookie &pattern, CompareType criterion) const;
bool CompareCookies(const Cookie &c1, const Cookie &c2, CompareType criterion) const;
+ // howMany - number of cookies that will be checked.
+ // Set howMay to 0 to check all cookies.
+ void GarbageCollector(size_t howMany);
+
private:
+ size_t m_position;
std::vector<Cookie> m_cookieList;
};
LogDebug("Iteration begin");
SocketBuffer send, recv;
int msgType;
+ bool removeGarbage = false;
//waiting for all data
if (!buffer.Ready()) {
case CookieCall::GET_COOKIE:
LogDebug("Entering get-cookie server side handler");
retval = cookieRequest(send, conn.sock);
+ removeGarbage = true;
break;
default:
retval = false;
}
- if (retval == false) { //something goes wrong with communication
- LogDebug("Closing socket because of error");
- m_serviceManager->Close(conn);
- return retval;
- } else {
+ if (retval) {
//send response
m_serviceManager->Write(conn, send.Pop());
- return retval;
+ } else {
+ LogDebug("Closing socket because of error");
+ m_serviceManager->Close(conn);
}
+
+ // Each time you add one cookie check 2 others.
+ if (removeGarbage)
+ m_cookieJar.GarbageCollector(2);
+
+ return retval;
}
bool CookieService::cookieRequest(SocketBuffer &send, int socket)
}
Try {
- SecurityServer::Deserialization des;
- des.Deserialize(buffer, clientLabel);
- des.Deserialize(buffer, clientPid);
+ Deserialization::Deserialize(buffer, clientLabel);
+ Deserialization::Deserialize(buffer, clientPid);
} Catch (SocketBuffer::Exception::Base) {
LogDebug("Broken protocol. Closing socket.");
m_serviceManager->Close(conn);
free(providerLabel);
smack_accesses_free(smack);
- SecurityServer::Serialization ser;
SocketBuffer sendBuffer;
- ser.Serialize(sendBuffer, retCode);
+ Serialization::Serialize(sendBuffer, retCode);
m_serviceManager->Write(conn, sendBuffer.Pop());
return true;
}
}
Try {
- SecurityServer::Deserialization des;
- des.Deserialize(buffer, pid);
+ Deserialization::Deserialize(buffer, pid);
} Catch (SocketBuffer::Exception::Base) {
LogDebug("Broken protocol. Closing socket.");
m_serviceManager->Close(conn);
return false;
}
- SecurityServer::Serialization ser;
SocketBuffer sendBuffer;
int retVal;
{
LogError("Server: Failed to read executable path for pid " << pid);
retVal = SECURITY_SERVER_API_ERROR_SERVER_ERROR;
- ser.Serialize(sendBuffer, retVal);
+ Serialization::Serialize(sendBuffer, retVal);
m_serviceManager->Write(conn, sendBuffer.Pop());
return true;
}
retVal = SECURITY_SERVER_API_SUCCESS;
- ser.Serialize(sendBuffer, retVal);
- ser.Serialize(sendBuffer, exec_path);
+ Serialization::Serialize(sendBuffer, retVal);
+ Serialization::Serialize(sendBuffer, exec_path);
m_serviceManager->Write(conn, sendBuffer.Pop());
return true;
}
// Get objects name:
Try {
- SecurityServer::Deserialization des;
- des.Deserialize(buffer, objectName);
+ Deserialization::Deserialize(buffer, objectName);
} Catch (SocketBuffer::Exception::Base) {
LogDebug("Broken protocol. Closing socket.");
m_serviceManager->Close(conn);
retCode = setGid(objectName);
// Send the result
- SecurityServer::Serialization ser;
SocketBuffer sendBuffer;
- ser.Serialize(sendBuffer, retCode);
- ser.Serialize(sendBuffer, m_gid);
+ Serialization::Serialize(sendBuffer, retCode);
+ Serialization::Serialize(sendBuffer, m_gid);
m_serviceManager->Write(conn, sendBuffer.Pop());
return true;
}
// Get objects GID:
Try {
- SecurityServer::Deserialization des;
- des.Deserialize(buffer, gid);
+ Deserialization::Deserialize(buffer, gid);
} Catch (SocketBuffer::Exception::Base) {
LogDebug("Broken protocol. Closing socket.");
m_serviceManager->Close(conn);
retCode = setName(gid);
// Send the result
- SecurityServer::Serialization ser;
SocketBuffer sendBuffer;
- ser.Serialize(sendBuffer, retCode);
- ser.Serialize(sendBuffer, m_name);
+ Serialization::Serialize(sendBuffer, retCode);
+ Serialization::Serialize(sendBuffer, m_name);
m_serviceManager->Write(conn, sendBuffer.Pop());
return true;
}
}
Try {
- SecurityServer::Deserialization des;
- des.Deserialize(buffer, pid);
- des.Deserialize(buffer, object);
- des.Deserialize(buffer, access_rights);
+ Deserialization::Deserialize(buffer, pid);
+ Deserialization::Deserialize(buffer, object);
+ Deserialization::Deserialize(buffer, access_rights);
} Catch (SocketBuffer::Exception::Base) {
LogDebug("Broken protocol. Closing socket.");
m_serviceManager->Close(conn);
else //there is no permission
retCode = SECURITY_SERVER_API_ERROR_ACCESS_DENIED;
- SecurityServer::Serialization ser;
SocketBuffer sendBuffer;
- ser.Serialize(sendBuffer, retCode);
+ Serialization::Serialize(sendBuffer, retCode);
m_serviceManager->Write(conn, sendBuffer.Pop());
return true;
}