capi-security-privilege-manager
alarm-service
notification
+ cynara-creds-gdbus
clips
context-common
device-context-provider
BuildRequires: pkgconfig(alarm-service)
BuildRequires: pkgconfig(notification)
+BuildRequires: pkgconfig(cynara-creds-gdbus)
+
BuildRequires: pkgconfig(clips)
BuildRequires: pkgconfig(context-common)
BuildRequires: pkgconfig(context)
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <cynara-creds-gdbus.h>
+#include <types_internal.h>
+#include "peer_creds.h"
+
+std::string ctx::peer_creds::get_smack_label(GDBusConnection *connection, const char *unique_name)
+{
+ gchar *client = NULL;
+ int err = cynara_creds_gdbus_get_client(connection, unique_name, CLIENT_METHOD_SMACK, &client);
+ IF_FAIL_RETURN_TAG(err == CYNARA_API_SUCCESS, "", _E, "cynara_creds_gdbus_get_client() failed");
+
+ std::string ret = client;
+ g_free(client);
+ return ret;
+}
+
+pid_t ctx::peer_creds::get_pid(GDBusConnection *connection, const char *unique_name)
+{
+ pid_t pid = -1;
+ int err = cynara_creds_gdbus_get_pid(connection, unique_name, &pid);
+ IF_FAIL_RETURN_TAG(err == CYNARA_API_SUCCESS, -1, _E, "cynara_creds_gdbus_get_pid() failed");
+
+ return pid;
+}
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __CONTEXT_PEER_CREDENTIALS_H__
+#define __CONTEXT_PEER_CREDENTIALS_H__
+
+#include <sys/types.h>
+#include <gio/gio.h>
+#include <string>
+
+namespace ctx {
+ namespace peer_creds {
+ std::string get_smack_label(GDBusConnection *connection, const char *unique_name);
+ pid_t get_pid(GDBusConnection *connection, const char *unique_name);
+ }
+} /* namespace ctx */
+
+#endif /* End of __CONTEXT_PEER_CREDENTIALS_H__ */
#include <unistd.h>
#include <glib.h>
-#include <security-server.h>
#include <app_manager.h>
#include <types_internal.h>
#include <dbus_server.h>
#include "zone_util_impl.h"
#include "dbus_server_impl.h"
-#include "access_control/privilege.h"
#include "client_request.h"
-ctx::client_request::client_request(int type, const char* client, int req_id, const char* subj, const char* desc, const char* cookie, GDBusMethodInvocation *inv)
+ctx::client_request::client_request(int type, const char* client, int req_id, const char* subj, const char* desc, GDBusMethodInvocation *inv)
: request_info(type, client, req_id, subj, desc)
, invocation(inv)
{
- gsize size;
- int client_pid;
- char *decoded = NULL;
- const char *zone_name = NULL;
- char *pkg_id = NULL;
-
- decoded = reinterpret_cast<char*>(g_base64_decode(cookie, &size));
- IF_FAIL_CATCH_TAG(decoded, _E, "Cookie decoding failed");
-
- raw_cookie = decoded;
- client_pid = security_server_get_cookie_pid(decoded);
- pkg_id = security_server_get_smacklabel_cookie(decoded);
- g_free(decoded);
- IF_FAIL_CATCH_TAG(client_pid > 0, _E, "Invalid PID (%d)", client_pid);
-
- if (pkg_id == NULL) {
- _W(RED("security_server_get_smacklabel_cookie() failed"));
- char* app_id = NULL;
- app_manager_get_app_id(client_pid, &app_id);
- client_app_id = ctx::privilege_manager::get_pkg_id(app_id);
- g_free(app_id);
- } else {
- //FIXME: Yes.. this is actually the package id
- client_app_id = pkg_id;
- g_free(pkg_id);
- }
-
- zone_name = ctx::zone_util::get_name_by_pid(client_pid);
- IF_FAIL_CATCH_TAG(zone_name, _E, RED("Zone name retrieval failed"));
- _zone_name = zone_name;
-
- _SD(CYAN("Package: '%s' / Zone: '%s'"), client_app_id.c_str(), zone_name);
- return;
-
-CATCH:
- invocation = NULL;
- throw ERR_OPERATION_FAILED;
}
ctx::client_request::~client_request()
g_dbus_method_invocation_return_value(invocation, g_variant_new("(iss)", ERR_OPERATION_FAILED, EMPTY_JSON_OBJECT, EMPTY_JSON_OBJECT));
}
-const char* ctx::client_request::get_cookie()
+bool ctx::client_request::set_peer_creds(const char *smack_label, const char *zone)
{
- return raw_cookie.c_str();
+ IF_FAIL_RETURN_TAG(smack_label && zone, false, _E, "Invalid parameter");
+ client_app_id = smack_label;
+ _zone_name = zone;
+ return true;
}
const char* ctx::client_request::get_app_id()
/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd.
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
class client_request : public request_info {
public:
- client_request(int type, const char* client, int req_id, const char* subj, const char* desc, const char* cookie, GDBusMethodInvocation *inv);
+ client_request(int type, const char* client, int req_id, const char* subj, const char* desc, GDBusMethodInvocation *inv);
~client_request();
- const char* get_cookie();
+ bool set_peer_creds(const char *smack_label, const char *zone);
const char* get_app_id();
bool reply(int error);
private:
GDBusMethodInvocation *invocation;
- std::string raw_cookie;
std::string client_app_id;
- std::string exec_path;
};
} /* namespace ctx */
#include <dbus_listener_iface.h>
#include "server.h"
#include "client_request.h"
+#include "access_control/peer_creds.h"
+#include "zone_util_impl.h"
#include "dbus_server_impl.h"
static ctx::dbus_server_impl *_instance = NULL;
_I("[%s] ReqId: %d, Subject: %s", req_type_to_str(req_type), req_id, subject);
_SI("Input: %s", input);
- //TODO: Parameter validation
-
ctx::client_request *request = NULL;
try {
- request = new ctx::client_request(req_type, sender, req_id, subject, input, cookie, invocation);
+ request = new ctx::client_request(req_type, sender, req_id, subject, input, invocation);
} catch (std::bad_alloc& ba) {
_E("Memory allocation failed");
g_dbus_method_invocation_return_value(invocation, g_variant_new("(iss)", ERR_OPERATION_FAILED, EMPTY_JSON_OBJECT, EMPTY_JSON_OBJECT));
return;
- } catch (int e) {
- _E("Caught %d", e);
+ }
+
+ std::string smack_label = ctx::peer_creds::get_smack_label(dbus_connection, sender);
+ pid_t pid = ctx::peer_creds::get_pid(dbus_connection, sender);
+ const char* zone = ctx::zone_util::get_name_by_pid(pid);
+
+ if (smack_label.empty() || !request->set_peer_creds(smack_label.c_str(), zone)) {
g_dbus_method_invocation_return_value(invocation, g_variant_new("(iss)", ERR_OPERATION_FAILED, EMPTY_JSON_OBJECT, EMPTY_JSON_OBJECT));
return;
}
projects / platform / core / context / context-service.git / commitdiff