From: Brian McGillion Date: Thu, 4 Aug 2011 14:13:16 +0000 (+0300) Subject: add smack_get_peer_label for sockets. X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=41449e7d75b7844d9946aafdb6fb94bca3a87da4;p=framework%2Fsecurity%2Fsmack.git add smack_get_peer_label for sockets. --- diff --git a/src/smack.c b/src/smack.c index 4dbdc94..46c8b07 100644 --- a/src/smack.c +++ b/src/smack.c @@ -29,6 +29,7 @@ #include #include #include +#include #define SMACK_LEN 23 @@ -447,6 +448,40 @@ int smack_have_access(const char *path, const char *subject, return res; } +int smack_get_peer_label(int sock_fd, char **label) +{ + *label = NULL; + char *value; + int ret; + socklen_t length = SMACK_LEN + 1; + + value = calloc(length, 1); + if (!value) + return -1; + + ret = getsockopt(sock_fd, SOL_SOCKET, SO_PEERSEC, value, &length); + if (ret == -1) + { + if (errno == ERANGE) + { + char *val2; + val2 = realloc(value, length); + if (!val2) + goto err; + + value = val2; + ret = getsockopt(sock_fd, SOL_SOCKET, SO_PEERSEC, value, &length); + } + } + + if (ret == 0) + *label = strndup(value, length); + +err: + free(value); + return ret; +} + static int update_rule(struct smack_subject **subjects, const char *subject_str, const char *object_str, unsigned ac) diff --git a/src/smack.h b/src/smack.h index 6484a2a..efa6e93 100644 --- a/src/smack.h +++ b/src/smack.h @@ -193,6 +193,16 @@ extern int smack_rule_set_iter_next(SmackRuleSetIter iter, extern int smack_have_access(const char *path, const char *subject, const char *object, const char *access_type); +/*! + * Get the label that is associated with a peer on the other + * end of a socket. + * + * @param sock_fd The file descriptor of the socket + * @param label (out) The NULL terminated label of the socket if it exists, the caller is responsible to call free on label. + * @return 0 on success, -1 otherwise. + */ +extern int smack_get_peer_label(int sock_fd, char **label); + #ifdef __cplusplus } #endif