From: Daeheyon Jung Date: Mon, 17 Sep 2018 05:56:58 +0000 (+0900) Subject: Change the way to create credentials object X-Git-Tag: submit/tizen/20190208.015210~17 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=d91f128dfe77deeeb1f190aa47864a22320b7417;p=platform%2Fcore%2Fappfw%2Fcapmgr.git Change the way to create credentials object Change-Id: Ic8f014732bf9a40945b63ba10ae34adaf42bd82b --- diff --git a/src/common/dbus_service.cc b/src/common/dbus_service.cc index 24a88ce..daf3ed5 100755 --- a/src/common/dbus_service.cc +++ b/src/common/dbus_service.cc @@ -86,34 +86,6 @@ std::map file_map_; namespace capmgr { -struct GDBusCredentials : public SecurityManager::Credentials { - public: - GDBusCredentials() { init_ = false; } - GDBusCredentials(int pid, const char* user, const char* smack_label); - ~GDBusCredentials(); - bool Init(const gchar* sender, GDBusConnection* conn); - private: - gchar* sender_; - GDBusConnection* conn_; -}; - -GDBusCredentials::GDBusCredentials(int pid, const char* user, - const char* smack_label) { - pid_ = pid; - init_ = false; - smack_label_ = strdup(smack_label); - if (!smack_label_) { - return; - } - - user_ = strdup(user); - if (!user_) { - free(smack_label_); - smack_label_ = nullptr; - return; - } -} - SecurityManager::Credentials GetCredentials( GDBusConnection* conn, const gchar* sender) { int ret = 0; @@ -124,54 +96,23 @@ SecurityManager::Credentials GetCredentials( ret = cynara_creds_gdbus_get_user(conn, sender, USER_METHOD_DEFAULT, &user); if (ret != CYNARA_API_SUCCESS) { LOG(ERROR) << "cynara_creds_gdbus_get_user() failed: " << ret; - return GDBusCredentials(); + return SecurityManager::Credentials(); } ret = cynara_creds_gdbus_get_client(conn, sender, CLIENT_METHOD_DEFAULT, &client); if (ret != CYNARA_API_SUCCESS) { LOG(ERROR) << "cynara_creds_gdbus_get_client() failed: " << ret; - return GDBusCredentials(); + return SecurityManager::Credentials(); } ret = cynara_creds_gdbus_get_pid(conn, sender, &pid); if (ret != CYNARA_API_SUCCESS) { LOG(ERROR) << "cynara_creds_gdbus_get_pid() failed: " << ret; - return GDBusCredentials(); + return SecurityManager::Credentials(); } - GDBusCredentials c = GDBusCredentials(pid, client, user); - if (!c.Init(sender, conn)) - return GDBusCredentials(); - - return c; -} - -GDBusCredentials::~GDBusCredentials() { - if (smack_label_) - free(smack_label_); - - if (user_) - free(user_); - - if (sender_) - g_free(sender_); - - if (conn_) - g_object_unref(conn_); -} - -bool GDBusCredentials::Init(const gchar* sender, GDBusConnection* conn) { - sender_ = g_strdup(sender); - if (!sender_) { - init_ = false; - return false; - } - - conn_ = reinterpret_cast(g_object_ref(conn)); - init_ = true; - - return true; + return SecurityManager::Credentials(pid, client, user); } DBusService::DBusService() { @@ -355,6 +296,11 @@ bool DBusService::HandleSendFile(GVariant* params, } SecurityManager::Credentials c = GetCredentials(connection, sender); + if (!c.IsInit()) { + LOG(ERROR) << "Failed to create credentials"; + return false; + } + if (!SecurityManager::CheckFilePermission(file_path_str, c)) { LOG(ERROR) << "File permission error: " << file_path_str; g_dbus_method_invocation_return_value(invocation, g_variant_new("(i)", -1)); diff --git a/src/common/security_manager.cc b/src/common/security_manager.cc index 6e50428..ca2fbee 100755 --- a/src/common/security_manager.cc +++ b/src/common/security_manager.cc @@ -10,6 +10,36 @@ namespace capmgr { + +SecurityManager::Credentials::Credentials(): init_(false) {} + +SecurityManager::Credentials::Credentials(int pid, const char* user, + const char* smack_label) { + pid_ = pid; + init_ = false; + smack_label_ = strdup(smack_label); + if (!smack_label_) { + return; + } + + user_ = strdup(user); + if (!user_) { + free(smack_label_); + smack_label_ = nullptr; + return; + } + + init_ = true; +} + +SecurityManager::Credentials::~Credentials() { + if (smack_label_) + free(smack_label_); + + if (user_) + free(user_); +} + bool SecurityManager::Credentials::IsInit() { return this->init_; } diff --git a/src/common/security_manager.h b/src/common/security_manager.h index 88e5c56..542bbc3 100755 --- a/src/common/security_manager.h +++ b/src/common/security_manager.h @@ -13,10 +13,15 @@ class SecurityManager { public: struct Credentials { public: + Credentials(); + Credentials(int pid, const char* user, const char* smack_label); + ~Credentials(); + int GetPid(); const char* GetUser(); const char* GetSmackLabel(); bool IsInit(); + protected: bool init_; int pid_;