From: Jarkko Sakkinen Date: Mon, 22 Nov 2010 14:47:43 +0000 (-0800) Subject: Removed those parts of API that are not needed in RPM aegis plugin or X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=dd3b448168db33ad9c862d3c013baa3f565b0478;p=framework%2Fsecurity%2Fsmack.git Removed those parts of API that are not needed in RPM aegis plugin or libcreds3. Can be readded later on if needed easily. --- diff --git a/src/Makefile.am b/src/Makefile.am index 319e376..1cb22e3 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -2,4 +2,4 @@ ACLOCAL_AMFLAGS = -I m4 lib_LTLIBRARIES = libsmack.la libsmack_la_LDFLAGS = -version-info 1:0 -libsmack_la_SOURCES = smack_rules.c smack_users.c smack_xattr.c +libsmack_la_SOURCES = smack_rules.c smack_xattr.c diff --git a/src/smack.h b/src/smack.h index d0de089..59d7254 100644 --- a/src/smack.h +++ b/src/smack.h @@ -37,11 +37,6 @@ */ typedef struct smack_rules *smack_rules_t; -/*! - * Handle to a in-memory representation of set of Smack users. - */ -typedef struct smack_users *smack_users_t; - #ifdef __cplusplus extern "C" { #endif @@ -145,69 +140,6 @@ extern void smack_remove_rules_by_object(smack_rules_t handle, */ extern int smack_have_access_rule(smack_rules_t handle, const char *subject, const char *object, const char *access); -/*! - * Create users database. The returned rule set must be freed with - * smack_destroy_rules(). - * - * @return handle to the users db. Returns NULL if creation fails. - */ -extern smack_users_t smack_create_users(); - -/*! - * Free users database. - * - * @param handle handle to a rules - */ -extern void smack_destroy_users(smack_users_t handle); - -/*! - * Read users from a given file. - * - * @param handle handle to an users db - * @param path path to the file containing users - * @return 0 on success - */ -extern int smack_read_users_from_file(smack_users_t handle, const char *path); - -/*! - * Write users to a given file. - * - * @param handle handle to an users db - * @param path path to the users file - * @return 0 on success - */ -extern int smack_write_users_to_file(smack_users_t handle, const char *path); - -/*! - * Add user to the user db. Updates existing user if user is already in the - * user db. - * - * @param handle handle to the users db - * @param user user name - * @param label user label - */ -extern int smack_add_user(smack_users_t handle, const char *user, - const char *label); - -/*! - * Remove user from the user db. - * - * @param handle handle to the users db - * @param user user name - * @return 0 if user was found from user db. - */ -extern int smack_remove_user(smack_users_t handle, const char *user); - -/*! - * Get label of user. - * - * @param handle handle to an users db - * @param user user name - * - * @return pointer to a string containing label of the user. Returns NULL - * on failure. - */ -const char *smack_get_user_label(smack_users_t handle, const char *user); /*! * Set SMACK64 security attribute for a given file. @@ -229,25 +161,6 @@ extern int smack_set_smack_to_file(const char *path, const char *smack); extern int smack_get_smack_from_file(const char *path, char **smack); /*! - * Set SMACK64 security attribute for a given file or symbolic link. - * - * @param path path to a file - * @param smack new value - * @return 0 on success - */ -extern int smack_set_smack_to_file_or_symlink(const char *path, const char *smack); - -/*! - * Get SMACK64 security attribute for a given file or symlink. - * Allocated memory must be freed by the caller. - * - * @param path path to a file - * @param smack current value - * @return 0 on success - */ -extern int smack_get_smack_from_file_or_symlink(const char *path, char **smack); - -/*! * Get SMACK64 security attribute for a given pid. * * @param pid pid of a process diff --git a/src/smack_users.c b/src/smack_users.c deleted file mode 100644 index 63809d0..0000000 --- a/src/smack_users.c +++ /dev/null @@ -1,187 +0,0 @@ -/* - * This file is part of libsmack - * - * Copyright (C) 2010 Nokia Corporation - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License - * version 2.1 as published by the Free Software Foundation. - * - * This library is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA - * - * Authors: - * Jarkko Sakkinen - */ - -#include "smack.h" -#include -#include -#include -#include -#include -#include - -#define SMACK64_LEN 23 - -struct smack_user { - char *user; - char label[SMACK64_LEN + 1]; - UT_hash_handle hh; -}; - -struct smack_users { - struct smack_user *users; -}; - -static int update_user(struct smack_user **users, - const char *user, const char *label); -static void destroy_users(struct smack_user **users); - -smack_users_t smack_create_users() -{ - struct smack_users *result = - calloc(1, sizeof(struct smack_users)); - return result; -} - -void smack_destroy_users(smack_users_t handle) -{ - destroy_users(&handle->users); - free(handle); -} - -int smack_read_users_from_file(smack_users_t handle, const char *path) -{ - FILE *file; - char *buf = NULL; - size_t size; - const char *user, *label; - struct smack_user *users = NULL; - int ret = 0; - - file = fopen(path, "r"); - if (file == NULL) - return -1; - - while (ret == 0 && getline(&buf, &size, file) != -1) { - user = strtok(buf, " \n"); - label = strtok(NULL, " \n"); - - if (user == NULL || label == NULL || - strtok(NULL, " \n") != NULL) - ret = -1; - else - ret = update_user(&users, user, label); - - free(buf); - buf = NULL; - } - - if (ferror(file)) - ret = -1; - - if (ret == 0) { - destroy_users(&handle->users); - handle->users = users; - } else { - destroy_users(&users); - } - - free(buf); - fclose(file); - return 0; -} - -int smack_write_users_to_file(smack_users_t handle, const char *path) -{ - struct smack_user *u, *tmp; - FILE *file; - int err; - - file = fopen(path, "w+"); - if (!file) - return -1; - - HASH_ITER(hh, handle->users, u, tmp) { - err = fprintf(file, "%s %s\n", - u->user, u->label); - if (err < 0) { - fclose(file); - return errno; - } - } - - fclose(file); - return 0; -} - -int smack_add_user(smack_users_t handle, const char *user, const char *label) -{ - int ret; - ret = update_user(&handle->users, user, label); - return ret == 0 ? 0 : -1; -} - -int smack_remove_user(smack_users_t handle, const char *user) -{ - struct smack_user *u = NULL; - - HASH_FIND_STR(handle->users, user, u); - if (u == NULL) - return -1; - - HASH_DEL(handle->users, u); - free(u); - return 0; -} - -const char *smack_get_user_label(smack_users_t handle, const char *user) -{ - struct smack_user *u; - - HASH_FIND_STR(handle->users, user, u); - - if (u == NULL) - return; - - return u->label; -} - -static int update_user(struct smack_user **users, - const char *user, const char *label) -{ - struct smack_user *u = NULL; - - if (strlen(label) > SMACK64_LEN) - return -ERANGE; - - HASH_FIND_STR(*users, user, u); - if (u == NULL) { - u = calloc(1, sizeof(struct smack_user)); - u->user = strdup(user); - HASH_ADD_KEYPTR( hh, *users, u->user, strlen(u->user), u); - } - - strcpy(u->label, label); - return 0; -} - -static void destroy_users(struct smack_user **users) -{ - struct smack_user *u, *tmp; - - HASH_ITER(hh, *users, u, tmp) { - HASH_DEL(*users, u); - free(u->user); - free(u); - } -} - diff --git a/src/smack_xattr.c b/src/smack_xattr.c index b28b538..a7b97f4 100644 --- a/src/smack_xattr.c +++ b/src/smack_xattr.c @@ -69,41 +69,6 @@ int smack_get_smack_from_file(const char *path, char **smack) return 0; } -int smack_set_smack_to_file_or_symlink(const char *path, const char *smack) -{ - size_t size; - int ret; - - size = strlen(smack); - if (size > SMACK64_LEN) - return -1; - - return lsetxattr(path, SMACK64, smack, size, 0); -} - -int smack_get_smack_from_file_or_symlink(const char *path, char **smack) -{ - ssize_t ret; - char *buf; - - ret = lgetxattr(path, SMACK64, NULL, 0); - if (ret < 0) - return -1; - - buf = malloc(ret + 1); - - ret = lgetxattr(path, SMACK64, buf, ret); - if (ret < 0) { - free(buf); - return -1; - } - - buf[ret] = '\0'; - *smack = buf; - return 0; - -} - int smack_set_smackexec_to_file(const char *path, const char *smack) { size_t size; diff --git a/tests/Makefile.am b/tests/Makefile.am index 4fd6816..2c51a6e 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -1,14 +1,10 @@ -TESTS = check_rules check_users check_xattr -check_PROGRAMS = check_rules check_users check_xattr +TESTS = check_rules check_xattr +check_PROGRAMS = check_rules check_xattr check_rules_SOURCES = check_rules.c $(top_builddir)/src/smack.h check_rules_CFLAGS = @CHECK_CFLAGS@ check_rules_LDADD = $(top_builddir)/src/libsmack.la @CHECK_LIBS@ -check_users_SOURCES = check_users.c $(top_builddir)/src/smack.h -check_users_CFLAGS = @CHECK_CFLAGS@ -check_users_LDADD = $(top_builddir)/src/libsmack.la @CHECK_LIBS@ - check_xattr_SOURCES = check_xattr.c $(top_builddir)/src/smack.h check_xattr_CFLAGS = @CHECK_CFLAGS@ check_xattr_LDADD = $(top_builddir)/src/libsmack.la @CHECK_LIBS@ diff --git a/tests/check_users.c b/tests/check_users.c deleted file mode 100644 index 009964f..0000000 --- a/tests/check_users.c +++ /dev/null @@ -1,168 +0,0 @@ -/* - * This file is part of libsmack - * - * Copyright (C) 2010 Nokia Corporation - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License - * version 2.1 as published by the Free Software Foundation. - * - * This library is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA - * - * Author: Jarkko Sakkinen - */ - -#include -#include -#include -#include "../src/smack.h" - -static int files_equal(const char *filename1, const char *filename2); - -START_TEST(test_add_user) -{ - int rc; - smack_users_t users = smack_create_users(); - fail_unless(users != NULL, "Users creation failed"); - rc = smack_read_users_from_file(users, "data/add_user-in.txt"); - fail_unless(rc == 0, "Failed to read users"); - - rc = smack_add_user(users, "zip", "Zap"); - fail_unless(rc == 0, "Failed to add user"); - - rc = smack_write_users_to_file(users, "add_user-result.txt"); - fail_unless(rc == 0, "Failed to write ruleset"); - rc = files_equal("add_user-result.txt", "data/add_user-excepted.txt"); - fail_unless(rc == 1, "Unexcepted result"); - smack_destroy_users(users); -} -END_TEST - -START_TEST(test_remove_user) -{ - int rc; - smack_users_t users = smack_create_users(); - fail_unless(users != NULL, "Users creation failed"); - rc = smack_read_users_from_file(users, "data/add_user-in.txt"); - fail_unless(rc == 0, "Failed to read users"); - - rc = smack_remove_user(users, "bar"); - fail_unless(rc == 0, "Failed to remove user"); - - rc = smack_write_users_to_file(users, "remove_user-result.txt"); - fail_unless(rc == 0, "Failed to write ruleset"); - - rc = files_equal("remove_user-result.txt", "data/remove_user-excepted.txt"); - fail_unless(rc == 1, "Unexcepted result"); - - smack_destroy_users(users); -} -END_TEST - -START_TEST(test_user_label) -{ - int rc; - const char *l; - - smack_users_t users = smack_create_users(); - fail_unless(users != NULL, "Users creation failed"); - - rc = smack_read_users_from_file(users, "data/add_user-in.txt"); - fail_unless(rc == 0, "Failed to read users"); - - l = smack_get_user_label(users, "bar"); - fail_unless(l != NULL, "Label not found"); - fail_unless(strcmp(l, "Orange") == 0, "Unexcepted label %s", l); - - smack_destroy_users(users); -} -END_TEST - -Suite *ruleset_suite (void) -{ - Suite *s; - TCase *tc_core; - - s = suite_create("User"); - - tc_core = tcase_create("Users"); - tcase_add_test(tc_core, test_add_user); - tcase_add_test(tc_core, test_remove_user); - tcase_add_test(tc_core, test_user_label); - suite_add_tcase(s, tc_core); - - return s; -} - -int main(void) -{ - int nfailed; - Suite *s = ruleset_suite(); - SRunner *sr = srunner_create(s); - srunner_set_log(sr, "check_users.log"); - srunner_run_all(sr, CK_ENV); - nfailed = srunner_ntests_failed(sr); - srunner_free(sr); - return (nfailed == 0) ? EXIT_SUCCESS : EXIT_FAILURE; -} - -static int files_equal(const char *filename1, const char *filename2) -{ - FILE *fp1 = NULL; - FILE *fp2 = NULL; - char ch1, ch2; - int rc = 0; - - fp1 = fopen(filename1, "rb"); - if (fp1 == NULL) { - goto out; - } - - fp2 = fopen(filename2, "rb"); - if (fp2 == NULL) { - goto out; - } - - rc = 1; - for (;;) { - if (feof(fp1) && feof(fp2)) - break; - - if (feof(fp1) || feof(fp2)) { - rc = 0; - break; - } - - ch1 = fgetc(fp1); - if (ferror(fp1)) { - rc = 0; - break; - } - - ch2 = fgetc(fp2); - if (ferror(fp2)) { - rc = 0; - break; - } - - if (ch1 != ch2) { - rc = 0; - break; - } - } -out: - if (fp1 != NULL) - fclose(fp1); - if (fp2 != NULL) - fclose(fp2); - return rc; -} - diff --git a/tests/check_xattr.c b/tests/check_xattr.c index fd415f6..f03a4bb 100644 --- a/tests/check_xattr.c +++ b/tests/check_xattr.c @@ -50,27 +50,6 @@ START_TEST(test_set_smack_to_file) } END_TEST -START_TEST(test_set_smack_to_file_symlink) -{ - FILE *file; - int rc = 0; - char *smack = NULL; - - symlink("unknown.txt", "set_smack-symlink.txt"); - - rc = smack_set_smack_to_file_or_symlink("set_smack-symlink.txt", "Apple"); - fail_unless(rc == 0, "Failed to set SMACK64"); - - rc = smack_get_smack_from_file_or_symlink("set_smack-symlink.txt", &smack); - fail_unless(rc == 0, "Failed to get SMACK64"); - - rc = strcmp(smack, "Apple"); - fail_unless(rc == 0, "smack %s not equal to Apple", smack); - - free(smack); -} -END_TEST - START_TEST(test_set_smackexec_to_file) { FILE *file; @@ -103,7 +82,6 @@ Suite *ruleset_suite (void) tc_core = tcase_create("Xattr"); tcase_add_test(tc_core, test_set_smack_to_file); - tcase_add_test(tc_core, test_set_smack_to_file_symlink); tcase_add_test(tc_core, test_set_smackexec_to_file); suite_add_tcase(s, tc_core);