From: hyunsube-lee <hyunsube.lee@samsung.com>
Date: Fri, 16 May 2025 05:14:17 +0000 (+0900)
Subject: Change to get smack label via cynara API
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fheads%2Ftizen;p=platform%2Fcore%2Fapi%2Fhttp.git

Change to get smack label via cynara API

Change-Id: I071837928ca217abe1129ab2a21472ef6c36302c
---

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 05aa278..1b107b7 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -9,7 +9,7 @@ SET(PREFIX ${CMAKE_INSTALL_PREFIX})
 SET(INC_DIR include)
 INCLUDE_DIRECTORIES(${INC_DIR})
 
-SET(dependents "dlog gio-2.0 gio-unix-2.0 glib-2.0 capi-base-common capi-network-connection libcurl cynara-client")
+SET(dependents "dlog gio-2.0 gio-unix-2.0 glib-2.0 capi-base-common capi-network-connection libcurl cynara-client cynara-creds-self")
 
 IF("${CMAKE_BUILD_TYPE}" STREQUAL "")
 	SET(CMAKE_BUILD_TYPE "Release")
diff --git a/packaging/capi-network-http.spec b/packaging/capi-network-http.spec
index f76b6f7..c196799 100644
--- a/packaging/capi-network-http.spec
+++ b/packaging/capi-network-http.spec
@@ -12,6 +12,7 @@ BuildRequires:	pkgconfig(gio-2.0)
 BuildRequires:	pkgconfig(capi-network-connection)
 BuildRequires:	pkgconfig(libcurl)
 BuildRequires:	pkgconfig(cynara-client)
+BuildRequires:	pkgconfig(cynara-creds-self)
 BuildRequires:	pkgconfig(gmock)
 BuildRequires:	cmake
 %if 0%{?gcov:1}
diff --git a/src/http_common.c b/src/http_common.c
index c2204cf..8c5fc51 100644
--- a/src/http_common.c
+++ b/src/http_common.c
@@ -25,6 +25,7 @@
 #include <unistd.h>
 #include <pthread.h>
 #include <cynara-client.h>
+#include <cynara-creds-self.h>
 
 #define SMACK_LABEL_LEN 255
 
@@ -38,12 +39,11 @@ bool _http_is_init(void)
 
 bool _http_check_permission(http_privilege_e _privilege)
 {
-	FILE *fd;
 	int ret;
-	char smack_label[SMACK_LABEL_LEN + 1] = {0, };
 	char uid[10];
 	char *client_session = "";
 	char *privilege = NULL;
+	char *smack_label = NULL;
 
 	cynara *p_cynara;
 
@@ -52,23 +52,13 @@ bool _http_check_permission(http_privilege_e _privilege)
 		return false;
 	}
 
-	bzero(smack_label, SMACK_LABEL_LEN + 1);
-
 	/* get smack label */
-	fd = fopen("/proc/self/attr/current", "r");
-	if (fd == NULL) {
-		ERR("Failed to open /proc/self/attr/current\n");
+	ret = cynara_creds_self_get_client(CLIENT_METHOD_DEFAULT, &smack_label);
+	if (ret != CYNARA_API_SUCCESS) {
+		ERR("failed to get smack label");
 		return false;
 	}
 
-	ret = fread(smack_label, SMACK_LABEL_LEN, 1, fd);
-	if (ret < 0) {
-		ERR("Failed[%d] to read /proc/self/attr/current\n", ferror(fd));
-		fclose(fd);
-		return false;
-	}
-	fclose(fd);
-
 	/* get uid */
 	snprintf(uid, sizeof(uid), "%d", getuid());
 
@@ -87,8 +77,11 @@ bool _http_check_permission(http_privilege_e _privilege)
 
 	/* cynara check */
 	ret = cynara_check(p_cynara, smack_label, client_session, uid, privilege);
+	if (smack_label)
+		free(smack_label);
 	cynara_finish(p_cynara);
 
+
 	return (ret == CYNARA_API_ACCESS_ALLOWED) ? true : false;
 }