*/
#include <cstdio>
+#include <functional>
+#include <memory>
#include <utility>
#include <unistd.h>
delete[] levels;
}
+lib_retcode get_privileges_mapping(const std::string &from_version,
+ const std::string &to_version,
+ const std::vector<std::string> &privileges,
+ char ***privileges_mappings,
+ size_t *mappings_count)
+{
+ using namespace SecurityManager;
+ MessageBuffer send, recv;
+ Serialization::Serialize(send, static_cast<int>(SecurityModuleCall::GET_PRIVILEGES_MAPPING));
+ Serialization::Serialize(send, from_version);
+ Serialization::Serialize(send, to_version);
+ Serialization::Serialize(send, privileges);
+
+ //send buffer to server
+ int retval = sendToServer(SERVICE_SOCKET, send.Pop(), recv);
+ if (retval != SECURITY_MANAGER_API_SUCCESS) {
+ LogError("Error in sendToServer. Error code: " << retval);
+ return SECURITY_MANAGER_ERROR_UNKNOWN;
+ }
+
+ //receive response from server
+ Deserialization::Deserialize(recv, retval);
+
+ switch(retval) {
+ case SECURITY_MANAGER_API_SUCCESS:
+ // success - continue
+ break;
+ case SECURITY_MANAGER_API_ERROR_OUT_OF_MEMORY:
+ return SECURITY_MANAGER_ERROR_MEMORY;
+ case SECURITY_MANAGER_API_ERROR_INPUT_PARAM:
+ return SECURITY_MANAGER_ERROR_INPUT_PARAM;
+ default:
+ return SECURITY_MANAGER_ERROR_UNKNOWN;
+ }
+
+ unsigned int count;
+ Deserialization::Deserialize(recv, count);
+ LogInfo("Number of privilege mappings: " << count);
+ size_t i = 0;
+ auto free_mapping = std::bind(security_manager_privilege_mapping_free,
+ std::placeholders::_1, std::ref(i));
+ std::unique_ptr<char *[], decltype (free_mapping)> mappings_ptr(new char *[count], free_mapping);
+
+ for (; i < count; ++i) {
+ std::string privilege_mapping;
+ Deserialization::Deserialize(recv, privilege_mapping);
+ if (privilege_mapping.empty()) {
+ LogError("Unexpected empty privilege mapping");
+ return SECURITY_MANAGER_ERROR_UNKNOWN;
+ }
+
+ mappings_ptr.get()[i] = strdup(privilege_mapping.c_str());
+ if (mappings_ptr.get()[i] == nullptr)
+ return SECURITY_MANAGER_ERROR_MEMORY;
+ }
+
+ *privileges_mappings = mappings_ptr.release();
+ *mappings_count = count;
+
+ return SECURITY_MANAGER_SUCCESS;
+}
+
SECURITY_MANAGER_API
int security_manager_get_privileges_mapping(const char *from_version,
const char *to_version,
char ***privileges_mappings,
size_t *mappings_count)
{
- (void)to_version;
- if (from_version == nullptr || privileges == nullptr ||
- privileges_mappings == nullptr || mappings_count == nullptr || privileges_count == 0) {
+ if (from_version == nullptr || privileges_mappings == nullptr || mappings_count == nullptr) {
return SECURITY_MANAGER_ERROR_INPUT_PARAM;
}
- return SECURITY_MANAGER_ERROR_UNKNOWN;
+ return try_catch([&] {
+ std::vector<std::string> privilegesToMap;
+ if (privileges != nullptr) {
+ privilegesToMap.reserve(privileges_count);
+ privilegesToMap.insert(privilegesToMap.end(), privileges, privileges + privileges_count);
+ }
+ if (to_version == nullptr)
+ to_version = "";
+ LogDebug("security_manager_get_privileges_mapping() called with :"
+ " from_version = " << from_version << " to_version = " << to_version <<
+ " privileges_count " << privilegesToMap.size());
+
+ return get_privileges_mapping(from_version, to_version, privilegesToMap,
+ privileges_mappings, mappings_count);
+
+ });
}
SECURITY_MANAGER_API
void security_manager_privilege_mapping_free(char **privileges_mappings, size_t mappings_count)
{
- (void)privileges_mappings;
- (void)mappings_count;
+ for(size_t i = 0; i < mappings_count; i++)
+ free(privileges_mappings[i]);
+ delete [] privileges_mappings;
}
case SecurityModuleCall::POLICY_GET_DESCRIPTIONS:
processPolicyGetDesc(send);
break;
+ case SecurityModuleCall::GET_PRIVILEGES_MAPPING:
+ processPrivilegesMappings(buffer, send);
+ break;
default:
LogError("Invalid call: " << call_type_int);
Throw(ServiceException::InvalidAction);
}
}
+void Service::processPrivilegesMappings(MessageBuffer &recv, MessageBuffer &send)
+{
+ std::vector<std::string> privileges;
+ std::string version_from, version_to;
+ Deserialization::Deserialize(recv, version_from);
+ Deserialization::Deserialize(recv, version_to);
+ Deserialization::Deserialize(recv, privileges);
+
+ int ret = SECURITY_MANAGER_API_SUCCESS;
+ std::vector<std::string> mappings;
+ Serialization::Serialize(send, ret);
+ Serialization::Serialize(send, mappings);
+}
+
} // namespace SecurityManager