D-Bus  1.6.12
dbus-credentials.c
1 /* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
2 /* dbus-credentials.c Credentials provable through authentication
3  *
4  * Copyright (C) 2007 Red Hat Inc.
5  *
6  * Licensed under the Academic Free License version 2.1
7  *
8  * This program is free software; you can redistribute it and/or modify
9  * it under the terms of the GNU General Public License as published by
10  * the Free Software Foundation; either version 2 of the License, or
11  * (at your option) any later version.
12  *
13  * This program is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16  * GNU General Public License for more details.
17  *
18  * You should have received a copy of the GNU General Public License
19  * along with this program; if not, write to the Free Software
20  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
21  *
22  */
23 #include <config.h>
24 #include <string.h>
25 #include "dbus-credentials.h"
26 #include "dbus-internals.h"
27 
49  int refcount;
50  dbus_uid_t unix_uid;
51  dbus_pid_t unix_pid;
52  char *windows_sid;
53  void *adt_audit_data;
54  dbus_int32_t adt_audit_data_size;
55 };
56 
71 {
72  DBusCredentials *creds;
73 
74  creds = dbus_new (DBusCredentials, 1);
75  if (creds == NULL)
76  return NULL;
77 
78  creds->refcount = 1;
79  creds->unix_uid = DBUS_UID_UNSET;
80  creds->unix_pid = DBUS_PID_UNSET;
81  creds->windows_sid = NULL;
82  creds->adt_audit_data = NULL;
83  creds->adt_audit_data_size = 0;
84 
85  return creds;
86 }
87 
94 {
95  DBusCredentials *creds;
96 
97  creds = _dbus_credentials_new ();
98  if (creds == NULL)
99  return NULL;
100 
102  {
103  _dbus_credentials_unref (creds);
104  return NULL;
105  }
106 
107  return creds;
108 }
109 
115 void
117 {
118  _dbus_assert (credentials->refcount > 0);
119  credentials->refcount += 1;
120 }
121 
127 void
129 {
130  _dbus_assert (credentials->refcount > 0);
131 
132  credentials->refcount -= 1;
133  if (credentials->refcount == 0)
134  {
135  dbus_free (credentials->windows_sid);
136  dbus_free (credentials->adt_audit_data);
137  dbus_free (credentials);
138  }
139 }
140 
150  dbus_pid_t pid)
151 {
152  credentials->unix_pid = pid;
153  return TRUE;
154 }
155 
165  dbus_uid_t uid)
166 {
167  credentials->unix_uid = uid;
168  return TRUE;
169 
170 }
171 
181  const char *windows_sid)
182 {
183  char *copy;
184 
185  copy = _dbus_strdup (windows_sid);
186  if (copy == NULL)
187  return FALSE;
188 
189  dbus_free (credentials->windows_sid);
190  credentials->windows_sid = copy;
191 
192  return TRUE;
193 }
194 
205  void *audit_data,
206  dbus_int32_t size)
207 {
208  void *copy;
209  copy = _dbus_memdup (audit_data, size);
210  if (copy == NULL)
211  return FALSE;
212 
213  dbus_free (credentials->adt_audit_data);
214  credentials->adt_audit_data = copy;
215  credentials->adt_audit_data_size = size;
216 
217  return TRUE;
218 }
219 
229  DBusCredentialType type)
230 {
231  switch (type)
232  {
233  case DBUS_CREDENTIAL_UNIX_PROCESS_ID:
234  return credentials->unix_pid != DBUS_PID_UNSET;
235  case DBUS_CREDENTIAL_UNIX_USER_ID:
236  return credentials->unix_uid != DBUS_UID_UNSET;
237  case DBUS_CREDENTIAL_WINDOWS_SID:
238  return credentials->windows_sid != NULL;
239  case DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID:
240  return credentials->adt_audit_data != NULL;
241  }
242 
243  _dbus_assert_not_reached ("Unknown credential enum value");
244  return FALSE;
245 }
246 
256 {
257  return credentials->unix_pid;
258 }
259 
269 {
270  return credentials->unix_uid;
271 }
272 
280 const char*
282 {
283  return credentials->windows_sid;
284 }
285 
293 void *
295 {
296  return credentials->adt_audit_data;
297 }
298 
308 {
309  return credentials->adt_audit_data_size;
310 }
311 
322  DBusCredentials *possible_subset)
323 {
324  return
325  (possible_subset->unix_pid == DBUS_PID_UNSET ||
326  possible_subset->unix_pid == credentials->unix_pid) &&
327  (possible_subset->unix_uid == DBUS_UID_UNSET ||
328  possible_subset->unix_uid == credentials->unix_uid) &&
329  (possible_subset->windows_sid == NULL ||
330  (credentials->windows_sid && strcmp (possible_subset->windows_sid,
331  credentials->windows_sid) == 0)) &&
332  (possible_subset->adt_audit_data == NULL ||
333  (credentials->adt_audit_data && memcmp (possible_subset->adt_audit_data,
334  credentials->adt_audit_data,
335  credentials->adt_audit_data_size) == 0));
336 }
337 
346 {
347  return
348  credentials->unix_pid == DBUS_PID_UNSET &&
349  credentials->unix_uid == DBUS_UID_UNSET &&
350  credentials->windows_sid == NULL &&
351  credentials->adt_audit_data == NULL;
352 }
353 
362 {
363  return
364  credentials->unix_uid == DBUS_UID_UNSET &&
365  credentials->windows_sid == NULL;
366 }
367 
378  DBusCredentials *other_credentials)
379 {
380  return
382  DBUS_CREDENTIAL_UNIX_PROCESS_ID,
383  other_credentials) &&
385  DBUS_CREDENTIAL_UNIX_USER_ID,
386  other_credentials) &&
388  DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID,
389  other_credentials) &&
391  DBUS_CREDENTIAL_WINDOWS_SID,
392  other_credentials);
393 }
394 
409  DBusCredentialType which,
410  DBusCredentials *other_credentials)
411 {
412  if (which == DBUS_CREDENTIAL_UNIX_PROCESS_ID &&
413  other_credentials->unix_pid != DBUS_PID_UNSET)
414  {
415  if (!_dbus_credentials_add_unix_pid (credentials, other_credentials->unix_pid))
416  return FALSE;
417  }
418  else if (which == DBUS_CREDENTIAL_UNIX_USER_ID &&
419  other_credentials->unix_uid != DBUS_UID_UNSET)
420  {
421  if (!_dbus_credentials_add_unix_uid (credentials, other_credentials->unix_uid))
422  return FALSE;
423  }
424  else if (which == DBUS_CREDENTIAL_WINDOWS_SID &&
425  other_credentials->windows_sid != NULL)
426  {
427  if (!_dbus_credentials_add_windows_sid (credentials, other_credentials->windows_sid))
428  return FALSE;
429  }
430  else if (which == DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID &&
431  other_credentials->adt_audit_data != NULL)
432  {
433  if (!_dbus_credentials_add_adt_audit_data (credentials, other_credentials->adt_audit_data, other_credentials->adt_audit_data_size))
434  return FALSE;
435  }
436 
437  return TRUE;
438 }
439 
445 void
447 {
448  credentials->unix_pid = DBUS_PID_UNSET;
449  credentials->unix_uid = DBUS_UID_UNSET;
450  dbus_free (credentials->windows_sid);
451  credentials->windows_sid = NULL;
452  dbus_free (credentials->adt_audit_data);
453  credentials->adt_audit_data = NULL;
454  credentials->adt_audit_data_size = 0;
455 }
456 
465 {
466  DBusCredentials *copy;
467 
468  copy = _dbus_credentials_new ();
469  if (copy == NULL)
470  return NULL;
471 
472  if (!_dbus_credentials_add_credentials (copy, credentials))
473  {
475  return NULL;
476  }
477 
478  return copy;
479 }
480 
494  DBusCredentials *other_credentials)
495 {
496  /* both windows and unix user must be the same (though pretty much
497  * in all conceivable cases, one will be unset)
498  */
499  return credentials->unix_uid == other_credentials->unix_uid &&
500  ((!(credentials->windows_sid || other_credentials->windows_sid)) ||
501  (credentials->windows_sid && other_credentials->windows_sid &&
502  strcmp (credentials->windows_sid, other_credentials->windows_sid) == 0));
503 }
504 
515  DBusString *string)
516 {
517  dbus_bool_t join;
518 
519  join = FALSE;
520  if (credentials->unix_uid != DBUS_UID_UNSET)
521  {
522  if (!_dbus_string_append_printf (string, "uid=" DBUS_UID_FORMAT, credentials->unix_uid))
523  goto oom;
524  join = TRUE;
525  }
526  if (credentials->unix_pid != DBUS_PID_UNSET)
527  {
528  if (!_dbus_string_append_printf (string, "%spid=" DBUS_PID_FORMAT, join ? " " : "", credentials->unix_pid))
529  goto oom;
530  join = TRUE;
531  }
532  else
533  join = FALSE;
534  if (credentials->windows_sid != NULL)
535  {
536  if (!_dbus_string_append_printf (string, "%ssid=%s", join ? " " : "", credentials->windows_sid))
537  goto oom;
538  join = TRUE;
539  }
540  else
541  join = FALSE;
542 
543  return TRUE;
544 oom:
545  return FALSE;
546 }
547 
550 /* tests in dbus-credentials-util.c */
dbus_uid_t _dbus_credentials_get_unix_uid(DBusCredentials *credentials)
Gets the UNIX user ID in the credentials, or DBUS_UID_UNSET if the credentials object doesn&#39;t contain...
#define NULL
A null pointer, defined appropriately for C or C++.
dbus_bool_t _dbus_credentials_include(DBusCredentials *credentials, DBusCredentialType type)
Checks whether the given credential is present.
DBusCredentials * _dbus_credentials_copy(DBusCredentials *credentials)
Copy a credentials object.
void dbus_free(void *memory)
Frees a block of memory previously allocated by dbus_malloc() or dbus_malloc0().
Definition: dbus-memory.c:700
dbus_int32_t _dbus_credentials_get_adt_audit_data_size(DBusCredentials *credentials)
Gets the ADT audit data size in the credentials, or 0 if the credentials object doesn&#39;t contain ADT a...
dbus_bool_t _dbus_credentials_add_credential(DBusCredentials *credentials, DBusCredentialType which, DBusCredentials *other_credentials)
Merge the given credential found in the second object into the first object, overwriting the first ob...
#define dbus_new(type, count)
Safe macro for using dbus_malloc().
Definition: dbus-memory.h:58
dbus_bool_t _dbus_credentials_are_superset(DBusCredentials *credentials, DBusCredentials *possible_subset)
Checks whether the first credentials object contains all the credentials found in the second credenti...
#define DBUS_PID_FORMAT
an appropriate printf format for dbus_pid_t
Definition: dbus-sysdeps.h:112
#define _dbus_assert(condition)
Aborts with an error message if the condition is false.
dbus_bool_t _dbus_credentials_add_windows_sid(DBusCredentials *credentials, const char *windows_sid)
Add a Windows user SID to the credentials.
#define DBUS_PID_UNSET
an invalid PID used to represent an uninitialized dbus_pid_t field
Definition: dbus-sysdeps.h:105
void _dbus_credentials_clear(DBusCredentials *credentials)
Clear all credentials in the object.
#define DBUS_UID_UNSET
an invalid UID used to represent an uninitialized dbus_uid_t field
Definition: dbus-sysdeps.h:107
dbus_bool_t _dbus_credentials_add_credentials(DBusCredentials *credentials, DBusCredentials *other_credentials)
Merge all credentials found in the second object into the first object, overwriting the first object ...
unsigned long dbus_pid_t
A process ID.
Definition: dbus-sysdeps.h:98
dbus_bool_t _dbus_credentials_are_anonymous(DBusCredentials *credentials)
Checks whether a credentials object contains a user identity.
dbus_uint32_t dbus_bool_t
A boolean, valid values are TRUE and FALSE.
Definition: dbus-types.h:35
DBusCredentials * _dbus_credentials_new_from_current_process(void)
Creates a new object with credentials (user ID and process ID) from the current process.
void * _dbus_memdup(const void *mem, size_t n_bytes)
Duplicates a block of memory.
dbus_bool_t _dbus_string_append_printf(DBusString *str, const char *format,...)
Appends a printf-style formatted string to the DBusString.
Definition: dbus-string.c:1111
void _dbus_credentials_ref(DBusCredentials *credentials)
Increment refcount on credentials.
dbus_pid_t _dbus_credentials_get_unix_pid(DBusCredentials *credentials)
Gets the UNIX process ID in the credentials, or DBUS_PID_UNSET if the credentials object doesn&#39;t cont...
dbus_bool_t _dbus_credentials_add_adt_audit_data(DBusCredentials *credentials, void *audit_data, dbus_int32_t size)
Add ADT audit data to the credentials.
dbus_bool_t _dbus_credentials_add_from_current_process(DBusCredentials *credentials)
Adds the credentials of the current process to the passed-in credentials object.
#define TRUE
Expands to &quot;1&quot;.
#define _dbus_assert_not_reached(explanation)
Aborts with an error message if called.
#define DBUS_UID_FORMAT
an appropriate printf format for dbus_uid_t
Definition: dbus-sysdeps.h:114
DBusCredentials * _dbus_credentials_new(void)
Creates a new credentials object.
void _dbus_credentials_unref(DBusCredentials *credentials)
Decrement refcount on credentials.
dbus_bool_t _dbus_credentials_add_unix_pid(DBusCredentials *credentials, dbus_pid_t pid)
Add a UNIX process ID to the credentials.
#define FALSE
Expands to &quot;0&quot;.
dbus_bool_t _dbus_credentials_same_user(DBusCredentials *credentials, DBusCredentials *other_credentials)
Check whether the user-identifying credentials in two credentials objects are identical.
dbus_bool_t _dbus_credentials_to_string_append(DBusCredentials *credentials, DBusString *string)
Convert the credentials in this object to a human-readable string format, and append to the given str...
const char * _dbus_credentials_get_windows_sid(DBusCredentials *credentials)
Gets the Windows user SID in the credentials, or NULL if the credentials object doesn&#39;t contain a Win...
int dbus_int32_t
A 32-bit signed integer on all platforms.
char * _dbus_strdup(const char *str)
Duplicates a string.
dbus_bool_t _dbus_credentials_add_unix_uid(DBusCredentials *credentials, dbus_uid_t uid)
Add a UNIX user ID to the credentials.
unsigned long dbus_uid_t
A user ID.
Definition: dbus-sysdeps.h:100
dbus_bool_t _dbus_credentials_are_empty(DBusCredentials *credentials)
Checks whether a credentials object contains anything.
void * _dbus_credentials_get_adt_audit_data(DBusCredentials *credentials)
Gets the ADT audit data in the credentials, or NULL if the credentials object doesn&#39;t contain ADT aud...