25 #include "dbus-credentials.h"
26 #include "dbus-internals.h"
53 char *linux_security_label;
55 dbus_int32_t adt_audit_data_size;
82 creds->windows_sid =
NULL;
83 creds->linux_security_label =
NULL;
84 creds->adt_audit_data =
NULL;
85 creds->adt_audit_data_size = 0;
121 credentials->refcount += 1;
134 credentials->refcount -= 1;
135 if (credentials->refcount == 0)
138 dbus_free (credentials->linux_security_label);
155 credentials->pid = pid;
170 credentials->unix_uid = uid;
184 const char *windows_sid)
193 credentials->windows_sid = copy;
216 dbus_free (credentials->linux_security_label);
217 credentials->linux_security_label = copy;
241 credentials->adt_audit_data = copy;
242 credentials->adt_audit_data_size = size;
256 DBusCredentialType type)
260 case DBUS_CREDENTIAL_UNIX_PROCESS_ID:
262 case DBUS_CREDENTIAL_UNIX_USER_ID:
264 case DBUS_CREDENTIAL_WINDOWS_SID:
265 return credentials->windows_sid !=
NULL;
266 case DBUS_CREDENTIAL_LINUX_SECURITY_LABEL:
267 return credentials->linux_security_label !=
NULL;
268 case DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID:
269 return credentials->adt_audit_data !=
NULL;
286 return credentials->pid;
299 return credentials->unix_uid;
312 return credentials->windows_sid;
325 return credentials->linux_security_label;
338 return credentials->adt_audit_data;
351 return credentials->adt_audit_data_size;
368 possible_subset->pid == credentials->pid) &&
370 possible_subset->unix_uid == credentials->unix_uid) &&
371 (possible_subset->windows_sid ==
NULL ||
372 (credentials->windows_sid && strcmp (possible_subset->windows_sid,
373 credentials->windows_sid) == 0)) &&
374 (possible_subset->linux_security_label ==
NULL ||
375 (credentials->linux_security_label !=
NULL &&
376 strcmp (possible_subset->linux_security_label,
377 credentials->linux_security_label) == 0)) &&
378 (possible_subset->adt_audit_data ==
NULL ||
379 (credentials->adt_audit_data && memcmp (possible_subset->adt_audit_data,
380 credentials->adt_audit_data,
381 credentials->adt_audit_data_size) == 0));
396 credentials->windows_sid ==
NULL &&
397 credentials->linux_security_label ==
NULL &&
398 credentials->adt_audit_data ==
NULL;
412 credentials->windows_sid ==
NULL;
429 DBUS_CREDENTIAL_UNIX_PROCESS_ID,
430 other_credentials) &&
432 DBUS_CREDENTIAL_UNIX_USER_ID,
433 other_credentials) &&
435 DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID,
436 other_credentials) &&
438 DBUS_CREDENTIAL_LINUX_SECURITY_LABEL,
439 other_credentials) &&
441 DBUS_CREDENTIAL_WINDOWS_SID,
459 DBusCredentialType which,
462 if (which == DBUS_CREDENTIAL_UNIX_PROCESS_ID &&
468 else if (which == DBUS_CREDENTIAL_UNIX_USER_ID &&
474 else if (which == DBUS_CREDENTIAL_WINDOWS_SID &&
475 other_credentials->windows_sid !=
NULL)
480 else if (which == DBUS_CREDENTIAL_LINUX_SECURITY_LABEL &&
481 other_credentials->linux_security_label !=
NULL)
484 other_credentials->linux_security_label))
487 else if (which == DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID &&
488 other_credentials->adt_audit_data !=
NULL)
508 credentials->windows_sid =
NULL;
509 dbus_free (credentials->linux_security_label);
510 credentials->linux_security_label =
NULL;
512 credentials->adt_audit_data =
NULL;
513 credentials->adt_audit_data_size = 0;
558 return credentials->unix_uid == other_credentials->unix_uid &&
559 ((!(credentials->windows_sid || other_credentials->windows_sid)) ||
560 (credentials->windows_sid && other_credentials->windows_sid &&
561 strcmp (credentials->windows_sid, other_credentials->windows_sid) == 0));
593 if (credentials->windows_sid !=
NULL)
602 if (credentials->linux_security_label !=
NULL)
606 credentials->linux_security_label))
dbus_uid_t _dbus_credentials_get_unix_uid(DBusCredentials *credentials)
Gets the UNIX user ID in the credentials, or DBUS_UID_UNSET if the credentials object doesn't contain...
#define NULL
A null pointer, defined appropriately for C or C++.
dbus_bool_t _dbus_credentials_include(DBusCredentials *credentials, DBusCredentialType type)
Checks whether the given credential is present.
DBusCredentials * _dbus_credentials_copy(DBusCredentials *credentials)
Copy a credentials object.
void dbus_free(void *memory)
Frees a block of memory previously allocated by dbus_malloc() or dbus_malloc0().
dbus_int32_t _dbus_credentials_get_adt_audit_data_size(DBusCredentials *credentials)
Gets the ADT audit data size in the credentials, or 0 if the credentials object doesn't contain ADT a...
dbus_bool_t _dbus_credentials_add_credential(DBusCredentials *credentials, DBusCredentialType which, DBusCredentials *other_credentials)
Merge the given credential found in the second object into the first object, overwriting the first ob...
#define dbus_new(type, count)
Safe macro for using dbus_malloc().
dbus_bool_t _dbus_credentials_are_superset(DBusCredentials *credentials, DBusCredentials *possible_subset)
Checks whether the first credentials object contains all the credentials found in the second credenti...
#define DBUS_PID_FORMAT
an appropriate printf format for dbus_pid_t
#define _dbus_assert(condition)
Aborts with an error message if the condition is false.
dbus_bool_t _dbus_credentials_add_linux_security_label(DBusCredentials *credentials, const char *label)
Add a Linux security label, as used by LSMs such as SELinux, Smack and AppArmor, to the credentials...
dbus_bool_t _dbus_credentials_add_windows_sid(DBusCredentials *credentials, const char *windows_sid)
Add a Windows user SID to the credentials.
#define DBUS_PID_UNSET
an invalid PID used to represent an uninitialized dbus_pid_t field
void _dbus_credentials_clear(DBusCredentials *credentials)
Clear all credentials in the object.
#define DBUS_UID_UNSET
an invalid UID used to represent an uninitialized dbus_uid_t field
dbus_bool_t _dbus_credentials_add_credentials(DBusCredentials *credentials, DBusCredentials *other_credentials)
Merge all credentials found in the second object into the first object, overwriting the first object ...
unsigned long dbus_pid_t
A process ID.
dbus_bool_t _dbus_credentials_are_anonymous(DBusCredentials *credentials)
Checks whether a credentials object contains a user identity.
dbus_uint32_t dbus_bool_t
A boolean, valid values are TRUE and FALSE.
DBusCredentials * _dbus_credentials_new_from_current_process(void)
Creates a new object with credentials (user ID and process ID) from the current process.
void * _dbus_memdup(const void *mem, size_t n_bytes)
Duplicates a block of memory.
dbus_bool_t _dbus_string_append_printf(DBusString *str, const char *format,...)
Appends a printf-style formatted string to the DBusString.
void _dbus_credentials_ref(DBusCredentials *credentials)
Increment refcount on credentials.
dbus_bool_t _dbus_credentials_add_adt_audit_data(DBusCredentials *credentials, void *audit_data, dbus_int32_t size)
Add ADT audit data to the credentials.
dbus_bool_t _dbus_credentials_add_from_current_process(DBusCredentials *credentials)
Adds the credentials of the current process to the passed-in credentials object.
#define TRUE
Expands to "1".
#define _dbus_assert_not_reached(explanation)
Aborts with an error message if called.
dbus_bool_t _dbus_credentials_add_pid(DBusCredentials *credentials, dbus_pid_t pid)
Add a UNIX process ID to the credentials.
#define DBUS_UID_FORMAT
an appropriate printf format for dbus_uid_t
DBusCredentials * _dbus_credentials_new(void)
Creates a new credentials object.
dbus_pid_t _dbus_credentials_get_pid(DBusCredentials *credentials)
Gets the UNIX process ID in the credentials, or DBUS_PID_UNSET if the credentials object doesn't cont...
void _dbus_credentials_unref(DBusCredentials *credentials)
Decrement refcount on credentials.
#define FALSE
Expands to "0".
const char * _dbus_credentials_get_linux_security_label(DBusCredentials *credentials)
Gets the Linux security label (as used by LSMs) from the credentials, or NULL if the credentials obje...
dbus_bool_t _dbus_credentials_same_user(DBusCredentials *credentials, DBusCredentials *other_credentials)
Check whether the user-identifying credentials in two credentials objects are identical.
dbus_bool_t _dbus_credentials_to_string_append(DBusCredentials *credentials, DBusString *string)
Convert the credentials in this object to a human-readable string format, and append to the given str...
const char * _dbus_credentials_get_windows_sid(DBusCredentials *credentials)
Gets the Windows user SID in the credentials, or NULL if the credentials object doesn't contain a Win...
char * _dbus_strdup(const char *str)
Duplicates a string.
dbus_bool_t _dbus_credentials_add_unix_uid(DBusCredentials *credentials, dbus_uid_t uid)
Add a UNIX user ID to the credentials.
unsigned long dbus_uid_t
A user ID.
dbus_bool_t _dbus_credentials_are_empty(DBusCredentials *credentials)
Checks whether a credentials object contains anything.
void * _dbus_credentials_get_adt_audit_data(DBusCredentials *credentials)
Gets the ADT audit data in the credentials, or NULL if the credentials object doesn't contain ADT aud...