28#include "dbus-credentials.h"
29#include "dbus-internals.h"
58 char *linux_security_label;
86 creds->unix_gids =
NULL;
87 creds->n_unix_gids = 0;
89 creds->windows_sid =
NULL;
90 creds->linux_security_label =
NULL;
91 creds->adt_audit_data =
NULL;
92 creds->adt_audit_data_size = 0;
128 credentials->refcount += 1;
141 credentials->refcount -= 1;
142 if (credentials->refcount == 0)
146 dbus_free (credentials->linux_security_label);
163 credentials->pid = pid;
178 credentials->unix_uid = uid;
184cmp_gidp (
const void *a_,
const void *b_)
212 qsort (gids, n_gids,
sizeof (
dbus_gid_t), cmp_gidp);
215 credentials->unix_gids = gids;
216 credentials->n_unix_gids = n_gids;
232 *gids = credentials->unix_gids;
235 *n_gids = credentials->n_unix_gids;
237 return (credentials->unix_gids !=
NULL);
249 const char *windows_sid)
258 credentials->windows_sid = copy;
281 dbus_free (credentials->linux_security_label);
282 credentials->linux_security_label = copy;
306 credentials->adt_audit_data = copy;
307 credentials->adt_audit_data_size = size;
321 DBusCredentialType type)
325 case DBUS_CREDENTIAL_UNIX_PROCESS_ID:
327 case DBUS_CREDENTIAL_UNIX_USER_ID:
329 case DBUS_CREDENTIAL_UNIX_GROUP_IDS:
330 return credentials->unix_gids !=
NULL;
331 case DBUS_CREDENTIAL_WINDOWS_SID:
332 return credentials->windows_sid !=
NULL;
333 case DBUS_CREDENTIAL_LINUX_SECURITY_LABEL:
334 return credentials->linux_security_label !=
NULL;
335 case DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID:
336 return credentials->adt_audit_data !=
NULL;
353 return credentials->pid;
366 return credentials->unix_uid;
379 return credentials->windows_sid;
392 return credentials->linux_security_label;
405 return credentials->adt_audit_data;
418 return credentials->adt_audit_data_size;
435 possible_subset->pid == credentials->pid) &&
437 possible_subset->unix_uid == credentials->unix_uid) &&
438 (possible_subset->unix_gids ==
NULL ||
439 (possible_subset->n_unix_gids == credentials->n_unix_gids &&
440 memcmp (possible_subset->unix_gids, credentials->unix_gids,
441 sizeof (
dbus_gid_t) * credentials->n_unix_gids) == 0)) &&
442 (possible_subset->windows_sid ==
NULL ||
443 (credentials->windows_sid && strcmp (possible_subset->windows_sid,
444 credentials->windows_sid) == 0)) &&
445 (possible_subset->linux_security_label ==
NULL ||
446 (credentials->linux_security_label !=
NULL &&
447 strcmp (possible_subset->linux_security_label,
448 credentials->linux_security_label) == 0)) &&
449 (possible_subset->adt_audit_data ==
NULL ||
450 (credentials->adt_audit_data && memcmp (possible_subset->adt_audit_data,
451 credentials->adt_audit_data,
452 credentials->adt_audit_data_size) == 0));
467 credentials->unix_gids ==
NULL &&
468 credentials->n_unix_gids == 0 &&
469 credentials->windows_sid ==
NULL &&
470 credentials->linux_security_label ==
NULL &&
471 credentials->adt_audit_data ==
NULL;
485 credentials->windows_sid ==
NULL;
502 DBUS_CREDENTIAL_UNIX_PROCESS_ID,
503 other_credentials) &&
505 DBUS_CREDENTIAL_UNIX_USER_ID,
506 other_credentials) &&
508 DBUS_CREDENTIAL_UNIX_GROUP_IDS,
509 other_credentials) &&
511 DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID,
512 other_credentials) &&
514 DBUS_CREDENTIAL_LINUX_SECURITY_LABEL,
515 other_credentials) &&
517 DBUS_CREDENTIAL_WINDOWS_SID,
535 DBusCredentialType which,
538 if (which == DBUS_CREDENTIAL_UNIX_PROCESS_ID &&
544 else if (which == DBUS_CREDENTIAL_UNIX_USER_ID &&
550 else if (which == DBUS_CREDENTIAL_UNIX_GROUP_IDS &&
551 other_credentials->unix_gids !=
NULL)
560 memcpy (gids, other_credentials->unix_gids,
561 sizeof (
dbus_gid_t) * other_credentials->n_unix_gids);
564 other_credentials->n_unix_gids);
566 else if (which == DBUS_CREDENTIAL_WINDOWS_SID &&
567 other_credentials->windows_sid !=
NULL)
572 else if (which == DBUS_CREDENTIAL_LINUX_SECURITY_LABEL &&
573 other_credentials->linux_security_label !=
NULL)
576 other_credentials->linux_security_label))
579 else if (which == DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID &&
580 other_credentials->adt_audit_data !=
NULL)
600 credentials->unix_gids =
NULL;
601 credentials->n_unix_gids = 0;
603 credentials->windows_sid =
NULL;
604 dbus_free (credentials->linux_security_label);
605 credentials->linux_security_label =
NULL;
607 credentials->adt_audit_data =
NULL;
608 credentials->adt_audit_data_size = 0;
653 return credentials->unix_uid == other_credentials->unix_uid &&
654 ((!(credentials->windows_sid || other_credentials->windows_sid)) ||
655 (credentials->windows_sid && other_credentials->windows_sid &&
656 strcmp (credentials->windows_sid, other_credentials->windows_sid) == 0));
687 if (credentials->unix_gids !=
NULL)
691 for (i = 0; i < credentials->n_unix_gids; i++)
695 credentials->unix_gids[i]))
702 if (credentials->windows_sid !=
NULL)
709 if (credentials->linux_security_label !=
NULL)
713 credentials->linux_security_label))
void _dbus_credentials_ref(DBusCredentials *credentials)
Increment refcount on credentials.
dbus_bool_t _dbus_credentials_include(DBusCredentials *credentials, DBusCredentialType type)
Checks whether the given credential is present.
dbus_bool_t _dbus_credentials_are_superset(DBusCredentials *credentials, DBusCredentials *possible_subset)
Checks whether the first credentials object contains all the credentials found in the second credenti...
dbus_bool_t _dbus_credentials_same_user(DBusCredentials *credentials, DBusCredentials *other_credentials)
Check whether the user-identifying credentials in two credentials objects are identical.
void _dbus_credentials_clear(DBusCredentials *credentials)
Clear all credentials in the object.
dbus_uid_t _dbus_credentials_get_unix_uid(DBusCredentials *credentials)
Gets the UNIX user ID in the credentials, or DBUS_UID_UNSET if the credentials object doesn't contain...
DBusCredentials * _dbus_credentials_copy(DBusCredentials *credentials)
Copy a credentials object.
DBusCredentials * _dbus_credentials_new_from_current_process(void)
Creates a new object with the most important credentials (user ID and process ID) from the current pr...
dbus_bool_t _dbus_credentials_to_string_append(DBusCredentials *credentials, DBusString *string)
Convert the credentials in this object to a human-readable string format, and append to the given str...
DBusCredentials * _dbus_credentials_new(void)
Creates a new credentials object.
void * _dbus_credentials_get_adt_audit_data(DBusCredentials *credentials)
Gets the ADT audit data in the credentials, or NULL if the credentials object doesn't contain ADT aud...
dbus_bool_t _dbus_credentials_add_linux_security_label(DBusCredentials *credentials, const char *label)
Add a Linux security label, as used by LSMs such as SELinux, Smack and AppArmor, to the credentials.
dbus_bool_t _dbus_credentials_add_credentials(DBusCredentials *credentials, DBusCredentials *other_credentials)
Merge all credentials found in the second object into the first object, overwriting the first object ...
const char * _dbus_credentials_get_linux_security_label(DBusCredentials *credentials)
Gets the Linux security label (as used by LSMs) from the credentials, or NULL if the credentials obje...
void _dbus_credentials_take_unix_gids(DBusCredentials *credentials, dbus_gid_t *gids, size_t n_gids)
Add UNIX group IDs to the credentials, replacing any group IDs that might already have been present.
void _dbus_credentials_unref(DBusCredentials *credentials)
Decrement refcount on credentials.
dbus_bool_t _dbus_credentials_get_unix_gids(DBusCredentials *credentials, const dbus_gid_t **gids, size_t *n_gids)
Get the Unix group IDs.
dbus_bool_t _dbus_credentials_are_empty(DBusCredentials *credentials)
Checks whether a credentials object contains anything.
dbus_bool_t _dbus_credentials_add_unix_uid(DBusCredentials *credentials, dbus_uid_t uid)
Add a UNIX user ID to the credentials.
dbus_bool_t _dbus_credentials_add_windows_sid(DBusCredentials *credentials, const char *windows_sid)
Add a Windows user SID to the credentials.
dbus_bool_t _dbus_credentials_add_pid(DBusCredentials *credentials, dbus_pid_t pid)
Add a UNIX process ID to the credentials.
dbus_pid_t _dbus_credentials_get_pid(DBusCredentials *credentials)
Gets the UNIX process ID in the credentials, or DBUS_PID_UNSET if the credentials object doesn't cont...
dbus_bool_t _dbus_credentials_add_adt_audit_data(DBusCredentials *credentials, void *audit_data, dbus_int32_t size)
Add ADT audit data to the credentials.
dbus_int32_t _dbus_credentials_get_adt_audit_data_size(DBusCredentials *credentials)
Gets the ADT audit data size in the credentials, or 0 if the credentials object doesn't contain ADT a...
const char * _dbus_credentials_get_windows_sid(DBusCredentials *credentials)
Gets the Windows user SID in the credentials, or NULL if the credentials object doesn't contain a Win...
dbus_bool_t _dbus_credentials_add_credential(DBusCredentials *credentials, DBusCredentialType which, DBusCredentials *other_credentials)
Merge the given credential found in the second object into the first object, overwriting the first ob...
dbus_bool_t _dbus_credentials_are_anonymous(DBusCredentials *credentials)
Checks whether a credentials object contains a user identity.
#define _dbus_assert_not_reached(explanation)
Aborts with an error message if called.
#define _dbus_assert(condition)
Aborts with an error message if the condition is false.
char * _dbus_strdup(const char *str)
Duplicates a string.
void * _dbus_memdup(const void *mem, size_t n_bytes)
Duplicates a block of memory.
#define NULL
A null pointer, defined appropriately for C or C++.
#define TRUE
Expands to "1".
#define FALSE
Expands to "0".
void dbus_free(void *memory)
Frees a block of memory previously allocated by dbus_malloc() or dbus_malloc0().
#define dbus_new(type, count)
Safe macro for using dbus_malloc().
dbus_bool_t _dbus_string_append_printf(DBusString *str, const char *format,...)
Appends a printf-style formatted string to the DBusString.
unsigned long dbus_uid_t
A user ID.
unsigned long dbus_pid_t
A process ID.
unsigned long dbus_gid_t
A group ID.
#define DBUS_UID_UNSET
an invalid UID used to represent an uninitialized dbus_uid_t field
#define DBUS_PID_UNSET
an invalid PID used to represent an uninitialized dbus_pid_t field
dbus_bool_t _dbus_credentials_add_from_current_process(DBusCredentials *credentials)
Adds the most important credentials of the current process (the uid and pid) to the passed-in credent...
#define DBUS_GID_FORMAT
an appropriate printf format for dbus_gid_t
#define DBUS_UID_FORMAT
an appropriate printf format for dbus_uid_t
#define DBUS_PID_FORMAT
an appropriate printf format for dbus_pid_t
dbus_uint32_t dbus_bool_t
A boolean, valid values are TRUE and FALSE.
int dbus_int32_t
A 32-bit signed integer on all platforms.