1d012387afef0ba02185ebe27bc6bb15551912e92Havoc Pennington/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */ 223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/* dbus-credentials.c Credentials provable through authentication 323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Copyright (C) 2007 Red Hat Inc. 523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Licensed under the Academic Free License version 2.1 723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * This program is free software; you can redistribute it and/or modify 923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * it under the terms of the GNU General Public License as published by 1023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * the Free Software Foundation; either version 2 of the License, or 1123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * (at your option) any later version. 1223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 1323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * This program is distributed in the hope that it will be useful, 1423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * but WITHOUT ANY WARRANTY; without even the implied warranty of 1523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 1623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * GNU General Public License for more details. 1723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 1823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * You should have received a copy of the GNU General Public License 1923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * along with this program; if not, write to the Free Software 20dc33f4f7749ed303374ebdf00e48ea8a471afd25Tobias Mueller * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 2123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 2223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 2323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington#include <config.h> 2423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington#include <string.h> 2523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington#include "dbus-credentials.h" 2623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington#include "dbus-internals.h" 2723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 2823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** 2923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @defgroup DBusCredentials Credentials provable through authentication 3023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @ingroup DBusInternals 3123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @brief DBusCredentials object 3223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 3323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Credentials are what you have to prove you have in order to 3423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * authenticate. The main credentials right now are a unix user 3523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * account, a Windows user account, or a UNIX process ID. 3623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 3723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 3823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** 3923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @defgroup DBusCredentialsInternals Credentials implementation details 4023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @ingroup DBusInternals 4123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @brief DBusCredentials implementation details 4223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 4323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Private details of credentials code. 4423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 4523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @{ 4623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 4723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 4823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Penningtonstruct DBusCredentials { 4923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington int refcount; 5023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington dbus_uid_t unix_uid; 5123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington dbus_pid_t unix_pid; 5223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington char *windows_sid; 53ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters void *adt_audit_data; 54ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters dbus_int32_t adt_audit_data_size; 5523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington}; 5623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 5723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** @} */ 5823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 5923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** 6023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @addtogroup DBusCredentials 6123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @{ 6223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 6323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 6423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** 6523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Creates a new credentials object. 6623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 6723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @returns the new object or #NULL if no memory 6823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 6923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc PenningtonDBusCredentials* 7023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington_dbus_credentials_new (void) 7123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington{ 7223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington DBusCredentials *creds; 7323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 7423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington creds = dbus_new (DBusCredentials, 1); 7523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington if (creds == NULL) 7623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return NULL; 7723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 7823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington creds->refcount = 1; 7923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington creds->unix_uid = DBUS_UID_UNSET; 8023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington creds->unix_pid = DBUS_PID_UNSET; 8123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington creds->windows_sid = NULL; 82ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters creds->adt_audit_data = NULL; 83ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters creds->adt_audit_data_size = 0; 8423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 8523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return creds; 8623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington} 8723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 8823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** 8923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Creates a new object with credentials (user ID and process ID) from the current process. 9023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @returns the new object or #NULL if no memory 9123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 9223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc PenningtonDBusCredentials* 9323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington_dbus_credentials_new_from_current_process (void) 9423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington{ 9523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington DBusCredentials *creds; 9623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 9723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington creds = _dbus_credentials_new (); 9823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington if (creds == NULL) 9923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return NULL; 10023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 10123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington if (!_dbus_credentials_add_from_current_process (creds)) 10223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington { 10323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington _dbus_credentials_unref (creds); 10423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return NULL; 10523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington } 10623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 10723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return creds; 10823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington} 10923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 11023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** 11123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Increment refcount on credentials. 11223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 11323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param credentials the object 11423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 11523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Penningtonvoid 11623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington_dbus_credentials_ref (DBusCredentials *credentials) 11723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington{ 11823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington _dbus_assert (credentials->refcount > 0); 11923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington credentials->refcount += 1; 12023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington} 12123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 12223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** 12323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Decrement refcount on credentials. 12423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 12523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param credentials the object 12623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 12723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Penningtonvoid 12823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington_dbus_credentials_unref (DBusCredentials *credentials) 12923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington{ 13023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington _dbus_assert (credentials->refcount > 0); 13123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 13223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington credentials->refcount -= 1; 13323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington if (credentials->refcount == 0) 13423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington { 13523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington dbus_free (credentials->windows_sid); 136ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters dbus_free (credentials->adt_audit_data); 13723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington dbus_free (credentials); 13823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington } 13923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington} 14023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 14123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** 14223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Add a UNIX process ID to the credentials. 14323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 14423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param credentials the object 14523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param pid the process ID 14623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @returns #FALSE if no memory 14723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 14823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Penningtondbus_bool_t 14923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington_dbus_credentials_add_unix_pid (DBusCredentials *credentials, 15023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington dbus_pid_t pid) 15123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington{ 15223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington credentials->unix_pid = pid; 15323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return TRUE; 15423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington} 15523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 15623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** 15723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Add a UNIX user ID to the credentials. 15823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 15923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param credentials the object 16023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param uid the user ID 16123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @returns #FALSE if no memory 16223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 16323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Penningtondbus_bool_t 16423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington_dbus_credentials_add_unix_uid(DBusCredentials *credentials, 16523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington dbus_uid_t uid) 16623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington{ 16723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington credentials->unix_uid = uid; 16823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return TRUE; 16923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 17023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington} 17123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 17223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** 17323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Add a Windows user SID to the credentials. 17423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 17523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param credentials the object 17623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param windows_sid the user SID 17723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @returns #FALSE if no memory 17823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 17923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Penningtondbus_bool_t 18023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington_dbus_credentials_add_windows_sid (DBusCredentials *credentials, 18123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington const char *windows_sid) 18223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington{ 18323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington char *copy; 18423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 18523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington copy = _dbus_strdup (windows_sid); 18623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington if (copy == NULL) 18723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return FALSE; 18823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 18923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington dbus_free (credentials->windows_sid); 19023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington credentials->windows_sid = copy; 19123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 19223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return TRUE; 19323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington} 19423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 19523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** 196ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters * Add ADT audit data to the credentials. 197ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters * 198ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters * @param credentials the object 199ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters * @param audit_data the audit data 200ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters * @param size the length of audit data 201ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters * @returns #FALSE if no memory 202ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters */ 203ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Waltersdbus_bool_t 204ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters_dbus_credentials_add_adt_audit_data (DBusCredentials *credentials, 205ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters void *audit_data, 206ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters dbus_int32_t size) 207ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters{ 208ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters void *copy; 209ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters copy = _dbus_memdup (audit_data, size); 210ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters if (copy == NULL) 211ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters return FALSE; 212ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters 213ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters dbus_free (credentials->adt_audit_data); 214ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters credentials->adt_audit_data = copy; 215ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters credentials->adt_audit_data_size = size; 216ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters 217ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters return TRUE; 218ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters} 219ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters 220ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters/** 22123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Checks whether the given credential is present. 22223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 22323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param credentials the object 22423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param type the credential to check for 22523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @returns #TRUE if the credential is present 22623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 22723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Penningtondbus_bool_t 22823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington_dbus_credentials_include (DBusCredentials *credentials, 22923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington DBusCredentialType type) 23023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington{ 23123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington switch (type) 23223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington { 23323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington case DBUS_CREDENTIAL_UNIX_PROCESS_ID: 23423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return credentials->unix_pid != DBUS_PID_UNSET; 23523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington case DBUS_CREDENTIAL_UNIX_USER_ID: 23623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return credentials->unix_uid != DBUS_UID_UNSET; 23723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington case DBUS_CREDENTIAL_WINDOWS_SID: 23823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return credentials->windows_sid != NULL; 239ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters case DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID: 240ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters return credentials->adt_audit_data != NULL; 24123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington } 24223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 24323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington _dbus_assert_not_reached ("Unknown credential enum value"); 24423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return FALSE; 24523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington} 24623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 24723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** 24823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Gets the UNIX process ID in the credentials, or #DBUS_PID_UNSET if 24923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * the credentials object doesn't contain a process ID. 25023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 25123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param credentials the object 25223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @returns UNIX process ID 25323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 25423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Penningtondbus_pid_t 25523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington_dbus_credentials_get_unix_pid (DBusCredentials *credentials) 25623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington{ 25723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return credentials->unix_pid; 25823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington} 25923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 26023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** 26123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Gets the UNIX user ID in the credentials, or #DBUS_UID_UNSET if 26223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * the credentials object doesn't contain a user ID. 26323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 26423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param credentials the object 26523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @returns UNIX user ID 26623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 26723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Penningtondbus_uid_t 26823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington_dbus_credentials_get_unix_uid (DBusCredentials *credentials) 26923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington{ 27023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return credentials->unix_uid; 27123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington} 27223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 27323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** 27423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Gets the Windows user SID in the credentials, or #NULL if 27523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * the credentials object doesn't contain a Windows user SID. 27623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 27723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param credentials the object 27823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @returns Windows user SID 27923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 28023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Penningtonconst char* 28123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington_dbus_credentials_get_windows_sid (DBusCredentials *credentials) 28223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington{ 28323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return credentials->windows_sid; 28423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington} 28523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 28623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** 287ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters * Gets the ADT audit data in the credentials, or #NULL if 288ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters * the credentials object doesn't contain ADT audit data. 289ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters * 290ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters * @param credentials the object 291ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters * @returns Solaris ADT audit data 292ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters */ 293ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Waltersvoid * 294ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters_dbus_credentials_get_adt_audit_data (DBusCredentials *credentials) 295ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters{ 296ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters return credentials->adt_audit_data; 297ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters} 298ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters 299ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters/** 300ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters * Gets the ADT audit data size in the credentials, or 0 if 301ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters * the credentials object doesn't contain ADT audit data. 302ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters * 303ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters * @param credentials the object 304ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters * @returns Solaris ADT audit data size 305ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters */ 306ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Waltersdbus_int32_t 307ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters_dbus_credentials_get_adt_audit_data_size (DBusCredentials *credentials) 308ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters{ 309ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters return credentials->adt_audit_data_size; 310ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters} 311ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters 312ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters/** 31323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Checks whether the first credentials object contains 31423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * all the credentials found in the second credentials object. 31523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 31623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param credentials the object 31723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param possible_subset see if credentials in here are also in the first arg 31823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @returns #TRUE if second arg is contained in first 31923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 32023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Penningtondbus_bool_t 32123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington_dbus_credentials_are_superset (DBusCredentials *credentials, 32223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington DBusCredentials *possible_subset) 32323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington{ 32423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return 32523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington (possible_subset->unix_pid == DBUS_PID_UNSET || 32623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington possible_subset->unix_pid == credentials->unix_pid) && 32723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington (possible_subset->unix_uid == DBUS_UID_UNSET || 32823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington possible_subset->unix_uid == credentials->unix_uid) && 32923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington (possible_subset->windows_sid == NULL || 33023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington (credentials->windows_sid && strcmp (possible_subset->windows_sid, 331ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters credentials->windows_sid) == 0)) && 332ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters (possible_subset->adt_audit_data == NULL || 333ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters (credentials->adt_audit_data && memcmp (possible_subset->adt_audit_data, 334ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters credentials->adt_audit_data, 335ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters credentials->adt_audit_data_size) == 0)); 33623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington} 33723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 33823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** 33923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Checks whether a credentials object contains anything. 34023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 34123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param credentials the object 34223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @returns #TRUE if there are no credentials in the object 34323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 34423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Penningtondbus_bool_t 34523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington_dbus_credentials_are_empty (DBusCredentials *credentials) 34623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington{ 34723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return 34823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington credentials->unix_pid == DBUS_PID_UNSET && 34923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington credentials->unix_uid == DBUS_UID_UNSET && 350ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters credentials->windows_sid == NULL && 351ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters credentials->adt_audit_data == NULL; 35223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington} 35323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 35423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** 35594125e89b6be74cb20100d5321a98aa6529187a9Havoc Pennington * Checks whether a credentials object contains a user identity. 35694125e89b6be74cb20100d5321a98aa6529187a9Havoc Pennington * 35794125e89b6be74cb20100d5321a98aa6529187a9Havoc Pennington * @param credentials the object 35894125e89b6be74cb20100d5321a98aa6529187a9Havoc Pennington * @returns #TRUE if there are no user identities in the object 35994125e89b6be74cb20100d5321a98aa6529187a9Havoc Pennington */ 36094125e89b6be74cb20100d5321a98aa6529187a9Havoc Penningtondbus_bool_t 36194125e89b6be74cb20100d5321a98aa6529187a9Havoc Pennington_dbus_credentials_are_anonymous (DBusCredentials *credentials) 36294125e89b6be74cb20100d5321a98aa6529187a9Havoc Pennington{ 36394125e89b6be74cb20100d5321a98aa6529187a9Havoc Pennington return 36494125e89b6be74cb20100d5321a98aa6529187a9Havoc Pennington credentials->unix_uid == DBUS_UID_UNSET && 36594125e89b6be74cb20100d5321a98aa6529187a9Havoc Pennington credentials->windows_sid == NULL; 36694125e89b6be74cb20100d5321a98aa6529187a9Havoc Pennington} 36794125e89b6be74cb20100d5321a98aa6529187a9Havoc Pennington 36894125e89b6be74cb20100d5321a98aa6529187a9Havoc Pennington/** 36923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Merge all credentials found in the second object into the first object, 37023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * overwriting the first object if there are any overlaps. 37123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 37223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param credentials the object 37323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param other_credentials credentials to merge 37423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @returns #FALSE if no memory 37523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 37623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Penningtondbus_bool_t 37723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington_dbus_credentials_add_credentials (DBusCredentials *credentials, 37823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington DBusCredentials *other_credentials) 37923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington{ 38023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return 38123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington _dbus_credentials_add_credential (credentials, 38223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington DBUS_CREDENTIAL_UNIX_PROCESS_ID, 38323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington other_credentials) && 38423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington _dbus_credentials_add_credential (credentials, 38523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington DBUS_CREDENTIAL_UNIX_USER_ID, 38623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington other_credentials) && 38723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington _dbus_credentials_add_credential (credentials, 388ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID, 389ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters other_credentials) && 390ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters _dbus_credentials_add_credential (credentials, 39123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington DBUS_CREDENTIAL_WINDOWS_SID, 39223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington other_credentials); 39323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington} 39423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 39523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** 39623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Merge the given credential found in the second object into the first object, 39723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * overwriting the first object's value for that credential. 39823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 39923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Does nothing if the second object does not contain the specified credential. 40023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * i.e., will never delete a credential from the first object. 40123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 40223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param credentials the object 40323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param which the credential to overwrite 40423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param other_credentials credentials to merge 40523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @returns #FALSE if no memory 40623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 40723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Penningtondbus_bool_t 40823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington_dbus_credentials_add_credential (DBusCredentials *credentials, 40923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington DBusCredentialType which, 41023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington DBusCredentials *other_credentials) 41123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington{ 41223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington if (which == DBUS_CREDENTIAL_UNIX_PROCESS_ID && 41323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington other_credentials->unix_pid != DBUS_PID_UNSET) 41423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington { 41523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington if (!_dbus_credentials_add_unix_pid (credentials, other_credentials->unix_pid)) 41623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return FALSE; 41723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington } 41823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington else if (which == DBUS_CREDENTIAL_UNIX_USER_ID && 41923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington other_credentials->unix_uid != DBUS_UID_UNSET) 42023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington { 42123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington if (!_dbus_credentials_add_unix_uid (credentials, other_credentials->unix_uid)) 42223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return FALSE; 42323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington } 42423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington else if (which == DBUS_CREDENTIAL_WINDOWS_SID && 42523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington other_credentials->windows_sid != NULL) 42623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington { 42723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington if (!_dbus_credentials_add_windows_sid (credentials, other_credentials->windows_sid)) 42823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return FALSE; 429ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters } 430ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters else if (which == DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID && 431ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters other_credentials->adt_audit_data != NULL) 432ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters { 433ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters if (!_dbus_credentials_add_adt_audit_data (credentials, other_credentials->adt_audit_data, other_credentials->adt_audit_data_size)) 434ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters return FALSE; 43523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington } 43623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 43723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return TRUE; 43823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington} 43923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 44023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** 44123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Clear all credentials in the object. 44223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 44323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param credentials the object 44423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 44523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Penningtonvoid 44623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington_dbus_credentials_clear (DBusCredentials *credentials) 44723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington{ 44823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington credentials->unix_pid = DBUS_PID_UNSET; 44923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington credentials->unix_uid = DBUS_UID_UNSET; 45023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington dbus_free (credentials->windows_sid); 45123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington credentials->windows_sid = NULL; 452ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters dbus_free (credentials->adt_audit_data); 453ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters credentials->adt_audit_data = NULL; 454ab1eb1fd5a26affa2383b0eb7e292efd83ec2546Colin Walters credentials->adt_audit_data_size = 0; 45523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington} 45623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 45723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** 45823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Copy a credentials object. 45923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 46023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param credentials the object 46123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @returns the copy or #NULL 46223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 46323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc PenningtonDBusCredentials* 46423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington_dbus_credentials_copy (DBusCredentials *credentials) 46523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington{ 46623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington DBusCredentials *copy; 46723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 46823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington copy = _dbus_credentials_new (); 46923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington if (copy == NULL) 47023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return NULL; 47123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 47223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington if (!_dbus_credentials_add_credentials (copy, credentials)) 47323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington { 47423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington _dbus_credentials_unref (copy); 47523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return NULL; 47623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington } 47723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 47823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return copy; 47923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington} 48023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 48123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** 48223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * Check whether the user-identifying credentials in two credentials 48323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * objects are identical. Credentials that are not related to the 48423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * user are ignored, but any kind of user ID credentials must be the 48523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * same (UNIX user ID, Windows user SID, etc.) and present in both 48623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * objects for the function to return #TRUE. 48723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * 48823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param credentials the object 48923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @param other_credentials credentials to compare 49023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * @returns #TRUE if the two credentials refer to the same user 49123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 49223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Penningtondbus_bool_t 49323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington_dbus_credentials_same_user (DBusCredentials *credentials, 49423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington DBusCredentials *other_credentials) 49523832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington{ 49623832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington /* both windows and unix user must be the same (though pretty much 49723832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington * in all conceivable cases, one will be unset) 49823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington */ 49923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington return credentials->unix_uid == other_credentials->unix_uid && 50023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington ((!(credentials->windows_sid || other_credentials->windows_sid)) || 50123832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington (credentials->windows_sid && other_credentials->windows_sid && 50223832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington strcmp (credentials->windows_sid, other_credentials->windows_sid) == 0)); 50323832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington} 50423832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 505e48b0928490e175d08a5a33b29b56314c806305cColin Walters/** 506e48b0928490e175d08a5a33b29b56314c806305cColin Walters * Convert the credentials in this object to a human-readable 507e48b0928490e175d08a5a33b29b56314c806305cColin Walters * string format, and append to the given string. 508e48b0928490e175d08a5a33b29b56314c806305cColin Walters * 509e48b0928490e175d08a5a33b29b56314c806305cColin Walters * @param credentials the object 510e48b0928490e175d08a5a33b29b56314c806305cColin Walters * @param string append to this string 511e48b0928490e175d08a5a33b29b56314c806305cColin Walters * @returns #FALSE if no memory 512e48b0928490e175d08a5a33b29b56314c806305cColin Walters */ 513e48b0928490e175d08a5a33b29b56314c806305cColin Waltersdbus_bool_t 514e48b0928490e175d08a5a33b29b56314c806305cColin Walters_dbus_credentials_to_string_append (DBusCredentials *credentials, 515e48b0928490e175d08a5a33b29b56314c806305cColin Walters DBusString *string) 516e48b0928490e175d08a5a33b29b56314c806305cColin Walters{ 517e48b0928490e175d08a5a33b29b56314c806305cColin Walters dbus_bool_t join; 518e48b0928490e175d08a5a33b29b56314c806305cColin Walters 519e48b0928490e175d08a5a33b29b56314c806305cColin Walters join = FALSE; 520e48b0928490e175d08a5a33b29b56314c806305cColin Walters if (credentials->unix_uid != DBUS_UID_UNSET) 521e48b0928490e175d08a5a33b29b56314c806305cColin Walters { 5223861cb42f437a9eb2b13c5c2aa4081268c45c32cColin Walters if (!_dbus_string_append_printf (string, "uid=" DBUS_UID_FORMAT, credentials->unix_uid)) 523e48b0928490e175d08a5a33b29b56314c806305cColin Walters goto oom; 524e48b0928490e175d08a5a33b29b56314c806305cColin Walters join = TRUE; 525e48b0928490e175d08a5a33b29b56314c806305cColin Walters } 526e48b0928490e175d08a5a33b29b56314c806305cColin Walters if (credentials->unix_pid != DBUS_PID_UNSET) 527e48b0928490e175d08a5a33b29b56314c806305cColin Walters { 5283861cb42f437a9eb2b13c5c2aa4081268c45c32cColin Walters if (!_dbus_string_append_printf (string, "%spid=" DBUS_PID_FORMAT, join ? " " : "", credentials->unix_pid)) 529e48b0928490e175d08a5a33b29b56314c806305cColin Walters goto oom; 530e48b0928490e175d08a5a33b29b56314c806305cColin Walters join = TRUE; 531e48b0928490e175d08a5a33b29b56314c806305cColin Walters } 532e48b0928490e175d08a5a33b29b56314c806305cColin Walters else 533e48b0928490e175d08a5a33b29b56314c806305cColin Walters join = FALSE; 534e48b0928490e175d08a5a33b29b56314c806305cColin Walters if (credentials->windows_sid != NULL) 535e48b0928490e175d08a5a33b29b56314c806305cColin Walters { 536e48b0928490e175d08a5a33b29b56314c806305cColin Walters if (!_dbus_string_append_printf (string, "%ssid=%s", join ? " " : "", credentials->windows_sid)) 537e48b0928490e175d08a5a33b29b56314c806305cColin Walters goto oom; 538e48b0928490e175d08a5a33b29b56314c806305cColin Walters join = TRUE; 539e48b0928490e175d08a5a33b29b56314c806305cColin Walters } 540e48b0928490e175d08a5a33b29b56314c806305cColin Walters else 541e48b0928490e175d08a5a33b29b56314c806305cColin Walters join = FALSE; 542e48b0928490e175d08a5a33b29b56314c806305cColin Walters 543e48b0928490e175d08a5a33b29b56314c806305cColin Walters return TRUE; 544e48b0928490e175d08a5a33b29b56314c806305cColin Waltersoom: 545e48b0928490e175d08a5a33b29b56314c806305cColin Walters return FALSE; 546e48b0928490e175d08a5a33b29b56314c806305cColin Walters} 547e48b0928490e175d08a5a33b29b56314c806305cColin Walters 54823832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/** @} */ 54923832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington 55023832672266bb4ff23b66247c0cfa1a2ed0cc97bHavoc Pennington/* tests in dbus-credentials-util.c */ 551