1#include <stdlib.h> 2#include <string.h> 3 4#include "port_internal.h" 5#include "context_internal.h" 6#include "debug.h" 7 8struct sepol_port { 9 /* Low - High range. Same for single ports. */ 10 int low, high; 11 12 /* Protocol */ 13 int proto; 14 15 /* Context */ 16 sepol_context_t *con; 17}; 18 19struct sepol_port_key { 20 /* Low - High range. Same for single ports. */ 21 int low, high; 22 23 /* Protocol */ 24 int proto; 25}; 26 27/* Key */ 28int sepol_port_key_create(sepol_handle_t * handle, 29 int low, int high, int proto, 30 sepol_port_key_t ** key_ptr) 31{ 32 33 sepol_port_key_t *tmp_key = 34 (sepol_port_key_t *) malloc(sizeof(sepol_port_key_t)); 35 36 if (!tmp_key) { 37 ERR(handle, "out of memory, could not create " "port key"); 38 return STATUS_ERR; 39 } 40 41 tmp_key->low = low; 42 tmp_key->high = high; 43 tmp_key->proto = proto; 44 45 *key_ptr = tmp_key; 46 return STATUS_SUCCESS; 47} 48 49hidden_def(sepol_port_key_create) 50 51void sepol_port_key_unpack(const sepol_port_key_t * key, 52 int *low, int *high, int *proto) 53{ 54 55 *low = key->low; 56 *high = key->high; 57 *proto = key->proto; 58} 59 60hidden_def(sepol_port_key_unpack) 61 62int sepol_port_key_extract(sepol_handle_t * handle, 63 const sepol_port_t * port, 64 sepol_port_key_t ** key_ptr) 65{ 66 67 if (sepol_port_key_create 68 (handle, port->low, port->high, port->proto, key_ptr) < 0) { 69 70 ERR(handle, "could not extract key from port %s %d:%d", 71 sepol_port_get_proto_str(port->proto), 72 port->low, port->high); 73 74 return STATUS_ERR; 75 } 76 77 return STATUS_SUCCESS; 78} 79 80void sepol_port_key_free(sepol_port_key_t * key) 81{ 82 free(key); 83} 84 85int sepol_port_compare(const sepol_port_t * port, const sepol_port_key_t * key) 86{ 87 88 if ((port->low == key->low) && 89 (port->high == key->high) && (port->proto == key->proto)) 90 return 0; 91 92 if (port->low < key->low) 93 return -1; 94 95 else if (key->low < port->low) 96 return 1; 97 98 else if (port->high < key->high) 99 return -1; 100 101 else if (key->high < port->high) 102 return 1; 103 104 else if (port->proto < key->proto) 105 return -1; 106 107 else 108 return 1; 109} 110 111int sepol_port_compare2(const sepol_port_t * port, const sepol_port_t * port2) 112{ 113 114 if ((port->low == port2->low) && 115 (port->high == port2->high) && (port->proto == port2->proto)) 116 return 0; 117 118 if (port->low < port2->low) 119 return -1; 120 121 else if (port2->low < port->low) 122 return 1; 123 124 else if (port->high < port2->high) 125 return -1; 126 127 else if (port2->high < port->high) 128 return 1; 129 130 else if (port->proto < port2->proto) 131 return -1; 132 133 else 134 return 1; 135} 136 137/* Port */ 138int sepol_port_get_low(const sepol_port_t * port) 139{ 140 141 return port->low; 142} 143 144hidden_def(sepol_port_get_low) 145 146int sepol_port_get_high(const sepol_port_t * port) 147{ 148 149 return port->high; 150} 151 152hidden_def(sepol_port_get_high) 153 154void sepol_port_set_port(sepol_port_t * port, int port_num) 155{ 156 157 port->low = port_num; 158 port->high = port_num; 159} 160 161void sepol_port_set_range(sepol_port_t * port, int low, int high) 162{ 163 164 port->low = low; 165 port->high = high; 166} 167 168hidden_def(sepol_port_set_range) 169 170/* Protocol */ 171int sepol_port_get_proto(const sepol_port_t * port) 172{ 173 174 return port->proto; 175} 176 177hidden_def(sepol_port_get_proto) 178 179const char *sepol_port_get_proto_str(int proto) 180{ 181 182 switch (proto) { 183 case SEPOL_PROTO_UDP: 184 return "udp"; 185 case SEPOL_PROTO_TCP: 186 return "tcp"; 187 default: 188 return "???"; 189 } 190} 191 192hidden_def(sepol_port_get_proto_str) 193 194void sepol_port_set_proto(sepol_port_t * port, int proto) 195{ 196 197 port->proto = proto; 198} 199 200hidden_def(sepol_port_set_proto) 201 202/* Create */ 203int sepol_port_create(sepol_handle_t * handle, sepol_port_t ** port) 204{ 205 206 sepol_port_t *tmp_port = (sepol_port_t *) malloc(sizeof(sepol_port_t)); 207 208 if (!tmp_port) { 209 ERR(handle, "out of memory, could not create " "port record"); 210 return STATUS_ERR; 211 } 212 213 tmp_port->low = 0; 214 tmp_port->high = 0; 215 tmp_port->proto = SEPOL_PROTO_UDP; 216 tmp_port->con = NULL; 217 *port = tmp_port; 218 219 return STATUS_SUCCESS; 220} 221 222hidden_def(sepol_port_create) 223 224/* Deep copy clone */ 225int sepol_port_clone(sepol_handle_t * handle, 226 const sepol_port_t * port, sepol_port_t ** port_ptr) 227{ 228 229 sepol_port_t *new_port = NULL; 230 if (sepol_port_create(handle, &new_port) < 0) 231 goto err; 232 233 new_port->low = port->low; 234 new_port->high = port->high; 235 new_port->proto = port->proto; 236 237 if (port->con && 238 (sepol_context_clone(handle, port->con, &new_port->con) < 0)) 239 goto err; 240 241 *port_ptr = new_port; 242 return STATUS_SUCCESS; 243 244 err: 245 ERR(handle, "could not clone port record"); 246 sepol_port_free(new_port); 247 return STATUS_ERR; 248} 249 250/* Destroy */ 251void sepol_port_free(sepol_port_t * port) 252{ 253 254 if (!port) 255 return; 256 257 sepol_context_free(port->con); 258 free(port); 259} 260 261hidden_def(sepol_port_free) 262 263/* Context */ 264sepol_context_t *sepol_port_get_con(const sepol_port_t * port) 265{ 266 267 return port->con; 268} 269 270hidden_def(sepol_port_get_con) 271 272int sepol_port_set_con(sepol_handle_t * handle, 273 sepol_port_t * port, sepol_context_t * con) 274{ 275 276 sepol_context_t *newcon; 277 278 if (sepol_context_clone(handle, con, &newcon) < 0) { 279 ERR(handle, "out of memory, could not set port context"); 280 return STATUS_ERR; 281 } 282 283 sepol_context_free(port->con); 284 port->con = newcon; 285 return STATUS_SUCCESS; 286} 287 288hidden_def(sepol_port_set_con) 289