|
Packit |
366192 |
/* Copyright (C) 2005 Red Hat, Inc. */
|
|
Packit |
366192 |
|
|
Packit |
366192 |
struct semanage_node;
|
|
Packit |
366192 |
struct semanage_node_key;
|
|
Packit |
366192 |
typedef struct semanage_node record_t;
|
|
Packit |
366192 |
typedef struct semanage_node_key record_key_t;
|
|
Packit |
366192 |
#define DBASE_RECORD_DEFINED
|
|
Packit |
366192 |
|
|
Packit |
366192 |
struct dbase_file;
|
|
Packit |
366192 |
typedef struct dbase_file dbase_t;
|
|
Packit |
366192 |
#define DBASE_DEFINED
|
|
Packit |
366192 |
|
|
Packit |
366192 |
#include <stdlib.h>
|
|
Packit |
366192 |
#include <stdio.h>
|
|
Packit |
366192 |
#include <strings.h>
|
|
Packit |
366192 |
#include <semanage/handle.h>
|
|
Packit |
366192 |
#include "node_internal.h"
|
|
Packit |
366192 |
#include "context_internal.h"
|
|
Packit |
366192 |
#include "database_file.h"
|
|
Packit |
366192 |
#include "parse_utils.h"
|
|
Packit |
366192 |
#include "debug.h"
|
|
Packit |
366192 |
|
|
Packit |
366192 |
static int node_print(semanage_handle_t * handle,
|
|
Packit |
366192 |
semanage_node_t * node, FILE * str)
|
|
Packit |
366192 |
{
|
|
Packit |
366192 |
|
|
Packit |
366192 |
char *con_str = NULL;
|
|
Packit |
366192 |
char *addr = NULL;
|
|
Packit |
366192 |
char *mask = NULL;
|
|
Packit |
366192 |
|
|
Packit |
366192 |
int proto = semanage_node_get_proto(node);
|
|
Packit |
366192 |
const char *proto_str = semanage_node_get_proto_str(proto);
|
|
Packit |
366192 |
semanage_context_t *con = semanage_node_get_con(node);
|
|
Packit |
366192 |
|
|
Packit |
366192 |
if (semanage_node_get_addr(handle, node, &addr) < 0)
|
|
Packit |
366192 |
goto err;
|
|
Packit |
366192 |
|
|
Packit |
366192 |
if (semanage_node_get_mask(handle, node, &mask) < 0)
|
|
Packit |
366192 |
goto err;
|
|
Packit |
366192 |
|
|
Packit |
366192 |
if (semanage_context_to_string(handle, con, &con_str) < 0)
|
|
Packit |
366192 |
goto err;
|
|
Packit |
366192 |
|
|
Packit |
366192 |
if (fprintf
|
|
Packit |
366192 |
(str, "nodecon %s %s %s %s\n", proto_str, addr, mask, con_str) < 0)
|
|
Packit |
366192 |
goto err;
|
|
Packit |
366192 |
|
|
Packit |
366192 |
free(addr);
|
|
Packit |
366192 |
free(mask);
|
|
Packit |
366192 |
free(con_str);
|
|
Packit |
366192 |
return STATUS_SUCCESS;
|
|
Packit |
366192 |
|
|
Packit |
366192 |
err:
|
|
Packit |
366192 |
free(addr);
|
|
Packit |
366192 |
free(mask);
|
|
Packit |
366192 |
free(con_str);
|
|
Packit |
366192 |
ERR(handle, "could not print node to stream");
|
|
Packit |
366192 |
return STATUS_ERR;
|
|
Packit |
366192 |
}
|
|
Packit |
366192 |
|
|
Packit |
366192 |
static int node_parse(semanage_handle_t * handle,
|
|
Packit |
366192 |
parse_info_t * info, semanage_node_t * node)
|
|
Packit |
366192 |
{
|
|
Packit |
366192 |
|
|
Packit |
366192 |
int proto;
|
|
Packit |
366192 |
char *str = NULL;
|
|
Packit |
366192 |
semanage_context_t *con = NULL;
|
|
Packit |
366192 |
|
|
Packit |
366192 |
if (parse_skip_space(handle, info) < 0)
|
|
Packit |
366192 |
goto err;
|
|
Packit |
366192 |
if (!info->ptr)
|
|
Packit |
366192 |
goto last;
|
|
Packit |
366192 |
|
|
Packit |
366192 |
/* Header */
|
|
Packit |
366192 |
if (parse_assert_str(handle, info, "nodecon") < 0)
|
|
Packit |
366192 |
goto err;
|
|
Packit |
366192 |
if (parse_assert_space(handle, info) < 0)
|
|
Packit |
366192 |
goto err;
|
|
Packit |
366192 |
|
|
Packit |
366192 |
/* Protocol */
|
|
Packit |
366192 |
if (parse_fetch_string(handle, info, &str, ' ') < 0)
|
|
Packit |
366192 |
goto err;
|
|
Packit |
366192 |
if (!strcasecmp(str, "ipv4"))
|
|
Packit |
366192 |
proto = SEMANAGE_PROTO_IP4;
|
|
Packit |
366192 |
else if (!strcasecmp(str, "ipv6"))
|
|
Packit |
366192 |
proto = SEMANAGE_PROTO_IP6;
|
|
Packit |
366192 |
else {
|
|
Packit |
366192 |
ERR(handle, "invalid protocol \"%s\" (%s: %u):\n%s", str,
|
|
Packit |
366192 |
info->filename, info->lineno, info->orig_line);
|
|
Packit |
366192 |
goto err;
|
|
Packit |
366192 |
}
|
|
Packit |
366192 |
free(str);
|
|
Packit |
366192 |
str = NULL;
|
|
Packit |
366192 |
|
|
Packit |
366192 |
semanage_node_set_proto(node, proto);
|
|
Packit |
366192 |
|
|
Packit |
366192 |
/* Address */
|
|
Packit |
366192 |
if (parse_assert_space(handle, info) < 0)
|
|
Packit |
366192 |
goto err;
|
|
Packit |
366192 |
if (parse_fetch_string(handle, info, &str, ' ') < 0)
|
|
Packit |
366192 |
goto err;
|
|
Packit |
366192 |
if (semanage_node_set_addr(handle, node, proto, str) < 0)
|
|
Packit |
366192 |
goto err;
|
|
Packit |
366192 |
if (parse_assert_space(handle, info) < 0)
|
|
Packit |
366192 |
goto err;
|
|
Packit |
366192 |
free(str);
|
|
Packit |
366192 |
str = NULL;
|
|
Packit |
366192 |
|
|
Packit |
366192 |
/* Netmask */
|
|
Packit |
366192 |
if (parse_fetch_string(handle, info, &str, ' ') < 0)
|
|
Packit |
366192 |
goto err;
|
|
Packit |
366192 |
if (semanage_node_set_mask(handle, node, proto, str) < 0)
|
|
Packit |
366192 |
goto err;
|
|
Packit |
366192 |
if (parse_assert_space(handle, info) < 0)
|
|
Packit |
366192 |
goto err;
|
|
Packit |
366192 |
free(str);
|
|
Packit |
366192 |
str = NULL;
|
|
Packit |
366192 |
|
|
Packit |
366192 |
/* Port context */
|
|
Packit |
366192 |
if (parse_fetch_string(handle, info, &str, ' ') < 0)
|
|
Packit |
366192 |
goto err;
|
|
Packit |
366192 |
if (semanage_context_from_string(handle, str, &con) < 0) {
|
|
Packit |
366192 |
ERR(handle, "invalid security context \"%s\" (%s: %u)\n%s",
|
|
Packit |
366192 |
str, info->filename, info->lineno, info->orig_line);
|
|
Packit |
366192 |
goto err;
|
|
Packit |
366192 |
}
|
|
Packit |
366192 |
if (con == NULL) {
|
|
Packit |
366192 |
ERR(handle, "<<none>> context is not valid "
|
|
Packit |
366192 |
"for nodes (%s: %u):\n%s", info->filename,
|
|
Packit |
366192 |
info->lineno, info->orig_line);
|
|
Packit |
366192 |
goto err;
|
|
Packit |
366192 |
}
|
|
Packit |
366192 |
free(str);
|
|
Packit |
366192 |
str = NULL;
|
|
Packit |
366192 |
|
|
Packit |
366192 |
if (semanage_node_set_con(handle, node, con) < 0)
|
|
Packit |
366192 |
goto err;
|
|
Packit |
366192 |
|
|
Packit |
366192 |
if (parse_assert_space(handle, info) < 0)
|
|
Packit |
366192 |
goto err;
|
|
Packit |
366192 |
|
|
Packit |
366192 |
semanage_context_free(con);
|
|
Packit |
366192 |
return STATUS_SUCCESS;
|
|
Packit |
366192 |
|
|
Packit |
366192 |
last:
|
|
Packit |
366192 |
parse_dispose_line(info);
|
|
Packit |
366192 |
return STATUS_NODATA;
|
|
Packit |
366192 |
|
|
Packit |
366192 |
err:
|
|
Packit |
366192 |
ERR(handle, "could not parse node record");
|
|
Packit |
366192 |
free(str);
|
|
Packit |
366192 |
semanage_context_free(con);
|
|
Packit |
366192 |
parse_dispose_line(info);
|
|
Packit |
366192 |
return STATUS_ERR;
|
|
Packit |
366192 |
}
|
|
Packit |
366192 |
|
|
Packit |
366192 |
/* NODE RECORD: FILE extension: method table */
|
|
Packit |
366192 |
record_file_table_t SEMANAGE_NODE_FILE_RTABLE = {
|
|
Packit |
366192 |
.parse = node_parse,
|
|
Packit |
366192 |
.print = node_print,
|
|
Packit |
366192 |
};
|
|
Packit |
366192 |
|
|
Packit |
366192 |
int node_file_dbase_init(semanage_handle_t * handle,
|
|
Packit |
366192 |
const char *path_ro,
|
|
Packit |
366192 |
const char *path_rw,
|
|
Packit |
366192 |
dbase_config_t * dconfig)
|
|
Packit |
366192 |
{
|
|
Packit |
366192 |
|
|
Packit |
366192 |
if (dbase_file_init(handle,
|
|
Packit |
366192 |
path_ro,
|
|
Packit |
366192 |
path_rw,
|
|
Packit |
366192 |
&SEMANAGE_NODE_RTABLE,
|
|
Packit |
366192 |
&SEMANAGE_NODE_FILE_RTABLE, &dconfig->dbase) < 0)
|
|
Packit |
366192 |
return STATUS_ERR;
|
|
Packit |
366192 |
|
|
Packit |
366192 |
dconfig->dtable = &SEMANAGE_FILE_DTABLE;
|
|
Packit |
366192 |
return STATUS_SUCCESS;
|
|
Packit |
366192 |
}
|
|
Packit |
366192 |
|
|
Packit |
366192 |
void node_file_dbase_release(dbase_config_t * dconfig)
|
|
Packit |
366192 |
{
|
|
Packit |
366192 |
|
|
Packit |
366192 |
dbase_file_release(dconfig->dbase);
|
|
Packit |
366192 |
}
|