1 /* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
2 /* dbus-credentials.c Credentials provable through authentication
3 *
4 * Copyright (C) 2007 Red Hat Inc.
5 *
6 * Licensed under the Academic Free License version 2.1
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
21 *
22 */
23 #include <config.h>
24 #include <string.h>
25 #include "dbus-credentials.h"
26 #include "dbus-internals.h"
27
28 /**
29 * @defgroup DBusCredentials Credentials provable through authentication
30 * @ingroup DBusInternals
31 * @brief DBusCredentials object
32 *
33 * Credentials are what you have to prove you have in order to
34 * authenticate. The main credentials right now are a unix user
35 * account, a Windows user account, or a UNIX process ID.
36 */
37
38 /**
39 * @defgroup DBusCredentialsInternals Credentials implementation details
40 * @ingroup DBusInternals
41 * @brief DBusCredentials implementation details
42 *
43 * Private details of credentials code.
44 *
45 * @{
46 */
47
48 struct DBusCredentials {
49 int refcount;
50 dbus_uid_t unix_uid;
51 dbus_pid_t pid;
52 char *windows_sid;
53 char *linux_security_label;
54 void *adt_audit_data;
55 dbus_int32_t adt_audit_data_size;
56 };
57
58 /** @} */
59
60 /**
61 * @addtogroup DBusCredentials
62 * @{
63 */
64
65 /**
66 * Creates a new credentials object.
67 *
68 * @returns the new object or #NULL if no memory
69 */
70 DBusCredentials*
_dbus_credentials_new(void)71 _dbus_credentials_new (void)
72 {
73 DBusCredentials *creds;
74
75 creds = dbus_new (DBusCredentials, 1);
76 if (creds == NULL)
77 return NULL;
78
79 creds->refcount = 1;
80 creds->unix_uid = DBUS_UID_UNSET;
81 creds->pid = DBUS_PID_UNSET;
82 creds->windows_sid = NULL;
83 creds->linux_security_label = NULL;
84 creds->adt_audit_data = NULL;
85 creds->adt_audit_data_size = 0;
86
87 return creds;
88 }
89
90 /**
91 * Creates a new object with credentials (user ID and process ID) from the current process.
92 * @returns the new object or #NULL if no memory
93 */
94 DBusCredentials*
_dbus_credentials_new_from_current_process(void)95 _dbus_credentials_new_from_current_process (void)
96 {
97 DBusCredentials *creds;
98
99 creds = _dbus_credentials_new ();
100 if (creds == NULL)
101 return NULL;
102
103 if (!_dbus_credentials_add_from_current_process (creds))
104 {
105 _dbus_credentials_unref (creds);
106 return NULL;
107 }
108
109 return creds;
110 }
111
112 /**
113 * Increment refcount on credentials.
114 *
115 * @param credentials the object
116 */
117 void
_dbus_credentials_ref(DBusCredentials * credentials)118 _dbus_credentials_ref (DBusCredentials *credentials)
119 {
120 _dbus_assert (credentials->refcount > 0);
121 credentials->refcount += 1;
122 }
123
124 /**
125 * Decrement refcount on credentials.
126 *
127 * @param credentials the object
128 */
129 void
_dbus_credentials_unref(DBusCredentials * credentials)130 _dbus_credentials_unref (DBusCredentials *credentials)
131 {
132 _dbus_assert (credentials->refcount > 0);
133
134 credentials->refcount -= 1;
135 if (credentials->refcount == 0)
136 {
137 dbus_free (credentials->windows_sid);
138 dbus_free (credentials->linux_security_label);
139 dbus_free (credentials->adt_audit_data);
140 dbus_free (credentials);
141 }
142 }
143
144 /**
145 * Add a UNIX process ID to the credentials.
146 *
147 * @param credentials the object
148 * @param pid the process ID
149 * @returns #FALSE if no memory
150 */
151 dbus_bool_t
_dbus_credentials_add_pid(DBusCredentials * credentials,dbus_pid_t pid)152 _dbus_credentials_add_pid (DBusCredentials *credentials,
153 dbus_pid_t pid)
154 {
155 credentials->pid = pid;
156 return TRUE;
157 }
158
159 /**
160 * Add a UNIX user ID to the credentials.
161 *
162 * @param credentials the object
163 * @param uid the user ID
164 * @returns #FALSE if no memory
165 */
166 dbus_bool_t
_dbus_credentials_add_unix_uid(DBusCredentials * credentials,dbus_uid_t uid)167 _dbus_credentials_add_unix_uid(DBusCredentials *credentials,
168 dbus_uid_t uid)
169 {
170 credentials->unix_uid = uid;
171 return TRUE;
172
173 }
174
175 /**
176 * Add a Windows user SID to the credentials.
177 *
178 * @param credentials the object
179 * @param windows_sid the user SID
180 * @returns #FALSE if no memory
181 */
182 dbus_bool_t
_dbus_credentials_add_windows_sid(DBusCredentials * credentials,const char * windows_sid)183 _dbus_credentials_add_windows_sid (DBusCredentials *credentials,
184 const char *windows_sid)
185 {
186 char *copy;
187
188 copy = _dbus_strdup (windows_sid);
189 if (copy == NULL)
190 return FALSE;
191
192 dbus_free (credentials->windows_sid);
193 credentials->windows_sid = copy;
194
195 return TRUE;
196 }
197
198 /**
199 * Add a Linux security label, as used by LSMs such as SELinux, Smack and
200 * AppArmor, to the credentials.
201 *
202 * @param credentials the object
203 * @param label the label
204 * @returns #FALSE if no memory
205 */
206 dbus_bool_t
_dbus_credentials_add_linux_security_label(DBusCredentials * credentials,const char * label)207 _dbus_credentials_add_linux_security_label (DBusCredentials *credentials,
208 const char *label)
209 {
210 char *copy;
211
212 copy = _dbus_strdup (label);
213 if (copy == NULL)
214 return FALSE;
215
216 dbus_free (credentials->linux_security_label);
217 credentials->linux_security_label = copy;
218
219 return TRUE;
220 }
221
222 /**
223 * Add ADT audit data to the credentials.
224 *
225 * @param credentials the object
226 * @param audit_data the audit data
227 * @param size the length of audit data
228 * @returns #FALSE if no memory
229 */
230 dbus_bool_t
_dbus_credentials_add_adt_audit_data(DBusCredentials * credentials,void * audit_data,dbus_int32_t size)231 _dbus_credentials_add_adt_audit_data (DBusCredentials *credentials,
232 void *audit_data,
233 dbus_int32_t size)
234 {
235 void *copy;
236 copy = _dbus_memdup (audit_data, size);
237 if (copy == NULL)
238 return FALSE;
239
240 dbus_free (credentials->adt_audit_data);
241 credentials->adt_audit_data = copy;
242 credentials->adt_audit_data_size = size;
243
244 return TRUE;
245 }
246
247 /**
248 * Checks whether the given credential is present.
249 *
250 * @param credentials the object
251 * @param type the credential to check for
252 * @returns #TRUE if the credential is present
253 */
254 dbus_bool_t
_dbus_credentials_include(DBusCredentials * credentials,DBusCredentialType type)255 _dbus_credentials_include (DBusCredentials *credentials,
256 DBusCredentialType type)
257 {
258 switch (type)
259 {
260 case DBUS_CREDENTIAL_UNIX_PROCESS_ID:
261 return credentials->pid != DBUS_PID_UNSET;
262 case DBUS_CREDENTIAL_UNIX_USER_ID:
263 return credentials->unix_uid != DBUS_UID_UNSET;
264 case DBUS_CREDENTIAL_WINDOWS_SID:
265 return credentials->windows_sid != NULL;
266 case DBUS_CREDENTIAL_LINUX_SECURITY_LABEL:
267 return credentials->linux_security_label != NULL;
268 case DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID:
269 return credentials->adt_audit_data != NULL;
270 default:
271 _dbus_assert_not_reached ("Unknown credential enum value");
272 return FALSE;
273 }
274 }
275
276 /**
277 * Gets the UNIX process ID in the credentials, or #DBUS_PID_UNSET if
278 * the credentials object doesn't contain a process ID.
279 *
280 * @param credentials the object
281 * @returns UNIX process ID
282 */
283 dbus_pid_t
_dbus_credentials_get_pid(DBusCredentials * credentials)284 _dbus_credentials_get_pid (DBusCredentials *credentials)
285 {
286 return credentials->pid;
287 }
288
289 /**
290 * Gets the UNIX user ID in the credentials, or #DBUS_UID_UNSET if
291 * the credentials object doesn't contain a user ID.
292 *
293 * @param credentials the object
294 * @returns UNIX user ID
295 */
296 dbus_uid_t
_dbus_credentials_get_unix_uid(DBusCredentials * credentials)297 _dbus_credentials_get_unix_uid (DBusCredentials *credentials)
298 {
299 return credentials->unix_uid;
300 }
301
302 /**
303 * Gets the Windows user SID in the credentials, or #NULL if
304 * the credentials object doesn't contain a Windows user SID.
305 *
306 * @param credentials the object
307 * @returns Windows user SID
308 */
309 const char*
_dbus_credentials_get_windows_sid(DBusCredentials * credentials)310 _dbus_credentials_get_windows_sid (DBusCredentials *credentials)
311 {
312 return credentials->windows_sid;
313 }
314
315 /**
316 * Gets the Linux security label (as used by LSMs) from the credentials,
317 * or #NULL if the credentials object doesn't contain a security label.
318 *
319 * @param credentials the object
320 * @returns the security label
321 */
322 const char *
_dbus_credentials_get_linux_security_label(DBusCredentials * credentials)323 _dbus_credentials_get_linux_security_label (DBusCredentials *credentials)
324 {
325 return credentials->linux_security_label;
326 }
327
328 /**
329 * Gets the ADT audit data in the credentials, or #NULL if
330 * the credentials object doesn't contain ADT audit data.
331 *
332 * @param credentials the object
333 * @returns Solaris ADT audit data
334 */
335 void *
_dbus_credentials_get_adt_audit_data(DBusCredentials * credentials)336 _dbus_credentials_get_adt_audit_data (DBusCredentials *credentials)
337 {
338 return credentials->adt_audit_data;
339 }
340
341 /**
342 * Gets the ADT audit data size in the credentials, or 0 if
343 * the credentials object doesn't contain ADT audit data.
344 *
345 * @param credentials the object
346 * @returns Solaris ADT audit data size
347 */
348 dbus_int32_t
_dbus_credentials_get_adt_audit_data_size(DBusCredentials * credentials)349 _dbus_credentials_get_adt_audit_data_size (DBusCredentials *credentials)
350 {
351 return credentials->adt_audit_data_size;
352 }
353
354 /**
355 * Checks whether the first credentials object contains
356 * all the credentials found in the second credentials object.
357 *
358 * @param credentials the object
359 * @param possible_subset see if credentials in here are also in the first arg
360 * @returns #TRUE if second arg is contained in first
361 */
362 dbus_bool_t
_dbus_credentials_are_superset(DBusCredentials * credentials,DBusCredentials * possible_subset)363 _dbus_credentials_are_superset (DBusCredentials *credentials,
364 DBusCredentials *possible_subset)
365 {
366 return
367 (possible_subset->pid == DBUS_PID_UNSET ||
368 possible_subset->pid == credentials->pid) &&
369 (possible_subset->unix_uid == DBUS_UID_UNSET ||
370 possible_subset->unix_uid == credentials->unix_uid) &&
371 (possible_subset->windows_sid == NULL ||
372 (credentials->windows_sid && strcmp (possible_subset->windows_sid,
373 credentials->windows_sid) == 0)) &&
374 (possible_subset->linux_security_label == NULL ||
375 (credentials->linux_security_label != NULL &&
376 strcmp (possible_subset->linux_security_label,
377 credentials->linux_security_label) == 0)) &&
378 (possible_subset->adt_audit_data == NULL ||
379 (credentials->adt_audit_data && memcmp (possible_subset->adt_audit_data,
380 credentials->adt_audit_data,
381 credentials->adt_audit_data_size) == 0));
382 }
383
384 /**
385 * Checks whether a credentials object contains anything.
386 *
387 * @param credentials the object
388 * @returns #TRUE if there are no credentials in the object
389 */
390 dbus_bool_t
_dbus_credentials_are_empty(DBusCredentials * credentials)391 _dbus_credentials_are_empty (DBusCredentials *credentials)
392 {
393 return
394 credentials->pid == DBUS_PID_UNSET &&
395 credentials->unix_uid == DBUS_UID_UNSET &&
396 credentials->windows_sid == NULL &&
397 credentials->linux_security_label == NULL &&
398 credentials->adt_audit_data == NULL;
399 }
400
401 /**
402 * Checks whether a credentials object contains a user identity.
403 *
404 * @param credentials the object
405 * @returns #TRUE if there are no user identities in the object
406 */
407 dbus_bool_t
_dbus_credentials_are_anonymous(DBusCredentials * credentials)408 _dbus_credentials_are_anonymous (DBusCredentials *credentials)
409 {
410 return
411 credentials->unix_uid == DBUS_UID_UNSET &&
412 credentials->windows_sid == NULL;
413 }
414
415 /**
416 * Merge all credentials found in the second object into the first object,
417 * overwriting the first object if there are any overlaps.
418 *
419 * @param credentials the object
420 * @param other_credentials credentials to merge
421 * @returns #FALSE if no memory
422 */
423 dbus_bool_t
_dbus_credentials_add_credentials(DBusCredentials * credentials,DBusCredentials * other_credentials)424 _dbus_credentials_add_credentials (DBusCredentials *credentials,
425 DBusCredentials *other_credentials)
426 {
427 return
428 _dbus_credentials_add_credential (credentials,
429 DBUS_CREDENTIAL_UNIX_PROCESS_ID,
430 other_credentials) &&
431 _dbus_credentials_add_credential (credentials,
432 DBUS_CREDENTIAL_UNIX_USER_ID,
433 other_credentials) &&
434 _dbus_credentials_add_credential (credentials,
435 DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID,
436 other_credentials) &&
437 _dbus_credentials_add_credential (credentials,
438 DBUS_CREDENTIAL_LINUX_SECURITY_LABEL,
439 other_credentials) &&
440 _dbus_credentials_add_credential (credentials,
441 DBUS_CREDENTIAL_WINDOWS_SID,
442 other_credentials);
443 }
444
445 /**
446 * Merge the given credential found in the second object into the first object,
447 * overwriting the first object's value for that credential.
448 *
449 * Does nothing if the second object does not contain the specified credential.
450 * i.e., will never delete a credential from the first object.
451 *
452 * @param credentials the object
453 * @param which the credential to overwrite
454 * @param other_credentials credentials to merge
455 * @returns #FALSE if no memory
456 */
457 dbus_bool_t
_dbus_credentials_add_credential(DBusCredentials * credentials,DBusCredentialType which,DBusCredentials * other_credentials)458 _dbus_credentials_add_credential (DBusCredentials *credentials,
459 DBusCredentialType which,
460 DBusCredentials *other_credentials)
461 {
462 if (which == DBUS_CREDENTIAL_UNIX_PROCESS_ID &&
463 other_credentials->pid != DBUS_PID_UNSET)
464 {
465 if (!_dbus_credentials_add_pid (credentials, other_credentials->pid))
466 return FALSE;
467 }
468 else if (which == DBUS_CREDENTIAL_UNIX_USER_ID &&
469 other_credentials->unix_uid != DBUS_UID_UNSET)
470 {
471 if (!_dbus_credentials_add_unix_uid (credentials, other_credentials->unix_uid))
472 return FALSE;
473 }
474 else if (which == DBUS_CREDENTIAL_WINDOWS_SID &&
475 other_credentials->windows_sid != NULL)
476 {
477 if (!_dbus_credentials_add_windows_sid (credentials, other_credentials->windows_sid))
478 return FALSE;
479 }
480 else if (which == DBUS_CREDENTIAL_LINUX_SECURITY_LABEL &&
481 other_credentials->linux_security_label != NULL)
482 {
483 if (!_dbus_credentials_add_linux_security_label (credentials,
484 other_credentials->linux_security_label))
485 return FALSE;
486 }
487 else if (which == DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID &&
488 other_credentials->adt_audit_data != NULL)
489 {
490 if (!_dbus_credentials_add_adt_audit_data (credentials, other_credentials->adt_audit_data, other_credentials->adt_audit_data_size))
491 return FALSE;
492 }
493
494 return TRUE;
495 }
496
497 /**
498 * Clear all credentials in the object.
499 *
500 * @param credentials the object
501 */
502 void
_dbus_credentials_clear(DBusCredentials * credentials)503 _dbus_credentials_clear (DBusCredentials *credentials)
504 {
505 credentials->pid = DBUS_PID_UNSET;
506 credentials->unix_uid = DBUS_UID_UNSET;
507 dbus_free (credentials->windows_sid);
508 credentials->windows_sid = NULL;
509 dbus_free (credentials->linux_security_label);
510 credentials->linux_security_label = NULL;
511 dbus_free (credentials->adt_audit_data);
512 credentials->adt_audit_data = NULL;
513 credentials->adt_audit_data_size = 0;
514 }
515
516 /**
517 * Copy a credentials object.
518 *
519 * @param credentials the object
520 * @returns the copy or #NULL
521 */
522 DBusCredentials*
_dbus_credentials_copy(DBusCredentials * credentials)523 _dbus_credentials_copy (DBusCredentials *credentials)
524 {
525 DBusCredentials *copy;
526
527 copy = _dbus_credentials_new ();
528 if (copy == NULL)
529 return NULL;
530
531 if (!_dbus_credentials_add_credentials (copy, credentials))
532 {
533 _dbus_credentials_unref (copy);
534 return NULL;
535 }
536
537 return copy;
538 }
539
540 /**
541 * Check whether the user-identifying credentials in two credentials
542 * objects are identical. Credentials that are not related to the
543 * user are ignored, but any kind of user ID credentials must be the
544 * same (UNIX user ID, Windows user SID, etc.) and present in both
545 * objects for the function to return #TRUE.
546 *
547 * @param credentials the object
548 * @param other_credentials credentials to compare
549 * @returns #TRUE if the two credentials refer to the same user
550 */
551 dbus_bool_t
_dbus_credentials_same_user(DBusCredentials * credentials,DBusCredentials * other_credentials)552 _dbus_credentials_same_user (DBusCredentials *credentials,
553 DBusCredentials *other_credentials)
554 {
555 /* both windows and unix user must be the same (though pretty much
556 * in all conceivable cases, one will be unset)
557 */
558 return credentials->unix_uid == other_credentials->unix_uid &&
559 ((!(credentials->windows_sid || other_credentials->windows_sid)) ||
560 (credentials->windows_sid && other_credentials->windows_sid &&
561 strcmp (credentials->windows_sid, other_credentials->windows_sid) == 0));
562 }
563
564 /**
565 * Convert the credentials in this object to a human-readable
566 * string format, and append to the given string.
567 *
568 * @param credentials the object
569 * @param string append to this string
570 * @returns #FALSE if no memory
571 */
572 dbus_bool_t
_dbus_credentials_to_string_append(DBusCredentials * credentials,DBusString * string)573 _dbus_credentials_to_string_append (DBusCredentials *credentials,
574 DBusString *string)
575 {
576 dbus_bool_t join;
577
578 join = FALSE;
579 if (credentials->unix_uid != DBUS_UID_UNSET)
580 {
581 if (!_dbus_string_append_printf (string, "uid=" DBUS_UID_FORMAT, credentials->unix_uid))
582 goto oom;
583 join = TRUE;
584 }
585 if (credentials->pid != DBUS_PID_UNSET)
586 {
587 if (!_dbus_string_append_printf (string, "%spid=" DBUS_PID_FORMAT, join ? " " : "", credentials->pid))
588 goto oom;
589 join = TRUE;
590 }
591 else
592 join = FALSE;
593 if (credentials->windows_sid != NULL)
594 {
595 if (!_dbus_string_append_printf (string, "%ssid=%s", join ? " " : "", credentials->windows_sid))
596 goto oom;
597 join = TRUE;
598 }
599 else
600 join = FALSE;
601
602 if (credentials->linux_security_label != NULL)
603 {
604 if (!_dbus_string_append_printf (string, "%slsm='%s'",
605 join ? " " : "",
606 credentials->linux_security_label))
607 goto oom;
608 join = TRUE;
609 }
610
611 return TRUE;
612 oom:
613 return FALSE;
614 }
615
616 /** @} */
617
618 /* tests in dbus-credentials-util.c */
619