From cf5e764c7f69bdce8dd76cb0d6c464b7f245ef94 Mon Sep 17 00:00:00 2001 From: Jerzi Kaminsky Date: Sat, 15 Apr 2017 17:13:28 +0300 Subject: Disambiguate get_*_policy() and get_*_policy_mask() --- include/sway/security.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/sway/security.h b/include/sway/security.h index c3a5cfd4..d60f264a 100644 --- a/include/sway/security.h +++ b/include/sway/security.h @@ -3,9 +3,9 @@ #include #include "sway/config.h" -uint32_t get_feature_policy(pid_t pid); -uint32_t get_ipc_policy(pid_t pid); -uint32_t get_command_policy(const char *cmd); +uint32_t get_feature_policy_mask(pid_t pid); +uint32_t get_ipc_policy_mask(pid_t pid); +uint32_t get_command_policy_mask(const char *cmd); const char *command_policy_str(enum command_context context); -- cgit v1.2.3 From bfb99235e323e31689e280867103d3bc2e39ac22 Mon Sep 17 00:00:00 2001 From: Jerzi Kaminsky Date: Sat, 15 Apr 2017 17:16:32 +0300 Subject: Move get_feature_policy to sway/security.c --- include/sway/security.h | 2 ++ sway/commands/permit.c | 19 ------------------- sway/security.c | 20 ++++++++++++++++++++ 3 files changed, 22 insertions(+), 19 deletions(-) (limited to 'include') diff --git a/include/sway/security.h b/include/sway/security.h index d60f264a..0edffdfa 100644 --- a/include/sway/security.h +++ b/include/sway/security.h @@ -7,6 +7,8 @@ uint32_t get_feature_policy_mask(pid_t pid); uint32_t get_ipc_policy_mask(pid_t pid); uint32_t get_command_policy_mask(const char *cmd); +struct feature_policy *get_feature_policy(const char *name); + const char *command_policy_str(enum command_context context); struct feature_policy *alloc_feature_policy(const char *program); diff --git a/sway/commands/permit.c b/sway/commands/permit.c index 4a78ef0d..c55f46d8 100644 --- a/sway/commands/permit.c +++ b/sway/commands/permit.c @@ -38,25 +38,6 @@ static enum secure_feature get_features(int argc, char **argv, return features; } -static struct feature_policy *get_feature_policy(const char *name) { - struct feature_policy *policy = NULL; - for (int i = 0; i < config->feature_policies->length; ++i) { - struct feature_policy *p = config->feature_policies->items[i]; - if (strcmp(p->program, name) == 0) { - policy = p; - break; - } - } - if (!policy) { - policy = alloc_feature_policy(name); - if (!policy) { - sway_abort("Unable to allocate security policy"); - } - list_add(config->feature_policies, policy); - } - return policy; -} - struct cmd_results *cmd_permit(int argc, char **argv) { struct cmd_results *error = NULL; if ((error = checkarg(argc, "permit", EXPECTED_MORE_THAN, 1))) { diff --git a/sway/security.c b/sway/security.c index 5b762b07..96af2b88 100644 --- a/sway/security.c +++ b/sway/security.c @@ -94,6 +94,26 @@ static const char *get_pid_exe(pid_t pid) { return link; } +struct feature_policy *get_feature_policy(const char *name) { + struct feature_policy *policy = NULL; + + for (int i = 0; i < config->feature_policies->length; ++i) { + struct feature_policy *p = config->feature_policies->items[i]; + if (strcmp(p->program, name) == 0) { + policy = p; + break; + } + } + if (!policy) { + policy = alloc_feature_policy(name); + if (!policy) { + sway_abort("Unable to allocate security policy"); + } + list_add(config->feature_policies, policy); + } + return policy; +} + uint32_t get_feature_policy_mask(pid_t pid) { uint32_t default_policy = 0; const char *link = get_pid_exe(pid); -- cgit v1.2.3 From c9694ee63d451da62dc50b234b3080a35a40e844 Mon Sep 17 00:00:00 2001 From: Jerzi Kaminsky Date: Fri, 14 Apr 2017 23:37:43 +0300 Subject: Add resolve_path() to utils --- common/util.c | 41 +++++++++++++++++++++++++++++++++++++++++ include/util.h | 8 ++++++++ 2 files changed, 49 insertions(+) (limited to 'include') diff --git a/common/util.c b/common/util.c index 12ed0cdc..a9e6a9c2 100644 --- a/common/util.c +++ b/common/util.c @@ -1,3 +1,7 @@ +#define _XOPEN_SOURCE 500 +#include +#include +#include #include #include #include @@ -118,3 +122,40 @@ uint32_t parse_color(const char *color) { } return res; } + +char* resolve_path(const char* path) { + struct stat sb; + ssize_t r; + int i; + char *current = NULL; + char *resolved = NULL; + + if(!(current = strdup(path))) { + return NULL; + } + for (i = 0; i < 16; ++i) { + if (lstat(current, &sb) == -1) { + goto failed; + } + if((sb.st_mode & S_IFMT) != S_IFLNK) { + return current; + } + if (!(resolved = malloc(sb.st_size + 1))) { + goto failed; + } + r = readlink(current, resolved, sb.st_size); + if (r == -1 || r > sb.st_size) { + goto failed; + } + resolved[r] = '\0'; + free(current); + current = strdup(resolved); + free(resolved); + resolved = NULL; + } + +failed: + free(resolved); + free(current); + return NULL; +} \ No newline at end of file diff --git a/include/util.h b/include/util.h index 839af265..e5365458 100644 --- a/include/util.h +++ b/include/util.h @@ -49,4 +49,12 @@ pid_t get_parent_pid(pid_t pid); */ uint32_t parse_color(const char *color); +/** + * Given a path string, recurseively resolves any symlinks to their targets + * (which may be a file, directory) and returns the result. + * argument is returned. Caller must free the returned buffer. + * If an error occures, if the path does not exist or if the path corresponds + * to a dangling symlink, NULL is returned. + */ +char* resolve_path(const char* path); #endif -- cgit v1.2.3