1 #include <stdlib.h> 2 #include <string.h> 3 4 #include "port_internal.h" 5 #include "context_internal.h" 6 #include "debug.h" 7 8 struct sepol_port { 9 /* Low - High range. Same for single ports. */ 10 int low, high; 11 12 /* Protocol */ 13 int proto; 14 15 /* Context */ 16 sepol_context_t *con; 17 }; 18 19 struct sepol_port_key { 20 /* Low - High range. Same for single ports. */ 21 int low, high; 22 23 /* Protocol */ 24 int proto; 25 }; 26 27 /* Key */ 28 int sepol_port_key_create(sepol_handle_t * handle, 29 int low, int high, int proto, 30 sepol_port_key_t ** key_ptr) 31 { 32 33 sepol_port_key_t *tmp_key = 34 (sepol_port_key_t *) malloc(sizeof(sepol_port_key_t)); 35 36 if (!tmp_key) { 37 ERR(handle, "out of memory, could not create " "port key"); 38 return STATUS_ERR; 39 } 40 41 tmp_key->low = low; 42 tmp_key->high = high; 43 tmp_key->proto = proto; 44 45 *key_ptr = tmp_key; 46 return STATUS_SUCCESS; 47 } 48 49 hidden_def(sepol_port_key_create) 50 51 void sepol_port_key_unpack(const sepol_port_key_t * key, 52 int *low, int *high, int *proto) 53 { 54 55 *low = key->low; 56 *high = key->high; 57 *proto = key->proto; 58 } 59 60 hidden_def(sepol_port_key_unpack) 61 62 int sepol_port_key_extract(sepol_handle_t * handle, 63 const sepol_port_t * port, 64 sepol_port_key_t ** key_ptr) 65 { 66 67 if (sepol_port_key_create 68 (handle, port->low, port->high, port->proto, key_ptr) < 0) { 69 70 ERR(handle, "could not extract key from port %s %d:%d", 71 sepol_port_get_proto_str(port->proto), 72 port->low, port->high); 73 74 return STATUS_ERR; 75 } 76 77 return STATUS_SUCCESS; 78 } 79 80 void sepol_port_key_free(sepol_port_key_t * key) 81 { 82 free(key); 83 } 84 85 int sepol_port_compare(const sepol_port_t * port, const sepol_port_key_t * key) 86 { 87 88 if ((port->low == key->low) && 89 (port->high == key->high) && (port->proto == key->proto)) 90 return 0; 91 92 if (port->low < key->low) 93 return -1; 94 95 else if (key->low < port->low) 96 return 1; 97 98 else if (port->high < key->high) 99 return -1; 100 101 else if (key->high < port->high) 102 return 1; 103 104 else if (port->proto < key->proto) 105 return -1; 106 107 else 108 return 1; 109 } 110 111 int sepol_port_compare2(const sepol_port_t * port, const sepol_port_t * port2) 112 { 113 114 if ((port->low == port2->low) && 115 (port->high == port2->high) && (port->proto == port2->proto)) 116 return 0; 117 118 if (port->low < port2->low) 119 return -1; 120 121 else if (port2->low < port->low) 122 return 1; 123 124 else if (port->high < port2->high) 125 return -1; 126 127 else if (port2->high < port->high) 128 return 1; 129 130 else if (port->proto < port2->proto) 131 return -1; 132 133 else 134 return 1; 135 } 136 137 /* Port */ 138 int sepol_port_get_low(const sepol_port_t * port) 139 { 140 141 return port->low; 142 } 143 144 hidden_def(sepol_port_get_low) 145 146 int sepol_port_get_high(const sepol_port_t * port) 147 { 148 149 return port->high; 150 } 151 152 hidden_def(sepol_port_get_high) 153 154 void sepol_port_set_port(sepol_port_t * port, int port_num) 155 { 156 157 port->low = port_num; 158 port->high = port_num; 159 } 160 161 void sepol_port_set_range(sepol_port_t * port, int low, int high) 162 { 163 164 port->low = low; 165 port->high = high; 166 } 167 168 hidden_def(sepol_port_set_range) 169 170 /* Protocol */ 171 int sepol_port_get_proto(const sepol_port_t * port) 172 { 173 174 return port->proto; 175 } 176 177 hidden_def(sepol_port_get_proto) 178 179 const char *sepol_port_get_proto_str(int proto) 180 { 181 182 switch (proto) { 183 case SEPOL_PROTO_UDP: 184 return "udp"; 185 case SEPOL_PROTO_TCP: 186 return "tcp"; 187 case SEPOL_PROTO_DCCP: 188 return "dccp"; 189 case SEPOL_PROTO_SCTP: 190 return "sctp"; 191 default: 192 return "???"; 193 } 194 } 195 196 hidden_def(sepol_port_get_proto_str) 197 198 void sepol_port_set_proto(sepol_port_t * port, int proto) 199 { 200 201 port->proto = proto; 202 } 203 204 hidden_def(sepol_port_set_proto) 205 206 /* Create */ 207 int sepol_port_create(sepol_handle_t * handle, sepol_port_t ** port) 208 { 209 210 sepol_port_t *tmp_port = (sepol_port_t *) malloc(sizeof(sepol_port_t)); 211 212 if (!tmp_port) { 213 ERR(handle, "out of memory, could not create " "port record"); 214 return STATUS_ERR; 215 } 216 217 tmp_port->low = 0; 218 tmp_port->high = 0; 219 tmp_port->proto = SEPOL_PROTO_UDP; 220 tmp_port->con = NULL; 221 *port = tmp_port; 222 223 return STATUS_SUCCESS; 224 } 225 226 hidden_def(sepol_port_create) 227 228 /* Deep copy clone */ 229 int sepol_port_clone(sepol_handle_t * handle, 230 const sepol_port_t * port, sepol_port_t ** port_ptr) 231 { 232 233 sepol_port_t *new_port = NULL; 234 if (sepol_port_create(handle, &new_port) < 0) 235 goto err; 236 237 new_port->low = port->low; 238 new_port->high = port->high; 239 new_port->proto = port->proto; 240 241 if (port->con && 242 (sepol_context_clone(handle, port->con, &new_port->con) < 0)) 243 goto err; 244 245 *port_ptr = new_port; 246 return STATUS_SUCCESS; 247 248 err: 249 ERR(handle, "could not clone port record"); 250 sepol_port_free(new_port); 251 return STATUS_ERR; 252 } 253 254 /* Destroy */ 255 void sepol_port_free(sepol_port_t * port) 256 { 257 258 if (!port) 259 return; 260 261 sepol_context_free(port->con); 262 free(port); 263 } 264 265 hidden_def(sepol_port_free) 266 267 /* Context */ 268 sepol_context_t *sepol_port_get_con(const sepol_port_t * port) 269 { 270 271 return port->con; 272 } 273 274 hidden_def(sepol_port_get_con) 275 276 int sepol_port_set_con(sepol_handle_t * handle, 277 sepol_port_t * port, sepol_context_t * con) 278 { 279 280 sepol_context_t *newcon; 281 282 if (sepol_context_clone(handle, con, &newcon) < 0) { 283 ERR(handle, "out of memory, could not set port context"); 284 return STATUS_ERR; 285 } 286 287 sepol_context_free(port->con); 288 port->con = newcon; 289 return STATUS_SUCCESS; 290 } 291 292 hidden_def(sepol_port_set_con) 293
