1 #include <stdlib.h> 2 #include <string.h> 3 4 #include "port_internal.h" 5 #include "context_internal.h" 6 #include "debug.h" 7 8 struct sepol_port { 9 /* Low - High range. Same for single ports. */ 10 int low, high; 11 12 /* Protocol */ 13 int proto; 14 15 /* Context */ 16 sepol_context_t *con; 17 }; 18 19 struct sepol_port_key { 20 /* Low - High range. Same for single ports. */ 21 int low, high; 22 23 /* Protocol */ 24 int proto; 25 }; 26 27 /* Key */ 28 int sepol_port_key_create(sepol_handle_t * handle, 29 int low, int high, int proto, 30 sepol_port_key_t ** key_ptr) 31 { 32 33 sepol_port_key_t *tmp_key = 34 (sepol_port_key_t *) malloc(sizeof(sepol_port_key_t)); 35 36 if (!tmp_key) { 37 ERR(handle, "out of memory, could not create " "port key"); 38 return STATUS_ERR; 39 } 40 41 tmp_key->low = low; 42 tmp_key->high = high; 43 tmp_key->proto = proto; 44 45 *key_ptr = tmp_key; 46 return STATUS_SUCCESS; 47 } 48 49 hidden_def(sepol_port_key_create) 50 51 void sepol_port_key_unpack(const sepol_port_key_t * key, 52 int *low, int *high, int *proto) 53 { 54 55 *low = key->low; 56 *high = key->high; 57 *proto = key->proto; 58 } 59 60 hidden_def(sepol_port_key_unpack) 61 62 int sepol_port_key_extract(sepol_handle_t * handle, 63 const sepol_port_t * port, 64 sepol_port_key_t ** key_ptr) 65 { 66 67 if (sepol_port_key_create 68 (handle, port->low, port->high, port->proto, key_ptr) < 0) { 69 70 ERR(handle, "could not extract key from port %s %d:%d", 71 sepol_port_get_proto_str(port->proto), 72 port->low, port->high); 73 74 return STATUS_ERR; 75 } 76 77 return STATUS_SUCCESS; 78 } 79 80 void sepol_port_key_free(sepol_port_key_t * key) 81 { 82 free(key); 83 } 84 85 int sepol_port_compare(const sepol_port_t * port, const sepol_port_key_t * key) 86 { 87 88 if ((port->low == key->low) && 89 (port->high == key->high) && (port->proto == key->proto)) 90 return 0; 91 92 if (port->low < key->low) 93 return -1; 94 95 else if (key->low < port->low) 96 return 1; 97 98 else if (port->high < key->high) 99 return -1; 100 101 else if (key->high < port->high) 102 return 1; 103 104 else if (port->proto < key->proto) 105 return -1; 106 107 else 108 return 1; 109 } 110 111 int sepol_port_compare2(const sepol_port_t * port, const sepol_port_t * port2) 112 { 113 114 if ((port->low == port2->low) && 115 (port->high == port2->high) && (port->proto == port2->proto)) 116 return 0; 117 118 if (port->low < port2->low) 119 return -1; 120 121 else if (port2->low < port->low) 122 return 1; 123 124 else if (port->high < port2->high) 125 return -1; 126 127 else if (port2->high < port->high) 128 return 1; 129 130 else if (port->proto < port2->proto) 131 return -1; 132 133 else 134 return 1; 135 } 136 137 /* Port */ 138 int sepol_port_get_low(const sepol_port_t * port) 139 { 140 141 return port->low; 142 } 143 144 hidden_def(sepol_port_get_low) 145 146 int sepol_port_get_high(const sepol_port_t * port) 147 { 148 149 return port->high; 150 } 151 152 hidden_def(sepol_port_get_high) 153 154 void sepol_port_set_port(sepol_port_t * port, int port_num) 155 { 156 157 port->low = port_num; 158 port->high = port_num; 159 } 160 161 void sepol_port_set_range(sepol_port_t * port, int low, int high) 162 { 163 164 port->low = low; 165 port->high = high; 166 } 167 168 hidden_def(sepol_port_set_range) 169 170 /* Protocol */ 171 int sepol_port_get_proto(const sepol_port_t * port) 172 { 173 174 return port->proto; 175 } 176 177 hidden_def(sepol_port_get_proto) 178 179 const char *sepol_port_get_proto_str(int proto) 180 { 181 182 switch (proto) { 183 case SEPOL_PROTO_UDP: 184 return "udp"; 185 case SEPOL_PROTO_TCP: 186 return "tcp"; 187 default: 188 return "???"; 189 } 190 } 191 192 hidden_def(sepol_port_get_proto_str) 193 194 void sepol_port_set_proto(sepol_port_t * port, int proto) 195 { 196 197 port->proto = proto; 198 } 199 200 hidden_def(sepol_port_set_proto) 201 202 /* Create */ 203 int sepol_port_create(sepol_handle_t * handle, sepol_port_t ** port) 204 { 205 206 sepol_port_t *tmp_port = (sepol_port_t *) malloc(sizeof(sepol_port_t)); 207 208 if (!tmp_port) { 209 ERR(handle, "out of memory, could not create " "port record"); 210 return STATUS_ERR; 211 } 212 213 tmp_port->low = 0; 214 tmp_port->high = 0; 215 tmp_port->proto = SEPOL_PROTO_UDP; 216 tmp_port->con = NULL; 217 *port = tmp_port; 218 219 return STATUS_SUCCESS; 220 } 221 222 hidden_def(sepol_port_create) 223 224 /* Deep copy clone */ 225 int sepol_port_clone(sepol_handle_t * handle, 226 const sepol_port_t * port, sepol_port_t ** port_ptr) 227 { 228 229 sepol_port_t *new_port = NULL; 230 if (sepol_port_create(handle, &new_port) < 0) 231 goto err; 232 233 new_port->low = port->low; 234 new_port->high = port->high; 235 new_port->proto = port->proto; 236 237 if (port->con && 238 (sepol_context_clone(handle, port->con, &new_port->con) < 0)) 239 goto err; 240 241 *port_ptr = new_port; 242 return STATUS_SUCCESS; 243 244 err: 245 ERR(handle, "could not clone port record"); 246 sepol_port_free(new_port); 247 return STATUS_ERR; 248 } 249 250 /* Destroy */ 251 void sepol_port_free(sepol_port_t * port) 252 { 253 254 if (!port) 255 return; 256 257 sepol_context_free(port->con); 258 free(port); 259 } 260 261 hidden_def(sepol_port_free) 262 263 /* Context */ 264 sepol_context_t *sepol_port_get_con(const sepol_port_t * port) 265 { 266 267 return port->con; 268 } 269 270 hidden_def(sepol_port_get_con) 271 272 int sepol_port_set_con(sepol_handle_t * handle, 273 sepol_port_t * port, sepol_context_t * con) 274 { 275 276 sepol_context_t *newcon; 277 278 if (sepol_context_clone(handle, con, &newcon) < 0) { 279 ERR(handle, "out of memory, could not set port context"); 280 return STATUS_ERR; 281 } 282 283 sepol_context_free(port->con); 284 port->con = newcon; 285 return STATUS_SUCCESS; 286 } 287 288 hidden_def(sepol_port_set_con) 289
