Main Page | Namespace List | Class Hierarchy | Alphabetical List | Class List | Directories | File List | Class Members | File Members | Related Pages | Search for 
libapol / src

isid-query.c

Go to the documentation of this file.
00001 /**
00002  * @file
00003  *
00004  * Provides a way for setools to make queries about initial SIDs
00005  * within a policy.  The caller obtains a query object, fills in its
00006  * parameters, and then runs the query; it obtains a vector of
00007  * results.  Searches are conjunctive -- all fields of the search
00008  * query must match for a datum to be added to the results query.
00009  *
00010  * @author Jeremy A. Mowery jmowery@tresys.com
00011  * @author Jason Tang  jtang@tresys.com
00012  *
00013  * Copyright (C) 2006-2007 Tresys Technology, LLC
00014  *
00015  *  This library is free software; you can redistribute it and/or
00016  *  modify it under the terms of the GNU Lesser General Public
00017  *  License as published by the Free Software Foundation; either
00018  *  version 2.1 of the License, or (at your option) any later version.
00019  *
00020  *  This library is distributed in the hope that it will be useful,
00021  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
00022  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
00023  *  Lesser General Public License for more details.
00024  *
00025  *  You should have received a copy of the GNU Lesser General Public
00026  *  License along with this library; if not, write to the Free Software
00027  *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
00028  */
00029 
00030 #include "policy-query-internal.h"
00031 
00032 #include <errno.h>
00033 
00034 struct apol_isid_query
00035 {
00036         char *name;
00037         apol_context_t *context;
00038         unsigned int flags;
00039 };
00040 
00041 /******************** genfscon queries ********************/
00042 
00043 int apol_isid_get_by_query(const apol_policy_t * p, const apol_isid_query_t * i, apol_vector_t ** v)
00044 {
00045         qpol_iterator_t *iter;
00046         int retval = -1, retval2;
00047         const qpol_isid_t *isid = NULL;
00048         *v = NULL;
00049         if (qpol_policy_get_isid_iter(p->p, &iter) < 0) {
00050                 return -1;
00051         }
00052         if ((*v = apol_vector_create(NULL)) == NULL) {
00053                 ERR(p, "%s", strerror(errno));
00054                 goto cleanup;
00055         }
00056         for (; !qpol_iterator_end(iter); qpol_iterator_next(iter)) {
00057                 if (qpol_iterator_get_item(iter, (void **)&isid) < 0) {
00058                         goto cleanup;
00059                 }
00060                 if (i != NULL) {
00061                         const char *name;
00062                         const qpol_context_t *context;
00063                         if (qpol_isid_get_name(p->p, isid, &name) < 0 || qpol_isid_get_context(p->p, isid, &context) < 0) {
00064                                 goto cleanup;
00065                         }
00066                         retval2 = apol_compare(p, name, i->name, 0, NULL);
00067                         if (retval2 < 0) {
00068                                 goto cleanup;
00069                         } else if (retval2 == 0) {
00070                                 continue;
00071                         }
00072                         retval2 = apol_compare_context(p, context, i->context, i->flags);
00073                         if (retval2 < 0) {
00074                                 goto cleanup;
00075                         } else if (retval2 == 0) {
00076                                 continue;
00077                         }
00078                 }
00079                 if (apol_vector_append(*v, (void *)isid)) {
00080                         ERR(p, "%s", strerror(ENOMEM));
00081                         goto cleanup;
00082                 }
00083         }
00084 
00085         retval = 0;
00086       cleanup:
00087         if (retval != 0) {
00088                 apol_vector_destroy(v);
00089         }
00090         qpol_iterator_destroy(&iter);
00091         return retval;
00092 }
00093 
00094 apol_isid_query_t *apol_isid_query_create(void)
00095 {
00096         return calloc(1, sizeof(apol_isid_query_t));
00097 }
00098 
00099 void apol_isid_query_destroy(apol_isid_query_t ** i)
00100 {
00101         if (*i != NULL) {
00102                 free((*i)->name);
00103                 apol_context_destroy(&((*i)->context));
00104                 free(*i);
00105                 *i = NULL;
00106         }
00107 }
00108 
00109 int apol_isid_query_set_name(const apol_policy_t * p, apol_isid_query_t * i, const char *name)
00110 {
00111         return apol_query_set(p, &i->name, NULL, name);
00112 }
00113 
00114 int apol_isid_query_set_context(const apol_policy_t * p __attribute__ ((unused)),
00115                                 apol_isid_query_t * i, apol_context_t * context, unsigned int range_match)
00116 {
00117         if (i->context != NULL) {
00118                 apol_context_destroy(&i->context);
00119         }
00120         i->context = context;
00121         i->flags = (i->flags & ~APOL_QUERY_FLAGS) | range_match;
00122         return 0;
00123 }