Main Page | Namespace List | Class Hierarchy | Alphabetical List | Class List | Directories | File List | Class Members | File Members | Related Pages | Search for 
libapol / src

bool-query.c File Reference

Detailed Description

Provides a way for setools to make queries about conditional booleans within a policy.

The caller obtains a query object, fills in its parameters, and then runs the query; it obtains a vector of results. Searches are conjunctive -- all fields of the search query must match for a datum to be added to the results query.

Author:
Jeremy A. Mowery jmowery@tresys.com

Jason Tang jtang@tresys.com

Copyright (C) 2006-2007 Tresys Technology, LLC

This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version.

This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.

You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA

Definition in file bool-query.c.

#include "policy-query-internal.h"
#include <errno.h>

Go to the source code of this file.


Classes

struct  apol_bool_query

Functions

int apol_bool_get_by_query (const apol_policy_t *p, apol_bool_query_t *b, apol_vector_t **v)
 Execute a query against all booleans within the policy.
apol_bool_query_tapol_bool_query_create (void)
 Allocate and return a new boolean query structure.
void apol_bool_query_destroy (apol_bool_query_t **b)
 Deallocate all memory associated with the referenced boolean query, and then set it to NULL.
int apol_bool_query_set_bool (const apol_policy_t *p, apol_bool_query_t *b, const char *name)
 Set a boolean query to return only booleans that match this name.
int apol_bool_query_set_regex (const apol_policy_t *p, apol_bool_query_t *b, int is_regex)
 Set a boolean query to use regular expression searching for all of its fields.

Function Documentation

int apol_bool_get_by_query const apol_policy_t p,
apol_bool_query_t b,
apol_vector_t **  v
 

Execute a query against all booleans within the policy.

Parameters:
p Policy within which to look up booleans.
b Structure containing parameters for query. If this is NULL then return all booleans.
v Reference to a vector of qpol_bool_t. The vector will be allocated by this function. The caller must call apol_vector_destroy() afterwards. This will be set to NULL upon no results or upon error.
Returns:
0 on success (including none found), negative on error.

Definition at line 43 of file bool-query.c.

References apol_bool_query_t, apol_compare(), apol_policy_t, apol_vector_append(), apol_vector_create(), apol_vector_destroy(), apol_vector_t, apol_bool_query::bool_name, ERR, apol_bool_query::flags, apol_policy::p, qpol_bool_get_name(), qpol_bool_t, qpol_iterator_destroy(), qpol_iterator_end(), qpol_iterator_get_item(), qpol_iterator_next(), qpol_iterator_t, qpol_policy_get_bool_iter(), and apol_bool_query::regex.

Referenced by avrule_get_items(), poldiff_build_bsts(), policy_view_stats_update(), and terule_get_items().

00044 {
00045         qpol_iterator_t *iter;
00046         int retval = -1;
00047         *v = NULL;
00048         if (qpol_policy_get_bool_iter(p->p, &iter) < 0) {
00049                 return -1;
00050         }
00051         if ((*v = apol_vector_create(NULL)) == NULL) {
00052                 ERR(p, "%s", strerror(errno));
00053                 goto cleanup;
00054         }
00055         for (; !qpol_iterator_end(iter); qpol_iterator_next(iter)) {
00056                 qpol_bool_t *qbool;
00057                 if (qpol_iterator_get_item(iter, (void **)&qbool) < 0) {
00058                         goto cleanup;
00059                 }
00060                 if (b != NULL) {
00061                         const char *bool_name;
00062                         int compval;
00063                         if (qpol_bool_get_name(p->p, qbool, &bool_name) < 0) {
00064                                 goto cleanup;
00065                         }
00066                         compval = apol_compare(p, bool_name, b->bool_name, b->flags, &(b->regex));
00067                         if (compval < 0) {
00068                                 goto cleanup;
00069                         } else if (compval == 0) {
00070                                 continue;
00071                         }
00072                 }
00073                 if (apol_vector_append(*v, qbool)) {
00074                         ERR(p, "%s", strerror(ENOMEM));
00075                         goto cleanup;
00076                 }
00077         }
00078 
00079         retval = 0;
00080       cleanup:
00081         if (retval != 0) {
00082                 apol_vector_destroy(v);
00083         }
00084         qpol_iterator_destroy(&iter);
00085         return retval;
00086 }

apol_bool_query_t* apol_bool_query_create void   ) 
 

Allocate and return a new boolean query structure.

All fields are initialized, such that running this blank query results in returning all booleans within the policy. The caller must call apol_bool_query_destroy() upon the return value afterwards.

Returns:
An initialized boolean query structure, or NULL upon error.

Definition at line 88 of file bool-query.c.

References apol_bool_query_t.

00089 {
00090         return calloc(1, sizeof(apol_bool_query_t));
00091 }

void apol_bool_query_destroy apol_bool_query_t **  b  ) 
 

Deallocate all memory associated with the referenced boolean query, and then set it to NULL.

This function does nothing if the query is already NULL.

Parameters:
b Reference to a boolean query structure to destroy.

Definition at line 93 of file bool-query.c.

References apol_bool_query_t, and apol_regex_destroy().

00094 {
00095         if (*b != NULL) {
00096                 free((*b)->bool_name);
00097                 apol_regex_destroy(&(*b)->regex);
00098                 free(*b);
00099                 *b = NULL;
00100         }
00101 }

int apol_bool_query_set_bool const apol_policy_t p,
apol_bool_query_t b,
const char *  name
 

Set a boolean query to return only booleans that match this name.

This function duplicates the incoming name.

Parameters:
p Policy handler, to report errors.
b Boolean query to set.
name Limit query to only booleans with this name, or NULL to unset this field.
Returns:
0 on success, negative on error.

Definition at line 103 of file bool-query.c.

References apol_bool_query_t, apol_policy_t, apol_query_set(), apol_bool_query::bool_name, and apol_bool_query::regex.

00104 {
00105         return apol_query_set(p, &b->bool_name, &b->regex, name);
00106 }

int apol_bool_query_set_regex const apol_policy_t p,
apol_bool_query_t b,
int  is_regex
 

Set a boolean query to use regular expression searching for all of its fields.

Strings will be treated as regexes instead of literals.

Parameters:
p Policy handler, to report errors.
b Boolean query to set.
is_regex Non-zero to enable regex searching, 0 to disable.
Returns:
Always 0.

Definition at line 108 of file bool-query.c.

References apol_bool_query_t, apol_policy_t, apol_query_set_regex(), and apol_bool_query::flags.

00109 {
00110         return apol_query_set_regex(p, &b->flags, is_regex);
00111 }