1 #include <stdlib.h>
2 #include <string.h>
3
4 #include "port_internal.h"
5 #include "context_internal.h"
6 #include "debug.h"
7
8 struct sepol_port {
9 /* Low - High range. Same for single ports. */
10 int low, high;
11
12 /* Protocol */
13 int proto;
14
15 /* Context */
16 sepol_context_t *con;
17 };
18
19 struct sepol_port_key {
20 /* Low - High range. Same for single ports. */
21 int low, high;
22
23 /* Protocol */
24 int proto;
25 };
26
27 /* Key */
sepol_port_key_create(sepol_handle_t * handle,int low,int high,int proto,sepol_port_key_t ** key_ptr)28 int sepol_port_key_create(sepol_handle_t * handle,
29 int low, int high, int proto,
30 sepol_port_key_t ** key_ptr)
31 {
32
33 sepol_port_key_t *tmp_key =
34 (sepol_port_key_t *) malloc(sizeof(sepol_port_key_t));
35
36 if (!tmp_key) {
37 ERR(handle, "out of memory, could not create " "port key");
38 return STATUS_ERR;
39 }
40
41 tmp_key->low = low;
42 tmp_key->high = high;
43 tmp_key->proto = proto;
44
45 *key_ptr = tmp_key;
46 return STATUS_SUCCESS;
47 }
48
hidden_def(sepol_port_key_create)49 hidden_def(sepol_port_key_create)
50
51 void sepol_port_key_unpack(const sepol_port_key_t * key,
52 int *low, int *high, int *proto)
53 {
54
55 *low = key->low;
56 *high = key->high;
57 *proto = key->proto;
58 }
59
hidden_def(sepol_port_key_unpack)60 hidden_def(sepol_port_key_unpack)
61
62 int sepol_port_key_extract(sepol_handle_t * handle,
63 const sepol_port_t * port,
64 sepol_port_key_t ** key_ptr)
65 {
66
67 if (sepol_port_key_create
68 (handle, port->low, port->high, port->proto, key_ptr) < 0) {
69
70 ERR(handle, "could not extract key from port %s %d:%d",
71 sepol_port_get_proto_str(port->proto),
72 port->low, port->high);
73
74 return STATUS_ERR;
75 }
76
77 return STATUS_SUCCESS;
78 }
79
sepol_port_key_free(sepol_port_key_t * key)80 void sepol_port_key_free(sepol_port_key_t * key)
81 {
82 free(key);
83 }
84
sepol_port_compare(const sepol_port_t * port,const sepol_port_key_t * key)85 int sepol_port_compare(const sepol_port_t * port, const sepol_port_key_t * key)
86 {
87
88 if ((port->low == key->low) &&
89 (port->high == key->high) && (port->proto == key->proto))
90 return 0;
91
92 if (port->low < key->low)
93 return -1;
94
95 else if (key->low < port->low)
96 return 1;
97
98 else if (port->high < key->high)
99 return -1;
100
101 else if (key->high < port->high)
102 return 1;
103
104 else if (port->proto < key->proto)
105 return -1;
106
107 else
108 return 1;
109 }
110
sepol_port_compare2(const sepol_port_t * port,const sepol_port_t * port2)111 int sepol_port_compare2(const sepol_port_t * port, const sepol_port_t * port2)
112 {
113
114 if ((port->low == port2->low) &&
115 (port->high == port2->high) && (port->proto == port2->proto))
116 return 0;
117
118 if (port->low < port2->low)
119 return -1;
120
121 else if (port2->low < port->low)
122 return 1;
123
124 else if (port->high < port2->high)
125 return -1;
126
127 else if (port2->high < port->high)
128 return 1;
129
130 else if (port->proto < port2->proto)
131 return -1;
132
133 else
134 return 1;
135 }
136
137 /* Port */
sepol_port_get_low(const sepol_port_t * port)138 int sepol_port_get_low(const sepol_port_t * port)
139 {
140
141 return port->low;
142 }
143
hidden_def(sepol_port_get_low)144 hidden_def(sepol_port_get_low)
145
146 int sepol_port_get_high(const sepol_port_t * port)
147 {
148
149 return port->high;
150 }
151
hidden_def(sepol_port_get_high)152 hidden_def(sepol_port_get_high)
153
154 void sepol_port_set_port(sepol_port_t * port, int port_num)
155 {
156
157 port->low = port_num;
158 port->high = port_num;
159 }
160
sepol_port_set_range(sepol_port_t * port,int low,int high)161 void sepol_port_set_range(sepol_port_t * port, int low, int high)
162 {
163
164 port->low = low;
165 port->high = high;
166 }
167
hidden_def(sepol_port_set_range)168 hidden_def(sepol_port_set_range)
169
170 /* Protocol */
171 int sepol_port_get_proto(const sepol_port_t * port)
172 {
173
174 return port->proto;
175 }
176
hidden_def(sepol_port_get_proto)177 hidden_def(sepol_port_get_proto)
178
179 const char *sepol_port_get_proto_str(int proto)
180 {
181
182 switch (proto) {
183 case SEPOL_PROTO_UDP:
184 return "udp";
185 case SEPOL_PROTO_TCP:
186 return "tcp";
187 case SEPOL_PROTO_DCCP:
188 return "dccp";
189 case SEPOL_PROTO_SCTP:
190 return "sctp";
191 default:
192 return "???";
193 }
194 }
195
hidden_def(sepol_port_get_proto_str)196 hidden_def(sepol_port_get_proto_str)
197
198 void sepol_port_set_proto(sepol_port_t * port, int proto)
199 {
200
201 port->proto = proto;
202 }
203
hidden_def(sepol_port_set_proto)204 hidden_def(sepol_port_set_proto)
205
206 /* Create */
207 int sepol_port_create(sepol_handle_t * handle, sepol_port_t ** port)
208 {
209
210 sepol_port_t *tmp_port = (sepol_port_t *) malloc(sizeof(sepol_port_t));
211
212 if (!tmp_port) {
213 ERR(handle, "out of memory, could not create " "port record");
214 return STATUS_ERR;
215 }
216
217 tmp_port->low = 0;
218 tmp_port->high = 0;
219 tmp_port->proto = SEPOL_PROTO_UDP;
220 tmp_port->con = NULL;
221 *port = tmp_port;
222
223 return STATUS_SUCCESS;
224 }
225
hidden_def(sepol_port_create)226 hidden_def(sepol_port_create)
227
228 /* Deep copy clone */
229 int sepol_port_clone(sepol_handle_t * handle,
230 const sepol_port_t * port, sepol_port_t ** port_ptr)
231 {
232
233 sepol_port_t *new_port = NULL;
234 if (sepol_port_create(handle, &new_port) < 0)
235 goto err;
236
237 new_port->low = port->low;
238 new_port->high = port->high;
239 new_port->proto = port->proto;
240
241 if (port->con &&
242 (sepol_context_clone(handle, port->con, &new_port->con) < 0))
243 goto err;
244
245 *port_ptr = new_port;
246 return STATUS_SUCCESS;
247
248 err:
249 ERR(handle, "could not clone port record");
250 sepol_port_free(new_port);
251 return STATUS_ERR;
252 }
253
254 /* Destroy */
sepol_port_free(sepol_port_t * port)255 void sepol_port_free(sepol_port_t * port)
256 {
257
258 if (!port)
259 return;
260
261 sepol_context_free(port->con);
262 free(port);
263 }
264
hidden_def(sepol_port_free)265 hidden_def(sepol_port_free)
266
267 /* Context */
268 sepol_context_t *sepol_port_get_con(const sepol_port_t * port)
269 {
270
271 return port->con;
272 }
273
hidden_def(sepol_port_get_con)274 hidden_def(sepol_port_get_con)
275
276 int sepol_port_set_con(sepol_handle_t * handle,
277 sepol_port_t * port, sepol_context_t * con)
278 {
279
280 sepol_context_t *newcon;
281
282 if (sepol_context_clone(handle, con, &newcon) < 0) {
283 ERR(handle, "out of memory, could not set port context");
284 return STATUS_ERR;
285 }
286
287 sepol_context_free(port->con);
288 port->con = newcon;
289 return STATUS_SUCCESS;
290 }
291
292 hidden_def(sepol_port_set_con)
293