1 #include <stdlib.h>
2 #include <string.h>
3
4 #include "port_internal.h"
5 #include "context_internal.h"
6 #include "debug.h"
7
8 struct sepol_port {
9 /* Low - High range. Same for single ports. */
10 int low, high;
11
12 /* Protocol */
13 int proto;
14
15 /* Context */
16 sepol_context_t *con;
17 };
18
19 struct sepol_port_key {
20 /* Low - High range. Same for single ports. */
21 int low, high;
22
23 /* Protocol */
24 int proto;
25 };
26
27 /* Key */
sepol_port_key_create(sepol_handle_t * handle,int low,int high,int proto,sepol_port_key_t ** key_ptr)28 int sepol_port_key_create(sepol_handle_t * handle,
29 int low, int high, int proto,
30 sepol_port_key_t ** key_ptr)
31 {
32
33 sepol_port_key_t *tmp_key =
34 (sepol_port_key_t *) malloc(sizeof(sepol_port_key_t));
35
36 if (!tmp_key) {
37 ERR(handle, "out of memory, could not create " "port key");
38 return STATUS_ERR;
39 }
40
41 tmp_key->low = low;
42 tmp_key->high = high;
43 tmp_key->proto = proto;
44
45 *key_ptr = tmp_key;
46 return STATUS_SUCCESS;
47 }
48
49
sepol_port_key_unpack(const sepol_port_key_t * key,int * low,int * high,int * proto)50 void sepol_port_key_unpack(const sepol_port_key_t * key,
51 int *low, int *high, int *proto)
52 {
53
54 *low = key->low;
55 *high = key->high;
56 *proto = key->proto;
57 }
58
59
sepol_port_key_extract(sepol_handle_t * handle,const sepol_port_t * port,sepol_port_key_t ** key_ptr)60 int sepol_port_key_extract(sepol_handle_t * handle,
61 const sepol_port_t * port,
62 sepol_port_key_t ** key_ptr)
63 {
64
65 if (sepol_port_key_create
66 (handle, port->low, port->high, port->proto, key_ptr) < 0) {
67
68 ERR(handle, "could not extract key from port %s %d:%d",
69 sepol_port_get_proto_str(port->proto),
70 port->low, port->high);
71
72 return STATUS_ERR;
73 }
74
75 return STATUS_SUCCESS;
76 }
77
sepol_port_key_free(sepol_port_key_t * key)78 void sepol_port_key_free(sepol_port_key_t * key)
79 {
80 free(key);
81 }
82
sepol_port_compare(const sepol_port_t * port,const sepol_port_key_t * key)83 int sepol_port_compare(const sepol_port_t * port, const sepol_port_key_t * key)
84 {
85
86 if ((port->low == key->low) &&
87 (port->high == key->high) && (port->proto == key->proto))
88 return 0;
89
90 if (port->low < key->low)
91 return -1;
92
93 else if (key->low < port->low)
94 return 1;
95
96 else if (port->high < key->high)
97 return -1;
98
99 else if (key->high < port->high)
100 return 1;
101
102 else if (port->proto < key->proto)
103 return -1;
104
105 else
106 return 1;
107 }
108
sepol_port_compare2(const sepol_port_t * port,const sepol_port_t * port2)109 int sepol_port_compare2(const sepol_port_t * port, const sepol_port_t * port2)
110 {
111
112 if ((port->low == port2->low) &&
113 (port->high == port2->high) && (port->proto == port2->proto))
114 return 0;
115
116 if (port->low < port2->low)
117 return -1;
118
119 else if (port2->low < port->low)
120 return 1;
121
122 else if (port->high < port2->high)
123 return -1;
124
125 else if (port2->high < port->high)
126 return 1;
127
128 else if (port->proto < port2->proto)
129 return -1;
130
131 else
132 return 1;
133 }
134
135 /* Port */
sepol_port_get_low(const sepol_port_t * port)136 int sepol_port_get_low(const sepol_port_t * port)
137 {
138
139 return port->low;
140 }
141
142
sepol_port_get_high(const sepol_port_t * port)143 int sepol_port_get_high(const sepol_port_t * port)
144 {
145
146 return port->high;
147 }
148
149
sepol_port_set_port(sepol_port_t * port,int port_num)150 void sepol_port_set_port(sepol_port_t * port, int port_num)
151 {
152
153 port->low = port_num;
154 port->high = port_num;
155 }
156
sepol_port_set_range(sepol_port_t * port,int low,int high)157 void sepol_port_set_range(sepol_port_t * port, int low, int high)
158 {
159
160 port->low = low;
161 port->high = high;
162 }
163
164
165 /* Protocol */
sepol_port_get_proto(const sepol_port_t * port)166 int sepol_port_get_proto(const sepol_port_t * port)
167 {
168
169 return port->proto;
170 }
171
172
sepol_port_get_proto_str(int proto)173 const char *sepol_port_get_proto_str(int proto)
174 {
175
176 switch (proto) {
177 case SEPOL_PROTO_UDP:
178 return "udp";
179 case SEPOL_PROTO_TCP:
180 return "tcp";
181 case SEPOL_PROTO_DCCP:
182 return "dccp";
183 case SEPOL_PROTO_SCTP:
184 return "sctp";
185 default:
186 return "???";
187 }
188 }
189
190
sepol_port_set_proto(sepol_port_t * port,int proto)191 void sepol_port_set_proto(sepol_port_t * port, int proto)
192 {
193
194 port->proto = proto;
195 }
196
197
198 /* Create */
sepol_port_create(sepol_handle_t * handle,sepol_port_t ** port)199 int sepol_port_create(sepol_handle_t * handle, sepol_port_t ** port)
200 {
201
202 sepol_port_t *tmp_port = (sepol_port_t *) malloc(sizeof(sepol_port_t));
203
204 if (!tmp_port) {
205 ERR(handle, "out of memory, could not create " "port record");
206 return STATUS_ERR;
207 }
208
209 tmp_port->low = 0;
210 tmp_port->high = 0;
211 tmp_port->proto = SEPOL_PROTO_UDP;
212 tmp_port->con = NULL;
213 *port = tmp_port;
214
215 return STATUS_SUCCESS;
216 }
217
218
219 /* Deep copy clone */
sepol_port_clone(sepol_handle_t * handle,const sepol_port_t * port,sepol_port_t ** port_ptr)220 int sepol_port_clone(sepol_handle_t * handle,
221 const sepol_port_t * port, sepol_port_t ** port_ptr)
222 {
223
224 sepol_port_t *new_port = NULL;
225 if (sepol_port_create(handle, &new_port) < 0)
226 goto err;
227
228 new_port->low = port->low;
229 new_port->high = port->high;
230 new_port->proto = port->proto;
231
232 if (port->con &&
233 (sepol_context_clone(handle, port->con, &new_port->con) < 0))
234 goto err;
235
236 *port_ptr = new_port;
237 return STATUS_SUCCESS;
238
239 err:
240 ERR(handle, "could not clone port record");
241 sepol_port_free(new_port);
242 return STATUS_ERR;
243 }
244
245 /* Destroy */
sepol_port_free(sepol_port_t * port)246 void sepol_port_free(sepol_port_t * port)
247 {
248
249 if (!port)
250 return;
251
252 sepol_context_free(port->con);
253 free(port);
254 }
255
256
257 /* Context */
sepol_port_get_con(const sepol_port_t * port)258 sepol_context_t *sepol_port_get_con(const sepol_port_t * port)
259 {
260
261 return port->con;
262 }
263
264
sepol_port_set_con(sepol_handle_t * handle,sepol_port_t * port,sepol_context_t * con)265 int sepol_port_set_con(sepol_handle_t * handle,
266 sepol_port_t * port, sepol_context_t * con)
267 {
268
269 sepol_context_t *newcon;
270
271 if (sepol_context_clone(handle, con, &newcon) < 0) {
272 ERR(handle, "out of memory, could not set port context");
273 return STATUS_ERR;
274 }
275
276 sepol_context_free(port->con);
277 port->con = newcon;
278 return STATUS_SUCCESS;
279 }
280
281