LCOV - code coverage report
Current view: top level - sal/osl/unx - security.cxx (source / functions) Hit Total Coverage
Test: commit c8344322a7af75b84dd3ca8f78b05543a976dfd5 Lines: 114 166 68.7 %
Date: 2015-06-13 12:38:46 Functions: 17 19 89.5 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
       2             : /*
       3             :  * This file is part of the LibreOffice project.
       4             :  *
       5             :  * This Source Code Form is subject to the terms of the Mozilla Public
       6             :  * License, v. 2.0. If a copy of the MPL was not distributed with this
       7             :  * file, You can obtain one at http://mozilla.org/MPL/2.0/.
       8             :  *
       9             :  * This file incorporates work covered by the following license notice:
      10             :  *
      11             :  *   Licensed to the Apache Software Foundation (ASF) under one or more
      12             :  *   contributor license agreements. See the NOTICE file distributed
      13             :  *   with this work for additional information regarding copyright
      14             :  *   ownership. The ASF licenses this file to you under the Apache
      15             :  *   License, Version 2.0 (the "License"); you may not use this file
      16             :  *   except in compliance with the License. You may obtain a copy of
      17             :  *   the License at http://www.apache.org/licenses/LICENSE-2.0 .
      18             :  */
      19             : 
      20             : #include <sal/config.h>
      21             : 
      22             : #include <cstddef>
      23             : #include <limits>
      24             : 
      25             : #ifdef IOS
      26             : #include <premac.h>
      27             : #import <Foundation/Foundation.h>
      28             : #include <postmac.h>
      29             : #endif
      30             : 
      31             : #include "system.hxx"
      32             : 
      33             : #include <osl/security.h>
      34             : #include <osl/diagnose.h>
      35             : #include <rtl/bootstrap.h>
      36             : #include <sal/log.hxx>
      37             : 
      38             : #include "osl/thread.h"
      39             : #include "osl/file.h"
      40             : 
      41             : #if defined LINUX || defined SOLARIS
      42             : #include <crypt.h>
      43             : #endif
      44             : 
      45             : #include "secimpl.hxx"
      46             : 
      47             : #ifdef ANDROID
      48             : #define getpwuid_r(uid, pwd, buf, buflen, result) (*(result) = getpwuid(uid), (*(result) ? (memcpy (buf, *(result), sizeof (struct passwd)), 0) : errno))
      49             : #endif
      50             : 
      51             : static oslSecurityError SAL_CALL
      52             : osl_psz_loginUser(const sal_Char* pszUserName, const sal_Char* pszPasswd,
      53             :                   oslSecurity* pSecurity);
      54             : static bool SAL_CALL osl_psz_getUserName(oslSecurity Security, sal_Char* pszName, sal_uInt32  nMax);
      55             : static bool SAL_CALL osl_psz_getHomeDir(oslSecurity Security, sal_Char* pszDirectory, sal_uInt32 nMax);
      56             : static bool SAL_CALL osl_psz_getConfigDir(oslSecurity Security, sal_Char* pszDirectory, sal_uInt32 nMax);
      57             : 
      58        1706 : static bool sysconf_SC_GETPW_R_SIZE_MAX(std::size_t * value) {
      59             : #if defined _SC_GETPW_R_SIZE_MAX
      60             :     long m;
      61        1706 :     errno = 0;
      62        1706 :     m = sysconf(_SC_GETPW_R_SIZE_MAX);
      63        1706 :     if (m == -1) {
      64             :         /* _SC_GETPW_R_SIZE_MAX has no limit; some platforms like certain
      65             :            FreeBSD versions support sysconf(_SC_GETPW_R_SIZE_MAX) in a broken
      66             :            way and always set EINVAL, so be resilient here: */
      67           0 :         return false;
      68             :     } else {
      69             :         SAL_WARN_IF( m < 0 || (unsigned long) m >= std::numeric_limits<std::size_t>::max(), "sal.osl", 
      70             :                 "m < 0 || (unsigned long) m >= std::numeric_limits<std::size_t>::max()");
      71        1706 :         *value = (std::size_t) m;
      72        1706 :         return true;
      73             :     }
      74             : #else
      75             :     /* some platforms like Mac OS X 1.3 do not define _SC_GETPW_R_SIZE_MAX: */
      76             :     return false;
      77             : #endif
      78             : }
      79             : 
      80        1706 : static oslSecurityImpl * growSecurityImpl(
      81             :     oslSecurityImpl * impl, std::size_t * bufSize)
      82             : {
      83        1706 :     std::size_t n = 0;
      84        1706 :     oslSecurityImpl * p = NULL;
      85        1706 :     if (impl == NULL) {
      86        1706 :         if (!sysconf_SC_GETPW_R_SIZE_MAX(&n)) {
      87             :             /* choose something sensible (the callers of growSecurityImpl will
      88             :                detect it if the allocated buffer is too small: */
      89           0 :             n = 1024;
      90             :         }
      91           0 :     } else if (*bufSize <= std::numeric_limits<std::size_t>::max() / 2) {
      92           0 :         n = 2 * *bufSize;
      93             :     }
      94        1706 :     if (n != 0) {
      95        3412 :         if (n <= std::numeric_limits<std::size_t>::max()
      96        1706 :             - offsetof(oslSecurityImpl, m_buffer))
      97             :         {
      98        1706 :             *bufSize = n;
      99        1706 :             n += offsetof(oslSecurityImpl, m_buffer);
     100             :         } else {
     101           0 :             *bufSize = std::numeric_limits<std::size_t>::max()
     102           0 :                 - offsetof(oslSecurityImpl, m_buffer);
     103           0 :             n = std::numeric_limits<std::size_t>::max();
     104             :         }
     105        1706 :         p = static_cast<oslSecurityImpl *>(realloc(impl, n));
     106        1706 :         memset (p, 0, n);
     107             :     }
     108        1706 :     if (p == NULL) {
     109           0 :         free(impl);
     110             :     }
     111        1706 :     return p;
     112             : }
     113             : 
     114        1706 : static void deleteSecurityImpl(oslSecurityImpl * impl) {
     115        1706 :     free(impl);
     116        1706 : }
     117             : 
     118        1706 : oslSecurity SAL_CALL osl_getCurrentSecurity()
     119             : {
     120        1706 :     std::size_t n = 0;
     121        1706 :     oslSecurityImpl * p = NULL;
     122             :     for (;;) {
     123             :         struct passwd * found;
     124        1706 :         p = growSecurityImpl(p, &n);
     125        1706 :         if (p == NULL) {
     126        1706 :             return NULL;
     127             :         }
     128        1706 :         switch (getpwuid_r(getuid(), &p->m_pPasswd, p->m_buffer, n, &found)) {
     129             :         case ERANGE:
     130           0 :             break;
     131             :         case 0:
     132        1706 :             if (found != NULL) {
     133        1706 :                 return p;
     134             :             }
     135             :             /* fall through */
     136             :         default:
     137           0 :             deleteSecurityImpl(p);
     138           0 :             return NULL;
     139             :         }
     140           0 :     }
     141             : }
     142             : 
     143           0 : oslSecurityError SAL_CALL osl_loginUser(
     144             :     rtl_uString *ustrUserName,
     145             :     rtl_uString *ustrPassword,
     146             :     oslSecurity *pSecurity
     147             :     )
     148             : {
     149             :     oslSecurityError Error;
     150           0 :     rtl_String* strUserName=0;
     151           0 :     rtl_String* strPassword=0;
     152           0 :     sal_Char* pszUserName=0;
     153           0 :     sal_Char* pszPassword=0;
     154             : 
     155           0 :     if ( ustrUserName != 0 )
     156             :     {
     157             :         rtl_uString2String( &strUserName,
     158           0 :                             rtl_uString_getStr(ustrUserName),
     159             :                             rtl_uString_getLength(ustrUserName),
     160             :                             RTL_TEXTENCODING_UTF8,
     161           0 :                             OUSTRING_TO_OSTRING_CVTFLAGS );
     162           0 :         pszUserName = rtl_string_getStr(strUserName);
     163             :     }
     164             : 
     165           0 :     if ( ustrPassword != 0 )
     166             :     {
     167             :         rtl_uString2String( &strPassword,
     168           0 :                             rtl_uString_getStr(ustrPassword),
     169             :                             rtl_uString_getLength(ustrPassword),
     170             :                             RTL_TEXTENCODING_UTF8,
     171           0 :                             OUSTRING_TO_OSTRING_CVTFLAGS );
     172           0 :         pszPassword = rtl_string_getStr(strPassword);
     173             :     }
     174             : 
     175           0 :     Error=osl_psz_loginUser(pszUserName,pszPassword,pSecurity);
     176             : 
     177           0 :     if ( strUserName != 0 )
     178             :     {
     179           0 :         rtl_string_release(strUserName);
     180             :     }
     181             : 
     182           0 :     if ( strPassword)
     183             :     {
     184           0 :         rtl_string_release(strPassword);
     185             :     }
     186             : 
     187           0 :     return Error;
     188             : }
     189             : 
     190             : static oslSecurityError SAL_CALL
     191           0 : osl_psz_loginUser(const sal_Char* pszUserName, const sal_Char* pszPasswd,
     192             :                oslSecurity* pSecurity)
     193             : {
     194             :     (void)pszUserName;
     195             :     (void)pszPasswd;
     196             :     (void)pSecurity;
     197             : 
     198           0 :     return osl_Security_E_None;
     199             : }
     200             : 
     201           1 : oslSecurityError SAL_CALL osl_loginUserOnFileServer(
     202             :     rtl_uString *strUserName,
     203             :     rtl_uString *strPasswd,
     204             :     rtl_uString *strFileServer,
     205             :     oslSecurity *pSecurity
     206             :     )
     207             : {
     208             :     (void) strUserName; /* unused */
     209             :     (void) strPasswd; /* unused */
     210             :     (void) strFileServer; /* unused */
     211             :     (void) pSecurity; /* unused */
     212           1 :     return osl_Security_E_UserUnknown;
     213             : }
     214             : 
     215           1 : sal_Bool SAL_CALL osl_getUserIdent(oslSecurity Security, rtl_uString **ustrIdent)
     216             : {
     217           1 :     bool     bRet = false;
     218             :     sal_Char pszIdent[1024];
     219             : 
     220           1 :     pszIdent[0] = '\0';
     221             : 
     222           1 :     bRet = osl_psz_getUserIdent(Security,pszIdent,sizeof(pszIdent));
     223             : 
     224           1 :     rtl_string2UString( ustrIdent, pszIdent, rtl_str_getLength( pszIdent ), osl_getThreadTextEncoding(), OUSTRING_TO_OSTRING_CVTFLAGS );
     225             :     SAL_WARN_IF(*ustrIdent == NULL, "sal.osl", "*ustrIdent == NULL");
     226             : 
     227           1 :     return bRet;
     228             : }
     229             : 
     230         516 : bool SAL_CALL osl_psz_getUserIdent(oslSecurity Security, sal_Char *pszIdent, sal_uInt32 nMax)
     231             : {
     232             :     sal_Char  buffer[32];
     233             :     sal_Int32 nChr;
     234             : 
     235         516 :     oslSecurityImpl *pSecImpl = static_cast<oslSecurityImpl *>(Security);
     236             : 
     237         516 :     if (pSecImpl == NULL)
     238           0 :         return false;
     239             : 
     240         516 :     nChr = snprintf(buffer, sizeof(buffer), "%u", pSecImpl->m_pPasswd.pw_uid);
     241        1032 :     if ( nChr < 0 || sal::static_int_cast<sal_uInt32>(nChr) >= sizeof(buffer)
     242        1032 :          || sal::static_int_cast<sal_uInt32>(nChr) >= nMax )
     243           0 :         return false; /* leave *pszIdent unmodified in case of failure */
     244             : 
     245         516 :     memcpy(pszIdent, buffer, nChr+1);
     246         516 :     return true;
     247             : }
     248             : 
     249         181 : sal_Bool SAL_CALL osl_getUserName(oslSecurity Security, rtl_uString **ustrName)
     250             : {
     251         181 :     bool     bRet = false;
     252             :     sal_Char pszName[1024];
     253             : 
     254         181 :     pszName[0] = '\0';
     255             : 
     256         181 :     bRet = osl_psz_getUserName(Security,pszName,sizeof(pszName));
     257             : 
     258         181 :     rtl_string2UString( ustrName, pszName, rtl_str_getLength( pszName ), osl_getThreadTextEncoding(), OUSTRING_TO_OSTRING_CVTFLAGS );
     259             :     SAL_WARN_IF(*ustrName == NULL, "sal.osl", "ustrName == NULL");
     260             : 
     261         181 :     return bRet;
     262             : }
     263             : 
     264         181 : static bool SAL_CALL osl_psz_getUserName(oslSecurity Security, sal_Char* pszName, sal_uInt32  nMax)
     265             : {
     266         181 :     oslSecurityImpl *pSecImpl = static_cast<oslSecurityImpl *>(Security);
     267             : 
     268         181 :     if (pSecImpl == NULL || pSecImpl->m_pPasswd.pw_name == NULL)
     269           0 :         return false;
     270             : 
     271         181 :     strncpy(pszName, pSecImpl->m_pPasswd.pw_name, nMax);
     272             : 
     273         181 :     return true;
     274             : }
     275             : 
     276         938 : sal_Bool SAL_CALL osl_getHomeDir(oslSecurity Security, rtl_uString **pustrDirectory)
     277             : {
     278         938 :     bool     bRet = false;
     279             :     sal_Char pszDirectory[PATH_MAX];
     280             : 
     281         938 :     pszDirectory[0] = '\0';
     282             : 
     283         938 :     bRet = osl_psz_getHomeDir(Security,pszDirectory,sizeof(pszDirectory));
     284             : 
     285         938 :     if ( bRet )
     286             :     {
     287         938 :         rtl_string2UString( pustrDirectory, pszDirectory, rtl_str_getLength( pszDirectory ), osl_getThreadTextEncoding(), OUSTRING_TO_OSTRING_CVTFLAGS );
     288             :         SAL_WARN_IF(*pustrDirectory == NULL, "sal.osl", "*pustrDirectory == NULL");
     289         938 :         osl_getFileURLFromSystemPath( *pustrDirectory, pustrDirectory );
     290             :     }
     291             : 
     292         938 :     return bRet;
     293             : }
     294             : 
     295         992 : static bool SAL_CALL osl_psz_getHomeDir(oslSecurity Security, sal_Char* pszDirectory, sal_uInt32 nMax)
     296             : {
     297         992 :     oslSecurityImpl *pSecImpl = static_cast<oslSecurityImpl *>(Security);
     298             : 
     299         992 :     if (pSecImpl == NULL)
     300           0 :         return false;
     301             : 
     302             : #ifdef ANDROID
     303             : {
     304             :     sal_Bool bRet = sal_False;
     305             :     rtl_uString *pName = 0, *pValue = 0;
     306             : 
     307             :     rtl_uString_newFromAscii(&pName, "HOME");
     308             : 
     309             :     if (rtl_bootstrap_get(pName, &pValue, NULL))
     310             :     {
     311             :         rtl_String *pStrValue = 0;
     312             :         if (pValue && pValue->length > 0)
     313             :         {
     314             :             rtl_uString2String(&pStrValue, pValue->buffer,
     315             :                                pValue->length, RTL_TEXTENCODING_UTF8,
     316             :                                OUSTRING_TO_OSTRING_CVTFLAGS);
     317             :             if (pStrValue && pStrValue->length > 0)
     318             :             {
     319             :                 sal_Int32 nCopy = (sal_Int32)(nMax-1) < pStrValue->length ? (sal_Int32)(nMax-1) : pStrValue->length ;
     320             :                 strncpy (pszDirectory, pStrValue->buffer, nCopy);
     321             :                 pszDirectory[nCopy] = '\0';
     322             :                 bRet = (std::size_t)pStrValue->length < nMax;
     323             :             }
     324             :             rtl_string_release(pStrValue);
     325             :         }
     326             :         rtl_uString_release(pName);
     327             :     }
     328             :     if (bRet)
     329             :         return bRet;
     330             : }
     331             : #endif
     332             : 
     333             : #ifdef IOS
     334             :     {
     335             :         // Let's pretend the app-specific "Documents" directory is the home directory for now
     336             :         NSArray *paths = NSSearchPathForDirectoriesInDomains(NSDocumentDirectory, NSUserDomainMask, YES);
     337             :         NSString *userDirectory = [paths objectAtIndex:0];
     338             :         if ([userDirectory length] < nMax)
     339             :         {
     340             :             strcpy(pszDirectory, [userDirectory UTF8String]);
     341             :             return sal_True;
     342             :         }
     343             :     }
     344             : #endif
     345             : 
     346             :     /* if current user, check also environment for HOME */
     347         992 :     if (getuid() == pSecImpl->m_pPasswd.pw_uid)
     348             :     {
     349         992 :         sal_Char *pStr = NULL;
     350             : #ifdef SOLARIS
     351             :         char    buffer[8192];
     352             : 
     353             :         struct passwd pwd;
     354             :         struct passwd *ppwd;
     355             : 
     356             : #ifdef _POSIX_PTHREAD_SEMANTICS
     357             :         if ( 0 != getpwuid_r(getuid(), &pwd, buffer, sizeof(buffer), &ppwd ) )
     358             :             ppwd = NULL;
     359             : #else
     360             :         ppwd = getpwuid_r(getuid(), &pwd, buffer, sizeof(buffer) );
     361             : #endif
     362             : 
     363             :         if ( ppwd )
     364             :             pStr = ppwd->pw_dir;
     365             : #else
     366         992 :         pStr = getenv("HOME");
     367             : #endif
     368             : 
     369         992 :         if (pStr != NULL && strlen(pStr) > 0 && access(pStr, 0) == 0)
     370         992 :             strncpy(pszDirectory, pStr, nMax);
     371           0 :         else if (pSecImpl->m_pPasswd.pw_dir != NULL)
     372           0 :             strncpy(pszDirectory, pSecImpl->m_pPasswd.pw_dir, nMax);
     373             :         else
     374           0 :             return false;
     375             :     }
     376           0 :     else if (pSecImpl->m_pPasswd.pw_dir != NULL)
     377           0 :         strncpy(pszDirectory, pSecImpl->m_pPasswd.pw_dir, nMax);
     378             :     else
     379           0 :         return false;
     380             : 
     381         992 :     return true;
     382             : }
     383             : 
     384          54 : sal_Bool SAL_CALL osl_getConfigDir(oslSecurity Security, rtl_uString **pustrDirectory)
     385             : {
     386          54 :     bool     bRet = false;
     387             :     sal_Char pszDirectory[PATH_MAX];
     388             : 
     389          54 :     pszDirectory[0] = '\0';
     390             : 
     391          54 :     bRet = osl_psz_getConfigDir(Security,pszDirectory,sizeof(pszDirectory));
     392             : 
     393          54 :     if ( bRet )
     394             :     {
     395          54 :         rtl_string2UString( pustrDirectory, pszDirectory, rtl_str_getLength( pszDirectory ), osl_getThreadTextEncoding(), OUSTRING_TO_OSTRING_CVTFLAGS );
     396             :         SAL_WARN_IF(*pustrDirectory == NULL, "sal.osl", "*pustrDirectory == NULL");
     397          54 :         osl_getFileURLFromSystemPath( *pustrDirectory, pustrDirectory );
     398             :     }
     399             : 
     400          54 :     return bRet;
     401             : }
     402             : 
     403             : #if !defined(MACOSX) && !defined(IOS)
     404             : 
     405             : #define DOT_CONFIG "/.config"
     406             : 
     407          54 : static bool SAL_CALL osl_psz_getConfigDir(oslSecurity Security, sal_Char* pszDirectory, sal_uInt32 nMax)
     408             : {
     409          54 :     sal_Char *pStr = getenv("XDG_CONFIG_HOME");
     410             : 
     411          54 :     if (pStr == NULL || strlen(pStr) == 0 || access(pStr, 0) != 0)
     412             :     {
     413          54 :         std::size_t n = 0;
     414             : 
     415             :         // a default equal to $HOME/.config should be used.
     416          54 :         if (!osl_psz_getHomeDir(Security, pszDirectory, nMax))
     417           0 :             return false;
     418          54 :         n = strlen(pszDirectory);
     419          54 :         if (n + sizeof(DOT_CONFIG) < nMax)
     420             :         {
     421          54 :             strncpy(pszDirectory+n, DOT_CONFIG, sizeof(DOT_CONFIG));
     422             : 
     423             :             // try to create dir if not present
     424          54 :             bool dirOK = true;
     425          54 :             if (mkdir(pszDirectory, S_IRWXU) != 0)
     426             :             {
     427          54 :                 int e = errno;
     428          54 :                 if (e != EEXIST)
     429             :                 {
     430             :                     SAL_WARN(
     431             :                         "sal.osl",
     432             :                         "mkdir(" << pszDirectory << "): errno=" << e);
     433           0 :                     dirOK = false;
     434             :                 }
     435             :             }
     436          54 :             if (dirOK)
     437             :             {
     438             :                 // check file type and permissions
     439             :                 struct stat st;
     440          54 :                 if (stat(pszDirectory, &st) != 0)
     441             :                 {
     442             :                     SAL_INFO("sal.osl","Could not stat $HOME/.config");
     443           0 :                     dirOK = false;
     444             :                 }
     445             :                 else
     446             :                 {
     447          54 :                     if (!S_ISDIR(st.st_mode))
     448             :                     {
     449             :                         SAL_INFO("sal.osl", "$HOME/.config is not a directory");
     450           0 :                         dirOK = false;
     451             :                     }
     452          54 :                     if (!(st.st_mode & S_IRUSR && st.st_mode & S_IWUSR && st.st_mode & S_IXUSR))
     453             :                     {
     454             :                         SAL_INFO("sal.osl", "$HOME/.config has bad permissions");
     455           0 :                         dirOK = false;
     456             :                     }
     457             :                 }
     458             :             }
     459             : 
     460             :             // resort to HOME
     461          54 :             if (!dirOK)
     462           0 :                 pszDirectory[n] = '\0';
     463             :         }
     464             :     }
     465             :     else
     466           0 :         strncpy(pszDirectory, pStr, nMax);
     467             : 
     468          54 :     return true;
     469             : }
     470             : 
     471             : #undef DOT_CONFIG
     472             : 
     473             : #else
     474             : 
     475             : /*
     476             :  * FIXME: rewrite to use more flexible
     477             :  * NSSearchPathForDirectoriesInDomains(NSApplicationSupportDirectory, NSUserDomainMask, YES)
     478             :  * as soon as we can bumb the baseline to Tiger (for NSApplicationSupportDirectory) and have
     479             :  * support for Objective-C in the build environment
     480             :  */
     481             : 
     482             : #define MACOSX_CONFIG_DIR "/Library/Application Support" /* Used on iOS, too */
     483             : static bool SAL_CALL osl_psz_getConfigDir(oslSecurity Security, sal_Char* pszDirectory, sal_uInt32 nMax)
     484             : {
     485             :     if( osl_psz_getHomeDir(Security, pszDirectory, nMax - sizeof(MACOSX_CONFIG_DIR) + 1) )
     486             :     {
     487             :         strcat( pszDirectory, MACOSX_CONFIG_DIR );
     488             :         return true;
     489             :     }
     490             : 
     491             :     return false;
     492             : }
     493             : 
     494             : #endif
     495             : 
     496           3 : sal_Bool SAL_CALL osl_isAdministrator(oslSecurity Security)
     497             : {
     498           3 :     oslSecurityImpl *pSecImpl = static_cast<oslSecurityImpl *>(Security);
     499             : 
     500           3 :     if (pSecImpl == NULL)
     501           0 :         return sal_False;
     502             : 
     503           3 :     if (pSecImpl->m_pPasswd.pw_uid != 0)
     504           3 :         return sal_False;
     505             : 
     506           0 :     return sal_True;
     507             : }
     508             : 
     509        1706 : void SAL_CALL osl_freeSecurityHandle(oslSecurity Security)
     510             : {
     511        1706 :     deleteSecurityImpl(static_cast<oslSecurityImpl *>(Security));
     512        1706 : }
     513             : 
     514           1 : sal_Bool SAL_CALL osl_loadUserProfile(oslSecurity Security)
     515             : {
     516             :     (void) Security; /* unused */
     517           1 :     return sal_False;
     518             : }
     519             : 
     520           1 : void SAL_CALL osl_unloadUserProfile(oslSecurity Security)
     521             : {
     522             :     (void) Security; /* unused */
     523           1 : }
     524             : 
     525             : /* vim:set shiftwidth=4 softtabstop=4 expandtab: */

Generated by: LCOV version 1.11