Acess control and config change checks

1) Fixed the issue that metadata was saved as numbers. Was supposed to be saved as strings. 2) Added two functions. One is to check permissions on the config file. Another to check if the file has changed and thus the cinfiguration needs to be reread. 3) Added unit test will sample code and comments how to use the functions. 4) Added doxygen description in the comments. 5) Fixed couple typos and ommisions here and there. [INI] Fixing crash detected on 64-bit system This patch corrects original code to be more on the safe side and check parameters before using. Instead of dereferencing metadata it is now passed as reference to the next level. It is not used there yet so no other new changes needed so far. [INI] Addressing review comments [INI] Addressing comments.
SSSD · Apr 14, 2010 · bf72472 · bf72472
1 parent 693c443
commit bf72472
Show file tree

Hide file tree

Showing 4 changed files with 684 additions and 38 deletions.
diff --git a/common/ini/ini_config.c b/common/ini/ini_config.c
@@ -87,6 +87,8 @@
 #define MAX_VALUE       PATH_MAX
 #define BUFFER_SIZE     MAX_KEY + MAX_VALUE + 3
 
+/* Beffer length used for int to string conversions */
+#define CONVERSION_BUFFER 80
 
 /*============================================================*/
 /* The following classes moved here from the public header
@@ -583,7 +585,7 @@ static int config_with_metadata(const char *application,
                                 int error_level,
                                 struct collection_item **error_list,
                                 uint32_t metaflags,
-                                struct collection_item *metadata)
+                                struct collection_item **metadata)
 {
     int error;
     int created = 0;
@@ -667,8 +669,8 @@ int config_from_fd_with_metadata(const char *application,
     int save_error = 0;
     int fd = -1;
     FILE *config_file = NULL;
-    int can_free = 0;
     char abs_name[PATH_MAX + 1];
+    char buff[CONVERSION_BUFFER];
 
     TRACE_FLOW_STRING("config_from_fd_with_metadata", "Entry");
 
@@ -703,10 +705,12 @@ int config_from_fd_with_metadata(const char *application,
 
     if (save_error) {
         /* Record the result of the open file operation in metadata */
-        error = col_add_int_property(*metadata,
+        snprintf(buff, CONVERSION_BUFFER, "%d", file_error);
+        error = col_add_str_property(*metadata,
                                      INI_META_SEC_ERROR,
                                      INI_META_KEY_READ_ERROR,
-                                     file_error);
+                                     buff,
+                                     0);
         if (error) {
             /* Something is really wrong if we failed here */
             TRACE_ERROR_NUMBER("Failed to save file open error", error);
@@ -731,15 +735,17 @@ int config_from_fd_with_metadata(const char *application,
     }
 
 
-    /* Collect meta data before actually parsing the file */
-    error = collect_metadata(metaflags,
-                             metadata,
-                             config_file,
-                             abs_name);
-    if(error) {
-        TRACE_ERROR_NUMBER("Failed to collect metadata", error);
-        fclose(config_file);
-        return error;
+    if (metadata) {
+        /* Collect meta data before actually parsing the file */
+        error = collect_metadata(metaflags,
+                                 metadata,
+                                 config_file,
+                                 abs_name);
+        if(error) {
+            TRACE_ERROR_NUMBER("Failed to collect metadata", error);
+            fclose(config_file);
+            return error;
+        }
     }
 
     if (!(metaflags & INI_META_ACTION_NOPARSE)) {
@@ -751,7 +757,7 @@ int config_from_fd_with_metadata(const char *application,
                                      error_level,
                                      error_list,
                                      metaflags,
-                                     *metadata);
+                                     metadata);
     }
 
     /* We opened the file we close it */
@@ -1529,7 +1535,7 @@ static unsigned long long get_ullong_config_value(struct collection_item *item,
     char *endptr;
     unsigned long long val = 0;
 
-    TRACE_FLOW_STRING("get_long_config_value", "Entry");
+    TRACE_FLOW_STRING("get_ullong_config_value", "Entry");
 
     /* Do we have the item ? */
     if ((item == NULL) ||
@@ -1561,7 +1567,7 @@ static unsigned long long get_ullong_config_value(struct collection_item *item,
         return def;
     }
 
-    TRACE_FLOW_NUMBER("get_long_config_value returning", (long)val);
+    TRACE_FLOW_NUMBER("get_ullong_config_value returning", (long)val);
     return val;
 }
 

diff --git a/common/ini/ini_config.h b/common/ini/ini_config.h
@@ -263,6 +263,42 @@
  * @}
  */
 
+/**
+ * @defgroup accesscheck Access control check flags
+ *
+ * @{
+ */
+
+/**
+ * @brief Validate access mode
+ *
+ * If this flag is specified the mode parameter
+ * will be matched against the permissions set on the file
+ * using the provided mask.
+ */
+#define INI_ACCESS_CHECK_MODE   0x00000001
+
+/**
+ * @brief Validate uid
+ *
+ * Provided uid will be checked against uid
+ * of the file.
+ */
+#define INI_ACCESS_CHECK_UID   0x00000002
+
+/**
+ * @brief Validate gid
+ *
+ * Provided gid will be checked against gid
+ * of the file.
+ */
+#define INI_ACCESS_CHECK_GID   0x00000004
+
+/**
+ * @}
+ */
+
+
 /**
  * @}
  */
@@ -485,6 +521,7 @@ const char *parsing_error_str(int parsing_error);
  *
  * @return 0 - Success.
  * @return EINVAL - Invalid parameter.
+ * @return EMOMEM - No memory.
  * @return Any error returned by fopen().
  *
  */
@@ -516,6 +553,7 @@ int config_from_file(const char *application,
  *                                 detected during parsing.
  *
  * @return 0 - Success.
+ * @return EMOMEM - No memory.
  * @return EINVAL - Invalid parameter.
  *
  */
@@ -567,6 +605,7 @@ int config_from_fd(const char *application,
  *
  * @return 0 - Success.
  * @return EINVAL - Invalid parameter.
+ * @return EMOMEM - No memory.
  * @return Any error returned by fopen().
  *
  *
@@ -622,6 +661,7 @@ int config_from_file_with_metadata(
  *
  * @return 0 - Success.
  * @return EINVAL - Invalid parameter.
+ * @return EMOMEM - No memory.
  *
  */
 int config_from_fd_with_metadata(
@@ -660,6 +700,7 @@ int config_from_fd_with_metadata(
  *
  * @return 0 - Success.
  * @return EINVAL - Invalid parameter.
+ * @return EMOMEM - No memory.
  * @return Any error returned by fopen().
  */
 int config_for_app(const char *application,
@@ -715,6 +756,7 @@ int config_for_app(const char *application,
  *
  * @return 0 - Success.
  * @return EINVAL - Invalid parameter.
+ * @return EMOMEM - No memory.
  * @return Any error returned by fopen().
  */
 int config_for_app_with_metadata(
@@ -727,6 +769,76 @@ int config_for_app_with_metadata(
                    uint32_t metaflags,
                    struct collection_item **meta_default,
                    struct collection_item **meta_appini);
+
+
+/**
+ *
+ * @brief Function to check ownership and permissions
+ *
+ * The function allow caller to make decision
+ * if the configuration file is from a trusted source
+ * or not.
+ *
+ * The flags control how to perform check.
+ * See \ref accesscheck "Access control check flags"
+ * section for more information.
+ *
+ * @param[in] metadata     Meta data object.
+ *                         Can't be NULL.
+ * @param[in] flags        How and what to check.
+ *                         Must be nonzero.
+ * @param[in] uid          UID to check.
+ * @param[in] gid          GID to check.
+ * @param[in] mode         Mode to check.
+ *                         Only permission bits
+ *                         are used.
+ * @param[in] mask         Which mode bits to check.
+ *                         If 0 all permision bits
+ *                         are checked.
+ *
+ * @return 0 - Success.
+ * @return EINVAL  - Invalid parameter.
+ * @return EACCESS - File properties do not match provided
+ *                   access parameters.
+ */
+int config_access_check(struct collection_item *metadata,
+                        uint32_t flags,
+                        uid_t uid,
+                        gid_t gid,
+                        mode_t mode,
+                        mode_t mask);
+
+
+/**
+ * @brief Function compares two meta data objects
+ *
+ * Function compares two meta data objects
+ * to determine whether the configuration
+ * has changed since last time the meta data
+ * was collected.
+ * The function checks three things about the
+ * file:
+ * - time stamp
+ * - device ID
+ * - i-node
+ * If any of those changes function will indicate
+ * that configuration changed.
+ *
+ * @param[in] metadata        Recent meta data object.
+ * @param[in] saved_metadata  Previously saved meta
+ *                            data object.
+ * @param[out] changed        Will be set to a nonzero value
+ *                            if the configuration has changed.
+ *
+ * @return 0 - No internal error
+ * @return EINVAL - Invalid argument
+ * @return ENOENT - Expected value is missing
+ * @return ENOMEM - No memory
+ */
+int config_changed(struct collection_item *metadata,
+                   struct collection_item *saved_metadata,
+                   int *changed);
+
 /**
  * @brief Function to free configuration object.
  *
@@ -747,7 +859,7 @@ void free_ini_config_errors(struct collection_item *error_set);
 /**
  * @brief Function to free metadata.
  *
- * @param[in] error_set       Configuration meta data object.
+ * @param[in] metadata       Configuration meta data object.
  *
  */
 void free_ini_config_metadata(struct collection_item *metadata);