/* Destroy */
void semanage_fcontext_free(semanage_fcontext_t * fcontext)
{
if (!fcontext)
return;
free(fcontext->expr);
semanage_context_free(fcontext->con);
free(fcontext);
}
int semanage_fcontext_set_con(semanage_handle_t * handle,
semanage_fcontext_t * fcontext,
semanage_context_t * con)
{
semanage_context_t *newcon;
if (semanage_context_clone(handle, con, &newcon) < 0) {
ERR(handle, "out of memory, could not set file context");
return STATUS_ERR;
}
semanage_context_free(fcontext->con);
fcontext->con = newcon;
return STATUS_SUCCESS;
}
static int node_parse(semanage_handle_t * handle,
parse_info_t * info, semanage_node_t * node)
{
int proto;
char *str = NULL;
semanage_context_t *con = NULL;
if (parse_skip_space(handle, info) < 0)
goto err;
if (!info->ptr)
goto last;
/* Header */
if (parse_assert_str(handle, info, "nodecon") < 0)
goto err;
if (parse_assert_space(handle, info) < 0)
goto err;
/* Protocol */
if (parse_fetch_string(handle, info, &str, ' ') < 0)
goto err;
if (!strcasecmp(str, "ipv4"))
proto = SEMANAGE_PROTO_IP4;
else if (!strcasecmp(str, "ipv6"))
proto = SEMANAGE_PROTO_IP6;
else {
ERR(handle, "invalid protocol \"%s\" (%s: %u):\n%s", str,
info->filename, info->lineno, info->orig_line);
goto err;
}
free(str);
str = NULL;
semanage_node_set_proto(node, proto);
/* Address */
if (parse_assert_space(handle, info) < 0)
goto err;
if (parse_fetch_string(handle, info, &str, ' ') < 0)
goto err;
if (semanage_node_set_addr(handle, node, proto, str) < 0)
goto err;
if (parse_assert_space(handle, info) < 0)
goto err;
free(str);
str = NULL;
/* Netmask */
if (parse_fetch_string(handle, info, &str, ' ') < 0)
goto err;
if (semanage_node_set_mask(handle, node, proto, str) < 0)
goto err;
if (parse_assert_space(handle, info) < 0)
goto err;
free(str);
str = NULL;
/* Port context */
if (parse_fetch_string(handle, info, &str, ' ') < 0)
goto err;
if (semanage_context_from_string(handle, str, &con) < 0) {
ERR(handle, "invalid security context \"%s\" (%s: %u)\n%s",
str, info->filename, info->lineno, info->orig_line);
goto err;
}
if (con == NULL) {
ERR(handle, "<<none>> context is not valid "
"for nodes (%s: %u):\n%s", info->filename,
info->lineno, info->orig_line);
goto err;
}
free(str);
str = NULL;
if (semanage_node_set_con(handle, node, con) < 0)
goto err;
if (parse_assert_space(handle, info) < 0)
goto err;
semanage_context_free(con);
return STATUS_SUCCESS;
last:
parse_dispose_line(info);
return STATUS_NODATA;
err:
ERR(handle, "could not parse node record");
free(str);
semanage_context_free(con);
parse_dispose_line(info);
return STATUS_ERR;
}
