int apol_filename_trans_get_by_query(const apol_policy_t * p, const apol_filename_trans_query_t * t, apol_vector_t ** v)
{
apol_vector_t *source_list = NULL, *target_list = NULL, *class_list = NULL, *default_list = NULL;
int retval = -1, source_as_any = 0, is_regex = 0;
*v = NULL;
qpol_iterator_t *iter = NULL;
if (t != NULL) {
is_regex = t->flags & APOL_QUERY_REGEX;
if (t->source != NULL &&
(source_list =
apol_query_create_candidate_type_list(p, t->source, is_regex,
t->flags & APOL_QUERY_SOURCE_INDIRECT,
((t->flags & (APOL_QUERY_SOURCE_TYPE | APOL_QUERY_SOURCE_ATTRIBUTE)) /
APOL_QUERY_SOURCE_TYPE))) == NULL) {
goto cleanup;
}
if ((t->flags & APOL_QUERY_SOURCE_AS_ANY) && t->source != NULL) {
default_list = target_list = source_list;
source_as_any = 1;
} else {
if (t->target != NULL &&
(target_list =
apol_query_create_candidate_type_list(p, t->target, is_regex,
t->flags & APOL_QUERY_TARGET_INDIRECT,
((t->
flags & (APOL_QUERY_TARGET_TYPE | APOL_QUERY_TARGET_ATTRIBUTE))
/ APOL_QUERY_TARGET_TYPE))) == NULL) {
goto cleanup;
}
if (t->default_type != NULL &&
(default_list =
apol_query_create_candidate_type_list(p, t->default_type, is_regex, 0,
APOL_QUERY_SYMBOL_IS_TYPE)) == NULL) {
goto cleanup;
}
}
if (t->classes != NULL &&
apol_vector_get_size(t->classes) > 0 &&
(class_list = apol_query_create_candidate_class_list(p, t->classes)) == NULL) {
goto cleanup;
}
}
if (qpol_policy_get_filename_trans_iter(p->p, &iter) < 0) {
goto cleanup;
}
if ((*v = apol_vector_create(NULL)) == NULL) {
ERR(p, "%s", strerror(errno));
goto cleanup;
}
for (; !qpol_iterator_end(iter); qpol_iterator_next(iter)) {
int match_source = 0, match_target = 0, match_default = 0;
size_t i;
qpol_filename_trans_t *filename_trans;
if (qpol_iterator_get_item(iter, (void **)&filename_trans) < 0) {
goto cleanup;
}
if (source_list == NULL) {
match_source = 1;
} else {
const qpol_type_t *source_type;
if (qpol_filename_trans_get_source_type(p->p, filename_trans, &source_type) < 0) {
goto cleanup;
}
if (apol_vector_get_index(source_list, source_type, NULL, NULL, &i) == 0) {
match_source = 1;
}
}
/* if source did not match, but treating source symbol
* as any field, then delay rejecting this filename_trans until
* the target and default have been checked */
if (!source_as_any && !match_source) {
continue;
}
if (target_list == NULL || (source_as_any && match_source)) {
match_target = 1;
} else {
const qpol_type_t *target_type;
if (qpol_filename_trans_get_target_type(p->p, filename_trans, &target_type) < 0) {
goto cleanup;
}
if (apol_vector_get_index(target_list, target_type, NULL, NULL, &i) == 0) {
match_target = 1;
}
}
if (!source_as_any && !match_target) {
continue;
}
if (default_list == NULL || (source_as_any && match_source) || (source_as_any && match_target)) {
match_default = 1;
} else {
const qpol_type_t *default_type;
if (qpol_filename_trans_get_default_type(p->p, filename_trans, &default_type) < 0) {
goto cleanup;
}
if (apol_vector_get_index(default_list, default_type, NULL, NULL, &i) == 0) {
match_default = 1;
}
}
if (!source_as_any && !match_default) {
continue;
}
/* at least one thing must match if source_as_any was given */
if (source_as_any && (!match_source && !match_target && !match_default)) {
continue;
}
if (class_list != NULL) {
const qpol_class_t *obj_class;
if (qpol_filename_trans_get_object_class(p->p, filename_trans, &obj_class) < 0) {
goto cleanup;
}
if (apol_vector_get_index(class_list, obj_class, NULL, NULL, &i) < 0) {
continue;
}
}
if (apol_vector_append(*v, filename_trans)) {
ERR(p, "%s", strerror(ENOMEM));
goto cleanup;
}
}
retval = 0;
cleanup:
if (retval != 0) {
apol_vector_destroy(v);
}
apol_vector_destroy(&source_list);
if (!source_as_any) {
apol_vector_destroy(&target_list);
apol_vector_destroy(&default_list);
}
apol_vector_destroy(&class_list);
qpol_iterator_destroy(&iter);
return retval;
}
static PyObject* get_ft_results(const apol_policy_t * policy, const apol_vector_t * v, PyObject *list)
{
PyObject *dict = NULL;
size_t i, num_filename_trans = 0;
const char *tmp_name;
int error = 0;
int rt;
const qpol_filename_trans_t *filename_trans = NULL;
const qpol_class_t *obj_class = NULL;
char *tmp = NULL, *filename_trans_str = NULL, *expr = NULL;
qpol_policy_t *q;
const qpol_type_t *type = NULL;
if (!policy || !v) {
errno = EINVAL;
goto err;
}
if (!(num_filename_trans = apol_vector_get_size(v)))
return NULL;
q = apol_policy_get_qpol(policy);
for (i = 0; i < num_filename_trans; i++) {
if (!(filename_trans = apol_vector_get_element(v, i)))
goto err;
dict = PyDict_New();
if (!dict) goto err;
if (py_insert_string(dict, "type", "type_transition"))
goto err;
/* source type */
if (qpol_filename_trans_get_source_type(q, filename_trans, &type)) {
goto err;
}
if (qpol_type_get_name(q, type, &tmp_name)) {
goto err;
}
if (py_insert_string(dict, "source", tmp_name))
goto err;
if (qpol_filename_trans_get_target_type(q, filename_trans, &type))
goto err;
if (qpol_type_get_name(q, type, &tmp_name))
goto err;
if (py_insert_string(dict, "target", tmp_name))
goto err;
if (qpol_filename_trans_get_object_class(q, filename_trans, &obj_class))
goto err;
if (qpol_class_get_name(q, obj_class, &tmp_name))
goto err;
if (py_insert_string(dict, "class", tmp_name))
goto err;
if (qpol_filename_trans_get_default_type(q, filename_trans, &type))
goto err;
if (qpol_type_get_name(q, type, &tmp_name))
goto err;
if (py_insert_string(dict, "transtype", tmp_name))
goto err;
if (! qpol_filename_trans_get_filename(q, filename_trans, &tmp_name)) {
if (py_insert_string(dict, "filename", tmp_name))
goto err;
}
rt = py_append_obj(list, dict);
dict = NULL;
if (rt) goto err;
free(filename_trans_str); filename_trans_str = NULL;
free(expr); expr = NULL;
}
goto cleanup;
err:
error = errno;
PyErr_SetString(PyExc_RuntimeError,strerror(errno));
py_decref(dict);
cleanup:
free(tmp);
free(filename_trans_str);
free(expr);
errno = error;
return list;
}
char *apol_filename_trans_render(const apol_policy_t * policy, const qpol_filename_trans_t * filename_trans)
{
char *tmp = NULL;
const char *tmp_name = NULL;
int error = 0;
size_t tmp_sz = 0;
const qpol_type_t *type = NULL;
const qpol_class_t *obj_class = NULL;
if (!policy || !filename_trans) {
ERR(policy, "%s", strerror(EINVAL));
errno = EINVAL;
return NULL;
}
/* source type */
if (qpol_filename_trans_get_source_type(policy->p, filename_trans, &type)) {
error = errno;
goto err;
}
if (qpol_type_get_name(policy->p, type, &tmp_name)) {
error = errno;
goto err;
}
if (apol_str_appendf(&tmp, &tmp_sz, "type_transition %s ", tmp_name)) {
error = errno;
ERR(policy, "%s", strerror(error));
goto err;
}
/* target type */
if (qpol_filename_trans_get_target_type(policy->p, filename_trans, &type)) {
error = errno;
goto err;
}
if (qpol_type_get_name(policy->p, type, &tmp_name)) {
error = errno;
goto err;
}
if (apol_str_appendf(&tmp, &tmp_sz, "%s : ", tmp_name)) {
error = errno;
ERR(policy, "%s", strerror(error));
goto err;
}
/* object class */
if (qpol_filename_trans_get_object_class(policy->p, filename_trans, &obj_class)) {
error = errno;
goto err;
}
if (qpol_class_get_name(policy->p, obj_class, &tmp_name)) {
error = errno;
goto err;
}
if (apol_str_appendf(&tmp, &tmp_sz, "%s ", tmp_name)) {
error = errno;
ERR(policy, "%s", strerror(error));
goto err;
}
/* default type */
if (qpol_filename_trans_get_default_type(policy->p, filename_trans, &type)) {
error = errno;
goto err;
}
if (qpol_type_get_name(policy->p, type, &tmp_name)) {
error = errno;
goto err;
}
if (apol_str_appendf(&tmp, &tmp_sz, "%s", tmp_name)) {
error = errno;
ERR(policy, "%s", strerror(error));
goto err;
}
/* filename */
if (qpol_filename_trans_get_filename(policy->p, filename_trans, &tmp_name)) {
error = errno;
goto err;
}
if (apol_str_appendf(&tmp, &tmp_sz, " \"%s\";", tmp_name)) {
error = errno;
ERR(policy, "%s", strerror(error));
goto err;
}
return tmp;
err:
free(tmp);
errno = error;
return NULL;
}
