From owner-p4-projects@FreeBSD.ORG Tue Sep 8 00:59:31 2009 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id AF7851065679; Tue, 8 Sep 2009 00:59:31 +0000 (UTC) Delivered-To: perforce@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5B433106566B for ; Tue, 8 Sep 2009 00:59:31 +0000 (UTC) (envelope-from jona@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id 4A3628FC0A for ; Tue, 8 Sep 2009 00:59:31 +0000 (UTC) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id n880xVG7056831 for ; Tue, 8 Sep 2009 00:59:31 GMT (envelope-from jona@FreeBSD.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.3/8.14.3/Submit) id n880xVJC056829 for perforce@freebsd.org; Tue, 8 Sep 2009 00:59:31 GMT (envelope-from jona@FreeBSD.org) Date: Tue, 8 Sep 2009 00:59:31 GMT Message-Id: <200909080059.n880xVJC056829@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to jona@FreeBSD.org using -f From: Jonathan Anderson To: Perforce Change Reviews Cc: Subject: PERFORCE change 168316 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Sep 2009 00:59:31 -0000 http://perforce.freebsd.org/chv.cgi?CH=168316 Change 168316 by jona@jona-trustedbsd-belle-vmware on 2009/09/08 00:59:16 Handle FD caching and retrieving Affected files ... .. //depot/projects/trustedbsd/capabilities/src/lib/libuserangel/libuserangel.c#16 edit .. //depot/projects/trustedbsd/capabilities/src/lib/libuserangel/libuserangel.h#14 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/src/lib/libuserangel/libuserangel.c#16 (text+ko) ==== @@ -140,6 +140,92 @@ +int ua_ping() +{ + if(angel < 0) angel = ua_find(); + if(angel < 0) return -1; + + datum *d = ua_marshall_int(UA_NO_OP); + if(ua_send(angel, d, NULL, 0) < 0) return -1; + if(ua_send(angel, d, NULL, 0) < 0) return -1; /* we have to send an arg */ + free(d); + + d = ua_recv(angel, NULL, NULL); + if(!d) return -1; + + int response; + if(ua_unmarshall_int(d, &response) < 0) return -1; + + return response; +} + + + +int ua_cache_fd(int fd, const char *name, char **token, int long_lasting) +{ + if(angel < 0) angel = ua_find(); + if(angel < 0) return -1; + + struct ua_datum *data[4]; + data[0] = ua_marshall_int(UA_CACHE_FD); + data[1] = ua_marshall_int(1); + data[2] = ua_marshall_int(long_lasting); + data[3] = ua_marshall_string(name, strlen(name)); + + for(int i = 0; i < 3; i++) + { + if(ua_send(angel, data[i], NULL, 0) < 0) return -1; + free(data[i]); + } + + if(ua_send(angel, data[3], &fd, 1) < 0) return -1; + free(data[3]); + + + + // retrieve the crypto token + struct ua_datum *d = ua_recv(angel, NULL, NULL); + if(!d) return -1; + + unsigned int len = d->length + 1; + *token = malloc(len); + if(ua_unmarshall_string(d, *token, &len) < 0) return -1; + + return 0; +} + + +int ua_retrieve_fd(const char *token) +{ + if(angel < 0) angel = ua_find(); + if(angel < 0) return -1; + + struct ua_datum *data[2]; + data[0] = ua_marshall_int(UA_RETRIEVE_FD); + data[1] = ua_marshall_string(token, strlen(token)); + + for(int i = 0; i < 2; i++) + { + if(ua_send(angel, data[i], NULL, 0) < 0) return -1; + free(data[i]); + } + + // retrieve the file descriptor + int32_t fd = -1; + unsigned int fdlen = 1; + struct ua_datum *d = ua_recv(angel, &fd, &fdlen); + if(!d) return -1; + + // make sure there hasn't been an error + unsigned int buflen = d->length + 1; + char buf[buflen]; + if(ua_unmarshall_string(d, buf, &buflen) < 0) return -1; + + return fd; +} + + + int ua_access(const char *path, int mode) { if(angel < 0) angel = ua_find(); @@ -603,7 +689,10 @@ int ua_unmarshall_string(const datum *d, char *value, unsigned int *len) { (*len)--; - ua_unmarshall_bytes(d, value, len); + + int ret = ua_unmarshall_bytes(d, value, len); + if(ret < 0) return ret; + value[*len] = '\0'; return d->length; @@ -620,11 +709,8 @@ else if(d->type != STRING) { if(d->type & ERROR) handle_error(d); - else - { - errno = EINVAL; - return -1; - } + else errno = EINVAL; + return -1; } else if(d->length > *len) { ==== //depot/projects/trustedbsd/capabilities/src/lib/libuserangel/libuserangel.h#14 (text+ko) ==== @@ -56,6 +56,15 @@ /** Set the user angel */ void ua_set(int fd); +/** Ping the user angel to make sure the connection works */ +int ua_ping(void); + +/** Cache a file descriptor */ +int ua_cache_fd(int fd, const char *name, char **token, int long_lasting); + +/** Retrieve a cached file descriptor */ +int ua_retrieve_fd(const char *token); + /** Check access rights via the User Angel */ int ua_access(const char *access, int mode); @@ -81,6 +90,8 @@ enum ua_request_t { UA_NO_OP = 0, /* do nothing (useful for debugging) */ + UA_CACHE_FD, /* cache a file descriptor */ + UA_RETRIEVE_FD, /* retrieve a cached file descriptor */ UA_CHECK_ACCESS, /* access() substitute */ UA_STAT, /* stat() substitute */ UA_OPEN_PATH, /* open() substitute */