From ab1eb1fd5a26affa2383b0eb7e292efd83ec2546 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Thu, 5 Jun 2008 17:24:34 -0400 Subject: Bug 15740: Solaris/ADT auditing support (simon zheng) * bus/driver.c: Add GetAdtAuditSessionData method which returns audit data for a connection. * configure.in: Detect ADT auditing support * dbus/dbus-auth.c: Read ADT auditing creds. * dbus/dbus-connection.c: Implement dbus_connection_get_adt_audit_session_data. * dbus/dbus-connection.h: Export it. * dbus/dbus-credentials.c: Add support for gathering adt_audit_data and retrieving it via _dbus_credentials_get_adt_audit_data. * dbus/dbus-credentials.h: Add DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID. * dbus/dbus-protocol.h: New error DBUS_ERROR_ADT_AUDIT_DATA_UNKNOWN. * dbus/dbus-sysdeps.c: Support for reading audit credentials via ADT API. * dbus/dbus-transport.c: New function _dbus_transport_get_adt_audit_session_data to retrieve credentials. * dbus/dbus-transport.h: Export it. --- dbus/dbus-connection.c | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) (limited to 'dbus/dbus-connection.c') diff --git a/dbus/dbus-connection.c b/dbus/dbus-connection.c index f2902ed4..804af828 100644 --- a/dbus/dbus-connection.c +++ b/dbus/dbus-connection.c @@ -4985,6 +4985,40 @@ dbus_connection_get_unix_process_id (DBusConnection *connection, return result; } +/** + * Gets the ADT audit data of the connection if any. + * Returns #TRUE if the structure pointer is returned. + * Always returns #FALSE prior to authenticating the + * connection. + * + * @param connection the connection + * @param data return location for audit data + * @returns #TRUE if audit data is filled in with a valid ucred pointer + */ +dbus_bool_t +dbus_connection_get_adt_audit_session_data (DBusConnection *connection, + void **data, + dbus_int32_t *data_size) +{ + dbus_bool_t result; + + _dbus_return_val_if_fail (connection != NULL, FALSE); + _dbus_return_val_if_fail (data != NULL, FALSE); + _dbus_return_val_if_fail (data_size != NULL, FALSE); + + CONNECTION_LOCK (connection); + + if (!_dbus_transport_get_is_authenticated (connection->transport)) + result = FALSE; + else + result = _dbus_transport_get_adt_audit_session_data (connection->transport, + data, + data_size); + CONNECTION_UNLOCK (connection); + + return result; +} + /** * Sets a predicate function used to determine whether a given user ID * is allowed to connect. When an incoming connection has -- cgit