[apple/security.git] / OSX / libsecurity_codesigning / lib / dirscanner.cpp

/*
 * Copyright (c) 2014 Apple Inc. All Rights Reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

#include <dirent.h>
#include <unistd.h>
#include <security_utilities/cfutilities.h>
#include <security_utilities/debugging.h>
#include <security_utilities/logging.h>
#include "dirscanner.h"

namespace Security {
namespace CodeSigning {


DirScanner::DirScanner(const char *path)
	: init(false)
{
	this->path = std::string(path);
	this->initialize();
}

DirScanner::DirScanner(string path)
	: init(false)
{
	this->path = path;
	this->initialize();
}

DirScanner::~DirScanner()
{
        if (this->dp != NULL)
                (void) closedir(this->dp);
}

void DirScanner::initialize()
{
	if (this->dp == NULL) {
		errno = 0;
		if ((this->dp = opendir(this->path.c_str())) == NULL) {
			if (errno == ENOENT) {
				init = false;
			} else {
				UnixError::check(-1);
			}
		} else
			init = true;
	} else
		MacOSError::throwMe(errSecInternalError);
}

struct dirent * DirScanner::getNext()
{
	struct dirent* ent;
	do {
		int rc = readdir_r(this->dp, &this->entBuffer, &ent);
		if (rc)
			UnixError::throwMe(rc);
	} while (ent && (strcmp(ent->d_name, ".") == 0 || strcmp(ent->d_name, "..") == 0));
	return ent;
}

bool DirScanner::initialized()
{
	return this->init;
}
	
void DirScanner::unlink(const struct dirent* ent, int flags)
{
	UnixError::check(::unlinkat(dirfd(this->dp), ent->d_name, flags));
}

bool DirScanner::isRegularFile(dirent* dp)
{
	switch (dp->d_type) {
	case DT_REG:
		return true;
	default:
		return false;
	case DT_UNKNOWN:
		{
			struct stat st;
			MacOSError::check(::stat((this->path + "/" + dp->d_name).c_str(), &st));
			return S_ISREG(st.st_mode);
		}
	}
}


DirValidator::~DirValidator()
{
	for (Rules::iterator it = mRules.begin(); it != mRules.end(); ++it)
		delete *it;
}

void DirValidator::validate(const string &root, OSStatus error)
{
	std::set<Rule *> reqMatched;
	FTS fts(root);
	while (FTSENT *ent = fts_read(fts)) {
		const char *relpath = ent->fts_path + root.size() + 1;	// skip prefix + "/"
		bool executable = ent->fts_statp->st_mode & (S_IXUSR | S_IXGRP | S_IXOTH);
		Rule *rule = NULL;
		switch (ent->fts_info) {
		case FTS_F:
			secinfo("dirval", "file %s", ent->fts_path);
			rule = match(relpath, file, executable);
			break;
		case FTS_SL: {
			secinfo("dirval", "symlink %s", ent->fts_path);
			char target[PATH_MAX];
			ssize_t len = ::readlink(ent->fts_accpath, target, sizeof(target)-1);
			if (len < 0)
				UnixError::throwMe();
			target[len] = '\0';
			rule = match(relpath, symlink, executable, target);
			break;
		}
		case FTS_D:
			secinfo("dirval", "entering %s", ent->fts_path);
			if (ent->fts_level == FTS_ROOTLEVEL)
				continue;	// skip root directory
			rule = match(relpath, directory, executable);
			if (!rule || !(rule->flags & descend))
				fts_set(fts, ent, FTS_SKIP);	// do not descend
			break;
		case FTS_DP:
			secinfo("dirval", "leaving %s", ent->fts_path);
			continue;
		default:
			secinfo("dirval", "type %d (errno %d): %s", ent->fts_info, ent->fts_errno, ent->fts_path);
			MacOSError::throwMe(error);	 // not a file, symlink, or directory
		}
		if (!rule)
			MacOSError::throwMe(error);	 // no match
		else if (rule->flags & required)
			reqMatched.insert(rule);
	}
	if (reqMatched.size() != (unsigned long) mRequireCount) {
		secinfo("dirval", "matched %lu of %d required rules", reqMatched.size(), mRequireCount);
		MacOSError::throwMe(error);		 // not all required rules were matched
	}
}

DirValidator::Rule * DirValidator::match(const char *path, uint32_t flags, bool executable, const char *target)
{
	for (Rules::iterator it = mRules.begin(); it != mRules.end(); ++it) {
		Rule *rule = *it;
		if ((rule->flags & flags)
		    && !(executable && (rule->flags & noexec))
		    && rule->match(path)
		    && (!target || rule->matchTarget(path, target)))
			return rule;
	}
	return NULL;
}

DirValidator::FTS::FTS(const string &path, int options)
{
	const char * paths[2] = { path.c_str(), NULL };
	mFTS = fts_open((char * const *)paths, options, NULL);
	if (!mFTS)
		UnixError::throwMe();
}

DirValidator::FTS::~FTS()
{
	fts_close(mFTS);
}

DirValidator::Rule::Rule(const string &pattern, uint32_t flags, TargetPatternBuilder targetBlock)
	: ResourceBuilder::Rule(pattern, 0, flags), mTargetBlock(NULL)
{
	if (targetBlock)
		mTargetBlock = Block_copy(targetBlock);
}

DirValidator::Rule::~Rule()
{
	if (mTargetBlock)
		Block_release(mTargetBlock);
}

bool DirValidator::Rule::matchTarget(const char *path, const char *target) const
{
    if (!mTargetBlock) {
        Syslog::notice("code signing internal problem: !mTargetBlock");
		MacOSError::throwMe(errSecCSInternalError);
    }
	string pattern = mTargetBlock(path, target);
	if (pattern.empty())
		return true;	// always match empty pattern
	secinfo("dirval", "%s: match target %s against %s", path, target, pattern.c_str());
	regex_t re;
    if (::regcomp(&re, pattern.c_str(), REG_EXTENDED | REG_NOSUB)) {
        Syslog::notice("code signing internal problem: failed to compile internal RE");
		MacOSError::throwMe(errSecCSInternalError);
    }
    int rv = ::regexec(&re, target, 0, NULL, 0);
	::regfree(&re);
	switch (rv) {
	case 0:
		return true;
	case REG_NOMATCH:
		return false;
	default:
        Syslog::notice("code signing internal error: regexec failed error=%d", rv);
		MacOSError::throwMe(errSecCSInternalError);
	}
}


} // end namespace CodeSigning
} // end namespace Security
Commit	Line	Data
80e23899 A	1	/*
	2	* Copyright (c) 2014 Apple Inc. All Rights Reserved.
	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. Please obtain a copy of the License at
	10	* http://www.opensource.apple.com/apsl/ and read it before using this
	11	* file.
	12	*
	13	* The Original Code and all software distributed under the License are
	14	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	15	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	16	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	17	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	18	* Please see the License for the specific language governing rights and
	19	* limitations under the License.
	20	*
	21	* @APPLE_LICENSE_HEADER_END@
	22	*/
	23
	24	#include <dirent.h>
	25	#include <unistd.h>
	26	#include <security_utilities/cfutilities.h>
	27	#include <security_utilities/debugging.h>
fa7225c8	28	#include <security_utilities/logging.h>
80e23899 A	29	#include "dirscanner.h"
	30
	31	namespace Security {
	32	namespace CodeSigning {
	33
	34
	35	DirScanner::DirScanner(const char *path)
	36	: init(false)
	37	{
	38	this->path = std::string(path);
	39	this->initialize();
	40	}
	41
	42	DirScanner::DirScanner(string path)
	43	: init(false)
	44	{
	45	this->path = path;
	46	this->initialize();
	47	}
	48
	49	DirScanner::~DirScanner()
	50	{
	51	if (this->dp != NULL)
	52	(void) closedir(this->dp);
	53	}
	54
	55	void DirScanner::initialize()
	56	{
	57	if (this->dp == NULL) {
	58	errno = 0;
	59	if ((this->dp = opendir(this->path.c_str())) == NULL) {
	60	if (errno == ENOENT) {
	61	init = false;
	62	} else {
	63	UnixError::check(-1);
	64	}
	65	} else
	66	init = true;
	67	} else
	68	MacOSError::throwMe(errSecInternalError);
	69	}
	70
	71	struct dirent * DirScanner::getNext()
	72	{
fa7225c8 A	73	struct dirent* ent;
	74	do {
	75	int rc = readdir_r(this->dp, &this->entBuffer, &ent);
	76	if (rc)
	77	UnixError::throwMe(rc);
	78	} while (ent && (strcmp(ent->d_name, ".") == 0 \|\| strcmp(ent->d_name, "..") == 0));
	79	return ent;
80e23899 A	80	}
	81
	82	bool DirScanner::initialized()
	83	{
	84	return this->init;
	85	}
fa7225c8 A	86
	87	void DirScanner::unlink(const struct dirent* ent, int flags)
	88	{
	89	UnixError::check(::unlinkat(dirfd(this->dp), ent->d_name, flags));
	90	}
	91
	92	bool DirScanner::isRegularFile(dirent* dp)
	93	{
	94	switch (dp->d_type) {
	95	case DT_REG:
	96	return true;
	97	default:
	98	return false;
	99	case DT_UNKNOWN:
	100	{
	101	struct stat st;
	102	MacOSError::check(::stat((this->path + "/" + dp->d_name).c_str(), &st));
	103	return S_ISREG(st.st_mode);
	104	}
	105	}
	106	}
	107
80e23899 A	108
	109
	110	DirValidator::~DirValidator()
	111	{
	112	for (Rules::iterator it = mRules.begin(); it != mRules.end(); ++it)
	113	delete *it;
	114	}
	115
	116	void DirValidator::validate(const string &root, OSStatus error)
	117	{
	118	std::set<Rule *> reqMatched;
	119	FTS fts(root);
	120	while (FTSENT *ent = fts_read(fts)) {
	121	const char *relpath = ent->fts_path + root.size() + 1; // skip prefix + "/"
	122	bool executable = ent->fts_statp->st_mode & (S_IXUSR \| S_IXGRP \| S_IXOTH);
	123	Rule *rule = NULL;
	124	switch (ent->fts_info) {
	125	case FTS_F:
fa7225c8	126	secinfo("dirval", "file %s", ent->fts_path);
80e23899 A	127	rule = match(relpath, file, executable);
	128	break;
	129	case FTS_SL: {
fa7225c8	130	secinfo("dirval", "symlink %s", ent->fts_path);
80e23899 A	131	char target[PATH_MAX];
	132	ssize_t len = ::readlink(ent->fts_accpath, target, sizeof(target)-1);
	133	if (len < 0)
	134	UnixError::throwMe();
	135	target[len] = '\0';
	136	rule = match(relpath, symlink, executable, target);
	137	break;
	138	}
	139	case FTS_D:
fa7225c8	140	secinfo("dirval", "entering %s", ent->fts_path);
80e23899 A	141	if (ent->fts_level == FTS_ROOTLEVEL)
	142	continue; // skip root directory
	143	rule = match(relpath, directory, executable);
	144	if (!rule \|\| !(rule->flags & descend))
	145	fts_set(fts, ent, FTS_SKIP); // do not descend
	146	break;
	147	case FTS_DP:
fa7225c8	148	secinfo("dirval", "leaving %s", ent->fts_path);
80e23899 A	149	continue;
80e23899 A	150	default:
fa7225c8	151	secinfo("dirval", "type %d (errno %d): %s", ent->fts_info, ent->fts_errno, ent->fts_path);
80e23899 A	152	MacOSError::throwMe(error); // not a file, symlink, or directory
	153	}
	154	if (!rule)
	155	MacOSError::throwMe(error); // no match
	156	else if (rule->flags & required)
	157	reqMatched.insert(rule);
	158	}
866f8763	159	if (reqMatched.size() != (unsigned long) mRequireCount) {
fa7225c8	160	secinfo("dirval", "matched %lu of %d required rules", reqMatched.size(), mRequireCount);
80e23899 A	161	MacOSError::throwMe(error); // not all required rules were matched
	162	}
	163	}
	164
	165	DirValidator::Rule * DirValidator::match(const char path, uint32_t flags, bool executable, const char target)
	166	{
	167	for (Rules::iterator it = mRules.begin(); it != mRules.end(); ++it) {
	168	Rule rule = it;
	169	if ((rule->flags & flags)
	170	&& !(executable && (rule->flags & noexec))
	171	&& rule->match(path)
	172	&& (!target \|\| rule->matchTarget(path, target)))
	173	return rule;
	174	}
	175	return NULL;
	176	}
	177
	178	DirValidator::FTS::FTS(const string &path, int options)
	179	{
	180	const char * paths[2] = { path.c_str(), NULL };
	181	mFTS = fts_open((char * const *)paths, options, NULL);
	182	if (!mFTS)
	183	UnixError::throwMe();
	184	}
	185
	186	DirValidator::FTS::~FTS()
	187	{
	188	fts_close(mFTS);
	189	}
	190
	191	DirValidator::Rule::Rule(const string &pattern, uint32_t flags, TargetPatternBuilder targetBlock)
	192	: ResourceBuilder::Rule(pattern, 0, flags), mTargetBlock(NULL)
	193	{
	194	if (targetBlock)
	195	mTargetBlock = Block_copy(targetBlock);
	196	}
	197
	198	DirValidator::Rule::~Rule()
	199	{
	200	if (mTargetBlock)
	201	Block_release(mTargetBlock);
	202	}
	203
	204	bool DirValidator::Rule::matchTarget(const char path, const char target) const
	205	{
fa7225c8 A	206	if (!mTargetBlock) {
fa7225c8 A	207	Syslog::notice("code signing internal problem: !mTargetBlock");
80e23899	208	MacOSError::throwMe(errSecCSInternalError);
fa7225c8	209	}
80e23899 A	210	string pattern = mTargetBlock(path, target);
	211	if (pattern.empty())
	212	return true; // always match empty pattern
fa7225c8	213	secinfo("dirval", "%s: match target %s against %s", path, target, pattern.c_str());
80e23899	214	regex_t re;
fa7225c8 A	215	if (::regcomp(&re, pattern.c_str(), REG_EXTENDED \| REG_NOSUB)) {
fa7225c8 A	216	Syslog::notice("code signing internal problem: failed to compile internal RE");
80e23899	217	MacOSError::throwMe(errSecCSInternalError);
fa7225c8 A	218	}
fa7225c8 A	219	int rv = ::regexec(&re, target, 0, NULL, 0);
d87e1158 A	220	::regfree(&re);
d87e1158 A	221	switch (rv) {
80e23899 A	222	case 0:
	223	return true;
	224	case REG_NOMATCH:
	225	return false;
	226	default:
fa7225c8	227	Syslog::notice("code signing internal error: regexec failed error=%d", rv);
80e23899 A	228	MacOSError::throwMe(errSecCSInternalError);
	229	}
	230	}
	231
	232
	233	} // end namespace CodeSigning
	234	} // end namespace Security