diff options
Diffstat (limited to 'libsemanage/src')
92 files changed, 29945 insertions, 0 deletions
diff --git a/libsemanage/src/Makefile b/libsemanage/src/Makefile new file mode 100644 index 00000000..0bc2e043 --- /dev/null +++ b/libsemanage/src/Makefile @@ -0,0 +1,116 @@ +# Installation directories. +PREFIX ?= $(DESTDIR)/usr +LIBDIR ?= $(PREFIX)/lib +SHLIBDIR ?= $(DESTDIR)/lib +INCLUDEDIR ?= $(PREFIX)/include +PYLIBVER ?= $(shell python -c 'import sys;print "python%d.%d" % sys.version_info[0:2]') +PYINC ?= /usr/include/${PYLIBVER} +PYLIBDIR ?= $(LIBDIR)/${PYLIBVER} + +DEFAULT_SEMANAGE_CONF_LOCATION=$(DESTDIR)/etc/selinux/semanage.conf + +ifeq ($(DEBUG),1) + export CFLAGS = -g3 -O0 -gdwarf-2 -fno-strict-aliasing -Wall -Wshadow -Werror + export LDFLAGS = -g +endif + +LEX = flex +LFLAGS = -s +YACC = bison +YFLAGS = -d + +LIBVERSION = 1 + +LIBA=libsemanage.a +TARGET=libsemanage.so +SWIGIF= semanageswig_python.i +SWIGCOUT= semanageswig_wrap.c +SWIGLOBJ:= $(patsubst %.c,%.lo,$(SWIGCOUT)) +SWIGSO=_semanage.so +SWIGFILES=$(SWIGSO) semanage.py +LIBSO=$(TARGET).$(LIBVERSION) +OBJS= $(patsubst %.c,%.o,$(filter-out $(SWIGCOUT),$(wildcard *.c))) conf-scan.o conf-parse.o +LOBJS= $(patsubst %.c,%.lo,$(filter-out $(SWIGCOUT),$(wildcard *.c))) conf-scan.lo conf-parse.lo +CFLAGS ?= -Wall -W -Wundef -Wshadow -Wmissing-noreturn -Wmissing-format-attribute -Wno-unused-parameter + +override CFLAGS += -I../include -I$(INCLUDEDIR) -D_GNU_SOURCE + +SWIG = swig -Wall -python -o $(SWIGCOUT) -outdir ./ + +GENERATED=$(SWIGCOUT) $(wildcard conf-*.[ch]) + +all: $(LIBA) $(LIBSO) + +pywrap: all $(SWIGLOBJ) $(SWIGSO) + +$(SWIGLOBJ): $(SWIGCOUT) + $(CC) $(filter-out -Werror, $(CFLAGS)) -I$(PYINC) -fPIC -DSHARED -c -o $@ $< + +$(SWIGSO): $(SWIGLOBJ) + $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< -L. -lsemanage -l$(PYLIBVER) -L$(LIBDIR) -Wl,-soname,$@,-z,defs + +$(LIBA): $(OBJS) + $(AR) rcs $@ $^ + ranlib $@ + +$(LIBSO): $(LOBJS) + $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol -lselinux -lustr -L$(LIBDIR) -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs + ln -sf $@ $(TARGET) + +conf-scan.c: conf-scan.l conf-parse.h + $(LEX) $(LFLAGS) -t $< > $@ + +conf-parse.c: conf-parse.y + $(YACC) $(YFLAGS) -o $@ $< + +conf-parse.h: conf-parse.c + +%.o: %.c + $(CC) $(CFLAGS) -c -o $@ $< + +%.lo: %.c + $(CC) $(CFLAGS) -fPIC -DSHARED -c -o $@ $< + +conf-parse.o: conf-parse.c + $(CC) $(filter-out -Werror, $(CFLAGS)) -c -o $@ $< + +conf-parse.lo: conf-parse.c + $(CC) $(filter-out -Werror, $(CFLAGS)) -fPIC -DSHARED -c -o $@ $< + +conf-scan.o: conf-scan.c + $(CC) $(filter-out -Werror, $(CFLAGS)) -c -o $@ $< + +conf-scan.lo: conf-scan.c + $(CC) $(filter-out -Werror, $(CFLAGS)) -fPIC -DSHARED -c -o $@ $< + +$(SWIGCOUT): $(SWIGIF) + $(SWIG) $^ + +swigify: $(SWIGIF) + $(SWIG) $^ + +install: all + test -d $(LIBDIR) || install -m 755 -d $(LIBDIR) + install -m 644 $(LIBA) $(LIBDIR) + test -d $(SHLIBDIR) || install -m 755 -d $(SHLIBDIR) + install -m 755 $(LIBSO) $(SHLIBDIR) + test -f $(DEFAULT_SEMANAGE_CONF_LOCATION) || install -m 644 -D semanage.conf $(DEFAULT_SEMANAGE_CONF_LOCATION) + cd $(LIBDIR) && ln -sf ../../`basename $(SHLIBDIR)`/$(LIBSO) $(TARGET) + +install-pywrap: pywrap + test -d $(PYLIBDIR)/site-packages || install -m 755 -d $(PYLIBDIR)/site-packages + install -m 755 $(SWIGFILES) $(PYLIBDIR)/site-packages + +relabel: + /sbin/restorecon $(SHLIBDIR)/$(LIBSO) + +clean: + rm -f $(OBJS) $(LOBJS) $(LIBA) $(LIBSO) $(SWIGLOBJ) $(SWIGSO) $(TARGET) conf-parse.c conf-parse.h conf-scan.c + +distclean: clean + rm -f $(SWIGCOUT) $(SWIGFILES) + +indent: + ../../scripts/Lindent $(filter-out $(GENERATED),$(wildcard *.[ch])) + +.PHONY: all clean pywrap swigify install install-pywrap distclean diff --git a/libsemanage/src/boolean_internal.h b/libsemanage/src/boolean_internal.h new file mode 100644 index 00000000..66e7f358 --- /dev/null +++ b/libsemanage/src/boolean_internal.h @@ -0,0 +1,42 @@ +#ifndef _SEMANAGE_BOOLEAN_INTERNAL_H_ +#define _SEMANAGE_BOOLEAN_INTERNAL_H_ + +#include <semanage/boolean_record.h> +#include <semanage/booleans_local.h> +#include <semanage/booleans_policy.h> +#include <semanage/booleans_active.h> +#include "database.h" +#include "handle.h" +#include "dso.h" + +hidden_proto(semanage_bool_clone) + hidden_proto(semanage_bool_compare) + hidden_proto(semanage_bool_compare2) + hidden_proto(semanage_bool_create) + hidden_proto(semanage_bool_free) + hidden_proto(semanage_bool_get_name) + hidden_proto(semanage_bool_get_value) + hidden_proto(semanage_bool_key_extract) + hidden_proto(semanage_bool_key_free) + hidden_proto(semanage_bool_set_name) + hidden_proto(semanage_bool_set_value) + +/* BOOL RECORD: metod table */ +extern record_table_t SEMANAGE_BOOL_RTABLE; + +extern int bool_file_dbase_init(semanage_handle_t * handle, + const char *fname, dbase_config_t * dconfig); + +extern void bool_file_dbase_release(dbase_config_t * dconfig); + +extern int bool_policydb_dbase_init(semanage_handle_t * handle, + dbase_config_t * dconfig); + +extern void bool_policydb_dbase_release(dbase_config_t * dconfig); + +extern int bool_activedb_dbase_init(semanage_handle_t * handle, + dbase_config_t * dconfig); + +extern void bool_activedb_dbase_release(dbase_config_t * dconfig); + +#endif diff --git a/libsemanage/src/boolean_record.c b/libsemanage/src/boolean_record.c new file mode 100644 index 00000000..a4351077 --- /dev/null +++ b/libsemanage/src/boolean_record.c @@ -0,0 +1,146 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +/* Object: semanage_bool_t (Policy Boolean) + * Object: semanage_bool_key_t (Policy Boolean Key) + * Implements: record_t (Database Record) + * Implements: record_key_t (Database Record Key) + */ + +#include <sepol/boolean_record.h> + +typedef sepol_bool_t semanage_bool_t; +typedef sepol_bool_key_t semanage_bool_key_t; +#define _SEMANAGE_BOOL_DEFINED_ + +typedef semanage_bool_t record_t; +typedef semanage_bool_key_t record_key_t; +#define DBASE_RECORD_DEFINED + +#include "boolean_internal.h" +#include "handle.h" +#include "database.h" + +/* Key */ +int semanage_bool_key_create(semanage_handle_t * handle, + const char *name, semanage_bool_key_t ** key) +{ + + return sepol_bool_key_create(handle->sepolh, name, key); +} + +int semanage_bool_key_extract(semanage_handle_t * handle, + const semanage_bool_t * boolean, + semanage_bool_key_t ** key) +{ + + return sepol_bool_key_extract(handle->sepolh, boolean, key); +} + +hidden_def(semanage_bool_key_extract) + +void semanage_bool_key_free(semanage_bool_key_t * key) +{ + sepol_bool_key_free(key); +} + +hidden_def(semanage_bool_key_free) + +int semanage_bool_compare(const semanage_bool_t * boolean, + const semanage_bool_key_t * key) +{ + + return sepol_bool_compare(boolean, key); +} + +hidden_def(semanage_bool_compare) + +int semanage_bool_compare2(const semanage_bool_t * boolean, + const semanage_bool_t * boolean2) +{ + + return sepol_bool_compare2(boolean, boolean2); +} + +hidden_def(semanage_bool_compare2) + +static int semanage_bool_compare2_qsort(const semanage_bool_t ** boolean, + const semanage_bool_t ** boolean2) +{ + + return sepol_bool_compare2(*boolean, *boolean2); +} + +/* Name */ +const char *semanage_bool_get_name(const semanage_bool_t * boolean) +{ + + return sepol_bool_get_name(boolean); +} + +hidden_def(semanage_bool_get_name) + +int semanage_bool_set_name(semanage_handle_t * handle, + semanage_bool_t * boolean, const char *name) +{ + + return sepol_bool_set_name(handle->sepolh, boolean, name); +} + +hidden_def(semanage_bool_set_name) + +/* Value */ +int semanage_bool_get_value(const semanage_bool_t * boolean) +{ + + return sepol_bool_get_value(boolean); +} + +hidden_def(semanage_bool_get_value) + +void semanage_bool_set_value(semanage_bool_t * boolean, int value) +{ + + sepol_bool_set_value(boolean, value); +} + +hidden_def(semanage_bool_set_value) + +/* Create/Clone/Destroy */ +int semanage_bool_create(semanage_handle_t * handle, + semanage_bool_t ** bool_ptr) +{ + + return sepol_bool_create(handle->sepolh, bool_ptr); +} + +hidden_def(semanage_bool_create) + +int semanage_bool_clone(semanage_handle_t * handle, + const semanage_bool_t * boolean, + semanage_bool_t ** bool_ptr) +{ + + return sepol_bool_clone(handle->sepolh, boolean, bool_ptr); +} + +hidden_def(semanage_bool_clone) + +void semanage_bool_free(semanage_bool_t * boolean) +{ + + sepol_bool_free(boolean); +} + +hidden_def(semanage_bool_free) + +/* Record base functions */ +record_table_t SEMANAGE_BOOL_RTABLE = { + .create = semanage_bool_create, + .key_extract = semanage_bool_key_extract, + .key_free = semanage_bool_key_free, + .clone = semanage_bool_clone, + .compare = semanage_bool_compare, + .compare2 = semanage_bool_compare2, + .compare2_qsort = semanage_bool_compare2_qsort, + .free = semanage_bool_free, +}; diff --git a/libsemanage/src/booleans_active.c b/libsemanage/src/booleans_active.c new file mode 100644 index 00000000..0725aecf --- /dev/null +++ b/libsemanage/src/booleans_active.c @@ -0,0 +1,62 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_bool; +struct semanage_bool_key; +typedef struct semanage_bool_key record_key_t; +typedef struct semanage_bool record_t; +#define DBASE_RECORD_DEFINED + +#include "boolean_internal.h" +#include "handle.h" +#include "database.h" + +int semanage_bool_set_active(semanage_handle_t * handle, + const semanage_bool_key_t * key, + const semanage_bool_t * data) +{ + + dbase_config_t *dconfig = semanage_bool_dbase_active(handle); + return dbase_set(handle, dconfig, key, data); +} + +int semanage_bool_query_active(semanage_handle_t * handle, + const semanage_bool_key_t * key, + semanage_bool_t ** response) +{ + + dbase_config_t *dconfig = semanage_bool_dbase_active(handle); + return dbase_query(handle, dconfig, key, response); +} + +int semanage_bool_exists_active(semanage_handle_t * handle, + const semanage_bool_key_t * key, int *response) +{ + + dbase_config_t *dconfig = semanage_bool_dbase_active(handle); + return dbase_exists(handle, dconfig, key, response); +} + +int semanage_bool_count_active(semanage_handle_t * handle, + unsigned int *response) +{ + + dbase_config_t *dconfig = semanage_bool_dbase_active(handle); + return dbase_count(handle, dconfig, response); +} + +int semanage_bool_iterate_active(semanage_handle_t * handle, + int (*handler) (const semanage_bool_t * record, + void *varg), void *handler_arg) +{ + + dbase_config_t *dconfig = semanage_bool_dbase_active(handle); + return dbase_iterate(handle, dconfig, handler, handler_arg); +} + +int semanage_bool_list_active(semanage_handle_t * handle, + semanage_bool_t *** records, unsigned int *count) +{ + + dbase_config_t *dconfig = semanage_bool_dbase_active(handle); + return dbase_list(handle, dconfig, records, count); +} diff --git a/libsemanage/src/booleans_activedb.c b/libsemanage/src/booleans_activedb.c new file mode 100644 index 00000000..9bcc9d71 --- /dev/null +++ b/libsemanage/src/booleans_activedb.c @@ -0,0 +1,167 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_bool; +struct semanage_bool_key; +typedef struct semanage_bool record_t; +typedef struct semanage_bool_key record_key_t; +#define DBASE_RECORD_DEFINED + +struct dbase_activedb; +typedef struct dbase_activedb dbase_t; +#define DBASE_DEFINED + +#include <stdlib.h> +#include <string.h> +#include <selinux/selinux.h> +#include <semanage/handle.h> +#include "boolean_internal.h" +#include "database_activedb.h" +#include "parse_utils.h" +#include "debug.h" + +static int bool_read_list(semanage_handle_t * handle, + semanage_bool_t *** booleans, unsigned int *count) +{ + + semanage_bool_t **tmp_booleans = NULL; + unsigned int tmp_count = 0; + int i; + + char **names = NULL; + int len = 0; + + /* Fetch boolean names */ + if (security_get_boolean_names(&names, &len) < 0) { + ERR(handle, "could not get list of boolean names"); + goto err; + } + + /* Allocate a sufficiently large array */ + tmp_booleans = malloc(sizeof(semanage_bool_t *) * len); + if (tmp_booleans == NULL) + goto omem; + + /* Create records one by one */ + for (i = 0; i < len; i++) { + + int value; + + if (semanage_bool_create(handle, &tmp_booleans[i]) < 0) + goto err; + tmp_count++; + + if (semanage_bool_set_name(handle, + tmp_booleans[i], names[i]) < 0) + goto err; + + value = security_get_boolean_active(names[i]); + if (value < 0) { + ERR(handle, "could not get the value " + "for boolean %s", names[i]); + goto err; + } + + semanage_bool_set_value(tmp_booleans[i], value); + } + + /* Success */ + for (i = 0; i < len; i++) + free(names[i]); + free(names); + *booleans = tmp_booleans; + *count = tmp_count; + return STATUS_SUCCESS; + + /* Failure */ + omem: + ERR(handle, "out of memory"); + + err: + ERR(handle, "could not read boolean list"); + for (i = 0; i < len; i++) + free(names[i]); + free(names); + for (i = 0; (unsigned int)i < tmp_count; i++) + semanage_bool_free(tmp_booleans[i]); + free(tmp_booleans); + return STATUS_ERR; +} + +static int bool_commit_list(semanage_handle_t * handle, + semanage_bool_t ** booleans, unsigned int count) +{ + + SELboolean *blist = NULL; + const char *name; + unsigned int bcount = 0; + unsigned int i; + int curvalue, newvalue; + + /* Allocate a sufficiently large array */ + blist = malloc(sizeof(SELboolean) * count); + if (blist == NULL) + goto omem; + + /* Populate array */ + for (i = 0; i < count; i++) { + name = semanage_bool_get_name(booleans[i]); + if (!name) + goto omem; + newvalue = semanage_bool_get_value(booleans[i]); + curvalue = security_get_boolean_active(name); + if (newvalue == curvalue) + continue; + blist[bcount].name = strdup(name); + if (blist[bcount].name == NULL) + goto omem; + blist[bcount].value = newvalue; + bcount++; + } + + /* Commit */ + if (security_set_boolean_list(bcount, blist, 0) < 0) { + ERR(handle, "libselinux commit failed"); + goto err; + } + + for (i = 0; i < bcount; i++) + free(blist[i].name); + free(blist); + return STATUS_SUCCESS; + + omem: + ERR(handle, "out of memory"); + + err: + ERR(handle, "could not commit boolean list"); + for (i = 0; i < bcount; i++) + free(blist[i].name); + free(blist); + return STATUS_ERR; +} + +/* BOOL RECORD: ACTIVEDB extension: method table */ +record_activedb_table_t SEMANAGE_BOOL_ACTIVEDB_RTABLE = { + .read_list = bool_read_list, + .commit_list = bool_commit_list, +}; + +int bool_activedb_dbase_init(semanage_handle_t * handle, + dbase_config_t * dconfig) +{ + + if (dbase_activedb_init(handle, + &SEMANAGE_BOOL_RTABLE, + &SEMANAGE_BOOL_ACTIVEDB_RTABLE, + &dconfig->dbase) < 0) + return STATUS_ERR; + + dconfig->dtable = &SEMANAGE_ACTIVEDB_DTABLE; + return STATUS_SUCCESS; +} + +void bool_activedb_dbase_release(dbase_config_t * dconfig) +{ + + dbase_activedb_release(dconfig->dbase); +} diff --git a/libsemanage/src/booleans_file.c b/libsemanage/src/booleans_file.c new file mode 100644 index 00000000..af5b1b3a --- /dev/null +++ b/libsemanage/src/booleans_file.c @@ -0,0 +1,127 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_bool; +struct semanage_bool_key; +typedef struct semanage_bool record_t; +typedef struct semanage_bool_key record_key_t; +#define DBASE_RECORD_DEFINED + +struct dbase_file; +typedef struct dbase_file dbase_t; +#define DBASE_DEFINED + +#include <stdlib.h> +#include <stdio.h> +#include <ctype.h> +#include <string.h> +#include <semanage/handle.h> +#include "boolean_internal.h" +#include "database_file.h" +#include "parse_utils.h" +#include "debug.h" + +static int bool_print(semanage_handle_t * handle, + semanage_bool_t * boolean, FILE * str) +{ + + const char *name = semanage_bool_get_name(boolean); + int value = semanage_bool_get_value(boolean); + + if (fprintf(str, "%s=%d\n", name, value) < 0) { + ERR(handle, "could not print boolean %s to stream", name); + return STATUS_ERR; + } + + return STATUS_SUCCESS; +} + +static int bool_parse(semanage_handle_t * handle, + parse_info_t * info, semanage_bool_t * boolean) +{ + + int value = 0; + char *str = NULL; + + if (parse_skip_space(handle, info) < 0) + goto err; + if (!info->ptr) + goto last; + + /* Extract name */ + if (parse_fetch_string(handle, info, &str, '=') < 0) + goto err; + + if (semanage_bool_set_name(handle, boolean, str) < 0) + goto err; + free(str); + str = NULL; + + /* Assert = */ + if (parse_skip_space(handle, info) < 0) + goto err; + if (parse_assert_ch(handle, info, '=') < 0) + goto err; + + /* Extract value */ + if (parse_skip_space(handle, info) < 0) + goto err; + if (parse_optional_str(info, "true") != STATUS_NODATA) + value = 1; + else if (parse_optional_str(info, "TRUE") != STATUS_NODATA) + value = 1; + else if (parse_optional_str(info, "false") != STATUS_NODATA) + value = 0; + else if (parse_optional_str(info, "FALSE") != STATUS_NODATA) + value = 0; + else if (parse_fetch_int(handle, info, &value, ' ') < 0) + goto err; + + if (value != 0 && value != 1) { + ERR(handle, "invalid boolean value for \"%s\": %u " + "(%s: %u)\n%s", semanage_bool_get_name(boolean), + value, info->filename, info->lineno, info->orig_line); + goto err; + } + semanage_bool_set_value(boolean, value); + + if (parse_assert_space(handle, info) < 0) + goto err; + + return STATUS_SUCCESS; + + last: + parse_dispose_line(info); + return STATUS_NODATA; + + err: + ERR(handle, "could not parse boolean record"); + free(str); + parse_dispose_line(info); + return STATUS_ERR; +} + +/* BOOL RECORD: FILE extension: method table */ +record_file_table_t SEMANAGE_BOOL_FILE_RTABLE = { + .parse = bool_parse, + .print = bool_print, +}; + +int bool_file_dbase_init(semanage_handle_t * handle, + const char *fname, dbase_config_t * dconfig) +{ + + if (dbase_file_init(handle, + fname, + &SEMANAGE_BOOL_RTABLE, + &SEMANAGE_BOOL_FILE_RTABLE, &dconfig->dbase) < 0) + return STATUS_ERR; + + dconfig->dtable = &SEMANAGE_FILE_DTABLE; + return STATUS_SUCCESS; +} + +void bool_file_dbase_release(dbase_config_t * dconfig) +{ + + dbase_file_release(dconfig->dbase); +} diff --git a/libsemanage/src/booleans_local.c b/libsemanage/src/booleans_local.c new file mode 100644 index 00000000..508ac105 --- /dev/null +++ b/libsemanage/src/booleans_local.c @@ -0,0 +1,70 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_bool; +struct semanage_bool_key; +typedef struct semanage_bool_key record_key_t; +typedef struct semanage_bool record_t; +#define DBASE_RECORD_DEFINED + +#include "boolean_internal.h" +#include "handle.h" +#include "database.h" + +int semanage_bool_modify_local(semanage_handle_t * handle, + const semanage_bool_key_t * key, + const semanage_bool_t * data) +{ + + dbase_config_t *dconfig = semanage_bool_dbase_local(handle); + return dbase_modify(handle, dconfig, key, data); +} + +int semanage_bool_del_local(semanage_handle_t * handle, + const semanage_bool_key_t * key) +{ + + dbase_config_t *dconfig = semanage_bool_dbase_local(handle); + return dbase_del(handle, dconfig, key); +} + +int semanage_bool_query_local(semanage_handle_t * handle, + const semanage_bool_key_t * key, + semanage_bool_t ** response) +{ + + dbase_config_t *dconfig = semanage_bool_dbase_local(handle); + return dbase_query(handle, dconfig, key, response); +} + +int semanage_bool_exists_local(semanage_handle_t * handle, + const semanage_bool_key_t * key, int *response) +{ + + dbase_config_t *dconfig = semanage_bool_dbase_local(handle); + return dbase_exists(handle, dconfig, key, response); +} + +int semanage_bool_count_local(semanage_handle_t * handle, + unsigned int *response) +{ + + dbase_config_t *dconfig = semanage_bool_dbase_local(handle); + return dbase_count(handle, dconfig, response); +} + +int semanage_bool_iterate_local(semanage_handle_t * handle, + int (*handler) (const semanage_bool_t * record, + void *varg), void *handler_arg) +{ + + dbase_config_t *dconfig = semanage_bool_dbase_local(handle); + return dbase_iterate(handle, dconfig, handler, handler_arg); +} + +int semanage_bool_list_local(semanage_handle_t * handle, + semanage_bool_t *** records, unsigned int *count) +{ + + dbase_config_t *dconfig = semanage_bool_dbase_local(handle); + return dbase_list(handle, dconfig, records, count); +} diff --git a/libsemanage/src/booleans_policy.c b/libsemanage/src/booleans_policy.c new file mode 100644 index 00000000..5cccf3db --- /dev/null +++ b/libsemanage/src/booleans_policy.c @@ -0,0 +1,52 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_bool; +struct semanage_bool_key; +typedef struct semanage_bool_key record_key_t; +typedef struct semanage_bool record_t; +#define DBASE_RECORD_DEFINED + +#include "boolean_internal.h" +#include "handle.h" +#include "database.h" + +int semanage_bool_query(semanage_handle_t * handle, + const semanage_bool_key_t * key, + semanage_bool_t ** response) +{ + + dbase_config_t *dconfig = semanage_bool_dbase_policy(handle); + return dbase_query(handle, dconfig, key, response); +} + +int semanage_bool_exists(semanage_handle_t * handle, + const semanage_bool_key_t * key, int *response) +{ + + dbase_config_t *dconfig = semanage_bool_dbase_policy(handle); + return dbase_exists(handle, dconfig, key, response); +} + +int semanage_bool_count(semanage_handle_t * handle, unsigned int *response) +{ + + dbase_config_t *dconfig = semanage_bool_dbase_policy(handle); + return dbase_count(handle, dconfig, response); +} + +int semanage_bool_iterate(semanage_handle_t * handle, + int (*handler) (const semanage_bool_t * record, + void *varg), void *handler_arg) +{ + + dbase_config_t *dconfig = semanage_bool_dbase_policy(handle); + return dbase_iterate(handle, dconfig, handler, handler_arg); +} + +int semanage_bool_list(semanage_handle_t * handle, + semanage_bool_t *** records, unsigned int *count) +{ + + dbase_config_t *dconfig = semanage_bool_dbase_policy(handle); + return dbase_list(handle, dconfig, records, count); +} diff --git a/libsemanage/src/booleans_policydb.c b/libsemanage/src/booleans_policydb.c new file mode 100644 index 00000000..925940ca --- /dev/null +++ b/libsemanage/src/booleans_policydb.c @@ -0,0 +1,71 @@ +/* + * Copyright (C) 2006 Tresys Technology, LLC + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_bool; +struct semanage_bool_key; +typedef struct semanage_bool record_t; +typedef struct semanage_bool_key record_key_t; +#define DBASE_RECORD_DEFINED + +struct dbase_policydb; +typedef struct dbase_policydb dbase_t; +#define DBASE_DEFINED + +#include <sepol/booleans.h> +#include <semanage/handle.h> +#include "boolean_internal.h" +#include "debug.h" +#include "database_policydb.h" + +/* BOOLEAN RECRORD (SEPOL): POLICYDB extension: method table */ +record_policydb_table_t SEMANAGE_BOOL_POLICYDB_RTABLE = { + .add = NULL, + .modify = NULL, +/* FIXME: these casts depend on stucts in libsepol matching structs + * in libsemanage. This is incredibly fragile - the casting gets + * rid of warnings, but is not type safe. + */ + .set = (record_policydb_table_set_t) sepol_bool_set, + .query = (record_policydb_table_query_t) sepol_bool_query, + .count = (record_policydb_table_count_t) sepol_bool_count, + .exists = (record_policydb_table_exists_t) sepol_bool_exists, + .iterate = (record_policydb_table_iterate_t) sepol_bool_iterate, +}; + +int bool_policydb_dbase_init(semanage_handle_t * handle, + dbase_config_t * dconfig) +{ + + if (dbase_policydb_init(handle, + "policy.kern", + &SEMANAGE_BOOL_RTABLE, + &SEMANAGE_BOOL_POLICYDB_RTABLE, + &dconfig->dbase) < 0) + return STATUS_ERR; + + dconfig->dtable = &SEMANAGE_POLICYDB_DTABLE; + return STATUS_SUCCESS; +} + +void bool_policydb_dbase_release(dbase_config_t * dconfig) +{ + + dbase_policydb_release(dconfig->dbase); +} diff --git a/libsemanage/src/conf-parse.y b/libsemanage/src/conf-parse.y new file mode 100644 index 00000000..2001afb8 --- /dev/null +++ b/libsemanage/src/conf-parse.y @@ -0,0 +1,395 @@ +/* Authors: Jason Tang <jtang@tresys.com> + * James Athey <jathey@tresys.com> + * + * Copyright (C) 2004-2006 Tresys Technology, LLC + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +%{ + +#include "semanage_conf.h" + +#include <sepol/policydb.h> +#include <selinux/selinux.h> +#include <semanage/handle.h> + +#include <unistd.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +extern int semanage_lex(); /* defined in conf-scan.c */ +int semanage_error(char *msg); + +extern FILE *semanage_in; +extern char *semanage_text; + +static int parse_module_store(char *arg); +static void semanage_conf_external_prog_destroy(external_prog_t *ep); +static int new_external_prog(external_prog_t **chain); + +static semanage_conf_t *current_conf; +static external_prog_t *new_external; +static int parse_errors; + +#define PASSIGN(p1,p2) { free(p1); p1 = p2; } + +%} + +%name-prefix="semanage_" + +%union { + int d; + char *s; +} + +%token MODULE_STORE VERSION EXPAND_CHECK FILE_MODE SAVE_PREVIOUS SAVE_LINKED +%token LOAD_POLICY_START SETFILES_START DISABLE_GENHOMEDIRCON HANDLE_UNKNOWN +%token VERIFY_MOD_START VERIFY_LINKED_START VERIFY_KERNEL_START BLOCK_END +%token PROG_PATH PROG_ARGS +%token <s> ARG +%type <d> verify_start_tok + +%% + +config_file: config_line config_file + | /* empty */ + ; + +config_line: single_opt + | command_block + | verify_block + ; + +single_opt: module_store + | version + | expand_check + | file_mode + | save_previous + | save_linked + | disable_genhomedircon + | handle_unknown + ; + +module_store: MODULE_STORE '=' ARG { + if (parse_module_store($3) != 0) { + parse_errors++; + YYABORT; + } + } + + ; + +version: VERSION '=' ARG { + current_conf->policyvers = atoi($3); + free($3); + if (current_conf->policyvers < sepol_policy_kern_vers_min() || + current_conf->policyvers > sepol_policy_kern_vers_max()) { + parse_errors++; + YYABORT; + } + } + ; + +expand_check: EXPAND_CHECK '=' ARG { + current_conf->expand_check = atoi($3); + free($3); + } + ; + +file_mode: FILE_MODE '=' ARG { + current_conf->file_mode = strtoul($3, NULL, 8); + free($3); + } + ; + +save_previous: SAVE_PREVIOUS '=' ARG { + if (strcasecmp($3, "true") == 0) + current_conf->save_previous = 1; + else if (strcasecmp($3, "false") == 0) + current_conf->save_previous = 0; + else { + yyerror("save-previous can only be 'true' or 'false'"); + } + } + ; + + +save_linked: SAVE_LINKED '=' ARG { + if (strcasecmp($3, "true") == 0) + current_conf->save_linked = 1; + else if (strcasecmp($3, "false") == 0) + current_conf->save_linked = 0; + else { + yyerror("save-linked can only be 'true' or 'false'"); + } + } + ; + +disable_genhomedircon: DISABLE_GENHOMEDIRCON '=' ARG { + if (strcasecmp($3, "false") == 0) { + current_conf->disable_genhomedircon = 0; + } else if (strcasecmp($3, "true") == 0) { + current_conf->disable_genhomedircon = 1; + } else { + yyerror("disable-genhomedircon can only be 'true' or 'false'"); + } + free($3); + } + +handle_unknown: HANDLE_UNKNOWN '=' ARG { + if (strcasecmp($3, "deny") == 0) { + current_conf->handle_unknown = SEPOL_DENY_UNKNOWN; + } else if (strcasecmp($3, "reject") == 0) { + current_conf->handle_unknown = SEPOL_REJECT_UNKNOWN; + } else if (strcasecmp($3, "allow") == 0) { + current_conf->handle_unknown = SEPOL_ALLOW_UNKNOWN; + } else { + yyerror("handle-unknown can only be 'deny', 'reject' or 'allow'"); + } + free($3); + } + +command_block: + command_start external_opts BLOCK_END { + if (new_external->path == NULL) { + parse_errors++; + YYABORT; + } + } + ; + +command_start: + LOAD_POLICY_START { + semanage_conf_external_prog_destroy(current_conf->load_policy); + current_conf->load_policy = NULL; + if (new_external_prog(¤t_conf->load_policy) == -1) { + parse_errors++; + YYABORT; + } + } + | SETFILES_START { + semanage_conf_external_prog_destroy(current_conf->setfiles); + current_conf->setfiles = NULL; + if (new_external_prog(¤t_conf->setfiles) == -1) { + parse_errors++; + YYABORT; + } + } + ; + +verify_block: verify_start external_opts BLOCK_END { + if (new_external->path == NULL) { + parse_errors++; + YYABORT; + } + } + ; + +verify_start: verify_start_tok { + if ($1 == -1) { + parse_errors++; + YYABORT; + } + } + ; + +verify_start_tok: VERIFY_MOD_START {$$ = new_external_prog(¤t_conf->mod_prog);} + | VERIFY_LINKED_START {$$ = new_external_prog(¤t_conf->linked_prog);} + | VERIFY_KERNEL_START {$$ = new_external_prog(¤t_conf->kernel_prog);} + ; + +external_opts: external_opt external_opts + | /* empty */ + ; + +external_opt: PROG_PATH '=' ARG { PASSIGN(new_external->path, $3); } + | PROG_ARGS '=' ARG { PASSIGN(new_external->args, $3); } + ; + +%% + +static int semanage_conf_init(semanage_conf_t * conf) +{ + conf->store_type = SEMANAGE_CON_DIRECT; + conf->store_path = strdup(basename(selinux_policy_root())); + conf->policyvers = sepol_policy_kern_vers_max(); + conf->expand_check = 1; + conf->handle_unknown = -1; + conf->file_mode = 0644; + + conf->save_previous = 0; + conf->save_linked = 0; + + if ((conf->load_policy = + calloc(1, sizeof(*(current_conf->load_policy)))) == NULL) { + return -1; + } + if ((conf->load_policy->path = strdup("/usr/sbin/load_policy")) == NULL) { + return -1; + } + conf->load_policy->args = NULL; + + if ((conf->setfiles = + calloc(1, sizeof(*(current_conf->setfiles)))) == NULL) { + return -1; + } + if (access("/sbin/setfiles", X_OK) == 0) { + conf->setfiles->path = strdup("/sbin/setfiles"); + } else { + conf->setfiles->path = strdup("/usr/sbin/setfiles"); + } + if ((conf->setfiles->path == NULL) || + (conf->setfiles->args = strdup("-q -c $@ $<")) == NULL) { + return -1; + } + + return 0; +} + +/* Parse a libsemanage configuration file. THIS FUNCTION IS NOT + * THREAD-SAFE! Return a newly allocated semanage_conf_t *. If the + * configuration file could be read, parse it; otherwise rely upon + * default values. If the file could not be parsed correctly or if + * out of memory return NULL. + */ +semanage_conf_t *semanage_conf_parse(const char *config_filename) +{ + if ((current_conf = calloc(1, sizeof(*current_conf))) == NULL) { + return NULL; + } + if (semanage_conf_init(current_conf) == -1) { + goto cleanup; + } + if ((semanage_in = fopen(config_filename, "r")) == NULL) { + /* configuration file does not exist or could not be + * read. THIS IS NOT AN ERROR. just rely on the + * defaults. */ + return current_conf; + } + parse_errors = 0; + semanage_parse(); + fclose(semanage_in); + if (parse_errors != 0) { + goto cleanup; + } + return current_conf; + cleanup: + semanage_conf_destroy(current_conf); + return NULL; +} + +static void semanage_conf_external_prog_destroy(external_prog_t * ep) +{ + while (ep != NULL) { + external_prog_t *next = ep->next; + free(ep->path); + free(ep->args); + free(ep); + ep = next; + } +} + +/* Deallocates all space associated with a configuration struct, + * including the pointer itself. */ +void semanage_conf_destroy(semanage_conf_t * conf) +{ + if (conf != NULL) { + free(conf->store_path); + semanage_conf_external_prog_destroy(conf->load_policy); + semanage_conf_external_prog_destroy(conf->setfiles); + semanage_conf_external_prog_destroy(conf->mod_prog); + semanage_conf_external_prog_destroy(conf->linked_prog); + semanage_conf_external_prog_destroy(conf->kernel_prog); + free(conf); + } +} + +int semanage_error(char *msg) +{ + fprintf(stderr, "error parsing semanage configuration file: %s\n", msg); + parse_errors++; + return 0; +} + +/* Take the string argument for a module store. If it is exactly the + * word "direct" then have libsemanage directly manipulate the module + * store. The policy path will default to the active policy directory. + * Otherwise if it begins with a forward slash interpret it as + * an absolute path to a named socket, to which a policy server is + * listening on the other end. Otherwise treat it as the host name to + * an external server; if there is a colon in the name then everything + * after gives a port number. The default port number is 4242. + * Returns 0 on success, -1 if out of memory, -2 if a port number is + * illegal. + */ +static int parse_module_store(char *arg) +{ + /* arg is already a strdup()ed copy of yytext */ + if (arg == NULL) { + return -1; + } + free(current_conf->store_path); + if (strcmp(arg, "direct") == 0) { + current_conf->store_type = SEMANAGE_CON_DIRECT; + current_conf->store_path = + strdup(basename(selinux_policy_root())); + current_conf->server_port = -1; + free(arg); + } else if (*arg == '/') { + current_conf->store_type = SEMANAGE_CON_POLSERV_LOCAL; + current_conf->store_path = arg; + current_conf->server_port = -1; + } else { + char *s; + current_conf->store_type = SEMANAGE_CON_POLSERV_REMOTE; + if ((s = strchr(arg, ':')) == NULL) { + current_conf->store_path = arg; + current_conf->server_port = 4242; + } else { + char *endptr; + *s = '\0'; + current_conf->store_path = arg; + current_conf->server_port = strtol(s + 1, &endptr, 10); + if (*(s + 1) == '\0' || *endptr != '\0') { + return -2; + } + } + } + return 0; +} + +/* Helper function; called whenever configuration file specifies + * another external program. Returns 0 on success, -1 if out of + * memory. + */ +static int new_external_prog(external_prog_t ** chain) +{ + if ((new_external = calloc(1, sizeof(*new_external))) == NULL) { + return -1; + } + /* hook this new external program to the end of the chain */ + if (*chain == NULL) { + *chain = new_external; + } else { + external_prog_t *prog = *chain; + while (prog->next != NULL) { + prog = prog->next; + } + prog->next = new_external; + } + return 0; +} diff --git a/libsemanage/src/conf-scan.l b/libsemanage/src/conf-scan.l new file mode 100644 index 00000000..faa0aeb9 --- /dev/null +++ b/libsemanage/src/conf-scan.l @@ -0,0 +1,94 @@ +/* Authors: Jason Tang <jtang@tresys.com> + * James Athey <jathey@tresys.com> + * + * Copyright (C) 2004-2006 Tresys Technology, LLC + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +%{ +#include "conf-parse.h" + +#include <ctype.h> +#include <string.h> + +static char *my_strdup (char * s); +static char *my_qstrdup (char * s); + +int yywrap(void); + +%} + +%option stack prefix="semanage_" +%option noinput nounput noyy_push_state noyy_pop_state noyy_top_state + +%x arg + +%% + +#.* /* ignore comments */ +module-store return MODULE_STORE; +policy-version return VERSION; +expand-check return EXPAND_CHECK; +file-mode return FILE_MODE; +save-previous return SAVE_PREVIOUS; +save-linked return SAVE_LINKED; +disable-genhomedircon return DISABLE_GENHOMEDIRCON; +handle-unknown return HANDLE_UNKNOWN; +"[load_policy]" return LOAD_POLICY_START; +"[setfiles]" return SETFILES_START; +"[verify module]" return VERIFY_MOD_START; +"[verify linked]" return VERIFY_LINKED_START; +"[verify kernel]" return VERIFY_KERNEL_START; +"[end]" return BLOCK_END; +path return PROG_PATH; +args return PROG_ARGS; +[ \t]*=[ \t]* BEGIN arg; return '='; +[ \t\n]+ /* ignore */ +. return semanage_text[0]; +<arg>\"\" BEGIN INITIAL; semanage_lval.s = NULL; return ARG; +<arg>\".+\" BEGIN INITIAL; semanage_lval.s = my_qstrdup(semanage_text); return ARG; +<arg>.*[^\"\n] BEGIN INITIAL; semanage_lval.s = my_strdup(semanage_text); return ARG; +<arg>.|\n BEGIN INITIAL; semanage_lval.s = NULL; return ARG; + +%% + +int yywrap(void) { + return 1; +} + +/* Like strdup(), but also trim leading and trailing whitespace. + * Returns NULL on error. */ +static char *my_strdup(char *s) { + char *t; + while (isspace(*s)) { + s++; + } + t = s + strlen(s) - 1; + while (t >= s && isspace(*t)) { + *t = '\0'; + t--; + } + return strdup(s); +} + +/* strdup() a string sans initial and trailing characters. Does /not/ + * trim any whitespace. Returns NULL on error. */ +static char *my_qstrdup(char *s) { + s++; + s[strlen(s) - 1] = '\0'; + return strdup(s); +} + diff --git a/libsemanage/src/context_internal.h b/libsemanage/src/context_internal.h new file mode 100644 index 00000000..729bfc84 --- /dev/null +++ b/libsemanage/src/context_internal.h @@ -0,0 +1,11 @@ +#ifndef _SEMANAGE_CONTEXT_INTERNAL_H_ +#define _SEMANAGE_CONTEXT_INTERNAL_H_ + +#include <semanage/context_record.h> +#include "dso.h" + +hidden_proto(semanage_context_clone) + hidden_proto(semanage_context_free) + hidden_proto(semanage_context_from_string) + hidden_proto(semanage_context_to_string) +#endif diff --git a/libsemanage/src/context_record.c b/libsemanage/src/context_record.c new file mode 100644 index 00000000..a228565e --- /dev/null +++ b/libsemanage/src/context_record.c @@ -0,0 +1,110 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +#include <sepol/context_record.h> +#include "handle.h" + +typedef sepol_context_t semanage_context_t; + +#define _SEMANAGE_CONTEXT_DEFINED_ +#include "context_internal.h" + +/* User */ +const char *semanage_context_get_user(const semanage_context_t * con) +{ + + return sepol_context_get_user(con); +} + +int semanage_context_set_user(semanage_handle_t * handle, + semanage_context_t * con, const char *user) +{ + + return sepol_context_set_user(handle->sepolh, con, user); +} + +/* Role */ +const char *semanage_context_get_role(const semanage_context_t * con) +{ + + return sepol_context_get_role(con); +} + +int semanage_context_set_role(semanage_handle_t * handle, + semanage_context_t * con, const char *role) +{ + + return sepol_context_set_role(handle->sepolh, con, role); +} + +/* Type */ +const char *semanage_context_get_type(const semanage_context_t * con) +{ + + return sepol_context_get_type(con); +} + +int semanage_context_set_type(semanage_handle_t * handle, + semanage_context_t * con, const char *type) +{ + + return sepol_context_set_type(handle->sepolh, con, type); +} + +/* MLS */ +const char *semanage_context_get_mls(const semanage_context_t * con) +{ + + return sepol_context_get_mls(con); +} + +int semanage_context_set_mls(semanage_handle_t * handle, + semanage_context_t * con, const char *mls_range) +{ + + return sepol_context_set_mls(handle->sepolh, con, mls_range); +} + +/* Create/Clone/Destroy */ +int semanage_context_create(semanage_handle_t * handle, + semanage_context_t ** con_ptr) +{ + + return sepol_context_create(handle->sepolh, con_ptr); +} + +int semanage_context_clone(semanage_handle_t * handle, + const semanage_context_t * con, + semanage_context_t ** con_ptr) +{ + + return sepol_context_clone(handle->sepolh, con, con_ptr); +} + +hidden_def(semanage_context_clone) + +void semanage_context_free(semanage_context_t * con) +{ + + sepol_context_free(con); +} + +hidden_def(semanage_context_free) + +/* Parse to/from string */ +int semanage_context_from_string(semanage_handle_t * handle, + const char *str, semanage_context_t ** con) +{ + + return sepol_context_from_string(handle->sepolh, str, con); +} + +hidden_def(semanage_context_from_string) + +int semanage_context_to_string(semanage_handle_t * handle, + const semanage_context_t * con, char **str_ptr) +{ + + return sepol_context_to_string(handle->sepolh, con, str_ptr); +} + +hidden_def(semanage_context_to_string) diff --git a/libsemanage/src/database.c b/libsemanage/src/database.c new file mode 100644 index 00000000..faa3840c --- /dev/null +++ b/libsemanage/src/database.c @@ -0,0 +1,201 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +#include <semanage/handle.h> +#include "semanage_store.h" +#include "semanage_conf.h" +#include "database.h" +#include "debug.h" + +static int assert_init(semanage_handle_t * handle, dbase_config_t * dconfig) +{ + + if (dconfig->dtable == NULL) { + + ERR(handle, + "A direct or server connection is needed " + "to use this function - please call " + "the corresponding connect() method"); + return STATUS_ERR; + } + + return STATUS_SUCCESS; +} + +static int enter_ro(semanage_handle_t * handle, dbase_config_t * dconfig) +{ + + if (assert_init(handle, dconfig) < 0) + goto err; + + if (!handle->is_in_transaction && + handle->conf->store_type == SEMANAGE_CON_DIRECT) { + + if (semanage_get_active_lock(handle) < 0) { + ERR(handle, "could not get the active lock"); + goto err; + } + } + + if (dconfig->dtable->cache(handle, dconfig->dbase) < 0) + goto err; + + return STATUS_SUCCESS; + + err: + ERR(handle, "could not enter read-only section"); + return STATUS_ERR; +} + +static inline int exit_ro(semanage_handle_t * handle, dbase_config_t * dconfig) +{ + + int commit_num = handle->funcs->get_serial(handle); + + if (!handle->is_in_transaction && + handle->conf->store_type == SEMANAGE_CON_DIRECT) + semanage_release_active_lock(handle); + + return commit_num; +} + +static int enter_rw(semanage_handle_t * handle, dbase_config_t * dconfig) +{ + + if (assert_init(handle, dconfig) < 0) + goto err; + + if (!handle->is_in_transaction) { + ERR(handle, "this operation requires a transaction"); + goto err; + } + + if (dconfig->dtable->cache(handle, dconfig->dbase) < 0) + goto err; + + return STATUS_SUCCESS; + + err: + ERR(handle, "could not enter read-write section"); + return STATUS_ERR; +} + +int dbase_modify(semanage_handle_t * handle, + dbase_config_t * dconfig, + const record_key_t * key, const record_t * data) +{ + + if (enter_rw(handle, dconfig) < 0) + return STATUS_ERR; + + if (dconfig->dtable->modify(handle, dconfig->dbase, key, data) < 0) + return STATUS_ERR; + + return STATUS_SUCCESS; +} + +int dbase_set(semanage_handle_t * handle, + dbase_config_t * dconfig, + const record_key_t * key, const record_t * data) +{ + + if (enter_rw(handle, dconfig) < 0) + return STATUS_ERR; + + if (dconfig->dtable->set(handle, dconfig->dbase, key, data) < 0) + return STATUS_ERR; + + return STATUS_SUCCESS; +} + +int dbase_del(semanage_handle_t * handle, + dbase_config_t * dconfig, const record_key_t * key) +{ + + if (enter_rw(handle, dconfig) < 0) + return STATUS_ERR; + + if (dconfig->dtable->del(handle, dconfig->dbase, key) < 0) + return STATUS_ERR; + + return STATUS_SUCCESS; +} + +int dbase_query(semanage_handle_t * handle, + dbase_config_t * dconfig, + const record_key_t * key, record_t ** response) +{ + + if (enter_ro(handle, dconfig) < 0) + return STATUS_ERR; + + if (dconfig->dtable->query(handle, dconfig->dbase, key, response) < 0) { + exit_ro(handle, dconfig); + return STATUS_ERR; + } + + return exit_ro(handle, dconfig); +} + +int dbase_exists(semanage_handle_t * handle, + dbase_config_t * dconfig, + const record_key_t * key, int *response) +{ + + if (enter_ro(handle, dconfig) < 0) + return STATUS_ERR; + + if (dconfig->dtable->exists(handle, dconfig->dbase, key, response) < 0) { + exit_ro(handle, dconfig); + return STATUS_ERR; + } + + return exit_ro(handle, dconfig); +} + +int dbase_count(semanage_handle_t * handle, + dbase_config_t * dconfig, unsigned int *response) +{ + + if (enter_ro(handle, dconfig) < 0) + return STATUS_ERR; + + if (dconfig->dtable->count(handle, dconfig->dbase, response) < 0) { + exit_ro(handle, dconfig); + return STATUS_ERR; + } + + return exit_ro(handle, dconfig); +} + +int dbase_iterate(semanage_handle_t * handle, + dbase_config_t * dconfig, + int (*fn) (const record_t * record, + void *fn_arg), void *fn_arg) +{ + + if (enter_ro(handle, dconfig) < 0) + return STATUS_ERR; + + if (dconfig->dtable->iterate(handle, dconfig->dbase, fn, fn_arg) < 0) { + exit_ro(handle, dconfig); + return STATUS_ERR; + } + + return exit_ro(handle, dconfig); +} + +int dbase_list(semanage_handle_t * handle, + dbase_config_t * dconfig, + record_t *** records, unsigned int *count) +{ + + if (enter_ro(handle, dconfig) < 0) + return STATUS_ERR; + + if (dconfig->dtable->list(handle, dconfig->dbase, records, count) < 0) { + exit_ro(handle, dconfig); + return STATUS_ERR; + } + + return exit_ro(handle, dconfig); +} diff --git a/libsemanage/src/database.h b/libsemanage/src/database.h new file mode 100644 index 00000000..e460379b --- /dev/null +++ b/libsemanage/src/database.h @@ -0,0 +1,218 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +#ifndef _SEMANAGE_DATABASE_H_ +#define _SEMANAGE_DATABASE_H_ + +#ifndef DBASE_RECORD_DEFINED +typedef void *record_t; +typedef void *record_key_t; +#define DBASE_RECORD_DEFINED +#endif + +#ifndef DBASE_DEFINED +typedef void *dbase_t; +#define DBASE_DEFINED +#endif + +/* Circular dependency */ +struct semanage_handle; + +/* RECORD interface - method table */ +typedef struct record_table { + + /* Create a record */ + int (*create) (struct semanage_handle * handle, record_t ** rec); + + /* Extract key from record */ + int (*key_extract) (struct semanage_handle * handle, + const record_t * rec, record_key_t ** key); + + /* Free record key */ + void (*key_free) (record_key_t * key); + + /* Return 0 if the record matches the key, + * -1 if the key represents a record that should + * be ordered before this record, and 1 if vice-versa */ + int (*compare) (const record_t * rec, const record_key_t * key); + + /* Return 0 if the record matches record2, + * -1 if record2 should be ordered before this record, + * and 1 if vice-versa */ + int (*compare2) (const record_t * rec, const record_t * rec2); + + /* Same as above, but dereferences the pointer first. + * This function is intenteded to be used as a qsort + * comparator. */ + int (*compare2_qsort) (const record_t ** rec, const record_t ** rec2); + + /* Deep-copy clone of this record */ + int (*clone) (struct semanage_handle * handle, + const record_t * rec, record_t ** new_rec); + + /* Deallocate record resources. Must sucessfully handle NULL. */ + void (*free) (record_t * rec); + +} record_table_t; + +/* DBASE interface - method table */ +typedef struct dbase_table { + + /* --------------- Database Functionality ----------- */ + + /* Note: In all the functions below, the key is property + * of the caller, and will not be modified by the database. + * In add/set/modify, the data is also property of the caller */ + + /* Add the specified record to + * the database. No check for duplicates is performed */ + int (*add) (struct semanage_handle * handle, + dbase_t * dbase, + const record_key_t * key, const record_t * data); + + /* Add the specified record to the + * database if it not present. + * If it's present, replace it + */ + int (*modify) (struct semanage_handle * handle, + dbase_t * dbase, + const record_key_t * key, const record_t * data); + + /* Modify the specified record in the database + * if it is present. Fail if it does not yet exist + */ + int (*set) (struct semanage_handle * handle, + dbase_t * dbase, + const record_key_t * key, const record_t * data); + + /* Delete a record */ + int (*del) (struct semanage_handle * handle, + dbase_t * dbase, const record_key_t * key); + + /* Clear all records, and leave the database in + * cached, modified state. This function does + * not require a call to cache() */ + int (*clear) (struct semanage_handle * handle, dbase_t * dbase); + + /* Retrieve a record + * + * Note: the resultant record + * becomes property of the caller, and + * must be freed accordingly */ + + int (*query) (struct semanage_handle * handle, + dbase_t * dbase, + const record_key_t * key, record_t ** response); + + /* Check if a record exists */ + int (*exists) (struct semanage_handle * handle, + dbase_t * dbase, + const record_key_t * key, int *response); + + /* Count the number of records */ + int (*count) (struct semanage_handle * handle, + dbase_t * dbase, unsigned int *response); + + /* Execute the specified handler over + * the records of this database. The handler + * can signal a successful exit by returning 1, + * an error exit by returning -1, and continue by + * returning 0 + * + * Note: The record passed into the iterate handler + * may or may not persist after the handler invocation, + * and writing to it has unspecified behavior. It *must* + * be cloned if modified, or preserved. + * + * Note: The iterate handler may not invoke any other + * semanage read functions outside a transaction. It is only + * reentrant while in transaction. The iterate handler may + * not modify the underlying database. + */ + int (*iterate) (struct semanage_handle * handle, + dbase_t * dbase, + int (*fn) (const record_t * record, + void *varg), void *fn_arg); + + /* Construct a list of all records in this database + * + * Note: The list returned becomes property of the caller, + * and must be freed accordingly. + */ + int (*list) (struct semanage_handle * handle, + dbase_t * dbase, + record_t *** records, unsigned int *count); + + /* ---------- Cache/Transaction Management ---------- */ + + /* Cache the database (if supported). + * This function must be invoked before using + * any of the database functions above. It may be invoked + * multiple times, and will update the cache if a commit + * occured between invocations */ + int (*cache) (struct semanage_handle * handle, dbase_t * dbase); + + /* Forgets all changes that haven't been written + * to the database backend */ + void (*drop_cache) (dbase_t * dbase); + + /* Checks if there are any changes not written to the backend */ + int (*is_modified) (dbase_t * dbase); + + /* Writes the database changes to its backend */ + int (*flush) (struct semanage_handle * handle, dbase_t * dbase); + + /* ------------- Polymorphism ----------------------- */ + + /* Retrieves the record table for this database, + * which specifies how to perform basic operations + * on each record. */ + record_table_t *(*get_rtable) (dbase_t * dbase); + +} dbase_table_t; + +typedef struct dbase_config { + + /* Database state */ + dbase_t *dbase; + + /* Database methods */ + dbase_table_t *dtable; + +} dbase_config_t; + +extern int dbase_add(struct semanage_handle *handle, + dbase_config_t * dconfig, + const record_key_t * key, const record_t * data); + +extern int dbase_modify(struct semanage_handle *handle, + dbase_config_t * dconfig, + const record_key_t * key, const record_t * data); + +extern int dbase_set(struct semanage_handle *handle, + dbase_config_t * dconfig, + const record_key_t * key, const record_t * data); + +extern int dbase_del(struct semanage_handle *handle, + dbase_config_t * dconfig, const record_key_t * key); + +extern int dbase_query(struct semanage_handle *handle, + dbase_config_t * dconfig, + const record_key_t * key, record_t ** response); + +extern int dbase_exists(struct semanage_handle *handle, + dbase_config_t * dconfig, + const record_key_t * key, int *response); + +extern int dbase_count(struct semanage_handle *handle, + dbase_config_t * dconfig, unsigned int *response); + +extern int dbase_iterate(struct semanage_handle *handle, + dbase_config_t * dconfig, + int (*fn) (const record_t * record, + void *fn_arg), void *fn_arg); + +extern int dbase_list(struct semanage_handle *handle, + dbase_config_t * dconfig, + record_t *** records, unsigned int *count); + +#endif diff --git a/libsemanage/src/database_activedb.c b/libsemanage/src/database_activedb.c new file mode 100644 index 00000000..1cce0b82 --- /dev/null +++ b/libsemanage/src/database_activedb.c @@ -0,0 +1,169 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +/* Object: dbase_activedb_t (Active/Kernel) + * Extends: dbase_llist_t (Linked List) + * Implements: dbase_t (Database) + */ + +struct dbase_activedb; +typedef struct dbase_activedb dbase_t; +#define DBASE_DEFINED + +#include <stdlib.h> +#include <string.h> +#include <errno.h> +#include "debug.h" +#include "handle.h" +#include "database_activedb.h" +#include "database_llist.h" + +/* ACTIVEDB dbase */ +struct dbase_activedb { + + /* Parent object - must always be + * the first field - here we are using + * a linked list to store the records */ + dbase_llist_t llist; + + /* ACTIVEDB extension */ + record_activedb_table_t *ratable; +}; + +static int dbase_activedb_cache(semanage_handle_t * handle, + dbase_activedb_t * dbase) +{ + + record_table_t *rtable = dbase_llist_get_rtable(&dbase->llist); + record_activedb_table_t *ratable = dbase->ratable; + + record_t **records = NULL; + unsigned int rcount = 0; + unsigned int i = 0; + + /* Already cached */ + if (!dbase_llist_needs_resync(handle, &dbase->llist)) + return STATUS_SUCCESS; + + /* Update cache serial */ + dbase_llist_cache_init(&dbase->llist); + if (dbase_llist_set_serial(handle, &dbase->llist) < 0) + goto err; + + /* Fetch the entire list */ + if (ratable->read_list(handle, &records, &rcount) < 0) + goto err; + + /* Add records one by one */ + for (; i < rcount; i++) { + if (dbase_llist_cache_prepend(handle, &dbase->llist, records[i]) + < 0) + goto err; + rtable->free(records[i]); + } + + free(records); + return STATUS_SUCCESS; + + err: + ERR(handle, "could not cache active database"); + for (; i < rcount; i++) + rtable->free(records[i]); + dbase_llist_drop_cache(&dbase->llist); + free(records); + return STATUS_ERR; +} + +static int dbase_activedb_flush(semanage_handle_t * handle, + dbase_activedb_t * dbase) +{ + + record_table_t *rtable = dbase_llist_get_rtable(&dbase->llist); + record_activedb_table_t *ratable = dbase->ratable; + + record_t **records = NULL; + unsigned int rcount = 0; + unsigned int i; + + /* Not cached, or not modified - flush is not necessary */ + if (!dbase_llist_is_modified(&dbase->llist)) + return STATUS_SUCCESS; + + /* Fetch list */ + if (dbase_llist_list(handle, &dbase->llist, &records, &rcount) < 0) + goto err; + + /* Commit */ + if (ratable->commit_list(handle, records, rcount) < 0) + goto err; + + for (i = 0; i < rcount; i++) + rtable->free(records[i]); + free(records); + dbase_llist_set_modified(&dbase->llist, 0); + return STATUS_SUCCESS; + + err: + for (i = 0; i < rcount; i++) + rtable->free(records[i]); + free(records); + ERR(handle, "could not flush active database"); + return STATUS_ERR; +} + +int dbase_activedb_init(semanage_handle_t * handle, + record_table_t * rtable, + record_activedb_table_t * ratable, + dbase_activedb_t ** dbase) +{ + + dbase_activedb_t *tmp_dbase = + (dbase_activedb_t *) malloc(sizeof(dbase_activedb_t)); + + if (!tmp_dbase) + goto omem; + + tmp_dbase->ratable = ratable; + dbase_llist_init(&tmp_dbase->llist, rtable, &SEMANAGE_ACTIVEDB_DTABLE); + + *dbase = tmp_dbase; + + return STATUS_SUCCESS; + + omem: + ERR(handle, "out of memory, could not initialize active database"); + free(tmp_dbase); + return STATUS_ERR; +} + +/* Release dbase resources */ +void dbase_activedb_release(dbase_activedb_t * dbase) +{ + + dbase_llist_drop_cache(&dbase->llist); + free(dbase); +} + +/* ACTIVEDB dbase - method table implementation */ +dbase_table_t SEMANAGE_ACTIVEDB_DTABLE = { + + /* Cache/Transactions */ + .cache = dbase_activedb_cache, + .drop_cache = (void *)dbase_llist_drop_cache, + .flush = dbase_activedb_flush, + .is_modified = (void *)dbase_llist_is_modified, + + /* Database API */ + .iterate = (void *)dbase_llist_iterate, + .exists = (void *)dbase_llist_exists, + .list = (void *)dbase_llist_list, + .add = (void *)dbase_llist_add, + .set = (void *)dbase_llist_set, + .del = (void *)dbase_llist_del, + .clear = (void *)dbase_llist_clear, + .modify = (void *)dbase_llist_modify, + .query = (void *)dbase_llist_query, + .count = (void *)dbase_llist_count, + + /* Polymorphism */ + .get_rtable = (void *)dbase_llist_get_rtable +}; diff --git a/libsemanage/src/database_activedb.h b/libsemanage/src/database_activedb.h new file mode 100644 index 00000000..37196c99 --- /dev/null +++ b/libsemanage/src/database_activedb.h @@ -0,0 +1,37 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +#ifndef _SEMANAGE_DATABASE_ACTIVEDB_INTERNAL_H_ +#define _SEMANAGE_DATABASE_ACTIVEDB_INTERNAL_H_ + +#include "database.h" +#include "handle.h" + +struct dbase_activedb; +typedef struct dbase_activedb dbase_activedb_t; + +/* ACTIVEDB extension to RECORD interface - method table */ +typedef struct record_activedb_table { + + /* Read a list of records */ + int (*read_list) (semanage_handle_t * handle, + record_t *** records, unsigned int *count); + + /* Commit a list of records */ + int (*commit_list) (semanage_handle_t * handle, + record_t ** records, unsigned int count); + +} record_activedb_table_t; + +/* ACTIVEDB - initialization */ +extern int dbase_activedb_init(semanage_handle_t * handle, + record_table_t * rtable, + record_activedb_table_t * ratable, + dbase_activedb_t ** dbase); + +/* ACTIVEDB - release */ +extern void dbase_activedb_release(dbase_activedb_t * dbase); + +/* ACTIVEDB - method table implementation */ +extern dbase_table_t SEMANAGE_ACTIVEDB_DTABLE; + +#endif diff --git a/libsemanage/src/database_file.c b/libsemanage/src/database_file.c new file mode 100644 index 00000000..2b53521c --- /dev/null +++ b/libsemanage/src/database_file.c @@ -0,0 +1,243 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +/* Object: dbase_file_t (File) + * Extends: dbase_llist_t (Linked List) + * Implements: dbase_t (Database) + */ + +struct dbase_file; +typedef struct dbase_file dbase_t; +#define DBASE_DEFINED + +#include <stdlib.h> +#include <stddef.h> +#include <string.h> +#include <errno.h> +#include <stdio.h> +#include <stdio_ext.h> +#include "debug.h" +#include "handle.h" +#include "parse_utils.h" +#include "database_file.h" +#include "database_llist.h" +#include "semanage_store.h" + +/* FILE dbase */ +struct dbase_file { + + /* Parent object - must always be + * the first field - here we are using + * a linked list to store the records */ + dbase_llist_t llist; + + /* Backing file suffix */ + const char *suffix; + + /* FILE extension */ + record_file_table_t *rftable; +}; + +static int construct_filename(semanage_handle_t * handle, + dbase_file_t * dbase, char **filename) +{ + + const char *path = (handle->is_in_transaction) ? + semanage_path(SEMANAGE_TMP, SEMANAGE_TOPLEVEL) : + semanage_path(SEMANAGE_ACTIVE, SEMANAGE_TOPLEVEL); + + size_t fname_length = strlen(path) + strlen(dbase->suffix) + 2; + + char *fname = malloc(fname_length); + if (!fname) { + ERR(handle, "out of memory, could not construct filename"); + return STATUS_ERR; + } + snprintf(fname, fname_length, "%s/%s", path, dbase->suffix); + + *filename = fname; + return STATUS_SUCCESS; +} + +static int dbase_file_cache(semanage_handle_t * handle, dbase_file_t * dbase) +{ + + record_table_t *rtable = dbase_llist_get_rtable(&dbase->llist); + record_file_table_t *rftable = dbase->rftable; + + record_t *process_record = NULL; + int pstatus = STATUS_SUCCESS; + + parse_info_t *parse_info = NULL; + char *fname = NULL; + + /* Already cached */ + if (!dbase_llist_needs_resync(handle, &dbase->llist)) + return STATUS_SUCCESS; + + /* Update cache serial */ + dbase_llist_cache_init(&dbase->llist); + if (dbase_llist_set_serial(handle, &dbase->llist) < 0) + goto err; + + if (construct_filename(handle, dbase, &fname) < 0) + goto err; + + if (parse_init(handle, fname, NULL, &parse_info) < 0) + goto err; + + if (parse_open(handle, parse_info) < 0) + goto err; + + /* Main processing loop */ + do { + + /* Create record */ + if (rtable->create(handle, &process_record) < 0) + goto err; + + /* Parse record */ + pstatus = rftable->parse(handle, parse_info, process_record); + + /* Parse error */ + if (pstatus < 0) + goto err; + + /* End of file */ + else if (pstatus == STATUS_NODATA) + break; + + /* Prepend to cache */ + if (dbase_llist_cache_prepend(handle, &dbase->llist, + process_record) < 0) + goto err; + + rtable->free(process_record); + process_record = NULL; + + } while (pstatus != STATUS_NODATA); + + rtable->free(process_record); + parse_close(parse_info); + parse_release(parse_info); + free(fname); + return STATUS_SUCCESS; + + err: + ERR(handle, "could not cache file database"); + rtable->free(process_record); + if (parse_info) { + parse_close(parse_info); + parse_release(parse_info); + } + dbase_llist_drop_cache(&dbase->llist); + free(fname); + return STATUS_ERR; +} + +/* Flush database to file */ +static int dbase_file_flush(semanage_handle_t * handle, dbase_file_t * dbase) +{ + + record_file_table_t *rftable = dbase->rftable; + + cache_entry_t *ptr; + char *fname = NULL; + FILE *str = NULL; + + if (!dbase_llist_is_modified(&dbase->llist)) + return STATUS_SUCCESS; + + if (construct_filename(handle, dbase, &fname) < 0) + goto err; + + str = fopen(fname, "w"); + if (!str) { + ERR(handle, "could not open %s for writing: %s", + fname, strerror(errno)); + goto err; + } + __fsetlocking(str, FSETLOCKING_BYCALLER); + + if (fprintf(str, "# This file is auto-generated by libsemanage\n" + "# Do not edit directly.\n\n") < 0) { + + ERR(handle, "could not write file header for %s", fname); + goto err; + } + + for (ptr = dbase->llist.cache_tail; ptr != NULL; ptr = ptr->prev) { + if (rftable->print(handle, ptr->data, str) < 0) + goto err; + } + + dbase_llist_set_modified(&dbase->llist, 0); + fclose(str); + free(fname); + return STATUS_SUCCESS; + + err: + if (str != NULL) + fclose(str); + + ERR(handle, "could not flush database to file"); + free(fname); + return STATUS_ERR; +} + +int dbase_file_init(semanage_handle_t * handle, + const char *suffix, + record_table_t * rtable, + record_file_table_t * rftable, dbase_file_t ** dbase) +{ + + dbase_file_t *tmp_dbase = (dbase_file_t *) malloc(sizeof(dbase_file_t)); + + if (!tmp_dbase) + goto omem; + + tmp_dbase->suffix = suffix; + tmp_dbase->rftable = rftable; + dbase_llist_init(&tmp_dbase->llist, rtable, &SEMANAGE_FILE_DTABLE); + + *dbase = tmp_dbase; + + return STATUS_SUCCESS; + + omem: + ERR(handle, "out of memory, could not initialize file database"); + free(tmp_dbase); + return STATUS_ERR; +} + +/* Release dbase resources */ +void dbase_file_release(dbase_file_t * dbase) +{ + + dbase_llist_drop_cache(&dbase->llist); + free(dbase); +} + +/* FILE dbase - method table implementation */ +dbase_table_t SEMANAGE_FILE_DTABLE = { + + /* Cache/Transactions */ + .cache = dbase_file_cache, + .drop_cache = (void *)dbase_llist_drop_cache, + .flush = dbase_file_flush, + .is_modified = (void *)dbase_llist_is_modified, + + /* Database API */ + .iterate = (void *)dbase_llist_iterate, + .exists = (void *)dbase_llist_exists, + .list = (void *)dbase_llist_list, + .add = (void *)dbase_llist_add, + .set = (void *)dbase_llist_set, + .del = (void *)dbase_llist_del, + .clear = (void *)dbase_llist_clear, + .modify = (void *)dbase_llist_modify, + .query = (void *)dbase_llist_query, + .count = (void *)dbase_llist_count, + + /* Polymorphism */ + .get_rtable = (void *)dbase_llist_get_rtable +}; diff --git a/libsemanage/src/database_file.h b/libsemanage/src/database_file.h new file mode 100644 index 00000000..717e3491 --- /dev/null +++ b/libsemanage/src/database_file.h @@ -0,0 +1,42 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +#ifndef _SEMANAGE_DATABASE_FILE_INTERNAL_H_ +#define _SEMANAGE_DATABASE_FILE_INTERNAL_H_ + +#include <stdio.h> +#include "database.h" +#include "parse_utils.h" +#include "handle.h" + +struct dbase_file; +typedef struct dbase_file dbase_file_t; + +/* FILE extension to RECORD interface - method table */ +typedef struct record_file_table { + + /* Fill record structuure based on supplied parse info. + * Parser must return STATUS_NODATA when EOF is encountered. + * Parser must handle NULL file stream correctly */ + int (*parse) (semanage_handle_t * handle, + parse_info_t * info, record_t * record); + + /* Print record to stream */ + int (*print) (semanage_handle_t * handle, + record_t * record, FILE * str); + +} record_file_table_t; + +/* FILE - initialization */ +extern int dbase_file_init(semanage_handle_t * handle, + const char *suffix, + record_table_t * rtable, + record_file_table_t * rftable, + dbase_file_t ** dbase); + +/* FILE - release */ +extern void dbase_file_release(dbase_file_t * dbase); + +/* FILE - method table implementation */ +extern dbase_table_t SEMANAGE_FILE_DTABLE; + +#endif diff --git a/libsemanage/src/database_join.c b/libsemanage/src/database_join.c new file mode 100644 index 00000000..b9b35a61 --- /dev/null +++ b/libsemanage/src/database_join.c @@ -0,0 +1,297 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +/* Object: dbase_join_t (Join) + * Extends: dbase_llist_t (Linked List) + * Implements: dbase_t (Database) + */ + +struct dbase_join; +typedef struct dbase_join dbase_t; +#define DBASE_DEFINED + +#include <stdlib.h> + +#include "user_internal.h" +#include "debug.h" +#include "handle.h" +#include "database_join.h" +#include "database_llist.h" + +/* JOIN dbase */ +struct dbase_join { + + /* Parent object - must always be + * the first field - here we are using + * a linked list to store the records */ + dbase_llist_t llist; + + /* Backing databases - for each + * thing being joined */ + dbase_config_t *join1; + dbase_config_t *join2; + + /* JOIN extension */ + record_join_table_t *rjtable; +}; + +static int dbase_join_cache(semanage_handle_t * handle, dbase_join_t * dbase) +{ + + /* Extract all the object tables information */ + dbase_t *dbase1 = dbase->join1->dbase; + dbase_t *dbase2 = dbase->join2->dbase; + dbase_table_t *dtable1 = dbase->join1->dtable; + dbase_table_t *dtable2 = dbase->join2->dtable; + record_table_t *rtable = dbase_llist_get_rtable(&dbase->llist); + record_join_table_t *rjtable = dbase->rjtable; + record_table_t *rtable1 = dtable1->get_rtable(dbase1); + record_table_t *rtable2 = dtable2->get_rtable(dbase2); + + record_key_t *rkey = NULL; + record_t *record = NULL; + record1_t **records1 = NULL; + record2_t **records2 = NULL; + unsigned int rcount1 = 0, rcount2 = 0, i = 0, j = 0; + + /* Already cached */ + if (!dbase_llist_needs_resync(handle, &dbase->llist)) + return STATUS_SUCCESS; + + /* Update cache serial */ + dbase_llist_cache_init(&dbase->llist); + if (dbase_llist_set_serial(handle, &dbase->llist) < 0) + goto err; + + /* First cache any child dbase, which must + * be the first thing done when calling dbase + * functions internally */ + if (dtable1->cache(handle, dbase1) < 0) + goto err; + if (dtable2->cache(handle, dbase2) < 0) + goto err; + + /* Fetch records */ + if (dtable1->list(handle, dbase1, &records1, &rcount1) < 0) + goto err; + if (dtable2->list(handle, dbase2, &records2, &rcount2) < 0) + goto err; + + /* Sort for quicker merge later */ + qsort(records1, rcount1, sizeof(record1_t *), + (int (*)(const void *, const void *))rtable1->compare2_qsort); + qsort(records2, rcount2, sizeof(record2_t *), + (int (*)(const void *, const void *))rtable2->compare2_qsort); + + /* Now merge into this dbase */ + while (i < rcount1 || j < rcount2) { + int rc; + + /* End of one list, or the other */ + if (i == rcount1) + rc = -1; + else if (j == rcount2) + rc = 1; + + /* Still more records to go, compare them */ + else { + if (rtable1->key_extract(handle, records1[i], &rkey) < + 0) + goto err; + + rc = rtable2->compare(records2[j], rkey); + + rtable->key_free(rkey); + rkey = NULL; + } + + /* Missing record1 data */ + if (rc < 0) { + if (rjtable->join(handle, NULL, + records2[j], &record) < 0) + goto err; + j++; + } + + /* Missing record2 data */ + else if (rc > 0) { + if (rjtable->join(handle, records1[i], + NULL, &record) < 0) + goto err; + i++; + } + + /* Both records available */ + else { + if (rjtable->join(handle, records1[i], + records2[j], &record) < 0) + goto err; + + i++; + j++; + } + + /* Add result record to database */ + if (dbase_llist_cache_prepend(handle, &dbase->llist, record) < + 0) + goto err; + + rtable->free(record); + record = NULL; + } + + /* Update cache serial */ + if (dbase_llist_set_serial(handle, &dbase->llist) < 0) + goto err; + + for (i = 0; i < rcount1; i++) + rtable1->free(records1[i]); + for (i = 0; i < rcount2; i++) + rtable2->free(records2[i]); + free(records1); + free(records2); + return STATUS_SUCCESS; + + err: + ERR(handle, "could not cache join database"); + for (i = 0; i < rcount1; i++) + rtable1->free(records1[i]); + for (i = 0; i < rcount2; i++) + rtable2->free(records2[i]); + free(records1); + free(records2); + rtable->key_free(rkey); + rtable->free(record); + dbase_llist_drop_cache(&dbase->llist); + return STATUS_ERR; +} + +/* Flush database */ +static int dbase_join_flush(semanage_handle_t * handle, dbase_join_t * dbase) +{ + + /* Extract all the object tables information */ + dbase_t *dbase1 = dbase->join1->dbase; + dbase_t *dbase2 = dbase->join2->dbase; + dbase_table_t *dtable1 = dbase->join1->dtable; + dbase_table_t *dtable2 = dbase->join2->dtable; + record_table_t *rtable = dbase_llist_get_rtable(&dbase->llist); + record_join_table_t *rjtable = dbase->rjtable; + record_table_t *rtable1 = dtable1->get_rtable(dbase1); + record_table_t *rtable2 = dtable2->get_rtable(dbase2); + + cache_entry_t *ptr; + record_key_t *rkey = NULL; + record1_t *record1 = NULL; + record2_t *record2 = NULL; + + /* No effect of flush */ + if (!dbase_llist_is_modified(&dbase->llist)) + return STATUS_SUCCESS; + + /* Then clear all records from the cache. + * This is *not* the same as dropping the cache - it's an explicit + * request to delete all current records. We need to do + * this because we don't store delete deltas for the join, + * so we must re-add all records from scratch */ + if (dtable1->clear(handle, dbase1) < 0) + goto err; + if (dtable2->clear(handle, dbase2) < 0) + goto err; + + /* For each record, split, and add parts into their corresponding databases */ + for (ptr = dbase->llist.cache_tail; ptr != NULL; ptr = ptr->prev) { + + if (rtable->key_extract(handle, ptr->data, &rkey) < 0) + goto err; + + if (rjtable->split(handle, ptr->data, &record1, &record2) < 0) + goto err; + + if (dtable1->add(handle, dbase1, rkey, record1) < 0) + goto err; + + if (dtable2->add(handle, dbase2, rkey, record2) < 0) + goto err; + + rtable->key_free(rkey); + rtable1->free(record1); + rtable2->free(record2); + rkey = NULL; + record1 = NULL; + record2 = NULL; + } + + /* Note that this function does not flush the child databases, it + * leaves that decision up to higher-level code */ + + dbase_llist_set_modified(&dbase->llist, 0); + return STATUS_SUCCESS; + + err: + ERR(handle, "could not flush join database"); + rtable->key_free(rkey); + rtable1->free(record1); + rtable2->free(record2); + return STATUS_ERR; +} + +int dbase_join_init(semanage_handle_t * handle, + record_table_t * rtable, + record_join_table_t * rjtable, + dbase_config_t * join1, + dbase_config_t * join2, dbase_t ** dbase) +{ + + dbase_join_t *tmp_dbase = malloc(sizeof(dbase_join_t)); + + if (!tmp_dbase) + goto omem; + + dbase_llist_init(&tmp_dbase->llist, rtable, &SEMANAGE_JOIN_DTABLE); + + tmp_dbase->rjtable = rjtable; + tmp_dbase->join1 = join1; + tmp_dbase->join2 = join2; + + *dbase = tmp_dbase; + + return STATUS_SUCCESS; + + omem: + ERR(handle, "out of memory, could not initialize join database"); + free(tmp_dbase); + return STATUS_ERR; +} + +/* Release dbase resources */ +void dbase_join_release(dbase_join_t * dbase) +{ + + dbase_llist_drop_cache(&dbase->llist); + free(dbase); +} + +/* JOIN dbase - method table implementation */ +dbase_table_t SEMANAGE_JOIN_DTABLE = { + + /* Cache/Transactions */ + .cache = dbase_join_cache, + .drop_cache = (void *)dbase_llist_drop_cache, + .flush = dbase_join_flush, + .is_modified = (void *)dbase_llist_is_modified, + + /* Database API */ + .iterate = (void *)dbase_llist_iterate, + .exists = (void *)dbase_llist_exists, + .list = (void *)dbase_llist_list, + .add = (void *)dbase_llist_add, + .set = (void *)dbase_llist_set, + .del = (void *)dbase_llist_del, + .clear = (void *)dbase_llist_clear, + .modify = (void *)dbase_llist_modify, + .query = (void *)dbase_llist_query, + .count = (void *)dbase_llist_count, + + /* Polymorphism */ + .get_rtable = (void *)dbase_llist_get_rtable +}; diff --git a/libsemanage/src/database_join.h b/libsemanage/src/database_join.h new file mode 100644 index 00000000..d477fc41 --- /dev/null +++ b/libsemanage/src/database_join.h @@ -0,0 +1,47 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +#ifndef _SEMANAGE_DATABASE_JOIN_INTERNAL_H_ +#define _SEMANAGE_DATABASE_JOIN_INTERNAL_H_ + +#include "database.h" +#include "handle.h" + +#ifndef DBASE_RECORD_JOIN_DEFINED +typedef void *record1_t; +typedef void *record2_t; +#define DBASE_RECORD_JOIN_DEFINED +#endif + +struct dbase_join; +typedef struct dbase_join dbase_join_t; + +/* JOIN extension to RECORD interface - method table */ +typedef struct record_join_table { + + /* Join two records together. + * One of the provided records could be NULL */ + int (*join) (semanage_handle_t * handle, + const record1_t * record1, + const record2_t * record2, record_t ** result); + + /* Splits a record into two */ + int (*split) (semanage_handle_t * handle, + const record_t * record, + record1_t ** split1, record2_t ** split2); + +} record_join_table_t; + +/* JOIN - initialization */ +extern int dbase_join_init(semanage_handle_t * handle, + record_table_t * rtable, + record_join_table_t * rjtable, + dbase_config_t * join1, + dbase_config_t * join2, dbase_join_t ** dbase); + +/* FILE - release */ +extern void dbase_join_release(dbase_join_t * dbase); + +/* JOIN - method table implementation */ +extern dbase_table_t SEMANAGE_JOIN_DTABLE; + +#endif diff --git a/libsemanage/src/database_llist.c b/libsemanage/src/database_llist.c new file mode 100644 index 00000000..1cb7454d --- /dev/null +++ b/libsemanage/src/database_llist.c @@ -0,0 +1,376 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +/* Object: dbase_llist_t (Linked List) + * Partially Implements: dbase_t (Database) + */ + +struct dbase_llist; +typedef struct dbase_llist dbase_t; +#define DBASE_DEFINED + +#include <stdlib.h> +#include "debug.h" +#include "handle.h" +#include "database_llist.h" + +int dbase_llist_needs_resync(semanage_handle_t * handle, dbase_llist_t * dbase) +{ + + int cache_serial; + + if (dbase->cache_serial < 0) + return 1; + + cache_serial = handle->funcs->get_serial(handle); + if (cache_serial < 0) + return 1; + + if (cache_serial != dbase->cache_serial) { + dbase_llist_drop_cache(dbase); + dbase->cache_serial = -1; + return 1; + } + return 0; +} + +/* Helper for adding records to the cache */ +int dbase_llist_cache_prepend(semanage_handle_t * handle, + dbase_llist_t * dbase, const record_t * data) +{ + + /* Initialize */ + cache_entry_t *entry = (cache_entry_t *) malloc(sizeof(cache_entry_t)); + if (entry == NULL) + goto omem; + + if (dbase->rtable->clone(handle, data, &entry->data) < 0) + goto err; + + entry->prev = NULL; + entry->next = dbase->cache; + + /* Link */ + if (dbase->cache != NULL) + dbase->cache->prev = entry; + if (dbase->cache_tail == NULL) + dbase->cache_tail = entry; + dbase->cache = entry; + dbase->cache_sz++; + return STATUS_SUCCESS; + + omem: + ERR(handle, "out of memory"); + + err: + ERR(handle, "could not cache record"); + free(entry); + return STATUS_ERR; +} + +void dbase_llist_drop_cache(dbase_llist_t * dbase) +{ + + if (dbase->cache_serial < 0) + return; + + cache_entry_t *prev, *ptr = dbase->cache; + while (ptr != NULL) { + prev = ptr; + ptr = ptr->next; + dbase->rtable->free(prev->data); + free(prev); + } + + dbase->cache_serial = -1; + dbase->modified = 0; +} + +int dbase_llist_set_serial(semanage_handle_t * handle, dbase_llist_t * dbase) +{ + + int cache_serial = handle->funcs->get_serial(handle); + if (cache_serial < 0) { + ERR(handle, "could not update cache serial"); + return STATUS_ERR; + } + + dbase->cache_serial = cache_serial; + return STATUS_SUCCESS; +} + +/* Helper for finding records in the cache */ +static int dbase_llist_cache_locate(semanage_handle_t * handle, + dbase_llist_t * dbase, + const record_key_t * key, + cache_entry_t ** entry) +{ + + cache_entry_t *ptr; + + /* Implemented in parent */ + if (dbase->dtable->cache(handle, dbase) < 0) + goto err; + + for (ptr = dbase->cache; ptr != NULL; ptr = ptr->next) { + if (!dbase->rtable->compare(ptr->data, key)) { + *entry = ptr; + return STATUS_SUCCESS; + } + } + + return STATUS_NODATA; + + err: + ERR(handle, "could not complete cache lookup"); + return STATUS_ERR; +} + +int dbase_llist_exists(semanage_handle_t * handle, + dbase_llist_t * dbase, + const record_key_t * key, int *response) +{ + + cache_entry_t *entry; + int status; + + status = dbase_llist_cache_locate(handle, dbase, key, &entry); + if (status < 0) + goto err; + + *response = (status != STATUS_NODATA); + return STATUS_SUCCESS; + + err: + ERR(handle, "could not check if record exists"); + return STATUS_ERR; +} + +int dbase_llist_add(semanage_handle_t * handle, + dbase_llist_t * dbase, + const record_key_t * key, const record_t * data) +{ + + if (dbase_llist_cache_prepend(handle, dbase, data) < 0) + goto err; + + key = NULL; + dbase->modified = 1; + return STATUS_SUCCESS; + + err: + ERR(handle, "could not add record to the database"); + return STATUS_ERR; +} + +int dbase_llist_set(semanage_handle_t * handle, + dbase_llist_t * dbase, + const record_key_t * key, const record_t * data) +{ + + cache_entry_t *entry; + int status; + + status = dbase_llist_cache_locate(handle, dbase, key, &entry); + if (status < 0) + goto err; + if (status == STATUS_NODATA) { + ERR(handle, "record not found in the database"); + goto err; + } else { + dbase->rtable->free(entry->data); + if (dbase->rtable->clone(handle, data, &entry->data) < 0) + goto err; + } + + dbase->modified = 1; + return STATUS_SUCCESS; + + err: + ERR(handle, "could not set record value"); + return STATUS_ERR; +} + +int dbase_llist_modify(semanage_handle_t * handle, + dbase_llist_t * dbase, + const record_key_t * key, const record_t * data) +{ + + cache_entry_t *entry; + int status; + + status = dbase_llist_cache_locate(handle, dbase, key, &entry); + if (status < 0) + goto err; + if (status == STATUS_NODATA) { + if (dbase_llist_cache_prepend(handle, dbase, data) < 0) + goto err; + } else { + dbase->rtable->free(entry->data); + if (dbase->rtable->clone(handle, data, &entry->data) < 0) + goto err; + } + + dbase->modified = 1; + return STATUS_SUCCESS; + + err: + ERR(handle, "could not modify record value"); + return STATUS_ERR; +} + +hidden int dbase_llist_count(semanage_handle_t * handle, + dbase_llist_t * dbase, unsigned int *response) +{ + + *response = dbase->cache_sz; + handle = NULL; + return STATUS_SUCCESS; +} + +int dbase_llist_query(semanage_handle_t * handle, + dbase_llist_t * dbase, + const record_key_t * key, record_t ** response) +{ + + cache_entry_t *entry; + int status; + + status = dbase_llist_cache_locate(handle, dbase, key, &entry); + if (status < 0 || status == STATUS_NODATA) + goto err; + + if (dbase->rtable->clone(handle, entry->data, response) < 0) + goto err; + + return STATUS_SUCCESS; + + err: + ERR(handle, "could not query record value"); + return STATUS_ERR; +} + +int dbase_llist_iterate(semanage_handle_t * handle, + dbase_llist_t * dbase, + int (*fn) (const record_t * record, + void *fn_arg), void *arg) +{ + + int rc; + cache_entry_t *ptr; + + for (ptr = dbase->cache_tail; ptr != NULL; ptr = ptr->prev) { + + rc = fn(ptr->data, arg); + if (rc < 0) + goto err; + + else if (rc > 1) + break; + } + + return STATUS_SUCCESS; + + err: + ERR(handle, "could not iterate over records"); + return STATUS_ERR; +} + +int dbase_llist_del(semanage_handle_t * handle, + dbase_llist_t * dbase, const record_key_t * key) +{ + + cache_entry_t *ptr, *prev = NULL; + + for (ptr = dbase->cache; ptr != NULL; ptr = ptr->next) { + if (!dbase->rtable->compare(ptr->data, key)) { + if (prev != NULL) + prev->next = ptr->next; + else + dbase->cache = ptr->next; + + if (ptr->next != NULL) + ptr->next->prev = ptr->prev; + else + dbase->cache_tail = ptr->prev; + + dbase->rtable->free(ptr->data); + dbase->cache_sz--; + free(ptr); + dbase->modified = 1; + return STATUS_SUCCESS; + } else + prev = ptr; + } + + handle = NULL; + return STATUS_SUCCESS; +} + +int dbase_llist_clear(semanage_handle_t * handle, dbase_llist_t * dbase) +{ + + int old_serial = dbase->cache_serial; + + if (dbase_llist_set_serial(handle, dbase) < 0) { + ERR(handle, "could not set serial of cleared dbase"); + return STATUS_ERR; + } + + if (old_serial >= 0) { + cache_entry_t *prev, *ptr = dbase->cache; + while (ptr != NULL) { + prev = ptr; + ptr = ptr->next; + dbase->rtable->free(prev->data); + free(prev); + } + } + + dbase->cache = NULL; + dbase->cache_tail = NULL; + dbase->cache_sz = 0; + dbase->modified = 1; + return STATUS_SUCCESS; +} + +int dbase_llist_list(semanage_handle_t * handle, + dbase_llist_t * dbase, + record_t *** records, unsigned int *count) +{ + + cache_entry_t *ptr; + record_t **tmp_records = NULL; + unsigned int tmp_count; + int i = 0; + + tmp_count = dbase->cache_sz; + if (tmp_count > 0) { + tmp_records = (record_t **) + calloc(tmp_count, sizeof(record_t *)); + + if (tmp_records == NULL) + goto omem; + + for (ptr = dbase->cache_tail; ptr != NULL; ptr = ptr->prev) { + if (dbase->rtable->clone(handle, + ptr->data, + &tmp_records[i]) < 0) + goto err; + i++; + } + } + + *records = tmp_records; + *count = tmp_count; + return STATUS_SUCCESS; + + omem: + ERR(handle, "out of memory"); + + err: + for (; i >= 0; i--) + dbase->rtable->free(tmp_records[i]); + free(tmp_records); + ERR(handle, "could not allocate record array"); + return STATUS_ERR; +} diff --git a/libsemanage/src/database_llist.h b/libsemanage/src/database_llist.h new file mode 100644 index 00000000..84994ef2 --- /dev/null +++ b/libsemanage/src/database_llist.h @@ -0,0 +1,122 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +#ifndef _SEMANAGE_DATABASE_LLIST_INTERNAL_H_ +#define _SEMANAGE_DATABASE_LLIST_INTERNAL_H_ + +#include "database.h" +#include "handle.h" + +/* Representation of the database once loaded in memory */ +typedef struct cache_entry { + record_t *data; + struct cache_entry *prev; + struct cache_entry *next; +} cache_entry_t; + +/* LLIST dbase */ +typedef struct dbase_llist { + + /* Method tables */ + record_table_t *rtable; + dbase_table_t *dtable; + + /* In-memory representation (cache) */ + cache_entry_t *cache; + cache_entry_t *cache_tail; + + unsigned int cache_sz; + int cache_serial; + int modified; +} dbase_llist_t; + +/* Helpers for internal use only */ + +static inline void dbase_llist_cache_init(dbase_llist_t * dbase) +{ + + dbase->cache = NULL; + dbase->cache_tail = NULL; + dbase->cache_sz = 0; + dbase->cache_serial = -1; + dbase->modified = 0; +} + +static inline void dbase_llist_init(dbase_llist_t * dbase, + record_table_t * rtable, + dbase_table_t * dtable) +{ + + dbase->rtable = rtable; + dbase->dtable = dtable; + dbase_llist_cache_init(dbase); +} + +extern int dbase_llist_cache_prepend(semanage_handle_t * handle, + dbase_llist_t * dbase, + const record_t * data); + +extern int dbase_llist_needs_resync(semanage_handle_t * handle, + dbase_llist_t * dbase); + +extern int dbase_llist_set_serial(semanage_handle_t * handle, + dbase_llist_t * dbase); + +static inline void dbase_llist_set_modified(dbase_llist_t * dbase, int status) +{ + dbase->modified = status; +} + +/* LLIST - cache/transactions */ +extern void dbase_llist_drop_cache(dbase_llist_t * dbase); + +static inline int dbase_llist_is_modified(dbase_llist_t * dbase) +{ + + return dbase->modified; +} + +/* LLIST - polymorphism */ +static inline record_table_t *dbase_llist_get_rtable(dbase_llist_t * dbase) +{ + return dbase->rtable; +} + +/* LLIST - dbase API */ +extern int dbase_llist_exists(semanage_handle_t * handle, + dbase_llist_t * dbase, + const record_key_t * key, int *response); + +extern int dbase_llist_add(semanage_handle_t * handle, + dbase_llist_t * dbase, + const record_key_t * key, const record_t * data); + +extern int dbase_llist_set(semanage_handle_t * handle, + dbase_llist_t * dbase, + const record_key_t * key, const record_t * data); + +extern int dbase_llist_modify(semanage_handle_t * handle, + dbase_llist_t * dbase, + const record_key_t * key, const record_t * data); + +extern int dbase_llist_count(semanage_handle_t * handle, + dbase_llist_t * dbase, unsigned int *response); + +extern int dbase_llist_query(semanage_handle_t * handle, + dbase_llist_t * dbase, + const record_key_t * key, record_t ** response); + +extern int dbase_llist_iterate(semanage_handle_t * handle, + dbase_llist_t * dbase, + int (*fn) (const record_t * record, + void *fn_arg), void *arg); + +extern int dbase_llist_del(semanage_handle_t * handle, + dbase_llist_t * dbase, const record_key_t * key); + +extern int dbase_llist_clear(semanage_handle_t * handle, dbase_llist_t * dbase); + +extern int dbase_llist_list(semanage_handle_t * handle, + dbase_llist_t * dbase, + record_t *** records, unsigned int *count); + +#endif diff --git a/libsemanage/src/database_policydb.c b/libsemanage/src/database_policydb.c new file mode 100644 index 00000000..839dcbe3 --- /dev/null +++ b/libsemanage/src/database_policydb.c @@ -0,0 +1,495 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +/* Object: dbase_policydb_t (Policy) + * Implements: dbase_t (Database) + */ + +struct dbase_policydb; +typedef struct dbase_policydb dbase_t; +#define DBASE_DEFINED + +#include <stdlib.h> +#include <stddef.h> +#include <string.h> +#include <stdio.h> +#include <stdio_ext.h> +#include <errno.h> + +#include <sepol/policydb.h> + +#include "database_policydb.h" +#include "semanage_store.h" +#include "handle.h" +#include "debug.h" + +/* POLICYDB dbase */ +struct dbase_policydb { + + /* Backing file suffix */ + const char *suffix; + + /* Base record table */ + record_table_t *rtable; + + /* Policy extensions */ + record_policydb_table_t *rptable; + + sepol_policydb_t *policydb; + + int cache_serial; + int modified; + int attached; +}; + +static void dbase_policydb_drop_cache(dbase_policydb_t * dbase) +{ + + if (dbase->cache_serial >= 0) { + sepol_policydb_free(dbase->policydb); + dbase->cache_serial = -1; + dbase->modified = 0; + } +} + +static int dbase_policydb_set_serial(semanage_handle_t * handle, + dbase_policydb_t * dbase) +{ + + int cache_serial = handle->funcs->get_serial(handle); + if (cache_serial < 0) { + ERR(handle, "could not update cache serial"); + return STATUS_ERR; + } + + dbase->cache_serial = cache_serial; + return STATUS_SUCCESS; +} + +static int dbase_policydb_needs_resync(semanage_handle_t * handle, + dbase_policydb_t * dbase) +{ + + int cache_serial; + + if (dbase->cache_serial < 0) + return 1; + + cache_serial = handle->funcs->get_serial(handle); + if (cache_serial < 0) + return 1; + + if (cache_serial != dbase->cache_serial) { + dbase_policydb_drop_cache(dbase); + dbase->cache_serial = -1; + return 1; + } + return 0; +} + +static int construct_filename(semanage_handle_t * handle, + dbase_policydb_t * dbase, char **filename) +{ + + const char *path = (handle->is_in_transaction) ? + semanage_path(SEMANAGE_TMP, SEMANAGE_TOPLEVEL) : + semanage_path(SEMANAGE_ACTIVE, SEMANAGE_TOPLEVEL); + size_t fname_length = strlen(path) + strlen(dbase->suffix) + 2; + + char *fname = malloc(fname_length); + if (!fname) { + ERR(handle, "out of memory, could not construct database name"); + return STATUS_ERR; + } + snprintf(fname, fname_length, "%s/%s", path, dbase->suffix); + + *filename = fname; + return STATUS_SUCCESS; +} + +static int dbase_policydb_cache(semanage_handle_t * handle, + dbase_policydb_t * dbase) +{ + + FILE *fp = NULL; + sepol_policydb_t *policydb = NULL; + sepol_policy_file_t *pf = NULL; + char *fname = NULL; + + /* Check if cache is needed */ + if (dbase->attached) + return STATUS_SUCCESS; + + if (!dbase_policydb_needs_resync(handle, dbase)) + return STATUS_SUCCESS; + + if (construct_filename(handle, dbase, &fname) < 0) + goto err; + + if (sepol_policydb_create(&policydb) < 0) { + ERR(handle, "could not create policydb object"); + goto err; + } + + /* Try opening file + * ENOENT is not fatal - we just create an empty policydb */ + fp = fopen(fname, "rb"); + if (fp == NULL && errno != ENOENT) { + ERR(handle, "could not open %s for reading: %s", + fname, strerror(errno)); + goto err; + } + + /* If the file was opened successfully, read a policydb */ + if (fp != NULL) { + __fsetlocking(fp, FSETLOCKING_BYCALLER); + if (sepol_policy_file_create(&pf) < 0) { + ERR(handle, "could not create policy file object"); + goto err; + } + + sepol_policy_file_set_fp(pf, fp); + sepol_policy_file_set_handle(pf, handle->sepolh); + + if (sepol_policydb_read(policydb, pf) < 0) + goto err; + + sepol_policy_file_free(pf); + fclose(fp); + fp = NULL; + } + + /* Update cache serial */ + if (dbase_policydb_set_serial(handle, dbase) < 0) + goto err; + + /* Update the database policydb */ + dbase->policydb = policydb; + free(fname); + return STATUS_SUCCESS; + + err: + ERR(handle, "could not cache policy database"); + if (fp) + fclose(fp); + sepol_policydb_free(policydb); + sepol_policy_file_free(pf); + free(fname); + return STATUS_ERR; +} + +static int dbase_policydb_flush(semanage_handle_t * handle, + dbase_policydb_t * dbase) +{ + + if (!dbase->modified) + return STATUS_SUCCESS; + + dbase->modified = 0; + + /* Stub */ + handle = NULL; + return STATUS_ERR; +} + +/* Check if modified */ +static int dbase_policydb_is_modified(dbase_policydb_t * dbase) +{ + + return dbase->modified; +} + +int dbase_policydb_init(semanage_handle_t * handle, + const char *suffix, + record_table_t * rtable, + record_policydb_table_t * rptable, + dbase_policydb_t ** dbase) +{ + + dbase_policydb_t *tmp_dbase = + (dbase_policydb_t *) malloc(sizeof(dbase_policydb_t)); + + if (!tmp_dbase) + goto omem; + + tmp_dbase->suffix = suffix; + tmp_dbase->rtable = rtable; + tmp_dbase->rptable = rptable; + tmp_dbase->policydb = NULL; + tmp_dbase->cache_serial = -1; + tmp_dbase->modified = 0; + tmp_dbase->attached = 0; + *dbase = tmp_dbase; + + return STATUS_SUCCESS; + + omem: + ERR(handle, "out of memory, could not initialize policy database"); + free(tmp_dbase); + + return STATUS_ERR; +} + +/* Release dbase resources */ +void dbase_policydb_release(dbase_policydb_t * dbase) +{ + + dbase_policydb_drop_cache(dbase); + free(dbase); +} + +/* Attach to a shared policydb. + * This implies drop_cache(), + * and prevents flush() and drop_cache() + * until detached. */ +void dbase_policydb_attach(dbase_policydb_t * dbase, + sepol_policydb_t * policydb) +{ + + dbase->attached = 1; + dbase_policydb_drop_cache(dbase); + dbase->policydb = policydb; +} + +/* Detach from a shared policdb. + * This implies drop_cache. */ +void dbase_policydb_detach(dbase_policydb_t * dbase) +{ + + dbase->attached = 0; + dbase->modified = 0; +} + +static int dbase_policydb_add(semanage_handle_t * handle, + dbase_policydb_t * dbase, + const record_key_t * key, const record_t * data) +{ + + if (dbase->rptable->add(handle->sepolh, dbase->policydb, key, data) < 0) + goto err; + + dbase->modified = 1; + return STATUS_SUCCESS; + + err: + ERR(handle, "could not add record to the database"); + return STATUS_ERR; +} + +static int dbase_policydb_set(semanage_handle_t * handle, + dbase_policydb_t * dbase, + const record_key_t * key, const record_t * data) +{ + + if (dbase->rptable->set(handle->sepolh, dbase->policydb, key, data) < 0) + goto err; + + dbase->modified = 1; + return STATUS_SUCCESS; + + err: + ERR(handle, "could not set record value"); + return STATUS_ERR; +} + +static int dbase_policydb_modify(semanage_handle_t * handle, + dbase_policydb_t * dbase, + const record_key_t * key, + const record_t * data) +{ + + if (dbase->rptable->modify(handle->sepolh, + dbase->policydb, key, data) < 0) + goto err; + + dbase->modified = 1; + return STATUS_SUCCESS; + + err: + ERR(handle, "could not modify record value"); + return STATUS_ERR; +} + +static int dbase_policydb_del(semanage_handle_t * handle, + dbase_policydb_t * dbase, + const record_key_t * key) +{ + + /* Stub */ + key = NULL; + handle = NULL; + dbase = NULL; + return STATUS_ERR; +} + +static int dbase_policydb_clear(semanage_handle_t * handle, + dbase_policydb_t * dbase) +{ + + /* Stub */ + handle = NULL; + dbase = NULL; + return STATUS_ERR; +} + +static int dbase_policydb_query(semanage_handle_t * handle, + dbase_policydb_t * dbase, + const record_key_t * key, record_t ** response) +{ + + if (dbase->rptable->query(handle->sepolh, + dbase->policydb, key, response) < 0) + goto err; + + return STATUS_SUCCESS; + + err: + ERR(handle, "could not query record value"); + return STATUS_ERR; +} + +static int dbase_policydb_exists(semanage_handle_t * handle, + dbase_policydb_t * dbase, + const record_key_t * key, int *response) +{ + + if (dbase->rptable->exists(handle->sepolh, + dbase->policydb, key, response) < 0) + goto err; + + return STATUS_SUCCESS; + + err: + ERR(handle, "could not check if record exists"); + return STATUS_ERR; +} + +static int dbase_policydb_count(semanage_handle_t * handle, + dbase_policydb_t * dbase, + unsigned int *response) +{ + + if (dbase->rptable->count(handle->sepolh, + dbase->policydb, response) < 0) + goto err; + + return STATUS_SUCCESS; + + err: + ERR(handle, "could not count the database records"); + return STATUS_ERR; +} + +static int dbase_policydb_iterate(semanage_handle_t * handle, + dbase_policydb_t * dbase, + int (*fn) (const record_t * record, + void *fn_arg), void *arg) +{ + + if (dbase->rptable->iterate(handle->sepolh, + dbase->policydb, fn, arg) < 0) + goto err; + + return STATUS_SUCCESS; + + err: + ERR(handle, "could not iterate over records"); + return STATUS_ERR; +} + +struct list_handler_arg { + semanage_handle_t *handle; + record_table_t *rtable; + record_t **records; + int pos; +}; + +static int list_handler(const record_t * record, void *varg) +{ + + struct list_handler_arg *arg = (struct list_handler_arg *)varg; + + if (arg->rtable->clone(arg->handle, record, &arg->records[arg->pos]) < + 0) + return -1; + arg->pos++; + return 0; +} + +static int dbase_policydb_list(semanage_handle_t * handle, + dbase_t * dbase, + record_t *** records, unsigned int *count) +{ + + record_t **tmp_records = NULL; + unsigned int tmp_count; + struct list_handler_arg list_arg; + list_arg.pos = 0; + list_arg.rtable = dbase->rtable; + list_arg.handle = handle; + + if (dbase->rptable->count(handle->sepolh, + dbase->policydb, &tmp_count) < 0) + goto err; + + if (tmp_count > 0) { + tmp_records = (record_t **) + calloc(tmp_count, sizeof(record_t *)); + + if (tmp_records == NULL) + goto omem; + + list_arg.records = tmp_records; + + if (dbase->rptable->iterate(handle->sepolh, + dbase->policydb, list_handler, + &list_arg) < 0) { + ERR(handle, "list handler could not extract record"); + goto err; + } + } + + *records = tmp_records; + *count = tmp_count; + return STATUS_SUCCESS; + + omem: + ERR(handle, "out of memory"); + + err: + for (; list_arg.pos >= 0; list_arg.pos--) + dbase->rtable->free(tmp_records[list_arg.pos]); + free(tmp_records); + ERR(handle, "could not list records"); + return STATUS_ERR; +} + +static record_table_t *dbase_policydb_get_rtable(dbase_policydb_t * dbase) +{ + + return dbase->rtable; +} + +/* POLICYDB dbase - method table implementation */ +dbase_table_t SEMANAGE_POLICYDB_DTABLE = { + + /* Cache/Transactions */ + .cache = dbase_policydb_cache, + .drop_cache = dbase_policydb_drop_cache, + .flush = dbase_policydb_flush, + .is_modified = dbase_policydb_is_modified, + + /* Database Functionality */ + .iterate = dbase_policydb_iterate, + .exists = dbase_policydb_exists, + .list = dbase_policydb_list, + .add = dbase_policydb_add, + .set = dbase_policydb_set, + .del = dbase_policydb_del, + .clear = dbase_policydb_clear, + .modify = dbase_policydb_modify, + .query = dbase_policydb_query, + .count = dbase_policydb_count, + + /* Polymorphism */ + .get_rtable = dbase_policydb_get_rtable +}; diff --git a/libsemanage/src/database_policydb.h b/libsemanage/src/database_policydb.h new file mode 100644 index 00000000..88cde5ed --- /dev/null +++ b/libsemanage/src/database_policydb.h @@ -0,0 +1,111 @@ +/* + * Copyright (C) 2006 Tresys Technology, LLC + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +/* Copyright (C) 2005 Red Hat, Inc. */ + +#ifndef _SEMANAGE_DATABASE_POLICYDB_INTERNAL_H_ +#define _SEMANAGE_DATABASE_POLICYDB_INTERNAL_H_ + +#include <sepol/handle.h> +#include <sepol/policydb.h> +#include "database.h" +#include "handle.h" + +struct dbase_policydb; +typedef struct dbase_policydb dbase_policydb_t; + +typedef int (*record_policydb_table_add_t) (sepol_handle_t * h, + sepol_policydb_t * p, + const record_key_t * rkey, + const record_t * record); + +typedef int (*record_policydb_table_modify_t) (sepol_handle_t * h, + sepol_policydb_t * p, + const record_key_t * rkey, + const record_t * record); + +typedef int (*record_policydb_table_set_t) (sepol_handle_t * h, + sepol_policydb_t * p, + const record_key_t * rkey, + const record_t * record); + +typedef int (*record_policydb_table_query_t) (sepol_handle_t * h, + const sepol_policydb_t * p, + const record_key_t * rkey, + record_t ** response); + +typedef int (*record_policydb_table_count_t) (sepol_handle_t * h, + const sepol_policydb_t * p, + unsigned int *response); + +typedef int (*record_policydb_table_exists_t) (sepol_handle_t * h, + const sepol_policydb_t * p, + const record_key_t * rkey, + int *response); + +typedef int (*record_policydb_table_iterate_t) (sepol_handle_t * h, + const sepol_policydb_t * p, + int (*fn) (const record_t * r, + void *fn_arg), + void *arg); + +/* POLICYDB extension to RECORD interface - method table */ +typedef struct record_policydb_table { + /* Add policy record */ + record_policydb_table_add_t add; + /* Modify policy record, or add if + * the key isn't found */ + record_policydb_table_modify_t modify; + /* Set policy record */ + record_policydb_table_set_t set; + /* Query policy record - return the record + * or NULL if it isn't found */ + record_policydb_table_query_t query; + /* Count records */ + record_policydb_table_count_t count; + /* Check if a record exists */ + record_policydb_table_exists_t exists; + /* Iterate over records */ + record_policydb_table_iterate_t iterate; +} record_policydb_table_t; + +/* Initialize database */ +extern int dbase_policydb_init(semanage_handle_t * handle, + const char *suffix, + record_table_t * rtable, + record_policydb_table_t * rptable, + dbase_policydb_t ** dbase); + +/* Attach to a shared policydb. + * This implies drop_cache(). + * and prevents flush() and drop_cache() + * until detached. */ +extern void dbase_policydb_attach(dbase_policydb_t * dbase, + sepol_policydb_t * policydb); + +/* Detach from a shared policdb. + * This implies drop_cache. */ +extern void dbase_policydb_detach(dbase_policydb_t * dbase); + +/* Release allocated resources */ +extern void dbase_policydb_release(dbase_policydb_t * dbase); + +/* POLICYDB database - method table implementation */ +extern dbase_table_t SEMANAGE_POLICYDB_DTABLE; + +#endif diff --git a/libsemanage/src/debug.c b/libsemanage/src/debug.c new file mode 100644 index 00000000..4b96c30b --- /dev/null +++ b/libsemanage/src/debug.c @@ -0,0 +1,131 @@ +/* Author: Joshua Brindle <jbrindle@tresys.co + * Jason Tang <jtang@tresys.com> + * Ivan Gyurdiev <ivg2@cornell.edu> + * + * Copyright (C) 2004-2005 Tresys Technology, LLC + * Copyright (C) 2005 Red Hat Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#include <stdarg.h> +#include <stdlib.h> +#include <stdio.h> +#include <errno.h> +#include <string.h> +#include "handle.h" +#include "debug.h" + +int semanage_msg_get_level(semanage_handle_t * handle) +{ + return handle->msg_level; +} + +hidden_def(semanage_msg_get_level) + +const char *semanage_msg_get_channel(semanage_handle_t * handle) +{ + return handle->msg_channel; +} + +hidden_def(semanage_msg_get_channel) + +const char *semanage_msg_get_fname(semanage_handle_t * handle) +{ + return handle->msg_fname; +} + +hidden_def(semanage_msg_get_fname) +#ifdef __GNUC__ + __attribute__ ((format(printf, 3, 4))) +#endif +void hidden semanage_msg_default_handler(void *varg, + semanage_handle_t * handle, + const char *fmt, ...) +{ + + FILE *stream = NULL; + int errsv = 0; + + switch (semanage_msg_get_level(handle)) { + + case SEMANAGE_MSG_ERR: + errsv = errno; + case SEMANAGE_MSG_WARN: + stream = stderr; + break; + case SEMANAGE_MSG_INFO: + default: + stream = stdout; + break; + } + + fprintf(stream, "%s.%s: ", + semanage_msg_get_channel(handle), + semanage_msg_get_fname(handle)); + + va_list ap; + va_start(ap, fmt); + vfprintf(stream, fmt, ap); + va_end(ap); + + if (errsv && errsv != ENOMEM) + fprintf(stream, " (%s).", strerror(errsv)); + + fprintf(stream, "\n"); + + varg = NULL; +} + +#ifdef __GNUC__ +__attribute__ ((format(printf, 3, 4))) +#endif +void hidden semanage_msg_relay_handler(void *varg, + sepol_handle_t * sepolh, + const char *fmt, ...) +{ + va_list ap; + semanage_handle_t *sh = varg; + char buffer[1024]; + + if (!sh->msg_callback) + return; + + va_start(ap, fmt); + vsnprintf(buffer, sizeof(buffer), fmt, ap); + va_end(ap); + + sh->msg_fname = sepol_msg_get_fname(sepolh); + sh->msg_channel = sepol_msg_get_channel(sepolh); + sh->msg_level = sepol_msg_get_level(sepolh); /* XXX should map values */ + sh->msg_callback(sh->msg_callback_arg, sh, "%s", buffer); + return; +} + +extern void semanage_msg_set_callback(semanage_handle_t * handle, +#ifdef __GNUC__ + __attribute__ ((format(printf, 3, 4))) +#endif + void (*msg_callback) (void *varg, + semanage_handle_t * + handle, + const char *fmt, + ...), + void *msg_callback_arg) +{ + + handle->msg_callback = msg_callback; + handle->msg_callback_arg = msg_callback_arg; +} diff --git a/libsemanage/src/debug.h b/libsemanage/src/debug.h new file mode 100644 index 00000000..92bfcf5f --- /dev/null +++ b/libsemanage/src/debug.h @@ -0,0 +1,79 @@ +/* Author: Joshua Brindle <jbrindle@tresys.com> + * Jason Tang <jtang@tresys.com> + * Ivan Gyurdiev <ivg2@cornell.edu> + * + * Copyright (C) 2005 Tresys Technology, LLC + * Copyright (C) 2005 Red Hat Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#ifndef _SEMANAGE_INTERNAL_DEBUG_H_ +#define _SEMANAGE_INTERNAL_DEBUG_H_ + +#include <stdio.h> +#include <semanage/debug.h> +#include <sepol/debug.h> +#include "handle.h" +#include "dso.h" + +#define STATUS_SUCCESS 0 +#define STATUS_ERR -1 +#define STATUS_NODATA 1 + +#define msg_write(handle_arg, level_arg, \ + channel_arg, func_arg, ...) do { \ + \ + if ((handle_arg)->msg_callback) { \ + (handle_arg)->msg_fname = func_arg; \ + (handle_arg)->msg_channel = channel_arg; \ + (handle_arg)->msg_level = level_arg; \ + \ + (handle_arg)->msg_callback( \ + (handle_arg)->msg_callback_arg, \ + handle_arg, __VA_ARGS__); \ + } \ +} while(0) + +#define ERR(handle, ...) \ + msg_write(handle, SEMANAGE_MSG_ERR, "libsemanage", \ + __FUNCTION__, __VA_ARGS__) + +#define INFO(handle, ...) \ + msg_write(handle, SEMANAGE_MSG_INFO, "libsemanage", \ + __FUNCTION__, __VA_ARGS__) + +#define WARN(handle, ...) \ + msg_write(handle, SEMANAGE_MSG_WARN, "libsemanage", \ + __FUNCTION__, __VA_ARGS__) + +#ifdef __GNUC__ +__attribute__ ((format(printf, 3, 4))) +#endif +extern void hidden semanage_msg_default_handler(void *varg, + semanage_handle_t * handle, + const char *fmt, ...); + +#ifdef __GNUC__ +__attribute__ ((format(printf, 3, 4))) +#endif +extern void hidden semanage_msg_relay_handler(void *varg, + sepol_handle_t * handle, + const char *fmt, ...); + +hidden_proto(semanage_msg_get_channel) + hidden_proto(semanage_msg_get_fname) + hidden_proto(semanage_msg_get_level) +#endif diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c new file mode 100644 index 00000000..a5940b66 --- /dev/null +++ b/libsemanage/src/direct_api.c @@ -0,0 +1,1008 @@ +/* Author: Jason Tang <jtang@tresys.com> + * Christopher Ashworth <cashworth@tresys.com> + * + * Copyright (C) 2004-2006 Tresys Technology, LLC + * Copyright (C) 2005 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#include <sepol/module.h> +#include <selinux/selinux.h> + +#include <assert.h> +#include <fcntl.h> +#include <stdio.h> +#include <stdio_ext.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> +#include <sys/stat.h> +#include <sys/types.h> +#include <limits.h> +#include <errno.h> + +#include "user_internal.h" +#include "seuser_internal.h" +#include "port_internal.h" +#include "iface_internal.h" +#include "boolean_internal.h" +#include "fcontext_internal.h" +#include "node_internal.h" +#include "genhomedircon.h" + +#include "debug.h" +#include "handle.h" +#include "modules.h" +#include "direct_api.h" +#include "semanage_store.h" +#include "database_policydb.h" +#include "policy.h" + +static void semanage_direct_destroy(semanage_handle_t * sh); +static int semanage_direct_disconnect(semanage_handle_t * sh); +static int semanage_direct_begintrans(semanage_handle_t * sh); +static int semanage_direct_commit(semanage_handle_t * sh); +static int semanage_direct_install(semanage_handle_t * sh, char *data, + size_t data_len); +static int semanage_direct_upgrade(semanage_handle_t * sh, char *data, + size_t data_len); +static int semanage_direct_install_base(semanage_handle_t * sh, char *base_data, + size_t data_len); +static int semanage_direct_remove(semanage_handle_t * sh, char *module_name); +static int semanage_direct_list(semanage_handle_t * sh, + semanage_module_info_t ** modinfo, + int *num_modules); + +static struct semanage_policy_table direct_funcs = { + .get_serial = semanage_direct_get_serial, + .destroy = semanage_direct_destroy, + .disconnect = semanage_direct_disconnect, + .begin_trans = semanage_direct_begintrans, + .commit = semanage_direct_commit, + .install = semanage_direct_install, + .upgrade = semanage_direct_upgrade, + .install_base = semanage_direct_install_base, + .remove = semanage_direct_remove, + .list = semanage_direct_list +}; + +int semanage_direct_is_managed(semanage_handle_t * sh) +{ + char polpath[PATH_MAX]; + + snprintf(polpath, PATH_MAX, "%s%s", selinux_path(), + sh->conf->store_path); + + if (semanage_check_init(polpath)) + goto err; + + if (semanage_access_check(sh) < 0) + return 0; + + return 1; + + err: + ERR(sh, "could not check whether policy is managed"); + return STATUS_ERR; +} + +/* Check that the module store exists, creating it if necessary. + */ +int semanage_direct_connect(semanage_handle_t * sh) +{ + char polpath[PATH_MAX]; + + snprintf(polpath, PATH_MAX, "%s%s", selinux_path(), + sh->conf->store_path); + + if (semanage_check_init(polpath)) + goto err; + + if (sh->create_store) + if (semanage_create_store(sh, 1)) + goto err; + + if (semanage_access_check(sh) < SEMANAGE_CAN_READ) + goto err; + + sh->u.direct.translock_file_fd = -1; + sh->u.direct.activelock_file_fd = -1; + + /* set up function pointers */ + sh->funcs = &direct_funcs; + + /* Object databases: local modifications */ + if (user_base_file_dbase_init(sh, + semanage_fname(SEMANAGE_USERS_BASE_LOCAL), + semanage_user_base_dbase_local(sh)) < 0) + goto err; + + if (user_extra_file_dbase_init(sh, + semanage_fname + (SEMANAGE_USERS_EXTRA_LOCAL), + semanage_user_extra_dbase_local(sh)) < 0) + goto err; + + if (user_join_dbase_init(sh, + semanage_user_base_dbase_local(sh), + semanage_user_extra_dbase_local(sh), + semanage_user_dbase_local(sh)) < 0) + goto err; + + if (port_file_dbase_init(sh, + semanage_fname(SEMANAGE_PORTS_LOCAL), + semanage_port_dbase_local(sh)) < 0) + goto err; + + if (iface_file_dbase_init(sh, + semanage_fname(SEMANAGE_INTERFACES_LOCAL), + semanage_iface_dbase_local(sh)) < 0) + goto err; + + if (bool_file_dbase_init(sh, + semanage_fname(SEMANAGE_BOOLEANS_LOCAL), + semanage_bool_dbase_local(sh)) < 0) + goto err; + + if (fcontext_file_dbase_init(sh, + semanage_fname(SEMANAGE_FC_LOCAL), + semanage_fcontext_dbase_local(sh)) < 0) + goto err; + + if (seuser_file_dbase_init(sh, + semanage_fname(SEMANAGE_SEUSERS_LOCAL), + semanage_seuser_dbase_local(sh)) < 0) + goto err; + + if (node_file_dbase_init(sh, + semanage_fname(SEMANAGE_NODES_LOCAL), + semanage_node_dbase_local(sh)) < 0) + goto err; + + /* Object databases: local modifications + policy */ + if (user_base_policydb_dbase_init(sh, + semanage_user_base_dbase_policy(sh)) < + 0) + goto err; + + if (user_extra_file_dbase_init(sh, + semanage_fname(SEMANAGE_USERS_EXTRA), + semanage_user_extra_dbase_policy(sh)) < + 0) + goto err; + + if (user_join_dbase_init(sh, + semanage_user_base_dbase_policy(sh), + semanage_user_extra_dbase_policy(sh), + semanage_user_dbase_policy(sh)) < 0) + goto err; + + if (port_policydb_dbase_init(sh, semanage_port_dbase_policy(sh)) < 0) + goto err; + + if (iface_policydb_dbase_init(sh, semanage_iface_dbase_policy(sh)) < 0) + goto err; + + if (bool_policydb_dbase_init(sh, semanage_bool_dbase_policy(sh)) < 0) + goto err; + + if (fcontext_file_dbase_init(sh, + semanage_fname(SEMANAGE_FC), + semanage_fcontext_dbase_policy(sh)) < 0) + goto err; + + if (seuser_file_dbase_init(sh, + semanage_fname(SEMANAGE_SEUSERS), + semanage_seuser_dbase_policy(sh)) < 0) + goto err; + + if (node_policydb_dbase_init(sh, semanage_node_dbase_policy(sh)) < 0) + goto err; + + /* Active kernel policy */ + if (bool_activedb_dbase_init(sh, semanage_bool_dbase_active(sh)) < 0) + goto err; + + return STATUS_SUCCESS; + + err: + ERR(sh, "could not establish direct connection"); + return STATUS_ERR; +} + +static void semanage_direct_destroy(semanage_handle_t * sh) +{ + /* do nothing */ + sh = NULL; +} + +static int semanage_direct_disconnect(semanage_handle_t * sh) +{ + /* destroy transaction */ + if (sh->is_in_transaction) { + /* destroy sandbox */ + if (semanage_remove_directory + (semanage_path(SEMANAGE_TMP, SEMANAGE_TOPLEVEL)) < 0) { + ERR(sh, "Could not cleanly remove sandbox %s.", + semanage_path(SEMANAGE_TMP, SEMANAGE_TOPLEVEL)); + return -1; + } + semanage_release_trans_lock(sh); + } + + /* Release object databases: local modifications */ + user_base_file_dbase_release(semanage_user_base_dbase_local(sh)); + user_extra_file_dbase_release(semanage_user_extra_dbase_local(sh)); + user_join_dbase_release(semanage_user_dbase_local(sh)); + port_file_dbase_release(semanage_port_dbase_local(sh)); + iface_file_dbase_release(semanage_iface_dbase_local(sh)); + bool_file_dbase_release(semanage_bool_dbase_local(sh)); + fcontext_file_dbase_release(semanage_fcontext_dbase_local(sh)); + seuser_file_dbase_release(semanage_seuser_dbase_local(sh)); + node_file_dbase_release(semanage_node_dbase_local(sh)); + + /* Release object databases: local modifications + policy */ + user_base_policydb_dbase_release(semanage_user_base_dbase_policy(sh)); + user_extra_file_dbase_release(semanage_user_extra_dbase_policy(sh)); + user_join_dbase_release(semanage_user_dbase_policy(sh)); + port_policydb_dbase_release(semanage_port_dbase_policy(sh)); + iface_policydb_dbase_release(semanage_iface_dbase_policy(sh)); + bool_policydb_dbase_release(semanage_bool_dbase_policy(sh)); + fcontext_file_dbase_release(semanage_fcontext_dbase_policy(sh)); + seuser_file_dbase_release(semanage_seuser_dbase_policy(sh)); + node_policydb_dbase_release(semanage_node_dbase_policy(sh)); + + /* Release object databases: active kernel policy */ + bool_activedb_dbase_release(semanage_bool_dbase_active(sh)); + + return 0; +} + +static int semanage_direct_begintrans(semanage_handle_t * sh) +{ + + if (semanage_access_check(sh) != SEMANAGE_CAN_WRITE) { + return -1; + } + if (semanage_get_trans_lock(sh) < 0) { + return -1; + } + if ((semanage_make_sandbox(sh)) < 0) { + return -1; + } + return 0; +} + +/********************* utility functions *********************/ + +/* Takes a module stored in 'module_data' and parses its headers. + * Sets reference variables 'filename' to module's fully qualified + * path name into the sandbox, 'module_name' to module's name, and + * 'version' to module's version. The caller is responsible for + * free()ing 'filename', 'module_name', and 'version'; they will be + * set to NULL upon entering this function. Returns 0 on success, -1 + * if out of memory, or -2 if data did not represent a module. + */ +static int parse_module_headers(semanage_handle_t * sh, char *module_data, + size_t data_len, char **module_name, + char **version, char **filename) +{ + struct sepol_policy_file *pf; + int file_type; + const char *module_path; + *module_name = *version = *filename = NULL; + + if (sepol_policy_file_create(&pf)) { + ERR(sh, "Out of memory!"); + return -1; + } + sepol_policy_file_set_mem(pf, module_data, data_len); + sepol_policy_file_set_handle(pf, sh->sepolh); + if (module_data == NULL || + data_len == 0 || + sepol_module_package_info(pf, &file_type, module_name, + version) == -1) { + sepol_policy_file_free(pf); + ERR(sh, "Could not parse module data."); + return -2; + } + sepol_policy_file_free(pf); + if (file_type != SEPOL_POLICY_MOD) { + if (file_type == SEPOL_POLICY_BASE) + ERR(sh, + "Received a base module, expected a non-base module."); + else + ERR(sh, "Data did not represent a module."); + return -2; + } + if ((module_path = + semanage_path(SEMANAGE_TMP, SEMANAGE_MODULES)) == NULL) { + return -1; + } + if (asprintf(filename, "%s/%s.pp", module_path, *module_name) == -1) { + ERR(sh, "Out of memory!"); + return -1; + } + return 0; +} + +/* Takes a base module stored in 'module_data' and parse its headers. + * Returns 0 on success, -1 if out of memory, or -2 if data did not + * represent a module. + */ +static int parse_base_headers(semanage_handle_t * sh, + char *module_data, size_t data_len) +{ + struct sepol_policy_file *pf; + char *module_name = NULL, *version = NULL; + int file_type; + + if (sepol_policy_file_create(&pf)) { + ERR(sh, "Out of memory!"); + return -1; + } + sepol_policy_file_set_mem(pf, module_data, data_len); + sepol_policy_file_set_handle(pf, sh->sepolh); + if (module_data == NULL || + data_len == 0 || + sepol_module_package_info(pf, &file_type, + &module_name, &version) == -1) { + sepol_policy_file_free(pf); + ERR(sh, "Could not parse base module data."); + return -2; + } + sepol_policy_file_free(pf); + free(module_name); + free(version); + if (file_type != SEPOL_POLICY_BASE) { + if (file_type == SEPOL_POLICY_MOD) + ERR(sh, + "Received a non-base module, expected a base module."); + else + ERR(sh, "Data did not represent a module."); + return -2; + } + return 0; +} + +/* Writes a block of data to a file. Returns 0 on success, -1 on + * error. */ +static int write_file(semanage_handle_t * sh, + const char *filename, char *data, size_t num_bytes) +{ + int out; + if ((out = + open(filename, O_WRONLY | O_CREAT | O_TRUNC, + S_IRUSR | S_IWUSR)) == -1) { + ERR(sh, "Could not open %s for writing.", filename); + return -1; + } + if (write(out, data, num_bytes) == -1) { + ERR(sh, "Error while writing to %s.", filename); + close(out); + return -1; + } + close(out); + return 0; +} + +/* Writes a module (or a base) to the file given by a fully-qualified + * 'filename'. Returns 0 on success, -1 if file could not be written. + */ +static int semanage_write_module(semanage_handle_t * sh, + const char *filename, + sepol_module_package_t * package) +{ + struct sepol_policy_file *pf; + FILE *outfile; + int retval; + if (sepol_policy_file_create(&pf)) { + ERR(sh, "Out of memory!"); + return -1; + } + if ((outfile = fopen(filename, "wb")) == NULL) { + sepol_policy_file_free(pf); + ERR(sh, "Could not open %s for writing.", filename); + return -1; + } + __fsetlocking(outfile, FSETLOCKING_BYCALLER); + sepol_policy_file_set_fp(pf, outfile); + sepol_policy_file_set_handle(pf, sh->sepolh); + retval = sepol_module_package_write(package, pf); + fclose(outfile); + sepol_policy_file_free(pf); + if (retval == -1) { + ERR(sh, "Error while writing module to %s.", filename); + return -1; + } + return 0; +} + +/********************* direct API functions ********************/ + +/* Commits all changes in sandbox to the actual kernel policy. + * Returns commit number on success, -1 on error. + */ +static int semanage_direct_commit(semanage_handle_t * sh) +{ + char **mod_filenames = NULL; + char *sorted_fc_buffer = NULL, *sorted_nc_buffer = NULL; + size_t sorted_fc_buffer_len = 0, sorted_nc_buffer_len = 0; + const char *linked_filename = NULL, *ofilename = NULL; + sepol_module_package_t *base = NULL; + int retval = -1, num_modfiles = 0, i; + sepol_policydb_t *out = NULL; + + /* Declare some variables */ + int modified, fcontexts_modified, ports_modified, + seusers_modified, users_extra_modified; + dbase_config_t *users = semanage_user_dbase_local(sh); + dbase_config_t *users_base = semanage_user_base_dbase_local(sh); + dbase_config_t *pusers_base = semanage_user_base_dbase_policy(sh); + dbase_config_t *users_extra = semanage_user_extra_dbase_local(sh); + dbase_config_t *pusers_extra = semanage_user_extra_dbase_policy(sh); + dbase_config_t *ports = semanage_port_dbase_local(sh); + dbase_config_t *pports = semanage_port_dbase_policy(sh); + dbase_config_t *bools = semanage_bool_dbase_local(sh); + dbase_config_t *pbools = semanage_bool_dbase_policy(sh); + dbase_config_t *ifaces = semanage_iface_dbase_local(sh); + dbase_config_t *pifaces = semanage_iface_dbase_policy(sh); + dbase_config_t *nodes = semanage_node_dbase_local(sh); + dbase_config_t *pnodes = semanage_node_dbase_policy(sh); + dbase_config_t *fcontexts = semanage_fcontext_dbase_local(sh); + dbase_config_t *pfcontexts = semanage_fcontext_dbase_policy(sh); + dbase_config_t *seusers = semanage_seuser_dbase_local(sh); + dbase_config_t *pseusers = semanage_seuser_dbase_policy(sh); + + /* Before we do anything else, flush the join to its component parts. + * This *does not* flush to disk automatically */ + if (users->dtable->is_modified(users->dbase)) { + retval = users->dtable->flush(sh, users->dbase); + if (retval < 0) + goto cleanup; + } + + /* Decide if anything was modified */ + fcontexts_modified = fcontexts->dtable->is_modified(fcontexts->dbase); + seusers_modified = seusers->dtable->is_modified(seusers->dbase); + users_extra_modified = + users_extra->dtable->is_modified(users_extra->dbase); + ports_modified = ports->dtable->is_modified(ports->dbase); + + modified = sh->modules_modified; + modified |= ports_modified; + modified |= users->dtable->is_modified(users_base->dbase); + modified |= bools->dtable->is_modified(bools->dbase); + modified |= ifaces->dtable->is_modified(ifaces->dbase); + modified |= nodes->dtable->is_modified(nodes->dbase); + + /* FIXME: get rid of these, once we support loading the existing policy, + * instead of rebuilding it */ + modified |= seusers_modified; + modified |= fcontexts_modified; + modified |= users_extra_modified; + + /* If there were policy changes, or explicitly requested, rebuild the policy */ + if (sh->do_rebuild || modified) { + + /* =================== Module expansion =============== */ + + /* link all modules in the sandbox to the base module */ + retval = semanage_get_modules_names(sh, &mod_filenames, &num_modfiles); + if (retval < 0) + goto cleanup; + retval = semanage_verify_modules(sh, mod_filenames, num_modfiles); + if (retval < 0) + goto cleanup; + retval = semanage_link_sandbox(sh, &base); + if (retval < 0) + goto cleanup; + + /* write the linked base if we want to save or we have a + * verification program that wants it. */ + linked_filename = semanage_path(SEMANAGE_TMP, SEMANAGE_LINKED); + if (linked_filename == NULL) { + retval = -1; + goto cleanup; + } + if (sh->conf->save_linked || sh->conf->linked_prog) { + retval = semanage_write_module(sh, linked_filename, base); + if (retval < 0) + goto cleanup; + retval = semanage_verify_linked(sh); + if (retval < 0) + goto cleanup; + /* remove the linked policy if we only wrote it for the + * verification program. */ + if (!sh->conf->save_linked) { + retval = unlink(linked_filename); + if (retval < 0) { + ERR(sh, "could not remove linked base %s", + linked_filename); + goto cleanup; + } + } + } else { + /* Try to delete the linked copy - this is needed if + * the save_link option has changed to prevent the + * old linked copy from being copied forever. No error + * checking is done because this is likely to fail because + * the file does not exist - which is not an error. */ + unlink(linked_filename); + errno = 0; + } + + /* ==================== File-backed ================== */ + + /* File Contexts */ + /* Sort the file contexts. */ + retval = semanage_fc_sort(sh, sepol_module_package_get_file_contexts(base), + sepol_module_package_get_file_contexts_len(base), + &sorted_fc_buffer, &sorted_fc_buffer_len); + if (retval < 0) + goto cleanup; + + /* Write the contexts (including template contexts) to a single file. + * The buffer returned by the sort function has a trailing \0 character, + * which we do NOT want to write out to disk, so we pass sorted_fc_buffer_len-1. */ + ofilename = semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL); + if (ofilename == NULL) { + retval = -1; + goto cleanup; + } + retval = write_file(sh, ofilename, sorted_fc_buffer, + sorted_fc_buffer_len - 1); + if (retval < 0) + goto cleanup; + + /* Split complete and template file contexts into their separate files. */ + retval = semanage_split_fc(sh); + if (retval < 0) + goto cleanup; + + pfcontexts->dtable->drop_cache(pfcontexts->dbase); + + /* Seusers */ + if (sepol_module_package_get_seusers_len(base)) { + ofilename = semanage_path(SEMANAGE_TMP, SEMANAGE_SEUSERS); + if (ofilename == NULL) { + retval = -1; + goto cleanup; + } + retval = write_file(sh, ofilename, + sepol_module_package_get_seusers(base), + sepol_module_package_get_seusers_len(base)); + if (retval < 0) + goto cleanup; + + pseusers->dtable->drop_cache(pseusers->dbase); + + } else { + retval = pseusers->dtable->clear(sh, pseusers->dbase); + if (retval < 0) + goto cleanup; + } + + /* Users_extra */ + if (sepol_module_package_get_user_extra_len(base)) { + ofilename = semanage_path(SEMANAGE_TMP, SEMANAGE_USERS_EXTRA); + if (ofilename == NULL) { + retval = -1; + goto cleanup; + } + retval = write_file(sh, ofilename, + sepol_module_package_get_user_extra(base), + sepol_module_package_get_user_extra_len(base)); + if (retval < 0) + goto cleanup; + pusers_extra->dtable->drop_cache(pusers_extra->dbase); + + } else { + retval = pusers_extra->dtable->clear(sh, pusers_extra->dbase); + if (retval < 0) + goto cleanup; + } + + /* Netfilter Contexts */ + /* Sort the netfilter contexts. */ + retval = semanage_nc_sort + (sh, sepol_module_package_get_netfilter_contexts(base), + sepol_module_package_get_netfilter_contexts_len(base), + &sorted_nc_buffer, &sorted_nc_buffer_len); + + if (retval < 0) + goto cleanup; + + /* Write the contexts to a single file. The buffer returned by + * the sort function has a trailing \0 character, which we do + * NOT want to write out to disk, so we pass sorted_fc_buffer_len-1. */ + ofilename = semanage_path(SEMANAGE_TMP, SEMANAGE_NC); + retval = write_file + (sh, ofilename, sorted_nc_buffer, sorted_nc_buffer_len - 1); + + if (retval < 0) + goto cleanup; + + /* ==================== Policydb-backed ================ */ + + /* Create new policy object, then attach to policy databases + * that work with a policydb */ + retval = semanage_expand_sandbox(sh, base, &out); + if (retval < 0) + goto cleanup; + + sepol_module_package_free(base); + base = NULL; + + dbase_policydb_attach((dbase_policydb_t *) pusers_base->dbase, + out); + dbase_policydb_attach((dbase_policydb_t *) pports->dbase, out); + dbase_policydb_attach((dbase_policydb_t *) pifaces->dbase, out); + dbase_policydb_attach((dbase_policydb_t *) pbools->dbase, out); + dbase_policydb_attach((dbase_policydb_t *) pnodes->dbase, out); + + /* ============= Apply changes, and verify =============== */ + + retval = semanage_base_merge_components(sh); + if (retval < 0) + goto cleanup; + + retval = semanage_write_policydb(sh, out); + if (retval < 0) + goto cleanup; + + retval = semanage_verify_kernel(sh); + if (retval < 0) + goto cleanup; + } + + /* FIXME: else if !modified, but seusers_modified, + * load the existing policy instead of rebuilding */ + + /* ======= Post-process: Validate non-policydb components ===== */ + + /* Validate local modifications to file contexts. + * Note: those are still cached, even though they've been + * merged into the main file_contexts. We won't check the + * large file_contexts - checked at compile time */ + if (sh->do_rebuild || modified || fcontexts_modified) { + retval = semanage_fcontext_validate_local(sh, out); + if (retval < 0) + goto cleanup; + } + + /* Validate local seusers against policy */ + if (sh->do_rebuild || modified || seusers_modified) { + retval = semanage_seuser_validate_local(sh, out); + if (retval < 0) + goto cleanup; + } + + /* Validate local ports for overlap */ + if (sh->do_rebuild || ports_modified) { + retval = semanage_port_validate_local(sh); + if (retval < 0) + goto cleanup; + } + + /* ================== Write non-policydb components ========= */ + + /* Commit changes to components */ + retval = semanage_commit_components(sh); + if (retval < 0) + goto cleanup; + + /* run genhomedircon if its enabled, this should be the last operation + * which requires the out policydb */ + if (!sh->conf->disable_genhomedircon) { + if (out && (retval = + semanage_genhomedircon(sh, out, 1)) != 0) { + ERR(sh, "semanage_genhomedircon returned error code %d.", + retval); + goto cleanup; + } + } else { + WARN(sh, "WARNING: genhomedircon is disabled. \ + See /etc/selinux/semanage.conf if you need to enable it."); + } + + /* free out, if we don't free it before calling semanage_install_sandbox + * then fork() may fail on low memory machines */ + sepol_policydb_free(out); + out = NULL; + + if (sh->do_rebuild || modified) { + retval = semanage_install_sandbox(sh); + } + + cleanup: + for (i = 0; mod_filenames != NULL && i < num_modfiles; i++) { + free(mod_filenames[i]); + } + + /* Detach from policydb, so it can be freed */ + dbase_policydb_detach((dbase_policydb_t *) pusers_base->dbase); + dbase_policydb_detach((dbase_policydb_t *) pports->dbase); + dbase_policydb_detach((dbase_policydb_t *) pifaces->dbase); + dbase_policydb_detach((dbase_policydb_t *) pnodes->dbase); + dbase_policydb_detach((dbase_policydb_t *) pbools->dbase); + + free(mod_filenames); + sepol_policydb_free(out); + semanage_release_trans_lock(sh); + + free(sorted_fc_buffer); + free(sorted_nc_buffer); + + /* regardless if the commit was successful or not, remove the + sandbox if it is still there */ + semanage_remove_directory(semanage_path + (SEMANAGE_TMP, SEMANAGE_TOPLEVEL)); + return retval; +} + +/* Writes a module to the sandbox's module directory, overwriting any + * previous module stored within. Note that module data are not + * free()d by this function; caller is responsible for deallocating it + * if necessary. Returns 0 on success, -1 if out of memory, -2 if the + * data does not represent a valid module file, -3 if error while + * writing file. */ +static int semanage_direct_install(semanage_handle_t * sh, + char *data, size_t data_len) +{ + + int retval; + char *module_name = NULL, *version = NULL, *filename = NULL; + if ((retval = parse_module_headers(sh, data, data_len, + &module_name, &version, + &filename)) != 0) { + goto cleanup; + } + if (write_file(sh, filename, data, data_len) == -1) { + retval = -3; + } + retval = 0; + cleanup: + free(version); + free(filename); + free(module_name); + return retval; +} + +/* Similar to semanage_direct_install(), except that it checks that + * there already exists a module with the same name and that the + * module is an older version then the one in 'data'. Returns 0 on + * success, -1 if out of memory, -2 if the data does not represent a + * valid module file, -3 if error while writing file or reading + * modules directory, -4 if there does not exist an older module or if + * the previous module is same or newer than 'data'. + */ +static int semanage_direct_upgrade(semanage_handle_t * sh, + char *data, size_t data_len) +{ + int i, retval, num_modules = 0; + char *module_name = NULL, *version = NULL, *filename = NULL; + semanage_module_info_t *modinfo = NULL; + if ((retval = parse_module_headers(sh, data, data_len, + &module_name, &version, + &filename)) != 0) { + goto cleanup; + } + if (semanage_direct_list(sh, &modinfo, &num_modules) < 0) { + goto cleanup; + } + retval = -4; + for (i = 0; i < num_modules; i++) { + semanage_module_info_t *m = + semanage_module_list_nth(modinfo, i); + if (strcmp(semanage_module_get_name(m), module_name) == 0) { + if (strverscmp(version, semanage_module_get_version(m)) + > 0) { + retval = 0; + break; + } else { + ERR(sh, "Previous module %s is same or newer.", + module_name); + retval = -4; + goto cleanup; + } + } + } + if (retval == -4) { + ERR(sh, "There does not already exist a module named %s.", + module_name); + goto cleanup; + } + if (write_file(sh, filename, data, data_len) == -1) { + retval = -3; + } + cleanup: + free(version); + free(filename); + free(module_name); + for (i = 0; modinfo != NULL && i < num_modules; i++) { + semanage_module_info_t *m = + semanage_module_list_nth(modinfo, i); + semanage_module_info_datum_destroy(m); + } + free(modinfo); + return retval; +} + +/* Writes a base module into a sandbox, overwriting any previous base + * module. Note that 'module_data' is not free()d by this function; + * caller is responsible for deallocating it if necessary. Returns 0 + * on success, -1 if out of memory, -2 if the data does not represent + * a valid base module file, -3 if error while writing file. + */ +static int semanage_direct_install_base(semanage_handle_t * sh, + char *base_data, size_t data_len) +{ + int retval = -1; + const char *filename = NULL; + if ((retval = parse_base_headers(sh, base_data, data_len)) != 0) { + goto cleanup; + } + if ((filename = semanage_path(SEMANAGE_TMP, SEMANAGE_BASE)) == NULL) { + goto cleanup; + } + if (write_file(sh, filename, base_data, data_len) == -1) { + retval = -3; + } + retval = 0; + cleanup: + return retval; +} + +/* Removes a module from the sandbox. Returns 0 on success, -1 if out + * of memory, -2 if module not found or could not be removed. */ +static int semanage_direct_remove(semanage_handle_t * sh, char *module_name) +{ + int i, retval = -1; + char **module_filenames = NULL; + int num_mod_files; + size_t name_len = strlen(module_name); + if (semanage_get_modules_names(sh, &module_filenames, &num_mod_files) == + -1) { + return -1; + } + for (i = 0; i < num_mod_files; i++) { + char *base = strrchr(module_filenames[i], '/'); + if (base == NULL) { + ERR(sh, "Could not read module names."); + retval = -2; + goto cleanup; + } + base++; + if (memcmp(module_name, base, name_len) == 0 && + strcmp(base + name_len, ".pp") == 0) { + if (unlink(module_filenames[i]) == -1) { + ERR(sh, "Could not remove module file %s.", + module_filenames[i]); + retval = -2; + } + retval = 0; + goto cleanup; + } + } + ERR(sh, "Module %s was not found.", module_name); + retval = -2; /* module not found */ + cleanup: + for (i = 0; module_filenames != NULL && i < num_mod_files; i++) { + free(module_filenames[i]); + } + free(module_filenames); + return retval; +} + +/* Allocate an array of module_info structures for each readable + * module within the store. Note that if the calling program has + * already begun a transaction then this function will get a list of + * modules within the sandbox. The caller is responsible for calling + * semanage_module_info_datum_destroy() on each element of the array + * as well as free()ing the entire list. + */ +static int semanage_direct_list(semanage_handle_t * sh, + semanage_module_info_t ** modinfo, + int *num_modules) +{ + struct sepol_policy_file *pf = NULL; + int i, retval = -1; + char **module_filenames = NULL; + int num_mod_files; + *modinfo = NULL; + *num_modules = 0; + + /* get the read lock when reading from the active + (non-transaction) directory */ + if (!sh->is_in_transaction) + if (semanage_get_active_lock(sh) < 0) + return -1; + + if (semanage_get_modules_names(sh, &module_filenames, &num_mod_files) == + -1) { + goto cleanup; + } + if (num_mod_files == 0) { + retval = semanage_direct_get_serial(sh); + goto cleanup; + } + + if (sepol_policy_file_create(&pf)) { + ERR(sh, "Out of memory!"); + goto cleanup; + } + sepol_policy_file_set_handle(pf, sh->sepolh); + + if ((*modinfo = calloc(num_mod_files, sizeof(**modinfo))) == NULL) { + ERR(sh, "Out of memory!"); + goto cleanup; + } + + for (i = 0; i < num_mod_files; i++) { + FILE *fp; + char *name = NULL, *version = NULL; + int type; + if ((fp = fopen(module_filenames[i], "rb")) == NULL) { + /* could not open this module file, so don't + * report it */ + continue; + } + __fsetlocking(fp, FSETLOCKING_BYCALLER); + sepol_policy_file_set_fp(pf, fp); + if (sepol_module_package_info(pf, &type, &name, &version)) { + fclose(fp); + free(name); + free(version); + continue; + } + fclose(fp); + if (type == SEPOL_POLICY_MOD) { + (*modinfo)[*num_modules].name = name; + (*modinfo)[*num_modules].version = version; + (*num_modules)++; + } else { + /* file was not a module, so don't report it */ + free(name); + free(version); + } + } + retval = semanage_direct_get_serial(sh); + + cleanup: + sepol_policy_file_free(pf); + for (i = 0; module_filenames != NULL && i < num_mod_files; i++) { + free(module_filenames[i]); + } + free(module_filenames); + if (!sh->is_in_transaction) { + semanage_release_active_lock(sh); + } + return retval; +} + +int semanage_direct_access_check(semanage_handle_t * sh) +{ + char polpath[PATH_MAX]; + + snprintf(polpath, PATH_MAX, "%s%s", selinux_path(), + sh->conf->store_path); + + if (semanage_check_init(polpath)) + return -1; + + return semanage_store_access_check(sh); +} diff --git a/libsemanage/src/direct_api.h b/libsemanage/src/direct_api.h new file mode 100644 index 00000000..8f625f5c --- /dev/null +++ b/libsemanage/src/direct_api.h @@ -0,0 +1,40 @@ +/* Authors: Jason Tang <jtang@tresys.com> + * + * Copyright (C) 2004-2005 Tresys Technology, LLC + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#ifndef _SEMANAGE_DIRECT_API_H_ +#define _SEMANAGE_DIRECT_API_H_ + +/* Circular dependency */ +struct semanage_handle; + +/* Direct component of handle */ +struct semanage_direct_handle { + + /* Locking */ + int activelock_file_fd; + int translock_file_fd; +}; + +int semanage_direct_connect(struct semanage_handle *sh); + +int semanage_direct_is_managed(struct semanage_handle *sh); + +int semanage_direct_access_check(struct semanage_handle *sh); + +#endif diff --git a/libsemanage/src/dso.h b/libsemanage/src/dso.h new file mode 100644 index 00000000..5c69aaef --- /dev/null +++ b/libsemanage/src/dso.h @@ -0,0 +1,23 @@ +#ifndef _SEPOL_DSO_H +#define _SEPOL_DSO_H 1 + +#ifdef SHARED +# define hidden __attribute__ ((visibility ("hidden"))) +# define hidden_proto(fct) __hidden_proto (fct, fct##_internal) +# define __hidden_proto(fct, internal) \ + extern __typeof (fct) internal; \ + extern __typeof (fct) fct __asm (#internal) hidden; +# if defined(__alpha__) || defined(__mips__) +# define hidden_def(fct) \ + asm (".globl " #fct "\n" #fct " = " #fct "_internal"); +# else +# define hidden_def(fct) \ + asm (".globl " #fct "\n.set " #fct ", " #fct "_internal"); +#endif +#else +# define hidden +# define hidden_proto(fct) +# define hidden_def(fct) +#endif + +#endif diff --git a/libsemanage/src/fcontext_internal.h b/libsemanage/src/fcontext_internal.h new file mode 100644 index 00000000..4f45fa63 --- /dev/null +++ b/libsemanage/src/fcontext_internal.h @@ -0,0 +1,42 @@ +#ifndef _SEMANAGE_FCONTEXT_INTERNAL_H_ +#define _SEMANAGE_FCONTEXT_INTERNAL_H_ + +#include <semanage/fcontext_record.h> +#include <semanage/fcontexts_local.h> +#include <semanage/fcontexts_policy.h> +#include <sepol/policydb.h> +#include "database.h" +#include "handle.h" +#include "dso.h" + +hidden_proto(semanage_fcontext_key_create) + hidden_proto(semanage_fcontext_key_extract) + hidden_proto(semanage_fcontext_key_free) + hidden_proto(semanage_fcontext_compare) + hidden_proto(semanage_fcontext_compare2) + hidden_proto(semanage_fcontext_create) + hidden_proto(semanage_fcontext_get_expr) + hidden_proto(semanage_fcontext_set_expr) + hidden_proto(semanage_fcontext_get_type) + hidden_proto(semanage_fcontext_get_type_str) + hidden_proto(semanage_fcontext_set_type) + hidden_proto(semanage_fcontext_get_con) + hidden_proto(semanage_fcontext_set_con) + hidden_proto(semanage_fcontext_clone) + hidden_proto(semanage_fcontext_free) + hidden_proto(semanage_fcontext_iterate_local) + +/* FCONTEXT RECORD: metod table */ +extern record_table_t SEMANAGE_FCONTEXT_RTABLE; + +extern int fcontext_file_dbase_init(semanage_handle_t * handle, + const char *fname, + dbase_config_t * dconfig); + +extern void fcontext_file_dbase_release(dbase_config_t * dconfig); + +extern int hidden semanage_fcontext_validate_local(semanage_handle_t * handle, + const sepol_policydb_t * + policydb); + +#endif diff --git a/libsemanage/src/fcontext_record.c b/libsemanage/src/fcontext_record.c new file mode 100644 index 00000000..ec02a892 --- /dev/null +++ b/libsemanage/src/fcontext_record.c @@ -0,0 +1,311 @@ +struct semanage_fcontext; +struct semanage_fcontext_key; +typedef struct semanage_fcontext record_t; +typedef struct semanage_fcontext_key record_key_t; +#define DBASE_RECORD_DEFINED + +#include <stdlib.h> +#include <string.h> +#include "fcontext_internal.h" +#include "context_internal.h" +#include "debug.h" + +struct semanage_fcontext { + + /* Matching expression */ + char *expr; + + /* Type of object */ + int type; + + /* Context */ + semanage_context_t *con; +}; + +struct semanage_fcontext_key { + + /* Matching expression */ + const char *expr; + + /* Type of object */ + int type; +}; + +/* Key */ +int semanage_fcontext_key_create(semanage_handle_t * handle, + const char *expr, + int type, semanage_fcontext_key_t ** key_ptr) +{ + + semanage_fcontext_key_t *tmp_key = + (semanage_fcontext_key_t *) malloc(sizeof(semanage_fcontext_key_t)); + + if (!tmp_key) { + ERR(handle, "out of memory, could not " + "create file context key"); + return STATUS_ERR; + } + tmp_key->expr = expr; + tmp_key->type = type; + + *key_ptr = tmp_key; + return STATUS_SUCCESS; +} + +hidden_def(semanage_fcontext_key_create) + +int semanage_fcontext_key_extract(semanage_handle_t * handle, + const semanage_fcontext_t * fcontext, + semanage_fcontext_key_t ** key_ptr) +{ + + if (semanage_fcontext_key_create(handle, fcontext->expr, + fcontext->type, key_ptr) < 0) { + ERR(handle, "could not extract key from " + "file context %s (%s)", fcontext->expr, + semanage_fcontext_get_type_str(fcontext->type)); + return STATUS_ERR; + } + + return STATUS_SUCCESS; +} + +hidden_def(semanage_fcontext_key_extract) + +void semanage_fcontext_key_free(semanage_fcontext_key_t * key) +{ + free(key); +} + +hidden_def(semanage_fcontext_key_free) + +int semanage_fcontext_compare(const semanage_fcontext_t * fcontext, + const semanage_fcontext_key_t * key) +{ + + int rv = strcmp(fcontext->expr, key->expr); + if (rv != 0) + return rv; + else { + if (fcontext->type < key->type) + return -1; + + else if (key->type < fcontext->type) + return 1; + + else + return 0; + } +} + +hidden_def(semanage_fcontext_compare) + +int semanage_fcontext_compare2(const semanage_fcontext_t * fcontext, + const semanage_fcontext_t * fcontext2) +{ + + int rv = strcmp(fcontext->expr, fcontext2->expr); + if (rv != 0) + return rv; + else { + if (fcontext->type < fcontext2->type) + return -1; + + else if (fcontext2->type < fcontext->type) + return 1; + + else + return 0; + } +} + +hidden_def(semanage_fcontext_compare2) + +static int semanage_fcontext_compare2_qsort(const semanage_fcontext_t ** + fcontext, + const semanage_fcontext_t ** + fcontext2) +{ + + return semanage_fcontext_compare2(*fcontext, *fcontext2); +} + +/* Create */ +int semanage_fcontext_create(semanage_handle_t * handle, + semanage_fcontext_t ** fcontext) +{ + + semanage_fcontext_t *tmp_fcontext = + (semanage_fcontext_t *) malloc(sizeof(semanage_fcontext_t)); + + if (!tmp_fcontext) { + ERR(handle, "out of memory, could not create " + "file context record"); + return STATUS_ERR; + } + + tmp_fcontext->expr = NULL; + tmp_fcontext->type = SEMANAGE_FCONTEXT_ALL; + tmp_fcontext->con = NULL; + *fcontext = tmp_fcontext; + + return STATUS_SUCCESS; +} + +hidden_def(semanage_fcontext_create) + +/* Regexp */ +const char *semanage_fcontext_get_expr(const semanage_fcontext_t * fcontext) +{ + + return fcontext->expr; +} + +hidden_def(semanage_fcontext_get_expr) + +int semanage_fcontext_set_expr(semanage_handle_t * handle, + semanage_fcontext_t * fcontext, const char *expr) +{ + + char *tmp_expr = strdup(expr); + if (!tmp_expr) { + ERR(handle, "out of memory, " "could not set regexp string"); + return STATUS_ERR; + } + free(fcontext->expr); + fcontext->expr = tmp_expr; + return STATUS_SUCCESS; +} + +hidden_def(semanage_fcontext_set_expr) + +/* Type */ +int semanage_fcontext_get_type(const semanage_fcontext_t * fcontext) +{ + + return fcontext->type; +} + +hidden_def(semanage_fcontext_get_type) + +const char *semanage_fcontext_get_type_str(int type) +{ + + switch (type) { + case SEMANAGE_FCONTEXT_ALL: + return "all files"; + case SEMANAGE_FCONTEXT_REG: + return "regular file"; + case SEMANAGE_FCONTEXT_DIR: + return "directory"; + case SEMANAGE_FCONTEXT_CHAR: + return "character device"; + case SEMANAGE_FCONTEXT_BLOCK: + return "block device"; + case SEMANAGE_FCONTEXT_SOCK: + return "socket"; + case SEMANAGE_FCONTEXT_LINK: + return "symbolic link"; + case SEMANAGE_FCONTEXT_PIPE: + return "named pipe"; + default: + return "????"; + } +} + +hidden_def(semanage_fcontext_get_type_str) + +void semanage_fcontext_set_type(semanage_fcontext_t * fcontext, int type) +{ + + fcontext->type = type; +} + +hidden_def(semanage_fcontext_set_type) + +/* Context */ +semanage_context_t *semanage_fcontext_get_con(const semanage_fcontext_t * + fcontext) +{ + + return fcontext->con; +} + +hidden_def(semanage_fcontext_get_con) + +int semanage_fcontext_set_con(semanage_handle_t * handle, + semanage_fcontext_t * fcontext, + semanage_context_t * con) +{ + + semanage_context_t *newcon; + + if (semanage_context_clone(handle, con, &newcon) < 0) { + ERR(handle, "out of memory, could not set file context"); + return STATUS_ERR; + } + + semanage_context_free(fcontext->con); + fcontext->con = newcon; + return STATUS_SUCCESS; +} + +hidden_def(semanage_fcontext_set_con) + +/* Deep copy clone */ +int semanage_fcontext_clone(semanage_handle_t * handle, + const semanage_fcontext_t * fcontext, + semanage_fcontext_t ** fcontext_ptr) +{ + + semanage_fcontext_t *new_fcontext = NULL; + if (semanage_fcontext_create(handle, &new_fcontext) < 0) + goto err; + + if (semanage_fcontext_set_expr(handle, new_fcontext, fcontext->expr) < + 0) + goto err; + + new_fcontext->type = fcontext->type; + + if (fcontext->con && + (semanage_context_clone(handle, fcontext->con, &new_fcontext->con) < + 0)) + goto err; + + *fcontext_ptr = new_fcontext; + return STATUS_SUCCESS; + + err: + ERR(handle, "could not clone file context record"); + semanage_fcontext_free(new_fcontext); + return STATUS_ERR; +} + +hidden_def(semanage_fcontext_clone) + +/* Destroy */ +void semanage_fcontext_free(semanage_fcontext_t * fcontext) +{ + + if (!fcontext) + return; + + free(fcontext->expr); + semanage_context_free(fcontext->con); + free(fcontext); +} + +hidden_def(semanage_fcontext_free) + +/* Record base functions */ +record_table_t SEMANAGE_FCONTEXT_RTABLE = { + .create = semanage_fcontext_create, + .key_extract = semanage_fcontext_key_extract, + .key_free = semanage_fcontext_key_free, + .clone = semanage_fcontext_clone, + .compare = semanage_fcontext_compare, + .compare2 = semanage_fcontext_compare2, + .compare2_qsort = semanage_fcontext_compare2_qsort, + .free = semanage_fcontext_free, +}; diff --git a/libsemanage/src/fcontexts_file.c b/libsemanage/src/fcontexts_file.c new file mode 100644 index 00000000..b1a2f82f --- /dev/null +++ b/libsemanage/src/fcontexts_file.c @@ -0,0 +1,186 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_fcontext; +struct semanage_fcontext_key; +typedef struct semanage_fcontext record_t; +typedef struct semanage_fcontext_key record_key_t; +#define DBASE_RECORD_DEFINED + +struct dbase_file; +typedef struct dbase_file dbase_t; +#define DBASE_DEFINED + +#include <stdlib.h> +#include <stdio.h> +#include <strings.h> +#include <semanage/handle.h> +#include "fcontext_internal.h" +#include "context_internal.h" +#include "database_file.h" +#include "parse_utils.h" +#include "debug.h" + +static const char *type_str(int type) +{ + switch (type) { + default: + case SEMANAGE_FCONTEXT_ALL: + return " "; + case SEMANAGE_FCONTEXT_REG: + return "--"; + case SEMANAGE_FCONTEXT_DIR: + return "-d"; + case SEMANAGE_FCONTEXT_CHAR: + return "-c"; + case SEMANAGE_FCONTEXT_BLOCK: + return "-b"; + case SEMANAGE_FCONTEXT_SOCK: + return "-s"; + case SEMANAGE_FCONTEXT_LINK: + return "-l"; + case SEMANAGE_FCONTEXT_PIPE: + return "-p"; + } +} + +static int fcontext_print(semanage_handle_t * handle, + semanage_fcontext_t * fcontext, FILE * str) +{ + + char *con_str = NULL; + + const char *expr = semanage_fcontext_get_expr(fcontext); + int type = semanage_fcontext_get_type(fcontext); + const char *print_str = type_str(type); + const char *tstr = semanage_fcontext_get_type_str(type); + semanage_context_t *con = semanage_fcontext_get_con(fcontext); + + if (fprintf(str, "%s %s ", expr, print_str) < 0) + goto err; + + if (con != NULL) { + if (semanage_context_to_string(handle, con, &con_str) < 0) + goto err; + if (fprintf(str, "%s\n", con_str) < 0) + goto err; + free(con_str); + con_str = NULL; + } else { + if (fprintf(str, "<<none>>\n") < 0) + goto err; + } + return STATUS_SUCCESS; + + err: + ERR(handle, "could not print file context for " + "%s (%s) to stream", expr, tstr); + free(con_str); + return STATUS_ERR; +} + +static int fcontext_parse(semanage_handle_t * handle, + parse_info_t * info, semanage_fcontext_t * fcontext) +{ + + char *str = NULL; + semanage_context_t *con = NULL; + + if (parse_skip_space(handle, info) < 0) + goto err; + if (!info->ptr) + goto last; + + /* Regexp */ + if (parse_fetch_string(handle, info, &str, ' ') < 0) + goto err; + if (semanage_fcontext_set_expr(handle, fcontext, str) < 0) + goto err; + free(str); + str = NULL; + + /* Type */ + if (parse_assert_space(handle, info) < 0) + goto err; + if (parse_fetch_string(handle, info, &str, ' ') < 0) + goto err; + if (!strcasecmp(str, "-s")) + semanage_fcontext_set_type(fcontext, SEMANAGE_FCONTEXT_SOCK); + else if (!strcasecmp(str, "-p")) + semanage_fcontext_set_type(fcontext, SEMANAGE_FCONTEXT_PIPE); + else if (!strcasecmp(str, "-b")) + semanage_fcontext_set_type(fcontext, SEMANAGE_FCONTEXT_BLOCK); + else if (!strcasecmp(str, "-l")) + semanage_fcontext_set_type(fcontext, SEMANAGE_FCONTEXT_LINK); + else if (!strcasecmp(str, "-c")) + semanage_fcontext_set_type(fcontext, SEMANAGE_FCONTEXT_CHAR); + else if (!strcasecmp(str, "-d")) + semanage_fcontext_set_type(fcontext, SEMANAGE_FCONTEXT_DIR); + else if (!strcasecmp(str, "--")) + semanage_fcontext_set_type(fcontext, SEMANAGE_FCONTEXT_REG); + else + goto process_context; + free(str); + str = NULL; + + /* Context */ + if (parse_assert_space(handle, info) < 0) + goto err; + if (parse_fetch_string(handle, info, &str, ' ') < 0) + goto err; + + process_context: + if (semanage_context_from_string(handle, str, &con) < 0) { + ERR(handle, "invalid security context \"%s\" (%s: %u)\n%s", + str, info->filename, info->lineno, info->orig_line); + goto err; + } + free(str); + str = NULL; + + if (con && semanage_fcontext_set_con(handle, fcontext, con) < 0) + goto err; + + if (parse_assert_space(handle, info) < 0) + goto err; + + semanage_context_free(con); + return STATUS_SUCCESS; + + last: + parse_dispose_line(info); + return STATUS_NODATA; + + err: + ERR(handle, "could not parse file context record"); + free(str); + semanage_context_free(con); + parse_dispose_line(info); + return STATUS_ERR; +} + +/* FCONTEXT RECORD: FILE extension: method table */ +record_file_table_t SEMANAGE_FCONTEXT_FILE_RTABLE = { + .parse = fcontext_parse, + .print = fcontext_print, +}; + +int fcontext_file_dbase_init(semanage_handle_t * handle, + const char *fname, dbase_config_t * dconfig) +{ + + if (dbase_file_init(handle, + fname, + &SEMANAGE_FCONTEXT_RTABLE, + &SEMANAGE_FCONTEXT_FILE_RTABLE, + &dconfig->dbase) < 0) + return STATUS_ERR; + + dconfig->dtable = &SEMANAGE_FILE_DTABLE; + return STATUS_SUCCESS; +} + +void fcontext_file_dbase_release(dbase_config_t * dconfig) +{ + + dbase_file_release(dconfig->dbase); +} diff --git a/libsemanage/src/fcontexts_local.c b/libsemanage/src/fcontexts_local.c new file mode 100644 index 00000000..b0da236b --- /dev/null +++ b/libsemanage/src/fcontexts_local.c @@ -0,0 +1,129 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_fcontext; +struct semanage_fcontext_key; +typedef struct semanage_fcontext_key record_key_t; +typedef struct semanage_fcontext record_t; +#define DBASE_RECORD_DEFINED + +#include <stdlib.h> +#include <sepol/policydb.h> +#include <sepol/context.h> +#include "fcontext_internal.h" +#include "context_internal.h" +#include "debug.h" +#include "handle.h" +#include "database.h" + +int semanage_fcontext_modify_local(semanage_handle_t * handle, + const semanage_fcontext_key_t * key, + const semanage_fcontext_t * data) +{ + + dbase_config_t *dconfig = semanage_fcontext_dbase_local(handle); + return dbase_modify(handle, dconfig, key, data); +} + +int semanage_fcontext_del_local(semanage_handle_t * handle, + const semanage_fcontext_key_t * key) +{ + + dbase_config_t *dconfig = semanage_fcontext_dbase_local(handle); + return dbase_del(handle, dconfig, key); +} + +int semanage_fcontext_query_local(semanage_handle_t * handle, + const semanage_fcontext_key_t * key, + semanage_fcontext_t ** response) +{ + + dbase_config_t *dconfig = semanage_fcontext_dbase_local(handle); + return dbase_query(handle, dconfig, key, response); +} + +int semanage_fcontext_exists_local(semanage_handle_t * handle, + const semanage_fcontext_key_t * key, + int *response) +{ + + dbase_config_t *dconfig = semanage_fcontext_dbase_local(handle); + return dbase_exists(handle, dconfig, key, response); +} + +int semanage_fcontext_count_local(semanage_handle_t * handle, + unsigned int *response) +{ + + dbase_config_t *dconfig = semanage_fcontext_dbase_local(handle); + return dbase_count(handle, dconfig, response); +} + +int semanage_fcontext_iterate_local(semanage_handle_t * handle, + int (*handler) (const semanage_fcontext_t * + record, void *varg), + void *handler_arg) +{ + + dbase_config_t *dconfig = semanage_fcontext_dbase_local(handle); + return dbase_iterate(handle, dconfig, handler, handler_arg); +} + +hidden_def(semanage_fcontext_iterate_local) + +int semanage_fcontext_list_local(semanage_handle_t * handle, + semanage_fcontext_t *** records, + unsigned int *count) +{ + + dbase_config_t *dconfig = semanage_fcontext_dbase_local(handle); + return dbase_list(handle, dconfig, records, count); +} + +struct validate_handler_arg { + semanage_handle_t *handle; + const sepol_policydb_t *policydb; +}; + +static int validate_handler(const semanage_fcontext_t * fcon, void *varg) +{ + + char *str; + + /* Unpack varg */ + struct validate_handler_arg *arg = (struct validate_handler_arg *)varg; + semanage_handle_t *handle = arg->handle; + const sepol_policydb_t *policydb = arg->policydb; + + /* Unpack fcontext */ + const char *expr = semanage_fcontext_get_expr(fcon); + int type = semanage_fcontext_get_type(fcon); + const char *type_str = semanage_fcontext_get_type_str(type); + semanage_context_t *con = semanage_fcontext_get_con(fcon); + + if (con + && sepol_context_check(handle->sepolh, policydb, + (sepol_context_t *) con) < 0) + goto invalid; + + return 0; + + invalid: + if (semanage_context_to_string(handle, con, &str) >= 0) { + ERR(handle, "invalid context %s specified for %s [%s]", + str, expr, type_str); + free(str); + } else + ERR(handle, "invalid context specified for %s [%s]", + expr, type_str); + return -1; +} + +int hidden semanage_fcontext_validate_local(semanage_handle_t * handle, + const sepol_policydb_t * policydb) +{ + + struct validate_handler_arg arg; + arg.handle = handle; + arg.policydb = policydb; + return semanage_fcontext_iterate_local(handle, validate_handler, &arg); +} diff --git a/libsemanage/src/fcontexts_policy.c b/libsemanage/src/fcontexts_policy.c new file mode 100644 index 00000000..0b063b18 --- /dev/null +++ b/libsemanage/src/fcontexts_policy.c @@ -0,0 +1,53 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_fcontext; +struct semanage_fcontext_key; +typedef struct semanage_fcontext_key record_key_t; +typedef struct semanage_fcontext record_t; +#define DBASE_RECORD_DEFINED + +#include "fcontext_internal.h" +#include "handle.h" +#include "database.h" + +int semanage_fcontext_query(semanage_handle_t * handle, + const semanage_fcontext_key_t * key, + semanage_fcontext_t ** response) +{ + + dbase_config_t *dconfig = semanage_fcontext_dbase_policy(handle); + return dbase_query(handle, dconfig, key, response); +} + +int semanage_fcontext_exists(semanage_handle_t * handle, + const semanage_fcontext_key_t * key, int *response) +{ + + dbase_config_t *dconfig = semanage_fcontext_dbase_policy(handle); + return dbase_exists(handle, dconfig, key, response); +} + +int semanage_fcontext_count(semanage_handle_t * handle, unsigned int *response) +{ + + dbase_config_t *dconfig = semanage_fcontext_dbase_policy(handle); + return dbase_count(handle, dconfig, response); +} + +int semanage_fcontext_iterate(semanage_handle_t * handle, + int (*handler) (const semanage_fcontext_t * + record, void *varg), + void *handler_arg) +{ + + dbase_config_t *dconfig = semanage_fcontext_dbase_policy(handle); + return dbase_iterate(handle, dconfig, handler, handler_arg); +} + +int semanage_fcontext_list(semanage_handle_t * handle, + semanage_fcontext_t *** records, unsigned int *count) +{ + + dbase_config_t *dconfig = semanage_fcontext_dbase_policy(handle); + return dbase_list(handle, dconfig, records, count); +} diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c new file mode 100644 index 00000000..2823d09d --- /dev/null +++ b/libsemanage/src/genhomedircon.c @@ -0,0 +1,983 @@ +/* Author: Mark Goldman <mgoldman@tresys.com> + * Paul Rosenfeld <prosenfeld@tresys.com> + * Todd C. Miller <tmiller@tresys.com> + * + * Copyright (C) 2007 Tresys Technology, LLC + * + * This library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of the + * License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA + */ + +#include <semanage/handle.h> +#include <semanage/seusers_policy.h> +#include <semanage/users_policy.h> +#include <semanage/user_record.h> +#include <semanage/fcontext_record.h> +#include <semanage/fcontexts_policy.h> +#include <sepol/context.h> +#include <sepol/context_record.h> +#include "semanage_store.h" +#include "seuser_internal.h" +#include "debug.h" + +#include "utilities.h" +#include "genhomedircon.h" +#include <ustr.h> + +#include <assert.h> +#include <limits.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <fcntl.h> +#include <pwd.h> +#include <errno.h> +#include <unistd.h> +#include <regex.h> + +/* paths used in get_home_dirs() */ +#define PATH_ETC_USERADD "/etc/default/useradd" +#define PATH_ETC_LIBUSER "/etc/libuser.conf" +#define PATH_DEFAULT_HOME "/home" +#define PATH_EXPORT_HOME "/export/home" +#define PATH_ETC_LOGIN_DEFS "/etc/login.defs" + +/* other paths */ +#define PATH_SHELLS_FILE "/etc/shells" +#define PATH_NOLOGIN_SHELL "/sbin/nologin" + +/* comments written to context file */ +#define COMMENT_FILE_CONTEXT_HEADER "#\n#\n# " \ + "User-specific file contexts, generated via libsemanage\n" \ + "# use semanage command to manage system users to change" \ + " the file_context\n#\n#\n" + +#define COMMENT_USER_HOME_CONTEXT "\n\n#\n# Home Context for user %s" \ + "\n#\n\n" + +/* placeholders used in the template file + which are searched for and replaced */ +#define TEMPLATE_HOME_ROOT "HOME_ROOT" +#define TEMPLATE_HOME_DIR "HOME_DIR" +#define TEMPLATE_USER "USER" +#define TEMPLATE_ROLE "ROLE" +#define TEMPLATE_SEUSER "system_u" + +#define FALLBACK_USER "user_u" +#define FALLBACK_USER_PREFIX "user" +#define DEFAULT_LOGIN "__default__" + +typedef struct { + const char *fcfilepath; + int usepasswd; + const char *homedir_template_path; + char *fallback_user; + char *fallback_user_prefix; + semanage_handle_t *h_semanage; + sepol_policydb_t *policydb; +} genhomedircon_settings_t; + +typedef struct user_entry { + char *name; + char *sename; + char *prefix; + char *home; + struct user_entry *next; +} genhomedircon_user_entry_t; + +typedef struct { + const char *search_for; + const char *replace_with; +} replacement_pair_t; + +typedef struct { + const char *dir; + int matched; +} fc_match_handle_t; + +static semanage_list_t *default_shell_list(void) +{ + semanage_list_t *list = NULL; + + if (semanage_list_push(&list, "/bin/csh") + || semanage_list_push(&list, "/bin/tcsh") + || semanage_list_push(&list, "/bin/ksh") + || semanage_list_push(&list, "/bin/bsh") + || semanage_list_push(&list, "/bin/ash") + || semanage_list_push(&list, "/usr/bin/ksh") + || semanage_list_push(&list, "/usr/bin/pdksh") + || semanage_list_push(&list, "/bin/zsh") + || semanage_list_push(&list, "/bin/sh") + || semanage_list_push(&list, "/bin/bash")) + goto fail; + + return list; + + fail: + semanage_list_destroy(&list); + return NULL; +} + +static semanage_list_t *get_shell_list(void) +{ + FILE *shells; + char *temp = NULL; + semanage_list_t *list = NULL; + size_t buff_len = 0; + ssize_t len; + + shells = fopen(PATH_SHELLS_FILE, "r"); + if (!shells) + return default_shell_list(); + while ((len = getline(&temp, &buff_len, shells)) > 0) { + if (temp[len-1] == '\n') temp[len-1] = 0; + if (strcmp(temp, PATH_NOLOGIN_SHELL)) { + if (semanage_list_push(&list, temp)) { + free(temp); + semanage_list_destroy(&list); + return default_shell_list(); + } + } + } + free(temp); + + return list; +} + +/* Helper function called via semanage_fcontext_iterate() */ +static int fcontext_matches(const semanage_fcontext_t *fcontext, void *varg) +{ + const char *oexpr = semanage_fcontext_get_expr(fcontext); + fc_match_handle_t *handp = varg; + struct Ustr *expr; + regex_t re; + int type, retval = -1; + + /* Only match ALL or DIR */ + type = semanage_fcontext_get_type(fcontext); + if (type != SEMANAGE_FCONTEXT_ALL && type != SEMANAGE_FCONTEXT_ALL) + return 0; + + /* Convert oexpr into a Ustr and anchor it at the beginning */ + expr = ustr_dup_cstr("^"); + if (expr == USTR_NULL) + goto done; + if (!ustr_add_cstr(&expr, oexpr)) + goto done; + + /* Strip off trailing ".+" or ".*" */ + if (ustr_cmp_suffix_cstr_eq(expr, ".+") || + ustr_cmp_suffix_cstr_eq(expr, ".*")) { + if (!ustr_del(&expr, 2)) + goto done; + } + + /* Strip off trailing "(/.*)?" */ + if (ustr_cmp_suffix_cstr_eq(expr, "(/.*)?")) { + if (!ustr_del(&expr, 6)) + goto done; + } + + if (ustr_cmp_suffix_cstr_eq(expr, "/")) { + if (!ustr_del(&expr, 1)) + goto done; + } + + /* Append pattern to eat up trailing slashes */ + if (!ustr_add_cstr(&expr, "/*$")) + goto done; + + /* Check dir against expr */ + if (regcomp(&re, ustr_cstr(expr), REG_EXTENDED) != 0) + goto done; + if (regexec(&re, handp->dir, 0, NULL, 0) == 0) + handp->matched = 1; + regfree(&re); + + retval = 0; + +done: + ustr_free(expr); + + return retval; +} + +static semanage_list_t *get_home_dirs(genhomedircon_settings_t * s) +{ + semanage_list_t *homedir_list = NULL; + semanage_list_t *shells = NULL; + fc_match_handle_t hand; + char *rbuf = NULL; + char *path = NULL; + long rbuflen; + uid_t temp, minuid = 0; + int minuid_set = 0; + struct passwd pwstorage, *pwbuf; + struct stat buf; + int retval; + + shells = get_shell_list(); + assert(shells); + + path = semanage_findval(PATH_ETC_USERADD, "HOME", "="); + if (path && *path) { + if (semanage_list_push(&homedir_list, path)) + goto fail; + } + free(path); + + path = semanage_findval(PATH_ETC_LIBUSER, "LU_HOMEDIRECTORY", "="); + if (path && *path) { + if (semanage_list_push(&homedir_list, path)) + goto fail; + } + free(path); + path = NULL; + + if (!homedir_list) { + if (semanage_list_push(&homedir_list, PATH_DEFAULT_HOME)) { + goto fail; + } + } + + if (!stat(PATH_EXPORT_HOME, &buf)) { + if (S_ISDIR(buf.st_mode)) { + if (semanage_list_push(&homedir_list, PATH_EXPORT_HOME)) { + goto fail; + } + } + } + + if (!(s->usepasswd)) + return homedir_list; + + path = semanage_findval(PATH_ETC_LOGIN_DEFS, "UID_MIN", NULL); + if (path && *path) { + temp = atoi(path); + if (!minuid_set || temp < minuid) { + minuid = temp; + minuid_set = 1; + } + } + free(path); + path = NULL; + + path = semanage_findval(PATH_ETC_LIBUSER, "LU_UIDNUMBER", "="); + if (path && *path) { + temp = atoi(path); + if (!minuid_set || temp < minuid) { + minuid = temp; + minuid_set = 1; + } + } + free(path); + path = NULL; + + if (!minuid_set) { + minuid = 500; + minuid_set = 1; + } + + rbuflen = sysconf(_SC_GETPW_R_SIZE_MAX); + if (rbuflen <= 0) + goto fail; + rbuf = malloc(rbuflen); + if (rbuf == NULL) + goto fail; + setpwent(); + while ((retval = getpwent_r(&pwstorage, rbuf, rbuflen, &pwbuf)) == 0) { + if (pwbuf->pw_uid < minuid) + continue; + if (!semanage_list_find(shells, pwbuf->pw_shell)) + continue; + if (strcmp(pwbuf->pw_dir, "/") == 0) + continue; + if (semanage_str_count(pwbuf->pw_dir, '/') <= 1) + continue; + if (!(path = strdup(pwbuf->pw_dir))) { + break; + } + + semanage_rtrim(path, '/'); + + if (!semanage_list_find(homedir_list, path)) { + /* + * Now check for an existing file context that matches + * so we don't label a non-homedir as a homedir. + */ + hand.dir = path; + hand.matched = 0; + if (semanage_fcontext_iterate(s->h_semanage, + fcontext_matches, &hand) == STATUS_ERR) + goto fail; + + /* NOTE: old genhomedircon printed a warning on match */ + if (hand.matched) { + WARN(s->h_semanage, "%s homedir %s or its parent directory conflicts with a file context already specified in the policy. This usually indicates an incorrectly defined system account. If it is a system account please make sure its uid is less than %u or its login shell is /sbin/nologin.", pwbuf->pw_name, pwbuf->pw_dir, minuid); + } else { + if (semanage_list_push(&homedir_list, path)) + goto fail; + } + } + free(path); + path = NULL; + } + + if (retval && retval != ENOENT) { + WARN(s->h_semanage, "Error while fetching users. " + "Returning list so far."); + } + endpwent(); + free(rbuf); + semanage_list_destroy(&shells); + if (semanage_list_sort(&homedir_list)) + goto fail; + + return homedir_list; + + fail: + endpwent(); + free(rbuf); + free(path); + semanage_list_destroy(&homedir_list); + semanage_list_destroy(&shells); + return NULL; +} + +/** + * @param s settings structure, stores various paths etc. Must never be NULL + * @param out the FILE to put all the output in. + * @return 0 on success + */ +static int write_file_context_header(genhomedircon_settings_t * s, FILE * out) +{ + if (fprintf(out, COMMENT_FILE_CONTEXT_HEADER) < 0) { + return STATUS_ERR; + } + + return STATUS_SUCCESS; +} + +/* Predicates for use with semanage_slurp_file_filter() the homedir_template + * file currently contains lines that serve as the template for a user's + * homedir. + * + * It also contains lines that are the template for the parent of a + * user's home directory. + * + * Currently, the only lines that apply to the the root of a user's home + * directory are all prefixed with the string "HOME_ROOT". All other + * lines apply to a user's home directory. If this changes the + * following predicates need to change to reflect that. + */ +static int HOME_ROOT_PRED(const char *string) +{ + return semanage_is_prefix(string, TEMPLATE_HOME_ROOT); +} + +static int HOME_DIR_PRED(const char *string) +{ + return semanage_is_prefix(string, TEMPLATE_HOME_DIR); +} + +static int USER_CONTEXT_PRED(const char *string) +{ + return (int)(strstr(string, TEMPLATE_USER) != NULL); +} + +/* make_tempate + * @param s the settings holding the paths to various files + * @param pred function pointer to function to use as filter for slurp + * file filter + * @return a list of lines from the template file with inappropriate + * lines filtered out. + */ +static semanage_list_t *make_template(genhomedircon_settings_t * s, + int (*pred) (const char *)) +{ + FILE *template_file = NULL; + semanage_list_t *template_data = NULL; + + template_file = fopen(s->homedir_template_path, "r"); + if (!template_file) + return NULL; + template_data = semanage_slurp_file_filter(template_file, pred); + fclose(template_file); + + return template_data; +} + +static Ustr *replace_all(const char *str, const replacement_pair_t * repl) +{ + Ustr *retval = USTR_NULL; + int i; + + if (!str || !repl) + goto done; + if (!(retval = ustr_dup_cstr(str))) + goto done; + + for (i = 0; repl[i].search_for; i++) { + ustr_replace_cstr(&retval, repl[i].search_for, + repl[i].replace_with, 0); + } + if (ustr_enomem(retval)) + ustr_sc_free(&retval); + + done: + return retval; +} + +static const char * extract_context(Ustr *line) +{ + const char whitespace[] = " \t\n"; + size_t off, len; + + /* check for trailing whitespace */ + off = ustr_spn_chrs_rev(line, 0, whitespace, strlen(whitespace)); + + /* find the length of the last field in line */ + len = ustr_cspn_chrs_rev(line, off, whitespace, strlen(whitespace)); + + if (len == 0) + return NULL; + return ustr_cstr(line) + ustr_len(line) - (len + off); +} + +static int check_line(genhomedircon_settings_t * s, Ustr *line) +{ + sepol_context_t *ctx_record = NULL; + const char *ctx_str; + int result; + + ctx_str = extract_context(line); + if (!ctx_str) + return STATUS_ERR; + + result = sepol_context_from_string(s->h_semanage->sepolh, + ctx_str, &ctx_record); + if (result == STATUS_SUCCESS && ctx_record != NULL) { + sepol_msg_set_callback(s->h_semanage->sepolh, NULL, NULL); + result = sepol_context_check(s->h_semanage->sepolh, + s->policydb, ctx_record); + sepol_msg_set_callback(s->h_semanage->sepolh, + semanage_msg_relay_handler, s->h_semanage); + sepol_context_free(ctx_record); + } + return result; +} + +static int write_home_dir_context(genhomedircon_settings_t * s, FILE * out, + semanage_list_t * tpl, const char *user, + const char *seuser, const char *home, + const char *role_prefix) +{ + replacement_pair_t repl[] = { + {.search_for = TEMPLATE_SEUSER,.replace_with = seuser}, + {.search_for = TEMPLATE_HOME_DIR,.replace_with = home}, + {.search_for = TEMPLATE_ROLE,.replace_with = role_prefix}, + {NULL, NULL} + }; + Ustr *line = USTR_NULL; + + if (fprintf(out, COMMENT_USER_HOME_CONTEXT, user) < 0) + return STATUS_ERR; + + for (; tpl; tpl = tpl->next) { + line = replace_all(tpl->data, repl); + if (!line) + goto fail; + if (check_line(s, line) == STATUS_SUCCESS) { + if (!ustr_io_putfileline(&line, out)) + goto fail; + } + ustr_sc_free(&line); + } + return STATUS_SUCCESS; + + fail: + ustr_sc_free(&line); + return STATUS_ERR; +} + +static int write_home_root_context(genhomedircon_settings_t * s, FILE * out, + semanage_list_t * tpl, char *homedir) +{ + replacement_pair_t repl[] = { + {.search_for = TEMPLATE_HOME_ROOT,.replace_with = homedir}, + {NULL, NULL} + }; + Ustr *line = USTR_NULL; + + for (; tpl; tpl = tpl->next) { + line = replace_all(tpl->data, repl); + if (!line) + goto fail; + if (check_line(s, line) == STATUS_SUCCESS) { + if (!ustr_io_putfileline(&line, out)) + goto fail; + } + ustr_sc_free(&line); + } + return STATUS_SUCCESS; + + fail: + ustr_sc_free(&line); + return STATUS_ERR; +} + +static int write_user_context(genhomedircon_settings_t * s, FILE * out, + semanage_list_t * tpl, const char *user, + const char *seuser, const char *role_prefix) +{ + replacement_pair_t repl[] = { + {.search_for = TEMPLATE_USER,.replace_with = user}, + {.search_for = TEMPLATE_ROLE,.replace_with = role_prefix}, + {.search_for = TEMPLATE_SEUSER,.replace_with = seuser}, + {NULL, NULL} + }; + Ustr *line = USTR_NULL; + + for (; tpl; tpl = tpl->next) { + line = replace_all(tpl->data, repl); + if (!line) + goto fail; + if (check_line(s, line) == STATUS_SUCCESS) { + if (!ustr_io_putfileline(&line, out)) + goto fail; + } + ustr_sc_free(&line); + } + return STATUS_SUCCESS; + + fail: + ustr_sc_free(&line); + return STATUS_ERR; +} + +static int user_sort_func(semanage_user_t ** arg1, semanage_user_t ** arg2) +{ + return strcmp(semanage_user_get_name(*arg1), + semanage_user_get_name(*arg2)); +} + +static int name_user_cmp(char *key, semanage_user_t ** val) +{ + return strcmp(key, semanage_user_get_name(*val)); +} + +static int push_user_entry(genhomedircon_user_entry_t ** list, const char *n, + const char *sen, const char *pre, const char *h) +{ + genhomedircon_user_entry_t *temp = NULL; + char *name = NULL; + char *sename = NULL; + char *prefix = NULL; + char *home = NULL; + + temp = malloc(sizeof(genhomedircon_user_entry_t)); + if (!temp) + goto cleanup; + name = strdup(n); + if (!name) + goto cleanup; + sename = strdup(sen); + if (!sename) + goto cleanup; + prefix = strdup(pre); + if (!prefix) + goto cleanup; + home = strdup(h); + if (!home) + goto cleanup; + + temp->name = name; + temp->sename = sename; + temp->prefix = prefix; + temp->home = home; + temp->next = (*list); + (*list) = temp; + + return STATUS_SUCCESS; + + cleanup: + free(name); + free(sename); + free(prefix); + free(home); + free(temp); + return STATUS_ERR; +} + +static void pop_user_entry(genhomedircon_user_entry_t ** list) +{ + genhomedircon_user_entry_t *temp; + + if (!list || !(*list)) + return; + + temp = *list; + *list = temp->next; + free(temp->name); + free(temp->sename); + free(temp->prefix); + free(temp->home); + free(temp); +} + +static int set_fallback_user(genhomedircon_settings_t *s, + const char *user, const char *prefix) +{ + char *fallback_user = strdup(user); + char *fallback_user_prefix = strdup(prefix); + + if (fallback_user == NULL || fallback_user_prefix == NULL) { + free(fallback_user); + free(fallback_user_prefix); + return STATUS_ERR; + } + + free(s->fallback_user); + free(s->fallback_user_prefix); + s->fallback_user = fallback_user; + s->fallback_user_prefix = fallback_user_prefix; + return STATUS_SUCCESS; +} + +static int setup_fallback_user(genhomedircon_settings_t * s) +{ + semanage_seuser_t **seuser_list = NULL; + unsigned int nseusers = 0; + semanage_user_key_t *key = NULL; + semanage_user_t *u = NULL; + const char *name = NULL; + const char *seuname = NULL; + const char *prefix = NULL; + unsigned int i; + int retval; + int errors = 0; + + retval = semanage_seuser_list(s->h_semanage, &seuser_list, &nseusers); + if (retval < 0 || (nseusers < 1)) { + /* if there are no users, this function can't do any other work */ + return errors; + } + + for (i = 0; i < nseusers; i++) { + name = semanage_seuser_get_name(seuser_list[i]); + if (strcmp(name, DEFAULT_LOGIN) == 0) { + seuname = semanage_seuser_get_sename(seuser_list[i]); + + /* find the user structure given the name */ + if (semanage_user_key_create(s->h_semanage, seuname, + &key) < 0) { + errors = STATUS_ERR; + break; + } + if (semanage_user_query(s->h_semanage, key, &u) < 0) + prefix = name; + else + prefix = semanage_user_get_prefix(u); + + if (set_fallback_user(s, seuname, prefix) != 0) + errors = STATUS_ERR; + semanage_user_key_free(key); + if (u) + semanage_user_free(u); + break; + } + } + + for (i = 0; i < nseusers; i++) + semanage_seuser_free(seuser_list[i]); + free(seuser_list); + + return errors; +} + +static genhomedircon_user_entry_t *get_users(genhomedircon_settings_t * s, + int *errors) +{ + genhomedircon_user_entry_t *head = NULL; + semanage_seuser_t **seuser_list = NULL; + unsigned int nseusers = 0; + semanage_user_t **user_list = NULL; + unsigned int nusers = 0; + semanage_user_t **u = NULL; + const char *name = NULL; + const char *seuname = NULL; + const char *prefix = NULL; + struct passwd pwstorage, *pwent = NULL; + unsigned int i; + long rbuflen; + char *rbuf = NULL; + int retval; + + *errors = 0; + retval = semanage_seuser_list(s->h_semanage, &seuser_list, &nseusers); + if (retval < 0 || (nseusers < 1)) { + /* if there are no users, this function can't do any other work */ + return NULL; + } + + if (semanage_user_list(s->h_semanage, &user_list, &nusers) < 0) { + nusers = 0; + } + + qsort(user_list, nusers, sizeof(semanage_user_t *), + (int (*)(const void *, const void *))&user_sort_func); + + /* Allocate space for the getpwnam_r buffer */ + rbuflen = sysconf(_SC_GETPW_R_SIZE_MAX); + if (rbuflen <= 0) + goto cleanup; + rbuf = malloc(rbuflen); + if (rbuf == NULL) + goto cleanup; + + for (i = 0; i < nseusers; i++) { + seuname = semanage_seuser_get_sename(seuser_list[i]); + name = semanage_seuser_get_name(seuser_list[i]); + + if (strcmp(name,"root") && strcmp(seuname, s->fallback_user) == 0) + continue; + + if (strcmp(name, DEFAULT_LOGIN) == 0) + continue; + + if (strcmp(name, TEMPLATE_SEUSER) == 0) + continue; + + /* %groupname syntax */ + if (name[0] == '%') + continue; + + /* find the user structure given the name */ + u = bsearch(seuname, user_list, nusers, sizeof(semanage_user_t *), + (int (*)(const void *, const void *)) + &name_user_cmp); + if (u) { + prefix = semanage_user_get_prefix(*u); + } else { + prefix = name; + } + + retval = getpwnam_r(name, &pwstorage, rbuf, rbuflen, &pwent); + if (retval != 0 || pwent == NULL) { + if (retval != 0 && retval != ENOENT) { + *errors = STATUS_ERR; + goto cleanup; + } + + WARN(s->h_semanage, + "user %s not in password file", name); + continue; + } + + if (strcmp(pwent->pw_dir, "/") == 0) { + /* don't relabel / genhomdircon checked to see if root + * was the user and if so, set his home directory to + * /root */ + continue; + } + if (push_user_entry(&head, name, seuname, + prefix, pwent->pw_dir) != STATUS_SUCCESS) { + *errors = STATUS_ERR; + break; + } + } + + cleanup: + free(rbuf); + if (*errors) { + for (; head; pop_user_entry(&head)) { + /* the pop function takes care of all the cleanup + so the loop body is just empty */ + } + } + for (i = 0; i < nseusers; i++) { + semanage_seuser_free(seuser_list[i]); + } + free(seuser_list); + + for (i = 0; i < nusers; i++) { + semanage_user_free(user_list[i]); + } + free(user_list); + + return head; +} + +static int write_gen_home_dir_context(genhomedircon_settings_t * s, FILE * out, + semanage_list_t * user_context_tpl, + semanage_list_t * homedir_context_tpl) +{ + genhomedircon_user_entry_t *users; + int errors = 0; + + users = get_users(s, &errors); + if (!users && errors) { + return STATUS_ERR; + } + + for (; users; pop_user_entry(&users)) { + if (write_home_dir_context(s, out, homedir_context_tpl, + users->name, + users->sename, users->home, + users->prefix)) { + return STATUS_ERR; + } + if (write_user_context(s, out, user_context_tpl, users->name, + users->sename, users->prefix)) { + return STATUS_ERR; + } + } + + return STATUS_SUCCESS; +} + +/** + * @param s settings structure, stores various paths etc. Must never be NULL + * @param out the FILE to put all the output in. + * @return 0 on success + */ +static int write_context_file(genhomedircon_settings_t * s, FILE * out) +{ + semanage_list_t *homedirs = NULL; + semanage_list_t *h = NULL; + semanage_list_t *user_context_tpl = NULL; + semanage_list_t *homedir_context_tpl = NULL; + semanage_list_t *homeroot_context_tpl = NULL; + int retval = STATUS_SUCCESS; + + homedir_context_tpl = make_template(s, &HOME_DIR_PRED); + homeroot_context_tpl = make_template(s, &HOME_ROOT_PRED); + user_context_tpl = make_template(s, &USER_CONTEXT_PRED); + + if (!homedir_context_tpl && !homeroot_context_tpl && !user_context_tpl) + goto done; + + if (write_file_context_header(s, out) != STATUS_SUCCESS) { + retval = STATUS_ERR; + goto done; + } + + if (setup_fallback_user(s) != 0) { + retval = STATUS_ERR; + goto done; + } + + if (homedir_context_tpl || homeroot_context_tpl) { + homedirs = get_home_dirs(s); + if (!homedirs) { + WARN(s->h_semanage, + "no home directories were available, exiting without writing"); + goto done; + } + + for (h = homedirs; h; h = h->next) { + Ustr *temp = ustr_dup_cstr(h->data); + + if (!temp || !ustr_add_cstr(&temp, "/[^/]*")) { + ustr_sc_free(&temp); + retval = STATUS_ERR; + goto done; + } + + if (write_home_dir_context(s, out, + homedir_context_tpl, + s->fallback_user, s->fallback_user, + ustr_cstr(temp), + s->fallback_user_prefix) != + STATUS_SUCCESS) { + ustr_sc_free(&temp); + retval = STATUS_ERR; + goto done; + } + if (write_home_root_context(s, out, + homeroot_context_tpl, + h->data) != STATUS_SUCCESS) { + ustr_sc_free(&temp); + retval = STATUS_ERR; + goto done; + } + + ustr_sc_free(&temp); + } + } + if (user_context_tpl) { + if (write_user_context(s, out, user_context_tpl, + ".*", s->fallback_user, + s->fallback_user_prefix) != STATUS_SUCCESS) { + retval = STATUS_ERR; + goto done; + } + + if (write_gen_home_dir_context(s, out, user_context_tpl, + homedir_context_tpl) != STATUS_SUCCESS) { + retval = STATUS_ERR; + } + } + +done: + /* Cleanup */ + semanage_list_destroy(&homedirs); + semanage_list_destroy(&user_context_tpl); + semanage_list_destroy(&homedir_context_tpl); + semanage_list_destroy(&homeroot_context_tpl); + + return retval; +} + +int semanage_genhomedircon(semanage_handle_t * sh, + sepol_policydb_t * policydb, + int usepasswd) +{ + genhomedircon_settings_t s; + FILE *out = NULL; + int retval = 0; + + assert(sh); + + s.homedir_template_path = + semanage_path(SEMANAGE_TMP, SEMANAGE_HOMEDIR_TMPL); + s.fcfilepath = semanage_path(SEMANAGE_TMP, SEMANAGE_FC_HOMEDIRS); + + s.fallback_user = strdup(FALLBACK_USER); + s.fallback_user_prefix = strdup(FALLBACK_USER_PREFIX); + if (s.fallback_user == NULL || s.fallback_user_prefix == NULL) + return STATUS_ERR; + + s.usepasswd = usepasswd; + s.h_semanage = sh; + s.policydb = policydb; + + if (!(out = fopen(s.fcfilepath, "w"))) { + /* couldn't open output file */ + ERR(sh, "Could not open the file_context file for writing"); + return STATUS_ERR; + } + + retval = write_context_file(&s, out); + + fclose(out); + + free(s.fallback_user); + free(s.fallback_user_prefix); + + return retval; +} diff --git a/libsemanage/src/genhomedircon.h b/libsemanage/src/genhomedircon.h new file mode 100644 index 00000000..443e345a --- /dev/null +++ b/libsemanage/src/genhomedircon.h @@ -0,0 +1,28 @@ +/* Author: Mark Goldman <mgoldman@tresys.com> + * + * Copyright (C) 2007 Tresys Technology, LLC + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#ifndef _SEMANAGE_GENHOMEDIRCON_H_ +#define _SEMANAGE_GENHOMEDIRCON_H_ + +#include "utilities.h" + +int semanage_genhomedircon(semanage_handle_t * sh, + sepol_policydb_t * policydb, int usepasswd); + +#endif diff --git a/libsemanage/src/handle.c b/libsemanage/src/handle.c new file mode 100644 index 00000000..b94db110 --- /dev/null +++ b/libsemanage/src/handle.c @@ -0,0 +1,260 @@ +/* Author: Joshua Brindle <jbrindle@tresys.co + * Jason Tang <jtang@tresys.com> + * + * Copyright (C) 2004-2005 Tresys Technology, LLC + * Copyright (C) 2005 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +/* This file implements only the publicly-visible handle functions to libsemanage. */ + +#include <selinux/selinux.h> + +#include <stdarg.h> +#include <assert.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> +#include <sys/time.h> + +#include "direct_api.h" +#include "handle.h" +#include "debug.h" +#include "semanage_conf.h" +#include "semanage_store.h" + +#define SEMANAGE_COMMIT_READ_WAIT 5 + +semanage_handle_t *semanage_handle_create(void) +{ + semanage_handle_t *sh = NULL; + const char *conf_name = NULL; + + /* Allocate handle */ + if ((sh = calloc(1, sizeof(semanage_handle_t))) == NULL) + goto err; + + if ((conf_name = semanage_conf_path()) == NULL) + goto err; + + if ((sh->conf = semanage_conf_parse(conf_name)) == NULL) + goto err; + + /* Link to sepol handle */ + sh->sepolh = sepol_handle_create(); + if (!sh->sepolh) + goto err; + sepol_msg_set_callback(sh->sepolh, semanage_msg_relay_handler, sh); + + /* By default do not rebuild the policy on commit + * If any changes are made, this flag is ignored */ + sh->do_rebuild = 0; + + /* By default always reload policy after commit if SELinux is enabled. */ + sh->do_reload = (is_selinux_enabled() > 0); + + /* By default do not create store */ + sh->create_store = 0; + + /* Set timeout: some default value for now, later use config */ + sh->timeout = SEMANAGE_COMMIT_READ_WAIT; + + /* Set callback */ + sh->msg_callback = semanage_msg_default_handler; + sh->msg_callback_arg = NULL; + + return sh; + + err: + semanage_handle_destroy(sh); + return NULL; +} + +void semanage_set_rebuild(semanage_handle_t * sh, int do_rebuild) +{ + + assert(sh != NULL); + + sh->do_rebuild = do_rebuild; + return; +} + +void semanage_set_reload(semanage_handle_t * sh, int do_reload) +{ + + assert(sh != NULL); + + sh->do_reload = do_reload; + return; +} + +void semanage_set_create_store(semanage_handle_t * sh, int create_store) +{ + + assert(sh != NULL); + + sh->create_store = create_store; + return; +} + +void semanage_set_disable_dontaudit(semanage_handle_t * sh, int disable_dontaudit) +{ + assert(sh != NULL); + + sepol_set_disable_dontaudit(sh->sepolh, disable_dontaudit); + return; +} + +int semanage_is_connected(semanage_handle_t * sh) +{ + assert(sh != NULL); + return sh->is_connected; +} + +void semanage_select_store(semanage_handle_t * sh, char *storename, + enum semanage_connect_type storetype) +{ + + assert(sh != NULL); + + /* This just sets the storename to what the user requests, no + verification of existance will be done until connect */ + sh->conf->store_path = strdup(storename); + assert(sh->conf->store_path); /* no way to return failure */ + sh->conf->store_type = storetype; + + return; +} + +int semanage_is_managed(semanage_handle_t * sh) +{ + assert(sh != NULL); + if (sh->is_connected) { + ERR(sh, "Already connected."); + return -1; + } + switch (sh->conf->store_type) { + case SEMANAGE_CON_DIRECT: + return semanage_direct_is_managed(sh); + default: + ERR(sh, + "The connection type specified within your semanage.conf file has not been implemented yet."); + /* fall through */ + } + return -1; +} + +int semanage_connect(semanage_handle_t * sh) +{ + assert(sh != NULL); + switch (sh->conf->store_type) { + case SEMANAGE_CON_DIRECT:{ + if (semanage_direct_connect(sh) < 0) { + return -1; + } + break; + } + default:{ + ERR(sh, + "The connection type specified within your semanage.conf file has not been implemented yet."); + return -1; + } + } + sh->is_connected = 1; + return 0; +} + +int semanage_access_check(semanage_handle_t * sh) +{ + assert(sh != NULL); + switch (sh->conf->store_type) { + case SEMANAGE_CON_DIRECT: + return semanage_direct_access_check(sh); + default: + return -1; + } + + return -1; /* unreachable */ +} + +hidden_def(semanage_access_check) + +int semanage_disconnect(semanage_handle_t * sh) +{ + assert(sh != NULL && sh->funcs != NULL + && sh->funcs->disconnect != NULL); + if (!sh->is_connected) { + return 0; + } + if (sh->funcs->disconnect(sh) < 0) { + return -1; + } + sh->is_in_transaction = 0; + sh->is_connected = 0; + sh->modules_modified = 0; + return 0; +} + +void semanage_handle_destroy(semanage_handle_t * sh) +{ + if (sh == NULL) + return; + + if (sh->funcs != NULL && sh->funcs->destroy != NULL) + sh->funcs->destroy(sh); + semanage_conf_destroy(sh->conf); + sepol_handle_destroy(sh->sepolh); + free(sh); +} + +hidden_def(semanage_handle_destroy) + +/********************* public transaction functions *********************/ +int semanage_begin_transaction(semanage_handle_t * sh) +{ + assert(sh != NULL && sh->funcs != NULL + && sh->funcs->begin_trans != NULL); + if (!sh->is_connected) { + ERR(sh, "Not connected."); + return -1; + } + if (sh->is_in_transaction) { + return 0; + } + + if (sh->funcs->begin_trans(sh) < 0) { + return -1; + } + sh->is_in_transaction = 1; + return 0; +} + +hidden_def(semanage_begin_transaction) + +int semanage_commit(semanage_handle_t * sh) +{ + int retval; + assert(sh != NULL && sh->funcs != NULL && sh->funcs->commit != NULL); + if (!sh->is_in_transaction) { + ERR(sh, + "Will not commit because caller does not have a tranaction lock yet."); + return -1; + } + retval = sh->funcs->commit(sh); + sh->is_in_transaction = 0; + sh->modules_modified = 0; + return retval; +} diff --git a/libsemanage/src/handle.h b/libsemanage/src/handle.h new file mode 100644 index 00000000..8c324df1 --- /dev/null +++ b/libsemanage/src/handle.h @@ -0,0 +1,225 @@ +/* Author: Joshua Brindle <jbrindle@tresys.com> + * Jason Tang <jtang@tresys.com> + * Ivan Gyurdiev <ivg2@cornell.edu> + * + * Copyright (C) 2005 Tresys Technology, LLC + * Copyright (C) 2005 Red Hat Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#ifndef _SEMANAGE_INTERNAL_HANDLE_H_ +#define _SEMANAGE_INTERNAL_HANDLE_H_ + +#include <stddef.h> +#include "handle_internal.h" +#include <sepol/handle.h> +#include "modules.h" +#include "semanage_conf.h" +#include "database.h" +#include "direct_api.h" +#include "policy.h" + +struct semanage_handle { + int con_id; /* Connection ID */ + + /* Error handling */ + int msg_level; + const char *msg_channel; + const char *msg_fname; +#ifdef __GNUC__ + __attribute__ ((format(printf, 3, 4))) +#endif + void (*msg_callback) (void *varg, + semanage_handle_t * handle, const char *fmt, ...); + void *msg_callback_arg; + + /* Direct vs Server specific handle */ + union { + struct semanage_direct_handle direct; + } u; + + /* Libsepol handle */ + sepol_handle_t *sepolh; + + semanage_conf_t *conf; + int is_connected; + int is_in_transaction; + int do_reload; /* whether to reload policy after commit */ + int do_rebuild; /* whether to rebuild policy if there were no changes */ + int modules_modified; + int create_store; /* whether to create the store if it does not exist + * this will only have an effect on direct connections */ + + /* This timeout is used for transactions and waiting for lock + -1 means wait indefinetely + 0 means return immediately + >0 means wait that many seconds */ + int timeout; + + /* these function pointers will point to the appropriate + * routine given the connection type. think of these as + * simulating polymorphism for non-OO languages. */ + struct semanage_policy_table *funcs; + + /* Object databases */ +#define DBASE_COUNT 19 + +/* Local modifications */ +#define DBASE_LOCAL_USERS_BASE 0 +#define DBASE_LOCAL_USERS_EXTRA 1 +#define DBASE_LOCAL_USERS 2 +#define DBASE_LOCAL_PORTS 3 +#define DBASE_LOCAL_INTERFACES 4 +#define DBASE_LOCAL_BOOLEANS 5 +#define DBASE_LOCAL_FCONTEXTS 6 +#define DBASE_LOCAL_SEUSERS 7 +#define DBASE_LOCAL_NODES 8 + +/* Policy + Local modifications */ +#define DBASE_POLICY_USERS_BASE 9 +#define DBASE_POLICY_USERS_EXTRA 10 +#define DBASE_POLICY_USERS 11 +#define DBASE_POLICY_PORTS 12 +#define DBASE_POLICY_INTERFACES 13 +#define DBASE_POLICY_BOOLEANS 14 +#define DBASE_POLICY_FCONTEXTS 15 +#define DBASE_POLICY_SEUSERS 16 +#define DBASE_POLICY_NODES 17 + +/* Active kernel policy */ +#define DBASE_ACTIVE_BOOLEANS 18 + dbase_config_t dbase[DBASE_COUNT]; +}; + +/* === Local modifications === */ +static inline + dbase_config_t * semanage_user_base_dbase_local(semanage_handle_t * handle) +{ + return &handle->dbase[DBASE_LOCAL_USERS_BASE]; +} + +static inline + dbase_config_t * semanage_user_extra_dbase_local(semanage_handle_t * handle) +{ + return &handle->dbase[DBASE_LOCAL_USERS_EXTRA]; +} + +static inline + dbase_config_t * semanage_user_dbase_local(semanage_handle_t * handle) +{ + return &handle->dbase[DBASE_LOCAL_USERS]; +} + +static inline + dbase_config_t * semanage_port_dbase_local(semanage_handle_t * handle) +{ + return &handle->dbase[DBASE_LOCAL_PORTS]; +} + +static inline + dbase_config_t * semanage_iface_dbase_local(semanage_handle_t * handle) +{ + return &handle->dbase[DBASE_LOCAL_INTERFACES]; +} + +static inline + dbase_config_t * semanage_bool_dbase_local(semanage_handle_t * handle) +{ + return &handle->dbase[DBASE_LOCAL_BOOLEANS]; +} + +static inline + dbase_config_t * semanage_fcontext_dbase_local(semanage_handle_t * handle) +{ + return &handle->dbase[DBASE_LOCAL_FCONTEXTS]; +} + +static inline + dbase_config_t * semanage_seuser_dbase_local(semanage_handle_t * handle) +{ + return &handle->dbase[DBASE_LOCAL_SEUSERS]; +} + +static inline + dbase_config_t * semanage_node_dbase_local(semanage_handle_t * handle) +{ + return &handle->dbase[DBASE_LOCAL_NODES]; +} + +/* === Policy + Local modifications === */ +static inline + dbase_config_t * semanage_user_base_dbase_policy(semanage_handle_t * handle) +{ + return &handle->dbase[DBASE_POLICY_USERS_BASE]; +} + +static inline + dbase_config_t * semanage_user_extra_dbase_policy(semanage_handle_t * + handle) +{ + return &handle->dbase[DBASE_POLICY_USERS_EXTRA]; +} + +static inline + dbase_config_t * semanage_user_dbase_policy(semanage_handle_t * handle) +{ + return &handle->dbase[DBASE_POLICY_USERS]; +} + +static inline + dbase_config_t * semanage_port_dbase_policy(semanage_handle_t * handle) +{ + return &handle->dbase[DBASE_POLICY_PORTS]; +} + +static inline + dbase_config_t * semanage_iface_dbase_policy(semanage_handle_t * handle) +{ + return &handle->dbase[DBASE_POLICY_INTERFACES]; +} + +static inline + dbase_config_t * semanage_bool_dbase_policy(semanage_handle_t * handle) +{ + return &handle->dbase[DBASE_POLICY_BOOLEANS]; +} + +static inline + dbase_config_t * semanage_fcontext_dbase_policy(semanage_handle_t * handle) +{ + return &handle->dbase[DBASE_POLICY_FCONTEXTS]; +} + +static inline + dbase_config_t * semanage_seuser_dbase_policy(semanage_handle_t * handle) +{ + return &handle->dbase[DBASE_POLICY_SEUSERS]; +} + +static inline + dbase_config_t * semanage_node_dbase_policy(semanage_handle_t * handle) +{ + return &handle->dbase[DBASE_POLICY_NODES]; +} + +/* === Active kernel policy === */ +static inline + dbase_config_t * semanage_bool_dbase_active(semanage_handle_t * handle) +{ + return &handle->dbase[DBASE_ACTIVE_BOOLEANS]; +} + +#endif diff --git a/libsemanage/src/handle_internal.h b/libsemanage/src/handle_internal.h new file mode 100644 index 00000000..8493a39b --- /dev/null +++ b/libsemanage/src/handle_internal.h @@ -0,0 +1,11 @@ +#ifndef _SEMANAGE_HANDLE_INTERNAL_H_ +#define _SEMANAGE_HANDLE_INTERNAL_H_ + +#include <semanage/handle.h> +#include "dso.h" + +hidden_proto(semanage_begin_transaction) + hidden_proto(semanage_handle_destroy) + hidden_proto(semanage_reload_policy) + hidden_proto(semanage_access_check) +#endif diff --git a/libsemanage/src/iface_internal.h b/libsemanage/src/iface_internal.h new file mode 100644 index 00000000..7fe80fd7 --- /dev/null +++ b/libsemanage/src/iface_internal.h @@ -0,0 +1,38 @@ +#ifndef _SEMANAGE_IFACE_INTERNAL_H_ +#define _SEMANAGE_IFACE_INTERNAL_H_ + +#include <semanage/iface_record.h> +#include <semanage/interfaces_local.h> +#include <semanage/interfaces_policy.h> +#include "database.h" +#include "handle.h" +#include "dso.h" + +hidden_proto(semanage_iface_create) + hidden_proto(semanage_iface_compare) + hidden_proto(semanage_iface_compare2) + hidden_proto(semanage_iface_clone) + hidden_proto(semanage_iface_free) + hidden_proto(semanage_iface_get_ifcon) + hidden_proto(semanage_iface_get_msgcon) + hidden_proto(semanage_iface_get_name) + hidden_proto(semanage_iface_key_extract) + hidden_proto(semanage_iface_key_free) + hidden_proto(semanage_iface_set_ifcon) + hidden_proto(semanage_iface_set_msgcon) + hidden_proto(semanage_iface_set_name) + +/* IFACE RECORD: metod table */ +extern record_table_t SEMANAGE_IFACE_RTABLE; + +extern int iface_policydb_dbase_init(semanage_handle_t * handle, + dbase_config_t * dconfig); + +extern void iface_policydb_dbase_release(dbase_config_t * dconfig); + +extern int iface_file_dbase_init(semanage_handle_t * handle, + const char *fname, dbase_config_t * dconfig); + +extern void iface_file_dbase_release(dbase_config_t * dconfig); + +#endif diff --git a/libsemanage/src/iface_record.c b/libsemanage/src/iface_record.c new file mode 100644 index 00000000..e7d72d75 --- /dev/null +++ b/libsemanage/src/iface_record.c @@ -0,0 +1,169 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +/* Object: semanage_iface_t (Network Interface) + * Object: semanage_iface_key_t (Network Interface Key) + * Implements: record_t (Database Record) + * Implements: record_key_t (Database Record Key) + */ + +#include <sepol/context_record.h> +#include <sepol/iface_record.h> + +typedef sepol_context_t semanage_context_t; +typedef sepol_iface_t semanage_iface_t; +typedef sepol_iface_key_t semanage_iface_key_t; +#define _SEMANAGE_CONTEXT_DEFINED_ +#define _SEMANAGE_IFACE_DEFINED_ + +typedef sepol_iface_t record_t; +typedef sepol_iface_key_t record_key_t; +#define DBASE_RECORD_DEFINED + +#include "iface_internal.h" +#include "handle.h" +#include "database.h" + +/* Key */ +int semanage_iface_compare(const semanage_iface_t * iface, + const semanage_iface_key_t * key) +{ + + return sepol_iface_compare(iface, key); +} + +hidden_def(semanage_iface_compare) + +int semanage_iface_compare2(const semanage_iface_t * iface, + const semanage_iface_t * iface2) +{ + + return sepol_iface_compare2(iface, iface2); +} + +hidden_def(semanage_iface_compare2) + +static int semanage_iface_compare2_qsort(const semanage_iface_t ** iface, + const semanage_iface_t ** iface2) +{ + + return sepol_iface_compare2(*iface, *iface2); +} + +int semanage_iface_key_create(semanage_handle_t * handle, + const char *name, semanage_iface_key_t ** key_ptr) +{ + + return sepol_iface_key_create(handle->sepolh, name, key_ptr); +} + +int semanage_iface_key_extract(semanage_handle_t * handle, + const semanage_iface_t * iface, + semanage_iface_key_t ** key_ptr) +{ + + return sepol_iface_key_extract(handle->sepolh, iface, key_ptr); +} + +hidden_def(semanage_iface_key_extract) + +void semanage_iface_key_free(semanage_iface_key_t * key) +{ + + sepol_iface_key_free(key); +} + +hidden_def(semanage_iface_key_free) + +/* Name */ +const char *semanage_iface_get_name(const semanage_iface_t * iface) +{ + + return sepol_iface_get_name(iface); +} + +hidden_def(semanage_iface_get_name) + +int semanage_iface_set_name(semanage_handle_t * handle, + semanage_iface_t * iface, const char *name) +{ + + return sepol_iface_set_name(handle->sepolh, iface, name); +} + +hidden_def(semanage_iface_set_name) + +/* Context */ +semanage_context_t *semanage_iface_get_ifcon(const semanage_iface_t * iface) +{ + + return sepol_iface_get_ifcon(iface); +} + +hidden_def(semanage_iface_get_ifcon) + +int semanage_iface_set_ifcon(semanage_handle_t * handle, + semanage_iface_t * iface, semanage_context_t * con) +{ + + return sepol_iface_set_ifcon(handle->sepolh, iface, con); +} + +hidden_def(semanage_iface_set_ifcon) + +semanage_context_t *semanage_iface_get_msgcon(const semanage_iface_t * iface) +{ + + return sepol_iface_get_msgcon(iface); +} + +hidden_def(semanage_iface_get_msgcon) + +int semanage_iface_set_msgcon(semanage_handle_t * handle, + semanage_iface_t * iface, + semanage_context_t * con) +{ + + return sepol_iface_set_msgcon(handle->sepolh, iface, con); +} + +hidden_def(semanage_iface_set_msgcon) + +/* Create/Clone/Destroy */ +int semanage_iface_create(semanage_handle_t * handle, + semanage_iface_t ** iface_ptr) +{ + + return sepol_iface_create(handle->sepolh, iface_ptr); +} + +hidden_def(semanage_iface_create) + +int semanage_iface_clone(semanage_handle_t * handle, + const semanage_iface_t * iface, + semanage_iface_t ** iface_ptr) +{ + + return sepol_iface_clone(handle->sepolh, iface, iface_ptr); +} + +hidden_def(semanage_iface_clone) + +void semanage_iface_free(semanage_iface_t * iface) +{ + + sepol_iface_free(iface); +} + +hidden_def(semanage_iface_free) + +/* Record base functions */ +record_table_t SEMANAGE_IFACE_RTABLE = { + .create = semanage_iface_create, + .key_extract = semanage_iface_key_extract, + .key_free = semanage_iface_key_free, + .clone = semanage_iface_clone, + .compare = semanage_iface_compare, + .compare2 = semanage_iface_compare2, + .compare2_qsort = semanage_iface_compare2_qsort, + .free = semanage_iface_free, +}; diff --git a/libsemanage/src/interfaces_file.c b/libsemanage/src/interfaces_file.c new file mode 100644 index 00000000..78871a26 --- /dev/null +++ b/libsemanage/src/interfaces_file.c @@ -0,0 +1,172 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_iface; +struct semanage_iface_key; +typedef struct semanage_iface record_t; +typedef struct semanage_iface_key record_key_t; +#define DBASE_RECORD_DEFINED + +struct dbase_file; +typedef struct dbase_file dbase_t; +#define DBASE_DEFINED + +#include <stdlib.h> +#include <stdio.h> +#include <semanage/handle.h> +#include "iface_internal.h" +#include "context_internal.h" +#include "database_file.h" +#include "parse_utils.h" +#include "debug.h" + +static int iface_print(semanage_handle_t * handle, + semanage_iface_t * iface, FILE * str) +{ + + char *con_str = NULL; + + const char *name = semanage_iface_get_name(iface); + semanage_context_t *ifcon = semanage_iface_get_ifcon(iface); + semanage_context_t *msgcon = semanage_iface_get_msgcon(iface); + + if (fprintf(str, "netifcon %s ", name) < 0) + goto err; + + if (semanage_context_to_string(handle, ifcon, &con_str) < 0) + goto err; + if (fprintf(str, "%s ", con_str) < 0) + goto err; + free(con_str); + con_str = NULL; + + if (semanage_context_to_string(handle, msgcon, &con_str) < 0) + goto err; + if (fprintf(str, "%s\n", con_str) < 0) + goto err; + free(con_str); + con_str = NULL; + + return STATUS_SUCCESS; + + err: + ERR(handle, "could not print interface %s to stream", name); + free(con_str); + return STATUS_ERR; +} + +static int iface_parse(semanage_handle_t * handle, + parse_info_t * info, semanage_iface_t * iface) +{ + + char *str = NULL; + semanage_context_t *con = NULL; + + if (parse_skip_space(handle, info) < 0) + goto err; + if (!info->ptr) + goto last; + + /* Header */ + if (parse_assert_str(handle, info, "netifcon") < 0) + goto err; + if (parse_assert_space(handle, info) < 0) + goto err; + + /* Name */ + if (parse_fetch_string(handle, info, &str, ' ') < 0) + goto err; + if (semanage_iface_set_name(handle, iface, str) < 0) + goto err; + free(str); + str = NULL; + + /* Interface context */ + if (parse_assert_space(handle, info) < 0) + goto err; + if (parse_fetch_string(handle, info, &str, ' ') < 0) + goto err; + if (semanage_context_from_string(handle, str, &con) < 0) { + ERR(handle, "invalid security context \"%s\" (%s: %u)\n%s", + str, info->filename, info->lineno, info->orig_line); + goto err; + } + if (con == NULL) { + ERR(handle, "<<none>> context is not valid for " + "interfaces (%s: %u)\n%s", info->filename, + info->lineno, info->orig_line); + goto err; + } + free(str); + str = NULL; + + if (semanage_iface_set_ifcon(handle, iface, con) < 0) + goto err; + semanage_context_free(con); + con = NULL; + + /* Message context */ + if (parse_assert_space(handle, info) < 0) + goto err; + if (parse_fetch_string(handle, info, &str, ' ') < 0) + goto err; + if (semanage_context_from_string(handle, str, &con) < 0) { + ERR(handle, "invalid security context \"%s\" (%s: %u)\n%s", + str, info->filename, info->lineno, info->orig_line); + goto err; + } + if (con == NULL) { + ERR(handle, "<<none>> context is not valid for " + "interfaces (%s: %u)\n%s", info->filename, + info->lineno, info->orig_line); + goto err; + } + free(str); + str = NULL; + + if (semanage_iface_set_msgcon(handle, iface, con) < 0) + goto err; + semanage_context_free(con); + con = NULL; + + if (parse_assert_space(handle, info) < 0) + goto err; + + return STATUS_SUCCESS; + + last: + parse_dispose_line(info); + return STATUS_NODATA; + + err: + ERR(handle, "could not parse interface record"); + free(str); + semanage_context_free(con); + parse_dispose_line(info); + return STATUS_ERR; +} + +/* IFACE RECORD: FILE extension: method table */ +record_file_table_t SEMANAGE_IFACE_FILE_RTABLE = { + .parse = iface_parse, + .print = iface_print, +}; + +int iface_file_dbase_init(semanage_handle_t * handle, + const char *fname, dbase_config_t * dconfig) +{ + + if (dbase_file_init(handle, + fname, + &SEMANAGE_IFACE_RTABLE, + &SEMANAGE_IFACE_FILE_RTABLE, &dconfig->dbase) < 0) + return STATUS_ERR; + + dconfig->dtable = &SEMANAGE_FILE_DTABLE; + return STATUS_SUCCESS; +} + +void iface_file_dbase_release(dbase_config_t * dconfig) +{ + + dbase_file_release(dconfig->dbase); +} diff --git a/libsemanage/src/interfaces_local.c b/libsemanage/src/interfaces_local.c new file mode 100644 index 00000000..acf68514 --- /dev/null +++ b/libsemanage/src/interfaces_local.c @@ -0,0 +1,71 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_iface; +struct semanage_iface_key; +typedef struct semanage_iface_key record_key_t; +typedef struct semanage_iface record_t; +#define DBASE_RECORD_DEFINED + +#include "iface_internal.h" +#include "handle.h" +#include "database.h" + +int semanage_iface_modify_local(semanage_handle_t * handle, + const semanage_iface_key_t * key, + const semanage_iface_t * data) +{ + + dbase_config_t *dconfig = semanage_iface_dbase_local(handle); + return dbase_modify(handle, dconfig, key, data); +} + +int semanage_iface_del_local(semanage_handle_t * handle, + const semanage_iface_key_t * key) +{ + + dbase_config_t *dconfig = semanage_iface_dbase_local(handle); + return dbase_del(handle, dconfig, key); +} + +int semanage_iface_query_local(semanage_handle_t * handle, + const semanage_iface_key_t * key, + semanage_iface_t ** response) +{ + + dbase_config_t *dconfig = semanage_iface_dbase_local(handle); + return dbase_query(handle, dconfig, key, response); +} + +int semanage_iface_exists_local(semanage_handle_t * handle, + const semanage_iface_key_t * key, int *response) +{ + + dbase_config_t *dconfig = semanage_iface_dbase_local(handle); + return dbase_exists(handle, dconfig, key, response); +} + +int semanage_iface_count_local(semanage_handle_t * handle, + unsigned int *response) +{ + + dbase_config_t *dconfig = semanage_iface_dbase_local(handle); + return dbase_count(handle, dconfig, response); +} + +int semanage_iface_iterate_local(semanage_handle_t * handle, + int (*handler) (const semanage_iface_t * + record, void *varg), + void *handler_arg) +{ + + dbase_config_t *dconfig = semanage_iface_dbase_local(handle); + return dbase_iterate(handle, dconfig, handler, handler_arg); +} + +int semanage_iface_list_local(semanage_handle_t * handle, + semanage_iface_t *** records, unsigned int *count) +{ + + dbase_config_t *dconfig = semanage_iface_dbase_local(handle); + return dbase_list(handle, dconfig, records, count); +} diff --git a/libsemanage/src/interfaces_policy.c b/libsemanage/src/interfaces_policy.c new file mode 100644 index 00000000..7f9b2ef4 --- /dev/null +++ b/libsemanage/src/interfaces_policy.c @@ -0,0 +1,52 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_iface; +struct semanage_iface_key; +typedef struct semanage_iface_key record_key_t; +typedef struct semanage_iface record_t; +#define DBASE_RECORD_DEFINED + +#include "iface_internal.h" +#include "handle.h" +#include "database.h" + +int semanage_iface_query(semanage_handle_t * handle, + const semanage_iface_key_t * key, + semanage_iface_t ** response) +{ + + dbase_config_t *dconfig = semanage_iface_dbase_policy(handle); + return dbase_query(handle, dconfig, key, response); +} + +int semanage_iface_exists(semanage_handle_t * handle, + const semanage_iface_key_t * key, int *response) +{ + + dbase_config_t *dconfig = semanage_iface_dbase_policy(handle); + return dbase_exists(handle, dconfig, key, response); +} + +int semanage_iface_count(semanage_handle_t * handle, unsigned int *response) +{ + + dbase_config_t *dconfig = semanage_iface_dbase_policy(handle); + return dbase_count(handle, dconfig, response); +} + +int semanage_iface_iterate(semanage_handle_t * handle, + int (*handler) (const semanage_iface_t * record, + void *varg), void *handler_arg) +{ + + dbase_config_t *dconfig = semanage_iface_dbase_policy(handle); + return dbase_iterate(handle, dconfig, handler, handler_arg); +} + +int semanage_iface_list(semanage_handle_t * handle, + semanage_iface_t *** records, unsigned int *count) +{ + + dbase_config_t *dconfig = semanage_iface_dbase_policy(handle); + return dbase_list(handle, dconfig, records, count); +} diff --git a/libsemanage/src/interfaces_policydb.c b/libsemanage/src/interfaces_policydb.c new file mode 100644 index 00000000..b67963d7 --- /dev/null +++ b/libsemanage/src/interfaces_policydb.c @@ -0,0 +1,67 @@ +/* + * Copyright (C) 2006 Tresys Technology, LLC + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_iface; +struct semanage_iface_key; +typedef struct semanage_iface record_t; +typedef struct semanage_iface_key record_key_t; +#define DBASE_RECORD_DEFINED + +struct dbase_policydb; +typedef struct dbase_policydb dbase_t; +#define DBASE_DEFINED + +#include <sepol/interfaces.h> +#include <semanage/handle.h> +#include "iface_internal.h" +#include "debug.h" +#include "database_policydb.h" + +/* INTERFACE RECRORD (SEPOL): POLICYDB extension: method table */ +record_policydb_table_t SEMANAGE_IFACE_POLICYDB_RTABLE = { + .add = NULL, + .modify = (record_policydb_table_modify_t) sepol_iface_modify, + .set = NULL, + .query = (record_policydb_table_query_t) sepol_iface_query, + .count = (record_policydb_table_count_t) sepol_iface_count, + .exists = (record_policydb_table_exists_t) sepol_iface_exists, + .iterate = (record_policydb_table_iterate_t) sepol_iface_iterate, +}; + +int iface_policydb_dbase_init(semanage_handle_t * handle, + dbase_config_t * dconfig) +{ + + if (dbase_policydb_init(handle, + "policy.kern", + &SEMANAGE_IFACE_RTABLE, + &SEMANAGE_IFACE_POLICYDB_RTABLE, + &dconfig->dbase) < 0) + return STATUS_ERR; + + dconfig->dtable = &SEMANAGE_POLICYDB_DTABLE; + return STATUS_SUCCESS; +} + +void iface_policydb_dbase_release(dbase_config_t * dconfig) +{ + + dbase_policydb_release(dconfig->dbase); +} diff --git a/libsemanage/src/libsemanage.map b/libsemanage/src/libsemanage.map new file mode 100644 index 00000000..56a83f05 --- /dev/null +++ b/libsemanage/src/libsemanage.map @@ -0,0 +1,18 @@ +LIBSEMANAGE_1.0 { + global: semanage_handle_create; semanage_handle_destroy; + semanage_is_managed; semanage_connect; semanage_disconnect; + semanage_msg_*; + semanage_begin_transaction; semanage_commit; + semanage_module_install; semanage_module_upgrade; + semanage_module_install_base; semanage_module_remove; + semanage_module_list; semanage_module_info_datum_destroy; + semanage_module_list_nth; semanage_module_get_name; + semanage_module_get_version; semanage_select_store; + semanage_reload_policy; semanage_set_reload; semanage_set_rebuild; + semanage_user_*; semanage_bool_*; semanage_seuser_*; + semanage_iface_*; semanage_port_*; semanage_context_*; + semanage_node_*; + semanage_fcontext_*; semanage_access_check; semanage_set_create_store; + semanage_is_connected; semanage_set_disable_dontaudit; + local: *; +}; diff --git a/libsemanage/src/module_internal.h b/libsemanage/src/module_internal.h new file mode 100644 index 00000000..f074a3a8 --- /dev/null +++ b/libsemanage/src/module_internal.h @@ -0,0 +1,11 @@ +#ifndef _SEMANAGE_MODULE_INTERNAL_H_ +#define _SEMANAGE_MODULE_INTERNAL_H_ + +#include <semanage/modules.h> +#include "dso.h" + +hidden_proto(semanage_module_get_name) + hidden_proto(semanage_module_get_version) + hidden_proto(semanage_module_info_datum_destroy) + hidden_proto(semanage_module_list_nth) +#endif diff --git a/libsemanage/src/modules.c b/libsemanage/src/modules.c new file mode 100644 index 00000000..b1b0bdc8 --- /dev/null +++ b/libsemanage/src/modules.c @@ -0,0 +1,153 @@ +/* Author: Joshua Brindle <jbrindle@tresys.co + * Jason Tang <jtang@tresys.com> + * + * Copyright (C) 2004-2005 Tresys Technology, LLC + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +/* This file implements only the publicly-visible module functions to libsemanage. */ + +#include "direct_api.h" +#include "semanage_conf.h" +#include "semanage_store.h" + +#include <stdarg.h> +#include <assert.h> +#include <stdlib.h> +#include <stdio.h> + +#include "handle.h" +#include "modules.h" +#include "debug.h" + +int semanage_module_install(semanage_handle_t * sh, + char *module_data, size_t data_len) +{ + if (sh->funcs->install == NULL) { + ERR(sh, + "No install function defined for this connection type."); + return -1; + } else if (!sh->is_connected) { + ERR(sh, "Not connected."); + return -1; + } else if (!sh->is_in_transaction) { + if (semanage_begin_transaction(sh) < 0) { + return -1; + } + } + sh->modules_modified = 1; + return sh->funcs->install(sh, module_data, data_len); +} + +int semanage_module_upgrade(semanage_handle_t * sh, + char *module_data, size_t data_len) +{ + if (sh->funcs->upgrade == NULL) { + ERR(sh, + "No upgrade function defined for this connection type."); + return -1; + } else if (!sh->is_connected) { + ERR(sh, "Not connected."); + return -1; + } else if (!sh->is_in_transaction) { + if (semanage_begin_transaction(sh) < 0) { + return -1; + } + } + sh->modules_modified = 1; + return sh->funcs->upgrade(sh, module_data, data_len); +} + +int semanage_module_install_base(semanage_handle_t * sh, + char *module_data, size_t data_len) +{ + if (sh->funcs->install_base == NULL) { + ERR(sh, + "No install base function defined for this connection type."); + return -1; + } else if (!sh->is_connected) { + ERR(sh, "Not connected."); + return -1; + } else if (!sh->is_in_transaction) { + if (semanage_begin_transaction(sh) < 0) { + return -1; + } + } + sh->modules_modified = 1; + return sh->funcs->install_base(sh, module_data, data_len); +} + +int semanage_module_remove(semanage_handle_t * sh, char *module_name) +{ + if (sh->funcs->remove == NULL) { + ERR(sh, "No remove function defined for this connection type."); + return -1; + } else if (!sh->is_connected) { + ERR(sh, "Not connected."); + return -1; + } else if (!sh->is_in_transaction) { + if (semanage_begin_transaction(sh) < 0) { + return -1; + } + } + sh->modules_modified = 1; + return sh->funcs->remove(sh, module_name); +} + +int semanage_module_list(semanage_handle_t * sh, + semanage_module_info_t ** modinfo, int *num_modules) +{ + if (sh->funcs->list == NULL) { + ERR(sh, "No list function defined for this connection type."); + return -1; + } else if (!sh->is_connected) { + ERR(sh, "Not connected."); + return -1; + } + return sh->funcs->list(sh, modinfo, num_modules); +} + +void semanage_module_info_datum_destroy(semanage_module_info_t * modinfo) +{ + if (modinfo != NULL) { + free(modinfo->name); + free(modinfo->version); + } +} + +hidden_def(semanage_module_info_datum_destroy) + +semanage_module_info_t *semanage_module_list_nth(semanage_module_info_t * list, + int n) +{ + return list + n; +} + +hidden_def(semanage_module_list_nth) + +const char *semanage_module_get_name(semanage_module_info_t * modinfo) +{ + return modinfo->name; +} + +hidden_def(semanage_module_get_name) + +const char *semanage_module_get_version(semanage_module_info_t * modinfo) +{ + return modinfo->version; +} + +hidden_def(semanage_module_get_version) diff --git a/libsemanage/src/modules.h b/libsemanage/src/modules.h new file mode 100644 index 00000000..381b1083 --- /dev/null +++ b/libsemanage/src/modules.h @@ -0,0 +1,31 @@ +/* Author: Joshua Brindle <jbrindle@tresys.com> + * Jason Tang <jtang@tresys.com> + * + * Copyright (C) 2005 Tresys Technology, LLC + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#ifndef _SEMANAGE_INTERNAL_MODULES_H_ +#define _SEMANAGE_INTERNAL_MODULES_H_ + +#include "module_internal.h" + +struct semanage_module_info { + char *name; /* Key */ + char *version; +}; + +#endif diff --git a/libsemanage/src/node_internal.h b/libsemanage/src/node_internal.h new file mode 100644 index 00000000..7653af8b --- /dev/null +++ b/libsemanage/src/node_internal.h @@ -0,0 +1,53 @@ +#ifndef _SEMANAGE_NODE_INTERNAL_H_ +#define _SEMANAGE_NODE_INTERNAL_H_ + +#include <semanage/node_record.h> +#include <semanage/nodes_local.h> +#include <semanage/nodes_policy.h> +#include "database.h" +#include "handle.h" +#include "dso.h" + +hidden_proto(semanage_node_create) + hidden_proto(semanage_node_compare) + hidden_proto(semanage_node_compare2) + hidden_proto(semanage_node_clone) + hidden_proto(semanage_node_free) + hidden_proto(semanage_node_key_extract) + hidden_proto(semanage_node_key_free) + hidden_proto(semanage_node_get_addr) + hidden_proto(semanage_node_get_addr_bytes) + hidden_proto(semanage_node_get_mask) + hidden_proto(semanage_node_get_mask_bytes) + hidden_proto(semanage_node_get_proto) + hidden_proto(semanage_node_set_addr) + hidden_proto(semanage_node_set_addr_bytes) + hidden_proto(semanage_node_set_mask) + hidden_proto(semanage_node_set_mask_bytes) + hidden_proto(semanage_node_set_proto) + hidden_proto(semanage_node_get_proto_str) + hidden_proto(semanage_node_get_con) + hidden_proto(semanage_node_set_con) + hidden_proto(semanage_node_list_local) + +/* NODE RECORD: method table */ +extern record_table_t SEMANAGE_NODE_RTABLE; + +extern int node_file_dbase_init(semanage_handle_t * handle, + const char *fname, dbase_config_t * dconfig); + +extern void node_file_dbase_release(dbase_config_t * dconfig); + +extern int node_policydb_dbase_init(semanage_handle_t * handle, + dbase_config_t * dconfig); + +extern void node_policydb_dbase_release(dbase_config_t * dconfig); + +extern int hidden semanage_node_validate_local(semanage_handle_t * handle); + +/* ==== Internal (to nodes) API === */ + +hidden int semanage_node_compare2_qsort(const semanage_node_t ** node, + const semanage_node_t ** node2); + +#endif diff --git a/libsemanage/src/node_record.c b/libsemanage/src/node_record.c new file mode 100644 index 00000000..5368ceee --- /dev/null +++ b/libsemanage/src/node_record.c @@ -0,0 +1,240 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +/* Object: semanage_node_t (Network Port) + * Object: semanage_node_key_t (Network Port Key) + * Implements: record_t (Database Record) + * Implements: record_key_t (Database Record Key) + */ + +#include <sepol/context_record.h> +#include <sepol/node_record.h> +#include <stddef.h> + +typedef sepol_context_t semanage_context_t; +typedef sepol_node_t semanage_node_t; +typedef sepol_node_key_t semanage_node_key_t; +#define _SEMANAGE_NODE_DEFINED_ +#define _SEMANAGE_CONTEXT_DEFINED_ + +typedef semanage_node_t record_t; +typedef semanage_node_key_t record_key_t; +#define DBASE_RECORD_DEFINED + +#include "node_internal.h" +#include "handle.h" +#include "database.h" + +/* Key */ +int semanage_node_compare(const semanage_node_t * node, + const semanage_node_key_t * key) +{ + + return sepol_node_compare(node, key); +} + +hidden_def(semanage_node_compare) + +int semanage_node_compare2(const semanage_node_t * node, + const semanage_node_t * node2) +{ + + return sepol_node_compare2(node, node2); +} + +hidden_def(semanage_node_compare2) + +hidden int semanage_node_compare2_qsort(const semanage_node_t ** node, + const semanage_node_t ** node2) +{ + + return sepol_node_compare2(*node, *node2); +} + +int semanage_node_key_create(semanage_handle_t * handle, + const char *addr, + const char *mask, + int proto, semanage_node_key_t ** key_ptr) +{ + + return sepol_node_key_create(handle->sepolh, addr, mask, proto, + key_ptr); +} + +int semanage_node_key_extract(semanage_handle_t * handle, + const semanage_node_t * node, + semanage_node_key_t ** key_ptr) +{ + + return sepol_node_key_extract(handle->sepolh, node, key_ptr); +} + +hidden_def(semanage_node_key_extract) + +void semanage_node_key_free(semanage_node_key_t * key) +{ + + sepol_node_key_free(key); +} + +hidden_def(semanage_node_key_free) + +/* Address */ +int semanage_node_get_addr(semanage_handle_t * handle, + const semanage_node_t * node, char **addr_ptr) +{ + + return sepol_node_get_addr(handle->sepolh, node, addr_ptr); +} + +hidden_def(semanage_node_get_addr) + +int semanage_node_get_addr_bytes(semanage_handle_t * handle, + const semanage_node_t * node, + char **addr, size_t * addr_sz) +{ + + return sepol_node_get_addr_bytes(handle->sepolh, node, addr, addr_sz); +} + +hidden_def(semanage_node_get_addr_bytes) + +int semanage_node_set_addr(semanage_handle_t * handle, + semanage_node_t * node, int proto, const char *addr) +{ + + return sepol_node_set_addr(handle->sepolh, node, proto, addr); +} + +hidden_def(semanage_node_set_addr) + +int semanage_node_set_addr_bytes(semanage_handle_t * handle, + semanage_node_t * node, + const char *addr, size_t addr_sz) +{ + + return sepol_node_set_addr_bytes(handle->sepolh, node, addr, addr_sz); +} + +hidden_def(semanage_node_set_addr_bytes) + +/* Netmask */ +int semanage_node_get_mask(semanage_handle_t * handle, + const semanage_node_t * node, char **mask_ptr) +{ + + return sepol_node_get_mask(handle->sepolh, node, mask_ptr); +} + +hidden_def(semanage_node_get_mask) + +int semanage_node_get_mask_bytes(semanage_handle_t * handle, + const semanage_node_t * node, + char **mask, size_t * mask_sz) +{ + + return sepol_node_get_mask_bytes(handle->sepolh, node, mask, mask_sz); +} + +hidden_def(semanage_node_get_mask_bytes) + +int semanage_node_set_mask(semanage_handle_t * handle, + semanage_node_t * node, int proto, const char *mask) +{ + + return sepol_node_set_mask(handle->sepolh, node, proto, mask); +} + +hidden_def(semanage_node_set_mask) + +int semanage_node_set_mask_bytes(semanage_handle_t * handle, + semanage_node_t * node, + const char *mask, size_t mask_sz) +{ + + return sepol_node_set_mask_bytes(handle->sepolh, node, mask, mask_sz); +} + +hidden_def(semanage_node_set_mask_bytes) + +/* Protocol */ +int semanage_node_get_proto(const semanage_node_t * node) +{ + + return sepol_node_get_proto(node); +} + +hidden_def(semanage_node_get_proto) + +void semanage_node_set_proto(semanage_node_t * node, int proto) +{ + + sepol_node_set_proto(node, proto); +} + +hidden_def(semanage_node_set_proto) + +const char *semanage_node_get_proto_str(int proto) +{ + + return sepol_node_get_proto_str(proto); +} + +hidden_def(semanage_node_get_proto_str) + +/* Context */ +semanage_context_t *semanage_node_get_con(const semanage_node_t * node) +{ + + return sepol_node_get_con(node); +} + +hidden_def(semanage_node_get_con) + +int semanage_node_set_con(semanage_handle_t * handle, + semanage_node_t * node, semanage_context_t * con) +{ + + return sepol_node_set_con(handle->sepolh, node, con); +} + +hidden_def(semanage_node_set_con) + +/* Create/Clone/Destroy */ +int semanage_node_create(semanage_handle_t * handle, + semanage_node_t ** node_ptr) +{ + + return sepol_node_create(handle->sepolh, node_ptr); +} + +hidden_def(semanage_node_create) + +int semanage_node_clone(semanage_handle_t * handle, + const semanage_node_t * node, + semanage_node_t ** node_ptr) +{ + + return sepol_node_clone(handle->sepolh, node, node_ptr); +} + +hidden_def(semanage_node_clone) + +void semanage_node_free(semanage_node_t * node) +{ + + sepol_node_free(node); +} + +hidden_def(semanage_node_free) + +/* Port base functions */ +record_table_t SEMANAGE_NODE_RTABLE = { + .create = semanage_node_create, + .key_extract = semanage_node_key_extract, + .key_free = semanage_node_key_free, + .clone = semanage_node_clone, + .compare = semanage_node_compare, + .compare2 = semanage_node_compare2, + .compare2_qsort = semanage_node_compare2_qsort, + .free = semanage_node_free, +}; diff --git a/libsemanage/src/nodes_file.c b/libsemanage/src/nodes_file.c new file mode 100644 index 00000000..b80de2d3 --- /dev/null +++ b/libsemanage/src/nodes_file.c @@ -0,0 +1,181 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_node; +struct semanage_node_key; +typedef struct semanage_node record_t; +typedef struct semanage_node_key record_key_t; +#define DBASE_RECORD_DEFINED + +struct dbase_file; +typedef struct dbase_file dbase_t; +#define DBASE_DEFINED + +#include <stdlib.h> +#include <stdio.h> +#include <strings.h> +#include <semanage/handle.h> +#include "node_internal.h" +#include "context_internal.h" +#include "database_file.h" +#include "parse_utils.h" +#include "debug.h" + +static int node_print(semanage_handle_t * handle, + semanage_node_t * node, FILE * str) +{ + + char *con_str = NULL; + char *addr = NULL; + char *mask = NULL; + + int proto = semanage_node_get_proto(node); + const char *proto_str = semanage_node_get_proto_str(proto); + semanage_context_t *con = semanage_node_get_con(node); + + if (semanage_node_get_addr(handle, node, &addr) < 0) + goto err; + + if (semanage_node_get_mask(handle, node, &mask) < 0) + goto err; + + if (semanage_context_to_string(handle, con, &con_str) < 0) + goto err; + + if (fprintf + (str, "nodecon %s %s %s %s\n", proto_str, addr, mask, con_str) < 0) + goto err; + + free(addr); + free(mask); + free(con_str); + return STATUS_SUCCESS; + + err: + free(addr); + free(mask); + free(con_str); + ERR(handle, "could not print node to stream"); + return STATUS_ERR; +} + +static int node_parse(semanage_handle_t * handle, + parse_info_t * info, semanage_node_t * node) +{ + + int proto; + char *str = NULL; + semanage_context_t *con = NULL; + + if (parse_skip_space(handle, info) < 0) + goto err; + if (!info->ptr) + goto last; + + /* Header */ + if (parse_assert_str(handle, info, "nodecon") < 0) + goto err; + if (parse_assert_space(handle, info) < 0) + goto err; + + /* Protocol */ + if (parse_fetch_string(handle, info, &str, ' ') < 0) + goto err; + if (!strcasecmp(str, "ipv4")) + proto = SEMANAGE_PROTO_IP4; + else if (!strcasecmp(str, "ipv6")) + proto = SEMANAGE_PROTO_IP6; + else { + ERR(handle, "invalid protocol \"%s\" (%s: %u):\n%s", str, + info->filename, info->lineno, info->orig_line); + goto err; + } + free(str); + str = NULL; + + semanage_node_set_proto(node, proto); + + /* Address */ + if (parse_assert_space(handle, info) < 0) + goto err; + if (parse_fetch_string(handle, info, &str, ' ') < 0) + goto err; + if (semanage_node_set_addr(handle, node, proto, str) < 0) + goto err; + if (parse_assert_space(handle, info) < 0) + goto err; + free(str); + str = NULL; + + /* Netmask */ + if (parse_fetch_string(handle, info, &str, ' ') < 0) + goto err; + if (semanage_node_set_mask(handle, node, proto, str) < 0) + goto err; + if (parse_assert_space(handle, info) < 0) + goto err; + free(str); + str = NULL; + + /* Port context */ + if (parse_fetch_string(handle, info, &str, ' ') < 0) + goto err; + if (semanage_context_from_string(handle, str, &con) < 0) { + ERR(handle, "invalid security context \"%s\" (%s: %u)\n%s", + str, info->filename, info->lineno, info->orig_line); + goto err; + } + if (con == NULL) { + ERR(handle, "<<none>> context is not valid " + "for nodes (%s: %u):\n%s", info->filename, + info->lineno, info->orig_line); + goto err; + } + free(str); + str = NULL; + + if (semanage_node_set_con(handle, node, con) < 0) + goto err; + + if (parse_assert_space(handle, info) < 0) + goto err; + + semanage_context_free(con); + return STATUS_SUCCESS; + + last: + parse_dispose_line(info); + return STATUS_NODATA; + + err: + ERR(handle, "could not parse node record"); + free(str); + semanage_context_free(con); + parse_dispose_line(info); + return STATUS_ERR; +} + +/* NODE RECORD: FILE extension: method table */ +record_file_table_t SEMANAGE_NODE_FILE_RTABLE = { + .parse = node_parse, + .print = node_print, +}; + +int node_file_dbase_init(semanage_handle_t * handle, + const char *fname, dbase_config_t * dconfig) +{ + + if (dbase_file_init(handle, + fname, + &SEMANAGE_NODE_RTABLE, + &SEMANAGE_NODE_FILE_RTABLE, &dconfig->dbase) < 0) + return STATUS_ERR; + + dconfig->dtable = &SEMANAGE_FILE_DTABLE; + return STATUS_SUCCESS; +} + +void node_file_dbase_release(dbase_config_t * dconfig) +{ + + dbase_file_release(dconfig->dbase); +} diff --git a/libsemanage/src/nodes_local.c b/libsemanage/src/nodes_local.c new file mode 100644 index 00000000..93af4501 --- /dev/null +++ b/libsemanage/src/nodes_local.c @@ -0,0 +1,72 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_node; +struct semanage_node_key; +typedef struct semanage_node_key record_key_t; +typedef struct semanage_node record_t; +#define DBASE_RECORD_DEFINED + +#include "node_internal.h" +#include "handle.h" +#include "database.h" + +int semanage_node_modify_local(semanage_handle_t * handle, + const semanage_node_key_t * key, + const semanage_node_t * data) +{ + + dbase_config_t *dconfig = semanage_node_dbase_local(handle); + return dbase_modify(handle, dconfig, key, data); +} + +int semanage_node_del_local(semanage_handle_t * handle, + const semanage_node_key_t * key) +{ + + dbase_config_t *dconfig = semanage_node_dbase_local(handle); + return dbase_del(handle, dconfig, key); +} + +int semanage_node_query_local(semanage_handle_t * handle, + const semanage_node_key_t * key, + semanage_node_t ** response) +{ + + dbase_config_t *dconfig = semanage_node_dbase_local(handle); + return dbase_query(handle, dconfig, key, response); +} + +int semanage_node_exists_local(semanage_handle_t * handle, + const semanage_node_key_t * key, int *response) +{ + + dbase_config_t *dconfig = semanage_node_dbase_local(handle); + return dbase_exists(handle, dconfig, key, response); +} + +int semanage_node_count_local(semanage_handle_t * handle, + unsigned int *response) +{ + + dbase_config_t *dconfig = semanage_node_dbase_local(handle); + return dbase_count(handle, dconfig, response); +} + +int semanage_node_iterate_local(semanage_handle_t * handle, + int (*handler) (const semanage_node_t * record, + void *varg), void *handler_arg) +{ + + dbase_config_t *dconfig = semanage_node_dbase_local(handle); + return dbase_iterate(handle, dconfig, handler, handler_arg); +} + +int semanage_node_list_local(semanage_handle_t * handle, + semanage_node_t *** records, unsigned int *count) +{ + + dbase_config_t *dconfig = semanage_node_dbase_local(handle); + return dbase_list(handle, dconfig, records, count); +} + +hidden_def(semanage_node_list_local) diff --git a/libsemanage/src/nodes_policy.c b/libsemanage/src/nodes_policy.c new file mode 100644 index 00000000..dc71cc8d --- /dev/null +++ b/libsemanage/src/nodes_policy.c @@ -0,0 +1,52 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_node; +struct semanage_node_key; +typedef struct semanage_node_key record_key_t; +typedef struct semanage_node record_t; +#define DBASE_RECORD_DEFINED + +#include "node_internal.h" +#include "handle.h" +#include "database.h" + +int semanage_node_query(semanage_handle_t * handle, + const semanage_node_key_t * key, + semanage_node_t ** response) +{ + + dbase_config_t *dconfig = semanage_node_dbase_policy(handle); + return dbase_query(handle, dconfig, key, response); +} + +int semanage_node_exists(semanage_handle_t * handle, + const semanage_node_key_t * key, int *response) +{ + + dbase_config_t *dconfig = semanage_node_dbase_policy(handle); + return dbase_exists(handle, dconfig, key, response); +} + +int semanage_node_count(semanage_handle_t * handle, unsigned int *response) +{ + + dbase_config_t *dconfig = semanage_node_dbase_policy(handle); + return dbase_count(handle, dconfig, response); +} + +int semanage_node_iterate(semanage_handle_t * handle, + int (*handler) (const semanage_node_t * record, + void *varg), void *handler_arg) +{ + + dbase_config_t *dconfig = semanage_node_dbase_policy(handle); + return dbase_iterate(handle, dconfig, handler, handler_arg); +} + +int semanage_node_list(semanage_handle_t * handle, + semanage_node_t *** records, unsigned int *count) +{ + + dbase_config_t *dconfig = semanage_node_dbase_policy(handle); + return dbase_list(handle, dconfig, records, count); +} diff --git a/libsemanage/src/nodes_policydb.c b/libsemanage/src/nodes_policydb.c new file mode 100644 index 00000000..e732e0ec --- /dev/null +++ b/libsemanage/src/nodes_policydb.c @@ -0,0 +1,67 @@ +/* + * Copyright (C) 2006 Tresys Technology, LLC + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_node; +struct semanage_node_key; +typedef struct semanage_node record_t; +typedef struct semanage_node_key record_key_t; +#define DBASE_RECORD_DEFINED + +struct dbase_policydb; +typedef struct dbase_policydb dbase_t; +#define DBASE_DEFINED + +#include <sepol/nodes.h> +#include <semanage/handle.h> +#include "node_internal.h" +#include "debug.h" +#include "database_policydb.h" + +/* NODE RECORD (SEPOL): POLICYDB extension : method table */ +record_policydb_table_t SEMANAGE_NODE_POLICYDB_RTABLE = { + .add = NULL, + .modify = (record_policydb_table_modify_t) sepol_node_modify, + .set = NULL, + .query = (record_policydb_table_query_t) sepol_node_query, + .count = (record_policydb_table_count_t) sepol_node_count, + .exists = (record_policydb_table_exists_t) sepol_node_exists, + .iterate = (record_policydb_table_iterate_t) sepol_node_iterate, +}; + +int node_policydb_dbase_init(semanage_handle_t * handle, + dbase_config_t * dconfig) +{ + + if (dbase_policydb_init(handle, + "policy.kern", + &SEMANAGE_NODE_RTABLE, + &SEMANAGE_NODE_POLICYDB_RTABLE, + &dconfig->dbase) < 0) + return STATUS_ERR; + + dconfig->dtable = &SEMANAGE_POLICYDB_DTABLE; + + return STATUS_SUCCESS; +} + +void node_policydb_dbase_release(dbase_config_t * dconfig) +{ + + dbase_policydb_release(dconfig->dbase); +} diff --git a/libsemanage/src/parse_utils.c b/libsemanage/src/parse_utils.c new file mode 100644 index 00000000..4fb54fc3 --- /dev/null +++ b/libsemanage/src/parse_utils.c @@ -0,0 +1,307 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +#include <stdio.h> +#include <stdio_ext.h> +#include <errno.h> +#include <string.h> +#include <stdlib.h> +#include <ctype.h> +#include <semanage/handle.h> +#include "parse_utils.h" +#include "debug.h" + +int parse_init(semanage_handle_t * handle, + const char *filename, void *parse_arg, parse_info_t ** info) +{ + + parse_info_t *tmp_info = (parse_info_t *) malloc(sizeof(parse_info_t)); + + if (!tmp_info) { + ERR(handle, + "out of memory, could not allocate parse structure"); + return STATUS_ERR; + } + + tmp_info->filename = filename; + tmp_info->file_stream = NULL; + tmp_info->working_copy = NULL; + tmp_info->orig_line = NULL; + tmp_info->ptr = NULL; + tmp_info->lineno = 0; + tmp_info->parse_arg = parse_arg; + + *info = tmp_info; + return STATUS_SUCCESS; +} + +void parse_release(parse_info_t * info) +{ + + parse_close(info); + parse_dispose_line(info); + free(info); +} + +int parse_open(semanage_handle_t * handle, parse_info_t * info) +{ + + info->file_stream = fopen(info->filename, "r"); + if (!info->file_stream && (errno != ENOENT)) { + ERR(handle, "could not open file %s: %s", + info->filename, strerror(errno)); + return STATUS_ERR; + } + if (info->file_stream) + __fsetlocking(info->file_stream, FSETLOCKING_BYCALLER); + + return STATUS_SUCCESS; +} + +void parse_close(parse_info_t * info) +{ + + if (info->file_stream) + fclose(info->file_stream); + info->file_stream = NULL; +} + +void parse_dispose_line(parse_info_t * info) +{ + if (info->orig_line) { + free(info->orig_line); + info->orig_line = NULL; + } + + if (info->working_copy) { + free(info->working_copy); + info->working_copy = NULL; + } + + info->ptr = NULL; +} + +int parse_skip_space(semanage_handle_t * handle, parse_info_t * info) +{ + + size_t buf_len = 0; + ssize_t len; + int lineno = info->lineno; + char *buffer = NULL; + char *ptr; + + if (info->ptr) { + while (*(info->ptr) && isspace(*(info->ptr))) + info->ptr++; + + if (*(info->ptr)) + return STATUS_SUCCESS; + } + + parse_dispose_line(info); + + while (info->file_stream && + ((len = getline(&buffer, &buf_len, info->file_stream)) > 0)) { + + lineno++; + + /* Eat newline, preceding whitespace */ + if (buffer[len - 1] == '\n') + buffer[len - 1] = '\0'; + + ptr = buffer; + while (*ptr && isspace(*ptr)) + ptr++; + + /* Skip comments and blank lines */ + if ((*ptr) && *ptr != '#') { + char *tmp = strdup(buffer); + if (!tmp) + goto omem; + + info->lineno = lineno; + info->working_copy = buffer; + info->orig_line = tmp; + info->ptr = ptr; + + return STATUS_SUCCESS; + } + } + + free(buffer); + buffer = NULL; + + return STATUS_SUCCESS; + + omem: + ERR(handle, "out of memory, could not allocate buffer"); + free(buffer); + return STATUS_ERR; +} + +int parse_assert_noeof(semanage_handle_t * handle, parse_info_t * info) +{ + + if (!info->ptr) { + ERR(handle, "unexpected end of file (%s: %u)", + info->filename, info->lineno); + return STATUS_ERR; + } + + return STATUS_SUCCESS; +} + +int parse_assert_space(semanage_handle_t * handle, parse_info_t * info) +{ + + if (parse_assert_noeof(handle, info) < 0) + return STATUS_ERR; + + if (*(info->ptr) && !isspace(*(info->ptr))) { + ERR(handle, "missing whitespace (%s: %u):\n%s", + info->filename, info->lineno, info->orig_line); + return STATUS_ERR; + } + + if (parse_skip_space(handle, info) < 0) + return STATUS_ERR; + + return STATUS_SUCCESS; +} + +int parse_assert_ch(semanage_handle_t * handle, + parse_info_t * info, const char ch) +{ + + if (parse_assert_noeof(handle, info) < 0) + return STATUS_ERR; + + if (*(info->ptr) != ch) { + ERR(handle, "expected character \'%c\', but found \'%c\' " + "(%s: %u):\n%s", ch, *(info->ptr), info->filename, + info->lineno, info->orig_line); + return STATUS_ERR; + } + + info->ptr++; + + return STATUS_SUCCESS; +} + +int parse_assert_str(semanage_handle_t * handle, + parse_info_t * info, const char *assert_str) +{ + + size_t len = strlen(assert_str); + + if (parse_assert_noeof(handle, info) < 0) + return STATUS_ERR; + + if (strncmp(info->ptr, assert_str, len)) { + ERR(handle, "experted string \"%s\", but found \"%s\" " + "(%s: %u):\n%s", assert_str, info->ptr, + info->filename, info->lineno, info->orig_line); + + return STATUS_ERR; + } + + info->ptr += len; + return STATUS_SUCCESS; +} + +int parse_optional_ch(parse_info_t * info, const char ch) +{ + + if (!info->ptr) + return STATUS_NODATA; + if (*(info->ptr) != ch) + return STATUS_NODATA; + + info->ptr++; + return STATUS_SUCCESS; +} + +int parse_optional_str(parse_info_t * info, const char *str) +{ + size_t len = strlen(str); + + if (strncmp(info->ptr, str, len)) + return STATUS_NODATA; + + info->ptr += len; + return STATUS_SUCCESS; +} + +int parse_fetch_int(semanage_handle_t * handle, + parse_info_t * info, int *num, char delim) +{ + + char *str = NULL; + char *test = NULL; + int value = 0; + + if (parse_fetch_string(handle, info, &str, delim) < 0) + goto err; + + if (!isdigit((int)*str)) { + ERR(handle, "expected a numeric value: (%s: %u)\n%s", + info->filename, info->lineno, info->orig_line); + goto err; + } + + value = strtol(str, &test, 10); + if (*test != '\0') { + ERR(handle, "could not parse numeric value \"%s\": " + "(%s: %u)\n%s", str, info->filename, + info->lineno, info->orig_line); + goto err; + } + + *num = value; + free(str); + return STATUS_SUCCESS; + + err: + ERR(handle, "could not fetch numeric value"); + free(str); + return STATUS_ERR; +} + +int parse_fetch_string(semanage_handle_t * handle, + parse_info_t * info, char **str, char delim) +{ + + char *start = info->ptr; + int len = 0; + char *tmp_str = NULL; + + if (parse_assert_noeof(handle, info) < 0) + goto err; + + while (*(info->ptr) && !isspace(*(info->ptr)) && + (*(info->ptr) != delim)) { + info->ptr++; + len++; + } + + if (len == 0) { + ERR(handle, "expected non-empty string, but did not " + "find one (%s: %u):\n%s", info->filename, info->lineno, + info->orig_line); + goto err; + } + + tmp_str = (char *)malloc(len + 1); + if (!tmp_str) { + ERR(handle, "out of memory"); + goto err; + } + + strncpy(tmp_str, start, len); + *(tmp_str + len) = '\0'; + *str = tmp_str; + return STATUS_SUCCESS; + + err: + ERR(handle, "could not fetch string value"); + return STATUS_ERR; +} diff --git a/libsemanage/src/parse_utils.h b/libsemanage/src/parse_utils.h new file mode 100644 index 00000000..0f334860 --- /dev/null +++ b/libsemanage/src/parse_utils.h @@ -0,0 +1,82 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +#ifndef _SEMANAGE_PARSE_UTILS_INTERNAL_H_ +#define _SEMANAGE_PARSE_UTILS_INTERNAL_H_ + +#include <stdio.h> +#include <semanage/handle.h> + +typedef struct parse_info { + unsigned int lineno; /* Current line number */ + char *orig_line; /* Original copy of the line being parsed */ + char *working_copy; /* Working copy of the line being parsed */ + char *ptr; /* Current parsing location */ + + const char *filename; /* Input stream file name */ + FILE *file_stream; /* Input stream handle */ + + void *parse_arg; /* Caller supplied argument */ +} parse_info_t; + +/* Initialize structure */ +extern int parse_init(semanage_handle_t * handle, + const char *filename, + void *parse_arg, parse_info_t ** info); + +/* Release structure */ +extern void parse_release(parse_info_t * info); + +/* Open file */ +extern int parse_open(semanage_handle_t * handle, parse_info_t * info); + +/* Close file */ +extern void parse_close(parse_info_t * info); + +/* Release resources for current line */ +extern void parse_dispose_line(parse_info_t * info); + +/* Skip all whitespace and comments */ +extern int parse_skip_space(semanage_handle_t * handle, parse_info_t * info); + +/* Throw an error if we're at the EOF */ +extern int parse_assert_noeof(semanage_handle_t * handle, parse_info_t * info); + +/* Throw an error if no whitespace follows, + * otherwise eat the whitespace */ +extern int parse_assert_space(semanage_handle_t * handle, parse_info_t * info); + +/* Throw an error if the specified character + * does not follow, otherwise eat that character */ +extern int parse_assert_ch(semanage_handle_t * handle, + parse_info_t * info, const char ch); + +/* Throw an error if the specified string + * does not follow is not found, otherwise + * eat the string */ +extern int parse_assert_str(semanage_handle_t * handle, + parse_info_t * info, const char *assert_str); + +/* Eat the optional character, if found, + * or return STATUS_NODATA */ +extern int parse_optional_ch(parse_info_t * info, const char ch); + +/* Eat the optional string, if found, + * or return STATUS_NODATA */ +extern int parse_optional_str(parse_info_t * info, const char *str); + +/* Extract the next integer, and move + * the read pointer past it. Stop if + * the optional character delim is encountered, + * or if whitespace/eof is encountered */ +int parse_fetch_int(semanage_handle_t * hgandle, + parse_info_t * info, int *num, char delim); + +/* Extract the next string (delimited by + * whitespace), and move the read pointer past it. + * Stop of the optional character delim is encountered, + * or if whitespace/eof is encountered. Fail if the + * string is of length 0. */ +extern int parse_fetch_string(semanage_handle_t * handle, + parse_info_t * info, char **str_ptr, char delim); + +#endif diff --git a/libsemanage/src/policy.h b/libsemanage/src/policy.h new file mode 100644 index 00000000..79845519 --- /dev/null +++ b/libsemanage/src/policy.h @@ -0,0 +1,71 @@ +/* Author: Joshua Brindle <jbrindle@tresys.com> + * Jason Tang <jtang@tresys.com> + * + * Copyright (C) 2005 Tresys Technology, LLC + * Copyright (C) 2005 Red Hat Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#ifndef _SEMANAGE_POLICY_INTERNAL_H_ +#define _SEMANAGE_POLICY_INTERNAL_H_ + +#include "modules.h" + +/* Circular dependency */ +struct semanage_handle; + +/* Backend dependent portion */ +struct semanage_policy_table { + + /* Returns the current policy serial/commit number + * A negative number is returned in case of failre */ + int (*get_serial) (struct semanage_handle *); + + /* Destroy a connection */ + void (*destroy) (struct semanage_handle *); + + /* Disconnect from policy */ + int (*disconnect) (struct semanage_handle *); + + /* Begin a policy transaction */ + int (*begin_trans) (struct semanage_handle *); + + /* Commit a policy transaction */ + int (*commit) (struct semanage_handle *); + + /* Install a policy module */ + int (*install) (struct semanage_handle *, char *, size_t); + + /* Upgrade a policy module */ + int (*upgrade) (struct semanage_handle *, char *, size_t); + + /* Remove a policy module */ + int (*remove) (struct semanage_handle *, char *); + + /* List policy modules */ + int (*list) (struct semanage_handle *, semanage_module_info_t **, + int *); + + /* Install base policy */ + int (*install_base) (struct semanage_handle *, char *, size_t); +}; + +/* Should be backend independent */ +extern int semanage_base_merge_components(struct semanage_handle *handle); + +extern int semanage_commit_components(struct semanage_handle *handle); + +#endif diff --git a/libsemanage/src/policy_components.c b/libsemanage/src/policy_components.c new file mode 100644 index 00000000..d31bd489 --- /dev/null +++ b/libsemanage/src/policy_components.c @@ -0,0 +1,239 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +#include <stdlib.h> +#include "policy.h" +#include "handle.h" +#include "database.h" +#include "modules.h" +#include "debug.h" + +/* Powers of two only */ +#define MODE_SET 1 +#define MODE_MODIFY 2 +#define MODE_SORT 4 + +static int clear_obsolete(semanage_handle_t * handle, + record_t ** records, + unsigned int nrecords, + dbase_config_t * src, dbase_config_t * dst) +{ + + record_key_t *key = NULL; + unsigned int i; + + dbase_table_t *src_dtable = src->dtable; + dbase_table_t *dst_dtable = dst->dtable; + record_table_t *rtable = src_dtable->get_rtable(src->dbase); + + for (i = 0; i < nrecords; i++) { + int exists; + + if (rtable->key_extract(handle, records[i], &key) < 0) + goto err; + + if (dst_dtable->exists(handle, dst->dbase, key, &exists) < 0) + goto err; + + if (!exists) { + if (src_dtable->del(handle, src->dbase, key) < 0) + goto err; + + rtable->free(records[i]); + records[i] = NULL; + + /* FIXME: notice to user */ + /* INFO(handle, "boolean %s is obsolete, unsetting configured value..."); */ + } + + rtable->key_free(key); + } + + return STATUS_SUCCESS; + + err: + /* FIXME: handle error */ + rtable->key_free(key); + return STATUS_ERR; +} + +static int load_records(semanage_handle_t * handle, + dbase_config_t * dst, + record_t ** records, unsigned int nrecords, int mode) +{ + + unsigned int i; + record_key_t *rkey = NULL; + + dbase_t *dbase = dst->dbase; + dbase_table_t *dtable = dst->dtable; + record_table_t *rtable = dtable->get_rtable(dbase); + + for (i = 0; i < nrecords; i++) { + + /* Possibly obsoleted */ + if (!records[i]) + continue; + + if (rtable->key_extract(handle, records[i], &rkey) < 0) + goto err; + + if (mode & MODE_SET && + dtable->set(handle, dbase, rkey, records[i]) < 0) + goto err; + + else if (mode & MODE_MODIFY && + dtable->modify(handle, dbase, rkey, records[i]) < 0) + goto err; + + rtable->key_free(rkey); + } + + return STATUS_SUCCESS; + + err: + /* FIXME: handle error */ + rtable->key_free(rkey); + return STATUS_ERR; +} + +typedef struct load_table { + dbase_config_t *src; + dbase_config_t *dst; + int mode; +} load_table_t; + +/* This function must be called AFTER all modules are loaded. + * Modules could be represented as a database, in which case + * they should be loaded at the beginning of this function */ + +int semanage_base_merge_components(semanage_handle_t * handle) +{ + + unsigned int i, j; + int rc = STATUS_SUCCESS; + + /* Order is important here - change things carefully. + * System components first, local next. Verify runs with + * mutual dependencies are ran after everything is merged */ + load_table_t components[] = { + + {semanage_user_base_dbase_local(handle), + semanage_user_base_dbase_policy(handle), MODE_MODIFY}, + + {semanage_user_extra_dbase_local(handle), + semanage_user_extra_dbase_policy(handle), MODE_MODIFY}, + + {semanage_port_dbase_local(handle), + semanage_port_dbase_policy(handle), MODE_MODIFY}, + + {semanage_iface_dbase_local(handle), + semanage_iface_dbase_policy(handle), MODE_MODIFY}, + + {semanage_bool_dbase_local(handle), + semanage_bool_dbase_policy(handle), MODE_SET}, + + {semanage_seuser_dbase_local(handle), + semanage_seuser_dbase_policy(handle), MODE_MODIFY}, + + {semanage_node_dbase_local(handle), + semanage_node_dbase_policy(handle), MODE_MODIFY | MODE_SORT}, + }; + const unsigned int CCOUNT = sizeof(components) / sizeof(components[0]); + + /* Merge components into policy (and validate) */ + for (i = 0; i < CCOUNT; i++) { + + record_t **records = NULL; + unsigned int nrecords = 0; + + dbase_config_t *src = components[i].src; + dbase_config_t *dst = components[i].dst; + int mode = components[i].mode; + record_table_t *rtable = src->dtable->get_rtable(src->dbase); + + /* Must invoke cache function first */ + if (src->dtable->cache(handle, src->dbase) < 0) + goto err; + if (dst->dtable->cache(handle, dst->dbase) < 0) + goto err; + + /* List all records */ + if (src->dtable->list(handle, src->dbase, + &records, &nrecords) < 0) + goto err; + + /* Sort records on MODE_SORT */ + if (mode & MODE_SORT) { + qsort(records, nrecords, sizeof(record_t *), + (int (*)(const void *, const void *))rtable-> + compare2_qsort); + } + + /* Clear obsolete ones for MODE_SET */ + if (mode & MODE_SET && + clear_obsolete(handle, records, nrecords, src, dst) < 0) { + rc = STATUS_ERR; + goto dbase_exit; + } + + /* Load records */ + if (load_records(handle, dst, records, nrecords, mode) < 0) { + + rc = STATUS_ERR; + goto dbase_exit; + } + + /* Cleanup */ + dbase_exit: + for (j = 0; j < nrecords; j++) + rtable->free(records[j]); + free(records); + + /* Abort on error */ + if (rc < 0) + goto err; + } + + return rc; + + err: + ERR(handle, "could not merge local modifications into policy"); + return STATUS_ERR; +} + +int semanage_commit_components(semanage_handle_t * handle) +{ + + int i; + dbase_config_t *components[] = { + semanage_iface_dbase_local(handle), + semanage_bool_dbase_local(handle), + semanage_user_base_dbase_local(handle), + semanage_user_extra_dbase_local(handle), + semanage_user_extra_dbase_policy(handle), + semanage_port_dbase_local(handle), + semanage_fcontext_dbase_local(handle), + semanage_fcontext_dbase_policy(handle), + semanage_seuser_dbase_local(handle), + semanage_seuser_dbase_policy(handle), + semanage_bool_dbase_active(handle), + semanage_node_dbase_local(handle), + }; + const int CCOUNT = sizeof(components) / sizeof(components[0]); + + for (i = 0; i < CCOUNT; i++) { + /* Flush to disk */ + if (components[i]->dtable->flush(handle, components[i]->dbase) < + 0) + goto err; + } + + return STATUS_SUCCESS; + + err: + ERR(handle, "could not commit local/active modifications"); + + for (i = 0; i < CCOUNT; i++) + components[i]->dtable->drop_cache(components[i]->dbase); + return STATUS_ERR; +} diff --git a/libsemanage/src/port_internal.h b/libsemanage/src/port_internal.h new file mode 100644 index 00000000..b3d36cec --- /dev/null +++ b/libsemanage/src/port_internal.h @@ -0,0 +1,49 @@ +#ifndef _SEMANAGE_PORT_INTERNAL_H_ +#define _SEMANAGE_PORT_INTERNAL_H_ + +#include <semanage/port_record.h> +#include <semanage/ports_local.h> +#include <semanage/ports_policy.h> +#include "database.h" +#include "handle.h" +#include "dso.h" + +hidden_proto(semanage_port_create) + hidden_proto(semanage_port_compare) + hidden_proto(semanage_port_compare2) + hidden_proto(semanage_port_clone) + hidden_proto(semanage_port_free) + hidden_proto(semanage_port_key_extract) + hidden_proto(semanage_port_key_free) + hidden_proto(semanage_port_get_high) + hidden_proto(semanage_port_get_low) + hidden_proto(semanage_port_set_port) + hidden_proto(semanage_port_set_range) + hidden_proto(semanage_port_get_proto) + hidden_proto(semanage_port_set_proto) + hidden_proto(semanage_port_get_proto_str) + hidden_proto(semanage_port_get_con) + hidden_proto(semanage_port_set_con) + hidden_proto(semanage_port_list_local) + +/* PORT RECORD: method table */ +extern record_table_t SEMANAGE_PORT_RTABLE; + +extern int port_file_dbase_init(semanage_handle_t * handle, + const char *fname, dbase_config_t * dconfig); + +extern void port_file_dbase_release(dbase_config_t * dconfig); + +extern int port_policydb_dbase_init(semanage_handle_t * handle, + dbase_config_t * dconfig); + +extern void port_policydb_dbase_release(dbase_config_t * dconfig); + +extern int hidden semanage_port_validate_local(semanage_handle_t * handle); + +/* ==== Internal (to ports) API === */ + +hidden int semanage_port_compare2_qsort(const semanage_port_t ** port, + const semanage_port_t ** port2); + +#endif diff --git a/libsemanage/src/port_record.c b/libsemanage/src/port_record.c new file mode 100644 index 00000000..b878ca78 --- /dev/null +++ b/libsemanage/src/port_record.c @@ -0,0 +1,192 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +/* Object: semanage_port_t (Network Port) + * Object: semanage_port_key_t (Network Port Key) + * Implements: record_t (Database Record) + * Implements: record_key_t (Database Record Key) + */ + +#include <sepol/context_record.h> +#include <sepol/port_record.h> + +typedef sepol_context_t semanage_context_t; +typedef sepol_port_t semanage_port_t; +typedef sepol_port_key_t semanage_port_key_t; +#define _SEMANAGE_PORT_DEFINED_ +#define _SEMANAGE_CONTEXT_DEFINED_ + +typedef semanage_port_t record_t; +typedef semanage_port_key_t record_key_t; +#define DBASE_RECORD_DEFINED + +#include "port_internal.h" +#include "handle.h" +#include "database.h" + +/* Key */ +int semanage_port_compare(const semanage_port_t * port, + const semanage_port_key_t * key) +{ + + return sepol_port_compare(port, key); +} + +hidden_def(semanage_port_compare) + +int semanage_port_compare2(const semanage_port_t * port, + const semanage_port_t * port2) +{ + + return sepol_port_compare2(port, port2); +} + +hidden_def(semanage_port_compare2) + +hidden int semanage_port_compare2_qsort(const semanage_port_t ** port, + const semanage_port_t ** port2) +{ + + return sepol_port_compare2(*port, *port2); +} + +int semanage_port_key_create(semanage_handle_t * handle, + int low, int high, int proto, + semanage_port_key_t ** key_ptr) +{ + + return sepol_port_key_create(handle->sepolh, low, high, proto, key_ptr); +} + +int semanage_port_key_extract(semanage_handle_t * handle, + const semanage_port_t * port, + semanage_port_key_t ** key_ptr) +{ + + return sepol_port_key_extract(handle->sepolh, port, key_ptr); +} + +hidden_def(semanage_port_key_extract) + +void semanage_port_key_free(semanage_port_key_t * key) +{ + + sepol_port_key_free(key); +} + +hidden_def(semanage_port_key_free) + +/* Protocol */ +int semanage_port_get_proto(const semanage_port_t * port) +{ + + return sepol_port_get_proto(port); +} + +hidden_def(semanage_port_get_proto) + +void semanage_port_set_proto(semanage_port_t * port, int proto) +{ + + sepol_port_set_proto(port, proto); +} + +hidden_def(semanage_port_set_proto) + +const char *semanage_port_get_proto_str(int proto) +{ + + return sepol_port_get_proto_str(proto); +} + +hidden_def(semanage_port_get_proto_str) + +/* Port */ +int semanage_port_get_low(const semanage_port_t * port) +{ + + return sepol_port_get_low(port); +} + +hidden_def(semanage_port_get_low) + +int semanage_port_get_high(const semanage_port_t * port) +{ + + return sepol_port_get_high(port); +} + +hidden_def(semanage_port_get_high) + +void semanage_port_set_port(semanage_port_t * port, int port_num) +{ + + sepol_port_set_port(port, port_num); +} + +hidden_def(semanage_port_set_port) + +void semanage_port_set_range(semanage_port_t * port, int low, int high) +{ + + sepol_port_set_range(port, low, high); +} + +hidden_def(semanage_port_set_range) + +/* Context */ +semanage_context_t *semanage_port_get_con(const semanage_port_t * port) +{ + + return sepol_port_get_con(port); +} + +hidden_def(semanage_port_get_con) + +int semanage_port_set_con(semanage_handle_t * handle, + semanage_port_t * port, semanage_context_t * con) +{ + + return sepol_port_set_con(handle->sepolh, port, con); +} + +hidden_def(semanage_port_set_con) + +/* Create/Clone/Destroy */ +int semanage_port_create(semanage_handle_t * handle, + semanage_port_t ** port_ptr) +{ + + return sepol_port_create(handle->sepolh, port_ptr); +} + +hidden_def(semanage_port_create) + +int semanage_port_clone(semanage_handle_t * handle, + const semanage_port_t * port, + semanage_port_t ** port_ptr) +{ + + return sepol_port_clone(handle->sepolh, port, port_ptr); +} + +hidden_def(semanage_port_clone) + +void semanage_port_free(semanage_port_t * port) +{ + + sepol_port_free(port); +} + +hidden_def(semanage_port_free) + +/* Port base functions */ +record_table_t SEMANAGE_PORT_RTABLE = { + .create = semanage_port_create, + .key_extract = semanage_port_key_extract, + .key_free = semanage_port_key_free, + .clone = semanage_port_clone, + .compare = semanage_port_compare, + .compare2 = semanage_port_compare2, + .compare2_qsort = semanage_port_compare2_qsort, + .free = semanage_port_free, +}; diff --git a/libsemanage/src/ports_file.c b/libsemanage/src/ports_file.c new file mode 100644 index 00000000..41d2f607 --- /dev/null +++ b/libsemanage/src/ports_file.c @@ -0,0 +1,184 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_port; +struct semanage_port_key; +typedef struct semanage_port record_t; +typedef struct semanage_port_key record_key_t; +#define DBASE_RECORD_DEFINED + +struct dbase_file; +typedef struct dbase_file dbase_t; +#define DBASE_DEFINED + +#include <stdlib.h> +#include <stdio.h> +#include <strings.h> +#include <semanage/handle.h> +#include "port_internal.h" +#include "context_internal.h" +#include "database_file.h" +#include "parse_utils.h" +#include "debug.h" + +static int port_print(semanage_handle_t * handle, + semanage_port_t * port, FILE * str) +{ + + char *con_str = NULL; + + int low = semanage_port_get_low(port); + int high = semanage_port_get_high(port); + int proto = semanage_port_get_proto(port); + const char *proto_str = semanage_port_get_proto_str(proto); + semanage_context_t *con = semanage_port_get_con(port); + + if (fprintf(str, "portcon %s ", proto_str) < 0) + goto err; + + if (low == high) { + if (fprintf(str, "%d ", low) < 0) + goto err; + } else { + if (fprintf(str, "%d - %d ", low, high) < 0) + goto err; + } + + if (semanage_context_to_string(handle, con, &con_str) < 0) + goto err; + if (fprintf(str, "%s\n", con_str) < 0) + goto err; + + free(con_str); + return STATUS_SUCCESS; + + err: + ERR(handle, "could not print port range %u - %u (%s) to stream", + low, high, proto_str); + free(con_str); + return STATUS_ERR; +} + +static int port_parse(semanage_handle_t * handle, + parse_info_t * info, semanage_port_t * port) +{ + + int low, high; + char *str = NULL; + semanage_context_t *con = NULL; + + if (parse_skip_space(handle, info) < 0) + goto err; + if (!info->ptr) + goto last; + + /* Header */ + if (parse_assert_str(handle, info, "portcon") < 0) + goto err; + if (parse_assert_space(handle, info) < 0) + goto err; + + /* Protocol */ + if (parse_fetch_string(handle, info, &str, ' ') < 0) + goto err; + if (!strcasecmp(str, "tcp")) + semanage_port_set_proto(port, SEMANAGE_PROTO_TCP); + else if (!strcasecmp(str, "udp")) + semanage_port_set_proto(port, SEMANAGE_PROTO_UDP); + else { + ERR(handle, "invalid protocol \"%s\" (%s: %u):\n%s", str, + info->filename, info->lineno, info->orig_line); + goto err; + } + free(str); + str = NULL; + + /* Range/Port */ + if (parse_assert_space(handle, info) < 0) + goto err; + if (parse_fetch_int(handle, info, &low, '-') < 0) + goto err; + + /* If range (-) does not follow immediately, require a space + * In other words, the space here is optional, but only + * in the ranged case, not in the single port case, + * so do a custom test */ + if (*(info->ptr) && *(info->ptr) != '-') { + if (parse_assert_space(handle, info) < 0) + goto err; + } + + if (parse_optional_ch(info, '-') != STATUS_NODATA) { + + if (parse_skip_space(handle, info) < 0) + goto err; + if (parse_fetch_int(handle, info, &high, ' ') < 0) + goto err; + if (parse_assert_space(handle, info) < 0) + goto err; + semanage_port_set_range(port, low, high); + } else + semanage_port_set_port(port, low); + + /* Port context */ + if (parse_fetch_string(handle, info, &str, ' ') < 0) + goto err; + if (semanage_context_from_string(handle, str, &con) < 0) { + ERR(handle, "invalid security context \"%s\" (%s: %u)\n%s", + str, info->filename, info->lineno, info->orig_line); + goto err; + } + if (con == NULL) { + ERR(handle, "<<none>> context is not valid " + "for ports (%s: %u):\n%s", info->filename, + info->lineno, info->orig_line); + goto err; + } + free(str); + str = NULL; + + if (semanage_port_set_con(handle, port, con) < 0) + goto err; + + if (parse_assert_space(handle, info) < 0) + goto err; + + semanage_context_free(con); + return STATUS_SUCCESS; + + last: + parse_dispose_line(info); + return STATUS_NODATA; + + err: + ERR(handle, "could not parse port record"); + free(str); + semanage_context_free(con); + parse_dispose_line(info); + return STATUS_ERR; +} + +/* PORT RECORD: FILE extension: method table */ +record_file_table_t SEMANAGE_PORT_FILE_RTABLE = { + .parse = port_parse, + .print = port_print, +}; + +int port_file_dbase_init(semanage_handle_t * handle, + const char *fname, dbase_config_t * dconfig) +{ + + if (dbase_file_init(handle, + fname, + &SEMANAGE_PORT_RTABLE, + &SEMANAGE_PORT_FILE_RTABLE, &dconfig->dbase) < 0) + return STATUS_ERR; + + dconfig->dtable = &SEMANAGE_FILE_DTABLE; + return STATUS_SUCCESS; +} + +void port_file_dbase_release(dbase_config_t * dconfig) +{ + + dbase_file_release(dconfig->dbase); +} diff --git a/libsemanage/src/ports_local.c b/libsemanage/src/ports_local.c new file mode 100644 index 00000000..ffd5a838 --- /dev/null +++ b/libsemanage/src/ports_local.c @@ -0,0 +1,144 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_port; +struct semanage_port_key; +typedef struct semanage_port_key record_key_t; +typedef struct semanage_port record_t; +#define DBASE_RECORD_DEFINED + +#include <stdlib.h> +#include "port_internal.h" +#include "debug.h" +#include "handle.h" +#include "database.h" + +int semanage_port_modify_local(semanage_handle_t * handle, + const semanage_port_key_t * key, + const semanage_port_t * data) +{ + + dbase_config_t *dconfig = semanage_port_dbase_local(handle); + return dbase_modify(handle, dconfig, key, data); +} + +int semanage_port_del_local(semanage_handle_t * handle, + const semanage_port_key_t * key) +{ + + dbase_config_t *dconfig = semanage_port_dbase_local(handle); + return dbase_del(handle, dconfig, key); +} + +int semanage_port_query_local(semanage_handle_t * handle, + const semanage_port_key_t * key, + semanage_port_t ** response) +{ + + dbase_config_t *dconfig = semanage_port_dbase_local(handle); + return dbase_query(handle, dconfig, key, response); +} + +int semanage_port_exists_local(semanage_handle_t * handle, + const semanage_port_key_t * key, int *response) +{ + + dbase_config_t *dconfig = semanage_port_dbase_local(handle); + return dbase_exists(handle, dconfig, key, response); +} + +int semanage_port_count_local(semanage_handle_t * handle, + unsigned int *response) +{ + + dbase_config_t *dconfig = semanage_port_dbase_local(handle); + return dbase_count(handle, dconfig, response); +} + +int semanage_port_iterate_local(semanage_handle_t * handle, + int (*handler) (const semanage_port_t * record, + void *varg), void *handler_arg) +{ + + dbase_config_t *dconfig = semanage_port_dbase_local(handle); + return dbase_iterate(handle, dconfig, handler, handler_arg); +} + +int semanage_port_list_local(semanage_handle_t * handle, + semanage_port_t *** records, unsigned int *count) +{ + + dbase_config_t *dconfig = semanage_port_dbase_local(handle); + return dbase_list(handle, dconfig, records, count); +} + +hidden_def(semanage_port_list_local) + +int hidden semanage_port_validate_local(semanage_handle_t * handle) +{ + + semanage_port_t **ports = NULL; + unsigned int nports = 0; + unsigned int i = 0, j = 0; + + /* List and sort the ports */ + if (semanage_port_list_local(handle, &ports, &nports) < 0) + goto err; + qsort(ports, nports, sizeof(semanage_port_t *), + (int (*)(const void *, const void *)) + &semanage_port_compare2_qsort); + + /* Test each port for overlap */ + while (i < nports) { + + int proto = semanage_port_get_proto(ports[i]); + int low = semanage_port_get_low(ports[i]); + int high = semanage_port_get_high(ports[i]); + const char *proto_str = semanage_port_get_proto_str(proto); + + const char *proto_str2; + int proto2, low2, high2; + + /* Find the first port with matching + protocol to compare against */ + do { + if (j == nports - 1) + goto next; + j++; + proto2 = semanage_port_get_proto(ports[j]); + low2 = semanage_port_get_low(ports[j]); + high2 = semanage_port_get_high(ports[j]); + proto_str2 = semanage_port_get_proto_str(proto2); + + } while (proto != proto2); + + /* Overlap detected */ + if (low2 <= high) { + ERR(handle, "port overlap between ranges " + "%u - %u (%s) <--> %u - %u (%s).", + low, high, proto_str, low2, high2, proto_str2); + goto invalid; + } + + /* If closest port of matching protocol doesn't overlap with + * test port, neither do the rest of them, because that's + * how the sort function works on ports - lower bound + * ports come first */ + next: + i++; + j = i; + } + + for (i = 0; i < nports; i++) + semanage_port_free(ports[i]); + free(ports); + return STATUS_SUCCESS; + + err: + ERR(handle, "could not complete ports validity check"); + + invalid: + for (i = 0; i < nports; i++) + semanage_port_free(ports[i]); + free(ports); + return STATUS_ERR; +} diff --git a/libsemanage/src/ports_policy.c b/libsemanage/src/ports_policy.c new file mode 100644 index 00000000..1bcd3fa5 --- /dev/null +++ b/libsemanage/src/ports_policy.c @@ -0,0 +1,52 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_port; +struct semanage_port_key; +typedef struct semanage_port_key record_key_t; +typedef struct semanage_port record_t; +#define DBASE_RECORD_DEFINED + +#include "port_internal.h" +#include "handle.h" +#include "database.h" + +int semanage_port_query(semanage_handle_t * handle, + const semanage_port_key_t * key, + semanage_port_t ** response) +{ + + dbase_config_t *dconfig = semanage_port_dbase_policy(handle); + return dbase_query(handle, dconfig, key, response); +} + +int semanage_port_exists(semanage_handle_t * handle, + const semanage_port_key_t * key, int *response) +{ + + dbase_config_t *dconfig = semanage_port_dbase_policy(handle); + return dbase_exists(handle, dconfig, key, response); +} + +int semanage_port_count(semanage_handle_t * handle, unsigned int *response) +{ + + dbase_config_t *dconfig = semanage_port_dbase_policy(handle); + return dbase_count(handle, dconfig, response); +} + +int semanage_port_iterate(semanage_handle_t * handle, + int (*handler) (const semanage_port_t * record, + void *varg), void *handler_arg) +{ + + dbase_config_t *dconfig = semanage_port_dbase_policy(handle); + return dbase_iterate(handle, dconfig, handler, handler_arg); +} + +int semanage_port_list(semanage_handle_t * handle, + semanage_port_t *** records, unsigned int *count) +{ + + dbase_config_t *dconfig = semanage_port_dbase_policy(handle); + return dbase_list(handle, dconfig, records, count); +} diff --git a/libsemanage/src/ports_policydb.c b/libsemanage/src/ports_policydb.c new file mode 100644 index 00000000..429ed720 --- /dev/null +++ b/libsemanage/src/ports_policydb.c @@ -0,0 +1,67 @@ +/* + * Copyright (C) 2006 Tresys Technology, LLC + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_port; +struct semanage_port_key; +typedef struct semanage_port record_t; +typedef struct semanage_port_key record_key_t; +#define DBASE_RECORD_DEFINED + +struct dbase_policydb; +typedef struct dbase_policydb dbase_t; +#define DBASE_DEFINED + +#include <sepol/ports.h> +#include <semanage/handle.h> +#include "port_internal.h" +#include "debug.h" +#include "database_policydb.h" + +/* PORT RECORD (SEPOL): POLICYDB extension : method table */ +record_policydb_table_t SEMANAGE_PORT_POLICYDB_RTABLE = { + .add = NULL, + .modify = (record_policydb_table_modify_t) sepol_port_modify, + .set = NULL, + .query = (record_policydb_table_query_t) sepol_port_query, + .count = (record_policydb_table_count_t) sepol_port_count, + .exists = (record_policydb_table_exists_t) sepol_port_exists, + .iterate = (record_policydb_table_iterate_t) sepol_port_iterate, +}; + +int port_policydb_dbase_init(semanage_handle_t * handle, + dbase_config_t * dconfig) +{ + + if (dbase_policydb_init(handle, + "policy.kern", + &SEMANAGE_PORT_RTABLE, + &SEMANAGE_PORT_POLICYDB_RTABLE, + &dconfig->dbase) < 0) + return STATUS_ERR; + + dconfig->dtable = &SEMANAGE_POLICYDB_DTABLE; + + return STATUS_SUCCESS; +} + +void port_policydb_dbase_release(dbase_config_t * dconfig) +{ + + dbase_policydb_release(dconfig->dbase); +} diff --git a/libsemanage/src/pywrap-test.py b/libsemanage/src/pywrap-test.py new file mode 100644 index 00000000..d087e47b --- /dev/null +++ b/libsemanage/src/pywrap-test.py @@ -0,0 +1,1140 @@ +#!/usr/bin/python +import sys +import getopt +import semanage + +usage = "\ +Choose one of the following tests:\n\ +-m for modules\n\ +-u for users\n\ +-U for add user (warning this will write!)\n\ +-s for seusers\n\ +-S for add seuser (warning this will write!)\n\ +-p for ports\n\ +-P for add port (warning this will write!)\n\ +-f for file contexts \n\ +-F for add file context (warning this will write!)\n\ +-i for network interfaces \n\ +-I for add network interface (warning this will write!)\n\ +-b for booleans \n\ +-B for add boolean (warning this will write!)\n\ +-c for aCtive booleans\n\ +-C for set aCtive boolean (warning this will write!)\n\n\ +-n for network nodes\n\ +-N for add node (warning this will write!)\n\n\ +Other options:\n\ +-h for this help\n\ +-v for verbose output\ +" + +class Usage(Exception): + def __init__(self, msg): + Exception.__init__(self) + self.msg = msg + +class Status(Exception): + def __init__(self, msg): + Exception.__init__(self) + self.msg = msg + +class Error(Exception): + def __init__(self, msg): + Exception.__init__(self) + self.msg = msg + +class Tests: + def __init__(self): + self.all = False + self.users = False + self.writeuser = False + self.seusers = False + self.writeseuser = False + self.ports = False + self.writeport = False + self.fcontexts = False + self.writefcontext = False + self.interfaces = False + self.writeinterface = False + self.booleans = False + self.writeboolean = False + self.abooleans = False + self.writeaboolean = False + self.nodes = False + self.writenode = False + self.modules = False + self.verbose = False + + def selected(self): + return (self.all or self.users or self.modules or self.seusers or self.ports or self.fcontexts or self.interfaces or self.booleans or self.abooleans or self.writeuser or self.writeseuser or self.writeport or self.writefcontext or self.writeinterface or self.writeboolean or self.writeaboolean or self.nodes or self.writenode) + + def run(self, handle): + if (self.users or self.all): + self.test_users(handle) + print "" + if (self.seusers or self.all): + self.test_seusers(handle) + print "" + if (self.ports or self.all): + self.test_ports(handle) + print "" + if (self.modules or self.all): + self.test_modules(handle) + print "" + if (self.fcontexts or self.all): + self.test_fcontexts(handle) + print "" + if (self.interfaces or self.all): + self.test_interfaces(handle) + print "" + if (self.booleans or self.all): + self.test_booleans(handle) + print "" + if (self.abooleans or self.all): + self.test_abooleans(handle) + print "" + if (self.nodes or self.all): + self.test_nodes(handle) + print "" + if (self.writeuser or self.all): + self.test_writeuser(handle) + print "" + if (self.writeseuser or self.all): + self.test_writeseuser(handle) + print "" + if (self.writeport or self.all): + self.test_writeport(handle) + print "" + if (self.writefcontext or self.all): + self.test_writefcontext(handle) + print "" + if (self.writeinterface or self.all): + self.test_writeinterface(handle) + print "" + if (self.writeboolean or self.all): + self.test_writeboolean(handle) + print "" + if (self.writeaboolean or self.all): + self.test_writeaboolean(handle) + print "" + if (self.writenode or self.all): + self.test_writenode(handle) + print "" + + def test_modules(self,sh): + print "Testing modules..." + + (trans_cnt, mlist, mlist_size) = semanage.semanage_module_list(sh) + + print "Transaction number: ", trans_cnt + print "Module list size: ", mlist_size + if self.verbose: print "List reference: ", mlist + + if (mlist_size == 0): + print "No modules installed!" + print "This is not necessarily a test failure." + return + for idx in range(mlist_size): + module = semanage.semanage_module_list_nth(mlist, idx) + if self.verbose: print "Module reference: ", module + print "Module name: ", semanage.semanage_module_get_name(module) + print " Module version: ", semanage.semanage_module_get_version(module) + + def test_seusers(self,sh): + print "Testing seusers..." + + (status, slist) = semanage.semanage_seuser_list(sh) + if status < 0: + raise Error("Could not list seusers") + print "Query status (commit number): ", status + + if ( len(slist) == 0): + print "No seusers found!" + print "This is not necessarily a test failure." + return + for seuser in slist: + if self.verbose: print "seseuser reference: ", seuser + print "seuser name: ", semanage.semanage_seuser_get_name(seuser) + print " seuser mls range: ", semanage.semanage_seuser_get_mlsrange(seuser) + print " seuser sename: ", semanage.semanage_seuser_get_sename(seuser) + semanage.semanage_seuser_free(seuser) + + def test_users(self,sh): + print "Testing users..." + + (status, ulist) = semanage.semanage_user_list(sh) + if status < 0: + raise Error("Could not list users") + print "Query status (commit number): ", status + + if ( len(ulist) == 0): + print "No users found!" + print "This is not necessarily a test failure." + return + for user in ulist: + if self.verbose: print "User reference: ", user + print "User name: ", semanage.semanage_user_get_name(user) + print " User labeling prefix: ", semanage.semanage_user_get_prefix(user) + print " User mls level: ", semanage.semanage_user_get_mlslevel(user) + print " User mls range: ", semanage.semanage_user_get_mlsrange(user) + print " User number of roles: ", semanage.semanage_user_get_num_roles(user) + print " User roles: " + (status, rlist) = semanage.semanage_user_get_roles(sh, user) + if status < 0: + raise Error("Could not get user roles") + + for role in rlist: + print " ", role + + semanage.semanage_user_free(user) + + def test_ports(self,sh): + print "Testing ports..." + + (status, plist) = semanage.semanage_port_list(sh) + if status < 0: + raise Error("Could not list ports") + print "Query status (commit number): ", status + + if ( len(plist) == 0): + print "No ports found!" + print "This is not necessarily a test failure." + return + for port in plist: + if self.verbose: print "Port reference: ", port + low = semanage.semanage_port_get_low(port) + high = semanage.semanage_port_get_high(port) + con = semanage.semanage_port_get_con(port) + proto = semanage.semanage_port_get_proto(port) + proto_str = semanage.semanage_port_get_proto_str(proto) + if low == high: + range_str = str(low) + else: + range_str = str(low) + "-" + str(high) + (rc, con_str) = semanage.semanage_context_to_string(sh,con) + if rc < 0: con_str = "" + print "Port: ", range_str, " ", proto_str, " Context: ", con_str + semanage.semanage_port_free(port) + + def test_fcontexts(self,sh): + print "Testing file contexts..." + + (status, flist) = semanage.semanage_fcontext_list(sh) + if status < 0: + raise Error("Could not list file contexts") + print "Query status (commit number): ", status + + if (len(flist) == 0): + print "No file contexts found!" + print "This is not necessarily a test failure." + return + for fcon in flist: + if self.verbose: print "File Context reference: ", fcon + expr = semanage.semanage_fcontext_get_expr(fcon) + type = semanage.semanage_fcontext_get_type(fcon) + type_str = semanage.semanage_fcontext_get_type_str(type) + con = semanage.semanage_fcontext_get_con(fcon) + if not con: + con_str = "<<none>>" + else: + (rc, con_str) = semanage.semanage_context_to_string(sh,con) + if rc < 0: con_str = "" + print "File Expr: ", expr, " [", type_str, "] Context: ", con_str + semanage.semanage_fcontext_free(fcon) + + def test_interfaces(self,sh): + print "Testing network interfaces..." + + (status, ilist) = semanage.semanage_iface_list(sh) + if status < 0: + raise Error("Could not list interfaces") + print "Query status (commit number): ", status + + if (len(ilist) == 0): + print "No network interfaces found!" + print "This is not necessarily a test failure." + return + for iface in ilist: + if self.verbose: print "Interface reference: ", iface + name = semanage.semanage_iface_get_name(iface) + msg_con = semanage.semanage_iface_get_msgcon(iface) + if_con = semanage.semanage_iface_get_ifcon(iface) + (rc, msg_con_str) = semanage.semanage_context_to_string(sh,msg_con) + if rc < 0: msg_con_str = "" + (rc, if_con_str) = semanage.semanage_context_to_string(sh, if_con) + if rc < 0: if_con_str = "" + print "Interface: ", name, " Context: ", if_con_str, " Message Context: ", msg_con_str + semanage.semanage_iface_free(iface) + + def test_booleans(self,sh): + print "Testing booleans..." + + (status, blist) = semanage.semanage_bool_list(sh) + if status < 0: + raise Error("Could not list booleans") + print "Query status (commit number): ", status + + if (len(blist) == 0): + print "No booleans found!" + print "This is not necessarily a test failure." + return + for pbool in blist: + if self.verbose: print "Boolean reference: ", pbool + name = semanage.semanage_bool_get_name(pbool) + value = semanage.semanage_bool_get_value(pbool) + print "Boolean: ", name, " Value: ", value + semanage.semanage_bool_free(pbool) + + def test_abooleans(self,sh): + print "Testing active booleans..." + + (status, ablist) = semanage.semanage_bool_list_active(sh) + if status < 0: + raise Error("Could not list active booleans") + print "Query status (commit number): ", status + + if (len(ablist) == 0): + print "No active booleans found!" + print "This is not necessarily a test failure." + return + for abool in ablist: + if self.verbose: print "Active boolean reference: ", abool + name = semanage.semanage_bool_get_name(abool) + value = semanage.semanage_bool_get_value(abool) + print "Active Boolean: ", name, " Value: ", value + semanage.semanage_bool_free(abool) + + def test_nodes(self,sh): + print "Testing network nodes..." + + (status, nlist) = semanage.semanage_node_list(sh) + if status < 0: + raise Error("Could not list network nodes") + print "Query status (commit number): ", status + + if (len(nlist) == 0): + print "No network nodes found!" + print "This is not necessarily a test failure." + return + for node in nlist: + if self.verbose: print "Network node reference: ", node + + (status, addr) = semanage.semanage_node_get_addr(sh, node) + if status < 0: addr = "" + + (status, mask) = semanage.semanage_node_get_mask(sh, node) + if status < 0: mask = "" + + proto = semanage.semanage_node_get_proto(node) + proto_str = semanage.semanage_node_get_proto_str(proto) + con = semanage.semanage_node_get_con(node) + + (status, con_str) = semanage.semanage_context_to_string(sh, con) + if status < 0: con_str = "" + + print "Network Node: ", addr, "/", mask, " (", proto_str, ")", "Context: ", con_str + semanage.semanage_node_free(node) + + def test_writeuser(self,sh): + print "Testing user write..." + + (status, user) = semanage.semanage_user_create(sh) + if status < 0: + raise Error("Could not create user object") + if self.verbose: print "User object created" + + status = semanage.semanage_user_set_name(sh,user, "testPyUser") + if status < 0: + raise Error("Could not set user name") + if self.verbose: print "User name set: ", semanage.semanage_user_get_name(user) + + status = semanage.semanage_user_add_role(sh, user, "user_r") + if status < 0: + raise Error("Could not add role") + + status = semanage.semanage_user_set_prefix(sh,user, "user") + if status < 0: + raise Error("Could not set labeling prefix") + if self.verbose: print "User prefix set: ", semanage.semanage_user_get_prefix(user) + + status = semanage.semanage_user_set_mlsrange(sh, user, "s0") + if status < 0: + raise Error("Could not set MLS range") + if self.verbose: print "User mlsrange: ", semanage.semanage_user_get_mlsrange(user) + + status = semanage.semanage_user_set_mlslevel(sh, user, "s0") + if status < 0: + raise Error("Could not set MLS level") + if self.verbose: print "User mlslevel: ", semanage.semanage_user_get_mlslevel(user) + + (status,key) = semanage.semanage_user_key_extract(sh,user) + if status < 0: + raise Error("Could not extract user key") + if self.verbose: print "User key extracted: ", key + + (status,exists) = semanage.semanage_user_exists_local(sh,key) + if status < 0: + raise Error("Could not check if user exists") + if self.verbose: print "Exists status (commit number): ", status + + if exists: + (status, old_user) = semanage.semanage_user_query_local(sh, key) + if status < 0: + raise Error("Could not query old user") + if self.verbose: print "Query status (commit number): ", status + + print "Starting transaction.." + status = semanage.semanage_begin_transaction(sh) + if status < 0: + raise Error("Could not start semanage transaction") + + status = semanage.semanage_user_modify_local(sh,key,user) + if status < 0: + raise Error("Could not modify user") + + status = semanage.semanage_commit(sh) + if status < 0: + raise Error("Could not commit test transaction") + print "Commit status (transaction number): ", status + + status = semanage.semanage_begin_transaction(sh) + if status < 0: + raise Error("Could not start semanage transaction") + + if not exists: + print "Removing user..." + status = semanage.semanage_user_del_local(sh, key) + if status < 0: + raise Error("Could not delete test user") + if self.verbose: print "User delete: ", status + else: + print "Resetting user..." + status = semanage.semanage_user_modify_local(sh, key, old_user) + if status < 0: + raise Error("Could not reset test user") + if self.verbose: print "User modify: ", status + + status = semanage.semanage_commit(sh) + if status < 0: + raise Error("Could not commit reset transaction") + print "Commit status (transaction number): ", status + + semanage.semanage_user_key_free(key) + semanage.semanage_user_free(user) + if exists: semanage.semanage_user_free(old_user) + + def test_writeseuser(self,sh): + print "Testing seuser write..." + + (status, seuser) = semanage.semanage_seuser_create(sh) + if status < 0: + raise Error("Could not create SEUser object") + if self.verbose: print "SEUser object created." + + status = semanage.semanage_seuser_set_name(sh,seuser, "testPySEUser") + if status < 0: + raise Error("Could not set name") + if self.verbose: print "SEUser name set: ", semanage.semanage_seuser_get_name(seuser) + + status = semanage.semanage_seuser_set_sename(sh, seuser, "root") + if status < 0: + raise Error("Could not set sename") + if self.verbose: print "SEUser seuser: ", semanage.semanage_seuser_get_sename(seuser) + + status = semanage.semanage_seuser_set_mlsrange(sh, seuser, "s0:c0.c255") + if status < 0: + raise Error("Could not set MLS range") + if self.verbose: print "SEUser mlsrange: ", semanage.semanage_seuser_get_mlsrange(seuser) + + (status,key) = semanage.semanage_seuser_key_extract(sh,seuser) + if status < 0: + raise Error("Could not extract SEUser key") + if self.verbose: print "SEUser key extracted: ", key + + (status,exists) = semanage.semanage_seuser_exists_local(sh,key) + if status < 0: + raise Error("Could not check if SEUser exists") + if self.verbose: print "Exists status (commit number): ", status + + if exists: + (status, old_seuser) = semanage.semanage_seuser_query_local(sh, key) + if status < 0: + raise Error("Could not query old SEUser") + if self.verbose: print "Query status (commit number): ", status + + print "Starting transaction..." + status = semanage.semanage_begin_transaction(sh) + if status < 0: + raise Error("Could not start semanage transaction") + + status = semanage.semanage_seuser_modify_local(sh,key,seuser) + if status < 0: + raise Error("Could not modify SEUser") + + status = semanage.semanage_commit(sh) + if status < 0: + raise Error("Could not commit test transaction") + print "Commit status (transaction number): ", status + + status = semanage.semanage_begin_transaction(sh) + if status < 0: + raise Error("Could not start semanage transaction") + + if not exists: + print "Removing seuser..." + status = semanage.semanage_seuser_del_local(sh, key) + if status < 0: + raise Error("Could not delete test SEUser") + if self.verbose: print "Seuser delete: ", status + else: + print "Resetting seuser..." + status = semanage.semanage_seuser_modify_local(sh, key, old_seuser) + if status < 0: + raise Error("Could not reset test SEUser") + if self.verbose: print "Seuser modify: ", status + + status = semanage.semanage_commit(sh) + if status < 0: + raise Error("Could not commit reset transaction") + print "Commit status (transaction number): ", status + + semanage.semanage_seuser_key_free(key) + semanage.semanage_seuser_free(seuser) + if exists: semanage.semanage_seuser_free(old_seuser) + + def test_writeport(self,sh): + print "Testing port write..." + + (status, port) = semanage.semanage_port_create(sh) + if status < 0: + raise Error("Could not create SEPort object") + if self.verbose: print "SEPort object created." + + semanage.semanage_port_set_range(port,150,200) + low = semanage.semanage_port_get_low(port) + high = semanage.semanage_port_get_high(port) + if self.verbose: print "SEPort range set: ", low, "-", high + + semanage.semanage_port_set_proto(port, semanage.SEMANAGE_PROTO_TCP); + if self.verbose: print "SEPort protocol set: ", \ + semanage.semanage_port_get_proto_str(semanage.SEMANAGE_PROTO_TCP) + + (status, con) = semanage.semanage_context_create(sh) + if status < 0: + raise Error("Could not create SEContext object") + if self.verbose: print "SEContext object created (for port)." + + status = semanage.semanage_context_set_user(sh, con, "system_u") + if status < 0: + raise Error("Could not set context user") + if self.verbose: print "SEContext user: ", semanage.semanage_context_get_user(con) + + status = semanage.semanage_context_set_role(sh, con, "object_r") + if status < 0: + raise Error("Could not set context role") + if self.verbose: print "SEContext role: ", semanage.semanage_context_get_role(con) + + status = semanage.semanage_context_set_type(sh, con, "http_port_t") + if status < 0: + raise Error("Could not set context type") + if self.verbose: print "SEContext type: ", semanage.semanage_context_get_type(con) + + status = semanage.semanage_context_set_mls(sh, con, "s0:c0.c255") + if status < 0: + raise Error("Could not set context MLS fields") + if self.verbose: print "SEContext mls: ", semanage.semanage_context_get_mls(con) + + status = semanage.semanage_port_set_con(sh, port, con) + if status < 0: + raise Error("Could not set SEPort context") + if self.verbose: print "SEPort context set: ", con + + (status,key) = semanage.semanage_port_key_extract(sh,port) + if status < 0: + raise Error("Could not extract SEPort key") + if self.verbose: print "SEPort key extracted: ", key + + (status,exists) = semanage.semanage_port_exists_local(sh,key) + if status < 0: + raise Error("Could not check if SEPort exists") + if self.verbose: print "Exists status (commit number): ", status + + if exists: + (status, old_port) = semanage.semanage_port_query_local(sh, key) + if status < 0: + raise Error("Could not query old SEPort") + if self.verbose: print "Query status (commit number): ", status + + print "Starting transaction..." + status = semanage.semanage_begin_transaction(sh) + if status < 0: + raise Error("Could not start semanage transaction") + + status = semanage.semanage_port_modify_local(sh,key,port) + if status < 0: + raise Error("Could not modify SEPort") + + status = semanage.semanage_commit(sh) + if status < 0: + raise Error("Could not commit test transaction") + print "Commit status (transaction number): ", status + + status = semanage.semanage_begin_transaction(sh) + if status < 0: + raise Error("Could not start semanage transaction") + + if not exists: + print "Removing port range..." + status = semanage.semanage_port_del_local(sh, key) + if status < 0: + raise Error("Could not delete test SEPort") + if self.verbose: print "Port range delete: ", status + else: + print "Resetting port range..." + status = semanage.semanage_port_modify_local(sh, key, old_port) + if status < 0: + raise Error("Could not reset test SEPort") + if self.verbose: print "Port range modify: ", status + + status = semanage.semanage_commit(sh) + if status < 0: + raise Error("Could not commit reset transaction") + print "Commit status (transaction number): ", status + + semanage.semanage_context_free(con) + semanage.semanage_port_key_free(key) + semanage.semanage_port_free(port) + if exists: semanage.semanage_port_free(old_port) + + def test_writefcontext(self,sh): + print "Testing file context write..." + + (status, fcon) = semanage.semanage_fcontext_create(sh) + if status < 0: + raise Error("Could not create SEFcontext object") + if self.verbose: print "SEFcontext object created." + + status = semanage.semanage_fcontext_set_expr(sh, fcon, "/test/fcontext(/.*)?") + if status < 0: + raise Error("Could not set expression") + if self.verbose: print "SEFContext expr set: ", semanage.semanage_fcontext_get_expr(fcon) + + semanage.semanage_fcontext_set_type(fcon, semanage.SEMANAGE_FCONTEXT_REG) + if self.verbose: print "SEFContext type set: ", semanage.semanage_fcontext_get_type_str(fcon) + + (status, con) = semanage.semanage_context_create(sh) + if status < 0: + raise Error("Could not create SEContext object") + if self.verbose: print "SEContext object created (for file context)." + + status = semanage.semanage_context_set_user(sh, con, "system_u") + if status < 0: + raise Error("Could not set context user") + if self.verbose: print "SEContext user: ", semanage.semanage_context_get_user(con) + + status = semanage.semanage_context_set_role(sh, con, "object_r") + if status < 0: + raise Error("Could not set context role") + if self.verbose: print "SEContext role: ", semanage.semanage_context_get_role(con) + + status = semanage.semanage_context_set_type(sh, con, "default_t") + if status < 0: + raise Error("Could not set context type") + if self.verbose: print "SEContext type: ", semanage.semanage_context_get_type(con) + + status = semanage.semanage_context_set_mls(sh, con, "s0:c0.c255") + if status < 0: + raise Error("Could not set context MLS fields") + if self.verbose: print "SEContext mls: ", semanage.semanage_context_get_mls(con) + + status = semanage.semanage_fcontext_set_con(sh, fcon, con) + if status < 0: + raise Error("Could not set SEFcontext context") + if self.verbose: print "SEFcontext context set: ", con + + (status,key) = semanage.semanage_fcontext_key_extract(sh,fcon) + if status < 0: + raise Error("Could not extract SEFcontext key") + if self.verbose: print "SEFcontext key extracted: ", key + + (status,exists) = semanage.semanage_fcontext_exists_local(sh,key) + if status < 0: + raise Error("Could not check if SEFcontext exists") + + if self.verbose: print "Exists status (commit number): ", status + if exists: + (status, old_fcontext) = semanage.semanage_fcontext_query_local(sh, key) + if status < 0: + raise Error("Could not query old SEFcontext") + if self.verbose: print "Query status (commit number): ", status + + print "Starting transaction..." + status = semanage.semanage_begin_transaction(sh) + if status < 0: + raise Error("Could not start semanage transaction") + + status = semanage.semanage_fcontext_modify_local(sh,key,fcon) + if status < 0: + raise Error("Could not modify SEFcontext") + + status = semanage.semanage_commit(sh) + if status < 0: + raise Error("Could not commit test transaction") + print "Commit status (transaction number): ", status + + status = semanage.semanage_begin_transaction(sh) + if status < 0: + raise Error("Could not start semanage transaction") + + if not exists: + print "Removing file context..." + status = semanage.semanage_fcontext_del_local(sh, key) + if status < 0: + raise Error("Could not delete test SEFcontext") + if self.verbose: print "File context delete: ", status + else: + print "Resetting file context..." + status = semanage.semanage_fcontext_modify_local(sh, key, old_fcontext) + if status < 0: + raise Error("Could not reset test FContext") + if self.verbose: print "File context modify: ", status + + status = semanage.semanage_commit(sh) + if status < 0: + raise Error("Could not commit reset transaction") + print "Commit status (transaction number): ", status + + semanage.semanage_context_free(con) + semanage.semanage_fcontext_key_free(key) + semanage.semanage_fcontext_free(fcon) + if exists: semanage.semanage_fcontext_free(old_fcontext) + + def test_writeinterface(self,sh): + print "Testing network interface write..." + + (status, iface) = semanage.semanage_iface_create(sh) + if status < 0: + raise Error("Could not create SEIface object") + if self.verbose: print "SEIface object created." + + status = semanage.semanage_iface_set_name(sh, iface, "test_iface") + if status < 0: + raise Error("Could not set SEIface name") + if self.verbose: print "SEIface name set: ", semanage.semanage_iface_get_name(iface) + + (status, con) = semanage.semanage_context_create(sh) + if status < 0: + raise Error("Could not create SEContext object") + if self.verbose: print "SEContext object created (for network interface)" + + status = semanage.semanage_context_set_user(sh, con, "system_u") + if status < 0: + raise Error("Could not set interface context user") + if self.verbose: print "SEContext user: ", semanage.semanage_context_get_user(con) + + status = semanage.semanage_context_set_role(sh, con, "object_r") + if status < 0: + raise Error("Could not set interface context role") + if self.verbose: print "SEContext role: ", semanage.semanage_context_get_role(con) + + status = semanage.semanage_context_set_type(sh, con, "default_t") + if status < 0: + raise Error("Could not set interface context type") + if self.verbose: print "SEContext type: ", semanage.semanage_context_get_type(con) + + status = semanage.semanage_context_set_mls(sh, con, "s0:c0.c255") + if status < 0: + raise Error("Could not set interface context MLS fields") + if self.verbose: print "SEContext mls: ", semanage.semanage_context_get_mls(con) + + status = semanage.semanage_iface_set_ifcon(sh, iface, con) + if status < 0: + raise Error("Could not set SEIface interface context") + if self.verbose: print "SEIface interface context set: ", con + + status = semanage.semanage_iface_set_msgcon(sh, iface, con) + if status < 0: + raise Error("Could not set SEIface message context") + if self.verbose: print "SEIface message context set: ", con + + (status,key) = semanage.semanage_iface_key_extract(sh,iface) + if status < 0: + raise Error("Could not extract SEIface key") + if self.verbose: print "SEIface key extracted: ", key + + (status,exists) = semanage.semanage_iface_exists_local(sh,key) + if status < 0: + raise Error("Could not check if SEIface exists") + if self.verbose: print "Exists status (commit number): ", status + + if exists: + (status, old_iface) = semanage.semanage_iface_query_local(sh, key) + if status < 0: + raise Error("Could not query old SEIface") + if self.verbose: print "Query status (commit number): ", status + + print "Starting transaction..." + status = semanage.semanage_begin_transaction(sh) + if status < 0: + raise Error("Could not begin semanage transaction") + + status = semanage.semanage_iface_modify_local(sh,key,iface) + if status < 0: + raise Error("Could not modify SEIface") + + status = semanage.semanage_commit(sh) + if status < 0: + raise Error("Could not commit test transaction") + print "Commit status (transaction number): ", status + + status = semanage.semanage_begin_transaction(sh) + if status < 0: + raise Error("Could not begin semanage transaction") + + if not exists: + print "Removing interface..." + status = semanage.semanage_iface_del_local(sh, key) + if status < 0: + raise Error("Could not delete test SEIface") + if self.verbose: print "Interface delete: ", status + else: + print "Resetting interface..." + status = semanage.semanage_iface_modify_local(sh, key, old_iface) + if status < 0: + raise Error("Could not reset test SEIface") + if self.verbose: print "Interface modify: ", status + + status = semanage.semanage_commit(sh) + if status < 0: + raise Error("Could not commit reset transaction") + print "Commit status (transaction number): ", status + + semanage.semanage_context_free(con) + semanage.semanage_iface_key_free(key) + semanage.semanage_iface_free(iface) + if exists: semanage.semanage_iface_free(old_iface) + + def test_writeboolean(self,sh): + print "Testing boolean write..." + + (status, pbool) = semanage.semanage_bool_create(sh) + if status < 0: + raise Error("Could not create SEBool object") + if self.verbose: print "SEBool object created." + + status = semanage.semanage_bool_set_name(sh, pbool, "allow_execmem") + if status < 0: + raise Error("Could not set name") + if self.verbose: print "SEBool name set: ", semanage.semanage_bool_get_name(pbool) + + semanage.semanage_bool_set_value(pbool, 0) + if self.verbose: print "SEbool value set: ", semanage.semanage_bool_set_value(pbool) + + (status,key) = semanage.semanage_bool_key_extract(sh, pbool) + if status < 0: + raise Error("Could not extract SEBool key") + if self.verbose: print "SEBool key extracted: ", key + + (status,exists) = semanage.semanage_bool_exists_local(sh,key) + if status < 0: + raise Error("Could not check if SEBool exists") + if self.verbose: print "Exists status (commit number): ", status + + if exists: + (status, old_bool) = semanage.semanage_bool_query_local(sh, key) + if status < 0: + raise Error("Could not query old SEBool") + if self.verbose: print "Query status (commit number): ", status + + print "Starting transaction..." + status = semanage.semanage_begin_transaction(sh) + if status < 0: + raise Error("Could not start semanage transaction") + + status = semanage.semanage_bool_modify_local(sh, key, pbool) + + if status < 0: + raise Error("Could not modify SEBool") + + status = semanage.semanage_commit(sh) + if status < 0: + raise Error("Could not commit test transaction") + print "Commit status (transaction number): ", status + + status = semanage.semanage_begin_transaction(sh) + if status < 0: + raise Error("Could not start semanage transaction") + + if not exists: + print "Removing boolean..." + status = semanage.semanage_bool_del_local(sh, key) + if status < 0: + raise Error("Could not delete test SEBool") + if self.verbose: print "Boolean delete: ", status + else: + print "Resetting boolean..." + status = semanage.semanage_bool_modify_local(sh, key, old_bool) + if status < 0: + raise Error("Could not reset test SEBool") + if self.verbose: print "Boolean modify: ", status + + status = semanage.semanage_commit(sh) + if status < 0: + raise Error("Could not commit reset transaction") + print "Commit status (transaction number): ", status + + semanage.semanage_bool_key_free(key) + semanage.semanage_bool_free(pbool) + if exists: semanage.semanage_bool_free(old_bool) + + def test_writeaboolean(self,sh): + print "Testing active boolean write..." + + (status, key) = semanage.semanage_bool_key_create(sh, "allow_execmem") + if status < 0: + raise Error("Could not create SEBool key") + if self.verbose: print "SEBool key created: ", key + + (status, old_bool) = semanage.semanage_bool_query_active(sh, key) + if status < 0: + raise Error("Could not query old SEBool") + if self.verbose: print "Query status (commit number): ", status + + (status, abool) = semanage.semanage_bool_create(sh) + if status < 0: + raise Error("Could not create SEBool object") + if self.verbose: print "SEBool object created." + + status = semanage.semanage_bool_set_name(sh, abool, "allow_execmem") + if status < 0: + raise Error("Could not set name") + if self.verbose: print "SEBool name set: ", semanage.semanage_bool_get_name(abool) + + semanage.semanage_bool_set_value(abool, 0) + if self.verbose: print "SEbool value set: ", semanage.semanage_bool_set_value(abool) + + print "Starting transaction..." + status = semanage.semanage_begin_transaction(sh) + if status < 0: + raise Error("Could not start semanage transaction") + + status = semanage.semanage_bool_set_active(sh,key,abool) + if status < 0: + raise Error("Could not modify SEBool") + + status = semanage.semanage_commit(sh) + if status < 0: + raise Error("Could not commit test transaction") + print "Commit status (transaction number): ", status + + print "Resetting old active boolean..." + status = semanage.semanage_begin_transaction(sh) + if status < 0: + raise Error("Could not start semanage transaction") + + status = semanage.semanage_bool_set_active(sh, key,old_bool) + if status < 0: + raise Error("Could not reset test SEBool") + if self.verbose: print "SEBool active reset: ", status + + status = semanage.semanage_commit(sh) + if status < 0: + raise Error("Could not commit reset transaction") + print "Commit status (transaction number): ", status + + semanage.semanage_bool_key_free(key) + semanage.semanage_bool_free(abool) + semanage.semanage_bool_free(old_bool) + + + def test_writenode(self,sh): + print "Testing network node write..." + + (status, node) = semanage.semanage_node_create(sh) + if status < 0: + raise Error("Could not create SENode object") + if self.verbose: print "SENode object created." + + status = semanage.semanage_node_set_addr(sh, node, semanage.SEMANAGE_PROTO_IP6, "ffee:dddd::bbbb") + if status < 0: + raise Error("Could not set SENode address") + + status = semanage.semanage_node_set_mask(sh, node, semanage.SEMANAGE_PROTO_IP6, "::ffff:ffff:abcd:0000") + if status < 0: + raise Error("Could not set SENode netmask") + + semanage.semanage_node_set_proto(node, semanage.SEMANAGE_PROTO_IP6); + if self.verbose: print "SENode protocol set: ", \ + semanage.semanage_node_get_proto_str(semanage.SEMANAGE_PROTO_IP6) + + (status, con) = semanage.semanage_context_create(sh) + if status < 0: + raise Error("Could not create SEContext object") + if self.verbose: print "SEContext object created (for node)." + + status = semanage.semanage_context_set_user(sh, con, "system_u") + if status < 0: + raise Error("Could not set context user") + if self.verbose: print "SEContext user: ", semanage.semanage_context_get_user(con) + + status = semanage.semanage_context_set_role(sh, con, "object_r") + if status < 0: + raise Error("Could not set context role") + if self.verbose: print "SEContext role: ", semanage.semanage_context_get_role(con) + + status = semanage.semanage_context_set_type(sh, con, "lo_node_t") + if status < 0: + raise Error("Could not set context type") + if self.verbose: print "SEContext type: ", semanage.semanage_context_get_type(con) + + status = semanage.semanage_context_set_mls(sh, con, "s0:c0.c255") + if status < 0: + raise Error("Could not set context MLS fields") + if self.verbose: print "SEContext mls: ", semanage.semanage_context_get_mls(con) + + status = semanage.semanage_node_set_con(sh, node, con) + if status < 0: + raise Error("Could not set SENode context") + if self.verbose: print "SENode context set: ", con + + (status,key) = semanage.semanage_node_key_extract(sh, node) + if status < 0: + raise Error("Could not extract SENode key") + if self.verbose: print "SENode key extracted: ", key + + (status,exists) = semanage.semanage_node_exists_local(sh,key) + if status < 0: + raise Error("Could not check if SENode exists") + if self.verbose: print "Exists status (commit number): ", status + + if exists: + (status, old_node) = semanage.semanage_node_query_local(sh, key) + if status < 0: + raise Error("Could not query old SENode") + if self.verbose: print "Query status (commit number): ", status + + print "Starting transaction..." + status = semanage.semanage_begin_transaction(sh) + if status < 0: + raise Error("Could not start semanage transaction") + + status = semanage.semanage_node_modify_local(sh,key, node) + if status < 0: + raise Error("Could not modify SENode") + + status = semanage.semanage_commit(sh) + if status < 0: + raise Error("Could not commit test transaction") + print "Commit status (transaction number): ", status + + status = semanage.semanage_begin_transaction(sh) + if status < 0: + raise Error("Could not start semanage transaction") + + if not exists: + print "Removing network node..." + status = semanage.semanage_node_del_local(sh, key) + if status < 0: + raise Error("Could not delete test SENode") + if self.verbose: print "Network node delete: ", status + else: + print "Resetting network node..." + status = semanage.semanage_node_modify_local(sh, key, old_node) + if status < 0: + raise Error("Could not reset test SENode") + if self.verbose: print "Network node modify: ", status + + status = semanage.semanage_commit(sh) + if status < 0: + raise Error("Could not commit reset transaction") + print "Commit status (transaction number): ", status + + semanage.semanage_context_free(con) + semanage.semanage_node_key_free(key) + semanage.semanage_node_free(node) + if exists: semanage.semanage_node_free(old_node) + +def main(argv=None): + if argv is None: + argv = sys.argv + try: + try: + opts, args = getopt.getopt(argv[1:], "hvmuspfibcUSPFIBCanN", ["help", "verbose", "modules", "users", "seusers", "ports", "file contexts", "network interfaces", "booleans", "active booleans", "network nodes", "writeuser", "writeseuser", "writeport", "writefcontext", "writeinterface", "writeboolean", "writeaboolean", "writenode", "all"]) + tests = Tests() + for o, a in opts: + if o == "-v": + tests.verbose = True + print "Verbose output selected." + if o == "-a": + tests.all = True + if o == "-u": + tests.users = True + if o == "-U": + tests.writeuser = True + if o == "-s": + tests.seusers = True + if o == "-S": + tests.writeseuser = True + if o == "-p": + tests.ports = True + if o == "-P": + tests.writeport = True + if o == "-f": + tests.fcontexts = True + if o == "-F": + tests.writefcontext = True + if o == "-i": + tests.interfaces = True + if o == "-I": + tests.writeinterface = True + if o == "-b": + tests.booleans = True + if o == "-B": + tests.writeboolean = True + if o == "-c": + tests.abooleans = True + if o == "-C": + tests.writeaboolean = True + if o == "-n": + tests.nodes = True + if o == "-N": + tests.writenode = True + if o == "-m": + tests.modules = True + if o == "-h": + raise Usage(usage) + + if not tests.selected(): + raise Usage("Please select a valid test.") + + except getopt.error, msg: + raise Usage(msg) + + sh=semanage.semanage_handle_create() + + if (semanage.semanage_is_managed(sh) != 1): + raise Status("Unmanaged!") + + status = semanage.semanage_connect(sh) + if status < 0: + raise Error("Could not establish semanage connection") + + tests.run(sh) + + status = semanage.semanage_disconnect(sh) + if status < 0: + raise Error("Could not disconnect") + + semanage.semanage_handle_destroy(sh) + + except Usage, err: + print >>sys.stderr, err.msg + except Status, err: + print >>sys.stderr, err.msg + except Error, err: + print >>sys.stderr, err.msg + + return 2 + +if __name__ == "__main__": + sys.exit(main()) + diff --git a/libsemanage/src/semanage.conf b/libsemanage/src/semanage.conf new file mode 100644 index 00000000..5ae18f92 --- /dev/null +++ b/libsemanage/src/semanage.conf @@ -0,0 +1,38 @@ +# Authors: Jason Tang <jtang@tresys.com> +# +# Copyright (C) 2004-2005 Tresys Technology, LLC +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +# +# Specify how libsemanage will interact with a SELinux policy manager. +# The four options are: +# +# "source" - libsemanage manipulates a source SELinux policy +# "direct" - libsemanage will write directly to a module store. +# /foo/bar - Write by way of a policy management server, whose +# named socket is at /foo/bar. The path must begin +# with a '/'. +# foo.com:4242 - Establish a TCP connection to a remote policy +# management server at foo.com. If there is a colon +# then the remainder is interpreted as a port number; +# otherwise default to port 4242. +module-store = direct + +# When generating the final linked and expanded policy, by default +# semanage will set the policy version to POLICYDB_VERSION_MAX, as +# given in <sepol/policydb.h>. Change this setting if a different +# version is necessary. +#policy-version = 19 + diff --git a/libsemanage/src/semanage.py b/libsemanage/src/semanage.py new file mode 100644 index 00000000..6a2327a7 --- /dev/null +++ b/libsemanage/src/semanage.py @@ -0,0 +1,319 @@ +# This file was automatically generated by SWIG (http://www.swig.org). +# Version 1.3.33 +# +# Don't modify this file, modify the SWIG interface instead. +# This file is compatible with both classic and new-style classes. + +import _semanage +import new +new_instancemethod = new.instancemethod +try: + _swig_property = property +except NameError: + pass # Python < 2.2 doesn't have 'property'. +def _swig_setattr_nondynamic(self,class_type,name,value,static=1): + if (name == "thisown"): return self.this.own(value) + if (name == "this"): + if type(value).__name__ == 'PySwigObject': + self.__dict__[name] = value + return + method = class_type.__swig_setmethods__.get(name,None) + if method: return method(self,value) + if (not static) or hasattr(self,name): + self.__dict__[name] = value + else: + raise AttributeError("You cannot add attributes to %s" % self) + +def _swig_setattr(self,class_type,name,value): + return _swig_setattr_nondynamic(self,class_type,name,value,0) + +def _swig_getattr(self,class_type,name): + if (name == "thisown"): return self.this.own() + method = class_type.__swig_getmethods__.get(name,None) + if method: return method(self) + raise AttributeError,name + +def _swig_repr(self): + try: strthis = "proxy of " + self.this.__repr__() + except: strthis = "" + return "<%s.%s; %s >" % (self.__class__.__module__, self.__class__.__name__, strthis,) + +import types +try: + _object = types.ObjectType + _newclass = 1 +except AttributeError: + class _object : pass + _newclass = 0 +del types + + +SEMANAGE_MSG_ERR = _semanage.SEMANAGE_MSG_ERR +SEMANAGE_MSG_WARN = _semanage.SEMANAGE_MSG_WARN +SEMANAGE_MSG_INFO = _semanage.SEMANAGE_MSG_INFO +semanage_msg_get_level = _semanage.semanage_msg_get_level +semanage_msg_get_channel = _semanage.semanage_msg_get_channel +semanage_msg_get_fname = _semanage.semanage_msg_get_fname +semanage_msg_set_callback = _semanage.semanage_msg_set_callback +semanage_handle_create = _semanage.semanage_handle_create +semanage_handle_destroy = _semanage.semanage_handle_destroy +SEMANAGE_CON_INVALID = _semanage.SEMANAGE_CON_INVALID +SEMANAGE_CON_DIRECT = _semanage.SEMANAGE_CON_DIRECT +SEMANAGE_CON_POLSERV_LOCAL = _semanage.SEMANAGE_CON_POLSERV_LOCAL +SEMANAGE_CON_POLSERV_REMOTE = _semanage.SEMANAGE_CON_POLSERV_REMOTE +semanage_select_store = _semanage.semanage_select_store +semanage_reload_policy = _semanage.semanage_reload_policy +semanage_set_reload = _semanage.semanage_set_reload +semanage_set_rebuild = _semanage.semanage_set_rebuild +semanage_set_create_store = _semanage.semanage_set_create_store +semanage_set_disable_dontaudit = _semanage.semanage_set_disable_dontaudit +semanage_is_managed = _semanage.semanage_is_managed +semanage_connect = _semanage.semanage_connect +semanage_disconnect = _semanage.semanage_disconnect +semanage_begin_transaction = _semanage.semanage_begin_transaction +semanage_commit = _semanage.semanage_commit +SEMANAGE_CAN_READ = _semanage.SEMANAGE_CAN_READ +SEMANAGE_CAN_WRITE = _semanage.SEMANAGE_CAN_WRITE +semanage_access_check = _semanage.semanage_access_check +semanage_is_connected = _semanage.semanage_is_connected +semanage_module_install = _semanage.semanage_module_install +semanage_module_upgrade = _semanage.semanage_module_upgrade +semanage_module_install_base = _semanage.semanage_module_install_base +semanage_module_remove = _semanage.semanage_module_remove +semanage_module_list = _semanage.semanage_module_list +semanage_module_info_datum_destroy = _semanage.semanage_module_info_datum_destroy +semanage_module_list_nth = _semanage.semanage_module_list_nth +semanage_module_get_name = _semanage.semanage_module_get_name +semanage_module_get_version = _semanage.semanage_module_get_version +semanage_context_get_user = _semanage.semanage_context_get_user +semanage_context_set_user = _semanage.semanage_context_set_user +semanage_context_get_role = _semanage.semanage_context_get_role +semanage_context_set_role = _semanage.semanage_context_set_role +semanage_context_get_type = _semanage.semanage_context_get_type +semanage_context_set_type = _semanage.semanage_context_set_type +semanage_context_get_mls = _semanage.semanage_context_get_mls +semanage_context_set_mls = _semanage.semanage_context_set_mls +semanage_context_create = _semanage.semanage_context_create +semanage_context_clone = _semanage.semanage_context_clone +semanage_context_free = _semanage.semanage_context_free +semanage_context_from_string = _semanage.semanage_context_from_string +semanage_context_to_string = _semanage.semanage_context_to_string +semanage_bool_key_create = _semanage.semanage_bool_key_create +semanage_bool_key_extract = _semanage.semanage_bool_key_extract +semanage_bool_key_free = _semanage.semanage_bool_key_free +semanage_bool_compare = _semanage.semanage_bool_compare +semanage_bool_compare2 = _semanage.semanage_bool_compare2 +semanage_bool_get_name = _semanage.semanage_bool_get_name +semanage_bool_set_name = _semanage.semanage_bool_set_name +semanage_bool_get_value = _semanage.semanage_bool_get_value +semanage_bool_set_value = _semanage.semanage_bool_set_value +semanage_bool_create = _semanage.semanage_bool_create +semanage_bool_clone = _semanage.semanage_bool_clone +semanage_bool_free = _semanage.semanage_bool_free +semanage_bool_query = _semanage.semanage_bool_query +semanage_bool_exists = _semanage.semanage_bool_exists +semanage_bool_count = _semanage.semanage_bool_count +semanage_bool_iterate = _semanage.semanage_bool_iterate +semanage_bool_list = _semanage.semanage_bool_list +semanage_bool_modify_local = _semanage.semanage_bool_modify_local +semanage_bool_del_local = _semanage.semanage_bool_del_local +semanage_bool_query_local = _semanage.semanage_bool_query_local +semanage_bool_exists_local = _semanage.semanage_bool_exists_local +semanage_bool_count_local = _semanage.semanage_bool_count_local +semanage_bool_iterate_local = _semanage.semanage_bool_iterate_local +semanage_bool_list_local = _semanage.semanage_bool_list_local +semanage_bool_set_active = _semanage.semanage_bool_set_active +semanage_bool_query_active = _semanage.semanage_bool_query_active +semanage_bool_exists_active = _semanage.semanage_bool_exists_active +semanage_bool_count_active = _semanage.semanage_bool_count_active +semanage_bool_iterate_active = _semanage.semanage_bool_iterate_active +semanage_bool_list_active = _semanage.semanage_bool_list_active +semanage_iface_compare = _semanage.semanage_iface_compare +semanage_iface_compare2 = _semanage.semanage_iface_compare2 +semanage_iface_key_create = _semanage.semanage_iface_key_create +semanage_iface_key_extract = _semanage.semanage_iface_key_extract +semanage_iface_key_free = _semanage.semanage_iface_key_free +semanage_iface_get_name = _semanage.semanage_iface_get_name +semanage_iface_set_name = _semanage.semanage_iface_set_name +semanage_iface_get_ifcon = _semanage.semanage_iface_get_ifcon +semanage_iface_set_ifcon = _semanage.semanage_iface_set_ifcon +semanage_iface_get_msgcon = _semanage.semanage_iface_get_msgcon +semanage_iface_set_msgcon = _semanage.semanage_iface_set_msgcon +semanage_iface_create = _semanage.semanage_iface_create +semanage_iface_clone = _semanage.semanage_iface_clone +semanage_iface_free = _semanage.semanage_iface_free +semanage_iface_modify_local = _semanage.semanage_iface_modify_local +semanage_iface_del_local = _semanage.semanage_iface_del_local +semanage_iface_query_local = _semanage.semanage_iface_query_local +semanage_iface_exists_local = _semanage.semanage_iface_exists_local +semanage_iface_count_local = _semanage.semanage_iface_count_local +semanage_iface_iterate_local = _semanage.semanage_iface_iterate_local +semanage_iface_list_local = _semanage.semanage_iface_list_local +semanage_iface_query = _semanage.semanage_iface_query +semanage_iface_exists = _semanage.semanage_iface_exists +semanage_iface_count = _semanage.semanage_iface_count +semanage_iface_iterate = _semanage.semanage_iface_iterate +semanage_iface_list = _semanage.semanage_iface_list +semanage_user_key_create = _semanage.semanage_user_key_create +semanage_user_key_extract = _semanage.semanage_user_key_extract +semanage_user_key_free = _semanage.semanage_user_key_free +semanage_user_compare = _semanage.semanage_user_compare +semanage_user_compare2 = _semanage.semanage_user_compare2 +semanage_user_get_name = _semanage.semanage_user_get_name +semanage_user_set_name = _semanage.semanage_user_set_name +semanage_user_get_prefix = _semanage.semanage_user_get_prefix +semanage_user_set_prefix = _semanage.semanage_user_set_prefix +semanage_user_get_mlslevel = _semanage.semanage_user_get_mlslevel +semanage_user_set_mlslevel = _semanage.semanage_user_set_mlslevel +semanage_user_get_mlsrange = _semanage.semanage_user_get_mlsrange +semanage_user_set_mlsrange = _semanage.semanage_user_set_mlsrange +semanage_user_get_num_roles = _semanage.semanage_user_get_num_roles +semanage_user_add_role = _semanage.semanage_user_add_role +semanage_user_del_role = _semanage.semanage_user_del_role +semanage_user_has_role = _semanage.semanage_user_has_role +semanage_user_get_roles = _semanage.semanage_user_get_roles +semanage_user_set_roles = _semanage.semanage_user_set_roles +semanage_user_create = _semanage.semanage_user_create +semanage_user_clone = _semanage.semanage_user_clone +semanage_user_free = _semanage.semanage_user_free +semanage_user_modify_local = _semanage.semanage_user_modify_local +semanage_user_del_local = _semanage.semanage_user_del_local +semanage_user_query_local = _semanage.semanage_user_query_local +semanage_user_exists_local = _semanage.semanage_user_exists_local +semanage_user_count_local = _semanage.semanage_user_count_local +semanage_user_iterate_local = _semanage.semanage_user_iterate_local +semanage_user_list_local = _semanage.semanage_user_list_local +semanage_user_query = _semanage.semanage_user_query +semanage_user_exists = _semanage.semanage_user_exists +semanage_user_count = _semanage.semanage_user_count +semanage_user_iterate = _semanage.semanage_user_iterate +semanage_user_list = _semanage.semanage_user_list +SEMANAGE_PROTO_UDP = _semanage.SEMANAGE_PROTO_UDP +SEMANAGE_PROTO_TCP = _semanage.SEMANAGE_PROTO_TCP +semanage_port_compare = _semanage.semanage_port_compare +semanage_port_compare2 = _semanage.semanage_port_compare2 +semanage_port_key_create = _semanage.semanage_port_key_create +semanage_port_key_extract = _semanage.semanage_port_key_extract +semanage_port_key_free = _semanage.semanage_port_key_free +semanage_port_get_proto = _semanage.semanage_port_get_proto +semanage_port_set_proto = _semanage.semanage_port_set_proto +semanage_port_get_proto_str = _semanage.semanage_port_get_proto_str +semanage_port_get_low = _semanage.semanage_port_get_low +semanage_port_get_high = _semanage.semanage_port_get_high +semanage_port_set_port = _semanage.semanage_port_set_port +semanage_port_set_range = _semanage.semanage_port_set_range +semanage_port_get_con = _semanage.semanage_port_get_con +semanage_port_set_con = _semanage.semanage_port_set_con +semanage_port_create = _semanage.semanage_port_create +semanage_port_clone = _semanage.semanage_port_clone +semanage_port_free = _semanage.semanage_port_free +semanage_port_modify_local = _semanage.semanage_port_modify_local +semanage_port_del_local = _semanage.semanage_port_del_local +semanage_port_query_local = _semanage.semanage_port_query_local +semanage_port_exists_local = _semanage.semanage_port_exists_local +semanage_port_count_local = _semanage.semanage_port_count_local +semanage_port_iterate_local = _semanage.semanage_port_iterate_local +semanage_port_list_local = _semanage.semanage_port_list_local +semanage_port_query = _semanage.semanage_port_query +semanage_port_exists = _semanage.semanage_port_exists +semanage_port_count = _semanage.semanage_port_count +semanage_port_iterate = _semanage.semanage_port_iterate +semanage_port_list = _semanage.semanage_port_list +semanage_fcontext_compare = _semanage.semanage_fcontext_compare +semanage_fcontext_compare2 = _semanage.semanage_fcontext_compare2 +semanage_fcontext_key_create = _semanage.semanage_fcontext_key_create +semanage_fcontext_key_extract = _semanage.semanage_fcontext_key_extract +semanage_fcontext_key_free = _semanage.semanage_fcontext_key_free +semanage_fcontext_get_expr = _semanage.semanage_fcontext_get_expr +semanage_fcontext_set_expr = _semanage.semanage_fcontext_set_expr +SEMANAGE_FCONTEXT_ALL = _semanage.SEMANAGE_FCONTEXT_ALL +SEMANAGE_FCONTEXT_REG = _semanage.SEMANAGE_FCONTEXT_REG +SEMANAGE_FCONTEXT_DIR = _semanage.SEMANAGE_FCONTEXT_DIR +SEMANAGE_FCONTEXT_CHAR = _semanage.SEMANAGE_FCONTEXT_CHAR +SEMANAGE_FCONTEXT_BLOCK = _semanage.SEMANAGE_FCONTEXT_BLOCK +SEMANAGE_FCONTEXT_SOCK = _semanage.SEMANAGE_FCONTEXT_SOCK +SEMANAGE_FCONTEXT_LINK = _semanage.SEMANAGE_FCONTEXT_LINK +SEMANAGE_FCONTEXT_PIPE = _semanage.SEMANAGE_FCONTEXT_PIPE +semanage_fcontext_get_type = _semanage.semanage_fcontext_get_type +semanage_fcontext_get_type_str = _semanage.semanage_fcontext_get_type_str +semanage_fcontext_set_type = _semanage.semanage_fcontext_set_type +semanage_fcontext_get_con = _semanage.semanage_fcontext_get_con +semanage_fcontext_set_con = _semanage.semanage_fcontext_set_con +semanage_fcontext_create = _semanage.semanage_fcontext_create +semanage_fcontext_clone = _semanage.semanage_fcontext_clone +semanage_fcontext_free = _semanage.semanage_fcontext_free +semanage_fcontext_modify_local = _semanage.semanage_fcontext_modify_local +semanage_fcontext_del_local = _semanage.semanage_fcontext_del_local +semanage_fcontext_query_local = _semanage.semanage_fcontext_query_local +semanage_fcontext_exists_local = _semanage.semanage_fcontext_exists_local +semanage_fcontext_count_local = _semanage.semanage_fcontext_count_local +semanage_fcontext_iterate_local = _semanage.semanage_fcontext_iterate_local +semanage_fcontext_list_local = _semanage.semanage_fcontext_list_local +semanage_fcontext_query = _semanage.semanage_fcontext_query +semanage_fcontext_exists = _semanage.semanage_fcontext_exists +semanage_fcontext_count = _semanage.semanage_fcontext_count +semanage_fcontext_iterate = _semanage.semanage_fcontext_iterate +semanage_fcontext_list = _semanage.semanage_fcontext_list +semanage_seuser_key_create = _semanage.semanage_seuser_key_create +semanage_seuser_key_extract = _semanage.semanage_seuser_key_extract +semanage_seuser_key_free = _semanage.semanage_seuser_key_free +semanage_seuser_compare = _semanage.semanage_seuser_compare +semanage_seuser_compare2 = _semanage.semanage_seuser_compare2 +semanage_seuser_get_name = _semanage.semanage_seuser_get_name +semanage_seuser_set_name = _semanage.semanage_seuser_set_name +semanage_seuser_get_sename = _semanage.semanage_seuser_get_sename +semanage_seuser_set_sename = _semanage.semanage_seuser_set_sename +semanage_seuser_get_mlsrange = _semanage.semanage_seuser_get_mlsrange +semanage_seuser_set_mlsrange = _semanage.semanage_seuser_set_mlsrange +semanage_seuser_create = _semanage.semanage_seuser_create +semanage_seuser_clone = _semanage.semanage_seuser_clone +semanage_seuser_free = _semanage.semanage_seuser_free +semanage_seuser_modify_local = _semanage.semanage_seuser_modify_local +semanage_seuser_del_local = _semanage.semanage_seuser_del_local +semanage_seuser_query_local = _semanage.semanage_seuser_query_local +semanage_seuser_exists_local = _semanage.semanage_seuser_exists_local +semanage_seuser_count_local = _semanage.semanage_seuser_count_local +semanage_seuser_iterate_local = _semanage.semanage_seuser_iterate_local +semanage_seuser_list_local = _semanage.semanage_seuser_list_local +semanage_seuser_query = _semanage.semanage_seuser_query +semanage_seuser_exists = _semanage.semanage_seuser_exists +semanage_seuser_count = _semanage.semanage_seuser_count +semanage_seuser_iterate = _semanage.semanage_seuser_iterate +semanage_seuser_list = _semanage.semanage_seuser_list +SEMANAGE_PROTO_IP4 = _semanage.SEMANAGE_PROTO_IP4 +SEMANAGE_PROTO_IP6 = _semanage.SEMANAGE_PROTO_IP6 +semanage_node_compare = _semanage.semanage_node_compare +semanage_node_compare2 = _semanage.semanage_node_compare2 +semanage_node_key_create = _semanage.semanage_node_key_create +semanage_node_key_extract = _semanage.semanage_node_key_extract +semanage_node_key_free = _semanage.semanage_node_key_free +semanage_node_get_addr = _semanage.semanage_node_get_addr +semanage_node_get_addr_bytes = _semanage.semanage_node_get_addr_bytes +semanage_node_set_addr = _semanage.semanage_node_set_addr +semanage_node_set_addr_bytes = _semanage.semanage_node_set_addr_bytes +semanage_node_get_mask = _semanage.semanage_node_get_mask +semanage_node_get_mask_bytes = _semanage.semanage_node_get_mask_bytes +semanage_node_set_mask = _semanage.semanage_node_set_mask +semanage_node_set_mask_bytes = _semanage.semanage_node_set_mask_bytes +semanage_node_get_proto = _semanage.semanage_node_get_proto +semanage_node_set_proto = _semanage.semanage_node_set_proto +semanage_node_get_proto_str = _semanage.semanage_node_get_proto_str +semanage_node_get_con = _semanage.semanage_node_get_con +semanage_node_set_con = _semanage.semanage_node_set_con +semanage_node_create = _semanage.semanage_node_create +semanage_node_clone = _semanage.semanage_node_clone +semanage_node_free = _semanage.semanage_node_free +semanage_node_modify_local = _semanage.semanage_node_modify_local +semanage_node_del_local = _semanage.semanage_node_del_local +semanage_node_query_local = _semanage.semanage_node_query_local +semanage_node_exists_local = _semanage.semanage_node_exists_local +semanage_node_count_local = _semanage.semanage_node_count_local +semanage_node_iterate_local = _semanage.semanage_node_iterate_local +semanage_node_list_local = _semanage.semanage_node_list_local +semanage_node_query = _semanage.semanage_node_query +semanage_node_exists = _semanage.semanage_node_exists +semanage_node_count = _semanage.semanage_node_count +semanage_node_iterate = _semanage.semanage_node_iterate +semanage_node_list = _semanage.semanage_node_list + + diff --git a/libsemanage/src/semanage_conf.h b/libsemanage/src/semanage_conf.h new file mode 100644 index 00000000..7ee139ff --- /dev/null +++ b/libsemanage/src/semanage_conf.h @@ -0,0 +1,60 @@ +/* Authors: Jason Tang <jtang@tresys.com> + * + * Copyright (C) 2004-2005 Tresys Technology, LLC + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#ifndef SEMANAGE_CONF_H +#define SEMANAGE_CONF_H + +#include <semanage/handle.h> +#include <sys/types.h> +#include <sys/stat.h> + +/* libsemanage has its own configuration file. It has two main parts: + * - single options + * - external programs to execute whenever a policy is to be loaded + */ + +typedef struct semanage_conf { + enum semanage_connect_type store_type; + char *store_path; /* used for both socket path and policy dir */ + int server_port; + int policyvers; /* version for server generated policies */ + int expand_check; + int save_previous; + int save_linked; + int disable_genhomedircon; + int handle_unknown; + mode_t file_mode; + struct external_prog *load_policy; + struct external_prog *setfiles; + struct external_prog *mod_prog, *linked_prog, *kernel_prog; +} semanage_conf_t; + +/* A linked list of verification programs. Each one is called in + * order of appearance within the configuration file. + */ +typedef struct external_prog { + char *path; + char *args; + struct external_prog *next; +} external_prog_t; + +semanage_conf_t *semanage_conf_parse(const char *config_filename); +void semanage_conf_destroy(semanage_conf_t * conf); + +#endif diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c new file mode 100644 index 00000000..85313533 --- /dev/null +++ b/libsemanage/src/semanage_store.c @@ -0,0 +1,2521 @@ +/* Authors: Karl MacMillan <kmacmillan@tresys.com> + * Joshua Brindle <jbrindle@tresys.com> + * Jason Tang <jtang@tresys.com> + * Christopher Ashworth <cashworth@tresys.com> + * Chris PeBenito <cpebenito@tresys.com> + * + * Copyright (C) 2004-2006 Tresys Technology, LLC + * Copyright (C) 2005 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +/* This file contains semanage routines that manipulate the files on a + * local module store. Sandbox routines, used by both source and + * direct connections, are here as well. + */ + +struct dbase_policydb; +typedef struct dbase_policydb dbase_t; +#define DBASE_DEFINED + +#include "semanage_store.h" +#include "database_policydb.h" +#include "handle.h" + +#include <selinux/selinux.h> +#include <sepol/policydb.h> +#include <sepol/module.h> + +#include <assert.h> +#include <ctype.h> +#include <dirent.h> +#include <errno.h> +#include <fcntl.h> +#include <stdio.h> +#include <stdio_ext.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> +#include <sys/file.h> +#include <sys/stat.h> +#include <sys/types.h> +#include <sys/wait.h> +#include <limits.h> + +#include "debug.h" + +#define SEMANAGE_CONF_FILE "semanage.conf" +/* relative path names to enum semanage_paths to special files and + * directories for the module store */ + +#define TRUE 1 + +enum semanage_file_defs { + SEMANAGE_ROOT, + SEMANAGE_TRANS_LOCK, + SEMANAGE_READ_LOCK, + SEMANAGE_NUM_FILES +}; + +static char *semanage_paths[SEMANAGE_NUM_STORES][SEMANAGE_STORE_NUM_PATHS]; +static char *semanage_files[SEMANAGE_NUM_FILES] = { NULL }; +static char *semanage_conf; +static int semanage_paths_initialized = 0; + +/* These are paths relative to the bottom of the module store */ +static const char *semanage_relative_files[SEMANAGE_NUM_FILES] = { + "", + "/semanage.trans.LOCK", + "/semanage.read.LOCK" +}; + +static const char *semanage_store_paths[SEMANAGE_NUM_STORES] = { + "/active", + "/previous", + "/tmp" +}; + +/* this is the module store path relative to selinux_policy_root() */ +#define SEMANAGE_MOD_DIR "/modules" +/* relative path names to enum sandbox_paths for special files within + * a sandbox */ +static const char *semanage_sandbox_paths[SEMANAGE_STORE_NUM_PATHS] = { + "", + "/modules", + "/policy.kern", + "/base.pp", + "/base.linked", + "/file_contexts", + "/homedir_template", + "/file_contexts.template", + "/commit_num", + "/ports.local", + "/interfaces.local", + "/nodes.local", + "/booleans.local", + "/file_contexts.local", + "/seusers", + "/users.local", + "/users_extra.local", + "/seusers.final", + "/users_extra", + "/netfilter_contexts", + "/file_contexts.homedirs", +}; + +/* A node used in a linked list of file contexts; used for sorting. + */ +typedef struct semanage_file_context_node { + char *path; + char *file_type; + char *context; + int path_len; + int effective_len; + int type_len; + int context_len; + int meta; /* position of first meta char in path, -1 if none */ + struct semanage_file_context_node *next; +} semanage_file_context_node_t; + +/* A node used in a linked list of buckets that contain + * semanage_file_context_node lists. Used for sorting. + */ +typedef struct semanage_file_context_bucket { + semanage_file_context_node_t *data; + struct semanage_file_context_bucket *next; +} semanage_file_context_bucket_t; + +/* A node used in a linked list of netfilter rules. + */ +typedef struct semanage_netfilter_context_node { + char *rule; + size_t rule_len; + struct semanage_netfilter_context_node *next; +} semanage_netfilter_context_node_t; + +/* Initialize the paths to config file, lock files and store root. + */ +static int semanage_init_paths(const char *root) +{ + size_t len, prefix_len; + int i; + + if (!root) + return -1; + + prefix_len = (strlen(root) + strlen(SEMANAGE_MOD_DIR)); + + for (i = 0; i < SEMANAGE_NUM_FILES; i++) { + len = (strlen(semanage_relative_files[i]) + prefix_len); + semanage_files[i] = calloc(len + 1, sizeof(char)); + if (!semanage_files[i]) + return -1; + sprintf(semanage_files[i], "%s%s%s", root, SEMANAGE_MOD_DIR, + semanage_relative_files[i]); + } + + len = strlen(selinux_path()) + strlen(SEMANAGE_CONF_FILE); + semanage_conf = calloc(len + 1, sizeof(char)); + if (!semanage_conf) + return -1; + snprintf(semanage_conf, len, "%s%s", selinux_path(), + SEMANAGE_CONF_FILE); + + return 0; +} + +/* This initializes the paths inside the stores, this is only necessary + * when directly accessing the store + */ +static int semanage_init_store_paths(const char *root) +{ + int i, j; + size_t len; + size_t prefix_len; + char *prefix; + + if (!root) + return -1; + + prefix_len = (strlen(root) + strlen(SEMANAGE_MOD_DIR)); + prefix = calloc(prefix_len + 1, sizeof(char)); + if (!prefix) + return -1; + sprintf(prefix, "%s%s", root, SEMANAGE_MOD_DIR); + + for (i = 0; i < SEMANAGE_NUM_STORES; i++) { + for (j = 0; j < SEMANAGE_STORE_NUM_PATHS; j++) { + len = prefix_len + strlen(semanage_store_paths[i]) + + strlen(semanage_sandbox_paths[j]); + semanage_paths[i][j] = calloc(len + 1, sizeof(char)); + if (!semanage_paths[i][j]) + goto cleanup; + sprintf(semanage_paths[i][j], "%s%s%s", prefix, + semanage_store_paths[i], + semanage_sandbox_paths[j]); + } + } + + cleanup: + free(prefix); + return 0; +} + +/* THIS MUST BE THE FIRST FUNCTION CALLED IN THIS LIBRARY. If the + * library has nnot been initialized yet then call the functions that + * initialize the path variables. This function does nothing if it + * was previously called and that call was successful. Return 0 on + * success, -1 on error. + * + * Note that this function is NOT thread-safe. + */ +int semanage_check_init(const char *root) +{ + int rc; + if (semanage_paths_initialized == 0) { + rc = semanage_init_paths(root); + if (rc) + return rc; + rc = semanage_init_store_paths(root); + if (rc) + return rc; + semanage_paths_initialized = 1; + } + return 0; +} + +/* Given a definition number, return a file name from the paths array */ +const char *semanage_fname(enum semanage_sandbox_defs file_enum) +{ + return semanage_sandbox_paths[file_enum]; +} + +/* Given a store location (active/previous/tmp) and a definition + * number, return a fully-qualified path to that file or directory. + * The caller must not alter the string returned (and hence why this + * function return type is const). + * + * This function shall never return a NULL, assuming that + * semanage_check_init() was previously called. + */ +const char *semanage_path(enum semanage_store_defs store, + enum semanage_sandbox_defs path_name) +{ + assert(semanage_paths[store][path_name]); + return semanage_paths[store][path_name]; +} + +/* Return a fully-qualified path + filename to the semanage + * configuration file. The caller must not alter the string returned + * (and hence why this function return type is const). + * + * This is going to be hard coded to /etc/selinux/semanage.conf for + * the time being. FIXME + */ +const char *semanage_conf_path(void) +{ + return "/etc/selinux/semanage.conf"; +} + +/**************** functions that create module store ***************/ + +/* Check that the semanage store exists. If 'create' is non-zero then + * create the directories. Returns 0 if module store exists (either + * already or just created), -1 if does not exist or could not be + * read, or -2 if it could not create the store. */ +int semanage_create_store(semanage_handle_t * sh, int create) +{ + struct stat sb; + int mode_mask = R_OK | W_OK | X_OK; + const char *path = semanage_files[SEMANAGE_ROOT]; + int fd; + + if (stat(path, &sb) == -1) { + if (errno == ENOENT && create) { + if (mkdir(path, S_IRWXU) == -1) { + ERR(sh, "Could not create module store at %s.", + path); + return -2; + } + } else { + if (create) + ERR(sh, + "Could not read from module store at %s.", + path); + return -1; + } + } else { + if (!S_ISDIR(sb.st_mode) || access(path, mode_mask) == -1) { + ERR(sh, + "Could not access module store at %s, or it is not a directory.", + path); + return -1; + } + } + path = semanage_path(SEMANAGE_ACTIVE, SEMANAGE_TOPLEVEL); + if (stat(path, &sb) == -1) { + if (errno == ENOENT && create) { + if (mkdir(path, S_IRWXU) == -1) { + ERR(sh, + "Could not create module store, active subdirectory at %s.", + path); + return -2; + } + } else { + ERR(sh, + "Could not read from module store, active subdirectory at %s.", + path); + return -1; + } + } else { + if (!S_ISDIR(sb.st_mode) || access(path, mode_mask) == -1) { + ERR(sh, + "Could not access module store active subdirectory at %s, or it is not a directory.", + path); + return -1; + } + } + path = semanage_path(SEMANAGE_ACTIVE, SEMANAGE_MODULES); + if (stat(path, &sb) == -1) { + if (errno == ENOENT && create) { + if (mkdir(path, S_IRWXU) == -1) { + ERR(sh, + "Could not create module store, active modules subdirectory at %s.", + path); + return -2; + } + } else { + ERR(sh, + "Could not read from module store, active modules subdirectory at %s.", + path); + return -1; + } + } else { + if (!S_ISDIR(sb.st_mode) || access(path, mode_mask) == -1) { + ERR(sh, + "Could not access module store active modules subdirectory at %s, or it is not a directory.", + path); + return -1; + } + } + path = semanage_files[SEMANAGE_READ_LOCK]; + if (stat(path, &sb) == -1) { + if (errno == ENOENT && create) { + if ((fd = creat(path, S_IRUSR | S_IWUSR)) == -1) { + ERR(sh, "Could not create lock file at %s.", + path); + return -2; + } + } else { + ERR(sh, "Could not read lock file at %s.", path); + return -1; + } + } else { + if (!S_ISREG(sb.st_mode) || access(path, R_OK | W_OK) == -1) { + ERR(sh, "Could not access lock file at %s.", path); + return -1; + } + } + return 0; +} + +/* returns <0 if the active store cannot be read or doesn't exist + * 0 if the store exists but the lock file cannot be accessed + * SEMANAGE_CAN_READ if the store can be read and the lock file used + * SEMANAGE_CAN_WRITE if the modules directory and binary policy dir can be written to + */ +int semanage_store_access_check(semanage_handle_t * sh) +{ + const char *path; + int rc = -1; + + /* read access on active store */ + path = semanage_path(SEMANAGE_ACTIVE, SEMANAGE_TOPLEVEL); + if (access(path, R_OK | X_OK) != 0) + goto out; + + /* we can read the active store meaning it is managed + * so now we return 0 to indicate no error */ + rc = 0; + + /* read access on lock file required for locking + * write access necessary if the lock file does not exist + */ + path = semanage_files[SEMANAGE_READ_LOCK]; + if (access(path, R_OK) != 0) { + if (access(path, F_OK) == 0) { + goto out; + } + + path = semanage_files[SEMANAGE_ROOT]; + if (access(path, R_OK | W_OK | X_OK) != 0) { + goto out; + } + } + + /* everything needed for reading has been checked */ + rc = SEMANAGE_CAN_READ; + + /* check the modules directory */ + path = semanage_path(SEMANAGE_ACTIVE, SEMANAGE_MODULES); + if (access(path, R_OK | W_OK | X_OK) != 0) + goto out; + + rc = SEMANAGE_CAN_WRITE; + + out: + return rc; +} + +/********************* other I/O functions *********************/ + +/* Callback used by scandir() to select files. */ +static int semanage_filename_select(const struct dirent *d) +{ + if (d->d_name[0] == '.' + && (d->d_name[1] == '\0' + || (d->d_name[1] == '.' && d->d_name[2] == '\0'))) + return 0; + return 1; +} + +/* Copies a file from src to dst. If dst already exists then + * overwrite it. Returns 0 on success, -1 on error. */ +static int semanage_copy_file(const char *src, const char *dst, mode_t mode) +{ + int in, out, retval = 0, amount_read, n, errsv = errno; + char tmp[PATH_MAX]; + char buf[4192]; + + n = snprintf(tmp, PATH_MAX, "%s.tmp", dst); + if (n < 0 || n >= PATH_MAX) + return -1; + + if ((in = open(src, O_RDONLY)) == -1) { + return -1; + } + + if (!mode) + mode = S_IRUSR | S_IWUSR; + + if ((out = open(tmp, O_WRONLY | O_CREAT | O_TRUNC, mode)) == -1) { + errsv = errno; + close(in); + retval = -1; + goto out; + } + while (retval == 0 && (amount_read = read(in, buf, sizeof(buf))) > 0) { + if (write(out, buf, amount_read) < 0) { + errsv = errno; + retval = -1; + } + } + if (amount_read < 0) { + errsv = errno; + retval = -1; + } + close(in); + if (close(out) < 0) { + errsv = errno; + retval = -1; + } + + if (!retval && rename(tmp, dst) == -1) + return -1; + +out: + errno = errsv; + return retval; +} + +/* Copies all of the files from src to dst, recursing into + * subdirectories. Returns 0 on success, -1 on error. */ +static int semanage_copy_dir(const char *src, const char *dst) +{ + int i, len = 0, retval = -1; + struct stat sb; + struct dirent **names = NULL; + char path[PATH_MAX], path2[PATH_MAX]; + + if ((len = scandir(src, &names, semanage_filename_select, NULL)) == -1) { + return -1; + } + for (i = 0; i < len; i++) { + snprintf(path, sizeof(path), "%s/%s", src, names[i]->d_name); + /* stat() to see if this entry is a file or not since + * d_type isn't set properly on XFS */ + if (stat(path, &sb)) { + goto cleanup; + } + snprintf(path2, sizeof(path2), "%s/%s", dst, names[i]->d_name); + if (S_ISDIR(sb.st_mode)) { + if (mkdir(path2, 0700) == -1 || + semanage_copy_dir(path, path2) == -1) { + goto cleanup; + } + } else if (S_ISREG(sb.st_mode)) { + if (semanage_copy_file(path, path2, sb.st_mode) == -1) { + goto cleanup; + } + } + } + retval = 0; + cleanup: + for (i = 0; names != NULL && i < len; i++) { + free(names[i]); + } + free(names); + return retval; +} + +/* Recursively removes the contents of a directory along with the + * directory itself. Returns 0 on success, non-zero on error. */ +int semanage_remove_directory(const char *path) +{ + struct dirent **namelist = NULL; + int num_entries, i; + if ((num_entries = scandir(path, &namelist, semanage_filename_select, + NULL)) == -1) { + return -1; + } + for (i = 0; i < num_entries; i++) { + char s[NAME_MAX]; + struct stat buf; + snprintf(s, sizeof(s), "%s/%s", path, namelist[i]->d_name); + if (stat(s, &buf) == -1) { + return -2; + } + if (S_ISDIR(buf.st_mode)) { + int retval; + if ((retval = semanage_remove_directory(s)) != 0) { + return retval; + } + } else { + if (remove(s) == -1) { + return -3; + } + } + free(namelist[i]); + } + free(namelist); + if (rmdir(path) == -1) { + return -4; + } + return 0; +} + +/********************* sandbox management routines *********************/ + +/* Creates a sandbox for a single client. Returns 0 if a + * sandbox was created, -1 on error. + */ +int semanage_make_sandbox(semanage_handle_t * sh) +{ + const char *sandbox = semanage_path(SEMANAGE_TMP, SEMANAGE_TOPLEVEL); + struct stat buf; + int errsv; + + if (stat(sandbox, &buf) == -1) { + if (errno != ENOENT) { + ERR(sh, "Error scanning directory %s.", sandbox); + return -1; + } + errno = 0; + } else { + /* remove the old sandbox */ + if (semanage_remove_directory(sandbox) != 0) { + ERR(sh, "Error removing old sandbox directory %s.", + sandbox); + return -1; + } + } + + if (mkdir(sandbox, S_IRWXU) == -1 || + semanage_copy_dir(semanage_path(SEMANAGE_ACTIVE, SEMANAGE_TOPLEVEL), + sandbox) == -1) { + ERR(sh, "Could not copy files to sandbox %s.", sandbox); + goto cleanup; + } + return 0; + + cleanup: + errsv = errno; + semanage_remove_directory(sandbox); + errno = errsv; + return -1; +} + +/* Scans the modules directory for the current semanage handler. This + * might be the active directory or sandbox, depending upon if the + * handler has a transaction lock. Allocates and fills in *filenames + * with an array of module filenames; length of array is stored in + * *len. The caller is responsible for free()ing *filenames and its + * individual elements. Upon success returns 0, -1 on error. + */ +int semanage_get_modules_names(semanage_handle_t * sh, char ***filenames, + int *len) +{ + const char *modules_path; + struct dirent **namelist = NULL; + int num_files, i, retval = -1; + + if (sh->is_in_transaction) { + modules_path = semanage_path(SEMANAGE_TMP, SEMANAGE_MODULES); + } else { + modules_path = semanage_path(SEMANAGE_ACTIVE, SEMANAGE_MODULES); + } + + *filenames = NULL; + *len = 0; + if ((num_files = scandir(modules_path, &namelist, + semanage_filename_select, alphasort)) == -1) { + ERR(sh, "Error while scanning directory %s.", modules_path); + goto cleanup; + } + if (num_files == 0) { + retval = 0; + goto cleanup; + } + if ((*filenames = + (char **)calloc(num_files, sizeof(**filenames))) == NULL) { + ERR(sh, "Out of memory!"); + goto cleanup; + } + for (i = 0; i < num_files; i++) { + char *filename; + char path[PATH_MAX]; + + snprintf(path, PATH_MAX, "%s/%s", modules_path, + namelist[i]->d_name); + if ((filename = strdup(path)) == NULL) { + int j; + ERR(sh, "Out of memory!"); + for (j = 0; j < i; j++) { + free((*filenames)[j]); + } + free(*filenames); + *filenames = NULL; + goto cleanup; + } + (*filenames)[i] = filename; + } + *len = num_files; + retval = 0; + cleanup: + for (i = 0; i < num_files; i++) { + free(namelist[i]); + } + free(namelist); + return retval; +} + +/******************* routines that run external programs *******************/ + +/* Appends a single character to a string. Returns a pointer to the + * realloc()ated string. If out of memory return NULL; original + * string will remain untouched. + */ +static char *append(char *s, char c) +{ + size_t len = (s == NULL ? 0 : strlen(s)); + char *new_s = realloc(s, len + 2); + if (new_s == NULL) { + return NULL; + } + s = new_s; + s[len] = c; + s[len + 1] = '\0'; + return s; +} + +/* Append string 't' to string 's', realloc()ating 's' as needed. 't' + * may be safely free()d afterwards. Returns a pointer to the + * realloc()ated 's'. If out of memory return NULL; original strings + * will remain untouched. + */ +static char *append_str(char *s, const char *t) +{ + size_t s_len = (s == NULL ? 0 : strlen(s)); + size_t t_len = (t == NULL ? 0 : strlen(t)); + char *new_s = realloc(s, s_len + t_len + 1); + if (new_s == NULL) { + return NULL; + } + s = new_s; + memcpy(s + s_len, t, t_len); + s[s_len + t_len] = '\0'; + return s; +} + +/* Append an argument string to an argument vector, returning a + * pointer to the realloc()ated argument vector. Also increments + * 'num_args'. + */ +static char **append_arg(char **argv, int *num_args, const char *arg) +{ + char **a; + if ((a = realloc(argv, sizeof(*argv) * (*num_args + 1))) == NULL) { + return NULL; + } + argv = a; + if (arg == NULL) { + argv[*num_args] = NULL; + } else { + argv[*num_args] = strdup(arg); + if (!argv[*num_args]) { + return NULL; + } + } + (*num_args)++; + return argv; +} + +/* free()s all strings within a null-terminated argument vector, as + * well as the pointer itself. */ +static void free_argv(char **argv) +{ + int i; + for (i = 0; argv != NULL && argv[i] != NULL; i++) { + free(argv[i]); + } + free(argv); +} + +/* Take an argument string and split and place into an argument + * vector. Respect normal quoting, double-quoting, and backslash + * conventions. Perform substitutions on $@ and $< symbols. Returns + * a NULL-terminated argument vector; caller is responsible for + * free()ing the vector and its elements. */ +static char **split_args(const char *arg0, char *arg_string, + const char *new_name, const char *old_name) +{ + char **argv = NULL, **tv, *s, *arg = NULL, *targ; + int num_args = 0, in_quote = 0, in_dquote = 0; + + if ((tv = append_arg(argv, &num_args, arg0)) == NULL) { + goto cleanup; + } else { + argv = tv; + } + s = arg_string; + /* parse the argument string one character at a time, + * repsecting quotes and other special characters */ + while (s != NULL && *s != '\0') { + switch (*s) { + case '\\':{ + if (*(s + 1) == '\0') { + if ((targ = append(arg, '\\')) == NULL) { + goto cleanup; + } else { + arg = targ; + } + } else { + if ((targ = + append(arg, *(s + 1))) == NULL) { + goto cleanup; + } else { + arg = targ; + } + s++; + } + break; + } + case '\'':{ + if (in_dquote) { + if ((targ = append(arg, *s)) == NULL) { + goto cleanup; + } else { + arg = targ; + } + } else if (in_quote) { + in_quote = 0; + } else { + in_quote = 1; + if ((targ = append(arg, '\0')) == NULL) { + goto cleanup; + } else { + arg = targ; + } + } + break; + } + case '\"':{ + if (in_quote) { + if ((targ = append(arg, *s)) == NULL) { + goto cleanup; + } else { + arg = targ; + } + } else if (in_dquote) { + in_dquote = 0; + } else { + in_dquote = 1; + if ((targ = append(arg, '\0')) == NULL) { + goto cleanup; + } else { + arg = targ; + } + } + break; + } + case '$':{ + switch (*(s + 1)) { + case '@':{ + if ((targ = + append_str(arg, + new_name)) == + NULL) { + goto cleanup; + } else { + arg = targ; + } + s++; + break; + } + case '<':{ + if ((targ = + append_str(arg, + old_name)) == + NULL) { + goto cleanup; + } else { + arg = targ; + } + s++; + break; + } + default:{ + if ((targ = + append(arg, *s)) == NULL) { + goto cleanup; + } else { + arg = targ; + } + } + } + break; + } + default:{ + if (isspace(*s) && !in_quote && !in_dquote) { + if (arg != NULL) { + if ((tv = + append_arg(argv, &num_args, + arg)) == NULL) { + goto cleanup; + } else { + argv = tv; + } + free(arg); + arg = NULL; + } + } else { + if ((targ = append(arg, *s)) == NULL) { + goto cleanup; + } else { + arg = targ; + } + } + } + } + s++; + } + if (arg != NULL) { + if ((tv = append_arg(argv, &num_args, arg)) == NULL) { + goto cleanup; + } else { + argv = tv; + } + free(arg); + arg = NULL; + } + /* explicitly add a NULL at the end */ + if ((tv = append_arg(argv, &num_args, NULL)) != NULL) { + return tv; + } + cleanup: + free_argv(argv); + free(arg); + return NULL; +} + +/* Take the arguments given in v->args and expand any $ macros within. + * Split the arguments into different strings (argv). Next fork and + * execute the process. BE SURE THAT ALL FILE DESCRIPTORS ARE SET TO + * CLOSE-ON-EXEC. Take the return value of the child process and + * return it, -1 on error. + */ +static int semanage_exec_prog(semanage_handle_t * sh, + external_prog_t * e, const char *new_name, + const char *old_name) +{ + char **argv; + pid_t forkval; + + if ((argv = split_args(e->path, e->args, new_name, old_name)) == NULL) { + ERR(sh, "Out of memory!"); + return -1; + } + + /* no need to use pthread_atfork() -- child will not be using + * any mutexes. */ + if ((forkval = vfork()) == -1) { + ERR(sh, "Error while forking process."); + return -1; + } else if (forkval == 0) { + /* child process. file descriptors will be closed + * because they were set as close-on-exec. */ + execve(e->path, argv, NULL); + _exit(EXIT_FAILURE); /* if execve() failed */ + } else { + /* parent process. wait for child to finish */ + int status = 0; + free_argv(argv); + if (waitpid(forkval, &status, 0) == -1 || !WIFEXITED(status)) { + ERR(sh, "Child process %s did not exit cleanly.", + e->path); + return -1; + } + return WEXITSTATUS(status); + } + assert(0); + return 0; /* never reached, but here to satisfy lint */ +} + +/* reloads the policy pointed to by the handle, used locally by install + * and exported for user reload requests */ +int semanage_reload_policy(semanage_handle_t * sh) +{ + int r = 0; + + if (!sh) + return -1; + + if ((r = semanage_exec_prog(sh, sh->conf->load_policy, "", "")) != 0) { + ERR(sh, "load_policy returned error code %d.", r); + } + return r; +} + +hidden_def(semanage_reload_policy) + +/* This expands the file_context.tmpl file to file_context and homedirs.template */ +int semanage_split_fc(semanage_handle_t * sh) +{ + FILE *file_con = NULL; + int fc = -1, hd = -1, retval = -1; + char buf[PATH_MAX] = { 0 }; + + /* I use fopen here instead of open so that I can use fgets which only reads a single line */ + file_con = fopen(semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL), "r"); + if (!file_con) { + ERR(sh, "Could not open %s for reading.", + semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL)); + goto cleanup; + } + + fc = open(semanage_path(SEMANAGE_TMP, SEMANAGE_FC), + O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR); + if (!fc) { + ERR(sh, "Could not open %s for writing.", + semanage_path(SEMANAGE_TMP, SEMANAGE_FC)); + goto cleanup; + } + hd = open(semanage_path(SEMANAGE_TMP, SEMANAGE_HOMEDIR_TMPL), + O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR); + if (!hd) { + ERR(sh, "Could not open %s for writing.", + semanage_path(SEMANAGE_TMP, SEMANAGE_HOMEDIR_TMPL)); + goto cleanup; + } + + while (fgets_unlocked(buf, PATH_MAX, file_con)) { + if (!strncmp(buf, "HOME_DIR", 8) || + !strncmp(buf, "HOME_ROOT", 9) || strstr(buf, "ROLE")) { + /* This contains one of the template variables, write it to homedir.template */ + if (write(hd, buf, strlen(buf)) < 0) { + ERR(sh, "Write to %s failed.", + semanage_path(SEMANAGE_TMP, + SEMANAGE_HOMEDIR_TMPL)); + goto cleanup; + } + } else { + if (write(fc, buf, strlen(buf)) < 0) { + ERR(sh, "Write to %s failed.", + semanage_path(SEMANAGE_TMP, SEMANAGE_FC)); + goto cleanup; + } + } + } + + retval = 0; + cleanup: + if (file_con) + fclose(file_con); + if (fc >= 0) + close(fc); + if (hd >= 0) + close(hd); + + return retval; + +} + +/* Actually load the contents of the current active directory into the + * kernel. Return 0 on success, -3 on error. */ +static int semanage_install_active(semanage_handle_t * sh) +{ + int retval = -3, r, len; + char *storepath = NULL; + struct stat astore, istore; + const char *active_kernel = + semanage_path(SEMANAGE_ACTIVE, SEMANAGE_KERNEL); + const char *active_fc = semanage_path(SEMANAGE_ACTIVE, SEMANAGE_FC); + const char *active_fc_loc = + semanage_path(SEMANAGE_ACTIVE, SEMANAGE_FC_LOCAL); + const char *active_seusers = + semanage_path(SEMANAGE_ACTIVE, SEMANAGE_SEUSERS); + const char *active_nc = semanage_path(SEMANAGE_ACTIVE, SEMANAGE_NC); + const char *active_fc_hd = + semanage_path(SEMANAGE_ACTIVE, SEMANAGE_FC_HOMEDIRS); + + const char *running_fc = selinux_file_context_path(); + const char *running_fc_loc = selinux_file_context_local_path(); + const char *running_fc_hd = selinux_file_context_homedir_path(); + const char *running_hd = selinux_homedir_context_path(); + const char *running_policy = selinux_binary_policy_path(); + const char *running_seusers = selinux_usersconf_path(); + const char *running_nc = selinux_netfilter_context_path(); + const char *really_active_store = selinux_policy_root(); + + /* This is very unelegant, the right thing to do is export the path + * building code in libselinux so that you can get paths for a given + * POLICYTYPE and should probably be done in the future. */ + char store_fc[PATH_MAX]; + char store_fc_loc[PATH_MAX]; + char store_pol[PATH_MAX]; + char store_seusers[PATH_MAX]; + char store_nc[PATH_MAX]; + char store_fc_hd[PATH_MAX]; + + len = strlen(really_active_store); + running_fc += len; + running_fc_loc += len; + running_fc_hd += len; + running_hd += len; + running_policy += len; + running_seusers += len; + running_nc += len; + + len = strlen(selinux_path()) + strlen(sh->conf->store_path) + 1; + storepath = (char *)malloc(len); + if (!storepath) + goto cleanup; + snprintf(storepath, PATH_MAX, "%s%s", selinux_path(), + sh->conf->store_path); + + snprintf(store_pol, PATH_MAX, "%s%s.%d", storepath, + running_policy, sh->conf->policyvers); + if (semanage_copy_file(active_kernel, store_pol, sh->conf->file_mode) == + -1) { + ERR(sh, "Could not copy %s to %s.", active_kernel, store_pol); + goto cleanup; + } + + if (!sh->conf->disable_genhomedircon) { + snprintf(store_fc_hd, PATH_MAX, "%s%s", storepath, running_fc_hd); + if (semanage_copy_file(active_fc_hd, store_fc_hd, sh->conf->file_mode) + == -1) { + ERR(sh, "Could not copy %s to %s.", active_fc_hd, store_fc_hd); + goto cleanup; + } + } + + snprintf(store_fc, PATH_MAX, "%s%s", storepath, running_fc); + if (semanage_copy_file(active_fc, store_fc, sh->conf->file_mode) == -1) { + ERR(sh, "Could not copy %s to %s.", active_fc, store_fc); + goto cleanup; + } + + snprintf(store_fc_loc, PATH_MAX, "%s%s", storepath, running_fc_loc); + if (semanage_copy_file(active_fc_loc, store_fc_loc, sh->conf->file_mode) + == -1 && errno != ENOENT) { + ERR(sh, "Could not copy %s to %s.", active_fc_loc, + store_fc_loc); + goto cleanup; + } + errno = 0; + + snprintf(store_seusers, PATH_MAX, "%s%s", storepath, running_seusers); + if (semanage_copy_file + (active_seusers, store_seusers, sh->conf->file_mode) == -1 + && errno != ENOENT) { + ERR(sh, "Could not copy %s to %s.", active_seusers, + store_seusers); + goto cleanup; + } + errno = 0; + + snprintf(store_nc, PATH_MAX, "%s%s", storepath, running_nc); + if (semanage_copy_file(active_nc, store_nc, sh->conf->file_mode) == -1 + && errno != ENOENT) { + ERR(sh, "Could not copy %s to %s.", active_nc, store_nc); + goto cleanup; + } + errno = 0; + + if (!sh->do_reload) + goto skip_reload; + + /* This stats what libselinux says the active store is (according to config) + * and what we are installing to, to decide if they are the same store. If + * they are not then we do not reload policy */ + + if (stat(really_active_store, &astore) == 0) { + + if (stat(storepath, &istore)) { + ERR(sh, "Could not stat store path %s.", storepath); + goto cleanup; + } + + if (!(astore.st_ino == istore.st_ino && + astore.st_dev == istore.st_dev)) { + /* They are not the same store */ + goto skip_reload; + } + } else if (errno == ENOENT && + strcmp(really_active_store, storepath) != 0) { + errno = 0; + goto skip_reload; + } + + if (semanage_reload_policy(sh)) { + goto cleanup; + } + + skip_reload: + + if ((r = + semanage_exec_prog(sh, sh->conf->setfiles, store_pol, + store_fc)) != 0) { + ERR(sh, "setfiles returned error code %d.", r); + goto cleanup; + } + + retval = 0; + cleanup: + free(storepath); + return retval; +} + +/* Prepare the sandbox to be installed by making a backup of the + * current active directory. Then copy the sandbox to the active + * directory. Return the new commit number on success, negative + * values on error. */ +static int semanage_commit_sandbox(semanage_handle_t * sh) +{ + int commit_number, fd, retval; + char write_buf[32]; + const char *commit_filename = + semanage_path(SEMANAGE_TMP, SEMANAGE_COMMIT_NUM_FILE); + ssize_t amount_written; + const char *active = semanage_path(SEMANAGE_ACTIVE, SEMANAGE_TOPLEVEL); + const char *backup = + semanage_path(SEMANAGE_PREVIOUS, SEMANAGE_TOPLEVEL); + const char *sandbox = semanage_path(SEMANAGE_TMP, SEMANAGE_TOPLEVEL); + struct stat buf; + + /* update the commit number */ + if ((commit_number = semanage_direct_get_serial(sh)) < 0) { + return -1; + } + commit_number++; + memset(write_buf, 0, sizeof(write_buf)); + snprintf(write_buf, sizeof(write_buf), "%d", commit_number); + if ((fd = + open(commit_filename, O_WRONLY | O_CREAT | O_TRUNC, + S_IRUSR | S_IWUSR)) == -1) { + ERR(sh, "Could not open commit number file %s for writing.", + commit_filename); + return -1; + } + amount_written = write(fd, write_buf, sizeof(write_buf)); + if (amount_written == -1) { + ERR(sh, "Error while writing commit number to %s.", + commit_filename); + close(fd); + return -1; + } + close(fd); + + retval = commit_number; + + if (semanage_get_active_lock(sh) < 0) { + return -1; + } + /* make the backup of the current active directory */ + if (stat(backup, &buf) == 0) { + if (S_ISDIR(buf.st_mode) && + semanage_remove_directory(backup) != 0) { + ERR(sh, "Could not remove previous backup %s.", backup); + retval = -1; + goto cleanup; + } + } else if (errno != ENOENT) { + ERR(sh, "Could not stat directory %s.", backup); + retval = -1; + goto cleanup; + } + + if (rename(active, backup) == -1) { + ERR(sh, "Error while renaming %s to %s.", active, backup); + retval = -1; + goto cleanup; + } + + /* clean up some files from the sandbox before install */ + /* remove homedir_template from sandbox */ + + if (rename(sandbox, active) == -1) { + ERR(sh, "Error while renaming %s to %s.", sandbox, active); + /* note that if an error occurs during the next + * function then the store will be left in an + * inconsistent state */ + if (rename(backup, active) < 0) + ERR(sh, "Error while renaming %s back to %s.", backup, + active); + retval = -1; + goto cleanup; + } + if (semanage_install_active(sh) != 0) { + /* note that if an error occurs during the next three + * function then the store will be left in an + * inconsistent state */ + int errsv = errno; + if (rename(active, sandbox) < 0) + ERR(sh, "Error while renaming %s back to %s.", active, + sandbox); + else if (rename(backup, active) < 0) + ERR(sh, "Error while renaming %s back to %s.", backup, + active); + else + semanage_install_active(sh); + errno = errsv; + retval = -1; + goto cleanup; + } + + if (!sh->conf->save_previous) { + int errsv = errno; + retval = semanage_remove_directory(backup); + if (retval < 0) { + ERR(sh, "Could not delete previous directory %s.", backup); + goto cleanup; + } + errno = errsv; + } + + cleanup: + semanage_release_active_lock(sh); + return retval; +} + +/* Takes the kernel policy in a sandbox, move it to the active + * directory, copy it to the binary policy path, then load it. Upon + * error move the active directory back to the sandbox. This function + * should be placed within a mutex lock to ensure that it runs + * atomically. Returns commit number on success, -1 on error. + */ +int semanage_install_sandbox(semanage_handle_t * sh) +{ + int retval = -1, commit_num = -1; + + if (sh->conf->load_policy == NULL) { + ERR(sh, + "No load_policy program specified in configuration file."); + goto cleanup; + } + if (sh->conf->setfiles == NULL) { + ERR(sh, "No setfiles program specified in configuration file."); + goto cleanup; + } + + if ((commit_num = semanage_commit_sandbox(sh)) < 0) { + retval = commit_num; + goto cleanup; + } + + retval = commit_num; + + cleanup: + return retval; + +} + +/********************* functions that manipulate lock *********************/ + +static int semanage_get_lock(semanage_handle_t * sh, + const char *lock_name, const char *lock_file) +{ + int fd; + struct timeval origtime, curtime; + int got_lock = 0; + + if ((fd = open(lock_file, O_RDONLY)) == -1) { + if ((fd = + open(lock_file, O_RDWR | O_CREAT | O_TRUNC, + S_IRUSR | S_IWUSR)) == -1) { + ERR(sh, "Could not open direct %s at %s.", lock_name, + lock_file); + return -1; + } + } + if (fcntl(fd, F_SETFD, FD_CLOEXEC) < 0) { + ERR(sh, "Could not set close-on-exec for %s at %s.", lock_name, + lock_file); + close(fd); + return -1; + } + + if (sh->timeout == 0) { + /* return immediately */ + origtime.tv_sec = 0; + } else { + origtime.tv_sec = sh->timeout; + } + origtime.tv_usec = 0; + do { + curtime.tv_sec = 1; + curtime.tv_usec = 0; + if (flock(fd, LOCK_EX | LOCK_NB) == 0) { + got_lock = 1; + break; + } else if (errno != EAGAIN) { + ERR(sh, "Error obtaining direct %s at %s.", lock_name, + lock_file); + close(fd); + return -1; + } + if (origtime.tv_sec > 0 || sh->timeout == -1) { + if (select(0, NULL, NULL, NULL, &curtime) == -1) { + if (errno == EINTR) { + continue; + } + ERR(sh, + "Error while waiting to get direct %s at %s.", + lock_name, lock_file); + close(fd); + return -1; + } + origtime.tv_sec--; + } + } while (origtime.tv_sec > 0 || sh->timeout == -1); + if (!got_lock) { + ERR(sh, "Could not get direct %s at %s.", lock_name, lock_file); + close(fd); + return -1; + } + return fd; +} + +/* Locking for the module store for transactions. This is very basic + * locking of the module store and doesn't do anything if the module + * store is being manipulated with a program not using this library + * (but the policy should prevent that). Returns 0 on success, -1 if + * it could not obtain a lock. + */ +int semanage_get_trans_lock(semanage_handle_t * sh) +{ + const char *lock_file = semanage_files[SEMANAGE_TRANS_LOCK]; + + if (sh->u.direct.translock_file_fd >= 0) + return 0; + + sh->u.direct.translock_file_fd = + semanage_get_lock(sh, "transaction lock", lock_file); + if (sh->u.direct.translock_file_fd >= 0) { + return 0; + } else { + return -1; + } +} + +/* Locking for the module store for active store reading; this also includes + * the file containing the commit number. This is very basic locking + * of the module store and doesn't do anything if the module store is + * being manipulated with a program not using this library (but the + * policy should prevent that). Returns 0 on success, -1 if it could + * not obtain a lock. + */ +int semanage_get_active_lock(semanage_handle_t * sh) +{ + const char *lock_file = semanage_files[SEMANAGE_READ_LOCK]; + + if (sh->u.direct.activelock_file_fd >= 0) + return 0; + + sh->u.direct.activelock_file_fd = + semanage_get_lock(sh, "read lock", lock_file); + if (sh->u.direct.activelock_file_fd >= 0) { + return 0; + } else { + return -1; + } +} + +/* Releases the transaction lock. Does nothing if there was not one already + * there. */ +void semanage_release_trans_lock(semanage_handle_t * sh) +{ + int errsv = errno; + if (sh->u.direct.translock_file_fd >= 0) { + flock(sh->u.direct.translock_file_fd, LOCK_UN); + close(sh->u.direct.translock_file_fd); + sh->u.direct.translock_file_fd = -1; + } + errno = errsv; +} + +/* Releases the read lock. Does nothing if there was not one already + * there. */ +void semanage_release_active_lock(semanage_handle_t * sh) +{ + int errsv = errno; + if (sh->u.direct.activelock_file_fd >= 0) { + flock(sh->u.direct.activelock_file_fd, LOCK_UN); + close(sh->u.direct.activelock_file_fd); + sh->u.direct.activelock_file_fd = -1; + } + errno = errsv; +} + +/* Read the current commit number from the commit number file which + * the handle is pointing, resetting the file pointer afterwards. + * Return it (a non-negative number), or -1 on error. */ +int semanage_direct_get_serial(semanage_handle_t * sh) +{ + char buf[32]; + int fd, commit_number; + ssize_t amount_read; + const char *commit_filename; + memset(buf, 0, sizeof(buf)); + + if (sh->is_in_transaction) { + commit_filename = + semanage_path(SEMANAGE_TMP, SEMANAGE_COMMIT_NUM_FILE); + } else { + commit_filename = + semanage_path(SEMANAGE_ACTIVE, SEMANAGE_COMMIT_NUM_FILE); + } + + if ((fd = open(commit_filename, O_RDONLY)) == -1) { + if (errno == ENOENT) { + /* the commit number file does not exist yet, + * so assume that the number is 0 */ + errno = 0; + return 0; + } else { + ERR(sh, "Could not open commit number file %s.", + commit_filename); + return -1; + } + } + + amount_read = read(fd, buf, sizeof(buf)); + if (amount_read == -1) { + ERR(sh, "Error while reading commit number from %s.", + commit_filename); + commit_number = -1; + } else if (sscanf(buf, "%d", &commit_number) != 1) { + /* if nothing was read, assume that the commit number is 0 */ + commit_number = 0; + } else if (commit_number < 0) { + /* read file ought never have negative values */ + ERR(sh, + "Commit number file %s is corrupted; it should only contain a non-negative integer.", + commit_filename); + commit_number = -1; + } + + close(fd); + return commit_number; +} + +/* HIGHER LEVEL COMMIT FUNCTIONS */ + +/* Loads a module (or a base) from a fully-qualified 'filename' into a + * newly allocated sepol_module_package_t structure and returns it in + * '*package'. Caller is responsible for destroying it afterwards via + * sepol_module_package_destroy(). Returns 0 on success, -1 on error. + */ +static int semanage_load_module(semanage_handle_t * sh, const char *filename, + sepol_module_package_t ** package) +{ + int retval = 0; + FILE *fp; + struct sepol_policy_file *pf = NULL; + + *package = NULL; + if (sepol_module_package_create(package) == -1) { + ERR(sh, "Out of memory!"); + return -1; + } + + if (sepol_policy_file_create(&pf)) { + ERR(sh, "Out of memory!"); + goto cleanup; + } + + if ((fp = fopen(filename, "rb")) == NULL) { + ERR(sh, "Could not open module file %s for reading.", filename); + goto cleanup; + } + __fsetlocking(fp, FSETLOCKING_BYCALLER); + sepol_policy_file_set_fp(pf, fp); + sepol_policy_file_set_handle(pf, sh->sepolh); + if (sepol_module_package_read(*package, pf, 0) == -1) { + ERR(sh, "Error while reading from module file %s.", filename); + fclose(fp); + goto cleanup; + } + sepol_policy_file_free(pf); + fclose(fp); + return retval; + + cleanup: + sepol_module_package_free(*package); + *package = NULL; + sepol_policy_file_free(pf); + return -1; +} + +/* Links all of the modules within the sandbox into the base module. + * '*base' will point to the module package that contains everything + * linked together (caller must call sepol_module_package_destroy() on + * it afterwards). '*mods' will be a list of module packages and + * '*num_modules' will be the number of elements within '*mods' + * (caller must destroy each element as well as the pointer itself.) + * Both '*base' and '*mods' will be set to NULL upon entering this + * function. Returns 0 on success, -1 on error. + */ +int semanage_link_sandbox(semanage_handle_t * sh, + sepol_module_package_t ** base) +{ + const char *base_filename = NULL; + char **module_filenames = NULL; + int retval = -1, i; + int num_modules = 0; + sepol_module_package_t **mods = NULL; + + *base = NULL; + + /* first make sure that base module is readable */ + if ((base_filename = + semanage_path(SEMANAGE_TMP, SEMANAGE_BASE)) == NULL) { + goto cleanup; + } + if (access(base_filename, R_OK) == -1) { + ERR(sh, "Could not access sandbox base file %s.", + base_filename); + goto cleanup; + } + + /* get list of modules and load them */ + if (semanage_get_modules_names(sh, &module_filenames, &num_modules) == + -1 || semanage_load_module(sh, base_filename, base) == -1) { + goto cleanup; + } + if ((mods = calloc(num_modules, sizeof(*mods))) == NULL) { + ERR(sh, "Out of memory!"); + num_modules = 0; + goto cleanup; + } + for (i = 0; i < num_modules; i++) { + if (semanage_load_module(sh, module_filenames[i], mods + i) == + -1) { + goto cleanup; + } + } + + if (sepol_link_packages(sh->sepolh, *base, mods, num_modules, 0) != 0) { + ERR(sh, "Link packages failed"); + goto cleanup; + } + + retval = 0; + + cleanup: + for (i = 0; module_filenames != NULL && i < num_modules; i++) { + free(module_filenames[i]); + } + free(module_filenames); + for (i = 0; mods != NULL && i < num_modules; i++) { + sepol_module_package_free(mods[i]); + } + free(mods); + return retval; +} + +/* + * Expands the policy contained within *base + */ +int semanage_expand_sandbox(semanage_handle_t * sh, + sepol_module_package_t * base, + sepol_policydb_t ** policydb) +{ + + struct sepol_policydb *out = NULL; + int policyvers = sh->conf->policyvers; + int expand_check = sh->conf->expand_check ? sh->modules_modified : 0; + + if (sepol_policydb_create(&out)) + goto err; + + sepol_set_expand_consume_base(sh->sepolh, 1); + + if (sepol_expand_module(sh->sepolh, + sepol_module_package_get_policy(base), out, 0, + expand_check) + == -1) { + ERR(sh, "Expand module failed"); + goto err; + } + if (sepol_policydb_set_vers(out, policyvers)) { + ERR(sh, "Unknown/Invalid policy version %d.", policyvers); + goto err; + } + if (sh->conf->handle_unknown >= 0) + sepol_policydb_set_handle_unknown(out, sh->conf->handle_unknown); + + *policydb = out; + return STATUS_SUCCESS; + + err: + sepol_policydb_free(out); + return STATUS_ERR; +} + +/** + * Writes the final policy to the sandbox (kernel) + */ +int semanage_write_policydb(semanage_handle_t * sh, sepol_policydb_t * out) +{ + + int retval = STATUS_ERR; + const char *kernel_filename = NULL; + struct sepol_policy_file *pf = NULL; + FILE *outfile = NULL; + + if ((kernel_filename = + semanage_path(SEMANAGE_TMP, SEMANAGE_KERNEL)) == NULL) { + goto cleanup; + } + if ((outfile = fopen(kernel_filename, "wb")) == NULL) { + ERR(sh, "Could not open kernel policy %s for writing.", + kernel_filename); + goto cleanup; + } + __fsetlocking(outfile, FSETLOCKING_BYCALLER); + if (sepol_policy_file_create(&pf)) { + ERR(sh, "Out of memory!"); + goto cleanup; + } + sepol_policy_file_set_fp(pf, outfile); + sepol_policy_file_set_handle(pf, sh->sepolh); + if (sepol_policydb_write(out, pf) == -1) { + ERR(sh, "Error while writing kernel policy to %s.", + kernel_filename); + goto cleanup; + } + retval = STATUS_SUCCESS; + + cleanup: + if (outfile != NULL) { + fclose(outfile); + } + sepol_policy_file_free(pf); + return retval; +} + +/* Execute the module verification programs for each source module. + * Returns 0 if every verifier returned success, -1 on error. + */ +int semanage_verify_modules(semanage_handle_t * sh, + char **module_filenames, int num_modules) +{ + int i, retval; + semanage_conf_t *conf = sh->conf; + if (conf->mod_prog == NULL) { + return 0; + } + for (i = 0; i < num_modules; i++) { + char *module = module_filenames[i]; + external_prog_t *e; + for (e = conf->mod_prog; e != NULL; e = e->next) { + if ((retval = + semanage_exec_prog(sh, e, module, "$<")) != 0) { + return -1; + } + } + } + return 0; +} + +/* Execute the linker verification programs for the linked (but not + * expanded) base. Returns 0 if every verifier returned success, -1 + * on error. + */ +int semanage_verify_linked(semanage_handle_t * sh) +{ + external_prog_t *e; + semanage_conf_t *conf = sh->conf; + const char *linked_filename = + semanage_path(SEMANAGE_TMP, SEMANAGE_LINKED); + int retval = -1; + if (conf->linked_prog == NULL) { + return 0; + } + for (e = conf->linked_prog; e != NULL; e = e->next) { + if (semanage_exec_prog(sh, e, linked_filename, "$<") != 0) { + goto cleanup; + } + } + retval = 0; + cleanup: + return retval; +} + +/* Execute each of the kernel verification programs. Returns 0 if + * every verifier returned success, -1 on error. + */ +int semanage_verify_kernel(semanage_handle_t * sh) +{ + int retval = -1; + const char *kernel_filename = + semanage_path(SEMANAGE_TMP, SEMANAGE_KERNEL); + semanage_conf_t *conf = sh->conf; + external_prog_t *e; + if (conf->kernel_prog == NULL) { + return 0; + } + for (e = conf->kernel_prog; e != NULL; e = e->next) { + if (semanage_exec_prog(sh, e, kernel_filename, "$<") != 0) { + goto cleanup; + } + } + retval = 0; + cleanup: + return retval; +} + +/********************* functions that sort file contexts *********************/ + +/* Free the given node. */ +static void semanage_fc_node_destroy(semanage_file_context_node_t * x) +{ + free(x->path); + free(x->file_type); + free(x->context); + free(x); +} + +/* Free the linked list of nodes starting at the given node. */ +static void semanage_fc_node_list_destroy(semanage_file_context_node_t * x) +{ + semanage_file_context_node_t *temp; + + while (x) { + temp = x; + x = x->next; + semanage_fc_node_destroy(temp); + } +} + +/* Free the linked list of buckets (and their node lists) + * starting at the given bucket. */ +static void semanage_fc_bucket_list_destroy(semanage_file_context_bucket_t * x) +{ + semanage_file_context_bucket_t *temp; + + while (x) { + temp = x; + x = x->next; + semanage_fc_node_list_destroy(temp->data); + free(temp); + } +} + +/* Compares two file contexts' regular expressions and returns: + * -1 if a is less specific than b + * 0 if a and be are equally specific + * 1 if a is more specific than b + * The comparison is based on the following heuristics, + * in order from most important to least important, given a and b: + * If a is a regular expression and b is not, + * -> a is less specific than b. + * If a's stem length is shorter than b's stem length, + * -> a is less specific than b. + * If a's string length is shorter than b's string length, + * -> a is less specific than b. + * If a does not have a specified type and b does not, + * -> a is less specific than b. + * FIXME: These heuristics are imperfect, but good enough for + * now. A proper comparison would determine which (if either) + * regular expression is a subset of the other. + */ +static int semanage_fc_compare(semanage_file_context_node_t * a, + semanage_file_context_node_t * b) +{ + int a_has_meta = (a->meta >= 0); + int b_has_meta = (b->meta >= 0); + + /* Check to see if either a or b are regexes + * and the other isn't. */ + if (a_has_meta && !b_has_meta) + return -1; + if (b_has_meta && !a_has_meta) + return 1; + + /* Check to see if either a or b have a shorter stem + * length than the other. */ + if (a->meta < b->meta) + return -1; + if (b->meta < a->meta) + return 1; + + /* Check to see if either a or b have a shorter string + * length than the other. */ + if (a->effective_len < b->effective_len) + return -1; + if (b->effective_len < a->effective_len) + return 1; + + /* Check to see if either a or b has a specified type + * and the other doesn't. */ + if (!a->file_type && b->file_type) + return -1; + if (!b->file_type && a->file_type) + return 1; + + /* If none of the above conditions were satisfied, + * then a and b are equally specific. */ + return 0; +} + +/* Merges two sorted file context linked lists into a single sorted one. + * The left list is assumed to represent nodes that came first in the original ordering. + * The final sorted list is returned. + */ +static semanage_file_context_node_t + * semanage_fc_merge(semanage_file_context_node_t * left, + semanage_file_context_node_t * right) +{ + semanage_file_context_node_t *head; + semanage_file_context_node_t *current; + semanage_file_context_node_t *tail; + + if (!left) + return right; + + if (!right) + return left; + + if (semanage_fc_compare(left, right) == 1) { + head = tail = right; + right = right->next; + } else { + head = tail = left; + left = left->next; + } + + while (left && right) { + /* if left was more specific than right, + * insert right before left. Otherwise leave order alone. */ + if (semanage_fc_compare(left, right) == 1) { + current = right; + right = right->next; + } else { + current = left; + left = left->next; + } + + tail = tail->next = current; + } + + tail->next = (left != NULL) ? left : right; + + return head; +} + +/* Sorts file contexts from least specific to most specific. + * A bucket linked list is passed in. Upon completion, + * there is only one bucket (pointed to by master) that + * contains a linked list of all the file contexts in sorted order. + * Explanation of the algorithm: + * This is a stable implementation of an iterative merge sort. + * Each bucket initially has a linked list of file contexts + * that are 1 node long. + * Each pass, buckets (and the nodes they contain) are merged + * two at time. + * Buckets are merged until there is only one bucket left, + * containing the list of file contexts, sorted. + */ +static void semanage_fc_merge_sort(semanage_file_context_bucket_t * master) +{ + semanage_file_context_bucket_t *current; + semanage_file_context_bucket_t *temp; + + /* Loop until master is the only bucket left. + * When we stop master contains the sorted list. */ + while (master->next) { + current = master; + + /* Merge buckets two-by-two. + * If there is an odd number of buckets, the last + * bucket will be left alone, which corresponds + * to the operation of merging it with an empty bucket. */ + while (current) { + if (current->next) { + current->data = + semanage_fc_merge(current->data, + current->next->data); + temp = current->next; + current->next = current->next->next; + + /* Free the (now empty) second bucket. + * (This does not touch the node list + * in the bucket because it has been + * shifted over to the first bucket. */ + free(temp); + } + current = current->next; + } + } +} + +/* Compute the location of the first regular expression + * meta character in the path of the given node, if it exists. + * On return: + * fc_node->meta = position of meta character, if it exists + * (-1 corresponds to no character) + */ +static void semanage_fc_find_meta(semanage_file_context_node_t * fc_node) +{ + int c = 0; + int escape_chars = 0; + + fc_node->meta = -1; + + /* Note: this while loop has been adapted from + * spec_hasMetaChars in matchpathcon.c from + * libselinux-1.22. */ + while (fc_node->path[c] != '\0') { + switch (fc_node->path[c]) { + case '.': + case '^': + case '$': + case '?': + case '*': + case '+': + case '|': + case '[': + case '(': + case '{': + fc_node->meta = c - escape_chars; + return; + case '\\': + /* If an escape character is found, + * skip the next character. */ + c++; + escape_chars++; + break; + } + + c++; + } +} + +/* Replicates strchr, but limits search to buf_len characters. */ +static char *semanage_strnchr(const char *buf, size_t buf_len, char c) +{ + size_t idx = 0; + + if (buf == NULL) + return NULL; + if (buf_len <= 0) + return NULL; + + while (idx < buf_len) { + if (buf[idx] == c) + return (char *)buf + idx; + idx++; + } + + return NULL; +} + +/* Returns a pointer to the end of line character in the given buffer. + * Used in the context of a file context char buffer that we will be + * parsing and sorting. + */ +static char *semanage_get_line_end(const char *buf, size_t buf_len) +{ + char *line_end = NULL; + + if (buf == NULL) + return NULL; + if (buf_len <= 0) + return NULL; + + line_end = semanage_strnchr(buf, buf_len, '\n'); + if (!line_end) + line_end = semanage_strnchr(buf, buf_len, '\r'); + if (!line_end) + line_end = semanage_strnchr(buf, buf_len, EOF); + + return line_end; +} + +/* Entry function for sorting a set of file context lines. + * Returns 0 on success, -1 on failure. + * Allocates a buffer pointed to by sorted_buf that contains the sorted lines. + * sorted_buf_len is set to the size of this buffer. + * This buffer is guaranteed to have a final \0 character. + * This buffer must be released by the caller. + */ +int semanage_fc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, + char **sorted_buf, size_t * sorted_buf_len) +{ + size_t start, finish, regex_len, type_len, context_len; + size_t line_len, buf_remainder, i; + ssize_t sanity_check; + const char *line_buf, *line_end; + char *sorted_buf_pos; + int escape_chars, just_saw_escape; + + semanage_file_context_node_t *temp; + semanage_file_context_node_t *head; + semanage_file_context_node_t *current; + semanage_file_context_bucket_t *master; + semanage_file_context_bucket_t *bcurrent; + + i = 0; + + if (sh == NULL) { + return -1; + } + if (buf == NULL) { + ERR(sh, "Received NULL buffer."); + return -1; + } + if (buf_len <= 0) { + ERR(sh, "Received buffer of length 0."); + return -1; + } + + /* Initialize the head of the linked list + * that will contain a node for each file context line. */ + head = current = + (semanage_file_context_node_t *) calloc(1, + sizeof + (semanage_file_context_node_t)); + if (!head) { + ERR(sh, "Failure allocating memory."); + return -1; + } + + /* Parse the char buffer into a semanage_file_context_node_t linked list. */ + line_buf = buf; + buf_remainder = buf_len; + while ((line_end = semanage_get_line_end(line_buf, buf_remainder))) { + line_len = line_end - line_buf + 1; + sanity_check = buf_remainder - line_len; + buf_remainder = buf_remainder - line_len; + + if (sanity_check < 0) { + ERR(sh, "Failure parsing file context buffer."); + semanage_fc_node_list_destroy(head); + return -1; + } + + if (line_len == 0 || line_len == 1) { + line_buf = line_end + 1; + continue; + } + + /* Skip the whitespace at the front of the line. */ + for (i = 0; i < line_len; i++) { + if (!isspace(line_buf[i])) + break; + } + + /* Check for a blank line. */ + if (i >= line_len) { + line_buf = line_end + 1; + continue; + } + + /* Check if the line is a comment. */ + if (line_buf[i] == '#') { + line_buf = line_end + 1; + continue; + } + + /* Allocate a new node. */ + temp = + (semanage_file_context_node_t *) calloc(1, + sizeof + (semanage_file_context_node_t)); + if (!temp) { + ERR(sh, "Failure allocating memory."); + semanage_fc_node_list_destroy(head); + return -1; + } + temp->next = NULL; + + /* Extract the regular expression from the line. */ + escape_chars = 0; + just_saw_escape = 0; + start = i; + while (i < line_len && (!isspace(line_buf[i]))) { + if (line_buf[i] == '\\') { + if (!just_saw_escape) { + escape_chars++; + just_saw_escape = 1; + } else { + /* We're looking at an escaped + escape. Reset our flag. */ + just_saw_escape = 0; + } + } else { + just_saw_escape = 0; + } + i++; + } + finish = i; + regex_len = finish - start; + + if (regex_len == 0) { + ERR(sh, + "WARNING: semanage_fc_sort: Regex of length 0."); + semanage_fc_node_destroy(temp); + line_buf = line_end + 1; + continue; + } + + temp->path = (char *)strndup(&line_buf[start], regex_len); + if (!temp->path) { + ERR(sh, "Failure allocating memory."); + semanage_fc_node_destroy(temp); + semanage_fc_node_list_destroy(head); + return -1; + } + + /* Skip the whitespace after the regular expression. */ + for (; i < line_len; i++) { + if (!isspace(line_buf[i])) + break; + } + if (i == line_len) { + ERR(sh, + "WARNING: semanage_fc_sort: Incomplete context."); + semanage_fc_node_destroy(temp); + line_buf = line_end + 1; + continue; + } + + /* Extract the inode type from the line (if it exists). */ + if (line_buf[i] == '-') { + type_len = 2; /* defined as '--', '-d', '-f', etc. */ + + if (i + type_len >= line_len) { + ERR(sh, + "WARNING: semanage_fc_sort: Incomplete context."); + semanage_fc_node_destroy(temp); + line_buf = line_end + 1; + continue; + } + + /* Record the inode type. */ + temp->file_type = + (char *)strndup(&line_buf[i], type_len); + if (!temp->file_type) { + ERR(sh, "Failure allocating memory."); + semanage_fc_node_destroy(temp); + semanage_fc_node_list_destroy(head); + return -1; + } + + i += type_len; + + /* Skip the whitespace after the type. */ + for (; i < line_len; i++) { + if (!isspace(line_buf[i])) + break; + } + if (i == line_len) { + ERR(sh, + "WARNING: semanage_fc_sort: Incomplete context."); + semanage_fc_node_destroy(temp); + line_buf = line_end + 1; + continue; + } + } else { + type_len = 0; /* inode type did not exist in the file context */ + } + + /* Extract the context from the line. */ + start = i; + while (i < line_len && (!isspace(line_buf[i]))) + i++; + finish = i; + context_len = finish - start; + + temp->context = (char *)strndup(&line_buf[start], context_len); + if (!temp->context) { + ERR(sh, "Failure allocating memory."); + semanage_fc_node_destroy(temp); + semanage_fc_node_list_destroy(head); + return -1; + } + + /* Initialize the data about the file context. */ + temp->path_len = regex_len; + temp->effective_len = regex_len - escape_chars; + temp->type_len = type_len; + temp->context_len = context_len; + semanage_fc_find_meta(temp); + + /* Add this node to the end of the linked list. */ + current->next = temp; + current = current->next; + + line_buf = line_end + 1; + } + + /* Create the bucket linked list from the node linked list. */ + current = head->next; + bcurrent = master = (semanage_file_context_bucket_t *) + calloc(1, sizeof(semanage_file_context_bucket_t)); + if (!master) { + ERR(sh, "Failure allocating memory."); + semanage_fc_node_list_destroy(head); + return -1; + } + + /* Free the head node, as it is no longer used. */ + semanage_fc_node_destroy(head); + head = NULL; + + /* Place each node into a bucket. */ + while (current) { + bcurrent->data = current; + current = current->next; + + /* Detach the node in the bucket from the old list. */ + bcurrent->data->next = NULL; + + /* If we need another bucket, add one to the end. */ + if (current) { + bcurrent->next = (semanage_file_context_bucket_t *) + calloc(1, sizeof(semanage_file_context_bucket_t)); + if (!(bcurrent->next)) { + ERR(sh, "Failure allocating memory."); + semanage_fc_bucket_list_destroy(master); + return -1; + } + + bcurrent = bcurrent->next; + } + } + + /* Sort the bucket list. */ + semanage_fc_merge_sort(master); + + /* First, calculate how much space we'll need for + * the newly sorted block of data. (We don't just + * use buf_len for this because we have extracted + * comments and whitespace.) */ + i = 0; + current = master->data; + while (current) { + i += current->path_len + 1; /* +1 for a tab */ + if (current->file_type) { + i += current->type_len + 1; /* +1 for a tab */ + } + i += current->context_len + 1; /* +1 for a newline */ + current = current->next; + } + i = i + 1; /* +1 for trailing \0 */ + + /* Allocate the buffer for the sorted list. */ + *sorted_buf = calloc(i, sizeof(char)); + if (!*sorted_buf) { + ERR(sh, "Failure allocating memory."); + semanage_fc_bucket_list_destroy(master); + return -1; + } + *sorted_buf_len = i; + + /* Output the sorted semanage_file_context linked list to the char buffer. */ + sorted_buf_pos = *sorted_buf; + current = master->data; + while (current) { + /* Output the path. */ + i = current->path_len + 1; /* +1 for tab */ + snprintf(sorted_buf_pos, i + 1, "%s\t", current->path); + sorted_buf_pos = sorted_buf_pos + i; + + /* Output the type, if there is one. */ + if (current->file_type) { + i = strlen(current->file_type) + 1; /* +1 for tab */ + snprintf(sorted_buf_pos, i + 1, "%s\t", + current->file_type); + sorted_buf_pos = sorted_buf_pos + i; + } + + /* Output the context. */ + i = strlen(current->context) + 1; /* +1 for newline */ + snprintf(sorted_buf_pos, i + 1, "%s\n", current->context); + sorted_buf_pos = sorted_buf_pos + i; + + current = current->next; + } + + /* Clean up. */ + semanage_fc_bucket_list_destroy(master); + + /* Sanity check. */ + sorted_buf_pos++; + if ((sorted_buf_pos - *sorted_buf) != (ssize_t) * sorted_buf_len) { + ERR(sh, "Failure writing sorted buffer."); + free(*sorted_buf); + *sorted_buf = NULL; + return -1; + } + + return 0; +} + +/********************* functions that sort netfilter contexts *********************/ +#define NC_SORT_NAMES { "pre", "base", "module", "local", "post" } +#define NC_SORT_NAMES_LEN { 3, 4, 6, 5, 4 } +#define NC_SORT_NEL 5 +static void semanage_nc_destroy_ruletab(semanage_netfilter_context_node_t * + ruletab[NC_SORT_NEL][2]) +{ + semanage_netfilter_context_node_t *curr, *next; + int i; + + for (i = 0; i < NC_SORT_NEL; i++) { + for (curr = ruletab[i][0]; curr != NULL; curr = next) { + next = curr->next; + free(curr->rule); + free(curr); + } + } +} + +/* Entry function for sorting a set of netfilter context lines. + * Returns 0 on success, -1 on failure. + * Allocates a buffer pointed to by sorted_buf that contains the sorted lines. + * sorted_buf_len is set to the size of this buffer. + * This buffer is guaranteed to have a final \0 character. + * This buffer must be released by the caller. + */ +int semanage_nc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, + char **sorted_buf, size_t * sorted_buf_len) +{ + + /* parsing bits */ + const char *priority_names[] = NC_SORT_NAMES; + const int priority_names_len[] = NC_SORT_NAMES_LEN; + size_t line_len, buf_remainder, i, offset; + const char *line_buf, *line_end; + + /* ruletab bits */ + /* keep track of the head (index 0) and tail (index 1) with this array */ + semanage_netfilter_context_node_t *ruletab[NC_SORT_NEL][2]; + semanage_netfilter_context_node_t *curr, *node; + int priority; + + /* sorted buffer bits */ + char *sorted_buf_pos; + size_t count; + + /* initialize ruletab */ + memset(ruletab, 0, + NC_SORT_NEL * 2 * sizeof(semanage_netfilter_context_node_t *)); + + /* while lines to be read */ + line_buf = buf; + buf_remainder = buf_len; + while ((line_end = semanage_get_line_end(line_buf, buf_remainder))) { + line_len = line_end - line_buf + 1; + buf_remainder = buf_remainder - line_len; + + if (line_len == 0 || line_len == 1) { + line_buf = line_end + 1; + continue; + } + + /* Skip the whitespace at the front of the line. */ + for (i = 0; i < line_len; i++) { + if (!isspace(line_buf[i])) + break; + } + + /* Check for a blank line. */ + if (i >= line_len) { + line_buf = line_end + 1; + continue; + } + + /* Check if the line is a comment. */ + if (line_buf[i] == '#') { + line_buf = line_end + 1; + continue; + } + + /* extract priority */ + priority = -1; + offset = 0; + for (i = 0; i < NC_SORT_NEL; i++) { + if (strncmp + (line_buf, priority_names[i], + priority_names_len[i]) == 0) { + priority = i; + offset = priority_names_len[i]; + break; + } + } + + if (priority < 0) { + ERR(sh, "Netfilter context line missing priority."); + semanage_nc_destroy_ruletab(ruletab); + return -1; + } + + /* skip over whitespace */ + for (; offset < line_len && isspace(line_buf[offset]); + offset++) ; + + /* load rule into node */ + node = (semanage_netfilter_context_node_t *) + malloc(sizeof(semanage_netfilter_context_node_t)); + if (!node) { + ERR(sh, "Failure allocating memory."); + semanage_nc_destroy_ruletab(ruletab); + return -1; + } + + node->rule = + (char *)strndup(line_buf + offset, line_len - offset); + node->rule_len = line_len - offset; + node->next = NULL; + + if (!node->rule) { + ERR(sh, "Failure allocating memory."); + free(node); + semanage_nc_destroy_ruletab(ruletab); + return -1; + } + + /* add node to rule table */ + if (ruletab[priority][0] && ruletab[priority][1]) { + /* add to end of list, update tail pointer */ + ruletab[priority][1]->next = node; + ruletab[priority][1] = node; + } else { + /* this list is empty, make head and tail point to the node */ + ruletab[priority][0] = ruletab[priority][1] = node; + } + + line_buf = line_end + 1; + } + + /* First, calculate how much space we'll need for + * the newly sorted block of data. (We don't just + * use buf_len for this because we have extracted + * comments and whitespace.) Start at 1 for trailing \0 */ + count = 1; + for (i = 0; i < NC_SORT_NEL; i++) + for (curr = ruletab[i][0]; curr != NULL; curr = curr->next) + count += curr->rule_len; + + /* Allocate the buffer for the sorted list. */ + *sorted_buf = calloc(count, sizeof(char)); + if (!*sorted_buf) { + ERR(sh, "Failure allocating memory."); + semanage_nc_destroy_ruletab(ruletab); + return -1; + } + *sorted_buf_len = count; + + /* write out rule buffer */ + sorted_buf_pos = *sorted_buf; + for (i = 0; i < NC_SORT_NEL; i++) { + for (curr = ruletab[i][0]; curr != NULL; curr = curr->next) { + /* put rule into buffer */ + snprintf(sorted_buf_pos, curr->rule_len + 1, "%s\n", curr->rule); /* +1 for newline */ + sorted_buf_pos = sorted_buf_pos + curr->rule_len; + } + } + + /* free ruletab */ + semanage_nc_destroy_ruletab(ruletab); + + return 0; +} diff --git a/libsemanage/src/semanage_store.h b/libsemanage/src/semanage_store.h new file mode 100644 index 00000000..8b4236a5 --- /dev/null +++ b/libsemanage/src/semanage_store.h @@ -0,0 +1,124 @@ +/* Authors: Karl MacMillan <kmacmillan@tresys.com> + * Joshua Brindle <jbrindle@tresys.com> + * Jason Tang <jtang@tresys.com> + * Christopher Ashworth <cashworth@tresys.com> + * + * Copyright (C) 2004-2006 Tresys Technology, LLC + * Copyright (C) 2005 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#ifndef SEMANAGE_MODULE_STORE_H +#define SEMANAGE_MODULE_STORE_H + +#include <sys/time.h> +#include <sepol/module.h> +#include "handle.h" + +enum semanage_store_defs { + SEMANAGE_ACTIVE, + SEMANAGE_PREVIOUS, + SEMANAGE_TMP, + SEMANAGE_NUM_STORES +}; + +/* sandbox filenames and paths */ +enum semanage_sandbox_defs { + SEMANAGE_TOPLEVEL, + SEMANAGE_MODULES, + SEMANAGE_KERNEL, + SEMANAGE_BASE, + SEMANAGE_LINKED, + SEMANAGE_FC, + SEMANAGE_HOMEDIR_TMPL, + SEMANAGE_FC_TMPL, + SEMANAGE_COMMIT_NUM_FILE, + SEMANAGE_PORTS_LOCAL, + SEMANAGE_INTERFACES_LOCAL, + SEMANAGE_NODES_LOCAL, + SEMANAGE_BOOLEANS_LOCAL, + SEMANAGE_FC_LOCAL, + SEMANAGE_SEUSERS_LOCAL, + SEMANAGE_USERS_BASE_LOCAL, + SEMANAGE_USERS_EXTRA_LOCAL, + SEMANAGE_SEUSERS, + SEMANAGE_USERS_EXTRA, + SEMANAGE_NC, + SEMANAGE_FC_HOMEDIRS, + SEMANAGE_STORE_NUM_PATHS +}; + +/* FIXME: this needs to be made a module store specific init and the + * global configuration moved to another file. + */ +const char *semanage_conf_path(void); +int semanage_check_init(const char *root); + +extern const char *semanage_fname(enum semanage_sandbox_defs file_enum); + +extern const char *semanage_path(enum semanage_store_defs store, + enum semanage_sandbox_defs file); + +int semanage_create_store(semanage_handle_t * sh, int create); + +int semanage_store_access_check(semanage_handle_t * sh); + +int semanage_remove_directory(const char *path); + +int semanage_make_sandbox(semanage_handle_t * sh); + +int semanage_get_modules_names(semanage_handle_t * sh, + char ***filenames, int *len); + +/* lock file routines */ +int semanage_get_trans_lock(semanage_handle_t * sh); +int semanage_get_active_lock(semanage_handle_t * sh); +void semanage_release_trans_lock(semanage_handle_t * sh); +void semanage_release_active_lock(semanage_handle_t * sh); +int semanage_direct_get_serial(semanage_handle_t * sh); + +int semanage_link_sandbox(semanage_handle_t * sh, + sepol_module_package_t ** base); + +int semanage_expand_sandbox(semanage_handle_t * sh, + sepol_module_package_t * base, + sepol_policydb_t ** policydb); + +int semanage_write_policydb(semanage_handle_t * sh, + sepol_policydb_t * policydb); + +int semanage_install_sandbox(semanage_handle_t * sh); + +int semanage_verify_modules(semanage_handle_t * sh, + char **module_filenames, int num_modules); + +int semanage_verify_linked(semanage_handle_t * sh); +int semanage_verify_kernel(semanage_handle_t * sh); +int semanage_split_fc(semanage_handle_t * sh); + +/* sort file context routines */ +int semanage_fc_sort(semanage_handle_t * sh, + const char *buf, + size_t buf_len, + char **sorted_buf, size_t * sorted_buf_len); + +/* sort netfilter context routines */ +int semanage_nc_sort(semanage_handle_t * sh, + const char *buf, + size_t buf_len, + char **sorted_buf, size_t * sorted_buf_len); + +#endif diff --git a/libsemanage/src/semanageswig.i b/libsemanage/src/semanageswig.i new file mode 100644 index 00000000..583b7d86 --- /dev/null +++ b/libsemanage/src/semanageswig.i @@ -0,0 +1,51 @@ +/* Author: Spencer Shimko <sshimko@tresys.com> + * + * Copyright (C) 2004-2005 Tresys Technology, LLC + * Copyright (C) 2006 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + + +%module semanage + +/* pull in the headers */ +%include "../include/semanage/debug.h" +%include "../include/semanage/handle.h" +%include "../include/semanage/modules.h" +%include "../include/semanage/context_record.h" +%include "../include/semanage/boolean_record.h" +%include "../include/semanage/booleans_policy.h" +%include "../include/semanage/booleans_local.h" +%include "../include/semanage/booleans_active.h" +%include "../include/semanage/iface_record.h" +%include "../include/semanage/interfaces_local.h" +%include "../include/semanage/interfaces_policy.h" +%include "../include/semanage/user_record.h" +%include "../include/semanage/users_local.h" +%include "../include/semanage/users_policy.h" +%include "../include/semanage/port_record.h" +%include "../include/semanage/ports_local.h" +%include "../include/semanage/ports_policy.h" +%include "../include/semanage/fcontext_record.h" +%include "../include/semanage/fcontexts_local.h" +%include "../include/semanage/fcontexts_policy.h" +%include "../include/semanage/seuser_record.h" +%include "../include/semanage/seusers_local.h" +%include "../include/semanage/seusers_policy.h" +%include "../include/semanage/node_record.h" +%include "../include/semanage/nodes_local.h" +%include "../include/semanage/nodes_policy.h" +%include "../include/semanage/semanage.h" diff --git a/libsemanage/src/semanageswig_python.i b/libsemanage/src/semanageswig_python.i new file mode 100644 index 00000000..96c670c2 --- /dev/null +++ b/libsemanage/src/semanageswig_python.i @@ -0,0 +1,463 @@ +/* Author: Spencer Shimko <sshimko@tresys.com> + * + * Copyright (C) 2004-2005 Tresys Technology, LLC + * Copyright (C) 2006 Red Hat, Inc + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +/** standard typemaps **/ + +%header %{ + #include <stdlib.h> + #include <semanage/semanage.h> + + #define STATUS_SUCCESS 0 + #define STATUS_ERR -1 +%} + +%wrapper %{ + + + /* There are two ways to call this function: + * One is with a valid swig_type and destructor. + * Two is with a NULL swig_type and NULL destructor. + * + * In the first mode, the function converts + * an array of *cloned* objects [of the given pointer swig type] + * into a PyList, and destroys the array in the process + * (the objects pointers are preserved). + * + * In the second mode, the function converts + * an array of *constant* strings into a PyList, and destroys + * the array in the process + * (the strings are copied, originals not freed). */ + + static int semanage_array2plist( + semanage_handle_t* handle, + void** arr, + unsigned int asize, + swig_type_info* swig_type, + void (*destructor) (void*), + PyObject** result) { + + PyObject* plist = PyList_New(0); + unsigned int i; + + if (!plist) + goto err; + + for (i = 0; i < asize; i++) { + + PyObject* obj = NULL; + + /* NULL indicates string conversion, + * otherwise create an opaque pointer */ + if (!swig_type) + obj = SWIG_FromCharPtr(arr[i]); + else + obj = SWIG_NewPointerObj(arr[i], swig_type, 0); + + if (!obj) + goto err; + + if (PyList_Append(plist, obj) < 0) + goto err; + } + + free(arr); + + *result = plist; + return STATUS_SUCCESS; + + err: + for (i = 0; i < asize; i++) + if (destructor) + destructor(arr[i]); + free(arr); + return STATUS_ERR; + } +%} + +/* a few helpful typemaps are available in this library */ +%include <typemaps.i> +/* wrap all int*'s so they can be used for results + if it becomes necessary to send in data this should be changed to INOUT */ +%apply int *OUTPUT { int * }; +%apply int *OUTPUT { size_t * }; +%apply int *OUTPUT { unsigned int * }; + +%typemap(in, numinputs=0) char **(char *temp=NULL) { + $1 = &temp; +} + +%typemap(argout) char** { + $result = SWIG_Python_AppendOutput($result, SWIG_FromCharPtr(*$1)); + free(*$1); +} + +%typemap(in, numinputs=0) char ***(char **temp=NULL) { + $1 = &temp; +} + +%typemap(argout) ( + semanage_handle_t* handle, + const semanage_user_t* user, + const char*** roles_arr, + unsigned int* num_roles) { + + if ($result) { + int value; + SWIG_AsVal_int($result, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist($1, (void**) *$3, *$4, + NULL, NULL, &plist) < 0) + $result = SWIG_From_int(STATUS_ERR); + else + $result = SWIG_Python_AppendOutput($result, plist); + } + } +} + +/** module typemaps**/ + +/* the wrapper will setup this parameter for passing... the resulting python functions + will not take the semanage_module_info_t ** parameter */ +%typemap(in, numinputs=0) semanage_module_info_t **(semanage_module_info_t *temp=NULL) { + $1 = &temp; +} + +%typemap(argout) semanage_module_info_t ** { + $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); +} + +/** context typemaps **/ + +/* the wrapper will setup this parameter for passing... the resulting python functions + will not take the semanage_context_t ** parameter */ +%typemap(in, numinputs=0) semanage_context_t **(semanage_context_t *temp=NULL) { + $1 = &temp; +} + +%typemap(argout) semanage_context_t** { + $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); +} + +/** boolean typemaps **/ + +/* the wrapper will setup this parameter for passing... the resulting python functions + will not take the semanage_bool_t *** parameter */ +%typemap(in, numinputs=0) semanage_bool_t ***(semanage_bool_t **temp=NULL) { + $1 = &temp; +} + +%typemap(argout) ( + semanage_handle_t* handle, + semanage_bool_t*** records, + unsigned int* count) { + + if ($result) { + int value; + SWIG_AsVal_int($result, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist($1, (void**) *$2, *$3, SWIGTYPE_p_semanage_bool, + (void (*) (void*)) &semanage_bool_free, &plist) < 0) + $result = SWIG_From_int(STATUS_ERR); + else + $result = SWIG_Python_AppendOutput($result, plist); + } + } +} + +%typemap(in, numinputs=0) semanage_bool_t **(semanage_bool_t *temp=NULL) { + $1 = &temp; +} + +%typemap(argout) semanage_bool_t ** { + $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); +} + +%typemap(argout) semanage_bool_key_t ** { + $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); +} + +%typemap(in, numinputs=0) semanage_bool_key_t **(semanage_bool_key_t *temp=NULL) { + $1 = &temp; +} + +/** fcontext typemaps **/ + +/* the wrapper will setup this parameter for passing... the resulting python functions + will not take the semanage_fcontext_t *** parameter */ +%typemap(in, numinputs=0) semanage_fcontext_t ***(semanage_fcontext_t **temp=NULL) { + $1 = &temp; +} + +%typemap(argout) ( + semanage_handle_t* handle, + semanage_fcontext_t*** records, + unsigned int* count) { + + if ($result) { + int value; + SWIG_AsVal_int($result, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist($1, (void**) *$2, *$3, SWIGTYPE_p_semanage_fcontext, + (void (*) (void*)) &semanage_fcontext_free, &plist) < 0) + $result = SWIG_From_int(STATUS_ERR); + else + $result = SWIG_Python_AppendOutput($result, plist); + } + } +} + +%typemap(in, numinputs=0) semanage_fcontext_t **(semanage_fcontext_t *temp=NULL) { + $1 = &temp; +} + +%typemap(argout) semanage_fcontext_t ** { + $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); +} + +%typemap(argout) semanage_fcontext_key_t ** { + $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); +} + +%typemap(in, numinputs=0) semanage_fcontext_key_t **(semanage_fcontext_key_t *temp=NULL) { + $1 = &temp; +} + +/** interface typemaps **/ + +/* the wrapper will setup this parameter for passing... the resulting python functions + will not take the semanage_iface_t *** parameter */ +%typemap(in, numinputs=0) semanage_iface_t ***(semanage_iface_t **temp=NULL) { + $1 = &temp; +} + + +%typemap(argout) ( + semanage_handle_t* handle, + semanage_iface_t*** records, + unsigned int* count) { + + if ($result) { + int value; + SWIG_AsVal_int($result, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist($1, (void**) *$2, *$3, SWIGTYPE_p_semanage_iface, + (void (*) (void*)) &semanage_iface_free, &plist) < 0) + $result = SWIG_From_int(STATUS_ERR); + else + $result = SWIG_Python_AppendOutput($result, plist); + } + } +} + +%typemap(in, numinputs=0) semanage_iface_t **(semanage_iface_t *temp=NULL) { + $1 = &temp; +} + +%typemap(argout) semanage_iface_t ** { + $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); +} + +%typemap(argout) semanage_iface_key_t ** { + $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); +} + +%typemap(in, numinputs=0) semanage_iface_key_t **(semanage_iface_key_t *temp=NULL) { + $1 = &temp; +} + +/** seuser typemaps **/ + +/* the wrapper will setup this parameter for passing... the resulting python functions + will not take the semanage_seuser_t *** parameter */ +%typemap(in, numinputs=0) semanage_seuser_t ***(semanage_seuser_t **temp=NULL) { + $1 = &temp; +} + + +%typemap(argout) ( + semanage_handle_t* handle, + semanage_seuser_t*** records, + unsigned int* count) { + + if ($result) { + int value; + SWIG_AsVal_int($result, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist($1, (void**) *$2, *$3, SWIGTYPE_p_semanage_seuser, + (void (*) (void*)) &semanage_seuser_free, &plist) < 0) + $result = SWIG_From_int(STATUS_ERR); + else + $result = SWIG_Python_AppendOutput($result, plist); + } + } +} + +%typemap(in, numinputs=0) semanage_seuser_t **(semanage_seuser_t *temp=NULL) { + $1 = &temp; +} + +%typemap(argout) semanage_seuser_t ** { + $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); +} + +%typemap(argout) semanage_seuser_key_t ** { + $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); +} + +%typemap(in, numinputs=0) semanage_seuser_key_t **(semanage_seuser_key_t *temp=NULL) { + $1 = &temp; +} + +/** user typemaps **/ + +/* the wrapper will setup this parameter for passing... the resulting python functions + will not take the semanage_user_t *** parameter */ +%typemap(in, numinputs=0) semanage_user_t ***(semanage_user_t **temp=NULL) { + $1 = &temp; +} + +%typemap(argout) ( + semanage_handle_t* handle, + semanage_user_t*** records, + unsigned int* count) { + + if ($result) { + int value; + SWIG_AsVal_int($result, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist($1, (void**) *$2, *$3, SWIGTYPE_p_semanage_user, + (void (*) (void*)) &semanage_user_free, &plist) < 0) + $result = SWIG_From_int(STATUS_ERR); + else + $result = SWIG_Python_AppendOutput($result, plist); + } + } +} + +%typemap(in, numinputs=0) semanage_user_t **(semanage_user_t *temp=NULL) { + $1 = &temp; +} + +%typemap(argout) semanage_user_t ** { + $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); +} + +%typemap(argout) semanage_user_key_t ** { + $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); +} + +%typemap(in, numinputs=0) semanage_user_key_t **(semanage_user_key_t *temp=NULL) { + $1 = &temp; +} + +/** port typemaps **/ + +/* the wrapper will setup this parameter for passing... the resulting python functions + will not take the semanage_port_t *** parameter */ +%typemap(in, numinputs=0) semanage_port_t ***(semanage_port_t **temp=NULL) { + $1 = &temp; +} + +%typemap(argout) ( + semanage_handle_t* handle, + semanage_port_t*** records, + unsigned int* count) { + + if ($result) { + int value; + SWIG_AsVal_int($result, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist($1, (void**) *$2, *$3, SWIGTYPE_p_semanage_port, + (void (*) (void*)) &semanage_port_free, &plist) < 0) + $result = SWIG_From_int(STATUS_ERR); + else + $result = SWIG_Python_AppendOutput($result, plist); + } + } +} + +%typemap(in, numinputs=0) semanage_port_t **(semanage_port_t *temp=NULL) { + $1 = &temp; +} + +%typemap(argout) semanage_port_t ** { + $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); +} + +%typemap(argout) semanage_port_key_t ** { + $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); +} + +%typemap(in, numinputs=0) semanage_port_key_t **(semanage_port_key_t *temp=NULL) { + $1 = &temp; +} + +/** node typemaps **/ + +/* the wrapper will setup this parameter for passing... the resulting python functions + will not take the semanage_node_t *** parameter */ +%typemap(in, numinputs=0) semanage_node_t ***(semanage_node_t **temp=NULL) { + $1 = &temp; +} + +%typemap(argout) ( + semanage_handle_t* handle, + semanage_node_t*** records, + unsigned int* count) { + + if ($result) { + int value; + SWIG_AsVal_int($result, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist($1, (void**) *$2, *$3, SWIGTYPE_p_semanage_node, + (void (*) (void*)) &semanage_node_free, &plist) < 0) + $result = SWIG_From_int(STATUS_ERR); + else + $result = SWIG_Python_AppendOutput($result, plist); + } + } +} + +%typemap(in, numinputs=0) semanage_node_t **(semanage_node_t *temp=NULL) { + $1 = &temp; +} + +%typemap(argout) semanage_node_t ** { + $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); +} + + +%typemap(argout) semanage_node_key_t ** { + $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(*$1, $*1_descriptor, 0)); +} + +%typemap(in, numinputs=0) semanage_node_key_t **(semanage_node_key_t *temp=NULL) { + $1 = &temp; +} + +%include "semanageswig.i" diff --git a/libsemanage/src/semanageswig_wrap.c b/libsemanage/src/semanageswig_wrap.c new file mode 100644 index 00000000..86736b0d --- /dev/null +++ b/libsemanage/src/semanageswig_wrap.c @@ -0,0 +1,12391 @@ +/* ---------------------------------------------------------------------------- + * This file was automatically generated by SWIG (http://www.swig.org). + * Version 1.3.33 + * + * This file is not intended to be easily readable and contains a number of + * coding conventions designed to improve portability and efficiency. Do not make + * changes to this file unless you know what you are doing--modify the SWIG + * interface file instead. + * ----------------------------------------------------------------------------- */ + +#define SWIGPYTHON +#define SWIG_PYTHON_DIRECTOR_NO_VTABLE +/* ----------------------------------------------------------------------------- + * This section contains generic SWIG labels for method/variable + * declarations/attributes, and other compiler dependent labels. + * ----------------------------------------------------------------------------- */ + +/* template workaround for compilers that cannot correctly implement the C++ standard */ +#ifndef SWIGTEMPLATEDISAMBIGUATOR +# if defined(__SUNPRO_CC) && (__SUNPRO_CC <= 0x560) +# define SWIGTEMPLATEDISAMBIGUATOR template +# elif defined(__HP_aCC) +/* Needed even with `aCC -AA' when `aCC -V' reports HP ANSI C++ B3910B A.03.55 */ +/* If we find a maximum version that requires this, the test would be __HP_aCC <= 35500 for A.03.55 */ +# define SWIGTEMPLATEDISAMBIGUATOR template +# else +# define SWIGTEMPLATEDISAMBIGUATOR +# endif +#endif + +/* inline attribute */ +#ifndef SWIGINLINE +# if defined(__cplusplus) || (defined(__GNUC__) && !defined(__STRICT_ANSI__)) +# define SWIGINLINE inline +# else +# define SWIGINLINE +# endif +#endif + +/* attribute recognised by some compilers to avoid 'unused' warnings */ +#ifndef SWIGUNUSED +# if defined(__GNUC__) +# if !(defined(__cplusplus)) || (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 4)) +# define SWIGUNUSED __attribute__ ((__unused__)) +# else +# define SWIGUNUSED +# endif +# elif defined(__ICC) +# define SWIGUNUSED __attribute__ ((__unused__)) +# else +# define SWIGUNUSED +# endif +#endif + +#ifndef SWIGUNUSEDPARM +# ifdef __cplusplus +# define SWIGUNUSEDPARM(p) +# else +# define SWIGUNUSEDPARM(p) p SWIGUNUSED +# endif +#endif + +/* internal SWIG method */ +#ifndef SWIGINTERN +# define SWIGINTERN static SWIGUNUSED +#endif + +/* internal inline SWIG method */ +#ifndef SWIGINTERNINLINE +# define SWIGINTERNINLINE SWIGINTERN SWIGINLINE +#endif + +/* exporting methods */ +#if (__GNUC__ >= 4) || (__GNUC__ == 3 && __GNUC_MINOR__ >= 4) +# ifndef GCC_HASCLASSVISIBILITY +# define GCC_HASCLASSVISIBILITY +# endif +#endif + +#ifndef SWIGEXPORT +# if defined(_WIN32) || defined(__WIN32__) || defined(__CYGWIN__) +# if defined(STATIC_LINKED) +# define SWIGEXPORT +# else +# define SWIGEXPORT __declspec(dllexport) +# endif +# else +# if defined(__GNUC__) && defined(GCC_HASCLASSVISIBILITY) +# define SWIGEXPORT __attribute__ ((visibility("default"))) +# else +# define SWIGEXPORT +# endif +# endif +#endif + +/* calling conventions for Windows */ +#ifndef SWIGSTDCALL +# if defined(_WIN32) || defined(__WIN32__) || defined(__CYGWIN__) +# define SWIGSTDCALL __stdcall +# else +# define SWIGSTDCALL +# endif +#endif + +/* Deal with Microsoft's attempt at deprecating C standard runtime functions */ +#if !defined(SWIG_NO_CRT_SECURE_NO_DEPRECATE) && defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) +# define _CRT_SECURE_NO_DEPRECATE +#endif + +/* Deal with Microsoft's attempt at deprecating methods in the standard C++ library */ +#if !defined(SWIG_NO_SCL_SECURE_NO_DEPRECATE) && defined(_MSC_VER) && !defined(_SCL_SECURE_NO_DEPRECATE) +# define _SCL_SECURE_NO_DEPRECATE +#endif + + + +/* Python.h has to appear first */ +#include <Python.h> + +/* ----------------------------------------------------------------------------- + * swigrun.swg + * + * This file contains generic CAPI SWIG runtime support for pointer + * type checking. + * ----------------------------------------------------------------------------- */ + +/* This should only be incremented when either the layout of swig_type_info changes, + or for whatever reason, the runtime changes incompatibly */ +#define SWIG_RUNTIME_VERSION "3" + +/* define SWIG_TYPE_TABLE_NAME as "SWIG_TYPE_TABLE" */ +#ifdef SWIG_TYPE_TABLE +# define SWIG_QUOTE_STRING(x) #x +# define SWIG_EXPAND_AND_QUOTE_STRING(x) SWIG_QUOTE_STRING(x) +# define SWIG_TYPE_TABLE_NAME SWIG_EXPAND_AND_QUOTE_STRING(SWIG_TYPE_TABLE) +#else +# define SWIG_TYPE_TABLE_NAME +#endif + +/* + You can use the SWIGRUNTIME and SWIGRUNTIMEINLINE macros for + creating a static or dynamic library from the swig runtime code. + In 99.9% of the cases, swig just needs to declare them as 'static'. + + But only do this if is strictly necessary, ie, if you have problems + with your compiler or so. +*/ + +#ifndef SWIGRUNTIME +# define SWIGRUNTIME SWIGINTERN +#endif + +#ifndef SWIGRUNTIMEINLINE +# define SWIGRUNTIMEINLINE SWIGRUNTIME SWIGINLINE +#endif + +/* Generic buffer size */ +#ifndef SWIG_BUFFER_SIZE +# define SWIG_BUFFER_SIZE 1024 +#endif + +/* Flags for pointer conversions */ +#define SWIG_POINTER_DISOWN 0x1 + +/* Flags for new pointer objects */ +#define SWIG_POINTER_OWN 0x1 + + +/* + Flags/methods for returning states. + + The swig conversion methods, as ConvertPtr, return and integer + that tells if the conversion was successful or not. And if not, + an error code can be returned (see swigerrors.swg for the codes). + + Use the following macros/flags to set or process the returning + states. + + In old swig versions, you usually write code as: + + if (SWIG_ConvertPtr(obj,vptr,ty.flags) != -1) { + // success code + } else { + //fail code + } + + Now you can be more explicit as: + + int res = SWIG_ConvertPtr(obj,vptr,ty.flags); + if (SWIG_IsOK(res)) { + // success code + } else { + // fail code + } + + that seems to be the same, but now you can also do + + Type *ptr; + int res = SWIG_ConvertPtr(obj,(void **)(&ptr),ty.flags); + if (SWIG_IsOK(res)) { + // success code + if (SWIG_IsNewObj(res) { + ... + delete *ptr; + } else { + ... + } + } else { + // fail code + } + + I.e., now SWIG_ConvertPtr can return new objects and you can + identify the case and take care of the deallocation. Of course that + requires also to SWIG_ConvertPtr to return new result values, as + + int SWIG_ConvertPtr(obj, ptr,...) { + if (<obj is ok>) { + if (<need new object>) { + *ptr = <ptr to new allocated object>; + return SWIG_NEWOBJ; + } else { + *ptr = <ptr to old object>; + return SWIG_OLDOBJ; + } + } else { + return SWIG_BADOBJ; + } + } + + Of course, returning the plain '0(success)/-1(fail)' still works, but you can be + more explicit by returning SWIG_BADOBJ, SWIG_ERROR or any of the + swig errors code. + + Finally, if the SWIG_CASTRANK_MODE is enabled, the result code + allows to return the 'cast rank', for example, if you have this + + int food(double) + int fooi(int); + + and you call + + food(1) // cast rank '1' (1 -> 1.0) + fooi(1) // cast rank '0' + + just use the SWIG_AddCast()/SWIG_CheckState() + + + */ +#define SWIG_OK (0) +#define SWIG_ERROR (-1) +#define SWIG_IsOK(r) (r >= 0) +#define SWIG_ArgError(r) ((r != SWIG_ERROR) ? r : SWIG_TypeError) + +/* The CastRankLimit says how many bits are used for the cast rank */ +#define SWIG_CASTRANKLIMIT (1 << 8) +/* The NewMask denotes the object was created (using new/malloc) */ +#define SWIG_NEWOBJMASK (SWIG_CASTRANKLIMIT << 1) +/* The TmpMask is for in/out typemaps that use temporal objects */ +#define SWIG_TMPOBJMASK (SWIG_NEWOBJMASK << 1) +/* Simple returning values */ +#define SWIG_BADOBJ (SWIG_ERROR) +#define SWIG_OLDOBJ (SWIG_OK) +#define SWIG_NEWOBJ (SWIG_OK | SWIG_NEWOBJMASK) +#define SWIG_TMPOBJ (SWIG_OK | SWIG_TMPOBJMASK) +/* Check, add and del mask methods */ +#define SWIG_AddNewMask(r) (SWIG_IsOK(r) ? (r | SWIG_NEWOBJMASK) : r) +#define SWIG_DelNewMask(r) (SWIG_IsOK(r) ? (r & ~SWIG_NEWOBJMASK) : r) +#define SWIG_IsNewObj(r) (SWIG_IsOK(r) && (r & SWIG_NEWOBJMASK)) +#define SWIG_AddTmpMask(r) (SWIG_IsOK(r) ? (r | SWIG_TMPOBJMASK) : r) +#define SWIG_DelTmpMask(r) (SWIG_IsOK(r) ? (r & ~SWIG_TMPOBJMASK) : r) +#define SWIG_IsTmpObj(r) (SWIG_IsOK(r) && (r & SWIG_TMPOBJMASK)) + + +/* Cast-Rank Mode */ +#if defined(SWIG_CASTRANK_MODE) +# ifndef SWIG_TypeRank +# define SWIG_TypeRank unsigned long +# endif +# ifndef SWIG_MAXCASTRANK /* Default cast allowed */ +# define SWIG_MAXCASTRANK (2) +# endif +# define SWIG_CASTRANKMASK ((SWIG_CASTRANKLIMIT) -1) +# define SWIG_CastRank(r) (r & SWIG_CASTRANKMASK) +SWIGINTERNINLINE int SWIG_AddCast(int r) { + return SWIG_IsOK(r) ? ((SWIG_CastRank(r) < SWIG_MAXCASTRANK) ? (r + 1) : SWIG_ERROR) : r; +} +SWIGINTERNINLINE int SWIG_CheckState(int r) { + return SWIG_IsOK(r) ? SWIG_CastRank(r) + 1 : 0; +} +#else /* no cast-rank mode */ +# define SWIG_AddCast +# define SWIG_CheckState(r) (SWIG_IsOK(r) ? 1 : 0) +#endif + + + + +#include <string.h> + +#ifdef __cplusplus +extern "C" { +#endif + +typedef void *(*swig_converter_func)(void *); +typedef struct swig_type_info *(*swig_dycast_func)(void **); + +/* Structure to store inforomation on one type */ +typedef struct swig_type_info { + const char *name; /* mangled name of this type */ + const char *str; /* human readable name of this type */ + swig_dycast_func dcast; /* dynamic cast function down a hierarchy */ + struct swig_cast_info *cast; /* linked list of types that can cast into this type */ + void *clientdata; /* language specific type data */ + int owndata; /* flag if the structure owns the clientdata */ +} swig_type_info; + +/* Structure to store a type and conversion function used for casting */ +typedef struct swig_cast_info { + swig_type_info *type; /* pointer to type that is equivalent to this type */ + swig_converter_func converter; /* function to cast the void pointers */ + struct swig_cast_info *next; /* pointer to next cast in linked list */ + struct swig_cast_info *prev; /* pointer to the previous cast */ +} swig_cast_info; + +/* Structure used to store module information + * Each module generates one structure like this, and the runtime collects + * all of these structures and stores them in a circularly linked list.*/ +typedef struct swig_module_info { + swig_type_info **types; /* Array of pointers to swig_type_info structures that are in this module */ + size_t size; /* Number of types in this module */ + struct swig_module_info *next; /* Pointer to next element in circularly linked list */ + swig_type_info **type_initial; /* Array of initially generated type structures */ + swig_cast_info **cast_initial; /* Array of initially generated casting structures */ + void *clientdata; /* Language specific module data */ +} swig_module_info; + +/* + Compare two type names skipping the space characters, therefore + "char*" == "char *" and "Class<int>" == "Class<int >", etc. + + Return 0 when the two name types are equivalent, as in + strncmp, but skipping ' '. +*/ +SWIGRUNTIME int +SWIG_TypeNameComp(const char *f1, const char *l1, + const char *f2, const char *l2) { + for (;(f1 != l1) && (f2 != l2); ++f1, ++f2) { + while ((*f1 == ' ') && (f1 != l1)) ++f1; + while ((*f2 == ' ') && (f2 != l2)) ++f2; + if (*f1 != *f2) return (*f1 > *f2) ? 1 : -1; + } + return (int)((l1 - f1) - (l2 - f2)); +} + +/* + Check type equivalence in a name list like <name1>|<name2>|... + Return 0 if not equal, 1 if equal +*/ +SWIGRUNTIME int +SWIG_TypeEquiv(const char *nb, const char *tb) { + int equiv = 0; + const char* te = tb + strlen(tb); + const char* ne = nb; + while (!equiv && *ne) { + for (nb = ne; *ne; ++ne) { + if (*ne == '|') break; + } + equiv = (SWIG_TypeNameComp(nb, ne, tb, te) == 0) ? 1 : 0; + if (*ne) ++ne; + } + return equiv; +} + +/* + Check type equivalence in a name list like <name1>|<name2>|... + Return 0 if equal, -1 if nb < tb, 1 if nb > tb +*/ +SWIGRUNTIME int +SWIG_TypeCompare(const char *nb, const char *tb) { + int equiv = 0; + const char* te = tb + strlen(tb); + const char* ne = nb; + while (!equiv && *ne) { + for (nb = ne; *ne; ++ne) { + if (*ne == '|') break; + } + equiv = (SWIG_TypeNameComp(nb, ne, tb, te) == 0) ? 1 : 0; + if (*ne) ++ne; + } + return equiv; +} + + +/* think of this as a c++ template<> or a scheme macro */ +#define SWIG_TypeCheck_Template(comparison, ty) \ + if (ty) { \ + swig_cast_info *iter = ty->cast; \ + while (iter) { \ + if (comparison) { \ + if (iter == ty->cast) return iter; \ + /* Move iter to the top of the linked list */ \ + iter->prev->next = iter->next; \ + if (iter->next) \ + iter->next->prev = iter->prev; \ + iter->next = ty->cast; \ + iter->prev = 0; \ + if (ty->cast) ty->cast->prev = iter; \ + ty->cast = iter; \ + return iter; \ + } \ + iter = iter->next; \ + } \ + } \ + return 0 + +/* + Check the typename +*/ +SWIGRUNTIME swig_cast_info * +SWIG_TypeCheck(const char *c, swig_type_info *ty) { + SWIG_TypeCheck_Template(strcmp(iter->type->name, c) == 0, ty); +} + +/* Same as previous function, except strcmp is replaced with a pointer comparison */ +SWIGRUNTIME swig_cast_info * +SWIG_TypeCheckStruct(swig_type_info *from, swig_type_info *into) { + SWIG_TypeCheck_Template(iter->type == from, into); +} + +/* + Cast a pointer up an inheritance hierarchy +*/ +SWIGRUNTIMEINLINE void * +SWIG_TypeCast(swig_cast_info *ty, void *ptr) { + return ((!ty) || (!ty->converter)) ? ptr : (*ty->converter)(ptr); +} + +/* + Dynamic pointer casting. Down an inheritance hierarchy +*/ +SWIGRUNTIME swig_type_info * +SWIG_TypeDynamicCast(swig_type_info *ty, void **ptr) { + swig_type_info *lastty = ty; + if (!ty || !ty->dcast) return ty; + while (ty && (ty->dcast)) { + ty = (*ty->dcast)(ptr); + if (ty) lastty = ty; + } + return lastty; +} + +/* + Return the name associated with this type +*/ +SWIGRUNTIMEINLINE const char * +SWIG_TypeName(const swig_type_info *ty) { + return ty->name; +} + +/* + Return the pretty name associated with this type, + that is an unmangled type name in a form presentable to the user. +*/ +SWIGRUNTIME const char * +SWIG_TypePrettyName(const swig_type_info *type) { + /* The "str" field contains the equivalent pretty names of the + type, separated by vertical-bar characters. We choose + to print the last name, as it is often (?) the most + specific. */ + if (!type) return NULL; + if (type->str != NULL) { + const char *last_name = type->str; + const char *s; + for (s = type->str; *s; s++) + if (*s == '|') last_name = s+1; + return last_name; + } + else + return type->name; +} + +/* + Set the clientdata field for a type +*/ +SWIGRUNTIME void +SWIG_TypeClientData(swig_type_info *ti, void *clientdata) { + swig_cast_info *cast = ti->cast; + /* if (ti->clientdata == clientdata) return; */ + ti->clientdata = clientdata; + + while (cast) { + if (!cast->converter) { + swig_type_info *tc = cast->type; + if (!tc->clientdata) { + SWIG_TypeClientData(tc, clientdata); + } + } + cast = cast->next; + } +} +SWIGRUNTIME void +SWIG_TypeNewClientData(swig_type_info *ti, void *clientdata) { + SWIG_TypeClientData(ti, clientdata); + ti->owndata = 1; +} + +/* + Search for a swig_type_info structure only by mangled name + Search is a O(log #types) + + We start searching at module start, and finish searching when start == end. + Note: if start == end at the beginning of the function, we go all the way around + the circular list. +*/ +SWIGRUNTIME swig_type_info * +SWIG_MangledTypeQueryModule(swig_module_info *start, + swig_module_info *end, + const char *name) { + swig_module_info *iter = start; + do { + if (iter->size) { + register size_t l = 0; + register size_t r = iter->size - 1; + do { + /* since l+r >= 0, we can (>> 1) instead (/ 2) */ + register size_t i = (l + r) >> 1; + const char *iname = iter->types[i]->name; + if (iname) { + register int compare = strcmp(name, iname); + if (compare == 0) { + return iter->types[i]; + } else if (compare < 0) { + if (i) { + r = i - 1; + } else { + break; + } + } else if (compare > 0) { + l = i + 1; + } + } else { + break; /* should never happen */ + } + } while (l <= r); + } + iter = iter->next; + } while (iter != end); + return 0; +} + +/* + Search for a swig_type_info structure for either a mangled name or a human readable name. + It first searches the mangled names of the types, which is a O(log #types) + If a type is not found it then searches the human readable names, which is O(#types). + + We start searching at module start, and finish searching when start == end. + Note: if start == end at the beginning of the function, we go all the way around + the circular list. +*/ +SWIGRUNTIME swig_type_info * +SWIG_TypeQueryModule(swig_module_info *start, + swig_module_info *end, + const char *name) { + /* STEP 1: Search the name field using binary search */ + swig_type_info *ret = SWIG_MangledTypeQueryModule(start, end, name); + if (ret) { + return ret; + } else { + /* STEP 2: If the type hasn't been found, do a complete search + of the str field (the human readable name) */ + swig_module_info *iter = start; + do { + register size_t i = 0; + for (; i < iter->size; ++i) { + if (iter->types[i]->str && (SWIG_TypeEquiv(iter->types[i]->str, name))) + return iter->types[i]; + } + iter = iter->next; + } while (iter != end); + } + + /* neither found a match */ + return 0; +} + +/* + Pack binary data into a string +*/ +SWIGRUNTIME char * +SWIG_PackData(char *c, void *ptr, size_t sz) { + static const char hex[17] = "0123456789abcdef"; + register const unsigned char *u = (unsigned char *) ptr; + register const unsigned char *eu = u + sz; + for (; u != eu; ++u) { + register unsigned char uu = *u; + *(c++) = hex[(uu & 0xf0) >> 4]; + *(c++) = hex[uu & 0xf]; + } + return c; +} + +/* + Unpack binary data from a string +*/ +SWIGRUNTIME const char * +SWIG_UnpackData(const char *c, void *ptr, size_t sz) { + register unsigned char *u = (unsigned char *) ptr; + register const unsigned char *eu = u + sz; + for (; u != eu; ++u) { + register char d = *(c++); + register unsigned char uu; + if ((d >= '0') && (d <= '9')) + uu = ((d - '0') << 4); + else if ((d >= 'a') && (d <= 'f')) + uu = ((d - ('a'-10)) << 4); + else + return (char *) 0; + d = *(c++); + if ((d >= '0') && (d <= '9')) + uu |= (d - '0'); + else if ((d >= 'a') && (d <= 'f')) + uu |= (d - ('a'-10)); + else + return (char *) 0; + *u = uu; + } + return c; +} + +/* + Pack 'void *' into a string buffer. +*/ +SWIGRUNTIME char * +SWIG_PackVoidPtr(char *buff, void *ptr, const char *name, size_t bsz) { + char *r = buff; + if ((2*sizeof(void *) + 2) > bsz) return 0; + *(r++) = '_'; + r = SWIG_PackData(r,&ptr,sizeof(void *)); + if (strlen(name) + 1 > (bsz - (r - buff))) return 0; + strcpy(r,name); + return buff; +} + +SWIGRUNTIME const char * +SWIG_UnpackVoidPtr(const char *c, void **ptr, const char *name) { + if (*c != '_') { + if (strcmp(c,"NULL") == 0) { + *ptr = (void *) 0; + return name; + } else { + return 0; + } + } + return SWIG_UnpackData(++c,ptr,sizeof(void *)); +} + +SWIGRUNTIME char * +SWIG_PackDataName(char *buff, void *ptr, size_t sz, const char *name, size_t bsz) { + char *r = buff; + size_t lname = (name ? strlen(name) : 0); + if ((2*sz + 2 + lname) > bsz) return 0; + *(r++) = '_'; + r = SWIG_PackData(r,ptr,sz); + if (lname) { + strncpy(r,name,lname+1); + } else { + *r = 0; + } + return buff; +} + +SWIGRUNTIME const char * +SWIG_UnpackDataName(const char *c, void *ptr, size_t sz, const char *name) { + if (*c != '_') { + if (strcmp(c,"NULL") == 0) { + memset(ptr,0,sz); + return name; + } else { + return 0; + } + } + return SWIG_UnpackData(++c,ptr,sz); +} + +#ifdef __cplusplus +} +#endif + +/* Errors in SWIG */ +#define SWIG_UnknownError -1 +#define SWIG_IOError -2 +#define SWIG_RuntimeError -3 +#define SWIG_IndexError -4 +#define SWIG_TypeError -5 +#define SWIG_DivisionByZero -6 +#define SWIG_OverflowError -7 +#define SWIG_SyntaxError -8 +#define SWIG_ValueError -9 +#define SWIG_SystemError -10 +#define SWIG_AttributeError -11 +#define SWIG_MemoryError -12 +#define SWIG_NullReferenceError -13 + + + + +/* Add PyOS_snprintf for old Pythons */ +#if PY_VERSION_HEX < 0x02020000 +# if defined(_MSC_VER) || defined(__BORLANDC__) || defined(_WATCOM) +# define PyOS_snprintf _snprintf +# else +# define PyOS_snprintf snprintf +# endif +#endif + +/* A crude PyString_FromFormat implementation for old Pythons */ +#if PY_VERSION_HEX < 0x02020000 + +#ifndef SWIG_PYBUFFER_SIZE +# define SWIG_PYBUFFER_SIZE 1024 +#endif + +static PyObject * +PyString_FromFormat(const char *fmt, ...) { + va_list ap; + char buf[SWIG_PYBUFFER_SIZE * 2]; + int res; + va_start(ap, fmt); + res = vsnprintf(buf, sizeof(buf), fmt, ap); + va_end(ap); + return (res < 0 || res >= (int)sizeof(buf)) ? 0 : PyString_FromString(buf); +} +#endif + +/* Add PyObject_Del for old Pythons */ +#if PY_VERSION_HEX < 0x01060000 +# define PyObject_Del(op) PyMem_DEL((op)) +#endif +#ifndef PyObject_DEL +# define PyObject_DEL PyObject_Del +#endif + +/* A crude PyExc_StopIteration exception for old Pythons */ +#if PY_VERSION_HEX < 0x02020000 +# ifndef PyExc_StopIteration +# define PyExc_StopIteration PyExc_RuntimeError +# endif +# ifndef PyObject_GenericGetAttr +# define PyObject_GenericGetAttr 0 +# endif +#endif +/* Py_NotImplemented is defined in 2.1 and up. */ +#if PY_VERSION_HEX < 0x02010000 +# ifndef Py_NotImplemented +# define Py_NotImplemented PyExc_RuntimeError +# endif +#endif + + +/* A crude PyString_AsStringAndSize implementation for old Pythons */ +#if PY_VERSION_HEX < 0x02010000 +# ifndef PyString_AsStringAndSize +# define PyString_AsStringAndSize(obj, s, len) {*s = PyString_AsString(obj); *len = *s ? strlen(*s) : 0;} +# endif +#endif + +/* PySequence_Size for old Pythons */ +#if PY_VERSION_HEX < 0x02000000 +# ifndef PySequence_Size +# define PySequence_Size PySequence_Length +# endif +#endif + + +/* PyBool_FromLong for old Pythons */ +#if PY_VERSION_HEX < 0x02030000 +static +PyObject *PyBool_FromLong(long ok) +{ + PyObject *result = ok ? Py_True : Py_False; + Py_INCREF(result); + return result; +} +#endif + +/* Py_ssize_t for old Pythons */ +/* This code is as recommended by: */ +/* http://www.python.org/dev/peps/pep-0353/#conversion-guidelines */ +#if PY_VERSION_HEX < 0x02050000 && !defined(PY_SSIZE_T_MIN) +typedef int Py_ssize_t; +# define PY_SSIZE_T_MAX INT_MAX +# define PY_SSIZE_T_MIN INT_MIN +#endif + +/* ----------------------------------------------------------------------------- + * error manipulation + * ----------------------------------------------------------------------------- */ + +SWIGRUNTIME PyObject* +SWIG_Python_ErrorType(int code) { + PyObject* type = 0; + switch(code) { + case SWIG_MemoryError: + type = PyExc_MemoryError; + break; + case SWIG_IOError: + type = PyExc_IOError; + break; + case SWIG_RuntimeError: + type = PyExc_RuntimeError; + break; + case SWIG_IndexError: + type = PyExc_IndexError; + break; + case SWIG_TypeError: + type = PyExc_TypeError; + break; + case SWIG_DivisionByZero: + type = PyExc_ZeroDivisionError; + break; + case SWIG_OverflowError: + type = PyExc_OverflowError; + break; + case SWIG_SyntaxError: + type = PyExc_SyntaxError; + break; + case SWIG_ValueError: + type = PyExc_ValueError; + break; + case SWIG_SystemError: + type = PyExc_SystemError; + break; + case SWIG_AttributeError: + type = PyExc_AttributeError; + break; + default: + type = PyExc_RuntimeError; + } + return type; +} + + +SWIGRUNTIME void +SWIG_Python_AddErrorMsg(const char* mesg) +{ + PyObject *type = 0; + PyObject *value = 0; + PyObject *traceback = 0; + + if (PyErr_Occurred()) PyErr_Fetch(&type, &value, &traceback); + if (value) { + PyObject *old_str = PyObject_Str(value); + PyErr_Clear(); + Py_XINCREF(type); + PyErr_Format(type, "%s %s", PyString_AsString(old_str), mesg); + Py_DECREF(old_str); + Py_DECREF(value); + } else { + PyErr_Format(PyExc_RuntimeError, mesg); + } +} + + + +#if defined(SWIG_PYTHON_NO_THREADS) +# if defined(SWIG_PYTHON_THREADS) +# undef SWIG_PYTHON_THREADS +# endif +#endif +#if defined(SWIG_PYTHON_THREADS) /* Threading support is enabled */ +# if !defined(SWIG_PYTHON_USE_GIL) && !defined(SWIG_PYTHON_NO_USE_GIL) +# if (PY_VERSION_HEX >= 0x02030000) /* For 2.3 or later, use the PyGILState calls */ +# define SWIG_PYTHON_USE_GIL +# endif +# endif +# if defined(SWIG_PYTHON_USE_GIL) /* Use PyGILState threads calls */ +# ifndef SWIG_PYTHON_INITIALIZE_THREADS +# define SWIG_PYTHON_INITIALIZE_THREADS PyEval_InitThreads() +# endif +# ifdef __cplusplus /* C++ code */ + class SWIG_Python_Thread_Block { + bool status; + PyGILState_STATE state; + public: + void end() { if (status) { PyGILState_Release(state); status = false;} } + SWIG_Python_Thread_Block() : status(true), state(PyGILState_Ensure()) {} + ~SWIG_Python_Thread_Block() { end(); } + }; + class SWIG_Python_Thread_Allow { + bool status; + PyThreadState *save; + public: + void end() { if (status) { PyEval_RestoreThread(save); status = false; }} + SWIG_Python_Thread_Allow() : status(true), save(PyEval_SaveThread()) {} + ~SWIG_Python_Thread_Allow() { end(); } + }; +# define SWIG_PYTHON_THREAD_BEGIN_BLOCK SWIG_Python_Thread_Block _swig_thread_block +# define SWIG_PYTHON_THREAD_END_BLOCK _swig_thread_block.end() +# define SWIG_PYTHON_THREAD_BEGIN_ALLOW SWIG_Python_Thread_Allow _swig_thread_allow +# define SWIG_PYTHON_THREAD_END_ALLOW _swig_thread_allow.end() +# else /* C code */ +# define SWIG_PYTHON_THREAD_BEGIN_BLOCK PyGILState_STATE _swig_thread_block = PyGILState_Ensure() +# define SWIG_PYTHON_THREAD_END_BLOCK PyGILState_Release(_swig_thread_block) +# define SWIG_PYTHON_THREAD_BEGIN_ALLOW PyThreadState *_swig_thread_allow = PyEval_SaveThread() +# define SWIG_PYTHON_THREAD_END_ALLOW PyEval_RestoreThread(_swig_thread_allow) +# endif +# else /* Old thread way, not implemented, user must provide it */ +# if !defined(SWIG_PYTHON_INITIALIZE_THREADS) +# define SWIG_PYTHON_INITIALIZE_THREADS +# endif +# if !defined(SWIG_PYTHON_THREAD_BEGIN_BLOCK) +# define SWIG_PYTHON_THREAD_BEGIN_BLOCK +# endif +# if !defined(SWIG_PYTHON_THREAD_END_BLOCK) +# define SWIG_PYTHON_THREAD_END_BLOCK +# endif +# if !defined(SWIG_PYTHON_THREAD_BEGIN_ALLOW) +# define SWIG_PYTHON_THREAD_BEGIN_ALLOW +# endif +# if !defined(SWIG_PYTHON_THREAD_END_ALLOW) +# define SWIG_PYTHON_THREAD_END_ALLOW +# endif +# endif +#else /* No thread support */ +# define SWIG_PYTHON_INITIALIZE_THREADS +# define SWIG_PYTHON_THREAD_BEGIN_BLOCK +# define SWIG_PYTHON_THREAD_END_BLOCK +# define SWIG_PYTHON_THREAD_BEGIN_ALLOW +# define SWIG_PYTHON_THREAD_END_ALLOW +#endif + +/* ----------------------------------------------------------------------------- + * Python API portion that goes into the runtime + * ----------------------------------------------------------------------------- */ + +#ifdef __cplusplus +extern "C" { +#if 0 +} /* cc-mode */ +#endif +#endif + +/* ----------------------------------------------------------------------------- + * Constant declarations + * ----------------------------------------------------------------------------- */ + +/* Constant Types */ +#define SWIG_PY_POINTER 4 +#define SWIG_PY_BINARY 5 + +/* Constant information structure */ +typedef struct swig_const_info { + int type; + char *name; + long lvalue; + double dvalue; + void *pvalue; + swig_type_info **ptype; +} swig_const_info; + +#ifdef __cplusplus +#if 0 +{ /* cc-mode */ +#endif +} +#endif + + +/* ----------------------------------------------------------------------------- + * See the LICENSE file for information on copyright, usage and redistribution + * of SWIG, and the README file for authors - http://www.swig.org/release.html. + * + * pyrun.swg + * + * This file contains the runtime support for Python modules + * and includes code for managing global variables and pointer + * type checking. + * + * ----------------------------------------------------------------------------- */ + +/* Common SWIG API */ + +/* for raw pointers */ +#define SWIG_Python_ConvertPtr(obj, pptr, type, flags) SWIG_Python_ConvertPtrAndOwn(obj, pptr, type, flags, 0) +#define SWIG_ConvertPtr(obj, pptr, type, flags) SWIG_Python_ConvertPtr(obj, pptr, type, flags) +#define SWIG_ConvertPtrAndOwn(obj,pptr,type,flags,own) SWIG_Python_ConvertPtrAndOwn(obj, pptr, type, flags, own) +#define SWIG_NewPointerObj(ptr, type, flags) SWIG_Python_NewPointerObj(ptr, type, flags) +#define SWIG_CheckImplicit(ty) SWIG_Python_CheckImplicit(ty) +#define SWIG_AcquirePtr(ptr, src) SWIG_Python_AcquirePtr(ptr, src) +#define swig_owntype int + +/* for raw packed data */ +#define SWIG_ConvertPacked(obj, ptr, sz, ty) SWIG_Python_ConvertPacked(obj, ptr, sz, ty) +#define SWIG_NewPackedObj(ptr, sz, type) SWIG_Python_NewPackedObj(ptr, sz, type) + +/* for class or struct pointers */ +#define SWIG_ConvertInstance(obj, pptr, type, flags) SWIG_ConvertPtr(obj, pptr, type, flags) +#define SWIG_NewInstanceObj(ptr, type, flags) SWIG_NewPointerObj(ptr, type, flags) + +/* for C or C++ function pointers */ +#define SWIG_ConvertFunctionPtr(obj, pptr, type) SWIG_Python_ConvertFunctionPtr(obj, pptr, type) +#define SWIG_NewFunctionPtrObj(ptr, type) SWIG_Python_NewPointerObj(ptr, type, 0) + +/* for C++ member pointers, ie, member methods */ +#define SWIG_ConvertMember(obj, ptr, sz, ty) SWIG_Python_ConvertPacked(obj, ptr, sz, ty) +#define SWIG_NewMemberObj(ptr, sz, type) SWIG_Python_NewPackedObj(ptr, sz, type) + + +/* Runtime API */ + +#define SWIG_GetModule(clientdata) SWIG_Python_GetModule() +#define SWIG_SetModule(clientdata, pointer) SWIG_Python_SetModule(pointer) +#define SWIG_NewClientData(obj) PySwigClientData_New(obj) + +#define SWIG_SetErrorObj SWIG_Python_SetErrorObj +#define SWIG_SetErrorMsg SWIG_Python_SetErrorMsg +#define SWIG_ErrorType(code) SWIG_Python_ErrorType(code) +#define SWIG_Error(code, msg) SWIG_Python_SetErrorMsg(SWIG_ErrorType(code), msg) +#define SWIG_fail goto fail + + +/* Runtime API implementation */ + +/* Error manipulation */ + +SWIGINTERN void +SWIG_Python_SetErrorObj(PyObject *errtype, PyObject *obj) { + SWIG_PYTHON_THREAD_BEGIN_BLOCK; + PyErr_SetObject(errtype, obj); + Py_DECREF(obj); + SWIG_PYTHON_THREAD_END_BLOCK; +} + +SWIGINTERN void +SWIG_Python_SetErrorMsg(PyObject *errtype, const char *msg) { + SWIG_PYTHON_THREAD_BEGIN_BLOCK; + PyErr_SetString(errtype, (char *) msg); + SWIG_PYTHON_THREAD_END_BLOCK; +} + +#define SWIG_Python_Raise(obj, type, desc) SWIG_Python_SetErrorObj(SWIG_Python_ExceptionType(desc), obj) + +/* Set a constant value */ + +SWIGINTERN void +SWIG_Python_SetConstant(PyObject *d, const char *name, PyObject *obj) { + PyDict_SetItemString(d, (char*) name, obj); + Py_DECREF(obj); +} + +/* Append a value to the result obj */ + +SWIGINTERN PyObject* +SWIG_Python_AppendOutput(PyObject* result, PyObject* obj) { +#if !defined(SWIG_PYTHON_OUTPUT_TUPLE) + if (!result) { + result = obj; + } else if (result == Py_None) { + Py_DECREF(result); + result = obj; + } else { + if (!PyList_Check(result)) { + PyObject *o2 = result; + result = PyList_New(1); + PyList_SetItem(result, 0, o2); + } + PyList_Append(result,obj); + Py_DECREF(obj); + } + return result; +#else + PyObject* o2; + PyObject* o3; + if (!result) { + result = obj; + } else if (result == Py_None) { + Py_DECREF(result); + result = obj; + } else { + if (!PyTuple_Check(result)) { + o2 = result; + result = PyTuple_New(1); + PyTuple_SET_ITEM(result, 0, o2); + } + o3 = PyTuple_New(1); + PyTuple_SET_ITEM(o3, 0, obj); + o2 = result; + result = PySequence_Concat(o2, o3); + Py_DECREF(o2); + Py_DECREF(o3); + } + return result; +#endif +} + +/* Unpack the argument tuple */ + +SWIGINTERN int +SWIG_Python_UnpackTuple(PyObject *args, const char *name, Py_ssize_t min, Py_ssize_t max, PyObject **objs) +{ + if (!args) { + if (!min && !max) { + return 1; + } else { + PyErr_Format(PyExc_TypeError, "%s expected %s%d arguments, got none", + name, (min == max ? "" : "at least "), (int)min); + return 0; + } + } + if (!PyTuple_Check(args)) { + PyErr_SetString(PyExc_SystemError, "UnpackTuple() argument list is not a tuple"); + return 0; + } else { + register Py_ssize_t l = PyTuple_GET_SIZE(args); + if (l < min) { + PyErr_Format(PyExc_TypeError, "%s expected %s%d arguments, got %d", + name, (min == max ? "" : "at least "), (int)min, (int)l); + return 0; + } else if (l > max) { + PyErr_Format(PyExc_TypeError, "%s expected %s%d arguments, got %d", + name, (min == max ? "" : "at most "), (int)max, (int)l); + return 0; + } else { + register int i; + for (i = 0; i < l; ++i) { + objs[i] = PyTuple_GET_ITEM(args, i); + } + for (; l < max; ++l) { + objs[l] = 0; + } + return i + 1; + } + } +} + +/* A functor is a function object with one single object argument */ +#if PY_VERSION_HEX >= 0x02020000 +#define SWIG_Python_CallFunctor(functor, obj) PyObject_CallFunctionObjArgs(functor, obj, NULL); +#else +#define SWIG_Python_CallFunctor(functor, obj) PyObject_CallFunction(functor, "O", obj); +#endif + +/* + Helper for static pointer initialization for both C and C++ code, for example + static PyObject *SWIG_STATIC_POINTER(MyVar) = NewSomething(...); +*/ +#ifdef __cplusplus +#define SWIG_STATIC_POINTER(var) var +#else +#define SWIG_STATIC_POINTER(var) var = 0; if (!var) var +#endif + +/* ----------------------------------------------------------------------------- + * Pointer declarations + * ----------------------------------------------------------------------------- */ + +/* Flags for new pointer objects */ +#define SWIG_POINTER_NOSHADOW (SWIG_POINTER_OWN << 1) +#define SWIG_POINTER_NEW (SWIG_POINTER_NOSHADOW | SWIG_POINTER_OWN) + +#define SWIG_POINTER_IMPLICIT_CONV (SWIG_POINTER_DISOWN << 1) + +#ifdef __cplusplus +extern "C" { +#if 0 +} /* cc-mode */ +#endif +#endif + +/* How to access Py_None */ +#if defined(_WIN32) || defined(__WIN32__) || defined(__CYGWIN__) +# ifndef SWIG_PYTHON_NO_BUILD_NONE +# ifndef SWIG_PYTHON_BUILD_NONE +# define SWIG_PYTHON_BUILD_NONE +# endif +# endif +#endif + +#ifdef SWIG_PYTHON_BUILD_NONE +# ifdef Py_None +# undef Py_None +# define Py_None SWIG_Py_None() +# endif +SWIGRUNTIMEINLINE PyObject * +_SWIG_Py_None(void) +{ + PyObject *none = Py_BuildValue((char*)""); + Py_DECREF(none); + return none; +} +SWIGRUNTIME PyObject * +SWIG_Py_None(void) +{ + static PyObject *SWIG_STATIC_POINTER(none) = _SWIG_Py_None(); + return none; +} +#endif + +/* The python void return value */ + +SWIGRUNTIMEINLINE PyObject * +SWIG_Py_Void(void) +{ + PyObject *none = Py_None; + Py_INCREF(none); + return none; +} + +/* PySwigClientData */ + +typedef struct { + PyObject *klass; + PyObject *newraw; + PyObject *newargs; + PyObject *destroy; + int delargs; + int implicitconv; +} PySwigClientData; + +SWIGRUNTIMEINLINE int +SWIG_Python_CheckImplicit(swig_type_info *ty) +{ + PySwigClientData *data = (PySwigClientData *)ty->clientdata; + return data ? data->implicitconv : 0; +} + +SWIGRUNTIMEINLINE PyObject * +SWIG_Python_ExceptionType(swig_type_info *desc) { + PySwigClientData *data = desc ? (PySwigClientData *) desc->clientdata : 0; + PyObject *klass = data ? data->klass : 0; + return (klass ? klass : PyExc_RuntimeError); +} + + +SWIGRUNTIME PySwigClientData * +PySwigClientData_New(PyObject* obj) +{ + if (!obj) { + return 0; + } else { + PySwigClientData *data = (PySwigClientData *)malloc(sizeof(PySwigClientData)); + /* the klass element */ + data->klass = obj; + Py_INCREF(data->klass); + /* the newraw method and newargs arguments used to create a new raw instance */ + if (PyClass_Check(obj)) { + data->newraw = 0; + data->newargs = obj; + Py_INCREF(obj); + } else { +#if (PY_VERSION_HEX < 0x02020000) + data->newraw = 0; +#else + data->newraw = PyObject_GetAttrString(data->klass, (char *)"__new__"); +#endif + if (data->newraw) { + Py_INCREF(data->newraw); + data->newargs = PyTuple_New(1); + PyTuple_SetItem(data->newargs, 0, obj); + } else { + data->newargs = obj; + } + Py_INCREF(data->newargs); + } + /* the destroy method, aka as the C++ delete method */ + data->destroy = PyObject_GetAttrString(data->klass, (char *)"__swig_destroy__"); + if (PyErr_Occurred()) { + PyErr_Clear(); + data->destroy = 0; + } + if (data->destroy) { + int flags; + Py_INCREF(data->destroy); + flags = PyCFunction_GET_FLAGS(data->destroy); +#ifdef METH_O + data->delargs = !(flags & (METH_O)); +#else + data->delargs = 0; +#endif + } else { + data->delargs = 0; + } + data->implicitconv = 0; + return data; + } +} + +SWIGRUNTIME void +PySwigClientData_Del(PySwigClientData* data) +{ + Py_XDECREF(data->newraw); + Py_XDECREF(data->newargs); + Py_XDECREF(data->destroy); +} + +/* =============== PySwigObject =====================*/ + +typedef struct { + PyObject_HEAD + void *ptr; + swig_type_info *ty; + int own; + PyObject *next; +} PySwigObject; + +SWIGRUNTIME PyObject * +PySwigObject_long(PySwigObject *v) +{ + return PyLong_FromVoidPtr(v->ptr); +} + +SWIGRUNTIME PyObject * +PySwigObject_format(const char* fmt, PySwigObject *v) +{ + PyObject *res = NULL; + PyObject *args = PyTuple_New(1); + if (args) { + if (PyTuple_SetItem(args, 0, PySwigObject_long(v)) == 0) { + PyObject *ofmt = PyString_FromString(fmt); + if (ofmt) { + res = PyString_Format(ofmt,args); + Py_DECREF(ofmt); + } + Py_DECREF(args); + } + } + return res; +} + +SWIGRUNTIME PyObject * +PySwigObject_oct(PySwigObject *v) +{ + return PySwigObject_format("%o",v); +} + +SWIGRUNTIME PyObject * +PySwigObject_hex(PySwigObject *v) +{ + return PySwigObject_format("%x",v); +} + +SWIGRUNTIME PyObject * +#ifdef METH_NOARGS +PySwigObject_repr(PySwigObject *v) +#else +PySwigObject_repr(PySwigObject *v, PyObject *args) +#endif +{ + const char *name = SWIG_TypePrettyName(v->ty); + PyObject *hex = PySwigObject_hex(v); + PyObject *repr = PyString_FromFormat("<Swig Object of type '%s' at 0x%s>", name, PyString_AsString(hex)); + Py_DECREF(hex); + if (v->next) { +#ifdef METH_NOARGS + PyObject *nrep = PySwigObject_repr((PySwigObject *)v->next); +#else + PyObject *nrep = PySwigObject_repr((PySwigObject *)v->next, args); +#endif + PyString_ConcatAndDel(&repr,nrep); + } + return repr; +} + +SWIGRUNTIME int +PySwigObject_print(PySwigObject *v, FILE *fp, int SWIGUNUSEDPARM(flags)) +{ +#ifdef METH_NOARGS + PyObject *repr = PySwigObject_repr(v); +#else + PyObject *repr = PySwigObject_repr(v, NULL); +#endif + if (repr) { + fputs(PyString_AsString(repr), fp); + Py_DECREF(repr); + return 0; + } else { + return 1; + } +} + +SWIGRUNTIME PyObject * +PySwigObject_str(PySwigObject *v) +{ + char result[SWIG_BUFFER_SIZE]; + return SWIG_PackVoidPtr(result, v->ptr, v->ty->name, sizeof(result)) ? + PyString_FromString(result) : 0; +} + +SWIGRUNTIME int +PySwigObject_compare(PySwigObject *v, PySwigObject *w) +{ + void *i = v->ptr; + void *j = w->ptr; + return (i < j) ? -1 : ((i > j) ? 1 : 0); +} + +SWIGRUNTIME PyTypeObject* _PySwigObject_type(void); + +SWIGRUNTIME PyTypeObject* +PySwigObject_type(void) { + static PyTypeObject *SWIG_STATIC_POINTER(type) = _PySwigObject_type(); + return type; +} + +SWIGRUNTIMEINLINE int +PySwigObject_Check(PyObject *op) { + return ((op)->ob_type == PySwigObject_type()) + || (strcmp((op)->ob_type->tp_name,"PySwigObject") == 0); +} + +SWIGRUNTIME PyObject * +PySwigObject_New(void *ptr, swig_type_info *ty, int own); + +SWIGRUNTIME void +PySwigObject_dealloc(PyObject *v) +{ + PySwigObject *sobj = (PySwigObject *) v; + PyObject *next = sobj->next; + if (sobj->own) { + swig_type_info *ty = sobj->ty; + PySwigClientData *data = ty ? (PySwigClientData *) ty->clientdata : 0; + PyObject *destroy = data ? data->destroy : 0; + if (destroy) { + /* destroy is always a VARARGS method */ + PyObject *res; + if (data->delargs) { + /* we need to create a temporal object to carry the destroy operation */ + PyObject *tmp = PySwigObject_New(sobj->ptr, ty, 0); + res = SWIG_Python_CallFunctor(destroy, tmp); + Py_DECREF(tmp); + } else { + PyCFunction meth = PyCFunction_GET_FUNCTION(destroy); + PyObject *mself = PyCFunction_GET_SELF(destroy); + res = ((*meth)(mself, v)); + } + Py_XDECREF(res); + } else { + const char *name = SWIG_TypePrettyName(ty); +#if !defined(SWIG_PYTHON_SILENT_MEMLEAK) + printf("swig/python detected a memory leak of type '%s', no destructor found.\n", name); +#endif + } + } + Py_XDECREF(next); + PyObject_DEL(v); +} + +SWIGRUNTIME PyObject* +PySwigObject_append(PyObject* v, PyObject* next) +{ + PySwigObject *sobj = (PySwigObject *) v; +#ifndef METH_O + PyObject *tmp = 0; + if (!PyArg_ParseTuple(next,(char *)"O:append", &tmp)) return NULL; + next = tmp; +#endif + if (!PySwigObject_Check(next)) { + return NULL; + } + sobj->next = next; + Py_INCREF(next); + return SWIG_Py_Void(); +} + +SWIGRUNTIME PyObject* +#ifdef METH_NOARGS +PySwigObject_next(PyObject* v) +#else +PySwigObject_next(PyObject* v, PyObject *SWIGUNUSEDPARM(args)) +#endif +{ + PySwigObject *sobj = (PySwigObject *) v; + if (sobj->next) { + Py_INCREF(sobj->next); + return sobj->next; + } else { + return SWIG_Py_Void(); + } +} + +SWIGINTERN PyObject* +#ifdef METH_NOARGS +PySwigObject_disown(PyObject *v) +#else +PySwigObject_disown(PyObject* v, PyObject *SWIGUNUSEDPARM(args)) +#endif +{ + PySwigObject *sobj = (PySwigObject *)v; + sobj->own = 0; + return SWIG_Py_Void(); +} + +SWIGINTERN PyObject* +#ifdef METH_NOARGS +PySwigObject_acquire(PyObject *v) +#else +PySwigObject_acquire(PyObject* v, PyObject *SWIGUNUSEDPARM(args)) +#endif +{ + PySwigObject *sobj = (PySwigObject *)v; + sobj->own = SWIG_POINTER_OWN; + return SWIG_Py_Void(); +} + +SWIGINTERN PyObject* +PySwigObject_own(PyObject *v, PyObject *args) +{ + PyObject *val = 0; +#if (PY_VERSION_HEX < 0x02020000) + if (!PyArg_ParseTuple(args,(char *)"|O:own",&val)) +#else + if (!PyArg_UnpackTuple(args, (char *)"own", 0, 1, &val)) +#endif + { + return NULL; + } + else + { + PySwigObject *sobj = (PySwigObject *)v; + PyObject *obj = PyBool_FromLong(sobj->own); + if (val) { +#ifdef METH_NOARGS + if (PyObject_IsTrue(val)) { + PySwigObject_acquire(v); + } else { + PySwigObject_disown(v); + } +#else + if (PyObject_IsTrue(val)) { + PySwigObject_acquire(v,args); + } else { + PySwigObject_disown(v,args); + } +#endif + } + return obj; + } +} + +#ifdef METH_O +static PyMethodDef +swigobject_methods[] = { + {(char *)"disown", (PyCFunction)PySwigObject_disown, METH_NOARGS, (char *)"releases ownership of the pointer"}, + {(char *)"acquire", (PyCFunction)PySwigObject_acquire, METH_NOARGS, (char *)"aquires ownership of the pointer"}, + {(char *)"own", (PyCFunction)PySwigObject_own, METH_VARARGS, (char *)"returns/sets ownership of the pointer"}, + {(char *)"append", (PyCFunction)PySwigObject_append, METH_O, (char *)"appends another 'this' object"}, + {(char *)"next", (PyCFunction)PySwigObject_next, METH_NOARGS, (char *)"returns the next 'this' object"}, + {(char *)"__repr__",(PyCFunction)PySwigObject_repr, METH_NOARGS, (char *)"returns object representation"}, + {0, 0, 0, 0} +}; +#else +static PyMethodDef +swigobject_methods[] = { + {(char *)"disown", (PyCFunction)PySwigObject_disown, METH_VARARGS, (char *)"releases ownership of the pointer"}, + {(char *)"acquire", (PyCFunction)PySwigObject_acquire, METH_VARARGS, (char *)"aquires ownership of the pointer"}, + {(char *)"own", (PyCFunction)PySwigObject_own, METH_VARARGS, (char *)"returns/sets ownership of the pointer"}, + {(char *)"append", (PyCFunction)PySwigObject_append, METH_VARARGS, (char *)"appends another 'this' object"}, + {(char *)"next", (PyCFunction)PySwigObject_next, METH_VARARGS, (char *)"returns the next 'this' object"}, + {(char *)"__repr__",(PyCFunction)PySwigObject_repr, METH_VARARGS, (char *)"returns object representation"}, + {0, 0, 0, 0} +}; +#endif + +#if PY_VERSION_HEX < 0x02020000 +SWIGINTERN PyObject * +PySwigObject_getattr(PySwigObject *sobj,char *name) +{ + return Py_FindMethod(swigobject_methods, (PyObject *)sobj, name); +} +#endif + +SWIGRUNTIME PyTypeObject* +_PySwigObject_type(void) { + static char swigobject_doc[] = "Swig object carries a C/C++ instance pointer"; + + static PyNumberMethods PySwigObject_as_number = { + (binaryfunc)0, /*nb_add*/ + (binaryfunc)0, /*nb_subtract*/ + (binaryfunc)0, /*nb_multiply*/ + (binaryfunc)0, /*nb_divide*/ + (binaryfunc)0, /*nb_remainder*/ + (binaryfunc)0, /*nb_divmod*/ + (ternaryfunc)0,/*nb_power*/ + (unaryfunc)0, /*nb_negative*/ + (unaryfunc)0, /*nb_positive*/ + (unaryfunc)0, /*nb_absolute*/ + (inquiry)0, /*nb_nonzero*/ + 0, /*nb_invert*/ + 0, /*nb_lshift*/ + 0, /*nb_rshift*/ + 0, /*nb_and*/ + 0, /*nb_xor*/ + 0, /*nb_or*/ + (coercion)0, /*nb_coerce*/ + (unaryfunc)PySwigObject_long, /*nb_int*/ + (unaryfunc)PySwigObject_long, /*nb_long*/ + (unaryfunc)0, /*nb_float*/ + (unaryfunc)PySwigObject_oct, /*nb_oct*/ + (unaryfunc)PySwigObject_hex, /*nb_hex*/ +#if PY_VERSION_HEX >= 0x02050000 /* 2.5.0 */ + 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 /* nb_inplace_add -> nb_index */ +#elif PY_VERSION_HEX >= 0x02020000 /* 2.2.0 */ + 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 /* nb_inplace_add -> nb_inplace_true_divide */ +#elif PY_VERSION_HEX >= 0x02000000 /* 2.0.0 */ + 0,0,0,0,0,0,0,0,0,0,0 /* nb_inplace_add -> nb_inplace_or */ +#endif + }; + + static PyTypeObject pyswigobject_type; + static int type_init = 0; + if (!type_init) { + const PyTypeObject tmp + = { + PyObject_HEAD_INIT(NULL) + 0, /* ob_size */ + (char *)"PySwigObject", /* tp_name */ + sizeof(PySwigObject), /* tp_basicsize */ + 0, /* tp_itemsize */ + (destructor)PySwigObject_dealloc, /* tp_dealloc */ + (printfunc)PySwigObject_print, /* tp_print */ +#if PY_VERSION_HEX < 0x02020000 + (getattrfunc)PySwigObject_getattr, /* tp_getattr */ +#else + (getattrfunc)0, /* tp_getattr */ +#endif + (setattrfunc)0, /* tp_setattr */ + (cmpfunc)PySwigObject_compare, /* tp_compare */ + (reprfunc)PySwigObject_repr, /* tp_repr */ + &PySwigObject_as_number, /* tp_as_number */ + 0, /* tp_as_sequence */ + 0, /* tp_as_mapping */ + (hashfunc)0, /* tp_hash */ + (ternaryfunc)0, /* tp_call */ + (reprfunc)PySwigObject_str, /* tp_str */ + PyObject_GenericGetAttr, /* tp_getattro */ + 0, /* tp_setattro */ + 0, /* tp_as_buffer */ + Py_TPFLAGS_DEFAULT, /* tp_flags */ + swigobject_doc, /* tp_doc */ + 0, /* tp_traverse */ + 0, /* tp_clear */ + 0, /* tp_richcompare */ + 0, /* tp_weaklistoffset */ +#if PY_VERSION_HEX >= 0x02020000 + 0, /* tp_iter */ + 0, /* tp_iternext */ + swigobject_methods, /* tp_methods */ + 0, /* tp_members */ + 0, /* tp_getset */ + 0, /* tp_base */ + 0, /* tp_dict */ + 0, /* tp_descr_get */ + 0, /* tp_descr_set */ + 0, /* tp_dictoffset */ + 0, /* tp_init */ + 0, /* tp_alloc */ + 0, /* tp_new */ + 0, /* tp_free */ + 0, /* tp_is_gc */ + 0, /* tp_bases */ + 0, /* tp_mro */ + 0, /* tp_cache */ + 0, /* tp_subclasses */ + 0, /* tp_weaklist */ +#endif +#if PY_VERSION_HEX >= 0x02030000 + 0, /* tp_del */ +#endif +#ifdef COUNT_ALLOCS + 0,0,0,0 /* tp_alloc -> tp_next */ +#endif + }; + pyswigobject_type = tmp; + pyswigobject_type.ob_type = &PyType_Type; + type_init = 1; + } + return &pyswigobject_type; +} + +SWIGRUNTIME PyObject * +PySwigObject_New(void *ptr, swig_type_info *ty, int own) +{ + PySwigObject *sobj = PyObject_NEW(PySwigObject, PySwigObject_type()); + if (sobj) { + sobj->ptr = ptr; + sobj->ty = ty; + sobj->own = own; + sobj->next = 0; + } + return (PyObject *)sobj; +} + +/* ----------------------------------------------------------------------------- + * Implements a simple Swig Packed type, and use it instead of string + * ----------------------------------------------------------------------------- */ + +typedef struct { + PyObject_HEAD + void *pack; + swig_type_info *ty; + size_t size; +} PySwigPacked; + +SWIGRUNTIME int +PySwigPacked_print(PySwigPacked *v, FILE *fp, int SWIGUNUSEDPARM(flags)) +{ + char result[SWIG_BUFFER_SIZE]; + fputs("<Swig Packed ", fp); + if (SWIG_PackDataName(result, v->pack, v->size, 0, sizeof(result))) { + fputs("at ", fp); + fputs(result, fp); + } + fputs(v->ty->name,fp); + fputs(">", fp); + return 0; +} + +SWIGRUNTIME PyObject * +PySwigPacked_repr(PySwigPacked *v) +{ + char result[SWIG_BUFFER_SIZE]; + if (SWIG_PackDataName(result, v->pack, v->size, 0, sizeof(result))) { + return PyString_FromFormat("<Swig Packed at %s%s>", result, v->ty->name); + } else { + return PyString_FromFormat("<Swig Packed %s>", v->ty->name); + } +} + +SWIGRUNTIME PyObject * +PySwigPacked_str(PySwigPacked *v) +{ + char result[SWIG_BUFFER_SIZE]; + if (SWIG_PackDataName(result, v->pack, v->size, 0, sizeof(result))){ + return PyString_FromFormat("%s%s", result, v->ty->name); + } else { + return PyString_FromString(v->ty->name); + } +} + +SWIGRUNTIME int +PySwigPacked_compare(PySwigPacked *v, PySwigPacked *w) +{ + size_t i = v->size; + size_t j = w->size; + int s = (i < j) ? -1 : ((i > j) ? 1 : 0); + return s ? s : strncmp((char *)v->pack, (char *)w->pack, 2*v->size); +} + +SWIGRUNTIME PyTypeObject* _PySwigPacked_type(void); + +SWIGRUNTIME PyTypeObject* +PySwigPacked_type(void) { + static PyTypeObject *SWIG_STATIC_POINTER(type) = _PySwigPacked_type(); + return type; +} + +SWIGRUNTIMEINLINE int +PySwigPacked_Check(PyObject *op) { + return ((op)->ob_type == _PySwigPacked_type()) + || (strcmp((op)->ob_type->tp_name,"PySwigPacked") == 0); +} + +SWIGRUNTIME void +PySwigPacked_dealloc(PyObject *v) +{ + if (PySwigPacked_Check(v)) { + PySwigPacked *sobj = (PySwigPacked *) v; + free(sobj->pack); + } + PyObject_DEL(v); +} + +SWIGRUNTIME PyTypeObject* +_PySwigPacked_type(void) { + static char swigpacked_doc[] = "Swig object carries a C/C++ instance pointer"; + static PyTypeObject pyswigpacked_type; + static int type_init = 0; + if (!type_init) { + const PyTypeObject tmp + = { + PyObject_HEAD_INIT(NULL) + 0, /* ob_size */ + (char *)"PySwigPacked", /* tp_name */ + sizeof(PySwigPacked), /* tp_basicsize */ + 0, /* tp_itemsize */ + (destructor)PySwigPacked_dealloc, /* tp_dealloc */ + (printfunc)PySwigPacked_print, /* tp_print */ + (getattrfunc)0, /* tp_getattr */ + (setattrfunc)0, /* tp_setattr */ + (cmpfunc)PySwigPacked_compare, /* tp_compare */ + (reprfunc)PySwigPacked_repr, /* tp_repr */ + 0, /* tp_as_number */ + 0, /* tp_as_sequence */ + 0, /* tp_as_mapping */ + (hashfunc)0, /* tp_hash */ + (ternaryfunc)0, /* tp_call */ + (reprfunc)PySwigPacked_str, /* tp_str */ + PyObject_GenericGetAttr, /* tp_getattro */ + 0, /* tp_setattro */ + 0, /* tp_as_buffer */ + Py_TPFLAGS_DEFAULT, /* tp_flags */ + swigpacked_doc, /* tp_doc */ + 0, /* tp_traverse */ + 0, /* tp_clear */ + 0, /* tp_richcompare */ + 0, /* tp_weaklistoffset */ +#if PY_VERSION_HEX >= 0x02020000 + 0, /* tp_iter */ + 0, /* tp_iternext */ + 0, /* tp_methods */ + 0, /* tp_members */ + 0, /* tp_getset */ + 0, /* tp_base */ + 0, /* tp_dict */ + 0, /* tp_descr_get */ + 0, /* tp_descr_set */ + 0, /* tp_dictoffset */ + 0, /* tp_init */ + 0, /* tp_alloc */ + 0, /* tp_new */ + 0, /* tp_free */ + 0, /* tp_is_gc */ + 0, /* tp_bases */ + 0, /* tp_mro */ + 0, /* tp_cache */ + 0, /* tp_subclasses */ + 0, /* tp_weaklist */ +#endif +#if PY_VERSION_HEX >= 0x02030000 + 0, /* tp_del */ +#endif +#ifdef COUNT_ALLOCS + 0,0,0,0 /* tp_alloc -> tp_next */ +#endif + }; + pyswigpacked_type = tmp; + pyswigpacked_type.ob_type = &PyType_Type; + type_init = 1; + } + return &pyswigpacked_type; +} + +SWIGRUNTIME PyObject * +PySwigPacked_New(void *ptr, size_t size, swig_type_info *ty) +{ + PySwigPacked *sobj = PyObject_NEW(PySwigPacked, PySwigPacked_type()); + if (sobj) { + void *pack = malloc(size); + if (pack) { + memcpy(pack, ptr, size); + sobj->pack = pack; + sobj->ty = ty; + sobj->size = size; + } else { + PyObject_DEL((PyObject *) sobj); + sobj = 0; + } + } + return (PyObject *) sobj; +} + +SWIGRUNTIME swig_type_info * +PySwigPacked_UnpackData(PyObject *obj, void *ptr, size_t size) +{ + if (PySwigPacked_Check(obj)) { + PySwigPacked *sobj = (PySwigPacked *)obj; + if (sobj->size != size) return 0; + memcpy(ptr, sobj->pack, size); + return sobj->ty; + } else { + return 0; + } +} + +/* ----------------------------------------------------------------------------- + * pointers/data manipulation + * ----------------------------------------------------------------------------- */ + +SWIGRUNTIMEINLINE PyObject * +_SWIG_This(void) +{ + return PyString_FromString("this"); +} + +SWIGRUNTIME PyObject * +SWIG_This(void) +{ + static PyObject *SWIG_STATIC_POINTER(swig_this) = _SWIG_This(); + return swig_this; +} + +/* #define SWIG_PYTHON_SLOW_GETSET_THIS */ + +SWIGRUNTIME PySwigObject * +SWIG_Python_GetSwigThis(PyObject *pyobj) +{ + if (PySwigObject_Check(pyobj)) { + return (PySwigObject *) pyobj; + } else { + PyObject *obj = 0; +#if (!defined(SWIG_PYTHON_SLOW_GETSET_THIS) && (PY_VERSION_HEX >= 0x02030000)) + if (PyInstance_Check(pyobj)) { + obj = _PyInstance_Lookup(pyobj, SWIG_This()); + } else { + PyObject **dictptr = _PyObject_GetDictPtr(pyobj); + if (dictptr != NULL) { + PyObject *dict = *dictptr; + obj = dict ? PyDict_GetItem(dict, SWIG_This()) : 0; + } else { +#ifdef PyWeakref_CheckProxy + if (PyWeakref_CheckProxy(pyobj)) { + PyObject *wobj = PyWeakref_GET_OBJECT(pyobj); + return wobj ? SWIG_Python_GetSwigThis(wobj) : 0; + } +#endif + obj = PyObject_GetAttr(pyobj,SWIG_This()); + if (obj) { + Py_DECREF(obj); + } else { + if (PyErr_Occurred()) PyErr_Clear(); + return 0; + } + } + } +#else + obj = PyObject_GetAttr(pyobj,SWIG_This()); + if (obj) { + Py_DECREF(obj); + } else { + if (PyErr_Occurred()) PyErr_Clear(); + return 0; + } +#endif + if (obj && !PySwigObject_Check(obj)) { + /* a PyObject is called 'this', try to get the 'real this' + PySwigObject from it */ + return SWIG_Python_GetSwigThis(obj); + } + return (PySwigObject *)obj; + } +} + +/* Acquire a pointer value */ + +SWIGRUNTIME int +SWIG_Python_AcquirePtr(PyObject *obj, int own) { + if (own) { + PySwigObject *sobj = SWIG_Python_GetSwigThis(obj); + if (sobj) { + int oldown = sobj->own; + sobj->own = own; + return oldown; + } + } + return 0; +} + +/* Convert a pointer value */ + +SWIGRUNTIME int +SWIG_Python_ConvertPtrAndOwn(PyObject *obj, void **ptr, swig_type_info *ty, int flags, int *own) { + if (!obj) return SWIG_ERROR; + if (obj == Py_None) { + if (ptr) *ptr = 0; + return SWIG_OK; + } else { + PySwigObject *sobj = SWIG_Python_GetSwigThis(obj); + while (sobj) { + void *vptr = sobj->ptr; + if (ty) { + swig_type_info *to = sobj->ty; + if (to == ty) { + /* no type cast needed */ + if (ptr) *ptr = vptr; + break; + } else { + swig_cast_info *tc = SWIG_TypeCheck(to->name,ty); + if (!tc) { + sobj = (PySwigObject *)sobj->next; + } else { + if (ptr) *ptr = SWIG_TypeCast(tc,vptr); + break; + } + } + } else { + if (ptr) *ptr = vptr; + break; + } + } + if (sobj) { + if (own) *own = sobj->own; + if (flags & SWIG_POINTER_DISOWN) { + sobj->own = 0; + } + return SWIG_OK; + } else { + int res = SWIG_ERROR; + if (flags & SWIG_POINTER_IMPLICIT_CONV) { + PySwigClientData *data = ty ? (PySwigClientData *) ty->clientdata : 0; + if (data && !data->implicitconv) { + PyObject *klass = data->klass; + if (klass) { + PyObject *impconv; + data->implicitconv = 1; /* avoid recursion and call 'explicit' constructors*/ + impconv = SWIG_Python_CallFunctor(klass, obj); + data->implicitconv = 0; + if (PyErr_Occurred()) { + PyErr_Clear(); + impconv = 0; + } + if (impconv) { + PySwigObject *iobj = SWIG_Python_GetSwigThis(impconv); + if (iobj) { + void *vptr; + res = SWIG_Python_ConvertPtrAndOwn((PyObject*)iobj, &vptr, ty, 0, 0); + if (SWIG_IsOK(res)) { + if (ptr) { + *ptr = vptr; + /* transfer the ownership to 'ptr' */ + iobj->own = 0; + res = SWIG_AddCast(res); + res = SWIG_AddNewMask(res); + } else { + res = SWIG_AddCast(res); + } + } + } + Py_DECREF(impconv); + } + } + } + } + return res; + } + } +} + +/* Convert a function ptr value */ + +SWIGRUNTIME int +SWIG_Python_ConvertFunctionPtr(PyObject *obj, void **ptr, swig_type_info *ty) { + if (!PyCFunction_Check(obj)) { + return SWIG_ConvertPtr(obj, ptr, ty, 0); + } else { + void *vptr = 0; + + /* here we get the method pointer for callbacks */ + const char *doc = (((PyCFunctionObject *)obj) -> m_ml -> ml_doc); + const char *desc = doc ? strstr(doc, "swig_ptr: ") : 0; + if (desc) { + desc = ty ? SWIG_UnpackVoidPtr(desc + 10, &vptr, ty->name) : 0; + if (!desc) return SWIG_ERROR; + } + if (ty) { + swig_cast_info *tc = SWIG_TypeCheck(desc,ty); + if (!tc) return SWIG_ERROR; + *ptr = SWIG_TypeCast(tc,vptr); + } else { + *ptr = vptr; + } + return SWIG_OK; + } +} + +/* Convert a packed value value */ + +SWIGRUNTIME int +SWIG_Python_ConvertPacked(PyObject *obj, void *ptr, size_t sz, swig_type_info *ty) { + swig_type_info *to = PySwigPacked_UnpackData(obj, ptr, sz); + if (!to) return SWIG_ERROR; + if (ty) { + if (to != ty) { + /* check type cast? */ + swig_cast_info *tc = SWIG_TypeCheck(to->name,ty); + if (!tc) return SWIG_ERROR; + } + } + return SWIG_OK; +} + +/* ----------------------------------------------------------------------------- + * Create a new pointer object + * ----------------------------------------------------------------------------- */ + +/* + Create a new instance object, whitout calling __init__, and set the + 'this' attribute. +*/ + +SWIGRUNTIME PyObject* +SWIG_Python_NewShadowInstance(PySwigClientData *data, PyObject *swig_this) +{ +#if (PY_VERSION_HEX >= 0x02020000) + PyObject *inst = 0; + PyObject *newraw = data->newraw; + if (newraw) { + inst = PyObject_Call(newraw, data->newargs, NULL); + if (inst) { +#if !defined(SWIG_PYTHON_SLOW_GETSET_THIS) + PyObject **dictptr = _PyObject_GetDictPtr(inst); + if (dictptr != NULL) { + PyObject *dict = *dictptr; + if (dict == NULL) { + dict = PyDict_New(); + *dictptr = dict; + PyDict_SetItem(dict, SWIG_This(), swig_this); + } + } +#else + PyObject *key = SWIG_This(); + PyObject_SetAttr(inst, key, swig_this); +#endif + } + } else { + PyObject *dict = PyDict_New(); + PyDict_SetItem(dict, SWIG_This(), swig_this); + inst = PyInstance_NewRaw(data->newargs, dict); + Py_DECREF(dict); + } + return inst; +#else +#if (PY_VERSION_HEX >= 0x02010000) + PyObject *inst; + PyObject *dict = PyDict_New(); + PyDict_SetItem(dict, SWIG_This(), swig_this); + inst = PyInstance_NewRaw(data->newargs, dict); + Py_DECREF(dict); + return (PyObject *) inst; +#else + PyInstanceObject *inst = PyObject_NEW(PyInstanceObject, &PyInstance_Type); + if (inst == NULL) { + return NULL; + } + inst->in_class = (PyClassObject *)data->newargs; + Py_INCREF(inst->in_class); + inst->in_dict = PyDict_New(); + if (inst->in_dict == NULL) { + Py_DECREF(inst); + return NULL; + } +#ifdef Py_TPFLAGS_HAVE_WEAKREFS + inst->in_weakreflist = NULL; +#endif +#ifdef Py_TPFLAGS_GC + PyObject_GC_Init(inst); +#endif + PyDict_SetItem(inst->in_dict, SWIG_This(), swig_this); + return (PyObject *) inst; +#endif +#endif +} + +SWIGRUNTIME void +SWIG_Python_SetSwigThis(PyObject *inst, PyObject *swig_this) +{ + PyObject *dict; +#if (PY_VERSION_HEX >= 0x02020000) && !defined(SWIG_PYTHON_SLOW_GETSET_THIS) + PyObject **dictptr = _PyObject_GetDictPtr(inst); + if (dictptr != NULL) { + dict = *dictptr; + if (dict == NULL) { + dict = PyDict_New(); + *dictptr = dict; + } + PyDict_SetItem(dict, SWIG_This(), swig_this); + return; + } +#endif + dict = PyObject_GetAttrString(inst, (char*)"__dict__"); + PyDict_SetItem(dict, SWIG_This(), swig_this); + Py_DECREF(dict); +} + + +SWIGINTERN PyObject * +SWIG_Python_InitShadowInstance(PyObject *args) { + PyObject *obj[2]; + if (!SWIG_Python_UnpackTuple(args,(char*)"swiginit", 2, 2, obj)) { + return NULL; + } else { + PySwigObject *sthis = SWIG_Python_GetSwigThis(obj[0]); + if (sthis) { + PySwigObject_append((PyObject*) sthis, obj[1]); + } else { + SWIG_Python_SetSwigThis(obj[0], obj[1]); + } + return SWIG_Py_Void(); + } +} + +/* Create a new pointer object */ + +SWIGRUNTIME PyObject * +SWIG_Python_NewPointerObj(void *ptr, swig_type_info *type, int flags) { + if (!ptr) { + return SWIG_Py_Void(); + } else { + int own = (flags & SWIG_POINTER_OWN) ? SWIG_POINTER_OWN : 0; + PyObject *robj = PySwigObject_New(ptr, type, own); + PySwigClientData *clientdata = type ? (PySwigClientData *)(type->clientdata) : 0; + if (clientdata && !(flags & SWIG_POINTER_NOSHADOW)) { + PyObject *inst = SWIG_Python_NewShadowInstance(clientdata, robj); + if (inst) { + Py_DECREF(robj); + robj = inst; + } + } + return robj; + } +} + +/* Create a new packed object */ + +SWIGRUNTIMEINLINE PyObject * +SWIG_Python_NewPackedObj(void *ptr, size_t sz, swig_type_info *type) { + return ptr ? PySwigPacked_New((void *) ptr, sz, type) : SWIG_Py_Void(); +} + +/* -----------------------------------------------------------------------------* + * Get type list + * -----------------------------------------------------------------------------*/ + +#ifdef SWIG_LINK_RUNTIME +void *SWIG_ReturnGlobalTypeList(void *); +#endif + +SWIGRUNTIME swig_module_info * +SWIG_Python_GetModule(void) { + static void *type_pointer = (void *)0; + /* first check if module already created */ + if (!type_pointer) { +#ifdef SWIG_LINK_RUNTIME + type_pointer = SWIG_ReturnGlobalTypeList((void *)0); +#else + type_pointer = PyCObject_Import((char*)"swig_runtime_data" SWIG_RUNTIME_VERSION, + (char*)"type_pointer" SWIG_TYPE_TABLE_NAME); + if (PyErr_Occurred()) { + PyErr_Clear(); + type_pointer = (void *)0; + } +#endif + } + return (swig_module_info *) type_pointer; +} + +#if PY_MAJOR_VERSION < 2 +/* PyModule_AddObject function was introduced in Python 2.0. The following function + is copied out of Python/modsupport.c in python version 2.3.4 */ +SWIGINTERN int +PyModule_AddObject(PyObject *m, char *name, PyObject *o) +{ + PyObject *dict; + if (!PyModule_Check(m)) { + PyErr_SetString(PyExc_TypeError, + "PyModule_AddObject() needs module as first arg"); + return SWIG_ERROR; + } + if (!o) { + PyErr_SetString(PyExc_TypeError, + "PyModule_AddObject() needs non-NULL value"); + return SWIG_ERROR; + } + + dict = PyModule_GetDict(m); + if (dict == NULL) { + /* Internal error -- modules must have a dict! */ + PyErr_Format(PyExc_SystemError, "module '%s' has no __dict__", + PyModule_GetName(m)); + return SWIG_ERROR; + } + if (PyDict_SetItemString(dict, name, o)) + return SWIG_ERROR; + Py_DECREF(o); + return SWIG_OK; +} +#endif + +SWIGRUNTIME void +SWIG_Python_DestroyModule(void *vptr) +{ + swig_module_info *swig_module = (swig_module_info *) vptr; + swig_type_info **types = swig_module->types; + size_t i; + for (i =0; i < swig_module->size; ++i) { + swig_type_info *ty = types[i]; + if (ty->owndata) { + PySwigClientData *data = (PySwigClientData *) ty->clientdata; + if (data) PySwigClientData_Del(data); + } + } + Py_DECREF(SWIG_This()); +} + +SWIGRUNTIME void +SWIG_Python_SetModule(swig_module_info *swig_module) { + static PyMethodDef swig_empty_runtime_method_table[] = { {NULL, NULL, 0, NULL} };/* Sentinel */ + + PyObject *module = Py_InitModule((char*)"swig_runtime_data" SWIG_RUNTIME_VERSION, + swig_empty_runtime_method_table); + PyObject *pointer = PyCObject_FromVoidPtr((void *) swig_module, SWIG_Python_DestroyModule); + if (pointer && module) { + PyModule_AddObject(module, (char*)"type_pointer" SWIG_TYPE_TABLE_NAME, pointer); + } else { + Py_XDECREF(pointer); + } +} + +/* The python cached type query */ +SWIGRUNTIME PyObject * +SWIG_Python_TypeCache(void) { + static PyObject *SWIG_STATIC_POINTER(cache) = PyDict_New(); + return cache; +} + +SWIGRUNTIME swig_type_info * +SWIG_Python_TypeQuery(const char *type) +{ + PyObject *cache = SWIG_Python_TypeCache(); + PyObject *key = PyString_FromString(type); + PyObject *obj = PyDict_GetItem(cache, key); + swig_type_info *descriptor; + if (obj) { + descriptor = (swig_type_info *) PyCObject_AsVoidPtr(obj); + } else { + swig_module_info *swig_module = SWIG_Python_GetModule(); + descriptor = SWIG_TypeQueryModule(swig_module, swig_module, type); + if (descriptor) { + obj = PyCObject_FromVoidPtr(descriptor, NULL); + PyDict_SetItem(cache, key, obj); + Py_DECREF(obj); + } + } + Py_DECREF(key); + return descriptor; +} + +/* + For backward compatibility only +*/ +#define SWIG_POINTER_EXCEPTION 0 +#define SWIG_arg_fail(arg) SWIG_Python_ArgFail(arg) +#define SWIG_MustGetPtr(p, type, argnum, flags) SWIG_Python_MustGetPtr(p, type, argnum, flags) + +SWIGRUNTIME int +SWIG_Python_AddErrMesg(const char* mesg, int infront) +{ + if (PyErr_Occurred()) { + PyObject *type = 0; + PyObject *value = 0; + PyObject *traceback = 0; + PyErr_Fetch(&type, &value, &traceback); + if (value) { + PyObject *old_str = PyObject_Str(value); + Py_XINCREF(type); + PyErr_Clear(); + if (infront) { + PyErr_Format(type, "%s %s", mesg, PyString_AsString(old_str)); + } else { + PyErr_Format(type, "%s %s", PyString_AsString(old_str), mesg); + } + Py_DECREF(old_str); + } + return 1; + } else { + return 0; + } +} + +SWIGRUNTIME int +SWIG_Python_ArgFail(int argnum) +{ + if (PyErr_Occurred()) { + /* add information about failing argument */ + char mesg[256]; + PyOS_snprintf(mesg, sizeof(mesg), "argument number %d:", argnum); + return SWIG_Python_AddErrMesg(mesg, 1); + } else { + return 0; + } +} + +SWIGRUNTIMEINLINE const char * +PySwigObject_GetDesc(PyObject *self) +{ + PySwigObject *v = (PySwigObject *)self; + swig_type_info *ty = v ? v->ty : 0; + return ty ? ty->str : (char*)""; +} + +SWIGRUNTIME void +SWIG_Python_TypeError(const char *type, PyObject *obj) +{ + if (type) { +#if defined(SWIG_COBJECT_TYPES) + if (obj && PySwigObject_Check(obj)) { + const char *otype = (const char *) PySwigObject_GetDesc(obj); + if (otype) { + PyErr_Format(PyExc_TypeError, "a '%s' is expected, 'PySwigObject(%s)' is received", + type, otype); + return; + } + } else +#endif + { + const char *otype = (obj ? obj->ob_type->tp_name : 0); + if (otype) { + PyObject *str = PyObject_Str(obj); + const char *cstr = str ? PyString_AsString(str) : 0; + if (cstr) { + PyErr_Format(PyExc_TypeError, "a '%s' is expected, '%s(%s)' is received", + type, otype, cstr); + } else { + PyErr_Format(PyExc_TypeError, "a '%s' is expected, '%s' is received", + type, otype); + } + Py_XDECREF(str); + return; + } + } + PyErr_Format(PyExc_TypeError, "a '%s' is expected", type); + } else { + PyErr_Format(PyExc_TypeError, "unexpected type is received"); + } +} + + +/* Convert a pointer value, signal an exception on a type mismatch */ +SWIGRUNTIME void * +SWIG_Python_MustGetPtr(PyObject *obj, swig_type_info *ty, int argnum, int flags) { + void *result; + if (SWIG_Python_ConvertPtr(obj, &result, ty, flags) == -1) { + PyErr_Clear(); + if (flags & SWIG_POINTER_EXCEPTION) { + SWIG_Python_TypeError(SWIG_TypePrettyName(ty), obj); + SWIG_Python_ArgFail(argnum); + } + } + return result; +} + + +#ifdef __cplusplus +#if 0 +{ /* cc-mode */ +#endif +} +#endif + + + +#define SWIG_exception_fail(code, msg) do { SWIG_Error(code, msg); SWIG_fail; } while(0) + +#define SWIG_contract_assert(expr, msg) if (!(expr)) { SWIG_Error(SWIG_RuntimeError, msg); SWIG_fail; } else + + + +/* -------- TYPES TABLE (BEGIN) -------- */ + +#define SWIGTYPE_p_char swig_types[0] +#define SWIGTYPE_p_f_p_q_const__struct_semanage_bool_p_void__int swig_types[1] +#define SWIGTYPE_p_f_p_q_const__struct_semanage_fcontext_p_void__int swig_types[2] +#define SWIGTYPE_p_f_p_q_const__struct_semanage_iface_p_void__int swig_types[3] +#define SWIGTYPE_p_f_p_q_const__struct_semanage_node_p_void__int swig_types[4] +#define SWIGTYPE_p_f_p_q_const__struct_semanage_port_p_void__int swig_types[5] +#define SWIGTYPE_p_f_p_q_const__struct_semanage_seuser_p_void__int swig_types[6] +#define SWIGTYPE_p_f_p_q_const__struct_semanage_user_p_void__int swig_types[7] +#define SWIGTYPE_p_f_p_void_p_struct_semanage_handle_p_q_const__char_v_______void swig_types[8] +#define SWIGTYPE_p_int swig_types[9] +#define SWIGTYPE_p_p_char swig_types[10] +#define SWIGTYPE_p_p_p_char swig_types[11] +#define SWIGTYPE_p_p_p_semanage_bool swig_types[12] +#define SWIGTYPE_p_p_p_semanage_fcontext swig_types[13] +#define SWIGTYPE_p_p_p_semanage_iface swig_types[14] +#define SWIGTYPE_p_p_p_semanage_node swig_types[15] +#define SWIGTYPE_p_p_p_semanage_port swig_types[16] +#define SWIGTYPE_p_p_p_semanage_seuser swig_types[17] +#define SWIGTYPE_p_p_p_semanage_user swig_types[18] +#define SWIGTYPE_p_p_semanage_bool swig_types[19] +#define SWIGTYPE_p_p_semanage_bool_key swig_types[20] +#define SWIGTYPE_p_p_semanage_context swig_types[21] +#define SWIGTYPE_p_p_semanage_fcontext swig_types[22] +#define SWIGTYPE_p_p_semanage_fcontext_key swig_types[23] +#define SWIGTYPE_p_p_semanage_iface swig_types[24] +#define SWIGTYPE_p_p_semanage_iface_key swig_types[25] +#define SWIGTYPE_p_p_semanage_module_info swig_types[26] +#define SWIGTYPE_p_p_semanage_node swig_types[27] +#define SWIGTYPE_p_p_semanage_node_key swig_types[28] +#define SWIGTYPE_p_p_semanage_port swig_types[29] +#define SWIGTYPE_p_p_semanage_port_key swig_types[30] +#define SWIGTYPE_p_p_semanage_seuser swig_types[31] +#define SWIGTYPE_p_p_semanage_seuser_key swig_types[32] +#define SWIGTYPE_p_p_semanage_user swig_types[33] +#define SWIGTYPE_p_p_semanage_user_key swig_types[34] +#define SWIGTYPE_p_semanage_bool swig_types[35] +#define SWIGTYPE_p_semanage_bool_key swig_types[36] +#define SWIGTYPE_p_semanage_context swig_types[37] +#define SWIGTYPE_p_semanage_fcontext swig_types[38] +#define SWIGTYPE_p_semanage_fcontext_key swig_types[39] +#define SWIGTYPE_p_semanage_handle swig_types[40] +#define SWIGTYPE_p_semanage_iface swig_types[41] +#define SWIGTYPE_p_semanage_iface_key swig_types[42] +#define SWIGTYPE_p_semanage_module_info swig_types[43] +#define SWIGTYPE_p_semanage_node swig_types[44] +#define SWIGTYPE_p_semanage_node_key swig_types[45] +#define SWIGTYPE_p_semanage_port swig_types[46] +#define SWIGTYPE_p_semanage_port_key swig_types[47] +#define SWIGTYPE_p_semanage_seuser swig_types[48] +#define SWIGTYPE_p_semanage_seuser_key swig_types[49] +#define SWIGTYPE_p_semanage_user swig_types[50] +#define SWIGTYPE_p_semanage_user_key swig_types[51] +#define SWIGTYPE_p_size_t swig_types[52] +#define SWIGTYPE_p_unsigned_int swig_types[53] +static swig_type_info *swig_types[55]; +static swig_module_info swig_module = {swig_types, 54, 0, 0, 0, 0}; +#define SWIG_TypeQuery(name) SWIG_TypeQueryModule(&swig_module, &swig_module, name) +#define SWIG_MangledTypeQuery(name) SWIG_MangledTypeQueryModule(&swig_module, &swig_module, name) + +/* -------- TYPES TABLE (END) -------- */ + +#if (PY_VERSION_HEX <= 0x02000000) +# if !defined(SWIG_PYTHON_CLASSIC) +# error "This python version requires swig to be run with the '-classic' option" +# endif +#endif + +/*----------------------------------------------- + @(target):= _semanage.so + ------------------------------------------------*/ +#define SWIG_init init_semanage + +#define SWIG_name "_semanage" + +#define SWIGVERSION 0x010333 +#define SWIG_VERSION SWIGVERSION + + +#define SWIG_as_voidptr(a) (void *)((const void *)(a)) +#define SWIG_as_voidptrptr(a) ((void)SWIG_as_voidptr(*a),(void**)(a)) + + + #include <stdlib.h> + #include <semanage/semanage.h> + + #define STATUS_SUCCESS 0 + #define STATUS_ERR -1 + + + #define SWIG_From_long PyInt_FromLong + + +SWIGINTERNINLINE PyObject * +SWIG_From_int (int value) +{ + return SWIG_From_long (value); +} + + +SWIGINTERN swig_type_info* +SWIG_pchar_descriptor(void) +{ + static int init = 0; + static swig_type_info* info = 0; + if (!init) { + info = SWIG_TypeQuery("_p_char"); + init = 1; + } + return info; +} + + +SWIGINTERNINLINE PyObject * +SWIG_FromCharPtrAndSize(const char* carray, size_t size) +{ + if (carray) { + if (size > INT_MAX) { + swig_type_info* pchar_descriptor = SWIG_pchar_descriptor(); + return pchar_descriptor ? + SWIG_NewPointerObj((char *)(carray), pchar_descriptor, 0) : SWIG_Py_Void(); + } else { + return PyString_FromStringAndSize(carray, (int)(size)); + } + } else { + return SWIG_Py_Void(); + } +} + + +SWIGINTERNINLINE PyObject * +SWIG_FromCharPtr(const char *cptr) +{ + return SWIG_FromCharPtrAndSize(cptr, (cptr ? strlen(cptr) : 0)); +} + + +SWIGINTERN int +SWIG_AsCharPtrAndSize(PyObject *obj, char** cptr, size_t* psize, int *alloc) +{ + if (PyString_Check(obj)) { + char *cstr; Py_ssize_t len; + PyString_AsStringAndSize(obj, &cstr, &len); + if (cptr) { + if (alloc) { + /* + In python the user should not be able to modify the inner + string representation. To warranty that, if you define + SWIG_PYTHON_SAFE_CSTRINGS, a new/copy of the python string + buffer is always returned. + + The default behavior is just to return the pointer value, + so, be careful. + */ +#if defined(SWIG_PYTHON_SAFE_CSTRINGS) + if (*alloc != SWIG_OLDOBJ) +#else + if (*alloc == SWIG_NEWOBJ) +#endif + { + *cptr = (char *)memcpy((char *)malloc((len + 1)*sizeof(char)), cstr, sizeof(char)*(len + 1)); + *alloc = SWIG_NEWOBJ; + } + else { + *cptr = cstr; + *alloc = SWIG_OLDOBJ; + } + } else { + *cptr = PyString_AsString(obj); + } + } + if (psize) *psize = len + 1; + return SWIG_OK; + } else { + swig_type_info* pchar_descriptor = SWIG_pchar_descriptor(); + if (pchar_descriptor) { + void* vptr = 0; + if (SWIG_ConvertPtr(obj, &vptr, pchar_descriptor, 0) == SWIG_OK) { + if (cptr) *cptr = (char *) vptr; + if (psize) *psize = vptr ? (strlen((char *)vptr) + 1) : 0; + if (alloc) *alloc = SWIG_OLDOBJ; + return SWIG_OK; + } + } + } + return SWIG_TypeError; +} + + + + + +#include <limits.h> +#if !defined(SWIG_NO_LLONG_MAX) +# if !defined(LLONG_MAX) && defined(__GNUC__) && defined (__LONG_LONG_MAX__) +# define LLONG_MAX __LONG_LONG_MAX__ +# define LLONG_MIN (-LLONG_MAX - 1LL) +# define ULLONG_MAX (LLONG_MAX * 2ULL + 1ULL) +# endif +#endif + + +SWIGINTERN int +SWIG_AsVal_double (PyObject *obj, double *val) +{ + int res = SWIG_TypeError; + if (PyFloat_Check(obj)) { + if (val) *val = PyFloat_AsDouble(obj); + return SWIG_OK; + } else if (PyInt_Check(obj)) { + if (val) *val = PyInt_AsLong(obj); + return SWIG_OK; + } else if (PyLong_Check(obj)) { + double v = PyLong_AsDouble(obj); + if (!PyErr_Occurred()) { + if (val) *val = v; + return SWIG_OK; + } else { + PyErr_Clear(); + } + } +#ifdef SWIG_PYTHON_CAST_MODE + { + int dispatch = 0; + double d = PyFloat_AsDouble(obj); + if (!PyErr_Occurred()) { + if (val) *val = d; + return SWIG_AddCast(SWIG_OK); + } else { + PyErr_Clear(); + } + if (!dispatch) { + long v = PyLong_AsLong(obj); + if (!PyErr_Occurred()) { + if (val) *val = v; + return SWIG_AddCast(SWIG_AddCast(SWIG_OK)); + } else { + PyErr_Clear(); + } + } + } +#endif + return res; +} + + +#include <float.h> + + +#include <math.h> + + +SWIGINTERNINLINE int +SWIG_CanCastAsInteger(double *d, double min, double max) { + double x = *d; + if ((min <= x && x <= max)) { + double fx = floor(x); + double cx = ceil(x); + double rd = ((x - fx) < 0.5) ? fx : cx; /* simple rint */ + if ((errno == EDOM) || (errno == ERANGE)) { + errno = 0; + } else { + double summ, reps, diff; + if (rd < x) { + diff = x - rd; + } else if (rd > x) { + diff = rd - x; + } else { + return 1; + } + summ = rd + x; + reps = diff/summ; + if (reps < 8*DBL_EPSILON) { + *d = rd; + return 1; + } + } + } + return 0; +} + + +SWIGINTERN int +SWIG_AsVal_long (PyObject *obj, long* val) +{ + if (PyInt_Check(obj)) { + if (val) *val = PyInt_AsLong(obj); + return SWIG_OK; + } else if (PyLong_Check(obj)) { + long v = PyLong_AsLong(obj); + if (!PyErr_Occurred()) { + if (val) *val = v; + return SWIG_OK; + } else { + PyErr_Clear(); + } + } +#ifdef SWIG_PYTHON_CAST_MODE + { + int dispatch = 0; + long v = PyInt_AsLong(obj); + if (!PyErr_Occurred()) { + if (val) *val = v; + return SWIG_AddCast(SWIG_OK); + } else { + PyErr_Clear(); + } + if (!dispatch) { + double d; + int res = SWIG_AddCast(SWIG_AsVal_double (obj,&d)); + if (SWIG_IsOK(res) && SWIG_CanCastAsInteger(&d, LONG_MIN, LONG_MAX)) { + if (val) *val = (long)(d); + return res; + } + } + } +#endif + return SWIG_TypeError; +} + + +SWIGINTERN int +SWIG_AsVal_int (PyObject * obj, int *val) +{ + long v; + int res = SWIG_AsVal_long (obj, &v); + if (SWIG_IsOK(res)) { + if ((v < INT_MIN || v > INT_MAX)) { + return SWIG_OverflowError; + } else { + if (val) *val = (int)(v); + } + } + return res; +} + + +SWIGINTERN int +SWIG_AsVal_unsigned_SS_long (PyObject *obj, unsigned long *val) +{ + if (PyInt_Check(obj)) { + long v = PyInt_AsLong(obj); + if (v >= 0) { + if (val) *val = v; + return SWIG_OK; + } else { + return SWIG_OverflowError; + } + } else if (PyLong_Check(obj)) { + unsigned long v = PyLong_AsUnsignedLong(obj); + if (!PyErr_Occurred()) { + if (val) *val = v; + return SWIG_OK; + } else { + PyErr_Clear(); + } + } +#ifdef SWIG_PYTHON_CAST_MODE + { + int dispatch = 0; + unsigned long v = PyLong_AsUnsignedLong(obj); + if (!PyErr_Occurred()) { + if (val) *val = v; + return SWIG_AddCast(SWIG_OK); + } else { + PyErr_Clear(); + } + if (!dispatch) { + double d; + int res = SWIG_AddCast(SWIG_AsVal_double (obj,&d)); + if (SWIG_IsOK(res) && SWIG_CanCastAsInteger(&d, 0, ULONG_MAX)) { + if (val) *val = (unsigned long)(d); + return res; + } + } + } +#endif + return SWIG_TypeError; +} + + +SWIGINTERNINLINE int +SWIG_AsVal_size_t (PyObject * obj, size_t *val) +{ + unsigned long v; + int res = SWIG_AsVal_unsigned_SS_long (obj, val ? &v : 0); + if (SWIG_IsOK(res) && val) *val = (size_t)(v); + return res; +} + + +SWIGINTERN int +SWIG_AsVal_unsigned_SS_int (PyObject * obj, unsigned int *val) +{ + unsigned long v; + int res = SWIG_AsVal_unsigned_SS_long (obj, &v); + if (SWIG_IsOK(res)) { + if ((v > UINT_MAX)) { + return SWIG_OverflowError; + } else { + if (val) *val = (unsigned int)(v); + } + } + return res; +} + +#ifdef __cplusplus +extern "C" { +#endif + + + + /* There are two ways to call this function: + * One is with a valid swig_type and destructor. + * Two is with a NULL swig_type and NULL destructor. + * + * In the first mode, the function converts + * an array of *cloned* objects [of the given pointer swig type] + * into a PyList, and destroys the array in the process + * (the objects pointers are preserved). + * + * In the second mode, the function converts + * an array of *constant* strings into a PyList, and destroys + * the array in the process + * (the strings are copied, originals not freed). */ + + static int semanage_array2plist( + semanage_handle_t* handle, + void** arr, + unsigned int asize, + swig_type_info* swig_type, + void (*destructor) (void*), + PyObject** result) { + + PyObject* plist = PyList_New(0); + unsigned int i; + + if (!plist) + goto err; + + for (i = 0; i < asize; i++) { + + PyObject* obj = NULL; + + /* NULL indicates string conversion, + * otherwise create an opaque pointer */ + if (!swig_type) + obj = SWIG_FromCharPtr(arr[i]); + else + obj = SWIG_NewPointerObj(arr[i], swig_type, 0); + + if (!obj) + goto err; + + if (PyList_Append(plist, obj) < 0) + goto err; + } + + free(arr); + + *result = plist; + return STATUS_SUCCESS; + + err: + for (i = 0; i < asize; i++) + if (destructor) + destructor(arr[i]); + free(arr); + return STATUS_ERR; + } + +SWIGINTERN PyObject *_wrap_semanage_msg_get_level(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_msg_get_level",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_msg_get_level" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_msg_get_level(arg1); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_msg_get_channel(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + char *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_msg_get_channel",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_msg_get_channel" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (char *)semanage_msg_get_channel(arg1); + resultobj = SWIG_FromCharPtr((const char *)result); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_msg_get_fname(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + char *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_msg_get_fname",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_msg_get_fname" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (char *)semanage_msg_get_fname(arg1); + resultobj = SWIG_FromCharPtr((const char *)result); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_msg_set_callback(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + void (*arg2)(void *,semanage_handle_t *,char const *,...) = (void (*)(void *,semanage_handle_t *,char const *,...)) 0 ; + void *arg3 = (void *) 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + int res3 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_msg_set_callback",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_msg_set_callback" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + { + int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_void_p_struct_semanage_handle_p_q_const__char_v_______void); + if (!SWIG_IsOK(res)) { + SWIG_exception_fail(SWIG_ArgError(res), "in method '" "semanage_msg_set_callback" "', argument " "2"" of type '" "void (*)(void *,semanage_handle_t *,char const *,...)""'"); + } + } + res3 = SWIG_ConvertPtr(obj2,SWIG_as_voidptrptr(&arg3), 0, 0); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_msg_set_callback" "', argument " "3"" of type '" "void *""'"); + } + semanage_msg_set_callback(arg1,arg2,arg3); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_handle_create(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *result = 0 ; + + if (!PyArg_ParseTuple(args,(char *)":semanage_handle_create")) SWIG_fail; + result = (semanage_handle_t *)semanage_handle_create(); + resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_semanage_handle, 0 | 0 ); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_handle_destroy(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_handle_destroy",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_handle_destroy" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + semanage_handle_destroy(arg1); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_select_store(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + char *arg2 = (char *) 0 ; + enum semanage_connect_type arg3 ; + void *argp1 = 0 ; + int res1 = 0 ; + int res2 ; + char *buf2 = 0 ; + int alloc2 = 0 ; + int val3 ; + int ecode3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_select_store",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_select_store" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_select_store" "', argument " "2"" of type '" "char *""'"); + } + arg2 = (char *)(buf2); + ecode3 = SWIG_AsVal_int(obj2, &val3); + if (!SWIG_IsOK(ecode3)) { + SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "semanage_select_store" "', argument " "3"" of type '" "enum semanage_connect_type""'"); + } + arg3 = (enum semanage_connect_type)(val3); + semanage_select_store(arg1,arg2,arg3); + resultobj = SWIG_Py_Void(); + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return resultobj; +fail: + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_reload_policy(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_reload_policy",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_reload_policy" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_reload_policy(arg1); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_set_reload(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int arg2 ; + void *argp1 = 0 ; + int res1 = 0 ; + int val2 ; + int ecode2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_set_reload",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_set_reload" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + ecode2 = SWIG_AsVal_int(obj1, &val2); + if (!SWIG_IsOK(ecode2)) { + SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "semanage_set_reload" "', argument " "2"" of type '" "int""'"); + } + arg2 = (int)(val2); + semanage_set_reload(arg1,arg2); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_set_rebuild(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int arg2 ; + void *argp1 = 0 ; + int res1 = 0 ; + int val2 ; + int ecode2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_set_rebuild",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_set_rebuild" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + ecode2 = SWIG_AsVal_int(obj1, &val2); + if (!SWIG_IsOK(ecode2)) { + SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "semanage_set_rebuild" "', argument " "2"" of type '" "int""'"); + } + arg2 = (int)(val2); + semanage_set_rebuild(arg1,arg2); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_set_create_store(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int arg2 ; + void *argp1 = 0 ; + int res1 = 0 ; + int val2 ; + int ecode2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_set_create_store",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_set_create_store" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + ecode2 = SWIG_AsVal_int(obj1, &val2); + if (!SWIG_IsOK(ecode2)) { + SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "semanage_set_create_store" "', argument " "2"" of type '" "int""'"); + } + arg2 = (int)(val2); + semanage_set_create_store(arg1,arg2); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_set_disable_dontaudit(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int arg2 ; + void *argp1 = 0 ; + int res1 = 0 ; + int val2 ; + int ecode2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_set_disable_dontaudit",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_set_disable_dontaudit" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + ecode2 = SWIG_AsVal_int(obj1, &val2); + if (!SWIG_IsOK(ecode2)) { + SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "semanage_set_disable_dontaudit" "', argument " "2"" of type '" "int""'"); + } + arg2 = (int)(val2); + semanage_set_disable_dontaudit(arg1,arg2); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_is_managed(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_is_managed",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_is_managed" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_is_managed(arg1); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_connect(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_connect",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_connect" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_connect(arg1); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_disconnect(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_disconnect",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_disconnect" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_disconnect(arg1); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_begin_transaction(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_begin_transaction",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_begin_transaction" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_begin_transaction(arg1); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_commit(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_commit",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_commit" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_commit(arg1); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_access_check(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_access_check",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_access_check" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_access_check(arg1); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_is_connected(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_is_connected",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_is_connected" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_is_connected(arg1); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_module_install(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + char *arg2 = (char *) 0 ; + size_t arg3 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res2 ; + char *buf2 = 0 ; + int alloc2 = 0 ; + size_t val3 ; + int ecode3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_module_install",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_module_install" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_module_install" "', argument " "2"" of type '" "char *""'"); + } + arg2 = (char *)(buf2); + ecode3 = SWIG_AsVal_size_t(obj2, &val3); + if (!SWIG_IsOK(ecode3)) { + SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "semanage_module_install" "', argument " "3"" of type '" "size_t""'"); + } + arg3 = (size_t)(val3); + result = (int)semanage_module_install(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return resultobj; +fail: + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_module_upgrade(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + char *arg2 = (char *) 0 ; + size_t arg3 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res2 ; + char *buf2 = 0 ; + int alloc2 = 0 ; + size_t val3 ; + int ecode3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_module_upgrade",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_module_upgrade" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_module_upgrade" "', argument " "2"" of type '" "char *""'"); + } + arg2 = (char *)(buf2); + ecode3 = SWIG_AsVal_size_t(obj2, &val3); + if (!SWIG_IsOK(ecode3)) { + SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "semanage_module_upgrade" "', argument " "3"" of type '" "size_t""'"); + } + arg3 = (size_t)(val3); + result = (int)semanage_module_upgrade(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return resultobj; +fail: + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_module_install_base(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + char *arg2 = (char *) 0 ; + size_t arg3 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res2 ; + char *buf2 = 0 ; + int alloc2 = 0 ; + size_t val3 ; + int ecode3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_module_install_base",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_module_install_base" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_module_install_base" "', argument " "2"" of type '" "char *""'"); + } + arg2 = (char *)(buf2); + ecode3 = SWIG_AsVal_size_t(obj2, &val3); + if (!SWIG_IsOK(ecode3)) { + SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "semanage_module_install_base" "', argument " "3"" of type '" "size_t""'"); + } + arg3 = (size_t)(val3); + result = (int)semanage_module_install_base(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return resultobj; +fail: + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_module_remove(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + char *arg2 = (char *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res2 ; + char *buf2 = 0 ; + int alloc2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_module_remove",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_module_remove" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_module_remove" "', argument " "2"" of type '" "char *""'"); + } + arg2 = (char *)(buf2); + result = (int)semanage_module_remove(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return resultobj; +fail: + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_module_list(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_module_info_t **arg2 = (semanage_module_info_t **) 0 ; + int *arg3 = (int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_module_info_t *temp2 = NULL ; + int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_module_list",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_module_list" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_module_list(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg2, SWIGTYPE_p_semanage_module_info, 0)); + } + if (SWIG_IsTmpObj(res3)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg3))); + } else { + int new_flags = SWIG_IsNewObj(res3) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg3), SWIGTYPE_p_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_module_info_datum_destroy(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_module_info_t *arg1 = (semanage_module_info_t *) 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_module_info_datum_destroy",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_module_info, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_module_info_datum_destroy" "', argument " "1"" of type '" "semanage_module_info_t *""'"); + } + arg1 = (semanage_module_info_t *)(argp1); + semanage_module_info_datum_destroy(arg1); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_module_list_nth(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_module_info_t *arg1 = (semanage_module_info_t *) 0 ; + int arg2 ; + semanage_module_info_t *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + int val2 ; + int ecode2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_module_list_nth",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_module_info, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_module_list_nth" "', argument " "1"" of type '" "semanage_module_info_t *""'"); + } + arg1 = (semanage_module_info_t *)(argp1); + ecode2 = SWIG_AsVal_int(obj1, &val2); + if (!SWIG_IsOK(ecode2)) { + SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "semanage_module_list_nth" "', argument " "2"" of type '" "int""'"); + } + arg2 = (int)(val2); + result = (semanage_module_info_t *)semanage_module_list_nth(arg1,arg2); + resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_semanage_module_info, 0 | 0 ); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_module_get_name(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_module_info_t *arg1 = (semanage_module_info_t *) 0 ; + char *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_module_get_name",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_module_info, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_module_get_name" "', argument " "1"" of type '" "semanage_module_info_t *""'"); + } + arg1 = (semanage_module_info_t *)(argp1); + result = (char *)semanage_module_get_name(arg1); + resultobj = SWIG_FromCharPtr((const char *)result); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_module_get_version(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_module_info_t *arg1 = (semanage_module_info_t *) 0 ; + char *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_module_get_version",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_module_info, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_module_get_version" "', argument " "1"" of type '" "semanage_module_info_t *""'"); + } + arg1 = (semanage_module_info_t *)(argp1); + result = (char *)semanage_module_get_version(arg1); + resultobj = SWIG_FromCharPtr((const char *)result); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_context_get_user(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_context_t *arg1 = (semanage_context_t *) 0 ; + char *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_context_get_user",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_context, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_context_get_user" "', argument " "1"" of type '" "semanage_context_t const *""'"); + } + arg1 = (semanage_context_t *)(argp1); + result = (char *)semanage_context_get_user((struct semanage_context const *)arg1); + resultobj = SWIG_FromCharPtr((const char *)result); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_context_set_user(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_context_t *arg2 = (semanage_context_t *) 0 ; + char *arg3 = (char *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int res3 ; + char *buf3 = 0 ; + int alloc3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_context_set_user",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_context_set_user" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_context, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_context_set_user" "', argument " "2"" of type '" "semanage_context_t *""'"); + } + arg2 = (semanage_context_t *)(argp2); + res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_context_set_user" "', argument " "3"" of type '" "char const *""'"); + } + arg3 = (char *)(buf3); + result = (int)semanage_context_set_user(arg1,arg2,(char const *)arg3); + resultobj = SWIG_From_int((int)(result)); + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return resultobj; +fail: + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_context_get_role(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_context_t *arg1 = (semanage_context_t *) 0 ; + char *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_context_get_role",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_context, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_context_get_role" "', argument " "1"" of type '" "semanage_context_t const *""'"); + } + arg1 = (semanage_context_t *)(argp1); + result = (char *)semanage_context_get_role((struct semanage_context const *)arg1); + resultobj = SWIG_FromCharPtr((const char *)result); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_context_set_role(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_context_t *arg2 = (semanage_context_t *) 0 ; + char *arg3 = (char *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int res3 ; + char *buf3 = 0 ; + int alloc3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_context_set_role",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_context_set_role" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_context, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_context_set_role" "', argument " "2"" of type '" "semanage_context_t *""'"); + } + arg2 = (semanage_context_t *)(argp2); + res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_context_set_role" "', argument " "3"" of type '" "char const *""'"); + } + arg3 = (char *)(buf3); + result = (int)semanage_context_set_role(arg1,arg2,(char const *)arg3); + resultobj = SWIG_From_int((int)(result)); + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return resultobj; +fail: + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_context_get_type(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_context_t *arg1 = (semanage_context_t *) 0 ; + char *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_context_get_type",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_context, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_context_get_type" "', argument " "1"" of type '" "semanage_context_t const *""'"); + } + arg1 = (semanage_context_t *)(argp1); + result = (char *)semanage_context_get_type((struct semanage_context const *)arg1); + resultobj = SWIG_FromCharPtr((const char *)result); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_context_set_type(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_context_t *arg2 = (semanage_context_t *) 0 ; + char *arg3 = (char *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int res3 ; + char *buf3 = 0 ; + int alloc3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_context_set_type",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_context_set_type" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_context, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_context_set_type" "', argument " "2"" of type '" "semanage_context_t *""'"); + } + arg2 = (semanage_context_t *)(argp2); + res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_context_set_type" "', argument " "3"" of type '" "char const *""'"); + } + arg3 = (char *)(buf3); + result = (int)semanage_context_set_type(arg1,arg2,(char const *)arg3); + resultobj = SWIG_From_int((int)(result)); + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return resultobj; +fail: + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_context_get_mls(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_context_t *arg1 = (semanage_context_t *) 0 ; + char *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_context_get_mls",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_context, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_context_get_mls" "', argument " "1"" of type '" "semanage_context_t const *""'"); + } + arg1 = (semanage_context_t *)(argp1); + result = (char *)semanage_context_get_mls((struct semanage_context const *)arg1); + resultobj = SWIG_FromCharPtr((const char *)result); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_context_set_mls(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_context_t *arg2 = (semanage_context_t *) 0 ; + char *arg3 = (char *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int res3 ; + char *buf3 = 0 ; + int alloc3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_context_set_mls",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_context_set_mls" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_context, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_context_set_mls" "', argument " "2"" of type '" "semanage_context_t *""'"); + } + arg2 = (semanage_context_t *)(argp2); + res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_context_set_mls" "', argument " "3"" of type '" "char const *""'"); + } + arg3 = (char *)(buf3); + result = (int)semanage_context_set_mls(arg1,arg2,(char const *)arg3); + resultobj = SWIG_From_int((int)(result)); + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return resultobj; +fail: + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_context_create(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_context_t **arg2 = (semanage_context_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_context_t *temp2 = NULL ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + if (!PyArg_ParseTuple(args,(char *)"O:semanage_context_create",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_context_create" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_context_create(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg2, SWIGTYPE_p_semanage_context, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_context_clone(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_context_t *arg2 = (semanage_context_t *) 0 ; + semanage_context_t **arg3 = (semanage_context_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_context_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_context_clone",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_context_clone" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_context, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_context_clone" "', argument " "2"" of type '" "semanage_context_t const *""'"); + } + arg2 = (semanage_context_t *)(argp2); + result = (int)semanage_context_clone(arg1,(struct semanage_context const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_context, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_context_free(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_context_t *arg1 = (semanage_context_t *) 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_context_free",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_context, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_context_free" "', argument " "1"" of type '" "semanage_context_t *""'"); + } + arg1 = (semanage_context_t *)(argp1); + semanage_context_free(arg1); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_context_from_string(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + char *arg2 = (char *) 0 ; + semanage_context_t **arg3 = (semanage_context_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res2 ; + char *buf2 = 0 ; + int alloc2 = 0 ; + semanage_context_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_context_from_string",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_context_from_string" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_context_from_string" "', argument " "2"" of type '" "char const *""'"); + } + arg2 = (char *)(buf2); + result = (int)semanage_context_from_string(arg1,(char const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_context, 0)); + } + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return resultobj; +fail: + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_context_to_string(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_context_t *arg2 = (semanage_context_t *) 0 ; + char **arg3 = (char **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + char *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_context_to_string",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_context_to_string" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_context, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_context_to_string" "', argument " "2"" of type '" "semanage_context_t const *""'"); + } + arg2 = (semanage_context_t *)(argp2); + result = (int)semanage_context_to_string(arg1,(struct semanage_context const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg3)); + free(*arg3); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_key_create(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + char *arg2 = (char *) 0 ; + semanage_bool_key_t **arg3 = (semanage_bool_key_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res2 ; + char *buf2 = 0 ; + int alloc2 = 0 ; + semanage_bool_key_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_bool_key_create",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_key_create" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_bool_key_create" "', argument " "2"" of type '" "char const *""'"); + } + arg2 = (char *)(buf2); + result = (int)semanage_bool_key_create(arg1,(char const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_bool_key, 0)); + } + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return resultobj; +fail: + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_key_extract(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_bool_t *arg2 = (semanage_bool_t *) 0 ; + semanage_bool_key_t **arg3 = (semanage_bool_key_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_bool_key_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_bool_key_extract",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_key_extract" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_bool, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_bool_key_extract" "', argument " "2"" of type '" "semanage_bool_t const *""'"); + } + arg2 = (semanage_bool_t *)(argp2); + result = (int)semanage_bool_key_extract(arg1,(struct semanage_bool const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_bool_key, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_key_free(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_bool_key_t *arg1 = (semanage_bool_key_t *) 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_bool_key_free",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_bool_key, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_key_free" "', argument " "1"" of type '" "semanage_bool_key_t *""'"); + } + arg1 = (semanage_bool_key_t *)(argp1); + semanage_bool_key_free(arg1); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_compare(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_bool_t *arg1 = (semanage_bool_t *) 0 ; + semanage_bool_key_t *arg2 = (semanage_bool_key_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_bool_compare",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_bool, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_compare" "', argument " "1"" of type '" "semanage_bool_t const *""'"); + } + arg1 = (semanage_bool_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_bool_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_bool_compare" "', argument " "2"" of type '" "semanage_bool_key_t const *""'"); + } + arg2 = (semanage_bool_key_t *)(argp2); + result = (int)semanage_bool_compare((struct semanage_bool const *)arg1,(struct semanage_bool_key const *)arg2); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_compare2(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_bool_t *arg1 = (semanage_bool_t *) 0 ; + semanage_bool_t *arg2 = (semanage_bool_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_bool_compare2",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_bool, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_compare2" "', argument " "1"" of type '" "semanage_bool_t const *""'"); + } + arg1 = (semanage_bool_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_bool, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_bool_compare2" "', argument " "2"" of type '" "semanage_bool_t const *""'"); + } + arg2 = (semanage_bool_t *)(argp2); + result = (int)semanage_bool_compare2((struct semanage_bool const *)arg1,(struct semanage_bool const *)arg2); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_get_name(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_bool_t *arg1 = (semanage_bool_t *) 0 ; + char *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_bool_get_name",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_bool, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_get_name" "', argument " "1"" of type '" "semanage_bool_t const *""'"); + } + arg1 = (semanage_bool_t *)(argp1); + result = (char *)semanage_bool_get_name((struct semanage_bool const *)arg1); + resultobj = SWIG_FromCharPtr((const char *)result); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_set_name(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_bool_t *arg2 = (semanage_bool_t *) 0 ; + char *arg3 = (char *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int res3 ; + char *buf3 = 0 ; + int alloc3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_bool_set_name",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_set_name" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_bool, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_bool_set_name" "', argument " "2"" of type '" "semanage_bool_t *""'"); + } + arg2 = (semanage_bool_t *)(argp2); + res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_bool_set_name" "', argument " "3"" of type '" "char const *""'"); + } + arg3 = (char *)(buf3); + result = (int)semanage_bool_set_name(arg1,arg2,(char const *)arg3); + resultobj = SWIG_From_int((int)(result)); + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return resultobj; +fail: + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_get_value(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_bool_t *arg1 = (semanage_bool_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_bool_get_value",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_bool, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_get_value" "', argument " "1"" of type '" "semanage_bool_t const *""'"); + } + arg1 = (semanage_bool_t *)(argp1); + result = (int)semanage_bool_get_value((struct semanage_bool const *)arg1); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_set_value(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_bool_t *arg1 = (semanage_bool_t *) 0 ; + int arg2 ; + void *argp1 = 0 ; + int res1 = 0 ; + int val2 ; + int ecode2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_bool_set_value",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_bool, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_set_value" "', argument " "1"" of type '" "semanage_bool_t *""'"); + } + arg1 = (semanage_bool_t *)(argp1); + ecode2 = SWIG_AsVal_int(obj1, &val2); + if (!SWIG_IsOK(ecode2)) { + SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "semanage_bool_set_value" "', argument " "2"" of type '" "int""'"); + } + arg2 = (int)(val2); + semanage_bool_set_value(arg1,arg2); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_create(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_bool_t **arg2 = (semanage_bool_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_bool_t *temp2 = NULL ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + if (!PyArg_ParseTuple(args,(char *)"O:semanage_bool_create",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_create" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_bool_create(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg2, SWIGTYPE_p_semanage_bool, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_clone(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_bool_t *arg2 = (semanage_bool_t *) 0 ; + semanage_bool_t **arg3 = (semanage_bool_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_bool_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_bool_clone",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_clone" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_bool, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_bool_clone" "', argument " "2"" of type '" "semanage_bool_t const *""'"); + } + arg2 = (semanage_bool_t *)(argp2); + result = (int)semanage_bool_clone(arg1,(struct semanage_bool const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_bool, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_free(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_bool_t *arg1 = (semanage_bool_t *) 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_bool_free",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_bool, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_free" "', argument " "1"" of type '" "semanage_bool_t *""'"); + } + arg1 = (semanage_bool_t *)(argp1); + semanage_bool_free(arg1); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_query(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_bool_key_t *arg2 = (semanage_bool_key_t *) 0 ; + semanage_bool_t **arg3 = (semanage_bool_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_bool_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_bool_query",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_query" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_bool_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_bool_query" "', argument " "2"" of type '" "semanage_bool_key_t const *""'"); + } + arg2 = (semanage_bool_key_t *)(argp2); + result = (int)semanage_bool_query(arg1,(struct semanage_bool_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_bool, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_exists(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_bool_key_t *arg2 = (semanage_bool_key_t *) 0 ; + int *arg3 = (int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_bool_exists",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_exists" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_bool_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_bool_exists" "', argument " "2"" of type '" "semanage_bool_key_t const *""'"); + } + arg2 = (semanage_bool_key_t *)(argp2); + result = (int)semanage_bool_exists(arg1,(struct semanage_bool_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res3)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg3))); + } else { + int new_flags = SWIG_IsNewObj(res3) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg3), SWIGTYPE_p_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_count(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + unsigned int *arg2 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + unsigned int temp2 ; + int res2 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + arg2 = &temp2; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_bool_count",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_count" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_bool_count(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res2)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg2))); + } else { + int new_flags = SWIG_IsNewObj(res2) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg2), SWIGTYPE_p_unsigned_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_iterate(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int (*arg2)(semanage_bool_t const *,void *) = (int (*)(semanage_bool_t const *,void *)) 0 ; + void *arg3 = (void *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res3 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_bool_iterate",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_iterate" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + { + int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_q_const__struct_semanage_bool_p_void__int); + if (!SWIG_IsOK(res)) { + SWIG_exception_fail(SWIG_ArgError(res), "in method '" "semanage_bool_iterate" "', argument " "2"" of type '" "int (*)(semanage_bool_t const *,void *)""'"); + } + } + res3 = SWIG_ConvertPtr(obj2,SWIG_as_voidptrptr(&arg3), 0, 0); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_bool_iterate" "', argument " "3"" of type '" "void *""'"); + } + result = (int)semanage_bool_iterate(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_list(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_bool_t ***arg2 = (semanage_bool_t ***) 0 ; + unsigned int *arg3 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_bool_t **temp2 = NULL ; + unsigned int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_bool_list",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_list" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_bool_list(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + if (resultobj) { + int value; + SWIG_AsVal_int(resultobj, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist(arg1, (void**) *arg2, *arg3, SWIGTYPE_p_semanage_bool, + (void (*) (void*)) &semanage_bool_free, &plist) < 0) + resultobj = SWIG_From_int(STATUS_ERR); + else + resultobj = SWIG_Python_AppendOutput(resultobj, plist); + } + } + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_modify_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_bool_key_t *arg2 = (semanage_bool_key_t *) 0 ; + semanage_bool_t *arg3 = (semanage_bool_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + void *argp3 = 0 ; + int res3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_bool_modify_local",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_modify_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_bool_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_bool_modify_local" "', argument " "2"" of type '" "semanage_bool_key_t const *""'"); + } + arg2 = (semanage_bool_key_t *)(argp2); + res3 = SWIG_ConvertPtr(obj2, &argp3,SWIGTYPE_p_semanage_bool, 0 | 0 ); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_bool_modify_local" "', argument " "3"" of type '" "semanage_bool_t const *""'"); + } + arg3 = (semanage_bool_t *)(argp3); + result = (int)semanage_bool_modify_local(arg1,(struct semanage_bool_key const *)arg2,(struct semanage_bool const *)arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_del_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_bool_key_t *arg2 = (semanage_bool_key_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_bool_del_local",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_del_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_bool_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_bool_del_local" "', argument " "2"" of type '" "semanage_bool_key_t const *""'"); + } + arg2 = (semanage_bool_key_t *)(argp2); + result = (int)semanage_bool_del_local(arg1,(struct semanage_bool_key const *)arg2); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_query_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_bool_key_t *arg2 = (semanage_bool_key_t *) 0 ; + semanage_bool_t **arg3 = (semanage_bool_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_bool_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_bool_query_local",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_query_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_bool_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_bool_query_local" "', argument " "2"" of type '" "semanage_bool_key_t const *""'"); + } + arg2 = (semanage_bool_key_t *)(argp2); + result = (int)semanage_bool_query_local(arg1,(struct semanage_bool_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_bool, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_exists_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_bool_key_t *arg2 = (semanage_bool_key_t *) 0 ; + int *arg3 = (int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_bool_exists_local",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_exists_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_bool_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_bool_exists_local" "', argument " "2"" of type '" "semanage_bool_key_t const *""'"); + } + arg2 = (semanage_bool_key_t *)(argp2); + result = (int)semanage_bool_exists_local(arg1,(struct semanage_bool_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res3)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg3))); + } else { + int new_flags = SWIG_IsNewObj(res3) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg3), SWIGTYPE_p_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_count_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + unsigned int *arg2 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + unsigned int temp2 ; + int res2 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + arg2 = &temp2; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_bool_count_local",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_count_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_bool_count_local(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res2)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg2))); + } else { + int new_flags = SWIG_IsNewObj(res2) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg2), SWIGTYPE_p_unsigned_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_iterate_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int (*arg2)(semanage_bool_t const *,void *) = (int (*)(semanage_bool_t const *,void *)) 0 ; + void *arg3 = (void *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res3 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_bool_iterate_local",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_iterate_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + { + int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_q_const__struct_semanage_bool_p_void__int); + if (!SWIG_IsOK(res)) { + SWIG_exception_fail(SWIG_ArgError(res), "in method '" "semanage_bool_iterate_local" "', argument " "2"" of type '" "int (*)(semanage_bool_t const *,void *)""'"); + } + } + res3 = SWIG_ConvertPtr(obj2,SWIG_as_voidptrptr(&arg3), 0, 0); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_bool_iterate_local" "', argument " "3"" of type '" "void *""'"); + } + result = (int)semanage_bool_iterate_local(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_list_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_bool_t ***arg2 = (semanage_bool_t ***) 0 ; + unsigned int *arg3 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_bool_t **temp2 = NULL ; + unsigned int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_bool_list_local",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_list_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_bool_list_local(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + if (resultobj) { + int value; + SWIG_AsVal_int(resultobj, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist(arg1, (void**) *arg2, *arg3, SWIGTYPE_p_semanage_bool, + (void (*) (void*)) &semanage_bool_free, &plist) < 0) + resultobj = SWIG_From_int(STATUS_ERR); + else + resultobj = SWIG_Python_AppendOutput(resultobj, plist); + } + } + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_set_active(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_bool_key_t *arg2 = (semanage_bool_key_t *) 0 ; + semanage_bool_t *arg3 = (semanage_bool_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + void *argp3 = 0 ; + int res3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_bool_set_active",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_set_active" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_bool_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_bool_set_active" "', argument " "2"" of type '" "semanage_bool_key_t const *""'"); + } + arg2 = (semanage_bool_key_t *)(argp2); + res3 = SWIG_ConvertPtr(obj2, &argp3,SWIGTYPE_p_semanage_bool, 0 | 0 ); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_bool_set_active" "', argument " "3"" of type '" "semanage_bool_t const *""'"); + } + arg3 = (semanage_bool_t *)(argp3); + result = (int)semanage_bool_set_active(arg1,(struct semanage_bool_key const *)arg2,(struct semanage_bool const *)arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_query_active(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_bool_key_t *arg2 = (semanage_bool_key_t *) 0 ; + semanage_bool_t **arg3 = (semanage_bool_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_bool_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_bool_query_active",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_query_active" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_bool_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_bool_query_active" "', argument " "2"" of type '" "semanage_bool_key_t const *""'"); + } + arg2 = (semanage_bool_key_t *)(argp2); + result = (int)semanage_bool_query_active(arg1,(struct semanage_bool_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_bool, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_exists_active(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_bool_key_t *arg2 = (semanage_bool_key_t *) 0 ; + int *arg3 = (int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_bool_exists_active",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_exists_active" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_bool_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_bool_exists_active" "', argument " "2"" of type '" "semanage_bool_key_t const *""'"); + } + arg2 = (semanage_bool_key_t *)(argp2); + result = (int)semanage_bool_exists_active(arg1,(struct semanage_bool_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res3)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg3))); + } else { + int new_flags = SWIG_IsNewObj(res3) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg3), SWIGTYPE_p_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_count_active(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + unsigned int *arg2 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + unsigned int temp2 ; + int res2 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + arg2 = &temp2; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_bool_count_active",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_count_active" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_bool_count_active(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res2)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg2))); + } else { + int new_flags = SWIG_IsNewObj(res2) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg2), SWIGTYPE_p_unsigned_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_iterate_active(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int (*arg2)(semanage_bool_t const *,void *) = (int (*)(semanage_bool_t const *,void *)) 0 ; + void *arg3 = (void *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res3 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_bool_iterate_active",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_iterate_active" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + { + int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_q_const__struct_semanage_bool_p_void__int); + if (!SWIG_IsOK(res)) { + SWIG_exception_fail(SWIG_ArgError(res), "in method '" "semanage_bool_iterate_active" "', argument " "2"" of type '" "int (*)(semanage_bool_t const *,void *)""'"); + } + } + res3 = SWIG_ConvertPtr(obj2,SWIG_as_voidptrptr(&arg3), 0, 0); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_bool_iterate_active" "', argument " "3"" of type '" "void *""'"); + } + result = (int)semanage_bool_iterate_active(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_bool_list_active(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_bool_t ***arg2 = (semanage_bool_t ***) 0 ; + unsigned int *arg3 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_bool_t **temp2 = NULL ; + unsigned int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_bool_list_active",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_bool_list_active" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_bool_list_active(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + if (resultobj) { + int value; + SWIG_AsVal_int(resultobj, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist(arg1, (void**) *arg2, *arg3, SWIGTYPE_p_semanage_bool, + (void (*) (void*)) &semanage_bool_free, &plist) < 0) + resultobj = SWIG_From_int(STATUS_ERR); + else + resultobj = SWIG_Python_AppendOutput(resultobj, plist); + } + } + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_compare(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_iface_t *arg1 = (semanage_iface_t *) 0 ; + semanage_iface_key_t *arg2 = (semanage_iface_key_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_iface_compare",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_iface, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_compare" "', argument " "1"" of type '" "semanage_iface_t const *""'"); + } + arg1 = (semanage_iface_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_iface_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_iface_compare" "', argument " "2"" of type '" "semanage_iface_key_t const *""'"); + } + arg2 = (semanage_iface_key_t *)(argp2); + result = (int)semanage_iface_compare((struct semanage_iface const *)arg1,(struct semanage_iface_key const *)arg2); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_compare2(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_iface_t *arg1 = (semanage_iface_t *) 0 ; + semanage_iface_t *arg2 = (semanage_iface_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_iface_compare2",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_iface, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_compare2" "', argument " "1"" of type '" "semanage_iface_t const *""'"); + } + arg1 = (semanage_iface_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_iface, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_iface_compare2" "', argument " "2"" of type '" "semanage_iface_t const *""'"); + } + arg2 = (semanage_iface_t *)(argp2); + result = (int)semanage_iface_compare2((struct semanage_iface const *)arg1,(struct semanage_iface const *)arg2); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_key_create(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + char *arg2 = (char *) 0 ; + semanage_iface_key_t **arg3 = (semanage_iface_key_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res2 ; + char *buf2 = 0 ; + int alloc2 = 0 ; + semanage_iface_key_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_iface_key_create",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_key_create" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_iface_key_create" "', argument " "2"" of type '" "char const *""'"); + } + arg2 = (char *)(buf2); + result = (int)semanage_iface_key_create(arg1,(char const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_iface_key, 0)); + } + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return resultobj; +fail: + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_key_extract(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_iface_t *arg2 = (semanage_iface_t *) 0 ; + semanage_iface_key_t **arg3 = (semanage_iface_key_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_iface_key_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_iface_key_extract",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_key_extract" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_iface, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_iface_key_extract" "', argument " "2"" of type '" "semanage_iface_t const *""'"); + } + arg2 = (semanage_iface_t *)(argp2); + result = (int)semanage_iface_key_extract(arg1,(struct semanage_iface const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_iface_key, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_key_free(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_iface_key_t *arg1 = (semanage_iface_key_t *) 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_iface_key_free",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_iface_key, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_key_free" "', argument " "1"" of type '" "semanage_iface_key_t *""'"); + } + arg1 = (semanage_iface_key_t *)(argp1); + semanage_iface_key_free(arg1); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_get_name(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_iface_t *arg1 = (semanage_iface_t *) 0 ; + char *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_iface_get_name",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_iface, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_get_name" "', argument " "1"" of type '" "semanage_iface_t const *""'"); + } + arg1 = (semanage_iface_t *)(argp1); + result = (char *)semanage_iface_get_name((struct semanage_iface const *)arg1); + resultobj = SWIG_FromCharPtr((const char *)result); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_set_name(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_iface_t *arg2 = (semanage_iface_t *) 0 ; + char *arg3 = (char *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int res3 ; + char *buf3 = 0 ; + int alloc3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_iface_set_name",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_set_name" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_iface, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_iface_set_name" "', argument " "2"" of type '" "semanage_iface_t *""'"); + } + arg2 = (semanage_iface_t *)(argp2); + res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_iface_set_name" "', argument " "3"" of type '" "char const *""'"); + } + arg3 = (char *)(buf3); + result = (int)semanage_iface_set_name(arg1,arg2,(char const *)arg3); + resultobj = SWIG_From_int((int)(result)); + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return resultobj; +fail: + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_get_ifcon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_iface_t *arg1 = (semanage_iface_t *) 0 ; + semanage_context_t *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_iface_get_ifcon",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_iface, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_get_ifcon" "', argument " "1"" of type '" "semanage_iface_t const *""'"); + } + arg1 = (semanage_iface_t *)(argp1); + result = (semanage_context_t *)semanage_iface_get_ifcon((struct semanage_iface const *)arg1); + resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_semanage_context, 0 | 0 ); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_set_ifcon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_iface_t *arg2 = (semanage_iface_t *) 0 ; + semanage_context_t *arg3 = (semanage_context_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + void *argp3 = 0 ; + int res3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_iface_set_ifcon",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_set_ifcon" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_iface, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_iface_set_ifcon" "', argument " "2"" of type '" "semanage_iface_t *""'"); + } + arg2 = (semanage_iface_t *)(argp2); + res3 = SWIG_ConvertPtr(obj2, &argp3,SWIGTYPE_p_semanage_context, 0 | 0 ); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_iface_set_ifcon" "', argument " "3"" of type '" "semanage_context_t *""'"); + } + arg3 = (semanage_context_t *)(argp3); + result = (int)semanage_iface_set_ifcon(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_get_msgcon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_iface_t *arg1 = (semanage_iface_t *) 0 ; + semanage_context_t *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_iface_get_msgcon",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_iface, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_get_msgcon" "', argument " "1"" of type '" "semanage_iface_t const *""'"); + } + arg1 = (semanage_iface_t *)(argp1); + result = (semanage_context_t *)semanage_iface_get_msgcon((struct semanage_iface const *)arg1); + resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_semanage_context, 0 | 0 ); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_set_msgcon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_iface_t *arg2 = (semanage_iface_t *) 0 ; + semanage_context_t *arg3 = (semanage_context_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + void *argp3 = 0 ; + int res3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_iface_set_msgcon",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_set_msgcon" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_iface, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_iface_set_msgcon" "', argument " "2"" of type '" "semanage_iface_t *""'"); + } + arg2 = (semanage_iface_t *)(argp2); + res3 = SWIG_ConvertPtr(obj2, &argp3,SWIGTYPE_p_semanage_context, 0 | 0 ); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_iface_set_msgcon" "', argument " "3"" of type '" "semanage_context_t *""'"); + } + arg3 = (semanage_context_t *)(argp3); + result = (int)semanage_iface_set_msgcon(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_create(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_iface_t **arg2 = (semanage_iface_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_iface_t *temp2 = NULL ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + if (!PyArg_ParseTuple(args,(char *)"O:semanage_iface_create",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_create" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_iface_create(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg2, SWIGTYPE_p_semanage_iface, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_clone(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_iface_t *arg2 = (semanage_iface_t *) 0 ; + semanage_iface_t **arg3 = (semanage_iface_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_iface_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_iface_clone",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_clone" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_iface, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_iface_clone" "', argument " "2"" of type '" "semanage_iface_t const *""'"); + } + arg2 = (semanage_iface_t *)(argp2); + result = (int)semanage_iface_clone(arg1,(struct semanage_iface const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_iface, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_free(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_iface_t *arg1 = (semanage_iface_t *) 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_iface_free",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_iface, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_free" "', argument " "1"" of type '" "semanage_iface_t *""'"); + } + arg1 = (semanage_iface_t *)(argp1); + semanage_iface_free(arg1); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_modify_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_iface_key_t *arg2 = (semanage_iface_key_t *) 0 ; + semanage_iface_t *arg3 = (semanage_iface_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + void *argp3 = 0 ; + int res3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_iface_modify_local",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_modify_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_iface_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_iface_modify_local" "', argument " "2"" of type '" "semanage_iface_key_t const *""'"); + } + arg2 = (semanage_iface_key_t *)(argp2); + res3 = SWIG_ConvertPtr(obj2, &argp3,SWIGTYPE_p_semanage_iface, 0 | 0 ); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_iface_modify_local" "', argument " "3"" of type '" "semanage_iface_t const *""'"); + } + arg3 = (semanage_iface_t *)(argp3); + result = (int)semanage_iface_modify_local(arg1,(struct semanage_iface_key const *)arg2,(struct semanage_iface const *)arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_del_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_iface_key_t *arg2 = (semanage_iface_key_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_iface_del_local",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_del_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_iface_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_iface_del_local" "', argument " "2"" of type '" "semanage_iface_key_t const *""'"); + } + arg2 = (semanage_iface_key_t *)(argp2); + result = (int)semanage_iface_del_local(arg1,(struct semanage_iface_key const *)arg2); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_query_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_iface_key_t *arg2 = (semanage_iface_key_t *) 0 ; + semanage_iface_t **arg3 = (semanage_iface_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_iface_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_iface_query_local",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_query_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_iface_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_iface_query_local" "', argument " "2"" of type '" "semanage_iface_key_t const *""'"); + } + arg2 = (semanage_iface_key_t *)(argp2); + result = (int)semanage_iface_query_local(arg1,(struct semanage_iface_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_iface, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_exists_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_iface_key_t *arg2 = (semanage_iface_key_t *) 0 ; + int *arg3 = (int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_iface_exists_local",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_exists_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_iface_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_iface_exists_local" "', argument " "2"" of type '" "semanage_iface_key_t const *""'"); + } + arg2 = (semanage_iface_key_t *)(argp2); + result = (int)semanage_iface_exists_local(arg1,(struct semanage_iface_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res3)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg3))); + } else { + int new_flags = SWIG_IsNewObj(res3) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg3), SWIGTYPE_p_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_count_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + unsigned int *arg2 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + unsigned int temp2 ; + int res2 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + arg2 = &temp2; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_iface_count_local",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_count_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_iface_count_local(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res2)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg2))); + } else { + int new_flags = SWIG_IsNewObj(res2) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg2), SWIGTYPE_p_unsigned_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_iterate_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int (*arg2)(semanage_iface_t const *,void *) = (int (*)(semanage_iface_t const *,void *)) 0 ; + void *arg3 = (void *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res3 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_iface_iterate_local",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_iterate_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + { + int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_q_const__struct_semanage_iface_p_void__int); + if (!SWIG_IsOK(res)) { + SWIG_exception_fail(SWIG_ArgError(res), "in method '" "semanage_iface_iterate_local" "', argument " "2"" of type '" "int (*)(semanage_iface_t const *,void *)""'"); + } + } + res3 = SWIG_ConvertPtr(obj2,SWIG_as_voidptrptr(&arg3), 0, 0); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_iface_iterate_local" "', argument " "3"" of type '" "void *""'"); + } + result = (int)semanage_iface_iterate_local(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_list_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_iface_t ***arg2 = (semanage_iface_t ***) 0 ; + unsigned int *arg3 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_iface_t **temp2 = NULL ; + unsigned int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_iface_list_local",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_list_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_iface_list_local(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + if (resultobj) { + int value; + SWIG_AsVal_int(resultobj, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist(arg1, (void**) *arg2, *arg3, SWIGTYPE_p_semanage_iface, + (void (*) (void*)) &semanage_iface_free, &plist) < 0) + resultobj = SWIG_From_int(STATUS_ERR); + else + resultobj = SWIG_Python_AppendOutput(resultobj, plist); + } + } + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_query(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_iface_key_t *arg2 = (semanage_iface_key_t *) 0 ; + semanage_iface_t **arg3 = (semanage_iface_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_iface_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_iface_query",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_query" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_iface_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_iface_query" "', argument " "2"" of type '" "semanage_iface_key_t const *""'"); + } + arg2 = (semanage_iface_key_t *)(argp2); + result = (int)semanage_iface_query(arg1,(struct semanage_iface_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_iface, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_exists(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_iface_key_t *arg2 = (semanage_iface_key_t *) 0 ; + int *arg3 = (int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_iface_exists",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_exists" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_iface_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_iface_exists" "', argument " "2"" of type '" "semanage_iface_key_t const *""'"); + } + arg2 = (semanage_iface_key_t *)(argp2); + result = (int)semanage_iface_exists(arg1,(struct semanage_iface_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res3)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg3))); + } else { + int new_flags = SWIG_IsNewObj(res3) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg3), SWIGTYPE_p_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_count(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + unsigned int *arg2 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + unsigned int temp2 ; + int res2 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + arg2 = &temp2; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_iface_count",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_count" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_iface_count(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res2)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg2))); + } else { + int new_flags = SWIG_IsNewObj(res2) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg2), SWIGTYPE_p_unsigned_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_iterate(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int (*arg2)(semanage_iface_t const *,void *) = (int (*)(semanage_iface_t const *,void *)) 0 ; + void *arg3 = (void *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res3 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_iface_iterate",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_iterate" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + { + int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_q_const__struct_semanage_iface_p_void__int); + if (!SWIG_IsOK(res)) { + SWIG_exception_fail(SWIG_ArgError(res), "in method '" "semanage_iface_iterate" "', argument " "2"" of type '" "int (*)(semanage_iface_t const *,void *)""'"); + } + } + res3 = SWIG_ConvertPtr(obj2,SWIG_as_voidptrptr(&arg3), 0, 0); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_iface_iterate" "', argument " "3"" of type '" "void *""'"); + } + result = (int)semanage_iface_iterate(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_iface_list(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_iface_t ***arg2 = (semanage_iface_t ***) 0 ; + unsigned int *arg3 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_iface_t **temp2 = NULL ; + unsigned int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_iface_list",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_iface_list" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_iface_list(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + if (resultobj) { + int value; + SWIG_AsVal_int(resultobj, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist(arg1, (void**) *arg2, *arg3, SWIGTYPE_p_semanage_iface, + (void (*) (void*)) &semanage_iface_free, &plist) < 0) + resultobj = SWIG_From_int(STATUS_ERR); + else + resultobj = SWIG_Python_AppendOutput(resultobj, plist); + } + } + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_key_create(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + char *arg2 = (char *) 0 ; + semanage_user_key_t **arg3 = (semanage_user_key_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res2 ; + char *buf2 = 0 ; + int alloc2 = 0 ; + semanage_user_key_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_user_key_create",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_key_create" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_key_create" "', argument " "2"" of type '" "char const *""'"); + } + arg2 = (char *)(buf2); + result = (int)semanage_user_key_create(arg1,(char const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_user_key, 0)); + } + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return resultobj; +fail: + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_key_extract(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_user_t *arg2 = (semanage_user_t *) 0 ; + semanage_user_key_t **arg3 = (semanage_user_key_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_user_key_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_user_key_extract",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_key_extract" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_user, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_key_extract" "', argument " "2"" of type '" "semanage_user_t const *""'"); + } + arg2 = (semanage_user_t *)(argp2); + result = (int)semanage_user_key_extract(arg1,(struct semanage_user const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_user_key, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_key_free(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_user_key_t *arg1 = (semanage_user_key_t *) 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_user_key_free",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_user_key, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_key_free" "', argument " "1"" of type '" "semanage_user_key_t *""'"); + } + arg1 = (semanage_user_key_t *)(argp1); + semanage_user_key_free(arg1); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_compare(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_user_t *arg1 = (semanage_user_t *) 0 ; + semanage_user_key_t *arg2 = (semanage_user_key_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_user_compare",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_user, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_compare" "', argument " "1"" of type '" "semanage_user_t const *""'"); + } + arg1 = (semanage_user_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_user_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_compare" "', argument " "2"" of type '" "semanage_user_key_t const *""'"); + } + arg2 = (semanage_user_key_t *)(argp2); + result = (int)semanage_user_compare((struct semanage_user const *)arg1,(struct semanage_user_key const *)arg2); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_compare2(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_user_t *arg1 = (semanage_user_t *) 0 ; + semanage_user_t *arg2 = (semanage_user_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_user_compare2",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_user, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_compare2" "', argument " "1"" of type '" "semanage_user_t const *""'"); + } + arg1 = (semanage_user_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_user, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_compare2" "', argument " "2"" of type '" "semanage_user_t const *""'"); + } + arg2 = (semanage_user_t *)(argp2); + result = (int)semanage_user_compare2((struct semanage_user const *)arg1,(struct semanage_user const *)arg2); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_get_name(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_user_t *arg1 = (semanage_user_t *) 0 ; + char *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_user_get_name",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_user, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_get_name" "', argument " "1"" of type '" "semanage_user_t const *""'"); + } + arg1 = (semanage_user_t *)(argp1); + result = (char *)semanage_user_get_name((struct semanage_user const *)arg1); + resultobj = SWIG_FromCharPtr((const char *)result); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_set_name(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_user_t *arg2 = (semanage_user_t *) 0 ; + char *arg3 = (char *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int res3 ; + char *buf3 = 0 ; + int alloc3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_user_set_name",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_set_name" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_user, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_set_name" "', argument " "2"" of type '" "semanage_user_t *""'"); + } + arg2 = (semanage_user_t *)(argp2); + res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_user_set_name" "', argument " "3"" of type '" "char const *""'"); + } + arg3 = (char *)(buf3); + result = (int)semanage_user_set_name(arg1,arg2,(char const *)arg3); + resultobj = SWIG_From_int((int)(result)); + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return resultobj; +fail: + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_get_prefix(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_user_t *arg1 = (semanage_user_t *) 0 ; + char *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_user_get_prefix",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_user, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_get_prefix" "', argument " "1"" of type '" "semanage_user_t const *""'"); + } + arg1 = (semanage_user_t *)(argp1); + result = (char *)semanage_user_get_prefix((struct semanage_user const *)arg1); + resultobj = SWIG_FromCharPtr((const char *)result); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_set_prefix(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_user_t *arg2 = (semanage_user_t *) 0 ; + char *arg3 = (char *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int res3 ; + char *buf3 = 0 ; + int alloc3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_user_set_prefix",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_set_prefix" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_user, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_set_prefix" "', argument " "2"" of type '" "semanage_user_t *""'"); + } + arg2 = (semanage_user_t *)(argp2); + res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_user_set_prefix" "', argument " "3"" of type '" "char const *""'"); + } + arg3 = (char *)(buf3); + result = (int)semanage_user_set_prefix(arg1,arg2,(char const *)arg3); + resultobj = SWIG_From_int((int)(result)); + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return resultobj; +fail: + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_get_mlslevel(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_user_t *arg1 = (semanage_user_t *) 0 ; + char *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_user_get_mlslevel",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_user, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_get_mlslevel" "', argument " "1"" of type '" "semanage_user_t const *""'"); + } + arg1 = (semanage_user_t *)(argp1); + result = (char *)semanage_user_get_mlslevel((struct semanage_user const *)arg1); + resultobj = SWIG_FromCharPtr((const char *)result); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_set_mlslevel(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_user_t *arg2 = (semanage_user_t *) 0 ; + char *arg3 = (char *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int res3 ; + char *buf3 = 0 ; + int alloc3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_user_set_mlslevel",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_set_mlslevel" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_user, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_set_mlslevel" "', argument " "2"" of type '" "semanage_user_t *""'"); + } + arg2 = (semanage_user_t *)(argp2); + res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_user_set_mlslevel" "', argument " "3"" of type '" "char const *""'"); + } + arg3 = (char *)(buf3); + result = (int)semanage_user_set_mlslevel(arg1,arg2,(char const *)arg3); + resultobj = SWIG_From_int((int)(result)); + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return resultobj; +fail: + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_get_mlsrange(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_user_t *arg1 = (semanage_user_t *) 0 ; + char *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_user_get_mlsrange",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_user, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_get_mlsrange" "', argument " "1"" of type '" "semanage_user_t const *""'"); + } + arg1 = (semanage_user_t *)(argp1); + result = (char *)semanage_user_get_mlsrange((struct semanage_user const *)arg1); + resultobj = SWIG_FromCharPtr((const char *)result); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_set_mlsrange(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_user_t *arg2 = (semanage_user_t *) 0 ; + char *arg3 = (char *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int res3 ; + char *buf3 = 0 ; + int alloc3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_user_set_mlsrange",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_set_mlsrange" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_user, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_set_mlsrange" "', argument " "2"" of type '" "semanage_user_t *""'"); + } + arg2 = (semanage_user_t *)(argp2); + res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_user_set_mlsrange" "', argument " "3"" of type '" "char const *""'"); + } + arg3 = (char *)(buf3); + result = (int)semanage_user_set_mlsrange(arg1,arg2,(char const *)arg3); + resultobj = SWIG_From_int((int)(result)); + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return resultobj; +fail: + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_get_num_roles(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_user_t *arg1 = (semanage_user_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_user_get_num_roles",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_user, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_get_num_roles" "', argument " "1"" of type '" "semanage_user_t const *""'"); + } + arg1 = (semanage_user_t *)(argp1); + result = (int)semanage_user_get_num_roles((struct semanage_user const *)arg1); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_add_role(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_user_t *arg2 = (semanage_user_t *) 0 ; + char *arg3 = (char *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int res3 ; + char *buf3 = 0 ; + int alloc3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_user_add_role",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_add_role" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_user, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_add_role" "', argument " "2"" of type '" "semanage_user_t *""'"); + } + arg2 = (semanage_user_t *)(argp2); + res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_user_add_role" "', argument " "3"" of type '" "char const *""'"); + } + arg3 = (char *)(buf3); + result = (int)semanage_user_add_role(arg1,arg2,(char const *)arg3); + resultobj = SWIG_From_int((int)(result)); + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return resultobj; +fail: + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_del_role(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_user_t *arg1 = (semanage_user_t *) 0 ; + char *arg2 = (char *) 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + int res2 ; + char *buf2 = 0 ; + int alloc2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_user_del_role",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_user, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_del_role" "', argument " "1"" of type '" "semanage_user_t *""'"); + } + arg1 = (semanage_user_t *)(argp1); + res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_del_role" "', argument " "2"" of type '" "char const *""'"); + } + arg2 = (char *)(buf2); + semanage_user_del_role(arg1,(char const *)arg2); + resultobj = SWIG_Py_Void(); + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return resultobj; +fail: + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_has_role(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_user_t *arg1 = (semanage_user_t *) 0 ; + char *arg2 = (char *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res2 ; + char *buf2 = 0 ; + int alloc2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_user_has_role",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_user, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_has_role" "', argument " "1"" of type '" "semanage_user_t const *""'"); + } + arg1 = (semanage_user_t *)(argp1); + res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_has_role" "', argument " "2"" of type '" "char const *""'"); + } + arg2 = (char *)(buf2); + result = (int)semanage_user_has_role((struct semanage_user const *)arg1,(char const *)arg2); + resultobj = SWIG_From_int((int)(result)); + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return resultobj; +fail: + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_get_roles(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_user_t *arg2 = (semanage_user_t *) 0 ; + char ***arg3 = (char ***) 0 ; + unsigned int *arg4 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + char **temp3 = NULL ; + unsigned int temp4 ; + int res4 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + arg4 = &temp4; + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_user_get_roles",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_get_roles" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_user, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_get_roles" "', argument " "2"" of type '" "semanage_user_t const *""'"); + } + arg2 = (semanage_user_t *)(argp2); + result = (int)semanage_user_get_roles(arg1,(struct semanage_user const *)arg2,(char const ***)arg3,arg4); + resultobj = SWIG_From_int((int)(result)); + { + if (resultobj) { + int value; + SWIG_AsVal_int(resultobj, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist(arg1, (void**) *arg3, *arg4, + NULL, NULL, &plist) < 0) + resultobj = SWIG_From_int(STATUS_ERR); + else + resultobj = SWIG_Python_AppendOutput(resultobj, plist); + } + } + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_set_roles(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_user_t *arg2 = (semanage_user_t *) 0 ; + char **arg3 = (char **) 0 ; + unsigned int arg4 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + char *temp3 = NULL ; + unsigned int val4 ; + int ecode4 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_user_set_roles",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_set_roles" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_user, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_set_roles" "', argument " "2"" of type '" "semanage_user_t *""'"); + } + arg2 = (semanage_user_t *)(argp2); + ecode4 = SWIG_AsVal_unsigned_SS_int(obj2, &val4); + if (!SWIG_IsOK(ecode4)) { + SWIG_exception_fail(SWIG_ArgError(ecode4), "in method '" "semanage_user_set_roles" "', argument " "4"" of type '" "unsigned int""'"); + } + arg4 = (unsigned int)(val4); + result = (int)semanage_user_set_roles(arg1,arg2,(char const **)arg3,arg4); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg3)); + free(*arg3); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_create(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_user_t **arg2 = (semanage_user_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_user_t *temp2 = NULL ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + if (!PyArg_ParseTuple(args,(char *)"O:semanage_user_create",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_create" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_user_create(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg2, SWIGTYPE_p_semanage_user, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_clone(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_user_t *arg2 = (semanage_user_t *) 0 ; + semanage_user_t **arg3 = (semanage_user_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_user_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_user_clone",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_clone" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_user, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_clone" "', argument " "2"" of type '" "semanage_user_t const *""'"); + } + arg2 = (semanage_user_t *)(argp2); + result = (int)semanage_user_clone(arg1,(struct semanage_user const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_user, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_free(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_user_t *arg1 = (semanage_user_t *) 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_user_free",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_user, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_free" "', argument " "1"" of type '" "semanage_user_t *""'"); + } + arg1 = (semanage_user_t *)(argp1); + semanage_user_free(arg1); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_modify_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_user_key_t *arg2 = (semanage_user_key_t *) 0 ; + semanage_user_t *arg3 = (semanage_user_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + void *argp3 = 0 ; + int res3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_user_modify_local",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_modify_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_user_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_modify_local" "', argument " "2"" of type '" "semanage_user_key_t const *""'"); + } + arg2 = (semanage_user_key_t *)(argp2); + res3 = SWIG_ConvertPtr(obj2, &argp3,SWIGTYPE_p_semanage_user, 0 | 0 ); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_user_modify_local" "', argument " "3"" of type '" "semanage_user_t const *""'"); + } + arg3 = (semanage_user_t *)(argp3); + result = (int)semanage_user_modify_local(arg1,(struct semanage_user_key const *)arg2,(struct semanage_user const *)arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_del_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_user_key_t *arg2 = (semanage_user_key_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_user_del_local",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_del_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_user_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_del_local" "', argument " "2"" of type '" "semanage_user_key_t const *""'"); + } + arg2 = (semanage_user_key_t *)(argp2); + result = (int)semanage_user_del_local(arg1,(struct semanage_user_key const *)arg2); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_query_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_user_key_t *arg2 = (semanage_user_key_t *) 0 ; + semanage_user_t **arg3 = (semanage_user_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_user_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_user_query_local",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_query_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_user_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_query_local" "', argument " "2"" of type '" "semanage_user_key_t const *""'"); + } + arg2 = (semanage_user_key_t *)(argp2); + result = (int)semanage_user_query_local(arg1,(struct semanage_user_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_user, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_exists_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_user_key_t *arg2 = (semanage_user_key_t *) 0 ; + int *arg3 = (int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_user_exists_local",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_exists_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_user_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_exists_local" "', argument " "2"" of type '" "semanage_user_key_t const *""'"); + } + arg2 = (semanage_user_key_t *)(argp2); + result = (int)semanage_user_exists_local(arg1,(struct semanage_user_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res3)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg3))); + } else { + int new_flags = SWIG_IsNewObj(res3) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg3), SWIGTYPE_p_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_count_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + unsigned int *arg2 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + unsigned int temp2 ; + int res2 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + arg2 = &temp2; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_user_count_local",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_count_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_user_count_local(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res2)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg2))); + } else { + int new_flags = SWIG_IsNewObj(res2) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg2), SWIGTYPE_p_unsigned_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_iterate_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int (*arg2)(semanage_user_t const *,void *) = (int (*)(semanage_user_t const *,void *)) 0 ; + void *arg3 = (void *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res3 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_user_iterate_local",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_iterate_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + { + int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_q_const__struct_semanage_user_p_void__int); + if (!SWIG_IsOK(res)) { + SWIG_exception_fail(SWIG_ArgError(res), "in method '" "semanage_user_iterate_local" "', argument " "2"" of type '" "int (*)(semanage_user_t const *,void *)""'"); + } + } + res3 = SWIG_ConvertPtr(obj2,SWIG_as_voidptrptr(&arg3), 0, 0); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_user_iterate_local" "', argument " "3"" of type '" "void *""'"); + } + result = (int)semanage_user_iterate_local(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_list_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_user_t ***arg2 = (semanage_user_t ***) 0 ; + unsigned int *arg3 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_user_t **temp2 = NULL ; + unsigned int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_user_list_local",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_list_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_user_list_local(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + if (resultobj) { + int value; + SWIG_AsVal_int(resultobj, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist(arg1, (void**) *arg2, *arg3, SWIGTYPE_p_semanage_user, + (void (*) (void*)) &semanage_user_free, &plist) < 0) + resultobj = SWIG_From_int(STATUS_ERR); + else + resultobj = SWIG_Python_AppendOutput(resultobj, plist); + } + } + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_query(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_user_key_t *arg2 = (semanage_user_key_t *) 0 ; + semanage_user_t **arg3 = (semanage_user_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_user_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_user_query",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_query" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_user_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_query" "', argument " "2"" of type '" "semanage_user_key_t const *""'"); + } + arg2 = (semanage_user_key_t *)(argp2); + result = (int)semanage_user_query(arg1,(struct semanage_user_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_user, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_exists(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_user_key_t *arg2 = (semanage_user_key_t *) 0 ; + int *arg3 = (int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_user_exists",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_exists" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_user_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_user_exists" "', argument " "2"" of type '" "semanage_user_key_t const *""'"); + } + arg2 = (semanage_user_key_t *)(argp2); + result = (int)semanage_user_exists(arg1,(struct semanage_user_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res3)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg3))); + } else { + int new_flags = SWIG_IsNewObj(res3) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg3), SWIGTYPE_p_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_count(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + unsigned int *arg2 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + unsigned int temp2 ; + int res2 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + arg2 = &temp2; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_user_count",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_count" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_user_count(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res2)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg2))); + } else { + int new_flags = SWIG_IsNewObj(res2) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg2), SWIGTYPE_p_unsigned_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_iterate(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int (*arg2)(semanage_user_t const *,void *) = (int (*)(semanage_user_t const *,void *)) 0 ; + void *arg3 = (void *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res3 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_user_iterate",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_iterate" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + { + int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_q_const__struct_semanage_user_p_void__int); + if (!SWIG_IsOK(res)) { + SWIG_exception_fail(SWIG_ArgError(res), "in method '" "semanage_user_iterate" "', argument " "2"" of type '" "int (*)(semanage_user_t const *,void *)""'"); + } + } + res3 = SWIG_ConvertPtr(obj2,SWIG_as_voidptrptr(&arg3), 0, 0); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_user_iterate" "', argument " "3"" of type '" "void *""'"); + } + result = (int)semanage_user_iterate(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_user_list(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_user_t ***arg2 = (semanage_user_t ***) 0 ; + unsigned int *arg3 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_user_t **temp2 = NULL ; + unsigned int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_user_list",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_user_list" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_user_list(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + if (resultobj) { + int value; + SWIG_AsVal_int(resultobj, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist(arg1, (void**) *arg2, *arg3, SWIGTYPE_p_semanage_user, + (void (*) (void*)) &semanage_user_free, &plist) < 0) + resultobj = SWIG_From_int(STATUS_ERR); + else + resultobj = SWIG_Python_AppendOutput(resultobj, plist); + } + } + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_compare(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_port_t *arg1 = (semanage_port_t *) 0 ; + semanage_port_key_t *arg2 = (semanage_port_key_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_port_compare",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_port, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_compare" "', argument " "1"" of type '" "semanage_port_t const *""'"); + } + arg1 = (semanage_port_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_port_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_port_compare" "', argument " "2"" of type '" "semanage_port_key_t const *""'"); + } + arg2 = (semanage_port_key_t *)(argp2); + result = (int)semanage_port_compare((struct semanage_port const *)arg1,(struct semanage_port_key const *)arg2); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_compare2(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_port_t *arg1 = (semanage_port_t *) 0 ; + semanage_port_t *arg2 = (semanage_port_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_port_compare2",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_port, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_compare2" "', argument " "1"" of type '" "semanage_port_t const *""'"); + } + arg1 = (semanage_port_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_port, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_port_compare2" "', argument " "2"" of type '" "semanage_port_t const *""'"); + } + arg2 = (semanage_port_t *)(argp2); + result = (int)semanage_port_compare2((struct semanage_port const *)arg1,(struct semanage_port const *)arg2); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_key_create(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int arg2 ; + int arg3 ; + int arg4 ; + semanage_port_key_t **arg5 = (semanage_port_key_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int val2 ; + int ecode2 = 0 ; + int val3 ; + int ecode3 = 0 ; + int val4 ; + int ecode4 = 0 ; + semanage_port_key_t *temp5 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + PyObject * obj3 = 0 ; + + { + arg5 = &temp5; + } + if (!PyArg_ParseTuple(args,(char *)"OOOO:semanage_port_key_create",&obj0,&obj1,&obj2,&obj3)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_key_create" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + ecode2 = SWIG_AsVal_int(obj1, &val2); + if (!SWIG_IsOK(ecode2)) { + SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "semanage_port_key_create" "', argument " "2"" of type '" "int""'"); + } + arg2 = (int)(val2); + ecode3 = SWIG_AsVal_int(obj2, &val3); + if (!SWIG_IsOK(ecode3)) { + SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "semanage_port_key_create" "', argument " "3"" of type '" "int""'"); + } + arg3 = (int)(val3); + ecode4 = SWIG_AsVal_int(obj3, &val4); + if (!SWIG_IsOK(ecode4)) { + SWIG_exception_fail(SWIG_ArgError(ecode4), "in method '" "semanage_port_key_create" "', argument " "4"" of type '" "int""'"); + } + arg4 = (int)(val4); + result = (int)semanage_port_key_create(arg1,arg2,arg3,arg4,arg5); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg5, SWIGTYPE_p_semanage_port_key, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_key_extract(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_port_t *arg2 = (semanage_port_t *) 0 ; + semanage_port_key_t **arg3 = (semanage_port_key_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_port_key_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_port_key_extract",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_key_extract" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_port, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_port_key_extract" "', argument " "2"" of type '" "semanage_port_t const *""'"); + } + arg2 = (semanage_port_t *)(argp2); + result = (int)semanage_port_key_extract(arg1,(struct semanage_port const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_port_key, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_key_free(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_port_key_t *arg1 = (semanage_port_key_t *) 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_port_key_free",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_port_key, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_key_free" "', argument " "1"" of type '" "semanage_port_key_t *""'"); + } + arg1 = (semanage_port_key_t *)(argp1); + semanage_port_key_free(arg1); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_get_proto(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_port_t *arg1 = (semanage_port_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_port_get_proto",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_port, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_get_proto" "', argument " "1"" of type '" "semanage_port_t const *""'"); + } + arg1 = (semanage_port_t *)(argp1); + result = (int)semanage_port_get_proto((struct semanage_port const *)arg1); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_set_proto(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_port_t *arg1 = (semanage_port_t *) 0 ; + int arg2 ; + void *argp1 = 0 ; + int res1 = 0 ; + int val2 ; + int ecode2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_port_set_proto",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_port, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_set_proto" "', argument " "1"" of type '" "semanage_port_t *""'"); + } + arg1 = (semanage_port_t *)(argp1); + ecode2 = SWIG_AsVal_int(obj1, &val2); + if (!SWIG_IsOK(ecode2)) { + SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "semanage_port_set_proto" "', argument " "2"" of type '" "int""'"); + } + arg2 = (int)(val2); + semanage_port_set_proto(arg1,arg2); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_get_proto_str(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + int arg1 ; + char *result = 0 ; + int val1 ; + int ecode1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_port_get_proto_str",&obj0)) SWIG_fail; + ecode1 = SWIG_AsVal_int(obj0, &val1); + if (!SWIG_IsOK(ecode1)) { + SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "semanage_port_get_proto_str" "', argument " "1"" of type '" "int""'"); + } + arg1 = (int)(val1); + result = (char *)semanage_port_get_proto_str(arg1); + resultobj = SWIG_FromCharPtr((const char *)result); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_get_low(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_port_t *arg1 = (semanage_port_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_port_get_low",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_port, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_get_low" "', argument " "1"" of type '" "semanage_port_t const *""'"); + } + arg1 = (semanage_port_t *)(argp1); + result = (int)semanage_port_get_low((struct semanage_port const *)arg1); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_get_high(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_port_t *arg1 = (semanage_port_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_port_get_high",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_port, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_get_high" "', argument " "1"" of type '" "semanage_port_t const *""'"); + } + arg1 = (semanage_port_t *)(argp1); + result = (int)semanage_port_get_high((struct semanage_port const *)arg1); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_set_port(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_port_t *arg1 = (semanage_port_t *) 0 ; + int arg2 ; + void *argp1 = 0 ; + int res1 = 0 ; + int val2 ; + int ecode2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_port_set_port",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_port, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_set_port" "', argument " "1"" of type '" "semanage_port_t *""'"); + } + arg1 = (semanage_port_t *)(argp1); + ecode2 = SWIG_AsVal_int(obj1, &val2); + if (!SWIG_IsOK(ecode2)) { + SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "semanage_port_set_port" "', argument " "2"" of type '" "int""'"); + } + arg2 = (int)(val2); + semanage_port_set_port(arg1,arg2); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_set_range(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_port_t *arg1 = (semanage_port_t *) 0 ; + int arg2 ; + int arg3 ; + void *argp1 = 0 ; + int res1 = 0 ; + int val2 ; + int ecode2 = 0 ; + int val3 ; + int ecode3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_port_set_range",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_port, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_set_range" "', argument " "1"" of type '" "semanage_port_t *""'"); + } + arg1 = (semanage_port_t *)(argp1); + ecode2 = SWIG_AsVal_int(obj1, &val2); + if (!SWIG_IsOK(ecode2)) { + SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "semanage_port_set_range" "', argument " "2"" of type '" "int""'"); + } + arg2 = (int)(val2); + ecode3 = SWIG_AsVal_int(obj2, &val3); + if (!SWIG_IsOK(ecode3)) { + SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "semanage_port_set_range" "', argument " "3"" of type '" "int""'"); + } + arg3 = (int)(val3); + semanage_port_set_range(arg1,arg2,arg3); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_get_con(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_port_t *arg1 = (semanage_port_t *) 0 ; + semanage_context_t *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_port_get_con",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_port, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_get_con" "', argument " "1"" of type '" "semanage_port_t const *""'"); + } + arg1 = (semanage_port_t *)(argp1); + result = (semanage_context_t *)semanage_port_get_con((struct semanage_port const *)arg1); + resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_semanage_context, 0 | 0 ); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_set_con(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_port_t *arg2 = (semanage_port_t *) 0 ; + semanage_context_t *arg3 = (semanage_context_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + void *argp3 = 0 ; + int res3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_port_set_con",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_set_con" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_port, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_port_set_con" "', argument " "2"" of type '" "semanage_port_t *""'"); + } + arg2 = (semanage_port_t *)(argp2); + res3 = SWIG_ConvertPtr(obj2, &argp3,SWIGTYPE_p_semanage_context, 0 | 0 ); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_port_set_con" "', argument " "3"" of type '" "semanage_context_t *""'"); + } + arg3 = (semanage_context_t *)(argp3); + result = (int)semanage_port_set_con(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_create(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_port_t **arg2 = (semanage_port_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_port_t *temp2 = NULL ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + if (!PyArg_ParseTuple(args,(char *)"O:semanage_port_create",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_create" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_port_create(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg2, SWIGTYPE_p_semanage_port, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_clone(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_port_t *arg2 = (semanage_port_t *) 0 ; + semanage_port_t **arg3 = (semanage_port_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_port_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_port_clone",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_clone" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_port, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_port_clone" "', argument " "2"" of type '" "semanage_port_t const *""'"); + } + arg2 = (semanage_port_t *)(argp2); + result = (int)semanage_port_clone(arg1,(struct semanage_port const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_port, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_free(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_port_t *arg1 = (semanage_port_t *) 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_port_free",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_port, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_free" "', argument " "1"" of type '" "semanage_port_t *""'"); + } + arg1 = (semanage_port_t *)(argp1); + semanage_port_free(arg1); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_modify_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_port_key_t *arg2 = (semanage_port_key_t *) 0 ; + semanage_port_t *arg3 = (semanage_port_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + void *argp3 = 0 ; + int res3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_port_modify_local",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_modify_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_port_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_port_modify_local" "', argument " "2"" of type '" "semanage_port_key_t const *""'"); + } + arg2 = (semanage_port_key_t *)(argp2); + res3 = SWIG_ConvertPtr(obj2, &argp3,SWIGTYPE_p_semanage_port, 0 | 0 ); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_port_modify_local" "', argument " "3"" of type '" "semanage_port_t const *""'"); + } + arg3 = (semanage_port_t *)(argp3); + result = (int)semanage_port_modify_local(arg1,(struct semanage_port_key const *)arg2,(struct semanage_port const *)arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_del_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_port_key_t *arg2 = (semanage_port_key_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_port_del_local",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_del_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_port_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_port_del_local" "', argument " "2"" of type '" "semanage_port_key_t const *""'"); + } + arg2 = (semanage_port_key_t *)(argp2); + result = (int)semanage_port_del_local(arg1,(struct semanage_port_key const *)arg2); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_query_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_port_key_t *arg2 = (semanage_port_key_t *) 0 ; + semanage_port_t **arg3 = (semanage_port_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_port_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_port_query_local",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_query_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_port_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_port_query_local" "', argument " "2"" of type '" "semanage_port_key_t const *""'"); + } + arg2 = (semanage_port_key_t *)(argp2); + result = (int)semanage_port_query_local(arg1,(struct semanage_port_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_port, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_exists_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_port_key_t *arg2 = (semanage_port_key_t *) 0 ; + int *arg3 = (int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_port_exists_local",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_exists_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_port_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_port_exists_local" "', argument " "2"" of type '" "semanage_port_key_t const *""'"); + } + arg2 = (semanage_port_key_t *)(argp2); + result = (int)semanage_port_exists_local(arg1,(struct semanage_port_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res3)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg3))); + } else { + int new_flags = SWIG_IsNewObj(res3) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg3), SWIGTYPE_p_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_count_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + unsigned int *arg2 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + unsigned int temp2 ; + int res2 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + arg2 = &temp2; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_port_count_local",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_count_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_port_count_local(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res2)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg2))); + } else { + int new_flags = SWIG_IsNewObj(res2) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg2), SWIGTYPE_p_unsigned_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_iterate_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int (*arg2)(semanage_port_t const *,void *) = (int (*)(semanage_port_t const *,void *)) 0 ; + void *arg3 = (void *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res3 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_port_iterate_local",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_iterate_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + { + int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_q_const__struct_semanage_port_p_void__int); + if (!SWIG_IsOK(res)) { + SWIG_exception_fail(SWIG_ArgError(res), "in method '" "semanage_port_iterate_local" "', argument " "2"" of type '" "int (*)(semanage_port_t const *,void *)""'"); + } + } + res3 = SWIG_ConvertPtr(obj2,SWIG_as_voidptrptr(&arg3), 0, 0); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_port_iterate_local" "', argument " "3"" of type '" "void *""'"); + } + result = (int)semanage_port_iterate_local(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_list_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_port_t ***arg2 = (semanage_port_t ***) 0 ; + unsigned int *arg3 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_port_t **temp2 = NULL ; + unsigned int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_port_list_local",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_list_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_port_list_local(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + if (resultobj) { + int value; + SWIG_AsVal_int(resultobj, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist(arg1, (void**) *arg2, *arg3, SWIGTYPE_p_semanage_port, + (void (*) (void*)) &semanage_port_free, &plist) < 0) + resultobj = SWIG_From_int(STATUS_ERR); + else + resultobj = SWIG_Python_AppendOutput(resultobj, plist); + } + } + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_query(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_port_key_t *arg2 = (semanage_port_key_t *) 0 ; + semanage_port_t **arg3 = (semanage_port_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_port_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_port_query",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_query" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_port_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_port_query" "', argument " "2"" of type '" "semanage_port_key_t const *""'"); + } + arg2 = (semanage_port_key_t *)(argp2); + result = (int)semanage_port_query(arg1,(struct semanage_port_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_port, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_exists(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_port_key_t *arg2 = (semanage_port_key_t *) 0 ; + int *arg3 = (int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_port_exists",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_exists" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_port_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_port_exists" "', argument " "2"" of type '" "semanage_port_key_t const *""'"); + } + arg2 = (semanage_port_key_t *)(argp2); + result = (int)semanage_port_exists(arg1,(struct semanage_port_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res3)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg3))); + } else { + int new_flags = SWIG_IsNewObj(res3) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg3), SWIGTYPE_p_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_count(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + unsigned int *arg2 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + unsigned int temp2 ; + int res2 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + arg2 = &temp2; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_port_count",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_count" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_port_count(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res2)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg2))); + } else { + int new_flags = SWIG_IsNewObj(res2) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg2), SWIGTYPE_p_unsigned_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_iterate(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int (*arg2)(semanage_port_t const *,void *) = (int (*)(semanage_port_t const *,void *)) 0 ; + void *arg3 = (void *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res3 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_port_iterate",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_iterate" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + { + int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_q_const__struct_semanage_port_p_void__int); + if (!SWIG_IsOK(res)) { + SWIG_exception_fail(SWIG_ArgError(res), "in method '" "semanage_port_iterate" "', argument " "2"" of type '" "int (*)(semanage_port_t const *,void *)""'"); + } + } + res3 = SWIG_ConvertPtr(obj2,SWIG_as_voidptrptr(&arg3), 0, 0); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_port_iterate" "', argument " "3"" of type '" "void *""'"); + } + result = (int)semanage_port_iterate(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_port_list(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_port_t ***arg2 = (semanage_port_t ***) 0 ; + unsigned int *arg3 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_port_t **temp2 = NULL ; + unsigned int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_port_list",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_port_list" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_port_list(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + if (resultobj) { + int value; + SWIG_AsVal_int(resultobj, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist(arg1, (void**) *arg2, *arg3, SWIGTYPE_p_semanage_port, + (void (*) (void*)) &semanage_port_free, &plist) < 0) + resultobj = SWIG_From_int(STATUS_ERR); + else + resultobj = SWIG_Python_AppendOutput(resultobj, plist); + } + } + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_compare(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_fcontext_t *arg1 = (semanage_fcontext_t *) 0 ; + semanage_fcontext_key_t *arg2 = (semanage_fcontext_key_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_fcontext_compare",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_fcontext, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_compare" "', argument " "1"" of type '" "semanage_fcontext_t const *""'"); + } + arg1 = (semanage_fcontext_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_fcontext_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_fcontext_compare" "', argument " "2"" of type '" "semanage_fcontext_key_t const *""'"); + } + arg2 = (semanage_fcontext_key_t *)(argp2); + result = (int)semanage_fcontext_compare((struct semanage_fcontext const *)arg1,(struct semanage_fcontext_key const *)arg2); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_compare2(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_fcontext_t *arg1 = (semanage_fcontext_t *) 0 ; + semanage_fcontext_t *arg2 = (semanage_fcontext_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_fcontext_compare2",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_fcontext, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_compare2" "', argument " "1"" of type '" "semanage_fcontext_t const *""'"); + } + arg1 = (semanage_fcontext_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_fcontext, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_fcontext_compare2" "', argument " "2"" of type '" "semanage_fcontext_t const *""'"); + } + arg2 = (semanage_fcontext_t *)(argp2); + result = (int)semanage_fcontext_compare2((struct semanage_fcontext const *)arg1,(struct semanage_fcontext const *)arg2); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_key_create(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + char *arg2 = (char *) 0 ; + int arg3 ; + semanage_fcontext_key_t **arg4 = (semanage_fcontext_key_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res2 ; + char *buf2 = 0 ; + int alloc2 = 0 ; + int val3 ; + int ecode3 = 0 ; + semanage_fcontext_key_t *temp4 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + { + arg4 = &temp4; + } + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_fcontext_key_create",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_key_create" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_fcontext_key_create" "', argument " "2"" of type '" "char const *""'"); + } + arg2 = (char *)(buf2); + ecode3 = SWIG_AsVal_int(obj2, &val3); + if (!SWIG_IsOK(ecode3)) { + SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "semanage_fcontext_key_create" "', argument " "3"" of type '" "int""'"); + } + arg3 = (int)(val3); + result = (int)semanage_fcontext_key_create(arg1,(char const *)arg2,arg3,arg4); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg4, SWIGTYPE_p_semanage_fcontext_key, 0)); + } + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return resultobj; +fail: + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_key_extract(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_fcontext_t *arg2 = (semanage_fcontext_t *) 0 ; + semanage_fcontext_key_t **arg3 = (semanage_fcontext_key_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_fcontext_key_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_fcontext_key_extract",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_key_extract" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_fcontext, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_fcontext_key_extract" "', argument " "2"" of type '" "semanage_fcontext_t const *""'"); + } + arg2 = (semanage_fcontext_t *)(argp2); + result = (int)semanage_fcontext_key_extract(arg1,(struct semanage_fcontext const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_fcontext_key, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_key_free(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_fcontext_key_t *arg1 = (semanage_fcontext_key_t *) 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_fcontext_key_free",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_fcontext_key, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_key_free" "', argument " "1"" of type '" "semanage_fcontext_key_t *""'"); + } + arg1 = (semanage_fcontext_key_t *)(argp1); + semanage_fcontext_key_free(arg1); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_get_expr(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_fcontext_t *arg1 = (semanage_fcontext_t *) 0 ; + char *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_fcontext_get_expr",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_fcontext, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_get_expr" "', argument " "1"" of type '" "semanage_fcontext_t const *""'"); + } + arg1 = (semanage_fcontext_t *)(argp1); + result = (char *)semanage_fcontext_get_expr((struct semanage_fcontext const *)arg1); + resultobj = SWIG_FromCharPtr((const char *)result); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_set_expr(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_fcontext_t *arg2 = (semanage_fcontext_t *) 0 ; + char *arg3 = (char *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int res3 ; + char *buf3 = 0 ; + int alloc3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_fcontext_set_expr",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_set_expr" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_fcontext, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_fcontext_set_expr" "', argument " "2"" of type '" "semanage_fcontext_t *""'"); + } + arg2 = (semanage_fcontext_t *)(argp2); + res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_fcontext_set_expr" "', argument " "3"" of type '" "char const *""'"); + } + arg3 = (char *)(buf3); + result = (int)semanage_fcontext_set_expr(arg1,arg2,(char const *)arg3); + resultobj = SWIG_From_int((int)(result)); + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return resultobj; +fail: + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_get_type(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_fcontext_t *arg1 = (semanage_fcontext_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_fcontext_get_type",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_fcontext, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_get_type" "', argument " "1"" of type '" "semanage_fcontext_t const *""'"); + } + arg1 = (semanage_fcontext_t *)(argp1); + result = (int)semanage_fcontext_get_type((struct semanage_fcontext const *)arg1); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_get_type_str(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + int arg1 ; + char *result = 0 ; + int val1 ; + int ecode1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_fcontext_get_type_str",&obj0)) SWIG_fail; + ecode1 = SWIG_AsVal_int(obj0, &val1); + if (!SWIG_IsOK(ecode1)) { + SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "semanage_fcontext_get_type_str" "', argument " "1"" of type '" "int""'"); + } + arg1 = (int)(val1); + result = (char *)semanage_fcontext_get_type_str(arg1); + resultobj = SWIG_FromCharPtr((const char *)result); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_set_type(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_fcontext_t *arg1 = (semanage_fcontext_t *) 0 ; + int arg2 ; + void *argp1 = 0 ; + int res1 = 0 ; + int val2 ; + int ecode2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_fcontext_set_type",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_fcontext, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_set_type" "', argument " "1"" of type '" "semanage_fcontext_t *""'"); + } + arg1 = (semanage_fcontext_t *)(argp1); + ecode2 = SWIG_AsVal_int(obj1, &val2); + if (!SWIG_IsOK(ecode2)) { + SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "semanage_fcontext_set_type" "', argument " "2"" of type '" "int""'"); + } + arg2 = (int)(val2); + semanage_fcontext_set_type(arg1,arg2); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_get_con(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_fcontext_t *arg1 = (semanage_fcontext_t *) 0 ; + semanage_context_t *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_fcontext_get_con",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_fcontext, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_get_con" "', argument " "1"" of type '" "semanage_fcontext_t const *""'"); + } + arg1 = (semanage_fcontext_t *)(argp1); + result = (semanage_context_t *)semanage_fcontext_get_con((struct semanage_fcontext const *)arg1); + resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_semanage_context, 0 | 0 ); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_set_con(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_fcontext_t *arg2 = (semanage_fcontext_t *) 0 ; + semanage_context_t *arg3 = (semanage_context_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + void *argp3 = 0 ; + int res3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_fcontext_set_con",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_set_con" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_fcontext, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_fcontext_set_con" "', argument " "2"" of type '" "semanage_fcontext_t *""'"); + } + arg2 = (semanage_fcontext_t *)(argp2); + res3 = SWIG_ConvertPtr(obj2, &argp3,SWIGTYPE_p_semanage_context, 0 | 0 ); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_fcontext_set_con" "', argument " "3"" of type '" "semanage_context_t *""'"); + } + arg3 = (semanage_context_t *)(argp3); + result = (int)semanage_fcontext_set_con(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_create(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_fcontext_t **arg2 = (semanage_fcontext_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_fcontext_t *temp2 = NULL ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + if (!PyArg_ParseTuple(args,(char *)"O:semanage_fcontext_create",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_create" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_fcontext_create(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg2, SWIGTYPE_p_semanage_fcontext, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_clone(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_fcontext_t *arg2 = (semanage_fcontext_t *) 0 ; + semanage_fcontext_t **arg3 = (semanage_fcontext_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_fcontext_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_fcontext_clone",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_clone" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_fcontext, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_fcontext_clone" "', argument " "2"" of type '" "semanage_fcontext_t const *""'"); + } + arg2 = (semanage_fcontext_t *)(argp2); + result = (int)semanage_fcontext_clone(arg1,(struct semanage_fcontext const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_fcontext, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_free(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_fcontext_t *arg1 = (semanage_fcontext_t *) 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_fcontext_free",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_fcontext, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_free" "', argument " "1"" of type '" "semanage_fcontext_t *""'"); + } + arg1 = (semanage_fcontext_t *)(argp1); + semanage_fcontext_free(arg1); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_modify_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_fcontext_key_t *arg2 = (semanage_fcontext_key_t *) 0 ; + semanage_fcontext_t *arg3 = (semanage_fcontext_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + void *argp3 = 0 ; + int res3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_fcontext_modify_local",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_modify_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_fcontext_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_fcontext_modify_local" "', argument " "2"" of type '" "semanage_fcontext_key_t const *""'"); + } + arg2 = (semanage_fcontext_key_t *)(argp2); + res3 = SWIG_ConvertPtr(obj2, &argp3,SWIGTYPE_p_semanage_fcontext, 0 | 0 ); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_fcontext_modify_local" "', argument " "3"" of type '" "semanage_fcontext_t const *""'"); + } + arg3 = (semanage_fcontext_t *)(argp3); + result = (int)semanage_fcontext_modify_local(arg1,(struct semanage_fcontext_key const *)arg2,(struct semanage_fcontext const *)arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_del_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_fcontext_key_t *arg2 = (semanage_fcontext_key_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_fcontext_del_local",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_del_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_fcontext_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_fcontext_del_local" "', argument " "2"" of type '" "semanage_fcontext_key_t const *""'"); + } + arg2 = (semanage_fcontext_key_t *)(argp2); + result = (int)semanage_fcontext_del_local(arg1,(struct semanage_fcontext_key const *)arg2); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_query_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_fcontext_key_t *arg2 = (semanage_fcontext_key_t *) 0 ; + semanage_fcontext_t **arg3 = (semanage_fcontext_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_fcontext_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_fcontext_query_local",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_query_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_fcontext_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_fcontext_query_local" "', argument " "2"" of type '" "semanage_fcontext_key_t const *""'"); + } + arg2 = (semanage_fcontext_key_t *)(argp2); + result = (int)semanage_fcontext_query_local(arg1,(struct semanage_fcontext_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_fcontext, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_exists_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_fcontext_key_t *arg2 = (semanage_fcontext_key_t *) 0 ; + int *arg3 = (int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_fcontext_exists_local",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_exists_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_fcontext_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_fcontext_exists_local" "', argument " "2"" of type '" "semanage_fcontext_key_t const *""'"); + } + arg2 = (semanage_fcontext_key_t *)(argp2); + result = (int)semanage_fcontext_exists_local(arg1,(struct semanage_fcontext_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res3)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg3))); + } else { + int new_flags = SWIG_IsNewObj(res3) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg3), SWIGTYPE_p_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_count_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + unsigned int *arg2 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + unsigned int temp2 ; + int res2 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + arg2 = &temp2; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_fcontext_count_local",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_count_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_fcontext_count_local(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res2)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg2))); + } else { + int new_flags = SWIG_IsNewObj(res2) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg2), SWIGTYPE_p_unsigned_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_iterate_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int (*arg2)(semanage_fcontext_t const *,void *) = (int (*)(semanage_fcontext_t const *,void *)) 0 ; + void *arg3 = (void *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res3 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_fcontext_iterate_local",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_iterate_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + { + int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_q_const__struct_semanage_fcontext_p_void__int); + if (!SWIG_IsOK(res)) { + SWIG_exception_fail(SWIG_ArgError(res), "in method '" "semanage_fcontext_iterate_local" "', argument " "2"" of type '" "int (*)(semanage_fcontext_t const *,void *)""'"); + } + } + res3 = SWIG_ConvertPtr(obj2,SWIG_as_voidptrptr(&arg3), 0, 0); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_fcontext_iterate_local" "', argument " "3"" of type '" "void *""'"); + } + result = (int)semanage_fcontext_iterate_local(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_list_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_fcontext_t ***arg2 = (semanage_fcontext_t ***) 0 ; + unsigned int *arg3 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_fcontext_t **temp2 = NULL ; + unsigned int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_fcontext_list_local",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_list_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_fcontext_list_local(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + if (resultobj) { + int value; + SWIG_AsVal_int(resultobj, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist(arg1, (void**) *arg2, *arg3, SWIGTYPE_p_semanage_fcontext, + (void (*) (void*)) &semanage_fcontext_free, &plist) < 0) + resultobj = SWIG_From_int(STATUS_ERR); + else + resultobj = SWIG_Python_AppendOutput(resultobj, plist); + } + } + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_query(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_fcontext_key_t *arg2 = (semanage_fcontext_key_t *) 0 ; + semanage_fcontext_t **arg3 = (semanage_fcontext_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_fcontext_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_fcontext_query",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_query" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_fcontext_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_fcontext_query" "', argument " "2"" of type '" "semanage_fcontext_key_t const *""'"); + } + arg2 = (semanage_fcontext_key_t *)(argp2); + result = (int)semanage_fcontext_query(arg1,(struct semanage_fcontext_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_fcontext, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_exists(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_fcontext_key_t *arg2 = (semanage_fcontext_key_t *) 0 ; + int *arg3 = (int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_fcontext_exists",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_exists" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_fcontext_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_fcontext_exists" "', argument " "2"" of type '" "semanage_fcontext_key_t const *""'"); + } + arg2 = (semanage_fcontext_key_t *)(argp2); + result = (int)semanage_fcontext_exists(arg1,(struct semanage_fcontext_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res3)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg3))); + } else { + int new_flags = SWIG_IsNewObj(res3) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg3), SWIGTYPE_p_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_count(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + unsigned int *arg2 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + unsigned int temp2 ; + int res2 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + arg2 = &temp2; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_fcontext_count",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_count" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_fcontext_count(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res2)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg2))); + } else { + int new_flags = SWIG_IsNewObj(res2) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg2), SWIGTYPE_p_unsigned_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_iterate(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int (*arg2)(semanage_fcontext_t const *,void *) = (int (*)(semanage_fcontext_t const *,void *)) 0 ; + void *arg3 = (void *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res3 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_fcontext_iterate",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_iterate" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + { + int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_q_const__struct_semanage_fcontext_p_void__int); + if (!SWIG_IsOK(res)) { + SWIG_exception_fail(SWIG_ArgError(res), "in method '" "semanage_fcontext_iterate" "', argument " "2"" of type '" "int (*)(semanage_fcontext_t const *,void *)""'"); + } + } + res3 = SWIG_ConvertPtr(obj2,SWIG_as_voidptrptr(&arg3), 0, 0); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_fcontext_iterate" "', argument " "3"" of type '" "void *""'"); + } + result = (int)semanage_fcontext_iterate(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_fcontext_list(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_fcontext_t ***arg2 = (semanage_fcontext_t ***) 0 ; + unsigned int *arg3 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_fcontext_t **temp2 = NULL ; + unsigned int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_fcontext_list",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_fcontext_list" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_fcontext_list(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + if (resultobj) { + int value; + SWIG_AsVal_int(resultobj, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist(arg1, (void**) *arg2, *arg3, SWIGTYPE_p_semanage_fcontext, + (void (*) (void*)) &semanage_fcontext_free, &plist) < 0) + resultobj = SWIG_From_int(STATUS_ERR); + else + resultobj = SWIG_Python_AppendOutput(resultobj, plist); + } + } + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_key_create(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + char *arg2 = (char *) 0 ; + semanage_seuser_key_t **arg3 = (semanage_seuser_key_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res2 ; + char *buf2 = 0 ; + int alloc2 = 0 ; + semanage_seuser_key_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_seuser_key_create",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_key_create" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_seuser_key_create" "', argument " "2"" of type '" "char const *""'"); + } + arg2 = (char *)(buf2); + result = (int)semanage_seuser_key_create(arg1,(char const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_seuser_key, 0)); + } + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return resultobj; +fail: + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_key_extract(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_seuser_t *arg2 = (semanage_seuser_t *) 0 ; + semanage_seuser_key_t **arg3 = (semanage_seuser_key_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_seuser_key_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_seuser_key_extract",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_key_extract" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_seuser, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_seuser_key_extract" "', argument " "2"" of type '" "semanage_seuser_t const *""'"); + } + arg2 = (semanage_seuser_t *)(argp2); + result = (int)semanage_seuser_key_extract(arg1,(struct semanage_seuser const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_seuser_key, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_key_free(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_seuser_key_t *arg1 = (semanage_seuser_key_t *) 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_seuser_key_free",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_seuser_key, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_key_free" "', argument " "1"" of type '" "semanage_seuser_key_t *""'"); + } + arg1 = (semanage_seuser_key_t *)(argp1); + semanage_seuser_key_free(arg1); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_compare(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_seuser_t *arg1 = (semanage_seuser_t *) 0 ; + semanage_seuser_key_t *arg2 = (semanage_seuser_key_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_seuser_compare",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_seuser, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_compare" "', argument " "1"" of type '" "semanage_seuser_t const *""'"); + } + arg1 = (semanage_seuser_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_seuser_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_seuser_compare" "', argument " "2"" of type '" "semanage_seuser_key_t const *""'"); + } + arg2 = (semanage_seuser_key_t *)(argp2); + result = (int)semanage_seuser_compare((struct semanage_seuser const *)arg1,(struct semanage_seuser_key const *)arg2); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_compare2(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_seuser_t *arg1 = (semanage_seuser_t *) 0 ; + semanage_seuser_t *arg2 = (semanage_seuser_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_seuser_compare2",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_seuser, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_compare2" "', argument " "1"" of type '" "semanage_seuser_t const *""'"); + } + arg1 = (semanage_seuser_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_seuser, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_seuser_compare2" "', argument " "2"" of type '" "semanage_seuser_t const *""'"); + } + arg2 = (semanage_seuser_t *)(argp2); + result = (int)semanage_seuser_compare2((struct semanage_seuser const *)arg1,(struct semanage_seuser const *)arg2); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_get_name(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_seuser_t *arg1 = (semanage_seuser_t *) 0 ; + char *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_seuser_get_name",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_seuser, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_get_name" "', argument " "1"" of type '" "semanage_seuser_t const *""'"); + } + arg1 = (semanage_seuser_t *)(argp1); + result = (char *)semanage_seuser_get_name((struct semanage_seuser const *)arg1); + resultobj = SWIG_FromCharPtr((const char *)result); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_set_name(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_seuser_t *arg2 = (semanage_seuser_t *) 0 ; + char *arg3 = (char *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int res3 ; + char *buf3 = 0 ; + int alloc3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_seuser_set_name",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_set_name" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_seuser, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_seuser_set_name" "', argument " "2"" of type '" "semanage_seuser_t *""'"); + } + arg2 = (semanage_seuser_t *)(argp2); + res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_seuser_set_name" "', argument " "3"" of type '" "char const *""'"); + } + arg3 = (char *)(buf3); + result = (int)semanage_seuser_set_name(arg1,arg2,(char const *)arg3); + resultobj = SWIG_From_int((int)(result)); + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return resultobj; +fail: + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_get_sename(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_seuser_t *arg1 = (semanage_seuser_t *) 0 ; + char *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_seuser_get_sename",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_seuser, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_get_sename" "', argument " "1"" of type '" "semanage_seuser_t const *""'"); + } + arg1 = (semanage_seuser_t *)(argp1); + result = (char *)semanage_seuser_get_sename((struct semanage_seuser const *)arg1); + resultobj = SWIG_FromCharPtr((const char *)result); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_set_sename(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_seuser_t *arg2 = (semanage_seuser_t *) 0 ; + char *arg3 = (char *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int res3 ; + char *buf3 = 0 ; + int alloc3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_seuser_set_sename",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_set_sename" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_seuser, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_seuser_set_sename" "', argument " "2"" of type '" "semanage_seuser_t *""'"); + } + arg2 = (semanage_seuser_t *)(argp2); + res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_seuser_set_sename" "', argument " "3"" of type '" "char const *""'"); + } + arg3 = (char *)(buf3); + result = (int)semanage_seuser_set_sename(arg1,arg2,(char const *)arg3); + resultobj = SWIG_From_int((int)(result)); + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return resultobj; +fail: + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_get_mlsrange(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_seuser_t *arg1 = (semanage_seuser_t *) 0 ; + char *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_seuser_get_mlsrange",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_seuser, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_get_mlsrange" "', argument " "1"" of type '" "semanage_seuser_t const *""'"); + } + arg1 = (semanage_seuser_t *)(argp1); + result = (char *)semanage_seuser_get_mlsrange((struct semanage_seuser const *)arg1); + resultobj = SWIG_FromCharPtr((const char *)result); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_set_mlsrange(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_seuser_t *arg2 = (semanage_seuser_t *) 0 ; + char *arg3 = (char *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int res3 ; + char *buf3 = 0 ; + int alloc3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_seuser_set_mlsrange",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_set_mlsrange" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_seuser, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_seuser_set_mlsrange" "', argument " "2"" of type '" "semanage_seuser_t *""'"); + } + arg2 = (semanage_seuser_t *)(argp2); + res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_seuser_set_mlsrange" "', argument " "3"" of type '" "char const *""'"); + } + arg3 = (char *)(buf3); + result = (int)semanage_seuser_set_mlsrange(arg1,arg2,(char const *)arg3); + resultobj = SWIG_From_int((int)(result)); + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return resultobj; +fail: + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_create(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_seuser_t **arg2 = (semanage_seuser_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_seuser_t *temp2 = NULL ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + if (!PyArg_ParseTuple(args,(char *)"O:semanage_seuser_create",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_create" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_seuser_create(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg2, SWIGTYPE_p_semanage_seuser, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_clone(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_seuser_t *arg2 = (semanage_seuser_t *) 0 ; + semanage_seuser_t **arg3 = (semanage_seuser_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_seuser_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_seuser_clone",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_clone" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_seuser, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_seuser_clone" "', argument " "2"" of type '" "semanage_seuser_t const *""'"); + } + arg2 = (semanage_seuser_t *)(argp2); + result = (int)semanage_seuser_clone(arg1,(struct semanage_seuser const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_seuser, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_free(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_seuser_t *arg1 = (semanage_seuser_t *) 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_seuser_free",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_seuser, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_free" "', argument " "1"" of type '" "semanage_seuser_t *""'"); + } + arg1 = (semanage_seuser_t *)(argp1); + semanage_seuser_free(arg1); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_modify_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_seuser_key_t *arg2 = (semanage_seuser_key_t *) 0 ; + semanage_seuser_t *arg3 = (semanage_seuser_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + void *argp3 = 0 ; + int res3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_seuser_modify_local",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_modify_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_seuser_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_seuser_modify_local" "', argument " "2"" of type '" "semanage_seuser_key_t const *""'"); + } + arg2 = (semanage_seuser_key_t *)(argp2); + res3 = SWIG_ConvertPtr(obj2, &argp3,SWIGTYPE_p_semanage_seuser, 0 | 0 ); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_seuser_modify_local" "', argument " "3"" of type '" "semanage_seuser_t const *""'"); + } + arg3 = (semanage_seuser_t *)(argp3); + result = (int)semanage_seuser_modify_local(arg1,(struct semanage_seuser_key const *)arg2,(struct semanage_seuser const *)arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_del_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_seuser_key_t *arg2 = (semanage_seuser_key_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_seuser_del_local",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_del_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_seuser_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_seuser_del_local" "', argument " "2"" of type '" "semanage_seuser_key_t const *""'"); + } + arg2 = (semanage_seuser_key_t *)(argp2); + result = (int)semanage_seuser_del_local(arg1,(struct semanage_seuser_key const *)arg2); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_query_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_seuser_key_t *arg2 = (semanage_seuser_key_t *) 0 ; + semanage_seuser_t **arg3 = (semanage_seuser_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_seuser_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_seuser_query_local",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_query_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_seuser_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_seuser_query_local" "', argument " "2"" of type '" "semanage_seuser_key_t const *""'"); + } + arg2 = (semanage_seuser_key_t *)(argp2); + result = (int)semanage_seuser_query_local(arg1,(struct semanage_seuser_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_seuser, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_exists_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_seuser_key_t *arg2 = (semanage_seuser_key_t *) 0 ; + int *arg3 = (int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_seuser_exists_local",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_exists_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_seuser_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_seuser_exists_local" "', argument " "2"" of type '" "semanage_seuser_key_t const *""'"); + } + arg2 = (semanage_seuser_key_t *)(argp2); + result = (int)semanage_seuser_exists_local(arg1,(struct semanage_seuser_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res3)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg3))); + } else { + int new_flags = SWIG_IsNewObj(res3) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg3), SWIGTYPE_p_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_count_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + unsigned int *arg2 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + unsigned int temp2 ; + int res2 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + arg2 = &temp2; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_seuser_count_local",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_count_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_seuser_count_local(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res2)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg2))); + } else { + int new_flags = SWIG_IsNewObj(res2) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg2), SWIGTYPE_p_unsigned_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_iterate_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int (*arg2)(semanage_seuser_t const *,void *) = (int (*)(semanage_seuser_t const *,void *)) 0 ; + void *arg3 = (void *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res3 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_seuser_iterate_local",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_iterate_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + { + int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_q_const__struct_semanage_seuser_p_void__int); + if (!SWIG_IsOK(res)) { + SWIG_exception_fail(SWIG_ArgError(res), "in method '" "semanage_seuser_iterate_local" "', argument " "2"" of type '" "int (*)(semanage_seuser_t const *,void *)""'"); + } + } + res3 = SWIG_ConvertPtr(obj2,SWIG_as_voidptrptr(&arg3), 0, 0); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_seuser_iterate_local" "', argument " "3"" of type '" "void *""'"); + } + result = (int)semanage_seuser_iterate_local(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_list_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_seuser_t ***arg2 = (semanage_seuser_t ***) 0 ; + unsigned int *arg3 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_seuser_t **temp2 = NULL ; + unsigned int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_seuser_list_local",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_list_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_seuser_list_local(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + if (resultobj) { + int value; + SWIG_AsVal_int(resultobj, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist(arg1, (void**) *arg2, *arg3, SWIGTYPE_p_semanage_seuser, + (void (*) (void*)) &semanage_seuser_free, &plist) < 0) + resultobj = SWIG_From_int(STATUS_ERR); + else + resultobj = SWIG_Python_AppendOutput(resultobj, plist); + } + } + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_query(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_seuser_key_t *arg2 = (semanage_seuser_key_t *) 0 ; + semanage_seuser_t **arg3 = (semanage_seuser_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_seuser_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_seuser_query",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_query" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_seuser_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_seuser_query" "', argument " "2"" of type '" "semanage_seuser_key_t const *""'"); + } + arg2 = (semanage_seuser_key_t *)(argp2); + result = (int)semanage_seuser_query(arg1,(struct semanage_seuser_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_seuser, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_exists(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_seuser_key_t *arg2 = (semanage_seuser_key_t *) 0 ; + int *arg3 = (int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_seuser_exists",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_exists" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_seuser_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_seuser_exists" "', argument " "2"" of type '" "semanage_seuser_key_t const *""'"); + } + arg2 = (semanage_seuser_key_t *)(argp2); + result = (int)semanage_seuser_exists(arg1,(struct semanage_seuser_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res3)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg3))); + } else { + int new_flags = SWIG_IsNewObj(res3) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg3), SWIGTYPE_p_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_count(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + unsigned int *arg2 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + unsigned int temp2 ; + int res2 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + arg2 = &temp2; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_seuser_count",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_count" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_seuser_count(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res2)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg2))); + } else { + int new_flags = SWIG_IsNewObj(res2) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg2), SWIGTYPE_p_unsigned_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_iterate(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int (*arg2)(semanage_seuser_t const *,void *) = (int (*)(semanage_seuser_t const *,void *)) 0 ; + void *arg3 = (void *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res3 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_seuser_iterate",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_iterate" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + { + int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_q_const__struct_semanage_seuser_p_void__int); + if (!SWIG_IsOK(res)) { + SWIG_exception_fail(SWIG_ArgError(res), "in method '" "semanage_seuser_iterate" "', argument " "2"" of type '" "int (*)(semanage_seuser_t const *,void *)""'"); + } + } + res3 = SWIG_ConvertPtr(obj2,SWIG_as_voidptrptr(&arg3), 0, 0); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_seuser_iterate" "', argument " "3"" of type '" "void *""'"); + } + result = (int)semanage_seuser_iterate(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_seuser_list(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_seuser_t ***arg2 = (semanage_seuser_t ***) 0 ; + unsigned int *arg3 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_seuser_t **temp2 = NULL ; + unsigned int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_seuser_list",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_seuser_list" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_seuser_list(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + if (resultobj) { + int value; + SWIG_AsVal_int(resultobj, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist(arg1, (void**) *arg2, *arg3, SWIGTYPE_p_semanage_seuser, + (void (*) (void*)) &semanage_seuser_free, &plist) < 0) + resultobj = SWIG_From_int(STATUS_ERR); + else + resultobj = SWIG_Python_AppendOutput(resultobj, plist); + } + } + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_compare(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_node_t *arg1 = (semanage_node_t *) 0 ; + semanage_node_key_t *arg2 = (semanage_node_key_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_node_compare",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_node, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_compare" "', argument " "1"" of type '" "semanage_node_t const *""'"); + } + arg1 = (semanage_node_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_node_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_node_compare" "', argument " "2"" of type '" "semanage_node_key_t const *""'"); + } + arg2 = (semanage_node_key_t *)(argp2); + result = (int)semanage_node_compare((struct semanage_node const *)arg1,(struct semanage_node_key const *)arg2); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_compare2(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_node_t *arg1 = (semanage_node_t *) 0 ; + semanage_node_t *arg2 = (semanage_node_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_node_compare2",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_node, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_compare2" "', argument " "1"" of type '" "semanage_node_t const *""'"); + } + arg1 = (semanage_node_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_node, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_node_compare2" "', argument " "2"" of type '" "semanage_node_t const *""'"); + } + arg2 = (semanage_node_t *)(argp2); + result = (int)semanage_node_compare2((struct semanage_node const *)arg1,(struct semanage_node const *)arg2); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_key_create(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + char *arg2 = (char *) 0 ; + char *arg3 = (char *) 0 ; + int arg4 ; + semanage_node_key_t **arg5 = (semanage_node_key_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res2 ; + char *buf2 = 0 ; + int alloc2 = 0 ; + int res3 ; + char *buf3 = 0 ; + int alloc3 = 0 ; + int val4 ; + int ecode4 = 0 ; + semanage_node_key_t *temp5 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + PyObject * obj3 = 0 ; + + { + arg5 = &temp5; + } + if (!PyArg_ParseTuple(args,(char *)"OOOO:semanage_node_key_create",&obj0,&obj1,&obj2,&obj3)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_key_create" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_node_key_create" "', argument " "2"" of type '" "char const *""'"); + } + arg2 = (char *)(buf2); + res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_node_key_create" "', argument " "3"" of type '" "char const *""'"); + } + arg3 = (char *)(buf3); + ecode4 = SWIG_AsVal_int(obj3, &val4); + if (!SWIG_IsOK(ecode4)) { + SWIG_exception_fail(SWIG_ArgError(ecode4), "in method '" "semanage_node_key_create" "', argument " "4"" of type '" "int""'"); + } + arg4 = (int)(val4); + result = (int)semanage_node_key_create(arg1,(char const *)arg2,(char const *)arg3,arg4,arg5); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg5, SWIGTYPE_p_semanage_node_key, 0)); + } + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return resultobj; +fail: + if (alloc2 == SWIG_NEWOBJ) free((char*)buf2); + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_key_extract(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_node_t *arg2 = (semanage_node_t *) 0 ; + semanage_node_key_t **arg3 = (semanage_node_key_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_node_key_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_node_key_extract",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_key_extract" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_node, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_node_key_extract" "', argument " "2"" of type '" "semanage_node_t const *""'"); + } + arg2 = (semanage_node_t *)(argp2); + result = (int)semanage_node_key_extract(arg1,(struct semanage_node const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_node_key, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_key_free(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_node_key_t *arg1 = (semanage_node_key_t *) 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_node_key_free",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_node_key, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_key_free" "', argument " "1"" of type '" "semanage_node_key_t *""'"); + } + arg1 = (semanage_node_key_t *)(argp1); + semanage_node_key_free(arg1); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_get_addr(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_node_t *arg2 = (semanage_node_t *) 0 ; + char **arg3 = (char **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + char *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_node_get_addr",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_get_addr" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_node, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_node_get_addr" "', argument " "2"" of type '" "semanage_node_t const *""'"); + } + arg2 = (semanage_node_t *)(argp2); + result = (int)semanage_node_get_addr(arg1,(struct semanage_node const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg3)); + free(*arg3); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_get_addr_bytes(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_node_t *arg2 = (semanage_node_t *) 0 ; + char **arg3 = (char **) 0 ; + size_t *arg4 = (size_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + char *temp3 = NULL ; + size_t temp4 ; + int res4 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + arg4 = &temp4; + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_node_get_addr_bytes",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_get_addr_bytes" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_node, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_node_get_addr_bytes" "', argument " "2"" of type '" "semanage_node_t const *""'"); + } + arg2 = (semanage_node_t *)(argp2); + result = (int)semanage_node_get_addr_bytes(arg1,(struct semanage_node const *)arg2,arg3,arg4); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg3)); + free(*arg3); + } + if (SWIG_IsTmpObj(res4)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg4))); + } else { + int new_flags = SWIG_IsNewObj(res4) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg4), SWIGTYPE_p_size_t, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_set_addr(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_node_t *arg2 = (semanage_node_t *) 0 ; + int arg3 ; + char *arg4 = (char *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int val3 ; + int ecode3 = 0 ; + int res4 ; + char *buf4 = 0 ; + int alloc4 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + PyObject * obj3 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOOO:semanage_node_set_addr",&obj0,&obj1,&obj2,&obj3)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_set_addr" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_node, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_node_set_addr" "', argument " "2"" of type '" "semanage_node_t *""'"); + } + arg2 = (semanage_node_t *)(argp2); + ecode3 = SWIG_AsVal_int(obj2, &val3); + if (!SWIG_IsOK(ecode3)) { + SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "semanage_node_set_addr" "', argument " "3"" of type '" "int""'"); + } + arg3 = (int)(val3); + res4 = SWIG_AsCharPtrAndSize(obj3, &buf4, NULL, &alloc4); + if (!SWIG_IsOK(res4)) { + SWIG_exception_fail(SWIG_ArgError(res4), "in method '" "semanage_node_set_addr" "', argument " "4"" of type '" "char const *""'"); + } + arg4 = (char *)(buf4); + result = (int)semanage_node_set_addr(arg1,arg2,arg3,(char const *)arg4); + resultobj = SWIG_From_int((int)(result)); + if (alloc4 == SWIG_NEWOBJ) free((char*)buf4); + return resultobj; +fail: + if (alloc4 == SWIG_NEWOBJ) free((char*)buf4); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_set_addr_bytes(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_node_t *arg2 = (semanage_node_t *) 0 ; + char *arg3 = (char *) 0 ; + size_t arg4 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int res3 ; + char *buf3 = 0 ; + int alloc3 = 0 ; + size_t val4 ; + int ecode4 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + PyObject * obj3 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOOO:semanage_node_set_addr_bytes",&obj0,&obj1,&obj2,&obj3)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_set_addr_bytes" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_node, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_node_set_addr_bytes" "', argument " "2"" of type '" "semanage_node_t *""'"); + } + arg2 = (semanage_node_t *)(argp2); + res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_node_set_addr_bytes" "', argument " "3"" of type '" "char const *""'"); + } + arg3 = (char *)(buf3); + ecode4 = SWIG_AsVal_size_t(obj3, &val4); + if (!SWIG_IsOK(ecode4)) { + SWIG_exception_fail(SWIG_ArgError(ecode4), "in method '" "semanage_node_set_addr_bytes" "', argument " "4"" of type '" "size_t""'"); + } + arg4 = (size_t)(val4); + result = (int)semanage_node_set_addr_bytes(arg1,arg2,(char const *)arg3,arg4); + resultobj = SWIG_From_int((int)(result)); + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return resultobj; +fail: + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_get_mask(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_node_t *arg2 = (semanage_node_t *) 0 ; + char **arg3 = (char **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + char *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_node_get_mask",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_get_mask" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_node, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_node_get_mask" "', argument " "2"" of type '" "semanage_node_t const *""'"); + } + arg2 = (semanage_node_t *)(argp2); + result = (int)semanage_node_get_mask(arg1,(struct semanage_node const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg3)); + free(*arg3); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_get_mask_bytes(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_node_t *arg2 = (semanage_node_t *) 0 ; + char **arg3 = (char **) 0 ; + size_t *arg4 = (size_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + char *temp3 = NULL ; + size_t temp4 ; + int res4 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + arg4 = &temp4; + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_node_get_mask_bytes",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_get_mask_bytes" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_node, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_node_get_mask_bytes" "', argument " "2"" of type '" "semanage_node_t const *""'"); + } + arg2 = (semanage_node_t *)(argp2); + result = (int)semanage_node_get_mask_bytes(arg1,(struct semanage_node const *)arg2,arg3,arg4); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg3)); + free(*arg3); + } + if (SWIG_IsTmpObj(res4)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg4))); + } else { + int new_flags = SWIG_IsNewObj(res4) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg4), SWIGTYPE_p_size_t, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_set_mask(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_node_t *arg2 = (semanage_node_t *) 0 ; + int arg3 ; + char *arg4 = (char *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int val3 ; + int ecode3 = 0 ; + int res4 ; + char *buf4 = 0 ; + int alloc4 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + PyObject * obj3 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOOO:semanage_node_set_mask",&obj0,&obj1,&obj2,&obj3)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_set_mask" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_node, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_node_set_mask" "', argument " "2"" of type '" "semanage_node_t *""'"); + } + arg2 = (semanage_node_t *)(argp2); + ecode3 = SWIG_AsVal_int(obj2, &val3); + if (!SWIG_IsOK(ecode3)) { + SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "semanage_node_set_mask" "', argument " "3"" of type '" "int""'"); + } + arg3 = (int)(val3); + res4 = SWIG_AsCharPtrAndSize(obj3, &buf4, NULL, &alloc4); + if (!SWIG_IsOK(res4)) { + SWIG_exception_fail(SWIG_ArgError(res4), "in method '" "semanage_node_set_mask" "', argument " "4"" of type '" "char const *""'"); + } + arg4 = (char *)(buf4); + result = (int)semanage_node_set_mask(arg1,arg2,arg3,(char const *)arg4); + resultobj = SWIG_From_int((int)(result)); + if (alloc4 == SWIG_NEWOBJ) free((char*)buf4); + return resultobj; +fail: + if (alloc4 == SWIG_NEWOBJ) free((char*)buf4); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_set_mask_bytes(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_node_t *arg2 = (semanage_node_t *) 0 ; + char *arg3 = (char *) 0 ; + size_t arg4 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int res3 ; + char *buf3 = 0 ; + int alloc3 = 0 ; + size_t val4 ; + int ecode4 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + PyObject * obj3 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOOO:semanage_node_set_mask_bytes",&obj0,&obj1,&obj2,&obj3)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_set_mask_bytes" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_node, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_node_set_mask_bytes" "', argument " "2"" of type '" "semanage_node_t *""'"); + } + arg2 = (semanage_node_t *)(argp2); + res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_node_set_mask_bytes" "', argument " "3"" of type '" "char const *""'"); + } + arg3 = (char *)(buf3); + ecode4 = SWIG_AsVal_size_t(obj3, &val4); + if (!SWIG_IsOK(ecode4)) { + SWIG_exception_fail(SWIG_ArgError(ecode4), "in method '" "semanage_node_set_mask_bytes" "', argument " "4"" of type '" "size_t""'"); + } + arg4 = (size_t)(val4); + result = (int)semanage_node_set_mask_bytes(arg1,arg2,(char const *)arg3,arg4); + resultobj = SWIG_From_int((int)(result)); + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return resultobj; +fail: + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_get_proto(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_node_t *arg1 = (semanage_node_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_node_get_proto",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_node, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_get_proto" "', argument " "1"" of type '" "semanage_node_t const *""'"); + } + arg1 = (semanage_node_t *)(argp1); + result = (int)semanage_node_get_proto((struct semanage_node const *)arg1); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_set_proto(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_node_t *arg1 = (semanage_node_t *) 0 ; + int arg2 ; + void *argp1 = 0 ; + int res1 = 0 ; + int val2 ; + int ecode2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_node_set_proto",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_node, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_set_proto" "', argument " "1"" of type '" "semanage_node_t *""'"); + } + arg1 = (semanage_node_t *)(argp1); + ecode2 = SWIG_AsVal_int(obj1, &val2); + if (!SWIG_IsOK(ecode2)) { + SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "semanage_node_set_proto" "', argument " "2"" of type '" "int""'"); + } + arg2 = (int)(val2); + semanage_node_set_proto(arg1,arg2); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_get_proto_str(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + int arg1 ; + char *result = 0 ; + int val1 ; + int ecode1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_node_get_proto_str",&obj0)) SWIG_fail; + ecode1 = SWIG_AsVal_int(obj0, &val1); + if (!SWIG_IsOK(ecode1)) { + SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "semanage_node_get_proto_str" "', argument " "1"" of type '" "int""'"); + } + arg1 = (int)(val1); + result = (char *)semanage_node_get_proto_str(arg1); + resultobj = SWIG_FromCharPtr((const char *)result); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_get_con(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_node_t *arg1 = (semanage_node_t *) 0 ; + semanage_context_t *result = 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_node_get_con",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_node, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_get_con" "', argument " "1"" of type '" "semanage_node_t const *""'"); + } + arg1 = (semanage_node_t *)(argp1); + result = (semanage_context_t *)semanage_node_get_con((struct semanage_node const *)arg1); + resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_semanage_context, 0 | 0 ); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_set_con(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_node_t *arg2 = (semanage_node_t *) 0 ; + semanage_context_t *arg3 = (semanage_context_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + void *argp3 = 0 ; + int res3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_node_set_con",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_set_con" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_node, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_node_set_con" "', argument " "2"" of type '" "semanage_node_t *""'"); + } + arg2 = (semanage_node_t *)(argp2); + res3 = SWIG_ConvertPtr(obj2, &argp3,SWIGTYPE_p_semanage_context, 0 | 0 ); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_node_set_con" "', argument " "3"" of type '" "semanage_context_t *""'"); + } + arg3 = (semanage_context_t *)(argp3); + result = (int)semanage_node_set_con(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_create(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_node_t **arg2 = (semanage_node_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_node_t *temp2 = NULL ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + if (!PyArg_ParseTuple(args,(char *)"O:semanage_node_create",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_create" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_node_create(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg2, SWIGTYPE_p_semanage_node, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_clone(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_node_t *arg2 = (semanage_node_t *) 0 ; + semanage_node_t **arg3 = (semanage_node_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_node_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_node_clone",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_clone" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_node, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_node_clone" "', argument " "2"" of type '" "semanage_node_t const *""'"); + } + arg2 = (semanage_node_t *)(argp2); + result = (int)semanage_node_clone(arg1,(struct semanage_node const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_node, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_free(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_node_t *arg1 = (semanage_node_t *) 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"O:semanage_node_free",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_node, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_free" "', argument " "1"" of type '" "semanage_node_t *""'"); + } + arg1 = (semanage_node_t *)(argp1); + semanage_node_free(arg1); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_modify_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_node_key_t *arg2 = (semanage_node_key_t *) 0 ; + semanage_node_t *arg3 = (semanage_node_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + void *argp3 = 0 ; + int res3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_node_modify_local",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_modify_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_node_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_node_modify_local" "', argument " "2"" of type '" "semanage_node_key_t const *""'"); + } + arg2 = (semanage_node_key_t *)(argp2); + res3 = SWIG_ConvertPtr(obj2, &argp3,SWIGTYPE_p_semanage_node, 0 | 0 ); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_node_modify_local" "', argument " "3"" of type '" "semanage_node_t const *""'"); + } + arg3 = (semanage_node_t *)(argp3); + result = (int)semanage_node_modify_local(arg1,(struct semanage_node_key const *)arg2,(struct semanage_node const *)arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_del_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_node_key_t *arg2 = (semanage_node_key_t *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_node_del_local",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_del_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_node_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_node_del_local" "', argument " "2"" of type '" "semanage_node_key_t const *""'"); + } + arg2 = (semanage_node_key_t *)(argp2); + result = (int)semanage_node_del_local(arg1,(struct semanage_node_key const *)arg2); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_query_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_node_key_t *arg2 = (semanage_node_key_t *) 0 ; + semanage_node_t **arg3 = (semanage_node_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_node_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_node_query_local",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_query_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_node_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_node_query_local" "', argument " "2"" of type '" "semanage_node_key_t const *""'"); + } + arg2 = (semanage_node_key_t *)(argp2); + result = (int)semanage_node_query_local(arg1,(struct semanage_node_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_node, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_exists_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_node_key_t *arg2 = (semanage_node_key_t *) 0 ; + int *arg3 = (int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_node_exists_local",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_exists_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_node_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_node_exists_local" "', argument " "2"" of type '" "semanage_node_key_t const *""'"); + } + arg2 = (semanage_node_key_t *)(argp2); + result = (int)semanage_node_exists_local(arg1,(struct semanage_node_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res3)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg3))); + } else { + int new_flags = SWIG_IsNewObj(res3) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg3), SWIGTYPE_p_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_count_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + unsigned int *arg2 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + unsigned int temp2 ; + int res2 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + arg2 = &temp2; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_node_count_local",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_count_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_node_count_local(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res2)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg2))); + } else { + int new_flags = SWIG_IsNewObj(res2) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg2), SWIGTYPE_p_unsigned_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_iterate_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int (*arg2)(semanage_node_t const *,void *) = (int (*)(semanage_node_t const *,void *)) 0 ; + void *arg3 = (void *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res3 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_node_iterate_local",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_iterate_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + { + int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_q_const__struct_semanage_node_p_void__int); + if (!SWIG_IsOK(res)) { + SWIG_exception_fail(SWIG_ArgError(res), "in method '" "semanage_node_iterate_local" "', argument " "2"" of type '" "int (*)(semanage_node_t const *,void *)""'"); + } + } + res3 = SWIG_ConvertPtr(obj2,SWIG_as_voidptrptr(&arg3), 0, 0); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_node_iterate_local" "', argument " "3"" of type '" "void *""'"); + } + result = (int)semanage_node_iterate_local(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_list_local(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_node_t ***arg2 = (semanage_node_t ***) 0 ; + unsigned int *arg3 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_node_t **temp2 = NULL ; + unsigned int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_node_list_local",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_list_local" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_node_list_local(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + if (resultobj) { + int value; + SWIG_AsVal_int(resultobj, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist(arg1, (void**) *arg2, *arg3, SWIGTYPE_p_semanage_node, + (void (*) (void*)) &semanage_node_free, &plist) < 0) + resultobj = SWIG_From_int(STATUS_ERR); + else + resultobj = SWIG_Python_AppendOutput(resultobj, plist); + } + } + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_query(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_node_key_t *arg2 = (semanage_node_key_t *) 0 ; + semanage_node_t **arg3 = (semanage_node_t **) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + semanage_node_t *temp3 = NULL ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + { + arg3 = &temp3; + } + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_node_query",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_query" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_node_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_node_query" "', argument " "2"" of type '" "semanage_node_key_t const *""'"); + } + arg2 = (semanage_node_key_t *)(argp2); + result = (int)semanage_node_query(arg1,(struct semanage_node_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg3, SWIGTYPE_p_semanage_node, 0)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_exists(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_node_key_t *arg2 = (semanage_node_key_t *) 0 ; + int *arg3 = (int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"OO:semanage_node_exists",&obj0,&obj1)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_exists" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_semanage_node_key, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "semanage_node_exists" "', argument " "2"" of type '" "semanage_node_key_t const *""'"); + } + arg2 = (semanage_node_key_t *)(argp2); + result = (int)semanage_node_exists(arg1,(struct semanage_node_key const *)arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res3)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg3))); + } else { + int new_flags = SWIG_IsNewObj(res3) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg3), SWIGTYPE_p_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_count(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + unsigned int *arg2 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + unsigned int temp2 ; + int res2 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + arg2 = &temp2; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_node_count",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_count" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_node_count(arg1,arg2); + resultobj = SWIG_From_int((int)(result)); + if (SWIG_IsTmpObj(res2)) { + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg2))); + } else { + int new_flags = SWIG_IsNewObj(res2) ? (SWIG_POINTER_OWN | 0 ) : 0 ; + resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg2), SWIGTYPE_p_unsigned_int, new_flags)); + } + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_iterate(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + int (*arg2)(semanage_node_t const *,void *) = (int (*)(semanage_node_t const *,void *)) 0 ; + void *arg3 = (void *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + int res3 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + PyObject * obj2 = 0 ; + + if (!PyArg_ParseTuple(args,(char *)"OOO:semanage_node_iterate",&obj0,&obj1,&obj2)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_iterate" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + { + int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_q_const__struct_semanage_node_p_void__int); + if (!SWIG_IsOK(res)) { + SWIG_exception_fail(SWIG_ArgError(res), "in method '" "semanage_node_iterate" "', argument " "2"" of type '" "int (*)(semanage_node_t const *,void *)""'"); + } + } + res3 = SWIG_ConvertPtr(obj2,SWIG_as_voidptrptr(&arg3), 0, 0); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "semanage_node_iterate" "', argument " "3"" of type '" "void *""'"); + } + result = (int)semanage_node_iterate(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + return resultobj; +fail: + return NULL; +} + + +SWIGINTERN PyObject *_wrap_semanage_node_list(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { + PyObject *resultobj = 0; + semanage_handle_t *arg1 = (semanage_handle_t *) 0 ; + semanage_node_t ***arg2 = (semanage_node_t ***) 0 ; + unsigned int *arg3 = (unsigned int *) 0 ; + int result; + void *argp1 = 0 ; + int res1 = 0 ; + semanage_node_t **temp2 = NULL ; + unsigned int temp3 ; + int res3 = SWIG_TMPOBJ ; + PyObject * obj0 = 0 ; + + { + arg2 = &temp2; + } + arg3 = &temp3; + if (!PyArg_ParseTuple(args,(char *)"O:semanage_node_list",&obj0)) SWIG_fail; + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_semanage_handle, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "semanage_node_list" "', argument " "1"" of type '" "semanage_handle_t *""'"); + } + arg1 = (semanage_handle_t *)(argp1); + result = (int)semanage_node_list(arg1,arg2,arg3); + resultobj = SWIG_From_int((int)(result)); + { + if (resultobj) { + int value; + SWIG_AsVal_int(resultobj, &value); + if (value >= 0) { + PyObject* plist = NULL; + if (semanage_array2plist(arg1, (void**) *arg2, *arg3, SWIGTYPE_p_semanage_node, + (void (*) (void*)) &semanage_node_free, &plist) < 0) + resultobj = SWIG_From_int(STATUS_ERR); + else + resultobj = SWIG_Python_AppendOutput(resultobj, plist); + } + } + } + return resultobj; +fail: + return NULL; +} + + +static PyMethodDef SwigMethods[] = { + { (char *)"semanage_msg_get_level", _wrap_semanage_msg_get_level, METH_VARARGS, NULL}, + { (char *)"semanage_msg_get_channel", _wrap_semanage_msg_get_channel, METH_VARARGS, NULL}, + { (char *)"semanage_msg_get_fname", _wrap_semanage_msg_get_fname, METH_VARARGS, NULL}, + { (char *)"semanage_msg_set_callback", _wrap_semanage_msg_set_callback, METH_VARARGS, NULL}, + { (char *)"semanage_handle_create", _wrap_semanage_handle_create, METH_VARARGS, NULL}, + { (char *)"semanage_handle_destroy", _wrap_semanage_handle_destroy, METH_VARARGS, NULL}, + { (char *)"semanage_select_store", _wrap_semanage_select_store, METH_VARARGS, NULL}, + { (char *)"semanage_reload_policy", _wrap_semanage_reload_policy, METH_VARARGS, NULL}, + { (char *)"semanage_set_reload", _wrap_semanage_set_reload, METH_VARARGS, NULL}, + { (char *)"semanage_set_rebuild", _wrap_semanage_set_rebuild, METH_VARARGS, NULL}, + { (char *)"semanage_set_create_store", _wrap_semanage_set_create_store, METH_VARARGS, NULL}, + { (char *)"semanage_set_disable_dontaudit", _wrap_semanage_set_disable_dontaudit, METH_VARARGS, NULL}, + { (char *)"semanage_is_managed", _wrap_semanage_is_managed, METH_VARARGS, NULL}, + { (char *)"semanage_connect", _wrap_semanage_connect, METH_VARARGS, NULL}, + { (char *)"semanage_disconnect", _wrap_semanage_disconnect, METH_VARARGS, NULL}, + { (char *)"semanage_begin_transaction", _wrap_semanage_begin_transaction, METH_VARARGS, NULL}, + { (char *)"semanage_commit", _wrap_semanage_commit, METH_VARARGS, NULL}, + { (char *)"semanage_access_check", _wrap_semanage_access_check, METH_VARARGS, NULL}, + { (char *)"semanage_is_connected", _wrap_semanage_is_connected, METH_VARARGS, NULL}, + { (char *)"semanage_module_install", _wrap_semanage_module_install, METH_VARARGS, NULL}, + { (char *)"semanage_module_upgrade", _wrap_semanage_module_upgrade, METH_VARARGS, NULL}, + { (char *)"semanage_module_install_base", _wrap_semanage_module_install_base, METH_VARARGS, NULL}, + { (char *)"semanage_module_remove", _wrap_semanage_module_remove, METH_VARARGS, NULL}, + { (char *)"semanage_module_list", _wrap_semanage_module_list, METH_VARARGS, NULL}, + { (char *)"semanage_module_info_datum_destroy", _wrap_semanage_module_info_datum_destroy, METH_VARARGS, NULL}, + { (char *)"semanage_module_list_nth", _wrap_semanage_module_list_nth, METH_VARARGS, NULL}, + { (char *)"semanage_module_get_name", _wrap_semanage_module_get_name, METH_VARARGS, NULL}, + { (char *)"semanage_module_get_version", _wrap_semanage_module_get_version, METH_VARARGS, NULL}, + { (char *)"semanage_context_get_user", _wrap_semanage_context_get_user, METH_VARARGS, NULL}, + { (char *)"semanage_context_set_user", _wrap_semanage_context_set_user, METH_VARARGS, NULL}, + { (char *)"semanage_context_get_role", _wrap_semanage_context_get_role, METH_VARARGS, NULL}, + { (char *)"semanage_context_set_role", _wrap_semanage_context_set_role, METH_VARARGS, NULL}, + { (char *)"semanage_context_get_type", _wrap_semanage_context_get_type, METH_VARARGS, NULL}, + { (char *)"semanage_context_set_type", _wrap_semanage_context_set_type, METH_VARARGS, NULL}, + { (char *)"semanage_context_get_mls", _wrap_semanage_context_get_mls, METH_VARARGS, NULL}, + { (char *)"semanage_context_set_mls", _wrap_semanage_context_set_mls, METH_VARARGS, NULL}, + { (char *)"semanage_context_create", _wrap_semanage_context_create, METH_VARARGS, NULL}, + { (char *)"semanage_context_clone", _wrap_semanage_context_clone, METH_VARARGS, NULL}, + { (char *)"semanage_context_free", _wrap_semanage_context_free, METH_VARARGS, NULL}, + { (char *)"semanage_context_from_string", _wrap_semanage_context_from_string, METH_VARARGS, NULL}, + { (char *)"semanage_context_to_string", _wrap_semanage_context_to_string, METH_VARARGS, NULL}, + { (char *)"semanage_bool_key_create", _wrap_semanage_bool_key_create, METH_VARARGS, NULL}, + { (char *)"semanage_bool_key_extract", _wrap_semanage_bool_key_extract, METH_VARARGS, NULL}, + { (char *)"semanage_bool_key_free", _wrap_semanage_bool_key_free, METH_VARARGS, NULL}, + { (char *)"semanage_bool_compare", _wrap_semanage_bool_compare, METH_VARARGS, NULL}, + { (char *)"semanage_bool_compare2", _wrap_semanage_bool_compare2, METH_VARARGS, NULL}, + { (char *)"semanage_bool_get_name", _wrap_semanage_bool_get_name, METH_VARARGS, NULL}, + { (char *)"semanage_bool_set_name", _wrap_semanage_bool_set_name, METH_VARARGS, NULL}, + { (char *)"semanage_bool_get_value", _wrap_semanage_bool_get_value, METH_VARARGS, NULL}, + { (char *)"semanage_bool_set_value", _wrap_semanage_bool_set_value, METH_VARARGS, NULL}, + { (char *)"semanage_bool_create", _wrap_semanage_bool_create, METH_VARARGS, NULL}, + { (char *)"semanage_bool_clone", _wrap_semanage_bool_clone, METH_VARARGS, NULL}, + { (char *)"semanage_bool_free", _wrap_semanage_bool_free, METH_VARARGS, NULL}, + { (char *)"semanage_bool_query", _wrap_semanage_bool_query, METH_VARARGS, NULL}, + { (char *)"semanage_bool_exists", _wrap_semanage_bool_exists, METH_VARARGS, NULL}, + { (char *)"semanage_bool_count", _wrap_semanage_bool_count, METH_VARARGS, NULL}, + { (char *)"semanage_bool_iterate", _wrap_semanage_bool_iterate, METH_VARARGS, NULL}, + { (char *)"semanage_bool_list", _wrap_semanage_bool_list, METH_VARARGS, NULL}, + { (char *)"semanage_bool_modify_local", _wrap_semanage_bool_modify_local, METH_VARARGS, NULL}, + { (char *)"semanage_bool_del_local", _wrap_semanage_bool_del_local, METH_VARARGS, NULL}, + { (char *)"semanage_bool_query_local", _wrap_semanage_bool_query_local, METH_VARARGS, NULL}, + { (char *)"semanage_bool_exists_local", _wrap_semanage_bool_exists_local, METH_VARARGS, NULL}, + { (char *)"semanage_bool_count_local", _wrap_semanage_bool_count_local, METH_VARARGS, NULL}, + { (char *)"semanage_bool_iterate_local", _wrap_semanage_bool_iterate_local, METH_VARARGS, NULL}, + { (char *)"semanage_bool_list_local", _wrap_semanage_bool_list_local, METH_VARARGS, NULL}, + { (char *)"semanage_bool_set_active", _wrap_semanage_bool_set_active, METH_VARARGS, NULL}, + { (char *)"semanage_bool_query_active", _wrap_semanage_bool_query_active, METH_VARARGS, NULL}, + { (char *)"semanage_bool_exists_active", _wrap_semanage_bool_exists_active, METH_VARARGS, NULL}, + { (char *)"semanage_bool_count_active", _wrap_semanage_bool_count_active, METH_VARARGS, NULL}, + { (char *)"semanage_bool_iterate_active", _wrap_semanage_bool_iterate_active, METH_VARARGS, NULL}, + { (char *)"semanage_bool_list_active", _wrap_semanage_bool_list_active, METH_VARARGS, NULL}, + { (char *)"semanage_iface_compare", _wrap_semanage_iface_compare, METH_VARARGS, NULL}, + { (char *)"semanage_iface_compare2", _wrap_semanage_iface_compare2, METH_VARARGS, NULL}, + { (char *)"semanage_iface_key_create", _wrap_semanage_iface_key_create, METH_VARARGS, NULL}, + { (char *)"semanage_iface_key_extract", _wrap_semanage_iface_key_extract, METH_VARARGS, NULL}, + { (char *)"semanage_iface_key_free", _wrap_semanage_iface_key_free, METH_VARARGS, NULL}, + { (char *)"semanage_iface_get_name", _wrap_semanage_iface_get_name, METH_VARARGS, NULL}, + { (char *)"semanage_iface_set_name", _wrap_semanage_iface_set_name, METH_VARARGS, NULL}, + { (char *)"semanage_iface_get_ifcon", _wrap_semanage_iface_get_ifcon, METH_VARARGS, NULL}, + { (char *)"semanage_iface_set_ifcon", _wrap_semanage_iface_set_ifcon, METH_VARARGS, NULL}, + { (char *)"semanage_iface_get_msgcon", _wrap_semanage_iface_get_msgcon, METH_VARARGS, NULL}, + { (char *)"semanage_iface_set_msgcon", _wrap_semanage_iface_set_msgcon, METH_VARARGS, NULL}, + { (char *)"semanage_iface_create", _wrap_semanage_iface_create, METH_VARARGS, NULL}, + { (char *)"semanage_iface_clone", _wrap_semanage_iface_clone, METH_VARARGS, NULL}, + { (char *)"semanage_iface_free", _wrap_semanage_iface_free, METH_VARARGS, NULL}, + { (char *)"semanage_iface_modify_local", _wrap_semanage_iface_modify_local, METH_VARARGS, NULL}, + { (char *)"semanage_iface_del_local", _wrap_semanage_iface_del_local, METH_VARARGS, NULL}, + { (char *)"semanage_iface_query_local", _wrap_semanage_iface_query_local, METH_VARARGS, NULL}, + { (char *)"semanage_iface_exists_local", _wrap_semanage_iface_exists_local, METH_VARARGS, NULL}, + { (char *)"semanage_iface_count_local", _wrap_semanage_iface_count_local, METH_VARARGS, NULL}, + { (char *)"semanage_iface_iterate_local", _wrap_semanage_iface_iterate_local, METH_VARARGS, NULL}, + { (char *)"semanage_iface_list_local", _wrap_semanage_iface_list_local, METH_VARARGS, NULL}, + { (char *)"semanage_iface_query", _wrap_semanage_iface_query, METH_VARARGS, NULL}, + { (char *)"semanage_iface_exists", _wrap_semanage_iface_exists, METH_VARARGS, NULL}, + { (char *)"semanage_iface_count", _wrap_semanage_iface_count, METH_VARARGS, NULL}, + { (char *)"semanage_iface_iterate", _wrap_semanage_iface_iterate, METH_VARARGS, NULL}, + { (char *)"semanage_iface_list", _wrap_semanage_iface_list, METH_VARARGS, NULL}, + { (char *)"semanage_user_key_create", _wrap_semanage_user_key_create, METH_VARARGS, NULL}, + { (char *)"semanage_user_key_extract", _wrap_semanage_user_key_extract, METH_VARARGS, NULL}, + { (char *)"semanage_user_key_free", _wrap_semanage_user_key_free, METH_VARARGS, NULL}, + { (char *)"semanage_user_compare", _wrap_semanage_user_compare, METH_VARARGS, NULL}, + { (char *)"semanage_user_compare2", _wrap_semanage_user_compare2, METH_VARARGS, NULL}, + { (char *)"semanage_user_get_name", _wrap_semanage_user_get_name, METH_VARARGS, NULL}, + { (char *)"semanage_user_set_name", _wrap_semanage_user_set_name, METH_VARARGS, NULL}, + { (char *)"semanage_user_get_prefix", _wrap_semanage_user_get_prefix, METH_VARARGS, NULL}, + { (char *)"semanage_user_set_prefix", _wrap_semanage_user_set_prefix, METH_VARARGS, NULL}, + { (char *)"semanage_user_get_mlslevel", _wrap_semanage_user_get_mlslevel, METH_VARARGS, NULL}, + { (char *)"semanage_user_set_mlslevel", _wrap_semanage_user_set_mlslevel, METH_VARARGS, NULL}, + { (char *)"semanage_user_get_mlsrange", _wrap_semanage_user_get_mlsrange, METH_VARARGS, NULL}, + { (char *)"semanage_user_set_mlsrange", _wrap_semanage_user_set_mlsrange, METH_VARARGS, NULL}, + { (char *)"semanage_user_get_num_roles", _wrap_semanage_user_get_num_roles, METH_VARARGS, NULL}, + { (char *)"semanage_user_add_role", _wrap_semanage_user_add_role, METH_VARARGS, NULL}, + { (char *)"semanage_user_del_role", _wrap_semanage_user_del_role, METH_VARARGS, NULL}, + { (char *)"semanage_user_has_role", _wrap_semanage_user_has_role, METH_VARARGS, NULL}, + { (char *)"semanage_user_get_roles", _wrap_semanage_user_get_roles, METH_VARARGS, NULL}, + { (char *)"semanage_user_set_roles", _wrap_semanage_user_set_roles, METH_VARARGS, NULL}, + { (char *)"semanage_user_create", _wrap_semanage_user_create, METH_VARARGS, NULL}, + { (char *)"semanage_user_clone", _wrap_semanage_user_clone, METH_VARARGS, NULL}, + { (char *)"semanage_user_free", _wrap_semanage_user_free, METH_VARARGS, NULL}, + { (char *)"semanage_user_modify_local", _wrap_semanage_user_modify_local, METH_VARARGS, NULL}, + { (char *)"semanage_user_del_local", _wrap_semanage_user_del_local, METH_VARARGS, NULL}, + { (char *)"semanage_user_query_local", _wrap_semanage_user_query_local, METH_VARARGS, NULL}, + { (char *)"semanage_user_exists_local", _wrap_semanage_user_exists_local, METH_VARARGS, NULL}, + { (char *)"semanage_user_count_local", _wrap_semanage_user_count_local, METH_VARARGS, NULL}, + { (char *)"semanage_user_iterate_local", _wrap_semanage_user_iterate_local, METH_VARARGS, NULL}, + { (char *)"semanage_user_list_local", _wrap_semanage_user_list_local, METH_VARARGS, NULL}, + { (char *)"semanage_user_query", _wrap_semanage_user_query, METH_VARARGS, NULL}, + { (char *)"semanage_user_exists", _wrap_semanage_user_exists, METH_VARARGS, NULL}, + { (char *)"semanage_user_count", _wrap_semanage_user_count, METH_VARARGS, NULL}, + { (char *)"semanage_user_iterate", _wrap_semanage_user_iterate, METH_VARARGS, NULL}, + { (char *)"semanage_user_list", _wrap_semanage_user_list, METH_VARARGS, NULL}, + { (char *)"semanage_port_compare", _wrap_semanage_port_compare, METH_VARARGS, NULL}, + { (char *)"semanage_port_compare2", _wrap_semanage_port_compare2, METH_VARARGS, NULL}, + { (char *)"semanage_port_key_create", _wrap_semanage_port_key_create, METH_VARARGS, NULL}, + { (char *)"semanage_port_key_extract", _wrap_semanage_port_key_extract, METH_VARARGS, NULL}, + { (char *)"semanage_port_key_free", _wrap_semanage_port_key_free, METH_VARARGS, NULL}, + { (char *)"semanage_port_get_proto", _wrap_semanage_port_get_proto, METH_VARARGS, NULL}, + { (char *)"semanage_port_set_proto", _wrap_semanage_port_set_proto, METH_VARARGS, NULL}, + { (char *)"semanage_port_get_proto_str", _wrap_semanage_port_get_proto_str, METH_VARARGS, NULL}, + { (char *)"semanage_port_get_low", _wrap_semanage_port_get_low, METH_VARARGS, NULL}, + { (char *)"semanage_port_get_high", _wrap_semanage_port_get_high, METH_VARARGS, NULL}, + { (char *)"semanage_port_set_port", _wrap_semanage_port_set_port, METH_VARARGS, NULL}, + { (char *)"semanage_port_set_range", _wrap_semanage_port_set_range, METH_VARARGS, NULL}, + { (char *)"semanage_port_get_con", _wrap_semanage_port_get_con, METH_VARARGS, NULL}, + { (char *)"semanage_port_set_con", _wrap_semanage_port_set_con, METH_VARARGS, NULL}, + { (char *)"semanage_port_create", _wrap_semanage_port_create, METH_VARARGS, NULL}, + { (char *)"semanage_port_clone", _wrap_semanage_port_clone, METH_VARARGS, NULL}, + { (char *)"semanage_port_free", _wrap_semanage_port_free, METH_VARARGS, NULL}, + { (char *)"semanage_port_modify_local", _wrap_semanage_port_modify_local, METH_VARARGS, NULL}, + { (char *)"semanage_port_del_local", _wrap_semanage_port_del_local, METH_VARARGS, NULL}, + { (char *)"semanage_port_query_local", _wrap_semanage_port_query_local, METH_VARARGS, NULL}, + { (char *)"semanage_port_exists_local", _wrap_semanage_port_exists_local, METH_VARARGS, NULL}, + { (char *)"semanage_port_count_local", _wrap_semanage_port_count_local, METH_VARARGS, NULL}, + { (char *)"semanage_port_iterate_local", _wrap_semanage_port_iterate_local, METH_VARARGS, NULL}, + { (char *)"semanage_port_list_local", _wrap_semanage_port_list_local, METH_VARARGS, NULL}, + { (char *)"semanage_port_query", _wrap_semanage_port_query, METH_VARARGS, NULL}, + { (char *)"semanage_port_exists", _wrap_semanage_port_exists, METH_VARARGS, NULL}, + { (char *)"semanage_port_count", _wrap_semanage_port_count, METH_VARARGS, NULL}, + { (char *)"semanage_port_iterate", _wrap_semanage_port_iterate, METH_VARARGS, NULL}, + { (char *)"semanage_port_list", _wrap_semanage_port_list, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_compare", _wrap_semanage_fcontext_compare, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_compare2", _wrap_semanage_fcontext_compare2, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_key_create", _wrap_semanage_fcontext_key_create, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_key_extract", _wrap_semanage_fcontext_key_extract, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_key_free", _wrap_semanage_fcontext_key_free, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_get_expr", _wrap_semanage_fcontext_get_expr, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_set_expr", _wrap_semanage_fcontext_set_expr, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_get_type", _wrap_semanage_fcontext_get_type, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_get_type_str", _wrap_semanage_fcontext_get_type_str, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_set_type", _wrap_semanage_fcontext_set_type, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_get_con", _wrap_semanage_fcontext_get_con, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_set_con", _wrap_semanage_fcontext_set_con, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_create", _wrap_semanage_fcontext_create, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_clone", _wrap_semanage_fcontext_clone, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_free", _wrap_semanage_fcontext_free, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_modify_local", _wrap_semanage_fcontext_modify_local, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_del_local", _wrap_semanage_fcontext_del_local, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_query_local", _wrap_semanage_fcontext_query_local, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_exists_local", _wrap_semanage_fcontext_exists_local, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_count_local", _wrap_semanage_fcontext_count_local, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_iterate_local", _wrap_semanage_fcontext_iterate_local, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_list_local", _wrap_semanage_fcontext_list_local, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_query", _wrap_semanage_fcontext_query, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_exists", _wrap_semanage_fcontext_exists, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_count", _wrap_semanage_fcontext_count, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_iterate", _wrap_semanage_fcontext_iterate, METH_VARARGS, NULL}, + { (char *)"semanage_fcontext_list", _wrap_semanage_fcontext_list, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_key_create", _wrap_semanage_seuser_key_create, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_key_extract", _wrap_semanage_seuser_key_extract, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_key_free", _wrap_semanage_seuser_key_free, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_compare", _wrap_semanage_seuser_compare, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_compare2", _wrap_semanage_seuser_compare2, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_get_name", _wrap_semanage_seuser_get_name, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_set_name", _wrap_semanage_seuser_set_name, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_get_sename", _wrap_semanage_seuser_get_sename, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_set_sename", _wrap_semanage_seuser_set_sename, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_get_mlsrange", _wrap_semanage_seuser_get_mlsrange, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_set_mlsrange", _wrap_semanage_seuser_set_mlsrange, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_create", _wrap_semanage_seuser_create, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_clone", _wrap_semanage_seuser_clone, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_free", _wrap_semanage_seuser_free, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_modify_local", _wrap_semanage_seuser_modify_local, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_del_local", _wrap_semanage_seuser_del_local, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_query_local", _wrap_semanage_seuser_query_local, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_exists_local", _wrap_semanage_seuser_exists_local, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_count_local", _wrap_semanage_seuser_count_local, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_iterate_local", _wrap_semanage_seuser_iterate_local, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_list_local", _wrap_semanage_seuser_list_local, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_query", _wrap_semanage_seuser_query, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_exists", _wrap_semanage_seuser_exists, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_count", _wrap_semanage_seuser_count, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_iterate", _wrap_semanage_seuser_iterate, METH_VARARGS, NULL}, + { (char *)"semanage_seuser_list", _wrap_semanage_seuser_list, METH_VARARGS, NULL}, + { (char *)"semanage_node_compare", _wrap_semanage_node_compare, METH_VARARGS, NULL}, + { (char *)"semanage_node_compare2", _wrap_semanage_node_compare2, METH_VARARGS, NULL}, + { (char *)"semanage_node_key_create", _wrap_semanage_node_key_create, METH_VARARGS, NULL}, + { (char *)"semanage_node_key_extract", _wrap_semanage_node_key_extract, METH_VARARGS, NULL}, + { (char *)"semanage_node_key_free", _wrap_semanage_node_key_free, METH_VARARGS, NULL}, + { (char *)"semanage_node_get_addr", _wrap_semanage_node_get_addr, METH_VARARGS, NULL}, + { (char *)"semanage_node_get_addr_bytes", _wrap_semanage_node_get_addr_bytes, METH_VARARGS, NULL}, + { (char *)"semanage_node_set_addr", _wrap_semanage_node_set_addr, METH_VARARGS, NULL}, + { (char *)"semanage_node_set_addr_bytes", _wrap_semanage_node_set_addr_bytes, METH_VARARGS, NULL}, + { (char *)"semanage_node_get_mask", _wrap_semanage_node_get_mask, METH_VARARGS, NULL}, + { (char *)"semanage_node_get_mask_bytes", _wrap_semanage_node_get_mask_bytes, METH_VARARGS, NULL}, + { (char *)"semanage_node_set_mask", _wrap_semanage_node_set_mask, METH_VARARGS, NULL}, + { (char *)"semanage_node_set_mask_bytes", _wrap_semanage_node_set_mask_bytes, METH_VARARGS, NULL}, + { (char *)"semanage_node_get_proto", _wrap_semanage_node_get_proto, METH_VARARGS, NULL}, + { (char *)"semanage_node_set_proto", _wrap_semanage_node_set_proto, METH_VARARGS, NULL}, + { (char *)"semanage_node_get_proto_str", _wrap_semanage_node_get_proto_str, METH_VARARGS, NULL}, + { (char *)"semanage_node_get_con", _wrap_semanage_node_get_con, METH_VARARGS, NULL}, + { (char *)"semanage_node_set_con", _wrap_semanage_node_set_con, METH_VARARGS, NULL}, + { (char *)"semanage_node_create", _wrap_semanage_node_create, METH_VARARGS, NULL}, + { (char *)"semanage_node_clone", _wrap_semanage_node_clone, METH_VARARGS, NULL}, + { (char *)"semanage_node_free", _wrap_semanage_node_free, METH_VARARGS, NULL}, + { (char *)"semanage_node_modify_local", _wrap_semanage_node_modify_local, METH_VARARGS, NULL}, + { (char *)"semanage_node_del_local", _wrap_semanage_node_del_local, METH_VARARGS, NULL}, + { (char *)"semanage_node_query_local", _wrap_semanage_node_query_local, METH_VARARGS, NULL}, + { (char *)"semanage_node_exists_local", _wrap_semanage_node_exists_local, METH_VARARGS, NULL}, + { (char *)"semanage_node_count_local", _wrap_semanage_node_count_local, METH_VARARGS, NULL}, + { (char *)"semanage_node_iterate_local", _wrap_semanage_node_iterate_local, METH_VARARGS, NULL}, + { (char *)"semanage_node_list_local", _wrap_semanage_node_list_local, METH_VARARGS, NULL}, + { (char *)"semanage_node_query", _wrap_semanage_node_query, METH_VARARGS, NULL}, + { (char *)"semanage_node_exists", _wrap_semanage_node_exists, METH_VARARGS, NULL}, + { (char *)"semanage_node_count", _wrap_semanage_node_count, METH_VARARGS, NULL}, + { (char *)"semanage_node_iterate", _wrap_semanage_node_iterate, METH_VARARGS, NULL}, + { (char *)"semanage_node_list", _wrap_semanage_node_list, METH_VARARGS, NULL}, + { NULL, NULL, 0, NULL } +}; + + +/* -------- TYPE CONVERSION AND EQUIVALENCE RULES (BEGIN) -------- */ + +static swig_type_info _swigt__p_char = {"_p_char", "char *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_f_p_q_const__struct_semanage_bool_p_void__int = {"_p_f_p_q_const__struct_semanage_bool_p_void__int", "int (*)(struct semanage_bool const *,void *)|int (*)(semanage_bool_t const *,void *)", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_f_p_q_const__struct_semanage_fcontext_p_void__int = {"_p_f_p_q_const__struct_semanage_fcontext_p_void__int", "int (*)(struct semanage_fcontext const *,void *)|int (*)(semanage_fcontext_t const *,void *)", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_f_p_q_const__struct_semanage_iface_p_void__int = {"_p_f_p_q_const__struct_semanage_iface_p_void__int", "int (*)(struct semanage_iface const *,void *)|int (*)(semanage_iface_t const *,void *)", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_f_p_q_const__struct_semanage_node_p_void__int = {"_p_f_p_q_const__struct_semanage_node_p_void__int", "int (*)(struct semanage_node const *,void *)|int (*)(semanage_node_t const *,void *)", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_f_p_q_const__struct_semanage_port_p_void__int = {"_p_f_p_q_const__struct_semanage_port_p_void__int", "int (*)(struct semanage_port const *,void *)|int (*)(semanage_port_t const *,void *)", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_f_p_q_const__struct_semanage_seuser_p_void__int = {"_p_f_p_q_const__struct_semanage_seuser_p_void__int", "int (*)(struct semanage_seuser const *,void *)|int (*)(semanage_seuser_t const *,void *)", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_f_p_q_const__struct_semanage_user_p_void__int = {"_p_f_p_q_const__struct_semanage_user_p_void__int", "int (*)(struct semanage_user const *,void *)|int (*)(semanage_user_t const *,void *)", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_f_p_void_p_struct_semanage_handle_p_q_const__char_v_______void = {"_p_f_p_void_p_struct_semanage_handle_p_q_const__char_v_______void", "void (*)(void *,semanage_handle_t *,char const *,...)|void (*)(void *,struct semanage_handle *,char const *,...)", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_int = {"_p_int", "int *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_char = {"_p_p_char", "char **", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_p_char = {"_p_p_p_char", "char ***", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_p_semanage_bool = {"_p_p_p_semanage_bool", "struct semanage_bool ***|semanage_bool_t ***", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_p_semanage_fcontext = {"_p_p_p_semanage_fcontext", "struct semanage_fcontext ***|semanage_fcontext_t ***", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_p_semanage_iface = {"_p_p_p_semanage_iface", "struct semanage_iface ***|semanage_iface_t ***", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_p_semanage_node = {"_p_p_p_semanage_node", "struct semanage_node ***|semanage_node_t ***", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_p_semanage_port = {"_p_p_p_semanage_port", "struct semanage_port ***|semanage_port_t ***", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_p_semanage_seuser = {"_p_p_p_semanage_seuser", "struct semanage_seuser ***|semanage_seuser_t ***", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_p_semanage_user = {"_p_p_p_semanage_user", "struct semanage_user ***|semanage_user_t ***", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_semanage_bool = {"_p_p_semanage_bool", "struct semanage_bool **|semanage_bool_t **", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_semanage_bool_key = {"_p_p_semanage_bool_key", "semanage_bool_key_t **|struct semanage_bool_key **", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_semanage_context = {"_p_p_semanage_context", "struct semanage_context **|semanage_context_t **", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_semanage_fcontext = {"_p_p_semanage_fcontext", "struct semanage_fcontext **|semanage_fcontext_t **", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_semanage_fcontext_key = {"_p_p_semanage_fcontext_key", "semanage_fcontext_key_t **|struct semanage_fcontext_key **", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_semanage_iface = {"_p_p_semanage_iface", "semanage_iface_t **|struct semanage_iface **", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_semanage_iface_key = {"_p_p_semanage_iface_key", "semanage_iface_key_t **|struct semanage_iface_key **", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_semanage_module_info = {"_p_p_semanage_module_info", "struct semanage_module_info **|semanage_module_info_t **", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_semanage_node = {"_p_p_semanage_node", "struct semanage_node **|semanage_node_t **", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_semanage_node_key = {"_p_p_semanage_node_key", "semanage_node_key_t **|struct semanage_node_key **", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_semanage_port = {"_p_p_semanage_port", "struct semanage_port **|semanage_port_t **", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_semanage_port_key = {"_p_p_semanage_port_key", "semanage_port_key_t **|struct semanage_port_key **", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_semanage_seuser = {"_p_p_semanage_seuser", "semanage_seuser_t **|struct semanage_seuser **", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_semanage_seuser_key = {"_p_p_semanage_seuser_key", "semanage_seuser_key_t **|struct semanage_seuser_key **", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_semanage_user = {"_p_p_semanage_user", "semanage_user_t **|struct semanage_user **", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_p_semanage_user_key = {"_p_p_semanage_user_key", "semanage_user_key_t **|struct semanage_user_key **", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_semanage_bool = {"_p_semanage_bool", "struct semanage_bool *|semanage_bool_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_semanage_bool_key = {"_p_semanage_bool_key", "struct semanage_bool_key *|semanage_bool_key_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_semanage_context = {"_p_semanage_context", "struct semanage_context *|semanage_context_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_semanage_fcontext = {"_p_semanage_fcontext", "struct semanage_fcontext *|semanage_fcontext_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_semanage_fcontext_key = {"_p_semanage_fcontext_key", "struct semanage_fcontext_key *|semanage_fcontext_key_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_semanage_handle = {"_p_semanage_handle", "semanage_handle_t *|struct semanage_handle *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_semanage_iface = {"_p_semanage_iface", "struct semanage_iface *|semanage_iface_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_semanage_iface_key = {"_p_semanage_iface_key", "struct semanage_iface_key *|semanage_iface_key_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_semanage_module_info = {"_p_semanage_module_info", "struct semanage_module_info *|semanage_module_info_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_semanage_node = {"_p_semanage_node", "struct semanage_node *|semanage_node_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_semanage_node_key = {"_p_semanage_node_key", "struct semanage_node_key *|semanage_node_key_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_semanage_port = {"_p_semanage_port", "semanage_port_t *|struct semanage_port *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_semanage_port_key = {"_p_semanage_port_key", "struct semanage_port_key *|semanage_port_key_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_semanage_seuser = {"_p_semanage_seuser", "struct semanage_seuser *|semanage_seuser_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_semanage_seuser_key = {"_p_semanage_seuser_key", "struct semanage_seuser_key *|semanage_seuser_key_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_semanage_user = {"_p_semanage_user", "struct semanage_user *|semanage_user_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_semanage_user_key = {"_p_semanage_user_key", "struct semanage_user_key *|semanage_user_key_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_size_t = {"_p_size_t", "size_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_unsigned_int = {"_p_unsigned_int", "unsigned int *", 0, 0, (void*)0, 0}; + +static swig_type_info *swig_type_initial[] = { + &_swigt__p_char, + &_swigt__p_f_p_q_const__struct_semanage_bool_p_void__int, + &_swigt__p_f_p_q_const__struct_semanage_fcontext_p_void__int, + &_swigt__p_f_p_q_const__struct_semanage_iface_p_void__int, + &_swigt__p_f_p_q_const__struct_semanage_node_p_void__int, + &_swigt__p_f_p_q_const__struct_semanage_port_p_void__int, + &_swigt__p_f_p_q_const__struct_semanage_seuser_p_void__int, + &_swigt__p_f_p_q_const__struct_semanage_user_p_void__int, + &_swigt__p_f_p_void_p_struct_semanage_handle_p_q_const__char_v_______void, + &_swigt__p_int, + &_swigt__p_p_char, + &_swigt__p_p_p_char, + &_swigt__p_p_p_semanage_bool, + &_swigt__p_p_p_semanage_fcontext, + &_swigt__p_p_p_semanage_iface, + &_swigt__p_p_p_semanage_node, + &_swigt__p_p_p_semanage_port, + &_swigt__p_p_p_semanage_seuser, + &_swigt__p_p_p_semanage_user, + &_swigt__p_p_semanage_bool, + &_swigt__p_p_semanage_bool_key, + &_swigt__p_p_semanage_context, + &_swigt__p_p_semanage_fcontext, + &_swigt__p_p_semanage_fcontext_key, + &_swigt__p_p_semanage_iface, + &_swigt__p_p_semanage_iface_key, + &_swigt__p_p_semanage_module_info, + &_swigt__p_p_semanage_node, + &_swigt__p_p_semanage_node_key, + &_swigt__p_p_semanage_port, + &_swigt__p_p_semanage_port_key, + &_swigt__p_p_semanage_seuser, + &_swigt__p_p_semanage_seuser_key, + &_swigt__p_p_semanage_user, + &_swigt__p_p_semanage_user_key, + &_swigt__p_semanage_bool, + &_swigt__p_semanage_bool_key, + &_swigt__p_semanage_context, + &_swigt__p_semanage_fcontext, + &_swigt__p_semanage_fcontext_key, + &_swigt__p_semanage_handle, + &_swigt__p_semanage_iface, + &_swigt__p_semanage_iface_key, + &_swigt__p_semanage_module_info, + &_swigt__p_semanage_node, + &_swigt__p_semanage_node_key, + &_swigt__p_semanage_port, + &_swigt__p_semanage_port_key, + &_swigt__p_semanage_seuser, + &_swigt__p_semanage_seuser_key, + &_swigt__p_semanage_user, + &_swigt__p_semanage_user_key, + &_swigt__p_size_t, + &_swigt__p_unsigned_int, +}; + +static swig_cast_info _swigc__p_char[] = { {&_swigt__p_char, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_f_p_q_const__struct_semanage_bool_p_void__int[] = { {&_swigt__p_f_p_q_const__struct_semanage_bool_p_void__int, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_f_p_q_const__struct_semanage_fcontext_p_void__int[] = { {&_swigt__p_f_p_q_const__struct_semanage_fcontext_p_void__int, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_f_p_q_const__struct_semanage_iface_p_void__int[] = { {&_swigt__p_f_p_q_const__struct_semanage_iface_p_void__int, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_f_p_q_const__struct_semanage_node_p_void__int[] = { {&_swigt__p_f_p_q_const__struct_semanage_node_p_void__int, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_f_p_q_const__struct_semanage_port_p_void__int[] = { {&_swigt__p_f_p_q_const__struct_semanage_port_p_void__int, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_f_p_q_const__struct_semanage_seuser_p_void__int[] = { {&_swigt__p_f_p_q_const__struct_semanage_seuser_p_void__int, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_f_p_q_const__struct_semanage_user_p_void__int[] = { {&_swigt__p_f_p_q_const__struct_semanage_user_p_void__int, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_f_p_void_p_struct_semanage_handle_p_q_const__char_v_______void[] = { {&_swigt__p_f_p_void_p_struct_semanage_handle_p_q_const__char_v_______void, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_int[] = { {&_swigt__p_int, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_char[] = { {&_swigt__p_p_char, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_p_char[] = { {&_swigt__p_p_p_char, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_p_semanage_bool[] = { {&_swigt__p_p_p_semanage_bool, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_p_semanage_fcontext[] = { {&_swigt__p_p_p_semanage_fcontext, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_p_semanage_iface[] = { {&_swigt__p_p_p_semanage_iface, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_p_semanage_node[] = { {&_swigt__p_p_p_semanage_node, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_p_semanage_port[] = { {&_swigt__p_p_p_semanage_port, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_p_semanage_seuser[] = { {&_swigt__p_p_p_semanage_seuser, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_p_semanage_user[] = { {&_swigt__p_p_p_semanage_user, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_semanage_bool[] = { {&_swigt__p_p_semanage_bool, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_semanage_bool_key[] = { {&_swigt__p_p_semanage_bool_key, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_semanage_context[] = { {&_swigt__p_p_semanage_context, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_semanage_fcontext[] = { {&_swigt__p_p_semanage_fcontext, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_semanage_fcontext_key[] = { {&_swigt__p_p_semanage_fcontext_key, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_semanage_iface[] = { {&_swigt__p_p_semanage_iface, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_semanage_iface_key[] = { {&_swigt__p_p_semanage_iface_key, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_semanage_module_info[] = { {&_swigt__p_p_semanage_module_info, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_semanage_node[] = { {&_swigt__p_p_semanage_node, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_semanage_node_key[] = { {&_swigt__p_p_semanage_node_key, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_semanage_port[] = { {&_swigt__p_p_semanage_port, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_semanage_port_key[] = { {&_swigt__p_p_semanage_port_key, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_semanage_seuser[] = { {&_swigt__p_p_semanage_seuser, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_semanage_seuser_key[] = { {&_swigt__p_p_semanage_seuser_key, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_semanage_user[] = { {&_swigt__p_p_semanage_user, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_p_semanage_user_key[] = { {&_swigt__p_p_semanage_user_key, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_semanage_bool[] = { {&_swigt__p_semanage_bool, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_semanage_bool_key[] = { {&_swigt__p_semanage_bool_key, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_semanage_context[] = { {&_swigt__p_semanage_context, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_semanage_fcontext[] = { {&_swigt__p_semanage_fcontext, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_semanage_fcontext_key[] = { {&_swigt__p_semanage_fcontext_key, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_semanage_handle[] = { {&_swigt__p_semanage_handle, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_semanage_iface[] = { {&_swigt__p_semanage_iface, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_semanage_iface_key[] = { {&_swigt__p_semanage_iface_key, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_semanage_module_info[] = { {&_swigt__p_semanage_module_info, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_semanage_node[] = { {&_swigt__p_semanage_node, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_semanage_node_key[] = { {&_swigt__p_semanage_node_key, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_semanage_port[] = { {&_swigt__p_semanage_port, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_semanage_port_key[] = { {&_swigt__p_semanage_port_key, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_semanage_seuser[] = { {&_swigt__p_semanage_seuser, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_semanage_seuser_key[] = { {&_swigt__p_semanage_seuser_key, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_semanage_user[] = { {&_swigt__p_semanage_user, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_semanage_user_key[] = { {&_swigt__p_semanage_user_key, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_size_t[] = { {&_swigt__p_size_t, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_unsigned_int[] = { {&_swigt__p_unsigned_int, 0, 0, 0},{0, 0, 0, 0}}; + +static swig_cast_info *swig_cast_initial[] = { + _swigc__p_char, + _swigc__p_f_p_q_const__struct_semanage_bool_p_void__int, + _swigc__p_f_p_q_const__struct_semanage_fcontext_p_void__int, + _swigc__p_f_p_q_const__struct_semanage_iface_p_void__int, + _swigc__p_f_p_q_const__struct_semanage_node_p_void__int, + _swigc__p_f_p_q_const__struct_semanage_port_p_void__int, + _swigc__p_f_p_q_const__struct_semanage_seuser_p_void__int, + _swigc__p_f_p_q_const__struct_semanage_user_p_void__int, + _swigc__p_f_p_void_p_struct_semanage_handle_p_q_const__char_v_______void, + _swigc__p_int, + _swigc__p_p_char, + _swigc__p_p_p_char, + _swigc__p_p_p_semanage_bool, + _swigc__p_p_p_semanage_fcontext, + _swigc__p_p_p_semanage_iface, + _swigc__p_p_p_semanage_node, + _swigc__p_p_p_semanage_port, + _swigc__p_p_p_semanage_seuser, + _swigc__p_p_p_semanage_user, + _swigc__p_p_semanage_bool, + _swigc__p_p_semanage_bool_key, + _swigc__p_p_semanage_context, + _swigc__p_p_semanage_fcontext, + _swigc__p_p_semanage_fcontext_key, + _swigc__p_p_semanage_iface, + _swigc__p_p_semanage_iface_key, + _swigc__p_p_semanage_module_info, + _swigc__p_p_semanage_node, + _swigc__p_p_semanage_node_key, + _swigc__p_p_semanage_port, + _swigc__p_p_semanage_port_key, + _swigc__p_p_semanage_seuser, + _swigc__p_p_semanage_seuser_key, + _swigc__p_p_semanage_user, + _swigc__p_p_semanage_user_key, + _swigc__p_semanage_bool, + _swigc__p_semanage_bool_key, + _swigc__p_semanage_context, + _swigc__p_semanage_fcontext, + _swigc__p_semanage_fcontext_key, + _swigc__p_semanage_handle, + _swigc__p_semanage_iface, + _swigc__p_semanage_iface_key, + _swigc__p_semanage_module_info, + _swigc__p_semanage_node, + _swigc__p_semanage_node_key, + _swigc__p_semanage_port, + _swigc__p_semanage_port_key, + _swigc__p_semanage_seuser, + _swigc__p_semanage_seuser_key, + _swigc__p_semanage_user, + _swigc__p_semanage_user_key, + _swigc__p_size_t, + _swigc__p_unsigned_int, +}; + + +/* -------- TYPE CONVERSION AND EQUIVALENCE RULES (END) -------- */ + +static swig_const_info swig_const_table[] = { +{0, 0, 0, 0.0, 0, 0}}; + +#ifdef __cplusplus +} +#endif +/* ----------------------------------------------------------------------------- + * Type initialization: + * This problem is tough by the requirement that no dynamic + * memory is used. Also, since swig_type_info structures store pointers to + * swig_cast_info structures and swig_cast_info structures store pointers back + * to swig_type_info structures, we need some lookup code at initialization. + * The idea is that swig generates all the structures that are needed. + * The runtime then collects these partially filled structures. + * The SWIG_InitializeModule function takes these initial arrays out of + * swig_module, and does all the lookup, filling in the swig_module.types + * array with the correct data and linking the correct swig_cast_info + * structures together. + * + * The generated swig_type_info structures are assigned staticly to an initial + * array. We just loop through that array, and handle each type individually. + * First we lookup if this type has been already loaded, and if so, use the + * loaded structure instead of the generated one. Then we have to fill in the + * cast linked list. The cast data is initially stored in something like a + * two-dimensional array. Each row corresponds to a type (there are the same + * number of rows as there are in the swig_type_initial array). Each entry in + * a column is one of the swig_cast_info structures for that type. + * The cast_initial array is actually an array of arrays, because each row has + * a variable number of columns. So to actually build the cast linked list, + * we find the array of casts associated with the type, and loop through it + * adding the casts to the list. The one last trick we need to do is making + * sure the type pointer in the swig_cast_info struct is correct. + * + * First off, we lookup the cast->type name to see if it is already loaded. + * There are three cases to handle: + * 1) If the cast->type has already been loaded AND the type we are adding + * casting info to has not been loaded (it is in this module), THEN we + * replace the cast->type pointer with the type pointer that has already + * been loaded. + * 2) If BOTH types (the one we are adding casting info to, and the + * cast->type) are loaded, THEN the cast info has already been loaded by + * the previous module so we just ignore it. + * 3) Finally, if cast->type has not already been loaded, then we add that + * swig_cast_info to the linked list (because the cast->type) pointer will + * be correct. + * ----------------------------------------------------------------------------- */ + +#ifdef __cplusplus +extern "C" { +#if 0 +} /* c-mode */ +#endif +#endif + +#if 0 +#define SWIGRUNTIME_DEBUG +#endif + + +SWIGRUNTIME void +SWIG_InitializeModule(void *clientdata) { + size_t i; + swig_module_info *module_head, *iter; + int found; + + clientdata = clientdata; + + /* check to see if the circular list has been setup, if not, set it up */ + if (swig_module.next==0) { + /* Initialize the swig_module */ + swig_module.type_initial = swig_type_initial; + swig_module.cast_initial = swig_cast_initial; + swig_module.next = &swig_module; + } + + /* Try and load any already created modules */ + module_head = SWIG_GetModule(clientdata); + if (!module_head) { + /* This is the first module loaded for this interpreter */ + /* so set the swig module into the interpreter */ + SWIG_SetModule(clientdata, &swig_module); + module_head = &swig_module; + } else { + /* the interpreter has loaded a SWIG module, but has it loaded this one? */ + found=0; + iter=module_head; + do { + if (iter==&swig_module) { + found=1; + break; + } + iter=iter->next; + } while (iter!= module_head); + + /* if the is found in the list, then all is done and we may leave */ + if (found) return; + /* otherwise we must add out module into the list */ + swig_module.next = module_head->next; + module_head->next = &swig_module; + } + + /* Now work on filling in swig_module.types */ +#ifdef SWIGRUNTIME_DEBUG + printf("SWIG_InitializeModule: size %d\n", swig_module.size); +#endif + for (i = 0; i < swig_module.size; ++i) { + swig_type_info *type = 0; + swig_type_info *ret; + swig_cast_info *cast; + +#ifdef SWIGRUNTIME_DEBUG + printf("SWIG_InitializeModule: type %d %s\n", i, swig_module.type_initial[i]->name); +#endif + + /* if there is another module already loaded */ + if (swig_module.next != &swig_module) { + type = SWIG_MangledTypeQueryModule(swig_module.next, &swig_module, swig_module.type_initial[i]->name); + } + if (type) { + /* Overwrite clientdata field */ +#ifdef SWIGRUNTIME_DEBUG + printf("SWIG_InitializeModule: found type %s\n", type->name); +#endif + if (swig_module.type_initial[i]->clientdata) { + type->clientdata = swig_module.type_initial[i]->clientdata; +#ifdef SWIGRUNTIME_DEBUG + printf("SWIG_InitializeModule: found and overwrite type %s \n", type->name); +#endif + } + } else { + type = swig_module.type_initial[i]; + } + + /* Insert casting types */ + cast = swig_module.cast_initial[i]; + while (cast->type) { + /* Don't need to add information already in the list */ + ret = 0; +#ifdef SWIGRUNTIME_DEBUG + printf("SWIG_InitializeModule: look cast %s\n", cast->type->name); +#endif + if (swig_module.next != &swig_module) { + ret = SWIG_MangledTypeQueryModule(swig_module.next, &swig_module, cast->type->name); +#ifdef SWIGRUNTIME_DEBUG + if (ret) printf("SWIG_InitializeModule: found cast %s\n", ret->name); +#endif + } + if (ret) { + if (type == swig_module.type_initial[i]) { +#ifdef SWIGRUNTIME_DEBUG + printf("SWIG_InitializeModule: skip old type %s\n", ret->name); +#endif + cast->type = ret; + ret = 0; + } else { + /* Check for casting already in the list */ + swig_cast_info *ocast = SWIG_TypeCheck(ret->name, type); +#ifdef SWIGRUNTIME_DEBUG + if (ocast) printf("SWIG_InitializeModule: skip old cast %s\n", ret->name); +#endif + if (!ocast) ret = 0; + } + } + + if (!ret) { +#ifdef SWIGRUNTIME_DEBUG + printf("SWIG_InitializeModule: adding cast %s\n", cast->type->name); +#endif + if (type->cast) { + type->cast->prev = cast; + cast->next = type->cast; + } + type->cast = cast; + } + cast++; + } + /* Set entry in modules->types array equal to the type */ + swig_module.types[i] = type; + } + swig_module.types[i] = 0; + +#ifdef SWIGRUNTIME_DEBUG + printf("**** SWIG_InitializeModule: Cast List ******\n"); + for (i = 0; i < swig_module.size; ++i) { + int j = 0; + swig_cast_info *cast = swig_module.cast_initial[i]; + printf("SWIG_InitializeModule: type %d %s\n", i, swig_module.type_initial[i]->name); + while (cast->type) { + printf("SWIG_InitializeModule: cast type %s\n", cast->type->name); + cast++; + ++j; + } + printf("---- Total casts: %d\n",j); + } + printf("**** SWIG_InitializeModule: Cast List ******\n"); +#endif +} + +/* This function will propagate the clientdata field of type to +* any new swig_type_info structures that have been added into the list +* of equivalent types. It is like calling +* SWIG_TypeClientData(type, clientdata) a second time. +*/ +SWIGRUNTIME void +SWIG_PropagateClientData(void) { + size_t i; + swig_cast_info *equiv; + static int init_run = 0; + + if (init_run) return; + init_run = 1; + + for (i = 0; i < swig_module.size; i++) { + if (swig_module.types[i]->clientdata) { + equiv = swig_module.types[i]->cast; + while (equiv) { + if (!equiv->converter) { + if (equiv->type && !equiv->type->clientdata) + SWIG_TypeClientData(equiv->type, swig_module.types[i]->clientdata); + } + equiv = equiv->next; + } + } + } +} + +#ifdef __cplusplus +#if 0 +{ + /* c-mode */ +#endif +} +#endif + + + +#ifdef __cplusplus +extern "C" { +#endif + + /* Python-specific SWIG API */ +#define SWIG_newvarlink() SWIG_Python_newvarlink() +#define SWIG_addvarlink(p, name, get_attr, set_attr) SWIG_Python_addvarlink(p, name, get_attr, set_attr) +#define SWIG_InstallConstants(d, constants) SWIG_Python_InstallConstants(d, constants) + + /* ----------------------------------------------------------------------------- + * global variable support code. + * ----------------------------------------------------------------------------- */ + + typedef struct swig_globalvar { + char *name; /* Name of global variable */ + PyObject *(*get_attr)(void); /* Return the current value */ + int (*set_attr)(PyObject *); /* Set the value */ + struct swig_globalvar *next; + } swig_globalvar; + + typedef struct swig_varlinkobject { + PyObject_HEAD + swig_globalvar *vars; + } swig_varlinkobject; + + SWIGINTERN PyObject * + swig_varlink_repr(swig_varlinkobject *SWIGUNUSEDPARM(v)) { + return PyString_FromString("<Swig global variables>"); + } + + SWIGINTERN PyObject * + swig_varlink_str(swig_varlinkobject *v) { + PyObject *str = PyString_FromString("("); + swig_globalvar *var; + for (var = v->vars; var; var=var->next) { + PyString_ConcatAndDel(&str,PyString_FromString(var->name)); + if (var->next) PyString_ConcatAndDel(&str,PyString_FromString(", ")); + } + PyString_ConcatAndDel(&str,PyString_FromString(")")); + return str; + } + + SWIGINTERN int + swig_varlink_print(swig_varlinkobject *v, FILE *fp, int SWIGUNUSEDPARM(flags)) { + PyObject *str = swig_varlink_str(v); + fprintf(fp,"Swig global variables "); + fprintf(fp,"%s\n", PyString_AsString(str)); + Py_DECREF(str); + return 0; + } + + SWIGINTERN void + swig_varlink_dealloc(swig_varlinkobject *v) { + swig_globalvar *var = v->vars; + while (var) { + swig_globalvar *n = var->next; + free(var->name); + free(var); + var = n; + } + } + + SWIGINTERN PyObject * + swig_varlink_getattr(swig_varlinkobject *v, char *n) { + PyObject *res = NULL; + swig_globalvar *var = v->vars; + while (var) { + if (strcmp(var->name,n) == 0) { + res = (*var->get_attr)(); + break; + } + var = var->next; + } + if (res == NULL && !PyErr_Occurred()) { + PyErr_SetString(PyExc_NameError,"Unknown C global variable"); + } + return res; + } + + SWIGINTERN int + swig_varlink_setattr(swig_varlinkobject *v, char *n, PyObject *p) { + int res = 1; + swig_globalvar *var = v->vars; + while (var) { + if (strcmp(var->name,n) == 0) { + res = (*var->set_attr)(p); + break; + } + var = var->next; + } + if (res == 1 && !PyErr_Occurred()) { + PyErr_SetString(PyExc_NameError,"Unknown C global variable"); + } + return res; + } + + SWIGINTERN PyTypeObject* + swig_varlink_type(void) { + static char varlink__doc__[] = "Swig var link object"; + static PyTypeObject varlink_type; + static int type_init = 0; + if (!type_init) { + const PyTypeObject tmp + = { + PyObject_HEAD_INIT(NULL) + 0, /* Number of items in variable part (ob_size) */ + (char *)"swigvarlink", /* Type name (tp_name) */ + sizeof(swig_varlinkobject), /* Basic size (tp_basicsize) */ + 0, /* Itemsize (tp_itemsize) */ + (destructor) swig_varlink_dealloc, /* Deallocator (tp_dealloc) */ + (printfunc) swig_varlink_print, /* Print (tp_print) */ + (getattrfunc) swig_varlink_getattr, /* get attr (tp_getattr) */ + (setattrfunc) swig_varlink_setattr, /* Set attr (tp_setattr) */ + 0, /* tp_compare */ + (reprfunc) swig_varlink_repr, /* tp_repr */ + 0, /* tp_as_number */ + 0, /* tp_as_sequence */ + 0, /* tp_as_mapping */ + 0, /* tp_hash */ + 0, /* tp_call */ + (reprfunc)swig_varlink_str, /* tp_str */ + 0, /* tp_getattro */ + 0, /* tp_setattro */ + 0, /* tp_as_buffer */ + 0, /* tp_flags */ + varlink__doc__, /* tp_doc */ + 0, /* tp_traverse */ + 0, /* tp_clear */ + 0, /* tp_richcompare */ + 0, /* tp_weaklistoffset */ +#if PY_VERSION_HEX >= 0x02020000 + 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* tp_iter -> tp_weaklist */ +#endif +#if PY_VERSION_HEX >= 0x02030000 + 0, /* tp_del */ +#endif +#ifdef COUNT_ALLOCS + 0,0,0,0 /* tp_alloc -> tp_next */ +#endif + }; + varlink_type = tmp; + varlink_type.ob_type = &PyType_Type; + type_init = 1; + } + return &varlink_type; + } + + /* Create a variable linking object for use later */ + SWIGINTERN PyObject * + SWIG_Python_newvarlink(void) { + swig_varlinkobject *result = PyObject_NEW(swig_varlinkobject, swig_varlink_type()); + if (result) { + result->vars = 0; + } + return ((PyObject*) result); + } + + SWIGINTERN void + SWIG_Python_addvarlink(PyObject *p, char *name, PyObject *(*get_attr)(void), int (*set_attr)(PyObject *p)) { + swig_varlinkobject *v = (swig_varlinkobject *) p; + swig_globalvar *gv = (swig_globalvar *) malloc(sizeof(swig_globalvar)); + if (gv) { + size_t size = strlen(name)+1; + gv->name = (char *)malloc(size); + if (gv->name) { + strncpy(gv->name,name,size); + gv->get_attr = get_attr; + gv->set_attr = set_attr; + gv->next = v->vars; + } + } + v->vars = gv; + } + + SWIGINTERN PyObject * + SWIG_globals(void) { + static PyObject *_SWIG_globals = 0; + if (!_SWIG_globals) _SWIG_globals = SWIG_newvarlink(); + return _SWIG_globals; + } + + /* ----------------------------------------------------------------------------- + * constants/methods manipulation + * ----------------------------------------------------------------------------- */ + + /* Install Constants */ + SWIGINTERN void + SWIG_Python_InstallConstants(PyObject *d, swig_const_info constants[]) { + PyObject *obj = 0; + size_t i; + for (i = 0; constants[i].type; ++i) { + switch(constants[i].type) { + case SWIG_PY_POINTER: + obj = SWIG_NewPointerObj(constants[i].pvalue, *(constants[i]).ptype,0); + break; + case SWIG_PY_BINARY: + obj = SWIG_NewPackedObj(constants[i].pvalue, constants[i].lvalue, *(constants[i].ptype)); + break; + default: + obj = 0; + break; + } + if (obj) { + PyDict_SetItemString(d, constants[i].name, obj); + Py_DECREF(obj); + } + } + } + + /* -----------------------------------------------------------------------------*/ + /* Fix SwigMethods to carry the callback ptrs when needed */ + /* -----------------------------------------------------------------------------*/ + + SWIGINTERN void + SWIG_Python_FixMethods(PyMethodDef *methods, + swig_const_info *const_table, + swig_type_info **types, + swig_type_info **types_initial) { + size_t i; + for (i = 0; methods[i].ml_name; ++i) { + const char *c = methods[i].ml_doc; + if (c && (c = strstr(c, "swig_ptr: "))) { + int j; + swig_const_info *ci = 0; + const char *name = c + 10; + for (j = 0; const_table[j].type; ++j) { + if (strncmp(const_table[j].name, name, + strlen(const_table[j].name)) == 0) { + ci = &(const_table[j]); + break; + } + } + if (ci) { + size_t shift = (ci->ptype) - types; + swig_type_info *ty = types_initial[shift]; + size_t ldoc = (c - methods[i].ml_doc); + size_t lptr = strlen(ty->name)+2*sizeof(void*)+2; + char *ndoc = (char*)malloc(ldoc + lptr + 10); + if (ndoc) { + char *buff = ndoc; + void *ptr = (ci->type == SWIG_PY_POINTER) ? ci->pvalue : 0; + if (ptr) { + strncpy(buff, methods[i].ml_doc, ldoc); + buff += ldoc; + strncpy(buff, "swig_ptr: ", 10); + buff += 10; + SWIG_PackVoidPtr(buff, ptr, ty->name, lptr); + methods[i].ml_doc = ndoc; + } + } + } + } + } + } + +#ifdef __cplusplus +} +#endif + +/* -----------------------------------------------------------------------------* + * Partial Init method + * -----------------------------------------------------------------------------*/ + +#ifdef __cplusplus +extern "C" +#endif +SWIGEXPORT void SWIG_init(void) { + PyObject *m, *d; + + /* Fix SwigMethods to carry the callback ptrs when needed */ + SWIG_Python_FixMethods(SwigMethods, swig_const_table, swig_types, swig_type_initial); + + m = Py_InitModule((char *) SWIG_name, SwigMethods); + d = PyModule_GetDict(m); + + SWIG_InitializeModule(0); + SWIG_InstallConstants(d,swig_const_table); + + + SWIG_Python_SetConstant(d, "SEMANAGE_MSG_ERR",SWIG_From_int((int)(1))); + SWIG_Python_SetConstant(d, "SEMANAGE_MSG_WARN",SWIG_From_int((int)(2))); + SWIG_Python_SetConstant(d, "SEMANAGE_MSG_INFO",SWIG_From_int((int)(3))); + SWIG_Python_SetConstant(d, "SEMANAGE_CON_INVALID",SWIG_From_int((int)(SEMANAGE_CON_INVALID))); + SWIG_Python_SetConstant(d, "SEMANAGE_CON_DIRECT",SWIG_From_int((int)(SEMANAGE_CON_DIRECT))); + SWIG_Python_SetConstant(d, "SEMANAGE_CON_POLSERV_LOCAL",SWIG_From_int((int)(SEMANAGE_CON_POLSERV_LOCAL))); + SWIG_Python_SetConstant(d, "SEMANAGE_CON_POLSERV_REMOTE",SWIG_From_int((int)(SEMANAGE_CON_POLSERV_REMOTE))); + SWIG_Python_SetConstant(d, "SEMANAGE_CAN_READ",SWIG_From_int((int)(1))); + SWIG_Python_SetConstant(d, "SEMANAGE_CAN_WRITE",SWIG_From_int((int)(2))); + SWIG_Python_SetConstant(d, "SEMANAGE_PROTO_UDP",SWIG_From_int((int)(0))); + SWIG_Python_SetConstant(d, "SEMANAGE_PROTO_TCP",SWIG_From_int((int)(1))); + SWIG_Python_SetConstant(d, "SEMANAGE_FCONTEXT_ALL",SWIG_From_int((int)(0))); + SWIG_Python_SetConstant(d, "SEMANAGE_FCONTEXT_REG",SWIG_From_int((int)(1))); + SWIG_Python_SetConstant(d, "SEMANAGE_FCONTEXT_DIR",SWIG_From_int((int)(2))); + SWIG_Python_SetConstant(d, "SEMANAGE_FCONTEXT_CHAR",SWIG_From_int((int)(3))); + SWIG_Python_SetConstant(d, "SEMANAGE_FCONTEXT_BLOCK",SWIG_From_int((int)(4))); + SWIG_Python_SetConstant(d, "SEMANAGE_FCONTEXT_SOCK",SWIG_From_int((int)(5))); + SWIG_Python_SetConstant(d, "SEMANAGE_FCONTEXT_LINK",SWIG_From_int((int)(6))); + SWIG_Python_SetConstant(d, "SEMANAGE_FCONTEXT_PIPE",SWIG_From_int((int)(7))); + SWIG_Python_SetConstant(d, "SEMANAGE_PROTO_IP4",SWIG_From_int((int)(0))); + SWIG_Python_SetConstant(d, "SEMANAGE_PROTO_IP6",SWIG_From_int((int)(1))); +} + diff --git a/libsemanage/src/seuser_internal.h b/libsemanage/src/seuser_internal.h new file mode 100644 index 00000000..e6f29729 --- /dev/null +++ b/libsemanage/src/seuser_internal.h @@ -0,0 +1,41 @@ +#ifndef _SEMANAGE_SEUSER_INTERNAL_H_ +#define _SEMANAGE_SEUSER_INTERNAL_H_ + +#include <semanage/seuser_record.h> +#include <semanage/seusers_local.h> +#include <semanage/seusers_policy.h> +#include <sepol/policydb.h> +#include "database.h" +#include "handle.h" +#include "dso.h" + +hidden_proto(semanage_seuser_clone) + hidden_proto(semanage_seuser_compare) + hidden_proto(semanage_seuser_compare2) + hidden_proto(semanage_seuser_create) + hidden_proto(semanage_seuser_free) + hidden_proto(semanage_seuser_get_mlsrange) + hidden_proto(semanage_seuser_get_name) + hidden_proto(semanage_seuser_get_sename) + hidden_proto(semanage_seuser_key_create) + hidden_proto(semanage_seuser_key_extract) + hidden_proto(semanage_seuser_key_free) + hidden_proto(semanage_seuser_set_mlsrange) + hidden_proto(semanage_seuser_set_name) + hidden_proto(semanage_seuser_set_sename) + hidden_proto(semanage_seuser_iterate) + hidden_proto(semanage_seuser_iterate_local) + +/* SEUSER RECORD: method table */ +extern record_table_t SEMANAGE_SEUSER_RTABLE; + +extern int seuser_file_dbase_init(semanage_handle_t * handle, + const char *fname, dbase_config_t * dconfig); + +extern void seuser_file_dbase_release(dbase_config_t * dconfig); + +extern int hidden semanage_seuser_validate_local(semanage_handle_t * handle, + const sepol_policydb_t * + policydb); + +#endif diff --git a/libsemanage/src/seuser_record.c b/libsemanage/src/seuser_record.c new file mode 100644 index 00000000..8823b1ed --- /dev/null +++ b/libsemanage/src/seuser_record.c @@ -0,0 +1,267 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +/* Object: semanage_seuser_t (Unix User) + * Object: semanage_seuser_key_t (Unix User Key) + * Implements: record_t (Database Record) + * Implements: record_key_t (Database Record Key) + */ + +struct semanage_seuser; +struct semanage_seuser_key; +typedef struct semanage_seuser record_t; +typedef struct semanage_seuser_key record_key_t; +#define DBASE_RECORD_DEFINED + +#include <stdlib.h> +#include <string.h> +#include "seuser_internal.h" +#include "debug.h" +#include <semanage/handle.h> +#include "database.h" + +struct semanage_seuser { + /* This user's name */ + char *name; + + /* This user's corresponding + * seuser ("role set") */ + char *sename; + + /* This user's mls range (only required for mls) */ + char *mls_range; +}; + +struct semanage_seuser_key { + /* This user's name */ + const char *name; +}; + +int semanage_seuser_key_create(semanage_handle_t * handle, + const char *name, + semanage_seuser_key_t ** key_ptr) +{ + + semanage_seuser_key_t *tmp_key = (semanage_seuser_key_t *) + malloc(sizeof(semanage_seuser_key_t)); + + if (!tmp_key) { + ERR(handle, "out of memory, could not create seuser key"); + return STATUS_ERR; + } + tmp_key->name = name; + + *key_ptr = tmp_key; + return STATUS_SUCCESS; +} + +hidden_def(semanage_seuser_key_create) + +int semanage_seuser_key_extract(semanage_handle_t * handle, + const semanage_seuser_t * seuser, + semanage_seuser_key_t ** key_ptr) +{ + + if (semanage_seuser_key_create(handle, seuser->name, key_ptr) < 0) + goto err; + + return STATUS_SUCCESS; + + err: + ERR(handle, "could not extract seuser key from record"); + return STATUS_ERR; +} + +hidden_def(semanage_seuser_key_extract) + +void semanage_seuser_key_free(semanage_seuser_key_t * key) +{ + + free(key); +} + +hidden_def(semanage_seuser_key_free) + +int semanage_seuser_compare(const semanage_seuser_t * seuser, + const semanage_seuser_key_t * key) +{ + + return strcmp(seuser->name, key->name); +} + +hidden_def(semanage_seuser_compare) + +int semanage_seuser_compare2(const semanage_seuser_t * seuser, + const semanage_seuser_t * seuser2) +{ + + return strcmp(seuser->name, seuser2->name); +} + +hidden_def(semanage_seuser_compare2) + +static int semanage_seuser_compare2_qsort(const semanage_seuser_t ** seuser, + const semanage_seuser_t ** seuser2) +{ + + return strcmp((*seuser)->name, (*seuser2)->name); +} + +/* Name */ +const char *semanage_seuser_get_name(const semanage_seuser_t * seuser) +{ + + return seuser->name; +} + +hidden_def(semanage_seuser_get_name) + +int semanage_seuser_set_name(semanage_handle_t * handle, + semanage_seuser_t * seuser, const char *name) +{ + + char *tmp_name = strdup(name); + if (!tmp_name) { + ERR(handle, "out of memory, could not set seuser (Unix) name"); + return STATUS_ERR; + } + free(seuser->name); + seuser->name = tmp_name; + return STATUS_SUCCESS; +} + +hidden_def(semanage_seuser_set_name) + +/* Selinux Name */ +const char *semanage_seuser_get_sename(const semanage_seuser_t * seuser) +{ + + return seuser->sename; +} + +hidden_def(semanage_seuser_get_sename) + +int semanage_seuser_set_sename(semanage_handle_t * handle, + semanage_seuser_t * seuser, const char *sename) +{ + + char *tmp_sename = strdup(sename); + if (!tmp_sename) { + ERR(handle, + "out of memory, could not set seuser (SELinux) name"); + return STATUS_ERR; + } + free(seuser->sename); + seuser->sename = tmp_sename; + return STATUS_SUCCESS; +} + +hidden_def(semanage_seuser_set_sename) + +/* MLS Range */ +const char *semanage_seuser_get_mlsrange(const semanage_seuser_t * seuser) +{ + + return seuser->mls_range; +} + +hidden_def(semanage_seuser_get_mlsrange) + +int semanage_seuser_set_mlsrange(semanage_handle_t * handle, + semanage_seuser_t * seuser, + const char *mls_range) +{ + + char *tmp_mls_range = strdup(mls_range); + if (!tmp_mls_range) { + ERR(handle, "out of memory, could not set seuser MLS range"); + return STATUS_ERR; + } + free(seuser->mls_range); + seuser->mls_range = tmp_mls_range; + return STATUS_SUCCESS; +} + +hidden_def(semanage_seuser_set_mlsrange) + +/* Create */ +int semanage_seuser_create(semanage_handle_t * handle, + semanage_seuser_t ** seuser_ptr) +{ + + semanage_seuser_t *seuser = + (semanage_seuser_t *) malloc(sizeof(semanage_seuser_t)); + + if (!seuser) { + ERR(handle, "out of memory, could not create seuser"); + return STATUS_ERR; + } + + seuser->name = NULL; + seuser->sename = NULL; + seuser->mls_range = NULL; + + *seuser_ptr = seuser; + return STATUS_SUCCESS; +} + +hidden_def(semanage_seuser_create) + +/* Deep copy clone */ +int semanage_seuser_clone(semanage_handle_t * handle, + const semanage_seuser_t * seuser, + semanage_seuser_t ** seuser_ptr) +{ + + semanage_seuser_t *new_seuser = NULL; + + if (semanage_seuser_create(handle, &new_seuser) < 0) + goto err; + + if (semanage_seuser_set_name(handle, new_seuser, seuser->name) < 0) + goto err; + + if (semanage_seuser_set_sename(handle, new_seuser, seuser->sename) < 0) + goto err; + + if (seuser->mls_range && + (semanage_seuser_set_mlsrange(handle, new_seuser, seuser->mls_range) + < 0)) + goto err; + + *seuser_ptr = new_seuser; + return STATUS_SUCCESS; + + err: + ERR(handle, "could not clone seuser"); + semanage_seuser_free(new_seuser); + return STATUS_ERR; +} + +hidden_def(semanage_seuser_clone) + +/* Destroy */ +void semanage_seuser_free(semanage_seuser_t * seuser) +{ + + if (!seuser) + return; + + free(seuser->name); + free(seuser->sename); + free(seuser->mls_range); + free(seuser); +} + +hidden_def(semanage_seuser_free) + +/* Record base functions */ +record_table_t SEMANAGE_SEUSER_RTABLE = { + .create = semanage_seuser_create, + .key_extract = semanage_seuser_key_extract, + .key_free = semanage_seuser_key_free, + .clone = semanage_seuser_clone, + .compare = semanage_seuser_compare, + .compare2 = semanage_seuser_compare2, + .compare2_qsort = semanage_seuser_compare2_qsort, + .free = semanage_seuser_free, +}; diff --git a/libsemanage/src/seusers_file.c b/libsemanage/src/seusers_file.c new file mode 100644 index 00000000..b5c80752 --- /dev/null +++ b/libsemanage/src/seusers_file.c @@ -0,0 +1,135 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_seuser; +struct semanage_seuser_key; +typedef struct semanage_seuser record_t; +typedef struct semanage_seuser_key record_key_t; +#define DBASE_RECORD_DEFINED + +struct dbase_file; +typedef struct dbase_file dbase_t; +#define DBASE_DEFINED + +#include <stdlib.h> +#include <stdio.h> + +#include "seuser_internal.h" +#include "database_file.h" +#include "parse_utils.h" +#include "debug.h" +#include "handle.h" + +static int seuser_print(semanage_handle_t * handle, + semanage_seuser_t * seuser, FILE * str) +{ + + const char *name = semanage_seuser_get_name(seuser); + const char *sename = semanage_seuser_get_sename(seuser); + const char *mls = semanage_seuser_get_mlsrange(seuser); + + if (fprintf(str, "%s:%s", name, sename) < 0) + goto err; + + if (mls != NULL && fprintf(str, ":%s", mls) < 0) + goto err; + + fprintf(str, "\n"); + return STATUS_SUCCESS; + + err: + ERR(handle, "could not print seuser %s to stream", name); + return STATUS_ERR; +} + +static int seuser_parse(semanage_handle_t * handle, + parse_info_t * info, semanage_seuser_t * seuser) +{ + + char *str = NULL; + + if (parse_skip_space(handle, info) < 0) + goto err; + if (!info->ptr) + goto last; + + /* Extract name */ + if (parse_fetch_string(handle, info, &str, ':') < 0) + goto err; + if (semanage_seuser_set_name(handle, seuser, str) < 0) + goto err; + free(str); + str = NULL; + + if (parse_skip_space(handle, info) < 0) + goto err; + if (parse_assert_ch(handle, info, ':') < 0) + goto err; + if (parse_skip_space(handle, info) < 0) + goto err; + + /* Extract sename */ + if (parse_fetch_string(handle, info, &str, ':') < 0) + goto err; + if (semanage_seuser_set_sename(handle, seuser, str) < 0) + goto err; + free(str); + str = NULL; + + if (parse_skip_space(handle, info) < 0) + goto err; + if (parse_optional_ch(info, ':') == STATUS_NODATA) + goto out; + if (parse_skip_space(handle, info) < 0) + goto err; + + /* NOTE: does not allow spaces/multiline */ + if (parse_fetch_string(handle, info, &str, ' ') < 0) + goto err; + + if (semanage_seuser_set_mlsrange(handle, seuser, str) < 0) + goto err; + free(str); + str = NULL; + + if (parse_assert_space(handle, info) < 0) + goto err; + + out: + return STATUS_SUCCESS; + + last: + parse_dispose_line(info); + return STATUS_NODATA; + + err: + ERR(handle, "could not parse seuser record"); + free(str); + parse_dispose_line(info); + return STATUS_ERR; +} + +/* SEUSER RECORD: FILE extension: method table */ +record_file_table_t SEMANAGE_SEUSER_FILE_RTABLE = { + .parse = seuser_parse, + .print = seuser_print, +}; + +int seuser_file_dbase_init(semanage_handle_t * handle, + const char *fname, dbase_config_t * dconfig) +{ + + if (dbase_file_init(handle, + fname, + &SEMANAGE_SEUSER_RTABLE, + &SEMANAGE_SEUSER_FILE_RTABLE, &dconfig->dbase) < 0) + return STATUS_ERR; + + dconfig->dtable = &SEMANAGE_FILE_DTABLE; + return STATUS_SUCCESS; +} + +void seuser_file_dbase_release(dbase_config_t * dconfig) +{ + + dbase_file_release(dconfig->dbase); +} diff --git a/libsemanage/src/seusers_local.c b/libsemanage/src/seusers_local.c new file mode 100644 index 00000000..e7cf12cd --- /dev/null +++ b/libsemanage/src/seusers_local.c @@ -0,0 +1,175 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_seuser; +struct semanage_seuser_key; +typedef struct semanage_seuser_key record_key_t; +typedef struct semanage_seuser record_t; +#define DBASE_RECORD_DEFINED + +#include <sepol/policydb.h> +#include <sepol/context.h> +#include "user_internal.h" +#include "seuser_internal.h" +#include "handle.h" +#include "database.h" +#include "debug.h" + +int semanage_seuser_modify_local(semanage_handle_t * handle, + const semanage_seuser_key_t * key, + const semanage_seuser_t * data) +{ + + dbase_config_t *dconfig = semanage_seuser_dbase_local(handle); + return dbase_modify(handle, dconfig, key, data); +} + +int semanage_seuser_del_local(semanage_handle_t * handle, + const semanage_seuser_key_t * key) +{ + + dbase_config_t *dconfig = semanage_seuser_dbase_local(handle); + return dbase_del(handle, dconfig, key); +} + +int semanage_seuser_query_local(semanage_handle_t * handle, + const semanage_seuser_key_t * key, + semanage_seuser_t ** response) +{ + + dbase_config_t *dconfig = semanage_seuser_dbase_local(handle); + return dbase_query(handle, dconfig, key, response); +} + +int semanage_seuser_exists_local(semanage_handle_t * handle, + const semanage_seuser_key_t * key, + int *response) +{ + + dbase_config_t *dconfig = semanage_seuser_dbase_local(handle); + return dbase_exists(handle, dconfig, key, response); +} + +int semanage_seuser_count_local(semanage_handle_t * handle, + unsigned int *response) +{ + + dbase_config_t *dconfig = semanage_seuser_dbase_local(handle); + return dbase_count(handle, dconfig, response); +} + +int semanage_seuser_iterate_local(semanage_handle_t * handle, + int (*handler) (const semanage_seuser_t * + record, void *varg), + void *handler_arg) +{ + + dbase_config_t *dconfig = semanage_seuser_dbase_local(handle); + return dbase_iterate(handle, dconfig, handler, handler_arg); +} + +hidden_def(semanage_seuser_iterate_local) + +int semanage_seuser_list_local(semanage_handle_t * handle, + semanage_seuser_t *** records, + unsigned int *count) +{ + + dbase_config_t *dconfig = semanage_seuser_dbase_local(handle); + return dbase_list(handle, dconfig, records, count); +} + +struct validate_handler_arg { + semanage_handle_t *handle; + const sepol_policydb_t *policydb; +}; + +static int validate_handler(const semanage_seuser_t * seuser, void *varg) +{ + + semanage_user_t *user = NULL; + semanage_user_key_t *key = NULL; + int exists, mls_ok; + + /* Unpack varg */ + struct validate_handler_arg *arg = (struct validate_handler_arg *)varg; + semanage_handle_t *handle = arg->handle; + const sepol_policydb_t *policydb = arg->policydb; + + /* Unpack seuser */ + const char *name = semanage_seuser_get_name(seuser); + const char *sename = semanage_seuser_get_sename(seuser); + const char *mls_range = semanage_seuser_get_mlsrange(seuser); + const char *user_mls_range; + + /* Make sure the (SElinux) user exists */ + if (semanage_user_key_create(handle, sename, &key) < 0) + goto err; + if (semanage_user_exists(handle, key, &exists) < 0) + goto err; + if (!exists) { + ERR(handle, "selinux user %s does not exist", sename); + goto invalid; + } + + /* Verify that the mls range is valid, and that it's contained + * within the (SELinux) user mls range. This range is optional */ + if (mls_range && sepol_policydb_mls_enabled(policydb)) { + + if (semanage_user_query(handle, key, &user) < 0) + goto err; + user_mls_range = semanage_user_get_mlsrange(user); + + if (sepol_mls_check(handle->sepolh, policydb, mls_range) < 0) + goto invalid; + if (sepol_mls_contains(handle->sepolh, policydb, + user_mls_range, mls_range, &mls_ok) < 0) + goto err; + + if (!mls_ok) { + ERR(handle, "MLS range %s for Unix user %s " + "exceeds allowed range %s for SELinux user %s", + mls_range, name, user_mls_range, sename); + goto invalid; + } + + } else if (mls_range) { + ERR(handle, "MLS is disabled, but MLS range %s " + "was found for Unix user %s", mls_range, name); + goto invalid; + } + + semanage_user_key_free(key); + semanage_user_free(user); + return 0; + + err: + ERR(handle, "could not check if seuser mapping for %s is valid", name); + semanage_user_key_free(key); + semanage_user_free(user); + return -1; + + invalid: + if (mls_range) + ERR(handle, "seuser mapping [%s -> (%s, %s)] is invalid", + name, sename, mls_range); + else + ERR(handle, "seuser mapping [%s -> %s] is invalid", + name, sename); + semanage_user_key_free(key); + semanage_user_free(user); + return -1; +} + +/* This function may not be called outside a transaction, or + * it will (1) deadlock, because iterate is not reentrant outside + * a transaction, and (2) be racy, because it makes multiple dbase calls */ + +int hidden semanage_seuser_validate_local(semanage_handle_t * handle, + const sepol_policydb_t * policydb) +{ + + struct validate_handler_arg arg; + arg.handle = handle; + arg.policydb = policydb; + return semanage_seuser_iterate_local(handle, validate_handler, &arg); +} diff --git a/libsemanage/src/seusers_policy.c b/libsemanage/src/seusers_policy.c new file mode 100644 index 00000000..89fb4d8f --- /dev/null +++ b/libsemanage/src/seusers_policy.c @@ -0,0 +1,58 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_seuser; +struct semanage_seuser_key; +typedef struct semanage_seuser_key record_key_t; +typedef struct semanage_seuser record_t; +#define DBASE_RECORD_DEFINED + +#include <sepol/policydb.h> +#include <sepol/context.h> +#include "user_internal.h" +#include "seuser_internal.h" +#include "handle.h" +#include "database.h" +#include "debug.h" + +int semanage_seuser_query(semanage_handle_t * handle, + const semanage_seuser_key_t * key, + semanage_seuser_t ** response) +{ + + dbase_config_t *dconfig = semanage_seuser_dbase_policy(handle); + return dbase_query(handle, dconfig, key, response); +} + +int semanage_seuser_exists(semanage_handle_t * handle, + const semanage_seuser_key_t * key, int *response) +{ + + dbase_config_t *dconfig = semanage_seuser_dbase_policy(handle); + return dbase_exists(handle, dconfig, key, response); +} + +int semanage_seuser_count(semanage_handle_t * handle, unsigned int *response) +{ + + dbase_config_t *dconfig = semanage_seuser_dbase_policy(handle); + return dbase_count(handle, dconfig, response); +} + +int semanage_seuser_iterate(semanage_handle_t * handle, + int (*handler) (const semanage_seuser_t * record, + void *varg), void *handler_arg) +{ + + dbase_config_t *dconfig = semanage_seuser_dbase_policy(handle); + return dbase_iterate(handle, dconfig, handler, handler_arg); +} + +hidden_def(semanage_seuser_iterate) + +int semanage_seuser_list(semanage_handle_t * handle, + semanage_seuser_t *** records, unsigned int *count) +{ + + dbase_config_t *dconfig = semanage_seuser_dbase_policy(handle); + return dbase_list(handle, dconfig, records, count); +} diff --git a/libsemanage/src/user_base_record.c b/libsemanage/src/user_base_record.c new file mode 100644 index 00000000..7dfa8c6b --- /dev/null +++ b/libsemanage/src/user_base_record.c @@ -0,0 +1,184 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +/* Object: semanage_user_base_t (SELinux User/Class Policy Object) + * Object: semanage_user_key_t (SELinux User/Class Key) + * Implements: record_t (Database Record) + * Implements: record_key_t (Database Record Key) + */ + +#include <sepol/user_record.h> + +typedef sepol_user_key_t semanage_user_key_t; +#define _SEMANAGE_USER_KEY_DEFINED_ + +typedef sepol_user_t semanage_user_base_t; +#define _SEMANAGE_USER_BASE_DEFINED_ + +typedef semanage_user_base_t record_t; +typedef semanage_user_key_t record_key_t; +#define DBASE_RECORD_DEFINED + +#include <stdlib.h> +#include "user_internal.h" +#include "handle.h" +#include "database.h" +#include "debug.h" + +/* Key */ +hidden int semanage_user_base_key_extract(semanage_handle_t * handle, + const semanage_user_base_t * user, + semanage_user_key_t ** key) +{ + + return sepol_user_key_extract(handle->sepolh, user, key); +} + +static int semanage_user_base_compare(const semanage_user_base_t * user, + const semanage_user_key_t * key) +{ + + return sepol_user_compare(user, key); +} + +static int semanage_user_base_compare2(const semanage_user_base_t * user, + const semanage_user_base_t * user2) +{ + + return sepol_user_compare2(user, user2); +} + +static int semanage_user_base_compare2_qsort(const semanage_user_base_t ** user, + const semanage_user_base_t ** + user2) +{ + + return sepol_user_compare2(*user, *user2); +} + +/* Name */ +hidden const char *semanage_user_base_get_name(const semanage_user_base_t * + user) +{ + + return sepol_user_get_name(user); +} + +hidden int semanage_user_base_set_name(semanage_handle_t * handle, + semanage_user_base_t * user, + const char *name) +{ + + return sepol_user_set_name(handle->sepolh, user, name); +} + +/* MLS */ +hidden const char *semanage_user_base_get_mlslevel(const semanage_user_base_t * + user) +{ + + return sepol_user_get_mlslevel(user); +} + +hidden int semanage_user_base_set_mlslevel(semanage_handle_t * handle, + semanage_user_base_t * user, + const char *mls_level) +{ + + return sepol_user_set_mlslevel(handle->sepolh, user, mls_level); +} + +hidden const char *semanage_user_base_get_mlsrange(const semanage_user_base_t * + user) +{ + + return sepol_user_get_mlsrange(user); +} + +hidden int semanage_user_base_set_mlsrange(semanage_handle_t * handle, + semanage_user_base_t * user, + const char *mls_range) +{ + + return sepol_user_set_mlsrange(handle->sepolh, user, mls_range); +} + +/* Role management */ +hidden int semanage_user_base_get_num_roles(const semanage_user_base_t * user) +{ + + return sepol_user_get_num_roles(user); +} + +hidden int semanage_user_base_add_role(semanage_handle_t * handle, + semanage_user_base_t * user, + const char *role) +{ + + return sepol_user_add_role(handle->sepolh, user, role); +} + +hidden void semanage_user_base_del_role(semanage_user_base_t * user, + const char *role) +{ + + sepol_user_del_role(user, role); +} + +hidden int semanage_user_base_has_role(const semanage_user_base_t * user, + const char *role) +{ + + return sepol_user_has_role(user, role); +} + +hidden int semanage_user_base_get_roles(semanage_handle_t * handle, + const semanage_user_base_t * user, + const char ***roles_arr, + unsigned int *num_roles) +{ + + return sepol_user_get_roles(handle->sepolh, user, roles_arr, num_roles); +} + +hidden int semanage_user_base_set_roles(semanage_handle_t * handle, + semanage_user_base_t * user, + const char **roles_arr, + unsigned int num_roles) +{ + + return sepol_user_set_roles(handle->sepolh, user, roles_arr, num_roles); +} + +/* Create/Clone/Destroy */ +hidden int semanage_user_base_create(semanage_handle_t * handle, + semanage_user_base_t ** user_ptr) +{ + + return sepol_user_create(handle->sepolh, user_ptr); +} + +hidden int semanage_user_base_clone(semanage_handle_t * handle, + const semanage_user_base_t * user, + semanage_user_base_t ** user_ptr) +{ + + return sepol_user_clone(handle->sepolh, user, user_ptr); +} + +hidden void semanage_user_base_free(semanage_user_base_t * user) +{ + + sepol_user_free(user); +} + +/* Record base functions */ +record_table_t SEMANAGE_USER_BASE_RTABLE = { + .create = semanage_user_base_create, + .key_extract = semanage_user_base_key_extract, + .key_free = semanage_user_key_free, + .clone = semanage_user_base_clone, + .compare = semanage_user_base_compare, + .compare2 = semanage_user_base_compare2, + .compare2_qsort = semanage_user_base_compare2_qsort, + .free = semanage_user_base_free, +}; diff --git a/libsemanage/src/user_extra_record.c b/libsemanage/src/user_extra_record.c new file mode 100644 index 00000000..efb9c5bf --- /dev/null +++ b/libsemanage/src/user_extra_record.c @@ -0,0 +1,197 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +/* Object: semanage_user_extra_t (SELinux User/Class Extra Data) + * Object: semanage_user_extra_key_t (SELinux User/Class Key) + * Implements: record_t (Database Record) + * Implements: record_key_t (Database Record Key) + */ + +#include <sepol/user_record.h> + +typedef sepol_user_key_t semanage_user_key_t; +#define _SEMANAGE_USER_KEY_DEFINED_ + +struct semanage_user_extra; +typedef struct semanage_user_extra record_t; +typedef semanage_user_key_t record_key_t; +#define DBASE_RECORD_DEFINED + +#include <semanage/handle.h> +#include <stdlib.h> +#include <string.h> +#include "user_internal.h" +#include "debug.h" +#include "database.h" + +struct semanage_user_extra { + /* This user's name */ + char *name; + + /* Labeling prefix */ + char *prefix; +}; + +static int semanage_user_extra_key_extract(semanage_handle_t * handle, + const semanage_user_extra_t * + user_extra, + semanage_user_key_t ** key_ptr) +{ + + if (semanage_user_key_create(handle, user_extra->name, key_ptr) < 0) + goto err; + + return STATUS_SUCCESS; + + err: + ERR(handle, "could not extract key from user extra record"); + return STATUS_ERR; +} + +static int semanage_user_extra_compare(const semanage_user_extra_t * user_extra, + const semanage_user_key_t * key) +{ + + const char *name; + semanage_user_key_unpack(key, &name); + + return strcmp(user_extra->name, name); +} + +static int semanage_user_extra_compare2(const semanage_user_extra_t * + user_extra, + const semanage_user_extra_t * + user_extra2) +{ + + return strcmp(user_extra->name, user_extra2->name); +} + +static int semanage_user_extra_compare2_qsort(const semanage_user_extra_t ** + user_extra, + const semanage_user_extra_t ** + user_extra2) +{ + + return strcmp((*user_extra)->name, (*user_extra2)->name); +} + +/* Name */ +hidden const char *semanage_user_extra_get_name(const semanage_user_extra_t * + user_extra) +{ + + return user_extra->name; +} + +hidden int semanage_user_extra_set_name(semanage_handle_t * handle, + semanage_user_extra_t * user_extra, + const char *name) +{ + + char *tmp_name = strdup(name); + if (!tmp_name) { + ERR(handle, "out of memory, could not set name %s " + "for user extra data", name); + return STATUS_ERR; + } + free(user_extra->name); + user_extra->name = tmp_name; + return STATUS_SUCCESS; +} + +/* Labeling prefix */ +hidden const char *semanage_user_extra_get_prefix(const semanage_user_extra_t * + user_extra) +{ + + return user_extra->prefix; +} + +hidden int semanage_user_extra_set_prefix(semanage_handle_t * handle, + semanage_user_extra_t * user_extra, + const char *prefix) +{ + + char *tmp_prefix = strdup(prefix); + if (!tmp_prefix) { + ERR(handle, "out of memory, could not set prefix %s " + "for user %s", prefix, user_extra->name); + return STATUS_ERR; + } + free(user_extra->prefix); + user_extra->prefix = tmp_prefix; + return STATUS_SUCCESS; +} + +/* Create */ +hidden int semanage_user_extra_create(semanage_handle_t * handle, + semanage_user_extra_t ** user_extra_ptr) +{ + + semanage_user_extra_t *user_extra = + (semanage_user_extra_t *) malloc(sizeof(semanage_user_extra_t)); + + if (!user_extra) { + ERR(handle, "out of memory, could not " + "create user extra data record"); + return STATUS_ERR; + } + + user_extra->name = NULL; + user_extra->prefix = NULL; + + *user_extra_ptr = user_extra; + return STATUS_SUCCESS; +} + +/* Destroy */ +hidden void semanage_user_extra_free(semanage_user_extra_t * user_extra) +{ + + if (!user_extra) + return; + + free(user_extra->name); + free(user_extra->prefix); + free(user_extra); +} + +/* Deep copy clone */ +hidden int semanage_user_extra_clone(semanage_handle_t * handle, + const semanage_user_extra_t * user_extra, + semanage_user_extra_t ** user_extra_ptr) +{ + + semanage_user_extra_t *new_user_extra = NULL; + + if (semanage_user_extra_create(handle, &new_user_extra) < 0) + goto err; + + if (semanage_user_extra_set_name + (handle, new_user_extra, user_extra->name) < 0) + goto err; + + if (semanage_user_extra_set_prefix + (handle, new_user_extra, user_extra->prefix) < 0) + goto err; + + *user_extra_ptr = new_user_extra; + return STATUS_SUCCESS; + + err: + ERR(handle, "could not clone extra data for user %s", user_extra->name); + semanage_user_extra_free(new_user_extra); + return STATUS_ERR; +} + +/* Record base functions */ +record_table_t SEMANAGE_USER_EXTRA_RTABLE = { + .create = semanage_user_extra_create, + .key_extract = semanage_user_extra_key_extract, + .key_free = semanage_user_key_free, + .clone = semanage_user_extra_clone, + .compare = semanage_user_extra_compare, + .compare2 = semanage_user_extra_compare2, + .compare2_qsort = semanage_user_extra_compare2_qsort, + .free = semanage_user_extra_free, +}; diff --git a/libsemanage/src/user_internal.h b/libsemanage/src/user_internal.h new file mode 100644 index 00000000..5c86418f --- /dev/null +++ b/libsemanage/src/user_internal.h @@ -0,0 +1,175 @@ +#ifndef _SEMANAGE_USER_INTERNAL_H_ +#define _SEMANAGE_USER_INTERNAL_H_ + +#include <sepol/user_record.h> +#include <semanage/user_record.h> +#include <semanage/users_local.h> +#include <semanage/users_policy.h> +#include "database.h" +#include "handle.h" +#include "dso.h" + +hidden_proto(semanage_user_add_role) + hidden_proto(semanage_user_clone) + hidden_proto(semanage_user_compare) + hidden_proto(semanage_user_compare2) + hidden_proto(semanage_user_create) + hidden_proto(semanage_user_free) + hidden_proto(semanage_user_get_mlslevel) + hidden_proto(semanage_user_get_mlsrange) + hidden_proto(semanage_user_get_name) + hidden_proto(semanage_user_get_roles) + hidden_proto(semanage_user_key_create) + hidden_proto(semanage_user_key_extract) + hidden_proto(semanage_user_key_free) + hidden_proto(semanage_user_set_mlslevel) + hidden_proto(semanage_user_set_mlsrange) + hidden_proto(semanage_user_set_name) + hidden_proto(semanage_user_exists) + hidden_proto(semanage_user_query) + +/* USER record: metod table */ +extern record_table_t SEMANAGE_USER_RTABLE; + +/* USER BASE record: method table */ +extern record_table_t SEMANAGE_USER_BASE_RTABLE; + +/* USER EXTRA record: method table */ +extern record_table_t SEMANAGE_USER_EXTRA_RTABLE; + +/* ============ Init/Release functions ========== */ + +/* USER BASE record, FILE backend */ +extern int user_base_file_dbase_init(semanage_handle_t * handle, + const char *fname, + dbase_config_t * dconfig); + +extern void user_base_file_dbase_release(dbase_config_t * dconfig); + +/* USER EXTRA record, FILE backend */ +extern int user_extra_file_dbase_init(semanage_handle_t * handle, + const char *fname, + dbase_config_t * dconfig); + +extern void user_extra_file_dbase_release(dbase_config_t * dconfig); + +/* USER BASE record, POLICYDB backend */ +extern int user_base_policydb_dbase_init(semanage_handle_t * handle, + dbase_config_t * dconfig); + +extern void user_base_policydb_dbase_release(dbase_config_t * dconfig); + +/* USER record, JOIN backend */ +extern int user_join_dbase_init(semanage_handle_t * handle, + dbase_config_t * join1, + dbase_config_t * join2, + dbase_config_t * dconfig); + +extern void user_join_dbase_release(dbase_config_t * dconfig); + +/*======= Internal API: Base (Policy) User record ====== */ + +#ifndef _SEMANAGE_USER_BASE_DEFINED_ +struct semanage_user_base; +typedef struct semanage_user_base semanage_user_base_t; +#define _SEMANAGE_USER_BASE_DEFINED_ +#endif + +hidden int semanage_user_base_create(semanage_handle_t * handle, + semanage_user_base_t ** user_ptr); + +hidden int semanage_user_base_clone(semanage_handle_t * handle, + const semanage_user_base_t * user, + semanage_user_base_t ** user_ptr); + +hidden int semanage_user_base_key_extract(semanage_handle_t * handle, + const semanage_user_base_t * user, + semanage_user_key_t ** key); + +hidden const char *semanage_user_base_get_name(const semanage_user_base_t * + user); + +hidden int semanage_user_base_set_name(semanage_handle_t * handle, + semanage_user_base_t * user, + const char *name); + +hidden const char *semanage_user_base_get_mlslevel(const semanage_user_base_t * + user); + +hidden int semanage_user_base_set_mlslevel(semanage_handle_t * handle, + semanage_user_base_t * user, + const char *mls_level); + +hidden const char *semanage_user_base_get_mlsrange(const semanage_user_base_t * + user); + +hidden int semanage_user_base_set_mlsrange(semanage_handle_t * handle, + semanage_user_base_t * user, + const char *mls_range); + +hidden int semanage_user_base_get_num_roles(const semanage_user_base_t * user); + +hidden int semanage_user_base_add_role(semanage_handle_t * handle, + semanage_user_base_t * user, + const char *role); + +hidden void semanage_user_base_del_role(semanage_user_base_t * user, + const char *role); + +hidden int semanage_user_base_has_role(const semanage_user_base_t * user, + const char *role); + +hidden int semanage_user_base_get_roles(semanage_handle_t * handle, + const semanage_user_base_t * user, + const char ***roles_arr, + unsigned int *num_roles); + +hidden int semanage_user_base_set_roles(semanage_handle_t * handle, + semanage_user_base_t * user, + const char **roles_arr, + unsigned int num_roles); + +hidden void semanage_user_base_free(semanage_user_base_t * user); + +/*=========== Internal API: Extra User record ==========*/ +struct semanage_user_extra; +typedef struct semanage_user_extra semanage_user_extra_t; + +hidden int semanage_user_extra_create(semanage_handle_t * handle, + semanage_user_extra_t ** user_extra_ptr); + +hidden int semanage_user_extra_clone(semanage_handle_t * handle, + const semanage_user_extra_t * user_extra, + semanage_user_extra_t ** user_extra_ptr); + +hidden const char *semanage_user_extra_get_name(const semanage_user_extra_t * + user_extra); + +hidden int semanage_user_extra_set_name(semanage_handle_t * handle, + semanage_user_extra_t * user_extra, + const char *name); + +hidden const char *semanage_user_extra_get_prefix(const semanage_user_extra_t * + user_extra); + +hidden int semanage_user_extra_set_prefix(semanage_handle_t * handle, + semanage_user_extra_t * user_extra, + const char *prefix); + +hidden void semanage_user_extra_free(semanage_user_extra_t * user_extra); + +/*======== Internal API: Join record ========== */ +hidden void semanage_user_key_unpack(const semanage_user_key_t * key, + const char **name); + +hidden int semanage_user_join(semanage_handle_t * handle, + const semanage_user_base_t * record1, + const semanage_user_extra_t * record2, + semanage_user_t ** result); + +hidden int semanage_user_split(semanage_handle_t * handle, + const semanage_user_t * record, + semanage_user_base_t ** split1, + semanage_user_extra_t ** split2); + +#endif diff --git a/libsemanage/src/user_record.c b/libsemanage/src/user_record.c new file mode 100644 index 00000000..45239250 --- /dev/null +++ b/libsemanage/src/user_record.c @@ -0,0 +1,410 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +/* Object: semanage_user_t (SELinux User/Class) + * Object: semanage_user_key_t (SELinux User/Class Key) + * Implements: record_t (Database Record) + * Implements: record_key_t (Database Record Key) + */ + +#include <sepol/user_record.h> + +typedef sepol_user_key_t semanage_user_key_t; +#define _SEMANAGE_USER_KEY_DEFINED_ + +struct semanage_user; +typedef struct semanage_user record_t; +typedef semanage_user_key_t record_key_t; +#define DBASE_RECORD_DEFINED + +#include <stdlib.h> +#include <string.h> +#include "user_internal.h" +#include "handle.h" +#include "database.h" +#include "debug.h" + +struct semanage_user { + char *name; + semanage_user_base_t *base; + semanage_user_extra_t *extra; +}; + +/* Key */ +int semanage_user_key_create(semanage_handle_t * handle, + const char *name, semanage_user_key_t ** key) +{ + + return sepol_user_key_create(handle->sepolh, name, key); +} + +hidden_def(semanage_user_key_create) + +int semanage_user_key_extract(semanage_handle_t * handle, + const semanage_user_t * user, + semanage_user_key_t ** key) +{ + + return semanage_user_base_key_extract(handle, user->base, key); +} + +hidden_def(semanage_user_key_extract) + +void semanage_user_key_free(semanage_user_key_t * key) +{ + + sepol_user_key_free(key); +} + +hidden_def(semanage_user_key_free) + +hidden void semanage_user_key_unpack(const semanage_user_key_t * key, + const char **name) +{ + + sepol_user_key_unpack(key, name); +} + +int semanage_user_compare(const semanage_user_t * user, + const semanage_user_key_t * key) +{ + + const char *name; + sepol_user_key_unpack(key, &name); + return strcmp(user->name, name); +} + +hidden_def(semanage_user_compare) + +int semanage_user_compare2(const semanage_user_t * user, + const semanage_user_t * user2) +{ + + return strcmp(user->name, user2->name); +} + +hidden_def(semanage_user_compare2) + +static int semanage_user_compare2_qsort(const semanage_user_t ** user, + const semanage_user_t ** user2) +{ + + return strcmp((*user)->name, (*user2)->name); +} + +/* Name */ +const char *semanage_user_get_name(const semanage_user_t * user) +{ + return user->name; +} + +hidden_def(semanage_user_get_name) + +int semanage_user_set_name(semanage_handle_t * handle, + semanage_user_t * user, const char *name) +{ + + char *tmp_name = strdup(name); + if (!tmp_name) + goto omem; + + if (semanage_user_base_set_name(handle, user->base, name) < 0) + goto err; + + if (semanage_user_extra_set_name(handle, user->extra, name) < 0) + goto err; + + free(user->name); + user->name = tmp_name; + return STATUS_SUCCESS; + + omem: + ERR(handle, "out of memory"); + + err: + ERR(handle, "could not set user name to %s", name); + free(tmp_name); + return STATUS_ERR; +} + +hidden_def(semanage_user_set_name) + +/* Labeling prefix */ +const char *semanage_user_get_prefix(const semanage_user_t * user) +{ + + return semanage_user_extra_get_prefix(user->extra); +} + +int semanage_user_set_prefix(semanage_handle_t * handle, + semanage_user_t * user, const char *name) +{ + + return semanage_user_extra_set_prefix(handle, user->extra, name); +} + +/* MLS */ +const char *semanage_user_get_mlslevel(const semanage_user_t * user) +{ + + return semanage_user_base_get_mlslevel(user->base); +} + +hidden_def(semanage_user_get_mlslevel) + +int semanage_user_set_mlslevel(semanage_handle_t * handle, + semanage_user_t * user, const char *mls_level) +{ + + return semanage_user_base_set_mlslevel(handle, user->base, mls_level); +} + +hidden_def(semanage_user_set_mlslevel) + +const char *semanage_user_get_mlsrange(const semanage_user_t * user) +{ + + return semanage_user_base_get_mlsrange(user->base); +} + +hidden_def(semanage_user_get_mlsrange) + +int semanage_user_set_mlsrange(semanage_handle_t * handle, + semanage_user_t * user, const char *mls_range) +{ + + return semanage_user_base_set_mlsrange(handle, user->base, mls_range); +} + +hidden_def(semanage_user_set_mlsrange) + +/* Role management */ +int semanage_user_get_num_roles(const semanage_user_t * user) +{ + + return semanage_user_base_get_num_roles(user->base); +} + +int semanage_user_add_role(semanage_handle_t * handle, + semanage_user_t * user, const char *role) +{ + + return semanage_user_base_add_role(handle, user->base, role); +} + +hidden_def(semanage_user_add_role) + +void semanage_user_del_role(semanage_user_t * user, const char *role) +{ + + semanage_user_base_del_role(user->base, role); +} + +int semanage_user_has_role(const semanage_user_t * user, const char *role) +{ + + return semanage_user_base_has_role(user->base, role); +} + +int semanage_user_get_roles(semanage_handle_t * handle, + const semanage_user_t * user, + const char ***roles_arr, unsigned int *num_roles) +{ + + return semanage_user_base_get_roles(handle, user->base, roles_arr, + num_roles); +} + +hidden_def(semanage_user_get_roles) + +int semanage_user_set_roles(semanage_handle_t * handle, + semanage_user_t * user, + const char **roles_arr, unsigned int num_roles) +{ + + return semanage_user_base_set_roles(handle, user->base, roles_arr, + num_roles); +} + +/* Create/Clone/Destroy */ +int semanage_user_create(semanage_handle_t * handle, + semanage_user_t ** user_ptr) +{ + + semanage_user_t *tmp_user = calloc(1, sizeof(semanage_user_t)); + if (!tmp_user) + goto omem; + + if (semanage_user_base_create(handle, &tmp_user->base) < 0) + goto err; + if (semanage_user_extra_create(handle, &tmp_user->extra) < 0) + goto err; + + /* Initialize the prefix for migration purposes */ + if (semanage_user_extra_set_prefix(handle, tmp_user->extra, "user") < 0) + goto err; + + *user_ptr = tmp_user; + return STATUS_SUCCESS; + + omem: + ERR(handle, "out of memory"); + + err: + ERR(handle, "could not create user record"); + semanage_user_free(tmp_user); + return STATUS_ERR; +} + +hidden_def(semanage_user_create) + +int semanage_user_clone(semanage_handle_t * handle, + const semanage_user_t * user, + semanage_user_t ** user_ptr) +{ + + semanage_user_t *tmp_user = calloc(1, sizeof(semanage_user_t)); + if (!tmp_user) + goto omem; + + /* Clone base and extra records */ + if (semanage_user_base_clone(handle, user->base, &tmp_user->base) < 0) + goto err; + if (semanage_user_extra_clone(handle, user->extra, &tmp_user->extra) < + 0) + goto err; + + /* Set the shared name */ + if (semanage_user_set_name(handle, tmp_user, user->name) < 0) + goto err; + + *user_ptr = tmp_user; + return STATUS_SUCCESS; + + omem: + ERR(handle, "out of memory"); + + err: + ERR(handle, "could not clone user record"); + semanage_user_free(tmp_user); + return STATUS_ERR; +} + +hidden_def(semanage_user_clone) + +void semanage_user_free(semanage_user_t * user) +{ + + if (!user) + return; + + semanage_user_base_free(user->base); + semanage_user_extra_free(user->extra); + free(user->name); + free(user); +} + +hidden_def(semanage_user_free) + +/* Join properties */ +hidden int semanage_user_join(semanage_handle_t * handle, + const semanage_user_base_t * record1, + const semanage_user_extra_t * record2, + semanage_user_t ** result) +{ + + const char *name; + semanage_user_t *tmp_user = calloc(1, sizeof(semanage_user_t)); + if (!tmp_user) + goto omem; + + /* Set the shared name from one of the records + * (at least one is available) */ + if (record1 == NULL) + name = semanage_user_extra_get_name(record2); + else + name = semanage_user_base_get_name(record1); + + /* Join base record if it exists, create a blank one otherwise */ + if (record1) { + if (semanage_user_base_clone(handle, record1, &tmp_user->base) < + 0) + goto err; + } else { + if (semanage_user_base_create(handle, &tmp_user->base) < 0) + goto err; + if (semanage_user_base_set_name(handle, tmp_user->base, name) < + 0) + goto err; + } + + /* Join extra record if it exists, create a blank one otherwise */ + if (record2) { + if (semanage_user_extra_clone(handle, record2, &tmp_user->extra) + < 0) + goto err; + } else { + if (semanage_user_extra_create(handle, &tmp_user->extra) < 0) + goto err; + if (semanage_user_extra_set_name(handle, tmp_user->extra, name) + < 0) + goto err; + if (semanage_user_extra_set_prefix + (handle, tmp_user->extra, "user") < 0) + goto err; + } + + if (semanage_user_set_name(handle, tmp_user, name) < 0) + goto err; + + *result = tmp_user; + return STATUS_SUCCESS; + + omem: + ERR(handle, "out of memory"); + + err: + ERR(handle, "could not join data records for user %s", + semanage_user_base_get_name(record1)); + semanage_user_free(tmp_user); + return STATUS_ERR; +} + +hidden int semanage_user_split(semanage_handle_t * handle, + const semanage_user_t * record, + semanage_user_base_t ** split1, + semanage_user_extra_t ** split2) +{ + + semanage_user_base_t *tmp_base_user = NULL; + semanage_user_extra_t *tmp_extra_user = NULL; + + if (semanage_user_base_clone(handle, record->base, &tmp_base_user) < 0) + goto err; + + if (semanage_user_extra_clone(handle, record->extra, &tmp_extra_user) < + 0) + goto err; + + *split1 = tmp_base_user; + *split2 = tmp_extra_user; + return STATUS_SUCCESS; + + err: + ERR(handle, "could not split data records for user %s", + semanage_user_get_name(record)); + semanage_user_base_free(tmp_base_user); + semanage_user_extra_free(tmp_extra_user); + return STATUS_ERR; +} + +/* Record base functions */ +record_table_t SEMANAGE_USER_RTABLE = { + .create = semanage_user_create, + .key_extract = semanage_user_key_extract, + .key_free = semanage_user_key_free, + .clone = semanage_user_clone, + .compare = semanage_user_compare, + .compare2 = semanage_user_compare2, + .compare2_qsort = semanage_user_compare2_qsort, + .free = semanage_user_free, +}; diff --git a/libsemanage/src/users_base_file.c b/libsemanage/src/users_base_file.c new file mode 100644 index 00000000..affde510 --- /dev/null +++ b/libsemanage/src/users_base_file.c @@ -0,0 +1,223 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_user_base; +struct semanage_user_key; +typedef struct semanage_user_base record_t; +typedef struct semanage_user_key record_key_t; +#define DBASE_RECORD_DEFINED + +struct dbase_file; +typedef struct dbase_file dbase_t; +#define DBASE_DEFINED + +#include <stdlib.h> +#include <stdio.h> +#include <ctype.h> +#include <string.h> +#include <semanage/handle.h> +#include "user_internal.h" +#include "database_file.h" +#include "parse_utils.h" +#include "debug.h" + +static int user_base_print(semanage_handle_t * handle, + semanage_user_base_t * user, FILE * str) +{ + + const char **roles = NULL; + unsigned int i, nroles; + + const char *name = semanage_user_base_get_name(user); + const char *mls_level = semanage_user_base_get_mlslevel(user); + const char *mls_range = semanage_user_base_get_mlsrange(user); + + if (fprintf(str, "user %s roles { ", name) < 0) + goto err; + + if (semanage_user_base_get_roles(handle, user, &roles, &nroles) < 0) + goto err; + + for (i = 0; i < nroles; i++) { + if (fprintf(str, "%s ", roles[i]) < 0) + goto err; + } + + if (fprintf(str, "} ") < 0) + goto err; + + /* MLS */ + if (mls_level != NULL && mls_range != NULL) + if (fprintf(str, "level %s range %s", mls_level, mls_range) < 0) + goto err; + + if (fprintf(str, ";\n") < 0) + goto err; + + free(roles); + return STATUS_SUCCESS; + + err: + free(roles); + ERR(handle, "could not print user %s to stream", name); + return STATUS_ERR; +} + +static int user_base_parse(semanage_handle_t * handle, + parse_info_t * info, semanage_user_base_t * user) +{ + + int islist = 0; + char *str = NULL; + char *start; + char *name_str = NULL; + + if (parse_skip_space(handle, info) < 0) + goto err; + if (!info->ptr) + goto last; + + /* Parse user header */ + if (parse_assert_str(handle, info, "user") < 0) + goto err; + if (parse_assert_space(handle, info) < 0) + goto err; + + /* Parse user name */ + if (parse_fetch_string(handle, info, &name_str, ' ') < 0) + goto err; + + if (semanage_user_base_set_name(handle, user, name_str) < 0) { + free(name_str); + goto err; + } + free(name_str); + + if (parse_assert_space(handle, info) < 0) + goto err; + if (parse_assert_str(handle, info, "roles") < 0) + goto err; + if (parse_assert_space(handle, info) < 0) + goto err; + + islist = (parse_optional_ch(info, '{') != STATUS_NODATA); + + /* For each role, loop */ + do { + char delim; + + if (parse_skip_space(handle, info) < 0) + goto err; + if (parse_assert_noeof(handle, info) < 0) + goto err; + + start = info->ptr; + while (*(info->ptr) && + *(info->ptr) != ';' && + *(info->ptr) != '}' && !isspace(*(info->ptr))) + info->ptr++; + + delim = *(info->ptr); + *(info->ptr)++ = '\0'; + + if (semanage_user_base_add_role(handle, user, start) < 0) + goto err; + + if (delim && !isspace(delim)) { + if (islist && delim == '}') + break; + else if (!islist && delim == ';') + goto skip_semicolon; + else + goto err; + } + + if (parse_skip_space(handle, info) < 0) + goto err; + if (parse_optional_ch(info, ';') != STATUS_NODATA) + goto skip_semicolon; + if (parse_optional_ch(info, '}') != STATUS_NODATA) + islist = 0; + + } while (islist); + + /* Handle mls */ + /* Parse level header */ + if (parse_skip_space(handle, info) < 0) + goto err; + if (parse_optional_str(info, "level") == STATUS_NODATA) + goto semicolon; + if (parse_assert_space(handle, info) < 0) + goto err; + + /* NOTE: does not allow spaces/multiline */ + if (parse_fetch_string(handle, info, &str, ' ') < 0) + goto err; + if (semanage_user_base_set_mlslevel(handle, user, str) < 0) + goto err; + free(str); + str = NULL; + + /* Parse range header */ + if (parse_assert_space(handle, info) < 0) + goto err; + if (parse_assert_str(handle, info, "range") < 0) + goto err; + if (parse_assert_space(handle, info) < 0) + goto err; + + /* NOTE: does not allow spaces/multiline */ + if (parse_fetch_string(handle, info, &str, ';') < 0) + goto err; + if (semanage_user_base_set_mlsrange(handle, user, str) < 0) + goto err; + + free(str); + str = NULL; + + /* Check for semicolon */ + semicolon: + if (parse_skip_space(handle, info) < 0) + goto err; + if (parse_assert_ch(handle, info, ';') < 0) + goto err; + + skip_semicolon: + return STATUS_SUCCESS; + + last: + parse_dispose_line(info); + return STATUS_NODATA; + + err: + ERR(handle, "could not parse user record"); + free(str); + parse_dispose_line(info); + return STATUS_ERR; +} + +/* USER BASE record: FILE extension: method table */ +record_file_table_t SEMANAGE_USER_BASE_FILE_RTABLE = { + .parse = user_base_parse, + .print = user_base_print, +}; + +int user_base_file_dbase_init(semanage_handle_t * handle, + const char *fname, dbase_config_t * dconfig) +{ + + if (dbase_file_init(handle, + fname, + &SEMANAGE_USER_BASE_RTABLE, + &SEMANAGE_USER_BASE_FILE_RTABLE, + &dconfig->dbase) < 0) + return STATUS_ERR; + + dconfig->dtable = &SEMANAGE_FILE_DTABLE; + return STATUS_SUCCESS; +} + +void user_base_file_dbase_release(dbase_config_t * dconfig) +{ + + dbase_file_release(dconfig->dbase); +} diff --git a/libsemanage/src/users_base_policydb.c b/libsemanage/src/users_base_policydb.c new file mode 100644 index 00000000..6bf6bb06 --- /dev/null +++ b/libsemanage/src/users_base_policydb.c @@ -0,0 +1,66 @@ +/* + * Copyright (C) 2006 Tresys Technology, LLC + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_user_base; +struct semanage_user_key; +typedef struct semanage_user_base record_t; +typedef struct semanage_user_key record_key_t; +#define DBASE_RECORD_DEFINED + +struct dbase_policydb; +typedef struct dbase_policydb dbase_t; +#define DBASE_DEFINED + +#include <sepol/users.h> +#include <semanage/handle.h> +#include "user_internal.h" +#include "debug.h" +#include "database_policydb.h" + +/* USER BASE record: POLICYDB extension: method table */ +record_policydb_table_t SEMANAGE_USER_BASE_POLICYDB_RTABLE = { + .add = NULL, + .modify = (record_policydb_table_modify_t) sepol_user_modify, + .set = NULL, + .query = (record_policydb_table_query_t) sepol_user_query, + .count = (record_policydb_table_count_t) sepol_user_count, + .exists = (record_policydb_table_exists_t) sepol_user_exists, + .iterate = (record_policydb_table_iterate_t) sepol_user_iterate, +}; + +int user_base_policydb_dbase_init(semanage_handle_t * handle, + dbase_config_t * dconfig) +{ + + if (dbase_policydb_init(handle, + "policy.kern", + &SEMANAGE_USER_BASE_RTABLE, + &SEMANAGE_USER_BASE_POLICYDB_RTABLE, + &dconfig->dbase) < 0) + return STATUS_ERR; + + dconfig->dtable = &SEMANAGE_POLICYDB_DTABLE; + return STATUS_SUCCESS; +} + +void user_base_policydb_dbase_release(dbase_config_t * dconfig) +{ + + dbase_policydb_release(dconfig->dbase); +} diff --git a/libsemanage/src/users_extra_file.c b/libsemanage/src/users_extra_file.c new file mode 100644 index 00000000..5f7eb1a1 --- /dev/null +++ b/libsemanage/src/users_extra_file.c @@ -0,0 +1,127 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_user_extra; +struct semanage_user_key; +typedef struct semanage_user_extra record_t; +typedef struct semanage_user_key record_key_t; +#define DBASE_RECORD_DEFINED + +struct dbase_file; +typedef struct dbase_file dbase_t; +#define DBASE_DEFINED + +#include <stdlib.h> +#include <stdio.h> +#include <strings.h> + +#include "user_internal.h" +#include "database_file.h" +#include "parse_utils.h" +#include "debug.h" +#include "handle.h" + +static int user_extra_print(semanage_handle_t * handle, + semanage_user_extra_t * user_extra, FILE * str) +{ + + const char *name = semanage_user_extra_get_name(user_extra); + const char *prefix = semanage_user_extra_get_prefix(user_extra); + + if (fprintf(str, "user %s prefix %s;\n", name, prefix) < 0) + goto err; + + return STATUS_SUCCESS; + + err: + ERR(handle, "could not print user extra data " + "for %s to stream", name); + return STATUS_ERR; +} + +static int user_extra_parse(semanage_handle_t * handle, + parse_info_t * info, + semanage_user_extra_t * user_extra) +{ + + char *str = NULL; + + if (parse_skip_space(handle, info) < 0) + goto err; + if (!info->ptr) + goto last; + + /* User string */ + if (parse_assert_str(handle, info, "user") < 0) + goto err; + if (parse_assert_space(handle, info) < 0) + goto err; + + /* Extract name */ + if (parse_fetch_string(handle, info, &str, ' ') < 0) + goto err; + if (semanage_user_extra_set_name(handle, user_extra, str) < 0) + goto err; + free(str); + str = NULL; + + /* Prefix string */ + if (parse_assert_space(handle, info) < 0) + goto err; + if (parse_assert_str(handle, info, "prefix") < 0) + goto err; + if (parse_assert_space(handle, info) < 0) + goto err; + + /* Extract prefix */ + if (parse_fetch_string(handle, info, &str, ';') < 0) + goto err; + if (semanage_user_extra_set_prefix(handle, user_extra, str) < 0) + goto err; + free(str); + str = NULL; + + /* Semicolon */ + if (parse_skip_space(handle, info) < 0) + goto err; + if (parse_assert_ch(handle, info, ';') < 0) + goto err; + + return STATUS_SUCCESS; + + last: + parse_dispose_line(info); + return STATUS_NODATA; + + err: + ERR(handle, "could not parse user extra data"); + free(str); + parse_dispose_line(info); + return STATUS_ERR; +} + +/* USER EXTRA RECORD: FILE extension: method table */ +record_file_table_t SEMANAGE_USER_EXTRA_FILE_RTABLE = { + .parse = user_extra_parse, + .print = user_extra_print, +}; + +int user_extra_file_dbase_init(semanage_handle_t * handle, + const char *fname, dbase_config_t * dconfig) +{ + + if (dbase_file_init(handle, + fname, + &SEMANAGE_USER_EXTRA_RTABLE, + &SEMANAGE_USER_EXTRA_FILE_RTABLE, + &dconfig->dbase) < 0) + return STATUS_ERR; + + dconfig->dtable = &SEMANAGE_FILE_DTABLE; + return STATUS_SUCCESS; +} + +void user_extra_file_dbase_release(dbase_config_t * dconfig) +{ + + dbase_file_release(dconfig->dbase); +} diff --git a/libsemanage/src/users_join.c b/libsemanage/src/users_join.c new file mode 100644 index 00000000..b598209f --- /dev/null +++ b/libsemanage/src/users_join.c @@ -0,0 +1,49 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_user; +struct semanage_user_key; +typedef struct semanage_user record_t; +typedef struct semanage_user_key record_key_t; +#define DBASE_RECORD_DEFINED + +struct semanage_user_base; +struct semanage_user_extra; +typedef struct semanage_user_base record1_t; +typedef struct semanage_user_extra record2_t; +#define DBASE_RECORD_JOIN_DEFINED + +struct dbase_join; +typedef struct dbase_join dbase_t; +#define DBASE_DEFINED + +#include <semanage/handle.h> +#include "user_internal.h" +#include "database_join.h" +#include "debug.h" + +/* USER record: JOIN extension: method table */ +record_join_table_t SEMANAGE_USER_JOIN_RTABLE = { + .join = semanage_user_join, + .split = semanage_user_split, +}; + +int user_join_dbase_init(semanage_handle_t * handle, + dbase_config_t * join1, + dbase_config_t * join2, dbase_config_t * dconfig) +{ + + if (dbase_join_init(handle, + &SEMANAGE_USER_RTABLE, + &SEMANAGE_USER_JOIN_RTABLE, + join1, join2, &dconfig->dbase) < 0) + return STATUS_ERR; + + dconfig->dtable = &SEMANAGE_JOIN_DTABLE; + return STATUS_SUCCESS; +} + +void user_join_dbase_release(dbase_config_t * dconfig) +{ + + dbase_join_release(dconfig->dbase); +} diff --git a/libsemanage/src/users_local.c b/libsemanage/src/users_local.c new file mode 100644 index 00000000..8742ca11 --- /dev/null +++ b/libsemanage/src/users_local.c @@ -0,0 +1,70 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_user; +struct semanage_user_key; +typedef struct semanage_user_key record_key_t; +typedef struct semanage_user record_t; +#define DBASE_RECORD_DEFINED + +#include "user_internal.h" +#include "handle.h" +#include "database.h" + +int semanage_user_modify_local(semanage_handle_t * handle, + const semanage_user_key_t * key, + const semanage_user_t * data) +{ + + dbase_config_t *dconfig = semanage_user_dbase_local(handle); + return dbase_modify(handle, dconfig, key, data); +} + +int semanage_user_del_local(semanage_handle_t * handle, + const semanage_user_key_t * key) +{ + + dbase_config_t *dconfig = semanage_user_dbase_local(handle); + return dbase_del(handle, dconfig, key); +} + +int semanage_user_query_local(semanage_handle_t * handle, + const semanage_user_key_t * key, + semanage_user_t ** response) +{ + + dbase_config_t *dconfig = semanage_user_dbase_local(handle); + return dbase_query(handle, dconfig, key, response); +} + +int semanage_user_exists_local(semanage_handle_t * handle, + const semanage_user_key_t * key, int *response) +{ + + dbase_config_t *dconfig = semanage_user_dbase_local(handle); + return dbase_exists(handle, dconfig, key, response); +} + +int semanage_user_count_local(semanage_handle_t * handle, + unsigned int *response) +{ + + dbase_config_t *dconfig = semanage_user_dbase_local(handle); + return dbase_count(handle, dconfig, response); +} + +int semanage_user_iterate_local(semanage_handle_t * handle, + int (*handler) (const semanage_user_t * record, + void *varg), void *handler_arg) +{ + + dbase_config_t *dconfig = semanage_user_dbase_local(handle); + return dbase_iterate(handle, dconfig, handler, handler_arg); +} + +int semanage_user_list_local(semanage_handle_t * handle, + semanage_user_t *** records, unsigned int *count) +{ + + dbase_config_t *dconfig = semanage_user_dbase_local(handle); + return dbase_list(handle, dconfig, records, count); +} diff --git a/libsemanage/src/users_policy.c b/libsemanage/src/users_policy.c new file mode 100644 index 00000000..74f59dc1 --- /dev/null +++ b/libsemanage/src/users_policy.c @@ -0,0 +1,56 @@ +/* Copyright (C) 2005 Red Hat, Inc. */ + +struct semanage_user; +struct semanage_user_key; +typedef struct semanage_user_key record_key_t; +typedef struct semanage_user record_t; +#define DBASE_RECORD_DEFINED + +#include "user_internal.h" +#include "handle.h" +#include "database.h" + +int semanage_user_query(semanage_handle_t * handle, + const semanage_user_key_t * key, + semanage_user_t ** response) +{ + + dbase_config_t *dconfig = semanage_user_dbase_policy(handle); + return dbase_query(handle, dconfig, key, response); +} + +hidden_def(semanage_user_query) + +int semanage_user_exists(semanage_handle_t * handle, + const semanage_user_key_t * key, int *response) +{ + + dbase_config_t *dconfig = semanage_user_dbase_policy(handle); + return dbase_exists(handle, dconfig, key, response); +} + +hidden_def(semanage_user_exists) + +int semanage_user_count(semanage_handle_t * handle, unsigned int *response) +{ + + dbase_config_t *dconfig = semanage_user_dbase_policy(handle); + return dbase_count(handle, dconfig, response); +} + +int semanage_user_iterate(semanage_handle_t * handle, + int (*handler) (const semanage_user_t * record, + void *varg), void *handler_arg) +{ + + dbase_config_t *dconfig = semanage_user_dbase_policy(handle); + return dbase_iterate(handle, dconfig, handler, handler_arg); +} + +int semanage_user_list(semanage_handle_t * handle, + semanage_user_t *** records, unsigned int *count) +{ + + dbase_config_t *dconfig = semanage_user_dbase_policy(handle); + return dbase_list(handle, dconfig, records, count); +} diff --git a/libsemanage/src/utilities.c b/libsemanage/src/utilities.c new file mode 100644 index 00000000..349a4be9 --- /dev/null +++ b/libsemanage/src/utilities.c @@ -0,0 +1,304 @@ +/* Author: Mark Goldman <mgoldman@tresys.com> + * Paul Rosenfeld <prosenfeld@tresys.com> + * + * Copyright (C) 2007 Tresys Technology, LLC + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ +#include "utilities.h" + +#include <errno.h> +#include <stdio.h> +#include <stdlib.h> +#include <ctype.h> +#include <string.h> +#include <sys/types.h> +#include <assert.h> +#include <ustr.h> + +#define TRUE 1 +#define FALSE 0 + +char *semanage_findval(char *file, char *var, char *delim) +{ + FILE *fd; + char *buff = NULL; + char *retval = NULL; + size_t buff_len = 0; + + assert(file); + assert(var); + + if ((fd = fopen(file, "r")) == NULL) + return NULL; + + while (getline(&buff, &buff_len, fd) > 0) { + if (semanage_is_prefix(buff, var)) { + retval = semanage_split(buff, delim); + if (retval) + semanage_rtrim(retval, '\n'); + break; + } + } + free(buff); + fclose(fd); + + return retval; +} + +int semanage_is_prefix(const char *str, const char *prefix) +{ + if (!str) { + return FALSE; + } + if (!prefix) { + return TRUE; + } + + return strncmp(str, prefix, strlen(prefix)) == 0; +} + +char *semanage_split_on_space(const char *str) +{ + /* as per the man page, these are the isspace() chars */ + const char *seps = "\f\n\r\t\v "; + size_t slen = strlen(seps); + size_t off = 0, rside_len = 0; + char *retval = NULL; + Ustr *ustr = USTR_NULL, *temp = USTR_NULL; + + if (!str) + goto done; + if (!(ustr = ustr_dup_cstr(str))) + goto done; + temp = + ustr_split_spn_chrs(ustr, &off, seps, slen, USTR_NULL, + USTR_FLAG_SPLIT_DEF); + if (!temp) + goto done; + /* throw away the left hand side */ + ustr_sc_free(&temp); + + rside_len = ustr_len(ustr) - off; + temp = ustr_dup_subustr(ustr, off + 1, rside_len); + if (!temp) + goto done; + retval = strdup(ustr_cstr(temp)); + ustr_sc_free(&temp); + + done: + ustr_sc_free(&ustr); + return retval; +} + +char *semanage_split(const char *str, const char *delim) +{ + Ustr *ustr = USTR_NULL, *temp = USTR_NULL; + size_t off = 0, rside_len = 0; + char *retval = NULL; + + if (!str) + goto done; + if (!delim || !(*delim)) + return semanage_split_on_space(str); + ustr = ustr_dup_cstr(str); + temp = + ustr_split_cstr(ustr, &off, delim, USTR_NULL, USTR_FLAG_SPLIT_DEF); + if (!temp) + goto done; + /* throw away the left hand side */ + ustr_sc_free(&temp); + + rside_len = ustr_len(ustr) - off; + + temp = ustr_dup_subustr(ustr, off + 1, rside_len); + if (!temp) + goto done; + retval = strdup(ustr_cstr(temp)); + ustr_sc_free(&temp); + + done: + ustr_sc_free(&ustr); + return retval; +} + +int semanage_list_push(semanage_list_t ** list, char *data) +{ + semanage_list_t *temp = NULL; + + if (!data) + return EINVAL; + if (!(temp = malloc(sizeof(semanage_list_t)))) + return ENOMEM; + + if (!(temp->data = strdup(data))) { + free(temp); + return ENOMEM; + } + temp->next = *list; + *list = temp; + + return 0; +} + +char *semanage_list_pop(semanage_list_t ** list) +{ + semanage_list_t *node = NULL; + char *data = NULL; + + if (!list || !(*list)) + return NULL; + + node = (*list); + data = node->data; + + (*list) = node->next; + free(node); + + return data; +} + +void semanage_list_destroy(semanage_list_t ** list) +{ + semanage_list_t *temp; + + while ((temp = (*list))) { + free(temp->data); + (*list) = temp->next; + free(temp); + } +} + +semanage_list_t *semanage_list_find(semanage_list_t * l, char *data) +{ + if (!data) + return NULL; + while (l && strcmp(l->data, data)) + l = l->next; + + return l; +} + +int semanage_list_sort(semanage_list_t ** l) +{ + semanage_list_t **array = NULL; + semanage_list_t *temp = NULL; + size_t count = 0; + size_t i = 0; + + if (!l) + return 0; + + for (temp = *l; temp; temp = temp->next) + ++count; + + array = malloc(sizeof(semanage_list_t *) * count); + if (!array) + return ENOMEM; /* couldn't allocate memory for sort */ + for (temp = *l; temp; temp = temp->next) { + array[i++] = temp; + } + + qsort(array, count, sizeof(semanage_list_t *), + (int (*)(const void *, const void *))&semanage_cmp_plist_t); + for (i = 0; i < (count - 1); ++i) { + array[i]->next = array[i + 1]; + } + array[i]->next = NULL; + (*l) = array[0]; + free(array); + + return 0; +} + +int semanage_cmp_plist_t(const semanage_list_t ** x, const semanage_list_t ** y) +{ + return strcmp((*x)->data, (*y)->data); +} + +int semanage_str_count(char *data, char what) +{ + int count = 0; + + if (!data) + return 0; + while (*data) { + if (*data == what) + ++count; + ++data; + } + + return count; +} + +void semanage_rtrim(char *str, char trim_to) +{ + int len = 0; + + if (!str) + return; + len = strlen(str); + + while (len > 0) { + if (str[--len] == trim_to) { + str[len] = '\0'; + return; + } + } +} + +/* list_addafter_controlmem does *NOT* duplicate the data argument + * use at your own risk, I am building a list out of malloc'd memory and + * it is only going to get stored into this list, thus when I destroy it + * later I won't free a ptr twice. + * + * returns the newly created node or NULL on error + */ +semanage_list_t *list_addafter_controlmem(semanage_list_t * item, char *data) +{ + semanage_list_t *temp = malloc(sizeof(semanage_list_t)); + + if (!temp) + return NULL; + temp->data = data; + temp->next = item->next; + item->next = temp; + + return temp; +} + +semanage_list_t *semanage_slurp_file_filter(FILE * file, + int (*pred) (const char *)) +{ + semanage_list_t head; + semanage_list_t *current = &head; + char *line = NULL; + size_t buff_len = 0; + + head.next = NULL; /* initialize head, we aren't going to use the data */ + while (getline(&line, &buff_len, file) >= 0) { + if (pred(line)) { + semanage_rtrim(line, '\n'); + current = list_addafter_controlmem(current, line); + if (!current) + break; + line = NULL; + buff_len = 0; + } + } + free(line); + + return head.next; +} diff --git a/libsemanage/src/utilities.h b/libsemanage/src/utilities.h new file mode 100644 index 00000000..b81e54eb --- /dev/null +++ b/libsemanage/src/utilities.h @@ -0,0 +1,137 @@ +/* Author: Mark Goldman <mgoldman@tresys.com> + * + * Copyright (C) 2007 Tresys Technology, LLC + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +/* This file contains helper functions that are loosely based off of what is + * available from the python script genhomedircon. Also this file contains + * c implementations of a couple of python functions so that genhomedircon will + * look/act like the python script. + */ +#ifndef _SEMANAGE_UTILITIES_H_ +#define _SEMANAGE_UTILITIES_H_ + +#include <stdio.h> + +#if defined(__GNUC__) && !defined(__STRICT_ANSI__) +#define WARN_UNUSED \ + __attribute__ ((__warn_unused_result__)) +#else +# define WARN_UNUSED /* nothing */ +#endif + +typedef struct list { + char *data; + struct list *next; +} semanage_list_t; + +/** + * @param file the path to the file to look for a variable in + * @param var the variable that you want the value of + * @param delim the value that separates the part you care about from the part + * that you don't. + * @return for the first instance of var in the file, returns everything after + * delim. + * returns "" if not found IE if(*(semanage_findval(f,v,d)) == '\0'){ + * printf("%s not found in file", v); + * } + * + * NULL for error (out of memory, etc) + */ +char *semanage_findval(char *file, char *var, char *delim) WARN_UNUSED; + +/** + * @param str string to test + * @param val prefix + * @return 1 if val is the prefix of str + * 0 if val is not the prefix of str + * + * note: if str == NULL, returns false + * if val == NULL, returns true --nothing can always be the prefix of + * something + * if (*val) == "" returns true same as above. + */ +int semanage_is_prefix(const char *str, const char *val) WARN_UNUSED; + +/** + * @param str the string to semanage_split + * @return malloc'd string after the first run of charachters that aren't whitespace + */ +char *semanage_split_on_space(const char *str) WARN_UNUSED; + +/** + * @param str the string to semanage_split + * @param delim the string delimiter. NOT a set of charachters that can be + * a delimiter. + * if *delim == '\0' behaves as semanage_splitOnSpace() + * @return a ptr to the first charachter past the delimiter. + * if delim doesn't appear in the string, returns a ptr to the + * trailing null in the string + */ +char *semanage_split(const char *str, const char *delim) WARN_UNUSED; + +/* linked list string functions + * Functions allocate memory. Must be free'd with + * either semanage_list_pop until list == NULL or semanage_list_destroy() + */ +int semanage_list_push(semanage_list_t ** list, char *data) WARN_UNUSED; +char *semanage_list_pop(semanage_list_t ** list); +void semanage_list_destroy(semanage_list_t ** list); +semanage_list_t *semanage_list_find(semanage_list_t * l, + char *data) WARN_UNUSED; +int semanage_list_sort(semanage_list_t ** l) WARN_UNUSED; +/* function to compare 2 semanage_list_t nodes, + * returns strcmp(x->data, y->data) + * used internally by semanage_list_sort() + */ +int semanage_cmp_plist_t(const semanage_list_t ** x, + const semanage_list_t ** y); +/** + * @param data a target string + * @param what a charachter + * @returns the number of times the char appears in the string + */ +int semanage_str_count(char *data, char what); +/** + * @param - a string + * @param the charachter to trim to + * @return - mangles the string, converting the first + * occurrance of the charachter to a '\0' from + * the end of the string. + */ +void semanage_rtrim(char *str, char trim_to); + +/** + * @param data some string + * @return modifies the string such that the first whitespace char becomes + * '\0', ending the string. + */ +void semanage_keep_until_space(char *data); + +/** + * @param file - an open FILE to read from + * @param pred - a function taking a string that + * returns 1 if the string should be + * kept and 0 otherwise + * @return a list of lines from the file (empty lines become + * empty strings) in the file order where pred(line) + * returns > 0 + */ +semanage_list_t *semanage_slurp_file_filter(FILE * file, + int (*pred) (const char *)) + WARN_UNUSED; +#endif |