netperf-2.4.5/src/netsec_linux.c - nest-learning-thermostat/5.1.8/netperf - Git at Google

 #if defined(HAVE_CONFIG_H)
 #include "config.h"
 #endif

 #if defined(HAVE_STRING_H)
 #include <string.h>
 #endif

 #include <stdio.h>
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <unistd.h>

 #include <dlfcn.h>

 void *messiah;  /* Handel's... */

 /* for the NSEC_mumble defines */
 #include "netlib.h"


 void
 find_security_info_selinux(int *enabled, int *type, char **specific){

   int ret;
   int enforcing;

   /* at some point we should probably get these from
      selinux/selinux.h? */
   int (*getenforce)(int *);
   int (*getpolicy)(char **);

   *enabled = NSEC_UNKNOWN;
   *type    = NSEC_TYPE_SELINUX;

   getenforce = dlsym(messiah, "selinux_getenforcemode");
   if (NULL == getenforce) {
     dlclose(messiah);
     *specific = strdup("no getenforcemode");
     return;
   }

   ret = (*getenforce)(&enforcing);
 #if defined(NETPERF_STANDALONE_DEBUG)
   printf("after selinux_getenforcemode() ret is %d\n",ret);
 #endif

   switch(enforcing) {
   case -1:
     *enabled = NSEC_DISABLED;
     break;
   case 0:
     *enabled = NSEC_PERMISSIVE;
     break;
   case 1:
     *enabled = NSEC_ENFORCING;
     break;
   default:
     *enabled = NSEC_UNKNOWN;
   }

   getpolicy = dlsym(messiah, "selinux_getpolicytype");
   if (NULL == getpolicy) {
     dlclose(messiah);
     *specific = strdup("no getpolicytype");
     return;
   }

   ret = (*getpolicy)(specific);
 #if defined(NETPERF_STANDALONE_DEBUG)
   printf("after selinux_getpolicytype ret is %d\n",ret);
 #endif

   return;
 }

 /* presently we only know about SELinux or nothing. at some point we
    probably need to learn about AppArmor and the like.  raj
    20081020 */

 void
 find_security_info(int *enabled, int *type, char **specific) {

   /* first, might it be selinux? */
   messiah = dlopen("libselinux.so", RTLD_LAZY);
   if (NULL != messiah) {
     dlerror();
     return find_security_info_selinux(enabled, type, specific);
   }
   else {
     *enabled = NSEC_UNKNOWN;
     *type = NSEC_TYPE_UNKNOWN;
     *specific = "unknown";
     return;
   }
 }

 #if defined(NETPERF_STANDALONE_DEBUG)

 /* these are normally found in src/netlib.c but we put copies here for
    the nefaious popoise of standalone debugging */

 char *
 nsec_enabled_to_str(int enabled) {
   switch (enabled) {
   case NSEC_UNKNOWN:
     return("Unknown");
   case NSEC_DISABLED:
     return("Disabled");
   case NSEC_PERMISSIVE:
     return("Permissive");
   case NSEC_ENFORCING:
     return("Enforcing");
   default:
     return("UNKNOWN MODE");
   }
 }

 char * nsec_type_to_str(int type) {
   switch (type) {
   case NSEC_TYPE_UNKNOWN:
     return("Unknown");
   case NSEC_TYPE_SELINUX:
     return("SELinux");
   default:
     return("UNKNOWN TYPE");
   }
 }

 int
 main(int argc, char *argv[]) {

   char *specific;
   int enabled;
   int type;

   find_security_info(&enabled, &type, &specific);

   printf("Security info: enabled %s (%d) type %s (0x%x) specific %s\n",
 	 nsec_enabled_to_str(enabled),
 	 enabled,
 	 nsec_type_to_str(type),
 	 type,
 	 specific);

   return 0;
 }
 #endif
	#if defined(HAVE_CONFIG_H)
	#include "config.h"
	#endif

	#if defined(HAVE_STRING_H)
	#include <string.h>
	#endif

	#include <stdio.h>
	#include <sys/types.h>
	#include <sys/stat.h>
	#include <unistd.h>

	#include <dlfcn.h>

	void messiah; / Handel's... */

	/* for the NSEC_mumble defines */
	#include "netlib.h"


	void
	find_security_info_selinux(int enabled, int type, char **specific){

	int ret;
	int enforcing;

	/* at some point we should probably get these from
	selinux/selinux.h? */
	int (getenforce)(int );
	int (getpolicy)(char *);

	*enabled = NSEC_UNKNOWN;
	*type = NSEC_TYPE_SELINUX;

	getenforce = dlsym(messiah, "selinux_getenforcemode");
	if (NULL == getenforce) {
	dlclose(messiah);
	*specific = strdup("no getenforcemode");
	return;
	}

	ret = (*getenforce)(&enforcing);
	#if defined(NETPERF_STANDALONE_DEBUG)
	printf("after selinux_getenforcemode() ret is %d\n",ret);
	#endif

	switch(enforcing) {
	case -1:
	*enabled = NSEC_DISABLED;
	break;
	case 0:
	*enabled = NSEC_PERMISSIVE;
	break;
	case 1:
	*enabled = NSEC_ENFORCING;
	break;
	default:
	*enabled = NSEC_UNKNOWN;
	}

	getpolicy = dlsym(messiah, "selinux_getpolicytype");
	if (NULL == getpolicy) {
	dlclose(messiah);
	*specific = strdup("no getpolicytype");
	return;
	}

	ret = (*getpolicy)(specific);
	#if defined(NETPERF_STANDALONE_DEBUG)
	printf("after selinux_getpolicytype ret is %d\n",ret);
	#endif

	return;
	}

	/* presently we only know about SELinux or nothing. at some point we
	probably need to learn about AppArmor and the like. raj
	20081020 */

	void
	find_security_info(int enabled, int type, char **specific) {

	/* first, might it be selinux? */
	messiah = dlopen("libselinux.so", RTLD_LAZY);
	if (NULL != messiah) {
	dlerror();
	return find_security_info_selinux(enabled, type, specific);
	}
	else {
	*enabled = NSEC_UNKNOWN;
	*type = NSEC_TYPE_UNKNOWN;
	*specific = "unknown";
	return;
	}
	}

	#if defined(NETPERF_STANDALONE_DEBUG)

	/* these are normally found in src/netlib.c but we put copies here for
	the nefaious popoise of standalone debugging */

	char *
	nsec_enabled_to_str(int enabled) {
	switch (enabled) {
	case NSEC_UNKNOWN:
	return("Unknown");
	case NSEC_DISABLED:
	return("Disabled");
	case NSEC_PERMISSIVE:
	return("Permissive");
	case NSEC_ENFORCING:
	return("Enforcing");
	default:
	return("UNKNOWN MODE");
	}
	}

	char * nsec_type_to_str(int type) {
	switch (type) {
	case NSEC_TYPE_UNKNOWN:
	return("Unknown");
	case NSEC_TYPE_SELINUX:
	return("SELinux");
	default:
	return("UNKNOWN TYPE");
	}
	}

	int
	main(int argc, char *argv[]) {

	char *specific;
	int enabled;
	int type;

	find_security_info(&enabled, &type, &specific);

	printf("Security info: enabled %s (%d) type %s (0x%x) specific %s\n",
	nsec_enabled_to_str(enabled),
	enabled,
	nsec_type_to_str(type),
	type,
	specific);

	return 0;
	}
	#endif