Consistently use uid_t/gid_t for credentials

COVESA · Dec 19, 2023 · 263fd78 · 263fd78
1 parent 02c199d
commit 263fd78
Show file tree

Hide file tree

Showing 13 changed files with 66 additions and 62 deletions.
diff --git a/implementation/configuration/include/internal.hpp.in b/implementation/configuration/include/internal.hpp.in
@@ -150,8 +150,12 @@ const std::uint32_t QUEUE_SIZE_UNLIMITED = (std::numeric_limits<std::uint32_t>::
 
 const std::uint32_t MAX_RECONNECTS_UNLIMITED = (std::numeric_limits<std::uint32_t>::max)();
 
-const std::uint32_t ANY_UID = 0xFFFFFFFF;
-const std::uint32_t ANY_GID = 0xFFFFFFFF;
+#if defined(_WIN32)
+    typedef std::uint32_t uid_t;
+    typedef std::uint32_t gid_t;
+#endif
+const uid_t ANY_UID = (std::numeric_limits<uid_t>::max)();
+const gid_t ANY_GID = (std::numeric_limits<gid_t>::max)();
 
 enum class port_type_e {
     PT_OPTIONAL,

diff --git a/implementation/endpoints/include/local_server_endpoint_impl_receive_op.hpp b/implementation/endpoints/include/local_server_endpoint_impl_receive_op.hpp
@@ -26,9 +26,9 @@ struct storage :
     socket_type_t &socket_;
     receive_handler_t handler_;
     byte_t *buffer_;
-    std::size_t length_;
-    uid_t uid_;
-    gid_t gid_;
+    size_t length_;
+    uid_t uid_ = ANY_UID;
+    gid_t gid_ = ANY_GID;
     size_t bytes_;
 
     storage(

diff --git a/implementation/endpoints/include/local_uds_server_endpoint_impl.hpp b/implementation/endpoints/include/local_uds_server_endpoint_impl.hpp
@@ -125,7 +125,7 @@ class local_uds_server_endpoint_impl: public local_uds_server_endpoint_base_impl
         void receive_cbk(boost::system::error_code const &_error,
                          std::size_t _bytes
 #if defined(__linux__) || defined(ANDROID) || defined(__QNX__)
-                         , std::uint32_t const &_uid, std::uint32_t const &_gid
+                         , uid_t const &_uid, gid_t const &_gid
 #endif
         );
         void calculate_shrink_count();

diff --git a/implementation/endpoints/include/udp_server_endpoint_impl_receive_op.hpp b/implementation/endpoints/include/udp_server_endpoint_impl_receive_op.hpp
@@ -296,7 +296,7 @@ receive_cb (std::shared_ptr<storage> _data) {
                     _data->sender_ = endpoint_type_t(its_sender_address, its_sender_port);
 
                     // destination
-                    struct in_pktinfo *its_pktinfo_v4;
+                    struct in_pktinfo *its_pktinfo_v4 = nullptr;
                     for (struct cmsghdr *cmsg = CMSG_FIRSTHDR(&its_header);
                          cmsg != NULL;
                          cmsg = CMSG_NXTHDR(&its_header, cmsg)) {

diff --git a/implementation/endpoints/src/local_uds_server_endpoint_impl.cpp b/implementation/endpoints/src/local_uds_server_endpoint_impl.cpp
@@ -489,8 +489,8 @@ void local_uds_server_endpoint_impl::connection::start() {
             ),
             &recv_buffer_[recv_buffer_size_],
             left_buffer_size,
-            std::numeric_limits<std::uint32_t>::max(),
-            std::numeric_limits<std::uint32_t>::max(),
+            std::numeric_limits<uid_t>::max(),
+            std::numeric_limits<gid_t>::max(),
             std::numeric_limits<std::size_t>::min()
         );
 
@@ -608,7 +608,7 @@ void local_uds_server_endpoint_impl::connection::send_cbk(const message_buffer_p
 
 void local_uds_server_endpoint_impl::connection::receive_cbk(
         boost::system::error_code const &_error, std::size_t _bytes,
-        std::uint32_t const &_uid, std::uint32_t const &_gid)
+        uid_t const &_uid, gid_t const &_gid)
 {
     std::shared_ptr<local_uds_server_endpoint_impl> its_server(server_.lock());
     if (!its_server) {

diff --git a/implementation/routing/include/routing_manager_stub.hpp b/implementation/routing/include/routing_manager_stub.hpp
@@ -110,24 +110,24 @@ class routing_manager_stub: public routing_host,
                                             pending_remote_offer_id_t _id);
 
 #ifndef VSOMEIP_DISABLE_SECURITY
-    bool update_security_policy_configuration(uint32_t _uid, uint32_t _gid,
+    bool update_security_policy_configuration(uid_t _uid, gid_t _gid,
             const std::shared_ptr<policy> &_policy,
             const std::shared_ptr<payload> &_payload,
             const security_update_handler_t &_handler);
-    bool remove_security_policy_configuration(uint32_t _uid, uint32_t _gid,
+    bool remove_security_policy_configuration(uid_t _uid, gid_t _gid,
             const security_update_handler_t &_handler);
     void on_security_update_response(pending_security_update_id_t _id,
             client_t _client);
 
-    void policy_cache_add(uint32_t _uid, const std::shared_ptr<payload>& _payload);
-    void policy_cache_remove(uint32_t _uid);
-    bool is_policy_cached(uint32_t _uid);
+    void policy_cache_add(uid_t _uid, const std::shared_ptr<payload>& _payload);
+    void policy_cache_remove(uid_t _uid);
+    bool is_policy_cached(uid_t _uid);
 
     bool send_update_security_policy_request(client_t _client,
-            pending_security_update_id_t _update_id, uint32_t _uid,
+            pending_security_update_id_t _update_id, uid_t _uid,
             const std::shared_ptr<payload>& _payload);
     bool send_remove_security_policy_request(client_t _client,
-            pending_security_update_id_t _update_id, uint32_t _uid, uint32_t _gid);
+            pending_security_update_id_t _update_id, uid_t _uid, gid_t _gid);
 
     bool send_cached_security_policies(client_t _client);
 
@@ -200,7 +200,7 @@ class routing_manager_stub: public routing_host,
             protocol::routing_info_entry &_entry);
     void send_client_routing_info(const client_t _target,
             std::vector<protocol::routing_info_entry> &&_entries);
-    void send_client_credentials(client_t _target, std::set<std::pair<uint32_t, uint32_t>> &_credentials);
+    void send_client_credentials(client_t _target, std::set<std::pair<uid_t, gid_t>> &_credentials);
 
     void on_client_id_timer_expired(boost::system::error_code const &_error);
 

diff --git a/implementation/routing/src/routing_manager_client.cpp b/implementation/routing/src/routing_manager_client.cpp
@@ -1643,8 +1643,8 @@ void routing_manager_client::on_message(
                 its_command.deserialize(its_buffer, its_error);
                 if (its_error == protocol::error_e::ERROR_OK) {
                     auto its_policy = its_command.get_policy();
-                    uint32_t its_uid;
-                    uint32_t its_gid;
+                    uid_t its_uid;
+                    gid_t its_gid;
                     if (its_policy->get_uid_gid(its_uid, its_gid)) {
                         if (is_internal_policy_update
                                 || its_security->is_policy_update_allowed(its_uid, its_policy)) {
@@ -2832,7 +2832,7 @@ void routing_manager_client::on_update_security_credentials(
 
     for (const auto &c : _command.get_credentials()) {
         std::shared_ptr<policy> its_policy(std::make_shared<policy>());
-        boost::icl::interval_set<uint32_t> its_gid_set;
+        boost::icl::interval_set<gid_t> its_gid_set;
         uid_t its_uid(c.first);
         gid_t its_gid(c.second);
 

diff --git a/implementation/routing/src/routing_manager_stub.cpp b/implementation/routing/src/routing_manager_stub.cpp
@@ -1128,7 +1128,7 @@ void routing_manager_stub::on_stop_offer_service(client_t _client,
 }
 
 void routing_manager_stub::send_client_credentials(const client_t _target,
-        std::set<std::pair<uint32_t, uint32_t>> &_credentials) {
+        std::set<std::pair<uid_t, gid_t>> &_credentials) {
 
     std::shared_ptr<endpoint> its_endpoint = host_->find_local(_target);
     if (its_endpoint) {
@@ -1207,7 +1207,7 @@ void routing_manager_stub::send_client_routing_info(const client_t _target,
 }
 
 void routing_manager_stub::distribute_credentials(client_t _hoster, service_t _service, instance_t _instance) {
-    std::set<std::pair<uint32_t, uint32_t>> its_credentials;
+    std::set<std::pair<uid_t, gid_t>> its_credentials;
     std::set<client_t> its_requesting_clients;
     // search for clients which shall receive the credentials
     for (auto its_requesting_client : service_requests_) {
@@ -1223,7 +1223,7 @@ void routing_manager_stub::distribute_credentials(client_t _hoster, service_t _s
     // search for UID / GID linked with the client ID that offers the requested services
     vsomeip_sec_client_t its_sec_client;
     if (policy_manager_impl::get()->get_client_to_sec_client_mapping(_hoster, its_sec_client)) {
-        std::pair<uint32_t, uint32_t> its_uid_gid;
+        std::pair<uid_t, gid_t> its_uid_gid;
         its_uid_gid.first = its_sec_client.user;
         its_uid_gid.second = its_sec_client.group;
         its_credentials.insert(its_uid_gid);
@@ -1843,7 +1843,7 @@ void routing_manager_stub::handle_credentials(const client_t _client, std::set<p
     }
 
     std::lock_guard<std::mutex> its_guard(routing_info_mutex_);
-    std::set<std::pair<uint32_t, uint32_t>> its_credentials;
+    std::set<std::pair<uid_t, gid_t>> its_credentials;
     vsomeip_sec_client_t its_requester_sec_client;
     if (policy_manager_impl::get()->get_client_to_sec_client_mapping(_client, its_requester_sec_client)) {
         // determine credentials of offering clients using current routing info
@@ -2051,7 +2051,7 @@ bool routing_manager_stub::send_provided_event_resend_request(
 }
 
 #ifndef VSOMEIP_DISABLE_SECURITY
-bool routing_manager_stub::is_policy_cached(uint32_t _uid) {
+bool routing_manager_stub::is_policy_cached(uid_t _uid) {
     {
         std::lock_guard<std::mutex> its_lock(updated_security_policies_mutex_);
         if (updated_security_policies_.find(_uid)
@@ -2065,23 +2065,23 @@ bool routing_manager_stub::is_policy_cached(uint32_t _uid) {
     }
 }
 
-void routing_manager_stub::policy_cache_add(uint32_t _uid, const std::shared_ptr<payload>& _payload) {
+void routing_manager_stub::policy_cache_add(uid_t _uid, const std::shared_ptr<payload>& _payload) {
     // cache security policy payload for later distribution to new registering clients
     {
         std::lock_guard<std::mutex> its_lock(updated_security_policies_mutex_);
         updated_security_policies_[_uid] = _payload;
     }
 }
 
-void routing_manager_stub::policy_cache_remove(uint32_t _uid) {
+void routing_manager_stub::policy_cache_remove(uid_t _uid) {
     {
         std::lock_guard<std::mutex> its_lock(updated_security_policies_mutex_);
         updated_security_policies_.erase(_uid);
     }
 }
 
 bool routing_manager_stub::send_update_security_policy_request(client_t _client, pending_security_update_id_t _update_id,
-                                                               uint32_t _uid, const std::shared_ptr<payload>& _payload) {
+                                                               uid_t _uid, const std::shared_ptr<payload>& _payload) {
     (void)_uid;
 
     std::shared_ptr<endpoint> its_endpoint = host_->find_local(_client);
@@ -2161,7 +2161,7 @@ bool routing_manager_stub::send_cached_security_policies(client_t _client) {
 
 bool routing_manager_stub::send_remove_security_policy_request(
         client_t _client, pending_security_update_id_t _update_id,
-        uint32_t _uid, uint32_t _gid) {
+        uid_t _uid, gid_t _gid) {
 
     protocol::remove_security_policy_command its_command;
     its_command.set_client(_client);
@@ -2380,7 +2380,7 @@ void routing_manager_stub::on_security_update_timeout(
 }
 
 bool routing_manager_stub::update_security_policy_configuration(
-        uint32_t _uid, uint32_t _gid,
+        uid_t _uid, gid_t _gid,
         const std::shared_ptr<policy> &_policy,
         const std::shared_ptr<payload> &_payload,
         const security_update_handler_t &_handler) {
@@ -2448,7 +2448,7 @@ bool routing_manager_stub::update_security_policy_configuration(
 }
 
 bool routing_manager_stub::remove_security_policy_configuration(
-        uint32_t _uid, uint32_t _gid, const security_update_handler_t &_handler) {
+        uid_t _uid, gid_t _gid, const security_update_handler_t &_handler) {
 
     bool ret(true);
 

diff --git a/implementation/security/include/policy_manager_impl.hpp b/implementation/security/include/policy_manager_impl.hpp
@@ -47,23 +47,23 @@ class VSOMEIP_IMPORT_EXPORT policy_manager_impl
     void print_policy(const std::shared_ptr<policy> &_policy) const;
 
     bool parse_uid_gid(const byte_t* &_buffer, uint32_t &_buffer_size,
-            uint32_t &_uid, uint32_t &_gid) const;
+            uid_t &_uid, gid_t &_gid) const;
     bool parse_policy(const byte_t* &_buffer, uint32_t &_buffer_size,
-            uint32_t &_uid, uint32_t &_gid,
+            uid_t &_uid, gid_t &_gid,
             const std::shared_ptr<policy> &_policy) const;
 
-    bool is_policy_update_allowed(uint32_t _uid,
+    bool is_policy_update_allowed(uid_t _uid,
             std::shared_ptr<policy> &_policy) const;
-    bool is_policy_removal_allowed(uint32_t _uid) const;
+    bool is_policy_removal_allowed(uid_t _uid) const;
 
     // extension
     void load(const configuration_element &_element,
             const bool _lazy_load = false);
 
-    void update_security_policy(uint32_t _uid, uint32_t _gid, const std::shared_ptr<policy>& _policy);
-    bool remove_security_policy(uint32_t _uid, uint32_t _gid);
+    void update_security_policy(uid_t _uid, gid_t _gid, const std::shared_ptr<policy>& _policy);
+    bool remove_security_policy(uid_t _uid, gid_t _gid);
 
-    void add_security_credentials(uint32_t _uid, uint32_t _gid,
+    void add_security_credentials(uid_t _uid, gid_t _gid,
             const std::shared_ptr<policy>& _credentials_policy, client_t _client);
 
     void get_requester_policies(const std::shared_ptr<policy> _policy,
@@ -106,7 +106,7 @@ class VSOMEIP_IMPORT_EXPORT policy_manager_impl
             const vsomeip_sec_client_t *_sec_client);
     bool check_routing_credentials(
             const vsomeip_sec_client_t *_sec_client) const;
-    void set_routing_credentials(uint32_t _uid, uint32_t _gid,
+    void set_routing_credentials(uid_t _uid, gid_t _gid,
             const std::string &_name);
 
     bool is_client_allowed(const vsomeip_sec_client_t *_sec_client,
@@ -146,7 +146,7 @@ class VSOMEIP_IMPORT_EXPORT policy_manager_impl
     boost::icl::interval_set<service_t> service_interface_whitelist_;
 
     mutable std::mutex uid_whitelist_mutex_;
-    boost::icl::interval_set<uint32_t> uid_whitelist_;
+    boost::icl::interval_set<uid_t> uid_whitelist_;
 
     mutable std::mutex policy_base_path_mutex_;
     std::string policy_base_path_;
@@ -161,7 +161,7 @@ class VSOMEIP_IMPORT_EXPORT policy_manager_impl
     bool is_configured_;
 
     mutable std::mutex routing_credentials_mutex_;
-    std::pair<uint32_t, uint32_t> routing_credentials_;
+    std::pair<uid_t, gid_t> routing_credentials_;
 
     mutable std::mutex ids_mutex_;
     std::map<client_t, vsomeip_sec_client_t> ids_;

diff --git a/implementation/security/src/policy.cpp b/implementation/security/src/policy.cpp
@@ -40,11 +40,11 @@ policy::deserialize_uid_gid(const byte_t * &_data, uint32_t &_size,
 
     bool its_result;
 
-    its_result = deserialize_u32(_data, _size, _uid);
+    its_result = deserialize_u32(_data, _size, reinterpret_cast<uint32_t&>(_uid));
     if (its_result == false)
         return false;
 
-    its_result = deserialize_u32(_data, _size, _gid);
+    its_result = deserialize_u32(_data, _size, reinterpret_cast<uint32_t&>(_gid));
     if (its_result == false)
         return false;