ReactOS 0.4.16-dev-197-g92996da
security.h File Reference
#include <libxml/tree.h>
#include "xsltexports.h"
#include "xsltInternals.h"
Include dependency graph for security.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Typedefs

typedef struct _xsltSecurityPrefs xsltSecurityPrefs
 
typedef xsltSecurityPrefsxsltSecurityPrefsPtr
 
typedef int(* xsltSecurityCheck) (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const char *value)
 

Enumerations

enum  xsltSecurityOption {
  XSLT_SECPREF_READ_FILE = 1 , XSLT_SECPREF_WRITE_FILE , XSLT_SECPREF_CREATE_DIRECTORY , XSLT_SECPREF_READ_NETWORK ,
  XSLT_SECPREF_WRITE_NETWORK
}
 

Functions

XSLTPUBFUN xsltSecurityPrefsPtr XSLTCALL xsltNewSecurityPrefs (void)
 
XSLTPUBFUN void XSLTCALL xsltFreeSecurityPrefs (xsltSecurityPrefsPtr sec)
 
XSLTPUBFUN int XSLTCALL xsltSetSecurityPrefs (xsltSecurityPrefsPtr sec, xsltSecurityOption option, xsltSecurityCheck func)
 
XSLTPUBFUN xsltSecurityCheck XSLTCALL xsltGetSecurityPrefs (xsltSecurityPrefsPtr sec, xsltSecurityOption option)
 
XSLTPUBFUN void XSLTCALL xsltSetDefaultSecurityPrefs (xsltSecurityPrefsPtr sec)
 
XSLTPUBFUN xsltSecurityPrefsPtr XSLTCALL xsltGetDefaultSecurityPrefs (void)
 
XSLTPUBFUN int XSLTCALL xsltSetCtxtSecurityPrefs (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt)
 
XSLTPUBFUN int XSLTCALL xsltSecurityAllow (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const char *value)
 
XSLTPUBFUN int XSLTCALL xsltSecurityForbid (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const char *value)
 
XSLTPUBFUN int XSLTCALL xsltCheckWrite (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const xmlChar *URL)
 
XSLTPUBFUN int XSLTCALL xsltCheckRead (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const xmlChar *URL)
 

Typedef Documentation

◆ xsltSecurityCheck

typedef int(* xsltSecurityCheck) (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const char *value)

xsltSecurityCheck:

User provided function to check the value of a string like a file path or an URL ...

Definition at line 51 of file security.h.

◆ xsltSecurityPrefs

xsltSecurityPref:

structure to indicate the preferences for security in the XSLT transformation.

Definition at line 29 of file security.h.

◆ xsltSecurityPrefsPtr

Definition at line 30 of file security.h.

Enumeration Type Documentation

◆ xsltSecurityOption

xsltSecurityOption:

the set of option that can be configured

Enumerator
XSLT_SECPREF_READ_FILE 
XSLT_SECPREF_WRITE_FILE 
XSLT_SECPREF_CREATE_DIRECTORY 
XSLT_SECPREF_READ_NETWORK 
XSLT_SECPREF_WRITE_NETWORK 

Definition at line 37 of file security.h.

37 {
xsltSecurityOption
Definition: security.h:37
@ XSLT_SECPREF_READ_NETWORK
Definition: security.h:41
@ XSLT_SECPREF_WRITE_NETWORK
Definition: security.h:42
@ XSLT_SECPREF_CREATE_DIRECTORY
Definition: security.h:40
@ XSLT_SECPREF_WRITE_FILE
Definition: security.h:39
@ XSLT_SECPREF_READ_FILE
Definition: security.h:38

Function Documentation

◆ xsltCheckRead()

XSLTPUBFUN int XSLTCALL xsltCheckRead ( xsltSecurityPrefsPtr  sec,
xsltTransformContextPtr  ctxt,
const xmlChar URL 
)

xsltCheckRead: @sec: the security options @ctxt: an XSLT transformation context @URL: the resource to be read

Check if the resource is allowed to be read

Return 1 if read is allowed, 0 if not and -1 in case or error.

Definition at line 402 of file security.c.

403 {
404 int ret;
407
408 uri = xmlParseURI((const char *)URL);
409 if (uri == NULL) {
411 "xsltCheckRead: URL parsing failed for %s\n",
412 URL);
413 return(-1);
414 }
415 if ((uri->scheme == NULL) ||
416 (xmlStrEqual(BAD_CAST uri->scheme, BAD_CAST "file"))) {
417
418 /*
419 * Check if we are allowed to read this file
420 */
422 if (check != NULL) {
423 ret = check(sec, ctxt, uri->path);
424 if (ret == 0) {
426 "Local file read for %s refused\n", URL);
428 return(0);
429 }
430 }
431 } else {
432 /*
433 * Check if we are allowed to write this network resource
434 */
436 if (check != NULL) {
437 ret = check(sec, ctxt, (const char *)URL);
438 if (ret == 0) {
440 "Network file read for %s refused\n", URL);
442 return(0);
443 }
444 }
445 }
447 return(1);
448}
#define NULL
Definition: types.h:112
xsltSecurityCheck xsltGetSecurityPrefs(xsltSecurityPrefsPtr sec, xsltSecurityOption option)
Definition: security.c:125
int(* xsltSecurityCheck)(xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const char *value)
Definition: security.h:51
#define check(expected, result)
Definition: dplayx.c:32
const char * uri
Definition: sec_mgr.c:1588
Definition: uri.h:33
XMLPUBFUN xmlURIPtr XMLCALL xmlParseURI(const char *str)
Definition: uri.c:940
XMLPUBFUN void XMLCALL xmlFreeURI(xmlURIPtr uri)
Definition: uri.c:1387
int ret
#define BAD_CAST
Definition: xmlstring.h:35
XMLPUBFUN int XMLCALL xmlStrEqual(const xmlChar *str1, const xmlChar *str2)
Definition: xmlstring.c:160
void xsltTransformError(xsltTransformContextPtr ctxt, xsltStylesheetPtr style, xmlNodePtr node, const char *msg,...)
Definition: xsltutils.c:678

Referenced by xsltLoadDocument(), xsltLoadStyleDocument(), xsltParseStylesheetFile(), and xsltParseStylesheetImport().

◆ xsltCheckWrite()

XSLTPUBFUN int XSLTCALL xsltCheckWrite ( xsltSecurityPrefsPtr  sec,
xsltTransformContextPtr  ctxt,
const xmlChar URL 
)

xsltCheckWrite: @sec: the security options @ctxt: an XSLT transformation context @URL: the resource to be written

Check if the resource is allowed to be written, if necessary makes some preliminary work like creating directories

Return 1 if write is allowed, 0 if not and -1 in case or error.

Definition at line 335 of file security.c.

336 {
337 int ret;
340
341 uri = xmlParseURI((const char *)URL);
342 if (uri == NULL) {
343 uri = xmlCreateURI();
344 if (uri == NULL) {
346 "xsltCheckWrite: out of memory for %s\n", URL);
347 return(-1);
348 }
349 uri->path = (char *)xmlStrdup(URL);
350 }
351 if ((uri->scheme == NULL) ||
352 (xmlStrEqual(BAD_CAST uri->scheme, BAD_CAST "file"))) {
353
354#if defined(_WIN32)
355 if ((uri->path)&&(uri->path[0]=='/')&&
356 (uri->path[1]!='\0')&&(uri->path[2]==':'))
357 ret = xsltCheckWritePath(sec, ctxt, uri->path+1);
358 else
359#endif
360 {
361 /*
362 * Check if we are allowed to write this file
363 */
364 ret = xsltCheckWritePath(sec, ctxt, uri->path);
365 }
366
367 if (ret <= 0) {
369 return(ret);
370 }
371 } else {
372 /*
373 * Check if we are allowed to write this network resource
374 */
376 if (check != NULL) {
377 ret = check(sec, ctxt, (const char *)URL);
378 if (ret == 0) {
380 "File write for %s refused\n", URL);
382 return(0);
383 }
384 }
385 }
387 return(1);
388}
static int xsltCheckWritePath(xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const char *path)
Definition: security.c:273
XMLPUBFUN xmlURIPtr XMLCALL xmlCreateURI(void)
Definition: uri.c:1020
XMLPUBFUN xmlChar *XMLCALL xmlStrdup(const xmlChar *cur)
Definition: xmlstring.c:67

Referenced by xsltApplyStylesheetInternal(), and xsltDocumentElem().

◆ xsltFreeSecurityPrefs()

XSLTPUBFUN void XSLTCALL xsltFreeSecurityPrefs ( xsltSecurityPrefsPtr  sec)

xsltFreeSecurityPrefs: @sec: the security block to free

Free up a security preference block

Definition at line 78 of file security.c.

78 {
79 if (sec == NULL)
80 return;
81 xmlFree(sec);
82}
XMLPUBVAR xmlFreeFunc xmlFree
Definition: globals.h:251

◆ xsltGetDefaultSecurityPrefs()

XSLTPUBFUN xsltSecurityPrefsPtr XSLTCALL xsltGetDefaultSecurityPrefs ( void  )

xsltGetDefaultSecurityPrefs:

Get the default security preference application-wide

Returns the current xsltSecurityPrefsPtr in use or NULL if none

Definition at line 163 of file security.c.

163 {
165}
static xsltSecurityPrefsPtr xsltDefaultSecurityPrefs
Definition: security.c:40

Referenced by xsltLoadStyleDocument(), xsltNewTransformContext(), xsltParseStylesheetFile(), and xsltParseStylesheetImport().

◆ xsltGetSecurityPrefs()

XSLTPUBFUN xsltSecurityCheck XSLTCALL xsltGetSecurityPrefs ( xsltSecurityPrefsPtr  sec,
xsltSecurityOption  option 
)

xsltGetSecurityPrefs: @sec: the security block to update @option: the option to lookup

Lookup the security option to get the callback checking function

Returns NULL if not found, the function otherwise

Definition at line 125 of file security.c.

125 {
126 if (sec == NULL)
127 return(NULL);
128 switch (option) {
130 return(sec->readFile);
132 return(sec->createFile);
134 return(sec->createDir);
136 return(sec->readNet);
138 return(sec->writeNet);
139 }
140 return(NULL);
141}
xsltSecurityCheck readFile
Definition: security.c:33
xsltSecurityCheck createFile
Definition: security.c:34
xsltSecurityCheck createDir
Definition: security.c:35
xsltSecurityCheck readNet
Definition: security.c:36
xsltSecurityCheck writeNet
Definition: security.c:37
Definition: getopt.h:109

Referenced by xsltCheckRead(), xsltCheckWrite(), and xsltCheckWritePath().

◆ xsltNewSecurityPrefs()

XSLTPUBFUN xsltSecurityPrefsPtr XSLTCALL xsltNewSecurityPrefs ( void  )

xsltNewSecurityPrefs:

Create a new security preference block

Returns a pointer to the new block or NULL in case of error

Definition at line 56 of file security.c.

56 {
58
60
62 if (ret == NULL) {
64 "xsltNewSecurityPrefs : malloc failed\n");
65 return(NULL);
66 }
67 memset(ret, 0, sizeof(xsltSecurityPrefs));
68 return(ret);
69}
void xsltInitGlobals(void)
Definition: extensions.c:2257
xsltSecurityPrefs * xsltSecurityPrefsPtr
Definition: security.h:30
XMLPUBVAR xmlMallocFunc xmlMalloc
Definition: globals.h:248
#define memset(x, y, z)
Definition: compat.h:39

◆ xsltSecurityAllow()

XSLTPUBFUN int XSLTCALL xsltSecurityAllow ( xsltSecurityPrefsPtr  sec,
xsltTransformContextPtr  ctxt,
const char value 
)

◆ xsltSecurityForbid()

XSLTPUBFUN int XSLTCALL xsltSecurityForbid ( xsltSecurityPrefsPtr  sec,
xsltTransformContextPtr  ctxt,
const char value 
)

◆ xsltSetCtxtSecurityPrefs()

XSLTPUBFUN int XSLTCALL xsltSetCtxtSecurityPrefs ( xsltSecurityPrefsPtr  sec,
xsltTransformContextPtr  ctxt 
)

xsltSetCtxtSecurityPrefs: @sec: the security block to use @ctxt: an XSLT transformation context

Set the security preference for a specific transformation

Returns -1 in case of error, 0 otherwise

Definition at line 177 of file security.c.

178 {
179 if (ctxt == NULL)
180 return(-1);
181 ctxt->sec = (void *) sec;
182 return(0);
183}

◆ xsltSetDefaultSecurityPrefs()

XSLTPUBFUN void XSLTCALL xsltSetDefaultSecurityPrefs ( xsltSecurityPrefsPtr  sec)

xsltSetDefaultSecurityPrefs: @sec: the security block to use

Set the default security preference application-wide

Definition at line 150 of file security.c.

150 {
151
153}

◆ xsltSetSecurityPrefs()

XSLTPUBFUN int XSLTCALL xsltSetSecurityPrefs ( xsltSecurityPrefsPtr  sec,
xsltSecurityOption  option,
xsltSecurityCheck  func 
)

xsltSetSecurityPrefs: @sec: the security block to update @option: the option to update @func: the user callback to use for this option

Update the security option to use the new callback checking function

Returns -1 in case of error, 0 otherwise

Definition at line 95 of file security.c.

96 {
98 if (sec == NULL)
99 return(-1);
100 switch (option) {
102 sec->readFile = func; return(0);
104 sec->createFile = func; return(0);
106 sec->createDir = func; return(0);
108 sec->readNet = func; return(0);
110 sec->writeNet = func; return(0);
111 }
112 return(-1);
113}
GLenum func
Definition: glext.h:6028