ReactOS 0.4.15-dev-7958-gcd0bb1a
Typedefs | Enumerations | Functions
security.h File Reference
#include <libxml/tree.h>
#include "xsltexports.h"
#include "xsltInternals.h"
Include dependency graph for security.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Typedefs

typedef struct _xsltSecurityPrefs xsltSecurityPrefs
 
typedef xsltSecurityPrefsxsltSecurityPrefsPtr
 
typedef int(* xsltSecurityCheck) (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const char *value)
 

Enumerations

enum  xsltSecurityOption {
  XSLT_SECPREF_READ_FILE = 1 , XSLT_SECPREF_WRITE_FILE , XSLT_SECPREF_CREATE_DIRECTORY , XSLT_SECPREF_READ_NETWORK ,
  XSLT_SECPREF_WRITE_NETWORK
}
 

Functions

XSLTPUBFUN xsltSecurityPrefsPtr XSLTCALL xsltNewSecurityPrefs (void)
 
XSLTPUBFUN void XSLTCALL xsltFreeSecurityPrefs (xsltSecurityPrefsPtr sec)
 
XSLTPUBFUN int XSLTCALL xsltSetSecurityPrefs (xsltSecurityPrefsPtr sec, xsltSecurityOption option, xsltSecurityCheck func)
 
XSLTPUBFUN xsltSecurityCheck XSLTCALL xsltGetSecurityPrefs (xsltSecurityPrefsPtr sec, xsltSecurityOption option)
 
XSLTPUBFUN void XSLTCALL xsltSetDefaultSecurityPrefs (xsltSecurityPrefsPtr sec)
 
XSLTPUBFUN xsltSecurityPrefsPtr XSLTCALL xsltGetDefaultSecurityPrefs (void)
 
XSLTPUBFUN int XSLTCALL xsltSetCtxtSecurityPrefs (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt)
 
XSLTPUBFUN int XSLTCALL xsltSecurityAllow (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const char *value)
 
XSLTPUBFUN int XSLTCALL xsltSecurityForbid (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const char *value)
 
XSLTPUBFUN int XSLTCALL xsltCheckWrite (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const xmlChar *URL)
 
XSLTPUBFUN int XSLTCALL xsltCheckRead (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const xmlChar *URL)
 

Typedef Documentation

◆ xsltSecurityCheck

typedef int(* xsltSecurityCheck) (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const char *value)

xsltSecurityCheck:

User provided function to check the value of a string like a file path or an URL ...

Definition at line 51 of file security.h.

◆ xsltSecurityPrefs

typedef struct _xsltSecurityPrefs xsltSecurityPrefs

xsltSecurityPref:

structure to indicate the preferences for security in the XSLT transformation.

Definition at line 29 of file security.h.

◆ xsltSecurityPrefsPtr

typedef xsltSecurityPrefs* xsltSecurityPrefsPtr

Definition at line 30 of file security.h.

Enumeration Type Documentation

◆ xsltSecurityOption

enum xsltSecurityOption

xsltSecurityOption:

the set of option that can be configured

Enumerator
XSLT_SECPREF_READ_FILE 
XSLT_SECPREF_WRITE_FILE 
XSLT_SECPREF_CREATE_DIRECTORY 
XSLT_SECPREF_READ_NETWORK 
XSLT_SECPREF_WRITE_NETWORK 

Definition at line 37 of file security.h.

37 {
38 XSLT_SECPREF_READ_FILE = 1,
39 XSLT_SECPREF_WRITE_FILE,
40 XSLT_SECPREF_CREATE_DIRECTORY,
41 XSLT_SECPREF_READ_NETWORK,
42 XSLT_SECPREF_WRITE_NETWORK
43} xsltSecurityOption;
xsltSecurityOption
xsltSecurityOption
Definition: security.h:37
XSLT_SECPREF_READ_NETWORK
@ XSLT_SECPREF_READ_NETWORK
Definition: security.h:41
XSLT_SECPREF_WRITE_NETWORK
@ XSLT_SECPREF_WRITE_NETWORK
Definition: security.h:42
XSLT_SECPREF_CREATE_DIRECTORY
@ XSLT_SECPREF_CREATE_DIRECTORY
Definition: security.h:40
XSLT_SECPREF_WRITE_FILE
@ XSLT_SECPREF_WRITE_FILE
Definition: security.h:39
XSLT_SECPREF_READ_FILE
@ XSLT_SECPREF_READ_FILE
Definition: security.h:38

Function Documentation

◆ xsltCheckRead()

XSLTPUBFUN int XSLTCALL xsltCheckRead ( xsltSecurityPrefsPtr  sec,
xsltTransformContextPtr  ctxt,
const xmlChar URL 
)

xsltCheckRead: @sec: the security options @ctxt: an XSLT transformation context @URL: the resource to be read

Check if the resource is allowed to be read

Return 1 if read is allowed, 0 if not and -1 in case or error.

Definition at line 402 of file security.c.

403 {
404 int ret;
405 xmlURIPtr uri;
406 xsltSecurityCheck check;
407
408 uri = xmlParseURI((const char *)URL);
409 if (uri == NULL) {
410 xsltTransformError(ctxt, NULL, NULL,
411 "xsltCheckRead: URL parsing failed for %s\n",
412 URL);
413 return(-1);
414 }
415 if ((uri->scheme == NULL) ||
416 (xmlStrEqual(BAD_CAST uri->scheme, BAD_CAST "file"))) {
417
418 /*
419 * Check if we are allowed to read this file
420 */
421 check = xsltGetSecurityPrefs(sec, XSLT_SECPREF_READ_FILE);
422 if (check != NULL) {
423 ret = check(sec, ctxt, uri->path);
424 if (ret == 0) {
425 xsltTransformError(ctxt, NULL, NULL,
426 "Local file read for %s refused\n", URL);
427 xmlFreeURI(uri);
428 return(0);
429 }
430 }
431 } else {
432 /*
433 * Check if we are allowed to write this network resource
434 */
435 check = xsltGetSecurityPrefs(sec, XSLT_SECPREF_READ_NETWORK);
436 if (check != NULL) {
437 ret = check(sec, ctxt, (const char *)URL);
438 if (ret == 0) {
439 xsltTransformError(ctxt, NULL, NULL,
440 "Network file read for %s refused\n", URL);
441 xmlFreeURI(uri);
442 return(0);
443 }
444 }
445 }
446 xmlFreeURI(uri);
447 return(1);
448}
NULL
#define NULL
Definition: types.h:112
xsltGetSecurityPrefs
xsltSecurityCheck xsltGetSecurityPrefs(xsltSecurityPrefsPtr sec, xsltSecurityOption option)
Definition: security.c:125
xsltSecurityCheck
int(* xsltSecurityCheck)(xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const char *value)
Definition: security.h:51
check
#define check(expected, result)
Definition: dplayx.c:32
uri
const char * uri
Definition: sec_mgr.c:1588
_xmlURI
Definition: uri.h:33
xmlParseURI
XMLPUBFUN xmlURIPtr XMLCALL xmlParseURI(const char *str)
Definition: uri.c:940
xmlFreeURI
XMLPUBFUN void XMLCALL xmlFreeURI(xmlURIPtr uri)
Definition: uri.c:1387
ret
int ret
Definition: wcstombs-tests.c:31
BAD_CAST
#define BAD_CAST
Definition: xmlstring.h:35
xmlStrEqual
XMLPUBFUN int XMLCALL xmlStrEqual(const xmlChar *str1, const xmlChar *str2)
Definition: xmlstring.c:160
xsltTransformError
void xsltTransformError(xsltTransformContextPtr ctxt, xsltStylesheetPtr style, xmlNodePtr node, const char *msg,...)
Definition: xsltutils.c:678

Referenced by xsltLoadDocument(), xsltLoadStyleDocument(), xsltParseStylesheetFile(), and xsltParseStylesheetImport().

◆ xsltCheckWrite()

XSLTPUBFUN int XSLTCALL xsltCheckWrite ( xsltSecurityPrefsPtr  sec,
xsltTransformContextPtr  ctxt,
const xmlChar URL 
)

xsltCheckWrite: @sec: the security options @ctxt: an XSLT transformation context @URL: the resource to be written

Check if the resource is allowed to be written, if necessary makes some preliminary work like creating directories

Return 1 if write is allowed, 0 if not and -1 in case or error.

Definition at line 335 of file security.c.

336 {
337 int ret;
338 xmlURIPtr uri;
339 xsltSecurityCheck check;
340
341 uri = xmlParseURI((const char *)URL);
342 if (uri == NULL) {
343 uri = xmlCreateURI();
344 if (uri == NULL) {
345 xsltTransformError(ctxt, NULL, NULL,
346 "xsltCheckWrite: out of memory for %s\n", URL);
347 return(-1);
348 }
349 uri->path = (char *)xmlStrdup(URL);
350 }
351 if ((uri->scheme == NULL) ||
352 (xmlStrEqual(BAD_CAST uri->scheme, BAD_CAST "file"))) {
353
354#if defined(_WIN32)
355 if ((uri->path)&&(uri->path[0]=='/')&&
356 (uri->path[1]!='\0')&&(uri->path[2]==':'))
357 ret = xsltCheckWritePath(sec, ctxt, uri->path+1);
358 else
359#endif
360 {
361 /*
362 * Check if we are allowed to write this file
363 */
364 ret = xsltCheckWritePath(sec, ctxt, uri->path);
365 }
366
367 if (ret <= 0) {
368 xmlFreeURI(uri);
369 return(ret);
370 }
371 } else {
372 /*
373 * Check if we are allowed to write this network resource
374 */
375 check = xsltGetSecurityPrefs(sec, XSLT_SECPREF_WRITE_NETWORK);
376 if (check != NULL) {
377 ret = check(sec, ctxt, (const char *)URL);
378 if (ret == 0) {
379 xsltTransformError(ctxt, NULL, NULL,
380 "File write for %s refused\n", URL);
381 xmlFreeURI(uri);
382 return(0);
383 }
384 }
385 }
386 xmlFreeURI(uri);
387 return(1);
388}
xsltCheckWritePath
static int xsltCheckWritePath(xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const char *path)
Definition: security.c:273
xmlCreateURI
XMLPUBFUN xmlURIPtr XMLCALL xmlCreateURI(void)
Definition: uri.c:1020
xmlStrdup
XMLPUBFUN xmlChar *XMLCALL xmlStrdup(const xmlChar *cur)
Definition: xmlstring.c:67

Referenced by xsltApplyStylesheetInternal(), and xsltDocumentElem().

◆ xsltFreeSecurityPrefs()

XSLTPUBFUN void XSLTCALL xsltFreeSecurityPrefs ( xsltSecurityPrefsPtr  sec)

xsltFreeSecurityPrefs: @sec: the security block to free

Free up a security preference block

Definition at line 78 of file security.c.

78 {
79 if (sec == NULL)
80 return;
81 xmlFree(sec);
82}
xmlFree
XMLPUBVAR xmlFreeFunc xmlFree
Definition: globals.h:251

◆ xsltGetDefaultSecurityPrefs()

XSLTPUBFUN xsltSecurityPrefsPtr XSLTCALL xsltGetDefaultSecurityPrefs ( void  )

xsltGetDefaultSecurityPrefs:

Get the default security preference application-wide

Returns the current xsltSecurityPrefsPtr in use or NULL if none

Definition at line 163 of file security.c.

163 {
164 return(xsltDefaultSecurityPrefs);
165}
xsltDefaultSecurityPrefs
static xsltSecurityPrefsPtr xsltDefaultSecurityPrefs
Definition: security.c:40

Referenced by xsltLoadStyleDocument(), xsltNewTransformContext(), xsltParseStylesheetFile(), and xsltParseStylesheetImport().

◆ xsltGetSecurityPrefs()

XSLTPUBFUN xsltSecurityCheck XSLTCALL xsltGetSecurityPrefs ( xsltSecurityPrefsPtr  sec,
xsltSecurityOption  option 
)

xsltGetSecurityPrefs: @sec: the security block to update @option: the option to lookup

Lookup the security option to get the callback checking function

Returns NULL if not found, the function otherwise

Definition at line 125 of file security.c.

125 {
126 if (sec == NULL)
127 return(NULL);
128 switch (option) {
129 case XSLT_SECPREF_READ_FILE:
130 return(sec->readFile);
131 case XSLT_SECPREF_WRITE_FILE:
132 return(sec->createFile);
133 case XSLT_SECPREF_CREATE_DIRECTORY:
134 return(sec->createDir);
135 case XSLT_SECPREF_READ_NETWORK:
136 return(sec->readNet);
137 case XSLT_SECPREF_WRITE_NETWORK:
138 return(sec->writeNet);
139 }
140 return(NULL);
141}
_xsltSecurityPrefs::readFile
xsltSecurityCheck readFile
Definition: security.c:33
_xsltSecurityPrefs::createFile
xsltSecurityCheck createFile
Definition: security.c:34
_xsltSecurityPrefs::createDir
xsltSecurityCheck createDir
Definition: security.c:35
_xsltSecurityPrefs::readNet
xsltSecurityCheck readNet
Definition: security.c:36
_xsltSecurityPrefs::writeNet
xsltSecurityCheck writeNet
Definition: security.c:37
option
Definition: getopt.h:109

Referenced by xsltCheckRead(), xsltCheckWrite(), and xsltCheckWritePath().

◆ xsltNewSecurityPrefs()

XSLTPUBFUN xsltSecurityPrefsPtr XSLTCALL xsltNewSecurityPrefs ( void  )

xsltNewSecurityPrefs:

Create a new security preference block

Returns a pointer to the new block or NULL in case of error

Definition at line 56 of file security.c.

56 {
57 xsltSecurityPrefsPtr ret;
58
59 xsltInitGlobals();
60
61 ret = (xsltSecurityPrefsPtr) xmlMalloc(sizeof(xsltSecurityPrefs));
62 if (ret == NULL) {
63 xsltTransformError(NULL, NULL, NULL,
64 "xsltNewSecurityPrefs : malloc failed\n");
65 return(NULL);
66 }
67 memset(ret, 0, sizeof(xsltSecurityPrefs));
68 return(ret);
69}
xsltInitGlobals
void xsltInitGlobals(void)
Definition: extensions.c:2257
xsltSecurityPrefsPtr
xsltSecurityPrefs * xsltSecurityPrefsPtr
Definition: security.h:30
xmlMalloc
XMLPUBVAR xmlMallocFunc xmlMalloc
Definition: globals.h:248
memset
#define memset(x, y, z)
Definition: compat.h:39
_xsltSecurityPrefs
Definition: security.c:32

◆ xsltSecurityAllow()

XSLTPUBFUN int XSLTCALL xsltSecurityAllow ( xsltSecurityPrefsPtr  sec,
xsltTransformContextPtr  ctxt,
const char value 
)

◆ xsltSecurityForbid()

XSLTPUBFUN int XSLTCALL xsltSecurityForbid ( xsltSecurityPrefsPtr  sec,
xsltTransformContextPtr  ctxt,
const char value 
)

◆ xsltSetCtxtSecurityPrefs()

XSLTPUBFUN int XSLTCALL xsltSetCtxtSecurityPrefs ( xsltSecurityPrefsPtr  sec,
xsltTransformContextPtr  ctxt 
)

xsltSetCtxtSecurityPrefs: @sec: the security block to use @ctxt: an XSLT transformation context

Set the security preference for a specific transformation

Returns -1 in case of error, 0 otherwise

Definition at line 177 of file security.c.

178 {
179 if (ctxt == NULL)
180 return(-1);
181 ctxt->sec = (void *) sec;
182 return(0);
183}
_xsltTransformContext::sec
void * sec
Definition: xsltInternals.h:1734

◆ xsltSetDefaultSecurityPrefs()

XSLTPUBFUN void XSLTCALL xsltSetDefaultSecurityPrefs ( xsltSecurityPrefsPtr  sec)

xsltSetDefaultSecurityPrefs: @sec: the security block to use

Set the default security preference application-wide

Definition at line 150 of file security.c.

150 {
151
152 xsltDefaultSecurityPrefs = sec;
153}

◆ xsltSetSecurityPrefs()

XSLTPUBFUN int XSLTCALL xsltSetSecurityPrefs ( xsltSecurityPrefsPtr  sec,
xsltSecurityOption  option,
xsltSecurityCheck  func 
)

xsltSetSecurityPrefs: @sec: the security block to update @option: the option to update @func: the user callback to use for this option

Update the security option to use the new callback checking function

Returns -1 in case of error, 0 otherwise

Definition at line 95 of file security.c.

96 {
97 xsltInitGlobals();
98 if (sec == NULL)
99 return(-1);
100 switch (option) {
101 case XSLT_SECPREF_READ_FILE:
102 sec->readFile = func; return(0);
103 case XSLT_SECPREF_WRITE_FILE:
104 sec->createFile = func; return(0);
105 case XSLT_SECPREF_CREATE_DIRECTORY:
106 sec->createDir = func; return(0);
107 case XSLT_SECPREF_READ_NETWORK:
108 sec->readNet = func; return(0);
109 case XSLT_SECPREF_WRITE_NETWORK:
110 sec->writeNet = func; return(0);
111 }
112 return(-1);
113}
func
GLenum func
Definition: glext.h:6028