2 * security.c: Security internal calls
5 * Sebastien Pouliot <sebastien@ximian.com>
7 * Copyright 2004-2009 Novell, Inc (http://www.novell.com)
8 * Licensed under the MIT license. See LICENSE file in the project root for full license information.
15 #include <mono/metadata/assembly.h>
16 #include <mono/metadata/appdomain.h>
17 #include <mono/metadata/image.h>
18 #include <mono/metadata/exception.h>
19 #include <mono/metadata/object-internals.h>
20 #include <mono/metadata/metadata-internals.h>
21 #include <mono/metadata/security.h>
22 #include <mono/io-layer/io-layer.h>
23 #include <mono/utils/strenc.h>
35 #include <sys/types.h>
42 #ifndef HAVE_GETGRGID_R
43 #warning Non-thread safe getgrgid being used!
45 #ifndef HAVE_GETGRNAM_R
46 #warning Non-thread safe getgrnam being used!
48 #ifndef HAVE_GETPWNAM_R
49 #warning Non-thread safe getpwnam being used!
51 #ifndef HAVE_GETPWUID_R
52 #warning Non-thread safe getpwuid being used!
55 #endif /* defined(__GNUC__) */
56 #endif /* !HOST_WIN32 */
58 /* internal functions - reuse driven */
60 /* ask a server to translate a SID into a textual representation */
62 #define MONO_SYSCONF_DEFAULT_SIZE ((size_t) 1024)
65 * Ensure we always get a valid (usable) value from sysconf.
66 * In case of error, we return the default value.
68 static size_t mono_sysconf (int name
)
70 size_t size
= (size_t) sysconf (name
);
72 return (size
== -1) ? MONO_SYSCONF_DEFAULT_SIZE
: size
;
76 GetTokenName (uid_t uid
)
80 #ifdef HAVE_GETPWUID_R
86 struct passwd
*p
= NULL
;
89 #ifdef HAVE_GETPWUID_R
90 #ifdef _SC_GETPW_R_SIZE_MAX
91 fbufsize
= mono_sysconf (_SC_GETPW_R_SIZE_MAX
);
93 fbufsize
= MONO_SYSCONF_DEFAULT_SIZE
;
95 fbuf
= (gchar
*)g_malloc0 (fbufsize
);
96 retval
= getpwuid_r (uid
, &pwd
, fbuf
, fbufsize
, &p
);
97 result
= ((retval
== 0) && (p
== &pwd
));
99 /* default to non thread-safe but posix compliant function */
101 result
= (p
!= NULL
);
105 uname
= g_strdup (p
->pw_name
);
108 #ifdef HAVE_GETPWUID_R
116 IsMemberInList (uid_t user
, struct group
*g
)
118 gboolean result
= FALSE
;
119 gchar
*utf8_username
= GetTokenName (user
);
125 gchar
**users
= g
->gr_mem
;
129 if (strcmp (utf8_username
, u
) == 0) {
137 g_free (utf8_username
);
142 IsDefaultGroup (uid_t user
, gid_t group
)
144 #ifdef HAVE_GETPWUID_R
150 struct passwd
*p
= NULL
;
153 #ifdef HAVE_GETPWUID_R
154 #ifdef _SC_GETPW_R_SIZE_MAX
155 fbufsize
= mono_sysconf (_SC_GETPW_R_SIZE_MAX
);
157 fbufsize
= MONO_SYSCONF_DEFAULT_SIZE
;
160 fbuf
= (gchar
*)g_malloc0 (fbufsize
);
161 retval
= getpwuid_r (user
, &pwd
, fbuf
, fbufsize
, &p
);
162 result
= ((retval
== 0) && (p
== &pwd
));
164 /* default to non thread-safe but posix compliant function */
166 result
= (p
!= NULL
);
170 result
= (p
->pw_gid
== group
);
173 #ifdef HAVE_GETPWUID_R
181 IsMemberOf (gid_t user
, struct group
*g
)
186 /* is it the user default group */
187 if (IsDefaultGroup (user
, g
->gr_gid
))
190 /* is the user in the group list */
191 return IsMemberInList (user
, g
);
193 #endif /* !HOST_WIN32 */
197 /* System.Security.Principal.WindowsIdentity */
201 ves_icall_System_Security_Principal_WindowsIdentity_GetCurrentToken (void)
203 return GINT_TO_POINTER (geteuid ());
207 internal_get_token_name (gpointer token
, gunichar2
** uniname
)
211 gchar
*uname
= GetTokenName ((uid_t
) GPOINTER_TO_INT (token
));
214 size
= strlen (uname
);
215 *uniname
= g_utf8_to_utf16 (uname
, size
, NULL
, NULL
, NULL
);
223 ves_icall_System_Security_Principal_WindowsIdentity_GetTokenName (gpointer token
)
226 MonoString
*result
= NULL
;
227 gunichar2
*uniname
= NULL
;
230 mono_error_init (&error
);
232 size
= internal_get_token_name (token
, &uniname
);
235 result
= mono_string_new_utf16_checked (mono_domain_get (), uniname
, size
, &error
);
238 result
= mono_string_new (mono_domain_get (), "");
243 mono_error_set_pending_exception (&error
);
246 #endif /* !HOST_WIN32 */
250 ves_icall_System_Security_Principal_WindowsIdentity_GetUserToken (MonoString
*username
)
252 #ifdef HAVE_GETPWNAM_R
258 gpointer token
= (gpointer
) -2;
263 utf8_name
= mono_unicode_to_external (mono_string_chars (username
));
265 #ifdef HAVE_GETPWNAM_R
266 #ifdef _SC_GETPW_R_SIZE_MAX
267 fbufsize
= mono_sysconf (_SC_GETPW_R_SIZE_MAX
);
269 fbufsize
= MONO_SYSCONF_DEFAULT_SIZE
;
272 fbuf
= (gchar
*)g_malloc0 (fbufsize
);
273 retval
= getpwnam_r (utf8_name
, &pwd
, fbuf
, fbufsize
, &p
);
274 result
= ((retval
== 0) && (p
== &pwd
));
276 /* default to non thread-safe but posix compliant function */
277 p
= getpwnam (utf8_name
);
278 result
= (p
!= NULL
);
282 token
= GINT_TO_POINTER (p
->pw_uid
);
285 #ifdef HAVE_GETPWNAM_R
292 #endif /* HOST_WIN32 */
294 /* http://www.dotnet247.com/247reference/msgs/39/195403.aspx
295 // internal static string[] WindowsIdentity._GetRoles (IntPtr token)
300 ves_icall_System_Security_Principal_WindowsIdentity_GetRoles (gpointer token
)
303 MonoArray
*array
= NULL
;
304 MonoDomain
*domain
= mono_domain_get ();
306 /* POSIX-compliant systems should use IsMemberOfGroupId or IsMemberOfGroupName */
307 g_warning ("WindowsIdentity._GetRoles should never be called on POSIX");
310 /* return empty array of string, i.e. string [0] */
311 array
= mono_array_new_checked (domain
, mono_get_string_class (), 0, &error
);
312 mono_error_set_pending_exception (&error
);
316 #endif /* !HOST_WIN32 */
318 /* System.Security.Principal.WindowsImpersonationContext */
322 ves_icall_System_Security_Principal_WindowsImpersonationContext_CloseToken (gpointer token
)
326 #endif /* !HOST_WIN32 */
330 ves_icall_System_Security_Principal_WindowsImpersonationContext_DuplicateToken (gpointer token
)
334 #endif /* !HOST_WIN32 */
336 #if G_HAVE_API_SUPPORT(HAVE_CLASSIC_WINAPI_SUPPORT)
338 ves_icall_System_Security_Principal_WindowsImpersonationContext_SetCurrentToken (gpointer token
)
341 return (ImpersonateLoggedOnUser (token
) != 0);
343 uid_t itoken
= (uid_t
) GPOINTER_TO_INT (token
);
344 #ifdef HAVE_SETRESUID
345 if (setresuid (-1, itoken
, getuid ()) < 0)
348 return geteuid () == itoken
;
353 ves_icall_System_Security_Principal_WindowsImpersonationContext_RevertToSelf (void)
356 return (RevertToSelf () != 0);
358 #ifdef HAVE_GETRESUID
363 #ifdef HAVE_GETRESUID
364 if (getresuid (&ruid
, &euid
, &suid
) < 0)
367 #ifdef HAVE_SETRESUID
368 if (setresuid (-1, suid
, -1) < 0)
373 return geteuid () == suid
;
376 #endif /* G_HAVE_API_SUPPORT(HAVE_CLASSIC_WINAPI_SUPPORT) */
378 /* System.Security.Principal.WindowsPrincipal */
382 ves_icall_System_Security_Principal_WindowsPrincipal_IsMemberOfGroupId (gpointer user
, gpointer group
)
384 gboolean result
= FALSE
;
386 #ifdef HAVE_GETGRGID_R
392 struct group
*g
= NULL
;
394 #ifdef HAVE_GETGRGID_R
395 #ifdef _SC_GETGR_R_SIZE_MAX
396 fbufsize
= mono_sysconf (_SC_GETGR_R_SIZE_MAX
);
398 fbufsize
= MONO_SYSCONF_DEFAULT_SIZE
;
400 fbuf
= (gchar
*)g_malloc0 (fbufsize
);
401 retval
= getgrgid_r ((gid_t
) GPOINTER_TO_INT (group
), &grp
, fbuf
, fbufsize
, &g
);
402 result
= ((retval
== 0) && (g
== &grp
));
404 /* default to non thread-safe but posix compliant function */
405 g
= getgrgid ((gid_t
) GPOINTER_TO_INT (group
));
406 result
= (g
!= NULL
);
410 result
= IsMemberOf ((uid_t
) GPOINTER_TO_INT (user
), g
);
413 #ifdef HAVE_GETGRGID_R
421 ves_icall_System_Security_Principal_WindowsPrincipal_IsMemberOfGroupName (gpointer user
, MonoString
*group
)
423 gboolean result
= FALSE
;
424 gchar
*utf8_groupname
;
426 utf8_groupname
= mono_unicode_to_external (mono_string_chars (group
));
427 if (utf8_groupname
) {
428 struct group
*g
= NULL
;
429 #ifdef HAVE_GETGRNAM_R
433 #ifdef _SC_GETGR_R_SIZE_MAX
434 size_t fbufsize
= mono_sysconf (_SC_GETGR_R_SIZE_MAX
);
436 size_t fbufsize
= MONO_SYSCONF_DEFAULT_SIZE
;
438 fbuf
= (gchar
*)g_malloc0 (fbufsize
);
439 retval
= getgrnam_r (utf8_groupname
, &grp
, fbuf
, fbufsize
, &g
);
440 result
= ((retval
== 0) && (g
== &grp
));
442 /* default to non thread-safe but posix compliant function */
443 g
= getgrnam (utf8_groupname
);
444 result
= (g
!= NULL
);
448 result
= IsMemberOf ((uid_t
) GPOINTER_TO_INT (user
), g
);
451 #ifdef HAVE_GETGRNAM_R
454 g_free (utf8_groupname
);
459 #endif /* !HOST_WIN32 */
461 /* Mono.Security.Cryptography IO related internal calls */
465 IsProtected (MonoString
*path
, gint32 protection
)
467 gboolean result
= FALSE
;
468 gchar
*utf8_name
= mono_unicode_to_external (mono_string_chars (path
));
471 if (stat (utf8_name
, &st
) == 0) {
472 result
= (((st
.st_mode
& 0777) & protection
) == 0);
481 Protect (MonoString
*path
, gint32 file_mode
, gint32 add_dir_mode
)
483 gboolean result
= FALSE
;
484 gchar
*utf8_name
= mono_unicode_to_external (mono_string_chars (path
));
487 if (stat (utf8_name
, &st
) == 0) {
488 int mode
= file_mode
;
489 if (st
.st_mode
& S_IFDIR
)
490 mode
|= add_dir_mode
;
491 result
= (chmod (utf8_name
, mode
) == 0);
499 ves_icall_Mono_Security_Cryptography_KeyPairPersistence_CanSecure (MonoString
*root
)
501 /* we assume some kind of security is applicable outside Windows */
506 ves_icall_Mono_Security_Cryptography_KeyPairPersistence_IsMachineProtected (MonoString
*path
)
508 gboolean ret
= FALSE
;
510 /* no one, but the owner, should have write access to the directory */
511 ret
= IsProtected (path
, (S_IWGRP
| S_IWOTH
));
512 return (MonoBoolean
)ret
;
516 ves_icall_Mono_Security_Cryptography_KeyPairPersistence_IsUserProtected (MonoString
*path
)
518 gboolean ret
= FALSE
;
520 /* no one, but the user, should have access to the directory */
521 ret
= IsProtected (path
, (S_IRGRP
| S_IWGRP
| S_IXGRP
| S_IROTH
| S_IWOTH
| S_IXOTH
));
522 return (MonoBoolean
)ret
;
526 ves_icall_Mono_Security_Cryptography_KeyPairPersistence_ProtectMachine (MonoString
*path
)
528 gboolean ret
= FALSE
;
530 /* read/write to owner, read to everyone else */
531 ret
= Protect (path
, (S_IRUSR
| S_IWUSR
| S_IRGRP
| S_IROTH
), (S_IXUSR
| S_IXGRP
| S_IXOTH
));
532 return (MonoBoolean
)ret
;
536 ves_icall_Mono_Security_Cryptography_KeyPairPersistence_ProtectUser (MonoString
*path
)
538 gboolean ret
= FALSE
;
540 /* read/write to user, no access to everyone else */
541 ret
= Protect (path
, (S_IRUSR
| S_IWUSR
), S_IXUSR
);
542 return (MonoBoolean
)ret
;
544 #endif /* !HOST_WIN32 */
547 * Returns TRUE if there is "something" where the Authenticode signature is
548 * normally located. Returns FALSE is data directory is empty.
550 * Note: Neither the structure nor the signature is verified by this function.
553 ves_icall_System_Security_Policy_Evidence_IsAuthenticodePresent (MonoReflectionAssemblyHandle refass
, MonoError
*error
)
555 mono_error_init (error
);
556 if (MONO_HANDLE_IS_NULL (refass
))
558 MonoAssembly
*assembly
= MONO_HANDLE_GETVAL (refass
, assembly
);
559 if (assembly
&& assembly
->image
) {
560 return (MonoBoolean
)mono_image_has_authenticode_entry (assembly
->image
);
566 /* System.Security.SecureString related internal calls */
568 static MonoImage
*system_security_assembly
= NULL
;
571 ves_icall_System_Security_SecureString_DecryptInternal (MonoArray
*data
, MonoObject
*scope
)
574 invoke_protected_memory_method (data
, scope
, FALSE
, &error
);
575 mono_error_set_pending_exception (&error
);
578 ves_icall_System_Security_SecureString_EncryptInternal (MonoArray
* data
, MonoObject
*scope
)
581 invoke_protected_memory_method (data
, scope
, TRUE
, &error
);
582 mono_error_set_pending_exception (&error
);
585 void invoke_protected_memory_method (MonoArray
*data
, MonoObject
*scope
, gboolean encrypt
, MonoError
*error
)
591 mono_error_init (error
);
593 if (system_security_assembly
== NULL
) {
594 system_security_assembly
= mono_image_loaded ("System.Security");
595 if (!system_security_assembly
) {
596 MonoAssembly
*sa
= mono_assembly_open ("System.Security.dll", NULL
);
598 g_assert_not_reached ();
599 system_security_assembly
= mono_assembly_get_image (sa
);
603 klass
= mono_class_load_from_name (system_security_assembly
,
604 "System.Security.Cryptography", "ProtectedMemory");
605 method
= mono_class_get_method_from_name (klass
, encrypt
? "Protect" : "Unprotect", 2);
607 params
[1] = scope
; /* MemoryProtectionScope.SameProcess */
609 mono_runtime_invoke_checked (method
, NULL
, params
, error
);