Fix roslyn install with AOT disabled.
[mono-project.git] / mono / metadata / mono-security.c
blobcd1a9ad0aecf2c980b244c5a1058838a536cc1ef
1 /*
2 * security.c: Security internal calls
4 * Author:
5 * Sebastien Pouliot <sebastien@ximian.com>
7 * Copyright 2004-2009 Novell, Inc (http://www.novell.com)
8 * Licensed under the MIT license. See LICENSE file in the project root for full license information.
9 */
11 #ifdef HAVE_CONFIG_H
12 #include <config.h>
13 #endif
15 #include <mono/metadata/assembly.h>
16 #include <mono/metadata/appdomain.h>
17 #include <mono/metadata/image.h>
18 #include <mono/metadata/exception.h>
19 #include <mono/metadata/object-internals.h>
20 #include <mono/metadata/metadata-internals.h>
21 #include <mono/metadata/security.h>
22 #include <mono/io-layer/io-layer.h>
23 #include <mono/utils/strenc.h>
25 #ifndef HOST_WIN32
26 #include <config.h>
27 #ifdef HAVE_GRP_H
28 #include <grp.h>
29 #endif
30 #ifdef HAVE_PWD_H
31 #include <pwd.h>
32 #endif
33 #include <string.h>
34 #include <sys/stat.h>
35 #include <sys/types.h>
36 #include <unistd.h>
38 /* Disclaimers */
40 #if defined(__GNUC__)
42 #ifndef HAVE_GETGRGID_R
43 #warning Non-thread safe getgrgid being used!
44 #endif
45 #ifndef HAVE_GETGRNAM_R
46 #warning Non-thread safe getgrnam being used!
47 #endif
48 #ifndef HAVE_GETPWNAM_R
49 #warning Non-thread safe getpwnam being used!
50 #endif
51 #ifndef HAVE_GETPWUID_R
52 #warning Non-thread safe getpwuid being used!
53 #endif
55 #endif /* defined(__GNUC__) */
56 #endif /* !HOST_WIN32 */
58 /* internal functions - reuse driven */
60 /* ask a server to translate a SID into a textual representation */
61 #ifndef HOST_WIN32
62 #define MONO_SYSCONF_DEFAULT_SIZE ((size_t) 1024)
65 * Ensure we always get a valid (usable) value from sysconf.
66 * In case of error, we return the default value.
68 static size_t mono_sysconf (int name)
70 size_t size = (size_t) sysconf (name);
71 /* default value */
72 return (size == -1) ? MONO_SYSCONF_DEFAULT_SIZE : size;
75 static gchar*
76 GetTokenName (uid_t uid)
78 gchar *uname = NULL;
80 #ifdef HAVE_GETPWUID_R
81 struct passwd pwd;
82 size_t fbufsize;
83 gchar *fbuf;
84 gint32 retval;
85 #endif
86 struct passwd *p = NULL;
87 gboolean result;
89 #ifdef HAVE_GETPWUID_R
90 #ifdef _SC_GETPW_R_SIZE_MAX
91 fbufsize = mono_sysconf (_SC_GETPW_R_SIZE_MAX);
92 #else
93 fbufsize = MONO_SYSCONF_DEFAULT_SIZE;
94 #endif
95 fbuf = (gchar *)g_malloc0 (fbufsize);
96 retval = getpwuid_r (uid, &pwd, fbuf, fbufsize, &p);
97 result = ((retval == 0) && (p == &pwd));
98 #else
99 /* default to non thread-safe but posix compliant function */
100 p = getpwuid (uid);
101 result = (p != NULL);
102 #endif
104 if (result) {
105 uname = g_strdup (p->pw_name);
108 #ifdef HAVE_GETPWUID_R
109 g_free (fbuf);
110 #endif
112 return uname;
115 static gboolean
116 IsMemberInList (uid_t user, struct group *g)
118 gboolean result = FALSE;
119 gchar *utf8_username = GetTokenName (user);
121 if (!utf8_username)
122 return FALSE;
124 if (g) {
125 gchar **users = g->gr_mem;
127 while (*users) {
128 gchar *u = *(users);
129 if (strcmp (utf8_username, u) == 0) {
130 result = TRUE;
131 break;
133 users++;
137 g_free (utf8_username);
138 return result;
141 static gboolean
142 IsDefaultGroup (uid_t user, gid_t group)
144 #ifdef HAVE_GETPWUID_R
145 struct passwd pwd;
146 size_t fbufsize;
147 gchar *fbuf;
148 gint32 retval;
149 #endif
150 struct passwd *p = NULL;
151 gboolean result;
153 #ifdef HAVE_GETPWUID_R
154 #ifdef _SC_GETPW_R_SIZE_MAX
155 fbufsize = mono_sysconf (_SC_GETPW_R_SIZE_MAX);
156 #else
157 fbufsize = MONO_SYSCONF_DEFAULT_SIZE;
158 #endif
160 fbuf = (gchar *)g_malloc0 (fbufsize);
161 retval = getpwuid_r (user, &pwd, fbuf, fbufsize, &p);
162 result = ((retval == 0) && (p == &pwd));
163 #else
164 /* default to non thread-safe but posix compliant function */
165 p = getpwuid (user);
166 result = (p != NULL);
167 #endif
169 if (result) {
170 result = (p->pw_gid == group);
173 #ifdef HAVE_GETPWUID_R
174 g_free (fbuf);
175 #endif
177 return result;
180 static gboolean
181 IsMemberOf (gid_t user, struct group *g)
183 if (!g)
184 return FALSE;
186 /* is it the user default group */
187 if (IsDefaultGroup (user, g->gr_gid))
188 return TRUE;
190 /* is the user in the group list */
191 return IsMemberInList (user, g);
193 #endif /* !HOST_WIN32 */
195 /* ICALLS */
197 /* System.Security.Principal.WindowsIdentity */
199 #ifndef HOST_WIN32
200 gpointer
201 ves_icall_System_Security_Principal_WindowsIdentity_GetCurrentToken (void)
203 return GINT_TO_POINTER (geteuid ());
206 static gint32
207 internal_get_token_name (gpointer token, gunichar2 ** uniname)
209 gint32 size = 0;
211 gchar *uname = GetTokenName ((uid_t) GPOINTER_TO_INT (token));
213 if (uname) {
214 size = strlen (uname);
215 *uniname = g_utf8_to_utf16 (uname, size, NULL, NULL, NULL);
216 g_free (uname);
219 return size;
222 MonoString*
223 ves_icall_System_Security_Principal_WindowsIdentity_GetTokenName (gpointer token)
225 MonoError error;
226 MonoString *result = NULL;
227 gunichar2 *uniname = NULL;
228 gint32 size = 0;
230 mono_error_init (&error);
232 size = internal_get_token_name (token, &uniname);
234 if (size > 0) {
235 result = mono_string_new_utf16_checked (mono_domain_get (), uniname, size, &error);
237 else
238 result = mono_string_new (mono_domain_get (), "");
240 if (uniname)
241 g_free (uniname);
243 mono_error_set_pending_exception (&error);
244 return result;
246 #endif /* !HOST_WIN32 */
248 #ifndef HOST_WIN32
249 gpointer
250 ves_icall_System_Security_Principal_WindowsIdentity_GetUserToken (MonoString *username)
252 #ifdef HAVE_GETPWNAM_R
253 struct passwd pwd;
254 size_t fbufsize;
255 gchar *fbuf;
256 gint32 retval;
257 #endif
258 gpointer token = (gpointer) -2;
259 struct passwd *p;
260 gchar *utf8_name;
261 gboolean result;
263 utf8_name = mono_unicode_to_external (mono_string_chars (username));
265 #ifdef HAVE_GETPWNAM_R
266 #ifdef _SC_GETPW_R_SIZE_MAX
267 fbufsize = mono_sysconf (_SC_GETPW_R_SIZE_MAX);
268 #else
269 fbufsize = MONO_SYSCONF_DEFAULT_SIZE;
270 #endif
272 fbuf = (gchar *)g_malloc0 (fbufsize);
273 retval = getpwnam_r (utf8_name, &pwd, fbuf, fbufsize, &p);
274 result = ((retval == 0) && (p == &pwd));
275 #else
276 /* default to non thread-safe but posix compliant function */
277 p = getpwnam (utf8_name);
278 result = (p != NULL);
279 #endif
281 if (result) {
282 token = GINT_TO_POINTER (p->pw_uid);
285 #ifdef HAVE_GETPWNAM_R
286 g_free (fbuf);
287 #endif
288 g_free (utf8_name);
290 return token;
292 #endif /* HOST_WIN32 */
294 /* http://www.dotnet247.com/247reference/msgs/39/195403.aspx
295 // internal static string[] WindowsIdentity._GetRoles (IntPtr token)
298 #ifndef HOST_WIN32
299 MonoArray*
300 ves_icall_System_Security_Principal_WindowsIdentity_GetRoles (gpointer token)
302 MonoError error;
303 MonoArray *array = NULL;
304 MonoDomain *domain = mono_domain_get ();
306 /* POSIX-compliant systems should use IsMemberOfGroupId or IsMemberOfGroupName */
307 g_warning ("WindowsIdentity._GetRoles should never be called on POSIX");
309 if (!array) {
310 /* return empty array of string, i.e. string [0] */
311 array = mono_array_new_checked (domain, mono_get_string_class (), 0, &error);
312 mono_error_set_pending_exception (&error);
314 return array;
316 #endif /* !HOST_WIN32 */
318 /* System.Security.Principal.WindowsImpersonationContext */
320 #ifndef HOST_WIN32
321 gboolean
322 ves_icall_System_Security_Principal_WindowsImpersonationContext_CloseToken (gpointer token)
324 return TRUE;
326 #endif /* !HOST_WIN32 */
328 #ifndef HOST_WIN32
329 gpointer
330 ves_icall_System_Security_Principal_WindowsImpersonationContext_DuplicateToken (gpointer token)
332 return token;
334 #endif /* !HOST_WIN32 */
336 #if G_HAVE_API_SUPPORT(HAVE_CLASSIC_WINAPI_SUPPORT)
337 gboolean
338 ves_icall_System_Security_Principal_WindowsImpersonationContext_SetCurrentToken (gpointer token)
340 #ifdef HOST_WIN32
341 return (ImpersonateLoggedOnUser (token) != 0);
342 #else
343 uid_t itoken = (uid_t) GPOINTER_TO_INT (token);
344 #ifdef HAVE_SETRESUID
345 if (setresuid (-1, itoken, getuid ()) < 0)
346 return FALSE;
347 #endif
348 return geteuid () == itoken;
349 #endif
352 gboolean
353 ves_icall_System_Security_Principal_WindowsImpersonationContext_RevertToSelf (void)
355 #ifdef HOST_WIN32
356 return (RevertToSelf () != 0);
357 #else
358 #ifdef HAVE_GETRESUID
359 uid_t ruid, euid;
360 #endif
361 uid_t suid = -1;
363 #ifdef HAVE_GETRESUID
364 if (getresuid (&ruid, &euid, &suid) < 0)
365 return FALSE;
366 #endif
367 #ifdef HAVE_SETRESUID
368 if (setresuid (-1, suid, -1) < 0)
369 return FALSE;
370 #else
371 return TRUE;
372 #endif
373 return geteuid () == suid;
374 #endif
376 #endif /* G_HAVE_API_SUPPORT(HAVE_CLASSIC_WINAPI_SUPPORT) */
378 /* System.Security.Principal.WindowsPrincipal */
380 #ifndef HOST_WIN32
381 gboolean
382 ves_icall_System_Security_Principal_WindowsPrincipal_IsMemberOfGroupId (gpointer user, gpointer group)
384 gboolean result = FALSE;
386 #ifdef HAVE_GETGRGID_R
387 struct group grp;
388 size_t fbufsize;
389 gchar *fbuf;
390 gint32 retval;
391 #endif
392 struct group *g = NULL;
394 #ifdef HAVE_GETGRGID_R
395 #ifdef _SC_GETGR_R_SIZE_MAX
396 fbufsize = mono_sysconf (_SC_GETGR_R_SIZE_MAX);
397 #else
398 fbufsize = MONO_SYSCONF_DEFAULT_SIZE;
399 #endif
400 fbuf = (gchar *)g_malloc0 (fbufsize);
401 retval = getgrgid_r ((gid_t) GPOINTER_TO_INT (group), &grp, fbuf, fbufsize, &g);
402 result = ((retval == 0) && (g == &grp));
403 #else
404 /* default to non thread-safe but posix compliant function */
405 g = getgrgid ((gid_t) GPOINTER_TO_INT (group));
406 result = (g != NULL);
407 #endif
409 if (result) {
410 result = IsMemberOf ((uid_t) GPOINTER_TO_INT (user), g);
413 #ifdef HAVE_GETGRGID_R
414 g_free (fbuf);
415 #endif
417 return result;
420 gboolean
421 ves_icall_System_Security_Principal_WindowsPrincipal_IsMemberOfGroupName (gpointer user, MonoString *group)
423 gboolean result = FALSE;
424 gchar *utf8_groupname;
426 utf8_groupname = mono_unicode_to_external (mono_string_chars (group));
427 if (utf8_groupname) {
428 struct group *g = NULL;
429 #ifdef HAVE_GETGRNAM_R
430 struct group grp;
431 gchar *fbuf;
432 gint32 retval;
433 #ifdef _SC_GETGR_R_SIZE_MAX
434 size_t fbufsize = mono_sysconf (_SC_GETGR_R_SIZE_MAX);
435 #else
436 size_t fbufsize = MONO_SYSCONF_DEFAULT_SIZE;
437 #endif
438 fbuf = (gchar *)g_malloc0 (fbufsize);
439 retval = getgrnam_r (utf8_groupname, &grp, fbuf, fbufsize, &g);
440 result = ((retval == 0) && (g == &grp));
441 #else
442 /* default to non thread-safe but posix compliant function */
443 g = getgrnam (utf8_groupname);
444 result = (g != NULL);
445 #endif
447 if (result) {
448 result = IsMemberOf ((uid_t) GPOINTER_TO_INT (user), g);
451 #ifdef HAVE_GETGRNAM_R
452 g_free (fbuf);
453 #endif
454 g_free (utf8_groupname);
457 return result;
459 #endif /* !HOST_WIN32 */
461 /* Mono.Security.Cryptography IO related internal calls */
463 #ifndef HOST_WIN32
464 static gboolean
465 IsProtected (MonoString *path, gint32 protection)
467 gboolean result = FALSE;
468 gchar *utf8_name = mono_unicode_to_external (mono_string_chars (path));
469 if (utf8_name) {
470 struct stat st;
471 if (stat (utf8_name, &st) == 0) {
472 result = (((st.st_mode & 0777) & protection) == 0);
474 g_free (utf8_name);
476 return result;
480 static gboolean
481 Protect (MonoString *path, gint32 file_mode, gint32 add_dir_mode)
483 gboolean result = FALSE;
484 gchar *utf8_name = mono_unicode_to_external (mono_string_chars (path));
485 if (utf8_name) {
486 struct stat st;
487 if (stat (utf8_name, &st) == 0) {
488 int mode = file_mode;
489 if (st.st_mode & S_IFDIR)
490 mode |= add_dir_mode;
491 result = (chmod (utf8_name, mode) == 0);
493 g_free (utf8_name);
495 return result;
498 MonoBoolean
499 ves_icall_Mono_Security_Cryptography_KeyPairPersistence_CanSecure (MonoString *root)
501 /* we assume some kind of security is applicable outside Windows */
502 return TRUE;
505 MonoBoolean
506 ves_icall_Mono_Security_Cryptography_KeyPairPersistence_IsMachineProtected (MonoString *path)
508 gboolean ret = FALSE;
510 /* no one, but the owner, should have write access to the directory */
511 ret = IsProtected (path, (S_IWGRP | S_IWOTH));
512 return (MonoBoolean)ret;
515 MonoBoolean
516 ves_icall_Mono_Security_Cryptography_KeyPairPersistence_IsUserProtected (MonoString *path)
518 gboolean ret = FALSE;
520 /* no one, but the user, should have access to the directory */
521 ret = IsProtected (path, (S_IRGRP | S_IWGRP | S_IXGRP | S_IROTH | S_IWOTH | S_IXOTH));
522 return (MonoBoolean)ret;
525 MonoBoolean
526 ves_icall_Mono_Security_Cryptography_KeyPairPersistence_ProtectMachine (MonoString *path)
528 gboolean ret = FALSE;
530 /* read/write to owner, read to everyone else */
531 ret = Protect (path, (S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH), (S_IXUSR | S_IXGRP | S_IXOTH));
532 return (MonoBoolean)ret;
535 MonoBoolean
536 ves_icall_Mono_Security_Cryptography_KeyPairPersistence_ProtectUser (MonoString *path)
538 gboolean ret = FALSE;
540 /* read/write to user, no access to everyone else */
541 ret = Protect (path, (S_IRUSR | S_IWUSR), S_IXUSR);
542 return (MonoBoolean)ret;
544 #endif /* !HOST_WIN32 */
547 * Returns TRUE if there is "something" where the Authenticode signature is
548 * normally located. Returns FALSE is data directory is empty.
550 * Note: Neither the structure nor the signature is verified by this function.
552 MonoBoolean
553 ves_icall_System_Security_Policy_Evidence_IsAuthenticodePresent (MonoReflectionAssemblyHandle refass, MonoError *error)
555 mono_error_init (error);
556 if (MONO_HANDLE_IS_NULL (refass))
557 return FALSE;
558 MonoAssembly *assembly = MONO_HANDLE_GETVAL (refass, assembly);
559 if (assembly && assembly->image) {
560 return (MonoBoolean)mono_image_has_authenticode_entry (assembly->image);
562 return FALSE;
566 /* System.Security.SecureString related internal calls */
568 static MonoImage *system_security_assembly = NULL;
570 void
571 ves_icall_System_Security_SecureString_DecryptInternal (MonoArray *data, MonoObject *scope)
573 MonoError error;
574 invoke_protected_memory_method (data, scope, FALSE, &error);
575 mono_error_set_pending_exception (&error);
577 void
578 ves_icall_System_Security_SecureString_EncryptInternal (MonoArray* data, MonoObject *scope)
580 MonoError error;
581 invoke_protected_memory_method (data, scope, TRUE, &error);
582 mono_error_set_pending_exception (&error);
585 void invoke_protected_memory_method (MonoArray *data, MonoObject *scope, gboolean encrypt, MonoError *error)
587 MonoClass *klass;
588 MonoMethod *method;
589 void *params [2];
591 mono_error_init (error);
593 if (system_security_assembly == NULL) {
594 system_security_assembly = mono_image_loaded ("System.Security");
595 if (!system_security_assembly) {
596 MonoAssembly *sa = mono_assembly_open ("System.Security.dll", NULL);
597 if (!sa)
598 g_assert_not_reached ();
599 system_security_assembly = mono_assembly_get_image (sa);
603 klass = mono_class_load_from_name (system_security_assembly,
604 "System.Security.Cryptography", "ProtectedMemory");
605 method = mono_class_get_method_from_name (klass, encrypt ? "Protect" : "Unprotect", 2);
606 params [0] = data;
607 params [1] = scope; /* MemoryProtectionScope.SameProcess */
609 mono_runtime_invoke_checked (method, NULL, params, error);