Solaris Trusted Extensions Developer's Guide
Previous Next

Validating the Label Request Against the Printer's Label Range

In the printing application, the code for validating the label is contained in the lp/cmd/lpsched/validate.c file.

Some types of applications need to compare two given labels. For example, an application might need to determine if one label strictly dominates another label. These applications use API functions that compare one label to another label.

The printing application, however, is based on a range of labels. A printer is configured to accept printing requests from a range of different labels. Therefore, the printing application uses API functions that check a label against a range. The application checks that the label from the remote host falls within the range of labels that the printer allows.

In the validate.c file, the printing application uses the blinrange() function to check the remote host's label against the label range of the printer. This check is made within the tsol_check_printer_label_range() function, as shown here:

static int
tsol_check_printer_label_range(char *slabel, const char *printer)
{
    int            in_range = 0;
    int            err = 0;
    blrange_t        *range;
    m_label_t    *sl = NULL;

    if (slabel == NULL)
        return (0);

    if ((err =
        (str_to_label(slabel, &sl, USER_CLEAR, L_NO_CORRECTION, &in_range)))
        == -1) {
        /* str_to_label error on printer max label */
        return (0);
    }
    if ((range = getdevicerange(printer)) == NULL) {
        m_label_free(sl);
        return (0);
    }

    /* blinrange returns true (1) if in range, false (0) if not */
    in_range = blinrange(sl, range);

    m_label_free(sl);
    m_label_free(range->lower_bound);
    m_label_free(range->upper_bound);
    free(range);

    return (in_range);
}

The tsol_check_printer_label_range() function takes as parameters the label returned by the get_peer_label() function and the name of the printer.

Before comparing the labels, tsol_check_printer_label_range() converts the string into a label by using the str_to_label() function.

The label type is set to USER_CLEAR, which produces the clearance label of the associated object. The clearance label ensures that the appropriate level of label is used in the range check that the blinrange() function performs.

The sl label that is obtained from str_to_label() is checked to determine whether the remote host's label, slabel, is within the range of the requested device, that is, the printer. This label is tested against the printer's label. The printer's range is obtained by calling the getdevicerange() function for the selected printer. The range is returned as a blrange_t data structure.

The printer's label range in the blrange_t data structure is passed into the blinrange() function, along with the clearance label of the requester. See the blinrange(3TSOL) man page.

The following code excerpt shows the _validate() function in the validate.c file. This function is used to find a printer to handle a printing request. This code compares the user ID and the label associated with the request against the set of allowed users and the label range that is associated with each printer.

/*
 * If a single printer was named, check the request against it.
 * Do the accept/reject check late so that we give the most
 * useful information to the user.
 */
if (pps) {
    (pc = &single)->pps = pps;

    /* Does the printer allow access to the user? */
    if (!CHKU(prs, pps)) {
        ret = MDENYDEST;
        goto Return;
    }

    /* Check printer label range */
    if (is_system_labeled() && prs->secure->slabel != NULL) {
        if (tsol_check_printer_label_range(prs->secure->slabel,
            pps->printer->name) == 0) {
            ret = MDENYDEST;
            goto Return;
        }
    }
Previous Next