github.com/freetocompute/snapd@v0.0.0-20210618182524-2fb355d72fd9/cmd/libsnap-confine-private/snap.h (about) 1 /* 2 * Copyright (C) 2015 Canonical Ltd 3 * 4 * This program is free software: you can redistribute it and/or modify 5 * it under the terms of the GNU General Public License version 3 as 6 * published by the Free Software Foundation. 7 * 8 * This program is distributed in the hope that it will be useful, 9 * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 * GNU General Public License for more details. 12 * 13 * You should have received a copy of the GNU General Public License 14 * along with this program. If not, see <http://www.gnu.org/licenses/>. 15 * 16 */ 17 18 #ifndef SNAP_CONFINE_SNAP_H 19 #define SNAP_CONFINE_SNAP_H 20 21 #include <stdbool.h> 22 #include <stddef.h> 23 24 #include "error.h" 25 26 /** 27 * Error domain for errors related to the snap module. 28 **/ 29 #define SC_SNAP_DOMAIN "snap" 30 31 enum { 32 /** The name of the snap is not valid. */ 33 SC_SNAP_INVALID_NAME = 1, 34 /** The instance key of the snap is not valid. */ 35 SC_SNAP_INVALID_INSTANCE_KEY = 2, 36 /** The instance of the snap is not valid. */ 37 SC_SNAP_INVALID_INSTANCE_NAME = 3, 38 }; 39 40 /* SNAP_NAME_LEN is the maximum length of a snap name, enforced by snapd and the 41 * store. */ 42 #define SNAP_NAME_LEN 40 43 /* SNAP_INSTANCE_KEY_LEN is the maximum length of instance key, enforced locally 44 * by snapd. */ 45 #define SNAP_INSTANCE_KEY_LEN 10 46 /* SNAP_INSTANCE_LEN is the maximum length of snap instance name, composed of 47 * the snap name, separator '_' and the instance key, enforced locally by 48 * snapd. */ 49 #define SNAP_INSTANCE_LEN (SNAP_NAME_LEN + 1 + SNAP_INSTANCE_KEY_LEN) 50 /* SNAP_SECURITY_TAG_MAX_LEN is the maximum length of a security tag string 51 * (not buffer). This is an upper limit. In practice the security tag name is 52 * bound by SNAP_NAME_LEN, SNAP_INSTANCE_KEY_LEN, maximum length of an 53 * application name as well as a constant overhead of "snap", the optional 54 * "hook" and the "." characters connecting the components. */ 55 #define SNAP_SECURITY_TAG_MAX_LEN 256 56 57 /** 58 * Validate the given snap name. 59 * 60 * Valid name cannot be NULL and must match a regular expression describing the 61 * strict naming requirements. Please refer to snapd source code for details. 62 * 63 * The error protocol is observed so if the caller doesn't provide an outgoing 64 * error pointer the function will die on any error. 65 **/ 66 void sc_snap_name_validate(const char *snap_name, struct sc_error **errorp); 67 68 /** 69 * Validate the given instance key. 70 * 71 * Valid instance key cannot be NULL and must match a regular expression 72 * describing the strict naming requirements. Please refer to snapd source code 73 * for details. 74 * 75 * The error protocol is observed so if the caller doesn't provide an outgoing 76 * error pointer the function will die on any error. 77 **/ 78 void sc_instance_key_validate(const char *instance_key, 79 struct sc_error **errorp); 80 81 /** 82 * Validate the given snap instance name. 83 * 84 * Valid instance name must be composed of a valid snap name and a valid 85 * instance key. 86 * 87 * The error protocol is observed so if the caller doesn't provide an outgoing 88 * error pointer the function will die on any error. 89 **/ 90 void sc_instance_name_validate(const char *instance_name, 91 struct sc_error **errorp); 92 93 /** 94 * Validate security tag against strict naming requirements and snap name. 95 * 96 * The executable name is of form: 97 * snap.<name>.(<appname>|hook.<hookname>) 98 * - <name> must start with lowercase letter, then may contain 99 * lowercase alphanumerics and '-'; it must match snap_name 100 * - <appname> may contain alphanumerics and '-' 101 * - <hookname must start with a lowercase letter, then may 102 * contain lowercase letters and '-' 103 **/ 104 bool sc_security_tag_validate(const char *security_tag, const char *snap_name); 105 106 bool sc_is_hook_security_tag(const char *security_tag); 107 108 /** 109 * Extract snap name out of an instance name. 110 * 111 * A snap may be installed multiple times in parallel under distinct instance names. 112 * This function extracts the snap name out of a name that possibly contains a snap 113 * instance key. 114 * 115 * For example: snap_instance => snap, just-snap => just-snap 116 **/ 117 void sc_snap_drop_instance_key(const char *instance_name, char *snap_name, 118 size_t snap_name_size); 119 120 /** 121 * Extract snap name and instance key out of an instance name. 122 * 123 * A snap may be installed multiple times in parallel under distinct instance 124 * names. This function extracts the snap name and instance key out of the 125 * instance name. One of snap_name, instance_key must be non-NULL. 126 * 127 * For example: 128 * name_instance => "name" & "instance" 129 * just-name => "just-name" & "" 130 * 131 **/ 132 void sc_snap_split_instance_name(const char *instance_name, char *snap_name, 133 size_t snap_name_size, char *instance_key, 134 size_t instance_key_size); 135 136 #endif