From 0ff7750100991d80f6347404b9cd94f8bba24278 Mon Sep 17 00:00:00 2001 From: jiazhenyu Date: Mon, 31 Mar 2025 11:51:50 +0800 Subject: [PATCH 1/2] =?UTF-8?q?=E8=BD=AF=E6=80=BB=E7=BA=BF=E4=BC=A0?= =?UTF-8?q?=E8=BE=93=E5=AE=89=E5=85=A8=E5=8A=A0=E5=9B=BA--=20=E4=BF=AE?= =?UTF-8?q?=E5=A4=8D5.1release=E4=BC=A0=E8=BE=93=E6=9F=A5=E8=AF=A2?= =?UTF-8?q?=E6=8E=A5=E5=8F=A3=E5=8D=95=E5=90=91=E8=AE=BF=E9=97=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: jiazhenyu --- .../include/lnn_ohos_account_adapter.h | 1 + .../src/lnn_ohos_account_adapter.cpp | 34 +++++ .../src/lnn_ohos_account_adapter_virtual.cpp | 9 ++ .../permission/standard/access_control.cpp | 117 ++++++++++++------ .../common/include/softbus_app_info.h | 3 +- .../common/src/softbus_message_open_channel.c | 4 +- .../ipc/small/trans_client_proxy.c | 4 +- .../src/trans_client_proxy_standard.cpp | 4 +- .../common/src/trans_channel_common.c | 18 +-- .../proxy/src/softbus_proxychannel_message.c | 11 +- .../src/trans_tcp_direct_listener.c | 7 +- .../src/trans_udp_negotiation_exchange.c | 14 +-- interfaces/kits/transport/trans_type.h | 3 +- sdk/frame/small/src/trans_client_stub.c | 10 +- .../standard/src/softbus_client_stub.cpp | 11 +- .../session/src/client_trans_socket_manager.c | 4 +- .../ipc/trans_client_proxy_test.cpp | 4 +- 17 files changed, 183 insertions(+), 75 deletions(-) diff --git a/core/adapter/bus_center/include/lnn_ohos_account_adapter.h b/core/adapter/bus_center/include/lnn_ohos_account_adapter.h index c4bf5c8d67..81f1906144 100644 --- a/core/adapter/bus_center/include/lnn_ohos_account_adapter.h +++ b/core/adapter/bus_center/include/lnn_ohos_account_adapter.h @@ -28,6 +28,7 @@ int32_t GetCurrentAccount(int64_t *account); int32_t GetActiveOsAccountIds(void); bool IsActiveOsAccountUnlocked(void); int32_t GetOsAccountUid(char *id, uint32_t idLen, uint32_t *len); +int32_t GetOsAccountUidByUserId(char *id, uint32_t idLen, uint32_t *len, int32_t userId); #ifdef __cplusplus } diff --git a/core/adapter/bus_center/src/lnn_ohos_account_adapter.cpp b/core/adapter/bus_center/src/lnn_ohos_account_adapter.cpp index 2e0da2f164..55e6507889 100644 --- a/core/adapter/bus_center/src/lnn_ohos_account_adapter.cpp +++ b/core/adapter/bus_center/src/lnn_ohos_account_adapter.cpp @@ -212,4 +212,38 @@ int32_t GetOsAccountUid(char *id, uint32_t idLen, uint32_t *len) return SOFTBUS_MEM_ERR; } return SOFTBUS_OK; +} + +int32_t GetOsAccountUidByUserId(char *id, uint32_t idLen, uint32_t *len, int32_t userId) +{ + if (id == nullptr || len == nullptr || idLen == 0 || userId <= 0) { + LNN_LOGE(LNN_STATE, "invalid parameter"); + return SOFTBUS_INVALID_PARAM; + } + OHOS::AccountSA::OhosAccountInfo accountInfo; + int32_t ret = OHOS::AccountSA::OhosAccountKits::GetInstance().GetOsAccountDistributedInfo(userId, accountInfo); + if (ret != OHOS::ERR_OK) { + LNN_LOGE(LNN_STATE, "get accountInfo failed ret=%{public}d", ret); + return ret; + } + if (accountInfo.uid_.empty()) { + LNN_LOGE(LNN_STATE, "accountInfo uid is empty"); + return SOFTBUS_NETWORK_GET_ACCOUNT_INFO_FAILED; + } + + *len = accountInfo.uid_.length(); + char *anonyUid = nullptr; + Anonymize(accountInfo.uid_.c_str(), &anonyUid); + LNN_LOGI(LNN_STATE, "accountUid=%{public}s, len=%{public}u", AnonymizeWrapper(anonyUid), *len); + AnonymizeFree(anonyUid); + + if (memcmp(DEFAULT_ACCOUNT_UID, accountInfo.uid_.c_str(), *len) == 0) { + LNN_LOGE(LNN_STATE, "not login account"); + return SOFTBUS_NOT_LOGIN; + } + if (memcpy_s(id, idLen, accountInfo.uid_.c_str(), *len) != EOK) { + LNN_LOGE(LNN_STATE, "memcpy_s accountUid failed, idLen=%{public}u, len=%{public}u", idLen, *len); + return SOFTBUS_MEM_ERR; + } + return SOFTBUS_OK; } \ No newline at end of file diff --git a/core/adapter/bus_center/src/lnn_ohos_account_adapter_virtual.cpp b/core/adapter/bus_center/src/lnn_ohos_account_adapter_virtual.cpp index 772816e6eb..beaf6a36db 100644 --- a/core/adapter/bus_center/src/lnn_ohos_account_adapter_virtual.cpp +++ b/core/adapter/bus_center/src/lnn_ohos_account_adapter_virtual.cpp @@ -55,4 +55,13 @@ int32_t GetOsAccountUid(char *id, uint32_t idLen, uint32_t *len) (void)idLen; (void)len; return SOFTBUS_NOT_IMPLEMENT; +} + +int32_t GetOsAccountUidByUserId(char *id, uint32_t idLen, uint32_t *len, int32_t userId) +{ + (void)id; + (void)idLen; + (void)len; + (void)userId; + return SOFTBUS_OK; } \ No newline at end of file diff --git a/core/common/security/permission/standard/access_control.cpp b/core/common/security/permission/standard/access_control.cpp index 2aa28bf1ab..edd5667e12 100644 --- a/core/common/security/permission/standard/access_control.cpp +++ b/core/common/security/permission/standard/access_control.cpp @@ -56,7 +56,7 @@ static int32_t TransCheckAccessControl(uint64_t callingTokenId, const char *devi { char *tmpName = nullptr; Anonymize(deviceId, &tmpName); - COMM_LOGI(COMM_PERM, "tokenId=%{public}" PRIu64 ", deviceId=%{public}s", callingTokenId, tmpName); + COMM_LOGI(COMM_PERM, "tokenId=%{public}" PRIu64 ", deviceId=%{public}s", callingTokenId, AnonymizeWrapper(tmpName)); AnonymizeFree(tmpName); std::string active = std::to_string(static_cast(Status::ACTIVE)); @@ -79,23 +79,28 @@ static int32_t TransCheckAccessControl(uint64_t callingTokenId, const char *devi } static int32_t TransCheckSourceAccessControl(uint64_t myTokenId, const char *myDeviceId, - int32_t myUserId, const char *peerDeviceId) + int32_t myUserId, char *accountId, const char *peerDeviceId) { char *tmpMyDeviceId = nullptr; char *tmpPeerDeviceId = nullptr; + char *tmpAccountId = nullptr; Anonymize(myDeviceId, &tmpMyDeviceId); Anonymize(peerDeviceId, &tmpPeerDeviceId); - COMM_LOGI(COMM_PERM, "accesserDeviceId: %{public}s, accesserTokenId: %{public}" PRIu64 ",\ - accesserUserId: %{public}d, accesseeDeviceId: %{public}s", - tmpMyDeviceId, myTokenId, myUserId, tmpPeerDeviceId); + Anonymize(accountId, &tmpAccountId); + COMM_LOGI(COMM_PERM, "accesserDeviceId=%{public}s, accesserTokenId=%{public}d,\ + accesserUserId=%{public}d, accesserAccountId=%{public}s, accesseeDeviceId=%{public}s", + AnonymizeWrapper(tmpMyDeviceId), (int32_t)myTokenId, myUserId, + AnonymizeWrapper(tmpAccountId), AnonymizeWrapper(tmpPeerDeviceId)); AnonymizeFree(tmpMyDeviceId); AnonymizeFree(tmpPeerDeviceId); + AnonymizeFree(tmpAccountId); std::string active = std::to_string(static_cast(Status::ACTIVE)); std::vector profile; std::map parms; - parms.insert({{"accesserDeviceId", myDeviceId}, {"accesserTokenId", std::to_string(myTokenId)}, - {"accesserUserId", std::to_string(myUserId)}, {"accesseeDeviceId", peerDeviceId}}); + parms.insert({{"accesserDeviceId", myDeviceId}, {"accesserTokenId", std::to_string((int32_t)myTokenId)}, + {"accesserUserId", std::to_string(myUserId)}, {"accesserAccountId", accountId}, + {"accesseeDeviceId", peerDeviceId}}); int32_t ret = DistributedDeviceProfileClient::GetInstance().GetAccessControlProfile(parms, profile); COMM_LOGI(COMM_PERM, "profile size=%{public}zu, ret=%{public}d", profile.size(), ret); if (profile.empty()) { @@ -172,7 +177,11 @@ int32_t TransCheckClientAccessControl(const char *peerNetworkId) AnonymizeFree(tmpPeerNetworkId); return ret; } - return TransCheckSourceAccessControl(callingTokenId, myDeviceId, appUserId, peerDeviceId); + + char accountId[ACCOUNT_UID_LEN_MAX] = {0}; + uint32_t size = 0; + (void)GetOsAccountUidByUserId(accountId, ACCOUNT_UID_LEN_MAX - 1, &size, appUserId); + return TransCheckSourceAccessControl(callingTokenId, myDeviceId, appUserId, accountId, peerDeviceId); } int32_t CheckSecLevelPublic(const char *mySessionName, const char *peerSessionName) @@ -199,14 +208,51 @@ int32_t CheckSecLevelPublic(const char *mySessionName, const char *peerSessionNa return SOFTBUS_OK; } -int32_t CheckSinkAccessControl(const AppInfo *appInfo, uint64_t myTokenId, int32_t appUserId, const char *myDeviceId) +static int32_t CheckServerAccessControl(const AppInfo *appInfo, uint64_t myTokenId, + int32_t appUserId, const char *myDeviceId, const char *peerDeviceId) +{ + char accountId[ACCOUNT_UID_LEN_MAX] = {0}; + uint32_t size = 0; + (void)GetOsAccountUidByUserId(accountId, ACCOUNT_UID_LEN_MAX - 1, &size, appUserId); + char *tmpMyDeviceId = nullptr; + char *tmpPeerDeviceId = nullptr; + char *tmpPeerAccountId = nullptr; + char *tmpMyAccountId = nullptr; + Anonymize(myDeviceId, &tmpMyDeviceId); + Anonymize(peerDeviceId, &tmpPeerDeviceId); + Anonymize(appInfo->peerData.accountId, &tmpPeerAccountId); + Anonymize(accountId, &tmpMyAccountId); + COMM_LOGI(COMM_PERM, "accesserDeviceId=%{public}s, accesserTokenId=%{public}d,\ + accesserUserId=%{public}d, accesserAccountId=%{public}s,\ + accesseeDeviceId=%{public}s, accesseeTokenId=%{public}d,\ + accesseeUserId=%{public}d, accesserAccountId=%{public}s", + AnonymizeWrapper(tmpPeerDeviceId), (int32_t)(appInfo->callingTokenId), + appInfo->peerData.userId, AnonymizeWrapper(tmpPeerAccountId), + AnonymizeWrapper(tmpMyDeviceId), (int32_t)myTokenId, appUserId, AnonymizeWrapper(tmpMyAccountId)); + AnonymizeFree(tmpMyDeviceId); + AnonymizeFree(tmpPeerDeviceId); + AnonymizeFree(tmpPeerAccountId); + AnonymizeFree(tmpMyAccountId); + std::map parms; + parms.insert({{"accesserDeviceId", peerDeviceId}, + {"accesserTokenId", std::to_string((int32_t)(appInfo->callingTokenId))}, + {"accesserUserId", std::to_string(appInfo->peerData.userId)}, + {"accesserAccountId", appInfo->peerData.accountId}, + {"accesseeDeviceId", myDeviceId}, {"accesseeTokenId", std::to_string((int32_t)myTokenId)}, + {"accesseeUserId", std::to_string(appUserId)}, {"accesseeAccountId", accountId}}); + return TransCheckSinkAccessControl(parms); +} + +static int32_t CheckSinkAccessControl(const AppInfo *appInfo, uint64_t myTokenId, + int32_t appUserId, const char *myDeviceId) { char peerNetWorkId[NETWORK_ID_BUF_LEN] = {0}; int32_t ret = LnnGetNetworkIdByUuid(appInfo->peerData.deviceId, peerNetWorkId, sizeof(peerNetWorkId)); if (ret != SOFTBUS_OK) { char *tmpPeerUUId = nullptr; Anonymize(appInfo->peerData.deviceId, &tmpPeerUUId); - COMM_LOGE(COMM_PERM, "get peerNetWorkId failed, uuid=%{public}s ret=%{public}d", tmpPeerUUId, ret); + COMM_LOGE(COMM_PERM, "get peerNetWorkId failed, uuid=%{public}s ret=%{public}d", + AnonymizeWrapper(tmpPeerUUId), ret); AnonymizeFree(tmpPeerUUId); return ret; } @@ -220,31 +266,14 @@ int32_t CheckSinkAccessControl(const AppInfo *appInfo, uint64_t myTokenId, int32 AnonymizeFree(tmpPeerNetworkId); return ret; } - - if (appInfo->peerData.userId == INVALID_USER_ID) { + if (appInfo->peerData.userId == INVALID_USER_ID || strlen(appInfo->peerData.accountId) == 0) { return TransCheckAccessControl(appInfo->callingTokenId, myDeviceId); } else { - char *tmpMyDeviceId = nullptr; - char *tmpPeerDeviceId = nullptr; - Anonymize(myDeviceId, &tmpMyDeviceId); - Anonymize(peerDeviceId, &tmpPeerDeviceId); - COMM_LOGI(COMM_PERM, "accesserDeviceId: %{public}s, accesserTokenId: %{public}" PRIu64 ",\ - accesserUserId: %{public}d, accesseeDeviceId: %{public}s, accesseeTokenId: %{public}" PRIu64 ",\ - accesseeUserId: %{public}d",tmpMyDeviceId, myTokenId, appUserId, tmpPeerDeviceId, - appInfo->callingTokenId, appInfo->peerData.userId); - AnonymizeFree(tmpMyDeviceId); - AnonymizeFree(tmpPeerDeviceId); - - std::map parms; - parms.insert({{"accesserDeviceId", myDeviceId}, {"accesserTokenId", std::to_string(myTokenId)}, - {"accesserUserId", std::to_string(appUserId)}, {"accesseeDeviceId", peerDeviceId}, - {"accesseeTokenId", std::to_string(appInfo->callingTokenId)}, - {"accesseeUserId", std::to_string(appInfo->peerData.userId)}}); - return TransCheckSinkAccessControl(parms); + return CheckServerAccessControl(appInfo, myTokenId, appUserId, myDeviceId, peerDeviceId); } } -int32_t TranCheckSinkAccessControl(const AppInfo *appInfo, uint64_t myTokenId) +static int32_t TranCheckSinkAccessControl(const AppInfo *appInfo, uint64_t myTokenId) { int32_t uid = -1; int32_t pid = -1; @@ -278,28 +307,40 @@ int32_t TransCheckServerAccessControl(const AppInfo *appInfo) if (appInfo == nullptr) { return SOFTBUS_INVALID_PARAM; } + char *tmpPeerSessionName = nullptr; + char *tmpMySessionName = nullptr; + Anonymize(appInfo->peerData.sessionName, &tmpPeerSessionName); + Anonymize(appInfo->myData.sessionName, &tmpMySessionName); + COMM_LOGI(COMM_PERM, "peerSessionName=%{public}s, mySessionName=%{public}s", + AnonymizeWrapper(tmpPeerSessionName), AnonymizeWrapper(tmpMySessionName)); + AnonymizeFree(tmpPeerSessionName); + AnonymizeFree(tmpMySessionName); uint64_t callingTokenId = appInfo->callingTokenId; if (callingTokenId == TOKENID_NOT_SET) { return SOFTBUS_OK; } - if (StrStartWith(appInfo->peerData.sessionName, DMS_SESSIONNAME.c_str()) || - StrStartWith(appInfo->myData.sessionName, DMS_SESSIONNAME.c_str())) { - return SOFTBUS_OK; - } - if (CheckDBinder(appInfo->myData.sessionName) || CheckDBinder(appInfo->peerData.sessionName)) { - return SOFTBUS_OK; - } uint64_t myTokenId = -1; int32_t ret = TransGetTokenIdBySessionName(appInfo->myData.sessionName, &myTokenId); if (ret != SOFTBUS_OK) { char *tmpSessionName = nullptr; Anonymize(appInfo->myData.sessionName, &tmpSessionName); - COMM_LOGE(COMM_PERM, "get local tokenId failed, sessionName=%{public}s, ret=%{public}d", tmpSessionName, ret); + COMM_LOGE(COMM_PERM, "get local tokenId failed, sessionName=%{public}s, ret=%{public}d", + AnonymizeWrapper(tmpSessionName), ret); AnonymizeFree(tmpSessionName); return ret; } int32_t peerTokenType = SoftBusGetAccessTokenType(callingTokenId); int32_t myTokenType = SoftBusGetAccessTokenType(myTokenId); + if ((StrStartWith(appInfo->peerData.sessionName, DMS_SESSIONNAME.c_str()) && + peerTokenType == ACCESS_TOKEN_TYPE_NATIVE) || + (StrStartWith(appInfo->myData.sessionName, DMS_SESSIONNAME.c_str()) && + myTokenType == ACCESS_TOKEN_TYPE_NATIVE)) { + return SOFTBUS_OK; + } + if (CheckDBinder(appInfo->myData.sessionName) || CheckDBinder(appInfo->peerData.sessionName)) { + return SOFTBUS_OK; + } + if (peerTokenType != myTokenType) { COMM_LOGE(COMM_PERM, "peerTokenType=%{public}d, myTokenType=%{public}d, not support", peerTokenType, myTokenType); diff --git a/core/transmission/common/include/softbus_app_info.h b/core/transmission/common/include/softbus_app_info.h index a4e21498f2..ba725c2439 100644 --- a/core/transmission/common/include/softbus_app_info.h +++ b/core/transmission/common/include/softbus_app_info.h @@ -38,6 +38,7 @@ extern "C" { #define MAX_FAST_DATA_LEN (4 * 1024) #define BASE64_FAST_DATA_LEN 5558 #define TOKENID_NOT_SET 0 +#define ACCOUNT_UID_LEN_MAX 65 typedef enum { API_UNKNOWN = 0, @@ -85,6 +86,7 @@ typedef struct { char sessionName[SESSION_NAME_SIZE_MAX]; char authState[AUTH_STATE_SIZE_MAX]; char addr[IP_LEN]; + char accountId[ACCOUNT_UID_LEN_MAX]; int uid; int pid; int port; @@ -92,7 +94,6 @@ typedef struct { uint32_t dataConfig; int32_t userId; int64_t channelId; - int64_t accountId; } AppInfoData; typedef struct { diff --git a/core/transmission/common/src/softbus_message_open_channel.c b/core/transmission/common/src/softbus_message_open_channel.c index 18b4f4794d..fc37b7a3c5 100644 --- a/core/transmission/common/src/softbus_message_open_channel.c +++ b/core/transmission/common/src/softbus_message_open_channel.c @@ -129,7 +129,7 @@ static int32_t JsonObjectPackRequestEx(const AppInfo *appInfo, cJSON *json, unsi (void)AddNumberToJsonObject(json, PEER_HANDLE_ID, appInfo->peerHandleId); (void)AddNumber64ToJsonObject(json, JSON_KEY_CALLING_TOKEN_ID, (int64_t)appInfo->callingTokenId); if (SoftBusCheckIsCollabApp(appInfo->callingTokenId, appInfo->myData.sessionName)) { - (void)AddNumber64ToJsonObject(json, ACCOUNT_ID, appInfo->myData.accountId); + (void)AddStringToJsonObject(json, ACCOUNT_ID, appInfo->myData.accountId); (void)AddNumberToJsonObject(json, USER_ID, appInfo->myData.userId); } return SOFTBUS_OK; @@ -233,7 +233,7 @@ static int32_t ParseMessageToAppInfo(const cJSON *msg, AppInfo *appInfo) appInfo->peerData.pid = -1; (void)GetJsonObjectNumberItem(msg, UID, &appInfo->peerData.uid); (void)GetJsonObjectNumberItem(msg, PID, &appInfo->peerData.pid); - (void)GetJsonObjectSignedNumber64Item(msg, ACCOUNT_ID, &appInfo->peerData.accountId); + (void)GetJsonObjectStringItem(msg, ACCOUNT_ID, (appInfo->peerData.accountId), ACCOUNT_UID_LEN_MAX); if (!GetJsonObjectNumberItem(msg, USER_ID, &appInfo->peerData.userId)) { appInfo->peerData.userId = INVALID_USER_ID; } diff --git a/core/transmission/ipc/small/trans_client_proxy.c b/core/transmission/ipc/small/trans_client_proxy.c index 33dac7350f..5bf9dace01 100644 --- a/core/transmission/ipc/small/trans_client_proxy.c +++ b/core/transmission/ipc/small/trans_client_proxy.c @@ -324,12 +324,12 @@ int32_t ClientIpcCheckCollabRelation(const char *pkgName, int32_t pid, bool isSinkSide = (sinkInfo->pid != -1); IpcIoInit(&io, tmpData, MAX_SOFT_BUS_IPC_LEN, 0); WriteBool(&io, isSinkSide); - WriteInt64(&io, sourceInfo->accountId); + WriteString(&io, sourceInfo->accountId); WriteUint64(&io, sourceInfo->tokenId); WriteInt32(&io, sourceInfo->userId); WriteInt32(&io, sourceInfo->pid); WriteString(&io, sourceInfo->deviceId); - WriteInt64(&io, sinkInfo->accountId); + WriteString(&io, sinkInfo->accountId); WriteUint64(&io, sinkInfo->tokenId); WriteInt32(&io, sinkInfo->userId); WriteInt32(&io, sinkInfo->pid); diff --git a/core/transmission/ipc/standard/src/trans_client_proxy_standard.cpp b/core/transmission/ipc/standard/src/trans_client_proxy_standard.cpp index f490dc9fa2..94b80e1ecd 100644 --- a/core/transmission/ipc/standard/src/trans_client_proxy_standard.cpp +++ b/core/transmission/ipc/standard/src/trans_client_proxy_standard.cpp @@ -430,12 +430,12 @@ int32_t TransClientProxy::OnCheckCollabRelation(const CollabInfo *sourceInfo, bo return SOFTBUS_TRANS_PROXY_WRITETOKEN_FAILED; } WRITE_PARCEL_WITH_RET(data, Bool, isSinkSide, SOFTBUS_TRANS_PROXY_WRITEINT_FAILED); - WRITE_PARCEL_WITH_RET(data, Int64, sourceInfo->accountId, SOFTBUS_TRANS_PROXY_WRITEINT_FAILED); + WRITE_PARCEL_WITH_RET(data, CString, sourceInfo->accountId, SOFTBUS_TRANS_PROXY_WRITEINT_FAILED); WRITE_PARCEL_WITH_RET(data, Uint64, sourceInfo->tokenId, SOFTBUS_TRANS_PROXY_WRITEINT_FAILED); WRITE_PARCEL_WITH_RET(data, Int32, sourceInfo->userId, SOFTBUS_TRANS_PROXY_WRITEINT_FAILED); WRITE_PARCEL_WITH_RET(data, Int32, sourceInfo->pid, SOFTBUS_TRANS_PROXY_WRITEINT_FAILED); WRITE_PARCEL_WITH_RET(data, CString, sourceInfo->deviceId, SOFTBUS_TRANS_PROXY_WRITECSTRING_FAILED); - WRITE_PARCEL_WITH_RET(data, Int64, sinkInfo->accountId, SOFTBUS_TRANS_PROXY_WRITEINT_FAILED); + WRITE_PARCEL_WITH_RET(data, CString, sinkInfo->accountId, SOFTBUS_TRANS_PROXY_WRITEINT_FAILED); WRITE_PARCEL_WITH_RET(data, Uint64, sinkInfo->tokenId, SOFTBUS_TRANS_PROXY_WRITEINT_FAILED); WRITE_PARCEL_WITH_RET(data, Int32, sinkInfo->userId, SOFTBUS_TRANS_PROXY_WRITEINT_FAILED); WRITE_PARCEL_WITH_RET(data, Int32, sinkInfo->pid, SOFTBUS_TRANS_PROXY_WRITEINT_FAILED); diff --git a/core/transmission/trans_channel/common/src/trans_channel_common.c b/core/transmission/trans_channel/common/src/trans_channel_common.c index 1d21689f43..66689645ea 100644 --- a/core/transmission/trans_channel/common/src/trans_channel_common.c +++ b/core/transmission/trans_channel/common/src/trans_channel_common.c @@ -642,17 +642,17 @@ static int32_t GetSinkRelation(const AppInfo *appInfo, CollabInfo *sinkInfo) TRANS_LOGE(TRANS_CTRL, "LnnGetLocalStrInfo failed."); return ret; } - ret = GetCurrentAccount(&sinkInfo->accountId); - if (ret != SOFTBUS_OK) { - TRANS_LOGW(TRANS_CTRL, "get current account failed."); - sinkInfo->accountId = INVALID_ACCOUNT_ID; - } sinkInfo->pid = appInfo->myData.pid; sinkInfo->userId = TransGetForegroundUserId(); if (sinkInfo->userId == INVALID_USER_ID) { TRANS_LOGE(TRANS_CTRL, "get userId failed."); return SOFTBUS_TRANS_GET_LOCAL_UID_FAIL; } + uint32_t size = 0; + ret = GetOsAccountUidByUserId(sinkInfo->accountId, ACCOUNT_UID_LEN_MAX - 1, &size, sinkInfo->userId); + if (ret != SOFTBUS_OK) { + TRANS_LOGW(TRANS_CTRL, "get current account failed."); + } return SOFTBUS_OK; } @@ -660,7 +660,9 @@ static void GetSourceRelation(const AppInfo *appInfo, CollabInfo *sourceInfo) { sourceInfo->tokenId = appInfo->callingTokenId; sourceInfo->pid = appInfo->peerData.pid; - sourceInfo->accountId = appInfo->peerData.accountId; + if (strcpy_s(sourceInfo->accountId, sizeof(sourceInfo->accountId), appInfo->peerData.accountId) != EOK) { + TRANS_LOGE(TRANS_CTRL, "get accountId failed."); + } sourceInfo->userId = appInfo->peerData.userId; char netWorkId[NETWORK_ID_BUF_LEN] = { 0 }; (void)LnnGetNetworkIdByUuid(appInfo->peerData.deviceId, netWorkId, NETWORK_ID_BUF_LEN); @@ -685,10 +687,10 @@ int32_t CheckSourceCollabRelation(const char *sinkNetworkId, int32_t sourcePid) return ret; } sourceInfo.userId = TransGetForegroundUserId(); - ret = GetCurrentAccount(&sourceInfo.accountId); + uint32_t size = 0; + ret = GetOsAccountUidByUserId(sourceInfo.accountId, ACCOUNT_UID_LEN_MAX - 1, &size, sourceInfo.userId); if (ret != SOFTBUS_OK) { COMM_LOGE(COMM_SVC, "get current account failed. ret=%{public}d", ret); - sourceInfo.accountId = INVALID_ACCOUNT_ID; } ret = TransGetCallingFullTokenId(&sourceInfo.tokenId); if (ret != SOFTBUS_OK) { diff --git a/core/transmission/trans_channel/proxy/src/softbus_proxychannel_message.c b/core/transmission/trans_channel/proxy/src/softbus_proxychannel_message.c index 81d2bbd036..accf381a31 100644 --- a/core/transmission/trans_channel/proxy/src/softbus_proxychannel_message.c +++ b/core/transmission/trans_channel/proxy/src/softbus_proxychannel_message.c @@ -435,12 +435,13 @@ static void TransProxyCheckIsApp(AppInfo *appInfo, cJSON *root) return; } - if (GetCurrentAccount(&appInfo->myData.accountId) != SOFTBUS_OK) { - appInfo->myData.accountId = INVALID_ACCOUNT_ID; + appInfo->myData.userId = TransGetForegroundUserId(); + uint32_t size = 0; + if (GetOsAccountUidByUserId(appInfo->myData.accountId, ACCOUNT_UID_LEN_MAX - 1, &size, + appInfo->myData.userId) != SOFTBUS_OK) { TRANS_LOGE(TRANS_CTRL, "get current account failed."); } - appInfo->myData.userId = TransGetForegroundUserId(); - (void)AddNumber64ToJsonObject(root, JSON_KEY_ACCOUNT_ID, appInfo->myData.accountId); + (void)AddStringToJsonObject(root, JSON_KEY_ACCOUNT_ID, appInfo->myData.accountId); (void)AddNumberToJsonObject(root, JSON_KEY_USER_ID, appInfo->myData.userId); } @@ -811,7 +812,7 @@ static int32_t TransProxyUnpackNormalHandshakeMsg(cJSON *root, AppInfo *appInfo, if (!GetJsonObjectNumber64Item(root, JSON_KEY_CALLING_TOKEN_ID, (int64_t *)&appInfo->callingTokenId)) { appInfo->callingTokenId = TOKENID_NOT_SET; } - (void)GetJsonObjectSignedNumber64Item(root, JSON_KEY_ACCOUNT_ID, &(appInfo->peerData.accountId)); + (void)GetJsonObjectStringItem(root, JSON_KEY_ACCOUNT_ID, appInfo->peerData.accountId, ACCOUNT_UID_LEN_MAX); if (!GetJsonObjectNumberItem(root, JSON_KEY_USER_ID, &(appInfo->peerData.userId))) { appInfo->peerData.userId = INVALID_USER_ID; } diff --git a/core/transmission/trans_channel/tcp_direct/src/trans_tcp_direct_listener.c b/core/transmission/trans_channel/tcp_direct/src/trans_tcp_direct_listener.c index 711a6429ec..a646a306cc 100644 --- a/core/transmission/trans_channel/tcp_direct/src/trans_tcp_direct_listener.c +++ b/core/transmission/trans_channel/tcp_direct/src/trans_tcp_direct_listener.c @@ -94,11 +94,12 @@ static void TransTdcCheckIsApp(AppInfo *appInfo) if (!SoftBusCheckIsCollabApp(appInfo->callingTokenId, appInfo->myData.sessionName)) { return; } - if (GetCurrentAccount(&appInfo->myData.accountId) != SOFTBUS_OK) { - appInfo->myData.accountId = INVALID_ACCOUNT_ID; + appInfo->myData.userId = TransGetForegroundUserId(); + uint32_t size = 0; + if (GetOsAccountUidByUserId(appInfo->myData.accountId, ACCOUNT_UID_LEN_MAX - 1, &size, + appInfo->myData.userId) != SOFTBUS_OK) { TRANS_LOGE(TRANS_CTRL, "get current accountId failed."); } - appInfo->myData.userId = TransGetForegroundUserId(); } static int32_t TransPostBytes(SessionConn *conn, bool isAuthServer, uint32_t cipherFlag) diff --git a/core/transmission/trans_channel/udp_negotiation/src/trans_udp_negotiation_exchange.c b/core/transmission/trans_channel/udp_negotiation/src/trans_udp_negotiation_exchange.c index 9c2fc59651..720fe9ed81 100644 --- a/core/transmission/trans_channel/udp_negotiation/src/trans_udp_negotiation_exchange.c +++ b/core/transmission/trans_channel/udp_negotiation/src/trans_udp_negotiation_exchange.c @@ -146,7 +146,7 @@ int32_t TransUnpackRequestUdpInfo(const cJSON *msg, AppInfo *appInfo) appInfo->peerData.userId = INVALID_USER_ID; } (void)GetJsonObjectStringItem(msg, "DEVICE_ID", appInfo->peerData.deviceId, UUID_BUF_LEN); - (void)GetJsonObjectSignedNumber64Item(msg, "ACCOUNT_ID", &appInfo->peerData.accountId); + (void)GetJsonObjectStringItem(msg, "ACCOUNT_ID", appInfo->peerData.accountId, ACCOUNT_UID_LEN_MAX); break; case TYPE_UDP_CHANNEL_CLOSE: (void)GetJsonObjectNumber64Item(msg, "PEER_CHANNEL_ID", &(appInfo->myData.channelId)); @@ -171,17 +171,17 @@ static void TransAddJsonUserIdAndAccountId(const AppInfo *appInfo, cJSON *msg) if (!SoftBusCheckIsCollabApp(appInfo->callingTokenId, appInfo->myData.sessionName)) { return; } - int64_t accountId = 0; - if (GetCurrentAccount(&accountId) != SOFTBUS_OK) { - TRANS_LOGW(TRANS_CTRL, "GetCurrentAccount failed."); - accountId = INVALID_ACCOUNT_ID; - } int32_t userId = TransGetForegroundUserId(); if (userId == INVALID_USER_ID) { TRANS_LOGW(TRANS_CTRL, "GetCurrentAccount failed."); } + uint32_t size = 0; + char accountId[ACCOUNT_UID_LEN_MAX] = {0}; + if (GetOsAccountUidByUserId(accountId, ACCOUNT_UID_LEN_MAX - 1, &size, userId) != SOFTBUS_OK) { + TRANS_LOGE(TRANS_CTRL, "get current account failed."); + } (void)AddNumberToJsonObject(msg, "USER_ID", userId); - (void)AddNumber64ToJsonObject(msg, "ACCOUNT_ID", accountId); + (void)AddStringToJsonObject(msg, "ACCOUNT_ID", accountId); } int32_t TransPackRequestUdpInfo(cJSON *msg, const AppInfo *appInfo) diff --git a/interfaces/kits/transport/trans_type.h b/interfaces/kits/transport/trans_type.h index bc3d820e0e..0d4e43d3ce 100644 --- a/interfaces/kits/transport/trans_type.h +++ b/interfaces/kits/transport/trans_type.h @@ -24,6 +24,7 @@ extern "C" { #define MAX_IP_LEN 46 #define MAX_PATH_LEN 4096 #define DEVICE_ID_LEN_MAX 65 +#define ACCOUNT_UID_LEN_MAX 65 /** * @brief Enumerates the data types. @@ -323,8 +324,8 @@ typedef int (*OnFrameEvt)(int fd, const FrameEvtCbInfo *info); */ typedef struct { char deviceId[DEVICE_ID_LEN_MAX]; + char accountId[ACCOUNT_UID_LEN_MAX]; int32_t userId; - int64_t accountId; uint64_t tokenId; int32_t pid; } CollabInfo; diff --git a/sdk/frame/small/src/trans_client_stub.c b/sdk/frame/small/src/trans_client_stub.c index e7068b9877..e3503187a0 100644 --- a/sdk/frame/small/src/trans_client_stub.c +++ b/sdk/frame/small/src/trans_client_stub.c @@ -157,7 +157,15 @@ int32_t ClientOnChannelBind(IpcIo *data, IpcIo *reply) static int32_t ReadCollabInfo(IpcIo *data, CollabInfo *info) { size_t size = 0; - ReadInt64(data, &info->accountId); + char *accountId = (char *)ReadString(data, &size); + if (accountId == NULL) { + COMM_LOGE(COMM_SDK, "read accountId failed"); + } else { + if (strcpy_s(info->accountId, size, accountId) != EOK) { + COMM_LOGE(COMM_SDK, "strcpy_s failed to copy accountId"); + } + } + size = 0; ReadUint64(data, &info->tokenId); ReadInt32(data, &info->userId); ReadInt32(data, &info->pid); diff --git a/sdk/frame/standard/src/softbus_client_stub.cpp b/sdk/frame/standard/src/softbus_client_stub.cpp index e4590c7738..5aead36a61 100644 --- a/sdk/frame/standard/src/softbus_client_stub.cpp +++ b/sdk/frame/standard/src/softbus_client_stub.cpp @@ -757,11 +757,18 @@ int32_t SoftBusClientStub::OnChannelBindInner(MessageParcel &data, MessageParcel static int32_t MessageParcelReadCollabInfo(MessageParcel &data, CollabInfo &info) { - READ_PARCEL_WITH_RET(data, Int64, info.accountId, SOFTBUS_IPC_ERR); + const char *accountId = data.ReadCString(); + if (accountId == nullptr) { + COMM_LOGE(COMM_SDK, "read accountId failed"); + } else { + if (strcpy_s(info.accountId, sizeof(info.accountId), accountId) != EOK) { + COMM_LOGE(COMM_SDK, "strcpy_s failed to copy accountId"); + } + } READ_PARCEL_WITH_RET(data, Uint64, info.tokenId, SOFTBUS_IPC_ERR); READ_PARCEL_WITH_RET(data, Int32, info.userId, SOFTBUS_IPC_ERR); READ_PARCEL_WITH_RET(data, Int32, info.pid, SOFTBUS_IPC_ERR); - char *deviceId = (char *)data.ReadCString(); + const char *deviceId = data.ReadCString(); COMM_CHECK_AND_RETURN_RET_LOGE(deviceId != nullptr, SOFTBUS_IPC_ERR, COMM_SDK, "read deviceId failed"); if (strcpy_s(info.deviceId, sizeof(info.deviceId), deviceId) != EOK) { COMM_LOGE(COMM_SDK, "strcpy_s failed to copy deviceId"); diff --git a/sdk/transmission/session/src/client_trans_socket_manager.c b/sdk/transmission/session/src/client_trans_socket_manager.c index 0f249e01d1..946d6cf02e 100644 --- a/sdk/transmission/session/src/client_trans_socket_manager.c +++ b/sdk/transmission/session/src/client_trans_socket_manager.c @@ -996,12 +996,14 @@ int32_t ClientRegisterRelationChecker(IFeatureAbilityRelationChecker *relationCh static void PrintCollabInfo(const CollabInfo *info, char *role) { char *tmpDeviceId = NULL; + char *tmpAccountId = NULL; Anonymize(info->deviceId, &tmpDeviceId); + Anonymize(info->accountId, &tmpAccountId); TRANS_LOGI(TRANS_SDK, "%{public}s deviceId=%{public}s", role, AnonymizeWrapper(tmpDeviceId)); AnonymizeFree(tmpDeviceId); TRANS_LOGI(TRANS_SDK, "%{public}s userId=%{public}d", role, info->userId); TRANS_LOGI(TRANS_SDK, "%{public}s pid=%{public}d", role, info->pid); - TRANS_LOGI(TRANS_SDK, "%{public}s accountId=%{public}" PRId64, role, info->accountId); + TRANS_LOGI(TRANS_SDK, "%{public}s accountId=%{public}s", role, AnonymizeWrapper(tmpAccountId)); TRANS_LOGI(TRANS_SDK, "%{public}s tokenId=%{public}" PRIu64, role, info->tokenId); } diff --git a/tests/core/transmission/ipc/trans_client_proxy_test.cpp b/tests/core/transmission/ipc/trans_client_proxy_test.cpp index 863b1be9af..435efa5c07 100644 --- a/tests/core/transmission/ipc/trans_client_proxy_test.cpp +++ b/tests/core/transmission/ipc/trans_client_proxy_test.cpp @@ -548,14 +548,14 @@ HWTEST_F(TransClientProxyTest, ClientIpcCheckCollabRelationTest001, TestSize.Lev { int32_t pid = 0; CollabInfo sourceInfo = { - .accountId = 0, + .accountId = "", .deviceId = "ABCDE", .pid = 0, .tokenId = 0, .userId = 0, }; CollabInfo sinkInfo = { - .accountId = 0, + .accountId = "", .deviceId = "ABCDE", .pid = 0, .tokenId = 0, -- Gitee From e11ab8f763830f44445275f6ce6bd4c1d170a5e2 Mon Sep 17 00:00:00 2001 From: jiazhenyu Date: Tue, 1 Apr 2025 16:42:42 +0800 Subject: [PATCH 2/2] =?UTF-8?q?=E8=BD=AF=E6=80=BB=E7=BA=BF=E4=BC=A0?= =?UTF-8?q?=E8=BE=93=E5=AE=89=E5=85=A8=E5=8A=A0=E5=9B=BA--=20=E4=BF=AE?= =?UTF-8?q?=E5=A4=8D5.1release=E4=BC=A0=E8=BE=93=E6=9F=A5=E8=AF=A2?= =?UTF-8?q?=E6=8E=A5=E5=8F=A3=E5=8D=95=E5=90=91=E8=AE=BF=E9=97=AE2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: jiazhenyu --- core/adapter/bus_center/src/lnn_ohos_account_adapter.cpp | 4 ---- .../common/security/permission/standard/access_control.cpp | 7 +++---- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/core/adapter/bus_center/src/lnn_ohos_account_adapter.cpp b/core/adapter/bus_center/src/lnn_ohos_account_adapter.cpp index 55e6507889..8ee1fbad26 100644 --- a/core/adapter/bus_center/src/lnn_ohos_account_adapter.cpp +++ b/core/adapter/bus_center/src/lnn_ohos_account_adapter.cpp @@ -237,10 +237,6 @@ int32_t GetOsAccountUidByUserId(char *id, uint32_t idLen, uint32_t *len, int32_t LNN_LOGI(LNN_STATE, "accountUid=%{public}s, len=%{public}u", AnonymizeWrapper(anonyUid), *len); AnonymizeFree(anonyUid); - if (memcmp(DEFAULT_ACCOUNT_UID, accountInfo.uid_.c_str(), *len) == 0) { - LNN_LOGE(LNN_STATE, "not login account"); - return SOFTBUS_NOT_LOGIN; - } if (memcpy_s(id, idLen, accountInfo.uid_.c_str(), *len) != EOK) { LNN_LOGE(LNN_STATE, "memcpy_s accountUid failed, idLen=%{public}u, len=%{public}u", idLen, *len); return SOFTBUS_MEM_ERR; diff --git a/core/common/security/permission/standard/access_control.cpp b/core/common/security/permission/standard/access_control.cpp index edd5667e12..2a4c226fb9 100644 --- a/core/common/security/permission/standard/access_control.cpp +++ b/core/common/security/permission/standard/access_control.cpp @@ -337,11 +337,10 @@ int32_t TransCheckServerAccessControl(const AppInfo *appInfo) myTokenType == ACCESS_TOKEN_TYPE_NATIVE)) { return SOFTBUS_OK; } - if (CheckDBinder(appInfo->myData.sessionName) || CheckDBinder(appInfo->peerData.sessionName)) { - return SOFTBUS_OK; - } - if (peerTokenType != myTokenType) { + if (CheckDBinder(appInfo->myData.sessionName) && CheckDBinder(appInfo->peerData.sessionName)) { + return SOFTBUS_OK; + } COMM_LOGE(COMM_PERM, "peerTokenType=%{public}d, myTokenType=%{public}d, not support", peerTokenType, myTokenType); return SOFTBUS_TRANS_CROSS_LAYER_DENIED; -- Gitee