1 From 8c5fd05f7b2f14ac0f4423cae300f60c6bb51c74 Mon Sep 17 00:00:00 2001
2 From: Jacek Bukarewicz <j.bukarewicz@samsung.com>
3 Date: Fri, 28 Nov 2014 12:39:33 +0100
4 Subject: [PATCH 3/5] Handle unavailability of policy results for broadcasts
7 Content-Type: text/plain; charset=UTF-8
8 Content-Transfer-Encoding: 8bit
10 When message is sent to the addressed recipient and receive rule
11 result is unavailable we don't want to block the sender
12 as it most likely will be the privileged service, so instead we queue
13 it at the recipient. Any further messages sent to it will be queued to
14 maintain message order. Once the answer from Cynara arrives messages are
15 dispatched from the recipient queue. In such case full dispatch is
16 performed - messages are sent to addressed recipient and other
17 interested connections.
18 Messages sent to non-addressed recipients (eavesdroppers or broadcast
19 message recipients) are handled in a similar way. The difference is
20 that it is not full dispatch meaning message is sent to a single recipient.
22 Change-Id: Iecd5395f75a4c7811fa97247a37d8fc4d42e8814
24 Cherry picked from 1e231194610892dd4360224998d91336097b05a1 by Jose Bollo
26 Updated for dbus 1.12.10 by Scott Murray.
28 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
29 Signed-off-by: Scott Murray <scott.murray@konsulko.com>
31 diff --git a/bus/activation.c b/bus/activation.c
32 index 5f02153..f2981e1 100644
33 --- a/bus/activation.c
34 +++ b/bus/activation.c
35 @@ -1259,7 +1259,7 @@ bus_activation_send_pending_auto_activation_messages (BusActivation *activation
36 res = bus_dispatch_matches (transaction,
39 - entry->activation_message, &error);
40 + entry->activation_message, NULL, &error);
41 if (res == BUS_RESULT_FALSE)
43 /* If permission is denied, we just want to return the error
44 @@ -2137,7 +2137,7 @@ bus_activation_activate_service (BusActivation *activation,
45 bus_connection_get_loginfo (connection));
46 /* Wonderful, systemd is connected, let's just send the msg */
47 res = bus_dispatch_matches (activation_transaction, NULL,
48 - systemd, message, error);
49 + systemd, message, NULL, error);
51 if (res == BUS_RESULT_TRUE)
53 diff --git a/bus/bus.c b/bus/bus.c
54 index 237efe3..5bb5637 100644
57 @@ -1800,17 +1800,9 @@ bus_context_check_security_policy (BusContext *context,
60 /* See if limits on size have been exceeded */
61 - if (proposed_recipient &&
62 - ((dbus_connection_get_outgoing_size (proposed_recipient) > context->limits.max_outgoing_bytes) ||
63 - (dbus_connection_get_outgoing_unix_fds (proposed_recipient) > context->limits.max_outgoing_unix_fds)))
65 - complain_about_message (context, DBUS_ERROR_LIMITS_EXCEEDED,
66 - "Rejected: destination has a full message queue",
67 - 0, message, sender, proposed_recipient, requested_reply, TRUE, NULL,
69 - _dbus_verbose ("security policy disallowing message due to full message queue\n");
70 + if (!bus_context_check_recipient_message_limits(context, proposed_recipient, sender, message,
71 + requested_reply, error))
72 return BUS_RESULT_FALSE;
75 /* Record that we will allow a reply here in the future (don't
76 * bother if the recipient is the bus or this is an eavesdropping
77 @@ -1869,3 +1861,41 @@ bus_context_check_all_watches (BusContext *context)
78 _dbus_server_toggle_all_watches (server, enabled);
83 +bus_context_complain_about_message (BusContext *context,
84 + const char *error_name,
85 + const char *complaint,
87 + DBusMessage *message,
88 + DBusConnection *sender,
89 + DBusConnection *proposed_recipient,
90 + dbus_bool_t requested_reply,
92 + const char *privilege,
95 + complain_about_message(context, error_name, complaint, matched_rules, message, sender,
96 + proposed_recipient, requested_reply, log, privilege, error);
99 +dbus_bool_t bus_context_check_recipient_message_limits (BusContext *context,
100 + DBusConnection *recipient,
101 + DBusConnection *sender,
102 + DBusMessage *message,
103 + dbus_bool_t requested_reply,
107 + ((dbus_connection_get_outgoing_size (recipient) > context->limits.max_outgoing_bytes) ||
108 + (dbus_connection_get_outgoing_unix_fds (recipient) > context->limits.max_outgoing_unix_fds)))
110 + complain_about_message (context, DBUS_ERROR_LIMITS_EXCEEDED,
111 + "Rejected: destination has a full message queue",
112 + 0, message, sender, recipient, requested_reply, TRUE, NULL,
114 + _dbus_verbose ("security policy disallowing message due to full message queue\n");
119 diff --git a/bus/bus.h b/bus/bus.h
120 index 82c32c8..1b08f7c 100644
123 @@ -164,4 +164,23 @@ BusResult bus_context_check_security_policy (BusContext
124 BusDeferredMessage **deferred_message);
125 void bus_context_check_all_watches (BusContext *context);
127 +dbus_bool_t bus_context_check_recipient_message_limits (BusContext *context,
128 + DBusConnection *recipient,
129 + DBusConnection *sender,
130 + DBusMessage *message,
131 + dbus_bool_t requested_reply,
133 +void bus_context_complain_about_message (BusContext *context,
134 + const char *error_name,
135 + const char *complaint,
137 + DBusMessage *message,
138 + DBusConnection *sender,
139 + DBusConnection *proposed_recipient,
140 + dbus_bool_t requested_reply,
142 + const char *privilege,
146 #endif /* BUS_BUS_H */
147 diff --git a/bus/check.c b/bus/check.c
148 index 4b8a699..f3d283f 100644
151 @@ -49,6 +49,9 @@ typedef struct BusDeferredMessage
152 DBusConnection *sender;
153 DBusConnection *proposed_recipient;
154 DBusConnection *addressed_recipient;
155 + dbus_bool_t requested_reply;
157 + const char *privilege;
158 dbus_bool_t full_dispatch;
159 BusDeferredMessageStatus status;
161 @@ -135,6 +138,89 @@ bus_check_enable_dispatch_callback (BusDeferredMessage *deferred_message,
162 _dbus_connection_enable_dispatch(deferred_message->sender);
166 +bus_check_queued_message_reply_callback (BusDeferredMessage *deferred_message,
171 + _dbus_verbose("bus_check_queued_message_reply_callback called message=%p\n", deferred_message);
173 + if (!bus_connection_is_active(deferred_message->proposed_recipient))
176 + status = deferred_message->status;
178 + deferred_message->status = 0; /* mark message as not waiting for response */
179 + deferred_message->response = result;
182 + * If send rule allows us to send message we still need to check receive rules.
184 + if ((status & BUS_DEFERRED_MESSAGE_CHECK_SEND) && (result == BUS_RESULT_TRUE))
187 + BusContext *context;
188 + BusRegistry *registry;
189 + BusClientPolicy *recipient_policy;
190 + BusDeferredMessage *deferred_message_receive;
192 + context = bus_connection_get_context(deferred_message->proposed_recipient);
193 + registry = bus_context_get_registry(context);
194 + recipient_policy = bus_connection_get_policy(deferred_message->proposed_recipient);
196 + deferred_message->response = bus_client_policy_check_can_receive(recipient_policy, registry,
197 + deferred_message->requested_reply, deferred_message->sender,
198 + deferred_message->addressed_recipient, deferred_message->proposed_recipient, deferred_message->message,
199 + &toggles, NULL, &deferred_message_receive);
200 + if (deferred_message->response == BUS_RESULT_LATER)
202 + /* replace deferred message associated with send check with the one associated with
204 + if (!bus_deferred_message_replace(deferred_message, deferred_message_receive))
206 + /* failed to replace deferred message (due to oom). Set it to rejected */
207 + deferred_message->response = BUS_RESULT_FALSE;
212 + bus_connection_dispatch_deferred(deferred_message->proposed_recipient);
216 +queue_deferred_message_cancel_transaction_hook (void *data)
218 + BusDeferredMessage *deferred_message = (BusDeferredMessage *)data;
219 + bus_connection_remove_deferred_message(deferred_message->proposed_recipient, deferred_message);
224 +bus_deferred_message_queue_at_recipient (BusDeferredMessage *deferred_message,
225 + BusTransaction *transaction,
226 + dbus_bool_t full_dispatch,
227 + dbus_bool_t prepend)
229 + _dbus_assert(deferred_message != NULL);
230 + _dbus_assert(deferred_message->proposed_recipient != NULL);
232 + if (!bus_connection_queue_deferred_message(deferred_message->proposed_recipient,
233 + deferred_message, prepend))
236 + if (!bus_transaction_add_cancel_hook(transaction, queue_deferred_message_cancel_transaction_hook,
237 + deferred_message, NULL))
239 + bus_connection_remove_deferred_message(deferred_message->proposed_recipient, deferred_message);
242 + deferred_message->response_callback = bus_check_queued_message_reply_callback;
243 + deferred_message->full_dispatch = full_dispatch;
249 deferred_message_free_function(void *data)
251 @@ -159,6 +245,20 @@ bus_deferred_message_disable_sender (BusDeferredMessage *deferred_message)
252 deferred_message->response_callback = bus_check_enable_dispatch_callback;
256 +bus_deferred_message_set_policy_check_info (BusDeferredMessage *deferred_message,
257 + dbus_bool_t requested_reply,
259 + const char *privilege)
261 + _dbus_assert(deferred_message != NULL);
263 + deferred_message->requested_reply = requested_reply;
264 + deferred_message->matched_rules = matched_rules;
265 + deferred_message->privilege = privilege;
269 #ifdef DBUS_ENABLE_EMBEDDED_TESTS
270 BusResult (*bus_check_test_override) (DBusConnection *connection,
271 const char *privilege);
272 @@ -259,6 +359,9 @@ BusDeferredMessage *bus_deferred_message_new (DBusMessage *message,
273 deferred_message->addressed_recipient = addressed_recipient != NULL ? dbus_connection_ref(addressed_recipient) : NULL;
274 deferred_message->proposed_recipient = proposed_recipient != NULL ? dbus_connection_ref(proposed_recipient) : NULL;
275 deferred_message->message = dbus_message_ref(message);
276 + deferred_message->requested_reply = FALSE;
277 + deferred_message->matched_rules = 0;
278 + deferred_message->privilege = NULL;
279 deferred_message->response = response;
280 deferred_message->status = 0;
281 deferred_message->full_dispatch = FALSE;
282 @@ -295,12 +398,215 @@ bus_deferred_message_unref (BusDeferredMessage *deferred_message)
287 +bus_deferred_message_check_message_limits (BusDeferredMessage *deferred_message, DBusError *error)
289 + BusContext *context = bus_connection_get_context(deferred_message->proposed_recipient);
291 + return bus_context_check_recipient_message_limits(context, deferred_message->proposed_recipient,
292 + deferred_message->sender, deferred_message->message, deferred_message->requested_reply,
297 +bus_deferred_message_expect_method_reply(BusDeferredMessage *deferred_message, BusTransaction *transaction, DBusError *error)
299 + int type = dbus_message_get_type(deferred_message->message);
300 + if (type == DBUS_MESSAGE_TYPE_METHOD_CALL &&
301 + deferred_message->sender &&
302 + deferred_message->addressed_recipient &&
303 + deferred_message->addressed_recipient == deferred_message->proposed_recipient && /* not eavesdropping */
304 + !bus_connections_expect_reply (bus_connection_get_connections (deferred_message->sender),
306 + deferred_message->sender, deferred_message->addressed_recipient,
307 + deferred_message->message, error))
309 + _dbus_verbose ("Failed to record reply expectation or problem with the message expecting a reply\n");
316 +bus_deferred_message_create_error(BusDeferredMessage *deferred_message,
317 + const char *error_message, DBusError *error)
319 + BusContext *context;
320 + _dbus_assert (deferred_message->status == 0 && deferred_message->response == BUS_RESULT_FALSE);
322 + if (deferred_message->sender == NULL)
323 + return; /* error won't be sent to bus driver anyway */
325 + context = bus_connection_get_context(deferred_message->sender);
326 + bus_context_complain_about_message(context, DBUS_ERROR_ACCESS_DENIED, "Rejected message",
327 + deferred_message->matched_rules, deferred_message->message, deferred_message->sender,
328 + deferred_message->proposed_recipient, deferred_message->requested_reply, FALSE,
329 + deferred_message->privilege, error);
333 +bus_deferred_message_dispatch (BusDeferredMessage *deferred_message)
335 + BusContext *context = bus_connection_get_context (deferred_message->proposed_recipient);
336 + BusTransaction *transaction = bus_transaction_new (context);
337 + BusResult result = BUS_RESULT_TRUE;
340 + if (transaction == NULL)
342 + return BUS_RESULT_FALSE;
345 + dbus_error_init(&error);
347 + if (!deferred_message->full_dispatch)
349 + result = deferred_message->response;
350 + if (result == BUS_RESULT_TRUE)
352 + if (!bus_context_check_recipient_message_limits(context, deferred_message->proposed_recipient,
353 + deferred_message->sender, deferred_message->message, deferred_message->requested_reply, &error))
354 + result = BUS_RESULT_FALSE;
356 + else if (result == BUS_RESULT_LATER)
358 + BusDeferredMessage *deferred_message2;
359 + result = bus_context_check_security_policy (context, transaction,
360 + deferred_message->sender,
361 + deferred_message->addressed_recipient,
362 + deferred_message->proposed_recipient,
363 + deferred_message->message, NULL, NULL,
364 + &deferred_message2);
366 + if (result == BUS_RESULT_LATER)
368 + /* prepend at recipient */
369 + if (!bus_deferred_message_queue_at_recipient(deferred_message2, transaction,
371 + result = BUS_RESULT_FALSE;
375 + /* silently drop messages on access denial */
376 + if (result == BUS_RESULT_TRUE)
378 + if (!bus_transaction_send (transaction, deferred_message->proposed_recipient, deferred_message->message, TRUE))
379 + result = BUS_RESULT_FALSE;
382 + bus_transaction_execute_and_free(transaction);
387 + /* do not attempt to send message if sender has disconnected */
388 + if (deferred_message->sender != NULL && !bus_connection_is_active(deferred_message->sender))
390 + bus_transaction_cancel_and_free(transaction);
391 + result = BUS_RESULT_FALSE;
395 + result = bus_dispatch_matches(transaction, deferred_message->sender,
396 + deferred_message->addressed_recipient, deferred_message->message, deferred_message, &error);
398 + if (result == BUS_RESULT_LATER)
400 + /* Message deferring was already done in bus_dispatch_matches */
401 + bus_transaction_cancel_and_free(transaction);
405 + /* this part is a copy & paste from bus_dispatch function. Probably can be moved to a function */
406 + if (dbus_error_is_set (&error))
408 + if (!dbus_connection_get_is_connected (deferred_message->sender))
410 + /* If we disconnected it, we won't bother to send it any error
413 + _dbus_verbose ("Not sending error to connection we disconnected\n");
415 + else if (dbus_error_has_name (&error, DBUS_ERROR_NO_MEMORY))
417 + bus_connection_send_oom_error (deferred_message->sender, deferred_message->message);
419 + /* cancel transaction due to OOM */
420 + if (transaction != NULL)
422 + bus_transaction_cancel_and_free (transaction);
423 + transaction = NULL;
428 + /* Try to send the real error, if no mem to do that, send
431 + _dbus_assert (transaction != NULL);
432 + if (!bus_transaction_send_error_reply (transaction, deferred_message->sender,
433 + &error, deferred_message->message))
435 + bus_connection_send_oom_error (deferred_message->sender, deferred_message->message);
437 + /* cancel transaction due to OOM */
438 + if (transaction != NULL)
440 + bus_transaction_cancel_and_free (transaction);
441 + transaction = NULL;
447 + if (transaction != NULL)
449 + bus_transaction_execute_and_free (transaction);
453 + dbus_error_free(&error);
459 +bus_deferred_message_replace (BusDeferredMessage *old_message, BusDeferredMessage *new_message)
461 + if (bus_connection_replace_deferred_message(old_message->proposed_recipient,
462 + old_message, new_message))
464 + new_message->response_callback = old_message->response_callback;
465 + new_message->full_dispatch = old_message->full_dispatch;
472 +bus_deferred_message_waits_for_check(BusDeferredMessage *deferred_message)
474 + return deferred_message->status != 0;
478 +bus_deferred_message_get_recipient(BusDeferredMessage *deferred_message)
480 + return deferred_message->proposed_recipient;
483 BusDeferredMessageStatus
484 bus_deferred_message_get_status (BusDeferredMessage *deferred_message)
486 return deferred_message->status;
490 +bus_deferred_message_get_response (BusDeferredMessage *deferred_message)
492 + return deferred_message->response;
496 bus_deferred_message_response_received (BusDeferredMessage *deferred_message,
498 @@ -310,3 +616,4 @@ bus_deferred_message_response_received (BusDeferredMessage *deferred_message,
499 deferred_message->response_callback(deferred_message, result);
503 diff --git a/bus/check.h b/bus/check.h
504 index d177549..9c13c18 100644
507 @@ -64,12 +64,37 @@ BusDeferredMessage *bus_deferred_message_new (DBusMessage *messag
509 BusDeferredMessage *bus_deferred_message_ref (BusDeferredMessage *deferred_message);
510 void bus_deferred_message_unref (BusDeferredMessage *deferred_message);
511 +BusResult bus_deferred_message_dispatch (BusDeferredMessage *deferred_message);
512 +dbus_bool_t bus_deferred_message_waits_for_check (BusDeferredMessage *deferred_message);
513 +DBusConnection *bus_deferred_message_get_recipient (BusDeferredMessage *deferred_message);
514 void bus_deferred_message_response_received (BusDeferredMessage *deferred_message,
516 +dbus_bool_t bus_deferred_message_queue_at_recipient (BusDeferredMessage *deferred_message,
517 + BusTransaction *transaction,
518 + dbus_bool_t full_dispatch,
519 + dbus_bool_t prepend);
520 +dbus_bool_t bus_deferred_message_replace (BusDeferredMessage *old_message,
521 + BusDeferredMessage *new_message);
522 void bus_deferred_message_disable_sender (BusDeferredMessage *deferred_message);
523 +BusResult bus_deferred_message_get_response (BusDeferredMessage *deferred_message);
525 BusDeferredMessageStatus bus_deferred_message_get_status (BusDeferredMessage *deferred_message);
528 +dbus_bool_t bus_deferred_message_expect_method_reply (BusDeferredMessage *deferred_message,
529 + BusTransaction *transaction,
531 +void bus_deferred_message_create_error (BusDeferredMessage *deferred_message,
532 + const char *error_message,
534 +void bus_deferred_message_set_policy_check_info (BusDeferredMessage *deferred_message,
535 + dbus_bool_t requested_reply,
537 + const char *privilege);
538 +dbus_bool_t bus_deferred_message_check_message_limits (BusDeferredMessage *deferred_message,
542 #ifdef DBUS_ENABLE_EMBEDDED_TESTS
543 extern BusResult (*bus_check_test_override) (DBusConnection *connection,
544 const char *privilege);
545 diff --git a/bus/connection.c b/bus/connection.c
546 index deebde3..f9e563b 100644
547 --- a/bus/connection.c
548 +++ b/bus/connection.c
550 #include "expirelist.h"
552 #include "apparmor.h"
554 #include <dbus/dbus-list.h>
555 #include <dbus/dbus-hash.h>
556 #include <dbus/dbus-timeout.h>
557 #include <dbus/dbus-connection-internal.h>
558 #include <dbus/dbus-internals.h>
559 +#include <dbus/dbus-message-internal.h>
560 #ifdef DBUS_ENABLE_CYNARA
562 #include <cynara-session.h>
563 @@ -102,6 +104,7 @@ typedef struct
564 DBusMessage *oom_message;
565 DBusPreallocatedSend *oom_preallocated;
566 BusClientPolicy *policy;
567 + DBusList *deferred_messages; /**< Queue of messages deferred due to pending policy check */
569 char *cached_loginfo_string;
570 BusSELinuxID *selinux_id;
571 @@ -268,6 +271,8 @@ bus_connection_disconnected (DBusConnection *connection)
572 bus_transaction_execute_and_free (transaction);
575 + bus_connection_clear_deferred_messages(connection);
577 bus_dispatch_remove_connection (connection);
579 /* no more watching */
580 @@ -2307,7 +2312,7 @@ bus_transaction_capture (BusTransaction *transaction,
582 DBusConnection *recipient = link->data;
584 - if (!bus_transaction_send (transaction, recipient, message))
585 + if (!bus_transaction_send (transaction, recipient, message, FALSE))
589 @@ -2361,6 +2366,7 @@ bus_transaction_send_from_driver (BusTransaction *transaction,
591 DBusError error = DBUS_ERROR_INIT;
593 + BusDeferredMessage *deferred_message;
595 /* We have to set the sender to the driver, and have
596 * to check security policy since it was not done in
597 @@ -2402,7 +2408,8 @@ bus_transaction_send_from_driver (BusTransaction *transaction,
599 NULL, connection, connection,
600 message, NULL, &error,
602 + &deferred_message);
604 if (res == BUS_RESULT_FALSE)
606 if (!bus_transaction_capture_error_reply (transaction, connection,
607 @@ -2420,18 +2427,20 @@ bus_transaction_send_from_driver (BusTransaction *transaction,
609 else if (res == BUS_RESULT_LATER)
611 - _dbus_verbose ("Cannot delay sending message from bus driver, dropping it\n");
612 dbus_error_free (&error);
614 + if (!bus_deferred_message_queue_at_recipient(deferred_message, transaction, FALSE, FALSE))
616 + return TRUE; /* pretend to have sent it */
619 - return bus_transaction_send (transaction, connection, message);
620 + return bus_transaction_send (transaction, connection, message, FALSE);
624 bus_transaction_send (BusTransaction *transaction,
625 DBusConnection *connection,
626 - DBusMessage *message)
627 + DBusMessage *message,
628 + dbus_bool_t deferred_dispatch)
630 MessageToSend *to_send;
631 BusConnectionData *d;
632 @@ -2457,7 +2466,28 @@ bus_transaction_send (BusTransaction *transaction,
634 d = BUS_CONNECTION_DATA (connection);
635 _dbus_assert (d != NULL);
638 + if (!deferred_dispatch && d->deferred_messages != NULL)
640 + BusDeferredMessage *deferred_message;
641 + dbus_bool_t success;
642 + /* sender and addressed recipient are not required at this point as we only need to send message
643 + * to a single recipient without performing policy check. */
644 + deferred_message = bus_deferred_message_new (message,
649 + if (deferred_message == NULL)
652 + success = bus_deferred_message_queue_at_recipient(deferred_message, transaction,
654 + bus_deferred_message_unref(deferred_message);
659 to_send = dbus_new (MessageToSend, 1);
662 @@ -2709,6 +2739,131 @@ bus_transaction_add_cancel_hook (BusTransaction *transaction,
667 +bus_connection_dispatch_deferred (DBusConnection *connection)
669 + BusDeferredMessage *message;
671 + _dbus_return_if_fail (connection != NULL);
673 + while ((message = bus_connection_pop_deferred_message(connection)) != NULL)
675 + bus_deferred_message_dispatch(message);
676 + bus_deferred_message_unref(message);
681 +bus_connection_has_deferred_messages (DBusConnection *connection)
683 + BusConnectionData *d = BUS_CONNECTION_DATA(connection);
684 + return d->deferred_messages != NULL ? TRUE : FALSE;
688 +bus_connection_queue_deferred_message (DBusConnection *connection,
689 + BusDeferredMessage *message,
690 + dbus_bool_t prepend)
692 + BusConnectionData *d = BUS_CONNECTION_DATA(connection);
693 + dbus_bool_t success;
695 + success = _dbus_list_prepend(&d->deferred_messages, message);
697 + success = _dbus_list_append(&d->deferred_messages, message);
701 + bus_deferred_message_ref(message);
709 +bus_connection_replace_deferred_message (DBusConnection *connection,
710 + BusDeferredMessage *oldMessage,
711 + BusDeferredMessage *newMessage)
714 + BusConnectionData *d = BUS_CONNECTION_DATA(connection);
716 + link = _dbus_list_find_first(&d->deferred_messages, oldMessage);
720 + if (!_dbus_list_insert_after(&d->deferred_messages, link, newMessage))
723 + bus_deferred_message_ref(newMessage);
724 + _dbus_list_remove_link(&d->deferred_messages, link);
725 + bus_deferred_message_unref(oldMessage);
729 +BusDeferredMessage *
730 +bus_connection_pop_deferred_message (DBusConnection *connection)
733 + BusDeferredMessage *message;
734 + BusConnectionData *d = BUS_CONNECTION_DATA(connection);
736 + link =_dbus_list_get_first_link(&d->deferred_messages);
739 + message = link->data;
740 + if (!bus_deferred_message_waits_for_check(message))
742 + _dbus_list_remove_link(&d->deferred_messages, link);
751 +bus_connection_putback_deferred_message (DBusConnection *connection, BusDeferredMessage *message)
753 + BusConnectionData *d = BUS_CONNECTION_DATA(connection);
754 + if (_dbus_list_prepend(&d->deferred_messages, message))
762 +bus_connection_clear_deferred_messages (DBusConnection *connection)
764 + BusConnectionData *d = BUS_CONNECTION_DATA(connection);
767 + BusDeferredMessage *message;
769 + link =_dbus_list_get_first_link(&d->deferred_messages);
770 + while (link != NULL)
772 + next = _dbus_list_get_next_link (&d->deferred_messages, link);
773 + message = link->data;
775 + bus_deferred_message_unref(message);
776 + _dbus_list_remove_link(&d->deferred_messages, link);
783 +bus_connection_remove_deferred_message (DBusConnection *connection,
784 + BusDeferredMessage *message)
786 + BusConnectionData *d = BUS_CONNECTION_DATA(connection);
787 + if (_dbus_list_remove(&d->deferred_messages, message))
788 + bus_deferred_message_unref(message);
792 bus_connections_get_n_active (BusConnections *connections)
794 diff --git a/bus/connection.h b/bus/connection.h
795 index 71078ea..97dae96 100644
796 --- a/bus/connection.h
797 +++ b/bus/connection.h
798 @@ -85,6 +85,22 @@ dbus_bool_t bus_connection_preallocate_oom_error (DBusConnection *connection);
799 void bus_connection_send_oom_error (DBusConnection *connection,
800 DBusMessage *in_reply_to);
802 +dbus_bool_t bus_connection_has_deferred_messages (DBusConnection *connection);
803 +dbus_bool_t bus_connection_queue_deferred_message (DBusConnection *connection,
804 + BusDeferredMessage *message,
805 + dbus_bool_t prepend);
806 +BusDeferredMessage *bus_connection_pop_deferred_message (DBusConnection *connection);
807 +dbus_bool_t bus_connection_putback_deferred_message (DBusConnection *connection,
808 + BusDeferredMessage *message);
809 +void bus_connection_remove_deferred_message (DBusConnection *connection,
810 + BusDeferredMessage *message);
811 +dbus_bool_t bus_connection_replace_deferred_message (DBusConnection *connection,
812 + BusDeferredMessage *oldMessage,
813 + BusDeferredMessage *newMessage);
814 +void bus_connection_dispatch_deferred (DBusConnection *connection);
815 +void bus_connection_clear_deferred_messages (DBusConnection *connection);
818 /* called by signals.c */
819 dbus_bool_t bus_connection_add_match_rule (DBusConnection *connection,
821 @@ -137,7 +153,8 @@ BusTransaction* bus_transaction_new (BusContext *
822 BusContext* bus_transaction_get_context (BusTransaction *transaction);
823 dbus_bool_t bus_transaction_send (BusTransaction *transaction,
824 DBusConnection *connection,
825 - DBusMessage *message);
826 + DBusMessage *message,
827 + dbus_bool_t deferred_dispatch);
828 dbus_bool_t bus_transaction_capture (BusTransaction *transaction,
829 DBusConnection *connection,
830 DBusConnection *addressed_recipient,
831 diff --git a/bus/dispatch.c b/bus/dispatch.c
832 index 0250b53..1bdcbf0 100644
839 +#include "dispatch.h"
841 #include <dbus/dbus-internals.h>
842 #include <dbus/dbus-connection-internal.h>
843 @@ -77,7 +78,7 @@ send_one_message (DBusConnection *connection,
847 - if (result != BUS_RESULT_TRUE)
848 + if (result == BUS_RESULT_FALSE)
850 if (!bus_transaction_capture_error_reply (transaction, sender,
851 &stack_error, message))
852 @@ -112,9 +113,19 @@ send_one_message (DBusConnection *connection,
853 return TRUE; /* don't send it but don't return an error either */
856 + if (result == BUS_RESULT_LATER)
858 + if (!bus_deferred_message_queue_at_recipient(deferred_message, transaction, FALSE, FALSE))
860 + BUS_SET_OOM (error);
863 + return TRUE; /* pretend to have sent it */
866 if (!bus_transaction_send (transaction,
873 @@ -124,11 +135,12 @@ send_one_message (DBusConnection *connection,
877 -bus_dispatch_matches (BusTransaction *transaction,
878 - DBusConnection *sender,
879 - DBusConnection *addressed_recipient,
880 - DBusMessage *message,
882 +bus_dispatch_matches (BusTransaction *transaction,
883 + DBusConnection *sender,
884 + DBusConnection *addressed_recipient,
885 + DBusMessage *message,
886 + BusDeferredMessage *dispatched_deferred_message,
890 BusConnections *connections;
891 @@ -152,17 +164,78 @@ bus_dispatch_matches (BusTransaction *transaction,
892 /* First, send the message to the addressed_recipient, if there is one. */
893 if (addressed_recipient != NULL)
896 - res = bus_context_check_security_policy (context, transaction,
897 - sender, addressed_recipient,
898 - addressed_recipient,
899 - message, NULL, error,
900 - &deferred_message);
901 - if (res == BUS_RESULT_FALSE)
903 + /* To maintain message order message needs to be appended at the recipient if there are already
904 + * deferred messages and we are not doing deferred dispatch
906 + if (dispatched_deferred_message == NULL && bus_connection_has_deferred_messages(addressed_recipient))
908 + deferred_message = bus_deferred_message_new(message, sender,
909 + addressed_recipient, addressed_recipient, BUS_RESULT_LATER);
911 + if (deferred_message == NULL)
913 + BUS_SET_OOM(error);
914 + return BUS_RESULT_FALSE;
917 + if (!bus_deferred_message_queue_at_recipient(deferred_message, transaction, TRUE, FALSE))
919 + bus_deferred_message_unref(deferred_message);
920 + BUS_SET_OOM(error);
921 + return BUS_RESULT_FALSE;
924 + bus_deferred_message_unref(deferred_message);
925 + return BUS_RESULT_TRUE; /* pretend to have sent it */
928 + if (dispatched_deferred_message != NULL)
930 + result = bus_deferred_message_get_response(dispatched_deferred_message);
931 + if (result == BUS_RESULT_TRUE)
933 + /* if we know the result of policy check we still need to check if message limits
934 + * are not exceeded. It is also required to add entry in expected replies list if
935 + * this is a method call
937 + if (!bus_deferred_message_check_message_limits(dispatched_deferred_message, error))
938 + return BUS_RESULT_FALSE;
940 + if (!bus_deferred_message_expect_method_reply(dispatched_deferred_message, transaction, error))
941 + return BUS_RESULT_FALSE;
943 + else if (result == BUS_RESULT_FALSE)
945 + bus_deferred_message_create_error(dispatched_deferred_message, "Rejected message", error);
946 + return BUS_RESULT_FALSE;
950 + result = BUS_RESULT_LATER;
952 + if (result == BUS_RESULT_LATER)
953 + result = bus_context_check_security_policy(context, transaction,
954 + sender, addressed_recipient, addressed_recipient, message, NULL, error,
955 + &deferred_message);
957 + if (result == BUS_RESULT_FALSE)
958 return BUS_RESULT_FALSE;
959 - else if (res == BUS_RESULT_LATER)
960 + else if (result == BUS_RESULT_LATER)
962 BusDeferredMessageStatus status;
964 + if (dispatched_deferred_message != NULL)
966 + /* for deferred dispatch prepend message at the recipient */
967 + if (!bus_deferred_message_queue_at_recipient(deferred_message, transaction, TRUE, TRUE))
969 + BUS_SET_OOM(error);
970 + return BUS_RESULT_FALSE;
972 + return BUS_RESULT_TRUE; /* pretend to have sent it */
975 status = bus_deferred_message_get_status(deferred_message);
977 if (status & BUS_DEFERRED_MESSAGE_CHECK_SEND)
978 @@ -173,13 +246,18 @@ bus_dispatch_matches (BusTransaction *transaction,
980 else if (status & BUS_DEFERRED_MESSAGE_CHECK_RECEIVE)
982 - dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
983 - "Rejecting message because time is needed to check security policy");
984 - return BUS_RESULT_FALSE;
985 + /* receive rule result not available - queue message at the recipient */
986 + if (!bus_deferred_message_queue_at_recipient(deferred_message, transaction, TRUE, FALSE))
988 + BUS_SET_OOM(error);
989 + return BUS_RESULT_FALSE;
992 + return BUS_RESULT_TRUE; /* pretend to have sent it */
996 - _dbus_verbose("deferred message has no status field set to send or receive unexpectedly\n");
997 + _dbus_verbose("deferred message has no status field set unexpectedly\n");
998 return BUS_RESULT_FALSE;
1001 @@ -196,7 +274,8 @@ bus_dispatch_matches (BusTransaction *transaction,
1004 /* Dispatch the message */
1005 - if (!bus_transaction_send (transaction, addressed_recipient, message))
1006 + if (!bus_transaction_send(transaction, addressed_recipient, message,
1007 + dispatched_deferred_message != NULL ? TRUE : FALSE))
1009 BUS_SET_OOM (error);
1010 return BUS_RESULT_FALSE;
1011 @@ -535,7 +614,7 @@ bus_dispatch (DBusConnection *connection,
1014 if (BUS_RESULT_LATER == bus_dispatch_matches (transaction, connection, addressed_recipient,
1016 + message, NULL, &error))
1018 /* Roll back and dispatch the message once the policy result is available */
1019 bus_transaction_cancel_and_free (transaction);
1020 diff --git a/bus/dispatch.h b/bus/dispatch.h
1021 index afba6a2..f6102e8 100644
1022 --- a/bus/dispatch.h
1023 +++ b/bus/dispatch.h
1026 dbus_bool_t bus_dispatch_add_connection (DBusConnection *connection);
1027 void bus_dispatch_remove_connection (DBusConnection *connection);
1028 -BusResult bus_dispatch_matches (BusTransaction *transaction,
1029 - DBusConnection *sender,
1030 - DBusConnection *recipient,
1031 - DBusMessage *message,
1032 - DBusError *error);
1033 +BusResult bus_dispatch_matches (BusTransaction *transaction,
1034 + DBusConnection *sender,
1035 + DBusConnection *recipient,
1036 + DBusMessage *message,
1037 + BusDeferredMessage *dispatched_deferred_message,
1038 + DBusError *error);
1040 #endif /* BUS_DISPATCH_H */
1041 diff --git a/bus/driver.c b/bus/driver.c
1042 index f414f64..d89a658 100644
1045 @@ -254,7 +254,7 @@ bus_driver_send_service_owner_changed (const char *service_name,
1046 if (!bus_transaction_capture (transaction, NULL, NULL, message))
1049 - res = bus_dispatch_matches (transaction, NULL, NULL, message, error);
1050 + res = bus_dispatch_matches (transaction, NULL, NULL, message, NULL, error);
1051 if (res == BUS_RESULT_TRUE)
1054 diff --git a/bus/policy.c b/bus/policy.c
1055 index 7ee1ce5..b1fab0d 100644
1058 @@ -1121,6 +1121,9 @@ bus_client_policy_check_can_send (DBusConnection *sender,
1060 result = bus_check_privilege(check, message, sender, addressed_recipient, receiver,
1061 privilege, BUS_DEFERRED_MESSAGE_CHECK_SEND, deferred_message);
1062 + if (result == BUS_RESULT_LATER && deferred_message != NULL)
1063 + bus_deferred_message_set_policy_check_info(*deferred_message, requested_reply,
1064 + *toggles, privilege);
1068 @@ -1370,6 +1373,9 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy,
1070 result = bus_check_privilege(check, message, sender, addressed_recipient, proposed_recipient,
1071 privilege, BUS_DEFERRED_MESSAGE_CHECK_RECEIVE, deferred_message);
1072 + if (result == BUS_RESULT_LATER && deferred_message != NULL)
1073 + bus_deferred_message_set_policy_check_info(*deferred_message, requested_reply,
1074 + *toggles, privilege);
Code Review / AGL / meta-agl.git / blob