Cherry picked from 4dcfb02f17247ff9de966b62182cd2e08f301238
by José Bollo.
+Updated for dbus 1.10.20 by Scott Murray.
+
Change-Id: I9bcbce34577e5dc2a3cecf6233a0a2b0e43e1108
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
----
- bus/Makefile.am | 6 +
- bus/bus.c | 136 +++++---
- bus/bus.h | 32 +-
- bus/check.c | 217 ++++++++++++
- bus/check.h | 68 ++++
- bus/config-parser-common.c | 6 +
- bus/config-parser-common.h | 1 +
- bus/config-parser.c | 71 +++-
- bus/connection.c | 56 ++-
- bus/connection.h | 4 +
- bus/cynara.c | 374 +++++++++++++++++++++
- bus/cynara.h | 37 ++
- bus/dispatch.c | 44 ++-
- bus/policy.c | 193 +++++++----
- bus/policy.h | 51 ++-
- configure.ac | 12 +
- test/Makefile.am | 1 +
- test/data/invalid-config-files/badcheck-1.conf | 9 +
- test/data/invalid-config-files/badcheck-2.conf | 9 +
- test/data/valid-config-files/check-1.conf | 9 +
- .../valid-config-files/debug-check-some.conf.in | 18 +
- tools/dbus-send.c | 2 +-
- 22 files changed, 1193 insertions(+), 163 deletions(-)
- create mode 100644 bus/check.c
- create mode 100644 bus/check.h
- create mode 100644 bus/cynara.c
- create mode 100644 bus/cynara.h
- create mode 100644 test/data/invalid-config-files/badcheck-1.conf
- create mode 100644 test/data/invalid-config-files/badcheck-2.conf
- create mode 100644 test/data/valid-config-files/check-1.conf
- create mode 100644 test/data/valid-config-files/debug-check-some.conf.in
+Signed-off-by: Scott Murray <scott.murray@konsulko.com>
diff --git a/bus/Makefile.am b/bus/Makefile.am
-index 33af09b0..3f57cc48 100644
+index 9ae3071..46afb31 100644
--- a/bus/Makefile.am
+++ b/bus/Makefile.am
-@@ -9,6 +9,7 @@ DBUS_BUS_LIBS = \
+@@ -13,6 +13,7 @@ DBUS_BUS_LIBS = \
$(THREAD_LIBS) \
$(ADT_LIBS) \
$(NETWORK_libs) \
$(NULL)
DBUS_LAUNCHER_LIBS = \
-@@ -24,6 +25,7 @@ AM_CPPFLAGS = \
+@@ -30,6 +31,7 @@ AM_CPPFLAGS = \
$(APPARMOR_CFLAGS) \
-DDBUS_SYSTEM_CONFIG_FILE=\""$(dbusdatadir)/system.conf"\" \
-DDBUS_COMPILATION \
$(NULL)
# if assertions are enabled, improve backtraces
-@@ -82,12 +84,16 @@ BUS_SOURCES= \
+@@ -90,6 +92,8 @@ BUS_SOURCES= \
audit.h \
bus.c \
bus.h \
+ check.c \
+ check.h \
+ config-loader-expat.c \
config-parser.c \
config-parser.h \
- config-parser-common.c \
+@@ -97,6 +101,8 @@ BUS_SOURCES= \
config-parser-common.h \
connection.c \
connection.h \
desktop-file.c \
desktop-file.h \
$(DIR_WATCH_SOURCE) \
+diff --git a/bus/activation.c b/bus/activation.c
+index 6f009f5..451179d 100644
+--- a/bus/activation.c
++++ b/bus/activation.c
+@@ -1795,7 +1795,8 @@ bus_activation_activate_service (BusActivation *activation,
+ NULL, /* proposed recipient */
+ activation_message,
+ entry,
+- error))
++ error,
++ NULL))
+ {
+ _DBUS_ASSERT_ERROR_IS_SET (error);
+ _dbus_verbose ("activation not authorized: %s: %s\n",
diff --git a/bus/bus.c b/bus/bus.c
-index fd4ab9e4..c4008505 100644
+index 30ce4e1..237efe3 100644
--- a/bus/bus.c
+++ b/bus/bus.c
-@@ -37,6 +37,7 @@
+@@ -38,6 +38,7 @@
#include "apparmor.h"
#include "audit.h"
#include "dir-watch.h"
+#include "check.h"
+ #include <dbus/dbus-auth.h>
#include <dbus/dbus-list.h>
#include <dbus/dbus-hash.h>
- #include <dbus/dbus-credentials.h>
-@@ -65,6 +66,7 @@ struct BusContext
+@@ -67,6 +68,7 @@ struct BusContext
BusRegistry *registry;
BusPolicy *policy;
BusMatchmaker *matchmaker;
BusLimits limits;
DBusRLimit *initial_fd_limit;
unsigned int fork : 1;
-@@ -988,6 +990,10 @@ bus_context_new (const DBusString *config_file,
+@@ -1003,6 +1005,10 @@ bus_context_new (const DBusString *config_file,
parser = NULL;
}
dbus_server_free_data_slot (&server_data_slot);
return context;
-@@ -1112,6 +1118,12 @@ bus_context_unref (BusContext *context)
+@@ -1127,6 +1133,12 @@ bus_context_unref (BusContext *context)
bus_context_shutdown (context);
if (context->connections)
{
bus_connections_unref (context->connections);
-@@ -1241,6 +1253,12 @@ bus_context_get_loop (BusContext *context)
+@@ -1256,6 +1268,12 @@ bus_context_get_loop (BusContext *context)
return context->loop;
}
dbus_bool_t
bus_context_allow_unix_user (BusContext *context,
unsigned long uid)
-@@ -1456,6 +1474,7 @@ complain_about_message (BusContext *context,
+@@ -1451,6 +1469,7 @@ complain_about_message (BusContext *context,
DBusConnection *proposed_recipient,
dbus_bool_t requested_reply,
dbus_bool_t log,
DBusError *error)
{
DBusError stack_error = DBUS_ERROR_INIT;
-@@ -1485,7 +1504,8 @@ complain_about_message (BusContext *context,
+@@ -1480,7 +1499,8 @@ complain_about_message (BusContext *context,
dbus_set_error (&stack_error, error_name,
"%s, %d matched rules; type=\"%s\", sender=\"%s\" (%s) "
"interface=\"%s\" member=\"%s\" error name=\"%s\" "
complaint,
matched_rules,
dbus_message_type_to_string (dbus_message_get_type (message)),
-@@ -1496,7 +1516,8 @@ complain_about_message (BusContext *context,
+@@ -1491,7 +1511,8 @@ complain_about_message (BusContext *context,
nonnull (dbus_message_get_error_name (message), "(unset)"),
requested_reply,
nonnull (dbus_message_get_destination (message), DBUS_SERVICE_DBUS),
/* If we hit OOM while setting the error, this will syslog "out of memory"
* which is itself an indication that something is seriously wrong */
-@@ -1520,14 +1541,15 @@ complain_about_message (BusContext *context,
+@@ -1519,7 +1540,7 @@ complain_about_message (BusContext *context,
* NULL for addressed_recipient may mean the bus driver, or may mean
* no destination was specified in the message (e.g. a signal).
*/
-dbus_bool_t
--bus_context_check_security_policy (BusContext *context,
-- BusTransaction *transaction,
-- DBusConnection *sender,
-- DBusConnection *addressed_recipient,
-- DBusConnection *proposed_recipient,
-- DBusMessage *message,
-- DBusError *error)
+BusResult
-+bus_context_check_security_policy (BusContext *context,
-+ BusTransaction *transaction,
-+ DBusConnection *sender,
-+ DBusConnection *addressed_recipient,
-+ DBusConnection *proposed_recipient,
-+ DBusMessage *message,
-+ DBusError *error,
+ bus_context_check_security_policy (BusContext *context,
+ BusTransaction *transaction,
+ DBusConnection *sender,
+@@ -1527,7 +1548,8 @@ bus_context_check_security_policy (BusContext *context,
+ DBusConnection *proposed_recipient,
+ DBusMessage *message,
+ BusActivationEntry *activation_entry,
+- DBusError *error)
++ DBusError *error,
+ BusDeferredMessage **deferred_message)
{
const char *src, *dest;
type = dbus_message_get_type (message);
src = dbus_message_get_sender (message);
-@@ -1564,7 +1587,7 @@ bus_context_check_security_policy (BusContext *context,
+@@ -1565,7 +1588,7 @@ bus_context_check_security_policy (BusContext *context,
dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
"Message bus will not accept messages of unknown type\n");
}
requested_reply = FALSE;
-@@ -1594,7 +1617,7 @@ bus_context_check_security_policy (BusContext *context,
+@@ -1595,7 +1618,7 @@ bus_context_check_security_policy (BusContext *context,
if (dbus_error_is_set (&error2))
{
dbus_move_error (&error2, error);
}
}
}
-@@ -1621,11 +1644,11 @@ bus_context_check_security_policy (BusContext *context,
+@@ -1624,11 +1647,11 @@ bus_context_check_security_policy (BusContext *context,
complain_about_message (context, DBUS_ERROR_ACCESS_DENIED,
"An SELinux policy prevents this sender from sending this "
"message to this recipient",
}
/* next verify AppArmor access controls. If allowed then
-@@ -1642,7 +1665,7 @@ bus_context_check_security_policy (BusContext *context,
- dest ? dest : DBUS_SERVICE_DBUS,
+@@ -1646,7 +1669,7 @@ bus_context_check_security_policy (BusContext *context,
src ? src : DBUS_SERVICE_DBUS,
+ activation_entry,
error))
- return FALSE;
+ return BUS_RESULT_FALSE;
if (!bus_connection_is_active (sender))
{
-@@ -1656,7 +1679,7 @@ bus_context_check_security_policy (BusContext *context,
+@@ -1660,7 +1683,7 @@ bus_context_check_security_policy (BusContext *context,
{
_dbus_verbose ("security check allowing %s message\n",
"Hello");
}
else
{
-@@ -1667,7 +1690,7 @@ bus_context_check_security_policy (BusContext *context,
+@@ -1671,7 +1694,7 @@ bus_context_check_security_policy (BusContext *context,
"Client tried to send a message other than %s without being registered",
"Hello");
}
}
}
-@@ -1716,20 +1739,29 @@ bus_context_check_security_policy (BusContext *context,
+@@ -1720,20 +1743,29 @@ bus_context_check_security_policy (BusContext *context,
(proposed_recipient == NULL && recipient_policy == NULL));
log = FALSE;
if (log)
{
-@@ -1738,23 +1770,29 @@ bus_context_check_security_policy (BusContext *context,
+@@ -1742,23 +1774,29 @@ bus_context_check_security_policy (BusContext *context,
complain_about_message (context, DBUS_ERROR_ACCESS_DENIED,
"Would reject message", toggles,
message, sender, proposed_recipient, requested_reply,
}
/* See if limits on size have been exceeded */
-@@ -1764,10 +1802,10 @@ bus_context_check_security_policy (BusContext *context,
+@@ -1768,10 +1806,10 @@ bus_context_check_security_policy (BusContext *context,
{
complain_about_message (context, DBUS_ERROR_LIMITS_EXCEEDED,
"Rejected: destination has a full message queue",
}
/* Record that we will allow a reply here in the future (don't
-@@ -1784,11 +1822,11 @@ bus_context_check_security_policy (BusContext *context,
+@@ -1792,11 +1830,11 @@ bus_context_check_security_policy (BusContext *context,
message, error))
{
_dbus_verbose ("Failed to record reply expectation or problem with the message expecting a reply\n");
void
diff --git a/bus/bus.h b/bus/bus.h
-index 3fab59ff..dab7791f 100644
+index 2e0de82..82c32c8 100644
--- a/bus/bus.h
+++ b/bus/bus.h
-@@ -44,6 +44,22 @@ typedef struct BusOwner BusOwner;
- typedef struct BusTransaction BusTransaction;
+@@ -45,6 +45,22 @@ typedef struct BusTransaction BusTransaction;
typedef struct BusMatchmaker BusMatchmaker;
typedef struct BusMatchRule BusMatchRule;
+ typedef struct BusActivationEntry BusActivationEntry;
+typedef struct BusCheck BusCheck;
+typedef struct BusDeferredMessage BusDeferredMessage;
+typedef struct BusCynara BusCynara;
typedef struct
{
-@@ -97,6 +113,7 @@ BusConnections* bus_context_get_connections (BusContext
+@@ -101,6 +117,7 @@ BusConnections* bus_context_get_connections (BusContext
BusActivation* bus_context_get_activation (BusContext *context);
BusMatchmaker* bus_context_get_matchmaker (BusContext *context);
DBusLoop* bus_context_get_loop (BusContext *context);
dbus_bool_t bus_context_allow_unix_user (BusContext *context,
unsigned long uid);
dbus_bool_t bus_context_allow_windows_user (BusContext *context,
-@@ -131,13 +148,14 @@ void bus_context_log_and_set_error (BusContext
+@@ -136,14 +153,15 @@ void bus_context_log_and_set_error (BusContext
const char *name,
const char *msg,
...) _DBUS_GNUC_PRINTF (5, 6);
-dbus_bool_t bus_context_check_security_policy (BusContext *context,
-- BusTransaction *transaction,
-- DBusConnection *sender,
-- DBusConnection *addressed_recipient,
-- DBusConnection *proposed_recipient,
-- DBusMessage *message,
++BusResult bus_context_check_security_policy (BusContext *context,
+ BusTransaction *transaction,
+ DBusConnection *sender,
+ DBusConnection *addressed_recipient,
+ DBusConnection *proposed_recipient,
+ DBusMessage *message,
+ BusActivationEntry *activation_entry,
- DBusError *error);
-+BusResult bus_context_check_security_policy (BusContext *context,
-+ BusTransaction *transaction,
-+ DBusConnection *sender,
-+ DBusConnection *addressed_recipient,
-+ DBusConnection *proposed_recipient,
-+ DBusMessage *message,
-+ DBusError *error,
++ DBusError *error,
+ BusDeferredMessage **deferred_message);
void bus_context_check_all_watches (BusContext *context);
#endif /* BUS_BUS_H */
diff --git a/bus/check.c b/bus/check.c
new file mode 100644
-index 00000000..5b72d31c
+index 0000000..5b72d31
--- /dev/null
+++ b/bus/check.c
@@ -0,0 +1,217 @@
+}
diff --git a/bus/check.h b/bus/check.h
new file mode 100644
-index 00000000..c3fcaf90
+index 0000000..c3fcaf9
--- /dev/null
+++ b/bus/check.h
@@ -0,0 +1,68 @@
+ BusResult result);
+#endif /* BUS_CHECK_H */
diff --git a/bus/config-parser-common.c b/bus/config-parser-common.c
-index 5db6b289..ea25f5e6 100644
+index c1c4191..e2f253d 100644
--- a/bus/config-parser-common.c
+++ b/bus/config-parser-common.c
@@ -75,6 +75,10 @@ bus_config_parser_element_name_to_type (const char *name)
return "fork";
case ELEMENT_PIDFILE:
diff --git a/bus/config-parser-common.h b/bus/config-parser-common.h
-index 382a0141..9e026d10 100644
+index 382a014..9e026d1 100644
--- a/bus/config-parser-common.h
+++ b/bus/config-parser-common.h
@@ -36,6 +36,7 @@ typedef enum
ELEMENT_PIDFILE,
ELEMENT_SERVICEDIR,
diff --git a/bus/config-parser.c b/bus/config-parser.c
-index d9f6042c..a8c4ca5d 100644
+index be27d38..b54b0e4 100644
--- a/bus/config-parser.c
+++ b/bus/config-parser.c
-@@ -1172,7 +1172,7 @@ append_rule_from_element (BusConfigParser *parser,
+@@ -1318,7 +1318,7 @@ append_rule_from_element (BusConfigParser *parser,
const char *element_name,
const char **attribute_names,
const char **attribute_values,
DBusError *error)
{
const char *log;
-@@ -1195,6 +1195,7 @@ append_rule_from_element (BusConfigParser *parser,
+@@ -1360,6 +1360,7 @@ append_rule_from_element (BusConfigParser *parser,
const char *own_prefix;
const char *user;
const char *group;
+ const char *privilege;
BusPolicyRule *rule;
-
-@@ -1222,6 +1223,7 @@ append_rule_from_element (BusConfigParser *parser,
+
+@@ -1390,6 +1391,7 @@ append_rule_from_element (BusConfigParser *parser,
"user", &user,
"group", &group,
"log", &log,
NULL))
return FALSE;
-@@ -1230,6 +1232,7 @@ append_rule_from_element (BusConfigParser *parser,
- receive_interface || receive_member || receive_error || receive_sender ||
- receive_type || receive_path || eavesdrop ||
- send_requested_reply || receive_requested_reply ||
+@@ -1422,6 +1424,7 @@ append_rule_from_element (BusConfigParser *parser,
+
+ if (!(any_send_attribute ||
+ any_receive_attribute ||
+ privilege ||
own || own_prefix || user || group))
{
dbus_set_error (error, DBUS_ERROR_FAILED,
-@@ -1246,7 +1249,30 @@ append_rule_from_element (BusConfigParser *parser,
+@@ -1438,7 +1441,30 @@ append_rule_from_element (BusConfigParser *parser,
element_name);
return FALSE;
}
/* Allowed combinations of elements are:
*
* base, must be all send or all receive:
-@@ -1420,7 +1446,7 @@ append_rule_from_element (BusConfigParser *parser,
- return FALSE;
- }
-
+@@ -1589,7 +1615,7 @@ append_rule_from_element (BusConfigParser *parser,
+ error))
+ return FALSE;
+
- rule = bus_policy_rule_new (BUS_POLICY_RULE_SEND, allow);
-+ rule = bus_policy_rule_new (BUS_POLICY_RULE_SEND, access);
++ rule = bus_policy_rule_new (BUS_POLICY_RULE_SEND, access);
if (rule == NULL)
goto nomem;
-@@ -1502,7 +1528,7 @@ append_rule_from_element (BusConfigParser *parser,
- return FALSE;
- }
-
+@@ -1694,7 +1720,7 @@ append_rule_from_element (BusConfigParser *parser,
+ error))
+ return FALSE;
+
- rule = bus_policy_rule_new (BUS_POLICY_RULE_RECEIVE, allow);
-+ rule = bus_policy_rule_new (BUS_POLICY_RULE_RECEIVE, access);
++ rule = bus_policy_rule_new (BUS_POLICY_RULE_RECEIVE, access);
if (rule == NULL)
goto nomem;
-@@ -1532,7 +1558,7 @@ append_rule_from_element (BusConfigParser *parser,
+@@ -1726,7 +1752,7 @@ append_rule_from_element (BusConfigParser *parser,
}
else if (own || own_prefix)
{
if (rule == NULL)
goto nomem;
-@@ -1558,7 +1584,7 @@ append_rule_from_element (BusConfigParser *parser,
+@@ -1752,7 +1778,7 @@ append_rule_from_element (BusConfigParser *parser,
{
if (IS_WILDCARD (user))
{
if (rule == NULL)
goto nomem;
-@@ -1573,7 +1599,7 @@ append_rule_from_element (BusConfigParser *parser,
+@@ -1767,7 +1793,7 @@ append_rule_from_element (BusConfigParser *parser,
if (_dbus_parse_unix_user_from_config (&username, &uid))
{
if (rule == NULL)
goto nomem;
-@@ -1590,7 +1616,7 @@ append_rule_from_element (BusConfigParser *parser,
+@@ -1784,7 +1810,7 @@ append_rule_from_element (BusConfigParser *parser,
{
if (IS_WILDCARD (group))
{
if (rule == NULL)
goto nomem;
-@@ -1605,7 +1631,7 @@ append_rule_from_element (BusConfigParser *parser,
+@@ -1799,7 +1825,7 @@ append_rule_from_element (BusConfigParser *parser,
if (_dbus_parse_unix_group_from_config (&groupname, &gid))
{
if (rule == NULL)
goto nomem;
-@@ -1629,6 +1655,10 @@ append_rule_from_element (BusConfigParser *parser,
+@@ -1823,6 +1849,10 @@ append_rule_from_element (BusConfigParser *parser,
_dbus_assert (pe != NULL);
_dbus_assert (pe->type == ELEMENT_POLICY);
switch (pe->d.policy.type)
{
case POLICY_IGNORED:
-@@ -1703,7 +1733,7 @@ start_policy_child (BusConfigParser *parser,
+@@ -1898,7 +1928,7 @@ start_policy_child (BusConfigParser *parser,
{
if (!append_rule_from_element (parser, element_name,
attribute_names, attribute_values,
return FALSE;
if (push_element (parser, ELEMENT_ALLOW) == NULL)
-@@ -1718,7 +1748,7 @@ start_policy_child (BusConfigParser *parser,
+@@ -1913,7 +1943,7 @@ start_policy_child (BusConfigParser *parser,
{
if (!append_rule_from_element (parser, element_name,
attribute_names, attribute_values,
return FALSE;
if (push_element (parser, ELEMENT_DENY) == NULL)
-@@ -1727,6 +1757,21 @@ start_policy_child (BusConfigParser *parser,
+@@ -1922,6 +1952,21 @@ start_policy_child (BusConfigParser *parser,
return FALSE;
}
return TRUE;
}
else
-@@ -2088,6 +2133,7 @@ bus_config_parser_end_element (BusConfigParser *parser,
+@@ -2284,6 +2329,7 @@ bus_config_parser_end_element (BusConfigParser *parser,
case ELEMENT_POLICY:
case ELEMENT_ALLOW:
case ELEMENT_DENY:
case ELEMENT_FORK:
case ELEMENT_SYSLOG:
case ELEMENT_KEEP_UMASK:
-@@ -2397,6 +2443,7 @@ bus_config_parser_content (BusConfigParser *parser,
+@@ -2600,6 +2646,7 @@ bus_config_parser_content (BusConfigParser *parser,
case ELEMENT_POLICY:
case ELEMENT_ALLOW:
case ELEMENT_DENY:
case ELEMENT_FORK:
case ELEMENT_SYSLOG:
case ELEMENT_KEEP_UMASK:
-@@ -2862,6 +2909,8 @@ do_load (const DBusString *full_path,
+@@ -3127,6 +3174,8 @@ do_load (const DBusString *full_path,
dbus_error_init (&error);
parser = bus_config_load (full_path, TRUE, NULL, &error);
{
_DBUS_ASSERT_ERROR_IS_SET (&error);
diff --git a/bus/connection.c b/bus/connection.c
-index 02d6c220..eea50ecd 100644
+index 53605fa..deebde3 100644
--- a/bus/connection.c
+++ b/bus/connection.c
@@ -36,6 +36,10 @@
}
static void
-@@ -451,6 +458,10 @@ free_connection_data (void *data)
+@@ -448,6 +455,10 @@ free_connection_data (void *data)
dbus_free (d->name);
dbus_free (d);
}
-@@ -1063,6 +1074,22 @@ bus_connection_get_policy (DBusConnection *connection)
+@@ -1078,6 +1089,22 @@ bus_connection_get_policy (DBusConnection *connection)
return d->policy;
}
static dbus_bool_t
foreach_active (BusConnections *connections,
BusConnectionForeachFunction function,
-@@ -2289,6 +2316,7 @@ bus_transaction_send_from_driver (BusTransaction *transaction,
+@@ -2333,6 +2360,7 @@ bus_transaction_send_from_driver (BusTransaction *transaction,
DBusMessage *message)
{
DBusError error = DBUS_ERROR_INIT;
/* We have to set the sender to the driver, and have
* to check security policy since it was not done in
-@@ -2326,9 +2354,11 @@ bus_transaction_send_from_driver (BusTransaction *transaction,
+@@ -2370,10 +2398,12 @@ bus_transaction_send_from_driver (BusTransaction *transaction,
* if we're actively capturing messages, it's nice to log that we
* tried to send it and did not allow ourselves to do so.
*/
- if (!bus_context_check_security_policy (bus_transaction_get_context (transaction),
- transaction,
-- NULL, connection, connection, message, &error))
+- NULL, connection, connection,
+- message, NULL, &error))
+ res = bus_context_check_security_policy (bus_transaction_get_context (transaction),
+ transaction,
-+ NULL, connection, connection, message, &error,
++ NULL, connection, connection,
++ message, NULL, &error,
+ NULL);
+ if (res == BUS_RESULT_FALSE)
{
- if (!bus_transaction_capture_error_reply (transaction, &error, message))
- {
-@@ -2342,6 +2372,12 @@ bus_transaction_send_from_driver (BusTransaction *transaction,
+ if (!bus_transaction_capture_error_reply (transaction, connection,
+ &error, message))
+@@ -2388,6 +2418,12 @@ bus_transaction_send_from_driver (BusTransaction *transaction,
dbus_error_free (&error);
return TRUE;
}
return bus_transaction_send (transaction, connection, message);
}
diff --git a/bus/connection.h b/bus/connection.h
-index 8c68d0a0..a6e5dfde 100644
+index 9e253ae..71078ea 100644
--- a/bus/connection.h
+++ b/bus/connection.h
@@ -31,6 +31,7 @@
BusConnections* bus_connections_new (BusContext *context);
BusConnections* bus_connections_ref (BusConnections *connections);
-@@ -122,6 +123,9 @@ dbus_bool_t bus_connection_be_monitor (DBusConnection *connection,
+@@ -124,6 +125,9 @@ dbus_bool_t bus_connection_be_monitor (DBusConnection *connection,
BusTransaction *transaction,
DBusList **rules,
DBusError *error);
diff --git a/bus/cynara.c b/bus/cynara.c
new file mode 100644
-index 00000000..57a4c45c
+index 0000000..57a4c45
--- /dev/null
+++ b/bus/cynara.c
@@ -0,0 +1,374 @@
+#endif /* DBUS_ENABLE_CYNARA */
diff --git a/bus/cynara.h b/bus/cynara.h
new file mode 100644
-index 00000000..c4728bb7
+index 0000000..c4728bb
--- /dev/null
+++ b/bus/cynara.h
@@ -0,0 +1,37 @@
+ BusDeferredMessageStatus check_type,
+ BusDeferredMessage **deferred_message);
diff --git a/bus/dispatch.c b/bus/dispatch.c
-index edfa1b44..05be3bdf 100644
+index 19228be..7e51bc1 100644
--- a/bus/dispatch.c
+++ b/bus/dispatch.c
@@ -25,6 +25,7 @@
#include "connection.h"
#include "driver.h"
#include "services.h"
-@@ -64,13 +65,17 @@ send_one_message (DBusConnection *connection,
+@@ -64,14 +65,18 @@ send_one_message (DBusConnection *connection,
DBusError *error)
{
DBusError stack_error = DBUS_ERROR_INIT;
addressed_recipient,
connection,
message,
+ NULL,
- &stack_error))
+ &stack_error,
+ &deferred_message);
+ if (result != BUS_RESULT_TRUE)
{
- if (!bus_transaction_capture_error_reply (transaction, &stack_error,
- message))
-@@ -129,6 +134,7 @@ bus_dispatch_matches (BusTransaction *transaction,
+ if (!bus_transaction_capture_error_reply (transaction, sender,
+ &stack_error, message))
+@@ -130,6 +135,7 @@ bus_dispatch_matches (BusTransaction *transaction,
BusMatchmaker *matchmaker;
DBusList *link;
BusContext *context;
_DBUS_ASSERT_ERROR_IS_CLEAR (error);
-@@ -144,11 +150,21 @@ bus_dispatch_matches (BusTransaction *transaction,
+@@ -145,11 +151,21 @@ bus_dispatch_matches (BusTransaction *transaction,
/* First, send the message to the addressed_recipient, if there is one. */
if (addressed_recipient != NULL)
{
- if (!bus_context_check_security_policy (context, transaction,
- sender, addressed_recipient,
- addressed_recipient,
-- message, error))
+- message, NULL, error))
+ BusResult res;
+ res = bus_context_check_security_policy (context, transaction,
+ sender, addressed_recipient,
+ addressed_recipient,
-+ message, error,
++ message, NULL, error,
+ &deferred_message);
+ if (res == BUS_RESULT_FALSE)
return FALSE;
if (dbus_message_contains_unix_fds (message) &&
!dbus_connection_can_send_type (addressed_recipient,
-@@ -379,12 +395,24 @@ bus_dispatch (DBusConnection *connection,
+@@ -374,19 +390,32 @@ bus_dispatch (DBusConnection *connection,
if (service_name &&
strcmp (service_name, DBUS_SERVICE_DBUS) == 0) /* to bus driver */
{
-- if (!bus_context_check_security_policy (context, transaction,
-- connection, NULL, NULL, message, &error))
+ BusDeferredMessage *deferred_message;
+ BusResult res;
++
+ if (!bus_transaction_capture (transaction, connection, NULL, message))
+ {
+ BUS_SET_OOM (&error);
+ goto out;
+ }
+
+- if (!bus_context_check_security_policy (context, transaction,
+- connection, NULL, NULL, message,
+- NULL, &error))
+ res = bus_context_check_security_policy (context, transaction,
-+ connection, NULL, NULL, message, &error,
++ connection, NULL, NULL, message,
++ NULL, &error,
+ &deferred_message);
+ if (res == BUS_RESULT_FALSE)
{
_dbus_verbose ("Giving message to %s\n", DBUS_SERVICE_DBUS);
if (!bus_driver_handle_message (connection, transaction, message, &error))
diff --git a/bus/policy.c b/bus/policy.c
-index 082f3853..bcade176 100644
+index a37be80..7ee1ce5 100644
--- a/bus/policy.c
+++ b/bus/policy.c
@@ -22,6 +22,7 @@
#include "policy.h"
#include "services.h"
#include "test.h"
-@@ -32,7 +33,7 @@
+@@ -33,7 +34,7 @@
BusPolicyRule*
bus_policy_rule_new (BusPolicyRuleType type,
{
BusPolicyRule *rule;
-@@ -42,7 +43,7 @@ bus_policy_rule_new (BusPolicyRuleType type,
+@@ -43,7 +44,7 @@ bus_policy_rule_new (BusPolicyRuleType type,
rule->type = type;
rule->refcount = 1;
switch (rule->type)
{
-@@ -54,18 +55,19 @@ bus_policy_rule_new (BusPolicyRuleType type,
+@@ -55,18 +56,19 @@ bus_policy_rule_new (BusPolicyRuleType type,
break;
case BUS_POLICY_RULE_SEND:
rule->d.send.message_type = DBUS_MESSAGE_TYPE_INVALID;
break;
case BUS_POLICY_RULE_OWN:
break;
-@@ -117,7 +119,8 @@ bus_policy_rule_unref (BusPolicyRule *rule)
- case BUS_POLICY_RULE_GROUP:
- break;
+@@ -122,7 +124,8 @@ bus_policy_rule_unref (BusPolicyRule *rule)
+ default:
+ _dbus_assert_not_reached ("invalid rule");
}
-
+
dbus_free (rule);
}
}
-@@ -427,7 +430,10 @@ list_allows_user (dbus_bool_t def,
+@@ -435,7 +438,10 @@ list_allows_user (dbus_bool_t def,
else
continue;
}
return allowed;
-@@ -862,18 +868,23 @@ bus_client_policy_append_rule (BusClientPolicy *policy,
+@@ -873,18 +879,23 @@ bus_client_policy_append_rule (BusClientPolicy *policy,
return TRUE;
}
/* policy->rules is in the order the rules appeared
* in the config file, i.e. last rule that applies wins
*/
-@@ -881,7 +892,7 @@ bus_client_policy_check_can_send (BusClientPolicy *policy,
+@@ -892,7 +903,7 @@ bus_client_policy_check_can_send (BusClientPolicy *policy,
_dbus_verbose (" (policy) checking send rules\n");
*toggles = 0;
link = _dbus_list_get_first_link (&policy->rules);
while (link != NULL)
{
-@@ -912,13 +923,14 @@ bus_client_policy_check_can_send (BusClientPolicy *policy,
+@@ -923,13 +934,14 @@ bus_client_policy_check_can_send (BusClientPolicy *policy,
/* If it's a reply, the requested_reply flag kicks in */
if (dbus_message_get_reply_serial (message) != 0)
{
continue;
}
-@@ -926,7 +938,7 @@ bus_client_policy_check_can_send (BusClientPolicy *policy,
+@@ -937,7 +949,7 @@ bus_client_policy_check_can_send (BusClientPolicy *policy,
* when the reply was not requested. requested_reply=true means the
* rule always applies.
*/
{
_dbus_verbose (" (policy) skipping deny rule since it only applies to unrequested replies\n");
continue;
-@@ -949,13 +961,15 @@ bus_client_policy_check_can_send (BusClientPolicy *policy,
+@@ -960,13 +972,15 @@ bus_client_policy_check_can_send (BusClientPolicy *policy,
/* The interface is optional in messages. For allow rules, if the message
* has no interface we want to skip the rule (and thus not allow);
* for deny rules, if the message has no interface we want to use the
(!no_interface &&
strcmp (dbus_message_get_interface (message),
rule->d.send.interface) != 0))
-@@ -1029,33 +1043,63 @@ bus_client_policy_check_can_send (BusClientPolicy *policy,
+@@ -1079,33 +1093,63 @@ bus_client_policy_check_can_send (BusClientPolicy *policy,
}
/* Use this rule */
eavesdropping =
addressed_recipient != proposed_recipient &&
-@@ -1068,7 +1112,7 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy,
+@@ -1118,7 +1162,7 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy,
_dbus_verbose (" (policy) checking receive rules, eavesdropping = %d\n", eavesdropping);
*toggles = 0;
link = _dbus_list_get_first_link (&policy->rules);
while (link != NULL)
{
-@@ -1091,19 +1135,21 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy,
+@@ -1141,19 +1185,21 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy,
}
}
{
_dbus_verbose (" (policy) skipping deny rule since it only applies to eavesdropping\n");
continue;
-@@ -1112,13 +1158,14 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy,
+@@ -1162,13 +1208,14 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy,
/* If it's a reply, the requested_reply flag kicks in */
if (dbus_message_get_reply_serial (message) != 0)
{
continue;
}
-@@ -1126,7 +1173,7 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy,
+@@ -1176,7 +1223,7 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy,
* when the reply was not requested. requested_reply=true means the
* rule always applies.
*/
{
_dbus_verbose (" (policy) skipping deny rule since it only applies to unrequested replies\n");
continue;
-@@ -1149,13 +1196,13 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy,
+@@ -1199,13 +1246,13 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy,
/* The interface is optional in messages. For allow rules, if the message
* has no interface we want to skip the rule (and thus not allow);
* for deny rules, if the message has no interface we want to use the
(!no_interface &&
strcmp (dbus_message_get_interface (message),
rule->d.receive.interface) != 0))
-@@ -1230,14 +1277,42 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy,
+@@ -1295,14 +1342,42 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy,
}
-
+
/* Use this rule */
- allowed = rule->allow;
+ switch (rule->access)
}
-@@ -1289,7 +1364,7 @@ bus_rules_check_can_own (DBusList *rules,
+@@ -1354,7 +1429,7 @@ bus_rules_check_can_own (DBusList *rules,
}
/* Use this rule */
return allowed;
diff --git a/bus/policy.h b/bus/policy.h
-index d1d3e72b..e9f193af 100644
+index ec43ffa..f306a3c 100644
--- a/bus/policy.h
+++ b/bus/policy.h
-@@ -39,6 +39,14 @@ typedef enum
- BUS_POLICY_RULE_GROUP
- } BusPolicyRuleType;
+@@ -46,6 +46,14 @@ typedef enum
+ BUS_POLICY_TRISTATE_TRUE
+ } BusPolicyTristate;
+typedef enum
+{
/** determines whether the rule affects a connection, or some global item */
#define BUS_POLICY_RULE_IS_PER_CLIENT(rule) (!((rule)->type == BUS_POLICY_RULE_USER || \
(rule)->type == BUS_POLICY_RULE_GROUP))
-@@ -49,8 +57,9 @@ struct BusPolicyRule
+@@ -56,8 +64,9 @@ struct BusPolicyRule
BusPolicyRuleType type;
union
{
struct
-@@ -106,7 +115,7 @@ struct BusPolicyRule
+@@ -118,7 +127,7 @@ struct BusPolicyRule
};
BusPolicyRule* bus_policy_rule_new (BusPolicyRuleType type,
BusPolicyRule* bus_policy_rule_ref (BusPolicyRule *rule);
void bus_policy_rule_unref (BusPolicyRule *rule);
-@@ -140,21 +149,27 @@ dbus_bool_t bus_policy_merge (BusPolicy *policy,
+@@ -152,21 +161,27 @@ dbus_bool_t bus_policy_merge (BusPolicy *policy,
BusClientPolicy* bus_client_policy_new (void);
BusClientPolicy* bus_client_policy_ref (BusClientPolicy *policy);
void bus_client_policy_unref (BusClientPolicy *policy);
const DBusString *service_name);
dbus_bool_t bus_client_policy_append_rule (BusClientPolicy *policy,
diff --git a/configure.ac b/configure.ac
-index 71e3515c..f3a2ffc1 100644
+index 80671b2..d975b04 100644
--- a/configure.ac
+++ b/configure.ac
-@@ -1873,6 +1873,17 @@ AC_ARG_ENABLE([user-session],
+@@ -1761,6 +1761,17 @@ AC_ARG_ENABLE([user-session],
AM_CONDITIONAL([DBUS_ENABLE_USER_SESSION],
[test "x$enable_user_session" = xyes])
AC_CONFIG_FILES([
Doxyfile
dbus/Version
-@@ -1952,6 +1963,7 @@ echo "
+@@ -1843,6 +1854,7 @@ echo "
Building bus stats API: ${enable_stats}
Building SELinux support: ${have_selinux}
Building AppArmor support: ${have_apparmor}
Building kqueue support: ${have_kqueue}
Building systemd support: ${have_systemd}
diff --git a/test/Makefile.am b/test/Makefile.am
-index 914dd7f2..86882537 100644
+index 6a6e1a3..ce84dbc 100644
--- a/test/Makefile.am
+++ b/test/Makefile.am
-@@ -341,6 +341,7 @@ in_data = \
+@@ -439,6 +439,7 @@ in_data = \
data/valid-config-files/debug-allow-all.conf.in \
data/valid-config-files/finite-timeout.conf.in \
data/valid-config-files/forbidding.conf.in \
+ data/valid-config-files/debug-check-some.conf.in \
data/valid-config-files/incoming-limit.conf.in \
- data/valid-config-files/multi-user.conf.in \
- data/valid-config-files/systemd-activation.conf.in \
+ data/valid-config-files/max-completed-connections.conf.in \
+ data/valid-config-files/max-connections-per-user.conf.in \
diff --git a/test/data/invalid-config-files/badcheck-1.conf b/test/data/invalid-config-files/badcheck-1.conf
new file mode 100644
-index 00000000..fad9f502
+index 0000000..fad9f50
--- /dev/null
+++ b/test/data/invalid-config-files/badcheck-1.conf
@@ -0,0 +1,9 @@
+</busconfig>
diff --git a/test/data/invalid-config-files/badcheck-2.conf b/test/data/invalid-config-files/badcheck-2.conf
new file mode 100644
-index 00000000..63c7ef25
+index 0000000..63c7ef2
--- /dev/null
+++ b/test/data/invalid-config-files/badcheck-2.conf
@@ -0,0 +1,9 @@
+</busconfig>
diff --git a/test/data/valid-config-files/check-1.conf b/test/data/valid-config-files/check-1.conf
new file mode 100644
-index 00000000..ad714733
+index 0000000..ad71473
--- /dev/null
+++ b/test/data/valid-config-files/check-1.conf
@@ -0,0 +1,9 @@
+</busconfig>
diff --git a/test/data/valid-config-files/debug-check-some.conf.in b/test/data/valid-config-files/debug-check-some.conf.in
new file mode 100644
-index 00000000..47ee8548
+index 0000000..47ee854
--- /dev/null
+++ b/test/data/valid-config-files/debug-check-some.conf.in
@@ -0,0 +1,18 @@
+ <check privilege="foo" send_interface="org.freedesktop.TestSuite" send_member="Echo"/>
+ </policy>
+</busconfig>
-diff --git a/tools/dbus-send.c b/tools/dbus-send.c
-index 0dc1f5b3..76ddab3f 100644
---- a/tools/dbus-send.c
-+++ b/tools/dbus-send.c
-@@ -458,7 +458,7 @@ main (int argc, char *argv[])
- char *arg;
- char *c;
- int type;
-- int secondary_type;
-+ int secondary_type = 0;
- int container_type;
- DBusMessageIter *target_iter;
- DBusMessageIter container_iter;
---
-2.14.3
-
Code Review / AGL / meta-agl.git / blobdiff