diff options
author | Havoc Pennington <hp@redhat.com> | 2003-04-14 02:29:21 +0000 |
---|---|---|
committer | Havoc Pennington <hp@redhat.com> | 2003-04-14 02:29:21 +0000 |
commit | 777707ed8dff6958972a93894a87ec1945c65c14 (patch) | |
tree | 4ade9d56eccc5280150968e692a389e8749ed029 /bus/connection.c | |
parent | 8aabca8dd28a113712389be51e75ea8c2fd17838 (diff) | |
download | dbus-777707ed8dff6958972a93894a87ec1945c65c14.tar.gz |
2003-04-13 Havoc Pennington <hp@pobox.com>
* dbus/dbus-mainloop.c: fix some reentrancy issues by refcounting
callbacks
* test/data/valid-config-files/debug-allow-all.conf.in: allow all
users
* dbus/dbus-transport.c (_dbus_transport_get_dispatch_status):
fix to only recover unused bytes if we're already authenticated
(_dbus_transport_get_is_authenticated): fix to still mark us
authenticated if there are unused bytes.
* bus/dispatch.c: implement security policy checking
* bus/connection.c (bus_transaction_send_from_driver): new
* bus/bus.c (bus_context_check_security_policy): new
* bus/dispatch.c (send_service_nonexistent_error): delete this,
now we just set the DBusError and it gets converted to an error
reply.
* bus/connection.c (allow_user_function): enable code using actual
data from the config file
* bus/policy.c (list_allows_user): handle wildcard rules for
user/group connection perms
Diffstat (limited to 'bus/connection.c')
-rw-r--r-- | bus/connection.c | 40 |
1 files changed, 31 insertions, 9 deletions
diff --git a/bus/connection.c b/bus/connection.c index 21c8f1a3..4c48fbd6 100644 --- a/bus/connection.c +++ b/bus/connection.c @@ -283,8 +283,6 @@ allow_user_function (DBusConnection *connection, d = BUS_CONNECTION_DATA (connection); _dbus_assert (d != NULL); - - return TRUE; /* FIXME - this is just until we can parse a config file */ return bus_context_allow_user (d->connections->context, uid); } @@ -504,7 +502,7 @@ bus_connection_get_groups (DBusConnection *connection, if (dbus_connection_get_unix_user (connection, &uid)) { - if (!_dbus_get_groups (uid, &d->group_ids, &d->n_group_ids)) + if (!_dbus_get_groups (uid, &d->group_ids, &d->n_group_ids, NULL)) { _dbus_verbose ("Did not get any groups for UID %lu\n", uid); @@ -924,9 +922,34 @@ bus_transaction_get_connections (BusTransaction *transaction) } dbus_bool_t -bus_transaction_send_message (BusTransaction *transaction, - DBusConnection *connection, - DBusMessage *message) +bus_transaction_send_from_driver (BusTransaction *transaction, + DBusConnection *connection, + DBusMessage *message) +{ + /* We have to set the sender to the driver, and have + * to check security policy since it was not done in + * dispatch.c + */ + _dbus_verbose ("Sending %s from driver\n", + dbus_message_get_name (message)); + + if (!dbus_message_set_sender (message, DBUS_SERVICE_DBUS)) + return FALSE; + + /* If security policy doesn't allow the message, we silently + * eat it; the driver doesn't care about getting a reply. + */ + if (!bus_context_check_security_policy (bus_transaction_get_context (transaction), + NULL, connection, message, NULL)) + return TRUE; + + return bus_transaction_send (transaction, connection, message); +} + +dbus_bool_t +bus_transaction_send (BusTransaction *transaction, + DBusConnection *connection, + DBusMessage *message) { MessageToSend *to_send; BusConnectionData *d; @@ -934,7 +957,7 @@ bus_transaction_send_message (BusTransaction *transaction, _dbus_verbose (" trying to add %s %s to transaction%s\n", dbus_message_get_is_error (message) ? "error" : - dbus_message_get_reply_serial (message) != 0 ? "reply" : + dbus_message_get_reply_serial (message) != -1 ? "reply" : "message", dbus_message_get_name (message), dbus_connection_get_is_connected (connection) ? @@ -1152,8 +1175,7 @@ bus_transaction_send_error_reply (BusTransaction *transaction, if (reply == NULL) return FALSE; - if (!dbus_message_set_sender (reply, DBUS_SERVICE_DBUS) || - !bus_transaction_send_message (transaction, connection, reply)) + if (!bus_transaction_send_from_driver (transaction, connection, reply)) { dbus_message_unref (reply); return FALSE; |