diff options
Diffstat (limited to 'bus/driver.c')
| -rw-r--r-- | bus/driver.c | 136 |
1 files changed, 135 insertions, 1 deletions
diff --git a/bus/driver.c b/bus/driver.c index ceebb6f2..aab922ae 100644 --- a/bus/driver.c +++ b/bus/driver.c @@ -24,6 +24,7 @@ #include <config.h> #include "activation.h" +#include "apparmor.h" #include "connection.h" #include "driver.h" #include "dispatch.h" @@ -34,10 +35,12 @@ #include "utils.h" #include <dbus/dbus-asv-util.h> +#include <dbus/dbus-connection-internal.h> #include <dbus/dbus-string.h> #include <dbus/dbus-internals.h> #include <dbus/dbus-message.h> #include <dbus/dbus-marshal-recursive.h> +#include <dbus/dbus-marshal-validate.h> #include <string.h> static DBusConnection * @@ -1108,9 +1111,10 @@ bus_driver_handle_add_match (DBusConnection *connection, DBusError *error) { BusMatchRule *rule; - const char *text; + const char *text, *bustype; DBusString str; BusMatchmaker *matchmaker; + BusContext *context; _DBUS_ASSERT_ERROR_IS_CLEAR (error); @@ -1143,6 +1147,12 @@ bus_driver_handle_add_match (DBusConnection *connection, if (rule == NULL) goto failed; + context = bus_transaction_get_context (transaction); + bustype = context ? bus_context_get_type (context) : NULL; + if (bus_match_rule_get_client_is_eavesdropping (rule) && + !bus_apparmor_allows_eavesdropping (connection, bustype, error)) + goto failed; + matchmaker = bus_connection_get_matchmaker (connection); if (!bus_matchmaker_add_rule (matchmaker, rule)) @@ -1646,6 +1656,7 @@ bus_driver_handle_get_connection_credentials (DBusConnection *connection, DBusMessageIter reply_iter; DBusMessageIter array_iter; unsigned long ulong_val; + char *s; const char *service; _DBUS_ASSERT_ERROR_IS_CLEAR (error); @@ -1680,6 +1691,45 @@ bus_driver_handle_get_connection_credentials (DBusConnection *connection, goto oom; } + if (dbus_connection_get_windows_user (conn, &s)) + { + DBusString str; + dbus_bool_t result; + + if (s == NULL) + goto oom; + + _dbus_string_init_const (&str, s); + result = _dbus_validate_utf8 (&str, 0, _dbus_string_get_length (&str)); + _dbus_string_free (&str); + if (result) + { + if (!_dbus_asv_add_string (&array_iter, "WindowsSID", s)) + { + dbus_free (s); + goto oom; + } + } + dbus_free (s); + } + + if (_dbus_connection_get_linux_security_label (conn, &s)) + { + if (s == NULL) + goto oom; + + /* use the GVariant bytestring convention for strings of unknown + * encoding: include the \0 in the payload, for zero-copy reading */ + if (!_dbus_asv_add_byte_array (&array_iter, "LinuxSecurityLabel", + s, strlen (s) + 1)) + { + dbus_free (s); + goto oom; + } + + dbus_free (s); + } + if (!_dbus_asv_close (&reply_iter, &array_iter)) goto oom; @@ -1746,6 +1796,72 @@ bus_driver_handle_reload_config (DBusConnection *connection, return FALSE; } +#ifdef DBUS_ENABLE_VERBOSE_MODE +static dbus_bool_t +bus_driver_handle_enable_verbose (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, + DBusError *error) +{ + DBusMessage *reply = NULL; + + _DBUS_ASSERT_ERROR_IS_CLEAR (error); + + reply = dbus_message_new_method_return (message); + if (reply == NULL) + goto oom; + + if (! bus_transaction_send_from_driver (transaction, connection, reply)) + goto oom; + + _dbus_set_verbose(TRUE); + + dbus_message_unref (reply); + return TRUE; + + oom: + _DBUS_ASSERT_ERROR_IS_CLEAR (error); + + BUS_SET_OOM (error); + + if (reply) + dbus_message_unref (reply); + return FALSE; +} + +static dbus_bool_t +bus_driver_handle_disable_verbose (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, + DBusError *error) +{ + DBusMessage *reply = NULL; + + _DBUS_ASSERT_ERROR_IS_CLEAR (error); + + reply = dbus_message_new_method_return (message); + if (reply == NULL) + goto oom; + + if (! bus_transaction_send_from_driver (transaction, connection, reply)) + goto oom; + + _dbus_set_verbose(FALSE); + + dbus_message_unref (reply); + return TRUE; + + oom: + _DBUS_ASSERT_ERROR_IS_CLEAR (error); + + BUS_SET_OOM (error); + + if (reply) + dbus_message_unref (reply); + return FALSE; +} +#endif + static dbus_bool_t bus_driver_handle_get_id (DBusConnection *connection, BusTransaction *transaction, @@ -1808,6 +1924,8 @@ bus_driver_handle_become_monitor (DBusConnection *connection, DBusError *error) { char **match_rules = NULL; + const char *bustype; + BusContext *context; BusMatchRule *rule; DBusList *rules = NULL; DBusList *iter; @@ -1822,6 +1940,11 @@ bus_driver_handle_become_monitor (DBusConnection *connection, if (!bus_driver_check_message_is_for_us (message, error)) goto out; + context = bus_transaction_get_context (transaction); + bustype = context ? bus_context_get_type (context) : NULL; + if (!bus_apparmor_allows_eavesdropping (connection, bustype, error)) + goto out; + if (!bus_driver_check_caller_is_privileged (connection, transaction, message, error)) goto out; @@ -2018,6 +2141,14 @@ static const MessageHandler monitoring_message_handlers[] = { { NULL, NULL, NULL, NULL } }; +#ifdef DBUS_ENABLE_VERBOSE_MODE +static const MessageHandler verbose_message_handlers[] = { + { "EnableVerbose", "", "", bus_driver_handle_enable_verbose}, + { "DisableVerbose", "", "", bus_driver_handle_disable_verbose}, + { NULL, NULL, NULL, NULL } +}; +#endif + #ifdef DBUS_ENABLE_STATS static const MessageHandler stats_message_handlers[] = { { "GetStats", "", "a{sv}", bus_stats_handle_get_stats }, @@ -2050,6 +2181,9 @@ static InterfaceHandler interface_handlers[] = { " </signal>\n" }, { DBUS_INTERFACE_INTROSPECTABLE, introspectable_message_handlers, NULL }, { DBUS_INTERFACE_MONITORING, monitoring_message_handlers, NULL }, +#ifdef DBUS_ENABLE_VERBOSE_MODE + { DBUS_INTERFACE_VERBOSE, verbose_message_handlers, NULL }, +#endif #ifdef DBUS_ENABLE_STATS { BUS_INTERFACE_STATS, stats_message_handlers, NULL }, #endif |