diff options
| author | Daniel Mack <daniel@zonque.org> | 2014-10-07 17:58:29 +0200 | 
|---|---|---|
| committer | Daniel Mack <daniel@zonque.org> | 2014-10-07 18:02:38 +0200 | 
| commit | e91c8c201931d6be8229d624c10ed9c7c210d470 (patch) | |
| tree | d4f22bea5d349bd725e3e57f9cdbdabff2122730 | |
| parent | 1b600437bac3c0676cc72f589909c4cbfe38ba10 (diff) | |
bus-proxyd: assorted cleanups and fixes
Just some cleanups around policy checks that came up during review.
The code is still not productive.
| -rw-r--r-- | src/bus-proxyd/bus-policy.c | 23 | ||||
| -rw-r--r-- | test/bus-policy/methods.conf | 2 | 
2 files changed, 14 insertions, 11 deletions
| diff --git a/src/bus-proxyd/bus-policy.c b/src/bus-proxyd/bus-policy.c index 2ff5d646f1..aea8541d50 100644 --- a/src/bus-proxyd/bus-policy.c +++ b/src/bus-proxyd/bus-policy.c @@ -604,7 +604,10 @@ struct policy_check_filter {          int message_type;          const char *interface;          const char *path; -        const char *member; +        union { +                const char *name; +                const char *member; +        };          char **names_strv;          Hashmap *names_hash;  }; @@ -633,7 +636,7 @@ static int check_policy_item(PolicyItem *i, const struct policy_check_filter *fi                                  break;                  } -                if (i->message_type && (i->message_type != filter->message_type)) +                if ((i->message_type != _POLICY_ITEM_CLASS_UNSET) && (i->message_type != filter->message_type))                          break;                  if (i->path && !streq_ptr(i->path, filter->path)) @@ -650,14 +653,14 @@ static int check_policy_item(PolicyItem *i, const struct policy_check_filter *fi          case POLICY_ITEM_OWN:                  assert(filter->member); -                if (streq(i->name, filter->member)) +                if (streq(i->name, "*") || streq(i->name, filter->name))                          return is_permissive(i);                  break;          case POLICY_ITEM_OWN_PREFIX:                  assert(filter->member); -                if (startswith(i->name, filter->member)) +                if (streq(i->name, "*") || startswith(i->name, filter->name))                          return is_permissive(i);                  break; @@ -747,9 +750,9 @@ static int policy_check(Policy *p, const struct policy_check_filter *filter) {  bool policy_check_own(Policy *p, const struct ucred *ucred, const char *name) {          struct policy_check_filter filter = { -                .class  = POLICY_ITEM_OWN, -                .ucred  = ucred, -                .member = name, +                .class = POLICY_ITEM_OWN, +                .ucred = ucred, +                .name  = name,          };          return policy_check(p, &filter) == ALLOW; @@ -758,21 +761,21 @@ bool policy_check_own(Policy *p, const struct ucred *ucred, const char *name) {  bool policy_check_hello(Policy *p, const struct ucred *ucred) {          struct policy_check_filter filter = { -                .class  = POLICY_ITEM_USER,                  .ucred  = ucred,          };          int user, group; +        filter.class = POLICY_ITEM_USER;          user = policy_check(p, &filter);          if (user == DENY)                  return false;          filter.class = POLICY_ITEM_GROUP;          group = policy_check(p, &filter); -        if (user == DUNNO && group == DUNNO) +        if (group == DENY)                  return false; -        return !(user == DENY || group == DENY); +        return !(user == DUNNO && group == DUNNO);  }  bool policy_check_recv(Policy *p, diff --git a/test/bus-policy/methods.conf b/test/bus-policy/methods.conf index 4d4675ea10..4bc38f9151 100644 --- a/test/bus-policy/methods.conf +++ b/test/bus-policy/methods.conf @@ -11,7 +11,7 @@                  <allow send_destination="org.test.test1" send_interface="org.test.int1"/>                  <allow send_destination="org.test.test1" send_interface="org.test.int2"/> -                <allow receive_sender="org.test.test3" receive_interface="org.test.int3" receiver_member="Member111"/> +                <allow receive_sender="org.test.test3" receive_interface="org.test.int3" receive_member="Member111"/>          </policy>  </busconfig> | 
