summaryrefslogtreecommitdiff
path: root/src/bus-proxyd/bus-xml-policy.c
diff options
context:
space:
mode:
authorDavid Herrmann <dh.herrmann@gmail.com>2015-01-17 21:18:52 +0100
committerDavid Herrmann <dh.herrmann@gmail.com>2015-01-17 21:18:52 +0100
commit7447362c530e3f7128f16a35d1e43da4251144cc (patch)
tree44798592452cd748e3f03bdd884ceee74728500f /src/bus-proxyd/bus-xml-policy.c
parent0d620e53360f8d1dd7fd750d26a9b273a6f4fc0b (diff)
bus-proxy: don't print error-messages if we check multiple dests
If we test the policy against multiple destination names, we really should not print warnings if one of the names results in DENY. Instead, pass the whole array of names to the policy and let it deal with it.
Diffstat (limited to 'src/bus-proxyd/bus-xml-policy.c')
-rw-r--r--src/bus-proxyd/bus-xml-policy.c127
1 files changed, 100 insertions, 27 deletions
diff --git a/src/bus-proxyd/bus-xml-policy.c b/src/bus-proxyd/bus-xml-policy.c
index 0c60b6b6eb..f7f3388ba9 100644
--- a/src/bus-proxyd/bus-xml-policy.c
+++ b/src/bus-proxyd/bus-xml-policy.c
@@ -22,6 +22,7 @@
#include "xml.h"
#include "fileio.h"
#include "strv.h"
+#include "set.h"
#include "conf-files.h"
#include "bus-internal.h"
#include "bus-message.h"
@@ -865,15 +866,14 @@ bool policy_check_hello(Policy *p, uid_t uid, gid_t gid) {
return verdict == ALLOW;
}
-bool policy_check_recv(Policy *p,
- uid_t uid,
- gid_t gid,
- int message_type,
- const char *name,
- const char *path,
- const char *interface,
- const char *member,
- bool dbus_to_kernel) {
+bool policy_check_one_recv(Policy *p,
+ uid_t uid,
+ gid_t gid,
+ int message_type,
+ const char *name,
+ const char *path,
+ const char *interface,
+ const char *member) {
struct policy_check_filter filter = {
.class = POLICY_ITEM_RECV,
@@ -886,30 +886,64 @@ bool policy_check_recv(Policy *p,
.member = member,
};
- int verdict;
-
assert(p);
- verdict = policy_check(p, &filter);
-
- log_full(LOG_AUTH | (verdict != ALLOW ? LOG_WARNING : LOG_DEBUG),
- "Receive permission check %s for uid=" UID_FMT " gid=" GID_FMT" message=%s name=%s path=%s interface=%s member=%s: %s",
- dbus_to_kernel ? "dbus-1 to kernel" : "kernel to dbus-1", uid, gid, bus_message_type_to_string(message_type), strna(name),
- strna(path), strna(interface), strna(member), strna(verdict_to_string(verdict)));
-
- return verdict == ALLOW;
+ return policy_check(p, &filter) == ALLOW;
}
-bool policy_check_send(Policy *p,
+bool policy_check_recv(Policy *p,
uid_t uid,
gid_t gid,
int message_type,
- const char *name,
+ Set *names,
+ char **namesv,
const char *path,
const char *interface,
const char *member,
bool dbus_to_kernel) {
+ char *n, **nv, *last = NULL;
+ bool allow = false;
+ Iterator i;
+
+ assert(p);
+
+ if (set_isempty(names) && strv_isempty(namesv)) {
+ allow = policy_check_one_recv(p, uid, gid, message_type, NULL, path, interface, member);
+ } else {
+ SET_FOREACH(n, names, i) {
+ last = n;
+ allow = policy_check_one_recv(p, uid, gid, message_type, n, path, interface, member);
+ if (allow)
+ break;
+ }
+ if (!allow) {
+ STRV_FOREACH(nv, namesv) {
+ last = *nv;
+ allow = policy_check_one_recv(p, uid, gid, message_type, *nv, path, interface, member);
+ if (allow)
+ break;
+ }
+ }
+ }
+
+ log_full(LOG_AUTH | (!allow ? LOG_WARNING : LOG_DEBUG),
+ "Receive permission check %s for uid=" UID_FMT " gid=" GID_FMT" message=%s name=%s path=%s interface=%s member=%s: %s",
+ dbus_to_kernel ? "dbus-1 to kernel" : "kernel to dbus-1", uid, gid, bus_message_type_to_string(message_type), strna(last),
+ strna(path), strna(interface), strna(member), allow ? "ALLOW" : "DENY");
+
+ return allow;
+}
+
+bool policy_check_one_send(Policy *p,
+ uid_t uid,
+ gid_t gid,
+ int message_type,
+ const char *name,
+ const char *path,
+ const char *interface,
+ const char *member) {
+
struct policy_check_filter filter = {
.class = POLICY_ITEM_SEND,
.uid = uid,
@@ -921,18 +955,57 @@ bool policy_check_send(Policy *p,
.member = member,
};
- int verdict;
+ assert(p);
+
+ return policy_check(p, &filter) == ALLOW;
+}
+
+bool policy_check_send(Policy *p,
+ uid_t uid,
+ gid_t gid,
+ int message_type,
+ Set *names,
+ char **namesv,
+ const char *path,
+ const char *interface,
+ const char *member,
+ bool dbus_to_kernel,
+ char **out_used_name) {
+
+ char *n, **nv, *last = NULL;
+ bool allow = false;
+ Iterator i;
assert(p);
- verdict = policy_check(p, &filter);
+ if (set_isempty(names) && strv_isempty(namesv)) {
+ allow = policy_check_one_send(p, uid, gid, message_type, NULL, path, interface, member);
+ } else {
+ SET_FOREACH(n, names, i) {
+ last = n;
+ allow = policy_check_one_send(p, uid, gid, message_type, n, path, interface, member);
+ if (allow)
+ break;
+ }
+ if (!allow) {
+ STRV_FOREACH(nv, namesv) {
+ last = *nv;
+ allow = policy_check_one_send(p, uid, gid, message_type, *nv, path, interface, member);
+ if (allow)
+ break;
+ }
+ }
+ }
- log_full(LOG_AUTH | (verdict != ALLOW ? LOG_WARNING : LOG_DEBUG),
+ if (out_used_name)
+ *out_used_name = last;
+
+ log_full(LOG_AUTH | (!allow ? LOG_WARNING : LOG_DEBUG),
"Send permission check %s for uid=" UID_FMT " gid=" GID_FMT" message=%s name=%s path=%s interface=%s member=%s: %s",
- dbus_to_kernel ? "dbus-1 to kernel" : "kernel to dbus-1", uid, gid, bus_message_type_to_string(message_type), strna(name),
- strna(path), strna(interface), strna(member), strna(verdict_to_string(verdict)));
+ dbus_to_kernel ? "dbus-1 to kernel" : "kernel to dbus-1", uid, gid, bus_message_type_to_string(message_type), strna(last),
+ strna(path), strna(interface), strna(member), allow ? "ALLOW" : "DENY");
- return verdict == ALLOW;
+ return allow;
}
int policy_load(Policy *p, char **files) {