Age | Commit message (Collapse) | Author |
|
it passes with the bus proxy enforcement
|
|
|
|
We need to figure out which of the possible names satisfied the policy,
so we cannot do the iteration in check_policy_item() but have to leave it
to the users.
Test cases amended accordingly.
|
|
Just some cleanups around policy checks that came up during review.
The code is still not productive.
|
|
|
|
Both as documentation, and to make Coverity happy.
Fixes CID #1241495 and #1241496.
|
|
Instead of operating on an sd_bus_message object, expose an API that has 4
functions:
policy_check_own()
policy_check_hello()
policy_check_recv()
policy_check_send()
This also allows dropping extra code to parse message contents - the bus
proxy already has dedicated code paths for that, and we can hook into
those later.
Tests amended accordingly.
|
|
Add policy_check() to actually check whether an incoming message is allowed
by the policy. The code is not yet used from the proxy daemon, though.
|
|
|
|
This function is quite useful for debugging. Exiting from it seems
unnecessary.
|
|
Instead of making the function call itself recursively.
|
|
Do the lookup during parsing already, and set i->uid, or i->gid to the
numerical values.
|
|
|
|
In the D-Bus policy, the order of items matters, so make sure to store them
in the same order as they are parsed by the sax parser.
|
|
|
|
It is redundant to store 'hash' and 'compare' function pointers in
struct Hashmap separately. The functions always comprise a pair.
Store a single pointer to struct hash_ops instead.
systemd keeps hundreds of hashmaps, so this saves a little bit of
memory.
|
|
One missing string found.
A few things had to be moved around to make it possible to test them.
|
|
|
|
|
|
|
|
Lets allow LC_ALL=C without corrupted output
|
|
|
|
|
|
Enforcement is still missing, but at least we can parse it now.
|