From 0674bbea9ce0958512411962c2d1623d88dad0b4 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 23 Apr 2015 00:37:47 +0200
Subject: core: explicitly specify credentials for direct connections, too

So far we authenticate direct connections primarily at connection time,
but let's also do this for each method individually, by attaching the
creds we need for that right away.
---
 src/core/dbus.c                    | 9 +++++++++
 src/libsystemd/sd-bus/bus-socket.c | 2 +-
 2 files changed, 10 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/core/dbus.c b/src/core/dbus.c
index 18754f606e..02b998c6d1 100644
--- a/src/core/dbus.c
+++ b/src/core/dbus.c
@@ -670,6 +670,15 @@ static int bus_on_connection(sd_event_source *s, int fd, uint32_t revents, void
                 return 0;
         }
 
+        r = sd_bus_negotiate_creds(bus, 1,
+                                   SD_BUS_CREDS_PID|SD_BUS_CREDS_UID|
+                                   SD_BUS_CREDS_EUID|SD_BUS_CREDS_EFFECTIVE_CAPS|
+                                   SD_BUS_CREDS_SELINUX_CONTEXT);
+        if (r < 0) {
+                log_warning_errno(r, "Failed to enable credentials for new connection: %m");
+                return 0;
+        }
+
         r = sd_bus_start(bus);
         if (r < 0) {
                 log_warning_errno(r, "Failed to start new connection bus: %m");
diff --git a/src/libsystemd/sd-bus/bus-socket.c b/src/libsystemd/sd-bus/bus-socket.c
index f97e15d5d2..6a55f9bfb4 100644
--- a/src/libsystemd/sd-bus/bus-socket.c
+++ b/src/libsystemd/sd-bus/bus-socket.c
@@ -916,7 +916,7 @@ static int bus_socket_make_message(sd_bus *bus, size_t size) {
                                     bus->rbuffer, size,
                                     bus->fds, bus->n_fds,
                                     !bus->bus_client && bus->ucred_valid ? &bus->ucred : NULL,
-                                    !bus->bus_client && bus->label[0] ? bus->label : NULL,
+                                    !bus->bus_client && !isempty(bus->label) ? bus->label : NULL,
                                     &t);
         if (r < 0) {
                 free(b);
-- 
cgit v1.2.3-54-g00ecf