From 52fa7a3af1322aa716e5afc08b60ff2e9e13c022 Mon Sep 17 00:00:00 2001 From: Lukasz Skalski Date: Tue, 10 Mar 2015 16:09:02 +0100 Subject: bus-proxy: add support for "GetConnectionCredentials" method GetConnectionCredentials method was added to dbus-1 specification more than one year ago. This method should return "[...] as many credentials as possible for the process connected to the server", but at this moment only "UnixUserID", "LinuxSecurityLabel" and "ProcessID" are defined by the specification. We should add support for next credentials after extending dbus-1 spec. --- src/bus-proxyd/driver.c | 85 +++++++++++++++++++++++++++++++++++++++++++-- src/bus-proxyd/synthesize.c | 2 +- src/bus-proxyd/synthesize.h | 2 ++ 3 files changed, 85 insertions(+), 4 deletions(-) (limited to 'src') diff --git a/src/bus-proxyd/driver.c b/src/bus-proxyd/driver.c index 3c613e4157..e63a95d875 100644 --- a/src/bus-proxyd/driver.c +++ b/src/bus-proxyd/driver.c @@ -49,9 +49,6 @@ static int get_creds_by_name(sd_bus *bus, const char *name, uint64_t mask, sd_bu if (r < 0) return r; - if ((c->mask & mask) != mask) - return -ENOTSUP; - *_creds = c; c = NULL; @@ -109,6 +106,10 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, SharedPoli " \n" " \n" " \n" + " \n" + " \n" + " \n" + " \n" " \n" " \n" " \n" @@ -212,6 +213,72 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, SharedPoli return synthetic_reply_method_return(m, NULL); + } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "GetConnectionCredentials")) { + _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL; + _cleanup_bus_message_unref_ sd_bus_message *reply = NULL; + _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; + + if (!sd_bus_message_has_signature(m, "s")) + return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, "Invalid parameters")); + + r = get_creds_by_message(a, m, SD_BUS_CREDS_PID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_SELINUX_CONTEXT, &creds, &error); + if (r < 0) + return synthetic_reply_method_errno(m, r, &error); + + r = sd_bus_message_new_method_return(m, &reply); + if (r < 0) + return synthetic_reply_method_errno(m, r, NULL); + + r = sd_bus_message_open_container(reply, 'a', "{sv}"); + if (r < 0) + return synthetic_reply_method_errno(m, r, NULL); + + /* Due to i.e. namespace translations some data might be missing */ + + if (creds->mask & SD_BUS_CREDS_PID) { + r = sd_bus_message_append(reply, "{sv}", "ProcessID", "u", (uint32_t) creds->pid); + if (r < 0) + return synthetic_reply_method_errno(m, r, NULL); + } + + if (creds->mask & SD_BUS_CREDS_EUID) { + r = sd_bus_message_append(reply, "{sv}", "UnixUserID", "u", (uint32_t) creds->euid); + if (r < 0) + return synthetic_reply_method_errno(m, r, NULL); + } + + if (creds->mask & SD_BUS_CREDS_SELINUX_CONTEXT) { + r = sd_bus_message_open_container(reply, 'e', "sv"); + if (r < 0) + return synthetic_reply_method_errno(m, r, NULL); + + r = sd_bus_message_append(reply, "s", "LinuxSecurityLabel"); + if (r < 0) + return synthetic_reply_method_errno(m, r, NULL); + + r = sd_bus_message_open_container(reply, 'v', "ay"); + if (r < 0) + return synthetic_reply_method_errno(m, r, NULL); + + r = sd_bus_message_append_array(reply, 'y', creds->label, strlen(creds->label)); + if (r < 0) + return synthetic_reply_method_errno(m, r, NULL); + + r = sd_bus_message_close_container(reply); + if (r < 0) + return synthetic_reply_method_errno(m, r, NULL); + + r = sd_bus_message_close_container(reply); + if (r < 0) + return synthetic_reply_method_errno(m, r, NULL); + } + + r = sd_bus_message_close_container(reply); + if (r < 0) + return synthetic_reply_method_errno(m, r, NULL); + + return synthetic_driver_send(m->bus, reply); + } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "GetConnectionSELinuxSecurityContext")) { _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL; _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; @@ -223,6 +290,9 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, SharedPoli if (r < 0) return synthetic_reply_method_errno(m, r, &error); + if (!(creds->mask & SD_BUS_CREDS_SELINUX_CONTEXT)) + return synthetic_reply_method_errno(m, -ENOTSUP, NULL); + return synthetic_reply_method_return(m, "y", creds->label, strlen(creds->label)); } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "GetConnectionUnixProcessID")) { @@ -236,6 +306,9 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, SharedPoli if (r < 0) return synthetic_reply_method_errno(m, r, &error); + if (!(creds->mask & SD_BUS_CREDS_PID)) + return synthetic_reply_method_errno(m, -ENOTSUP, NULL); + return synthetic_reply_method_return(m, "u", (uint32_t) creds->pid); } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "GetConnectionUnixUser")) { @@ -249,6 +322,9 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, SharedPoli if (r < 0) return synthetic_reply_method_errno(m, r, &error); + if (!(creds->mask & SD_BUS_CREDS_EUID)) + return synthetic_reply_method_errno(m, -ENOTSUP, NULL); + return synthetic_reply_method_return(m, "u", (uint32_t) creds->euid); } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "GetId")) { @@ -283,6 +359,9 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, SharedPoli if (r < 0) return synthetic_reply_method_errno(m, r, &error); + if (!(creds->mask & SD_BUS_CREDS_UNIQUE_NAME)) + return synthetic_reply_method_errno(m, -ENOTSUP, NULL); + return synthetic_reply_method_return(m, "s", creds->unique_name); } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "ListActivatableNames")) { diff --git a/src/bus-proxyd/synthesize.c b/src/bus-proxyd/synthesize.c index 542166f68a..67bcc7a242 100644 --- a/src/bus-proxyd/synthesize.c +++ b/src/bus-proxyd/synthesize.c @@ -30,7 +30,7 @@ #include "bus-util.h" #include "synthesize.h" -static int synthetic_driver_send(sd_bus *b, sd_bus_message *m) { +int synthetic_driver_send(sd_bus *b, sd_bus_message *m) { int r; assert(b); diff --git a/src/bus-proxyd/synthesize.h b/src/bus-proxyd/synthesize.h index a55f171cb2..e850350bc5 100644 --- a/src/bus-proxyd/synthesize.h +++ b/src/bus-proxyd/synthesize.h @@ -23,6 +23,8 @@ #include "sd-bus.h" +int synthetic_driver_send(sd_bus *b, sd_bus_message *m); + int synthetic_reply_method_return(sd_bus_message *call, const char *types, ...); int synthetic_reply_method_return_strv(sd_bus_message *call, char **l); -- cgit v1.2.3-54-g00ecf