diff options
-rw-r--r-- | ChangeLog | 16 | ||||
-rw-r--r-- | bus/dispatch.c | 41 | ||||
-rw-r--r-- | bus/policy.c | 35 | ||||
-rw-r--r-- | bus/session.conf.in | 4 | ||||
-rw-r--r-- | bus/system.conf.in | 8 | ||||
-rw-r--r-- | dbus/dbus-message.c | 7 | ||||
-rw-r--r-- | test/data/valid-config-files/debug-allow-all-sha1.conf.in | 4 | ||||
-rw-r--r-- | test/data/valid-config-files/debug-allow-all.conf.in | 4 | ||||
-rw-r--r-- | test/data/valid-config-files/system.d/test.conf | 4 |
9 files changed, 78 insertions, 45 deletions
@@ -1,3 +1,19 @@ +2003-08-19 Havoc Pennington <hp@pobox.com> + + * dbus/dbus-message.c (decode_string_field): support FIELD_SENDER + (dbus_message_is_error): fix this function + + * bus/dbus-daemon-1.1: clarify logic on when <deny>/<allow> rules + match + + * bus/policy.c (bus_client_policy_check_can_receive): fix code to + reflect clarified man page + (bus_client_policy_check_can_send): ditto + + * bus/session.conf.in: fixup + + * bus/system.conf.in: fixup + 2003-08-18 Havoc Pennington <hp@redhat.com> * dbus/dbus-hash.c (_dbus_hash_table_insert_two_strings): fix diff --git a/bus/dispatch.c b/bus/dispatch.c index 8eda2500..16102aa0 100644 --- a/bus/dispatch.c +++ b/bus/dispatch.c @@ -418,11 +418,14 @@ pop_message_waiting_for_memory (DBusConnection *connection) } static void -warn_unexpected (DBusConnection *connection, - DBusMessage *message, - const char *expected) +warn_unexpected_real (DBusConnection *connection, + DBusMessage *message, + const char *expected, + const char *function, + int line) { - _dbus_warn ("Received message interface \"%s\" member \"%s\" error name \"%s\" on %p, expecting %s\n", + _dbus_warn ("%s:%d received message interface \"%s\" member \"%s\" error name \"%s\" on %p, expecting %s\n", + function, line, dbus_message_get_interface (message) ? dbus_message_get_interface (message) : "(unset)", dbus_message_get_member (message) ? @@ -433,6 +436,23 @@ warn_unexpected (DBusConnection *connection, expected); } +#define warn_unexpected(connection, message, expected) \ + warn_unexpected_real (connection, message, expected, _DBUS_FUNCTION_NAME, __LINE__) + +static void +verbose_message_received (DBusConnection *connection, + DBusMessage *message) +{ + _dbus_verbose ("Received message interface \"%s\" member \"%s\" error name \"%s\" on %p\n", + dbus_message_get_interface (message) ? + dbus_message_get_interface (message) : "(unset)", + dbus_message_get_member (message) ? + dbus_message_get_member (message) : "(unset)", + dbus_message_get_error_name (message) ? + dbus_message_get_error_name (message) : "(unset)", + connection); +} + typedef struct { const char *expected_service_name; @@ -748,8 +768,7 @@ check_hello_message (BusContext *context, goto out; } - _dbus_verbose ("Received message %p on %p\n", - message, connection); + verbose_message_received (connection, message); if (!dbus_message_has_sender (message, DBUS_SERVICE_ORG_FREEDESKTOP_DBUS)) { @@ -984,8 +1003,7 @@ check_nonexistent_service_activation (BusContext *context, goto out; } - _dbus_verbose ("Received message %p on %p\n", - message, connection); + verbose_message_received (connection, message); if (dbus_message_get_type (message) == DBUS_MESSAGE_TYPE_ERROR) { @@ -1542,8 +1560,8 @@ check_existent_service_activation (BusContext *context, goto out; } - _dbus_verbose ("Received message %p on %p after sending %s\n", - message, connection, "ActivateService"); + verbose_message_received (connection, message); + _dbus_verbose (" (after sending %s)\n", "ActivateService"); if (dbus_message_get_type (message) == DBUS_MESSAGE_TYPE_ERROR) { @@ -1748,8 +1766,7 @@ check_segfault_service_activation (BusContext *context, goto out; } - _dbus_verbose ("Received message %p on %p\n", - message, connection); + verbose_message_received (connection, message); if (dbus_message_get_type (message) == DBUS_MESSAGE_TYPE_ERROR) { diff --git a/bus/policy.c b/bus/policy.c index 04ea4230..f7978c05 100644 --- a/bus/policy.c +++ b/bus/policy.c @@ -801,7 +801,7 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, if (rule->d.send.interface != NULL) { - if (dbus_message_get_interface (message) == NULL || + if (dbus_message_get_interface (message) != NULL && strcmp (dbus_message_get_interface (message), rule->d.send.interface) != 0) { @@ -809,9 +809,10 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, continue; } } - else if (rule->d.send.member != NULL) + + if (rule->d.send.member != NULL) { - if (dbus_message_get_member (message) == NULL || + if (dbus_message_get_member (message) != NULL && strcmp (dbus_message_get_member (message), rule->d.send.member) != 0) { @@ -819,9 +820,10 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, continue; } } - else if (rule->d.send.error != NULL) + + if (rule->d.send.error != NULL) { - if (dbus_message_get_error_name (message) == NULL || + if (dbus_message_get_error_name (message) != NULL && strcmp (dbus_message_get_error_name (message), rule->d.send.error) != 0) { @@ -902,32 +904,28 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, { BusPolicyRule *rule = link->data; - link = _dbus_list_get_next_link (&policy->rules, link); - - /* Rule is skipped if it specifies a different - * message name from the message, or a different - * origin from the message - */ + link = _dbus_list_get_next_link (&policy->rules, link); if (rule->type != BUS_POLICY_RULE_RECEIVE) { _dbus_verbose (" (policy) skipping non-receive rule\n"); continue; } - + if (rule->d.receive.interface != NULL) { - if (dbus_message_get_interface (message) == NULL || + if (dbus_message_get_interface (message) != NULL && strcmp (dbus_message_get_interface (message), rule->d.receive.interface) != 0) { _dbus_verbose (" (policy) skipping rule for different interface\n"); continue; } - } - else if (rule->d.receive.member != NULL) + } + + if (rule->d.receive.member != NULL) { - if (dbus_message_get_member (message) == NULL || + if (dbus_message_get_member (message) != NULL && strcmp (dbus_message_get_member (message), rule->d.receive.member) != 0) { @@ -935,9 +933,10 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, continue; } } - else if (rule->d.receive.error != NULL) + + if (rule->d.receive.error != NULL) { - if (dbus_message_get_error_name (message) == NULL || + if (dbus_message_get_error_name (message) != NULL && strcmp (dbus_message_get_error_name (message), rule->d.receive.error) != 0) { diff --git a/bus/session.conf.in b/bus/session.conf.in index 673d8739..09dd250e 100644 --- a/bus/session.conf.in +++ b/bus/session.conf.in @@ -14,8 +14,8 @@ <policy context="default"> <!-- Allow everything --> - <allow send="*"/> - <allow receive="*"/> + <allow send_interface="*"/> + <allow receive_interface="*"/> <allow own="*"/> <allow user="*"/> </policy> diff --git a/bus/system.conf.in b/bus/system.conf.in index bd454ff3..96513a75 100644 --- a/bus/system.conf.in +++ b/bus/system.conf.in @@ -34,16 +34,16 @@ <policy context="default"> <!-- Deny everything then punch holes --> - <deny send="*"/> - <deny receive="*"/> + <deny send_interface="*"/> + <deny receive_interface="*"/> <deny own="*"/> <!-- But allow all users to connect --> <allow user="*"/> <!-- Allow anyone to talk to the message bus --> <!-- FIXME I think currently these allow rules are always implicit even if they aren't in here --> - <allow send_to="org.freedesktop.DBus"/> - <allow receive_from="org.freedesktop.DBus"/> + <allow send_service="org.freedesktop.DBus"/> + <allow receive_service="org.freedesktop.DBus"/> </policy> <!-- Config files are placed here that among other things, punch diff --git a/dbus/dbus-message.c b/dbus/dbus-message.c index c062c934..9b87c3d9 100644 --- a/dbus/dbus-message.c +++ b/dbus/dbus-message.c @@ -4155,7 +4155,7 @@ dbus_message_is_error (DBusMessage *message, if (dbus_message_get_type (message) != DBUS_MESSAGE_TYPE_ERROR) return FALSE; - n = dbus_message_get_member (message); + n = dbus_message_get_error_name (message); if (n && strcmp (n, error_name) == 0) return TRUE; @@ -4529,7 +4529,8 @@ decode_string_field (const DBusString *data, return FALSE; } } - else if (field == FIELD_SERVICE) + else if (field == FIELD_SERVICE || + field == FIELD_SENDER) { if (!_dbus_string_validate_service (&tmp, 0, _dbus_string_get_length (&tmp))) { @@ -4537,7 +4538,7 @@ decode_string_field (const DBusString *data, field_name, _dbus_string_get_const_data (&tmp)); return FALSE; } - } + } else { _dbus_assert_not_reached ("Unknown field\n"); diff --git a/test/data/valid-config-files/debug-allow-all-sha1.conf.in b/test/data/valid-config-files/debug-allow-all-sha1.conf.in index 6db93f0c..7fb76c55 100644 --- a/test/data/valid-config-files/debug-allow-all-sha1.conf.in +++ b/test/data/valid-config-files/debug-allow-all-sha1.conf.in @@ -8,8 +8,8 @@ <servicedir>@TEST_SERVICE_DIR@</servicedir> <auth>DBUS_COOKIE_SHA1</auth> <policy context="default"> - <allow send="*"/> - <allow receive="*"/> + <allow send_interface="*"/> + <allow receive_interface="*"/> <allow own="*"/> <allow user="*"/> </policy> diff --git a/test/data/valid-config-files/debug-allow-all.conf.in b/test/data/valid-config-files/debug-allow-all.conf.in index 0dd8ed4a..ea1aec8c 100644 --- a/test/data/valid-config-files/debug-allow-all.conf.in +++ b/test/data/valid-config-files/debug-allow-all.conf.in @@ -7,8 +7,8 @@ <listen>unix:tmpdir=@TEST_SOCKET_DIR@</listen> <servicedir>@TEST_SERVICE_DIR@</servicedir> <policy context="default"> - <allow send="*"/> - <allow receive="*"/> + <allow send_interface="*"/> + <allow receive_interface="*"/> <allow own="*"/> <allow user="*"/> </policy> diff --git a/test/data/valid-config-files/system.d/test.conf b/test/data/valid-config-files/system.d/test.conf index a683679e..3d1b2f54 100644 --- a/test/data/valid-config-files/system.d/test.conf +++ b/test/data/valid-config-files/system.d/test.conf @@ -9,12 +9,12 @@ this user can only send the one kind of message --> <policy user="fooserviceuser"> <allow own="org.foo.FooService"/> - <allow send="org.foo.FooBroadcastMessage"/> + <allow send_interface="org.foo.FooBroadcastInterface"/> </policy> <!-- Allow any connection to receive the message, but only if the message is sent by the owner of FooService --> <policy context="default"> - <allow receive="org.foo.FooBroadcastMessage" receive_from="org.foo.FooService"/> + <allow receive_interface="org.foo.FooBroadcastInterface" receive_service="org.foo.FooService"/> </policy> </busconfig> |