From 777707ed8dff6958972a93894a87ec1945c65c14 Mon Sep 17 00:00:00 2001
From: Havoc Pennington <hp@redhat.com>
Date: Mon, 14 Apr 2003 02:29:21 +0000
Subject: 2003-04-13  Havoc Pennington  <hp@pobox.com>

	* dbus/dbus-mainloop.c: fix some reentrancy issues by refcounting
	callbacks

	* test/data/valid-config-files/debug-allow-all.conf.in: allow all
	users

	* dbus/dbus-transport.c (_dbus_transport_get_dispatch_status):
	fix to only recover unused bytes if we're already authenticated
	(_dbus_transport_get_is_authenticated): fix to still mark us
	authenticated if there are unused bytes.

	* bus/dispatch.c: implement security policy checking

	* bus/connection.c (bus_transaction_send_from_driver): new

	* bus/bus.c (bus_context_check_security_policy): new

	* bus/dispatch.c (send_service_nonexistent_error): delete this,
	now we just set the DBusError and it gets converted to an error
	reply.

	* bus/connection.c (allow_user_function): enable code using actual
	data from the config file

	* bus/policy.c (list_allows_user): handle wildcard rules for
	user/group connection perms
---
 bus/bus.c | 63 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 63 insertions(+)

(limited to 'bus/bus.c')

diff --git a/bus/bus.c b/bus/bus.c
index 31b43f22..7b7ea6f1 100644
--- a/bus/bus.c
+++ b/bus/bus.c
@@ -796,3 +796,66 @@ bus_context_get_activation_timeout (BusContext *context)
   
   return context->activation_timeout;
 }
+
+dbus_bool_t
+bus_context_check_security_policy (BusContext     *context,
+                                   DBusConnection *sender,
+                                   DBusConnection *recipient,
+                                   DBusMessage    *message,
+                                   DBusError      *error)
+{
+  BusClientPolicy *sender_policy;
+  BusClientPolicy *recipient_policy;
+
+  /* NULL sender/receiver means the bus driver */
+  
+  if (sender != NULL)
+    {
+      _dbus_assert (dbus_connection_get_is_authenticated (sender));
+      sender_policy = bus_connection_get_policy (sender);
+    }
+  else
+    sender_policy = NULL;
+
+  if (recipient != NULL)
+    {
+      _dbus_assert (dbus_connection_get_is_authenticated (recipient));
+      recipient_policy = bus_connection_get_policy (recipient);
+    }
+  else
+    recipient_policy = NULL;
+
+  if (sender_policy &&
+      !bus_client_policy_check_can_send (sender_policy,
+                                         context->registry, recipient,
+                                         message))
+    {
+      const char *dest = dbus_message_get_service (message);
+      dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
+                      "A security policy in place prevents this sender "
+                      "from sending this message to this recipient, "
+                      "see message bus configuration file (rejected message "
+                      "had name \"%s\" destination \"%s\")",
+                      dbus_message_get_name (message),
+                      dest ? dest : DBUS_SERVICE_DBUS);
+      return FALSE;
+    }
+
+  if (recipient_policy &&
+      !bus_client_policy_check_can_receive (recipient_policy,
+                                            context->registry, sender,
+                                            message))
+    {
+      const char *dest = dbus_message_get_service (message);
+      dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
+                      "A security policy in place prevents this recipient "
+                      "from receiving this message from this sender, "
+                      "see message bus configuration file (rejected message "
+                      "had name \"%s\" destination \"%s\")",
+                      dbus_message_get_name (message),
+                      dest ? dest : DBUS_SERVICE_DBUS);
+      return FALSE;
+    }
+
+  return TRUE;
+}
-- 
cgit