From 95717a938b237d12211935f6a7467ef610288fe5 Mon Sep 17 00:00:00 2001 From: Havoc Pennington Date: Mon, 18 Aug 2003 15:27:33 +0000 Subject: 2003-08-17 Havoc Pennington This doesn't compile yet, but syncing up so I can hack on it from work. What are branches for if not broken code? ;-) * dbus/dbus-protocol.h: remove DBUS_HEADER_FIELD_NAME, add DBUS_HEADER_FIELD_INTERFACE, DBUS_HEADER_FIELD_MEMBER, DBUS_HEADER_FIELD_ERROR_NAME * dbus/dbus-hash.c: Introduce DBUS_HASH_TWO_STRINGS as hack to use for the interface+member pairs (string_hash): change to use g_str_hash algorithm (find_direct_function, find_string_function): refactor these to share most code. * dbus/dbus-message.c: port all of this over to support interface/member fields instead of name field * dbus/dbus-object-registry.c: port over * dbus/dbus-string.c (_dbus_string_validate_interface): rename from _dbus_string_validate_name * bus/dbus-daemon-1.1: change file format for the / stuff to match new message naming scheme * bus/policy.c: port over * bus/config-parser.c: parse new format --- bus/policy.c | 76 +++++++++++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 60 insertions(+), 16 deletions(-) (limited to 'bus/policy.c') diff --git a/bus/policy.c b/bus/policy.c index 2f8e2ca3..3b3ceb4e 100644 --- a/bus/policy.c +++ b/bus/policy.c @@ -80,11 +80,15 @@ bus_policy_rule_unref (BusPolicyRule *rule) switch (rule->type) { case BUS_POLICY_RULE_SEND: - dbus_free (rule->d.send.message_name); + dbus_free (rule->d.send.interface); + dbus_free (rule->d.send.member); + dbus_free (rule->d.send.error); dbus_free (rule->d.send.destination); break; case BUS_POLICY_RULE_RECEIVE: - dbus_free (rule->d.receive.message_name); + dbus_free (rule->d.receive.interface); + dbus_free (rule->d.receive.member); + dbus_free (rule->d.receive.error); dbus_free (rule->d.receive.origin); break; case BUS_POLICY_RULE_OWN: @@ -680,8 +684,8 @@ bus_client_policy_optimize (BusClientPolicy *policy) /* The idea here is that if we have: * - * - * + * + * * * (for example) the deny will always override the allow. So we * delete the allow. Ditto for deny followed by allow, etc. This is @@ -713,12 +717,16 @@ bus_client_policy_optimize (BusClientPolicy *policy) { case BUS_POLICY_RULE_SEND: remove_preceding = - rule->d.send.message_name == NULL && + rule->d.send.interface == NULL && + rule->d.send.member == NULL && + rule->d.send.error == NULL && rule->d.send.destination == NULL; break; case BUS_POLICY_RULE_RECEIVE: remove_preceding = - rule->d.receive.message_name == NULL && + rule->d.receive.interface == NULL && + rule->d.receive.member == NULL && + rule->d.receive.error == NULL && rule->d.receive.origin == NULL; break; case BUS_POLICY_RULE_OWN: @@ -791,16 +799,34 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, continue; } - if (rule->d.send.message_name != NULL) + if (rule->d.send.interface != NULL) { - if (!dbus_message_has_name (message, - rule->d.send.message_name)) + if (!dbus_message_has_interface (message, + rule->d.send.interface)) { - _dbus_verbose (" (policy) skipping rule for different message name\n"); + _dbus_verbose (" (policy) skipping rule for different interface\n"); continue; } } - + else if (rule->d.send.member != NULL) + { + if (!dbus_message_has_member (message, + rule->d.send.member)) + { + _dbus_verbose (" (policy) skipping rule for different member\n"); + continue; + } + } + else if (rule->d.send.error != NULL) + { + if (!dbus_message_has_error_name (message, + rule->d.send.error)) + { + _dbus_verbose (" (policy) skipping rule for different error name\n"); + continue; + } + } + if (rule->d.send.destination != NULL) { /* receiver can be NULL for messages that are sent to the @@ -886,16 +912,34 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, continue; } - if (rule->d.receive.message_name != NULL) + if (rule->d.receive.interface != NULL) { - if (!dbus_message_has_name (message, - rule->d.receive.message_name)) + if (!dbus_message_has_interface (message, + rule->d.receive.interface)) { - _dbus_verbose (" (policy) skipping rule for different message name\n"); + _dbus_verbose (" (policy) skipping rule for different interface\n"); continue; } } - + else if (rule->d.receive.member != NULL) + { + if (!dbus_message_has_member (message, + rule->d.receive.member)) + { + _dbus_verbose (" (policy) skipping rule for different member\n"); + continue; + } + } + else if (rule->d.receive.error != NULL) + { + if (!dbus_message_has_error_name (message, + rule->d.receive.error)) + { + _dbus_verbose (" (policy) skipping rule for different error name\n"); + continue; + } + } + if (rule->d.receive.origin != NULL) { /* sender can be NULL for messages that originate from the -- cgit From 68a3c593b9e77b33614726363c7b6fd85d113021 Mon Sep 17 00:00:00 2001 From: Havoc Pennington Date: Mon, 18 Aug 2003 22:43:30 +0000 Subject: 2003-08-18 Havoc Pennington * dbus/dbus-hash.c (_dbus_hash_table_insert_two_strings): fix * dbus/dbus-message.c (_dbus_message_loader_queue_messages): fix dumb bug created earlier (wrong order of args to decode_header_data()) * tools/dbus-send.c: port * tools/dbus-print-message.c (print_message): port * test/data/*messages: port all messages over * dbus/dbus-message-builder.c: support including message type * bus/driver.c: port over * bus/dispatch.c: port over to new stuff * dbus/dbus-connection.c (_dbus_connection_new_for_transport): rename disconnect signal to "Disconnected" --- bus/policy.c | 30 ++++++++++++++++++------------ 1 file changed, 18 insertions(+), 12 deletions(-) (limited to 'bus/policy.c') diff --git a/bus/policy.c b/bus/policy.c index 3b3ceb4e..04ea4230 100644 --- a/bus/policy.c +++ b/bus/policy.c @@ -801,8 +801,9 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, if (rule->d.send.interface != NULL) { - if (!dbus_message_has_interface (message, - rule->d.send.interface)) + if (dbus_message_get_interface (message) == NULL || + strcmp (dbus_message_get_interface (message), + rule->d.send.interface) != 0) { _dbus_verbose (" (policy) skipping rule for different interface\n"); continue; @@ -810,8 +811,9 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, } else if (rule->d.send.member != NULL) { - if (!dbus_message_has_member (message, - rule->d.send.member)) + if (dbus_message_get_member (message) == NULL || + strcmp (dbus_message_get_member (message), + rule->d.send.member) != 0) { _dbus_verbose (" (policy) skipping rule for different member\n"); continue; @@ -819,8 +821,9 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, } else if (rule->d.send.error != NULL) { - if (!dbus_message_has_error_name (message, - rule->d.send.error)) + if (dbus_message_get_error_name (message) == NULL || + strcmp (dbus_message_get_error_name (message), + rule->d.send.error) != 0) { _dbus_verbose (" (policy) skipping rule for different error name\n"); continue; @@ -914,8 +917,9 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, if (rule->d.receive.interface != NULL) { - if (!dbus_message_has_interface (message, - rule->d.receive.interface)) + if (dbus_message_get_interface (message) == NULL || + strcmp (dbus_message_get_interface (message), + rule->d.receive.interface) != 0) { _dbus_verbose (" (policy) skipping rule for different interface\n"); continue; @@ -923,8 +927,9 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, } else if (rule->d.receive.member != NULL) { - if (!dbus_message_has_member (message, - rule->d.receive.member)) + if (dbus_message_get_member (message) == NULL || + strcmp (dbus_message_get_member (message), + rule->d.receive.member) != 0) { _dbus_verbose (" (policy) skipping rule for different member\n"); continue; @@ -932,8 +937,9 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, } else if (rule->d.receive.error != NULL) { - if (!dbus_message_has_error_name (message, - rule->d.receive.error)) + if (dbus_message_get_error_name (message) == NULL || + strcmp (dbus_message_get_error_name (message), + rule->d.receive.error) != 0) { _dbus_verbose (" (policy) skipping rule for different error name\n"); continue; -- cgit From d0c588575e3e2911eacb098fac26f02d1010cbfd Mon Sep 17 00:00:00 2001 From: Havoc Pennington Date: Wed, 20 Aug 2003 14:48:04 +0000 Subject: 2003-08-19 Havoc Pennington * dbus/dbus-message.c (decode_string_field): support FIELD_SENDER (dbus_message_is_error): fix this function * bus/dbus-daemon-1.1: clarify logic on when / rules match * bus/policy.c (bus_client_policy_check_can_receive): fix code to reflect clarified man page (bus_client_policy_check_can_send): ditto * bus/session.conf.in: fixup * bus/system.conf.in: fixup --- bus/policy.c | 35 +++++++++++++++++------------------ 1 file changed, 17 insertions(+), 18 deletions(-) (limited to 'bus/policy.c') diff --git a/bus/policy.c b/bus/policy.c index 04ea4230..f7978c05 100644 --- a/bus/policy.c +++ b/bus/policy.c @@ -801,7 +801,7 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, if (rule->d.send.interface != NULL) { - if (dbus_message_get_interface (message) == NULL || + if (dbus_message_get_interface (message) != NULL && strcmp (dbus_message_get_interface (message), rule->d.send.interface) != 0) { @@ -809,9 +809,10 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, continue; } } - else if (rule->d.send.member != NULL) + + if (rule->d.send.member != NULL) { - if (dbus_message_get_member (message) == NULL || + if (dbus_message_get_member (message) != NULL && strcmp (dbus_message_get_member (message), rule->d.send.member) != 0) { @@ -819,9 +820,10 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, continue; } } - else if (rule->d.send.error != NULL) + + if (rule->d.send.error != NULL) { - if (dbus_message_get_error_name (message) == NULL || + if (dbus_message_get_error_name (message) != NULL && strcmp (dbus_message_get_error_name (message), rule->d.send.error) != 0) { @@ -902,32 +904,28 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, { BusPolicyRule *rule = link->data; - link = _dbus_list_get_next_link (&policy->rules, link); - - /* Rule is skipped if it specifies a different - * message name from the message, or a different - * origin from the message - */ + link = _dbus_list_get_next_link (&policy->rules, link); if (rule->type != BUS_POLICY_RULE_RECEIVE) { _dbus_verbose (" (policy) skipping non-receive rule\n"); continue; } - + if (rule->d.receive.interface != NULL) { - if (dbus_message_get_interface (message) == NULL || + if (dbus_message_get_interface (message) != NULL && strcmp (dbus_message_get_interface (message), rule->d.receive.interface) != 0) { _dbus_verbose (" (policy) skipping rule for different interface\n"); continue; } - } - else if (rule->d.receive.member != NULL) + } + + if (rule->d.receive.member != NULL) { - if (dbus_message_get_member (message) == NULL || + if (dbus_message_get_member (message) != NULL && strcmp (dbus_message_get_member (message), rule->d.receive.member) != 0) { @@ -935,9 +933,10 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, continue; } } - else if (rule->d.receive.error != NULL) + + if (rule->d.receive.error != NULL) { - if (dbus_message_get_error_name (message) == NULL || + if (dbus_message_get_error_name (message) != NULL && strcmp (dbus_message_get_error_name (message), rule->d.receive.error) != 0) { -- cgit From 83e41dff82abe99e1a35e70ca0bb60672204ffcd Mon Sep 17 00:00:00 2001 From: Havoc Pennington Date: Sat, 6 Sep 2003 21:12:11 +0000 Subject: 2003-09-06 Havoc Pennington * doc/dbus-specification.sgml: partial updates * bus/dbus-daemon-1.1.in: fix the config file docs for the zillionth time; hopefully I edited the right file this time. * bus/config-parser.c (append_rule_from_element): support send_type, send_path, receive_type, receive_path * bus/policy.c: add message type and path to the list of things that can be "firewalled" --- bus/policy.c | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) (limited to 'bus/policy.c') diff --git a/bus/policy.c b/bus/policy.c index f7978c05..21d0b02e 100644 --- a/bus/policy.c +++ b/bus/policy.c @@ -52,7 +52,11 @@ bus_policy_rule_new (BusPolicyRuleType type, rule->d.group.gid = DBUS_GID_UNSET; break; case BUS_POLICY_RULE_SEND: + rule->d.send.message_type = DBUS_MESSAGE_TYPE_INVALID; + break; case BUS_POLICY_RULE_RECEIVE: + rule->d.receive.message_type = DBUS_MESSAGE_TYPE_INVALID; + break; case BUS_POLICY_RULE_OWN: break; } @@ -80,12 +84,14 @@ bus_policy_rule_unref (BusPolicyRule *rule) switch (rule->type) { case BUS_POLICY_RULE_SEND: + dbus_free (rule->d.send.path); dbus_free (rule->d.send.interface); dbus_free (rule->d.send.member); dbus_free (rule->d.send.error); dbus_free (rule->d.send.destination); break; case BUS_POLICY_RULE_RECEIVE: + dbus_free (rule->d.receive.path); dbus_free (rule->d.receive.interface); dbus_free (rule->d.receive.member); dbus_free (rule->d.receive.error); @@ -717,6 +723,8 @@ bus_client_policy_optimize (BusClientPolicy *policy) { case BUS_POLICY_RULE_SEND: remove_preceding = + rule->d.send.message_type == DBUS_MESSAGE_TYPE_INVALID && + rule->d.send.path == NULL && rule->d.send.interface == NULL && rule->d.send.member == NULL && rule->d.send.error == NULL && @@ -724,6 +732,8 @@ bus_client_policy_optimize (BusClientPolicy *policy) break; case BUS_POLICY_RULE_RECEIVE: remove_preceding = + rule->d.receive.message_type == DBUS_MESSAGE_TYPE_INVALID && + rule->d.receive.path == NULL && rule->d.receive.interface == NULL && rule->d.receive.member == NULL && rule->d.receive.error == NULL && @@ -799,6 +809,26 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, continue; } + if (rule->d.send.message_type != DBUS_MESSAGE_TYPE_INVALID) + { + if (dbus_message_get_type (message) != rule->d.send.message_type) + { + _dbus_verbose (" (policy) skipping rule for different message type\n"); + continue; + } + } + + if (rule->d.send.path != NULL) + { + if (dbus_message_get_path (message) != NULL && + strcmp (dbus_message_get_path (message), + rule->d.send.path) != 0) + { + _dbus_verbose (" (policy) skipping rule for different path\n"); + continue; + } + } + if (rule->d.send.interface != NULL) { if (dbus_message_get_interface (message) != NULL && @@ -911,6 +941,26 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, _dbus_verbose (" (policy) skipping non-receive rule\n"); continue; } + + if (rule->d.receive.message_type != DBUS_MESSAGE_TYPE_INVALID) + { + if (dbus_message_get_type (message) != rule->d.receive.message_type) + { + _dbus_verbose (" (policy) skipping rule for different message type\n"); + continue; + } + } + + if (rule->d.receive.path != NULL) + { + if (dbus_message_get_path (message) != NULL && + strcmp (dbus_message_get_path (message), + rule->d.receive.path) != 0) + { + _dbus_verbose (" (policy) skipping rule for different path\n"); + continue; + } + } if (rule->d.receive.interface != NULL) { -- cgit From a683a80c409cc4f2e57ba6a3e60d52f91b8657d0 Mon Sep 17 00:00:00 2001 From: Havoc Pennington Date: Sun, 21 Sep 2003 19:53:56 +0000 Subject: 2003-09-21 Havoc Pennington Get matching rules mostly working in the bus; only actually parsing the rule text remains. However, the client side of "signal connections" hasn't been started, this patch is only the bus side. * dbus/dispatch.c: fix for the matching rules changes * bus/driver.c (bus_driver_handle_remove_match) (bus_driver_handle_add_match): send an ack reply from these method calls * glib/dbus-gproxy.c (dbus_gproxy_begin_call): fix order of arguments, reported by Seth Nickell * bus/config-parser.c (append_rule_from_element): support eavesdrop=true|false attribute on policies so match rules can be prevented from snooping on the system bus. * bus/dbus-daemon-1.1.in: consistently use terminology "sender" and "destination" in attribute names; fix some docs bugs; add eavesdrop=true|false attribute * bus/driver.c (bus_driver_handle_add_match) (bus_driver_handle_remove_match): handle AddMatch, RemoveMatch messages * dbus/dbus-protocol.h (DBUS_SERVICE_ORG_FREEDESKTOP_BROADCAST): get rid of broadcast service concept, signals are just always broadcast * bus/signals.c, bus/dispatch.c, bus/connection.c, bus/bus.c: mostly implement matching rules stuff (currently only exposed as signal connections) --- bus/policy.c | 39 +++++++++++++++++++++++++++++++++++++-- 1 file changed, 37 insertions(+), 2 deletions(-) (limited to 'bus/policy.c') diff --git a/bus/policy.c b/bus/policy.c index 21d0b02e..2d462fb6 100644 --- a/bus/policy.c +++ b/bus/policy.c @@ -917,16 +917,33 @@ dbus_bool_t bus_client_policy_check_can_receive (BusClientPolicy *policy, BusRegistry *registry, DBusConnection *sender, + DBusConnection *addressed_recipient, + DBusConnection *proposed_recipient, DBusMessage *message) { DBusList *link; dbus_bool_t allowed; + dbus_bool_t eavesdropping; + + /* NULL sender, proposed_recipient means the bus driver. NULL + * addressed_recipient means the message didn't specify an explicit + * target. If proposed_recipient is NULL, then addressed_recipient + * is also NULL but is implicitly the bus driver. + */ + + _dbus_assert (proposed_recipient == NULL || + (dbus_message_get_destination (message) == NULL || + addressed_recipient != NULL)); + + eavesdropping = + (proposed_recipient == NULL || /* explicitly to bus driver */ + (addressed_recipient && addressed_recipient != proposed_recipient)); /* explicitly to a different recipient */ /* policy->rules is in the order the rules appeared * in the config file, i.e. last rule that applies wins */ - _dbus_verbose (" (policy) checking receive rules\n"); + _dbus_verbose (" (policy) checking receive rules, eavesdropping = %d\n", eavesdropping); allowed = FALSE; link = _dbus_list_get_first_link (&policy->rules); @@ -950,6 +967,24 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, continue; } } + + /* for allow, eavesdrop=false means the rule doesn't apply when + * eavesdropping. eavesdrop=true means always allow. + */ + if (eavesdropping && rule->allow && !rule->d.receive.eavesdrop) + { + _dbus_verbose (" (policy) skipping allow rule since it doesn't apply to eavesdropping\n"); + continue; + } + + /* for deny, eavesdrop=true means the rule applies only when + * eavesdropping; eavesdrop=false means always deny. + */ + if (!eavesdropping && !rule->allow && rule->d.receive.eavesdrop) + { + _dbus_verbose (" (policy) skipping deny rule since it only applies to eavesdropping\n"); + continue; + } if (rule->d.receive.path != NULL) { @@ -1036,7 +1071,7 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, } } } - + /* Use this rule */ allowed = rule->allow; -- cgit