[Telepathy-commits] [telepathy-gabble/master] Stream tubes: Check access_control in gabble_tube_stream_check_params() for both OfferStreamTube and AcceptStreamTube in both old tube interface and new tube interface.
Alban Crequy
alban.crequy at collabora.co.uk
Tue Nov 11 07:20:49 PST 2008
---
src/tube-stream.c | 219 ++++++++++++++++++++++++--------------------------
src/tubes-channel.c | 32 +-------
2 files changed, 106 insertions(+), 145 deletions(-)
diff --git a/src/tube-stream.c b/src/tube-stream.c
index 5becb1c..9d332f1 100644
--- a/src/tube-stream.c
+++ b/src/tube-stream.c
@@ -1528,8 +1528,18 @@ gabble_tube_stream_accept (GabbleTubeIface *tube,
GabbleTubeStream *self = GABBLE_TUBE_STREAM (tube);
GabbleTubeStreamPrivate *priv = GABBLE_TUBE_STREAM_GET_PRIVATE (self);
+ if (!gabble_tube_stream_check_params (priv->address_type, NULL,
+ priv->access_control, priv->access_control_param, error))
+ {
+ return FALSE;
+ }
+
if (priv->state != GABBLE_TUBE_CHANNEL_STATE_LOCAL_PENDING)
- return TRUE;
+ {
+ g_set_error (error, TP_ERRORS, TP_ERROR_INVALID_ARGUMENT,
+ "Tube is not in the local pending state");
+ return FALSE;
+ }
if (!tube_stream_open (self, error))
{
@@ -1684,57 +1694,60 @@ check_unix_params (TpSocketAddressType address_type,
g_assert (address_type == TP_SOCKET_ADDRESS_TYPE_UNIX);
/* Check address type */
- if (G_VALUE_TYPE (address) != DBUS_TYPE_G_UCHAR_ARRAY)
+ if (address != NULL)
{
- g_set_error (error, TP_ERRORS, TP_ERROR_INVALID_ARGUMENT,
- "Unix socket address is supposed to be ay");
- return FALSE;
- }
-
- array = g_value_get_boxed (address);
+ if (G_VALUE_TYPE (address) != DBUS_TYPE_G_UCHAR_ARRAY)
+ {
+ g_set_error (error, TP_ERRORS, TP_ERROR_INVALID_ARGUMENT,
+ "Unix socket address is supposed to be ay");
+ return FALSE;
+ }
- if (array->len > sizeof (dummy.sun_path) - 1)
- {
- g_set_error (error, TP_ERRORS, TP_ERROR_INVALID_ARGUMENT,
- "Unix socket path is too long (max length allowed: %"
- G_GSIZE_FORMAT ")",
- sizeof (dummy.sun_path) - 1);
- return FALSE;
- }
+ array = g_value_get_boxed (address);
- for (i = 0; i < array->len; i++)
- {
- if (g_array_index (array, gchar , i) == '\0')
+ if (array->len > sizeof (dummy.sun_path) - 1)
{
g_set_error (error, TP_ERRORS, TP_ERROR_INVALID_ARGUMENT,
- "Unix socket path can't contain zero bytes");
+ "Unix socket path is too long (max length allowed: %"
+ G_GSIZE_FORMAT ")",
+ sizeof (dummy.sun_path) - 1);
return FALSE;
}
- }
- socket_address = g_string_new_len (array->data, array->len);
+ for (i = 0; i < array->len; i++)
+ {
+ if (g_array_index (array, gchar , i) == '\0')
+ {
+ g_set_error (error, TP_ERRORS, TP_ERROR_INVALID_ARGUMENT,
+ "Unix socket path can't contain zero bytes");
+ return FALSE;
+ }
+ }
- if (g_stat (socket_address->str, &stat_buff) == -1)
- {
- DEBUG ("Error calling stat on socket: %s", g_strerror (errno));
+ socket_address = g_string_new_len (array->data, array->len);
- g_set_error (error, TP_ERRORS, TP_ERROR_INVALID_ARGUMENT, "%s: %s",
- socket_address->str, g_strerror (errno));
- g_string_free (socket_address, TRUE);
- return FALSE;
- }
+ if (g_stat (socket_address->str, &stat_buff) == -1)
+ {
+ DEBUG ("Error calling stat on socket: %s", g_strerror (errno));
- if (!S_ISSOCK (stat_buff.st_mode))
- {
- DEBUG ("%s is not a socket", socket_address->str);
+ g_set_error (error, TP_ERRORS, TP_ERROR_INVALID_ARGUMENT, "%s: %s",
+ socket_address->str, g_strerror (errno));
+ g_string_free (socket_address, TRUE);
+ return FALSE;
+ }
- g_set_error (error, TP_ERRORS, TP_ERROR_INVALID_ARGUMENT,
- "%s is not a socket", socket_address->str);
- g_string_free (socket_address, TRUE);
- return FALSE;
- }
+ if (!S_ISSOCK (stat_buff.st_mode))
+ {
+ DEBUG ("%s is not a socket", socket_address->str);
- g_string_free (socket_address, TRUE);
+ g_set_error (error, TP_ERRORS, TP_ERROR_INVALID_ARGUMENT,
+ "%s is not a socket", socket_address->str);
+ g_string_free (socket_address, TRUE);
+ return FALSE;
+ }
+
+ g_string_free (socket_address, TRUE);
+ }
if (access_control != TP_SOCKET_ACCESS_CONTROL_LOCALHOST)
{
@@ -1754,62 +1767,65 @@ check_ip_params (TpSocketAddressType address_type,
const GValue *access_control_param,
GError **error)
{
- gchar *ip;
- guint port;
- struct addrinfo req, *result = NULL;
- int ret;
-
/* Check address type */
- if (address_type == TP_SOCKET_ADDRESS_TYPE_IPV4)
+ if (address != NULL)
{
- if (G_VALUE_TYPE (address) != TP_STRUCT_TYPE_SOCKET_ADDRESS_IPV4)
+ gchar *ip;
+ guint port;
+ struct addrinfo req, *result = NULL;
+ int ret;
+
+ if (address_type == TP_SOCKET_ADDRESS_TYPE_IPV4)
{
- g_set_error (error, TP_ERRORS, TP_ERROR_INVALID_ARGUMENT,
- "IPv4 socket address is supposed to be sq");
- return FALSE;
+ if (G_VALUE_TYPE (address) != TP_STRUCT_TYPE_SOCKET_ADDRESS_IPV4)
+ {
+ g_set_error (error, TP_ERRORS, TP_ERROR_INVALID_ARGUMENT,
+ "IPv4 socket address is supposed to be sq");
+ return FALSE;
+ }
}
- }
- else if (address_type == TP_SOCKET_ADDRESS_TYPE_IPV6)
- {
- if (G_VALUE_TYPE (address) != TP_STRUCT_TYPE_SOCKET_ADDRESS_IPV6)
+ else if (address_type == TP_SOCKET_ADDRESS_TYPE_IPV6)
{
- g_set_error (error, TP_ERRORS, TP_ERROR_INVALID_ARGUMENT,
- "IPv6 socket address is supposed to be sq");
- return FALSE;
+ if (G_VALUE_TYPE (address) != TP_STRUCT_TYPE_SOCKET_ADDRESS_IPV6)
+ {
+ g_set_error (error, TP_ERRORS, TP_ERROR_INVALID_ARGUMENT,
+ "IPv6 socket address is supposed to be sq");
+ return FALSE;
+ }
+ }
+ else
+ {
+ g_return_val_if_reached (FALSE);
}
- }
- else
- {
- g_return_val_if_reached (FALSE);
- }
- dbus_g_type_struct_get (address,
- 0, &ip,
- 1, &port,
- G_MAXUINT);
+ dbus_g_type_struct_get (address,
+ 0, &ip,
+ 1, &port,
+ G_MAXUINT);
- memset (&req, 0, sizeof (req));
- req.ai_flags = AI_NUMERICHOST;
- req.ai_socktype = SOCK_STREAM;
- req.ai_protocol = IPPROTO_TCP;
+ memset (&req, 0, sizeof (req));
+ req.ai_flags = AI_NUMERICHOST;
+ req.ai_socktype = SOCK_STREAM;
+ req.ai_protocol = IPPROTO_TCP;
- if (address_type == TP_SOCKET_ADDRESS_TYPE_IPV4)
- req.ai_family = AF_INET;
- else
- req.ai_family = AF_INET6;
+ if (address_type == TP_SOCKET_ADDRESS_TYPE_IPV4)
+ req.ai_family = AF_INET;
+ else
+ req.ai_family = AF_INET6;
+
+ ret = getaddrinfo (ip, NULL, &req, &result);
+ if (ret != 0)
+ {
+ g_set_error (error, TP_ERRORS, TP_ERROR_INVALID_ARGUMENT,
+ "Invalid address: %s", gai_strerror (ret));
+ g_free (ip);
+ return FALSE;
+ }
- ret = getaddrinfo (ip, NULL, &req, &result);
- if (ret != 0)
- {
- g_set_error (error, TP_ERRORS, TP_ERROR_INVALID_ARGUMENT,
- "Invalid address: %s", gai_strerror (ret));
g_free (ip);
- return FALSE;
+ freeaddrinfo (result);
}
- g_free (ip);
- freeaddrinfo (result);
-
if (access_control != TP_SOCKET_ACCESS_CONTROL_LOCALHOST)
{
g_set_error (error, TP_ERRORS, TP_ERROR_INVALID_ARGUMENT,
@@ -1821,6 +1837,10 @@ check_ip_params (TpSocketAddressType address_type,
return TRUE;
}
+/* used to check access control parameters both for OfferStreamTube and
+ * AcceptStreamTube. In case of AcceptStreamTube, address is NULL because we
+ * listen on the socket after the parameters have been accepted
+ */
gboolean
gabble_tube_stream_check_params (TpSocketAddressType address_type,
const GValue *address,
@@ -2054,41 +2074,12 @@ gabble_tube_stream_accept_stream_tube (GabbleSvcChannelTypeStreamTube *iface,
GabbleTubeStreamPrivate *priv = GABBLE_TUBE_STREAM_GET_PRIVATE (self);
GError *error = NULL;
- if (address_type != TP_SOCKET_ADDRESS_TYPE_UNIX &&
- address_type != TP_SOCKET_ADDRESS_TYPE_IPV4 &&
- address_type != TP_SOCKET_ADDRESS_TYPE_IPV6)
- {
- error = g_error_new (TP_ERRORS, TP_ERROR_NOT_IMPLEMENTED,
- "Address type %d not implemented", address_type);
-
- dbus_g_method_return_error (context, error);
- g_error_free (error);
- return;
- }
-
- if (access_control != TP_SOCKET_ACCESS_CONTROL_LOCALHOST)
- {
- GError e = { TP_ERRORS, TP_ERROR_INVALID_ARGUMENT,
- "Only the Localhost access control method is implemented"
- " by Gabble" };
-
- dbus_g_method_return_error (context, &e);
- return;
- }
-
+ /* parameters sanity checks are done in gabble_tube_stream_accept */
priv->access_control = access_control;
- g_assert (priv->access_control_param == NULL);
+ if (priv->access_control_param != NULL)
+ tp_g_value_slice_free (priv->access_control_param);
priv->access_control_param = tp_g_value_slice_dup (access_control_param);
- if (priv->state != GABBLE_TUBE_CHANNEL_STATE_LOCAL_PENDING)
- {
- GError e = { TP_ERRORS, TP_ERROR_INVALID_ARGUMENT,
- "Tube is not in the local pending state" };
-
- dbus_g_method_return_error (context, &e);
- return;
- }
-
if (!gabble_tube_stream_accept (GABBLE_TUBE_IFACE (self), &error))
{
dbus_g_method_return_error (context, error);
diff --git a/src/tubes-channel.c b/src/tubes-channel.c
index 9ab6e5b..3021bb9 100644
--- a/src/tubes-channel.c
+++ b/src/tubes-channel.c
@@ -1918,28 +1918,6 @@ gabble_tubes_channel_accept_stream_tube (TpSvcChannelTypeTubes *iface,
return;
}
- if (address_type != TP_SOCKET_ADDRESS_TYPE_UNIX &&
- address_type != TP_SOCKET_ADDRESS_TYPE_IPV4 &&
- address_type != TP_SOCKET_ADDRESS_TYPE_IPV6)
- {
- error = g_error_new (TP_ERRORS, TP_ERROR_NOT_IMPLEMENTED,
- "Address type %d not implemented", address_type);
-
- dbus_g_method_return_error (context, error);
- g_error_free (error);
- return;
- }
-
- if (access_control != TP_SOCKET_ACCESS_CONTROL_LOCALHOST)
- {
- GError e = { TP_ERRORS, TP_ERROR_INVALID_ARGUMENT,
- "Only the Localhost access control method is implemented by"
- " Gabble" };
-
- dbus_g_method_return_error (context, &e);
- return;
- }
-
g_object_get (tube,
"type", &type,
"state", &state,
@@ -1954,15 +1932,7 @@ gabble_tubes_channel_accept_stream_tube (TpSvcChannelTypeTubes *iface,
return;
}
- if (state != TP_TUBE_STATE_LOCAL_PENDING)
- {
- GError e = { TP_ERRORS, TP_ERROR_INVALID_ARGUMENT,
- "Tube is not in the local pending state" };
-
- dbus_g_method_return_error (context, &e);
- return;
- }
-
+ /* parameters sanity checks are done in gabble_tube_stream_accept */
g_object_set (tube,
"address-type", address_type,
"access-control", access_control,
--
1.5.6.5
More information about the Telepathy-commits
mailing list