dbus/bus bus.c, 1.51, 1.52 config-parser.c, 1.29,
1.30 dbus-daemon-1.1.in, 1.6, 1.7 policy.c, 1.18,
1.19 policy.h, 1.13, 1.14 system.conf.in, 1.12, 1.13
Havoc Pennington
hp at pdx.freedesktop.org
Fri May 28 21:17:19 PDT 2004
Update of /cvs/dbus/dbus/bus
In directory pdx:/tmp/cvs-serv30806/bus
Modified Files:
bus.c config-parser.c dbus-daemon-1.1.in policy.c policy.h
system.conf.in
Log Message:
2004-05-29 Havoc Pennington <hp at redhat.com>
* bus/config-parser.c (process_test_valid_subdir): temporarily
stop testing config parser OOM handling, since expat has issues
http://freedesktop.org/pipermail/dbus/2004-May/001153.html
* bus/dbus-daemon-1.1.in: change requested_reply to
send_requested_reply/receive_requested_reply so we can send the
replies, not just receive them.
* bus/config-parser.c: parse the new
send_requested_reply/receive_requested_reply
* bus/policy.c (bus_client_policy_check_can_send): add
requested_reply argument and use it
* bus/bus.c (bus_context_check_security_policy): pass through
requested_reply status to message send check
* bus/system.conf.in: adapt to requested_reply change
Index: bus.c
===================================================================
RCS file: /cvs/dbus/dbus/bus/bus.c,v
retrieving revision 1.51
retrieving revision 1.52
diff -u -d -r1.51 -r1.52
--- a/bus.c 21 Apr 2004 21:29:07 -0000 1.51
+++ b/bus.c 29 May 2004 04:17:16 -0000 1.52
@@ -1,7 +1,7 @@
/* -*- mode: C; c-file-style: "gnu" -*- */
/* bus.c message bus context object
*
- * Copyright (C) 2003 Red Hat, Inc.
+ * Copyright (C) 2003, 2004 Red Hat, Inc.
*
* Licensed under the Academic Free License version 2.0
*
@@ -1189,7 +1189,9 @@
if (sender_policy &&
!bus_client_policy_check_can_send (sender_policy,
- context->registry, proposed_recipient,
+ context->registry,
+ requested_reply,
+ proposed_recipient,
message))
{
const char *dest = dbus_message_get_destination (message);
Index: config-parser.c
===================================================================
RCS file: /cvs/dbus/dbus/bus/config-parser.c,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -d -r1.29 -r1.30
--- a/config-parser.c 13 Apr 2004 01:37:57 -0000 1.29
+++ b/config-parser.c 29 May 2004 04:17:16 -0000 1.30
@@ -1,7 +1,7 @@
/* -*- mode: C; c-file-style: "gnu" -*- */
/* config-parser.c XML-library-agnostic configuration file parser
*
- * Copyright (C) 2003 Red Hat, Inc.
+ * Copyright (C) 2003, 2004 Red Hat, Inc.
*
* Licensed under the Academic Free License version 2.0
*
@@ -873,7 +873,8 @@
const char *receive_path;
const char *receive_type;
const char *eavesdrop;
- const char *requested_reply;
+ const char *send_requested_reply;
+ const char *receive_requested_reply;
const char *own;
const char *user;
const char *group;
@@ -896,7 +897,8 @@
"receive_path", &receive_path,
"receive_type", &receive_type,
"eavesdrop", &eavesdrop,
- "requested_reply", &requested_reply,
+ "send_requested_reply", &send_requested_reply,
+ "receive_requested_reply", &receive_requested_reply,
"own", &own,
"user", &user,
"group", &group,
@@ -906,7 +908,8 @@
if (!(send_interface || send_member || send_error || send_destination ||
send_type || send_path ||
receive_interface || receive_member || receive_error || receive_sender ||
- receive_type || receive_path || eavesdrop || requested_reply ||
+ receive_type || receive_path || eavesdrop ||
+ send_requested_reply || receive_requested_reply ||
own || user || group))
{
dbus_set_error (error, DBUS_ERROR_FAILED,
@@ -932,8 +935,8 @@
* interface + member
* error
*
- * base send_ can combine with send_destination, send_path, send_type
- * base receive_ with receive_sender, receive_path, receive_type, eavesdrop, requested_reply
+ * base send_ can combine with send_destination, send_path, send_type, send_requested_reply
+ * base receive_ with receive_sender, receive_path, receive_type, receive_requested_reply, eavesdrop
*
* user, group, own must occur alone
*
@@ -946,7 +949,7 @@
(send_interface && receive_error) ||
(send_interface && receive_sender) ||
(send_interface && eavesdrop) ||
- (send_interface && requested_reply) ||
+ (send_interface && receive_requested_reply) ||
(send_interface && own) ||
(send_interface && user) ||
(send_interface && group)) ||
@@ -957,7 +960,7 @@
(send_member && receive_error) ||
(send_member && receive_sender) ||
(send_member && eavesdrop) ||
- (send_member && requested_reply) ||
+ (send_member && receive_requested_reply) ||
(send_member && own) ||
(send_member && user) ||
(send_member && group)) ||
@@ -967,7 +970,7 @@
(send_error && receive_error) ||
(send_error && receive_sender) ||
(send_error && eavesdrop) ||
- (send_error && requested_reply) ||
+ (send_error && receive_requested_reply) ||
(send_error && own) ||
(send_error && user) ||
(send_error && group)) ||
@@ -977,7 +980,7 @@
(send_destination && receive_error) ||
(send_destination && receive_sender) ||
(send_destination && eavesdrop) ||
- (send_destination && requested_reply) ||
+ (send_destination && receive_requested_reply) ||
(send_destination && own) ||
(send_destination && user) ||
(send_destination && group)) ||
@@ -987,7 +990,7 @@
(send_type && receive_error) ||
(send_type && receive_sender) ||
(send_type && eavesdrop) ||
- (send_type && requested_reply) ||
+ (send_type && receive_requested_reply) ||
(send_type && own) ||
(send_type && user) ||
(send_type && group)) ||
@@ -997,10 +1000,20 @@
(send_path && receive_error) ||
(send_path && receive_sender) ||
(send_path && eavesdrop) ||
- (send_path && requested_reply) ||
+ (send_path && receive_requested_reply) ||
(send_path && own) ||
(send_path && user) ||
(send_path && group)) ||
+
+ ((send_requested_reply && receive_interface) ||
+ (send_requested_reply && receive_member) ||
+ (send_requested_reply && receive_error) ||
+ (send_requested_reply && receive_sender) ||
+ (send_requested_reply && eavesdrop) ||
+ (send_requested_reply && receive_requested_reply) ||
+ (send_requested_reply && own) ||
+ (send_requested_reply && user) ||
+ (send_requested_reply && group)) ||
((receive_interface && receive_error) ||
(receive_interface && own) ||
@@ -1020,9 +1033,9 @@
(eavesdrop && user) ||
(eavesdrop && group)) ||
- ((requested_reply && own) ||
- (requested_reply && user) ||
- (requested_reply && group)) ||
+ ((receive_requested_reply && own) ||
+ (receive_requested_reply && user) ||
+ (receive_requested_reply && group)) ||
((own && user) ||
(own && group)) ||
@@ -1043,7 +1056,7 @@
#define IS_WILDCARD(str) ((str) && ((str)[0]) == '*' && ((str)[1]) == '\0')
if (send_interface || send_member || send_error || send_destination ||
- send_path || send_type)
+ send_path || send_type || send_requested_reply)
{
int message_type;
@@ -1072,11 +1085,24 @@
return FALSE;
}
}
+
+ if (send_requested_reply &&
+ !(strcmp (send_requested_reply, "true") == 0 ||
+ strcmp (send_requested_reply, "false") == 0))
+ {
+ dbus_set_error (error, DBUS_ERROR_FAILED,
+ "Bad value \"%s\" for %s attribute, must be true or false",
+ "send_requested_reply", send_requested_reply);
+ return FALSE;
+ }
rule = bus_policy_rule_new (BUS_POLICY_RULE_SEND, allow);
if (rule == NULL)
goto nomem;
+ if (send_requested_reply)
+ rule->d.send.requested_reply = (strcmp (send_requested_reply, "true") == 0);
+
rule->d.send.message_type = message_type;
rule->d.send.path = _dbus_strdup (send_path);
rule->d.send.interface = _dbus_strdup (send_interface);
@@ -1095,7 +1121,7 @@
goto nomem;
}
else if (receive_interface || receive_member || receive_error || receive_sender ||
- receive_path || receive_type || eavesdrop || requested_reply)
+ receive_path || receive_type || eavesdrop || receive_requested_reply)
{
int message_type;
@@ -1136,13 +1162,13 @@
return FALSE;
}
- if (requested_reply &&
- !(strcmp (requested_reply, "true") == 0 ||
- strcmp (requested_reply, "false") == 0))
+ if (receive_requested_reply &&
+ !(strcmp (receive_requested_reply, "true") == 0 ||
+ strcmp (receive_requested_reply, "false") == 0))
{
dbus_set_error (error, DBUS_ERROR_FAILED,
"Bad value \"%s\" for %s attribute, must be true or false",
- "requested_reply", requested_reply);
+ "receive_requested_reply", receive_requested_reply);
return FALSE;
}
@@ -1153,8 +1179,8 @@
if (eavesdrop)
rule->d.receive.eavesdrop = (strcmp (eavesdrop, "true") == 0);
- if (requested_reply)
- rule->d.receive.requested_reply = (strcmp (requested_reply, "true") == 0);
+ if (receive_requested_reply)
+ rule->d.receive.requested_reply = (strcmp (receive_requested_reply, "true") == 0);
rule->d.receive.message_type = message_type;
rule->d.receive.path = _dbus_strdup (receive_path);
@@ -2290,9 +2316,15 @@
d.full_path = &full_path;
d.validity = validity;
- if (!_dbus_test_oom_handling ("config-loader", check_loader_oom_func, &d))
- _dbus_assert_not_reached ("test failed");
+ /* FIXME hackaround for an expat problem, see
+ * https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124747
+ * http://freedesktop.org/pipermail/dbus/2004-May/001153.html
+ */
+ /* if (!_dbus_test_oom_handling ("config-loader", check_loader_oom_func, &d)) */
+ if (!check_loader_oom_func (&d))
+ _dbus_assert_not_reached ("test failed");
+
_dbus_string_free (&full_path);
}
Index: dbus-daemon-1.1.in
===================================================================
RCS file: /cvs/dbus/dbus/bus/dbus-daemon-1.1.in,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- a/dbus-daemon-1.1.in 14 Oct 2003 22:16:03 -0000 1.6
+++ b/dbus-daemon-1.1.in 29 May 2004 04:17:16 -0000 1.7
@@ -357,7 +357,9 @@
receive_type="method_call" | "method_return" | "signal" | "error"
receive_path="/path/name"
- requested_reply="true" | "false"
+ send_requested_reply="true" | "false"
+ receive_requested_reply="true" | "false"
+
eavesdrop="true" | "false"
own="servicename"
@@ -411,22 +413,22 @@
.PP
-The requested_reply attribute works similarly to the eavesdrop
+The [send|receive]_requested_reply attribute works similarly to the eavesdrop
attribute. It controls whether the <deny> or <allow> matches a reply
that is expected (corresponds to a previous method call message).
This attribute only makes sense for reply messages (errors and method
returns), and is ignored for other message types.
.PP
-For <allow>, requested_reply="true" is the default and indicates that
+For <allow>, [send|receive]_requested_reply="true" is the default and indicates that
only requested replies are allowed by the
-rule. requested_reply="false" means that the rule allows any reply
+rule. [send|receive]_requested_reply="false" means that the rule allows any reply
even if unexpected.
.PP
-For <deny>, requested_reply="false" is the default but indicates that
+For <deny>, [send|receive]_requested_reply="false" is the default but indicates that
the rule matches only when the reply was not
-requested. requested_reply="true" indicates that the rule applies
+requested. [send|receive]_requested_reply="true" indicates that the rule applies
always, regardless of pending reply state.
.PP
Index: policy.c
===================================================================
RCS file: /cvs/dbus/dbus/bus/policy.c,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -d -r1.18 -r1.19
--- a/policy.c 2 Dec 2003 10:44:21 -0000 1.18
+++ b/policy.c 29 May 2004 04:17:16 -0000 1.19
@@ -1,7 +1,7 @@
/* -*- mode: C; c-file-style: "gnu" -*- */
/* policy.c Bus security policy
*
- * Copyright (C) 2003 Red Hat, Inc.
+ * Copyright (C) 2003, 2004 Red Hat, Inc.
*
* Licensed under the Academic Free License version 2.0
*
@@ -53,6 +53,11 @@
break;
case BUS_POLICY_RULE_SEND:
rule->d.send.message_type = DBUS_MESSAGE_TYPE_INVALID;
+
+ /* allow rules default to TRUE (only requested replies allowed)
+ * deny rules default to FALSE (only unrequested replies denied)
+ */
+ rule->d.send.requested_reply = rule->allow;
break;
case BUS_POLICY_RULE_RECEIVE:
rule->d.receive.message_type = DBUS_MESSAGE_TYPE_INVALID;
@@ -788,6 +793,7 @@
dbus_bool_t
bus_client_policy_check_can_send (BusClientPolicy *policy,
BusRegistry *registry,
+ dbus_bool_t requested_reply,
DBusConnection *receiver,
DBusMessage *message)
{
@@ -827,6 +833,30 @@
continue;
}
}
+
+ /* If it's a reply, the requested_reply flag kicks in */
+ if (dbus_message_get_reply_serial (message) != 0)
+ {
+ /* for allow, requested_reply=true means the rule applies
+ * only when reply was requested. requested_reply=false means
+ * always allow.
+ */
+ if (!requested_reply && rule->allow && rule->d.send.requested_reply)
+ {
+ _dbus_verbose (" (policy) skipping allow rule since it only applies to requested replies\n");
+ continue;
+ }
+
+ /* for deny, requested_reply=false means the rule applies only
+ * when the reply was not requested. requested_reply=true means the
+ * rule always applies.
+ */
+ if (requested_reply && !rule->allow && !rule->d.send.requested_reply)
+ {
+ _dbus_verbose (" (policy) skipping deny rule since it only applies to unrequested replies\n");
+ continue;
+ }
+ }
if (rule->d.send.path != NULL)
{
Index: policy.h
===================================================================
RCS file: /cvs/dbus/dbus/bus/policy.h,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -d -r1.13 -r1.14
--- a/policy.h 2 Dec 2003 10:44:21 -0000 1.13
+++ b/policy.h 29 May 2004 04:17:17 -0000 1.14
@@ -61,7 +61,8 @@
char *interface;
char *member;
char *error;
- char *destination;
+ char *destination;
+ unsigned int requested_reply : 1;
} send;
struct
@@ -131,6 +132,7 @@
void bus_client_policy_unref (BusClientPolicy *policy);
dbus_bool_t bus_client_policy_check_can_send (BusClientPolicy *policy,
BusRegistry *registry,
+ dbus_bool_t requested_reply,
DBusConnection *receiver,
DBusMessage *message);
dbus_bool_t bus_client_policy_check_can_receive (BusClientPolicy *policy,
Index: system.conf.in
===================================================================
RCS file: /cvs/dbus/dbus/bus/system.conf.in,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -d -r1.12 -r1.13
--- a/system.conf.in 16 Oct 2003 06:34:51 -0000 1.12
+++ b/system.conf.in 29 May 2004 04:17:17 -0000 1.13
@@ -45,7 +45,8 @@
<allow send_destination="org.freedesktop.DBus"/>
<allow receive_sender="org.freedesktop.DBus"/>
<!-- valid replies are always allowed -->
- <allow requested_reply="true"/>
+ <allow send_requested_reply="true"/>
+ <allow receive_requested_reply="true"/>
</policy>
<!-- Config files are placed here that among other things, punch
More information about the dbus-commit
mailing list