RFC: send_destination_prefix (was Re: D-Bus policies. system bus and bus names)

[Adrian Szyndela]

Hi,


W dniu 31.05.2017 o 13:04, Simon McVittie pisze:
> On Tue, 30 May 2017 at 23:07:08 +0200, David Sommerseth wrote:
>> The trouble is that it seems to be lacking a send_destination variant
>> similar to own_prefix.
> I'd be happy to review a spec and implementation for
> send_destination_prefix if you want to contribute one,
I've just started some work on send_destination_prefix. I'd like to get 
feedback on the following.
First, the spec:
- name matching rules would be the same as in own_prefix (from 'man 
dbus-daemon': "a.b" matches to "a.b.c" or "a.b.c.d" but not "a.bc" or 
"a.c");
- rules with send_destination_prefix would mean that messages may (not) 
be sent to the owner of any name matching the prefix (including queued 
owners); similar as in send_destination.
In other words, for <allow send_destination_prefix="a.b"/> rule and 
names "a.b", "a.b.c", "a.b.c.d" present on the bus, it would work the 
same as if three separate rules (<allow send_destination="a.b"/>, <allow 
send_destination="a.b.c"/>, <allow send_destination="a.b.c.d"/>) would 
be defined.

Does that make sense?

Here is my first attempt to implement the above:
https://gitlab.freedesktop.org/asz/dbus/commit/7da0f4a74c139497bc9aa3430e171a6f26f69882

By the way, is there any described or known rationale behind 
send_destination rules applying to queued owners?

And one more question: policy checking process checks a message against 
all the rules, one by one; the last matched rule wins. Is it the same as 
checking a message against the rules from back to forth and stopping on 
the first match, or am I missing something?

Kind Regards,
Adrian