[PATCH 2/2] libmbim,utils: new internal __mbim_user_allowed() method

Aleksander Morgado aleksander at aleksander.es
Tue Nov 18 08:10:03 PST 2014 

On 15/11/14 02:23, Roshan Pius wrote:
> Allows to check whether the user is allowed to use the MBIM device.
> 
> Also fixes mbim_proxy_open() to make sure we always set the GError when FALSE is
> returned.
> 

Merged to git master, thanks.

> ---
>  src/libmbim-glib/mbim-proxy.c | 39 ++++++---------------------------------
>  src/libmbim-glib/mbim-utils.c | 33 +++++++++++++++++++++++++++++++++
>  src/libmbim-glib/mbim-utils.h |  2 ++
>  3 files changed, 41 insertions(+), 33 deletions(-)
> 
> diff --git a/src/libmbim-glib/mbim-proxy.c b/src/libmbim-glib/mbim-proxy.c
> index fc69cd7..e87b57a 100644
> --- a/src/libmbim-glib/mbim-proxy.c
> +++ b/src/libmbim-glib/mbim-proxy.c
> @@ -27,7 +27,6 @@
>  #include <sys/file.h>
>  #include <sys/types.h>
>  #include <errno.h>
> -#include <pwd.h>
>  
>  #include <glib.h>
>  #include <glib/gstdio.h>
> @@ -1044,7 +1043,6 @@ incoming_cb (GSocketService *service,
>      Client *client;
>      GCredentials *credentials;
>      GError *error = NULL;
> -    struct passwd *expected_usr = NULL;
>      uid_t uid;
>  
>      g_debug ("Client (%d) connection open...", g_socket_get_fd (g_socket_connection_get_socket (connection)));
> @@ -1064,20 +1062,13 @@ incoming_cb (GSocketService *service,
>          return;
>      }
>  
> -    expected_usr = getpwnam (MBIM_USERNAME);
> -    if (!expected_usr) {
> -        g_warning ("Unknown user configured: %s", MBIM_USERNAME);
> -        /* Falling back to check for root user if the configured user is unknown */
> -        if (uid != 0) {
> -            g_warning ("Client not allowed: Not enough privileges");
> -            return;
> -        }
> -    }
> -    else if (uid != expected_usr->pw_uid) {
> -        g_warning ("Client not allowed: Not the expected user: %s", MBIM_USERNAME);
> +    if (!__mbim_user_allowed (uid, &error)) {
> +        g_warning ("Client not allowed: %s", error->message);
> +        g_error_free (error);
>          return;
>      }
>  
> +
>      /* Create client */
>      client = g_slice_new0 (Client);
>      client->self = self;
> @@ -1226,26 +1217,8 @@ MbimProxy *
>  mbim_proxy_new (GError **error)
>  {
>      MbimProxy *self;
> -    struct passwd *expected_usr = NULL;
> -
> -    /* Only the specified user can run the mbim-proxy */
> -    expected_usr = getpwnam (MBIM_USERNAME);
> -    if (!expected_usr) {
> -        g_warning ("Unknown user configured: %s", MBIM_USERNAME);
> -        /* Falling back to check for root user if the configured user is unknown */
> -        if (getuid () != 0) {
> -            g_set_error (error,
> -                         MBIM_CORE_ERROR,
> -                         MBIM_CORE_ERROR_FAILED,
> -                          "Not enough privileges");
> -            return NULL;
> -        }
> -    }
> -    else if (getuid () != expected_usr->pw_uid) {
> -        g_set_error (error,
> -                     MBIM_CORE_ERROR,
> -                     MBIM_CORE_ERROR_FAILED,
> -                     "Not started with the expected user: %s", MBIM_USERNAME);
> +
> +    if (!__mbim_user_allowed (getuid(), error)) {
>          return NULL;
>      }
>  
> diff --git a/src/libmbim-glib/mbim-utils.c b/src/libmbim-glib/mbim-utils.c
> index 12fab7a..f5a766b 100644
> --- a/src/libmbim-glib/mbim-utils.c
> +++ b/src/libmbim-glib/mbim-utils.c
> @@ -25,8 +25,10 @@
>  #include <string.h>
>  #include <stdint.h>
>  #include <stdio.h>
> +#include <pwd.h>
>  
>  #include "mbim-utils.h"
> +#include "mbim-error-types.h"
>  
>  /**
>   * SECTION:mbim-utils
> @@ -73,6 +75,37 @@ __mbim_utils_str_hex (gconstpointer mem,
>  }
>  
>  /*****************************************************************************/
> +gboolean
> +__mbim_user_allowed (uid_t uid,
> +                     GError **error)
> +{
> +    struct passwd *expected_usr = NULL;
> +
> +    expected_usr = getpwnam (MBIM_USERNAME);
> +    if (!expected_usr) {
> +        g_warning ("Unknown user configured: %s", MBIM_USERNAME);
> +        /* Falling back to check for root user if the configured user is unknown */
> +        if (uid == 0)
> +            return TRUE;
> +
> +        g_set_error (error,
> +                     MBIM_CORE_ERROR,
> +                     MBIM_CORE_ERROR_FAILED,
> +                     "Not enough privileges (unknown username %s)", MBIM_USERNAME);
> +        return FALSE;
> +    }
> +
> +    if (uid == expected_usr->pw_uid)
> +        return TRUE;
> +
> +    g_set_error (error,
> +                 MBIM_CORE_ERROR,
> +                 MBIM_CORE_ERROR_FAILED,
> +                 "Not enough privileges");
> +    return FALSE;
> +}
> +
> +/*****************************************************************************/
>  
>  static volatile gint __traces_enabled = FALSE;
>  
> diff --git a/src/libmbim-glib/mbim-utils.h b/src/libmbim-glib/mbim-utils.h
> index 62bbc92..ee5632f 100644
> --- a/src/libmbim-glib/mbim-utils.h
> +++ b/src/libmbim-glib/mbim-utils.h
> @@ -42,6 +42,8 @@ void     mbim_utils_set_traces_enabled (gboolean enabled);
>  gchar *__mbim_utils_str_hex (gconstpointer mem,
>                               gsize         size,
>                               gchar         delimiter);
> +gboolean __mbim_user_allowed (uid_t uid,
> +                              GError **error);
>  #endif
>  
>  G_END_DECLS
> 


-- 
Aleksander
https://aleksander.es

More information about the libmbim-devel mailing list