[PATCH 2/2] libqmi,utils: new internal __qmi_user_allowed() method

Aleksander Morgado aleksander at aleksander.es
Sun Nov 9 11:12:01 PST 2014 

Allows to check whether the user is allowed to use the QMI device.

Also fixes qmi_proxy_open() to make sure we always set the GError when FALSE is
returned.
---
 src/libqmi-glib/qmi-proxy.c | 40 +++++-----------------------------------
 src/libqmi-glib/qmi-utils.c | 34 ++++++++++++++++++++++++++++++++++
 src/libqmi-glib/qmi-utils.h |  2 ++
 3 files changed, 41 insertions(+), 35 deletions(-)

diff --git a/src/libqmi-glib/qmi-proxy.c b/src/libqmi-glib/qmi-proxy.c
index 0ecff30..531b791 100644
--- a/src/libqmi-glib/qmi-proxy.c
+++ b/src/libqmi-glib/qmi-proxy.c
@@ -26,7 +26,6 @@
 #include <sys/file.h>
 #include <sys/types.h>
 #include <errno.h>
-#include <pwd.h>
 
 #include <glib.h>
 #include <glib/gstdio.h>
@@ -628,7 +627,6 @@ incoming_cb (GSocketService *service,
     Client *client;
     GCredentials *credentials;
     GError *error = NULL;
-    struct passwd *expected_usr = NULL;
     uid_t uid;
 
     g_debug ("client connection open...");
@@ -647,18 +645,9 @@ incoming_cb (GSocketService *service,
         g_error_free (error);
         return;
     }
-
-    expected_usr = getpwnam (QMI_USERNAME);
-    if (!expected_usr) {
-        g_warning ("Unknown user configured: %s", QMI_USERNAME);
-        /* Falling back to check for root user if the configured user is unknown */
-        if (uid != 0) {
-            g_warning ("Client not allowed: Not enough privileges");
-            return;
-        }
-    }
-    else if (uid != expected_usr->pw_uid) {
-        g_warning ("Client not allowed: Not the expected user: %s", QMI_USERNAME);
+    if (!__qmi_user_allowed (uid, &error)) {
+        g_warning ("Client not allowed: %s", error->message);
+        g_error_free (error);
         return;
     }
 
@@ -744,28 +733,9 @@ QmiProxy *
 qmi_proxy_new (GError **error)
 {
     QmiProxy *self;
-    struct passwd *expected_usr = NULL;
-
-    /* Only the specified user can run the mbim-proxy */
-    expected_usr = getpwnam (QMI_USERNAME);
-    if (!expected_usr) {
-        g_warning ("Unknown user configured: %s", QMI_USERNAME);
-        /* Falling back to check for root user if the configured user is unknown */
-        if (getuid () != 0) {
-            g_set_error (error,
-                         QMI_CORE_ERROR,
-                         QMI_CORE_ERROR_FAILED,
-                          "Not enough privileges");
-            return NULL;
-        }
-    }
-    else if (getuid () != expected_usr->pw_uid) {
-        g_set_error (error,
-                     QMI_CORE_ERROR,
-                     QMI_CORE_ERROR_FAILED,
-                     "Not started with the expected user: %s", QMI_USERNAME);
+
+    if (!__qmi_user_allowed (getuid (), error))
         return NULL;
-    }
 
     self = g_object_new (QMI_TYPE_PROXY, NULL);
     if (!setup_socket_service (self, error))
diff --git a/src/libqmi-glib/qmi-utils.c b/src/libqmi-glib/qmi-utils.c
index 3875a0b..c86090d 100644
--- a/src/libqmi-glib/qmi-utils.c
+++ b/src/libqmi-glib/qmi-utils.c
@@ -26,8 +26,10 @@
 #include <string.h>
 #include <stdint.h>
 #include <stdio.h>
+#include <pwd.h>
 
 #include "qmi-utils.h"
+#include "qmi-error-types.h"
 
 /**
  * SECTION:qmi-utils
@@ -75,6 +77,38 @@ __qmi_utils_str_hex (gconstpointer mem,
 
 /*****************************************************************************/
 
+gboolean
+__qmi_user_allowed (uid_t uid,
+                    GError **error)
+{
+    struct passwd *expected_usr = NULL;
+
+    expected_usr = getpwnam (QMI_USERNAME);
+    if (!expected_usr) {
+        g_warning ("Unknown user configured: %s", QMI_USERNAME);
+        /* Falling back to check for root user if the configured user is unknown */
+        if (uid == 0)
+            return TRUE;
+
+        g_set_error (error,
+                     QMI_CORE_ERROR,
+                     QMI_CORE_ERROR_FAILED,
+                     "Not enough privileges (unknown username %s)", QMI_USERNAME);
+        return FALSE;
+    }
+
+    if (uid == expected_usr->pw_uid)
+        return TRUE;
+
+    g_set_error (error,
+                 QMI_CORE_ERROR,
+                 QMI_CORE_ERROR_FAILED,
+                 "Not enough privileges");
+    return FALSE;
+}
+
+/*****************************************************************************/
+
 #if defined UTILS_ENABLE_TRACE
 static void
 print_read_bytes_trace (const gchar *type,
diff --git a/src/libqmi-glib/qmi-utils.h b/src/libqmi-glib/qmi-utils.h
index b4cf43c..55d81b9 100644
--- a/src/libqmi-glib/qmi-utils.h
+++ b/src/libqmi-glib/qmi-utils.h
@@ -163,6 +163,8 @@ G_GNUC_INTERNAL
 gchar *__qmi_utils_str_hex (gconstpointer mem,
                             gsize size,
                             gchar delimiter);
+gboolean __qmi_user_allowed (uid_t uid,
+                             GError **error);
 #endif
 
 G_END_DECLS
-- 
2.1.3

More information about the libqmi-devel mailing list