From: Daniel Mack <daniel@zonque.org>
Date: Thu, 9 Oct 2014 11:26:53 +0000 (+0200)
Subject: bus-proxyd: move name list iteration to policy users
X-Git-Tag: v218~467
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=commitdiff_plain;h=2a2be74654f0511220cf9a8a72f60ab5705abb87;p=elogind.git

bus-proxyd: move name list iteration to policy users

We need to figure out which of the possible names satisfied the policy,
so we cannot do the iteration in check_policy_item() but have to leave it
to the users.

Test cases amended accordingly.
---

diff --git a/src/bus-proxyd/bus-proxyd.c b/src/bus-proxyd/bus-proxyd.c
index 1106986e9..3fc341eae 100644
--- a/src/bus-proxyd/bus-proxyd.c
+++ b/src/bus-proxyd/bus-proxyd.c
@@ -475,18 +475,26 @@ static int process_policy(sd_bus *a, sd_bus *b, sd_bus_message *m, Policy *polic
         assert(b);
         assert(m);
 
-        if (a->is_kernel)
-                return 0;
+        if (b->is_kernel) {
 
-        r = sd_bus_creds_get_well_known_names(&m->creds, &names_strv);
-        if (r < 0)
-                return r;
+                /* The message came from the kernel, and is sent to our legacy client. */
+                r = sd_bus_creds_get_well_known_names(&m->creds, &names_strv);
+                if (r < 0)
+                        return r;
 
-        if (!policy_check_recv(policy, ucred, names_hash, m->header->type, m->path, m->interface, m->member))
-                return -EPERM;
+/*
+                if (!policy_check_recv(policy, ucred, names_hash, m->header->type, m->path, m->interface, m->member))
+                        return -EPERM;
 
-        if (!policy_check_send(policy, ucred, names_strv, m->header->type, m->path, m->interface, m->member))
-                return -EPERM;
+                if (!policy_check_send(policy, ucred, names_strv, m->header->type, m->path, m->interface, m->member))
+                        return -EPERM;
+*/
+        } else {
+
+
+
+
+        }
 
         return 0;
 }