bus: if we recieve fds but fd passing is off, consider this an error

[elogind.git] / src / libsystemd-bus / bus-socket.c

diff --git a/src/libsystemd-bus/bus-socket.c b/src/libsystemd-bus/bus-socket.c
index f40aa59f511d84671d9c4a6356b9b9509199ccd7..de823d582f2353273511a072a9f9d14ea334cd57 100644 (file)
--- a/src/libsystemd-bus/bus-socket.c
+++ b/src/libsystemd-bus/bus-socket.c
@@ -202,15 +202,15 @@ static int bus_socket_read_auth(sd_bus *b) {
 }
 
 static int bus_socket_setup(sd_bus *b) {
-        int one;
+        int enable;
 
         assert(b);
 
-        /* Enable SO_PASSCRED + SO_PASSEC. We try this on any socket,
-         * just in case. This is actually irrelavant for */
-        one = 1;
-        setsockopt(b->fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
-        setsockopt(b->fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
+        /* Enable SO_PASSCRED + SO_PASSEC. We try this on any
+         * socket, just in case. */
+        enable = !b->bus_client;
+        setsockopt(b->fd, SOL_SOCKET, SO_PASSCRED, &enable, sizeof(enable));
+        setsockopt(b->fd, SOL_SOCKET, SO_PASSSEC, &enable, sizeof(enable));
 
         /* Increase the buffers to a MB */
         fd_inc_rcvbuf(b->fd, 1024*1024);
@@ -542,6 +542,15 @@ int bus_socket_read_message(sd_bus *bus, sd_bus_message **m) {
 
                         n = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
 
+                        if (!bus->can_fds) {
+                                /* Whut? We received fds but this
+                                 * isn't actually enabled? Close them,
+                                 * and fail */
+
+                                close_many((int*) CMSG_DATA(cmsg), n);
+                                return -EIO;
+                        }
+
                         f = realloc(bus->fds, sizeof(int) + (bus->n_fds + n));
                         if (!f) {
                                 close_many((int*) CMSG_DATA(cmsg), n);