chiark / gitweb /
bus-proxyd: move name list iteration to policy users
authorDaniel Mack <daniel@zonque.org>
Thu, 9 Oct 2014 11:26:53 +0000 (13:26 +0200)
committerDaniel Mack <daniel@zonque.org>
Tue, 11 Nov 2014 13:14:01 +0000 (14:14 +0100)
We need to figure out which of the possible names satisfied the policy,
so we cannot do the iteration in check_policy_item() but have to leave it
to the users.

Test cases amended accordingly.

src/bus-proxyd/bus-proxyd.c

index 1106986..3fc341e 100644 (file)
@@ -475,18 +475,26 @@ static int process_policy(sd_bus *a, sd_bus *b, sd_bus_message *m, Policy *polic
         assert(b);
         assert(m);
 
-        if (a->is_kernel)
-                return 0;
+        if (b->is_kernel) {
 
-        r = sd_bus_creds_get_well_known_names(&m->creds, &names_strv);
-        if (r < 0)
-                return r;
+                /* The message came from the kernel, and is sent to our legacy client. */
+                r = sd_bus_creds_get_well_known_names(&m->creds, &names_strv);
+                if (r < 0)
+                        return r;
 
-        if (!policy_check_recv(policy, ucred, names_hash, m->header->type, m->path, m->interface, m->member))
-                return -EPERM;
+/*
+                if (!policy_check_recv(policy, ucred, names_hash, m->header->type, m->path, m->interface, m->member))
+                        return -EPERM;
 
-        if (!policy_check_send(policy, ucred, names_strv, m->header->type, m->path, m->interface, m->member))
-                return -EPERM;
+                if (!policy_check_send(policy, ucred, names_strv, m->header->type, m->path, m->interface, m->member))
+                        return -EPERM;
+*/
+        } else {
+
+
+
+
+        }
 
         return 0;
 }