X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fbus-proxyd%2Fbus-policy.c;h=cb0726aa3ffb7e0de28d866049bb21f2b4886de6;hb=f5d8989ce5fc4e6eb338ec7b1b2c6d6a74c44c63;hp=165e763f57ba0b7f8bacc0516ade966541cf2cf6;hpb=078ef7b85ad77ba999588f72b31a50ced5907692;p=elogind.git diff --git a/src/bus-proxyd/bus-policy.c b/src/bus-proxyd/bus-policy.c index 165e763f5..cb0726aa3 100644 --- a/src/bus-proxyd/bus-policy.c +++ b/src/bus-proxyd/bus-policy.c @@ -602,33 +602,32 @@ struct policy_check_filter { int class; const struct ucred *ucred; int message_type; + const char *name; const char *interface; const char *path; const char *member; - char **names_strv; - Hashmap *names_hash; }; static int is_permissive(PolicyItem *i) { + assert(i); + return (i->type == POLICY_ITEM_ALLOW) ? ALLOW : DENY; } static int check_policy_item(PolicyItem *i, const struct policy_check_filter *filter) { + assert(i); + assert(filter); + switch (i->class) { case POLICY_ITEM_SEND: case POLICY_ITEM_RECV: - if (i->name) { - if (filter->names_hash && !hashmap_contains(filter->names_hash, i->name)) - break; - - if (filter->names_strv && !strv_contains(filter->names_strv, i->name)) - break; - } + if (i->name && !streq_ptr(i->name, filter->name)) + break; - if (i->message_type && (i->message_type != filter->message_type)) + if ((i->message_type != _POLICY_ITEM_CLASS_UNSET) && (i->message_type != filter->message_type)) break; if (i->path && !streq_ptr(i->path, filter->path)) @@ -643,21 +642,29 @@ static int check_policy_item(PolicyItem *i, const struct policy_check_filter *fi return is_permissive(i); case POLICY_ITEM_OWN: - if (streq(i->name, filter->member)) + assert(filter->name); + + if (streq(i->name, "*") || streq(i->name, filter->name)) return is_permissive(i); break; case POLICY_ITEM_OWN_PREFIX: - if (startswith(i->name, filter->member)) + assert(filter->name); + + if (streq(i->name, "*") || service_name_startswith(i->name, filter->name)) return is_permissive(i); break; case POLICY_ITEM_USER: + assert(filter->ucred); + if ((streq_ptr(i->name, "*") || (i->uid_valid && i->uid == filter->ucred->uid))) return is_permissive(i); break; case POLICY_ITEM_GROUP: + assert(filter->ucred); + if ((streq_ptr(i->name, "*") || (i->gid_valid && i->gid == filter->ucred->gid))) return is_permissive(i); break; @@ -675,6 +682,8 @@ static int check_policy_items(PolicyItem *items, const struct policy_check_filte PolicyItem *i; int r, ret = DUNNO; + assert(filter); + /* Check all policies in a set - a broader one might be followed by a more specific one, * and the order of rules in policy definitions matters */ LIST_FOREACH(items, i, items) { @@ -694,6 +703,9 @@ static int policy_check(Policy *p, const struct policy_check_filter *filter) { PolicyItem *items; int r; + assert(p); + assert(filter); + /* * The policy check is implemented by the following logic: * @@ -729,9 +741,9 @@ static int policy_check(Policy *p, const struct policy_check_filter *filter) { bool policy_check_own(Policy *p, const struct ucred *ucred, const char *name) { struct policy_check_filter filter = { - .class = POLICY_ITEM_OWN, - .ucred = ucred, - .member = name, + .class = POLICY_ITEM_OWN, + .ucred = ucred, + .name = name, }; return policy_check(p, &filter) == ALLOW; @@ -740,27 +752,27 @@ bool policy_check_own(Policy *p, const struct ucred *ucred, const char *name) { bool policy_check_hello(Policy *p, const struct ucred *ucred) { struct policy_check_filter filter = { - .class = POLICY_ITEM_USER, .ucred = ucred, }; int user, group; + filter.class = POLICY_ITEM_USER; user = policy_check(p, &filter); if (user == DENY) return false; filter.class = POLICY_ITEM_GROUP; group = policy_check(p, &filter); - if (user == DUNNO && group == DUNNO) + if (group == DENY) return false; - return !(user == DENY || group == DENY); + return !(user == DUNNO && group == DUNNO); } bool policy_check_recv(Policy *p, const struct ucred *ucred, - Hashmap *names, int message_type, + const char *name, const char *path, const char *interface, const char *member) { @@ -768,8 +780,8 @@ bool policy_check_recv(Policy *p, struct policy_check_filter filter = { .class = POLICY_ITEM_RECV, .ucred = ucred, - .names_hash = names, .message_type = message_type, + .name = name, .interface = interface, .path = path, .member = member, @@ -780,8 +792,8 @@ bool policy_check_recv(Policy *p, bool policy_check_send(Policy *p, const struct ucred *ucred, - char **names, int message_type, + const char *name, const char *path, const char *interface, const char *member) { @@ -789,8 +801,8 @@ bool policy_check_send(Policy *p, struct policy_check_filter filter = { .class = POLICY_ITEM_SEND, .ucred = ucred, - .names_strv = names, .message_type = message_type, + .name = name, .interface = interface, .path = path, .member = member,