41
41
#include "logger.h"
42
42
#include "ci-tracker.h"
44
/* ripped from dbus/dbus-marshal-validate.c and adapted */
47
* Determine wether the given character is valid as the first character
50
#define VALID_INITIAL_BUS_NAME_CHARACTER(c) \
51
( ((c) >= 'A' && (c) <= 'Z') || \
52
((c) >= 'a' && (c) <= 'z') || \
53
((c) == '_') || ((c) == '-'))
57
* Determine wether the given character is valid as a second or later
58
* character in a bus name
60
#define VALID_BUS_NAME_CHARACTER(c) \
61
( ((c) >= '0' && (c) <= '9') || \
62
((c) >= 'A' && (c) <= 'Z') || \
63
((c) >= 'a' && (c) <= 'z') || \
64
((c) == '_') || ((c) == '-'))
67
validate_bus_name (const char *name)
82
/* check special cases of first char so it doesn't have to be done
83
* in the loop. Note we know len > 0
90
if (G_UNLIKELY ((s + 1) == end))
92
if (G_UNLIKELY (!VALID_BUS_NAME_CHARACTER (*(s + 1))))
94
++s; /* we just validated the next char, so skip two */
95
} else if (G_UNLIKELY (!VALID_BUS_NAME_CHARACTER (*s))) {
101
} else if (G_UNLIKELY (*s == '.')) /* disallow starting with a . */ {
103
} else if (G_UNLIKELY (!VALID_INITIAL_BUS_NAME_CHARACTER (*s))) {
111
if (G_UNLIKELY ((s + 1) == end))
113
else if (G_UNLIKELY (!VALID_INITIAL_BUS_NAME_CHARACTER (*(s + 1))))
116
++s; /* we just validated the next char, so skip two */
117
} else if (G_UNLIKELY (!VALID_BUS_NAME_CHARACTER (*s))) {
123
if (G_UNLIKELY (last_dot == NULL))
130
HAL_INFO (("name '%s' did not validate", name));
44
135
struct CITracker_s {
45
136
GHashTable *connection_name_to_caller_info;
46
137
DBusConnection *dbus_connection;
54
145
gboolean in_active_session; /* caller is in an active session */
55
146
gboolean is_local; /* session is on a local seat */
56
147
char *session_objpath; /* obj path of ConsoleKit session */
148
char *selinux_context; /* SELinux security context */
58
150
char *system_bus_unique_name; /* unique name of caller on the system bus */
180
276
if (system_bus_unique_name == NULL)
279
if (!validate_bus_name (system_bus_unique_name))
183
282
/*HAL_INFO (("========================="));
184
283
HAL_INFO (("Looking up CICallerInfo for system_bus_unique_name = %s", system_bus_unique_name));*/
223
322
dbus_message_unref (message);
224
323
dbus_message_unref (reply);
325
message = dbus_message_new_method_call ("org.freedesktop.DBus",
326
"/org/freedesktop/DBus/Bus",
327
"org.freedesktop.DBus",
328
"GetConnectionSELinuxSecurityContext");
329
dbus_message_iter_init_append (message, &iter);
330
dbus_message_iter_append_basic (&iter, DBUS_TYPE_STRING, &system_bus_unique_name);
331
reply = dbus_connection_send_with_reply_and_block (cit->dbus_connection, message, -1, &error);
332
/* SELinux might not be enabled */
333
if (dbus_error_is_set (&error) &&
334
strcmp (error.name, "org.freedesktop.DBus.Error.SELinuxSecurityContextUnknown") == 0) {
335
dbus_message_unref (message);
337
dbus_message_unref (reply);
338
dbus_error_init (&error);
339
} else if (reply == NULL || dbus_error_is_set (&error)) {
340
g_warning ("Error doing GetConnectionSELinuxSecurityContext on Bus: %s: %s", error.name, error.message);
341
dbus_message_unref (message);
343
dbus_message_unref (reply);
346
/* TODO: verify signature */
347
dbus_message_iter_init (reply, &iter);
348
dbus_message_iter_recurse (&iter, &sub_iter);
349
dbus_message_iter_get_fixed_array (&sub_iter, (void *) &str, &num_elems);
350
if (str != NULL && num_elems > 0)
351
ci->selinux_context = g_strndup (str, num_elems);
352
dbus_message_unref (message);
353
dbus_message_unref (reply);
226
357
message = dbus_message_new_method_call ("org.freedesktop.ConsoleKit",
227
358
"/org/freedesktop/ConsoleKit/Manager",
228
359
"org.freedesktop.ConsoleKit.Manager",