bus-proxyd: move name list iteration to policy users

We need to figure out which of the possible names satisfied the policy, so we cannot do the iteration in check_policy_item() but have to leave it to the users. Test cases amended accordingly.
2024-11-02 10:51:20 +03:00 · 2014-10-09 13:26:53 +02:00 · 2014-10-09 13:26:53 +02:00 · 2a2be74654
commit 2a2be74654
parent 9cd751d2d0
1 changed files with 17 additions and 9 deletions
--- a/src/bus-proxyd/bus-proxyd.c
+++ b/src/bus-proxyd/bus-proxyd.c
@ -475,18 +475,26 @@ static int process_policy(sd_bus *a, sd_bus *b, sd_bus_message *m, Policy *polic
        assert(b);
        assert(m);

-        if (a->is_kernel)
-                return 0;
+        if (b->is_kernel) {

-        r = sd_bus_creds_get_well_known_names(&m->creds, &names_strv);
-        if (r < 0)
-                return r;
+                /* The message came from the kernel, and is sent to our legacy client. */
+                r = sd_bus_creds_get_well_known_names(&m->creds, &names_strv);
+                if (r < 0)
+                        return r;

-        if (!policy_check_recv(policy, ucred, names_hash, m->header->type, m->path, m->interface, m->member))
-                return -EPERM;
+/*
+                if (!policy_check_recv(policy, ucred, names_hash, m->header->type, m->path, m->interface, m->member))
+                        return -EPERM;

-        if (!policy_check_send(policy, ucred, names_strv, m->header->type, m->path, m->interface, m->member))
-                return -EPERM;
+                if (!policy_check_send(policy, ucred, names_strv, m->header->type, m->path, m->interface, m->member))
+                        return -EPERM;
+*/
+        } else {
+
+
+
+
+        }

        return 0;
 }