1 /* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
2 /* bus.c message bus context object
4 * Copyright (C) 2003, 2004 Red Hat, Inc.
6 * Licensed under the Academic Free License version 2.1
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
25 #include "activation.h"
26 #include "connection.h"
30 #include "config-parser.h"
33 #include "dir-watch.h"
34 #include <dbus/dbus-list.h>
35 #include <dbus/dbus-hash.h>
36 #include <dbus/dbus-internals.h>
49 BusConnections *connections;
50 BusActivation *activation;
51 BusRegistry *registry;
53 BusMatchmaker *matchmaker;
55 unsigned int fork : 1;
58 static dbus_int32_t server_data_slot = -1;
65 #define BUS_SERVER_DATA(server) (dbus_server_get_data ((server), server_data_slot))
68 server_get_context (DBusServer *server)
73 if (!dbus_server_allocate_data_slot (&server_data_slot))
76 bd = BUS_SERVER_DATA (server);
79 dbus_server_free_data_slot (&server_data_slot);
83 context = bd->context;
85 dbus_server_free_data_slot (&server_data_slot);
91 server_watch_callback (DBusWatch *watch,
92 unsigned int condition,
95 /* FIXME this can be done in dbus-mainloop.c
96 * if the code in activation.c for the babysitter
97 * watch handler is fixed.
100 return dbus_watch_handle (watch, condition);
104 add_server_watch (DBusWatch *watch,
107 DBusServer *server = data;
110 context = server_get_context (server);
112 return _dbus_loop_add_watch (context->loop,
113 watch, server_watch_callback, server,
118 remove_server_watch (DBusWatch *watch,
121 DBusServer *server = data;
124 context = server_get_context (server);
126 _dbus_loop_remove_watch (context->loop,
127 watch, server_watch_callback, server);
132 server_timeout_callback (DBusTimeout *timeout,
135 /* can return FALSE on OOM but we just let it fire again later */
136 dbus_timeout_handle (timeout);
140 add_server_timeout (DBusTimeout *timeout,
143 DBusServer *server = data;
146 context = server_get_context (server);
148 return _dbus_loop_add_timeout (context->loop,
149 timeout, server_timeout_callback, server, NULL);
153 remove_server_timeout (DBusTimeout *timeout,
156 DBusServer *server = data;
159 context = server_get_context (server);
161 _dbus_loop_remove_timeout (context->loop,
162 timeout, server_timeout_callback, server);
166 new_connection_callback (DBusServer *server,
167 DBusConnection *new_connection,
170 BusContext *context = data;
172 if (!bus_connections_setup_connection (context->connections, new_connection))
174 _dbus_verbose ("No memory to setup new connection\n");
176 /* if we don't do this, it will get unref'd without
177 * being disconnected... kind of strange really
178 * that we have to do this, people won't get it right
181 dbus_connection_close (new_connection);
184 dbus_connection_set_max_received_size (new_connection,
185 context->limits.max_incoming_bytes);
187 dbus_connection_set_max_message_size (new_connection,
188 context->limits.max_message_size);
190 /* on OOM, we won't have ref'd the connection so it will die. */
194 free_server_data (void *data)
196 BusServerData *bd = data;
202 setup_server (BusContext *context,
204 char **auth_mechanisms,
209 bd = dbus_new0 (BusServerData, 1);
210 if (!dbus_server_set_data (server,
212 bd, free_server_data))
219 bd->context = context;
221 if (!dbus_server_set_auth_mechanisms (server, (const char**) auth_mechanisms))
227 dbus_server_set_new_connection_function (server,
228 new_connection_callback,
231 if (!dbus_server_set_watch_functions (server,
242 if (!dbus_server_set_timeout_functions (server,
244 remove_server_timeout,
255 /* This code only gets executed the first time the
256 config files are parsed. It is not executed
257 when config files are reloaded.*/
259 process_config_first_time_only (BusContext *context,
260 BusConfigParser *parser,
264 DBusList **addresses;
265 const char *user, *pidfile;
266 char **auth_mechanisms;
267 DBusList **auth_mechanisms_list;
271 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
274 auth_mechanisms = NULL;
276 /* Check for an existing pid file. Of course this is a race;
277 * we'd have to use fcntl() locks on the pid file to
278 * avoid that. But we want to check for the pid file
279 * before overwriting any existing sockets, etc.
281 pidfile = bus_config_parser_get_pidfile (parser);
287 _dbus_string_init_const (&u, pidfile);
289 if (_dbus_stat (&u, &stbuf, NULL))
291 dbus_set_error (error, DBUS_ERROR_FAILED,
292 "The pid file \"%s\" exists, if the message bus is not running, remove this file",
298 /* keep around the pid filename so we can delete it later */
299 context->pidfile = _dbus_strdup (pidfile);
301 /* Build an array of auth mechanisms */
303 auth_mechanisms_list = bus_config_parser_get_mechanisms (parser);
304 len = _dbus_list_get_length (auth_mechanisms_list);
310 auth_mechanisms = dbus_new0 (char*, len + 1);
311 if (auth_mechanisms == NULL)
318 link = _dbus_list_get_first_link (auth_mechanisms_list);
321 auth_mechanisms[i] = _dbus_strdup (link->data);
322 if (auth_mechanisms[i] == NULL)
327 link = _dbus_list_get_next_link (auth_mechanisms_list, link);
332 auth_mechanisms = NULL;
335 /* Listen on our addresses */
337 addresses = bus_config_parser_get_addresses (parser);
339 link = _dbus_list_get_first_link (addresses);
344 server = dbus_server_listen (link->data, error);
347 _DBUS_ASSERT_ERROR_IS_SET (error);
350 else if (!setup_server (context, server, auth_mechanisms, error))
352 _DBUS_ASSERT_ERROR_IS_SET (error);
356 if (!_dbus_list_append (&context->servers, server))
362 link = _dbus_list_get_next_link (addresses, link);
365 /* note that type may be NULL */
366 context->type = _dbus_strdup (bus_config_parser_get_type (parser));
367 if (bus_config_parser_get_type (parser) != NULL && context->type == NULL)
373 user = bus_config_parser_get_user (parser);
376 context->user = _dbus_strdup (user);
377 if (context->user == NULL)
384 context->fork = bus_config_parser_get_fork (parser);
386 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
390 dbus_free_string_array (auth_mechanisms);
394 /* This code gets executed every time the config files
395 are parsed: both during BusContext construction
398 process_config_every_time (BusContext *context,
399 BusConfigParser *parser,
400 dbus_bool_t is_reload,
403 DBusString full_address;
405 BusActivation *new_activation;
410 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
415 if (!_dbus_string_init (&full_address))
421 /* get our limits and timeout lengths */
422 bus_config_parser_get_limits (parser, &context->limits);
424 context->policy = bus_config_parser_steal_policy (parser);
425 _dbus_assert (context->policy != NULL);
427 /* We have to build the address backward, so that
428 * <listen> later in the config file have priority
430 link = _dbus_list_get_last_link (&context->servers);
433 addr = dbus_server_get_address (link->data);
440 if (_dbus_string_get_length (&full_address) > 0)
442 if (!_dbus_string_append (&full_address, ";"))
449 if (!_dbus_string_append (&full_address, addr))
458 link = _dbus_list_get_prev_link (&context->servers, link);
462 dbus_free (context->address);
464 if (!_dbus_string_copy_data (&full_address, &context->address))
470 /* Create activation subsystem */
471 new_activation = bus_activation_new (context, &full_address,
472 bus_config_parser_get_service_dirs (parser),
474 if (new_activation == NULL)
476 _DBUS_ASSERT_ERROR_IS_SET (error);
481 bus_activation_unref (context->activation);
483 context->activation = new_activation;
485 /* Drop existing conf-dir watches (if applicable) */
488 bus_drop_all_directory_watches ();
490 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
494 _dbus_string_free (&full_address);
503 process_config_postinit (BusContext *context,
504 BusConfigParser *parser,
507 DBusHashTable *service_context_table;
509 service_context_table = bus_config_parser_steal_service_context_table (parser);
510 if (!bus_registry_set_service_context_table (context->registry,
511 service_context_table))
517 _dbus_hash_table_unref (service_context_table);
519 /* Watch all conf directories */
520 _dbus_list_foreach (bus_config_parser_get_conf_dirs (parser),
521 (DBusForeachFunction) bus_watch_directory,
528 bus_context_new (const DBusString *config_file,
529 ForceForkSetting force_fork,
530 DBusPipe *print_addr_pipe,
531 DBusPipe *print_pid_pipe,
535 BusConfigParser *parser;
537 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
542 if (!dbus_server_allocate_data_slot (&server_data_slot))
548 context = dbus_new0 (BusContext, 1);
554 context->refcount = 1;
556 _dbus_generate_uuid (&context->uuid);
558 if (!_dbus_string_copy_data (config_file, &context->config_file))
564 context->loop = _dbus_loop_new ();
565 if (context->loop == NULL)
571 context->registry = bus_registry_new (context);
572 if (context->registry == NULL)
578 parser = bus_config_load (config_file, TRUE, NULL, error);
581 _DBUS_ASSERT_ERROR_IS_SET (error);
585 if (!process_config_first_time_only (context, parser, error))
587 _DBUS_ASSERT_ERROR_IS_SET (error);
590 if (!process_config_every_time (context, parser, FALSE, error))
592 _DBUS_ASSERT_ERROR_IS_SET (error);
596 /* we need another ref of the server data slot for the context
599 if (!dbus_server_allocate_data_slot (&server_data_slot))
600 _dbus_assert_not_reached ("second ref of server data slot failed");
602 /* Note that we don't know whether the print_addr_pipe is
603 * one of the sockets we're using to listen on, or some
604 * other random thing. But I think the answer is "don't do
607 if (print_addr_pipe != NULL && _dbus_pipe_is_valid (print_addr_pipe))
610 const char *a = bus_context_get_address (context);
613 _dbus_assert (a != NULL);
614 if (!_dbus_string_init (&addr))
620 if (!_dbus_string_append (&addr, a) ||
621 !_dbus_string_append (&addr, "\n"))
623 _dbus_string_free (&addr);
628 bytes = _dbus_string_get_length (&addr);
629 if (_dbus_pipe_write (print_addr_pipe, &addr, 0, bytes, error) != bytes)
631 /* pipe write returns an error on failure but not short write */
632 if (error != NULL && !dbus_error_is_set (error))
634 dbus_set_error (error, DBUS_ERROR_FAILED,
635 "Printing message bus address: did not write all bytes\n");
637 _dbus_string_free (&addr);
641 if (!_dbus_pipe_is_stdout_or_stderr (print_addr_pipe))
642 _dbus_pipe_close (print_addr_pipe, NULL);
644 _dbus_string_free (&addr);
647 context->connections = bus_connections_new (context);
648 if (context->connections == NULL)
654 context->matchmaker = bus_matchmaker_new ();
655 if (context->matchmaker == NULL)
661 /* check user before we fork */
662 if (context->user != NULL)
664 if (!_dbus_verify_daemon_user (context->user))
666 dbus_set_error (error, DBUS_ERROR_FAILED,
667 "Could not get UID and GID for username \"%s\"",
673 /* Now become a daemon if appropriate */
674 if ((force_fork != FORK_NEVER && context->fork) || force_fork == FORK_ALWAYS)
678 if (context->pidfile)
679 _dbus_string_init_const (&u, context->pidfile);
681 if (!_dbus_become_daemon (context->pidfile ? &u : NULL,
685 _DBUS_ASSERT_ERROR_IS_SET (error);
691 /* Need to write PID file for ourselves, not for the child process */
692 if (context->pidfile != NULL)
696 _dbus_string_init_const (&u, context->pidfile);
698 if (!_dbus_write_pid_file (&u, _dbus_getpid (), error))
700 _DBUS_ASSERT_ERROR_IS_SET (error);
706 /* Write PID if requested */
707 if (print_pid_pipe != NULL && _dbus_pipe_is_valid (print_pid_pipe))
712 if (!_dbus_string_init (&pid))
718 if (!_dbus_string_append_int (&pid, _dbus_getpid ()) ||
719 !_dbus_string_append (&pid, "\n"))
721 _dbus_string_free (&pid);
726 bytes = _dbus_string_get_length (&pid);
727 if (_dbus_pipe_write (print_pid_pipe, &pid, 0, bytes, error) != bytes)
729 /* pipe_write sets error on failure but not short write */
730 if (error != NULL && !dbus_error_is_set (error))
732 dbus_set_error (error, DBUS_ERROR_FAILED,
733 "Printing message bus PID: did not write enough bytes\n");
735 _dbus_string_free (&pid);
739 if (!_dbus_pipe_is_stdout_or_stderr (print_pid_pipe))
740 _dbus_pipe_close (print_pid_pipe, NULL);
742 _dbus_string_free (&pid);
745 if (!process_config_postinit (context, parser, error))
747 _DBUS_ASSERT_ERROR_IS_SET (error);
753 bus_config_parser_unref (parser);
757 /* Here we change our credentials if required,
758 * as soon as we've set up our sockets and pidfile
760 if (context->user != NULL)
762 if (!_dbus_change_to_daemon_user (context->user, error))
764 _DBUS_ASSERT_ERROR_IS_SET (error);
769 if (!bus_selinux_full_init ())
771 _dbus_warn ("SELinux initialization failed\n");
774 dbus_server_free_data_slot (&server_data_slot);
780 bus_config_parser_unref (parser);
782 bus_context_unref (context);
784 if (server_data_slot >= 0)
785 dbus_server_free_data_slot (&server_data_slot);
791 bus_context_get_id (BusContext *context,
794 return _dbus_uuid_encode (&context->uuid, uuid);
798 bus_context_reload_config (BusContext *context,
801 BusConfigParser *parser;
802 DBusString config_file;
805 /* Flush the user database cache */
806 _dbus_flush_caches ();
809 _dbus_string_init_const (&config_file, context->config_file);
810 parser = bus_config_load (&config_file, TRUE, NULL, error);
813 _DBUS_ASSERT_ERROR_IS_SET (error);
817 if (!process_config_every_time (context, parser, TRUE, error))
819 _DBUS_ASSERT_ERROR_IS_SET (error);
822 if (!process_config_postinit (context, parser, error))
824 _DBUS_ASSERT_ERROR_IS_SET (error);
831 bus_config_parser_unref (parser);
836 shutdown_server (BusContext *context,
839 if (server == NULL ||
840 !dbus_server_get_is_connected (server))
843 if (!dbus_server_set_watch_functions (server,
847 _dbus_assert_not_reached ("setting watch functions to NULL failed");
849 if (!dbus_server_set_timeout_functions (server,
853 _dbus_assert_not_reached ("setting timeout functions to NULL failed");
855 dbus_server_disconnect (server);
859 bus_context_shutdown (BusContext *context)
863 link = _dbus_list_get_first_link (&context->servers);
866 shutdown_server (context, link->data);
868 link = _dbus_list_get_next_link (&context->servers, link);
873 bus_context_ref (BusContext *context)
875 _dbus_assert (context->refcount > 0);
876 context->refcount += 1;
882 bus_context_unref (BusContext *context)
884 _dbus_assert (context->refcount > 0);
885 context->refcount -= 1;
887 if (context->refcount == 0)
891 _dbus_verbose ("Finalizing bus context %p\n", context);
893 bus_context_shutdown (context);
895 if (context->connections)
897 bus_connections_unref (context->connections);
898 context->connections = NULL;
901 if (context->registry)
903 bus_registry_unref (context->registry);
904 context->registry = NULL;
907 if (context->activation)
909 bus_activation_unref (context->activation);
910 context->activation = NULL;
913 link = _dbus_list_get_first_link (&context->servers);
916 dbus_server_unref (link->data);
918 link = _dbus_list_get_next_link (&context->servers, link);
920 _dbus_list_clear (&context->servers);
924 bus_policy_unref (context->policy);
925 context->policy = NULL;
930 _dbus_loop_unref (context->loop);
931 context->loop = NULL;
934 if (context->matchmaker)
936 bus_matchmaker_unref (context->matchmaker);
937 context->matchmaker = NULL;
940 dbus_free (context->config_file);
941 dbus_free (context->type);
942 dbus_free (context->address);
943 dbus_free (context->user);
945 if (context->pidfile)
948 _dbus_string_init_const (&u, context->pidfile);
950 /* Deliberately ignore errors here, since there's not much
951 * we can do about it, and we're exiting anyways.
953 _dbus_delete_file (&u, NULL);
955 dbus_free (context->pidfile);
959 dbus_server_free_data_slot (&server_data_slot);
963 /* type may be NULL */
965 bus_context_get_type (BusContext *context)
967 return context->type;
971 bus_context_get_address (BusContext *context)
973 return context->address;
977 bus_context_get_registry (BusContext *context)
979 return context->registry;
983 bus_context_get_connections (BusContext *context)
985 return context->connections;
989 bus_context_get_activation (BusContext *context)
991 return context->activation;
995 bus_context_get_matchmaker (BusContext *context)
997 return context->matchmaker;
1001 bus_context_get_loop (BusContext *context)
1003 return context->loop;
1007 bus_context_allow_unix_user (BusContext *context,
1010 return bus_policy_allow_unix_user (context->policy,
1014 /* For now this is never actually called because the default
1015 * DBusConnection behavior of 'same user that owns the bus can connect'
1016 * is all it would do.
1019 bus_context_allow_windows_user (BusContext *context,
1020 const char *windows_sid)
1022 return bus_policy_allow_windows_user (context->policy,
1027 bus_context_get_policy (BusContext *context)
1029 return context->policy;
1033 bus_context_create_client_policy (BusContext *context,
1034 DBusConnection *connection,
1037 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1038 return bus_policy_create_client_policy (context->policy, connection,
1043 bus_context_get_activation_timeout (BusContext *context)
1046 return context->limits.activation_timeout;
1050 bus_context_get_auth_timeout (BusContext *context)
1052 return context->limits.auth_timeout;
1056 bus_context_get_max_completed_connections (BusContext *context)
1058 return context->limits.max_completed_connections;
1062 bus_context_get_max_incomplete_connections (BusContext *context)
1064 return context->limits.max_incomplete_connections;
1068 bus_context_get_max_connections_per_user (BusContext *context)
1070 return context->limits.max_connections_per_user;
1074 bus_context_get_max_pending_activations (BusContext *context)
1076 return context->limits.max_pending_activations;
1080 bus_context_get_max_services_per_connection (BusContext *context)
1082 return context->limits.max_services_per_connection;
1086 bus_context_get_max_match_rules_per_connection (BusContext *context)
1088 return context->limits.max_match_rules_per_connection;
1092 bus_context_get_max_replies_per_connection (BusContext *context)
1094 return context->limits.max_replies_per_connection;
1098 bus_context_get_reply_timeout (BusContext *context)
1100 return context->limits.reply_timeout;
1104 * addressed_recipient is the recipient specified in the message.
1106 * proposed_recipient is the recipient we're considering sending
1107 * to right this second, and may be an eavesdropper.
1109 * sender is the sender of the message.
1111 * NULL for proposed_recipient or sender definitely means the bus driver.
1113 * NULL for addressed_recipient may mean the bus driver, or may mean
1114 * no destination was specified in the message (e.g. a signal).
1117 bus_context_check_security_policy (BusContext *context,
1118 BusTransaction *transaction,
1119 DBusConnection *sender,
1120 DBusConnection *addressed_recipient,
1121 DBusConnection *proposed_recipient,
1122 DBusMessage *message,
1125 BusClientPolicy *sender_policy;
1126 BusClientPolicy *recipient_policy;
1128 dbus_bool_t requested_reply;
1130 type = dbus_message_get_type (message);
1132 /* dispatch.c was supposed to ensure these invariants */
1133 _dbus_assert (dbus_message_get_destination (message) != NULL ||
1134 type == DBUS_MESSAGE_TYPE_SIGNAL ||
1135 (sender == NULL && !bus_connection_is_active (proposed_recipient)));
1136 _dbus_assert (type == DBUS_MESSAGE_TYPE_SIGNAL ||
1137 addressed_recipient != NULL ||
1138 strcmp (dbus_message_get_destination (message), DBUS_SERVICE_DBUS) == 0);
1142 case DBUS_MESSAGE_TYPE_METHOD_CALL:
1143 case DBUS_MESSAGE_TYPE_SIGNAL:
1144 case DBUS_MESSAGE_TYPE_METHOD_RETURN:
1145 case DBUS_MESSAGE_TYPE_ERROR:
1149 _dbus_verbose ("security check disallowing message of unknown type %d\n",
1152 dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
1153 "Message bus will not accept messages of unknown type\n");
1158 requested_reply = FALSE;
1164 dest = dbus_message_get_destination (message);
1166 /* First verify the SELinux access controls. If allowed then
1167 * go on with the standard checks.
1169 if (!bus_selinux_allows_send (sender, proposed_recipient,
1170 dbus_message_type_to_string (dbus_message_get_type (message)),
1171 dbus_message_get_interface (message),
1172 dbus_message_get_member (message),
1173 dbus_message_get_error_name (message),
1174 dest ? dest : DBUS_SERVICE_DBUS, error))
1177 if (dbus_error_is_set (error) &&
1178 dbus_error_has_name (error, DBUS_ERROR_NO_MEMORY))
1184 dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
1185 "An SELinux policy prevents this sender "
1186 "from sending this message to this recipient "
1187 "(rejected message had interface \"%s\" "
1188 "member \"%s\" error name \"%s\" destination \"%s\")",
1189 dbus_message_get_interface (message) ?
1190 dbus_message_get_interface (message) : "(unset)",
1191 dbus_message_get_member (message) ?
1192 dbus_message_get_member (message) : "(unset)",
1193 dbus_message_get_error_name (message) ?
1194 dbus_message_get_error_name (message) : "(unset)",
1195 dest ? dest : DBUS_SERVICE_DBUS);
1196 _dbus_verbose ("SELinux security check denying send to service\n");
1200 if (bus_connection_is_active (sender))
1202 sender_policy = bus_connection_get_policy (sender);
1203 _dbus_assert (sender_policy != NULL);
1205 /* Fill in requested_reply variable with TRUE if this is a
1206 * reply and the reply was pending.
1208 if (dbus_message_get_reply_serial (message) != 0)
1210 if (proposed_recipient != NULL /* not to the bus driver */ &&
1211 addressed_recipient == proposed_recipient /* not eavesdropping */)
1215 dbus_error_init (&error2);
1216 requested_reply = bus_connections_check_reply (bus_connection_get_connections (sender),
1218 sender, addressed_recipient, message,
1220 if (dbus_error_is_set (&error2))
1222 dbus_move_error (&error2, error);
1230 /* Policy for inactive connections is that they can only send
1231 * the hello message to the bus driver
1233 if (proposed_recipient == NULL &&
1234 dbus_message_is_method_call (message,
1235 DBUS_INTERFACE_DBUS,
1238 _dbus_verbose ("security check allowing %s message\n",
1244 _dbus_verbose ("security check disallowing non-%s message\n",
1247 dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
1248 "Client tried to send a message other than %s without being registered",
1257 sender_policy = NULL;
1259 /* If the sender is the bus driver, we assume any reply was a
1260 * requested reply as bus driver won't send bogus ones
1262 if (addressed_recipient == proposed_recipient /* not eavesdropping */ &&
1263 dbus_message_get_reply_serial (message) != 0)
1264 requested_reply = TRUE;
1267 _dbus_assert ((sender != NULL && sender_policy != NULL) ||
1268 (sender == NULL && sender_policy == NULL));
1270 if (proposed_recipient != NULL)
1272 /* only the bus driver can send to an inactive recipient (as it
1273 * owns no services, so other apps can't address it). Inactive
1274 * recipients can receive any message.
1276 if (bus_connection_is_active (proposed_recipient))
1278 recipient_policy = bus_connection_get_policy (proposed_recipient);
1279 _dbus_assert (recipient_policy != NULL);
1281 else if (sender == NULL)
1283 _dbus_verbose ("security check using NULL recipient policy for message from bus\n");
1284 recipient_policy = NULL;
1288 _dbus_assert_not_reached ("a message was somehow sent to an inactive recipient from a source other than the message bus\n");
1289 recipient_policy = NULL;
1293 recipient_policy = NULL;
1295 _dbus_assert ((proposed_recipient != NULL && recipient_policy != NULL) ||
1296 (proposed_recipient != NULL && sender == NULL && recipient_policy == NULL) ||
1297 (proposed_recipient == NULL && recipient_policy == NULL));
1299 if (sender_policy &&
1300 !bus_client_policy_check_can_send (sender_policy,
1308 dest = dbus_message_get_destination (message);
1309 dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
1310 "A security policy in place prevents this sender "
1311 "from sending this message to this recipient, "
1312 "see message bus configuration file (rejected message "
1313 "had interface \"%s\" member \"%s\" error name \"%s\" destination \"%s\")",
1314 dbus_message_get_interface (message) ?
1315 dbus_message_get_interface (message) : "(unset)",
1316 dbus_message_get_member (message) ?
1317 dbus_message_get_member (message) : "(unset)",
1318 dbus_message_get_error_name (message) ?
1319 dbus_message_get_error_name (message) : "(unset)",
1320 dest ? dest : DBUS_SERVICE_DBUS);
1321 _dbus_verbose ("security policy disallowing message due to sender policy\n");
1325 if (recipient_policy &&
1326 !bus_client_policy_check_can_receive (recipient_policy,
1330 addressed_recipient, proposed_recipient,
1335 dest = dbus_message_get_destination (message);
1336 dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
1337 "A security policy in place prevents this recipient "
1338 "from receiving this message from this sender, "
1339 "see message bus configuration file (rejected message "
1340 "had interface \"%s\" member \"%s\" error name \"%s\" destination \"%s\" reply serial %u requested_reply=%d)",
1341 dbus_message_get_interface (message) ?
1342 dbus_message_get_interface (message) : "(unset)",
1343 dbus_message_get_member (message) ?
1344 dbus_message_get_member (message) : "(unset)",
1345 dbus_message_get_error_name (message) ?
1346 dbus_message_get_error_name (message) : "(unset)",
1347 dest ? dest : DBUS_SERVICE_DBUS,
1348 dbus_message_get_reply_serial (message),
1350 _dbus_verbose ("security policy disallowing message due to recipient policy\n");
1354 /* See if limits on size have been exceeded */
1355 if (proposed_recipient &&
1356 dbus_connection_get_outgoing_size (proposed_recipient) >
1357 context->limits.max_outgoing_bytes)
1361 dest = dbus_message_get_destination (message);
1362 dbus_set_error (error, DBUS_ERROR_LIMITS_EXCEEDED,
1363 "The destination service \"%s\" has a full message queue",
1364 dest ? dest : (proposed_recipient ?
1365 bus_connection_get_name (proposed_recipient) :
1366 DBUS_SERVICE_DBUS));
1367 _dbus_verbose ("security policy disallowing message due to full message queue\n");
1371 /* Record that we will allow a reply here in the future (don't
1372 * bother if the recipient is the bus or this is an eavesdropping
1373 * connection). Only the addressed recipient may reply.
1375 if (type == DBUS_MESSAGE_TYPE_METHOD_CALL &&
1377 addressed_recipient &&
1378 addressed_recipient == proposed_recipient && /* not eavesdropping */
1379 !bus_connections_expect_reply (bus_connection_get_connections (sender),
1381 sender, addressed_recipient,
1384 _dbus_verbose ("Failed to record reply expectation or problem with the message expecting a reply\n");
1388 _dbus_verbose ("security policy allowing message\n");
projects / platform / upstream / dbus.git / blob