retrieve label on every cynara check

Change-Id: I5e6fb0f44589ebb295af1db43b8aa5f1838d3c72
(cherry picked from commit fe403b9aa7ad1ff7e56327af2d88477b26094746)

diff --git a/src/internal/cynara.cpp b/src/internal/cynara.cpp
index 8be1c11..02cb574 100644 (file)
--- a/src/internal/cynara.cpp
+++ b/src/internal/cynara.cpp
@@ -1,9 +1,11 @@
-#include "cynara.hpp"
-#include "libdbuspolicy1-private.hpp"
+#include <fcntl.h>
 #include <sys/types.h>
 #include <unistd.h>
 #include <stdexcept>
 #include <cstdlib>
+#include "cynara.hpp"
+#include "internal.h"
+#include "libdbuspolicy1-private.hpp"
 
 using namespace ldp_cynara;
 
@@ -22,12 +24,33 @@ bool Cynara::init() {
 static pthread_mutex_t __mutex = PTHREAD_MUTEX_INITIALIZER;
 static Cynara c;
 
+#ifdef LIBDBUSPOLICY_TESTS_API
+extern char label_override[4096];
+extern bool have_label_override;
+#endif
+
 CynaraResult Cynara::check(const char* label, const char* privilege, const char* uid) {
        const char* _label = "";
        const char* _uid = "";
        const char* _privilege = "";
        CynaraResult ret;
-       if (label)
+       char buf[4096];
+#ifdef LIBDBUSPOLICY_TESTS_API
+       if (have_label_override) _label = label_override; else
+#endif
+       if (SELF_LABEL == label) {
+               int attr_fd = open("/proc/self/attr/current", O_RDONLY);
+               if (attr_fd < 0)
+                       return CynaraResult::ERROR_CHECK;
+               int r = read(attr_fd, buf, sizeof(buf)-1);
+               close(attr_fd);
+               if (r < 0)
+                       return CynaraResult::ERROR_CHECK;
+               if (r) {
+                       buf[r] = 0;
+                       _label = buf;
+               }
+       } else if (label)
                _label = label;
        if (privilege)
                _privilege = privilege;

diff --git a/src/internal/internal.h b/src/internal/internal.h
index 787b380..be72bfa 100644 (file)
--- a/src/internal/internal.h
+++ b/src/internal/internal.h
@@ -31,6 +31,7 @@ extern "C" {
 #endif
 
 #define KDBUS_CONN_MAX_NAMES 256
+#define SELF_LABEL ((void*)-1)
 
 /** Initializes policies from given policy configuration file name
  * \param[in] bus_type Bus type (system/session)

diff --git a/src/libdbuspolicy1.c b/src/libdbuspolicy1.c
index d1de0ca..b37b1ac 100644 (file)
--- a/src/libdbuspolicy1.c
+++ b/src/libdbuspolicy1.c
@@ -75,7 +75,6 @@ struct kconn {
 struct udesc {
        dbus_uid_t uid;
        dbus_gid_t gid;
-       char label[256];
 } g_udesc;
 
 static int kdbus_open_bus(const char *path)
@@ -141,22 +140,8 @@ static uint64_t kdbus_unique_id(char const *name)
 
 static bool dbuspolicy_init_once(void)
 {
-       char buf[1024];
-       int attr_fd;
-       int r;
-
-       attr_fd = open("/proc/self/attr/current", O_RDONLY);
-       if (attr_fd < 0)
-               return -1;
-       r = read(attr_fd, buf, sizeof(buf));
-       close(attr_fd);
-
-       if (r < 0 || r >= (long int)sizeof(g_udesc.label)) /* read */
-               return true;
-
        g_udesc.uid = getuid();
        g_udesc.gid = getgid();
-       snprintf(g_udesc.label, r + 1 /* additional byte for \0 */, "%s", buf);
 
        __internal_init_once();
 
@@ -267,12 +252,17 @@ DBUSPOLICY1_EXPORT void dbuspolicy1_free(void* configuration)
 }
 
 #ifdef LIBDBUSPOLICY_TESTS_API
+char label_override[4096];
+bool have_label_override;
 DBUSPOLICY1_EXPORT void __dbuspolicy1_change_creds(void* configuration, uid_t uid, gid_t gid,const char* label) {
        (void)configuration;
        g_udesc.uid = uid;
        g_udesc.gid = gid;
-       if (label)
-               strcpy (g_udesc.label, label);
+       if (label) {
+               strncpy(label_override, label, sizeof(label_override));
+               label_override[sizeof(label_override)-1] = 0;
+               have_label_override = 1;
+       }
 }
 #endif
 
@@ -372,10 +362,10 @@ DBUSPOLICY1_EXPORT int dbuspolicy1_check_out(void* configuration,
        }
 
        if (empty_names)
-               r = __internal_can_send(bus_type, g_udesc.uid, g_udesc.gid, g_udesc.label, destination, path, interface, member, message_type);
+               r = __internal_can_send(bus_type, g_udesc.uid, g_udesc.gid, SELF_LABEL, destination, path, interface, member, message_type);
        else {
                k_names[k_i++] = NULL;
-        r = __internal_can_send_multi_dest(bus_type, g_udesc.uid, g_udesc.gid, g_udesc.label, k_names, path, interface, member, message_type);
+        r = __internal_can_send_multi_dest(bus_type, g_udesc.uid, g_udesc.gid, SELF_LABEL, k_names, path, interface, member, message_type);
        }
        if (r <= 0)
                goto end;
@@ -419,7 +409,7 @@ DBUSPOLICY1_EXPORT int dbuspolicy1_check_in(void* configuration,
                goto end;
 
        if (message_type != DBUSPOLICY_MESSAGE_TYPE_SIGNAL) {
-               r = __internal_can_recv(bus_type, g_udesc.uid, g_udesc.gid, g_udesc.label, sender, path, interface, member, message_type);
+               r = __internal_can_recv(bus_type, g_udesc.uid, g_udesc.gid, SELF_LABEL, sender, path, interface, member, message_type);
                if (r <= 0)
                        goto end;
        }
@@ -433,7 +423,7 @@ DBUSPOLICY1_EXPORT int dbuspolicy1_can_own(void* configuration, const char* cons
        int r;
        bool bus_type = configuration_bus_type(configuration);
        __internal_enter();
-       r = __internal_can_own(bus_type, g_udesc.uid, g_udesc.gid, g_udesc.label, service);
+       r = __internal_can_own(bus_type, g_udesc.uid, g_udesc.gid, SELF_LABEL, service);
        __internal_exit();
        return r;
 }