kdbus: check policy after opening, before Hello

This moves checking access policy to the point after
the kdbus file descriptor is open, just before "Hello" is performed.
Now, it reflects standard process a bit more.

The standard process is:
- open fd (e.g. socket);
- check authentication, if needed and possible;
- connect to the bus (say hello).

In kdbus, we have only:
- open kdbus fd;
- connect to the bus (ioctl KDBUS_CMD_HELLO).
Calling libdbuspolicy for authentication fits between the two.

Additionally, and most importantly, this is required to share
the connection between gio and libdbuspolicy in the future.

Change-Id: Iee49b36e482a099d061dff4a8ba1826c2a53bb9a

diff --git a/gio/gdbusconnection.c b/gio/gdbusconnection.c
index 29e8c10..56ea38e 100755 (executable)
--- a/gio/gdbusconnection.c
+++ b/gio/gdbusconnection.c
@@ -3303,6 +3303,10 @@ initable_init (GInitable     *initable,
   /* Skip authentication process for kdbus transport */
   if (connection->kdbus_worker)
     {
+      if (!_g_kdbus_can_connect (connection->kdbus_worker,
+                                 &connection->initialization_error))
+        goto out;
+
       /* kdbus connection always supports exchanging UNIX file descriptors with the remote peer */
       connection->capabilities |= G_DBUS_CAPABILITY_FLAGS_UNIX_FD_PASSING;
       goto authenticated;

diff --git a/gio/gkdbus.c b/gio/gkdbus.c
index 872f091..22426cd 100755 (executable)
--- a/gio/gkdbus.c
+++ b/gio/gkdbus.c
@@ -145,6 +145,7 @@ struct _GKDBusWorker
 {
   GObject            parent_instance;
 
+  const gchar       *address;
   gint               fd;
 
   GMainContext      *context;
@@ -558,26 +559,14 @@ _g_kdbus_open (GKDBusWorker  *worker,
   g_return_val_if_fail (G_IS_KDBUS_WORKER (worker), FALSE);
   g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
 
-#ifdef LIBDBUSPOLICY
-  worker->dbuspolicy = dbuspolicy1_init (address);
-  if (worker->dbuspolicy == NULL)
-    {
-      g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED, _("Cannot load dbus policy for kdbus transport or access to bus denied by security policy"));
-      return FALSE;
-    }
-#endif
-
   worker->fd = g_open(address, O_RDWR|O_NOCTTY|O_CLOEXEC, 0);
   if (worker->fd<0)
     {
-#ifdef LIBDBUSPOLICY
-      dbuspolicy1_free (worker->dbuspolicy);
-      worker->dbuspolicy = NULL;
-#endif
       g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED, _("Cannot open kdbus endpoint"));
       return FALSE;
     }
 
+  worker->address = g_strdup(address);
   worker->closed = FALSE;
   return TRUE;
 }
@@ -589,6 +578,21 @@ _g_kdbus_quit_loop (gpointer loop)
   return FALSE;
 }
 
+gboolean
+_g_kdbus_can_connect (GKDBusWorker *worker,
+                      GError       **error)
+{
+#ifdef LIBDBUSPOLICY
+  worker->dbuspolicy = dbuspolicy1_init (worker->address);
+  if (worker->dbuspolicy == NULL)
+    {
+      g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED, _("Cannot load dbus policy for kdbus transport or access to bus denied by security policy"));
+      return FALSE;
+    }
+#endif
+  return TRUE;
+}
+
 /*
  * _g_kdbus_close
  */
@@ -611,6 +615,8 @@ _g_kdbus_close (GKDBusWorker *worker)
 
   worker->thread = NULL;
 
+  g_free (worker->address);
+
   close (worker->fd);
   worker->fd = -1;
 

diff --git a/gio/gkdbus.h b/gio/gkdbus.h
index 34e4410..a245f92 100644 (file)
--- a/gio/gkdbus.h
+++ b/gio/gkdbus.h
@@ -108,6 +108,9 @@ gboolean              _g_kdbus_open                          (GKDBusWorker
                                                               const gchar         *address,
                                                               GError             **error);
 
+gboolean              _g_kdbus_can_connect                   (GKDBusWorker        *worker,
+                                                              GError             **error);
+
 gboolean              _g_kdbus_close                         (GKDBusWorker        *worker);
 
 gboolean              _g_kdbus_is_closed                     (GKDBusWorker        *worker);