+2003-04-15 Havoc Pennington <hp@pobox.com>
+
+ * bus/bus.c: create and keep around a shared DBusUserDatabase
+ object.
+
+ * bus/connection.c (bus_connection_get_groups): don't cache
+ groups for user in the connection object, since user database
+ object now does that.
+
2003-04-16 Havoc Pennington <hp@redhat.com>
* dbus/dbus-message.c (_dbus_message_add_size_counter): keep a
BusActivation *activation;
BusRegistry *registry;
BusPolicy *policy;
+ DBusUserDatabase *user_database;
int activation_timeout; /**< How long to wait for an activation to time out */
int auth_timeout; /**< How long to wait for an authentication to time out */
int max_completed_connections; /**< Max number of authorized connections */
* DOS all the other users.
*/
context->max_completed_connections = 1024;
+
+ context->user_database = _dbus_user_database_new ();
+ if (context->user_database == NULL)
+ {
+ BUS_SET_OOM (error);
+ goto failed;
+ }
context->loop = _dbus_loop_new ();
if (context->loop == NULL)
dbus_free (context->pidfile);
}
+ _dbus_user_database_unref (context->user_database);
+
dbus_free (context);
server_data_slot_unref ();
return context->loop;
}
+DBusUserDatabase*
+bus_context_get_user_database (BusContext *context)
+{
+ return context->user_database;
+}
+
dbus_bool_t
bus_context_allow_user (BusContext *context,
unsigned long uid)
{
- return bus_policy_allow_user (context->policy, uid);
+ return bus_policy_allow_user (context->policy,
+ context->user_database,
+ uid);
}
BusClientPolicy*
#include <dbus/dbus.h>
#include <dbus/dbus-string.h>
#include <dbus/dbus-mainloop.h>
+#include <dbus/dbus-userdb.h>
typedef struct BusActivation BusActivation;
typedef struct BusConnections BusConnections;
typedef struct BusService BusService;
typedef struct BusTransaction BusTransaction;
-BusContext* bus_context_new (const DBusString *config_file,
- int print_addr_fd,
- DBusError *error);
-void bus_context_shutdown (BusContext *context);
-void bus_context_ref (BusContext *context);
-void bus_context_unref (BusContext *context);
-const char* bus_context_get_type (BusContext *context);
-const char* bus_context_get_address (BusContext *context);
-BusRegistry* bus_context_get_registry (BusContext *context);
-BusConnections* bus_context_get_connections (BusContext *context);
-BusActivation* bus_context_get_activation (BusContext *context);
-DBusLoop* bus_context_get_loop (BusContext *context);
-dbus_bool_t bus_context_allow_user (BusContext *context,
- unsigned long uid);
-BusClientPolicy* bus_context_create_client_policy (BusContext *context,
- DBusConnection *connection);
-int bus_context_get_activation_timeout (BusContext *context);
-dbus_bool_t bus_context_check_security_policy (BusContext *context,
- DBusConnection *sender,
- DBusConnection *recipient,
- DBusMessage *message,
- DBusError *error);
+BusContext* bus_context_new (const DBusString *config_file,
+ int print_addr_fd,
+ DBusError *error);
+void bus_context_shutdown (BusContext *context);
+void bus_context_ref (BusContext *context);
+void bus_context_unref (BusContext *context);
+const char* bus_context_get_type (BusContext *context);
+const char* bus_context_get_address (BusContext *context);
+BusRegistry* bus_context_get_registry (BusContext *context);
+BusConnections* bus_context_get_connections (BusContext *context);
+BusActivation* bus_context_get_activation (BusContext *context);
+DBusLoop* bus_context_get_loop (BusContext *context);
+DBusUserDatabase* bus_context_get_user_database (BusContext *context);
+dbus_bool_t bus_context_allow_user (BusContext *context,
+ unsigned long uid);
+BusClientPolicy* bus_context_create_client_policy (BusContext *context,
+ DBusConnection *connection);
+int bus_context_get_activation_timeout (BusContext *context);
+dbus_bool_t bus_context_check_security_policy (BusContext *context,
+ DBusConnection *sender,
+ DBusConnection *recipient,
+ DBusMessage *message,
+ DBusError *error);
#endif /* BUS_BUS_H */
DBusList *transaction_messages; /**< Stuff we need to send as part of a transaction */
DBusMessage *oom_message;
DBusPreallocatedSend *oom_preallocated;
- unsigned long *group_ids;
- int n_group_ids;
BusClientPolicy *policy;
} BusConnectionData;
if (d->policy)
bus_client_policy_unref (d->policy);
- dbus_free (d->group_ids);
-
dbus_free (d->name);
dbus_free (d);
}
retval = FALSE;
-
- d->n_group_ids = 0;
- d->group_ids = NULL;
if (!dbus_connection_set_watch_functions (connection,
add_connection_watch,
}
dbus_bool_t
-bus_connection_get_groups (DBusConnection *connection,
- const unsigned long **groups,
- int *n_groups)
+bus_connection_get_groups (DBusConnection *connection,
+ unsigned long **groups,
+ int *n_groups)
{
BusConnectionData *d;
-
+ unsigned long uid;
+ DBusUserDatabase *user_database;
+
d = BUS_CONNECTION_DATA (connection);
_dbus_assert (d != NULL);
+ user_database = bus_context_get_user_database (d->connections->context);
+
*groups = NULL;
*n_groups = 0;
- /* we do a lazy lookup on groups a user is in for two reasons:
- * 1) we can't do it on connection setup since the user
- * hasn't authenticated and 2) it might be expensive
- * and we don't need to do it if there are no group-based
- * rules in the config file
- */
-
- if (d->n_group_ids == 0)
+ if (dbus_connection_get_unix_user (connection, &uid))
{
- unsigned long uid;
-
- if (dbus_connection_get_unix_user (connection, &uid))
+ if (!_dbus_user_database_get_groups (user_database,
+ uid, groups, n_groups,
+ NULL))
{
- if (!_dbus_get_groups (uid, &d->group_ids, &d->n_group_ids, NULL))
- {
- _dbus_verbose ("Did not get any groups for UID %lu\n",
- uid);
- return FALSE;
- }
+ _dbus_verbose ("Did not get any groups for UID %lu\n",
+ uid);
+ return FALSE;
+ }
+ else
+ {
+ _dbus_verbose ("Got %d groups for UID %lu\n",
+ *n_groups, uid);
+ return TRUE;
}
}
-
- *groups = d->group_ids;
- *n_groups = d->n_group_ids;
-
- return TRUE;
+ else
+ return TRUE; /* successfully got 0 groups */
}
dbus_bool_t
unsigned long gid)
{
int i;
- const unsigned long *group_ids;
+ unsigned long *group_ids;
int n_group_ids;
if (!bus_connection_get_groups (connection, &group_ids, &n_group_ids))
while (i < n_group_ids)
{
if (group_ids[i] == gid)
- return TRUE;
+ {
+ dbus_free (group_ids);
+ return TRUE;
+ }
++i;
}
+ dbus_free (group_ids);
return FALSE;
}
dbus_bool_t bus_connection_is_in_group (DBusConnection *connection,
unsigned long gid);
dbus_bool_t bus_connection_get_groups (DBusConnection *connection,
- const unsigned long **groups,
+ unsigned long **groups,
int *n_groups);
BusClientPolicy* bus_connection_get_policy (DBusConnection *connection);
*/
if (_dbus_hash_table_get_n_entries (policy->rules_by_gid) > 0)
{
- const unsigned long *groups;
+ unsigned long *groups;
int n_groups;
int i;
if (list != NULL)
{
if (!add_list_to_client (list, client))
- goto failed;
+ {
+ dbus_free (groups);
+ goto failed;
+ }
}
++i;
}
+
+ dbus_free (groups);
}
if (!dbus_connection_get_unix_user (connection, &uid))
}
dbus_bool_t
-bus_policy_allow_user (BusPolicy *policy,
- unsigned long uid)
+bus_policy_allow_user (BusPolicy *policy,
+ DBusUserDatabase *user_database,
+ unsigned long uid)
{
dbus_bool_t allowed;
unsigned long *group_ids;
int n_group_ids;
/* On OOM or error we always reject the user */
- if (!_dbus_get_groups (uid, &group_ids, &n_group_ids, NULL))
+ if (!_dbus_user_database_get_groups (user_database,
+ uid, &group_ids, &n_group_ids, NULL))
{
_dbus_verbose ("Did not get any groups for UID %lu\n",
uid);
void bus_policy_rule_unref (BusPolicyRule *rule);
BusPolicy* bus_policy_new (void);
-void bus_policy_ref (BusPolicy *policy);
-void bus_policy_unref (BusPolicy *policy);
-BusClientPolicy* bus_policy_create_client_policy (BusPolicy *policy,
- DBusConnection *connection);
-dbus_bool_t bus_policy_allow_user (BusPolicy *policy,
- unsigned long uid);
-dbus_bool_t bus_policy_append_default_rule (BusPolicy *policy,
- BusPolicyRule *rule);
-dbus_bool_t bus_policy_append_mandatory_rule (BusPolicy *policy,
- BusPolicyRule *rule);
-dbus_bool_t bus_policy_append_user_rule (BusPolicy *policy,
- dbus_uid_t uid,
- BusPolicyRule *rule);
-dbus_bool_t bus_policy_append_group_rule (BusPolicy *policy,
- dbus_gid_t gid,
- BusPolicyRule *rule);
+void bus_policy_ref (BusPolicy *policy);
+void bus_policy_unref (BusPolicy *policy);
+BusClientPolicy* bus_policy_create_client_policy (BusPolicy *policy,
+ DBusConnection *connection);
+dbus_bool_t bus_policy_allow_user (BusPolicy *policy,
+ DBusUserDatabase *user_database,
+ unsigned long uid);
+dbus_bool_t bus_policy_append_default_rule (BusPolicy *policy,
+ BusPolicyRule *rule);
+dbus_bool_t bus_policy_append_mandatory_rule (BusPolicy *policy,
+ BusPolicyRule *rule);
+dbus_bool_t bus_policy_append_user_rule (BusPolicy *policy,
+ dbus_uid_t uid,
+ BusPolicyRule *rule);
+dbus_bool_t bus_policy_append_group_rule (BusPolicy *policy,
+ dbus_gid_t gid,
+ BusPolicyRule *rule);
+
BusClientPolicy* bus_client_policy_new (void);
void bus_client_policy_ref (BusClientPolicy *policy);
projects / platform / upstream / dbus.git / commitdiff