if (streq_ptr(name, c->data[PROP_HOSTNAME]))
return sd_bus_reply_method_return(m, NULL);
- r = bus_verify_polkit_async(bus, &c->polkit_registry, m, CAP_SYS_ADMIN, "org.freedesktop.hostname1.set-hostname", interactive, error, method_set_hostname, c);
+ r = bus_verify_polkit_async(m, CAP_SYS_ADMIN, "org.freedesktop.hostname1.set-hostname", interactive, &c->polkit_registry, error);
if (r < 0)
return r;
if (r == 0)
if (streq_ptr(name, c->data[PROP_STATIC_HOSTNAME]))
return sd_bus_reply_method_return(m, NULL);
- r = bus_verify_polkit_async(bus, &c->polkit_registry, m, CAP_SYS_ADMIN, "org.freedesktop.hostname1.set-static-hostname", interactive, error, method_set_static_hostname, c);
+ r = bus_verify_polkit_async(m, CAP_SYS_ADMIN, "org.freedesktop.hostname1.set-static-hostname", interactive, &c->polkit_registry, error);
if (r < 0)
return r;
if (r == 0)
* same time as the static one, use the same policy action for
* both... */
- r = bus_verify_polkit_async(bus, &c->polkit_registry, m, CAP_SYS_ADMIN,
+ r = bus_verify_polkit_async(m, CAP_SYS_ADMIN,
prop == PROP_PRETTY_HOSTNAME ?
"org.freedesktop.hostname1.set-static-hostname" :
- "org.freedesktop.hostname1.set-machine-info", interactive, error, cb, c);
+ "org.freedesktop.hostname1.set-machine-info", interactive, &c->polkit_registry, error);
if (r < 0)
return r;
if (r == 0)
}
int bus_verify_polkit(
- sd_bus *bus,
- sd_bus_message *m,
+ sd_bus_message *call,
int capability,
const char *action,
bool interactive,
int r;
- assert(bus);
- assert(m);
+ assert(call);
assert(action);
- r = sd_bus_query_sender_privilege(m, capability);
+ r = sd_bus_query_sender_privilege(call, capability);
if (r < 0)
return r;
- if (r > 0)
+ else if (r > 0)
return 1;
-
#ifdef ENABLE_POLKIT
else {
_cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
int authorized = false, challenge = false;
const char *sender;
- sender = sd_bus_message_get_sender(m);
+ sender = sd_bus_message_get_sender(call);
if (!sender)
return -EBADMSG;
r = sd_bus_call_method(
- bus,
+ call->bus,
"org.freedesktop.PolicyKit1",
"/org/freedesktop/PolicyKit1/Authority",
"org.freedesktop.PolicyKit1.Authority",
#endif
int bus_verify_polkit_async(
- sd_bus *bus,
- Hashmap **registry,
- sd_bus_message *m,
+ sd_bus_message *call,
int capability,
const char *action,
bool interactive,
- sd_bus_error *error,
- sd_bus_message_handler_t callback,
- void *userdata) {
+ Hashmap **registry,
+ sd_bus_error *error) {
#ifdef ENABLE_POLKIT
_cleanup_bus_message_unref_ sd_bus_message *pk = NULL;
+ _cleanup_bus_slot_unref_ sd_bus_slot *slot = NULL;
AsyncPolkitQuery *q;
const char *sender;
+ sd_bus_message_handler_t callback;
+ void *userdata;
#endif
int r;
- assert(bus);
- assert(registry);
- assert(m);
+ assert(call);
assert(action);
+ assert(registry);
#ifdef ENABLE_POLKIT
- q = hashmap_get(*registry, m);
+ q = hashmap_get(*registry, call);
if (q) {
int authorized, challenge;
}
#endif
- r = sd_bus_query_sender_privilege(m, capability);
+ r = sd_bus_query_sender_privilege(call, capability);
if (r < 0)
return r;
- if (r > 0)
+ else if (r > 0)
return 1;
#ifdef ENABLE_POLKIT
- sender = sd_bus_message_get_sender(m);
+ if (sd_bus_get_current_message(call->bus) != call)
+ return -EINVAL;
+
+ callback = sd_bus_get_current_handler(call->bus);
+ if (!callback)
+ return -EINVAL;
+
+ userdata = sd_bus_get_current_userdata(call->bus);
+
+ sender = sd_bus_message_get_sender(call);
if (!sender)
return -EBADMSG;
return r;
r = sd_bus_message_new_method_call(
- bus,
+ call->bus,
&pk,
"org.freedesktop.PolicyKit1",
"/org/freedesktop/PolicyKit1/Authority",
if (!q)
return -ENOMEM;
- q->request = sd_bus_message_ref(m);
+ q->request = sd_bus_message_ref(call);
q->callback = callback;
q->userdata = userdata;
- r = hashmap_put(*registry, m, q);
+ r = hashmap_put(*registry, call, q);
if (r < 0) {
async_polkit_query_free(q);
return r;
q->registry = *registry;
- r = sd_bus_call_async(bus, &q->slot, pk, async_polkit_callback, q, 0);
+ r = sd_bus_call_async(call->bus, &q->slot, pk, async_polkit_callback, q, 0);
if (r < 0) {
async_polkit_query_free(q);
return r;
int bus_check_peercred(sd_bus *c);
-int bus_verify_polkit(sd_bus *bus, sd_bus_message *m, int capability, const char *action, bool interactive, bool *_challenge, sd_bus_error *e);
+int bus_verify_polkit(sd_bus_message *call, int capability, const char *action, bool interactive, bool *_challenge, sd_bus_error *e);
-int bus_verify_polkit_async(sd_bus *bus, Hashmap **registry, sd_bus_message *m, int capability, const char *action, bool interactive, sd_bus_error *error, sd_bus_message_handler_t callback, void *userdata);
+int bus_verify_polkit_async(sd_bus_message *call, int capability, const char *action, bool interactive, Hashmap **registry, sd_bus_error *error);
void bus_verify_polkit_async_registry_free(Hashmap *registry);
int bus_open_system_systemd(sd_bus **_bus);
}
if (modified) {
- r = bus_verify_polkit_async(bus, &c->polkit_registry, m, CAP_SYS_ADMIN,
- "org.freedesktop.locale1.set-locale", interactive,
- error, method_set_locale, c);
+ r = bus_verify_polkit_async(m, CAP_SYS_ADMIN, "org.freedesktop.locale1.set-locale", interactive, &c->polkit_registry, error);
if (r < 0)
return r;
if (r == 0)
(keymap_toggle && (!filename_is_safe(keymap_toggle) || !string_is_safe(keymap_toggle))))
return sd_bus_error_set_errnof(error, -EINVAL, "Received invalid keymap data");
- r = bus_verify_polkit_async(bus, &c->polkit_registry, m, CAP_SYS_ADMIN,
- "org.freedesktop.locale1.set-keyboard",
- interactive, error, method_set_vc_keyboard, c);
+ r = bus_verify_polkit_async(m, CAP_SYS_ADMIN, "org.freedesktop.locale1.set-keyboard", interactive, &c->polkit_registry, error);
if (r < 0)
return r;
if (r == 0)
(options && !string_is_safe(options)))
return sd_bus_error_set_errnof(error, -EINVAL, "Received invalid keyboard data");
- r = bus_verify_polkit_async(bus, &c->polkit_registry, m, CAP_SYS_ADMIN,
- "org.freedesktop.locale1.set-keyboard",
- interactive, error, method_set_x11_keyboard, c);
+ r = bus_verify_polkit_async(m, CAP_SYS_ADMIN, "org.freedesktop.locale1.set-keyboard", interactive, &c->polkit_registry, error);
if (r < 0)
return r;
if (r == 0)
if (!pw)
return errno ? -errno : -ENOENT;
- r = bus_verify_polkit_async(bus,
- &m->polkit_registry,
- message,
- CAP_SYS_ADMIN,
- "org.freedesktop.login1.set-user-linger",
- interactive,
- error,
- method_set_user_linger, m);
+ r = bus_verify_polkit_async(
+ message,
+ CAP_SYS_ADMIN,
+ "org.freedesktop.login1.set-user-linger",
+ interactive,
+ &m->polkit_registry,
+ error);
if (r < 0)
return r;
if (r == 0)
if (!seat_name_is_valid(seat))
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Seat %s is not valid", seat);
- r = bus_verify_polkit_async(bus,
- &m->polkit_registry,
- message,
- CAP_SYS_ADMIN,
- "org.freedesktop.login1.attach-device",
- interactive,
- error,
- method_attach_device, m);
+ r = bus_verify_polkit_async(
+ message,
+ CAP_SYS_ADMIN,
+ "org.freedesktop.login1.attach-device",
+ interactive,
+ &m->polkit_registry,
+ error);
if (r < 0)
return r;
if (r == 0)
if (r < 0)
return r;
- r = bus_verify_polkit_async(bus,
- &m->polkit_registry,
- message,
- CAP_SYS_ADMIN,
- "org.freedesktop.login1.flush-devices",
- interactive,
- error,
- method_flush_devices, m);
+ r = bus_verify_polkit_async(
+ message,
+ CAP_SYS_ADMIN,
+ "org.freedesktop.login1.flush-devices",
+ interactive,
+ &m->polkit_registry,
+ error);
if (r < 0)
return r;
if (r == 0)
blocked = manager_is_inhibited(m, w, INHIBIT_BLOCK, NULL, false, true, uid, NULL);
if (multiple_sessions) {
- r = bus_verify_polkit_async(m->bus, &m->polkit_registry, message, CAP_SYS_BOOT,
- action_multiple_sessions, interactive, error, method, m);
+ r = bus_verify_polkit_async(message, CAP_SYS_BOOT, action_multiple_sessions, interactive, &m->polkit_registry, error);
if (r < 0)
return r;
if (r == 0)
}
if (blocked) {
- r = bus_verify_polkit_async(m->bus, &m->polkit_registry, message, CAP_SYS_BOOT,
- action_ignore_inhibit, interactive, error, method, m);
+ r = bus_verify_polkit_async(message, CAP_SYS_BOOT, action_ignore_inhibit, interactive, &m->polkit_registry, error);
if (r < 0)
return r;
if (r == 0)
}
if (!multiple_sessions && !blocked) {
- r = bus_verify_polkit_async(m->bus, &m->polkit_registry, message, CAP_SYS_BOOT,
- action, interactive, error, method, m);
+ r = bus_verify_polkit_async(message, CAP_SYS_BOOT, action, interactive, &m->polkit_registry, error);
if (r < 0)
return r;
if (r == 0)
blocked = manager_is_inhibited(m, w, INHIBIT_BLOCK, NULL, false, true, uid, NULL);
if (multiple_sessions) {
- r = bus_verify_polkit(m->bus, message, CAP_SYS_BOOT, action_multiple_sessions, false, &challenge, error);
+ r = bus_verify_polkit(message, CAP_SYS_BOOT, action_multiple_sessions, false, &challenge, error);
if (r < 0)
return r;
}
if (blocked) {
- r = bus_verify_polkit(m->bus, message, CAP_SYS_BOOT, action_ignore_inhibit, false, &challenge, error);
+ r = bus_verify_polkit(message, CAP_SYS_BOOT, action_ignore_inhibit, false, &challenge, error);
if (r < 0)
return r;
/* If neither inhibit nor multiple sessions
* apply then just check the normal policy */
- r = bus_verify_polkit(m->bus, message, CAP_SYS_BOOT, action, false, &challenge, error);
+ r = bus_verify_polkit(message, CAP_SYS_BOOT, action, false, &challenge, error);
if (r < 0)
return r;
if (m->action_what & w)
return sd_bus_error_setf(error, BUS_ERROR_OPERATION_IN_PROGRESS, "The operation inhibition has been requested for is already running");
- r = bus_verify_polkit_async(bus, &m->polkit_registry, message, CAP_SYS_BOOT,
+ r = bus_verify_polkit_async(message, CAP_SYS_BOOT,
w == INHIBIT_SHUTDOWN ? (mm == INHIBIT_BLOCK ? "org.freedesktop.login1.inhibit-block-shutdown" : "org.freedesktop.login1.inhibit-delay-shutdown") :
w == INHIBIT_SLEEP ? (mm == INHIBIT_BLOCK ? "org.freedesktop.login1.inhibit-block-sleep" : "org.freedesktop.login1.inhibit-delay-sleep") :
w == INHIBIT_IDLE ? "org.freedesktop.login1.inhibit-block-idle" :
w == INHIBIT_HANDLE_SUSPEND_KEY ? "org.freedesktop.login1.inhibit-handle-suspend-key" :
w == INHIBIT_HANDLE_HIBERNATE_KEY ? "org.freedesktop.login1.inhibit-handle-hibernate-key" :
"org.freedesktop.login1.inhibit-handle-lid-switch",
- false, error, method_inhibit, m);
+ false, &m->polkit_registry, error);
if (r < 0)
return r;
if (r == 0)
if (streq_ptr(z, c->zone))
return sd_bus_reply_method_return(m, NULL);
- r = bus_verify_polkit_async(bus, &c->polkit_registry, m, CAP_SYS_TIME, "org.freedesktop.timedate1.set-timezone", interactive, error, method_set_timezone, c);
+ r = bus_verify_polkit_async(m, CAP_SYS_TIME, "org.freedesktop.timedate1.set-timezone", interactive, &c->polkit_registry, error);
if (r < 0)
return r;
if (r == 0)
if (lrtc == c->local_rtc)
return sd_bus_reply_method_return(m, NULL);
- r = bus_verify_polkit_async(bus, &c->polkit_registry, m, CAP_SYS_TIME, "org.freedesktop.timedate1.set-local-rtc", interactive, error, method_set_local_rtc, c);
+ r = bus_verify_polkit_async(m, CAP_SYS_TIME, "org.freedesktop.timedate1.set-local-rtc", interactive, &c->polkit_registry, error);
if (r < 0)
return r;
if (r == 0)
} else
timespec_store(&ts, (usec_t) utc);
- r = bus_verify_polkit_async(bus, &c->polkit_registry, m, CAP_SYS_TIME, "org.freedesktop.timedate1.set-time", interactive, error, method_set_time, c);
+ r = bus_verify_polkit_async(m, CAP_SYS_TIME, "org.freedesktop.timedate1.set-time", interactive, &c->polkit_registry, error);
if (r < 0)
return r;
if (r == 0)
if ((bool)ntp == c->use_ntp)
return sd_bus_reply_method_return(m, NULL);
- r = bus_verify_polkit_async(bus, &c->polkit_registry, m, CAP_SYS_TIME, "org.freedesktop.timedate1.set-ntp", interactive, error, method_set_ntp, c);
+ r = bus_verify_polkit_async(m, CAP_SYS_TIME, "org.freedesktop.timedate1.set-ntp", interactive, &c->polkit_registry, error);
if (r < 0)
return r;
if (r == 0)