Merge "kdbus: policy: add more detailed errors descriptions" into tizen

author: INSUN PYO <insun.pyo@samsung.com> 2016-08-16 00:57:32 -0700
committer: Gerrit Code Review <gerrit@review.vlan103.tizen.org> 2016-08-16 00:57:32 -0700
commit: e7357f2e5d143b3d6fe49c83158f6559cdd15ccf (patch)
tree: 6e4c036941702db3a952e3bdeab2cef3cd9b1928
parent: 52f6de04b3388c4a67e3e9289bfc5dc7d65c80aa (diff)
parent: 5b651b4a233a60765db5da60b2311b129817529c (diff)
download: dbus-e7357f2e5d143b3d6fe49c83158f6559cdd15ccf.tar.gz
dbus-e7357f2e5d143b3d6fe49c83158f6559cdd15ccf.tar.bz2
dbus-e7357f2e5d143b3d6fe49c83158f6559cdd15ccf.zip
1 files changed, 58 insertions, 27 deletions
diff --git a/dbus/dbus-transport-kdbus.c b/dbus/dbus-transport-kdbus.c
index 72e3a181..126e932c 100644
--- a/dbus/dbus-transport-kdbus.c
+++ b/dbus/dbus-transport-kdbus.c
@@ -646,15 +646,13 @@ debug_str (const char *msg, const DBusString *str)
 }
 #endif
 
-static dbus_bool_t
+static int
 can_send (DBusTransportKdbus *transport,
           DBusMessage        *message)
 {
-  dbus_bool_t result = TRUE;
+  int ret = DBUSPOLICY_RESULT_ALLOW;
 
 #ifdef LIBDBUSPOLICY
-  {
-    int ret = 1;
     if (NULL != transport->policy)
       {
         dbus_uint32_t reply_serial = dbus_message_get_reply_serial (message);
@@ -674,11 +672,9 @@ can_send (DBusTransportKdbus *transport,
                                        reply_serial,
                                        !dbus_message_get_no_reply (message));
       }
-    result = (1 == ret);
-  }
 #endif
 
-  return result;
+  return ret;
 }
 
 /* function prototypes */
@@ -901,34 +897,69 @@ kdbus_write_msg_internal (DBusTransportKdbus  *transport,
       setup_bloom_filter_for_message (message, transport->kdbus, filter);
     }
 
-  if (check_privileges && !can_send (transport, message))
+  if (check_privileges)
     {
-      DBusMessage *reply;
+      int check;
 
-      reply = reply_with_error (DBUS_ERROR_ACCESS_DENIED,
-                                NULL,
-                                "Cannot send message - message rejected "
-                                "due to security policies",
-                                message);
-      if (reply == NULL)
-        {
-          ret_size = -1;
-        }
-      else
+      check = can_send (transport, message);
+
+      if (check != DBUSPOLICY_RESULT_ALLOW)
         {
-          if (check_sync_reply)
+          DBusMessage *reply;
+
+          switch (check)
             {
-              *sync_reply = reply;
+              case DBUSPOLICY_RESULT_DENY:
+                reply = reply_with_error (DBUS_ERROR_ACCESS_DENIED, NULL,
+                                          "Cannot send message - message rejected due to XML security policies",
+                                          message);
+              break;
+
+              case DBUSPOLICY_RESULT_DEST_NOT_AVAILABLE:
+                reply = reply_with_error (DBUS_ERROR_SERVICE_UNKNOWN, NULL,
+                                          "Cannot send message - destination not known",
+                                          message);
+              break;
+
+              case DBUSPOLICY_RESULT_KDBUS_ERROR:
+                reply = reply_with_error (DBUS_ERROR_ACCESS_DENIED, NULL,
+                                          "Cannot send message - message rejected due to internal libdbuspolicy error (kdbus)",
+                                          message);
+              break;
+
+              case DBUSPOLICY_RESULT_CYNARA_ERROR:
+                reply = reply_with_error (DBUS_ERROR_ACCESS_DENIED, NULL,
+                                          "Cannot send message - message rejected due to internal libdbuspolicy error (Cynara)",
+                                          message);
+              break;
+
+              default:
+                reply = reply_with_error (DBUS_ERROR_ACCESS_DENIED, NULL,
+                                          "Cannot send message - unknown libdbuspolicy error",
+                                          message);
+              break;
+            }
+
+          if (reply == NULL)
+            {
+              ret_size = -1;
             }
           else
             {
-              /* puts locally generated reply into received messages queue */
-              if (!add_message_to_received (reply, transport->base.connection))
-                ret_size = -1;
+              if (check_sync_reply)
+                {
+                  *sync_reply = reply;
+                }
+              else
+                {
+                  /* puts locally generated reply into received messages queue */
+                  if (!add_message_to_received (reply, transport->base.connection))
+                    ret_size = -1;
+                }
             }
-        }
-      goto out;
-    }
+          goto out;
+        } /* ret != DBUSPOLICY_RESULT_ALLOW */
+    } /* check_privileges */
 
   if (send_message (transport,
                     msg,
author	INSUN PYO <insun.pyo@samsung.com>	2016-08-16 00:57:32 -0700
committer	Gerrit Code Review <gerrit@review.vlan103.tizen.org>	2016-08-16 00:57:32 -0700
commit	e7357f2e5d143b3d6fe49c83158f6559cdd15ccf (patch)
tree	6e4c036941702db3a952e3bdeab2cef3cd9b1928
parent	52f6de04b3388c4a67e3e9289bfc5dc7d65c80aa (diff)
parent	5b651b4a233a60765db5da60b2311b129817529c (diff)
download	dbus-e7357f2e5d143b3d6fe49c83158f6559cdd15ccf.tar.gz dbus-e7357f2e5d143b3d6fe49c83158f6559cdd15ccf.tar.bz2 dbus-e7357f2e5d143b3d6fe49c83158f6559cdd15ccf.zip