diff options
| author | Adrian Szyndela <adrian.s@samsung.com> | 2020-05-20 14:17:33 +0200 |
|---|---|---|
| committer | Adrian Szyndela <adrian.s@samsung.com> | 2020-06-01 11:59:55 +0200 |
| commit | e944c4eb3721bc43f18d475d3bf1b4a9e7bab28c (patch) | |
| tree | f2a4a56fabd7a3f7362a046d4ed2fce05db33160 | |
| parent | 7b39f8de57aba35bdb583e71fc8141dc2bdc19fc (diff) | |
| download | dbus-e944c4eb3721bc43f18d475d3bf1b4a9e7bab28c.tar.gz dbus-e944c4eb3721bc43f18d475d3bf1b4a9e7bab28c.tar.bz2 dbus-e944c4eb3721bc43f18d475d3bf1b4a9e7bab28c.zip | |
bus/policy: reduce number of params in check_ functions
No functional changes, just packed arguments to structs.
Change-Id: I0e5a22a208ba7085727e617c52cd061c39524967
| -rw-r--r-- | bus/policy.c | 136 |
1 files changed, 76 insertions, 60 deletions
diff --git a/bus/policy.c b/bus/policy.c index 1f3cee8d..0ba2732d 100644 --- a/bus/policy.c +++ b/bus/policy.c @@ -866,14 +866,18 @@ bus_policy_rule_to_string (BusPolicyRule *rule, return TRUE; } +struct MatchSendRuleParams { + BusRegistry *registry; + dbus_bool_t requested_reply; + DBusConnection *receiver; + DBusMessage *message; +}; + static dbus_bool_t check_send_rule (const BusPolicyRule *rule, - BusRegistry *registry, - dbus_bool_t requested_reply, - DBusConnection *receiver, - DBusMessage *message, - BusResult *result, - const char **privilege) + const struct MatchSendRuleParams *match_params, + BusResult *result, + const char **privilege) { /* Rule is skipped if it specifies a different * message name from the message, or a different @@ -887,7 +891,7 @@ check_send_rule (const BusPolicyRule *rule, if (rule->d.send.message_type != DBUS_MESSAGE_TYPE_INVALID) { - if (dbus_message_get_type (message) != rule->d.send.message_type) + if (dbus_message_get_type (match_params->message) != rule->d.send.message_type) { _dbus_verbose (" (policy) skipping rule for different message type\n"); return FALSE; @@ -895,13 +899,13 @@ check_send_rule (const BusPolicyRule *rule, } /* If it's a reply, the requested_reply flag kicks in */ - if (dbus_message_get_reply_serial (message) != 0) + if (dbus_message_get_reply_serial (match_params->message) != 0) { /* for allow or check requested_reply=true means the rule applies * only when reply was requested. requested_reply=false means the * rule always applies */ - if (!requested_reply && rule->access != BUS_POLICY_RULE_ACCESS_DENY && rule->d.send.requested_reply && !rule->d.send.eavesdrop) + if (!match_params->requested_reply && rule->access != BUS_POLICY_RULE_ACCESS_DENY && rule->d.send.requested_reply && !rule->d.send.eavesdrop) { _dbus_verbose (" (policy) skipping %s rule since it only applies to requested replies and does not allow eavesdropping\n", rule->access == BUS_POLICY_RULE_ACCESS_ALLOW ? "allow" : "check"); @@ -912,7 +916,7 @@ check_send_rule (const BusPolicyRule *rule, * when the reply was not requested. requested_reply=true means the * rule always applies. */ - if (requested_reply && rule->access == BUS_POLICY_RULE_ACCESS_DENY && !rule->d.send.requested_reply) + if (match_params->requested_reply && rule->access == BUS_POLICY_RULE_ACCESS_DENY && !rule->d.send.requested_reply) { _dbus_verbose (" (policy) skipping deny rule since it only applies to unrequested replies\n"); return FALSE; @@ -921,8 +925,8 @@ check_send_rule (const BusPolicyRule *rule, if (rule->d.send.path != NULL) { - if (dbus_message_get_path (message) != NULL && - strcmp (dbus_message_get_path (message), + if (dbus_message_get_path (match_params->message) != NULL && + strcmp (dbus_message_get_path (match_params->message), rule->d.send.path) != 0) { _dbus_verbose (" (policy) skipping rule for different path\n"); @@ -941,11 +945,11 @@ check_send_rule (const BusPolicyRule *rule, */ dbus_bool_t no_interface; - no_interface = dbus_message_get_interface (message) == NULL; + no_interface = dbus_message_get_interface (match_params->message) == NULL; if ((no_interface && rule->access != BUS_POLICY_RULE_ACCESS_DENY) || (!no_interface && - strcmp (dbus_message_get_interface (message), + strcmp (dbus_message_get_interface (match_params->message), rule->d.send.interface) != 0)) { _dbus_verbose (" (policy) skipping rule for different interface\n"); @@ -955,8 +959,8 @@ check_send_rule (const BusPolicyRule *rule, if (rule->d.send.member != NULL) { - if (dbus_message_get_member (message) != NULL && - strcmp (dbus_message_get_member (message), + if (dbus_message_get_member (match_params->message) != NULL && + strcmp (dbus_message_get_member (match_params->message), rule->d.send.member) != 0) { _dbus_verbose (" (policy) skipping rule for different member\n"); @@ -966,8 +970,8 @@ check_send_rule (const BusPolicyRule *rule, if (rule->d.send.error != NULL) { - if (dbus_message_get_error_name (message) != NULL && - strcmp (dbus_message_get_error_name (message), + if (dbus_message_get_error_name (match_params->message) != NULL && + strcmp (dbus_message_get_error_name (match_params->message), rule->d.send.error) != 0) { _dbus_verbose (" (policy) skipping rule for different error name\n"); @@ -977,8 +981,8 @@ check_send_rule (const BusPolicyRule *rule, if (rule->d.send.broadcast != BUS_POLICY_TRISTATE_ANY) { - if (dbus_message_get_destination (message) == NULL && - dbus_message_get_type (message) == DBUS_MESSAGE_TYPE_SIGNAL) + if (dbus_message_get_destination (match_params->message) == NULL && + dbus_message_get_type (match_params->message) == DBUS_MESSAGE_TYPE_SIGNAL) { /* it's a broadcast */ if (rule->d.send.broadcast == BUS_POLICY_TRISTATE_FALSE) @@ -1009,9 +1013,9 @@ check_send_rule (const BusPolicyRule *rule, * on the assumption that the activated service will have the * requested name and no others. */ - if (receiver == NULL) + if (match_params->receiver == NULL) { - if (!dbus_message_has_destination (message, + if (!dbus_message_has_destination (match_params->message, rule->d.send.destination)) { _dbus_verbose (" (policy) skipping rule because message dest is not %s\n", @@ -1026,7 +1030,7 @@ check_send_rule (const BusPolicyRule *rule, _dbus_string_init_const (&str, rule->d.send.destination); - service = bus_registry_lookup (registry, &str); + service = bus_registry_lookup (match_params->registry, &str); if (service == NULL) { _dbus_verbose (" (policy) skipping rule because dest %s doesn't exist\n", @@ -1034,7 +1038,7 @@ check_send_rule (const BusPolicyRule *rule, return FALSE; } - if (!bus_service_has_owner (service, receiver)) + if (!bus_service_has_owner (service, match_params->receiver)) { _dbus_verbose (" (policy) skipping rule because dest %s isn't owned by receiver\n", rule->d.send.destination); @@ -1045,9 +1049,9 @@ check_send_rule (const BusPolicyRule *rule, else if (rule->d.send.destination_prefix) { /* receiver can be NULL - the same as in !send.destination_prefix */ - if (receiver == NULL) + if (match_params->receiver == NULL) { - const char *destination = dbus_message_get_destination (message); + const char *destination = dbus_message_get_destination (match_params->message); DBusString dest_name; if (destination == NULL) @@ -1069,7 +1073,7 @@ check_send_rule (const BusPolicyRule *rule, } else { - if (!bus_connection_is_service_owner_by_prefix (receiver, + if (!bus_connection_is_service_owner_by_prefix (match_params->receiver, rule->d.send.destination)) { _dbus_verbose (" (policy) skipping rule because no dest with prefix %s is owned by receiver\n", @@ -1083,7 +1087,7 @@ check_send_rule (const BusPolicyRule *rule, if (rule->d.send.min_fds > 0 || rule->d.send.max_fds < DBUS_MAXIMUM_MESSAGE_UNIX_FDS) { - unsigned int n_fds = _dbus_message_get_n_unix_fds (message); + unsigned int n_fds = _dbus_message_get_n_unix_fds (match_params->message); if (n_fds < rule->d.send.min_fds || n_fds > rule->d.send.max_fds) { @@ -1130,6 +1134,12 @@ bus_client_policy_check_can_send (DBusConnection *sender, BusResult result; const char *privilege; BusPolicyRule *matched_rule = NULL; + struct MatchSendRuleParams params; + + params.registry = registry; + params.requested_reply = requested_reply; + params.receiver = receiver; + params.message = message; /* policy->rules is in the order the rules appeared * in the config file, i.e. last rule that applies wins @@ -1146,8 +1156,7 @@ bus_client_policy_check_can_send (DBusConnection *sender, link = _dbus_list_get_next_link (&policy->rules, link); - if (check_send_rule (rule, registry, requested_reply, receiver, message, - &result, &privilege)) + if (check_send_rule (rule, ¶ms, &result, &privilege)) { *log = rule->d.send.log; (*toggles)++; @@ -1184,15 +1193,19 @@ bus_client_policy_check_can_send (DBusConnection *sender, return result; } +struct MatchReceiveRuleParams { + BusRegistry *registry; + dbus_bool_t requested_reply; + DBusConnection *sender; + DBusMessage *message; + dbus_bool_t eavesdropping; +}; + static dbus_bool_t check_receive_rule (const BusPolicyRule *rule, - BusRegistry *registry, - dbus_bool_t requested_reply, - DBusConnection *sender, - DBusMessage *message, - dbus_bool_t eavesdropping, - BusResult *result, - const char **privilege) + const struct MatchReceiveRuleParams *match_params, + BusResult *result, + const char **privilege) { if (rule->type != BUS_POLICY_RULE_RECEIVE) { @@ -1202,7 +1215,7 @@ check_receive_rule (const BusPolicyRule *rule, if (rule->d.receive.message_type != DBUS_MESSAGE_TYPE_INVALID) { - if (dbus_message_get_type (message) != rule->d.receive.message_type) + if (dbus_message_get_type (match_params->message) != rule->d.receive.message_type) { _dbus_verbose (" (policy) skipping rule for different message type\n"); return FALSE; @@ -1213,7 +1226,7 @@ check_receive_rule (const BusPolicyRule *rule, /* for allow or check, eavesdrop=false means the rule doesn't apply when * eavesdropping. eavesdrop=true means the rule always applies */ - if (eavesdropping && rule->access != BUS_POLICY_RULE_ACCESS_DENY && !rule->d.receive.eavesdrop) + if (match_params->eavesdropping && rule->access != BUS_POLICY_RULE_ACCESS_DENY && !rule->d.receive.eavesdrop) { _dbus_verbose (" (policy) skipping %s rule since it doesn't apply to eavesdropping\n", rule->access == BUS_POLICY_RULE_ACCESS_ALLOW ? "allow" : "check"); @@ -1223,20 +1236,20 @@ check_receive_rule (const BusPolicyRule *rule, /* for deny, eavesdrop=true means the rule applies only when * eavesdropping; eavesdrop=false means always deny. */ - if (!eavesdropping && rule->access == BUS_POLICY_RULE_ACCESS_DENY && rule->d.receive.eavesdrop) + if (!match_params->eavesdropping && rule->access == BUS_POLICY_RULE_ACCESS_DENY && rule->d.receive.eavesdrop) { _dbus_verbose (" (policy) skipping deny rule since it only applies to eavesdropping\n"); return FALSE; } /* If it's a reply, the requested_reply flag kicks in */ - if (dbus_message_get_reply_serial (message) != 0) + if (dbus_message_get_reply_serial (match_params->message) != 0) { /* for allow or check requested_reply=true means the rule applies * only when reply was requested. requested_reply=false means the * rule always applies */ - if (!requested_reply && rule->access != BUS_POLICY_RULE_ACCESS_DENY && rule->d.send.requested_reply && !rule->d.send.eavesdrop) + if (!match_params->requested_reply && rule->access != BUS_POLICY_RULE_ACCESS_DENY && rule->d.send.requested_reply && !rule->d.send.eavesdrop) { _dbus_verbose (" (policy) skipping %s rule since it only applies to requested replies and does not allow eavesdropping\n", rule->access == BUS_POLICY_RULE_ACCESS_DENY ? "allow" : "deny"); @@ -1247,7 +1260,7 @@ check_receive_rule (const BusPolicyRule *rule, * when the reply was not requested. requested_reply=true means the * rule always applies. */ - if (requested_reply && rule->access == BUS_POLICY_RULE_ACCESS_DENY && !rule->d.receive.requested_reply) + if (match_params->requested_reply && rule->access == BUS_POLICY_RULE_ACCESS_DENY && !rule->d.receive.requested_reply) { _dbus_verbose (" (policy) skipping deny rule since it only applies to unrequested replies\n"); return FALSE; @@ -1256,8 +1269,8 @@ check_receive_rule (const BusPolicyRule *rule, if (rule->d.receive.path != NULL) { - if (dbus_message_get_path (message) != NULL && - strcmp (dbus_message_get_path (message), + if (dbus_message_get_path (match_params->message) != NULL && + strcmp (dbus_message_get_path (match_params->message), rule->d.receive.path) != 0) { _dbus_verbose (" (policy) skipping rule for different path\n"); @@ -1274,11 +1287,11 @@ check_receive_rule (const BusPolicyRule *rule, */ dbus_bool_t no_interface; - no_interface = dbus_message_get_interface (message) == NULL; + no_interface = dbus_message_get_interface (match_params->message) == NULL; if ((no_interface && rule->access != BUS_POLICY_RULE_ACCESS_DENY) || (!no_interface && - strcmp (dbus_message_get_interface (message), + strcmp (dbus_message_get_interface (match_params->message), rule->d.receive.interface) != 0)) { _dbus_verbose (" (policy) skipping rule for different interface\n"); @@ -1288,8 +1301,8 @@ check_receive_rule (const BusPolicyRule *rule, if (rule->d.receive.member != NULL) { - if (dbus_message_get_member (message) != NULL && - strcmp (dbus_message_get_member (message), + if (dbus_message_get_member (match_params->message) != NULL && + strcmp (dbus_message_get_member (match_params->message), rule->d.receive.member) != 0) { _dbus_verbose (" (policy) skipping rule for different member\n"); @@ -1299,8 +1312,8 @@ check_receive_rule (const BusPolicyRule *rule, if (rule->d.receive.error != NULL) { - if (dbus_message_get_error_name (message) != NULL && - strcmp (dbus_message_get_error_name (message), + if (dbus_message_get_error_name (match_params->message) != NULL && + strcmp (dbus_message_get_error_name (match_params->message), rule->d.receive.error) != 0) { _dbus_verbose (" (policy) skipping rule for different error name\n"); @@ -1315,9 +1328,9 @@ check_receive_rule (const BusPolicyRule *rule, * built-in services don't have a DBusConnection but will * still set the sender on their messages. */ - if (sender == NULL) + if (match_params->sender == NULL) { - if (!dbus_message_has_sender (message, + if (!dbus_message_has_sender (match_params->message, rule->d.receive.origin)) { _dbus_verbose (" (policy) skipping rule because message sender is not %s\n", @@ -1332,7 +1345,7 @@ check_receive_rule (const BusPolicyRule *rule, _dbus_string_init_const (&str, rule->d.receive.origin); - service = bus_registry_lookup (registry, &str); + service = bus_registry_lookup (match_params->registry, &str); if (service == NULL) { @@ -1341,7 +1354,7 @@ check_receive_rule (const BusPolicyRule *rule, return FALSE; } - if (!bus_service_has_owner (service, sender)) + if (!bus_service_has_owner (service, match_params->sender)) { _dbus_verbose (" (policy) skipping rule because origin %s isn't owned by sender\n", rule->d.receive.origin); @@ -1353,7 +1366,7 @@ check_receive_rule (const BusPolicyRule *rule, if (rule->d.receive.min_fds > 0 || rule->d.receive.max_fds < DBUS_MAXIMUM_MESSAGE_UNIX_FDS) { - unsigned int n_fds = _dbus_message_get_n_unix_fds (message); + unsigned int n_fds = _dbus_message_get_n_unix_fds (match_params->message); if (n_fds < rule->d.receive.min_fds || n_fds > rule->d.receive.max_fds) { @@ -1400,14 +1413,18 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, char **out_rule) { DBusList *link; - dbus_bool_t eavesdropping; BusResult result; const char *privilege; BusPolicyRule *matched_rule = NULL; + struct MatchReceiveRuleParams params; - eavesdropping = + params.eavesdropping = addressed_recipient != proposed_recipient && dbus_message_get_destination (message) != NULL; + params.registry = registry; + params.requested_reply = requested_reply; + params.sender = sender; + params.message = message; /* policy->rules is in the order the rules appeared * in the config file, i.e. last rule that applies wins @@ -1424,8 +1441,7 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, link = _dbus_list_get_next_link (&policy->rules, link); - if (check_receive_rule (rule, registry, requested_reply, sender, - message, eavesdropping, &result, &privilege)) + if (check_receive_rule (rule, ¶ms, &result, &privilege)) { (*toggles)++; matched_rule = (BusPolicyRule *)rule; |