bus.c revision 44656f538f69e8f8709ddb6ab285db29f65f62dd
1/* -*- mode: C; c-file-style: "gnu" -*- */ 2/* bus.c message bus context object 3 * 4 * Copyright (C) 2003, 2004 Red Hat, Inc. 5 * 6 * Licensed under the Academic Free License version 2.1 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License as published by 10 * the Free Software Foundation; either version 2 of the License, or 11 * (at your option) any later version. 12 * 13 * This program is distributed in the hope that it will be useful, 14 * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 * GNU General Public License for more details. 17 * 18 * You should have received a copy of the GNU General Public License 19 * along with this program; if not, write to the Free Software 20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 21 * 22 */ 23 24#include "bus.h" 25#include "activation.h" 26#include "connection.h" 27#include "services.h" 28#include "utils.h" 29#include "policy.h" 30#include "config-parser.h" 31#include "signals.h" 32#include "selinux.h" 33#include <dbus/dbus-list.h> 34#include <dbus/dbus-hash.h> 35#include <dbus/dbus-internals.h> 36 37struct BusContext 38{ 39 int refcount; 40 char *config_file; 41 char *type; 42 char *address; 43 char *pidfile; 44 char *user; 45 DBusLoop *loop; 46 DBusList *servers; 47 BusConnections *connections; 48 BusActivation *activation; 49 BusRegistry *registry; 50 BusPolicy *policy; 51 BusMatchmaker *matchmaker; 52 DBusUserDatabase *user_database; 53 BusLimits limits; 54 unsigned int fork : 1; 55}; 56 57static dbus_int32_t server_data_slot = -1; 58 59typedef struct 60{ 61 BusContext *context; 62} BusServerData; 63 64#define BUS_SERVER_DATA(server) (dbus_server_get_data ((server), server_data_slot)) 65 66static BusContext* 67server_get_context (DBusServer *server) 68{ 69 BusContext *context; 70 BusServerData *bd; 71 72 if (!dbus_server_allocate_data_slot (&server_data_slot)) 73 return NULL; 74 75 bd = BUS_SERVER_DATA (server); 76 if (bd == NULL) 77 { 78 dbus_server_free_data_slot (&server_data_slot); 79 return NULL; 80 } 81 82 context = bd->context; 83 84 dbus_server_free_data_slot (&server_data_slot); 85 86 return context; 87} 88 89static dbus_bool_t 90server_watch_callback (DBusWatch *watch, 91 unsigned int condition, 92 void *data) 93{ 94 /* FIXME this can be done in dbus-mainloop.c 95 * if the code in activation.c for the babysitter 96 * watch handler is fixed. 97 */ 98 99 return dbus_watch_handle (watch, condition); 100} 101 102static dbus_bool_t 103add_server_watch (DBusWatch *watch, 104 void *data) 105{ 106 DBusServer *server = data; 107 BusContext *context; 108 109 context = server_get_context (server); 110 111 return _dbus_loop_add_watch (context->loop, 112 watch, server_watch_callback, server, 113 NULL); 114} 115 116static void 117remove_server_watch (DBusWatch *watch, 118 void *data) 119{ 120 DBusServer *server = data; 121 BusContext *context; 122 123 context = server_get_context (server); 124 125 _dbus_loop_remove_watch (context->loop, 126 watch, server_watch_callback, server); 127} 128 129 130static void 131server_timeout_callback (DBusTimeout *timeout, 132 void *data) 133{ 134 /* can return FALSE on OOM but we just let it fire again later */ 135 dbus_timeout_handle (timeout); 136} 137 138static dbus_bool_t 139add_server_timeout (DBusTimeout *timeout, 140 void *data) 141{ 142 DBusServer *server = data; 143 BusContext *context; 144 145 context = server_get_context (server); 146 147 return _dbus_loop_add_timeout (context->loop, 148 timeout, server_timeout_callback, server, NULL); 149} 150 151static void 152remove_server_timeout (DBusTimeout *timeout, 153 void *data) 154{ 155 DBusServer *server = data; 156 BusContext *context; 157 158 context = server_get_context (server); 159 160 _dbus_loop_remove_timeout (context->loop, 161 timeout, server_timeout_callback, server); 162} 163 164static void 165new_connection_callback (DBusServer *server, 166 DBusConnection *new_connection, 167 void *data) 168{ 169 BusContext *context = data; 170 171 if (!bus_connections_setup_connection (context->connections, new_connection)) 172 { 173 _dbus_verbose ("No memory to setup new connection\n"); 174 175 /* if we don't do this, it will get unref'd without 176 * being disconnected... kind of strange really 177 * that we have to do this, people won't get it right 178 * in general. 179 */ 180 dbus_connection_disconnect (new_connection); 181 } 182 183 dbus_connection_set_max_received_size (new_connection, 184 context->limits.max_incoming_bytes); 185 186 dbus_connection_set_max_message_size (new_connection, 187 context->limits.max_message_size); 188 189 /* on OOM, we won't have ref'd the connection so it will die. */ 190} 191 192static void 193free_server_data (void *data) 194{ 195 BusServerData *bd = data; 196 197 dbus_free (bd); 198} 199 200static dbus_bool_t 201setup_server (BusContext *context, 202 DBusServer *server, 203 char **auth_mechanisms, 204 DBusError *error) 205{ 206 BusServerData *bd; 207 208 bd = dbus_new0 (BusServerData, 1); 209 if (!dbus_server_set_data (server, 210 server_data_slot, 211 bd, free_server_data)) 212 { 213 dbus_free (bd); 214 BUS_SET_OOM (error); 215 return FALSE; 216 } 217 218 bd->context = context; 219 220 if (!dbus_server_set_auth_mechanisms (server, (const char**) auth_mechanisms)) 221 { 222 BUS_SET_OOM (error); 223 return FALSE; 224 } 225 226 dbus_server_set_new_connection_function (server, 227 new_connection_callback, 228 context, NULL); 229 230 if (!dbus_server_set_watch_functions (server, 231 add_server_watch, 232 remove_server_watch, 233 NULL, 234 server, 235 NULL)) 236 { 237 BUS_SET_OOM (error); 238 return FALSE; 239 } 240 241 if (!dbus_server_set_timeout_functions (server, 242 add_server_timeout, 243 remove_server_timeout, 244 NULL, 245 server, NULL)) 246 { 247 BUS_SET_OOM (error); 248 return FALSE; 249 } 250 251 return TRUE; 252} 253 254/* This code only gets executed the first time the 255 config files are parsed. It is not executed 256 when config files are reloaded.*/ 257static dbus_bool_t 258process_config_first_time_only (BusContext *context, 259 BusConfigParser *parser, 260 DBusError *error) 261{ 262 DBusList *link; 263 DBusList **addresses; 264 const char *user, *pidfile; 265 char **auth_mechanisms; 266 DBusList **auth_mechanisms_list; 267 int len; 268 dbus_bool_t retval; 269 270 _DBUS_ASSERT_ERROR_IS_CLEAR (error); 271 272 retval = FALSE; 273 auth_mechanisms = NULL; 274 275 /* Check for an existing pid file. Of course this is a race; 276 * we'd have to use fcntl() locks on the pid file to 277 * avoid that. But we want to check for the pid file 278 * before overwriting any existing sockets, etc. 279 */ 280 pidfile = bus_config_parser_get_pidfile (parser); 281 if (pidfile != NULL) 282 { 283 DBusString u; 284 DBusStat stbuf; 285 286 _dbus_string_init_const (&u, pidfile); 287 288 if (_dbus_stat (&u, &stbuf, NULL)) 289 { 290 dbus_set_error (error, DBUS_ERROR_FAILED, 291 "The pid file \"%s\" exists, if the message bus is not running, remove this file", 292 pidfile); 293 goto failed; 294 } 295 } 296 297 /* keep around the pid filename so we can delete it later */ 298 context->pidfile = _dbus_strdup (pidfile); 299 300 /* Build an array of auth mechanisms */ 301 302 auth_mechanisms_list = bus_config_parser_get_mechanisms (parser); 303 len = _dbus_list_get_length (auth_mechanisms_list); 304 305 if (len > 0) 306 { 307 int i; 308 309 auth_mechanisms = dbus_new0 (char*, len + 1); 310 if (auth_mechanisms == NULL) 311 { 312 BUS_SET_OOM (error); 313 goto failed; 314 } 315 316 i = 0; 317 link = _dbus_list_get_first_link (auth_mechanisms_list); 318 while (link != NULL) 319 { 320 auth_mechanisms[i] = _dbus_strdup (link->data); 321 if (auth_mechanisms[i] == NULL) 322 { 323 BUS_SET_OOM (error); 324 goto failed; 325 } 326 link = _dbus_list_get_next_link (auth_mechanisms_list, link); 327 } 328 } 329 else 330 { 331 auth_mechanisms = NULL; 332 } 333 334 /* Listen on our addresses */ 335 336 addresses = bus_config_parser_get_addresses (parser); 337 338 link = _dbus_list_get_first_link (addresses); 339 while (link != NULL) 340 { 341 DBusServer *server; 342 343 server = dbus_server_listen (link->data, error); 344 if (server == NULL) 345 { 346 _DBUS_ASSERT_ERROR_IS_SET (error); 347 goto failed; 348 } 349 else if (!setup_server (context, server, auth_mechanisms, error)) 350 { 351 _DBUS_ASSERT_ERROR_IS_SET (error); 352 goto failed; 353 } 354 355 if (!_dbus_list_append (&context->servers, server)) 356 { 357 BUS_SET_OOM (error); 358 goto failed; 359 } 360 361 link = _dbus_list_get_next_link (addresses, link); 362 } 363 364 /* note that type may be NULL */ 365 context->type = _dbus_strdup (bus_config_parser_get_type (parser)); 366 if (bus_config_parser_get_type (parser) != NULL && context->type == NULL) 367 { 368 BUS_SET_OOM (error); 369 goto failed; 370 } 371 372 user = bus_config_parser_get_user (parser); 373 if (user != NULL) 374 { 375 context->user = _dbus_strdup (user); 376 if (context->user == NULL) 377 { 378 BUS_SET_OOM (error); 379 goto failed; 380 } 381 } 382 383 context->fork = bus_config_parser_get_fork (parser); 384 385 _DBUS_ASSERT_ERROR_IS_CLEAR (error); 386 retval = TRUE; 387 388 failed: 389 dbus_free_string_array (auth_mechanisms); 390 return retval; 391} 392 393/* This code gets executed every time the config files 394 are parsed: both during BusContext construction 395 and on reloads. */ 396static dbus_bool_t 397process_config_every_time (BusContext *context, 398 BusConfigParser *parser, 399 dbus_bool_t is_reload, 400 DBusError *error) 401{ 402 DBusString full_address; 403 DBusList *link; 404 405 dbus_bool_t retval; 406 407 _DBUS_ASSERT_ERROR_IS_CLEAR (error); 408 409 retval = FALSE; 410 411 if (!_dbus_string_init (&full_address)) 412 { 413 BUS_SET_OOM (error); 414 return FALSE; 415 } 416 417 /* get our limits and timeout lengths */ 418 bus_config_parser_get_limits (parser, &context->limits); 419 420 context->policy = bus_config_parser_steal_policy (parser); 421 _dbus_assert (context->policy != NULL); 422 423 /* We have to build the address backward, so that 424 * <listen> later in the config file have priority 425 */ 426 link = _dbus_list_get_last_link (&context->servers); 427 while (link != NULL) 428 { 429 char *addr; 430 431 addr = dbus_server_get_address (link->data); 432 if (addr == NULL) 433 { 434 BUS_SET_OOM (error); 435 goto failed; 436 } 437 438 if (_dbus_string_get_length (&full_address) > 0) 439 { 440 if (!_dbus_string_append (&full_address, ";")) 441 { 442 BUS_SET_OOM (error); 443 goto failed; 444 } 445 } 446 447 if (!_dbus_string_append (&full_address, addr)) 448 { 449 BUS_SET_OOM (error); 450 goto failed; 451 } 452 453 dbus_free (addr); 454 455 link = _dbus_list_get_prev_link (&context->servers, link); 456 } 457 458 if (is_reload) 459 dbus_free (context->address); 460 461 if (!_dbus_string_copy_data (&full_address, &context->address)) 462 { 463 BUS_SET_OOM (error); 464 goto failed; 465 } 466 467 /* Create activation subsystem */ 468 469 if (is_reload) 470 bus_activation_unref (context->activation); 471 472 context->activation = bus_activation_new (context, &full_address, 473 bus_config_parser_get_service_dirs (parser), 474 error); 475 if (context->activation == NULL) 476 { 477 _DBUS_ASSERT_ERROR_IS_SET (error); 478 goto failed; 479 } 480 481 _DBUS_ASSERT_ERROR_IS_CLEAR (error); 482 retval = TRUE; 483 484 failed: 485 _dbus_string_free (&full_address); 486 return retval; 487} 488 489static dbus_bool_t 490process_config_postinit (BusContext *context, 491 BusConfigParser *parser, 492 DBusError *error) 493{ 494 DBusHashTable *service_context_table; 495 496 service_context_table = bus_config_parser_steal_service_context_table (parser); 497 if (!bus_registry_set_service_context_table (context->registry, 498 service_context_table)) 499 { 500 BUS_SET_OOM (error); 501 return FALSE; 502 } 503 504 _dbus_hash_table_unref (service_context_table); 505 return TRUE; 506} 507 508BusContext* 509bus_context_new (const DBusString *config_file, 510 ForceForkSetting force_fork, 511 int print_addr_fd, 512 int print_pid_fd, 513 DBusError *error) 514{ 515 BusContext *context; 516 BusConfigParser *parser; 517 518 _DBUS_ASSERT_ERROR_IS_CLEAR (error); 519 520 context = NULL; 521 parser = NULL; 522 523 if (!dbus_server_allocate_data_slot (&server_data_slot)) 524 { 525 BUS_SET_OOM (error); 526 return NULL; 527 } 528 529 context = dbus_new0 (BusContext, 1); 530 if (context == NULL) 531 { 532 BUS_SET_OOM (error); 533 goto failed; 534 } 535 context->refcount = 1; 536 537 if (!_dbus_string_copy_data (config_file, &context->config_file)) 538 { 539 BUS_SET_OOM (error); 540 goto failed; 541 } 542 543 context->loop = _dbus_loop_new (); 544 if (context->loop == NULL) 545 { 546 BUS_SET_OOM (error); 547 goto failed; 548 } 549 550 context->registry = bus_registry_new (context); 551 if (context->registry == NULL) 552 { 553 BUS_SET_OOM (error); 554 goto failed; 555 } 556 557 parser = bus_config_load (config_file, TRUE, NULL, error); 558 if (parser == NULL) 559 { 560 _DBUS_ASSERT_ERROR_IS_SET (error); 561 goto failed; 562 } 563 564 if (!process_config_first_time_only (context, parser, error)) 565 { 566 _DBUS_ASSERT_ERROR_IS_SET (error); 567 goto failed; 568 } 569 if (!process_config_every_time (context, parser, FALSE, error)) 570 { 571 _DBUS_ASSERT_ERROR_IS_SET (error); 572 goto failed; 573 } 574 575 /* we need another ref of the server data slot for the context 576 * to own 577 */ 578 if (!dbus_server_allocate_data_slot (&server_data_slot)) 579 _dbus_assert_not_reached ("second ref of server data slot failed"); 580 581 context->user_database = _dbus_user_database_new (); 582 if (context->user_database == NULL) 583 { 584 BUS_SET_OOM (error); 585 goto failed; 586 } 587 588 /* Note that we don't know whether the print_addr_fd is 589 * one of the sockets we're using to listen on, or some 590 * other random thing. But I think the answer is "don't do 591 * that then" 592 */ 593 if (print_addr_fd >= 0) 594 { 595 DBusString addr; 596 const char *a = bus_context_get_address (context); 597 int bytes; 598 599 _dbus_assert (a != NULL); 600 if (!_dbus_string_init (&addr)) 601 { 602 BUS_SET_OOM (error); 603 goto failed; 604 } 605 606 if (!_dbus_string_append (&addr, a) || 607 !_dbus_string_append (&addr, "\n")) 608 { 609 _dbus_string_free (&addr); 610 BUS_SET_OOM (error); 611 goto failed; 612 } 613 614 bytes = _dbus_string_get_length (&addr); 615 if (_dbus_write (print_addr_fd, &addr, 0, bytes) != bytes) 616 { 617 dbus_set_error (error, DBUS_ERROR_FAILED, 618 "Printing message bus address: %s\n", 619 _dbus_strerror (errno)); 620 _dbus_string_free (&addr); 621 goto failed; 622 } 623 624 if (print_addr_fd > 2) 625 _dbus_close (print_addr_fd, NULL); 626 627 _dbus_string_free (&addr); 628 } 629 630 context->connections = bus_connections_new (context); 631 if (context->connections == NULL) 632 { 633 BUS_SET_OOM (error); 634 goto failed; 635 } 636 637 context->matchmaker = bus_matchmaker_new (); 638 if (context->matchmaker == NULL) 639 { 640 BUS_SET_OOM (error); 641 goto failed; 642 } 643 644 /* Now become a daemon if appropriate */ 645 if ((force_fork != FORK_NEVER && context->fork) || force_fork == FORK_ALWAYS) 646 { 647 DBusString u; 648 649 if (context->pidfile) 650 _dbus_string_init_const (&u, context->pidfile); 651 652 if (!_dbus_become_daemon (context->pidfile ? &u : NULL, 653 print_pid_fd, 654 error)) 655 { 656 _DBUS_ASSERT_ERROR_IS_SET (error); 657 goto failed; 658 } 659 } 660 else 661 { 662 /* Need to write PID file for ourselves, not for the child process */ 663 if (context->pidfile != NULL) 664 { 665 DBusString u; 666 667 _dbus_string_init_const (&u, context->pidfile); 668 669 if (!_dbus_write_pid_file (&u, _dbus_getpid (), error)) 670 { 671 _DBUS_ASSERT_ERROR_IS_SET (error); 672 goto failed; 673 } 674 } 675 } 676 677 /* Write PID if requested */ 678 if (print_pid_fd >= 0) 679 { 680 DBusString pid; 681 int bytes; 682 683 if (!_dbus_string_init (&pid)) 684 { 685 BUS_SET_OOM (error); 686 goto failed; 687 } 688 689 if (!_dbus_string_append_int (&pid, _dbus_getpid ()) || 690 !_dbus_string_append (&pid, "\n")) 691 { 692 _dbus_string_free (&pid); 693 BUS_SET_OOM (error); 694 goto failed; 695 } 696 697 bytes = _dbus_string_get_length (&pid); 698 if (_dbus_write (print_pid_fd, &pid, 0, bytes) != bytes) 699 { 700 dbus_set_error (error, DBUS_ERROR_FAILED, 701 "Printing message bus PID: %s\n", 702 _dbus_strerror (errno)); 703 _dbus_string_free (&pid); 704 goto failed; 705 } 706 707 if (print_pid_fd > 2) 708 _dbus_close (print_pid_fd, NULL); 709 710 _dbus_string_free (&pid); 711 } 712 713 if (!bus_selinux_full_init ()) 714 { 715 _dbus_warn ("SELinux initialization failed\n"); 716 } 717 718 if (!process_config_postinit (context, parser, error)) 719 { 720 _DBUS_ASSERT_ERROR_IS_SET (error); 721 goto failed; 722 } 723 if (parser != NULL) 724 bus_config_parser_unref (parser); 725 726 /* Here we change our credentials if required, 727 * as soon as we've set up our sockets and pidfile 728 */ 729 if (context->user != NULL) 730 { 731 DBusCredentials creds; 732 DBusString u; 733 734 _dbus_string_init_const (&u, context->user); 735 736 if (!_dbus_credentials_from_username (&u, &creds) || 737 creds.uid < 0 || 738 creds.gid < 0) 739 { 740 dbus_set_error (error, DBUS_ERROR_FAILED, 741 "Could not get UID and GID for username \"%s\"", 742 context->user); 743 goto failed; 744 } 745 746 if (!_dbus_change_identity (creds.uid, creds.gid, error)) 747 { 748 _DBUS_ASSERT_ERROR_IS_SET (error); 749 goto failed; 750 } 751 } 752 753 dbus_server_free_data_slot (&server_data_slot); 754 755 return context; 756 757 failed: 758 if (parser != NULL) 759 bus_config_parser_unref (parser); 760 if (context != NULL) 761 bus_context_unref (context); 762 763 if (server_data_slot >= 0) 764 dbus_server_free_data_slot (&server_data_slot); 765 766 return NULL; 767} 768 769dbus_bool_t 770bus_context_reload_config (BusContext *context, 771 DBusError *error) 772{ 773 BusConfigParser *parser; 774 DBusString config_file; 775 dbus_bool_t ret; 776 777 ret = FALSE; 778 _dbus_string_init_const (&config_file, context->config_file); 779 parser = bus_config_load (&config_file, TRUE, NULL, error); 780 if (parser == NULL) 781 { 782 _DBUS_ASSERT_ERROR_IS_SET (error); 783 goto failed; 784 } 785 786 if (!process_config_every_time (context, parser, TRUE, error)) 787 { 788 _DBUS_ASSERT_ERROR_IS_SET (error); 789 goto failed; 790 } 791 if (!process_config_postinit (context, parser, error)) 792 { 793 _DBUS_ASSERT_ERROR_IS_SET (error); 794 goto failed; 795 } 796 ret = TRUE; 797 798 failed: 799 if (parser != NULL) 800 bus_config_parser_unref (parser); 801 return ret; 802} 803 804static void 805shutdown_server (BusContext *context, 806 DBusServer *server) 807{ 808 if (server == NULL || 809 !dbus_server_get_is_connected (server)) 810 return; 811 812 if (!dbus_server_set_watch_functions (server, 813 NULL, NULL, NULL, 814 context, 815 NULL)) 816 _dbus_assert_not_reached ("setting watch functions to NULL failed"); 817 818 if (!dbus_server_set_timeout_functions (server, 819 NULL, NULL, NULL, 820 context, 821 NULL)) 822 _dbus_assert_not_reached ("setting timeout functions to NULL failed"); 823 824 dbus_server_disconnect (server); 825} 826 827void 828bus_context_shutdown (BusContext *context) 829{ 830 DBusList *link; 831 832 link = _dbus_list_get_first_link (&context->servers); 833 while (link != NULL) 834 { 835 shutdown_server (context, link->data); 836 837 link = _dbus_list_get_next_link (&context->servers, link); 838 } 839} 840 841BusContext * 842bus_context_ref (BusContext *context) 843{ 844 _dbus_assert (context->refcount > 0); 845 context->refcount += 1; 846 847 return context; 848} 849 850void 851bus_context_unref (BusContext *context) 852{ 853 _dbus_assert (context->refcount > 0); 854 context->refcount -= 1; 855 856 if (context->refcount == 0) 857 { 858 DBusList *link; 859 860 _dbus_verbose ("Finalizing bus context %p\n", context); 861 862 bus_context_shutdown (context); 863 864 if (context->connections) 865 { 866 bus_connections_unref (context->connections); 867 context->connections = NULL; 868 } 869 870 if (context->registry) 871 { 872 bus_registry_unref (context->registry); 873 context->registry = NULL; 874 } 875 876 if (context->activation) 877 { 878 bus_activation_unref (context->activation); 879 context->activation = NULL; 880 } 881 882 link = _dbus_list_get_first_link (&context->servers); 883 while (link != NULL) 884 { 885 dbus_server_unref (link->data); 886 887 link = _dbus_list_get_next_link (&context->servers, link); 888 } 889 _dbus_list_clear (&context->servers); 890 891 if (context->policy) 892 { 893 bus_policy_unref (context->policy); 894 context->policy = NULL; 895 } 896 897 if (context->loop) 898 { 899 _dbus_loop_unref (context->loop); 900 context->loop = NULL; 901 } 902 903 if (context->matchmaker) 904 { 905 bus_matchmaker_unref (context->matchmaker); 906 context->matchmaker = NULL; 907 } 908 909 dbus_free (context->config_file); 910 dbus_free (context->type); 911 dbus_free (context->address); 912 dbus_free (context->user); 913 914 if (context->pidfile) 915 { 916 DBusString u; 917 _dbus_string_init_const (&u, context->pidfile); 918 919 /* Deliberately ignore errors here, since there's not much 920 * we can do about it, and we're exiting anyways. 921 */ 922 _dbus_delete_file (&u, NULL); 923 924 dbus_free (context->pidfile); 925 } 926 927 if (context->user_database != NULL) 928 _dbus_user_database_unref (context->user_database); 929 930 dbus_free (context); 931 932 dbus_server_free_data_slot (&server_data_slot); 933 } 934} 935 936/* type may be NULL */ 937const char* 938bus_context_get_type (BusContext *context) 939{ 940 return context->type; 941} 942 943const char* 944bus_context_get_address (BusContext *context) 945{ 946 return context->address; 947} 948 949BusRegistry* 950bus_context_get_registry (BusContext *context) 951{ 952 return context->registry; 953} 954 955BusConnections* 956bus_context_get_connections (BusContext *context) 957{ 958 return context->connections; 959} 960 961BusActivation* 962bus_context_get_activation (BusContext *context) 963{ 964 return context->activation; 965} 966 967BusMatchmaker* 968bus_context_get_matchmaker (BusContext *context) 969{ 970 return context->matchmaker; 971} 972 973DBusLoop* 974bus_context_get_loop (BusContext *context) 975{ 976 return context->loop; 977} 978 979DBusUserDatabase* 980bus_context_get_user_database (BusContext *context) 981{ 982 return context->user_database; 983} 984 985dbus_bool_t 986bus_context_allow_user (BusContext *context, 987 unsigned long uid) 988{ 989 return bus_policy_allow_user (context->policy, 990 context->user_database, 991 uid); 992} 993 994BusPolicy * 995bus_context_get_policy (BusContext *context) 996{ 997 return context->policy; 998} 999 1000BusClientPolicy* 1001bus_context_create_client_policy (BusContext *context, 1002 DBusConnection *connection, 1003 DBusError *error) 1004{ 1005 _DBUS_ASSERT_ERROR_IS_CLEAR (error); 1006 return bus_policy_create_client_policy (context->policy, connection, 1007 error); 1008} 1009 1010int 1011bus_context_get_activation_timeout (BusContext *context) 1012{ 1013 1014 return context->limits.activation_timeout; 1015} 1016 1017int 1018bus_context_get_auth_timeout (BusContext *context) 1019{ 1020 return context->limits.auth_timeout; 1021} 1022 1023int 1024bus_context_get_max_completed_connections (BusContext *context) 1025{ 1026 return context->limits.max_completed_connections; 1027} 1028 1029int 1030bus_context_get_max_incomplete_connections (BusContext *context) 1031{ 1032 return context->limits.max_incomplete_connections; 1033} 1034 1035int 1036bus_context_get_max_connections_per_user (BusContext *context) 1037{ 1038 return context->limits.max_connections_per_user; 1039} 1040 1041int 1042bus_context_get_max_pending_activations (BusContext *context) 1043{ 1044 return context->limits.max_pending_activations; 1045} 1046 1047int 1048bus_context_get_max_services_per_connection (BusContext *context) 1049{ 1050 return context->limits.max_services_per_connection; 1051} 1052 1053int 1054bus_context_get_max_match_rules_per_connection (BusContext *context) 1055{ 1056 return context->limits.max_match_rules_per_connection; 1057} 1058 1059int 1060bus_context_get_max_replies_per_connection (BusContext *context) 1061{ 1062 return context->limits.max_replies_per_connection; 1063} 1064 1065int 1066bus_context_get_reply_timeout (BusContext *context) 1067{ 1068 return context->limits.reply_timeout; 1069} 1070 1071/* 1072 * addressed_recipient is the recipient specified in the message. 1073 * 1074 * proposed_recipient is the recipient we're considering sending 1075 * to right this second, and may be an eavesdropper. 1076 * 1077 * sender is the sender of the message. 1078 * 1079 * NULL for proposed_recipient or sender definitely means the bus driver. 1080 * 1081 * NULL for addressed_recipient may mean the bus driver, or may mean 1082 * no destination was specified in the message (e.g. a signal). 1083 */ 1084dbus_bool_t 1085bus_context_check_security_policy (BusContext *context, 1086 BusTransaction *transaction, 1087 DBusConnection *sender, 1088 DBusConnection *addressed_recipient, 1089 DBusConnection *proposed_recipient, 1090 DBusMessage *message, 1091 DBusError *error) 1092{ 1093 BusClientPolicy *sender_policy; 1094 BusClientPolicy *recipient_policy; 1095 int type; 1096 dbus_bool_t requested_reply; 1097 1098 type = dbus_message_get_type (message); 1099 1100 /* dispatch.c was supposed to ensure these invariants */ 1101 _dbus_assert (dbus_message_get_destination (message) != NULL || 1102 type == DBUS_MESSAGE_TYPE_SIGNAL || 1103 (sender == NULL && !bus_connection_is_active (proposed_recipient))); 1104 _dbus_assert (type == DBUS_MESSAGE_TYPE_SIGNAL || 1105 addressed_recipient != NULL || 1106 strcmp (dbus_message_get_destination (message), DBUS_SERVICE_DBUS) == 0); 1107 1108 switch (type) 1109 { 1110 case DBUS_MESSAGE_TYPE_METHOD_CALL: 1111 case DBUS_MESSAGE_TYPE_SIGNAL: 1112 case DBUS_MESSAGE_TYPE_METHOD_RETURN: 1113 case DBUS_MESSAGE_TYPE_ERROR: 1114 break; 1115 1116 default: 1117 _dbus_verbose ("security check disallowing message of unknown type %d\n", 1118 type); 1119 1120 dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, 1121 "Message bus will not accept messages of unknown type\n"); 1122 1123 return FALSE; 1124 } 1125 1126 requested_reply = FALSE; 1127 1128 if (sender != NULL) 1129 { 1130 const char *dest; 1131 1132 dest = dbus_message_get_destination (message); 1133 1134 /* First verify the SELinux access controls. If allowed then 1135 * go on with the standard checks. 1136 */ 1137 if (!bus_selinux_allows_send (sender, proposed_recipient, 1138 dbus_message_type_to_string (dbus_message_get_type (message)), 1139 dbus_message_get_interface (message), 1140 dbus_message_get_member (message), 1141 dbus_message_get_error_name (message), 1142 dest ? dest : DBUS_SERVICE_DBUS, error)) 1143 { 1144 1145 if (dbus_error_is_set (error) && 1146 dbus_error_has_name (error, DBUS_ERROR_NO_MEMORY)) 1147 { 1148 return FALSE; 1149 } 1150 1151 1152 dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, 1153 "An SELinux policy prevents this sender " 1154 "from sending this message to this recipient " 1155 "(rejected message had interface \"%s\" " 1156 "member \"%s\" error name \"%s\" destination \"%s\")", 1157 dbus_message_get_interface (message) ? 1158 dbus_message_get_interface (message) : "(unset)", 1159 dbus_message_get_member (message) ? 1160 dbus_message_get_member (message) : "(unset)", 1161 dbus_message_get_error_name (message) ? 1162 dbus_message_get_error_name (message) : "(unset)", 1163 dest ? dest : DBUS_SERVICE_DBUS); 1164 _dbus_verbose ("SELinux security check denying send to service\n"); 1165 return FALSE; 1166 } 1167 1168 if (bus_connection_is_active (sender)) 1169 { 1170 sender_policy = bus_connection_get_policy (sender); 1171 _dbus_assert (sender_policy != NULL); 1172 1173 /* Fill in requested_reply variable with TRUE if this is a 1174 * reply and the reply was pending. 1175 */ 1176 if (dbus_message_get_reply_serial (message) != 0) 1177 { 1178 if (proposed_recipient != NULL /* not to the bus driver */ && 1179 addressed_recipient == proposed_recipient /* not eavesdropping */) 1180 { 1181 DBusError error2; 1182 1183 dbus_error_init (&error2); 1184 requested_reply = bus_connections_check_reply (bus_connection_get_connections (sender), 1185 transaction, 1186 sender, addressed_recipient, message, 1187 &error2); 1188 if (dbus_error_is_set (&error2)) 1189 { 1190 dbus_move_error (&error2, error); 1191 return FALSE; 1192 } 1193 } 1194 } 1195 } 1196 else 1197 { 1198 /* Policy for inactive connections is that they can only send 1199 * the hello message to the bus driver 1200 */ 1201 if (proposed_recipient == NULL && 1202 dbus_message_is_method_call (message, 1203 DBUS_INTERFACE_DBUS, 1204 "Hello")) 1205 { 1206 _dbus_verbose ("security check allowing %s message\n", 1207 "Hello"); 1208 return TRUE; 1209 } 1210 else 1211 { 1212 _dbus_verbose ("security check disallowing non-%s message\n", 1213 "Hello"); 1214 1215 dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, 1216 "Client tried to send a message other than %s without being registered", 1217 "Hello"); 1218 1219 return FALSE; 1220 } 1221 } 1222 } 1223 else 1224 { 1225 sender_policy = NULL; 1226 1227 /* If the sender is the bus driver, we assume any reply was a 1228 * requested reply as bus driver won't send bogus ones 1229 */ 1230 if (addressed_recipient == proposed_recipient /* not eavesdropping */ && 1231 dbus_message_get_reply_serial (message) != 0) 1232 requested_reply = TRUE; 1233 } 1234 1235 _dbus_assert ((sender != NULL && sender_policy != NULL) || 1236 (sender == NULL && sender_policy == NULL)); 1237 1238 if (proposed_recipient != NULL) 1239 { 1240 /* only the bus driver can send to an inactive recipient (as it 1241 * owns no services, so other apps can't address it). Inactive 1242 * recipients can receive any message. 1243 */ 1244 if (bus_connection_is_active (proposed_recipient)) 1245 { 1246 recipient_policy = bus_connection_get_policy (proposed_recipient); 1247 _dbus_assert (recipient_policy != NULL); 1248 } 1249 else if (sender == NULL) 1250 { 1251 _dbus_verbose ("security check using NULL recipient policy for message from bus\n"); 1252 recipient_policy = NULL; 1253 } 1254 else 1255 { 1256 _dbus_assert_not_reached ("a message was somehow sent to an inactive recipient from a source other than the message bus\n"); 1257 recipient_policy = NULL; 1258 } 1259 } 1260 else 1261 recipient_policy = NULL; 1262 1263 _dbus_assert ((proposed_recipient != NULL && recipient_policy != NULL) || 1264 (proposed_recipient != NULL && sender == NULL && recipient_policy == NULL) || 1265 (proposed_recipient == NULL && recipient_policy == NULL)); 1266 1267 if (sender_policy && 1268 !bus_client_policy_check_can_send (sender_policy, 1269 context->registry, 1270 requested_reply, 1271 proposed_recipient, 1272 message)) 1273 { 1274 const char *dest; 1275 1276 dest = dbus_message_get_destination (message); 1277 dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, 1278 "A security policy in place prevents this sender " 1279 "from sending this message to this recipient, " 1280 "see message bus configuration file (rejected message " 1281 "had interface \"%s\" member \"%s\" error name \"%s\" destination \"%s\")", 1282 dbus_message_get_interface (message) ? 1283 dbus_message_get_interface (message) : "(unset)", 1284 dbus_message_get_member (message) ? 1285 dbus_message_get_member (message) : "(unset)", 1286 dbus_message_get_error_name (message) ? 1287 dbus_message_get_error_name (message) : "(unset)", 1288 dest ? dest : DBUS_SERVICE_DBUS); 1289 _dbus_verbose ("security policy disallowing message due to sender policy\n"); 1290 return FALSE; 1291 } 1292 1293 if (recipient_policy && 1294 !bus_client_policy_check_can_receive (recipient_policy, 1295 context->registry, 1296 requested_reply, 1297 sender, 1298 addressed_recipient, proposed_recipient, 1299 message)) 1300 { 1301 const char *dest; 1302 1303 dest = dbus_message_get_destination (message); 1304 dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, 1305 "A security policy in place prevents this recipient " 1306 "from receiving this message from this sender, " 1307 "see message bus configuration file (rejected message " 1308 "had interface \"%s\" member \"%s\" error name \"%s\" destination \"%s\" reply serial %u requested_reply=%d)", 1309 dbus_message_get_interface (message) ? 1310 dbus_message_get_interface (message) : "(unset)", 1311 dbus_message_get_member (message) ? 1312 dbus_message_get_member (message) : "(unset)", 1313 dbus_message_get_error_name (message) ? 1314 dbus_message_get_error_name (message) : "(unset)", 1315 dest ? dest : DBUS_SERVICE_DBUS, 1316 dbus_message_get_reply_serial (message), 1317 requested_reply); 1318 _dbus_verbose ("security policy disallowing message due to recipient policy\n"); 1319 return FALSE; 1320 } 1321 1322 /* See if limits on size have been exceeded */ 1323 if (proposed_recipient && 1324 dbus_connection_get_outgoing_size (proposed_recipient) > 1325 context->limits.max_outgoing_bytes) 1326 { 1327 const char *dest; 1328 1329 dest = dbus_message_get_destination (message); 1330 dbus_set_error (error, DBUS_ERROR_LIMITS_EXCEEDED, 1331 "The destination service \"%s\" has a full message queue", 1332 dest ? dest : (proposed_recipient ? 1333 bus_connection_get_name (proposed_recipient) : 1334 DBUS_SERVICE_DBUS)); 1335 _dbus_verbose ("security policy disallowing message due to full message queue\n"); 1336 return FALSE; 1337 } 1338 1339 if (type == DBUS_MESSAGE_TYPE_METHOD_CALL) 1340 { 1341 /* Record that we will allow a reply here in the future (don't 1342 * bother if the recipient is the bus). Only the addressed recipient 1343 * may reply. 1344 */ 1345 if (sender && addressed_recipient && 1346 !bus_connections_expect_reply (bus_connection_get_connections (sender), 1347 transaction, 1348 sender, addressed_recipient, 1349 message, error)) 1350 { 1351 _dbus_verbose ("Failed to record reply expectation or problem with the message expecting a reply\n"); 1352 return FALSE; 1353 } 1354 } 1355 1356 _dbus_verbose ("security policy allowing message\n"); 1357 return TRUE; 1358} 1359