summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorXavier Claessens <xavier.claessens@collabora.com>2015-11-27 14:59:34 (GMT)
committerXavier Claessens <xavier.claessens@collabora.com>2015-11-30 22:23:21 (GMT)
commit77714f80de83a0ac7b11b5ac6ab29f18ccc50a72 (patch)
treec7e57ab577d7c5ed83bd94575f7f856a5ed18eb8
parent06a9d85b04ebf7bde4aa82c42059c3a0e2da7961 (diff)
downloadappservice-77714f80de83a0ac7b11b5ac6ab29f18ccc50a72.tar.gz
appservice-77714f80de83a0ac7b11b5ac6ab29f18ccc50a72.tar.xz
Application: Get peer' security label
-rw-r--r--src/application.c64
-rw-r--r--src/security.c8
-rw-r--r--src/security.h9
3 files changed, 60 insertions, 21 deletions
diff --git a/src/application.c b/src/application.c
index b19a84d..e4f132c 100644
--- a/src/application.c
+++ b/src/application.c
@@ -38,6 +38,8 @@ struct _Application
gchar *name_owner;
gchar *security_context;
GQueue invocations; /* outstanding start requests */
+ GDBusMethodInvocation *start_invocation;
+ GCancellable *cancellable;
Component *components[N_COMPONENT_TYPES];
gboolean running;
};
@@ -92,13 +94,16 @@ application_send_error_to_invocations (Application *application)
}
static void
-application_startup (Application *application,
- GDBusMethodInvocation *invocation)
+application_startup (Application *application)
{
+ GDBusMethodInvocation *invocation;
GVariantDict *arguments;
GVariantBuilder result;
guint i;
+ g_assert (application->start_invocation != NULL);
+ invocation = application->start_invocation;
+
{
GVariant *dict;
@@ -128,6 +133,7 @@ application_startup (Application *application,
}
g_dbus_method_invocation_return_value (invocation, g_variant_new ("(a{say})", &result));
+ g_clear_object (&application->start_invocation);
application->running = TRUE;
}
@@ -146,6 +152,7 @@ application_shutdown (Application *application)
}
}
+ g_cancellable_cancel (application->cancellable);
g_bus_unwatch_name (application->watch_id);
application->watch_id = 0;
@@ -154,6 +161,37 @@ application_shutdown (Application *application)
g_object_unref (application);
}
+static void
+get_connection_credentials_cb (GObject *source,
+ GAsyncResult *result,
+ gpointer user_data)
+{
+ Application *self = user_data;
+ GVariant *reply;
+ GVariant *child;
+ GError *error = NULL;
+
+ reply = g_dbus_connection_call_finish (self->connection, result, &error);
+ if (reply == NULL)
+ {
+ g_dbus_method_invocation_take_error (self->start_invocation, error);
+ g_clear_object (&self->start_invocation);
+ goto out;
+ }
+
+ child = g_variant_get_child_value (reply, 0);
+ g_variant_lookup (child, "LinuxSecurityLabel", "^ay",
+ &self->security_context);
+ g_variant_unref (reply);
+ g_variant_unref (child);
+
+ /* Application is now ready */
+ application_startup (self);
+
+out:
+ g_object_unref (self);
+}
+
static gint
find_invocation_by_sender (gconstpointer a,
gconstpointer b)
@@ -181,14 +219,23 @@ application_appeared (GDBusConnection *connection,
{
GDBusMethodInvocation *owner_invocation = owner_node->data;
- /* We have an invocation from the owner of the name. We're going
- * to do the startup now.
+ /* We have an invocation from the owner of the name. Let's get his
+ * security credentials now.
*/
application->connection = g_object_ref (connection);
- application_startup (application, owner_invocation);
- g_object_unref (owner_invocation);
-
+ application->start_invocation = owner_invocation;
g_queue_delete_link (&application->invocations, owner_node);
+
+ g_dbus_connection_call (connection,
+ "org.freedesktop.DBus", "/", "org.freedesktop.DBus",
+ "GetConnectionCredentials",
+ g_variant_new ("(s)", application->app_id),
+ G_VARIANT_TYPE ("(a{sv})"),
+ G_DBUS_CALL_FLAGS_NONE,
+ -1,
+ application->cancellable,
+ get_connection_credentials_cb,
+ g_object_ref (application));
}
/* If there are any other invocations, make sure they get error
@@ -233,6 +280,8 @@ application_finalize (GObject *object)
g_message ("Application %s exits", application->app_id);
g_free (application->app_id);
+ g_free (application->security_context);
+ g_object_unref (application->cancellable);
G_OBJECT_CLASS (application_parent_class)->finalize (object);
}
@@ -240,6 +289,7 @@ application_finalize (GObject *object)
static void
application_init (Application *application)
{
+ application->cancellable = g_cancellable_new ();
}
static void
diff --git a/src/security.c b/src/security.c
index d2a4643..8d0daba 100644
--- a/src/security.c
+++ b/src/security.c
@@ -1,13 +1,5 @@
-
#include "security.h"
-gchar *
-security_module_get_id_for_pid (GDBusConnection *connection,
- const gchar *bus_id)
-{
- return g_strdup (bus_id);
-}
-
gboolean
security_module_get_dconf_paths (const gchar *id,
gchar ***readable,
diff --git a/src/security.h b/src/security.h
index 6f3e6f0..94df155 100644
--- a/src/security.h
+++ b/src/security.h
@@ -1,10 +1,7 @@
#include <gio/gio.h>
-gchar * security_module_get_id_for_pid (GDBusConnection *connection,
- const gchar *bus_id);
-
-gboolean security_module_get_dconf_paths (const gchar *id,
- gchar ***readable,
- gchar ***readwritable);
+gboolean security_module_get_dconf_paths (const gchar *id,
+ gchar ***readable,
+ gchar ***readwritable);