Commit 5a676818 authored by Simon McVittie's avatar Simon McVittie

Imported Upstream version 1.9.12

parents 8fd2c809 87fe648a
......@@ -256,6 +256,8 @@ ACLOCAL = @ACLOCAL@
ADT_LIBS = @ADT_LIBS@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
APPARMOR_CFLAGS = @APPARMOR_CFLAGS@
APPARMOR_LIBS = @APPARMOR_LIBS@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
......@@ -310,6 +312,7 @@ DEPDIR = @DEPDIR@
DLLTOOL = @DLLTOOL@
DOXYGEN = @DOXYGEN@
DSYMUTIL = @DSYMUTIL@
DUCKTYPE = @DUCKTYPE@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
......@@ -399,6 +402,7 @@ X_CFLAGS = @X_CFLAGS@
X_EXTRA_LIBS = @X_EXTRA_LIBS@
X_LIBS = @X_LIBS@
X_PRE_LIBS = @X_PRE_LIBS@
YELP_BUILD = @YELP_BUILD@
abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
......
D-Bus 1.9.12 (2015-02-19)
==
The “monster lasagna” release.
Dependencies:
• Ducktype and yelp-tools are now required to build complete documentation.
Enhancements:
• D-Bus Specification version 0.26
· GetConnectionCredentials can return LinuxSecurityLabel or WindowsSID
· document the BecomeMonitor method
• On Linux, add LinuxSecurityLabel to GetConnectionCredentials
(fd.o #89041; Tyler Hicks, Simon McVittie)
• On Linux, add support for AppArmor mediation of message sending and
receiving and name ownership (paralleling existing SELinux mediation
support), and eavesdropping (a new check, currently AppArmor-specific)
(fd.o #75113; John Johansen, Tyler Hicks, Simon McVittie)
• In dbus-send and dbus-monitor, pretty-print \0-terminated bytestrings
that have printable ASCII contents; we previously only did this for
unterminated bytestrings (fd.o #89109, Simon McVittie)
• Add a guide to designing good D-Bus APIs (fd.o #88994, Philip Withnall)
• On Windows, add WindowsSID to GetConnectionCredentials
(fd.o #54445, Ralf Habacker)
• Improve clarity of dbus-monitor --profile output and add more columns
(fd.o #89165, Ralf Habacker)
• Add a man page for dbus-test-tool, and build it under CMake as well
as Autotools (fd.o#89086, Simon McVittie)
• If dbus-daemon was compiled with --enable-verbose, add a D-Bus API
to control it at runtime, overriding the DBUS_VERBOSE environment variable
(fd.o #88896, Ralf Habacker)
Fixes:
• Reduce the number of file descriptors used in the fd-passing test,
avoiding failure under the default Linux fd limit, and automatically
skip it if the rlimit is too small (fd.o #88998, Simon McVittie)
D-Bus 1.9.10 (2015-02-09)
==
......
......@@ -4,6 +4,7 @@ dbus_daemon_execdir = $(DBUS_DAEMONDIR)
DBUS_BUS_LIBS = \
$(XML_LIBS) \
$(SELINUX_LIBS) \
$(APPARMOR_LIBS) \
$(THREAD_LIBS) \
$(ADT_LIBS) \
$(NETWORK_libs) \
......@@ -18,6 +19,7 @@ DBUS_LAUNCHER_LIBS = \
AM_CPPFLAGS = \
-I$(top_srcdir) \
$(XML_CFLAGS) \
$(APPARMOR_CFLAGS) \
-DDBUS_SYSTEM_CONFIG_FILE=\""$(configdir)/system.conf"\" \
-DDBUS_COMPILATION \
-DDBUS_STATIC_BUILD \
......@@ -69,6 +71,8 @@ BUS_SOURCES= \
activation.c \
activation.h \
activation-exit-codes.h \
apparmor.c \
apparmor.h \
bus.c \
bus.h \
config-parser.c \
......
......@@ -136,21 +136,21 @@ am__installdirs = "$(DESTDIR)$(dbus_daemon_execdir)" \
PROGRAMS = $(dbus_daemon_exec_PROGRAMS) $(libexec_PROGRAMS) \
$(noinst_PROGRAMS)
am__dbus_daemon_SOURCES_DIST = activation.c activation.h \
activation-exit-codes.h bus.c bus.h config-parser.c \
config-parser.h config-parser-common.c config-parser-common.h \
connection.c connection.h desktop-file.c desktop-file.h \
dir-watch-default.c dir-watch-inotify.c dir-watch-kqueue.c \
dir-watch.h dispatch.c dispatch.h driver.c driver.h \
expirelist.c expirelist.h policy.c policy.h selinux.h \
selinux.c services.c services.h signals.c signals.h stats.c \
stats.h test.c test.h utils.c utils.h config-loader-expat.c \
main.c
activation-exit-codes.h apparmor.c apparmor.h bus.c bus.h \
config-parser.c config-parser.h config-parser-common.c \
config-parser-common.h connection.c connection.h \
desktop-file.c desktop-file.h dir-watch-default.c \
dir-watch-inotify.c dir-watch-kqueue.c dir-watch.h dispatch.c \
dispatch.h driver.c driver.h expirelist.c expirelist.h \
policy.c policy.h selinux.h selinux.c services.c services.h \
signals.c signals.h stats.c stats.h test.c test.h utils.c \
utils.h config-loader-expat.c main.c
@DBUS_BUS_ENABLE_INOTIFY_FALSE@@DBUS_BUS_ENABLE_KQUEUE_FALSE@am__objects_1 = dir-watch-default.$(OBJEXT)
@DBUS_BUS_ENABLE_INOTIFY_TRUE@@DBUS_BUS_ENABLE_KQUEUE_FALSE@am__objects_1 = dir-watch-inotify.$(OBJEXT)
@DBUS_BUS_ENABLE_KQUEUE_TRUE@am__objects_1 = \
@DBUS_BUS_ENABLE_KQUEUE_TRUE@ dir-watch-kqueue.$(OBJEXT)
am__objects_2 = config-loader-expat.$(OBJEXT)
am__objects_3 = activation.$(OBJEXT) bus.$(OBJEXT) \
am__objects_3 = activation.$(OBJEXT) apparmor.$(OBJEXT) bus.$(OBJEXT) \
config-parser.$(OBJEXT) config-parser-common.$(OBJEXT) \
connection.$(OBJEXT) desktop-file.$(OBJEXT) $(am__objects_1) \
dispatch.$(OBJEXT) driver.$(OBJEXT) expirelist.$(OBJEXT) \
......@@ -162,7 +162,7 @@ dbus_daemon_OBJECTS = $(am_dbus_daemon_OBJECTS)
am__DEPENDENCIES_1 =
am__DEPENDENCIES_2 = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
$(am__DEPENDENCIES_1)
$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1)
dbus_daemon_DEPENDENCIES = $(top_builddir)/dbus/libdbus-internal.la \
$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_2)
AM_V_lt = $(am__v_lt_@AM_V@)
......@@ -195,15 +195,15 @@ dbus_daemon_launch_helper_test_OBJECTS = \
dbus_daemon_launch_helper_test_DEPENDENCIES = \
$(top_builddir)/dbus/libdbus-internal.la $(am__DEPENDENCIES_3)
am__test_bus_SOURCES_DIST = activation.c activation.h \
activation-exit-codes.h bus.c bus.h config-parser.c \
config-parser.h config-parser-common.c config-parser-common.h \
connection.c connection.h desktop-file.c desktop-file.h \
dir-watch-default.c dir-watch-inotify.c dir-watch-kqueue.c \
dir-watch.h dispatch.c dispatch.h driver.c driver.h \
expirelist.c expirelist.h policy.c policy.h selinux.h \
selinux.c services.c services.h signals.c signals.h stats.c \
stats.h test.c test.h utils.c utils.h config-loader-expat.c \
test-main.c
activation-exit-codes.h apparmor.c apparmor.h bus.c bus.h \
config-parser.c config-parser.h config-parser-common.c \
config-parser-common.h connection.c connection.h \
desktop-file.c desktop-file.h dir-watch-default.c \
dir-watch-inotify.c dir-watch-kqueue.c dir-watch.h dispatch.c \
dispatch.h driver.c driver.h expirelist.c expirelist.h \
policy.c policy.h selinux.h selinux.c services.c services.h \
signals.c signals.h stats.c stats.h test.c test.h utils.c \
utils.h config-loader-expat.c test-main.c
am_test_bus_OBJECTS = $(am__objects_3) test-main.$(OBJEXT)
test_bus_OBJECTS = $(am_test_bus_OBJECTS)
test_bus_DEPENDENCIES = $(top_builddir)/dbus/libdbus-internal.la \
......@@ -328,6 +328,8 @@ ACLOCAL = @ACLOCAL@
ADT_LIBS = @ADT_LIBS@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
APPARMOR_CFLAGS = @APPARMOR_CFLAGS@
APPARMOR_LIBS = @APPARMOR_LIBS@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
......@@ -382,6 +384,7 @@ DEPDIR = @DEPDIR@
DLLTOOL = @DLLTOOL@
DOXYGEN = @DOXYGEN@
DSYMUTIL = @DSYMUTIL@
DUCKTYPE = @DUCKTYPE@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
......@@ -471,6 +474,7 @@ X_CFLAGS = @X_CFLAGS@
X_EXTRA_LIBS = @X_EXTRA_LIBS@
X_LIBS = @X_LIBS@
X_PRE_LIBS = @X_PRE_LIBS@
YELP_BUILD = @YELP_BUILD@
abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
......@@ -535,6 +539,7 @@ dbus_daemon_execdir = $(DBUS_DAEMONDIR)
DBUS_BUS_LIBS = \
$(XML_LIBS) \
$(SELINUX_LIBS) \
$(APPARMOR_LIBS) \
$(THREAD_LIBS) \
$(ADT_LIBS) \
$(NETWORK_libs) \
......@@ -549,6 +554,7 @@ DBUS_LAUNCHER_LIBS = \
AM_CPPFLAGS = \
-I$(top_srcdir) \
$(XML_CFLAGS) \
$(APPARMOR_CFLAGS) \
-DDBUS_SYSTEM_CONFIG_FILE=\""$(configdir)/system.conf"\" \
-DDBUS_COMPILATION \
-DDBUS_STATIC_BUILD \
......@@ -583,6 +589,8 @@ BUS_SOURCES = \
activation.c \
activation.h \
activation-exit-codes.h \
apparmor.c \
apparmor.h \
bus.c \
bus.h \
config-parser.c \
......@@ -976,6 +984,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/activation-helper-bin.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/activation-helper.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/activation.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/apparmor.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bus.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/config-loader-expat.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/config-parser-common.Po@am__quote@
......
This diff is collapsed.
/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*-
* apparmor.c AppArmor security checks for D-Bus
*
* Authors: John Johansen <john.johansen@canonical.com>
* Tyler Hicks <tyhicks@canonical.com>
* Based on: selinux.h by Matthew Rickard
*
* Licensed under the Academic Free License version 2.1
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*
*/
#ifndef BUS_APPARMOR_H
#define BUS_APPARMOR_H
#include <dbus/dbus.h>
#include "bus.h"
void bus_apparmor_audit_init (void);
dbus_bool_t bus_apparmor_pre_init (void);
dbus_bool_t bus_apparmor_set_mode_from_config (const char *mode,
DBusError *error);
dbus_bool_t bus_apparmor_full_init (DBusError *error);
void bus_apparmor_shutdown (void);
dbus_bool_t bus_apparmor_enabled (void);
void bus_apparmor_confinement_unref (BusAppArmorConfinement *confinement);
void bus_apparmor_confinement_ref (BusAppArmorConfinement *confinement);
BusAppArmorConfinement* bus_apparmor_init_connection_confinement (DBusConnection *connection,
DBusError *error);
dbus_bool_t bus_apparmor_allows_acquire_service (DBusConnection *connection,
const char *bustype,
const char *service_name,
DBusError *error);
dbus_bool_t bus_apparmor_allows_send (DBusConnection *sender,
DBusConnection *proposed_recipient,
dbus_bool_t requested_reply,
const char *bustype,
int msgtype,
const char *path,
const char *interface,
const char *member,
const char *error_name,
const char *destination,
const char *source,
DBusError *error);
dbus_bool_t bus_apparmor_allows_eavesdropping (DBusConnection *connection,
const char *bustype,
DBusError *error);
#endif /* BUS_APPARMOR_H */
......@@ -34,6 +34,7 @@
#include "config-parser.h"
#include "signals.h"
#include "selinux.h"
#include "apparmor.h"
#include "dir-watch.h"
#include <dbus/dbus-list.h>
#include <dbus/dbus-hash.h>
......@@ -933,6 +934,20 @@ bus_context_new (const DBusString *config_file,
bus_context_log (context, DBUS_SYSTEM_LOG_FATAL, "SELinux enabled but D-Bus initialization failed; check system log\n");
}
if (!bus_apparmor_full_init (error))
{
_DBUS_ASSERT_ERROR_IS_SET (error);
goto failed;
}
if (bus_apparmor_enabled ())
{
/* Only print AppArmor mediation message when syslog support is enabled */
if (context->syslog)
bus_context_log (context, DBUS_SYSTEM_LOG_INFO,
"AppArmor D-Bus mediation is enabled\n");
}
if (!process_config_postinit (context, parser, error))
{
_DBUS_ASSERT_ERROR_IS_SET (error);
......@@ -959,6 +974,9 @@ bus_context_new (const DBusString *config_file,
#ifdef HAVE_SELINUX
/* FIXME - why not just put this in full_init() below? */
bus_selinux_audit_init ();
#endif
#ifdef HAVE_APPARMOR
bus_apparmor_audit_init ();
#endif
}
......@@ -1503,7 +1521,7 @@ bus_context_check_security_policy (BusContext *context,
DBusMessage *message,
DBusError *error)
{
const char *dest;
const char *src, *dest;
BusClientPolicy *sender_policy;
BusClientPolicy *recipient_policy;
dbus_int32_t toggles;
......@@ -1512,6 +1530,7 @@ bus_context_check_security_policy (BusContext *context,
dbus_bool_t requested_reply;
type = dbus_message_get_type (message);
src = dbus_message_get_sender (message);
dest = dbus_message_get_destination (message);
/* dispatch.c was supposed to ensure these invariants */
......@@ -1544,30 +1563,6 @@ bus_context_check_security_policy (BusContext *context,
if (sender != NULL)
{
/* First verify the SELinux access controls. If allowed then
* go on with the standard checks.
*/
if (!bus_selinux_allows_send (sender, proposed_recipient,
dbus_message_type_to_string (dbus_message_get_type (message)),
dbus_message_get_interface (message),
dbus_message_get_member (message),
dbus_message_get_error_name (message),
dest ? dest : DBUS_SERVICE_DBUS, error))
{
if (error != NULL && !dbus_error_is_set (error))
{
/* don't syslog this, just set the error: avc_has_perm should
* have already written to either the audit log or syslog */
complain_about_message (context, DBUS_ERROR_ACCESS_DENIED,
"An SELinux policy prevents this sender from sending this "
"message to this recipient",
0, message, sender, proposed_recipient, FALSE, FALSE, error);
_dbus_verbose ("SELinux security check denying send to service\n");
}
return FALSE;
}
if (bus_connection_is_active (sender))
{
sender_policy = bus_connection_get_policy (sender);
......@@ -1597,6 +1592,51 @@ bus_context_check_security_policy (BusContext *context,
}
}
else
{
sender_policy = NULL;
}
/* First verify the SELinux access controls. If allowed then
* go on with the standard checks.
*/
if (!bus_selinux_allows_send (sender, proposed_recipient,
dbus_message_type_to_string (dbus_message_get_type (message)),
dbus_message_get_interface (message),
dbus_message_get_member (message),
dbus_message_get_error_name (message),
dest ? dest : DBUS_SERVICE_DBUS, error))
{
if (error != NULL && !dbus_error_is_set (error))
{
/* don't syslog this, just set the error: avc_has_perm should
* have already written to either the audit log or syslog */
complain_about_message (context, DBUS_ERROR_ACCESS_DENIED,
"An SELinux policy prevents this sender from sending this "
"message to this recipient",
0, message, sender, proposed_recipient, FALSE, FALSE, error);
_dbus_verbose ("SELinux security check denying send to service\n");
}
return FALSE;
}
/* next verify AppArmor access controls. If allowed then
* go on with the standard checks.
*/
if (!bus_apparmor_allows_send (sender, proposed_recipient,
requested_reply,
bus_context_get_type (context),
dbus_message_get_type (message),
dbus_message_get_path (message),
dbus_message_get_interface (message),
dbus_message_get_member (message),
dbus_message_get_error_name (message),
dest ? dest : DBUS_SERVICE_DBUS,
src ? src : DBUS_SERVICE_DBUS,
error))
return FALSE;
if (!bus_connection_is_active (sender))
{
/* Policy for inactive connections is that they can only send
* the hello message to the bus driver
......
......@@ -38,6 +38,7 @@ typedef struct BusClientPolicy BusClientPolicy;
typedef struct BusPolicyRule BusPolicyRule;
typedef struct BusRegistry BusRegistry;
typedef struct BusSELinuxID BusSELinuxID;
typedef struct BusAppArmorConfinement BusAppArmorConfinement;
typedef struct BusService BusService;
typedef struct BusOwner BusOwner;
typedef struct BusTransaction BusTransaction;
......
......@@ -127,6 +127,10 @@ bus_config_parser_element_name_to_type (const char *name)
{
return ELEMENT_ALLOW_ANONYMOUS;
}
else if (strcmp (name, "apparmor") == 0)
{
return ELEMENT_APPARMOR;
}
return ELEMENT_NONE;
}
......@@ -181,6 +185,8 @@ bus_config_parser_element_type_to_name (ElementType type)
return "keep_umask";
case ELEMENT_ALLOW_ANONYMOUS:
return "allow_anonymous";
case ELEMENT_APPARMOR:
return "apparmor";
}
_dbus_assert_not_reached ("bad element type");
......
......@@ -49,7 +49,8 @@ typedef enum
ELEMENT_STANDARD_SYSTEM_SERVICEDIRS,
ELEMENT_KEEP_UMASK,
ELEMENT_SYSLOG,
ELEMENT_ALLOW_ANONYMOUS
ELEMENT_ALLOW_ANONYMOUS,
ELEMENT_APPARMOR
} ElementType;
ElementType bus_config_parser_element_name_to_type (const char *element_name);
......
......@@ -28,6 +28,7 @@
#include "utils.h"
#include "policy.h"
#include "selinux.h"
#include "apparmor.h"
#include <dbus/dbus-list.h>
#include <dbus/dbus-internals.h>
#include <dbus/dbus-misc.h>
......@@ -1136,6 +1137,27 @@ start_busconfig_child (BusConfigParser *parser,
return TRUE;
}
else if (element_type == ELEMENT_APPARMOR)
{
Element *e;
const char *mode;
if ((e = push_element (parser, ELEMENT_APPARMOR)) == NULL)
{
BUS_SET_OOM (error);
return FALSE;
}
if (!locate_attributes (parser, "apparmor",
attribute_names,
attribute_values,
error,
"mode", &mode,
NULL))
return FALSE;
return bus_apparmor_set_mode_from_config (mode, error);
}
else
{
dbus_set_error (error, DBUS_ERROR_FAILED,
......@@ -2074,6 +2096,7 @@ bus_config_parser_end_element (BusConfigParser *parser,
case ELEMENT_STANDARD_SESSION_SERVICEDIRS:
case ELEMENT_STANDARD_SYSTEM_SERVICEDIRS:
case ELEMENT_ALLOW_ANONYMOUS:
case ELEMENT_APPARMOR:
break;
}
......@@ -2373,6 +2396,7 @@ bus_config_parser_content (BusConfigParser *parser,
case ELEMENT_ALLOW_ANONYMOUS:
case ELEMENT_SELINUX:
case ELEMENT_ASSOCIATE:
case ELEMENT_APPARMOR:
if (all_whitespace (content))
return TRUE;
else
......
......@@ -30,6 +30,7 @@
#include "signals.h"
#include "expirelist.h"
#include "selinux.h"
#include "apparmor.h"
#include <dbus/dbus-list.h>
#include <dbus/dbus-hash.h>
#include <dbus/dbus-timeout.h>
......@@ -99,6 +100,7 @@ typedef struct
char *cached_loginfo_string;
BusSELinuxID *selinux_id;
BusAppArmorConfinement *apparmor_confinement;
long connection_tv_sec; /**< Time when we connected (seconds component) */
long connection_tv_usec; /**< Time when we connected (microsec component) */
......@@ -439,6 +441,9 @@ free_connection_data (void *data)
if (d->selinux_id)
bus_selinux_id_unref (d->selinux_id);
if (d->apparmor_confinement)
bus_apparmor_confinement_unref (d->apparmor_confinement);
dbus_free (d->cached_loginfo_string);
......@@ -714,6 +719,19 @@ bus_connections_setup_connection (BusConnections *connections,
goto out;
}
d->apparmor_confinement = bus_apparmor_init_connection_confinement (connection,
&error);
if (dbus_error_is_set (&error))
{
/* This is a bit bogus because we pretend all errors
* are OOM; this is done because we know that in bus.c
* an OOM error disconnects the connection, which is
* the same thing we want on any other error.
*/
dbus_error_free (&error);
goto out;
}
if (!dbus_connection_set_watch_functions (connection,
add_connection_watch,
remove_connection_watch,
......@@ -801,6 +819,10 @@ bus_connections_setup_connection (BusConnections *connections,
if (d->selinux_id)
bus_selinux_id_unref (d->selinux_id);
d->selinux_id = NULL;
if (d->apparmor_confinement)
bus_apparmor_confinement_unref (d->apparmor_confinement);
d->apparmor_confinement = NULL;
if (!dbus_connection_set_watch_functions (connection,
NULL, NULL, NULL,
......@@ -1201,6 +1223,19 @@ bus_connection_get_selinux_id (DBusConnection *connection)
return d->selinux_id;
}
BusAppArmorConfinement*
bus_connection_dup_apparmor_confinement (DBusConnection *connection)
{
BusConnectionData *d;
d = BUS_CONNECTION_DATA (connection);
_dbus_assert (d != NULL);
bus_apparmor_confinement_ref (d->apparmor_confinement);
return d->apparmor_confinement;
}
/**
* Checks whether the connection is registered with the message bus.
*
......
......@@ -54,6 +54,7 @@ BusActivation* bus_connection_get_activation (DBusConnection
BusMatchmaker* bus_connection_get_matchmaker (DBusConnection *connection);
const char * bus_connection_get_loginfo (DBusConnection *connection);
BusSELinuxID* bus_connection_get_selinux_id (DBusConnection *connection);
BusAppArmorConfinement* bus_connection_dup_apparmor_confinement (DBusConnection *connection);
dbus_bool_t bus_connections_check_limits (BusConnections *connections,
DBusConnection *requesting_completion,
DBusError *error);
......
......@@ -24,6 +24,7 @@
#include <config.h>
#include "activation.h"
#include "apparmor.h"
#include "connection.h"
#include "driver.h"
#include "dispatch.h"
......@@ -34,10 +35,12 @@
#include "utils.h"
#include <dbus/dbus-asv-util.h>
#include <dbus/dbus-connection-internal.h>
#include <dbus/dbus-string.h>
#include <dbus/dbus-internals.h>
#include <dbus/dbus-message.h>
#include <dbus/dbus-marshal-recursive.h>
#include <dbus/dbus-marshal-validate.h>
#include <string.h>
static DBusConnection *
......@@ -1108,9 +1111,10 @@ bus_driver_handle_add_match (DBusConnection *connection,
DBusError *error)
{
BusMatchRule *rule;
const char *text;
const char *text, *bustype;
DBusString str;
BusMatchmaker *matchmaker;
BusContext *context;
_DBUS_ASSERT_ERROR_IS_CLEAR (error);
......@@ -1143,6 +1147,12 @@ bus_driver_handle_add_match (DBusConnection *connection,
if (rule == NULL)
goto failed;
context = bus_transaction_get_context (transaction);
bustype = context ? bus_context_get_type (context) : NULL;
if (bus_match_rule_get_client_is_eavesdropping (rule) &&
!bus_apparmor_allows_eavesdropping (connection, bustype, error))
goto failed;
matchmaker = bus_connection_get_matchmaker (connection);
if (!bus_matchmaker_add_rule (matchmaker, rule))
......@@ -1646,6 +1656,7 @@ bus_driver_handle_get_connection_credentials (DBusConnection *connection,
DBusMessageIter reply_iter;
DBusMessageIter array_iter;
unsigned long ulong_val;
char *s;
const char *service;
_DBUS_ASSERT_ERROR_IS_CLEAR (error);
......@@ -1680,6 +1691,45 @@ bus_driver_handle_get_connection_credentials (DBusConnection *connection,
goto oom;
}
if (dbus_connection_get_windows_user (conn, &s))
{
DBusString str;
dbus_bool_t result;
if (s == NULL)
goto oom;
_dbus_string_init_const (&str, s);
result = _dbus_validate_utf8 (&str, 0, _dbus_string_get_length (&str));
_dbus_string_free (&str);
if (result)
{
if (!_dbus_asv_add_string (&array_iter, "WindowsSID", s))
{
dbus_free (s);
goto oom;
}
}
dbus_free (s);
}
if (_dbus_connection_get_linux_security_label (conn, &s))
{
if (s == NULL)
goto oom;
/* use the GVariant bytestring convention for strings of unknown
* encoding: include the \0 in the payload, for zero-copy reading */
if (!_dbus_asv_add_byte_array (&array_iter, "LinuxSecurityLabel",
s, strlen (s) + 1))
{
dbus_free (s);
goto oom;
}
dbus_free (s);
}
if (!_dbus_asv_close (&reply_iter, &array_iter))
goto oom;
......@@ -1746,6 +1796,72 @@ bus_driver_handle_reload_config (DBusConnection *connection,
return FALSE;
}
#ifdef DBUS_ENABLE_VERBOSE_MODE
static dbus_bool_t
bus_driver_handle_enable_verbose (DBusConnection *connection,
BusTransaction *transaction,
DBusMessage *message,
DBusError *error)
{
DBusMessage *reply = NULL;
_DBUS_ASSERT_ERROR_IS_CLEAR (error);
reply = dbus_message_new_method_return (message);
if (reply == NULL)
goto oom;
if (! bus_transaction_send_from_driver (transaction, connection, reply))
goto oom;
_dbus_set_verbose(TRUE);
dbus_message_unref (reply);
return TRUE;
oom:
_DBUS_ASSERT_ERROR_IS_CLEAR (error);
BUS_SET_OOM (error);
if (reply)
dbus_message_unref (reply);
return FALSE;
}
static dbus_bool_t
bus_driver_handle_disable_verbose (DBusConnection *connection,
BusTransaction *transaction,
DBusMessage *message