From 3dfbbb227e82b47973f612b6b031d8d591727436 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Tue, 18 Aug 2015 11:56:17 +0200 Subject: [PATCH] libnm: require exact vpn plugin filename Originally, nm-applet loaded the vpn plugins by passing the filename to g_module_open(). Thereby, g_module_open() allowed for missing file extension and tries to complete the name with a system-dependent suffix. When porting to libnm, we kept that behavior but did more elaborate checks on the file, like checking owner and permissions. Change to no longer trying to append the system suffix, but require an exact path. That is no usability problem, because the plugin path is specified in the .name files, and we just require them now to be the full path (including the .so extension). Note also, that this only affects new, libnm-based vpn plugins, thus there is no change in behavior for legacy libnm-glib based plugins. Fixes: eed0d0c58f7f13638eb587e240737048d729cb68 --- libnm-core/nm-core-internal.h | 10 ++--- libnm-core/nm-utils.c | 71 +++++++------------------------ libnm-core/nm-vpn-editor-plugin.c | 17 +++----- 3 files changed, 26 insertions(+), 72 deletions(-) diff --git a/libnm-core/nm-core-internal.h b/libnm-core/nm-core-internal.h index 8028283ead..957970b37e 100644 --- a/libnm-core/nm-core-internal.h +++ b/libnm-core/nm-core-internal.h @@ -143,11 +143,11 @@ gboolean _nm_utils_check_file (const char *filename, struct stat *out_st, GError **error); -char *_nm_utils_check_module_file (const char *name, - int check_owner, - NMUtilsCheckFilePredicate check_file, - gpointer user_data, - GError **error); +gboolean _nm_utils_check_module_file (const char *name, + int check_owner, + NMUtilsCheckFilePredicate check_file, + gpointer user_data, + GError **error); #define NM_UTILS_UUID_TYPE_LEGACY 0 #define NM_UTILS_UUID_TYPE_VARIANT3 1 diff --git a/libnm-core/nm-utils.c b/libnm-core/nm-utils.c index 4c8478557c..8b44a32bc8 100644 --- a/libnm-core/nm-utils.c +++ b/libnm-core/nm-utils.c @@ -2501,87 +2501,46 @@ _nm_utils_check_file (const char *filename, } -static char * -_resolve_module_file_name (const char *file_name) -{ - char *name = NULL; - - /* g_module_open() is searching for the exact file to load, - * but it doesn't give us a hook to check file permissions - * and ownership. Reimplement the file name resolution. - * - * Copied from g_module_open(). */ - - /* check whether we have a readable file right away */ - if (g_file_test (file_name, G_FILE_TEST_IS_REGULAR)) - name = g_strdup (file_name); - - /* try completing file name with standard library suffix */ - if ( !name - && !g_str_has_suffix (file_name, "." G_MODULE_SUFFIX)) { - name = g_strconcat (file_name, "." G_MODULE_SUFFIX, NULL); - if (!g_file_test (name, G_FILE_TEST_IS_REGULAR)) { - g_free (name); - name = NULL; - } - } - - /* g_module_open() would also try appending ".la". We don't do that - * because we require the user to specify a shared library (directly). */ - - return name; -} - -char * +gboolean _nm_utils_check_module_file (const char *name, int check_owner, NMUtilsCheckFilePredicate check_file, gpointer user_data, GError **error) { - gs_free char *name_resolved = NULL; - char *s; - if (!g_path_is_absolute (name)) { g_set_error (error, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_FAILED, _("path is not absolute (%s)"), name); - return NULL; + return FALSE; } - name_resolved = _resolve_module_file_name (name); - - if (!name_resolved) { + /* check whether we have a readable file right away */ + if (!g_file_test (name, G_FILE_TEST_IS_REGULAR)) { g_set_error (error, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_FAILED, - _("could not resolve plugin path (%s)"), name); - return NULL; + _("could not find plugin (%s)"), name); + return FALSE; } - if (g_str_has_suffix (name_resolved, ".la")) { + if (g_str_has_suffix (name, ".la")) { /* g_module_open() treats files that end with .la special. * We don't want to parse the libtool archive. Just error out. */ g_set_error (error, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_FAILED, - _("libtool archives are not supported (%s)"), name_resolved); - return NULL; + _("libtool archives are not supported (%s)"), name); + return FALSE; } - if (!_nm_utils_check_file (name_resolved, - check_owner, - check_file, - user_data, - NULL, - error)) { - return NULL; - } - - s = name_resolved; - name_resolved = NULL; - return s; + return _nm_utils_check_file (name, + check_owner, + check_file, + user_data, + NULL, + error); } /**********************************************************************************************/ diff --git a/libnm-core/nm-vpn-editor-plugin.c b/libnm-core/nm-vpn-editor-plugin.c index fd79fd3bcd..80200f41a8 100644 --- a/libnm-core/nm-vpn-editor-plugin.c +++ b/libnm-core/nm-vpn-editor-plugin.c @@ -119,17 +119,12 @@ nm_vpn_editor_plugin_load_from_file (const char *plugin_filename, g_return_val_if_fail (plugin_filename && *plugin_filename, NULL); - if (g_path_is_absolute (plugin_filename)) { - gs_free char *module_filename = NULL; - - module_filename = _nm_utils_check_module_file (plugin_filename, - check_owner, - check_file, - user_data, - &local); - if (module_filename) - module = g_module_open (module_filename, G_MODULE_BIND_LAZY | G_MODULE_BIND_LOCAL); - } + if (_nm_utils_check_module_file (plugin_filename, + check_owner, + check_file, + user_data, + &local)) + module = g_module_open (plugin_filename, G_MODULE_BIND_LAZY | G_MODULE_BIND_LOCAL); if (!module) { if (local) {