2003-03-19 Havoc Pennington <hp@redhat.com>

* bus/policy.c: start sketching code for policy restrictions on what connections can do.
2026-01-04 01:30:22 +01:00 · 2003-03-19 23:48:17 +00:00 · 2003-03-19 23:48:17 +00:00 · a284a148e4
commit a284a148e4
parent b052524195
4 changed files with 261 additions and 6 deletions
--- a/5
+++ b/5
@ -1,3 +1,8 @@
+2003-03-19  Havoc Pennington  <hp@redhat.com>
+
+	* bus/policy.c: start sketching code for policy restrictions on 
+	what connections can do.
+
 2003-03-18  Havoc Pennington  <hp@redhat.com>

 	* doc/TODO: some notes on high-level todo items. Little nitpick
--- a/bus/policy.c
+++ b/bus/policy.c
@ -0,0 +1,163 @@
+/* -*- mode: C; c-file-style: "gnu" -*- */
+/* policy.c  Policies for what a connection can do
+ *
+ * Copyright (C) 2003  Red Hat, Inc.
+ *
+ * Licensed under the Academic Free License version 1.2
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ *
+ */
+
+#include "policy.h"
+
+BusPolicyRule*
+bus_policy_rule_new (BusPolicyRuleType type,
+                     dbus_bool_t       allow)
+{
+  BusPolicyRule *rule;
+
+  rule = dbus_new0 (BusPolicyRule, 1);
+  if (rule == NULL)
+    return NULL;
+
+  rule->type = type;
+  rule->refcount = 1;
+  rule->allow = allow;
+
+  return rule;
+}
+
+void
+bus_policy_rule_ref (BusPolicyRule *rule)
+{
+  _dbus_assert (rule->refcount > 0);
+
+  rule->refcount += 1;
+}
+
+void
+bus_policy_rule_unref (BusPolicyRule *rule)
+{
+  _dbus_assert (rule->refcount > 0);
+
+  rule->refcount -= 1;
+
+  if (rule->refcount == 0)
+    {
+      switch (rule->type)
+        {
+        case DBUS_POLICY_RULE_SEND:
+          dbus_free (rule->d.send.message_name);
+          dbus_free (rule->d.send.destination);
+          break;
+        case DBUS_POLICY_RULE_RECEIVE:
+          dbus_free (rule->d.receive.message_name);
+          dbus_free (rule->d.receive.origin);
+          break;
+        case DBUS_POLICY_RULE_OWN:
+          dbus_free (rule->d.own.service_name);
+          break;
+        }
+      
+      dbus_free (rule);
+    }
+}
+
+struct BusPolicy
+{
+  int refcount;
+
+  DBusList *rules;
+};
+
+BusPolicy*
+bus_policy_new (void)
+{
+  BusPolicy *policy;
+
+  policy = dbus_new0 (BusPolicy, 1);
+  if (policy == NULL)
+    return NULL;
+
+  policy->refcount = 1;
+
+  return policy;
+}
+
+void
+bus_policy_ref (BusPolicy *policy)
+{
+  _dbus_assert (policy->refcount > 0);
+
+  policy->refcount += 1;
+}
+
+static void
+rule_unref_foreach (void *data,
+                    void *user_data)
+{
+  BusPolicyRule *rule = data;
+
+  bus_policy_rule_unref (rule);
+}
+
+void
+bus_policy_unref (BusPolicy *policy)
+{
+  _dbus_assert (policy->refcount > 0);
+
+  policy->refcount -= 1;
+
+  if (policy->refcount == 0)
+    {
+      _dbus_list_foreach (&policy->rules,
+                          rule_unref_foreach,
+                          NULL);
+
+      _dbus_list_clear (&policy->rules);
+      
+      dbus_free (policy);
+    }
+}
+
+dbus_bool_t
+bus_policy_check_can_send (BusPolicy      *policy,
+                           DBusConnection *sender,
+                           DBusMessage    *message)
+{
+  
+
+}
+
+dbus_bool_t
+bus_policy_check_can_receive (BusPolicy      *policy,
+                              DBusConnection *receiver,
+                              DBusMessage    *message)
+{
+
+
+}
+
+dbus_bool_t
+bus_policy_check_can_own (BusPolicy      *policy,
+                          DBusConnection *connection,
+                          const char     *service_name)
+{
+
+
+}
+
+#endif /* BUS_POLICY_H */
--- a/bus/policy.h
+++ b/bus/policy.h
@ -0,0 +1,93 @@
+/* -*- mode: C; c-file-style: "gnu" -*- */
+/* policy.h  Policies for what a connection can do
+ *
+ * Copyright (C) 2003  Red Hat, Inc.
+ *
+ * Licensed under the Academic Free License version 1.2
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ *
+ */
+
+#ifndef BUS_POLICY_H
+#define BUS_POLICY_H
+
+#include <dbus/dbus.h>
+#include "bus.h"
+
+typedef struct BusPolicy     BusPolicy;
+typedef struct BusPolicyRule BusPolicyRule;
+
+typedef enum
+{
+  DBUS_POLICY_RULE_SEND,
+  DBUS_POLICY_RULE_RECEIVE,
+  DBUS_POLICY_RULE_OWN
+} BusPolicyRuleType;
+
+struct BusPolicyRule
+{
+  int refcount;
+  
+  BusPolicyRuleType type;
+
+  unsigned int allow : 1; /**< #TRUE if this allows, #FALSE if it denies */
+  
+  union
+  {
+    struct
+    {
+      /* either can be NULL meaning "any" */
+      char *message_name;
+      char *destination;
+    } send;
+
+    struct
+    {
+      /* either can be NULL meaning "any" */
+      char *message_name;
+      char *origin;
+    } receive;
+
+    struct
+    {
+      /* can be NULL meaning "any" */
+      char *service_name;
+    } own;
+
+  } d;
+};
+
+BusPolicyRule* bus_policy_rule_new   (BusPolicyRuleType type,
+                                      dbus_bool_t       allow);
+void           bus_policy_rule_ref   (BusPolicyRule    *rule);
+void           bus_policy_rule_unref (BusPolicyRule    *rule);
+
+BusPolicy*  bus_policy_new               (void);
+void        bus_policy_ref               (BusPolicy      *policy);
+void        bus_policy_unref             (BusPolicy      *policy);
+dbus_bool_t bus_policy_check_can_send    (BusPolicy      *policy,
+                                          DBusConnection *sender,
+                                          DBusMessage    *message);
+dbus_bool_t bus_policy_check_can_receive (BusPolicy      *policy,
+                                          DBusConnection *receiver,
+                                          DBusMessage    *message);
+dbus_bool_t bus_policy_check_can_own     (BusPolicy      *policy,
+                                          DBusConnection *connection,
+                                          const char     *service_name);
+
+
+
+#endif /* BUS_POLICY_H */
--- a/doc/config-file.txt
+++ b/doc/config-file.txt
@ -141,12 +141,6 @@ Elements:
    no recipients have been allowed. You have to add 
    <allow send_to="something"/> to make the policy useful.

-  
-
-    
-
-
-