* bus/config-parser.c, bus/policy.c, bus/policy.h, bus/dbus-daemon.1.in,bus/session.conf.in: added eavesdrop support for replies - patch by olli.salli at collabora.co.uk approved by Havoc Pennington.

2026-02-03 20:40:34 +01:00 · 2007-03-15 13:27:01 +00:00 · 2007-03-15 13:27:01 +00:00 · cd57ebe33b
commit cd57ebe33b
parent 280e313ef7
6 changed files with 33 additions and 17 deletions
--- a/8
+++ b/8
@ -1,3 +1,11 @@
+2007-03-15 Ralf.Habacker  <ralf.habacker@freenet.de>
+
+	* bus/config-parser.c, bus/policy.c,  
+	bus/policy.h, bus/dbus-daemon.1.in,
+	bus/session.conf.in: added eavesdrop support 
+	for replies - patch by olli.salli at collabora.co.uk
+	approved by Havoc Pennington. 
+
 2007-03-15 Ralf.Habacker  <ralf.habacker@freenet.de>

 	* dbus\dbus-sysdeps-win-thread.c: renamed to 
--- a/bus/config-parser.c
+++ b/bus/config-parser.c
@ -1181,7 +1181,6 @@ append_rule_from_element (BusConfigParser   *parser,
       (send_interface && receive_member) ||
       (send_interface && receive_error) ||
       (send_interface && receive_sender) ||
-       (send_interface && eavesdrop) ||
       (send_interface && receive_requested_reply) ||
       (send_interface && own) ||
       (send_interface && user) ||
@ -1192,7 +1191,6 @@ append_rule_from_element (BusConfigParser   *parser,
       (send_member && receive_member) ||
       (send_member && receive_error) ||
       (send_member && receive_sender) ||
-       (send_member && eavesdrop) ||
       (send_member && receive_requested_reply) ||
       (send_member && own) ||
       (send_member && user) ||
@ -1202,7 +1200,6 @@ append_rule_from_element (BusConfigParser   *parser,
       (send_error && receive_member) ||
       (send_error && receive_error) ||
       (send_error && receive_sender) ||
-       (send_error && eavesdrop) ||
       (send_error && receive_requested_reply) ||
       (send_error && own) ||
       (send_error && user) ||
@ -1212,7 +1209,6 @@ append_rule_from_element (BusConfigParser   *parser,
       (send_destination && receive_member) ||
       (send_destination && receive_error) ||
       (send_destination && receive_sender) ||
-       (send_destination && eavesdrop) ||
       (send_destination && receive_requested_reply) ||
       (send_destination && own) ||
       (send_destination && user) ||
@ -1222,7 +1218,6 @@ append_rule_from_element (BusConfigParser   *parser,
       (send_type && receive_member) ||
       (send_type && receive_error) ||
       (send_type && receive_sender) ||
-       (send_type && eavesdrop) ||
       (send_type && receive_requested_reply) ||
       (send_type && own) ||
       (send_type && user) ||
@ -1232,7 +1227,6 @@ append_rule_from_element (BusConfigParser   *parser,
       (send_path && receive_member) ||
       (send_path && receive_error) ||
       (send_path && receive_sender) ||
-       (send_path && eavesdrop) ||
       (send_path && receive_requested_reply) ||
       (send_path && own) ||
       (send_path && user) ||
@ -1242,7 +1236,6 @@ append_rule_from_element (BusConfigParser   *parser,
       (send_requested_reply && receive_member) ||
       (send_requested_reply && receive_error) ||
       (send_requested_reply && receive_sender) ||
-       (send_requested_reply && eavesdrop) ||
       (send_requested_reply && receive_requested_reply) ||
       (send_requested_reply && own) ||
       (send_requested_reply && user) ||
@ -1319,6 +1312,16 @@ append_rule_from_element (BusConfigParser   *parser,
            }
        }

+      if (eavesdrop &&
+          !(strcmp (eavesdrop, "true") == 0 ||
+            strcmp (eavesdrop, "false") == 0))
+        {
+          dbus_set_error (error, DBUS_ERROR_FAILED,
+                          "Bad value \"%s\" for %s attribute, must be true or false",
+                          "eavesdrop", eavesdrop);
+          return FALSE;
+        }
+
      if (send_requested_reply &&
          !(strcmp (send_requested_reply, "true") == 0 ||
            strcmp (send_requested_reply, "false") == 0))
@ -1333,9 +1336,12 @@ append_rule_from_element (BusConfigParser   *parser,
      if (rule == NULL)
        goto nomem;
      
+      if (eavesdrop)
+        rule->d.send.eavesdrop = (strcmp (eavesdrop, "true") == 0);
+
      if (send_requested_reply)
        rule->d.send.requested_reply = (strcmp (send_requested_reply, "true") == 0);
-      
+
      rule->d.send.message_type = message_type;
      rule->d.send.path = _dbus_strdup (send_path);
      rule->d.send.interface = _dbus_strdup (send_interface);
--- a/bus/dbus-daemon.1.in
+++ b/bus/dbus-daemon.1.in
@ -437,9 +437,10 @@ matches against the given field in the message header.

 .PP
 "Eavesdropping" occurs when an application receives a message that
-was explicitly addressed to a name the application does not own.
-Eavesdropping thus only applies to messages that are addressed to
-services (i.e. it does not apply to signals).
+was explicitly addressed to a name the application does not own, or
+is a reply to such a message. Eavesdropping thus only applies to
+messages that are addressed to services and replies to such messages
+(i.e. it does not apply to signals).

 .PP
 For <allow>, eavesdrop="true" indicates that the rule matches even 
@ -449,7 +450,7 @@ For <deny>, eavesdrop="true" indicates that the rule matches
 only when eavesdropping. eavesdrop="false" is the default for <deny>
 also, but here it means that the rule applies always, even when 
 not eavesdropping. The eavesdrop attribute can only be combined with
-receive rules (with receive_* attributes).
+send and receive rules (with send_* and receive_* attributes).


 .PP
--- a/bus/policy.c
+++ b/bus/policy.c
@ -900,9 +900,9 @@ bus_client_policy_check_can_send (BusClientPolicy *policy,
           * only when reply was requested. requested_reply=false means
           * always allow.
           */
-          if (!requested_reply && rule->allow && rule->d.send.requested_reply)
+          if (!requested_reply && rule->allow && rule->d.send.requested_reply && !rule->d.send.eavesdrop)
            {
-              _dbus_verbose ("  (policy) skipping allow rule since it only applies to requested replies\n");
+              _dbus_verbose ("  (policy) skipping allow rule since it only applies to requested replies and does not allow eavesdropping\n");
              continue;
            }

@ -1086,9 +1086,9 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy,
           * only when reply was requested. requested_reply=false means
           * always allow.
           */
-          if (!requested_reply && rule->allow && rule->d.receive.requested_reply)
+          if (!requested_reply && rule->allow && rule->d.receive.requested_reply && !rule->d.receive.eavesdrop)
            {
-              _dbus_verbose ("  (policy) skipping allow rule since it only applies to requested replies\n");
+              _dbus_verbose ("  (policy) skipping allow rule since it only applies to requested replies and does not allow eavesdropping\n");
              continue;
            }

--- a/bus/policy.h
+++ b/bus/policy.h
@ -63,6 +63,7 @@ struct BusPolicyRule
      char *member;
      char *error;
      char *destination;
+      unsigned int eavesdrop : 1;
      unsigned int requested_reply : 1;
    } send;

--- a/bus/session.conf.in
+++ b/bus/session.conf.in
@ -14,7 +14,7 @@

  <policy context="default">
    <!-- Allow everything to be sent -->
-    <allow send_destination="*"/>
+    <allow send_destination="*" eavesdrop="true"/>
    <!-- Allow everything to be received -->
    <allow eavesdrop="true"/>
    <!-- Allow anyone to own anything -->