session: switch code to nm_session_monitor_session_exists()

Acked-By: Thomas Haller <thaller@redhat.com>
author: Pavel Šimerda <psimerda@redhat.com> 2015-01-02 21:20:38 +0100
committer: Pavel Šimerda <psimerda@redhat.com> 2015-01-05 18:38:22 +0100
commit: 5fb31ba5d1c54ae9bf723e20fb1e4a83cf2a0496 (patch)
tree: 5191dfdd4b1b6a80a906e257a950c9fe1e901795
parent: 335bbc63357cc963628ad97f465433d1936fe0ba (diff)
download: NetworkManager-5fb31ba5d1c54ae9bf723e20fb1e4a83cf2a0496.tar.gz
5 files changed, 43 insertions, 29 deletions
diff --git a/src/nm-auth-utils.c b/src/nm-auth-utils.c
index 9ace162921..1c20622ad3 100644
--- a/src/nm-auth-utils.c
+++ b/src/nm-auth-utils.c
@@ -425,7 +425,6 @@ nm_auth_is_subject_in_acl (NMConnection *connection,
 {
 	NMSettingConnection *s_con;
 	const char *user = NULL;
-	GError *local = NULL;
 	gulong uid;
 
 	g_return_val_if_fail (connection != NULL, FALSE);
@@ -443,17 +442,13 @@ nm_auth_is_subject_in_acl (NMConnection *connection,
 		return TRUE;
 
 	/* Reject the request if the request comes from no session at all */
-	if (!nm_session_monitor_uid_has_session (smon, uid, &user, &local)) {
-		if (out_error_desc) {
-			*out_error_desc = g_strdup_printf ("No session found for uid %lu (%s)",
-			                                   uid,
-			                                   local && local->message ? local->message : "unknown");
-		}
-		g_clear_error (&local);
+	if (!nm_session_monitor_session_exists (uid, FALSE)) {
+		if (out_error_desc)
+			*out_error_desc = g_strdup_printf ("No session found for uid %lu", uid);
 		return FALSE;
 	}
 
-	if (!user) {
+	if (!nm_session_monitor_uid_to_user (uid, &user)) {
 		if (out_error_desc)
 			*out_error_desc = g_strdup_printf ("Could not determine username for uid %lu", uid);
 		return FALSE;
diff --git a/src/nm-session-monitor.c b/src/nm-session-monitor.c
index d398056e69..c9ee3426f3 100644
--- a/src/nm-session-monitor.c
+++ b/src/nm-session-monitor.c
@@ -65,3 +65,25 @@ nm_session_monitor_user_to_uid (const char *user, uid_t *out_uid)
 
 	return TRUE;
 }
+
+/**
+ * nm_session_monitor_session_exists:
+ * @uid: A user ID.
+ * @active: Ignore inactive sessions.
+ *
+ * Checks whether the given @uid is logged into an active session. Don't
+ * use this feature for security purposes. It is there just to allow you
+ * to prefer an agent from an active session over an agent from an
+ * inactive one.
+ *
+ * Returns: %FALSE if @error is set otherwise %TRUE if the given @uid is
+ * logged into an active session.
+ */
+gboolean
+nm_session_monitor_session_exists (uid_t uid, gboolean active)
+{
+	if (active)
+		return nm_session_monitor_uid_active (nm_session_monitor_get (), uid, NULL);
+	else
+		return nm_session_monitor_uid_has_session (nm_session_monitor_get (), uid, NULL, NULL);
+}
diff --git a/src/nm-session-monitor.h b/src/nm-session-monitor.h
index d05ee34512..818941ef79 100644
--- a/src/nm-session-monitor.h
+++ b/src/nm-session-monitor.h
@@ -43,6 +43,7 @@ NMSessionMonitor *nm_session_monitor_get          (void);
 
 gboolean          nm_session_monitor_uid_to_user    (uid_t uid, const char **out_user);
 gboolean          nm_session_monitor_user_to_uid    (const char *user, uid_t *out_uid);
+gboolean          nm_session_monitor_session_exists (uid_t uid, gboolean active);
 
 gboolean          nm_session_monitor_user_has_session (NMSessionMonitor *monitor,
                                                        const char *username,
diff --git a/src/settings/nm-agent-manager.c b/src/settings/nm-agent-manager.c
index cc4b1943ca..37ed42bdbe 100644
--- a/src/settings/nm-agent-manager.c
+++ b/src/settings/nm-agent-manager.c
@@ -273,7 +273,7 @@ impl_agent_manager_register_with_capabilities (NMAgentManager *self,
 	NMAgentManagerPrivate *priv = NM_AGENT_MANAGER_GET_PRIVATE (self);
 	NMAuthSubject *subject;
 	gulong sender_uid = G_MAXULONG;
-	GError *error = NULL, *local = NULL;
+	GError *error = NULL;
 	NMSecretAgent *agent;
 	NMAuthChain *chain;
 
@@ -287,13 +287,10 @@ impl_agent_manager_register_with_capabilities (NMAgentManager *self,
 	sender_uid = nm_auth_subject_get_unix_process_uid (subject);
 
 	if (   0 != sender_uid
-	    && !nm_session_monitor_uid_has_session (nm_session_monitor_get (),
-	                                            sender_uid,
-	                                            NULL,
-	                                            &local)) {
+	    && !nm_session_monitor_session_exists (sender_uid, FALSE)) {
 		error = g_error_new_literal (NM_AGENT_MANAGER_ERROR,
 		                             NM_AGENT_MANAGER_ERROR_PERMISSION_DENIED,
-		                             local && local->message ? local->message : "Session not found");
+		                             "Session not found");
 		goto done;
 	}
 
@@ -339,7 +336,6 @@ done:
 	if (error)
 		dbus_g_method_return_error (context, error);
 	g_clear_error (&error);
-	g_clear_error (&local);
 	g_clear_object (&subject);
 }
 
@@ -530,12 +526,8 @@ agent_compare_func (gconstpointer aa, gconstpointer bb, gpointer user_data)
 	}
 
 	/* Prefer agents in active sessions */
-	a_active = nm_session_monitor_uid_active (nm_session_monitor_get (),
-	                                          nm_secret_agent_get_owner_uid (a),
-	                                          NULL);
-	b_active = nm_session_monitor_uid_active (nm_session_monitor_get (),
-	                                          nm_secret_agent_get_owner_uid (b),
-	                                          NULL);
+	a_active = nm_session_monitor_session_exists (nm_secret_agent_get_owner_uid (a), TRUE);
+	b_active = nm_session_monitor_session_exists (nm_secret_agent_get_owner_uid (b), TRUE);
 	if (a_active && !b_active)
 		return -1;
 	else if (a_active == b_active)
diff --git a/src/settings/nm-settings-connection.c b/src/settings/nm-settings-connection.c
index 529f4d8f4b..0e8b0fafbd 100644
--- a/src/settings/nm-settings-connection.c
+++ b/src/settings/nm-settings-connection.c
@@ -262,14 +262,18 @@ nm_settings_connection_recheck_visibility (NMSettingsConnection *self)
 	}
 
 	for (i = 0; i < num; i++) {
-		const char *puser;
+		const char *user;
+		uid_t uid;
 
-		if (nm_setting_connection_get_permission (s_con, i, NULL, &puser, NULL)) {
-			if (nm_session_monitor_user_has_session (priv->session_monitor, puser, NULL, NULL)) {
-				set_visible (self, TRUE);
-				return;
-			}
-		}
+		if (!nm_setting_connection_get_permission (s_con, i, NULL, &user, NULL))
+			continue;
+		if (!nm_session_monitor_user_to_uid (user, &uid))
+			continue;
+		if (!nm_session_monitor_session_exists (uid, FALSE))
+			continue;
+
+		set_visible (self, TRUE);
+		return;
 	}
 
 	set_visible (self, FALSE);
author	Pavel Šimerda <psimerda@redhat.com>	2015-01-02 21:20:38 +0100
committer	Pavel Šimerda <psimerda@redhat.com>	2015-01-05 18:38:22 +0100
commit	5fb31ba5d1c54ae9bf723e20fb1e4a83cf2a0496 (patch)
tree	5191dfdd4b1b6a80a906e257a950c9fe1e901795
parent	335bbc63357cc963628ad97f465433d1936fe0ba (diff)
download	NetworkManager-5fb31ba5d1c54ae9bf723e20fb1e4a83cf2a0496.tar.gz