fixup! auth: rework polkit autorization to use DBUS interface directlyth/bgo734146_polkit-1

author: Dan Williams <dcbw@redhat.com> 2014-09-10 14:14:04 -0500
committer: Dan Williams <dcbw@redhat.com> 2014-09-10 14:23:20 -0500
commit: 8fc10da2528bc361933e11ee3e70e7964e38e27f (patch)
tree: b55068465c910f1917ea6030c051cbd11e0c8211
parent: 9ce5244b73fd822b316d3619dc5c9ed0c12bcaf0 (diff)
download: NetworkManager-th/bgo734146_polkit-1.tar.gz
2 files changed, 67 insertions, 102 deletions
diff --git a/src/nm-auth-subject.c b/src/nm-auth-subject.c
index 737519f7ac..27a0767ebf 100644
--- a/src/nm-auth-subject.c
+++ b/src/nm-auth-subject.c
@@ -26,28 +26,21 @@
  * makes requests, like process identifier and user UID.
  */
 
-#include "nm-auth-subject.h"
-
 #include <string.h>
 #include <stdlib.h>
 #include <gio/gio.h>
 
 #include "nm-dbus-manager.h"
+#include "nm-auth-subject.h"
+#include "nm-enum-types.h"
 
 G_DEFINE_TYPE (NMAuthSubject, nm_auth_subject, G_TYPE_OBJECT)
 
 #define NM_AUTH_SUBJECT_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), NM_TYPE_AUTH_SUBJECT, NMAuthSubjectPrivate))
 
-typedef enum {
-	SUBJECT_TYPE_INVALID      = 0,
-	SUBJECT_TYPE_INTERNAL     = 0x1,
-	SUBJECT_TYPE_UNIX_PROCESS = 0x2,
-} SubjectType;
-
 enum {
 	PROP_0,
-	PROP_IS_INTERNAL,
-	PROP_IS_UNIX_PROCESS,
+	PROP_SUBJECT_TYPE,
 	PROP_UNIX_PROCESS_DBUS_SENDER,
 	PROP_UNIX_PROCESS_PID,
 	PROP_UID,
@@ -56,7 +49,7 @@ enum {
 };
 
 typedef struct {
-	SubjectType subject_type;
+	NMAuthSubjectType subject_type;
 	struct {
 		gulong pid;
 		gulong uid;
@@ -125,30 +118,33 @@ get_start_time_for_pid (pid_t pid)
 
 /**************************************************************/
 
-#define CHECK_SUBJECT(self, expected_subject_type, error_value) \
-	NMAuthSubjectPrivate *priv; \
-	g_return_val_if_fail (NM_IS_AUTH_SUBJECT (self), error_value); \
-	priv = NM_AUTH_SUBJECT_GET_PRIVATE (self); \
-	g_return_val_if_fail ((expected_subject_type) == SUBJECT_TYPE_INVALID || priv->subject_type == (expected_subject_type), error_value);
+#define CHECK_SUBJECT(self, type_func, error_value) \
+       NMAuthSubjectPrivate *priv; \
+       g_return_val_if_fail (NM_IS_AUTH_SUBJECT (self), error_value); \
+       priv = NM_AUTH_SUBJECT_GET_PRIVATE (self); \
+       g_return_val_if_fail (nm_auth_subject_is_##type_func (self), error_value);
 
 const char *
 nm_auth_subject_to_string (NMAuthSubject *self, char *buf, gsize buf_len)
 {
-	CHECK_SUBJECT (self, SUBJECT_TYPE_INVALID, NULL);
+	NMAuthSubjectPrivate *priv;
+
+	g_return_val_if_fail (NM_IS_AUTH_SUBJECT (self), NULL);
+	priv = NM_AUTH_SUBJECT_GET_PRIVATE (self);
 
 	switch (priv->subject_type) {
-	case SUBJECT_TYPE_UNIX_PROCESS:
+	case NM_AUTH_SUBJECT_TYPE_UNIX_PROCESS:
 		g_snprintf (buf, buf_len, "unix-process[pid=%lu, uid=%lu, start=%llu",
 		            (long unsigned) priv->unix_process.pid,
 		            (long unsigned) priv->unix_process.uid,
 		            (long long unsigned) priv->unix_process.start_time);
 		break;
-	case SUBJECT_TYPE_INTERNAL:
+	case NM_AUTH_SUBJECT_TYPE_INTERNAL:
 		g_strlcat (buf, "internal", buf_len);
 		break;
 	default:
 		g_strlcat (buf, "invalid", buf_len);
-		break;
+		g_assert_not_reached ();
 	}
 	return buf;
 }
@@ -162,7 +158,7 @@ nm_auth_subject_unix_process_to_polkit_gvariant (NMAuthSubject *self)
 	GVariantBuilder builder;
 	GVariant *dict;
 	GVariant *ret;
-	CHECK_SUBJECT (self, SUBJECT_TYPE_UNIX_PROCESS, NULL);
+	CHECK_SUBJECT (self, unix_process, NULL);
 
 	g_variant_builder_init (&builder, G_VARIANT_TYPE ("a{sv}"));
 	g_variant_builder_add (&builder, "{sv}", "pid",
@@ -181,23 +177,23 @@ nm_auth_subject_unix_process_to_polkit_gvariant (NMAuthSubject *self)
 gboolean
 nm_auth_subject_is_internal (NMAuthSubject *subject)
 {
-	CHECK_SUBJECT (subject, SUBJECT_TYPE_INVALID, FALSE);
+	g_return_val_if_fail (NM_IS_AUTH_SUBJECT (subject), FALSE);
 
-	return priv->subject_type == SUBJECT_TYPE_INTERNAL;
+	return NM_AUTH_SUBJECT_GET_PRIVATE (subject)->subject_type == NM_AUTH_SUBJECT_TYPE_INTERNAL;
 }
 
 gboolean
 nm_auth_subject_is_unix_process (NMAuthSubject *subject)
 {
-	CHECK_SUBJECT (subject, SUBJECT_TYPE_INVALID, FALSE);
+	g_return_val_if_fail (NM_IS_AUTH_SUBJECT (subject), FALSE);
 
-	return priv->subject_type == SUBJECT_TYPE_UNIX_PROCESS;
+	return NM_AUTH_SUBJECT_GET_PRIVATE (subject)->subject_type == NM_AUTH_SUBJECT_TYPE_UNIX_PROCESS;
 }
 
 gulong
 nm_auth_subject_get_unix_process_pid (NMAuthSubject *subject)
 {
-	CHECK_SUBJECT (subject, SUBJECT_TYPE_UNIX_PROCESS, G_MAXULONG);
+	CHECK_SUBJECT (subject, unix_process, G_MAXULONG);
 
 	return priv->unix_process.pid;
 }
@@ -205,7 +201,7 @@ nm_auth_subject_get_unix_process_pid (NMAuthSubject *subject)
 gulong
 nm_auth_subject_get_unix_process_uid (NMAuthSubject *subject)
 {
-	CHECK_SUBJECT (subject, SUBJECT_TYPE_UNIX_PROCESS, G_MAXULONG);
+	CHECK_SUBJECT (subject, unix_process, G_MAXULONG);
 
 	return priv->unix_process.uid;
 }
@@ -213,7 +209,7 @@ nm_auth_subject_get_unix_process_uid (NMAuthSubject *subject)
 const char *
 nm_auth_subject_get_unix_process_dbus_sender (NMAuthSubject *subject)
 {
-	CHECK_SUBJECT (subject, SUBJECT_TYPE_UNIX_PROCESS, NULL);
+	CHECK_SUBJECT (subject, unix_process, NULL);
 
 	return priv->unix_process.dbus_sender;
 }
@@ -226,7 +222,7 @@ _new_unix_process (DBusGMethodInvocation *context,
                    DBusMessage *message)
 {
 	NMAuthSubject *self;
-	gboolean success;
+	gboolean success = FALSE;
 	gulong pid = 0, uid = 0;
 	char *dbus_sender = NULL;
 
@@ -259,18 +255,17 @@ _new_unix_process (DBusGMethodInvocation *context,
 	g_return_val_if_fail (pid > 0 && pid <= MIN (G_MAXINT, G_MAXINT32), NULL);
 
 	self = NM_AUTH_SUBJECT (g_object_new (NM_TYPE_AUTH_SUBJECT,
-	                                      NM_AUTH_SUBJECT_IS_UNIX_PROCESS, (gboolean) TRUE,
+	                                      NM_AUTH_SUBJECT_SUBJECT_TYPE, NM_AUTH_SUBJECT_TYPE_UNIX_PROCESS,
 	                                      NM_AUTH_SUBJECT_UNIX_PROCESS_DBUS_SENDER, dbus_sender,
 	                                      NM_AUTH_SUBJECT_UNIX_PROCESS_PID, (gulong) pid,
 	                                      NM_AUTH_SUBJECT_UID, (gulong) uid,
 	                                      NULL));
 
-	if (NM_AUTH_SUBJECT_GET_PRIVATE (self)->subject_type != SUBJECT_TYPE_UNIX_PROCESS) {
+	if (!nm_auth_subject_is_unix_process (self)) {
 		/* this most likely happened because the process is gone (start_time==0).
 		 * Either that is not assert-worthy, or constructed() already asserted.
 		 * Just return NULL. */
-		g_object_unref (self);
-		return NULL;
+		g_clear_object (&self);
 	}
 	return self;
 }
@@ -298,9 +293,15 @@ nm_auth_subject_new_unix_process_from_message (DBusConnection *connection,
 NMAuthSubject *
 nm_auth_subject_new_internal (void)
 {
-	return NM_AUTH_SUBJECT (g_object_new (NM_TYPE_AUTH_SUBJECT,
-	                                      NM_AUTH_SUBJECT_IS_INTERNAL, (gboolean) TRUE,
+	NMAuthSubject *self;
+
+	self = NM_AUTH_SUBJECT (g_object_new (NM_TYPE_AUTH_SUBJECT,
+	                                      NM_AUTH_SUBJECT_SUBJECT_TYPE, NM_AUTH_SUBJECT_TYPE_INTERNAL,
 	                                      NULL));
+	if (!nm_auth_subject_is_internal (self))
+		g_clear_object (&self);
+
+	return self;
 }
 
 /**************************************************************/
@@ -312,12 +313,8 @@ get_property (GObject *object, guint prop_id, GValue *value, GParamSpec *pspec)
 
 	switch (prop_id) {
 
-	case PROP_IS_INTERNAL:
-		g_value_set_boolean (value, priv->subject_type == SUBJECT_TYPE_INTERNAL);
-		break;
-
-	case PROP_IS_UNIX_PROCESS:
-		g_value_set_boolean (value, priv->subject_type == SUBJECT_TYPE_UNIX_PROCESS);
+	case PROP_SUBJECT_TYPE:
+		g_value_set_enum (value, priv->subject_type);
 		break;
 	case PROP_UNIX_PROCESS_DBUS_SENDER:
 		g_value_set_string (value, priv->unix_process.dbus_sender);
@@ -339,52 +336,23 @@ static void
 set_property (GObject *object, guint prop_id, const GValue *value, GParamSpec *pspec)
 {
 	NMAuthSubjectPrivate *priv = NM_AUTH_SUBJECT_GET_PRIVATE (object);
-	const char *str;
-	gulong id;
+	NMAuthSubjectType subject_type;
 
 	/* all properties are construct-only */
 	switch (prop_id) {
-
-	case PROP_IS_INTERNAL:
-		if (g_value_get_boolean (value)) {
-			priv->subject_type |= SUBJECT_TYPE_INTERNAL;
-			g_return_if_fail (priv->subject_type == SUBJECT_TYPE_INTERNAL);
-		}
-		break;
-
-	case PROP_IS_UNIX_PROCESS:
-		if (g_value_get_boolean (value)) {
-			priv->subject_type |= SUBJECT_TYPE_UNIX_PROCESS;
-			g_return_if_fail (priv->subject_type == SUBJECT_TYPE_UNIX_PROCESS);
-		}
+	case PROP_SUBJECT_TYPE:
+		subject_type = g_value_get_enum (value);
+		g_return_if_fail (subject_type > NM_AUTH_SUBJECT_TYPE_INVALID);
+		priv->subject_type = subject_type;
 		break;
 	case PROP_UNIX_PROCESS_DBUS_SENDER:
-		if ((str = g_value_get_string (value))) {
-			priv->subject_type |= SUBJECT_TYPE_UNIX_PROCESS;
-			if (priv->subject_type == SUBJECT_TYPE_UNIX_PROCESS)
-				priv->unix_process.dbus_sender = g_strdup (str);
-			else
-				g_return_if_reached ();
-		}
+		priv->unix_process.dbus_sender = g_value_dup_string (value);
 		break;
 	case PROP_UNIX_PROCESS_PID:
-		if ((id = g_value_get_ulong (value)) != G_MAXULONG) {
-			priv->subject_type |= SUBJECT_TYPE_UNIX_PROCESS;
-			if (priv->subject_type == SUBJECT_TYPE_UNIX_PROCESS)
-				priv->unix_process.pid = id;
-			else
-				g_return_if_reached ();
-		}
+		priv->unix_process.pid = g_value_get_ulong (value);
 		break;
-
 	case PROP_UID:
-		if ((id = g_value_get_ulong (value)) != G_MAXULONG) {
-			priv->subject_type |= SUBJECT_TYPE_UNIX_PROCESS;
-			if (priv->subject_type == SUBJECT_TYPE_UNIX_PROCESS)
-				priv->unix_process.uid = id;
-			else
-				g_return_if_reached ();
-		}
+		priv->unix_process.uid = g_value_get_ulong (value);
 		break;
 
 	default:
@@ -396,7 +364,7 @@ set_property (GObject *object, guint prop_id, const GValue *value, GParamSpec *p
 static void
 _clear_private (NMAuthSubjectPrivate *priv)
 {
-	priv->subject_type = SUBJECT_TYPE_INVALID;
+	priv->subject_type = NM_AUTH_SUBJECT_TYPE_INVALID;
 	priv->unix_process.pid = G_MAXULONG;
 	priv->unix_process.uid = G_MAXULONG;
 	g_clear_pointer (&priv->unix_process.dbus_sender, g_free);
@@ -417,11 +385,13 @@ constructed (GObject *object)
 	/* validate that the created instance. */
 
 	switch (priv->subject_type) {
-	case SUBJECT_TYPE_INTERNAL:
+	case NM_AUTH_SUBJECT_TYPE_INTERNAL:
+		g_warn_if_fail (priv->unix_process.pid == G_MAXULONG);
 		priv->unix_process.pid = G_MAXULONG;
-		priv->unix_process.uid = 0;
+		g_warn_if_fail (priv->unix_process.uid == G_MAXULONG);
+		priv->unix_process.uid = 0;  /* internal uses 'root' user */
 		return;
-	case SUBJECT_TYPE_UNIX_PROCESS:
+	case NM_AUTH_SUBJECT_TYPE_UNIX_PROCESS:
 		/* Ensure pid and uid to be representably be int32.
 		 * DBUS treats them as uint32, polkit library as gint. */
 		if (priv->unix_process.pid > MIN (G_MAXINT, G_MAXINT32))
@@ -442,7 +412,7 @@ constructed (GObject *object)
 		}
 		return;
 	default:
-		break;
+		g_assert_not_reached ();
 	}
 
 	_clear_private (priv);
@@ -472,23 +442,14 @@ nm_auth_subject_class_init (NMAuthSubjectClass *config_class)
 	object_class->constructed = constructed;
 	object_class->finalize = finalize;
 
-
-	g_object_class_install_property
-	    (object_class, PROP_IS_INTERNAL,
-	     g_param_spec_boolean (NM_AUTH_SUBJECT_IS_INTERNAL, "", "",
-	                           FALSE,
-	                           G_PARAM_READWRITE |
-	                           G_PARAM_CONSTRUCT_ONLY |
-	                           G_PARAM_STATIC_STRINGS));
-
-
 	g_object_class_install_property
-	    (object_class, PROP_IS_UNIX_PROCESS,
-	     g_param_spec_boolean (NM_AUTH_SUBJECT_IS_UNIX_PROCESS, "", "",
-	                           FALSE,
-	                           G_PARAM_READWRITE |
-	                           G_PARAM_CONSTRUCT_ONLY |
-	                           G_PARAM_STATIC_STRINGS));
+	    (object_class, PROP_SUBJECT_TYPE,
+	     g_param_spec_enum (NM_AUTH_SUBJECT_SUBJECT_TYPE, "", "",
+	                        NM_TYPE_AUTH_SUBJECT_TYPE,
+	                        NM_AUTH_SUBJECT_TYPE_INVALID,
+	                        G_PARAM_READWRITE |
+	                        G_PARAM_CONSTRUCT_ONLY |
+	                        G_PARAM_STATIC_STRINGS));
 
 	g_object_class_install_property
 	    (object_class, PROP_UNIX_PROCESS_DBUS_SENDER,
diff --git a/src/nm-auth-subject.h b/src/nm-auth-subject.h
index 05aadda11b..687d39b35a 100644
--- a/src/nm-auth-subject.h
+++ b/src/nm-auth-subject.h
@@ -36,8 +36,13 @@
 #define NM_IS_AUTH_SUBJECT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), NM_TYPE_AUTH_SUBJECT))
 #define NM_AUTH_SUBJECT_GET_CLASS(obj)  (G_TYPE_INSTANCE_GET_CLASS ((obj), NM_TYPE_AUTH_SUBJECT, NMAuthSubjectClass))
 
-#define NM_AUTH_SUBJECT_IS_INTERNAL                "is-internal"
-#define NM_AUTH_SUBJECT_IS_UNIX_PROCESS            "is-unix-process"
+typedef enum {
+	NM_AUTH_SUBJECT_TYPE_INVALID      = 0,
+	NM_AUTH_SUBJECT_TYPE_INTERNAL     = 1,
+	NM_AUTH_SUBJECT_TYPE_UNIX_PROCESS = 2,
+} NMAuthSubjectType;
+
+#define NM_AUTH_SUBJECT_SUBJECT_TYPE               "subject-type"
 #define NM_AUTH_SUBJECT_UNIX_PROCESS_DBUS_SENDER   "unix-process-dbus-sender"
 #define NM_AUTH_SUBJECT_UNIX_PROCESS_PID           "unix-process-pid"
 #define NM_AUTH_SUBJECT_UID                        "uid"
@@ -61,7 +66,6 @@ NMAuthSubject *nm_auth_subject_new_unix_process_from_message (DBusConnection *co
 
 gboolean nm_auth_subject_is_internal (NMAuthSubject *subject);
 
-
 gboolean nm_auth_subject_is_unix_process (NMAuthSubject *subject);
 
 gulong nm_auth_subject_get_unix_process_pid (NMAuthSubject *subject);
author	Dan Williams <dcbw@redhat.com>	2014-09-10 14:14:04 -0500
committer	Dan Williams <dcbw@redhat.com>	2014-09-10 14:23:20 -0500
commit	8fc10da2528bc361933e11ee3e70e7964e38e27f (patch)
tree	b55068465c910f1917ea6030c051cbd11e0c8211
parent	9ce5244b73fd822b316d3619dc5c9ed0c12bcaf0 (diff)
download	NetworkManager-th/bgo734146_polkit-1.tar.gz