diff options
author | Aleksander Morgado <aleksander@aleksander.es> | 2014-11-09 19:54:15 +0100 |
---|---|---|
committer | Aleksander Morgado <aleksander@aleksander.es> | 2014-11-09 19:54:15 +0100 |
commit | a399784b667943a7c6dd1018b03b20d4fb7c0fa8 (patch) | |
tree | 6cc72dba5be64ddef829435f7d3a9381e4339c06 | |
parent | e2fcbf5cfc2704df34994f6dcd879ecdba9ac8fa (diff) | |
download | libqmi-roshan/qmi-username.tar.gz |
libqmi,utils: new internal __qmi_user_allowed() methodroshan/qmi-username
Allows to check whether the user is allowed to use the QMI device.
Also fixes qmi_proxy_open() to make sure we always set the GError when FALSE is
returned.
-rw-r--r-- | src/libqmi-glib/qmi-proxy.c | 40 | ||||
-rw-r--r-- | src/libqmi-glib/qmi-utils.c | 34 | ||||
-rw-r--r-- | src/libqmi-glib/qmi-utils.h | 2 |
3 files changed, 41 insertions, 35 deletions
diff --git a/src/libqmi-glib/qmi-proxy.c b/src/libqmi-glib/qmi-proxy.c index 0ecff305..531b791c 100644 --- a/src/libqmi-glib/qmi-proxy.c +++ b/src/libqmi-glib/qmi-proxy.c @@ -26,7 +26,6 @@ #include <sys/file.h> #include <sys/types.h> #include <errno.h> -#include <pwd.h> #include <glib.h> #include <glib/gstdio.h> @@ -628,7 +627,6 @@ incoming_cb (GSocketService *service, Client *client; GCredentials *credentials; GError *error = NULL; - struct passwd *expected_usr = NULL; uid_t uid; g_debug ("client connection open..."); @@ -647,18 +645,9 @@ incoming_cb (GSocketService *service, g_error_free (error); return; } - - expected_usr = getpwnam (QMI_USERNAME); - if (!expected_usr) { - g_warning ("Unknown user configured: %s", QMI_USERNAME); - /* Falling back to check for root user if the configured user is unknown */ - if (uid != 0) { - g_warning ("Client not allowed: Not enough privileges"); - return; - } - } - else if (uid != expected_usr->pw_uid) { - g_warning ("Client not allowed: Not the expected user: %s", QMI_USERNAME); + if (!__qmi_user_allowed (uid, &error)) { + g_warning ("Client not allowed: %s", error->message); + g_error_free (error); return; } @@ -744,28 +733,9 @@ QmiProxy * qmi_proxy_new (GError **error) { QmiProxy *self; - struct passwd *expected_usr = NULL; - - /* Only the specified user can run the mbim-proxy */ - expected_usr = getpwnam (QMI_USERNAME); - if (!expected_usr) { - g_warning ("Unknown user configured: %s", QMI_USERNAME); - /* Falling back to check for root user if the configured user is unknown */ - if (getuid () != 0) { - g_set_error (error, - QMI_CORE_ERROR, - QMI_CORE_ERROR_FAILED, - "Not enough privileges"); - return NULL; - } - } - else if (getuid () != expected_usr->pw_uid) { - g_set_error (error, - QMI_CORE_ERROR, - QMI_CORE_ERROR_FAILED, - "Not started with the expected user: %s", QMI_USERNAME); + + if (!__qmi_user_allowed (getuid (), error)) return NULL; - } self = g_object_new (QMI_TYPE_PROXY, NULL); if (!setup_socket_service (self, error)) diff --git a/src/libqmi-glib/qmi-utils.c b/src/libqmi-glib/qmi-utils.c index 3875a0b4..c86090d3 100644 --- a/src/libqmi-glib/qmi-utils.c +++ b/src/libqmi-glib/qmi-utils.c @@ -26,8 +26,10 @@ #include <string.h> #include <stdint.h> #include <stdio.h> +#include <pwd.h> #include "qmi-utils.h" +#include "qmi-error-types.h" /** * SECTION:qmi-utils @@ -75,6 +77,38 @@ __qmi_utils_str_hex (gconstpointer mem, /*****************************************************************************/ +gboolean +__qmi_user_allowed (uid_t uid, + GError **error) +{ + struct passwd *expected_usr = NULL; + + expected_usr = getpwnam (QMI_USERNAME); + if (!expected_usr) { + g_warning ("Unknown user configured: %s", QMI_USERNAME); + /* Falling back to check for root user if the configured user is unknown */ + if (uid == 0) + return TRUE; + + g_set_error (error, + QMI_CORE_ERROR, + QMI_CORE_ERROR_FAILED, + "Not enough privileges (unknown username %s)", QMI_USERNAME); + return FALSE; + } + + if (uid == expected_usr->pw_uid) + return TRUE; + + g_set_error (error, + QMI_CORE_ERROR, + QMI_CORE_ERROR_FAILED, + "Not enough privileges"); + return FALSE; +} + +/*****************************************************************************/ + #if defined UTILS_ENABLE_TRACE static void print_read_bytes_trace (const gchar *type, diff --git a/src/libqmi-glib/qmi-utils.h b/src/libqmi-glib/qmi-utils.h index b4cf43c4..55d81b9b 100644 --- a/src/libqmi-glib/qmi-utils.h +++ b/src/libqmi-glib/qmi-utils.h @@ -163,6 +163,8 @@ G_GNUC_INTERNAL gchar *__qmi_utils_str_hex (gconstpointer mem, gsize size, gchar delimiter); +gboolean __qmi_user_allowed (uid_t uid, + GError **error); #endif G_END_DECLS |