[gnome-keyring] dbus: do not handle methods when they don't match initial caller
- From: Stefan Walter <stefw src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-keyring] dbus: do not handle methods when they don't match initial caller
- Date: Sat, 29 Aug 2015 12:23:32 +0000 (UTC)
commit 5b597626b8ae137836b524bf814cf904c8c9c450
Author: Cosimo Cecchi <cosimoc gnome org>
Date: Fri Aug 7 13:42:42 2015 +0200
dbus: do not handle methods when they don't match initial caller
Match the previous behavior in GkdSecretPrompt, GkdSecretSession and
GkdSecretUnlock, where we do not reply to dbus methods that are being
invoked for a caller different than the one initially requesting the
object.
https://bugzilla.gnome.org/show_bug.cgi?id=622905
daemon/dbus/gkd-dbus.c | 17 +++++++++++++++++
daemon/dbus/gkd-dbus.h | 5 +++++
daemon/dbus/gkd-secret-prompt.c | 7 +++++++
daemon/dbus/gkd-secret-session.c | 4 ++++
daemon/dbus/gkd-secret-unlock.c | 7 +++++++
5 files changed, 40 insertions(+), 0 deletions(-)
---
diff --git a/daemon/dbus/gkd-dbus.c b/daemon/dbus/gkd-dbus.c
index 4f7c143..6644a79 100644
--- a/daemon/dbus/gkd-dbus.c
+++ b/daemon/dbus/gkd-dbus.c
@@ -282,3 +282,20 @@ gkd_dbus_setup (void)
egg_cleanup_register (dbus_cleanup, NULL);
return TRUE;
}
+
+gboolean
+gkd_dbus_invocation_matches_caller (GDBusMethodInvocation *invocation,
+ const char *caller)
+{
+ const char *invocation_caller;
+
+ invocation_caller = g_dbus_method_invocation_get_sender (invocation);
+ if (!g_str_equal (invocation_caller, caller)) {
+ g_dbus_method_invocation_return_error_literal (invocation, G_DBUS_ERROR,
+ G_DBUS_ERROR_ACCESS_DENIED,
+ "Invalid caller");
+ return FALSE;
+ }
+
+ return TRUE;
+}
diff --git a/daemon/dbus/gkd-dbus.h b/daemon/dbus/gkd-dbus.h
index 6506aa9..8a9ca45 100644
--- a/daemon/dbus/gkd-dbus.h
+++ b/daemon/dbus/gkd-dbus.h
@@ -23,6 +23,7 @@
#ifndef GKD_DBUS_H
#define GKD_DBUS_H
+#include <gio/gio.h>
#include <glib.h>
gboolean gkd_dbus_setup (void);
@@ -33,4 +34,8 @@ gboolean gkd_dbus_singleton_acquire (gboolean *acquired);
gchar* gkd_dbus_singleton_control (void);
+/* DBus utils */
+gboolean gkd_dbus_invocation_matches_caller (GDBusMethodInvocation *invocation,
+ const char *caller);
+
#endif /* GKD_DBUS_H */
diff --git a/daemon/dbus/gkd-secret-prompt.c b/daemon/dbus/gkd-secret-prompt.c
index 3aa4dcc..65ee413 100644
--- a/daemon/dbus/gkd-secret-prompt.c
+++ b/daemon/dbus/gkd-secret-prompt.c
@@ -20,6 +20,7 @@
#include "config.h"
+#include "gkd-dbus.h"
#include "gkd-secret-dispatch.h"
#include "gkd-secret-error.h"
#include "gkd-secret-exchange.h"
@@ -103,6 +104,9 @@ prompt_method_prompt (GkdExportedPrompt *skeleton,
gchar *window_id,
GkdSecretPrompt *self)
{
+ if (!gkd_dbus_invocation_matches_caller (invocation, self->pv->caller))
+ return FALSE;
+
/* Act as if this object no longer exists */
if (self->pv->completed)
return FALSE;
@@ -131,6 +135,9 @@ prompt_method_dismiss (GkdExportedPrompt *skeleton,
GDBusMethodInvocation *invocation,
GkdSecretPrompt *self)
{
+ if (!gkd_dbus_invocation_matches_caller (invocation, self->pv->caller))
+ return FALSE;
+
/* Act as if this object no longer exists */
if (self->pv->completed)
return FALSE;
diff --git a/daemon/dbus/gkd-secret-session.c b/daemon/dbus/gkd-secret-session.c
index 6ae382f..11950bf 100644
--- a/daemon/dbus/gkd-secret-session.c
+++ b/daemon/dbus/gkd-secret-session.c
@@ -20,6 +20,7 @@
#include "config.h"
+#include "gkd-dbus.h"
#include "gkd-secret-dispatch.h"
#include "gkd-secret-error.h"
#include "gkd-secret-secret.h"
@@ -290,6 +291,9 @@ session_method_close (GkdExportedSession *skeleton,
GDBusMethodInvocation *invocation,
GkdSecretSession *self)
{
+ if (!gkd_dbus_invocation_matches_caller (invocation, self->caller))
+ return FALSE;
+
gkd_secret_service_close_session (self->service, self);
gkd_exported_session_complete_close (skeleton, invocation);
diff --git a/daemon/dbus/gkd-secret-unlock.c b/daemon/dbus/gkd-secret-unlock.c
index 4198fb6..02f8cff 100644
--- a/daemon/dbus/gkd-secret-unlock.c
+++ b/daemon/dbus/gkd-secret-unlock.c
@@ -20,6 +20,7 @@
#include "config.h"
+#include "gkd-dbus.h"
#include "gkd-secret-dispatch.h"
#include "gkd-secret-error.h"
#include "gkd-secret-objects.h"
@@ -304,6 +305,9 @@ prompt_method_prompt (GkdExportedPrompt *skeleton,
gchar *window_id,
GkdSecretUnlock *self)
{
+ if (!gkd_dbus_invocation_matches_caller (invocation, self->caller))
+ return FALSE;
+
/* Act as if this object no longer exists */
if (self->completed)
return FALSE;
@@ -328,6 +332,9 @@ prompt_method_dismiss (GkdExportedPrompt *skeleton,
GDBusMethodInvocation *invocation,
GkdSecretUnlock *self)
{
+ if (!gkd_dbus_invocation_matches_caller (invocation, self->caller))
+ return FALSE;
+
/* Act as if this object no longer exists */
if (self->completed)
return FALSE;
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]