[gnome-keyring] dbus: do not handle methods when they don't match initial caller

From: Stefan Walter <stefw src gnome org>
To: commits-list gnome org
Cc:
Subject: [gnome-keyring] dbus: do not handle methods when they don't match initial caller
Date: Sat, 29 Aug 2015 12:23:32 +0000 (UTC)
commit 5b597626b8ae137836b524bf814cf904c8c9c450
Author: Cosimo Cecchi <cosimoc gnome org>
Date:   Fri Aug 7 13:42:42 2015 +0200

    dbus: do not handle methods when they don't match initial caller
    
    Match the previous behavior in GkdSecretPrompt, GkdSecretSession and
    GkdSecretUnlock, where we do not reply to dbus methods that are being
    invoked for a caller different than the one initially requesting the
    object.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=622905

 daemon/dbus/gkd-dbus.c           |   17 +++++++++++++++++
 daemon/dbus/gkd-dbus.h           |    5 +++++
 daemon/dbus/gkd-secret-prompt.c  |    7 +++++++
 daemon/dbus/gkd-secret-session.c |    4 ++++
 daemon/dbus/gkd-secret-unlock.c  |    7 +++++++
 5 files changed, 40 insertions(+), 0 deletions(-)
---
diff --git a/daemon/dbus/gkd-dbus.c b/daemon/dbus/gkd-dbus.c
index 4f7c143..6644a79 100644
--- a/daemon/dbus/gkd-dbus.c
+++ b/daemon/dbus/gkd-dbus.c
@@ -282,3 +282,20 @@ gkd_dbus_setup (void)
        egg_cleanup_register (dbus_cleanup, NULL);
        return TRUE;
 }
+
+gboolean
+gkd_dbus_invocation_matches_caller (GDBusMethodInvocation *invocation,
+                                   const char            *caller)
+{
+       const char *invocation_caller;
+
+       invocation_caller = g_dbus_method_invocation_get_sender (invocation);
+       if (!g_str_equal (invocation_caller, caller)) {
+               g_dbus_method_invocation_return_error_literal (invocation, G_DBUS_ERROR,
+                                                              G_DBUS_ERROR_ACCESS_DENIED,
+                                                              "Invalid caller");
+               return FALSE;
+       }
+
+       return TRUE;
+}
diff --git a/daemon/dbus/gkd-dbus.h b/daemon/dbus/gkd-dbus.h
index 6506aa9..8a9ca45 100644
--- a/daemon/dbus/gkd-dbus.h
+++ b/daemon/dbus/gkd-dbus.h
@@ -23,6 +23,7 @@
 #ifndef GKD_DBUS_H
 #define GKD_DBUS_H
 
+#include <gio/gio.h>
 #include <glib.h>
 
 gboolean      gkd_dbus_setup                    (void);
@@ -33,4 +34,8 @@ gboolean      gkd_dbus_singleton_acquire        (gboolean *acquired);
 
 gchar*        gkd_dbus_singleton_control        (void);
 
+/* DBus utils */
+gboolean      gkd_dbus_invocation_matches_caller (GDBusMethodInvocation *invocation,
+                                                 const char            *caller);
+
 #endif /* GKD_DBUS_H */
diff --git a/daemon/dbus/gkd-secret-prompt.c b/daemon/dbus/gkd-secret-prompt.c
index 3aa4dcc..65ee413 100644
--- a/daemon/dbus/gkd-secret-prompt.c
+++ b/daemon/dbus/gkd-secret-prompt.c
@@ -20,6 +20,7 @@
 
 #include "config.h"
 
+#include "gkd-dbus.h"
 #include "gkd-secret-dispatch.h"
 #include "gkd-secret-error.h"
 #include "gkd-secret-exchange.h"
@@ -103,6 +104,9 @@ prompt_method_prompt (GkdExportedPrompt *skeleton,
                      gchar *window_id,
                      GkdSecretPrompt *self)
 {
+       if (!gkd_dbus_invocation_matches_caller (invocation, self->pv->caller))
+               return FALSE;
+
        /* Act as if this object no longer exists */
        if (self->pv->completed)
                return FALSE;
@@ -131,6 +135,9 @@ prompt_method_dismiss (GkdExportedPrompt *skeleton,
                       GDBusMethodInvocation *invocation,
                       GkdSecretPrompt *self)
 {
+       if (!gkd_dbus_invocation_matches_caller (invocation, self->pv->caller))
+               return FALSE;
+
        /* Act as if this object no longer exists */
        if (self->pv->completed)
                return FALSE;
diff --git a/daemon/dbus/gkd-secret-session.c b/daemon/dbus/gkd-secret-session.c
index 6ae382f..11950bf 100644
--- a/daemon/dbus/gkd-secret-session.c
+++ b/daemon/dbus/gkd-secret-session.c
@@ -20,6 +20,7 @@
 
 #include "config.h"
 
+#include "gkd-dbus.h"
 #include "gkd-secret-dispatch.h"
 #include "gkd-secret-error.h"
 #include "gkd-secret-secret.h"
@@ -290,6 +291,9 @@ session_method_close (GkdExportedSession *skeleton,
                      GDBusMethodInvocation *invocation,
                      GkdSecretSession *self)
 {
+       if (!gkd_dbus_invocation_matches_caller (invocation, self->caller))
+               return FALSE;
+
        gkd_secret_service_close_session (self->service, self);
        gkd_exported_session_complete_close (skeleton, invocation);
 
diff --git a/daemon/dbus/gkd-secret-unlock.c b/daemon/dbus/gkd-secret-unlock.c
index 4198fb6..02f8cff 100644
--- a/daemon/dbus/gkd-secret-unlock.c
+++ b/daemon/dbus/gkd-secret-unlock.c
@@ -20,6 +20,7 @@
 
 #include "config.h"
 
+#include "gkd-dbus.h"
 #include "gkd-secret-dispatch.h"
 #include "gkd-secret-error.h"
 #include "gkd-secret-objects.h"
@@ -304,6 +305,9 @@ prompt_method_prompt (GkdExportedPrompt *skeleton,
                      gchar *window_id,
                      GkdSecretUnlock *self)
 {
+       if (!gkd_dbus_invocation_matches_caller (invocation, self->caller))
+               return FALSE;
+
        /* Act as if this object no longer exists */
        if (self->completed)
                return FALSE;
@@ -328,6 +332,9 @@ prompt_method_dismiss (GkdExportedPrompt *skeleton,
                       GDBusMethodInvocation *invocation,
                       GkdSecretUnlock *self)
 {
+       if (!gkd_dbus_invocation_matches_caller (invocation, self->caller))
+               return FALSE;
+
        /* Act as if this object no longer exists */
        if (self->completed)
                return FALSE;
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]