From 831ec01d11b379fc8487132818a91957f7c76929 Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Fri, 12 Jan 2018 19:55:41 +0000 Subject: [PATCH 6/6] containers: Include credentials of initiator in container instance info This provides the necessary information for services to make an informed decision about how far they should trust the container type, name and metadata fields. Signed-off-by: Simon McVittie --- bus/containers.c | 36 ++++++++++++++++++++++++++++++++++++ bus/driver.c | 4 ++-- test/containers.c | 43 +++++++++++++++++++++++++++++++++++-------- 3 files changed, 73 insertions(+), 10 deletions(-) diff --git a/bus/containers.c b/bus/containers.c index f9865706..6eb327ff 100644 --- a/bus/containers.c +++ b/bus/containers.c @@ -1130,6 +1130,7 @@ bus_containers_handle_get_connection_instance (DBusConnection *caller, DBusConnection *subject; DBusMessage *reply = NULL; DBusMessageIter writer; + DBusMessageIter arr_writer; const char *bus_name; _DBUS_ASSERT_ERROR_IS_CLEAR (error); @@ -1169,6 +1170,25 @@ bus_containers_handle_get_connection_instance (DBusConnection *caller, if (!dbus_message_append_args (reply, DBUS_TYPE_OBJECT_PATH, &instance->path, + DBUS_TYPE_INVALID)) + goto oom; + + dbus_message_iter_init_append (reply, &writer); + + if (!dbus_message_iter_open_container (&writer, DBUS_TYPE_ARRAY, "{sv}", + &arr_writer)) + goto oom; + + if (!bus_driver_fill_connection_credentials (instance->creator, &arr_writer)) + { + dbus_message_iter_abandon_container (&writer, &arr_writer); + goto oom; + } + + if (!dbus_message_iter_close_container (&writer, &arr_writer)) + goto oom; + + if (!dbus_message_append_args (reply, DBUS_TYPE_STRING, &instance->type, DBUS_TYPE_STRING, &instance->name, DBUS_TYPE_INVALID)) @@ -1206,6 +1226,7 @@ bus_containers_handle_get_instance_info (DBusConnection *connection, BusContainerInstance *instance = NULL; DBusMessage *reply = NULL; DBusMessageIter writer; + DBusMessageIter arr_writer; const char *path; if (!dbus_message_get_args (message, error, @@ -1234,6 +1255,21 @@ bus_containers_handle_get_instance_info (DBusConnection *connection, if (reply == NULL) goto oom; + dbus_message_iter_init_append (reply, &writer); + + if (!dbus_message_iter_open_container (&writer, DBUS_TYPE_ARRAY, "{sv}", + &arr_writer)) + goto oom; + + if (!bus_driver_fill_connection_credentials (instance->creator, &arr_writer)) + { + dbus_message_iter_abandon_container (&writer, &arr_writer); + goto oom; + } + + if (!dbus_message_iter_close_container (&writer, &arr_writer)) + goto oom; + if (!dbus_message_append_args (reply, DBUS_TYPE_STRING, &instance->type, DBUS_TYPE_STRING, &instance->name, diff --git a/bus/driver.c b/bus/driver.c index fab1a8ba..d0700029 100644 --- a/bus/driver.c +++ b/bus/driver.c @@ -2593,10 +2593,10 @@ static const MessageHandler containers_message_handlers[] = { METHOD_FLAG_NO_CONTAINERS }, { "StopListening", "o", "", bus_containers_handle_stop_listening, METHOD_FLAG_NO_CONTAINERS }, - { "GetConnectionInstance", "s", "ossa{sv}", + { "GetConnectionInstance", "s", "oa{sv}ssa{sv}", bus_containers_handle_get_connection_instance, METHOD_FLAG_NONE }, - { "GetInstanceInfo", "o", "ssa{sv}", bus_containers_handle_get_instance_info, + { "GetInstanceInfo", "o", "a{sv}ssa{sv}", bus_containers_handle_get_instance_info, METHOD_FLAG_NONE }, { NULL, NULL, NULL, NULL } }; diff --git a/test/containers.c b/test/containers.c index 92e93ae6..0af4ec4c 100644 --- a/test/containers.c +++ b/test/containers.c @@ -284,13 +284,16 @@ test_basic (Fixture *f, { #ifdef HAVE_CONTAINERS_TEST GVariant *asv; + GVariant *creator; GVariant *parameters; + GVariantDict dict; const gchar *confined_unique_name; const gchar *path_from_query; const gchar *manager_unique_name; const gchar *name; const gchar *name_owner; const gchar *type; + guint32 uid; GStatBuf stat_buf; GVariant *tuple; @@ -361,14 +364,20 @@ test_basic (Fixture *f, G_DBUS_CALL_FLAGS_NONE, -1, NULL, &f->error); g_assert_no_error (f->error); g_assert_nonnull (tuple); - g_assert_cmpstr (g_variant_get_type_string (tuple), ==, "(ossa{sv})"); - g_variant_get (tuple, "(&o&s&s@a{sv})", &path_from_query, &type, &name, &asv); + g_assert_cmpstr (g_variant_get_type_string (tuple), ==, "(oa{sv}ssa{sv})"); + g_variant_get (tuple, "(&o@a{sv}&s&s@a{sv})", + &path_from_query, &creator, &type, &name, &asv); g_assert_cmpstr (path_from_query, ==, f->instance_path); + g_variant_dict_init (&dict, creator); + g_assert_true (g_variant_dict_lookup (&dict, "UnixUserID", "u", &uid)); + g_assert_cmpuint (uid, ==, _dbus_getuid ()); + g_variant_dict_clear (&dict); g_assert_cmpstr (type, ==, "com.example.NotFlatpak"); g_assert_cmpstr (name, ==, "sample-app"); /* Trivial case: the metadata a{sv} is empty */ g_assert_cmpuint (g_variant_n_children (asv), ==, 0); g_clear_pointer (&asv, g_variant_unref); + g_clear_pointer (&creator, g_variant_unref); g_clear_pointer (&tuple, g_variant_unref); g_test_message ("Inspecting container instance info"); @@ -377,13 +386,18 @@ test_basic (Fixture *f, G_DBUS_CALL_FLAGS_NONE, -1, NULL, &f->error); g_assert_no_error (f->error); g_assert_nonnull (tuple); - g_assert_cmpstr (g_variant_get_type_string (tuple), ==, "(ssa{sv})"); - g_variant_get (tuple, "(&s&s@a{sv})", &type, &name, &asv); + g_assert_cmpstr (g_variant_get_type_string (tuple), ==, "(a{sv}ssa{sv})"); + g_variant_get (tuple, "(@a{sv}&s&s@a{sv})", &creator, &type, &name, &asv); + g_variant_dict_init (&dict, creator); + g_assert_true (g_variant_dict_lookup (&dict, "UnixUserID", "u", &uid)); + g_assert_cmpuint (uid, ==, _dbus_getuid ()); + g_variant_dict_clear (&dict); g_assert_cmpstr (type, ==, "com.example.NotFlatpak"); g_assert_cmpstr (name, ==, "sample-app"); /* Trivial case: the metadata a{sv} is empty */ g_assert_cmpuint (g_variant_n_children (asv), ==, 0); g_clear_pointer (&asv, g_variant_unref); + g_clear_pointer (&creator, g_variant_unref); g_clear_pointer (&tuple, g_variant_unref); /* Check that the socket is cleaned up when the dbus-daemon is terminated */ @@ -454,6 +468,7 @@ test_metadata (Fixture *f, { #ifdef HAVE_CONTAINERS_TEST GVariant *asv; + GVariant *creator; GVariant *tuple; GVariant *parameters; GVariantDict dict; @@ -461,6 +476,7 @@ test_metadata (Fixture *f, const gchar *path_from_query; const gchar *name; const gchar *type; + guint32 uid; guint u; gboolean b; const gchar *s; @@ -519,9 +535,14 @@ test_metadata (Fixture *f, G_DBUS_CALL_FLAGS_NONE, -1, NULL, &f->error); g_assert_no_error (f->error); g_assert_nonnull (tuple); - g_assert_cmpstr (g_variant_get_type_string (tuple), ==, "(ossa{sv})"); - g_variant_get (tuple, "(&o&s&s@a{sv})", &path_from_query, &type, &name, &asv); + g_assert_cmpstr (g_variant_get_type_string (tuple), ==, "(oa{sv}ssa{sv})"); + g_variant_get (tuple, "(&o@a{sv}&s&s@a{sv})", + &path_from_query, &creator, &type, &name, &asv); g_assert_cmpstr (path_from_query, ==, f->instance_path); + g_variant_dict_init (&dict, creator); + g_assert_true (g_variant_dict_lookup (&dict, "UnixUserID", "u", &uid)); + g_assert_cmpuint (uid, ==, _dbus_getuid ()); + g_variant_dict_clear (&dict); g_assert_cmpstr (type, ==, "org.example.Springwatch"); g_assert_cmpstr (name, ==, ""); g_variant_dict_init (&dict, asv); @@ -534,6 +555,7 @@ test_metadata (Fixture *f, g_variant_dict_clear (&dict); g_assert_cmpuint (g_variant_n_children (asv), ==, 3); g_clear_pointer (&asv, g_variant_unref); + g_clear_pointer (&creator, g_variant_unref); g_clear_pointer (&tuple, g_variant_unref); g_test_message ("Inspecting container instance info"); @@ -542,8 +564,12 @@ test_metadata (Fixture *f, G_DBUS_CALL_FLAGS_NONE, -1, NULL, &f->error); g_assert_no_error (f->error); g_assert_nonnull (tuple); - g_assert_cmpstr (g_variant_get_type_string (tuple), ==, "(ssa{sv})"); - g_variant_get (tuple, "(&s&s@a{sv})", &type, &name, &asv); + g_assert_cmpstr (g_variant_get_type_string (tuple), ==, "(a{sv}ssa{sv})"); + g_variant_get (tuple, "(@a{sv}&s&s@a{sv})", &creator, &type, &name, &asv); + g_variant_dict_init (&dict, creator); + g_assert_true (g_variant_dict_lookup (&dict, "UnixUserID", "u", &uid)); + g_assert_cmpuint (uid, ==, _dbus_getuid ()); + g_variant_dict_clear (&dict); g_assert_cmpstr (type, ==, "org.example.Springwatch"); g_assert_cmpstr (name, ==, ""); g_variant_dict_init (&dict, asv); @@ -556,6 +582,7 @@ test_metadata (Fixture *f, g_variant_dict_clear (&dict); g_assert_cmpuint (g_variant_n_children (asv), ==, 3); g_clear_pointer (&asv, g_variant_unref); + g_clear_pointer (&creator, g_variant_unref); g_clear_pointer (&tuple, g_variant_unref); #else /* !HAVE_CONTAINERS_TEST */ -- 2.15.1