1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/ossrv/ofdbus/dbus/bus/bus.c Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,1400 @@
1.4 +/* -*- mode: C; c-file-style: "gnu" -*- */
1.5 +/* bus.c message bus context object
1.6 + *
1.7 + * Copyright (C) 2003, 2004 Red Hat, Inc.
1.8 + * Portion Copyright © 2008 Nokia Corporation and/or its subsidiary(-ies). All rights reserved.
1.9 + * Licensed under the Academic Free License version 2.1
1.10 + *
1.11 + * This program is free software; you can redistribute it and/or modify
1.12 + * it under the terms of the GNU General Public License as published by
1.13 + * the Free Software Foundation; either version 2 of the License, or
1.14 + * (at your option) any later version.
1.15 + *
1.16 + * This program is distributed in the hope that it will be useful,
1.17 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
1.18 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
1.19 + * GNU General Public License for more details.
1.20 + *
1.21 + * You should have received a copy of the GNU General Public License
1.22 + * along with this program; if not, write to the Free Software
1.23 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
1.24 + *
1.25 + */
1.26 +
1.27 +#include "bus.h"
1.28 +#include "activation.h"
1.29 +#include "connection.h"
1.30 +#include "services.h"
1.31 +#include "utils.h"
1.32 +#include "policy.h"
1.33 +#include "config-parser.h"
1.34 +#include "signals.h"
1.35 +#include "selinux.h"
1.36 +#include "dir-watch.h"
1.37 +#ifndef __SYMBIAN32__
1.38 +#include <dbus/dbus-list.h>
1.39 +#include <dbus/dbus-hash.h>
1.40 +#include <dbus/dbus-internals.h>
1.41 +#else
1.42 +#include "dbus-list.h"
1.43 +#include "dbus-hash.h"
1.44 +#include "dbus-internals.h"
1.45 +#endif
1.46 +
1.47 +struct BusContext
1.48 +{
1.49 + int refcount;
1.50 + char *config_file;
1.51 + char *type;
1.52 + char *address;
1.53 + char *pidfile;
1.54 + char *user;
1.55 + DBusLoop *loop;
1.56 + DBusList *servers;
1.57 + BusConnections *connections;
1.58 + BusActivation *activation;
1.59 + BusRegistry *registry;
1.60 + BusPolicy *policy;
1.61 + BusMatchmaker *matchmaker;
1.62 + DBusUserDatabase *user_database;
1.63 + BusLimits limits;
1.64 + unsigned int fork : 1;
1.65 +};
1.66 +
1.67 +static dbus_int32_t server_data_slot = -1;
1.68 +
1.69 +typedef struct
1.70 +{
1.71 + BusContext *context;
1.72 +} BusServerData;
1.73 +
1.74 +#define BUS_SERVER_DATA(server) (dbus_server_get_data ((server), server_data_slot))
1.75 +
1.76 +static BusContext*
1.77 +server_get_context (DBusServer *server)
1.78 +{
1.79 + BusContext *context;
1.80 + BusServerData *bd;
1.81 +
1.82 + if (!dbus_server_allocate_data_slot (&server_data_slot))
1.83 + return NULL;
1.84 +
1.85 + bd = BUS_SERVER_DATA (server);
1.86 + if (bd == NULL)
1.87 + {
1.88 + dbus_server_free_data_slot (&server_data_slot);
1.89 + return NULL;
1.90 + }
1.91 +
1.92 + context = bd->context;
1.93 +
1.94 + dbus_server_free_data_slot (&server_data_slot);
1.95 +
1.96 + return context;
1.97 +}
1.98 +
1.99 +static dbus_bool_t
1.100 +server_watch_callback (DBusWatch *watch,
1.101 + unsigned int condition,
1.102 + void *data)
1.103 +{
1.104 + /* FIXME this can be done in dbus-mainloop.c
1.105 + * if the code in activation.c for the babysitter
1.106 + * watch handler is fixed.
1.107 + */
1.108 +
1.109 + return dbus_watch_handle (watch, condition);
1.110 +}
1.111 +
1.112 +static dbus_bool_t
1.113 +add_server_watch (DBusWatch *watch,
1.114 + void *data)
1.115 +{
1.116 + DBusServer *server = data;
1.117 + BusContext *context;
1.118 +
1.119 + context = server_get_context (server);
1.120 +
1.121 + return _dbus_loop_add_watch (context->loop,
1.122 + watch, server_watch_callback, server,
1.123 + NULL);
1.124 +}
1.125 +
1.126 +static void
1.127 +remove_server_watch (DBusWatch *watch,
1.128 + void *data)
1.129 +{
1.130 + DBusServer *server = data;
1.131 + BusContext *context;
1.132 +
1.133 + context = server_get_context (server);
1.134 +
1.135 + _dbus_loop_remove_watch (context->loop,
1.136 + watch, server_watch_callback, server);
1.137 +}
1.138 +
1.139 +
1.140 +static void
1.141 +server_timeout_callback (DBusTimeout *timeout,
1.142 + void *data)
1.143 +{
1.144 + /* can return FALSE on OOM but we just let it fire again later */
1.145 + dbus_timeout_handle (timeout);
1.146 +}
1.147 +
1.148 +static dbus_bool_t
1.149 +add_server_timeout (DBusTimeout *timeout,
1.150 + void *data)
1.151 +{
1.152 + DBusServer *server = data;
1.153 + BusContext *context;
1.154 +
1.155 + context = server_get_context (server);
1.156 +
1.157 + return _dbus_loop_add_timeout (context->loop,
1.158 + timeout, server_timeout_callback, server, NULL);
1.159 +}
1.160 +
1.161 +static void
1.162 +remove_server_timeout (DBusTimeout *timeout,
1.163 + void *data)
1.164 +{
1.165 + DBusServer *server = data;
1.166 + BusContext *context;
1.167 +
1.168 + context = server_get_context (server);
1.169 +
1.170 + _dbus_loop_remove_timeout (context->loop,
1.171 + timeout, server_timeout_callback, server);
1.172 +}
1.173 +
1.174 +static void
1.175 +new_connection_callback (DBusServer *server,
1.176 + DBusConnection *new_connection,
1.177 + void *data)
1.178 +{
1.179 + BusContext *context = data;
1.180 +
1.181 + if (!bus_connections_setup_connection (context->connections, new_connection))
1.182 + {
1.183 + _dbus_verbose ("No memory to setup new connection\n");
1.184 +
1.185 + /* if we don't do this, it will get unref'd without
1.186 + * being disconnected... kind of strange really
1.187 + * that we have to do this, people won't get it right
1.188 + * in general.
1.189 + */
1.190 + dbus_connection_close (new_connection);
1.191 + }
1.192 +
1.193 + dbus_connection_set_max_received_size (new_connection,
1.194 + context->limits.max_incoming_bytes);
1.195 +
1.196 + dbus_connection_set_max_message_size (new_connection,
1.197 + context->limits.max_message_size);
1.198 +
1.199 + /* on OOM, we won't have ref'd the connection so it will die. */
1.200 +}
1.201 +
1.202 +static void
1.203 +free_server_data (void *data)
1.204 +{
1.205 + BusServerData *bd = data;
1.206 +
1.207 + dbus_free (bd);
1.208 +}
1.209 +
1.210 +static dbus_bool_t
1.211 +setup_server (BusContext *context,
1.212 + DBusServer *server,
1.213 + char **auth_mechanisms,
1.214 + DBusError *error)
1.215 +{
1.216 + BusServerData *bd;
1.217 +
1.218 + bd = dbus_new0 (BusServerData, 1);
1.219 + if (!dbus_server_set_data (server,
1.220 + server_data_slot,
1.221 + bd, free_server_data))
1.222 + {
1.223 + dbus_free (bd);
1.224 + BUS_SET_OOM (error);
1.225 + return FALSE;
1.226 + }
1.227 +
1.228 + bd->context = context;
1.229 +
1.230 + if (!dbus_server_set_auth_mechanisms (server, (const char**) auth_mechanisms))
1.231 + {
1.232 + BUS_SET_OOM (error);
1.233 + return FALSE;
1.234 + }
1.235 +
1.236 + dbus_server_set_new_connection_function (server,
1.237 + new_connection_callback,
1.238 + context, NULL);
1.239 +
1.240 + if (!dbus_server_set_watch_functions (server,
1.241 + add_server_watch,
1.242 + remove_server_watch,
1.243 + NULL,
1.244 + server,
1.245 + NULL))
1.246 + {
1.247 + BUS_SET_OOM (error);
1.248 + return FALSE;
1.249 + }
1.250 +
1.251 + if (!dbus_server_set_timeout_functions (server,
1.252 + add_server_timeout,
1.253 + remove_server_timeout,
1.254 + NULL,
1.255 + server, NULL))
1.256 + {
1.257 + BUS_SET_OOM (error);
1.258 + return FALSE;
1.259 + }
1.260 +
1.261 + return TRUE;
1.262 +}
1.263 +
1.264 +/* This code only gets executed the first time the
1.265 + config files are parsed. It is not executed
1.266 + when config files are reloaded.*/
1.267 +static dbus_bool_t
1.268 +process_config_first_time_only (BusContext *context,
1.269 + BusConfigParser *parser,
1.270 + DBusError *error)
1.271 +{
1.272 + DBusList *link;
1.273 + DBusList **addresses;
1.274 + const char *user, *pidfile;
1.275 + char **auth_mechanisms;
1.276 + DBusList **auth_mechanisms_list;
1.277 + int len;
1.278 + dbus_bool_t retval;
1.279 +
1.280 + _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1.281 +
1.282 + retval = FALSE;
1.283 + auth_mechanisms = NULL;
1.284 +
1.285 + /* Check for an existing pid file. Of course this is a race;
1.286 + * we'd have to use fcntl() locks on the pid file to
1.287 + * avoid that. But we want to check for the pid file
1.288 + * before overwriting any existing sockets, etc.
1.289 + */
1.290 + pidfile = bus_config_parser_get_pidfile (parser);
1.291 + if (pidfile != NULL)
1.292 + {
1.293 + DBusString u;
1.294 + DBusStat stbuf;
1.295 +
1.296 + _dbus_string_init_const (&u, pidfile);
1.297 +
1.298 + if (_dbus_stat (&u, &stbuf, NULL))
1.299 + {
1.300 + dbus_set_error (error, DBUS_ERROR_FAILED,
1.301 + "The pid file \"%s\" exists, if the message bus is not running, remove this file",
1.302 + pidfile);
1.303 + goto failed;
1.304 + }
1.305 + }
1.306 +
1.307 + /* keep around the pid filename so we can delete it later */
1.308 + context->pidfile = _dbus_strdup (pidfile);
1.309 +
1.310 + /* Build an array of auth mechanisms */
1.311 +
1.312 + auth_mechanisms_list = bus_config_parser_get_mechanisms (parser);
1.313 + len = _dbus_list_get_length (auth_mechanisms_list);
1.314 +
1.315 + if (len > 0)
1.316 + {
1.317 + int i;
1.318 +
1.319 + auth_mechanisms = dbus_new0 (char*, len + 1);
1.320 + if (auth_mechanisms == NULL)
1.321 + {
1.322 + BUS_SET_OOM (error);
1.323 + goto failed;
1.324 + }
1.325 +
1.326 + i = 0;
1.327 + link = _dbus_list_get_first_link (auth_mechanisms_list);
1.328 + while (link != NULL)
1.329 + {
1.330 + auth_mechanisms[i] = _dbus_strdup (link->data);
1.331 + if (auth_mechanisms[i] == NULL)
1.332 + {
1.333 + BUS_SET_OOM (error);
1.334 + goto failed;
1.335 + }
1.336 + link = _dbus_list_get_next_link (auth_mechanisms_list, link);
1.337 + }
1.338 + }
1.339 + else
1.340 + {
1.341 + auth_mechanisms = NULL;
1.342 + }
1.343 +
1.344 + /* Listen on our addresses */
1.345 +
1.346 + addresses = bus_config_parser_get_addresses (parser);
1.347 +
1.348 + link = _dbus_list_get_first_link (addresses);
1.349 + while (link != NULL)
1.350 + {
1.351 + DBusServer *server;
1.352 +
1.353 + server = dbus_server_listen (link->data, error);
1.354 + if (server == NULL)
1.355 + {
1.356 + _DBUS_ASSERT_ERROR_IS_SET (error);
1.357 + goto failed;
1.358 + }
1.359 + else if (!setup_server (context, server, auth_mechanisms, error))
1.360 + {
1.361 + _DBUS_ASSERT_ERROR_IS_SET (error);
1.362 + goto failed;
1.363 + }
1.364 +
1.365 + if (!_dbus_list_append (&context->servers, server))
1.366 + {
1.367 + BUS_SET_OOM (error);
1.368 + goto failed;
1.369 + }
1.370 +
1.371 + link = _dbus_list_get_next_link (addresses, link);
1.372 + }
1.373 +
1.374 + /* note that type may be NULL */
1.375 + context->type = _dbus_strdup (bus_config_parser_get_type (parser));
1.376 + if (bus_config_parser_get_type (parser) != NULL && context->type == NULL)
1.377 + {
1.378 + BUS_SET_OOM (error);
1.379 + goto failed;
1.380 + }
1.381 +
1.382 + user = bus_config_parser_get_user (parser);
1.383 + if (user != NULL)
1.384 + {
1.385 + context->user = _dbus_strdup (user);
1.386 + if (context->user == NULL)
1.387 + {
1.388 + BUS_SET_OOM (error);
1.389 + goto failed;
1.390 + }
1.391 + }
1.392 +
1.393 + context->fork = bus_config_parser_get_fork (parser);
1.394 +
1.395 + _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1.396 + retval = TRUE;
1.397 +
1.398 + failed:
1.399 + dbus_free_string_array (auth_mechanisms);
1.400 + return retval;
1.401 +}
1.402 +
1.403 +/* This code gets executed every time the config files
1.404 + are parsed: both during BusContext construction
1.405 + and on reloads. */
1.406 +static dbus_bool_t
1.407 +process_config_every_time (BusContext *context,
1.408 + BusConfigParser *parser,
1.409 + dbus_bool_t is_reload,
1.410 + DBusError *error)
1.411 +{
1.412 + DBusString full_address;
1.413 + DBusList *link;
1.414 + char *addr;
1.415 +
1.416 + dbus_bool_t retval;
1.417 +
1.418 + _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1.419 +
1.420 + addr = NULL;
1.421 + retval = FALSE;
1.422 +
1.423 + if (!_dbus_string_init (&full_address))
1.424 + {
1.425 + BUS_SET_OOM (error);
1.426 + return FALSE;
1.427 + }
1.428 +
1.429 + /* get our limits and timeout lengths */
1.430 + bus_config_parser_get_limits (parser, &context->limits);
1.431 +
1.432 + context->policy = bus_config_parser_steal_policy (parser);
1.433 + _dbus_assert (context->policy != NULL);
1.434 +
1.435 + /* We have to build the address backward, so that
1.436 + * <listen> later in the config file have priority
1.437 + */
1.438 + link = _dbus_list_get_last_link (&context->servers);
1.439 + while (link != NULL)
1.440 + {
1.441 + addr = dbus_server_get_address (link->data);
1.442 + if (addr == NULL)
1.443 + {
1.444 + BUS_SET_OOM (error);
1.445 + goto failed;
1.446 + }
1.447 +
1.448 + if (_dbus_string_get_length (&full_address) > 0)
1.449 + {
1.450 + if (!_dbus_string_append (&full_address, ";"))
1.451 + {
1.452 + BUS_SET_OOM (error);
1.453 + goto failed;
1.454 + }
1.455 + }
1.456 +
1.457 + if (!_dbus_string_append (&full_address, addr))
1.458 + {
1.459 + BUS_SET_OOM (error);
1.460 + goto failed;
1.461 + }
1.462 +
1.463 + dbus_free (addr);
1.464 + addr = NULL;
1.465 +
1.466 + link = _dbus_list_get_prev_link (&context->servers, link);
1.467 + }
1.468 +
1.469 + if (is_reload)
1.470 + dbus_free (context->address);
1.471 +
1.472 + if (!_dbus_string_copy_data (&full_address, &context->address))
1.473 + {
1.474 + BUS_SET_OOM (error);
1.475 + goto failed;
1.476 + }
1.477 +
1.478 + /* Create activation subsystem */
1.479 +
1.480 + if (is_reload)
1.481 + bus_activation_unref (context->activation);
1.482 +
1.483 + context->activation = bus_activation_new (context, &full_address,
1.484 + bus_config_parser_get_service_dirs (parser),
1.485 + error);
1.486 + if (context->activation == NULL)
1.487 + {
1.488 + _DBUS_ASSERT_ERROR_IS_SET (error);
1.489 + goto failed;
1.490 + }
1.491 +
1.492 + /* Drop existing conf-dir watches (if applicable) */
1.493 +
1.494 + if (is_reload)
1.495 + bus_drop_all_directory_watches ();
1.496 +
1.497 + _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1.498 + retval = TRUE;
1.499 +
1.500 + failed:
1.501 + _dbus_string_free (&full_address);
1.502 +
1.503 + if (addr)
1.504 + dbus_free (addr);
1.505 +
1.506 + return retval;
1.507 +}
1.508 +
1.509 +static dbus_bool_t
1.510 +process_config_postinit (BusContext *context,
1.511 + BusConfigParser *parser,
1.512 + DBusError *error)
1.513 +{
1.514 + DBusHashTable *service_context_table;
1.515 +
1.516 + service_context_table = bus_config_parser_steal_service_context_table (parser);
1.517 + if (!bus_registry_set_service_context_table (context->registry,
1.518 + service_context_table))
1.519 + {
1.520 + BUS_SET_OOM (error);
1.521 + return FALSE;
1.522 + }
1.523 +
1.524 + _dbus_hash_table_unref (service_context_table);
1.525 +
1.526 + /* Watch all conf directories */
1.527 + _dbus_list_foreach (bus_config_parser_get_conf_dirs (parser),
1.528 + (DBusForeachFunction) bus_watch_directory,
1.529 + context);
1.530 +
1.531 + return TRUE;
1.532 +}
1.533 +
1.534 +BusContext*
1.535 +bus_context_new (const DBusString *config_file,
1.536 + ForceForkSetting force_fork,
1.537 + int print_addr_fd,
1.538 + int print_pid_fd,
1.539 + DBusError *error)
1.540 +{
1.541 + BusContext *context;
1.542 + BusConfigParser *parser;
1.543 + DBusCredentials creds;
1.544 +
1.545 + _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1.546 +
1.547 + context = NULL;
1.548 + parser = NULL;
1.549 +
1.550 + if (!dbus_server_allocate_data_slot (&server_data_slot))
1.551 + {
1.552 + BUS_SET_OOM (error);
1.553 + return NULL;
1.554 + }
1.555 +
1.556 + context = dbus_new0 (BusContext, 1);
1.557 + if (context == NULL)
1.558 + {
1.559 + BUS_SET_OOM (error);
1.560 + goto failed;
1.561 + }
1.562 + context->refcount = 1;
1.563 +
1.564 + if (!_dbus_string_copy_data (config_file, &context->config_file))
1.565 + {
1.566 + BUS_SET_OOM (error);
1.567 + goto failed;
1.568 + }
1.569 +
1.570 + context->loop = _dbus_loop_new ();
1.571 + if (context->loop == NULL)
1.572 + {
1.573 + BUS_SET_OOM (error);
1.574 + goto failed;
1.575 + }
1.576 +
1.577 + context->registry = bus_registry_new (context);
1.578 + if (context->registry == NULL)
1.579 + {
1.580 + BUS_SET_OOM (error);
1.581 + goto failed;
1.582 + }
1.583 +
1.584 + parser = bus_config_load (config_file, TRUE, NULL, error);
1.585 + if (parser == NULL)
1.586 + {
1.587 + _DBUS_ASSERT_ERROR_IS_SET (error);
1.588 + goto failed;
1.589 + }
1.590 +
1.591 + if (!process_config_first_time_only (context, parser, error))
1.592 + {
1.593 + _DBUS_ASSERT_ERROR_IS_SET (error);
1.594 + goto failed;
1.595 + }
1.596 + if (!process_config_every_time (context, parser, FALSE, error))
1.597 + {
1.598 + _DBUS_ASSERT_ERROR_IS_SET (error);
1.599 + goto failed;
1.600 + }
1.601 +
1.602 + /* we need another ref of the server data slot for the context
1.603 + * to own
1.604 + */
1.605 + if (!dbus_server_allocate_data_slot (&server_data_slot))
1.606 + _dbus_assert_not_reached ("second ref of server data slot failed");
1.607 +
1.608 + context->user_database = _dbus_user_database_new ();
1.609 + if (context->user_database == NULL)
1.610 + {
1.611 + BUS_SET_OOM (error);
1.612 + goto failed;
1.613 + }
1.614 +
1.615 + /* Note that we don't know whether the print_addr_fd is
1.616 + * one of the sockets we're using to listen on, or some
1.617 + * other random thing. But I think the answer is "don't do
1.618 + * that then"
1.619 + */
1.620 + if (print_addr_fd >= 0)
1.621 + {
1.622 + DBusString addr;
1.623 + const char *a = bus_context_get_address (context);
1.624 + int bytes;
1.625 +
1.626 + _dbus_assert (a != NULL);
1.627 + if (!_dbus_string_init (&addr))
1.628 + {
1.629 + BUS_SET_OOM (error);
1.630 + goto failed;
1.631 + }
1.632 +
1.633 +
1.634 +
1.635 + #ifndef __SYMBIAN32__
1.636 + if (!_dbus_string_append (&addr, a) ||
1.637 + !_dbus_string_append (&addr, "\n"))
1.638 + #else
1.639 + if (!_dbus_string_append (&addr, a) )
1.640 +
1.641 + #endif
1.642 + {
1.643 + _dbus_string_free (&addr);
1.644 + BUS_SET_OOM (error);
1.645 + goto failed;
1.646 + }
1.647 +
1.648 +
1.649 + bytes = _dbus_string_get_length (&addr);
1.650 + if (_dbus_write_socket (print_addr_fd, &addr, 0, bytes) != bytes)
1.651 + {
1.652 + dbus_set_error (error, DBUS_ERROR_FAILED,
1.653 + "Printing message bus address: %s\n",
1.654 + _dbus_strerror (errno));
1.655 + _dbus_string_free (&addr);
1.656 + goto failed;
1.657 + }
1.658 +
1.659 + if (print_addr_fd > 2)
1.660 + _dbus_close_socket (print_addr_fd, NULL);
1.661 +
1.662 + _dbus_string_free (&addr);
1.663 + }
1.664 +
1.665 + context->connections = bus_connections_new (context);
1.666 + if (context->connections == NULL)
1.667 + {
1.668 + BUS_SET_OOM (error);
1.669 + goto failed;
1.670 + }
1.671 +
1.672 + context->matchmaker = bus_matchmaker_new ();
1.673 + if (context->matchmaker == NULL)
1.674 + {
1.675 + BUS_SET_OOM (error);
1.676 + goto failed;
1.677 + }
1.678 +
1.679 + /* check user before we fork */
1.680 + if (context->user != NULL)
1.681 + {
1.682 + DBusString u;
1.683 +
1.684 + _dbus_string_init_const (&u, context->user);
1.685 +
1.686 + if (!_dbus_credentials_from_username (&u, &creds) ||
1.687 + creds.uid < 0 ||
1.688 + creds.gid < 0)
1.689 + {
1.690 + dbus_set_error (error, DBUS_ERROR_FAILED,
1.691 + "Could not get UID and GID for username \"%s\"",
1.692 + context->user);
1.693 + goto failed;
1.694 + }
1.695 + }
1.696 +
1.697 + /* Now become a daemon if appropriate */
1.698 + if ((force_fork != FORK_NEVER && context->fork) || force_fork == FORK_ALWAYS)
1.699 + {
1.700 + DBusString u;
1.701 +
1.702 + if (context->pidfile)
1.703 + _dbus_string_init_const (&u, context->pidfile);
1.704 +
1.705 + if (!_dbus_become_daemon (context->pidfile ? &u : NULL,
1.706 + print_pid_fd,
1.707 + error))
1.708 + {
1.709 + _DBUS_ASSERT_ERROR_IS_SET (error);
1.710 + goto failed;
1.711 + }
1.712 + }
1.713 + else
1.714 + {
1.715 + /* Need to write PID file for ourselves, not for the child process */
1.716 + if (context->pidfile != NULL)
1.717 + {
1.718 + DBusString u;
1.719 +
1.720 + _dbus_string_init_const (&u, context->pidfile);
1.721 +
1.722 + if (!_dbus_write_pid_file (&u, _dbus_getpid (), error))
1.723 + {
1.724 + _DBUS_ASSERT_ERROR_IS_SET (error);
1.725 + goto failed;
1.726 + }
1.727 + }
1.728 + }
1.729 +
1.730 + /* Write PID if requested */
1.731 + if (print_pid_fd >= 0)
1.732 + {
1.733 + DBusString pid;
1.734 + int bytes;
1.735 +
1.736 + if (!_dbus_string_init (&pid))
1.737 + {
1.738 + BUS_SET_OOM (error);
1.739 + goto failed;
1.740 + }
1.741 +
1.742 + if (!_dbus_string_append_int (&pid, _dbus_getpid ()) ||
1.743 + !_dbus_string_append (&pid, "\n"))
1.744 + {
1.745 + _dbus_string_free (&pid);
1.746 + BUS_SET_OOM (error);
1.747 + goto failed;
1.748 + }
1.749 +
1.750 + bytes = _dbus_string_get_length (&pid);
1.751 + if (_dbus_write_socket (print_pid_fd, &pid, 0, bytes) != bytes)
1.752 + {
1.753 + dbus_set_error (error, DBUS_ERROR_FAILED,
1.754 + "Printing message bus PID: %s\n",
1.755 + _dbus_strerror (errno));
1.756 + _dbus_string_free (&pid);
1.757 + goto failed;
1.758 + }
1.759 +
1.760 + if (print_pid_fd > 2)
1.761 + _dbus_close_socket (print_pid_fd, NULL);
1.762 +
1.763 + _dbus_string_free (&pid);
1.764 + }
1.765 +
1.766 + if (!bus_selinux_full_init ())
1.767 + {
1.768 + _dbus_warn ("SELinux initialization failed\n");
1.769 + }
1.770 +
1.771 + if (!process_config_postinit (context, parser, error))
1.772 + {
1.773 + _DBUS_ASSERT_ERROR_IS_SET (error);
1.774 + goto failed;
1.775 + }
1.776 +
1.777 + if (parser != NULL)
1.778 + {
1.779 + bus_config_parser_unref (parser);
1.780 + parser = NULL;
1.781 + }
1.782 +
1.783 + /* Here we change our credentials if required,
1.784 + * as soon as we've set up our sockets and pidfile
1.785 + */
1.786 + if (context->user != NULL)
1.787 + {
1.788 + if (!_dbus_change_identity (creds.uid, creds.gid, error))
1.789 + {
1.790 + _DBUS_ASSERT_ERROR_IS_SET (error);
1.791 + goto failed;
1.792 + }
1.793 + }
1.794 +
1.795 + dbus_server_free_data_slot (&server_data_slot);
1.796 +
1.797 + return context;
1.798 +
1.799 + failed:
1.800 + if (parser != NULL)
1.801 + bus_config_parser_unref (parser);
1.802 + if (context != NULL)
1.803 + bus_context_unref (context);
1.804 +
1.805 + if (server_data_slot >= 0)
1.806 + dbus_server_free_data_slot (&server_data_slot);
1.807 +
1.808 + return NULL;
1.809 +}
1.810 +
1.811 +dbus_bool_t
1.812 +bus_context_reload_config (BusContext *context,
1.813 + DBusError *error)
1.814 +{
1.815 + BusConfigParser *parser;
1.816 + DBusString config_file;
1.817 + dbus_bool_t ret;
1.818 +
1.819 + /* Flush the user database cache */
1.820 + _dbus_user_database_flush(context->user_database);
1.821 +
1.822 + ret = FALSE;
1.823 + _dbus_string_init_const (&config_file, context->config_file);
1.824 + parser = bus_config_load (&config_file, TRUE, NULL, error);
1.825 + if (parser == NULL)
1.826 + {
1.827 + _DBUS_ASSERT_ERROR_IS_SET (error);
1.828 + goto failed;
1.829 + }
1.830 +
1.831 + if (!process_config_every_time (context, parser, TRUE, error))
1.832 + {
1.833 + _DBUS_ASSERT_ERROR_IS_SET (error);
1.834 + goto failed;
1.835 + }
1.836 + if (!process_config_postinit (context, parser, error))
1.837 + {
1.838 + _DBUS_ASSERT_ERROR_IS_SET (error);
1.839 + goto failed;
1.840 + }
1.841 + ret = TRUE;
1.842 +
1.843 + failed:
1.844 + if (parser != NULL)
1.845 + bus_config_parser_unref (parser);
1.846 + return ret;
1.847 +}
1.848 +
1.849 +static void
1.850 +shutdown_server (BusContext *context,
1.851 + DBusServer *server)
1.852 +{
1.853 + if (server == NULL ||
1.854 + !dbus_server_get_is_connected (server))
1.855 + return;
1.856 +
1.857 + if (!dbus_server_set_watch_functions (server,
1.858 + NULL, NULL, NULL,
1.859 + context,
1.860 + NULL))
1.861 + _dbus_assert_not_reached ("setting watch functions to NULL failed");
1.862 +
1.863 + if (!dbus_server_set_timeout_functions (server,
1.864 + NULL, NULL, NULL,
1.865 + context,
1.866 + NULL))
1.867 + _dbus_assert_not_reached ("setting timeout functions to NULL failed");
1.868 +
1.869 + dbus_server_disconnect (server);
1.870 +}
1.871 +
1.872 +void
1.873 +bus_context_shutdown (BusContext *context)
1.874 +{
1.875 + DBusList *link;
1.876 +
1.877 + link = _dbus_list_get_first_link (&context->servers);
1.878 + while (link != NULL)
1.879 + {
1.880 + shutdown_server (context, link->data);
1.881 +
1.882 + link = _dbus_list_get_next_link (&context->servers, link);
1.883 + }
1.884 +}
1.885 +
1.886 +BusContext *
1.887 +bus_context_ref (BusContext *context)
1.888 +{
1.889 + _dbus_assert (context->refcount > 0);
1.890 + context->refcount += 1;
1.891 +
1.892 + return context;
1.893 +}
1.894 +
1.895 +void
1.896 +bus_context_unref (BusContext *context)
1.897 +{
1.898 + _dbus_assert (context->refcount > 0);
1.899 + context->refcount -= 1;
1.900 +
1.901 + if (context->refcount == 0)
1.902 + {
1.903 + DBusList *link;
1.904 +
1.905 + _dbus_verbose ("Finalizing bus context %p\n", context);
1.906 +
1.907 + bus_context_shutdown (context);
1.908 +
1.909 + if (context->connections)
1.910 + {
1.911 + bus_connections_unref (context->connections);
1.912 + context->connections = NULL;
1.913 + }
1.914 +
1.915 + if (context->registry)
1.916 + {
1.917 + bus_registry_unref (context->registry);
1.918 + context->registry = NULL;
1.919 + }
1.920 +
1.921 + if (context->activation)
1.922 + {
1.923 + bus_activation_unref (context->activation);
1.924 + context->activation = NULL;
1.925 + }
1.926 +
1.927 + link = _dbus_list_get_first_link (&context->servers);
1.928 + while (link != NULL)
1.929 + {
1.930 + dbus_server_unref (link->data);
1.931 +
1.932 + link = _dbus_list_get_next_link (&context->servers, link);
1.933 + }
1.934 + _dbus_list_clear (&context->servers);
1.935 +
1.936 + if (context->policy)
1.937 + {
1.938 + bus_policy_unref (context->policy);
1.939 + context->policy = NULL;
1.940 + }
1.941 +
1.942 + if (context->loop)
1.943 + {
1.944 + _dbus_loop_unref (context->loop);
1.945 + context->loop = NULL;
1.946 + }
1.947 +
1.948 + if (context->matchmaker)
1.949 + {
1.950 + bus_matchmaker_unref (context->matchmaker);
1.951 + context->matchmaker = NULL;
1.952 + }
1.953 +
1.954 + dbus_free (context->config_file);
1.955 + dbus_free (context->type);
1.956 + dbus_free (context->address);
1.957 + dbus_free (context->user);
1.958 +
1.959 + if (context->pidfile)
1.960 + {
1.961 + DBusString u;
1.962 + _dbus_string_init_const (&u, context->pidfile);
1.963 +
1.964 + /* Deliberately ignore errors here, since there's not much
1.965 + * we can do about it, and we're exiting anyways.
1.966 + */
1.967 + _dbus_delete_file (&u, NULL);
1.968 +
1.969 + dbus_free (context->pidfile);
1.970 + }
1.971 +
1.972 + if (context->user_database != NULL)
1.973 + _dbus_user_database_unref (context->user_database);
1.974 +
1.975 + dbus_free (context);
1.976 +
1.977 + dbus_server_free_data_slot (&server_data_slot);
1.978 + }
1.979 +}
1.980 +
1.981 +/* type may be NULL */
1.982 +const char*
1.983 +bus_context_get_type (BusContext *context)
1.984 +{
1.985 + return context->type;
1.986 +}
1.987 +
1.988 +const char*
1.989 +bus_context_get_address (BusContext *context)
1.990 +{
1.991 + return context->address;
1.992 +}
1.993 +
1.994 +BusRegistry*
1.995 +bus_context_get_registry (BusContext *context)
1.996 +{
1.997 + return context->registry;
1.998 +}
1.999 +
1.1000 +BusConnections*
1.1001 +bus_context_get_connections (BusContext *context)
1.1002 +{
1.1003 + return context->connections;
1.1004 +}
1.1005 +
1.1006 +BusActivation*
1.1007 +bus_context_get_activation (BusContext *context)
1.1008 +{
1.1009 + return context->activation;
1.1010 +}
1.1011 +
1.1012 +BusMatchmaker*
1.1013 +bus_context_get_matchmaker (BusContext *context)
1.1014 +{
1.1015 + return context->matchmaker;
1.1016 +}
1.1017 +
1.1018 +DBusLoop*
1.1019 +bus_context_get_loop (BusContext *context)
1.1020 +{
1.1021 + return context->loop;
1.1022 +}
1.1023 +
1.1024 +DBusUserDatabase*
1.1025 +bus_context_get_user_database (BusContext *context)
1.1026 +{
1.1027 + return context->user_database;
1.1028 +}
1.1029 +
1.1030 +dbus_bool_t
1.1031 +bus_context_allow_user (BusContext *context,
1.1032 + unsigned long uid)
1.1033 +{
1.1034 + return bus_policy_allow_user (context->policy,
1.1035 + context->user_database,
1.1036 + uid);
1.1037 +}
1.1038 +
1.1039 +BusPolicy *
1.1040 +bus_context_get_policy (BusContext *context)
1.1041 +{
1.1042 + return context->policy;
1.1043 +}
1.1044 +
1.1045 +BusClientPolicy*
1.1046 +bus_context_create_client_policy (BusContext *context,
1.1047 + DBusConnection *connection,
1.1048 + DBusError *error)
1.1049 +{
1.1050 + _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1.1051 + return bus_policy_create_client_policy (context->policy, connection,
1.1052 + error);
1.1053 +}
1.1054 +
1.1055 +int
1.1056 +bus_context_get_activation_timeout (BusContext *context)
1.1057 +{
1.1058 +
1.1059 + return context->limits.activation_timeout;
1.1060 +}
1.1061 +
1.1062 +int
1.1063 +bus_context_get_auth_timeout (BusContext *context)
1.1064 +{
1.1065 + return context->limits.auth_timeout;
1.1066 +}
1.1067 +
1.1068 +int
1.1069 +bus_context_get_max_completed_connections (BusContext *context)
1.1070 +{
1.1071 + return context->limits.max_completed_connections;
1.1072 +}
1.1073 +
1.1074 +int
1.1075 +bus_context_get_max_incomplete_connections (BusContext *context)
1.1076 +{
1.1077 + return context->limits.max_incomplete_connections;
1.1078 +}
1.1079 +
1.1080 +int
1.1081 +bus_context_get_max_connections_per_user (BusContext *context)
1.1082 +{
1.1083 + return context->limits.max_connections_per_user;
1.1084 +}
1.1085 +
1.1086 +int
1.1087 +bus_context_get_max_pending_activations (BusContext *context)
1.1088 +{
1.1089 + return context->limits.max_pending_activations;
1.1090 +}
1.1091 +
1.1092 +int
1.1093 +bus_context_get_max_services_per_connection (BusContext *context)
1.1094 +{
1.1095 + return context->limits.max_services_per_connection;
1.1096 +}
1.1097 +
1.1098 +int
1.1099 +bus_context_get_max_match_rules_per_connection (BusContext *context)
1.1100 +{
1.1101 + return context->limits.max_match_rules_per_connection;
1.1102 +}
1.1103 +
1.1104 +int
1.1105 +bus_context_get_max_replies_per_connection (BusContext *context)
1.1106 +{
1.1107 + return context->limits.max_replies_per_connection;
1.1108 +}
1.1109 +
1.1110 +int
1.1111 +bus_context_get_reply_timeout (BusContext *context)
1.1112 +{
1.1113 + return context->limits.reply_timeout;
1.1114 +}
1.1115 +
1.1116 +/*
1.1117 + * addressed_recipient is the recipient specified in the message.
1.1118 + *
1.1119 + * proposed_recipient is the recipient we're considering sending
1.1120 + * to right this second, and may be an eavesdropper.
1.1121 + *
1.1122 + * sender is the sender of the message.
1.1123 + *
1.1124 + * NULL for proposed_recipient or sender definitely means the bus driver.
1.1125 + *
1.1126 + * NULL for addressed_recipient may mean the bus driver, or may mean
1.1127 + * no destination was specified in the message (e.g. a signal).
1.1128 + */
1.1129 +dbus_bool_t
1.1130 +bus_context_check_security_policy (BusContext *context,
1.1131 + BusTransaction *transaction,
1.1132 + DBusConnection *sender,
1.1133 + DBusConnection *addressed_recipient,
1.1134 + DBusConnection *proposed_recipient,
1.1135 + DBusMessage *message,
1.1136 + DBusError *error)
1.1137 +{
1.1138 + BusClientPolicy *sender_policy;
1.1139 + BusClientPolicy *recipient_policy;
1.1140 + int type;
1.1141 + dbus_bool_t requested_reply;
1.1142 +
1.1143 + type = dbus_message_get_type (message);
1.1144 +
1.1145 + /* dispatch.c was supposed to ensure these invariants */
1.1146 + _dbus_assert (dbus_message_get_destination (message) != NULL ||
1.1147 + type == DBUS_MESSAGE_TYPE_SIGNAL ||
1.1148 + (sender == NULL && !bus_connection_is_active (proposed_recipient)));
1.1149 + _dbus_assert (type == DBUS_MESSAGE_TYPE_SIGNAL ||
1.1150 + addressed_recipient != NULL ||
1.1151 + strcmp (dbus_message_get_destination (message), DBUS_SERVICE_DBUS) == 0);
1.1152 +
1.1153 + switch (type)
1.1154 + {
1.1155 + case DBUS_MESSAGE_TYPE_METHOD_CALL:
1.1156 + case DBUS_MESSAGE_TYPE_SIGNAL:
1.1157 + case DBUS_MESSAGE_TYPE_METHOD_RETURN:
1.1158 + case DBUS_MESSAGE_TYPE_ERROR:
1.1159 + break;
1.1160 +
1.1161 + default:
1.1162 + _dbus_verbose ("security check disallowing message of unknown type %d\n",
1.1163 + type);
1.1164 +
1.1165 + dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
1.1166 + "Message bus will not accept messages of unknown type\n");
1.1167 +
1.1168 + return FALSE;
1.1169 + }
1.1170 +
1.1171 + requested_reply = FALSE;
1.1172 +
1.1173 + if (sender != NULL)
1.1174 + {
1.1175 + const char *dest;
1.1176 +
1.1177 + dest = dbus_message_get_destination (message);
1.1178 +
1.1179 + /* First verify the SELinux access controls. If allowed then
1.1180 + * go on with the standard checks.
1.1181 + */
1.1182 + if (!bus_selinux_allows_send (sender, proposed_recipient,
1.1183 + dbus_message_type_to_string (dbus_message_get_type (message)),
1.1184 + dbus_message_get_interface (message),
1.1185 + dbus_message_get_member (message),
1.1186 + dbus_message_get_error_name (message),
1.1187 + dest ? dest : DBUS_SERVICE_DBUS, error))
1.1188 + {
1.1189 +
1.1190 + if (dbus_error_is_set (error) &&
1.1191 + dbus_error_has_name (error, DBUS_ERROR_NO_MEMORY))
1.1192 + {
1.1193 + return FALSE;
1.1194 + }
1.1195 +
1.1196 +
1.1197 + dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
1.1198 + "An SELinux policy prevents this sender "
1.1199 + "from sending this message to this recipient "
1.1200 + "(rejected message had interface \"%s\" "
1.1201 + "member \"%s\" error name \"%s\" destination \"%s\")",
1.1202 + dbus_message_get_interface (message) ?
1.1203 + dbus_message_get_interface (message) : "(unset)",
1.1204 + dbus_message_get_member (message) ?
1.1205 + dbus_message_get_member (message) : "(unset)",
1.1206 + dbus_message_get_error_name (message) ?
1.1207 + dbus_message_get_error_name (message) : "(unset)",
1.1208 + dest ? dest : DBUS_SERVICE_DBUS);
1.1209 + _dbus_verbose ("SELinux security check denying send to service\n");
1.1210 + return FALSE;
1.1211 + }
1.1212 +
1.1213 + if (bus_connection_is_active (sender))
1.1214 + {
1.1215 + sender_policy = bus_connection_get_policy (sender);
1.1216 + _dbus_assert (sender_policy != NULL);
1.1217 +
1.1218 + /* Fill in requested_reply variable with TRUE if this is a
1.1219 + * reply and the reply was pending.
1.1220 + */
1.1221 + if (dbus_message_get_reply_serial (message) != 0)
1.1222 + {
1.1223 + if (proposed_recipient != NULL /* not to the bus driver */ &&
1.1224 + addressed_recipient == proposed_recipient /* not eavesdropping */)
1.1225 + {
1.1226 + DBusError error2;
1.1227 +
1.1228 + dbus_error_init (&error2);
1.1229 + requested_reply = bus_connections_check_reply (bus_connection_get_connections (sender),
1.1230 + transaction,
1.1231 + sender, addressed_recipient, message,
1.1232 + &error2);
1.1233 + if (dbus_error_is_set (&error2))
1.1234 + {
1.1235 + dbus_move_error (&error2, error);
1.1236 + return FALSE;
1.1237 + }
1.1238 + }
1.1239 + }
1.1240 + }
1.1241 + else
1.1242 + {
1.1243 + /* Policy for inactive connections is that they can only send
1.1244 + * the hello message to the bus driver
1.1245 + */
1.1246 + if (proposed_recipient == NULL &&
1.1247 + dbus_message_is_method_call (message,
1.1248 + DBUS_INTERFACE_DBUS,
1.1249 + "Hello"))
1.1250 + {
1.1251 + _dbus_verbose ("security check allowing %s message\n",
1.1252 + "Hello");
1.1253 + return TRUE;
1.1254 + }
1.1255 + else
1.1256 + {
1.1257 + _dbus_verbose ("security check disallowing non-%s message\n",
1.1258 + "Hello");
1.1259 +
1.1260 + dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
1.1261 + "Client tried to send a message other than %s without being registered",
1.1262 + "Hello");
1.1263 +
1.1264 + return FALSE;
1.1265 + }
1.1266 + }
1.1267 + }
1.1268 + else
1.1269 + {
1.1270 + sender_policy = NULL;
1.1271 +
1.1272 + /* If the sender is the bus driver, we assume any reply was a
1.1273 + * requested reply as bus driver won't send bogus ones
1.1274 + */
1.1275 + if (addressed_recipient == proposed_recipient /* not eavesdropping */ &&
1.1276 + dbus_message_get_reply_serial (message) != 0)
1.1277 + requested_reply = TRUE;
1.1278 + }
1.1279 +
1.1280 + _dbus_assert ((sender != NULL && sender_policy != NULL) ||
1.1281 + (sender == NULL && sender_policy == NULL));
1.1282 +
1.1283 + if (proposed_recipient != NULL)
1.1284 + {
1.1285 + /* only the bus driver can send to an inactive recipient (as it
1.1286 + * owns no services, so other apps can't address it). Inactive
1.1287 + * recipients can receive any message.
1.1288 + */
1.1289 + if (bus_connection_is_active (proposed_recipient))
1.1290 + {
1.1291 + recipient_policy = bus_connection_get_policy (proposed_recipient);
1.1292 + _dbus_assert (recipient_policy != NULL);
1.1293 + }
1.1294 + else if (sender == NULL)
1.1295 + {
1.1296 + _dbus_verbose ("security check using NULL recipient policy for message from bus\n");
1.1297 + recipient_policy = NULL;
1.1298 + }
1.1299 + else
1.1300 + {
1.1301 + _dbus_assert_not_reached ("a message was somehow sent to an inactive recipient from a source other than the message bus\n");
1.1302 + recipient_policy = NULL;
1.1303 + }
1.1304 + }
1.1305 + else
1.1306 + recipient_policy = NULL;
1.1307 +
1.1308 + _dbus_assert ((proposed_recipient != NULL && recipient_policy != NULL) ||
1.1309 + (proposed_recipient != NULL && sender == NULL && recipient_policy == NULL) ||
1.1310 + (proposed_recipient == NULL && recipient_policy == NULL));
1.1311 +
1.1312 + if (sender_policy &&
1.1313 + !bus_client_policy_check_can_send (sender_policy,
1.1314 + context->registry,
1.1315 + requested_reply,
1.1316 + proposed_recipient,
1.1317 + message))
1.1318 + {
1.1319 + const char *dest;
1.1320 +
1.1321 + dest = dbus_message_get_destination (message);
1.1322 + dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
1.1323 + "A security policy in place prevents this sender "
1.1324 + "from sending this message to this recipient, "
1.1325 + "see message bus configuration file (rejected message "
1.1326 + "had interface \"%s\" member \"%s\" error name \"%s\" destination \"%s\")",
1.1327 + dbus_message_get_interface (message) ?
1.1328 + dbus_message_get_interface (message) : "(unset)",
1.1329 + dbus_message_get_member (message) ?
1.1330 + dbus_message_get_member (message) : "(unset)",
1.1331 + dbus_message_get_error_name (message) ?
1.1332 + dbus_message_get_error_name (message) : "(unset)",
1.1333 + dest ? dest : DBUS_SERVICE_DBUS);
1.1334 + _dbus_verbose ("security policy disallowing message due to sender policy\n");
1.1335 + return FALSE;
1.1336 + }
1.1337 +
1.1338 + if (recipient_policy &&
1.1339 + !bus_client_policy_check_can_receive (recipient_policy,
1.1340 + context->registry,
1.1341 + requested_reply,
1.1342 + sender,
1.1343 + addressed_recipient, proposed_recipient,
1.1344 + message))
1.1345 + {
1.1346 + const char *dest;
1.1347 +
1.1348 + dest = dbus_message_get_destination (message);
1.1349 + dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
1.1350 + "A security policy in place prevents this recipient "
1.1351 + "from receiving this message from this sender, "
1.1352 + "see message bus configuration file (rejected message "
1.1353 + "had interface \"%s\" member \"%s\" error name \"%s\" destination \"%s\" reply serial %u requested_reply=%d)",
1.1354 + dbus_message_get_interface (message) ?
1.1355 + dbus_message_get_interface (message) : "(unset)",
1.1356 + dbus_message_get_member (message) ?
1.1357 + dbus_message_get_member (message) : "(unset)",
1.1358 + dbus_message_get_error_name (message) ?
1.1359 + dbus_message_get_error_name (message) : "(unset)",
1.1360 + dest ? dest : DBUS_SERVICE_DBUS,
1.1361 + dbus_message_get_reply_serial (message),
1.1362 + requested_reply);
1.1363 + _dbus_verbose ("security policy disallowing message due to recipient policy\n");
1.1364 + return FALSE;
1.1365 + }
1.1366 +
1.1367 + /* See if limits on size have been exceeded */
1.1368 + if (proposed_recipient &&
1.1369 + dbus_connection_get_outgoing_size (proposed_recipient) >
1.1370 + context->limits.max_outgoing_bytes)
1.1371 + {
1.1372 + const char *dest;
1.1373 +
1.1374 + dest = dbus_message_get_destination (message);
1.1375 + dbus_set_error (error, DBUS_ERROR_LIMITS_EXCEEDED,
1.1376 + "The destination service \"%s\" has a full message queue",
1.1377 + dest ? dest : (proposed_recipient ?
1.1378 + bus_connection_get_name (proposed_recipient) :
1.1379 + DBUS_SERVICE_DBUS));
1.1380 + _dbus_verbose ("security policy disallowing message due to full message queue\n");
1.1381 + return FALSE;
1.1382 + }
1.1383 +
1.1384 + /* Record that we will allow a reply here in the future (don't
1.1385 + * bother if the recipient is the bus or this is an eavesdropping
1.1386 + * connection). Only the addressed recipient may reply.
1.1387 + */
1.1388 + if (type == DBUS_MESSAGE_TYPE_METHOD_CALL &&
1.1389 + sender &&
1.1390 + addressed_recipient &&
1.1391 + addressed_recipient == proposed_recipient && /* not eavesdropping */
1.1392 + !bus_connections_expect_reply (bus_connection_get_connections (sender),
1.1393 + transaction,
1.1394 + sender, addressed_recipient,
1.1395 + message, error))
1.1396 + {
1.1397 + _dbus_verbose ("Failed to record reply expectation or problem with the message expecting a reply\n");
1.1398 + return FALSE;
1.1399 + }
1.1400 +
1.1401 + _dbus_verbose ("security policy allowing message\n");
1.1402 + return TRUE;
1.1403 +}