1 /* -*- mode: C; c-file-style: "gnu" -*- */
2 /* bus.c message bus context object
4 * Copyright (C) 2003, 2004 Red Hat, Inc.
5 * Portion Copyright © 2008 Nokia Corporation and/or its subsidiary(-ies). All rights reserved.
6 * Licensed under the Academic Free License version 2.1
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
25 #include "activation.h"
26 #include "connection.h"
30 #include "config-parser.h"
33 #include "dir-watch.h"
35 #include <dbus/dbus-list.h>
36 #include <dbus/dbus-hash.h>
37 #include <dbus/dbus-internals.h>
39 #include "dbus-list.h"
40 #include "dbus-hash.h"
41 #include "dbus-internals.h"
54 BusConnections *connections;
55 BusActivation *activation;
56 BusRegistry *registry;
58 BusMatchmaker *matchmaker;
59 DBusUserDatabase *user_database;
61 unsigned int fork : 1;
64 static dbus_int32_t server_data_slot = -1;
71 #define BUS_SERVER_DATA(server) (dbus_server_get_data ((server), server_data_slot))
74 server_get_context (DBusServer *server)
79 if (!dbus_server_allocate_data_slot (&server_data_slot))
82 bd = BUS_SERVER_DATA (server);
85 dbus_server_free_data_slot (&server_data_slot);
89 context = bd->context;
91 dbus_server_free_data_slot (&server_data_slot);
97 server_watch_callback (DBusWatch *watch,
98 unsigned int condition,
101 /* FIXME this can be done in dbus-mainloop.c
102 * if the code in activation.c for the babysitter
103 * watch handler is fixed.
106 return dbus_watch_handle (watch, condition);
110 add_server_watch (DBusWatch *watch,
113 DBusServer *server = data;
116 context = server_get_context (server);
118 return _dbus_loop_add_watch (context->loop,
119 watch, server_watch_callback, server,
124 remove_server_watch (DBusWatch *watch,
127 DBusServer *server = data;
130 context = server_get_context (server);
132 _dbus_loop_remove_watch (context->loop,
133 watch, server_watch_callback, server);
138 server_timeout_callback (DBusTimeout *timeout,
141 /* can return FALSE on OOM but we just let it fire again later */
142 dbus_timeout_handle (timeout);
146 add_server_timeout (DBusTimeout *timeout,
149 DBusServer *server = data;
152 context = server_get_context (server);
154 return _dbus_loop_add_timeout (context->loop,
155 timeout, server_timeout_callback, server, NULL);
159 remove_server_timeout (DBusTimeout *timeout,
162 DBusServer *server = data;
165 context = server_get_context (server);
167 _dbus_loop_remove_timeout (context->loop,
168 timeout, server_timeout_callback, server);
172 new_connection_callback (DBusServer *server,
173 DBusConnection *new_connection,
176 BusContext *context = data;
178 if (!bus_connections_setup_connection (context->connections, new_connection))
180 _dbus_verbose ("No memory to setup new connection\n");
182 /* if we don't do this, it will get unref'd without
183 * being disconnected... kind of strange really
184 * that we have to do this, people won't get it right
187 dbus_connection_close (new_connection);
190 dbus_connection_set_max_received_size (new_connection,
191 context->limits.max_incoming_bytes);
193 dbus_connection_set_max_message_size (new_connection,
194 context->limits.max_message_size);
196 /* on OOM, we won't have ref'd the connection so it will die. */
200 free_server_data (void *data)
202 BusServerData *bd = data;
208 setup_server (BusContext *context,
210 char **auth_mechanisms,
215 bd = dbus_new0 (BusServerData, 1);
216 if (!dbus_server_set_data (server,
218 bd, free_server_data))
225 bd->context = context;
227 if (!dbus_server_set_auth_mechanisms (server, (const char**) auth_mechanisms))
233 dbus_server_set_new_connection_function (server,
234 new_connection_callback,
237 if (!dbus_server_set_watch_functions (server,
248 if (!dbus_server_set_timeout_functions (server,
250 remove_server_timeout,
261 /* This code only gets executed the first time the
262 config files are parsed. It is not executed
263 when config files are reloaded.*/
265 process_config_first_time_only (BusContext *context,
266 BusConfigParser *parser,
270 DBusList **addresses;
271 const char *user, *pidfile;
272 char **auth_mechanisms;
273 DBusList **auth_mechanisms_list;
277 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
280 auth_mechanisms = NULL;
282 /* Check for an existing pid file. Of course this is a race;
283 * we'd have to use fcntl() locks on the pid file to
284 * avoid that. But we want to check for the pid file
285 * before overwriting any existing sockets, etc.
287 pidfile = bus_config_parser_get_pidfile (parser);
293 _dbus_string_init_const (&u, pidfile);
295 if (_dbus_stat (&u, &stbuf, NULL))
297 dbus_set_error (error, DBUS_ERROR_FAILED,
298 "The pid file \"%s\" exists, if the message bus is not running, remove this file",
304 /* keep around the pid filename so we can delete it later */
305 context->pidfile = _dbus_strdup (pidfile);
307 /* Build an array of auth mechanisms */
309 auth_mechanisms_list = bus_config_parser_get_mechanisms (parser);
310 len = _dbus_list_get_length (auth_mechanisms_list);
316 auth_mechanisms = dbus_new0 (char*, len + 1);
317 if (auth_mechanisms == NULL)
324 link = _dbus_list_get_first_link (auth_mechanisms_list);
327 auth_mechanisms[i] = _dbus_strdup (link->data);
328 if (auth_mechanisms[i] == NULL)
333 link = _dbus_list_get_next_link (auth_mechanisms_list, link);
338 auth_mechanisms = NULL;
341 /* Listen on our addresses */
343 addresses = bus_config_parser_get_addresses (parser);
345 link = _dbus_list_get_first_link (addresses);
350 server = dbus_server_listen (link->data, error);
353 _DBUS_ASSERT_ERROR_IS_SET (error);
356 else if (!setup_server (context, server, auth_mechanisms, error))
358 _DBUS_ASSERT_ERROR_IS_SET (error);
362 if (!_dbus_list_append (&context->servers, server))
368 link = _dbus_list_get_next_link (addresses, link);
371 /* note that type may be NULL */
372 context->type = _dbus_strdup (bus_config_parser_get_type (parser));
373 if (bus_config_parser_get_type (parser) != NULL && context->type == NULL)
379 user = bus_config_parser_get_user (parser);
382 context->user = _dbus_strdup (user);
383 if (context->user == NULL)
390 context->fork = bus_config_parser_get_fork (parser);
392 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
396 dbus_free_string_array (auth_mechanisms);
400 /* This code gets executed every time the config files
401 are parsed: both during BusContext construction
404 process_config_every_time (BusContext *context,
405 BusConfigParser *parser,
406 dbus_bool_t is_reload,
409 DBusString full_address;
415 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
420 if (!_dbus_string_init (&full_address))
426 /* get our limits and timeout lengths */
427 bus_config_parser_get_limits (parser, &context->limits);
429 context->policy = bus_config_parser_steal_policy (parser);
430 _dbus_assert (context->policy != NULL);
432 /* We have to build the address backward, so that
433 * <listen> later in the config file have priority
435 link = _dbus_list_get_last_link (&context->servers);
438 addr = dbus_server_get_address (link->data);
445 if (_dbus_string_get_length (&full_address) > 0)
447 if (!_dbus_string_append (&full_address, ";"))
454 if (!_dbus_string_append (&full_address, addr))
463 link = _dbus_list_get_prev_link (&context->servers, link);
467 dbus_free (context->address);
469 if (!_dbus_string_copy_data (&full_address, &context->address))
475 /* Create activation subsystem */
478 bus_activation_unref (context->activation);
480 context->activation = bus_activation_new (context, &full_address,
481 bus_config_parser_get_service_dirs (parser),
483 if (context->activation == NULL)
485 _DBUS_ASSERT_ERROR_IS_SET (error);
489 /* Drop existing conf-dir watches (if applicable) */
492 bus_drop_all_directory_watches ();
494 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
498 _dbus_string_free (&full_address);
507 process_config_postinit (BusContext *context,
508 BusConfigParser *parser,
511 DBusHashTable *service_context_table;
513 service_context_table = bus_config_parser_steal_service_context_table (parser);
514 if (!bus_registry_set_service_context_table (context->registry,
515 service_context_table))
521 _dbus_hash_table_unref (service_context_table);
523 /* Watch all conf directories */
524 _dbus_list_foreach (bus_config_parser_get_conf_dirs (parser),
525 (DBusForeachFunction) bus_watch_directory,
532 bus_context_new (const DBusString *config_file,
533 ForceForkSetting force_fork,
539 BusConfigParser *parser;
540 DBusCredentials creds;
542 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
547 if (!dbus_server_allocate_data_slot (&server_data_slot))
553 context = dbus_new0 (BusContext, 1);
559 context->refcount = 1;
561 if (!_dbus_string_copy_data (config_file, &context->config_file))
567 context->loop = _dbus_loop_new ();
568 if (context->loop == NULL)
574 context->registry = bus_registry_new (context);
575 if (context->registry == NULL)
581 parser = bus_config_load (config_file, TRUE, NULL, error);
584 _DBUS_ASSERT_ERROR_IS_SET (error);
588 if (!process_config_first_time_only (context, parser, error))
590 _DBUS_ASSERT_ERROR_IS_SET (error);
593 if (!process_config_every_time (context, parser, FALSE, error))
595 _DBUS_ASSERT_ERROR_IS_SET (error);
599 /* we need another ref of the server data slot for the context
602 if (!dbus_server_allocate_data_slot (&server_data_slot))
603 _dbus_assert_not_reached ("second ref of server data slot failed");
605 context->user_database = _dbus_user_database_new ();
606 if (context->user_database == NULL)
612 /* Note that we don't know whether the print_addr_fd is
613 * one of the sockets we're using to listen on, or some
614 * other random thing. But I think the answer is "don't do
617 if (print_addr_fd >= 0)
620 const char *a = bus_context_get_address (context);
623 _dbus_assert (a != NULL);
624 if (!_dbus_string_init (&addr))
632 #ifndef __SYMBIAN32__
633 if (!_dbus_string_append (&addr, a) ||
634 !_dbus_string_append (&addr, "\n"))
636 if (!_dbus_string_append (&addr, a) )
640 _dbus_string_free (&addr);
646 bytes = _dbus_string_get_length (&addr);
647 if (_dbus_write_socket (print_addr_fd, &addr, 0, bytes) != bytes)
649 dbus_set_error (error, DBUS_ERROR_FAILED,
650 "Printing message bus address: %s\n",
651 _dbus_strerror (errno));
652 _dbus_string_free (&addr);
656 if (print_addr_fd > 2)
657 _dbus_close_socket (print_addr_fd, NULL);
659 _dbus_string_free (&addr);
662 context->connections = bus_connections_new (context);
663 if (context->connections == NULL)
669 context->matchmaker = bus_matchmaker_new ();
670 if (context->matchmaker == NULL)
676 /* check user before we fork */
677 if (context->user != NULL)
681 _dbus_string_init_const (&u, context->user);
683 if (!_dbus_credentials_from_username (&u, &creds) ||
687 dbus_set_error (error, DBUS_ERROR_FAILED,
688 "Could not get UID and GID for username \"%s\"",
694 /* Now become a daemon if appropriate */
695 if ((force_fork != FORK_NEVER && context->fork) || force_fork == FORK_ALWAYS)
699 if (context->pidfile)
700 _dbus_string_init_const (&u, context->pidfile);
702 if (!_dbus_become_daemon (context->pidfile ? &u : NULL,
706 _DBUS_ASSERT_ERROR_IS_SET (error);
712 /* Need to write PID file for ourselves, not for the child process */
713 if (context->pidfile != NULL)
717 _dbus_string_init_const (&u, context->pidfile);
719 if (!_dbus_write_pid_file (&u, _dbus_getpid (), error))
721 _DBUS_ASSERT_ERROR_IS_SET (error);
727 /* Write PID if requested */
728 if (print_pid_fd >= 0)
733 if (!_dbus_string_init (&pid))
739 if (!_dbus_string_append_int (&pid, _dbus_getpid ()) ||
740 !_dbus_string_append (&pid, "\n"))
742 _dbus_string_free (&pid);
747 bytes = _dbus_string_get_length (&pid);
748 if (_dbus_write_socket (print_pid_fd, &pid, 0, bytes) != bytes)
750 dbus_set_error (error, DBUS_ERROR_FAILED,
751 "Printing message bus PID: %s\n",
752 _dbus_strerror (errno));
753 _dbus_string_free (&pid);
757 if (print_pid_fd > 2)
758 _dbus_close_socket (print_pid_fd, NULL);
760 _dbus_string_free (&pid);
763 if (!bus_selinux_full_init ())
765 _dbus_warn ("SELinux initialization failed\n");
768 if (!process_config_postinit (context, parser, error))
770 _DBUS_ASSERT_ERROR_IS_SET (error);
776 bus_config_parser_unref (parser);
780 /* Here we change our credentials if required,
781 * as soon as we've set up our sockets and pidfile
783 if (context->user != NULL)
785 if (!_dbus_change_identity (creds.uid, creds.gid, error))
787 _DBUS_ASSERT_ERROR_IS_SET (error);
792 dbus_server_free_data_slot (&server_data_slot);
798 bus_config_parser_unref (parser);
800 bus_context_unref (context);
802 if (server_data_slot >= 0)
803 dbus_server_free_data_slot (&server_data_slot);
809 bus_context_reload_config (BusContext *context,
812 BusConfigParser *parser;
813 DBusString config_file;
816 /* Flush the user database cache */
817 _dbus_user_database_flush(context->user_database);
820 _dbus_string_init_const (&config_file, context->config_file);
821 parser = bus_config_load (&config_file, TRUE, NULL, error);
824 _DBUS_ASSERT_ERROR_IS_SET (error);
828 if (!process_config_every_time (context, parser, TRUE, error))
830 _DBUS_ASSERT_ERROR_IS_SET (error);
833 if (!process_config_postinit (context, parser, error))
835 _DBUS_ASSERT_ERROR_IS_SET (error);
842 bus_config_parser_unref (parser);
847 shutdown_server (BusContext *context,
850 if (server == NULL ||
851 !dbus_server_get_is_connected (server))
854 if (!dbus_server_set_watch_functions (server,
858 _dbus_assert_not_reached ("setting watch functions to NULL failed");
860 if (!dbus_server_set_timeout_functions (server,
864 _dbus_assert_not_reached ("setting timeout functions to NULL failed");
866 dbus_server_disconnect (server);
870 bus_context_shutdown (BusContext *context)
874 link = _dbus_list_get_first_link (&context->servers);
877 shutdown_server (context, link->data);
879 link = _dbus_list_get_next_link (&context->servers, link);
884 bus_context_ref (BusContext *context)
886 _dbus_assert (context->refcount > 0);
887 context->refcount += 1;
893 bus_context_unref (BusContext *context)
895 _dbus_assert (context->refcount > 0);
896 context->refcount -= 1;
898 if (context->refcount == 0)
902 _dbus_verbose ("Finalizing bus context %p\n", context);
904 bus_context_shutdown (context);
906 if (context->connections)
908 bus_connections_unref (context->connections);
909 context->connections = NULL;
912 if (context->registry)
914 bus_registry_unref (context->registry);
915 context->registry = NULL;
918 if (context->activation)
920 bus_activation_unref (context->activation);
921 context->activation = NULL;
924 link = _dbus_list_get_first_link (&context->servers);
927 dbus_server_unref (link->data);
929 link = _dbus_list_get_next_link (&context->servers, link);
931 _dbus_list_clear (&context->servers);
935 bus_policy_unref (context->policy);
936 context->policy = NULL;
941 _dbus_loop_unref (context->loop);
942 context->loop = NULL;
945 if (context->matchmaker)
947 bus_matchmaker_unref (context->matchmaker);
948 context->matchmaker = NULL;
951 dbus_free (context->config_file);
952 dbus_free (context->type);
953 dbus_free (context->address);
954 dbus_free (context->user);
956 if (context->pidfile)
959 _dbus_string_init_const (&u, context->pidfile);
961 /* Deliberately ignore errors here, since there's not much
962 * we can do about it, and we're exiting anyways.
964 _dbus_delete_file (&u, NULL);
966 dbus_free (context->pidfile);
969 if (context->user_database != NULL)
970 _dbus_user_database_unref (context->user_database);
974 dbus_server_free_data_slot (&server_data_slot);
978 /* type may be NULL */
980 bus_context_get_type (BusContext *context)
982 return context->type;
986 bus_context_get_address (BusContext *context)
988 return context->address;
992 bus_context_get_registry (BusContext *context)
994 return context->registry;
998 bus_context_get_connections (BusContext *context)
1000 return context->connections;
1004 bus_context_get_activation (BusContext *context)
1006 return context->activation;
1010 bus_context_get_matchmaker (BusContext *context)
1012 return context->matchmaker;
1016 bus_context_get_loop (BusContext *context)
1018 return context->loop;
1022 bus_context_get_user_database (BusContext *context)
1024 return context->user_database;
1028 bus_context_allow_user (BusContext *context,
1031 return bus_policy_allow_user (context->policy,
1032 context->user_database,
1037 bus_context_get_policy (BusContext *context)
1039 return context->policy;
1043 bus_context_create_client_policy (BusContext *context,
1044 DBusConnection *connection,
1047 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1048 return bus_policy_create_client_policy (context->policy, connection,
1053 bus_context_get_activation_timeout (BusContext *context)
1056 return context->limits.activation_timeout;
1060 bus_context_get_auth_timeout (BusContext *context)
1062 return context->limits.auth_timeout;
1066 bus_context_get_max_completed_connections (BusContext *context)
1068 return context->limits.max_completed_connections;
1072 bus_context_get_max_incomplete_connections (BusContext *context)
1074 return context->limits.max_incomplete_connections;
1078 bus_context_get_max_connections_per_user (BusContext *context)
1080 return context->limits.max_connections_per_user;
1084 bus_context_get_max_pending_activations (BusContext *context)
1086 return context->limits.max_pending_activations;
1090 bus_context_get_max_services_per_connection (BusContext *context)
1092 return context->limits.max_services_per_connection;
1096 bus_context_get_max_match_rules_per_connection (BusContext *context)
1098 return context->limits.max_match_rules_per_connection;
1102 bus_context_get_max_replies_per_connection (BusContext *context)
1104 return context->limits.max_replies_per_connection;
1108 bus_context_get_reply_timeout (BusContext *context)
1110 return context->limits.reply_timeout;
1114 * addressed_recipient is the recipient specified in the message.
1116 * proposed_recipient is the recipient we're considering sending
1117 * to right this second, and may be an eavesdropper.
1119 * sender is the sender of the message.
1121 * NULL for proposed_recipient or sender definitely means the bus driver.
1123 * NULL for addressed_recipient may mean the bus driver, or may mean
1124 * no destination was specified in the message (e.g. a signal).
1127 bus_context_check_security_policy (BusContext *context,
1128 BusTransaction *transaction,
1129 DBusConnection *sender,
1130 DBusConnection *addressed_recipient,
1131 DBusConnection *proposed_recipient,
1132 DBusMessage *message,
1135 BusClientPolicy *sender_policy;
1136 BusClientPolicy *recipient_policy;
1138 dbus_bool_t requested_reply;
1140 type = dbus_message_get_type (message);
1142 /* dispatch.c was supposed to ensure these invariants */
1143 _dbus_assert (dbus_message_get_destination (message) != NULL ||
1144 type == DBUS_MESSAGE_TYPE_SIGNAL ||
1145 (sender == NULL && !bus_connection_is_active (proposed_recipient)));
1146 _dbus_assert (type == DBUS_MESSAGE_TYPE_SIGNAL ||
1147 addressed_recipient != NULL ||
1148 strcmp (dbus_message_get_destination (message), DBUS_SERVICE_DBUS) == 0);
1152 case DBUS_MESSAGE_TYPE_METHOD_CALL:
1153 case DBUS_MESSAGE_TYPE_SIGNAL:
1154 case DBUS_MESSAGE_TYPE_METHOD_RETURN:
1155 case DBUS_MESSAGE_TYPE_ERROR:
1159 _dbus_verbose ("security check disallowing message of unknown type %d\n",
1162 dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
1163 "Message bus will not accept messages of unknown type\n");
1168 requested_reply = FALSE;
1174 dest = dbus_message_get_destination (message);
1176 /* First verify the SELinux access controls. If allowed then
1177 * go on with the standard checks.
1179 if (!bus_selinux_allows_send (sender, proposed_recipient,
1180 dbus_message_type_to_string (dbus_message_get_type (message)),
1181 dbus_message_get_interface (message),
1182 dbus_message_get_member (message),
1183 dbus_message_get_error_name (message),
1184 dest ? dest : DBUS_SERVICE_DBUS, error))
1187 if (dbus_error_is_set (error) &&
1188 dbus_error_has_name (error, DBUS_ERROR_NO_MEMORY))
1194 dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
1195 "An SELinux policy prevents this sender "
1196 "from sending this message to this recipient "
1197 "(rejected message had interface \"%s\" "
1198 "member \"%s\" error name \"%s\" destination \"%s\")",
1199 dbus_message_get_interface (message) ?
1200 dbus_message_get_interface (message) : "(unset)",
1201 dbus_message_get_member (message) ?
1202 dbus_message_get_member (message) : "(unset)",
1203 dbus_message_get_error_name (message) ?
1204 dbus_message_get_error_name (message) : "(unset)",
1205 dest ? dest : DBUS_SERVICE_DBUS);
1206 _dbus_verbose ("SELinux security check denying send to service\n");
1210 if (bus_connection_is_active (sender))
1212 sender_policy = bus_connection_get_policy (sender);
1213 _dbus_assert (sender_policy != NULL);
1215 /* Fill in requested_reply variable with TRUE if this is a
1216 * reply and the reply was pending.
1218 if (dbus_message_get_reply_serial (message) != 0)
1220 if (proposed_recipient != NULL /* not to the bus driver */ &&
1221 addressed_recipient == proposed_recipient /* not eavesdropping */)
1225 dbus_error_init (&error2);
1226 requested_reply = bus_connections_check_reply (bus_connection_get_connections (sender),
1228 sender, addressed_recipient, message,
1230 if (dbus_error_is_set (&error2))
1232 dbus_move_error (&error2, error);
1240 /* Policy for inactive connections is that they can only send
1241 * the hello message to the bus driver
1243 if (proposed_recipient == NULL &&
1244 dbus_message_is_method_call (message,
1245 DBUS_INTERFACE_DBUS,
1248 _dbus_verbose ("security check allowing %s message\n",
1254 _dbus_verbose ("security check disallowing non-%s message\n",
1257 dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
1258 "Client tried to send a message other than %s without being registered",
1267 sender_policy = NULL;
1269 /* If the sender is the bus driver, we assume any reply was a
1270 * requested reply as bus driver won't send bogus ones
1272 if (addressed_recipient == proposed_recipient /* not eavesdropping */ &&
1273 dbus_message_get_reply_serial (message) != 0)
1274 requested_reply = TRUE;
1277 _dbus_assert ((sender != NULL && sender_policy != NULL) ||
1278 (sender == NULL && sender_policy == NULL));
1280 if (proposed_recipient != NULL)
1282 /* only the bus driver can send to an inactive recipient (as it
1283 * owns no services, so other apps can't address it). Inactive
1284 * recipients can receive any message.
1286 if (bus_connection_is_active (proposed_recipient))
1288 recipient_policy = bus_connection_get_policy (proposed_recipient);
1289 _dbus_assert (recipient_policy != NULL);
1291 else if (sender == NULL)
1293 _dbus_verbose ("security check using NULL recipient policy for message from bus\n");
1294 recipient_policy = NULL;
1298 _dbus_assert_not_reached ("a message was somehow sent to an inactive recipient from a source other than the message bus\n");
1299 recipient_policy = NULL;
1303 recipient_policy = NULL;
1305 _dbus_assert ((proposed_recipient != NULL && recipient_policy != NULL) ||
1306 (proposed_recipient != NULL && sender == NULL && recipient_policy == NULL) ||
1307 (proposed_recipient == NULL && recipient_policy == NULL));
1309 if (sender_policy &&
1310 !bus_client_policy_check_can_send (sender_policy,
1318 dest = dbus_message_get_destination (message);
1319 dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
1320 "A security policy in place prevents this sender "
1321 "from sending this message to this recipient, "
1322 "see message bus configuration file (rejected message "
1323 "had interface \"%s\" member \"%s\" error name \"%s\" destination \"%s\")",
1324 dbus_message_get_interface (message) ?
1325 dbus_message_get_interface (message) : "(unset)",
1326 dbus_message_get_member (message) ?
1327 dbus_message_get_member (message) : "(unset)",
1328 dbus_message_get_error_name (message) ?
1329 dbus_message_get_error_name (message) : "(unset)",
1330 dest ? dest : DBUS_SERVICE_DBUS);
1331 _dbus_verbose ("security policy disallowing message due to sender policy\n");
1335 if (recipient_policy &&
1336 !bus_client_policy_check_can_receive (recipient_policy,
1340 addressed_recipient, proposed_recipient,
1345 dest = dbus_message_get_destination (message);
1346 dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
1347 "A security policy in place prevents this recipient "
1348 "from receiving this message from this sender, "
1349 "see message bus configuration file (rejected message "
1350 "had interface \"%s\" member \"%s\" error name \"%s\" destination \"%s\" reply serial %u requested_reply=%d)",
1351 dbus_message_get_interface (message) ?
1352 dbus_message_get_interface (message) : "(unset)",
1353 dbus_message_get_member (message) ?
1354 dbus_message_get_member (message) : "(unset)",
1355 dbus_message_get_error_name (message) ?
1356 dbus_message_get_error_name (message) : "(unset)",
1357 dest ? dest : DBUS_SERVICE_DBUS,
1358 dbus_message_get_reply_serial (message),
1360 _dbus_verbose ("security policy disallowing message due to recipient policy\n");
1364 /* See if limits on size have been exceeded */
1365 if (proposed_recipient &&
1366 dbus_connection_get_outgoing_size (proposed_recipient) >
1367 context->limits.max_outgoing_bytes)
1371 dest = dbus_message_get_destination (message);
1372 dbus_set_error (error, DBUS_ERROR_LIMITS_EXCEEDED,
1373 "The destination service \"%s\" has a full message queue",
1374 dest ? dest : (proposed_recipient ?
1375 bus_connection_get_name (proposed_recipient) :
1376 DBUS_SERVICE_DBUS));
1377 _dbus_verbose ("security policy disallowing message due to full message queue\n");
1381 /* Record that we will allow a reply here in the future (don't
1382 * bother if the recipient is the bus or this is an eavesdropping
1383 * connection). Only the addressed recipient may reply.
1385 if (type == DBUS_MESSAGE_TYPE_METHOD_CALL &&
1387 addressed_recipient &&
1388 addressed_recipient == proposed_recipient && /* not eavesdropping */
1389 !bus_connections_expect_reply (bus_connection_get_connections (sender),
1391 sender, addressed_recipient,
1394 _dbus_verbose ("Failed to record reply expectation or problem with the message expecting a reply\n");
1398 _dbus_verbose ("security policy allowing message\n");