summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHavoc Pennington <hp@redhat.com>2003-03-19 23:48:17 +0000
committerHavoc Pennington <hp@redhat.com>2003-03-19 23:48:17 +0000
commita284a148e40551a2e6e5d0e54c2e04d2b679aaad (patch)
treefb99dfd253c6bccedaf16e280f1e51b8d0de8d7d
parentb052524195a48f9b5e55cc7a456e0e1cc318f98b (diff)
2003-03-19 Havoc Pennington <hp@redhat.com>
* bus/policy.c: start sketching code for policy restrictions on what connections can do.
-rw-r--r--ChangeLog5
-rw-r--r--bus/policy.c163
-rw-r--r--bus/policy.h93
-rw-r--r--doc/config-file.txt6
4 files changed, 261 insertions, 6 deletions
diff --git a/ChangeLog b/ChangeLog
index 242af3d5..4c6fe3e2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2003-03-19 Havoc Pennington <hp@redhat.com>
+
+ * bus/policy.c: start sketching code for policy restrictions on
+ what connections can do.
+
2003-03-18 Havoc Pennington <hp@redhat.com>
* doc/TODO: some notes on high-level todo items. Little nitpick
diff --git a/bus/policy.c b/bus/policy.c
new file mode 100644
index 00000000..c94c17e1
--- /dev/null
+++ b/bus/policy.c
@@ -0,0 +1,163 @@
+/* -*- mode: C; c-file-style: "gnu" -*- */
+/* policy.c Policies for what a connection can do
+ *
+ * Copyright (C) 2003 Red Hat, Inc.
+ *
+ * Licensed under the Academic Free License version 1.2
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ */
+
+#include "policy.h"
+
+BusPolicyRule*
+bus_policy_rule_new (BusPolicyRuleType type,
+ dbus_bool_t allow)
+{
+ BusPolicyRule *rule;
+
+ rule = dbus_new0 (BusPolicyRule, 1);
+ if (rule == NULL)
+ return NULL;
+
+ rule->type = type;
+ rule->refcount = 1;
+ rule->allow = allow;
+
+ return rule;
+}
+
+void
+bus_policy_rule_ref (BusPolicyRule *rule)
+{
+ _dbus_assert (rule->refcount > 0);
+
+ rule->refcount += 1;
+}
+
+void
+bus_policy_rule_unref (BusPolicyRule *rule)
+{
+ _dbus_assert (rule->refcount > 0);
+
+ rule->refcount -= 1;
+
+ if (rule->refcount == 0)
+ {
+ switch (rule->type)
+ {
+ case DBUS_POLICY_RULE_SEND:
+ dbus_free (rule->d.send.message_name);
+ dbus_free (rule->d.send.destination);
+ break;
+ case DBUS_POLICY_RULE_RECEIVE:
+ dbus_free (rule->d.receive.message_name);
+ dbus_free (rule->d.receive.origin);
+ break;
+ case DBUS_POLICY_RULE_OWN:
+ dbus_free (rule->d.own.service_name);
+ break;
+ }
+
+ dbus_free (rule);
+ }
+}
+
+struct BusPolicy
+{
+ int refcount;
+
+ DBusList *rules;
+};
+
+BusPolicy*
+bus_policy_new (void)
+{
+ BusPolicy *policy;
+
+ policy = dbus_new0 (BusPolicy, 1);
+ if (policy == NULL)
+ return NULL;
+
+ policy->refcount = 1;
+
+ return policy;
+}
+
+void
+bus_policy_ref (BusPolicy *policy)
+{
+ _dbus_assert (policy->refcount > 0);
+
+ policy->refcount += 1;
+}
+
+static void
+rule_unref_foreach (void *data,
+ void *user_data)
+{
+ BusPolicyRule *rule = data;
+
+ bus_policy_rule_unref (rule);
+}
+
+void
+bus_policy_unref (BusPolicy *policy)
+{
+ _dbus_assert (policy->refcount > 0);
+
+ policy->refcount -= 1;
+
+ if (policy->refcount == 0)
+ {
+ _dbus_list_foreach (&policy->rules,
+ rule_unref_foreach,
+ NULL);
+
+ _dbus_list_clear (&policy->rules);
+
+ dbus_free (policy);
+ }
+}
+
+dbus_bool_t
+bus_policy_check_can_send (BusPolicy *policy,
+ DBusConnection *sender,
+ DBusMessage *message)
+{
+
+
+}
+
+dbus_bool_t
+bus_policy_check_can_receive (BusPolicy *policy,
+ DBusConnection *receiver,
+ DBusMessage *message)
+{
+
+
+}
+
+dbus_bool_t
+bus_policy_check_can_own (BusPolicy *policy,
+ DBusConnection *connection,
+ const char *service_name)
+{
+
+
+}
+
+#endif /* BUS_POLICY_H */
diff --git a/bus/policy.h b/bus/policy.h
new file mode 100644
index 00000000..f146c528
--- /dev/null
+++ b/bus/policy.h
@@ -0,0 +1,93 @@
+/* -*- mode: C; c-file-style: "gnu" -*- */
+/* policy.h Policies for what a connection can do
+ *
+ * Copyright (C) 2003 Red Hat, Inc.
+ *
+ * Licensed under the Academic Free License version 1.2
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ */
+
+#ifndef BUS_POLICY_H
+#define BUS_POLICY_H
+
+#include <dbus/dbus.h>
+#include "bus.h"
+
+typedef struct BusPolicy BusPolicy;
+typedef struct BusPolicyRule BusPolicyRule;
+
+typedef enum
+{
+ DBUS_POLICY_RULE_SEND,
+ DBUS_POLICY_RULE_RECEIVE,
+ DBUS_POLICY_RULE_OWN
+} BusPolicyRuleType;
+
+struct BusPolicyRule
+{
+ int refcount;
+
+ BusPolicyRuleType type;
+
+ unsigned int allow : 1; /**< #TRUE if this allows, #FALSE if it denies */
+
+ union
+ {
+ struct
+ {
+ /* either can be NULL meaning "any" */
+ char *message_name;
+ char *destination;
+ } send;
+
+ struct
+ {
+ /* either can be NULL meaning "any" */
+ char *message_name;
+ char *origin;
+ } receive;
+
+ struct
+ {
+ /* can be NULL meaning "any" */
+ char *service_name;
+ } own;
+
+ } d;
+};
+
+BusPolicyRule* bus_policy_rule_new (BusPolicyRuleType type,
+ dbus_bool_t allow);
+void bus_policy_rule_ref (BusPolicyRule *rule);
+void bus_policy_rule_unref (BusPolicyRule *rule);
+
+BusPolicy* bus_policy_new (void);
+void bus_policy_ref (BusPolicy *policy);
+void bus_policy_unref (BusPolicy *policy);
+dbus_bool_t bus_policy_check_can_send (BusPolicy *policy,
+ DBusConnection *sender,
+ DBusMessage *message);
+dbus_bool_t bus_policy_check_can_receive (BusPolicy *policy,
+ DBusConnection *receiver,
+ DBusMessage *message);
+dbus_bool_t bus_policy_check_can_own (BusPolicy *policy,
+ DBusConnection *connection,
+ const char *service_name);
+
+
+
+#endif /* BUS_POLICY_H */
diff --git a/doc/config-file.txt b/doc/config-file.txt
index c78a65b7..c10cd7ad 100644
--- a/doc/config-file.txt
+++ b/doc/config-file.txt
@@ -141,12 +141,6 @@ Elements:
no recipients have been allowed. You have to add
<allow send_to="something"/> to make the policy useful.
-
-
-
-
-
-