settings: prefer secret agents in the same process as the request
When an activation request requires secrets, if there is a secret agent in the process that made the request, then prefer that to all other secret agents.
This commit is contained in:
Dan Winship
@@ -151,6 +151,12 @@ nm_auth_subject_get_uid (NMAuthSubject *subject)
|
||||
return NM_AUTH_SUBJECT_GET_PRIVATE (subject)->uid;
|
||||
}
|
||||
|
||||
gulong
|
||||
nm_auth_subject_get_pid (NMAuthSubject *subject)
|
||||
{
|
||||
return NM_AUTH_SUBJECT_GET_PRIVATE (subject)->pid;
|
||||
}
|
||||
|
||||
const char *
|
||||
nm_auth_subject_get_dbus_sender (NMAuthSubject *subject)
|
||||
{
|
||||
|
||||
@@ -57,6 +57,8 @@ NMAuthSubject *nm_auth_subject_new_internal (void);
|
||||
|
||||
gulong nm_auth_subject_get_uid (NMAuthSubject *subject);
|
||||
|
||||
gulong nm_auth_subject_get_pid (NMAuthSubject *subject);
|
||||
|
||||
const char *nm_auth_subject_get_dbus_sender (NMAuthSubject *subject);
|
||||
|
||||
gboolean nm_auth_subject_get_internal (NMAuthSubject *subject);
|
||||
|
||||
@@ -515,16 +515,27 @@ req_complete_error (Request *req, GError *error)
|
||||
}
|
||||
|
||||
static gint
|
||||
agent_compare_func (NMSecretAgent *a, NMSecretAgent *b, gpointer user_data)
|
||||
agent_compare_func (gconstpointer aa, gconstpointer bb, gpointer user_data)
|
||||
{
|
||||
NMSecretAgent *a = (NMSecretAgent *)aa;
|
||||
NMSecretAgent *b = (NMSecretAgent *)bb;
|
||||
Request *req = user_data;
|
||||
gboolean a_active, b_active;
|
||||
gulong a_pid, b_pid, requester;
|
||||
|
||||
if (a && !b)
|
||||
return -1;
|
||||
else if (a == b)
|
||||
return 0;
|
||||
else if (!a && b)
|
||||
return 1;
|
||||
/* Prefer agents in the process the request came from */
|
||||
requester = nm_auth_subject_get_pid (req->subject);
|
||||
if (requester != G_MAXULONG) {
|
||||
a_pid = nm_secret_agent_get_pid (a);
|
||||
b_pid = nm_secret_agent_get_pid (b);
|
||||
|
||||
if (a_pid != b_pid) {
|
||||
if (a_pid == requester)
|
||||
return -1;
|
||||
else if (b_pid == requester)
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
|
||||
/* Prefer agents in active sessions */
|
||||
a_active = nm_session_monitor_uid_active (nm_session_monitor_get (),
|
||||
@@ -575,11 +586,11 @@ request_add_agent (Request *req, NMSecretAgent *agent)
|
||||
nm_secret_agent_get_description (agent),
|
||||
req, req->detail);
|
||||
|
||||
/* Add this agent to the list, preferring active sessions */
|
||||
/* Add this agent to the list, sorted appropriately */
|
||||
req->pending = g_slist_insert_sorted_with_data (req->pending,
|
||||
g_object_ref (agent),
|
||||
(GCompareDataFunc) agent_compare_func,
|
||||
NULL);
|
||||
agent_compare_func,
|
||||
req);
|
||||
}
|
||||
|
||||
static void
|
||||
|
||||
@@ -145,6 +145,14 @@ nm_secret_agent_get_owner_username (NMSecretAgent *agent)
|
||||
return NM_SECRET_AGENT_GET_PRIVATE (agent)->owner_username;
|
||||
}
|
||||
|
||||
gulong
|
||||
nm_secret_agent_get_pid (NMSecretAgent *agent)
|
||||
{
|
||||
g_return_val_if_fail (NM_IS_SECRET_AGENT (agent), G_MAXULONG);
|
||||
|
||||
return nm_auth_subject_get_pid (NM_SECRET_AGENT_GET_PRIVATE (agent)->subject);
|
||||
}
|
||||
|
||||
NMSecretAgentCapabilities
|
||||
nm_secret_agent_get_capabilities (NMSecretAgent *agent)
|
||||
{
|
||||
|
||||
@@ -71,6 +71,8 @@ gulong nm_secret_agent_get_owner_uid (NMSecretAgent *agent);
|
||||
|
||||
const char *nm_secret_agent_get_owner_username (NMSecretAgent *agent);
|
||||
|
||||
gulong nm_secret_agent_get_pid (NMSecretAgent *agent);
|
||||
|
||||
NMSecretAgentCapabilities nm_secret_agent_get_capabilities (NMSecretAgent *agent);
|
||||
|
||||
guint32 nm_secret_agent_get_hash (NMSecretAgent *agent);
|
||||
|
||||
Reference in New Issue
Block a user