colin/NetworkManager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

settings: prefer secret agents in the same process as the request

Browse Source 
When an activation request requires secrets, if there is a secret
agent in the process that made the request, then prefer that to all
other secret agents.
This commit is contained in:
Dan Winship
2013-11-05 14:48:23 -05:00
parent f3c2851c2b
commit a8ef01b2c6
5 changed files with 39 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/nm-auth-subject.c
View File

@@ -151,6 +151,12 @@ nm_auth_subject_get_uid (NMAuthSubject *subject)
return NM_AUTH_SUBJECT_GET_PRIVATE (subject)->uid; return NM_AUTH_SUBJECT_GET_PRIVATE (subject)->uid;
} }
gulong
nm_auth_subject_get_pid (NMAuthSubject *subject)
{
return NM_AUTH_SUBJECT_GET_PRIVATE (subject)->pid;
}
const char * const char *
nm_auth_subject_get_dbus_sender (NMAuthSubject *subject) nm_auth_subject_get_dbus_sender (NMAuthSubject *subject)
{ {

2
src/nm-auth-subject.h
View File

@@ -57,6 +57,8 @@ NMAuthSubject *nm_auth_subject_new_internal (void);
gulong nm_auth_subject_get_uid (NMAuthSubject *subject); gulong nm_auth_subject_get_uid (NMAuthSubject *subject);
gulong nm_auth_subject_get_pid (NMAuthSubject *subject);
const char *nm_auth_subject_get_dbus_sender (NMAuthSubject *subject); const char *nm_auth_subject_get_dbus_sender (NMAuthSubject *subject);
gboolean nm_auth_subject_get_internal (NMAuthSubject *subject); gboolean nm_auth_subject_get_internal (NMAuthSubject *subject);

31
src/settings/nm-agent-manager.c
View File

@@ -515,16 +515,27 @@ req_complete_error (Request *req, GError *error)
} }
static gint static gint
agent_compare_func (NMSecretAgent *a, NMSecretAgent *b, gpointer user_data) agent_compare_func (gconstpointer aa, gconstpointer bb, gpointer user_data)
{ {
NMSecretAgent *a = (NMSecretAgent *)aa;
NMSecretAgent *b = (NMSecretAgent *)bb;
Request *req = user_data;
gboolean a_active, b_active; gboolean a_active, b_active;
gulong a_pid, b_pid, requester;
if (a && !b) /* Prefer agents in the process the request came from */
return -1; requester = nm_auth_subject_get_pid (req->subject);
else if (a == b) if (requester != G_MAXULONG) {
return 0; a_pid = nm_secret_agent_get_pid (a);
else if (!a && b) b_pid = nm_secret_agent_get_pid (b);
return 1;
if (a_pid != b_pid) {
if (a_pid == requester)
return -1;
else if (b_pid == requester)
return 1;
}
}
/* Prefer agents in active sessions */ /* Prefer agents in active sessions */
a_active = nm_session_monitor_uid_active (nm_session_monitor_get (), a_active = nm_session_monitor_uid_active (nm_session_monitor_get (),
@@ -575,11 +586,11 @@ request_add_agent (Request *req, NMSecretAgent *agent)
nm_secret_agent_get_description (agent), nm_secret_agent_get_description (agent),
req, req->detail); req, req->detail);
/* Add this agent to the list, preferring active sessions */ /* Add this agent to the list, sorted appropriately */
req->pending = g_slist_insert_sorted_with_data (req->pending, req->pending = g_slist_insert_sorted_with_data (req->pending,
g_object_ref (agent), g_object_ref (agent),
(GCompareDataFunc) agent_compare_func, agent_compare_func,
NULL); req);
} }
static void static void

8
src/settings/nm-secret-agent.c
View File

@@ -145,6 +145,14 @@ nm_secret_agent_get_owner_username (NMSecretAgent *agent)
return NM_SECRET_AGENT_GET_PRIVATE (agent)->owner_username; return NM_SECRET_AGENT_GET_PRIVATE (agent)->owner_username;
} }
gulong
nm_secret_agent_get_pid (NMSecretAgent *agent)
{
g_return_val_if_fail (NM_IS_SECRET_AGENT (agent), G_MAXULONG);
return nm_auth_subject_get_pid (NM_SECRET_AGENT_GET_PRIVATE (agent)->subject);
}
NMSecretAgentCapabilities NMSecretAgentCapabilities
nm_secret_agent_get_capabilities (NMSecretAgent *agent) nm_secret_agent_get_capabilities (NMSecretAgent *agent)
{ {

2
src/settings/nm-secret-agent.h
View File

@@ -71,6 +71,8 @@ gulong nm_secret_agent_get_owner_uid (NMSecretAgent *agent);
const char *nm_secret_agent_get_owner_username (NMSecretAgent *agent); const char *nm_secret_agent_get_owner_username (NMSecretAgent *agent);
gulong nm_secret_agent_get_pid (NMSecretAgent *agent);
NMSecretAgentCapabilities nm_secret_agent_get_capabilities (NMSecretAgent *agent); NMSecretAgentCapabilities nm_secret_agent_get_capabilities (NMSecretAgent *agent);
guint32 nm_secret_agent_get_hash (NMSecretAgent *agent); guint32 nm_secret_agent_get_hash (NMSecretAgent *agent);