diff options
-rw-r--r-- | src/modules/module-access.c | 2 | ||||
-rw-r--r-- | src/pulsecore/access.h | 6 | ||||
-rw-r--r-- | src/pulsecore/core.c | 20 | ||||
-rw-r--r-- | src/pulsecore/core.h | 2 | ||||
-rw-r--r-- | src/pulsecore/protocol-native.c | 92 |
5 files changed, 111 insertions, 11 deletions
diff --git a/src/modules/module-access.c b/src/modules/module-access.c index aeaf0982f..39e2f0e04 100644 --- a/src/modules/module-access.c +++ b/src/modules/module-access.c @@ -152,7 +152,7 @@ static void timeout_cb(pa_mainloop_api*a, pa_time_event* e, const struct timeval /* this should be granted or denied */ cd->cached[d->hook].granted = true; - d->async_finish_cb (d, cd->cached[d->hook].granted); + d->complete_cb (d, cd->cached[d->hook].granted); } static client_data * client_data_new(struct userdata *u, uint32_t index, uint32_t policy) { diff --git a/src/pulsecore/access.h b/src/pulsecore/access.h index a4ed56139..534f66c4f 100644 --- a/src/pulsecore/access.h +++ b/src/pulsecore/access.h @@ -26,6 +26,7 @@ #include <pulsecore/client.h> typedef enum pa_access_hook { + PA_ACCESS_HOOK_NONE = 0, /* context */ PA_ACCESS_HOOK_VIEW_SERVER, PA_ACCESS_HOOK_EXIT_DAEMON, @@ -80,7 +81,7 @@ typedef enum pa_access_hook { PA_ACCESS_HOOK_PLAY_SAMPLE, PA_ACCESS_HOOK_PLAY_FILE, - /* stream */ + /* async */ PA_ACCESS_HOOK_CONNECT_UPLOAD, PA_ACCESS_HOOK_CONNECT_PLAYBACK, PA_ACCESS_HOOK_CONNECT_RECORD, @@ -98,8 +99,7 @@ struct pa_access_data { uint32_t object_index; pa_subscription_event_type_t event; const char *name; - - void (*async_finish_cb) (pa_access_data *data, bool res); + void (*complete_cb) (pa_access_data *data, bool res); }; #endif diff --git a/src/pulsecore/core.c b/src/pulsecore/core.c index 4acc14a61..eec97d1c4 100644 --- a/src/pulsecore/core.c +++ b/src/pulsecore/core.c @@ -333,11 +333,11 @@ pa_mempool* pa_core_new_mempool(pa_core *c, pa_mem_type_t shm_type, bool per_cli return pa_mempool_new(shm_type, c->shm_size, per_client); } -/* FIXME: Should these be taking a ref during the copy? */ - bool pa_core_check_access_sync(pa_core *c, pa_client *client, pa_access_hook_t hook, uint32_t idx, pa_subscription_event_type_t event, const char *name) { pa_access_data data; + pa_assert(c); + if (client == NULL) return true; @@ -346,11 +346,25 @@ bool pa_core_check_access_sync(pa_core *c, pa_client *client, pa_access_hook_t h data.object_index = idx; data.event = event; data.name = name; - data.async_finish_cb = NULL; + data.complete_cb = NULL; return pa_hook_fire(&c->access[data.hook], &data) == PA_HOOK_OK; } +pa_hook_result_t pa_core_check_access(pa_core *c, pa_client *client, pa_access_data *data) { + pa_assert(c); + pa_assert(data); + + if (client == NULL) + return PA_HOOK_OK; + + data->client_index = client->index; + + return pa_hook_fire(&c->access[data->hook], data); +} + +/* FIXME: Should these be taking a ref during the copy? */ + pa_idxset* pa_core_get_modules(pa_core *c, pa_client *client) { pa_idxset *s; uint32_t idx; diff --git a/src/pulsecore/core.h b/src/pulsecore/core.h index d7c14911e..fcb1b1a91 100644 --- a/src/pulsecore/core.h +++ b/src/pulsecore/core.h @@ -194,4 +194,6 @@ uint32_t pa_core_get_cookie(pa_core *c); bool pa_core_check_access_sync(pa_core *c, pa_client *client, pa_access_hook_t hook, uint32_t idx, pa_subscription_event_type_t event, const char *name); +pa_hook_result_t pa_core_check_access(pa_core *c, pa_client *client, pa_access_data *data); + #endif diff --git a/src/pulsecore/protocol-native.c b/src/pulsecore/protocol-native.c index 05bcb3b2f..f427d8ab5 100644 --- a/src/pulsecore/protocol-native.c +++ b/src/pulsecore/protocol-native.c @@ -45,6 +45,7 @@ #include <pulsecore/pdispatch.h> #include <pulsecore/pstream-util.h> #include <pulsecore/namereg.h> +#include <pulsecore/access.h> #include <pulsecore/core-scache.h> #include <pulsecore/core-subscribe.h> #include <pulsecore/log.h> @@ -4849,14 +4850,97 @@ static void command_set_port_latency_offset(pa_pdispatch *pd, uint32_t command, pa_pstream_send_simple_ack(c->pstream, tag); } +typedef struct pa_protocol_native_access_data { + pa_access_data d; + + pa_pdispatch *pd; + uint32_t command; + uint32_t tag; + pa_tagstruct *tc; + void *userdata; +} pa_protocol_native_access_data; + +static const pa_pdispatch_cb_t access_ok_table[PA_COMMAND_MAX] = { + [PA_COMMAND_CREATE_PLAYBACK_STREAM] = command_create_playback_stream, + [PA_COMMAND_CREATE_RECORD_STREAM] = command_create_record_stream, + [PA_COMMAND_CREATE_UPLOAD_STREAM] = command_create_upload_stream, + [PA_COMMAND_STAT] = command_stat, +}; + +static void check_access_finish_cb(pa_access_data *data, bool res) { + pa_protocol_native_access_data *d = (pa_protocol_native_access_data *) data; + pa_native_connection *c = PA_NATIVE_CONNECTION(d->userdata); + uint32_t command, tag; + + if (!res || pa_tagstruct_getu32(d->tc, &command) < 0 || + pa_tagstruct_getu32(d->tc, &tag) < 0 || + command != d->command || tag != d->tag) { + pa_pstream_send_error(c->pstream, d->tag, PA_ERR_ACCESS); + goto finish; + } + + /* call the dispatcher again, hopefully this time, the access check will + * fail or succeed immediately */ + access_ok_table[d->command](d->pd, d->command, d->tag, d->tc, d->userdata); + +finish: + if (d->pd) + pa_pdispatch_unref(d->pd); + if (d->tc) + pa_tagstruct_free(d->tc); + pa_xfree(d); +} + +static const pa_access_hook_t access_table[PA_COMMAND_MAX] = { + [PA_COMMAND_CREATE_PLAYBACK_STREAM] = PA_ACCESS_HOOK_CONNECT_PLAYBACK, + [PA_COMMAND_CREATE_RECORD_STREAM] = PA_ACCESS_HOOK_CONNECT_RECORD, + [PA_COMMAND_CREATE_UPLOAD_STREAM] = PA_ACCESS_HOOK_CONNECT_UPLOAD, + [PA_COMMAND_STAT] = PA_ACCESS_HOOK_STAT, +}; + +static void check_command_access(pa_pdispatch *pd, uint32_t command, uint32_t tag, pa_tagstruct *t, void *userdata) { + pa_native_connection *c = PA_NATIVE_CONNECTION(userdata); + pa_protocol_native_access_data *data; + pa_hook_result_t res; + + pa_native_connection_assert_ref(c); + + if (access_table[command] == 0) { + pa_pstream_send_error(c->pstream, tag, PA_ERR_ACCESS); + return; + } + + data = pa_xnew0 (pa_protocol_native_access_data, 1); + data->d.client_index = c->client->index; + data->d.object_index = PA_INVALID_INDEX; + data->d.event = 0; + data->d.name = NULL; + data->d.hook = access_table[command]; + + res = pa_core_check_access(c->protocol->core, c->client, &data->d); + if (res == PA_HOOK_CANCEL) { + /* async */ + data->d.complete_cb = check_access_finish_cb; + data->pd = pd ? pa_pdispatch_ref (pd) : NULL; + data->command = command; + data->tag = tag; + data->tc = t ? pa_tagstruct_copy (t) : NULL; + data->userdata = userdata; + } else { + pa_xfree(data); + access_ok_table[command](pd, command, tag, t, userdata); + } +} + + static const pa_pdispatch_cb_t command_table[PA_COMMAND_MAX] = { [PA_COMMAND_ERROR] = NULL, [PA_COMMAND_TIMEOUT] = NULL, [PA_COMMAND_REPLY] = NULL, - [PA_COMMAND_CREATE_PLAYBACK_STREAM] = command_create_playback_stream, + [PA_COMMAND_CREATE_PLAYBACK_STREAM] = check_command_access, [PA_COMMAND_DELETE_PLAYBACK_STREAM] = command_delete_stream, [PA_COMMAND_DRAIN_PLAYBACK_STREAM] = command_drain_playback_stream, - [PA_COMMAND_CREATE_RECORD_STREAM] = command_create_record_stream, + [PA_COMMAND_CREATE_RECORD_STREAM] = check_command_access, [PA_COMMAND_DELETE_RECORD_STREAM] = command_delete_stream, [PA_COMMAND_AUTH] = command_auth, [PA_COMMAND_REQUEST] = NULL, @@ -4864,10 +4948,10 @@ static const pa_pdispatch_cb_t command_table[PA_COMMAND_MAX] = { [PA_COMMAND_SET_CLIENT_NAME] = command_set_client_name, [PA_COMMAND_LOOKUP_SINK] = command_lookup, [PA_COMMAND_LOOKUP_SOURCE] = command_lookup, - [PA_COMMAND_STAT] = command_stat, + [PA_COMMAND_STAT] = check_command_access, [PA_COMMAND_GET_PLAYBACK_LATENCY] = command_get_playback_latency, [PA_COMMAND_GET_RECORD_LATENCY] = command_get_record_latency, - [PA_COMMAND_CREATE_UPLOAD_STREAM] = command_create_upload_stream, + [PA_COMMAND_CREATE_UPLOAD_STREAM] = check_command_access, [PA_COMMAND_DELETE_UPLOAD_STREAM] = command_delete_stream, [PA_COMMAND_FINISH_UPLOAD_STREAM] = command_finish_upload_stream, [PA_COMMAND_PLAY_SAMPLE] = command_play_sample, |