diff --git a/src/bus/policy.c b/src/bus/policy.c index d00a5d28..b175a4c3 100644 --- a/src/bus/policy.c +++ b/src/bus/policy.c @@ -450,15 +450,14 @@ static int policy_registry_import_batch(PolicyRegistry *registry, c_dvar_read(v, "]["); while (c_dvar_more(v)) { - c_dvar_read(v, "(btssssub)", + c_dvar_read(v, "(btssssu)", &verdict.verdict, &verdict.priority, &name_str, &path, &interface, &member, - &type, - NULL); + &type); r = policy_batch_add_send(batch, name_str, @@ -474,15 +473,14 @@ static int policy_registry_import_batch(PolicyRegistry *registry, c_dvar_read(v, "]["); while (c_dvar_more(v)) { - c_dvar_read(v, "(btssssub)", + c_dvar_read(v, "(btssssu)", &verdict.verdict, &verdict.priority, &name_str, &path, &interface, &member, - &type, - NULL); + &type); r = policy_batch_add_recv(batch, name_str, diff --git a/src/dbus/message.c b/src/dbus/message.c index 3fd23a64..76787db2 100644 --- a/src/dbus/message.c +++ b/src/dbus/message.c @@ -432,8 +432,7 @@ int message_parse_metadata(Message *message) { /* * Now that the header is validated, we read through the message body. * Again, this is required for compatibility with dbus-daemon(1), but - * also to fetch the arguments for match-filters used by eavesdropping - * and common broadcasts. + * also to fetch the arguments for match-filters used by broadcasts. */ r = message_parse_body(message, &message->metadata); if (r) diff --git a/src/launch/policy.c b/src/launch/policy.c index 0e4279e5..39bd9e81 100644 --- a/src/launch/policy.c +++ b/src/launch/policy.c @@ -463,6 +463,16 @@ static int policy_import_send(Policy *policy, ConfigNode *cnode) { return 0; } + if (cnode->allow_deny.eavesdrop == CONFIG_TRISTATE_YES) { + if (cnode->type == CONFIG_NODE_ALLOW) + /* Ignore the attribute, but keep the rule, it also applies when not eavesdropping. */ + fprintf(stderr, "Policy to allow eavesdropping in %s +%lu: Eavesdropping is deprecated and ignored\n", + cnode->file, cnode->lineno); + else if (cnode->type == CONFIG_NODE_DENY) + /* The rule applies only when eavesdropping, drop it. */ + return 0; + } + r = policy_record_new_xmit(&record); if (r) return error_trace(r); @@ -474,7 +484,6 @@ static int policy_import_send(Policy *policy, ConfigNode *cnode) { record->xmit.interface = cnode->allow_deny.send_interface; record->xmit.member = cnode->allow_deny.send_member; record->xmit.type = cnode->allow_deny.send_type; - record->xmit.eavesdrop = (cnode->allow_deny.eavesdrop == CONFIG_TRISTATE_YES); policy_record_xmit_trim(record); if (cnode->parent->policy.context == CONFIG_POLICY_USER) { @@ -547,6 +556,16 @@ static int policy_import_recv(Policy *policy, ConfigNode *cnode) { return 0; } + if (cnode->allow_deny.eavesdrop == CONFIG_TRISTATE_YES) { + if (cnode->type == CONFIG_NODE_ALLOW) + /* Ignore the attribute, but keep the rule, it also applies when not eavesdropping. */ + fprintf(stderr, "Policy to allow eavesdropping in %s +%lu: Eavesdropping is deprecated and ignored\n", + cnode->file, cnode->lineno); + else if (cnode->type == CONFIG_NODE_DENY) + /* The rule applies only when eavesdropping, drop it. */ + return 0; + } + r = policy_record_new_xmit(&record); if (r) return error_trace(r); @@ -558,7 +577,6 @@ static int policy_import_recv(Policy *policy, ConfigNode *cnode) { record->xmit.interface = cnode->allow_deny.recv_interface; record->xmit.member = cnode->allow_deny.recv_member; record->xmit.type = cnode->allow_deny.recv_type; - record->xmit.eavesdrop = (cnode->allow_deny.eavesdrop == CONFIG_TRISTATE_YES); policy_record_xmit_trim(record); if (cnode->parent->policy.context == CONFIG_POLICY_USER) { @@ -856,22 +874,21 @@ static int policy_export_xmit(Policy *policy, CList *list1, CList *list2, sd_bus PolicyRecord *i_record; int r; - r = sd_bus_message_open_container(m, 'a', "(btssssub)"); + r = sd_bus_message_open_container(m, 'a', "(btssssu)"); if (r < 0) return error_origin(r); if (list1) { c_list_for_each_entry(i_record, list1, link) { r = sd_bus_message_append(m, - "(btssssub)", + "(btssssu)", i_record->verdict, i_record->priority, i_record->xmit.name, i_record->xmit.path, i_record->xmit.interface, i_record->xmit.member, - i_record->xmit.type, - i_record->xmit.eavesdrop); + i_record->xmit.type); if (r < 0) return error_origin(r); } @@ -880,15 +897,14 @@ static int policy_export_xmit(Policy *policy, CList *list1, CList *list2, sd_bus if (list2) { c_list_for_each_entry(i_record, list2, link) { r = sd_bus_message_append(m, - "(btssssub)", + "(btssssu)", i_record->verdict, i_record->priority, i_record->xmit.name, i_record->xmit.path, i_record->xmit.interface, i_record->xmit.member, - i_record->xmit.type, - i_record->xmit.eavesdrop); + i_record->xmit.type); if (r < 0) return error_origin(r); } @@ -904,8 +920,8 @@ static int policy_export_xmit(Policy *policy, CList *list1, CList *list2, sd_bus #define POLICY_T_BATCH \ "bt" \ "a(btbs)" \ - "a(btssssub)" \ - "a(btssssub)" + "a(btssssu)" \ + "a(btssssu)" #define POLICY_T \ "(" POLICY_T_BATCH ")" \ diff --git a/src/launch/policy.h b/src/launch/policy.h index 7e21de27..91cc1279 100644 --- a/src/launch/policy.h +++ b/src/launch/policy.h @@ -34,7 +34,6 @@ struct PolicyRecord { const char *interface; const char *member; unsigned int type; - bool eavesdrop; } xmit; struct { diff --git a/test/dbus/util-broker.c b/test/dbus/util-broker.c index 5ae48a22..e56c0fb8 100644 --- a/test/dbus/util-broker.c +++ b/test/dbus/util-broker.c @@ -48,8 +48,8 @@ static int util_event_sigchld(sd_event_source *source, const siginfo_t *si, void #define POLICY_T_BATCH \ "bt" \ "a(btbs)" \ - "a(btssssub)" \ - "a(btssssub)" + "a(btssssu)" \ + "a(btssssu)" #define POLICY_T \ "(" POLICY_T_BATCH ")" \ @@ -79,11 +79,11 @@ static int util_append_policy(sd_bus_message *m) { * - allow all recvs */ r = sd_bus_message_append(m, - "bt" "a(btbs)" "a(btssssub)" "a(btssssub)", + "bt" "a(btbs)" "a(btssssu)" "a(btssssu)", true, UINT64_C(1), 1, true, UINT64_C(1), true, "", - 1, true, UINT64_C(1), "", "", "", "", 0, false, - 1, true, UINT64_C(1), "", "", "", "", 0, false); + 1, true, UINT64_C(1), "", "", "", "", 0, + 1, true, UINT64_C(1), "", "", "", "", 0); r = sd_bus_message_close_container(m); assert(r >= 0);