static int session_take_control_fn(sd_bus *bus,
sd_bus_message *reply,
void *userdata,
sd_bus_error *ret_error) {
sysview_session *session = userdata;
int r, error;
session->slot_take_control = sd_bus_slot_unref(session->slot_take_control);
if (sd_bus_message_is_method_error(reply, NULL)) {
const sd_bus_error *e = sd_bus_message_get_error(reply);
log_debug("sysview: %s: TakeControl failed: %s: %s",
session->name, e->name, e->message);
error = -sd_bus_error_get_errno(e);
} else {
session->has_control = true;
error = 0;
}
r = context_raise_session_control(session->seat->context, session, error);
if (r < 0)
log_debug_errno(r, "sysview: callback failed while signalling session control '%d' on session '%s': %m",
error, session->name);
return 0;
}
static int session_take_control_fn(sd_bus *bus,
sd_bus_message *reply,
void *userdata,
sd_bus_error *ret_error) {
sysview_session *session = userdata;
int error;
session->slot_take_control = sd_bus_slot_unref(session->slot_take_control);
if (sd_bus_message_is_method_error(reply, NULL)) {
const sd_bus_error *e = sd_bus_message_get_error(reply);
log_debug("sysview: %s: TakeControl failed: %s: %s",
session->name, e->name, e->message);
error = sd_bus_error_get_errno(e);
} else {
session->has_control = true;
error = 0;
}
return context_raise_session_control(session->seat->context, session, error);
}
int bus_verify_polkit_async(
sd_bus_message *call,
int capability,
const char *action,
bool interactive,
Hashmap **registry,
sd_bus_error *error) {
#ifdef ENABLE_POLKIT
_cleanup_bus_message_unref_ sd_bus_message *pk = NULL;
AsyncPolkitQuery *q;
const char *sender;
sd_bus_message_handler_t callback;
void *userdata;
#endif
int r;
assert(call);
assert(action);
assert(registry);
#ifdef ENABLE_POLKIT
q = hashmap_get(*registry, call);
if (q) {
int authorized, challenge;
/* This is the second invocation of this function, and
* there's already a response from polkit, let's
* process it */
assert(q->reply);
if (sd_bus_message_is_method_error(q->reply, NULL)) {
const sd_bus_error *e;
/* Copy error from polkit reply */
e = sd_bus_message_get_error(q->reply);
sd_bus_error_copy(error, e);
/* Treat no PK available as access denied */
if (sd_bus_error_has_name(e, SD_BUS_ERROR_SERVICE_UNKNOWN))
return -EACCES;
return -sd_bus_error_get_errno(e);
}
r = sd_bus_message_enter_container(q->reply, 'r', "bba{ss}");
if (r >= 0)
r = sd_bus_message_read(q->reply, "bb", &authorized, &challenge);
if (r < 0)
return r;
if (authorized)
return 1;
return -EACCES;
}
#endif
r = sd_bus_query_sender_privilege(call, capability);
if (r < 0)
return r;
else if (r > 0)
return 1;
#ifdef ENABLE_POLKIT
if (sd_bus_get_current_message(call->bus) != call)
return -EINVAL;
callback = sd_bus_get_current_handler(call->bus);
if (!callback)
return -EINVAL;
userdata = sd_bus_get_current_userdata(call->bus);
sender = sd_bus_message_get_sender(call);
if (!sender)
return -EBADMSG;
r = hashmap_ensure_allocated(registry, trivial_hash_func, trivial_compare_func);
if (r < 0)
return r;
r = sd_bus_message_new_method_call(
call->bus,
&pk,
"org.freedesktop.PolicyKit1",
"/org/freedesktop/PolicyKit1/Authority",
"org.freedesktop.PolicyKit1.Authority",
"CheckAuthorization");
if (r < 0)
return r;
r = sd_bus_message_append(
pk,
"(sa{sv})sa{ss}us",
"system-bus-name", 1, "name", "s", sender,
action,
0,
interactive ? 1 : 0,
NULL);
if (r < 0)
return r;
q = new0(AsyncPolkitQuery, 1);
if (!q)
return -ENOMEM;
q->request = sd_bus_message_ref(call);
q->callback = callback;
q->userdata = userdata;
r = hashmap_put(*registry, call, q);
if (r < 0) {
async_polkit_query_free(q);
return r;
}
q->registry = *registry;
r = sd_bus_call_async(call->bus, &q->slot, pk, async_polkit_callback, q, 0);
if (r < 0) {
async_polkit_query_free(q);
return r;
}
return 0;
#endif
return -EACCES;
}
int main(int argc, char *argv[]) {
_cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL, second = SD_BUS_ERROR_NULL;
const sd_bus_error const_error = SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_FILE_EXISTS, "const error");
const sd_bus_error temporarily_const_error = {
.name = SD_BUS_ERROR_ACCESS_DENIED,
.message = "oh! no",
._need_free = -1
};
assert_se(!sd_bus_error_is_set(&error));
assert_se(sd_bus_error_set(&error, SD_BUS_ERROR_NOT_SUPPORTED, "xxx") == -ENOTSUP);
assert_se(streq(error.name, SD_BUS_ERROR_NOT_SUPPORTED));
assert_se(streq(error.message, "xxx"));
assert_se(sd_bus_error_has_name(&error, SD_BUS_ERROR_NOT_SUPPORTED));
assert_se(sd_bus_error_get_errno(&error) == ENOTSUP);
assert_se(sd_bus_error_is_set(&error));
sd_bus_error_free(&error);
assert_se(!sd_bus_error_is_set(&error));
assert_se(sd_bus_error_setf(&error, SD_BUS_ERROR_FILE_NOT_FOUND, "yyy %i", -1) == -ENOENT);
assert_se(streq(error.name, SD_BUS_ERROR_FILE_NOT_FOUND));
assert_se(streq(error.message, "yyy -1"));
assert_se(sd_bus_error_has_name(&error, SD_BUS_ERROR_FILE_NOT_FOUND));
assert_se(sd_bus_error_get_errno(&error) == ENOENT);
assert_se(sd_bus_error_is_set(&error));
assert_se(!sd_bus_error_is_set(&second));
assert_se(second._need_free == 0);
assert_se(error._need_free > 0);
assert_se(sd_bus_error_copy(&second, &error) == -ENOENT);
assert_se(second._need_free > 0);
assert_se(streq(error.name, second.name));
assert_se(streq(error.message, second.message));
assert_se(sd_bus_error_get_errno(&second) == ENOENT);
assert_se(sd_bus_error_has_name(&second, SD_BUS_ERROR_FILE_NOT_FOUND));
assert_se(sd_bus_error_is_set(&second));
sd_bus_error_free(&error);
sd_bus_error_free(&second);
assert_se(!sd_bus_error_is_set(&second));
assert_se(const_error._need_free == 0);
assert_se(sd_bus_error_copy(&second, &const_error) == -EEXIST);
assert_se(second._need_free == 0);
assert_se(streq(const_error.name, second.name));
assert_se(streq(const_error.message, second.message));
assert_se(sd_bus_error_get_errno(&second) == EEXIST);
assert_se(sd_bus_error_has_name(&second, SD_BUS_ERROR_FILE_EXISTS));
assert_se(sd_bus_error_is_set(&second));
sd_bus_error_free(&second);
assert_se(!sd_bus_error_is_set(&second));
assert_se(temporarily_const_error._need_free < 0);
assert_se(sd_bus_error_copy(&second, &temporarily_const_error) == -EACCES);
assert_se(second._need_free > 0);
assert_se(streq(temporarily_const_error.name, second.name));
assert_se(streq(temporarily_const_error.message, second.message));
assert_se(sd_bus_error_get_errno(&second) == EACCES);
assert_se(sd_bus_error_has_name(&second, SD_BUS_ERROR_ACCESS_DENIED));
assert_se(sd_bus_error_is_set(&second));
assert_se(!sd_bus_error_is_set(&error));
assert_se(sd_bus_error_set_const(&error, "System.Error.EUCLEAN", "Hallo") == -EUCLEAN);
assert_se(streq(error.name, "System.Error.EUCLEAN"));
assert_se(streq(error.message, "Hallo"));
assert_se(sd_bus_error_has_name(&error, "System.Error.EUCLEAN"));
assert_se(sd_bus_error_get_errno(&error) == EUCLEAN);
assert_se(sd_bus_error_is_set(&error));
sd_bus_error_free(&error);
assert_se(!sd_bus_error_is_set(&error));
assert_se(sd_bus_error_set_errno(&error, EBUSY) == -EBUSY);
assert_se(streq(error.name, "System.Error.EBUSY"));
assert_se(streq(error.message, strerror(EBUSY)));
assert_se(sd_bus_error_has_name(&error, "System.Error.EBUSY"));
assert_se(sd_bus_error_get_errno(&error) == EBUSY);
assert_se(sd_bus_error_is_set(&error));
sd_bus_error_free(&error);
assert_se(!sd_bus_error_is_set(&error));
assert_se(sd_bus_error_set_errnof(&error, EIO, "Waldi %c", 'X') == -EIO);
assert_se(streq(error.name, SD_BUS_ERROR_IO_ERROR));
assert_se(streq(error.message, "Waldi X"));
assert_se(sd_bus_error_has_name(&error, SD_BUS_ERROR_IO_ERROR));
assert_se(sd_bus_error_get_errno(&error) == EIO);
assert_se(sd_bus_error_is_set(&error));
return 0;
}
static void test_error(void) {
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL, second = SD_BUS_ERROR_NULL;
const sd_bus_error const_error = SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_FILE_EXISTS, "const error");
const sd_bus_error temporarily_const_error = {
.name = SD_BUS_ERROR_ACCESS_DENIED,
.message = "oh! no",
._need_free = -1
};
assert_se(!sd_bus_error_is_set(&error));
assert_se(sd_bus_error_set(&error, SD_BUS_ERROR_NOT_SUPPORTED, "xxx") == -EOPNOTSUPP);
assert_se(streq(error.name, SD_BUS_ERROR_NOT_SUPPORTED));
assert_se(streq(error.message, "xxx"));
assert_se(sd_bus_error_has_name(&error, SD_BUS_ERROR_NOT_SUPPORTED));
assert_se(sd_bus_error_get_errno(&error) == EOPNOTSUPP);
assert_se(sd_bus_error_is_set(&error));
sd_bus_error_free(&error);
assert_se(!sd_bus_error_is_set(&error));
assert_se(sd_bus_error_setf(&error, SD_BUS_ERROR_FILE_NOT_FOUND, "yyy %i", -1) == -ENOENT);
assert_se(streq(error.name, SD_BUS_ERROR_FILE_NOT_FOUND));
assert_se(streq(error.message, "yyy -1"));
assert_se(sd_bus_error_has_name(&error, SD_BUS_ERROR_FILE_NOT_FOUND));
assert_se(sd_bus_error_get_errno(&error) == ENOENT);
assert_se(sd_bus_error_is_set(&error));
assert_se(!sd_bus_error_is_set(&second));
assert_se(second._need_free == 0);
assert_se(error._need_free > 0);
assert_se(sd_bus_error_copy(&second, &error) == -ENOENT);
assert_se(second._need_free > 0);
assert_se(streq(error.name, second.name));
assert_se(streq(error.message, second.message));
assert_se(sd_bus_error_get_errno(&second) == ENOENT);
assert_se(sd_bus_error_has_name(&second, SD_BUS_ERROR_FILE_NOT_FOUND));
assert_se(sd_bus_error_is_set(&second));
sd_bus_error_free(&error);
sd_bus_error_free(&second);
assert_se(!sd_bus_error_is_set(&second));
assert_se(const_error._need_free == 0);
assert_se(sd_bus_error_copy(&second, &const_error) == -EEXIST);
assert_se(second._need_free == 0);
assert_se(streq(const_error.name, second.name));
assert_se(streq(const_error.message, second.message));
assert_se(sd_bus_error_get_errno(&second) == EEXIST);
assert_se(sd_bus_error_has_name(&second, SD_BUS_ERROR_FILE_EXISTS));
assert_se(sd_bus_error_is_set(&second));
sd_bus_error_free(&second);
assert_se(!sd_bus_error_is_set(&second));
assert_se(temporarily_const_error._need_free < 0);
assert_se(sd_bus_error_copy(&second, &temporarily_const_error) == -EACCES);
assert_se(second._need_free > 0);
assert_se(streq(temporarily_const_error.name, second.name));
assert_se(streq(temporarily_const_error.message, second.message));
assert_se(sd_bus_error_get_errno(&second) == EACCES);
assert_se(sd_bus_error_has_name(&second, SD_BUS_ERROR_ACCESS_DENIED));
assert_se(sd_bus_error_is_set(&second));
assert_se(!sd_bus_error_is_set(&error));
assert_se(sd_bus_error_set_const(&error, "System.Error.EUCLEAN", "Hallo") == -EUCLEAN);
assert_se(streq(error.name, "System.Error.EUCLEAN"));
assert_se(streq(error.message, "Hallo"));
assert_se(sd_bus_error_has_name(&error, "System.Error.EUCLEAN"));
assert_se(sd_bus_error_get_errno(&error) == EUCLEAN);
assert_se(sd_bus_error_is_set(&error));
sd_bus_error_free(&error);
assert_se(!sd_bus_error_is_set(&error));
assert_se(sd_bus_error_set_errno(&error, EBUSY) == -EBUSY);
assert_se(streq(error.name, "System.Error.EBUSY"));
assert_se(streq(error.message, strerror(EBUSY)));
assert_se(sd_bus_error_has_name(&error, "System.Error.EBUSY"));
assert_se(sd_bus_error_get_errno(&error) == EBUSY);
assert_se(sd_bus_error_is_set(&error));
sd_bus_error_free(&error);
assert_se(!sd_bus_error_is_set(&error));
assert_se(sd_bus_error_set_errnof(&error, EIO, "Waldi %c", 'X') == -EIO);
assert_se(streq(error.name, SD_BUS_ERROR_IO_ERROR));
assert_se(streq(error.message, "Waldi X"));
assert_se(sd_bus_error_has_name(&error, SD_BUS_ERROR_IO_ERROR));
assert_se(sd_bus_error_get_errno(&error) == EIO);
assert_se(sd_bus_error_is_set(&error));
}
extern const sd_bus_error_map __start_BUS_ERROR_MAP[];
extern const sd_bus_error_map __stop_BUS_ERROR_MAP[];
static void dump_mapping_table(void) {
const sd_bus_error_map *m;
printf("----- errno mappings ------\n");
m = __start_BUS_ERROR_MAP;
while (m < __stop_BUS_ERROR_MAP) {
if (m->code == BUS_ERROR_MAP_END_MARKER) {
m = ALIGN8_PTR(m+1);
continue;
}
printf("%s -> %i/%s\n", strna(m->name), m->code, strna(errno_to_name(m->code)));
m ++;
}
printf("---------------------------\n");
}
static void test_errno_mapping_standard(void) {
assert_se(sd_bus_error_set(NULL, "System.Error.EUCLEAN", NULL) == -EUCLEAN);
assert_se(sd_bus_error_set(NULL, "System.Error.EBUSY", NULL) == -EBUSY);
assert_se(sd_bus_error_set(NULL, "System.Error.EINVAL", NULL) == -EINVAL);
assert_se(sd_bus_error_set(NULL, "System.Error.WHATSIT", NULL) == -EIO);
}
int bus_verify_polkit_async(
sd_bus *bus,
Hashmap **registry,
sd_bus_message *m,
const char *action,
bool interactive,
sd_bus_error *error,
sd_bus_message_handler_t callback,
void *userdata) {
#ifdef ENABLE_POLKIT
_cleanup_bus_message_unref_ sd_bus_message *pk = NULL;
AsyncPolkitQuery *q;
#endif
const char *sender;
uid_t uid;
int r;
assert(bus);
assert(registry);
assert(m);
assert(action);
#ifdef ENABLE_POLKIT
q = hashmap_remove(*registry, m);
if (q) {
unsigned authorized, challenge;
/* This is the second invocation of this function, and
* there's already a response from polkit, let's
* process it */
assert(q->reply);
if (sd_bus_message_is_method_error(q->reply, NULL)) {
const sd_bus_error *e;
/* Treat no PK available as access denied */
if (sd_bus_message_is_method_error(q->reply, SD_BUS_ERROR_SERVICE_UNKNOWN)) {
async_polkit_query_free(bus, q);
return -EACCES;
}
e = sd_bus_message_get_error(q->reply);
sd_bus_error_copy(error, e);
r = sd_bus_error_get_errno(e);
async_polkit_query_free(bus, q);
return r;
}
r = sd_bus_message_enter_container(q->reply, 'r', "bba{ss}");
if (r >= 0)
r = sd_bus_message_read(q->reply, "bb", &authorized, &challenge);
async_polkit_query_free(bus, q);
if (r < 0)
return r;
if (authorized)
return 1;
return -EACCES;
}
#endif
sender = sd_bus_message_get_sender(m);
if (!sender)
return -EBADMSG;
r = sd_bus_get_owner_uid(bus, sender, &uid);
if (r < 0)
return r;
if (uid == 0)
return 1;
#ifdef ENABLE_POLKIT
r = hashmap_ensure_allocated(registry, trivial_hash_func, trivial_compare_func);
if (r < 0)
return r;
r = sd_bus_message_new_method_call(
bus,
"org.freedesktop.PolicyKit1",
"/org/freedesktop/PolicyKit1/Authority",
"org.freedesktop.PolicyKit1.Authority",
"CheckAuthorization",
&pk);
if (r < 0)
return r;
r = sd_bus_message_append(
pk,
"(sa{sv})sa{ss}us",
"system-bus-name", 1, "name", "s", sender,
action,
0,
interactive ? 1 : 0,
"");
if (r < 0)
return r;
q = new0(AsyncPolkitQuery, 1);
if (!q)
return -ENOMEM;
q->request = sd_bus_message_ref(m);
q->callback = callback;
q->userdata = userdata;
r = hashmap_put(*registry, m, q);
if (r < 0) {
async_polkit_query_free(bus, q);
return r;
}
r = sd_bus_send_with_reply(bus, pk, async_polkit_callback, q, 0, &q->serial);
if (r < 0)
return r;
return 0;
#endif
return -EACCES;
}
