diff options
| author | Dan Winship <danw@gnome.org> | 2013-11-05 14:48:23 -0500 |
|---|---|---|
| committer | Dan Winship <danw@gnome.org> | 2013-12-03 16:41:00 -0500 |
| commit | a8ef01b2c688cd562d42c41aa7b66867def5e01e (patch) | |
| tree | 306c90d41ad6073ad7a2dfdce3203defbc11f2ff | |
| parent | f3c2851c2bced480e918d83d0b6372ae2c891dfb (diff) | |
| download | NetworkManager-a8ef01b2c688cd562d42c41aa7b66867def5e01e.tar.gz | |
settings: prefer secret agents in the same process as the request
When an activation request requires secrets, if there is a secret
agent in the process that made the request, then prefer that to all
other secret agents.
| -rw-r--r-- | src/nm-auth-subject.c | 6 | ||||
| -rw-r--r-- | src/nm-auth-subject.h | 2 | ||||
| -rw-r--r-- | src/settings/nm-agent-manager.c | 33 | ||||
| -rw-r--r-- | src/settings/nm-secret-agent.c | 8 | ||||
| -rw-r--r-- | src/settings/nm-secret-agent.h | 2 |
5 files changed, 40 insertions, 11 deletions
diff --git a/src/nm-auth-subject.c b/src/nm-auth-subject.c index 66c0d4e63e..e770af49ec 100644 --- a/src/nm-auth-subject.c +++ b/src/nm-auth-subject.c @@ -151,6 +151,12 @@ nm_auth_subject_get_uid (NMAuthSubject *subject) return NM_AUTH_SUBJECT_GET_PRIVATE (subject)->uid; } +gulong +nm_auth_subject_get_pid (NMAuthSubject *subject) +{ + return NM_AUTH_SUBJECT_GET_PRIVATE (subject)->pid; +} + const char * nm_auth_subject_get_dbus_sender (NMAuthSubject *subject) { diff --git a/src/nm-auth-subject.h b/src/nm-auth-subject.h index 8f049a8405..063598902d 100644 --- a/src/nm-auth-subject.h +++ b/src/nm-auth-subject.h @@ -57,6 +57,8 @@ NMAuthSubject *nm_auth_subject_new_internal (void); gulong nm_auth_subject_get_uid (NMAuthSubject *subject); +gulong nm_auth_subject_get_pid (NMAuthSubject *subject); + const char *nm_auth_subject_get_dbus_sender (NMAuthSubject *subject); gboolean nm_auth_subject_get_internal (NMAuthSubject *subject); diff --git a/src/settings/nm-agent-manager.c b/src/settings/nm-agent-manager.c index 23e2283300..2d99a6e06f 100644 --- a/src/settings/nm-agent-manager.c +++ b/src/settings/nm-agent-manager.c @@ -515,16 +515,27 @@ req_complete_error (Request *req, GError *error) } static gint -agent_compare_func (NMSecretAgent *a, NMSecretAgent *b, gpointer user_data) +agent_compare_func (gconstpointer aa, gconstpointer bb, gpointer user_data) { + NMSecretAgent *a = (NMSecretAgent *)aa; + NMSecretAgent *b = (NMSecretAgent *)bb; + Request *req = user_data; gboolean a_active, b_active; - - if (a && !b) - return -1; - else if (a == b) - return 0; - else if (!a && b) - return 1; + gulong a_pid, b_pid, requester; + + /* Prefer agents in the process the request came from */ + requester = nm_auth_subject_get_pid (req->subject); + if (requester != G_MAXULONG) { + a_pid = nm_secret_agent_get_pid (a); + b_pid = nm_secret_agent_get_pid (b); + + if (a_pid != b_pid) { + if (a_pid == requester) + return -1; + else if (b_pid == requester) + return 1; + } + } /* Prefer agents in active sessions */ a_active = nm_session_monitor_uid_active (nm_session_monitor_get (), @@ -575,11 +586,11 @@ request_add_agent (Request *req, NMSecretAgent *agent) nm_secret_agent_get_description (agent), req, req->detail); - /* Add this agent to the list, preferring active sessions */ + /* Add this agent to the list, sorted appropriately */ req->pending = g_slist_insert_sorted_with_data (req->pending, g_object_ref (agent), - (GCompareDataFunc) agent_compare_func, - NULL); + agent_compare_func, + req); } static void diff --git a/src/settings/nm-secret-agent.c b/src/settings/nm-secret-agent.c index 66ddc36a2a..22391cf94f 100644 --- a/src/settings/nm-secret-agent.c +++ b/src/settings/nm-secret-agent.c @@ -145,6 +145,14 @@ nm_secret_agent_get_owner_username (NMSecretAgent *agent) return NM_SECRET_AGENT_GET_PRIVATE (agent)->owner_username; } +gulong +nm_secret_agent_get_pid (NMSecretAgent *agent) +{ + g_return_val_if_fail (NM_IS_SECRET_AGENT (agent), G_MAXULONG); + + return nm_auth_subject_get_pid (NM_SECRET_AGENT_GET_PRIVATE (agent)->subject); +} + NMSecretAgentCapabilities nm_secret_agent_get_capabilities (NMSecretAgent *agent) { diff --git a/src/settings/nm-secret-agent.h b/src/settings/nm-secret-agent.h index b75f7177db..69699af1a5 100644 --- a/src/settings/nm-secret-agent.h +++ b/src/settings/nm-secret-agent.h @@ -71,6 +71,8 @@ gulong nm_secret_agent_get_owner_uid (NMSecretAgent *agent); const char *nm_secret_agent_get_owner_username (NMSecretAgent *agent); +gulong nm_secret_agent_get_pid (NMSecretAgent *agent); + NMSecretAgentCapabilities nm_secret_agent_get_capabilities (NMSecretAgent *agent); guint32 nm_secret_agent_get_hash (NMSecretAgent *agent); |