diff options
| author | Thomas Haller <thaller@redhat.com> | 2015-08-18 11:56:17 +0200 |
|---|---|---|
| committer | Thomas Haller <thaller@redhat.com> | 2015-08-18 12:08:11 +0200 |
| commit | 3dfbbb227e82b47973f612b6b031d8d591727436 (patch) | |
| tree | 2d1fae864d66926922f04a8fbfa967065e870595 | |
| parent | bafc26d008d7fad44d0dd0b53611c5ddc98fc04b (diff) | |
| download | NetworkManager-3dfbbb227e82b47973f612b6b031d8d591727436.tar.gz | |
libnm: require exact vpn plugin filename
Originally, nm-applet loaded the vpn plugins by passing the filename
to g_module_open(). Thereby, g_module_open() allowed for missing file
extension and tries to complete the name with a system-dependent suffix.
When porting to libnm, we kept that behavior but did more elaborate
checks on the file, like checking owner and permissions.
Change to no longer trying to append the system suffix, but require
an exact path. That is no usability problem, because the plugin path
is specified in the .name files, and we just require them now to be the
full path (including the .so extension).
Note also, that this only affects new, libnm-based vpn plugins, thus there
is no change in behavior for legacy libnm-glib based plugins.
Fixes: eed0d0c58f7f13638eb587e240737048d729cb68
| -rw-r--r-- | libnm-core/nm-core-internal.h | 10 | ||||
| -rw-r--r-- | libnm-core/nm-utils.c | 71 | ||||
| -rw-r--r-- | libnm-core/nm-vpn-editor-plugin.c | 17 |
3 files changed, 26 insertions, 72 deletions
diff --git a/libnm-core/nm-core-internal.h b/libnm-core/nm-core-internal.h index 8028283ead..957970b37e 100644 --- a/libnm-core/nm-core-internal.h +++ b/libnm-core/nm-core-internal.h @@ -143,11 +143,11 @@ gboolean _nm_utils_check_file (const char *filename, struct stat *out_st, GError **error); -char *_nm_utils_check_module_file (const char *name, - int check_owner, - NMUtilsCheckFilePredicate check_file, - gpointer user_data, - GError **error); +gboolean _nm_utils_check_module_file (const char *name, + int check_owner, + NMUtilsCheckFilePredicate check_file, + gpointer user_data, + GError **error); #define NM_UTILS_UUID_TYPE_LEGACY 0 #define NM_UTILS_UUID_TYPE_VARIANT3 1 diff --git a/libnm-core/nm-utils.c b/libnm-core/nm-utils.c index 4c8478557c..8b44a32bc8 100644 --- a/libnm-core/nm-utils.c +++ b/libnm-core/nm-utils.c @@ -2501,87 +2501,46 @@ _nm_utils_check_file (const char *filename, } -static char * -_resolve_module_file_name (const char *file_name) -{ - char *name = NULL; - - /* g_module_open() is searching for the exact file to load, - * but it doesn't give us a hook to check file permissions - * and ownership. Reimplement the file name resolution. - * - * Copied from g_module_open(). */ - - /* check whether we have a readable file right away */ - if (g_file_test (file_name, G_FILE_TEST_IS_REGULAR)) - name = g_strdup (file_name); - - /* try completing file name with standard library suffix */ - if ( !name - && !g_str_has_suffix (file_name, "." G_MODULE_SUFFIX)) { - name = g_strconcat (file_name, "." G_MODULE_SUFFIX, NULL); - if (!g_file_test (name, G_FILE_TEST_IS_REGULAR)) { - g_free (name); - name = NULL; - } - } - - /* g_module_open() would also try appending ".la". We don't do that - * because we require the user to specify a shared library (directly). */ - - return name; -} - -char * +gboolean _nm_utils_check_module_file (const char *name, int check_owner, NMUtilsCheckFilePredicate check_file, gpointer user_data, GError **error) { - gs_free char *name_resolved = NULL; - char *s; - if (!g_path_is_absolute (name)) { g_set_error (error, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_FAILED, _("path is not absolute (%s)"), name); - return NULL; + return FALSE; } - name_resolved = _resolve_module_file_name (name); - - if (!name_resolved) { + /* check whether we have a readable file right away */ + if (!g_file_test (name, G_FILE_TEST_IS_REGULAR)) { g_set_error (error, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_FAILED, - _("could not resolve plugin path (%s)"), name); - return NULL; + _("could not find plugin (%s)"), name); + return FALSE; } - if (g_str_has_suffix (name_resolved, ".la")) { + if (g_str_has_suffix (name, ".la")) { /* g_module_open() treats files that end with .la special. * We don't want to parse the libtool archive. Just error out. */ g_set_error (error, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_FAILED, - _("libtool archives are not supported (%s)"), name_resolved); - return NULL; - } - - if (!_nm_utils_check_file (name_resolved, - check_owner, - check_file, - user_data, - NULL, - error)) { - return NULL; + _("libtool archives are not supported (%s)"), name); + return FALSE; } - s = name_resolved; - name_resolved = NULL; - return s; + return _nm_utils_check_file (name, + check_owner, + check_file, + user_data, + NULL, + error); } /**********************************************************************************************/ diff --git a/libnm-core/nm-vpn-editor-plugin.c b/libnm-core/nm-vpn-editor-plugin.c index fd79fd3bcd..80200f41a8 100644 --- a/libnm-core/nm-vpn-editor-plugin.c +++ b/libnm-core/nm-vpn-editor-plugin.c @@ -119,17 +119,12 @@ nm_vpn_editor_plugin_load_from_file (const char *plugin_filename, g_return_val_if_fail (plugin_filename && *plugin_filename, NULL); - if (g_path_is_absolute (plugin_filename)) { - gs_free char *module_filename = NULL; - - module_filename = _nm_utils_check_module_file (plugin_filename, - check_owner, - check_file, - user_data, - &local); - if (module_filename) - module = g_module_open (module_filename, G_MODULE_BIND_LAZY | G_MODULE_BIND_LOCAL); - } + if (_nm_utils_check_module_file (plugin_filename, + check_owner, + check_file, + user_data, + &local)) + module = g_module_open (plugin_filename, G_MODULE_BIND_LAZY | G_MODULE_BIND_LOCAL); if (!module) { if (local) { |