diff options
author | Thomas Haller <thaller@redhat.com> | 2019-12-23 11:02:30 +0100 |
---|---|---|
committer | Thomas Haller <thaller@redhat.com> | 2019-12-31 02:13:45 +0100 |
commit | d4a821d53ebd9b75dd992d13cc1a68da919d4ee8 (patch) | |
tree | 4522212554a7d853be0c7eee2db298ff48c7b9ba /src | |
parent | 3e0094af77fe1918f260c95af64cb70ee21a5ce1 (diff) | |
download | NetworkManager-d4a821d53ebd9b75dd992d13cc1a68da919d4ee8.tar.gz |
agent-manager: let nm_settings_connection_check_permission() check all secret-agents searching for permission
nm_agent_manager_get_agent_by_user() would only return the first
matching secret agent for the user. This way, we might miss an agent
that has permissions.
Instead, add nm_agent_manager_has_agent_with_permission() and search
all agents.
Diffstat (limited to 'src')
-rw-r--r-- | src/settings/nm-agent-manager.c | 40 | ||||
-rw-r--r-- | src/settings/nm-agent-manager.h | 5 | ||||
-rw-r--r-- | src/settings/nm-settings-connection.c | 5 |
3 files changed, 24 insertions, 26 deletions
diff --git a/src/settings/nm-agent-manager.c b/src/settings/nm-agent-manager.c index c5a0d9dea1..7c45bc8f79 100644 --- a/src/settings/nm-agent-manager.c +++ b/src/settings/nm-agent-manager.c @@ -226,21 +226,6 @@ _agent_find_by_identifier_and_uid (NMAgentManagerPrivate *priv, return NULL; } -static NMSecretAgent * -_agent_find_by_username (NMAgentManagerPrivate *priv, - const char *username) -{ - NMSecretAgent *agent; - - nm_assert (username); - - c_list_for_each_entry (agent, &priv->agent_lst_head, agent_lst) { - if (nm_streq0 (nm_secret_agent_get_owner_username (agent), username)) - return agent; - } - return NULL; -} - /*****************************************************************************/ static void @@ -1402,13 +1387,28 @@ nm_agent_manager_delete_secrets (NMAgentManager *self, /*****************************************************************************/ -NMSecretAgent * -nm_agent_manager_get_agent_by_user (NMAgentManager *self, const char *username) +gboolean +nm_agent_manager_has_agent_with_permission (NMAgentManager *self, + const char *username, + const char *permission) { - g_return_val_if_fail (NM_IS_AGENT_MANAGER (self), NULL); - g_return_val_if_fail (username, NULL); + NMAgentManagerPrivate *priv; + NMSecretAgent *agent; + + g_return_val_if_fail (NM_IS_AGENT_MANAGER (self), FALSE); + g_return_val_if_fail (username, FALSE); + g_return_val_if_fail (permission, FALSE); + + priv = NM_AGENT_MANAGER_GET_PRIVATE (self); - return _agent_find_by_username (NM_AGENT_MANAGER_GET_PRIVATE (self), username); + c_list_for_each_entry (agent, &priv->agent_lst_head, agent_lst) { + if (!nm_streq0 (nm_secret_agent_get_owner_username (agent), username)) + continue; + if (nm_secret_agent_has_permission (agent, permission)) + return TRUE; + } + + return FALSE; } /*****************************************************************************/ diff --git a/src/settings/nm-agent-manager.h b/src/settings/nm-agent-manager.h index 5200d241ca..bf2dcb6ccf 100644 --- a/src/settings/nm-agent-manager.h +++ b/src/settings/nm-agent-manager.h @@ -65,8 +65,9 @@ void nm_agent_manager_delete_secrets (NMAgentManager *manager, const char *path, NMConnection *connection); -NMSecretAgent *nm_agent_manager_get_agent_by_user (NMAgentManager *manager, - const char *username); +gboolean nm_agent_manager_has_agent_with_permission (NMAgentManager *self, + const char *username, + const char *permission); gboolean nm_agent_manager_all_agents_have_capability (NMAgentManager *manager, NMAuthSubject *subject, diff --git a/src/settings/nm-settings-connection.c b/src/settings/nm-settings-connection.c index 3368359980..fd701ecde4 100644 --- a/src/settings/nm-settings-connection.c +++ b/src/settings/nm-settings-connection.c @@ -409,10 +409,7 @@ nm_settings_connection_check_permission (NMSettingsConnection *self, * either. */ if (nm_setting_connection_get_permission (s_con, i, NULL, &puser, NULL)) { - NMSecretAgent *agent = nm_agent_manager_get_agent_by_user (priv->agent_mgr, puser); - - if ( agent - && nm_secret_agent_has_permission (agent, permission)) + if (nm_agent_manager_has_agent_with_permission (priv->agent_mgr, puser, permission)) return TRUE; } } |