bus/driver: Make non-core interfaces unavailable on most object paths

The o.fd.DBus interface needs to remain available on arbitrary object
paths for backwards compatibility, and the Introspectable interface
is genuinely useful, but everything else can be skipped.

This is arguably an incompatible change for the undocumented Verbose
interface, and for the GetAllMatchRules method on the undocumented
Stats interface: previously those were available at all object paths.

Reviewed-by: Philip Withnall <withnall@endlessm.com>
[smcv: Adjust comments, enum order, variable naming as per Philip's review]
Signed-off-by: Simon McVittie <smcv@collabora.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=101256

diff --git a/bus/driver.c b/bus/driver.c
index 34b86868ea19ccd0287cb45d4a1bedf6aad3e5b7..4a68cf220cba6f0b9e9efada9ae6b038e115176c 100644 (file)
--- a/bus/driver.c
+++ b/bus/driver.c
@@ -2200,9 +2200,6 @@ bus_driver_handle_become_monitor (DBusConnection *connection,
 
   _DBUS_ASSERT_ERROR_IS_CLEAR (error);
 
-  if (!bus_driver_check_message_is_for_us (message, error))
-    goto out;
-
   context = bus_transaction_get_context (transaction);
   bustype = context ? bus_context_get_type (context) : NULL;
   if (!bus_apparmor_allows_eavesdropping (connection, bustype, error))
@@ -2418,10 +2415,23 @@ static const MessageHandler stats_message_handlers[] = {
 };
 #endif
 
+typedef enum
+{
+  /* Various older interfaces were available at every object path. We have to
+   * preserve that behaviour for backwards compatibility, but we can at least
+   * stop doing that for newly added interfaces:
+   * <https://bugs.freedesktop.org/show_bug.cgi?id=101256>
+   * Introspectable is also useful at all object paths. */
+  INTERFACE_FLAG_ANY_PATH = (1 << 0),
+
+  INTERFACE_FLAG_NONE = 0
+} InterfaceFlags;
+
 typedef struct {
   const char *name;
   const MessageHandler *message_handlers;
   const char *extra_introspection;
+  InterfaceFlags flags;
 } InterfaceHandler;
 
 /* These should ideally be sorted by frequency of use, although it
@@ -2438,14 +2448,19 @@ static InterfaceHandler interface_handlers[] = {
     "    </signal>\n"
     "    <signal name=\"NameAcquired\">\n"
     "      <arg type=\"s\"/>\n"
-    "    </signal>\n" },
-  { DBUS_INTERFACE_INTROSPECTABLE, introspectable_message_handlers, NULL },
-  { DBUS_INTERFACE_MONITORING, monitoring_message_handlers, NULL },
+    "    </signal>\n",
+    INTERFACE_FLAG_ANY_PATH },
+  { DBUS_INTERFACE_INTROSPECTABLE, introspectable_message_handlers, NULL,
+    INTERFACE_FLAG_ANY_PATH },
+  { DBUS_INTERFACE_MONITORING, monitoring_message_handlers, NULL,
+    INTERFACE_FLAG_NONE },
 #ifdef DBUS_ENABLE_VERBOSE_MODE
-  { DBUS_INTERFACE_VERBOSE, verbose_message_handlers, NULL },
+  { DBUS_INTERFACE_VERBOSE, verbose_message_handlers, NULL,
+    INTERFACE_FLAG_NONE },
 #endif
 #ifdef DBUS_ENABLE_STATS
-  { BUS_INTERFACE_STATS, stats_message_handlers, NULL },
+  { BUS_INTERFACE_STATS, stats_message_handlers, NULL,
+    INTERFACE_FLAG_NONE },
 #endif
   { NULL, NULL, NULL }
 };
@@ -2486,7 +2501,8 @@ write_args_for_direction (DBusString *xml,
 }
 
 dbus_bool_t
-bus_driver_generate_introspect_string (DBusString *xml)
+bus_driver_generate_introspect_string (DBusString *xml,
+                                       dbus_bool_t is_canonical_path)
 {
   const InterfaceHandler *ih;
   const MessageHandler *mh;
@@ -2498,6 +2514,9 @@ bus_driver_generate_introspect_string (DBusString *xml)
 
   for (ih = interface_handlers; ih->name != NULL; ih++)
     {
+      if (!(is_canonical_path || (ih->flags & INTERFACE_FLAG_ANY_PATH)))
+        continue;
+
       if (!_dbus_string_append_printf (xml, "  <interface name=\"%s\">\n",
                                        ih->name))
         return FALSE;
@@ -2541,6 +2560,7 @@ bus_driver_handle_introspect (DBusConnection *connection,
   DBusString xml;
   DBusMessage *reply;
   const char *v_STRING;
+  dbus_bool_t is_canonical_path;
 
   _dbus_verbose ("Introspect() on bus driver\n");
 
@@ -2561,7 +2581,9 @@ bus_driver_handle_introspect (DBusConnection *connection,
       return FALSE;
     }
 
-  if (!bus_driver_generate_introspect_string (&xml))
+  is_canonical_path = dbus_message_has_path (message, DBUS_PATH_DBUS);
+
+  if (!bus_driver_generate_introspect_string (&xml, is_canonical_path))
     goto oom;
 
   v_STRING = _dbus_string_get_const_data (&xml);
@@ -2636,6 +2658,7 @@ bus_driver_handle_message (DBusConnection *connection,
   const InterfaceHandler *ih;
   const MessageHandler *mh;
   dbus_bool_t found_interface = FALSE;
+  dbus_bool_t is_canonical_path;
 
   _DBUS_ASSERT_ERROR_IS_CLEAR (error);
 
@@ -2701,8 +2724,13 @@ bus_driver_handle_message (DBusConnection *connection,
   _dbus_assert (dbus_message_get_sender (message) != NULL ||
                 strcmp (name, "Hello") == 0);
 
+  is_canonical_path = dbus_message_has_path (message, DBUS_PATH_DBUS);
+
   for (ih = interface_handlers; ih->name != NULL; ih++)
     {
+      if (!(is_canonical_path || (ih->flags & INTERFACE_FLAG_ANY_PATH)))
+        continue;
+
       if (interface != NULL && strcmp (interface, ih->name) != 0)
         continue;
 

diff --git a/bus/driver.h b/bus/driver.h
index 201709c4c2933f5be7de13600096ba7ff96e930a..30513ac8d8cdfe6b558888cf776f075efd24613f 100644 (file)
--- a/bus/driver.h
+++ b/bus/driver.h
@@ -45,7 +45,8 @@ dbus_bool_t bus_driver_send_service_owner_changed  (const char     *service_name
                                                    const char     *new_owner,
                                                    BusTransaction *transaction,
                                                    DBusError      *error);
-dbus_bool_t bus_driver_generate_introspect_string  (DBusString *xml);
+dbus_bool_t bus_driver_generate_introspect_string  (DBusString *xml,
+                                                    dbus_bool_t canonical_path);
 dbus_bool_t bus_driver_check_message_is_for_us     (DBusMessage *message,
                                                     DBusError   *error);
 

diff --git a/bus/main.c b/bus/main.c
index 17750ef6e66111771de6d9eecca8b3050a6a00f1..71313190f817a014367a6eef2ebc5ff4968774fd 100644 (file)
--- a/bus/main.c
+++ b/bus/main.c
@@ -189,7 +189,7 @@ introspect (void)
   if (!_dbus_string_init (&xml))
     goto oom;
 
-  if (!bus_driver_generate_introspect_string (&xml))
+  if (!bus_driver_generate_introspect_string (&xml, TRUE))
     {
       _dbus_string_free (&xml);
       goto oom;

diff --git a/bus/stats.c b/bus/stats.c
index dace0e29d1838a8b1a2cf8882ed7f27e1a8322c8..065a09d5e4340acafa97ae0e36a24b298deaa335 100644 (file)
--- a/bus/stats.c
+++ b/bus/stats.c
@@ -51,9 +51,6 @@ bus_stats_handle_get_stats (DBusConnection *connection,
 
   _DBUS_ASSERT_ERROR_IS_CLEAR (error);
 
-  if (!bus_driver_check_message_is_for_us (message, error))
-    return FALSE;
-
   context = bus_transaction_get_context (transaction);
   connections = bus_context_get_connections (context);
 
@@ -136,9 +133,6 @@ bus_stats_handle_get_connection_stats (DBusConnection *caller_connection,
 
   _DBUS_ASSERT_ERROR_IS_CLEAR (error);
 
-  if (!bus_driver_check_message_is_for_us (message, error))
-    return FALSE;
-
   registry = bus_connection_get_registry (caller_connection);
 
   if (! dbus_message_get_args (message, error,

diff --git a/test/monitor.c b/test/monitor.c
index 71ae2ae8608c8fe19221043843bdda0b52f9b0ed..3c43671a4fb0b156895e6f83e22ead03dd2528c0 100644 (file)
--- a/test/monitor.c
+++ b/test/monitor.c
@@ -642,7 +642,7 @@ test_invalid (Fixture *f,
 
   g_assert_cmpint (dbus_message_get_type (m), ==, DBUS_MESSAGE_TYPE_ERROR);
   g_assert_cmpstr (dbus_message_get_error_name (m), ==,
-      DBUS_ERROR_ACCESS_DENIED);
+      DBUS_ERROR_UNKNOWN_INTERFACE);
 
   /* Try to become a monitor but specify a bad match rule -
    * also not allowed */