From: Simon McVittie <simon.mcvittie@collabora.co.uk>
Date: Wed, 18 Feb 2015 20:57:08 +0000 (+0000)
Subject: Revert "Add DBus method to return the AA context of a connection"
X-Git-Tag: dbus-1.9.12~2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=3a10304a2de1c795049c0f9cadff6dc8061f5920;p=thirdparty%2Fdbus.git

Revert "Add DBus method to return the AA context of a connection"

This reverts commit 24f1502e42b58a7c238779c023c6bfe870dc78cc,
which wasn't meant to go upstream (it's backwards compatibility
with older versions of this patchset).
---

diff --git a/bus/apparmor.c b/bus/apparmor.c
index af76ca278..072e2edf9 100644
--- a/bus/apparmor.c
+++ b/bus/apparmor.c
@@ -105,21 +105,6 @@ bus_apparmor_confinement_new (char       *label,
   return confinement;
 }
 
-const char*
-bus_apparmor_confinement_get_label (BusAppArmorConfinement *confinement)
-{
-#ifdef HAVE_APPARMOR
-  if (!apparmor_enabled)
-    return NULL;
-
-  _dbus_assert (confinement != NULL);
-
-  return confinement->label;
-#else
-  return NULL;
-#endif
-}
-
 void
 bus_apparmor_confinement_unref (BusAppArmorConfinement *confinement)
 {
diff --git a/bus/apparmor.h b/bus/apparmor.h
index e9fcc1b04..4a47aecc4 100644
--- a/bus/apparmor.h
+++ b/bus/apparmor.h
@@ -39,7 +39,6 @@ dbus_bool_t bus_apparmor_enabled (void);
 
 void bus_apparmor_confinement_unref (BusAppArmorConfinement *confinement);
 void bus_apparmor_confinement_ref (BusAppArmorConfinement *confinement);
-const char* bus_apparmor_confinement_get_label (BusAppArmorConfinement *confinement);
 BusAppArmorConfinement* bus_apparmor_init_connection_confinement (DBusConnection *connection,
                                                                   DBusError      *error);
 
diff --git a/bus/driver.c b/bus/driver.c
index 4dcf76c88..aab922ae7 100644
--- a/bus/driver.c
+++ b/bus/driver.c
@@ -1759,91 +1759,6 @@ bus_driver_handle_get_connection_credentials (DBusConnection *connection,
   return FALSE;
 }
 
-static dbus_bool_t
-bus_driver_handle_get_connection_apparmor_security_context (DBusConnection *connection,
-                                                            BusTransaction *transaction,
-                                                            DBusMessage    *message,
-                                                            DBusError      *error)
-{
-  const char *service;
-  DBusString str;
-  BusRegistry *registry;
-  BusService *serv;
-  DBusConnection *primary_connection;
-  DBusMessage *reply;
-  BusAppArmorConfinement *confinement;
-  const char *label;
-
-  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
-
-  registry = bus_connection_get_registry (connection);
-
-  service = NULL;
-  reply = NULL;
-  confinement = NULL;
-
-  if (! dbus_message_get_args (message, error, DBUS_TYPE_STRING, &service,
-                               DBUS_TYPE_INVALID))
-      goto failed;
-
-  _dbus_verbose ("asked for security context of connection %s\n", service);
-
-  _dbus_string_init_const (&str, service);
-  serv = bus_registry_lookup (registry, &str);
-  if (serv == NULL)
-    {
-      dbus_set_error (error,
-                      DBUS_ERROR_NAME_HAS_NO_OWNER,
-                      "Could not get security context of name '%s': no such name", service);
-      goto failed;
-    }
-
-  primary_connection = bus_service_get_primary_owners_connection (serv);
-
-  reply = dbus_message_new_method_return (message);
-  if (reply == NULL)
-    goto oom;
-
-  confinement = bus_connection_dup_apparmor_confinement (primary_connection);
-  label = bus_apparmor_confinement_get_label (confinement);
-
-  if (label == NULL)
-    {
-      dbus_set_error (error,
-                      DBUS_ERROR_APPARMOR_SECURITY_CONTEXT_UNKNOWN,
-                      "Could not determine security context for '%s'", service);
-      goto failed;
-    }
-
-  if (!dbus_validate_utf8 (label, error))
-    goto failed;
-
-  if (! dbus_message_append_args (reply,
-                                  DBUS_TYPE_STRING,
-                                  &label,
-                                  DBUS_TYPE_INVALID))
-    goto failed;
-
-  if (! bus_transaction_send_from_driver (transaction, connection, reply))
-    goto oom;
-
-  bus_apparmor_confinement_unref (confinement);
-  dbus_message_unref (reply);
-
-  return TRUE;
-
- oom:
-  BUS_SET_OOM (error);
-
- failed:
-  _DBUS_ASSERT_ERROR_IS_SET (error);
-  if (confinement)
-    bus_apparmor_confinement_unref (confinement);
-  if (reply)
-    dbus_message_unref (reply);
-  return FALSE;
-}
-
 static dbus_bool_t
 bus_driver_handle_reload_config (DBusConnection *connection,
 				 BusTransaction *transaction,
@@ -2200,10 +2115,6 @@ static const MessageHandler dbus_message_handlers[] = {
     DBUS_TYPE_STRING_AS_STRING,
     DBUS_TYPE_ARRAY_AS_STRING DBUS_TYPE_BYTE_AS_STRING,
     bus_driver_handle_get_connection_selinux_security_context },
-  { "GetConnectionAppArmorSecurityContext",
-    DBUS_TYPE_STRING_AS_STRING,
-    DBUS_TYPE_STRING_AS_STRING,
-    bus_driver_handle_get_connection_apparmor_security_context },
   { "ReloadConfig",
     "",
     "",
diff --git a/dbus/dbus-protocol.h b/dbus/dbus-protocol.h
index 2b7fd2313..933c3658c 100644
--- a/dbus/dbus-protocol.h
+++ b/dbus/dbus-protocol.h
@@ -444,8 +444,6 @@ extern "C" {
 #define DBUS_ERROR_INVALID_FILE_CONTENT       "org.freedesktop.DBus.Error.InvalidFileContent"
 /** Asked for SELinux security context and it wasn't available. */
 #define DBUS_ERROR_SELINUX_SECURITY_CONTEXT_UNKNOWN    "org.freedesktop.DBus.Error.SELinuxSecurityContextUnknown"
-/** Asked for AppArmor security context and it wasn't available. */
-#define DBUS_ERROR_APPARMOR_SECURITY_CONTEXT_UNKNOWN   "org.freedesktop.DBus.Error.AppArmorSecurityContextUnknown"
 /** Asked for ADT audit data and it wasn't available. */
 #define DBUS_ERROR_ADT_AUDIT_DATA_UNKNOWN     "org.freedesktop.DBus.Error.AdtAuditDataUnknown"
 /** There's already an object with the requested object path. */