brl/gnome-shell
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a55599a239
gnome-shell/src/shell-polkit-authentication-agent.c
Florian Müllner c634718dfa shell: Fix crash in polkit agent 
The polkit agent does not take ownership of the request's cancellable,
so it may no longer be valid after the request finished and we need
to disconnect it before that. Before the GTask port in 8b4249ef2,
it was safe to do that when freeing the request data because requests
completed in an idle, but now we need to do it before returning the
task result.

https://bugzilla.gnome.org/show_bug.cgi?id=757668
2015-11-10 11:56:37 +01:00

439 lines
13 KiB
C
Raw Blame History

/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
/*
* Copyright (C) 20011 Red Hat, Inc.
*
* Author: David Zeuthen <davidz@redhat.com>
*/
#include "config.h"
#include <pwd.h>
#define POLKIT_AGENT_I_KNOW_API_IS_SUBJECT_TO_CHANGE
#include <polkitagent/polkitagent.h>
#include "shell-polkit-authentication-agent.h"
#include <glib/gi18n.h>
/* uncomment for useful debug output */
/* #define SHOW_DEBUG */
#ifdef SHOW_DEBUG
static void
print_debug (const gchar *format, ...)
{
gchar *s;
va_list ap;
gchar timebuf[64];
GTimeVal now;
time_t now_t;
struct tm broken_down;
g_get_current_time (&now);
now_t = now.tv_sec;
localtime_r (&now_t, &broken_down);
strftime (timebuf, sizeof timebuf, "%H:%M:%S", &broken_down);
va_start (ap, format);
s = g_strdup_vprintf (format, ap);
va_end (ap);
g_print ("ShellPolkitAuthenticationAgent: %s.%03d: %s\n", timebuf, (gint) (now.tv_usec / 1000), s);
g_free (s);
}
#else
static void
print_debug (const gchar *str, ...)
{
}
#endif
struct _ShellPolkitAuthenticationAgentClass
{
PolkitAgentListenerClass parent_class;
};
struct _AuthRequest;
typedef struct _AuthRequest AuthRequest;
struct _ShellPolkitAuthenticationAgent {
PolkitAgentListener parent_instance;
GList *scheduled_requests;
AuthRequest *current_request;
gpointer handle;
};
/* Signals */
enum
{
INITIATE_SIGNAL,
CANCEL_SIGNAL,
LAST_SIGNAL
};
static guint signals[LAST_SIGNAL] = { 0 };
G_DEFINE_TYPE (ShellPolkitAuthenticationAgent, shell_polkit_authentication_agent, POLKIT_AGENT_TYPE_LISTENER);
static void initiate_authentication (PolkitAgentListener *listener,
const gchar *action_id,
const gchar *message,
const gchar *icon_name,
PolkitDetails *details,
const gchar *cookie,
GList *identities,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data);
static gboolean initiate_authentication_finish (PolkitAgentListener *listener,
GAsyncResult *res,
GError **error);
void
shell_polkit_authentication_agent_init (ShellPolkitAuthenticationAgent *agent)
{
}
void
shell_polkit_authentication_agent_register (ShellPolkitAuthenticationAgent *agent,
GError **error_out)
{
GError *error = NULL;
PolkitSubject *subject;
subject = polkit_unix_session_new_for_process_sync (getpid (),
NULL, /* GCancellable* */
&error);
if (subject == NULL)
{
if (error == NULL) /* polkit version 104 and older don't properly set error on failure */
error = g_error_new (POLKIT_ERROR, POLKIT_ERROR_FAILED,
"PolKit failed to properly get our session");
goto out;
}
agent->handle = polkit_agent_listener_register (POLKIT_AGENT_LISTENER (agent),
POLKIT_AGENT_REGISTER_FLAGS_NONE,
subject,
NULL, /* use default object path */
NULL, /* GCancellable */
&error);
out:
if (error != NULL)
g_propagate_error (error_out, error);
if (subject != NULL)
g_object_unref (subject);
}
static void
shell_polkit_authentication_agent_finalize (GObject *object)
{
ShellPolkitAuthenticationAgent *agent = SHELL_POLKIT_AUTHENTICATION_AGENT (object);
shell_polkit_authentication_agent_unregister (agent);
G_OBJECT_CLASS (shell_polkit_authentication_agent_parent_class)->finalize (object);
}
static void
shell_polkit_authentication_agent_class_init (ShellPolkitAuthenticationAgentClass *klass)
{
GObjectClass *gobject_class;
PolkitAgentListenerClass *listener_class;
gobject_class = G_OBJECT_CLASS (klass);
gobject_class->finalize = shell_polkit_authentication_agent_finalize;
listener_class = POLKIT_AGENT_LISTENER_CLASS (klass);
listener_class->initiate_authentication = initiate_authentication;
listener_class->initiate_authentication_finish = initiate_authentication_finish;
signals[INITIATE_SIGNAL] =
g_signal_new ("initiate",
G_TYPE_FROM_CLASS (klass),
G_SIGNAL_RUN_LAST,
0, /* class_offset */
NULL, /* accumulator */
NULL, /* accumulator data */
NULL, /* marshaller */
G_TYPE_NONE,
5,
G_TYPE_STRING,
G_TYPE_STRING,
G_TYPE_STRING,
G_TYPE_STRING,
G_TYPE_STRV);
signals[CANCEL_SIGNAL] =
g_signal_new ("cancel",
G_TYPE_FROM_CLASS (klass),
G_SIGNAL_RUN_LAST,
0, /* class_offset */
NULL, /* accumulator */
NULL, /* accumulator data */
NULL, /* marshaller */
G_TYPE_NONE,
0);
}
ShellPolkitAuthenticationAgent *
shell_polkit_authentication_agent_new (void)
{
return SHELL_POLKIT_AUTHENTICATION_AGENT (g_object_new (SHELL_TYPE_POLKIT_AUTHENTICATION_AGENT, NULL));
}
struct _AuthRequest {
/* not holding ref */
ShellPolkitAuthenticationAgent *agent;
GCancellable *cancellable;
gulong handler_id;
/* copies */
gchar *action_id;
gchar *message;
gchar *icon_name;
PolkitDetails *details;
gchar *cookie;
GList *identities;
GTask *simple;
};
static void
auth_request_free (AuthRequest *request)
{
g_free (request->action_id);
g_free (request->message);
g_free (request->icon_name);
g_object_unref (request->details);
g_free (request->cookie);
g_list_foreach (request->identities, (GFunc) g_object_unref, NULL);
g_list_free (request->identities);
g_object_unref (request->simple);
g_free (request);
}
static void
auth_request_initiate (AuthRequest *request)
{
gchar **user_names;
GPtrArray *p;
GList *l;
p = g_ptr_array_new ();
for (l = request->identities; l != NULL; l = l->next)
{
if (POLKIT_IS_UNIX_USER (l->data))
{
PolkitUnixUser *user = POLKIT_UNIX_USER (l->data);
gint uid;
gchar buf[4096];
struct passwd pwd;
struct passwd *ppwd;
uid = polkit_unix_user_get_uid (user);
if (getpwuid_r (uid, &pwd, buf, sizeof (buf), &ppwd) == 0)
{
if (!g_utf8_validate (pwd.pw_name, -1, NULL))
{
g_warning ("Invalid UTF-8 in username for uid %d. Skipping", uid);
}
else
{
g_ptr_array_add (p, g_strdup (pwd.pw_name));
}
}
else
{
g_warning ("Error looking up user name for uid %d", uid);
}
}
else
{
g_warning ("Unsupporting identity of GType %s", g_type_name (G_TYPE_FROM_INSTANCE (l->data)));
}
}
g_ptr_array_add (p, NULL);
user_names = (gchar **) g_ptr_array_free (p, FALSE);
g_signal_emit (request->agent,
signals[INITIATE_SIGNAL],
0, /* detail */
request->action_id,
request->message,
request->icon_name,
request->cookie,
user_names);
g_strfreev (user_names);
}
static void auth_request_complete (AuthRequest *request,
gboolean dismissed);
static gboolean
handle_cancelled_in_idle (gpointer user_data)
{
AuthRequest *request = user_data;
print_debug ("CANCELLED %s cookie %s", request->action_id, request->cookie);
if (request == request->agent->current_request)
{
g_signal_emit (request->agent,
signals[CANCEL_SIGNAL],
0); /* detail */
}
else
{
auth_request_complete (request, FALSE);
}
return FALSE;
}
static void
on_request_cancelled (GCancellable *cancellable,
gpointer user_data)
{
AuthRequest *request = user_data;
guint id;
/* post-pone to idle to handle GCancellable deadlock in
*
* https://bugzilla.gnome.org/show_bug.cgi?id=642968
*/
id = g_idle_add (handle_cancelled_in_idle, request);
g_source_set_name_by_id (id, "[gnome-shell] handle_cancelled_in_idle");
}
static void
auth_request_dismiss (AuthRequest *request)
{
auth_request_complete (request, TRUE);
}
void
shell_polkit_authentication_agent_unregister (ShellPolkitAuthenticationAgent *agent)
{
if (agent->scheduled_requests != NULL)
{
g_list_foreach (agent->scheduled_requests, (GFunc)auth_request_dismiss, NULL);
agent->scheduled_requests = NULL;
}
if (agent->current_request != NULL)
auth_request_dismiss (agent->current_request);
polkit_agent_listener_unregister (agent->handle);
agent->handle = NULL;
}
static void maybe_process_next_request (ShellPolkitAuthenticationAgent *agent);
static void
auth_request_complete (AuthRequest *request,
gboolean dismissed)
{
ShellPolkitAuthenticationAgent *agent = request->agent;
gboolean is_current = agent->current_request == request;
print_debug ("COMPLETING %s %s cookie %s", is_current ? "CURRENT" : "SCHEDULED",
request->action_id, request->cookie);
if (!is_current)
agent->scheduled_requests = g_list_remove (agent->scheduled_requests, request);
g_cancellable_disconnect (request->cancellable, request->handler_id);
if (dismissed)
g_task_return_new_error (request->simple,
POLKIT_ERROR,
POLKIT_ERROR_CANCELLED,
_("Authentication dialog was dismissed by the user"));
else
g_task_return_boolean (request->simple, TRUE);
auth_request_free (request);
if (is_current)
{
agent->current_request = NULL;
maybe_process_next_request (agent);
}
}
static void
maybe_process_next_request (ShellPolkitAuthenticationAgent *agent)
{
print_debug ("MAYBE_PROCESS cur=%p len(scheduled)=%d", agent->current_request, g_list_length (agent->scheduled_requests));
if (agent->current_request == NULL && agent->scheduled_requests != NULL)
{
AuthRequest *request;
request = agent->scheduled_requests->data;
agent->current_request = request;
agent->scheduled_requests = g_list_remove (agent->scheduled_requests, request);
print_debug ("INITIATING %s cookie %s", request->action_id, request->cookie);
auth_request_initiate (request);
}
}
static void
initiate_authentication (PolkitAgentListener *listener,
const gchar *action_id,
const gchar *message,
const gchar *icon_name,
PolkitDetails *details,
const gchar *cookie,
GList *identities,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data)
{
ShellPolkitAuthenticationAgent *agent = SHELL_POLKIT_AUTHENTICATION_AGENT (listener);
AuthRequest *request;
request = g_new0 (AuthRequest, 1);
request->agent = agent;
request->action_id = g_strdup (action_id);
request->message = g_strdup (message);
request->icon_name = g_strdup (icon_name);
request->details = g_object_ref (details);
request->cookie = g_strdup (cookie);
request->identities = g_list_copy (identities);
g_list_foreach (request->identities, (GFunc) g_object_ref, NULL);
request->simple = g_task_new (listener, NULL, callback, user_data);
request->cancellable = cancellable;
request->handler_id = g_cancellable_connect (request->cancellable,
G_CALLBACK (on_request_cancelled),
request,
NULL); /* GDestroyNotify for request */
print_debug ("SCHEDULING %s cookie %s", request->action_id, request->cookie);
agent->scheduled_requests = g_list_append (agent->scheduled_requests, request);
maybe_process_next_request (agent);
}
static gboolean
initiate_authentication_finish (PolkitAgentListener *listener,
GAsyncResult *res,
GError **error)
{
return g_task_propagate_boolean (G_TASK (res), error);
}
void
shell_polkit_authentication_agent_complete (ShellPolkitAuthenticationAgent *agent,
gboolean dismissed)
{
g_return_if_fail (SHELL_IS_POLKIT_AUTHENTICATION_AGENT (agent));
g_return_if_fail (agent->current_request != NULL);
auth_request_complete (agent->current_request, dismissed);
}
Reference in New Issue View Git Blame Copy Permalink