diff options
| author |  Drew DeVault <sir@cmpwn.com> | 2017-02-20 06:30:25 -0500 |
|---|---|---|
| committer | Drew DeVault <sir@cmpwn.com> | 2017-02-20 06:33:04 -0500 |
| commit | 1980a0835804b205da1fa00187640ae8a0c4f9be (patch) | |
| tree | 7d79e173a654443f15bd33c0d7f81f3c1d889af7 /sway/commands/ipc.c | |
| parent | Add initial support code for new IPC security (diff) | |
| download | sway-1980a0835804b205da1fa00187640ae8a0c4f9be.tar.gz sway-1980a0835804b205da1fa00187640ae8a0c4f9be.tar.zst sway-1980a0835804b205da1fa00187640ae8a0c4f9be.zip | |
Enforce new IPC policies
Diffstat (limited to 'sway/commands/ipc.c')
| -rw-r--r-- | sway/commands/ipc.c | 23 |
1 files changed, 15 insertions, 8 deletions
diff --git a/sway/commands/ipc.c b/sway/commands/ipc.c index 44d7a010..6b29706e 100644 --- a/sway/commands/ipc.c +++ b/sway/commands/ipc.c | |||
| @@ -1,18 +1,23 @@ | |||
| 1 | #include <stdio.h> | 1 | #include <stdio.h> |
| 2 | #include <string.h> | 2 | #include <string.h> |
| 3 | #include "sway/security.h" | ||
| 3 | #include "sway/commands.h" | 4 | #include "sway/commands.h" |
| 4 | #include "sway/config.h" | 5 | #include "sway/config.h" |
| 5 | #include "ipc.h" | 6 | #include "ipc.h" |
| 6 | #include "log.h" | 7 | #include "log.h" |
| 7 | #include "util.h" | 8 | #include "util.h" |
| 8 | 9 | ||
| 10 | static struct ipc_policy *current_policy = NULL; | ||
| 11 | |||
| 9 | struct cmd_results *cmd_ipc(int argc, char **argv) { | 12 | struct cmd_results *cmd_ipc(int argc, char **argv) { |
| 10 | struct cmd_results *error = NULL; | 13 | struct cmd_results *error = NULL; |
| 11 | if ((error = checkarg(argc, "ipc", EXPECTED_EQUAL_TO, 1))) { | 14 | if ((error = checkarg(argc, "ipc", EXPECTED_EQUAL_TO, 2))) { |
| 12 | return error; | 15 | return error; |
| 13 | } | 16 | } |
| 14 | 17 | ||
| 15 | if (config->reading && strcmp("{", argv[0]) != 0) { | 18 | const char *program = argv[0]; |
| 19 | |||
| 20 | if (config->reading && strcmp("{", argv[1]) != 0) { | ||
| 16 | return cmd_results_new(CMD_INVALID, "ipc", | 21 | return cmd_results_new(CMD_INVALID, "ipc", |
| 17 | "Expected '{' at start of IPC config definition."); | 22 | "Expected '{' at start of IPC config definition."); |
| 18 | } | 23 | } |
| @@ -26,6 +31,8 @@ struct cmd_results *cmd_ipc(int argc, char **argv) { | |||
| 26 | "This command is only permitted to run from " SYSCONFDIR "/sway/security"); | 31 | "This command is only permitted to run from " SYSCONFDIR "/sway/security"); |
| 27 | } | 32 | } |
| 28 | 33 | ||
| 34 | current_policy = alloc_ipc_policy(program); | ||
| 35 | |||
| 29 | return cmd_results_new(CMD_BLOCK_IPC, NULL, NULL); | 36 | return cmd_results_new(CMD_BLOCK_IPC, NULL, NULL); |
| 30 | } | 37 | } |
| 31 | 38 | ||
| @@ -86,10 +93,10 @@ struct cmd_results *cmd_ipc_cmd(int argc, char **argv) { | |||
| 86 | } | 93 | } |
| 87 | 94 | ||
| 88 | if (enabled) { | 95 | if (enabled) { |
| 89 | //config->ipc_policy |= type; | 96 | current_policy->features |= type; |
| 90 | sway_log(L_DEBUG, "Enabled IPC %s feature %d", argv[-1], (int)type); | 97 | sway_log(L_DEBUG, "Enabled IPC %s feature", argv[-1]); |
| 91 | } else { | 98 | } else { |
| 92 | //config->ipc_policy &= ~type; | 99 | current_policy->features &= ~type; |
| 93 | sway_log(L_DEBUG, "Disabled IPC %s feature", argv[-1]); | 100 | sway_log(L_DEBUG, "Disabled IPC %s feature", argv[-1]); |
| 94 | } | 101 | } |
| 95 | 102 | ||
| @@ -134,10 +141,10 @@ struct cmd_results *cmd_ipc_event_cmd(int argc, char **argv) { | |||
| 134 | } | 141 | } |
| 135 | 142 | ||
| 136 | if (enabled) { | 143 | if (enabled) { |
| 137 | //config->ipc_policy |= type; | 144 | current_policy->features |= type; |
| 138 | sway_log(L_DEBUG, "Enabled IPC %s event %d", argv[-1], (int)type); | 145 | sway_log(L_DEBUG, "Enabled IPC %s event", argv[-1]); |
| 139 | } else { | 146 | } else { |
| 140 | //config->ipc_policy &= ~type; | 147 | current_policy->features &= ~type; |
| 141 | sway_log(L_DEBUG, "Disabled IPC %s event", argv[-1]); | 148 | sway_log(L_DEBUG, "Disabled IPC %s event", argv[-1]); |
| 142 | } | 149 | } |
| 143 | 150 | ||