diff options
author | Drew DeVault <sir@cmpwn.com> | 2017-02-20 06:30:25 -0500 |
---|---|---|
committer | Drew DeVault <sir@cmpwn.com> | 2017-02-20 06:33:04 -0500 |
commit | 1980a0835804b205da1fa00187640ae8a0c4f9be (patch) | |
tree | 7d79e173a654443f15bd33c0d7f81f3c1d889af7 /sway/commands/ipc.c | |
parent | Add initial support code for new IPC security (diff) | |
download | sway-1980a0835804b205da1fa00187640ae8a0c4f9be.tar.gz sway-1980a0835804b205da1fa00187640ae8a0c4f9be.tar.zst sway-1980a0835804b205da1fa00187640ae8a0c4f9be.zip |
Enforce new IPC policies
Diffstat (limited to 'sway/commands/ipc.c')
-rw-r--r-- | sway/commands/ipc.c | 23 |
1 files changed, 15 insertions, 8 deletions
diff --git a/sway/commands/ipc.c b/sway/commands/ipc.c index 44d7a010..6b29706e 100644 --- a/sway/commands/ipc.c +++ b/sway/commands/ipc.c | |||
@@ -1,18 +1,23 @@ | |||
1 | #include <stdio.h> | 1 | #include <stdio.h> |
2 | #include <string.h> | 2 | #include <string.h> |
3 | #include "sway/security.h" | ||
3 | #include "sway/commands.h" | 4 | #include "sway/commands.h" |
4 | #include "sway/config.h" | 5 | #include "sway/config.h" |
5 | #include "ipc.h" | 6 | #include "ipc.h" |
6 | #include "log.h" | 7 | #include "log.h" |
7 | #include "util.h" | 8 | #include "util.h" |
8 | 9 | ||
10 | static struct ipc_policy *current_policy = NULL; | ||
11 | |||
9 | struct cmd_results *cmd_ipc(int argc, char **argv) { | 12 | struct cmd_results *cmd_ipc(int argc, char **argv) { |
10 | struct cmd_results *error = NULL; | 13 | struct cmd_results *error = NULL; |
11 | if ((error = checkarg(argc, "ipc", EXPECTED_EQUAL_TO, 1))) { | 14 | if ((error = checkarg(argc, "ipc", EXPECTED_EQUAL_TO, 2))) { |
12 | return error; | 15 | return error; |
13 | } | 16 | } |
14 | 17 | ||
15 | if (config->reading && strcmp("{", argv[0]) != 0) { | 18 | const char *program = argv[0]; |
19 | |||
20 | if (config->reading && strcmp("{", argv[1]) != 0) { | ||
16 | return cmd_results_new(CMD_INVALID, "ipc", | 21 | return cmd_results_new(CMD_INVALID, "ipc", |
17 | "Expected '{' at start of IPC config definition."); | 22 | "Expected '{' at start of IPC config definition."); |
18 | } | 23 | } |
@@ -26,6 +31,8 @@ struct cmd_results *cmd_ipc(int argc, char **argv) { | |||
26 | "This command is only permitted to run from " SYSCONFDIR "/sway/security"); | 31 | "This command is only permitted to run from " SYSCONFDIR "/sway/security"); |
27 | } | 32 | } |
28 | 33 | ||
34 | current_policy = alloc_ipc_policy(program); | ||
35 | |||
29 | return cmd_results_new(CMD_BLOCK_IPC, NULL, NULL); | 36 | return cmd_results_new(CMD_BLOCK_IPC, NULL, NULL); |
30 | } | 37 | } |
31 | 38 | ||
@@ -86,10 +93,10 @@ struct cmd_results *cmd_ipc_cmd(int argc, char **argv) { | |||
86 | } | 93 | } |
87 | 94 | ||
88 | if (enabled) { | 95 | if (enabled) { |
89 | //config->ipc_policy |= type; | 96 | current_policy->features |= type; |
90 | sway_log(L_DEBUG, "Enabled IPC %s feature %d", argv[-1], (int)type); | 97 | sway_log(L_DEBUG, "Enabled IPC %s feature", argv[-1]); |
91 | } else { | 98 | } else { |
92 | //config->ipc_policy &= ~type; | 99 | current_policy->features &= ~type; |
93 | sway_log(L_DEBUG, "Disabled IPC %s feature", argv[-1]); | 100 | sway_log(L_DEBUG, "Disabled IPC %s feature", argv[-1]); |
94 | } | 101 | } |
95 | 102 | ||
@@ -134,10 +141,10 @@ struct cmd_results *cmd_ipc_event_cmd(int argc, char **argv) { | |||
134 | } | 141 | } |
135 | 142 | ||
136 | if (enabled) { | 143 | if (enabled) { |
137 | //config->ipc_policy |= type; | 144 | current_policy->features |= type; |
138 | sway_log(L_DEBUG, "Enabled IPC %s event %d", argv[-1], (int)type); | 145 | sway_log(L_DEBUG, "Enabled IPC %s event", argv[-1]); |
139 | } else { | 146 | } else { |
140 | //config->ipc_policy &= ~type; | 147 | current_policy->features &= ~type; |
141 | sway_log(L_DEBUG, "Disabled IPC %s event", argv[-1]); | 148 | sway_log(L_DEBUG, "Disabled IPC %s event", argv[-1]); |
142 | } | 149 | } |
143 | 150 | ||