qrexec: add support for service argument

Fixes QubesOS/qubes-issues#1876
2016-03-27 04:27:37 +02:00 · 2016-03-27 04:27:37 +02:00 · 0607d9021a
commit 0607d9021a
parent ad28f4df62
2 changed files with 6 additions and 3 deletions
--- a/qrexec/qrexec-daemon.c
+++ b/qrexec/qrexec-daemon.c
@ -666,7 +666,7 @@ static void handle_execute_service(void)
    ENSURE_NULL_TERMINATED(untrusted_params.service_name);
    ENSURE_NULL_TERMINATED(untrusted_params.target_domain);
    ENSURE_NULL_TERMINATED(untrusted_params.request_id.ident);
-    sanitize_name(untrusted_params.service_name, "");
+    sanitize_name(untrusted_params.service_name, "+");
    sanitize_name(untrusted_params.target_domain, "");
    sanitize_name(untrusted_params.request_id.ident, " ");
    params = untrusted_params;
--- a/qrexec/qrexec-policy
+++ b/qrexec/qrexec-policy
@ -50,9 +50,12 @@ def line_to_dict(line):
 def read_policy_file(service_name):
-    policy_file=POLICY_FILE_DIR+"/"+service_name
+    policy_file = os.path.join(POLICY_FILE_DIR, service_name)
    if not os.path.isfile(policy_file):
-        policy_file=DEPRECATED_POLICY_FILE_DIR+"/"+service_name
+        # fallback to policy without specific argument set (if any)
        policy_file = os.path.join(POLICY_FILE_DIR, service_name.split("+")[0])
    if not os.path.isfile(policy_file):
        policy_file = os.path.join(DEPRECATED_POLICY_FILE_DIR, service_name)
        if not os.path.isfile(policy_file):
            return None
        print >>sys.stderr, "RPC service '%s' uses deprecated policy location, please move to %s" % (service_name, POLICY_FILE_DIR)