Commit 509179b7 authored by Aard's avatar Aard

[ssu] Make sure to use user session bus for store credential requests

parent 287355c0
......@@ -614,7 +614,7 @@ void Ssu::updateStoreCredentials(){
"/StoreClient",
"com.jolla.jollastore",
"storeCredentials");
QDBusPendingReply<QString, QString> reply = QDBusConnection::sessionBus().asyncCall(message);
QDBusPendingReply<QString, QString> reply = SsuCoreConfig::userSessionBus().asyncCall(message);
reply.waitForFinished();
if (reply.isError()) {
setError(QString("Store credentials not received. %1").arg(reply.error().message()));
......
......@@ -7,6 +7,9 @@
#include <QFile>
#include <QTextStream>
#include <QDBusConnection>
#include <getdef.h>
#include "ssucoreconfig.h"
#include "ssulog.h"
......@@ -143,3 +146,22 @@ bool SsuCoreConfig::useSslVerify(){
else
return true;
}
QDBusConnection SsuCoreConfig::userSessionBus(){
int uid_min = getdef_num("UID_MIN", -1);
// For calls from valid UID we assume that they are properly logged in users.
// If they are not the call will fail, but it's their fault.
if (getuid() >= uid_min){
return QDBusConnection::sessionBus();
} else {
// DBus security policy will prevent this beeing used by callers other
// than root at the moment. Still do it generic in case DBus policy will
// be extended later, and just use the usual 'DBus: THOU SHALL NOT PASS!'
// @TODO the uid to be used should be determined using the logind API from
// systemd package to support multiuser systems in the future
QString sessionBusAddress=QString("unix:path=/run/user/%1/dbus/user_bus_socket")
.arg(uid_min);
return QDBusConnection::connectToBus(sessionBusAddress, "userSessionBus");
}
}
......@@ -9,7 +9,6 @@
#define _SSUCORECONFIG_H
#include <QObject>
#include "ssusettings.h"
#include "ssu.h"
......@@ -23,6 +22,8 @@
#define SSU_DEFAULT_CONFIGURATION "/usr/share/ssu/ssu-defaults.ini"
#endif
class QDBusConnection;
class SsuCoreConfig: public SsuSettings {
Q_OBJECT
......@@ -100,6 +101,10 @@ class SsuCoreConfig: public SsuSettings {
* @retval false SSL verification should be disabled
*/
Q_INVOKABLE bool useSslVerify();
/**
* Return a DBus connection object connected to the session bus of the active user
*/
static QDBusConnection userSessionBus();
private:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment