From fe86adb46f57c8b8ef683591506cbe98fff0c071 Mon Sep 17 00:00:00 2001
From: Wim Taymans <wtaymans@redhat.com>
Date: Fri, 27 Jan 2017 16:42:34 +0100
Subject: [PATCH 12/18] protocol-native: add async access checks

---
 src/pulsecore/protocol-native.c | 91 +++++++++++++++++++++++++++++++++++++++--
 1 file changed, 87 insertions(+), 4 deletions(-)

diff --git a/src/pulsecore/protocol-native.c b/src/pulsecore/protocol-native.c
index 4ff97c4..a866802 100644
--- a/src/pulsecore/protocol-native.c
+++ b/src/pulsecore/protocol-native.c
@@ -4850,14 +4850,97 @@ static void command_set_port_latency_offset(pa_pdispatch *pd, uint32_t command,
     pa_pstream_send_simple_ack(c->pstream, tag);
 }
 
+typedef struct pa_protocol_native_access_data {
+    pa_access_data d;
+
+    pa_pdispatch *pd;
+    uint32_t command;
+    uint32_t tag;
+    pa_tagstruct *tc;
+    void *userdata;
+} pa_protocol_native_access_data;
+
+static const pa_pdispatch_cb_t access_ok_table[PA_COMMAND_MAX] = {
+    [PA_COMMAND_CREATE_PLAYBACK_STREAM] = command_create_playback_stream,
+    [PA_COMMAND_CREATE_RECORD_STREAM] = command_create_record_stream,
+    [PA_COMMAND_CREATE_UPLOAD_STREAM] = command_create_upload_stream,
+    [PA_COMMAND_STAT] = command_stat,
+};
+
+static void check_access_finish_cb(pa_access_data *data, bool res) {
+    pa_protocol_native_access_data *d = (pa_protocol_native_access_data *) data;
+    pa_native_connection *c = PA_NATIVE_CONNECTION(d->userdata);
+    uint32_t command, tag;
+
+    if (!res || pa_tagstruct_getu32(d->tc, &command) < 0 ||
+        pa_tagstruct_getu32(d->tc, &tag) < 0 ||
+        command != d->command || tag != d->tag) {
+        pa_pstream_send_error(c->pstream, d->tag, PA_ERR_ACCESS);
+        goto finish;
+    }
+
+    /* call the dispatcher again, hopefully this time, the access check will
+     * fail or succeed immediately */
+    access_ok_table[d->command](d->pd, d->command, d->tag, d->tc, d->userdata);
+
+finish:
+    if (d->pd)
+        pa_pdispatch_unref(d->pd);
+    if (d->tc)
+        pa_tagstruct_free(d->tc);
+    pa_xfree(d);
+}
+
+static const pa_access_hook_t access_table[PA_COMMAND_MAX] = {
+    [PA_COMMAND_CREATE_PLAYBACK_STREAM] = PA_ACCESS_HOOK_CONNECT_PLAYBACK,
+    [PA_COMMAND_CREATE_RECORD_STREAM] = PA_ACCESS_HOOK_CONNECT_RECORD,
+    [PA_COMMAND_CREATE_UPLOAD_STREAM] = PA_ACCESS_HOOK_CONNECT_UPLOAD,
+    [PA_COMMAND_STAT] = PA_ACCESS_HOOK_STAT,
+};
+
+static void check_command_access(pa_pdispatch *pd, uint32_t command, uint32_t tag, pa_tagstruct *t, void *userdata) {
+    pa_native_connection *c = PA_NATIVE_CONNECTION(userdata);
+    pa_protocol_native_access_data *data;
+    pa_hook_result_t res;
+
+    pa_native_connection_assert_ref(c);
+
+    if (access_table[command] == 0) {
+        pa_pstream_send_error(c->pstream, tag, PA_ERR_ACCESS);
+        return;
+    }
+
+    data = pa_xnew0 (pa_protocol_native_access_data, 1);
+    data->d.client_index = c->client->index;
+    data->d.object_index = PA_INVALID_INDEX;
+    data->d.event = 0;
+    data->d.name = NULL;
+    data->d.hook = access_table[command];
+
+    res = pa_core_check_access(c->protocol->core, &data->d);
+    if (res == PA_HOOK_CANCEL) {
+        /* async */
+        data->d.complete_cb = check_access_finish_cb;
+        data->pd = pd ? pa_pdispatch_ref (pd) : NULL;
+        data->command = command;
+        data->tag = tag;
+        data->tc = t ? pa_tagstruct_copy (t) : NULL;
+        data->userdata = userdata;
+    } else {
+        pa_xfree(data);
+        access_ok_table[command](pd, command, tag, t, userdata);
+    }
+}
+
+
 static const pa_pdispatch_cb_t command_table[PA_COMMAND_MAX] = {
     [PA_COMMAND_ERROR] = NULL,
     [PA_COMMAND_TIMEOUT] = NULL,
     [PA_COMMAND_REPLY] = NULL,
-    [PA_COMMAND_CREATE_PLAYBACK_STREAM] = command_create_playback_stream,
+    [PA_COMMAND_CREATE_PLAYBACK_STREAM] = check_command_access,
     [PA_COMMAND_DELETE_PLAYBACK_STREAM] = command_delete_stream,
     [PA_COMMAND_DRAIN_PLAYBACK_STREAM] = command_drain_playback_stream,
-    [PA_COMMAND_CREATE_RECORD_STREAM] = command_create_record_stream,
+    [PA_COMMAND_CREATE_RECORD_STREAM] = check_command_access,
     [PA_COMMAND_DELETE_RECORD_STREAM] = command_delete_stream,
     [PA_COMMAND_AUTH] = command_auth,
     [PA_COMMAND_REQUEST] = NULL,
@@ -4865,10 +4948,10 @@ static const pa_pdispatch_cb_t command_table[PA_COMMAND_MAX] = {
     [PA_COMMAND_SET_CLIENT_NAME] = command_set_client_name,
     [PA_COMMAND_LOOKUP_SINK] = command_lookup,
     [PA_COMMAND_LOOKUP_SOURCE] = command_lookup,
-    [PA_COMMAND_STAT] = command_stat,
+    [PA_COMMAND_STAT] = check_command_access,
     [PA_COMMAND_GET_PLAYBACK_LATENCY] = command_get_playback_latency,
     [PA_COMMAND_GET_RECORD_LATENCY] = command_get_record_latency,
-    [PA_COMMAND_CREATE_UPLOAD_STREAM] = command_create_upload_stream,
+    [PA_COMMAND_CREATE_UPLOAD_STREAM] = check_command_access,
     [PA_COMMAND_DELETE_UPLOAD_STREAM] = command_delete_stream,
     [PA_COMMAND_FINISH_UPLOAD_STREAM] = command_finish_upload_stream,
     [PA_COMMAND_PLAY_SAMPLE] = command_play_sample,
-- 
2.9.3