mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2025-11-05 13:30:02 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

module-access: improve pipewire.client.access handling

Browse source 
If a client (pipewire-pulse) has performed the access check and creates
a client with a specific access path, it will set this in the
pipewire.client.access property. For example, when a flatpak client
connects to pipewire-pulse, it will create a client with the flatpak
pipewire.client.access property.

Check the property after reading it so that we don't blindly grant
complete access to the flatpak client. Instead let the session
manager to assign the permissions.

This fixes a problem where flatpak clients entering pipewire-pulse would
initially get full access and then be downgraded by the session manager.
This would result in the pulse client thinking that it has access to
objects while failing later.
This commit is contained in:
Wim Taymans 2021-11-16 17:27:05 +01:00
parent a0e0a4d9d2
commit 23ac9e5f3c
1 changed files with 5 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
src/modules/module-access.c
View file

@ -319,6 +319,11 @@ context_check_access(void *data, struct pw_impl_client *client)
if ((access = pw_properties_get(props, PW_KEY_CLIENT_ACCESS)) == NULL) if ((access = pw_properties_get(props, PW_KEY_CLIENT_ACCESS)) == NULL)
access = "unrestricted"; access = "unrestricted";
if (spa_streq(access, "unrestricted") || spa_streq(access, "allowed"))
goto granted;
else
goto wait_permissions;
granted: granted:
pw_log_info("%p: client %p '%s' access granted", impl, client, access); pw_log_info("%p: client %p '%s' access granted", impl, client, access);
items[0] = SPA_DICT_ITEM_INIT(PW_KEY_ACCESS, access); items[0] = SPA_DICT_ITEM_INIT(PW_KEY_ACCESS, access);