bus.c 22.4 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28
/* -*- mode: C; c-file-style: "gnu" -*- */
/* bus.c  message bus context object
 *
 * Copyright (C) 2003 Red Hat, Inc.
 *
 * Licensed under the Academic Free License version 1.2
 * 
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 *
 */

#include "bus.h"
#include "activation.h"
#include "connection.h"
#include "services.h"
#include "utils.h"
29
#include "policy.h"
30
#include "config-parser.h"
31 32
#include <dbus/dbus-list.h>
#include <dbus/dbus-hash.h>
33 34 35 36 37
#include <dbus/dbus-internals.h>

struct BusContext
{
  int refcount;
38
  char *type;
39
  char *address;
40
  char *pidfile;
41
  DBusLoop *loop;
42
  DBusList *servers;
43 44 45
  BusConnections *connections;
  BusActivation *activation;
  BusRegistry *registry;
46
  BusPolicy *policy;
47
  DBusUserDatabase *user_database;
48
  BusLimits limits;
49 50
};

51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103
static int server_data_slot = -1;
static int server_data_slot_refcount = 0;

typedef struct
{
  BusContext *context;
} BusServerData;

#define BUS_SERVER_DATA(server) (dbus_server_get_data ((server), server_data_slot))

static dbus_bool_t
server_data_slot_ref (void)
{
  if (server_data_slot < 0)
    {
      server_data_slot = dbus_server_allocate_data_slot ();
      
      if (server_data_slot < 0)
        return FALSE;

      _dbus_assert (server_data_slot_refcount == 0);
    }  

  server_data_slot_refcount += 1;

  return TRUE;
}

static void
server_data_slot_unref (void)
{
  _dbus_assert (server_data_slot_refcount > 0);

  server_data_slot_refcount -= 1;
  
  if (server_data_slot_refcount == 0)
    {
      dbus_server_free_data_slot (server_data_slot);
      server_data_slot = -1;
    }
}

static BusContext*
server_get_context (DBusServer *server)
{
  BusContext *context;
  BusServerData *bd;
  
  if (!server_data_slot_ref ())
    return NULL;

  bd = BUS_SERVER_DATA (server);
  if (bd == NULL)
104 105 106 107
    {
      server_data_slot_unref ();
      return NULL;
    }
108 109 110 111 112 113 114 115

  context = bd->context;

  server_data_slot_unref ();

  return context;
}

116
static dbus_bool_t
117 118 119 120
server_watch_callback (DBusWatch     *watch,
                       unsigned int   condition,
                       void          *data)
{
121 122 123 124 125 126
  /* FIXME this can be done in dbus-mainloop.c
   * if the code in activation.c for the babysitter
   * watch handler is fixed.
   */
  
  return dbus_watch_handle (watch, condition);
127 128
}

129
static dbus_bool_t
130
add_server_watch (DBusWatch  *watch,
131
                  void       *data)
132
{
133 134 135 136 137
  DBusServer *server = data;
  BusContext *context;
  
  context = server_get_context (server);
  
138 139 140
  return _dbus_loop_add_watch (context->loop,
                               watch, server_watch_callback, server,
                               NULL);
141 142 143 144
}

static void
remove_server_watch (DBusWatch  *watch,
145
                     void       *data)
146
{
147 148 149 150 151
  DBusServer *server = data;
  BusContext *context;
  
  context = server_get_context (server);
  
152 153
  _dbus_loop_remove_watch (context->loop,
                           watch, server_watch_callback, server);
154 155
}

156

157 158 159 160
static void
server_timeout_callback (DBusTimeout   *timeout,
                         void          *data)
{
161
  /* can return FALSE on OOM but we just let it fire again later */
162 163 164 165 166
  dbus_timeout_handle (timeout);
}

static dbus_bool_t
add_server_timeout (DBusTimeout *timeout,
167
                    void        *data)
168
{
169 170 171 172 173
  DBusServer *server = data;
  BusContext *context;
  
  context = server_get_context (server);

174 175
  return _dbus_loop_add_timeout (context->loop,
                                 timeout, server_timeout_callback, server, NULL);
176 177 178 179
}

static void
remove_server_timeout (DBusTimeout *timeout,
180
                       void        *data)
181
{
182 183 184 185 186
  DBusServer *server = data;
  BusContext *context;
  
  context = server_get_context (server);
  
187 188
  _dbus_loop_remove_timeout (context->loop,
                             timeout, server_timeout_callback, server);
189 190
}

191 192 193 194 195 196 197 198
static void
new_connection_callback (DBusServer     *server,
                         DBusConnection *new_connection,
                         void           *data)
{
  BusContext *context = data;
  
  if (!bus_connections_setup_connection (context->connections, new_connection))
199 200
    {
      _dbus_verbose ("No memory to setup new connection\n");
201

202 203 204 205 206 207 208
      /* if we don't do this, it will get unref'd without
       * being disconnected... kind of strange really
       * that we have to do this, people won't get it right
       * in general.
       */
      dbus_connection_disconnect (new_connection);
    }
209 210

  dbus_connection_set_max_received_size (new_connection,
211
                                         context->limits.max_incoming_bytes);
212 213

  dbus_connection_set_max_message_size (new_connection,
214
                                        context->limits.max_message_size);
215
  
216
  /* on OOM, we won't have ref'd the connection so it will die. */
217 218
}

219 220 221 222 223 224 225 226
static void
free_server_data (void *data)
{
  BusServerData *bd = data;  
  
  dbus_free (bd);
}

227 228 229
static dbus_bool_t
setup_server (BusContext *context,
              DBusServer *server,
230
              char      **auth_mechanisms,
231
              DBusError  *error)
232
{
233
  BusServerData *bd;
234 235 236 237 238 239 240 241 242 243 244 245

  bd = dbus_new0 (BusServerData, 1);
  if (!dbus_server_set_data (server,
                             server_data_slot,
                             bd, free_server_data))
    {
      dbus_free (bd);
      BUS_SET_OOM (error);
      return FALSE;
    }

  bd->context = context;
246
  
247 248 249 250 251 252
  if (!dbus_server_set_auth_mechanisms (server, (const char**) auth_mechanisms))
    {
      BUS_SET_OOM (error);
      return FALSE;
    }
  
253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276
  dbus_server_set_new_connection_function (server,
                                           new_connection_callback,
                                           context, NULL);
  
  if (!dbus_server_set_watch_functions (server,
                                        add_server_watch,
                                        remove_server_watch,
                                        NULL,
                                        server,
                                        NULL))
    {
      BUS_SET_OOM (error);
      return FALSE;
    }

  if (!dbus_server_set_timeout_functions (server,
                                          add_server_timeout,
                                          remove_server_timeout,
                                          NULL,
                                          server, NULL))
    {
      BUS_SET_OOM (error);
      return FALSE;
    }
277
  
278 279 280
  return TRUE;
}

281
BusContext*
282
bus_context_new (const DBusString *config_file,
283
                 int               print_addr_fd,
284
                 DBusError        *error)
285 286
{
  BusContext *context;
287 288 289 290
  DBusList *link;
  DBusList **addresses;
  BusConfigParser *parser;
  DBusString full_address;
291
  const char *user, *pidfile;
292 293 294
  char **auth_mechanisms;
  DBusList **auth_mechanisms_list;
  int len;
295
  
296
  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
297

298
  if (!_dbus_string_init (&full_address))
299 300 301 302
    {
      BUS_SET_OOM (error);
      return NULL;
    }
303

304 305 306 307 308 309 310
  if (!server_data_slot_ref ())
    {
      BUS_SET_OOM (error);
      _dbus_string_free (&full_address);
      return NULL;
    }
  
311 312
  parser = NULL;
  context = NULL;
313
  auth_mechanisms = NULL;
314 315 316 317
  
  parser = bus_config_load (config_file, error);
  if (parser == NULL)
    goto failed;
318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342

  /* Check for an existing pid file. Of course this is a race;
   * we'd have to use fcntl() locks on the pid file to
   * avoid that. But we want to check for the pid file
   * before overwriting any existing sockets, etc.
   */
  pidfile = bus_config_parser_get_pidfile (parser);
  if (pidfile != NULL)
    {
      DBusString u;
      DBusStat stbuf;
      DBusError tmp_error;
      
      dbus_error_init (&tmp_error);
      _dbus_string_init_const (&u, pidfile);
      
      if (_dbus_stat (&u, &stbuf, &tmp_error))
	{
	  dbus_set_error (error, DBUS_ERROR_FAILED,
			  "The pid file \"%s\" exists, if the message bus is not running, remove this file",
			  pidfile);
	  dbus_error_free (&tmp_error);
	  goto failed;
	}
    }
343 344 345 346 347
  
  context = dbus_new0 (BusContext, 1);
  if (context == NULL)
    {
      BUS_SET_OOM (error);
348
      goto failed;
349 350 351
    }
  
  context->refcount = 1;
352

353 354 355
  /* get our limits and timeout lengths */
  bus_config_parser_get_limits (parser, &context->limits);
  
356 357 358 359 360
  /* we need another ref of the server data slot for the context
   * to own
   */
  if (!server_data_slot_ref ())
    _dbus_assert_not_reached ("second ref of server data slot failed");
361
  
362 363 364 365 366 367
  context->user_database = _dbus_user_database_new ();
  if (context->user_database == NULL)
    {
      BUS_SET_OOM (error);
      goto failed;
    }
368
  
369
  context->loop = _dbus_loop_new ();
370 371 372 373 374 375
  if (context->loop == NULL)
    {
      BUS_SET_OOM (error);
      goto failed;
    }
  
376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404
  /* Build an array of auth mechanisms */
  
  auth_mechanisms_list = bus_config_parser_get_mechanisms (parser);
  len = _dbus_list_get_length (auth_mechanisms_list);

  if (len > 0)
    {
      int i;

      auth_mechanisms = dbus_new0 (char*, len + 1);
      if (auth_mechanisms == NULL)
        goto failed;
      
      i = 0;
      link = _dbus_list_get_first_link (auth_mechanisms_list);
      while (link != NULL)
        {
          auth_mechanisms[i] = _dbus_strdup (link->data);
          if (auth_mechanisms[i] == NULL)
            goto failed;
          link = _dbus_list_get_next_link (auth_mechanisms_list, link);
        }
    }
  else
    {
      auth_mechanisms = NULL;
    }

  /* Listen on our addresses */
405 406 407 408 409 410 411 412 413 414 415
  
  addresses = bus_config_parser_get_addresses (parser);  
  
  link = _dbus_list_get_first_link (addresses);
  while (link != NULL)
    {
      DBusServer *server;
      
      server = dbus_server_listen (link->data, error);
      if (server == NULL)
        goto failed;
416
      else if (!setup_server (context, server, auth_mechanisms, error))
417 418 419 420 421 422 423 424 425 426 427
        goto failed;

      if (!_dbus_list_append (&context->servers, server))
        {
          BUS_SET_OOM (error);
          goto failed;
        }          
      
      link = _dbus_list_get_next_link (addresses, link);
    }

428 429
  /* note that type may be NULL */
  context->type = _dbus_strdup (bus_config_parser_get_type (parser));
430
  
431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453
  /* We have to build the address backward, so that
   * <listen> later in the config file have priority
   */
  link = _dbus_list_get_last_link (&context->servers);
  while (link != NULL)
    {
      char *addr;
      
      addr = dbus_server_get_address (link->data);
      if (addr == NULL)
        {
          BUS_SET_OOM (error);
          goto failed;
        }

      if (_dbus_string_get_length (&full_address) > 0)
        {
          if (!_dbus_string_append (&full_address, ";"))
            {
              BUS_SET_OOM (error);
              goto failed;
            }
        }
454

455 456 457 458 459 460 461 462 463 464 465 466
      if (!_dbus_string_append (&full_address, addr))
        {
          BUS_SET_OOM (error);
          goto failed;
        }

      dbus_free (addr);

      link = _dbus_list_get_prev_link (&context->servers, link);
    }

  if (!_dbus_string_copy_data (&full_address, &context->address))
467 468 469 470
    {
      BUS_SET_OOM (error);
      goto failed;
    }
471

472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513
  /* Note that we don't know whether the print_addr_fd is
   * one of the sockets we're using to listen on, or some
   * other random thing. But I think the answer is "don't do
   * that then"
   */
  if (print_addr_fd >= 0)
    {
      DBusString addr;
      const char *a = bus_context_get_address (context);
      int bytes;
      
      _dbus_assert (a != NULL);
      if (!_dbus_string_init (&addr))
        {
          BUS_SET_OOM (error);
          goto failed;
        }
      
      if (!_dbus_string_append (&addr, a) ||
          !_dbus_string_append (&addr, "\n"))
        {
          _dbus_string_free (&addr);
          BUS_SET_OOM (error);
          goto failed;
        }

      bytes = _dbus_string_get_length (&addr);
      if (_dbus_write (print_addr_fd, &addr, 0, bytes) != bytes)
        {
          dbus_set_error (error, DBUS_ERROR_FAILED,
                          "Printing message bus address: %s\n",
                          _dbus_strerror (errno));
          _dbus_string_free (&addr);
          goto failed;
        }

      if (print_addr_fd > 2)
        _dbus_close (print_addr_fd, NULL);

      _dbus_string_free (&addr);
    }
  
514
  /* Create activation subsystem */
515
  
516
  context->activation = bus_activation_new (context, &full_address,
517 518
                                            bus_config_parser_get_service_dirs (parser),
                                            error);
519 520 521 522 523 524 525 526 527 528 529 530 531
  if (context->activation == NULL)
    {
      _DBUS_ASSERT_ERROR_IS_SET (error);
      goto failed;
    }

  context->connections = bus_connections_new (context);
  if (context->connections == NULL)
    {
      BUS_SET_OOM (error);
      goto failed;
    }

532
  context->registry = bus_registry_new (context);
533 534 535 536 537
  if (context->registry == NULL)
    {
      BUS_SET_OOM (error);
      goto failed;
    }
538

539 540 541
  context->policy = bus_config_parser_steal_policy (parser);
  _dbus_assert (context->policy != NULL);
  
542 543 544
  /* Now become a daemon if appropriate */
  if (bus_config_parser_get_fork (parser))
    {
545 546 547 548 549 550
      DBusString u;

      if (pidfile)
        _dbus_string_init_const (&u, pidfile);
      
      if (!_dbus_become_daemon (pidfile ? &u : NULL, error))
551 552
        goto failed;
    }
553 554 555 556 557 558 559 560 561 562 563 564 565
  else
    {
      /* Need to write PID file for ourselves, not for the child process */
      if (pidfile != NULL)
        {
          DBusString u;

          _dbus_string_init_const (&u, pidfile);
          
          if (!_dbus_write_pid_file (&u, _dbus_getpid (), error))
            goto failed;
        }
    }
566 567 568

  /* keep around the pid filename so we can delete it later */
  context->pidfile = _dbus_strdup (pidfile);
569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593

  /* Here we change our credentials if required,
   * as soon as we've set up our sockets and pidfile
   */
  user = bus_config_parser_get_user (parser);
  if (user != NULL)
    {
      DBusCredentials creds;
      DBusString u;

      _dbus_string_init_const (&u, user);

      if (!_dbus_credentials_from_username (&u, &creds) ||
          creds.uid < 0 ||
          creds.gid < 0)
        {
          dbus_set_error (error, DBUS_ERROR_FAILED,
                          "Could not get UID and GID for username \"%s\"",
                          user);
          goto failed;
        }
      
      if (!_dbus_change_identity (creds.uid, creds.gid, error))
        goto failed;
    }
594
  
595 596
  bus_config_parser_unref (parser);
  _dbus_string_free (&full_address);
597
  dbus_free_string_array (auth_mechanisms);
598
  server_data_slot_unref ();
599 600 601
  
  return context;
  
602
 failed:  
603 604 605 606 607 608 609
  if (parser != NULL)
    bus_config_parser_unref (parser);

  if (context != NULL)
    bus_context_unref (context);

  _dbus_string_free (&full_address);
610
  dbus_free_string_array (auth_mechanisms);
611 612 613

  server_data_slot_unref ();
  
614 615 616
  return NULL;
}

617 618 619
static void
shutdown_server (BusContext *context,
                 DBusServer *server)
620
{
621 622
  if (server == NULL ||
      !dbus_server_get_is_connected (server))
623 624
    return;
  
625
  if (!dbus_server_set_watch_functions (server,
626
                                        NULL, NULL, NULL,
627 628 629 630
                                        context,
                                        NULL))
    _dbus_assert_not_reached ("setting watch functions to NULL failed");
  
631
  if (!dbus_server_set_timeout_functions (server,
632
                                          NULL, NULL, NULL,
633 634 635 636
                                          context,
                                          NULL))
    _dbus_assert_not_reached ("setting timeout functions to NULL failed");
  
637 638 639 640 641 642 643 644 645 646 647 648 649 650 651
  dbus_server_disconnect (server);
}

void
bus_context_shutdown (BusContext  *context)
{
  DBusList *link;

  link = _dbus_list_get_first_link (&context->servers);
  while (link != NULL)
    {
      shutdown_server (context, link->data);

      link = _dbus_list_get_next_link (&context->servers, link);
    }
652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668
}

void
bus_context_ref (BusContext *context)
{
  _dbus_assert (context->refcount > 0);
  context->refcount += 1;
}

void
bus_context_unref (BusContext *context)
{
  _dbus_assert (context->refcount > 0);
  context->refcount -= 1;

  if (context->refcount == 0)
    {
669 670
      DBusList *link;
      
671 672
      _dbus_verbose ("Finalizing bus context %p\n", context);
      
673
      bus_context_shutdown (context);
674 675 676 677 678 679

      if (context->connections)
        {
          bus_connections_unref (context->connections);
          context->connections = NULL;
        }
680
      
681
      if (context->registry)
682 683 684 685 686
        {
          bus_registry_unref (context->registry);
          context->registry = NULL;
        }
      
687
      if (context->activation)
688 689 690 691
        {
          bus_activation_unref (context->activation);
          context->activation = NULL;
        }
692 693 694

      link = _dbus_list_get_first_link (&context->servers);
      while (link != NULL)
695
        {
696 697 698
          dbus_server_unref (link->data);
          
          link = _dbus_list_get_next_link (&context->servers, link);
699
        }
700
      _dbus_list_clear (&context->servers);
701

702
      if (context->policy)
703
        {
704 705
          bus_policy_unref (context->policy);
          context->policy = NULL;
706
        }
707
      
708 709
      if (context->loop)
        {
710
          _dbus_loop_unref (context->loop);
711 712 713
          context->loop = NULL;
        }
      
714
      dbus_free (context->type);
715
      dbus_free (context->address);
716 717 718 719 720 721 722 723 724 725 726 727 728 729

      if (context->pidfile)
	{
          DBusString u;
          _dbus_string_init_const (&u, context->pidfile);

          /* Deliberately ignore errors here, since there's not much
	   * we can do about it, and we're exiting anyways.
	   */
	  _dbus_delete_file (&u, NULL);

          dbus_free (context->pidfile); 
	}

730 731
      _dbus_user_database_unref (context->user_database);
      
732
      dbus_free (context);
733 734

      server_data_slot_unref ();
735 736 737
    }
}

738 739 740 741 742 743 744
/* type may be NULL */
const char*
bus_context_get_type (BusContext *context)
{
  return context->type;
}

745 746 747 748 749 750
const char*
bus_context_get_address (BusContext *context)
{
  return context->address;
}

751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767
BusRegistry*
bus_context_get_registry (BusContext  *context)
{
  return context->registry;
}

BusConnections*
bus_context_get_connections (BusContext  *context)
{
  return context->connections;
}

BusActivation*
bus_context_get_activation (BusContext  *context)
{
  return context->activation;
}
768

769
DBusLoop*
770 771 772 773 774
bus_context_get_loop (BusContext *context)
{
  return context->loop;
}

775 776 777 778 779 780
DBusUserDatabase*
bus_context_get_user_database (BusContext *context)
{
  return context->user_database;
}

781 782 783 784
dbus_bool_t
bus_context_allow_user (BusContext   *context,
                        unsigned long uid)
{
785 786 787
  return bus_policy_allow_user (context->policy,
                                context->user_database,
                                uid);
788 789
}

790 791 792
BusClientPolicy*
bus_context_create_client_policy (BusContext      *context,
                                  DBusConnection  *connection)
793
{
794
  return bus_policy_create_client_policy (context->policy, connection);
795
}
796 797 798 799 800

int
bus_context_get_activation_timeout (BusContext *context)
{
  
801
  return context->limits.activation_timeout;
802
}
803

804 805 806
int
bus_context_get_auth_timeout (BusContext *context)
{
807
  return context->limits.auth_timeout;
808 809 810 811 812
}

int
bus_context_get_max_completed_connections (BusContext *context)
{
813
  return context->limits.max_completed_connections;
814 815 816 817 818
}

int
bus_context_get_max_incomplete_connections (BusContext *context)
{
819
  return context->limits.max_incomplete_connections;
820 821 822 823 824
}

int
bus_context_get_max_connections_per_user (BusContext *context)
{
825
  return context->limits.max_connections_per_user;
826 827
}

828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860
dbus_bool_t
bus_context_check_security_policy (BusContext     *context,
                                   DBusConnection *sender,
                                   DBusConnection *recipient,
                                   DBusMessage    *message,
                                   DBusError      *error)
{
  BusClientPolicy *sender_policy;
  BusClientPolicy *recipient_policy;

  /* NULL sender/receiver means the bus driver */
  
  if (sender != NULL)
    {
      _dbus_assert (dbus_connection_get_is_authenticated (sender));
      sender_policy = bus_connection_get_policy (sender);
    }
  else
    sender_policy = NULL;

  if (recipient != NULL)
    {
      _dbus_assert (dbus_connection_get_is_authenticated (recipient));
      recipient_policy = bus_connection_get_policy (recipient);
    }
  else
    recipient_policy = NULL;

  if (sender_policy &&
      !bus_client_policy_check_can_send (sender_policy,
                                         context->registry, recipient,
                                         message))
    {
861
      const char *dest = dbus_message_get_destination (message);
862 863 864 865 866 867 868 869 870 871 872 873 874 875 876
      dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
                      "A security policy in place prevents this sender "
                      "from sending this message to this recipient, "
                      "see message bus configuration file (rejected message "
                      "had name \"%s\" destination \"%s\")",
                      dbus_message_get_name (message),
                      dest ? dest : DBUS_SERVICE_DBUS);
      return FALSE;
    }

  if (recipient_policy &&
      !bus_client_policy_check_can_receive (recipient_policy,
                                            context->registry, sender,
                                            message))
    {
877
      const char *dest = dbus_message_get_destination (message);
878 879 880 881 882 883 884 885 886 887
      dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
                      "A security policy in place prevents this recipient "
                      "from receiving this message from this sender, "
                      "see message bus configuration file (rejected message "
                      "had name \"%s\" destination \"%s\")",
                      dbus_message_get_name (message),
                      dest ? dest : DBUS_SERVICE_DBUS);
      return FALSE;
    }

888 889 890
  /* See if limits on size have been exceeded */
  if (recipient &&
      dbus_connection_get_outgoing_size (recipient) >
891
      context->limits.max_outgoing_bytes)
892
    {
893
      const char *dest = dbus_message_get_destination (message);
894 895 896 897 898 899
      dbus_set_error (error, DBUS_ERROR_LIMITS_EXCEEDED,
                      "The destination service \"%s\" has a full message queue",
                      dest ? dest : DBUS_SERVICE_DBUS);
      return FALSE;
    }
  
900 901
  return TRUE;
}