Strip "QUBESRPC " prefix from service call commands

It carries no information, and various parts of the code must strip it. Just omit it from the command entirely. Whether a command is an RPC command should be determined by the service descriptor being non-NULL. Review with "git diff --ignore-space-change".
QubesOS · Jan 31, 2025 · f4dfe46 · f4dfe46
1 parent c6b3619
commit f4dfe46
Show file tree

Hide file tree

Showing 6 changed files with 188 additions and 190 deletions.
diff --git a/agent/qrexec-agent.c b/agent/qrexec-agent.c
@@ -172,8 +172,10 @@ _Noreturn void do_exec(const char *prog, const char *cmd, const char *user)
             exit(1);
         }
         /* call QUBESRPC if requested */
-        /* no point in creating a login shell for test environments */
-        exec_qubes_rpc_if_requested2(prog, cmd, environ, false);
+        if (prog) {
+            /* no point in creating a login shell for test environments */
+            exec_qubes_rpc2(prog, cmd, environ, false);
+        }
 
         /* otherwise exec shell */
         execl("/bin/sh", "sh", "-c", cmd, NULL);
@@ -279,10 +281,11 @@ _Noreturn void do_exec(const char *prog, const char *cmd, const char *user)
             if (retval == -1)
                 warn("chdir(%s)", pw->pw_dir);
 
-            /* Call QUBESRPC if requested, using a login shell to set up
-             * environment variables. */
-            exec_qubes_rpc_if_requested2(prog, cmd, env, true);
-
+            /* call QUBESRPC if requested */
+            if (prog) {
+                /* Set up environment variables for a login shell. */
+                exec_qubes_rpc2(prog, cmd, env, true);
+            }
             /* otherwise exec shell */
             execle(pw->pw_shell, arg0, "-c", cmd, (char*)NULL, env);
             _exit(QREXEC_EXIT_PROBLEM);
@@ -318,10 +321,11 @@ _Noreturn void do_exec(const char *prog, const char *cmd, const char *user)
     pam_end(pamh, PAM_ABORT);
     exit(1);
 #else
-    /* Call QUBESRPC if requested, using a login shell to set up
-     * environment variables. */
-    exec_qubes_rpc_if_requested2(prog, cmd, environ, true);
-
+    /* call QUBESRPC if requested */
+    if (prog) {
+        /* Set up environment variables for a login session. */
+        exec_qubes_rpc2(prog, cmd, environ, true);
+    }
     /* otherwise exec shell */
     execl("/bin/su", "su", "-", user, "-c", cmd, NULL);
     PERROR("execl");

diff --git a/agent/qrexec-fork-server.c b/agent/qrexec-fork-server.c
@@ -44,8 +44,11 @@ void do_exec(const char *prog, const char *cmd, const char *user __attribute__((
     signal(SIGCHLD, SIG_DFL);
     signal(SIGPIPE, SIG_DFL);
 
-    /* Call QUBESRPC if requested.  This code already runs in a login session. */
-    exec_qubes_rpc_if_requested2(prog, cmd, environ, false);
+    /* call QUBESRPC if requested */
+    if (prog != NULL) {
+        /* Already in login session. */
+        exec_qubes_rpc2(prog, cmd, environ, false);
+    }
 
     /* otherwise, pass it to shell */
     shell = getenv("SHELL");

diff --git a/daemon/qrexec-client.c b/daemon/qrexec-client.c
@@ -66,11 +66,13 @@ static _Noreturn void do_exec(const char *prog,
                               const char *cmdline,
                               const char *username __attribute__((unused)))
 {
-    /* Avoid calling RPC command through shell.
-     * Qrexec-client is always in a login session. */
-    exec_qubes_rpc_if_requested2(prog, cmdline, environ, false);
+    /* avoid calling RPC service through shell */
+    if (prog) {
+        /* qrexec-client is always in a login session. */
+        exec_qubes_rpc2(prog, cmdline, environ, false);
+    }
 
-    /* if above haven't executed RPC command, pass it to shell */
+    /* if above haven't executed RPC service, pass it to shell */
     execl("/bin/bash", "bash", "-c", cmdline, NULL);
     PERROR("exec bash");
     exit(1);
@@ -326,11 +328,8 @@ int main(int argc, char **argv)
                 assert(command->username == NULL);
                 assert(command->command);
                 /* qrexec-client is always in a login session. */
-                exec_qubes_rpc_if_requested2(buf.data, command->command, environ, false);
-                /* not reached, so fall through to crash */
-                assert(false);
-                rc = QREXEC_EXIT_PROBLEM;
-                break;
+                exec_qubes_rpc2(buf.data, command->command, environ, false);
+                /* not reached */
             default:
                 assert(false);
                 rc = QREXEC_EXIT_PROBLEM;

diff --git a/daemon/qrexec-daemon.c b/daemon/qrexec-daemon.c
@@ -1133,9 +1133,11 @@ static enum policy_response connect_daemon_socket(
 /* called from do_fork_exec */
 static _Noreturn void do_exec(const char *prog, const char *cmd, const char *username __attribute__((unused)))
 {
-    /* Avoid calling RPC command through shell.
-     * Qrexec-daemon is always in a login session already. */
-    exec_qubes_rpc_if_requested2(prog, cmd, environ, true);
+    /* avoid calling RPC command through shell */
+    if (prog) {
+        /* qrexec-daemon is always in a login session already */
+        exec_qubes_rpc2(prog, cmd, environ, false);
+    }
 
     /* if above haven't executed RPC command, pass it to shell */
     execl("/bin/bash", "bash", "-c", cmd, NULL);