From 46fd664ba334ec97da80b48d8948d99bff1cab06 Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@invisiblethingslab.com>
Date: Thu, 30 Aug 2012 17:44:52 +0200
Subject: [PATCH] dom0/qrexec: implement default user handling in qrexec_daemon

This will simplify using qrexec from utilities which doen't load qubes.xml
normally (like qrexec_policy, gui daemon).
---
 dom0/qvm-core/qubes.py |  2 +-
 qrexec/qrexec_daemon.c | 21 ++++++++++++++++++---
 2 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/dom0/qvm-core/qubes.py b/dom0/qvm-core/qubes.py
index 687d1d36..52519384 100755
--- a/dom0/qvm-core/qubes.py
+++ b/dom0/qvm-core/qubes.py
@@ -1441,7 +1441,7 @@ class QubesVm(object):
         if verbose:
             print >> sys.stderr, "--> Starting the qrexec daemon..."
         xid = self.get_xid()
-        retcode = subprocess.call ([qrexec_daemon_path, str(xid)])
+        retcode = subprocess.call ([qrexec_daemon_path, str(xid), self.default_user])
         if (retcode != 0) :
             self.force_shutdown()
             raise OSError ("ERROR: Cannot execute qrexec_daemon!")
diff --git a/qrexec/qrexec_daemon.c b/qrexec/qrexec_daemon.c
index 14e5cbcc..2c1af591 100644
--- a/qrexec/qrexec_daemon.c
+++ b/qrexec/qrexec_daemon.c
@@ -59,6 +59,9 @@ struct _client clients[MAX_CLIENTS];	// data on all qrexec_client connections
 
 int max_client_fd = -1;		// current max fd of all clients; so that we need not to scan all the "clients" table
 int qrexec_daemon_unix_socket_fd;	// /var/run/qubes/qrexec.xid descriptor
+char *default_user = "user";
+char default_user_keyword[] = "DEFAULT:";
+#define default_user_keyword_len_without_colon (sizeof(default_user_keyword)-2)
 
 void sigusr1_handler(int x)
 {
@@ -193,12 +196,22 @@ int get_cmdline_body_from_client_and_pass_to_agent(int fd, struct server_header
 {
 	int len = s_hdr->len;
 	char buf[len];
+	int use_default_user = 0;
 	if (!read_all(fd, buf, len)) {
 		terminate_client_and_flush_data(fd);
 		return 0;
 	}
+	if (!strncmp(buf, default_user_keyword, default_user_keyword_len_without_colon+1)) {
+		use_default_user = 1;
+		s_hdr->len -= default_user_keyword_len_without_colon; // -1 because of colon
+		s_hdr->len += strlen(default_user);
+	}
 	write_all_vchan_ext(s_hdr, sizeof(*s_hdr));
-	write_all_vchan_ext(buf, len);
+	if (use_default_user) {
+		write_all_vchan_ext(default_user, strlen(default_user));
+		write_all_vchan_ext(buf+default_user_keyword_len_without_colon, len-default_user_keyword_len_without_colon);
+	} else
+		write_all_vchan_ext(buf, len);
 	return 1;
 }
 
@@ -580,10 +593,12 @@ int main(int argc, char **argv)
 	int max;
 	sigset_t chld_set;
 
-	if (argc != 2) {
-		fprintf(stderr, "usage: %s domainid\n", argv[0]);
+	if (argc != 2 && argc != 3) {
+		fprintf(stderr, "usage: %s domainid [default user]\n", argv[0]);
 		exit(1);
 	}
+	if (argc == 3)
+		default_user = argv[2];
 	init(atoi(argv[1]));
 	sigemptyset(&chld_set);
 	sigaddset(&chld_set, SIGCHLD);