From 46c7f6b2fe54605548590bc8fb555fe45a1e8348 Mon Sep 17 00:00:00 2001
From: Jerzi Kaminsky <JerziKaminsky@users.noreply.github.com>
Date: Sat, 15 Apr 2017 00:40:46 +0300
Subject: [PATCH] Handle IPC security targets which are symlinks

---
 sway/commands/permit.c |  7 +++++--
 sway/security.c        | 17 +++++++++++++++--
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/sway/commands/permit.c b/sway/commands/permit.c
index e2bec2e244..a1191ca818 100644
--- a/sway/commands/permit.c
+++ b/sway/commands/permit.c
@@ -2,6 +2,7 @@
 #include "sway/commands.h"
 #include "sway/config.h"
 #include "sway/security.h"
+#include "util.h"
 #include "log.h"
 
 static enum secure_feature get_features(int argc, char **argv,
@@ -40,20 +41,22 @@ static enum secure_feature get_features(int argc, char **argv,
 
 static struct feature_policy *get_policy(const char *name) {
 	struct feature_policy *policy = NULL;
+	char* rname = resolve_path(name);
 	for (int i = 0; i < config->feature_policies->length; ++i) {
 		struct feature_policy *p = config->feature_policies->items[i];
-		if (strcmp(p->program, name) == 0) {
+		if (strcmp(p->program, rname) == 0) {
 			policy = p;
 			break;
 		}
 	}
 	if (!policy) {
-		policy = alloc_feature_policy(name);
+		policy = alloc_feature_policy(rname);
 		if (!policy) {
 			sway_abort("Unable to allocate security policy");
 		}
 		list_add(config->feature_policies, policy);
 	}
+	free(rname);
 	return policy;
 }
 
diff --git a/sway/security.c b/sway/security.c
index f8a96ba7f6..eee4d1e091 100644
--- a/sway/security.c
+++ b/sway/security.c
@@ -4,10 +4,15 @@
 #include <stdio.h>
 #include "sway/config.h"
 #include "sway/security.h"
+#include "util.h"
 #include "log.h"
 
 struct feature_policy *alloc_feature_policy(const char *program) {
 	uint32_t default_policy = 0;
+	char* rname = resolve_path(program);
+	if(!rname) {
+		return NULL;
+	}
 	for (int i = 0; i < config->feature_policies->length; ++i) {
 		struct feature_policy *policy = config->feature_policies->items[i];
 		if (strcmp(policy->program, "*") == 0) {
@@ -20,17 +25,23 @@ struct feature_policy *alloc_feature_policy(const char *program) {
 	if (!policy) {
 		return NULL;
 	}
-	policy->program = strdup(program);
+	policy->program = strdup(rname);
 	if (!policy->program) {
+		free(rname);
 		free(policy);
 		return NULL;
 	}
 	policy->features = default_policy;
+	free(rname);
 	return policy;
 }
 
 struct ipc_policy *alloc_ipc_policy(const char *program) {
 	uint32_t default_policy = 0;
+	char* rname = resolve_path(program);
+	if (!rname) {
+		return NULL;
+	}
 	for (int i = 0; i < config->ipc_policies->length; ++i) {
 		struct ipc_policy *policy = config->ipc_policies->items[i];
 		if (strcmp(policy->program, "*") == 0) {
@@ -43,12 +54,14 @@ struct ipc_policy *alloc_ipc_policy(const char *program) {
 	if (!policy) {
 		return NULL;
 	}
-	policy->program = strdup(program);
+	policy->program = strdup(rname);
 	if (!policy->program) {
+		free(rname);
 		free(policy);
 		return NULL;
 	}
 	policy->features = default_policy;
+	free(rname);
 	return policy;
 }