25 #include "dbus-auth.h"
26 #include "dbus-string.h"
27 #include "dbus-list.h"
28 #include "dbus-internals.h"
29 #include "dbus-keyring.h"
31 #include "dbus-protocol.h"
32 #include "dbus-credentials.h"
120 DBUS_AUTH_COMMAND_AUTH,
121 DBUS_AUTH_COMMAND_CANCEL,
122 DBUS_AUTH_COMMAND_DATA,
123 DBUS_AUTH_COMMAND_BEGIN,
124 DBUS_AUTH_COMMAND_REJECTED,
125 DBUS_AUTH_COMMAND_OK,
126 DBUS_AUTH_COMMAND_ERROR,
127 DBUS_AUTH_COMMAND_UNKNOWN,
128 DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD,
129 DBUS_AUTH_COMMAND_AGREE_UNIX_FD
223 static void goto_state (
DBusAuth *auth,
231 const char *message);
253 "WaitingForAuth", handle_server_state_waiting_for_auth
256 "WaitingForData", handle_server_state_waiting_for_data
259 "WaitingForBegin", handle_server_state_waiting_for_begin
283 "WaitingForData", handle_client_state_waiting_for_data
286 "WaitingForOK", handle_client_state_waiting_for_ok
289 "WaitingForReject", handle_client_state_waiting_for_reject
292 "WaitingForAgreeUnixFD", handle_client_state_waiting_for_agree_unix_fd
300 "Authenticated",
NULL
304 "NeedDisconnect",
NULL
307 static const char auth_side_client[] =
"client";
308 static const char auth_side_server[] =
"server";
313 #define DBUS_AUTH_IS_SERVER(auth) ((auth)->side == auth_side_server)
318 #define DBUS_AUTH_IS_CLIENT(auth) ((auth)->side == auth_side_client)
323 #define DBUS_AUTH_CLIENT(auth) ((DBusAuthClient*)(auth))
328 #define DBUS_AUTH_SERVER(auth) ((DBusAuthServer*)(auth))
335 #define DBUS_AUTH_NAME(auth) ((auth)->side)
338 _dbus_auth_new (
int size)
429 _dbus_verbose (
"%s: Shutting down mechanism %s\n",
471 if (_dbus_string_get_length (&cookie) == 0)
481 &to_hash, _dbus_string_get_length (&to_hash)))
488 &to_hash, _dbus_string_get_length (&to_hash)))
495 &to_hash, _dbus_string_get_length (&to_hash)))
516 #define N_CHALLENGE_BYTES (128/8)
519 sha1_handle_first_client_response (
DBusAuth *auth,
534 if (_dbus_string_get_length (data) > 0)
536 if (_dbus_string_get_length (&auth->
identity) > 0)
539 _dbus_verbose (
"%s: client tried to send auth identity, but we already have one\n",
541 return send_rejected (auth);
553 _dbus_verbose (
"%s: Did not get a valid username from client\n",
555 return send_rejected (auth);
596 _DBUS_ASSERT_ERROR_IS_SET (&error);
597 _dbus_verbose (
"%s: Error loading keyring: %s\n",
599 if (send_rejected (auth))
617 _DBUS_ASSERT_ERROR_IS_SET (&error);
618 _dbus_verbose (
"%s: Could not get a cookie ID to send to client: %s\n",
620 if (send_rejected (auth))
631 &tmp2, _dbus_string_get_length (&tmp2)))
651 _dbus_string_get_length (&tmp2)))
654 if (!send_data (auth, &tmp2))
657 goto_state (auth, &server_state_waiting_for_data);
670 sha1_handle_second_client_response (
DBusAuth *auth,
688 _dbus_verbose (
"%s: no space separator in client response\n",
690 return send_rejected (auth);
706 _dbus_string_get_length (data) - i,
711 if (_dbus_string_get_length (&client_challenge) == 0 ||
712 _dbus_string_get_length (&client_hash) == 0)
714 _dbus_verbose (
"%s: zero-length client challenge or hash\n",
716 if (send_rejected (auth))
724 if (!sha1_compute_hash (auth, auth->
cookie_id,
731 if (_dbus_string_get_length (&correct_hash) == 0)
733 if (send_rejected (auth))
740 if (send_rejected (auth))
752 DBUS_CREDENTIAL_UNIX_PROCESS_ID,
759 _dbus_verbose (
"%s: authenticated client using DBUS_COOKIE_SHA1\n",
777 handle_server_data_cookie_sha1_mech (
DBusAuth *auth,
781 return sha1_handle_first_client_response (auth, data);
783 return sha1_handle_second_client_response (auth, data);
787 handle_server_shutdown_cookie_sha1_mech (
DBusAuth *auth)
794 handle_client_initial_response_cookie_sha1_mech (
DBusAuth *auth,
810 _dbus_string_get_length (response)))
822 handle_client_data_cookie_sha1_mech (
DBusAuth *auth,
843 if (send_error (auth,
844 "Server did not send context/ID/challenge properly"))
859 if (send_error (auth,
860 "Server did not send context/ID/challenge properly"))
877 j = _dbus_string_get_length (data);
880 &server_challenge, 0))
885 if (send_error (auth,
"Server sent invalid cookie context"))
892 if (send_error (auth,
"Could not parse cookie ID as an integer"))
897 if (_dbus_string_get_length (&server_challenge) == 0)
899 if (send_error (auth,
"Empty server challenge string"))
923 _DBUS_ASSERT_ERROR_IS_SET (&error);
925 _dbus_verbose (
"%s: Error loading keyring: %s\n",
928 if (send_error (auth,
"Could not load cookie file"))
958 if (!sha1_compute_hash (auth, val,
964 if (_dbus_string_get_length (&correct_hash) == 0)
967 if (send_error (auth,
"Don't have the requested cookie ID"))
975 _dbus_string_get_length (&tmp)))
982 _dbus_string_get_length (&tmp)))
985 if (!send_data (auth, &tmp))
1009 handle_client_shutdown_cookie_sha1_mech (
DBusAuth *auth)
1020 handle_server_data_external_mech (
DBusAuth *auth,
1025 _dbus_verbose (
"%s: no credentials, mechanism EXTERNAL can't authenticate\n",
1027 return send_rejected (auth);
1030 if (_dbus_string_get_length (data) > 0)
1032 if (_dbus_string_get_length (&auth->
identity) > 0)
1035 _dbus_verbose (
"%s: client tried to send auth identity, but we already have one\n",
1037 return send_rejected (auth);
1048 if (_dbus_string_get_length (&auth->
identity) == 0 &&
1051 if (send_data (auth,
NULL))
1053 _dbus_verbose (
"%s: sending empty challenge asking client for auth identity\n",
1056 goto_state (auth, &server_state_waiting_for_data);
1070 if (_dbus_string_get_length (&auth->
identity) == 0)
1083 _dbus_verbose (
"%s: could not get credentials from uid string\n",
1085 return send_rejected (auth);
1091 _dbus_verbose (
"%s: desired user %s is no good\n",
1093 _dbus_string_get_const_data (&auth->
identity));
1094 return send_rejected (auth);
1108 DBUS_CREDENTIAL_UNIX_PROCESS_ID,
1113 DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID,
1118 DBUS_CREDENTIAL_LINUX_SECURITY_LABEL,
1122 if (!send_ok (auth))
1125 _dbus_verbose (
"%s: authenticated client based on socket credentials\n",
1132 _dbus_verbose (
"%s: desired identity not found in socket credentials\n",
1134 return send_rejected (auth);
1139 handle_server_shutdown_external_mech (
DBusAuth *auth)
1145 handle_client_initial_response_external_mech (
DBusAuth *auth,
1163 _dbus_string_get_length (response)))
1176 handle_client_data_external_mech (
DBusAuth *auth,
1184 handle_client_shutdown_external_mech (
DBusAuth *auth)
1194 handle_server_data_anonymous_mech (
DBusAuth *auth,
1197 if (_dbus_string_get_length (data) > 0)
1206 _dbus_verbose (
"%s: Received invalid UTF-8 trace data from ANONYMOUS client\n",
1208 return send_rejected (auth);
1211 _dbus_verbose (
"%s: ANONYMOUS client sent trace string: '%s'\n",
1213 _dbus_string_get_const_data (data));
1222 DBUS_CREDENTIAL_UNIX_PROCESS_ID,
1227 if (!send_ok (auth))
1230 _dbus_verbose (
"%s: authenticated client as anonymous\n",
1237 handle_server_shutdown_anonymous_mech (
DBusAuth *auth)
1243 handle_client_initial_response_anonymous_mech (
DBusAuth *auth,
1258 "libdbus " DBUS_VERSION_STRING))
1263 _dbus_string_get_length (response)))
1276 handle_client_data_anonymous_mech (
DBusAuth *auth,
1284 handle_client_shutdown_anonymous_mech (
DBusAuth *auth)
1301 all_mechanisms[] = {
1303 handle_server_data_external_mech,
1305 handle_server_shutdown_external_mech,
1306 handle_client_initial_response_external_mech,
1307 handle_client_data_external_mech,
1309 handle_client_shutdown_external_mech },
1310 {
"DBUS_COOKIE_SHA1",
1311 handle_server_data_cookie_sha1_mech,
1313 handle_server_shutdown_cookie_sha1_mech,
1314 handle_client_initial_response_cookie_sha1_mech,
1315 handle_client_data_cookie_sha1_mech,
1317 handle_client_shutdown_cookie_sha1_mech },
1319 handle_server_data_anonymous_mech,
1321 handle_server_shutdown_anonymous_mech,
1322 handle_client_initial_response_anonymous_mech,
1323 handle_client_data_anonymous_mech,
1325 handle_client_shutdown_anonymous_mech },
1331 char **allowed_mechs)
1335 if (allowed_mechs !=
NULL &&
1337 _dbus_string_get_const_data (name)))
1341 while (all_mechanisms[i].mechanism !=
NULL)
1344 all_mechanisms[i].mechanism))
1346 return &all_mechanisms[i];
1400 _dbus_string_get_length (&auth->
outgoing)))
1407 shutdown_mech (auth);
1409 goto_state (auth, &client_state_waiting_for_data);
1419 if (data ==
NULL || _dbus_string_get_length (data) == 0)
1423 old_len = _dbus_string_get_length (&auth->
outgoing);
1428 _dbus_string_get_length (&auth->
outgoing)))
1458 while (all_mechanisms[i].mechanism !=
NULL)
1465 all_mechanisms[i].mechanism))
1475 _dbus_string_get_length (&auth->
outgoing)))
1478 shutdown_mech (auth);
1485 goto_state (auth, &common_state_need_disconnect);
1487 goto_state (auth, &server_state_waiting_for_auth);
1499 send_error (
DBusAuth *auth,
const char *message)
1502 "ERROR \"%s\"\r\n", message);
1510 orig_len = _dbus_string_get_length (&auth->
outgoing);
1516 _dbus_string_get_length (&auth->
outgoing)) &&
1519 goto_state (auth, &server_state_waiting_for_begin);
1537 goto_state (auth, &common_state_authenticated);
1560 if (end_of_hex != _dbus_string_get_length (args_from_ok) ||
1563 _dbus_verbose (
"Bad GUID from server, parsed %d bytes and had %d bytes from server\n",
1564 end_of_hex, _dbus_string_get_length (args_from_ok));
1565 goto_state (auth, &common_state_need_disconnect);
1574 _dbus_verbose (
"Got GUID '%s' from the server\n",
1575 _dbus_string_get_const_data (&
DBUS_AUTH_CLIENT (auth)->guid_from_server));
1578 return send_negotiate_unix_fd(auth);
1580 _dbus_verbose(
"Not negotiating unix fd passing, since not possible\n");
1581 return send_begin (auth);
1589 goto_state (auth, &client_state_waiting_for_reject);
1613 if (_dbus_string_get_length (args) != end)
1616 if (!send_error (auth,
"Invalid hex encoding"))
1622 #ifdef DBUS_ENABLE_VERBOSE_MODE
1624 _dbus_string_get_length (&decoded)))
1625 _dbus_verbose (
"%s: data: '%s'\n",
1627 _dbus_string_get_const_data (&decoded));
1630 if (!(* data_func) (auth, &decoded))
1641 send_negotiate_unix_fd (
DBusAuth *auth)
1644 "NEGOTIATE_UNIX_FD\r\n"))
1647 goto_state (auth, &client_state_waiting_for_agree_unix_fd);
1652 send_agree_unix_fd (
DBusAuth *auth)
1657 _dbus_verbose(
"Agreed to UNIX FD passing\n");
1660 "AGREE_UNIX_FD\r\n"))
1663 goto_state (auth, &server_state_waiting_for_begin);
1670 if (_dbus_string_get_length (args) == 0)
1673 if (!send_rejected (auth))
1705 _dbus_verbose (
"%s: Trying mechanism %s\n",
1709 if (!process_data (auth, &hex_response,
1716 _dbus_verbose (
"%s: Unsupported mechanism %s\n",
1718 _dbus_string_get_const_data (&mech));
1720 if (!send_rejected (auth))
1738 handle_server_state_waiting_for_auth (
DBusAuth *auth,
1744 case DBUS_AUTH_COMMAND_AUTH:
1745 return handle_auth (auth, args);
1747 case DBUS_AUTH_COMMAND_CANCEL:
1748 case DBUS_AUTH_COMMAND_DATA:
1749 return send_error (auth,
"Not currently in an auth conversation");
1751 case DBUS_AUTH_COMMAND_BEGIN:
1752 goto_state (auth, &common_state_need_disconnect);
1755 case DBUS_AUTH_COMMAND_ERROR:
1756 return send_rejected (auth);
1758 case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
1759 return send_error (auth,
"Need to authenticate first");
1761 case DBUS_AUTH_COMMAND_REJECTED:
1762 case DBUS_AUTH_COMMAND_OK:
1763 case DBUS_AUTH_COMMAND_UNKNOWN:
1764 case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
1766 return send_error (auth,
"Unknown command");
1771 handle_server_state_waiting_for_data (
DBusAuth *auth,
1777 case DBUS_AUTH_COMMAND_AUTH:
1778 return send_error (auth,
"Sent AUTH while another AUTH in progress");
1780 case DBUS_AUTH_COMMAND_CANCEL:
1781 case DBUS_AUTH_COMMAND_ERROR:
1782 return send_rejected (auth);
1784 case DBUS_AUTH_COMMAND_DATA:
1787 case DBUS_AUTH_COMMAND_BEGIN:
1788 goto_state (auth, &common_state_need_disconnect);
1791 case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
1792 return send_error (auth,
"Need to authenticate first");
1794 case DBUS_AUTH_COMMAND_REJECTED:
1795 case DBUS_AUTH_COMMAND_OK:
1796 case DBUS_AUTH_COMMAND_UNKNOWN:
1797 case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
1799 return send_error (auth,
"Unknown command");
1804 handle_server_state_waiting_for_begin (
DBusAuth *auth,
1810 case DBUS_AUTH_COMMAND_AUTH:
1811 return send_error (auth,
"Sent AUTH while expecting BEGIN");
1813 case DBUS_AUTH_COMMAND_DATA:
1814 return send_error (auth,
"Sent DATA while expecting BEGIN");
1816 case DBUS_AUTH_COMMAND_BEGIN:
1817 goto_state (auth, &common_state_authenticated);
1820 case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
1822 return send_agree_unix_fd(auth);
1824 return send_error(auth,
"Unix FD passing not supported, not authenticated or otherwise not possible");
1826 case DBUS_AUTH_COMMAND_REJECTED:
1827 case DBUS_AUTH_COMMAND_OK:
1828 case DBUS_AUTH_COMMAND_UNKNOWN:
1829 case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
1831 return send_error (auth,
"Unknown command");
1833 case DBUS_AUTH_COMMAND_CANCEL:
1834 case DBUS_AUTH_COMMAND_ERROR:
1835 return send_rejected (auth);
1871 len = _dbus_string_get_length (args);
1882 if (!get_word (args, &next, &m))
1901 if (mech != &all_mechanisms[0])
1903 _dbus_verbose (
"%s: Adding mechanism %s to list we will try\n",
1915 _dbus_verbose (
"%s: Already tried mechanism %s; not adding to list we will try\n",
1921 _dbus_verbose (
"%s: Server offered mechanism \"%s\" that we don't know how to use\n",
1923 _dbus_string_get_const_data (&m));
1949 if (!record_mechanisms (auth, args))
1957 if (!send_auth (auth, mech))
1962 _dbus_verbose (
"%s: Trying mechanism %s\n",
1969 _dbus_verbose (
"%s: Disconnecting because we are out of mechanisms to try using\n",
1971 goto_state (auth, &common_state_need_disconnect);
1979 handle_client_state_waiting_for_data (
DBusAuth *auth,
1987 case DBUS_AUTH_COMMAND_DATA:
1990 case DBUS_AUTH_COMMAND_REJECTED:
1991 return process_rejected (auth, args);
1993 case DBUS_AUTH_COMMAND_OK:
1994 return process_ok(auth, args);
1996 case DBUS_AUTH_COMMAND_ERROR:
1997 return send_cancel (auth);
1999 case DBUS_AUTH_COMMAND_AUTH:
2000 case DBUS_AUTH_COMMAND_CANCEL:
2001 case DBUS_AUTH_COMMAND_BEGIN:
2002 case DBUS_AUTH_COMMAND_UNKNOWN:
2003 case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
2004 case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
2006 return send_error (auth,
"Unknown command");
2011 handle_client_state_waiting_for_ok (
DBusAuth *auth,
2017 case DBUS_AUTH_COMMAND_REJECTED:
2018 return process_rejected (auth, args);
2020 case DBUS_AUTH_COMMAND_OK:
2021 return process_ok(auth, args);
2023 case DBUS_AUTH_COMMAND_DATA:
2024 case DBUS_AUTH_COMMAND_ERROR:
2025 return send_cancel (auth);
2027 case DBUS_AUTH_COMMAND_AUTH:
2028 case DBUS_AUTH_COMMAND_CANCEL:
2029 case DBUS_AUTH_COMMAND_BEGIN:
2030 case DBUS_AUTH_COMMAND_UNKNOWN:
2031 case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
2032 case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
2034 return send_error (auth,
"Unknown command");
2039 handle_client_state_waiting_for_reject (
DBusAuth *auth,
2045 case DBUS_AUTH_COMMAND_REJECTED:
2046 return process_rejected (auth, args);
2048 case DBUS_AUTH_COMMAND_AUTH:
2049 case DBUS_AUTH_COMMAND_CANCEL:
2050 case DBUS_AUTH_COMMAND_DATA:
2051 case DBUS_AUTH_COMMAND_BEGIN:
2052 case DBUS_AUTH_COMMAND_OK:
2053 case DBUS_AUTH_COMMAND_ERROR:
2054 case DBUS_AUTH_COMMAND_UNKNOWN:
2055 case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
2056 case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
2058 goto_state (auth, &common_state_need_disconnect);
2064 handle_client_state_waiting_for_agree_unix_fd(
DBusAuth *auth,
2070 case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
2073 _dbus_verbose(
"Successfully negotiated UNIX FD passing\n");
2074 return send_begin (auth);
2076 case DBUS_AUTH_COMMAND_ERROR:
2079 _dbus_verbose(
"Failed to negotiate UNIX FD passing\n");
2080 return send_begin (auth);
2082 case DBUS_AUTH_COMMAND_OK:
2083 case DBUS_AUTH_COMMAND_DATA:
2084 case DBUS_AUTH_COMMAND_REJECTED:
2085 case DBUS_AUTH_COMMAND_AUTH:
2086 case DBUS_AUTH_COMMAND_CANCEL:
2087 case DBUS_AUTH_COMMAND_BEGIN:
2088 case DBUS_AUTH_COMMAND_UNKNOWN:
2089 case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
2091 return send_error (auth,
"Unknown command");
2104 {
"AUTH", DBUS_AUTH_COMMAND_AUTH },
2105 {
"CANCEL", DBUS_AUTH_COMMAND_CANCEL },
2106 {
"DATA", DBUS_AUTH_COMMAND_DATA },
2107 {
"BEGIN", DBUS_AUTH_COMMAND_BEGIN },
2108 {
"REJECTED", DBUS_AUTH_COMMAND_REJECTED },
2109 {
"OK", DBUS_AUTH_COMMAND_OK },
2110 {
"ERROR", DBUS_AUTH_COMMAND_ERROR },
2111 {
"NEGOTIATE_UNIX_FD", DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD },
2112 {
"AGREE_UNIX_FD", DBUS_AUTH_COMMAND_AGREE_UNIX_FD }
2116 lookup_command_from_name (
DBusString *command)
2123 auth_command_names[i].name))
2124 return auth_command_names[i].command;
2127 return DBUS_AUTH_COMMAND_UNKNOWN;
2134 _dbus_verbose (
"%s: going from state %s to state %s\n",
2139 auth->
state = state;
2178 _dbus_string_get_length (&line)))
2180 _dbus_verbose (
"%s: Command contained non-ASCII chars or embedded nul\n",
2182 if (!send_error (auth,
"Command contained non-ASCII"))
2188 _dbus_verbose (
"%s: got command \"%s\"\n",
2190 _dbus_string_get_const_data (&line));
2205 command = lookup_command_from_name (&line);
2272 auth->
side = auth_side_server;
2273 auth->
state = &server_state_waiting_for_auth;
2277 server_auth->
guid = guid_copy;
2313 auth->
side = auth_side_client;
2314 auth->
state = &client_state_need_send_auth;
2318 if (!send_auth (auth, &all_mechanisms[0]))
2357 shutdown_mech (auth);
2400 const char **mechanisms)
2404 if (mechanisms !=
NULL)
2424 #define DBUS_AUTH_IN_END_STATE(auth) ((auth)->state->handler == NULL)
2439 #define MAX_BUFFER (16 * _DBUS_ONE_KILOBYTE)
2446 if (_dbus_string_get_length (&auth->
incoming) > MAX_BUFFER ||
2447 _dbus_string_get_length (&auth->
outgoing) > MAX_BUFFER)
2449 goto_state (auth, &common_state_need_disconnect);
2450 _dbus_verbose (
"%s: Disconnecting due to excessive data buffered in auth phase\n",
2455 while (process_command (auth));
2458 return DBUS_AUTH_STATE_WAITING_FOR_MEMORY;
2459 else if (_dbus_string_get_length (&auth->
outgoing) > 0)
2460 return DBUS_AUTH_STATE_HAVE_BYTES_TO_SEND;
2461 else if (auth->
state == &common_state_need_disconnect)
2462 return DBUS_AUTH_STATE_NEED_DISCONNECT;
2463 else if (auth->
state == &common_state_authenticated)
2464 return DBUS_AUTH_STATE_AUTHENTICATED;
2465 else return DBUS_AUTH_STATE_WAITING_FOR_INPUT;
2486 if (_dbus_string_get_length (&auth->
outgoing) == 0)
2506 _dbus_verbose (
"%s: Sent %d bytes of: %s\n",
2509 _dbus_string_get_const_data (&auth->
outgoing));
2596 if (auth->
state != &common_state_authenticated)
2627 if (auth->
state != &common_state_authenticated)
2640 _dbus_string_get_length (encoded));
2655 if (auth->
state != &common_state_authenticated)
2690 if (auth->
state != &common_state_authenticated)
2703 _dbus_string_get_length (plaintext));
2736 if (auth->
state == &common_state_authenticated)
2762 if (auth->
state == &common_state_authenticated)
2763 return _dbus_string_get_const_data (&
DBUS_AUTH_CLIENT (auth)->guid_from_server);
2781 &auth->
context, 0, _dbus_string_get_length (context));
dbus_bool_t dbus_error_has_name(const DBusError *error, const char *name)
Checks whether the error is set and has the given name.
dbus_bool_t _dbus_string_append(DBusString *str, const char *buffer)
Appends a nul-terminated C-style string to a DBusString.
dbus_bool_t _dbus_string_parse_int(const DBusString *str, int start, long *value_return, int *end_return)
Parses an integer contained in a DBusString.
const char * message
public error message field
void _dbus_auth_delete_unused_bytes(DBusAuth *auth)
Gets rid of unused bytes returned by _dbus_auth_get_unused_bytes() after we've gotten them and succes...
#define NULL
A null pointer, defined appropriately for C or C++.
void _dbus_auth_get_unused_bytes(DBusAuth *auth, const DBusString **str)
Returns leftover bytes that were not used as part of the auth conversation.
void _dbus_keyring_unref(DBusKeyring *keyring)
Decrements refcount and finalizes if it reaches zero.
dbus_bool_t _dbus_string_equal(const DBusString *a, const DBusString *b)
Tests two DBusString for equality.
DBusAuthDecodeFunction client_decode_func
Function on client side for decode.
DBusAuthEncodeFunction server_encode_func
Function on server side to encode.
void dbus_free(void *memory)
Frees a block of memory previously allocated by dbus_malloc() or dbus_malloc0().
dbus_bool_t _dbus_credentials_add_credential(DBusCredentials *credentials, DBusCredentialType which, DBusCredentials *other_credentials)
Merge the given credential found in the second object into the first object, overwriting the first ob...
DBusAuthCommand
Enumeration for the known authentication commands.
dbus_bool_t _dbus_auth_needs_decoding(DBusAuth *auth)
Called post-authentication, indicates whether we need to decode the message stream with _dbus_auth_de...
dbus_bool_t _dbus_string_hex_encode(const DBusString *source, int start, DBusString *dest, int insert_at)
Encodes a string in hex, the way MD5 and SHA-1 are usually encoded.
unsigned int buffer_outstanding
Buffer is "checked out" for reading data into.
DBusList * mechs_to_try
Mechanisms we got from the server that we're going to try using.
dbus_bool_t _dbus_string_append_int(DBusString *str, long value)
Appends an integer to a DBusString.
dbus_bool_t _dbus_credentials_are_superset(DBusCredentials *credentials, DBusCredentials *possible_subset)
Checks whether the first credentials object contains all the credentials found in the second credenti...
dbus_bool_t _dbus_auth_encode_data(DBusAuth *auth, const DBusString *plaintext, DBusString *encoded)
Called post-authentication, encodes a block of bytes for sending to the peer.
Internals of DBusKeyring.
dbus_bool_t _dbus_auth_set_context(DBusAuth *auth, const DBusString *context)
Sets the "authentication context" which scopes cookies with the DBUS_COOKIE_SHA1 auth mechanism for e...
#define _dbus_assert(condition)
Aborts with an error message if the condition is false.
void * data
Data stored at this element.
void _dbus_auth_return_buffer(DBusAuth *auth, DBusString *buffer)
Returns a buffer with new data read into it.
DBusAuthState _dbus_auth_do_work(DBusAuth *auth)
Analyzes buffered input and moves the auth conversation forward, returning the new state of the auth ...
void dbus_error_free(DBusError *error)
Frees an error that's been set (or just initialized), then reinitializes the error as in dbus_error_i...
const char * mechanism
Name of the mechanism.
unsigned int unix_fd_negotiated
Unix fd was successfully negotiated.
dbus_bool_t _dbus_keyring_get_hex_key(DBusKeyring *keyring, int key_id, DBusString *hex_key)
Gets the hex-encoded secret key for the given ID.
dbus_bool_t _dbus_auth_set_mechanisms(DBusAuth *auth, const char **mechanisms)
Sets an array of authentication mechanism names that we are willing to use.
dbus_bool_t _dbus_string_init(DBusString *str)
Initializes a string.
dbus_bool_t _dbus_append_user_from_current_process(DBusString *str)
Append to the string the identity we would like to have when we authenticate, on UNIX this is the cur...
DBusAuthShutdownFunction server_shutdown_func
Function on server side to shut down.
dbus_bool_t _dbus_string_copy(const DBusString *source, int start, DBusString *dest, int insert_at)
Like _dbus_string_move(), but does not delete the section of the source string that's copied to the d...
DBusKeyring * keyring
Keyring for cookie mechanism.
DBusString context
Cookie scope.
dbus_bool_t(* DBusAuthDataFunction)(DBusAuth *auth, const DBusString *data)
This function processes a block of data received from the peer.
dbus_bool_t _dbus_auth_get_unix_fd_negotiated(DBusAuth *auth)
Queries whether unix fd passing was successfully negotiated.
void _dbus_credentials_clear(DBusCredentials *credentials)
Clear all credentials in the object.
dbus_bool_t _dbus_string_find(const DBusString *str, int start, const char *substr, int *found)
Finds the given substring in the string, returning TRUE and filling in the byte index where the subst...
DBusString guid
Our globally unique ID in hex encoding.
const char * side
Client or server.
dbus_bool_t _dbus_credentials_add_credentials(DBusCredentials *credentials, DBusCredentials *other_credentials)
Merge all credentials found in the second object into the first object, overwriting the first object ...
DBusString guid_from_server
GUID received from server.
DBusCredentials * _dbus_auth_get_identity(DBusAuth *auth)
Gets the identity we authorized the client as.
void _dbus_auth_get_buffer(DBusAuth *auth, DBusString **buffer)
Get a buffer to be used for reading bytes from the peer we're conversing with.
DBusString challenge
Challenge sent to client.
dbus_bool_t _dbus_auth_decode_data(DBusAuth *auth, const DBusString *encoded, DBusString *plaintext)
Called post-authentication, decodes a block of bytes received from the peer.
DBusCredentials * authorized_identity
Credentials that are authorized.
DBusAuthDecodeFunction server_decode_func
Function on server side to decode.
dbus_bool_t _dbus_string_move(DBusString *source, int start, DBusString *dest, int insert_at)
Moves the end of one string into another string.
dbus_bool_t _dbus_credentials_are_anonymous(DBusCredentials *credentials)
Checks whether a credentials object contains a user identity.
dbus_bool_t _dbus_string_equal_c_str(const DBusString *a, const char *c_str)
Checks whether a string is equal to a C string.
void _dbus_auth_bytes_sent(DBusAuth *auth, int bytes_sent)
Notifies the auth conversation object that the given number of bytes of the outgoing buffer have been...
Internal members of DBusAuth.
DBusInitialResponseFunction client_initial_response_func
Function on client side to handle initial response.
dbus_uint32_t dbus_bool_t
A boolean, valid values are TRUE and FALSE.
"Subclass" of DBusAuth for server side.
DBusAuthStateFunction handler
State function for this state.
DBusAuthDataFunction client_data_func
Function on client side for DATA.
const DBusAuthStateData * state
Current protocol state.
dbus_bool_t _dbus_string_replace_len(const DBusString *source, int start, int len, DBusString *dest, int replace_at, int replace_len)
Replaces a segment of dest string with a segment of source string.
"Subclass" of DBusAuth for client side
DBusCredentials * desired_identity
Identity client has requested.
void _dbus_string_skip_blank(const DBusString *str, int start, int *end)
Skips blanks from start, storing the first non-blank in *end (blank is space or tab).
DBusAuth * _dbus_auth_server_new(const DBusString *guid)
Creates a new auth conversation object for the server side.
unsigned int needed_memory
We needed memory to continue since last successful getting something done.
#define DBUS_AUTH_NAME(auth)
The name of the auth ("client" or "server")
DBusAuth * _dbus_auth_ref(DBusAuth *auth)
Increments the refcount of an auth object.
unsigned int already_asked_for_initial_response
Already sent a blank challenge to get an initial response.
void _dbus_string_delete(DBusString *str, int start, int len)
Deletes a segment of a DBusString with length len starting at start.
DBusString identity
Current identity we're authorizing as.
dbus_bool_t(* DBusInitialResponseFunction)(DBusAuth *auth, DBusString *response)
This function appends an initial client response to the given string.
dbus_bool_t _dbus_list_append(DBusList **list, void *data)
Appends a value to the list.
unsigned int already_got_mechanisms
Client already got mech list.
dbus_bool_t _dbus_string_append_printf(DBusString *str, const char *format,...)
Appends a printf-style formatted string to the DBusString.
void _dbus_string_zero(DBusString *str)
Clears all allocated bytes in the string to zero.
int cookie_id
ID of cookie to use.
Information about a auth state.
Object representing an exception.
dbus_bool_t(* DBusAuthStateFunction)(DBusAuth *auth, DBusAuthCommand command, const DBusString *args)
Auth state function, determines the reaction to incoming events for a particular state.
int _dbus_keyring_get_best_key(DBusKeyring *keyring, DBusError *error)
Gets a recent key to use for authentication.
dbus_bool_t _dbus_string_validate_utf8(const DBusString *str, int start, int len)
Checks that the given range of the string is valid UTF-8.
DBusAuth base
Parent class.
DBusAuthShutdownFunction client_shutdown_func
Function on client side for shutdown.
void * _dbus_list_pop_first(DBusList **list)
Removes the first value in the list and returns it.
int refcount
reference count
const char * _dbus_auth_get_guid_from_server(DBusAuth *auth)
Gets the GUID from the server if we've authenticated; gets NULL otherwise.
#define _DBUS_N_ELEMENTS(array)
Computes the number of elements in a fixed-size array using sizeof().
char ** allowed_mechs
Mechanisms we're allowed to use, or NULL if we can use any.
const char * name
Name of the command.
dbus_bool_t(* DBusAuthDecodeFunction)(DBusAuth *auth, const DBusString *data, DBusString *decoded)
This function decodes a block of data from the peer.
#define DBUS_AUTH_CLIENT(auth)
void _dbus_string_free(DBusString *str)
Frees a string created by _dbus_string_init().
char ** _dbus_dup_string_array(const char **array)
Duplicates a string array.
#define TRUE
Expands to "1".
int failures
Number of times client has been rejected.
#define DBUS_AUTH_IS_SERVER(auth)
void(* DBusAuthShutdownFunction)(DBusAuth *auth)
This function is called when the mechanism is abandoned.
#define N_CHALLENGE_BYTES
http://www.ietf.org/rfc/rfc2831.txt suggests at least 64 bits of entropy, we use 128.
dbus_bool_t _dbus_string_find_blank(const DBusString *str, int start, int *found)
Finds a blank (space or tab) in the string.
DBusString incoming
Incoming data buffer.
dbus_bool_t _dbus_auth_set_credentials(DBusAuth *auth, DBusCredentials *credentials)
Sets credentials received via reliable means from the operating system.
dbus_bool_t _dbus_keyring_is_for_credentials(DBusKeyring *keyring, DBusCredentials *credentials)
Checks whether the keyring is for the same user as the given credentials.
void _dbus_auth_set_unix_fd_possible(DBusAuth *auth, dbus_bool_t b)
Sets whether unix fd passing is potentially on the transport and hence shall be negotiated.
const char * name
Name of the state.
DBusAuthEncodeFunction client_encode_func
Function on client side for encode.
DBusCredentials * _dbus_credentials_new(void)
Creates a new credentials object.
DBusKeyring * _dbus_keyring_new_for_credentials(DBusCredentials *credentials, const DBusString *context, DBusError *error)
Creates a new keyring that lives in the ~/.dbus-keyrings directory of the user represented by credent...
DBusAuthDataFunction server_data_func
Function on server side for DATA.
dbus_bool_t(* DBusAuthEncodeFunction)(DBusAuth *auth, const DBusString *data, DBusString *encoded)
This function encodes a block of data from the peer.
void dbus_error_init(DBusError *error)
Initializes a DBusError structure.
dbus_bool_t _dbus_string_hex_decode(const DBusString *source, int start, int *end_return, DBusString *dest, int insert_at)
Decodes a string from hex encoding.
void dbus_free_string_array(char **str_array)
Frees a NULL-terminated array of strings.
dbus_bool_t _dbus_string_array_contains(const char **array, const char *str)
Checks whether a string array contains the given string.
int max_failures
Number of times we reject before disconnect.
void _dbus_auth_unref(DBusAuth *auth)
Decrements the refcount of an auth object.
dbus_bool_t _dbus_auth_get_bytes_to_send(DBusAuth *auth, const DBusString **str)
Gets bytes that need to be sent to the peer we're conversing with.
Mapping from command name to enum.
Virtual table representing a particular auth mechanism.
#define DBUS_ERROR_NO_MEMORY
There was not enough memory to complete an operation.
void _dbus_credentials_unref(DBusCredentials *credentials)
Decrement refcount on credentials.
#define FALSE
Expands to "0".
const DBusAuthMechanismHandler * mech
Current auth mechanism.
#define DBUS_AUTH_SERVER(auth)
unsigned int unix_fd_possible
This side could do unix fd passing.
dbus_bool_t _dbus_sha_compute(const DBusString *data, DBusString *ascii_output)
Computes the ASCII hex-encoded shasum of the given data and appends it to the output string...
dbus_bool_t _dbus_string_set_length(DBusString *str, int length)
Sets the length of a string.
dbus_bool_t _dbus_string_copy_len(const DBusString *source, int start, int len, DBusString *dest, int insert_at)
Like _dbus_string_copy(), but can copy a segment from the middle of the source string.
void * dbus_malloc0(size_t bytes)
Allocates the given number of bytes, as with standard malloc(), but all bytes are initialized to zero...
dbus_bool_t _dbus_auth_needs_encoding(DBusAuth *auth)
Called post-authentication, indicates whether we need to encode the message stream with _dbus_auth_en...
DBusCredentials * credentials
Credentials read from socket.
DBusAuth * _dbus_auth_client_new(void)
Creates a new auth conversation object for the client side.
dbus_bool_t _dbus_string_validate_ascii(const DBusString *str, int start, int len)
Checks that the given range of the string is valid ASCII with no nul bytes.
DBusAuth base
Parent class.
dbus_bool_t _dbus_keyring_validate_context(const DBusString *context)
Checks whether the context is a valid context.
#define DBUS_AUTH_IN_END_STATE(auth)
dbus_bool_t dbus_error_is_set(const DBusError *error)
Checks whether an error occurred (the error is set).
DBusString outgoing
Outgoing data buffer.
dbus_bool_t _dbus_credentials_are_empty(DBusCredentials *credentials)
Checks whether a credentials object contains anything.
dbus_bool_t _dbus_generate_random_bytes(DBusString *str, int n_bytes)
Generates the given number of random bytes, using the best mechanism we can come up with...
#define DBUS_AUTH_IS_CLIENT(auth)
DBusAuthCommand command
Corresponding enum.
void _dbus_list_clear(DBusList **list)
Frees all links in the list and sets the list head to NULL.
dbus_bool_t _dbus_credentials_add_from_user(DBusCredentials *credentials, const DBusString *username)
Adds the credentials corresponding to the given username.
