1 /* -*- mode: C; c-file-style: "gnu" -*- */
2 /* bus.c message bus context object
4 * Copyright (C) 2003 Red Hat, Inc.
6 * Licensed under the Academic Free License version 1.2
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
25 #include "activation.h"
26 #include "connection.h"
30 #include "config-parser.h"
31 #include <dbus/dbus-list.h>
32 #include <dbus/dbus-hash.h>
33 #include <dbus/dbus-internals.h>
43 BusConnections *connections;
44 BusActivation *activation;
45 BusRegistry *registry;
47 DBusUserDatabase *user_database;
51 static dbus_int32_t server_data_slot = -1;
58 #define BUS_SERVER_DATA(server) (dbus_server_get_data ((server), server_data_slot))
61 server_get_context (DBusServer *server)
66 if (!dbus_server_allocate_data_slot (&server_data_slot))
69 bd = BUS_SERVER_DATA (server);
72 dbus_server_free_data_slot (&server_data_slot);
76 context = bd->context;
78 dbus_server_free_data_slot (&server_data_slot);
84 server_watch_callback (DBusWatch *watch,
85 unsigned int condition,
88 /* FIXME this can be done in dbus-mainloop.c
89 * if the code in activation.c for the babysitter
90 * watch handler is fixed.
93 return dbus_watch_handle (watch, condition);
97 add_server_watch (DBusWatch *watch,
100 DBusServer *server = data;
103 context = server_get_context (server);
105 return _dbus_loop_add_watch (context->loop,
106 watch, server_watch_callback, server,
111 remove_server_watch (DBusWatch *watch,
114 DBusServer *server = data;
117 context = server_get_context (server);
119 _dbus_loop_remove_watch (context->loop,
120 watch, server_watch_callback, server);
125 server_timeout_callback (DBusTimeout *timeout,
128 /* can return FALSE on OOM but we just let it fire again later */
129 dbus_timeout_handle (timeout);
133 add_server_timeout (DBusTimeout *timeout,
136 DBusServer *server = data;
139 context = server_get_context (server);
141 return _dbus_loop_add_timeout (context->loop,
142 timeout, server_timeout_callback, server, NULL);
146 remove_server_timeout (DBusTimeout *timeout,
149 DBusServer *server = data;
152 context = server_get_context (server);
154 _dbus_loop_remove_timeout (context->loop,
155 timeout, server_timeout_callback, server);
159 new_connection_callback (DBusServer *server,
160 DBusConnection *new_connection,
163 BusContext *context = data;
165 if (!bus_connections_setup_connection (context->connections, new_connection))
167 _dbus_verbose ("No memory to setup new connection\n");
169 /* if we don't do this, it will get unref'd without
170 * being disconnected... kind of strange really
171 * that we have to do this, people won't get it right
174 dbus_connection_disconnect (new_connection);
177 dbus_connection_set_max_received_size (new_connection,
178 context->limits.max_incoming_bytes);
180 dbus_connection_set_max_message_size (new_connection,
181 context->limits.max_message_size);
183 /* on OOM, we won't have ref'd the connection so it will die. */
187 free_server_data (void *data)
189 BusServerData *bd = data;
195 setup_server (BusContext *context,
197 char **auth_mechanisms,
202 bd = dbus_new0 (BusServerData, 1);
203 if (!dbus_server_set_data (server,
205 bd, free_server_data))
212 bd->context = context;
214 if (!dbus_server_set_auth_mechanisms (server, (const char**) auth_mechanisms))
220 dbus_server_set_new_connection_function (server,
221 new_connection_callback,
224 if (!dbus_server_set_watch_functions (server,
235 if (!dbus_server_set_timeout_functions (server,
237 remove_server_timeout,
249 bus_context_new (const DBusString *config_file,
250 dbus_bool_t force_fork,
257 DBusList **addresses;
258 BusConfigParser *parser;
259 DBusString full_address;
260 const char *user, *pidfile;
261 char **auth_mechanisms;
262 DBusList **auth_mechanisms_list;
265 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
267 if (!_dbus_string_init (&full_address))
273 if (!dbus_server_allocate_data_slot (&server_data_slot))
276 _dbus_string_free (&full_address);
282 auth_mechanisms = NULL;
284 parser = bus_config_load (config_file, TRUE, error);
288 /* Check for an existing pid file. Of course this is a race;
289 * we'd have to use fcntl() locks on the pid file to
290 * avoid that. But we want to check for the pid file
291 * before overwriting any existing sockets, etc.
293 pidfile = bus_config_parser_get_pidfile (parser);
300 dbus_error_init (&tmp_error);
301 _dbus_string_init_const (&u, pidfile);
303 if (_dbus_stat (&u, &stbuf, &tmp_error))
305 dbus_set_error (error, DBUS_ERROR_FAILED,
306 "The pid file \"%s\" exists, if the message bus is not running, remove this file",
308 dbus_error_free (&tmp_error);
313 context = dbus_new0 (BusContext, 1);
320 context->refcount = 1;
322 /* get our limits and timeout lengths */
323 bus_config_parser_get_limits (parser, &context->limits);
325 /* we need another ref of the server data slot for the context
328 if (!dbus_server_allocate_data_slot (&server_data_slot))
329 _dbus_assert_not_reached ("second ref of server data slot failed");
331 context->user_database = _dbus_user_database_new ();
332 if (context->user_database == NULL)
338 context->loop = _dbus_loop_new ();
339 if (context->loop == NULL)
345 /* Build an array of auth mechanisms */
347 auth_mechanisms_list = bus_config_parser_get_mechanisms (parser);
348 len = _dbus_list_get_length (auth_mechanisms_list);
354 auth_mechanisms = dbus_new0 (char*, len + 1);
355 if (auth_mechanisms == NULL)
359 link = _dbus_list_get_first_link (auth_mechanisms_list);
362 auth_mechanisms[i] = _dbus_strdup (link->data);
363 if (auth_mechanisms[i] == NULL)
365 link = _dbus_list_get_next_link (auth_mechanisms_list, link);
370 auth_mechanisms = NULL;
373 /* Listen on our addresses */
375 addresses = bus_config_parser_get_addresses (parser);
377 link = _dbus_list_get_first_link (addresses);
382 server = dbus_server_listen (link->data, error);
385 else if (!setup_server (context, server, auth_mechanisms, error))
388 if (!_dbus_list_append (&context->servers, server))
394 link = _dbus_list_get_next_link (addresses, link);
397 /* note that type may be NULL */
398 context->type = _dbus_strdup (bus_config_parser_get_type (parser));
400 /* We have to build the address backward, so that
401 * <listen> later in the config file have priority
403 link = _dbus_list_get_last_link (&context->servers);
408 addr = dbus_server_get_address (link->data);
415 if (_dbus_string_get_length (&full_address) > 0)
417 if (!_dbus_string_append (&full_address, ";"))
424 if (!_dbus_string_append (&full_address, addr))
432 link = _dbus_list_get_prev_link (&context->servers, link);
435 if (!_dbus_string_copy_data (&full_address, &context->address))
441 /* Note that we don't know whether the print_addr_fd is
442 * one of the sockets we're using to listen on, or some
443 * other random thing. But I think the answer is "don't do
446 if (print_addr_fd >= 0)
449 const char *a = bus_context_get_address (context);
452 _dbus_assert (a != NULL);
453 if (!_dbus_string_init (&addr))
459 if (!_dbus_string_append (&addr, a) ||
460 !_dbus_string_append (&addr, "\n"))
462 _dbus_string_free (&addr);
467 bytes = _dbus_string_get_length (&addr);
468 if (_dbus_write (print_addr_fd, &addr, 0, bytes) != bytes)
470 dbus_set_error (error, DBUS_ERROR_FAILED,
471 "Printing message bus address: %s\n",
472 _dbus_strerror (errno));
473 _dbus_string_free (&addr);
477 if (print_addr_fd > 2)
478 _dbus_close (print_addr_fd, NULL);
480 _dbus_string_free (&addr);
483 /* Create activation subsystem */
485 context->activation = bus_activation_new (context, &full_address,
486 bus_config_parser_get_service_dirs (parser),
488 if (context->activation == NULL)
490 _DBUS_ASSERT_ERROR_IS_SET (error);
494 context->connections = bus_connections_new (context);
495 if (context->connections == NULL)
501 context->registry = bus_registry_new (context);
502 if (context->registry == NULL)
508 context->policy = bus_config_parser_steal_policy (parser);
509 _dbus_assert (context->policy != NULL);
511 /* Now become a daemon if appropriate */
512 if (force_fork || bus_config_parser_get_fork (parser))
517 _dbus_string_init_const (&u, pidfile);
519 if (!_dbus_become_daemon (pidfile ? &u : NULL, error))
524 /* Need to write PID file for ourselves, not for the child process */
529 _dbus_string_init_const (&u, pidfile);
531 if (!_dbus_write_pid_file (&u, _dbus_getpid (), error))
536 /* keep around the pid filename so we can delete it later */
537 context->pidfile = _dbus_strdup (pidfile);
539 /* Write PID if requested */
540 if (print_pid_fd >= 0)
545 if (!_dbus_string_init (&pid))
551 if (!_dbus_string_append_int (&pid, _dbus_getpid ()) ||
552 !_dbus_string_append (&pid, "\n"))
554 _dbus_string_free (&pid);
559 bytes = _dbus_string_get_length (&pid);
560 if (_dbus_write (print_pid_fd, &pid, 0, bytes) != bytes)
562 dbus_set_error (error, DBUS_ERROR_FAILED,
563 "Printing message bus PID: %s\n",
564 _dbus_strerror (errno));
565 _dbus_string_free (&pid);
569 if (print_pid_fd > 2)
570 _dbus_close (print_pid_fd, NULL);
572 _dbus_string_free (&pid);
575 /* Here we change our credentials if required,
576 * as soon as we've set up our sockets and pidfile
578 user = bus_config_parser_get_user (parser);
581 DBusCredentials creds;
584 _dbus_string_init_const (&u, user);
586 if (!_dbus_credentials_from_username (&u, &creds) ||
590 dbus_set_error (error, DBUS_ERROR_FAILED,
591 "Could not get UID and GID for username \"%s\"",
596 if (!_dbus_change_identity (creds.uid, creds.gid, error))
600 bus_config_parser_unref (parser);
601 _dbus_string_free (&full_address);
602 dbus_free_string_array (auth_mechanisms);
603 dbus_server_free_data_slot (&server_data_slot);
609 bus_config_parser_unref (parser);
612 bus_context_unref (context);
614 _dbus_string_free (&full_address);
615 dbus_free_string_array (auth_mechanisms);
617 dbus_server_free_data_slot (&server_data_slot);
623 shutdown_server (BusContext *context,
626 if (server == NULL ||
627 !dbus_server_get_is_connected (server))
630 if (!dbus_server_set_watch_functions (server,
634 _dbus_assert_not_reached ("setting watch functions to NULL failed");
636 if (!dbus_server_set_timeout_functions (server,
640 _dbus_assert_not_reached ("setting timeout functions to NULL failed");
642 dbus_server_disconnect (server);
646 bus_context_shutdown (BusContext *context)
650 link = _dbus_list_get_first_link (&context->servers);
653 shutdown_server (context, link->data);
655 link = _dbus_list_get_next_link (&context->servers, link);
660 bus_context_ref (BusContext *context)
662 _dbus_assert (context->refcount > 0);
663 context->refcount += 1;
667 bus_context_unref (BusContext *context)
669 _dbus_assert (context->refcount > 0);
670 context->refcount -= 1;
672 if (context->refcount == 0)
676 _dbus_verbose ("Finalizing bus context %p\n", context);
678 bus_context_shutdown (context);
680 if (context->connections)
682 bus_connections_unref (context->connections);
683 context->connections = NULL;
686 if (context->registry)
688 bus_registry_unref (context->registry);
689 context->registry = NULL;
692 if (context->activation)
694 bus_activation_unref (context->activation);
695 context->activation = NULL;
698 link = _dbus_list_get_first_link (&context->servers);
701 dbus_server_unref (link->data);
703 link = _dbus_list_get_next_link (&context->servers, link);
705 _dbus_list_clear (&context->servers);
709 bus_policy_unref (context->policy);
710 context->policy = NULL;
715 _dbus_loop_unref (context->loop);
716 context->loop = NULL;
719 dbus_free (context->type);
720 dbus_free (context->address);
722 if (context->pidfile)
725 _dbus_string_init_const (&u, context->pidfile);
727 /* Deliberately ignore errors here, since there's not much
728 * we can do about it, and we're exiting anyways.
730 _dbus_delete_file (&u, NULL);
732 dbus_free (context->pidfile);
735 _dbus_user_database_unref (context->user_database);
739 dbus_server_free_data_slot (&server_data_slot);
743 /* type may be NULL */
745 bus_context_get_type (BusContext *context)
747 return context->type;
751 bus_context_get_address (BusContext *context)
753 return context->address;
757 bus_context_get_registry (BusContext *context)
759 return context->registry;
763 bus_context_get_connections (BusContext *context)
765 return context->connections;
769 bus_context_get_activation (BusContext *context)
771 return context->activation;
775 bus_context_get_loop (BusContext *context)
777 return context->loop;
781 bus_context_get_user_database (BusContext *context)
783 return context->user_database;
787 bus_context_allow_user (BusContext *context,
790 return bus_policy_allow_user (context->policy,
791 context->user_database,
796 bus_context_create_client_policy (BusContext *context,
797 DBusConnection *connection,
800 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
801 return bus_policy_create_client_policy (context->policy, connection,
806 bus_context_get_activation_timeout (BusContext *context)
809 return context->limits.activation_timeout;
813 bus_context_get_auth_timeout (BusContext *context)
815 return context->limits.auth_timeout;
819 bus_context_get_max_completed_connections (BusContext *context)
821 return context->limits.max_completed_connections;
825 bus_context_get_max_incomplete_connections (BusContext *context)
827 return context->limits.max_incomplete_connections;
831 bus_context_get_max_connections_per_user (BusContext *context)
833 return context->limits.max_connections_per_user;
837 bus_context_get_max_pending_activations (BusContext *context)
839 return context->limits.max_pending_activations;
843 bus_context_get_max_services_per_connection (BusContext *context)
845 return context->limits.max_services_per_connection;
849 bus_context_check_security_policy (BusContext *context,
850 DBusConnection *sender,
851 DBusConnection *recipient,
852 DBusMessage *message,
855 BusClientPolicy *sender_policy;
856 BusClientPolicy *recipient_policy;
858 /* NULL sender/receiver means the bus driver */
862 if (bus_connection_is_active (sender))
864 sender_policy = bus_connection_get_policy (sender);
865 _dbus_assert (sender_policy != NULL);
869 /* Policy for inactive connections is that they can only send
870 * the hello message to the bus driver
872 if (recipient == NULL &&
873 dbus_message_has_name (message, DBUS_MESSAGE_HELLO))
875 _dbus_verbose ("security check allowing %s message\n",
881 _dbus_verbose ("security check disallowing non-%s message\n",
884 dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
885 "Client tried to send a message other than %s without being registered",
893 sender_policy = NULL;
895 _dbus_assert ((sender != NULL && sender_policy != NULL) ||
896 (sender == NULL && sender_policy == NULL));
898 if (recipient != NULL)
900 /* only the bus driver can send to an inactive recipient (as it
901 * owns no services, so other apps can't address it). Inactive
902 * recipients can receive any message.
904 if (bus_connection_is_active (recipient))
906 recipient_policy = bus_connection_get_policy (recipient);
907 _dbus_assert (recipient_policy != NULL);
909 else if (sender == NULL)
911 _dbus_verbose ("security check using NULL recipient policy for message from bus\n");
912 recipient_policy = NULL;
916 _dbus_assert_not_reached ("a message was somehow sent to an inactive recipient from a source other than the message bus\n");
917 recipient_policy = NULL;
921 recipient_policy = NULL;
923 _dbus_assert ((recipient != NULL && recipient_policy != NULL) ||
924 (recipient != NULL && sender == NULL && recipient_policy == NULL) ||
925 (recipient == NULL && recipient_policy == NULL));
928 !bus_client_policy_check_can_send (sender_policy,
929 context->registry, recipient,
932 const char *dest = dbus_message_get_destination (message);
933 dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
934 "A security policy in place prevents this sender "
935 "from sending this message to this recipient, "
936 "see message bus configuration file (rejected message "
937 "had name \"%s\" destination \"%s\")",
938 dbus_message_get_name (message),
939 dest ? dest : DBUS_SERVICE_DBUS);
940 _dbus_verbose ("security policy disallowing message due to sender policy\n");
944 if (recipient_policy &&
945 !bus_client_policy_check_can_receive (recipient_policy,
946 context->registry, sender,
949 const char *dest = dbus_message_get_destination (message);
950 dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
951 "A security policy in place prevents this recipient "
952 "from receiving this message from this sender, "
953 "see message bus configuration file (rejected message "
954 "had name \"%s\" destination \"%s\")",
955 dbus_message_get_name (message),
956 dest ? dest : DBUS_SERVICE_DBUS);
957 _dbus_verbose ("security policy disallowing message due to recipient policy\n");
961 /* See if limits on size have been exceeded */
963 dbus_connection_get_outgoing_size (recipient) >
964 context->limits.max_outgoing_bytes)
966 const char *dest = dbus_message_get_destination (message);
967 dbus_set_error (error, DBUS_ERROR_LIMITS_EXCEEDED,
968 "The destination service \"%s\" has a full message queue",
969 dest ? dest : DBUS_SERVICE_DBUS);
970 _dbus_verbose ("security policy disallowing message due to full message queue\n");
974 _dbus_verbose ("security policy allowing message\n");