1 /* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
2 /* dbus-nonce.c Nonce handling functions used by nonce-tcp (internal to D-Bus implementation)
4 * Copyright (C) 2009 Klaralvdalens Datakonsult AB, a KDAB Group company, info@kdab.net
6 * Licensed under the Academic Free License version 2.1
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
25 // major sections of this file are modified code from libassuan, (C) FSF
26 #include "dbus-nonce.h"
27 #include "dbus-internals.h"
28 #include "dbus-protocol.h"
29 #include "dbus-sysdeps.h"
34 do_check_nonce (DBusSocket fd, const DBusString *nonce, DBusError *error)
42 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
46 /* This is a trick to make it safe to call _dbus_string_free on these
47 * strings during error unwinding, even if allocating memory for them
48 * fails. A constant DBusString is considered to be valid to "free",
49 * even though there is nothing to free (of course the free operation
50 * is trivial, because it does not own its own buffer); but
51 * unlike a mutable DBusString, initializing a constant DBusString
54 * We must successfully re-initialize the strings to be mutable before
55 * writing to them, of course.
57 _dbus_string_init_const (&buffer, "");
58 _dbus_string_init_const (&p, "");
60 if ( !_dbus_string_init (&buffer)
61 || !_dbus_string_init (&p) ) {
62 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
63 _dbus_string_free (&p);
64 _dbus_string_free (&buffer);
72 n = _dbus_read_socket (fd, &p, nleft);
73 saved_errno = _dbus_save_socket_errno ();
75 if (n == -1 && _dbus_get_is_errno_eintr (saved_errno))
77 else if (n == -1 && _dbus_get_is_errno_eagain_or_ewouldblock (saved_errno))
78 _dbus_sleep_milliseconds (100);
81 dbus_set_error (error, DBUS_ERROR_IO_ERROR, "Could not read nonce from socket (fd=%" DBUS_SOCKET_FORMAT ")", _dbus_socket_printable (fd));
82 _dbus_string_free (&p);
83 _dbus_string_free (&buffer);
88 _dbus_string_free (&p);
89 _dbus_string_free (&buffer);
90 dbus_set_error (error, DBUS_ERROR_IO_ERROR, "Could not read nonce from socket (fd=%" DBUS_SOCKET_FORMAT ")", _dbus_socket_printable (fd));
95 if (!_dbus_string_append_len (&buffer, _dbus_string_get_const_data (&p), n))
97 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
98 _dbus_string_free (&p);
99 _dbus_string_free (&buffer);
106 result = _dbus_string_equal_len (&buffer, nonce, 16);
108 dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, "Nonces do not match, access denied (fd=%" DBUS_SOCKET_FORMAT ")", _dbus_socket_printable (fd));
110 _dbus_string_free (&p);
111 _dbus_string_free (&buffer);
117 * reads the nonce from the nonce file and stores it in a string
119 * @param fname the file to read the nonce from
120 * @param nonce returns the nonce. Must be an initialized string, the nonce will be appended.
121 * @param error error object to report possible errors
122 * @return FALSE iff reading the nonce fails (error is set then)
125 _dbus_read_nonce (const DBusString *fname, DBusString *nonce, DBusError* error)
131 buffer[sizeof buffer - 1] = '\0';
133 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
135 _dbus_verbose ("reading nonce from file: %s\n", _dbus_string_get_const_data (fname));
138 fp = fopen (_dbus_string_get_const_data (fname), "rb");
141 dbus_set_error (error,
142 _dbus_error_from_system_errno (),
143 "Failed to open %s for read: %s",
144 _dbus_string_get_const_data (fname),
145 _dbus_strerror_from_errno ());
149 nread = fread (buffer, 1, sizeof buffer - 1, fp);
153 dbus_set_error (error, DBUS_ERROR_FILE_NOT_FOUND, "Could not read nonce from file %s", _dbus_string_get_const_data (fname));
157 if (!_dbus_string_append_len (nonce, buffer, sizeof buffer - 1 ))
159 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
166 _dbus_accept_with_noncefile (DBusSocket listen_fd, const DBusNonceFile *noncefile)
168 DBusSocket fd = _dbus_socket_get_invalid ();
171 _dbus_assert (noncefile != NULL);
173 /* Make it valid to "free" this even if _dbus_string_init() runs
174 * out of memory: see comment in do_check_nonce() */
175 _dbus_string_init_const (&nonce, "");
177 if (!_dbus_string_init (&nonce))
180 //PENDING(kdab): set better errors
181 if (_dbus_read_nonce (_dbus_noncefile_get_path(noncefile), &nonce, NULL) != TRUE)
184 fd = _dbus_accept (listen_fd);
186 if (!_dbus_socket_is_valid (fd))
189 if (do_check_nonce(fd, &nonce, NULL) != TRUE) {
190 _dbus_verbose ("nonce check failed. Closing socket.\n");
191 _dbus_close_socket(fd, NULL);
192 _dbus_socket_invalidate (&fd);
197 _dbus_string_free (&nonce);
202 generate_and_write_nonce (const DBusString *filename, DBusError *error)
207 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
209 if (!_dbus_string_init (&nonce))
211 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
215 if (!_dbus_generate_random_bytes (&nonce, 16, error))
217 _dbus_string_free (&nonce);
221 ret = _dbus_string_save_to_file (&nonce, filename, FALSE, error);
223 _dbus_string_free (&nonce);
229 * sends the nonce over a given socket. Blocks while doing so.
231 * @param fd the file descriptor to write the nonce data to (usually a socket)
232 * @param noncefile the noncefile location to read the nonce from
233 * @param error contains error details if FALSE is returned
234 * @return TRUE iff the nonce was successfully sent. Note that this does not
235 * indicate whether the server accepted the nonce.
238 _dbus_send_nonce (DBusSocket fd,
239 const DBusString *noncefile,
242 dbus_bool_t read_result;
246 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
248 if (_dbus_string_get_length (noncefile) == 0)
251 if (!_dbus_string_init (&nonce))
253 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
257 read_result = _dbus_read_nonce (noncefile, &nonce, error);
260 _DBUS_ASSERT_ERROR_IS_SET (error);
261 _dbus_string_free (&nonce);
264 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
266 send_result = _dbus_write_socket (fd, &nonce, 0, _dbus_string_get_length (&nonce));
268 _dbus_string_free (&nonce);
270 if (send_result == -1)
272 dbus_set_error (error,
273 _dbus_error_from_system_errno (),
274 "Failed to send nonce (fd=%" DBUS_SOCKET_FORMAT "): %s",
275 _dbus_socket_printable (fd),
276 _dbus_strerror_from_errno ());
284 do_noncefile_create (DBusNonceFile *noncefile,
286 dbus_bool_t use_subdir)
288 DBusString randomStr;
291 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
293 _dbus_assert (noncefile);
295 /* Make it valid to "free" these even if _dbus_string_init() runs
296 * out of memory: see comment in do_check_nonce() */
297 _dbus_string_init_const (&randomStr, "");
298 _dbus_string_init_const (&noncefile->dir, "");
299 _dbus_string_init_const (&noncefile->path, "");
301 if (!_dbus_string_init (&randomStr))
303 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
307 if (!_dbus_generate_random_ascii (&randomStr, 8, error))
312 tmp = _dbus_get_tmpdir ();
314 if (!_dbus_string_init (&noncefile->dir)
316 || !_dbus_string_append (&noncefile->dir, tmp))
318 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
323 if (!_dbus_string_append (&noncefile->dir, "/dbus_nonce-")
324 || !_dbus_string_append (&noncefile->dir, _dbus_string_get_const_data (&randomStr)) )
326 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
329 if (!_dbus_string_init (&noncefile->path)
330 || !_dbus_string_copy (&noncefile->dir, 0, &noncefile->path, 0)
331 || !_dbus_string_append (&noncefile->path, "/nonce"))
333 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
336 if (!_dbus_create_directory (&noncefile->dir, error))
338 _DBUS_ASSERT_ERROR_IS_SET (error);
341 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
346 if (!_dbus_string_init (&noncefile->path)
347 || !_dbus_string_copy (&noncefile->dir, 0, &noncefile->path, 0)
348 || !_dbus_string_append (&noncefile->path, "/dbus_nonce-")
349 || !_dbus_string_append (&noncefile->path, _dbus_string_get_const_data (&randomStr)))
351 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
357 if (!generate_and_write_nonce (&noncefile->path, error))
359 _DBUS_ASSERT_ERROR_IS_SET (error);
361 _dbus_delete_directory (&noncefile->dir, NULL); //we ignore possible errors deleting the dir and return the write error instead
364 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
366 _dbus_string_free (&randomStr);
370 if (use_subdir && _dbus_string_get_length (&noncefile->dir) != 0)
371 _dbus_delete_directory (&noncefile->dir, NULL);
372 _dbus_string_free (&noncefile->dir);
373 _dbus_string_free (&noncefile->path);
374 _dbus_string_free (&randomStr);
380 * creates a nonce file in a user-readable location and writes a generated nonce to it
382 * @param noncefile returns the nonce file location
383 * @param error error details if creating the nonce file fails
384 * @return TRUE iff the nonce file was successfully created
387 _dbus_noncefile_create (DBusNonceFile *noncefile,
390 return do_noncefile_create (noncefile, error, /*use_subdir=*/FALSE);
394 * deletes the noncefile and frees the DBusNonceFile object.
396 * @param noncefile the nonce file to delete. Contents will be freed.
397 * @param error error details if the nonce file could not be deleted
401 _dbus_noncefile_delete (DBusNonceFile *noncefile,
404 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
406 _dbus_delete_file (&noncefile->path, error);
407 _dbus_string_free (&noncefile->dir);
408 _dbus_string_free (&noncefile->path);
414 * creates a nonce file in a user-readable location and writes a generated nonce to it.
415 * Initializes the noncefile object.
417 * @param noncefile returns the nonce file location
418 * @param error error details if creating the nonce file fails
419 * @return TRUE iff the nonce file was successfully created
422 _dbus_noncefile_create (DBusNonceFile *noncefile,
425 return do_noncefile_create (noncefile, error, /*use_subdir=*/TRUE);
429 * deletes the noncefile and frees the DBusNonceFile object.
431 * @param noncefile the nonce file to delete. Contents will be freed.
432 * @param error error details if the nonce file could not be deleted
436 _dbus_noncefile_delete (DBusNonceFile *noncefile,
439 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
441 _dbus_delete_directory (&noncefile->dir, error);
442 _dbus_string_free (&noncefile->dir);
443 _dbus_string_free (&noncefile->path);
450 * returns the absolute file path of the nonce file
452 * @param noncefile an initialized noncefile object
453 * @return the absolute path of the nonce file
456 _dbus_noncefile_get_path (const DBusNonceFile *noncefile)
458 _dbus_assert (noncefile);
459 return &noncefile->path;
463 * reads data from a file descriptor and checks if the received data matches
464 * the data in the given noncefile.
466 * @param fd the file descriptor to read the nonce from
467 * @param noncefile the nonce file to check the received data against
468 * @param error error details on fail
469 * @return TRUE iff a nonce could be successfully read from the file descriptor
470 * and matches the nonce from the given nonce file
473 _dbus_noncefile_check_nonce (DBusSocket fd,
474 const DBusNonceFile *noncefile,
477 return do_check_nonce (fd, _dbus_noncefile_get_path (noncefile), error);
481 /** @} end of nonce */