1 /* GIO - GLib Input, Output and Streaming Library
3 * Copyright © 2009 Codethink Limited
5 * This program is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU Lesser General Public License as published
7 * by the Free Software Foundation; either version 2 of the licence or (at
8 * your option) any later version.
10 * See the included COPYING file for more information.
12 * Authors: Ryan Lortie <desrt@desrt.ca>
16 #include "gunixconnection.h"
17 #include "gunixcredentialsmessage.h"
21 * SECTION:gunixconnection
22 * @title: GUnixConnection
23 * @short_description: A UNIX domain GSocketConnection
24 * @include: gio/gunixconnection.h
25 * @see_also: #GSocketConnection.
27 * This is the subclass of #GSocketConnection that is created
28 * for UNIX domain sockets.
30 * It contains functions to do some of the UNIX socket specific
31 * functionality like passing file descriptors.
33 * Note that <filename><gio/gunixconnection.h></filename> belongs to
34 * the UNIX-specific GIO interfaces, thus you have to use the
35 * <filename>gio-unix-2.0.pc</filename> pkg-config file when using it.
40 #include <gio/gsocketcontrolmessage.h>
41 #include <gio/gunixfdmessage.h>
42 #include <gio/gsocket.h>
46 /* for getsockopt() and setsockopt() */
47 #include <sys/types.h> /* See NOTES */
48 #include <sys/socket.h>
54 G_DEFINE_TYPE_WITH_CODE (GUnixConnection, g_unix_connection,
55 G_TYPE_SOCKET_CONNECTION,
56 g_socket_connection_factory_register_type (g_define_type_id,
59 G_SOCKET_PROTOCOL_DEFAULT);
63 * g_unix_connection_send_fd:
64 * @connection: a #GUnixConnection
65 * @fd: a file descriptor
66 * @cancellable: (allow-none): optional #GCancellable object, %NULL to ignore.
67 * @error: (allow-none): #GError for error reporting, or %NULL to ignore.
69 * Passes a file descriptor to the receiving side of the
70 * connection. The receiving end has to call g_unix_connection_receive_fd()
71 * to accept the file descriptor.
73 * As well as sending the fd this also writes a single byte to the
74 * stream, as this is required for fd passing to work on some
77 * Returns: a %TRUE on success, %NULL on error.
82 g_unix_connection_send_fd (GUnixConnection *connection,
84 GCancellable *cancellable,
87 GSocketControlMessage *scm;
90 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection), FALSE);
91 g_return_val_if_fail (fd >= 0, FALSE);
93 scm = g_unix_fd_message_new ();
95 if (!g_unix_fd_message_append_fd (G_UNIX_FD_MESSAGE (scm), fd, error))
101 g_object_get (connection, "socket", &socket, NULL);
102 if (g_socket_send_message (socket, NULL, NULL, 0, &scm, 1, 0, cancellable, error) != 1)
103 /* XXX could it 'fail' with zero? */
105 g_object_unref (socket);
106 g_object_unref (scm);
111 g_object_unref (socket);
112 g_object_unref (scm);
118 * g_unix_connection_receive_fd:
119 * @connection: a #GUnixConnection
120 * @cancellable: (allow-none): optional #GCancellable object, %NULL to ignore
121 * @error: (allow-none): #GError for error reporting, or %NULL to ignore
123 * Receives a file descriptor from the sending end of the connection.
124 * The sending end has to call g_unix_connection_send_fd() for this
127 * As well as reading the fd this also reads a single byte from the
128 * stream, as this is required for fd passing to work on some
131 * Returns: a file descriptor on success, -1 on error.
136 g_unix_connection_receive_fd (GUnixConnection *connection,
137 GCancellable *cancellable,
140 GSocketControlMessage **scms;
141 gint *fds, nfd, fd, nscm;
142 GUnixFDMessage *fdmsg;
145 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection), -1);
147 g_object_get (connection, "socket", &socket, NULL);
148 if (g_socket_receive_message (socket, NULL, NULL, 0,
149 &scms, &nscm, NULL, cancellable, error) != 1)
150 /* XXX it _could_ 'fail' with zero. */
152 g_object_unref (socket);
157 g_object_unref (socket);
163 g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
164 _("Expecting 1 control message, got %d"), nscm);
166 for (i = 0; i < nscm; i++)
167 g_object_unref (scms[i]);
174 if (!G_IS_UNIX_FD_MESSAGE (scms[0]))
176 g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
177 _("Unexpected type of ancillary data"));
178 g_object_unref (scms[0]);
184 fdmsg = G_UNIX_FD_MESSAGE (scms[0]);
187 fds = g_unix_fd_message_steal_fds (fdmsg, &nfd);
188 g_object_unref (fdmsg);
194 g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
195 _("Expecting one fd, but got %d\n"), nfd);
197 for (i = 0; i < nfd; i++)
210 g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
211 _("Received invalid fd"));
219 g_unix_connection_init (GUnixConnection *connection)
224 g_unix_connection_class_init (GUnixConnectionClass *class)
228 /* TODO: Other stuff we might want to add are:
229 void g_unix_connection_send_fd_async (GUnixConnection *connection,
233 GAsyncReadyCallback callback,
235 gboolean g_unix_connection_send_fd_finish (GUnixConnection *connection,
238 gboolean g_unix_connection_send_fds (GUnixConnection *connection,
242 void g_unix_connection_send_fds_async (GUnixConnection *connection,
246 GAsyncReadyCallback callback,
248 gboolean g_unix_connection_send_fds_finish (GUnixConnection *connection,
251 void g_unix_connection_receive_fd_async (GUnixConnection *connection,
253 GAsyncReadyCallback callback,
255 gint g_unix_connection_receive_fd_finish (GUnixConnection *connection,
259 gboolean g_unix_connection_send_fake_credentials (GUnixConnection *connection,
264 void g_unix_connection_send_fake_credentials_async (GUnixConnection *connection,
269 GAsyncReadyCallback callback,
271 gboolean g_unix_connection_send_fake_credentials_finish (GUnixConnection *connection,
274 gboolean g_unix_connection_create_pair (GUnixConnection **one,
275 GUnixConnection **two,
281 * g_unix_connection_send_credentials:
282 * @connection: A #GUnixConnection.
283 * @cancellable: (allow-none): A #GCancellable or %NULL.
284 * @error: Return location for error or %NULL.
286 * Passes the credentials of the current user the receiving side
287 * of the connection. The receiving end has to call
288 * g_unix_connection_receive_credentials() (or similar) to accept the
291 * As well as sending the credentials this also writes a single NUL
292 * byte to the stream, as this is required for credentials passing to
293 * work on some implementations.
295 * Other ways to exchange credentials with a foreign peer includes the
296 * #GUnixCredentialsMessage type and g_socket_get_credentials() function.
298 * Returns: %TRUE on success, %FALSE if @error is set.
303 g_unix_connection_send_credentials (GUnixConnection *connection,
304 GCancellable *cancellable,
307 GCredentials *credentials;
308 GSocketControlMessage *scm;
311 GOutputVector vector;
312 guchar nul_byte[1] = {'\0'};
315 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection), FALSE);
316 g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
320 credentials = g_credentials_new ();
322 vector.buffer = &nul_byte;
325 if (g_unix_credentials_message_is_supported ())
327 scm = g_unix_credentials_message_new_with_credentials (credentials);
336 g_object_get (connection, "socket", &socket, NULL);
337 if (g_socket_send_message (socket,
347 g_prefix_error (error, _("Error sending credentials: "));
354 g_object_unref (socket);
356 g_object_unref (scm);
357 g_object_unref (credentials);
362 send_credentials_async_thread (GSimpleAsyncResult *result,
364 GCancellable *cancellable)
366 GError *error = NULL;
368 if (!g_unix_connection_send_credentials (G_UNIX_CONNECTION (object),
372 g_simple_async_result_take_error (result, error);
377 * g_unix_connection_send_credentials_async:
378 * @connection: A #GUnixConnection.
379 * @cancellable: (allow-none): optional #GCancellable object, %NULL to ignore.
380 * @callback: (scope async): a #GAsyncReadyCallback to call when the request is satisfied
381 * @user_data: (closure): the data to pass to callback function
383 * Asynchronously send credentials.
385 * For more details, see g_unix_connection_send_credentials() which is
386 * the synchronous version of this call.
388 * When the operation is finished, @callback will be called. You can then call
389 * g_unix_connection_send_credentials_finish() to get the result of the operation.
394 g_unix_connection_send_credentials_async (GUnixConnection *connection,
395 GCancellable *cancellable,
396 GAsyncReadyCallback callback,
399 GSimpleAsyncResult *result;
401 result = g_simple_async_result_new (G_OBJECT (connection),
403 g_unix_connection_send_credentials_async);
405 g_simple_async_result_run_in_thread (result,
406 send_credentials_async_thread,
409 g_object_unref (result);
413 * g_unix_connection_send_credentials_finish:
414 * @connection: A #GUnixConnection.
415 * @result: a #GAsyncResult.
416 * @error: a #GError, or %NULL
418 * Finishes an asynchronous send credentials operation started with
419 * g_unix_connection_send_credentials_async().
421 * Returns: %TRUE if the operation was successful, otherwise %FALSE.
426 g_unix_connection_send_credentials_finish (GUnixConnection *connection,
427 GAsyncResult *result,
430 g_return_val_if_fail (
431 g_simple_async_result_is_valid (result,
432 G_OBJECT (connection),
433 g_unix_connection_send_credentials_async),
436 if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result),
445 * g_unix_connection_receive_credentials:
446 * @connection: A #GUnixConnection.
447 * @cancellable: (allow-none): A #GCancellable or %NULL.
448 * @error: Return location for error or %NULL.
450 * Receives credentials from the sending end of the connection. The
451 * sending end has to call g_unix_connection_send_credentials() (or
452 * similar) for this to work.
454 * As well as reading the credentials this also reads (and discards) a
455 * single byte from the stream, as this is required for credentials
456 * passing to work on some implementations.
458 * Other ways to exchange credentials with a foreign peer includes the
459 * #GUnixCredentialsMessage type and g_socket_get_credentials() function.
461 * Returns: (transfer full): Received credentials on success (free with
462 * g_object_unref()), %NULL if @error is set.
467 g_unix_connection_receive_credentials (GUnixConnection *connection,
468 GCancellable *cancellable,
472 GSocketControlMessage **scms;
476 volatile GType credentials_message_gtype;
477 gssize num_bytes_read;
479 gboolean turn_off_so_passcreds;
482 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection), NULL);
483 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
488 g_object_get (connection, "socket", &socket, NULL);
490 /* On Linux, we need to turn on SO_PASSCRED if it isn't enabled
491 * already. We also need to turn it off when we're done. See
492 * #617483 for more discussion.
499 turn_off_so_passcreds = FALSE;
501 opt_len = sizeof (gint);
502 if (getsockopt (g_socket_get_fd (socket),
510 g_io_error_from_errno (errno),
511 _("Error checking if SO_PASSCRED is enabled for socket: %s"),
515 if (opt_len != sizeof (gint))
520 _("Unexpected option length while checking if SO_PASSCRED is enabled for socket. "
521 "Expected %d bytes, got %d"),
522 (gint) sizeof (gint), (gint) opt_len);
528 if (setsockopt (g_socket_get_fd (socket),
532 sizeof opt_val) != 0)
536 g_io_error_from_errno (errno),
537 _("Error enabling SO_PASSCRED: %s"),
541 turn_off_so_passcreds = TRUE;
546 /* ensure the type of GUnixCredentialsMessage has been registered with the type system */
547 credentials_message_gtype = G_TYPE_UNIX_CREDENTIALS_MESSAGE;
548 (credentials_message_gtype); /* To avoid -Wunused-but-set-variable */
549 num_bytes_read = g_socket_receive_message (socket,
550 NULL, /* GSocketAddress **address */
558 if (num_bytes_read != 1)
560 /* Handle situation where g_socket_receive_message() returns
561 * 0 bytes and not setting @error
563 if (num_bytes_read == 0 && error != NULL && *error == NULL)
565 g_set_error_literal (error,
568 _("Expecting to read a single byte for receiving credentials but read zero bytes"));
573 if (g_unix_credentials_message_is_supported () &&
574 /* Fall back on get_credentials if the other side didn't send the credentials */
582 _("Expecting 1 control message, got %d"),
587 if (!G_IS_UNIX_CREDENTIALS_MESSAGE (scms[0]))
589 g_set_error_literal (error,
592 _("Unexpected type of ancillary data"));
596 ret = g_unix_credentials_message_get_credentials (G_UNIX_CREDENTIALS_MESSAGE (scms[0]));
606 _("Not expecting control message, but got %d"),
612 ret = g_socket_get_credentials (socket, error);
619 if (turn_off_so_passcreds)
623 if (setsockopt (g_socket_get_fd (socket),
627 sizeof opt_val) != 0)
631 g_io_error_from_errno (errno),
632 _("Error while disabling SO_PASSCRED: %s"),
641 for (n = 0; n < nscm; n++)
642 g_object_unref (scms[n]);
645 g_object_unref (socket);
650 receive_credentials_async_thread (GSimpleAsyncResult *result,
652 GCancellable *cancellable)
655 GError *error = NULL;
657 creds = g_unix_connection_receive_credentials (G_UNIX_CONNECTION (object),
662 g_simple_async_result_take_error (result, error);
664 g_simple_async_result_set_op_res_gpointer (result, creds, g_object_unref);
668 * g_unix_connection_receive_credentials_async:
669 * @connection: A #GUnixConnection.
670 * @cancellable: (allow-none): optional #GCancellable object, %NULL to ignore.
671 * @callback: (scope async): a #GAsyncReadyCallback to call when the request is satisfied
672 * @user_data: (closure): the data to pass to callback function
674 * Asynchronously receive credentials.
676 * For more details, see g_unix_connection_receive_credentials() which is
677 * the synchronous version of this call.
679 * When the operation is finished, @callback will be called. You can then call
680 * g_unix_connection_receive_credentials_finish() to get the result of the operation.
685 g_unix_connection_receive_credentials_async (GUnixConnection *connection,
686 GCancellable *cancellable,
687 GAsyncReadyCallback callback,
690 GSimpleAsyncResult *result;
692 result = g_simple_async_result_new (G_OBJECT (connection),
694 g_unix_connection_receive_credentials_async);
696 g_simple_async_result_run_in_thread (result,
697 receive_credentials_async_thread,
701 g_object_unref (result);
705 * g_unix_connection_receive_credentials_finish:
706 * @connection: A #GUnixConnection.
707 * @result: a #GAsyncResult.
708 * @error: a #GError, or %NULL
710 * Finishes an asynchronous receive credentials operation started with
711 * g_unix_connection_receive_credentials_async().
713 * Returns: (transfer full): a #GCredentials, or %NULL on error.
714 * Free the returned object with g_object_unref().
719 g_unix_connection_receive_credentials_finish (GUnixConnection *connection,
720 GAsyncResult *result,
723 g_return_val_if_fail (
724 g_simple_async_result_is_valid (result,
725 G_OBJECT (connection),
726 g_unix_connection_receive_credentials_async),
729 if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result),
733 return g_object_ref (g_simple_async_result_get_op_res_gpointer (
734 G_SIMPLE_ASYNC_RESULT (result)));