1 /* GIO - GLib Input, Output and Streaming Library
3 * Copyright © 2009 Codethink Limited
5 * This program is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU Lesser General Public License as published
7 * by the Free Software Foundation; either version 2 of the licence or (at
8 * your option) any later version.
10 * See the included COPYING file for more information.
12 * Authors: Ryan Lortie <desrt@desrt.ca>
16 #include "gunixconnection.h"
20 * SECTION: gunixconnection
21 * @title: GUnixConnection
22 * @short_description: a Unix domain #GSocketConnection
23 * @see_also: #GSocketConnection.
25 * This is the subclass of #GSocketConnection that is created
26 * for UNIX domain sockets.
28 * It contains functions to do some of the unix socket specific
29 * functionallity like passing file descriptors.
34 #include <gio/gsocketcontrolmessage.h>
35 #include <gio/gunixfdmessage.h>
36 #include <gio/gsocket.h>
40 /* for getsockopt() and setsockopt() */
41 #include <sys/types.h> /* See NOTES */
42 #include <sys/socket.h>
49 G_DEFINE_TYPE_WITH_CODE (GUnixConnection, g_unix_connection,
50 G_TYPE_SOCKET_CONNECTION,
51 g_socket_connection_factory_register_type (g_define_type_id,
54 G_SOCKET_PROTOCOL_DEFAULT);
58 * g_unix_connection_send_fd:
59 * @connection: a #GUnixConnection
60 * @fd: a file descriptor
61 * @cancellable: optional #GCancellable object, %NULL to ignore.
62 * @error: #GError for error reporting, or %NULL to ignore.
64 * Passes a file descriptor to the recieving side of the
65 * connection. The recieving end has to call g_unix_connection_receive_fd()
66 * to accept the file descriptor.
68 * As well as sending the fd this also writes a single byte to the
69 * stream, as this is required for fd passing to work on some
72 * Returns: a %TRUE on success, %NULL on error.
77 g_unix_connection_send_fd (GUnixConnection *connection,
79 GCancellable *cancellable,
82 GSocketControlMessage *scm;
85 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection), FALSE);
86 g_return_val_if_fail (fd >= 0, FALSE);
88 scm = g_unix_fd_message_new ();
90 if (!g_unix_fd_message_append_fd (G_UNIX_FD_MESSAGE (scm), fd, error))
96 g_object_get (connection, "socket", &socket, NULL);
97 if (g_socket_send_message (socket, NULL, NULL, 0, &scm, 1, 0, cancellable, error) != 1)
98 /* XXX could it 'fail' with zero? */
100 g_object_unref (socket);
101 g_object_unref (scm);
106 g_object_unref (socket);
107 g_object_unref (scm);
113 * g_unix_connection_receive_fd:
114 * @connection: a #GUnixConnection
115 * @cancellable: optional #GCancellable object, %NULL to ignore
116 * @error: #GError for error reporting, or %NULL to ignore
118 * Receives a file descriptor from the sending end of the connection.
119 * The sending end has to call g_unix_connection_send_fd() for this
122 * As well as reading the fd this also reads a single byte from the
123 * stream, as this is required for fd passing to work on some
126 * Returns: a file descriptor on success, -1 on error.
131 g_unix_connection_receive_fd (GUnixConnection *connection,
132 GCancellable *cancellable,
135 GSocketControlMessage **scms;
136 gint *fds, nfd, fd, nscm;
137 GUnixFDMessage *fdmsg;
140 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection), -1);
142 g_object_get (connection, "socket", &socket, NULL);
143 if (g_socket_receive_message (socket, NULL, NULL, 0,
144 &scms, &nscm, NULL, cancellable, error) != 1)
145 /* XXX it _could_ 'fail' with zero. */
147 g_object_unref (socket);
152 g_object_unref (socket);
158 g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
159 _("Expecting 1 control message, got %d"), nscm);
161 for (i = 0; i < nscm; i++)
162 g_object_unref (scms[i]);
169 if (!G_IS_UNIX_FD_MESSAGE (scms[0]))
171 g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
172 _("Unexpected type of ancillary data"));
173 g_object_unref (scms[0]);
179 fdmsg = G_UNIX_FD_MESSAGE (scms[0]);
182 fds = g_unix_fd_message_steal_fds (fdmsg, &nfd);
183 g_object_unref (fdmsg);
189 g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
190 _("Expecting one fd, but got %d\n"), nfd);
192 for (i = 0; i < nfd; i++)
205 g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
206 _("Received invalid fd"));
214 g_unix_connection_init (GUnixConnection *connection)
219 g_unix_connection_class_init (GUnixConnectionClass *class)
223 /* TODO: Other stuff we might want to add are:
224 void g_unix_connection_send_fd_async (GUnixConnection *connection,
228 GAsyncReadyCallback callback,
230 gboolean g_unix_connection_send_fd_finish (GUnixConnection *connection,
233 gboolean g_unix_connection_send_fds (GUnixConnection *connection,
237 void g_unix_connection_send_fds_async (GUnixConnection *connection,
241 GAsyncReadyCallback callback,
243 gboolean g_unix_connection_send_fds_finish (GUnixConnection *connection,
246 void g_unix_connection_receive_fd_async (GUnixConnection *connection,
248 GAsyncReadyCallback callback,
250 gint g_unix_connection_receive_fd_finish (GUnixConnection *connection,
254 gboolean g_unix_connection_send_credentials (GUnixConnection *connection,
256 void g_unix_connection_send_credentials_async (GUnixConnection *connection,
258 GAsyncReadyCallback callback,
260 gboolean g_unix_connection_send_credentials_finish (GUnixConnection *connection,
263 gboolean g_unix_connection_send_fake_credentials (GUnixConnection *connection,
268 void g_unix_connection_send_fake_credentials_async (GUnixConnection *connection,
273 GAsyncReadyCallback callback,
275 gboolean g_unix_connection_send_fake_credentials_finish (GUnixConnection *connection,
278 gboolean g_unix_connection_receive_credentials (GUnixConnection *connection,
283 void g_unix_connection_receive_credentials_async (GUnixConnection *connection,
285 GAsyncReadyCallback callback,
287 gboolean g_unix_connection_receive_credentials_finish (GUnixConnection *connection,
293 gboolean g_unix_connection_create_pair (GUnixConnection **one,
294 GUnixConnection **two,
300 * g_unix_connection_send_credentials:
301 * @connection: A #GUnixConnection.
302 * @credentials: A #GCredentials to send.
303 * @cancellable: A #GCancellable or %NULL.
304 * @error: Return location for error or %NULL.
306 * Passes the credentials stored in @credentials to the recieving side
307 * of the connection. The recieving end has to call
308 * g_unix_connection_receive_credentials() (or similar) to accept the
311 * The credentials which the sender specifies are checked by the
312 * kernel. A process with effective user ID 0 is allowed to specify
313 * values that do not match its own. This means that the credentials
314 * can be used to authenticate other connections.
316 * As well as sending the credentials this also writes a single NUL
317 * byte to the stream, as this is required for credentials passing to
318 * work on some implementations.
320 * Returns: %TRUE on success, %FALSE if @error is set.
325 g_unix_connection_send_credentials (GUnixConnection *connection,
326 GCredentials *credentials,
327 GCancellable *cancellable,
330 GSocketControlMessage *scm;
333 GOutputVector vector;
334 guchar nul_byte[1] = {'\0'};
336 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection), FALSE);
337 g_return_val_if_fail (G_IS_CREDENTIALS (credentials), FALSE);
338 g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
342 vector.buffer = &nul_byte;
344 scm = g_unix_credentials_message_new_with_credentials (credentials);
345 g_object_get (connection, "socket", &socket, NULL);
346 if (g_socket_send_message (socket,
356 g_prefix_error (error, _("Error sending credentials: "));
363 g_object_unref (socket);
364 g_object_unref (scm);
369 * g_unix_connection_receive_credentials:
370 * @connection: A #GUnixConnection.
371 * @cancellable: A #GCancellable or %NULL.
372 * @error: Return location for error or %NULL.
374 * Receives credentials from the sending end of the connection. The
375 * sending end has to call g_unix_connection_send_credentials() (or
376 * similar) for this to work.
378 * As well as reading the credentials this also reads (and discards) a
379 * single byte from the stream, as this is required for credentials
380 * passing to work on some implementations.
382 * Returns: Received credentials on success (free with
383 * g_object_unref()), %NULL if @error is set.
388 g_unix_connection_receive_credentials (GUnixConnection *connection,
389 GCancellable *cancellable,
393 GSocketControlMessage **scms;
397 volatile GType credentials_message_gtype;
398 gssize num_bytes_read;
400 gboolean turn_off_so_passcreds;
403 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection), NULL);
404 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
409 g_object_get (connection, "socket", &socket, NULL);
411 /* On Linux, we need to turn on SO_PASSCRED if it isn't enabled
412 * already. We also need to turn it off when we're done. See
413 * #617483 for more discussion.
420 turn_off_so_passcreds = FALSE;
422 opt_len = sizeof (gint);
423 if (getsockopt (g_socket_get_fd (socket),
431 g_io_error_from_errno (errno),
432 _("Error checking if SO_PASSCRED is enabled for socket: %s"),
436 if (opt_len != sizeof (gint))
441 _("Unexpected option length while checking if SO_PASSCRED is enabled for socket. "
442 "Expected %d bytes, got %d"),
443 (gint) sizeof (gint), (gint) opt_len);
449 if (setsockopt (g_socket_get_fd (socket),
453 sizeof opt_val) != 0)
457 g_io_error_from_errno (errno),
458 _("Error enabling SO_PASSCRED: %s"),
462 turn_off_so_passcreds = TRUE;
467 /* ensure the type of GUnixCredentialsMessage has been registered with the type system */
468 credentials_message_gtype = G_TYPE_UNIX_CREDENTIALS_MESSAGE;
469 num_bytes_read = g_socket_receive_message (socket,
470 NULL, /* GSocketAddress **address */
478 if (num_bytes_read != 1)
480 /* Handle situation where g_socket_receive_message() returns
481 * 0 bytes and not setting @error
483 if (num_bytes_read == 0 && error != NULL && *error == NULL)
485 g_set_error_literal (error,
488 _("Expecting to read a single byte for receiving credentials but read zero bytes"));
498 _("Expecting 1 control message, got %d"),
503 if (!G_IS_UNIX_CREDENTIALS_MESSAGE (scms[0]))
505 g_set_error_literal (error,
508 _("Unexpected type of ancillary data"));
512 ret = g_unix_credentials_message_get_credentials (G_UNIX_CREDENTIALS_MESSAGE (scms[0]));
518 if (turn_off_so_passcreds)
522 if (setsockopt (g_socket_get_fd (socket),
526 sizeof opt_val) != 0)
530 g_io_error_from_errno (errno),
531 _("Error while disabling SO_PASSCRED: %s"),
540 for (n = 0; n < nscm; n++)
541 g_object_unref (scms[n]);
544 g_object_unref (socket);
548 #define __G_UNIX_CONNECTION_C__
549 #include "gioaliasdef.c"