1 /* GIO - GLib Input, Output and Streaming Library
3 * Copyright © 2009 Codethink Limited
5 * This program is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU Lesser General Public License as published
7 * by the Free Software Foundation; either version 2 of the licence or (at
8 * your option) any later version.
10 * See the included COPYING file for more information.
12 * Authors: Ryan Lortie <desrt@desrt.ca>
16 #include "gunixconnection.h"
17 #include "gunixcredentialsmessage.h"
21 * SECTION:gunixconnection
22 * @title: GUnixConnection
23 * @short_description: A UNIX domain GSocketConnection
24 * @include: gio/gunixconnection.h
25 * @see_also: #GSocketConnection.
27 * This is the subclass of #GSocketConnection that is created
28 * for UNIX domain sockets.
30 * It contains functions to do some of the UNIX socket specific
31 * functionality like passing file descriptors.
33 * Note that <filename><gio/gunixconnection.h></filename> belongs to
34 * the UNIX-specific GIO interfaces, thus you have to use the
35 * <filename>gio-unix-2.0.pc</filename> pkg-config file when using it.
40 #include <gio/gsocketcontrolmessage.h>
41 #include <gio/gunixfdmessage.h>
42 #include <gio/gnetworking.h>
43 #include <gio/gsocket.h>
50 G_DEFINE_TYPE_WITH_CODE (GUnixConnection, g_unix_connection,
51 G_TYPE_SOCKET_CONNECTION,
52 g_socket_connection_factory_register_type (g_define_type_id,
55 G_SOCKET_PROTOCOL_DEFAULT);
59 * g_unix_connection_send_fd:
60 * @connection: a #GUnixConnection
61 * @fd: a file descriptor
62 * @cancellable: (allow-none): optional #GCancellable object, %NULL to ignore.
63 * @error: (allow-none): #GError for error reporting, or %NULL to ignore.
65 * Passes a file descriptor to the receiving side of the
66 * connection. The receiving end has to call g_unix_connection_receive_fd()
67 * to accept the file descriptor.
69 * As well as sending the fd this also writes a single byte to the
70 * stream, as this is required for fd passing to work on some
73 * Returns: a %TRUE on success, %NULL on error.
78 g_unix_connection_send_fd (GUnixConnection *connection,
80 GCancellable *cancellable,
83 GSocketControlMessage *scm;
86 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection), FALSE);
87 g_return_val_if_fail (fd >= 0, FALSE);
89 scm = g_unix_fd_message_new ();
91 if (!g_unix_fd_message_append_fd (G_UNIX_FD_MESSAGE (scm), fd, error))
97 g_object_get (connection, "socket", &socket, NULL);
98 if (g_socket_send_message (socket, NULL, NULL, 0, &scm, 1, 0, cancellable, error) != 1)
99 /* XXX could it 'fail' with zero? */
101 g_object_unref (socket);
102 g_object_unref (scm);
107 g_object_unref (socket);
108 g_object_unref (scm);
114 * g_unix_connection_receive_fd:
115 * @connection: a #GUnixConnection
116 * @cancellable: (allow-none): optional #GCancellable object, %NULL to ignore
117 * @error: (allow-none): #GError for error reporting, or %NULL to ignore
119 * Receives a file descriptor from the sending end of the connection.
120 * The sending end has to call g_unix_connection_send_fd() for this
123 * As well as reading the fd this also reads a single byte from the
124 * stream, as this is required for fd passing to work on some
127 * Returns: a file descriptor on success, -1 on error.
132 g_unix_connection_receive_fd (GUnixConnection *connection,
133 GCancellable *cancellable,
136 GSocketControlMessage **scms;
137 gint *fds, nfd, fd, nscm;
138 GUnixFDMessage *fdmsg;
141 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection), -1);
143 g_object_get (connection, "socket", &socket, NULL);
144 if (g_socket_receive_message (socket, NULL, NULL, 0,
145 &scms, &nscm, NULL, cancellable, error) != 1)
146 /* XXX it _could_ 'fail' with zero. */
148 g_object_unref (socket);
153 g_object_unref (socket);
159 g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
160 _("Expecting 1 control message, got %d"), nscm);
162 for (i = 0; i < nscm; i++)
163 g_object_unref (scms[i]);
170 if (!G_IS_UNIX_FD_MESSAGE (scms[0]))
172 g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
173 _("Unexpected type of ancillary data"));
174 g_object_unref (scms[0]);
180 fdmsg = G_UNIX_FD_MESSAGE (scms[0]);
183 fds = g_unix_fd_message_steal_fds (fdmsg, &nfd);
184 g_object_unref (fdmsg);
190 g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
191 _("Expecting one fd, but got %d\n"), nfd);
193 for (i = 0; i < nfd; i++)
206 g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
207 _("Received invalid fd"));
215 g_unix_connection_init (GUnixConnection *connection)
220 g_unix_connection_class_init (GUnixConnectionClass *class)
224 /* TODO: Other stuff we might want to add are:
225 void g_unix_connection_send_fd_async (GUnixConnection *connection,
229 GAsyncReadyCallback callback,
231 gboolean g_unix_connection_send_fd_finish (GUnixConnection *connection,
234 gboolean g_unix_connection_send_fds (GUnixConnection *connection,
238 void g_unix_connection_send_fds_async (GUnixConnection *connection,
242 GAsyncReadyCallback callback,
244 gboolean g_unix_connection_send_fds_finish (GUnixConnection *connection,
247 void g_unix_connection_receive_fd_async (GUnixConnection *connection,
249 GAsyncReadyCallback callback,
251 gint g_unix_connection_receive_fd_finish (GUnixConnection *connection,
255 gboolean g_unix_connection_send_fake_credentials (GUnixConnection *connection,
260 void g_unix_connection_send_fake_credentials_async (GUnixConnection *connection,
265 GAsyncReadyCallback callback,
267 gboolean g_unix_connection_send_fake_credentials_finish (GUnixConnection *connection,
270 gboolean g_unix_connection_create_pair (GUnixConnection **one,
271 GUnixConnection **two,
277 * g_unix_connection_send_credentials:
278 * @connection: A #GUnixConnection.
279 * @cancellable: (allow-none): A #GCancellable or %NULL.
280 * @error: Return location for error or %NULL.
282 * Passes the credentials of the current user the receiving side
283 * of the connection. The receiving end has to call
284 * g_unix_connection_receive_credentials() (or similar) to accept the
287 * As well as sending the credentials this also writes a single NUL
288 * byte to the stream, as this is required for credentials passing to
289 * work on some implementations.
291 * Other ways to exchange credentials with a foreign peer includes the
292 * #GUnixCredentialsMessage type and g_socket_get_credentials() function.
294 * Returns: %TRUE on success, %FALSE if @error is set.
299 g_unix_connection_send_credentials (GUnixConnection *connection,
300 GCancellable *cancellable,
303 GCredentials *credentials;
304 GSocketControlMessage *scm;
307 GOutputVector vector;
308 guchar nul_byte[1] = {'\0'};
311 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection), FALSE);
312 g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
316 credentials = g_credentials_new ();
318 vector.buffer = &nul_byte;
321 if (g_unix_credentials_message_is_supported ())
323 scm = g_unix_credentials_message_new_with_credentials (credentials);
332 g_object_get (connection, "socket", &socket, NULL);
333 if (g_socket_send_message (socket,
343 g_prefix_error (error, _("Error sending credentials: "));
350 g_object_unref (socket);
352 g_object_unref (scm);
353 g_object_unref (credentials);
358 send_credentials_async_thread (GTask *task,
359 gpointer source_object,
361 GCancellable *cancellable)
363 GError *error = NULL;
365 if (g_unix_connection_send_credentials (G_UNIX_CONNECTION (source_object),
368 g_task_return_boolean (task, TRUE);
370 g_task_return_error (task, error);
371 g_object_unref (task);
375 * g_unix_connection_send_credentials_async:
376 * @connection: A #GUnixConnection.
377 * @cancellable: (allow-none): optional #GCancellable object, %NULL to ignore.
378 * @callback: (scope async): a #GAsyncReadyCallback to call when the request is satisfied
379 * @user_data: (closure): the data to pass to callback function
381 * Asynchronously send credentials.
383 * For more details, see g_unix_connection_send_credentials() which is
384 * the synchronous version of this call.
386 * When the operation is finished, @callback will be called. You can then call
387 * g_unix_connection_send_credentials_finish() to get the result of the operation.
392 g_unix_connection_send_credentials_async (GUnixConnection *connection,
393 GCancellable *cancellable,
394 GAsyncReadyCallback callback,
399 task = g_task_new (connection, cancellable, callback, user_data);
401 g_task_run_in_thread (task, send_credentials_async_thread);
405 * g_unix_connection_send_credentials_finish:
406 * @connection: A #GUnixConnection.
407 * @result: a #GAsyncResult.
408 * @error: a #GError, or %NULL
410 * Finishes an asynchronous send credentials operation started with
411 * g_unix_connection_send_credentials_async().
413 * Returns: %TRUE if the operation was successful, otherwise %FALSE.
418 g_unix_connection_send_credentials_finish (GUnixConnection *connection,
419 GAsyncResult *result,
422 g_return_val_if_fail (g_task_is_valid (result, connection), FALSE);
424 return g_task_propagate_boolean (G_TASK (result), error);
428 * g_unix_connection_receive_credentials:
429 * @connection: A #GUnixConnection.
430 * @cancellable: (allow-none): A #GCancellable or %NULL.
431 * @error: Return location for error or %NULL.
433 * Receives credentials from the sending end of the connection. The
434 * sending end has to call g_unix_connection_send_credentials() (or
435 * similar) for this to work.
437 * As well as reading the credentials this also reads (and discards) a
438 * single byte from the stream, as this is required for credentials
439 * passing to work on some implementations.
441 * Other ways to exchange credentials with a foreign peer includes the
442 * #GUnixCredentialsMessage type and g_socket_get_credentials() function.
444 * Returns: (transfer full): Received credentials on success (free with
445 * g_object_unref()), %NULL if @error is set.
450 g_unix_connection_receive_credentials (GUnixConnection *connection,
451 GCancellable *cancellable,
455 GSocketControlMessage **scms;
459 gssize num_bytes_read;
461 gboolean turn_off_so_passcreds;
464 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection), NULL);
465 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
470 g_object_get (connection, "socket", &socket, NULL);
472 /* On Linux, we need to turn on SO_PASSCRED if it isn't enabled
473 * already. We also need to turn it off when we're done. See
474 * #617483 for more discussion.
481 turn_off_so_passcreds = FALSE;
483 opt_len = sizeof (gint);
484 if (getsockopt (g_socket_get_fd (socket),
492 g_io_error_from_errno (errno),
493 _("Error checking if SO_PASSCRED is enabled for socket: %s"),
497 if (opt_len != sizeof (gint))
502 _("Unexpected option length while checking if SO_PASSCRED is enabled for socket. "
503 "Expected %d bytes, got %d"),
504 (gint) sizeof (gint), (gint) opt_len);
510 if (setsockopt (g_socket_get_fd (socket),
514 sizeof opt_val) != 0)
518 g_io_error_from_errno (errno),
519 _("Error enabling SO_PASSCRED: %s"),
523 turn_off_so_passcreds = TRUE;
528 g_type_ensure (G_TYPE_UNIX_CREDENTIALS_MESSAGE);
529 num_bytes_read = g_socket_receive_message (socket,
530 NULL, /* GSocketAddress **address */
538 if (num_bytes_read != 1)
540 /* Handle situation where g_socket_receive_message() returns
541 * 0 bytes and not setting @error
543 if (num_bytes_read == 0 && error != NULL && *error == NULL)
545 g_set_error_literal (error,
548 _("Expecting to read a single byte for receiving credentials but read zero bytes"));
553 if (g_unix_credentials_message_is_supported () &&
554 /* Fall back on get_credentials if the other side didn't send the credentials */
562 _("Expecting 1 control message, got %d"),
567 if (!G_IS_UNIX_CREDENTIALS_MESSAGE (scms[0]))
569 g_set_error_literal (error,
572 _("Unexpected type of ancillary data"));
576 ret = g_unix_credentials_message_get_credentials (G_UNIX_CREDENTIALS_MESSAGE (scms[0]));
586 _("Not expecting control message, but got %d"),
592 ret = g_socket_get_credentials (socket, error);
599 if (turn_off_so_passcreds)
603 if (setsockopt (g_socket_get_fd (socket),
607 sizeof opt_val) != 0)
611 g_io_error_from_errno (errno),
612 _("Error while disabling SO_PASSCRED: %s"),
621 for (n = 0; n < nscm; n++)
622 g_object_unref (scms[n]);
625 g_object_unref (socket);
630 receive_credentials_async_thread (GTask *task,
631 gpointer source_object,
633 GCancellable *cancellable)
636 GError *error = NULL;
638 creds = g_unix_connection_receive_credentials (G_UNIX_CONNECTION (source_object),
642 g_task_return_pointer (task, creds, g_object_unref);
644 g_task_return_error (task, error);
645 g_object_unref (task);
649 * g_unix_connection_receive_credentials_async:
650 * @connection: A #GUnixConnection.
651 * @cancellable: (allow-none): optional #GCancellable object, %NULL to ignore.
652 * @callback: (scope async): a #GAsyncReadyCallback to call when the request is satisfied
653 * @user_data: (closure): the data to pass to callback function
655 * Asynchronously receive credentials.
657 * For more details, see g_unix_connection_receive_credentials() which is
658 * the synchronous version of this call.
660 * When the operation is finished, @callback will be called. You can then call
661 * g_unix_connection_receive_credentials_finish() to get the result of the operation.
666 g_unix_connection_receive_credentials_async (GUnixConnection *connection,
667 GCancellable *cancellable,
668 GAsyncReadyCallback callback,
673 task = g_task_new (connection, cancellable, callback, user_data);
675 g_task_run_in_thread (task, receive_credentials_async_thread);
679 * g_unix_connection_receive_credentials_finish:
680 * @connection: A #GUnixConnection.
681 * @result: a #GAsyncResult.
682 * @error: a #GError, or %NULL
684 * Finishes an asynchronous receive credentials operation started with
685 * g_unix_connection_receive_credentials_async().
687 * Returns: (transfer full): a #GCredentials, or %NULL on error.
688 * Free the returned object with g_object_unref().
693 g_unix_connection_receive_credentials_finish (GUnixConnection *connection,
694 GAsyncResult *result,
697 g_return_val_if_fail (g_task_is_valid (result, connection), NULL);
699 return g_task_propagate_pointer (G_TASK (result), error);