/* -*- mode: C; c-file-style: "gnu" -*- */
/* dbus-sysdeps.c Wrappers around system/libc features (internal to D-BUS implementation)
*
- * Copyright (C) 2002 Red Hat, Inc.
+ * Copyright (C) 2002, 2003 Red Hat, Inc.
+ * Copyright (C) 2003 CodeFactory AB
*
- * Licensed under the Academic Free License version 1.2
+ * Licensed under the Academic Free License version 2.1
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
#include "dbus-internals.h"
#include "dbus-sysdeps.h"
#include "dbus-threads.h"
+#include "dbus-protocol.h"
+#include "dbus-string.h"
#include <sys/types.h>
#include <stdlib.h>
#include <string.h>
+#include <signal.h>
#include <unistd.h>
#include <stdio.h>
#include <errno.h>
-#include <unistd.h>
#include <fcntl.h>
#include <sys/socket.h>
#include <dirent.h>
#include <sys/un.h>
#include <pwd.h>
#include <time.h>
+#include <locale.h>
#include <sys/time.h>
#include <sys/stat.h>
+#include <sys/wait.h>
+#include <netinet/in.h>
+#include <netdb.h>
+#include <grp.h>
#ifdef HAVE_WRITEV
#include <sys/uio.h>
#ifdef HAVE_POLL
#include <sys/poll.h>
#endif
+#ifdef HAVE_BACKTRACE
+#include <execinfo.h>
+#endif
+#ifdef HAVE_GETPEERUCRED
+#include <ucred.h>
+#endif
#ifndef O_BINARY
#define O_BINARY 0
#endif
+#ifndef HAVE_SOCKLEN_T
+#define socklen_t int
+#endif
+
/**
* @addtogroup DBusInternalsUtils
* @{
*/
+#ifndef DBUS_DISABLE_ASSERT
/**
* Aborts the program with SIGABRT (dumping core).
*/
void
_dbus_abort (void)
{
+#ifdef DBUS_ENABLE_VERBOSE_MODE
+ const char *s;
+ s = _dbus_getenv ("DBUS_PRINT_BACKTRACE");
+ if (s && *s)
+ _dbus_print_backtrace ();
+#endif
abort ();
_exit (1); /* in case someone manages to ignore SIGABRT */
}
+#endif
+
+/**
+ * Wrapper for setenv(). If the value is #NULL, unsets
+ * the environment variable.
+ *
+ * @todo if someone can verify it's safe, we could avoid the
+ * memleak when doing an unset.
+ *
+ * @param varname name of environment variable
+ * @param value value of environment variable
+ * @returns #TRUE on success.
+ */
+dbus_bool_t
+_dbus_setenv (const char *varname,
+ const char *value)
+{
+ _dbus_assert (varname != NULL);
+
+ if (value == NULL)
+ {
+#ifdef HAVE_UNSETENV
+ unsetenv (varname);
+ return TRUE;
+#else
+ char *putenv_value;
+ size_t len;
+
+ len = strlen (varname);
+
+ /* Use system malloc to avoid memleaks that dbus_malloc
+ * will get upset about.
+ */
+
+ putenv_value = malloc (len + 1);
+ if (putenv_value == NULL)
+ return FALSE;
+
+ strcpy (putenv_value, varname);
+
+ return (putenv (putenv_value) == 0);
+#endif
+ }
+ else
+ {
+#ifdef HAVE_SETENV
+ return (setenv (varname, value, TRUE) == 0);
+#else
+ char *putenv_value;
+ size_t len;
+ size_t varname_len;
+ size_t value_len;
+
+ varname_len = strlen (varname);
+ value_len = strlen (value);
+
+ len = varname_len + value_len + 1 /* '=' */ ;
+
+ /* Use system malloc to avoid memleaks that dbus_malloc
+ * will get upset about.
+ */
+
+ putenv_value = malloc (len + 1);
+ if (putenv_value == NULL)
+ return FALSE;
+
+ strcpy (putenv_value, varname);
+ strcpy (putenv_value + varname_len, "=");
+ strcpy (putenv_value + varname_len + 1, value);
+
+ return (putenv (putenv_value) == 0);
+#endif
+ }
+}
/**
* Wrapper for getenv().
* the data it reads to the DBusString buffer. It appends
* up to the given count, and returns the same value
* and same errno as read(). The only exception is that
- * _dbus_read() handles EINTR for you.
+ * _dbus_read() handles EINTR for you. _dbus_read() can
+ * return ENOMEM, even though regular UNIX read doesn't.
*
* @param fd the file descriptor to read from
* @param buffer the buffer to append data to
return -1;
}
- _dbus_string_get_data_len (buffer, &data, start, count);
+ data = _dbus_string_get_data_len (buffer, start, count);
again:
const char *data;
int bytes_written;
- _dbus_string_get_const_data_len (buffer, &data, start, len);
+ data = _dbus_string_get_const_data_len (buffer, start, len);
again:
const char *data2;
int bytes_written;
- _dbus_string_get_const_data_len (buffer1, &data1, start1, len1);
+ data1 = _dbus_string_get_const_data_len (buffer1, start1, len1);
if (buffer2 != NULL)
- _dbus_string_get_const_data_len (buffer2, &data2, start2, len2);
+ data2 = _dbus_string_get_const_data_len (buffer2, start2, len2);
else
{
data2 = NULL;
#endif /* !HAVE_WRITEV */
}
+#define _DBUS_MAX_SUN_PATH_LENGTH 99
+
+/**
+ * @def _DBUS_MAX_SUN_PATH_LENGTH
+ *
+ * Maximum length of the path to a UNIX domain socket,
+ * sockaddr_un::sun_path member. POSIX requires that all systems
+ * support at least 100 bytes here, including the nul termination.
+ * We use 99 for the max value to allow for the nul.
+ *
+ * We could probably also do sizeof (addr.sun_path)
+ * but this way we are the same on all platforms
+ * which is probably a good idea.
+ */
+
/**
* Creates a socket and connects it to the UNIX domain socket at the
* given path. The connection fd is returned, and is set up as
* nonblocking.
+ *
+ * Uses abstract sockets instead of filesystem-linked sockets if
+ * requested (it's possible only on Linux; see "man 7 unix" on Linux).
+ * On non-Linux abstract socket usage always fails.
*
* @param path the path to UNIX domain socket
- * @param result return location for error code
+ * @param abstract #TRUE to use abstract namespace
+ * @param error return location for error code
* @returns connection file descriptor or -1 on error
*/
int
_dbus_connect_unix_socket (const char *path,
- DBusResultCode *result)
+ dbus_bool_t abstract,
+ DBusError *error)
{
int fd;
+ size_t path_len;
struct sockaddr_un addr;
-
- fd = socket (AF_LOCAL, SOCK_STREAM, 0);
+ _DBUS_ASSERT_ERROR_IS_CLEAR (error);
+
+ _dbus_verbose ("connecting to unix socket %s abstract=%d\n",
+ path, abstract);
+
+ fd = socket (PF_UNIX, SOCK_STREAM, 0);
+
if (fd < 0)
{
- dbus_set_result (result,
- _dbus_result_from_errno (errno));
-
- _dbus_verbose ("Failed to create socket: %s\n",
- _dbus_strerror (errno));
+ dbus_set_error (error,
+ _dbus_error_from_errno (errno),
+ "Failed to create socket: %s",
+ _dbus_strerror (errno));
return -1;
}
_DBUS_ZERO (addr);
- addr.sun_family = AF_LOCAL;
- strncpy (addr.sun_path, path, _DBUS_MAX_SUN_PATH_LENGTH);
- addr.sun_path[_DBUS_MAX_SUN_PATH_LENGTH] = '\0';
+ addr.sun_family = AF_UNIX;
+ path_len = strlen (path);
+
+ if (abstract)
+ {
+#ifdef HAVE_ABSTRACT_SOCKETS
+ addr.sun_path[0] = '\0'; /* this is what says "use abstract" */
+ path_len++; /* Account for the extra nul byte added to the start of sun_path */
+
+ if (path_len > _DBUS_MAX_SUN_PATH_LENGTH)
+ {
+ dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
+ "Abstract socket name too long\n");
+ close (fd);
+ return -1;
+ }
+
+ strncpy (&addr.sun_path[1], path, path_len);
+ /* _dbus_verbose_bytes (addr.sun_path, sizeof (addr.sun_path)); */
+#else /* HAVE_ABSTRACT_SOCKETS */
+ dbus_set_error (error, DBUS_ERROR_NOT_SUPPORTED,
+ "Operating system does not support abstract socket namespace\n");
+ close (fd);
+ return -1;
+#endif /* ! HAVE_ABSTRACT_SOCKETS */
+ }
+ else
+ {
+ if (path_len > _DBUS_MAX_SUN_PATH_LENGTH)
+ {
+ dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
+ "Socket name too long\n");
+ close (fd);
+ return -1;
+ }
+
+ strncpy (addr.sun_path, path, path_len);
+ }
- if (connect (fd, (struct sockaddr*) &addr, sizeof (addr)) < 0)
+ if (connect (fd, (struct sockaddr*) &addr, _DBUS_STRUCT_OFFSET (struct sockaddr_un, sun_path) + path_len) < 0)
{
- dbus_set_result (result,
- _dbus_result_from_errno (errno));
-
- _dbus_verbose ("Failed to connect to socket %s: %s\n",
- path, _dbus_strerror (errno));
+ dbus_set_error (error,
+ _dbus_error_from_errno (errno),
+ "Failed to connect to socket %s: %s",
+ path, _dbus_strerror (errno));
close (fd);
fd = -1;
return -1;
}
- if (!_dbus_set_fd_nonblocking (fd, result))
+ if (!_dbus_set_fd_nonblocking (fd, error))
{
+ _DBUS_ASSERT_ERROR_IS_SET (error);
+
close (fd);
fd = -1;
/**
* Creates a socket and binds it to the given path,
* then listens on the socket. The socket is
- * set to be nonblocking.
+ * set to be nonblocking.
+ *
+ * Uses abstract sockets instead of filesystem-linked
+ * sockets if requested (it's possible only on Linux;
+ * see "man 7 unix" on Linux).
+ * On non-Linux abstract socket usage always fails.
*
* @param path the socket name
- * @param result return location for errors
+ * @param abstract #TRUE to use abstract namespace
+ * @param error return location for errors
* @returns the listening file descriptor or -1 on error
*/
int
_dbus_listen_unix_socket (const char *path,
- DBusResultCode *result)
+ dbus_bool_t abstract,
+ DBusError *error)
{
int listen_fd;
struct sockaddr_un addr;
+ size_t path_len;
- listen_fd = socket (AF_LOCAL, SOCK_STREAM, 0);
+ _DBUS_ASSERT_ERROR_IS_CLEAR (error);
+ _dbus_verbose ("listening on unix socket %s abstract=%d\n",
+ path, abstract);
+
+ listen_fd = socket (PF_UNIX, SOCK_STREAM, 0);
+
if (listen_fd < 0)
{
- dbus_set_result (result, _dbus_result_from_errno (errno));
- _dbus_verbose ("Failed to create socket \"%s\": %s\n",
- path, _dbus_strerror (errno));
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "Failed to create socket \"%s\": %s",
+ path, _dbus_strerror (errno));
return -1;
}
_DBUS_ZERO (addr);
- addr.sun_family = AF_LOCAL;
- strncpy (addr.sun_path, path, _DBUS_MAX_SUN_PATH_LENGTH);
- addr.sun_path[_DBUS_MAX_SUN_PATH_LENGTH] = '\0';
+ addr.sun_family = AF_UNIX;
+ path_len = strlen (path);
+
+ if (abstract)
+ {
+#ifdef HAVE_ABSTRACT_SOCKETS
+ /* remember that abstract names aren't nul-terminated so we rely
+ * on sun_path being filled in with zeroes above.
+ */
+ addr.sun_path[0] = '\0'; /* this is what says "use abstract" */
+ path_len++; /* Account for the extra nul byte added to the start of sun_path */
+
+ if (path_len > _DBUS_MAX_SUN_PATH_LENGTH)
+ {
+ dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
+ "Abstract socket name too long\n");
+ close (listen_fd);
+ return -1;
+ }
+
+ strncpy (&addr.sun_path[1], path, path_len);
+ /* _dbus_verbose_bytes (addr.sun_path, sizeof (addr.sun_path)); */
+#else /* HAVE_ABSTRACT_SOCKETS */
+ dbus_set_error (error, DBUS_ERROR_NOT_SUPPORTED,
+ "Operating system does not support abstract socket namespace\n");
+ close (listen_fd);
+ return -1;
+#endif /* ! HAVE_ABSTRACT_SOCKETS */
+ }
+ else
+ {
+ /* FIXME discussed security implications of this with Nalin,
+ * and we couldn't think of where it would kick our ass, but
+ * it still seems a bit sucky. It also has non-security suckage;
+ * really we'd prefer to exit if the socket is already in use.
+ * But there doesn't seem to be a good way to do this.
+ *
+ * Just to be extra careful, I threw in the stat() - clearly
+ * the stat() can't *fix* any security issue, but it at least
+ * avoids inadvertent/accidental data loss.
+ */
+ {
+ struct stat sb;
+
+ if (stat (path, &sb) == 0 &&
+ S_ISSOCK (sb.st_mode))
+ unlink (path);
+ }
+
+ if (path_len > _DBUS_MAX_SUN_PATH_LENGTH)
+ {
+ dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
+ "Abstract socket name too long\n");
+ close (listen_fd);
+ return -1;
+ }
+
+ strncpy (addr.sun_path, path, path_len);
+ }
- if (bind (listen_fd, (struct sockaddr*) &addr, SUN_LEN (&addr)) < 0)
+ if (bind (listen_fd, (struct sockaddr*) &addr, _DBUS_STRUCT_OFFSET (struct sockaddr_un, sun_path) + path_len) < 0)
{
- dbus_set_result (result, _dbus_result_from_errno (errno));
- _dbus_verbose ("Failed to bind socket \"%s\": %s\n",
- path, _dbus_strerror (errno));
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "Failed to bind socket \"%s\": %s",
+ path, _dbus_strerror (errno));
close (listen_fd);
return -1;
}
if (listen (listen_fd, 30 /* backlog */) < 0)
{
- dbus_set_result (result, _dbus_result_from_errno (errno));
- _dbus_verbose ("Failed to listen on socket \"%s\": %s\n",
- path, _dbus_strerror (errno));
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "Failed to listen on socket \"%s\": %s",
+ path, _dbus_strerror (errno));
close (listen_fd);
return -1;
}
- if (!_dbus_set_fd_nonblocking (listen_fd, result))
+ if (!_dbus_set_fd_nonblocking (listen_fd, error))
{
+ _DBUS_ASSERT_ERROR_IS_SET (error);
close (listen_fd);
return -1;
}
+ /* Try opening up the permissions, but if we can't, just go ahead
+ * and continue, maybe it will be good enough.
+ */
+ if (!abstract && chmod (path, 0777) < 0)
+ _dbus_warn ("Could not set mode 0777 on socket %s\n",
+ path);
+
return listen_fd;
}
-/* try to read a single byte and return #TRUE if we read it
- * and it's equal to nul.
+/**
+ * Creates a socket and connects to a socket at the given host
+ * and port. The connection fd is returned, and is set up as
+ * nonblocking.
+ *
+ * @param host the host name to connect to
+ * @param port the prot to connect to
+ * @param error return location for error code
+ * @returns connection file descriptor or -1 on error
*/
-static dbus_bool_t
-read_credentials_byte (int client_fd,
- DBusResultCode *result)
+int
+_dbus_connect_tcp_socket (const char *host,
+ dbus_uint32_t port,
+ DBusError *error)
{
- char buf[1];
- int bytes_read;
+ int fd;
+ struct sockaddr_in addr;
+ struct hostent *he;
+ struct in_addr *haddr;
- again:
- bytes_read = read (client_fd, buf, 1);
- if (bytes_read < 0)
+ _DBUS_ASSERT_ERROR_IS_CLEAR (error);
+
+ fd = socket (AF_INET, SOCK_STREAM, 0);
+
+ if (fd < 0)
{
- if (errno == EINTR)
- goto again;
- else
- {
- dbus_set_result (result, _dbus_result_from_errno (errno));
- _dbus_verbose ("Failed to read credentials byte: %s\n",
- _dbus_strerror (errno));
- return FALSE;
- }
+ dbus_set_error (error,
+ _dbus_error_from_errno (errno),
+ "Failed to create socket: %s",
+ _dbus_strerror (errno));
+
+ return -1;
}
- else if (bytes_read == 0)
+
+ if (host == NULL)
+ host = "localhost";
+
+ he = gethostbyname (host);
+ if (he == NULL)
{
- dbus_set_result (result, DBUS_RESULT_IO_ERROR);
- _dbus_verbose ("EOF reading credentials byte\n");
- return FALSE;
+ dbus_set_error (error,
+ _dbus_error_from_errno (errno),
+ "Failed to lookup hostname: %s",
+ host);
+ close (fd);
+ return -1;
}
- else
- {
- _dbus_assert (bytes_read == 1);
+
+ haddr = ((struct in_addr *) (he->h_addr_list)[0]);
- if (buf[0] != '\0')
- {
- dbus_set_result (result, DBUS_RESULT_FAILED);
- _dbus_verbose ("Credentials byte was not nul\n");
- return FALSE;
- }
+ _DBUS_ZERO (addr);
+ memcpy (&addr.sin_addr, haddr, sizeof(struct in_addr));
+ addr.sin_family = AF_INET;
+ addr.sin_port = htons (port);
+
+ if (connect (fd, (struct sockaddr*) &addr, sizeof (addr)) < 0)
+ {
+ dbus_set_error (error,
+ _dbus_error_from_errno (errno),
+ "Failed to connect to socket %s: %s:%d",
+ host, _dbus_strerror (errno), port);
- _dbus_verbose ("read credentials byte\n");
+ close (fd);
+ fd = -1;
- return TRUE;
+ return -1;
+ }
+
+ if (!_dbus_set_fd_nonblocking (fd, error))
+ {
+ close (fd);
+ fd = -1;
+
+ return -1;
+ }
+
+ return fd;
+}
+
+/**
+ * Creates a socket and binds it to the given path,
+ * then listens on the socket. The socket is
+ * set to be nonblocking.
+ *
+ * @param host the host name to listen on
+ * @param port the prot to listen on
+ * @param error return location for errors
+ * @returns the listening file descriptor or -1 on error
+ */
+int
+_dbus_listen_tcp_socket (const char *host,
+ dbus_uint32_t port,
+ DBusError *error)
+{
+ int listen_fd;
+ struct sockaddr_in addr;
+ struct hostent *he;
+ struct in_addr *haddr;
+
+ _DBUS_ASSERT_ERROR_IS_CLEAR (error);
+
+ listen_fd = socket (AF_INET, SOCK_STREAM, 0);
+
+ if (listen_fd < 0)
+ {
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "Failed to create socket \"%s:%d\": %s",
+ host, port, _dbus_strerror (errno));
+ return -1;
+ }
+
+ he = gethostbyname (host);
+ if (he == NULL)
+ {
+ dbus_set_error (error,
+ _dbus_error_from_errno (errno),
+ "Failed to lookup hostname: %s",
+ host);
+ close (listen_fd);
+ return -1;
+ }
+
+ haddr = ((struct in_addr *) (he->h_addr_list)[0]);
+
+ _DBUS_ZERO (addr);
+ memcpy (&addr.sin_addr, haddr, sizeof (struct in_addr));
+ addr.sin_family = AF_INET;
+ addr.sin_port = htons (port);
+
+ if (bind (listen_fd, (struct sockaddr*) &addr, sizeof (struct sockaddr)))
+ {
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "Failed to bind socket \"%s:%d\": %s",
+ host, port, _dbus_strerror (errno));
+ close (listen_fd);
+ return -1;
+ }
+
+ if (listen (listen_fd, 30 /* backlog */) < 0)
+ {
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "Failed to listen on socket \"%s:%d\": %s",
+ host, port, _dbus_strerror (errno));
+ close (listen_fd);
+ return -1;
+ }
+
+ if (!_dbus_set_fd_nonblocking (listen_fd, error))
+ {
+ close (listen_fd);
+ return -1;
}
+
+ return listen_fd;
}
static dbus_bool_t
write_credentials_byte (int server_fd,
- DBusResultCode *result)
+ DBusError *error)
{
int bytes_written;
char buf[1] = { '\0' };
+#if defined(HAVE_CMSGCRED) && !defined(LOCAL_CREDS)
+ struct {
+ struct cmsghdr hdr;
+ struct cmsgcred cred;
+ } cmsg;
+ struct iovec iov;
+ struct msghdr msg;
+#endif
+
+#if defined(HAVE_CMSGCRED) && !defined(LOCAL_CREDS)
+ iov.iov_base = buf;
+ iov.iov_len = 1;
+
+ memset (&msg, 0, sizeof (msg));
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+
+ msg.msg_control = &cmsg;
+ msg.msg_controllen = sizeof (cmsg);
+ memset (&cmsg, 0, sizeof (cmsg));
+ cmsg.hdr.cmsg_len = sizeof (cmsg);
+ cmsg.hdr.cmsg_level = SOL_SOCKET;
+ cmsg.hdr.cmsg_type = SCM_CREDS;
+#endif
+
+ _DBUS_ASSERT_ERROR_IS_CLEAR (error);
again:
+#if defined(HAVE_CMSGCRED) && !defined(LOCAL_CREDS)
+ bytes_written = sendmsg (server_fd, &msg, 0);
+#else
bytes_written = write (server_fd, buf, 1);
+#endif
if (bytes_written < 0 && errno == EINTR)
goto again;
if (bytes_written < 0)
{
- dbus_set_result (result, _dbus_result_from_errno (errno));
- _dbus_verbose ("Failed to write credentials byte: %s\n",
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "Failed to write credentials byte: %s",
_dbus_strerror (errno));
return FALSE;
}
else if (bytes_written == 0)
{
- dbus_set_result (result, DBUS_RESULT_IO_ERROR);
- _dbus_verbose ("wrote zero bytes writing credentials byte\n");
+ dbus_set_error (error, DBUS_ERROR_IO_ERROR,
+ "wrote zero bytes writing credentials byte");
return FALSE;
}
else
*
* @param client_fd the client file descriptor
* @param credentials struct to fill with credentials of client
- * @param result location to store result code
+ * @param error location to store error code
* @returns #TRUE on success
*/
dbus_bool_t
_dbus_read_credentials_unix_socket (int client_fd,
DBusCredentials *credentials,
- DBusResultCode *result)
+ DBusError *error)
{
- credentials->pid = -1;
- credentials->uid = -1;
- credentials->gid = -1;
+ struct msghdr msg;
+ struct iovec iov;
+ char buf;
+
+#ifdef HAVE_CMSGCRED
+ struct {
+ struct cmsghdr hdr;
+ struct cmsgcred cred;
+ } cmsg;
+#endif
+
+ _DBUS_ASSERT_ERROR_IS_CLEAR (error);
-#ifdef SO_PEERCRED
- if (read_credentials_byte (client_fd, result))
+ /* The POSIX spec certainly doesn't promise this, but
+ * we need these assertions to fail as soon as we're wrong about
+ * it so we can do the porting fixups
+ */
+ _dbus_assert (sizeof (pid_t) <= sizeof (credentials->pid));
+ _dbus_assert (sizeof (uid_t) <= sizeof (credentials->uid));
+ _dbus_assert (sizeof (gid_t) <= sizeof (credentials->gid));
+
+ _dbus_credentials_clear (credentials);
+
+#if defined(LOCAL_CREDS) && defined(HAVE_CMSGCRED)
+ /* Set the socket to receive credentials on the next message */
+ {
+ int on = 1;
+ if (setsockopt (client_fd, 0, LOCAL_CREDS, &on, sizeof (on)) < 0)
+ {
+ _dbus_verbose ("Unable to set LOCAL_CREDS socket option\n");
+ return FALSE;
+ }
+ }
+#endif
+
+ iov.iov_base = &buf;
+ iov.iov_len = 1;
+
+ memset (&msg, 0, sizeof (msg));
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+
+#ifdef HAVE_CMSGCRED
+ memset (&cmsg, 0, sizeof (cmsg));
+ msg.msg_control = &cmsg;
+ msg.msg_controllen = sizeof (cmsg);
+#endif
+
+ again:
+ if (recvmsg (client_fd, &msg, 0) < 0)
{
- struct ucred cr;
- int cr_len = sizeof (cr);
-
- if (getsockopt (client_fd, SOL_SOCKET, SO_PEERCRED, &cr, &cr_len) == 0 &&
- cr_len == sizeof (cr))
- {
- credentials->pid = cr.pid;
- credentials->uid = cr.uid;
- credentials->gid = cr.gid;
- _dbus_verbose ("Got credentials pid %d uid %d gid %d\n",
- credentials->pid,
- credentials->uid,
- credentials->gid);
- }
- else
- {
- _dbus_verbose ("Failed to getsockopt() credentials, returned len %d/%d: %s\n",
- cr_len, (int) sizeof (cr), _dbus_strerror (errno));
- }
+ if (errno == EINTR)
+ goto again;
- return TRUE;
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "Failed to read credentials byte: %s",
+ _dbus_strerror (errno));
+ return FALSE;
+ }
+
+ if (buf != '\0')
+ {
+ dbus_set_error (error, DBUS_ERROR_FAILED,
+ "Credentials byte was not nul");
+ return FALSE;
+ }
+
+#ifdef HAVE_CMSGCRED
+ if (cmsg.hdr.cmsg_len < sizeof (cmsg) || cmsg.hdr.cmsg_type != SCM_CREDS)
+ {
+ dbus_set_error (error, DBUS_ERROR_FAILED,
+ "Message from recvmsg() was not SCM_CREDS");
+ return FALSE;
}
- else
- return FALSE;
-#else /* !SO_PEERCRED */
- _dbus_verbose ("Socket credentials not supported on this OS\n");
- return TRUE;
#endif
-}
-/**
- * Sends a single nul byte with our UNIX credentials as ancillary
- * data. Returns #TRUE if the data was successfully written. On
- * systems that don't support sending credentials, just writes a byte,
- * doesn't send any credentials. On some systems, such as Linux,
- * reading/writing the byte isn't actually required, but we do it
- * anyway just to avoid multiple codepaths.
- *
- * Fails if no byte can be written, so you must select() first.
- *
- * The point of the byte is that on some systems we have to
- * use sendmsg()/recvmsg() to transmit credentials.
- *
- * @param server_fd file descriptor for connection to server
- * @param result return location for error code
- * @returns #TRUE if the byte was sent
- */
-dbus_bool_t
-_dbus_send_credentials_unix_socket (int server_fd,
- DBusResultCode *result)
-{
- if (write_credentials_byte (server_fd, result))
- return TRUE;
- else
- return FALSE;
-}
+ _dbus_verbose ("read credentials byte\n");
+
+ {
+#ifdef SO_PEERCRED
+ struct ucred cr;
+ int cr_len = sizeof (cr);
+
+ if (getsockopt (client_fd, SOL_SOCKET, SO_PEERCRED, &cr, &cr_len) == 0 &&
+ cr_len == sizeof (cr))
+ {
+ credentials->pid = cr.pid;
+ credentials->uid = cr.uid;
+ credentials->gid = cr.gid;
+ }
+ else
+ {
+ _dbus_verbose ("Failed to getsockopt() credentials, returned len %d/%d: %s\n",
+ cr_len, (int) sizeof (cr), _dbus_strerror (errno));
+ }
+#elif defined(HAVE_CMSGCRED)
+ credentials->pid = cmsg.cred.cmcred_pid;
+ credentials->uid = cmsg.cred.cmcred_euid;
+ credentials->gid = cmsg.cred.cmcred_groups[0];
+#elif defined(HAVE_GETPEEREID)
+ uid_t euid;
+ gid_t egid;
+ if (getpeereid (client_fd, &euid, &egid) == 0)
+ {
+ credentials->uid = euid;
+ credentials->gid = egid;
+ }
+ else
+ {
+ _dbus_verbose ("Failed to getpeereid() credentials: %s\n", _dbus_strerror (errno));
+ }
+#elif defined(HAVE_GETPEERUCRED)
+ ucred_t * ucred = NULL;
+ if (getpeerucred (client_fd, &ucred) == 0)
+ {
+ credentials->pid = ucred_getpid (ucred);
+ credentials->uid = ucred_geteuid (ucred);
+ credentials->gid = ucred_getegid (ucred);
+ }
+ else
+ {
+ _dbus_verbose ("Failed to getpeerucred() credentials: %s\n", _dbus_strerror (errno));
+ }
+ if (ucred != NULL)
+ ucred_free (ucred);
+#else /* !SO_PEERCRED && !HAVE_CMSGCRED && !HAVE_GETPEEREID && !HAVE_GETPEERUCRED */
+ _dbus_verbose ("Socket credentials not supported on this OS\n");
+#endif
+ }
+
+ _dbus_verbose ("Credentials:"
+ " pid "DBUS_PID_FORMAT
+ " uid "DBUS_UID_FORMAT
+ " gid "DBUS_GID_FORMAT"\n",
+ credentials->pid,
+ credentials->uid,
+ credentials->gid);
+
+ return TRUE;
+}
+
+/**
+ * Sends a single nul byte with our UNIX credentials as ancillary
+ * data. Returns #TRUE if the data was successfully written. On
+ * systems that don't support sending credentials, just writes a byte,
+ * doesn't send any credentials. On some systems, such as Linux,
+ * reading/writing the byte isn't actually required, but we do it
+ * anyway just to avoid multiple codepaths.
+ *
+ * Fails if no byte can be written, so you must select() first.
+ *
+ * The point of the byte is that on some systems we have to
+ * use sendmsg()/recvmsg() to transmit credentials.
+ *
+ * @param server_fd file descriptor for connection to server
+ * @param error return location for error code
+ * @returns #TRUE if the byte was sent
+ */
+dbus_bool_t
+_dbus_send_credentials_unix_socket (int server_fd,
+ DBusError *error)
+{
+ _DBUS_ASSERT_ERROR_IS_CLEAR (error);
+
+ if (write_credentials_byte (server_fd, error))
+ return TRUE;
+ else
+ return FALSE;
+}
/**
* Accepts a connection on a listening socket.
_dbus_accept (int listen_fd)
{
int client_fd;
+ struct sockaddr addr;
+ socklen_t addrlen;
+
+ addrlen = sizeof (addr);
retry:
- client_fd = accept (listen_fd, NULL, NULL);
+ client_fd = accept (listen_fd, &addr, &addrlen);
if (client_fd < 0)
{
if (!_dbus_string_lengthen (str, MAX_LONG_LEN))
return FALSE;
- _dbus_string_get_data_len (str, &buf, orig_len, MAX_LONG_LEN);
+ buf = _dbus_string_get_data_len (str, orig_len, MAX_LONG_LEN);
snprintf (buf, MAX_LONG_LEN, "%ld", value);
if (!_dbus_string_lengthen (str, MAX_ULONG_LEN))
return FALSE;
- _dbus_string_get_data_len (str, &buf, orig_len, MAX_ULONG_LEN);
+ buf = _dbus_string_get_data_len (str, orig_len, MAX_ULONG_LEN);
snprintf (buf, MAX_ULONG_LEN, "%lu", value);
return TRUE;
}
+#ifdef DBUS_BUILD_TESTS
/**
* Appends a double to a DBusString.
*
if (!_dbus_string_lengthen (str, MAX_DOUBLE_LEN))
return FALSE;
- _dbus_string_get_data_len (str, &buf, orig_len, MAX_DOUBLE_LEN);
+ buf = _dbus_string_get_data_len (str, orig_len, MAX_DOUBLE_LEN);
snprintf (buf, MAX_LONG_LEN, "%g", value);
return TRUE;
}
+#endif /* DBUS_BUILD_TESTS */
/**
* Parses an integer contained in a DBusString. Either return parameter
const char *p;
char *end;
- _dbus_string_get_const_data_len (str, &p, start,
- _dbus_string_get_length (str) - start);
+ p = _dbus_string_get_const_data_len (str, start,
+ _dbus_string_get_length (str) - start);
end = NULL;
errno = 0;
if (value_return)
*value_return = v;
if (end_return)
- *end_return = (end - p);
+ *end_return = start + (end - p);
+
+ return TRUE;
+}
+
+/**
+* Checks to make sure the given directory is
+* private to the user
+*
+* @param dir the name of the directory
+* @param error error return
+* @returns #FALSE on failure
+**/
+dbus_bool_t
+_dbus_check_dir_is_private_to_user (DBusString *dir, DBusError *error)
+{
+ const char *directory;
+ struct stat sb;
+
+ _DBUS_ASSERT_ERROR_IS_CLEAR (error);
+
+ directory = _dbus_string_get_const_data (dir);
+
+ if (stat (directory, &sb) < 0)
+ {
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "%s", _dbus_strerror (errno));
+
+ return FALSE;
+ }
+
+ if ((S_IROTH & sb.st_mode) || (S_IWOTH & sb.st_mode) ||
+ (S_IRGRP & sb.st_mode) || (S_IWGRP & sb.st_mode))
+ {
+ dbus_set_error (error, DBUS_ERROR_FAILED,
+ "%s directory is not private to the user", directory);
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+/**
+ * Parses an unsigned integer contained in a DBusString. Either return
+ * parameter may be #NULL if you aren't interested in it. The integer
+ * is parsed and stored in value_return. Return parameters are not
+ * initialized if the function returns #FALSE.
+ *
+ * @param str the string
+ * @param start the byte index of the start of the integer
+ * @param value_return return location of the integer value or #NULL
+ * @param end_return return location of the end of the integer, or #NULL
+ * @returns #TRUE on success
+ */
+dbus_bool_t
+_dbus_string_parse_uint (const DBusString *str,
+ int start,
+ unsigned long *value_return,
+ int *end_return)
+{
+ unsigned long v;
+ const char *p;
+ char *end;
+
+ p = _dbus_string_get_const_data_len (str, start,
+ _dbus_string_get_length (str) - start);
+
+ end = NULL;
+ errno = 0;
+ v = strtoul (p, &end, 0);
+ if (end == NULL || end == p || errno != 0)
+ return FALSE;
+
+ if (value_return)
+ *value_return = v;
+ if (end_return)
+ *end_return = start + (end - p);
return TRUE;
}
+#ifdef DBUS_BUILD_TESTS
+static dbus_bool_t
+ascii_isspace (char c)
+{
+ return (c == ' ' ||
+ c == '\f' ||
+ c == '\n' ||
+ c == '\r' ||
+ c == '\t' ||
+ c == '\v');
+}
+#endif /* DBUS_BUILD_TESTS */
+
+#ifdef DBUS_BUILD_TESTS
+static dbus_bool_t
+ascii_isdigit (char c)
+{
+ return c >= '0' && c <= '9';
+}
+#endif /* DBUS_BUILD_TESTS */
+
+#ifdef DBUS_BUILD_TESTS
+static dbus_bool_t
+ascii_isxdigit (char c)
+{
+ return (ascii_isdigit (c) ||
+ (c >= 'a' && c <= 'f') ||
+ (c >= 'A' && c <= 'F'));
+}
+#endif /* DBUS_BUILD_TESTS */
+
+#ifdef DBUS_BUILD_TESTS
+/* Calls strtod in a locale-independent fashion, by looking at
+ * the locale data and patching the decimal comma to a point.
+ *
+ * Relicensed from glib.
+ */
+static double
+ascii_strtod (const char *nptr,
+ char **endptr)
+{
+ char *fail_pos;
+ double val;
+ struct lconv *locale_data;
+ const char *decimal_point;
+ int decimal_point_len;
+ const char *p, *decimal_point_pos;
+ const char *end = NULL; /* Silence gcc */
+
+ fail_pos = NULL;
+
+ locale_data = localeconv ();
+ decimal_point = locale_data->decimal_point;
+ decimal_point_len = strlen (decimal_point);
+
+ _dbus_assert (decimal_point_len != 0);
+
+ decimal_point_pos = NULL;
+ if (decimal_point[0] != '.' ||
+ decimal_point[1] != 0)
+ {
+ p = nptr;
+ /* Skip leading space */
+ while (ascii_isspace (*p))
+ p++;
+
+ /* Skip leading optional sign */
+ if (*p == '+' || *p == '-')
+ p++;
+
+ if (p[0] == '0' &&
+ (p[1] == 'x' || p[1] == 'X'))
+ {
+ p += 2;
+ /* HEX - find the (optional) decimal point */
+
+ while (ascii_isxdigit (*p))
+ p++;
+
+ if (*p == '.')
+ {
+ decimal_point_pos = p++;
+
+ while (ascii_isxdigit (*p))
+ p++;
+
+ if (*p == 'p' || *p == 'P')
+ p++;
+ if (*p == '+' || *p == '-')
+ p++;
+ while (ascii_isdigit (*p))
+ p++;
+ end = p;
+ }
+ }
+ else
+ {
+ while (ascii_isdigit (*p))
+ p++;
+
+ if (*p == '.')
+ {
+ decimal_point_pos = p++;
+
+ while (ascii_isdigit (*p))
+ p++;
+
+ if (*p == 'e' || *p == 'E')
+ p++;
+ if (*p == '+' || *p == '-')
+ p++;
+ while (ascii_isdigit (*p))
+ p++;
+ end = p;
+ }
+ }
+ /* For the other cases, we need not convert the decimal point */
+ }
+
+ /* Set errno to zero, so that we can distinguish zero results
+ and underflows */
+ errno = 0;
+
+ if (decimal_point_pos)
+ {
+ char *copy, *c;
+
+ /* We need to convert the '.' to the locale specific decimal point */
+ copy = dbus_malloc (end - nptr + 1 + decimal_point_len);
+
+ c = copy;
+ memcpy (c, nptr, decimal_point_pos - nptr);
+ c += decimal_point_pos - nptr;
+ memcpy (c, decimal_point, decimal_point_len);
+ c += decimal_point_len;
+ memcpy (c, decimal_point_pos + 1, end - (decimal_point_pos + 1));
+ c += end - (decimal_point_pos + 1);
+ *c = 0;
+
+ val = strtod (copy, &fail_pos);
+
+ if (fail_pos)
+ {
+ if (fail_pos > decimal_point_pos)
+ fail_pos = (char *)nptr + (fail_pos - copy) - (decimal_point_len - 1);
+ else
+ fail_pos = (char *)nptr + (fail_pos - copy);
+ }
+
+ dbus_free (copy);
+
+ }
+ else
+ val = strtod (nptr, &fail_pos);
+
+ if (endptr)
+ *endptr = fail_pos;
+
+ return val;
+}
+#endif /* DBUS_BUILD_TESTS */
+
+#ifdef DBUS_BUILD_TESTS
/**
* Parses a floating point number contained in a DBusString. Either
* return parameter may be #NULL if you aren't interested in it. The
* integer is parsed and stored in value_return. Return parameters are
* not initialized if the function returns #FALSE.
*
- * @todo this function is currently locale-dependent. Should
- * ask alexl to relicense g_ascii_strtod() code and put that in
- * here instead, so it's locale-independent.
- *
* @param str the string
* @param start the byte index of the start of the float
* @param value_return return location of the float value or #NULL
const char *p;
char *end;
- _dbus_warn ("_dbus_string_parse_double() needs to be made locale-independent\n");
-
- _dbus_string_get_const_data_len (str, &p, start,
- _dbus_string_get_length (str) - start);
+ p = _dbus_string_get_const_data_len (str, start,
+ _dbus_string_get_length (str) - start);
end = NULL;
errno = 0;
- v = strtod (p, &end);
+ v = ascii_strtod (p, &end);
if (end == NULL || end == p || errno != 0)
return FALSE;
if (value_return)
*value_return = v;
if (end_return)
- *end_return = (end - p);
+ *end_return = start + (end - p);
return TRUE;
}
+#endif /* DBUS_BUILD_TESTS */
+
+/** @} */ /* DBusString group */
/**
- * Gets the credentials corresponding to the given username.
- *
- * @param username the username
- * @param credentials credentials to fill in
- * @returns #TRUE if the username existed and we got some credentials
+ * @addtogroup DBusInternalsUtils
+ * @{
*/
-dbus_bool_t
-_dbus_credentials_from_username (const DBusString *username,
- DBusCredentials *credentials)
+static dbus_bool_t
+fill_user_info_from_passwd (struct passwd *p,
+ DBusUserInfo *info,
+ DBusError *error)
+{
+ _dbus_assert (p->pw_name != NULL);
+ _dbus_assert (p->pw_dir != NULL);
+
+ info->uid = p->pw_uid;
+ info->primary_gid = p->pw_gid;
+ info->username = _dbus_strdup (p->pw_name);
+ info->homedir = _dbus_strdup (p->pw_dir);
+
+ if (info->username == NULL ||
+ info->homedir == NULL)
+ {
+ dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+static dbus_bool_t
+fill_user_info (DBusUserInfo *info,
+ dbus_uid_t uid,
+ const DBusString *username,
+ DBusError *error)
{
- const char *username_c_str;
+ const char *username_c;
+
+ /* exactly one of username/uid provided */
+ _dbus_assert (username != NULL || uid != DBUS_UID_UNSET);
+ _dbus_assert (username == NULL || uid == DBUS_UID_UNSET);
+
+ info->uid = DBUS_UID_UNSET;
+ info->primary_gid = DBUS_GID_UNSET;
+ info->group_ids = NULL;
+ info->n_group_ids = 0;
+ info->username = NULL;
+ info->homedir = NULL;
- credentials->pid = -1;
- credentials->uid = -1;
- credentials->gid = -1;
+ if (username != NULL)
+ username_c = _dbus_string_get_const_data (username);
+ else
+ username_c = NULL;
- _dbus_string_get_const_data (username, &username_c_str);
+ /* For now assuming that the getpwnam() and getpwuid() flavors
+ * are always symmetrical, if not we have to add more configure
+ * checks
+ */
-#ifdef HAVE_GETPWNAM_R
+#if defined (HAVE_POSIX_GETPWNAM_R) || defined (HAVE_NONPOSIX_GETPWNAM_R)
{
struct passwd *p;
int result;
struct passwd p_str;
p = NULL;
- result = getpwnam_r (username_c_str, &p_str, buf, sizeof (buf),
- &p);
-
+#ifdef HAVE_POSIX_GETPWNAM_R
+ if (uid != DBUS_UID_UNSET)
+ result = getpwuid_r (uid, &p_str, buf, sizeof (buf),
+ &p);
+ else
+ result = getpwnam_r (username_c, &p_str, buf, sizeof (buf),
+ &p);
+#else
+ if (uid != DBUS_UID_UNSET)
+ p = getpwuid_r (uid, &p_str, buf, sizeof (buf));
+ else
+ p = getpwnam_r (username_c, &p_str, buf, sizeof (buf));
+ result = 0;
+#endif /* !HAVE_POSIX_GETPWNAM_R */
if (result == 0 && p == &p_str)
{
- credentials->uid = p->pw_uid;
- credentials->gid = p->pw_gid;
-
- _dbus_verbose ("Username %s has uid %d gid %d\n",
- username_c_str, credentials->uid, credentials->gid);
- return TRUE;
+ if (!fill_user_info_from_passwd (p, info, error))
+ return FALSE;
}
else
{
- _dbus_verbose ("User %s unknown\n", username_c_str);
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "User \"%s\" unknown or no memory to allocate password entry\n",
+ username_c ? username_c : "???");
+ _dbus_verbose ("User %s unknown\n", username_c ? username_c : "???");
return FALSE;
}
}
/* I guess we're screwed on thread safety here */
struct passwd *p;
- p = getpwnam (username_c_str);
+ if (uid != DBUS_UID_UNSET)
+ p = getpwuid (uid);
+ else
+ p = getpwnam (username_c);
if (p != NULL)
{
- credentials->uid = p->pw_uid;
- credentials->gid = p->pw_gid;
-
- _dbus_verbose ("Username %s has uid %d gid %d\n",
- username_c_str, credentials->uid, credentials->gid);
- return TRUE;
+ if (!fill_user_info_from_passwd (p, info, error))
+ return FALSE;
}
else
{
- _dbus_verbose ("User %s unknown\n", username_c_str);
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "User \"%s\" unknown or no memory to allocate password entry\n",
+ username_c ? username_c : "???");
+ _dbus_verbose ("User %s unknown\n", username_c ? username_c : "???");
return FALSE;
}
}
-#endif
+#endif /* ! HAVE_GETPWNAM_R */
+
+ /* Fill this in so we can use it to get groups */
+ username_c = info->username;
+
+#ifdef HAVE_GETGROUPLIST
+ {
+ gid_t *buf;
+ int buf_count;
+ int i;
+
+ buf_count = 17;
+ buf = dbus_new (gid_t, buf_count);
+ if (buf == NULL)
+ {
+ dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
+ goto failed;
+ }
+
+ if (getgrouplist (username_c,
+ info->primary_gid,
+ buf, &buf_count) < 0)
+ {
+ gid_t *new = dbus_realloc (buf, buf_count * sizeof (buf[0]));
+ if (new == NULL)
+ {
+ dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
+ dbus_free (buf);
+ goto failed;
+ }
+
+ buf = new;
+
+ errno = 0;
+ if (getgrouplist (username_c, info->primary_gid, buf, &buf_count) < 0)
+ {
+ dbus_set_error (error,
+ _dbus_error_from_errno (errno),
+ "Failed to get groups for username \"%s\" primary GID "
+ DBUS_GID_FORMAT ": %s\n",
+ username_c, info->primary_gid,
+ _dbus_strerror (errno));
+ dbus_free (buf);
+ goto failed;
+ }
+ }
+
+ info->group_ids = dbus_new (dbus_gid_t, buf_count);
+ if (info->group_ids == NULL)
+ {
+ dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
+ dbus_free (buf);
+ goto failed;
+ }
+
+ for (i = 0; i < buf_count; ++i)
+ info->group_ids[i] = buf[i];
+
+ info->n_group_ids = buf_count;
+
+ dbus_free (buf);
+ }
+#else /* HAVE_GETGROUPLIST */
+ {
+ /* We just get the one group ID */
+ info->group_ids = dbus_new (dbus_gid_t, 1);
+ if (info->group_ids == NULL)
+ {
+ dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
+ goto failed;
+ }
+
+ info->n_group_ids = 1;
+
+ (info->group_ids)[0] = info->primary_gid;
+ }
+#endif /* HAVE_GETGROUPLIST */
+
+ _DBUS_ASSERT_ERROR_IS_CLEAR (error);
+
+ return TRUE;
+
+ failed:
+ _DBUS_ASSERT_ERROR_IS_SET (error);
+ return FALSE;
}
/**
- * Gets credentials from a UID string. (Parses a string to a UID
- * and converts to a DBusCredentials.)
+ * Gets user info for the given username.
*
- * @param uid_str the UID in string form
- * @param credentials credentials to fill in
- * @returns #TRUE if successfully filled in some credentials
+ * @param info user info object to initialize
+ * @param username the username
+ * @param error error return
+ * @returns #TRUE on success
*/
dbus_bool_t
-_dbus_credentials_from_uid_string (const DBusString *uid_str,
- DBusCredentials *credentials)
+_dbus_user_info_fill (DBusUserInfo *info,
+ const DBusString *username,
+ DBusError *error)
{
- int end;
- long uid;
-
- credentials->pid = -1;
- credentials->uid = -1;
- credentials->gid = -1;
-
- if (_dbus_string_get_length (uid_str) == 0)
- {
- _dbus_verbose ("UID string was zero length\n");
- return FALSE;
- }
+ return fill_user_info (info, DBUS_UID_UNSET,
+ username, error);
+}
- uid = -1;
- end = 0;
- if (!_dbus_string_parse_int (uid_str, 0, &uid,
- &end))
- {
- _dbus_verbose ("could not parse string as a UID\n");
- return FALSE;
- }
-
- if (end != _dbus_string_get_length (uid_str))
- {
- _dbus_verbose ("string contained trailing stuff after UID\n");
- return FALSE;
- }
+/**
+ * Gets user info for the given user ID.
+ *
+ * @param info user info object to initialize
+ * @param uid the user ID
+ * @param error error return
+ * @returns #TRUE on success
+ */
+dbus_bool_t
+_dbus_user_info_fill_uid (DBusUserInfo *info,
+ dbus_uid_t uid,
+ DBusError *error)
+{
+ return fill_user_info (info, uid,
+ NULL, error);
+}
- credentials->uid = uid;
+/**
+ * Frees the members of info
+ * (but not info itself)
+ * @param info the user info struct
+ */
+void
+_dbus_user_info_free (DBusUserInfo *info)
+{
+ dbus_free (info->group_ids);
+ dbus_free (info->username);
+ dbus_free (info->homedir);
+}
- return TRUE;
+/**
+ * Sets fields in DBusCredentials to DBUS_PID_UNSET,
+ * DBUS_UID_UNSET, DBUS_GID_UNSET.
+ *
+ * @param credentials the credentials object to fill in
+ */
+void
+_dbus_credentials_clear (DBusCredentials *credentials)
+{
+ credentials->pid = DBUS_PID_UNSET;
+ credentials->uid = DBUS_UID_UNSET;
+ credentials->gid = DBUS_GID_UNSET;
}
/**
void
_dbus_credentials_from_current_process (DBusCredentials *credentials)
{
+ /* The POSIX spec certainly doesn't promise this, but
+ * we need these assertions to fail as soon as we're wrong about
+ * it so we can do the porting fixups
+ */
+ _dbus_assert (sizeof (pid_t) <= sizeof (credentials->pid));
+ _dbus_assert (sizeof (uid_t) <= sizeof (credentials->uid));
+ _dbus_assert (sizeof (gid_t) <= sizeof (credentials->gid));
+
credentials->pid = getpid ();
credentials->uid = getuid ();
credentials->gid = getgid ();
_dbus_credentials_match (const DBusCredentials *expected_credentials,
const DBusCredentials *provided_credentials)
{
- if (provided_credentials->uid < 0)
+ if (provided_credentials->uid == DBUS_UID_UNSET)
return FALSE;
- else if (expected_credentials->uid < 0)
+ else if (expected_credentials->uid == DBUS_UID_UNSET)
return FALSE;
else if (provided_credentials->uid == 0)
return TRUE;
}
/**
- * Appends the uid of the current process to the given string.
- *
- * @param str the string to append to
- * @returns #TRUE on success
+ * Gets our process ID
+ * @returns process ID
*/
-dbus_bool_t
-_dbus_string_append_our_uid (DBusString *str)
+unsigned long
+_dbus_getpid (void)
+{
+ return getpid ();
+}
+
+/** Gets our UID
+ * @returns process UID
+ */
+dbus_uid_t
+_dbus_getuid (void)
+{
+ return getuid ();
+}
+
+#ifdef DBUS_BUILD_TESTS
+/** Gets our GID
+ * @returns process GID
+ */
+dbus_gid_t
+_dbus_getgid (void)
{
- return _dbus_string_append_int (str, getuid ());
+ return getgid ();
}
+#endif
+_DBUS_DEFINE_GLOBAL_LOCK (atomic);
-static DBusMutex *atomic_lock = NULL;
-DBusMutex *_dbus_atomic_init_lock (void);
-DBusMutex *
-_dbus_atomic_init_lock (void)
+#ifdef DBUS_USE_ATOMIC_INT_486
+/* Taken from CVS version 1.7 of glibc's sysdeps/i386/i486/atomicity.h */
+/* Since the asm stuff here is gcc-specific we go ahead and use "inline" also */
+static inline dbus_int32_t
+atomic_exchange_and_add (DBusAtomic *atomic,
+ volatile dbus_int32_t val)
{
- atomic_lock = dbus_mutex_new ();
- return atomic_lock;
+ register dbus_int32_t result;
+
+ __asm__ __volatile__ ("lock; xaddl %0,%1"
+ : "=r" (result), "=m" (atomic->value)
+ : "0" (val), "m" (atomic->value));
+ return result;
}
+#endif
/**
* Atomically increments an integer
*
* @param atomic pointer to the integer to increment
- * @returns the value after incrementing
+ * @returns the value before incrementing
*
* @todo implement arch-specific faster atomic ops
*/
-dbus_atomic_t
-_dbus_atomic_inc (dbus_atomic_t *atomic)
+dbus_int32_t
+_dbus_atomic_inc (DBusAtomic *atomic)
{
- dbus_atomic_t res;
-
- dbus_mutex_lock (atomic_lock);
- *atomic += 1;
- res = *atomic;
- dbus_mutex_unlock (atomic_lock);
+#ifdef DBUS_USE_ATOMIC_INT_486
+ return atomic_exchange_and_add (atomic, 1);
+#else
+ dbus_int32_t res;
+ _DBUS_LOCK (atomic);
+ res = atomic->value;
+ atomic->value += 1;
+ _DBUS_UNLOCK (atomic);
return res;
+#endif
}
/**
* Atomically decrement an integer
*
* @param atomic pointer to the integer to decrement
- * @returns the value after decrementing
+ * @returns the value before decrementing
*
* @todo implement arch-specific faster atomic ops
*/
-dbus_atomic_t
-_dbus_atomic_dec (dbus_atomic_t *atomic)
+dbus_int32_t
+_dbus_atomic_dec (DBusAtomic *atomic)
{
- dbus_atomic_t res;
+#ifdef DBUS_USE_ATOMIC_INT_486
+ return atomic_exchange_and_add (atomic, -1);
+#else
+ dbus_int32_t res;
- dbus_mutex_lock (atomic_lock);
- *atomic -= 1;
- res = *atomic;
- dbus_mutex_unlock (atomic_lock);
+ _DBUS_LOCK (atomic);
+ res = atomic->value;
+ atomic->value -= 1;
+ _DBUS_UNLOCK (atomic);
return res;
+#endif
}
/**
* Wrapper for poll().
*
- * @todo need a fallback implementation using select()
- *
* @param fds the file descriptors to poll
* @param n_fds number of descriptors in the array
* @param timeout_milliseconds timeout or -1 for infinite
return -1;
}
#else /* ! HAVE_POLL */
- _dbus_warn ("need to implement select() fallback for systems with no poll()\n");
- return -1;
+
+ fd_set read_set, write_set, err_set;
+ int max_fd = 0;
+ int i;
+ struct timeval tv;
+ int ready;
+
+ FD_ZERO (&read_set);
+ FD_ZERO (&write_set);
+ FD_ZERO (&err_set);
+
+ for (i = 0; i < n_fds; i++)
+ {
+ DBusPollFD *fdp = &fds[i];
+
+ if (fdp->events & _DBUS_POLLIN)
+ FD_SET (fdp->fd, &read_set);
+
+ if (fdp->events & _DBUS_POLLOUT)
+ FD_SET (fdp->fd, &write_set);
+
+ FD_SET (fdp->fd, &err_set);
+
+ max_fd = MAX (max_fd, fdp->fd);
+ }
+
+ tv.tv_sec = timeout_milliseconds / 1000;
+ tv.tv_usec = (timeout_milliseconds % 1000) * 1000;
+
+ ready = select (max_fd + 1, &read_set, &write_set, &err_set,
+ timeout_milliseconds < 0 ? NULL : &tv);
+
+ if (ready > 0)
+ {
+ for (i = 0; i < n_fds; i++)
+ {
+ DBusPollFD *fdp = &fds[i];
+
+ fdp->revents = 0;
+
+ if (FD_ISSET (fdp->fd, &read_set))
+ fdp->revents |= _DBUS_POLLIN;
+
+ if (FD_ISSET (fdp->fd, &write_set))
+ fdp->revents |= _DBUS_POLLOUT;
+
+ if (FD_ISSET (fdp->fd, &err_set))
+ fdp->revents |= _DBUS_POLLERR;
+ }
+ }
+
+ return ready;
#endif
}
/**
* Appends the contents of the given file to the string,
- * returning result code. At the moment, won't open a file
+ * returning error code. At the moment, won't open a file
* more than a megabyte in size.
*
* @param str the string to append to
* @param filename filename to load
- * @returns result
+ * @param error place to set an error
+ * @returns #FALSE if error was set
*/
-DBusResultCode
+dbus_bool_t
_dbus_file_get_contents (DBusString *str,
- const DBusString *filename)
+ const DBusString *filename,
+ DBusError *error)
{
int fd;
struct stat sb;
int total;
const char *filename_c;
- _dbus_string_get_const_data (filename, &filename_c);
+ _DBUS_ASSERT_ERROR_IS_CLEAR (error);
+
+ filename_c = _dbus_string_get_const_data (filename);
/* O_BINARY useful on Cygwin */
fd = open (filename_c, O_RDONLY | O_BINARY);
if (fd < 0)
- return _dbus_result_from_errno (errno);
+ {
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "Failed to open \"%s\": %s",
+ filename_c,
+ _dbus_strerror (errno));
+ return FALSE;
+ }
if (fstat (fd, &sb) < 0)
{
- DBusResultCode result;
-
- result = _dbus_result_from_errno (errno); /* prior to close() */
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "Failed to stat \"%s\": %s",
+ filename_c,
+ _dbus_strerror (errno));
_dbus_verbose ("fstat() failed: %s",
_dbus_strerror (errno));
close (fd);
- return result;
+ return FALSE;
}
if (sb.st_size > _DBUS_ONE_MEGABYTE)
{
- _dbus_verbose ("File size %lu is too large.\n",
- (unsigned long) sb.st_size);
+ dbus_set_error (error, DBUS_ERROR_FAILED,
+ "File size %lu of \"%s\" is too large.",
+ (unsigned long) sb.st_size, filename_c);
close (fd);
- return DBUS_RESULT_FAILED;
+ return FALSE;
}
total = 0;
sb.st_size - total);
if (bytes_read <= 0)
{
- DBusResultCode result;
-
- result = _dbus_result_from_errno (errno); /* prior to close() */
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "Error reading \"%s\": %s",
+ filename_c,
+ _dbus_strerror (errno));
_dbus_verbose ("read() failed: %s",
_dbus_strerror (errno));
close (fd);
_dbus_string_set_length (str, orig_len);
- return result;
+ return FALSE;
}
else
total += bytes_read;
}
close (fd);
- return DBUS_RESULT_SUCCESS;
+ return TRUE;
}
else if (sb.st_size != 0)
{
_dbus_verbose ("Can only open regular files at the moment.\n");
+ dbus_set_error (error, DBUS_ERROR_FAILED,
+ "\"%s\" is not a regular file",
+ filename_c);
close (fd);
- return DBUS_RESULT_FAILED;
+ return FALSE;
}
else
{
close (fd);
- return DBUS_RESULT_SUCCESS;
+ return TRUE;
}
}
/**
- * Writes a string out to a file.
+ * Writes a string out to a file. If the file exists,
+ * it will be atomically overwritten by the new data.
*
* @param str the string to write out
* @param filename the file to save string to
- * @returns result code
+ * @param error error to be filled in on failure
+ * @returns #FALSE on failure
*/
-DBusResultCode
+dbus_bool_t
_dbus_string_save_to_file (const DBusString *str,
- const DBusString *filename)
+ const DBusString *filename,
+ DBusError *error)
{
int fd;
int bytes_to_write;
const char *filename_c;
+ DBusString tmp_filename;
+ const char *tmp_filename_c;
int total;
+ dbus_bool_t need_unlink;
+ dbus_bool_t retval;
- _dbus_string_get_const_data (filename, &filename_c);
+ _DBUS_ASSERT_ERROR_IS_CLEAR (error);
- fd = open (filename_c, O_WRONLY | O_BINARY | O_EXCL | O_CREAT,
+ fd = -1;
+ retval = FALSE;
+ need_unlink = FALSE;
+
+ if (!_dbus_string_init (&tmp_filename))
+ {
+ dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
+ return FALSE;
+ }
+
+ if (!_dbus_string_copy (filename, 0, &tmp_filename, 0))
+ {
+ dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
+ _dbus_string_free (&tmp_filename);
+ return FALSE;
+ }
+
+ if (!_dbus_string_append (&tmp_filename, "."))
+ {
+ dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
+ _dbus_string_free (&tmp_filename);
+ return FALSE;
+ }
+
+#define N_TMP_FILENAME_RANDOM_BYTES 8
+ if (!_dbus_generate_random_ascii (&tmp_filename, N_TMP_FILENAME_RANDOM_BYTES))
+ {
+ dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
+ _dbus_string_free (&tmp_filename);
+ return FALSE;
+ }
+
+ filename_c = _dbus_string_get_const_data (filename);
+ tmp_filename_c = _dbus_string_get_const_data (&tmp_filename);
+
+ fd = open (tmp_filename_c, O_WRONLY | O_BINARY | O_EXCL | O_CREAT,
0600);
if (fd < 0)
- return _dbus_result_from_errno (errno);
+ {
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "Could not create %s: %s", tmp_filename_c,
+ _dbus_strerror (errno));
+ goto out;
+ }
+ need_unlink = TRUE;
+
total = 0;
bytes_to_write = _dbus_string_get_length (str);
if (bytes_written <= 0)
{
- DBusResultCode result;
-
- result = _dbus_result_from_errno (errno); /* prior to close() */
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "Could not write to %s: %s", tmp_filename_c,
+ _dbus_strerror (errno));
- _dbus_verbose ("write() failed: %s",
- _dbus_strerror (errno));
-
- close (fd);
- return result;
+ goto out;
}
total += bytes_written;
}
- close (fd);
- return DBUS_RESULT_SUCCESS;
+ if (close (fd) < 0)
+ {
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "Could not close file %s: %s",
+ tmp_filename_c, _dbus_strerror (errno));
+
+ goto out;
+ }
+
+ fd = -1;
+
+ if (rename (tmp_filename_c, filename_c) < 0)
+ {
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "Could not rename %s to %s: %s",
+ tmp_filename_c, filename_c,
+ _dbus_strerror (errno));
+
+ goto out;
+ }
+
+ need_unlink = FALSE;
+
+ retval = TRUE;
+
+ out:
+ /* close first, then unlink, to prevent ".nfs34234235" garbage
+ * files
+ */
+
+ if (fd >= 0)
+ close (fd);
+
+ if (need_unlink && unlink (tmp_filename_c) < 0)
+ _dbus_verbose ("Failed to unlink temp file %s: %s\n",
+ tmp_filename_c, _dbus_strerror (errno));
+
+ _dbus_string_free (&tmp_filename);
+
+ if (!retval)
+ _DBUS_ASSERT_ERROR_IS_SET (error);
+
+ return retval;
+}
+
+/** Creates the given file, failing if the file already exists.
+ *
+ * @param filename the filename
+ * @param error error location
+ * @returns #TRUE if we created the file and it didn't exist
+ */
+dbus_bool_t
+_dbus_create_file_exclusively (const DBusString *filename,
+ DBusError *error)
+{
+ int fd;
+ const char *filename_c;
+
+ _DBUS_ASSERT_ERROR_IS_CLEAR (error);
+
+ filename_c = _dbus_string_get_const_data (filename);
+
+ fd = open (filename_c, O_WRONLY | O_BINARY | O_EXCL | O_CREAT,
+ 0600);
+ if (fd < 0)
+ {
+ dbus_set_error (error,
+ DBUS_ERROR_FAILED,
+ "Could not create file %s: %s\n",
+ filename_c,
+ _dbus_strerror (errno));
+ return FALSE;
+ }
+
+ if (close (fd) < 0)
+ {
+ dbus_set_error (error,
+ DBUS_ERROR_FAILED,
+ "Could not close file %s: %s\n",
+ filename_c,
+ _dbus_strerror (errno));
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+/**
+ * Deletes the given file.
+ *
+ * @param filename the filename
+ * @param error error location
+ *
+ * @returns #TRUE if unlink() succeeded
+ */
+dbus_bool_t
+_dbus_delete_file (const DBusString *filename,
+ DBusError *error)
+{
+ const char *filename_c;
+
+ _DBUS_ASSERT_ERROR_IS_CLEAR (error);
+
+ filename_c = _dbus_string_get_const_data (filename);
+
+ if (unlink (filename_c) < 0)
+ {
+ dbus_set_error (error, DBUS_ERROR_FAILED,
+ "Failed to delete file %s: %s\n",
+ filename_c, _dbus_strerror (errno));
+ return FALSE;
+ }
+ else
+ return TRUE;
+}
+
+/**
+ * Creates a directory; succeeds if the directory
+ * is created or already existed.
+ *
+ * @param filename directory filename
+ * @param error initialized error object
+ * @returns #TRUE on success
+ */
+dbus_bool_t
+_dbus_create_directory (const DBusString *filename,
+ DBusError *error)
+{
+ const char *filename_c;
+
+ _DBUS_ASSERT_ERROR_IS_CLEAR (error);
+
+ filename_c = _dbus_string_get_const_data (filename);
+
+ if (mkdir (filename_c, 0700) < 0)
+ {
+ if (errno == EEXIST)
+ return TRUE;
+
+ dbus_set_error (error, DBUS_ERROR_FAILED,
+ "Failed to create directory %s: %s\n",
+ filename_c, _dbus_strerror (errno));
+ return FALSE;
+ }
+ else
+ return TRUE;
}
/**
* Appends the given filename to the given directory.
*
+ * @todo it might be cute to collapse multiple '/' such as "foo//"
+ * concat "//bar"
+ *
* @param dir the directory name
* @param next_component the filename
* @returns #TRUE on success
_dbus_string_get_length (dir));
}
-struct DBusDirIter
+static void
+pseudorandom_generate_random_bytes_buffer (char *buffer,
+ int n_bytes)
+{
+ unsigned long tv_usec;
+ int i;
+
+ /* fall back to pseudorandom */
+ _dbus_verbose ("Falling back to pseudorandom for %d bytes\n",
+ n_bytes);
+
+ _dbus_get_current_time (NULL, &tv_usec);
+ srand (tv_usec);
+
+ i = 0;
+ while (i < n_bytes)
+ {
+ double r;
+ unsigned int b;
+
+ r = rand ();
+ b = (r / (double) RAND_MAX) * 255.0;
+
+ buffer[i] = b;
+
+ ++i;
+ }
+}
+
+static dbus_bool_t
+pseudorandom_generate_random_bytes (DBusString *str,
+ int n_bytes)
{
- DIR *d;
+ int old_len;
+ char *p;
-};
+ old_len = _dbus_string_get_length (str);
+
+ if (!_dbus_string_lengthen (str, n_bytes))
+ return FALSE;
+
+ p = _dbus_string_get_data_len (str, old_len, n_bytes);
+
+ pseudorandom_generate_random_bytes_buffer (p, n_bytes);
+
+ return TRUE;
+}
/**
- * Open a directory to iterate over.
+ * Fills n_bytes of the given buffer with random bytes.
*
- * @param filename the directory name
- * @param result return location for error code if #NULL returned
- * @returns new iterator, or #NULL on error
+ * @param buffer an allocated buffer
+ * @param n_bytes the number of bytes in buffer to write to
*/
-DBusDirIter*
-_dbus_directory_open (const DBusString *filename,
- DBusResultCode *result)
+void
+_dbus_generate_random_bytes_buffer (char *buffer,
+ int n_bytes)
{
- DIR *d;
- DBusDirIter *iter;
- const char *filename_c;
+ DBusString str;
+
+ if (!_dbus_string_init (&str))
+ {
+ pseudorandom_generate_random_bytes_buffer (buffer, n_bytes);
+ return;
+ }
+
+ if (!_dbus_generate_random_bytes (&str, n_bytes))
+ {
+ _dbus_string_free (&str);
+ pseudorandom_generate_random_bytes_buffer (buffer, n_bytes);
+ return;
+ }
+
+ _dbus_string_copy_to_buffer (&str, buffer, n_bytes);
+
+ _dbus_string_free (&str);
+}
- _dbus_string_get_const_data (filename, &filename_c);
+/**
+ * Generates the given number of random bytes,
+ * using the best mechanism we can come up with.
+ *
+ * @param str the string
+ * @param n_bytes the number of random bytes to append to string
+ * @returns #TRUE on success, #FALSE if no memory
+ */
+dbus_bool_t
+_dbus_generate_random_bytes (DBusString *str,
+ int n_bytes)
+{
+ int old_len;
+ int fd;
+
+ /* FALSE return means "no memory", if it could
+ * mean something else then we'd need to return
+ * a DBusError. So we always fall back to pseudorandom
+ * if the I/O fails.
+ */
+
+ old_len = _dbus_string_get_length (str);
+ fd = -1;
- d = opendir (filename_c);
- if (d == NULL)
+ /* note, urandom on linux will fall back to pseudorandom */
+ fd = open ("/dev/urandom", O_RDONLY);
+ if (fd < 0)
+ return pseudorandom_generate_random_bytes (str, n_bytes);
+
+ if (_dbus_read (fd, str, n_bytes) != n_bytes)
{
- dbus_set_result (result, _dbus_result_from_errno (errno));
- return NULL;
+ close (fd);
+ _dbus_string_set_length (str, old_len);
+ return pseudorandom_generate_random_bytes (str, n_bytes);
}
+
+ _dbus_verbose ("Read %d bytes from /dev/urandom\n",
+ n_bytes);
- iter = dbus_new0 (DBusDirIter, 1);
- if (iter == NULL)
+ close (fd);
+
+ return TRUE;
+}
+
+/**
+ * Generates the given number of random bytes, where the bytes are
+ * chosen from the alphanumeric ASCII subset.
+ *
+ * @param str the string
+ * @param n_bytes the number of random ASCII bytes to append to string
+ * @returns #TRUE on success, #FALSE if no memory or other failure
+ */
+dbus_bool_t
+_dbus_generate_random_ascii (DBusString *str,
+ int n_bytes)
+{
+ static const char letters[] =
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz";
+ int i;
+ int len;
+
+ if (!_dbus_generate_random_bytes (str, n_bytes))
+ return FALSE;
+
+ len = _dbus_string_get_length (str);
+ i = len - n_bytes;
+ while (i < len)
{
- closedir (d);
- dbus_set_result (result, DBUS_RESULT_NO_MEMORY);
- return NULL;
+ _dbus_string_set_byte (str, i,
+ letters[_dbus_string_get_byte (str, i) %
+ (sizeof (letters) - 1)]);
+
+ ++i;
}
- iter->d = d;
+ _dbus_assert (_dbus_string_validate_ascii (str, len - n_bytes,
+ n_bytes));
- return iter;
+ return TRUE;
}
/**
- * Get next file in the directory. Will not return "." or ".."
- * on UNIX. If an error occurs, the contents of "filename"
- * are undefined. #DBUS_RESULT_SUCCESS is always returned
- * in result if no error occurs.
+ * A wrapper around strerror() because some platforms
+ * may be lame and not have strerror().
*
- * @todo for thread safety, I think we have to use
- * readdir_r(). (GLib has the same issue, should file a bug.)
+ * @param error_number errno.
+ * @returns error description.
+ */
+const char*
+_dbus_strerror (int error_number)
+{
+ const char *msg;
+
+ msg = strerror (error_number);
+ if (msg == NULL)
+ msg = "unknown";
+
+ return msg;
+}
+
+/**
+ * signal (SIGPIPE, SIG_IGN);
+ */
+void
+_dbus_disable_sigpipe (void)
+{
+ signal (SIGPIPE, SIG_IGN);
+}
+
+/**
+ * Sets the file descriptor to be close
+ * on exec. Should be called for all file
+ * descriptors in D-BUS code.
*
- * @param iter the iterator
- * @param filename string to be set to the next file in the dir
- * @param result return location for error, or #DBUS_RESULT_SUCCESS
- * @returns #TRUE if filename was filled in with a new filename
+ * @param fd the file descriptor
*/
-dbus_bool_t
-_dbus_directory_get_next_file (DBusDirIter *iter,
- DBusString *filename,
- DBusResultCode *result)
+void
+_dbus_fd_set_close_on_exec (int fd)
{
- /* we always have to put something in result, since return
- * value means whether there's a filename and doesn't
- * reliably indicate whether an error was set.
- */
- struct dirent *ent;
+ int val;
+
+ val = fcntl (fd, F_GETFD, 0);
- dbus_set_result (result, DBUS_RESULT_SUCCESS);
+ if (val < 0)
+ return;
+ val |= FD_CLOEXEC;
+
+ fcntl (fd, F_SETFD, val);
+}
+
+/**
+ * Converts a UNIX errno into a #DBusError name.
+ *
+ * @todo should cover more errnos, specifically those
+ * from open().
+ *
+ * @param error_number the errno.
+ * @returns an error name
+ */
+const char*
+_dbus_error_from_errno (int error_number)
+{
+ switch (error_number)
+ {
+ case 0:
+ return DBUS_ERROR_FAILED;
+
+#ifdef EPROTONOSUPPORT
+ case EPROTONOSUPPORT:
+ return DBUS_ERROR_NOT_SUPPORTED;
+#endif
+#ifdef EAFNOSUPPORT
+ case EAFNOSUPPORT:
+ return DBUS_ERROR_NOT_SUPPORTED;
+#endif
+#ifdef ENFILE
+ case ENFILE:
+ return DBUS_ERROR_LIMITS_EXCEEDED; /* kernel out of memory */
+#endif
+#ifdef EMFILE
+ case EMFILE:
+ return DBUS_ERROR_LIMITS_EXCEEDED;
+#endif
+#ifdef EACCES
+ case EACCES:
+ return DBUS_ERROR_ACCESS_DENIED;
+#endif
+#ifdef EPERM
+ case EPERM:
+ return DBUS_ERROR_ACCESS_DENIED;
+#endif
+#ifdef ENOBUFS
+ case ENOBUFS:
+ return DBUS_ERROR_NO_MEMORY;
+#endif
+#ifdef ENOMEM
+ case ENOMEM:
+ return DBUS_ERROR_NO_MEMORY;
+#endif
+#ifdef EINVAL
+ case EINVAL:
+ return DBUS_ERROR_FAILED;
+#endif
+#ifdef EBADF
+ case EBADF:
+ return DBUS_ERROR_FAILED;
+#endif
+#ifdef EFAULT
+ case EFAULT:
+ return DBUS_ERROR_FAILED;
+#endif
+#ifdef ENOTSOCK
+ case ENOTSOCK:
+ return DBUS_ERROR_FAILED;
+#endif
+#ifdef EISCONN
+ case EISCONN:
+ return DBUS_ERROR_FAILED;
+#endif
+#ifdef ECONNREFUSED
+ case ECONNREFUSED:
+ return DBUS_ERROR_NO_SERVER;
+#endif
+#ifdef ETIMEDOUT
+ case ETIMEDOUT:
+ return DBUS_ERROR_TIMEOUT;
+#endif
+#ifdef ENETUNREACH
+ case ENETUNREACH:
+ return DBUS_ERROR_NO_NETWORK;
+#endif
+#ifdef EADDRINUSE
+ case EADDRINUSE:
+ return DBUS_ERROR_ADDRESS_IN_USE;
+#endif
+#ifdef EEXIST
+ case EEXIST:
+ return DBUS_ERROR_FILE_NOT_FOUND;
+#endif
+#ifdef ENOENT
+ case ENOENT:
+ return DBUS_ERROR_FILE_NOT_FOUND;
+#endif
+ }
+
+ return DBUS_ERROR_FAILED;
+}
+
+/**
+ * Exit the process, returning the given value.
+ *
+ * @param code the exit code
+ */
+void
+_dbus_exit (int code)
+{
+ _exit (code);
+}
+
+/**
+ * Closes a file descriptor.
+ *
+ * @param fd the file descriptor
+ * @param error error object
+ * @returns #FALSE if error set
+ */
+dbus_bool_t
+_dbus_close (int fd,
+ DBusError *error)
+{
+ _DBUS_ASSERT_ERROR_IS_CLEAR (error);
+
again:
- errno = 0;
- ent = readdir (iter->d);
- if (ent == NULL)
+ if (close (fd) < 0)
{
- dbus_set_result (result,
- _dbus_result_from_errno (errno));
+ if (errno == EINTR)
+ goto again;
+
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "Could not close fd %d", fd);
return FALSE;
}
- else if (ent->d_name[0] == '.' &&
- (ent->d_name[1] == '\0' ||
- (ent->d_name[1] == '.' && ent->d_name[2] == '\0')))
- goto again;
- else
+
+ return TRUE;
+}
+
+/**
+ * Sets a file descriptor to be nonblocking.
+ *
+ * @param fd the file descriptor.
+ * @param error address of error location.
+ * @returns #TRUE on success.
+ */
+dbus_bool_t
+_dbus_set_fd_nonblocking (int fd,
+ DBusError *error)
+{
+ int val;
+
+ _DBUS_ASSERT_ERROR_IS_CLEAR (error);
+
+ val = fcntl (fd, F_GETFL, 0);
+ if (val < 0)
{
- _dbus_string_set_length (filename, 0);
- if (!_dbus_string_append (filename, ent->d_name))
- {
- dbus_set_result (result, DBUS_RESULT_NO_MEMORY);
- return FALSE;
- }
- else
- return TRUE;
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "Failed to get flags from file descriptor %d: %s",
+ fd, _dbus_strerror (errno));
+ _dbus_verbose ("Failed to get flags for fd %d: %s\n", fd,
+ _dbus_strerror (errno));
+ return FALSE;
}
+
+ if (fcntl (fd, F_SETFL, val | O_NONBLOCK) < 0)
+ {
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "Failed to set nonblocking flag of file descriptor %d: %s",
+ fd, _dbus_strerror (errno));
+ _dbus_verbose ("Failed to set fd %d nonblocking: %s\n",
+ fd, _dbus_strerror (errno));
+
+ return FALSE;
+ }
+
+ return TRUE;
}
+#if !defined (DBUS_DISABLE_ASSERT) || defined(DBUS_BUILD_TESTS)
/**
- * Closes a directory iteration.
+ * On GNU libc systems, print a crude backtrace to the verbose log.
+ * On other systems, print "no backtrace support"
+ *
*/
void
-_dbus_directory_close (DBusDirIter *iter)
+_dbus_print_backtrace (void)
{
- closedir (iter->d);
- dbus_free (iter);
+#if defined (HAVE_BACKTRACE) && defined (DBUS_ENABLE_VERBOSE_MODE)
+ void *bt[500];
+ int bt_size;
+ int i;
+ char **syms;
+
+ bt_size = backtrace (bt, 500);
+
+ syms = backtrace_symbols (bt, bt_size);
+
+ i = 0;
+ while (i < bt_size)
+ {
+ _dbus_verbose (" %s\n", syms[i]);
+ ++i;
+ }
+
+ free (syms);
+#else
+ _dbus_verbose (" D-BUS not compiled with backtrace support\n");
+#endif
}
+#endif /* asserts or tests enabled */
+
/**
- * Generates the given number of random bytes,
- * using the best mechanism we can come up with.
+ * Gets a UID from a UID string.
*
- * @param str the string
- * @param n_bytes the number of random bytes to append to string
- * @returns #TRUE on success, #FALSE if no memory or other failure
+ * @param uid_str the UID in string form
+ * @param uid UID to fill in
+ * @returns #TRUE if successfully filled in UID
*/
dbus_bool_t
-_dbus_generate_random_bytes (DBusString *str,
- int n_bytes)
+_dbus_parse_uid (const DBusString *uid_str,
+ dbus_uid_t *uid)
{
- int old_len;
- int fd;
+ int end;
+ long val;
- old_len = _dbus_string_get_length (str);
- fd = -1;
-
- /* note, urandom on linux will fall back to pseudorandom */
- fd = open ("/dev/urandom", O_RDONLY);
- if (fd < 0)
+ if (_dbus_string_get_length (uid_str) == 0)
{
- unsigned long tv_usec;
- int i;
-
- /* fall back to pseudorandom */
-
- _dbus_get_current_time (NULL, &tv_usec);
- srand (tv_usec);
-
- i = 0;
- while (i < n_bytes)
- {
- double r;
- int b;
-
- r = rand ();
- b = (r / (double) RAND_MAX) * 255.0;
-
- if (!_dbus_string_append_byte (str, b))
- goto failed;
-
- ++i;
- }
+ _dbus_verbose ("UID string was zero length\n");
+ return FALSE;
+ }
- return TRUE;
+ val = -1;
+ end = 0;
+ if (!_dbus_string_parse_int (uid_str, 0, &val,
+ &end))
+ {
+ _dbus_verbose ("could not parse string as a UID\n");
+ return FALSE;
}
- else
+
+ if (end != _dbus_string_get_length (uid_str))
{
- if (_dbus_read (fd, str, n_bytes) != n_bytes)
- goto failed;
+ _dbus_verbose ("string contained trailing stuff after UID\n");
+ return FALSE;
+ }
- close (fd);
+ *uid = val;
- return TRUE;
+ return TRUE;
+}
+
+/**
+ * Creates a full-duplex pipe (as in socketpair()).
+ * Sets both ends of the pipe nonblocking.
+ *
+ * @todo libdbus only uses this for the debug-pipe server, so in
+ * principle it could be in dbus-sysdeps-util.c, except that
+ * dbus-sysdeps-util.c isn't in libdbus when tests are enabled and the
+ * debug-pipe server is used.
+ *
+ * @param fd1 return location for one end
+ * @param fd2 return location for the other end
+ * @param blocking #TRUE if pipe should be blocking
+ * @param error error return
+ * @returns #FALSE on failure (if error is set)
+ */
+dbus_bool_t
+_dbus_full_duplex_pipe (int *fd1,
+ int *fd2,
+ dbus_bool_t blocking,
+ DBusError *error)
+{
+#ifdef HAVE_SOCKETPAIR
+ int fds[2];
+
+ _DBUS_ASSERT_ERROR_IS_CLEAR (error);
+
+ if (socketpair (AF_UNIX, SOCK_STREAM, 0, fds) < 0)
+ {
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "Could not create full-duplex pipe");
+ return FALSE;
}
- failed:
- _dbus_string_set_length (str, old_len);
- if (fd >= 0)
- close (fd);
+ if (!blocking &&
+ (!_dbus_set_fd_nonblocking (fds[0], NULL) ||
+ !_dbus_set_fd_nonblocking (fds[1], NULL)))
+ {
+ dbus_set_error (error, _dbus_error_from_errno (errno),
+ "Could not set full-duplex pipe nonblocking");
+
+ close (fds[0]);
+ close (fds[1]);
+
+ return FALSE;
+ }
+
+ *fd1 = fds[0];
+ *fd2 = fds[1];
+
+ _dbus_verbose ("full-duplex pipe %d <-> %d\n",
+ *fd1, *fd2);
+
+ return TRUE;
+#else
+ _dbus_warn ("_dbus_full_duplex_pipe() not implemented on this OS\n");
+ dbus_set_error (error, DBUS_ERROR_FAILED,
+ "_dbus_full_duplex_pipe() not implemented on this OS");
return FALSE;
+#endif
}
/** @} end of sysdeps */
+
+/* tests in dbus-sysdeps-util.c */