1 /* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
2 /* dbus-sysdeps-unix.c Wrappers around UNIX system/libc features (internal to D-Bus implementation)
4 * Copyright (C) 2002, 2003, 2006 Red Hat, Inc.
5 * Copyright (C) 2003 CodeFactory AB
7 * Licensed under the Academic Free License version 2.1
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
27 #include "dbus-internals.h"
28 #include "dbus-sysdeps.h"
29 #include "dbus-sysdeps-unix.h"
30 #include "dbus-threads.h"
31 #include "dbus-protocol.h"
32 #include "dbus-transport.h"
33 #include "dbus-string.h"
34 #include "dbus-userdb.h"
35 #include "dbus-list.h"
36 #include "dbus-credentials.h"
37 #include "dbus-nonce.h"
39 #include <sys/types.h>
46 #include <sys/socket.h>
55 #include <netinet/in.h>
71 #ifdef HAVE_GETPEERUCRED
79 #include "sd-daemon.h"
86 #define AI_ADDRCONFIG 0
89 #ifndef HAVE_SOCKLEN_T
94 _dbus_open_socket (int *fd_p,
101 dbus_bool_t cloexec_done;
103 *fd_p = socket (domain, type | SOCK_CLOEXEC, protocol);
104 cloexec_done = *fd_p >= 0;
106 /* Check if kernel seems to be too old to know SOCK_CLOEXEC */
107 if (*fd_p < 0 && errno == EINVAL)
110 *fd_p = socket (domain, type, protocol);
119 _dbus_fd_set_close_on_exec(*fd_p);
122 _dbus_verbose ("socket fd %d opened\n", *fd_p);
127 dbus_set_error(error,
128 _dbus_error_from_errno (errno),
129 "Failed to open socket: %s",
130 _dbus_strerror (errno));
136 * Opens a UNIX domain socket (as in the socket() call).
137 * Does not bind the socket.
139 * This will set FD_CLOEXEC for the socket returned
141 * @param fd return location for socket descriptor
142 * @param error return location for an error
143 * @returns #FALSE if error is set
146 _dbus_open_unix_socket (int *fd,
149 return _dbus_open_socket(fd, PF_UNIX, SOCK_STREAM, 0, error);
153 * Closes a socket. Should not be used on non-socket
154 * file descriptors or handles.
156 * @param fd the socket
157 * @param error return location for an error
158 * @returns #FALSE if error is set
161 _dbus_close_socket (int fd,
164 return _dbus_close (fd, error);
168 * Like _dbus_read(), but only works on sockets so is
169 * available on Windows.
171 * @param fd the socket
172 * @param buffer string to append data to
173 * @param count max amount of data to read
174 * @returns number of bytes appended to the string
177 _dbus_read_socket (int fd,
181 return _dbus_read (fd, buffer, count);
185 * Like _dbus_write(), but only supports sockets
186 * and is thus available on Windows.
188 * @param fd the file descriptor to write
189 * @param buffer the buffer to write data from
190 * @param start the first byte in the buffer to write
191 * @param len the number of bytes to try to write
192 * @returns the number of bytes written or -1 on error
195 _dbus_write_socket (int fd,
196 const DBusString *buffer,
200 #if HAVE_DECL_MSG_NOSIGNAL
204 data = _dbus_string_get_const_data_len (buffer, start, len);
208 bytes_written = send (fd, data, len, MSG_NOSIGNAL);
210 if (bytes_written < 0 && errno == EINTR)
213 return bytes_written;
216 return _dbus_write (fd, buffer, start, len);
221 * Like _dbus_read_socket() but also tries to read unix fds from the
222 * socket. When there are more fds to read than space in the array
223 * passed this function will fail with ENOSPC.
225 * @param fd the socket
226 * @param buffer string to append data to
227 * @param count max amount of data to read
228 * @param fds array to place read file descriptors in
229 * @param n_fds on input space in fds array, on output how many fds actually got read
230 * @returns number of bytes appended to string
233 _dbus_read_socket_with_unix_fds (int fd,
238 #ifndef HAVE_UNIX_FD_PASSING
241 if ((r = _dbus_read_socket(fd, buffer, count)) < 0)
253 _dbus_assert (count >= 0);
254 _dbus_assert (*n_fds >= 0);
256 start = _dbus_string_get_length (buffer);
258 if (!_dbus_string_lengthen (buffer, count))
265 iov.iov_base = _dbus_string_get_data_len (buffer, start, count);
272 /* Hmm, we have no clue how long the control data will actually be
273 that is queued for us. The least we can do is assume that the
274 caller knows. Hence let's make space for the number of fds that
275 we shall read at max plus the cmsg header. */
276 m.msg_controllen = CMSG_SPACE(*n_fds * sizeof(int));
278 /* It's probably safe to assume that systems with SCM_RIGHTS also
280 m.msg_control = alloca(m.msg_controllen);
281 memset(m.msg_control, 0, m.msg_controllen);
285 bytes_read = recvmsg(fd, &m, 0
286 #ifdef MSG_CMSG_CLOEXEC
297 /* put length back (note that this doesn't actually realloc anything) */
298 _dbus_string_set_length (buffer, start);
305 dbus_bool_t found = FALSE;
307 if (m.msg_flags & MSG_CTRUNC)
309 /* Hmm, apparently the control data was truncated. The bad
310 thing is that we might have completely lost a couple of fds
311 without chance to recover them. Hence let's treat this as a
315 _dbus_string_set_length (buffer, start);
319 for (cm = CMSG_FIRSTHDR(&m); cm; cm = CMSG_NXTHDR(&m, cm))
320 if (cm->cmsg_level == SOL_SOCKET && cm->cmsg_type == SCM_RIGHTS)
324 _dbus_assert(cm->cmsg_len <= CMSG_LEN(*n_fds * sizeof(int)));
325 *n_fds = (cm->cmsg_len - CMSG_LEN(0)) / sizeof(int);
327 memcpy(fds, CMSG_DATA(cm), *n_fds * sizeof(int));
330 /* Linux doesn't tell us whether MSG_CMSG_CLOEXEC actually
331 worked, hence we need to go through this list and set
332 CLOEXEC everywhere in any case */
333 for (i = 0; i < *n_fds; i++)
334 _dbus_fd_set_close_on_exec(fds[i]);
342 /* put length back (doesn't actually realloc) */
343 _dbus_string_set_length (buffer, start + bytes_read);
347 _dbus_verbose_bytes_of_string (buffer, start, bytes_read);
356 _dbus_write_socket_with_unix_fds(int fd,
357 const DBusString *buffer,
363 #ifndef HAVE_UNIX_FD_PASSING
370 return _dbus_write_socket(fd, buffer, start, len);
372 return _dbus_write_socket_with_unix_fds_two(fd, buffer, start, len, NULL, 0, 0, fds, n_fds);
377 _dbus_write_socket_with_unix_fds_two(int fd,
378 const DBusString *buffer1,
381 const DBusString *buffer2,
387 #ifndef HAVE_UNIX_FD_PASSING
394 return _dbus_write_socket_two(fd,
395 buffer1, start1, len1,
396 buffer2, start2, len2);
404 _dbus_assert (len1 >= 0);
405 _dbus_assert (len2 >= 0);
406 _dbus_assert (n_fds >= 0);
409 iov[0].iov_base = (char*) _dbus_string_get_const_data_len (buffer1, start1, len1);
410 iov[0].iov_len = len1;
414 iov[1].iov_base = (char*) _dbus_string_get_const_data_len (buffer2, start2, len2);
415 iov[1].iov_len = len2;
420 m.msg_iovlen = buffer2 ? 2 : 1;
424 m.msg_controllen = CMSG_SPACE(n_fds * sizeof(int));
425 m.msg_control = alloca(m.msg_controllen);
426 memset(m.msg_control, 0, m.msg_controllen);
428 cm = CMSG_FIRSTHDR(&m);
429 cm->cmsg_level = SOL_SOCKET;
430 cm->cmsg_type = SCM_RIGHTS;
431 cm->cmsg_len = CMSG_LEN(n_fds * sizeof(int));
432 memcpy(CMSG_DATA(cm), fds, n_fds * sizeof(int));
437 bytes_written = sendmsg (fd, &m, 0
438 #if HAVE_DECL_MSG_NOSIGNAL
443 if (bytes_written < 0 && errno == EINTR)
447 if (bytes_written > 0)
448 _dbus_verbose_bytes_of_string (buffer, start, bytes_written);
451 return bytes_written;
456 * Like _dbus_write_two() but only works on sockets and is thus
457 * available on Windows.
459 * @param fd the file descriptor
460 * @param buffer1 first buffer
461 * @param start1 first byte to write in first buffer
462 * @param len1 number of bytes to write from first buffer
463 * @param buffer2 second buffer, or #NULL
464 * @param start2 first byte to write in second buffer
465 * @param len2 number of bytes to write in second buffer
466 * @returns total bytes written from both buffers, or -1 on error
469 _dbus_write_socket_two (int fd,
470 const DBusString *buffer1,
473 const DBusString *buffer2,
477 #if HAVE_DECL_MSG_NOSIGNAL
478 struct iovec vectors[2];
484 _dbus_assert (buffer1 != NULL);
485 _dbus_assert (start1 >= 0);
486 _dbus_assert (start2 >= 0);
487 _dbus_assert (len1 >= 0);
488 _dbus_assert (len2 >= 0);
490 data1 = _dbus_string_get_const_data_len (buffer1, start1, len1);
493 data2 = _dbus_string_get_const_data_len (buffer2, start2, len2);
501 vectors[0].iov_base = (char*) data1;
502 vectors[0].iov_len = len1;
503 vectors[1].iov_base = (char*) data2;
504 vectors[1].iov_len = len2;
508 m.msg_iovlen = data2 ? 2 : 1;
512 bytes_written = sendmsg (fd, &m, MSG_NOSIGNAL);
514 if (bytes_written < 0 && errno == EINTR)
517 return bytes_written;
520 return _dbus_write_two (fd, buffer1, start1, len1,
521 buffer2, start2, len2);
526 _dbus_socket_is_invalid (int fd)
528 return fd < 0 ? TRUE : FALSE;
532 * Thin wrapper around the read() system call that appends
533 * the data it reads to the DBusString buffer. It appends
534 * up to the given count, and returns the same value
535 * and same errno as read(). The only exception is that
536 * _dbus_read() handles EINTR for you. Also, _dbus_read() can
537 * return ENOMEM, even though regular UNIX read doesn't.
539 * Unlike _dbus_read_socket(), _dbus_read() is not available
542 * @param fd the file descriptor to read from
543 * @param buffer the buffer to append data to
544 * @param count the amount of data to read
545 * @returns the number of bytes read or -1
556 _dbus_assert (count >= 0);
558 start = _dbus_string_get_length (buffer);
560 if (!_dbus_string_lengthen (buffer, count))
566 data = _dbus_string_get_data_len (buffer, start, count);
570 bytes_read = read (fd, data, count);
578 /* put length back (note that this doesn't actually realloc anything) */
579 _dbus_string_set_length (buffer, start);
585 /* put length back (doesn't actually realloc) */
586 _dbus_string_set_length (buffer, start + bytes_read);
590 _dbus_verbose_bytes_of_string (buffer, start, bytes_read);
598 * Thin wrapper around the write() system call that writes a part of a
599 * DBusString and handles EINTR for you.
601 * @param fd the file descriptor to write
602 * @param buffer the buffer to write data from
603 * @param start the first byte in the buffer to write
604 * @param len the number of bytes to try to write
605 * @returns the number of bytes written or -1 on error
609 const DBusString *buffer,
616 data = _dbus_string_get_const_data_len (buffer, start, len);
620 bytes_written = write (fd, data, len);
622 if (bytes_written < 0 && errno == EINTR)
626 if (bytes_written > 0)
627 _dbus_verbose_bytes_of_string (buffer, start, bytes_written);
630 return bytes_written;
634 * Like _dbus_write() but will use writev() if possible
635 * to write both buffers in sequence. The return value
636 * is the number of bytes written in the first buffer,
637 * plus the number written in the second. If the first
638 * buffer is written successfully and an error occurs
639 * writing the second, the number of bytes in the first
640 * is returned (i.e. the error is ignored), on systems that
641 * don't have writev. Handles EINTR for you.
642 * The second buffer may be #NULL.
644 * @param fd the file descriptor
645 * @param buffer1 first buffer
646 * @param start1 first byte to write in first buffer
647 * @param len1 number of bytes to write from first buffer
648 * @param buffer2 second buffer, or #NULL
649 * @param start2 first byte to write in second buffer
650 * @param len2 number of bytes to write in second buffer
651 * @returns total bytes written from both buffers, or -1 on error
654 _dbus_write_two (int fd,
655 const DBusString *buffer1,
658 const DBusString *buffer2,
662 _dbus_assert (buffer1 != NULL);
663 _dbus_assert (start1 >= 0);
664 _dbus_assert (start2 >= 0);
665 _dbus_assert (len1 >= 0);
666 _dbus_assert (len2 >= 0);
670 struct iovec vectors[2];
675 data1 = _dbus_string_get_const_data_len (buffer1, start1, len1);
678 data2 = _dbus_string_get_const_data_len (buffer2, start2, len2);
686 vectors[0].iov_base = (char*) data1;
687 vectors[0].iov_len = len1;
688 vectors[1].iov_base = (char*) data2;
689 vectors[1].iov_len = len2;
693 bytes_written = writev (fd,
697 if (bytes_written < 0 && errno == EINTR)
700 return bytes_written;
702 #else /* HAVE_WRITEV */
706 ret1 = _dbus_write (fd, buffer1, start1, len1);
707 if (ret1 == len1 && buffer2 != NULL)
709 ret2 = _dbus_write (fd, buffer2, start2, len2);
711 ret2 = 0; /* we can't report an error as the first write was OK */
718 #endif /* !HAVE_WRITEV */
721 #define _DBUS_MAX_SUN_PATH_LENGTH 99
724 * @def _DBUS_MAX_SUN_PATH_LENGTH
726 * Maximum length of the path to a UNIX domain socket,
727 * sockaddr_un::sun_path member. POSIX requires that all systems
728 * support at least 100 bytes here, including the nul termination.
729 * We use 99 for the max value to allow for the nul.
731 * We could probably also do sizeof (addr.sun_path)
732 * but this way we are the same on all platforms
733 * which is probably a good idea.
737 * Creates a socket and connects it to the UNIX domain socket at the
738 * given path. The connection fd is returned, and is set up as
741 * Uses abstract sockets instead of filesystem-linked sockets if
742 * requested (it's possible only on Linux; see "man 7 unix" on Linux).
743 * On non-Linux abstract socket usage always fails.
745 * This will set FD_CLOEXEC for the socket returned.
747 * @param path the path to UNIX domain socket
748 * @param abstract #TRUE to use abstract namespace
749 * @param error return location for error code
750 * @returns connection file descriptor or -1 on error
753 _dbus_connect_unix_socket (const char *path,
754 dbus_bool_t abstract,
759 struct sockaddr_un addr;
761 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
763 _dbus_verbose ("connecting to unix socket %s abstract=%d\n",
767 if (!_dbus_open_unix_socket (&fd, error))
769 _DBUS_ASSERT_ERROR_IS_SET(error);
772 _DBUS_ASSERT_ERROR_IS_CLEAR(error);
775 addr.sun_family = AF_UNIX;
776 path_len = strlen (path);
780 #ifdef HAVE_ABSTRACT_SOCKETS
781 addr.sun_path[0] = '\0'; /* this is what says "use abstract" */
782 path_len++; /* Account for the extra nul byte added to the start of sun_path */
784 if (path_len > _DBUS_MAX_SUN_PATH_LENGTH)
786 dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
787 "Abstract socket name too long\n");
788 _dbus_close (fd, NULL);
792 strncpy (&addr.sun_path[1], path, path_len);
793 /* _dbus_verbose_bytes (addr.sun_path, sizeof (addr.sun_path)); */
794 #else /* HAVE_ABSTRACT_SOCKETS */
795 dbus_set_error (error, DBUS_ERROR_NOT_SUPPORTED,
796 "Operating system does not support abstract socket namespace\n");
797 _dbus_close (fd, NULL);
799 #endif /* ! HAVE_ABSTRACT_SOCKETS */
803 if (path_len > _DBUS_MAX_SUN_PATH_LENGTH)
805 dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
806 "Socket name too long\n");
807 _dbus_close (fd, NULL);
811 strncpy (addr.sun_path, path, path_len);
814 if (connect (fd, (struct sockaddr*) &addr, _DBUS_STRUCT_OFFSET (struct sockaddr_un, sun_path) + path_len) < 0)
816 dbus_set_error (error,
817 _dbus_error_from_errno (errno),
818 "Failed to connect to socket %s: %s",
819 path, _dbus_strerror (errno));
821 _dbus_close (fd, NULL);
827 if (!_dbus_set_fd_nonblocking (fd, error))
829 _DBUS_ASSERT_ERROR_IS_SET (error);
831 _dbus_close (fd, NULL);
841 * Enables or disables the reception of credentials on the given socket during
842 * the next message transmission. This is only effective if the #LOCAL_CREDS
843 * system feature exists, in which case the other side of the connection does
844 * not have to do anything special to send the credentials.
846 * @param fd socket on which to change the #LOCAL_CREDS flag.
847 * @param on whether to enable or disable the #LOCAL_CREDS flag.
850 _dbus_set_local_creds (int fd, dbus_bool_t on)
852 dbus_bool_t retval = TRUE;
854 #if defined(HAVE_CMSGCRED)
855 /* NOOP just to make sure only one codepath is used
856 * and to prefer CMSGCRED
858 #elif defined(LOCAL_CREDS)
859 int val = on ? 1 : 0;
860 if (setsockopt (fd, 0, LOCAL_CREDS, &val, sizeof (val)) < 0)
862 _dbus_verbose ("Unable to set LOCAL_CREDS socket option on fd %d\n", fd);
866 _dbus_verbose ("LOCAL_CREDS %s for further messages on fd %d\n",
867 on ? "enabled" : "disabled", fd);
874 * Creates a socket and binds it to the given path,
875 * then listens on the socket. The socket is
876 * set to be nonblocking.
878 * Uses abstract sockets instead of filesystem-linked
879 * sockets if requested (it's possible only on Linux;
880 * see "man 7 unix" on Linux).
881 * On non-Linux abstract socket usage always fails.
883 * This will set FD_CLOEXEC for the socket returned
885 * @param path the socket name
886 * @param abstract #TRUE to use abstract namespace
887 * @param error return location for errors
888 * @returns the listening file descriptor or -1 on error
891 _dbus_listen_unix_socket (const char *path,
892 dbus_bool_t abstract,
896 struct sockaddr_un addr;
898 unsigned int reuseaddr;
900 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
902 _dbus_verbose ("listening on unix socket %s abstract=%d\n",
905 if (!_dbus_open_unix_socket (&listen_fd, error))
907 _DBUS_ASSERT_ERROR_IS_SET(error);
910 _DBUS_ASSERT_ERROR_IS_CLEAR(error);
913 addr.sun_family = AF_UNIX;
914 path_len = strlen (path);
918 #ifdef HAVE_ABSTRACT_SOCKETS
919 /* remember that abstract names aren't nul-terminated so we rely
920 * on sun_path being filled in with zeroes above.
922 addr.sun_path[0] = '\0'; /* this is what says "use abstract" */
923 path_len++; /* Account for the extra nul byte added to the start of sun_path */
925 if (path_len > _DBUS_MAX_SUN_PATH_LENGTH)
927 dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
928 "Abstract socket name too long\n");
929 _dbus_close (listen_fd, NULL);
933 strncpy (&addr.sun_path[1], path, path_len);
934 /* _dbus_verbose_bytes (addr.sun_path, sizeof (addr.sun_path)); */
935 #else /* HAVE_ABSTRACT_SOCKETS */
936 dbus_set_error (error, DBUS_ERROR_NOT_SUPPORTED,
937 "Operating system does not support abstract socket namespace\n");
938 _dbus_close (listen_fd, NULL);
940 #endif /* ! HAVE_ABSTRACT_SOCKETS */
944 /* Discussed security implications of this with Nalin,
945 * and we couldn't think of where it would kick our ass, but
946 * it still seems a bit sucky. It also has non-security suckage;
947 * really we'd prefer to exit if the socket is already in use.
948 * But there doesn't seem to be a good way to do this.
950 * Just to be extra careful, I threw in the stat() - clearly
951 * the stat() can't *fix* any security issue, but it at least
952 * avoids inadvertent/accidental data loss.
957 if (stat (path, &sb) == 0 &&
958 S_ISSOCK (sb.st_mode))
962 if (path_len > _DBUS_MAX_SUN_PATH_LENGTH)
964 dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
965 "Abstract socket name too long\n");
966 _dbus_close (listen_fd, NULL);
970 strncpy (addr.sun_path, path, path_len);
974 if (setsockopt (listen_fd, SOL_SOCKET, SO_REUSEADDR, &reuseaddr, sizeof(reuseaddr))==-1)
976 _dbus_warn ("Failed to set socket option\"%s\": %s",
977 path, _dbus_strerror (errno));
980 if (bind (listen_fd, (struct sockaddr*) &addr, _DBUS_STRUCT_OFFSET (struct sockaddr_un, sun_path) + path_len) < 0)
982 dbus_set_error (error, _dbus_error_from_errno (errno),
983 "Failed to bind socket \"%s\": %s",
984 path, _dbus_strerror (errno));
985 _dbus_close (listen_fd, NULL);
989 if (listen (listen_fd, 30 /* backlog */) < 0)
991 dbus_set_error (error, _dbus_error_from_errno (errno),
992 "Failed to listen on socket \"%s\": %s",
993 path, _dbus_strerror (errno));
994 _dbus_close (listen_fd, NULL);
998 if (!_dbus_set_local_creds (listen_fd, TRUE))
1000 dbus_set_error (error, _dbus_error_from_errno (errno),
1001 "Failed to enable LOCAL_CREDS on socket \"%s\": %s",
1002 path, _dbus_strerror (errno));
1007 if (!_dbus_set_fd_nonblocking (listen_fd, error))
1009 _DBUS_ASSERT_ERROR_IS_SET (error);
1010 _dbus_close (listen_fd, NULL);
1014 /* Try opening up the permissions, but if we can't, just go ahead
1015 * and continue, maybe it will be good enough.
1017 if (!abstract && chmod (path, 0777) < 0)
1018 _dbus_warn ("Could not set mode 0777 on socket %s\n",
1025 * Acquires one or more sockets passed in from systemd. The sockets
1026 * are set to be nonblocking.
1028 * This will set FD_CLOEXEC for the sockets returned.
1030 * @oaram fds the file descriptors
1031 * @param error return location for errors
1032 * @returns the number of file descriptors
1035 _dbus_listen_systemd_sockets (int **fds,
1042 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1044 n = sd_listen_fds (TRUE);
1047 dbus_set_error (error, _dbus_error_from_errno (-n),
1048 "Failed to acquire systemd socket: %s",
1049 _dbus_strerror (-n));
1055 dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
1056 "No socket received.");
1060 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd ++)
1062 r = sd_is_socket (fd, AF_UNSPEC, SOCK_STREAM, 1);
1065 dbus_set_error (error, _dbus_error_from_errno (-r),
1066 "Failed to verify systemd socket type: %s",
1067 _dbus_strerror (-r));
1073 dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
1074 "Passed socket has wrong type.");
1079 /* OK, the file descriptors are all good, so let's take posession of
1082 new_fds = dbus_new (int, n);
1085 dbus_set_error (error, DBUS_ERROR_NO_MEMORY,
1086 "Failed to allocate file handle array.");
1090 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd ++)
1092 if (!_dbus_set_local_creds (fd, TRUE))
1094 dbus_set_error (error, _dbus_error_from_errno (errno),
1095 "Failed to enable LOCAL_CREDS on systemd socket: %s",
1096 _dbus_strerror (errno));
1100 if (!_dbus_set_fd_nonblocking (fd, error))
1102 _DBUS_ASSERT_ERROR_IS_SET (error);
1106 new_fds[fd - SD_LISTEN_FDS_START] = fd;
1114 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd ++)
1116 _dbus_close (fd, NULL);
1119 dbus_free (new_fds);
1124 * Creates a socket and connects to a socket at the given host
1125 * and port. The connection fd is returned, and is set up as
1128 * This will set FD_CLOEXEC for the socket returned
1130 * @param host the host name to connect to
1131 * @param port the port to connect to
1132 * @param family the address family to listen on, NULL for all
1133 * @param error return location for error code
1134 * @returns connection file descriptor or -1 on error
1137 _dbus_connect_tcp_socket (const char *host,
1142 return _dbus_connect_tcp_socket_with_nonce (host, port, family, (const char*)NULL, error);
1146 _dbus_connect_tcp_socket_with_nonce (const char *host,
1149 const char *noncefile,
1152 int saved_errno = 0;
1154 struct addrinfo hints;
1155 struct addrinfo *ai, *tmp;
1157 _DBUS_ASSERT_ERROR_IS_CLEAR(error);
1162 hints.ai_family = AF_UNSPEC;
1163 else if (!strcmp(family, "ipv4"))
1164 hints.ai_family = AF_INET;
1165 else if (!strcmp(family, "ipv6"))
1166 hints.ai_family = AF_INET6;
1169 dbus_set_error (error,
1170 DBUS_ERROR_BAD_ADDRESS,
1171 "Unknown address family %s", family);
1174 hints.ai_protocol = IPPROTO_TCP;
1175 hints.ai_socktype = SOCK_STREAM;
1176 hints.ai_flags = AI_ADDRCONFIG;
1178 if ((res = getaddrinfo(host, port, &hints, &ai)) != 0)
1180 dbus_set_error (error,
1181 _dbus_error_from_errno (errno),
1182 "Failed to lookup host/port: \"%s:%s\": %s (%d)",
1183 host, port, gai_strerror(res), res);
1184 _dbus_close (fd, NULL);
1191 if (!_dbus_open_socket (&fd, tmp->ai_family, SOCK_STREAM, 0, error))
1194 _DBUS_ASSERT_ERROR_IS_SET(error);
1197 _DBUS_ASSERT_ERROR_IS_CLEAR(error);
1199 if (connect (fd, (struct sockaddr*) tmp->ai_addr, tmp->ai_addrlen) < 0)
1201 saved_errno = errno;
1202 _dbus_close(fd, NULL);
1214 dbus_set_error (error,
1215 _dbus_error_from_errno (saved_errno),
1216 "Failed to connect to socket \"%s:%s\" %s",
1217 host, port, _dbus_strerror(saved_errno));
1221 if (noncefile != NULL)
1223 DBusString noncefileStr;
1225 _dbus_string_init_const (&noncefileStr, noncefile);
1226 ret = _dbus_send_nonce (fd, &noncefileStr, error);
1227 _dbus_string_free (&noncefileStr);
1231 _dbus_close (fd, NULL);
1236 if (!_dbus_set_fd_nonblocking (fd, error))
1238 _dbus_close (fd, NULL);
1246 * Creates a socket and binds it to the given path, then listens on
1247 * the socket. The socket is set to be nonblocking. In case of port=0
1248 * a random free port is used and returned in the port parameter.
1249 * If inaddr_any is specified, the hostname is ignored.
1251 * This will set FD_CLOEXEC for the socket returned
1253 * @param host the host name to listen on
1254 * @param port the port to listen on, if zero a free port will be used
1255 * @param family the address family to listen on, NULL for all
1256 * @param retport string to return the actual port listened on
1257 * @param fds_p location to store returned file descriptors
1258 * @param error return location for errors
1259 * @returns the number of listening file descriptors or -1 on error
1262 _dbus_listen_tcp_socket (const char *host,
1265 DBusString *retport,
1270 int nlisten_fd = 0, *listen_fd = NULL, res, i;
1271 struct addrinfo hints;
1272 struct addrinfo *ai, *tmp;
1273 unsigned int reuseaddr;
1276 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1281 hints.ai_family = AF_UNSPEC;
1282 else if (!strcmp(family, "ipv4"))
1283 hints.ai_family = AF_INET;
1284 else if (!strcmp(family, "ipv6"))
1285 hints.ai_family = AF_INET6;
1288 dbus_set_error (error,
1289 DBUS_ERROR_BAD_ADDRESS,
1290 "Unknown address family %s", family);
1294 hints.ai_protocol = IPPROTO_TCP;
1295 hints.ai_socktype = SOCK_STREAM;
1296 hints.ai_flags = AI_ADDRCONFIG | AI_PASSIVE;
1298 redo_lookup_with_port:
1299 if ((res = getaddrinfo(host, port, &hints, &ai)) != 0 || !ai)
1301 dbus_set_error (error,
1302 _dbus_error_from_errno (errno),
1303 "Failed to lookup host/port: \"%s:%s\": %s (%d)",
1304 host ? host : "*", port, gai_strerror(res), res);
1311 int fd = -1, *newlisten_fd;
1312 if (!_dbus_open_socket (&fd, tmp->ai_family, SOCK_STREAM, 0, error))
1314 _DBUS_ASSERT_ERROR_IS_SET(error);
1317 _DBUS_ASSERT_ERROR_IS_CLEAR(error);
1320 if (setsockopt (fd, SOL_SOCKET, SO_REUSEADDR, &reuseaddr, sizeof(reuseaddr))==-1)
1322 _dbus_warn ("Failed to set socket option \"%s:%s\": %s",
1323 host ? host : "*", port, _dbus_strerror (errno));
1326 if (bind (fd, (struct sockaddr*) tmp->ai_addr, tmp->ai_addrlen) < 0)
1328 saved_errno = errno;
1329 _dbus_close(fd, NULL);
1330 if (saved_errno == EADDRINUSE)
1332 /* Depending on kernel policy, it may or may not
1333 be neccessary to bind to both IPv4 & 6 addresses
1334 so ignore EADDRINUSE here */
1338 dbus_set_error (error, _dbus_error_from_errno (saved_errno),
1339 "Failed to bind socket \"%s:%s\": %s",
1340 host ? host : "*", port, _dbus_strerror (saved_errno));
1344 if (listen (fd, 30 /* backlog */) < 0)
1346 saved_errno = errno;
1347 _dbus_close (fd, NULL);
1348 dbus_set_error (error, _dbus_error_from_errno (saved_errno),
1349 "Failed to listen on socket \"%s:%s\": %s",
1350 host ? host : "*", port, _dbus_strerror (saved_errno));
1354 newlisten_fd = dbus_realloc(listen_fd, sizeof(int)*(nlisten_fd+1));
1357 saved_errno = errno;
1358 _dbus_close (fd, NULL);
1359 dbus_set_error (error, _dbus_error_from_errno (saved_errno),
1360 "Failed to allocate file handle array: %s",
1361 _dbus_strerror (saved_errno));
1364 listen_fd = newlisten_fd;
1365 listen_fd[nlisten_fd] = fd;
1368 if (!_dbus_string_get_length(retport))
1370 /* If the user didn't specify a port, or used 0, then
1371 the kernel chooses a port. After the first address
1372 is bound to, we need to force all remaining addresses
1373 to use the same port */
1374 if (!port || !strcmp(port, "0"))
1377 struct sockaddr_storage addr;
1381 addrlen = sizeof(addr);
1382 result = getsockname(fd, (struct sockaddr*) &addr, &addrlen);
1385 (res = getnameinfo ((struct sockaddr*)&addr, addrlen, NULL, 0,
1386 portbuf, sizeof(portbuf),
1387 NI_NUMERICHOST)) != 0)
1389 dbus_set_error (error, _dbus_error_from_errno (errno),
1390 "Failed to resolve port \"%s:%s\": %s (%s)",
1391 host ? host : "*", port, gai_strerror(res), res);
1394 if (!_dbus_string_append(retport, portbuf))
1396 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
1400 /* Release current address list & redo lookup */
1401 port = _dbus_string_get_const_data(retport);
1403 goto redo_lookup_with_port;
1407 if (!_dbus_string_append(retport, port))
1409 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
1423 dbus_set_error (error, _dbus_error_from_errno (errno),
1424 "Failed to bind socket \"%s:%s\": %s",
1425 host ? host : "*", port, _dbus_strerror (errno));
1429 for (i = 0 ; i < nlisten_fd ; i++)
1431 if (!_dbus_set_fd_nonblocking (listen_fd[i], error))
1444 for (i = 0 ; i < nlisten_fd ; i++)
1445 _dbus_close(listen_fd[i], NULL);
1446 dbus_free(listen_fd);
1451 write_credentials_byte (int server_fd,
1455 char buf[1] = { '\0' };
1456 #if defined(HAVE_CMSGCRED)
1459 char cred[CMSG_SPACE (sizeof (struct cmsgcred))];
1470 msg.msg_control = (caddr_t) &cmsg;
1471 msg.msg_controllen = CMSG_SPACE (sizeof (struct cmsgcred));
1473 cmsg.hdr.cmsg_len = CMSG_LEN (sizeof (struct cmsgcred));
1474 cmsg.hdr.cmsg_level = SOL_SOCKET;
1475 cmsg.hdr.cmsg_type = SCM_CREDS;
1478 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1482 #if defined(HAVE_CMSGCRED)
1483 bytes_written = sendmsg (server_fd, &msg, 0
1484 #if HAVE_DECL_MSG_NOSIGNAL
1489 bytes_written = send (server_fd, buf, 1, 0
1490 #if HAVE_DECL_MSG_NOSIGNAL
1496 if (bytes_written < 0 && errno == EINTR)
1499 if (bytes_written < 0)
1501 dbus_set_error (error, _dbus_error_from_errno (errno),
1502 "Failed to write credentials byte: %s",
1503 _dbus_strerror (errno));
1506 else if (bytes_written == 0)
1508 dbus_set_error (error, DBUS_ERROR_IO_ERROR,
1509 "wrote zero bytes writing credentials byte");
1514 _dbus_assert (bytes_written == 1);
1515 _dbus_verbose ("wrote credentials byte\n");
1521 * Reads a single byte which must be nul (an error occurs otherwise),
1522 * and reads unix credentials if available. Clears the credentials
1523 * object, then adds pid/uid if available, so any previous credentials
1524 * stored in the object are lost.
1526 * Return value indicates whether a byte was read, not whether
1527 * we got valid credentials. On some systems, such as Linux,
1528 * reading/writing the byte isn't actually required, but we do it
1529 * anyway just to avoid multiple codepaths.
1531 * Fails if no byte is available, so you must select() first.
1533 * The point of the byte is that on some systems we have to
1534 * use sendmsg()/recvmsg() to transmit credentials.
1536 * @param client_fd the client file descriptor
1537 * @param credentials object to add client credentials to
1538 * @param error location to store error code
1539 * @returns #TRUE on success
1542 _dbus_read_credentials_socket (int client_fd,
1543 DBusCredentials *credentials,
1549 dbus_uid_t uid_read;
1550 dbus_pid_t pid_read;
1553 #ifdef HAVE_CMSGCRED
1556 char cred[CMSG_SPACE (sizeof (struct cmsgcred))];
1559 #elif defined(LOCAL_CREDS)
1562 struct sockcred cred;
1566 uid_read = DBUS_UID_UNSET;
1567 pid_read = DBUS_PID_UNSET;
1569 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1571 /* The POSIX spec certainly doesn't promise this, but
1572 * we need these assertions to fail as soon as we're wrong about
1573 * it so we can do the porting fixups
1575 _dbus_assert (sizeof (pid_t) <= sizeof (dbus_pid_t));
1576 _dbus_assert (sizeof (uid_t) <= sizeof (dbus_uid_t));
1577 _dbus_assert (sizeof (gid_t) <= sizeof (dbus_gid_t));
1579 _dbus_credentials_clear (credentials);
1581 /* Systems supporting LOCAL_CREDS are configured to have this feature
1582 * enabled (if it does not conflict with HAVE_CMSGCRED) prior accepting
1583 * the connection. Therefore, the received message must carry the
1584 * credentials information without doing anything special.
1587 iov.iov_base = &buf;
1594 #if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)
1596 msg.msg_control = (caddr_t) &cmsg;
1597 msg.msg_controllen = CMSG_SPACE (sizeof (struct cmsgcred));
1601 bytes_read = recvmsg (client_fd, &msg, 0);
1608 /* EAGAIN or EWOULDBLOCK would be unexpected here since we would
1609 * normally only call read_credentials if the socket was ready
1613 dbus_set_error (error, _dbus_error_from_errno (errno),
1614 "Failed to read credentials byte: %s",
1615 _dbus_strerror (errno));
1618 else if (bytes_read == 0)
1620 /* this should not happen unless we are using recvmsg wrong,
1621 * so is essentially here for paranoia
1623 dbus_set_error (error, DBUS_ERROR_FAILED,
1624 "Failed to read credentials byte (zero-length read)");
1627 else if (buf != '\0')
1629 dbus_set_error (error, DBUS_ERROR_FAILED,
1630 "Credentials byte was not nul");
1634 #if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)
1635 if (cmsg.hdr.cmsg_len < CMSG_LEN (sizeof (struct cmsgcred))
1636 || cmsg.hdr.cmsg_type != SCM_CREDS)
1638 dbus_set_error (error, DBUS_ERROR_FAILED,
1639 "Message from recvmsg() was not SCM_CREDS");
1644 _dbus_verbose ("read credentials byte\n");
1649 struct sockpeercred cr;
1653 int cr_len = sizeof (cr);
1655 if (getsockopt (client_fd, SOL_SOCKET, SO_PEERCRED, &cr, &cr_len) == 0 &&
1656 cr_len == sizeof (cr))
1663 _dbus_verbose ("Failed to getsockopt() credentials, returned len %d/%d: %s\n",
1664 cr_len, (int) sizeof (cr), _dbus_strerror (errno));
1666 #elif defined(HAVE_CMSGCRED)
1667 struct cmsgcred *cred;
1669 cred = (struct cmsgcred *) CMSG_DATA (&cmsg.hdr);
1670 pid_read = cred->cmcred_pid;
1671 uid_read = cred->cmcred_euid;
1672 #elif defined(LOCAL_CREDS)
1673 pid_read = DBUS_PID_UNSET;
1674 uid_read = cmsg.cred.sc_uid;
1675 /* Since we have already got the credentials from this socket, we can
1676 * disable its LOCAL_CREDS flag if it was ever set. */
1677 _dbus_set_local_creds (client_fd, FALSE);
1678 #elif defined(HAVE_GETPEEREID)
1681 if (getpeereid (client_fd, &euid, &egid) == 0)
1687 _dbus_verbose ("Failed to getpeereid() credentials: %s\n", _dbus_strerror (errno));
1689 #elif defined(HAVE_GETPEERUCRED)
1690 ucred_t * ucred = NULL;
1691 if (getpeerucred (client_fd, &ucred) == 0)
1693 pid_read = ucred_getpid (ucred);
1694 uid_read = ucred_geteuid (ucred);
1696 /* generate audit session data based on socket ucred */
1697 adt_session_data_t *adth = NULL;
1698 adt_export_data_t *data = NULL;
1700 if (adt_start_session (&adth, NULL, 0) || (adth == NULL))
1702 _dbus_verbose ("Failed to adt_start_session(): %s\n", _dbus_strerror (errno));
1706 if (adt_set_from_ucred (adth, ucred, ADT_NEW))
1708 _dbus_verbose ("Failed to adt_set_from_ucred(): %s\n", _dbus_strerror (errno));
1712 size = adt_export_session_data (adth, &data);
1715 _dbus_verbose ("Failed to adt_export_session_data(): %s\n", _dbus_strerror (errno));
1719 _dbus_credentials_add_adt_audit_data (credentials, data, size);
1723 (void) adt_end_session (adth);
1725 #endif /* HAVE_ADT */
1729 _dbus_verbose ("Failed to getpeerucred() credentials: %s\n", _dbus_strerror (errno));
1733 #else /* !SO_PEERCRED && !HAVE_CMSGCRED && !HAVE_GETPEEREID && !HAVE_GETPEERUCRED */
1734 _dbus_verbose ("Socket credentials not supported on this OS\n");
1738 _dbus_verbose ("Credentials:"
1739 " pid "DBUS_PID_FORMAT
1740 " uid "DBUS_UID_FORMAT
1745 if (pid_read != DBUS_PID_UNSET)
1747 if (!_dbus_credentials_add_unix_pid (credentials, pid_read))
1749 _DBUS_SET_OOM (error);
1754 if (uid_read != DBUS_UID_UNSET)
1756 if (!_dbus_credentials_add_unix_uid (credentials, uid_read))
1758 _DBUS_SET_OOM (error);
1767 * Sends a single nul byte with our UNIX credentials as ancillary
1768 * data. Returns #TRUE if the data was successfully written. On
1769 * systems that don't support sending credentials, just writes a byte,
1770 * doesn't send any credentials. On some systems, such as Linux,
1771 * reading/writing the byte isn't actually required, but we do it
1772 * anyway just to avoid multiple codepaths.
1774 * Fails if no byte can be written, so you must select() first.
1776 * The point of the byte is that on some systems we have to
1777 * use sendmsg()/recvmsg() to transmit credentials.
1779 * @param server_fd file descriptor for connection to server
1780 * @param error return location for error code
1781 * @returns #TRUE if the byte was sent
1784 _dbus_send_credentials_socket (int server_fd,
1787 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1789 if (write_credentials_byte (server_fd, error))
1796 * Accepts a connection on a listening socket.
1797 * Handles EINTR for you.
1799 * This will enable FD_CLOEXEC for the returned socket.
1801 * @param listen_fd the listen file descriptor
1802 * @returns the connection fd of the client, or -1 on error
1805 _dbus_accept (int listen_fd)
1808 struct sockaddr addr;
1811 dbus_bool_t cloexec_done;
1814 addrlen = sizeof (addr);
1819 /* We assume that if accept4 is available SOCK_CLOEXEC is too */
1820 client_fd = accept4 (listen_fd, &addr, &addrlen, SOCK_CLOEXEC);
1821 cloexec_done = client_fd >= 0;
1823 if (client_fd < 0 && errno == ENOSYS)
1826 client_fd = accept (listen_fd, &addr, &addrlen);
1835 _dbus_verbose ("client fd %d accepted\n", client_fd);
1841 _dbus_fd_set_close_on_exec(client_fd);
1848 * Checks to make sure the given directory is
1849 * private to the user
1851 * @param dir the name of the directory
1852 * @param error error return
1853 * @returns #FALSE on failure
1856 _dbus_check_dir_is_private_to_user (DBusString *dir, DBusError *error)
1858 const char *directory;
1861 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1863 directory = _dbus_string_get_const_data (dir);
1865 if (stat (directory, &sb) < 0)
1867 dbus_set_error (error, _dbus_error_from_errno (errno),
1868 "%s", _dbus_strerror (errno));
1873 if ((S_IROTH & sb.st_mode) || (S_IWOTH & sb.st_mode) ||
1874 (S_IRGRP & sb.st_mode) || (S_IWGRP & sb.st_mode))
1876 dbus_set_error (error, DBUS_ERROR_FAILED,
1877 "%s directory is not private to the user", directory);
1885 fill_user_info_from_passwd (struct passwd *p,
1889 _dbus_assert (p->pw_name != NULL);
1890 _dbus_assert (p->pw_dir != NULL);
1892 info->uid = p->pw_uid;
1893 info->primary_gid = p->pw_gid;
1894 info->username = _dbus_strdup (p->pw_name);
1895 info->homedir = _dbus_strdup (p->pw_dir);
1897 if (info->username == NULL ||
1898 info->homedir == NULL)
1900 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
1908 fill_user_info (DBusUserInfo *info,
1910 const DBusString *username,
1913 const char *username_c;
1915 /* exactly one of username/uid provided */
1916 _dbus_assert (username != NULL || uid != DBUS_UID_UNSET);
1917 _dbus_assert (username == NULL || uid == DBUS_UID_UNSET);
1919 info->uid = DBUS_UID_UNSET;
1920 info->primary_gid = DBUS_GID_UNSET;
1921 info->group_ids = NULL;
1922 info->n_group_ids = 0;
1923 info->username = NULL;
1924 info->homedir = NULL;
1926 if (username != NULL)
1927 username_c = _dbus_string_get_const_data (username);
1931 /* For now assuming that the getpwnam() and getpwuid() flavors
1932 * are always symmetrical, if not we have to add more configure
1936 #if defined (HAVE_POSIX_GETPWNAM_R) || defined (HAVE_NONPOSIX_GETPWNAM_R)
1942 struct passwd p_str;
1944 /* retrieve maximum needed size for buf */
1945 buflen = sysconf (_SC_GETPW_R_SIZE_MAX);
1947 /* sysconf actually returns a long, but everything else expects size_t,
1948 * so just recast here.
1949 * https://bugs.freedesktop.org/show_bug.cgi?id=17061
1951 if ((long) buflen <= 0)
1957 buf = dbus_malloc (buflen);
1960 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
1965 #ifdef HAVE_POSIX_GETPWNAM_R
1966 if (uid != DBUS_UID_UNSET)
1967 result = getpwuid_r (uid, &p_str, buf, buflen,
1970 result = getpwnam_r (username_c, &p_str, buf, buflen,
1973 if (uid != DBUS_UID_UNSET)
1974 p = getpwuid_r (uid, &p_str, buf, buflen);
1976 p = getpwnam_r (username_c, &p_str, buf, buflen);
1978 #endif /* !HAVE_POSIX_GETPWNAM_R */
1979 //Try a bigger buffer if ERANGE was returned
1980 if (result == ERANGE && buflen < 512 * 1024)
1990 if (result == 0 && p == &p_str)
1992 if (!fill_user_info_from_passwd (p, info, error))
2001 dbus_set_error (error, _dbus_error_from_errno (errno),
2002 "User \"%s\" unknown or no memory to allocate password entry\n",
2003 username_c ? username_c : "???");
2004 _dbus_verbose ("User %s unknown\n", username_c ? username_c : "???");
2009 #else /* ! HAVE_GETPWNAM_R */
2011 /* I guess we're screwed on thread safety here */
2014 if (uid != DBUS_UID_UNSET)
2017 p = getpwnam (username_c);
2021 if (!fill_user_info_from_passwd (p, info, error))
2028 dbus_set_error (error, _dbus_error_from_errno (errno),
2029 "User \"%s\" unknown or no memory to allocate password entry\n",
2030 username_c ? username_c : "???");
2031 _dbus_verbose ("User %s unknown\n", username_c ? username_c : "???");
2035 #endif /* ! HAVE_GETPWNAM_R */
2037 /* Fill this in so we can use it to get groups */
2038 username_c = info->username;
2040 #ifdef HAVE_GETGROUPLIST
2045 int initial_buf_count;
2047 initial_buf_count = 17;
2048 buf_count = initial_buf_count;
2049 buf = dbus_new (gid_t, buf_count);
2052 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
2056 if (getgrouplist (username_c,
2058 buf, &buf_count) < 0)
2061 /* Presumed cause of negative return code: buf has insufficient
2062 entries to hold the entire group list. The Linux behavior in this
2063 case is to pass back the actual number of groups in buf_count, but
2064 on Mac OS X 10.5, buf_count is unhelpfully left alone.
2065 So as a hack, try to help out a bit by guessing a larger
2066 number of groups, within reason.. might still fail, of course,
2067 but we can at least print a more informative message. I looked up
2068 the "right way" to do this by downloading Apple's own source code
2069 for the "id" command, and it turns out that they use an
2070 undocumented library function getgrouplist_2 (!) which is not
2071 declared in any header in /usr/include (!!). That did not seem
2072 like the way to go here.
2074 if (buf_count == initial_buf_count)
2076 buf_count *= 16; /* Retry with an arbitrarily scaled-up array */
2078 new = dbus_realloc (buf, buf_count * sizeof (buf[0]));
2081 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
2089 if (getgrouplist (username_c, info->primary_gid, buf, &buf_count) < 0)
2093 _dbus_warn ("It appears that username \"%s\" is in more than %d groups.\nProceeding with just the first %d groups.",
2094 username_c, buf_count, buf_count);
2098 dbus_set_error (error,
2099 _dbus_error_from_errno (errno),
2100 "Failed to get groups for username \"%s\" primary GID "
2101 DBUS_GID_FORMAT ": %s\n",
2102 username_c, info->primary_gid,
2103 _dbus_strerror (errno));
2110 info->group_ids = dbus_new (dbus_gid_t, buf_count);
2111 if (info->group_ids == NULL)
2113 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
2118 for (i = 0; i < buf_count; ++i)
2119 info->group_ids[i] = buf[i];
2121 info->n_group_ids = buf_count;
2125 #else /* HAVE_GETGROUPLIST */
2127 /* We just get the one group ID */
2128 info->group_ids = dbus_new (dbus_gid_t, 1);
2129 if (info->group_ids == NULL)
2131 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
2135 info->n_group_ids = 1;
2137 (info->group_ids)[0] = info->primary_gid;
2139 #endif /* HAVE_GETGROUPLIST */
2141 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
2146 _DBUS_ASSERT_ERROR_IS_SET (error);
2151 * Gets user info for the given username.
2153 * @param info user info object to initialize
2154 * @param username the username
2155 * @param error error return
2156 * @returns #TRUE on success
2159 _dbus_user_info_fill (DBusUserInfo *info,
2160 const DBusString *username,
2163 return fill_user_info (info, DBUS_UID_UNSET,
2168 * Gets user info for the given user ID.
2170 * @param info user info object to initialize
2171 * @param uid the user ID
2172 * @param error error return
2173 * @returns #TRUE on success
2176 _dbus_user_info_fill_uid (DBusUserInfo *info,
2180 return fill_user_info (info, uid,
2185 * Adds the credentials of the current process to the
2186 * passed-in credentials object.
2188 * @param credentials credentials to add to
2189 * @returns #FALSE if no memory; does not properly roll back on failure, so only some credentials may have been added
2192 _dbus_credentials_add_from_current_process (DBusCredentials *credentials)
2194 /* The POSIX spec certainly doesn't promise this, but
2195 * we need these assertions to fail as soon as we're wrong about
2196 * it so we can do the porting fixups
2198 _dbus_assert (sizeof (pid_t) <= sizeof (dbus_pid_t));
2199 _dbus_assert (sizeof (uid_t) <= sizeof (dbus_uid_t));
2200 _dbus_assert (sizeof (gid_t) <= sizeof (dbus_gid_t));
2202 if (!_dbus_credentials_add_unix_pid(credentials, _dbus_getpid()))
2204 if (!_dbus_credentials_add_unix_uid(credentials, _dbus_geteuid()))
2211 * Append to the string the identity we would like to have when we
2212 * authenticate, on UNIX this is the current process UID and on
2213 * Windows something else, probably a Windows SID string. No escaping
2214 * is required, that is done in dbus-auth.c. The username here
2215 * need not be anything human-readable, it can be the machine-readable
2216 * form i.e. a user id.
2218 * @param str the string to append to
2219 * @returns #FALSE on no memory
2222 _dbus_append_user_from_current_process (DBusString *str)
2224 return _dbus_string_append_uint (str,
2229 * Gets our process ID
2230 * @returns process ID
2239 * @returns process UID
2247 /** Gets our effective UID
2248 * @returns process effective UID
2251 _dbus_geteuid (void)
2257 * The only reason this is separate from _dbus_getpid() is to allow it
2258 * on Windows for logging but not for other purposes.
2260 * @returns process ID to put in log messages
2263 _dbus_pid_for_log (void)
2269 * Gets a UID from a UID string.
2271 * @param uid_str the UID in string form
2272 * @param uid UID to fill in
2273 * @returns #TRUE if successfully filled in UID
2276 _dbus_parse_uid (const DBusString *uid_str,
2282 if (_dbus_string_get_length (uid_str) == 0)
2284 _dbus_verbose ("UID string was zero length\n");
2290 if (!_dbus_string_parse_int (uid_str, 0, &val,
2293 _dbus_verbose ("could not parse string as a UID\n");
2297 if (end != _dbus_string_get_length (uid_str))
2299 _dbus_verbose ("string contained trailing stuff after UID\n");
2309 _DBUS_DEFINE_GLOBAL_LOCK (atomic);
2313 * Atomically increments an integer
2315 * @param atomic pointer to the integer to increment
2316 * @returns the value before incrementing
2319 _dbus_atomic_inc (DBusAtomic *atomic)
2322 return __sync_add_and_fetch(&atomic->value, 1)-1;
2325 _DBUS_LOCK (atomic);
2326 res = atomic->value;
2328 _DBUS_UNLOCK (atomic);
2334 * Atomically decrement an integer
2336 * @param atomic pointer to the integer to decrement
2337 * @returns the value before decrementing
2340 _dbus_atomic_dec (DBusAtomic *atomic)
2343 return __sync_sub_and_fetch(&atomic->value, 1)+1;
2347 _DBUS_LOCK (atomic);
2348 res = atomic->value;
2350 _DBUS_UNLOCK (atomic);
2355 #ifdef DBUS_BUILD_TESTS
2357 * @returns process GID
2367 * Wrapper for poll().
2369 * @param fds the file descriptors to poll
2370 * @param n_fds number of descriptors in the array
2371 * @param timeout_milliseconds timeout or -1 for infinite
2372 * @returns numbers of fds with revents, or <0 on error
2375 _dbus_poll (DBusPollFD *fds,
2377 int timeout_milliseconds)
2379 #if defined(HAVE_POLL) && !defined(BROKEN_POLL)
2380 /* This big thing is a constant expression and should get optimized
2381 * out of existence. So it's more robust than a configure check at
2384 if (_DBUS_POLLIN == POLLIN &&
2385 _DBUS_POLLPRI == POLLPRI &&
2386 _DBUS_POLLOUT == POLLOUT &&
2387 _DBUS_POLLERR == POLLERR &&
2388 _DBUS_POLLHUP == POLLHUP &&
2389 _DBUS_POLLNVAL == POLLNVAL &&
2390 sizeof (DBusPollFD) == sizeof (struct pollfd) &&
2391 _DBUS_STRUCT_OFFSET (DBusPollFD, fd) ==
2392 _DBUS_STRUCT_OFFSET (struct pollfd, fd) &&
2393 _DBUS_STRUCT_OFFSET (DBusPollFD, events) ==
2394 _DBUS_STRUCT_OFFSET (struct pollfd, events) &&
2395 _DBUS_STRUCT_OFFSET (DBusPollFD, revents) ==
2396 _DBUS_STRUCT_OFFSET (struct pollfd, revents))
2398 return poll ((struct pollfd*) fds,
2400 timeout_milliseconds);
2404 /* We have to convert the DBusPollFD to an array of
2405 * struct pollfd, poll, and convert back.
2407 _dbus_warn ("didn't implement poll() properly for this system yet\n");
2410 #else /* ! HAVE_POLL */
2412 fd_set read_set, write_set, err_set;
2418 FD_ZERO (&read_set);
2419 FD_ZERO (&write_set);
2422 for (i = 0; i < n_fds; i++)
2424 DBusPollFD *fdp = &fds[i];
2426 if (fdp->events & _DBUS_POLLIN)
2427 FD_SET (fdp->fd, &read_set);
2429 if (fdp->events & _DBUS_POLLOUT)
2430 FD_SET (fdp->fd, &write_set);
2432 FD_SET (fdp->fd, &err_set);
2434 max_fd = MAX (max_fd, fdp->fd);
2437 tv.tv_sec = timeout_milliseconds / 1000;
2438 tv.tv_usec = (timeout_milliseconds % 1000) * 1000;
2440 ready = select (max_fd + 1, &read_set, &write_set, &err_set,
2441 timeout_milliseconds < 0 ? NULL : &tv);
2445 for (i = 0; i < n_fds; i++)
2447 DBusPollFD *fdp = &fds[i];
2451 if (FD_ISSET (fdp->fd, &read_set))
2452 fdp->revents |= _DBUS_POLLIN;
2454 if (FD_ISSET (fdp->fd, &write_set))
2455 fdp->revents |= _DBUS_POLLOUT;
2457 if (FD_ISSET (fdp->fd, &err_set))
2458 fdp->revents |= _DBUS_POLLERR;
2467 * Get current time, as in gettimeofday(). Use the monotonic clock if
2468 * available, to avoid problems when the system time changes.
2470 * @param tv_sec return location for number of seconds
2471 * @param tv_usec return location for number of microseconds (thousandths)
2474 _dbus_get_current_time (long *tv_sec,
2479 #ifdef HAVE_MONOTONIC_CLOCK
2481 clock_gettime (CLOCK_MONOTONIC, &ts);
2484 *tv_sec = ts.tv_sec;
2486 *tv_usec = ts.tv_nsec / 1000;
2488 gettimeofday (&t, NULL);
2493 *tv_usec = t.tv_usec;
2498 * Creates a directory; succeeds if the directory
2499 * is created or already existed.
2501 * @param filename directory filename
2502 * @param error initialized error object
2503 * @returns #TRUE on success
2506 _dbus_create_directory (const DBusString *filename,
2509 const char *filename_c;
2511 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
2513 filename_c = _dbus_string_get_const_data (filename);
2515 if (mkdir (filename_c, 0700) < 0)
2517 if (errno == EEXIST)
2520 dbus_set_error (error, DBUS_ERROR_FAILED,
2521 "Failed to create directory %s: %s\n",
2522 filename_c, _dbus_strerror (errno));
2530 * Appends the given filename to the given directory.
2532 * @todo it might be cute to collapse multiple '/' such as "foo//"
2535 * @param dir the directory name
2536 * @param next_component the filename
2537 * @returns #TRUE on success
2540 _dbus_concat_dir_and_file (DBusString *dir,
2541 const DBusString *next_component)
2543 dbus_bool_t dir_ends_in_slash;
2544 dbus_bool_t file_starts_with_slash;
2546 if (_dbus_string_get_length (dir) == 0 ||
2547 _dbus_string_get_length (next_component) == 0)
2550 dir_ends_in_slash = '/' == _dbus_string_get_byte (dir,
2551 _dbus_string_get_length (dir) - 1);
2553 file_starts_with_slash = '/' == _dbus_string_get_byte (next_component, 0);
2555 if (dir_ends_in_slash && file_starts_with_slash)
2557 _dbus_string_shorten (dir, 1);
2559 else if (!(dir_ends_in_slash || file_starts_with_slash))
2561 if (!_dbus_string_append_byte (dir, '/'))
2565 return _dbus_string_copy (next_component, 0, dir,
2566 _dbus_string_get_length (dir));
2569 /** nanoseconds in a second */
2570 #define NANOSECONDS_PER_SECOND 1000000000
2571 /** microseconds in a second */
2572 #define MICROSECONDS_PER_SECOND 1000000
2573 /** milliseconds in a second */
2574 #define MILLISECONDS_PER_SECOND 1000
2575 /** nanoseconds in a millisecond */
2576 #define NANOSECONDS_PER_MILLISECOND 1000000
2577 /** microseconds in a millisecond */
2578 #define MICROSECONDS_PER_MILLISECOND 1000
2581 * Sleeps the given number of milliseconds.
2582 * @param milliseconds number of milliseconds
2585 _dbus_sleep_milliseconds (int milliseconds)
2587 #ifdef HAVE_NANOSLEEP
2588 struct timespec req;
2589 struct timespec rem;
2591 req.tv_sec = milliseconds / MILLISECONDS_PER_SECOND;
2592 req.tv_nsec = (milliseconds % MILLISECONDS_PER_SECOND) * NANOSECONDS_PER_MILLISECOND;
2596 while (nanosleep (&req, &rem) < 0 && errno == EINTR)
2598 #elif defined (HAVE_USLEEP)
2599 usleep (milliseconds * MICROSECONDS_PER_MILLISECOND);
2600 #else /* ! HAVE_USLEEP */
2601 sleep (MAX (milliseconds / 1000, 1));
2606 _dbus_generate_pseudorandom_bytes (DBusString *str,
2612 old_len = _dbus_string_get_length (str);
2614 if (!_dbus_string_lengthen (str, n_bytes))
2617 p = _dbus_string_get_data_len (str, old_len, n_bytes);
2619 _dbus_generate_pseudorandom_bytes_buffer (p, n_bytes);
2625 * Generates the given number of random bytes,
2626 * using the best mechanism we can come up with.
2628 * @param str the string
2629 * @param n_bytes the number of random bytes to append to string
2630 * @returns #TRUE on success, #FALSE if no memory
2633 _dbus_generate_random_bytes (DBusString *str,
2639 /* FALSE return means "no memory", if it could
2640 * mean something else then we'd need to return
2641 * a DBusError. So we always fall back to pseudorandom
2645 old_len = _dbus_string_get_length (str);
2648 /* note, urandom on linux will fall back to pseudorandom */
2649 fd = open ("/dev/urandom", O_RDONLY);
2651 return _dbus_generate_pseudorandom_bytes (str, n_bytes);
2653 _dbus_verbose ("/dev/urandom fd %d opened\n", fd);
2655 if (_dbus_read (fd, str, n_bytes) != n_bytes)
2657 _dbus_close (fd, NULL);
2658 _dbus_string_set_length (str, old_len);
2659 return _dbus_generate_pseudorandom_bytes (str, n_bytes);
2662 _dbus_verbose ("Read %d bytes from /dev/urandom\n",
2665 _dbus_close (fd, NULL);
2671 * Exit the process, returning the given value.
2673 * @param code the exit code
2676 _dbus_exit (int code)
2682 * A wrapper around strerror() because some platforms
2683 * may be lame and not have strerror(). Also, never
2686 * @param error_number errno.
2687 * @returns error description.
2690 _dbus_strerror (int error_number)
2694 msg = strerror (error_number);
2702 * signal (SIGPIPE, SIG_IGN);
2705 _dbus_disable_sigpipe (void)
2707 signal (SIGPIPE, SIG_IGN);
2711 * Sets the file descriptor to be close
2712 * on exec. Should be called for all file
2713 * descriptors in D-Bus code.
2715 * @param fd the file descriptor
2718 _dbus_fd_set_close_on_exec (intptr_t fd)
2722 val = fcntl (fd, F_GETFD, 0);
2729 fcntl (fd, F_SETFD, val);
2733 * Closes a file descriptor.
2735 * @param fd the file descriptor
2736 * @param error error object
2737 * @returns #FALSE if error set
2740 _dbus_close (int fd,
2743 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
2751 dbus_set_error (error, _dbus_error_from_errno (errno),
2752 "Could not close fd %d", fd);
2760 * Duplicates a file descriptor. Makes sure the fd returned is >= 3
2761 * (i.e. avoids stdin/stdout/stderr). Sets O_CLOEXEC.
2763 * @param fd the file descriptor to duplicate
2764 * @returns duplicated file descriptor
2772 #ifdef F_DUPFD_CLOEXEC
2773 dbus_bool_t cloexec_done;
2775 new_fd = fcntl(fd, F_DUPFD_CLOEXEC, 3);
2776 cloexec_done = new_fd >= 0;
2778 if (new_fd < 0 && errno == EINVAL)
2781 new_fd = fcntl(fd, F_DUPFD, 3);
2786 dbus_set_error (error, _dbus_error_from_errno (errno),
2787 "Could not duplicate fd %d", fd);
2791 #ifdef F_DUPFD_CLOEXEC
2795 _dbus_fd_set_close_on_exec(new_fd);
2802 * Sets a file descriptor to be nonblocking.
2804 * @param fd the file descriptor.
2805 * @param error address of error location.
2806 * @returns #TRUE on success.
2809 _dbus_set_fd_nonblocking (int fd,
2814 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
2816 val = fcntl (fd, F_GETFL, 0);
2819 dbus_set_error (error, _dbus_error_from_errno (errno),
2820 "Failed to get flags from file descriptor %d: %s",
2821 fd, _dbus_strerror (errno));
2822 _dbus_verbose ("Failed to get flags for fd %d: %s\n", fd,
2823 _dbus_strerror (errno));
2827 if (fcntl (fd, F_SETFL, val | O_NONBLOCK) < 0)
2829 dbus_set_error (error, _dbus_error_from_errno (errno),
2830 "Failed to set nonblocking flag of file descriptor %d: %s",
2831 fd, _dbus_strerror (errno));
2832 _dbus_verbose ("Failed to set fd %d nonblocking: %s\n",
2833 fd, _dbus_strerror (errno));
2842 * On GNU libc systems, print a crude backtrace to stderr. On other
2843 * systems, print "no backtrace support" and block for possible gdb
2844 * attachment if an appropriate environment variable is set.
2847 _dbus_print_backtrace (void)
2849 #if defined (HAVE_BACKTRACE) && defined (DBUS_BUILT_R_DYNAMIC)
2855 bt_size = backtrace (bt, 500);
2857 syms = backtrace_symbols (bt, bt_size);
2862 /* don't use dbus_warn since it can _dbus_abort() */
2863 fprintf (stderr, " %s\n", syms[i]);
2869 #elif defined (HAVE_BACKTRACE) && ! defined (DBUS_BUILT_R_DYNAMIC)
2870 fprintf (stderr, " D-Bus not built with -rdynamic so unable to print a backtrace\n");
2872 fprintf (stderr, " D-Bus not compiled with backtrace support so unable to print a backtrace\n");
2877 * Creates a full-duplex pipe (as in socketpair()).
2878 * Sets both ends of the pipe nonblocking.
2880 * Marks both file descriptors as close-on-exec
2882 * @todo libdbus only uses this for the debug-pipe server, so in
2883 * principle it could be in dbus-sysdeps-util.c, except that
2884 * dbus-sysdeps-util.c isn't in libdbus when tests are enabled and the
2885 * debug-pipe server is used.
2887 * @param fd1 return location for one end
2888 * @param fd2 return location for the other end
2889 * @param blocking #TRUE if pipe should be blocking
2890 * @param error error return
2891 * @returns #FALSE on failure (if error is set)
2894 _dbus_full_duplex_pipe (int *fd1,
2896 dbus_bool_t blocking,
2899 #ifdef HAVE_SOCKETPAIR
2904 dbus_bool_t cloexec_done;
2906 retval = socketpair(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0, fds);
2907 cloexec_done = retval >= 0;
2909 if (retval < 0 && errno == EINVAL)
2912 retval = socketpair(AF_UNIX, SOCK_STREAM, 0, fds);
2917 dbus_set_error (error, _dbus_error_from_errno (errno),
2918 "Could not create full-duplex pipe");
2922 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
2928 _dbus_fd_set_close_on_exec (fds[0]);
2929 _dbus_fd_set_close_on_exec (fds[1]);
2933 (!_dbus_set_fd_nonblocking (fds[0], NULL) ||
2934 !_dbus_set_fd_nonblocking (fds[1], NULL)))
2936 dbus_set_error (error, _dbus_error_from_errno (errno),
2937 "Could not set full-duplex pipe nonblocking");
2939 _dbus_close (fds[0], NULL);
2940 _dbus_close (fds[1], NULL);
2948 _dbus_verbose ("full-duplex pipe %d <-> %d\n",
2953 _dbus_warn ("_dbus_full_duplex_pipe() not implemented on this OS\n");
2954 dbus_set_error (error, DBUS_ERROR_FAILED,
2955 "_dbus_full_duplex_pipe() not implemented on this OS");
2961 * Measure the length of the given format string and arguments,
2962 * not including the terminating nul.
2964 * @param format a printf-style format string
2965 * @param args arguments for the format string
2966 * @returns length of the given format string and args
2969 _dbus_printf_string_upper_bound (const char *format,
2973 return vsnprintf (&c, 1, format, args);
2977 * Gets the temporary files directory by inspecting the environment variables
2978 * TMPDIR, TMP, and TEMP in that order. If none of those are set "/tmp" is returned
2980 * @returns location of temp directory
2983 _dbus_get_tmpdir(void)
2985 static const char* tmpdir = NULL;
2989 /* TMPDIR is what glibc uses, then
2990 * glibc falls back to the P_tmpdir macro which
2991 * just expands to "/tmp"
2994 tmpdir = getenv("TMPDIR");
2996 /* These two env variables are probably
2997 * broken, but maybe some OS uses them?
3000 tmpdir = getenv("TMP");
3002 tmpdir = getenv("TEMP");
3004 /* And this is the sane fallback. */
3009 _dbus_assert(tmpdir != NULL);
3015 * Execute a subprocess, returning up to 1024 bytes of output
3018 * If successful, returns #TRUE and appends the output to @p
3019 * result. If a failure happens, returns #FALSE and
3020 * sets an error in @p error.
3022 * @note It's not an error if the subprocess terminates normally
3023 * without writing any data to stdout. Verify the @p result length
3024 * before and after this function call to cover this case.
3026 * @param progname initial path to exec (may or may not be absolute)
3027 * @param path_fallback if %TRUE, search PATH for executable
3028 * @param argv NULL-terminated list of arguments
3029 * @param result a DBusString where the output can be append
3030 * @param error a DBusError to store the error in case of failure
3031 * @returns #TRUE on success, #FALSE if an error happened
3034 _read_subprocess_line_argv (const char *progpath,
3035 dbus_bool_t path_fallback,
3040 int result_pipe[2] = { -1, -1 };
3041 int errors_pipe[2] = { -1, -1 };
3049 sigset_t new_set, old_set;
3051 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
3054 /* We need to block any existing handlers for SIGCHLD temporarily; they
3055 * will cause waitpid() below to fail.
3056 * https://bugs.freedesktop.org/show_bug.cgi?id=21347
3058 sigemptyset (&new_set);
3059 sigaddset (&new_set, SIGCHLD);
3060 sigprocmask (SIG_BLOCK, &new_set, &old_set);
3062 orig_len = _dbus_string_get_length (result);
3066 if (pipe (result_pipe) < 0)
3068 dbus_set_error (error, _dbus_error_from_errno (errno),
3069 "Failed to create a pipe to call %s: %s",
3070 progpath, _dbus_strerror (errno));
3071 _dbus_verbose ("Failed to create a pipe to call %s: %s\n",
3072 progpath, _dbus_strerror (errno));
3075 if (pipe (errors_pipe) < 0)
3077 dbus_set_error (error, _dbus_error_from_errno (errno),
3078 "Failed to create a pipe to call %s: %s",
3079 progpath, _dbus_strerror (errno));
3080 _dbus_verbose ("Failed to create a pipe to call %s: %s\n",
3081 progpath, _dbus_strerror (errno));
3088 dbus_set_error (error, _dbus_error_from_errno (errno),
3089 "Failed to fork() to call %s: %s",
3090 progpath, _dbus_strerror (errno));
3091 _dbus_verbose ("Failed to fork() to call %s: %s\n",
3092 progpath, _dbus_strerror (errno));
3102 fd = open ("/dev/null", O_RDWR);
3104 /* huh?! can't open /dev/null? */
3107 _dbus_verbose ("/dev/null fd %d opened\n", fd);
3110 close (result_pipe[READ_END]);
3111 close (errors_pipe[READ_END]);
3112 close (0); /* close stdin */
3113 close (1); /* close stdout */
3114 close (2); /* close stderr */
3116 if (dup2 (fd, 0) == -1)
3118 if (dup2 (result_pipe[WRITE_END], 1) == -1)
3120 if (dup2 (errors_pipe[WRITE_END], 2) == -1)
3123 maxfds = sysconf (_SC_OPEN_MAX);
3124 /* Pick something reasonable if for some reason sysconf
3129 /* close all inherited fds */
3130 for (i = 3; i < maxfds; i++)
3133 sigprocmask (SIG_SETMASK, &old_set, NULL);
3135 /* If it looks fully-qualified, try execv first */
3136 if (progpath[0] == '/')
3138 execv (progpath, argv);
3139 /* Ok, that failed. Now if path_fallback is given, let's
3140 * try unqualified. This is mostly a hack to work
3141 * around systems which ship dbus-launch in /usr/bin
3142 * but everything else in /bin (because dbus-launch
3146 /* We must have a slash, because we checked above */
3147 execvp (strrchr (progpath, '/')+1, argv);
3150 execvp (progpath, argv);
3152 /* still nothing, we failed */
3156 /* parent process */
3157 close (result_pipe[WRITE_END]);
3158 close (errors_pipe[WRITE_END]);
3159 result_pipe[WRITE_END] = -1;
3160 errors_pipe[WRITE_END] = -1;
3165 ret = _dbus_read (result_pipe[READ_END], result, 1024);
3169 /* reap the child process to avoid it lingering as zombie */
3172 ret = waitpid (pid, &status, 0);
3174 while (ret == -1 && errno == EINTR);
3176 /* We succeeded if the process exited with status 0 and
3177 anything was read */
3178 if (!WIFEXITED (status) || WEXITSTATUS (status) != 0 )
3180 /* The process ended with error */
3181 DBusString error_message;
3182 if (!_dbus_string_init (&error_message))
3184 _DBUS_SET_OOM (error);
3191 ret = _dbus_read (errors_pipe[READ_END], &error_message, 1024);
3195 _dbus_string_set_length (result, orig_len);
3196 if (_dbus_string_get_length (&error_message) > 0)
3197 dbus_set_error (error, DBUS_ERROR_SPAWN_EXEC_FAILED,
3198 "%s terminated abnormally with the following error: %s",
3199 progpath, _dbus_string_get_data (&error_message));
3201 dbus_set_error (error, DBUS_ERROR_SPAWN_EXEC_FAILED,
3202 "%s terminated abnormally without any error message",
3210 sigprocmask (SIG_SETMASK, &old_set, NULL);
3213 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
3215 _DBUS_ASSERT_ERROR_IS_SET (error);
3217 if (result_pipe[0] != -1)
3218 close (result_pipe[0]);
3219 if (result_pipe[1] != -1)
3220 close (result_pipe[1]);
3221 if (errors_pipe[0] != -1)
3222 close (errors_pipe[0]);
3223 if (errors_pipe[1] != -1)
3224 close (errors_pipe[1]);
3230 * Returns the address of a new session bus.
3232 * If successful, returns #TRUE and appends the address to @p
3233 * address. If a failure happens, returns #FALSE and
3234 * sets an error in @p error.
3236 * @param address a DBusString where the address can be stored
3237 * @param error a DBusError to store the error in case of failure
3238 * @returns #TRUE on success, #FALSE if an error happened
3241 _dbus_get_autolaunch_address (const char *scope,
3242 DBusString *address,
3245 #ifdef DBUS_ENABLE_X11_AUTOLAUNCH
3246 /* Perform X11-based autolaunch. (We also support launchd-based autolaunch,
3247 * but that's done elsewhere, and if it worked, this function wouldn't
3249 const char *display;
3250 static char *argv[6];
3255 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
3258 /* fd.o #19997: if $DISPLAY isn't set to something useful, then
3259 * dbus-launch-x11 is just going to fail. Rather than trying to
3260 * run it, we might as well bail out early with a nice error. */
3261 display = _dbus_getenv ("DISPLAY");
3263 if (display == NULL || display[0] == '\0')
3265 dbus_set_error_const (error, DBUS_ERROR_NOT_SUPPORTED,
3266 "Unable to autolaunch a dbus-daemon without a $DISPLAY for X11");
3270 if (!_dbus_string_init (&uuid))
3272 _DBUS_SET_OOM (error);
3276 if (!_dbus_get_local_machine_uuid_encoded (&uuid))
3278 _DBUS_SET_OOM (error);
3283 argv[i] = "dbus-launch";
3285 argv[i] = "--autolaunch";
3287 argv[i] = _dbus_string_get_data (&uuid);
3289 argv[i] = "--binary-syntax";
3291 argv[i] = "--close-stderr";
3296 _dbus_assert (i == _DBUS_N_ELEMENTS (argv));
3298 retval = _read_subprocess_line_argv (DBUS_BINDIR "/dbus-launch",
3300 argv, address, error);
3303 _dbus_string_free (&uuid);
3306 dbus_set_error_const (error, DBUS_ERROR_NOT_SUPPORTED,
3307 "Using X11 for dbus-daemon autolaunch was disabled at compile time, "
3308 "set your DBUS_SESSION_BUS_ADDRESS instead");
3314 * Reads the uuid of the machine we're running on from
3315 * the dbus configuration. Optionally try to create it
3316 * (only root can do this usually).
3318 * On UNIX, reads a file that gets created by dbus-uuidgen
3319 * in a post-install script. On Windows, if there's a standard
3320 * machine uuid we could just use that, but I can't find one
3321 * with the right properties (the hardware profile guid can change
3322 * without rebooting I believe). If there's no standard one
3323 * we might want to use the registry instead of a file for
3324 * this, and I'm not sure how we'd ensure the uuid gets created.
3326 * @param machine_id guid to init with the machine's uuid
3327 * @param create_if_not_found try to create the uuid if it doesn't exist
3328 * @param error the error return
3329 * @returns #FALSE if the error is set
3332 _dbus_read_local_machine_uuid (DBusGUID *machine_id,
3333 dbus_bool_t create_if_not_found,
3336 DBusString filename;
3339 _dbus_string_init_const (&filename, DBUS_MACHINE_UUID_FILE);
3341 b = _dbus_read_uuid_file (&filename, machine_id, create_if_not_found, error);
3345 dbus_error_free (error);
3347 /* Fallback to the system machine ID */
3348 _dbus_string_init_const (&filename, "/etc/machine-id");
3349 return _dbus_read_uuid_file (&filename, machine_id, FALSE, error);
3352 #define DBUS_UNIX_STANDARD_SESSION_SERVICEDIR "/dbus-1/services"
3353 #define DBUS_UNIX_STANDARD_SYSTEM_SERVICEDIR "/dbus-1/system-services"
3356 * quries launchd for a specific env var which holds the socket path.
3357 * @param launchd_env_var the env var to look up
3358 * @param error a DBusError to store the error in case of failure
3359 * @return the value of the env var
3362 _dbus_lookup_launchd_socket (DBusString *socket_path,
3363 const char *launchd_env_var,
3366 #ifdef DBUS_ENABLE_LAUNCHD
3370 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
3373 argv[i] = "launchctl";
3377 argv[i] = (char*)launchd_env_var;
3382 _dbus_assert (i == _DBUS_N_ELEMENTS (argv));
3384 if (!_read_subprocess_line_argv(argv[0], TRUE, argv, socket_path, error))
3389 /* no error, but no result either */
3390 if (_dbus_string_get_length(socket_path) == 0)
3395 /* strip the carriage-return */
3396 _dbus_string_shorten(socket_path, 1);
3398 #else /* DBUS_ENABLE_LAUNCHD */
3399 dbus_set_error(error, DBUS_ERROR_NOT_SUPPORTED,
3400 "can't lookup socket from launchd; launchd support not compiled in");
3406 _dbus_lookup_session_address_launchd (DBusString *address, DBusError *error)
3408 #ifdef DBUS_ENABLE_LAUNCHD
3409 dbus_bool_t valid_socket;
3410 DBusString socket_path;
3412 if (!_dbus_string_init (&socket_path))
3414 _DBUS_SET_OOM (error);
3418 valid_socket = _dbus_lookup_launchd_socket (&socket_path, "DBUS_LAUNCHD_SESSION_BUS_SOCKET", error);
3420 if (dbus_error_is_set(error))
3422 _dbus_string_free(&socket_path);
3428 dbus_set_error(error, "no socket path",
3429 "launchd did not provide a socket path, "
3430 "verify that org.freedesktop.dbus-session.plist is loaded!");
3431 _dbus_string_free(&socket_path);
3434 if (!_dbus_string_append (address, "unix:path="))
3436 _DBUS_SET_OOM (error);
3437 _dbus_string_free(&socket_path);
3440 if (!_dbus_string_copy (&socket_path, 0, address,
3441 _dbus_string_get_length (address)))
3443 _DBUS_SET_OOM (error);
3444 _dbus_string_free(&socket_path);
3448 _dbus_string_free(&socket_path);
3451 dbus_set_error(error, DBUS_ERROR_NOT_SUPPORTED,
3452 "can't lookup session address from launchd; launchd support not compiled in");
3458 * Determines the address of the session bus by querying a
3459 * platform-specific method.
3461 * The first parameter will be a boolean specifying whether
3462 * or not a dynamic session lookup is supported on this platform.
3464 * If supported is TRUE and the return value is #TRUE, the
3465 * address will be appended to @p address.
3466 * If a failure happens, returns #FALSE and sets an error in
3469 * If supported is FALSE, ignore the return value.
3471 * @param supported returns whether this method is supported
3472 * @param address a DBusString where the address can be stored
3473 * @param error a DBusError to store the error in case of failure
3474 * @returns #TRUE on success, #FALSE if an error happened
3477 _dbus_lookup_session_address (dbus_bool_t *supported,
3478 DBusString *address,
3481 #ifdef DBUS_ENABLE_LAUNCHD
3483 return _dbus_lookup_session_address_launchd (address, error);
3485 /* On non-Mac Unix platforms, if the session address isn't already
3486 * set in DBUS_SESSION_BUS_ADDRESS environment variable, we punt and
3487 * fall back to the autolaunch: global default; see
3488 * init_session_address in dbus/dbus-bus.c. */
3495 * Returns the standard directories for a session bus to look for service
3498 * On UNIX this should be the standard xdg freedesktop.org data directories:
3500 * XDG_DATA_HOME=${XDG_DATA_HOME-$HOME/.local/share}
3501 * XDG_DATA_DIRS=${XDG_DATA_DIRS-/usr/local/share:/usr/share}
3507 * @param dirs the directory list we are returning
3508 * @returns #FALSE on OOM
3512 _dbus_get_standard_session_servicedirs (DBusList **dirs)
3514 const char *xdg_data_home;
3515 const char *xdg_data_dirs;
3516 DBusString servicedir_path;
3518 if (!_dbus_string_init (&servicedir_path))
3521 xdg_data_home = _dbus_getenv ("XDG_DATA_HOME");
3522 xdg_data_dirs = _dbus_getenv ("XDG_DATA_DIRS");
3524 if (xdg_data_home != NULL)
3526 if (!_dbus_string_append (&servicedir_path, xdg_data_home))
3531 const DBusString *homedir;
3532 DBusString local_share;
3534 if (!_dbus_homedir_from_current_process (&homedir))
3537 if (!_dbus_string_append (&servicedir_path, _dbus_string_get_const_data (homedir)))
3540 _dbus_string_init_const (&local_share, "/.local/share");
3541 if (!_dbus_concat_dir_and_file (&servicedir_path, &local_share))
3545 if (!_dbus_string_append (&servicedir_path, ":"))
3548 if (xdg_data_dirs != NULL)
3550 if (!_dbus_string_append (&servicedir_path, xdg_data_dirs))
3553 if (!_dbus_string_append (&servicedir_path, ":"))
3558 if (!_dbus_string_append (&servicedir_path, "/usr/local/share:/usr/share:"))
3563 * add configured datadir to defaults
3564 * this may be the same as an xdg dir
3565 * however the config parser should take
3566 * care of duplicates
3568 if (!_dbus_string_append (&servicedir_path, DBUS_DATADIR))
3571 if (!_dbus_split_paths_and_append (&servicedir_path,
3572 DBUS_UNIX_STANDARD_SESSION_SERVICEDIR,
3576 _dbus_string_free (&servicedir_path);
3580 _dbus_string_free (&servicedir_path);
3586 * Returns the standard directories for a system bus to look for service
3589 * On UNIX this should be the standard xdg freedesktop.org data directories:
3591 * XDG_DATA_DIRS=${XDG_DATA_DIRS-/usr/local/share:/usr/share}
3597 * On Windows there is no system bus and this function can return nothing.
3599 * @param dirs the directory list we are returning
3600 * @returns #FALSE on OOM
3604 _dbus_get_standard_system_servicedirs (DBusList **dirs)
3606 const char *xdg_data_dirs;
3607 DBusString servicedir_path;
3609 if (!_dbus_string_init (&servicedir_path))
3612 xdg_data_dirs = _dbus_getenv ("XDG_DATA_DIRS");
3614 if (xdg_data_dirs != NULL)
3616 if (!_dbus_string_append (&servicedir_path, xdg_data_dirs))
3619 if (!_dbus_string_append (&servicedir_path, ":"))
3624 if (!_dbus_string_append (&servicedir_path, "/usr/local/share:/usr/share:"))
3629 * add configured datadir to defaults
3630 * this may be the same as an xdg dir
3631 * however the config parser should take
3632 * care of duplicates
3634 if (!_dbus_string_append (&servicedir_path, DBUS_DATADIR":"))
3637 if (!_dbus_split_paths_and_append (&servicedir_path,
3638 DBUS_UNIX_STANDARD_SYSTEM_SERVICEDIR,
3642 _dbus_string_free (&servicedir_path);
3646 _dbus_string_free (&servicedir_path);
3651 * Append the absolute path of the system.conf file
3652 * (there is no system bus on Windows so this can just
3653 * return FALSE and print a warning or something)
3655 * @param str the string to append to
3656 * @returns #FALSE if no memory
3659 _dbus_append_system_config_file (DBusString *str)
3661 return _dbus_string_append (str, DBUS_SYSTEM_CONFIG_FILE);
3665 * Append the absolute path of the session.conf file.
3667 * @param str the string to append to
3668 * @returns #FALSE if no memory
3671 _dbus_append_session_config_file (DBusString *str)
3673 return _dbus_string_append (str, DBUS_SESSION_CONFIG_FILE);
3677 * Called when the bus daemon is signaled to reload its configuration; any
3678 * caches should be nuked. Of course any caches that need explicit reload
3679 * are probably broken, but c'est la vie.
3684 _dbus_flush_caches (void)
3686 _dbus_user_database_flush_system ();
3690 * Appends the directory in which a keyring for the given credentials
3691 * should be stored. The credentials should have either a Windows or
3692 * UNIX user in them. The directory should be an absolute path.
3694 * On UNIX the directory is ~/.dbus-keyrings while on Windows it should probably
3695 * be something else, since the dotfile convention is not normal on Windows.
3697 * @param directory string to append directory to
3698 * @param credentials credentials the directory should be for
3700 * @returns #FALSE on no memory
3703 _dbus_append_keyring_directory_for_credentials (DBusString *directory,
3704 DBusCredentials *credentials)
3710 _dbus_assert (credentials != NULL);
3711 _dbus_assert (!_dbus_credentials_are_anonymous (credentials));
3713 if (!_dbus_string_init (&homedir))
3716 uid = _dbus_credentials_get_unix_uid (credentials);
3717 _dbus_assert (uid != DBUS_UID_UNSET);
3719 if (!_dbus_homedir_from_uid (uid, &homedir))
3722 #ifdef DBUS_BUILD_TESTS
3724 const char *override;
3726 override = _dbus_getenv ("DBUS_TEST_HOMEDIR");
3727 if (override != NULL && *override != '\0')
3729 _dbus_string_set_length (&homedir, 0);
3730 if (!_dbus_string_append (&homedir, override))
3733 _dbus_verbose ("Using fake homedir for testing: %s\n",
3734 _dbus_string_get_const_data (&homedir));
3738 static dbus_bool_t already_warned = FALSE;
3739 if (!already_warned)
3741 _dbus_warn ("Using your real home directory for testing, set DBUS_TEST_HOMEDIR to avoid\n");
3742 already_warned = TRUE;
3748 _dbus_string_init_const (&dotdir, ".dbus-keyrings");
3749 if (!_dbus_concat_dir_and_file (&homedir,
3753 if (!_dbus_string_copy (&homedir, 0,
3754 directory, _dbus_string_get_length (directory))) {
3758 _dbus_string_free (&homedir);
3762 _dbus_string_free (&homedir);
3766 //PENDING(kdab) docs
3768 _dbus_daemon_publish_session_bus_address (const char* addr,
3774 //PENDING(kdab) docs
3776 _dbus_daemon_unpublish_session_bus_address (void)
3782 * See if errno is EAGAIN or EWOULDBLOCK (this has to be done differently
3783 * for Winsock so is abstracted)
3785 * @returns #TRUE if errno == EAGAIN or errno == EWOULDBLOCK
3788 _dbus_get_is_errno_eagain_or_ewouldblock (void)
3790 return errno == EAGAIN || errno == EWOULDBLOCK;
3794 * Removes a directory; Directory must be empty
3796 * @param filename directory filename
3797 * @param error initialized error object
3798 * @returns #TRUE on success
3801 _dbus_delete_directory (const DBusString *filename,
3804 const char *filename_c;
3806 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
3808 filename_c = _dbus_string_get_const_data (filename);
3810 if (rmdir (filename_c) != 0)
3812 dbus_set_error (error, DBUS_ERROR_FAILED,
3813 "Failed to remove directory %s: %s\n",
3814 filename_c, _dbus_strerror (errno));
3822 * Checks whether file descriptors may be passed via the socket
3824 * @param fd the socket
3825 * @return TRUE when fd passing over this socket is supported
3829 _dbus_socket_can_pass_unix_fd(int fd) {
3834 struct sockaddr_storage storage;
3835 struct sockaddr_un un;
3838 socklen_t sa_len = sizeof(sa_buf);
3842 if (getsockname(fd, &sa_buf.sa, &sa_len) < 0)
3845 return sa_buf.sa.sa_family == AF_UNIX;
3855 * replaces the term DBUS_PREFIX in configure_time_path by the
3856 * current dbus installation directory. On unix this function is a noop
3858 * @param configure_time_path
3862 _dbus_replace_install_prefix (const char *configure_time_path)
3864 return configure_time_path;
3867 /* tests in dbus-sysdeps-util.c */
projects / platform / upstream / dbus.git / blob