1 /* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
2 /* dbus-sysdeps-unix.c Wrappers around UNIX system/libc features (internal to D-Bus implementation)
4 * Copyright (C) 2002, 2003, 2006 Red Hat, Inc.
5 * Copyright (C) 2003 CodeFactory AB
7 * Licensed under the Academic Free License version 2.1
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
27 #include "dbus-internals.h"
28 #include "dbus-sysdeps.h"
29 #include "dbus-sysdeps-unix.h"
30 #include "dbus-threads.h"
31 #include "dbus-protocol.h"
32 #include "dbus-transport.h"
33 #include "dbus-string.h"
34 #include "dbus-userdb.h"
35 #include "dbus-list.h"
36 #include "dbus-credentials.h"
37 #include "dbus-nonce.h"
39 #include <sys/types.h>
46 #include <sys/socket.h>
55 #include <netinet/in.h>
71 #ifdef HAVE_GETPEERUCRED
79 #include "sd-daemon.h"
86 #define AI_ADDRCONFIG 0
89 #ifndef HAVE_SOCKLEN_T
93 #if defined (__sun) || defined (__sun__)
95 * CMS_SPACE etc. definitions for Solaris < 10, based on
96 * http://mailman.videolan.org/pipermail/vlc-devel/2006-May/024402.html
98 * http://wiki.opencsw.org/porting-faq#toc10
100 * These are only redefined for Solaris, for now: if your OS needs these too,
101 * please file a bug. (Or preferably, improve your OS so they're not needed.)
106 # define CMSG_ALIGN(len) _CMSG_DATA_ALIGN (len)
108 /* aligning to sizeof (long) is assumed to be portable (fd.o#40235) */
109 # define CMSG_ALIGN(len) (((len) + sizeof (long) - 1) & \
110 ~(sizeof (long) - 1))
115 # define CMSG_SPACE(len) (CMSG_ALIGN (sizeof (struct cmsghdr)) + \
120 # define CMSG_LEN(len) (CMSG_ALIGN (sizeof (struct cmsghdr)) + (len))
126 _dbus_open_socket (int *fd_p,
133 dbus_bool_t cloexec_done;
135 *fd_p = socket (domain, type | SOCK_CLOEXEC, protocol);
136 cloexec_done = *fd_p >= 0;
138 /* Check if kernel seems to be too old to know SOCK_CLOEXEC */
139 if (*fd_p < 0 && errno == EINVAL)
142 *fd_p = socket (domain, type, protocol);
151 _dbus_fd_set_close_on_exec(*fd_p);
154 _dbus_verbose ("socket fd %d opened\n", *fd_p);
159 dbus_set_error(error,
160 _dbus_error_from_errno (errno),
161 "Failed to open socket: %s",
162 _dbus_strerror (errno));
168 _dbus_open_tcp_socket (int *fd,
171 return _dbus_open_socket(fd, AF_INET, SOCK_STREAM, 0, error);
175 * Opens a UNIX domain socket (as in the socket() call).
176 * Does not bind the socket.
178 * This will set FD_CLOEXEC for the socket returned
180 * @param fd return location for socket descriptor
181 * @param error return location for an error
182 * @returns #FALSE if error is set
185 _dbus_open_unix_socket (int *fd,
188 return _dbus_open_socket(fd, PF_UNIX, SOCK_STREAM, 0, error);
192 * Closes a socket. Should not be used on non-socket
193 * file descriptors or handles.
195 * @param fd the socket
196 * @param error return location for an error
197 * @returns #FALSE if error is set
200 _dbus_close_socket (int fd,
203 return _dbus_close (fd, error);
207 * Like _dbus_read(), but only works on sockets so is
208 * available on Windows.
210 * @param fd the socket
211 * @param buffer string to append data to
212 * @param count max amount of data to read
213 * @returns number of bytes appended to the string
216 _dbus_read_socket (int fd,
220 return _dbus_read (fd, buffer, count);
224 * Like _dbus_write(), but only supports sockets
225 * and is thus available on Windows.
227 * @param fd the file descriptor to write
228 * @param buffer the buffer to write data from
229 * @param start the first byte in the buffer to write
230 * @param len the number of bytes to try to write
231 * @returns the number of bytes written or -1 on error
234 _dbus_write_socket (int fd,
235 const DBusString *buffer,
239 #if HAVE_DECL_MSG_NOSIGNAL
243 data = _dbus_string_get_const_data_len (buffer, start, len);
247 bytes_written = send (fd, data, len, MSG_NOSIGNAL);
249 if (bytes_written < 0 && errno == EINTR)
252 return bytes_written;
255 return _dbus_write (fd, buffer, start, len);
260 * Like _dbus_read_socket() but also tries to read unix fds from the
261 * socket. When there are more fds to read than space in the array
262 * passed this function will fail with ENOSPC.
264 * @param fd the socket
265 * @param buffer string to append data to
266 * @param count max amount of data to read
267 * @param fds array to place read file descriptors in
268 * @param n_fds on input space in fds array, on output how many fds actually got read
269 * @returns number of bytes appended to string
272 _dbus_read_socket_with_unix_fds (int fd,
277 #ifndef HAVE_UNIX_FD_PASSING
280 if ((r = _dbus_read_socket(fd, buffer, count)) < 0)
292 _dbus_assert (count >= 0);
293 _dbus_assert (*n_fds >= 0);
295 start = _dbus_string_get_length (buffer);
297 if (!_dbus_string_lengthen (buffer, count))
304 iov.iov_base = _dbus_string_get_data_len (buffer, start, count);
311 /* Hmm, we have no clue how long the control data will actually be
312 that is queued for us. The least we can do is assume that the
313 caller knows. Hence let's make space for the number of fds that
314 we shall read at max plus the cmsg header. */
315 m.msg_controllen = CMSG_SPACE(*n_fds * sizeof(int));
317 /* It's probably safe to assume that systems with SCM_RIGHTS also
319 m.msg_control = alloca(m.msg_controllen);
320 memset(m.msg_control, 0, m.msg_controllen);
324 bytes_read = recvmsg(fd, &m, 0
325 #ifdef MSG_CMSG_CLOEXEC
336 /* put length back (note that this doesn't actually realloc anything) */
337 _dbus_string_set_length (buffer, start);
344 dbus_bool_t found = FALSE;
346 if (m.msg_flags & MSG_CTRUNC)
348 /* Hmm, apparently the control data was truncated. The bad
349 thing is that we might have completely lost a couple of fds
350 without chance to recover them. Hence let's treat this as a
354 _dbus_string_set_length (buffer, start);
358 for (cm = CMSG_FIRSTHDR(&m); cm; cm = CMSG_NXTHDR(&m, cm))
359 if (cm->cmsg_level == SOL_SOCKET && cm->cmsg_type == SCM_RIGHTS)
363 _dbus_assert(cm->cmsg_len <= CMSG_LEN(*n_fds * sizeof(int)));
364 *n_fds = (cm->cmsg_len - CMSG_LEN(0)) / sizeof(int);
366 memcpy(fds, CMSG_DATA(cm), *n_fds * sizeof(int));
369 /* Linux doesn't tell us whether MSG_CMSG_CLOEXEC actually
370 worked, hence we need to go through this list and set
371 CLOEXEC everywhere in any case */
372 for (i = 0; i < *n_fds; i++)
373 _dbus_fd_set_close_on_exec(fds[i]);
381 /* put length back (doesn't actually realloc) */
382 _dbus_string_set_length (buffer, start + bytes_read);
386 _dbus_verbose_bytes_of_string (buffer, start, bytes_read);
395 _dbus_write_socket_with_unix_fds(int fd,
396 const DBusString *buffer,
402 #ifndef HAVE_UNIX_FD_PASSING
409 return _dbus_write_socket(fd, buffer, start, len);
411 return _dbus_write_socket_with_unix_fds_two(fd, buffer, start, len, NULL, 0, 0, fds, n_fds);
416 _dbus_write_socket_with_unix_fds_two(int fd,
417 const DBusString *buffer1,
420 const DBusString *buffer2,
426 #ifndef HAVE_UNIX_FD_PASSING
433 return _dbus_write_socket_two(fd,
434 buffer1, start1, len1,
435 buffer2, start2, len2);
443 _dbus_assert (len1 >= 0);
444 _dbus_assert (len2 >= 0);
445 _dbus_assert (n_fds >= 0);
448 iov[0].iov_base = (char*) _dbus_string_get_const_data_len (buffer1, start1, len1);
449 iov[0].iov_len = len1;
453 iov[1].iov_base = (char*) _dbus_string_get_const_data_len (buffer2, start2, len2);
454 iov[1].iov_len = len2;
459 m.msg_iovlen = buffer2 ? 2 : 1;
463 m.msg_controllen = CMSG_SPACE(n_fds * sizeof(int));
464 m.msg_control = alloca(m.msg_controllen);
465 memset(m.msg_control, 0, m.msg_controllen);
467 cm = CMSG_FIRSTHDR(&m);
468 cm->cmsg_level = SOL_SOCKET;
469 cm->cmsg_type = SCM_RIGHTS;
470 cm->cmsg_len = CMSG_LEN(n_fds * sizeof(int));
471 memcpy(CMSG_DATA(cm), fds, n_fds * sizeof(int));
476 bytes_written = sendmsg (fd, &m, 0
477 #if HAVE_DECL_MSG_NOSIGNAL
482 if (bytes_written < 0 && errno == EINTR)
486 if (bytes_written > 0)
487 _dbus_verbose_bytes_of_string (buffer, start, bytes_written);
490 return bytes_written;
495 * Like _dbus_write_two() but only works on sockets and is thus
496 * available on Windows.
498 * @param fd the file descriptor
499 * @param buffer1 first buffer
500 * @param start1 first byte to write in first buffer
501 * @param len1 number of bytes to write from first buffer
502 * @param buffer2 second buffer, or #NULL
503 * @param start2 first byte to write in second buffer
504 * @param len2 number of bytes to write in second buffer
505 * @returns total bytes written from both buffers, or -1 on error
508 _dbus_write_socket_two (int fd,
509 const DBusString *buffer1,
512 const DBusString *buffer2,
516 #if HAVE_DECL_MSG_NOSIGNAL
517 struct iovec vectors[2];
523 _dbus_assert (buffer1 != NULL);
524 _dbus_assert (start1 >= 0);
525 _dbus_assert (start2 >= 0);
526 _dbus_assert (len1 >= 0);
527 _dbus_assert (len2 >= 0);
529 data1 = _dbus_string_get_const_data_len (buffer1, start1, len1);
532 data2 = _dbus_string_get_const_data_len (buffer2, start2, len2);
540 vectors[0].iov_base = (char*) data1;
541 vectors[0].iov_len = len1;
542 vectors[1].iov_base = (char*) data2;
543 vectors[1].iov_len = len2;
547 m.msg_iovlen = data2 ? 2 : 1;
551 bytes_written = sendmsg (fd, &m, MSG_NOSIGNAL);
553 if (bytes_written < 0 && errno == EINTR)
556 return bytes_written;
559 return _dbus_write_two (fd, buffer1, start1, len1,
560 buffer2, start2, len2);
565 _dbus_socket_is_invalid (int fd)
567 return fd < 0 ? TRUE : FALSE;
571 * Thin wrapper around the read() system call that appends
572 * the data it reads to the DBusString buffer. It appends
573 * up to the given count, and returns the same value
574 * and same errno as read(). The only exception is that
575 * _dbus_read() handles EINTR for you. Also, _dbus_read() can
576 * return ENOMEM, even though regular UNIX read doesn't.
578 * Unlike _dbus_read_socket(), _dbus_read() is not available
581 * @param fd the file descriptor to read from
582 * @param buffer the buffer to append data to
583 * @param count the amount of data to read
584 * @returns the number of bytes read or -1
595 _dbus_assert (count >= 0);
597 start = _dbus_string_get_length (buffer);
599 if (!_dbus_string_lengthen (buffer, count))
605 data = _dbus_string_get_data_len (buffer, start, count);
609 bytes_read = read (fd, data, count);
617 /* put length back (note that this doesn't actually realloc anything) */
618 _dbus_string_set_length (buffer, start);
624 /* put length back (doesn't actually realloc) */
625 _dbus_string_set_length (buffer, start + bytes_read);
629 _dbus_verbose_bytes_of_string (buffer, start, bytes_read);
637 * Thin wrapper around the write() system call that writes a part of a
638 * DBusString and handles EINTR for you.
640 * @param fd the file descriptor to write
641 * @param buffer the buffer to write data from
642 * @param start the first byte in the buffer to write
643 * @param len the number of bytes to try to write
644 * @returns the number of bytes written or -1 on error
648 const DBusString *buffer,
655 data = _dbus_string_get_const_data_len (buffer, start, len);
659 bytes_written = write (fd, data, len);
661 if (bytes_written < 0 && errno == EINTR)
665 if (bytes_written > 0)
666 _dbus_verbose_bytes_of_string (buffer, start, bytes_written);
669 return bytes_written;
673 * Like _dbus_write() but will use writev() if possible
674 * to write both buffers in sequence. The return value
675 * is the number of bytes written in the first buffer,
676 * plus the number written in the second. If the first
677 * buffer is written successfully and an error occurs
678 * writing the second, the number of bytes in the first
679 * is returned (i.e. the error is ignored), on systems that
680 * don't have writev. Handles EINTR for you.
681 * The second buffer may be #NULL.
683 * @param fd the file descriptor
684 * @param buffer1 first buffer
685 * @param start1 first byte to write in first buffer
686 * @param len1 number of bytes to write from first buffer
687 * @param buffer2 second buffer, or #NULL
688 * @param start2 first byte to write in second buffer
689 * @param len2 number of bytes to write in second buffer
690 * @returns total bytes written from both buffers, or -1 on error
693 _dbus_write_two (int fd,
694 const DBusString *buffer1,
697 const DBusString *buffer2,
701 _dbus_assert (buffer1 != NULL);
702 _dbus_assert (start1 >= 0);
703 _dbus_assert (start2 >= 0);
704 _dbus_assert (len1 >= 0);
705 _dbus_assert (len2 >= 0);
709 struct iovec vectors[2];
714 data1 = _dbus_string_get_const_data_len (buffer1, start1, len1);
717 data2 = _dbus_string_get_const_data_len (buffer2, start2, len2);
725 vectors[0].iov_base = (char*) data1;
726 vectors[0].iov_len = len1;
727 vectors[1].iov_base = (char*) data2;
728 vectors[1].iov_len = len2;
732 bytes_written = writev (fd,
736 if (bytes_written < 0 && errno == EINTR)
739 return bytes_written;
741 #else /* HAVE_WRITEV */
745 ret1 = _dbus_write (fd, buffer1, start1, len1);
746 if (ret1 == len1 && buffer2 != NULL)
748 ret2 = _dbus_write (fd, buffer2, start2, len2);
750 ret2 = 0; /* we can't report an error as the first write was OK */
757 #endif /* !HAVE_WRITEV */
760 #define _DBUS_MAX_SUN_PATH_LENGTH 99
763 * @def _DBUS_MAX_SUN_PATH_LENGTH
765 * Maximum length of the path to a UNIX domain socket,
766 * sockaddr_un::sun_path member. POSIX requires that all systems
767 * support at least 100 bytes here, including the nul termination.
768 * We use 99 for the max value to allow for the nul.
770 * We could probably also do sizeof (addr.sun_path)
771 * but this way we are the same on all platforms
772 * which is probably a good idea.
776 * Creates a socket and connects it to the UNIX domain socket at the
777 * given path. The connection fd is returned, and is set up as
780 * Uses abstract sockets instead of filesystem-linked sockets if
781 * requested (it's possible only on Linux; see "man 7 unix" on Linux).
782 * On non-Linux abstract socket usage always fails.
784 * This will set FD_CLOEXEC for the socket returned.
786 * @param path the path to UNIX domain socket
787 * @param abstract #TRUE to use abstract namespace
788 * @param error return location for error code
789 * @returns connection file descriptor or -1 on error
792 _dbus_connect_unix_socket (const char *path,
793 dbus_bool_t abstract,
798 struct sockaddr_un addr;
800 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
802 _dbus_verbose ("connecting to unix socket %s abstract=%d\n",
806 if (!_dbus_open_unix_socket (&fd, error))
808 _DBUS_ASSERT_ERROR_IS_SET(error);
811 _DBUS_ASSERT_ERROR_IS_CLEAR(error);
814 addr.sun_family = AF_UNIX;
815 path_len = strlen (path);
819 #ifdef HAVE_ABSTRACT_SOCKETS
820 addr.sun_path[0] = '\0'; /* this is what says "use abstract" */
821 path_len++; /* Account for the extra nul byte added to the start of sun_path */
823 if (path_len > _DBUS_MAX_SUN_PATH_LENGTH)
825 dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
826 "Abstract socket name too long\n");
827 _dbus_close (fd, NULL);
831 strncpy (&addr.sun_path[1], path, path_len);
832 /* _dbus_verbose_bytes (addr.sun_path, sizeof (addr.sun_path)); */
833 #else /* HAVE_ABSTRACT_SOCKETS */
834 dbus_set_error (error, DBUS_ERROR_NOT_SUPPORTED,
835 "Operating system does not support abstract socket namespace\n");
836 _dbus_close (fd, NULL);
838 #endif /* ! HAVE_ABSTRACT_SOCKETS */
842 if (path_len > _DBUS_MAX_SUN_PATH_LENGTH)
844 dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
845 "Socket name too long\n");
846 _dbus_close (fd, NULL);
850 strncpy (addr.sun_path, path, path_len);
853 if (connect (fd, (struct sockaddr*) &addr, _DBUS_STRUCT_OFFSET (struct sockaddr_un, sun_path) + path_len) < 0)
855 dbus_set_error (error,
856 _dbus_error_from_errno (errno),
857 "Failed to connect to socket %s: %s",
858 path, _dbus_strerror (errno));
860 _dbus_close (fd, NULL);
864 if (!_dbus_set_fd_nonblocking (fd, error))
866 _DBUS_ASSERT_ERROR_IS_SET (error);
868 _dbus_close (fd, NULL);
876 * Enables or disables the reception of credentials on the given socket during
877 * the next message transmission. This is only effective if the #LOCAL_CREDS
878 * system feature exists, in which case the other side of the connection does
879 * not have to do anything special to send the credentials.
881 * @param fd socket on which to change the #LOCAL_CREDS flag.
882 * @param on whether to enable or disable the #LOCAL_CREDS flag.
885 _dbus_set_local_creds (int fd, dbus_bool_t on)
887 dbus_bool_t retval = TRUE;
889 #if defined(HAVE_CMSGCRED)
890 /* NOOP just to make sure only one codepath is used
891 * and to prefer CMSGCRED
893 #elif defined(LOCAL_CREDS)
894 int val = on ? 1 : 0;
895 if (setsockopt (fd, 0, LOCAL_CREDS, &val, sizeof (val)) < 0)
897 _dbus_verbose ("Unable to set LOCAL_CREDS socket option on fd %d\n", fd);
901 _dbus_verbose ("LOCAL_CREDS %s for further messages on fd %d\n",
902 on ? "enabled" : "disabled", fd);
909 * Creates a socket and binds it to the given path,
910 * then listens on the socket. The socket is
911 * set to be nonblocking.
913 * Uses abstract sockets instead of filesystem-linked
914 * sockets if requested (it's possible only on Linux;
915 * see "man 7 unix" on Linux).
916 * On non-Linux abstract socket usage always fails.
918 * This will set FD_CLOEXEC for the socket returned
920 * @param path the socket name
921 * @param abstract #TRUE to use abstract namespace
922 * @param error return location for errors
923 * @returns the listening file descriptor or -1 on error
926 _dbus_listen_unix_socket (const char *path,
927 dbus_bool_t abstract,
931 struct sockaddr_un addr;
933 unsigned int reuseaddr;
935 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
937 _dbus_verbose ("listening on unix socket %s abstract=%d\n",
940 if (!_dbus_open_unix_socket (&listen_fd, error))
942 _DBUS_ASSERT_ERROR_IS_SET(error);
945 _DBUS_ASSERT_ERROR_IS_CLEAR(error);
948 addr.sun_family = AF_UNIX;
949 path_len = strlen (path);
953 #ifdef HAVE_ABSTRACT_SOCKETS
954 /* remember that abstract names aren't nul-terminated so we rely
955 * on sun_path being filled in with zeroes above.
957 addr.sun_path[0] = '\0'; /* this is what says "use abstract" */
958 path_len++; /* Account for the extra nul byte added to the start of sun_path */
960 if (path_len > _DBUS_MAX_SUN_PATH_LENGTH)
962 dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
963 "Abstract socket name too long\n");
964 _dbus_close (listen_fd, NULL);
968 strncpy (&addr.sun_path[1], path, path_len);
969 /* _dbus_verbose_bytes (addr.sun_path, sizeof (addr.sun_path)); */
970 #else /* HAVE_ABSTRACT_SOCKETS */
971 dbus_set_error (error, DBUS_ERROR_NOT_SUPPORTED,
972 "Operating system does not support abstract socket namespace\n");
973 _dbus_close (listen_fd, NULL);
975 #endif /* ! HAVE_ABSTRACT_SOCKETS */
979 /* Discussed security implications of this with Nalin,
980 * and we couldn't think of where it would kick our ass, but
981 * it still seems a bit sucky. It also has non-security suckage;
982 * really we'd prefer to exit if the socket is already in use.
983 * But there doesn't seem to be a good way to do this.
985 * Just to be extra careful, I threw in the stat() - clearly
986 * the stat() can't *fix* any security issue, but it at least
987 * avoids inadvertent/accidental data loss.
992 if (stat (path, &sb) == 0 &&
993 S_ISSOCK (sb.st_mode))
997 if (path_len > _DBUS_MAX_SUN_PATH_LENGTH)
999 dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
1000 "Abstract socket name too long\n");
1001 _dbus_close (listen_fd, NULL);
1005 strncpy (addr.sun_path, path, path_len);
1009 if (setsockopt (listen_fd, SOL_SOCKET, SO_REUSEADDR, &reuseaddr, sizeof(reuseaddr))==-1)
1011 _dbus_warn ("Failed to set socket option\"%s\": %s",
1012 path, _dbus_strerror (errno));
1015 if (bind (listen_fd, (struct sockaddr*) &addr, _DBUS_STRUCT_OFFSET (struct sockaddr_un, sun_path) + path_len) < 0)
1017 dbus_set_error (error, _dbus_error_from_errno (errno),
1018 "Failed to bind socket \"%s\": %s",
1019 path, _dbus_strerror (errno));
1020 _dbus_close (listen_fd, NULL);
1024 if (listen (listen_fd, 30 /* backlog */) < 0)
1026 dbus_set_error (error, _dbus_error_from_errno (errno),
1027 "Failed to listen on socket \"%s\": %s",
1028 path, _dbus_strerror (errno));
1029 _dbus_close (listen_fd, NULL);
1033 if (!_dbus_set_local_creds (listen_fd, TRUE))
1035 dbus_set_error (error, _dbus_error_from_errno (errno),
1036 "Failed to enable LOCAL_CREDS on socket \"%s\": %s",
1037 path, _dbus_strerror (errno));
1042 if (!_dbus_set_fd_nonblocking (listen_fd, error))
1044 _DBUS_ASSERT_ERROR_IS_SET (error);
1045 _dbus_close (listen_fd, NULL);
1049 /* Try opening up the permissions, but if we can't, just go ahead
1050 * and continue, maybe it will be good enough.
1052 if (!abstract && chmod (path, 0777) < 0)
1053 _dbus_warn ("Could not set mode 0777 on socket %s\n",
1060 * Acquires one or more sockets passed in from systemd. The sockets
1061 * are set to be nonblocking.
1063 * This will set FD_CLOEXEC for the sockets returned.
1065 * @oaram fds the file descriptors
1066 * @param error return location for errors
1067 * @returns the number of file descriptors
1070 _dbus_listen_systemd_sockets (int **fds,
1077 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1079 n = sd_listen_fds (TRUE);
1082 dbus_set_error (error, _dbus_error_from_errno (-n),
1083 "Failed to acquire systemd socket: %s",
1084 _dbus_strerror (-n));
1090 dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
1091 "No socket received.");
1095 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd ++)
1097 r = sd_is_socket (fd, AF_UNSPEC, SOCK_STREAM, 1);
1100 dbus_set_error (error, _dbus_error_from_errno (-r),
1101 "Failed to verify systemd socket type: %s",
1102 _dbus_strerror (-r));
1108 dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
1109 "Passed socket has wrong type.");
1114 /* OK, the file descriptors are all good, so let's take posession of
1117 new_fds = dbus_new (int, n);
1120 dbus_set_error (error, DBUS_ERROR_NO_MEMORY,
1121 "Failed to allocate file handle array.");
1125 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd ++)
1127 if (!_dbus_set_local_creds (fd, TRUE))
1129 dbus_set_error (error, _dbus_error_from_errno (errno),
1130 "Failed to enable LOCAL_CREDS on systemd socket: %s",
1131 _dbus_strerror (errno));
1135 if (!_dbus_set_fd_nonblocking (fd, error))
1137 _DBUS_ASSERT_ERROR_IS_SET (error);
1141 new_fds[fd - SD_LISTEN_FDS_START] = fd;
1149 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd ++)
1151 _dbus_close (fd, NULL);
1154 dbus_free (new_fds);
1159 * Creates a socket and connects to a socket at the given host
1160 * and port. The connection fd is returned, and is set up as
1163 * This will set FD_CLOEXEC for the socket returned
1165 * @param host the host name to connect to
1166 * @param port the port to connect to
1167 * @param family the address family to listen on, NULL for all
1168 * @param error return location for error code
1169 * @returns connection file descriptor or -1 on error
1172 _dbus_connect_tcp_socket (const char *host,
1177 return _dbus_connect_tcp_socket_with_nonce (host, port, family, (const char*)NULL, error);
1181 _dbus_connect_tcp_socket_with_nonce (const char *host,
1184 const char *noncefile,
1187 int saved_errno = 0;
1189 struct addrinfo hints;
1190 struct addrinfo *ai, *tmp;
1192 _DBUS_ASSERT_ERROR_IS_CLEAR(error);
1197 hints.ai_family = AF_UNSPEC;
1198 else if (!strcmp(family, "ipv4"))
1199 hints.ai_family = AF_INET;
1200 else if (!strcmp(family, "ipv6"))
1201 hints.ai_family = AF_INET6;
1204 dbus_set_error (error,
1205 DBUS_ERROR_BAD_ADDRESS,
1206 "Unknown address family %s", family);
1209 hints.ai_protocol = IPPROTO_TCP;
1210 hints.ai_socktype = SOCK_STREAM;
1211 hints.ai_flags = AI_ADDRCONFIG;
1213 if ((res = getaddrinfo(host, port, &hints, &ai)) != 0)
1215 dbus_set_error (error,
1216 _dbus_error_from_errno (errno),
1217 "Failed to lookup host/port: \"%s:%s\": %s (%d)",
1218 host, port, gai_strerror(res), res);
1225 if (!_dbus_open_socket (&fd, tmp->ai_family, SOCK_STREAM, 0, error))
1228 _DBUS_ASSERT_ERROR_IS_SET(error);
1231 _DBUS_ASSERT_ERROR_IS_CLEAR(error);
1233 if (connect (fd, (struct sockaddr*) tmp->ai_addr, tmp->ai_addrlen) < 0)
1235 saved_errno = errno;
1236 _dbus_close(fd, NULL);
1248 dbus_set_error (error,
1249 _dbus_error_from_errno (saved_errno),
1250 "Failed to connect to socket \"%s:%s\" %s",
1251 host, port, _dbus_strerror(saved_errno));
1255 if (noncefile != NULL)
1257 DBusString noncefileStr;
1259 _dbus_string_init_const (&noncefileStr, noncefile);
1260 ret = _dbus_send_nonce (fd, &noncefileStr, error);
1261 _dbus_string_free (&noncefileStr);
1265 _dbus_close (fd, NULL);
1270 if (!_dbus_set_fd_nonblocking (fd, error))
1272 _dbus_close (fd, NULL);
1280 * Creates a socket and binds it to the given path, then listens on
1281 * the socket. The socket is set to be nonblocking. In case of port=0
1282 * a random free port is used and returned in the port parameter.
1283 * If inaddr_any is specified, the hostname is ignored.
1285 * This will set FD_CLOEXEC for the socket returned
1287 * @param host the host name to listen on
1288 * @param port the port to listen on, if zero a free port will be used
1289 * @param family the address family to listen on, NULL for all
1290 * @param retport string to return the actual port listened on
1291 * @param fds_p location to store returned file descriptors
1292 * @param error return location for errors
1293 * @returns the number of listening file descriptors or -1 on error
1296 _dbus_listen_tcp_socket (const char *host,
1299 DBusString *retport,
1304 int nlisten_fd = 0, *listen_fd = NULL, res, i;
1305 struct addrinfo hints;
1306 struct addrinfo *ai, *tmp;
1307 unsigned int reuseaddr;
1310 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1315 hints.ai_family = AF_UNSPEC;
1316 else if (!strcmp(family, "ipv4"))
1317 hints.ai_family = AF_INET;
1318 else if (!strcmp(family, "ipv6"))
1319 hints.ai_family = AF_INET6;
1322 dbus_set_error (error,
1323 DBUS_ERROR_BAD_ADDRESS,
1324 "Unknown address family %s", family);
1328 hints.ai_protocol = IPPROTO_TCP;
1329 hints.ai_socktype = SOCK_STREAM;
1330 hints.ai_flags = AI_ADDRCONFIG | AI_PASSIVE;
1332 redo_lookup_with_port:
1334 if ((res = getaddrinfo(host, port, &hints, &ai)) != 0 || !ai)
1336 dbus_set_error (error,
1337 _dbus_error_from_errno (errno),
1338 "Failed to lookup host/port: \"%s:%s\": %s (%d)",
1339 host ? host : "*", port, gai_strerror(res), res);
1346 int fd = -1, *newlisten_fd;
1347 if (!_dbus_open_socket (&fd, tmp->ai_family, SOCK_STREAM, 0, error))
1349 _DBUS_ASSERT_ERROR_IS_SET(error);
1352 _DBUS_ASSERT_ERROR_IS_CLEAR(error);
1355 if (setsockopt (fd, SOL_SOCKET, SO_REUSEADDR, &reuseaddr, sizeof(reuseaddr))==-1)
1357 _dbus_warn ("Failed to set socket option \"%s:%s\": %s",
1358 host ? host : "*", port, _dbus_strerror (errno));
1361 if (bind (fd, (struct sockaddr*) tmp->ai_addr, tmp->ai_addrlen) < 0)
1363 saved_errno = errno;
1364 _dbus_close(fd, NULL);
1365 if (saved_errno == EADDRINUSE)
1367 /* Depending on kernel policy, it may or may not
1368 be neccessary to bind to both IPv4 & 6 addresses
1369 so ignore EADDRINUSE here */
1373 dbus_set_error (error, _dbus_error_from_errno (saved_errno),
1374 "Failed to bind socket \"%s:%s\": %s",
1375 host ? host : "*", port, _dbus_strerror (saved_errno));
1379 if (listen (fd, 30 /* backlog */) < 0)
1381 saved_errno = errno;
1382 _dbus_close (fd, NULL);
1383 dbus_set_error (error, _dbus_error_from_errno (saved_errno),
1384 "Failed to listen on socket \"%s:%s\": %s",
1385 host ? host : "*", port, _dbus_strerror (saved_errno));
1389 newlisten_fd = dbus_realloc(listen_fd, sizeof(int)*(nlisten_fd+1));
1392 saved_errno = errno;
1393 _dbus_close (fd, NULL);
1394 dbus_set_error (error, _dbus_error_from_errno (saved_errno),
1395 "Failed to allocate file handle array: %s",
1396 _dbus_strerror (saved_errno));
1399 listen_fd = newlisten_fd;
1400 listen_fd[nlisten_fd] = fd;
1403 if (!_dbus_string_get_length(retport))
1405 /* If the user didn't specify a port, or used 0, then
1406 the kernel chooses a port. After the first address
1407 is bound to, we need to force all remaining addresses
1408 to use the same port */
1409 if (!port || !strcmp(port, "0"))
1412 struct sockaddr_storage addr;
1416 addrlen = sizeof(addr);
1417 result = getsockname(fd, (struct sockaddr*) &addr, &addrlen);
1420 (res = getnameinfo ((struct sockaddr*)&addr, addrlen, NULL, 0,
1421 portbuf, sizeof(portbuf),
1422 NI_NUMERICHOST)) != 0)
1424 dbus_set_error (error, _dbus_error_from_errno (errno),
1425 "Failed to resolve port \"%s:%s\": %s (%s)",
1426 host ? host : "*", port, gai_strerror(res), res);
1429 if (!_dbus_string_append(retport, portbuf))
1431 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
1435 /* Release current address list & redo lookup */
1436 port = _dbus_string_get_const_data(retport);
1438 goto redo_lookup_with_port;
1442 if (!_dbus_string_append(retport, port))
1444 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
1458 dbus_set_error (error, _dbus_error_from_errno (errno),
1459 "Failed to bind socket \"%s:%s\": %s",
1460 host ? host : "*", port, _dbus_strerror (errno));
1464 for (i = 0 ; i < nlisten_fd ; i++)
1466 if (!_dbus_set_fd_nonblocking (listen_fd[i], error))
1479 for (i = 0 ; i < nlisten_fd ; i++)
1480 _dbus_close(listen_fd[i], NULL);
1481 dbus_free(listen_fd);
1486 write_credentials_byte (int server_fd,
1490 char buf[1] = { '\0' };
1491 #if defined(HAVE_CMSGCRED)
1494 char cred[CMSG_SPACE (sizeof (struct cmsgcred))];
1505 msg.msg_control = (caddr_t) &cmsg;
1506 msg.msg_controllen = CMSG_SPACE (sizeof (struct cmsgcred));
1508 cmsg.hdr.cmsg_len = CMSG_LEN (sizeof (struct cmsgcred));
1509 cmsg.hdr.cmsg_level = SOL_SOCKET;
1510 cmsg.hdr.cmsg_type = SCM_CREDS;
1513 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1517 #if defined(HAVE_CMSGCRED)
1518 bytes_written = sendmsg (server_fd, &msg, 0
1519 #if HAVE_DECL_MSG_NOSIGNAL
1524 bytes_written = send (server_fd, buf, 1, 0
1525 #if HAVE_DECL_MSG_NOSIGNAL
1531 if (bytes_written < 0 && errno == EINTR)
1534 if (bytes_written < 0)
1536 dbus_set_error (error, _dbus_error_from_errno (errno),
1537 "Failed to write credentials byte: %s",
1538 _dbus_strerror (errno));
1541 else if (bytes_written == 0)
1543 dbus_set_error (error, DBUS_ERROR_IO_ERROR,
1544 "wrote zero bytes writing credentials byte");
1549 _dbus_assert (bytes_written == 1);
1550 _dbus_verbose ("wrote credentials byte\n");
1556 * Reads a single byte which must be nul (an error occurs otherwise),
1557 * and reads unix credentials if available. Clears the credentials
1558 * object, then adds pid/uid if available, so any previous credentials
1559 * stored in the object are lost.
1561 * Return value indicates whether a byte was read, not whether
1562 * we got valid credentials. On some systems, such as Linux,
1563 * reading/writing the byte isn't actually required, but we do it
1564 * anyway just to avoid multiple codepaths.
1566 * Fails if no byte is available, so you must select() first.
1568 * The point of the byte is that on some systems we have to
1569 * use sendmsg()/recvmsg() to transmit credentials.
1571 * @param client_fd the client file descriptor
1572 * @param credentials object to add client credentials to
1573 * @param error location to store error code
1574 * @returns #TRUE on success
1577 _dbus_read_credentials_socket (int client_fd,
1578 DBusCredentials *credentials,
1584 dbus_uid_t uid_read;
1585 dbus_pid_t pid_read;
1588 #ifdef HAVE_CMSGCRED
1591 char cred[CMSG_SPACE (sizeof (struct cmsgcred))];
1594 #elif defined(LOCAL_CREDS)
1597 struct sockcred cred;
1601 uid_read = DBUS_UID_UNSET;
1602 pid_read = DBUS_PID_UNSET;
1604 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1606 /* The POSIX spec certainly doesn't promise this, but
1607 * we need these assertions to fail as soon as we're wrong about
1608 * it so we can do the porting fixups
1610 _dbus_assert (sizeof (pid_t) <= sizeof (dbus_pid_t));
1611 _dbus_assert (sizeof (uid_t) <= sizeof (dbus_uid_t));
1612 _dbus_assert (sizeof (gid_t) <= sizeof (dbus_gid_t));
1614 _dbus_credentials_clear (credentials);
1616 /* Systems supporting LOCAL_CREDS are configured to have this feature
1617 * enabled (if it does not conflict with HAVE_CMSGCRED) prior accepting
1618 * the connection. Therefore, the received message must carry the
1619 * credentials information without doing anything special.
1622 iov.iov_base = &buf;
1629 #if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)
1631 msg.msg_control = (caddr_t) &cmsg;
1632 msg.msg_controllen = CMSG_SPACE (sizeof (struct cmsgcred));
1636 bytes_read = recvmsg (client_fd, &msg, 0);
1643 /* EAGAIN or EWOULDBLOCK would be unexpected here since we would
1644 * normally only call read_credentials if the socket was ready
1648 dbus_set_error (error, _dbus_error_from_errno (errno),
1649 "Failed to read credentials byte: %s",
1650 _dbus_strerror (errno));
1653 else if (bytes_read == 0)
1655 /* this should not happen unless we are using recvmsg wrong,
1656 * so is essentially here for paranoia
1658 dbus_set_error (error, DBUS_ERROR_FAILED,
1659 "Failed to read credentials byte (zero-length read)");
1662 else if (buf != '\0')
1664 dbus_set_error (error, DBUS_ERROR_FAILED,
1665 "Credentials byte was not nul");
1669 #if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)
1670 if (cmsg.hdr.cmsg_len < CMSG_LEN (sizeof (struct cmsgcred))
1671 || cmsg.hdr.cmsg_type != SCM_CREDS)
1673 dbus_set_error (error, DBUS_ERROR_FAILED,
1674 "Message from recvmsg() was not SCM_CREDS");
1679 _dbus_verbose ("read credentials byte\n");
1684 struct sockpeercred cr;
1688 int cr_len = sizeof (cr);
1690 if (getsockopt (client_fd, SOL_SOCKET, SO_PEERCRED, &cr, &cr_len) == 0 &&
1691 cr_len == sizeof (cr))
1698 _dbus_verbose ("Failed to getsockopt() credentials, returned len %d/%d: %s\n",
1699 cr_len, (int) sizeof (cr), _dbus_strerror (errno));
1701 #elif defined(HAVE_CMSGCRED)
1702 struct cmsgcred *cred;
1704 cred = (struct cmsgcred *) CMSG_DATA (&cmsg.hdr);
1705 pid_read = cred->cmcred_pid;
1706 uid_read = cred->cmcred_euid;
1707 #elif defined(LOCAL_CREDS)
1708 pid_read = DBUS_PID_UNSET;
1709 uid_read = cmsg.cred.sc_uid;
1710 /* Since we have already got the credentials from this socket, we can
1711 * disable its LOCAL_CREDS flag if it was ever set. */
1712 _dbus_set_local_creds (client_fd, FALSE);
1713 #elif defined(HAVE_GETPEEREID)
1716 if (getpeereid (client_fd, &euid, &egid) == 0)
1722 _dbus_verbose ("Failed to getpeereid() credentials: %s\n", _dbus_strerror (errno));
1724 #elif defined(HAVE_GETPEERUCRED)
1725 ucred_t * ucred = NULL;
1726 if (getpeerucred (client_fd, &ucred) == 0)
1728 pid_read = ucred_getpid (ucred);
1729 uid_read = ucred_geteuid (ucred);
1731 /* generate audit session data based on socket ucred */
1732 adt_session_data_t *adth = NULL;
1733 adt_export_data_t *data = NULL;
1735 if (adt_start_session (&adth, NULL, 0) || (adth == NULL))
1737 _dbus_verbose ("Failed to adt_start_session(): %s\n", _dbus_strerror (errno));
1741 if (adt_set_from_ucred (adth, ucred, ADT_NEW))
1743 _dbus_verbose ("Failed to adt_set_from_ucred(): %s\n", _dbus_strerror (errno));
1747 size = adt_export_session_data (adth, &data);
1750 _dbus_verbose ("Failed to adt_export_session_data(): %s\n", _dbus_strerror (errno));
1754 _dbus_credentials_add_adt_audit_data (credentials, data, size);
1758 (void) adt_end_session (adth);
1760 #endif /* HAVE_ADT */
1764 _dbus_verbose ("Failed to getpeerucred() credentials: %s\n", _dbus_strerror (errno));
1768 #else /* !SO_PEERCRED && !HAVE_CMSGCRED && !HAVE_GETPEEREID && !HAVE_GETPEERUCRED */
1769 _dbus_verbose ("Socket credentials not supported on this OS\n");
1773 _dbus_verbose ("Credentials:"
1774 " pid "DBUS_PID_FORMAT
1775 " uid "DBUS_UID_FORMAT
1780 if (pid_read != DBUS_PID_UNSET)
1782 if (!_dbus_credentials_add_unix_pid (credentials, pid_read))
1784 _DBUS_SET_OOM (error);
1789 if (uid_read != DBUS_UID_UNSET)
1791 if (!_dbus_credentials_add_unix_uid (credentials, uid_read))
1793 _DBUS_SET_OOM (error);
1802 * Sends a single nul byte with our UNIX credentials as ancillary
1803 * data. Returns #TRUE if the data was successfully written. On
1804 * systems that don't support sending credentials, just writes a byte,
1805 * doesn't send any credentials. On some systems, such as Linux,
1806 * reading/writing the byte isn't actually required, but we do it
1807 * anyway just to avoid multiple codepaths.
1809 * Fails if no byte can be written, so you must select() first.
1811 * The point of the byte is that on some systems we have to
1812 * use sendmsg()/recvmsg() to transmit credentials.
1814 * @param server_fd file descriptor for connection to server
1815 * @param error return location for error code
1816 * @returns #TRUE if the byte was sent
1819 _dbus_send_credentials_socket (int server_fd,
1822 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1824 if (write_credentials_byte (server_fd, error))
1831 * Accepts a connection on a listening socket.
1832 * Handles EINTR for you.
1834 * This will enable FD_CLOEXEC for the returned socket.
1836 * @param listen_fd the listen file descriptor
1837 * @returns the connection fd of the client, or -1 on error
1840 _dbus_accept (int listen_fd)
1843 struct sockaddr addr;
1846 dbus_bool_t cloexec_done;
1849 addrlen = sizeof (addr);
1854 /* We assume that if accept4 is available SOCK_CLOEXEC is too */
1855 client_fd = accept4 (listen_fd, &addr, &addrlen, SOCK_CLOEXEC);
1856 cloexec_done = client_fd >= 0;
1858 if (client_fd < 0 && errno == ENOSYS)
1861 client_fd = accept (listen_fd, &addr, &addrlen);
1870 _dbus_verbose ("client fd %d accepted\n", client_fd);
1876 _dbus_fd_set_close_on_exec(client_fd);
1883 * Checks to make sure the given directory is
1884 * private to the user
1886 * @param dir the name of the directory
1887 * @param error error return
1888 * @returns #FALSE on failure
1891 _dbus_check_dir_is_private_to_user (DBusString *dir, DBusError *error)
1893 const char *directory;
1896 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1898 directory = _dbus_string_get_const_data (dir);
1900 if (stat (directory, &sb) < 0)
1902 dbus_set_error (error, _dbus_error_from_errno (errno),
1903 "%s", _dbus_strerror (errno));
1908 if ((S_IROTH & sb.st_mode) || (S_IWOTH & sb.st_mode) ||
1909 (S_IRGRP & sb.st_mode) || (S_IWGRP & sb.st_mode))
1911 dbus_set_error (error, DBUS_ERROR_FAILED,
1912 "%s directory is not private to the user", directory);
1920 fill_user_info_from_passwd (struct passwd *p,
1924 _dbus_assert (p->pw_name != NULL);
1925 _dbus_assert (p->pw_dir != NULL);
1927 info->uid = p->pw_uid;
1928 info->primary_gid = p->pw_gid;
1929 info->username = _dbus_strdup (p->pw_name);
1930 info->homedir = _dbus_strdup (p->pw_dir);
1932 if (info->username == NULL ||
1933 info->homedir == NULL)
1935 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
1943 fill_user_info (DBusUserInfo *info,
1945 const DBusString *username,
1948 const char *username_c;
1950 /* exactly one of username/uid provided */
1951 _dbus_assert (username != NULL || uid != DBUS_UID_UNSET);
1952 _dbus_assert (username == NULL || uid == DBUS_UID_UNSET);
1954 info->uid = DBUS_UID_UNSET;
1955 info->primary_gid = DBUS_GID_UNSET;
1956 info->group_ids = NULL;
1957 info->n_group_ids = 0;
1958 info->username = NULL;
1959 info->homedir = NULL;
1961 if (username != NULL)
1962 username_c = _dbus_string_get_const_data (username);
1966 /* For now assuming that the getpwnam() and getpwuid() flavors
1967 * are always symmetrical, if not we have to add more configure
1971 #if defined (HAVE_POSIX_GETPWNAM_R) || defined (HAVE_NONPOSIX_GETPWNAM_R)
1977 struct passwd p_str;
1979 /* retrieve maximum needed size for buf */
1980 buflen = sysconf (_SC_GETPW_R_SIZE_MAX);
1982 /* sysconf actually returns a long, but everything else expects size_t,
1983 * so just recast here.
1984 * https://bugs.freedesktop.org/show_bug.cgi?id=17061
1986 if ((long) buflen <= 0)
1992 buf = dbus_malloc (buflen);
1995 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
2000 #ifdef HAVE_POSIX_GETPWNAM_R
2001 if (uid != DBUS_UID_UNSET)
2002 result = getpwuid_r (uid, &p_str, buf, buflen,
2005 result = getpwnam_r (username_c, &p_str, buf, buflen,
2008 if (uid != DBUS_UID_UNSET)
2009 p = getpwuid_r (uid, &p_str, buf, buflen);
2011 p = getpwnam_r (username_c, &p_str, buf, buflen);
2013 #endif /* !HAVE_POSIX_GETPWNAM_R */
2014 //Try a bigger buffer if ERANGE was returned
2015 if (result == ERANGE && buflen < 512 * 1024)
2025 if (result == 0 && p == &p_str)
2027 if (!fill_user_info_from_passwd (p, info, error))
2036 dbus_set_error (error, _dbus_error_from_errno (errno),
2037 "User \"%s\" unknown or no memory to allocate password entry\n",
2038 username_c ? username_c : "???");
2039 _dbus_verbose ("User %s unknown\n", username_c ? username_c : "???");
2044 #else /* ! HAVE_GETPWNAM_R */
2046 /* I guess we're screwed on thread safety here */
2049 if (uid != DBUS_UID_UNSET)
2052 p = getpwnam (username_c);
2056 if (!fill_user_info_from_passwd (p, info, error))
2063 dbus_set_error (error, _dbus_error_from_errno (errno),
2064 "User \"%s\" unknown or no memory to allocate password entry\n",
2065 username_c ? username_c : "???");
2066 _dbus_verbose ("User %s unknown\n", username_c ? username_c : "???");
2070 #endif /* ! HAVE_GETPWNAM_R */
2072 /* Fill this in so we can use it to get groups */
2073 username_c = info->username;
2075 #ifdef HAVE_GETGROUPLIST
2080 int initial_buf_count;
2082 initial_buf_count = 17;
2083 buf_count = initial_buf_count;
2084 buf = dbus_new (gid_t, buf_count);
2087 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
2091 if (getgrouplist (username_c,
2093 buf, &buf_count) < 0)
2096 /* Presumed cause of negative return code: buf has insufficient
2097 entries to hold the entire group list. The Linux behavior in this
2098 case is to pass back the actual number of groups in buf_count, but
2099 on Mac OS X 10.5, buf_count is unhelpfully left alone.
2100 So as a hack, try to help out a bit by guessing a larger
2101 number of groups, within reason.. might still fail, of course,
2102 but we can at least print a more informative message. I looked up
2103 the "right way" to do this by downloading Apple's own source code
2104 for the "id" command, and it turns out that they use an
2105 undocumented library function getgrouplist_2 (!) which is not
2106 declared in any header in /usr/include (!!). That did not seem
2107 like the way to go here.
2109 if (buf_count == initial_buf_count)
2111 buf_count *= 16; /* Retry with an arbitrarily scaled-up array */
2113 new = dbus_realloc (buf, buf_count * sizeof (buf[0]));
2116 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
2124 if (getgrouplist (username_c, info->primary_gid, buf, &buf_count) < 0)
2128 _dbus_warn ("It appears that username \"%s\" is in more than %d groups.\nProceeding with just the first %d groups.",
2129 username_c, buf_count, buf_count);
2133 dbus_set_error (error,
2134 _dbus_error_from_errno (errno),
2135 "Failed to get groups for username \"%s\" primary GID "
2136 DBUS_GID_FORMAT ": %s\n",
2137 username_c, info->primary_gid,
2138 _dbus_strerror (errno));
2145 info->group_ids = dbus_new (dbus_gid_t, buf_count);
2146 if (info->group_ids == NULL)
2148 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
2153 for (i = 0; i < buf_count; ++i)
2154 info->group_ids[i] = buf[i];
2156 info->n_group_ids = buf_count;
2160 #else /* HAVE_GETGROUPLIST */
2162 /* We just get the one group ID */
2163 info->group_ids = dbus_new (dbus_gid_t, 1);
2164 if (info->group_ids == NULL)
2166 dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
2170 info->n_group_ids = 1;
2172 (info->group_ids)[0] = info->primary_gid;
2174 #endif /* HAVE_GETGROUPLIST */
2176 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
2181 _DBUS_ASSERT_ERROR_IS_SET (error);
2186 * Gets user info for the given username.
2188 * @param info user info object to initialize
2189 * @param username the username
2190 * @param error error return
2191 * @returns #TRUE on success
2194 _dbus_user_info_fill (DBusUserInfo *info,
2195 const DBusString *username,
2198 return fill_user_info (info, DBUS_UID_UNSET,
2203 * Gets user info for the given user ID.
2205 * @param info user info object to initialize
2206 * @param uid the user ID
2207 * @param error error return
2208 * @returns #TRUE on success
2211 _dbus_user_info_fill_uid (DBusUserInfo *info,
2215 return fill_user_info (info, uid,
2220 * Adds the credentials of the current process to the
2221 * passed-in credentials object.
2223 * @param credentials credentials to add to
2224 * @returns #FALSE if no memory; does not properly roll back on failure, so only some credentials may have been added
2227 _dbus_credentials_add_from_current_process (DBusCredentials *credentials)
2229 /* The POSIX spec certainly doesn't promise this, but
2230 * we need these assertions to fail as soon as we're wrong about
2231 * it so we can do the porting fixups
2233 _dbus_assert (sizeof (pid_t) <= sizeof (dbus_pid_t));
2234 _dbus_assert (sizeof (uid_t) <= sizeof (dbus_uid_t));
2235 _dbus_assert (sizeof (gid_t) <= sizeof (dbus_gid_t));
2237 if (!_dbus_credentials_add_unix_pid(credentials, _dbus_getpid()))
2239 if (!_dbus_credentials_add_unix_uid(credentials, _dbus_geteuid()))
2246 * Append to the string the identity we would like to have when we
2247 * authenticate, on UNIX this is the current process UID and on
2248 * Windows something else, probably a Windows SID string. No escaping
2249 * is required, that is done in dbus-auth.c. The username here
2250 * need not be anything human-readable, it can be the machine-readable
2251 * form i.e. a user id.
2253 * @param str the string to append to
2254 * @returns #FALSE on no memory
2257 _dbus_append_user_from_current_process (DBusString *str)
2259 return _dbus_string_append_uint (str,
2264 * Gets our process ID
2265 * @returns process ID
2274 * @returns process UID
2282 /** Gets our effective UID
2283 * @returns process effective UID
2286 _dbus_geteuid (void)
2292 * The only reason this is separate from _dbus_getpid() is to allow it
2293 * on Windows for logging but not for other purposes.
2295 * @returns process ID to put in log messages
2298 _dbus_pid_for_log (void)
2304 * Gets a UID from a UID string.
2306 * @param uid_str the UID in string form
2307 * @param uid UID to fill in
2308 * @returns #TRUE if successfully filled in UID
2311 _dbus_parse_uid (const DBusString *uid_str,
2317 if (_dbus_string_get_length (uid_str) == 0)
2319 _dbus_verbose ("UID string was zero length\n");
2325 if (!_dbus_string_parse_int (uid_str, 0, &val,
2328 _dbus_verbose ("could not parse string as a UID\n");
2332 if (end != _dbus_string_get_length (uid_str))
2334 _dbus_verbose ("string contained trailing stuff after UID\n");
2344 _DBUS_DEFINE_GLOBAL_LOCK (atomic);
2348 * Atomically increments an integer
2350 * @param atomic pointer to the integer to increment
2351 * @returns the value before incrementing
2354 _dbus_atomic_inc (DBusAtomic *atomic)
2357 return __sync_add_and_fetch(&atomic->value, 1)-1;
2360 _DBUS_LOCK (atomic);
2361 res = atomic->value;
2363 _DBUS_UNLOCK (atomic);
2369 * Atomically decrement an integer
2371 * @param atomic pointer to the integer to decrement
2372 * @returns the value before decrementing
2375 _dbus_atomic_dec (DBusAtomic *atomic)
2378 return __sync_sub_and_fetch(&atomic->value, 1)+1;
2382 _DBUS_LOCK (atomic);
2383 res = atomic->value;
2385 _DBUS_UNLOCK (atomic);
2391 * Atomically get the value of an integer. It may change at any time
2392 * thereafter, so this is mostly only useful for assertions.
2394 * @param atomic pointer to the integer to get
2395 * @returns the value at this moment
2398 _dbus_atomic_get (DBusAtomic *atomic)
2401 __sync_synchronize ();
2402 return atomic->value;
2406 _DBUS_LOCK (atomic);
2407 res = atomic->value;
2408 _DBUS_UNLOCK (atomic);
2413 #ifdef DBUS_BUILD_TESTS
2415 * @returns process GID
2425 * Wrapper for poll().
2427 * @param fds the file descriptors to poll
2428 * @param n_fds number of descriptors in the array
2429 * @param timeout_milliseconds timeout or -1 for infinite
2430 * @returns numbers of fds with revents, or <0 on error
2433 _dbus_poll (DBusPollFD *fds,
2435 int timeout_milliseconds)
2437 #if defined(HAVE_POLL) && !defined(BROKEN_POLL)
2438 /* This big thing is a constant expression and should get optimized
2439 * out of existence. So it's more robust than a configure check at
2442 if (_DBUS_POLLIN == POLLIN &&
2443 _DBUS_POLLPRI == POLLPRI &&
2444 _DBUS_POLLOUT == POLLOUT &&
2445 _DBUS_POLLERR == POLLERR &&
2446 _DBUS_POLLHUP == POLLHUP &&
2447 _DBUS_POLLNVAL == POLLNVAL &&
2448 sizeof (DBusPollFD) == sizeof (struct pollfd) &&
2449 _DBUS_STRUCT_OFFSET (DBusPollFD, fd) ==
2450 _DBUS_STRUCT_OFFSET (struct pollfd, fd) &&
2451 _DBUS_STRUCT_OFFSET (DBusPollFD, events) ==
2452 _DBUS_STRUCT_OFFSET (struct pollfd, events) &&
2453 _DBUS_STRUCT_OFFSET (DBusPollFD, revents) ==
2454 _DBUS_STRUCT_OFFSET (struct pollfd, revents))
2456 return poll ((struct pollfd*) fds,
2458 timeout_milliseconds);
2462 /* We have to convert the DBusPollFD to an array of
2463 * struct pollfd, poll, and convert back.
2465 _dbus_warn ("didn't implement poll() properly for this system yet\n");
2468 #else /* ! HAVE_POLL */
2470 fd_set read_set, write_set, err_set;
2476 FD_ZERO (&read_set);
2477 FD_ZERO (&write_set);
2480 for (i = 0; i < n_fds; i++)
2482 DBusPollFD *fdp = &fds[i];
2484 if (fdp->events & _DBUS_POLLIN)
2485 FD_SET (fdp->fd, &read_set);
2487 if (fdp->events & _DBUS_POLLOUT)
2488 FD_SET (fdp->fd, &write_set);
2490 FD_SET (fdp->fd, &err_set);
2492 max_fd = MAX (max_fd, fdp->fd);
2495 tv.tv_sec = timeout_milliseconds / 1000;
2496 tv.tv_usec = (timeout_milliseconds % 1000) * 1000;
2498 ready = select (max_fd + 1, &read_set, &write_set, &err_set,
2499 timeout_milliseconds < 0 ? NULL : &tv);
2503 for (i = 0; i < n_fds; i++)
2505 DBusPollFD *fdp = &fds[i];
2509 if (FD_ISSET (fdp->fd, &read_set))
2510 fdp->revents |= _DBUS_POLLIN;
2512 if (FD_ISSET (fdp->fd, &write_set))
2513 fdp->revents |= _DBUS_POLLOUT;
2515 if (FD_ISSET (fdp->fd, &err_set))
2516 fdp->revents |= _DBUS_POLLERR;
2525 * Get current time, as in gettimeofday(). Use the monotonic clock if
2526 * available, to avoid problems when the system time changes.
2528 * @param tv_sec return location for number of seconds
2529 * @param tv_usec return location for number of microseconds (thousandths)
2532 _dbus_get_monotonic_time (long *tv_sec,
2537 #ifdef HAVE_MONOTONIC_CLOCK
2539 clock_gettime (CLOCK_MONOTONIC, &ts);
2542 *tv_sec = ts.tv_sec;
2544 *tv_usec = ts.tv_nsec / 1000;
2546 gettimeofday (&t, NULL);
2551 *tv_usec = t.tv_usec;
2556 * Get current time, as in gettimeofday(). Never uses the monotonic
2559 * @param tv_sec return location for number of seconds
2560 * @param tv_usec return location for number of microseconds (thousandths)
2563 _dbus_get_real_time (long *tv_sec,
2568 gettimeofday (&t, NULL);
2573 *tv_usec = t.tv_usec;
2577 * Creates a directory; succeeds if the directory
2578 * is created or already existed.
2580 * @param filename directory filename
2581 * @param error initialized error object
2582 * @returns #TRUE on success
2585 _dbus_create_directory (const DBusString *filename,
2588 const char *filename_c;
2590 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
2592 filename_c = _dbus_string_get_const_data (filename);
2594 if (mkdir (filename_c, 0700) < 0)
2596 if (errno == EEXIST)
2599 dbus_set_error (error, DBUS_ERROR_FAILED,
2600 "Failed to create directory %s: %s\n",
2601 filename_c, _dbus_strerror (errno));
2609 * Appends the given filename to the given directory.
2611 * @todo it might be cute to collapse multiple '/' such as "foo//"
2614 * @param dir the directory name
2615 * @param next_component the filename
2616 * @returns #TRUE on success
2619 _dbus_concat_dir_and_file (DBusString *dir,
2620 const DBusString *next_component)
2622 dbus_bool_t dir_ends_in_slash;
2623 dbus_bool_t file_starts_with_slash;
2625 if (_dbus_string_get_length (dir) == 0 ||
2626 _dbus_string_get_length (next_component) == 0)
2629 dir_ends_in_slash = '/' == _dbus_string_get_byte (dir,
2630 _dbus_string_get_length (dir) - 1);
2632 file_starts_with_slash = '/' == _dbus_string_get_byte (next_component, 0);
2634 if (dir_ends_in_slash && file_starts_with_slash)
2636 _dbus_string_shorten (dir, 1);
2638 else if (!(dir_ends_in_slash || file_starts_with_slash))
2640 if (!_dbus_string_append_byte (dir, '/'))
2644 return _dbus_string_copy (next_component, 0, dir,
2645 _dbus_string_get_length (dir));
2648 /** nanoseconds in a second */
2649 #define NANOSECONDS_PER_SECOND 1000000000
2650 /** microseconds in a second */
2651 #define MICROSECONDS_PER_SECOND 1000000
2652 /** milliseconds in a second */
2653 #define MILLISECONDS_PER_SECOND 1000
2654 /** nanoseconds in a millisecond */
2655 #define NANOSECONDS_PER_MILLISECOND 1000000
2656 /** microseconds in a millisecond */
2657 #define MICROSECONDS_PER_MILLISECOND 1000
2660 * Sleeps the given number of milliseconds.
2661 * @param milliseconds number of milliseconds
2664 _dbus_sleep_milliseconds (int milliseconds)
2666 #ifdef HAVE_NANOSLEEP
2667 struct timespec req;
2668 struct timespec rem;
2670 req.tv_sec = milliseconds / MILLISECONDS_PER_SECOND;
2671 req.tv_nsec = (milliseconds % MILLISECONDS_PER_SECOND) * NANOSECONDS_PER_MILLISECOND;
2675 while (nanosleep (&req, &rem) < 0 && errno == EINTR)
2677 #elif defined (HAVE_USLEEP)
2678 usleep (milliseconds * MICROSECONDS_PER_MILLISECOND);
2679 #else /* ! HAVE_USLEEP */
2680 sleep (MAX (milliseconds / 1000, 1));
2685 _dbus_generate_pseudorandom_bytes (DBusString *str,
2691 old_len = _dbus_string_get_length (str);
2693 if (!_dbus_string_lengthen (str, n_bytes))
2696 p = _dbus_string_get_data_len (str, old_len, n_bytes);
2698 _dbus_generate_pseudorandom_bytes_buffer (p, n_bytes);
2704 * Generates the given number of random bytes,
2705 * using the best mechanism we can come up with.
2707 * @param str the string
2708 * @param n_bytes the number of random bytes to append to string
2709 * @returns #TRUE on success, #FALSE if no memory
2712 _dbus_generate_random_bytes (DBusString *str,
2718 /* FALSE return means "no memory", if it could
2719 * mean something else then we'd need to return
2720 * a DBusError. So we always fall back to pseudorandom
2724 old_len = _dbus_string_get_length (str);
2727 /* note, urandom on linux will fall back to pseudorandom */
2728 fd = open ("/dev/urandom", O_RDONLY);
2730 return _dbus_generate_pseudorandom_bytes (str, n_bytes);
2732 _dbus_verbose ("/dev/urandom fd %d opened\n", fd);
2734 if (_dbus_read (fd, str, n_bytes) != n_bytes)
2736 _dbus_close (fd, NULL);
2737 _dbus_string_set_length (str, old_len);
2738 return _dbus_generate_pseudorandom_bytes (str, n_bytes);
2741 _dbus_verbose ("Read %d bytes from /dev/urandom\n",
2744 _dbus_close (fd, NULL);
2750 * Exit the process, returning the given value.
2752 * @param code the exit code
2755 _dbus_exit (int code)
2761 * A wrapper around strerror() because some platforms
2762 * may be lame and not have strerror(). Also, never
2765 * @param error_number errno.
2766 * @returns error description.
2769 _dbus_strerror (int error_number)
2773 msg = strerror (error_number);
2781 * signal (SIGPIPE, SIG_IGN);
2784 _dbus_disable_sigpipe (void)
2786 signal (SIGPIPE, SIG_IGN);
2790 * Sets the file descriptor to be close
2791 * on exec. Should be called for all file
2792 * descriptors in D-Bus code.
2794 * @param fd the file descriptor
2797 _dbus_fd_set_close_on_exec (intptr_t fd)
2801 val = fcntl (fd, F_GETFD, 0);
2808 fcntl (fd, F_SETFD, val);
2812 * Closes a file descriptor.
2814 * @param fd the file descriptor
2815 * @param error error object
2816 * @returns #FALSE if error set
2819 _dbus_close (int fd,
2822 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
2830 dbus_set_error (error, _dbus_error_from_errno (errno),
2831 "Could not close fd %d", fd);
2839 * Duplicates a file descriptor. Makes sure the fd returned is >= 3
2840 * (i.e. avoids stdin/stdout/stderr). Sets O_CLOEXEC.
2842 * @param fd the file descriptor to duplicate
2843 * @returns duplicated file descriptor
2851 #ifdef F_DUPFD_CLOEXEC
2852 dbus_bool_t cloexec_done;
2854 new_fd = fcntl(fd, F_DUPFD_CLOEXEC, 3);
2855 cloexec_done = new_fd >= 0;
2857 if (new_fd < 0 && errno == EINVAL)
2860 new_fd = fcntl(fd, F_DUPFD, 3);
2865 dbus_set_error (error, _dbus_error_from_errno (errno),
2866 "Could not duplicate fd %d", fd);
2870 #ifdef F_DUPFD_CLOEXEC
2874 _dbus_fd_set_close_on_exec(new_fd);
2881 * Sets a file descriptor to be nonblocking.
2883 * @param fd the file descriptor.
2884 * @param error address of error location.
2885 * @returns #TRUE on success.
2888 _dbus_set_fd_nonblocking (int fd,
2893 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
2895 val = fcntl (fd, F_GETFL, 0);
2898 dbus_set_error (error, _dbus_error_from_errno (errno),
2899 "Failed to get flags from file descriptor %d: %s",
2900 fd, _dbus_strerror (errno));
2901 _dbus_verbose ("Failed to get flags for fd %d: %s\n", fd,
2902 _dbus_strerror (errno));
2906 if (fcntl (fd, F_SETFL, val | O_NONBLOCK) < 0)
2908 dbus_set_error (error, _dbus_error_from_errno (errno),
2909 "Failed to set nonblocking flag of file descriptor %d: %s",
2910 fd, _dbus_strerror (errno));
2911 _dbus_verbose ("Failed to set fd %d nonblocking: %s\n",
2912 fd, _dbus_strerror (errno));
2921 * On GNU libc systems, print a crude backtrace to stderr. On other
2922 * systems, print "no backtrace support" and block for possible gdb
2923 * attachment if an appropriate environment variable is set.
2926 _dbus_print_backtrace (void)
2928 #if defined (HAVE_BACKTRACE) && defined (DBUS_BUILT_R_DYNAMIC)
2934 bt_size = backtrace (bt, 500);
2936 syms = backtrace_symbols (bt, bt_size);
2941 /* don't use dbus_warn since it can _dbus_abort() */
2942 fprintf (stderr, " %s\n", syms[i]);
2948 #elif defined (HAVE_BACKTRACE) && ! defined (DBUS_BUILT_R_DYNAMIC)
2949 fprintf (stderr, " D-Bus not built with -rdynamic so unable to print a backtrace\n");
2951 fprintf (stderr, " D-Bus not compiled with backtrace support so unable to print a backtrace\n");
2956 * Creates a full-duplex pipe (as in socketpair()).
2957 * Sets both ends of the pipe nonblocking.
2959 * Marks both file descriptors as close-on-exec
2961 * @todo libdbus only uses this for the debug-pipe server, so in
2962 * principle it could be in dbus-sysdeps-util.c, except that
2963 * dbus-sysdeps-util.c isn't in libdbus when tests are enabled and the
2964 * debug-pipe server is used.
2966 * @param fd1 return location for one end
2967 * @param fd2 return location for the other end
2968 * @param blocking #TRUE if pipe should be blocking
2969 * @param error error return
2970 * @returns #FALSE on failure (if error is set)
2973 _dbus_full_duplex_pipe (int *fd1,
2975 dbus_bool_t blocking,
2978 #ifdef HAVE_SOCKETPAIR
2983 dbus_bool_t cloexec_done;
2985 retval = socketpair(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0, fds);
2986 cloexec_done = retval >= 0;
2988 if (retval < 0 && errno == EINVAL)
2991 retval = socketpair(AF_UNIX, SOCK_STREAM, 0, fds);
2996 dbus_set_error (error, _dbus_error_from_errno (errno),
2997 "Could not create full-duplex pipe");
3001 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
3007 _dbus_fd_set_close_on_exec (fds[0]);
3008 _dbus_fd_set_close_on_exec (fds[1]);
3012 (!_dbus_set_fd_nonblocking (fds[0], NULL) ||
3013 !_dbus_set_fd_nonblocking (fds[1], NULL)))
3015 dbus_set_error (error, _dbus_error_from_errno (errno),
3016 "Could not set full-duplex pipe nonblocking");
3018 _dbus_close (fds[0], NULL);
3019 _dbus_close (fds[1], NULL);
3027 _dbus_verbose ("full-duplex pipe %d <-> %d\n",
3032 _dbus_warn ("_dbus_full_duplex_pipe() not implemented on this OS\n");
3033 dbus_set_error (error, DBUS_ERROR_FAILED,
3034 "_dbus_full_duplex_pipe() not implemented on this OS");
3040 * Measure the length of the given format string and arguments,
3041 * not including the terminating nul.
3043 * @param format a printf-style format string
3044 * @param args arguments for the format string
3045 * @returns length of the given format string and args, or -1 if no memory
3048 _dbus_printf_string_upper_bound (const char *format,
3051 char static_buf[1024];
3052 int bufsize = sizeof (static_buf);
3055 len = vsnprintf (static_buf, bufsize, format, args);
3057 /* If vsnprintf() returned non-negative, then either the string fits in
3058 * static_buf, or this OS has the POSIX and C99 behaviour where vsnprintf
3059 * returns the number of characters that were needed, or this OS returns the
3062 * We ignore the possibility that snprintf might just ignore the length and
3063 * overrun the buffer (64-bit Solaris 7), because that's pathological.
3064 * If your libc is really that bad, come back when you have a better one. */
3067 /* This could be the truncated length (Tru64 and IRIX have this bug),
3068 * or the real length could be coincidentally the same. Which is it?
3069 * If vsnprintf returns the truncated length, we'll go to the slow
3071 if (vsnprintf (static_buf, 1, format, args) == 1)
3075 /* If vsnprintf() returned negative, we have to do more work.
3076 * HP-UX returns negative. */
3083 buf = dbus_malloc (bufsize);
3088 len = vsnprintf (buf, bufsize, format, args);
3091 /* If the reported length is exactly the buffer size, round up to the
3092 * next size, in case vsnprintf has been returning the truncated
3102 * Gets the temporary files directory by inspecting the environment variables
3103 * TMPDIR, TMP, and TEMP in that order. If none of those are set "/tmp" is returned
3105 * @returns location of temp directory
3108 _dbus_get_tmpdir(void)
3110 static const char* tmpdir = NULL;
3114 /* TMPDIR is what glibc uses, then
3115 * glibc falls back to the P_tmpdir macro which
3116 * just expands to "/tmp"
3119 tmpdir = getenv("TMPDIR");
3121 /* These two env variables are probably
3122 * broken, but maybe some OS uses them?
3125 tmpdir = getenv("TMP");
3127 tmpdir = getenv("TEMP");
3129 /* And this is the sane fallback. */
3134 _dbus_assert(tmpdir != NULL);
3140 * Execute a subprocess, returning up to 1024 bytes of output
3143 * If successful, returns #TRUE and appends the output to @p
3144 * result. If a failure happens, returns #FALSE and
3145 * sets an error in @p error.
3147 * @note It's not an error if the subprocess terminates normally
3148 * without writing any data to stdout. Verify the @p result length
3149 * before and after this function call to cover this case.
3151 * @param progname initial path to exec (may or may not be absolute)
3152 * @param path_fallback if %TRUE, search PATH for executable
3153 * @param argv NULL-terminated list of arguments
3154 * @param result a DBusString where the output can be append
3155 * @param error a DBusError to store the error in case of failure
3156 * @returns #TRUE on success, #FALSE if an error happened
3159 _read_subprocess_line_argv (const char *progpath,
3160 dbus_bool_t path_fallback,
3165 int result_pipe[2] = { -1, -1 };
3166 int errors_pipe[2] = { -1, -1 };
3174 sigset_t new_set, old_set;
3176 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
3179 /* We need to block any existing handlers for SIGCHLD temporarily; they
3180 * will cause waitpid() below to fail.
3181 * https://bugs.freedesktop.org/show_bug.cgi?id=21347
3183 sigemptyset (&new_set);
3184 sigaddset (&new_set, SIGCHLD);
3185 sigprocmask (SIG_BLOCK, &new_set, &old_set);
3187 orig_len = _dbus_string_get_length (result);
3191 if (pipe (result_pipe) < 0)
3193 dbus_set_error (error, _dbus_error_from_errno (errno),
3194 "Failed to create a pipe to call %s: %s",
3195 progpath, _dbus_strerror (errno));
3196 _dbus_verbose ("Failed to create a pipe to call %s: %s\n",
3197 progpath, _dbus_strerror (errno));
3200 if (pipe (errors_pipe) < 0)
3202 dbus_set_error (error, _dbus_error_from_errno (errno),
3203 "Failed to create a pipe to call %s: %s",
3204 progpath, _dbus_strerror (errno));
3205 _dbus_verbose ("Failed to create a pipe to call %s: %s\n",
3206 progpath, _dbus_strerror (errno));
3213 dbus_set_error (error, _dbus_error_from_errno (errno),
3214 "Failed to fork() to call %s: %s",
3215 progpath, _dbus_strerror (errno));
3216 _dbus_verbose ("Failed to fork() to call %s: %s\n",
3217 progpath, _dbus_strerror (errno));
3227 fd = open ("/dev/null", O_RDWR);
3229 /* huh?! can't open /dev/null? */
3232 _dbus_verbose ("/dev/null fd %d opened\n", fd);
3235 close (result_pipe[READ_END]);
3236 close (errors_pipe[READ_END]);
3237 close (0); /* close stdin */
3238 close (1); /* close stdout */
3239 close (2); /* close stderr */
3241 if (dup2 (fd, 0) == -1)
3243 if (dup2 (result_pipe[WRITE_END], 1) == -1)
3245 if (dup2 (errors_pipe[WRITE_END], 2) == -1)
3248 maxfds = sysconf (_SC_OPEN_MAX);
3249 /* Pick something reasonable if for some reason sysconf
3254 /* close all inherited fds */
3255 for (i = 3; i < maxfds; i++)
3258 sigprocmask (SIG_SETMASK, &old_set, NULL);
3260 /* If it looks fully-qualified, try execv first */
3261 if (progpath[0] == '/')
3263 execv (progpath, argv);
3264 /* Ok, that failed. Now if path_fallback is given, let's
3265 * try unqualified. This is mostly a hack to work
3266 * around systems which ship dbus-launch in /usr/bin
3267 * but everything else in /bin (because dbus-launch
3271 /* We must have a slash, because we checked above */
3272 execvp (strrchr (progpath, '/')+1, argv);
3275 execvp (progpath, argv);
3277 /* still nothing, we failed */
3281 /* parent process */
3282 close (result_pipe[WRITE_END]);
3283 close (errors_pipe[WRITE_END]);
3284 result_pipe[WRITE_END] = -1;
3285 errors_pipe[WRITE_END] = -1;
3290 ret = _dbus_read (result_pipe[READ_END], result, 1024);
3294 /* reap the child process to avoid it lingering as zombie */
3297 ret = waitpid (pid, &status, 0);
3299 while (ret == -1 && errno == EINTR);
3301 /* We succeeded if the process exited with status 0 and
3302 anything was read */
3303 if (!WIFEXITED (status) || WEXITSTATUS (status) != 0 )
3305 /* The process ended with error */
3306 DBusString error_message;
3307 if (!_dbus_string_init (&error_message))
3309 _DBUS_SET_OOM (error);
3316 ret = _dbus_read (errors_pipe[READ_END], &error_message, 1024);
3320 _dbus_string_set_length (result, orig_len);
3321 if (_dbus_string_get_length (&error_message) > 0)
3322 dbus_set_error (error, DBUS_ERROR_SPAWN_EXEC_FAILED,
3323 "%s terminated abnormally with the following error: %s",
3324 progpath, _dbus_string_get_data (&error_message));
3326 dbus_set_error (error, DBUS_ERROR_SPAWN_EXEC_FAILED,
3327 "%s terminated abnormally without any error message",
3335 sigprocmask (SIG_SETMASK, &old_set, NULL);
3338 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
3340 _DBUS_ASSERT_ERROR_IS_SET (error);
3342 if (result_pipe[0] != -1)
3343 close (result_pipe[0]);
3344 if (result_pipe[1] != -1)
3345 close (result_pipe[1]);
3346 if (errors_pipe[0] != -1)
3347 close (errors_pipe[0]);
3348 if (errors_pipe[1] != -1)
3349 close (errors_pipe[1]);
3355 * Returns the address of a new session bus.
3357 * If successful, returns #TRUE and appends the address to @p
3358 * address. If a failure happens, returns #FALSE and
3359 * sets an error in @p error.
3361 * @param address a DBusString where the address can be stored
3362 * @param error a DBusError to store the error in case of failure
3363 * @returns #TRUE on success, #FALSE if an error happened
3366 _dbus_get_autolaunch_address (const char *scope,
3367 DBusString *address,
3370 #ifdef DBUS_ENABLE_X11_AUTOLAUNCH
3371 /* Perform X11-based autolaunch. (We also support launchd-based autolaunch,
3372 * but that's done elsewhere, and if it worked, this function wouldn't
3374 const char *display;
3375 static char *argv[6];
3380 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
3383 /* fd.o #19997: if $DISPLAY isn't set to something useful, then
3384 * dbus-launch-x11 is just going to fail. Rather than trying to
3385 * run it, we might as well bail out early with a nice error. */
3386 display = _dbus_getenv ("DISPLAY");
3388 if (display == NULL || display[0] == '\0')
3390 dbus_set_error_const (error, DBUS_ERROR_NOT_SUPPORTED,
3391 "Unable to autolaunch a dbus-daemon without a $DISPLAY for X11");
3395 if (!_dbus_string_init (&uuid))
3397 _DBUS_SET_OOM (error);
3401 if (!_dbus_get_local_machine_uuid_encoded (&uuid))
3403 _DBUS_SET_OOM (error);
3408 argv[i] = "dbus-launch";
3410 argv[i] = "--autolaunch";
3412 argv[i] = _dbus_string_get_data (&uuid);
3414 argv[i] = "--binary-syntax";
3416 argv[i] = "--close-stderr";
3421 _dbus_assert (i == _DBUS_N_ELEMENTS (argv));
3423 retval = _read_subprocess_line_argv (DBUS_BINDIR "/dbus-launch",
3425 argv, address, error);
3428 _dbus_string_free (&uuid);
3431 dbus_set_error_const (error, DBUS_ERROR_NOT_SUPPORTED,
3432 "Using X11 for dbus-daemon autolaunch was disabled at compile time, "
3433 "set your DBUS_SESSION_BUS_ADDRESS instead");
3439 * Reads the uuid of the machine we're running on from
3440 * the dbus configuration. Optionally try to create it
3441 * (only root can do this usually).
3443 * On UNIX, reads a file that gets created by dbus-uuidgen
3444 * in a post-install script. On Windows, if there's a standard
3445 * machine uuid we could just use that, but I can't find one
3446 * with the right properties (the hardware profile guid can change
3447 * without rebooting I believe). If there's no standard one
3448 * we might want to use the registry instead of a file for
3449 * this, and I'm not sure how we'd ensure the uuid gets created.
3451 * @param machine_id guid to init with the machine's uuid
3452 * @param create_if_not_found try to create the uuid if it doesn't exist
3453 * @param error the error return
3454 * @returns #FALSE if the error is set
3457 _dbus_read_local_machine_uuid (DBusGUID *machine_id,
3458 dbus_bool_t create_if_not_found,
3461 DBusString filename;
3464 _dbus_string_init_const (&filename, DBUS_MACHINE_UUID_FILE);
3466 b = _dbus_read_uuid_file (&filename, machine_id, create_if_not_found, error);
3470 dbus_error_free (error);
3472 /* Fallback to the system machine ID */
3473 _dbus_string_init_const (&filename, "/etc/machine-id");
3474 return _dbus_read_uuid_file (&filename, machine_id, FALSE, error);
3477 #define DBUS_UNIX_STANDARD_SESSION_SERVICEDIR "/dbus-1/services"
3478 #define DBUS_UNIX_STANDARD_SYSTEM_SERVICEDIR "/dbus-1/system-services"
3481 * quries launchd for a specific env var which holds the socket path.
3482 * @param launchd_env_var the env var to look up
3483 * @param error a DBusError to store the error in case of failure
3484 * @return the value of the env var
3487 _dbus_lookup_launchd_socket (DBusString *socket_path,
3488 const char *launchd_env_var,
3491 #ifdef DBUS_ENABLE_LAUNCHD
3495 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
3498 argv[i] = "launchctl";
3502 argv[i] = (char*)launchd_env_var;
3507 _dbus_assert (i == _DBUS_N_ELEMENTS (argv));
3509 if (!_read_subprocess_line_argv(argv[0], TRUE, argv, socket_path, error))
3514 /* no error, but no result either */
3515 if (_dbus_string_get_length(socket_path) == 0)
3520 /* strip the carriage-return */
3521 _dbus_string_shorten(socket_path, 1);
3523 #else /* DBUS_ENABLE_LAUNCHD */
3524 dbus_set_error(error, DBUS_ERROR_NOT_SUPPORTED,
3525 "can't lookup socket from launchd; launchd support not compiled in");
3531 _dbus_lookup_session_address_launchd (DBusString *address, DBusError *error)
3533 #ifdef DBUS_ENABLE_LAUNCHD
3534 dbus_bool_t valid_socket;
3535 DBusString socket_path;
3537 if (!_dbus_string_init (&socket_path))
3539 _DBUS_SET_OOM (error);
3543 valid_socket = _dbus_lookup_launchd_socket (&socket_path, "DBUS_LAUNCHD_SESSION_BUS_SOCKET", error);
3545 if (dbus_error_is_set(error))
3547 _dbus_string_free(&socket_path);
3553 dbus_set_error(error, "no socket path",
3554 "launchd did not provide a socket path, "
3555 "verify that org.freedesktop.dbus-session.plist is loaded!");
3556 _dbus_string_free(&socket_path);
3559 if (!_dbus_string_append (address, "unix:path="))
3561 _DBUS_SET_OOM (error);
3562 _dbus_string_free(&socket_path);
3565 if (!_dbus_string_copy (&socket_path, 0, address,
3566 _dbus_string_get_length (address)))
3568 _DBUS_SET_OOM (error);
3569 _dbus_string_free(&socket_path);
3573 _dbus_string_free(&socket_path);
3576 dbus_set_error(error, DBUS_ERROR_NOT_SUPPORTED,
3577 "can't lookup session address from launchd; launchd support not compiled in");
3583 * Determines the address of the session bus by querying a
3584 * platform-specific method.
3586 * The first parameter will be a boolean specifying whether
3587 * or not a dynamic session lookup is supported on this platform.
3589 * If supported is TRUE and the return value is #TRUE, the
3590 * address will be appended to @p address.
3591 * If a failure happens, returns #FALSE and sets an error in
3594 * If supported is FALSE, ignore the return value.
3596 * @param supported returns whether this method is supported
3597 * @param address a DBusString where the address can be stored
3598 * @param error a DBusError to store the error in case of failure
3599 * @returns #TRUE on success, #FALSE if an error happened
3602 _dbus_lookup_session_address (dbus_bool_t *supported,
3603 DBusString *address,
3606 #ifdef DBUS_ENABLE_LAUNCHD
3608 return _dbus_lookup_session_address_launchd (address, error);
3610 /* On non-Mac Unix platforms, if the session address isn't already
3611 * set in DBUS_SESSION_BUS_ADDRESS environment variable, we punt and
3612 * fall back to the autolaunch: global default; see
3613 * init_session_address in dbus/dbus-bus.c. */
3620 * Returns the standard directories for a session bus to look for service
3623 * On UNIX this should be the standard xdg freedesktop.org data directories:
3625 * XDG_DATA_HOME=${XDG_DATA_HOME-$HOME/.local/share}
3626 * XDG_DATA_DIRS=${XDG_DATA_DIRS-/usr/local/share:/usr/share}
3632 * @param dirs the directory list we are returning
3633 * @returns #FALSE on OOM
3637 _dbus_get_standard_session_servicedirs (DBusList **dirs)
3639 const char *xdg_data_home;
3640 const char *xdg_data_dirs;
3641 DBusString servicedir_path;
3643 if (!_dbus_string_init (&servicedir_path))
3646 xdg_data_home = _dbus_getenv ("XDG_DATA_HOME");
3647 xdg_data_dirs = _dbus_getenv ("XDG_DATA_DIRS");
3649 if (xdg_data_home != NULL)
3651 if (!_dbus_string_append (&servicedir_path, xdg_data_home))
3656 const DBusString *homedir;
3657 DBusString local_share;
3659 if (!_dbus_homedir_from_current_process (&homedir))
3662 if (!_dbus_string_append (&servicedir_path, _dbus_string_get_const_data (homedir)))
3665 _dbus_string_init_const (&local_share, "/.local/share");
3666 if (!_dbus_concat_dir_and_file (&servicedir_path, &local_share))
3670 if (!_dbus_string_append (&servicedir_path, ":"))
3673 if (xdg_data_dirs != NULL)
3675 if (!_dbus_string_append (&servicedir_path, xdg_data_dirs))
3678 if (!_dbus_string_append (&servicedir_path, ":"))
3683 if (!_dbus_string_append (&servicedir_path, "/usr/local/share:/usr/share:"))
3688 * add configured datadir to defaults
3689 * this may be the same as an xdg dir
3690 * however the config parser should take
3691 * care of duplicates
3693 if (!_dbus_string_append (&servicedir_path, DBUS_DATADIR))
3696 if (!_dbus_split_paths_and_append (&servicedir_path,
3697 DBUS_UNIX_STANDARD_SESSION_SERVICEDIR,
3701 _dbus_string_free (&servicedir_path);
3705 _dbus_string_free (&servicedir_path);
3711 * Returns the standard directories for a system bus to look for service
3714 * On UNIX this should be the standard xdg freedesktop.org data directories:
3716 * XDG_DATA_DIRS=${XDG_DATA_DIRS-/usr/local/share:/usr/share}
3722 * On Windows there is no system bus and this function can return nothing.
3724 * @param dirs the directory list we are returning
3725 * @returns #FALSE on OOM
3729 _dbus_get_standard_system_servicedirs (DBusList **dirs)
3731 const char *xdg_data_dirs;
3732 DBusString servicedir_path;
3734 if (!_dbus_string_init (&servicedir_path))
3737 xdg_data_dirs = _dbus_getenv ("XDG_DATA_DIRS");
3739 if (xdg_data_dirs != NULL)
3741 if (!_dbus_string_append (&servicedir_path, xdg_data_dirs))
3744 if (!_dbus_string_append (&servicedir_path, ":"))
3749 if (!_dbus_string_append (&servicedir_path, "/usr/local/share:/usr/share:"))
3754 * Add configured datadir to defaults. This may be the same as one
3755 * of the XDG directories. However, the config parser should take
3756 * care of the duplicates.
3758 * Also, append /lib as counterpart of /usr/share on the root
3759 * directory (the root directory does not know /share), in order to
3760 * facilitate early boot system bus activation where /usr might not
3763 if (!_dbus_string_append (&servicedir_path,
3768 if (!_dbus_split_paths_and_append (&servicedir_path,
3769 DBUS_UNIX_STANDARD_SYSTEM_SERVICEDIR,
3773 _dbus_string_free (&servicedir_path);
3777 _dbus_string_free (&servicedir_path);
3782 * Append the absolute path of the system.conf file
3783 * (there is no system bus on Windows so this can just
3784 * return FALSE and print a warning or something)
3786 * @param str the string to append to
3787 * @returns #FALSE if no memory
3790 _dbus_append_system_config_file (DBusString *str)
3792 return _dbus_string_append (str, DBUS_SYSTEM_CONFIG_FILE);
3796 * Append the absolute path of the session.conf file.
3798 * @param str the string to append to
3799 * @returns #FALSE if no memory
3802 _dbus_append_session_config_file (DBusString *str)
3804 return _dbus_string_append (str, DBUS_SESSION_CONFIG_FILE);
3808 * Called when the bus daemon is signaled to reload its configuration; any
3809 * caches should be nuked. Of course any caches that need explicit reload
3810 * are probably broken, but c'est la vie.
3815 _dbus_flush_caches (void)
3817 _dbus_user_database_flush_system ();
3821 * Appends the directory in which a keyring for the given credentials
3822 * should be stored. The credentials should have either a Windows or
3823 * UNIX user in them. The directory should be an absolute path.
3825 * On UNIX the directory is ~/.dbus-keyrings while on Windows it should probably
3826 * be something else, since the dotfile convention is not normal on Windows.
3828 * @param directory string to append directory to
3829 * @param credentials credentials the directory should be for
3831 * @returns #FALSE on no memory
3834 _dbus_append_keyring_directory_for_credentials (DBusString *directory,
3835 DBusCredentials *credentials)
3841 _dbus_assert (credentials != NULL);
3842 _dbus_assert (!_dbus_credentials_are_anonymous (credentials));
3844 if (!_dbus_string_init (&homedir))
3847 uid = _dbus_credentials_get_unix_uid (credentials);
3848 _dbus_assert (uid != DBUS_UID_UNSET);
3850 if (!_dbus_homedir_from_uid (uid, &homedir))
3853 #ifdef DBUS_BUILD_TESTS
3855 const char *override;
3857 override = _dbus_getenv ("DBUS_TEST_HOMEDIR");
3858 if (override != NULL && *override != '\0')
3860 _dbus_string_set_length (&homedir, 0);
3861 if (!_dbus_string_append (&homedir, override))
3864 _dbus_verbose ("Using fake homedir for testing: %s\n",
3865 _dbus_string_get_const_data (&homedir));
3869 static dbus_bool_t already_warned = FALSE;
3870 if (!already_warned)
3872 _dbus_warn ("Using your real home directory for testing, set DBUS_TEST_HOMEDIR to avoid\n");
3873 already_warned = TRUE;
3879 _dbus_string_init_const (&dotdir, ".dbus-keyrings");
3880 if (!_dbus_concat_dir_and_file (&homedir,
3884 if (!_dbus_string_copy (&homedir, 0,
3885 directory, _dbus_string_get_length (directory))) {
3889 _dbus_string_free (&homedir);
3893 _dbus_string_free (&homedir);
3897 //PENDING(kdab) docs
3899 _dbus_daemon_publish_session_bus_address (const char* addr,
3905 //PENDING(kdab) docs
3907 _dbus_daemon_unpublish_session_bus_address (void)
3913 * See if errno is EAGAIN or EWOULDBLOCK (this has to be done differently
3914 * for Winsock so is abstracted)
3916 * @returns #TRUE if errno == EAGAIN or errno == EWOULDBLOCK
3919 _dbus_get_is_errno_eagain_or_ewouldblock (void)
3921 return errno == EAGAIN || errno == EWOULDBLOCK;
3925 * Removes a directory; Directory must be empty
3927 * @param filename directory filename
3928 * @param error initialized error object
3929 * @returns #TRUE on success
3932 _dbus_delete_directory (const DBusString *filename,
3935 const char *filename_c;
3937 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
3939 filename_c = _dbus_string_get_const_data (filename);
3941 if (rmdir (filename_c) != 0)
3943 dbus_set_error (error, DBUS_ERROR_FAILED,
3944 "Failed to remove directory %s: %s\n",
3945 filename_c, _dbus_strerror (errno));
3953 * Checks whether file descriptors may be passed via the socket
3955 * @param fd the socket
3956 * @return TRUE when fd passing over this socket is supported
3960 _dbus_socket_can_pass_unix_fd(int fd) {
3965 struct sockaddr_storage storage;
3966 struct sockaddr_un un;
3969 socklen_t sa_len = sizeof(sa_buf);
3973 if (getsockname(fd, &sa_buf.sa, &sa_len) < 0)
3976 return sa_buf.sa.sa_family == AF_UNIX;
3986 * replaces the term DBUS_PREFIX in configure_time_path by the
3987 * current dbus installation directory. On unix this function is a noop
3989 * @param configure_time_path
3993 _dbus_replace_install_prefix (const char *configure_time_path)
3995 return configure_time_path;
3998 /* tests in dbus-sysdeps-util.c */
projects / platform / upstream / dbus.git / blob