summaryrefslogtreecommitdiff
path: root/dbus/dbus-auth.c
diff options
context:
space:
mode:
authorHavoc Pennington <hp@redhat.com>2007-06-09 21:53:20 +0000
committerHavoc Pennington <hp@redhat.com>2007-06-09 21:53:20 +0000
commit23832672266bb4ff23b66247c0cfa1a2ed0cc97b (patch)
tree119e37411f14923780de3ca7a759707508f1ec63 /dbus/dbus-auth.c
parentb80a8fe6b364543aa4b32a02a5ad913faf97173b (diff)
downloaddbus-23832672266bb4ff23b66247c0cfa1a2ed0cc97b.tar.gz
2007-06-09 Havoc Pennington <hp@redhat.com>
* bus/dispatch.c (check_get_connection_unix_process_id): adapt since sysdeps-unix.h stuff isn't included anymore * bus/bus.c (bus_context_new): use more abstract functions to change user, so they can be no-ops on Windows * dbus/dbus-credentials.c, dbus/dbus-credentials.h, dbus/dbus-credentials-util.c: new files containing a fully opaque DBusCredentials data type to replace the old not opaque one. * configure.in (DBUS_UNIX): define DBUS_UNIX to match DBUS_WIN on windows * dbus/dbus-userdb.h: prohibit on Windows, next step is to clean up the uses of it in bus/*.c and factor out the parts of cookie auth that depend on it
Diffstat (limited to 'dbus/dbus-auth.c')
-rw-r--r--dbus/dbus-auth.c146
1 files changed, 94 insertions, 52 deletions
diff --git a/dbus/dbus-auth.c b/dbus/dbus-auth.c
index 7ece76e4..b1d57a49 100644
--- a/dbus/dbus-auth.c
+++ b/dbus/dbus-auth.c
@@ -27,7 +27,7 @@
#include "dbus-keyring.h"
#include "dbus-sha.h"
#include "dbus-protocol.h"
-#include "dbus-userdb.h"
+#include "dbus-credentials.h"
/**
* @defgroup DBusAuth Authentication
@@ -162,13 +162,12 @@ struct DBusAuth
* as.
*/
- DBusCredentials credentials; /**< Credentials read from socket,
- * fields may be -1
- */
+ DBusCredentials *credentials; /**< Credentials read from socket
+ */
- DBusCredentials authorized_identity; /**< Credentials that are authorized */
+ DBusCredentials *authorized_identity; /**< Credentials that are authorized */
- DBusCredentials desired_identity; /**< Identity client has requested */
+ DBusCredentials *desired_identity; /**< Identity client has requested */
DBusString context; /**< Cookie scope */
DBusKeyring *keyring; /**< Keyring for cookie mechanism. */
@@ -331,10 +330,6 @@ _dbus_auth_new (int size)
return NULL;
auth->refcount = 1;
-
- _dbus_credentials_clear (&auth->credentials);
- _dbus_credentials_clear (&auth->authorized_identity);
- _dbus_credentials_clear (&auth->desired_identity);
auth->keyring = NULL;
auth->cookie_id = -1;
@@ -365,9 +360,31 @@ _dbus_auth_new (int size)
/* default context if none is specified */
if (!_dbus_string_append (&auth->context, "org_freedesktop_general"))
goto enomem_5;
+
+ auth->credentials = _dbus_credentials_new ();
+ if (auth->credentials == NULL)
+ goto enomem_6;
+
+ auth->authorized_identity = _dbus_credentials_new ();
+ if (auth->authorized_identity == NULL)
+ goto enomem_7;
+
+ auth->desired_identity = _dbus_credentials_new ();
+ if (auth->desired_identity == NULL)
+ goto enomem_8;
return auth;
+#if 0
+ enomem_9:
+ _dbus_credentials_unref (auth->desired_identity);
+#endif
+ enomem_8:
+ _dbus_credentials_unref (auth->authorized_identity);
+ enomem_7:
+ _dbus_credentials_unref (auth->credentials);
+ enomem_6:
+ /* last alloc was an append to context, which is freed already below */ ;
enomem_5:
_dbus_string_free (&auth->challenge);
enomem_4:
@@ -390,8 +407,8 @@ shutdown_mech (DBusAuth *auth)
auth->already_asked_for_initial_response = FALSE;
_dbus_string_set_length (&auth->identity, 0);
- _dbus_credentials_clear (&auth->authorized_identity);
- _dbus_credentials_clear (&auth->desired_identity);
+ _dbus_credentials_clear (auth->authorized_identity);
+ _dbus_credentials_clear (auth->desired_identity);
if (auth->mech != NULL)
{
@@ -513,7 +530,7 @@ sha1_handle_first_client_response (DBusAuth *auth,
}
}
- if (!_dbus_credentials_from_username (data, &auth->desired_identity))
+ if (!_dbus_credentials_add_from_username (auth->desired_identity, data))
{
_dbus_verbose ("%s: Did not get a valid username from client\n",
DBUS_AUTH_NAME (auth));
@@ -706,14 +723,17 @@ sha1_handle_second_client_response (DBusAuth *auth,
retval = TRUE;
goto out_3;
}
-
+
+ if (!_dbus_credentials_add_credentials (auth->authorized_identity,
+ auth->desired_identity))
+ goto out_3;
+
if (!send_ok (auth))
goto out_3;
- _dbus_verbose ("%s: authenticated client with UID "DBUS_UID_FORMAT" using DBUS_COOKIE_SHA1\n",
- DBUS_AUTH_NAME (auth), auth->desired_identity.uid);
+ _dbus_verbose ("%s: authenticated client using DBUS_COOKIE_SHA1\n",
+ DBUS_AUTH_NAME (auth));
- auth->authorized_identity = auth->desired_identity;
retval = TRUE;
out_3:
@@ -966,7 +986,7 @@ static dbus_bool_t
handle_server_data_external_mech (DBusAuth *auth,
const DBusString *data)
{
- if (auth->credentials.uid == DBUS_UID_UNSET)
+ if (_dbus_credentials_are_empty (auth->credentials))
{
_dbus_verbose ("%s: no credentials, mechanism EXTERNAL can't authenticate\n",
DBUS_AUTH_NAME (auth));
@@ -1005,7 +1025,7 @@ handle_server_data_external_mech (DBusAuth *auth,
return FALSE;
}
- _dbus_credentials_clear (&auth->desired_identity);
+ _dbus_credentials_clear (auth->desired_identity);
/* If auth->identity is still empty here, then client
* responded with an empty string after we poked it for
@@ -1014,12 +1034,16 @@ handle_server_data_external_mech (DBusAuth *auth,
*/
if (_dbus_string_get_length (&auth->identity) == 0)
{
- auth->desired_identity.uid = auth->credentials.uid;
+ if (!_dbus_credentials_add_credentials (auth->desired_identity,
+ auth->credentials))
+ {
+ return FALSE; /* OOM */
+ }
}
else
{
- if (!_dbus_parse_uid (&auth->identity,
- &auth->desired_identity.uid))
+ if (!_dbus_credentials_parse_and_add_desired(auth->desired_identity,
+ &auth->identity))
{
_dbus_verbose ("%s: could not get credentials from uid string\n",
DBUS_AUTH_NAME (auth));
@@ -1027,7 +1051,7 @@ handle_server_data_external_mech (DBusAuth *auth,
}
}
- if (auth->desired_identity.uid == DBUS_UID_UNSET)
+ if (_dbus_credentials_are_empty(auth->desired_identity))
{
_dbus_verbose ("%s: desired user %s is no good\n",
DBUS_AUTH_NAME (auth),
@@ -1035,32 +1059,34 @@ handle_server_data_external_mech (DBusAuth *auth,
return send_rejected (auth);
}
- if (_dbus_credentials_match (&auth->desired_identity,
- &auth->credentials))
+ if (_dbus_credentials_are_superset (auth->credentials,
+ auth->desired_identity))
{
- /* client has authenticated */
+ /* client has authenticated */
+ if (!_dbus_credentials_add_credentials (auth->authorized_identity,
+ auth->desired_identity))
+ return FALSE;
+
+ /* also copy process ID from the socket credentials - FIXME this
+ * should be done even if auth EXTERNAL not used
+ */
+ if (!_dbus_credentials_add_credential (auth->authorized_identity,
+ DBUS_CREDENTIAL_UNIX_PROCESS_ID,
+ auth->credentials))
+ return FALSE;
+
if (!send_ok (auth))
return FALSE;
- _dbus_verbose ("%s: authenticated client with UID "DBUS_UID_FORMAT
- " matching socket credentials UID "DBUS_UID_FORMAT"\n",
- DBUS_AUTH_NAME (auth),
- auth->desired_identity.uid,
- auth->credentials.uid);
+ _dbus_verbose ("%s: authenticated client based on socket credentials\n",
+ DBUS_AUTH_NAME (auth));
- auth->authorized_identity.pid = auth->credentials.pid;
- auth->authorized_identity.uid = auth->desired_identity.uid;
return TRUE;
}
else
{
- _dbus_verbose ("%s: credentials uid="DBUS_UID_FORMAT
- " gid="DBUS_GID_FORMAT
- " do not allow uid="DBUS_UID_FORMAT
- " gid="DBUS_GID_FORMAT"\n",
- DBUS_AUTH_NAME (auth),
- auth->credentials.uid, auth->credentials.gid,
- auth->desired_identity.uid, auth->desired_identity.gid);
+ _dbus_verbose ("%s: desired identity not found in socket credentials\n",
+ DBUS_AUTH_NAME (auth));
return send_rejected (auth);
}
}
@@ -1084,9 +1110,8 @@ handle_client_initial_response_external_mech (DBusAuth *auth,
if (!_dbus_string_init (&plaintext))
return FALSE;
-
- if (!_dbus_string_append_uint (&plaintext,
- _dbus_getuid ()))
+
+ if (!_dbus_append_desired_identity (&plaintext))
goto failed;
if (!_dbus_string_hex_encode (&plaintext, 0,
@@ -2105,6 +2130,10 @@ _dbus_auth_unref (DBusAuth *auth)
_dbus_string_free (&auth->outgoing);
dbus_free_string_array (auth->allowed_mechs);
+
+ _dbus_credentials_unref (auth->credentials);
+ _dbus_credentials_unref (auth->authorized_identity);
+ _dbus_credentials_unref (auth->desired_identity);
dbus_free (auth);
}
@@ -2435,29 +2464,42 @@ _dbus_auth_decode_data (DBusAuth *auth,
*
* @param auth the auth conversation
* @param credentials the credentials received
+ * @returns #FALSE on OOM
*/
-void
+dbus_bool_t
_dbus_auth_set_credentials (DBusAuth *auth,
- const DBusCredentials *credentials)
+ DBusCredentials *credentials)
{
- auth->credentials = *credentials;
+ _dbus_credentials_clear (auth->credentials);
+ return _dbus_credentials_add_credentials (auth->credentials,
+ credentials);
}
/**
* Gets the identity we authorized the client as. Apps may have
* different policies as to what identities they allow.
*
+ * Returned credentials are not a copy and should not be modified
+ *
* @param auth the auth conversation
- * @param credentials the credentials we've authorized
+ * @returns the credentials we've authorized BY REFERENCE do not modify
*/
-void
-_dbus_auth_get_identity (DBusAuth *auth,
- DBusCredentials *credentials)
+DBusCredentials*
+_dbus_auth_get_identity (DBusAuth *auth)
{
if (auth->state == &common_state_authenticated)
- *credentials = auth->authorized_identity;
+ {
+ return auth->authorized_identity;
+ }
else
- _dbus_credentials_clear (credentials);
+ {
+ /* FIXME instead of this, keep an empty credential around that
+ * doesn't require allocation or something
+ */
+ /* return empty credentials */
+ _dbus_assert (_dbus_credentials_are_empty (auth->authorized_identity));
+ return auth->authorized_identity;
+ }
}
/**