diff options
author | Simon McVittie <smcv@collabora.com> | 2022-07-24 13:36:50 +0100 |
---|---|---|
committer | Simon McVittie <smcv@collabora.com> | 2022-07-24 14:07:02 +0100 |
commit | 32b226d1b1e23e7f45d874c0147b9d3ab89e2747 (patch) | |
tree | 0d7fec3ff65cac4c840a0da7a4300a09341d9d93 | |
parent | e0a0749268d58e37d5235a24a9f23fdaf7d56155 (diff) | |
download | glib-32b226d1b1e23e7f45d874c0147b9d3ab89e2747.tar.gz |
gdbus: Allow cross-namespace connections to Linux session and system buses
The dominant implementations of the well-known session and system
message buses are the reference implementation from the dbus project
(dbus-daemon) and the sd-bus-based reimplementation dbus-broker, both
of which have correct implementations for EXTERNAL authentication with
an unspecified authorization identity.
This makes it reasonably safe to assume that the well-known message
buses can cope with the unspecified authorization identity, even if we
cannot make the same assumption for custom servers such as the ones
used in ibus and gvfs (which might have been started with an older
GLib version before upgrading GLib in-place).
Signed-off-by: Simon McVittie <smcv@collabora.com>
-rw-r--r-- | gio/gdbusauth.c | 4 | ||||
-rw-r--r-- | gio/gdbusauthmechanism.c | 6 | ||||
-rw-r--r-- | gio/gdbusauthmechanismsha1.c | 2 | ||||
-rw-r--r-- | gio/gdbusconnection.c | 3 | ||||
-rw-r--r-- | gio/tests/gdbus-connection.c | 3 |
5 files changed, 14 insertions, 4 deletions
diff --git a/gio/gdbusauth.c b/gio/gdbusauth.c index eadecb50d..671036805 100644 --- a/gio/gdbusauth.c +++ b/gio/gdbusauth.c @@ -577,8 +577,8 @@ _g_dbus_auth_run_client (GDBusAuth *auth, ClientState state; GDBusCapabilityFlags negotiated_capabilities; - g_return_val_if_fail ((connection->flags & G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_CLIENT), NULL); - g_return_val_if_fail (!(connection->flags & G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_SERVER), NULL); + g_return_val_if_fail ((conn_flags & G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_CLIENT), NULL); + g_return_val_if_fail (!(conn_flags & G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_SERVER), NULL); debug_print ("CLIENT: initiating"); diff --git a/gio/gdbusauthmechanism.c b/gio/gdbusauthmechanism.c index 38d7210e5..6e494dbd9 100644 --- a/gio/gdbusauthmechanism.c +++ b/gio/gdbusauthmechanism.c @@ -301,11 +301,13 @@ _g_dbus_auth_mechanism_client_get_state (GDBusAuthMechanism *mechanism) } gchar * -_g_dbus_auth_mechanism_client_initiate (GDBusAuthMechanism *mechanism, - gsize *out_initial_response_len) +_g_dbus_auth_mechanism_client_initiate (GDBusAuthMechanism *mechanism, + GDBusConnectionFlags conn_flags, + gsize *out_initial_response_len) { g_return_val_if_fail (G_IS_DBUS_AUTH_MECHANISM (mechanism), NULL); return G_DBUS_AUTH_MECHANISM_GET_CLASS (mechanism)->client_initiate (mechanism, + conn_flags, out_initial_response_len); } diff --git a/gio/gdbusauthmechanismsha1.c b/gio/gdbusauthmechanismsha1.c index a11c9f38d..fb6488a2a 100644 --- a/gio/gdbusauthmechanismsha1.c +++ b/gio/gdbusauthmechanismsha1.c @@ -119,6 +119,7 @@ static gchar *mechanism_server_get_reject_reason (GDBusAuthMe static void mechanism_server_shutdown (GDBusAuthMechanism *mechanism); static GDBusAuthMechanismState mechanism_client_get_state (GDBusAuthMechanism *mechanism); static gchar *mechanism_client_initiate (GDBusAuthMechanism *mechanism, + GDBusConnectionFlags conn_flags, gsize *out_initial_response_len); static void mechanism_client_data_receive (GDBusAuthMechanism *mechanism, const gchar *data, @@ -1160,6 +1161,7 @@ mechanism_client_get_state (GDBusAuthMechanism *mechanism) static gchar * mechanism_client_initiate (GDBusAuthMechanism *mechanism, + GDBusConnectionFlags conn_flags, gsize *out_initial_response_len) { GDBusAuthMechanismSha1 *m = G_DBUS_AUTH_MECHANISM_SHA1 (mechanism); diff --git a/gio/gdbusconnection.c b/gio/gdbusconnection.c index 454f216bd..663cd95ab 100644 --- a/gio/gdbusconnection.c +++ b/gio/gdbusconnection.c @@ -7369,6 +7369,9 @@ get_uninitialized_connection (GBusType bus_type, ret = g_object_new (G_TYPE_DBUS_CONNECTION, "address", address, "flags", G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_CLIENT | +#ifdef __linux__ + G_DBUS_CONNECTION_FLAGS_CROSS_NAMESPACE | +#endif G_DBUS_CONNECTION_FLAGS_MESSAGE_BUS_CONNECTION, "exit-on-close", TRUE, NULL); diff --git a/gio/tests/gdbus-connection.c b/gio/tests/gdbus-connection.c index 61ca5c4b7..d04dd0446 100644 --- a/gio/tests/gdbus-connection.c +++ b/gio/tests/gdbus-connection.c @@ -1234,6 +1234,9 @@ test_connection_basic (void) flags == G_DBUS_CAPABILITY_FLAGS_UNIX_FD_PASSING); connection_flags = g_dbus_connection_get_flags (connection); + /* Ignore G_DBUS_CONNECTION_FLAGS_CROSS_NAMESPACE, it's an + * implementation detail whether we set it */ + connection_flags &= ~G_DBUS_CONNECTION_FLAGS_CROSS_NAMESPACE; g_assert_cmpint (connection_flags, ==, G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_CLIENT | G_DBUS_CONNECTION_FLAGS_MESSAGE_BUS_CONNECTION); |