25 #include "dbus-auth.h"
26 #include "dbus-string.h"
27 #include "dbus-list.h"
28 #include "dbus-internals.h"
29 #include "dbus-keyring.h"
31 #include "dbus-protocol.h"
32 #include "dbus-credentials.h"
120 DBUS_AUTH_COMMAND_AUTH,
121 DBUS_AUTH_COMMAND_CANCEL,
122 DBUS_AUTH_COMMAND_DATA,
123 DBUS_AUTH_COMMAND_BEGIN,
124 DBUS_AUTH_COMMAND_REJECTED,
125 DBUS_AUTH_COMMAND_OK,
126 DBUS_AUTH_COMMAND_ERROR,
127 DBUS_AUTH_COMMAND_UNKNOWN,
128 DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD,
129 DBUS_AUTH_COMMAND_AGREE_UNIX_FD
223 static void goto_state (
DBusAuth *auth,
231 const char *message);
253 "WaitingForAuth", handle_server_state_waiting_for_auth
256 "WaitingForData", handle_server_state_waiting_for_data
259 "WaitingForBegin", handle_server_state_waiting_for_begin
283 "WaitingForData", handle_client_state_waiting_for_data
286 "WaitingForOK", handle_client_state_waiting_for_ok
289 "WaitingForReject", handle_client_state_waiting_for_reject
292 "WaitingForAgreeUnixFD", handle_client_state_waiting_for_agree_unix_fd
300 "Authenticated",
NULL
304 "NeedDisconnect",
NULL
307 static const char auth_side_client[] =
"client";
308 static const char auth_side_server[] =
"server";
313 #define DBUS_AUTH_IS_SERVER(auth) ((auth)->side == auth_side_server)
318 #define DBUS_AUTH_IS_CLIENT(auth) ((auth)->side == auth_side_client)
323 #define DBUS_AUTH_CLIENT(auth) ((DBusAuthClient*)(auth))
328 #define DBUS_AUTH_SERVER(auth) ((DBusAuthServer*)(auth))
335 #define DBUS_AUTH_NAME(auth) ((auth)->side)
338 _dbus_auth_new (
int size)
429 _dbus_verbose (
"%s: Shutting down mechanism %s\n",
516 #define N_CHALLENGE_BYTES (128/8)
519 sha1_handle_first_client_response (
DBusAuth *auth,
539 _dbus_verbose (
"%s: client tried to send auth identity, but we already have one\n",
541 return send_rejected (auth);
553 _dbus_verbose (
"%s: Did not get a valid username from client\n",
555 return send_rejected (auth);
596 _DBUS_ASSERT_ERROR_IS_SET (&error);
597 _dbus_verbose (
"%s: Error loading keyring: %s\n",
599 if (send_rejected (auth))
617 _DBUS_ASSERT_ERROR_IS_SET (&error);
618 _dbus_verbose (
"%s: Could not get a cookie ID to send to client: %s\n",
620 if (send_rejected (auth))
654 if (!send_data (auth, &tmp2))
657 goto_state (auth, &server_state_waiting_for_data);
670 sha1_handle_second_client_response (
DBusAuth *auth,
688 _dbus_verbose (
"%s: no space separator in client response\n",
690 return send_rejected (auth);
714 _dbus_verbose (
"%s: zero-length client challenge or hash\n",
716 if (send_rejected (auth))
724 if (!sha1_compute_hash (auth, auth->
cookie_id,
733 if (send_rejected (auth))
740 if (send_rejected (auth))
752 DBUS_CREDENTIAL_UNIX_PROCESS_ID,
759 _dbus_verbose (
"%s: authenticated client using DBUS_COOKIE_SHA1\n",
777 handle_server_data_cookie_sha1_mech (
DBusAuth *auth,
781 return sha1_handle_first_client_response (auth, data);
783 return sha1_handle_second_client_response (auth, data);
787 handle_server_shutdown_cookie_sha1_mech (
DBusAuth *auth)
794 handle_client_initial_response_cookie_sha1_mech (
DBusAuth *auth,
822 handle_client_data_cookie_sha1_mech (
DBusAuth *auth,
843 if (send_error (auth,
844 "Server did not send context/ID/challenge properly"))
859 if (send_error (auth,
860 "Server did not send context/ID/challenge properly"))
880 &server_challenge, 0))
885 if (send_error (auth,
"Server sent invalid cookie context"))
892 if (send_error (auth,
"Could not parse cookie ID as an integer"))
899 if (send_error (auth,
"Empty server challenge string"))
923 _DBUS_ASSERT_ERROR_IS_SET (&error);
925 _dbus_verbose (
"%s: Error loading keyring: %s\n",
928 if (send_error (auth,
"Could not load cookie file"))
958 if (!sha1_compute_hash (auth, val,
967 if (send_error (auth,
"Don't have the requested cookie ID"))
985 if (!send_data (auth, &tmp))
1009 handle_client_shutdown_cookie_sha1_mech (
DBusAuth *auth)
1020 handle_server_data_external_mech (
DBusAuth *auth,
1025 _dbus_verbose (
"%s: no credentials, mechanism EXTERNAL can't authenticate\n",
1027 return send_rejected (auth);
1035 _dbus_verbose (
"%s: client tried to send auth identity, but we already have one\n",
1037 return send_rejected (auth);
1051 if (send_data (auth,
NULL))
1053 _dbus_verbose (
"%s: sending empty challenge asking client for auth identity\n",
1056 goto_state (auth, &server_state_waiting_for_data);
1083 _dbus_verbose (
"%s: could not get credentials from uid string\n",
1085 return send_rejected (auth);
1091 _dbus_verbose (
"%s: desired user %s is no good\n",
1094 return send_rejected (auth);
1108 DBUS_CREDENTIAL_UNIX_PROCESS_ID,
1115 DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID,
1119 if (!send_ok (auth))
1122 _dbus_verbose (
"%s: authenticated client based on socket credentials\n",
1129 _dbus_verbose (
"%s: desired identity not found in socket credentials\n",
1131 return send_rejected (auth);
1136 handle_server_shutdown_external_mech (
DBusAuth *auth)
1142 handle_client_initial_response_external_mech (
DBusAuth *auth,
1173 handle_client_data_external_mech (
DBusAuth *auth,
1181 handle_client_shutdown_external_mech (
DBusAuth *auth)
1191 handle_server_data_anonymous_mech (
DBusAuth *auth,
1203 _dbus_verbose (
"%s: Received invalid UTF-8 trace data from ANONYMOUS client\n",
1205 return send_rejected (auth);
1208 _dbus_verbose (
"%s: ANONYMOUS client sent trace string: '%s'\n",
1219 DBUS_CREDENTIAL_UNIX_PROCESS_ID,
1224 if (!send_ok (auth))
1227 _dbus_verbose (
"%s: authenticated client as anonymous\n",
1234 handle_server_shutdown_anonymous_mech (
DBusAuth *auth)
1240 handle_client_initial_response_anonymous_mech (
DBusAuth *auth,
1273 handle_client_data_anonymous_mech (
DBusAuth *auth,
1281 handle_client_shutdown_anonymous_mech (
DBusAuth *auth)
1298 all_mechanisms[] = {
1300 handle_server_data_external_mech,
1302 handle_server_shutdown_external_mech,
1303 handle_client_initial_response_external_mech,
1304 handle_client_data_external_mech,
1306 handle_client_shutdown_external_mech },
1307 {
"DBUS_COOKIE_SHA1",
1308 handle_server_data_cookie_sha1_mech,
1310 handle_server_shutdown_cookie_sha1_mech,
1311 handle_client_initial_response_cookie_sha1_mech,
1312 handle_client_data_cookie_sha1_mech,
1314 handle_client_shutdown_cookie_sha1_mech },
1316 handle_server_data_anonymous_mech,
1318 handle_server_shutdown_anonymous_mech,
1319 handle_client_initial_response_anonymous_mech,
1320 handle_client_data_anonymous_mech,
1322 handle_client_shutdown_anonymous_mech },
1328 char **allowed_mechs)
1332 if (allowed_mechs !=
NULL &&
1338 while (all_mechanisms[i].mechanism !=
NULL)
1341 all_mechanisms[i].mechanism))
1343 return &all_mechanisms[i];
1404 shutdown_mech (auth);
1406 goto_state (auth, &client_state_waiting_for_data);
1455 while (all_mechanisms[i].mechanism !=
NULL)
1462 all_mechanisms[i].mechanism))
1475 shutdown_mech (auth);
1482 goto_state (auth, &common_state_need_disconnect);
1484 goto_state (auth, &server_state_waiting_for_auth);
1496 send_error (
DBusAuth *auth,
const char *message)
1499 "ERROR \"%s\"\r\n", message);
1516 goto_state (auth, &server_state_waiting_for_begin);
1534 goto_state (auth, &common_state_authenticated);
1560 _dbus_verbose (
"Bad GUID from server, parsed %d bytes and had %d bytes from server\n",
1562 goto_state (auth, &common_state_need_disconnect);
1571 _dbus_verbose (
"Got GUID '%s' from the server\n",
1576 if (!send_negotiate_unix_fd (auth))
1585 _dbus_verbose(
"Not negotiating unix fd passing, since not possible\n");
1586 return send_begin (auth);
1594 goto_state (auth, &client_state_waiting_for_reject);
1621 if (!send_error (auth,
"Invalid hex encoding"))
1627 #ifdef DBUS_ENABLE_VERBOSE_MODE
1630 _dbus_verbose (
"%s: data: '%s'\n",
1635 if (!(* data_func) (auth, &decoded))
1646 send_negotiate_unix_fd (
DBusAuth *auth)
1649 "NEGOTIATE_UNIX_FD\r\n"))
1652 goto_state (auth, &client_state_waiting_for_agree_unix_fd);
1657 send_agree_unix_fd (
DBusAuth *auth)
1662 _dbus_verbose(
"Agreed to UNIX FD passing\n");
1665 "AGREE_UNIX_FD\r\n"))
1668 goto_state (auth, &server_state_waiting_for_begin);
1678 if (!send_rejected (auth))
1710 _dbus_verbose (
"%s: Trying mechanism %s\n",
1714 if (!process_data (auth, &hex_response,
1721 _dbus_verbose (
"%s: Unsupported mechanism %s\n",
1725 if (!send_rejected (auth))
1743 handle_server_state_waiting_for_auth (
DBusAuth *auth,
1749 case DBUS_AUTH_COMMAND_AUTH:
1750 return handle_auth (auth, args);
1752 case DBUS_AUTH_COMMAND_CANCEL:
1753 case DBUS_AUTH_COMMAND_DATA:
1754 return send_error (auth,
"Not currently in an auth conversation");
1756 case DBUS_AUTH_COMMAND_BEGIN:
1757 goto_state (auth, &common_state_need_disconnect);
1760 case DBUS_AUTH_COMMAND_ERROR:
1761 return send_rejected (auth);
1763 case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
1764 return send_error (auth,
"Need to authenticate first");
1766 case DBUS_AUTH_COMMAND_REJECTED:
1767 case DBUS_AUTH_COMMAND_OK:
1768 case DBUS_AUTH_COMMAND_UNKNOWN:
1769 case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
1771 return send_error (auth,
"Unknown command");
1776 handle_server_state_waiting_for_data (
DBusAuth *auth,
1782 case DBUS_AUTH_COMMAND_AUTH:
1783 return send_error (auth,
"Sent AUTH while another AUTH in progress");
1785 case DBUS_AUTH_COMMAND_CANCEL:
1786 case DBUS_AUTH_COMMAND_ERROR:
1787 return send_rejected (auth);
1789 case DBUS_AUTH_COMMAND_DATA:
1792 case DBUS_AUTH_COMMAND_BEGIN:
1793 goto_state (auth, &common_state_need_disconnect);
1796 case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
1797 return send_error (auth,
"Need to authenticate first");
1799 case DBUS_AUTH_COMMAND_REJECTED:
1800 case DBUS_AUTH_COMMAND_OK:
1801 case DBUS_AUTH_COMMAND_UNKNOWN:
1802 case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
1804 return send_error (auth,
"Unknown command");
1809 handle_server_state_waiting_for_begin (
DBusAuth *auth,
1815 case DBUS_AUTH_COMMAND_AUTH:
1816 return send_error (auth,
"Sent AUTH while expecting BEGIN");
1818 case DBUS_AUTH_COMMAND_DATA:
1819 return send_error (auth,
"Sent DATA while expecting BEGIN");
1821 case DBUS_AUTH_COMMAND_BEGIN:
1822 goto_state (auth, &common_state_authenticated);
1825 case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
1827 return send_agree_unix_fd(auth);
1829 return send_error(auth,
"Unix FD passing not supported, not authenticated or otherwise not possible");
1831 case DBUS_AUTH_COMMAND_REJECTED:
1832 case DBUS_AUTH_COMMAND_OK:
1833 case DBUS_AUTH_COMMAND_UNKNOWN:
1834 case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
1836 return send_error (auth,
"Unknown command");
1838 case DBUS_AUTH_COMMAND_CANCEL:
1839 case DBUS_AUTH_COMMAND_ERROR:
1840 return send_rejected (auth);
1887 if (!get_word (args, &next, &m))
1906 if (mech != &all_mechanisms[0])
1908 _dbus_verbose (
"%s: Adding mechanism %s to list we will try\n",
1920 _dbus_verbose (
"%s: Already tried mechanism %s; not adding to list we will try\n",
1926 _dbus_verbose (
"%s: Server offered mechanism \"%s\" that we don't know how to use\n",
1954 if (!record_mechanisms (auth, args))
1962 if (!send_auth (auth, mech))
1967 _dbus_verbose (
"%s: Trying mechanism %s\n",
1974 _dbus_verbose (
"%s: Disconnecting because we are out of mechanisms to try using\n",
1976 goto_state (auth, &common_state_need_disconnect);
1984 handle_client_state_waiting_for_data (
DBusAuth *auth,
1992 case DBUS_AUTH_COMMAND_DATA:
1995 case DBUS_AUTH_COMMAND_REJECTED:
1996 return process_rejected (auth, args);
1998 case DBUS_AUTH_COMMAND_OK:
1999 return process_ok(auth, args);
2001 case DBUS_AUTH_COMMAND_ERROR:
2002 return send_cancel (auth);
2004 case DBUS_AUTH_COMMAND_AUTH:
2005 case DBUS_AUTH_COMMAND_CANCEL:
2006 case DBUS_AUTH_COMMAND_BEGIN:
2007 case DBUS_AUTH_COMMAND_UNKNOWN:
2008 case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
2009 case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
2011 return send_error (auth,
"Unknown command");
2016 handle_client_state_waiting_for_ok (
DBusAuth *auth,
2022 case DBUS_AUTH_COMMAND_REJECTED:
2023 return process_rejected (auth, args);
2025 case DBUS_AUTH_COMMAND_OK:
2026 return process_ok(auth, args);
2028 case DBUS_AUTH_COMMAND_DATA:
2029 case DBUS_AUTH_COMMAND_ERROR:
2030 return send_cancel (auth);
2032 case DBUS_AUTH_COMMAND_AUTH:
2033 case DBUS_AUTH_COMMAND_CANCEL:
2034 case DBUS_AUTH_COMMAND_BEGIN:
2035 case DBUS_AUTH_COMMAND_UNKNOWN:
2036 case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
2037 case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
2039 return send_error (auth,
"Unknown command");
2044 handle_client_state_waiting_for_reject (
DBusAuth *auth,
2050 case DBUS_AUTH_COMMAND_REJECTED:
2051 return process_rejected (auth, args);
2053 case DBUS_AUTH_COMMAND_AUTH:
2054 case DBUS_AUTH_COMMAND_CANCEL:
2055 case DBUS_AUTH_COMMAND_DATA:
2056 case DBUS_AUTH_COMMAND_BEGIN:
2057 case DBUS_AUTH_COMMAND_OK:
2058 case DBUS_AUTH_COMMAND_ERROR:
2059 case DBUS_AUTH_COMMAND_UNKNOWN:
2060 case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
2061 case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
2063 goto_state (auth, &common_state_need_disconnect);
2069 handle_client_state_waiting_for_agree_unix_fd(
DBusAuth *auth,
2075 case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
2078 _dbus_verbose(
"Successfully negotiated UNIX FD passing\n");
2079 return send_begin (auth);
2081 case DBUS_AUTH_COMMAND_ERROR:
2084 _dbus_verbose(
"Failed to negotiate UNIX FD passing\n");
2085 return send_begin (auth);
2087 case DBUS_AUTH_COMMAND_OK:
2088 case DBUS_AUTH_COMMAND_DATA:
2089 case DBUS_AUTH_COMMAND_REJECTED:
2090 case DBUS_AUTH_COMMAND_AUTH:
2091 case DBUS_AUTH_COMMAND_CANCEL:
2092 case DBUS_AUTH_COMMAND_BEGIN:
2093 case DBUS_AUTH_COMMAND_UNKNOWN:
2094 case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
2096 return send_error (auth,
"Unknown command");
2109 {
"AUTH", DBUS_AUTH_COMMAND_AUTH },
2110 {
"CANCEL", DBUS_AUTH_COMMAND_CANCEL },
2111 {
"DATA", DBUS_AUTH_COMMAND_DATA },
2112 {
"BEGIN", DBUS_AUTH_COMMAND_BEGIN },
2113 {
"REJECTED", DBUS_AUTH_COMMAND_REJECTED },
2114 {
"OK", DBUS_AUTH_COMMAND_OK },
2115 {
"ERROR", DBUS_AUTH_COMMAND_ERROR },
2116 {
"NEGOTIATE_UNIX_FD", DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD },
2117 {
"AGREE_UNIX_FD", DBUS_AUTH_COMMAND_AGREE_UNIX_FD }
2121 lookup_command_from_name (
DBusString *command)
2128 auth_command_names[i].name))
2129 return auth_command_names[i].command;
2132 return DBUS_AUTH_COMMAND_UNKNOWN;
2139 _dbus_verbose (
"%s: going from state %s to state %s\n",
2144 auth->
state = state;
2185 _dbus_verbose (
"%s: Command contained non-ASCII chars or embedded nul\n",
2187 if (!send_error (auth,
"Command contained non-ASCII"))
2193 _dbus_verbose (
"%s: got command \"%s\"\n",
2210 command = lookup_command_from_name (&line);
2277 auth->
side = auth_side_server;
2278 auth->
state = &server_state_waiting_for_auth;
2282 server_auth->
guid = guid_copy;
2318 auth->
side = auth_side_client;
2319 auth->
state = &client_state_need_send_auth;
2323 if (!send_auth (auth, &all_mechanisms[0]))
2362 shutdown_mech (auth);
2405 const char **mechanisms)
2409 if (mechanisms !=
NULL)
2429 #define DBUS_AUTH_IN_END_STATE(auth) ((auth)->state->handler == NULL)
2444 #define MAX_BUFFER (16 * _DBUS_ONE_KILOBYTE)
2454 goto_state (auth, &common_state_need_disconnect);
2455 _dbus_verbose (
"%s: Disconnecting due to excessive data buffered in auth phase\n",
2460 while (process_command (auth));
2463 return DBUS_AUTH_STATE_WAITING_FOR_MEMORY;
2465 return DBUS_AUTH_STATE_HAVE_BYTES_TO_SEND;
2466 else if (auth->
state == &common_state_need_disconnect)
2467 return DBUS_AUTH_STATE_NEED_DISCONNECT;
2468 else if (auth->
state == &common_state_authenticated)
2469 return DBUS_AUTH_STATE_AUTHENTICATED;
2470 else return DBUS_AUTH_STATE_WAITING_FOR_INPUT;
2511 _dbus_verbose (
"%s: Sent %d bytes of: %s\n",
2603 if (auth->
state != &common_state_authenticated)
2634 if (auth->
state != &common_state_authenticated)
2662 if (auth->
state != &common_state_authenticated)
2697 if (auth->
state != &common_state_authenticated)
2743 if (auth->
state == &common_state_authenticated)
2769 if (auth->
state == &common_state_authenticated)
dbus_bool_t dbus_error_has_name(const DBusError *error, const char *name)
Checks whether the error is set and has the given name.
dbus_bool_t _dbus_string_append(DBusString *str, const char *buffer)
Appends a nul-terminated C-style string to a DBusString.
dbus_bool_t _dbus_string_parse_int(const DBusString *str, int start, long *value_return, int *end_return)
Parses an integer contained in a DBusString.
const char * message
public error message field
void _dbus_auth_delete_unused_bytes(DBusAuth *auth)
Gets rid of unused bytes returned by _dbus_auth_get_unused_bytes() after we've gotten them and succes...
#define NULL
A null pointer, defined appropriately for C or C++.
void _dbus_auth_get_unused_bytes(DBusAuth *auth, const DBusString **str)
Returns leftover bytes that were not used as part of the auth conversation.
void _dbus_keyring_unref(DBusKeyring *keyring)
Decrements refcount and finalizes if it reaches zero.
dbus_bool_t _dbus_string_equal(const DBusString *a, const DBusString *b)
Tests two DBusString for equality.
DBusAuthDecodeFunction client_decode_func
Function on client side for decode.
DBusAuthEncodeFunction server_encode_func
Function on server side to encode.
dbus_bool_t(* DBusAuthDecodeFunction)(DBusAuth *auth, const DBusString *data, DBusString *decoded)
This function decodes a block of data from the peer.
void dbus_free(void *memory)
Frees a block of memory previously allocated by dbus_malloc() or dbus_malloc0().
dbus_bool_t _dbus_credentials_add_credential(DBusCredentials *credentials, DBusCredentialType which, DBusCredentials *other_credentials)
Merge the given credential found in the second object into the first object, overwriting the first ob...
DBusAuthCommand
Enumeration for the known authentication commands.
dbus_bool_t _dbus_auth_needs_decoding(DBusAuth *auth)
Called post-authentication, indicates whether we need to decode the message stream with _dbus_auth_de...
dbus_bool_t _dbus_string_hex_encode(const DBusString *source, int start, DBusString *dest, int insert_at)
Encodes a string in hex, the way MD5 and SHA-1 are usually encoded.
unsigned int buffer_outstanding
Buffer is "checked out" for reading data into.
DBusList * mechs_to_try
Mechanisms we got from the server that we're going to try using.
dbus_bool_t _dbus_string_append_int(DBusString *str, long value)
Appends an integer to a DBusString.
dbus_bool_t _dbus_credentials_are_superset(DBusCredentials *credentials, DBusCredentials *possible_subset)
Checks whether the first credentials object contains all the credentials found in the second credenti...
dbus_bool_t _dbus_auth_encode_data(DBusAuth *auth, const DBusString *plaintext, DBusString *encoded)
Called post-authentication, encodes a block of bytes for sending to the peer.
Internals of DBusKeyring.
dbus_bool_t(* DBusAuthEncodeFunction)(DBusAuth *auth, const DBusString *data, DBusString *encoded)
This function encodes a block of data from the peer.
dbus_bool_t _dbus_auth_set_context(DBusAuth *auth, const DBusString *context)
Sets the "authentication context" which scopes cookies with the DBUS_COOKIE_SHA1 auth mechanism for e...
#define _dbus_assert(condition)
Aborts with an error message if the condition is false.
void * data
Data stored at this element.
DBusAuthState _dbus_auth_do_work(DBusAuth *auth)
Analyzes buffered input and moves the auth conversation forward, returning the new state of the auth ...
void dbus_error_free(DBusError *error)
Frees an error that's been set (or just initialized), then reinitializes the error as in dbus_error_i...
const char * mechanism
Name of the mechanism.
unsigned int unix_fd_negotiated
Unix fd was successfully negotiated.
dbus_bool_t _dbus_keyring_get_hex_key(DBusKeyring *keyring, int key_id, DBusString *hex_key)
Gets the hex-encoded secret key for the given ID.
dbus_bool_t _dbus_auth_set_mechanisms(DBusAuth *auth, const char **mechanisms)
Sets an array of authentication mechanism names that we are willing to use.
dbus_bool_t _dbus_string_init(DBusString *str)
Initializes a string.
dbus_bool_t _dbus_append_user_from_current_process(DBusString *str)
Append to the string the identity we would like to have when we authenticate, on UNIX this is the cur...
DBusAuthShutdownFunction server_shutdown_func
Function on server side to shut down.
dbus_bool_t _dbus_string_copy(const DBusString *source, int start, DBusString *dest, int insert_at)
Like _dbus_string_move(), but does not delete the section of the source string that's copied to the d...
DBusKeyring * keyring
Keyring for cookie mechanism.
DBusString context
Cookie scope.
dbus_bool_t _dbus_auth_get_unix_fd_negotiated(DBusAuth *auth)
Queries whether unix fd passing was successfully negotiated.
void _dbus_credentials_clear(DBusCredentials *credentials)
Clear all credentials in the object.
dbus_bool_t _dbus_string_find(const DBusString *str, int start, const char *substr, int *found)
Finds the given substring in the string, returning TRUE and filling in the byte index where the subst...
DBusString guid
Our globally unique ID in hex encoding.
const char * side
Client or server.
dbus_bool_t _dbus_credentials_add_credentials(DBusCredentials *credentials, DBusCredentials *other_credentials)
Merge all credentials found in the second object into the first object, overwriting the first object ...
DBusString guid_from_server
GUID received from server.
DBusCredentials * _dbus_auth_get_identity(DBusAuth *auth)
Gets the identity we authorized the client as.
void _dbus_auth_get_buffer(DBusAuth *auth, DBusString **buffer)
Get a buffer to be used for reading bytes from the peer we're conversing with.
DBusString challenge
Challenge sent to client.
#define DBUS_VERSION_STRING
The COMPILE TIME version of libdbus, as a string "X.Y.Z".
dbus_bool_t _dbus_auth_decode_data(DBusAuth *auth, const DBusString *encoded, DBusString *plaintext)
Called post-authentication, decodes a block of bytes received from the peer.
DBusCredentials * authorized_identity
Credentials that are authorized.
DBusAuthDecodeFunction server_decode_func
Function on server side to decode.
dbus_bool_t _dbus_string_move(DBusString *source, int start, DBusString *dest, int insert_at)
Moves the end of one string into another string.
dbus_bool_t _dbus_credentials_are_anonymous(DBusCredentials *credentials)
Checks whether a credentials object contains a user identity.
dbus_bool_t _dbus_string_equal_c_str(const DBusString *a, const char *c_str)
Checks whether a string is equal to a C string.
void _dbus_auth_bytes_sent(DBusAuth *auth, int bytes_sent)
Notifies the auth conversation object that the given number of bytes of the outgoing buffer have been...
Internal members of DBusAuth.
DBusInitialResponseFunction client_initial_response_func
Function on client side to handle initial response.
dbus_uint32_t dbus_bool_t
A boolean, valid values are TRUE and FALSE.
"Subclass" of DBusAuth for server side.
DBusAuthStateFunction handler
State function for this state.
DBusAuthDataFunction client_data_func
Function on client side for DATA.
const DBusAuthStateData * state
Current protocol state.
dbus_bool_t _dbus_string_replace_len(const DBusString *source, int start, int len, DBusString *dest, int replace_at, int replace_len)
Replaces a segment of dest string with a segment of source string.
"Subclass" of DBusAuth for client side
DBusCredentials * desired_identity
Identity client has requested.
void _dbus_string_skip_blank(const DBusString *str, int start, int *end)
Skips blanks from start, storing the first non-blank in *end (blank is space or tab).
DBusAuth * _dbus_auth_server_new(const DBusString *guid)
Creates a new auth conversation object for the server side.
unsigned int needed_memory
We needed memory to continue since last successful getting something done.
#define DBUS_AUTH_NAME(auth)
The name of the auth ("client" or "server")
DBusAuth * _dbus_auth_ref(DBusAuth *auth)
Increments the refcount of an auth object.
unsigned int already_asked_for_initial_response
Already sent a blank challenge to get an initial response.
void _dbus_string_delete(DBusString *str, int start, int len)
Deletes a segment of a DBusString with length len starting at start.
DBusString identity
Current identity we're authorizing as.
dbus_bool_t _dbus_list_append(DBusList **list, void *data)
Appends a value to the list.
unsigned int already_got_mechanisms
Client already got mech list.
dbus_bool_t _dbus_string_append_printf(DBusString *str, const char *format,...)
Appends a printf-style formatted string to the DBusString.
int _dbus_string_get_length(const DBusString *str)
Gets the length of a string (not including nul termination).
void _dbus_string_zero(DBusString *str)
Clears all allocated bytes in the string to zero.
int cookie_id
ID of cookie to use.
Information about a auth state.
Object representing an exception.
int _dbus_keyring_get_best_key(DBusKeyring *keyring, DBusError *error)
Gets a recent key to use for authentication.
dbus_bool_t(* DBusAuthStateFunction)(DBusAuth *auth, DBusAuthCommand command, const DBusString *args)
Auth state function, determines the reaction to incoming events for a particular state.
dbus_bool_t _dbus_string_validate_utf8(const DBusString *str, int start, int len)
Checks that the given range of the string is valid UTF-8.
DBusAuth base
Parent class.
DBusAuthShutdownFunction client_shutdown_func
Function on client side for shutdown.
void * _dbus_list_pop_first(DBusList **list)
Removes the first value in the list and returns it.
int refcount
reference count
const char * _dbus_auth_get_guid_from_server(DBusAuth *auth)
Gets the GUID from the server if we've authenticated; gets NULL otherwise.
#define _DBUS_N_ELEMENTS(array)
Computes the number of elements in a fixed-size array using sizeof().
char ** allowed_mechs
Mechanisms we're allowed to use, or NULL if we can use any.
const char * name
Name of the command.
#define DBUS_AUTH_CLIENT(auth)
void _dbus_string_free(DBusString *str)
Frees a string created by _dbus_string_init().
char ** _dbus_dup_string_array(const char **array)
Duplicates a string array.
#define TRUE
Expands to "1".
int failures
Number of times client has been rejected.
#define DBUS_AUTH_IS_SERVER(auth)
#define N_CHALLENGE_BYTES
http://www.ietf.org/rfc/rfc2831.txt suggests at least 64 bits of entropy, we use 128.
dbus_bool_t _dbus_string_find_blank(const DBusString *str, int start, int *found)
Finds a blank (space or tab) in the string.
DBusString incoming
Incoming data buffer.
dbus_bool_t _dbus_auth_set_credentials(DBusAuth *auth, DBusCredentials *credentials)
Sets credentials received via reliable means from the operating system.
dbus_bool_t _dbus_keyring_is_for_credentials(DBusKeyring *keyring, DBusCredentials *credentials)
Checks whether the keyring is for the same user as the given credentials.
void _dbus_auth_set_unix_fd_possible(DBusAuth *auth, dbus_bool_t b)
Sets whether unix fd passing is potentially on the transport and hence shall be negotiated.
const char * name
Name of the state.
dbus_bool_t(* DBusAuthDataFunction)(DBusAuth *auth, const DBusString *data)
This function processes a block of data received from the peer.
DBusAuthEncodeFunction client_encode_func
Function on client side for encode.
DBusCredentials * _dbus_credentials_new(void)
Creates a new credentials object.
DBusKeyring * _dbus_keyring_new_for_credentials(DBusCredentials *credentials, const DBusString *context, DBusError *error)
Creates a new keyring that lives in the ~/.dbus-keyrings directory of the given user credentials...
DBusAuthDataFunction server_data_func
Function on server side for DATA.
void dbus_error_init(DBusError *error)
Initializes a DBusError structure.
dbus_bool_t _dbus_string_hex_decode(const DBusString *source, int start, int *end_return, DBusString *dest, int insert_at)
Decodes a string from hex encoding.
void dbus_free_string_array(char **str_array)
Frees a NULL-terminated array of strings.
dbus_bool_t _dbus_string_array_contains(const char **array, const char *str)
Checks whether a string array contains the given string.
int max_failures
Number of times we reject before disconnect.
void _dbus_auth_unref(DBusAuth *auth)
Decrements the refcount of an auth object.
dbus_bool_t _dbus_auth_get_bytes_to_send(DBusAuth *auth, const DBusString **str)
Gets bytes that need to be sent to the peer we're conversing with.
Mapping from command name to enum.
Virtual table representing a particular auth mechanism.
void(* DBusAuthShutdownFunction)(DBusAuth *auth)
This function is called when the mechanism is abandoned.
#define DBUS_ERROR_NO_MEMORY
There was not enough memory to complete an operation.
void _dbus_credentials_unref(DBusCredentials *credentials)
Decrement refcount on credentials.
#define FALSE
Expands to "0".
const DBusAuthMechanismHandler * mech
Current auth mechanism.
#define DBUS_AUTH_SERVER(auth)
unsigned int unix_fd_possible
This side could do unix fd passing.
dbus_bool_t _dbus_sha_compute(const DBusString *data, DBusString *ascii_output)
Computes the ASCII hex-encoded shasum of the given data and appends it to the output string...
dbus_bool_t _dbus_string_set_length(DBusString *str, int length)
Sets the length of a string.
dbus_bool_t _dbus_string_copy_len(const DBusString *source, int start, int len, DBusString *dest, int insert_at)
Like _dbus_string_copy(), but can copy a segment from the middle of the source string.
void * dbus_malloc0(size_t bytes)
Allocates the given number of bytes, as with standard malloc(), but all bytes are initialized to zero...
dbus_bool_t _dbus_auth_needs_encoding(DBusAuth *auth)
Called post-authentication, indicates whether we need to encode the message stream with _dbus_auth_en...
DBusCredentials * credentials
Credentials read from socket.
DBusAuth * _dbus_auth_client_new(void)
Creates a new auth conversation object for the client side.
const char * _dbus_string_get_const_data(const DBusString *str)
Gets the raw character buffer from a const string.
dbus_bool_t _dbus_string_validate_ascii(const DBusString *str, int start, int len)
Checks that the given range of the string is valid ASCII with no nul bytes.
DBusAuth base
Parent class.
void _dbus_auth_return_buffer(DBusAuth *auth, DBusString *buffer, int bytes_read)
Returns a buffer with new data read into it.
dbus_bool_t(* DBusInitialResponseFunction)(DBusAuth *auth, DBusString *response)
This function appends an initial client response to the given string.
dbus_bool_t _dbus_keyring_validate_context(const DBusString *context)
Checks whether the context is a valid context.
#define DBUS_AUTH_IN_END_STATE(auth)
dbus_bool_t dbus_error_is_set(const DBusError *error)
Checks whether an error occurred (the error is set).
DBusString outgoing
Outgoing data buffer.
dbus_bool_t _dbus_credentials_are_empty(DBusCredentials *credentials)
Checks whether a credentials object contains anything.
dbus_bool_t _dbus_generate_random_bytes(DBusString *str, int n_bytes)
Generates the given number of random bytes, using the best mechanism we can come up with...
#define DBUS_AUTH_IS_CLIENT(auth)
DBusAuthCommand command
Corresponding enum.
void _dbus_list_clear(DBusList **list)
Frees all links in the list and sets the list head to NULL.
dbus_bool_t _dbus_credentials_add_from_user(DBusCredentials *credentials, const DBusString *username)
Adds the credentials corresponding to the given username.