| blob | 08d8a3abeedc84b56e6fd0b9582fd21c45505463 |
1 <?xml version="1.0" standalone="no"?>
2 <!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
3 "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd"
4 [
5 ]>
7 <article id="index">
8 <articleinfo>
9 <title>D-Bus Specification</title>
10 <releaseinfo>Version 0.12</releaseinfo>
11 <date>7 November 2006</date>
12 <authorgroup>
13 <author>
14 <firstname>Havoc</firstname>
15 <surname>Pennington</surname>
16 <affiliation>
17 <orgname>Red Hat, Inc.</orgname>
18 <address>
19 <email>hp@pobox.com</email>
20 </address>
21 </affiliation>
22 </author>
23 <author>
24 <firstname>Anders</firstname>
25 <surname>Carlsson</surname>
26 <affiliation>
27 <orgname>CodeFactory AB</orgname>
28 <address>
29 <email>andersca@codefactory.se</email>
30 </address>
31 </affiliation>
32 </author>
33 <author>
34 <firstname>Alexander</firstname>
35 <surname>Larsson</surname>
36 <affiliation>
37 <orgname>Red Hat, Inc.</orgname>
38 <address>
39 <email>alexl@redhat.com</email>
40 </address>
41 </affiliation>
42 </author>
43 </authorgroup>
44 </articleinfo>
46 <sect1 id="introduction">
47 <title>Introduction</title>
48 <para>
49 D-Bus is a system for low-latency, low-overhead, easy to use
50 interprocess communication (IPC). In more detail:
51 <itemizedlist>
52 <listitem>
53 <para>
54 D-Bus is <emphasis>low-latency</emphasis> because it is designed
55 to avoid round trips and allow asynchronous operation, much like
56 the X protocol.
57 </para>
58 </listitem>
59 <listitem>
60 <para>
61 D-Bus is <emphasis>low-overhead</emphasis> because it uses a
62 binary protocol, and does not have to convert to and from a text
63 format such as XML. Because D-Bus is intended for potentially
64 high-resolution same-machine IPC, not primarily for Internet IPC,
65 this is an interesting optimization.
66 </para>
67 </listitem>
68 <listitem>
69 <para>
70 D-Bus is <emphasis>easy to use</emphasis> because it works in terms
71 of <firstterm>messages</firstterm> rather than byte streams, and
72 automatically handles a lot of the hard IPC issues. Also, the D-Bus
73 library is designed to be wrapped in a way that lets developers use
74 their framework's existing object/type system, rather than learning
75 a new one specifically for IPC.
76 </para>
77 </listitem>
78 </itemizedlist>
79 </para>
81 <para>
82 The base D-Bus protocol is a one-to-one (peer-to-peer or client-server)
83 protocol, specified in <xref linkend="message-protocol"/>. That is, it is
84 a system for one application to talk to a single other
85 application. However, the primary intended application of the protocol is the
86 D-Bus <firstterm>message bus</firstterm>, specified in <xref
87 linkend="message-bus"/>. The message bus is a special application that
88 accepts connections from multiple other applications, and forwards
89 messages among them.
90 </para>
92 <para>
93 Uses of D-Bus include notification of system changes (notification of when
94 a camera is plugged in to a computer, or a new version of some software
95 has been installed), or desktop interoperability, for example a file
96 monitoring service or a configuration service.
97 </para>
99 <para>
100 D-Bus is designed for two specific use cases:
101 <itemizedlist>
102 <listitem>
103 <para>
104 A "system bus" for notifications from the system to user sessions,
105 and to allow the system to request input from user sessions.
106 </para>
107 </listitem>
108 <listitem>
109 <para>
110 A "session bus" used to implement desktop environments such as
111 GNOME and KDE.
112 </para>
113 </listitem>
114 </itemizedlist>
115 D-Bus is not intended to be a generic IPC system for any possible
116 application, and intentionally omits many features found in other
117 IPC systems for this reason.
118 </para>
120 <para>
121 At the same time, the bus daemons offer a number of features not found in
122 other IPC systems, such as single-owner "bus names" (similar to X
123 selections), on-demand startup of services, and security policies.
124 In many ways, these features are the primary motivation for developing
125 D-Bus; other systems would have sufficed if IPC were the only goal.
126 </para>
128 <para>
129 D-Bus may turn out to be useful in unanticipated applications, but future
130 versions of this spec and the reference implementation probably will not
131 incorporate features that interfere with the core use cases.
132 </para>
134 <para>
135 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
136 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
137 document are to be interpreted as described in RFC 2119. However, the
138 document could use a serious audit to be sure it makes sense to do
139 so. Also, they are not capitalized.
140 </para>
142 <sect2 id="stability">
143 <title>Protocol and Specification Stability</title>
144 <para>
145 The D-Bus protocol is frozen (only compatible extensions are allowed) as
146 of November 8, 2006. However, this specification could still use a fair
147 bit of work to make interoperable reimplementation possible without
148 reference to the D-Bus reference implementation. Thus, this
149 specification is not marked 1.0. To mark it 1.0, we'd like to see
150 someone invest significant effort in clarifying the specification
151 language, and growing the specification to cover more aspects of the
152 reference implementation's behavior.
153 </para>
154 <para>
155 Until this work is complete, any attempt to reimplement D-Bus will
156 probably require looking at the reference implementation and/or asking
157 questions on the D-Bus mailing list about intended behavior.
158 Questions on the list are very welcome.
159 </para>
160 <para>
161 Nonetheless, this document should be a useful starting point and is
162 to our knowledge accurate, though incomplete.
163 </para>
164 </sect2>
166 </sect1>
168 <sect1 id="message-protocol">
169 <title>Message Protocol</title>
171 <para>
172 A <firstterm>message</firstterm> consists of a
173 <firstterm>header</firstterm> and a <firstterm>body</firstterm>. If you
174 think of a message as a package, the header is the address, and the body
175 contains the package contents. The message delivery system uses the header
176 information to figure out where to send the message and how to interpret
177 it; the recipient interprets the body of the message.
178 </para>
180 <para>
181 The body of the message is made up of zero or more
182 <firstterm>arguments</firstterm>, which are typed values, such as an
183 integer or a byte array.
184 </para>
186 <para>
187 Both header and body use the same type system and format for
188 serializing data. Each type of value has a wire format.
189 Converting a value from some other representation into the wire
190 format is called <firstterm>marshaling</firstterm> and converting
191 it back from the wire format is <firstterm>unmarshaling</firstterm>.
192 </para>
194 <sect2 id="message-protocol-signatures">
195 <title>Type Signatures</title>
197 <para>
198 The D-Bus protocol does not include type tags in the marshaled data; a
199 block of marshaled values must have a known <firstterm>type
200 signature</firstterm>. The type signature is made up of <firstterm>type
201 codes</firstterm>. A type code is an ASCII character representing the
202 type of a value. Because ASCII characters are used, the type signature
203 will always form a valid ASCII string. A simple string compare
204 determines whether two type signatures are equivalent.
205 </para>
207 <para>
208 As a simple example, the type code for 32-bit integer (<literal>INT32</literal>) is
209 the ASCII character 'i'. So the signature for a block of values
210 containing a single <literal>INT32</literal> would be:
211 <programlisting>
212 "i"
213 </programlisting>
214 A block of values containing two <literal>INT32</literal> would have this signature:
215 <programlisting>
216 "ii"
217 </programlisting>
218 </para>
220 <para>
221 All <firstterm>basic</firstterm> types work like
222 <literal>INT32</literal> in this example. To marshal and unmarshal
223 basic types, you simply read one value from the data
224 block corresponding to each type code in the signature.
225 In addition to basic types, there are four <firstterm>container</firstterm>
226 types: <literal>STRUCT</literal>, <literal>ARRAY</literal>, <literal>VARIANT</literal>,
227 and <literal>DICT_ENTRY</literal>.
228 </para>
230 <para>
231 <literal>STRUCT</literal> has a type code, ASCII character 'r', but this type
232 code does not appear in signatures. Instead, ASCII characters
233 '(' and ')' are used to mark the beginning and end of the struct.
234 So for example, a struct containing two integers would have this
235 signature:
236 <programlisting>
237 "(ii)"
238 </programlisting>
239 Structs can be nested, so for example a struct containing
240 an integer and another struct:
241 <programlisting>
242 "(i(ii))"
243 </programlisting>
244 The value block storing that struct would contain three integers; the
245 type signature allows you to distinguish "(i(ii))" from "((ii)i)" or
246 "(iii)" or "iii".
247 </para>
249 <para>
250 The <literal>STRUCT</literal> type code 'r' is not currently used in the D-Bus protocol,
251 but is useful in code that implements the protocol. This type code
252 is specified to allow such code to interoperate in non-protocol contexts.
253 </para>
255 <para>
256 Empty structures are not allowed; there must be at least one
257 type code between the parentheses.
258 </para>
260 <para>
261 <literal>ARRAY</literal> has ASCII character 'a' as type code. The array type code must be
262 followed by a <firstterm>single complete type</firstterm>. The single
263 complete type following the array is the type of each array element. So
264 the simple example is:
265 <programlisting>
266 "ai"
267 </programlisting>
268 which is an array of 32-bit integers. But an array can be of any type,
269 such as this array-of-struct-with-two-int32-fields:
270 <programlisting>
271 "a(ii)"
272 </programlisting>
273 Or this array of array of integer:
274 <programlisting>
275 "aai"
276 </programlisting>
277 </para>
279 <para>
280 The phrase <firstterm>single complete type</firstterm> deserves some
281 definition. A single complete type is a basic type code, a variant type code,
282 an array with its element type, or a struct with its fields.
283 So the following signatures are not single complete types:
284 <programlisting>
285 "aa"
286 </programlisting>
287 <programlisting>
288 "(ii"
289 </programlisting>
290 <programlisting>
291 "ii)"
292 </programlisting>
293 And the following signatures contain multiple complete types:
294 <programlisting>
295 "ii"
296 </programlisting>
297 <programlisting>
298 "aiai"
299 </programlisting>
300 <programlisting>
301 "(ii)(ii)"
302 </programlisting>
303 Note however that a single complete type may <emphasis>contain</emphasis>
304 multiple other single complete types.
305 </para>
307 <para>
308 <literal>VARIANT</literal> has ASCII character 'v' as its type code. A marshaled value of
309 type <literal>VARIANT</literal> will have the signature of a single complete type as part
310 of the <emphasis>value</emphasis>. This signature will be followed by a
311 marshaled value of that type.
312 </para>
314 <para>
315 A <literal>DICT_ENTRY</literal> works exactly like a struct, but rather
316 than parentheses it uses curly braces, and it has more restrictions.
317 The restrictions are: it occurs only as an array element type; it has
318 exactly two single complete types inside the curly braces; the first
319 single complete type (the "key") must be a basic type rather than a
320 container type. Implementations must not accept dict entries outside of
321 arrays, must not accept dict entries with zero, one, or more than two
322 fields, and must not accept dict entries with non-basic-typed keys. A
323 dict entry is always a key-value pair.
324 </para>
326 <para>
327 The first field in the <literal>DICT_ENTRY</literal> is always the key.
328 A message is considered corrupt if the same key occurs twice in the same
329 array of <literal>DICT_ENTRY</literal>. However, for performance reasons
330 implementations are not required to reject dicts with duplicate keys.
331 </para>
333 <para>
334 In most languages, an array of dict entry would be represented as a
335 map, hash table, or dict object.
336 </para>
338 <para>
339 The following table summarizes the D-Bus types.
340 <informaltable>
341 <tgroup cols="3">
342 <thead>
343 <row>
344 <entry>Conventional Name</entry>
345 <entry>Code</entry>
346 <entry>Description</entry>
347 </row>
348 </thead>
349 <tbody>
350 <row>
351 <entry><literal>INVALID</literal></entry>
352 <entry>0 (ASCII NUL)</entry>
353 <entry>Not a valid type code, used to terminate signatures</entry>
354 </row><row>
355 <entry><literal>BYTE</literal></entry>
356 <entry>121 (ASCII 'y')</entry>
357 <entry>8-bit unsigned integer</entry>
358 </row><row>
359 <entry><literal>BOOLEAN</literal></entry>
360 <entry>98 (ASCII 'b')</entry>
361 <entry>Boolean value, 0 is <literal>FALSE</literal> and 1 is <literal>TRUE</literal>. Everything else is invalid.</entry>
362 </row><row>
363 <entry><literal>INT16</literal></entry>
364 <entry>110 (ASCII 'n')</entry>
365 <entry>16-bit signed integer</entry>
366 </row><row>
367 <entry><literal>UINT16</literal></entry>
368 <entry>113 (ASCII 'q')</entry>
369 <entry>16-bit unsigned integer</entry>
370 </row><row>
371 <entry><literal>INT32</literal></entry>
372 <entry>105 (ASCII 'i')</entry>
373 <entry>32-bit signed integer</entry>
374 </row><row>
375 <entry><literal>UINT32</literal></entry>
376 <entry>117 (ASCII 'u')</entry>
377 <entry>32-bit unsigned integer</entry>
378 </row><row>
379 <entry><literal>INT64</literal></entry>
380 <entry>120 (ASCII 'x')</entry>
381 <entry>64-bit signed integer</entry>
382 </row><row>
383 <entry><literal>UINT64</literal></entry>
384 <entry>116 (ASCII 't')</entry>
385 <entry>64-bit unsigned integer</entry>
386 </row><row>
387 <entry><literal>DOUBLE</literal></entry>
388 <entry>100 (ASCII 'd')</entry>
389 <entry>IEEE 754 double</entry>
390 </row><row>
391 <entry><literal>STRING</literal></entry>
392 <entry>115 (ASCII 's')</entry>
393 <entry>UTF-8 string (<emphasis>must</emphasis> be valid UTF-8). Must be nul terminated and contain no other nul bytes.</entry>
394 </row><row>
395 <entry><literal>OBJECT_PATH</literal></entry>
396 <entry>111 (ASCII 'o')</entry>
397 <entry>Name of an object instance</entry>
398 </row><row>
399 <entry><literal>SIGNATURE</literal></entry>
400 <entry>103 (ASCII 'g')</entry>
401 <entry>A type signature</entry>
402 </row><row>
403 <entry><literal>ARRAY</literal></entry>
404 <entry>97 (ASCII 'a')</entry>
405 <entry>Array</entry>
406 </row><row>
407 <entry><literal>STRUCT</literal></entry>
408 <entry>114 (ASCII 'r'), 40 (ASCII '('), 41 (ASCII ')')</entry>
409 <entry>Struct</entry>
410 </row><row>
411 <entry><literal>VARIANT</literal></entry>
412 <entry>118 (ASCII 'v') </entry>
413 <entry>Variant type (the type of the value is part of the value itself)</entry>
414 </row><row>
415 <entry><literal>DICT_ENTRY</literal></entry>
416 <entry>101 (ASCII 'e'), 123 (ASCII '{'), 125 (ASCII '}') </entry>
417 <entry>Entry in a dict or map (array of key-value pairs)</entry>
418 </row>
419 </tbody>
420 </tgroup>
421 </informaltable>
422 </para>
424 </sect2>
426 <sect2 id="message-protocol-marshaling">
427 <title>Marshaling (Wire Format)</title>
429 <para>
430 Given a type signature, a block of bytes can be converted into typed
431 values. This section describes the format of the block of bytes. Byte
432 order and alignment issues are handled uniformly for all D-Bus types.
433 </para>
435 <para>
436 A block of bytes has an associated byte order. The byte order
437 has to be discovered in some way; for D-Bus messages, the
438 byte order is part of the message header as described in
439 <xref linkend="message-protocol-messages"/>. For now, assume
440 that the byte order is known to be either little endian or big
441 endian.
442 </para>
444 <para>
445 Each value in a block of bytes is aligned "naturally," for example
446 4-byte values are aligned to a 4-byte boundary, and 8-byte values to an
447 8-byte boundary. To properly align a value, <firstterm>alignment
448 padding</firstterm> may be necessary. The alignment padding must always
449 be the minimum required padding to properly align the following value;
450 and it must always be made up of nul bytes. The alignment padding must
451 not be left uninitialized (it can't contain garbage), and more padding
452 than required must not be used.
453 </para>
455 <para>
456 Given all this, the types are marshaled on the wire as follows:
457 <informaltable>
458 <tgroup cols="3">
459 <thead>
460 <row>
461 <entry>Conventional Name</entry>
462 <entry>Encoding</entry>
463 <entry>Alignment</entry>
464 </row>
465 </thead>
466 <tbody>
467 <row>
468 <entry><literal>INVALID</literal></entry>
469 <entry>Not applicable; cannot be marshaled.</entry>
470 <entry>N/A</entry>
471 </row><row>
472 <entry><literal>BYTE</literal></entry>
473 <entry>A single 8-bit byte.</entry>
474 <entry>1</entry>
475 </row><row>
476 <entry><literal>BOOLEAN</literal></entry>
477 <entry>As for <literal>UINT32</literal>, but only 0 and 1 are valid values.</entry>
478 <entry>4</entry>
479 </row><row>
480 <entry><literal>INT16</literal></entry>
481 <entry>16-bit signed integer in the message's byte order.</entry>
482 <entry>2</entry>
483 </row><row>
484 <entry><literal>UINT16</literal></entry>
485 <entry>16-bit unsigned integer in the message's byte order.</entry>
486 <entry>2</entry>
487 </row><row>
488 <entry><literal>INT32</literal></entry>
489 <entry>32-bit signed integer in the message's byte order.</entry>
490 <entry>4</entry>
491 </row><row>
492 <entry><literal>UINT32</literal></entry>
493 <entry>32-bit unsigned integer in the message's byte order.</entry>
494 <entry>4</entry>
495 </row><row>
496 <entry><literal>INT64</literal></entry>
497 <entry>64-bit signed integer in the message's byte order.</entry>
498 <entry>8</entry>
499 </row><row>
500 <entry><literal>UINT64</literal></entry>
501 <entry>64-bit unsigned integer in the message's byte order.</entry>
502 <entry>8</entry>
503 </row><row>
504 <entry><literal>DOUBLE</literal></entry>
505 <entry>64-bit IEEE 754 double in the message's byte order.</entry>
506 <entry>8</entry>
507 </row><row>
508 <entry><literal>STRING</literal></entry>
509 <entry>A <literal>UINT32</literal> indicating the string's
510 length in bytes excluding its terminating nul, followed by
511 non-nul string data of the given length, followed by a terminating nul
512 byte.
513 </entry>
514 <entry>
515 4 (for the length)
516 </entry>
517 </row><row>
518 <entry><literal>OBJECT_PATH</literal></entry>
519 <entry>Exactly the same as <literal>STRING</literal> except the
520 content must be a valid object path (see below).
521 </entry>
522 <entry>
523 4 (for the length)
524 </entry>
525 </row><row>
526 <entry><literal>SIGNATURE</literal></entry>
527 <entry>The same as <literal>STRING</literal> except the length is a single
528 byte (thus signatures have a maximum length of 255)
529 and the content must be a valid signature (see below).
530 </entry>
531 <entry>
532 1
533 </entry>
534 </row><row>
535 <entry><literal>ARRAY</literal></entry>
536 <entry>
537 A <literal>UINT32</literal> giving the length of the array data in bytes, followed by
538 alignment padding to the alignment boundary of the array element type,
539 followed by each array element. The array length is from the
540 end of the alignment padding to the end of the last element,
541 i.e. it does not include the padding after the length,
542 or any padding after the last element.
543 Arrays have a maximum length defined to be 2 to the 26th power or
544 67108864. Implementations must not send or accept arrays exceeding this
545 length.
546 </entry>
547 <entry>
548 4 (for the length)
549 </entry>
550 </row><row>
551 <entry><literal>STRUCT</literal></entry>
552 <entry>
553 A struct must start on an 8-byte boundary regardless of the
554 type of the struct fields. The struct value consists of each
555 field marshaled in sequence starting from that 8-byte
556 alignment boundary.
557 </entry>
558 <entry>
559 8
560 </entry>
561 </row><row>
562 <entry><literal>VARIANT</literal></entry>
563 <entry>
564 A variant type has a marshaled <literal>SIGNATURE</literal>
565 followed by a marshaled value with the type
566 given in the signature.
567 Unlike a message signature, the variant signature
568 can contain only a single complete type.
569 So "i", "ai" or "(ii)" is OK, but "ii" is not.
570 </entry>
571 <entry>
572 1 (alignment of the signature)
573 </entry>
574 </row><row>
575 <entry><literal>DICT_ENTRY</literal></entry>
576 <entry>
577 Identical to STRUCT.
578 </entry>
579 <entry>
580 8
581 </entry>
582 </row>
583 </tbody>
584 </tgroup>
585 </informaltable>
586 </para>
588 <sect3 id="message-protocol-marshaling-object-path">
589 <title>Valid Object Paths</title>
591 <para>
592 An object path is a name used to refer to an object instance.
593 Conceptually, each participant in a D-Bus message exchange may have
594 any number of object instances (think of C++ or Java objects) and each
595 such instance will have a path. Like a filesystem, the object
596 instances in an application form a hierarchical tree.
597 </para>
599 <para>
600 The following rules define a valid object path. Implementations must
601 not send or accept messages with invalid object paths.
602 <itemizedlist>
603 <listitem>
604 <para>
605 The path may be of any length.
606 </para>
607 </listitem>
608 <listitem>
609 <para>
610 The path must begin with an ASCII '/' (integer 47) character,
611 and must consist of elements separated by slash characters.
612 </para>
613 </listitem>
614 <listitem>
615 <para>
616 Each element must only contain the ASCII characters
617 "[A-Z][a-z][0-9]_"
618 </para>
619 </listitem>
620 <listitem>
621 <para>
622 No element may be the empty string.
623 </para>
624 </listitem>
625 <listitem>
626 <para>
627 Multiple '/' characters cannot occur in sequence.
628 </para>
629 </listitem>
630 <listitem>
631 <para>
632 A trailing '/' character is not allowed unless the
633 path is the root path (a single '/' character).
634 </para>
635 </listitem>
636 </itemizedlist>
637 </para>
639 </sect3>
642 <sect3 id="message-protocol-marshaling-signature">
643 <title>Valid Signatures</title>
644 <para>
645 An implementation must not send or accept invalid signatures.
646 Valid signatures will conform to the following rules:
647 <itemizedlist>
648 <listitem>
649 <para>
650 The signature ends with a nul byte.
651 </para>
652 </listitem>
653 <listitem>
654 <para>
655 The signature is a list of single complete types.
656 Arrays must have element types, and structs must
657 have both open and close parentheses.
658 </para>
659 </listitem>
660 <listitem>
661 <para>
662 Only type codes and open and close parentheses are
663 allowed in the signature. The <literal>STRUCT</literal> type code
664 is not allowed in signatures, because parentheses
665 are used instead.
666 </para>
667 </listitem>
668 <listitem>
669 <para>
670 The maximum depth of container type nesting is 32 array type
671 codes and 32 open parentheses. This implies that the maximum
672 total depth of recursion is 64, for an "array of array of array
673 of ... struct of struct of struct of ..." where there are 32
674 array and 32 struct.
675 </para>
676 </listitem>
677 <listitem>
678 <para>
679 The maximum length of a signature is 255.
680 </para>
681 </listitem>
682 <listitem>
683 <para>
684 Signatures must be nul-terminated.
685 </para>
686 </listitem>
687 </itemizedlist>
688 </para>
689 </sect3>
691 </sect2>
693 <sect2 id="message-protocol-messages">
694 <title>Message Format</title>
696 <para>
697 A message consists of a header and a body. The header is a block of
698 values with a fixed signature and meaning. The body is a separate block
699 of values, with a signature specified in the header.
700 </para>
702 <para>
703 The length of the header must be a multiple of 8, allowing the body to
704 begin on an 8-byte boundary when storing the entire message in a single
705 buffer. If the header does not naturally end on an 8-byte boundary
706 up to 7 bytes of nul-initialized alignment padding must be added.
707 </para>
709 <para>
710 The message body need not end on an 8-byte boundary.
711 </para>
713 <para>
714 The maximum length of a message, including header, header alignment padding,
715 and body is 2 to the 27th power or 134217728. Implementations must not
716 send or accept messages exceeding this size.
717 </para>
719 <para>
720 The signature of the header is:
721 <programlisting>
722 "yyyyuua(yv)"
723 </programlisting>
724 Written out more readably, this is:
725 <programlisting>
726 BYTE, BYTE, BYTE, BYTE, UINT32, UINT32, ARRAY of STRUCT of (BYTE,VARIANT)
727 </programlisting>
728 </para>
730 <para>
731 These values have the following meanings:
732 <informaltable>
733 <tgroup cols="2">
734 <thead>
735 <row>
736 <entry>Value</entry>
737 <entry>Description</entry>
738 </row>
739 </thead>
740 <tbody>
741 <row>
742 <entry>1st <literal>BYTE</literal></entry>
743 <entry>Endianness flag; ASCII 'l' for little-endian
744 or ASCII 'B' for big-endian. Both header and body are
745 in this endianness.</entry>
746 </row>
747 <row>
748 <entry>2nd <literal>BYTE</literal></entry>
749 <entry><firstterm>Message type</firstterm>. Unknown types must be ignored.
750 Currently-defined types are described below.
751 </entry>
752 </row>
753 <row>
754 <entry>3rd <literal>BYTE</literal></entry>
755 <entry>Bitwise OR of flags. Unknown flags
756 must be ignored. Currently-defined flags are described below.
757 </entry>
758 </row>
759 <row>
760 <entry>4th <literal>BYTE</literal></entry>
761 <entry>Major protocol version of the sending application. If
762 the major protocol version of the receiving application does not
763 match, the applications will not be able to communicate and the
764 D-Bus connection must be disconnected. The major protocol
765 version for this version of the specification is 1.
766 </entry>
767 </row>
768 <row>
769 <entry>1st <literal>UINT32</literal></entry>
770 <entry>Length in bytes of the message body, starting
771 from the end of the header. The header ends after
772 its alignment padding to an 8-boundary.
773 </entry>
774 </row>
775 <row>
776 <entry>2nd <literal>UINT32</literal></entry>
777 <entry>The serial of this message, used as a cookie
778 by the sender to identify the reply corresponding
779 to this request.
780 </entry>
781 </row>
782 <row>
783 <entry><literal>ARRAY</literal> of <literal>STRUCT</literal> of (<literal>BYTE</literal>,<literal>VARIANT</literal>)</entry>
784 <entry>An array of zero or more <firstterm>header
785 fields</firstterm> where the byte is the field code, and the
786 variant is the field value. The message type determines
787 which fields are required.
788 </entry>
789 </row>
790 </tbody>
791 </tgroup>
792 </informaltable>
793 </para>
794 <para>
795 <firstterm>Message types</firstterm> that can appear in the second byte
796 of the header are:
797 <informaltable>
798 <tgroup cols="3">
799 <thead>
800 <row>
801 <entry>Conventional name</entry>
802 <entry>Decimal value</entry>
803 <entry>Description</entry>
804 </row>
805 </thead>
806 <tbody>
807 <row>
808 <entry><literal>INVALID</literal></entry>
809 <entry>0</entry>
810 <entry>This is an invalid type.</entry>
811 </row>
812 <row>
813 <entry><literal>METHOD_CALL</literal></entry>
814 <entry>1</entry>
815 <entry>Method call.</entry>
816 </row>
817 <row>
818 <entry><literal>METHOD_RETURN</literal></entry>
819 <entry>2</entry>
820 <entry>Method reply with returned data.</entry>
821 </row>
822 <row>
823 <entry><literal>ERROR</literal></entry>
824 <entry>3</entry>
825 <entry>Error reply. If the first argument exists and is a
826 string, it is an error message.</entry>
827 </row>
828 <row>
829 <entry><literal>SIGNAL</literal></entry>
830 <entry>4</entry>
831 <entry>Signal emission.</entry>
832 </row>
833 </tbody>
834 </tgroup>
835 </informaltable>
836 </para>
837 <para>
838 Flags that can appear in the third byte of the header:
839 <informaltable>
840 <tgroup cols="3">
841 <thead>
842 <row>
843 <entry>Conventional name</entry>
844 <entry>Hex value</entry>
845 <entry>Description</entry>
846 </row>
847 </thead>
848 <tbody>
849 <row>
850 <entry><literal>NO_REPLY_EXPECTED</literal></entry>
851 <entry>0x1</entry>
852 <entry>This message does not expect method return replies or
853 error replies; the reply can be omitted as an
854 optimization. However, it is compliant with this specification
855 to return the reply despite this flag and the only harm
856 from doing so is extra network traffic.
857 </entry>
858 </row>
859 <row>
860 <entry><literal>NO_AUTO_START</literal></entry>
861 <entry>0x2</entry>
862 <entry>The bus must not launch an owner
863 for the destination name in response to this message.
864 </entry>
865 </row>
866 </tbody>
867 </tgroup>
868 </informaltable>
869 </para>
871 <sect3 id="message-protocol-header-fields">
872 <title>Header Fields</title>
874 <para>
875 The array at the end of the header contains <firstterm>header
876 fields</firstterm>, where each field is a 1-byte field code followed
877 by a field value. A header must contain the required header fields for
878 its message type, and zero or more of any optional header
879 fields. Future versions of this protocol specification may add new
880 fields. Implementations must ignore fields they do not
881 understand. Implementations must not invent their own header fields;
882 only changes to this specification may introduce new header fields.
883 </para>
885 <para>
886 Again, if an implementation sees a header field code that it does not
887 expect, it must ignore that field, as it will be part of a new
888 (but compatible) version of this specification. This also applies
889 to known header fields appearing in unexpected messages, for
890 example: if a signal has a reply serial it must be ignored
891 even though it has no meaning as of this version of the spec.
892 </para>
894 <para>
895 However, implementations must not send or accept known header fields
896 with the wrong type stored in the field value. So for example a
897 message with an <literal>INTERFACE</literal> field of type
898 <literal>UINT32</literal> would be considered corrupt.
899 </para>
901 <para>
902 Here are the currently-defined header fields:
903 <informaltable>
904 <tgroup cols="5">
905 <thead>
906 <row>
907 <entry>Conventional Name</entry>
908 <entry>Decimal Code</entry>
909 <entry>Type</entry>
910 <entry>Required In</entry>
911 <entry>Description</entry>
912 </row>
913 </thead>
914 <tbody>
915 <row>
916 <entry><literal>INVALID</literal></entry>
917 <entry>0</entry>
918 <entry>N/A</entry>
919 <entry>not allowed</entry>
920 <entry>Not a valid field name (error if it appears in a message)</entry>
921 </row>
922 <row>
923 <entry><literal>PATH</literal></entry>
924 <entry>1</entry>
925 <entry><literal>OBJECT_PATH</literal></entry>
926 <entry><literal>METHOD_CALL</literal>, <literal>SIGNAL</literal></entry>
927 <entry>The object to send a call to,
928 or the object a signal is emitted from.
929 The special path
930 <literal>/org/freedesktop/DBus/Local</literal> is reserved;
931 implementations should not send messages with this path,
932 and the reference implementation of the bus daemon will
933 disconnect any application that attempts to do so.
934 </entry>
935 </row>
936 <row>
937 <entry><literal>INTERFACE</literal></entry>
938 <entry>2</entry>
939 <entry><literal>STRING</literal></entry>
940 <entry><literal>SIGNAL</literal></entry>
941 <entry>
942 The interface to invoke a method call on, or
943 that a signal is emitted from. Optional for
944 method calls, required for signals.
945 The special interface
946 <literal>org.freedesktop.DBus.Local</literal> is reserved;
947 implementations should not send messages with this
948 interface, and the reference implementation of the bus
949 daemon will disconnect any application that attempts to
950 do so.
951 </entry>
952 </row>
953 <row>
954 <entry><literal>MEMBER</literal></entry>
955 <entry>3</entry>
956 <entry><literal>STRING</literal></entry>
957 <entry><literal>METHOD_CALL</literal>, <literal>SIGNAL</literal></entry>
958 <entry>The member, either the method name or signal name.</entry>
959 </row>
960 <row>
961 <entry><literal>ERROR_NAME</literal></entry>
962 <entry>4</entry>
963 <entry><literal>STRING</literal></entry>
964 <entry><literal>ERROR</literal></entry>
965 <entry>The name of the error that occurred, for errors</entry>
966 </row>
967 <row>
968 <entry><literal>REPLY_SERIAL</literal></entry>
969 <entry>5</entry>
970 <entry><literal>UINT32</literal></entry>
971 <entry><literal>ERROR</literal>, <literal>METHOD_RETURN</literal></entry>
972 <entry>The serial number of the message this message is a reply
973 to. (The serial number is the second <literal>UINT32</literal> in the header.)</entry>
974 </row>
975 <row>
976 <entry><literal>DESTINATION</literal></entry>
977 <entry>6</entry>
978 <entry><literal>STRING</literal></entry>
979 <entry>optional</entry>
980 <entry>The name of the connection this message is intended for.
981 Only used in combination with the message bus, see
982 <xref linkend="message-bus"/>.</entry>
983 </row>
984 <row>
985 <entry><literal>SENDER</literal></entry>
986 <entry>7</entry>
987 <entry><literal>STRING</literal></entry>
988 <entry>optional</entry>
989 <entry>Unique name of the sending connection.
990 The message bus fills in this field so it is reliable; the field is
991 only meaningful in combination with the message bus.</entry>
992 </row>
993 <row>
994 <entry><literal>SIGNATURE</literal></entry>
995 <entry>8</entry>
996 <entry><literal>SIGNATURE</literal></entry>
997 <entry>optional</entry>
998 <entry>The signature of the message body.
999 If omitted, it is assumed to be the
1000 empty signature "" (i.e. the body must be 0-length).</entry>
1001 </row>
1002 </tbody>
1003 </tgroup>
1004 </informaltable>
1005 </para>
1006 </sect3>
1007 </sect2>
1009 <sect2 id="message-protocol-names">
1010 <title>Valid Names</title>
1011 <para>
1012 The various names in D-Bus messages have some restrictions.
1013 </para>
1014 <para>
1015 There is a <firstterm>maximum name length</firstterm>
1016 of 255 which applies to bus names, interfaces, and members.
1017 </para>
1018 <sect3 id="message-protocol-names-interface">
1019 <title>Interface names</title>
1020 <para>
1021 Interfaces have names with type <literal>STRING</literal>, meaning that
1022 they must be valid UTF-8. However, there are also some
1023 additional restrictions that apply to interface names
1024 specifically:
1025 <itemizedlist>
1026 <listitem><para>Interface names are composed of 1 or more elements separated by
1027 a period ('.') character. All elements must contain at least
1028 one character.
1029 </para>
1030 </listitem>
1031 <listitem><para>Each element must only contain the ASCII characters
1032 "[A-Z][a-z][0-9]_" and must not begin with a digit.
1033 </para>
1034 </listitem>
1036 <listitem><para>Interface names must contain at least one '.' (period)
1037 character (and thus at least two elements).
1038 </para></listitem>
1040 <listitem><para>Interface names must not begin with a '.' (period) character.</para></listitem>
1041 <listitem><para>Interface names must not exceed the maximum name length.</para></listitem>
1042 </itemizedlist>
1043 </para>
1044 </sect3>
1045 <sect3 id="message-protocol-names-bus">
1046 <title>Bus names</title>
1047 <para>
1048 Connections have one or more bus names associated with them.
1049 A connection has exactly one bus name that is a unique connection
1050 name. The unique connection name remains with the connection for
1051 its entire lifetime.
1052 A bus name is of type <literal>STRING</literal>,
1053 meaning that it must be valid UTF-8. However, there are also
1054 some additional restrictions that apply to bus names
1055 specifically:
1056 <itemizedlist>
1057 <listitem><para>Bus names that start with a colon (':')
1058 character are unique connection names.
1059 </para>
1060 </listitem>
1061 <listitem><para>Bus names are composed of 1 or more elements separated by
1062 a period ('.') character. All elements must contain at least
1063 one character.
1064 </para>
1065 </listitem>
1066 <listitem><para>Each element must only contain the ASCII characters
1067 "[A-Z][a-z][0-9]_-". Only elements that are part of a unique
1068 connection name may begin with a digit, elements in
1069 other bus names must not begin with a digit.
1070 </para>
1071 </listitem>
1073 <listitem><para>Bus names must contain at least one '.' (period)
1074 character (and thus at least two elements).
1075 </para></listitem>
1077 <listitem><para>Bus names must not begin with a '.' (period) character.</para></listitem>
1078 <listitem><para>Bus names must not exceed the maximum name length.</para></listitem>
1079 </itemizedlist>
1080 </para>
1081 <para>
1082 Note that the hyphen ('-') character is allowed in bus names but
1083 not in interface names.
1084 </para>
1085 </sect3>
1086 <sect3 id="message-protocol-names-member">
1087 <title>Member names</title>
1088 <para>
1089 Member (i.e. method or signal) names:
1090 <itemizedlist>
1091 <listitem><para>Must only contain the ASCII characters
1092 "[A-Z][a-z][0-9]_" and may not begin with a
1093 digit.</para></listitem>
1094 <listitem><para>Must not contain the '.' (period) character.</para></listitem>
1095 <listitem><para>Must not exceed the maximum name length.</para></listitem>
1096 <listitem><para>Must be at least 1 byte in length.</para></listitem>
1097 </itemizedlist>
1098 </para>
1099 </sect3>
1100 <sect3 id="message-protocol-names-error">
1101 <title>Error names</title>
1102 <para>
1103 Error names have the same restrictions as interface names.
1104 </para>
1105 </sect3>
1106 </sect2>
1108 <sect2 id="message-protocol-types">
1109 <title>Message Types</title>
1110 <para>
1111 Each of the message types (<literal>METHOD_CALL</literal>, <literal>METHOD_RETURN</literal>, <literal>ERROR</literal>, and
1112 <literal>SIGNAL</literal>) has its own expected usage conventions and header fields.
1113 This section describes these conventions.
1114 </para>
1115 <sect3 id="message-protocol-types-method">
1116 <title>Method Calls</title>
1117 <para>
1118 Some messages invoke an operation on a remote object. These are
1119 called method call messages and have the type tag <literal>METHOD_CALL</literal>. Such
1120 messages map naturally to methods on objects in a typical program.
1121 </para>
1122 <para>
1123 A method call message is required to have a <literal>MEMBER</literal> header field
1124 indicating the name of the method. Optionally, the message has an
1125 <literal>INTERFACE</literal> field giving the interface the method is a part of. In the
1126 absence of an <literal>INTERFACE</literal> field, if two interfaces on the same object have
1127 a method with the same name, it is undefined which of the two methods
1128 will be invoked. Implementations may also choose to return an error in
1129 this ambiguous case. However, if a method name is unique
1130 implementations must not require an interface field.
1131 </para>
1132 <para>
1133 Method call messages also include a <literal>PATH</literal> field
1134 indicating the object to invoke the method on. If the call is passing
1135 through a message bus, the message will also have a
1136 <literal>DESTINATION</literal> field giving the name of the connection
1137 to receive the message.
1138 </para>
1139 <para>
1140 When an application handles a method call message, it is required to
1141 return a reply. The reply is identified by a <literal>REPLY_SERIAL</literal> header field
1142 indicating the serial number of the <literal>METHOD_CALL</literal> being replied to. The
1143 reply can have one of two types; either <literal>METHOD_RETURN</literal> or <literal>ERROR</literal>.
1144 </para>
1145 <para>
1146 If the reply has type <literal>METHOD_RETURN</literal>, the arguments to the reply message
1147 are the return value(s) or "out parameters" of the method call.
1148 If the reply has type <literal>ERROR</literal>, then an "exception" has been thrown,
1149 and the call fails; no return value will be provided. It makes
1150 no sense to send multiple replies to the same method call.
1151 </para>
1152 <para>
1153 Even if a method call has no return values, a <literal>METHOD_RETURN</literal>
1154 reply is required, so the caller will know the method
1155 was successfully processed.
1156 </para>
1157 <para>
1158 The <literal>METHOD_RETURN</literal> or <literal>ERROR</literal> reply message must have the <literal>REPLY_SERIAL</literal>
1159 header field.
1160 </para>
1161 <para>
1162 If a <literal>METHOD_CALL</literal> message has the flag <literal>NO_REPLY_EXPECTED</literal>,
1163 then as an optimization the application receiving the method
1164 call may choose to omit the reply message (regardless of
1165 whether the reply would have been <literal>METHOD_RETURN</literal> or <literal>ERROR</literal>).
1166 However, it is also acceptable to ignore the <literal>NO_REPLY_EXPECTED</literal>
1167 flag and reply anyway.
1168 </para>
1169 <para>
1170 Unless a message has the flag <literal>NO_AUTO_START</literal>, if the
1171 destination name does not exist then a program to own the destination
1172 name will be started before the message is delivered. The message
1173 will be held until the new program is successfully started or has
1174 failed to start; in case of failure, an error will be returned. This
1175 flag is only relevant in the context of a message bus, it is ignored
1176 during one-to-one communication with no intermediate bus.
1177 </para>
1178 <sect4 id="message-protocol-types-method-apis">
1179 <title>Mapping method calls to native APIs</title>
1180 <para>
1181 APIs for D-Bus may map method calls to a method call in a specific
1182 programming language, such as C++, or may map a method call written
1183 in an IDL to a D-Bus message.
1184 </para>
1185 <para>
1186 In APIs of this nature, arguments to a method are often termed "in"
1187 (which implies sent in the <literal>METHOD_CALL</literal>), or "out" (which implies
1188 returned in the <literal>METHOD_RETURN</literal>). Some APIs such as CORBA also have
1189 "inout" arguments, which are both sent and received, i.e. the caller
1190 passes in a value which is modified. Mapped to D-Bus, an "inout"
1191 argument is equivalent to an "in" argument, followed by an "out"
1192 argument. You can't pass things "by reference" over the wire, so
1193 "inout" is purely an illusion of the in-process API.
1194 </para>
1195 <para>
1196 Given a method with zero or one return values, followed by zero or more
1197 arguments, where each argument may be "in", "out", or "inout", the
1198 caller constructs a message by appending each "in" or "inout" argument,
1199 in order. "out" arguments are not represented in the caller's message.
1200 </para>
1201 <para>
1202 The recipient constructs a reply by appending first the return value
1203 if any, then each "out" or "inout" argument, in order.
1204 "in" arguments are not represented in the reply message.
1205 </para>
1206 <para>
1207 Error replies are normally mapped to exceptions in languages that have
1208 exceptions.
1209 </para>
1210 <para>
1211 In converting from native APIs to D-Bus, it is perhaps nice to
1212 map D-Bus naming conventions ("FooBar") to native conventions
1213 such as "fooBar" or "foo_bar" automatically. This is OK
1214 as long as you can say that the native API is one that
1215 was specifically written for D-Bus. It makes the most sense
1216 when writing object implementations that will be exported
1217 over the bus. Object proxies used to invoke remote D-Bus
1218 objects probably need the ability to call any D-Bus method,
1219 and thus a magic name mapping like this could be a problem.
1220 </para>
1221 <para>
1222 This specification doesn't require anything of native API bindings;
1223 the preceding is only a suggested convention for consistency
1224 among bindings.
1225 </para>
1226 </sect4>
1227 </sect3>
1229 <sect3 id="message-protocol-types-signal">
1230 <title>Signal Emission</title>
1231 <para>
1232 Unlike method calls, signal emissions have no replies.
1233 A signal emission is simply a single message of type <literal>SIGNAL</literal>.
1234 It must have three header fields: <literal>PATH</literal> giving the object
1235 the signal was emitted from, plus <literal>INTERFACE</literal> and <literal>MEMBER</literal> giving
1236 the fully-qualified name of the signal. The <literal>INTERFACE</literal> header is required
1237 for signals, though it is optional for method calls.
1238 </para>
1239 </sect3>
1241 <sect3 id="message-protocol-types-errors">
1242 <title>Errors</title>
1243 <para>
1244 Messages of type <literal>ERROR</literal> are most commonly replies
1245 to a <literal>METHOD_CALL</literal>, but may be returned in reply
1246 to any kind of message. The message bus for example
1247 will return an <literal>ERROR</literal> in reply to a signal emission if
1248 the bus does not have enough memory to send the signal.
1249 </para>
1250 <para>
1251 An <literal>ERROR</literal> may have any arguments, but if the first
1252 argument is a <literal>STRING</literal>, it must be an error message.
1253 The error message may be logged or shown to the user
1254 in some way.
1255 </para>
1256 </sect3>
1258 <sect3 id="message-protocol-types-notation">
1259 <title>Notation in this document</title>
1260 <para>
1261 This document uses a simple pseudo-IDL to describe particular method
1262 calls and signals. Here is an example of a method call:
1263 <programlisting>
1264 org.freedesktop.DBus.StartServiceByName (in STRING name, in UINT32 flags,
1265 out UINT32 resultcode)
1266 </programlisting>
1267 This means <literal>INTERFACE</literal> = org.freedesktop.DBus, <literal>MEMBER</literal> = StartServiceByName,
1268 <literal>METHOD_CALL</literal> arguments are <literal>STRING</literal> and <literal>UINT32</literal>, <literal>METHOD_RETURN</literal> argument
1269 is <literal>UINT32</literal>. Remember that the <literal>MEMBER</literal> field can't contain any '.' (period)
1270 characters so it's known that the last part of the name in
1271 the "IDL" is the member name.
1272 </para>
1273 <para>
1274 In C++ that might end up looking like this:
1275 <programlisting>
1276 unsigned int org::freedesktop::DBus::StartServiceByName (const char *name,
1277 unsigned int flags);
1278 </programlisting>
1279 or equally valid, the return value could be done as an argument:
1280 <programlisting>
1281 void org::freedesktop::DBus::StartServiceByName (const char *name,
1282 unsigned int flags,
1283 unsigned int *resultcode);
1284 </programlisting>
1285 It's really up to the API designer how they want to make
1286 this look. You could design an API where the namespace wasn't used
1287 in C++, using STL or Qt, using varargs, or whatever you wanted.
1288 </para>
1289 <para>
1290 Signals are written as follows:
1291 <programlisting>
1292 org.freedesktop.DBus.NameLost (STRING name)
1293 </programlisting>
1294 Signals don't specify "in" vs. "out" because only
1295 a single direction is possible.
1296 </para>
1297 <para>
1298 It isn't especially encouraged to use this lame pseudo-IDL in actual
1299 API implementations; you might use the native notation for the
1300 language you're using, or you might use COM or CORBA IDL, for example.
1301 </para>
1302 </sect3>
1303 </sect2>
1305 <sect2 id="message-protocol-handling-invalid">
1306 <title>Invalid Protocol and Spec Extensions</title>
1308 <para>
1309 For security reasons, the D-Bus protocol should be strictly parsed and
1310 validated, with the exception of defined extension points. Any invalid
1311 protocol or spec violations should result in immediately dropping the
1312 connection without notice to the other end. Exceptions should be
1313 carefully considered, e.g. an exception may be warranted for a
1314 well-understood idiosyncrasy of a widely-deployed implementation. In
1315 cases where the other end of a connection is 100% trusted and known to
1316 be friendly, skipping validation for performance reasons could also make
1317 sense in certain cases.
1318 </para>
1320 <para>
1321 Generally speaking violations of the "must" requirements in this spec
1322 should be considered possible attempts to exploit security, and violations
1323 of the "should" suggestions should be considered legitimate (though perhaps
1324 they should generate an error in some cases).
1325 </para>
1327 <para>
1328 The following extension points are built in to D-Bus on purpose and must
1329 not be treated as invalid protocol. The extension points are intended
1330 for use by future versions of this spec, they are not intended for third
1331 parties. At the moment, the only way a third party could extend D-Bus
1332 without breaking interoperability would be to introduce a way to negotiate new
1333 feature support as part of the auth protocol, using EXTENSION_-prefixed
1334 commands. There is not yet a standard way to negotiate features.
1335 <itemizedlist>
1336 <listitem>
1337 <para>
1338 In the authentication protocol (see <xref linkend="auth-protocol"/>) unknown
1339 commands result in an ERROR rather than a disconnect. This enables
1340 future extensions to the protocol. Commands starting with EXTENSION_ are
1341 reserved for third parties.
1342 </para>
1343 </listitem>
1344 <listitem>
1345 <para>
1346 The authentication protocol supports pluggable auth mechanisms.
1347 </para>
1348 </listitem>
1349 <listitem>
1350 <para>
1351 The address format (see <xref linkend="addresses"/>) supports new
1352 kinds of transport.
1353 </para>
1354 </listitem>
1355 <listitem>
1356 <para>
1357 Messages with an unknown type (something other than
1358 <literal>METHOD_CALL</literal>, <literal>METHOD_RETURN</literal>,
1359 <literal>ERROR</literal>, <literal>SIGNAL</literal>) are ignored.
1360 Unknown-type messages must still be well-formed in the same way
1361 as the known messages, however. They still have the normal
1362 header and body.
1363 </para>
1364 </listitem>
1365 <listitem>
1366 <para>
1367 Header fields with an unknown or unexpected field code must be ignored,
1368 though again they must still be well-formed.
1369 </para>
1370 </listitem>
1371 <listitem>
1372 <para>
1373 New standard interfaces (with new methods and signals) can of course be added.
1374 </para>
1375 </listitem>
1376 </itemizedlist>
1377 </para>
1379 </sect2>
1381 </sect1>
1383 <sect1 id="auth-protocol">
1384 <title>Authentication Protocol</title>
1385 <para>
1386 Before the flow of messages begins, two applications must
1387 authenticate. A simple plain-text protocol is used for
1388 authentication; this protocol is a SASL profile, and maps fairly
1389 directly from the SASL specification. The message encoding is
1390 NOT used here, only plain text messages.
1391 </para>
1392 <para>
1393 In examples, "C:" and "S:" indicate lines sent by the client and
1394 server respectively.
1395 </para>
1396 <sect2 id="auth-protocol-overview">
1397 <title>Protocol Overview</title>
1398 <para>
1399 The protocol is a line-based protocol, where each line ends with
1400 \r\n. Each line begins with an all-caps ASCII command name containing
1401 only the character range [A-Z_], a space, then any arguments for the
1402 command, then the \r\n ending the line. The protocol is
1403 case-sensitive. All bytes must be in the ASCII character set.
1405 Commands from the client to the server are as follows:
1407 <itemizedlist>
1408 <listitem><para>AUTH [mechanism] [initial-response]</para></listitem>
1409 <listitem><para>CANCEL</para></listitem>
1410 <listitem><para>BEGIN</para></listitem>
1411 <listitem><para>DATA <data in hex encoding></para></listitem>
1412 <listitem><para>ERROR [human-readable error explanation]</para></listitem>
1413 </itemizedlist>
1415 From server to client are as follows:
1417 <itemizedlist>
1418 <listitem><para>REJECTED <space-separated list of mechanism names></para></listitem>
1419 <listitem><para>OK <GUID in hex></para></listitem>
1420 <listitem><para>DATA <data in hex encoding></para></listitem>
1421 <listitem><para>ERROR</para></listitem>
1422 </itemizedlist>
1423 </para>
1424 <para>
1425 Unofficial extensions to the command set must begin with the letters
1426 "EXTENSION_", to avoid conflicts with future official commands.
1427 For example, "EXTENSION_COM_MYDOMAIN_DO_STUFF".
1428 </para>
1429 </sect2>
1430 <sect2 id="auth-nul-byte">
1431 <title>Special credentials-passing nul byte</title>
1432 <para>
1433 Immediately after connecting to the server, the client must send a
1434 single nul byte. This byte may be accompanied by credentials
1435 information on some operating systems that use sendmsg() with
1436 SCM_CREDS or SCM_CREDENTIALS to pass credentials over UNIX domain
1437 sockets. However, the nul byte must be sent even on other kinds of
1438 socket, and even on operating systems that do not require a byte to be
1439 sent in order to transmit credentials. The text protocol described in
1440 this document begins after the single nul byte. If the first byte
1441 received from the client is not a nul byte, the server may disconnect
1442 that client.
1443 </para>
1444 <para>
1445 A nul byte in any context other than the initial byte is an error;
1446 the protocol is ASCII-only.
1447 </para>
1448 <para>
1449 The credentials sent along with the nul byte may be used with the
1450 SASL mechanism EXTERNAL.
1451 </para>
1452 </sect2>
1453 <sect2 id="auth-command-auth">
1454 <title>AUTH command</title>
1455 <para>
1456 If an AUTH command has no arguments, it is a request to list
1457 available mechanisms. The server must respond with a REJECTED
1458 command listing the mechanisms it understands, or with an error.
1459 </para>
1460 <para>
1461 If an AUTH command specifies a mechanism, and the server supports
1462 said mechanism, the server should begin exchanging SASL
1463 challenge-response data with the client using DATA commands.
1464 </para>
1465 <para>
1466 If the server does not support the mechanism given in the AUTH
1467 command, it must send either a REJECTED command listing the mechanisms
1468 it does support, or an error.
1469 </para>
1470 <para>
1471 If the [initial-response] argument is provided, it is intended for use
1472 with mechanisms that have no initial challenge (or an empty initial
1473 challenge), as if it were the argument to an initial DATA command. If
1474 the selected mechanism has an initial challenge and [initial-response]
1475 was provided, the server should reject authentication by sending
1476 REJECTED.
1477 </para>
1478 <para>
1479 If authentication succeeds after exchanging DATA commands,
1480 an OK command must be sent to the client.
1481 </para>
1482 <para>
1483 The first octet received by the client after the \r\n of the OK
1484 command must be the first octet of the authenticated/encrypted
1485 stream of D-Bus messages.
1486 </para>
1487 <para>
1488 The first octet received by the server after the \r\n of the BEGIN
1489 command from the client must be the first octet of the
1490 authenticated/encrypted stream of D-Bus messages.
1491 </para>
1492 </sect2>
1493 <sect2 id="auth-command-cancel">
1494 <title>CANCEL Command</title>
1495 <para>
1496 At any time up to sending the BEGIN command, the client may send a
1497 CANCEL command. On receiving the CANCEL command, the server must
1498 send a REJECTED command and abort the current authentication
1499 exchange.
1500 </para>
1501 </sect2>
1502 <sect2 id="auth-command-data">
1503 <title>DATA Command</title>
1504 <para>
1505 The DATA command may come from either client or server, and simply
1506 contains a hex-encoded block of data to be interpreted
1507 according to the SASL mechanism in use.
1508 </para>
1509 <para>
1510 Some SASL mechanisms support sending an "empty string";
1511 FIXME we need some way to do this.
1512 </para>
1513 </sect2>
1514 <sect2 id="auth-command-begin">
1515 <title>BEGIN Command</title>
1516 <para>
1517 The BEGIN command acknowledges that the client has received an
1518 OK command from the server, and that the stream of messages
1519 is about to begin.
1520 </para>
1521 <para>
1522 The first octet received by the server after the \r\n of the BEGIN
1523 command from the client must be the first octet of the
1524 authenticated/encrypted stream of D-Bus messages.
1525 </para>
1526 </sect2>
1527 <sect2 id="auth-command-rejected">
1528 <title>REJECTED Command</title>
1529 <para>
1530 The REJECTED command indicates that the current authentication
1531 exchange has failed, and further exchange of DATA is inappropriate.
1532 The client would normally try another mechanism, or try providing
1533 different responses to challenges.
1534 </para><para>
1535 Optionally, the REJECTED command has a space-separated list of
1536 available auth mechanisms as arguments. If a server ever provides
1537 a list of supported mechanisms, it must provide the same list
1538 each time it sends a REJECTED message. Clients are free to
1539 ignore all lists received after the first.
1540 </para>
1541 </sect2>
1542 <sect2 id="auth-command-ok">
1543 <title>OK Command</title>
1544 <para>
1545 The OK command indicates that the client has been authenticated,
1546 and that further communication will be a stream of D-Bus messages
1547 (optionally encrypted, as negotiated) rather than this protocol.
1548 </para>
1549 <para>
1550 The first octet received by the client after the \r\n of the OK
1551 command must be the first octet of the authenticated/encrypted
1552 stream of D-Bus messages.
1553 </para>
1554 <para>
1555 The client must respond to the OK command by sending a BEGIN
1556 command, followed by its stream of messages, or by disconnecting.
1557 The server must not accept additional commands using this protocol
1558 after the OK command has been sent.
1559 </para>
1560 <para>
1561 The OK command has one argument, which is the GUID of the server.
1562 See <xref linkend="addresses"/> for more on server GUIDs.
1563 </para>
1564 </sect2>
1565 <sect2 id="auth-command-error">
1566 <title>ERROR Command</title>
1567 <para>
1568 The ERROR command indicates that either server or client did not
1569 know a command, does not accept the given command in the current
1570 context, or did not understand the arguments to the command. This
1571 allows the protocol to be extended; a client or server can send a
1572 command present or permitted only in new protocol versions, and if
1573 an ERROR is received instead of an appropriate response, fall back
1574 to using some other technique.
1575 </para>
1576 <para>
1577 If an ERROR is sent, the server or client that sent the
1578 error must continue as if the command causing the ERROR had never been
1579 received. However, the the server or client receiving the error
1580 should try something other than whatever caused the error;
1581 if only canceling/rejecting the authentication.
1582 </para>
1583 <para>
1584 If the D-Bus protocol changes incompatibly at some future time,
1585 applications implementing the new protocol would probably be able to
1586 check for support of the new protocol by sending a new command and
1587 receiving an ERROR from applications that don't understand it. Thus the
1588 ERROR feature of the auth protocol is an escape hatch that lets us
1589 negotiate extensions or changes to the D-Bus protocol in the future.
1590 </para>
1591 </sect2>
1592 <sect2 id="auth-examples">
1593 <title>Authentication examples</title>
1595 <para>
1596 <figure>
1597 <title>Example of successful magic cookie authentication</title>
1598 <programlisting>
1599 (MAGIC_COOKIE is a made up mechanism)
1601 C: AUTH MAGIC_COOKIE 3138363935333137393635383634
1602 S: OK 1234deadbeef
1603 C: BEGIN
1604 </programlisting>
1605 </figure>
1606 <figure>
1607 <title>Example of finding out mechanisms then picking one</title>
1608 <programlisting>
1609 C: AUTH
1610 S: REJECTED KERBEROS_V4 SKEY
1611 C: AUTH SKEY 7ab83f32ee
1612 S: DATA 8799cabb2ea93e
1613 C: DATA 8ac876e8f68ee9809bfa876e6f9876g8fa8e76e98f
1614 S: OK 1234deadbeef
1615 C: BEGIN
1616 </programlisting>
1617 </figure>
1618 <figure>
1619 <title>Example of client sends unknown command then falls back to regular auth</title>
1620 <programlisting>
1621 C: FOOBAR
1622 S: ERROR
1623 C: AUTH MAGIC_COOKIE 3736343435313230333039
1624 S: OK 1234deadbeef
1625 C: BEGIN
1626 </programlisting>
1627 </figure>
1628 <figure>
1629 <title>Example of server doesn't support initial auth mechanism</title>
1630 <programlisting>
1631 C: AUTH MAGIC_COOKIE 3736343435313230333039
1632 S: REJECTED KERBEROS_V4 SKEY
1633 C: AUTH SKEY 7ab83f32ee
1634 S: DATA 8799cabb2ea93e
1635 C: DATA 8ac876e8f68ee9809bfa876e6f9876g8fa8e76e98f
1636 S: OK 1234deadbeef
1637 C: BEGIN
1638 </programlisting>
1639 </figure>
1640 <figure>
1641 <title>Example of wrong password or the like followed by successful retry</title>
1642 <programlisting>
1643 C: AUTH MAGIC_COOKIE 3736343435313230333039
1644 S: REJECTED KERBEROS_V4 SKEY
1645 C: AUTH SKEY 7ab83f32ee
1646 S: DATA 8799cabb2ea93e
1647 C: DATA 8ac876e8f68ee9809bfa876e6f9876g8fa8e76e98f
1648 S: REJECTED
1649 C: AUTH SKEY 7ab83f32ee
1650 S: DATA 8799cabb2ea93e
1651 C: DATA 8ac876e8f68ee9809bfa876e6f9876g8fa8e76e98f
1652 S: OK 1234deadbeef
1653 C: BEGIN
1654 </programlisting>
1655 </figure>
1656 <figure>
1657 <title>Example of skey cancelled and restarted</title>
1658 <programlisting>
1659 C: AUTH MAGIC_COOKIE 3736343435313230333039
1660 S: REJECTED KERBEROS_V4 SKEY
1661 C: AUTH SKEY 7ab83f32ee
1662 S: DATA 8799cabb2ea93e
1663 C: CANCEL
1664 S: REJECTED
1665 C: AUTH SKEY 7ab83f32ee
1666 S: DATA 8799cabb2ea93e
1667 C: DATA 8ac876e8f68ee9809bfa876e6f9876g8fa8e76e98f
1668 S: OK 1234deadbeef
1669 C: BEGIN
1670 </programlisting>
1671 </figure>
1672 </para>
1673 </sect2>
1674 <sect2 id="auth-states">
1675 <title>Authentication state diagrams</title>
1677 <para>
1678 This section documents the auth protocol in terms of
1679 a state machine for the client and the server. This is
1680 probably the most robust way to implement the protocol.
1681 </para>
1683 <sect3 id="auth-states-client">
1684 <title>Client states</title>
1686 <para>
1687 To more precisely describe the interaction between the
1688 protocol state machine and the authentication mechanisms the
1689 following notation is used: MECH(CHALL) means that the
1690 server challenge CHALL was fed to the mechanism MECH, which
1691 returns one of
1693 <itemizedlist>
1694 <listitem>
1695 <para>
1696 CONTINUE(RESP) means continue the auth conversation
1697 and send RESP as the response to the server;
1698 </para>
1699 </listitem>
1701 <listitem>
1702 <para>
1703 OK(RESP) means that after sending RESP to the server
1704 the client side of the auth conversation is finished
1705 and the server should return "OK";
1706 </para>
1707 </listitem>
1709 <listitem>
1710 <para>
1711 ERROR means that CHALL was invalid and could not be
1712 processed.
1713 </para>
1714 </listitem>
1715 </itemizedlist>
1717 Both RESP and CHALL may be empty.
1718 </para>
1720 <para>
1721 The Client starts by getting an initial response from the
1722 default mechanism and sends AUTH MECH RESP, or AUTH MECH if
1723 the mechanism did not provide an initial response. If the
1724 mechanism returns CONTINUE, the client starts in state
1725 <emphasis>WaitingForData</emphasis>, if the mechanism
1726 returns OK the client starts in state
1727 <emphasis>WaitingForOK</emphasis>.
1728 </para>
1730 <para>
1731 The client should keep track of available mechanisms and
1732 which it mechanisms it has already attempted. This list is
1733 used to decide which AUTH command to send. When the list is
1734 exhausted, the client should give up and close the
1735 connection.
1736 </para>
1738 <formalpara>
1739 <title><emphasis>WaitingForData</emphasis></title>
1740 <para>
1741 <itemizedlist>
1742 <listitem>
1743 <para>
1744 Receive DATA CHALL
1745 <simplelist>
1746 <member>
1747 MECH(CHALL) returns CONTINUE(RESP) → send
1748 DATA RESP, goto
1749 <emphasis>WaitingForData</emphasis>
1750 </member>
1752 <member>
1753 MECH(CHALL) returns OK(RESP) → send DATA
1754 RESP, goto <emphasis>WaitingForOK</emphasis>
1755 </member>
1757 <member>
1758 MECH(CHALL) returns ERROR → send ERROR
1759 [msg], goto <emphasis>WaitingForData</emphasis>
1760 </member>
1761 </simplelist>
1762 </para>
1763 </listitem>
1765 <listitem>
1766 <para>
1767 Receive REJECTED [mechs] →
1768 send AUTH [next mech], goto
1769 WaitingForData or <emphasis>WaitingForOK</emphasis>
1770 </para>
1771 </listitem>
1772 <listitem>
1773 <para>
1774 Receive ERROR → send
1775 CANCEL, goto
1776 <emphasis>WaitingForReject</emphasis>
1777 </para>
1778 </listitem>
1779 <listitem>
1780 <para>
1781 Receive OK → send
1782 BEGIN, terminate auth
1783 conversation, authenticated
1784 </para>
1785 </listitem>
1786 <listitem>
1787 <para>
1788 Receive anything else → send
1789 ERROR, goto
1790 <emphasis>WaitingForData</emphasis>
1791 </para>
1792 </listitem>
1793 </itemizedlist>
1794 </para>
1795 </formalpara>
1797 <formalpara>
1798 <title><emphasis>WaitingForOK</emphasis></title>
1799 <para>
1800 <itemizedlist>
1801 <listitem>
1802 <para>
1803 Receive OK → send BEGIN, terminate auth
1804 conversation, <emphasis>authenticated</emphasis>
1805 </para>
1806 </listitem>
1807 <listitem>
1808 <para>
1809 Receive REJECT [mechs] → send AUTH [next mech],
1810 goto <emphasis>WaitingForData</emphasis> or
1811 <emphasis>WaitingForOK</emphasis>
1812 </para>
1813 </listitem>
1815 <listitem>
1816 <para>
1817 Receive DATA → send CANCEL, goto
1818 <emphasis>WaitingForReject</emphasis>
1819 </para>
1820 </listitem>
1822 <listitem>
1823 <para>
1824 Receive ERROR → send CANCEL, goto
1825 <emphasis>WaitingForReject</emphasis>
1826 </para>
1827 </listitem>
1829 <listitem>
1830 <para>
1831 Receive anything else → send ERROR, goto
1832 <emphasis>WaitingForOK</emphasis>
1833 </para>
1834 </listitem>
1835 </itemizedlist>
1836 </para>
1837 </formalpara>
1839 <formalpara>
1840 <title><emphasis>WaitingForReject</emphasis></title>
1841 <para>
1842 <itemizedlist>
1843 <listitem>
1844 <para>
1845 Receive REJECT [mechs] → send AUTH [next mech],
1846 goto <emphasis>WaitingForData</emphasis> or
1847 <emphasis>WaitingForOK</emphasis>
1848 </para>
1849 </listitem>
1851 <listitem>
1852 <para>
1853 Receive anything else → terminate auth
1854 conversation, disconnect
1855 </para>
1856 </listitem>
1857 </itemizedlist>
1858 </para>
1859 </formalpara>
1861 </sect3>
1863 <sect3 id="auth-states-server">
1864 <title>Server states</title>
1866 <para>
1867 For the server MECH(RESP) means that the client response
1868 RESP was fed to the the mechanism MECH, which returns one of
1870 <itemizedlist>
1871 <listitem>
1872 <para>
1873 CONTINUE(CHALL) means continue the auth conversation and
1874 send CHALL as the challenge to the client;
1875 </para>
1876 </listitem>
1878 <listitem>
1879 <para>
1880 OK means that the client has been successfully
1881 authenticated;
1882 </para>
1883 </listitem>
1885 <listitem>
1886 <para>
1887 REJECT means that the client failed to authenticate or
1888 there was an error in RESP.
1889 </para>
1890 </listitem>
1891 </itemizedlist>
1893 The server starts out in state
1894 <emphasis>WaitingForAuth</emphasis>. If the client is
1895 rejected too many times the server must disconnect the
1896 client.
1897 </para>
1899 <formalpara>
1900 <title><emphasis>WaitingForAuth</emphasis></title>
1901 <para>
1902 <itemizedlist>
1904 <listitem>
1905 <para>
1906 Receive AUTH → send REJECTED [mechs], goto
1907 <emphasis>WaitingForAuth</emphasis>
1908 </para>
1909 </listitem>
1911 <listitem>
1912 <para>
1913 Receive AUTH MECH RESP
1915 <simplelist>
1916 <member>
1917 MECH not valid mechanism → send REJECTED
1918 [mechs], goto
1919 <emphasis>WaitingForAuth</emphasis>
1920 </member>
1922 <member>
1923 MECH(RESP) returns CONTINUE(CHALL) → send
1924 DATA CHALL, goto
1925 <emphasis>WaitingForData</emphasis>
1926 </member>
1928 <member>
1929 MECH(RESP) returns OK → send OK, goto
1930 <emphasis>WaitingForBegin</emphasis>
1931 </member>
1933 <member>
1934 MECH(RESP) returns REJECT → send REJECTED
1935 [mechs], goto
1936 <emphasis>WaitingForAuth</emphasis>
1937 </member>
1938 </simplelist>
1939 </para>
1940 </listitem>
1942 <listitem>
1943 <para>
1944 Receive BEGIN → terminate
1945 auth conversation, disconnect
1946 </para>
1947 </listitem>
1949 <listitem>
1950 <para>
1951 Receive ERROR → send REJECTED [mechs], goto
1952 <emphasis>WaitingForAuth</emphasis>
1953 </para>
1954 </listitem>
1956 <listitem>
1957 <para>
1958 Receive anything else → send
1959 ERROR, goto
1960 <emphasis>WaitingForAuth</emphasis>
1961 </para>
1962 </listitem>
1963 </itemizedlist>
1964 </para>
1965 </formalpara>
1968 <formalpara>
1969 <title><emphasis>WaitingForData</emphasis></title>
1970 <para>
1971 <itemizedlist>
1972 <listitem>
1973 <para>
1974 Receive DATA RESP
1975 <simplelist>
1976 <member>
1977 MECH(RESP) returns CONTINUE(CHALL) → send
1978 DATA CHALL, goto
1979 <emphasis>WaitingForData</emphasis>
1980 </member>
1982 <member>
1983 MECH(RESP) returns OK → send OK, goto
1984 <emphasis>WaitingForBegin</emphasis>
1985 </member>
1987 <member>
1988 MECH(RESP) returns REJECT → send REJECTED
1989 [mechs], goto
1990 <emphasis>WaitingForAuth</emphasis>
1991 </member>
1992 </simplelist>
1993 </para>
1994 </listitem>
1996 <listitem>
1997 <para>
1998 Receive BEGIN → terminate auth conversation,
1999 disconnect
2000 </para>
2001 </listitem>
2003 <listitem>
2004 <para>
2005 Receive CANCEL → send REJECTED [mechs], goto
2006 <emphasis>WaitingForAuth</emphasis>
2007 </para>
2008 </listitem>
2010 <listitem>
2011 <para>
2012 Receive ERROR → send REJECTED [mechs], goto
2013 <emphasis>WaitingForAuth</emphasis>
2014 </para>
2015 </listitem>
2017 <listitem>
2018 <para>
2019 Receive anything else → send ERROR, goto
2020 <emphasis>WaitingForData</emphasis>
2021 </para>
2022 </listitem>
2023 </itemizedlist>
2024 </para>
2025 </formalpara>
2027 <formalpara>
2028 <title><emphasis>WaitingForBegin</emphasis></title>
2029 <para>
2030 <itemizedlist>
2031 <listitem>
2032 <para>
2033 Receive BEGIN → terminate auth conversation,
2034 client authenticated
2035 </para>
2036 </listitem>
2038 <listitem>
2039 <para>
2040 Receive CANCEL → send REJECTED [mechs], goto
2041 <emphasis>WaitingForAuth</emphasis>
2042 </para>
2043 </listitem>
2045 <listitem>
2046 <para>
2047 Receive ERROR → send REJECTED [mechs], goto
2048 <emphasis>WaitingForAuth</emphasis>
2049 </para>
2050 </listitem>
2052 <listitem>
2053 <para>
2054 Receive anything else → send ERROR, goto
2055 <emphasis>WaitingForBegin</emphasis>
2056 </para>
2057 </listitem>
2058 </itemizedlist>
2059 </para>
2060 </formalpara>
2062 </sect3>
2064 </sect2>
2065 <sect2 id="auth-mechanisms">
2066 <title>Authentication mechanisms</title>
2067 <para>
2068 This section describes some new authentication mechanisms.
2069 D-Bus also allows any standard SASL mechanism of course.
2070 </para>
2071 <sect3 id="auth-mechanisms-sha">
2072 <title>DBUS_COOKIE_SHA1</title>
2073 <para>
2074 The DBUS_COOKIE_SHA1 mechanism is designed to establish that a client
2075 has the ability to read a private file owned by the user being
2076 authenticated. If the client can prove that it has access to a secret
2077 cookie stored in this file, then the client is authenticated.
2078 Thus the security of DBUS_COOKIE_SHA1 depends on a secure home
2079 directory.
2080 </para>
2081 <para>
2082 Authentication proceeds as follows:
2083 <itemizedlist>
2084 <listitem>
2085 <para>
2086 The client sends the username it would like to authenticate
2087 as, hex-encoded.
2088 </para>
2089 </listitem>
2090 <listitem>
2091 <para>
2092 The server sends the name of its "cookie context" (see below); a
2093 space character; the integer ID of the secret cookie the client
2094 must demonstrate knowledge of; a space character; then a
2095 randomly-generated challenge string, all of this hex-encoded into
2096 one, single string.
2097 </para>
2098 </listitem>
2099 <listitem>
2100 <para>
2101 The client locates the cookie and generates its own
2102 randomly-generated challenge string. The client then concatenates
2103 the server's decoded challenge, a ":" character, its own challenge,
2104 another ":" character, and the cookie. It computes the SHA-1 hash
2105 of this composite string as a hex digest. It concatenates the
2106 client's challenge string, a space character, and the SHA-1 hex
2107 digest, hex-encodes the result and sends it back to the server.
2108 </para>
2109 </listitem>
2110 <listitem>
2111 <para>
2112 The server generates the same concatenated string used by the
2113 client and computes its SHA-1 hash. It compares the hash with
2114 the hash received from the client; if the two hashes match, the
2115 client is authenticated.
2116 </para>
2117 </listitem>
2118 </itemizedlist>
2119 </para>
2120 <para>
2121 Each server has a "cookie context," which is a name that identifies a
2122 set of cookies that apply to that server. A sample context might be
2123 "org_freedesktop_session_bus". Context names must be valid ASCII,
2124 nonzero length, and may not contain the characters slash ("/"),
2125 backslash ("\"), space (" "), newline ("\n"), carriage return ("\r"),
2126 tab ("\t"), or period ("."). There is a default context,
2127 "org_freedesktop_general" that's used by servers that do not specify
2128 otherwise.
2129 </para>
2130 <para>
2131 Cookies are stored in a user's home directory, in the directory
2132 <filename>~/.dbus-keyrings/</filename>. This directory must
2133 not be readable or writable by other users. If it is,
2134 clients and servers must ignore it. The directory
2135 contains cookie files named after the cookie context.
2136 </para>
2137 <para>
2138 A cookie file contains one cookie per line. Each line
2139 has three space-separated fields:
2140 <itemizedlist>
2141 <listitem>
2142 <para>
2143 The cookie ID number, which must be a non-negative integer and
2144 may not be used twice in the same file.
2145 </para>
2146 </listitem>
2147 <listitem>
2148 <para>
2149 The cookie's creation time, in UNIX seconds-since-the-epoch
2150 format.
2151 </para>
2152 </listitem>
2153 <listitem>
2154 <para>
2155 The cookie itself, a hex-encoded random block of bytes. The cookie
2156 may be of any length, though obviously security increases
2157 as the length increases.
2158 </para>
2159 </listitem>
2160 </itemizedlist>
2161 </para>
2162 <para>
2163 Only server processes modify the cookie file.
2164 They must do so with this procedure:
2165 <itemizedlist>
2166 <listitem>
2167 <para>
2168 Create a lockfile name by appending ".lock" to the name of the
2169 cookie file. The server should attempt to create this file
2170 using <literal>O_CREAT | O_EXCL</literal>. If file creation
2171 fails, the lock fails. Servers should retry for a reasonable
2172 period of time, then they may choose to delete an existing lock
2173 to keep users from having to manually delete a stale
2174 lock. <footnote><para>Lockfiles are used instead of real file
2175 locking <literal>fcntl()</literal> because real locking
2176 implementations are still flaky on network
2177 filesystems.</para></footnote>
2178 </para>
2179 </listitem>
2180 <listitem>
2181 <para>
2182 Once the lockfile has been created, the server loads the cookie
2183 file. It should then delete any cookies that are old (the
2184 timeout can be fairly short), or more than a reasonable
2185 time in the future (so that cookies never accidentally
2186 become permanent, if the clock was set far into the future
2187 at some point). If no recent keys remain, the
2188 server may generate a new key.
2189 </para>
2190 </listitem>
2191 <listitem>
2192 <para>
2193 The pruned and possibly added-to cookie file
2194 must be resaved atomically (using a temporary
2195 file which is rename()'d).
2196 </para>
2197 </listitem>
2198 <listitem>
2199 <para>
2200 The lock must be dropped by deleting the lockfile.
2201 </para>
2202 </listitem>
2203 </itemizedlist>
2204 </para>
2205 <para>
2206 Clients need not lock the file in order to load it,
2207 because servers are required to save the file atomically.
2208 </para>
2209 </sect3>
2210 </sect2>
2211 </sect1>
2212 <sect1 id="addresses">
2213 <title>Server Addresses</title>
2214 <para>
2215 Server addresses consist of a transport name followed by a colon, and
2216 then an optional, comma-separated list of keys and values in the form key=value.
2217 Each value is escaped.
2218 </para>
2219 <para>
2220 For example:
2221 <programlisting>unix:path=/tmp/dbus-test</programlisting>
2222 Which is the address to a unix socket with the path /tmp/dbus-test.
2223 </para>
2224 <para>
2225 Value escaping is similar to URI escaping but simpler.
2226 <itemizedlist>
2227 <listitem>
2228 <para>
2229 The set of optionally-escaped bytes is:
2230 <literal>[0-9A-Za-z_-/.\]</literal>. To escape, each
2231 <emphasis>byte</emphasis> (note, not character) which is not in the
2232 set of optionally-escaped bytes must be replaced with an ASCII
2233 percent (<literal>%</literal>) and the value of the byte in hex.
2234 The hex value must always be two digits, even if the first digit is
2235 zero. The optionally-escaped bytes may be escaped if desired.
2236 </para>
2237 </listitem>
2238 <listitem>
2239 <para>
2240 To unescape, append each byte in the value; if a byte is an ASCII
2241 percent (<literal>%</literal>) character then append the following
2242 hex value instead. It is an error if a <literal>%</literal> byte
2243 does not have two hex digits following. It is an error if a
2244 non-optionally-escaped byte is seen unescaped.
2245 </para>
2246 </listitem>
2247 </itemizedlist>
2248 The set of optionally-escaped bytes is intended to preserve address
2249 readability and convenience.
2250 </para>
2252 <para>
2253 A server may specify a key-value pair with the key <literal>guid</literal>
2254 and the value a hex-encoded 16-byte sequence. <xref linkend="uuids"/>
2255 describes the format of the <literal>guid</literal> field. If present,
2256 this UUID may be used to distinguish one server address from another. A
2257 server should use a different UUID for each address it listens on. For
2258 example, if a message bus daemon offers both UNIX domain socket and TCP
2259 connections, but treats clients the same regardless of how they connect,
2260 those two connections are equivalent post-connection but should have
2261 distinct UUIDs to distinguish the kinds of connection.
2262 </para>
2264 <para>
2265 The intent of the address UUID feature is to allow a client to avoid
2266 opening multiple identical connections to the same server, by allowing the
2267 client to check whether an address corresponds to an already-existing
2268 connection. Comparing two addresses is insufficient, because addresses
2269 can be recycled by distinct servers, and equivalent addresses may look
2270 different if simply compared as strings (for example, the host in a TCP
2271 address can be given as an IP address or as a hostname).
2272 </para>
2274 <para>
2275 Note that the address key is <literal>guid</literal> even though the
2276 rest of the API and documentation says "UUID," for historical reasons.
2277 </para>
2279 <para>
2280 [FIXME clarify if attempting to connect to each is a requirement
2281 or just a suggestion]
2282 When connecting to a server, multiple server addresses can be
2283 separated by a semi-colon. The library will then try to connect
2284 to the first address and if that fails, it'll try to connect to
2285 the next one specified, and so forth. For example
2286 <programlisting>unix:path=/tmp/dbus-test;unix:path=/tmp/dbus-test2</programlisting>
2287 </para>
2289 </sect1>
2291 <sect1 id="transports">
2292 <title>Transports</title>
2293 <para>
2294 [FIXME we need to specify in detail each transport and its possible arguments]
2296 Current transports include: unix domain sockets (including
2297 abstract namespace on linux), TCP/IP, and a debug/testing transport using
2298 in-process pipes. Future possible transports include one that
2299 tunnels over X11 protocol.
2300 </para>
2302 <sect2 id="transports-unix-domain-sockets">
2303 <title>Unix Domain Sockets</title>
2304 <para>
2305 Unix domain sockets can be either paths in the file system or on Linux
2306 kernels, they can be abstract which are similar to paths but
2307 do not show up in the file system.
2308 </para>
2310 <para>
2311 When a socket is opened by the D-Bus library it truncates the path
2312 name right before the first trailing Nul byte. This is true for both
2313 normal paths and abstract paths. Note that this is a departure from
2314 previous versions of D-Bus that would create sockets with a fixed
2315 length path name. Names which were shorter than the fixed length
2316 would be padded by Nul bytes.
2317 </para>
2318 </sect2>
2319 <sect2 id="transports-nonce-tcp-sockets">
2320 <title>Nonce-secured TCP Sockets</title>
2321 <para>
2322 The nonce-tcp transport provides a secured TCP transport, using a
2323 simple authentication mechanism to ensure that only clients with read
2324 access to a certain location in the filesystem can connect to the server.
2325 The server writes a secret, the nonce, to a file and an incoming client
2326 connection is only accepted if the client sends the nonce right after
2327 the connect. The nonce mechanism requires no setup and is orthogonal to
2328 the higher-level authentication mechanisms described in the
2329 Authentication section.
2330 </para>
2332 <para>
2333 On start, the server generates a random 16 byte nonce and writes it
2334 to a file in the user's temporary directory. The nonce file location
2335 is published as part of the server's D-Bus address using the
2336 "noncefile" query item.
2338 After an accept, the server reads 16 bytes from the socket. If the
2339 read bytes do not match the nonce stored in the nonce file, the
2340 server MUST immediately drop the connection.
2341 If the nonce match the received byte sequence, the client is accepted
2342 and the transport behaves like an unsecured tcp transport.
2343 </para>
2344 <para>
2345 After a successful connect to the server socket, the client must send
2346 the nonce from the file published by the server via the noncefile=
2347 query item and send it over the socket. After that, communication the
2348 transport behaves like an unsecured tcp transport.
2349 </para>
2350 </sect2>a
2351 </sect1>
2353 <sect1 id="naming-conventions">
2354 <title>Naming Conventions</title>
2356 <para>
2357 D-Bus namespaces are all lowercase and correspond to reversed domain
2358 names, as with Java. e.g. "org.freedesktop"
2359 </para>
2360 <para>
2361 Interface, signal, method, and property names are "WindowsStyleCaps", note
2362 that the first letter is capitalized, unlike Java.
2363 </para>
2364 <para>
2365 Object paths are normally all lowercase with underscores used rather than
2366 hyphens.
2367 </para>
2368 </sect1>
2370 <sect1 id="uuids">
2371 <title>UUIDs</title>
2372 <para>
2373 A working D-Bus implementation uses universally-unique IDs in two places.
2374 First, each server address has a UUID identifying the address,
2375 as described in <xref linkend="addresses"/>. Second, each operating
2376 system kernel instance running a D-Bus client or server has a UUID
2377 identifying that kernel, retrieved by invoking the method
2378 org.freedesktop.DBus.Peer.GetMachineId() (see <xref
2379 linkend="standard-interfaces-peer"/>).
2380 </para>
2381 <para>
2382 The term "UUID" in this document is intended literally, i.e. an
2383 identifier that is universally unique. It is not intended to refer to
2384 RFC4122, and in fact the D-Bus UUID is not compatible with that RFC.
2385 </para>
2386 <para>
2387 The UUID must contain 128 bits of data and be hex-encoded. The
2388 hex-encoded string may not contain hyphens or other non-hex-digit
2389 characters, and it must be exactly 32 characters long. To generate a
2390 UUID, the current reference implementation concatenates 96 bits of random
2391 data followed by the 32-bit time in seconds since the UNIX epoch (in big
2392 endian byte order).
2393 </para>
2394 <para>
2395 It would also be acceptable and probably better to simply generate 128
2396 bits of random data, as long as the random number generator is of high
2397 quality. The timestamp could conceivably help if the random bits are not
2398 very random. With a quality random number generator, collisions are
2399 extremely unlikely even with only 96 bits, so it's somewhat academic.
2400 </para>
2401 <para>
2402 Implementations should, however, stick to random data for the first 96 bits
2403 of the UUID.
2404 </para>
2405 </sect1>
2407 <sect1 id="standard-interfaces">
2408 <title>Standard Interfaces</title>
2409 <para>
2410 See <xref linkend="message-protocol-types-notation"/> for details on
2411 the notation used in this section. There are some standard interfaces
2412 that may be useful across various D-Bus applications.
2413 </para>
2414 <sect2 id="standard-interfaces-peer">
2415 <title><literal>org.freedesktop.DBus.Peer</literal></title>
2416 <para>
2417 The <literal>org.freedesktop.DBus.Peer</literal> interface
2418 has two methods:
2419 <programlisting>
2420 org.freedesktop.DBus.Peer.Ping ()
2421 org.freedesktop.DBus.Peer.GetMachineId (out STRING machine_uuid)
2422 </programlisting>
2423 </para>
2424 <para>
2425 On receipt of the <literal>METHOD_CALL</literal> message
2426 <literal>org.freedesktop.DBus.Peer.Ping</literal>, an application should do
2427 nothing other than reply with a <literal>METHOD_RETURN</literal> as
2428 usual. It does not matter which object path a ping is sent to. The
2429 reference implementation handles this method automatically.
2430 </para>
2431 <para>
2432 On receipt of the <literal>METHOD_CALL</literal> message
2433 <literal>org.freedesktop.DBus.Peer.GetMachineId</literal>, an application should
2434 reply with a <literal>METHOD_RETURN</literal> containing a hex-encoded
2435 UUID representing the identity of the machine the process is running on.
2436 This UUID must be the same for all processes on a single system at least
2437 until that system next reboots. It should be the same across reboots
2438 if possible, but this is not always possible to implement and is not
2439 guaranteed.
2440 It does not matter which object path a GetMachineId is sent to. The
2441 reference implementation handles this method automatically.
2442 </para>
2443 <para>
2444 The UUID is intended to be per-instance-of-the-operating-system, so may represent
2445 a virtual machine running on a hypervisor, rather than a physical machine.
2446 Basically if two processes see the same UUID, they should also see the same
2447 shared memory, UNIX domain sockets, process IDs, and other features that require
2448 a running OS kernel in common between the processes.
2449 </para>
2450 <para>
2451 The UUID is often used where other programs might use a hostname. Hostnames
2452 can change without rebooting, however, or just be "localhost" - so the UUID
2453 is more robust.
2454 </para>
2455 <para>
2456 <xref linkend="uuids"/> explains the format of the UUID.
2457 </para>
2458 </sect2>
2460 <sect2 id="standard-interfaces-introspectable">
2461 <title><literal>org.freedesktop.DBus.Introspectable</literal></title>
2462 <para>
2463 This interface has one method:
2464 <programlisting>
2465 org.freedesktop.DBus.Introspectable.Introspect (out STRING xml_data)
2466 </programlisting>
2467 </para>
2468 <para>
2469 Objects instances may implement
2470 <literal>Introspect</literal> which returns an XML description of
2471 the object, including its interfaces (with signals and methods), objects
2472 below it in the object path tree, and its properties.
2473 </para>
2474 <para>
2475 <xref linkend="introspection-format"/> describes the format of this XML string.
2476 </para>
2477 </sect2>
2478 <sect2 id="standard-interfaces-properties">
2479 <title><literal>org.freedesktop.DBus.Properties</literal></title>
2480 <para>
2481 Many native APIs will have a concept of object <firstterm>properties</firstterm>
2482 or <firstterm>attributes</firstterm>. These can be exposed via the
2483 <literal>org.freedesktop.DBus.Properties</literal> interface.
2484 </para>
2485 <para>
2486 <programlisting>
2487 org.freedesktop.DBus.Properties.Get (in STRING interface_name,
2488 in STRING property_name,
2489 out VARIANT value);
2490 org.freedesktop.DBus.Properties.Set (in STRING interface_name,
2491 in STRING property_name,
2492 in VARIANT value);
2493 org.freedesktop.DBus.Properties.GetAll (in STRING interface_name,
2494 out DICT<STRING,VARIANT> props);
2495 </programlisting>
2496 </para>
2497 <para>
2498 The available properties and whether they are writable can be determined
2499 by calling <literal>org.freedesktop.DBus.Introspectable.Introspect</literal>,
2500 see <xref linkend="standard-interfaces-introspectable"/>.
2501 </para>
2502 <para>
2503 An empty string may be provided for the interface name; in this case,
2504 if there are multiple properties on an object with the same name,
2505 the results are undefined (picking one by according to an arbitrary
2506 deterministic rule, or returning an error, are the reasonable
2507 possibilities).
2508 </para>
2509 </sect2>
2510 </sect1>
2512 <sect1 id="introspection-format">
2513 <title>Introspection Data Format</title>
2514 <para>
2515 As described in <xref linkend="standard-interfaces-introspectable"/>,
2516 objects may be introspected at runtime, returning an XML string
2517 that describes the object. The same XML format may be used in
2518 other contexts as well, for example as an "IDL" for generating
2519 static language bindings.
2520 </para>
2521 <para>
2522 Here is an example of introspection data:
2523 <programlisting>
2524 <!DOCTYPE node PUBLIC "-//freedesktop//DTD D-BUS Object Introspection 1.0//EN"
2525 "http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd">
2526 <node name="/org/freedesktop/sample_object">
2527 <interface name="org.freedesktop.SampleInterface">
2528 <method name="Frobate">
2529 <arg name="foo" type="i" direction="in"/>
2530 <arg name="bar" type="s" direction="out"/>
2531 <arg name="baz" type="a{us}" direction="out"/>
2532 <annotation name="org.freedesktop.DBus.Deprecated" value="true"/>
2533 </method>
2534 <method name="Bazify">
2535 <arg name="bar" type="(iiu)" direction="in"/>
2536 <arg name="bar" type="v" direction="out"/>
2537 </method>
2538 <method name="Mogrify">
2539 <arg name="bar" type="(iiav)" direction="in"/>
2540 </method>
2541 <signal name="Changed">
2542 <arg name="new_value" type="b"/>
2543 </signal>
2544 <property name="Bar" type="y" access="readwrite"/>
2545 </interface>
2546 <node name="child_of_sample_object"/>
2547 <node name="another_child_of_sample_object"/>
2548 </node>
2549 </programlisting>
2550 </para>
2551 <para>
2552 A more formal DTD and spec needs writing, but here are some quick notes.
2553 <itemizedlist>
2554 <listitem>
2555 <para>
2556 Only the root <node> element can omit the node name, as it's
2557 known to be the object that was introspected. If the root
2558 <node> does have a name attribute, it must be an absolute
2559 object path. If child <node> have object paths, they must be
2560 relative.
2561 </para>
2562 </listitem>
2563 <listitem>
2564 <para>
2565 If a child <node> has any sub-elements, then they
2566 must represent a complete introspection of the child.
2567 If a child <node> is empty, then it may or may
2568 not have sub-elements; the child must be introspected
2569 in order to find out. The intent is that if an object
2570 knows that its children are "fast" to introspect
2571 it can go ahead and return their information, but
2572 otherwise it can omit it.
2573 </para>
2574 </listitem>
2575 <listitem>
2576 <para>
2577 The direction element on <arg> may be omitted,
2578 in which case it defaults to "in" for method calls
2579 and "out" for signals. Signals only allow "out"
2580 so while direction may be specified, it's pointless.
2581 </para>
2582 </listitem>
2583 <listitem>
2584 <para>
2585 The possible directions are "in" and "out",
2586 unlike CORBA there is no "inout"
2587 </para>
2588 </listitem>
2589 <listitem>
2590 <para>
2591 The possible property access flags are
2592 "readwrite", "read", and "write"
2593 </para>
2594 </listitem>
2595 <listitem>
2596 <para>
2597 Multiple interfaces can of course be listed for
2598 one <node>.
2599 </para>
2600 </listitem>
2601 <listitem>
2602 <para>
2603 The "name" attribute on arguments is optional.
2604 </para>
2605 </listitem>
2606 </itemizedlist>
2607 </para>
2608 <para>
2609 Method, interface, property, and signal elements may have
2610 "annotations", which are generic key/value pairs of metadata.
2611 They are similar conceptually to Java's annotations and C# attributes.
2612 Well-known annotations:
2613 </para>
2614 <informaltable>
2615 <tgroup cols="3">
2616 <thead>
2617 <row>
2618 <entry>Name</entry>
2619 <entry>Values (separated by ,)</entry>
2620 <entry>Description</entry>
2621 </row>
2622 </thead>
2623 <tbody>
2624 <row>
2625 <entry>org.freedesktop.DBus.Deprecated</entry>
2626 <entry>true,false</entry>
2627 <entry>Whether or not the entity is deprecated; defaults to false</entry>
2628 </row>
2629 <row>
2630 <entry>org.freedesktop.DBus.GLib.CSymbol</entry>
2631 <entry>(string)</entry>
2632 <entry>The C symbol; may be used for methods and interfaces</entry>
2633 </row>
2634 <row>
2635 <entry>org.freedesktop.DBus.Method.NoReply</entry>
2636 <entry>true,false</entry>
2637 <entry>If set, don't expect a reply to the method call; defaults to false.</entry>
2638 </row>
2639 </tbody>
2640 </tgroup>
2641 </informaltable>
2642 </sect1>
2643 <sect1 id="message-bus">
2644 <title>Message Bus Specification</title>
2645 <sect2 id="message-bus-overview">
2646 <title>Message Bus Overview</title>
2647 <para>
2648 The message bus accepts connections from one or more applications.
2649 Once connected, applications can exchange messages with other
2650 applications that are also connected to the bus.
2651 </para>
2652 <para>
2653 In order to route messages among connections, the message bus keeps a
2654 mapping from names to connections. Each connection has one
2655 unique-for-the-lifetime-of-the-bus name automatically assigned.
2656 Applications may request additional names for a connection. Additional
2657 names are usually "well-known names" such as
2658 "org.freedesktop.TextEditor". When a name is bound to a connection,
2659 that connection is said to <firstterm>own</firstterm> the name.
2660 </para>
2661 <para>
2662 The bus itself owns a special name, <literal>org.freedesktop.DBus</literal>.
2663 This name routes messages to the bus, allowing applications to make
2664 administrative requests. For example, applications can ask the bus
2665 to assign a name to a connection.
2666 </para>
2667 <para>
2668 Each name may have <firstterm>queued owners</firstterm>. When an
2669 application requests a name for a connection and the name is already in
2670 use, the bus will optionally add the connection to a queue waiting for
2671 the name. If the current owner of the name disconnects or releases
2672 the name, the next connection in the queue will become the new owner.
2673 </para>
2675 <para>
2676 This feature causes the right thing to happen if you start two text
2677 editors for example; the first one may request "org.freedesktop.TextEditor",
2678 and the second will be queued as a possible owner of that name. When
2679 the first exits, the second will take over.
2680 </para>
2682 <para>
2683 Messages may have a <literal>DESTINATION</literal> field (see <xref
2684 linkend="message-protocol-header-fields"/>). If the
2685 <literal>DESTINATION</literal> field is present, it specifies a message
2686 recipient by name. Method calls and replies normally specify this field.
2687 </para>
2689 <para>
2690 Signals normally do not specify a destination; they are sent to all
2691 applications with <firstterm>message matching rules</firstterm> that
2692 match the message.
2693 </para>
2695 <para>
2696 When the message bus receives a method call, if the
2697 <literal>DESTINATION</literal> field is absent, the call is taken to be
2698 a standard one-to-one message and interpreted by the message bus
2699 itself. For example, sending an
2700 <literal>org.freedesktop.DBus.Peer.Ping</literal> message with no
2701 <literal>DESTINATION</literal> will cause the message bus itself to
2702 reply to the ping immediately; the message bus will not make this
2703 message visible to other applications.
2704 </para>
2706 <para>
2707 Continuing the <literal>org.freedesktop.DBus.Peer.Ping</literal> example, if
2708 the ping message were sent with a <literal>DESTINATION</literal> name of
2709 <literal>com.yoyodyne.Screensaver</literal>, then the ping would be
2710 forwarded, and the Yoyodyne Corporation screensaver application would be
2711 expected to reply to the ping.
2712 </para>
2713 </sect2>
2715 <sect2 id="message-bus-names">
2716 <title>Message Bus Names</title>
2717 <para>
2718 Each connection has at least one name, assigned at connection time and
2719 returned in response to the
2720 <literal>org.freedesktop.DBus.Hello</literal> method call. This
2721 automatically-assigned name is called the connection's <firstterm>unique
2722 name</firstterm>. Unique names are never reused for two different
2723 connections to the same bus.
2724 </para>
2725 <para>
2726 Ownership of a unique name is a prerequisite for interaction with
2727 the message bus. It logically follows that the unique name is always
2728 the first name that an application comes to own, and the last
2729 one that it loses ownership of.
2730 </para>
2731 <para>
2732 Unique connection names must begin with the character ':' (ASCII colon
2733 character); bus names that are not unique names must not begin
2734 with this character. (The bus must reject any attempt by an application
2735 to manually request a name beginning with ':'.) This restriction
2736 categorically prevents "spoofing"; messages sent to a unique name
2737 will always go to the expected connection.
2738 </para>
2739 <para>
2740 When a connection is closed, all the names that it owns are deleted (or
2741 transferred to the next connection in the queue if any).
2742 </para>
2743 <para>
2744 A connection can request additional names to be associated with it using
2745 the <literal>org.freedesktop.DBus.RequestName</literal> message. <xref
2746 linkend="message-protocol-names-bus"/> describes the format of a valid
2747 name. These names can be released again using the
2748 <literal>org.freedesktop.DBus.ReleaseName</literal> message.
2749 </para>
2751 <sect3 id="bus-messages-request-name">
2752 <title><literal>org.freedesktop.DBus.RequestName</literal></title>
2753 <para>
2754 As a method:
2755 <programlisting>
2756 UINT32 RequestName (in STRING name, in UINT32 flags)
2757 </programlisting>
2758 Message arguments:
2759 <informaltable>
2760 <tgroup cols="3">
2761 <thead>
2762 <row>
2763 <entry>Argument</entry>
2764 <entry>Type</entry>
2765 <entry>Description</entry>
2766 </row>
2767 </thead>
2768 <tbody>
2769 <row>
2770 <entry>0</entry>
2771 <entry>STRING</entry>
2772 <entry>Name to request</entry>
2773 </row>
2774 <row>
2775 <entry>1</entry>
2776 <entry>UINT32</entry>
2777 <entry>Flags</entry>
2778 </row>
2779 </tbody>
2780 </tgroup>
2781 </informaltable>
2782 Reply arguments:
2783 <informaltable>
2784 <tgroup cols="3">
2785 <thead>
2786 <row>
2787 <entry>Argument</entry>
2788 <entry>Type</entry>
2789 <entry>Description</entry>
2790 </row>
2791 </thead>
2792 <tbody>
2793 <row>
2794 <entry>0</entry>
2795 <entry>UINT32</entry>
2796 <entry>Return value</entry>
2797 </row>
2798 </tbody>
2799 </tgroup>
2800 </informaltable>
2801 </para>
2802 <para>
2803 This method call should be sent to
2804 <literal>org.freedesktop.DBus</literal> and asks the message bus to
2805 assign the given name to the method caller. Each name maintains a
2806 queue of possible owners, where the head of the queue is the primary
2807 or current owner of the name. Each potential owner in the queue
2808 maintains the DBUS_NAME_FLAG_ALLOW_REPLACEMENT and
2809 DBUS_NAME_FLAG_DO_NOT_QUEUE settings from its latest RequestName
2810 call. When RequestName is invoked the following occurs:
2811 <itemizedlist>
2812 <listitem>
2813 <para>
2814 If the method caller is currently the primary owner of the name,
2815 the DBUS_NAME_FLAG_ALLOW_REPLACEMENT and DBUS_NAME_FLAG_DO_NOT_QUEUE
2816 values are updated with the values from the new RequestName call,
2817 and nothing further happens.
2818 </para>
2819 </listitem>
2821 <listitem>
2822 <para>
2823 If the current primary owner (head of the queue) has
2824 DBUS_NAME_FLAG_ALLOW_REPLACEMENT set, and the RequestName
2825 invocation has the DBUS_NAME_FLAG_REPLACE_EXISTING flag, then
2826 the caller of RequestName replaces the current primary owner at
2827 the head of the queue and the current primary owner moves to the
2828 second position in the queue. If the caller of RequestName was
2829 in the queue previously its flags are updated with the values from
2830 the new RequestName in addition to moving it to the head of the queue.
2831 </para>
2832 </listitem>
2834 <listitem>
2835 <para>
2836 If replacement is not possible, and the method caller is
2837 currently in the queue but not the primary owner, its flags are
2838 updated with the values from the new RequestName call.
2839 </para>
2840 </listitem>
2842 <listitem>
2843 <para>
2844 If replacement is not possible, and the method caller is
2845 currently not in the queue, the method caller is appended to the
2846 queue.
2847 </para>
2848 </listitem>
2850 <listitem>
2851 <para>
2852 If any connection in the queue has DBUS_NAME_FLAG_DO_NOT_QUEUE
2853 set and is not the primary owner, it is removed from the
2854 queue. This can apply to the previous primary owner (if it
2855 was replaced) or the method caller (if it updated the
2856 DBUS_NAME_FLAG_DO_NOT_QUEUE flag while still stuck in the
2857 queue, or if it was just added to the queue with that flag set).
2858 </para>
2859 </listitem>
2860 </itemizedlist>
2861 </para>
2862 <para>
2863 Note that DBUS_NAME_FLAG_REPLACE_EXISTING results in "jumping the
2864 queue," even if another application already in the queue had specified
2865 DBUS_NAME_FLAG_REPLACE_EXISTING. This comes up if a primary owner
2866 that does not allow replacement goes away, and the next primary owner
2867 does allow replacement. In this case, queued items that specified
2868 DBUS_NAME_FLAG_REPLACE_EXISTING <emphasis>do not</emphasis>
2869 automatically replace the new primary owner. In other words,
2870 DBUS_NAME_FLAG_REPLACE_EXISTING is not saved, it is only used at the
2871 time RequestName is called. This is deliberate to avoid an infinite loop
2872 anytime two applications are both DBUS_NAME_FLAG_ALLOW_REPLACEMENT
2873 and DBUS_NAME_FLAG_REPLACE_EXISTING.
2874 </para>
2875 <para>
2876 The flags argument contains any of the following values logically ORed
2877 together:
2879 <informaltable>
2880 <tgroup cols="3">
2881 <thead>
2882 <row>
2883 <entry>Conventional Name</entry>
2884 <entry>Value</entry>
2885 <entry>Description</entry>
2886 </row>
2887 </thead>
2888 <tbody>
2889 <row>
2890 <entry>DBUS_NAME_FLAG_ALLOW_REPLACEMENT</entry>
2891 <entry>0x1</entry>
2892 <entry>
2894 If an application A specifies this flag and succeeds in
2895 becoming the owner of the name, and another application B
2896 later calls RequestName with the
2897 DBUS_NAME_FLAG_REPLACE_EXISTING flag, then application A
2898 will lose ownership and receive a
2899 <literal>org.freedesktop.DBus.NameLost</literal> signal, and
2900 application B will become the new owner. If DBUS_NAME_FLAG_ALLOW_REPLACEMENT
2901 is not specified by application A, or DBUS_NAME_FLAG_REPLACE_EXISTING
2902 is not specified by application B, then application B will not replace
2903 application A as the owner.
2905 </entry>
2906 </row>
2907 <row>
2908 <entry>DBUS_NAME_FLAG_REPLACE_EXISTING</entry>
2909 <entry>0x2</entry>
2910 <entry>
2912 Try to replace the current owner if there is one. If this
2913 flag is not set the application will only become the owner of
2914 the name if there is no current owner. If this flag is set,
2915 the application will replace the current owner if
2916 the current owner specified DBUS_NAME_FLAG_ALLOW_REPLACEMENT.
2918 </entry>
2919 </row>
2920 <row>
2921 <entry>DBUS_NAME_FLAG_DO_NOT_QUEUE</entry>
2922 <entry>0x4</entry>
2923 <entry>
2925 Without this flag, if an application requests a name that is
2926 already owned, the application will be placed in a queue to
2927 own the name when the current owner gives it up. If this
2928 flag is given, the application will not be placed in the
2929 queue, the request for the name will simply fail. This flag
2930 also affects behavior when an application is replaced as
2931 name owner; by default the application moves back into the
2932 waiting queue, unless this flag was provided when the application
2933 became the name owner.
2935 </entry>
2936 </row>
2937 </tbody>
2938 </tgroup>
2939 </informaltable>
2941 The return code can be one of the following values:
2943 <informaltable>
2944 <tgroup cols="3">
2945 <thead>
2946 <row>
2947 <entry>Conventional Name</entry>
2948 <entry>Value</entry>
2949 <entry>Description</entry>
2950 </row>
2951 </thead>
2952 <tbody>
2953 <row>
2954 <entry>DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER</entry>
2955 <entry>1</entry> <entry>The caller is now the primary owner of
2956 the name, replacing any previous owner. Either the name had no
2957 owner before, or the caller specified
2958 DBUS_NAME_FLAG_REPLACE_EXISTING and the current owner specified
2959 DBUS_NAME_FLAG_ALLOW_REPLACEMENT.</entry>
2960 </row>
2961 <row>
2962 <entry>DBUS_REQUEST_NAME_REPLY_IN_QUEUE</entry>
2963 <entry>2</entry>
2965 <entry>The name already had an owner,
2966 DBUS_NAME_FLAG_DO_NOT_QUEUE was not specified, and either
2967 the current owner did not specify
2968 DBUS_NAME_FLAG_ALLOW_REPLACEMENT or the requesting
2969 application did not specify DBUS_NAME_FLAG_REPLACE_EXISTING.
2970 </entry>
2971 </row>
2972 <row>
2973 <entry>DBUS_REQUEST_NAME_REPLY_EXISTS</entry> <entry>3</entry>
2974 <entry>The name already has an owner,
2975 DBUS_NAME_FLAG_DO_NOT_QUEUE was specified, and either
2976 DBUS_NAME_FLAG_ALLOW_REPLACEMENT was not specified by the
2977 current owner, or DBUS_NAME_FLAG_REPLACE_EXISTING was not
2978 specified by the requesting application.</entry>
2979 </row>
2980 <row>
2981 <entry>DBUS_REQUEST_NAME_REPLY_ALREADY_OWNER</entry>
2982 <entry>4</entry>
2983 <entry>The application trying to request ownership of a name is already the owner of it.</entry>
2984 </row>
2985 </tbody>
2986 </tgroup>
2987 </informaltable>
2988 </para>
2989 </sect3>
2991 <sect3 id="bus-messages-release-name">
2992 <title><literal>org.freedesktop.DBus.ReleaseName</literal></title>
2993 <para>
2994 As a method:
2995 <programlisting>
2996 UINT32 ReleaseName (in STRING name)
2997 </programlisting>
2998 Message arguments:
2999 <informaltable>
3000 <tgroup cols="3">
3001 <thead>
3002 <row>
3003 <entry>Argument</entry>
3004 <entry>Type</entry>
3005 <entry>Description</entry>
3006 </row>
3007 </thead>
3008 <tbody>
3009 <row>
3010 <entry>0</entry>
3011 <entry>STRING</entry>
3012 <entry>Name to release</entry>
3013 </row>
3014 </tbody>
3015 </tgroup>
3016 </informaltable>
3017 Reply arguments:
3018 <informaltable>
3019 <tgroup cols="3">
3020 <thead>
3021 <row>
3022 <entry>Argument</entry>
3023 <entry>Type</entry>
3024 <entry>Description</entry>
3025 </row>
3026 </thead>
3027 <tbody>
3028 <row>
3029 <entry>0</entry>
3030 <entry>UINT32</entry>
3031 <entry>Return value</entry>
3032 </row>
3033 </tbody>
3034 </tgroup>
3035 </informaltable>
3036 </para>
3037 <para>
3038 This method call should be sent to
3039 <literal>org.freedesktop.DBus</literal> and asks the message bus to
3040 release the method caller's claim to the given name. If the caller is
3041 the primary owner, a new primary owner will be selected from the
3042 queue if any other owners are waiting. If the caller is waiting in
3043 the queue for the name, the caller will removed from the queue and
3044 will not be made an owner of the name if it later becomes available.
3045 If there are no other owners in the queue for the name, it will be
3046 removed from the bus entirely.
3048 The return code can be one of the following values:
3050 <informaltable>
3051 <tgroup cols="3">
3052 <thead>
3053 <row>
3054 <entry>Conventional Name</entry>
3055 <entry>Value</entry>
3056 <entry>Description</entry>
3057 </row>
3058 </thead>
3059 <tbody>
3060 <row>
3061 <entry>DBUS_RELEASE_NAME_REPLY_RELEASED</entry>
3062 <entry>1</entry> <entry>The caller has released his claim on
3063 the given name. Either the caller was the primary owner of
3064 the name, and the name is now unused or taken by somebody
3065 waiting in the queue for the name, or the caller was waiting
3066 in the queue for the name and has now been removed from the
3067 queue.</entry>
3068 </row>
3069 <row>
3070 <entry>DBUS_RELEASE_NAME_REPLY_NON_EXISTENT</entry>
3071 <entry>2</entry>
3072 <entry>The given name does not exist on this bus.</entry>
3073 </row>
3074 <row>
3075 <entry>DBUS_RELEASE_NAME_REPLY_NOT_OWNER</entry>
3076 <entry>3</entry>
3077 <entry>The caller was not the primary owner of this name,
3078 and was also not waiting in the queue to own this name.</entry>
3079 </row>
3080 </tbody>
3081 </tgroup>
3082 </informaltable>
3083 </para>
3084 </sect3>
3085 </sect2>
3087 <sect2 id="message-bus-routing">
3088 <title>Message Bus Message Routing</title>
3089 <para>
3090 FIXME
3091 </para>
3092 <sect3 id="message-bus-routing-match-rules">
3093 <title>Match Rules</title>
3094 <para>
3095 An important part of the message bus routing protocol is match
3096 rules. Match rules describe what messages can be sent to a client
3097 based on the contents of the message. When a message is routed
3098 through the bus it is compared to clients' match rules. If any
3099 of the rules match, the message is dispatched to the client.
3100 If none of the rules match the message never leaves the bus. This
3101 is an effective way to control traffic over the bus and to make sure
3102 only relevant message need to be processed by the client.
3103 </para>
3104 <para>
3105 Match rules are added using the AddMatch bus method
3106 (see xref linkend="bus-messages-add-match"/>). Rules are
3107 specified as a string of comma separated key/value pairs.
3108 Excluding a key from the rule indicates a wildcard match.
3109 For instance excluding the the member from a match rule but
3110 adding a sender would let all messages from that sender through.
3111 An example of a complete rule would be
3112 "type='signal',sender='org.freedesktop.DBus',interface='org.freedesktop.DBus',member='Foo',path='/bar/foo',destination=':452345.34',arg2='bar'"
3113 </para>
3114 <para>
3115 The following table describes the keys that can be used to create
3116 a match rule:
3117 The following table summarizes the D-Bus types.
3118 <informaltable>
3119 <tgroup cols="3">
3120 <thead>
3121 <row>
3122 <entry>Key</entry>
3123 <entry>Possible Values</entry>
3124 <entry>Description</entry>
3125 </row>
3126 </thead>
3127 <tbody>
3128 <row>
3129 <entry><literal>type</literal></entry>
3130 <entry>'signal', 'method_call', 'method_return', 'error'</entry>
3131 <entry>Match on the message type. An example of a type match is type='signal'</entry>
3132 </row>
3133 <row>
3134 <entry><literal>sender</literal></entry>
3135 <entry>A bus or unique name (see <xref linkend="term-bus-name"/>
3136 and <xref linkend="term-unique-name"/> respectively)
3137 </entry>
3138 <entry>Match messages sent by a particular sender. An example of a sender match
3139 is sender='org.freedesktop.Hal'</entry>
3140 </row>
3141 <row>
3142 <entry><literal>interface</literal></entry>
3143 <entry>An interface name (see <xref linkend="message-protocol-names-interface"/>)</entry>
3144 <entry>Match messages sent over or to a particular interface. An example of an
3145 interface match is interface='org.freedesktop.Hal.Manager'.
3146 If a message omits the interface header, it must not match any rule
3147 that specifies this key.</entry>
3148 </row>
3149 <row>
3150 <entry><literal>member</literal></entry>
3151 <entry>Any valid method or signal name</entry>
3152 <entry>Matches messages which have the give method or signal name. An example of
3153 a member match is member='NameOwnerChanged'</entry>
3154 </row>
3155 <row>
3156 <entry><literal>path</literal></entry>
3157 <entry>An object path (see <xref linkend="message-protocol-marshaling-object-path"/>)</entry>
3158 <entry>Matches messages which are sent from or to the given object. An example of a
3159 path match is path='/org/freedesktop/Hal/Manager'</entry>
3160 </row>
3161 <row>
3162 <entry><literal>destination</literal></entry>
3163 <entry>A unique name (see <xref linkend="term-unique-name"/>)</entry>
3164 <entry>Matches messages which are being sent to the given unique name. An
3165 example of a destination match is destination=':1.0'</entry>
3166 </row>
3167 <row>
3168 <entry><literal>arg[0, 1, 2, 3, ...]</literal></entry>
3169 <entry>Any string</entry>
3170 <entry>Arg matches are special and are used for further restricting the
3171 match based on the arguments in the body of a message. As of this time
3172 only string arguments can be matched. An example of an argument match
3173 would be arg3='Foo'. Only argument indexes from 0 to 63 should be
3174 accepted.</entry>
3175 </row>
3176 <row>
3177 <entry><literal>arg[0, 1, 2, 3, ...]path</literal></entry>
3178 <entry>Any string</entry>
3179 <entry>Argument path matches provide a specialised form of wildcard
3180 matching for path-like namespaces. As with normal argument matches,
3181 if the argument is exactly equal to the string given in the match
3182 rule then the rule is satisfied. Additionally, there is also a
3183 match when either the string given in the match rule or the
3184 appropriate message argument ends with '/' and is a prefix of the
3185 other. An example argument path match is arg0path='/aa/bb/'. This
3186 would match messages with first arguments of '/', '/aa/',
3187 '/aa/bb/', '/aa/bb/cc/' and '/aa/bb/cc'. It would not match
3188 messages with first arguments of '/aa/b', '/aa' or even '/aa/bb'.</entry>
3189 </row>
3190 </tbody>
3191 </tgroup>
3192 </informaltable>
3193 </para>
3194 </sect3>
3195 </sect2>
3196 <sect2 id="message-bus-starting-services">
3197 <title>Message Bus Starting Services</title>
3198 <para>
3199 The message bus can start applications on behalf of other applications.
3200 In CORBA terms, this would be called <firstterm>activation</firstterm>.
3201 An application that can be started in this way is called a
3202 <firstterm>service</firstterm>.
3203 </para>
3204 <para>
3205 With D-Bus, starting a service is normally done by name. That is,
3206 applications ask the message bus to start some program that will own a
3207 well-known name, such as <literal>org.freedesktop.TextEditor</literal>.
3208 This implies a contract documented along with the name
3209 <literal>org.freedesktop.TextEditor</literal> for which objects
3210 the owner of that name will provide, and what interfaces those
3211 objects will have.
3212 </para>
3213 <para>
3214 To find an executable corresponding to a particular name, the bus daemon
3215 looks for <firstterm>service description files</firstterm>. Service
3216 description files define a mapping from names to executables. Different
3217 kinds of message bus will look for these files in different places, see
3218 <xref linkend="message-bus-types"/>.
3219 </para>
3220 <para>
3221 [FIXME the file format should be much better specified than "similar to
3222 .desktop entries" esp. since desktop entries are already
3223 badly-specified. ;-)] Service description files have the ".service" file
3224 extension. The message bus will only load service description files
3225 ending with .service; all other files will be ignored. The file format
3226 is similar to that of <ulink
3227 url="http://www.freedesktop.org/standards/desktop-entry-spec/desktop-entry-spec.html">desktop
3228 entries</ulink>. All service description files must be in UTF-8
3229 encoding. To ensure that there will be no name collisions, service files
3230 must be namespaced using the same mechanism as messages and service
3231 names.
3233 <figure>
3234 <title>Example service description file</title>
3235 <programlisting>
3236 # Sample service description file
3237 [D-BUS Service]
3238 Names=org.freedesktop.ConfigurationDatabase;org.gnome.GConf;
3239 Exec=/usr/libexec/gconfd-2
3240 </programlisting>
3241 </figure>
3242 </para>
3243 <para>
3244 When an application asks to start a service by name, the bus daemon tries to
3245 find a service that will own that name. It then tries to spawn the
3246 executable associated with it. If this fails, it will report an
3247 error. [FIXME what happens if two .service files offer the same service;
3248 what kind of error is reported, should we have a way for the client to
3249 choose one?]
3250 </para>
3251 <para>
3252 The executable launched will have the environment variable
3253 <literal>DBUS_STARTER_ADDRESS</literal> set to the address of the
3254 message bus so it can connect and request the appropriate names.
3255 </para>
3256 <para>
3257 The executable being launched may want to know whether the message bus
3258 starting it is one of the well-known message buses (see <xref
3259 linkend="message-bus-types"/>). To facilitate this, the bus must also set
3260 the <literal>DBUS_STARTER_BUS_TYPE</literal> environment variable if it is one
3261 of the well-known buses. The currently-defined values for this variable
3262 are <literal>system</literal> for the systemwide message bus,
3263 and <literal>session</literal> for the per-login-session message
3264 bus. The new executable must still connect to the address given
3265 in <literal>DBUS_STARTER_ADDRESS</literal>, but may assume that the
3266 resulting connection is to the well-known bus.
3267 </para>
3268 <para>
3269 [FIXME there should be a timeout somewhere, either specified
3270 in the .service file, by the client, or just a global value
3271 and if the client being activated fails to connect within that
3272 timeout, an error should be sent back.]
3273 </para>
3275 <sect3 id="message-bus-starting-services-scope">
3276 <title>Message Bus Service Scope</title>
3277 <para>
3278 The "scope" of a service is its "per-", such as per-session,
3279 per-machine, per-home-directory, or per-display. The reference
3280 implementation doesn't yet support starting services in a different
3281 scope from the message bus itself. So e.g. if you start a service
3282 on the session bus its scope is per-session.
3283 </para>
3284 <para>
3285 We could add an optional scope to a bus name. For example, for
3286 per-(display,session pair), we could have a unique ID for each display
3287 generated automatically at login and set on screen 0 by executing a
3288 special "set display ID" binary. The ID would be stored in a
3289 <literal>_DBUS_DISPLAY_ID</literal> property and would be a string of
3290 random bytes. This ID would then be used to scope names.
3291 Starting/locating a service could be done by ID-name pair rather than
3292 only by name.
3293 </para>
3294 <para>
3295 Contrast this with a per-display scope. To achieve that, we would
3296 want a single bus spanning all sessions using a given display.
3297 So we might set a <literal>_DBUS_DISPLAY_BUS_ADDRESS</literal>
3298 property on screen 0 of the display, pointing to this bus.
3299 </para>
3300 </sect3>
3301 </sect2>
3303 <sect2 id="message-bus-types">
3304 <title>Well-known Message Bus Instances</title>
3305 <para>
3306 Two standard message bus instances are defined here, along with how
3307 to locate them and where their service files live.
3308 </para>
3309 <sect3 id="message-bus-types-login">
3310 <title>Login session message bus</title>
3311 <para>
3312 Each time a user logs in, a <firstterm>login session message
3313 bus</firstterm> may be started. All applications in the user's login
3314 session may interact with one another using this message bus.
3315 </para>
3316 <para>
3317 The address of the login session message bus is given
3318 in the <literal>DBUS_SESSION_BUS_ADDRESS</literal> environment
3319 variable. If that variable is not set, applications may
3320 also try to read the address from the X Window System root
3321 window property <literal>_DBUS_SESSION_BUS_ADDRESS</literal>.
3322 The root window property must have type <literal>STRING</literal>.
3323 The environment variable should have precedence over the
3324 root window property.
3325 </para>
3326 <para>
3327 [FIXME specify location of .service files, probably using
3328 DESKTOP_DIRS etc. from basedir specification, though login session
3329 bus is not really desktop-specific]
3330 </para>
3331 </sect3>
3332 <sect3 id="message-bus-types-system">
3333 <title>System message bus</title>
3334 <para>
3335 A computer may have a <firstterm>system message bus</firstterm>,
3336 accessible to all applications on the system. This message bus may be
3337 used to broadcast system events, such as adding new hardware devices,
3338 changes in the printer queue, and so forth.
3339 </para>
3340 <para>
3341 The address of the system message bus is given
3342 in the <literal>DBUS_SYSTEM_BUS_ADDRESS</literal> environment
3343 variable. If that variable is not set, applications should try
3344 to connect to the well-known address
3345 <literal>unix:path=/var/run/dbus/system_bus_socket</literal>.
3346 <footnote>
3347 <para>
3348 The D-Bus reference implementation actually honors the
3349 <literal>$(localstatedir)</literal> configure option
3350 for this address, on both client and server side.
3351 </para>
3352 </footnote>
3353 </para>
3354 <para>
3355 [FIXME specify location of system bus .service files]
3356 </para>
3357 </sect3>
3358 </sect2>
3360 <sect2 id="message-bus-messages">
3361 <title>Message Bus Messages</title>
3362 <para>
3363 The special message bus name <literal>org.freedesktop.DBus</literal>
3364 responds to a number of additional messages.
3365 </para>
3367 <sect3 id="bus-messages-hello">
3368 <title><literal>org.freedesktop.DBus.Hello</literal></title>
3369 <para>
3370 As a method:
3371 <programlisting>
3372 STRING Hello ()
3373 </programlisting>
3374 Reply arguments:
3375 <informaltable>
3376 <tgroup cols="3">
3377 <thead>
3378 <row>
3379 <entry>Argument</entry>
3380 <entry>Type</entry>
3381 <entry>Description</entry>
3382 </row>
3383 </thead>
3384 <tbody>
3385 <row>
3386 <entry>0</entry>
3387 <entry>STRING</entry>
3388 <entry>Unique name assigned to the connection</entry>
3389 </row>
3390 </tbody>
3391 </tgroup>
3392 </informaltable>
3393 </para>
3394 <para>
3395 Before an application is able to send messages to other applications
3396 it must send the <literal>org.freedesktop.DBus.Hello</literal> message
3397 to the message bus to obtain a unique name. If an application without
3398 a unique name tries to send a message to another application, or a
3399 message to the message bus itself that isn't the
3400 <literal>org.freedesktop.DBus.Hello</literal> message, it will be
3401 disconnected from the bus.
3402 </para>
3403 <para>
3404 There is no corresponding "disconnect" request; if a client wishes to
3405 disconnect from the bus, it simply closes the socket (or other
3406 communication channel).
3407 </para>
3408 </sect3>
3409 <sect3 id="bus-messages-list-names">
3410 <title><literal>org.freedesktop.DBus.ListNames</literal></title>
3411 <para>
3412 As a method:
3413 <programlisting>
3414 ARRAY of STRING ListNames ()
3415 </programlisting>
3416 Reply arguments:
3417 <informaltable>
3418 <tgroup cols="3">
3419 <thead>
3420 <row>
3421 <entry>Argument</entry>
3422 <entry>Type</entry>
3423 <entry>Description</entry>
3424 </row>
3425 </thead>
3426 <tbody>
3427 <row>
3428 <entry>0</entry>
3429 <entry>ARRAY of STRING</entry>
3430 <entry>Array of strings where each string is a bus name</entry>
3431 </row>
3432 </tbody>
3433 </tgroup>
3434 </informaltable>
3435 </para>
3436 <para>
3437 Returns a list of all currently-owned names on the bus.
3438 </para>
3439 </sect3>
3440 <sect3 id="bus-messages-list-activatable-names">
3441 <title><literal>org.freedesktop.DBus.ListActivatableNames</literal></title>
3442 <para>
3443 As a method:
3444 <programlisting>
3445 ARRAY of STRING ListActivatableNames ()
3446 </programlisting>
3447 Reply arguments:
3448 <informaltable>
3449 <tgroup cols="3">
3450 <thead>
3451 <row>
3452 <entry>Argument</entry>
3453 <entry>Type</entry>
3454 <entry>Description</entry>
3455 </row>
3456 </thead>
3457 <tbody>
3458 <row>
3459 <entry>0</entry>
3460 <entry>ARRAY of STRING</entry>
3461 <entry>Array of strings where each string is a bus name</entry>
3462 </row>
3463 </tbody>
3464 </tgroup>
3465 </informaltable>
3466 </para>
3467 <para>
3468 Returns a list of all names that can be activated on the bus.
3469 </para>
3470 </sect3>
3471 <sect3 id="bus-messages-name-exists">
3472 <title><literal>org.freedesktop.DBus.NameHasOwner</literal></title>
3473 <para>
3474 As a method:
3475 <programlisting>
3476 BOOLEAN NameHasOwner (in STRING name)
3477 </programlisting>
3478 Message arguments:
3479 <informaltable>
3480 <tgroup cols="3">
3481 <thead>
3482 <row>
3483 <entry>Argument</entry>
3484 <entry>Type</entry>
3485 <entry>Description</entry>
3486 </row>
3487 </thead>
3488 <tbody>
3489 <row>
3490 <entry>0</entry>
3491 <entry>STRING</entry>
3492 <entry>Name to check</entry>
3493 </row>
3494 </tbody>
3495 </tgroup>
3496 </informaltable>
3497 Reply arguments:
3498 <informaltable>
3499 <tgroup cols="3">
3500 <thead>
3501 <row>
3502 <entry>Argument</entry>
3503 <entry>Type</entry>
3504 <entry>Description</entry>
3505 </row>
3506 </thead>
3507 <tbody>
3508 <row>
3509 <entry>0</entry>
3510 <entry>BOOLEAN</entry>
3511 <entry>Return value, true if the name exists</entry>
3512 </row>
3513 </tbody>
3514 </tgroup>
3515 </informaltable>
3516 </para>
3517 <para>
3518 Checks if the specified name exists (currently has an owner).
3519 </para>
3520 </sect3>
3522 <sect3 id="bus-messages-name-owner-changed">
3523 <title><literal>org.freedesktop.DBus.NameOwnerChanged</literal></title>
3524 <para>
3525 This is a signal:
3526 <programlisting>
3527 NameOwnerChanged (STRING name, STRING old_owner, STRING new_owner)
3528 </programlisting>
3529 Message arguments:
3530 <informaltable>
3531 <tgroup cols="3">
3532 <thead>
3533 <row>
3534 <entry>Argument</entry>
3535 <entry>Type</entry>
3536 <entry>Description</entry>
3537 </row>
3538 </thead>
3539 <tbody>
3540 <row>
3541 <entry>0</entry>
3542 <entry>STRING</entry>
3543 <entry>Name with a new owner</entry>
3544 </row>
3545 <row>
3546 <entry>1</entry>
3547 <entry>STRING</entry>
3548 <entry>Old owner or empty string if none</entry>
3549 </row>
3550 <row>
3551 <entry>2</entry>
3552 <entry>STRING</entry>
3553 <entry>New owner or empty string if none</entry>
3554 </row>
3555 </tbody>
3556 </tgroup>
3557 </informaltable>
3558 </para>
3559 <para>
3560 This signal indicates that the owner of a name has changed.
3561 It's also the signal to use to detect the appearance of
3562 new names on the bus.
3563 </para>
3564 </sect3>
3565 <sect3 id="bus-messages-name-lost">
3566 <title><literal>org.freedesktop.DBus.NameLost</literal></title>
3567 <para>
3568 This is a signal:
3569 <programlisting>
3570 NameLost (STRING name)
3571 </programlisting>
3572 Message arguments:
3573 <informaltable>
3574 <tgroup cols="3">
3575 <thead>
3576 <row>
3577 <entry>Argument</entry>
3578 <entry>Type</entry>
3579 <entry>Description</entry>
3580 </row>
3581 </thead>
3582 <tbody>
3583 <row>
3584 <entry>0</entry>
3585 <entry>STRING</entry>
3586 <entry>Name which was lost</entry>
3587 </row>
3588 </tbody>
3589 </tgroup>
3590 </informaltable>
3591 </para>
3592 <para>
3593 This signal is sent to a specific application when it loses
3594 ownership of a name.
3595 </para>
3596 </sect3>
3598 <sect3 id="bus-messages-name-acquired">
3599 <title><literal>org.freedesktop.DBus.NameAcquired</literal></title>
3600 <para>
3601 This is a signal:
3602 <programlisting>
3603 NameAcquired (STRING name)
3604 </programlisting>
3605 Message arguments:
3606 <informaltable>
3607 <tgroup cols="3">
3608 <thead>
3609 <row>
3610 <entry>Argument</entry>
3611 <entry>Type</entry>
3612 <entry>Description</entry>
3613 </row>
3614 </thead>
3615 <tbody>
3616 <row>
3617 <entry>0</entry>
3618 <entry>STRING</entry>
3619 <entry>Name which was acquired</entry>
3620 </row>
3621 </tbody>
3622 </tgroup>
3623 </informaltable>
3624 </para>
3625 <para>
3626 This signal is sent to a specific application when it gains
3627 ownership of a name.
3628 </para>
3629 </sect3>
3631 <sect3 id="bus-messages-start-service-by-name">
3632 <title><literal>org.freedesktop.DBus.StartServiceByName</literal></title>
3633 <para>
3634 As a method:
3635 <programlisting>
3636 UINT32 StartServiceByName (in STRING name, in UINT32 flags)
3637 </programlisting>
3638 Message arguments:
3639 <informaltable>
3640 <tgroup cols="3">
3641 <thead>
3642 <row>
3643 <entry>Argument</entry>
3644 <entry>Type</entry>
3645 <entry>Description</entry>
3646 </row>
3647 </thead>
3648 <tbody>
3649 <row>
3650 <entry>0</entry>
3651 <entry>STRING</entry>
3652 <entry>Name of the service to start</entry>
3653 </row>
3654 <row>
3655 <entry>1</entry>
3656 <entry>UINT32</entry>
3657 <entry>Flags (currently not used)</entry>
3658 </row>
3659 </tbody>
3660 </tgroup>
3661 </informaltable>
3662 Reply arguments:
3663 <informaltable>
3664 <tgroup cols="3">
3665 <thead>
3666 <row>
3667 <entry>Argument</entry>
3668 <entry>Type</entry>
3669 <entry>Description</entry>
3670 </row>
3671 </thead>
3672 <tbody>
3673 <row>
3674 <entry>0</entry>
3675 <entry>UINT32</entry>
3676 <entry>Return value</entry>
3677 </row>
3678 </tbody>
3679 </tgroup>
3680 </informaltable>
3681 Tries to launch the executable associated with a name. For more information, see <xref linkend="message-bus-starting-services"/>.
3683 </para>
3684 <para>
3685 The return value can be one of the following values:
3686 <informaltable>
3687 <tgroup cols="3">
3688 <thead>
3689 <row>
3690 <entry>Identifier</entry>
3691 <entry>Value</entry>
3692 <entry>Description</entry>
3693 </row>
3694 </thead>
3695 <tbody>
3696 <row>
3697 <entry>DBUS_START_REPLY_SUCCESS</entry>
3698 <entry>1</entry>
3699 <entry>The service was successfully started.</entry>
3700 </row>
3701 <row>
3702 <entry>DBUS_START_REPLY_ALREADY_RUNNING</entry>
3703 <entry>2</entry>
3704 <entry>A connection already owns the given name.</entry>
3705 </row>
3706 </tbody>
3707 </tgroup>
3708 </informaltable>
3709 </para>
3711 </sect3>
3713 <sect3 id="bus-messages-update-activation-environment">
3714 <title><literal>org.freedesktop.DBus.UpdateActivationEnvironment</literal></title>
3715 <para>
3716 As a method:
3717 <programlisting>
3718 UpdateActivationEnvironment (in ARRAY of DICT<STRING,STRING> environment)
3719 </programlisting>
3720 Message arguments:
3721 <informaltable>
3722 <tgroup cols="3">
3723 <thead>
3724 <row>
3725 <entry>Argument</entry>
3726 <entry>Type</entry>
3727 <entry>Description</entry>
3728 </row>
3729 </thead>
3730 <tbody>
3731 <row>
3732 <entry>0</entry>
3733 <entry>ARRAY of DICT<STRING,STRING></entry>
3734 <entry>Environment to add or update</entry>
3735 </row>
3736 </tbody>
3737 </tgroup>
3738 </informaltable>
3739 Normally, session bus activated services inherit the environment of the bus daemon. This method adds to or modifies that environment when activating services.
3740 </para>
3741 <para>
3742 Some bus instances, such as the standard system bus, may disable access to this method for some or all callers.
3743 </para>
3745 </sect3>
3747 <sect3 id="bus-messages-get-name-owner">
3748 <title><literal>org.freedesktop.DBus.GetNameOwner</literal></title>
3749 <para>
3750 As a method:
3751 <programlisting>
3752 STRING GetNameOwner (in STRING name)
3753 </programlisting>
3754 Message arguments:
3755 <informaltable>
3756 <tgroup cols="3">
3757 <thead>
3758 <row>
3759 <entry>Argument</entry>
3760 <entry>Type</entry>
3761 <entry>Description</entry>
3762 </row>
3763 </thead>
3764 <tbody>
3765 <row>
3766 <entry>0</entry>
3767 <entry>STRING</entry>
3768 <entry>Name to get the owner of</entry>
3769 </row>
3770 </tbody>
3771 </tgroup>
3772 </informaltable>
3773 Reply arguments:
3774 <informaltable>
3775 <tgroup cols="3">
3776 <thead>
3777 <row>
3778 <entry>Argument</entry>
3779 <entry>Type</entry>
3780 <entry>Description</entry>
3781 </row>
3782 </thead>
3783 <tbody>
3784 <row>
3785 <entry>0</entry>
3786 <entry>STRING</entry>
3787 <entry>Return value, a unique connection name</entry>
3788 </row>
3789 </tbody>
3790 </tgroup>
3791 </informaltable>
3792 Returns the unique connection name of the primary owner of the name
3793 given. If the requested name doesn't have an owner, returns a
3794 <literal>org.freedesktop.DBus.Error.NameHasNoOwner</literal> error.
3795 </para>
3796 </sect3>
3798 <sect3 id="bus-messages-get-connection-unix-user">
3799 <title><literal>org.freedesktop.DBus.GetConnectionUnixUser</literal></title>
3800 <para>
3801 As a method:
3802 <programlisting>
3803 UINT32 GetConnectionUnixUser (in STRING connection_name)
3804 </programlisting>
3805 Message arguments:
3806 <informaltable>
3807 <tgroup cols="3">
3808 <thead>
3809 <row>
3810 <entry>Argument</entry>
3811 <entry>Type</entry>
3812 <entry>Description</entry>
3813 </row>
3814 </thead>
3815 <tbody>
3816 <row>
3817 <entry>0</entry>
3818 <entry>STRING</entry>
3819 <entry>Name of the connection to query</entry>
3820 </row>
3821 </tbody>
3822 </tgroup>
3823 </informaltable>
3824 Reply arguments:
3825 <informaltable>
3826 <tgroup cols="3">
3827 <thead>
3828 <row>
3829 <entry>Argument</entry>
3830 <entry>Type</entry>
3831 <entry>Description</entry>
3832 </row>
3833 </thead>
3834 <tbody>
3835 <row>
3836 <entry>0</entry>
3837 <entry>UINT32</entry>
3838 <entry>unix user id</entry>
3839 </row>
3840 </tbody>
3841 </tgroup>
3842 </informaltable>
3843 Returns the unix uid of the process connected to the server. If unable to
3844 determine it, a <literal>org.freedesktop.DBus.Error.Failed</literal>
3845 error is returned.
3846 </para>
3847 </sect3>
3849 <sect3 id="bus-messages-add-match">
3850 <title><literal>org.freedesktop.DBus.AddMatch</literal></title>
3851 <para>
3852 As a method:
3853 <programlisting>
3854 AddMatch (in STRING rule)
3855 </programlisting>
3856 Message arguments:
3857 <informaltable>
3858 <tgroup cols="3">
3859 <thead>
3860 <row>
3861 <entry>Argument</entry>
3862 <entry>Type</entry>
3863 <entry>Description</entry>
3864 </row>
3865 </thead>
3866 <tbody>
3867 <row>
3868 <entry>0</entry>
3869 <entry>STRING</entry>
3870 <entry>Match rule to add to the connection</entry>
3871 </row>
3872 </tbody>
3873 </tgroup>
3874 </informaltable>
3875 Adds a match rule to match messages going through the message bus (see <xref linkend='message-bus-routing-match-rules'/>).
3876 If the bus does not have enough resources the <literal>org.freedesktop.DBus.Error.OOM</literal>
3877 error is returned.
3878 </para>
3879 </sect3>
3880 <sect3 id="bus-messages-remove-match">
3881 <title><literal>org.freedesktop.DBus.RemoveMatch</literal></title>
3882 <para>
3883 As a method:
3884 <programlisting>
3885 RemoveMatch (in STRING rule)
3886 </programlisting>
3887 Message arguments:
3888 <informaltable>
3889 <tgroup cols="3">
3890 <thead>
3891 <row>
3892 <entry>Argument</entry>
3893 <entry>Type</entry>
3894 <entry>Description</entry>
3895 </row>
3896 </thead>
3897 <tbody>
3898 <row>
3899 <entry>0</entry>
3900 <entry>STRING</entry>
3901 <entry>Match rule to remove from the connection</entry>
3902 </row>
3903 </tbody>
3904 </tgroup>
3905 </informaltable>
3906 Removes the first rule that matches (see <xref linkend='message-bus-routing-match-rules'/>).
3907 If the rule is not found the <literal>org.freedesktop.DBus.Error.MatchRuleNotFound</literal>
3908 error is returned.
3909 </para>
3910 </sect3>
3912 <sect3 id="bus-messages-get-id">
3913 <title><literal>org.freedesktop.DBus.GetId</literal></title>
3914 <para>
3915 As a method:
3916 <programlisting>
3917 GetId (out STRING id)
3918 </programlisting>
3919 Reply arguments:
3920 <informaltable>
3921 <tgroup cols="3">
3922 <thead>
3923 <row>
3924 <entry>Argument</entry>
3925 <entry>Type</entry>
3926 <entry>Description</entry>
3927 </row>
3928 </thead>
3929 <tbody>
3930 <row>
3931 <entry>0</entry>
3932 <entry>STRING</entry>
3933 <entry>Unique ID identifying the bus daemon</entry>
3934 </row>
3935 </tbody>
3936 </tgroup>
3937 </informaltable>
3938 Gets the unique ID of the bus. The unique ID here is shared among all addresses the
3939 bus daemon is listening on (TCP, UNIX domain socket, etc.) and its format is described in
3940 <xref linkend="uuids"/>. Each address the bus is listening on also has its own unique
3941 ID, as described in <xref linkend="addresses"/>. The per-bus and per-address IDs are not related.
3942 There is also a per-machine ID, described in <xref linkend="standard-interfaces-peer"/> and returned
3943 by org.freedesktop.DBus.Peer.GetMachineId().
3944 For a desktop session bus, the bus ID can be used as a way to uniquely identify a user's session.
3945 </para>
3946 </sect3>
3948 </sect2>
3950 </sect1>
3951 <!--
3952 <appendix id="implementation-notes">
3953 <title>Implementation notes</title>
3954 <sect1 id="implementation-notes-subsection">
3955 <title></title>
3956 <para>
3957 </para>
3958 </sect1>
3959 </appendix>
3960 -->
3962 <glossary><title>Glossary</title>
3963 <para>
3964 This glossary defines some of the terms used in this specification.
3965 </para>
3967 <glossentry id="term-bus-name"><glossterm>Bus Name</glossterm>
3968 <glossdef>
3969 <para>
3970 The message bus maintains an association between names and
3971 connections. (Normally, there's one connection per application.) A
3972 bus name is simply an identifier used to locate connections. For
3973 example, the hypothetical <literal>com.yoyodyne.Screensaver</literal>
3974 name might be used to send a message to a screensaver from Yoyodyne
3975 Corporation. An application is said to <firstterm>own</firstterm> a
3976 name if the message bus has associated the application's connection
3977 with the name. Names may also have <firstterm>queued
3978 owners</firstterm> (see <xref linkend="term-queued-owner"/>).
3979 The bus assigns a unique name to each connection,
3980 see <xref linkend="term-unique-name"/>. Other names
3981 can be thought of as "well-known names" and are
3982 used to find applications that offer specific functionality.
3983 </para>
3984 </glossdef>
3985 </glossentry>
3987 <glossentry id="term-message"><glossterm>Message</glossterm>
3988 <glossdef>
3989 <para>
3990 A message is the atomic unit of communication via the D-Bus
3991 protocol. It consists of a <firstterm>header</firstterm> and a
3992 <firstterm>body</firstterm>; the body is made up of
3993 <firstterm>arguments</firstterm>.
3994 </para>
3995 </glossdef>
3996 </glossentry>
3998 <glossentry id="term-message-bus"><glossterm>Message Bus</glossterm>
3999 <glossdef>
4000 <para>
4001 The message bus is a special application that forwards
4002 or routes messages between a group of applications
4003 connected to the message bus. It also manages
4004 <firstterm>names</firstterm> used for routing
4005 messages.
4006 </para>
4007 </glossdef>
4008 </glossentry>
4010 <glossentry id="term-name"><glossterm>Name</glossterm>
4011 <glossdef>
4012 <para>
4013 See <xref linkend="term-bus-name"/>. "Name" may
4014 also be used to refer to some of the other names
4015 in D-Bus, such as interface names.
4016 </para>
4017 </glossdef>
4018 </glossentry>
4020 <glossentry id="namespace"><glossterm>Namespace</glossterm>
4021 <glossdef>
4022 <para>
4023 Used to prevent collisions when defining new interfaces or bus
4024 names. The convention used is the same one Java uses for defining
4025 classes: a reversed domain name.
4026 </para>
4027 </glossdef>
4028 </glossentry>
4030 <glossentry id="term-object"><glossterm>Object</glossterm>
4031 <glossdef>
4032 <para>
4033 Each application contains <firstterm>objects</firstterm>, which have
4034 <firstterm>interfaces</firstterm> and
4035 <firstterm>methods</firstterm>. Objects are referred to by a name,
4036 called a <firstterm>path</firstterm>.
4037 </para>
4038 </glossdef>
4039 </glossentry>
4041 <glossentry id="one-to-one"><glossterm>One-to-One</glossterm>
4042 <glossdef>
4043 <para>
4044 An application talking directly to another application, without going
4045 through a message bus. One-to-one connections may be "peer to peer" or
4046 "client to server." The D-Bus protocol has no concept of client
4047 vs. server after a connection has authenticated; the flow of messages
4048 is symmetrical (full duplex).
4049 </para>
4050 </glossdef>
4051 </glossentry>
4053 <glossentry id="term-path"><glossterm>Path</glossterm>
4054 <glossdef>
4055 <para>
4056 Object references (object names) in D-Bus are organized into a
4057 filesystem-style hierarchy, so each object is named by a path. As in
4058 LDAP, there's no difference between "files" and "directories"; a path
4059 can refer to an object, while still having child objects below it.
4060 </para>
4061 </glossdef>
4062 </glossentry>
4064 <glossentry id="term-queued-owner"><glossterm>Queued Name Owner</glossterm>
4065 <glossdef>
4066 <para>
4067 Each bus name has a primary owner; messages sent to the name go to the
4068 primary owner. However, certain names also maintain a queue of
4069 secondary owners "waiting in the wings." If the primary owner releases
4070 the name, then the first secondary owner in the queue automatically
4071 becomes the new owner of the name.
4072 </para>
4073 </glossdef>
4074 </glossentry>
4076 <glossentry id="term-service"><glossterm>Service</glossterm>
4077 <glossdef>
4078 <para>
4079 A service is an executable that can be launched by the bus daemon.
4080 Services normally guarantee some particular features, for example they
4081 may guarantee that they will request a specific name such as
4082 "org.freedesktop.Screensaver", have a singleton object
4083 "/org/freedesktop/Application", and that object will implement the
4084 interface "org.freedesktop.ScreensaverControl".
4085 </para>
4086 </glossdef>
4087 </glossentry>
4089 <glossentry id="term-service-description-files"><glossterm>Service Description Files</glossterm>
4090 <glossdef>
4091 <para>
4092 ".service files" tell the bus about service applications that can be
4093 launched (see <xref linkend="term-service"/>). Most importantly they
4094 provide a mapping from bus names to services that will request those
4095 names when they start up.
4096 </para>
4097 </glossdef>
4098 </glossentry>
4100 <glossentry id="term-unique-name"><glossterm>Unique Connection Name</glossterm>
4101 <glossdef>
4102 <para>
4103 The special name automatically assigned to each connection by the
4104 message bus. This name will never change owner, and will be unique
4105 (never reused during the lifetime of the message bus).
4106 It will begin with a ':' character.
4107 </para>
4108 </glossdef>
4109 </glossentry>
4111 </glossary>
4112 </article>