1 /* GIO - GLib Input, Output and Streaming Library
3 * Copyright © 2009 Codethink Limited
5 * This program is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU Lesser General Public License as published
7 * by the Free Software Foundation; either version 2 of the licence or (at
8 * your option) any later version.
10 * See the included COPYING file for more information.
12 * Authors: Ryan Lortie <desrt@desrt.ca>
16 #include "gunixconnection.h"
17 #include "gunixcredentialsmessage.h"
21 * SECTION:gunixconnection
22 * @title: GUnixConnection
23 * @short_description: A UNIX domain GSocketConnection
24 * @include: gio/gunixconnection.h
25 * @see_also: #GSocketConnection.
27 * This is the subclass of #GSocketConnection that is created
28 * for UNIX domain sockets.
30 * It contains functions to do some of the UNIX socket specific
31 * functionality like passing file descriptors.
33 * Note that <filename><gio/gunixconnection.h></filename> belongs to
34 * the UNIX-specific GIO interfaces, thus you have to use the
35 * <filename>gio-unix-2.0.pc</filename> pkg-config file when using it.
40 #include <gio/gsocketcontrolmessage.h>
41 #include <gio/gunixfdmessage.h>
42 #include <gio/gsocket.h>
46 /* for getsockopt() and setsockopt() */
47 #include <sys/types.h> /* See NOTES */
48 #include <sys/socket.h>
54 G_DEFINE_TYPE_WITH_CODE (GUnixConnection
, g_unix_connection
,
55 G_TYPE_SOCKET_CONNECTION
,
56 g_socket_connection_factory_register_type (g_define_type_id
,
59 G_SOCKET_PROTOCOL_DEFAULT
);
63 * g_unix_connection_send_fd:
64 * @connection: a #GUnixConnection
65 * @fd: a file descriptor
66 * @cancellable: (allow-none): optional #GCancellable object, %NULL to ignore.
67 * @error: (allow-none): #GError for error reporting, or %NULL to ignore.
69 * Passes a file descriptor to the receiving side of the
70 * connection. The receiving end has to call g_unix_connection_receive_fd()
71 * to accept the file descriptor.
73 * As well as sending the fd this also writes a single byte to the
74 * stream, as this is required for fd passing to work on some
77 * Returns: a %TRUE on success, %NULL on error.
82 g_unix_connection_send_fd (GUnixConnection
*connection
,
84 GCancellable
*cancellable
,
87 GSocketControlMessage
*scm
;
90 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection
), FALSE
);
91 g_return_val_if_fail (fd
>= 0, FALSE
);
93 scm
= g_unix_fd_message_new ();
95 if (!g_unix_fd_message_append_fd (G_UNIX_FD_MESSAGE (scm
), fd
, error
))
101 g_object_get (connection
, "socket", &socket
, NULL
);
102 if (g_socket_send_message (socket
, NULL
, NULL
, 0, &scm
, 1, 0, cancellable
, error
) != 1)
103 /* XXX could it 'fail' with zero? */
105 g_object_unref (socket
);
106 g_object_unref (scm
);
111 g_object_unref (socket
);
112 g_object_unref (scm
);
118 * g_unix_connection_receive_fd:
119 * @connection: a #GUnixConnection
120 * @cancellable: (allow-none): optional #GCancellable object, %NULL to ignore
121 * @error: (allow-none): #GError for error reporting, or %NULL to ignore
123 * Receives a file descriptor from the sending end of the connection.
124 * The sending end has to call g_unix_connection_send_fd() for this
127 * As well as reading the fd this also reads a single byte from the
128 * stream, as this is required for fd passing to work on some
131 * Returns: a file descriptor on success, -1 on error.
136 g_unix_connection_receive_fd (GUnixConnection
*connection
,
137 GCancellable
*cancellable
,
140 GSocketControlMessage
**scms
;
141 gint
*fds
, nfd
, fd
, nscm
;
142 GUnixFDMessage
*fdmsg
;
145 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection
), -1);
147 g_object_get (connection
, "socket", &socket
, NULL
);
148 if (g_socket_receive_message (socket
, NULL
, NULL
, 0,
149 &scms
, &nscm
, NULL
, cancellable
, error
) != 1)
150 /* XXX it _could_ 'fail' with zero. */
152 g_object_unref (socket
);
157 g_object_unref (socket
);
163 g_set_error (error
, G_IO_ERROR
, G_IO_ERROR_FAILED
,
164 _("Expecting 1 control message, got %d"), nscm
);
166 for (i
= 0; i
< nscm
; i
++)
167 g_object_unref (scms
[i
]);
174 if (!G_IS_UNIX_FD_MESSAGE (scms
[0]))
176 g_set_error_literal (error
, G_IO_ERROR
, G_IO_ERROR_FAILED
,
177 _("Unexpected type of ancillary data"));
178 g_object_unref (scms
[0]);
184 fdmsg
= G_UNIX_FD_MESSAGE (scms
[0]);
187 fds
= g_unix_fd_message_steal_fds (fdmsg
, &nfd
);
188 g_object_unref (fdmsg
);
194 g_set_error (error
, G_IO_ERROR
, G_IO_ERROR_FAILED
,
195 _("Expecting one fd, but got %d\n"), nfd
);
197 for (i
= 0; i
< nfd
; i
++)
210 g_set_error_literal (error
, G_IO_ERROR
, G_IO_ERROR_FAILED
,
211 _("Received invalid fd"));
219 g_unix_connection_init (GUnixConnection
*connection
)
224 g_unix_connection_class_init (GUnixConnectionClass
*class)
228 /* TODO: Other stuff we might want to add are:
229 void g_unix_connection_send_fd_async (GUnixConnection *connection,
233 GAsyncReadyCallback callback,
235 gboolean g_unix_connection_send_fd_finish (GUnixConnection *connection,
238 gboolean g_unix_connection_send_fds (GUnixConnection *connection,
242 void g_unix_connection_send_fds_async (GUnixConnection *connection,
246 GAsyncReadyCallback callback,
248 gboolean g_unix_connection_send_fds_finish (GUnixConnection *connection,
251 void g_unix_connection_receive_fd_async (GUnixConnection *connection,
253 GAsyncReadyCallback callback,
255 gint g_unix_connection_receive_fd_finish (GUnixConnection *connection,
259 gboolean g_unix_connection_send_credentials (GUnixConnection *connection,
261 void g_unix_connection_send_credentials_async (GUnixConnection *connection,
263 GAsyncReadyCallback callback,
265 gboolean g_unix_connection_send_credentials_finish (GUnixConnection *connection,
268 gboolean g_unix_connection_send_fake_credentials (GUnixConnection *connection,
273 void g_unix_connection_send_fake_credentials_async (GUnixConnection *connection,
278 GAsyncReadyCallback callback,
280 gboolean g_unix_connection_send_fake_credentials_finish (GUnixConnection *connection,
283 gboolean g_unix_connection_receive_credentials (GUnixConnection *connection,
288 void g_unix_connection_receive_credentials_async (GUnixConnection *connection,
290 GAsyncReadyCallback callback,
292 gboolean g_unix_connection_receive_credentials_finish (GUnixConnection *connection,
298 gboolean g_unix_connection_create_pair (GUnixConnection **one,
299 GUnixConnection **two,
305 * g_unix_connection_send_credentials:
306 * @connection: A #GUnixConnection.
307 * @cancellable: (allow-none): A #GCancellable or %NULL.
308 * @error: Return location for error or %NULL.
310 * Passes the credentials of the current user the receiving side
311 * of the connection. The receiving end has to call
312 * g_unix_connection_receive_credentials() (or similar) to accept the
315 * As well as sending the credentials this also writes a single NUL
316 * byte to the stream, as this is required for credentials passing to
317 * work on some implementations.
319 * Other ways to exchange credentials with a foreign peer includes the
320 * #GUnixCredentialsMessage type and g_socket_get_credentials() function.
322 * Returns: %TRUE on success, %FALSE if @error is set.
327 g_unix_connection_send_credentials (GUnixConnection
*connection
,
328 GCancellable
*cancellable
,
331 GCredentials
*credentials
;
332 GSocketControlMessage
*scm
;
335 GOutputVector vector
;
336 guchar nul_byte
[1] = {'\0'};
339 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection
), FALSE
);
340 g_return_val_if_fail (error
== NULL
|| *error
== NULL
, FALSE
);
344 credentials
= g_credentials_new ();
346 vector
.buffer
= &nul_byte
;
349 if (g_unix_credentials_message_is_supported ())
351 scm
= g_unix_credentials_message_new_with_credentials (credentials
);
360 g_object_get (connection
, "socket", &socket
, NULL
);
361 if (g_socket_send_message (socket
,
371 g_prefix_error (error
, _("Error sending credentials: "));
378 g_object_unref (socket
);
380 g_object_unref (scm
);
381 g_object_unref (credentials
);
386 * g_unix_connection_receive_credentials:
387 * @connection: A #GUnixConnection.
388 * @cancellable: (allow-none): A #GCancellable or %NULL.
389 * @error: Return location for error or %NULL.
391 * Receives credentials from the sending end of the connection. The
392 * sending end has to call g_unix_connection_send_credentials() (or
393 * similar) for this to work.
395 * As well as reading the credentials this also reads (and discards) a
396 * single byte from the stream, as this is required for credentials
397 * passing to work on some implementations.
399 * Other ways to exchange credentials with a foreign peer includes the
400 * #GUnixCredentialsMessage type and g_socket_get_credentials() function.
402 * Returns: (transfer full): Received credentials on success (free with
403 * g_object_unref()), %NULL if @error is set.
408 g_unix_connection_receive_credentials (GUnixConnection
*connection
,
409 GCancellable
*cancellable
,
413 GSocketControlMessage
**scms
;
417 volatile GType credentials_message_gtype
;
418 gssize num_bytes_read
;
420 gboolean turn_off_so_passcreds
;
423 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection
), NULL
);
424 g_return_val_if_fail (error
== NULL
|| *error
== NULL
, NULL
);
429 g_object_get (connection
, "socket", &socket
, NULL
);
431 /* On Linux, we need to turn on SO_PASSCRED if it isn't enabled
432 * already. We also need to turn it off when we're done. See
433 * #617483 for more discussion.
440 turn_off_so_passcreds
= FALSE
;
442 opt_len
= sizeof (gint
);
443 if (getsockopt (g_socket_get_fd (socket
),
451 g_io_error_from_errno (errno
),
452 _("Error checking if SO_PASSCRED is enabled for socket: %s"),
456 if (opt_len
!= sizeof (gint
))
461 _("Unexpected option length while checking if SO_PASSCRED is enabled for socket. "
462 "Expected %d bytes, got %d"),
463 (gint
) sizeof (gint
), (gint
) opt_len
);
469 if (setsockopt (g_socket_get_fd (socket
),
473 sizeof opt_val
) != 0)
477 g_io_error_from_errno (errno
),
478 _("Error enabling SO_PASSCRED: %s"),
482 turn_off_so_passcreds
= TRUE
;
487 /* ensure the type of GUnixCredentialsMessage has been registered with the type system */
488 credentials_message_gtype
= G_TYPE_UNIX_CREDENTIALS_MESSAGE
;
489 (credentials_message_gtype
); /* To avoid -Wunused-but-set-variable */
490 num_bytes_read
= g_socket_receive_message (socket
,
491 NULL
, /* GSocketAddress **address */
499 if (num_bytes_read
!= 1)
501 /* Handle situation where g_socket_receive_message() returns
502 * 0 bytes and not setting @error
504 if (num_bytes_read
== 0 && error
!= NULL
&& *error
== NULL
)
506 g_set_error_literal (error
,
509 _("Expecting to read a single byte for receiving credentials but read zero bytes"));
514 if (g_unix_credentials_message_is_supported ())
521 _("Expecting 1 control message, got %d"),
526 if (!G_IS_UNIX_CREDENTIALS_MESSAGE (scms
[0]))
528 g_set_error_literal (error
,
531 _("Unexpected type of ancillary data"));
535 ret
= g_unix_credentials_message_get_credentials (G_UNIX_CREDENTIALS_MESSAGE (scms
[0]));
545 _("Not expecting control message, but got %d"),
551 ret
= g_socket_get_credentials (socket
, error
);
558 if (turn_off_so_passcreds
)
562 if (setsockopt (g_socket_get_fd (socket
),
566 sizeof opt_val
) != 0)
570 g_io_error_from_errno (errno
),
571 _("Error while disabling SO_PASSCRED: %s"),
580 for (n
= 0; n
< nscm
; n
++)
581 g_object_unref (scms
[n
]);
584 g_object_unref (socket
);