Check for overflow when allocating RcBox
[glib.git] / gio / gdbusauthobserver.c
blob34758aa2061df0e3087e98214da43297885e6ade
1 /* GDBus - GLib D-Bus Library
3 * Copyright (C) 2008-2010 Red Hat, Inc.
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General
16 * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
18 * Author: David Zeuthen <davidz@redhat.com>
21 #include "config.h"
23 #include "gdbusauthobserver.h"
24 #include "gcredentials.h"
25 #include "gioenumtypes.h"
26 #include "giostream.h"
27 #include "gdbusprivate.h"
29 #include "glibintl.h"
31 /**
32 * SECTION:gdbusauthobserver
33 * @short_description: Object used for authenticating connections
34 * @include: gio/gio.h
36 * The #GDBusAuthObserver type provides a mechanism for participating
37 * in how a #GDBusServer (or a #GDBusConnection) authenticates remote
38 * peers. Simply instantiate a #GDBusAuthObserver and connect to the
39 * signals you are interested in. Note that new signals may be added
40 * in the future
42 * ## Controlling Authentication # {#auth-observer}
44 * For example, if you only want to allow D-Bus connections from
45 * processes owned by the same uid as the server, you would use a
46 * signal handler like the following:
48 * |[<!-- language="C" -->
49 * static gboolean
50 * on_authorize_authenticated_peer (GDBusAuthObserver *observer,
51 * GIOStream *stream,
52 * GCredentials *credentials,
53 * gpointer user_data)
54 * {
55 * gboolean authorized;
57 * authorized = FALSE;
58 * if (credentials != NULL)
59 * {
60 * GCredentials *own_credentials;
61 * own_credentials = g_credentials_new ();
62 * if (g_credentials_is_same_user (credentials, own_credentials, NULL))
63 * authorized = TRUE;
64 * g_object_unref (own_credentials);
65 * }
67 * return authorized;
68 * }
69 * ]|
72 typedef struct _GDBusAuthObserverClass GDBusAuthObserverClass;
74 /**
75 * GDBusAuthObserverClass:
76 * @authorize_authenticated_peer: Signal class handler for the #GDBusAuthObserver::authorize-authenticated-peer signal.
78 * Class structure for #GDBusAuthObserverClass.
80 * Since: 2.26
82 struct _GDBusAuthObserverClass
84 /*< private >*/
85 GObjectClass parent_class;
87 /*< public >*/
89 /* Signals */
90 gboolean (*authorize_authenticated_peer) (GDBusAuthObserver *observer,
91 GIOStream *stream,
92 GCredentials *credentials);
94 gboolean (*allow_mechanism) (GDBusAuthObserver *observer,
95 const gchar *mechanism);
98 /**
99 * GDBusAuthObserver:
101 * The #GDBusAuthObserver structure contains only private data and
102 * should only be accessed using the provided API.
104 * Since: 2.26
106 struct _GDBusAuthObserver
108 GObject parent_instance;
111 enum
113 AUTHORIZE_AUTHENTICATED_PEER_SIGNAL,
114 ALLOW_MECHANISM_SIGNAL,
115 LAST_SIGNAL,
118 static guint signals[LAST_SIGNAL] = { 0 };
120 G_DEFINE_TYPE (GDBusAuthObserver, g_dbus_auth_observer, G_TYPE_OBJECT)
122 /* ---------------------------------------------------------------------------------------------------- */
124 static void
125 g_dbus_auth_observer_finalize (GObject *object)
127 G_OBJECT_CLASS (g_dbus_auth_observer_parent_class)->finalize (object);
130 static gboolean
131 g_dbus_auth_observer_authorize_authenticated_peer_real (GDBusAuthObserver *observer,
132 GIOStream *stream,
133 GCredentials *credentials)
135 return TRUE;
138 static gboolean
139 g_dbus_auth_observer_allow_mechanism_real (GDBusAuthObserver *observer,
140 const gchar *mechanism)
142 return TRUE;
145 static void
146 g_dbus_auth_observer_class_init (GDBusAuthObserverClass *klass)
148 GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
150 gobject_class->finalize = g_dbus_auth_observer_finalize;
152 klass->authorize_authenticated_peer = g_dbus_auth_observer_authorize_authenticated_peer_real;
153 klass->allow_mechanism = g_dbus_auth_observer_allow_mechanism_real;
156 * GDBusAuthObserver::authorize-authenticated-peer:
157 * @observer: The #GDBusAuthObserver emitting the signal.
158 * @stream: A #GIOStream for the #GDBusConnection.
159 * @credentials: (nullable): Credentials received from the peer or %NULL.
161 * Emitted to check if a peer that is successfully authenticated
162 * is authorized.
164 * Returns: %TRUE if the peer is authorized, %FALSE if not.
166 * Since: 2.26
168 signals[AUTHORIZE_AUTHENTICATED_PEER_SIGNAL] =
169 g_signal_new (I_("authorize-authenticated-peer"),
170 G_TYPE_DBUS_AUTH_OBSERVER,
171 G_SIGNAL_RUN_LAST,
172 G_STRUCT_OFFSET (GDBusAuthObserverClass, authorize_authenticated_peer),
173 _g_signal_accumulator_false_handled,
174 NULL, /* accu_data */
175 NULL,
176 G_TYPE_BOOLEAN,
178 G_TYPE_IO_STREAM,
179 G_TYPE_CREDENTIALS);
182 * GDBusAuthObserver::allow-mechanism:
183 * @observer: The #GDBusAuthObserver emitting the signal.
184 * @mechanism: The name of the mechanism, e.g. `DBUS_COOKIE_SHA1`.
186 * Emitted to check if @mechanism is allowed to be used.
188 * Returns: %TRUE if @mechanism can be used to authenticate the other peer, %FALSE if not.
190 * Since: 2.34
192 signals[ALLOW_MECHANISM_SIGNAL] =
193 g_signal_new (I_("allow-mechanism"),
194 G_TYPE_DBUS_AUTH_OBSERVER,
195 G_SIGNAL_RUN_LAST,
196 G_STRUCT_OFFSET (GDBusAuthObserverClass, allow_mechanism),
197 _g_signal_accumulator_false_handled,
198 NULL, /* accu_data */
199 NULL,
200 G_TYPE_BOOLEAN,
202 G_TYPE_STRING);
205 static void
206 g_dbus_auth_observer_init (GDBusAuthObserver *observer)
211 * g_dbus_auth_observer_new:
213 * Creates a new #GDBusAuthObserver object.
215 * Returns: A #GDBusAuthObserver. Free with g_object_unref().
217 * Since: 2.26
219 GDBusAuthObserver *
220 g_dbus_auth_observer_new (void)
222 return g_object_new (G_TYPE_DBUS_AUTH_OBSERVER, NULL);
225 /* ---------------------------------------------------------------------------------------------------- */
228 * g_dbus_auth_observer_authorize_authenticated_peer:
229 * @observer: A #GDBusAuthObserver.
230 * @stream: A #GIOStream for the #GDBusConnection.
231 * @credentials: (nullable): Credentials received from the peer or %NULL.
233 * Emits the #GDBusAuthObserver::authorize-authenticated-peer signal on @observer.
235 * Returns: %TRUE if the peer is authorized, %FALSE if not.
237 * Since: 2.26
239 gboolean
240 g_dbus_auth_observer_authorize_authenticated_peer (GDBusAuthObserver *observer,
241 GIOStream *stream,
242 GCredentials *credentials)
244 gboolean denied;
246 denied = FALSE;
247 g_signal_emit (observer,
248 signals[AUTHORIZE_AUTHENTICATED_PEER_SIGNAL],
250 stream,
251 credentials,
252 &denied);
253 return denied;
257 * g_dbus_auth_observer_allow_mechanism:
258 * @observer: A #GDBusAuthObserver.
259 * @mechanism: The name of the mechanism, e.g. `DBUS_COOKIE_SHA1`.
261 * Emits the #GDBusAuthObserver::allow-mechanism signal on @observer.
263 * Returns: %TRUE if @mechanism can be used to authenticate the other peer, %FALSE if not.
265 * Since: 2.34
267 gboolean
268 g_dbus_auth_observer_allow_mechanism (GDBusAuthObserver *observer,
269 const gchar *mechanism)
271 gboolean ret;
273 ret = FALSE;
274 g_signal_emit (observer,
275 signals[ALLOW_MECHANISM_SIGNAL],
277 mechanism,
278 &ret);
279 return ret;