1 /* GDBus - GLib D-Bus Library
3 * Copyright (C) 2008-2010 Red Hat, Inc.
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General
16 * Public License along with this library; if not, write to the
17 * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
18 * Boston, MA 02111-1307, USA.
20 * Author: David Zeuthen <davidz@redhat.com>
26 #include <sys/types.h>
31 #include "gdbusauthmechanismexternal.h"
32 #include "gcredentials.h"
33 #include "gdbuserror.h"
34 #include "gioenumtypes.h"
38 struct _GDBusAuthMechanismExternalPrivate
42 GDBusAuthMechanismState state
;
45 static gint
mechanism_get_priority (void);
46 static const gchar
*mechanism_get_name (void);
48 static gboolean
mechanism_is_supported (GDBusAuthMechanism
*mechanism
);
49 static gchar
*mechanism_encode_data (GDBusAuthMechanism
*mechanism
,
53 static gchar
*mechanism_decode_data (GDBusAuthMechanism
*mechanism
,
57 static GDBusAuthMechanismState
mechanism_server_get_state (GDBusAuthMechanism
*mechanism
);
58 static void mechanism_server_initiate (GDBusAuthMechanism
*mechanism
,
59 const gchar
*initial_response
,
60 gsize initial_response_len
);
61 static void mechanism_server_data_receive (GDBusAuthMechanism
*mechanism
,
64 static gchar
*mechanism_server_data_send (GDBusAuthMechanism
*mechanism
,
66 static gchar
*mechanism_server_get_reject_reason (GDBusAuthMechanism
*mechanism
);
67 static void mechanism_server_shutdown (GDBusAuthMechanism
*mechanism
);
68 static GDBusAuthMechanismState
mechanism_client_get_state (GDBusAuthMechanism
*mechanism
);
69 static gchar
*mechanism_client_initiate (GDBusAuthMechanism
*mechanism
,
70 gsize
*out_initial_response_len
);
71 static void mechanism_client_data_receive (GDBusAuthMechanism
*mechanism
,
74 static gchar
*mechanism_client_data_send (GDBusAuthMechanism
*mechanism
,
76 static void mechanism_client_shutdown (GDBusAuthMechanism
*mechanism
);
78 /* ---------------------------------------------------------------------------------------------------- */
80 G_DEFINE_TYPE (GDBusAuthMechanismExternal
, _g_dbus_auth_mechanism_external
, G_TYPE_DBUS_AUTH_MECHANISM
);
82 /* ---------------------------------------------------------------------------------------------------- */
85 _g_dbus_auth_mechanism_external_finalize (GObject
*object
)
87 //GDBusAuthMechanismExternal *mechanism = G_DBUS_AUTH_MECHANISM_EXTERNAL (object);
89 if (G_OBJECT_CLASS (_g_dbus_auth_mechanism_external_parent_class
)->finalize
!= NULL
)
90 G_OBJECT_CLASS (_g_dbus_auth_mechanism_external_parent_class
)->finalize (object
);
94 _g_dbus_auth_mechanism_external_class_init (GDBusAuthMechanismExternalClass
*klass
)
96 GObjectClass
*gobject_class
;
97 GDBusAuthMechanismClass
*mechanism_class
;
99 g_type_class_add_private (klass
, sizeof (GDBusAuthMechanismExternalPrivate
));
101 gobject_class
= G_OBJECT_CLASS (klass
);
102 gobject_class
->finalize
= _g_dbus_auth_mechanism_external_finalize
;
104 mechanism_class
= G_DBUS_AUTH_MECHANISM_CLASS (klass
);
105 mechanism_class
->get_name
= mechanism_get_name
;
106 mechanism_class
->get_priority
= mechanism_get_priority
;
107 mechanism_class
->is_supported
= mechanism_is_supported
;
108 mechanism_class
->encode_data
= mechanism_encode_data
;
109 mechanism_class
->decode_data
= mechanism_decode_data
;
110 mechanism_class
->server_get_state
= mechanism_server_get_state
;
111 mechanism_class
->server_initiate
= mechanism_server_initiate
;
112 mechanism_class
->server_data_receive
= mechanism_server_data_receive
;
113 mechanism_class
->server_data_send
= mechanism_server_data_send
;
114 mechanism_class
->server_get_reject_reason
= mechanism_server_get_reject_reason
;
115 mechanism_class
->server_shutdown
= mechanism_server_shutdown
;
116 mechanism_class
->client_get_state
= mechanism_client_get_state
;
117 mechanism_class
->client_initiate
= mechanism_client_initiate
;
118 mechanism_class
->client_data_receive
= mechanism_client_data_receive
;
119 mechanism_class
->client_data_send
= mechanism_client_data_send
;
120 mechanism_class
->client_shutdown
= mechanism_client_shutdown
;
124 _g_dbus_auth_mechanism_external_init (GDBusAuthMechanismExternal
*mechanism
)
126 mechanism
->priv
= G_TYPE_INSTANCE_GET_PRIVATE (mechanism
,
127 G_TYPE_DBUS_AUTH_MECHANISM_EXTERNAL
,
128 GDBusAuthMechanismExternalPrivate
);
131 /* ---------------------------------------------------------------------------------------------------- */
134 mechanism_is_supported (GDBusAuthMechanism
*mechanism
)
136 g_return_val_if_fail (G_IS_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
), FALSE
);
137 /* This mechanism is only available if credentials has been exchanged */
138 if (_g_dbus_auth_mechanism_get_credentials (mechanism
) != NULL
)
145 mechanism_get_priority (void)
147 /* We prefer EXTERNAL to most other mechanism (DBUS_COOKIE_SHA1 and ANONYMOUS) */
152 mechanism_get_name (void)
158 mechanism_encode_data (GDBusAuthMechanism
*mechanism
,
168 mechanism_decode_data (GDBusAuthMechanism
*mechanism
,
176 /* ---------------------------------------------------------------------------------------------------- */
178 static GDBusAuthMechanismState
179 mechanism_server_get_state (GDBusAuthMechanism
*mechanism
)
181 GDBusAuthMechanismExternal
*m
= G_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
);
183 g_return_val_if_fail (G_IS_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
), G_DBUS_AUTH_MECHANISM_STATE_INVALID
);
184 g_return_val_if_fail (m
->priv
->is_server
&& !m
->priv
->is_client
, G_DBUS_AUTH_MECHANISM_STATE_INVALID
);
186 return m
->priv
->state
;
190 data_matches_credentials (const gchar
*data
,
191 GCredentials
*credentials
)
197 if (credentials
== NULL
)
200 if (data
== NULL
|| strlen (data
) == 0)
203 #if defined(G_OS_UNIX)
208 /* on UNIX, this is the uid as a string in base 10 */
209 alleged_uid
= g_ascii_strtoll (data
, &endp
, 10);
212 if (g_credentials_get_unix_user (credentials
, NULL
) == alleged_uid
)
219 /* TODO: Dont know how to compare credentials on this OS. Please implement. */
227 mechanism_server_initiate (GDBusAuthMechanism
*mechanism
,
228 const gchar
*initial_response
,
229 gsize initial_response_len
)
231 GDBusAuthMechanismExternal
*m
= G_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
);
233 g_return_if_fail (G_IS_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
));
234 g_return_if_fail (!m
->priv
->is_server
&& !m
->priv
->is_client
);
236 m
->priv
->is_server
= TRUE
;
238 if (initial_response
!= NULL
)
240 if (data_matches_credentials (initial_response
, _g_dbus_auth_mechanism_get_credentials (mechanism
)))
242 m
->priv
->state
= G_DBUS_AUTH_MECHANISM_STATE_ACCEPTED
;
246 m
->priv
->state
= G_DBUS_AUTH_MECHANISM_STATE_REJECTED
;
251 m
->priv
->state
= G_DBUS_AUTH_MECHANISM_STATE_WAITING_FOR_DATA
;
256 mechanism_server_data_receive (GDBusAuthMechanism
*mechanism
,
260 GDBusAuthMechanismExternal
*m
= G_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
);
262 g_return_if_fail (G_IS_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
));
263 g_return_if_fail (m
->priv
->is_server
&& !m
->priv
->is_client
);
264 g_return_if_fail (m
->priv
->state
== G_DBUS_AUTH_MECHANISM_STATE_WAITING_FOR_DATA
);
266 if (data_matches_credentials (data
, _g_dbus_auth_mechanism_get_credentials (mechanism
)))
268 m
->priv
->state
= G_DBUS_AUTH_MECHANISM_STATE_ACCEPTED
;
272 m
->priv
->state
= G_DBUS_AUTH_MECHANISM_STATE_REJECTED
;
277 mechanism_server_data_send (GDBusAuthMechanism
*mechanism
,
280 GDBusAuthMechanismExternal
*m
= G_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
);
282 g_return_val_if_fail (G_IS_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
), NULL
);
283 g_return_val_if_fail (m
->priv
->is_server
&& !m
->priv
->is_client
, NULL
);
284 g_return_val_if_fail (m
->priv
->state
== G_DBUS_AUTH_MECHANISM_STATE_HAVE_DATA_TO_SEND
, NULL
);
286 /* can never end up here because we are never in the HAVE_DATA_TO_SEND state */
287 g_assert_not_reached ();
293 mechanism_server_get_reject_reason (GDBusAuthMechanism
*mechanism
)
295 GDBusAuthMechanismExternal
*m
= G_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
);
297 g_return_val_if_fail (G_IS_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
), NULL
);
298 g_return_val_if_fail (m
->priv
->is_server
&& !m
->priv
->is_client
, NULL
);
299 g_return_val_if_fail (m
->priv
->state
== G_DBUS_AUTH_MECHANISM_STATE_REJECTED
, NULL
);
301 /* can never end up here because we are never in the REJECTED state */
302 g_assert_not_reached ();
308 mechanism_server_shutdown (GDBusAuthMechanism
*mechanism
)
310 GDBusAuthMechanismExternal
*m
= G_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
);
312 g_return_if_fail (G_IS_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
));
313 g_return_if_fail (m
->priv
->is_server
&& !m
->priv
->is_client
);
315 m
->priv
->is_server
= FALSE
;
318 /* ---------------------------------------------------------------------------------------------------- */
320 static GDBusAuthMechanismState
321 mechanism_client_get_state (GDBusAuthMechanism
*mechanism
)
323 GDBusAuthMechanismExternal
*m
= G_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
);
325 g_return_val_if_fail (G_IS_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
), G_DBUS_AUTH_MECHANISM_STATE_INVALID
);
326 g_return_val_if_fail (m
->priv
->is_client
&& !m
->priv
->is_server
, G_DBUS_AUTH_MECHANISM_STATE_INVALID
);
328 return m
->priv
->state
;
332 mechanism_client_initiate (GDBusAuthMechanism
*mechanism
,
333 gsize
*out_initial_response_len
)
335 GDBusAuthMechanismExternal
*m
= G_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
);
336 gchar
*initial_response
;
337 GCredentials
*credentials
;
339 g_return_val_if_fail (G_IS_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
), NULL
);
340 g_return_val_if_fail (!m
->priv
->is_server
&& !m
->priv
->is_client
, NULL
);
342 m
->priv
->is_client
= TRUE
;
343 m
->priv
->state
= G_DBUS_AUTH_MECHANISM_STATE_ACCEPTED
;
345 *out_initial_response_len
= -1;
347 credentials
= _g_dbus_auth_mechanism_get_credentials (mechanism
);
348 g_assert (credentials
!= NULL
);
351 #if defined(G_OS_UNIX)
352 initial_response
= g_strdup_printf ("%" G_GINT64_FORMAT
, (gint64
) g_credentials_get_unix_user (credentials
, NULL
));
353 #elif defined(G_OS_WIN32)
355 #warning Dont know how to send credentials on this OS. The EXTERNAL D-Bus authentication mechanism will not work.
357 m
->priv
->state
= G_DBUS_AUTH_MECHANISM_STATE_REJECTED
;
359 return initial_response
;
363 mechanism_client_data_receive (GDBusAuthMechanism
*mechanism
,
367 GDBusAuthMechanismExternal
*m
= G_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
);
369 g_return_if_fail (G_IS_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
));
370 g_return_if_fail (m
->priv
->is_client
&& !m
->priv
->is_server
);
371 g_return_if_fail (m
->priv
->state
== G_DBUS_AUTH_MECHANISM_STATE_WAITING_FOR_DATA
);
373 /* can never end up here because we are never in the WAITING_FOR_DATA state */
374 g_assert_not_reached ();
378 mechanism_client_data_send (GDBusAuthMechanism
*mechanism
,
381 GDBusAuthMechanismExternal
*m
= G_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
);
383 g_return_val_if_fail (G_IS_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
), NULL
);
384 g_return_val_if_fail (m
->priv
->is_client
&& !m
->priv
->is_server
, NULL
);
385 g_return_val_if_fail (m
->priv
->state
== G_DBUS_AUTH_MECHANISM_STATE_HAVE_DATA_TO_SEND
, NULL
);
387 /* can never end up here because we are never in the HAVE_DATA_TO_SEND state */
388 g_assert_not_reached ();
394 mechanism_client_shutdown (GDBusAuthMechanism
*mechanism
)
396 GDBusAuthMechanismExternal
*m
= G_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
);
398 g_return_if_fail (G_IS_DBUS_AUTH_MECHANISM_EXTERNAL (mechanism
));
399 g_return_if_fail (m
->priv
->is_client
&& !m
->priv
->is_server
);
401 m
->priv
->is_client
= FALSE
;
404 /* ---------------------------------------------------------------------------------------------------- */