Merge branch '976-disable-assert-checks' into 'master'
[glib.git] / gio / gunixconnection.c
blobc85ac365010e38c824fb3bf076a1b37dc0bde7b5
1 /* GIO - GLib Input, Output and Streaming Library
3 * Copyright © 2009 Codethink Limited
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
10 * See the included COPYING file for more information.
12 * Authors: Ryan Lortie <desrt@desrt.ca>
15 #include "config.h"
17 #include "gunixconnection.h"
18 #include "gnetworking.h"
19 #include "gsocket.h"
20 #include "gsocketcontrolmessage.h"
21 #include "gunixcredentialsmessage.h"
22 #include "gunixfdmessage.h"
23 #include "glibintl.h"
25 #include <errno.h>
26 #include <string.h>
27 #include <unistd.h>
29 /**
30 * SECTION:gunixconnection
31 * @title: GUnixConnection
32 * @short_description: A UNIX domain GSocketConnection
33 * @include: gio/gunixconnection.h
34 * @see_also: #GSocketConnection.
36 * This is the subclass of #GSocketConnection that is created
37 * for UNIX domain sockets.
39 * It contains functions to do some of the UNIX socket specific
40 * functionality like passing file descriptors.
42 * Note that `<gio/gunixconnection.h>` belongs to the UNIX-specific
43 * GIO interfaces, thus you have to use the `gio-unix-2.0.pc`
44 * pkg-config file when using it.
46 * Since: 2.22
49 /**
50 * GUnixConnection:
52 * #GUnixConnection is an opaque data structure and can only be accessed
53 * using the following functions.
54 **/
56 G_DEFINE_TYPE_WITH_CODE (GUnixConnection, g_unix_connection,
57 G_TYPE_SOCKET_CONNECTION,
58 g_socket_connection_factory_register_type (g_define_type_id,
59 G_SOCKET_FAMILY_UNIX,
60 G_SOCKET_TYPE_STREAM,
61 G_SOCKET_PROTOCOL_DEFAULT);
64 /**
65 * g_unix_connection_send_fd:
66 * @connection: a #GUnixConnection
67 * @fd: a file descriptor
68 * @cancellable: (nullable): optional #GCancellable object, %NULL to ignore.
69 * @error: (nullable): #GError for error reporting, or %NULL to ignore.
71 * Passes a file descriptor to the receiving side of the
72 * connection. The receiving end has to call g_unix_connection_receive_fd()
73 * to accept the file descriptor.
75 * As well as sending the fd this also writes a single byte to the
76 * stream, as this is required for fd passing to work on some
77 * implementations.
79 * Returns: a %TRUE on success, %NULL on error.
81 * Since: 2.22
83 gboolean
84 g_unix_connection_send_fd (GUnixConnection *connection,
85 gint fd,
86 GCancellable *cancellable,
87 GError **error)
89 GSocketControlMessage *scm;
90 GSocket *socket;
92 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection), FALSE);
93 g_return_val_if_fail (fd >= 0, FALSE);
95 scm = g_unix_fd_message_new ();
97 if (!g_unix_fd_message_append_fd (G_UNIX_FD_MESSAGE (scm), fd, error))
99 g_object_unref (scm);
100 return FALSE;
103 g_object_get (connection, "socket", &socket, NULL);
104 if (g_socket_send_message (socket, NULL, NULL, 0, &scm, 1, 0, cancellable, error) != 1)
105 /* XXX could it 'fail' with zero? */
107 g_object_unref (socket);
108 g_object_unref (scm);
110 return FALSE;
113 g_object_unref (socket);
114 g_object_unref (scm);
116 return TRUE;
120 * g_unix_connection_receive_fd:
121 * @connection: a #GUnixConnection
122 * @cancellable: (nullable): optional #GCancellable object, %NULL to ignore
123 * @error: (nullable): #GError for error reporting, or %NULL to ignore
125 * Receives a file descriptor from the sending end of the connection.
126 * The sending end has to call g_unix_connection_send_fd() for this
127 * to work.
129 * As well as reading the fd this also reads a single byte from the
130 * stream, as this is required for fd passing to work on some
131 * implementations.
133 * Returns: a file descriptor on success, -1 on error.
135 * Since: 2.22
137 gint
138 g_unix_connection_receive_fd (GUnixConnection *connection,
139 GCancellable *cancellable,
140 GError **error)
142 GSocketControlMessage **scms;
143 gint *fds, nfd, fd, nscm;
144 GUnixFDMessage *fdmsg;
145 GSocket *socket;
147 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection), -1);
149 g_object_get (connection, "socket", &socket, NULL);
150 if (g_socket_receive_message (socket, NULL, NULL, 0,
151 &scms, &nscm, NULL, cancellable, error) != 1)
152 /* XXX it _could_ 'fail' with zero. */
154 g_object_unref (socket);
156 return -1;
159 g_object_unref (socket);
161 if (nscm != 1)
163 gint i;
165 g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
166 ngettext("Expecting 1 control message, got %d",
167 "Expecting 1 control message, got %d",
168 nscm),
169 nscm);
171 for (i = 0; i < nscm; i++)
172 g_object_unref (scms[i]);
174 g_free (scms);
176 return -1;
179 if (!G_IS_UNIX_FD_MESSAGE (scms[0]))
181 g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
182 _("Unexpected type of ancillary data"));
183 g_object_unref (scms[0]);
184 g_free (scms);
186 return -1;
189 fdmsg = G_UNIX_FD_MESSAGE (scms[0]);
190 g_free (scms);
192 fds = g_unix_fd_message_steal_fds (fdmsg, &nfd);
193 g_object_unref (fdmsg);
195 if (nfd != 1)
197 gint i;
199 g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
200 ngettext("Expecting one fd, but got %d\n",
201 "Expecting one fd, but got %d\n",
202 nfd),
203 nfd);
205 for (i = 0; i < nfd; i++)
206 close (fds[i]);
208 g_free (fds);
210 return -1;
213 fd = *fds;
214 g_free (fds);
216 if (fd < 0)
218 g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
219 _("Received invalid fd"));
220 fd = -1;
223 return fd;
226 static void
227 g_unix_connection_init (GUnixConnection *connection)
231 static void
232 g_unix_connection_class_init (GUnixConnectionClass *class)
236 /* TODO: Other stuff we might want to add are:
237 void g_unix_connection_send_fd_async (GUnixConnection *connection,
238 gint fd,
239 gboolean close,
240 gint io_priority,
241 GAsyncReadyCallback callback,
242 gpointer user_data);
243 gboolean g_unix_connection_send_fd_finish (GUnixConnection *connection,
244 GError **error);
246 gboolean g_unix_connection_send_fds (GUnixConnection *connection,
247 gint *fds,
248 gint nfds,
249 GError **error);
250 void g_unix_connection_send_fds_async (GUnixConnection *connection,
251 gint *fds,
252 gint nfds,
253 gint io_priority,
254 GAsyncReadyCallback callback,
255 gpointer user_data);
256 gboolean g_unix_connection_send_fds_finish (GUnixConnection *connection,
257 GError **error);
259 void g_unix_connection_receive_fd_async (GUnixConnection *connection,
260 gint io_priority,
261 GAsyncReadyCallback callback,
262 gpointer user_data);
263 gint g_unix_connection_receive_fd_finish (GUnixConnection *connection,
264 GError **error);
267 gboolean g_unix_connection_send_fake_credentials (GUnixConnection *connection,
268 guint64 pid,
269 guint64 uid,
270 guint64 gid,
271 GError **error);
272 void g_unix_connection_send_fake_credentials_async (GUnixConnection *connection,
273 guint64 pid,
274 guint64 uid,
275 guint64 gid,
276 gint io_priority,
277 GAsyncReadyCallback callback,
278 gpointer user_data);
279 gboolean g_unix_connection_send_fake_credentials_finish (GUnixConnection *connection,
280 GError **error);
282 gboolean g_unix_connection_create_pair (GUnixConnection **one,
283 GUnixConnection **two,
284 GError **error);
289 * g_unix_connection_send_credentials:
290 * @connection: A #GUnixConnection.
291 * @cancellable: (nullable): A #GCancellable or %NULL.
292 * @error: Return location for error or %NULL.
294 * Passes the credentials of the current user the receiving side
295 * of the connection. The receiving end has to call
296 * g_unix_connection_receive_credentials() (or similar) to accept the
297 * credentials.
299 * As well as sending the credentials this also writes a single NUL
300 * byte to the stream, as this is required for credentials passing to
301 * work on some implementations.
303 * Other ways to exchange credentials with a foreign peer includes the
304 * #GUnixCredentialsMessage type and g_socket_get_credentials() function.
306 * Returns: %TRUE on success, %FALSE if @error is set.
308 * Since: 2.26
310 gboolean
311 g_unix_connection_send_credentials (GUnixConnection *connection,
312 GCancellable *cancellable,
313 GError **error)
315 GCredentials *credentials;
316 GSocketControlMessage *scm;
317 GSocket *socket;
318 gboolean ret;
319 GOutputVector vector;
320 guchar nul_byte[1] = {'\0'};
321 gint num_messages;
323 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection), FALSE);
324 g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
326 ret = FALSE;
328 credentials = g_credentials_new ();
330 vector.buffer = &nul_byte;
331 vector.size = 1;
333 if (g_unix_credentials_message_is_supported ())
335 scm = g_unix_credentials_message_new_with_credentials (credentials);
336 num_messages = 1;
338 else
340 scm = NULL;
341 num_messages = 0;
344 g_object_get (connection, "socket", &socket, NULL);
345 if (g_socket_send_message (socket,
346 NULL, /* address */
347 &vector,
349 &scm,
350 num_messages,
351 G_SOCKET_MSG_NONE,
352 cancellable,
353 error) != 1)
355 g_prefix_error (error, _("Error sending credentials: "));
356 goto out;
359 ret = TRUE;
361 out:
362 g_object_unref (socket);
363 if (scm != NULL)
364 g_object_unref (scm);
365 g_object_unref (credentials);
366 return ret;
369 static void
370 send_credentials_async_thread (GTask *task,
371 gpointer source_object,
372 gpointer task_data,
373 GCancellable *cancellable)
375 GError *error = NULL;
377 if (g_unix_connection_send_credentials (G_UNIX_CONNECTION (source_object),
378 cancellable,
379 &error))
380 g_task_return_boolean (task, TRUE);
381 else
382 g_task_return_error (task, error);
383 g_object_unref (task);
387 * g_unix_connection_send_credentials_async:
388 * @connection: A #GUnixConnection.
389 * @cancellable: (nullable): optional #GCancellable object, %NULL to ignore.
390 * @callback: (scope async): a #GAsyncReadyCallback to call when the request is satisfied
391 * @user_data: (closure): the data to pass to callback function
393 * Asynchronously send credentials.
395 * For more details, see g_unix_connection_send_credentials() which is
396 * the synchronous version of this call.
398 * When the operation is finished, @callback will be called. You can then call
399 * g_unix_connection_send_credentials_finish() to get the result of the operation.
401 * Since: 2.32
403 void
404 g_unix_connection_send_credentials_async (GUnixConnection *connection,
405 GCancellable *cancellable,
406 GAsyncReadyCallback callback,
407 gpointer user_data)
409 GTask *task;
411 task = g_task_new (connection, cancellable, callback, user_data);
412 g_task_set_source_tag (task, g_unix_connection_send_credentials_async);
413 g_task_run_in_thread (task, send_credentials_async_thread);
417 * g_unix_connection_send_credentials_finish:
418 * @connection: A #GUnixConnection.
419 * @result: a #GAsyncResult.
420 * @error: a #GError, or %NULL
422 * Finishes an asynchronous send credentials operation started with
423 * g_unix_connection_send_credentials_async().
425 * Returns: %TRUE if the operation was successful, otherwise %FALSE.
427 * Since: 2.32
429 gboolean
430 g_unix_connection_send_credentials_finish (GUnixConnection *connection,
431 GAsyncResult *result,
432 GError **error)
434 g_return_val_if_fail (g_task_is_valid (result, connection), FALSE);
436 return g_task_propagate_boolean (G_TASK (result), error);
440 * g_unix_connection_receive_credentials:
441 * @connection: A #GUnixConnection.
442 * @cancellable: (nullable): A #GCancellable or %NULL.
443 * @error: Return location for error or %NULL.
445 * Receives credentials from the sending end of the connection. The
446 * sending end has to call g_unix_connection_send_credentials() (or
447 * similar) for this to work.
449 * As well as reading the credentials this also reads (and discards) a
450 * single byte from the stream, as this is required for credentials
451 * passing to work on some implementations.
453 * Other ways to exchange credentials with a foreign peer includes the
454 * #GUnixCredentialsMessage type and g_socket_get_credentials() function.
456 * Returns: (transfer full): Received credentials on success (free with
457 * g_object_unref()), %NULL if @error is set.
459 * Since: 2.26
461 GCredentials *
462 g_unix_connection_receive_credentials (GUnixConnection *connection,
463 GCancellable *cancellable,
464 GError **error)
466 GCredentials *ret;
467 GSocketControlMessage **scms;
468 gint nscm;
469 GSocket *socket;
470 gint n;
471 gssize num_bytes_read;
472 #ifdef __linux__
473 gboolean turn_off_so_passcreds;
474 #endif
476 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection), NULL);
477 g_return_val_if_fail (error == NULL || *error == NULL, NULL);
479 ret = NULL;
480 scms = NULL;
482 g_object_get (connection, "socket", &socket, NULL);
484 /* On Linux, we need to turn on SO_PASSCRED if it isn't enabled
485 * already. We also need to turn it off when we're done. See
486 * #617483 for more discussion.
488 #ifdef __linux__
490 gint opt_val;
492 turn_off_so_passcreds = FALSE;
493 opt_val = 0;
494 if (!g_socket_get_option (socket,
495 SOL_SOCKET,
496 SO_PASSCRED,
497 &opt_val,
498 NULL))
500 int errsv = errno;
501 g_set_error (error,
502 G_IO_ERROR,
503 g_io_error_from_errno (errsv),
504 _("Error checking if SO_PASSCRED is enabled for socket: %s"),
505 g_strerror (errsv));
506 goto out;
508 if (opt_val == 0)
510 if (!g_socket_set_option (socket,
511 SOL_SOCKET,
512 SO_PASSCRED,
513 TRUE,
514 NULL))
516 int errsv = errno;
517 g_set_error (error,
518 G_IO_ERROR,
519 g_io_error_from_errno (errsv),
520 _("Error enabling SO_PASSCRED: %s"),
521 g_strerror (errsv));
522 goto out;
524 turn_off_so_passcreds = TRUE;
527 #endif
529 g_type_ensure (G_TYPE_UNIX_CREDENTIALS_MESSAGE);
530 num_bytes_read = g_socket_receive_message (socket,
531 NULL, /* GSocketAddress **address */
532 NULL,
534 &scms,
535 &nscm,
536 NULL,
537 cancellable,
538 error);
539 if (num_bytes_read != 1)
541 /* Handle situation where g_socket_receive_message() returns
542 * 0 bytes and not setting @error
544 if (num_bytes_read == 0 && error != NULL && *error == NULL)
546 g_set_error_literal (error,
547 G_IO_ERROR,
548 G_IO_ERROR_FAILED,
549 _("Expecting to read a single byte for receiving credentials but read zero bytes"));
551 goto out;
554 if (g_unix_credentials_message_is_supported () &&
555 /* Fall back on get_credentials if the other side didn't send the credentials */
556 nscm > 0)
558 if (nscm != 1)
560 g_set_error (error,
561 G_IO_ERROR,
562 G_IO_ERROR_FAILED,
563 ngettext("Expecting 1 control message, got %d",
564 "Expecting 1 control message, got %d",
565 nscm),
566 nscm);
567 goto out;
570 if (!G_IS_UNIX_CREDENTIALS_MESSAGE (scms[0]))
572 g_set_error_literal (error,
573 G_IO_ERROR,
574 G_IO_ERROR_FAILED,
575 _("Unexpected type of ancillary data"));
576 goto out;
579 ret = g_unix_credentials_message_get_credentials (G_UNIX_CREDENTIALS_MESSAGE (scms[0]));
580 g_object_ref (ret);
582 else
584 if (nscm != 0)
586 g_set_error (error,
587 G_IO_ERROR,
588 G_IO_ERROR_FAILED,
589 _("Not expecting control message, but got %d"),
590 nscm);
591 goto out;
593 else
595 ret = g_socket_get_credentials (socket, error);
599 out:
601 #ifdef __linux__
602 if (turn_off_so_passcreds)
604 if (!g_socket_set_option (socket,
605 SOL_SOCKET,
606 SO_PASSCRED,
607 FALSE,
608 NULL))
610 int errsv = errno;
611 g_set_error (error,
612 G_IO_ERROR,
613 g_io_error_from_errno (errsv),
614 _("Error while disabling SO_PASSCRED: %s"),
615 g_strerror (errsv));
616 goto out;
619 #endif
621 if (scms != NULL)
623 for (n = 0; n < nscm; n++)
624 g_object_unref (scms[n]);
625 g_free (scms);
627 g_object_unref (socket);
628 return ret;
631 static void
632 receive_credentials_async_thread (GTask *task,
633 gpointer source_object,
634 gpointer task_data,
635 GCancellable *cancellable)
637 GCredentials *creds;
638 GError *error = NULL;
640 creds = g_unix_connection_receive_credentials (G_UNIX_CONNECTION (source_object),
641 cancellable,
642 &error);
643 if (creds)
644 g_task_return_pointer (task, creds, g_object_unref);
645 else
646 g_task_return_error (task, error);
647 g_object_unref (task);
651 * g_unix_connection_receive_credentials_async:
652 * @connection: A #GUnixConnection.
653 * @cancellable: (nullable): optional #GCancellable object, %NULL to ignore.
654 * @callback: (scope async): a #GAsyncReadyCallback to call when the request is satisfied
655 * @user_data: (closure): the data to pass to callback function
657 * Asynchronously receive credentials.
659 * For more details, see g_unix_connection_receive_credentials() which is
660 * the synchronous version of this call.
662 * When the operation is finished, @callback will be called. You can then call
663 * g_unix_connection_receive_credentials_finish() to get the result of the operation.
665 * Since: 2.32
667 void
668 g_unix_connection_receive_credentials_async (GUnixConnection *connection,
669 GCancellable *cancellable,
670 GAsyncReadyCallback callback,
671 gpointer user_data)
673 GTask *task;
675 task = g_task_new (connection, cancellable, callback, user_data);
676 g_task_set_source_tag (task, g_unix_connection_receive_credentials_async);
677 g_task_run_in_thread (task, receive_credentials_async_thread);
681 * g_unix_connection_receive_credentials_finish:
682 * @connection: A #GUnixConnection.
683 * @result: a #GAsyncResult.
684 * @error: a #GError, or %NULL
686 * Finishes an asynchronous receive credentials operation started with
687 * g_unix_connection_receive_credentials_async().
689 * Returns: (transfer full): a #GCredentials, or %NULL on error.
690 * Free the returned object with g_object_unref().
692 * Since: 2.32
694 GCredentials *
695 g_unix_connection_receive_credentials_finish (GUnixConnection *connection,
696 GAsyncResult *result,
697 GError **error)
699 g_return_val_if_fail (g_task_is_valid (result, connection), NULL);
701 return g_task_propagate_pointer (G_TASK (result), error);