1 /* GIO - GLib Input, Output and Streaming Library
3 * Copyright © 2009 Codethink Limited
5 * This program is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU Lesser General Public License as published
7 * by the Free Software Foundation; either version 2 of the licence or (at
8 * your option) any later version.
10 * See the included COPYING file for more information.
12 * Authors: Ryan Lortie <desrt@desrt.ca>
17 #include "gunixconnection.h"
18 #include "gnetworking.h"
20 #include "gsocketcontrolmessage.h"
21 #include "gunixcredentialsmessage.h"
22 #include "gunixfdmessage.h"
30 * SECTION:gunixconnection
31 * @title: GUnixConnection
32 * @short_description: A UNIX domain GSocketConnection
33 * @include: gio/gunixconnection.h
34 * @see_also: #GSocketConnection.
36 * This is the subclass of #GSocketConnection that is created
37 * for UNIX domain sockets.
39 * It contains functions to do some of the UNIX socket specific
40 * functionality like passing file descriptors.
42 * Note that <filename><gio/gunixconnection.h></filename> belongs to
43 * the UNIX-specific GIO interfaces, thus you have to use the
44 * <filename>gio-unix-2.0.pc</filename> pkg-config file when using it.
49 G_DEFINE_TYPE_WITH_CODE (GUnixConnection
, g_unix_connection
,
50 G_TYPE_SOCKET_CONNECTION
,
51 g_socket_connection_factory_register_type (g_define_type_id
,
54 G_SOCKET_PROTOCOL_DEFAULT
);
58 * g_unix_connection_send_fd:
59 * @connection: a #GUnixConnection
60 * @fd: a file descriptor
61 * @cancellable: (allow-none): optional #GCancellable object, %NULL to ignore.
62 * @error: (allow-none): #GError for error reporting, or %NULL to ignore.
64 * Passes a file descriptor to the receiving side of the
65 * connection. The receiving end has to call g_unix_connection_receive_fd()
66 * to accept the file descriptor.
68 * As well as sending the fd this also writes a single byte to the
69 * stream, as this is required for fd passing to work on some
72 * Returns: a %TRUE on success, %NULL on error.
77 g_unix_connection_send_fd (GUnixConnection
*connection
,
79 GCancellable
*cancellable
,
82 GSocketControlMessage
*scm
;
85 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection
), FALSE
);
86 g_return_val_if_fail (fd
>= 0, FALSE
);
88 scm
= g_unix_fd_message_new ();
90 if (!g_unix_fd_message_append_fd (G_UNIX_FD_MESSAGE (scm
), fd
, error
))
96 g_object_get (connection
, "socket", &socket
, NULL
);
97 if (g_socket_send_message (socket
, NULL
, NULL
, 0, &scm
, 1, 0, cancellable
, error
) != 1)
98 /* XXX could it 'fail' with zero? */
100 g_object_unref (socket
);
101 g_object_unref (scm
);
106 g_object_unref (socket
);
107 g_object_unref (scm
);
113 * g_unix_connection_receive_fd:
114 * @connection: a #GUnixConnection
115 * @cancellable: (allow-none): optional #GCancellable object, %NULL to ignore
116 * @error: (allow-none): #GError for error reporting, or %NULL to ignore
118 * Receives a file descriptor from the sending end of the connection.
119 * The sending end has to call g_unix_connection_send_fd() for this
122 * As well as reading the fd this also reads a single byte from the
123 * stream, as this is required for fd passing to work on some
126 * Returns: a file descriptor on success, -1 on error.
131 g_unix_connection_receive_fd (GUnixConnection
*connection
,
132 GCancellable
*cancellable
,
135 GSocketControlMessage
**scms
;
136 gint
*fds
, nfd
, fd
, nscm
;
137 GUnixFDMessage
*fdmsg
;
140 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection
), -1);
142 g_object_get (connection
, "socket", &socket
, NULL
);
143 if (g_socket_receive_message (socket
, NULL
, NULL
, 0,
144 &scms
, &nscm
, NULL
, cancellable
, error
) != 1)
145 /* XXX it _could_ 'fail' with zero. */
147 g_object_unref (socket
);
152 g_object_unref (socket
);
158 g_set_error (error
, G_IO_ERROR
, G_IO_ERROR_FAILED
,
159 _("Expecting 1 control message, got %d"), nscm
);
161 for (i
= 0; i
< nscm
; i
++)
162 g_object_unref (scms
[i
]);
169 if (!G_IS_UNIX_FD_MESSAGE (scms
[0]))
171 g_set_error_literal (error
, G_IO_ERROR
, G_IO_ERROR_FAILED
,
172 _("Unexpected type of ancillary data"));
173 g_object_unref (scms
[0]);
179 fdmsg
= G_UNIX_FD_MESSAGE (scms
[0]);
182 fds
= g_unix_fd_message_steal_fds (fdmsg
, &nfd
);
183 g_object_unref (fdmsg
);
189 g_set_error (error
, G_IO_ERROR
, G_IO_ERROR_FAILED
,
190 _("Expecting one fd, but got %d\n"), nfd
);
192 for (i
= 0; i
< nfd
; i
++)
205 g_set_error_literal (error
, G_IO_ERROR
, G_IO_ERROR_FAILED
,
206 _("Received invalid fd"));
214 g_unix_connection_init (GUnixConnection
*connection
)
219 g_unix_connection_class_init (GUnixConnectionClass
*class)
223 /* TODO: Other stuff we might want to add are:
224 void g_unix_connection_send_fd_async (GUnixConnection *connection,
228 GAsyncReadyCallback callback,
230 gboolean g_unix_connection_send_fd_finish (GUnixConnection *connection,
233 gboolean g_unix_connection_send_fds (GUnixConnection *connection,
237 void g_unix_connection_send_fds_async (GUnixConnection *connection,
241 GAsyncReadyCallback callback,
243 gboolean g_unix_connection_send_fds_finish (GUnixConnection *connection,
246 void g_unix_connection_receive_fd_async (GUnixConnection *connection,
248 GAsyncReadyCallback callback,
250 gint g_unix_connection_receive_fd_finish (GUnixConnection *connection,
254 gboolean g_unix_connection_send_fake_credentials (GUnixConnection *connection,
259 void g_unix_connection_send_fake_credentials_async (GUnixConnection *connection,
264 GAsyncReadyCallback callback,
266 gboolean g_unix_connection_send_fake_credentials_finish (GUnixConnection *connection,
269 gboolean g_unix_connection_create_pair (GUnixConnection **one,
270 GUnixConnection **two,
276 * g_unix_connection_send_credentials:
277 * @connection: A #GUnixConnection.
278 * @cancellable: (allow-none): A #GCancellable or %NULL.
279 * @error: Return location for error or %NULL.
281 * Passes the credentials of the current user the receiving side
282 * of the connection. The receiving end has to call
283 * g_unix_connection_receive_credentials() (or similar) to accept the
286 * As well as sending the credentials this also writes a single NUL
287 * byte to the stream, as this is required for credentials passing to
288 * work on some implementations.
290 * Other ways to exchange credentials with a foreign peer includes the
291 * #GUnixCredentialsMessage type and g_socket_get_credentials() function.
293 * Returns: %TRUE on success, %FALSE if @error is set.
298 g_unix_connection_send_credentials (GUnixConnection
*connection
,
299 GCancellable
*cancellable
,
302 GCredentials
*credentials
;
303 GSocketControlMessage
*scm
;
306 GOutputVector vector
;
307 guchar nul_byte
[1] = {'\0'};
310 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection
), FALSE
);
311 g_return_val_if_fail (error
== NULL
|| *error
== NULL
, FALSE
);
315 credentials
= g_credentials_new ();
317 vector
.buffer
= &nul_byte
;
320 if (g_unix_credentials_message_is_supported ())
322 scm
= g_unix_credentials_message_new_with_credentials (credentials
);
331 g_object_get (connection
, "socket", &socket
, NULL
);
332 if (g_socket_send_message (socket
,
342 g_prefix_error (error
, _("Error sending credentials: "));
349 g_object_unref (socket
);
351 g_object_unref (scm
);
352 g_object_unref (credentials
);
357 send_credentials_async_thread (GTask
*task
,
358 gpointer source_object
,
360 GCancellable
*cancellable
)
362 GError
*error
= NULL
;
364 if (g_unix_connection_send_credentials (G_UNIX_CONNECTION (source_object
),
367 g_task_return_boolean (task
, TRUE
);
369 g_task_return_error (task
, error
);
370 g_object_unref (task
);
374 * g_unix_connection_send_credentials_async:
375 * @connection: A #GUnixConnection.
376 * @cancellable: (allow-none): optional #GCancellable object, %NULL to ignore.
377 * @callback: (scope async): a #GAsyncReadyCallback to call when the request is satisfied
378 * @user_data: (closure): the data to pass to callback function
380 * Asynchronously send credentials.
382 * For more details, see g_unix_connection_send_credentials() which is
383 * the synchronous version of this call.
385 * When the operation is finished, @callback will be called. You can then call
386 * g_unix_connection_send_credentials_finish() to get the result of the operation.
391 g_unix_connection_send_credentials_async (GUnixConnection
*connection
,
392 GCancellable
*cancellable
,
393 GAsyncReadyCallback callback
,
398 task
= g_task_new (connection
, cancellable
, callback
, user_data
);
400 g_task_run_in_thread (task
, send_credentials_async_thread
);
404 * g_unix_connection_send_credentials_finish:
405 * @connection: A #GUnixConnection.
406 * @result: a #GAsyncResult.
407 * @error: a #GError, or %NULL
409 * Finishes an asynchronous send credentials operation started with
410 * g_unix_connection_send_credentials_async().
412 * Returns: %TRUE if the operation was successful, otherwise %FALSE.
417 g_unix_connection_send_credentials_finish (GUnixConnection
*connection
,
418 GAsyncResult
*result
,
421 g_return_val_if_fail (g_task_is_valid (result
, connection
), FALSE
);
423 return g_task_propagate_boolean (G_TASK (result
), error
);
427 * g_unix_connection_receive_credentials:
428 * @connection: A #GUnixConnection.
429 * @cancellable: (allow-none): A #GCancellable or %NULL.
430 * @error: Return location for error or %NULL.
432 * Receives credentials from the sending end of the connection. The
433 * sending end has to call g_unix_connection_send_credentials() (or
434 * similar) for this to work.
436 * As well as reading the credentials this also reads (and discards) a
437 * single byte from the stream, as this is required for credentials
438 * passing to work on some implementations.
440 * Other ways to exchange credentials with a foreign peer includes the
441 * #GUnixCredentialsMessage type and g_socket_get_credentials() function.
443 * Returns: (transfer full): Received credentials on success (free with
444 * g_object_unref()), %NULL if @error is set.
449 g_unix_connection_receive_credentials (GUnixConnection
*connection
,
450 GCancellable
*cancellable
,
454 GSocketControlMessage
**scms
;
458 gssize num_bytes_read
;
460 gboolean turn_off_so_passcreds
;
463 g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection
), NULL
);
464 g_return_val_if_fail (error
== NULL
|| *error
== NULL
, NULL
);
469 g_object_get (connection
, "socket", &socket
, NULL
);
471 /* On Linux, we need to turn on SO_PASSCRED if it isn't enabled
472 * already. We also need to turn it off when we're done. See
473 * #617483 for more discussion.
479 turn_off_so_passcreds
= FALSE
;
481 if (!g_socket_get_option (socket
,
489 g_io_error_from_errno (errno
),
490 _("Error checking if SO_PASSCRED is enabled for socket: %s"),
496 if (!g_socket_set_option (socket
,
504 g_io_error_from_errno (errno
),
505 _("Error enabling SO_PASSCRED: %s"),
509 turn_off_so_passcreds
= TRUE
;
514 g_type_ensure (G_TYPE_UNIX_CREDENTIALS_MESSAGE
);
515 num_bytes_read
= g_socket_receive_message (socket
,
516 NULL
, /* GSocketAddress **address */
524 if (num_bytes_read
!= 1)
526 /* Handle situation where g_socket_receive_message() returns
527 * 0 bytes and not setting @error
529 if (num_bytes_read
== 0 && error
!= NULL
&& *error
== NULL
)
531 g_set_error_literal (error
,
534 _("Expecting to read a single byte for receiving credentials but read zero bytes"));
539 if (g_unix_credentials_message_is_supported () &&
540 /* Fall back on get_credentials if the other side didn't send the credentials */
548 _("Expecting 1 control message, got %d"),
553 if (!G_IS_UNIX_CREDENTIALS_MESSAGE (scms
[0]))
555 g_set_error_literal (error
,
558 _("Unexpected type of ancillary data"));
562 ret
= g_unix_credentials_message_get_credentials (G_UNIX_CREDENTIALS_MESSAGE (scms
[0]));
572 _("Not expecting control message, but got %d"),
578 ret
= g_socket_get_credentials (socket
, error
);
585 if (turn_off_so_passcreds
)
587 if (!g_socket_set_option (socket
,
595 g_io_error_from_errno (errno
),
596 _("Error while disabling SO_PASSCRED: %s"),
605 for (n
= 0; n
< nscm
; n
++)
606 g_object_unref (scms
[n
]);
609 g_object_unref (socket
);
614 receive_credentials_async_thread (GTask
*task
,
615 gpointer source_object
,
617 GCancellable
*cancellable
)
620 GError
*error
= NULL
;
622 creds
= g_unix_connection_receive_credentials (G_UNIX_CONNECTION (source_object
),
626 g_task_return_pointer (task
, creds
, g_object_unref
);
628 g_task_return_error (task
, error
);
629 g_object_unref (task
);
633 * g_unix_connection_receive_credentials_async:
634 * @connection: A #GUnixConnection.
635 * @cancellable: (allow-none): optional #GCancellable object, %NULL to ignore.
636 * @callback: (scope async): a #GAsyncReadyCallback to call when the request is satisfied
637 * @user_data: (closure): the data to pass to callback function
639 * Asynchronously receive credentials.
641 * For more details, see g_unix_connection_receive_credentials() which is
642 * the synchronous version of this call.
644 * When the operation is finished, @callback will be called. You can then call
645 * g_unix_connection_receive_credentials_finish() to get the result of the operation.
650 g_unix_connection_receive_credentials_async (GUnixConnection
*connection
,
651 GCancellable
*cancellable
,
652 GAsyncReadyCallback callback
,
657 task
= g_task_new (connection
, cancellable
, callback
, user_data
);
659 g_task_run_in_thread (task
, receive_credentials_async_thread
);
663 * g_unix_connection_receive_credentials_finish:
664 * @connection: A #GUnixConnection.
665 * @result: a #GAsyncResult.
666 * @error: a #GError, or %NULL
668 * Finishes an asynchronous receive credentials operation started with
669 * g_unix_connection_receive_credentials_async().
671 * Returns: (transfer full): a #GCredentials, or %NULL on error.
672 * Free the returned object with g_object_unref().
677 g_unix_connection_receive_credentials_finish (GUnixConnection
*connection
,
678 GAsyncResult
*result
,
681 g_return_val_if_fail (g_task_is_valid (result
, connection
), NULL
);
683 return g_task_propagate_pointer (G_TASK (result
), error
);