28#include "dbus-string.h"
30#include "dbus-internals.h"
31#include "dbus-keyring.h"
33#include "dbus-protocol.h"
34#include "dbus-credentials.h"
122 DBUS_AUTH_COMMAND_AUTH,
123 DBUS_AUTH_COMMAND_CANCEL,
124 DBUS_AUTH_COMMAND_DATA,
125 DBUS_AUTH_COMMAND_BEGIN,
126 DBUS_AUTH_COMMAND_REJECTED,
127 DBUS_AUTH_COMMAND_OK,
128 DBUS_AUTH_COMMAND_ERROR,
129 DBUS_AUTH_COMMAND_UNKNOWN,
130 DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD,
131 DBUS_AUTH_COMMAND_AGREE_UNIX_FD
225static void goto_state (
DBusAuth *auth,
233 const char *message);
255 "WaitingForAuth", handle_server_state_waiting_for_auth
258 "WaitingForData", handle_server_state_waiting_for_data
261 "WaitingForBegin", handle_server_state_waiting_for_begin
285 "WaitingForData", handle_client_state_waiting_for_data
291 "WaitingForOK", handle_client_state_waiting_for_ok
294 "WaitingForReject", handle_client_state_waiting_for_reject
297 "WaitingForAgreeUnixFD", handle_client_state_waiting_for_agree_unix_fd
305 "Authenticated",
NULL
309 "NeedDisconnect",
NULL
312static const char auth_side_client[] =
"client";
313static const char auth_side_server[] =
"server";
318#define DBUS_AUTH_IS_SERVER(auth) ((auth)->side == auth_side_server)
323#define DBUS_AUTH_IS_CLIENT(auth) ((auth)->side == auth_side_client)
328#define DBUS_AUTH_CLIENT(auth) ((DBusAuthClient*)(auth))
333#define DBUS_AUTH_SERVER(auth) ((DBusAuthServer*)(auth))
340#define DBUS_AUTH_NAME(auth) ((auth)->side)
343_dbus_auth_new (
int size)
434 _dbus_verbose (
"%s: Shutting down mechanism %s\n",
521#define N_CHALLENGE_BYTES (128/8)
524sha1_handle_first_client_response (
DBusAuth *auth,
543 _dbus_verbose (
"%s: client tried to send auth identity, but we already have one\n",
545 return send_rejected (auth);
556 DBUS_CREDENTIALS_ADD_FLAGS_USER_DATABASE,
565 _dbus_verbose (
"%s: Did not get a valid username from client: %s\n",
568 return send_rejected (auth);
600 _dbus_verbose (
"%s: client tried to authenticate as \"%s\", "
601 "but that doesn't match this process",
604 retval = send_rejected (auth);
636 _DBUS_ASSERT_ERROR_IS_SET (&error);
637 _dbus_verbose (
"%s: Error loading keyring: %s\n",
639 if (send_rejected (auth))
656 _DBUS_ASSERT_ERROR_IS_SET (&error);
657 _dbus_verbose (
"%s: Could not get a cookie ID to send to client: %s\n",
659 if (send_rejected (auth))
691 _DBUS_ASSERT_ERROR_IS_SET (&error);
692 _dbus_verbose (
"%s: Error generating challenge: %s\n",
694 if (send_rejected (auth))
710 if (!send_data (auth, &tmp2))
713 goto_state (auth, &server_state_waiting_for_data);
721 _dbus_clear_credentials (&myself);
727sha1_handle_second_client_response (
DBusAuth *auth,
745 _dbus_verbose (
"%s: no space separator in client response\n",
747 return send_rejected (auth);
771 _dbus_verbose (
"%s: zero-length client challenge or hash\n",
773 if (send_rejected (auth))
781 if (!sha1_compute_hash (auth, auth->
cookie_id,
790 if (send_rejected (auth))
797 if (send_rejected (auth))
809 DBUS_CREDENTIAL_UNIX_PROCESS_FD,
813 DBUS_CREDENTIAL_UNIX_PROCESS_ID,
820 _dbus_verbose (
"%s: authenticated client using DBUS_COOKIE_SHA1\n",
838handle_server_data_cookie_sha1_mech (
DBusAuth *auth,
842 return sha1_handle_first_client_response (auth, data);
844 return sha1_handle_second_client_response (auth, data);
848handle_server_shutdown_cookie_sha1_mech (
DBusAuth *auth)
855handle_client_initial_response_cookie_sha1_mech (
DBusAuth *auth,
883handle_client_data_cookie_sha1_mech (
DBusAuth *auth,
903 if (send_error (auth,
904 "Server did not send context/ID/challenge properly"))
919 if (send_error (auth,
920 "Server did not send context/ID/challenge properly"))
940 &server_challenge, 0))
945 if (send_error (auth,
"Server sent invalid cookie context"))
952 if (send_error (auth,
"Could not parse cookie ID as an integer"))
959 if (send_error (auth,
"Empty server challenge string"))
980 _DBUS_ASSERT_ERROR_IS_SET (&error);
982 _dbus_verbose (
"%s: Error loading keyring: %s\n",
985 if (send_error (auth,
"Could not load cookie file"))
1012 _DBUS_ASSERT_ERROR_IS_SET (&error);
1014 _dbus_verbose (
"%s: Failed to generate challenge: %s\n",
1017 if (send_error (auth,
"Failed to generate challenge"))
1034 if (!sha1_compute_hash (auth, val,
1043 if (send_error (auth,
"Don't have the requested cookie ID"))
1061 if (!send_data (auth, &tmp))
1085handle_client_shutdown_cookie_sha1_mech (
DBusAuth *auth)
1096handle_server_data_external_mech (
DBusAuth *auth,
1101 _dbus_verbose (
"%s: no credentials, mechanism EXTERNAL can't authenticate\n",
1103 return send_rejected (auth);
1111 _dbus_verbose (
"%s: client tried to send auth identity, but we already have one\n",
1113 return send_rejected (auth);
1127 if (send_data (auth,
NULL))
1129 _dbus_verbose (
"%s: sending empty challenge asking client for auth identity\n",
1132 goto_state (auth, &server_state_waiting_for_data);
1160 DBUS_CREDENTIALS_ADD_FLAGS_NONE,
1169 _dbus_verbose (
"%s: could not get credentials from uid string: %s\n",
1172 return send_rejected (auth);
1178 _dbus_verbose (
"%s: desired user %s is no good\n",
1181 return send_rejected (auth);
1195 DBUS_CREDENTIAL_UNIX_PROCESS_FD,
1200 DBUS_CREDENTIAL_UNIX_PROCESS_ID,
1205 DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID,
1210 DBUS_CREDENTIAL_UNIX_GROUP_IDS,
1215 DBUS_CREDENTIAL_LINUX_SECURITY_LABEL,
1219 if (!send_ok (auth))
1222 _dbus_verbose (
"%s: authenticated client based on socket credentials\n",
1229 _dbus_verbose (
"%s: desired identity not found in socket credentials\n",
1231 return send_rejected (auth);
1236handle_server_shutdown_external_mech (
DBusAuth *auth)
1242handle_client_initial_response_external_mech (
DBusAuth *auth,
1273handle_client_data_external_mech (
DBusAuth *auth,
1281handle_client_shutdown_external_mech (
DBusAuth *auth)
1291handle_server_data_anonymous_mech (
DBusAuth *auth,
1303 _dbus_verbose (
"%s: Received invalid UTF-8 trace data from ANONYMOUS client\n",
1305 return send_rejected (auth);
1308 _dbus_verbose (
"%s: ANONYMOUS client sent trace string: '%s'\n",
1319 DBUS_CREDENTIAL_UNIX_PROCESS_FD,
1324 DBUS_CREDENTIAL_UNIX_PROCESS_ID,
1329 if (!send_ok (auth))
1332 _dbus_verbose (
"%s: authenticated client as anonymous\n",
1339handle_server_shutdown_anonymous_mech (
DBusAuth *auth)
1345handle_client_initial_response_anonymous_mech (
DBusAuth *auth,
1378handle_client_data_anonymous_mech (
DBusAuth *auth,
1386handle_client_shutdown_anonymous_mech (
DBusAuth *auth)
1405 handle_server_data_external_mech,
1407 handle_server_shutdown_external_mech,
1408 handle_client_initial_response_external_mech,
1409 handle_client_data_external_mech,
1411 handle_client_shutdown_external_mech },
1412 {
"DBUS_COOKIE_SHA1",
1413 handle_server_data_cookie_sha1_mech,
1415 handle_server_shutdown_cookie_sha1_mech,
1416 handle_client_initial_response_cookie_sha1_mech,
1417 handle_client_data_cookie_sha1_mech,
1419 handle_client_shutdown_cookie_sha1_mech },
1421 handle_server_data_anonymous_mech,
1423 handle_server_shutdown_anonymous_mech,
1424 handle_client_initial_response_anonymous_mech,
1425 handle_client_data_anonymous_mech,
1427 handle_client_shutdown_anonymous_mech },
1433 char **allowed_mechs)
1437 if (allowed_mechs !=
NULL &&
1443 while (all_mechanisms[i].mechanism !=
NULL)
1446 all_mechanisms[i].mechanism))
1448 return &all_mechanisms[i];
1509 shutdown_mech (auth);
1511 goto_state (auth, &client_state_waiting_for_data);
1564 all_mechanisms[i].mechanism))
1572 all_mechanisms[i].mechanism))
1583 shutdown_mech (auth);
1590 goto_state (auth, &common_state_need_disconnect);
1592 goto_state (auth, &server_state_waiting_for_auth);
1604send_error (
DBusAuth *auth,
const char *message)
1607 "ERROR \"%s\"\r\n", message);
1624 goto_state (auth, &server_state_waiting_for_begin);
1642 goto_state (auth, &common_state_authenticated);
1668 _dbus_verbose (
"Bad GUID from server, parsed %d bytes and had %d bytes from server\n",
1670 goto_state (auth, &common_state_need_disconnect);
1679 _dbus_verbose (
"Got GUID '%s' from the server\n",
1684 if (!send_negotiate_unix_fd (auth))
1693 _dbus_verbose(
"Not negotiating unix fd passing, since not possible\n");
1695 if (!send_begin (auth))
1709 goto_state (auth, &client_state_waiting_for_reject);
1736 if (!send_error (auth,
"Invalid hex encoding"))
1742#ifdef DBUS_ENABLE_VERBOSE_MODE
1745 _dbus_verbose (
"%s: data: '%s'\n",
1750 if (!(* data_func) (auth, &decoded))
1761send_negotiate_unix_fd (
DBusAuth *auth)
1764 "NEGOTIATE_UNIX_FD\r\n"))
1767 goto_state (auth, &client_state_waiting_for_agree_unix_fd);
1777 _dbus_verbose(
"Agreed to UNIX FD passing\n");
1780 "AGREE_UNIX_FD\r\n"))
1783 goto_state (auth, &server_state_waiting_for_begin);
1793 if (!send_rejected (auth))
1825 _dbus_verbose (
"%s: Trying mechanism %s\n",
1829 if (!process_data (auth, &hex_response,
1836 _dbus_verbose (
"%s: Unsupported mechanism %s\n",
1840 if (!send_rejected (auth))
1858handle_server_state_waiting_for_auth (
DBusAuth *auth,
1864 case DBUS_AUTH_COMMAND_AUTH:
1865 return handle_auth (auth, args);
1867 case DBUS_AUTH_COMMAND_CANCEL:
1868 case DBUS_AUTH_COMMAND_DATA:
1869 return send_error (auth,
"Not currently in an auth conversation");
1871 case DBUS_AUTH_COMMAND_BEGIN:
1872 goto_state (auth, &common_state_need_disconnect);
1875 case DBUS_AUTH_COMMAND_ERROR:
1876 return send_rejected (auth);
1878 case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
1879 return send_error (auth,
"Need to authenticate first");
1881 case DBUS_AUTH_COMMAND_REJECTED:
1882 case DBUS_AUTH_COMMAND_OK:
1883 case DBUS_AUTH_COMMAND_UNKNOWN:
1884 case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
1886 return send_error (auth,
"Unknown command");
1891handle_server_state_waiting_for_data (
DBusAuth *auth,
1897 case DBUS_AUTH_COMMAND_AUTH:
1898 return send_error (auth,
"Sent AUTH while another AUTH in progress");
1900 case DBUS_AUTH_COMMAND_CANCEL:
1901 case DBUS_AUTH_COMMAND_ERROR:
1902 return send_rejected (auth);
1904 case DBUS_AUTH_COMMAND_DATA:
1907 case DBUS_AUTH_COMMAND_BEGIN:
1908 goto_state (auth, &common_state_need_disconnect);
1911 case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
1912 return send_error (auth,
"Need to authenticate first");
1914 case DBUS_AUTH_COMMAND_REJECTED:
1915 case DBUS_AUTH_COMMAND_OK:
1916 case DBUS_AUTH_COMMAND_UNKNOWN:
1917 case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
1919 return send_error (auth,
"Unknown command");
1924handle_server_state_waiting_for_begin (
DBusAuth *auth,
1930 case DBUS_AUTH_COMMAND_AUTH:
1931 return send_error (auth,
"Sent AUTH while expecting BEGIN");
1933 case DBUS_AUTH_COMMAND_DATA:
1934 return send_error (auth,
"Sent DATA while expecting BEGIN");
1936 case DBUS_AUTH_COMMAND_BEGIN:
1937 goto_state (auth, &common_state_authenticated);
1940 case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
1942 return send_agree_unix_fd(auth);
1944 return send_error(auth,
"Unix FD passing not supported, not authenticated or otherwise not possible");
1946 case DBUS_AUTH_COMMAND_REJECTED:
1947 case DBUS_AUTH_COMMAND_OK:
1948 case DBUS_AUTH_COMMAND_UNKNOWN:
1949 case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
1951 return send_error (auth,
"Unknown command");
1953 case DBUS_AUTH_COMMAND_CANCEL:
1954 case DBUS_AUTH_COMMAND_ERROR:
1955 return send_rejected (auth);
2002 if (!get_word (args, &next, &m))
2021 if (mech != &all_mechanisms[0])
2023 _dbus_verbose (
"%s: Adding mechanism %s to list we will try\n",
2035 _dbus_verbose (
"%s: Already tried mechanism %s; not adding to list we will try\n",
2041 _dbus_verbose (
"%s: Server offered mechanism \"%s\" that we don't know how to use\n",
2069 if (!record_mechanisms (auth, args))
2077 if (!send_auth (auth, mech))
2082 _dbus_verbose (
"%s: Trying mechanism %s\n",
2089 _dbus_verbose (
"%s: Disconnecting because we are out of mechanisms to try using\n",
2091 goto_state (auth, &common_state_need_disconnect);
2099handle_client_state_waiting_for_data (
DBusAuth *auth,
2107 case DBUS_AUTH_COMMAND_DATA:
2110 case DBUS_AUTH_COMMAND_REJECTED:
2111 return process_rejected (auth, args);
2113 case DBUS_AUTH_COMMAND_OK:
2114 return process_ok(auth, args);
2116 case DBUS_AUTH_COMMAND_ERROR:
2117 return send_cancel (auth);
2119 case DBUS_AUTH_COMMAND_AUTH:
2120 case DBUS_AUTH_COMMAND_CANCEL:
2121 case DBUS_AUTH_COMMAND_BEGIN:
2122 case DBUS_AUTH_COMMAND_UNKNOWN:
2123 case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
2124 case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
2126 return send_error (auth,
"Unknown command");
2131handle_client_state_waiting_for_ok (
DBusAuth *auth,
2137 case DBUS_AUTH_COMMAND_REJECTED:
2138 return process_rejected (auth, args);
2140 case DBUS_AUTH_COMMAND_OK:
2141 return process_ok(auth, args);
2143 case DBUS_AUTH_COMMAND_DATA:
2144 case DBUS_AUTH_COMMAND_ERROR:
2145 return send_cancel (auth);
2147 case DBUS_AUTH_COMMAND_AUTH:
2148 case DBUS_AUTH_COMMAND_CANCEL:
2149 case DBUS_AUTH_COMMAND_BEGIN:
2150 case DBUS_AUTH_COMMAND_UNKNOWN:
2151 case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
2152 case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
2154 return send_error (auth,
"Unknown command");
2159handle_client_state_waiting_for_reject (
DBusAuth *auth,
2165 case DBUS_AUTH_COMMAND_REJECTED:
2166 return process_rejected (auth, args);
2168 case DBUS_AUTH_COMMAND_AUTH:
2169 case DBUS_AUTH_COMMAND_CANCEL:
2170 case DBUS_AUTH_COMMAND_DATA:
2171 case DBUS_AUTH_COMMAND_BEGIN:
2172 case DBUS_AUTH_COMMAND_OK:
2173 case DBUS_AUTH_COMMAND_ERROR:
2174 case DBUS_AUTH_COMMAND_UNKNOWN:
2175 case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
2176 case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
2178 goto_state (auth, &common_state_need_disconnect);
2184handle_client_state_waiting_for_agree_unix_fd(
DBusAuth *auth,
2190 case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
2193 _dbus_verbose(
"Successfully negotiated UNIX FD passing\n");
2194 return send_begin (auth);
2196 case DBUS_AUTH_COMMAND_ERROR:
2199 _dbus_verbose(
"Failed to negotiate UNIX FD passing\n");
2200 return send_begin (auth);
2202 case DBUS_AUTH_COMMAND_OK:
2203 case DBUS_AUTH_COMMAND_DATA:
2204 case DBUS_AUTH_COMMAND_REJECTED:
2205 case DBUS_AUTH_COMMAND_AUTH:
2206 case DBUS_AUTH_COMMAND_CANCEL:
2207 case DBUS_AUTH_COMMAND_BEGIN:
2208 case DBUS_AUTH_COMMAND_UNKNOWN:
2209 case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
2211 return send_error (auth,
"Unknown command");
2224 {
"AUTH", DBUS_AUTH_COMMAND_AUTH },
2225 {
"CANCEL", DBUS_AUTH_COMMAND_CANCEL },
2226 {
"DATA", DBUS_AUTH_COMMAND_DATA },
2227 {
"BEGIN", DBUS_AUTH_COMMAND_BEGIN },
2228 {
"REJECTED", DBUS_AUTH_COMMAND_REJECTED },
2229 {
"OK", DBUS_AUTH_COMMAND_OK },
2230 {
"ERROR", DBUS_AUTH_COMMAND_ERROR },
2231 {
"NEGOTIATE_UNIX_FD", DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD },
2232 {
"AGREE_UNIX_FD", DBUS_AUTH_COMMAND_AGREE_UNIX_FD }
2236lookup_command_from_name (
DBusString *command)
2243 auth_command_names[i].name))
2244 return auth_command_names[i].command;
2247 return DBUS_AUTH_COMMAND_UNKNOWN;
2254 _dbus_verbose (
"%s: going from state %s to state %s\n",
2259 auth->
state = state;
2300 _dbus_verbose (
"%s: Command contained non-ASCII chars or embedded nul\n",
2302 if (!send_error (auth,
"Command contained non-ASCII"))
2308 _dbus_verbose (
"%s: got command \"%s\"\n",
2325 command = lookup_command_from_name (&line);
2392 auth->
side = auth_side_server;
2393 auth->
state = &server_state_waiting_for_auth;
2397 server_auth->
guid = guid_copy;
2433 auth->
side = auth_side_client;
2434 auth->
state = &client_state_need_send_auth;
2438 if (!send_auth (auth, &all_mechanisms[0]))
2477 shutdown_mech (auth);
2520 const char **mechanisms)
2524 if (mechanisms !=
NULL)
2544#define DBUS_AUTH_IN_END_STATE(auth) ((auth)->state->handler == NULL)
2559#define MAX_BUFFER (16 * _DBUS_ONE_KILOBYTE)
2569 goto_state (auth, &common_state_need_disconnect);
2570 _dbus_verbose (
"%s: Disconnecting due to excessive data buffered in auth phase\n",
2575 while (process_command (auth));
2578 return DBUS_AUTH_STATE_WAITING_FOR_MEMORY;
2580 return DBUS_AUTH_STATE_HAVE_BYTES_TO_SEND;
2581 else if (auth->
state == &common_state_need_disconnect)
2582 return DBUS_AUTH_STATE_NEED_DISCONNECT;
2583 else if (auth->
state == &common_state_authenticated)
2584 return DBUS_AUTH_STATE_AUTHENTICATED;
2585 else return DBUS_AUTH_STATE_WAITING_FOR_INPUT;
2626 _dbus_verbose (
"%s: Sent %d bytes of: %s\n",
2716 if (auth->
state != &common_state_authenticated)
2747 if (auth->
state != &common_state_authenticated)
2775 if (auth->
state != &common_state_authenticated)
2810 if (auth->
state != &common_state_authenticated)
2856 if (auth->
state == &common_state_authenticated)
2882 if (auth->
state == &common_state_authenticated)
2940 return find_mech (name,
NULL) !=
NULL;
dbus_bool_t(* DBusAuthEncodeFunction)(DBusAuth *auth, const DBusString *data, DBusString *encoded)
This function encodes a block of data from the peer.
dbus_bool_t(* DBusAuthDecodeFunction)(DBusAuth *auth, const DBusString *data, DBusString *decoded)
This function decodes a block of data from the peer.
#define DBUS_AUTH_SERVER(auth)
#define DBUS_AUTH_IS_SERVER(auth)
#define DBUS_AUTH_NAME(auth)
The name of the auth ("client" or "server")
#define DBUS_AUTH_CLIENT(auth)
#define DBUS_AUTH_IS_CLIENT(auth)
dbus_bool_t(* DBusAuthStateFunction)(DBusAuth *auth, DBusAuthCommand command, const DBusString *args)
Auth state function, determines the reaction to incoming events for a particular state.
void(* DBusAuthShutdownFunction)(DBusAuth *auth)
This function is called when the mechanism is abandoned.
dbus_bool_t(* DBusInitialResponseFunction)(DBusAuth *auth, DBusString *response)
This function appends an initial client response to the given string.
DBusAuthCommand
Enumeration for the known authentication commands.
dbus_bool_t(* DBusAuthDataFunction)(DBusAuth *auth, const DBusString *data)
This function processes a block of data received from the peer.
#define N_CHALLENGE_BYTES
http://www.ietf.org/rfc/rfc2831.txt suggests at least 64 bits of entropy, we use 128.
DBusAuthState _dbus_auth_do_work(DBusAuth *auth)
Analyzes buffered input and moves the auth conversation forward, returning the new state of the auth ...
dbus_bool_t _dbus_auth_encode_data(DBusAuth *auth, const DBusString *plaintext, DBusString *encoded)
Called post-authentication, encodes a block of bytes for sending to the peer.
dbus_bool_t _dbus_auth_dump_supported_mechanisms(DBusString *buffer)
Return a human-readable string containing all supported auth mechanisms.
dbus_bool_t _dbus_auth_needs_encoding(DBusAuth *auth)
Called post-authentication, indicates whether we need to encode the message stream with _dbus_auth_en...
dbus_bool_t _dbus_auth_set_credentials(DBusAuth *auth, DBusCredentials *credentials)
Sets credentials received via reliable means from the operating system.
dbus_bool_t _dbus_auth_get_unix_fd_negotiated(DBusAuth *auth)
Queries whether unix fd passing was successfully negotiated.
DBusAuth * _dbus_auth_ref(DBusAuth *auth)
Increments the refcount of an auth object.
dbus_bool_t _dbus_auth_is_supported_mechanism(DBusString *name)
Queries whether the given auth mechanism is supported.
DBusCredentials * _dbus_auth_get_identity(DBusAuth *auth)
Gets the identity we authorized the client as.
dbus_bool_t _dbus_auth_get_bytes_to_send(DBusAuth *auth, const DBusString **str)
Gets bytes that need to be sent to the peer we're conversing with.
dbus_bool_t _dbus_auth_decode_data(DBusAuth *auth, const DBusString *encoded, DBusString *plaintext)
Called post-authentication, decodes a block of bytes received from the peer.
void _dbus_auth_unref(DBusAuth *auth)
Decrements the refcount of an auth object.
void _dbus_auth_set_unix_fd_possible(DBusAuth *auth, dbus_bool_t b)
Sets whether unix fd passing is potentially on the transport and hence shall be negotiated.
void _dbus_auth_return_buffer(DBusAuth *auth, DBusString *buffer)
Returns a buffer with new data read into it.
dbus_bool_t _dbus_auth_set_mechanisms(DBusAuth *auth, const char **mechanisms)
Sets an array of authentication mechanism names that we are willing to use.
void _dbus_auth_delete_unused_bytes(DBusAuth *auth)
Gets rid of unused bytes returned by _dbus_auth_get_unused_bytes() after we've gotten them and succes...
const char * _dbus_auth_get_guid_from_server(DBusAuth *auth)
Gets the GUID from the server if we've authenticated; gets NULL otherwise.
void _dbus_auth_get_buffer(DBusAuth *auth, DBusString **buffer)
Get a buffer to be used for reading bytes from the peer we're conversing with.
dbus_bool_t _dbus_auth_needs_decoding(DBusAuth *auth)
Called post-authentication, indicates whether we need to decode the message stream with _dbus_auth_de...
dbus_bool_t _dbus_auth_set_context(DBusAuth *auth, const DBusString *context)
Sets the "authentication context" which scopes cookies with the DBUS_COOKIE_SHA1 auth mechanism for e...
void _dbus_auth_bytes_sent(DBusAuth *auth, int bytes_sent)
Notifies the auth conversation object that the given number of bytes of the outgoing buffer have been...
#define DBUS_AUTH_IN_END_STATE(auth)
DBusAuth * _dbus_auth_client_new(void)
Creates a new auth conversation object for the client side.
DBusAuth * _dbus_auth_server_new(const DBusString *guid)
Creates a new auth conversation object for the server side.
void _dbus_auth_get_unused_bytes(DBusAuth *auth, const DBusString **str)
Returns leftover bytes that were not used as part of the auth conversation.
dbus_bool_t _dbus_credentials_are_superset(DBusCredentials *credentials, DBusCredentials *possible_subset)
Checks whether the first credentials object contains all the credentials found in the second credenti...
dbus_bool_t _dbus_credentials_same_user(DBusCredentials *credentials, DBusCredentials *other_credentials)
Check whether the user-identifying credentials in two credentials objects are identical.
void _dbus_credentials_clear(DBusCredentials *credentials)
Clear all credentials in the object.
DBusCredentials * _dbus_credentials_new_from_current_process(void)
Creates a new object with the most important credentials (user ID and process ID) from the current pr...
DBusCredentials * _dbus_credentials_new(void)
Creates a new credentials object.
dbus_bool_t _dbus_credentials_add_credentials(DBusCredentials *credentials, DBusCredentials *other_credentials)
Merge all credentials found in the second object into the first object, overwriting the first object ...
void _dbus_credentials_unref(DBusCredentials *credentials)
Decrement refcount on credentials.
dbus_bool_t _dbus_credentials_are_empty(DBusCredentials *credentials)
Checks whether a credentials object contains anything.
dbus_bool_t _dbus_credentials_add_credential(DBusCredentials *credentials, DBusCredentialType which, DBusCredentials *other_credentials)
Merge the given credential found in the second object into the first object, overwriting the first ob...
dbus_bool_t _dbus_credentials_are_anonymous(DBusCredentials *credentials)
Checks whether a credentials object contains a user identity.
#define DBUS_ERROR_INIT
Expands to a suitable initializer for a DBusError on the stack.
dbus_bool_t dbus_error_has_name(const DBusError *error, const char *name)
Checks whether the error is set and has the given name.
void dbus_error_free(DBusError *error)
Frees an error that's been set (or just initialized), then reinitializes the error as in dbus_error_i...
dbus_bool_t dbus_error_is_set(const DBusError *error)
Checks whether an error occurred (the error is set).
#define _dbus_assert(condition)
Aborts with an error message if the condition is false.
dbus_bool_t _dbus_string_array_contains(const char **array, const char *str)
Checks whether a string array contains the given string.
#define _DBUS_N_ELEMENTS(array)
Computes the number of elements in a fixed-size array using sizeof().
char ** _dbus_dup_string_array(const char **array)
Duplicates a string array.
int _dbus_keyring_get_best_key(DBusKeyring *keyring, DBusError *error)
Gets a recent key to use for authentication.
dbus_bool_t _dbus_keyring_validate_context(const DBusString *context)
Checks whether the context is a valid context.
dbus_bool_t _dbus_keyring_is_for_credentials(DBusKeyring *keyring, DBusCredentials *credentials)
Checks whether the keyring is for the same user as the given credentials.
DBusKeyring * _dbus_keyring_new_for_credentials(DBusCredentials *credentials, const DBusString *context, DBusError *error)
Creates a new keyring that lives in the ~/.dbus-keyrings directory of the user represented by credent...
dbus_bool_t _dbus_keyring_get_hex_key(DBusKeyring *keyring, int key_id, DBusString *hex_key)
Gets the hex-encoded secret key for the given ID.
void _dbus_keyring_unref(DBusKeyring *keyring)
Decrements refcount and finalizes if it reaches zero.
void * _dbus_list_pop_first(DBusList **list)
Removes the first value in the list and returns it.
void _dbus_list_clear(DBusList **list)
Frees all links in the list and sets the list head to NULL.
dbus_bool_t _dbus_list_append(DBusList **list, void *data)
Appends a value to the list.
#define NULL
A null pointer, defined appropriately for C or C++.
#define TRUE
Expands to "1".
#define FALSE
Expands to "0".
void dbus_free(void *memory)
Frees a block of memory previously allocated by dbus_malloc() or dbus_malloc0().
void * dbus_malloc0(size_t bytes)
Allocates the given number of bytes, as with standard malloc(), but all bytes are initialized to zero...
void dbus_free_string_array(char **str_array)
Frees a NULL-terminated array of strings.
#define DBUS_VERSION_STRING
The COMPILE TIME version of libdbus, as a string "X.Y.Z".
#define DBUS_ERROR_NO_MEMORY
There was not enough memory to complete an operation.
dbus_bool_t _dbus_sha_compute(const DBusString *data, DBusString *ascii_output)
Computes the ASCII hex-encoded shasum of the given data and appends it to the output string.
dbus_bool_t _dbus_string_set_length(DBusString *str, int length)
Sets the length of a string.
dbus_bool_t _dbus_string_hex_decode(const DBusString *source, int start, int *end_return, DBusString *dest, int insert_at)
Decodes a string from hex encoding.
dbus_bool_t _dbus_string_append(DBusString *str, const char *buffer)
Appends a nul-terminated C-style string to a DBusString.
dbus_bool_t _dbus_string_init(DBusString *str)
Initializes a string.
dbus_bool_t _dbus_string_copy(const DBusString *source, int start, DBusString *dest, int insert_at)
Like _dbus_string_move(), but does not delete the section of the source string that's copied to the d...
DBUS_PRIVATE_EXPORT dbus_bool_t _dbus_string_append_int(DBusString *str, long value)
Appends an integer to a DBusString.
void _dbus_string_skip_blank(const DBusString *str, int start, int *end)
Skips blanks from start, storing the first non-blank in *end (blank is space or tab).
dbus_bool_t _dbus_string_find(const DBusString *str, int start, const char *substr, int *found)
Finds the given substring in the string, returning TRUE and filling in the byte index where the subst...
dbus_bool_t _dbus_string_validate_utf8(const DBusString *str, int start, int len)
Checks that the given range of the string is valid UTF-8.
dbus_bool_t _dbus_string_find_blank(const DBusString *str, int start, int *found)
Finds a blank (space or tab) in the string.
void _dbus_string_free(DBusString *str)
Frees a string created by _dbus_string_init(), and fills it with the same contents as #_DBUS_STRING_I...
void _dbus_string_delete(DBusString *str, int start, int len)
Deletes a segment of a DBusString with length len starting at start.
dbus_bool_t _dbus_string_equal_c_str(const DBusString *a, const char *c_str)
Checks whether a string is equal to a C string.
void _dbus_string_zero(DBusString *str)
Clears all allocated bytes in the string to zero.
DBUS_PRIVATE_EXPORT dbus_bool_t _dbus_string_parse_int(const DBusString *str, int start, long *value_return, int *end_return)
Parses an integer contained in a DBusString.
dbus_bool_t _dbus_string_validate_ascii(const DBusString *str, int start, int len)
Checks that the given range of the string is valid ASCII with no nul bytes.
int _dbus_string_get_length(const DBusString *str)
Gets the length of a string (not including nul termination).
dbus_bool_t _dbus_string_hex_encode(const DBusString *source, int start, DBusString *dest, int insert_at)
Encodes a string in hex, the way MD5 and SHA-1 are usually encoded.
dbus_bool_t _dbus_string_append_printf(DBusString *str, const char *format,...)
Appends a printf-style formatted string to the DBusString.
const char * _dbus_string_get_const_data(const DBusString *str)
Gets the raw character buffer from a const string.
dbus_bool_t _dbus_string_move(DBusString *source, int start, DBusString *dest, int insert_at)
Moves the end of one string into another string.
dbus_bool_t _dbus_string_equal(const DBusString *a, const DBusString *b)
Tests two DBusString for equality.
dbus_bool_t _dbus_string_copy_len(const DBusString *source, int start, int len, DBusString *dest, int insert_at)
Like _dbus_string_copy(), but can copy a segment from the middle of the source string.
dbus_bool_t _dbus_string_replace_len(const DBusString *source, int start, int len, DBusString *dest, int replace_at, int replace_len)
Replaces a segment of dest string with a segment of source string.
dbus_bool_t _dbus_credentials_add_from_user(DBusCredentials *credentials, const DBusString *username, DBusCredentialsAddFlags flags, DBusError *error)
Adds the credentials corresponding to the given username.
dbus_bool_t _dbus_generate_random_bytes(DBusString *str, int n_bytes, DBusError *error)
Generates the given number of securely random bytes, using the best mechanism we can come up with.
dbus_bool_t _dbus_append_user_from_current_process(DBusString *str)
Append to the string the identity we would like to have when we authenticate, on UNIX this is the cur...
dbus_uint32_t dbus_bool_t
A boolean, valid values are TRUE and FALSE.
"Subclass" of DBusAuth for client side
DBusList * mechs_to_try
Mechanisms we got from the server that we're going to try using.
DBusAuth base
Parent class.
DBusString guid_from_server
GUID received from server.
Mapping from command name to enum.
DBusAuthCommand command
Corresponding enum.
const char * name
Name of the command.
Virtual table representing a particular auth mechanism.
const char * mechanism
Name of the mechanism.
DBusAuthDataFunction server_data_func
Function on server side for DATA.
DBusAuthDataFunction client_data_func
Function on client side for DATA.
DBusInitialResponseFunction client_initial_response_func
Function on client side to handle initial response.
DBusAuthEncodeFunction server_encode_func
Function on server side to encode.
DBusAuthShutdownFunction server_shutdown_func
Function on server side to shut down.
DBusAuthDecodeFunction client_decode_func
Function on client side for decode.
DBusAuthDecodeFunction server_decode_func
Function on server side to decode.
DBusAuthShutdownFunction client_shutdown_func
Function on client side for shutdown.
DBusAuthEncodeFunction client_encode_func
Function on client side for encode.
"Subclass" of DBusAuth for server side.
int max_failures
Number of times we reject before disconnect.
DBusString guid
Our globally unique ID in hex encoding.
DBusAuth base
Parent class.
int failures
Number of times client has been rejected.
Information about a auth state.
DBusAuthStateFunction handler
State function for this state.
const char * name
Name of the state.
Internal members of DBusAuth.
unsigned int already_got_mechanisms
Client already got mech list.
const DBusAuthMechanismHandler * mech
Current auth mechanism.
char ** allowed_mechs
Mechanisms we're allowed to use, or NULL if we can use any.
unsigned int needed_memory
We needed memory to continue since last successful getting something done.
int cookie_id
ID of cookie to use.
const DBusAuthStateData * state
Current protocol state.
DBusString challenge
Challenge sent to client.
DBusCredentials * desired_identity
Identity client has requested.
unsigned int unix_fd_possible
This side could do unix fd passing.
const char * side
Client or server.
DBusString identity
Current identity we're authorizing as.
DBusString incoming
Incoming data buffer.
int refcount
reference count
unsigned int already_asked_for_initial_response
Already sent a blank challenge to get an initial response.
DBusKeyring * keyring
Keyring for cookie mechanism.
DBusString outgoing
Outgoing data buffer.
DBusCredentials * credentials
Credentials read from socket.
DBusString context
Cookie scope.
unsigned int unix_fd_negotiated
Unix fd was successfully negotiated.
unsigned int buffer_outstanding
Buffer is "checked out" for reading data into.
DBusCredentials * authorized_identity
Credentials that are authorized.
Object representing an exception.
const char * message
public error message field
Internals of DBusKeyring.
void * data
Data stored at this element.