D-Bus  1.13.7
dbus-auth.c
1 /* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
2 /* dbus-auth.c Authentication
3  *
4  * Copyright (C) 2002, 2003, 2004 Red Hat Inc.
5  *
6  * Licensed under the Academic Free License version 2.1
7  *
8  * This program is free software; you can redistribute it and/or modify
9  * it under the terms of the GNU General Public License as published by
10  * the Free Software Foundation; either version 2 of the License, or
11  * (at your option) any later version.
12  *
13  * This program is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16  * GNU General Public License for more details.
17  *
18  * You should have received a copy of the GNU General Public License
19  * along with this program; if not, write to the Free Software
20  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
21  *
22  */
23 
24 #include <config.h>
25 #include "dbus-auth.h"
26 #include "dbus-string.h"
27 #include "dbus-list.h"
28 #include "dbus-internals.h"
29 #include "dbus-keyring.h"
30 #include "dbus-sha.h"
31 #include "dbus-protocol.h"
32 #include "dbus-credentials.h"
33 
71  DBusString *response);
72 
78  const DBusString *data);
79 
84  const DBusString *data,
85  DBusString *encoded);
86 
91  const DBusString *data,
92  DBusString *decoded);
93 
97 typedef void (* DBusAuthShutdownFunction) (DBusAuth *auth);
98 
102 typedef struct
103 {
104  const char *mechanism;
115 
119 typedef enum {
120  DBUS_AUTH_COMMAND_AUTH,
121  DBUS_AUTH_COMMAND_CANCEL,
122  DBUS_AUTH_COMMAND_DATA,
123  DBUS_AUTH_COMMAND_BEGIN,
124  DBUS_AUTH_COMMAND_REJECTED,
125  DBUS_AUTH_COMMAND_OK,
126  DBUS_AUTH_COMMAND_ERROR,
127  DBUS_AUTH_COMMAND_UNKNOWN,
128  DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD,
129  DBUS_AUTH_COMMAND_AGREE_UNIX_FD
131 
138  DBusAuthCommand command,
139  const DBusString *args);
140 
144 typedef struct
145 {
146  const char *name;
149 
153 struct DBusAuth
154 {
155  int refcount;
156  const char *side;
178  int cookie_id;
181  char **allowed_mechs;
185  unsigned int needed_memory : 1;
188  unsigned int already_got_mechanisms : 1;
190  unsigned int buffer_outstanding : 1;
192  unsigned int unix_fd_possible : 1;
193  unsigned int unix_fd_negotiated : 1;
194 };
195 
199 typedef struct
200 {
208 
212 typedef struct
213 {
216  int failures;
222 
223 static void goto_state (DBusAuth *auth,
224  const DBusAuthStateData *new_state);
225 static dbus_bool_t send_auth (DBusAuth *auth,
227 static dbus_bool_t send_data (DBusAuth *auth,
228  DBusString *data);
229 static dbus_bool_t send_rejected (DBusAuth *auth);
230 static dbus_bool_t send_error (DBusAuth *auth,
231  const char *message);
232 static dbus_bool_t send_ok (DBusAuth *auth);
233 static dbus_bool_t send_begin (DBusAuth *auth);
234 static dbus_bool_t send_cancel (DBusAuth *auth);
235 static dbus_bool_t send_negotiate_unix_fd (DBusAuth *auth);
236 static dbus_bool_t send_agree_unix_fd (DBusAuth *auth);
237 
242 static dbus_bool_t handle_server_state_waiting_for_auth (DBusAuth *auth,
243  DBusAuthCommand command,
244  const DBusString *args);
245 static dbus_bool_t handle_server_state_waiting_for_data (DBusAuth *auth,
246  DBusAuthCommand command,
247  const DBusString *args);
248 static dbus_bool_t handle_server_state_waiting_for_begin (DBusAuth *auth,
249  DBusAuthCommand command,
250  const DBusString *args);
251 
252 static const DBusAuthStateData server_state_waiting_for_auth = {
253  "WaitingForAuth", handle_server_state_waiting_for_auth
254 };
255 static const DBusAuthStateData server_state_waiting_for_data = {
256  "WaitingForData", handle_server_state_waiting_for_data
257 };
258 static const DBusAuthStateData server_state_waiting_for_begin = {
259  "WaitingForBegin", handle_server_state_waiting_for_begin
260 };
261 
266 static dbus_bool_t handle_client_state_waiting_for_data (DBusAuth *auth,
267  DBusAuthCommand command,
268  const DBusString *args);
269 static dbus_bool_t handle_client_state_waiting_for_ok (DBusAuth *auth,
270  DBusAuthCommand command,
271  const DBusString *args);
272 static dbus_bool_t handle_client_state_waiting_for_reject (DBusAuth *auth,
273  DBusAuthCommand command,
274  const DBusString *args);
275 static dbus_bool_t handle_client_state_waiting_for_agree_unix_fd (DBusAuth *auth,
276  DBusAuthCommand command,
277  const DBusString *args);
278 
279 static const DBusAuthStateData client_state_need_send_auth = {
280  "NeedSendAuth", NULL
281 };
282 static const DBusAuthStateData client_state_waiting_for_data = {
283  "WaitingForData", handle_client_state_waiting_for_data
284 };
285 /* The WaitingForOK state doesn't appear to be used.
286  * See https://bugs.freedesktop.org/show_bug.cgi?id=97298 */
287 _DBUS_GNUC_UNUSED
288 static const DBusAuthStateData client_state_waiting_for_ok = {
289  "WaitingForOK", handle_client_state_waiting_for_ok
290 };
291 static const DBusAuthStateData client_state_waiting_for_reject = {
292  "WaitingForReject", handle_client_state_waiting_for_reject
293 };
294 static const DBusAuthStateData client_state_waiting_for_agree_unix_fd = {
295  "WaitingForAgreeUnixFD", handle_client_state_waiting_for_agree_unix_fd
296 };
297 
302 static const DBusAuthStateData common_state_authenticated = {
303  "Authenticated", NULL
304 };
305 
306 static const DBusAuthStateData common_state_need_disconnect = {
307  "NeedDisconnect", NULL
308 };
309 
310 static const char auth_side_client[] = "client";
311 static const char auth_side_server[] = "server";
316 #define DBUS_AUTH_IS_SERVER(auth) ((auth)->side == auth_side_server)
317 
321 #define DBUS_AUTH_IS_CLIENT(auth) ((auth)->side == auth_side_client)
322 
326 #define DBUS_AUTH_CLIENT(auth) ((DBusAuthClient*)(auth))
327 
331 #define DBUS_AUTH_SERVER(auth) ((DBusAuthServer*)(auth))
332 
338 #define DBUS_AUTH_NAME(auth) ((auth)->side)
339 
340 static DBusAuth*
341 _dbus_auth_new (int size)
342 {
343  DBusAuth *auth;
344 
345  auth = dbus_malloc0 (size);
346  if (auth == NULL)
347  return NULL;
348 
349  auth->refcount = 1;
350 
351  auth->keyring = NULL;
352  auth->cookie_id = -1;
353 
354  /* note that we don't use the max string length feature,
355  * because you can't use that feature if you're going to
356  * try to recover from out-of-memory (it creates
357  * what looks like unrecoverable inability to alloc
358  * more space in the string). But we do handle
359  * overlong buffers in _dbus_auth_do_work().
360  */
361 
362  if (!_dbus_string_init (&auth->incoming))
363  goto enomem_0;
364 
365  if (!_dbus_string_init (&auth->outgoing))
366  goto enomem_1;
367 
368  if (!_dbus_string_init (&auth->identity))
369  goto enomem_2;
370 
371  if (!_dbus_string_init (&auth->context))
372  goto enomem_3;
373 
374  if (!_dbus_string_init (&auth->challenge))
375  goto enomem_4;
376 
377  /* default context if none is specified */
378  if (!_dbus_string_append (&auth->context, "org_freedesktop_general"))
379  goto enomem_5;
380 
382  if (auth->credentials == NULL)
383  goto enomem_6;
384 
386  if (auth->authorized_identity == NULL)
387  goto enomem_7;
388 
390  if (auth->desired_identity == NULL)
391  goto enomem_8;
392 
393  return auth;
394 
395 #if 0
396  enomem_9:
398 #endif
399  enomem_8:
401  enomem_7:
403  enomem_6:
404  /* last alloc was an append to context, which is freed already below */ ;
405  enomem_5:
406  _dbus_string_free (&auth->challenge);
407  enomem_4:
408  _dbus_string_free (&auth->context);
409  enomem_3:
410  _dbus_string_free (&auth->identity);
411  enomem_2:
412  _dbus_string_free (&auth->outgoing);
413  enomem_1:
414  _dbus_string_free (&auth->incoming);
415  enomem_0:
416  dbus_free (auth);
417  return NULL;
418 }
419 
420 static void
421 shutdown_mech (DBusAuth *auth)
422 {
423  /* Cancel any auth */
425  _dbus_string_set_length (&auth->identity, 0);
426 
429 
430  if (auth->mech != NULL)
431  {
432  _dbus_verbose ("%s: Shutting down mechanism %s\n",
433  DBUS_AUTH_NAME (auth), auth->mech->mechanism);
434 
435  if (DBUS_AUTH_IS_CLIENT (auth))
436  (* auth->mech->client_shutdown_func) (auth);
437  else
438  (* auth->mech->server_shutdown_func) (auth);
439 
440  auth->mech = NULL;
441  }
442 }
443 
444 /*
445  * DBUS_COOKIE_SHA1 mechanism
446  */
447 
448 /* Returns TRUE but with an empty string hash if the
449  * cookie_id isn't known. As with all this code
450  * TRUE just means we had enough memory.
451  */
452 static dbus_bool_t
453 sha1_compute_hash (DBusAuth *auth,
454  int cookie_id,
455  const DBusString *server_challenge,
456  const DBusString *client_challenge,
457  DBusString *hash)
458 {
459  DBusString cookie;
460  DBusString to_hash;
461  dbus_bool_t retval;
462 
463  _dbus_assert (auth->keyring != NULL);
464 
465  retval = FALSE;
466 
467  if (!_dbus_string_init (&cookie))
468  return FALSE;
469 
471  &cookie))
472  goto out_0;
473 
474  if (_dbus_string_get_length (&cookie) == 0)
475  {
476  retval = TRUE;
477  goto out_0;
478  }
479 
480  if (!_dbus_string_init (&to_hash))
481  goto out_0;
482 
483  if (!_dbus_string_copy (server_challenge, 0,
484  &to_hash, _dbus_string_get_length (&to_hash)))
485  goto out_1;
486 
487  if (!_dbus_string_append (&to_hash, ":"))
488  goto out_1;
489 
490  if (!_dbus_string_copy (client_challenge, 0,
491  &to_hash, _dbus_string_get_length (&to_hash)))
492  goto out_1;
493 
494  if (!_dbus_string_append (&to_hash, ":"))
495  goto out_1;
496 
497  if (!_dbus_string_copy (&cookie, 0,
498  &to_hash, _dbus_string_get_length (&to_hash)))
499  goto out_1;
500 
501  if (!_dbus_sha_compute (&to_hash, hash))
502  goto out_1;
503 
504  retval = TRUE;
505 
506  out_1:
507  _dbus_string_zero (&to_hash);
508  _dbus_string_free (&to_hash);
509  out_0:
510  _dbus_string_zero (&cookie);
511  _dbus_string_free (&cookie);
512  return retval;
513 }
514 
519 #define N_CHALLENGE_BYTES (128/8)
520 
521 static dbus_bool_t
522 sha1_handle_first_client_response (DBusAuth *auth,
523  const DBusString *data)
524 {
525  /* We haven't sent a challenge yet, we're expecting a desired
526  * username from the client.
527  */
528  DBusString tmp;
529  DBusString tmp2;
530  dbus_bool_t retval = FALSE;
531  DBusError error = DBUS_ERROR_INIT;
532 
534 
535  if (_dbus_string_get_length (data) > 0)
536  {
537  if (_dbus_string_get_length (&auth->identity) > 0)
538  {
539  /* Tried to send two auth identities, wtf */
540  _dbus_verbose ("%s: client tried to send auth identity, but we already have one\n",
541  DBUS_AUTH_NAME (auth));
542  return send_rejected (auth);
543  }
544  else
545  {
546  /* this is our auth identity */
547  if (!_dbus_string_copy (data, 0, &auth->identity, 0))
548  return FALSE;
549  }
550  }
551 
553  DBUS_CREDENTIALS_ADD_FLAGS_USER_DATABASE,
554  &error))
555  {
557  {
558  dbus_error_free (&error);
559  goto out;
560  }
561 
562  _dbus_verbose ("%s: Did not get a valid username from client: %s\n",
563  DBUS_AUTH_NAME (auth), error.message);
564  dbus_error_free (&error);
565  return send_rejected (auth);
566  }
567 
568  if (!_dbus_string_init (&tmp))
569  return FALSE;
570 
571  if (!_dbus_string_init (&tmp2))
572  {
573  _dbus_string_free (&tmp);
574  return FALSE;
575  }
576 
577  /* we cache the keyring for speed, so here we drop it if it's the
578  * wrong one. FIXME caching the keyring here is useless since we use
579  * a different DBusAuth for every connection.
580  */
581  if (auth->keyring &&
583  auth->desired_identity))
584  {
586  auth->keyring = NULL;
587  }
588 
589  if (auth->keyring == NULL)
590  {
592  &auth->context,
593  &error);
594 
595  if (auth->keyring == NULL)
596  {
597  if (dbus_error_has_name (&error,
599  {
600  dbus_error_free (&error);
601  goto out;
602  }
603  else
604  {
605  _DBUS_ASSERT_ERROR_IS_SET (&error);
606  _dbus_verbose ("%s: Error loading keyring: %s\n",
607  DBUS_AUTH_NAME (auth), error.message);
608  if (send_rejected (auth))
609  retval = TRUE; /* retval is only about mem */
610  dbus_error_free (&error);
611  goto out;
612  }
613  }
614  else
615  {
616  _dbus_assert (!dbus_error_is_set (&error));
617  }
618  }
619 
620  _dbus_assert (auth->keyring != NULL);
621 
622  auth->cookie_id = _dbus_keyring_get_best_key (auth->keyring, &error);
623  if (auth->cookie_id < 0)
624  {
625  _DBUS_ASSERT_ERROR_IS_SET (&error);
626  _dbus_verbose ("%s: Could not get a cookie ID to send to client: %s\n",
627  DBUS_AUTH_NAME (auth), error.message);
628  if (send_rejected (auth))
629  retval = TRUE;
630  dbus_error_free (&error);
631  goto out;
632  }
633  else
634  {
635  _dbus_assert (!dbus_error_is_set (&error));
636  }
637 
638  if (!_dbus_string_copy (&auth->context, 0,
639  &tmp2, _dbus_string_get_length (&tmp2)))
640  goto out;
641 
642  if (!_dbus_string_append (&tmp2, " "))
643  goto out;
644 
645  if (!_dbus_string_append_int (&tmp2, auth->cookie_id))
646  goto out;
647 
648  if (!_dbus_string_append (&tmp2, " "))
649  goto out;
650 
651  if (!_dbus_generate_random_bytes (&tmp, N_CHALLENGE_BYTES, &error))
652  {
654  {
655  dbus_error_free (&error);
656  goto out;
657  }
658  else
659  {
660  _DBUS_ASSERT_ERROR_IS_SET (&error);
661  _dbus_verbose ("%s: Error generating challenge: %s\n",
662  DBUS_AUTH_NAME (auth), error.message);
663  if (send_rejected (auth))
664  retval = TRUE; /* retval is only about mem */
665 
666  dbus_error_free (&error);
667  goto out;
668  }
669  }
670 
672  if (!_dbus_string_hex_encode (&tmp, 0, &auth->challenge, 0))
673  goto out;
674 
675  if (!_dbus_string_hex_encode (&tmp, 0, &tmp2,
676  _dbus_string_get_length (&tmp2)))
677  goto out;
678 
679  if (!send_data (auth, &tmp2))
680  goto out;
681 
682  goto_state (auth, &server_state_waiting_for_data);
683  retval = TRUE;
684 
685  out:
686  _dbus_string_zero (&tmp);
687  _dbus_string_free (&tmp);
688  _dbus_string_zero (&tmp2);
689  _dbus_string_free (&tmp2);
690 
691  return retval;
692 }
693 
694 static dbus_bool_t
695 sha1_handle_second_client_response (DBusAuth *auth,
696  const DBusString *data)
697 {
698  /* We are expecting a response which is the hex-encoded client
699  * challenge, space, then SHA-1 hash of the concatenation of our
700  * challenge, ":", client challenge, ":", secret key, all
701  * hex-encoded.
702  */
703  int i;
704  DBusString client_challenge;
705  DBusString client_hash;
706  dbus_bool_t retval;
707  DBusString correct_hash;
708 
709  retval = FALSE;
710 
711  if (!_dbus_string_find_blank (data, 0, &i))
712  {
713  _dbus_verbose ("%s: no space separator in client response\n",
714  DBUS_AUTH_NAME (auth));
715  return send_rejected (auth);
716  }
717 
718  if (!_dbus_string_init (&client_challenge))
719  goto out_0;
720 
721  if (!_dbus_string_init (&client_hash))
722  goto out_1;
723 
724  if (!_dbus_string_copy_len (data, 0, i, &client_challenge,
725  0))
726  goto out_2;
727 
728  _dbus_string_skip_blank (data, i, &i);
729 
730  if (!_dbus_string_copy_len (data, i,
731  _dbus_string_get_length (data) - i,
732  &client_hash,
733  0))
734  goto out_2;
735 
736  if (_dbus_string_get_length (&client_challenge) == 0 ||
737  _dbus_string_get_length (&client_hash) == 0)
738  {
739  _dbus_verbose ("%s: zero-length client challenge or hash\n",
740  DBUS_AUTH_NAME (auth));
741  if (send_rejected (auth))
742  retval = TRUE;
743  goto out_2;
744  }
745 
746  if (!_dbus_string_init (&correct_hash))
747  goto out_2;
748 
749  if (!sha1_compute_hash (auth, auth->cookie_id,
750  &auth->challenge,
751  &client_challenge,
752  &correct_hash))
753  goto out_3;
754 
755  /* if cookie_id was invalid, then we get an empty hash */
756  if (_dbus_string_get_length (&correct_hash) == 0)
757  {
758  if (send_rejected (auth))
759  retval = TRUE;
760  goto out_3;
761  }
762 
763  if (!_dbus_string_equal (&client_hash, &correct_hash))
764  {
765  if (send_rejected (auth))
766  retval = TRUE;
767  goto out_3;
768  }
769 
771  auth->desired_identity))
772  goto out_3;
773 
774  /* Copy process ID from the socket credentials if it's there
775  */
777  DBUS_CREDENTIAL_UNIX_PROCESS_ID,
778  auth->credentials))
779  goto out_3;
780 
781  if (!send_ok (auth))
782  goto out_3;
783 
784  _dbus_verbose ("%s: authenticated client using DBUS_COOKIE_SHA1\n",
785  DBUS_AUTH_NAME (auth));
786 
787  retval = TRUE;
788 
789  out_3:
790  _dbus_string_zero (&correct_hash);
791  _dbus_string_free (&correct_hash);
792  out_2:
793  _dbus_string_zero (&client_hash);
794  _dbus_string_free (&client_hash);
795  out_1:
796  _dbus_string_free (&client_challenge);
797  out_0:
798  return retval;
799 }
800 
801 static dbus_bool_t
802 handle_server_data_cookie_sha1_mech (DBusAuth *auth,
803  const DBusString *data)
804 {
805  if (auth->cookie_id < 0)
806  return sha1_handle_first_client_response (auth, data);
807  else
808  return sha1_handle_second_client_response (auth, data);
809 }
810 
811 static void
812 handle_server_shutdown_cookie_sha1_mech (DBusAuth *auth)
813 {
814  auth->cookie_id = -1;
816 }
817 
818 static dbus_bool_t
819 handle_client_initial_response_cookie_sha1_mech (DBusAuth *auth,
820  DBusString *response)
821 {
822  DBusString username;
823  dbus_bool_t retval;
824 
825  retval = FALSE;
826 
827  if (!_dbus_string_init (&username))
828  return FALSE;
829 
831  goto out_0;
832 
833  if (!_dbus_string_hex_encode (&username, 0,
834  response,
835  _dbus_string_get_length (response)))
836  goto out_0;
837 
838  retval = TRUE;
839 
840  out_0:
841  _dbus_string_free (&username);
842 
843  return retval;
844 }
845 
846 static dbus_bool_t
847 handle_client_data_cookie_sha1_mech (DBusAuth *auth,
848  const DBusString *data)
849 {
850  /* The data we get from the server should be the cookie context
851  * name, the cookie ID, and the server challenge, separated by
852  * spaces. We send back our challenge string and the correct hash.
853  */
854  dbus_bool_t retval = FALSE;
856  DBusString cookie_id_str;
857  DBusString server_challenge;
858  DBusString client_challenge;
859  DBusString correct_hash;
860  DBusString tmp;
861  int i, j;
862  long val;
863  DBusError error = DBUS_ERROR_INIT;
864 
865  if (!_dbus_string_find_blank (data, 0, &i))
866  {
867  if (send_error (auth,
868  "Server did not send context/ID/challenge properly"))
869  retval = TRUE;
870  goto out_0;
871  }
872 
873  if (!_dbus_string_init (&context))
874  goto out_0;
875 
876  if (!_dbus_string_copy_len (data, 0, i,
877  &context, 0))
878  goto out_1;
879 
880  _dbus_string_skip_blank (data, i, &i);
881  if (!_dbus_string_find_blank (data, i, &j))
882  {
883  if (send_error (auth,
884  "Server did not send context/ID/challenge properly"))
885  retval = TRUE;
886  goto out_1;
887  }
888 
889  if (!_dbus_string_init (&cookie_id_str))
890  goto out_1;
891 
892  if (!_dbus_string_copy_len (data, i, j - i,
893  &cookie_id_str, 0))
894  goto out_2;
895 
896  if (!_dbus_string_init (&server_challenge))
897  goto out_2;
898 
899  i = j;
900  _dbus_string_skip_blank (data, i, &i);
901  j = _dbus_string_get_length (data);
902 
903  if (!_dbus_string_copy_len (data, i, j - i,
904  &server_challenge, 0))
905  goto out_3;
906 
907  if (!_dbus_keyring_validate_context (&context))
908  {
909  if (send_error (auth, "Server sent invalid cookie context"))
910  retval = TRUE;
911  goto out_3;
912  }
913 
914  if (!_dbus_string_parse_int (&cookie_id_str, 0, &val, NULL))
915  {
916  if (send_error (auth, "Could not parse cookie ID as an integer"))
917  retval = TRUE;
918  goto out_3;
919  }
920 
921  if (_dbus_string_get_length (&server_challenge) == 0)
922  {
923  if (send_error (auth, "Empty server challenge string"))
924  retval = TRUE;
925  goto out_3;
926  }
927 
928  if (auth->keyring == NULL)
929  {
931  &context,
932  &error);
933 
934  if (auth->keyring == NULL)
935  {
936  if (dbus_error_has_name (&error,
938  {
939  dbus_error_free (&error);
940  goto out_3;
941  }
942  else
943  {
944  _DBUS_ASSERT_ERROR_IS_SET (&error);
945 
946  _dbus_verbose ("%s: Error loading keyring: %s\n",
947  DBUS_AUTH_NAME (auth), error.message);
948 
949  if (send_error (auth, "Could not load cookie file"))
950  retval = TRUE; /* retval is only about mem */
951 
952  dbus_error_free (&error);
953  goto out_3;
954  }
955  }
956  else
957  {
958  _dbus_assert (!dbus_error_is_set (&error));
959  }
960  }
961 
962  _dbus_assert (auth->keyring != NULL);
963 
964  if (!_dbus_string_init (&tmp))
965  goto out_3;
966 
967  if (!_dbus_generate_random_bytes (&tmp, N_CHALLENGE_BYTES, &error))
968  {
970  {
971  dbus_error_free (&error);
972  goto out_4;
973  }
974  else
975  {
976  _DBUS_ASSERT_ERROR_IS_SET (&error);
977 
978  _dbus_verbose ("%s: Failed to generate challenge: %s\n",
979  DBUS_AUTH_NAME (auth), error.message);
980 
981  if (send_error (auth, "Failed to generate challenge"))
982  retval = TRUE; /* retval is only about mem */
983 
984  dbus_error_free (&error);
985  goto out_4;
986  }
987  }
988 
989  if (!_dbus_string_init (&client_challenge))
990  goto out_4;
991 
992  if (!_dbus_string_hex_encode (&tmp, 0, &client_challenge, 0))
993  goto out_5;
994 
995  if (!_dbus_string_init (&correct_hash))
996  goto out_5;
997 
998  if (!sha1_compute_hash (auth, val,
999  &server_challenge,
1000  &client_challenge,
1001  &correct_hash))
1002  goto out_6;
1003 
1004  if (_dbus_string_get_length (&correct_hash) == 0)
1005  {
1006  /* couldn't find the cookie ID or something */
1007  if (send_error (auth, "Don't have the requested cookie ID"))
1008  retval = TRUE;
1009  goto out_6;
1010  }
1011 
1012  _dbus_string_set_length (&tmp, 0);
1013 
1014  if (!_dbus_string_copy (&client_challenge, 0, &tmp,
1015  _dbus_string_get_length (&tmp)))
1016  goto out_6;
1017 
1018  if (!_dbus_string_append (&tmp, " "))
1019  goto out_6;
1020 
1021  if (!_dbus_string_copy (&correct_hash, 0, &tmp,
1022  _dbus_string_get_length (&tmp)))
1023  goto out_6;
1024 
1025  if (!send_data (auth, &tmp))
1026  goto out_6;
1027 
1028  retval = TRUE;
1029 
1030  out_6:
1031  _dbus_string_zero (&correct_hash);
1032  _dbus_string_free (&correct_hash);
1033  out_5:
1034  _dbus_string_free (&client_challenge);
1035  out_4:
1036  _dbus_string_zero (&tmp);
1037  _dbus_string_free (&tmp);
1038  out_3:
1039  _dbus_string_free (&server_challenge);
1040  out_2:
1041  _dbus_string_free (&cookie_id_str);
1042  out_1:
1043  _dbus_string_free (&context);
1044  out_0:
1045  return retval;
1046 }
1047 
1048 static void
1049 handle_client_shutdown_cookie_sha1_mech (DBusAuth *auth)
1050 {
1051  auth->cookie_id = -1;
1052  _dbus_string_set_length (&auth->challenge, 0);
1053 }
1054 
1055 /*
1056  * EXTERNAL mechanism
1057  */
1058 
1059 static dbus_bool_t
1060 handle_server_data_external_mech (DBusAuth *auth,
1061  const DBusString *data)
1062 {
1064  {
1065  _dbus_verbose ("%s: no credentials, mechanism EXTERNAL can't authenticate\n",
1066  DBUS_AUTH_NAME (auth));
1067  return send_rejected (auth);
1068  }
1069 
1070  if (_dbus_string_get_length (data) > 0)
1071  {
1072  if (_dbus_string_get_length (&auth->identity) > 0)
1073  {
1074  /* Tried to send two auth identities, wtf */
1075  _dbus_verbose ("%s: client tried to send auth identity, but we already have one\n",
1076  DBUS_AUTH_NAME (auth));
1077  return send_rejected (auth);
1078  }
1079  else
1080  {
1081  /* this is our auth identity */
1082  if (!_dbus_string_copy (data, 0, &auth->identity, 0))
1083  return FALSE;
1084  }
1085  }
1086 
1087  /* Poke client for an auth identity, if none given */
1088  if (_dbus_string_get_length (&auth->identity) == 0 &&
1090  {
1091  if (send_data (auth, NULL))
1092  {
1093  _dbus_verbose ("%s: sending empty challenge asking client for auth identity\n",
1094  DBUS_AUTH_NAME (auth));
1096  goto_state (auth, &server_state_waiting_for_data);
1097  return TRUE;
1098  }
1099  else
1100  return FALSE;
1101  }
1102 
1104 
1105  /* If auth->identity is still empty here, then client
1106  * responded with an empty string after we poked it for
1107  * an initial response. This means to try to auth the
1108  * identity provided in the credentials.
1109  */
1110  if (_dbus_string_get_length (&auth->identity) == 0)
1111  {
1113  auth->credentials))
1114  {
1115  return FALSE; /* OOM */
1116  }
1117  }
1118  else
1119  {
1120  DBusError error = DBUS_ERROR_INIT;
1121 
1123  &auth->identity,
1124  DBUS_CREDENTIALS_ADD_FLAGS_NONE,
1125  &error))
1126  {
1128  {
1129  dbus_error_free (&error);
1130  return FALSE;
1131  }
1132 
1133  _dbus_verbose ("%s: could not get credentials from uid string: %s\n",
1134  DBUS_AUTH_NAME (auth), error.message);
1135  dbus_error_free (&error);
1136  return send_rejected (auth);
1137  }
1138  }
1139 
1141  {
1142  _dbus_verbose ("%s: desired user %s is no good\n",
1143  DBUS_AUTH_NAME (auth),
1144  _dbus_string_get_const_data (&auth->identity));
1145  return send_rejected (auth);
1146  }
1147 
1149  auth->desired_identity))
1150  {
1151  /* client has authenticated */
1153  auth->desired_identity))
1154  return FALSE;
1155 
1156  /* also copy misc process info from the socket credentials
1157  */
1159  DBUS_CREDENTIAL_UNIX_PROCESS_ID,
1160  auth->credentials))
1161  return FALSE;
1162 
1164  DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID,
1165  auth->credentials))
1166  return FALSE;
1167 
1169  DBUS_CREDENTIAL_UNIX_GROUP_IDS,
1170  auth->credentials))
1171  return FALSE;
1172 
1174  DBUS_CREDENTIAL_LINUX_SECURITY_LABEL,
1175  auth->credentials))
1176  return FALSE;
1177 
1178  if (!send_ok (auth))
1179  return FALSE;
1180 
1181  _dbus_verbose ("%s: authenticated client based on socket credentials\n",
1182  DBUS_AUTH_NAME (auth));
1183 
1184  return TRUE;
1185  }
1186  else
1187  {
1188  _dbus_verbose ("%s: desired identity not found in socket credentials\n",
1189  DBUS_AUTH_NAME (auth));
1190  return send_rejected (auth);
1191  }
1192 }
1193 
1194 static void
1195 handle_server_shutdown_external_mech (DBusAuth *auth)
1196 {
1197 
1198 }
1199 
1200 static dbus_bool_t
1201 handle_client_initial_response_external_mech (DBusAuth *auth,
1202  DBusString *response)
1203 {
1204  /* We always append our UID as an initial response, so the server
1205  * doesn't have to send back an empty challenge to check whether we
1206  * want to specify an identity. i.e. this avoids a round trip that
1207  * the spec for the EXTERNAL mechanism otherwise requires.
1208  */
1209  DBusString plaintext;
1210 
1211  if (!_dbus_string_init (&plaintext))
1212  return FALSE;
1213 
1214  if (!_dbus_append_user_from_current_process (&plaintext))
1215  goto failed;
1216 
1217  if (!_dbus_string_hex_encode (&plaintext, 0,
1218  response,
1219  _dbus_string_get_length (response)))
1220  goto failed;
1221 
1222  _dbus_string_free (&plaintext);
1223 
1224  return TRUE;
1225 
1226  failed:
1227  _dbus_string_free (&plaintext);
1228  return FALSE;
1229 }
1230 
1231 static dbus_bool_t
1232 handle_client_data_external_mech (DBusAuth *auth,
1233  const DBusString *data)
1234 {
1235 
1236  return TRUE;
1237 }
1238 
1239 static void
1240 handle_client_shutdown_external_mech (DBusAuth *auth)
1241 {
1242 
1243 }
1244 
1245 /*
1246  * ANONYMOUS mechanism
1247  */
1248 
1249 static dbus_bool_t
1250 handle_server_data_anonymous_mech (DBusAuth *auth,
1251  const DBusString *data)
1252 {
1253  if (_dbus_string_get_length (data) > 0)
1254  {
1255  /* Client is allowed to send "trace" data, the only defined
1256  * meaning is that if it contains '@' it is an email address,
1257  * and otherwise it is anything else, and it's supposed to be
1258  * UTF-8
1259  */
1260  if (!_dbus_string_validate_utf8 (data, 0, _dbus_string_get_length (data)))
1261  {
1262  _dbus_verbose ("%s: Received invalid UTF-8 trace data from ANONYMOUS client\n",
1263  DBUS_AUTH_NAME (auth));
1264  return send_rejected (auth);
1265  }
1266 
1267  _dbus_verbose ("%s: ANONYMOUS client sent trace string: '%s'\n",
1268  DBUS_AUTH_NAME (auth),
1269  _dbus_string_get_const_data (data));
1270  }
1271 
1272  /* We want to be anonymous (clear in case some other protocol got midway through I guess) */
1274 
1275  /* Copy process ID from the socket credentials
1276  */
1278  DBUS_CREDENTIAL_UNIX_PROCESS_ID,
1279  auth->credentials))
1280  return FALSE;
1281 
1282  /* Anonymous is always allowed */
1283  if (!send_ok (auth))
1284  return FALSE;
1285 
1286  _dbus_verbose ("%s: authenticated client as anonymous\n",
1287  DBUS_AUTH_NAME (auth));
1288 
1289  return TRUE;
1290 }
1291 
1292 static void
1293 handle_server_shutdown_anonymous_mech (DBusAuth *auth)
1294 {
1295 
1296 }
1297 
1298 static dbus_bool_t
1299 handle_client_initial_response_anonymous_mech (DBusAuth *auth,
1300  DBusString *response)
1301 {
1302  /* Our initial response is a "trace" string which must be valid UTF-8
1303  * and must be an email address if it contains '@'.
1304  * We just send the dbus implementation info, like a user-agent or
1305  * something, because... why not. There's nothing guaranteed here
1306  * though, we could change it later.
1307  */
1308  DBusString plaintext;
1309 
1310  if (!_dbus_string_init (&plaintext))
1311  return FALSE;
1312 
1313  if (!_dbus_string_append (&plaintext,
1314  "libdbus " DBUS_VERSION_STRING))
1315  goto failed;
1316 
1317  if (!_dbus_string_hex_encode (&plaintext, 0,
1318  response,
1319  _dbus_string_get_length (response)))
1320  goto failed;
1321 
1322  _dbus_string_free (&plaintext);
1323 
1324  return TRUE;
1325 
1326  failed:
1327  _dbus_string_free (&plaintext);
1328  return FALSE;
1329 }
1330 
1331 static dbus_bool_t
1332 handle_client_data_anonymous_mech (DBusAuth *auth,
1333  const DBusString *data)
1334 {
1335 
1336  return TRUE;
1337 }
1338 
1339 static void
1340 handle_client_shutdown_anonymous_mech (DBusAuth *auth)
1341 {
1342 
1343 }
1344 
1345 /* Put mechanisms here in order of preference.
1346  * Right now we have:
1347  *
1348  * - EXTERNAL checks socket credentials (or in the future, other info from the OS)
1349  * - DBUS_COOKIE_SHA1 uses a cookie in the home directory, like xauth or ICE
1350  * - ANONYMOUS checks nothing but doesn't auth the person as a user
1351  *
1352  * We might ideally add a mechanism to chain to Cyrus SASL so we can
1353  * use its mechanisms as well.
1354  *
1355  */
1356 static const DBusAuthMechanismHandler
1357 all_mechanisms[] = {
1358  { "EXTERNAL",
1359  handle_server_data_external_mech,
1360  NULL, NULL,
1361  handle_server_shutdown_external_mech,
1362  handle_client_initial_response_external_mech,
1363  handle_client_data_external_mech,
1364  NULL, NULL,
1365  handle_client_shutdown_external_mech },
1366  { "DBUS_COOKIE_SHA1",
1367  handle_server_data_cookie_sha1_mech,
1368  NULL, NULL,
1369  handle_server_shutdown_cookie_sha1_mech,
1370  handle_client_initial_response_cookie_sha1_mech,
1371  handle_client_data_cookie_sha1_mech,
1372  NULL, NULL,
1373  handle_client_shutdown_cookie_sha1_mech },
1374  { "ANONYMOUS",
1375  handle_server_data_anonymous_mech,
1376  NULL, NULL,
1377  handle_server_shutdown_anonymous_mech,
1378  handle_client_initial_response_anonymous_mech,
1379  handle_client_data_anonymous_mech,
1380  NULL, NULL,
1381  handle_client_shutdown_anonymous_mech },
1382  { NULL, NULL }
1383 };
1384 
1385 static const DBusAuthMechanismHandler*
1386 find_mech (const DBusString *name,
1387  char **allowed_mechs)
1388 {
1389  int i;
1390 
1391  if (allowed_mechs != NULL &&
1392  !_dbus_string_array_contains ((const char**) allowed_mechs,
1393  _dbus_string_get_const_data (name)))
1394  return NULL;
1395 
1396  i = 0;
1397  while (all_mechanisms[i].mechanism != NULL)
1398  {
1399  if (_dbus_string_equal_c_str (name,
1400  all_mechanisms[i].mechanism))
1401 
1402  return &all_mechanisms[i];
1403 
1404  ++i;
1405  }
1406 
1407  return NULL;
1408 }
1409 
1410 static dbus_bool_t
1411 send_auth (DBusAuth *auth, const DBusAuthMechanismHandler *mech)
1412 {
1413  DBusString auth_command;
1414 
1415  if (!_dbus_string_init (&auth_command))
1416  return FALSE;
1417 
1418  if (!_dbus_string_append (&auth_command,
1419  "AUTH "))
1420  {
1421  _dbus_string_free (&auth_command);
1422  return FALSE;
1423  }
1424 
1425  if (!_dbus_string_append (&auth_command,
1426  mech->mechanism))
1427  {
1428  _dbus_string_free (&auth_command);
1429  return FALSE;
1430  }
1431 
1432  if (mech->client_initial_response_func != NULL)
1433  {
1434  if (!_dbus_string_append (&auth_command, " "))
1435  {
1436  _dbus_string_free (&auth_command);
1437  return FALSE;
1438  }
1439 
1440  if (!(* mech->client_initial_response_func) (auth, &auth_command))
1441  {
1442  _dbus_string_free (&auth_command);
1443  return FALSE;
1444  }
1445  }
1446 
1447  if (!_dbus_string_append (&auth_command,
1448  "\r\n"))
1449  {
1450  _dbus_string_free (&auth_command);
1451  return FALSE;
1452  }
1453 
1454  if (!_dbus_string_copy (&auth_command, 0,
1455  &auth->outgoing,
1456  _dbus_string_get_length (&auth->outgoing)))
1457  {
1458  _dbus_string_free (&auth_command);
1459  return FALSE;
1460  }
1461 
1462  _dbus_string_free (&auth_command);
1463  shutdown_mech (auth);
1464  auth->mech = mech;
1465  goto_state (auth, &client_state_waiting_for_data);
1466 
1467  return TRUE;
1468 }
1469 
1470 static dbus_bool_t
1471 send_data (DBusAuth *auth, DBusString *data)
1472 {
1473  int old_len;
1474 
1475  if (data == NULL || _dbus_string_get_length (data) == 0)
1476  return _dbus_string_append (&auth->outgoing, "DATA\r\n");
1477  else
1478  {
1479  old_len = _dbus_string_get_length (&auth->outgoing);
1480  if (!_dbus_string_append (&auth->outgoing, "DATA "))
1481  goto out;
1482 
1483  if (!_dbus_string_hex_encode (data, 0, &auth->outgoing,
1484  _dbus_string_get_length (&auth->outgoing)))
1485  goto out;
1486 
1487  if (!_dbus_string_append (&auth->outgoing, "\r\n"))
1488  goto out;
1489 
1490  return TRUE;
1491 
1492  out:
1493  _dbus_string_set_length (&auth->outgoing, old_len);
1494 
1495  return FALSE;
1496  }
1497 }
1498 
1499 static dbus_bool_t
1500 send_rejected (DBusAuth *auth)
1501 {
1502  DBusString command;
1503  DBusAuthServer *server_auth;
1504  int i;
1505 
1506  if (!_dbus_string_init (&command))
1507  return FALSE;
1508 
1509  if (!_dbus_string_append (&command,
1510  "REJECTED"))
1511  goto nomem;
1512 
1513  for (i = 0; all_mechanisms[i].mechanism != NULL; i++)
1514  {
1515  /* skip mechanisms that aren't allowed */
1516  if (auth->allowed_mechs != NULL &&
1517  !_dbus_string_array_contains ((const char**)auth->allowed_mechs,
1518  all_mechanisms[i].mechanism))
1519  continue;
1520 
1521  if (!_dbus_string_append (&command,
1522  " "))
1523  goto nomem;
1524 
1525  if (!_dbus_string_append (&command,
1526  all_mechanisms[i].mechanism))
1527  goto nomem;
1528  }
1529 
1530  if (!_dbus_string_append (&command, "\r\n"))
1531  goto nomem;
1532 
1533  if (!_dbus_string_copy (&command, 0, &auth->outgoing,
1534  _dbus_string_get_length (&auth->outgoing)))
1535  goto nomem;
1536 
1537  shutdown_mech (auth);
1538 
1540  server_auth = DBUS_AUTH_SERVER (auth);
1541  server_auth->failures += 1;
1542 
1543  if (server_auth->failures >= server_auth->max_failures)
1544  goto_state (auth, &common_state_need_disconnect);
1545  else
1546  goto_state (auth, &server_state_waiting_for_auth);
1547 
1548  _dbus_string_free (&command);
1549 
1550  return TRUE;
1551 
1552  nomem:
1553  _dbus_string_free (&command);
1554  return FALSE;
1555 }
1556 
1557 static dbus_bool_t
1558 send_error (DBusAuth *auth, const char *message)
1559 {
1560  return _dbus_string_append_printf (&auth->outgoing,
1561  "ERROR \"%s\"\r\n", message);
1562 }
1563 
1564 static dbus_bool_t
1565 send_ok (DBusAuth *auth)
1566 {
1567  int orig_len;
1568 
1569  orig_len = _dbus_string_get_length (&auth->outgoing);
1570 
1571  if (_dbus_string_append (&auth->outgoing, "OK ") &&
1572  _dbus_string_copy (& DBUS_AUTH_SERVER (auth)->guid,
1573  0,
1574  &auth->outgoing,
1575  _dbus_string_get_length (&auth->outgoing)) &&
1576  _dbus_string_append (&auth->outgoing, "\r\n"))
1577  {
1578  goto_state (auth, &server_state_waiting_for_begin);
1579  return TRUE;
1580  }
1581  else
1582  {
1583  _dbus_string_set_length (&auth->outgoing, orig_len);
1584  return FALSE;
1585  }
1586 }
1587 
1588 static dbus_bool_t
1589 send_begin (DBusAuth *auth)
1590 {
1591 
1592  if (!_dbus_string_append (&auth->outgoing,
1593  "BEGIN\r\n"))
1594  return FALSE;
1595 
1596  goto_state (auth, &common_state_authenticated);
1597  return TRUE;
1598 }
1599 
1600 static dbus_bool_t
1601 process_ok(DBusAuth *auth,
1602  const DBusString *args_from_ok) {
1603 
1604  int end_of_hex;
1605 
1606  /* "args_from_ok" should be the GUID, whitespace already pulled off the front */
1607  _dbus_assert (_dbus_string_get_length (& DBUS_AUTH_CLIENT (auth)->guid_from_server) == 0);
1608 
1609  /* We decode the hex string to binary, using guid_from_server as scratch... */
1610 
1611  end_of_hex = 0;
1612  if (!_dbus_string_hex_decode (args_from_ok, 0, &end_of_hex,
1613  & DBUS_AUTH_CLIENT (auth)->guid_from_server, 0))
1614  return FALSE;
1615 
1616  /* now clear out the scratch */
1617  _dbus_string_set_length (& DBUS_AUTH_CLIENT (auth)->guid_from_server, 0);
1618 
1619  if (end_of_hex != _dbus_string_get_length (args_from_ok) ||
1620  end_of_hex == 0)
1621  {
1622  _dbus_verbose ("Bad GUID from server, parsed %d bytes and had %d bytes from server\n",
1623  end_of_hex, _dbus_string_get_length (args_from_ok));
1624  goto_state (auth, &common_state_need_disconnect);
1625  return TRUE;
1626  }
1627 
1628  if (!_dbus_string_copy (args_from_ok, 0, &DBUS_AUTH_CLIENT (auth)->guid_from_server, 0)) {
1629  _dbus_string_set_length (& DBUS_AUTH_CLIENT (auth)->guid_from_server, 0);
1630  return FALSE;
1631  }
1632 
1633  _dbus_verbose ("Got GUID '%s' from the server\n",
1634  _dbus_string_get_const_data (& DBUS_AUTH_CLIENT (auth)->guid_from_server));
1635 
1636  if (auth->unix_fd_possible)
1637  return send_negotiate_unix_fd(auth);
1638 
1639  _dbus_verbose("Not negotiating unix fd passing, since not possible\n");
1640  return send_begin (auth);
1641 }
1642 
1643 static dbus_bool_t
1644 send_cancel (DBusAuth *auth)
1645 {
1646  if (_dbus_string_append (&auth->outgoing, "CANCEL\r\n"))
1647  {
1648  goto_state (auth, &client_state_waiting_for_reject);
1649  return TRUE;
1650  }
1651  else
1652  return FALSE;
1653 }
1654 
1655 static dbus_bool_t
1656 process_data (DBusAuth *auth,
1657  const DBusString *args,
1658  DBusAuthDataFunction data_func)
1659 {
1660  int end;
1661  DBusString decoded;
1662 
1663  if (!_dbus_string_init (&decoded))
1664  return FALSE;
1665 
1666  if (!_dbus_string_hex_decode (args, 0, &end, &decoded, 0))
1667  {
1668  _dbus_string_free (&decoded);
1669  return FALSE;
1670  }
1671 
1672  if (_dbus_string_get_length (args) != end)
1673  {
1674  _dbus_string_free (&decoded);
1675  if (!send_error (auth, "Invalid hex encoding"))
1676  return FALSE;
1677 
1678  return TRUE;
1679  }
1680 
1681 #ifdef DBUS_ENABLE_VERBOSE_MODE
1682  if (_dbus_string_validate_ascii (&decoded, 0,
1683  _dbus_string_get_length (&decoded)))
1684  _dbus_verbose ("%s: data: '%s'\n",
1685  DBUS_AUTH_NAME (auth),
1686  _dbus_string_get_const_data (&decoded));
1687 #endif
1688 
1689  if (!(* data_func) (auth, &decoded))
1690  {
1691  _dbus_string_free (&decoded);
1692  return FALSE;
1693  }
1694 
1695  _dbus_string_free (&decoded);
1696  return TRUE;
1697 }
1698 
1699 static dbus_bool_t
1700 send_negotiate_unix_fd (DBusAuth *auth)
1701 {
1702  if (!_dbus_string_append (&auth->outgoing,
1703  "NEGOTIATE_UNIX_FD\r\n"))
1704  return FALSE;
1705 
1706  goto_state (auth, &client_state_waiting_for_agree_unix_fd);
1707  return TRUE;
1708 }
1709 
1710 static dbus_bool_t
1711 send_agree_unix_fd (DBusAuth *auth)
1712 {
1714 
1715  auth->unix_fd_negotiated = TRUE;
1716  _dbus_verbose("Agreed to UNIX FD passing\n");
1717 
1718  if (!_dbus_string_append (&auth->outgoing,
1719  "AGREE_UNIX_FD\r\n"))
1720  return FALSE;
1721 
1722  goto_state (auth, &server_state_waiting_for_begin);
1723  return TRUE;
1724 }
1725 
1726 static dbus_bool_t
1727 handle_auth (DBusAuth *auth, const DBusString *args)
1728 {
1729  if (_dbus_string_get_length (args) == 0)
1730  {
1731  /* No args to the auth, send mechanisms */
1732  if (!send_rejected (auth))
1733  return FALSE;
1734 
1735  return TRUE;
1736  }
1737  else
1738  {
1739  int i;
1740  DBusString mech;
1741  DBusString hex_response;
1742 
1743  _dbus_string_find_blank (args, 0, &i);
1744 
1745  if (!_dbus_string_init (&mech))
1746  return FALSE;
1747 
1748  if (!_dbus_string_init (&hex_response))
1749  {
1750  _dbus_string_free (&mech);
1751  return FALSE;
1752  }
1753 
1754  if (!_dbus_string_copy_len (args, 0, i, &mech, 0))
1755  goto failed;
1756 
1757  _dbus_string_skip_blank (args, i, &i);
1758  if (!_dbus_string_copy (args, i, &hex_response, 0))
1759  goto failed;
1760 
1761  auth->mech = find_mech (&mech, auth->allowed_mechs);
1762  if (auth->mech != NULL)
1763  {
1764  _dbus_verbose ("%s: Trying mechanism %s\n",
1765  DBUS_AUTH_NAME (auth),
1766  auth->mech->mechanism);
1767 
1768  if (!process_data (auth, &hex_response,
1769  auth->mech->server_data_func))
1770  goto failed;
1771  }
1772  else
1773  {
1774  /* Unsupported mechanism */
1775  _dbus_verbose ("%s: Unsupported mechanism %s\n",
1776  DBUS_AUTH_NAME (auth),
1777  _dbus_string_get_const_data (&mech));
1778 
1779  if (!send_rejected (auth))
1780  goto failed;
1781  }
1782 
1783  _dbus_string_free (&mech);
1784  _dbus_string_free (&hex_response);
1785 
1786  return TRUE;
1787 
1788  failed:
1789  auth->mech = NULL;
1790  _dbus_string_free (&mech);
1791  _dbus_string_free (&hex_response);
1792  return FALSE;
1793  }
1794 }
1795 
1796 static dbus_bool_t
1797 handle_server_state_waiting_for_auth (DBusAuth *auth,
1798  DBusAuthCommand command,
1799  const DBusString *args)
1800 {
1801  switch (command)
1802  {
1803  case DBUS_AUTH_COMMAND_AUTH:
1804  return handle_auth (auth, args);
1805 
1806  case DBUS_AUTH_COMMAND_CANCEL:
1807  case DBUS_AUTH_COMMAND_DATA:
1808  return send_error (auth, "Not currently in an auth conversation");
1809 
1810  case DBUS_AUTH_COMMAND_BEGIN:
1811  goto_state (auth, &common_state_need_disconnect);
1812  return TRUE;
1813 
1814  case DBUS_AUTH_COMMAND_ERROR:
1815  return send_rejected (auth);
1816 
1817  case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
1818  return send_error (auth, "Need to authenticate first");
1819 
1820  case DBUS_AUTH_COMMAND_REJECTED:
1821  case DBUS_AUTH_COMMAND_OK:
1822  case DBUS_AUTH_COMMAND_UNKNOWN:
1823  case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
1824  default:
1825  return send_error (auth, "Unknown command");
1826  }
1827 }
1828 
1829 static dbus_bool_t
1830 handle_server_state_waiting_for_data (DBusAuth *auth,
1831  DBusAuthCommand command,
1832  const DBusString *args)
1833 {
1834  switch (command)
1835  {
1836  case DBUS_AUTH_COMMAND_AUTH:
1837  return send_error (auth, "Sent AUTH while another AUTH in progress");
1838 
1839  case DBUS_AUTH_COMMAND_CANCEL:
1840  case DBUS_AUTH_COMMAND_ERROR:
1841  return send_rejected (auth);
1842 
1843  case DBUS_AUTH_COMMAND_DATA:
1844  return process_data (auth, args, auth->mech->server_data_func);
1845 
1846  case DBUS_AUTH_COMMAND_BEGIN:
1847  goto_state (auth, &common_state_need_disconnect);
1848  return TRUE;
1849 
1850  case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
1851  return send_error (auth, "Need to authenticate first");
1852 
1853  case DBUS_AUTH_COMMAND_REJECTED:
1854  case DBUS_AUTH_COMMAND_OK:
1855  case DBUS_AUTH_COMMAND_UNKNOWN:
1856  case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
1857  default:
1858  return send_error (auth, "Unknown command");
1859  }
1860 }
1861 
1862 static dbus_bool_t
1863 handle_server_state_waiting_for_begin (DBusAuth *auth,
1864  DBusAuthCommand command,
1865  const DBusString *args)
1866 {
1867  switch (command)
1868  {
1869  case DBUS_AUTH_COMMAND_AUTH:
1870  return send_error (auth, "Sent AUTH while expecting BEGIN");
1871 
1872  case DBUS_AUTH_COMMAND_DATA:
1873  return send_error (auth, "Sent DATA while expecting BEGIN");
1874 
1875  case DBUS_AUTH_COMMAND_BEGIN:
1876  goto_state (auth, &common_state_authenticated);
1877  return TRUE;
1878 
1879  case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
1880  if (auth->unix_fd_possible)
1881  return send_agree_unix_fd(auth);
1882  else
1883  return send_error(auth, "Unix FD passing not supported, not authenticated or otherwise not possible");
1884 
1885  case DBUS_AUTH_COMMAND_REJECTED:
1886  case DBUS_AUTH_COMMAND_OK:
1887  case DBUS_AUTH_COMMAND_UNKNOWN:
1888  case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
1889  default:
1890  return send_error (auth, "Unknown command");
1891 
1892  case DBUS_AUTH_COMMAND_CANCEL:
1893  case DBUS_AUTH_COMMAND_ERROR:
1894  return send_rejected (auth);
1895  }
1896 }
1897 
1898 /* return FALSE if no memory, TRUE if all OK */
1899 static dbus_bool_t
1900 get_word (const DBusString *str,
1901  int *start,
1902  DBusString *word)
1903 {
1904  int i;
1905 
1906  _dbus_string_skip_blank (str, *start, start);
1907  _dbus_string_find_blank (str, *start, &i);
1908 
1909  if (i > *start)
1910  {
1911  if (!_dbus_string_copy_len (str, *start, i - *start, word, 0))
1912  return FALSE;
1913 
1914  *start = i;
1915  }
1916 
1917  return TRUE;
1918 }
1919 
1920 static dbus_bool_t
1921 record_mechanisms (DBusAuth *auth,
1922  const DBusString *args)
1923 {
1924  int next;
1925  int len;
1926 
1927  if (auth->already_got_mechanisms)
1928  return TRUE;
1929 
1930  len = _dbus_string_get_length (args);
1931 
1932  next = 0;
1933  while (next < len)
1934  {
1935  DBusString m;
1937 
1938  if (!_dbus_string_init (&m))
1939  goto nomem;
1940 
1941  if (!get_word (args, &next, &m))
1942  {
1943  _dbus_string_free (&m);
1944  goto nomem;
1945  }
1946 
1947  mech = find_mech (&m, auth->allowed_mechs);
1948 
1949  if (mech != NULL)
1950  {
1951  /* FIXME right now we try mechanisms in the order
1952  * the server lists them; should we do them in
1953  * some more deterministic order?
1954  *
1955  * Probably in all_mechanisms order, our order of
1956  * preference. Of course when the server is us,
1957  * it lists things in that order anyhow.
1958  */
1959 
1960  if (mech != &all_mechanisms[0])
1961  {
1962  _dbus_verbose ("%s: Adding mechanism %s to list we will try\n",
1963  DBUS_AUTH_NAME (auth), mech->mechanism);
1964 
1965  if (!_dbus_list_append (& DBUS_AUTH_CLIENT (auth)->mechs_to_try,
1966  (void*) mech))
1967  {
1968  _dbus_string_free (&m);
1969  goto nomem;
1970  }
1971  }
1972  else
1973  {
1974  _dbus_verbose ("%s: Already tried mechanism %s; not adding to list we will try\n",
1975  DBUS_AUTH_NAME (auth), mech->mechanism);
1976  }
1977  }
1978  else
1979  {
1980  _dbus_verbose ("%s: Server offered mechanism \"%s\" that we don't know how to use\n",
1981  DBUS_AUTH_NAME (auth),
1982  _dbus_string_get_const_data (&m));
1983  }
1984 
1985  _dbus_string_free (&m);
1986  }
1987 
1988  auth->already_got_mechanisms = TRUE;
1989 
1990  return TRUE;
1991 
1992  nomem:
1993  _dbus_list_clear (& DBUS_AUTH_CLIENT (auth)->mechs_to_try);
1994 
1995  return FALSE;
1996 }
1997 
1998 static dbus_bool_t
1999 process_rejected (DBusAuth *auth, const DBusString *args)
2000 {
2002  DBusAuthClient *client;
2003 
2004  client = DBUS_AUTH_CLIENT (auth);
2005 
2006  if (!auth->already_got_mechanisms)
2007  {
2008  if (!record_mechanisms (auth, args))
2009  return FALSE;
2010  }
2011 
2012  if (DBUS_AUTH_CLIENT (auth)->mechs_to_try != NULL)
2013  {
2014  mech = client->mechs_to_try->data;
2015 
2016  if (!send_auth (auth, mech))
2017  return FALSE;
2018 
2020 
2021  _dbus_verbose ("%s: Trying mechanism %s\n",
2022  DBUS_AUTH_NAME (auth),
2023  mech->mechanism);
2024  }
2025  else
2026  {
2027  /* Give up */
2028  _dbus_verbose ("%s: Disconnecting because we are out of mechanisms to try using\n",
2029  DBUS_AUTH_NAME (auth));
2030  goto_state (auth, &common_state_need_disconnect);
2031  }
2032 
2033  return TRUE;
2034 }
2035 
2036 
2037 static dbus_bool_t
2038 handle_client_state_waiting_for_data (DBusAuth *auth,
2039  DBusAuthCommand command,
2040  const DBusString *args)
2041 {
2042  _dbus_assert (auth->mech != NULL);
2043 
2044  switch (command)
2045  {
2046  case DBUS_AUTH_COMMAND_DATA:
2047  return process_data (auth, args, auth->mech->client_data_func);
2048 
2049  case DBUS_AUTH_COMMAND_REJECTED:
2050  return process_rejected (auth, args);
2051 
2052  case DBUS_AUTH_COMMAND_OK:
2053  return process_ok(auth, args);
2054 
2055  case DBUS_AUTH_COMMAND_ERROR:
2056  return send_cancel (auth);
2057 
2058  case DBUS_AUTH_COMMAND_AUTH:
2059  case DBUS_AUTH_COMMAND_CANCEL:
2060  case DBUS_AUTH_COMMAND_BEGIN:
2061  case DBUS_AUTH_COMMAND_UNKNOWN:
2062  case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
2063  case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
2064  default:
2065  return send_error (auth, "Unknown command");
2066  }
2067 }
2068 
2069 static dbus_bool_t
2070 handle_client_state_waiting_for_ok (DBusAuth *auth,
2071  DBusAuthCommand command,
2072  const DBusString *args)
2073 {
2074  switch (command)
2075  {
2076  case DBUS_AUTH_COMMAND_REJECTED:
2077  return process_rejected (auth, args);
2078 
2079  case DBUS_AUTH_COMMAND_OK:
2080  return process_ok(auth, args);
2081 
2082  case DBUS_AUTH_COMMAND_DATA:
2083  case DBUS_AUTH_COMMAND_ERROR:
2084  return send_cancel (auth);
2085 
2086  case DBUS_AUTH_COMMAND_AUTH:
2087  case DBUS_AUTH_COMMAND_CANCEL:
2088  case DBUS_AUTH_COMMAND_BEGIN:
2089  case DBUS_AUTH_COMMAND_UNKNOWN:
2090  case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
2091  case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
2092  default:
2093  return send_error (auth, "Unknown command");
2094  }
2095 }
2096 
2097 static dbus_bool_t
2098 handle_client_state_waiting_for_reject (DBusAuth *auth,
2099  DBusAuthCommand command,
2100  const DBusString *args)
2101 {
2102  switch (command)
2103  {
2104  case DBUS_AUTH_COMMAND_REJECTED:
2105  return process_rejected (auth, args);
2106 
2107  case DBUS_AUTH_COMMAND_AUTH:
2108  case DBUS_AUTH_COMMAND_CANCEL:
2109  case DBUS_AUTH_COMMAND_DATA:
2110  case DBUS_AUTH_COMMAND_BEGIN:
2111  case DBUS_AUTH_COMMAND_OK:
2112  case DBUS_AUTH_COMMAND_ERROR:
2113  case DBUS_AUTH_COMMAND_UNKNOWN:
2114  case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
2115  case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
2116  default:
2117  goto_state (auth, &common_state_need_disconnect);
2118  return TRUE;
2119  }
2120 }
2121 
2122 static dbus_bool_t
2123 handle_client_state_waiting_for_agree_unix_fd(DBusAuth *auth,
2124  DBusAuthCommand command,
2125  const DBusString *args)
2126 {
2127  switch (command)
2128  {
2129  case DBUS_AUTH_COMMAND_AGREE_UNIX_FD:
2131  auth->unix_fd_negotiated = TRUE;
2132  _dbus_verbose("Successfully negotiated UNIX FD passing\n");
2133  return send_begin (auth);
2134 
2135  case DBUS_AUTH_COMMAND_ERROR:
2137  auth->unix_fd_negotiated = FALSE;
2138  _dbus_verbose("Failed to negotiate UNIX FD passing\n");
2139  return send_begin (auth);
2140 
2141  case DBUS_AUTH_COMMAND_OK:
2142  case DBUS_AUTH_COMMAND_DATA:
2143  case DBUS_AUTH_COMMAND_REJECTED:
2144  case DBUS_AUTH_COMMAND_AUTH:
2145  case DBUS_AUTH_COMMAND_CANCEL:
2146  case DBUS_AUTH_COMMAND_BEGIN:
2147  case DBUS_AUTH_COMMAND_UNKNOWN:
2148  case DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD:
2149  default:
2150  return send_error (auth, "Unknown command");
2151  }
2152 }
2153 
2157 typedef struct {
2158  const char *name;
2161 
2162 static const DBusAuthCommandName auth_command_names[] = {
2163  { "AUTH", DBUS_AUTH_COMMAND_AUTH },
2164  { "CANCEL", DBUS_AUTH_COMMAND_CANCEL },
2165  { "DATA", DBUS_AUTH_COMMAND_DATA },
2166  { "BEGIN", DBUS_AUTH_COMMAND_BEGIN },
2167  { "REJECTED", DBUS_AUTH_COMMAND_REJECTED },
2168  { "OK", DBUS_AUTH_COMMAND_OK },
2169  { "ERROR", DBUS_AUTH_COMMAND_ERROR },
2170  { "NEGOTIATE_UNIX_FD", DBUS_AUTH_COMMAND_NEGOTIATE_UNIX_FD },
2171  { "AGREE_UNIX_FD", DBUS_AUTH_COMMAND_AGREE_UNIX_FD }
2172 };
2173 
2174 static DBusAuthCommand
2175 lookup_command_from_name (DBusString *command)
2176 {
2177  int i;
2178 
2179  for (i = 0; i < _DBUS_N_ELEMENTS (auth_command_names); i++)
2180  {
2181  if (_dbus_string_equal_c_str (command,
2182  auth_command_names[i].name))
2183  return auth_command_names[i].command;
2184  }
2185 
2186  return DBUS_AUTH_COMMAND_UNKNOWN;
2187 }
2188 
2189 static void
2190 goto_state (DBusAuth *auth,
2191  const DBusAuthStateData *state)
2192 {
2193  _dbus_verbose ("%s: going from state %s to state %s\n",
2194  DBUS_AUTH_NAME (auth),
2195  auth->state->name,
2196  state->name);
2197 
2198  auth->state = state;
2199 }
2200 
2201 /* returns whether to call it again right away */
2202 static dbus_bool_t
2203 process_command (DBusAuth *auth)
2204 {
2205  DBusAuthCommand command;
2206  DBusString line;
2207  DBusString args;
2208  int eol;
2209  int i, j;
2210  dbus_bool_t retval;
2211 
2212  /* _dbus_verbose ("%s: trying process_command()\n"); */
2213 
2214  retval = FALSE;
2215 
2216  eol = 0;
2217  if (!_dbus_string_find (&auth->incoming, 0, "\r\n", &eol))
2218  return FALSE;
2219 
2220  if (!_dbus_string_init (&line))
2221  {
2222  auth->needed_memory = TRUE;
2223  return FALSE;
2224  }
2225 
2226  if (!_dbus_string_init (&args))
2227  {
2228  _dbus_string_free (&line);
2229  auth->needed_memory = TRUE;
2230  return FALSE;
2231  }
2232 
2233  if (!_dbus_string_copy_len (&auth->incoming, 0, eol, &line, 0))
2234  goto out;
2235 
2236  if (!_dbus_string_validate_ascii (&line, 0,
2237  _dbus_string_get_length (&line)))
2238  {
2239  _dbus_verbose ("%s: Command contained non-ASCII chars or embedded nul\n",
2240  DBUS_AUTH_NAME (auth));
2241  if (!send_error (auth, "Command contained non-ASCII"))
2242  goto out;
2243  else
2244  goto next_command;
2245  }
2246 
2247  _dbus_verbose ("%s: got command \"%s\"\n",
2248  DBUS_AUTH_NAME (auth),
2249  _dbus_string_get_const_data (&line));
2250 
2251  _dbus_string_find_blank (&line, 0, &i);
2252  _dbus_string_skip_blank (&line, i, &j);
2253 
2254  if (j > i)
2255  _dbus_string_delete (&line, i, j - i);
2256 
2257  if (!_dbus_string_move (&line, i, &args, 0))
2258  goto out;
2259 
2260  /* FIXME 1.0 we should probably validate that only the allowed
2261  * chars are in the command name
2262  */
2263 
2264  command = lookup_command_from_name (&line);
2265  if (!(* auth->state->handler) (auth, command, &args))
2266  goto out;
2267 
2268  next_command:
2269 
2270  /* We've succeeded in processing the whole command so drop it out
2271  * of the incoming buffer and return TRUE to try another command.
2272  */
2273 
2274  _dbus_string_delete (&auth->incoming, 0, eol);
2275 
2276  /* kill the \r\n */
2277  _dbus_string_delete (&auth->incoming, 0, 2);
2278 
2279  retval = TRUE;
2280 
2281  out:
2282  _dbus_string_free (&args);
2283  _dbus_string_free (&line);
2284 
2285  if (!retval)
2286  auth->needed_memory = TRUE;
2287  else
2288  auth->needed_memory = FALSE;
2289 
2290  return retval;
2291 }
2292 
2293 
2308 DBusAuth*
2310 {
2311  DBusAuth *auth;
2312  DBusAuthServer *server_auth;
2313  DBusString guid_copy;
2314 
2315  if (!_dbus_string_init (&guid_copy))
2316  return NULL;
2317 
2318  if (!_dbus_string_copy (guid, 0, &guid_copy, 0))
2319  {
2320  _dbus_string_free (&guid_copy);
2321  return NULL;
2322  }
2323 
2324  auth = _dbus_auth_new (sizeof (DBusAuthServer));
2325  if (auth == NULL)
2326  {
2327  _dbus_string_free (&guid_copy);
2328  return NULL;
2329  }
2330 
2331  auth->side = auth_side_server;
2332  auth->state = &server_state_waiting_for_auth;
2333 
2334  server_auth = DBUS_AUTH_SERVER (auth);
2335 
2336  server_auth->guid = guid_copy;
2337 
2338  /* perhaps this should be per-mechanism with a lower
2339  * max
2340  */
2341  server_auth->failures = 0;
2342  server_auth->max_failures = 6;
2343 
2344  return auth;
2345 }
2346 
2354 DBusAuth*
2356 {
2357  DBusAuth *auth;
2358  DBusString guid_str;
2359 
2360  if (!_dbus_string_init (&guid_str))
2361  return NULL;
2362 
2363  auth = _dbus_auth_new (sizeof (DBusAuthClient));
2364  if (auth == NULL)
2365  {
2366  _dbus_string_free (&guid_str);
2367  return NULL;
2368  }
2369 
2370  DBUS_AUTH_CLIENT (auth)->guid_from_server = guid_str;
2371 
2372  auth->side = auth_side_client;
2373  auth->state = &client_state_need_send_auth;
2374 
2375  /* Start the auth conversation by sending AUTH for our default
2376  * mechanism */
2377  if (!send_auth (auth, &all_mechanisms[0]))
2378  {
2379  _dbus_auth_unref (auth);
2380  return NULL;
2381  }
2382 
2383  return auth;
2384 }
2385 
2392 DBusAuth *
2394 {
2395  _dbus_assert (auth != NULL);
2396 
2397  auth->refcount += 1;
2398 
2399  return auth;
2400 }
2401 
2407 void
2409 {
2410  _dbus_assert (auth != NULL);
2411  _dbus_assert (auth->refcount > 0);
2412 
2413  auth->refcount -= 1;
2414  if (auth->refcount == 0)
2415  {
2416  shutdown_mech (auth);
2417 
2418  if (DBUS_AUTH_IS_CLIENT (auth))
2419  {
2420  _dbus_string_free (& DBUS_AUTH_CLIENT (auth)->guid_from_server);
2421  _dbus_list_clear (& DBUS_AUTH_CLIENT (auth)->mechs_to_try);
2422  }
2423  else
2424  {
2426 
2427  _dbus_string_free (& DBUS_AUTH_SERVER (auth)->guid);
2428  }
2429 
2430  if (auth->keyring)
2431  _dbus_keyring_unref (auth->keyring);
2432 
2433  _dbus_string_free (&auth->context);
2434  _dbus_string_free (&auth->challenge);
2435  _dbus_string_free (&auth->identity);
2436  _dbus_string_free (&auth->incoming);
2437  _dbus_string_free (&auth->outgoing);
2438 
2440 
2444 
2445  dbus_free (auth);
2446  }
2447 }
2448 
2459  const char **mechanisms)
2460 {
2461  char **copy;
2462 
2463  if (mechanisms != NULL)
2464  {
2465  copy = _dbus_dup_string_array (mechanisms);
2466  if (copy == NULL)
2467  return FALSE;
2468  }
2469  else
2470  copy = NULL;
2471 
2473 
2474  auth->allowed_mechs = copy;
2475 
2476  return TRUE;
2477 }
2478 
2483 #define DBUS_AUTH_IN_END_STATE(auth) ((auth)->state->handler == NULL)
2484 
2492 DBusAuthState
2494 {
2495  auth->needed_memory = FALSE;
2496 
2497  /* Max amount we'll buffer up before deciding someone's on crack */
2498 #define MAX_BUFFER (16 * _DBUS_ONE_KILOBYTE)
2499 
2500  do
2501  {
2502  if (DBUS_AUTH_IN_END_STATE (auth))
2503  break;
2504 
2505  if (_dbus_string_get_length (&auth->incoming) > MAX_BUFFER ||
2506  _dbus_string_get_length (&auth->outgoing) > MAX_BUFFER)
2507  {
2508  goto_state (auth, &common_state_need_disconnect);
2509  _dbus_verbose ("%s: Disconnecting due to excessive data buffered in auth phase\n",
2510  DBUS_AUTH_NAME (auth));
2511  break;
2512  }
2513  }
2514  while (process_command (auth));
2515 
2516  if (auth->needed_memory)
2517  return DBUS_AUTH_STATE_WAITING_FOR_MEMORY;
2518  else if (_dbus_string_get_length (&auth->outgoing) > 0)
2519  return DBUS_AUTH_STATE_HAVE_BYTES_TO_SEND;
2520  else if (auth->state == &common_state_need_disconnect)
2521  return DBUS_AUTH_STATE_NEED_DISCONNECT;
2522  else if (auth->state == &common_state_authenticated)
2523  return DBUS_AUTH_STATE_AUTHENTICATED;
2524  else return DBUS_AUTH_STATE_WAITING_FOR_INPUT;
2525 }
2526 
2538  const DBusString **str)
2539 {
2540  _dbus_assert (auth != NULL);
2541  _dbus_assert (str != NULL);
2542 
2543  *str = NULL;
2544 
2545  if (_dbus_string_get_length (&auth->outgoing) == 0)
2546  return FALSE;
2547 
2548  *str = &auth->outgoing;
2549 
2550  return TRUE;
2551 }
2552 
2561 void
2563  int bytes_sent)
2564 {
2565  _dbus_verbose ("%s: Sent %d bytes of: %s\n",
2566  DBUS_AUTH_NAME (auth),
2567  bytes_sent,
2568  _dbus_string_get_const_data (&auth->outgoing));
2569 
2570  _dbus_string_delete (&auth->outgoing,
2571  0, bytes_sent);
2572 }
2573 
2581 void
2583  DBusString **buffer)
2584 {
2585  _dbus_assert (auth != NULL);
2587 
2588  *buffer = &auth->incoming;
2589 
2590  auth->buffer_outstanding = TRUE;
2591 }
2592 
2599 void
2601  DBusString *buffer)
2602 {
2603  _dbus_assert (buffer == &auth->incoming);
2605 
2606  auth->buffer_outstanding = FALSE;
2607 }
2608 
2618 void
2620  const DBusString **str)
2621 {
2622  if (!DBUS_AUTH_IN_END_STATE (auth))
2623  return;
2624 
2625  *str = &auth->incoming;
2626 }
2627 
2628 
2635 void
2637 {
2638  if (!DBUS_AUTH_IN_END_STATE (auth))
2639  return;
2640 
2641  _dbus_string_set_length (&auth->incoming, 0);
2642 }
2643 
2654 {
2655  if (auth->state != &common_state_authenticated)
2656  return FALSE;
2657 
2658  if (auth->mech != NULL)
2659  {
2660  if (DBUS_AUTH_IS_CLIENT (auth))
2661  return auth->mech->client_encode_func != NULL;
2662  else
2663  return auth->mech->server_encode_func != NULL;
2664  }
2665  else
2666  return FALSE;
2667 }
2668 
2681  const DBusString *plaintext,
2682  DBusString *encoded)
2683 {
2684  _dbus_assert (plaintext != encoded);
2685 
2686  if (auth->state != &common_state_authenticated)
2687  return FALSE;
2688 
2689  if (_dbus_auth_needs_encoding (auth))
2690  {
2691  if (DBUS_AUTH_IS_CLIENT (auth))
2692  return (* auth->mech->client_encode_func) (auth, plaintext, encoded);
2693  else
2694  return (* auth->mech->server_encode_func) (auth, plaintext, encoded);
2695  }
2696  else
2697  {
2698  return _dbus_string_copy (plaintext, 0, encoded,
2699  _dbus_string_get_length (encoded));
2700  }
2701 }
2702 
2713 {
2714  if (auth->state != &common_state_authenticated)
2715  return FALSE;
2716 
2717  if (auth->mech != NULL)
2718  {
2719  if (DBUS_AUTH_IS_CLIENT (auth))
2720  return auth->mech->client_decode_func != NULL;
2721  else
2722  return auth->mech->server_decode_func != NULL;
2723  }
2724  else
2725  return FALSE;
2726 }
2727 
2728 
2744  const DBusString *encoded,
2745  DBusString *plaintext)
2746 {
2747  _dbus_assert (plaintext != encoded);
2748 
2749  if (auth->state != &common_state_authenticated)
2750  return FALSE;
2751 
2752  if (_dbus_auth_needs_decoding (auth))
2753  {
2754  if (DBUS_AUTH_IS_CLIENT (auth))
2755  return (* auth->mech->client_decode_func) (auth, encoded, plaintext);
2756  else
2757  return (* auth->mech->server_decode_func) (auth, encoded, plaintext);
2758  }
2759  else
2760  {
2761  return _dbus_string_copy (encoded, 0, plaintext,
2762  _dbus_string_get_length (plaintext));
2763  }
2764 }
2765 
2777 {
2780  credentials);
2781 }
2782 
2794 {
2795  if (auth->state == &common_state_authenticated)
2796  {
2797  return auth->authorized_identity;
2798  }
2799  else
2800  {
2801  /* FIXME instead of this, keep an empty credential around that
2802  * doesn't require allocation or something
2803  */
2804  /* return empty credentials */
2806  return auth->authorized_identity;
2807  }
2808 }
2809 
2816 const char*
2818 {
2820 
2821  if (auth->state == &common_state_authenticated)
2822  return _dbus_string_get_const_data (& DBUS_AUTH_CLIENT (auth)->guid_from_server);
2823  else
2824  return NULL;
2825 }
2826 
2837  const DBusString *context)
2838 {
2839  return _dbus_string_replace_len (context, 0, _dbus_string_get_length (context),
2840  &auth->context, 0, _dbus_string_get_length (context));
2841 }
2842 
2850 void
2852 {
2853  auth->unix_fd_possible = b;
2854 }
2855 
2864 {
2865  return auth->unix_fd_negotiated;
2866 }
2867 
2876 {
2877  _dbus_assert (name != NULL);
2878 
2879  return find_mech (name, NULL) != NULL;
2880 }
2881 
2890 {
2891  unsigned int i;
2892  _dbus_assert (buffer != NULL);
2893 
2894  for (i = 0; all_mechanisms[i].mechanism != NULL; i++)
2895  {
2896  if (i > 0)
2897  {
2898  if (!_dbus_string_append (buffer, ", "))
2899  return FALSE;
2900  }
2901  if (!_dbus_string_append (buffer, all_mechanisms[i].mechanism))
2902  return FALSE;
2903  }
2904  return TRUE;
2905 }
2906 
2909 /* tests in dbus-auth-util.c */
dbus_bool_t dbus_error_has_name(const DBusError *error, const char *name)
Checks whether the error is set and has the given name.
Definition: dbus-errors.c:302
dbus_bool_t _dbus_string_append(DBusString *str, const char *buffer)
Appends a nul-terminated C-style string to a DBusString.
Definition: dbus-string.c:952
DBUS_PRIVATE_EXPORT dbus_bool_t _dbus_string_parse_int(const DBusString *str, int start, long *value_return, int *end_return)
Parses an integer contained in a DBusString.
Definition: dbus-sysdeps.c:444
const char * message
public error message field
Definition: dbus-errors.h:51
void _dbus_auth_delete_unused_bytes(DBusAuth *auth)
Gets rid of unused bytes returned by _dbus_auth_get_unused_bytes() after we&#39;ve gotten them and succes...
Definition: dbus-auth.c:2636
#define NULL
A null pointer, defined appropriately for C or C++.
dbus_bool_t _dbus_auth_dump_supported_mechanisms(DBusString *buffer)
Return a human-readable string containing all supported auth mechanisms.
Definition: dbus-auth.c:2889
void _dbus_auth_get_unused_bytes(DBusAuth *auth, const DBusString **str)
Returns leftover bytes that were not used as part of the auth conversation.
Definition: dbus-auth.c:2619
void _dbus_keyring_unref(DBusKeyring *keyring)
Decrements refcount and finalizes if it reaches zero.
Definition: dbus-keyring.c:676
dbus_bool_t _dbus_string_equal(const DBusString *a, const DBusString *b)
Tests two DBusString for equality.
Definition: dbus-string.c:2030
DBusAuthDecodeFunction client_decode_func
Function on client side for decode.
Definition: dbus-auth.c:112
DBusAuthEncodeFunction server_encode_func
Function on server side to encode.
Definition: dbus-auth.c:106
void dbus_free(void *memory)
Frees a block of memory previously allocated by dbus_malloc() or dbus_malloc0().
Definition: dbus-memory.c:703
dbus_bool_t _dbus_credentials_add_credential(DBusCredentials *credentials, DBusCredentialType which, DBusCredentials *other_credentials)
Merge the given credential found in the second object into the first object, overwriting the first ob...
DBusAuthCommand
Enumeration for the known authentication commands.
Definition: dbus-auth.c:119
dbus_bool_t _dbus_auth_needs_decoding(DBusAuth *auth)
Called post-authentication, indicates whether we need to decode the message stream with _dbus_auth_de...
Definition: dbus-auth.c:2712
dbus_bool_t _dbus_string_hex_encode(const DBusString *source, int start, DBusString *dest, int insert_at)
Encodes a string in hex, the way MD5 and SHA-1 are usually encoded.
Definition: dbus-string.c:2276
unsigned int buffer_outstanding
Buffer is "checked out" for reading data into.
Definition: dbus-auth.c:190
DBusList * mechs_to_try
Mechanisms we got from the server that we&#39;re going to try using.
Definition: dbus-auth.c:203
DBUS_PRIVATE_EXPORT dbus_bool_t _dbus_string_append_int(DBusString *str, long value)
Appends an integer to a DBusString.
Definition: dbus-sysdeps.c:363
dbus_bool_t _dbus_credentials_are_superset(DBusCredentials *credentials, DBusCredentials *possible_subset)
Checks whether the first credentials object contains all the credentials found in the second credenti...
dbus_bool_t _dbus_auth_encode_data(DBusAuth *auth, const DBusString *plaintext, DBusString *encoded)
Called post-authentication, encodes a block of bytes for sending to the peer.
Definition: dbus-auth.c:2680
Internals of DBusKeyring.
Definition: dbus-keyring.c:112
dbus_bool_t _dbus_auth_set_context(DBusAuth *auth, const DBusString *context)
Sets the "authentication context" which scopes cookies with the DBUS_COOKIE_SHA1 auth mechanism for e...
Definition: dbus-auth.c:2836
#define _dbus_assert(condition)
Aborts with an error message if the condition is false.
#define DBUS_ERROR_INIT
Expands to a suitable initializer for a DBusError on the stack.
Definition: dbus-errors.h:62
void * data
Data stored at this element.
Definition: dbus-list.h:38
void _dbus_auth_return_buffer(DBusAuth *auth, DBusString *buffer)
Returns a buffer with new data read into it.
Definition: dbus-auth.c:2600
DBusAuthState _dbus_auth_do_work(DBusAuth *auth)
Analyzes buffered input and moves the auth conversation forward, returning the new state of the auth ...
Definition: dbus-auth.c:2493
void dbus_error_free(DBusError *error)
Frees an error that&#39;s been set (or just initialized), then reinitializes the error as in dbus_error_i...
Definition: dbus-errors.c:211
const char * mechanism
Name of the mechanism.
Definition: dbus-auth.c:104
unsigned int unix_fd_negotiated
Unix fd was successfully negotiated.
Definition: dbus-auth.c:193
dbus_bool_t _dbus_keyring_get_hex_key(DBusKeyring *keyring, int key_id, DBusString *hex_key)
Gets the hex-encoded secret key for the given ID.
dbus_bool_t _dbus_auth_set_mechanisms(DBusAuth *auth, const char **mechanisms)
Sets an array of authentication mechanism names that we are willing to use.
Definition: dbus-auth.c:2458
dbus_bool_t _dbus_auth_is_supported_mechanism(DBusString *name)
Queries whether the given auth mechanism is supported.
Definition: dbus-auth.c:2875
dbus_bool_t _dbus_string_init(DBusString *str)
Initializes a string.
Definition: dbus-string.c:175
DBusAuthShutdownFunction server_shutdown_func
Function on server side to shut down.
Definition: dbus-auth.c:108
dbus_bool_t _dbus_string_copy(const DBusString *source, int start, DBusString *dest, int insert_at)
Like _dbus_string_move(), but does not delete the section of the source string that&#39;s copied to the d...
Definition: dbus-string.c:1300
DBusKeyring * keyring
Keyring for cookie mechanism.
Definition: dbus-auth.c:177
DBusString context
Cookie scope.
Definition: dbus-auth.c:176
dbus_bool_t(* DBusAuthDataFunction)(DBusAuth *auth, const DBusString *data)
This function processes a block of data received from the peer.
Definition: dbus-auth.c:77
dbus_bool_t _dbus_auth_get_unix_fd_negotiated(DBusAuth *auth)
Queries whether unix fd passing was successfully negotiated.
Definition: dbus-auth.c:2863
void _dbus_credentials_clear(DBusCredentials *credentials)
Clear all credentials in the object.
dbus_bool_t _dbus_string_find(const DBusString *str, int start, const char *substr, int *found)
Finds the given substring in the string, returning TRUE and filling in the byte index where the subst...
Definition: dbus-string.c:1621
DBusString guid
Our globally unique ID in hex encoding.
Definition: dbus-auth.c:219
const char * side
Client or server.
Definition: dbus-auth.c:156
dbus_bool_t _dbus_credentials_add_from_user(DBusCredentials *credentials, const DBusString *username, DBusCredentialsAddFlags flags, DBusError *error)
Adds the credentials corresponding to the given username.
dbus_bool_t _dbus_credentials_add_credentials(DBusCredentials *credentials, DBusCredentials *other_credentials)
Merge all credentials found in the second object into the first object, overwriting the first object ...
DBusString guid_from_server
GUID received from server.
Definition: dbus-auth.c:205
DBusCredentials * _dbus_auth_get_identity(DBusAuth *auth)
Gets the identity we authorized the client as.
Definition: dbus-auth.c:2793
void _dbus_auth_get_buffer(DBusAuth *auth, DBusString **buffer)
Get a buffer to be used for reading bytes from the peer we&#39;re conversing with.
Definition: dbus-auth.c:2582
DBusString challenge
Challenge sent to client.
Definition: dbus-auth.c:179
dbus_bool_t _dbus_auth_decode_data(DBusAuth *auth, const DBusString *encoded, DBusString *plaintext)
Called post-authentication, decodes a block of bytes received from the peer.
Definition: dbus-auth.c:2743
DBusCredentials * authorized_identity
Credentials that are authorized.
Definition: dbus-auth.c:172
DBusAuthDecodeFunction server_decode_func
Function on server side to decode.
Definition: dbus-auth.c:107
dbus_bool_t _dbus_string_move(DBusString *source, int start, DBusString *dest, int insert_at)
Moves the end of one string into another string.
Definition: dbus-string.c:1276
dbus_bool_t _dbus_append_user_from_current_process(DBusString *str)
Append to the string the identity we would like to have when we authenticate, on UNIX this is the cur...
dbus_bool_t _dbus_credentials_are_anonymous(DBusCredentials *credentials)
Checks whether a credentials object contains a user identity.
dbus_bool_t _dbus_string_equal_c_str(const DBusString *a, const char *c_str)
Checks whether a string is equal to a C string.
Definition: dbus-string.c:2169
void _dbus_auth_bytes_sent(DBusAuth *auth, int bytes_sent)
Notifies the auth conversation object that the given number of bytes of the outgoing buffer have been...
Definition: dbus-auth.c:2562
Internal members of DBusAuth.
Definition: dbus-auth.c:153
DBusInitialResponseFunction client_initial_response_func
Function on client side to handle initial response.
Definition: dbus-auth.c:109
dbus_uint32_t dbus_bool_t
A boolean, valid values are TRUE and FALSE.
Definition: dbus-types.h:35
"Subclass" of DBusAuth for server side.
Definition: dbus-auth.c:212
DBusAuthStateFunction handler
State function for this state.
Definition: dbus-auth.c:147
DBusAuthDataFunction client_data_func
Function on client side for DATA.
Definition: dbus-auth.c:110
const DBusAuthStateData * state
Current protocol state.
Definition: dbus-auth.c:161
dbus_bool_t _dbus_string_replace_len(const DBusString *source, int start, int len, DBusString *dest, int replace_at, int replace_len)
Replaces a segment of dest string with a segment of source string.
Definition: dbus-string.c:1421
"Subclass" of DBusAuth for client side
Definition: dbus-auth.c:199
DBusCredentials * desired_identity
Identity client has requested.
Definition: dbus-auth.c:174
void _dbus_string_skip_blank(const DBusString *str, int start, int *end)
Skips blanks from start, storing the first non-blank in *end (blank is space or tab).
Definition: dbus-string.c:1820
DBusAuth * _dbus_auth_server_new(const DBusString *guid)
Creates a new auth conversation object for the server side.
Definition: dbus-auth.c:2309
unsigned int needed_memory
We needed memory to continue since last successful getting something done.
Definition: dbus-auth.c:185
#define DBUS_AUTH_NAME(auth)
The name of the auth ("client" or "server")
Definition: dbus-auth.c:338
DBusAuth * _dbus_auth_ref(DBusAuth *auth)
Increments the refcount of an auth object.
Definition: dbus-auth.c:2393
unsigned int already_asked_for_initial_response
Already sent a blank challenge to get an initial response.
Definition: dbus-auth.c:189
void _dbus_string_delete(DBusString *str, int start, int len)
Deletes a segment of a DBusString with length len starting at start.
Definition: dbus-string.c:1210
DBusString identity
Current identity we&#39;re authorizing as.
Definition: dbus-auth.c:165
dbus_bool_t(* DBusInitialResponseFunction)(DBusAuth *auth, DBusString *response)
This function appends an initial client response to the given string.
Definition: dbus-auth.c:70
dbus_bool_t _dbus_list_append(DBusList **list, void *data)
Appends a value to the list.
Definition: dbus-list.c:271
unsigned int already_got_mechanisms
Client already got mech list.
Definition: dbus-auth.c:188
dbus_bool_t _dbus_string_append_printf(DBusString *str, const char *format,...)
Appends a printf-style formatted string to the DBusString.
Definition: dbus-string.c:1131
void _dbus_string_zero(DBusString *str)
Clears all allocated bytes in the string to zero.
Definition: dbus-string.c:2702
int cookie_id
ID of cookie to use.
Definition: dbus-auth.c:178
Information about a auth state.
Definition: dbus-auth.c:144
Object representing an exception.
Definition: dbus-errors.h:48
dbus_bool_t(* DBusAuthStateFunction)(DBusAuth *auth, DBusAuthCommand command, const DBusString *args)
Auth state function, determines the reaction to incoming events for a particular state.
Definition: dbus-auth.c:137
int _dbus_keyring_get_best_key(DBusKeyring *keyring, DBusError *error)
Gets a recent key to use for authentication.
Definition: dbus-keyring.c:944
dbus_bool_t _dbus_string_validate_utf8(const DBusString *str, int start, int len)
Checks that the given range of the string is valid UTF-8.
Definition: dbus-string.c:2572
DBusAuth base
Parent class.
Definition: dbus-auth.c:201
DBusAuthShutdownFunction client_shutdown_func
Function on client side for shutdown.
Definition: dbus-auth.c:113
void * _dbus_list_pop_first(DBusList **list)
Removes the first value in the list and returns it.
Definition: dbus-list.c:677
int refcount
reference count
Definition: dbus-auth.c:155
const char * _dbus_auth_get_guid_from_server(DBusAuth *auth)
Gets the GUID from the server if we&#39;ve authenticated; gets NULL otherwise.
Definition: dbus-auth.c:2817
#define _DBUS_N_ELEMENTS(array)
Computes the number of elements in a fixed-size array using sizeof().
char ** allowed_mechs
Mechanisms we&#39;re allowed to use, or NULL if we can use any.
Definition: dbus-auth.c:181
const char * name
Name of the command.
Definition: dbus-auth.c:2158
dbus_bool_t(* DBusAuthDecodeFunction)(DBusAuth *auth, const DBusString *data, DBusString *decoded)
This function decodes a block of data from the peer.
Definition: dbus-auth.c:90
#define DBUS_AUTH_CLIENT(auth)
Definition: dbus-auth.c:326
void _dbus_string_free(DBusString *str)
Frees a string created by _dbus_string_init(), and fills it with the same contents as #_DBUS_STRING_I...
Definition: dbus-string.c:264
char ** _dbus_dup_string_array(const char **array)
Duplicates a string array.
#define TRUE
Expands to "1".
int failures
Number of times client has been rejected.
Definition: dbus-auth.c:216
#define DBUS_AUTH_IS_SERVER(auth)
Definition: dbus-auth.c:316
void(* DBusAuthShutdownFunction)(DBusAuth *auth)
This function is called when the mechanism is abandoned.
Definition: dbus-auth.c:97
#define N_CHALLENGE_BYTES
http://www.ietf.org/rfc/rfc2831.txt suggests at least 64 bits of entropy, we use 128.
Definition: dbus-auth.c:519
dbus_bool_t _dbus_string_find_blank(const DBusString *str, int start, int *found)
Finds a blank (space or tab) in the string.
Definition: dbus-string.c:1782
DBusString incoming
Incoming data buffer.
Definition: dbus-auth.c:158
dbus_bool_t _dbus_auth_set_credentials(DBusAuth *auth, DBusCredentials *credentials)
Sets credentials received via reliable means from the operating system.
Definition: dbus-auth.c:2775
dbus_bool_t _dbus_keyring_is_for_credentials(DBusKeyring *keyring, DBusCredentials *credentials)
Checks whether the keyring is for the same user as the given credentials.
Definition: dbus-keyring.c:983
void _dbus_auth_set_unix_fd_possible(DBusAuth *auth, dbus_bool_t b)
Sets whether unix fd passing is potentially on the transport and hence shall be negotiated.
Definition: dbus-auth.c:2851
const char * name
Name of the state.
Definition: dbus-auth.c:146
DBusAuthEncodeFunction client_encode_func
Function on client side for encode.
Definition: dbus-auth.c:111
DBusCredentials * _dbus_credentials_new(void)
Creates a new credentials object.
DBusKeyring * _dbus_keyring_new_for_credentials(DBusCredentials *credentials, const DBusString *context, DBusError *error)
Creates a new keyring that lives in the ~/.dbus-keyrings directory of the user represented by credent...
Definition: dbus-keyring.c:704
DBusAuthDataFunction server_data_func
Function on server side for DATA.
Definition: dbus-auth.c:105
dbus_bool_t(* DBusAuthEncodeFunction)(DBusAuth *auth, const DBusString *data, DBusString *encoded)
This function encodes a block of data from the peer.
Definition: dbus-auth.c:83
dbus_bool_t _dbus_string_hex_decode(const DBusString *source, int start, int *end_return, DBusString *dest, int insert_at)
Decodes a string from hex encoding.
Definition: dbus-string.c:2326
A node in a linked list.
Definition: dbus-list.h:34
void dbus_free_string_array(char **str_array)
Frees a NULL-terminated array of strings.
Definition: dbus-memory.c:751
dbus_bool_t _dbus_string_array_contains(const char **array, const char *str)
Checks whether a string array contains the given string.
int max_failures
Number of times we reject before disconnect.
Definition: dbus-auth.c:217
void _dbus_auth_unref(DBusAuth *auth)
Decrements the refcount of an auth object.
Definition: dbus-auth.c:2408
dbus_bool_t _dbus_generate_random_bytes(DBusString *str, int n_bytes, DBusError *error)
Generates the given number of securely random bytes, using the best mechanism we can come up with...
dbus_bool_t _dbus_auth_get_bytes_to_send(DBusAuth *auth, const DBusString **str)
Gets bytes that need to be sent to the peer we&#39;re conversing with.
Definition: dbus-auth.c:2537
Mapping from command name to enum.
Definition: dbus-auth.c:2157
Virtual table representing a particular auth mechanism.
Definition: dbus-auth.c:102
#define DBUS_ERROR_NO_MEMORY
There was not enough memory to complete an operation.
void _dbus_credentials_unref(DBusCredentials *credentials)
Decrement refcount on credentials.
#define FALSE
Expands to "0".
const DBusAuthMechanismHandler * mech
Current auth mechanism.
Definition: dbus-auth.c:163
#define DBUS_AUTH_SERVER(auth)
Definition: dbus-auth.c:331
unsigned int unix_fd_possible
This side could do unix fd passing.
Definition: dbus-auth.c:192
dbus_bool_t _dbus_sha_compute(const DBusString *data, DBusString *ascii_output)
Computes the ASCII hex-encoded shasum of the given data and appends it to the output string...
Definition: dbus-sha.c:484
dbus_bool_t _dbus_string_set_length(DBusString *str, int length)
Sets the length of a string.
Definition: dbus-string.c:819
dbus_bool_t _dbus_string_copy_len(const DBusString *source, int start, int len, DBusString *dest, int insert_at)
Like _dbus_string_copy(), but can copy a segment from the middle of the source string.
Definition: dbus-string.c:1392
void * dbus_malloc0(size_t bytes)
Allocates the given number of bytes, as with standard malloc(), but all bytes are initialized to zero...
Definition: dbus-memory.c:533
dbus_bool_t _dbus_auth_needs_encoding(DBusAuth *auth)
Called post-authentication, indicates whether we need to encode the message stream with _dbus_auth_en...
Definition: dbus-auth.c:2653
DBusCredentials * credentials
Credentials read from socket.
Definition: dbus-auth.c:169
DBusAuth * _dbus_auth_client_new(void)
Creates a new auth conversation object for the client side.
Definition: dbus-auth.c:2355
dbus_bool_t _dbus_string_validate_ascii(const DBusString *str, int start, int len)
Checks that the given range of the string is valid ASCII with no nul bytes.
Definition: dbus-string.c:2467
DBusAuth base
Parent class.
Definition: dbus-auth.c:214
dbus_bool_t _dbus_keyring_validate_context(const DBusString *context)
Checks whether the context is a valid context.
Definition: dbus-keyring.c:848
#define DBUS_AUTH_IN_END_STATE(auth)
Definition: dbus-auth.c:2483
dbus_bool_t dbus_error_is_set(const DBusError *error)
Checks whether an error occurred (the error is set).
Definition: dbus-errors.c:329
DBusString outgoing
Outgoing data buffer.
Definition: dbus-auth.c:159
dbus_bool_t _dbus_credentials_are_empty(DBusCredentials *credentials)
Checks whether a credentials object contains anything.
#define DBUS_AUTH_IS_CLIENT(auth)
Definition: dbus-auth.c:321
DBusAuthCommand command
Corresponding enum.
Definition: dbus-auth.c:2159
void _dbus_list_clear(DBusList **list)
Frees all links in the list and sets the list head to NULL.
Definition: dbus-list.c:543