D-Bus 1.16.0
Functions
Credentials provable through authentication

DBusCredentials object. More...

Functions

DBusCredentials_dbus_credentials_new (void)
 Creates a new credentials object.
 
DBusCredentials_dbus_credentials_new_from_current_process (void)
 Creates a new object with the most important credentials (user ID and process ID) from the current process.
 
void _dbus_credentials_ref (DBusCredentials *credentials)
 Increment refcount on credentials.
 
void _dbus_credentials_unref (DBusCredentials *credentials)
 Decrement refcount on credentials.
 
dbus_bool_t _dbus_credentials_add_pid (DBusCredentials *credentials, dbus_pid_t pid)
 Add a UNIX process ID to the credentials.
 
_DBUS_GNUC_NORETURN void _dbus_credentials_take_pid_fd (DBusCredentials *credentials, int pid_fd)
 Add a UNIX process ID FD to the credentials.
 
dbus_bool_t _dbus_credentials_add_unix_uid (DBusCredentials *credentials, dbus_uid_t uid)
 Add a UNIX user ID to the credentials.
 
void _dbus_credentials_take_unix_gids (DBusCredentials *credentials, dbus_gid_t *gids, size_t n_gids)
 Add UNIX group IDs to the credentials, replacing any group IDs that might already have been present.
 
dbus_bool_t _dbus_credentials_get_unix_gids (DBusCredentials *credentials, const dbus_gid_t **gids, size_t *n_gids)
 Get the Unix group IDs.
 
dbus_bool_t _dbus_credentials_add_windows_sid (DBusCredentials *credentials, const char *windows_sid)
 Add a Windows user SID to the credentials.
 
dbus_bool_t _dbus_credentials_add_linux_security_label (DBusCredentials *credentials, const char *label)
 Add a Linux security label, as used by LSMs such as SELinux, Smack and AppArmor, to the credentials.
 
dbus_bool_t _dbus_credentials_add_adt_audit_data (DBusCredentials *credentials, void *audit_data, dbus_int32_t size)
 Add ADT audit data to the credentials.
 
dbus_bool_t _dbus_credentials_include (DBusCredentials *credentials, DBusCredentialType type)
 Checks whether the given credential is present.
 
dbus_pid_t _dbus_credentials_get_pid (DBusCredentials *credentials)
 Gets the UNIX process ID in the credentials, or DBUS_PID_UNSET if the credentials object doesn't contain a process ID.
 
int _dbus_credentials_get_pid_fd (DBusCredentials *credentials)
 Gets the UNIX process ID FD in the credentials as obtained by 'safe' means (e.g.: Linux's SO_PEERPIDFD), or -1 if the credentials object doesn't contain a process ID FD.
 
dbus_uid_t _dbus_credentials_get_unix_uid (DBusCredentials *credentials)
 Gets the UNIX user ID in the credentials, or DBUS_UID_UNSET if the credentials object doesn't contain a user ID.
 
const char * _dbus_credentials_get_windows_sid (DBusCredentials *credentials)
 Gets the Windows user SID in the credentials, or NULL if the credentials object doesn't contain a Windows user SID.
 
const char * _dbus_credentials_get_linux_security_label (DBusCredentials *credentials)
 Gets the Linux security label (as used by LSMs) from the credentials, or NULL if the credentials object doesn't contain a security label.
 
void * _dbus_credentials_get_adt_audit_data (DBusCredentials *credentials)
 Gets the ADT audit data in the credentials, or NULL if the credentials object doesn't contain ADT audit data.
 
dbus_int32_t _dbus_credentials_get_adt_audit_data_size (DBusCredentials *credentials)
 Gets the ADT audit data size in the credentials, or 0 if the credentials object doesn't contain ADT audit data.
 
dbus_bool_t _dbus_credentials_are_superset (DBusCredentials *credentials, DBusCredentials *possible_subset)
 Checks whether the first credentials object contains all the credentials found in the second credentials object.
 
dbus_bool_t _dbus_credentials_are_empty (DBusCredentials *credentials)
 Checks whether a credentials object contains anything.
 
dbus_bool_t _dbus_credentials_are_anonymous (DBusCredentials *credentials)
 Checks whether a credentials object contains a user identity.
 
dbus_bool_t _dbus_credentials_add_credentials (DBusCredentials *credentials, DBusCredentials *other_credentials)
 Merge all credentials found in the second object into the first object, overwriting the first object if there are any overlaps.
 
dbus_bool_t _dbus_credentials_add_credential (DBusCredentials *credentials, DBusCredentialType which, DBusCredentials *other_credentials)
 Merge the given credential found in the second object into the first object, overwriting the first object's value for that credential.
 
void _dbus_credentials_clear (DBusCredentials *credentials)
 Clear all credentials in the object.
 
DBusCredentials_dbus_credentials_copy (DBusCredentials *credentials)
 Copy a credentials object.
 
dbus_bool_t _dbus_credentials_same_user (DBusCredentials *credentials, DBusCredentials *other_credentials)
 Check whether the user-identifying credentials in two credentials objects are identical.
 
dbus_bool_t _dbus_credentials_to_string_append (DBusCredentials *credentials, DBusString *string)
 Convert the credentials in this object to a human-readable string format, and append to the given string.
 

Detailed Description

DBusCredentials object.

Credentials are what you have to prove you have in order to authenticate. The main credentials right now are a unix user account, a Windows user account, or a UNIX process ID.

Function Documentation

◆ _dbus_credentials_add_adt_audit_data()

dbus_bool_t _dbus_credentials_add_adt_audit_data ( DBusCredentials credentials,
void *  audit_data,
dbus_int32_t  size 
)

Add ADT audit data to the credentials.

Parameters
credentialsthe object
audit_datathe audit data
sizethe length of audit data
Returns
FALSE if no memory

Definition at line 341 of file dbus-credentials.c.

References _dbus_memdup(), dbus_free(), FALSE, NULL, and TRUE.

Referenced by _dbus_credentials_add_credential(), and _dbus_read_credentials_socket().

◆ _dbus_credentials_add_credential()

dbus_bool_t _dbus_credentials_add_credential ( DBusCredentials credentials,
DBusCredentialType  which,
DBusCredentials other_credentials 
)

Merge the given credential found in the second object into the first object, overwriting the first object's value for that credential.

Does nothing if the second object does not contain the specified credential. i.e., will never delete a credential from the first object.

Parameters
credentialsthe object
whichthe credential to overwrite
other_credentialscredentials to merge
Returns
FALSE if no memory

Definition at line 614 of file dbus-credentials.c.

References _dbus_credentials_add_adt_audit_data(), _dbus_credentials_add_linux_security_label(), _dbus_credentials_add_pid(), _dbus_credentials_add_unix_uid(), _dbus_credentials_add_windows_sid(), _dbus_credentials_take_pid_fd(), _dbus_credentials_take_unix_gids(), _dbus_dup(), dbus_new, DBUS_PID_UNSET, DBUS_UID_UNSET, FALSE, NULL, and TRUE.

Referenced by _dbus_credentials_add_credentials().

◆ _dbus_credentials_add_credentials()

dbus_bool_t _dbus_credentials_add_credentials ( DBusCredentials credentials,
DBusCredentials other_credentials 
)

Merge all credentials found in the second object into the first object, overwriting the first object if there are any overlaps.

Parameters
credentialsthe object
other_credentialscredentials to merge
Returns
FALSE if no memory

Definition at line 574 of file dbus-credentials.c.

References _dbus_credentials_add_credential().

Referenced by _dbus_auth_set_credentials(), and _dbus_credentials_copy().

◆ _dbus_credentials_add_linux_security_label()

dbus_bool_t _dbus_credentials_add_linux_security_label ( DBusCredentials credentials,
const char *  label 
)

Add a Linux security label, as used by LSMs such as SELinux, Smack and AppArmor, to the credentials.

Parameters
credentialsthe object
labelthe label
Returns
FALSE if no memory

Definition at line 317 of file dbus-credentials.c.

References _dbus_strdup(), dbus_free(), FALSE, NULL, and TRUE.

Referenced by _dbus_credentials_add_credential().

◆ _dbus_credentials_add_pid()

dbus_bool_t _dbus_credentials_add_pid ( DBusCredentials credentials,
dbus_pid_t  pid 
)

Add a UNIX process ID to the credentials.

If the process ID FD is set, it will always take precendence when querying the PID of this credential.

Parameters
credentialsthe object
pidthe process ID
Returns
FALSE if no memory

Definition at line 181 of file dbus-credentials.c.

References TRUE.

Referenced by _dbus_credentials_add_credential(), _dbus_credentials_add_from_current_process(), _dbus_read_credentials_socket(), and _dbus_read_credentials_socket().

◆ _dbus_credentials_add_unix_uid()

dbus_bool_t _dbus_credentials_add_unix_uid ( DBusCredentials credentials,
dbus_uid_t  uid 
)

Add a UNIX user ID to the credentials.

Parameters
credentialsthe object
uidthe user ID
Returns
FALSE if no memory

Definition at line 220 of file dbus-credentials.c.

References TRUE.

Referenced by _dbus_credentials_add_credential(), _dbus_credentials_add_from_current_process(), _dbus_credentials_add_from_user(), and _dbus_read_credentials_socket().

◆ _dbus_credentials_add_windows_sid()

dbus_bool_t _dbus_credentials_add_windows_sid ( DBusCredentials credentials,
const char *  windows_sid 
)

Add a Windows user SID to the credentials.

Parameters
credentialsthe object
windows_sidthe user SID
Returns
FALSE if no memory

Definition at line 293 of file dbus-credentials.c.

References _dbus_strdup(), dbus_free(), FALSE, NULL, and TRUE.

Referenced by _dbus_credentials_add_credential(), _dbus_credentials_add_from_current_process(), _dbus_credentials_add_from_user(), and _dbus_read_credentials_socket().

◆ _dbus_credentials_are_anonymous()

dbus_bool_t _dbus_credentials_are_anonymous ( DBusCredentials credentials)

Checks whether a credentials object contains a user identity.

Parameters
credentialsthe object
Returns
TRUE if there are no user identities in the object

Definition at line 558 of file dbus-credentials.c.

References DBUS_UID_UNSET, and NULL.

Referenced by _dbus_append_keyring_directory_for_credentials(), _dbus_keyring_new_for_credentials(), and _dbus_transport_get_is_anonymous().

◆ _dbus_credentials_are_empty()

dbus_bool_t _dbus_credentials_are_empty ( DBusCredentials credentials)

Checks whether a credentials object contains anything.

Parameters
credentialsthe object
Returns
TRUE if there are no credentials in the object

Definition at line 538 of file dbus-credentials.c.

References DBUS_PID_UNSET, DBUS_UID_UNSET, and NULL.

Referenced by _dbus_auth_get_identity().

◆ _dbus_credentials_are_superset()

dbus_bool_t _dbus_credentials_are_superset ( DBusCredentials credentials,
DBusCredentials possible_subset 
)

Checks whether the first credentials object contains all the credentials found in the second credentials object.

Parameters
credentialsthe object
possible_subsetsee if credentials in here are also in the first arg
Returns
TRUE if second arg is contained in first

Definition at line 506 of file dbus-credentials.c.

References DBUS_PID_UNSET, DBUS_UID_UNSET, and NULL.

◆ _dbus_credentials_clear()

void _dbus_credentials_clear ( DBusCredentials credentials)

Clear all credentials in the object.

Parameters
credentialsthe object

Definition at line 688 of file dbus-credentials.c.

References dbus_free(), DBUS_PID_UNSET, DBUS_UID_UNSET, and NULL.

Referenced by _dbus_auth_set_credentials(), and _dbus_read_credentials_socket().

◆ _dbus_credentials_copy()

DBusCredentials * _dbus_credentials_copy ( DBusCredentials credentials)

Copy a credentials object.

Parameters
credentialsthe object
Returns
the copy or NULL

Definition at line 718 of file dbus-credentials.c.

References _dbus_credentials_add_credentials(), _dbus_credentials_new(), _dbus_credentials_unref(), and NULL.

Referenced by _dbus_keyring_new_for_credentials().

◆ _dbus_credentials_get_adt_audit_data()

void * _dbus_credentials_get_adt_audit_data ( DBusCredentials credentials)

Gets the ADT audit data in the credentials, or NULL if the credentials object doesn't contain ADT audit data.

Parameters
credentialsthe object
Returns
Solaris ADT audit data

Definition at line 479 of file dbus-credentials.c.

Referenced by _dbus_transport_get_adt_audit_session_data().

◆ _dbus_credentials_get_adt_audit_data_size()

dbus_int32_t _dbus_credentials_get_adt_audit_data_size ( DBusCredentials credentials)

Gets the ADT audit data size in the credentials, or 0 if the credentials object doesn't contain ADT audit data.

Parameters
credentialsthe object
Returns
Solaris ADT audit data size

Definition at line 492 of file dbus-credentials.c.

Referenced by _dbus_transport_get_adt_audit_session_data().

◆ _dbus_credentials_get_linux_security_label()

const char * _dbus_credentials_get_linux_security_label ( DBusCredentials credentials)

Gets the Linux security label (as used by LSMs) from the credentials, or NULL if the credentials object doesn't contain a security label.

Parameters
credentialsthe object
Returns
the security label

Definition at line 466 of file dbus-credentials.c.

◆ _dbus_credentials_get_pid()

dbus_pid_t _dbus_credentials_get_pid ( DBusCredentials credentials)

Gets the UNIX process ID in the credentials, or DBUS_PID_UNSET if the credentials object doesn't contain a process ID.

If the PID FD is set, it will first try to resolve from it, and only return the stored PID if that fails.

Parameters
credentialsthe object
Returns
UNIX process ID

Definition at line 401 of file dbus-credentials.c.

References _dbus_resolve_pid_fd().

Referenced by _dbus_credentials_to_string_append(), and _dbus_transport_get_unix_process_id().

◆ _dbus_credentials_get_pid_fd()

int _dbus_credentials_get_pid_fd ( DBusCredentials credentials)

Gets the UNIX process ID FD in the credentials as obtained by 'safe' means (e.g.: Linux's SO_PEERPIDFD), or -1 if the credentials object doesn't contain a process ID FD.

The file FD is owned by the credentials object and must not be closed by the caller.

Parameters
credentialsthe object
Returns
UNIX process ID FD

Definition at line 427 of file dbus-credentials.c.

◆ _dbus_credentials_get_unix_gids()

dbus_bool_t _dbus_credentials_get_unix_gids ( DBusCredentials credentials,
const dbus_gid_t **  gids,
size_t *  n_gids 
)

Get the Unix group IDs.

Parameters
credentialsthe object
gidsthe group IDs, which will be freed by the DBusCredentials object
n_gidsthe number of group IDs

Definition at line 272 of file dbus-credentials.c.

References NULL.

◆ _dbus_credentials_get_unix_uid()

dbus_uid_t _dbus_credentials_get_unix_uid ( DBusCredentials credentials)

Gets the UNIX user ID in the credentials, or DBUS_UID_UNSET if the credentials object doesn't contain a user ID.

Parameters
credentialsthe object
Returns
UNIX user ID

Definition at line 440 of file dbus-credentials.c.

Referenced by _dbus_append_keyring_directory_for_credentials(), and _dbus_transport_get_unix_user().

◆ _dbus_credentials_get_windows_sid()

const char * _dbus_credentials_get_windows_sid ( DBusCredentials credentials)

Gets the Windows user SID in the credentials, or NULL if the credentials object doesn't contain a Windows user SID.

Parameters
credentialsthe object
Returns
Windows user SID

Definition at line 453 of file dbus-credentials.c.

Referenced by _dbus_transport_get_windows_user().

◆ _dbus_credentials_include()

dbus_bool_t _dbus_credentials_include ( DBusCredentials credentials,
DBusCredentialType  type 
)

Checks whether the given credential is present.

Parameters
credentialsthe object
typethe credential to check for
Returns
TRUE if the credential is present

Definition at line 365 of file dbus-credentials.c.

References _dbus_assert_not_reached, DBUS_PID_UNSET, DBUS_UID_UNSET, FALSE, and NULL.

Referenced by _dbus_transport_get_adt_audit_session_data(), _dbus_transport_get_unix_process_id(), _dbus_transport_get_unix_user(), _dbus_transport_get_windows_user(), and _dbus_transport_try_to_authenticate().

◆ _dbus_credentials_new()

DBusCredentials * _dbus_credentials_new ( void  )

Creates a new credentials object.

Returns
the new object or NULL if no memory

Definition at line 86 of file dbus-credentials.c.

References dbus_new, DBUS_PID_UNSET, DBUS_UID_UNSET, and NULL.

Referenced by _dbus_credentials_copy(), _dbus_credentials_new_from_current_process(), and _dbus_transport_init_base().

◆ _dbus_credentials_new_from_current_process()

DBusCredentials * _dbus_credentials_new_from_current_process ( void  )

Creates a new object with the most important credentials (user ID and process ID) from the current process.

Returns
the new object or NULL if no memory

Definition at line 113 of file dbus-credentials.c.

References _dbus_credentials_add_from_current_process(), _dbus_credentials_new(), _dbus_credentials_unref(), and NULL.

Referenced by _dbus_keyring_new_for_credentials().

◆ _dbus_credentials_ref()

void _dbus_credentials_ref ( DBusCredentials credentials)

Increment refcount on credentials.

Parameters
credentialsthe object

Definition at line 136 of file dbus-credentials.c.

References _dbus_assert.

◆ _dbus_credentials_same_user()

dbus_bool_t _dbus_credentials_same_user ( DBusCredentials credentials,
DBusCredentials other_credentials 
)

Check whether the user-identifying credentials in two credentials objects are identical.

Credentials that are not related to the user are ignored, but any kind of user ID credentials must be the same (UNIX user ID, Windows user SID, etc.) and present in both objects for the function to return TRUE.

Parameters
credentialsthe object
other_credentialscredentials to compare
Returns
TRUE if the two credentials refer to the same user

Definition at line 747 of file dbus-credentials.c.

Referenced by _dbus_keyring_is_for_credentials().

◆ _dbus_credentials_take_pid_fd()

_DBUS_GNUC_NORETURN void _dbus_credentials_take_pid_fd ( DBusCredentials credentials,
int  pid_fd 
)

Add a UNIX process ID FD to the credentials.

The FD is now owned by the credentials object.

Parameters
credentialsthe object
pid_fdthe process ID FD
Returns
FALSE if no memory

Definition at line 200 of file dbus-credentials.c.

References _dbus_assert_not_reached.

Referenced by _dbus_credentials_add_credential(), _dbus_credentials_add_from_current_process(), and _dbus_read_credentials_socket().

◆ _dbus_credentials_take_unix_gids()

void _dbus_credentials_take_unix_gids ( DBusCredentials credentials,
dbus_gid_t gids,
size_t  n_gids 
)

Add UNIX group IDs to the credentials, replacing any group IDs that might already have been present.

Parameters
credentialsthe object
gidsthe group IDs, which will be freed by the DBusCredentials object
n_gidsthe number of group IDs

Definition at line 252 of file dbus-credentials.c.

References dbus_free().

Referenced by _dbus_credentials_add_credential().

◆ _dbus_credentials_to_string_append()

dbus_bool_t _dbus_credentials_to_string_append ( DBusCredentials credentials,
DBusString string 
)

Convert the credentials in this object to a human-readable string format, and append to the given string.

Parameters
credentialsthe object
stringappend to this string
Returns
FALSE if no memory

Definition at line 768 of file dbus-credentials.c.

References _dbus_credentials_get_pid(), _dbus_string_append_printf(), DBUS_GID_FORMAT, DBUS_PID_FORMAT, DBUS_PID_UNSET, DBUS_UID_FORMAT, DBUS_UID_UNSET, FALSE, NULL, and TRUE.

◆ _dbus_credentials_unref()

void _dbus_credentials_unref ( DBusCredentials credentials)