D-Bus  1.10.24
dbus-sysdeps-unix.c
1 /* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
2 /* dbus-sysdeps-unix.c Wrappers around UNIX system/libc features (internal to D-Bus implementation)
3  *
4  * Copyright (C) 2002, 2003, 2006 Red Hat, Inc.
5  * Copyright (C) 2003 CodeFactory AB
6  *
7  * Licensed under the Academic Free License version 2.1
8  *
9  * This program is free software; you can redistribute it and/or modify
10  * it under the terms of the GNU General Public License as published by
11  * the Free Software Foundation; either version 2 of the License, or
12  * (at your option) any later version.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  * GNU General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License
20  * along with this program; if not, write to the Free Software
21  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
22  *
23  */
24 
25 #include <config.h>
26 
27 #include "dbus-internals.h"
28 #include "dbus-sysdeps.h"
29 #include "dbus-sysdeps-unix.h"
30 #include "dbus-threads.h"
31 #include "dbus-protocol.h"
32 #include "dbus-file.h"
33 #include "dbus-transport.h"
34 #include "dbus-string.h"
35 #include "dbus-userdb.h"
36 #include "dbus-list.h"
37 #include "dbus-credentials.h"
38 #include "dbus-nonce.h"
39 
40 #include <sys/types.h>
41 #include <stdlib.h>
42 #include <string.h>
43 #include <signal.h>
44 #include <unistd.h>
45 #include <stdio.h>
46 #include <fcntl.h>
47 #include <sys/socket.h>
48 #include <dirent.h>
49 #include <sys/un.h>
50 #include <pwd.h>
51 #include <time.h>
52 #include <locale.h>
53 #include <sys/time.h>
54 #include <sys/stat.h>
55 #include <sys/wait.h>
56 #include <netinet/in.h>
57 #include <netinet/tcp.h>
58 #include <netdb.h>
59 #include <grp.h>
60 #include <arpa/inet.h>
61 
62 #ifdef HAVE_ERRNO_H
63 #include <errno.h>
64 #endif
65 #ifdef HAVE_WRITEV
66 #include <sys/uio.h>
67 #endif
68 #ifdef HAVE_POLL
69 #include <sys/poll.h>
70 #endif
71 #ifdef HAVE_BACKTRACE
72 #include <execinfo.h>
73 #endif
74 #ifdef HAVE_GETPEERUCRED
75 #include <ucred.h>
76 #endif
77 #ifdef HAVE_ALLOCA_H
78 #include <alloca.h>
79 #endif
80 
81 #ifdef HAVE_ADT
82 #include <bsm/adt.h>
83 #endif
84 
85 #ifdef HAVE_SYSTEMD
86 #include <systemd/sd-daemon.h>
87 #endif
88 
89 #if !DBUS_USE_SYNC
90 #include <pthread.h>
91 #endif
92 
93 #ifndef O_BINARY
94 #define O_BINARY 0
95 #endif
96 
97 #ifndef AI_ADDRCONFIG
98 #define AI_ADDRCONFIG 0
99 #endif
100 
101 #ifndef HAVE_SOCKLEN_T
102 #define socklen_t int
103 #endif
104 
105 #if defined (__sun) || defined (__sun__)
106 /*
107  * CMS_SPACE etc. definitions for Solaris < 10, based on
108  * http://mailman.videolan.org/pipermail/vlc-devel/2006-May/024402.html
109  * via
110  * http://wiki.opencsw.org/porting-faq#toc10
111  *
112  * These are only redefined for Solaris, for now: if your OS needs these too,
113  * please file a bug. (Or preferably, improve your OS so they're not needed.)
114  */
115 
116 # ifndef CMSG_ALIGN
117 # ifdef __sun__
118 # define CMSG_ALIGN(len) _CMSG_DATA_ALIGN (len)
119 # else
120  /* aligning to sizeof (long) is assumed to be portable (fd.o#40235) */
121 # define CMSG_ALIGN(len) (((len) + sizeof (long) - 1) & \
122  ~(sizeof (long) - 1))
123 # endif
124 # endif
125 
126 # ifndef CMSG_SPACE
127 # define CMSG_SPACE(len) (CMSG_ALIGN (sizeof (struct cmsghdr)) + \
128  CMSG_ALIGN (len))
129 # endif
130 
131 # ifndef CMSG_LEN
132 # define CMSG_LEN(len) (CMSG_ALIGN (sizeof (struct cmsghdr)) + (len))
133 # endif
134 
135 #endif /* Solaris */
136 
152 _dbus_ensure_standard_fds (DBusEnsureStandardFdsFlags flags,
153  const char **error_str_p)
154 {
155  static int const relevant_flag[] = { DBUS_FORCE_STDIN_NULL,
156  DBUS_FORCE_STDOUT_NULL,
157  DBUS_FORCE_STDERR_NULL };
158  /* Should always get replaced with the real error before use */
159  const char *error_str = "Failed mysteriously";
160  int devnull = -1;
161  int saved_errno;
162  /* This function relies on the standard fds having their POSIX values. */
163  _DBUS_STATIC_ASSERT (STDIN_FILENO == 0);
164  _DBUS_STATIC_ASSERT (STDOUT_FILENO == 1);
165  _DBUS_STATIC_ASSERT (STDERR_FILENO == 2);
166  int i;
167 
168  for (i = STDIN_FILENO; i <= STDERR_FILENO; i++)
169  {
170  /* Because we rely on being single-threaded, and we want the
171  * standard fds to not be close-on-exec, we don't set it
172  * close-on-exec. */
173  if (devnull < i)
174  devnull = open ("/dev/null", O_RDWR);
175 
176  if (devnull < 0)
177  {
178  error_str = "Failed to open /dev/null";
179  goto out;
180  }
181 
182  /* We already opened all fds < i, so the only way this assertion
183  * could fail is if another thread closed one, and we document
184  * this function as not safe for multi-threading. */
185  _dbus_assert (devnull >= i);
186 
187  if (devnull != i && (flags & relevant_flag[i]) != 0)
188  {
189  if (dup2 (devnull, i) < 0)
190  {
191  error_str = "Failed to dup2 /dev/null onto a standard fd";
192  goto out;
193  }
194  }
195  }
196 
197  error_str = NULL;
198 
199 out:
200  saved_errno = errno;
201 
202  if (devnull > STDERR_FILENO)
203  close (devnull);
204 
205  if (error_str_p != NULL)
206  *error_str_p = error_str;
207 
208  errno = saved_errno;
209  return (error_str == NULL);
210 }
211 
212 static dbus_bool_t _dbus_set_fd_nonblocking (int fd,
213  DBusError *error);
214 
215 static dbus_bool_t
216 _dbus_open_socket (int *fd_p,
217  int domain,
218  int type,
219  int protocol,
220  DBusError *error)
221 {
222 #ifdef SOCK_CLOEXEC
223  dbus_bool_t cloexec_done;
224 
225  *fd_p = socket (domain, type | SOCK_CLOEXEC, protocol);
226  cloexec_done = *fd_p >= 0;
227 
228  /* Check if kernel seems to be too old to know SOCK_CLOEXEC */
229  if (*fd_p < 0 && (errno == EINVAL || errno == EPROTOTYPE))
230 #endif
231  {
232  *fd_p = socket (domain, type, protocol);
233  }
234 
235  if (*fd_p >= 0)
236  {
237 #ifdef SOCK_CLOEXEC
238  if (!cloexec_done)
239 #endif
240  {
242  }
243 
244  _dbus_verbose ("socket fd %d opened\n", *fd_p);
245  return TRUE;
246  }
247  else
248  {
249  dbus_set_error(error,
250  _dbus_error_from_errno (errno),
251  "Failed to open socket: %s",
252  _dbus_strerror (errno));
253  return FALSE;
254  }
255 }
256 
267 static dbus_bool_t
268 _dbus_open_unix_socket (int *fd,
269  DBusError *error)
270 {
271  return _dbus_open_socket(fd, PF_UNIX, SOCK_STREAM, 0, error);
272 }
273 
284  DBusError *error)
285 {
286  return _dbus_close (fd.fd, error);
287 }
288 
298 int
300  DBusString *buffer,
301  int count)
302 {
303  return _dbus_read (fd.fd, buffer, count);
304 }
305 
316 int
318  const DBusString *buffer,
319  int start,
320  int len)
321 {
322 #if HAVE_DECL_MSG_NOSIGNAL
323  const char *data;
324  int bytes_written;
325 
326  data = _dbus_string_get_const_data_len (buffer, start, len);
327 
328  again:
329 
330  bytes_written = send (fd.fd, data, len, MSG_NOSIGNAL);
331 
332  if (bytes_written < 0 && errno == EINTR)
333  goto again;
334 
335  return bytes_written;
336 
337 #else
338  return _dbus_write (fd.fd, buffer, start, len);
339 #endif
340 }
341 
354 int
356  DBusString *buffer,
357  int count,
358  int *fds,
359  int *n_fds) {
360 #ifndef HAVE_UNIX_FD_PASSING
361  int r;
362 
363  if ((r = _dbus_read_socket(fd, buffer, count)) < 0)
364  return r;
365 
366  *n_fds = 0;
367  return r;
368 
369 #else
370  int bytes_read;
371  int start;
372  struct msghdr m;
373  struct iovec iov;
374 
375  _dbus_assert (count >= 0);
376  _dbus_assert (*n_fds >= 0);
377 
378  start = _dbus_string_get_length (buffer);
379 
380  if (!_dbus_string_lengthen (buffer, count))
381  {
382  errno = ENOMEM;
383  return -1;
384  }
385 
386  _DBUS_ZERO(iov);
387  iov.iov_base = _dbus_string_get_data_len (buffer, start, count);
388  iov.iov_len = count;
389 
390  _DBUS_ZERO(m);
391  m.msg_iov = &iov;
392  m.msg_iovlen = 1;
393 
394  /* Hmm, we have no clue how long the control data will actually be
395  that is queued for us. The least we can do is assume that the
396  caller knows. Hence let's make space for the number of fds that
397  we shall read at max plus the cmsg header. */
398  m.msg_controllen = CMSG_SPACE(*n_fds * sizeof(int));
399 
400  /* It's probably safe to assume that systems with SCM_RIGHTS also
401  know alloca() */
402  m.msg_control = alloca(m.msg_controllen);
403  memset(m.msg_control, 0, m.msg_controllen);
404 
405  /* Do not include the padding at the end when we tell the kernel
406  * how much we're willing to receive. This avoids getting
407  * the padding filled with additional fds that we weren't expecting,
408  * if a (potentially malicious) sender included them. (fd.o #83622) */
409  m.msg_controllen = CMSG_LEN (*n_fds * sizeof(int));
410 
411  again:
412 
413  bytes_read = recvmsg (fd.fd, &m, 0
414 #ifdef MSG_CMSG_CLOEXEC
415  |MSG_CMSG_CLOEXEC
416 #endif
417  );
418 
419  if (bytes_read < 0)
420  {
421  if (errno == EINTR)
422  goto again;
423  else
424  {
425  /* put length back (note that this doesn't actually realloc anything) */
426  _dbus_string_set_length (buffer, start);
427  return -1;
428  }
429  }
430  else
431  {
432  struct cmsghdr *cm;
433  dbus_bool_t found = FALSE;
434 
435  if (m.msg_flags & MSG_CTRUNC)
436  {
437  /* Hmm, apparently the control data was truncated. The bad
438  thing is that we might have completely lost a couple of fds
439  without chance to recover them. Hence let's treat this as a
440  serious error. */
441 
442  errno = ENOSPC;
443  _dbus_string_set_length (buffer, start);
444  return -1;
445  }
446 
447  for (cm = CMSG_FIRSTHDR(&m); cm; cm = CMSG_NXTHDR(&m, cm))
448  if (cm->cmsg_level == SOL_SOCKET && cm->cmsg_type == SCM_RIGHTS)
449  {
450  size_t i;
451  int *payload = (int *) CMSG_DATA (cm);
452  size_t payload_len_bytes = (cm->cmsg_len - CMSG_LEN (0));
453  size_t payload_len_fds = payload_len_bytes / sizeof (int);
454  size_t fds_to_use;
455 
456  /* Every non-negative int fits in a size_t without truncation,
457  * and we already know that *n_fds is non-negative, so
458  * casting (size_t) *n_fds is OK */
459  _DBUS_STATIC_ASSERT (sizeof (size_t) >= sizeof (int));
460 
461  if (_DBUS_LIKELY (payload_len_fds <= (size_t) *n_fds))
462  {
463  /* The fds in the payload will fit in our buffer */
464  fds_to_use = payload_len_fds;
465  }
466  else
467  {
468  /* Too many fds in the payload. This shouldn't happen
469  * any more because we're setting m.msg_controllen to
470  * the exact number we can accept, but be safe and
471  * truncate. */
472  fds_to_use = (size_t) *n_fds;
473 
474  /* Close the excess fds to avoid DoS: if they stayed open,
475  * someone could send us an extra fd per message
476  * and we'd eventually run out. */
477  for (i = fds_to_use; i < payload_len_fds; i++)
478  {
479  close (payload[i]);
480  }
481  }
482 
483  memcpy (fds, payload, fds_to_use * sizeof (int));
484  found = TRUE;
485  /* This cannot overflow because we have chosen fds_to_use
486  * to be <= *n_fds */
487  *n_fds = (int) fds_to_use;
488 
489  /* Linux doesn't tell us whether MSG_CMSG_CLOEXEC actually
490  worked, hence we need to go through this list and set
491  CLOEXEC everywhere in any case */
492  for (i = 0; i < fds_to_use; i++)
494 
495  break;
496  }
497 
498  if (!found)
499  *n_fds = 0;
500 
501  /* put length back (doesn't actually realloc) */
502  _dbus_string_set_length (buffer, start + bytes_read);
503 
504 #if 0
505  if (bytes_read > 0)
506  _dbus_verbose_bytes_of_string (buffer, start, bytes_read);
507 #endif
508 
509  return bytes_read;
510  }
511 #endif
512 }
513 
514 int
515 _dbus_write_socket_with_unix_fds(DBusSocket fd,
516  const DBusString *buffer,
517  int start,
518  int len,
519  const int *fds,
520  int n_fds) {
521 
522 #ifndef HAVE_UNIX_FD_PASSING
523 
524  if (n_fds > 0) {
525  errno = ENOTSUP;
526  return -1;
527  }
528 
529  return _dbus_write_socket(fd, buffer, start, len);
530 #else
531  return _dbus_write_socket_with_unix_fds_two(fd, buffer, start, len, NULL, 0, 0, fds, n_fds);
532 #endif
533 }
534 
535 int
536 _dbus_write_socket_with_unix_fds_two(DBusSocket fd,
537  const DBusString *buffer1,
538  int start1,
539  int len1,
540  const DBusString *buffer2,
541  int start2,
542  int len2,
543  const int *fds,
544  int n_fds) {
545 
546 #ifndef HAVE_UNIX_FD_PASSING
547 
548  if (n_fds > 0) {
549  errno = ENOTSUP;
550  return -1;
551  }
552 
553  return _dbus_write_socket_two(fd,
554  buffer1, start1, len1,
555  buffer2, start2, len2);
556 #else
557 
558  struct msghdr m;
559  struct cmsghdr *cm;
560  struct iovec iov[2];
561  int bytes_written;
562 
563  _dbus_assert (len1 >= 0);
564  _dbus_assert (len2 >= 0);
565  _dbus_assert (n_fds >= 0);
566 
567  _DBUS_ZERO(iov);
568  iov[0].iov_base = (char*) _dbus_string_get_const_data_len (buffer1, start1, len1);
569  iov[0].iov_len = len1;
570 
571  if (buffer2)
572  {
573  iov[1].iov_base = (char*) _dbus_string_get_const_data_len (buffer2, start2, len2);
574  iov[1].iov_len = len2;
575  }
576 
577  _DBUS_ZERO(m);
578  m.msg_iov = iov;
579  m.msg_iovlen = buffer2 ? 2 : 1;
580 
581  if (n_fds > 0)
582  {
583  m.msg_controllen = CMSG_SPACE(n_fds * sizeof(int));
584  m.msg_control = alloca(m.msg_controllen);
585  memset(m.msg_control, 0, m.msg_controllen);
586 
587  cm = CMSG_FIRSTHDR(&m);
588  cm->cmsg_level = SOL_SOCKET;
589  cm->cmsg_type = SCM_RIGHTS;
590  cm->cmsg_len = CMSG_LEN(n_fds * sizeof(int));
591  memcpy(CMSG_DATA(cm), fds, n_fds * sizeof(int));
592  }
593 
594  again:
595 
596  bytes_written = sendmsg (fd.fd, &m, 0
597 #if HAVE_DECL_MSG_NOSIGNAL
598  |MSG_NOSIGNAL
599 #endif
600  );
601 
602  if (bytes_written < 0 && errno == EINTR)
603  goto again;
604 
605 #if 0
606  if (bytes_written > 0)
607  _dbus_verbose_bytes_of_string (buffer, start, bytes_written);
608 #endif
609 
610  return bytes_written;
611 #endif
612 }
613 
627 int
629  const DBusString *buffer1,
630  int start1,
631  int len1,
632  const DBusString *buffer2,
633  int start2,
634  int len2)
635 {
636 #if HAVE_DECL_MSG_NOSIGNAL
637  struct iovec vectors[2];
638  const char *data1;
639  const char *data2;
640  int bytes_written;
641  struct msghdr m;
642 
643  _dbus_assert (buffer1 != NULL);
644  _dbus_assert (start1 >= 0);
645  _dbus_assert (start2 >= 0);
646  _dbus_assert (len1 >= 0);
647  _dbus_assert (len2 >= 0);
648 
649  data1 = _dbus_string_get_const_data_len (buffer1, start1, len1);
650 
651  if (buffer2 != NULL)
652  data2 = _dbus_string_get_const_data_len (buffer2, start2, len2);
653  else
654  {
655  data2 = NULL;
656  start2 = 0;
657  len2 = 0;
658  }
659 
660  vectors[0].iov_base = (char*) data1;
661  vectors[0].iov_len = len1;
662  vectors[1].iov_base = (char*) data2;
663  vectors[1].iov_len = len2;
664 
665  _DBUS_ZERO(m);
666  m.msg_iov = vectors;
667  m.msg_iovlen = data2 ? 2 : 1;
668 
669  again:
670 
671  bytes_written = sendmsg (fd.fd, &m, MSG_NOSIGNAL);
672 
673  if (bytes_written < 0 && errno == EINTR)
674  goto again;
675 
676  return bytes_written;
677 
678 #else
679  return _dbus_write_two (fd.fd, buffer1, start1, len1,
680  buffer2, start2, len2);
681 #endif
682 }
683 
700 int
701 _dbus_read (int fd,
702  DBusString *buffer,
703  int count)
704 {
705  int bytes_read;
706  int start;
707  char *data;
708 
709  _dbus_assert (count >= 0);
710 
711  start = _dbus_string_get_length (buffer);
712 
713  if (!_dbus_string_lengthen (buffer, count))
714  {
715  errno = ENOMEM;
716  return -1;
717  }
718 
719  data = _dbus_string_get_data_len (buffer, start, count);
720 
721  again:
722 
723  bytes_read = read (fd, data, count);
724 
725  if (bytes_read < 0)
726  {
727  if (errno == EINTR)
728  goto again;
729  else
730  {
731  /* put length back (note that this doesn't actually realloc anything) */
732  _dbus_string_set_length (buffer, start);
733  return -1;
734  }
735  }
736  else
737  {
738  /* put length back (doesn't actually realloc) */
739  _dbus_string_set_length (buffer, start + bytes_read);
740 
741 #if 0
742  if (bytes_read > 0)
743  _dbus_verbose_bytes_of_string (buffer, start, bytes_read);
744 #endif
745 
746  return bytes_read;
747  }
748 }
749 
760 int
761 _dbus_write (int fd,
762  const DBusString *buffer,
763  int start,
764  int len)
765 {
766  const char *data;
767  int bytes_written;
768 
769  data = _dbus_string_get_const_data_len (buffer, start, len);
770 
771  again:
772 
773  bytes_written = write (fd, data, len);
774 
775  if (bytes_written < 0 && errno == EINTR)
776  goto again;
777 
778 #if 0
779  if (bytes_written > 0)
780  _dbus_verbose_bytes_of_string (buffer, start, bytes_written);
781 #endif
782 
783  return bytes_written;
784 }
785 
806 int
808  const DBusString *buffer1,
809  int start1,
810  int len1,
811  const DBusString *buffer2,
812  int start2,
813  int len2)
814 {
815  _dbus_assert (buffer1 != NULL);
816  _dbus_assert (start1 >= 0);
817  _dbus_assert (start2 >= 0);
818  _dbus_assert (len1 >= 0);
819  _dbus_assert (len2 >= 0);
820 
821 #ifdef HAVE_WRITEV
822  {
823  struct iovec vectors[2];
824  const char *data1;
825  const char *data2;
826  int bytes_written;
827 
828  data1 = _dbus_string_get_const_data_len (buffer1, start1, len1);
829 
830  if (buffer2 != NULL)
831  data2 = _dbus_string_get_const_data_len (buffer2, start2, len2);
832  else
833  {
834  data2 = NULL;
835  start2 = 0;
836  len2 = 0;
837  }
838 
839  vectors[0].iov_base = (char*) data1;
840  vectors[0].iov_len = len1;
841  vectors[1].iov_base = (char*) data2;
842  vectors[1].iov_len = len2;
843 
844  again:
845 
846  bytes_written = writev (fd,
847  vectors,
848  data2 ? 2 : 1);
849 
850  if (bytes_written < 0 && errno == EINTR)
851  goto again;
852 
853  return bytes_written;
854  }
855 #else /* HAVE_WRITEV */
856  {
857  int ret1, ret2;
858 
859  ret1 = _dbus_write (fd, buffer1, start1, len1);
860  if (ret1 == len1 && buffer2 != NULL)
861  {
862  ret2 = _dbus_write (fd, buffer2, start2, len2);
863  if (ret2 < 0)
864  ret2 = 0; /* we can't report an error as the first write was OK */
865 
866  return ret1 + ret2;
867  }
868  else
869  return ret1;
870  }
871 #endif /* !HAVE_WRITEV */
872 }
873 
874 #define _DBUS_MAX_SUN_PATH_LENGTH 99
875 
905 int
906 _dbus_connect_unix_socket (const char *path,
907  dbus_bool_t abstract,
908  DBusError *error)
909 {
910  int fd;
911  size_t path_len;
912  struct sockaddr_un addr;
913 
914  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
915 
916  _dbus_verbose ("connecting to unix socket %s abstract=%d\n",
917  path, abstract);
918 
919 
920  if (!_dbus_open_unix_socket (&fd, error))
921  {
922  _DBUS_ASSERT_ERROR_IS_SET(error);
923  return -1;
924  }
925  _DBUS_ASSERT_ERROR_IS_CLEAR(error);
926 
927  _DBUS_ZERO (addr);
928  addr.sun_family = AF_UNIX;
929  path_len = strlen (path);
930 
931  if (abstract)
932  {
933 #ifdef HAVE_ABSTRACT_SOCKETS
934  addr.sun_path[0] = '\0'; /* this is what says "use abstract" */
935  path_len++; /* Account for the extra nul byte added to the start of sun_path */
936 
937  if (path_len > _DBUS_MAX_SUN_PATH_LENGTH)
938  {
940  "Abstract socket name too long\n");
941  _dbus_close (fd, NULL);
942  return -1;
943  }
944 
945  strncpy (&addr.sun_path[1], path, path_len);
946  /* _dbus_verbose_bytes (addr.sun_path, sizeof (addr.sun_path)); */
947 #else /* HAVE_ABSTRACT_SOCKETS */
949  "Operating system does not support abstract socket namespace\n");
950  _dbus_close (fd, NULL);
951  return -1;
952 #endif /* ! HAVE_ABSTRACT_SOCKETS */
953  }
954  else
955  {
956  if (path_len > _DBUS_MAX_SUN_PATH_LENGTH)
957  {
959  "Socket name too long\n");
960  _dbus_close (fd, NULL);
961  return -1;
962  }
963 
964  strncpy (addr.sun_path, path, path_len);
965  }
966 
967  if (connect (fd, (struct sockaddr*) &addr, _DBUS_STRUCT_OFFSET (struct sockaddr_un, sun_path) + path_len) < 0)
968  {
969  dbus_set_error (error,
970  _dbus_error_from_errno (errno),
971  "Failed to connect to socket %s: %s",
972  path, _dbus_strerror (errno));
973 
974  _dbus_close (fd, NULL);
975  return -1;
976  }
977 
978  if (!_dbus_set_fd_nonblocking (fd, error))
979  {
980  _DBUS_ASSERT_ERROR_IS_SET (error);
981 
982  _dbus_close (fd, NULL);
983  return -1;
984  }
985 
986  return fd;
987 }
988 
1001 int
1002 _dbus_connect_exec (const char *path,
1003  char *const argv[],
1004  DBusError *error)
1005 {
1006  int fds[2];
1007  pid_t pid;
1008  int retval;
1009  dbus_bool_t cloexec_done = 0;
1010 
1011  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1012 
1013  _dbus_verbose ("connecting to process %s\n", path);
1014 
1015 #ifdef SOCK_CLOEXEC
1016  retval = socketpair (AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0, fds);
1017  cloexec_done = (retval >= 0);
1018 
1019  if (retval < 0 && (errno == EINVAL || errno == EPROTOTYPE))
1020 #endif
1021  {
1022  retval = socketpair (AF_UNIX, SOCK_STREAM, 0, fds);
1023  }
1024 
1025  if (retval < 0)
1026  {
1027  dbus_set_error (error,
1028  _dbus_error_from_errno (errno),
1029  "Failed to create socket pair: %s",
1030  _dbus_strerror (errno));
1031  return -1;
1032  }
1033 
1034  if (!cloexec_done)
1035  {
1036  _dbus_fd_set_close_on_exec (fds[0]);
1037  _dbus_fd_set_close_on_exec (fds[1]);
1038  }
1039 
1040  pid = fork ();
1041  if (pid < 0)
1042  {
1043  dbus_set_error (error,
1044  _dbus_error_from_errno (errno),
1045  "Failed to fork() to call %s: %s",
1046  path, _dbus_strerror (errno));
1047  close (fds[0]);
1048  close (fds[1]);
1049  return -1;
1050  }
1051 
1052  if (pid == 0)
1053  {
1054  /* child */
1055  close (fds[0]);
1056 
1057  dup2 (fds[1], STDIN_FILENO);
1058  dup2 (fds[1], STDOUT_FILENO);
1059 
1060  if (fds[1] != STDIN_FILENO &&
1061  fds[1] != STDOUT_FILENO)
1062  close (fds[1]);
1063 
1064  /* Inherit STDERR and the controlling terminal from the
1065  parent */
1066 
1067  _dbus_close_all ();
1068 
1069  execvp (path, argv);
1070 
1071  fprintf (stderr, "Failed to execute process %s: %s\n", path, _dbus_strerror (errno));
1072 
1073  _exit(1);
1074  }
1075 
1076  /* parent */
1077  close (fds[1]);
1078 
1079  if (!_dbus_set_fd_nonblocking (fds[0], error))
1080  {
1081  _DBUS_ASSERT_ERROR_IS_SET (error);
1082 
1083  close (fds[0]);
1084  return -1;
1085  }
1086 
1087  return fds[0];
1088 }
1089 
1107 int
1108 _dbus_listen_unix_socket (const char *path,
1109  dbus_bool_t abstract,
1110  DBusError *error)
1111 {
1112  int listen_fd;
1113  struct sockaddr_un addr;
1114  size_t path_len;
1115 
1116  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1117 
1118  _dbus_verbose ("listening on unix socket %s abstract=%d\n",
1119  path, abstract);
1120 
1121  if (!_dbus_open_unix_socket (&listen_fd, error))
1122  {
1123  _DBUS_ASSERT_ERROR_IS_SET(error);
1124  return -1;
1125  }
1126  _DBUS_ASSERT_ERROR_IS_CLEAR(error);
1127 
1128  _DBUS_ZERO (addr);
1129  addr.sun_family = AF_UNIX;
1130  path_len = strlen (path);
1131 
1132  if (abstract)
1133  {
1134 #ifdef HAVE_ABSTRACT_SOCKETS
1135  /* remember that abstract names aren't nul-terminated so we rely
1136  * on sun_path being filled in with zeroes above.
1137  */
1138  addr.sun_path[0] = '\0'; /* this is what says "use abstract" */
1139  path_len++; /* Account for the extra nul byte added to the start of sun_path */
1140 
1141  if (path_len > _DBUS_MAX_SUN_PATH_LENGTH)
1142  {
1144  "Abstract socket name too long\n");
1145  _dbus_close (listen_fd, NULL);
1146  return -1;
1147  }
1148 
1149  strncpy (&addr.sun_path[1], path, path_len);
1150  /* _dbus_verbose_bytes (addr.sun_path, sizeof (addr.sun_path)); */
1151 #else /* HAVE_ABSTRACT_SOCKETS */
1153  "Operating system does not support abstract socket namespace\n");
1154  _dbus_close (listen_fd, NULL);
1155  return -1;
1156 #endif /* ! HAVE_ABSTRACT_SOCKETS */
1157  }
1158  else
1159  {
1160  /* Discussed security implications of this with Nalin,
1161  * and we couldn't think of where it would kick our ass, but
1162  * it still seems a bit sucky. It also has non-security suckage;
1163  * really we'd prefer to exit if the socket is already in use.
1164  * But there doesn't seem to be a good way to do this.
1165  *
1166  * Just to be extra careful, I threw in the stat() - clearly
1167  * the stat() can't *fix* any security issue, but it at least
1168  * avoids inadvertent/accidental data loss.
1169  */
1170  {
1171  struct stat sb;
1172 
1173  if (stat (path, &sb) == 0 &&
1174  S_ISSOCK (sb.st_mode))
1175  unlink (path);
1176  }
1177 
1178  if (path_len > _DBUS_MAX_SUN_PATH_LENGTH)
1179  {
1181  "Socket name too long\n");
1182  _dbus_close (listen_fd, NULL);
1183  return -1;
1184  }
1185 
1186  strncpy (addr.sun_path, path, path_len);
1187  }
1188 
1189  if (bind (listen_fd, (struct sockaddr*) &addr, _DBUS_STRUCT_OFFSET (struct sockaddr_un, sun_path) + path_len) < 0)
1190  {
1191  dbus_set_error (error, _dbus_error_from_errno (errno),
1192  "Failed to bind socket \"%s\": %s",
1193  path, _dbus_strerror (errno));
1194  _dbus_close (listen_fd, NULL);
1195  return -1;
1196  }
1197 
1198  if (listen (listen_fd, SOMAXCONN /* backlog */) < 0)
1199  {
1200  dbus_set_error (error, _dbus_error_from_errno (errno),
1201  "Failed to listen on socket \"%s\": %s",
1202  path, _dbus_strerror (errno));
1203  _dbus_close (listen_fd, NULL);
1204  return -1;
1205  }
1206 
1207  if (!_dbus_set_fd_nonblocking (listen_fd, error))
1208  {
1209  _DBUS_ASSERT_ERROR_IS_SET (error);
1210  _dbus_close (listen_fd, NULL);
1211  return -1;
1212  }
1213 
1214  /* Try opening up the permissions, but if we can't, just go ahead
1215  * and continue, maybe it will be good enough.
1216  */
1217  if (!abstract && chmod (path, 0777) < 0)
1218  _dbus_warn ("Could not set mode 0777 on socket %s\n",
1219  path);
1220 
1221  return listen_fd;
1222 }
1223 
1234 int
1236  DBusError *error)
1237 {
1238 #ifdef HAVE_SYSTEMD
1239  int r, n;
1240  int fd;
1241  DBusSocket *new_fds;
1242 
1243  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1244 
1245  n = sd_listen_fds (TRUE);
1246  if (n < 0)
1247  {
1249  "Failed to acquire systemd socket: %s",
1250  _dbus_strerror (-n));
1251  return -1;
1252  }
1253 
1254  if (n <= 0)
1255  {
1257  "No socket received.");
1258  return -1;
1259  }
1260 
1261  for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd ++)
1262  {
1263  r = sd_is_socket (fd, AF_UNSPEC, SOCK_STREAM, 1);
1264  if (r < 0)
1265  {
1267  "Failed to verify systemd socket type: %s",
1268  _dbus_strerror (-r));
1269  return -1;
1270  }
1271 
1272  if (!r)
1273  {
1275  "Passed socket has wrong type.");
1276  return -1;
1277  }
1278  }
1279 
1280  /* OK, the file descriptors are all good, so let's take posession of
1281  them then. */
1282 
1283  new_fds = dbus_new (DBusSocket, n);
1284  if (!new_fds)
1285  {
1287  "Failed to allocate file handle array.");
1288  goto fail;
1289  }
1290 
1291  for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd ++)
1292  {
1293  if (!_dbus_set_fd_nonblocking (fd, error))
1294  {
1295  _DBUS_ASSERT_ERROR_IS_SET (error);
1296  goto fail;
1297  }
1298 
1299  new_fds[fd - SD_LISTEN_FDS_START].fd = fd;
1300  }
1301 
1302  *fds = new_fds;
1303  return n;
1304 
1305  fail:
1306 
1307  for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd ++)
1308  {
1309  _dbus_close (fd, NULL);
1310  }
1311 
1312  dbus_free (new_fds);
1313  return -1;
1314 #else
1316  "dbus was compiled without systemd support");
1317  return -1;
1318 #endif
1319 }
1320 
1334 DBusSocket
1335 _dbus_connect_tcp_socket (const char *host,
1336  const char *port,
1337  const char *family,
1338  DBusError *error)
1339 {
1340  return _dbus_connect_tcp_socket_with_nonce (host, port, family, (const char*)NULL, error);
1341 }
1342 
1343 DBusSocket
1344 _dbus_connect_tcp_socket_with_nonce (const char *host,
1345  const char *port,
1346  const char *family,
1347  const char *noncefile,
1348  DBusError *error)
1349 {
1350  int saved_errno = 0;
1351  DBusSocket fd = DBUS_SOCKET_INIT;
1352  int res;
1353  struct addrinfo hints;
1354  struct addrinfo *ai, *tmp;
1355 
1356  _DBUS_ASSERT_ERROR_IS_CLEAR(error);
1357 
1358  _DBUS_ZERO (hints);
1359 
1360  if (!family)
1361  hints.ai_family = AF_UNSPEC;
1362  else if (!strcmp(family, "ipv4"))
1363  hints.ai_family = AF_INET;
1364  else if (!strcmp(family, "ipv6"))
1365  hints.ai_family = AF_INET6;
1366  else
1367  {
1368  dbus_set_error (error,
1370  "Unknown address family %s", family);
1371  return _dbus_socket_get_invalid ();
1372  }
1373  hints.ai_protocol = IPPROTO_TCP;
1374  hints.ai_socktype = SOCK_STREAM;
1375  hints.ai_flags = AI_ADDRCONFIG;
1376 
1377  if ((res = getaddrinfo(host, port, &hints, &ai)) != 0)
1378  {
1379  dbus_set_error (error,
1380  _dbus_error_from_errno (errno),
1381  "Failed to lookup host/port: \"%s:%s\": %s (%d)",
1382  host, port, gai_strerror(res), res);
1383  return _dbus_socket_get_invalid ();
1384  }
1385 
1386  tmp = ai;
1387  while (tmp)
1388  {
1389  if (!_dbus_open_socket (&fd.fd, tmp->ai_family, SOCK_STREAM, 0, error))
1390  {
1391  freeaddrinfo(ai);
1392  _DBUS_ASSERT_ERROR_IS_SET(error);
1393  return _dbus_socket_get_invalid ();
1394  }
1395  _DBUS_ASSERT_ERROR_IS_CLEAR(error);
1396 
1397  if (connect (fd.fd, (struct sockaddr*) tmp->ai_addr, tmp->ai_addrlen) < 0)
1398  {
1399  saved_errno = errno;
1400  _dbus_close (fd.fd, NULL);
1401  fd.fd = -1;
1402  tmp = tmp->ai_next;
1403  continue;
1404  }
1405 
1406  break;
1407  }
1408  freeaddrinfo(ai);
1409 
1410  if (fd.fd == -1)
1411  {
1412  dbus_set_error (error,
1413  _dbus_error_from_errno (saved_errno),
1414  "Failed to connect to socket \"%s:%s\" %s",
1415  host, port, _dbus_strerror(saved_errno));
1416  return _dbus_socket_get_invalid ();
1417  }
1418 
1419  if (noncefile != NULL)
1420  {
1421  DBusString noncefileStr;
1422  dbus_bool_t ret;
1423  _dbus_string_init_const (&noncefileStr, noncefile);
1424  ret = _dbus_send_nonce (fd, &noncefileStr, error);
1425  _dbus_string_free (&noncefileStr);
1426 
1427  if (!ret)
1428  {
1429  _dbus_close (fd.fd, NULL);
1430  return _dbus_socket_get_invalid ();
1431  }
1432  }
1433 
1434  if (!_dbus_set_fd_nonblocking (fd.fd, error))
1435  {
1436  _dbus_close (fd.fd, NULL);
1437  return _dbus_socket_get_invalid ();
1438  }
1439 
1440  return fd;
1441 }
1442 
1459 int
1460 _dbus_listen_tcp_socket (const char *host,
1461  const char *port,
1462  const char *family,
1463  DBusString *retport,
1464  DBusSocket **fds_p,
1465  DBusError *error)
1466 {
1467  int saved_errno;
1468  int nlisten_fd = 0, res, i;
1469  DBusSocket *listen_fd = NULL;
1470  struct addrinfo hints;
1471  struct addrinfo *ai, *tmp;
1472  unsigned int reuseaddr;
1473 
1474  *fds_p = NULL;
1475  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1476 
1477  _DBUS_ZERO (hints);
1478 
1479  if (!family)
1480  hints.ai_family = AF_UNSPEC;
1481  else if (!strcmp(family, "ipv4"))
1482  hints.ai_family = AF_INET;
1483  else if (!strcmp(family, "ipv6"))
1484  hints.ai_family = AF_INET6;
1485  else
1486  {
1487  dbus_set_error (error,
1489  "Unknown address family %s", family);
1490  return -1;
1491  }
1492 
1493  hints.ai_protocol = IPPROTO_TCP;
1494  hints.ai_socktype = SOCK_STREAM;
1495  hints.ai_flags = AI_ADDRCONFIG | AI_PASSIVE;
1496 
1497  redo_lookup_with_port:
1498  ai = NULL;
1499  if ((res = getaddrinfo(host, port, &hints, &ai)) != 0 || !ai)
1500  {
1501  dbus_set_error (error,
1502  _dbus_error_from_errno (errno),
1503  "Failed to lookup host/port: \"%s:%s\": %s (%d)",
1504  host ? host : "*", port, gai_strerror(res), res);
1505  goto failed;
1506  }
1507 
1508  tmp = ai;
1509  while (tmp)
1510  {
1511  int fd = -1, tcp_nodelay_on;
1512  DBusSocket *newlisten_fd;
1513 
1514  if (!_dbus_open_socket (&fd, tmp->ai_family, SOCK_STREAM, 0, error))
1515  {
1516  _DBUS_ASSERT_ERROR_IS_SET(error);
1517  goto failed;
1518  }
1519  _DBUS_ASSERT_ERROR_IS_CLEAR(error);
1520 
1521  reuseaddr = 1;
1522  if (setsockopt (fd, SOL_SOCKET, SO_REUSEADDR, &reuseaddr, sizeof(reuseaddr))==-1)
1523  {
1524  _dbus_warn ("Failed to set socket option \"%s:%s\": %s",
1525  host ? host : "*", port, _dbus_strerror (errno));
1526  }
1527 
1528  /* Nagle's algorithm imposes a huge delay on the initial messages
1529  going over TCP. */
1530  tcp_nodelay_on = 1;
1531  if (setsockopt (fd, IPPROTO_TCP, TCP_NODELAY, &tcp_nodelay_on, sizeof (tcp_nodelay_on)) == -1)
1532  {
1533  _dbus_warn ("Failed to set TCP_NODELAY socket option \"%s:%s\": %s",
1534  host ? host : "*", port, _dbus_strerror (errno));
1535  }
1536 
1537  if (bind (fd, (struct sockaddr*) tmp->ai_addr, tmp->ai_addrlen) < 0)
1538  {
1539  saved_errno = errno;
1540  _dbus_close(fd, NULL);
1541  if (saved_errno == EADDRINUSE)
1542  {
1543  /* Depending on kernel policy, binding to an IPv6 address
1544  might implicitly bind to a corresponding IPv4
1545  address or vice versa, resulting in EADDRINUSE for the
1546  other one (e.g. bindv6only=0 on Linux).
1547 
1548  Also, after we "goto redo_lookup_with_port" after binding
1549  a port on one of the possible addresses, we will
1550  try to bind that same port on every address, including the
1551  same address again for a second time; that one will
1552  also fail with EADDRINUSE.
1553 
1554  For both those reasons, ignore EADDRINUSE here */
1555  tmp = tmp->ai_next;
1556  continue;
1557  }
1558  dbus_set_error (error, _dbus_error_from_errno (saved_errno),
1559  "Failed to bind socket \"%s:%s\": %s",
1560  host ? host : "*", port, _dbus_strerror (saved_errno));
1561  goto failed;
1562  }
1563 
1564  if (listen (fd, 30 /* backlog */) < 0)
1565  {
1566  saved_errno = errno;
1567  _dbus_close (fd, NULL);
1568  dbus_set_error (error, _dbus_error_from_errno (saved_errno),
1569  "Failed to listen on socket \"%s:%s\": %s",
1570  host ? host : "*", port, _dbus_strerror (saved_errno));
1571  goto failed;
1572  }
1573 
1574  newlisten_fd = dbus_realloc(listen_fd, sizeof(DBusSocket)*(nlisten_fd+1));
1575  if (!newlisten_fd)
1576  {
1577  saved_errno = errno;
1578  _dbus_close (fd, NULL);
1579  dbus_set_error (error, _dbus_error_from_errno (saved_errno),
1580  "Failed to allocate file handle array: %s",
1581  _dbus_strerror (saved_errno));
1582  goto failed;
1583  }
1584  listen_fd = newlisten_fd;
1585  listen_fd[nlisten_fd].fd = fd;
1586  nlisten_fd++;
1587 
1588  if (!_dbus_string_get_length(retport))
1589  {
1590  /* If the user didn't specify a port, or used 0, then
1591  the kernel chooses a port. After the first address
1592  is bound to, we need to force all remaining addresses
1593  to use the same port */
1594  if (!port || !strcmp(port, "0"))
1595  {
1596  int result;
1597  struct sockaddr_storage addr;
1598  socklen_t addrlen;
1599  char portbuf[50];
1600 
1601  addrlen = sizeof(addr);
1602  result = getsockname(fd, (struct sockaddr*) &addr, &addrlen);
1603 
1604  if (result == -1 ||
1605  (res = getnameinfo ((struct sockaddr*)&addr, addrlen, NULL, 0,
1606  portbuf, sizeof(portbuf),
1607  NI_NUMERICHOST | NI_NUMERICSERV)) != 0)
1608  {
1609  dbus_set_error (error, _dbus_error_from_errno (errno),
1610  "Failed to resolve port \"%s:%s\": %s (%s)",
1611  host ? host : "*", port, gai_strerror(res), res);
1612  goto failed;
1613  }
1614  if (!_dbus_string_append(retport, portbuf))
1615  {
1617  goto failed;
1618  }
1619 
1620  /* Release current address list & redo lookup */
1621  port = _dbus_string_get_const_data(retport);
1622  freeaddrinfo(ai);
1623  goto redo_lookup_with_port;
1624  }
1625  else
1626  {
1627  if (!_dbus_string_append(retport, port))
1628  {
1630  goto failed;
1631  }
1632  }
1633  }
1634 
1635  tmp = tmp->ai_next;
1636  }
1637  freeaddrinfo(ai);
1638  ai = NULL;
1639 
1640  if (!nlisten_fd)
1641  {
1642  errno = EADDRINUSE;
1643  dbus_set_error (error, _dbus_error_from_errno (errno),
1644  "Failed to bind socket \"%s:%s\": %s",
1645  host ? host : "*", port, _dbus_strerror (errno));
1646  goto failed;
1647  }
1648 
1649  for (i = 0 ; i < nlisten_fd ; i++)
1650  {
1651  if (!_dbus_set_fd_nonblocking (listen_fd[i].fd, error))
1652  {
1653  goto failed;
1654  }
1655  }
1656 
1657  *fds_p = listen_fd;
1658 
1659  return nlisten_fd;
1660 
1661  failed:
1662  if (ai)
1663  freeaddrinfo(ai);
1664  for (i = 0 ; i < nlisten_fd ; i++)
1665  _dbus_close(listen_fd[i].fd, NULL);
1666  dbus_free(listen_fd);
1667  return -1;
1668 }
1669 
1670 static dbus_bool_t
1671 write_credentials_byte (int server_fd,
1672  DBusError *error)
1673 {
1674  int bytes_written;
1675  char buf[1] = { '\0' };
1676 #if defined(HAVE_CMSGCRED)
1677  union {
1678  struct cmsghdr hdr;
1679  char cred[CMSG_SPACE (sizeof (struct cmsgcred))];
1680  } cmsg;
1681  struct iovec iov;
1682  struct msghdr msg;
1683  iov.iov_base = buf;
1684  iov.iov_len = 1;
1685 
1686  _DBUS_ZERO(msg);
1687  msg.msg_iov = &iov;
1688  msg.msg_iovlen = 1;
1689 
1690  msg.msg_control = (caddr_t) &cmsg;
1691  msg.msg_controllen = CMSG_SPACE (sizeof (struct cmsgcred));
1692  _DBUS_ZERO(cmsg);
1693  cmsg.hdr.cmsg_len = CMSG_LEN (sizeof (struct cmsgcred));
1694  cmsg.hdr.cmsg_level = SOL_SOCKET;
1695  cmsg.hdr.cmsg_type = SCM_CREDS;
1696 #endif
1697 
1698  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1699 
1700  again:
1701 
1702 #if defined(HAVE_CMSGCRED)
1703  bytes_written = sendmsg (server_fd, &msg, 0
1704 #if HAVE_DECL_MSG_NOSIGNAL
1705  |MSG_NOSIGNAL
1706 #endif
1707  );
1708 
1709  /* If we HAVE_CMSGCRED, the OS still might not let us sendmsg()
1710  * with a SOL_SOCKET/SCM_CREDS message - for instance, FreeBSD
1711  * only allows that on AF_UNIX. Try just doing a send() instead. */
1712  if (bytes_written < 0 && errno == EINVAL)
1713 #endif
1714  {
1715  bytes_written = send (server_fd, buf, 1, 0
1716 #if HAVE_DECL_MSG_NOSIGNAL
1717  |MSG_NOSIGNAL
1718 #endif
1719  );
1720  }
1721 
1722  if (bytes_written < 0 && errno == EINTR)
1723  goto again;
1724 
1725  if (bytes_written < 0)
1726  {
1727  dbus_set_error (error, _dbus_error_from_errno (errno),
1728  "Failed to write credentials byte: %s",
1729  _dbus_strerror (errno));
1730  return FALSE;
1731  }
1732  else if (bytes_written == 0)
1733  {
1735  "wrote zero bytes writing credentials byte");
1736  return FALSE;
1737  }
1738  else
1739  {
1740  _dbus_assert (bytes_written == 1);
1741  _dbus_verbose ("wrote credentials byte\n");
1742  return TRUE;
1743  }
1744 }
1745 
1746 /* return FALSE on OOM, TRUE otherwise, even if no credentials were found */
1747 static dbus_bool_t
1748 add_linux_security_label_to_credentials (int client_fd,
1749  DBusCredentials *credentials)
1750 {
1751 #if defined(__linux__) && defined(SO_PEERSEC)
1752  DBusString buf;
1753  socklen_t len = 1024;
1754  dbus_bool_t oom = FALSE;
1755 
1756  if (!_dbus_string_init_preallocated (&buf, len) ||
1757  !_dbus_string_set_length (&buf, len))
1758  return FALSE;
1759 
1760  while (getsockopt (client_fd, SOL_SOCKET, SO_PEERSEC,
1761  _dbus_string_get_data (&buf), &len) < 0)
1762  {
1763  int e = errno;
1764 
1765  _dbus_verbose ("getsockopt failed with %s, len now %lu\n",
1766  _dbus_strerror (e), (unsigned long) len);
1767 
1768  if (e != ERANGE || len <= _dbus_string_get_length_uint (&buf))
1769  {
1770  _dbus_verbose ("Failed to getsockopt(SO_PEERSEC): %s\n",
1771  _dbus_strerror (e));
1772  goto out;
1773  }
1774 
1775  /* If not enough space, len is updated to be enough.
1776  * Try again with a large enough buffer. */
1777  if (!_dbus_string_set_length (&buf, len))
1778  {
1779  oom = TRUE;
1780  goto out;
1781  }
1782 
1783  _dbus_verbose ("will try again with %lu\n", (unsigned long) len);
1784  }
1785 
1786  if (len <= 0)
1787  {
1788  _dbus_verbose ("getsockopt(SO_PEERSEC) yielded <= 0 bytes: %lu\n",
1789  (unsigned long) len);
1790  goto out;
1791  }
1792 
1793  if (len > _dbus_string_get_length_uint (&buf))
1794  {
1795  _dbus_verbose ("%lu > %u", (unsigned long) len,
1796  _dbus_string_get_length_uint (&buf));
1797  _dbus_assert_not_reached ("getsockopt(SO_PEERSEC) overflowed");
1798  }
1799 
1800  if (_dbus_string_get_byte (&buf, len - 1) == 0)
1801  {
1802  /* the kernel included the trailing \0 in its count,
1803  * but DBusString always has an extra \0 after the data anyway */
1804  _dbus_verbose ("subtracting trailing \\0\n");
1805  len--;
1806  }
1807 
1808  if (!_dbus_string_set_length (&buf, len))
1809  {
1810  _dbus_assert_not_reached ("shortening string should not lead to OOM");
1811  oom = TRUE;
1812  goto out;
1813  }
1814 
1815  if (strlen (_dbus_string_get_const_data (&buf)) != len)
1816  {
1817  /* LSM people on the linux-security-module@ mailing list say this
1818  * should never happen: the label should be a bytestring with
1819  * an optional trailing \0 */
1820  _dbus_verbose ("security label from kernel had an embedded \\0, "
1821  "ignoring it\n");
1822  goto out;
1823  }
1824 
1825  _dbus_verbose ("getsockopt(SO_PEERSEC): %lu bytes excluding \\0: %s\n",
1826  (unsigned long) len,
1827  _dbus_string_get_const_data (&buf));
1828 
1830  _dbus_string_get_const_data (&buf)))
1831  {
1832  oom = TRUE;
1833  goto out;
1834  }
1835 
1836 out:
1837  _dbus_string_free (&buf);
1838  return !oom;
1839 #else
1840  /* no error */
1841  return TRUE;
1842 #endif
1843 }
1844 
1887  DBusCredentials *credentials,
1888  DBusError *error)
1889 {
1890  struct msghdr msg;
1891  struct iovec iov;
1892  char buf;
1893  dbus_uid_t uid_read;
1894  dbus_pid_t pid_read;
1895  int bytes_read;
1896 
1897 #ifdef HAVE_CMSGCRED
1898  union {
1899  struct cmsghdr hdr;
1900  char cred[CMSG_SPACE (sizeof (struct cmsgcred))];
1901  } cmsg;
1902 #endif
1903 
1904  /* The POSIX spec certainly doesn't promise this, but
1905  * we need these assertions to fail as soon as we're wrong about
1906  * it so we can do the porting fixups
1907  */
1908  _DBUS_STATIC_ASSERT (sizeof (pid_t) <= sizeof (dbus_pid_t));
1909  _DBUS_STATIC_ASSERT (sizeof (uid_t) <= sizeof (dbus_uid_t));
1910  _DBUS_STATIC_ASSERT (sizeof (gid_t) <= sizeof (dbus_gid_t));
1911 
1912  uid_read = DBUS_UID_UNSET;
1913  pid_read = DBUS_PID_UNSET;
1914 
1915  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
1916 
1917  _dbus_credentials_clear (credentials);
1918 
1919  iov.iov_base = &buf;
1920  iov.iov_len = 1;
1921 
1922  _DBUS_ZERO(msg);
1923  msg.msg_iov = &iov;
1924  msg.msg_iovlen = 1;
1925 
1926 #if defined(HAVE_CMSGCRED)
1927  _DBUS_ZERO(cmsg);
1928  msg.msg_control = (caddr_t) &cmsg;
1929  msg.msg_controllen = CMSG_SPACE (sizeof (struct cmsgcred));
1930 #endif
1931 
1932  again:
1933  bytes_read = recvmsg (client_fd.fd, &msg, 0);
1934 
1935  if (bytes_read < 0)
1936  {
1937  if (errno == EINTR)
1938  goto again;
1939 
1940  /* EAGAIN or EWOULDBLOCK would be unexpected here since we would
1941  * normally only call read_credentials if the socket was ready
1942  * for reading
1943  */
1944 
1945  dbus_set_error (error, _dbus_error_from_errno (errno),
1946  "Failed to read credentials byte: %s",
1947  _dbus_strerror (errno));
1948  return FALSE;
1949  }
1950  else if (bytes_read == 0)
1951  {
1952  /* this should not happen unless we are using recvmsg wrong,
1953  * so is essentially here for paranoia
1954  */
1956  "Failed to read credentials byte (zero-length read)");
1957  return FALSE;
1958  }
1959  else if (buf != '\0')
1960  {
1962  "Credentials byte was not nul");
1963  return FALSE;
1964  }
1965 
1966  _dbus_verbose ("read credentials byte\n");
1967 
1968  {
1969 #ifdef SO_PEERCRED
1970  /* Supported by at least Linux and OpenBSD, with minor differences.
1971  *
1972  * This mechanism passes the process ID through and does not require
1973  * the peer's cooperation, so we prefer it over all others. Notably,
1974  * Linux also supports SCM_CREDENTIALS, which is similar to FreeBSD
1975  * SCM_CREDS; it's implemented in GIO, but we don't use it in dbus at all,
1976  * because this is much less fragile.
1977  */
1978 #ifdef __OpenBSD__
1979  struct sockpeercred cr;
1980 #else
1981  struct ucred cr;
1982 #endif
1983  int cr_len = sizeof (cr);
1984 
1985  if (getsockopt (client_fd.fd, SOL_SOCKET, SO_PEERCRED, &cr, &cr_len) != 0)
1986  {
1987  _dbus_verbose ("Failed to getsockopt(SO_PEERCRED): %s\n",
1988  _dbus_strerror (errno));
1989  }
1990  else if (cr_len != sizeof (cr))
1991  {
1992  _dbus_verbose ("Failed to getsockopt(SO_PEERCRED), returned %d bytes, expected %d\n",
1993  cr_len, (int) sizeof (cr));
1994  }
1995  else
1996  {
1997  pid_read = cr.pid;
1998  uid_read = cr.uid;
1999  }
2000 #elif defined(HAVE_UNPCBID) && defined(LOCAL_PEEREID)
2001  /* Another variant of the above - used on NetBSD
2002  */
2003  struct unpcbid cr;
2004  socklen_t cr_len = sizeof (cr);
2005 
2006  if (getsockopt (client_fd.fd, 0, LOCAL_PEEREID, &cr, &cr_len) != 0)
2007  {
2008  _dbus_verbose ("Failed to getsockopt(LOCAL_PEEREID): %s\n",
2009  _dbus_strerror (errno));
2010  }
2011  else if (cr_len != sizeof (cr))
2012  {
2013  _dbus_verbose ("Failed to getsockopt(LOCAL_PEEREID), returned %d bytes, expected %d\n",
2014  cr_len, (int) sizeof (cr));
2015  }
2016  else
2017  {
2018  pid_read = cr.unp_pid;
2019  uid_read = cr.unp_euid;
2020  }
2021 #elif defined(HAVE_CMSGCRED)
2022  /* We only check for HAVE_CMSGCRED, but we're really assuming that the
2023  * presence of that struct implies SCM_CREDS. Supported by at least
2024  * FreeBSD and DragonflyBSD.
2025  *
2026  * This mechanism requires the peer to help us (it has to send us a
2027  * SCM_CREDS message) but it does pass the process ID through,
2028  * which makes it better than getpeereid().
2029  */
2030  struct cmsgcred *cred;
2031  struct cmsghdr *cmsgp;
2032 
2033  for (cmsgp = CMSG_FIRSTHDR (&msg);
2034  cmsgp != NULL;
2035  cmsgp = CMSG_NXTHDR (&msg, cmsgp))
2036  {
2037  if (cmsgp->cmsg_type == SCM_CREDS &&
2038  cmsgp->cmsg_level == SOL_SOCKET &&
2039  cmsgp->cmsg_len >= CMSG_LEN (sizeof (struct cmsgcred)))
2040  {
2041  cred = (struct cmsgcred *) CMSG_DATA (cmsgp);
2042  pid_read = cred->cmcred_pid;
2043  uid_read = cred->cmcred_euid;
2044  break;
2045  }
2046  }
2047 
2048 #elif defined(HAVE_GETPEERUCRED)
2049  /* Supported in at least Solaris >= 10. It should probably be higher
2050  * up this list, because it carries the pid and we use this code path
2051  * for audit data. */
2052  ucred_t * ucred = NULL;
2053  if (getpeerucred (client_fd.fd, &ucred) == 0)
2054  {
2055 #ifdef HAVE_ADT
2056  adt_session_data_t *adth = NULL;
2057 #endif
2058  pid_read = ucred_getpid (ucred);
2059  uid_read = ucred_geteuid (ucred);
2060 #ifdef HAVE_ADT
2061  /* generate audit session data based on socket ucred */
2062  if (adt_start_session (&adth, NULL, 0) || (adth == NULL))
2063  {
2064  _dbus_verbose ("Failed to adt_start_session(): %s\n", _dbus_strerror (errno));
2065  }
2066  else
2067  {
2068  if (adt_set_from_ucred (adth, ucred, ADT_NEW))
2069  {
2070  _dbus_verbose ("Failed to adt_set_from_ucred(): %s\n", _dbus_strerror (errno));
2071  }
2072  else
2073  {
2074  adt_export_data_t *data = NULL;
2075  size_t size = adt_export_session_data (adth, &data);
2076  if (size <= 0)
2077  {
2078  _dbus_verbose ("Failed to adt_export_session_data(): %s\n", _dbus_strerror (errno));
2079  }
2080  else
2081  {
2082  _dbus_credentials_add_adt_audit_data (credentials, data, size);
2083  free (data);
2084  }
2085  }
2086  (void) adt_end_session (adth);
2087  }
2088 #endif /* HAVE_ADT */
2089  }
2090  else
2091  {
2092  _dbus_verbose ("Failed to getpeerucred() credentials: %s\n", _dbus_strerror (errno));
2093  }
2094  if (ucred != NULL)
2095  ucred_free (ucred);
2096 
2097  /* ----------------------------------------------------------------
2098  * When adding new mechanisms, please add them above this point
2099  * if they support passing the process ID through, or below if not.
2100  * ---------------------------------------------------------------- */
2101 
2102 #elif defined(HAVE_GETPEEREID)
2103  /* getpeereid() originates from D.J. Bernstein and is fairly
2104  * widely-supported. According to a web search, it might be present in
2105  * any/all of:
2106  *
2107  * - AIX?
2108  * - Blackberry?
2109  * - Cygwin
2110  * - FreeBSD 4.6+ (but we prefer SCM_CREDS: it carries the pid)
2111  * - Mac OS X
2112  * - Minix 3.1.8+
2113  * - MirBSD?
2114  * - NetBSD 5.0+ (but LOCAL_PEEREID would be better: it carries the pid)
2115  * - OpenBSD 3.0+ (but we prefer SO_PEERCRED: it carries the pid)
2116  * - QNX?
2117  */
2118  uid_t euid;
2119  gid_t egid;
2120  if (getpeereid (client_fd.fd, &euid, &egid) == 0)
2121  {
2122  uid_read = euid;
2123  }
2124  else
2125  {
2126  _dbus_verbose ("Failed to getpeereid() credentials: %s\n", _dbus_strerror (errno));
2127  }
2128 #else /* no supported mechanism */
2129 
2130 #warning Socket credentials not supported on this Unix OS
2131 #warning Please tell https://bugs.freedesktop.org/enter_bug.cgi?product=DBus
2132 
2133  /* Please add other operating systems known to support at least one of
2134  * the mechanisms above to this list, keeping alphabetical order.
2135  * Everything not in this list is best-effort.
2136  */
2137 #if defined(__FreeBSD__) || defined(__FreeBSD_kernel__) || \
2138  defined(__linux__) || \
2139  defined(__OpenBSD__) || \
2140  defined(__NetBSD__)
2141 # error Credentials passing not working on this OS is a regression!
2142 #endif
2143 
2144  _dbus_verbose ("Socket credentials not supported on this OS\n");
2145 #endif
2146  }
2147 
2148  _dbus_verbose ("Credentials:"
2149  " pid "DBUS_PID_FORMAT
2150  " uid "DBUS_UID_FORMAT
2151  "\n",
2152  pid_read,
2153  uid_read);
2154 
2155  if (pid_read != DBUS_PID_UNSET)
2156  {
2157  if (!_dbus_credentials_add_pid (credentials, pid_read))
2158  {
2159  _DBUS_SET_OOM (error);
2160  return FALSE;
2161  }
2162  }
2163 
2164  if (uid_read != DBUS_UID_UNSET)
2165  {
2166  if (!_dbus_credentials_add_unix_uid (credentials, uid_read))
2167  {
2168  _DBUS_SET_OOM (error);
2169  return FALSE;
2170  }
2171  }
2172 
2173  if (!add_linux_security_label_to_credentials (client_fd.fd, credentials))
2174  {
2175  _DBUS_SET_OOM (error);
2176  return FALSE;
2177  }
2178 
2179  return TRUE;
2180 }
2181 
2201  DBusError *error)
2202 {
2203  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
2204 
2205  if (write_credentials_byte (server_fd.fd, error))
2206  return TRUE;
2207  else
2208  return FALSE;
2209 }
2210 
2220 DBusSocket
2222 {
2223  DBusSocket client_fd;
2224  struct sockaddr addr;
2225  socklen_t addrlen;
2226 #ifdef HAVE_ACCEPT4
2227  dbus_bool_t cloexec_done;
2228 #endif
2229 
2230  addrlen = sizeof (addr);
2231 
2232  retry:
2233 
2234 #ifdef HAVE_ACCEPT4
2235  /*
2236  * At compile-time, we assume that if accept4() is available in
2237  * libc headers, SOCK_CLOEXEC is too. At runtime, it is still
2238  * not necessarily true that either is supported by the running kernel.
2239  */
2240  client_fd.fd = accept4 (listen_fd.fd, &addr, &addrlen, SOCK_CLOEXEC);
2241  cloexec_done = client_fd.fd >= 0;
2242 
2243  if (client_fd.fd < 0 && (errno == ENOSYS || errno == EINVAL))
2244 #endif
2245  {
2246  client_fd.fd = accept (listen_fd.fd, &addr, &addrlen);
2247  }
2248 
2249  if (client_fd.fd < 0)
2250  {
2251  if (errno == EINTR)
2252  goto retry;
2253  }
2254 
2255  _dbus_verbose ("client fd %d accepted\n", client_fd.fd);
2256 
2257 #ifdef HAVE_ACCEPT4
2258  if (!cloexec_done)
2259 #endif
2260  {
2261  _dbus_fd_set_close_on_exec(client_fd.fd);
2262  }
2263 
2264  return client_fd;
2265 }
2266 
2277 {
2278  const char *directory;
2279  struct stat sb;
2280 
2281  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
2282 
2283  directory = _dbus_string_get_const_data (dir);
2284 
2285  if (stat (directory, &sb) < 0)
2286  {
2287  dbus_set_error (error, _dbus_error_from_errno (errno),
2288  "%s", _dbus_strerror (errno));
2289 
2290  return FALSE;
2291  }
2292 
2293  if (sb.st_uid != geteuid ())
2294  {
2296  "%s directory is owned by user %lu, not %lu",
2297  directory,
2298  (unsigned long) sb.st_uid,
2299  (unsigned long) geteuid ());
2300  return FALSE;
2301  }
2302 
2303  if ((S_IROTH & sb.st_mode) || (S_IWOTH & sb.st_mode) ||
2304  (S_IRGRP & sb.st_mode) || (S_IWGRP & sb.st_mode))
2305  {
2307  "%s directory is not private to the user", directory);
2308  return FALSE;
2309  }
2310 
2311  return TRUE;
2312 }
2313 
2314 static dbus_bool_t
2315 fill_user_info_from_passwd (struct passwd *p,
2316  DBusUserInfo *info,
2317  DBusError *error)
2318 {
2319  _dbus_assert (p->pw_name != NULL);
2320  _dbus_assert (p->pw_dir != NULL);
2321 
2322  info->uid = p->pw_uid;
2323  info->primary_gid = p->pw_gid;
2324  info->username = _dbus_strdup (p->pw_name);
2325  info->homedir = _dbus_strdup (p->pw_dir);
2326 
2327  if (info->username == NULL ||
2328  info->homedir == NULL)
2329  {
2331  return FALSE;
2332  }
2333 
2334  return TRUE;
2335 }
2336 
2337 static dbus_bool_t
2338 fill_user_info (DBusUserInfo *info,
2339  dbus_uid_t uid,
2340  const DBusString *username,
2341  DBusError *error)
2342 {
2343  const char *username_c;
2344 
2345  /* exactly one of username/uid provided */
2346  _dbus_assert (username != NULL || uid != DBUS_UID_UNSET);
2347  _dbus_assert (username == NULL || uid == DBUS_UID_UNSET);
2348 
2349  info->uid = DBUS_UID_UNSET;
2350  info->primary_gid = DBUS_GID_UNSET;
2351  info->group_ids = NULL;
2352  info->n_group_ids = 0;
2353  info->username = NULL;
2354  info->homedir = NULL;
2355 
2356  if (username != NULL)
2357  username_c = _dbus_string_get_const_data (username);
2358  else
2359  username_c = NULL;
2360 
2361  /* For now assuming that the getpwnam() and getpwuid() flavors
2362  * are always symmetrical, if not we have to add more configure
2363  * checks
2364  */
2365 
2366 #if defined (HAVE_POSIX_GETPWNAM_R) || defined (HAVE_NONPOSIX_GETPWNAM_R)
2367  {
2368  struct passwd *p;
2369  int result;
2370  size_t buflen;
2371  char *buf;
2372  struct passwd p_str;
2373 
2374  /* retrieve maximum needed size for buf */
2375  buflen = sysconf (_SC_GETPW_R_SIZE_MAX);
2376 
2377  /* sysconf actually returns a long, but everything else expects size_t,
2378  * so just recast here.
2379  * https://bugs.freedesktop.org/show_bug.cgi?id=17061
2380  */
2381  if ((long) buflen <= 0)
2382  buflen = 1024;
2383 
2384  result = -1;
2385  while (1)
2386  {
2387  buf = dbus_malloc (buflen);
2388  if (buf == NULL)
2389  {
2391  return FALSE;
2392  }
2393 
2394  p = NULL;
2395 #ifdef HAVE_POSIX_GETPWNAM_R
2396  if (uid != DBUS_UID_UNSET)
2397  result = getpwuid_r (uid, &p_str, buf, buflen,
2398  &p);
2399  else
2400  result = getpwnam_r (username_c, &p_str, buf, buflen,
2401  &p);
2402 #else
2403  if (uid != DBUS_UID_UNSET)
2404  p = getpwuid_r (uid, &p_str, buf, buflen);
2405  else
2406  p = getpwnam_r (username_c, &p_str, buf, buflen);
2407  result = 0;
2408 #endif /* !HAVE_POSIX_GETPWNAM_R */
2409  //Try a bigger buffer if ERANGE was returned
2410  if (result == ERANGE && buflen < 512 * 1024)
2411  {
2412  dbus_free (buf);
2413  buflen *= 2;
2414  }
2415  else
2416  {
2417  break;
2418  }
2419  }
2420  if (result == 0 && p == &p_str)
2421  {
2422  if (!fill_user_info_from_passwd (p, info, error))
2423  {
2424  dbus_free (buf);
2425  return FALSE;
2426  }
2427  dbus_free (buf);
2428  }
2429  else
2430  {
2431  dbus_set_error (error, _dbus_error_from_errno (errno),
2432  "User \"%s\" unknown or no memory to allocate password entry\n",
2433  username_c ? username_c : "???");
2434  _dbus_verbose ("User %s unknown\n", username_c ? username_c : "???");
2435  dbus_free (buf);
2436  return FALSE;
2437  }
2438  }
2439 #else /* ! HAVE_GETPWNAM_R */
2440  {
2441  /* I guess we're screwed on thread safety here */
2442  struct passwd *p;
2443 
2444  if (uid != DBUS_UID_UNSET)
2445  p = getpwuid (uid);
2446  else
2447  p = getpwnam (username_c);
2448 
2449  if (p != NULL)
2450  {
2451  if (!fill_user_info_from_passwd (p, info, error))
2452  {
2453  return FALSE;
2454  }
2455  }
2456  else
2457  {
2458  dbus_set_error (error, _dbus_error_from_errno (errno),
2459  "User \"%s\" unknown or no memory to allocate password entry\n",
2460  username_c ? username_c : "???");
2461  _dbus_verbose ("User %s unknown\n", username_c ? username_c : "???");
2462  return FALSE;
2463  }
2464  }
2465 #endif /* ! HAVE_GETPWNAM_R */
2466 
2467  /* Fill this in so we can use it to get groups */
2468  username_c = info->username;
2469 
2470 #ifdef HAVE_GETGROUPLIST
2471  {
2472  gid_t *buf;
2473  int buf_count;
2474  int i;
2475  int initial_buf_count;
2476 
2477  initial_buf_count = 17;
2478  buf_count = initial_buf_count;
2479  buf = dbus_new (gid_t, buf_count);
2480  if (buf == NULL)
2481  {
2483  goto failed;
2484  }
2485 
2486  if (getgrouplist (username_c,
2487  info->primary_gid,
2488  buf, &buf_count) < 0)
2489  {
2490  gid_t *new;
2491  /* Presumed cause of negative return code: buf has insufficient
2492  entries to hold the entire group list. The Linux behavior in this
2493  case is to pass back the actual number of groups in buf_count, but
2494  on Mac OS X 10.5, buf_count is unhelpfully left alone.
2495  So as a hack, try to help out a bit by guessing a larger
2496  number of groups, within reason.. might still fail, of course,
2497  but we can at least print a more informative message. I looked up
2498  the "right way" to do this by downloading Apple's own source code
2499  for the "id" command, and it turns out that they use an
2500  undocumented library function getgrouplist_2 (!) which is not
2501  declared in any header in /usr/include (!!). That did not seem
2502  like the way to go here.
2503  */
2504  if (buf_count == initial_buf_count)
2505  {
2506  buf_count *= 16; /* Retry with an arbitrarily scaled-up array */
2507  }
2508  new = dbus_realloc (buf, buf_count * sizeof (buf[0]));
2509  if (new == NULL)
2510  {
2512  dbus_free (buf);
2513  goto failed;
2514  }
2515 
2516  buf = new;
2517 
2518  errno = 0;
2519  if (getgrouplist (username_c, info->primary_gid, buf, &buf_count) < 0)
2520  {
2521  if (errno == 0)
2522  {
2523  _dbus_warn ("It appears that username \"%s\" is in more than %d groups.\nProceeding with just the first %d groups.",
2524  username_c, buf_count, buf_count);
2525  }
2526  else
2527  {
2528  dbus_set_error (error,
2529  _dbus_error_from_errno (errno),
2530  "Failed to get groups for username \"%s\" primary GID "
2531  DBUS_GID_FORMAT ": %s\n",
2532  username_c, info->primary_gid,
2533  _dbus_strerror (errno));
2534  dbus_free (buf);
2535  goto failed;
2536  }
2537  }
2538  }
2539 
2540  info->group_ids = dbus_new (dbus_gid_t, buf_count);
2541  if (info->group_ids == NULL)
2542  {
2544  dbus_free (buf);
2545  goto failed;
2546  }
2547 
2548  for (i = 0; i < buf_count; ++i)
2549  info->group_ids[i] = buf[i];
2550 
2551  info->n_group_ids = buf_count;
2552 
2553  dbus_free (buf);
2554  }
2555 #else /* HAVE_GETGROUPLIST */
2556  {
2557  /* We just get the one group ID */
2558  info->group_ids = dbus_new (dbus_gid_t, 1);
2559  if (info->group_ids == NULL)
2560  {
2562  goto failed;
2563  }
2564 
2565  info->n_group_ids = 1;
2566 
2567  (info->group_ids)[0] = info->primary_gid;
2568  }
2569 #endif /* HAVE_GETGROUPLIST */
2570 
2571  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
2572 
2573  return TRUE;
2574 
2575  failed:
2576  _DBUS_ASSERT_ERROR_IS_SET (error);
2577  return FALSE;
2578 }
2579 
2590  const DBusString *username,
2591  DBusError *error)
2592 {
2593  return fill_user_info (info, DBUS_UID_UNSET,
2594  username, error);
2595 }
2596 
2607  dbus_uid_t uid,
2608  DBusError *error)
2609 {
2610  return fill_user_info (info, uid,
2611  NULL, error);
2612 }
2613 
2623 {
2624  /* The POSIX spec certainly doesn't promise this, but
2625  * we need these assertions to fail as soon as we're wrong about
2626  * it so we can do the porting fixups
2627  */
2628  _DBUS_STATIC_ASSERT (sizeof (pid_t) <= sizeof (dbus_pid_t));
2629  _DBUS_STATIC_ASSERT (sizeof (uid_t) <= sizeof (dbus_uid_t));
2630  _DBUS_STATIC_ASSERT (sizeof (gid_t) <= sizeof (dbus_gid_t));
2631 
2632  if (!_dbus_credentials_add_pid(credentials, _dbus_getpid()))
2633  return FALSE;
2634  if (!_dbus_credentials_add_unix_uid(credentials, _dbus_geteuid()))
2635  return FALSE;
2636 
2637  return TRUE;
2638 }
2639 
2653 {
2654  return _dbus_string_append_uint (str,
2655  _dbus_geteuid ());
2656 }
2657 
2662 dbus_pid_t
2664 {
2665  return getpid ();
2666 }
2667 
2671 dbus_uid_t
2673 {
2674  return getuid ();
2675 }
2676 
2680 dbus_uid_t
2682 {
2683  return geteuid ();
2684 }
2685 
2692 unsigned long
2694 {
2695  return getpid ();
2696 }
2697 
2706 _dbus_parse_uid (const DBusString *uid_str,
2707  dbus_uid_t *uid)
2708 {
2709  int end;
2710  long val;
2711 
2712  if (_dbus_string_get_length (uid_str) == 0)
2713  {
2714  _dbus_verbose ("UID string was zero length\n");
2715  return FALSE;
2716  }
2717 
2718  val = -1;
2719  end = 0;
2720  if (!_dbus_string_parse_int (uid_str, 0, &val,
2721  &end))
2722  {
2723  _dbus_verbose ("could not parse string as a UID\n");
2724  return FALSE;
2725  }
2726 
2727  if (end != _dbus_string_get_length (uid_str))
2728  {
2729  _dbus_verbose ("string contained trailing stuff after UID\n");
2730  return FALSE;
2731  }
2732 
2733  *uid = val;
2734 
2735  return TRUE;
2736 }
2737 
2738 #if !DBUS_USE_SYNC
2739 /* To be thread-safe by default on platforms that don't necessarily have
2740  * atomic operations (notably Debian armel, which is armv4t), we must
2741  * use a mutex that can be initialized statically, like this.
2742  * GLib >= 2.32 uses a similar system.
2743  */
2744 static pthread_mutex_t atomic_mutex = PTHREAD_MUTEX_INITIALIZER;
2745 #endif
2746 
2753 dbus_int32_t
2755 {
2756 #if DBUS_USE_SYNC
2757  return __sync_add_and_fetch(&atomic->value, 1)-1;
2758 #else
2759  dbus_int32_t res;
2760 
2761  pthread_mutex_lock (&atomic_mutex);
2762  res = atomic->value;
2763  atomic->value += 1;
2764  pthread_mutex_unlock (&atomic_mutex);
2765 
2766  return res;
2767 #endif
2768 }
2769 
2776 dbus_int32_t
2778 {
2779 #if DBUS_USE_SYNC
2780  return __sync_sub_and_fetch(&atomic->value, 1)+1;
2781 #else
2782  dbus_int32_t res;
2783 
2784  pthread_mutex_lock (&atomic_mutex);
2785  res = atomic->value;
2786  atomic->value -= 1;
2787  pthread_mutex_unlock (&atomic_mutex);
2788 
2789  return res;
2790 #endif
2791 }
2792 
2800 dbus_int32_t
2802 {
2803 #if DBUS_USE_SYNC
2804  __sync_synchronize ();
2805  return atomic->value;
2806 #else
2807  dbus_int32_t res;
2808 
2809  pthread_mutex_lock (&atomic_mutex);
2810  res = atomic->value;
2811  pthread_mutex_unlock (&atomic_mutex);
2812 
2813  return res;
2814 #endif
2815 }
2816 
2825 int
2827  int n_fds,
2828  int timeout_milliseconds)
2829 {
2830 #if defined(HAVE_POLL) && !defined(BROKEN_POLL)
2831  /* DBusPollFD is a struct pollfd in this code path, so we can just poll() */
2832  if (timeout_milliseconds < -1)
2833  {
2834  timeout_milliseconds = -1;
2835  }
2836 
2837  return poll (fds,
2838  n_fds,
2839  timeout_milliseconds);
2840 #else /* ! HAVE_POLL */
2841  /* Emulate poll() in terms of select() */
2842  fd_set read_set, write_set, err_set;
2843  int max_fd = 0;
2844  int i;
2845  struct timeval tv;
2846  int ready;
2847 
2848  FD_ZERO (&read_set);
2849  FD_ZERO (&write_set);
2850  FD_ZERO (&err_set);
2851 
2852  for (i = 0; i < n_fds; i++)
2853  {
2854  DBusPollFD *fdp = &fds[i];
2855 
2856  if (fdp->events & _DBUS_POLLIN)
2857  FD_SET (fdp->fd, &read_set);
2858 
2859  if (fdp->events & _DBUS_POLLOUT)
2860  FD_SET (fdp->fd, &write_set);
2861 
2862  FD_SET (fdp->fd, &err_set);
2863 
2864  max_fd = MAX (max_fd, fdp->fd);
2865  }
2866 
2867  tv.tv_sec = timeout_milliseconds / 1000;
2868  tv.tv_usec = (timeout_milliseconds % 1000) * 1000;
2869 
2870  ready = select (max_fd + 1, &read_set, &write_set, &err_set,
2871  timeout_milliseconds < 0 ? NULL : &tv);
2872 
2873  if (ready > 0)
2874  {
2875  for (i = 0; i < n_fds; i++)
2876  {
2877  DBusPollFD *fdp = &fds[i];
2878 
2879  fdp->revents = 0;
2880 
2881  if (FD_ISSET (fdp->fd, &read_set))
2882  fdp->revents |= _DBUS_POLLIN;
2883 
2884  if (FD_ISSET (fdp->fd, &write_set))
2885  fdp->revents |= _DBUS_POLLOUT;
2886 
2887  if (FD_ISSET (fdp->fd, &err_set))
2888  fdp->revents |= _DBUS_POLLERR;
2889  }
2890  }
2891 
2892  return ready;
2893 #endif
2894 }
2895 
2903 void
2905  long *tv_usec)
2906 {
2907 #ifdef HAVE_MONOTONIC_CLOCK
2908  struct timespec ts;
2909  clock_gettime (CLOCK_MONOTONIC, &ts);
2910 
2911  if (tv_sec)
2912  *tv_sec = ts.tv_sec;
2913  if (tv_usec)
2914  *tv_usec = ts.tv_nsec / 1000;
2915 #else
2916  struct timeval t;
2917 
2918  gettimeofday (&t, NULL);
2919 
2920  if (tv_sec)
2921  *tv_sec = t.tv_sec;
2922  if (tv_usec)
2923  *tv_usec = t.tv_usec;
2924 #endif
2925 }
2926 
2934 void
2935 _dbus_get_real_time (long *tv_sec,
2936  long *tv_usec)
2937 {
2938  struct timeval t;
2939 
2940  gettimeofday (&t, NULL);
2941 
2942  if (tv_sec)
2943  *tv_sec = t.tv_sec;
2944  if (tv_usec)
2945  *tv_usec = t.tv_usec;
2946 }
2947 
2958  DBusError *error)
2959 {
2960  const char *filename_c;
2961 
2962  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
2963 
2964  filename_c = _dbus_string_get_const_data (filename);
2965 
2966  if (mkdir (filename_c, 0700) < 0)
2967  {
2968  if (errno == EEXIST)
2969  return TRUE;
2970 
2972  "Failed to create directory %s: %s\n",
2973  filename_c, _dbus_strerror (errno));
2974  return FALSE;
2975  }
2976  else
2977  return TRUE;
2978 }
2979 
2990  DBusError *error)
2991 {
2992  const char *filename_c;
2993 
2994  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
2995 
2996  filename_c = _dbus_string_get_const_data (filename);
2997 
2998  if (mkdir (filename_c, 0700) < 0)
2999  {
3001  "Failed to create directory %s: %s\n",
3002  filename_c, _dbus_strerror (errno));
3003  return FALSE;
3004  }
3005  else
3006  return TRUE;
3007 }
3008 
3021  const DBusString *next_component)
3022 {
3023  dbus_bool_t dir_ends_in_slash;
3024  dbus_bool_t file_starts_with_slash;
3025 
3026  if (_dbus_string_get_length (dir) == 0 ||
3027  _dbus_string_get_length (next_component) == 0)
3028  return TRUE;
3029 
3030  dir_ends_in_slash = '/' == _dbus_string_get_byte (dir,
3031  _dbus_string_get_length (dir) - 1);
3032 
3033  file_starts_with_slash = '/' == _dbus_string_get_byte (next_component, 0);
3034 
3035  if (dir_ends_in_slash && file_starts_with_slash)
3036  {
3037  _dbus_string_shorten (dir, 1);
3038  }
3039  else if (!(dir_ends_in_slash || file_starts_with_slash))
3040  {
3041  if (!_dbus_string_append_byte (dir, '/'))
3042  return FALSE;
3043  }
3044 
3045  return _dbus_string_copy (next_component, 0, dir,
3046  _dbus_string_get_length (dir));
3047 }
3048 
3050 #define NANOSECONDS_PER_SECOND 1000000000
3051 
3052 #define MICROSECONDS_PER_SECOND 1000000
3053 
3054 #define MILLISECONDS_PER_SECOND 1000
3055 
3056 #define NANOSECONDS_PER_MILLISECOND 1000000
3057 
3058 #define MICROSECONDS_PER_MILLISECOND 1000
3059 
3064 void
3065 _dbus_sleep_milliseconds (int milliseconds)
3066 {
3067 #ifdef HAVE_NANOSLEEP
3068  struct timespec req;
3069  struct timespec rem;
3070 
3071  req.tv_sec = milliseconds / MILLISECONDS_PER_SECOND;
3072  req.tv_nsec = (milliseconds % MILLISECONDS_PER_SECOND) * NANOSECONDS_PER_MILLISECOND;
3073  rem.tv_sec = 0;
3074  rem.tv_nsec = 0;
3075 
3076  while (nanosleep (&req, &rem) < 0 && errno == EINTR)
3077  req = rem;
3078 #elif defined (HAVE_USLEEP)
3079  usleep (milliseconds * MICROSECONDS_PER_MILLISECOND);
3080 #else /* ! HAVE_USLEEP */
3081  sleep (MAX (milliseconds / 1000, 1));
3082 #endif
3083 }
3084 
3096  int n_bytes,
3097  DBusError *error)
3098 {
3099  int old_len;
3100  int fd;
3101  int result;
3102 
3103  old_len = _dbus_string_get_length (str);
3104  fd = -1;
3105 
3106  /* note, urandom on linux will fall back to pseudorandom */
3107  fd = open ("/dev/urandom", O_RDONLY);
3108 
3109  if (fd < 0)
3110  {
3111  dbus_set_error (error, _dbus_error_from_errno (errno),
3112  "Could not open /dev/urandom: %s",
3113  _dbus_strerror (errno));
3114  return FALSE;
3115  }
3116 
3117  _dbus_verbose ("/dev/urandom fd %d opened\n", fd);
3118 
3119  result = _dbus_read (fd, str, n_bytes);
3120 
3121  if (result != n_bytes)
3122  {
3123  if (result < 0)
3124  dbus_set_error (error, _dbus_error_from_errno (errno),
3125  "Could not read /dev/urandom: %s",
3126  _dbus_strerror (errno));
3127  else
3129  "Short read from /dev/urandom");
3130 
3131  _dbus_close (fd, NULL);
3132  _dbus_string_set_length (str, old_len);
3133  return FALSE;
3134  }
3135 
3136  _dbus_verbose ("Read %d bytes from /dev/urandom\n",
3137  n_bytes);
3138 
3139  _dbus_close (fd, NULL);
3140 
3141  return TRUE;
3142 }
3143 
3149 void
3150 _dbus_exit (int code)
3151 {
3152  _exit (code);
3153 }
3154 
3163 const char*
3164 _dbus_strerror (int error_number)
3165 {
3166  const char *msg;
3167 
3168  msg = strerror (error_number);
3169  if (msg == NULL)
3170  msg = "unknown";
3171 
3172  return msg;
3173 }
3174 
3178 void
3180 {
3181  signal (SIGPIPE, SIG_IGN);
3182 }
3183 
3191 void
3193 {
3194  int val;
3195 
3196  val = fcntl (fd, F_GETFD, 0);
3197 
3198  if (val < 0)
3199  return;
3200 
3201  val |= FD_CLOEXEC;
3202 
3203  fcntl (fd, F_SETFD, val);
3204 }
3205 
3214 _dbus_close (int fd,
3215  DBusError *error)
3216 {
3217  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
3218 
3219  again:
3220  if (close (fd) < 0)
3221  {
3222  if (errno == EINTR)
3223  goto again;
3224 
3225  dbus_set_error (error, _dbus_error_from_errno (errno),
3226  "Could not close fd %d", fd);
3227  return FALSE;
3228  }
3229 
3230  return TRUE;
3231 }
3232 
3241 int
3242 _dbus_dup(int fd,
3243  DBusError *error)
3244 {
3245  int new_fd;
3246 
3247 #ifdef F_DUPFD_CLOEXEC
3248  dbus_bool_t cloexec_done;
3249 
3250  new_fd = fcntl(fd, F_DUPFD_CLOEXEC, 3);
3251  cloexec_done = new_fd >= 0;
3252 
3253  if (new_fd < 0 && errno == EINVAL)
3254 #endif
3255  {
3256  new_fd = fcntl(fd, F_DUPFD, 3);
3257  }
3258 
3259  if (new_fd < 0) {
3260 
3261  dbus_set_error (error, _dbus_error_from_errno (errno),
3262  "Could not duplicate fd %d", fd);
3263  return -1;
3264  }
3265 
3266 #ifdef F_DUPFD_CLOEXEC
3267  if (!cloexec_done)
3268 #endif
3269  {
3271  }
3272 
3273  return new_fd;
3274 }
3275 
3285  DBusError *error)
3286 {
3287  return _dbus_set_fd_nonblocking (fd.fd, error);
3288 }
3289 
3290 static dbus_bool_t
3291 _dbus_set_fd_nonblocking (int fd,
3292  DBusError *error)
3293 {
3294  int val;
3295 
3296  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
3297 
3298  val = fcntl (fd, F_GETFL, 0);
3299  if (val < 0)
3300  {
3301  dbus_set_error (error, _dbus_error_from_errno (errno),
3302  "Failed to get flags from file descriptor %d: %s",
3303  fd, _dbus_strerror (errno));
3304  _dbus_verbose ("Failed to get flags for fd %d: %s\n", fd,
3305  _dbus_strerror (errno));
3306  return FALSE;
3307  }
3308 
3309  if (fcntl (fd, F_SETFL, val | O_NONBLOCK) < 0)
3310  {
3311  dbus_set_error (error, _dbus_error_from_errno (errno),
3312  "Failed to set nonblocking flag of file descriptor %d: %s",
3313  fd, _dbus_strerror (errno));
3314  _dbus_verbose ("Failed to set fd %d nonblocking: %s\n",
3315  fd, _dbus_strerror (errno));
3316 
3317  return FALSE;
3318  }
3319 
3320  return TRUE;
3321 }
3322 
3328 void
3330 {
3331 #if defined (HAVE_BACKTRACE) && defined (DBUS_BUILT_R_DYNAMIC)
3332  void *bt[500];
3333  int bt_size;
3334  int i;
3335  char **syms;
3336 
3337  bt_size = backtrace (bt, 500);
3338 
3339  syms = backtrace_symbols (bt, bt_size);
3340 
3341  i = 0;
3342  while (i < bt_size)
3343  {
3344  /* don't use dbus_warn since it can _dbus_abort() */
3345  fprintf (stderr, " %s\n", syms[i]);
3346  ++i;
3347  }
3348  fflush (stderr);
3349 
3350  free (syms);
3351 #elif defined (HAVE_BACKTRACE) && ! defined (DBUS_BUILT_R_DYNAMIC)
3352  fprintf (stderr, " D-Bus not built with -rdynamic so unable to print a backtrace\n");
3353 #else
3354  fprintf (stderr, " D-Bus not compiled with backtrace support so unable to print a backtrace\n");
3355 #endif
3356 }
3357 
3372  DBusSocket *fd2,
3373  dbus_bool_t blocking,
3374  DBusError *error)
3375 {
3376 #ifdef HAVE_SOCKETPAIR
3377  int fds[2];
3378  int retval;
3379 
3380 #ifdef SOCK_CLOEXEC
3381  dbus_bool_t cloexec_done;
3382 
3383  retval = socketpair(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0, fds);
3384  cloexec_done = retval >= 0;
3385 
3386  if (retval < 0 && (errno == EINVAL || errno == EPROTOTYPE))
3387 #endif
3388  {
3389  retval = socketpair(AF_UNIX, SOCK_STREAM, 0, fds);
3390  }
3391 
3392  if (retval < 0)
3393  {
3394  dbus_set_error (error, _dbus_error_from_errno (errno),
3395  "Could not create full-duplex pipe");
3396  return FALSE;
3397  }
3398 
3399  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
3400 
3401 #ifdef SOCK_CLOEXEC
3402  if (!cloexec_done)
3403 #endif
3404  {
3405  _dbus_fd_set_close_on_exec (fds[0]);
3406  _dbus_fd_set_close_on_exec (fds[1]);
3407  }
3408 
3409  if (!blocking &&
3410  (!_dbus_set_fd_nonblocking (fds[0], NULL) ||
3411  !_dbus_set_fd_nonblocking (fds[1], NULL)))
3412  {
3413  dbus_set_error (error, _dbus_error_from_errno (errno),
3414  "Could not set full-duplex pipe nonblocking");
3415 
3416  _dbus_close (fds[0], NULL);
3417  _dbus_close (fds[1], NULL);
3418 
3419  return FALSE;
3420  }
3421 
3422  fd1->fd = fds[0];
3423  fd2->fd = fds[1];
3424 
3425  _dbus_verbose ("full-duplex pipe %d <-> %d\n",
3426  fd1->fd, fd2->fd);
3427 
3428  return TRUE;
3429 #else
3430  _dbus_warn ("_dbus_socketpair() not implemented on this OS\n");
3432  "_dbus_socketpair() not implemented on this OS");
3433  return FALSE;
3434 #endif
3435 }
3436 
3445 int
3447  va_list args)
3448 {
3449  char static_buf[1024];
3450  int bufsize = sizeof (static_buf);
3451  int len;
3452  va_list args_copy;
3453 
3454  DBUS_VA_COPY (args_copy, args);
3455  len = vsnprintf (static_buf, bufsize, format, args_copy);
3456  va_end (args_copy);
3457 
3458  /* If vsnprintf() returned non-negative, then either the string fits in
3459  * static_buf, or this OS has the POSIX and C99 behaviour where vsnprintf
3460  * returns the number of characters that were needed, or this OS returns the
3461  * truncated length.
3462  *
3463  * We ignore the possibility that snprintf might just ignore the length and
3464  * overrun the buffer (64-bit Solaris 7), because that's pathological.
3465  * If your libc is really that bad, come back when you have a better one. */
3466  if (len == bufsize)
3467  {
3468  /* This could be the truncated length (Tru64 and IRIX have this bug),
3469  * or the real length could be coincidentally the same. Which is it?
3470  * If vsnprintf returns the truncated length, we'll go to the slow
3471  * path. */
3472  DBUS_VA_COPY (args_copy, args);
3473 
3474  if (vsnprintf (static_buf, 1, format, args_copy) == 1)
3475  len = -1;
3476 
3477  va_end (args_copy);
3478  }
3479 
3480  /* If vsnprintf() returned negative, we have to do more work.
3481  * HP-UX returns negative. */
3482  while (len < 0)
3483  {
3484  char *buf;
3485 
3486  bufsize *= 2;
3487 
3488  buf = dbus_malloc (bufsize);
3489 
3490  if (buf == NULL)
3491  return -1;
3492 
3493  DBUS_VA_COPY (args_copy, args);
3494  len = vsnprintf (buf, bufsize, format, args_copy);
3495  va_end (args_copy);
3496 
3497  dbus_free (buf);
3498 
3499  /* If the reported length is exactly the buffer size, round up to the
3500  * next size, in case vsnprintf has been returning the truncated
3501  * length */
3502  if (len == bufsize)
3503  len = -1;
3504  }
3505 
3506  return len;
3507 }
3508 
3515 const char*
3517 {
3518  /* Protected by _DBUS_LOCK_sysdeps */
3519  static const char* tmpdir = NULL;
3520 
3521  if (!_DBUS_LOCK (sysdeps))
3522  return NULL;
3523 
3524  if (tmpdir == NULL)
3525  {
3526  /* TMPDIR is what glibc uses, then
3527  * glibc falls back to the P_tmpdir macro which
3528  * just expands to "/tmp"
3529  */
3530  if (tmpdir == NULL)
3531  tmpdir = getenv("TMPDIR");
3532 
3533  /* These two env variables are probably
3534  * broken, but maybe some OS uses them?
3535  */
3536  if (tmpdir == NULL)
3537  tmpdir = getenv("TMP");
3538  if (tmpdir == NULL)
3539  tmpdir = getenv("TEMP");
3540 
3541  /* And this is the sane fallback. */
3542  if (tmpdir == NULL)
3543  tmpdir = "/tmp";
3544  }
3545 
3546  _DBUS_UNLOCK (sysdeps);
3547 
3548  _dbus_assert(tmpdir != NULL);
3549 
3550  return tmpdir;
3551 }
3552 
3553 #if defined(DBUS_ENABLE_X11_AUTOLAUNCH) || defined(DBUS_ENABLE_LAUNCHD)
3554 
3573 static dbus_bool_t
3574 _read_subprocess_line_argv (const char *progpath,
3575  dbus_bool_t path_fallback,
3576  char * const *argv,
3577  DBusString *result,
3578  DBusError *error)
3579 {
3580  int result_pipe[2] = { -1, -1 };
3581  int errors_pipe[2] = { -1, -1 };
3582  pid_t pid;
3583  int ret;
3584  int status;
3585  int orig_len;
3586 
3587  dbus_bool_t retval;
3588  sigset_t new_set, old_set;
3589 
3590  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
3591  retval = FALSE;
3592 
3593  /* We need to block any existing handlers for SIGCHLD temporarily; they
3594  * will cause waitpid() below to fail.
3595  * https://bugs.freedesktop.org/show_bug.cgi?id=21347
3596  */
3597  sigemptyset (&new_set);
3598  sigaddset (&new_set, SIGCHLD);
3599  sigprocmask (SIG_BLOCK, &new_set, &old_set);
3600 
3601  orig_len = _dbus_string_get_length (result);
3602 
3603 #define READ_END 0
3604 #define WRITE_END 1
3605  if (pipe (result_pipe) < 0)
3606  {
3607  dbus_set_error (error, _dbus_error_from_errno (errno),
3608  "Failed to create a pipe to call %s: %s",
3609  progpath, _dbus_strerror (errno));
3610  _dbus_verbose ("Failed to create a pipe to call %s: %s\n",
3611  progpath, _dbus_strerror (errno));
3612  goto out;
3613  }
3614  if (pipe (errors_pipe) < 0)
3615  {
3616  dbus_set_error (error, _dbus_error_from_errno (errno),
3617  "Failed to create a pipe to call %s: %s",
3618  progpath, _dbus_strerror (errno));
3619  _dbus_verbose ("Failed to create a pipe to call %s: %s\n",
3620  progpath, _dbus_strerror (errno));
3621  goto out;
3622  }
3623 
3624  pid = fork ();
3625  if (pid < 0)
3626  {
3627  dbus_set_error (error, _dbus_error_from_errno (errno),
3628  "Failed to fork() to call %s: %s",
3629  progpath, _dbus_strerror (errno));
3630  _dbus_verbose ("Failed to fork() to call %s: %s\n",
3631  progpath, _dbus_strerror (errno));
3632  goto out;
3633  }
3634 
3635  if (pid == 0)
3636  {
3637  /* child process */
3638  int fd;
3639 
3640  fd = open ("/dev/null", O_RDWR);
3641  if (fd == -1)
3642  /* huh?! can't open /dev/null? */
3643  _exit (1);
3644 
3645  _dbus_verbose ("/dev/null fd %d opened\n", fd);
3646 
3647  /* set-up stdXXX */
3648  close (result_pipe[READ_END]);
3649  close (errors_pipe[READ_END]);
3650 
3651  if (dup2 (fd, 0) == -1) /* setup stdin */
3652  _exit (1);
3653  if (dup2 (result_pipe[WRITE_END], 1) == -1) /* setup stdout */
3654  _exit (1);
3655  if (dup2 (errors_pipe[WRITE_END], 2) == -1) /* setup stderr */
3656  _exit (1);
3657 
3658  _dbus_close_all ();
3659 
3660  sigprocmask (SIG_SETMASK, &old_set, NULL);
3661 
3662  /* If it looks fully-qualified, try execv first */
3663  if (progpath[0] == '/')
3664  {
3665  execv (progpath, argv);
3666  /* Ok, that failed. Now if path_fallback is given, let's
3667  * try unqualified. This is mostly a hack to work
3668  * around systems which ship dbus-launch in /usr/bin
3669  * but everything else in /bin (because dbus-launch
3670  * depends on X11).
3671  */
3672  if (path_fallback)
3673  /* We must have a slash, because we checked above */
3674  execvp (strrchr (progpath, '/')+1, argv);
3675  }
3676  else
3677  execvp (progpath, argv);
3678 
3679  /* still nothing, we failed */
3680  _exit (1);
3681  }
3682 
3683  /* parent process */
3684  close (result_pipe[WRITE_END]);
3685  close (errors_pipe[WRITE_END]);
3686  result_pipe[WRITE_END] = -1;
3687  errors_pipe[WRITE_END] = -1;
3688 
3689  ret = 0;
3690  do
3691  {
3692  ret = _dbus_read (result_pipe[READ_END], result, 1024);
3693  }
3694  while (ret > 0);
3695 
3696  /* reap the child process to avoid it lingering as zombie */
3697  do
3698  {
3699  ret = waitpid (pid, &status, 0);
3700  }
3701  while (ret == -1 && errno == EINTR);
3702 
3703  /* We succeeded if the process exited with status 0 and
3704  anything was read */
3705  if (!WIFEXITED (status) || WEXITSTATUS (status) != 0 )
3706  {
3707  /* The process ended with error */
3708  DBusString error_message;
3709  if (!_dbus_string_init (&error_message))
3710  {
3711  _DBUS_SET_OOM (error);
3712  goto out;
3713  }
3714 
3715  ret = 0;
3716  do
3717  {
3718  ret = _dbus_read (errors_pipe[READ_END], &error_message, 1024);
3719  }
3720  while (ret > 0);
3721 
3722  _dbus_string_set_length (result, orig_len);
3723  if (_dbus_string_get_length (&error_message) > 0)
3725  "%s terminated abnormally with the following error: %s",
3726  progpath, _dbus_string_get_data (&error_message));
3727  else
3729  "%s terminated abnormally without any error message",
3730  progpath);
3731  goto out;
3732  }
3733 
3734  retval = TRUE;
3735 
3736  out:
3737  sigprocmask (SIG_SETMASK, &old_set, NULL);
3738 
3739  if (retval)
3740  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
3741  else
3742  _DBUS_ASSERT_ERROR_IS_SET (error);
3743 
3744  if (result_pipe[0] != -1)
3745  close (result_pipe[0]);
3746  if (result_pipe[1] != -1)
3747  close (result_pipe[1]);
3748  if (errors_pipe[0] != -1)
3749  close (errors_pipe[0]);
3750  if (errors_pipe[1] != -1)
3751  close (errors_pipe[1]);
3752 
3753  return retval;
3754 }
3755 #endif
3756 
3770 _dbus_get_autolaunch_address (const char *scope,
3771  DBusString *address,
3772  DBusError *error)
3773 {
3774 #ifdef DBUS_ENABLE_X11_AUTOLAUNCH
3775  /* Perform X11-based autolaunch. (We also support launchd-based autolaunch,
3776  * but that's done elsewhere, and if it worked, this function wouldn't
3777  * be called.) */
3778  const char *display;
3779  char *progpath;
3780  char *argv[6];
3781  int i;
3782  DBusString uuid;
3783  dbus_bool_t retval;
3784 
3785  if (_dbus_check_setuid ())
3786  {
3788  "Unable to autolaunch when setuid");
3789  return FALSE;
3790  }
3791 
3792  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
3793  retval = FALSE;
3794 
3795  /* fd.o #19997: if $DISPLAY isn't set to something useful, then
3796  * dbus-launch-x11 is just going to fail. Rather than trying to
3797  * run it, we might as well bail out early with a nice error.
3798  *
3799  * This is not strictly true in a world where the user bus exists,
3800  * because dbus-launch --autolaunch knows how to connect to that -
3801  * but if we were going to connect to the user bus, we'd have done
3802  * so before trying autolaunch: in any case. */
3803  display = _dbus_getenv ("DISPLAY");
3804 
3805  if (display == NULL || display[0] == '\0')
3806  {
3808  "Unable to autolaunch a dbus-daemon without a $DISPLAY for X11");
3809  return FALSE;
3810  }
3811 
3812  if (!_dbus_string_init (&uuid))
3813  {
3814  _DBUS_SET_OOM (error);
3815  return FALSE;
3816  }
3817 
3818  if (!_dbus_get_local_machine_uuid_encoded (&uuid, error))
3819  {
3820  goto out;
3821  }
3822 
3823 #ifdef DBUS_ENABLE_EMBEDDED_TESTS
3824  if (_dbus_getenv ("DBUS_USE_TEST_BINARY") != NULL)
3825  progpath = TEST_BUS_LAUNCH_BINARY;
3826  else
3827 #endif
3828  progpath = DBUS_BINDIR "/dbus-launch";
3829  /*
3830  * argv[0] is always dbus-launch, that's the name what we'll
3831  * get from /proc, or ps(1), regardless what the progpath is,
3832  * see fd.o#69716
3833  */
3834  i = 0;
3835  argv[i] = "dbus-launch";
3836  ++i;
3837  argv[i] = "--autolaunch";
3838  ++i;
3839  argv[i] = _dbus_string_get_data (&uuid);
3840  ++i;
3841  argv[i] = "--binary-syntax";
3842  ++i;
3843  argv[i] = "--close-stderr";
3844  ++i;
3845  argv[i] = NULL;
3846  ++i;
3847 
3848  _dbus_assert (i == _DBUS_N_ELEMENTS (argv));
3849 
3850  retval = _read_subprocess_line_argv (progpath,
3851  TRUE,
3852  argv, address, error);
3853 
3854  out:
3855  _dbus_string_free (&uuid);
3856  return retval;
3857 #else
3859  "Using X11 for dbus-daemon autolaunch was disabled at compile time, "
3860  "set your DBUS_SESSION_BUS_ADDRESS instead");
3861  return FALSE;
3862 #endif
3863 }
3864 
3885  dbus_bool_t create_if_not_found,
3886  DBusError *error)
3887 {
3888  DBusString filename;
3889  dbus_bool_t b;
3890 
3891  _dbus_string_init_const (&filename, DBUS_MACHINE_UUID_FILE);
3892 
3893  b = _dbus_read_uuid_file (&filename, machine_id, FALSE, error);
3894  if (b)
3895  return TRUE;
3896 
3897  dbus_error_free (error);
3898 
3899  /* Fallback to the system machine ID */
3900  _dbus_string_init_const (&filename, "/etc/machine-id");
3901  b = _dbus_read_uuid_file (&filename, machine_id, FALSE, error);
3902 
3903  if (b)
3904  {
3905  /* try to copy it to the DBUS_MACHINE_UUID_FILE, but do not
3906  * complain if that isn't possible for whatever reason */
3907  _dbus_string_init_const (&filename, DBUS_MACHINE_UUID_FILE);
3908  _dbus_write_uuid_file (&filename, machine_id, NULL);
3909 
3910  return TRUE;
3911  }
3912 
3913  if (!create_if_not_found)
3914  return FALSE;
3915 
3916  /* if none found, try to make a new one */
3917  dbus_error_free (error);
3918  _dbus_string_init_const (&filename, DBUS_MACHINE_UUID_FILE);
3919 
3920  if (!_dbus_generate_uuid (machine_id, error))
3921  return FALSE;
3922 
3923  return _dbus_write_uuid_file (&filename, machine_id, error);
3924 }
3925 
3935  const char *launchd_env_var,
3936  DBusError *error)
3937 {
3938 #ifdef DBUS_ENABLE_LAUNCHD
3939  char *argv[4];
3940  int i;
3941 
3942  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
3943 
3944  if (_dbus_check_setuid ())
3945  {
3947  "Unable to find launchd socket when setuid");
3948  return FALSE;
3949  }
3950 
3951  i = 0;
3952  argv[i] = "launchctl";
3953  ++i;
3954  argv[i] = "getenv";
3955  ++i;
3956  argv[i] = (char*)launchd_env_var;
3957  ++i;
3958  argv[i] = NULL;
3959  ++i;
3960 
3961  _dbus_assert (i == _DBUS_N_ELEMENTS (argv));
3962 
3963  if (!_read_subprocess_line_argv(argv[0], TRUE, argv, socket_path, error))
3964  {
3965  return FALSE;
3966  }
3967 
3968  /* no error, but no result either */
3969  if (_dbus_string_get_length(socket_path) == 0)
3970  {
3971  return FALSE;
3972  }
3973 
3974  /* strip the carriage-return */
3975  _dbus_string_shorten(socket_path, 1);
3976  return TRUE;
3977 #else /* DBUS_ENABLE_LAUNCHD */
3979  "can't lookup socket from launchd; launchd support not compiled in");
3980  return FALSE;
3981 #endif
3982 }
3983 
3984 #ifdef DBUS_ENABLE_LAUNCHD
3985 static dbus_bool_t
3986 _dbus_lookup_session_address_launchd (DBusString *address, DBusError *error)
3987 {
3988  dbus_bool_t valid_socket;
3989  DBusString socket_path;
3990 
3991  if (_dbus_check_setuid ())
3992  {
3994  "Unable to find launchd socket when setuid");
3995  return FALSE;
3996  }
3997 
3998  if (!_dbus_string_init (&socket_path))
3999  {
4000  _DBUS_SET_OOM (error);
4001  return FALSE;
4002  }
4003 
4004  valid_socket = _dbus_lookup_launchd_socket (&socket_path, "DBUS_LAUNCHD_SESSION_BUS_SOCKET", error);
4005 
4006  if (dbus_error_is_set(error))
4007  {
4008  _dbus_string_free(&socket_path);
4009  return FALSE;
4010  }
4011 
4012  if (!valid_socket)
4013  {
4014  dbus_set_error(error, "no socket path",
4015  "launchd did not provide a socket path, "
4016  "verify that org.freedesktop.dbus-session.plist is loaded!");
4017  _dbus_string_free(&socket_path);
4018  return FALSE;
4019  }
4020  if (!_dbus_string_append (address, "unix:path="))
4021  {
4022  _DBUS_SET_OOM (error);
4023  _dbus_string_free(&socket_path);
4024  return FALSE;
4025  }
4026  if (!_dbus_string_copy (&socket_path, 0, address,
4027  _dbus_string_get_length (address)))
4028  {
4029  _DBUS_SET_OOM (error);
4030  _dbus_string_free(&socket_path);
4031  return FALSE;
4032  }
4033 
4034  _dbus_string_free(&socket_path);
4035  return TRUE;
4036 }
4037 #endif
4038 
4040 _dbus_lookup_user_bus (dbus_bool_t *supported,
4041  DBusString *address,
4042  DBusError *error)
4043 {
4044  const char *runtime_dir = _dbus_getenv ("XDG_RUNTIME_DIR");
4045  dbus_bool_t ret = FALSE;
4046  struct stat stbuf;
4047  DBusString user_bus_path;
4048 
4049  if (runtime_dir == NULL)
4050  {
4051  _dbus_verbose ("XDG_RUNTIME_DIR not found in environment");
4052  *supported = FALSE;
4053  return TRUE; /* Cannot use it, but not an error */
4054  }
4055 
4056  if (!_dbus_string_init (&user_bus_path))
4057  {
4058  _DBUS_SET_OOM (error);
4059  return FALSE;
4060  }
4061 
4062  if (!_dbus_string_append_printf (&user_bus_path, "%s/bus", runtime_dir))
4063  {
4064  _DBUS_SET_OOM (error);
4065  goto out;
4066  }
4067 
4068  if (lstat (_dbus_string_get_const_data (&user_bus_path), &stbuf) == -1)
4069  {
4070  _dbus_verbose ("XDG_RUNTIME_DIR/bus not available: %s",
4071  _dbus_strerror (errno));
4072  *supported = FALSE;
4073  ret = TRUE; /* Cannot use it, but not an error */
4074  goto out;
4075  }
4076 
4077  if (stbuf.st_uid != getuid ())
4078  {
4079  _dbus_verbose ("XDG_RUNTIME_DIR/bus owned by uid %ld, not our uid %ld",
4080  (long) stbuf.st_uid, (long) getuid ());
4081  *supported = FALSE;
4082  ret = TRUE; /* Cannot use it, but not an error */
4083  goto out;
4084  }
4085 
4086  if ((stbuf.st_mode & S_IFMT) != S_IFSOCK)
4087  {
4088  _dbus_verbose ("XDG_RUNTIME_DIR/bus is not a socket: st_mode = 0o%lo",
4089  (long) stbuf.st_mode);
4090  *supported = FALSE;
4091  ret = TRUE; /* Cannot use it, but not an error */
4092  goto out;
4093  }
4094 
4095  if (!_dbus_string_append (address, "unix:path=") ||
4096  !_dbus_address_append_escaped (address, &user_bus_path))
4097  {
4098  _DBUS_SET_OOM (error);
4099  goto out;
4100  }
4101 
4102  *supported = TRUE;
4103  ret = TRUE;
4104 
4105 out:
4106  _dbus_string_free (&user_bus_path);
4107  return ret;
4108 }
4109 
4131  DBusString *address,
4132  DBusError *error)
4133 {
4134 #ifdef DBUS_ENABLE_LAUNCHD
4135  *supported = TRUE;
4136  return _dbus_lookup_session_address_launchd (address, error);
4137 #else
4138  *supported = FALSE;
4139 
4140  if (!_dbus_lookup_user_bus (supported, address, error))
4141  return FALSE;
4142  else if (*supported)
4143  return TRUE;
4144 
4145  /* On non-Mac Unix platforms, if the session address isn't already
4146  * set in DBUS_SESSION_BUS_ADDRESS environment variable and the
4147  * $XDG_RUNTIME_DIR/bus can't be used, we punt and fall back to the
4148  * autolaunch: global default; see init_session_address in
4149  * dbus/dbus-bus.c. */
4150  return TRUE;
4151 #endif
4152 }
4153 
4161 void
4163 {
4165 }
4166 
4182  DBusCredentials *credentials)
4183 {
4184  DBusString homedir;
4185  DBusString dotdir;
4186  dbus_uid_t uid;
4187 
4188  _dbus_assert (credentials != NULL);
4190 
4191  if (!_dbus_string_init (&homedir))
4192  return FALSE;
4193 
4194  uid = _dbus_credentials_get_unix_uid (credentials);
4195  _dbus_assert (uid != DBUS_UID_UNSET);
4196 
4197  if (!_dbus_homedir_from_uid (uid, &homedir))
4198  goto failed;
4199 
4200 #ifdef DBUS_ENABLE_EMBEDDED_TESTS
4201  {
4202  const char *override;
4203 
4204  override = _dbus_getenv ("DBUS_TEST_HOMEDIR");
4205  if (override != NULL && *override != '\0')
4206  {
4207  _dbus_string_set_length (&homedir, 0);
4208  if (!_dbus_string_append (&homedir, override))
4209  goto failed;
4210 
4211  _dbus_verbose ("Using fake homedir for testing: %s\n",
4212  _dbus_string_get_const_data (&homedir));
4213  }
4214  else
4215  {
4216  /* Not strictly thread-safe, but if we fail at thread-safety here,
4217  * the worst that will happen is some extra warnings. */
4218  static dbus_bool_t already_warned = FALSE;
4219  if (!already_warned)
4220  {
4221  _dbus_warn ("Using your real home directory for testing, set DBUS_TEST_HOMEDIR to avoid\n");
4222  already_warned = TRUE;
4223  }
4224  }
4225  }
4226 #endif
4227 
4228  _dbus_string_init_const (&dotdir, ".dbus-keyrings");
4229  if (!_dbus_concat_dir_and_file (&homedir,
4230  &dotdir))
4231  goto failed;
4232 
4233  if (!_dbus_string_copy (&homedir, 0,
4234  directory, _dbus_string_get_length (directory))) {
4235  goto failed;
4236  }
4237 
4238  _dbus_string_free (&homedir);
4239  return TRUE;
4240 
4241  failed:
4242  _dbus_string_free (&homedir);
4243  return FALSE;
4244 }
4245 
4246 //PENDING(kdab) docs
4248 _dbus_daemon_publish_session_bus_address (const char* addr,
4249  const char *scope)
4250 {
4251  return TRUE;
4252 }
4253 
4254 //PENDING(kdab) docs
4255 void
4256 _dbus_daemon_unpublish_session_bus_address (void)
4257 {
4258 
4259 }
4260 
4269 {
4270  return e == EAGAIN || e == EWOULDBLOCK;
4271 }
4272 
4282  DBusError *error)
4283 {
4284  const char *filename_c;
4285 
4286  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
4287 
4288  filename_c = _dbus_string_get_const_data (filename);
4289 
4290  if (rmdir (filename_c) != 0)
4291  {
4293  "Failed to remove directory %s: %s\n",
4294  filename_c, _dbus_strerror (errno));
4295  return FALSE;
4296  }
4297 
4298  return TRUE;
4299 }
4300 
4310 {
4311 #ifdef SCM_RIGHTS
4312  union {
4313  struct sockaddr sa;
4314  struct sockaddr_storage storage;
4315  struct sockaddr_un un;
4316  } sa_buf;
4317 
4318  socklen_t sa_len = sizeof(sa_buf);
4319 
4320  _DBUS_ZERO(sa_buf);
4321 
4322  if (getsockname(fd.fd, &sa_buf.sa, &sa_len) < 0)
4323  return FALSE;
4324 
4325  return sa_buf.sa.sa_family == AF_UNIX;
4326 
4327 #else
4328  return FALSE;
4329 
4330 #endif
4331 }
4332 
4337 void
4339 {
4340  int maxfds, i;
4341 
4342 #ifdef __linux__
4343  DIR *d;
4344 
4345  /* On Linux we can optimize this a bit if /proc is available. If it
4346  isn't available, fall back to the brute force way. */
4347 
4348  d = opendir ("/proc/self/fd");
4349  if (d)
4350  {
4351  for (;;)
4352  {
4353  struct dirent buf, *de;
4354  int k, fd;
4355  long l;
4356  char *e = NULL;
4357 
4358  k = readdir_r (d, &buf, &de);
4359  if (k != 0 || !de)
4360  break;
4361 
4362  if (de->d_name[0] == '.')
4363  continue;
4364 
4365  errno = 0;
4366  l = strtol (de->d_name, &e, 10);
4367  if (errno != 0 || e == NULL || *e != '\0')
4368  continue;
4369 
4370  fd = (int) l;
4371  if (fd < 3)
4372  continue;
4373 
4374  if (fd == dirfd (d))
4375  continue;
4376 
4377  close (fd);
4378  }
4379 
4380  closedir (d);
4381  return;
4382  }
4383 #endif
4384 
4385  maxfds = sysconf (_SC_OPEN_MAX);
4386 
4387  /* Pick something reasonable if for some reason sysconf says
4388  * unlimited.
4389  */
4390  if (maxfds < 0)
4391  maxfds = 1024;
4392 
4393  /* close all inherited fds */
4394  for (i = 3; i < maxfds; i++)
4395  close (i);
4396 }
4397 
4409 {
4410  /* TODO: get __libc_enable_secure exported from glibc.
4411  * See http://www.openwall.com/lists/owl-dev/2012/08/14/1
4412  */
4413 #if 0 && defined(HAVE_LIBC_ENABLE_SECURE)
4414  {
4415  /* See glibc/include/unistd.h */
4416  extern int __libc_enable_secure;
4417  return __libc_enable_secure;
4418  }
4419 #elif defined(HAVE_ISSETUGID)
4420  /* BSD: http://www.freebsd.org/cgi/man.cgi?query=issetugid&sektion=2 */
4421  return issetugid ();
4422 #else
4423  uid_t ruid, euid, suid; /* Real, effective and saved user ID's */
4424  gid_t rgid, egid, sgid; /* Real, effective and saved group ID's */
4425 
4426  /* We call into this function from _dbus_threads_init_platform_specific()
4427  * to make sure these are initialized before we start threading. */
4428  static dbus_bool_t check_setuid_initialised;
4429  static dbus_bool_t is_setuid;
4430 
4431  if (_DBUS_UNLIKELY (!check_setuid_initialised))
4432  {
4433 #ifdef HAVE_GETRESUID
4434  if (getresuid (&ruid, &euid, &suid) != 0 ||
4435  getresgid (&rgid, &egid, &sgid) != 0)
4436 #endif /* HAVE_GETRESUID */
4437  {
4438  suid = ruid = getuid ();
4439  sgid = rgid = getgid ();
4440  euid = geteuid ();
4441  egid = getegid ();
4442  }
4443 
4444  check_setuid_initialised = TRUE;
4445  is_setuid = (ruid != euid || ruid != suid ||
4446  rgid != egid || rgid != sgid);
4447 
4448  }
4449  return is_setuid;
4450 #endif
4451 }
4452 
4462  DBusString *address,
4463  DBusError *error)
4464 {
4465  union {
4466  struct sockaddr sa;
4467  struct sockaddr_storage storage;
4468  struct sockaddr_un un;
4469  struct sockaddr_in ipv4;
4470  struct sockaddr_in6 ipv6;
4471  } socket;
4472  char hostip[INET6_ADDRSTRLEN];
4473  int size = sizeof (socket);
4474  DBusString path_str;
4475 
4476  if (getsockname (fd.fd, &socket.sa, &size))
4477  goto err;
4478 
4479  switch (socket.sa.sa_family)
4480  {
4481  case AF_UNIX:
4482  if (socket.un.sun_path[0]=='\0')
4483  {
4484  _dbus_string_init_const (&path_str, &(socket.un.sun_path[1]));
4485  if (_dbus_string_append (address, "unix:abstract=") &&
4486  _dbus_address_append_escaped (address, &path_str))
4487  return TRUE;
4488  }
4489  else
4490  {
4491  _dbus_string_init_const (&path_str, socket.un.sun_path);
4492  if (_dbus_string_append (address, "unix:path=") &&
4493  _dbus_address_append_escaped (address, &path_str))
4494  return TRUE;
4495  }
4496  break;
4497  case AF_INET:
4498  if (inet_ntop (AF_INET, &socket.ipv4.sin_addr, hostip, sizeof (hostip)))
4499  if (_dbus_string_append_printf (address, "tcp:family=ipv4,host=%s,port=%u",
4500  hostip, ntohs (socket.ipv4.sin_port)))
4501  return TRUE;
4502  break;
4503 #ifdef AF_INET6
4504  case AF_INET6:
4505  _dbus_string_init_const (&path_str, hostip);
4506  if (inet_ntop (AF_INET6, &socket.ipv6.sin6_addr, hostip, sizeof (hostip)))
4507  if (_dbus_string_append_printf (address, "tcp:family=ipv6,port=%u,host=",
4508  ntohs (socket.ipv6.sin6_port)) &&
4509  _dbus_address_append_escaped (address, &path_str))
4510  return TRUE;
4511  break;
4512 #endif
4513  default:
4514  dbus_set_error (error,
4515  _dbus_error_from_errno (EINVAL),
4516  "Failed to read address from socket: Unknown socket type.");
4517  return FALSE;
4518  }
4519  err:
4520  dbus_set_error (error,
4521  _dbus_error_from_errno (errno),
4522  "Failed to open socket: %s",
4523  _dbus_strerror (errno));
4524  return FALSE;
4525 }
4526 
4527 int
4528 _dbus_save_socket_errno (void)
4529 {
4530  return errno;
4531 }
4532 
4533 void
4534 _dbus_restore_socket_errno (int saved_errno)
4535 {
4536  errno = saved_errno;
4537 }
4538 
4539 /* tests in dbus-sysdeps-util.c */
dbus_bool_t _dbus_string_append(DBusString *str, const char *buffer)
Appends a nul-terminated C-style string to a DBusString.
Definition: dbus-string.c:935
DBUS_PRIVATE_EXPORT dbus_bool_t _dbus_string_parse_int(const DBusString *str, int start, long *value_return, int *end_return)
Parses an integer contained in a DBusString.
Definition: dbus-sysdeps.c:435
An atomic integer safe to increment or decrement from multiple threads.
Definition: dbus-sysdeps.h:279
dbus_uid_t _dbus_credentials_get_unix_uid(DBusCredentials *credentials)
Gets the UNIX user ID in the credentials, or DBUS_UID_UNSET if the credentials object doesn&#39;t contain...
DBUS_PRIVATE_EXPORT dbus_bool_t _dbus_string_append_uint(DBusString *str, unsigned long value)
Appends an unsigned integer to a DBusString.
Definition: dbus-sysdeps.c:392
char * username
Username.
#define NULL
A null pointer, defined appropriately for C or C++.
#define DBUS_ERROR_SPAWN_EXEC_FAILED
While starting a new process, the exec() call failed.
volatile dbus_int32_t value
Value of the atomic integer.
Definition: dbus-sysdeps.h:284
dbus_bool_t _dbus_check_dir_is_private_to_user(DBusString *dir, DBusError *error)
Checks to make sure the given directory is private to the user.
void _dbus_close_all(void)
Closes all file descriptors except the first three (i.e.
void * dbus_realloc(void *memory, size_t bytes)
Resizes a block of memory previously allocated by dbus_malloc() or dbus_malloc0().
Definition: dbus-memory.c:601
dbus_bool_t _dbus_string_lengthen(DBusString *str, int additional_length)
Makes a string longer by the given number of bytes.
Definition: dbus-string.c:760
dbus_bool_t _dbus_ensure_directory(const DBusString *filename, DBusError *error)
Creates a directory; succeeds if the directory is created or already existed.
void dbus_free(void *memory)
Frees a block of memory previously allocated by dbus_malloc() or dbus_malloc0().
Definition: dbus-memory.c:701
dbus_bool_t _dbus_socketpair(DBusSocket *fd1, DBusSocket *fd2, dbus_bool_t blocking, DBusError *error)
Creates pair of connect sockets (as in socketpair()).
int _dbus_write(int fd, const DBusString *buffer, int start, int len)
Thin wrapper around the write() system call that writes a part of a DBusString and handles EINTR for ...
dbus_bool_t _dbus_ensure_standard_fds(DBusEnsureStandardFdsFlags flags, const char **error_str_p)
Ensure that the standard file descriptors stdin, stdout and stderr are open, by opening /dev/null if ...
#define DBUS_ERROR_NOT_SUPPORTED
Requested operation isn&#39;t supported (like ENOSYS on UNIX).
#define dbus_new(type, count)
Safe macro for using dbus_malloc().
Definition: dbus-memory.h:58
#define DBUS_GID_FORMAT
an appropriate printf format for dbus_gid_t
Definition: dbus-sysdeps.h:123
#define DBUS_PID_FORMAT
an appropriate printf format for dbus_pid_t
Definition: dbus-sysdeps.h:119
dbus_bool_t _dbus_generate_uuid(DBusGUID *uuid, DBusError *error)
Generates a new UUID.
dbus_bool_t _dbus_get_local_machine_uuid_encoded(DBusString *uuid_str, DBusError *error)
Gets the hex-encoded UUID of the machine this function is executed on.
#define _dbus_assert(condition)
Aborts with an error message if the condition is false.
dbus_bool_t _dbus_append_address_from_socket(DBusSocket fd, DBusString *address, DBusError *error)
Read the address from the socket and append it to the string.
dbus_bool_t _dbus_check_setuid(void)
NOTE: If you modify this function, please also consider making the corresponding change in GLib...
void _dbus_user_database_flush_system(void)
Flushes the system global user database;.
Definition: dbus-userdb.c:349
void dbus_error_free(DBusError *error)
Frees an error that&#39;s been set (or just initialized), then reinitializes the error as in dbus_error_i...
Definition: dbus-errors.c:211
dbus_gid_t primary_gid
GID.
dbus_bool_t _dbus_credentials_add_linux_security_label(DBusCredentials *credentials, const char *label)
Add a Linux security label, as used by LSMs such as SELinux, Smack and AppArmor, to the credentials...
A globally unique ID ; we have one for each DBusServer, and also one for each machine with libdbus in...
dbus_pid_t _dbus_getpid(void)
Gets our process ID.
#define _DBUS_POLLIN
There is data to read.
Definition: dbus-sysdeps.h:388
dbus_bool_t _dbus_concat_dir_and_file(DBusString *dir, const DBusString *next_component)
Appends the given filename to the given directory.
char * _dbus_string_get_data_len(DBusString *str, int start, int len)
Gets a sub-portion of the raw character buffer from the string.
Definition: dbus-string.c:490
int _dbus_read_socket(DBusSocket fd, DBusString *buffer, int count)
Like _dbus_read(), but only works on sockets so is available on Windows.
dbus_bool_t _dbus_string_init(DBusString *str)
Initializes a string.
Definition: dbus-string.c:175
#define DBUS_ERROR_IO_ERROR
Something went wrong reading or writing to a socket, for example.
int _dbus_dup(int fd, DBusError *error)
Duplicates a file descriptor.
void _dbus_string_shorten(DBusString *str, int length_to_remove)
Makes a string shorter by the given number of bytes.
Definition: dbus-string.c:780
short events
Events to poll for.
Definition: dbus-sysdeps.h:383
dbus_bool_t _dbus_string_copy(const DBusString *source, int start, DBusString *dest, int insert_at)
Like _dbus_string_move(), but does not delete the section of the source string that&#39;s copied to the d...
Definition: dbus-string.c:1283
#define DBUS_PID_UNSET
an invalid PID used to represent an uninitialized dbus_pid_t field
Definition: dbus-sysdeps.h:112
dbus_bool_t _dbus_send_credentials_socket(DBusSocket server_fd, DBusError *error)
Sends a single nul byte with our UNIX credentials as ancillary data.
dbus_bool_t _dbus_close_socket(DBusSocket fd, DBusError *error)
Closes a socket.
void _dbus_credentials_clear(DBusCredentials *credentials)
Clear all credentials in the object.
#define DBUS_UID_UNSET
an invalid UID used to represent an uninitialized dbus_uid_t field
Definition: dbus-sysdeps.h:114
dbus_bool_t _dbus_parse_uid(const DBusString *uid_str, dbus_uid_t *uid)
Gets a UID from a UID string.
dbus_bool_t _dbus_get_autolaunch_address(const char *scope, DBusString *address, DBusError *error)
Returns the address of a new session bus.
const char * _dbus_error_from_errno(int error_number)
Converts a UNIX errno, or Windows errno or WinSock error value into a DBusError name.
Definition: dbus-sysdeps.c:590
dbus_bool_t _dbus_user_info_fill(DBusUserInfo *info, const DBusString *username, DBusError *error)
Gets user info for the given username.
dbus_bool_t _dbus_homedir_from_uid(dbus_uid_t uid, DBusString *homedir)
Gets the home directory for the given user.
Definition: dbus-userdb.c:461
unsigned long dbus_pid_t
A process ID.
Definition: dbus-sysdeps.h:105
int _dbus_read_socket_with_unix_fds(DBusSocket fd, DBusString *buffer, int count, int *fds, int *n_fds)
Like _dbus_read_socket() but also tries to read unix fds from the socket.
Socket interface.
Definition: dbus-sysdeps.h:148
dbus_gid_t * group_ids
Groups IDs, including above primary group.
dbus_bool_t _dbus_lookup_launchd_socket(DBusString *socket_path, const char *launchd_env_var, DBusError *error)
quries launchd for a specific env var which holds the socket path.
void * dbus_malloc(size_t bytes)
Allocates the given number of bytes, as with standard malloc().
Definition: dbus-memory.c:461
dbus_bool_t _dbus_append_user_from_current_process(DBusString *str)
Append to the string the identity we would like to have when we authenticate, on UNIX this is the cur...
dbus_bool_t _dbus_credentials_are_anonymous(DBusCredentials *credentials)
Checks whether a credentials object contains a user identity.
dbus_bool_t _dbus_get_is_errno_eagain_or_ewouldblock(int e)
See if errno is EAGAIN or EWOULDBLOCK (this has to be done differently for Winsock so is abstracted) ...
dbus_uint32_t dbus_bool_t
A boolean, valid values are TRUE and FALSE.
Definition: dbus-types.h:35
void _dbus_string_init_const(DBusString *str, const char *value)
Initializes a constant string.
Definition: dbus-string.c:190
int n_group_ids
Size of group IDs array.
int _dbus_listen_systemd_sockets(DBusSocket **fds, DBusError *error)
Acquires one or more sockets passed in from systemd.
#define _DBUS_POLLOUT
Writing now will not block.
Definition: dbus-sysdeps.h:392
void _dbus_warn(const char *format,...)
Prints a warning message to stderr.
int _dbus_write_socket_two(DBusSocket fd, const DBusString *buffer1, int start1, int len1, const DBusString *buffer2, int start2, int len2)
Like _dbus_write_two() but only works on sockets and is thus available on Windows.
DBusSocket _dbus_accept(DBusSocket listen_fd)
Accepts a connection on a listening socket.
dbus_bool_t _dbus_string_init_preallocated(DBusString *str, int allocate_size)
Initializes a string that can be up to the given allocation size before it has to realloc...
Definition: dbus-string.c:132
dbus_int32_t _dbus_atomic_inc(DBusAtomic *atomic)
Atomically increments an integer.
dbus_uid_t uid
UID.
int _dbus_read(int fd, DBusString *buffer, int count)
Thin wrapper around the read() system call that appends the data it reads to the DBusString buffer...
dbus_bool_t _dbus_string_append_printf(DBusString *str, const char *format,...)
Appends a printf-style formatted string to the DBusString.
Definition: dbus-string.c:1114
dbus_bool_t _dbus_append_keyring_directory_for_credentials(DBusString *directory, DBusCredentials *credentials)
Appends the directory in which a keyring for the given credentials should be stored.
dbus_bool_t _dbus_read_credentials_socket(DBusSocket client_fd, DBusCredentials *credentials, DBusError *error)
Reads a single byte which must be nul (an error occurs otherwise), and reads unix credentials if avai...
dbus_bool_t _dbus_create_directory(const DBusString *filename, DBusError *error)
Creates a directory.
dbus_bool_t _dbus_delete_directory(const DBusString *filename, DBusError *error)
Removes a directory; Directory must be empty.
Object representing an exception.
Definition: dbus-errors.h:48
dbus_bool_t _dbus_address_append_escaped(DBusString *escaped, const DBusString *unescaped)
Appends an escaped version of one string to another string, using the D-Bus address escaping mechanis...
Definition: dbus-address.c:104
void _dbus_get_monotonic_time(long *tv_sec, long *tv_usec)
Get current time, as in gettimeofday().
int _dbus_listen_tcp_socket(const char *host, const char *port, const char *family, DBusString *retport, DBusSocket **fds_p, DBusError *error)
Creates a socket and binds it to the given path, then listens on the socket.
void _dbus_disable_sigpipe(void)
signal (SIGPIPE, SIG_IGN);
#define DBUS_ERROR_BAD_ADDRESS
A D-Bus bus address was malformed.
void dbus_set_error(DBusError *error, const char *name, const char *format,...)
Assigns an error name and message to a DBusError.
Definition: dbus-errors.c:354
dbus_bool_t _dbus_credentials_add_adt_audit_data(DBusCredentials *credentials, void *audit_data, dbus_int32_t size)
Add ADT audit data to the credentials.
#define _DBUS_N_ELEMENTS(array)
Computes the number of elements in a fixed-size array using sizeof().
void _dbus_flush_caches(void)
Called when the bus daemon is signaled to reload its configuration; any caches should be nuked...
int _dbus_connect_exec(const char *path, char *const argv[], DBusError *error)
Creates a UNIX domain socket and connects it to the specified process to execute. ...
const char * _dbus_get_tmpdir(void)
Gets the temporary files directory by inspecting the environment variables TMPDIR, TMP, and TEMP in that order.
dbus_bool_t _dbus_string_append_byte(DBusString *str, unsigned char byte)
Appends a single byte to the string, returning FALSE if not enough memory.
Definition: dbus-string.c:1157
#define _DBUS_UNLOCK(name)
Unlocks a global lock.
void _dbus_string_free(DBusString *str)
Frees a string created by _dbus_string_init().
Definition: dbus-string.c:259
#define DBUS_GID_UNSET
an invalid GID used to represent an uninitialized dbus_gid_t field
Definition: dbus-sysdeps.h:116
dbus_uid_t _dbus_geteuid(void)
Gets our effective UID.
dbus_bool_t _dbus_credentials_add_from_current_process(DBusCredentials *credentials)
Adds the credentials of the current process to the passed-in credentials object.
#define TRUE
Expands to &quot;1&quot;.
DBusPollable fd
File descriptor.
Definition: dbus-sysdeps.h:382
#define _dbus_assert_not_reached(explanation)
Aborts with an error message if called.
dbus_bool_t _dbus_credentials_add_pid(DBusCredentials *credentials, dbus_pid_t pid)
Add a UNIX process ID to the credentials.
#define DBUS_ERROR_FAILED
A generic error; &quot;something went wrong&quot; - see the error message for more.
#define READ_END
Helps remember which end of the pipe is which.
Definition: dbus-spawn.c:873
#define DBUS_UID_FORMAT
an appropriate printf format for dbus_uid_t
Definition: dbus-sysdeps.h:121
dbus_bool_t _dbus_read_uuid_file(const DBusString *filename, DBusGUID *uuid, dbus_bool_t create_if_not_found, DBusError *error)
Reads (and optionally writes) a uuid to a file.
char * homedir
Home directory.
void _dbus_exit(int code)
Exit the process, returning the given value.
unsigned long _dbus_pid_for_log(void)
The only reason this is separate from _dbus_getpid() is to allow it on Windows for logging but not fo...
void _dbus_fd_set_close_on_exec(int fd)
Sets the file descriptor to be close on exec.
DBusSocket _dbus_connect_tcp_socket(const char *host, const char *port, const char *family, DBusError *error)
Creates a socket and connects to a socket at the given host and port.
dbus_int32_t _dbus_atomic_dec(DBusAtomic *atomic)
Atomically decrement an integer.
dbus_uid_t _dbus_getuid(void)
Gets our UID.
dbus_bool_t _dbus_generate_random_bytes(DBusString *str, int n_bytes, DBusError *error)
Generates the given number of securely random bytes, using the best mechanism we can come up with...
dbus_bool_t _dbus_user_info_fill_uid(DBusUserInfo *info, dbus_uid_t uid, DBusError *error)
Gets user info for the given user ID.
dbus_bool_t _dbus_set_socket_nonblocking(DBusSocket fd, DBusError *error)
Sets a file descriptor to be nonblocking.
#define DBUS_ERROR_NO_MEMORY
There was not enough memory to complete an operation.
dbus_bool_t _dbus_lookup_session_address(dbus_bool_t *supported, DBusString *address, DBusError *error)
Determines the address of the session bus by querying a platform-specific method. ...
dbus_bool_t _dbus_close(int fd, DBusError *error)
Closes a file descriptor.
#define FALSE
Expands to &quot;0&quot;.
dbus_bool_t _dbus_read_local_machine_uuid(DBusGUID *machine_id, dbus_bool_t create_if_not_found, DBusError *error)
Reads the uuid of the machine we&#39;re running on from the dbus configuration.
dbus_bool_t _dbus_write_uuid_file(const DBusString *filename, const DBusGUID *uuid, DBusError *error)
Write the give UUID to a file.
void _dbus_print_backtrace(void)
On GNU libc systems, print a crude backtrace to stderr.
void dbus_set_error_const(DBusError *error, const char *name, const char *message)
Assigns an error name and message to a DBusError.
Definition: dbus-errors.c:243
dbus_bool_t _dbus_string_set_length(DBusString *str, int length)
Sets the length of a string.
Definition: dbus-string.c:802
#define _DBUS_LOCK(name)
Locks a global lock, initializing it first if necessary.
int _dbus_write_socket(DBusSocket fd, const DBusString *buffer, int start, int len)
Like _dbus_write(), but only supports sockets and is thus available on Windows.
int _dbus_write_two(int fd, const DBusString *buffer1, int start1, int len1, const DBusString *buffer2, int start2, int len2)
Like _dbus_write() but will use writev() if possible to write both buffers in sequence.
dbus_int32_t _dbus_atomic_get(DBusAtomic *atomic)
Atomically get the value of an integer.
void _dbus_sleep_milliseconds(int milliseconds)
Sleeps the given number of milliseconds.
DBUS_PRIVATE_EXPORT void _dbus_verbose_bytes_of_string(const DBusString *str, int start, int len)
Dump the given part of the string to verbose log.
#define WRITE_END
Helps remember which end of the pipe is which.
Definition: dbus-spawn.c:875
unsigned long dbus_gid_t
A group ID.
Definition: dbus-sysdeps.h:109
int _dbus_printf_string_upper_bound(const char *format, va_list args)
Measure the length of the given format string and arguments, not including the terminating nul...
char * _dbus_strdup(const char *str)
Duplicates a string.
#define _DBUS_ZERO(object)
Sets all bits in an object to zero.
dbus_bool_t _dbus_credentials_add_unix_uid(DBusCredentials *credentials, dbus_uid_t uid)
Add a UNIX user ID to the credentials.
dbus_bool_t _dbus_socket_can_pass_unix_fd(DBusSocket fd)
Checks whether file descriptors may be passed via the socket.
const char * _dbus_getenv(const char *varname)
Wrapper for getenv().
Definition: dbus-sysdeps.c:185
unsigned long dbus_uid_t
A user ID.
Definition: dbus-sysdeps.h:107
int _dbus_poll(DBusPollFD *fds, int n_fds, int timeout_milliseconds)
Wrapper for poll().
short revents
Events that occurred.
Definition: dbus-sysdeps.h:384
int _dbus_connect_unix_socket(const char *path, dbus_bool_t abstract, DBusError *error)
Creates a socket and connects it to the UNIX domain socket at the given path.
dbus_bool_t dbus_error_is_set(const DBusError *error)
Checks whether an error occurred (the error is set).
Definition: dbus-errors.c:329
int _dbus_listen_unix_socket(const char *path, dbus_bool_t abstract, DBusError *error)
Creates a socket and binds it to the given path, then listens on the socket.
void _dbus_get_real_time(long *tv_sec, long *tv_usec)
Get current time, as in gettimeofday().
Information about a UNIX user.
#define _DBUS_POLLERR
Error condition.
Definition: dbus-sysdeps.h:394