D-Bus  1.12.20
dbus-server-unix.c
1 /* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
2 /* dbus-server-unix.c Server implementation for Unix network protocols.
3  *
4  * Copyright (C) 2002, 2003, 2004 Red Hat Inc.
5  *
6  * Licensed under the Academic Free License version 2.1
7  *
8  * This program is free software; you can redistribute it and/or modify
9  * it under the terms of the GNU General Public License as published by
10  * the Free Software Foundation; either version 2 of the License, or
11  * (at your option) any later version.
12  *
13  * This program is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16  * GNU General Public License for more details.
17  *
18  * You should have received a copy of the GNU General Public License
19  * along with this program; if not, write to the Free Software
20  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
21  *
22  */
23 
24 #include <config.h>
25 #include "dbus-internals.h"
26 #include "dbus-server-unix.h"
27 #include "dbus-server-socket.h"
28 #include "dbus-server-launchd.h"
29 #include "dbus-transport-unix.h"
30 #include "dbus-connection-internal.h"
31 #include "dbus-sysdeps-unix.h"
32 #include "dbus-string.h"
33 
34 #ifdef HAVE_PDPLINUX
35 #include <parsec/pdp.h>
36 //#include <parsec/cap.h>
37 #include <parsec/parsec_cap.h>
38 
39 int pdplinux_capability_set_socket_from_current_process(const char *path, int sockfd);
40 int pdplinux_capability_set_apply_socket(parsec_cap_t set, int sockfd);
41 
42 #endif
43 
63 DBusServerListenResult
65  DBusServer **server_p,
66  DBusError *error)
67 {
68  const char *method;
69 
70  *server_p = NULL;
71 
72  method = dbus_address_entry_get_method (entry);
73 
74  if (strcmp (method, "unix") == 0)
75  {
76  const char *path = dbus_address_entry_get_value (entry, "path");
77  const char *dir = dbus_address_entry_get_value (entry, "dir");
78  const char *tmpdir = dbus_address_entry_get_value (entry, "tmpdir");
79  const char *abstract = dbus_address_entry_get_value (entry, "abstract");
80  const char *runtime = dbus_address_entry_get_value (entry, "runtime");
81  int mutually_exclusive_modes = 0;
82 
83  mutually_exclusive_modes = (path != NULL) + (tmpdir != NULL) +
84  (abstract != NULL) + (runtime != NULL) + (dir != NULL);
85 
86  if (mutually_exclusive_modes < 1)
87  {
88  _dbus_set_bad_address(error, "unix",
89  "path or tmpdir or abstract or runtime or dir",
90  NULL);
91  return DBUS_SERVER_LISTEN_BAD_ADDRESS;
92  }
93 
94  if (mutually_exclusive_modes > 1)
95  {
97  "cannot specify two of \"path\", \"tmpdir\", \"abstract\", \"runtime\" and \"dir\" at the same time");
98  return DBUS_SERVER_LISTEN_BAD_ADDRESS;
99  }
100 
101  if (runtime != NULL)
102  {
103  DBusString full_path;
104  DBusString filename;
105  const char *runtimedir;
106 
107  if (strcmp (runtime, "yes") != 0)
108  {
110  "if given, the only value allowed for \"runtime\" is \"yes\"");
111  return DBUS_SERVER_LISTEN_BAD_ADDRESS;
112  }
113 
114  runtimedir = _dbus_getenv ("XDG_RUNTIME_DIR");
115 
116  if (runtimedir == NULL)
117  {
118  dbus_set_error (error,
119  DBUS_ERROR_NOT_SUPPORTED, "\"XDG_RUNTIME_DIR\" is not set");
120  return DBUS_SERVER_LISTEN_DID_NOT_CONNECT;
121  }
122 
123  _dbus_string_init_const (&filename, "bus");
124 
125  if (!_dbus_string_init (&full_path))
126  {
127  _DBUS_SET_OOM (error);
128  return DBUS_SERVER_LISTEN_DID_NOT_CONNECT;
129  }
130 
131  if (!_dbus_string_append (&full_path, runtimedir) ||
132  !_dbus_concat_dir_and_file (&full_path, &filename))
133  {
134  _dbus_string_free (&full_path);
135  _DBUS_SET_OOM (error);
136  return DBUS_SERVER_LISTEN_DID_NOT_CONNECT;
137  }
138 
139  /* We can safely use filesystem sockets in the runtime directory,
140  * and they are preferred because they can be bind-mounted between
141  * Linux containers. */
143  _dbus_string_get_const_data (&full_path),
144  FALSE, error);
145 
146  _dbus_string_free (&full_path);
147  }
148  else if (tmpdir != NULL || dir != NULL)
149  {
150  DBusString full_path;
151  DBusString filename;
152  dbus_bool_t use_abstract = FALSE;
153 
154  if (tmpdir != NULL)
155  {
156  dir = tmpdir;
157 
158 #ifdef __linux__
159  /* Use abstract sockets for tmpdir if supported, so that it
160  * never needs to be cleaned up. Use dir instead if you want a
161  * path-based socket. */
162  use_abstract = TRUE;
163 #endif
164  }
165 
166  if (!_dbus_string_init (&full_path))
167  {
169  return DBUS_SERVER_LISTEN_DID_NOT_CONNECT;
170  }
171 
172  if (!_dbus_string_init (&filename))
173  {
174  _dbus_string_free (&full_path);
176  return DBUS_SERVER_LISTEN_DID_NOT_CONNECT;
177  }
178 
179  if (!_dbus_string_append (&filename, "dbus-"))
180  {
181  _dbus_string_free (&full_path);
182  _dbus_string_free (&filename);
184  return DBUS_SERVER_LISTEN_DID_NOT_CONNECT;
185  }
186 
187  if (!_dbus_generate_random_ascii (&filename, 10, error))
188  {
189  _dbus_string_free (&full_path);
190  _dbus_string_free (&filename);
191  return DBUS_SERVER_LISTEN_DID_NOT_CONNECT;
192  }
193 
194  if (!_dbus_string_append (&full_path, dir) ||
195  !_dbus_concat_dir_and_file (&full_path, &filename))
196  {
197  _dbus_string_free (&full_path);
198  _dbus_string_free (&filename);
200  return DBUS_SERVER_LISTEN_DID_NOT_CONNECT;
201  }
202 
203  *server_p =
204  _dbus_server_new_for_domain_socket (_dbus_string_get_const_data (&full_path),
205  use_abstract,
206  error);
207 
208  _dbus_string_free (&full_path);
209  _dbus_string_free (&filename);
210  }
211  else
212  {
213  if (path)
214  *server_p = _dbus_server_new_for_domain_socket (path, FALSE, error);
215  else
216  *server_p = _dbus_server_new_for_domain_socket (abstract, TRUE, error);
217  }
218 
219  if (*server_p != NULL)
220  {
221  _DBUS_ASSERT_ERROR_IS_CLEAR(error);
222  return DBUS_SERVER_LISTEN_OK;
223  }
224  else
225  {
226  _DBUS_ASSERT_ERROR_IS_SET(error);
227  return DBUS_SERVER_LISTEN_DID_NOT_CONNECT;
228  }
229  }
230  else if (strcmp (method, "systemd") == 0)
231  {
232  int i, n;
233  DBusSocket *fds;
234  DBusString address;
235 
236  n = _dbus_listen_systemd_sockets (&fds, error);
237  if (n < 0)
238  {
239  _DBUS_ASSERT_ERROR_IS_SET (error);
240  return DBUS_SERVER_LISTEN_DID_NOT_CONNECT;
241  }
242 
243  if (!_dbus_string_init (&address))
244  goto systemd_oom;
245 
246  for (i = 0; i < n; i++)
247  {
248  if (i > 0)
249  {
250  if (!_dbus_string_append (&address, ";"))
251  goto systemd_oom;
252  }
253  if (!_dbus_append_address_from_socket (fds[i], &address, error))
254  goto systemd_err;
255 #ifdef HAVE_PDPLINUX
256  _dbus_verbose("parsec privsock: process to set Special label: fds[i] = %d (%d of %d) address=%s (NSP)\n",
257  fds[i].fd, i, n, _dbus_string_get_const_data(&address));
258  pdplinux_capability_set_socket_from_current_process(_dbus_string_get_const_data(&address),fds[i].fd);
259 #endif
260  }
261 
262  *server_p = _dbus_server_new_for_socket (fds, n, &address, NULL, error);
263  if (*server_p == NULL)
264  goto systemd_err;
265 
266  dbus_free (fds);
267  _dbus_string_free (&address);
268 
269  return DBUS_SERVER_LISTEN_OK;
270 
271  systemd_oom:
272  _DBUS_SET_OOM (error);
273  systemd_err:
274  for (i = 0; i < n; i++)
275  {
276  _dbus_close_socket (fds[i], NULL);
277  }
278  dbus_free (fds);
279  _dbus_string_free (&address);
280 
281  return DBUS_SERVER_LISTEN_DID_NOT_CONNECT;
282  }
283 #ifdef DBUS_ENABLE_LAUNCHD
284  else if (strcmp (method, "launchd") == 0)
285  {
286  const char *launchd_env_var = dbus_address_entry_get_value (entry, "env");
287  if (launchd_env_var == NULL)
288  {
289  _dbus_set_bad_address (error, "launchd", "env", NULL);
290  return DBUS_SERVER_LISTEN_DID_NOT_CONNECT;
291  }
292  *server_p = _dbus_server_new_for_launchd (launchd_env_var, error);
293 
294  if (*server_p != NULL)
295  {
296  _DBUS_ASSERT_ERROR_IS_CLEAR(error);
297  return DBUS_SERVER_LISTEN_OK;
298  }
299  else
300  {
301  _DBUS_ASSERT_ERROR_IS_SET(error);
302  return DBUS_SERVER_LISTEN_DID_NOT_CONNECT;
303  }
304  }
305 #endif
306  else
307  {
308  /* If we don't handle the method, we return NULL with the
309  * error unset
310  */
311  _DBUS_ASSERT_ERROR_IS_CLEAR(error);
312  return DBUS_SERVER_LISTEN_NOT_HANDLED;
313  }
314 }
315 
324 DBusServer*
326  dbus_bool_t abstract,
327  DBusError *error)
328 {
329  DBusServer *server;
330  DBusSocket listen_fd;
331  DBusString address;
332  char *path_copy;
333  DBusString path_str;
334 
335  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
336 
337  if (!_dbus_string_init (&address))
338  {
340  return NULL;
341  }
342 
343  _dbus_string_init_const (&path_str, path);
344  if ((abstract &&
345  !_dbus_string_append (&address, "unix:abstract=")) ||
346  (!abstract &&
347  !_dbus_string_append (&address, "unix:path=")) ||
348  !_dbus_address_append_escaped (&address, &path_str))
349  {
351  goto failed_0;
352  }
353 
354  if (abstract)
355  {
356  path_copy = NULL;
357  }
358  else
359  {
360  path_copy = _dbus_strdup (path);
361  if (path_copy == NULL)
362  {
364  goto failed_0;
365  }
366  }
367 
368  listen_fd.fd = _dbus_listen_unix_socket (path, abstract, error);
369 
370  if (listen_fd.fd < 0)
371  {
372  _DBUS_ASSERT_ERROR_IS_SET (error);
373  goto failed_1;
374  }
375 #ifdef HAVE_PDPLINUX
376  else{
377  _dbus_verbose("parsec privsock: process to set Special label: path %s, fd=%d (NSP)\n",path,listen_fd.fd);
378  pdplinux_capability_set_socket_from_current_process(path,listen_fd.fd);
379  }
380 #endif
381 
382  server = _dbus_server_new_for_socket (&listen_fd, 1, &address, 0, error);
383  if (server == NULL)
384  {
385  goto failed_2;
386  }
387 
388  if (path_copy != NULL)
389  _dbus_server_socket_own_filename(server, path_copy);
390 
391  _dbus_string_free (&address);
392 
393  return server;
394 
395  failed_2:
396  _dbus_close_socket (listen_fd, NULL);
397  failed_1:
398  dbus_free (path_copy);
399  failed_0:
400  _dbus_string_free (&address);
401 
402  return NULL;
403 }
404 
405 #ifdef HAVE_PDPLINUX
406 
407 //-----------------------------------------------------------------------------------------------
408 int pdplinux_capability_set_socket_from_current_process(const char* path, int sockfd){
409  int r=0;
410  int found=0;
411  dbus_bool_t flFind;
412 
413  parsec_caps_t capsproc;
414  DBusString dsPath;
415 
416  memset(&capsproc,0,sizeof(capsproc));
417  r=parsec_capget(0,&capsproc);
418 
419  _dbus_string_init_const(&dsPath,path);
420 
421  flFind=_dbus_string_find(&dsPath,0,"system_bus_socket",&found);
422 
423  if (flFind){
424  if (r==0)
425  r=pdplinux_capability_set_apply_socket(capsproc.cap_effective,sockfd);
426  else
427  _dbus_verbose("parsec privsock: parsec_capget failed with %d\n",r);
428  }
429  else
430  _dbus_verbose("parsec privsock: _dbus_string_find cannot find system_bus_socket in path so skip set_apply_socket\n");
431 
432  _dbus_verbose("parsec privsock: pdplinux_capability_set_apply_socket returned %d\n",r);
433  return r;
434 }
435 
436 //-----------------------------------------------------------------------------------------------
437 int pdplinux_capability_set_apply_socket(parsec_cap_t set, int sockfd){
438  int r=0;
439  int pdpi=0;
440 
441  unsigned int caps=set;
442  _dbus_verbose("parsec privsock: Capability is %x\n",caps);
443  //pdpi=pdp_init();
444 
445  if (pdpi != 0){
446  _dbus_verbose("parsec privsock: Error pdp_init %m\n");
447  r=-1;
448  return r;
449  }
450 
451  if (set & PARSEC_CAP_TO_MASK(PARSEC_CAP_PRIV_SOCK)){
452  PDPL_T* pdpl = NULL;
453  PDP_TYPE_T type = PDPT_EHOLE;
454 
455  _dbus_verbose("parsec privsock: Processing 'PARSEC_CAP_PRIV_SOCK' socket...\n");
456 
457  pdpl=pdp_get_fd(sockfd);
458 
459  if (pdpl){
460  pdpl_or_type(pdpl,type);
461 
462  if ( pdp_set_fd(sockfd,pdpl)!=0 ){
463  r=-2;
464  _dbus_verbose("parsec privsock: Failed pdp_set_fd: %m\n");
465  }
466  else{
467  _dbus_verbose("parsec privsock: Parsec privsock set successful\n");
468  }
469  pdpl_put(pdpl);
470  }
471  else{
472  r=-3;
473  _dbus_verbose("parsec privsock: Failed pdp_get_fd: %m\n");
474  }
475  }
476  else{
477  _dbus_verbose("parsec privsock: Parsec privsock skipped because of no PARSEC_CAP_PRIV_SOCK\n");
478  r=0;
479  }
480 
481  //pdpi=pdp_release();
482  if (pdpi != 0){
483  _dbus_verbose("parsec privsock: Error pdp_release %m\n");
484  r=-4;
485  }
486  return r;
487 }
488 #endif
489 
dbus_bool_t _dbus_string_append(DBusString *str, const char *buffer)
Appends a nul-terminated C-style string to a DBusString.
Definition: dbus-string.c:935
#define NULL
A null pointer, defined appropriately for C or C++.
void dbus_free(void *memory)
Frees a block of memory previously allocated by dbus_malloc() or dbus_malloc0().
Definition: dbus-memory.c:702
DBusServer * _dbus_server_new_for_launchd(const char *launchd_env_var, DBusError *error)
Creates a new server from launchd.
#define DBUS_ERROR_NOT_SUPPORTED
Requested operation isn&#39;t supported (like ENOSYS on UNIX).
Internals of DBusServer object.
dbus_bool_t _dbus_append_address_from_socket(DBusSocket fd, DBusString *address, DBusError *error)
Read the address from the socket and append it to the string.
const char * dbus_address_entry_get_method(DBusAddressEntry *entry)
Returns the method string of an address entry.
Definition: dbus-address.c:227
dbus_bool_t _dbus_concat_dir_and_file(DBusString *dir, const DBusString *next_component)
Appends the given filename to the given directory.
dbus_bool_t _dbus_string_init(DBusString *str)
Initializes a string.
Definition: dbus-string.c:175
DBusServerListenResult _dbus_server_listen_platform_specific(DBusAddressEntry *entry, DBusServer **server_p, DBusError *error)
Tries to interpret the address entry in a platform-specific way, creating a platform-specific server ...
dbus_bool_t _dbus_close_socket(DBusSocket fd, DBusError *error)
Closes a socket.
dbus_bool_t _dbus_string_find(const DBusString *str, int start, const char *substr, int *found)
Finds the given substring in the string, returning TRUE and filling in the byte index where the subst...
Definition: dbus-string.c:1604
DBusServer * _dbus_server_new_for_socket(DBusSocket *fds, int n_fds, const DBusString *address, DBusNonceFile *noncefile, DBusError *error)
Creates a new server listening on the given file descriptor.
Socket interface.
Definition: dbus-sysdeps.h:181
const char * dbus_address_entry_get_value(DBusAddressEntry *entry, const char *key)
Returns a value from a key of an entry.
Definition: dbus-address.c:244
dbus_uint32_t dbus_bool_t
A boolean, valid values are TRUE and FALSE.
Definition: dbus-types.h:35
void _dbus_string_init_const(DBusString *str, const char *value)
Initializes a constant string.
Definition: dbus-string.c:190
dbus_bool_t _dbus_generate_random_ascii(DBusString *str, int n_bytes, DBusError *error)
Generates the given number of random bytes, where the bytes are chosen from the alphanumeric ASCII su...
Definition: dbus-sysdeps.c:552
void _dbus_server_socket_own_filename(DBusServer *server, char *filename)
This is a bad hack since it&#39;s really unix domain socket specific.
int _dbus_listen_systemd_sockets(DBusSocket **fds, DBusError *error)
Acquires one or more sockets passed in from systemd.
Internals of DBusAddressEntry.
Definition: dbus-address.c:43
void _dbus_set_bad_address(DBusError *error, const char *address_problem_type, const char *address_problem_field, const char *address_problem_other)
Sets DBUS_ERROR_BAD_ADDRESS.
Definition: dbus-address.c:65
Object representing an exception.
Definition: dbus-errors.h:48
dbus_bool_t _dbus_address_append_escaped(DBusString *escaped, const DBusString *unescaped)
Appends an escaped version of one string to another string, using the D-Bus address escaping mechanis...
Definition: dbus-address.c:104
void dbus_set_error(DBusError *error, const char *name, const char *format,...)
Assigns an error name and message to a DBusError.
Definition: dbus-errors.c:354
void _dbus_string_free(DBusString *str)
Frees a string created by _dbus_string_init().
Definition: dbus-string.c:259
#define TRUE
Expands to "1".
DBusServer * _dbus_server_new_for_domain_socket(const char *path, dbus_bool_t abstract, DBusError *error)
Creates a new server listening on the given Unix domain socket.
#define DBUS_ERROR_NO_MEMORY
There was not enough memory to complete an operation.
#define FALSE
Expands to "0".
char * _dbus_strdup(const char *str)
Duplicates a string.
const char * _dbus_getenv(const char *varname)
Wrapper for getenv().
Definition: dbus-sysdeps.c:187
int _dbus_listen_unix_socket(const char *path, dbus_bool_t abstract, DBusError *error)
Creates a socket and binds it to the given path, then listens on the socket.