luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2025-01-26 14:06:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

GCredentials: Add the concept of credentials that lack the process ID

Browse Source 
struct xucred on macOS doesn't have the process ID, only the user ID
and groups.

Signed-off-by: Simon McVittie <smcv@collabora.com>
This commit is contained in:
Simon McVittie 2020-03-15 18:10:53 +00:00 committed by Philip Withnall
parent a9a7aa05dc
commit 05cb229082
3 changed files with 39 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
gio/gcredentialsprivate.h
View File

@ -93,6 +93,13 @@
*/ */
#undef G_CREDENTIALS_PREFER_MESSAGE_PASSING #undef G_CREDENTIALS_PREFER_MESSAGE_PASSING
/*
* G_CREDENTIALS_HAS_PID:
*
* Defined to 1 if the %G_CREDENTIALS_NATIVE_TYPE contains the process ID.
*/
#undef G_CREDENTIALS_HAS_PID
#ifdef __linux__ #ifdef __linux__
#define G_CREDENTIALS_SUPPORTED 1 #define G_CREDENTIALS_SUPPORTED 1
#define G_CREDENTIALS_USE_LINUX_UCRED 1 #define G_CREDENTIALS_USE_LINUX_UCRED 1
@ -101,6 +108,7 @@
#define G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED 1 #define G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED 1
#define G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED 1 #define G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED 1
#define G_CREDENTIALS_SPOOFING_SUPPORTED 1 #define G_CREDENTIALS_SPOOFING_SUPPORTED 1
#define G_CREDENTIALS_HAS_PID 1
#elif defined(__FreeBSD__) || \ #elif defined(__FreeBSD__) || \
defined(__FreeBSD_kernel__) /* Debian GNU/kFreeBSD */ || \ defined(__FreeBSD_kernel__) /* Debian GNU/kFreeBSD */ || \
@ -118,6 +126,7 @@
* SCM_CREDS, and if we implement getpeereid() in future, we should * SCM_CREDS, and if we implement getpeereid() in future, we should
* do the same. */ * do the same. */
#define G_CREDENTIALS_PREFER_MESSAGE_PASSING 1 #define G_CREDENTIALS_PREFER_MESSAGE_PASSING 1
#define G_CREDENTIALS_HAS_PID 1
#elif defined(__NetBSD__) #elif defined(__NetBSD__)
#define G_CREDENTIALS_SUPPORTED 1 #define G_CREDENTIALS_SUPPORTED 1
@ -126,6 +135,7 @@
#define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct unpcbid)) #define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct unpcbid))
/* #undef G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED */ /* #undef G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED */
#define G_CREDENTIALS_SPOOFING_SUPPORTED 1 #define G_CREDENTIALS_SPOOFING_SUPPORTED 1
#define G_CREDENTIALS_HAS_PID 1
#elif defined(__OpenBSD__) #elif defined(__OpenBSD__)
#define G_CREDENTIALS_SUPPORTED 1 #define G_CREDENTIALS_SUPPORTED 1
@ -134,6 +144,7 @@
#define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct sockpeercred)) #define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct sockpeercred))
#define G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED 1 #define G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED 1
#define G_CREDENTIALS_SPOOFING_SUPPORTED 1 #define G_CREDENTIALS_SPOOFING_SUPPORTED 1
#define G_CREDENTIALS_HAS_PID 1
#elif defined(__sun__) || defined(__illumos__) || defined (__OpenSolaris_kernel__) #elif defined(__sun__) || defined(__illumos__) || defined (__OpenSolaris_kernel__)
#include <ucred.h> #include <ucred.h>
@ -143,6 +154,7 @@
#define G_CREDENTIALS_NATIVE_SIZE (ucred_size ()) #define G_CREDENTIALS_NATIVE_SIZE (ucred_size ())
#define G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED 1 #define G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED 1
#define G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED 1 #define G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED 1
#define G_CREDENTIALS_HAS_PID 1
#endif #endif

9
gio/tests/credentials.c
View File

@ -54,9 +54,16 @@ test_basic (void)
g_assert_cmpuint (g_credentials_get_unix_user (creds, &error), ==, g_assert_cmpuint (g_credentials_get_unix_user (creds, &error), ==,
geteuid ()); geteuid ());
g_assert_no_error (error); g_assert_no_error (error);
g_assert_cmpuint (g_credentials_get_unix_pid (creds, &error), ==,
#if G_CREDENTIALS_HAS_PID
g_assert_cmpint (g_credentials_get_unix_pid (creds, &error), ==,
getpid ()); getpid ());
g_assert_no_error (error); g_assert_no_error (error);
#else
g_assert_cmpint (g_credentials_get_unix_pid (creds, &error), ==, -1);
g_assert_error (error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED);
g_clear_error (&error);
#endif
set = g_credentials_set_unix_user (other, not_me, &error); set = g_credentials_set_unix_user (other, not_me, &error);
#if G_CREDENTIALS_SPOOFING_SUPPORTED #if G_CREDENTIALS_SPOOFING_SUPPORTED

21
gio/tests/gdbus-peer.c
View File

@ -344,7 +344,7 @@ on_new_connection (GDBusServer *server,
gpointer user_data) gpointer user_data)
{ {
PeerData *data = user_data; PeerData *data = user_data;
GError *error; GError *error = NULL;
guint reg_id; guint reg_id;
//g_printerr ("Client connected.\n" //g_printerr ("Client connected.\n"
@ -362,13 +362,19 @@ on_new_connection (GDBusServer *server,
g_assert (credentials != NULL); g_assert (credentials != NULL);
g_assert_cmpuint (g_credentials_get_unix_user (credentials, NULL), ==, g_assert_cmpuint (g_credentials_get_unix_user (credentials, NULL), ==,
getuid ()); getuid ());
g_assert_cmpuint (g_credentials_get_unix_pid (credentials, NULL), ==, #if G_CREDENTIALS_HAS_PID
g_assert_cmpint (g_credentials_get_unix_pid (credentials, &error), ==,
getpid ()); getpid ());
g_assert_no_error (error);
#else
g_assert_cmpint (g_credentials_get_unix_pid (credentials, &error), ==, -1);
g_assert_error (error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED);
g_clear_error (&error);
#endif
} }
#endif #endif
/* export object on the newly established connection */ /* export object on the newly established connection */
error = NULL;
reg_id = g_dbus_connection_register_object (connection, reg_id = g_dbus_connection_register_object (connection,
"/org/gtk/GDBus/PeerTestObject", "/org/gtk/GDBus/PeerTestObject",
test_interface_introspection_data, test_interface_introspection_data,
@ -922,8 +928,15 @@ do_test_peer (void)
g_assert_cmpuint (g_credentials_get_unix_user (credentials, NULL), ==, g_assert_cmpuint (g_credentials_get_unix_user (credentials, NULL), ==,
getuid ()); getuid ());
g_assert_cmpuint (g_credentials_get_unix_pid (credentials, NULL), ==, #if G_CREDENTIALS_HAS_PID
g_assert_cmpint (g_credentials_get_unix_pid (credentials, &error), ==,
getpid ()); getpid ());
g_assert_no_error (error);
#else
g_assert_cmpint (g_credentials_get_unix_pid (credentials, &error), ==, -1);
g_assert_error (error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED);
g_clear_error (&error);
#endif
g_object_unref (credentials); g_object_unref (credentials);
#else #else
g_assert_error (error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED); g_assert_error (error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED);