luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2025-01-23 12:41:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

gdbus: Allow cross-namespace connections to Linux session and system buses

Browse Source 
The dominant implementations of the well-known session and system
message buses are the reference implementation from the dbus project
(dbus-daemon) and the sd-bus-based reimplementation dbus-broker, both
of which have correct implementations for EXTERNAL authentication with
an unspecified authorization identity.

This makes it reasonably safe to assume that the well-known message
buses can cope with the unspecified authorization identity, even if we
cannot make the same assumption for custom servers such as the ones
used in ibus and gvfs (which might have been started with an older
GLib version before upgrading GLib in-place).

Signed-off-by: Simon McVittie <smcv@collabora.com>
This commit is contained in:
Simon McVittie 2022-07-24 13:36:50 +01:00
parent e0a0749268
commit 32b226d1b1
5 changed files with 14 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
gio/gdbusauth.c
View File

@ -577,8 +577,8 @@ _g_dbus_auth_run_client (GDBusAuth *auth,
ClientState state;
GDBusCapabilityFlags negotiated_capabilities;
g_return_val_if_fail ((connection->flags & G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_CLIENT), NULL);
g_return_val_if_fail (!(connection->flags & G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_SERVER), NULL);
g_return_val_if_fail ((conn_flags & G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_CLIENT), NULL);
g_return_val_if_fail (!(conn_flags & G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_SERVER), NULL);
debug_print ("CLIENT: initiating");

6
gio/gdbusauthmechanism.c
View File

@ -301,11 +301,13 @@ _g_dbus_auth_mechanism_client_get_state (GDBusAuthMechanism *mechanism)
}
gchar *
_g_dbus_auth_mechanism_client_initiate (GDBusAuthMechanism *mechanism,
gsize *out_initial_response_len)
_g_dbus_auth_mechanism_client_initiate (GDBusAuthMechanism *mechanism,
GDBusConnectionFlags conn_flags,
gsize *out_initial_response_len)
{
g_return_val_if_fail (G_IS_DBUS_AUTH_MECHANISM (mechanism), NULL);
return G_DBUS_AUTH_MECHANISM_GET_CLASS (mechanism)->client_initiate (mechanism,
conn_flags,
out_initial_response_len);
}

2
gio/gdbusauthmechanismsha1.c
View File

@ -119,6 +119,7 @@ static gchar *mechanism_server_get_reject_reason (GDBusAuthMe
static void mechanism_server_shutdown (GDBusAuthMechanism *mechanism);
static GDBusAuthMechanismState mechanism_client_get_state (GDBusAuthMechanism *mechanism);
static gchar *mechanism_client_initiate (GDBusAuthMechanism *mechanism,
GDBusConnectionFlags conn_flags,
gsize *out_initial_response_len);
static void mechanism_client_data_receive (GDBusAuthMechanism *mechanism,
const gchar *data,
@ -1160,6 +1161,7 @@ mechanism_client_get_state (GDBusAuthMechanism *mechanism)
static gchar *
mechanism_client_initiate (GDBusAuthMechanism *mechanism,
GDBusConnectionFlags conn_flags,
gsize *out_initial_response_len)
{
GDBusAuthMechanismSha1 *m = G_DBUS_AUTH_MECHANISM_SHA1 (mechanism);

3
gio/gdbusconnection.c
View File

@ -7369,6 +7369,9 @@ get_uninitialized_connection (GBusType bus_type,
ret = g_object_new (G_TYPE_DBUS_CONNECTION,
"address", address,
"flags", G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_CLIENT |
#ifdef __linux__
G_DBUS_CONNECTION_FLAGS_CROSS_NAMESPACE |
#endif
G_DBUS_CONNECTION_FLAGS_MESSAGE_BUS_CONNECTION,
"exit-on-close", TRUE,
NULL);

3
gio/tests/gdbus-connection.c
View File

@ -1234,6 +1234,9 @@ test_connection_basic (void)
flags == G_DBUS_CAPABILITY_FLAGS_UNIX_FD_PASSING);
connection_flags = g_dbus_connection_get_flags (connection);
/* Ignore G_DBUS_CONNECTION_FLAGS_CROSS_NAMESPACE, it's an
* implementation detail whether we set it */
connection_flags &= ~G_DBUS_CONNECTION_FLAGS_CROSS_NAMESPACE;
g_assert_cmpint (connection_flags, ==,
G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_CLIENT |
G_DBUS_CONNECTION_FLAGS_MESSAGE_BUS_CONNECTION);