luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2024-11-12 20:36:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

GDBusAuthObserver: Add a way to control what authentication mechanisms to use

Browse Source 
This is related to https://bugzilla.gnome.org/show_bug.cgi?id=673943
but also useful in a lot of other contexts.
This commit is contained in:
David Zeuthen 2012-04-11 23:30:48 -04:00
parent bb7f3e0cbd
commit ce81bd87c5
7 changed files with 97 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docs/reference/gio/gio-sections.txt
View File

@ -2493,6 +2493,7 @@ g_dbus_gvariant_to_gvalue
GDBusAuthObserver GDBusAuthObserver
g_dbus_auth_observer_new g_dbus_auth_observer_new
g_dbus_auth_observer_authorize_authenticated_peer g_dbus_auth_observer_authorize_authenticated_peer
g_dbus_auth_observer_allow_mechanism
<SUBSECTION Standard> <SUBSECTION Standard>
G_DBUS_AUTH_OBSERVER G_DBUS_AUTH_OBSERVER
G_IS_DBUS_AUTH_OBSERVER G_IS_DBUS_AUTH_OBSERVER

40
gio/gdbusauth.c
View File

@ -194,17 +194,22 @@ mechanism_free (Mechanism *m)
} }
static void static void
add_mechanism (GDBusAuth *auth, add_mechanism (GDBusAuth *auth,
GType mechanism_type) GDBusAuthObserver *observer,
GType mechanism_type)
{ {
Mechanism *m; const gchar *name;
m = g_new0 (Mechanism, 1); name = _g_dbus_auth_mechanism_get_name (mechanism_type);
m->name = _g_dbus_auth_mechanism_get_name (mechanism_type); if (g_dbus_auth_observer_allow_mechanism (observer, name))
m->priority = _g_dbus_auth_mechanism_get_priority (mechanism_type); {
m->gtype = mechanism_type; Mechanism *m;
m = g_new0 (Mechanism, 1);
auth->priv->available_mechanisms = g_list_prepend (auth->priv->available_mechanisms, m); m->name = name;
m->priority = _g_dbus_auth_mechanism_get_priority (mechanism_type);
m->gtype = mechanism_type;
auth->priv->available_mechanisms = g_list_prepend (auth->priv->available_mechanisms, m);
}
} }
static gint static gint
@ -223,10 +228,16 @@ _g_dbus_auth_init (GDBusAuth *auth)
{ {
auth->priv = G_TYPE_INSTANCE_GET_PRIVATE (auth, G_TYPE_DBUS_AUTH, GDBusAuthPrivate); auth->priv = G_TYPE_INSTANCE_GET_PRIVATE (auth, G_TYPE_DBUS_AUTH, GDBusAuthPrivate);
}
static void
_g_dbus_auth_add_mechs (GDBusAuth *auth,
GDBusAuthObserver *observer)
{
/* TODO: trawl extension points */ /* TODO: trawl extension points */
add_mechanism (auth, G_TYPE_DBUS_AUTH_MECHANISM_ANON); add_mechanism (auth, observer, G_TYPE_DBUS_AUTH_MECHANISM_ANON);
add_mechanism (auth, G_TYPE_DBUS_AUTH_MECHANISM_SHA1); add_mechanism (auth, observer, G_TYPE_DBUS_AUTH_MECHANISM_SHA1);
add_mechanism (auth, G_TYPE_DBUS_AUTH_MECHANISM_EXTERNAL); add_mechanism (auth, observer, G_TYPE_DBUS_AUTH_MECHANISM_EXTERNAL);
auth->priv->available_mechanisms = g_list_sort (auth->priv->available_mechanisms, auth->priv->available_mechanisms = g_list_sort (auth->priv->available_mechanisms,
(GCompareFunc) mech_compare_func); (GCompareFunc) mech_compare_func);
@ -576,6 +587,7 @@ typedef enum
gchar * gchar *
_g_dbus_auth_run_client (GDBusAuth *auth, _g_dbus_auth_run_client (GDBusAuth *auth,
GDBusAuthObserver *observer,
GDBusCapabilityFlags offered_capabilities, GDBusCapabilityFlags offered_capabilities,
GDBusCapabilityFlags *out_negotiated_capabilities, GDBusCapabilityFlags *out_negotiated_capabilities,
GCancellable *cancellable, GCancellable *cancellable,
@ -596,6 +608,8 @@ _g_dbus_auth_run_client (GDBusAuth *auth,
debug_print ("CLIENT: initiating"); debug_print ("CLIENT: initiating");
_g_dbus_auth_add_mechs (auth, observer);
ret_guid = NULL; ret_guid = NULL;
supported_auth_mechs = NULL; supported_auth_mechs = NULL;
attempted_auth_mechs = g_ptr_array_new (); attempted_auth_mechs = g_ptr_array_new ();
@ -962,6 +976,8 @@ _g_dbus_auth_run_server (GDBusAuth *auth,
debug_print ("SERVER: initiating"); debug_print ("SERVER: initiating");
_g_dbus_auth_add_mechs (auth, observer);
ret = FALSE; ret = FALSE;
dis = NULL; dis = NULL;
dos = NULL; dos = NULL;

1
gio/gdbusauth.h
View File

@ -76,6 +76,7 @@ gboolean _g_dbus_auth_run_server (GDBusAuth *auth,
GError **error); GError **error);
gchar *_g_dbus_auth_run_client (GDBusAuth *auth, gchar *_g_dbus_auth_run_client (GDBusAuth *auth,
GDBusAuthObserver *observer,
GDBusCapabilityFlags offered_capabilities, GDBusCapabilityFlags offered_capabilities,
GDBusCapabilityFlags *out_negotiated_capabilities, GDBusCapabilityFlags *out_negotiated_capabilities,
GCancellable *cancellable, GCancellable *cancellable,

62
gio/gdbusauthobserver.c
View File

@ -89,6 +89,9 @@ struct _GDBusAuthObserverClass
gboolean (*authorize_authenticated_peer) (GDBusAuthObserver *observer, gboolean (*authorize_authenticated_peer) (GDBusAuthObserver *observer,
GIOStream *stream, GIOStream *stream,
GCredentials *credentials); GCredentials *credentials);
gboolean (*allow_mechanism) (GDBusAuthObserver *observer,
const gchar *mechanism);
}; };
/** /**
@ -107,6 +110,7 @@ struct _GDBusAuthObserver
enum enum
{ {
AUTHORIZE_AUTHENTICATED_PEER_SIGNAL, AUTHORIZE_AUTHENTICATED_PEER_SIGNAL,
ALLOW_MECHANISM_SIGNAL,
LAST_SIGNAL, LAST_SIGNAL,
}; };
@ -130,6 +134,13 @@ g_dbus_auth_observer_authorize_authenticated_peer_real (GDBusAuthObserver *obse
return TRUE; return TRUE;
} }
static gboolean
g_dbus_auth_observer_allow_mechanism_real (GDBusAuthObserver *observer,
const gchar *mechanism)
{
return TRUE;
}
static void static void
g_dbus_auth_observer_class_init (GDBusAuthObserverClass *klass) g_dbus_auth_observer_class_init (GDBusAuthObserverClass *klass)
{ {
@ -138,6 +149,7 @@ g_dbus_auth_observer_class_init (GDBusAuthObserverClass *klass)
gobject_class->finalize = g_dbus_auth_observer_finalize; gobject_class->finalize = g_dbus_auth_observer_finalize;
klass->authorize_authenticated_peer = g_dbus_auth_observer_authorize_authenticated_peer_real; klass->authorize_authenticated_peer = g_dbus_auth_observer_authorize_authenticated_peer_real;
klass->allow_mechanism = g_dbus_auth_observer_allow_mechanism_real;
/** /**
* GDBusAuthObserver::authorize-authenticated-peer: * GDBusAuthObserver::authorize-authenticated-peer:
@ -164,6 +176,29 @@ g_dbus_auth_observer_class_init (GDBusAuthObserverClass *klass)
2, 2,
G_TYPE_IO_STREAM, G_TYPE_IO_STREAM,
G_TYPE_CREDENTIALS); G_TYPE_CREDENTIALS);
/**
* GDBusAuthObserver::allow-mechanism:
* @observer: The #GDBusAuthObserver emitting the signal.
* @mechanism: The name of the mechanism, e.g. <literal>DBUS_COOKIE_SHA1</literal>.
*
* Emitted to check if @mechanism is allowed to be used.
*
* Returns: %TRUE if @mechanism can be used to authenticate the other peer, %FALSE if not.
*
* Since: 2.34
*/
signals[ALLOW_MECHANISM_SIGNAL] =
g_signal_new ("allow-mechanism",
G_TYPE_DBUS_AUTH_OBSERVER,
G_SIGNAL_RUN_LAST,
G_STRUCT_OFFSET (GDBusAuthObserverClass, allow_mechanism),
_g_signal_accumulator_false_handled,
NULL, /* accu_data */
NULL,
G_TYPE_BOOLEAN,
1,
G_TYPE_STRING);
} }
static void static void
@ -216,3 +251,30 @@ g_dbus_auth_observer_authorize_authenticated_peer (GDBusAuthObserver *observer,
&denied); &denied);
return denied; return denied;
} }
/**
* g_dbus_auth_observer_allow_mechanism:
* @observer: A #GDBusAuthObserver.
* @mechanism: The name of the mechanism, e.g. <literal>DBUS_COOKIE_SHA1</literal>.
*
* Emits the #GDBusAuthObserver::allow-mechanism signal on @observer.
*
* Returns: %TRUE if @mechanism can be used to authenticate the other peer, %FALSE if not.
*
* Since: 2.34
*/
gboolean
g_dbus_auth_observer_allow_mechanism (GDBusAuthObserver *observer,
const gchar *mechanism)
{
gboolean ret;
ret = FALSE;
g_signal_emit (observer,
signals[ALLOW_MECHANISM_SIGNAL],
0,
mechanism,
&ret);
return ret;
}

3
gio/gdbusauthobserver.h
View File

@ -41,6 +41,9 @@ gboolean g_dbus_auth_observer_authorize_authenticated_peer (GDBusAuthO
GIOStream *stream, GIOStream *stream,
GCredentials *credentials); GCredentials *credentials);
gboolean g_dbus_auth_observer_allow_mechanism (GDBusAuthObserver *observer,
const gchar *mechanism);
G_END_DECLS G_END_DECLS
#endif /* _G_DBUS_AUTH_OBSERVER_H__ */ #endif /* _G_DBUS_AUTH_OBSERVER_H__ */

1
gio/gdbusconnection.c
View File

@ -2553,6 +2553,7 @@ initable_init (GInitable *initable,
g_assert (connection->guid == NULL); g_assert (connection->guid == NULL);
connection->auth = _g_dbus_auth_new (connection->stream); connection->auth = _g_dbus_auth_new (connection->stream);
connection->guid = _g_dbus_auth_run_client (connection->auth, connection->guid = _g_dbus_auth_run_client (connection->auth,
connection->authentication_observer,
get_offered_capabilities_max (connection), get_offered_capabilities_max (connection),
&connection->capabilities, &connection->capabilities,
cancellable, cancellable,

1
gio/gio.symbols
View File

@ -1203,6 +1203,7 @@ g_dbus_address_get_stream_sync
g_dbus_auth_observer_get_type g_dbus_auth_observer_get_type
g_dbus_auth_observer_new g_dbus_auth_observer_new
g_dbus_auth_observer_authorize_authenticated_peer g_dbus_auth_observer_authorize_authenticated_peer
g_dbus_auth_observer_allow_mechanism
g_dbus_connection_get_type g_dbus_connection_get_type
g_bus_get g_bus_get
g_bus_get_finish g_bus_get_finish