]>
Commit | Line | Data |
---|---|---|
db9ecf05 | 1 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ |
d41bd96f | 2 | |
319a4f4b | 3 | #include <malloc.h> |
2b6c0bb2 | 4 | #include <poll.h> |
d41bd96f | 5 | |
206504a5 LP |
6 | #include <sd-daemon.h> |
7 | ||
d41bd96f LP |
8 | #include "alloc-util.h" |
9 | #include "errno-util.h" | |
10 | #include "fd-util.h" | |
e2341b6b | 11 | #include "glyph-util.h" |
d41bd96f | 12 | #include "hashmap.h" |
0f2d351f | 13 | #include "io-util.h" |
bd1ae178 | 14 | #include "iovec-util.h" |
d41bd96f | 15 | #include "list.h" |
0f274a87 | 16 | #include "path-util.h" |
d41bd96f | 17 | #include "process-util.h" |
63e00ccd | 18 | #include "selinux-util.h" |
008798e9 | 19 | #include "serialize.h" |
d41bd96f LP |
20 | #include "set.h" |
21 | #include "socket-util.h" | |
22 | #include "string-table.h" | |
23 | #include "string-util.h" | |
24 | #include "strv.h" | |
25 | #include "time-util.h" | |
26 | #include "umask-util.h" | |
27 | #include "user-util.h" | |
28 | #include "varlink.h" | |
008798e9 | 29 | #include "varlink-internal.h" |
7e006b49 LP |
30 | #include "varlink-org.varlink.service.h" |
31 | #include "varlink-io.systemd.h" | |
32 | #include "version.h" | |
d41bd96f LP |
33 | |
34 | #define VARLINK_DEFAULT_CONNECTIONS_MAX 4096U | |
35 | #define VARLINK_DEFAULT_CONNECTIONS_PER_UID_MAX 1024U | |
36 | ||
37 | #define VARLINK_DEFAULT_TIMEOUT_USEC (45U*USEC_PER_SEC) | |
38 | #define VARLINK_BUFFER_MAX (16U*1024U*1024U) | |
39 | #define VARLINK_READ_SIZE (64U*1024U) | |
0430a11e | 40 | #define VARLINK_COLLECT_MAX 1024U |
d41bd96f LP |
41 | |
42 | typedef enum VarlinkState { | |
43 | /* Client side states */ | |
44 | VARLINK_IDLE_CLIENT, | |
45 | VARLINK_AWAITING_REPLY, | |
45a6c965 | 46 | VARLINK_AWAITING_REPLY_MORE, |
d41bd96f LP |
47 | VARLINK_CALLING, |
48 | VARLINK_CALLED, | |
49 | VARLINK_PROCESSING_REPLY, | |
50 | ||
51 | /* Server side states */ | |
52 | VARLINK_IDLE_SERVER, | |
53 | VARLINK_PROCESSING_METHOD, | |
54 | VARLINK_PROCESSING_METHOD_MORE, | |
55 | VARLINK_PROCESSING_METHOD_ONEWAY, | |
56 | VARLINK_PROCESSED_METHOD, | |
d41bd96f LP |
57 | VARLINK_PENDING_METHOD, |
58 | VARLINK_PENDING_METHOD_MORE, | |
59 | ||
60 | /* Common states (only during shutdown) */ | |
61 | VARLINK_PENDING_DISCONNECT, | |
62 | VARLINK_PENDING_TIMEOUT, | |
63 | VARLINK_PROCESSING_DISCONNECT, | |
64 | VARLINK_PROCESSING_TIMEOUT, | |
65 | VARLINK_PROCESSING_FAILURE, | |
66 | VARLINK_DISCONNECTED, | |
67 | ||
68 | _VARLINK_STATE_MAX, | |
2d93c20e | 69 | _VARLINK_STATE_INVALID = -EINVAL, |
d41bd96f LP |
70 | } VarlinkState; |
71 | ||
72 | /* Tests whether we are not yet disconnected. Note that this is true during all states where the connection | |
73 | * is still good for something, and false only when it's dead for good. This means: when we are | |
74 | * asynchronously connecting to a peer and the connect() is still pending, then this will return 'true', as | |
75 | * the connection is still good, and we are likely to be able to properly operate on it soon. */ | |
76 | #define VARLINK_STATE_IS_ALIVE(state) \ | |
77 | IN_SET(state, \ | |
78 | VARLINK_IDLE_CLIENT, \ | |
79 | VARLINK_AWAITING_REPLY, \ | |
45a6c965 | 80 | VARLINK_AWAITING_REPLY_MORE, \ |
d41bd96f LP |
81 | VARLINK_CALLING, \ |
82 | VARLINK_CALLED, \ | |
83 | VARLINK_PROCESSING_REPLY, \ | |
84 | VARLINK_IDLE_SERVER, \ | |
85 | VARLINK_PROCESSING_METHOD, \ | |
86 | VARLINK_PROCESSING_METHOD_MORE, \ | |
87 | VARLINK_PROCESSING_METHOD_ONEWAY, \ | |
88 | VARLINK_PROCESSED_METHOD, \ | |
d41bd96f LP |
89 | VARLINK_PENDING_METHOD, \ |
90 | VARLINK_PENDING_METHOD_MORE) | |
91 | ||
d37cdac6 LP |
92 | typedef struct VarlinkJsonQueueItem VarlinkJsonQueueItem; |
93 | ||
94 | /* A queued message we shall write into the socket, along with the file descriptors to send at the same | |
95 | * time. This queue item binds them together so that message/fd boundaries are maintained throughout the | |
96 | * whole pipeline. */ | |
97 | struct VarlinkJsonQueueItem { | |
98 | LIST_FIELDS(VarlinkJsonQueueItem, queue); | |
99 | JsonVariant *data; | |
100 | size_t n_fds; | |
101 | int fds[]; | |
102 | }; | |
103 | ||
d41bd96f LP |
104 | struct Varlink { |
105 | unsigned n_ref; | |
106 | ||
107 | VarlinkServer *server; | |
108 | ||
109 | VarlinkState state; | |
110 | bool connecting; /* This boolean indicates whether the socket fd we are operating on is currently | |
111 | * processing an asynchronous connect(). In that state we watch the socket for | |
112 | * EPOLLOUT, but we refrain from calling read() or write() on the socket as that | |
113 | * will trigger ENOTCONN. Note that this boolean is kept separate from the | |
114 | * VarlinkState above on purpose: while the connect() is still not complete we | |
115 | * already want to allow queuing of messages and similar. Thus it's nice to keep | |
116 | * these two state concepts separate: the VarlinkState encodes what our own view of | |
117 | * the connection is, i.e. whether we think it's a server, a client, and has | |
118 | * something queued already, while 'connecting' tells us a detail about the | |
119 | * transport used below, that should have no effect on how we otherwise accept and | |
120 | * process operations from the user. | |
121 | * | |
122 | * Or to say this differently: VARLINK_STATE_IS_ALIVE(state) tells you whether the | |
123 | * connection is good to use, even if it might not be fully connected | |
124 | * yet. connecting=true then informs you that actually we are still connecting, and | |
125 | * the connection is actually not established yet and thus any requests you enqueue | |
126 | * now will still work fine but will be queued only, not sent yet, but that | |
127 | * shouldn't stop you from using the connection, since eventually whatever you queue | |
128 | * *will* be sent. | |
129 | * | |
130 | * Or to say this even differently: 'state' is a high-level ("application layer" | |
131 | * high, if you so will) state, while 'conecting' is a low-level ("transport layer" | |
132 | * low, if you so will) state, and while they are not entirely unrelated and | |
133 | * sometimes propagate effects to each other they are only asynchronously connected | |
134 | * at most. */ | |
135 | unsigned n_pending; | |
136 | ||
137 | int fd; | |
138 | ||
139 | char *input_buffer; /* valid data starts at input_buffer_index, ends at input_buffer_index+input_buffer_size */ | |
d41bd96f LP |
140 | size_t input_buffer_index; |
141 | size_t input_buffer_size; | |
142 | size_t input_buffer_unscanned; | |
143 | ||
3c868058 LP |
144 | void *input_control_buffer; |
145 | size_t input_control_buffer_size; | |
146 | ||
d41bd96f | 147 | char *output_buffer; /* valid data starts at output_buffer_index, ends at output_buffer_index+output_buffer_size */ |
d41bd96f LP |
148 | size_t output_buffer_index; |
149 | size_t output_buffer_size; | |
150 | ||
d37cdac6 LP |
151 | int *input_fds; /* file descriptors associated with the data in input_buffer (for fd passing) */ |
152 | size_t n_input_fds; | |
153 | ||
154 | int *output_fds; /* file descriptors associated with the data in output_buffer (for fd passing) */ | |
155 | size_t n_output_fds; | |
156 | ||
157 | /* Further messages to output not yet formatted into text, and thus not included in output_buffer | |
158 | * yet. We keep them separate from output_buffer, to not violate fd message boundaries: we want that | |
159 | * each fd that is sent is associated with its fds, and that fds cannot be accidentally associated | |
94d82b59 | 160 | * with preceding or following messages. */ |
d37cdac6 LP |
161 | LIST_HEAD(VarlinkJsonQueueItem, output_queue); |
162 | VarlinkJsonQueueItem *output_queue_tail; | |
163 | ||
164 | /* The fds to associate with the next message that is about to be enqueued. The user first pushes the | |
165 | * fds it intends to send via varlink_push_fd() into this queue, and then once the message data is | |
166 | * submitted we'll combine the fds and the message data into one. */ | |
167 | int *pushed_fds; | |
168 | size_t n_pushed_fds; | |
169 | ||
d41bd96f LP |
170 | VarlinkReply reply_callback; |
171 | ||
172 | JsonVariant *current; | |
72226a2f | 173 | VarlinkReplyFlags current_reply_flags; |
7e006b49 | 174 | VarlinkSymbol *current_method; |
d41bd96f | 175 | |
0eccf725 | 176 | int peer_pidfd; |
d41bd96f LP |
177 | struct ucred ucred; |
178 | bool ucred_acquired:1; | |
179 | ||
180 | bool write_disconnected:1; | |
181 | bool read_disconnected:1; | |
182 | bool prefer_read_write:1; | |
183 | bool got_pollhup:1; | |
184 | ||
d37cdac6 LP |
185 | bool allow_fd_passing_input:1; |
186 | bool allow_fd_passing_output:1; | |
187 | ||
db1f7c84 | 188 | bool output_buffer_sensitive:1; /* whether to erase the output buffer after writing it to the socket */ |
a570877c | 189 | bool input_sensitive:1; /* Whether incoming messages might be sensitive */ |
db1f7c84 | 190 | |
d37cdac6 LP |
191 | int af; /* address family if socket; AF_UNSPEC if not socket; negative if not known */ |
192 | ||
d41bd96f LP |
193 | usec_t timestamp; |
194 | usec_t timeout; | |
195 | ||
196 | void *userdata; | |
197 | char *description; | |
198 | ||
199 | sd_event *event; | |
200 | sd_event_source *io_event_source; | |
201 | sd_event_source *time_event_source; | |
202 | sd_event_source *quit_event_source; | |
203 | sd_event_source *defer_event_source; | |
0f274a87 LP |
204 | |
205 | pid_t exec_pid; | |
d41bd96f LP |
206 | }; |
207 | ||
208 | typedef struct VarlinkServerSocket VarlinkServerSocket; | |
209 | ||
210 | struct VarlinkServerSocket { | |
211 | VarlinkServer *server; | |
212 | ||
213 | int fd; | |
214 | char *address; | |
215 | ||
216 | sd_event_source *event_source; | |
217 | ||
218 | LIST_FIELDS(VarlinkServerSocket, sockets); | |
219 | }; | |
220 | ||
221 | struct VarlinkServer { | |
222 | unsigned n_ref; | |
223 | VarlinkServerFlags flags; | |
224 | ||
225 | LIST_HEAD(VarlinkServerSocket, sockets); | |
226 | ||
7e006b49 LP |
227 | Hashmap *methods; /* Fully qualified symbol name of a method → VarlinkMethod */ |
228 | Hashmap *interfaces; /* Fully qualified interface name → VarlinkInterface* */ | |
939630ae | 229 | Hashmap *symbols; /* Fully qualified symbol name of method/error → VarlinkSymbol* */ |
d41bd96f | 230 | VarlinkConnect connect_callback; |
6d4d6002 | 231 | VarlinkDisconnect disconnect_callback; |
d41bd96f LP |
232 | |
233 | sd_event *event; | |
234 | int64_t event_priority; | |
235 | ||
236 | unsigned n_connections; | |
7e006b49 | 237 | Hashmap *by_uid; /* UID_TO_PTR(uid) → UINT_TO_PTR(n_connections) */ |
d41bd96f LP |
238 | |
239 | void *userdata; | |
240 | char *description; | |
241 | ||
242 | unsigned connections_max; | |
243 | unsigned connections_per_uid_max; | |
47723340 LP |
244 | |
245 | bool exit_on_idle; | |
d41bd96f LP |
246 | }; |
247 | ||
1bd0b9c0 AS |
248 | typedef struct VarlinkCollectContext { |
249 | JsonVariant *parameters; | |
250 | const char *error_id; | |
251 | VarlinkReplyFlags flags; | |
252 | } VarlinkCollectContext ; | |
253 | ||
d41bd96f LP |
254 | static const char* const varlink_state_table[_VARLINK_STATE_MAX] = { |
255 | [VARLINK_IDLE_CLIENT] = "idle-client", | |
256 | [VARLINK_AWAITING_REPLY] = "awaiting-reply", | |
45a6c965 | 257 | [VARLINK_AWAITING_REPLY_MORE] = "awaiting-reply-more", |
d41bd96f LP |
258 | [VARLINK_CALLING] = "calling", |
259 | [VARLINK_CALLED] = "called", | |
260 | [VARLINK_PROCESSING_REPLY] = "processing-reply", | |
261 | [VARLINK_IDLE_SERVER] = "idle-server", | |
262 | [VARLINK_PROCESSING_METHOD] = "processing-method", | |
263 | [VARLINK_PROCESSING_METHOD_MORE] = "processing-method-more", | |
264 | [VARLINK_PROCESSING_METHOD_ONEWAY] = "processing-method-oneway", | |
265 | [VARLINK_PROCESSED_METHOD] = "processed-method", | |
d41bd96f LP |
266 | [VARLINK_PENDING_METHOD] = "pending-method", |
267 | [VARLINK_PENDING_METHOD_MORE] = "pending-method-more", | |
268 | [VARLINK_PENDING_DISCONNECT] = "pending-disconnect", | |
269 | [VARLINK_PENDING_TIMEOUT] = "pending-timeout", | |
270 | [VARLINK_PROCESSING_DISCONNECT] = "processing-disconnect", | |
271 | [VARLINK_PROCESSING_TIMEOUT] = "processing-timeout", | |
272 | [VARLINK_PROCESSING_FAILURE] = "processing-failure", | |
273 | [VARLINK_DISCONNECTED] = "disconnected", | |
274 | }; | |
275 | ||
276 | DEFINE_PRIVATE_STRING_TABLE_LOOKUP_TO_STRING(varlink_state, VarlinkState); | |
277 | ||
278 | #define varlink_log_errno(v, error, fmt, ...) \ | |
279 | log_debug_errno(error, "%s: " fmt, varlink_description(v), ##__VA_ARGS__) | |
280 | ||
281 | #define varlink_log(v, fmt, ...) \ | |
282 | log_debug("%s: " fmt, varlink_description(v), ##__VA_ARGS__) | |
283 | ||
284 | #define varlink_server_log_errno(s, error, fmt, ...) \ | |
285 | log_debug_errno(error, "%s: " fmt, varlink_server_description(s), ##__VA_ARGS__) | |
286 | ||
287 | #define varlink_server_log(s, fmt, ...) \ | |
288 | log_debug("%s: " fmt, varlink_server_description(s), ##__VA_ARGS__) | |
289 | ||
d37cdac6 | 290 | static int varlink_format_queue(Varlink *v); |
47723340 | 291 | static void varlink_server_test_exit_on_idle(VarlinkServer *s); |
d37cdac6 | 292 | |
cf1ab844 | 293 | static const char *varlink_description(Varlink *v) { |
f35e9b10 | 294 | return (v ? v->description : NULL) ?: "varlink"; |
d41bd96f LP |
295 | } |
296 | ||
cf1ab844 | 297 | static const char *varlink_server_description(VarlinkServer *s) { |
f35e9b10 | 298 | return (s ? s->description : NULL) ?: "varlink"; |
d41bd96f LP |
299 | } |
300 | ||
d37cdac6 LP |
301 | static VarlinkJsonQueueItem *varlink_json_queue_item_free(VarlinkJsonQueueItem *q) { |
302 | if (!q) | |
303 | return NULL; | |
304 | ||
305 | json_variant_unref(q->data); | |
306 | close_many(q->fds, q->n_fds); | |
307 | ||
308 | return mfree(q); | |
309 | } | |
310 | ||
311 | static VarlinkJsonQueueItem *varlink_json_queue_item_new(JsonVariant *m, const int fds[], size_t n_fds) { | |
312 | VarlinkJsonQueueItem *q; | |
313 | ||
314 | assert(m); | |
315 | assert(fds || n_fds == 0); | |
316 | ||
317 | q = malloc(offsetof(VarlinkJsonQueueItem, fds) + sizeof(int) * n_fds); | |
318 | if (!q) | |
319 | return NULL; | |
320 | ||
321 | *q = (VarlinkJsonQueueItem) { | |
322 | .data = json_variant_ref(m), | |
323 | .n_fds = n_fds, | |
324 | }; | |
325 | ||
326 | memcpy_safe(q->fds, fds, n_fds * sizeof(int)); | |
327 | ||
328 | return TAKE_PTR(q); | |
329 | } | |
330 | ||
d41bd96f LP |
331 | static void varlink_set_state(Varlink *v, VarlinkState state) { |
332 | assert(v); | |
77740b59 ZJS |
333 | assert(state >= 0 && state < _VARLINK_STATE_MAX); |
334 | ||
335 | if (v->state < 0) | |
953394e3 | 336 | varlink_log(v, "Setting state %s", |
77740b59 ZJS |
337 | varlink_state_to_string(state)); |
338 | else | |
e2341b6b | 339 | varlink_log(v, "Changing state %s %s %s", |
77740b59 | 340 | varlink_state_to_string(v->state), |
e2341b6b | 341 | special_glyph(SPECIAL_GLYPH_ARROW_RIGHT), |
77740b59 | 342 | varlink_state_to_string(state)); |
d41bd96f LP |
343 | |
344 | v->state = state; | |
345 | } | |
346 | ||
347 | static int varlink_new(Varlink **ret) { | |
348 | Varlink *v; | |
349 | ||
350 | assert(ret); | |
351 | ||
a48481dc | 352 | v = new(Varlink, 1); |
d41bd96f LP |
353 | if (!v) |
354 | return -ENOMEM; | |
355 | ||
356 | *v = (Varlink) { | |
357 | .n_ref = 1, | |
254d1313 | 358 | .fd = -EBADF, |
d41bd96f LP |
359 | |
360 | .state = _VARLINK_STATE_INVALID, | |
361 | ||
a995ce47 | 362 | .ucred = UCRED_INVALID, |
d41bd96f LP |
363 | |
364 | .timestamp = USEC_INFINITY, | |
d37cdac6 LP |
365 | .timeout = VARLINK_DEFAULT_TIMEOUT_USEC, |
366 | ||
367 | .af = -1, | |
0eccf725 LP |
368 | |
369 | .peer_pidfd = -EBADF, | |
d41bd96f LP |
370 | }; |
371 | ||
372 | *ret = v; | |
373 | return 0; | |
374 | } | |
375 | ||
376 | int varlink_connect_address(Varlink **ret, const char *address) { | |
377 | _cleanup_(varlink_unrefp) Varlink *v = NULL; | |
378 | union sockaddr_union sockaddr; | |
379 | int r; | |
380 | ||
381 | assert_return(ret, -EINVAL); | |
382 | assert_return(address, -EINVAL); | |
383 | ||
d41bd96f LP |
384 | r = varlink_new(&v); |
385 | if (r < 0) | |
db3d4222 | 386 | return log_debug_errno(r, "Failed to create varlink object: %m"); |
d41bd96f LP |
387 | |
388 | v->fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0); | |
389 | if (v->fd < 0) | |
db3d4222 | 390 | return log_debug_errno(errno, "Failed to create AF_UNIX socket: %m"); |
d41bd96f | 391 | |
a0c41de2 | 392 | v->fd = fd_move_above_stdio(v->fd); |
d37cdac6 | 393 | v->af = AF_UNIX; |
a0c41de2 | 394 | |
1861986a LP |
395 | r = sockaddr_un_set_path(&sockaddr.un, address); |
396 | if (r < 0) { | |
397 | if (r != -ENAMETOOLONG) | |
398 | return log_debug_errno(r, "Failed to set socket address '%s': %m", address); | |
399 | ||
400 | /* This is a file system path, and too long to fit into sockaddr_un. Let's connect via O_PATH | |
401 | * to this socket. */ | |
402 | ||
403 | r = connect_unix_path(v->fd, AT_FDCWD, address); | |
404 | } else | |
405 | r = RET_NERRNO(connect(v->fd, &sockaddr.sa, r)); | |
406 | ||
407 | if (r < 0) { | |
408 | if (!IN_SET(r, -EAGAIN, -EINPROGRESS)) | |
409 | return log_debug_errno(r, "Failed to connect to %s: %m", address); | |
d41bd96f LP |
410 | |
411 | v->connecting = true; /* We are asynchronously connecting, i.e. the connect() is being | |
412 | * processed in the background. As long as that's the case the socket | |
413 | * is in a special state: it's there, we can poll it for EPOLLOUT, but | |
414 | * if we attempt to write() to it before we see EPOLLOUT we'll get | |
415 | * ENOTCONN (and not EAGAIN, like we would for a normal connected | |
416 | * socket that isn't writable at the moment). Since ENOTCONN on write() | |
417 | * hence can mean two different things (i.e. connection not complete | |
418 | * yet vs. already disconnected again), we store as a boolean whether | |
419 | * we are still in connect(). */ | |
420 | } | |
421 | ||
422 | varlink_set_state(v, VARLINK_IDLE_CLIENT); | |
423 | ||
424 | *ret = TAKE_PTR(v); | |
db3d4222 | 425 | return 0; |
d41bd96f LP |
426 | } |
427 | ||
0f274a87 | 428 | int varlink_connect_exec(Varlink **ret, const char *_command, char **_argv) { |
71136404 | 429 | _cleanup_close_pair_ int pair[2] = EBADF_PAIR; |
0f274a87 LP |
430 | _cleanup_(sigkill_waitp) pid_t pid = 0; |
431 | _cleanup_free_ char *command = NULL; | |
432 | _cleanup_strv_free_ char **argv = NULL; | |
433 | int r; | |
434 | ||
435 | assert_return(ret, -EINVAL); | |
436 | assert_return(_command, -EINVAL); | |
437 | ||
438 | /* Copy the strings, in case they point into our own argv[], which we'll invalidate shortly because | |
439 | * we rename the child process */ | |
440 | command = strdup(_command); | |
441 | if (!command) | |
442 | return -ENOMEM; | |
443 | ||
444 | if (strv_isempty(_argv)) | |
445 | argv = strv_new(command); | |
446 | else | |
447 | argv = strv_copy(_argv); | |
448 | if (!argv) | |
449 | return -ENOMEM; | |
450 | ||
451 | log_debug("Forking off Varlink child process '%s'.", command); | |
452 | ||
453 | if (socketpair(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0, pair) < 0) | |
454 | return log_debug_errno(errno, "Failed to allocate AF_UNIX socket pair: %m"); | |
455 | ||
07dca3c4 LP |
456 | r = fd_nonblock(pair[1], false); |
457 | if (r < 0) | |
458 | return log_debug_errno(r, "Failed to disable O_NONBLOCK for varlink socket: %m"); | |
459 | ||
0f274a87 LP |
460 | r = safe_fork_full( |
461 | "(sd-vlexec)", | |
462 | /* stdio_fds= */ NULL, | |
463 | /* except_fds= */ (int[]) { pair[1] }, | |
464 | /* n_except_fds= */ 1, | |
e9ccae31 | 465 | FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REOPEN_LOG|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE, |
0f274a87 LP |
466 | &pid); |
467 | if (r < 0) | |
468 | return log_debug_errno(r, "Failed to spawn process: %m"); | |
469 | if (r == 0) { | |
470 | char spid[DECIMAL_STR_MAX(pid_t)+1]; | |
471 | const char *setenv_list[] = { | |
472 | "LISTEN_FDS", "1", | |
473 | "LISTEN_PID", spid, | |
474 | "LISTEN_FDNAMES", "varlink", | |
475 | NULL, NULL, | |
476 | }; | |
477 | /* Child */ | |
478 | ||
479 | pair[0] = -EBADF; | |
480 | ||
481 | r = move_fd(pair[1], 3, /* cloexec= */ false); | |
482 | if (r < 0) { | |
483 | log_debug_errno(r, "Failed to move file descriptor to 3: %m"); | |
484 | _exit(EXIT_FAILURE); | |
485 | } | |
486 | ||
487 | xsprintf(spid, PID_FMT, pid); | |
488 | ||
489 | STRV_FOREACH_PAIR(a, b, setenv_list) { | |
490 | if (setenv(*a, *b, /* override= */ true) < 0) { | |
491 | log_debug_errno(errno, "Failed to set environment variable '%s': %m", *a); | |
492 | _exit(EXIT_FAILURE); | |
493 | } | |
494 | } | |
495 | ||
496 | execvp(command, argv); | |
497 | log_debug_errno(r, "Failed to invoke process '%s': %m", command); | |
498 | _exit(EXIT_FAILURE); | |
499 | } | |
500 | ||
501 | pair[1] = safe_close(pair[1]); | |
502 | ||
503 | Varlink *v; | |
504 | r = varlink_new(&v); | |
505 | if (r < 0) | |
506 | return log_debug_errno(r, "Failed to create varlink object: %m"); | |
507 | ||
508 | v->fd = TAKE_FD(pair[0]); | |
509 | v->af = AF_UNIX; | |
510 | v->exec_pid = TAKE_PID(pid); | |
511 | varlink_set_state(v, VARLINK_IDLE_CLIENT); | |
512 | ||
513 | *ret = v; | |
514 | return 0; | |
515 | } | |
516 | ||
a1bb30de LP |
517 | static int varlink_connect_ssh(Varlink **ret, const char *where) { |
518 | _cleanup_close_pair_ int pair[2] = EBADF_PAIR; | |
519 | _cleanup_(sigkill_waitp) pid_t pid = 0; | |
520 | int r; | |
521 | ||
522 | assert_return(ret, -EINVAL); | |
523 | assert_return(where, -EINVAL); | |
524 | ||
525 | /* Connects to an SSH server via OpenSSH 9.4's -W switch to connect to a remote AF_UNIX socket. For | |
526 | * now we do not expose this function directly, but only via varlink_connect_url(). */ | |
527 | ||
528 | const char *ssh = secure_getenv("SYSTEMD_SSH") ?: "ssh"; | |
529 | if (!path_is_valid(ssh)) | |
530 | return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "SSH path is not valid, refusing: %s", ssh); | |
531 | ||
532 | const char *e = strchr(where, ':'); | |
533 | if (!e) | |
534 | return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "SSH specification lacks a : separator between host and path, refusing: %s", where); | |
535 | ||
536 | _cleanup_free_ char *h = strndup(where, e - where); | |
537 | if (!h) | |
538 | return log_oom_debug(); | |
539 | ||
540 | _cleanup_free_ char *c = strdup(e + 1); | |
541 | if (!c) | |
542 | return log_oom_debug(); | |
543 | ||
544 | if (!path_is_absolute(c)) | |
545 | return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "Remote AF_UNIX socket path is not absolute, refusing: %s", c); | |
546 | ||
547 | _cleanup_free_ char *p = NULL; | |
548 | r = path_simplify_alloc(c, &p); | |
549 | if (r < 0) | |
550 | return r; | |
551 | ||
552 | if (!path_is_normalized(p)) | |
553 | return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "Specified path is not normalized, refusing: %s", p); | |
554 | ||
555 | log_debug("Forking off SSH child process '%s -W %s %s'.", ssh, p, h); | |
556 | ||
557 | if (socketpair(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0, pair) < 0) | |
558 | return log_debug_errno(errno, "Failed to allocate AF_UNIX socket pair: %m"); | |
559 | ||
560 | r = safe_fork_full( | |
561 | "(sd-vlssh)", | |
562 | /* stdio_fds= */ (int[]) { pair[1], pair[1], STDERR_FILENO }, | |
563 | /* except_fds= */ NULL, | |
564 | /* n_except_fds= */ 0, | |
565 | FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REOPEN_LOG|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE|FORK_REARRANGE_STDIO, | |
566 | &pid); | |
567 | if (r < 0) | |
568 | return log_debug_errno(r, "Failed to spawn process: %m"); | |
569 | if (r == 0) { | |
570 | /* Child */ | |
571 | ||
572 | execlp(ssh, "ssh", "-W", p, h, NULL); | |
573 | log_debug_errno(errno, "Failed to invoke %s: %m", ssh); | |
574 | _exit(EXIT_FAILURE); | |
575 | } | |
576 | ||
577 | pair[1] = safe_close(pair[1]); | |
578 | ||
579 | Varlink *v; | |
580 | r = varlink_new(&v); | |
581 | if (r < 0) | |
582 | return log_debug_errno(r, "Failed to create varlink object: %m"); | |
583 | ||
584 | v->fd = TAKE_FD(pair[0]); | |
585 | v->af = AF_UNIX; | |
586 | v->exec_pid = TAKE_PID(pid); | |
587 | varlink_set_state(v, VARLINK_IDLE_CLIENT); | |
588 | ||
589 | *ret = v; | |
590 | return 0; | |
591 | } | |
592 | ||
0f274a87 LP |
593 | int varlink_connect_url(Varlink **ret, const char *url) { |
594 | _cleanup_free_ char *c = NULL; | |
595 | const char *p; | |
a1bb30de LP |
596 | enum { |
597 | SCHEME_UNIX, | |
598 | SCHEME_EXEC, | |
599 | SCHEME_SSH, | |
600 | } scheme; | |
cf3d95b2 | 601 | int r; |
0f274a87 LP |
602 | |
603 | assert_return(ret, -EINVAL); | |
604 | assert_return(url, -EINVAL); | |
605 | ||
a1bb30de | 606 | // FIXME: Maybe add support for vsock: and ssh-exec: URL schemes here. |
0f274a87 | 607 | |
a1bb30de LP |
608 | /* The Varlink URL scheme is a bit underdefined. We support only the spec-defined unix: transport for |
609 | * now, plus exec:, ssh: transports we made up ourselves. Strictly speaking this shouldn't even be | |
610 | * called "URL", since it has nothing to do with Internet URLs by RFC. */ | |
0f274a87 LP |
611 | |
612 | p = startswith(url, "unix:"); | |
613 | if (p) | |
a1bb30de LP |
614 | scheme = SCHEME_UNIX; |
615 | else if ((p = startswith(url, "exec:"))) | |
616 | scheme = SCHEME_EXEC; | |
617 | else if ((p = startswith(url, "ssh:"))) | |
618 | scheme = SCHEME_SSH; | |
619 | else | |
620 | return log_debug_errno(SYNTHETIC_ERRNO(EPROTONOSUPPORT), "URL scheme not supported."); | |
0f274a87 LP |
621 | |
622 | /* The varlink.org reference C library supports more than just file system paths. We might want to | |
623 | * support that one day too. For now simply refuse that. */ | |
624 | if (p[strcspn(p, ";?#")] != '\0') | |
625 | return log_debug_errno(SYNTHETIC_ERRNO(EPROTONOSUPPORT), "URL parameterization with ';', '?', '#' not supported."); | |
626 | ||
a1bb30de LP |
627 | if (scheme == SCHEME_SSH) |
628 | return varlink_connect_ssh(ret, p); | |
629 | ||
630 | if (scheme == SCHEME_EXEC || p[0] != '@') { /* no path validity checks for abstract namespace sockets */ | |
0f274a87 LP |
631 | |
632 | if (!path_is_absolute(p)) | |
633 | return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "Specified path not absolute, refusing."); | |
634 | ||
cf3d95b2 YW |
635 | r = path_simplify_alloc(p, &c); |
636 | if (r < 0) | |
637 | return r; | |
0f274a87 LP |
638 | |
639 | if (!path_is_normalized(c)) | |
640 | return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "Specified path is not normalized, refusing."); | |
641 | } | |
642 | ||
a1bb30de | 643 | if (scheme == SCHEME_EXEC) |
86f6d32e | 644 | return varlink_connect_exec(ret, c, NULL); |
0f274a87 LP |
645 | |
646 | return varlink_connect_address(ret, c ?: p); | |
647 | } | |
648 | ||
d41bd96f LP |
649 | int varlink_connect_fd(Varlink **ret, int fd) { |
650 | Varlink *v; | |
651 | int r; | |
652 | ||
653 | assert_return(ret, -EINVAL); | |
654 | assert_return(fd >= 0, -EBADF); | |
655 | ||
656 | r = fd_nonblock(fd, true); | |
657 | if (r < 0) | |
db3d4222 | 658 | return log_debug_errno(r, "Failed to make fd %d nonblocking: %m", fd); |
d41bd96f LP |
659 | |
660 | r = varlink_new(&v); | |
661 | if (r < 0) | |
db3d4222 | 662 | return log_debug_errno(r, "Failed to create varlink object: %m"); |
d41bd96f LP |
663 | |
664 | v->fd = fd; | |
d37cdac6 | 665 | v->af = -1, |
d41bd96f LP |
666 | varlink_set_state(v, VARLINK_IDLE_CLIENT); |
667 | ||
668 | /* Note that if this function is called we assume the passed socket (if it is one) is already | |
669 | * properly connected, i.e. any asynchronous connect() done on it already completed. Because of that | |
670 | * we'll not set the 'connecting' boolean here, i.e. we don't need to avoid write()ing to the socket | |
671 | * until the connection is fully set up. Behaviour here is hence a bit different from | |
672 | * varlink_connect_address() above, as there we do handle asynchronous connections ourselves and | |
673 | * avoid doing write() on it before we saw EPOLLOUT for the first time. */ | |
674 | ||
675 | *ret = v; | |
676 | return 0; | |
677 | } | |
678 | ||
679 | static void varlink_detach_event_sources(Varlink *v) { | |
680 | assert(v); | |
681 | ||
1d3fe304 | 682 | v->io_event_source = sd_event_source_disable_unref(v->io_event_source); |
1d3fe304 | 683 | v->time_event_source = sd_event_source_disable_unref(v->time_event_source); |
1d3fe304 | 684 | v->quit_event_source = sd_event_source_disable_unref(v->quit_event_source); |
1d3fe304 | 685 | v->defer_event_source = sd_event_source_disable_unref(v->defer_event_source); |
d41bd96f LP |
686 | } |
687 | ||
790446bd LP |
688 | static void varlink_clear_current(Varlink *v) { |
689 | assert(v); | |
690 | ||
691 | /* Clears the currently processed incoming message */ | |
692 | v->current = json_variant_unref(v->current); | |
7e006b49 | 693 | v->current_method = NULL; |
72226a2f | 694 | v->current_reply_flags = 0; |
d37cdac6 LP |
695 | |
696 | close_many(v->input_fds, v->n_input_fds); | |
697 | v->input_fds = mfree(v->input_fds); | |
698 | v->n_input_fds = 0; | |
790446bd LP |
699 | } |
700 | ||
d41bd96f LP |
701 | static void varlink_clear(Varlink *v) { |
702 | assert(v); | |
703 | ||
704 | varlink_detach_event_sources(v); | |
705 | ||
706 | v->fd = safe_close(v->fd); | |
707 | ||
d37cdac6 LP |
708 | varlink_clear_current(v); |
709 | ||
a570877c | 710 | v->input_buffer = v->input_sensitive ? erase_and_free(v->input_buffer) : mfree(v->input_buffer); |
db1f7c84 | 711 | v->output_buffer = v->output_buffer_sensitive ? erase_and_free(v->output_buffer) : mfree(v->output_buffer); |
d41bd96f | 712 | |
3c868058 LP |
713 | v->input_control_buffer = mfree(v->input_control_buffer); |
714 | v->input_control_buffer_size = 0; | |
715 | ||
d37cdac6 LP |
716 | close_many(v->output_fds, v->n_output_fds); |
717 | v->output_fds = mfree(v->output_fds); | |
718 | v->n_output_fds = 0; | |
719 | ||
720 | close_many(v->pushed_fds, v->n_pushed_fds); | |
721 | v->pushed_fds = mfree(v->pushed_fds); | |
722 | v->n_pushed_fds = 0; | |
723 | ||
9aad490e | 724 | LIST_CLEAR(queue, v->output_queue, varlink_json_queue_item_free); |
d37cdac6 LP |
725 | v->output_queue_tail = NULL; |
726 | ||
d41bd96f | 727 | v->event = sd_event_unref(v->event); |
0f274a87 LP |
728 | |
729 | if (v->exec_pid > 0) { | |
730 | sigterm_wait(v->exec_pid); | |
731 | v->exec_pid = 0; | |
732 | } | |
0eccf725 LP |
733 | |
734 | v->peer_pidfd = safe_close(v->peer_pidfd); | |
d41bd96f LP |
735 | } |
736 | ||
737 | static Varlink* varlink_destroy(Varlink *v) { | |
738 | if (!v) | |
739 | return NULL; | |
740 | ||
741 | /* If this is called the server object must already been unreffed here. Why that? because when we | |
742 | * linked up the varlink connection with the server object we took one ref in each direction */ | |
743 | assert(!v->server); | |
744 | ||
745 | varlink_clear(v); | |
746 | ||
747 | free(v->description); | |
748 | return mfree(v); | |
749 | } | |
750 | ||
751 | DEFINE_TRIVIAL_REF_UNREF_FUNC(Varlink, varlink, varlink_destroy); | |
752 | ||
753 | static int varlink_test_disconnect(Varlink *v) { | |
754 | assert(v); | |
755 | ||
37b22b3b | 756 | /* Tests whether we the connection has been terminated. We are careful to not stop processing it |
d41bd96f LP |
757 | * prematurely, since we want to handle half-open connections as well as possible and want to flush |
758 | * out and read data before we close down if we can. */ | |
759 | ||
760 | /* Already disconnected? */ | |
761 | if (!VARLINK_STATE_IS_ALIVE(v->state)) | |
762 | return 0; | |
763 | ||
764 | /* Wait until connection setup is complete, i.e. until asynchronous connect() completes */ | |
765 | if (v->connecting) | |
766 | return 0; | |
767 | ||
768 | /* Still something to write and we can write? Stay around */ | |
769 | if (v->output_buffer_size > 0 && !v->write_disconnected) | |
770 | return 0; | |
771 | ||
772 | /* Both sides gone already? Then there's no need to stick around */ | |
773 | if (v->read_disconnected && v->write_disconnected) | |
774 | goto disconnect; | |
775 | ||
776 | /* If we are waiting for incoming data but the read side is shut down, disconnect. */ | |
45a6c965 | 777 | if (IN_SET(v->state, VARLINK_AWAITING_REPLY, VARLINK_AWAITING_REPLY_MORE, VARLINK_CALLING, VARLINK_IDLE_SERVER) && v->read_disconnected) |
d41bd96f LP |
778 | goto disconnect; |
779 | ||
780 | /* Similar, if are a client that hasn't written anything yet but the write side is dead, also | |
781 | * disconnect. We also explicitly check for POLLHUP here since we likely won't notice the write side | |
782 | * being down if we never wrote anything. */ | |
4f06325c | 783 | if (v->state == VARLINK_IDLE_CLIENT && (v->write_disconnected || v->got_pollhup)) |
d41bd96f LP |
784 | goto disconnect; |
785 | ||
7c26a631 LP |
786 | /* We are on the server side and still want to send out more replies, but we saw POLLHUP already, and |
787 | * either got no buffered bytes to write anymore or already saw a write error. In that case we should | |
788 | * shut down the varlink link. */ | |
789 | if (IN_SET(v->state, VARLINK_PENDING_METHOD, VARLINK_PENDING_METHOD_MORE) && (v->write_disconnected || v->output_buffer_size == 0) && v->got_pollhup) | |
e8e9227f AZ |
790 | goto disconnect; |
791 | ||
d41bd96f LP |
792 | return 0; |
793 | ||
794 | disconnect: | |
795 | varlink_set_state(v, VARLINK_PENDING_DISCONNECT); | |
796 | return 1; | |
797 | } | |
798 | ||
799 | static int varlink_write(Varlink *v) { | |
800 | ssize_t n; | |
d37cdac6 | 801 | int r; |
d41bd96f LP |
802 | |
803 | assert(v); | |
804 | ||
805 | if (!VARLINK_STATE_IS_ALIVE(v->state)) | |
806 | return 0; | |
807 | if (v->connecting) /* Writing while we are still wait for a non-blocking connect() to complete will | |
808 | * result in ENOTCONN, hence exit early here */ | |
809 | return 0; | |
d41bd96f LP |
810 | if (v->write_disconnected) |
811 | return 0; | |
812 | ||
d37cdac6 LP |
813 | /* If needed let's convert some output queue json variants into text form */ |
814 | r = varlink_format_queue(v); | |
815 | if (r < 0) | |
816 | return r; | |
817 | ||
818 | if (v->output_buffer_size == 0) | |
819 | return 0; | |
820 | ||
d41bd96f LP |
821 | assert(v->fd >= 0); |
822 | ||
d37cdac6 LP |
823 | if (v->n_output_fds > 0) { /* If we shall send fds along, we must use sendmsg() */ |
824 | struct iovec iov = { | |
825 | .iov_base = v->output_buffer + v->output_buffer_index, | |
826 | .iov_len = v->output_buffer_size, | |
827 | }; | |
828 | struct msghdr mh = { | |
829 | .msg_iov = &iov, | |
830 | .msg_iovlen = 1, | |
831 | .msg_controllen = CMSG_SPACE(sizeof(int) * v->n_output_fds), | |
832 | }; | |
833 | ||
834 | mh.msg_control = alloca0(mh.msg_controllen); | |
835 | ||
836 | struct cmsghdr *control = CMSG_FIRSTHDR(&mh); | |
837 | control->cmsg_len = CMSG_LEN(sizeof(int) * v->n_output_fds); | |
838 | control->cmsg_level = SOL_SOCKET; | |
839 | control->cmsg_type = SCM_RIGHTS; | |
840 | memcpy(CMSG_DATA(control), v->output_fds, sizeof(int) * v->n_output_fds); | |
841 | ||
842 | n = sendmsg(v->fd, &mh, MSG_DONTWAIT|MSG_NOSIGNAL); | |
843 | } else { | |
844 | /* We generally prefer recv()/send() (mostly because of MSG_NOSIGNAL) but also want to be compatible | |
845 | * with non-socket IO, hence fall back automatically. | |
846 | * | |
847 | * Use a local variable to help gcc figure out that we set 'n' in all cases. */ | |
848 | bool prefer_write = v->prefer_read_write; | |
849 | if (!prefer_write) { | |
850 | n = send(v->fd, v->output_buffer + v->output_buffer_index, v->output_buffer_size, MSG_DONTWAIT|MSG_NOSIGNAL); | |
851 | if (n < 0 && errno == ENOTSOCK) | |
852 | prefer_write = v->prefer_read_write = true; | |
853 | } | |
854 | if (prefer_write) | |
855 | n = write(v->fd, v->output_buffer + v->output_buffer_index, v->output_buffer_size); | |
d41bd96f | 856 | } |
d41bd96f LP |
857 | if (n < 0) { |
858 | if (errno == EAGAIN) | |
859 | return 0; | |
860 | ||
861 | if (ERRNO_IS_DISCONNECT(errno)) { | |
862 | /* If we get informed about a disconnect on write, then let's remember that, but not | |
863 | * act on it just yet. Let's wait for read() to report the issue first. */ | |
864 | v->write_disconnected = true; | |
865 | return 1; | |
866 | } | |
867 | ||
868 | return -errno; | |
869 | } | |
870 | ||
db1f7c84 LP |
871 | if (v->output_buffer_sensitive) |
872 | explicit_bzero_safe(v->output_buffer + v->output_buffer_index, n); | |
873 | ||
d41bd96f LP |
874 | v->output_buffer_size -= n; |
875 | ||
db1f7c84 | 876 | if (v->output_buffer_size == 0) { |
d41bd96f | 877 | v->output_buffer_index = 0; |
db1f7c84 LP |
878 | v->output_buffer_sensitive = false; /* We can reset the sensitive flag once the buffer is empty */ |
879 | } else | |
d41bd96f LP |
880 | v->output_buffer_index += n; |
881 | ||
d37cdac6 LP |
882 | close_many(v->output_fds, v->n_output_fds); |
883 | v->n_output_fds = 0; | |
884 | ||
d41bd96f LP |
885 | v->timestamp = now(CLOCK_MONOTONIC); |
886 | return 1; | |
887 | } | |
888 | ||
d37cdac6 LP |
889 | #define VARLINK_FDS_MAX (16U*1024U) |
890 | ||
d41bd96f | 891 | static int varlink_read(Varlink *v) { |
d37cdac6 LP |
892 | struct iovec iov; |
893 | struct msghdr mh; | |
d41bd96f LP |
894 | size_t rs; |
895 | ssize_t n; | |
d37cdac6 | 896 | void *p; |
d41bd96f LP |
897 | |
898 | assert(v); | |
899 | ||
45a6c965 | 900 | if (!IN_SET(v->state, VARLINK_AWAITING_REPLY, VARLINK_AWAITING_REPLY_MORE, VARLINK_CALLING, VARLINK_IDLE_SERVER)) |
d41bd96f LP |
901 | return 0; |
902 | if (v->connecting) /* read() on a socket while we are in connect() will fail with EINVAL, hence exit early here */ | |
903 | return 0; | |
904 | if (v->current) | |
905 | return 0; | |
906 | if (v->input_buffer_unscanned > 0) | |
907 | return 0; | |
908 | if (v->read_disconnected) | |
909 | return 0; | |
910 | ||
911 | if (v->input_buffer_size >= VARLINK_BUFFER_MAX) | |
912 | return -ENOBUFS; | |
913 | ||
914 | assert(v->fd >= 0); | |
915 | ||
319a4f4b | 916 | if (MALLOC_SIZEOF_SAFE(v->input_buffer) <= v->input_buffer_index + v->input_buffer_size) { |
d41bd96f LP |
917 | size_t add; |
918 | ||
919 | add = MIN(VARLINK_BUFFER_MAX - v->input_buffer_size, VARLINK_READ_SIZE); | |
920 | ||
921 | if (v->input_buffer_index == 0) { | |
922 | ||
319a4f4b | 923 | if (!GREEDY_REALLOC(v->input_buffer, v->input_buffer_size + add)) |
d41bd96f LP |
924 | return -ENOMEM; |
925 | ||
926 | } else { | |
927 | char *b; | |
928 | ||
929 | b = new(char, v->input_buffer_size + add); | |
930 | if (!b) | |
931 | return -ENOMEM; | |
932 | ||
933 | memcpy(b, v->input_buffer + v->input_buffer_index, v->input_buffer_size); | |
934 | ||
935 | free_and_replace(v->input_buffer, b); | |
d41bd96f LP |
936 | v->input_buffer_index = 0; |
937 | } | |
938 | } | |
939 | ||
d37cdac6 | 940 | p = v->input_buffer + v->input_buffer_index + v->input_buffer_size; |
319a4f4b | 941 | rs = MALLOC_SIZEOF_SAFE(v->input_buffer) - (v->input_buffer_index + v->input_buffer_size); |
d41bd96f | 942 | |
d37cdac6 | 943 | if (v->allow_fd_passing_input) { |
0347b9fd | 944 | iov = IOVEC_MAKE(p, rs); |
3c868058 LP |
945 | |
946 | /* Allocate the fd buffer on the heap, since we need a lot of space potentially */ | |
947 | if (!v->input_control_buffer) { | |
948 | v->input_control_buffer_size = CMSG_SPACE(sizeof(int) * VARLINK_FDS_MAX); | |
949 | v->input_control_buffer = malloc(v->input_control_buffer_size); | |
950 | if (!v->input_control_buffer) | |
951 | return -ENOMEM; | |
952 | } | |
953 | ||
d37cdac6 LP |
954 | mh = (struct msghdr) { |
955 | .msg_iov = &iov, | |
956 | .msg_iovlen = 1, | |
3c868058 LP |
957 | .msg_control = v->input_control_buffer, |
958 | .msg_controllen = v->input_control_buffer_size, | |
d37cdac6 | 959 | }; |
b456f226 | 960 | |
d37cdac6 LP |
961 | n = recvmsg_safe(v->fd, &mh, MSG_DONTWAIT|MSG_CMSG_CLOEXEC); |
962 | } else { | |
963 | bool prefer_read = v->prefer_read_write; | |
964 | if (!prefer_read) { | |
965 | n = recv(v->fd, p, rs, MSG_DONTWAIT); | |
966 | if (n < 0 && errno == ENOTSOCK) | |
967 | prefer_read = v->prefer_read_write = true; | |
968 | } | |
969 | if (prefer_read) | |
970 | n = read(v->fd, p, rs); | |
d41bd96f | 971 | } |
d41bd96f LP |
972 | if (n < 0) { |
973 | if (errno == EAGAIN) | |
974 | return 0; | |
975 | ||
976 | if (ERRNO_IS_DISCONNECT(errno)) { | |
977 | v->read_disconnected = true; | |
978 | return 1; | |
979 | } | |
980 | ||
981 | return -errno; | |
982 | } | |
983 | if (n == 0) { /* EOF */ | |
d37cdac6 LP |
984 | |
985 | if (v->allow_fd_passing_input) | |
986 | cmsg_close_all(&mh); | |
987 | ||
d41bd96f LP |
988 | v->read_disconnected = true; |
989 | return 1; | |
990 | } | |
991 | ||
d37cdac6 LP |
992 | if (v->allow_fd_passing_input) { |
993 | struct cmsghdr* cmsg; | |
994 | ||
995 | cmsg = cmsg_find(&mh, SOL_SOCKET, SCM_RIGHTS, (socklen_t) -1); | |
996 | if (cmsg) { | |
997 | size_t add; | |
998 | ||
999 | /* We only allow file descriptors to be passed along with the first byte of a | |
1000 | * message. If they are passed with any other byte this is a protocol violation. */ | |
1001 | if (v->input_buffer_size != 0) { | |
1002 | cmsg_close_all(&mh); | |
1003 | return -EPROTO; | |
1004 | } | |
1005 | ||
1006 | add = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int); | |
1007 | if (add > INT_MAX - v->n_input_fds) { | |
1008 | cmsg_close_all(&mh); | |
1009 | return -EBADF; | |
1010 | } | |
1011 | ||
1012 | if (!GREEDY_REALLOC(v->input_fds, v->n_input_fds + add)) { | |
1013 | cmsg_close_all(&mh); | |
1014 | return -ENOMEM; | |
1015 | } | |
1016 | ||
1017 | memcpy_safe(v->input_fds + v->n_input_fds, CMSG_TYPED_DATA(cmsg, int), add * sizeof(int)); | |
1018 | v->n_input_fds += add; | |
1019 | } | |
1020 | } | |
1021 | ||
d41bd96f LP |
1022 | v->input_buffer_size += n; |
1023 | v->input_buffer_unscanned += n; | |
1024 | ||
1025 | return 1; | |
1026 | } | |
1027 | ||
1028 | static int varlink_parse_message(Varlink *v) { | |
a570877c LP |
1029 | const char *e; |
1030 | char *begin; | |
d41bd96f LP |
1031 | size_t sz; |
1032 | int r; | |
1033 | ||
1034 | assert(v); | |
1035 | ||
1036 | if (v->current) | |
1037 | return 0; | |
1038 | if (v->input_buffer_unscanned <= 0) | |
1039 | return 0; | |
1040 | ||
1041 | assert(v->input_buffer_unscanned <= v->input_buffer_size); | |
319a4f4b | 1042 | assert(v->input_buffer_index + v->input_buffer_size <= MALLOC_SIZEOF_SAFE(v->input_buffer)); |
d41bd96f LP |
1043 | |
1044 | begin = v->input_buffer + v->input_buffer_index; | |
1045 | ||
1046 | e = memchr(begin + v->input_buffer_size - v->input_buffer_unscanned, 0, v->input_buffer_unscanned); | |
1047 | if (!e) { | |
1048 | v->input_buffer_unscanned = 0; | |
1049 | return 0; | |
1050 | } | |
1051 | ||
1052 | sz = e - begin + 1; | |
1053 | ||
d642f640 | 1054 | r = json_parse(begin, 0, &v->current, NULL, NULL); |
a570877c LP |
1055 | if (v->input_sensitive) |
1056 | explicit_bzero_safe(begin, sz); | |
77472d06 ZJS |
1057 | if (r < 0) { |
1058 | /* If we encounter a parse failure flush all data. We cannot possibly recover from this, | |
1059 | * hence drop all buffered data now. */ | |
1060 | v->input_buffer_index = v->input_buffer_size = v->input_buffer_unscanned = 0; | |
1061 | return varlink_log_errno(v, r, "Failed to parse JSON: %m"); | |
1062 | } | |
d41bd96f | 1063 | |
a570877c LP |
1064 | if (v->input_sensitive) { |
1065 | /* Mark the parameters subfield as sensitive right-away, if that's requested */ | |
1066 | JsonVariant *parameters = json_variant_by_key(v->current, "parameters"); | |
1067 | if (parameters) | |
1068 | json_variant_sensitive(parameters); | |
1069 | } | |
1070 | ||
85978d29 LP |
1071 | if (DEBUG_LOGGING) { |
1072 | _cleanup_(erase_and_freep) char *censored_text = NULL; | |
1073 | ||
1074 | /* Suppress sensitive fields in the debug output */ | |
1075 | r = json_variant_format(v->current, /* flags= */ JSON_FORMAT_CENSOR_SENSITIVE, &censored_text); | |
1076 | if (r < 0) | |
1077 | return r; | |
1078 | ||
1079 | varlink_log(v, "Received message: %s", censored_text); | |
1080 | } | |
1081 | ||
d41bd96f LP |
1082 | v->input_buffer_size -= sz; |
1083 | ||
1084 | if (v->input_buffer_size == 0) | |
1085 | v->input_buffer_index = 0; | |
1086 | else | |
1087 | v->input_buffer_index += sz; | |
1088 | ||
1089 | v->input_buffer_unscanned = v->input_buffer_size; | |
1090 | return 1; | |
1091 | } | |
1092 | ||
1093 | static int varlink_test_timeout(Varlink *v) { | |
1094 | assert(v); | |
1095 | ||
45a6c965 | 1096 | if (!IN_SET(v->state, VARLINK_AWAITING_REPLY, VARLINK_AWAITING_REPLY_MORE, VARLINK_CALLING)) |
d41bd96f LP |
1097 | return 0; |
1098 | if (v->timeout == USEC_INFINITY) | |
1099 | return 0; | |
1100 | ||
1101 | if (now(CLOCK_MONOTONIC) < usec_add(v->timestamp, v->timeout)) | |
1102 | return 0; | |
1103 | ||
1104 | varlink_set_state(v, VARLINK_PENDING_TIMEOUT); | |
1105 | ||
1106 | return 1; | |
1107 | } | |
1108 | ||
1109 | static int varlink_dispatch_local_error(Varlink *v, const char *error) { | |
1110 | int r; | |
1111 | ||
1112 | assert(v); | |
1113 | assert(error); | |
1114 | ||
1115 | if (!v->reply_callback) | |
1116 | return 0; | |
1117 | ||
1118 | r = v->reply_callback(v, NULL, error, VARLINK_REPLY_ERROR|VARLINK_REPLY_LOCAL, v->userdata); | |
1119 | if (r < 0) | |
6bcc1232 | 1120 | varlink_log_errno(v, r, "Reply callback returned error, ignoring: %m"); |
d41bd96f LP |
1121 | |
1122 | return 1; | |
1123 | } | |
1124 | ||
1125 | static int varlink_dispatch_timeout(Varlink *v) { | |
1126 | assert(v); | |
1127 | ||
1128 | if (v->state != VARLINK_PENDING_TIMEOUT) | |
1129 | return 0; | |
1130 | ||
1131 | varlink_set_state(v, VARLINK_PROCESSING_TIMEOUT); | |
1132 | varlink_dispatch_local_error(v, VARLINK_ERROR_TIMEOUT); | |
1133 | varlink_close(v); | |
1134 | ||
1135 | return 1; | |
1136 | } | |
1137 | ||
1138 | static int varlink_dispatch_disconnect(Varlink *v) { | |
1139 | assert(v); | |
1140 | ||
1141 | if (v->state != VARLINK_PENDING_DISCONNECT) | |
1142 | return 0; | |
1143 | ||
1144 | varlink_set_state(v, VARLINK_PROCESSING_DISCONNECT); | |
1145 | varlink_dispatch_local_error(v, VARLINK_ERROR_DISCONNECTED); | |
1146 | varlink_close(v); | |
1147 | ||
1148 | return 1; | |
1149 | } | |
1150 | ||
1151 | static int varlink_sanitize_parameters(JsonVariant **v) { | |
f2ad8924 LP |
1152 | int r; |
1153 | ||
d41bd96f LP |
1154 | assert(v); |
1155 | ||
1156 | /* Varlink always wants a parameters list, hence make one if the caller doesn't want any */ | |
1157 | if (!*v) | |
1158 | return json_variant_new_object(v, NULL, 0); | |
f2ad8924 LP |
1159 | if (json_variant_is_null(*v)) { |
1160 | JsonVariant *empty; | |
1161 | ||
1162 | r = json_variant_new_object(&empty, NULL, 0); | |
1163 | if (r < 0) | |
1164 | return r; | |
1165 | ||
1166 | json_variant_unref(*v); | |
1167 | *v = empty; | |
1168 | return 0; | |
1169 | } | |
1170 | if (!json_variant_is_object(*v)) | |
d41bd96f LP |
1171 | return -EINVAL; |
1172 | ||
1173 | return 0; | |
1174 | } | |
1175 | ||
1176 | static int varlink_dispatch_reply(Varlink *v) { | |
1177 | _cleanup_(json_variant_unrefp) JsonVariant *parameters = NULL; | |
1178 | VarlinkReplyFlags flags = 0; | |
1179 | const char *error = NULL; | |
1180 | JsonVariant *e; | |
1181 | const char *k; | |
1182 | int r; | |
1183 | ||
1184 | assert(v); | |
1185 | ||
45a6c965 | 1186 | if (!IN_SET(v->state, VARLINK_AWAITING_REPLY, VARLINK_AWAITING_REPLY_MORE, VARLINK_CALLING)) |
d41bd96f LP |
1187 | return 0; |
1188 | if (!v->current) | |
1189 | return 0; | |
1190 | ||
1191 | assert(v->n_pending > 0); | |
1192 | ||
1193 | if (!json_variant_is_object(v->current)) | |
1194 | goto invalid; | |
1195 | ||
1196 | JSON_VARIANT_OBJECT_FOREACH(k, e, v->current) { | |
1197 | ||
1198 | if (streq(k, "error")) { | |
1199 | if (error) | |
1200 | goto invalid; | |
1201 | if (!json_variant_is_string(e)) | |
1202 | goto invalid; | |
1203 | ||
1204 | error = json_variant_string(e); | |
1205 | flags |= VARLINK_REPLY_ERROR; | |
1206 | ||
1207 | } else if (streq(k, "parameters")) { | |
1208 | if (parameters) | |
1209 | goto invalid; | |
f2ad8924 | 1210 | if (!json_variant_is_object(e) && !json_variant_is_null(e)) |
d41bd96f LP |
1211 | goto invalid; |
1212 | ||
1213 | parameters = json_variant_ref(e); | |
1214 | ||
1215 | } else if (streq(k, "continues")) { | |
1216 | if (FLAGS_SET(flags, VARLINK_REPLY_CONTINUES)) | |
1217 | goto invalid; | |
1218 | ||
1219 | if (!json_variant_is_boolean(e)) | |
1220 | goto invalid; | |
1221 | ||
1222 | if (json_variant_boolean(e)) | |
1223 | flags |= VARLINK_REPLY_CONTINUES; | |
1224 | } else | |
1225 | goto invalid; | |
1226 | } | |
1227 | ||
45a6c965 LP |
1228 | /* Replies with 'continue' set are only OK if we set 'more' when the method call was initiated */ |
1229 | if (v->state != VARLINK_AWAITING_REPLY_MORE && FLAGS_SET(flags, VARLINK_REPLY_CONTINUES)) | |
1230 | goto invalid; | |
1231 | ||
1232 | /* An error is final */ | |
d41bd96f LP |
1233 | if (error && FLAGS_SET(flags, VARLINK_REPLY_CONTINUES)) |
1234 | goto invalid; | |
1235 | ||
1236 | r = varlink_sanitize_parameters(¶meters); | |
1237 | if (r < 0) | |
1238 | goto invalid; | |
1239 | ||
72226a2f LP |
1240 | v->current_reply_flags = flags; |
1241 | ||
45a6c965 | 1242 | if (IN_SET(v->state, VARLINK_AWAITING_REPLY, VARLINK_AWAITING_REPLY_MORE)) { |
d41bd96f LP |
1243 | varlink_set_state(v, VARLINK_PROCESSING_REPLY); |
1244 | ||
1245 | if (v->reply_callback) { | |
1246 | r = v->reply_callback(v, parameters, error, flags, v->userdata); | |
1247 | if (r < 0) | |
6bcc1232 | 1248 | varlink_log_errno(v, r, "Reply callback returned error, ignoring: %m"); |
d41bd96f LP |
1249 | } |
1250 | ||
790446bd | 1251 | varlink_clear_current(v); |
d41bd96f LP |
1252 | |
1253 | if (v->state == VARLINK_PROCESSING_REPLY) { | |
1254 | assert(v->n_pending > 0); | |
d41bd96f | 1255 | |
45a6c965 LP |
1256 | if (!FLAGS_SET(flags, VARLINK_REPLY_CONTINUES)) |
1257 | v->n_pending--; | |
1258 | ||
1259 | varlink_set_state(v, | |
1260 | FLAGS_SET(flags, VARLINK_REPLY_CONTINUES) ? VARLINK_AWAITING_REPLY_MORE : | |
1261 | v->n_pending == 0 ? VARLINK_IDLE_CLIENT : VARLINK_AWAITING_REPLY); | |
d41bd96f LP |
1262 | } |
1263 | } else { | |
1264 | assert(v->state == VARLINK_CALLING); | |
d41bd96f LP |
1265 | varlink_set_state(v, VARLINK_CALLED); |
1266 | } | |
1267 | ||
1268 | return 1; | |
1269 | ||
1270 | invalid: | |
1271 | varlink_set_state(v, VARLINK_PROCESSING_FAILURE); | |
1272 | varlink_dispatch_local_error(v, VARLINK_ERROR_PROTOCOL); | |
1273 | varlink_close(v); | |
1274 | ||
1275 | return 1; | |
1276 | } | |
1277 | ||
7e006b49 LP |
1278 | static int generic_method_get_info( |
1279 | Varlink *link, | |
1280 | JsonVariant *parameters, | |
1281 | VarlinkMethodFlags flags, | |
1282 | void *userdata) { | |
1283 | ||
1284 | _cleanup_strv_free_ char **interfaces = NULL; | |
1285 | _cleanup_free_ char *product = NULL; | |
1286 | int r; | |
1287 | ||
1288 | assert(link); | |
1289 | ||
1290 | if (json_variant_elements(parameters) != 0) | |
c2fb27ca | 1291 | return varlink_error_invalid_parameter(link, parameters); |
7e006b49 LP |
1292 | |
1293 | product = strjoin("systemd (", program_invocation_short_name, ")"); | |
1294 | if (!product) | |
1295 | return -ENOMEM; | |
1296 | ||
1297 | VarlinkInterface *interface; | |
1298 | HASHMAP_FOREACH(interface, ASSERT_PTR(link->server)->interfaces) { | |
1299 | r = strv_extend(&interfaces, interface->name); | |
1300 | if (r < 0) | |
1301 | return r; | |
1302 | } | |
1303 | ||
1304 | strv_sort(interfaces); | |
1305 | ||
1306 | return varlink_replyb(link, JSON_BUILD_OBJECT( | |
1307 | JSON_BUILD_PAIR_STRING("vendor", "The systemd Project"), | |
1308 | JSON_BUILD_PAIR_STRING("product", product), | |
1309 | JSON_BUILD_PAIR_STRING("version", STRINGIFY(PROJECT_VERSION) " (" GIT_VERSION ")"), | |
1310 | JSON_BUILD_PAIR_STRING("url", "https://systemd.io/"), | |
1311 | JSON_BUILD_PAIR_STRV("interfaces", interfaces))); | |
1312 | } | |
1313 | ||
1314 | static int generic_method_get_interface_description( | |
1315 | Varlink *link, | |
1316 | JsonVariant *parameters, | |
1317 | VarlinkMethodFlags flags, | |
1318 | void *userdata) { | |
1319 | ||
1320 | static const struct JsonDispatch dispatch_table[] = { | |
1321 | { "interface", JSON_VARIANT_STRING, json_dispatch_const_string, 0, JSON_MANDATORY }, | |
1322 | {} | |
1323 | }; | |
1324 | _cleanup_free_ char *text = NULL; | |
1325 | const VarlinkInterface *interface; | |
1326 | const char *name = NULL; | |
1327 | int r; | |
1328 | ||
1329 | assert(link); | |
1330 | ||
f1b622a0 | 1331 | r = json_dispatch(parameters, dispatch_table, 0, &name); |
7e006b49 LP |
1332 | if (r < 0) |
1333 | return r; | |
1334 | ||
1335 | interface = hashmap_get(ASSERT_PTR(link->server)->interfaces, name); | |
1336 | if (!interface) | |
1337 | return varlink_errorb(link, VARLINK_ERROR_INTERFACE_NOT_FOUND, | |
1338 | JSON_BUILD_OBJECT( | |
1339 | JSON_BUILD_PAIR_STRING("interface", name))); | |
1340 | ||
1341 | r = varlink_idl_format(interface, &text); | |
1342 | if (r < 0) | |
1343 | return r; | |
1344 | ||
1345 | return varlink_replyb(link, | |
1346 | JSON_BUILD_OBJECT( | |
1347 | JSON_BUILD_PAIR_STRING("description", text))); | |
1348 | } | |
1349 | ||
d41bd96f LP |
1350 | static int varlink_dispatch_method(Varlink *v) { |
1351 | _cleanup_(json_variant_unrefp) JsonVariant *parameters = NULL; | |
1352 | VarlinkMethodFlags flags = 0; | |
7e006b49 | 1353 | const char *method = NULL; |
d41bd96f LP |
1354 | JsonVariant *e; |
1355 | VarlinkMethod callback; | |
1356 | const char *k; | |
1357 | int r; | |
1358 | ||
1359 | assert(v); | |
1360 | ||
1361 | if (v->state != VARLINK_IDLE_SERVER) | |
1362 | return 0; | |
1363 | if (!v->current) | |
1364 | return 0; | |
1365 | ||
1366 | if (!json_variant_is_object(v->current)) | |
1367 | goto invalid; | |
1368 | ||
1369 | JSON_VARIANT_OBJECT_FOREACH(k, e, v->current) { | |
1370 | ||
1371 | if (streq(k, "method")) { | |
1372 | if (method) | |
1373 | goto invalid; | |
1374 | if (!json_variant_is_string(e)) | |
1375 | goto invalid; | |
1376 | ||
1377 | method = json_variant_string(e); | |
1378 | ||
1379 | } else if (streq(k, "parameters")) { | |
1380 | if (parameters) | |
1381 | goto invalid; | |
f2ad8924 | 1382 | if (!json_variant_is_object(e) && !json_variant_is_null(e)) |
d41bd96f LP |
1383 | goto invalid; |
1384 | ||
1385 | parameters = json_variant_ref(e); | |
1386 | ||
1387 | } else if (streq(k, "oneway")) { | |
1388 | ||
1389 | if ((flags & (VARLINK_METHOD_ONEWAY|VARLINK_METHOD_MORE)) != 0) | |
1390 | goto invalid; | |
1391 | ||
1392 | if (!json_variant_is_boolean(e)) | |
1393 | goto invalid; | |
1394 | ||
1395 | if (json_variant_boolean(e)) | |
1396 | flags |= VARLINK_METHOD_ONEWAY; | |
1397 | ||
1398 | } else if (streq(k, "more")) { | |
1399 | ||
1400 | if ((flags & (VARLINK_METHOD_ONEWAY|VARLINK_METHOD_MORE)) != 0) | |
1401 | goto invalid; | |
1402 | ||
1403 | if (!json_variant_is_boolean(e)) | |
1404 | goto invalid; | |
1405 | ||
1406 | if (json_variant_boolean(e)) | |
1407 | flags |= VARLINK_METHOD_MORE; | |
1408 | ||
1409 | } else | |
1410 | goto invalid; | |
1411 | } | |
1412 | ||
1413 | if (!method) | |
1414 | goto invalid; | |
1415 | ||
1416 | r = varlink_sanitize_parameters(¶meters); | |
1417 | if (r < 0) | |
1418 | goto fail; | |
1419 | ||
1420 | varlink_set_state(v, (flags & VARLINK_METHOD_MORE) ? VARLINK_PROCESSING_METHOD_MORE : | |
1421 | (flags & VARLINK_METHOD_ONEWAY) ? VARLINK_PROCESSING_METHOD_ONEWAY : | |
1422 | VARLINK_PROCESSING_METHOD); | |
1423 | ||
1424 | assert(v->server); | |
1425 | ||
7e006b49 LP |
1426 | /* First consult user supplied method implementations */ |
1427 | callback = hashmap_get(v->server->methods, method); | |
1428 | if (!callback) { | |
1429 | if (streq(method, "org.varlink.service.GetInfo")) | |
1430 | callback = generic_method_get_info; | |
1431 | else if (streq(method, "org.varlink.service.GetInterfaceDescription")) | |
1432 | callback = generic_method_get_interface_description; | |
d41bd96f LP |
1433 | } |
1434 | ||
1435 | if (callback) { | |
7e006b49 LP |
1436 | bool invalid = false; |
1437 | ||
1438 | v->current_method = hashmap_get(v->server->symbols, method); | |
1439 | if (!v->current_method) | |
6bcc1232 | 1440 | varlink_log(v, "No interface description defined for method '%s', not validating.", method); |
7e006b49 LP |
1441 | else { |
1442 | const char *bad_field; | |
1443 | ||
1444 | r = varlink_idl_validate_method_call(v->current_method, parameters, &bad_field); | |
1445 | if (r < 0) { | |
613d9539 YW |
1446 | /* Please adjust test/units/end.sh when updating the log message. */ |
1447 | varlink_log_errno(v, r, "Parameters for method %s() didn't pass validation on field '%s': %m", | |
1448 | method, strna(bad_field)); | |
c270fc44 | 1449 | |
7ff96ce3 | 1450 | if (IN_SET(v->state, VARLINK_PROCESSING_METHOD, VARLINK_PROCESSING_METHOD_MORE)) { |
afc50293 | 1451 | r = varlink_error_invalid_parameter_name(v, bad_field); |
c270fc44 LP |
1452 | if (r < 0) |
1453 | return r; | |
1454 | } | |
7e006b49 LP |
1455 | invalid = true; |
1456 | } | |
1457 | } | |
d41bd96f | 1458 | |
7e006b49 LP |
1459 | if (!invalid) { |
1460 | r = callback(v, parameters, flags, v->userdata); | |
1461 | if (r < 0) { | |
6bcc1232 | 1462 | varlink_log_errno(v, r, "Callback for %s returned error: %m", method); |
7e006b49 LP |
1463 | |
1464 | /* We got an error back from the callback. Propagate it to the client if the method call remains unanswered. */ | |
7ff96ce3 | 1465 | if (IN_SET(v->state, VARLINK_PROCESSING_METHOD, VARLINK_PROCESSING_METHOD_MORE)) { |
7e006b49 LP |
1466 | r = varlink_error_errno(v, r); |
1467 | if (r < 0) | |
1468 | return r; | |
1469 | } | |
d41bd96f LP |
1470 | } |
1471 | } | |
7ff96ce3 | 1472 | } else if (IN_SET(v->state, VARLINK_PROCESSING_METHOD, VARLINK_PROCESSING_METHOD_MORE)) { |
7e006b49 | 1473 | r = varlink_errorb(v, VARLINK_ERROR_METHOD_NOT_FOUND, JSON_BUILD_OBJECT(JSON_BUILD_PAIR("method", JSON_BUILD_STRING(method)))); |
d41bd96f LP |
1474 | if (r < 0) |
1475 | return r; | |
c931c871 | 1476 | } |
d41bd96f LP |
1477 | |
1478 | switch (v->state) { | |
1479 | ||
1480 | case VARLINK_PROCESSED_METHOD: /* Method call is fully processed */ | |
1481 | case VARLINK_PROCESSING_METHOD_ONEWAY: /* ditto */ | |
790446bd | 1482 | varlink_clear_current(v); |
d41bd96f LP |
1483 | varlink_set_state(v, VARLINK_IDLE_SERVER); |
1484 | break; | |
1485 | ||
1486 | case VARLINK_PROCESSING_METHOD: /* Method call wasn't replied to, will be replied to later */ | |
1487 | varlink_set_state(v, VARLINK_PENDING_METHOD); | |
1488 | break; | |
1489 | ||
d41bd96f LP |
1490 | case VARLINK_PROCESSING_METHOD_MORE: /* No reply for a "more" message was sent, more to come */ |
1491 | varlink_set_state(v, VARLINK_PENDING_METHOD_MORE); | |
1492 | break; | |
1493 | ||
1494 | default: | |
04499a70 | 1495 | assert_not_reached(); |
d41bd96f LP |
1496 | } |
1497 | ||
c931c871 | 1498 | return 1; |
d41bd96f LP |
1499 | |
1500 | invalid: | |
1501 | r = -EINVAL; | |
1502 | ||
1503 | fail: | |
1504 | varlink_set_state(v, VARLINK_PROCESSING_FAILURE); | |
1505 | varlink_dispatch_local_error(v, VARLINK_ERROR_PROTOCOL); | |
1506 | varlink_close(v); | |
1507 | ||
1508 | return r; | |
1509 | } | |
1510 | ||
1511 | int varlink_process(Varlink *v) { | |
1512 | int r; | |
1513 | ||
1514 | assert_return(v, -EINVAL); | |
1515 | ||
1516 | if (v->state == VARLINK_DISCONNECTED) | |
db3d4222 | 1517 | return varlink_log_errno(v, SYNTHETIC_ERRNO(ENOTCONN), "Not connected."); |
d41bd96f LP |
1518 | |
1519 | varlink_ref(v); | |
1520 | ||
1521 | r = varlink_write(v); | |
db3d4222 ZJS |
1522 | if (r < 0) |
1523 | varlink_log_errno(v, r, "Write failed: %m"); | |
d41bd96f LP |
1524 | if (r != 0) |
1525 | goto finish; | |
1526 | ||
1527 | r = varlink_dispatch_reply(v); | |
db3d4222 ZJS |
1528 | if (r < 0) |
1529 | varlink_log_errno(v, r, "Reply dispatch failed: %m"); | |
d41bd96f LP |
1530 | if (r != 0) |
1531 | goto finish; | |
1532 | ||
1533 | r = varlink_dispatch_method(v); | |
db3d4222 ZJS |
1534 | if (r < 0) |
1535 | varlink_log_errno(v, r, "Method dispatch failed: %m"); | |
d41bd96f LP |
1536 | if (r != 0) |
1537 | goto finish; | |
1538 | ||
1539 | r = varlink_parse_message(v); | |
db3d4222 ZJS |
1540 | if (r < 0) |
1541 | varlink_log_errno(v, r, "Message parsing failed: %m"); | |
d41bd96f LP |
1542 | if (r != 0) |
1543 | goto finish; | |
1544 | ||
1545 | r = varlink_read(v); | |
db3d4222 ZJS |
1546 | if (r < 0) |
1547 | varlink_log_errno(v, r, "Read failed: %m"); | |
d41bd96f LP |
1548 | if (r != 0) |
1549 | goto finish; | |
1550 | ||
1551 | r = varlink_test_disconnect(v); | |
db3d4222 | 1552 | assert(r >= 0); |
d41bd96f LP |
1553 | if (r != 0) |
1554 | goto finish; | |
1555 | ||
1556 | r = varlink_dispatch_disconnect(v); | |
db3d4222 | 1557 | assert(r >= 0); |
d41bd96f LP |
1558 | if (r != 0) |
1559 | goto finish; | |
1560 | ||
1561 | r = varlink_test_timeout(v); | |
db3d4222 | 1562 | assert(r >= 0); |
d41bd96f LP |
1563 | if (r != 0) |
1564 | goto finish; | |
1565 | ||
1566 | r = varlink_dispatch_timeout(v); | |
db3d4222 | 1567 | assert(r >= 0); |
d41bd96f LP |
1568 | if (r != 0) |
1569 | goto finish; | |
1570 | ||
1571 | finish: | |
1572 | if (r >= 0 && v->defer_event_source) { | |
1573 | int q; | |
1574 | ||
1575 | /* If we did some processing, make sure we are called again soon */ | |
1576 | q = sd_event_source_set_enabled(v->defer_event_source, r > 0 ? SD_EVENT_ON : SD_EVENT_OFF); | |
1577 | if (q < 0) | |
db3d4222 | 1578 | r = varlink_log_errno(v, q, "Failed to enable deferred event source: %m"); |
d41bd96f LP |
1579 | } |
1580 | ||
1581 | if (r < 0) { | |
1582 | if (VARLINK_STATE_IS_ALIVE(v->state)) | |
1583 | /* Initiate disconnection */ | |
1584 | varlink_set_state(v, VARLINK_PENDING_DISCONNECT); | |
1585 | else | |
1586 | /* We failed while disconnecting, in that case close right away */ | |
1587 | varlink_close(v); | |
1588 | } | |
1589 | ||
1590 | varlink_unref(v); | |
1591 | return r; | |
1592 | } | |
1593 | ||
35793c71 LP |
1594 | int varlink_dispatch_again(Varlink *v) { |
1595 | int r; | |
1596 | ||
1597 | assert_return(v, -EINVAL); | |
1598 | ||
1599 | /* If a method call handler could not process the method call just yet (for example because it needed | |
1600 | * some Polkit authentication first), then it can leave the call unanswered, do its thing, and then | |
1601 | * ask to be dispatched a second time, via this call. It will then be called again, for the same | |
1602 | * message */ | |
1603 | ||
1604 | if (v->state == VARLINK_DISCONNECTED) | |
1605 | return varlink_log_errno(v, SYNTHETIC_ERRNO(ENOTCONN), "Not connected."); | |
1606 | if (v->state != VARLINK_PENDING_METHOD) | |
1607 | return varlink_log_errno(v, SYNTHETIC_ERRNO(EBUSY), "Connection has no pending method."); | |
1608 | ||
1609 | varlink_set_state(v, VARLINK_IDLE_SERVER); | |
1610 | ||
1611 | r = sd_event_source_set_enabled(v->defer_event_source, SD_EVENT_ON); | |
1612 | if (r < 0) | |
1613 | return varlink_log_errno(v, r, "Failed to enable deferred event source: %m"); | |
1614 | ||
1615 | return 0; | |
1616 | } | |
1617 | ||
1618 | int varlink_get_current_parameters(Varlink *v, JsonVariant **ret) { | |
1619 | JsonVariant *p; | |
1620 | ||
1621 | assert_return(v, -EINVAL); | |
1622 | ||
1623 | if (!v->current) | |
1624 | return -ENODATA; | |
1625 | ||
1626 | p = json_variant_by_key(v->current, "parameters"); | |
1627 | if (!p) | |
1628 | return -ENODATA; | |
1629 | ||
1630 | if (ret) | |
1631 | *ret = json_variant_ref(p); | |
1632 | ||
1633 | return 0; | |
1634 | } | |
1635 | ||
d41bd96f LP |
1636 | static void handle_revents(Varlink *v, int revents) { |
1637 | assert(v); | |
1638 | ||
1639 | if (v->connecting) { | |
1640 | /* If we have seen POLLOUT or POLLHUP on a socket we are asynchronously waiting a connect() | |
1641 | * to complete on, we know we are ready. We don't read the connection error here though, | |
1642 | * we'll get the error on the next read() or write(). */ | |
1643 | if ((revents & (POLLOUT|POLLHUP)) == 0) | |
1644 | return; | |
1645 | ||
6976bf5c | 1646 | varlink_log(v, "Asynchronous connection completed."); |
d41bd96f LP |
1647 | v->connecting = false; |
1648 | } else { | |
1649 | /* Note that we don't care much about POLLIN/POLLOUT here, we'll just try reading and writing | |
1650 | * what we can. However, we do care about POLLHUP to detect connection termination even if we | |
1651 | * momentarily don't want to read nor write anything. */ | |
1652 | ||
1653 | if (!FLAGS_SET(revents, POLLHUP)) | |
1654 | return; | |
1655 | ||
1656 | varlink_log(v, "Got POLLHUP from socket."); | |
1657 | v->got_pollhup = true; | |
1658 | } | |
1659 | } | |
1660 | ||
1661 | int varlink_wait(Varlink *v, usec_t timeout) { | |
d41bd96f LP |
1662 | int r, fd, events; |
1663 | usec_t t; | |
1664 | ||
1665 | assert_return(v, -EINVAL); | |
d41bd96f LP |
1666 | |
1667 | if (v->state == VARLINK_DISCONNECTED) | |
db3d4222 | 1668 | return varlink_log_errno(v, SYNTHETIC_ERRNO(ENOTCONN), "Not connected."); |
d41bd96f LP |
1669 | |
1670 | r = varlink_get_timeout(v, &t); | |
1671 | if (r < 0) | |
1672 | return r; | |
1673 | if (t != USEC_INFINITY) { | |
1674 | usec_t n; | |
1675 | ||
1676 | n = now(CLOCK_MONOTONIC); | |
1677 | if (t < n) | |
1678 | t = 0; | |
1679 | else | |
1680 | t = usec_sub_unsigned(t, n); | |
1681 | } | |
1682 | ||
1683 | if (timeout != USEC_INFINITY && | |
1684 | (t == USEC_INFINITY || timeout < t)) | |
1685 | t = timeout; | |
1686 | ||
1687 | fd = varlink_get_fd(v); | |
1688 | if (fd < 0) | |
1689 | return fd; | |
1690 | ||
1691 | events = varlink_get_events(v); | |
1692 | if (events < 0) | |
1693 | return events; | |
1694 | ||
0f2d351f | 1695 | r = fd_wait_for_event(fd, events, t); |
13d84288 ZJS |
1696 | if (ERRNO_IS_NEG_TRANSIENT(r)) /* Treat EINTR as not a timeout, but also nothing happened, and |
1697 | * the caller gets a chance to call back into us */ | |
6976bf5c | 1698 | return 1; |
05827831 | 1699 | if (r <= 0) |
0f2d351f | 1700 | return r; |
d41bd96f | 1701 | |
0f2d351f | 1702 | handle_revents(v, r); |
dad28bff | 1703 | return 1; |
d41bd96f LP |
1704 | } |
1705 | ||
8240fa92 LP |
1706 | int varlink_is_idle(Varlink *v) { |
1707 | assert_return(v, -EINVAL); | |
1708 | ||
1709 | /* Returns true if there's nothing pending on the connection anymore, i.e. we processed all incoming | |
1710 | * or outgoing messages fully, or finished disconnection */ | |
1711 | ||
1712 | return IN_SET(v->state, VARLINK_DISCONNECTED, VARLINK_IDLE_CLIENT, VARLINK_IDLE_SERVER); | |
1713 | } | |
1714 | ||
d41bd96f LP |
1715 | int varlink_get_fd(Varlink *v) { |
1716 | ||
1717 | assert_return(v, -EINVAL); | |
1718 | ||
1719 | if (v->state == VARLINK_DISCONNECTED) | |
db3d4222 | 1720 | return varlink_log_errno(v, SYNTHETIC_ERRNO(ENOTCONN), "Not connected."); |
d41bd96f | 1721 | if (v->fd < 0) |
db3d4222 | 1722 | return varlink_log_errno(v, SYNTHETIC_ERRNO(EBADF), "No valid fd."); |
d41bd96f LP |
1723 | |
1724 | return v->fd; | |
1725 | } | |
1726 | ||
1727 | int varlink_get_events(Varlink *v) { | |
1728 | int ret = 0; | |
1729 | ||
1730 | assert_return(v, -EINVAL); | |
1731 | ||
1732 | if (v->state == VARLINK_DISCONNECTED) | |
db3d4222 | 1733 | return varlink_log_errno(v, SYNTHETIC_ERRNO(ENOTCONN), "Not connected."); |
d41bd96f LP |
1734 | |
1735 | if (v->connecting) /* When processing an asynchronous connect(), we only wait for EPOLLOUT, which | |
1736 | * tells us that the connection is now complete. Before that we should neither | |
1737 | * write() or read() from the fd. */ | |
1738 | return EPOLLOUT; | |
1739 | ||
1740 | if (!v->read_disconnected && | |
45a6c965 | 1741 | IN_SET(v->state, VARLINK_AWAITING_REPLY, VARLINK_AWAITING_REPLY_MORE, VARLINK_CALLING, VARLINK_IDLE_SERVER) && |
d41bd96f LP |
1742 | !v->current && |
1743 | v->input_buffer_unscanned <= 0) | |
1744 | ret |= EPOLLIN; | |
1745 | ||
1746 | if (!v->write_disconnected && | |
1747 | v->output_buffer_size > 0) | |
1748 | ret |= EPOLLOUT; | |
1749 | ||
1750 | return ret; | |
1751 | } | |
1752 | ||
1753 | int varlink_get_timeout(Varlink *v, usec_t *ret) { | |
1754 | assert_return(v, -EINVAL); | |
1755 | ||
1756 | if (v->state == VARLINK_DISCONNECTED) | |
db3d4222 | 1757 | return varlink_log_errno(v, SYNTHETIC_ERRNO(ENOTCONN), "Not connected."); |
d41bd96f | 1758 | |
45a6c965 | 1759 | if (IN_SET(v->state, VARLINK_AWAITING_REPLY, VARLINK_AWAITING_REPLY_MORE, VARLINK_CALLING) && |
d41bd96f LP |
1760 | v->timeout != USEC_INFINITY) { |
1761 | if (ret) | |
1762 | *ret = usec_add(v->timestamp, v->timeout); | |
1763 | return 1; | |
1764 | } else { | |
1765 | if (ret) | |
1766 | *ret = USEC_INFINITY; | |
1767 | return 0; | |
1768 | } | |
1769 | } | |
1770 | ||
1771 | int varlink_flush(Varlink *v) { | |
1772 | int ret = 0, r; | |
1773 | ||
1774 | assert_return(v, -EINVAL); | |
1775 | ||
1776 | if (v->state == VARLINK_DISCONNECTED) | |
db3d4222 | 1777 | return varlink_log_errno(v, SYNTHETIC_ERRNO(ENOTCONN), "Not connected."); |
d41bd96f LP |
1778 | |
1779 | for (;;) { | |
d41bd96f LP |
1780 | if (v->output_buffer_size == 0) |
1781 | break; | |
1782 | if (v->write_disconnected) | |
1783 | return -ECONNRESET; | |
1784 | ||
1785 | r = varlink_write(v); | |
1786 | if (r < 0) | |
1787 | return r; | |
1788 | if (r > 0) { | |
1789 | ret = 1; | |
1790 | continue; | |
1791 | } | |
1792 | ||
0f2d351f | 1793 | r = fd_wait_for_event(v->fd, POLLOUT, USEC_INFINITY); |
bb44fd07 ZJS |
1794 | if (ERRNO_IS_NEG_TRANSIENT(r)) |
1795 | continue; | |
1796 | if (r < 0) | |
db3d4222 | 1797 | return varlink_log_errno(v, r, "Poll failed on fd: %m"); |
bb44fd07 | 1798 | assert(r > 0); |
dad28bff | 1799 | |
0f2d351f | 1800 | handle_revents(v, r); |
d41bd96f LP |
1801 | } |
1802 | ||
1803 | return ret; | |
1804 | } | |
1805 | ||
1806 | static void varlink_detach_server(Varlink *v) { | |
6d4d6002 | 1807 | VarlinkServer *saved_server; |
d41bd96f LP |
1808 | assert(v); |
1809 | ||
1810 | if (!v->server) | |
1811 | return; | |
1812 | ||
1813 | if (v->server->by_uid && | |
1814 | v->ucred_acquired && | |
1815 | uid_is_valid(v->ucred.uid)) { | |
1816 | unsigned c; | |
1817 | ||
1818 | c = PTR_TO_UINT(hashmap_get(v->server->by_uid, UID_TO_PTR(v->ucred.uid))); | |
1819 | assert(c > 0); | |
1820 | ||
1821 | if (c == 1) | |
1822 | (void) hashmap_remove(v->server->by_uid, UID_TO_PTR(v->ucred.uid)); | |
1823 | else | |
1824 | (void) hashmap_replace(v->server->by_uid, UID_TO_PTR(v->ucred.uid), UINT_TO_PTR(c - 1)); | |
1825 | } | |
1826 | ||
1827 | assert(v->server->n_connections > 0); | |
1828 | v->server->n_connections--; | |
1829 | ||
1830 | /* If this is a connection associated to a server, then let's disconnect the server and the | |
6d4d6002 LP |
1831 | * connection from each other. This drops the dangling reference that connect_callback() set up. But |
1832 | * before we release the references, let's call the disconnection callback if it is defined. */ | |
1833 | ||
1834 | saved_server = TAKE_PTR(v->server); | |
1835 | ||
1836 | if (saved_server->disconnect_callback) | |
1837 | saved_server->disconnect_callback(saved_server, v, saved_server->userdata); | |
1838 | ||
47723340 | 1839 | varlink_server_test_exit_on_idle(saved_server); |
6d4d6002 | 1840 | varlink_server_unref(saved_server); |
d41bd96f LP |
1841 | varlink_unref(v); |
1842 | } | |
1843 | ||
1844 | int varlink_close(Varlink *v) { | |
d41bd96f LP |
1845 | assert_return(v, -EINVAL); |
1846 | ||
1847 | if (v->state == VARLINK_DISCONNECTED) | |
1848 | return 0; | |
1849 | ||
1850 | varlink_set_state(v, VARLINK_DISCONNECTED); | |
1851 | ||
cc6b0a18 LP |
1852 | /* Let's take a reference first, since varlink_detach_server() might drop the final (dangling) ref |
1853 | * which would destroy us before we can call varlink_clear() */ | |
d41bd96f LP |
1854 | varlink_ref(v); |
1855 | varlink_detach_server(v); | |
1856 | varlink_clear(v); | |
1857 | varlink_unref(v); | |
1858 | ||
1859 | return 1; | |
1860 | } | |
1861 | ||
9652d740 | 1862 | Varlink* varlink_close_unref(Varlink *v) { |
9652d740 LP |
1863 | if (!v) |
1864 | return NULL; | |
1865 | ||
cc6b0a18 | 1866 | (void) varlink_close(v); |
9652d740 LP |
1867 | return varlink_unref(v); |
1868 | } | |
1869 | ||
d41bd96f | 1870 | Varlink* varlink_flush_close_unref(Varlink *v) { |
cc6b0a18 LP |
1871 | if (!v) |
1872 | return NULL; | |
d41bd96f | 1873 | |
cc6b0a18 | 1874 | (void) varlink_flush(v); |
39ad3f1c | 1875 | return varlink_close_unref(v); |
d41bd96f LP |
1876 | } |
1877 | ||
d37cdac6 | 1878 | static int varlink_format_json(Varlink *v, JsonVariant *m) { |
db1f7c84 | 1879 | _cleanup_(erase_and_freep) char *text = NULL; |
99128971 | 1880 | int sz, r; |
d41bd96f LP |
1881 | |
1882 | assert(v); | |
1883 | assert(m); | |
1884 | ||
99128971 LP |
1885 | sz = json_variant_format(m, /* flags= */ 0, &text); |
1886 | if (sz < 0) | |
1887 | return sz; | |
1888 | assert(text[sz] == '\0'); | |
d41bd96f | 1889 | |
99128971 | 1890 | if (v->output_buffer_size + sz + 1 > VARLINK_BUFFER_MAX) |
d41bd96f LP |
1891 | return -ENOBUFS; |
1892 | ||
99128971 LP |
1893 | if (DEBUG_LOGGING) { |
1894 | _cleanup_(erase_and_freep) char *censored_text = NULL; | |
1895 | ||
1896 | /* Suppress sensitive fields in the debug output */ | |
1897 | r = json_variant_format(m, /* flags= */ JSON_FORMAT_CENSOR_SENSITIVE, &censored_text); | |
1898 | if (r < 0) | |
1899 | return r; | |
1900 | ||
1901 | varlink_log(v, "Sending message: %s", censored_text); | |
1902 | } | |
d41bd96f LP |
1903 | |
1904 | if (v->output_buffer_size == 0) { | |
1905 | ||
1906 | free_and_replace(v->output_buffer, text); | |
1907 | ||
99128971 | 1908 | v->output_buffer_size = sz + 1; |
d41bd96f LP |
1909 | v->output_buffer_index = 0; |
1910 | ||
1911 | } else if (v->output_buffer_index == 0) { | |
1912 | ||
99128971 | 1913 | if (!GREEDY_REALLOC(v->output_buffer, v->output_buffer_size + sz + 1)) |
d41bd96f LP |
1914 | return -ENOMEM; |
1915 | ||
99128971 LP |
1916 | memcpy(v->output_buffer + v->output_buffer_size, text, sz + 1); |
1917 | v->output_buffer_size += sz + 1; | |
d41bd96f LP |
1918 | } else { |
1919 | char *n; | |
99128971 | 1920 | const size_t new_size = v->output_buffer_size + sz + 1; |
d41bd96f | 1921 | |
be44e091 | 1922 | n = new(char, new_size); |
d41bd96f LP |
1923 | if (!n) |
1924 | return -ENOMEM; | |
1925 | ||
99128971 | 1926 | memcpy(mempcpy(n, v->output_buffer + v->output_buffer_index, v->output_buffer_size), text, sz + 1); |
d41bd96f LP |
1927 | |
1928 | free_and_replace(v->output_buffer, n); | |
319a4f4b | 1929 | v->output_buffer_size = new_size; |
d41bd96f LP |
1930 | v->output_buffer_index = 0; |
1931 | } | |
1932 | ||
99128971 | 1933 | if (json_variant_is_sensitive_recursive(m)) |
db1f7c84 LP |
1934 | v->output_buffer_sensitive = true; /* Propagate sensitive flag */ |
1935 | else | |
1936 | text = mfree(text); /* No point in the erase_and_free() destructor declared above */ | |
1937 | ||
d41bd96f LP |
1938 | return 0; |
1939 | } | |
1940 | ||
d37cdac6 LP |
1941 | static int varlink_enqueue_json(Varlink *v, JsonVariant *m) { |
1942 | VarlinkJsonQueueItem *q; | |
1943 | ||
1944 | assert(v); | |
1945 | assert(m); | |
1946 | ||
94d82b59 | 1947 | /* If there are no file descriptors to be queued and no queue entries yet we can shortcut things and |
d37cdac6 LP |
1948 | * append this entry directly to the output buffer */ |
1949 | if (v->n_pushed_fds == 0 && !v->output_queue) | |
1950 | return varlink_format_json(v, m); | |
1951 | ||
1952 | /* Otherwise add a queue entry for this */ | |
1953 | q = varlink_json_queue_item_new(m, v->pushed_fds, v->n_pushed_fds); | |
1954 | if (!q) | |
1955 | return -ENOMEM; | |
1956 | ||
1957 | v->n_pushed_fds = 0; /* fds now belong to the queue entry */ | |
1958 | ||
1959 | LIST_INSERT_AFTER(queue, v->output_queue, v->output_queue_tail, q); | |
1960 | v->output_queue_tail = q; | |
1961 | return 0; | |
1962 | } | |
1963 | ||
1964 | static int varlink_format_queue(Varlink *v) { | |
1965 | int r; | |
1966 | ||
1967 | assert(v); | |
1968 | ||
1969 | /* Takes entries out of the output queue and formats them into the output buffer. But only if this | |
1970 | * would not corrupt our fd message boundaries */ | |
1971 | ||
1972 | while (v->output_queue) { | |
1973 | _cleanup_free_ int *array = NULL; | |
1974 | VarlinkJsonQueueItem *q = v->output_queue; | |
1975 | ||
1976 | if (v->n_output_fds > 0) /* unwritten fds? if we'd add more we'd corrupt the fd message boundaries, hence wait */ | |
1977 | return 0; | |
1978 | ||
1979 | if (q->n_fds > 0) { | |
1980 | array = newdup(int, q->fds, q->n_fds); | |
1981 | if (!array) | |
1982 | return -ENOMEM; | |
1983 | } | |
1984 | ||
1985 | r = varlink_format_json(v, q->data); | |
1986 | if (r < 0) | |
1987 | return r; | |
1988 | ||
1989 | /* Take possession of the queue element's fds */ | |
1990 | free(v->output_fds); | |
1991 | v->output_fds = TAKE_PTR(array); | |
1992 | v->n_output_fds = q->n_fds; | |
1993 | q->n_fds = 0; | |
1994 | ||
1995 | LIST_REMOVE(queue, v->output_queue, q); | |
1996 | if (!v->output_queue) | |
1997 | v->output_queue_tail = NULL; | |
1998 | ||
1999 | varlink_json_queue_item_free(q); | |
2000 | } | |
2001 | ||
2002 | return 0; | |
2003 | } | |
2004 | ||
d41bd96f LP |
2005 | int varlink_send(Varlink *v, const char *method, JsonVariant *parameters) { |
2006 | _cleanup_(json_variant_unrefp) JsonVariant *m = NULL; | |
2007 | int r; | |
2008 | ||
2009 | assert_return(v, -EINVAL); | |
2010 | assert_return(method, -EINVAL); | |
2011 | ||
2012 | if (v->state == VARLINK_DISCONNECTED) | |
db3d4222 | 2013 | return varlink_log_errno(v, SYNTHETIC_ERRNO(ENOTCONN), "Not connected."); |
45a6c965 LP |
2014 | |
2015 | /* We allow enqueuing multiple method calls at once! */ | |
d41bd96f | 2016 | if (!IN_SET(v->state, VARLINK_IDLE_CLIENT, VARLINK_AWAITING_REPLY)) |
db3d4222 | 2017 | return varlink_log_errno(v, SYNTHETIC_ERRNO(EBUSY), "Connection busy."); |
d41bd96f LP |
2018 | |
2019 | r = varlink_sanitize_parameters(¶meters); | |
2020 | if (r < 0) | |
db3d4222 | 2021 | return varlink_log_errno(v, r, "Failed to sanitize parameters: %m"); |
d41bd96f LP |
2022 | |
2023 | r = json_build(&m, JSON_BUILD_OBJECT( | |
2024 | JSON_BUILD_PAIR("method", JSON_BUILD_STRING(method)), | |
2025 | JSON_BUILD_PAIR("parameters", JSON_BUILD_VARIANT(parameters)), | |
2026 | JSON_BUILD_PAIR("oneway", JSON_BUILD_BOOLEAN(true)))); | |
2027 | if (r < 0) | |
db3d4222 | 2028 | return varlink_log_errno(v, r, "Failed to build json message: %m"); |
d41bd96f LP |
2029 | |
2030 | r = varlink_enqueue_json(v, m); | |
2031 | if (r < 0) | |
db3d4222 | 2032 | return varlink_log_errno(v, r, "Failed to enqueue json message: %m"); |
d41bd96f LP |
2033 | |
2034 | /* No state change here, this is one-way only after all */ | |
2035 | v->timestamp = now(CLOCK_MONOTONIC); | |
2036 | return 0; | |
2037 | } | |
2038 | ||
2039 | int varlink_sendb(Varlink *v, const char *method, ...) { | |
2040 | _cleanup_(json_variant_unrefp) JsonVariant *parameters = NULL; | |
2041 | va_list ap; | |
2042 | int r; | |
2043 | ||
2044 | assert_return(v, -EINVAL); | |
2045 | ||
2046 | va_start(ap, method); | |
2047 | r = json_buildv(¶meters, ap); | |
2048 | va_end(ap); | |
2049 | ||
2050 | if (r < 0) | |
db3d4222 | 2051 | return varlink_log_errno(v, r, "Failed to build json message: %m"); |
d41bd96f LP |
2052 | |
2053 | return varlink_send(v, method, parameters); | |
2054 | } | |
2055 | ||
2056 | int varlink_invoke(Varlink *v, const char *method, JsonVariant *parameters) { | |
2057 | _cleanup_(json_variant_unrefp) JsonVariant *m = NULL; | |
2058 | int r; | |
2059 | ||
2060 | assert_return(v, -EINVAL); | |
2061 | assert_return(method, -EINVAL); | |
2062 | ||
2063 | if (v->state == VARLINK_DISCONNECTED) | |
db3d4222 | 2064 | return varlink_log_errno(v, SYNTHETIC_ERRNO(ENOTCONN), "Not connected."); |
45a6c965 | 2065 | |
86b52a39 | 2066 | /* We allow enqueuing multiple method calls at once! */ |
d41bd96f | 2067 | if (!IN_SET(v->state, VARLINK_IDLE_CLIENT, VARLINK_AWAITING_REPLY)) |
db3d4222 | 2068 | return varlink_log_errno(v, SYNTHETIC_ERRNO(EBUSY), "Connection busy."); |
d41bd96f LP |
2069 | |
2070 | r = varlink_sanitize_parameters(¶meters); | |
2071 | if (r < 0) | |
db3d4222 | 2072 | return varlink_log_errno(v, r, "Failed to sanitize parameters: %m"); |
d41bd96f LP |
2073 | |
2074 | r = json_build(&m, JSON_BUILD_OBJECT( | |
2075 | JSON_BUILD_PAIR("method", JSON_BUILD_STRING(method)), | |
2076 | JSON_BUILD_PAIR("parameters", JSON_BUILD_VARIANT(parameters)))); | |
2077 | if (r < 0) | |
db3d4222 | 2078 | return varlink_log_errno(v, r, "Failed to build json message: %m"); |
d41bd96f LP |
2079 | |
2080 | r = varlink_enqueue_json(v, m); | |
2081 | if (r < 0) | |
db3d4222 | 2082 | return varlink_log_errno(v, r, "Failed to enqueue json message: %m"); |
d41bd96f LP |
2083 | |
2084 | varlink_set_state(v, VARLINK_AWAITING_REPLY); | |
2085 | v->n_pending++; | |
2086 | v->timestamp = now(CLOCK_MONOTONIC); | |
2087 | ||
2088 | return 0; | |
2089 | } | |
2090 | ||
2091 | int varlink_invokeb(Varlink *v, const char *method, ...) { | |
2092 | _cleanup_(json_variant_unrefp) JsonVariant *parameters = NULL; | |
2093 | va_list ap; | |
2094 | int r; | |
2095 | ||
2096 | assert_return(v, -EINVAL); | |
2097 | ||
2098 | va_start(ap, method); | |
2099 | r = json_buildv(¶meters, ap); | |
2100 | va_end(ap); | |
2101 | ||
2102 | if (r < 0) | |
db3d4222 | 2103 | return varlink_log_errno(v, r, "Failed to build json message: %m"); |
d41bd96f LP |
2104 | |
2105 | return varlink_invoke(v, method, parameters); | |
45a6c965 LP |
2106 | } |
2107 | ||
2108 | int varlink_observe(Varlink *v, const char *method, JsonVariant *parameters) { | |
2109 | _cleanup_(json_variant_unrefp) JsonVariant *m = NULL; | |
2110 | int r; | |
2111 | ||
2112 | assert_return(v, -EINVAL); | |
2113 | assert_return(method, -EINVAL); | |
2114 | ||
2115 | if (v->state == VARLINK_DISCONNECTED) | |
db3d4222 ZJS |
2116 | return varlink_log_errno(v, SYNTHETIC_ERRNO(ENOTCONN), "Not connected."); |
2117 | ||
45a6c965 LP |
2118 | /* Note that we don't allow enqueuing multiple method calls when we are in more/continues mode! We |
2119 | * thus insist on an idle client here. */ | |
2120 | if (v->state != VARLINK_IDLE_CLIENT) | |
db3d4222 | 2121 | return varlink_log_errno(v, SYNTHETIC_ERRNO(EBUSY), "Connection busy."); |
45a6c965 LP |
2122 | |
2123 | r = varlink_sanitize_parameters(¶meters); | |
2124 | if (r < 0) | |
db3d4222 | 2125 | return varlink_log_errno(v, r, "Failed to sanitize parameters: %m"); |
45a6c965 LP |
2126 | |
2127 | r = json_build(&m, JSON_BUILD_OBJECT( | |
2128 | JSON_BUILD_PAIR("method", JSON_BUILD_STRING(method)), | |
2129 | JSON_BUILD_PAIR("parameters", JSON_BUILD_VARIANT(parameters)), | |
2130 | JSON_BUILD_PAIR("more", JSON_BUILD_BOOLEAN(true)))); | |
2131 | if (r < 0) | |
db3d4222 | 2132 | return varlink_log_errno(v, r, "Failed to build json message: %m"); |
45a6c965 LP |
2133 | |
2134 | r = varlink_enqueue_json(v, m); | |
2135 | if (r < 0) | |
db3d4222 | 2136 | return varlink_log_errno(v, r, "Failed to enqueue json message: %m"); |
45a6c965 LP |
2137 | |
2138 | varlink_set_state(v, VARLINK_AWAITING_REPLY_MORE); | |
2139 | v->n_pending++; | |
2140 | v->timestamp = now(CLOCK_MONOTONIC); | |
2141 | ||
2142 | return 0; | |
2143 | } | |
2144 | ||
2145 | int varlink_observeb(Varlink *v, const char *method, ...) { | |
2146 | _cleanup_(json_variant_unrefp) JsonVariant *parameters = NULL; | |
2147 | va_list ap; | |
2148 | int r; | |
2149 | ||
2150 | assert_return(v, -EINVAL); | |
2151 | ||
2152 | va_start(ap, method); | |
2153 | r = json_buildv(¶meters, ap); | |
2154 | va_end(ap); | |
2155 | ||
2156 | if (r < 0) | |
db3d4222 | 2157 | return varlink_log_errno(v, r, "Failed to build json message: %m"); |
45a6c965 LP |
2158 | |
2159 | return varlink_observe(v, method, parameters); | |
d41bd96f LP |
2160 | } |
2161 | ||
0444391d | 2162 | int varlink_call_full( |
d41bd96f LP |
2163 | Varlink *v, |
2164 | const char *method, | |
2165 | JsonVariant *parameters, | |
2166 | JsonVariant **ret_parameters, | |
2167 | const char **ret_error_id, | |
2168 | VarlinkReplyFlags *ret_flags) { | |
2169 | ||
2170 | _cleanup_(json_variant_unrefp) JsonVariant *m = NULL; | |
2171 | int r; | |
2172 | ||
2173 | assert_return(v, -EINVAL); | |
2174 | assert_return(method, -EINVAL); | |
2175 | ||
2176 | if (v->state == VARLINK_DISCONNECTED) | |
db3d4222 | 2177 | return varlink_log_errno(v, SYNTHETIC_ERRNO(ENOTCONN), "Not connected."); |
4f06325c | 2178 | if (v->state != VARLINK_IDLE_CLIENT) |
db3d4222 | 2179 | return varlink_log_errno(v, SYNTHETIC_ERRNO(EBUSY), "Connection busy."); |
d41bd96f LP |
2180 | |
2181 | assert(v->n_pending == 0); /* n_pending can't be > 0 if we are in VARLINK_IDLE_CLIENT state */ | |
2182 | ||
d37cdac6 LP |
2183 | /* If there was still a reply pinned from a previous call, now it's the time to get rid of it, so |
2184 | * that we can assign a new reply shortly. */ | |
790446bd | 2185 | varlink_clear_current(v); |
85316317 | 2186 | |
d41bd96f LP |
2187 | r = varlink_sanitize_parameters(¶meters); |
2188 | if (r < 0) | |
db3d4222 | 2189 | return varlink_log_errno(v, r, "Failed to sanitize parameters: %m"); |
d41bd96f LP |
2190 | |
2191 | r = json_build(&m, JSON_BUILD_OBJECT( | |
2192 | JSON_BUILD_PAIR("method", JSON_BUILD_STRING(method)), | |
2193 | JSON_BUILD_PAIR("parameters", JSON_BUILD_VARIANT(parameters)))); | |
2194 | if (r < 0) | |
db3d4222 | 2195 | return varlink_log_errno(v, r, "Failed to build json message: %m"); |
d41bd96f LP |
2196 | |
2197 | r = varlink_enqueue_json(v, m); | |
2198 | if (r < 0) | |
db3d4222 | 2199 | return varlink_log_errno(v, r, "Failed to enqueue json message: %m"); |
d41bd96f LP |
2200 | |
2201 | varlink_set_state(v, VARLINK_CALLING); | |
2202 | v->n_pending++; | |
2203 | v->timestamp = now(CLOCK_MONOTONIC); | |
2204 | ||
2205 | while (v->state == VARLINK_CALLING) { | |
d41bd96f LP |
2206 | r = varlink_process(v); |
2207 | if (r < 0) | |
2208 | return r; | |
2209 | if (r > 0) | |
2210 | continue; | |
2211 | ||
2212 | r = varlink_wait(v, USEC_INFINITY); | |
2213 | if (r < 0) | |
2214 | return r; | |
2215 | } | |
2216 | ||
2217 | switch (v->state) { | |
2218 | ||
19ea126e | 2219 | case VARLINK_CALLED: { |
d41bd96f LP |
2220 | assert(v->current); |
2221 | ||
d41bd96f LP |
2222 | varlink_set_state(v, VARLINK_IDLE_CLIENT); |
2223 | assert(v->n_pending == 1); | |
2224 | v->n_pending--; | |
2225 | ||
19ea126e LP |
2226 | JsonVariant *e = json_variant_by_key(v->current, "error"), |
2227 | *p = json_variant_by_key(v->current, "parameters"); | |
2228 | ||
2229 | /* If caller doesn't ask for the error string, then let's return an error code in case of failure */ | |
2230 | if (!ret_error_id && e) | |
2231 | return varlink_error_to_errno(json_variant_string(e), p); | |
2232 | ||
d41bd96f | 2233 | if (ret_parameters) |
19ea126e | 2234 | *ret_parameters = p; |
d41bd96f | 2235 | if (ret_error_id) |
19ea126e | 2236 | *ret_error_id = e ? json_variant_string(e) : NULL; |
d41bd96f | 2237 | if (ret_flags) |
72226a2f | 2238 | *ret_flags = v->current_reply_flags; |
d41bd96f LP |
2239 | |
2240 | return 1; | |
19ea126e | 2241 | } |
d41bd96f LP |
2242 | |
2243 | case VARLINK_PENDING_DISCONNECT: | |
2244 | case VARLINK_DISCONNECTED: | |
db3d4222 | 2245 | return varlink_log_errno(v, SYNTHETIC_ERRNO(ECONNRESET), "Connection was closed."); |
d41bd96f LP |
2246 | |
2247 | case VARLINK_PENDING_TIMEOUT: | |
db3d4222 | 2248 | return varlink_log_errno(v, SYNTHETIC_ERRNO(ETIME), "Connection timed out."); |
d41bd96f LP |
2249 | |
2250 | default: | |
04499a70 | 2251 | assert_not_reached(); |
d41bd96f LP |
2252 | } |
2253 | } | |
2254 | ||
0444391d | 2255 | int varlink_callb_ap( |
d41bd96f LP |
2256 | Varlink *v, |
2257 | const char *method, | |
2258 | JsonVariant **ret_parameters, | |
2259 | const char **ret_error_id, | |
0444391d LP |
2260 | VarlinkReplyFlags *ret_flags, |
2261 | va_list ap) { | |
d41bd96f LP |
2262 | |
2263 | _cleanup_(json_variant_unrefp) JsonVariant *parameters = NULL; | |
d41bd96f LP |
2264 | int r; |
2265 | ||
2266 | assert_return(v, -EINVAL); | |
71d0ecc5 | 2267 | assert_return(method, -EINVAL); |
d41bd96f | 2268 | |
d41bd96f | 2269 | r = json_buildv(¶meters, ap); |
d41bd96f | 2270 | if (r < 0) |
db3d4222 | 2271 | return varlink_log_errno(v, r, "Failed to build json message: %m"); |
d41bd96f | 2272 | |
0444391d | 2273 | return varlink_call_full(v, method, parameters, ret_parameters, ret_error_id, ret_flags); |
d41bd96f LP |
2274 | } |
2275 | ||
71d0ecc5 LP |
2276 | int varlink_call_and_log( |
2277 | Varlink *v, | |
2278 | const char *method, | |
2279 | JsonVariant *parameters, | |
2280 | JsonVariant **ret_parameters) { | |
2281 | ||
2282 | JsonVariant *reply = NULL; | |
2283 | const char *error_id = NULL; | |
2284 | int r; | |
2285 | ||
2286 | assert_return(v, -EINVAL); | |
2287 | assert_return(method, -EINVAL); | |
2288 | ||
2289 | r = varlink_call(v, method, parameters, &reply, &error_id); | |
2290 | if (r < 0) | |
2291 | return log_error_errno(r, "Failed to issue %s() varlink call: %m", method); | |
2292 | if (error_id) | |
2293 | return log_error_errno(varlink_error_to_errno(error_id, reply), | |
2294 | "Failed to issue %s() varlink call: %s", method, error_id); | |
2295 | ||
2296 | if (ret_parameters) | |
2297 | *ret_parameters = TAKE_PTR(reply); | |
2298 | ||
2299 | return 0; | |
2300 | } | |
2301 | ||
2302 | int varlink_callb_and_log( | |
2303 | Varlink *v, | |
2304 | const char *method, | |
2305 | JsonVariant **ret_parameters, | |
2306 | ...) { | |
2307 | ||
2308 | _cleanup_(json_variant_unrefp) JsonVariant *parameters = NULL; | |
2309 | va_list ap; | |
2310 | int r; | |
2311 | ||
2312 | assert_return(v, -EINVAL); | |
2313 | assert_return(method, -EINVAL); | |
2314 | ||
2315 | va_start(ap, ret_parameters); | |
2316 | r = json_buildv(¶meters, ap); | |
2317 | va_end(ap); | |
2318 | if (r < 0) | |
2319 | return log_error_errno(r, "Failed to build JSON message: %m"); | |
2320 | ||
2321 | return varlink_call_and_log(v, method, parameters, ret_parameters); | |
2322 | } | |
2323 | ||
1bd0b9c0 AS |
2324 | static void varlink_collect_context_free(VarlinkCollectContext *cc) { |
2325 | assert(cc); | |
2326 | ||
2327 | json_variant_unref(cc->parameters); | |
2328 | free((char *)cc->error_id); | |
2329 | } | |
2330 | ||
2331 | static int collect_callback( | |
2332 | Varlink *v, | |
2333 | JsonVariant *parameters, | |
2334 | const char *error_id, | |
2335 | VarlinkReplyFlags flags, | |
2336 | void *userdata) { | |
2337 | ||
2338 | VarlinkCollectContext *context = ASSERT_PTR(userdata); | |
2339 | int r; | |
2340 | ||
2341 | assert(v); | |
2342 | ||
2343 | context->flags = flags; | |
2344 | /* If we hit an error, we will drop all collected replies and just return the error_id and flags in varlink_collect() */ | |
2345 | if (error_id) { | |
2346 | context->error_id = error_id; | |
c171b67a LP |
2347 | |
2348 | json_variant_unref(context->parameters); | |
2349 | context->parameters = json_variant_ref(parameters); | |
2350 | ||
1bd0b9c0 AS |
2351 | return 0; |
2352 | } | |
2353 | ||
0430a11e LP |
2354 | if (json_variant_elements(context->parameters) >= VARLINK_COLLECT_MAX) |
2355 | return varlink_log_errno(v, SYNTHETIC_ERRNO(E2BIG), "Number of reply messages grew too large (%zu) while collecting.", json_variant_elements(context->parameters)); | |
2356 | ||
1bd0b9c0 AS |
2357 | r = json_variant_append_array(&context->parameters, parameters); |
2358 | if (r < 0) | |
2359 | return varlink_log_errno(v, r, "Failed to append JSON object to array: %m"); | |
2360 | ||
2361 | return 1; | |
2362 | } | |
2363 | ||
2364 | int varlink_collect( | |
2365 | Varlink *v, | |
2366 | const char *method, | |
2367 | JsonVariant *parameters, | |
2368 | JsonVariant **ret_parameters, | |
2369 | const char **ret_error_id, | |
2370 | VarlinkReplyFlags *ret_flags) { | |
2371 | ||
2372 | _cleanup_(varlink_collect_context_free) VarlinkCollectContext context = {}; | |
2373 | int r; | |
2374 | ||
2375 | assert_return(v, -EINVAL); | |
2376 | assert_return(method, -EINVAL); | |
2377 | ||
2378 | if (v->state == VARLINK_DISCONNECTED) | |
2379 | return varlink_log_errno(v, SYNTHETIC_ERRNO(ENOTCONN), "Not connected."); | |
2380 | if (v->state != VARLINK_IDLE_CLIENT) | |
2381 | return varlink_log_errno(v, SYNTHETIC_ERRNO(EBUSY), "Connection busy."); | |
2382 | ||
2383 | assert(v->n_pending == 0); /* n_pending can't be > 0 if we are in VARLINK_IDLE_CLIENT state */ | |
2384 | ||
2385 | /* If there was still a reply pinned from a previous call, now it's the time to get rid of it, so | |
2386 | * that we can assign a new reply shortly. */ | |
2387 | varlink_clear_current(v); | |
2388 | ||
2389 | r = varlink_bind_reply(v, collect_callback); | |
2390 | if (r < 0) | |
2391 | return varlink_log_errno(v, r, "Failed to bind collect callback"); | |
2392 | ||
2393 | varlink_set_userdata(v, &context); | |
2394 | r = varlink_observe(v, method, parameters); | |
2395 | if (r < 0) | |
2396 | return varlink_log_errno(v, r, "Failed to collect varlink method: %m"); | |
2397 | ||
2398 | while (v->state == VARLINK_AWAITING_REPLY_MORE) { | |
2399 | ||
2400 | r = varlink_process(v); | |
2401 | if (r < 0) | |
2402 | return r; | |
2403 | ||
2404 | /* If we get an error from any of the replies, return immediately with just the error_id and flags*/ | |
2405 | if (context.error_id) { | |
19ea126e LP |
2406 | |
2407 | /* If caller doesn't ask for the error string, then let's return an error code in case of failure */ | |
2408 | if (!ret_error_id) | |
2409 | return varlink_error_to_errno(context.error_id, context.parameters); | |
2410 | ||
c171b67a LP |
2411 | if (ret_parameters) |
2412 | *ret_parameters = TAKE_PTR(context.parameters); | |
1bd0b9c0 AS |
2413 | if (ret_error_id) |
2414 | *ret_error_id = TAKE_PTR(context.error_id); | |
2415 | if (ret_flags) | |
2416 | *ret_flags = context.flags; | |
2417 | return 0; | |
2418 | } | |
2419 | ||
2420 | if (r > 0) | |
2421 | continue; | |
2422 | ||
2423 | r = varlink_wait(v, USEC_INFINITY); | |
2424 | if (r < 0) | |
2425 | return r; | |
2426 | } | |
2427 | ||
2428 | switch (v->state) { | |
2429 | ||
2430 | case VARLINK_IDLE_CLIENT: | |
2431 | break; | |
2432 | ||
2433 | case VARLINK_PENDING_DISCONNECT: | |
2434 | case VARLINK_DISCONNECTED: | |
2435 | return varlink_log_errno(v, SYNTHETIC_ERRNO(ECONNRESET), "Connection was closed."); | |
2436 | ||
2437 | case VARLINK_PENDING_TIMEOUT: | |
2438 | return varlink_log_errno(v, SYNTHETIC_ERRNO(ETIME), "Connection timed out."); | |
2439 | ||
2440 | default: | |
2441 | assert_not_reached(); | |
2442 | } | |
2443 | ||
19ea126e LP |
2444 | if (!ret_error_id && context.error_id) |
2445 | return varlink_error_to_errno(context.error_id, context.parameters); | |
2446 | ||
1bd0b9c0 AS |
2447 | if (ret_parameters) |
2448 | *ret_parameters = TAKE_PTR(context.parameters); | |
2449 | if (ret_error_id) | |
2450 | *ret_error_id = TAKE_PTR(context.error_id); | |
2451 | if (ret_flags) | |
2452 | *ret_flags = context.flags; | |
2453 | return 1; | |
2454 | } | |
2455 | ||
2456 | int varlink_collectb( | |
2457 | Varlink *v, | |
2458 | const char *method, | |
2459 | JsonVariant **ret_parameters, | |
2460 | const char **ret_error_id, | |
2461 | VarlinkReplyFlags *ret_flags, ...) { | |
2462 | ||
2463 | _cleanup_(json_variant_unrefp) JsonVariant *parameters = NULL; | |
2464 | va_list ap; | |
2465 | int r; | |
2466 | ||
2467 | assert_return(v, -EINVAL); | |
2468 | ||
2469 | va_start(ap, ret_flags); | |
2470 | r = json_buildv(¶meters, ap); | |
2471 | va_end(ap); | |
2472 | ||
2473 | if (r < 0) | |
2474 | return varlink_log_errno(v, r, "Failed to build json message: %m"); | |
2475 | ||
2476 | return varlink_collect(v, method, parameters, ret_parameters, ret_error_id, ret_flags); | |
2477 | } | |
2478 | ||
d41bd96f LP |
2479 | int varlink_reply(Varlink *v, JsonVariant *parameters) { |
2480 | _cleanup_(json_variant_unrefp) JsonVariant *m = NULL; | |
2481 | int r; | |
2482 | ||
2483 | assert_return(v, -EINVAL); | |
2484 | ||
2485 | if (v->state == VARLINK_DISCONNECTED) | |
2486 | return -ENOTCONN; | |
2487 | if (!IN_SET(v->state, | |
2488 | VARLINK_PROCESSING_METHOD, VARLINK_PROCESSING_METHOD_MORE, | |
2489 | VARLINK_PENDING_METHOD, VARLINK_PENDING_METHOD_MORE)) | |
2490 | return -EBUSY; | |
2491 | ||
2492 | r = varlink_sanitize_parameters(¶meters); | |
2493 | if (r < 0) | |
db3d4222 | 2494 | return varlink_log_errno(v, r, "Failed to sanitize parameters: %m"); |
d41bd96f LP |
2495 | |
2496 | r = json_build(&m, JSON_BUILD_OBJECT(JSON_BUILD_PAIR("parameters", JSON_BUILD_VARIANT(parameters)))); | |
2497 | if (r < 0) | |
db3d4222 | 2498 | return varlink_log_errno(v, r, "Failed to build json message: %m"); |
d41bd96f | 2499 | |
7e006b49 LP |
2500 | if (v->current_method) { |
2501 | const char *bad_field = NULL; | |
2502 | ||
2503 | r = varlink_idl_validate_method_reply(v->current_method, parameters, &bad_field); | |
2504 | if (r < 0) | |
613d9539 YW |
2505 | /* Please adjust test/units/end.sh when updating the log message. */ |
2506 | varlink_log_errno(v, r, "Return parameters for method reply %s() didn't pass validation on field '%s', ignoring: %m", | |
2507 | v->current_method->name, strna(bad_field)); | |
7e006b49 LP |
2508 | } |
2509 | ||
d41bd96f LP |
2510 | r = varlink_enqueue_json(v, m); |
2511 | if (r < 0) | |
db3d4222 | 2512 | return varlink_log_errno(v, r, "Failed to enqueue json message: %m"); |
d41bd96f LP |
2513 | |
2514 | if (IN_SET(v->state, VARLINK_PENDING_METHOD, VARLINK_PENDING_METHOD_MORE)) { | |
2515 | /* We just replied to a method call that was let hanging for a while (i.e. we were outside of | |
2516 | * the varlink_dispatch_method() stack frame), which means with this reply we are ready to | |
2517 | * process further messages. */ | |
790446bd | 2518 | varlink_clear_current(v); |
d41bd96f LP |
2519 | varlink_set_state(v, VARLINK_IDLE_SERVER); |
2520 | } else | |
2521 | /* We replied to a method call from within the varlink_dispatch_method() stack frame), which | |
2522 | * means we should it handle the rest of the state engine. */ | |
2523 | varlink_set_state(v, VARLINK_PROCESSED_METHOD); | |
2524 | ||
2525 | return 1; | |
2526 | } | |
2527 | ||
2528 | int varlink_replyb(Varlink *v, ...) { | |
2529 | _cleanup_(json_variant_unrefp) JsonVariant *parameters = NULL; | |
2530 | va_list ap; | |
2531 | int r; | |
2532 | ||
2533 | assert_return(v, -EINVAL); | |
2534 | ||
2535 | va_start(ap, v); | |
2536 | r = json_buildv(¶meters, ap); | |
2537 | va_end(ap); | |
2538 | ||
2539 | if (r < 0) | |
2540 | return r; | |
2541 | ||
2542 | return varlink_reply(v, parameters); | |
2543 | } | |
2544 | ||
2545 | int varlink_error(Varlink *v, const char *error_id, JsonVariant *parameters) { | |
2546 | _cleanup_(json_variant_unrefp) JsonVariant *m = NULL; | |
2547 | int r; | |
2548 | ||
2549 | assert_return(v, -EINVAL); | |
2550 | assert_return(error_id, -EINVAL); | |
2551 | ||
2552 | if (v->state == VARLINK_DISCONNECTED) | |
db3d4222 | 2553 | return varlink_log_errno(v, SYNTHETIC_ERRNO(ENOTCONN), "Not connected."); |
d41bd96f LP |
2554 | if (!IN_SET(v->state, |
2555 | VARLINK_PROCESSING_METHOD, VARLINK_PROCESSING_METHOD_MORE, | |
2556 | VARLINK_PENDING_METHOD, VARLINK_PENDING_METHOD_MORE)) | |
db3d4222 | 2557 | return varlink_log_errno(v, SYNTHETIC_ERRNO(EBUSY), "Connection busy."); |
d41bd96f | 2558 | |
d37cdac6 LP |
2559 | /* Reset the list of pushed file descriptors before sending an error reply. We do this here to |
2560 | * simplify code that puts together a complex reply message with fds, and half-way something | |
2561 | * fails. In that case the pushed fds need to be flushed out again. Under the assumption that it | |
2562 | * never makes sense to send fds along with errors we simply flush them out here beforehand, so that | |
2563 | * the callers don't need to do this explicitly. */ | |
2564 | varlink_reset_fds(v); | |
2565 | ||
d41bd96f LP |
2566 | r = varlink_sanitize_parameters(¶meters); |
2567 | if (r < 0) | |
db3d4222 | 2568 | return varlink_log_errno(v, r, "Failed to sanitize parameters: %m"); |
d41bd96f LP |
2569 | |
2570 | r = json_build(&m, JSON_BUILD_OBJECT( | |
2571 | JSON_BUILD_PAIR("error", JSON_BUILD_STRING(error_id)), | |
2572 | JSON_BUILD_PAIR("parameters", JSON_BUILD_VARIANT(parameters)))); | |
2573 | if (r < 0) | |
db3d4222 | 2574 | return varlink_log_errno(v, r, "Failed to build json message: %m"); |
d41bd96f | 2575 | |
7e006b49 LP |
2576 | VarlinkSymbol *symbol = hashmap_get(v->server->symbols, error_id); |
2577 | if (!symbol) | |
6bcc1232 | 2578 | varlink_log(v, "No interface description defined for error '%s', not validating.", error_id); |
7e006b49 LP |
2579 | else { |
2580 | const char *bad_field = NULL; | |
2581 | ||
80f6507c | 2582 | r = varlink_idl_validate_error(symbol, parameters, &bad_field); |
7e006b49 | 2583 | if (r < 0) |
613d9539 YW |
2584 | /* Please adjust test/units/end.sh when updating the log message. */ |
2585 | varlink_log_errno(v, r, "Parameters for error %s didn't pass validation on field '%s', ignoring: %m", | |
2586 | error_id, strna(bad_field)); | |
7e006b49 LP |
2587 | } |
2588 | ||
d41bd96f LP |
2589 | r = varlink_enqueue_json(v, m); |
2590 | if (r < 0) | |
db3d4222 | 2591 | return varlink_log_errno(v, r, "Failed to enqueue json message: %m"); |
d41bd96f LP |
2592 | |
2593 | if (IN_SET(v->state, VARLINK_PENDING_METHOD, VARLINK_PENDING_METHOD_MORE)) { | |
790446bd | 2594 | varlink_clear_current(v); |
d41bd96f LP |
2595 | varlink_set_state(v, VARLINK_IDLE_SERVER); |
2596 | } else | |
2597 | varlink_set_state(v, VARLINK_PROCESSED_METHOD); | |
2598 | ||
2599 | return 1; | |
2600 | } | |
2601 | ||
2602 | int varlink_errorb(Varlink *v, const char *error_id, ...) { | |
2603 | _cleanup_(json_variant_unrefp) JsonVariant *parameters = NULL; | |
2604 | va_list ap; | |
2605 | int r; | |
2606 | ||
2607 | assert_return(v, -EINVAL); | |
2608 | assert_return(error_id, -EINVAL); | |
2609 | ||
2610 | va_start(ap, error_id); | |
2611 | r = json_buildv(¶meters, ap); | |
2612 | va_end(ap); | |
2613 | ||
2614 | if (r < 0) | |
db3d4222 | 2615 | return varlink_log_errno(v, r, "Failed to build json message: %m"); |
d41bd96f LP |
2616 | |
2617 | return varlink_error(v, error_id, parameters); | |
2618 | } | |
2619 | ||
2620 | int varlink_error_invalid_parameter(Varlink *v, JsonVariant *parameters) { | |
e8aba093 | 2621 | int r; |
d41bd96f LP |
2622 | |
2623 | assert_return(v, -EINVAL); | |
2624 | assert_return(parameters, -EINVAL); | |
2625 | ||
2626 | /* We expect to be called in one of two ways: the 'parameters' argument is a string variant in which | |
2627 | * case it is the parameter key name that is invalid. Or the 'parameters' argument is an object | |
2628 | * variant in which case we'll pull out the first key. The latter mode is useful in functions that | |
2629 | * don't expect any arguments. */ | |
2630 | ||
e8aba093 VCS |
2631 | /* varlink_error(...) expects a json object as the third parameter. Passing a string variant causes |
2632 | * parameter sanitization to fail, and it returns -EINVAL. */ | |
2633 | ||
2634 | if (json_variant_is_string(parameters)) { | |
2635 | _cleanup_(json_variant_unrefp) JsonVariant *parameters_obj = NULL; | |
2636 | ||
2637 | r = json_build(¶meters_obj, | |
2638 | JSON_BUILD_OBJECT( | |
2639 | JSON_BUILD_PAIR("parameter", JSON_BUILD_VARIANT(parameters)))); | |
2640 | if (r < 0) | |
2641 | return r; | |
2642 | ||
2643 | return varlink_error(v, VARLINK_ERROR_INVALID_PARAMETER, parameters_obj); | |
2644 | } | |
d41bd96f LP |
2645 | |
2646 | if (json_variant_is_object(parameters) && | |
e8aba093 VCS |
2647 | json_variant_elements(parameters) > 0) { |
2648 | _cleanup_(json_variant_unrefp) JsonVariant *parameters_obj = NULL; | |
2649 | ||
2650 | r = json_build(¶meters_obj, | |
2651 | JSON_BUILD_OBJECT( | |
2652 | JSON_BUILD_PAIR("parameter", JSON_BUILD_VARIANT(json_variant_by_index(parameters, 0))))); | |
2653 | if (r < 0) | |
2654 | return r; | |
2655 | ||
2656 | return varlink_error(v, VARLINK_ERROR_INVALID_PARAMETER, parameters_obj); | |
2657 | } | |
d41bd96f LP |
2658 | |
2659 | return -EINVAL; | |
2660 | } | |
2661 | ||
afc50293 LP |
2662 | int varlink_error_invalid_parameter_name(Varlink *v, const char *name) { |
2663 | return varlink_errorb( | |
2664 | v, | |
2665 | VARLINK_ERROR_INVALID_PARAMETER, | |
2666 | JSON_BUILD_OBJECT(JSON_BUILD_PAIR("parameter", JSON_BUILD_STRING(name)))); | |
2667 | } | |
2668 | ||
7466e94f LP |
2669 | int varlink_error_errno(Varlink *v, int error) { |
2670 | return varlink_errorb( | |
2671 | v, | |
2672 | VARLINK_ERROR_SYSTEM, | |
2673 | JSON_BUILD_OBJECT(JSON_BUILD_PAIR("errno", JSON_BUILD_INTEGER(abs(error))))); | |
2674 | } | |
2675 | ||
d41bd96f LP |
2676 | int varlink_notify(Varlink *v, JsonVariant *parameters) { |
2677 | _cleanup_(json_variant_unrefp) JsonVariant *m = NULL; | |
2678 | int r; | |
2679 | ||
2680 | assert_return(v, -EINVAL); | |
2681 | ||
2682 | if (v->state == VARLINK_DISCONNECTED) | |
db3d4222 | 2683 | return varlink_log_errno(v, SYNTHETIC_ERRNO(ENOTCONN), "Not connected."); |
47c9bbb1 LP |
2684 | |
2685 | /* If we want to reply with a notify connection but the caller didn't set "more", then return an | |
2686 | * error indicating that we expected to be called with "more" set */ | |
2687 | if (IN_SET(v->state, VARLINK_PROCESSING_METHOD, VARLINK_PENDING_METHOD)) | |
2688 | return varlink_error(v, VARLINK_ERROR_EXPECTED_MORE, NULL); | |
2689 | ||
d41bd96f | 2690 | if (!IN_SET(v->state, VARLINK_PROCESSING_METHOD_MORE, VARLINK_PENDING_METHOD_MORE)) |
db3d4222 | 2691 | return varlink_log_errno(v, SYNTHETIC_ERRNO(EBUSY), "Connection busy."); |
d41bd96f LP |
2692 | |
2693 | r = varlink_sanitize_parameters(¶meters); | |
2694 | if (r < 0) | |
db3d4222 | 2695 | return varlink_log_errno(v, r, "Failed to sanitize parameters: %m"); |
d41bd96f LP |
2696 | |
2697 | r = json_build(&m, JSON_BUILD_OBJECT( | |
2698 | JSON_BUILD_PAIR("parameters", JSON_BUILD_VARIANT(parameters)), | |
2699 | JSON_BUILD_PAIR("continues", JSON_BUILD_BOOLEAN(true)))); | |
2700 | if (r < 0) | |
db3d4222 | 2701 | return varlink_log_errno(v, r, "Failed to build json message: %m"); |
d41bd96f | 2702 | |
7e006b49 LP |
2703 | if (v->current_method) { |
2704 | const char *bad_field = NULL; | |
2705 | ||
2706 | r = varlink_idl_validate_method_reply(v->current_method, parameters, &bad_field); | |
2707 | if (r < 0) | |
613d9539 YW |
2708 | /* Please adjust test/units/end.sh when updating the log message. */ |
2709 | varlink_log_errno(v, r, "Return parameters for method reply %s() didn't pass validation on field '%s', ignoring: %m", | |
2710 | v->current_method->name, strna(bad_field)); | |
7e006b49 LP |
2711 | } |
2712 | ||
d41bd96f LP |
2713 | r = varlink_enqueue_json(v, m); |
2714 | if (r < 0) | |
db3d4222 | 2715 | return varlink_log_errno(v, r, "Failed to enqueue json message: %m"); |
d41bd96f LP |
2716 | |
2717 | /* No state change, as more is coming */ | |
2718 | return 1; | |
2719 | } | |
2720 | ||
2721 | int varlink_notifyb(Varlink *v, ...) { | |
2722 | _cleanup_(json_variant_unrefp) JsonVariant *parameters = NULL; | |
2723 | va_list ap; | |
2724 | int r; | |
2725 | ||
2726 | assert_return(v, -EINVAL); | |
2727 | ||
2728 | va_start(ap, v); | |
2729 | r = json_buildv(¶meters, ap); | |
2730 | va_end(ap); | |
2731 | ||
2732 | if (r < 0) | |
db3d4222 | 2733 | return varlink_log_errno(v, r, "Failed to build json message: %m"); |
d41bd96f LP |
2734 | |
2735 | return varlink_notify(v, parameters); | |
2736 | } | |
2737 | ||
f1b622a0 LP |
2738 | int varlink_dispatch(Varlink *v, JsonVariant *parameters, const JsonDispatch table[], void *userdata) { |
2739 | const char *bad_field = NULL; | |
2740 | int r; | |
2741 | ||
2742 | assert_return(v, -EINVAL); | |
2743 | assert_return(table, -EINVAL); | |
2744 | ||
2745 | /* A wrapper around json_dispatch_full() that returns a nice InvalidParameter error if we hit a problem with some field. */ | |
2746 | ||
2747 | r = json_dispatch_full(parameters, table, /* bad= */ NULL, /* flags= */ 0, userdata, &bad_field); | |
2748 | if (r < 0) { | |
2749 | if (bad_field) | |
afc50293 | 2750 | return varlink_error_invalid_parameter_name(v, bad_field); |
f1b622a0 LP |
2751 | return r; |
2752 | } | |
2753 | ||
2754 | return 0; | |
2755 | } | |
2756 | ||
d41bd96f LP |
2757 | int varlink_bind_reply(Varlink *v, VarlinkReply callback) { |
2758 | assert_return(v, -EINVAL); | |
2759 | ||
2760 | if (callback && v->reply_callback && callback != v->reply_callback) | |
db3d4222 | 2761 | return varlink_log_errno(v, SYNTHETIC_ERRNO(EBUSY), "A different callback was already set."); |
d41bd96f LP |
2762 | |
2763 | v->reply_callback = callback; | |
2764 | ||
2765 | return 0; | |
2766 | } | |
2767 | ||
2768 | void* varlink_set_userdata(Varlink *v, void *userdata) { | |
2769 | void *old; | |
2770 | ||
2771 | assert_return(v, NULL); | |
2772 | ||
2773 | old = v->userdata; | |
2774 | v->userdata = userdata; | |
2775 | ||
2776 | return old; | |
2777 | } | |
2778 | ||
2779 | void* varlink_get_userdata(Varlink *v) { | |
2780 | assert_return(v, NULL); | |
2781 | ||
2782 | return v->userdata; | |
2783 | } | |
2784 | ||
2785 | static int varlink_acquire_ucred(Varlink *v) { | |
2786 | int r; | |
2787 | ||
2788 | assert(v); | |
2789 | ||
2790 | if (v->ucred_acquired) | |
2791 | return 0; | |
2792 | ||
2793 | r = getpeercred(v->fd, &v->ucred); | |
2794 | if (r < 0) | |
2795 | return r; | |
2796 | ||
2797 | v->ucred_acquired = true; | |
2798 | return 0; | |
2799 | } | |
2800 | ||
2801 | int varlink_get_peer_uid(Varlink *v, uid_t *ret) { | |
2802 | int r; | |
2803 | ||
2804 | assert_return(v, -EINVAL); | |
2805 | assert_return(ret, -EINVAL); | |
2806 | ||
2807 | r = varlink_acquire_ucred(v); | |
2808 | if (r < 0) | |
db3d4222 | 2809 | return varlink_log_errno(v, r, "Failed to acquire credentials: %m"); |
d41bd96f LP |
2810 | |
2811 | if (!uid_is_valid(v->ucred.uid)) | |
db3d4222 | 2812 | return varlink_log_errno(v, SYNTHETIC_ERRNO(ENODATA), "Peer uid is invalid."); |
d41bd96f LP |
2813 | |
2814 | *ret = v->ucred.uid; | |
2815 | return 0; | |
2816 | } | |
2817 | ||
2818 | int varlink_get_peer_pid(Varlink *v, pid_t *ret) { | |
2819 | int r; | |
2820 | ||
2821 | assert_return(v, -EINVAL); | |
2822 | assert_return(ret, -EINVAL); | |
2823 | ||
2824 | r = varlink_acquire_ucred(v); | |
2825 | if (r < 0) | |
db3d4222 | 2826 | return varlink_log_errno(v, r, "Failed to acquire credentials: %m"); |
d41bd96f LP |
2827 | |
2828 | if (!pid_is_valid(v->ucred.pid)) | |
db3d4222 | 2829 | return varlink_log_errno(v, SYNTHETIC_ERRNO(ENODATA), "Peer uid is invalid."); |
d41bd96f LP |
2830 | |
2831 | *ret = v->ucred.pid; | |
2832 | return 0; | |
2833 | } | |
2834 | ||
0eccf725 LP |
2835 | static int varlink_acquire_pidfd(Varlink *v) { |
2836 | assert(v); | |
2837 | ||
2838 | if (v->peer_pidfd >= 0) | |
2839 | return 0; | |
2840 | ||
2841 | v->peer_pidfd = getpeerpidfd(v->fd); | |
2842 | if (v->peer_pidfd < 0) | |
2843 | return v->peer_pidfd; | |
2844 | ||
2845 | return 0; | |
2846 | } | |
2847 | ||
2848 | int varlink_get_peer_pidref(Varlink *v, PidRef *ret) { | |
2849 | int r; | |
2850 | ||
2851 | assert_return(v, -EINVAL); | |
2852 | assert_return(ret, -EINVAL); | |
2853 | ||
2854 | /* Returns r > 0 if we acquired the pidref via SO_PEERPIDFD (i.e. if we can use it for | |
2855 | * authentication). Returns == 0 if we didn't, and the pidref should not be used for | |
2856 | * authentication. */ | |
2857 | ||
2858 | r = varlink_acquire_pidfd(v); | |
2859 | if (r < 0) | |
2860 | return r; | |
2861 | ||
2862 | if (v->peer_pidfd < 0) { | |
2863 | pid_t pid; | |
2864 | ||
2865 | r = varlink_get_peer_pid(v, &pid); | |
2866 | if (r < 0) | |
2867 | return r; | |
2868 | ||
2869 | r = pidref_set_pid(ret, pid); | |
2870 | if (r < 0) | |
2871 | return r; | |
2872 | ||
2873 | return 0; /* didn't get pidfd securely */ | |
2874 | } | |
2875 | ||
2876 | r = pidref_set_pidfd(ret, v->peer_pidfd); | |
2877 | if (r < 0) | |
2878 | return r; | |
2879 | ||
2880 | return 1; /* got pidfd securely */ | |
2881 | } | |
2882 | ||
d41bd96f LP |
2883 | int varlink_set_relative_timeout(Varlink *v, usec_t timeout) { |
2884 | assert_return(v, -EINVAL); | |
2885 | assert_return(timeout > 0, -EINVAL); | |
2886 | ||
2887 | v->timeout = timeout; | |
2888 | return 0; | |
2889 | } | |
2890 | ||
2891 | VarlinkServer *varlink_get_server(Varlink *v) { | |
2892 | assert_return(v, NULL); | |
2893 | ||
2894 | return v->server; | |
2895 | } | |
2896 | ||
2897 | int varlink_set_description(Varlink *v, const char *description) { | |
2898 | assert_return(v, -EINVAL); | |
2899 | ||
2900 | return free_and_strdup(&v->description, description); | |
2901 | } | |
2902 | ||
2903 | static int io_callback(sd_event_source *s, int fd, uint32_t revents, void *userdata) { | |
99534007 | 2904 | Varlink *v = ASSERT_PTR(userdata); |
d41bd96f LP |
2905 | |
2906 | assert(s); | |
d41bd96f LP |
2907 | |
2908 | handle_revents(v, revents); | |
2909 | (void) varlink_process(v); | |
2910 | ||
2911 | return 1; | |
2912 | } | |
2913 | ||
2914 | static int time_callback(sd_event_source *s, uint64_t usec, void *userdata) { | |
99534007 | 2915 | Varlink *v = ASSERT_PTR(userdata); |
d41bd96f LP |
2916 | |
2917 | assert(s); | |
d41bd96f LP |
2918 | |
2919 | (void) varlink_process(v); | |
2920 | return 1; | |
2921 | } | |
2922 | ||
2923 | static int defer_callback(sd_event_source *s, void *userdata) { | |
99534007 | 2924 | Varlink *v = ASSERT_PTR(userdata); |
d41bd96f LP |
2925 | |
2926 | assert(s); | |
d41bd96f LP |
2927 | |
2928 | (void) varlink_process(v); | |
2929 | return 1; | |
2930 | } | |
2931 | ||
2932 | static int prepare_callback(sd_event_source *s, void *userdata) { | |
99534007 | 2933 | Varlink *v = ASSERT_PTR(userdata); |
d41bd96f LP |
2934 | int r, e; |
2935 | usec_t until; | |
f1194f5d | 2936 | bool have_timeout; |
d41bd96f LP |
2937 | |
2938 | assert(s); | |
d41bd96f LP |
2939 | |
2940 | e = varlink_get_events(v); | |
2941 | if (e < 0) | |
2942 | return e; | |
2943 | ||
2944 | r = sd_event_source_set_io_events(v->io_event_source, e); | |
2945 | if (r < 0) | |
db3d4222 | 2946 | return varlink_log_errno(v, r, "Failed to set source events: %m"); |
d41bd96f LP |
2947 | |
2948 | r = varlink_get_timeout(v, &until); | |
2949 | if (r < 0) | |
2950 | return r; | |
f1194f5d LP |
2951 | have_timeout = r > 0; |
2952 | ||
2953 | if (have_timeout) { | |
d41bd96f LP |
2954 | r = sd_event_source_set_time(v->time_event_source, until); |
2955 | if (r < 0) | |
db3d4222 | 2956 | return varlink_log_errno(v, r, "Failed to set source time: %m"); |
d41bd96f LP |
2957 | } |
2958 | ||
f1194f5d | 2959 | r = sd_event_source_set_enabled(v->time_event_source, have_timeout ? SD_EVENT_ON : SD_EVENT_OFF); |
d41bd96f | 2960 | if (r < 0) |
db3d4222 | 2961 | return varlink_log_errno(v, r, "Failed to enable event source: %m"); |
d41bd96f LP |
2962 | |
2963 | return 1; | |
2964 | } | |
2965 | ||
2966 | static int quit_callback(sd_event_source *event, void *userdata) { | |
99534007 | 2967 | Varlink *v = ASSERT_PTR(userdata); |
d41bd96f LP |
2968 | |
2969 | assert(event); | |
d41bd96f LP |
2970 | |
2971 | varlink_flush(v); | |
2972 | varlink_close(v); | |
2973 | ||
2974 | return 1; | |
2975 | } | |
2976 | ||
2977 | int varlink_attach_event(Varlink *v, sd_event *e, int64_t priority) { | |
2978 | int r; | |
2979 | ||
2980 | assert_return(v, -EINVAL); | |
2981 | assert_return(!v->event, -EBUSY); | |
2982 | ||
2983 | if (e) | |
2984 | v->event = sd_event_ref(e); | |
2985 | else { | |
2986 | r = sd_event_default(&v->event); | |
2987 | if (r < 0) | |
db3d4222 | 2988 | return varlink_log_errno(v, r, "Failed to create event source: %m"); |
d41bd96f LP |
2989 | } |
2990 | ||
2991 | r = sd_event_add_time(v->event, &v->time_event_source, CLOCK_MONOTONIC, 0, 0, time_callback, v); | |
2992 | if (r < 0) | |
2993 | goto fail; | |
2994 | ||
2995 | r = sd_event_source_set_priority(v->time_event_source, priority); | |
2996 | if (r < 0) | |
2997 | goto fail; | |
2998 | ||
2999 | (void) sd_event_source_set_description(v->time_event_source, "varlink-time"); | |
3000 | ||
3001 | r = sd_event_add_exit(v->event, &v->quit_event_source, quit_callback, v); | |
3002 | if (r < 0) | |
3003 | goto fail; | |
3004 | ||
3005 | r = sd_event_source_set_priority(v->quit_event_source, priority); | |
3006 | if (r < 0) | |
3007 | goto fail; | |
3008 | ||
3009 | (void) sd_event_source_set_description(v->quit_event_source, "varlink-quit"); | |
3010 | ||
3011 | r = sd_event_add_io(v->event, &v->io_event_source, v->fd, 0, io_callback, v); | |
3012 | if (r < 0) | |
3013 | goto fail; | |
3014 | ||
3015 | r = sd_event_source_set_prepare(v->io_event_source, prepare_callback); | |
3016 | if (r < 0) | |
3017 | goto fail; | |
3018 | ||
3019 | r = sd_event_source_set_priority(v->io_event_source, priority); | |
3020 | if (r < 0) | |
3021 | goto fail; | |
3022 | ||
3023 | (void) sd_event_source_set_description(v->io_event_source, "varlink-io"); | |
3024 | ||
3025 | r = sd_event_add_defer(v->event, &v->defer_event_source, defer_callback, v); | |
3026 | if (r < 0) | |
3027 | goto fail; | |
3028 | ||
3029 | r = sd_event_source_set_priority(v->defer_event_source, priority); | |
3030 | if (r < 0) | |
3031 | goto fail; | |
3032 | ||
3033 | (void) sd_event_source_set_description(v->defer_event_source, "varlink-defer"); | |
3034 | ||
3035 | return 0; | |
3036 | ||
3037 | fail: | |
db3d4222 | 3038 | varlink_log_errno(v, r, "Failed to setup event source: %m"); |
d41bd96f LP |
3039 | varlink_detach_event(v); |
3040 | return r; | |
3041 | } | |
3042 | ||
d41bd96f LP |
3043 | void varlink_detach_event(Varlink *v) { |
3044 | if (!v) | |
3045 | return; | |
3046 | ||
3047 | varlink_detach_event_sources(v); | |
3048 | ||
3049 | v->event = sd_event_unref(v->event); | |
3050 | } | |
3051 | ||
3052 | sd_event *varlink_get_event(Varlink *v) { | |
3053 | assert_return(v, NULL); | |
3054 | ||
3055 | return v->event; | |
3056 | } | |
3057 | ||
d37cdac6 LP |
3058 | int varlink_push_fd(Varlink *v, int fd) { |
3059 | int i; | |
3060 | ||
3061 | assert_return(v, -EINVAL); | |
3062 | assert_return(fd >= 0, -EBADF); | |
3063 | ||
3064 | /* Takes an fd to send along with the *next* varlink message sent via this varlink connection. This | |
3065 | * takes ownership of the specified fd. Use varlink_dup_fd() below to duplicate the fd first. */ | |
3066 | ||
3067 | if (!v->allow_fd_passing_output) | |
3068 | return -EPERM; | |
3069 | ||
3070 | if (v->n_pushed_fds >= INT_MAX) | |
3071 | return -ENOMEM; | |
3072 | ||
3073 | if (!GREEDY_REALLOC(v->pushed_fds, v->n_pushed_fds + 1)) | |
3074 | return -ENOMEM; | |
3075 | ||
3076 | i = (int) v->n_pushed_fds; | |
3077 | v->pushed_fds[v->n_pushed_fds++] = fd; | |
3078 | return i; | |
3079 | } | |
3080 | ||
3081 | int varlink_dup_fd(Varlink *v, int fd) { | |
3082 | _cleanup_close_ int dp = -1; | |
3083 | int r; | |
3084 | ||
3085 | assert_return(v, -EINVAL); | |
3086 | assert_return(fd >= 0, -EBADF); | |
3087 | ||
3088 | /* Like varlink_push_fd() but duplicates the specified fd instead of taking possession of it */ | |
3089 | ||
3090 | dp = fcntl(fd, F_DUPFD_CLOEXEC, 3); | |
3091 | if (dp < 0) | |
3092 | return -errno; | |
3093 | ||
3094 | r = varlink_push_fd(v, dp); | |
3095 | if (r < 0) | |
3096 | return r; | |
3097 | ||
3098 | TAKE_FD(dp); | |
3099 | return r; | |
3100 | } | |
3101 | ||
3102 | int varlink_reset_fds(Varlink *v) { | |
3103 | assert_return(v, -EINVAL); | |
3104 | ||
3105 | /* Closes all currently pending fds to send. This may be used whenever the caller is in the process | |
3106 | * of putting together a message with fds, and then eventually something fails and they need to | |
3107 | * rollback the fds. Note that this is implicitly called whenever an error reply is sent, see above. */ | |
3108 | ||
3109 | close_many(v->output_fds, v->n_output_fds); | |
3110 | v->n_output_fds = 0; | |
3111 | return 0; | |
3112 | } | |
3113 | ||
3114 | int varlink_peek_fd(Varlink *v, size_t i) { | |
3115 | assert_return(v, -EINVAL); | |
3116 | ||
94d82b59 | 3117 | /* Returns one of the file descriptors that were received along with the current message. This does |
d37cdac6 LP |
3118 | * not duplicate the fd nor invalidate it, it hence remains in our possession. */ |
3119 | ||
3120 | if (!v->allow_fd_passing_input) | |
3121 | return -EPERM; | |
3122 | ||
3123 | if (i >= v->n_input_fds) | |
3124 | return -ENXIO; | |
3125 | ||
3126 | return v->input_fds[i]; | |
3127 | } | |
3128 | ||
3129 | int varlink_take_fd(Varlink *v, size_t i) { | |
3130 | assert_return(v, -EINVAL); | |
3131 | ||
3132 | /* Similar to varlink_peek_fd() but the file descriptor's ownership is passed to the caller, and | |
3133 | * we'll invalidate the reference to it under our possession. If called twice in a row will return | |
3134 | * -EBADF */ | |
3135 | ||
3136 | if (!v->allow_fd_passing_input) | |
3137 | return -EPERM; | |
3138 | ||
3139 | if (i >= v->n_input_fds) | |
3140 | return -ENXIO; | |
3141 | ||
3142 | return TAKE_FD(v->input_fds[i]); | |
3143 | } | |
3144 | ||
3145 | static int verify_unix_socket(Varlink *v) { | |
3146 | assert(v); | |
3147 | ||
3148 | if (v->af < 0) { | |
3149 | struct stat st; | |
3150 | ||
3151 | if (fstat(v->fd, &st) < 0) | |
3152 | return -errno; | |
3153 | if (!S_ISSOCK(st.st_mode)) { | |
3154 | v->af = AF_UNSPEC; | |
3155 | return -ENOTSOCK; | |
3156 | } | |
3157 | ||
3158 | v->af = socket_get_family(v->fd); | |
3159 | if (v->af < 0) | |
3160 | return v->af; | |
3161 | } | |
3162 | ||
3163 | return v->af == AF_UNIX ? 0 : -ENOMEDIUM; | |
3164 | } | |
3165 | ||
3166 | int varlink_set_allow_fd_passing_input(Varlink *v, bool b) { | |
3167 | int r; | |
3168 | ||
3169 | assert_return(v, -EINVAL); | |
3170 | ||
3171 | if (v->allow_fd_passing_input == b) | |
3172 | return 0; | |
3173 | ||
3174 | if (!b) { | |
3175 | v->allow_fd_passing_input = false; | |
3176 | return 1; | |
3177 | } | |
3178 | ||
3179 | r = verify_unix_socket(v); | |
3180 | if (r < 0) | |
3181 | return r; | |
3182 | ||
3183 | v->allow_fd_passing_input = true; | |
3184 | return 0; | |
3185 | } | |
3186 | ||
3187 | int varlink_set_allow_fd_passing_output(Varlink *v, bool b) { | |
3188 | int r; | |
3189 | ||
3190 | assert_return(v, -EINVAL); | |
3191 | ||
3192 | if (v->allow_fd_passing_output == b) | |
3193 | return 0; | |
3194 | ||
3195 | if (!b) { | |
3196 | v->allow_fd_passing_output = false; | |
3197 | return 1; | |
3198 | } | |
3199 | ||
3200 | r = verify_unix_socket(v); | |
3201 | if (r < 0) | |
3202 | return r; | |
3203 | ||
3204 | v->allow_fd_passing_output = true; | |
3205 | return 0; | |
3206 | } | |
3207 | ||
a570877c LP |
3208 | int varlink_set_input_sensitive(Varlink *v) { |
3209 | assert_return(v, -EINVAL); | |
3210 | ||
3211 | v->input_sensitive = true; | |
3212 | return 0; | |
3213 | } | |
3214 | ||
d41bd96f | 3215 | int varlink_server_new(VarlinkServer **ret, VarlinkServerFlags flags) { |
7e006b49 LP |
3216 | _cleanup_(varlink_server_unrefp) VarlinkServer *s = NULL; |
3217 | int r; | |
d41bd96f LP |
3218 | |
3219 | assert_return(ret, -EINVAL); | |
3220 | assert_return((flags & ~_VARLINK_SERVER_FLAGS_ALL) == 0, -EINVAL); | |
3221 | ||
3222 | s = new(VarlinkServer, 1); | |
3223 | if (!s) | |
db3d4222 | 3224 | return log_oom_debug(); |
d41bd96f LP |
3225 | |
3226 | *s = (VarlinkServer) { | |
3227 | .n_ref = 1, | |
3228 | .flags = flags, | |
3229 | .connections_max = varlink_server_connections_max(NULL), | |
3230 | .connections_per_uid_max = varlink_server_connections_per_uid_max(NULL), | |
3231 | }; | |
3232 | ||
7e006b49 LP |
3233 | r = varlink_server_add_interface_many( |
3234 | s, | |
3235 | &vl_interface_io_systemd, | |
3236 | &vl_interface_org_varlink_service); | |
3237 | if (r < 0) | |
3238 | return r; | |
3239 | ||
3240 | *ret = TAKE_PTR(s); | |
d41bd96f LP |
3241 | return 0; |
3242 | } | |
3243 | ||
3244 | static VarlinkServer* varlink_server_destroy(VarlinkServer *s) { | |
3245 | char *m; | |
3246 | ||
3247 | if (!s) | |
3248 | return NULL; | |
3249 | ||
3250 | varlink_server_shutdown(s); | |
3251 | ||
3252 | while ((m = hashmap_steal_first_key(s->methods))) | |
3253 | free(m); | |
3254 | ||
3255 | hashmap_free(s->methods); | |
9fc843ed | 3256 | hashmap_free(s->interfaces); |
7e006b49 | 3257 | hashmap_free(s->symbols); |
d41bd96f LP |
3258 | hashmap_free(s->by_uid); |
3259 | ||
3260 | sd_event_unref(s->event); | |
3261 | ||
3262 | free(s->description); | |
3263 | ||
3264 | return mfree(s); | |
3265 | } | |
3266 | ||
3267 | DEFINE_TRIVIAL_REF_UNREF_FUNC(VarlinkServer, varlink_server, varlink_server_destroy); | |
3268 | ||
3269 | static int validate_connection(VarlinkServer *server, const struct ucred *ucred) { | |
3270 | int allowed = -1; | |
3271 | ||
3272 | assert(server); | |
3273 | assert(ucred); | |
3274 | ||
3275 | if (FLAGS_SET(server->flags, VARLINK_SERVER_ROOT_ONLY)) | |
3276 | allowed = ucred->uid == 0; | |
3277 | ||
3278 | if (FLAGS_SET(server->flags, VARLINK_SERVER_MYSELF_ONLY)) | |
3279 | allowed = allowed > 0 || ucred->uid == getuid(); | |
3280 | ||
3281 | if (allowed == 0) { /* Allow access when it is explicitly allowed or when neither | |
3282 | * VARLINK_SERVER_ROOT_ONLY nor VARLINK_SERVER_MYSELF_ONLY are specified. */ | |
3283 | varlink_server_log(server, "Unprivileged client attempted connection, refusing."); | |
3284 | return 0; | |
3285 | } | |
3286 | ||
3287 | if (server->n_connections >= server->connections_max) { | |
3288 | varlink_server_log(server, "Connection limit of %u reached, refusing.", server->connections_max); | |
3289 | return 0; | |
3290 | } | |
3291 | ||
3292 | if (FLAGS_SET(server->flags, VARLINK_SERVER_ACCOUNT_UID)) { | |
3293 | unsigned c; | |
3294 | ||
3295 | if (!uid_is_valid(ucred->uid)) { | |
3296 | varlink_server_log(server, "Client with invalid UID attempted connection, refusing."); | |
3297 | return 0; | |
3298 | } | |
3299 | ||
3300 | c = PTR_TO_UINT(hashmap_get(server->by_uid, UID_TO_PTR(ucred->uid))); | |
3301 | if (c >= server->connections_per_uid_max) { | |
3302 | varlink_server_log(server, "Per-UID connection limit of %u reached, refusing.", | |
3303 | server->connections_per_uid_max); | |
3304 | return 0; | |
3305 | } | |
3306 | } | |
3307 | ||
3308 | return 1; | |
3309 | } | |
3310 | ||
678ca213 | 3311 | static int count_connection(VarlinkServer *server, const struct ucred *ucred) { |
d41bd96f LP |
3312 | unsigned c; |
3313 | int r; | |
3314 | ||
3315 | assert(server); | |
3316 | assert(ucred); | |
3317 | ||
3318 | server->n_connections++; | |
3319 | ||
3320 | if (FLAGS_SET(server->flags, VARLINK_SERVER_ACCOUNT_UID)) { | |
a1351823 LP |
3321 | assert(uid_is_valid(ucred->uid)); |
3322 | ||
d41bd96f LP |
3323 | r = hashmap_ensure_allocated(&server->by_uid, NULL); |
3324 | if (r < 0) | |
6bcc1232 | 3325 | return varlink_server_log_errno(server, r, "Failed to allocate UID hash table: %m"); |
d41bd96f LP |
3326 | |
3327 | c = PTR_TO_UINT(hashmap_get(server->by_uid, UID_TO_PTR(ucred->uid))); | |
3328 | ||
3329 | varlink_server_log(server, "Connections of user " UID_FMT ": %u (of %u max)", | |
3330 | ucred->uid, c, server->connections_per_uid_max); | |
3331 | ||
3332 | r = hashmap_replace(server->by_uid, UID_TO_PTR(ucred->uid), UINT_TO_PTR(c + 1)); | |
3333 | if (r < 0) | |
6bcc1232 | 3334 | return varlink_server_log_errno(server, r, "Failed to increment counter in UID hash table: %m"); |
d41bd96f LP |
3335 | } |
3336 | ||
3337 | return 0; | |
3338 | } | |
3339 | ||
3340 | int varlink_server_add_connection(VarlinkServer *server, int fd, Varlink **ret) { | |
3341 | _cleanup_(varlink_unrefp) Varlink *v = NULL; | |
a995ce47 | 3342 | struct ucred ucred = UCRED_INVALID; |
d41bd96f | 3343 | bool ucred_acquired; |
d41bd96f LP |
3344 | int r; |
3345 | ||
3346 | assert_return(server, -EINVAL); | |
3347 | assert_return(fd >= 0, -EBADF); | |
3348 | ||
3349 | if ((server->flags & (VARLINK_SERVER_ROOT_ONLY|VARLINK_SERVER_ACCOUNT_UID)) != 0) { | |
3350 | r = getpeercred(fd, &ucred); | |
3351 | if (r < 0) | |
3352 | return varlink_server_log_errno(server, r, "Failed to acquire peer credentials of incoming socket, refusing: %m"); | |
3353 | ||
3354 | ucred_acquired = true; | |
3355 | ||
3356 | r = validate_connection(server, &ucred); | |
3357 | if (r < 0) | |
3358 | return r; | |
3359 | if (r == 0) | |
3360 | return -EPERM; | |
3361 | } else | |
3362 | ucred_acquired = false; | |
3363 | ||
3364 | r = varlink_new(&v); | |
3365 | if (r < 0) | |
3366 | return varlink_server_log_errno(server, r, "Failed to allocate connection object: %m"); | |
3367 | ||
3368 | r = count_connection(server, &ucred); | |
3369 | if (r < 0) | |
3370 | return r; | |
3371 | ||
3372 | v->fd = fd; | |
9807fdc1 LP |
3373 | if (server->flags & VARLINK_SERVER_INHERIT_USERDATA) |
3374 | v->userdata = server->userdata; | |
3375 | ||
d41bd96f LP |
3376 | if (ucred_acquired) { |
3377 | v->ucred = ucred; | |
3378 | v->ucred_acquired = true; | |
3379 | } | |
3380 | ||
12619d0a ZJS |
3381 | _cleanup_free_ char *desc = NULL; |
3382 | if (asprintf(&desc, "%s-%i", server->description ?: "varlink", v->fd) >= 0) | |
3383 | v->description = TAKE_PTR(desc); | |
d41bd96f LP |
3384 | |
3385 | /* Link up the server and the connection, and take reference in both directions. Note that the | |
3386 | * reference on the connection is left dangling. It will be dropped when the connection is closed, | |
3387 | * which happens in varlink_close(), including in the event loop quit callback. */ | |
3388 | v->server = varlink_server_ref(server); | |
3389 | varlink_ref(v); | |
3390 | ||
3391 | varlink_set_state(v, VARLINK_IDLE_SERVER); | |
3392 | ||
7e69d90c LP |
3393 | if (server->event) { |
3394 | r = varlink_attach_event(v, server->event, server->event_priority); | |
3395 | if (r < 0) { | |
3396 | varlink_log_errno(v, r, "Failed to attach new connection: %m"); | |
254d1313 | 3397 | v->fd = -EBADF; /* take the fd out of the connection again */ |
7e69d90c LP |
3398 | varlink_close(v); |
3399 | return r; | |
3400 | } | |
d41bd96f LP |
3401 | } |
3402 | ||
3403 | if (ret) | |
3404 | *ret = v; | |
3405 | ||
3406 | return 0; | |
3407 | } | |
3408 | ||
c14e841f AZ |
3409 | static VarlinkServerSocket *varlink_server_socket_free(VarlinkServerSocket *ss) { |
3410 | if (!ss) | |
3411 | return NULL; | |
3412 | ||
3413 | free(ss->address); | |
3414 | return mfree(ss); | |
3415 | } | |
3416 | ||
3417 | DEFINE_TRIVIAL_CLEANUP_FUNC(VarlinkServerSocket *, varlink_server_socket_free); | |
3418 | ||
d41bd96f | 3419 | static int connect_callback(sd_event_source *source, int fd, uint32_t revents, void *userdata) { |
99534007 | 3420 | VarlinkServerSocket *ss = ASSERT_PTR(userdata); |
254d1313 | 3421 | _cleanup_close_ int cfd = -EBADF; |
d41bd96f LP |
3422 | Varlink *v = NULL; |
3423 | int r; | |
3424 | ||
3425 | assert(source); | |
d41bd96f LP |
3426 | |
3427 | varlink_server_log(ss->server, "New incoming connection."); | |
3428 | ||
3429 | cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC); | |
3430 | if (cfd < 0) { | |
3431 | if (ERRNO_IS_ACCEPT_AGAIN(errno)) | |
3432 | return 0; | |
3433 | ||
3434 | return varlink_server_log_errno(ss->server, errno, "Failed to accept incoming socket: %m"); | |
3435 | } | |
3436 | ||
3437 | r = varlink_server_add_connection(ss->server, cfd, &v); | |
3438 | if (r < 0) | |
3439 | return 0; | |
3440 | ||
3441 | TAKE_FD(cfd); | |
3442 | ||
a570877c LP |
3443 | if (FLAGS_SET(ss->server->flags, VARLINK_SERVER_INPUT_SENSITIVE)) |
3444 | varlink_set_input_sensitive(v); | |
3445 | ||
d41bd96f LP |
3446 | if (ss->server->connect_callback) { |
3447 | r = ss->server->connect_callback(ss->server, v, ss->server->userdata); | |
3448 | if (r < 0) { | |
3449 | varlink_log_errno(v, r, "Connection callback returned error, disconnecting client: %m"); | |
3450 | varlink_close(v); | |
3451 | return 0; | |
3452 | } | |
3453 | } | |
3454 | ||
3455 | return 0; | |
3456 | } | |
3457 | ||
c14e841f AZ |
3458 | static int varlink_server_create_listen_fd_socket(VarlinkServer *s, int fd, VarlinkServerSocket **ret_ss) { |
3459 | _cleanup_(varlink_server_socket_freep) VarlinkServerSocket *ss = NULL; | |
d41bd96f LP |
3460 | int r; |
3461 | ||
c14e841f AZ |
3462 | assert(s); |
3463 | assert(fd >= 0); | |
3464 | assert(ret_ss); | |
d41bd96f | 3465 | |
d41bd96f LP |
3466 | ss = new(VarlinkServerSocket, 1); |
3467 | if (!ss) | |
db3d4222 | 3468 | return log_oom_debug(); |
d41bd96f LP |
3469 | |
3470 | *ss = (VarlinkServerSocket) { | |
3471 | .server = s, | |
3472 | .fd = fd, | |
3473 | }; | |
3474 | ||
3475 | if (s->event) { | |
8d91b220 | 3476 | r = sd_event_add_io(s->event, &ss->event_source, fd, EPOLLIN, connect_callback, ss); |
d41bd96f LP |
3477 | if (r < 0) |
3478 | return r; | |
3479 | ||
3480 | r = sd_event_source_set_priority(ss->event_source, s->event_priority); | |
3481 | if (r < 0) | |
3482 | return r; | |
3483 | } | |
3484 | ||
c14e841f AZ |
3485 | *ret_ss = TAKE_PTR(ss); |
3486 | return 0; | |
3487 | } | |
3488 | ||
3489 | int varlink_server_listen_fd(VarlinkServer *s, int fd) { | |
3490 | _cleanup_(varlink_server_socket_freep) VarlinkServerSocket *ss = NULL; | |
3491 | int r; | |
3492 | ||
3493 | assert_return(s, -EINVAL); | |
3494 | assert_return(fd >= 0, -EBADF); | |
3495 | ||
a4edf033 LP |
3496 | r = fd_nonblock(fd, true); |
3497 | if (r < 0) | |
3498 | return r; | |
3499 | ||
3500 | r = fd_cloexec(fd, true); | |
3501 | if (r < 0) | |
3502 | return r; | |
3503 | ||
c14e841f AZ |
3504 | r = varlink_server_create_listen_fd_socket(s, fd, &ss); |
3505 | if (r < 0) | |
3506 | return r; | |
3507 | ||
d41bd96f LP |
3508 | LIST_PREPEND(sockets, s->sockets, TAKE_PTR(ss)); |
3509 | return 0; | |
3510 | } | |
3511 | ||
3512 | int varlink_server_listen_address(VarlinkServer *s, const char *address, mode_t m) { | |
c14e841f | 3513 | _cleanup_(varlink_server_socket_freep) VarlinkServerSocket *ss = NULL; |
d41bd96f | 3514 | union sockaddr_union sockaddr; |
f36a9d59 | 3515 | socklen_t sockaddr_len; |
254d1313 | 3516 | _cleanup_close_ int fd = -EBADF; |
d41bd96f LP |
3517 | int r; |
3518 | ||
3519 | assert_return(s, -EINVAL); | |
3520 | assert_return(address, -EINVAL); | |
3521 | assert_return((m & ~0777) == 0, -EINVAL); | |
3522 | ||
3523 | r = sockaddr_un_set_path(&sockaddr.un, address); | |
3524 | if (r < 0) | |
3525 | return r; | |
f36a9d59 | 3526 | sockaddr_len = r; |
d41bd96f LP |
3527 | |
3528 | fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0); | |
3529 | if (fd < 0) | |
3530 | return -errno; | |
3531 | ||
a0c41de2 LP |
3532 | fd = fd_move_above_stdio(fd); |
3533 | ||
d41bd96f LP |
3534 | (void) sockaddr_un_unlink(&sockaddr.un); |
3535 | ||
2053593f | 3536 | WITH_UMASK(~m & 0777) { |
63e00ccd CG |
3537 | r = mac_selinux_bind(fd, &sockaddr.sa, sockaddr_len); |
3538 | if (r < 0) | |
3539 | return r; | |
3540 | } | |
d41bd96f | 3541 | |
768fcd77 | 3542 | if (listen(fd, SOMAXCONN_DELUXE) < 0) |
d41bd96f LP |
3543 | return -errno; |
3544 | ||
c14e841f | 3545 | r = varlink_server_create_listen_fd_socket(s, fd, &ss); |
d41bd96f LP |
3546 | if (r < 0) |
3547 | return r; | |
3548 | ||
c14e841f AZ |
3549 | r = free_and_strdup(&ss->address, address); |
3550 | if (r < 0) | |
3551 | return r; | |
3552 | ||
3553 | LIST_PREPEND(sockets, s->sockets, TAKE_PTR(ss)); | |
d41bd96f LP |
3554 | TAKE_FD(fd); |
3555 | return 0; | |
3556 | } | |
3557 | ||
206504a5 LP |
3558 | int varlink_server_listen_auto(VarlinkServer *s) { |
3559 | _cleanup_strv_free_ char **names = NULL; | |
3560 | int r, n = 0; | |
3561 | ||
3562 | assert_return(s, -EINVAL); | |
3563 | ||
3564 | /* Adds all passed fds marked as "varlink" to our varlink server. These fds can either refer to a | |
3565 | * listening socket or to a connection socket. | |
3566 | * | |
3567 | * See https://varlink.org/#activation for the environment variables this is backed by and the | |
3568 | * recommended "varlink" identifier in $LISTEN_FDNAMES. */ | |
3569 | ||
3570 | r = sd_listen_fds_with_names(/* unset_environment= */ false, &names); | |
3571 | if (r < 0) | |
3572 | return r; | |
3573 | ||
3574 | for (int i = 0; i < r; i++) { | |
3575 | int b, fd; | |
3576 | socklen_t l = sizeof(b); | |
3577 | ||
3578 | if (!streq(names[i], "varlink")) | |
3579 | continue; | |
3580 | ||
3581 | fd = SD_LISTEN_FDS_START + i; | |
3582 | ||
3583 | if (getsockopt(fd, SOL_SOCKET, SO_ACCEPTCONN, &b, &l) < 0) | |
3584 | return -errno; | |
3585 | ||
3586 | assert(l == sizeof(b)); | |
3587 | ||
3588 | if (b) /* Listening socket? */ | |
3589 | r = varlink_server_listen_fd(s, fd); | |
3590 | else /* Otherwise assume connection socket */ | |
3591 | r = varlink_server_add_connection(s, fd, NULL); | |
3592 | if (r < 0) | |
3593 | return r; | |
3594 | ||
3595 | n++; | |
3596 | } | |
3597 | ||
4a6fe5f0 LP |
3598 | /* For debug purposes let's listen on an explicitly specified address */ |
3599 | const char *e = secure_getenv("SYSTEMD_VARLINK_LISTEN"); | |
3600 | if (e) { | |
3601 | r = varlink_server_listen_address(s, e, FLAGS_SET(s->flags, VARLINK_SERVER_ROOT_ONLY) ? 0600 : 0666); | |
3602 | if (r < 0) | |
3603 | return r; | |
3604 | } | |
3605 | ||
206504a5 LP |
3606 | return n; |
3607 | } | |
3608 | ||
d41bd96f LP |
3609 | void* varlink_server_set_userdata(VarlinkServer *s, void *userdata) { |
3610 | void *ret; | |
3611 | ||
3612 | assert_return(s, NULL); | |
3613 | ||
3614 | ret = s->userdata; | |
3615 | s->userdata = userdata; | |
3616 | ||
3617 | return ret; | |
3618 | } | |
3619 | ||
3620 | void* varlink_server_get_userdata(VarlinkServer *s) { | |
3621 | assert_return(s, NULL); | |
3622 | ||
3623 | return s->userdata; | |
3624 | } | |
3625 | ||
2e5edb93 LP |
3626 | int varlink_server_loop_auto(VarlinkServer *server) { |
3627 | _cleanup_(sd_event_unrefp) sd_event *event = NULL; | |
3628 | int r; | |
3629 | ||
3630 | assert_return(server, -EINVAL); | |
3631 | assert_return(!server->event, -EBUSY); | |
3632 | ||
3633 | /* Runs a Varlink service event loop populated with a passed fd. Exits on the last connection. */ | |
3634 | ||
3635 | r = sd_event_new(&event); | |
3636 | if (r < 0) | |
3637 | return r; | |
3638 | ||
3639 | r = varlink_server_set_exit_on_idle(server, true); | |
3640 | if (r < 0) | |
3641 | return r; | |
3642 | ||
3643 | r = varlink_server_attach_event(server, event, 0); | |
3644 | if (r < 0) | |
3645 | return r; | |
3646 | ||
3647 | r = varlink_server_listen_auto(server); | |
3648 | if (r < 0) | |
3649 | return r; | |
3650 | ||
3651 | return sd_event_loop(event); | |
3652 | } | |
3653 | ||
d41bd96f LP |
3654 | static VarlinkServerSocket* varlink_server_socket_destroy(VarlinkServerSocket *ss) { |
3655 | if (!ss) | |
3656 | return NULL; | |
3657 | ||
3658 | if (ss->server) | |
3659 | LIST_REMOVE(sockets, ss->server->sockets, ss); | |
3660 | ||
1d3fe304 | 3661 | sd_event_source_disable_unref(ss->event_source); |
d41bd96f LP |
3662 | |
3663 | free(ss->address); | |
3664 | safe_close(ss->fd); | |
3665 | ||
3666 | return mfree(ss); | |
3667 | } | |
3668 | ||
3669 | int varlink_server_shutdown(VarlinkServer *s) { | |
3670 | assert_return(s, -EINVAL); | |
3671 | ||
3672 | while (s->sockets) | |
3673 | varlink_server_socket_destroy(s->sockets); | |
3674 | ||
3675 | return 0; | |
3676 | } | |
3677 | ||
47723340 LP |
3678 | static void varlink_server_test_exit_on_idle(VarlinkServer *s) { |
3679 | assert(s); | |
3680 | ||
3681 | if (s->exit_on_idle && s->event && s->n_connections == 0) | |
3682 | (void) sd_event_exit(s->event, 0); | |
3683 | } | |
3684 | ||
3685 | int varlink_server_set_exit_on_idle(VarlinkServer *s, bool b) { | |
3686 | assert_return(s, -EINVAL); | |
3687 | ||
3688 | s->exit_on_idle = b; | |
3689 | varlink_server_test_exit_on_idle(s); | |
3690 | return 0; | |
3691 | } | |
3692 | ||
536827e0 AZ |
3693 | static int varlink_server_add_socket_event_source(VarlinkServer *s, VarlinkServerSocket *ss, int64_t priority) { |
3694 | _cleanup_(sd_event_source_unrefp) sd_event_source *es = NULL; | |
536827e0 AZ |
3695 | int r; |
3696 | ||
3697 | assert(s); | |
3698 | assert(s->event); | |
3699 | assert(ss); | |
3700 | assert(ss->fd >= 0); | |
3701 | assert(!ss->event_source); | |
3702 | ||
3703 | r = sd_event_add_io(s->event, &es, ss->fd, EPOLLIN, connect_callback, ss); | |
3704 | if (r < 0) | |
3705 | return r; | |
3706 | ||
3707 | r = sd_event_source_set_priority(es, priority); | |
3708 | if (r < 0) | |
3709 | return r; | |
3710 | ||
3711 | ss->event_source = TAKE_PTR(es); | |
3712 | return 0; | |
3713 | } | |
3714 | ||
d41bd96f | 3715 | int varlink_server_attach_event(VarlinkServer *s, sd_event *e, int64_t priority) { |
d41bd96f LP |
3716 | int r; |
3717 | ||
3718 | assert_return(s, -EINVAL); | |
3719 | assert_return(!s->event, -EBUSY); | |
3720 | ||
3721 | if (e) | |
3722 | s->event = sd_event_ref(e); | |
3723 | else { | |
3724 | r = sd_event_default(&s->event); | |
3725 | if (r < 0) | |
3726 | return r; | |
3727 | } | |
3728 | ||
3729 | LIST_FOREACH(sockets, ss, s->sockets) { | |
536827e0 | 3730 | r = varlink_server_add_socket_event_source(s, ss, priority); |
d41bd96f LP |
3731 | if (r < 0) |
3732 | goto fail; | |
3733 | } | |
3734 | ||
3735 | s->event_priority = priority; | |
3736 | return 0; | |
3737 | ||
3738 | fail: | |
3739 | varlink_server_detach_event(s); | |
3740 | return r; | |
3741 | } | |
3742 | ||
3743 | int varlink_server_detach_event(VarlinkServer *s) { | |
d41bd96f LP |
3744 | assert_return(s, -EINVAL); |
3745 | ||
4f538d7b LP |
3746 | LIST_FOREACH(sockets, ss, s->sockets) |
3747 | ss->event_source = sd_event_source_disable_unref(ss->event_source); | |
d41bd96f | 3748 | |
03a83186 | 3749 | s->event = sd_event_unref(s->event); |
d41bd96f LP |
3750 | return 0; |
3751 | } | |
3752 | ||
3753 | sd_event *varlink_server_get_event(VarlinkServer *s) { | |
3754 | assert_return(s, NULL); | |
3755 | ||
3756 | return s->event; | |
3757 | } | |
3758 | ||
7e006b49 LP |
3759 | static bool varlink_symbol_in_interface(const char *method, const char *interface) { |
3760 | const char *p; | |
3761 | ||
3762 | assert(method); | |
3763 | assert(interface); | |
3764 | ||
3765 | p = startswith(method, interface); | |
3766 | if (!p) | |
3767 | return false; | |
3768 | ||
3769 | if (*p != '.') | |
3770 | return false; | |
3771 | ||
3772 | return !strchr(p+1, '.'); | |
3773 | } | |
3774 | ||
d41bd96f | 3775 | int varlink_server_bind_method(VarlinkServer *s, const char *method, VarlinkMethod callback) { |
db3d4222 | 3776 | _cleanup_free_ char *m = NULL; |
d41bd96f LP |
3777 | int r; |
3778 | ||
3779 | assert_return(s, -EINVAL); | |
3780 | assert_return(method, -EINVAL); | |
3781 | assert_return(callback, -EINVAL); | |
3782 | ||
7e006b49 LP |
3783 | if (varlink_symbol_in_interface(method, "org.varlink.service") || |
3784 | varlink_symbol_in_interface(method, "io.systemd")) | |
6bcc1232 | 3785 | return varlink_server_log_errno(s, SYNTHETIC_ERRNO(EEXIST), "Cannot bind server to '%s'.", method); |
d41bd96f | 3786 | |
d41bd96f LP |
3787 | m = strdup(method); |
3788 | if (!m) | |
db3d4222 | 3789 | return log_oom_debug(); |
d41bd96f | 3790 | |
1d2d1654 SS |
3791 | r = hashmap_ensure_put(&s->methods, &string_hash_ops, m, callback); |
3792 | if (r == -ENOMEM) | |
3793 | return log_oom_debug(); | |
db3d4222 | 3794 | if (r < 0) |
6bcc1232 | 3795 | return varlink_server_log_errno(s, r, "Failed to register callback: %m"); |
db3d4222 ZJS |
3796 | if (r > 0) |
3797 | TAKE_PTR(m); | |
d41bd96f LP |
3798 | |
3799 | return 0; | |
3800 | } | |
3801 | ||
3802 | int varlink_server_bind_method_many_internal(VarlinkServer *s, ...) { | |
3803 | va_list ap; | |
e7b93f97 | 3804 | int r = 0; |
d41bd96f LP |
3805 | |
3806 | assert_return(s, -EINVAL); | |
3807 | ||
3808 | va_start(ap, s); | |
3809 | for (;;) { | |
3810 | VarlinkMethod callback; | |
3811 | const char *method; | |
3812 | ||
3813 | method = va_arg(ap, const char *); | |
3814 | if (!method) | |
3815 | break; | |
3816 | ||
3817 | callback = va_arg(ap, VarlinkMethod); | |
3818 | ||
3819 | r = varlink_server_bind_method(s, method, callback); | |
3820 | if (r < 0) | |
e7b93f97 | 3821 | break; |
d41bd96f | 3822 | } |
e7b93f97 | 3823 | va_end(ap); |
d41bd96f | 3824 | |
e7b93f97 | 3825 | return r; |
d41bd96f LP |
3826 | } |
3827 | ||
3828 | int varlink_server_bind_connect(VarlinkServer *s, VarlinkConnect callback) { | |
3829 | assert_return(s, -EINVAL); | |
3830 | ||
3831 | if (callback && s->connect_callback && callback != s->connect_callback) | |
6bcc1232 | 3832 | return varlink_server_log_errno(s, SYNTHETIC_ERRNO(EBUSY), "A different callback was already set."); |
d41bd96f LP |
3833 | |
3834 | s->connect_callback = callback; | |
3835 | return 0; | |
3836 | } | |
3837 | ||
6d4d6002 LP |
3838 | int varlink_server_bind_disconnect(VarlinkServer *s, VarlinkDisconnect callback) { |
3839 | assert_return(s, -EINVAL); | |
3840 | ||
3841 | if (callback && s->disconnect_callback && callback != s->disconnect_callback) | |
6bcc1232 | 3842 | return varlink_server_log_errno(s, SYNTHETIC_ERRNO(EBUSY), "A different callback was already set."); |
6d4d6002 LP |
3843 | |
3844 | s->disconnect_callback = callback; | |
3845 | return 0; | |
3846 | } | |
3847 | ||
9fc843ed | 3848 | int varlink_server_add_interface(VarlinkServer *s, const VarlinkInterface *interface) { |
7e006b49 LP |
3849 | int r; |
3850 | ||
9fc843ed LP |
3851 | assert_return(s, -EINVAL); |
3852 | assert_return(interface, -EINVAL); | |
3853 | assert_return(interface->name, -EINVAL); | |
3854 | ||
3855 | if (hashmap_contains(s->interfaces, interface->name)) | |
6bcc1232 | 3856 | return varlink_server_log_errno(s, SYNTHETIC_ERRNO(EEXIST), "Duplicate registration of interface '%s'.", interface->name); |
9fc843ed | 3857 | |
7e006b49 LP |
3858 | r = hashmap_ensure_put(&s->interfaces, &string_hash_ops, interface->name, (void*) interface); |
3859 | if (r < 0) | |
3860 | return r; | |
3861 | ||
3862 | for (const VarlinkSymbol *const*symbol = interface->symbols; *symbol; symbol++) { | |
3863 | _cleanup_free_ char *j = NULL; | |
3864 | ||
3865 | /* We only ever want to validate method calls/replies and errors against the interface | |
3866 | * definitions, hence don't bother with the type symbols */ | |
3867 | if (!IN_SET((*symbol)->symbol_type, VARLINK_METHOD, VARLINK_ERROR)) | |
3868 | continue; | |
3869 | ||
3870 | j = strjoin(interface->name, ".", (*symbol)->name); | |
3871 | if (!j) | |
3872 | return -ENOMEM; | |
3873 | ||
3874 | r = hashmap_ensure_put(&s->symbols, &string_hash_ops_free, j, (void*) *symbol); | |
3875 | if (r < 0) | |
3876 | return r; | |
3877 | ||
3878 | TAKE_PTR(j); | |
3879 | } | |
3880 | ||
3881 | return 0; | |
9fc843ed LP |
3882 | } |
3883 | ||
3884 | int varlink_server_add_interface_many_internal(VarlinkServer *s, ...) { | |
3885 | va_list ap; | |
3886 | int r = 0; | |
3887 | ||
3888 | assert_return(s, -EINVAL); | |
3889 | ||
3890 | va_start(ap, s); | |
3891 | for (;;) { | |
3892 | const VarlinkInterface *interface = va_arg(ap, const VarlinkInterface*); | |
3893 | if (!interface) | |
3894 | break; | |
3895 | ||
3896 | r = varlink_server_add_interface(s, interface); | |
3897 | if (r < 0) | |
3898 | break; | |
3899 | } | |
3900 | va_end(ap); | |
3901 | ||
3902 | return r; | |
3903 | } | |
3904 | ||
d41bd96f | 3905 | unsigned varlink_server_connections_max(VarlinkServer *s) { |
88a36d36 | 3906 | int dts; |
d41bd96f LP |
3907 | |
3908 | /* If a server is specified, return the setting for that server, otherwise the default value */ | |
3909 | if (s) | |
3910 | return s->connections_max; | |
3911 | ||
88a36d36 LP |
3912 | dts = getdtablesize(); |
3913 | assert_se(dts > 0); | |
d41bd96f LP |
3914 | |
3915 | /* Make sure we never use up more than ¾th of RLIMIT_NOFILE for IPC */ | |
88a36d36 LP |
3916 | if (VARLINK_DEFAULT_CONNECTIONS_MAX > (unsigned) dts / 4 * 3) |
3917 | return dts / 4 * 3; | |
d41bd96f LP |
3918 | |
3919 | return VARLINK_DEFAULT_CONNECTIONS_MAX; | |
3920 | } | |
3921 | ||
3922 | unsigned varlink_server_connections_per_uid_max(VarlinkServer *s) { | |
3923 | unsigned m; | |
3924 | ||
3925 | if (s) | |
3926 | return s->connections_per_uid_max; | |
3927 | ||
3928 | /* Make sure to never use up more than ¾th of available connections for a single user */ | |
3929 | m = varlink_server_connections_max(NULL); | |
3930 | if (VARLINK_DEFAULT_CONNECTIONS_PER_UID_MAX > m) | |
3931 | return m / 4 * 3; | |
3932 | ||
3933 | return VARLINK_DEFAULT_CONNECTIONS_PER_UID_MAX; | |
3934 | } | |
3935 | ||
3936 | int varlink_server_set_connections_per_uid_max(VarlinkServer *s, unsigned m) { | |
3937 | assert_return(s, -EINVAL); | |
3938 | assert_return(m > 0, -EINVAL); | |
3939 | ||
3940 | s->connections_per_uid_max = m; | |
3941 | return 0; | |
3942 | } | |
3943 | ||
3944 | int varlink_server_set_connections_max(VarlinkServer *s, unsigned m) { | |
3945 | assert_return(s, -EINVAL); | |
3946 | assert_return(m > 0, -EINVAL); | |
3947 | ||
3948 | s->connections_max = m; | |
3949 | return 0; | |
3950 | } | |
3951 | ||
c4f601f2 LP |
3952 | unsigned varlink_server_current_connections(VarlinkServer *s) { |
3953 | assert_return(s, UINT_MAX); | |
3954 | ||
3955 | return s->n_connections; | |
3956 | } | |
3957 | ||
d41bd96f LP |
3958 | int varlink_server_set_description(VarlinkServer *s, const char *description) { |
3959 | assert_return(s, -EINVAL); | |
3960 | ||
3961 | return free_and_strdup(&s->description, description); | |
3962 | } | |
008798e9 AZ |
3963 | |
3964 | int varlink_server_serialize(VarlinkServer *s, FILE *f, FDSet *fds) { | |
3965 | assert(f); | |
3966 | assert(fds); | |
3967 | ||
3968 | if (!s) | |
3969 | return 0; | |
3970 | ||
3971 | LIST_FOREACH(sockets, ss, s->sockets) { | |
3972 | int copy; | |
3973 | ||
3974 | assert(ss->address); | |
3975 | assert(ss->fd >= 0); | |
3976 | ||
3977 | fprintf(f, "varlink-server-socket-address=%s", ss->address); | |
3978 | ||
3979 | /* If we fail to serialize the fd, it will be considered an error during deserialization */ | |
3980 | copy = fdset_put_dup(fds, ss->fd); | |
3981 | if (copy < 0) | |
3982 | return copy; | |
3983 | ||
3984 | fprintf(f, " varlink-server-socket-fd=%i", copy); | |
3985 | ||
3986 | fputc('\n', f); | |
3987 | } | |
3988 | ||
3989 | return 0; | |
3990 | } | |
3991 | ||
3992 | int varlink_server_deserialize_one(VarlinkServer *s, const char *value, FDSet *fds) { | |
3993 | _cleanup_(varlink_server_socket_freep) VarlinkServerSocket *ss = NULL; | |
3994 | _cleanup_free_ char *address = NULL; | |
3995 | const char *v = ASSERT_PTR(value); | |
254d1313 | 3996 | int r, fd = -EBADF; |
008798e9 AZ |
3997 | char *buf; |
3998 | size_t n; | |
3999 | ||
4000 | assert(s); | |
4001 | assert(fds); | |
4002 | ||
4003 | n = strcspn(v, " "); | |
4004 | address = strndup(v, n); | |
4005 | if (!address) | |
4006 | return log_oom_debug(); | |
4007 | ||
4008 | if (v[n] != ' ') | |
6bcc1232 | 4009 | return varlink_server_log_errno(s, SYNTHETIC_ERRNO(EINVAL), |
008798e9 AZ |
4010 | "Failed to deserialize VarlinkServerSocket: %s: %m", value); |
4011 | v = startswith(v + n + 1, "varlink-server-socket-fd="); | |
4012 | if (!v) | |
6bcc1232 | 4013 | return varlink_server_log_errno(s, SYNTHETIC_ERRNO(EINVAL), |
008798e9 AZ |
4014 | "Failed to deserialize VarlinkServerSocket fd %s: %m", value); |
4015 | ||
4016 | n = strcspn(v, " "); | |
4017 | buf = strndupa_safe(v, n); | |
4018 | ||
e652663a | 4019 | fd = parse_fd(buf); |
e652663a | 4020 | if (fd < 0) |
6bcc1232 | 4021 | return varlink_server_log_errno(s, fd, "Unable to parse VarlinkServerSocket varlink-server-socket-fd=%s: %m", buf); |
008798e9 | 4022 | if (!fdset_contains(fds, fd)) |
6bcc1232 | 4023 | return varlink_server_log_errno(s, SYNTHETIC_ERRNO(EBADF), |
008798e9 AZ |
4024 | "VarlinkServerSocket varlink-server-socket-fd= has unknown fd %d: %m", fd); |
4025 | ||
4026 | ss = new(VarlinkServerSocket, 1); | |
4027 | if (!ss) | |
4028 | return log_oom_debug(); | |
4029 | ||
4030 | *ss = (VarlinkServerSocket) { | |
4031 | .server = s, | |
4032 | .address = TAKE_PTR(address), | |
4033 | .fd = fdset_remove(fds, fd), | |
4034 | }; | |
4035 | ||
4036 | r = varlink_server_add_socket_event_source(s, ss, SD_EVENT_PRIORITY_NORMAL); | |
4037 | if (r < 0) | |
6bcc1232 | 4038 | return varlink_server_log_errno(s, r, "Failed to add VarlinkServerSocket event source to the event loop: %m"); |
008798e9 AZ |
4039 | |
4040 | LIST_PREPEND(sockets, s->sockets, TAKE_PTR(ss)); | |
4041 | return 0; | |
4042 | } | |
02b0d24d LP |
4043 | |
4044 | int varlink_invocation(VarlinkInvocationFlags flags) { | |
4045 | _cleanup_strv_free_ char **names = NULL; | |
4046 | int r, b; | |
4047 | socklen_t l = sizeof(b); | |
4048 | ||
4049 | /* Returns true if this is a "pure" varlink server invocation, i.e. with one fd passed. */ | |
4050 | ||
4a6fe5f0 LP |
4051 | const char *e = secure_getenv("SYSTEMD_VARLINK_LISTEN"); /* Permit a manual override for testing purposes */ |
4052 | if (e) | |
4053 | return true; | |
4054 | ||
02b0d24d LP |
4055 | r = sd_listen_fds_with_names(/* unset_environment= */ false, &names); |
4056 | if (r < 0) | |
4057 | return r; | |
4058 | if (r == 0) | |
4059 | return false; | |
4060 | if (r > 1) | |
4061 | return -ETOOMANYREFS; | |
4062 | ||
4063 | if (!strv_equal(names, STRV_MAKE("varlink"))) | |
4064 | return false; | |
4065 | ||
4066 | if (FLAGS_SET(flags, VARLINK_ALLOW_LISTEN|VARLINK_ALLOW_ACCEPT)) /* Both flags set? Then allow everything */ | |
4067 | return true; | |
4068 | ||
4069 | if ((flags & (VARLINK_ALLOW_LISTEN|VARLINK_ALLOW_ACCEPT)) == 0) /* Neither is set, then fail */ | |
4070 | return -EISCONN; | |
4071 | ||
4072 | if (getsockopt(SD_LISTEN_FDS_START, SOL_SOCKET, SO_ACCEPTCONN, &b, &l) < 0) | |
4073 | return -errno; | |
4074 | ||
4075 | assert(l == sizeof(b)); | |
4076 | ||
4077 | if (!FLAGS_SET(flags, b ? VARLINK_ALLOW_LISTEN : VARLINK_ALLOW_ACCEPT)) | |
4078 | return -EISCONN; | |
4079 | ||
4080 | return true; | |
4081 | } | |
a4562f94 LP |
4082 | |
4083 | int varlink_error_to_errno(const char *error, JsonVariant *parameters) { | |
4084 | static const struct { | |
4085 | const char *error; | |
4086 | int value; | |
4087 | } table[] = { | |
4088 | { VARLINK_ERROR_DISCONNECTED, -ECONNRESET }, | |
4089 | { VARLINK_ERROR_TIMEOUT, -ETIMEDOUT }, | |
4090 | { VARLINK_ERROR_PROTOCOL, -EPROTO }, | |
4091 | { VARLINK_ERROR_INTERFACE_NOT_FOUND, -EADDRNOTAVAIL }, | |
4092 | { VARLINK_ERROR_METHOD_NOT_FOUND, -ENXIO }, | |
4093 | { VARLINK_ERROR_METHOD_NOT_IMPLEMENTED, -ENOTTY }, | |
4094 | { VARLINK_ERROR_INVALID_PARAMETER, -EINVAL }, | |
4095 | { VARLINK_ERROR_PERMISSION_DENIED, -EACCES }, | |
4096 | { VARLINK_ERROR_EXPECTED_MORE, -EBADE }, | |
4097 | }; | |
4098 | ||
4099 | if (!error) | |
4100 | return 0; | |
4101 | ||
4102 | FOREACH_ARRAY(t, table, ELEMENTSOF(table)) | |
4103 | if (streq(error, t->error)) | |
4104 | return t->value; | |
4105 | ||
4106 | if (streq(error, VARLINK_ERROR_SYSTEM) && parameters) { | |
4107 | JsonVariant *e; | |
4108 | ||
4109 | e = json_variant_by_key(parameters, "errno"); | |
4110 | if (json_variant_is_integer(e)) { | |
4111 | int64_t i; | |
4112 | ||
4113 | i = json_variant_integer(e); | |
4114 | if (i > 0 && i < ERRNO_MAX) | |
4115 | return -i; | |
4116 | } | |
4117 | } | |
4118 | ||
4119 | return -EBADR; /* Catch-all */ | |
4120 | } |