]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/libsystemd/sd-bus/bus-socket.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #7640 from keszybz/tainting-updates
[thirdparty/systemd.git] / src / libsystemd / sd-bus / bus-socket.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2013 Lennart Poettering
6
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
11
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
16
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
19 ***/
20
21 #include <endian.h>
22 #include <poll.h>
23 #include <stdlib.h>
24 #include <unistd.h>
25
26 #include "sd-bus.h"
27 #include "sd-daemon.h"
28
29 #include "alloc-util.h"
30 #include "bus-internal.h"
31 #include "bus-message.h"
32 #include "bus-socket.h"
33 #include "fd-util.h"
34 #include "format-util.h"
35 #include "hexdecoct.h"
36 #include "macro.h"
37 #include "missing.h"
38 #include "selinux-util.h"
39 #include "signal-util.h"
40 #include "stdio-util.h"
41 #include "string-util.h"
42 #include "user-util.h"
43 #include "utf8.h"
44 #include "util.h"
45
46 #define SNDBUF_SIZE (8*1024*1024)
47
48 static void iovec_advance(struct iovec iov[], unsigned *idx, size_t size) {
49
50 while (size > 0) {
51 struct iovec *i = iov + *idx;
52
53 if (i->iov_len > size) {
54 i->iov_base = (uint8_t*) i->iov_base + size;
55 i->iov_len -= size;
56 return;
57 }
58
59 size -= i->iov_len;
60
61 i->iov_base = NULL;
62 i->iov_len = 0;
63
64 (*idx)++;
65 }
66 }
67
68 static int append_iovec(sd_bus_message *m, const void *p, size_t sz) {
69 assert(m);
70 assert(p);
71 assert(sz > 0);
72
73 m->iovec[m->n_iovec].iov_base = (void*) p;
74 m->iovec[m->n_iovec].iov_len = sz;
75 m->n_iovec++;
76
77 return 0;
78 }
79
80 static int bus_message_setup_iovec(sd_bus_message *m) {
81 struct bus_body_part *part;
82 unsigned n, i;
83 int r;
84
85 assert(m);
86 assert(m->sealed);
87
88 if (m->n_iovec > 0)
89 return 0;
90
91 assert(!m->iovec);
92
93 n = 1 + m->n_body_parts;
94 if (n < ELEMENTSOF(m->iovec_fixed))
95 m->iovec = m->iovec_fixed;
96 else {
97 m->iovec = new(struct iovec, n);
98 if (!m->iovec) {
99 r = -ENOMEM;
100 goto fail;
101 }
102 }
103
104 r = append_iovec(m, m->header, BUS_MESSAGE_BODY_BEGIN(m));
105 if (r < 0)
106 goto fail;
107
108 MESSAGE_FOREACH_PART(part, i, m) {
109 r = bus_body_part_map(part);
110 if (r < 0)
111 goto fail;
112
113 r = append_iovec(m, part->data, part->size);
114 if (r < 0)
115 goto fail;
116 }
117
118 assert(n == m->n_iovec);
119
120 return 0;
121
122 fail:
123 m->poisoned = true;
124 return r;
125 }
126
127 bool bus_socket_auth_needs_write(sd_bus *b) {
128
129 unsigned i;
130
131 if (b->auth_index >= ELEMENTSOF(b->auth_iovec))
132 return false;
133
134 for (i = b->auth_index; i < ELEMENTSOF(b->auth_iovec); i++) {
135 struct iovec *j = b->auth_iovec + i;
136
137 if (j->iov_len > 0)
138 return true;
139 }
140
141 return false;
142 }
143
144 static int bus_socket_write_auth(sd_bus *b) {
145 ssize_t k;
146
147 assert(b);
148 assert(b->state == BUS_AUTHENTICATING);
149
150 if (!bus_socket_auth_needs_write(b))
151 return 0;
152
153 if (b->prefer_writev)
154 k = writev(b->output_fd, b->auth_iovec + b->auth_index, ELEMENTSOF(b->auth_iovec) - b->auth_index);
155 else {
156 struct msghdr mh;
157 zero(mh);
158
159 mh.msg_iov = b->auth_iovec + b->auth_index;
160 mh.msg_iovlen = ELEMENTSOF(b->auth_iovec) - b->auth_index;
161
162 k = sendmsg(b->output_fd, &mh, MSG_DONTWAIT|MSG_NOSIGNAL);
163 if (k < 0 && errno == ENOTSOCK) {
164 b->prefer_writev = true;
165 k = writev(b->output_fd, b->auth_iovec + b->auth_index, ELEMENTSOF(b->auth_iovec) - b->auth_index);
166 }
167 }
168
169 if (k < 0)
170 return errno == EAGAIN ? 0 : -errno;
171
172 iovec_advance(b->auth_iovec, &b->auth_index, (size_t) k);
173 return 1;
174 }
175
176 static int bus_socket_auth_verify_client(sd_bus *b) {
177 char *e, *f, *start;
178 sd_id128_t peer;
179 unsigned i;
180 int r;
181
182 assert(b);
183
184 /* We expect two response lines: "OK" and possibly
185 * "AGREE_UNIX_FD" */
186
187 e = memmem_safe(b->rbuffer, b->rbuffer_size, "\r\n", 2);
188 if (!e)
189 return 0;
190
191 if (b->hello_flags & KDBUS_HELLO_ACCEPT_FD) {
192 f = memmem(e + 2, b->rbuffer_size - (e - (char*) b->rbuffer) - 2, "\r\n", 2);
193 if (!f)
194 return 0;
195
196 start = f + 2;
197 } else {
198 f = NULL;
199 start = e + 2;
200 }
201
202 /* Nice! We got all the lines we need. First check the OK
203 * line */
204
205 if (e - (char*) b->rbuffer != 3 + 32)
206 return -EPERM;
207
208 if (memcmp(b->rbuffer, "OK ", 3))
209 return -EPERM;
210
211 b->auth = b->anonymous_auth ? BUS_AUTH_ANONYMOUS : BUS_AUTH_EXTERNAL;
212
213 for (i = 0; i < 32; i += 2) {
214 int x, y;
215
216 x = unhexchar(((char*) b->rbuffer)[3 + i]);
217 y = unhexchar(((char*) b->rbuffer)[3 + i + 1]);
218
219 if (x < 0 || y < 0)
220 return -EINVAL;
221
222 peer.bytes[i/2] = ((uint8_t) x << 4 | (uint8_t) y);
223 }
224
225 if (!sd_id128_is_null(b->server_id) &&
226 !sd_id128_equal(b->server_id, peer))
227 return -EPERM;
228
229 b->server_id = peer;
230
231 /* And possibly check the second line, too */
232
233 if (f)
234 b->can_fds =
235 (f - e == STRLEN("\r\nAGREE_UNIX_FD")) &&
236 memcmp(e + 2, "AGREE_UNIX_FD",
237 STRLEN("AGREE_UNIX_FD")) == 0;
238
239 b->rbuffer_size -= (start - (char*) b->rbuffer);
240 memmove(b->rbuffer, start, b->rbuffer_size);
241
242 r = bus_start_running(b);
243 if (r < 0)
244 return r;
245
246 return 1;
247 }
248
249 static bool line_equals(const char *s, size_t m, const char *line) {
250 size_t l;
251
252 l = strlen(line);
253 if (l != m)
254 return false;
255
256 return memcmp(s, line, l) == 0;
257 }
258
259 static bool line_begins(const char *s, size_t m, const char *word) {
260 size_t l;
261
262 l = strlen(word);
263 if (m < l)
264 return false;
265
266 if (memcmp(s, word, l) != 0)
267 return false;
268
269 return m == l || (m > l && s[l] == ' ');
270 }
271
272 static int verify_anonymous_token(sd_bus *b, const char *p, size_t l) {
273 _cleanup_free_ char *token = NULL;
274 size_t len;
275 int r;
276
277 if (!b->anonymous_auth)
278 return 0;
279
280 if (l <= 0)
281 return 1;
282
283 assert(p[0] == ' ');
284 p++; l--;
285
286 if (l % 2 != 0)
287 return 0;
288
289 r = unhexmem(p, l, (void **) &token, &len);
290 if (r < 0)
291 return 0;
292
293 if (memchr(token, 0, len))
294 return 0;
295
296 return !!utf8_is_valid(token);
297 }
298
299 static int verify_external_token(sd_bus *b, const char *p, size_t l) {
300 _cleanup_free_ char *token = NULL;
301 size_t len;
302 uid_t u;
303 int r;
304
305 /* We don't do any real authentication here. Instead, we if
306 * the owner of this bus wanted authentication he should have
307 * checked SO_PEERCRED before even creating the bus object. */
308
309 if (!b->anonymous_auth && !b->ucred_valid)
310 return 0;
311
312 if (l <= 0)
313 return 1;
314
315 assert(p[0] == ' ');
316 p++; l--;
317
318 if (l % 2 != 0)
319 return 0;
320
321 r = unhexmem(p, l, (void**) &token, &len);
322 if (r < 0)
323 return 0;
324
325 if (memchr(token, 0, len))
326 return 0;
327
328 r = parse_uid(token, &u);
329 if (r < 0)
330 return 0;
331
332 /* We ignore the passed value if anonymous authentication is
333 * on anyway. */
334 if (!b->anonymous_auth && u != b->ucred.uid)
335 return 0;
336
337 return 1;
338 }
339
340 static int bus_socket_auth_write(sd_bus *b, const char *t) {
341 char *p;
342 size_t l;
343
344 assert(b);
345 assert(t);
346
347 /* We only make use of the first iovec */
348 assert(IN_SET(b->auth_index, 0, 1));
349
350 l = strlen(t);
351 p = malloc(b->auth_iovec[0].iov_len + l);
352 if (!p)
353 return -ENOMEM;
354
355 memcpy_safe(p, b->auth_iovec[0].iov_base, b->auth_iovec[0].iov_len);
356 memcpy(p + b->auth_iovec[0].iov_len, t, l);
357
358 b->auth_iovec[0].iov_base = p;
359 b->auth_iovec[0].iov_len += l;
360
361 free(b->auth_buffer);
362 b->auth_buffer = p;
363 b->auth_index = 0;
364 return 0;
365 }
366
367 static int bus_socket_auth_write_ok(sd_bus *b) {
368 char t[3 + 32 + 2 + 1];
369
370 assert(b);
371
372 xsprintf(t, "OK " SD_ID128_FORMAT_STR "\r\n", SD_ID128_FORMAT_VAL(b->server_id));
373
374 return bus_socket_auth_write(b, t);
375 }
376
377 static int bus_socket_auth_verify_server(sd_bus *b) {
378 char *e;
379 const char *line;
380 size_t l;
381 bool processed = false;
382 int r;
383
384 assert(b);
385
386 if (b->rbuffer_size < 1)
387 return 0;
388
389 /* First char must be a NUL byte */
390 if (*(char*) b->rbuffer != 0)
391 return -EIO;
392
393 if (b->rbuffer_size < 3)
394 return 0;
395
396 /* Begin with the first line */
397 if (b->auth_rbegin <= 0)
398 b->auth_rbegin = 1;
399
400 for (;;) {
401 /* Check if line is complete */
402 line = (char*) b->rbuffer + b->auth_rbegin;
403 e = memmem(line, b->rbuffer_size - b->auth_rbegin, "\r\n", 2);
404 if (!e)
405 return processed;
406
407 l = e - line;
408
409 if (line_begins(line, l, "AUTH ANONYMOUS")) {
410
411 r = verify_anonymous_token(b, line + 14, l - 14);
412 if (r < 0)
413 return r;
414 if (r == 0)
415 r = bus_socket_auth_write(b, "REJECTED\r\n");
416 else {
417 b->auth = BUS_AUTH_ANONYMOUS;
418 r = bus_socket_auth_write_ok(b);
419 }
420
421 } else if (line_begins(line, l, "AUTH EXTERNAL")) {
422
423 r = verify_external_token(b, line + 13, l - 13);
424 if (r < 0)
425 return r;
426 if (r == 0)
427 r = bus_socket_auth_write(b, "REJECTED\r\n");
428 else {
429 b->auth = BUS_AUTH_EXTERNAL;
430 r = bus_socket_auth_write_ok(b);
431 }
432
433 } else if (line_begins(line, l, "AUTH"))
434 r = bus_socket_auth_write(b, "REJECTED EXTERNAL ANONYMOUS\r\n");
435 else if (line_equals(line, l, "CANCEL") ||
436 line_begins(line, l, "ERROR")) {
437
438 b->auth = _BUS_AUTH_INVALID;
439 r = bus_socket_auth_write(b, "REJECTED\r\n");
440
441 } else if (line_equals(line, l, "BEGIN")) {
442
443 if (b->auth == _BUS_AUTH_INVALID)
444 r = bus_socket_auth_write(b, "ERROR\r\n");
445 else {
446 /* We can't leave from the auth phase
447 * before we haven't written
448 * everything queued, so let's check
449 * that */
450
451 if (bus_socket_auth_needs_write(b))
452 return 1;
453
454 b->rbuffer_size -= (e + 2 - (char*) b->rbuffer);
455 memmove(b->rbuffer, e + 2, b->rbuffer_size);
456 return bus_start_running(b);
457 }
458
459 } else if (line_begins(line, l, "DATA")) {
460
461 if (b->auth == _BUS_AUTH_INVALID)
462 r = bus_socket_auth_write(b, "ERROR\r\n");
463 else {
464 if (b->auth == BUS_AUTH_ANONYMOUS)
465 r = verify_anonymous_token(b, line + 4, l - 4);
466 else
467 r = verify_external_token(b, line + 4, l - 4);
468
469 if (r < 0)
470 return r;
471 if (r == 0) {
472 b->auth = _BUS_AUTH_INVALID;
473 r = bus_socket_auth_write(b, "REJECTED\r\n");
474 } else
475 r = bus_socket_auth_write_ok(b);
476 }
477 } else if (line_equals(line, l, "NEGOTIATE_UNIX_FD")) {
478 if (b->auth == _BUS_AUTH_INVALID || !(b->hello_flags & KDBUS_HELLO_ACCEPT_FD))
479 r = bus_socket_auth_write(b, "ERROR\r\n");
480 else {
481 b->can_fds = true;
482 r = bus_socket_auth_write(b, "AGREE_UNIX_FD\r\n");
483 }
484 } else
485 r = bus_socket_auth_write(b, "ERROR\r\n");
486
487 if (r < 0)
488 return r;
489
490 b->auth_rbegin = e + 2 - (char*) b->rbuffer;
491
492 processed = true;
493 }
494 }
495
496 static int bus_socket_auth_verify(sd_bus *b) {
497 assert(b);
498
499 if (b->is_server)
500 return bus_socket_auth_verify_server(b);
501 else
502 return bus_socket_auth_verify_client(b);
503 }
504
505 static int bus_socket_read_auth(sd_bus *b) {
506 struct msghdr mh;
507 struct iovec iov = {};
508 size_t n;
509 ssize_t k;
510 int r;
511 void *p;
512 union {
513 struct cmsghdr cmsghdr;
514 uint8_t buf[CMSG_SPACE(sizeof(int) * BUS_FDS_MAX)];
515 } control;
516 bool handle_cmsg = false;
517
518 assert(b);
519 assert(b->state == BUS_AUTHENTICATING);
520
521 r = bus_socket_auth_verify(b);
522 if (r != 0)
523 return r;
524
525 n = MAX(256u, b->rbuffer_size * 2);
526
527 if (n > BUS_AUTH_SIZE_MAX)
528 n = BUS_AUTH_SIZE_MAX;
529
530 if (b->rbuffer_size >= n)
531 return -ENOBUFS;
532
533 p = realloc(b->rbuffer, n);
534 if (!p)
535 return -ENOMEM;
536
537 b->rbuffer = p;
538
539 iov.iov_base = (uint8_t*) b->rbuffer + b->rbuffer_size;
540 iov.iov_len = n - b->rbuffer_size;
541
542 if (b->prefer_readv)
543 k = readv(b->input_fd, &iov, 1);
544 else {
545 zero(mh);
546 mh.msg_iov = &iov;
547 mh.msg_iovlen = 1;
548 mh.msg_control = &control;
549 mh.msg_controllen = sizeof(control);
550
551 k = recvmsg(b->input_fd, &mh, MSG_DONTWAIT|MSG_NOSIGNAL|MSG_CMSG_CLOEXEC);
552 if (k < 0 && errno == ENOTSOCK) {
553 b->prefer_readv = true;
554 k = readv(b->input_fd, &iov, 1);
555 } else
556 handle_cmsg = true;
557 }
558 if (k < 0)
559 return errno == EAGAIN ? 0 : -errno;
560 if (k == 0)
561 return -ECONNRESET;
562
563 b->rbuffer_size += k;
564
565 if (handle_cmsg) {
566 struct cmsghdr *cmsg;
567
568 CMSG_FOREACH(cmsg, &mh)
569 if (cmsg->cmsg_level == SOL_SOCKET &&
570 cmsg->cmsg_type == SCM_RIGHTS) {
571 int j;
572
573 /* Whut? We received fds during the auth
574 * protocol? Somebody is playing games with
575 * us. Close them all, and fail */
576 j = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
577 close_many((int*) CMSG_DATA(cmsg), j);
578 return -EIO;
579 } else
580 log_debug("Got unexpected auxiliary data with level=%d and type=%d",
581 cmsg->cmsg_level, cmsg->cmsg_type);
582 }
583
584 r = bus_socket_auth_verify(b);
585 if (r != 0)
586 return r;
587
588 return 1;
589 }
590
591 void bus_socket_setup(sd_bus *b) {
592 assert(b);
593
594 /* Increase the buffers to 8 MB */
595 fd_inc_rcvbuf(b->input_fd, SNDBUF_SIZE);
596 fd_inc_sndbuf(b->output_fd, SNDBUF_SIZE);
597
598 b->message_version = 1;
599 b->message_endian = 0;
600 }
601
602 static void bus_get_peercred(sd_bus *b) {
603 int r;
604
605 assert(b);
606
607 /* Get the peer for socketpair() sockets */
608 b->ucred_valid = getpeercred(b->input_fd, &b->ucred) >= 0;
609
610 /* Get the SELinux context of the peer */
611 if (mac_selinux_use()) {
612 r = getpeersec(b->input_fd, &b->label);
613 if (r < 0 && r != -EOPNOTSUPP)
614 log_debug_errno(r, "Failed to determine peer security context: %m");
615 }
616 }
617
618 static int bus_socket_start_auth_client(sd_bus *b) {
619 size_t l;
620 const char *auth_suffix, *auth_prefix;
621
622 assert(b);
623
624 if (b->anonymous_auth) {
625 auth_prefix = "\0AUTH ANONYMOUS ";
626
627 /* For ANONYMOUS auth we send some arbitrary "trace" string */
628 l = 9;
629 b->auth_buffer = hexmem("anonymous", l);
630 } else {
631 char text[DECIMAL_STR_MAX(uid_t) + 1];
632
633 auth_prefix = "\0AUTH EXTERNAL ";
634
635 xsprintf(text, UID_FMT, geteuid());
636
637 l = strlen(text);
638 b->auth_buffer = hexmem(text, l);
639 }
640
641 if (!b->auth_buffer)
642 return -ENOMEM;
643
644 if (b->hello_flags & KDBUS_HELLO_ACCEPT_FD)
645 auth_suffix = "\r\nNEGOTIATE_UNIX_FD\r\nBEGIN\r\n";
646 else
647 auth_suffix = "\r\nBEGIN\r\n";
648
649 b->auth_iovec[0].iov_base = (void*) auth_prefix;
650 b->auth_iovec[0].iov_len = 1 + strlen(auth_prefix + 1);
651 b->auth_iovec[1].iov_base = (void*) b->auth_buffer;
652 b->auth_iovec[1].iov_len = l * 2;
653 b->auth_iovec[2].iov_base = (void*) auth_suffix;
654 b->auth_iovec[2].iov_len = strlen(auth_suffix);
655
656 return bus_socket_write_auth(b);
657 }
658
659 int bus_socket_start_auth(sd_bus *b) {
660 assert(b);
661
662 bus_get_peercred(b);
663
664 b->state = BUS_AUTHENTICATING;
665 b->auth_timeout = now(CLOCK_MONOTONIC) + BUS_AUTH_TIMEOUT;
666
667 if (sd_is_socket(b->input_fd, AF_UNIX, 0, 0) <= 0)
668 b->hello_flags &= ~KDBUS_HELLO_ACCEPT_FD;
669
670 if (b->output_fd != b->input_fd)
671 if (sd_is_socket(b->output_fd, AF_UNIX, 0, 0) <= 0)
672 b->hello_flags &= ~KDBUS_HELLO_ACCEPT_FD;
673
674 if (b->is_server)
675 return bus_socket_read_auth(b);
676 else
677 return bus_socket_start_auth_client(b);
678 }
679
680 int bus_socket_connect(sd_bus *b) {
681 int r;
682
683 assert(b);
684 assert(b->input_fd < 0);
685 assert(b->output_fd < 0);
686 assert(b->sockaddr.sa.sa_family != AF_UNSPEC);
687
688 b->input_fd = socket(b->sockaddr.sa.sa_family, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
689 if (b->input_fd < 0)
690 return -errno;
691
692 b->output_fd = b->input_fd;
693
694 bus_socket_setup(b);
695
696 r = connect(b->input_fd, &b->sockaddr.sa, b->sockaddr_size);
697 if (r < 0) {
698 if (errno == EINPROGRESS)
699 return 1;
700
701 return -errno;
702 }
703
704 return bus_socket_start_auth(b);
705 }
706
707 int bus_socket_exec(sd_bus *b) {
708 int s[2], r;
709 pid_t pid;
710
711 assert(b);
712 assert(b->input_fd < 0);
713 assert(b->output_fd < 0);
714 assert(b->exec_path);
715
716 r = socketpair(AF_UNIX, SOCK_STREAM|SOCK_NONBLOCK|SOCK_CLOEXEC, 0, s);
717 if (r < 0)
718 return -errno;
719
720 pid = fork();
721 if (pid < 0) {
722 safe_close_pair(s);
723 return -errno;
724 }
725 if (pid == 0) {
726 /* Child */
727
728 (void) reset_all_signal_handlers();
729 (void) reset_signal_mask();
730
731 close_all_fds(s+1, 1);
732
733 assert_se(dup3(s[1], STDIN_FILENO, 0) == STDIN_FILENO);
734 assert_se(dup3(s[1], STDOUT_FILENO, 0) == STDOUT_FILENO);
735
736 if (!IN_SET(s[1], STDIN_FILENO, STDOUT_FILENO))
737 safe_close(s[1]);
738
739 fd_cloexec(STDIN_FILENO, false);
740 fd_cloexec(STDOUT_FILENO, false);
741 fd_nonblock(STDIN_FILENO, false);
742 fd_nonblock(STDOUT_FILENO, false);
743
744 if (b->exec_argv)
745 execvp(b->exec_path, b->exec_argv);
746 else {
747 const char *argv[] = { b->exec_path, NULL };
748 execvp(b->exec_path, (char**) argv);
749 }
750
751 _exit(EXIT_FAILURE);
752 }
753
754 safe_close(s[1]);
755 b->output_fd = b->input_fd = s[0];
756
757 bus_socket_setup(b);
758
759 return bus_socket_start_auth(b);
760 }
761
762 int bus_socket_take_fd(sd_bus *b) {
763 assert(b);
764
765 bus_socket_setup(b);
766
767 return bus_socket_start_auth(b);
768 }
769
770 int bus_socket_write_message(sd_bus *bus, sd_bus_message *m, size_t *idx) {
771 struct iovec *iov;
772 ssize_t k;
773 size_t n;
774 unsigned j;
775 int r;
776
777 assert(bus);
778 assert(m);
779 assert(idx);
780 assert(IN_SET(bus->state, BUS_RUNNING, BUS_HELLO));
781
782 if (*idx >= BUS_MESSAGE_SIZE(m))
783 return 0;
784
785 r = bus_message_setup_iovec(m);
786 if (r < 0)
787 return r;
788
789 n = m->n_iovec * sizeof(struct iovec);
790 iov = alloca(n);
791 memcpy_safe(iov, m->iovec, n);
792
793 j = 0;
794 iovec_advance(iov, &j, *idx);
795
796 if (bus->prefer_writev)
797 k = writev(bus->output_fd, iov, m->n_iovec);
798 else {
799 struct msghdr mh = {
800 .msg_iov = iov,
801 .msg_iovlen = m->n_iovec,
802 };
803
804 if (m->n_fds > 0 && *idx == 0) {
805 struct cmsghdr *control;
806
807 mh.msg_control = control = alloca(CMSG_SPACE(sizeof(int) * m->n_fds));
808 mh.msg_controllen = control->cmsg_len = CMSG_LEN(sizeof(int) * m->n_fds);
809 control->cmsg_level = SOL_SOCKET;
810 control->cmsg_type = SCM_RIGHTS;
811 memcpy(CMSG_DATA(control), m->fds, sizeof(int) * m->n_fds);
812 }
813
814 k = sendmsg(bus->output_fd, &mh, MSG_DONTWAIT|MSG_NOSIGNAL);
815 if (k < 0 && errno == ENOTSOCK) {
816 bus->prefer_writev = true;
817 k = writev(bus->output_fd, iov, m->n_iovec);
818 }
819 }
820
821 if (k < 0)
822 return errno == EAGAIN ? 0 : -errno;
823
824 *idx += (size_t) k;
825 return 1;
826 }
827
828 static int bus_socket_read_message_need(sd_bus *bus, size_t *need) {
829 uint32_t a, b;
830 uint8_t e;
831 uint64_t sum;
832
833 assert(bus);
834 assert(need);
835 assert(IN_SET(bus->state, BUS_RUNNING, BUS_HELLO));
836
837 if (bus->rbuffer_size < sizeof(struct bus_header)) {
838 *need = sizeof(struct bus_header) + 8;
839
840 /* Minimum message size:
841 *
842 * Header +
843 *
844 * Method Call: +2 string headers
845 * Signal: +3 string headers
846 * Method Error: +1 string headers
847 * +1 uint32 headers
848 * Method Reply: +1 uint32 headers
849 *
850 * A string header is at least 9 bytes
851 * A uint32 header is at least 8 bytes
852 *
853 * Hence the minimum message size of a valid message
854 * is header + 8 bytes */
855
856 return 0;
857 }
858
859 a = ((const uint32_t*) bus->rbuffer)[1];
860 b = ((const uint32_t*) bus->rbuffer)[3];
861
862 e = ((const uint8_t*) bus->rbuffer)[0];
863 if (e == BUS_LITTLE_ENDIAN) {
864 a = le32toh(a);
865 b = le32toh(b);
866 } else if (e == BUS_BIG_ENDIAN) {
867 a = be32toh(a);
868 b = be32toh(b);
869 } else
870 return -EBADMSG;
871
872 sum = (uint64_t) sizeof(struct bus_header) + (uint64_t) ALIGN_TO(b, 8) + (uint64_t) a;
873 if (sum >= BUS_MESSAGE_SIZE_MAX)
874 return -ENOBUFS;
875
876 *need = (size_t) sum;
877 return 0;
878 }
879
880 static int bus_socket_make_message(sd_bus *bus, size_t size) {
881 sd_bus_message *t;
882 void *b;
883 int r;
884
885 assert(bus);
886 assert(bus->rbuffer_size >= size);
887 assert(IN_SET(bus->state, BUS_RUNNING, BUS_HELLO));
888
889 r = bus_rqueue_make_room(bus);
890 if (r < 0)
891 return r;
892
893 if (bus->rbuffer_size > size) {
894 b = memdup((const uint8_t*) bus->rbuffer + size,
895 bus->rbuffer_size - size);
896 if (!b)
897 return -ENOMEM;
898 } else
899 b = NULL;
900
901 r = bus_message_from_malloc(bus,
902 bus->rbuffer, size,
903 bus->fds, bus->n_fds,
904 NULL,
905 &t);
906 if (r < 0) {
907 free(b);
908 return r;
909 }
910
911 bus->rbuffer = b;
912 bus->rbuffer_size -= size;
913
914 bus->fds = NULL;
915 bus->n_fds = 0;
916
917 bus->rqueue[bus->rqueue_size++] = t;
918
919 return 1;
920 }
921
922 int bus_socket_read_message(sd_bus *bus) {
923 struct msghdr mh;
924 struct iovec iov = {};
925 ssize_t k;
926 size_t need;
927 int r;
928 void *b;
929 union {
930 struct cmsghdr cmsghdr;
931 uint8_t buf[CMSG_SPACE(sizeof(int) * BUS_FDS_MAX)];
932 } control;
933 bool handle_cmsg = false;
934
935 assert(bus);
936 assert(IN_SET(bus->state, BUS_RUNNING, BUS_HELLO));
937
938 r = bus_socket_read_message_need(bus, &need);
939 if (r < 0)
940 return r;
941
942 if (bus->rbuffer_size >= need)
943 return bus_socket_make_message(bus, need);
944
945 b = realloc(bus->rbuffer, need);
946 if (!b)
947 return -ENOMEM;
948
949 bus->rbuffer = b;
950
951 iov.iov_base = (uint8_t*) bus->rbuffer + bus->rbuffer_size;
952 iov.iov_len = need - bus->rbuffer_size;
953
954 if (bus->prefer_readv)
955 k = readv(bus->input_fd, &iov, 1);
956 else {
957 zero(mh);
958 mh.msg_iov = &iov;
959 mh.msg_iovlen = 1;
960 mh.msg_control = &control;
961 mh.msg_controllen = sizeof(control);
962
963 k = recvmsg(bus->input_fd, &mh, MSG_DONTWAIT|MSG_NOSIGNAL|MSG_CMSG_CLOEXEC);
964 if (k < 0 && errno == ENOTSOCK) {
965 bus->prefer_readv = true;
966 k = readv(bus->input_fd, &iov, 1);
967 } else
968 handle_cmsg = true;
969 }
970 if (k < 0)
971 return errno == EAGAIN ? 0 : -errno;
972 if (k == 0)
973 return -ECONNRESET;
974
975 bus->rbuffer_size += k;
976
977 if (handle_cmsg) {
978 struct cmsghdr *cmsg;
979
980 CMSG_FOREACH(cmsg, &mh)
981 if (cmsg->cmsg_level == SOL_SOCKET &&
982 cmsg->cmsg_type == SCM_RIGHTS) {
983 int n, *f;
984
985 n = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
986
987 if (!bus->can_fds) {
988 /* Whut? We received fds but this
989 * isn't actually enabled? Close them,
990 * and fail */
991
992 close_many((int*) CMSG_DATA(cmsg), n);
993 return -EIO;
994 }
995
996 f = realloc(bus->fds, sizeof(int) * (bus->n_fds + n));
997 if (!f) {
998 close_many((int*) CMSG_DATA(cmsg), n);
999 return -ENOMEM;
1000 }
1001
1002 memcpy_safe(f + bus->n_fds, CMSG_DATA(cmsg), n * sizeof(int));
1003 bus->fds = f;
1004 bus->n_fds += n;
1005 } else
1006 log_debug("Got unexpected auxiliary data with level=%d and type=%d",
1007 cmsg->cmsg_level, cmsg->cmsg_type);
1008 }
1009
1010 r = bus_socket_read_message_need(bus, &need);
1011 if (r < 0)
1012 return r;
1013
1014 if (bus->rbuffer_size >= need)
1015 return bus_socket_make_message(bus, need);
1016
1017 return 1;
1018 }
1019
1020 int bus_socket_process_opening(sd_bus *b) {
1021 int error = 0;
1022 socklen_t slen = sizeof(error);
1023 struct pollfd p = {
1024 .fd = b->output_fd,
1025 .events = POLLOUT,
1026 };
1027 int r;
1028
1029 assert(b->state == BUS_OPENING);
1030
1031 r = poll(&p, 1, 0);
1032 if (r < 0)
1033 return -errno;
1034
1035 if (!(p.revents & (POLLOUT|POLLERR|POLLHUP)))
1036 return 0;
1037
1038 r = getsockopt(b->output_fd, SOL_SOCKET, SO_ERROR, &error, &slen);
1039 if (r < 0)
1040 b->last_connect_error = errno;
1041 else if (error != 0)
1042 b->last_connect_error = error;
1043 else if (p.revents & (POLLERR|POLLHUP))
1044 b->last_connect_error = ECONNREFUSED;
1045 else
1046 return bus_socket_start_auth(b);
1047
1048 return bus_next_address(b);
1049 }
1050
1051 int bus_socket_process_authenticating(sd_bus *b) {
1052 int r;
1053
1054 assert(b);
1055 assert(b->state == BUS_AUTHENTICATING);
1056
1057 if (now(CLOCK_MONOTONIC) >= b->auth_timeout)
1058 return -ETIMEDOUT;
1059
1060 r = bus_socket_write_auth(b);
1061 if (r != 0)
1062 return r;
1063
1064 return bus_socket_read_auth(b);
1065 }
Unnamed repository; edit this file 'description' to name the repository.