sd-varlink: add flag for sd_varlink_server for creating connections with fd passing...

Let's add a simple flag that enables fd passing for all connections of a
server. It's much easier to use this than to install a connect handler
which manually enables this for each connection.

diff --git a/src/libsystemd/sd-varlink/sd-varlink.c b/src/libsystemd/sd-varlink/sd-varlink.c
index 46dd3a62df3ebd9215d360214ed26e006009eb17..9e8f2a66f8b0fae68e0ef7201145b94ae67db857 100644 (file)
--- a/src/libsystemd/sd-varlink/sd-varlink.c
+++ b/src/libsystemd/sd-varlink/sd-varlink.c
@@ -3259,7 +3259,13 @@ _public_ int sd_varlink_server_new(sd_varlink_server **ret, sd_varlink_server_fl
         int r;
 
         assert_return(ret, -EINVAL);
-        assert_return((flags & ~(SD_VARLINK_SERVER_ROOT_ONLY|SD_VARLINK_SERVER_MYSELF_ONLY|SD_VARLINK_SERVER_ACCOUNT_UID|SD_VARLINK_SERVER_INHERIT_USERDATA|SD_VARLINK_SERVER_INPUT_SENSITIVE)) == 0, -EINVAL);
+        assert_return((flags & ~(SD_VARLINK_SERVER_ROOT_ONLY|
+                                 SD_VARLINK_SERVER_MYSELF_ONLY|
+                                 SD_VARLINK_SERVER_ACCOUNT_UID|
+                                 SD_VARLINK_SERVER_INHERIT_USERDATA|
+                                 SD_VARLINK_SERVER_INPUT_SENSITIVE|
+                                 SD_VARLINK_SERVER_ALLOW_FD_PASSING_INPUT|
+                                 SD_VARLINK_SERVER_ALLOW_FD_PASSING_OUTPUT)) == 0, -EINVAL);
 
         s = new(sd_varlink_server, 1);
         if (!s)
@@ -3469,6 +3475,9 @@ _public_ int sd_varlink_server_add_connection_pair(
         if (asprintf(&desc, "%s-%i-%i", varlink_server_description(server), input_fd, output_fd) >= 0)
                 v->description = TAKE_PTR(desc);
 
+        (void) sd_varlink_set_allow_fd_passing_input(v, FLAGS_SET(server->flags, SD_VARLINK_SERVER_ALLOW_FD_PASSING_INPUT));
+        (void) sd_varlink_set_allow_fd_passing_output(v, FLAGS_SET(server->flags, SD_VARLINK_SERVER_ALLOW_FD_PASSING_OUTPUT));
+
         /* Link up the server and the connection, and take reference in both directions. Note that the
          * reference on the connection is left dangling. It will be dropped when the connection is closed,
          * which happens in varlink_close(), including in the event loop quit callback. */

diff --git a/src/systemd/sd-varlink.h b/src/systemd/sd-varlink.h
index 6329c4ee6a8c2d338e7db7cb263a43ca0fa0aa7c..03509163d326b6aa9c5fd9a91a817af3377491d3 100644 (file)
--- a/src/systemd/sd-varlink.h
+++ b/src/systemd/sd-varlink.h
@@ -65,11 +65,13 @@ __extension__ typedef enum _SD_ENUM_TYPE_S64(sd_varlink_method_flags_t) {
 } sd_varlink_method_flags_t;
 
 __extension__ typedef enum _SD_ENUM_TYPE_S64(sd_varlink_server_flags_t) {
-        SD_VARLINK_SERVER_ROOT_ONLY        = 1 << 0, /* Only accessible by root */
-        SD_VARLINK_SERVER_MYSELF_ONLY      = 1 << 1, /* Only accessible by our own UID */
-        SD_VARLINK_SERVER_ACCOUNT_UID      = 1 << 2, /* Do per user accounting */
-        SD_VARLINK_SERVER_INHERIT_USERDATA = 1 << 3, /* Initialize Varlink connection userdata from sd_varlink_server userdata */
-        SD_VARLINK_SERVER_INPUT_SENSITIVE  = 1 << 4, /* Automatically mark all connection input as sensitive */
+        SD_VARLINK_SERVER_ROOT_ONLY               = 1 << 0, /* Only accessible by root */
+        SD_VARLINK_SERVER_MYSELF_ONLY             = 1 << 1, /* Only accessible by our own UID */
+        SD_VARLINK_SERVER_ACCOUNT_UID             = 1 << 2, /* Do per user accounting */
+        SD_VARLINK_SERVER_INHERIT_USERDATA        = 1 << 3, /* Initialize Varlink connection userdata from sd_varlink_server userdata */
+        SD_VARLINK_SERVER_INPUT_SENSITIVE         = 1 << 4, /* Automatically mark all connection input as sensitive */
+        SD_VARLINK_SERVER_ALLOW_FD_PASSING_INPUT  = 1 << 5, /* Allow receiving fds over all connections */
+        SD_VARLINK_SERVER_ALLOW_FD_PASSING_OUTPUT = 1 << 6, /* Allow sending fds over all connections */
         _SD_ENUM_FORCE_S64(SD_VARLINK_SERVER)
 } sd_varlink_server_flags_t;