]>
git.ipfire.org Git - thirdparty/systemd.git/blob - src/libsystemd/sd-bus/bus-socket.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 This file is part of systemd.
5 Copyright 2013 Lennart Poettering
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
27 #include "sd-daemon.h"
29 #include "alloc-util.h"
30 #include "bus-internal.h"
31 #include "bus-message.h"
32 #include "bus-socket.h"
34 #include "format-util.h"
36 #include "hexdecoct.h"
40 #include "path-util.h"
41 #include "selinux-util.h"
42 #include "signal-util.h"
43 #include "stdio-util.h"
44 #include "string-util.h"
45 #include "user-util.h"
49 #define SNDBUF_SIZE (8*1024*1024)
51 static void iovec_advance(struct iovec iov
[], unsigned *idx
, size_t size
) {
54 struct iovec
*i
= iov
+ *idx
;
56 if (i
->iov_len
> size
) {
57 i
->iov_base
= (uint8_t*) i
->iov_base
+ size
;
71 static int append_iovec(sd_bus_message
*m
, const void *p
, size_t sz
) {
76 m
->iovec
[m
->n_iovec
].iov_base
= (void*) p
;
77 m
->iovec
[m
->n_iovec
].iov_len
= sz
;
83 static int bus_message_setup_iovec(sd_bus_message
*m
) {
84 struct bus_body_part
*part
;
96 n
= 1 + m
->n_body_parts
;
97 if (n
< ELEMENTSOF(m
->iovec_fixed
))
98 m
->iovec
= m
->iovec_fixed
;
100 m
->iovec
= new(struct iovec
, n
);
107 r
= append_iovec(m
, m
->header
, BUS_MESSAGE_BODY_BEGIN(m
));
111 MESSAGE_FOREACH_PART(part
, i
, m
) {
112 r
= bus_body_part_map(part
);
116 r
= append_iovec(m
, part
->data
, part
->size
);
121 assert(n
== m
->n_iovec
);
130 bool bus_socket_auth_needs_write(sd_bus
*b
) {
134 if (b
->auth_index
>= ELEMENTSOF(b
->auth_iovec
))
137 for (i
= b
->auth_index
; i
< ELEMENTSOF(b
->auth_iovec
); i
++) {
138 struct iovec
*j
= b
->auth_iovec
+ i
;
147 static int bus_socket_write_auth(sd_bus
*b
) {
151 assert(b
->state
== BUS_AUTHENTICATING
);
153 if (!bus_socket_auth_needs_write(b
))
156 if (b
->prefer_writev
)
157 k
= writev(b
->output_fd
, b
->auth_iovec
+ b
->auth_index
, ELEMENTSOF(b
->auth_iovec
) - b
->auth_index
);
162 mh
.msg_iov
= b
->auth_iovec
+ b
->auth_index
;
163 mh
.msg_iovlen
= ELEMENTSOF(b
->auth_iovec
) - b
->auth_index
;
165 k
= sendmsg(b
->output_fd
, &mh
, MSG_DONTWAIT
|MSG_NOSIGNAL
);
166 if (k
< 0 && errno
== ENOTSOCK
) {
167 b
->prefer_writev
= true;
168 k
= writev(b
->output_fd
, b
->auth_iovec
+ b
->auth_index
, ELEMENTSOF(b
->auth_iovec
) - b
->auth_index
);
173 return errno
== EAGAIN
? 0 : -errno
;
175 iovec_advance(b
->auth_iovec
, &b
->auth_index
, (size_t) k
);
179 static int bus_socket_auth_verify_client(sd_bus
*b
) {
187 /* We expect two response lines: "OK" and possibly
190 e
= memmem_safe(b
->rbuffer
, b
->rbuffer_size
, "\r\n", 2);
195 f
= memmem(e
+ 2, b
->rbuffer_size
- (e
- (char*) b
->rbuffer
) - 2, "\r\n", 2);
205 /* Nice! We got all the lines we need. First check the OK
208 if (e
- (char*) b
->rbuffer
!= 3 + 32)
211 if (memcmp(b
->rbuffer
, "OK ", 3))
214 b
->auth
= b
->anonymous_auth
? BUS_AUTH_ANONYMOUS
: BUS_AUTH_EXTERNAL
;
216 for (i
= 0; i
< 32; i
+= 2) {
219 x
= unhexchar(((char*) b
->rbuffer
)[3 + i
]);
220 y
= unhexchar(((char*) b
->rbuffer
)[3 + i
+ 1]);
225 peer
.bytes
[i
/2] = ((uint8_t) x
<< 4 | (uint8_t) y
);
228 if (!sd_id128_is_null(b
->server_id
) &&
229 !sd_id128_equal(b
->server_id
, peer
))
234 /* And possibly check the second line, too */
238 (f
- e
== STRLEN("\r\nAGREE_UNIX_FD")) &&
239 memcmp(e
+ 2, "AGREE_UNIX_FD",
240 STRLEN("AGREE_UNIX_FD")) == 0;
242 b
->rbuffer_size
-= (start
- (char*) b
->rbuffer
);
243 memmove(b
->rbuffer
, start
, b
->rbuffer_size
);
245 r
= bus_start_running(b
);
252 static bool line_equals(const char *s
, size_t m
, const char *line
) {
259 return memcmp(s
, line
, l
) == 0;
262 static bool line_begins(const char *s
, size_t m
, const char *word
) {
269 if (memcmp(s
, word
, l
) != 0)
272 return m
== l
|| (m
> l
&& s
[l
] == ' ');
275 static int verify_anonymous_token(sd_bus
*b
, const char *p
, size_t l
) {
276 _cleanup_free_
char *token
= NULL
;
280 if (!b
->anonymous_auth
)
292 r
= unhexmem(p
, l
, (void **) &token
, &len
);
296 if (memchr(token
, 0, len
))
299 return !!utf8_is_valid(token
);
302 static int verify_external_token(sd_bus
*b
, const char *p
, size_t l
) {
303 _cleanup_free_
char *token
= NULL
;
308 /* We don't do any real authentication here. Instead, we if
309 * the owner of this bus wanted authentication he should have
310 * checked SO_PEERCRED before even creating the bus object. */
312 if (!b
->anonymous_auth
&& !b
->ucred_valid
)
324 r
= unhexmem(p
, l
, (void**) &token
, &len
);
328 if (memchr(token
, 0, len
))
331 r
= parse_uid(token
, &u
);
335 /* We ignore the passed value if anonymous authentication is
337 if (!b
->anonymous_auth
&& u
!= b
->ucred
.uid
)
343 static int bus_socket_auth_write(sd_bus
*b
, const char *t
) {
350 /* We only make use of the first iovec */
351 assert(IN_SET(b
->auth_index
, 0, 1));
354 p
= malloc(b
->auth_iovec
[0].iov_len
+ l
);
358 memcpy_safe(p
, b
->auth_iovec
[0].iov_base
, b
->auth_iovec
[0].iov_len
);
359 memcpy(p
+ b
->auth_iovec
[0].iov_len
, t
, l
);
361 b
->auth_iovec
[0].iov_base
= p
;
362 b
->auth_iovec
[0].iov_len
+= l
;
364 free(b
->auth_buffer
);
370 static int bus_socket_auth_write_ok(sd_bus
*b
) {
371 char t
[3 + 32 + 2 + 1];
375 xsprintf(t
, "OK " SD_ID128_FORMAT_STR
"\r\n", SD_ID128_FORMAT_VAL(b
->server_id
));
377 return bus_socket_auth_write(b
, t
);
380 static int bus_socket_auth_verify_server(sd_bus
*b
) {
384 bool processed
= false;
389 if (b
->rbuffer_size
< 1)
392 /* First char must be a NUL byte */
393 if (*(char*) b
->rbuffer
!= 0)
396 if (b
->rbuffer_size
< 3)
399 /* Begin with the first line */
400 if (b
->auth_rbegin
<= 0)
404 /* Check if line is complete */
405 line
= (char*) b
->rbuffer
+ b
->auth_rbegin
;
406 e
= memmem(line
, b
->rbuffer_size
- b
->auth_rbegin
, "\r\n", 2);
412 if (line_begins(line
, l
, "AUTH ANONYMOUS")) {
414 r
= verify_anonymous_token(b
, line
+ 14, l
- 14);
418 r
= bus_socket_auth_write(b
, "REJECTED\r\n");
420 b
->auth
= BUS_AUTH_ANONYMOUS
;
421 r
= bus_socket_auth_write_ok(b
);
424 } else if (line_begins(line
, l
, "AUTH EXTERNAL")) {
426 r
= verify_external_token(b
, line
+ 13, l
- 13);
430 r
= bus_socket_auth_write(b
, "REJECTED\r\n");
432 b
->auth
= BUS_AUTH_EXTERNAL
;
433 r
= bus_socket_auth_write_ok(b
);
436 } else if (line_begins(line
, l
, "AUTH"))
437 r
= bus_socket_auth_write(b
, "REJECTED EXTERNAL ANONYMOUS\r\n");
438 else if (line_equals(line
, l
, "CANCEL") ||
439 line_begins(line
, l
, "ERROR")) {
441 b
->auth
= _BUS_AUTH_INVALID
;
442 r
= bus_socket_auth_write(b
, "REJECTED\r\n");
444 } else if (line_equals(line
, l
, "BEGIN")) {
446 if (b
->auth
== _BUS_AUTH_INVALID
)
447 r
= bus_socket_auth_write(b
, "ERROR\r\n");
449 /* We can't leave from the auth phase
450 * before we haven't written
451 * everything queued, so let's check
454 if (bus_socket_auth_needs_write(b
))
457 b
->rbuffer_size
-= (e
+ 2 - (char*) b
->rbuffer
);
458 memmove(b
->rbuffer
, e
+ 2, b
->rbuffer_size
);
459 return bus_start_running(b
);
462 } else if (line_begins(line
, l
, "DATA")) {
464 if (b
->auth
== _BUS_AUTH_INVALID
)
465 r
= bus_socket_auth_write(b
, "ERROR\r\n");
467 if (b
->auth
== BUS_AUTH_ANONYMOUS
)
468 r
= verify_anonymous_token(b
, line
+ 4, l
- 4);
470 r
= verify_external_token(b
, line
+ 4, l
- 4);
475 b
->auth
= _BUS_AUTH_INVALID
;
476 r
= bus_socket_auth_write(b
, "REJECTED\r\n");
478 r
= bus_socket_auth_write_ok(b
);
480 } else if (line_equals(line
, l
, "NEGOTIATE_UNIX_FD")) {
481 if (b
->auth
== _BUS_AUTH_INVALID
|| !b
->accept_fd
)
482 r
= bus_socket_auth_write(b
, "ERROR\r\n");
485 r
= bus_socket_auth_write(b
, "AGREE_UNIX_FD\r\n");
488 r
= bus_socket_auth_write(b
, "ERROR\r\n");
493 b
->auth_rbegin
= e
+ 2 - (char*) b
->rbuffer
;
499 static int bus_socket_auth_verify(sd_bus
*b
) {
503 return bus_socket_auth_verify_server(b
);
505 return bus_socket_auth_verify_client(b
);
508 static int bus_socket_read_auth(sd_bus
*b
) {
510 struct iovec iov
= {};
516 struct cmsghdr cmsghdr
;
517 uint8_t buf
[CMSG_SPACE(sizeof(int) * BUS_FDS_MAX
)];
519 bool handle_cmsg
= false;
522 assert(b
->state
== BUS_AUTHENTICATING
);
524 r
= bus_socket_auth_verify(b
);
528 n
= MAX(256u, b
->rbuffer_size
* 2);
530 if (n
> BUS_AUTH_SIZE_MAX
)
531 n
= BUS_AUTH_SIZE_MAX
;
533 if (b
->rbuffer_size
>= n
)
536 p
= realloc(b
->rbuffer
, n
);
542 iov
.iov_base
= (uint8_t*) b
->rbuffer
+ b
->rbuffer_size
;
543 iov
.iov_len
= n
- b
->rbuffer_size
;
546 k
= readv(b
->input_fd
, &iov
, 1);
551 mh
.msg_control
= &control
;
552 mh
.msg_controllen
= sizeof(control
);
554 k
= recvmsg(b
->input_fd
, &mh
, MSG_DONTWAIT
|MSG_NOSIGNAL
|MSG_CMSG_CLOEXEC
);
555 if (k
< 0 && errno
== ENOTSOCK
) {
556 b
->prefer_readv
= true;
557 k
= readv(b
->input_fd
, &iov
, 1);
562 return errno
== EAGAIN
? 0 : -errno
;
566 b
->rbuffer_size
+= k
;
569 struct cmsghdr
*cmsg
;
571 CMSG_FOREACH(cmsg
, &mh
)
572 if (cmsg
->cmsg_level
== SOL_SOCKET
&&
573 cmsg
->cmsg_type
== SCM_RIGHTS
) {
576 /* Whut? We received fds during the auth
577 * protocol? Somebody is playing games with
578 * us. Close them all, and fail */
579 j
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
580 close_many((int*) CMSG_DATA(cmsg
), j
);
583 log_debug("Got unexpected auxiliary data with level=%d and type=%d",
584 cmsg
->cmsg_level
, cmsg
->cmsg_type
);
587 r
= bus_socket_auth_verify(b
);
594 void bus_socket_setup(sd_bus
*b
) {
597 /* Increase the buffers to 8 MB */
598 (void) fd_inc_rcvbuf(b
->input_fd
, SNDBUF_SIZE
);
599 (void) fd_inc_sndbuf(b
->output_fd
, SNDBUF_SIZE
);
601 b
->message_version
= 1;
602 b
->message_endian
= 0;
605 static void bus_get_peercred(sd_bus
*b
) {
609 assert(!b
->ucred_valid
);
611 assert(b
->n_groups
== (size_t) -1);
613 /* Get the peer for socketpair() sockets */
614 b
->ucred_valid
= getpeercred(b
->input_fd
, &b
->ucred
) >= 0;
616 /* Get the SELinux context of the peer */
617 r
= getpeersec(b
->input_fd
, &b
->label
);
618 if (r
< 0 && !IN_SET(r
, -EOPNOTSUPP
, -ENOPROTOOPT
))
619 log_debug_errno(r
, "Failed to determine peer security context: %m");
621 /* Get the list of auxiliary groups of the peer */
622 r
= getpeergroups(b
->input_fd
, &b
->groups
);
624 b
->n_groups
= (size_t) r
;
625 else if (!IN_SET(r
, -EOPNOTSUPP
, -ENOPROTOOPT
))
626 log_debug_errno(r
, "Failed to determine peer's group list: %m");
629 static int bus_socket_start_auth_client(sd_bus
*b
) {
631 const char *auth_suffix
, *auth_prefix
;
635 if (b
->anonymous_auth
) {
636 auth_prefix
= "\0AUTH ANONYMOUS ";
638 /* For ANONYMOUS auth we send some arbitrary "trace" string */
640 b
->auth_buffer
= hexmem("anonymous", l
);
642 char text
[DECIMAL_STR_MAX(uid_t
) + 1];
644 auth_prefix
= "\0AUTH EXTERNAL ";
646 xsprintf(text
, UID_FMT
, geteuid());
649 b
->auth_buffer
= hexmem(text
, l
);
656 auth_suffix
= "\r\nNEGOTIATE_UNIX_FD\r\nBEGIN\r\n";
658 auth_suffix
= "\r\nBEGIN\r\n";
660 b
->auth_iovec
[0].iov_base
= (void*) auth_prefix
;
661 b
->auth_iovec
[0].iov_len
= 1 + strlen(auth_prefix
+ 1);
662 b
->auth_iovec
[1].iov_base
= (void*) b
->auth_buffer
;
663 b
->auth_iovec
[1].iov_len
= l
* 2;
664 b
->auth_iovec
[2].iov_base
= (void*) auth_suffix
;
665 b
->auth_iovec
[2].iov_len
= strlen(auth_suffix
);
667 return bus_socket_write_auth(b
);
670 int bus_socket_start_auth(sd_bus
*b
) {
675 bus_set_state(b
, BUS_AUTHENTICATING
);
676 b
->auth_timeout
= now(CLOCK_MONOTONIC
) + BUS_AUTH_TIMEOUT
;
678 if (sd_is_socket(b
->input_fd
, AF_UNIX
, 0, 0) <= 0)
679 b
->accept_fd
= false;
681 if (b
->output_fd
!= b
->input_fd
)
682 if (sd_is_socket(b
->output_fd
, AF_UNIX
, 0, 0) <= 0)
683 b
->accept_fd
= false;
686 return bus_socket_read_auth(b
);
688 return bus_socket_start_auth_client(b
);
691 static int bus_socket_inotify_setup(sd_bus
*b
) {
692 _cleanup_free_
int *new_watches
= NULL
;
693 _cleanup_free_
char *absolute
= NULL
;
694 size_t n_allocated
= 0, n
= 0, done
= 0, i
;
695 unsigned max_follow
= 32;
700 assert(b
->watch_bind
);
701 assert(b
->sockaddr
.sa
.sa_family
== AF_UNIX
);
702 assert(b
->sockaddr
.un
.sun_path
[0] != 0);
704 /* Sets up an inotify fd in case watch_bind is enabled: wait until the configured AF_UNIX file system socket
705 * appears before connecting to it. The implemented is pretty simplistic: we just subscribe to relevant changes
706 * to all prefix components of the path, and every time we get an event for that we try to reconnect again,
707 * without actually caring what precisely the event we got told us. If we still can't connect we re-subscribe
708 * to all relevant changes of anything in the path, so that our watches include any possibly newly created path
711 if (b
->inotify_fd
< 0) {
712 b
->inotify_fd
= inotify_init1(IN_NONBLOCK
|IN_CLOEXEC
);
713 if (b
->inotify_fd
< 0)
717 /* Make sure the path is NUL terminated */
718 p
= strndupa(b
->sockaddr
.un
.sun_path
, sizeof(b
->sockaddr
.un
.sun_path
));
720 /* Make sure the path is absolute */
721 r
= path_make_absolute_cwd(p
, &absolute
);
725 /* Watch all parent directories, and don't mind any prefix that doesn't exist yet. For the innermost directory
726 * that exists we want to know when files are created or moved into it. For all parents of it we just care if
727 * they are removed or renamed. */
729 if (!GREEDY_REALLOC(new_watches
, n_allocated
, n
+ 1)) {
734 /* Start with the top-level directory, which is a bit simpler than the rest, since it can't be a symlink, and
736 wd
= inotify_add_watch(b
->inotify_fd
, "/", IN_CREATE
|IN_MOVED_TO
);
738 r
= log_debug_errno(errno
, "Failed to add inotify watch on /: %m");
741 new_watches
[n
++] = wd
;
744 _cleanup_free_
char *component
= NULL
, *prefix
= NULL
, *destination
= NULL
;
745 size_t n_slashes
, n_component
;
748 n_slashes
= strspn(absolute
+ done
, "/");
749 n_component
= n_slashes
+ strcspn(absolute
+ done
+ n_slashes
, "/");
751 if (n_component
== 0) /* The end */
754 component
= strndup(absolute
+ done
, n_component
);
760 /* A trailing slash? That's a directory, and not a socket then */
761 if (path_equal(component
, "/")) {
766 /* A single dot? Let's eat this up */
767 if (path_equal(component
, "/.")) {
772 prefix
= strndup(absolute
, done
+ n_component
);
778 if (!GREEDY_REALLOC(new_watches
, n_allocated
, n
+ 1)) {
783 wd
= inotify_add_watch(b
->inotify_fd
, prefix
, IN_DELETE_SELF
|IN_MOVE_SELF
|IN_ATTRIB
|IN_CREATE
|IN_MOVED_TO
|IN_DONT_FOLLOW
);
784 log_debug("Added inotify watch for %s on bus %s: %i", prefix
, strna(b
->description
), wd
);
787 if (IN_SET(errno
, ENOENT
, ELOOP
))
788 break; /* This component doesn't exist yet, or the path contains a cyclic symlink right now */
790 r
= log_debug_errno(errno
, "Failed to add inotify watch on %s: %m", isempty(prefix
) ? "/" : prefix
);
793 new_watches
[n
++] = wd
;
795 /* Check if this is possibly a symlink. If so, let's follow it and watch it too. */
796 r
= readlink_malloc(prefix
, &destination
);
797 if (r
== -EINVAL
) { /* not a symlink */
804 if (isempty(destination
)) { /* Empty symlink target? Yuck! */
809 if (max_follow
<= 0) { /* Let's make sure we don't follow symlinks forever */
814 if (path_is_absolute(destination
)) {
815 /* For absolute symlinks we build the new path and start anew */
816 c
= strjoin(destination
, absolute
+ done
+ n_component
);
819 _cleanup_free_
char *t
= NULL
;
821 /* For relative symlinks we replace the last component, and try again */
822 t
= strndup(absolute
, done
);
826 c
= strjoin(t
, "/", destination
, absolute
+ done
+ n_component
);
839 /* And now, let's remove all watches from the previous iteration we don't need anymore */
840 for (i
= 0; i
< b
->n_inotify_watches
; i
++) {
844 for (j
= 0; j
< n
; j
++)
845 if (new_watches
[j
] == b
->inotify_watches
[i
]) {
853 (void) inotify_rm_watch(b
->inotify_fd
, b
->inotify_watches
[i
]);
856 free_and_replace(b
->inotify_watches
, new_watches
);
857 b
->n_inotify_watches
= n
;
862 bus_close_inotify_fd(b
);
866 int bus_socket_connect(sd_bus
*b
) {
867 bool inotify_done
= false;
873 assert(b
->input_fd
< 0);
874 assert(b
->output_fd
< 0);
875 assert(b
->sockaddr
.sa
.sa_family
!= AF_UNSPEC
);
877 b
->input_fd
= socket(b
->sockaddr
.sa
.sa_family
, SOCK_STREAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
881 b
->output_fd
= b
->input_fd
;
884 if (connect(b
->input_fd
, &b
->sockaddr
.sa
, b
->sockaddr_size
) < 0) {
885 if (errno
== EINPROGRESS
) {
887 /* If we have any inotify watches open, close them now, we don't need them anymore, as
888 * we have successfully initiated a connection */
889 bus_close_inotify_fd(b
);
891 /* Note that very likely we are already in BUS_OPENING state here, as we enter it when
892 * we start parsing the address string. The only reason we set the state explicitly
893 * here, is to undo BUS_WATCH_BIND, in case we did the inotify magic. */
894 bus_set_state(b
, BUS_OPENING
);
898 if (IN_SET(errno
, ENOENT
, ECONNREFUSED
) && /* ENOENT → unix socket doesn't exist at all; ECONNREFUSED → unix socket stale */
900 b
->sockaddr
.sa
.sa_family
== AF_UNIX
&&
901 b
->sockaddr
.un
.sun_path
[0] != 0) {
903 /* This connection attempt failed, let's release the socket for now, and start with a
904 * fresh one when reconnecting. */
908 /* inotify set up already, don't do it again, just return now, and remember
909 * that we are waiting for inotify events now. */
910 bus_set_state(b
, BUS_WATCH_BIND
);
914 /* This is a file system socket, and the inotify logic is enabled. Let's create the necessary inotify fd. */
915 r
= bus_socket_inotify_setup(b
);
919 /* Let's now try to connect a second time, because in theory there's otherwise a race
920 * here: the socket might have been created in the time between our first connect() and
921 * the time we set up the inotify logic. But let's remember that we set up inotify now,
922 * so that we don't do the connect() more than twice. */
931 /* Yay, established, we don't need no inotify anymore! */
932 bus_close_inotify_fd(b
);
934 return bus_socket_start_auth(b
);
937 int bus_socket_exec(sd_bus
*b
) {
942 assert(b
->input_fd
< 0);
943 assert(b
->output_fd
< 0);
944 assert(b
->exec_path
);
946 r
= socketpair(AF_UNIX
, SOCK_STREAM
|SOCK_NONBLOCK
|SOCK_CLOEXEC
, 0, s
);
950 r
= safe_fork_full("(sd-busexec)", s
+1, 1, FORK_RESET_SIGNALS
|FORK_CLOSE_ALL_FDS
, &pid
);
958 assert_se(dup3(s
[1], STDIN_FILENO
, 0) == STDIN_FILENO
);
959 assert_se(dup3(s
[1], STDOUT_FILENO
, 0) == STDOUT_FILENO
);
961 if (!IN_SET(s
[1], STDIN_FILENO
, STDOUT_FILENO
))
964 (void) fd_cloexec(STDIN_FILENO
, false);
965 (void) fd_cloexec(STDOUT_FILENO
, false);
966 (void) fd_nonblock(STDIN_FILENO
, false);
967 (void) fd_nonblock(STDOUT_FILENO
, false);
970 execvp(b
->exec_path
, b
->exec_argv
);
972 const char *argv
[] = { b
->exec_path
, NULL
};
973 execvp(b
->exec_path
, (char**) argv
);
980 b
->output_fd
= b
->input_fd
= s
[0];
984 return bus_socket_start_auth(b
);
987 int bus_socket_take_fd(sd_bus
*b
) {
992 return bus_socket_start_auth(b
);
995 int bus_socket_write_message(sd_bus
*bus
, sd_bus_message
*m
, size_t *idx
) {
1005 assert(IN_SET(bus
->state
, BUS_RUNNING
, BUS_HELLO
));
1007 if (*idx
>= BUS_MESSAGE_SIZE(m
))
1010 r
= bus_message_setup_iovec(m
);
1014 n
= m
->n_iovec
* sizeof(struct iovec
);
1016 memcpy_safe(iov
, m
->iovec
, n
);
1019 iovec_advance(iov
, &j
, *idx
);
1021 if (bus
->prefer_writev
)
1022 k
= writev(bus
->output_fd
, iov
, m
->n_iovec
);
1024 struct msghdr mh
= {
1026 .msg_iovlen
= m
->n_iovec
,
1029 if (m
->n_fds
> 0 && *idx
== 0) {
1030 struct cmsghdr
*control
;
1032 mh
.msg_control
= control
= alloca(CMSG_SPACE(sizeof(int) * m
->n_fds
));
1033 mh
.msg_controllen
= control
->cmsg_len
= CMSG_LEN(sizeof(int) * m
->n_fds
);
1034 control
->cmsg_level
= SOL_SOCKET
;
1035 control
->cmsg_type
= SCM_RIGHTS
;
1036 memcpy(CMSG_DATA(control
), m
->fds
, sizeof(int) * m
->n_fds
);
1039 k
= sendmsg(bus
->output_fd
, &mh
, MSG_DONTWAIT
|MSG_NOSIGNAL
);
1040 if (k
< 0 && errno
== ENOTSOCK
) {
1041 bus
->prefer_writev
= true;
1042 k
= writev(bus
->output_fd
, iov
, m
->n_iovec
);
1047 return errno
== EAGAIN
? 0 : -errno
;
1053 static int bus_socket_read_message_need(sd_bus
*bus
, size_t *need
) {
1060 assert(IN_SET(bus
->state
, BUS_RUNNING
, BUS_HELLO
));
1062 if (bus
->rbuffer_size
< sizeof(struct bus_header
)) {
1063 *need
= sizeof(struct bus_header
) + 8;
1065 /* Minimum message size:
1069 * Method Call: +2 string headers
1070 * Signal: +3 string headers
1071 * Method Error: +1 string headers
1073 * Method Reply: +1 uint32 headers
1075 * A string header is at least 9 bytes
1076 * A uint32 header is at least 8 bytes
1078 * Hence the minimum message size of a valid message
1079 * is header + 8 bytes */
1084 a
= ((const uint32_t*) bus
->rbuffer
)[1];
1085 b
= ((const uint32_t*) bus
->rbuffer
)[3];
1087 e
= ((const uint8_t*) bus
->rbuffer
)[0];
1088 if (e
== BUS_LITTLE_ENDIAN
) {
1091 } else if (e
== BUS_BIG_ENDIAN
) {
1097 sum
= (uint64_t) sizeof(struct bus_header
) + (uint64_t) ALIGN_TO(b
, 8) + (uint64_t) a
;
1098 if (sum
>= BUS_MESSAGE_SIZE_MAX
)
1101 *need
= (size_t) sum
;
1105 static int bus_socket_make_message(sd_bus
*bus
, size_t size
) {
1111 assert(bus
->rbuffer_size
>= size
);
1112 assert(IN_SET(bus
->state
, BUS_RUNNING
, BUS_HELLO
));
1114 r
= bus_rqueue_make_room(bus
);
1118 if (bus
->rbuffer_size
> size
) {
1119 b
= memdup((const uint8_t*) bus
->rbuffer
+ size
,
1120 bus
->rbuffer_size
- size
);
1126 r
= bus_message_from_malloc(bus
,
1128 bus
->fds
, bus
->n_fds
,
1137 bus
->rbuffer_size
-= size
;
1142 bus
->rqueue
[bus
->rqueue_size
++] = t
;
1147 int bus_socket_read_message(sd_bus
*bus
) {
1149 struct iovec iov
= {};
1155 struct cmsghdr cmsghdr
;
1156 uint8_t buf
[CMSG_SPACE(sizeof(int) * BUS_FDS_MAX
)];
1158 bool handle_cmsg
= false;
1161 assert(IN_SET(bus
->state
, BUS_RUNNING
, BUS_HELLO
));
1163 r
= bus_socket_read_message_need(bus
, &need
);
1167 if (bus
->rbuffer_size
>= need
)
1168 return bus_socket_make_message(bus
, need
);
1170 b
= realloc(bus
->rbuffer
, need
);
1176 iov
.iov_base
= (uint8_t*) bus
->rbuffer
+ bus
->rbuffer_size
;
1177 iov
.iov_len
= need
- bus
->rbuffer_size
;
1179 if (bus
->prefer_readv
)
1180 k
= readv(bus
->input_fd
, &iov
, 1);
1185 mh
.msg_control
= &control
;
1186 mh
.msg_controllen
= sizeof(control
);
1188 k
= recvmsg(bus
->input_fd
, &mh
, MSG_DONTWAIT
|MSG_NOSIGNAL
|MSG_CMSG_CLOEXEC
);
1189 if (k
< 0 && errno
== ENOTSOCK
) {
1190 bus
->prefer_readv
= true;
1191 k
= readv(bus
->input_fd
, &iov
, 1);
1196 return errno
== EAGAIN
? 0 : -errno
;
1200 bus
->rbuffer_size
+= k
;
1203 struct cmsghdr
*cmsg
;
1205 CMSG_FOREACH(cmsg
, &mh
)
1206 if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1207 cmsg
->cmsg_type
== SCM_RIGHTS
) {
1210 n
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
1212 if (!bus
->can_fds
) {
1213 /* Whut? We received fds but this
1214 * isn't actually enabled? Close them,
1217 close_many((int*) CMSG_DATA(cmsg
), n
);
1221 f
= realloc(bus
->fds
, sizeof(int) * (bus
->n_fds
+ n
));
1223 close_many((int*) CMSG_DATA(cmsg
), n
);
1227 memcpy_safe(f
+ bus
->n_fds
, CMSG_DATA(cmsg
), n
* sizeof(int));
1231 log_debug("Got unexpected auxiliary data with level=%d and type=%d",
1232 cmsg
->cmsg_level
, cmsg
->cmsg_type
);
1235 r
= bus_socket_read_message_need(bus
, &need
);
1239 if (bus
->rbuffer_size
>= need
)
1240 return bus_socket_make_message(bus
, need
);
1245 int bus_socket_process_opening(sd_bus
*b
) {
1247 socklen_t slen
= sizeof(error
);
1254 assert(b
->state
== BUS_OPENING
);
1260 if (!(p
.revents
& (POLLOUT
|POLLERR
|POLLHUP
)))
1263 r
= getsockopt(b
->output_fd
, SOL_SOCKET
, SO_ERROR
, &error
, &slen
);
1265 b
->last_connect_error
= errno
;
1266 else if (error
!= 0)
1267 b
->last_connect_error
= error
;
1268 else if (p
.revents
& (POLLERR
|POLLHUP
))
1269 b
->last_connect_error
= ECONNREFUSED
;
1271 return bus_socket_start_auth(b
);
1273 return bus_next_address(b
);
1276 int bus_socket_process_authenticating(sd_bus
*b
) {
1280 assert(b
->state
== BUS_AUTHENTICATING
);
1282 if (now(CLOCK_MONOTONIC
) >= b
->auth_timeout
)
1285 r
= bus_socket_write_auth(b
);
1289 return bus_socket_read_auth(b
);
1292 int bus_socket_process_watch_bind(sd_bus
*b
) {
1296 assert(b
->state
== BUS_WATCH_BIND
);
1297 assert(b
->inotify_fd
>= 0);
1299 r
= flush_fd(b
->inotify_fd
);
1303 log_debug("Got inotify event on bus %s.", strna(b
->description
));
1305 /* We flushed events out of the inotify fd. In that case, maybe the socket is valid now? Let's try to connect
1308 r
= bus_socket_connect(b
);
1312 q
= bus_attach_io_events(b
);
1316 q
= bus_attach_inotify_event(b
);