25 #include "dbus-keyring.h" 
   26 #include "dbus-protocol.h" 
   27 #include <dbus/dbus-string.h> 
   28 #include <dbus/dbus-list.h> 
   29 #include <dbus/dbus-sysdeps.h> 
   67 #define NEW_KEY_TIMEOUT_SECONDS     (60*5) 
   73 #define EXPIRE_KEYS_TIMEOUT_SECONDS (NEW_KEY_TIMEOUT_SECONDS + (60*2)) 
   77 #define MAX_TIME_TRAVEL_SECONDS (60*5) 
   83 #ifdef DBUS_ENABLE_EMBEDDED_TESTS 
   84 #define MAX_KEYS_IN_FILE 10 
   86 #define MAX_KEYS_IN_FILE 256 
  123 _dbus_keyring_new (
void)
 
  191 #define MAX_LOCK_TIMEOUTS 32 
  193 #define LOCK_TIMEOUT_MILLISECONDS 250 
  209       _dbus_verbose (
"Did not get lock file, sleeping %d milliseconds (%s)\n",
 
  222       _dbus_verbose (
"Lock file timed out %d times, assuming stale\n",
 
  227           _dbus_verbose (
"Couldn't delete old lock file: %s\n",
 
  236           _dbus_verbose (
"Couldn't create lock file after deleting stale one: %s\n",
 
  269       if (keys[i].
id == 
id)
 
  287   const unsigned char *s;
 
  292   _DBUS_ASSERT_ERROR_IS_CLEAR (error);
 
  310   s = (
const unsigned char*) _dbus_string_get_const_data (&bytes);
 
  312   id = s[0] | (s[1] << 8) | (s[2] << 16) | (s[3] << 24);
 
  317   if (find_key_by_id (keys, n_keys, 
id) != 
NULL)
 
  320       _dbus_verbose (
"Key ID %d already existed, trying another one\n",
 
  325   _dbus_verbose (
"Creating key with ID %d\n", 
id);
 
  327 #define KEY_LENGTH_BYTES 24 
  354   keys[n_keys-1].
id = id;
 
  357                           &keys[n_keys-1].secret,
 
  404   _DBUS_ASSERT_ERROR_IS_CLEAR (error);
 
  431       if (!_dbus_keyring_lock (keyring))
 
  434                           "Could not lock keyring file to add to it");
 
  446       _dbus_verbose (
"Failed to load keyring file: %s\n",
 
  453                                     _dbus_string_get_length (&contents)))
 
  455       _dbus_warn (
"Secret keyring file contains non-ASCII! Ignoring existing contents");
 
  479           _dbus_verbose (
"could not parse secret key ID at start of line\n");
 
  485           _dbus_verbose (
"invalid secret key ID at start of line\n");
 
  495           _dbus_verbose (
"could not parse secret key timestamp\n");
 
  503           _dbus_verbose (
"dropping/ignoring %ld-seconds old key with timestamp %ld as current time is %ld\n",
 
  504                          now - timestamp, timestamp, now);
 
  510       len = _dbus_string_get_length (&line);
 
  512       if ((len - next) == 0)
 
  514           _dbus_verbose (
"no secret key after ID and timestamp\n");
 
  536       keys[n_keys-1].
id = id;
 
  539                                     &keys[n_keys-1].secret, 0))
 
  545       if (_dbus_string_get_length (&line) != end)
 
  547           _dbus_verbose (
"invalid hex encoding in keyring file\n");
 
  554   _dbus_verbose (
"Successfully loaded %d existing keys\n",
 
  559       if (!add_new_key (&keys, &n_keys, error))
 
  561           _dbus_verbose (
"Failed to generate new key: %s\n",
 
  562                          error ? error->
message : 
"(unknown)");
 
  579                                         keys[i].creation_time))
 
  587                                         _dbus_string_get_length (&contents)))
 
  608   keyring->
keys = keys;
 
  617     _dbus_keyring_unlock (keyring);
 
  622       if (error && error->
name)
 
  623         _dbus_verbose (
"error is %s: %s\n", error->
name, error->
message);
 
  624       _dbus_warn (
"returning %d but error pointer %p name %s",
 
  625                   retval, error, error->
name ? error->
name : 
"(none)");
 
  715   _DBUS_ASSERT_ERROR_IS_CLEAR (error);
 
  720                             "Unable to create DBus keyring when setuid");
 
  726   our_credentials = 
NULL;
 
  734   if (credentials != 
NULL)
 
  743   if (our_credentials == 
NULL)
 
  756   keyring = _dbus_keyring_new ();
 
  762   our_credentials = 
NULL; 
 
  770                             "Invalid context in keyring creation");
 
  798   if (!_dbus_keyring_reload (keyring, 
FALSE, &tmp_error))
 
  800       _dbus_verbose (
"didn't load an existing keyring: %s\n",
 
  813       _dbus_verbose (
"Creating keyring directory: %s\n",
 
  851   if (_dbus_string_get_length (context) == 0)
 
  853       _dbus_verbose (
"context is zero-length\n");
 
  858                                     _dbus_string_get_length (context)))
 
  860       _dbus_verbose (
"context not valid ascii\n");
 
  867       _dbus_verbose (
"context contains a slash\n");
 
  873       _dbus_verbose (
"context contains a backslash\n");
 
  882       _dbus_verbose (
"context contains a dot\n");
 
  889       _dbus_verbose (
"context contains a blank\n");
 
  895       _dbus_verbose (
"context contains a newline\n");
 
  901       _dbus_verbose (
"context contains a carriage return\n");
 
  912   long tv_sec, tv_usec;
 
  917   while (i < keyring->n_keys)
 
  921       _dbus_verbose (
"Key %d is %ld seconds old\n",
 
  950   _DBUS_ASSERT_ERROR_IS_CLEAR (error);
 
  952   key = find_recent_key (keyring);
 
  959   if (!_dbus_keyring_reload (keyring, 
TRUE,
 
  963   key = find_recent_key (keyring);
 
  970                             "No recent-enough key found in keyring, and unable to create a new key");
 
 1009   key = find_key_by_id (keyring->
keys,
 
 1017                                   _dbus_string_get_length (hex_key));
 
 1022 #ifdef DBUS_ENABLE_EMBEDDED_TESTS 
 1023 #include "dbus-test.h" 
 1027 _dbus_keyring_test (
void)
 
 1086       fprintf (stderr, 
"Could not load keyring: %s\n", error.
message);
 
 1097       fprintf (stderr, 
"Different number of keys in keyrings\n");
 
 1105   while (i < ring1->n_keys)
 
 1109           fprintf (stderr, 
"Keyring 1 has first key ID %d and keyring 2 has %d\n",
 
 1116           fprintf (stderr, 
"Keyring 1 has first key time %ld and keyring 2 has %ld\n",
 
 1124           fprintf (stderr, 
"Keyrings 1 and 2 have different secrets for same ID/timestamp\n");
 
 1131   printf (
" %d keys in test\n", ring1->
n_keys);
 
  
dbus_bool_t _dbus_keyring_get_hex_key(DBusKeyring *keyring, int key_id, DBusString *hex_key)
Gets the hex-encoded secret key for the given ID.
DBusCredentials * credentials
Credentials containing user the keyring is for.
#define EXPIRE_KEYS_TIMEOUT_SECONDS
The time after which we drop a key from the secrets file.
void * dbus_realloc(void *memory, size_t bytes)
Resizes a block of memory previously allocated by dbus_malloc() or dbus_malloc0().
dbus_bool_t _dbus_concat_dir_and_file(DBusString *dir, const DBusString *next_component)
Appends the given filename to the given directory.
dbus_bool_t _dbus_string_hex_decode(const DBusString *source, int start, int *end_return, DBusString *dest, int insert_at)
Decodes a string from hex encoding.
dbus_int32_t id
identifier used to refer to the key
int n_keys
Number of keys.
dbus_bool_t _dbus_credentials_add_from_current_process(DBusCredentials *credentials)
Adds the credentials of the current process to the passed-in credentials object.
void _dbus_string_free(DBusString *str)
Frees a string created by _dbus_string_init().
dbus_bool_t _dbus_create_file_exclusively(const DBusString *filename, DBusError *error)
Creates the given file, failing if the file already exists.
#define MAX_KEYS_IN_FILE
Maximum number of keys in the keyring before we just ignore the rest.
dbus_bool_t _dbus_string_save_to_file(const DBusString *str, const DBusString *filename, dbus_bool_t world_readable, DBusError *error)
Writes a string out to a file.
DBUS_PRIVATE_EXPORT dbus_bool_t _dbus_string_append_int(DBusString *str, long value)
Appends an integer to a DBusString.
void dbus_set_error_const(DBusError *error, const char *name, const char *message)
Assigns an error name and message to a DBusError.
dbus_bool_t _dbus_keyring_is_for_credentials(DBusKeyring *keyring, DBusCredentials *credentials)
Checks whether the keyring is for the same user as the given credentials.
dbus_bool_t _dbus_credentials_same_user(DBusCredentials *credentials, DBusCredentials *other_credentials)
Check whether the user-identifying credentials in two credentials objects are identical.
dbus_bool_t _dbus_string_copy(const DBusString *source, int start, DBusString *dest, int insert_at)
Like _dbus_string_move(), but does not delete the section of the source string that's copied to the d...
dbus_bool_t _dbus_append_keyring_directory_for_credentials(DBusString *directory, DBusCredentials *credentials)
Appends the directory in which a keyring for the given credentials should be stored.
dbus_bool_t _dbus_file_get_contents(DBusString *str, const DBusString *filename, DBusError *error)
Appends the contents of the given file to the string, returning error code.
DBUS_PRIVATE_EXPORT dbus_bool_t _dbus_string_parse_int(const DBusString *str, int start, long *value_return, int *end_return)
Parses an integer contained in a DBusString.
DBusKey * keys
Keys loaded from the file.
dbus_bool_t _dbus_string_validate_ascii(const DBusString *str, int start, int len)
Checks that the given range of the string is valid ASCII with no nul bytes.
void dbus_error_init(DBusError *error)
Initializes a DBusError structure.
dbus_bool_t _dbus_generate_random_bytes(DBusString *str, int n_bytes, DBusError *error)
Generates the given number of securely random bytes, using the best mechanism we can come up with.
Internals of DBusKeyring.
void _dbus_string_zero(DBusString *str)
Clears all allocated bytes in the string to zero.
DBusCredentials * _dbus_credentials_copy(DBusCredentials *credentials)
Copy a credentials object.
dbus_bool_t _dbus_string_append_byte(DBusString *str, unsigned char byte)
Appends a single byte to the string, returning FALSE if not enough memory.
dbus_bool_t _dbus_string_init(DBusString *str)
Initializes a string.
DBusString filename
Keyring filename.
dbus_bool_t _dbus_string_find(const DBusString *str, int start, const char *substr, int *found)
Finds the given substring in the string, returning TRUE and filling in the byte index where the subst...
#define DBUS_ERROR_FAILED
A generic error; "something went wrong" - see the error message for more.
#define LOCK_TIMEOUT_MILLISECONDS
Length of each timeout while waiting for a lock.
dbus_bool_t _dbus_delete_file(const DBusString *filename, DBusError *error)
Deletes the given file.
void dbus_free(void *memory)
Frees a block of memory previously allocated by dbus_malloc() or dbus_malloc0().
void _dbus_keyring_unref(DBusKeyring *keyring)
Decrements refcount and finalizes if it reaches zero.
void _dbus_sleep_milliseconds(int milliseconds)
Sleeps the given number of milliseconds.
dbus_bool_t _dbus_keyring_validate_context(const DBusString *context)
Checks whether the context is a valid context.
dbus_bool_t _dbus_check_setuid(void)
NOTE: If you modify this function, please also consider making the corresponding change in GLib.
const char * name
public error name field
int _dbus_keyring_get_best_key(DBusKeyring *keyring, DBusError *error)
Gets a recent key to use for authentication.
DBusCredentials * _dbus_credentials_new_from_current_process(void)
Creates a new object with credentials (user ID and process ID) from the current process.
dbus_bool_t _dbus_string_find_blank(const DBusString *str, int start, int *found)
Finds a blank (space or tab) in the string.
#define DBUS_ERROR_NO_MEMORY
There was not enough memory to complete an operation.
dbus_bool_t _dbus_check_dir_is_private_to_user(DBusString *dir, DBusError *error)
Checks to make sure the given directory is private to the user.
dbus_bool_t _dbus_string_pop_line(DBusString *source, DBusString *dest)
Assigns a newline-terminated or \r\n-terminated line from the front of the string to the given dest s...
#define _dbus_assert_not_reached(explanation)
dbus_bool_t _dbus_string_set_length(DBusString *str, int length)
Sets the length of a string.
void _dbus_get_real_time(long *tv_sec, long *tv_usec)
Get current time, as in gettimeofday().
#define _dbus_assert(condition)
void dbus_error_free(DBusError *error)
Frees an error that's been set (or just initialized), then reinitializes the error as in dbus_error_i...
int refcount
Reference count.
void _dbus_warn(const char *format,...)
Prints a warning message to stderr.
#define NEW_KEY_TIMEOUT_SECONDS
The maximum age of a key before we create a new key to use in challenges.
dbus_bool_t _dbus_credentials_are_anonymous(DBusCredentials *credentials)
Checks whether a credentials object contains a user identity.
Object representing an exception.
void _dbus_string_skip_blank(const DBusString *str, int start, int *end)
Skips blanks from start, storing the first non-blank in *end (blank is space or tab).
dbus_bool_t _dbus_string_hex_encode(const DBusString *source, int start, DBusString *dest, int insert_at)
Encodes a string in hex, the way MD5 and SHA-1 are usually encoded.
dbus_bool_t _dbus_ensure_directory(const DBusString *filename, DBusError *error)
Creates a directory; succeeds if the directory is created or already existed.
void dbus_set_error(DBusError *error, const char *name, const char *format,...)
Assigns an error name and message to a DBusError.
DBusKeyring * _dbus_keyring_new_for_credentials(DBusCredentials *credentials, const DBusString *context, DBusError *error)
Creates a new keyring that lives in the ~/.dbus-keyrings directory of the user represented by credent...
void _dbus_credentials_unref(DBusCredentials *credentials)
Decrement refcount on credentials.
#define MAX_LOCK_TIMEOUTS
Maximum number of timeouts waiting for lock before we decide it's stale.
DBusString directory
Directory the below two items are inside.
DBusString secret
the actual key
dbus_bool_t _dbus_string_move(DBusString *source, int start, DBusString *dest, int insert_at)
Moves the end of one string into another string.
const char * message
public error message field
void _dbus_string_init_const(DBusString *str, const char *value)
Initializes a constant string.
#define dbus_new0(type, count)
#define MAX_TIME_TRAVEL_SECONDS
The maximum amount of time a key can be in the future.
DBusKeyring * _dbus_keyring_ref(DBusKeyring *keyring)
Increments reference count of the keyring.
#define DBUS_ERROR_NOT_SUPPORTED
Requested operation isn't supported (like ENOSYS on UNIX).
A single key from the cookie file.
dbus_bool_t _dbus_string_append(DBusString *str, const char *buffer)
Appends a nul-terminated C-style string to a DBusString.
DBusString filename_lock
Name of lockfile.
long creation_time
when the key was generated, as unix timestamp.
dbus_uint32_t dbus_bool_t
dbus_bool_t _dbus_string_equal(const DBusString *a, const DBusString *b)
Tests two DBusString for equality.