[glib/wip/smcv/gdbus-cross-namespace: 2/2] gdbus: Allow cross-namespace connections to Linux session and system buses

From: Simon McVittie <smcv src gnome org>
To: commits-list gnome org
Cc:
Subject: [glib/wip/smcv/gdbus-cross-namespace: 2/2] gdbus: Allow cross-namespace connections to Linux session and system buses
Date: Sun, 24 Jul 2022 12:42:14 +0000 (UTC)

commit 559688fb0ea52d864300cdb9ec059997187495a6
Author: Simon McVittie <smcv collabora com>
Date:   Sun Jul 24 13:36:50 2022 +0100

    gdbus: Allow cross-namespace connections to Linux session and system buses
    
    The dominant implementations of the well-known session and system
    message buses are the reference implementation from the dbus project
    (dbus-daemon) and the sd-bus-based reimplementation dbus-broker, both
    of which have correct implementations for EXTERNAL authentication with
    an unspecified authorization identity.
    
    This makes it reasonably safe to assume that the well-known message
    buses can cope with the unspecified authorization identity, even if we
    cannot make the same assumption for custom servers such as the ones
    used in ibus and gvfs (which might have been started with an older
    GLib version before upgrading GLib in-place).
    
    Signed-off-by: Simon McVittie <smcv collabora com>

 gio/gdbusauth.c              | 4 ++--
 gio/gdbusauthmechanism.c     | 6 ++++--
 gio/gdbusauthmechanismsha1.c | 2 ++
 gio/gdbusconnection.c        | 3 +++
 4 files changed, 11 insertions(+), 4 deletions(-)
---
diff --git a/gio/gdbusauth.c b/gio/gdbusauth.c
index eadecb50dc..6710368052 100644
--- a/gio/gdbusauth.c
+++ b/gio/gdbusauth.c
@@ -577,8 +577,8 @@ _g_dbus_auth_run_client (GDBusAuth     *auth,
   ClientState state;
   GDBusCapabilityFlags negotiated_capabilities;
 
-  g_return_val_if_fail ((connection->flags & G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_CLIENT), NULL);
-  g_return_val_if_fail (!(connection->flags & G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_SERVER), NULL);
+  g_return_val_if_fail ((conn_flags & G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_CLIENT), NULL);
+  g_return_val_if_fail (!(conn_flags & G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_SERVER), NULL);
 
   debug_print ("CLIENT: initiating");
 
diff --git a/gio/gdbusauthmechanism.c b/gio/gdbusauthmechanism.c
index 38d7210e5d..6e494dbd9e 100644
--- a/gio/gdbusauthmechanism.c
+++ b/gio/gdbusauthmechanism.c
@@ -301,11 +301,13 @@ _g_dbus_auth_mechanism_client_get_state (GDBusAuthMechanism *mechanism)
 }
 
 gchar *
-_g_dbus_auth_mechanism_client_initiate (GDBusAuthMechanism *mechanism,
-                                        gsize              *out_initial_response_len)
+_g_dbus_auth_mechanism_client_initiate (GDBusAuthMechanism   *mechanism,
+                                        GDBusConnectionFlags  conn_flags,
+                                        gsize                *out_initial_response_len)
 {
   g_return_val_if_fail (G_IS_DBUS_AUTH_MECHANISM (mechanism), NULL);
   return G_DBUS_AUTH_MECHANISM_GET_CLASS (mechanism)->client_initiate (mechanism,
+                                                                       conn_flags,
                                                                        out_initial_response_len);
 }
 
diff --git a/gio/gdbusauthmechanismsha1.c b/gio/gdbusauthmechanismsha1.c
index a11c9f38da..fb6488a2a2 100644
--- a/gio/gdbusauthmechanismsha1.c
+++ b/gio/gdbusauthmechanismsha1.c
@@ -119,6 +119,7 @@ static gchar                   *mechanism_server_get_reject_reason  (GDBusAuthMe
 static void                     mechanism_server_shutdown           (GDBusAuthMechanism   *mechanism);
 static GDBusAuthMechanismState  mechanism_client_get_state          (GDBusAuthMechanism   *mechanism);
 static gchar                   *mechanism_client_initiate           (GDBusAuthMechanism   *mechanism,
+                                                                     GDBusConnectionFlags  conn_flags,
                                                                      gsize                
*out_initial_response_len);
 static void                     mechanism_client_data_receive       (GDBusAuthMechanism   *mechanism,
                                                                      const gchar          *data,
@@ -1160,6 +1161,7 @@ mechanism_client_get_state (GDBusAuthMechanism   *mechanism)
 
 static gchar *
 mechanism_client_initiate (GDBusAuthMechanism   *mechanism,
+                           GDBusConnectionFlags  conn_flags,
                            gsize                *out_initial_response_len)
 {
   GDBusAuthMechanismSha1 *m = G_DBUS_AUTH_MECHANISM_SHA1 (mechanism);
diff --git a/gio/gdbusconnection.c b/gio/gdbusconnection.c
index 454f216bd5..663cd95abd 100644
--- a/gio/gdbusconnection.c
+++ b/gio/gdbusconnection.c
@@ -7369,6 +7369,9 @@ get_uninitialized_connection (GBusType       bus_type,
       ret = g_object_new (G_TYPE_DBUS_CONNECTION,
                           "address", address,
                           "flags", G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_CLIENT |
+#ifdef __linux__
+                                   G_DBUS_CONNECTION_FLAGS_CROSS_NAMESPACE |
+#endif
                                    G_DBUS_CONNECTION_FLAGS_MESSAGE_BUS_CONNECTION,
                           "exit-on-close", TRUE,
                           NULL);
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]