diff options
author | David Zeuthen <davidz@redhat.com> | 2010-05-05 16:01:35 -0400 |
---|---|---|
committer | David Zeuthen <davidz@redhat.com> | 2010-05-05 16:01:35 -0400 |
commit | 7e2610fb01367ce66af6cd0b5ae48be0413ec0a5 (patch) | |
tree | cc66474fd0693bd198345807fad3793aeb5c58f7 | |
parent | 7f018da4442d323bf6fe571f88fab2de5566e737 (diff) |
Add (de/)serialization methods to GCredentials
... and use this in the debug output a'la
GDBus-debug:Auth: SERVER: initiating
GDBus-debug:Auth: CLIENT: sent credentials `GCredentials:unix-user=500,unix-group=500,unix-process=17428'
GDBus-debug:Auth: SERVER: received credentials `GCredentials:unix-user=500,unix-group=500,unix-process=17428'
-rw-r--r-- | docs/reference/gdbus/gdbus-standalone-sections.txt | 2 | ||||
-rw-r--r-- | gdbus/gcredentials.c | 89 | ||||
-rw-r--r-- | gdbus/gcredentials.h | 3 | ||||
-rw-r--r-- | gdbus/gdbusauth.c | 26 |
4 files changed, 116 insertions, 4 deletions
diff --git a/docs/reference/gdbus/gdbus-standalone-sections.txt b/docs/reference/gdbus/gdbus-standalone-sections.txt index 1f3865e..4eac680 100644 --- a/docs/reference/gdbus/gdbus-standalone-sections.txt +++ b/docs/reference/gdbus/gdbus-standalone-sections.txt @@ -27,6 +27,8 @@ GCredentialsClass GCredentialType g_credentials_new g_credentials_new_for_process +g_credentials_new_for_string +g_credentials_to_string g_credentials_has_unix_user g_credentials_get_unix_user g_credentials_set_unix_user diff --git a/gdbus/gcredentials.c b/gdbus/gcredentials.c index 73ada53..c926ee9 100644 --- a/gdbus/gcredentials.c +++ b/gdbus/gcredentials.c @@ -148,6 +148,95 @@ g_credentials_new_for_process (void) /* ---------------------------------------------------------------------------------------------------- */ /** + * g_credentials_new_for_string: + * @str: A string returned from g_credentials_to_string(). + * @error: Return location for error. + * + * Constructs a #GCredentials instance from @str. + * + * Returns: A #GCredentials or %NULL if @error is set. The return + * object must be freed with g_object_unref(). + */ +GCredentials * +g_credentials_new_for_string (const gchar *str, + GError **error) +{ + GCredentials *credentials; + gchar **tokens; + guint n; + + g_return_val_if_fail (str != NULL, NULL); + g_return_val_if_fail (error == NULL || *error == NULL, NULL); + + tokens = NULL; + credentials = g_credentials_new (); + + if (!g_str_has_prefix (str, "GCredentials:")) + goto fail; + + tokens = g_strsplit (str + sizeof "GCredentials:" - 1, ",", 0); + for (n = 0; tokens[n] != NULL; n++) + { + const gchar *token = tokens[n]; + if (g_str_has_prefix (token, "unix-user:")) + g_credentials_set_unix_user (credentials, atoi (token + sizeof ("unix-user:") - 1)); + else if (g_str_has_prefix (token, "unix-group:")) + g_credentials_set_unix_group (credentials, atoi (token + sizeof ("unix-group:") - 1)); + else if (g_str_has_prefix (token, "unix-process:")) + g_credentials_set_unix_process (credentials, atoi (token + sizeof ("unix-process:") - 1)); + else if (g_str_has_prefix (token, "windows-user:")) + g_credentials_set_windows_user (credentials, token + sizeof ("windows-user:")); + else + goto fail; + } + g_strfreev (tokens); + return credentials; + + fail: + g_set_error (error, + G_IO_ERROR, + G_IO_ERROR_FAILED, + _("The string `%s' is not a valid credentials string"), + str); + g_object_unref (credentials); + g_strfreev (tokens); + return NULL; +} + +/** + * g_credentials_to_string: + * @credentials: A #GCredentials object. + * + * Serializes @credentials to a string that can be used with + * g_credentials_new_for_string(). + * + * Returns: A string that should be freed with g_free(). + */ +gchar * +g_credentials_to_string (GCredentials *credentials) +{ + GString *ret; + + g_return_val_if_fail (G_IS_CREDENTIALS (credentials), NULL); + + ret = g_string_new ("GCredentials:"); + if (credentials->priv->unix_user != -1) + g_string_append_printf (ret, "unix-user=%" G_GINT64_FORMAT ",", credentials->priv->unix_user); + if (credentials->priv->unix_group != -1) + g_string_append_printf (ret, "unix-group=%" G_GINT64_FORMAT ",", credentials->priv->unix_group); + if (credentials->priv->unix_process != -1) + g_string_append_printf (ret, "unix-process=%" G_GINT64_FORMAT ",", credentials->priv->unix_process); + if (credentials->priv->windows_user != NULL) + g_string_append_printf (ret, "windows-user=%s,", credentials->priv->windows_user); + if (ret->str[ret->len - 1] == ',') + ret->str[ret->len - 1] = '\0'; + + return g_string_free (ret, FALSE); +} + +/* ---------------------------------------------------------------------------------------------------- */ + +/** * g_credentials_has_unix_user: * @credentials: A #GCredentials. * diff --git a/gdbus/gcredentials.h b/gdbus/gcredentials.h index d9191ca..2da1904 100644 --- a/gdbus/gcredentials.h +++ b/gdbus/gcredentials.h @@ -79,6 +79,9 @@ GType g_credentials_get_type (void) G_GNUC_CONST; GCredentials *g_credentials_new (void); GCredentials *g_credentials_new_for_process (void); +GCredentials *g_credentials_new_for_string (const gchar *str, + GError **error); +gchar *g_credentials_to_string (GCredentials *credentials); gboolean g_credentials_has_unix_user (GCredentials *credentials); gint64 g_credentials_get_unix_user (GCredentials *credentials); diff --git a/gdbus/gdbusauth.c b/gdbus/gdbusauth.c index 9b4c1be..7129aea 100644 --- a/gdbus/gdbusauth.c +++ b/gdbus/gdbusauth.c @@ -816,9 +816,18 @@ _g_dbus_auth_run_client (GDBusAuth *auth, #endif if (credentials != NULL) - debug_print ("CLIENT: sent credentials"); + { + if (G_UNLIKELY (_g_dbus_debug_authentication ())) + { + s = g_credentials_to_string (credentials); + debug_print ("CLIENT: sent credentials `%s'", s); + g_free (s); + } + } else - debug_print ("CLIENT: didn't send any credentials"); + { + debug_print ("CLIENT: didn't send any credentials"); + } /* TODO: to reduce rountrips, try to pick an auth mechanism to start with */ @@ -1186,9 +1195,18 @@ _g_dbus_auth_run_server (GDBusAuth *auth, } #endif if (credentials != NULL) - debug_print ("SERVER: received credentials"); + { + if (G_UNLIKELY (_g_dbus_debug_authentication ())) + { + s = g_credentials_to_string (credentials); + debug_print ("SERVER: received credentials `%s'", s); + g_free (s); + } + } else - debug_print ("SERVER: didn't receive any credentials"); + { + debug_print ("SERVER: didn't receive any credentials"); + } state = SERVER_STATE_WAITING_FOR_AUTH; while (TRUE) |