Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow connecting from clients with different user id #14

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Allow connecting from clients with different user id #14

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion Makefile-docs.am
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
XSLTPROC = xsltproc

XSLTPROC_FLAGS = \
--nonet \
--stringparam man.output.quietly 1 \
--stringparam funcsynopsis.style ansi \
--stringparam man.th.extra1.suppress 1 \
Expand Down
29 changes: 29 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,3 +4,32 @@ xdg-dbus-proxy
xdg-dbus-proxy is a filtering proxy for D-Bus connections. It was originally
part of the flatpak project, but it has been broken out as a standalone module
to facilitate using it in other contexts.

Building
--------

You need to have autotools installed. On Debian, don't forget to install
`autoconf-archive` too.

- Run `./autogen.sh`. It will generate configure script and Makefile
- Run `./configure` (see `./configure --help` for additional options)
- Run `make`
- Run `make install`

To build debug version you can add flags to make, for example:

make -e CFLAGS="-g -O0 -fsanitize=address" LDFLAGS="-fsanitize=address"

Usage example
-------------

Start proxy with:

xdg-dbus-proxy "$DBUS_SESSION_BUS_ADDRESS" /tmp/proxy.socket --log

Test it using:

DBUS_SESSION_BUS_ADDRESS=unix:path=/tmp/proxy.socket dbus-send --session --dest=org.freedesktop.DBus --print-reply /org/freedesktop/DBus org.freedesktop.DBus.ListNames

This will display a list of D-Bus names visible through the proxy. You can
also use programs like D-Feet to examine the bus.
80 changes: 79 additions & 1 deletion dbus-proxy.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@
#include <sys/stat.h>
#include <errno.h>
#include <locale.h>
#include <ctype.h>

#include "flatpak-proxy.h"
// Taken from glibc unistd.h
Expand All @@ -49,7 +50,7 @@ static void usage (int ecode, FILE *out) G_GNUC_NORETURN;
static void
usage (int ecode, FILE *out)
{
fprintf (out, "usage: %s [OPTIONS...] [ADDRESS PATH [OPTIONS...] ...]\n\n", argv0);
fprintf (out, "usage: %s [OPTIONS...] [BUS_ADDRESS LISTEN_SOCKET_PATH [OPTIONS...] ...]\n\n", argv0);

fprintf (out,
"Options:\n"
Expand All @@ -66,6 +67,8 @@ usage (int ecode, FILE *out)
" --own=NAME Set 'own' policy for NAME\n"
" --call=NAME=RULE Set RULE for calls on NAME\n"
" --broadcast=NAME=RULE Set RULE for broadcasts from NAME\n"
" --accept-uids=UID1,UID2,... Accept connections made only by processes with these "
"user ids\n"
);
exit (ecode);
}
Expand Down Expand Up @@ -225,6 +228,66 @@ parse_generic_args (GPtrArray *args, int *args_i)
}
}

#define PIL_ERROR_LENGTH 200
static char pil_error[PIL_ERROR_LENGTH] = "\0";

/**
* Parses a comma-separated list of non-negative integers from
* uids_string (e.g. "1,2,3") info uids array. If anything goes wrong,
* writes an error message into parse_error, otherwise writes NULL to it.
*/
static void
parse_int_list (const gchar *uids_string, GArray *uids, char **parse_error)
{
*parse_error = NULL;
const gchar *ptr = uids_string;
gchar *endptr = NULL;

do {
gint64 number = g_ascii_strtoll(ptr, &endptr, 10);

if (endptr == ptr) {
snprintf(pil_error, PIL_ERROR_LENGTH, "expected a digit, but got character '%c' instead", ptr[0]);
*parse_error = pil_error;
return;
}

if (number < 0) {
snprintf(pil_error, PIL_ERROR_LENGTH, "numbers must be non-negative");
*parse_error = pil_error;
return;
}

if (number <= LONG_MIN || number >= LONG_MAX) {
snprintf(pil_error, PIL_ERROR_LENGTH, "number is too large");
*parse_error = pil_error;
return;
}

ptr = endptr;
gint inserted_number = (gint)number;
g_array_append_val(uids, inserted_number);

while (ptr[0] != '\0') {
char ch = ptr[0];
ptr++;

if (ch == ',') {
break;
}

if (isspace(ch)) {
continue;
}

snprintf(pil_error, PIL_ERROR_LENGTH, "expected space, end of line or comma, but got '%c'", ch);
*parse_error = pil_error;
return;
}

} while (ptr[0] != '\0');
}

static gboolean
start_proxy (GPtrArray *args, int *args_i)
{
Expand Down Expand Up @@ -320,6 +383,21 @@ start_proxy (GPtrArray *args, int *args_i)

*args_i += 1;
}
else if (g_str_has_prefix (arg, "--accept-uids="))
{
g_autofree char *uids_string = g_strdup (strchr (arg, '=') + 1);
g_autoptr(GArray) uids = g_array_new(FALSE, FALSE, sizeof(gint));
char *parse_error = NULL;
parse_int_list(uids_string, uids, &parse_error);
if (parse_error) {
g_printerr ("error while parsing list of integers in argument '%s': %s\n",
arg, parse_error);
return FALSE;
}

flatpak_proxy_set_accepted_uids(proxy, uids);
*args_i += 1;
}
else if (g_str_equal (arg, "--log"))
{
flatpak_proxy_set_log_messages (proxy, TRUE);
Expand Down
Loading