Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow SASL UID to be provided via the TransportBuilder #178

Merged
merged 1 commit into from
Jul 22, 2022
Merged

Allow SASL UID to be provided via the TransportBuilder #178

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 4 additions & 2 deletions dbus-java-core/src/main/java/org/freedesktop/dbus/connections/SASL.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.OptionalLong;
import java.util.Random;

import org.freedesktop.dbus.connections.transports.AbstractTransport;
Expand Down Expand Up @@ -422,17 +423,18 @@ public String[] getTypes(int _types) {
* @param _mode mode
* @param _types types
* @param _guid guid
* @param _saslUid SASL UID
* @param _sock socket channel
* @param _transport transport
*
* @return true if the auth was successful and false if it failed.
* @throws IOException on failure
*/
public boolean auth(SaslMode _mode, int _types, String _guid, SocketChannel _sock, AbstractTransport _transport) throws IOException {
public boolean auth(SaslMode _mode, int _types, String _guid, OptionalLong _saslUid, SocketChannel _sock, AbstractTransport _transport) throws IOException {
String luid = null;
String kernelUid = null;

long uid = getUserId();
long uid = _saslUid.orElse(getUserId());
luid = stupidlyEncode("" + uid);

SASL.Command c;
Expand Down
12 changes: 11 additions & 1 deletion dbus-java-core/src/main/java/org/freedesktop/dbus/connections/config/TransportConfig.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
import java.util.LinkedHashSet;
import java.util.Map;
import java.util.Objects;
import java.util.OptionalLong;
import java.util.Set;
import java.util.function.Consumer;

Expand All @@ -29,6 +30,7 @@ public final class TransportConfig {
private int timeout = 10000;
private boolean autoConnect = true;
private SaslAuthMode authMode = null;
private OptionalLong saslUid = OptionalLong.empty();

/** user to set on socket file if this is a server transport (null to do nothing). */
private String fileOwner;
Expand Down Expand Up @@ -94,7 +96,15 @@ public void setTimeout(int _timeout) {
timeout = _timeout;
}

public SaslAuthMode getAuthMode() {
public OptionalLong getSaslUid() {
return saslUid;
}

public void setSaslUid(OptionalLong _saslUid) {
this.saslUid = _saslUid;
}

public SaslAuthMode getAuthMode() {
return authMode;
}

Expand Down
15 changes: 15 additions & 0 deletions ...va-core/src/main/java/org/freedesktop/dbus/connections/config/TransportConfigBuilder.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

import java.nio.file.attribute.PosixFilePermission;
import java.util.Objects;
import java.util.OptionalLong;
import java.util.function.Consumer;
import java.util.function.Supplier;

Expand Down Expand Up @@ -142,6 +143,20 @@ public X withTimeout(int _timeout) {
return self();
}

/**
* Set to UID to present during SASL authentication.
* <p>
* Default is the user of the running JVM process on Unix-like operating systems. On Windows, the default is zero.<br><br>
*
* @param _saslUid UID to set, if -1 is given default is used
*
* @return this
*/
public X withSaslUid(long _saslUid) {
config.setSaslUid(_saslUid == -1 ? OptionalLong.empty() : OptionalLong.of(_saslUid));
return self();
}

/**
* The owner of the socket file if a unix socket is used and this is a server transport.
* <p>
Expand Down
14 changes: 12 additions & 2 deletions ...ava-core/src/main/java/org/freedesktop/dbus/connections/transports/AbstractTransport.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
import java.io.Closeable;
import java.io.IOException;
import java.nio.channels.SocketChannel;
import java.util.OptionalLong;
import java.util.ServiceConfigurationError;
import java.util.ServiceLoader;
import java.util.function.Consumer;
Expand Down Expand Up @@ -34,6 +35,7 @@ public abstract class AbstractTransport implements Closeable {
private final BusAddress address;

private SASL.SaslMode saslMode;
private OptionalLong saslUid;

private int saslAuthMode;
private IMessageReader inputReader;
Expand Down Expand Up @@ -155,7 +157,7 @@ public void setPreConnectCallback(Consumer<AbstractTransport> _run) {
private void authenticate(SocketChannel _sock) throws IOException {
SASL sasl = new SASL(hasFileDescriptorSupport());
try {
if (!sasl.auth(saslMode, saslAuthMode, address.getGuid(), _sock, this)) {
if (!sasl.auth(saslMode, saslAuthMode, address.getGuid(), saslUid, _sock, this)) {
throw new AuthenticationException("Failed to authenticate");
}
} catch (IOException e) {
Expand Down Expand Up @@ -200,7 +202,15 @@ private void setInputOutput(SocketChannel _socket) {

}

protected int getSaslAuthMode() {
protected OptionalLong getSaslUid() {
return saslUid;
}

protected void setSaslUid(OptionalLong saslUid) {
this.saslUid = saslUid;
}

protected int getSaslAuthMode() {
return saslAuthMode;
}

Expand Down
1 change: 1 addition & 0 deletions ...java-core/src/main/java/org/freedesktop/dbus/connections/transports/TransportBuilder.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -324,6 +324,7 @@ public AbstractTransport build() throws DBusException, IOException {
((IFileBasedBusAddress) myBusAddress).updatePermissions(config.getFileOwner(), config.getFileGroup(), config.getFileUnixPermissions());
}

transport.setSaslUid(config.getSaslUid());
transport.setPreConnectCallback(config.getPreConnectCallback());

if (config.isAutoConnect()) {
Expand Down