Unix FD Passing

Lennart Poettering mzqohf at 0pointer.de
Sat Apr 25 07:15:29 PDT 2009 

On Sat, 25.04.09 09:29, Havoc Pennington (havoc.pennington at gmail.com) wrote:

> 
> Hi,
> 
> On Fri, Apr 24, 2009 at 7:13 PM, Thiago Macieira <thiago at kde.org> wrote:
> > Em Sexta-feira 24 Abril 2009, às 18:55:16, Lennart Poettering escreveu:
> >> This also includes simple negotiation for unix fd passing: the auth
> >> protocol is extended a bit. Two new commands have been introduced. If
> >> a clients can do and wants to do fd passing it will send
> >> NEGOTIATE-UNIX-FD after the authentication was sucessful, before
> >> sending BEGIN. The server then responds with ERROR if it cannot or
> >> doesn't want to do fd passing. Otherwise it will respond with
> >> AGREE-UNIX-FD and both sides enable their fd passing code.
> >
> > Brilliant solution! Why didn't we think of that before?
> 
> We did didn't we? This is what the spec suggests for negotiating extensions:
> 
> http://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-handling-invalid
> "In the authentication protocol (see the section called
> “Authentication Protocol”) unknown commands result in an ERROR rather
> than a disconnect. This enables future extensions to the protocol."

I mean, if you read the spec, you'll find a part with the title:
"Invalid Protocol and Spec Extensions". And just did what is suggested
there. That's all.

> Of course, Lennart is the only person to actually _do_ it ;-) which rocks.
> 
> Lennart, spec says "Each line begins with an all-caps ASCII command
> name containing only the character range [A-Z_]" so maybe s/-/_/

Ok. I'll fix it.

> (sorry for the totally minor comment, I haven't read actual patches
> yet, just happen to be looking at that spec bit and above-quoted bit
> of your email)
> 
> Should we generalize things a bit, so we could have:
> NEGOTIATE UNIX_FD FOO BAR
> AGREE UNIX_FD BAR
> 
> i.e. here FOO was not agreed to. Idea is just one round-trip to get
> the complete feature intersection.

I thought about this and decided that this wouldn't be that much
better. The reason is that I think that when doing negotiation not all
features you might ask for are actually independant of each
other. i.e. you might want to ask for extension FOO1_2 and only when
that fails for extension FOO1_1 if you understand what I
mean. Expressing such a logic with a single multi-extension generic
"NEGOTIATE" line wouldn't work -- unless of course we allow multiple
multi-extension NEGOTIATE lines -- and if we do *that* then we could
just do everything seperately anyway like my patch does.

Also, a client could just send three commands at once:
NEGOTIATE_UNIX_FD\r\nNEGOTIATE_FOO\r\nNEGOTIATE_BAR if it wants to
negotiate multiple things at once. 

Lennart

-- 
Lennart Poettering                        Red Hat, Inc.
lennart [at] poettering [dot] net         ICQ# 11060553
http://0pointer.net/lennart/           GnuPG 0x1A015CC4

More information about the dbus mailing list