Implementing LOCAL_CREDS socket credentials
Julio M. Merino Vidal
jmmv84 at gmail.com
Sun Aug 27 02:39:28 PDT 2006
Hello,
I've been investigating how to make the EXTERNAL authentication
mechanism work under NetBSD. It turns out that NetBSD does support
socket credentials through the LOCAL_CREDS feature, currently
unimplemented in D-Bus.
LOCAL_CREDS works as follows:
1) The server must first set the LOCAL_CREDS option on the socket
using setsockopt.
2) The client must send a message (whatever it is; even the write(2)
system call is useful) to the server. This *must* happen after the
server has set the LOCAL_CREDS option in 1).
3) The server receives the message with recvmsg(2) and parses the
extra credentials information, much like CMSGCRED.
Check the attached file for a simple example.
I've got the above working more or less in D-Bus but have hit a
problem that I've been unable to resolve so far. As far as I can
tell, there is currently no way to guarantee that 2) is executed after
1), so there is a race condition that prevents this from working
safely.
The problem is that the current communication lacks a step for this to
work. As far as I understand it, the client sends first an "AUTH
EXTERNAL" message to the server and immediately afterwards sens the
nul-byte message. Therefore the server has no chance of enabling the
LOCAL_CREDS option in between in a safe manner.
To solve the problem, an intermediate synchronization step could be
needed so that the client waited for confirmation before sending the
nul-byte message. Basically:
SERVER: Wait for connection.
SERVER: Wait for auth command.
SERVER: Set LOCAL_CREDS option.
SERVER: Send confirmation message.
SERVER: Wait for nul-byte credentials message.
CLIENT: Connect to server.
CLIENT: Send "AUTH EXTERNAL".
CLIENT: Wait for confirmation message.
CLIENT: Send nul-byte message with credentials.
If this extra step must be introduced in the protocol it should be
done before the first D-Bus stable release... Or maybe there
currently is a way to achieve the above in a safe manner? The code is
rather complex to understand what is really going on...
Thanks.
--
Julio M. Merino Vidal <jmmv84 at gmail.com>
The Julipedia - http://julipedia.blogspot.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: test.c
Type: text/x-csrc
Size: 1106 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/dbus/attachments/20060827/789be6bb/test.c
More information about the dbus
mailing list