winDBus authentication stage

Havoc Pennington hp at redhat.com
Tue Mar 13 09:55:59 PDT 2007 

Ralf Habacker wrote:
>> It just happens because of the hack used to implement dbus_uid_t on
>> Windows; the dbus_uid_t is an atom, and nobody changed the part of the
>> code that converts to a string for auth to do the right thing on
>> windows and convert to an sid string instead of a number. 
> Hmmh, using dbus_uid_t was your proposal see
> http://lists.freedesktop.org/archives/dbus/2006-June/005043.html

I also said in that thread for example just what I suggested in this thread:

    Or perhaps to go more cross platform, you could have a "uid to
    string" and "uid from string" function ? where the string would be an
    "external form" and the integer is not allowed to leave the dbus
    process, on either platform.

and

    Or have to/from string converters, and have the rule that to go
    outside the process you have to do this conversion. I'm not sure
    where this comes up in the dbus codebase - it may well, in the config
    file or in the auth protocol. GlobalAddAtom() seems like it'd be a
    little scary... especially if it leaked out of dbus internals and
    effectively became some sort of public API...

In any case, it doesn't matter; it's clearly broken to do what the code 
is doing now (sending weird atoms over the wire), and it's very easy to 
fix by adding a append-uid-to-string function which would just 
append_uint() on unix and do something else on windows.

>> There's also a leak problem where there's no reliable way to
>> GlobalDeleteAtom, afaict. This hack should not be escaping over the
>> wire, as has been discussed to death.
> No idea why this goes wrong. Have you any pointer in the list  ?

1) if you create a system-global atom then you need to delete it 
somehow. MSDN says they are not automatically deleted when the app exits.
2) it is escaping over the wire because the code in dbus-auth.c just 
sends the numeric value of dbus_uid_t over the wire. If you change this 
to send a string sid or username instead of integer, then you no longer 
need *global* atoms, just per-process atoms. Thus 1) is solved.

Havoc

More information about the dbus mailing list