Pluggable auth modules

[David Zeuthen]

Hi,

On Wed, Jun 1, 2011 at 1:08 PM, Pavel Strashkin
<pavel.strashkin at gmail.com> wrote:
> At the moment DBus has a few hard-coded auth mechanism and there is no
> the way to fix them separately, extend, inherit or add a new one
> without a patching.
>
> Actually, an adding a new one is a more complicated problem because
> you can't just add it to main repo - it must be approved by dbus team
> or it's may be your own
> proprietary (or for internal usage) code so the only way is keep this
> patches under your control and merge/refresh them everytime when
> mainstream is changed (sometimes it's difficult).

It also includes documenting it in the spec.

> The idea is introduce pluggable auth modules (DLO, dynamically
> loadable objects) via *.so/*.dll which will contain some factory
> function to produce DBusAuthMechanismHandler instances.
> What do you think?

I don't particular like this idea - because it either ties you to
libdbus-1 or requires you to implement the authentication mechanism in
other D-Bus implementations.

FWIW, GDBus has pluggable authentication mechanisms too but it is not
exposed in any public API (much like libdbus-1's aren't) - partly
because I wasn't happy about the API of it - partly because I don't
want to encourage people writing new auth mechanisms.

My view is pretty simple, BTW: applications should authenticate the
connection itself before using it for any D-Bus traffic and then just
use the D-Bus ANONYMOUS authentication method. This would include e.g.
checking certificates if it's a TLS connections or some proprietary
exchange. Or whatever. In GDBus that's easy to do, see

 http://developer.gnome.org/gio/unstable/GDBusConnection.html#g-dbus-connection-new

since you can do this on any GIOStream to create a GDBusConnection.

In libdbus-1 I think it's harder since you can't create a
DBusConnection for any (say, pollable) file-descriptor. But that's
just a libdbus-1 limitation and it shouldn't be too hard to fix that.

     David