[pulseaudio-commits] r1109 - in /trunk: ./ src/daemon/ src/modules/ src/pulse/ src/pulsecore/
svnmailer-noreply at 0pointer.de
svnmailer-noreply at 0pointer.de
Wed Jul 19 14:48:39 PDT 2006
Author: lennart
Date: Wed Jul 19 23:48:35 2006
New Revision: 1109
URL: http://0pointer.de/cgi-bin/viewcvs.cgi?rev=1109&root=pulseaudio&view=rev
Log:
* add new function pa_check_in_group()
* abstract credential APis a little bit by introducing HAVE_CREDS and a structure pa_creds
* rework credential authentication
* fix module-volume-restore and friends for usage in system-wide instance
* remove loopback= argument from moulde-*-protocol-tcp since it is a superset of listen= and usually a bad idea anyway since the user shouldn't load the TCP module at all if he doesn't want remote access
* rename a few variables in the jack modules to make sure they don't conflict with symbols defined in the system headers
* add server address for system-wide daemons to the default server list for the the client libs
* update todo
Added:
trunk/src/pulsecore/creds.h (with props)
Modified:
trunk/src/daemon/daemon-conf.c
trunk/src/daemon/main.c
trunk/src/modules/module-jack-sink.c
trunk/src/modules/module-jack-source.c
trunk/src/modules/module-match.c
trunk/src/modules/module-protocol-stub.c
trunk/src/modules/module-tunnel.c
trunk/src/modules/module-volume-restore.c
trunk/src/pulse/client-conf.c
trunk/src/pulse/context.c
trunk/src/pulsecore/core-util.c
trunk/src/pulsecore/core-util.h
trunk/src/pulsecore/iochannel.c
trunk/src/pulsecore/iochannel.h
trunk/src/pulsecore/pdispatch.c
trunk/src/pulsecore/pdispatch.h
trunk/src/pulsecore/protocol-native.c
trunk/src/pulsecore/pstream-util.c
trunk/src/pulsecore/pstream-util.h
trunk/src/pulsecore/pstream.c
trunk/src/pulsecore/pstream.h
trunk/src/pulsecore/socket-server.c
trunk/todo
Modified: trunk/src/daemon/daemon-conf.c
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/daemon/daemon-conf.c?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/daemon/daemon-conf.c (original)
+++ trunk/src/daemon/daemon-conf.c Wed Jul 19 23:48:35 2006
@@ -46,9 +46,9 @@
#endif
#define DEFAULT_SCRIPT_FILE PA_DEFAULT_CONFIG_DIR PATH_SEP "default.pa"
-#define DEFAULT_SCRIPT_FILE_USER ".pulse" PATH_SEP "default.pa"
+#define DEFAULT_SCRIPT_FILE_USER PATH_SEP "default.pa"
#define DEFAULT_CONFIG_FILE PA_DEFAULT_CONFIG_DIR PATH_SEP "daemon.conf"
-#define DEFAULT_CONFIG_FILE_USER ".pulse" PATH_SEP "daemon.conf"
+#define DEFAULT_CONFIG_FILE_USER PATH_SEP "daemon.conf"
#define ENV_SCRIPT_FILE "PULSE_SCRIPT"
#define ENV_CONFIG_FILE "PULSE_CONFIG"
Modified: trunk/src/daemon/main.c
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/daemon/main.c?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/daemon/main.c (original)
+++ trunk/src/daemon/main.c Wed Jul 19 23:48:35 2006
@@ -229,6 +229,7 @@
/* Relevant for pa_runtime_path() */
set_env("PULSE_RUNTIME_PATH", PA_SYSTEM_RUNTIME_PATH);
+ set_env("PULSE_CONFIG_PATH", PA_SYSTEM_RUNTIME_PATH);
pa_log_info(__FILE__": Successfully dropped root privileges.");
@@ -245,8 +246,6 @@
return -1;
}
- /* Relevant for pa_runtime_path() later on */
- set_env("PULSE_RUNTIME_PATH", fn);
return 0;
}
Modified: trunk/src/modules/module-jack-sink.c
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/modules/module-jack-sink.c?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/modules/module-jack-sink.c (original)
+++ trunk/src/modules/module-jack-sink.c Wed Jul 19 23:48:35 2006
@@ -242,7 +242,7 @@
jack_status_t status;
const char *server_name, *client_name;
uint32_t channels = 0;
- int connect = 1;
+ int do_connect = 1;
unsigned i;
const char **ports = NULL, **p;
@@ -256,7 +256,7 @@
goto fail;
}
- if (pa_modargs_get_value_boolean(ma, "connect", &connect) < 0) {
+ if (pa_modargs_get_value_boolean(ma, "connect", &do_connect) < 0) {
pa_log(__FILE__": failed to parse connect= argument.");
goto fail;
}
@@ -339,7 +339,7 @@
goto fail;
}
- if (connect) {
+ if (do_connect) {
for (i = 0, p = ports; i < ss.channels; i++, p++) {
if (!*p) {
Modified: trunk/src/modules/module-jack-source.c
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/modules/module-jack-source.c?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/modules/module-jack-source.c (original)
+++ trunk/src/modules/module-jack-source.c Wed Jul 19 23:48:35 2006
@@ -240,7 +240,7 @@
jack_status_t status;
const char *server_name, *client_name;
uint32_t channels = 0;
- int connect = 1;
+ int do_connect = 1;
unsigned i;
const char **ports = NULL, **p;
@@ -254,7 +254,7 @@
goto fail;
}
- if (pa_modargs_get_value_boolean(ma, "connect", &connect) < 0) {
+ if (pa_modargs_get_value_boolean(ma, "connect", &do_connect) < 0) {
pa_log(__FILE__": failed to parse connect= argument.");
goto fail;
}
@@ -337,7 +337,7 @@
goto fail;
}
- if (connect) {
+ if (do_connect) {
for (i = 0, p = ports; i < ss.channels; i++, p++) {
if (!*p) {
Modified: trunk/src/modules/module-match.c
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/modules/module-match.c?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/modules/module-match.c (original)
+++ trunk/src/modules/module-match.c Wed Jul 19 23:48:35 2006
@@ -53,7 +53,7 @@
#define WHITESPACE "\n\r \t"
#define DEFAULT_MATCH_TABLE_FILE PA_DEFAULT_CONFIG_DIR"/match.table"
-#define DEFAULT_MATCH_TABLE_FILE_USER ".pulse/match.table"
+#define DEFAULT_MATCH_TABLE_FILE_USER "match.table"
static const char* const valid_modargs[] = {
"table",
Modified: trunk/src/modules/module-protocol-stub.c
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/modules/module-protocol-stub.c?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/modules/module-protocol-stub.c (original)
+++ trunk/src/modules/module-protocol-stub.c Wed Jul 19 23:48:35 2006
@@ -52,10 +52,11 @@
#include <pulsecore/modargs.h>
#include <pulsecore/log.h>
#include <pulsecore/native-common.h>
+#include <pulsecore/creds.h>
#ifdef USE_TCP_SOCKETS
#define SOCKET_DESCRIPTION "(TCP sockets)"
-#define SOCKET_USAGE "port=<TCP port number> loopback=<listen on loopback device only?> listen=<address to listen on>"
+#define SOCKET_USAGE "port=<TCP port number> listen=<address to listen on>"
#else
#define SOCKET_DESCRIPTION "(UNIX sockets)"
#define SOCKET_USAGE "socket=<path to UNIX socket>"
@@ -127,9 +128,9 @@
#include "module-native-protocol-unix-symdef.h"
#endif
- #if defined(SCM_CREDENTIALS) && !defined(USE_TCP_SOCKETS)
- #define MODULE_ARGUMENTS MODULE_ARGUMENTS_COMMON "auth-group",
- #define AUTH_USAGE "auth-group=<local group to allow access>"
+ #if defined(HAVE_CREDS) && !defined(USE_TCP_SOCKETS)
+ #define MODULE_ARGUMENTS MODULE_ARGUMENTS_COMMON "auth-group", "auth-group-enable="
+ #define AUTH_USAGE "auth-group=<system group to allow access> auth-group-enable=<enable auth by UNIX group?> "
#else
#define MODULE_ARGUMENTS MODULE_ARGUMENTS_COMMON
#define AUTH_USAGE
@@ -171,7 +172,6 @@
MODULE_ARGUMENTS
#if defined(USE_TCP_SOCKETS)
"port",
- "loopback",
"listen",
#else
"socket",
@@ -197,7 +197,6 @@
#if defined(USE_TCP_SOCKETS)
pa_socket_server *s_ipv4 = NULL, *s_ipv6 = NULL;
- int loopback = 1;
uint32_t port = IPV4_PORT;
const char *listen_on;
#else
@@ -216,11 +215,6 @@
u = pa_xnew0(struct userdata, 1);
#if defined(USE_TCP_SOCKETS)
- if (pa_modargs_get_value_boolean(ma, "loopback", &loopback) < 0) {
- pa_log(__FILE__": loopback= expects a boolean argument.");
- goto fail;
- }
-
if (pa_modargs_get_value_u32(ma, "port", &port) < 0 || port < 1 || port > 0xFFFF) {
pa_log(__FILE__": port= expects a numerical argument between 1 and 65535.");
goto fail;
@@ -231,9 +225,6 @@
if (listen_on) {
s_ipv6 = pa_socket_server_new_ipv6_string(c->mainloop, listen_on, port, TCPWRAP_SERVICE);
s_ipv4 = pa_socket_server_new_ipv4_string(c->mainloop, listen_on, port, TCPWRAP_SERVICE);
- } else if (loopback) {
- s_ipv6 = pa_socket_server_new_ipv6_loopback(c->mainloop, port, TCPWRAP_SERVICE);
- s_ipv4 = pa_socket_server_new_ipv4_loopback(c->mainloop, port, TCPWRAP_SERVICE);
} else {
s_ipv6 = pa_socket_server_new_ipv6_any(c->mainloop, port, TCPWRAP_SERVICE);
s_ipv4 = pa_socket_server_new_ipv4_any(c->mainloop, port, TCPWRAP_SERVICE);
Modified: trunk/src/modules/module-tunnel.c
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/modules/module-tunnel.c?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/modules/module-tunnel.c (original)
+++ trunk/src/modules/module-tunnel.c Wed Jul 19 23:48:35 2006
@@ -611,7 +611,7 @@
}
-static void pstream_packet_callback(pa_pstream *p, pa_packet *packet, const struct ucred *creds, void *userdata) {
+static void pstream_packet_callback(pa_pstream *p, pa_packet *packet, const pa_creds *creds, void *userdata) {
struct userdata *u = userdata;
assert(p && packet && u);
Modified: trunk/src/modules/module-volume-restore.c
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/modules/module-volume-restore.c?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/modules/module-volume-restore.c (original)
+++ trunk/src/modules/module-volume-restore.c Wed Jul 19 23:48:35 2006
@@ -53,7 +53,7 @@
#define WHITESPACE "\n\r \t"
-#define DEFAULT_VOLUME_TABLE_FILE ".pulse/volume.table"
+#define DEFAULT_VOLUME_TABLE_FILE "volume.table"
static const char* const valid_modargs[] = {
"table",
Modified: trunk/src/pulse/client-conf.c
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/pulse/client-conf.c?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/pulse/client-conf.c (original)
+++ trunk/src/pulse/client-conf.c Wed Jul 19 23:48:35 2006
@@ -46,7 +46,7 @@
#endif
#define DEFAULT_CLIENT_CONFIG_FILE PA_DEFAULT_CONFIG_DIR PATH_SEP "client.conf"
-#define DEFAULT_CLIENT_CONFIG_FILE_USER ".pulse" PATH_SEP "client.conf"
+#define DEFAULT_CLIENT_CONFIG_FILE_USER "client.conf"
#define ENV_CLIENT_CONFIG_FILE "PULSE_CLIENTCONFIG"
#define ENV_DEFAULT_SINK "PULSE_SINK"
Modified: trunk/src/pulse/context.c
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/pulse/context.c?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/pulse/context.c (original)
+++ trunk/src/pulse/context.c Wed Jul 19 23:48:35 2006
@@ -62,6 +62,7 @@
#include <pulsecore/core-util.h>
#include <pulsecore/log.h>
#include <pulsecore/socket-util.h>
+#include <pulsecore/creds.h>
#include "internal.h"
@@ -272,7 +273,7 @@
pa_context_fail(c, PA_ERR_CONNECTIONTERMINATED);
}
-static void pstream_packet_callback(pa_pstream *p, pa_packet *packet, const struct ucred *creds, void *userdata) {
+static void pstream_packet_callback(pa_pstream *p, pa_packet *packet, const pa_creds *creds, void *userdata) {
pa_context *c = userdata;
assert(p);
@@ -423,15 +424,17 @@
pa_tagstruct_putu32(t, PA_PROTOCOL_VERSION);
pa_tagstruct_put_arbitrary(t, c->conf->cookie, sizeof(c->conf->cookie));
-#ifdef SCM_CREDENTIALS
+#ifdef HAVE_CREDS
{
- struct ucred ucred;
-
- ucred.pid = getpid();
+ pa_creds ucred;
+ gid_t g;
+
ucred.uid = getuid();
+ ucred.gid = getgid();
- if ((ucred.gid = pa_get_gid_of_group(c->conf->access_group)) == (gid_t) -1)
- ucred.gid = getgid();
+ if ((g = pa_get_gid_of_group(c->conf->access_group)) != (gid_t) -1)
+ if (pa_check_in_group(g) > 0)
+ ucred.gid = g;
pa_pstream_send_tagstruct_with_creds(c->pstream, t, &ucred);
}
@@ -690,7 +693,12 @@
}
c->server_list = pa_strlist_prepend(c->server_list, "tcp6:localhost");
- c->server_list = pa_strlist_prepend(c->server_list, "localhost");
+ c->server_list = pa_strlist_prepend(c->server_list, "tcp4:localhost");
+
+ /* The system wide instance */
+ c->server_list = pa_strlist_prepend(c->server_list, PA_SYSTEM_RUNTIME_PATH "/" PA_NATIVE_DEFAULT_UNIX_SOCKET);
+
+ /* The per-user instance */
c->server_list = pa_strlist_prepend(c->server_list, pa_runtime_path(PA_NATIVE_DEFAULT_UNIX_SOCKET, ufn, sizeof(ufn)));
/* Wrap the connection attempts in a single transaction for sane autospawn locking */
Modified: trunk/src/pulsecore/core-util.c
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/pulsecore/core-util.c?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/pulsecore/core-util.c (original)
+++ trunk/src/pulsecore/core-util.c Wed Jul 19 23:48:35 2006
@@ -741,6 +741,20 @@
return ret;
}
+int pa_check_in_group(gid_t g) {
+ gid_t gids[NGROUPS_MAX];
+ int r;
+
+ if ((r = getgroups(NGROUPS_MAX, gids)) < 0)
+ return -1;
+
+ for (; r > 0; r--)
+ if (gids[r-1] == g)
+ return 1;
+
+ return 0;
+}
+
#else /* HAVE_GRP_H */
int pa_own_uid_in_group(const char *name, gid_t *gid) {
@@ -749,6 +763,14 @@
}
int pa_uid_in_group(uid_t uid, const char *name) {
+ return -1;
+}
+
+gid_t pa_get_gid_of_group(const char *name) {
+ return (gid_t) -1;
+}
+
+int pa_check_in_group(gid_t g) {
return -1;
}
@@ -909,28 +931,33 @@
return fopen(fn, mode);
}
- if (local && pa_get_home_dir(h, sizeof(h))) {
- FILE *f;
- char *lfn;
-
- fn = lfn = pa_sprintf_malloc("%s/%s", h, local);
-
+ if (local) {
+ const char *e;
+ char *lfn = NULL;
+
+ if ((e = getenv("PULSE_CONFIG_PATH")))
+ fn = lfn = pa_sprintf_malloc("%s/%s", e, local);
+ else if (pa_get_home_dir(h, sizeof(h)))
+ fn = lfn = pa_sprintf_malloc("%s/.pulse/%s", h, local);
+
+ if (lfn) {
+ FILE *f;
+
#ifdef OS_IS_WIN32
- if (!ExpandEnvironmentStrings(lfn, buf, PATH_MAX))
- return NULL;
- fn = buf;
-#endif
-
- f = fopen(fn, mode);
-
- if (f || errno != ENOENT) {
- if (result)
- *result = pa_xstrdup(fn);
+ if (!ExpandEnvironmentStrings(lfn, buf, PATH_MAX))
+ return NULL;
+ fn = buf;
+#endif
+
+ if ((f = fopen(fn, mode)) || errno != ENOENT) {
+ if (result)
+ *result = pa_xstrdup(fn);
+ pa_xfree(lfn);
+ return f;
+ }
+
pa_xfree(lfn);
- return f;
- }
-
- pa_xfree(lfn);
+ }
}
if (!global) {
Modified: trunk/src/pulsecore/core-util.h
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/pulsecore/core-util.h?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/pulsecore/core-util.h (original)
+++ trunk/src/pulsecore/core-util.h Wed Jul 19 23:48:35 2006
@@ -67,6 +67,7 @@
int pa_own_uid_in_group(const char *name, gid_t *gid);
int pa_uid_in_group(uid_t uid, const char *name);
gid_t pa_get_gid_of_group(const char *name);
+int pa_check_in_group(gid_t g);
int pa_lock_fd(int fd, int b);
Added: trunk/src/pulsecore/creds.h
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/pulsecore/creds.h?rev=1109&root=pulseaudio&view=auto
==============================================================================
--- trunk/src/pulsecore/creds.h (added)
+++ trunk/src/pulsecore/creds.h Wed Jul 19 23:48:35 2006
@@ -1,0 +1,44 @@
+#ifndef foocredshfoo
+#define foocredshfoo
+
+/* $Id$ */
+
+/***
+ This file is part of PulseAudio.
+
+ PulseAudio is free software; you can redistribute it and/or modify
+ it under the terms of the GNU Lesser General Public License as
+ published by the Free Software Foundation; either version 2.1 of the
+ License, or (at your option) any later version.
+
+ PulseAudio is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with PulseAudio; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+ USA.
+***/
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+
+typedef struct pa_creds pa_creds;
+
+#if defined(SCM_CREDENTIALS)
+
+#define HAVE_CREDS 1
+
+struct pa_creds {
+ gid_t gid;
+ uid_t uid;
+};
+
+#else
+#undef HAVE_CREDS
+#endif
+
+#endif
Propchange: trunk/src/pulsecore/creds.h
------------------------------------------------------------------------------
svn:keywords = Id
Modified: trunk/src/pulsecore/iochannel.c
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/pulsecore/iochannel.c?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/pulsecore/iochannel.c (original)
+++ trunk/src/pulsecore/iochannel.c Wed Jul 19 23:48:35 2006
@@ -231,7 +231,7 @@
return r;
}
-#ifdef SCM_CREDENTIALS
+#ifdef HAVE_CREDS
int pa_iochannel_creds_supported(pa_iochannel *io) {
struct sockaddr_un sa;
@@ -263,7 +263,7 @@
return 0;
}
-ssize_t pa_iochannel_write_with_creds(pa_iochannel*io, const void*data, size_t l, const struct ucred *ucred) {
+ssize_t pa_iochannel_write_with_creds(pa_iochannel*io, const void*data, size_t l, const pa_creds *ucred) {
ssize_t r;
struct msghdr mh;
struct iovec iov;
@@ -288,10 +288,11 @@
u = (struct ucred*) CMSG_DATA(cmsg);
- if (ucred)
- *u = *ucred;
- else {
- u->pid = getpid();
+ u->pid = getpid();
+ if (ucred) {
+ u->uid = ucred->uid;
+ u->gid = ucred->gid;
+ } else {
u->uid = getuid();
u->gid = getgid();
}
@@ -313,7 +314,7 @@
return r;
}
-ssize_t pa_iochannel_read_with_creds(pa_iochannel*io, void*data, size_t l, struct ucred *ucred, int *creds_valid) {
+ssize_t pa_iochannel_read_with_creds(pa_iochannel*io, void*data, size_t l, pa_creds *creds, int *creds_valid) {
ssize_t r;
struct msghdr mh;
struct iovec iov;
@@ -323,7 +324,7 @@
assert(data);
assert(l);
assert(io->ifd >= 0);
- assert(ucred);
+ assert(creds);
assert(creds_valid);
memset(&iov, 0, sizeof(iov));
@@ -349,8 +350,12 @@
for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_CREDENTIALS) {
+ struct ucred u;
assert(cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)));
- memcpy(ucred, CMSG_DATA(cmsg), sizeof(struct ucred));
+ memcpy(&u, CMSG_DATA(cmsg), sizeof(struct ucred));
+
+ creds->gid = u.gid;
+ creds->uid = u.uid;
*creds_valid = 1;
break;
}
@@ -362,27 +367,8 @@
return r;
}
-#else /* SCM_CREDENTIALS */
-
-int pa_iochannel_creds_supported(pa_iochannel *io) {
- return 0;
-}
-
-int pa_iochannel_creds_enable(pa_iochannel *io) {
- return -1;
-}
-
-ssize_t pa_iochannel_write_with_creds(pa_iochannel*io, const void*data, size_t l) {
- pa_log_error("pa_iochannel_write_with_creds() not supported.");
- return -1;
-}
-
-ssize_t pa_iochannel_read_with_creds(pa_iochannel*io, void*data, size_t l, struct ucred *ucred, int *creds_valid) {
- pa_log_error("pa_iochannel_read_with_creds() not supported.");
- return -1;
-}
-
-#endif /* SCM_CREDENTIALS */
+
+#endif /* HAVE_CREDS */
void pa_iochannel_set_callback(pa_iochannel*io, pa_iochannel_cb_t _callback, void *userdata) {
assert(io);
Modified: trunk/src/pulsecore/iochannel.h
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/pulsecore/iochannel.h?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/pulsecore/iochannel.h (original)
+++ trunk/src/pulsecore/iochannel.h Wed Jul 19 23:48:35 2006
@@ -25,6 +25,7 @@
#include <sys/types.h>
#include <pulse/mainloop-api.h>
+#include <pulsecore/creds.h>
/* A wrapper around UNIX file descriptors for attaching them to the a
main event loop. Everytime new data may be read or be written to
@@ -49,13 +50,13 @@
ssize_t pa_iochannel_write(pa_iochannel*io, const void*data, size_t l);
ssize_t pa_iochannel_read(pa_iochannel*io, void*data, size_t l);
+#ifdef HAVE_CREDS
int pa_iochannel_creds_supported(pa_iochannel *io);
int pa_iochannel_creds_enable(pa_iochannel *io);
-struct ucred;
-
-ssize_t pa_iochannel_write_with_creds(pa_iochannel*io, const void*data, size_t l, const struct ucred *ucred);
-ssize_t pa_iochannel_read_with_creds(pa_iochannel*io, void*data, size_t l, struct ucred *ucred, int *creds_valid);
+ssize_t pa_iochannel_write_with_creds(pa_iochannel*io, const void*data, size_t l, const pa_creds *ucred);
+ssize_t pa_iochannel_read_with_creds(pa_iochannel*io, void*data, size_t l, pa_creds *ucred, int *creds_valid);
+#endif
int pa_iochannel_is_readable(pa_iochannel*io);
int pa_iochannel_is_writable(pa_iochannel*io);
Modified: trunk/src/pulsecore/pdispatch.c
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/pulsecore/pdispatch.c?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/pulsecore/pdispatch.c (original)
+++ trunk/src/pulsecore/pdispatch.c Wed Jul 19 23:48:35 2006
@@ -112,7 +112,7 @@
PA_LLIST_HEAD(struct reply_info, replies);
pa_pdispatch_drain_callback drain_callback;
void *drain_userdata;
- const void *creds;
+ const pa_creds *creds;
};
static void reply_info_free(struct reply_info *r) {
@@ -180,7 +180,7 @@
pa_pdispatch_unref(pd);
}
-int pa_pdispatch_run(pa_pdispatch *pd, pa_packet*packet, const struct ucred *creds, void *userdata) {
+int pa_pdispatch_run(pa_pdispatch *pd, pa_packet*packet, const pa_creds *creds, void *userdata) {
uint32_t tag, command;
pa_tagstruct *ts = NULL;
int ret = -1;
@@ -310,7 +310,7 @@
return pd;
}
-const struct ucred * pa_pdispatch_creds(pa_pdispatch *pd) {
+const pa_creds * pa_pdispatch_creds(pa_pdispatch *pd) {
assert(pd);
assert(pd->ref >= 1);
Modified: trunk/src/pulsecore/pdispatch.h
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/pulsecore/pdispatch.h?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/pulsecore/pdispatch.h (original)
+++ trunk/src/pulsecore/pdispatch.h Wed Jul 19 23:48:35 2006
@@ -23,12 +23,13 @@
***/
#include <inttypes.h>
+
#include <pulse/mainloop-api.h>
#include <pulse/def.h>
+
#include <pulsecore/tagstruct.h>
#include <pulsecore/packet.h>
-
-struct ucred;
+#include <pulsecore/creds.h>
typedef struct pa_pdispatch pa_pdispatch;
@@ -39,7 +40,7 @@
void pa_pdispatch_unref(pa_pdispatch *pd);
pa_pdispatch* pa_pdispatch_ref(pa_pdispatch *pd);
-int pa_pdispatch_run(pa_pdispatch *pd, pa_packet*p, const struct ucred*creds, void *userdata);
+int pa_pdispatch_run(pa_pdispatch *pd, pa_packet*p, const pa_creds *creds, void *userdata);
void pa_pdispatch_register_reply(pa_pdispatch *pd, uint32_t tag, int timeout, pa_pdispatch_cb_t callback, void *userdata, pa_free_cb_t free_cb);
@@ -50,6 +51,6 @@
/* Remove all reply slots with the give userdata parameter */
void pa_pdispatch_unregister_reply(pa_pdispatch *pd, void *userdata);
-const struct ucred * pa_pdispatch_creds(pa_pdispatch *pd);
+const pa_creds * pa_pdispatch_creds(pa_pdispatch *pd);
#endif
Modified: trunk/src/pulsecore/protocol-native.c
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/pulsecore/protocol-native.c?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/pulsecore/protocol-native.c (original)
+++ trunk/src/pulsecore/protocol-native.c Wed Jul 19 23:48:35 2006
@@ -55,6 +55,8 @@
#include <pulsecore/props.h>
#include <pulsecore/sample-util.h>
#include <pulsecore/llist.h>
+#include <pulsecore/creds.h>
+#include <pulsecore/core-util.h>
#include "protocol-native.h"
@@ -134,7 +136,7 @@
pa_idxset *connections;
uint8_t auth_cookie[PA_NATIVE_COOKIE_LENGTH];
int auth_cookie_in_property;
-#ifdef SCM_CREDENTIALS
+#ifdef HAVE_CREDS
char *auth_group;
#endif
};
@@ -910,25 +912,32 @@
if (!c->authorized) {
int success = 0;
-#ifdef SCM_CREDENTIALS
- const struct ucred *ucred = pa_pdispatch_creds(pd);
-
- if (ucred) {
- if (ucred->uid == getuid())
+#ifdef HAVE_CREDS
+ const pa_creds *creds;
+
+ if ((creds = pa_pdispatch_creds(pd))) {
+ if (creds->uid == getuid())
success = 1;
else if (c->protocol->auth_group) {
int r;
-
- if ((r = pa_uid_in_group(ucred->uid, c->protocol->auth_group)) < 0)
- pa_log_warn(__FILE__": failed to check group membership.");
- else if (r > 0)
+ gid_t gid;
+
+ if ((gid = pa_get_gid_of_group(c->protocol->auth_group)) == (gid_t) -1)
+ pa_log_warn(__FILE__": failed to get GID of group '%s'", c->protocol->auth_group);
+ else if (gid == creds->gid)
success = 1;
+
+ if (!success) {
+ if ((r = pa_uid_in_group(creds->uid, c->protocol->auth_group)) < 0)
+ pa_log_warn(__FILE__": failed to check group membership.");
+ else if (r > 0)
+ success = 1;
+ }
}
- pa_log_info(__FILE__": Got credentials: pid=%lu uid=%lu gid=%lu auth=%i",
- (unsigned long) ucred->pid,
- (unsigned long) ucred->uid,
- (unsigned long) ucred->gid,
+ pa_log_info(__FILE__": Got credentials: uid=%lu gid=%lu success=%i",
+ (unsigned long) creds->uid,
+ (unsigned long) creds->gid,
success);
}
#endif
@@ -2100,7 +2109,7 @@
/*** pstream callbacks ***/
-static void pstream_packet_callback(pa_pstream *p, pa_packet *packet, const struct ucred *creds, void *userdata) {
+static void pstream_packet_callback(pa_pstream *p, pa_packet *packet, const pa_creds *creds, void *userdata) {
struct connection *c = userdata;
assert(p && packet && packet->data && c);
@@ -2272,7 +2281,7 @@
pa_idxset_put(p->connections, c, NULL);
-#ifdef SCM_CREDENTIALS
+#ifdef HAVE_CREDS
if (pa_iochannel_creds_supported(io))
pa_iochannel_creds_enable(io);
@@ -2323,8 +2332,18 @@
p->public = public;
p->server = NULL;
-#ifdef SCM_CREDENTIALS
- p->auth_group = pa_xstrdup(pa_modargs_get_value(ma, "auth-group", NULL));
+#ifdef HAVE_CREDS
+ {
+ int a = 1;
+ if (pa_modargs_get_value_boolean(ma, "auth-group-enabled", &a) < 0) {
+ pa_log(__FILE__": auth-group-enabled= expects a boolean argument.");
+ return NULL;
+ }
+ p->auth_group = a ? pa_xstrdup(pa_modargs_get_value(ma, "auth-group", c->is_system_instance ? PA_ACCESS_GROUP : NULL)) : NULL;
+
+ if (p->auth_group)
+ pa_log_info(__FILE__": Allowing access to group '%s'.", p->auth_group);
+ }
#endif
if (load_key(p, pa_modargs_get_value(ma, "cookie", NULL)) < 0) {
@@ -2386,7 +2405,7 @@
if (p->auth_cookie_in_property)
pa_authkey_prop_unref(p->core, PA_NATIVE_COOKIE_PROPERTY_NAME);
-#ifdef SCM_CREDENTIALS
+#ifdef HAVE_CREDS
pa_xfree(p->auth_group);
#endif
pa_xfree(p);
Modified: trunk/src/pulsecore/pstream-util.c
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/pulsecore/pstream-util.c?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/pulsecore/pstream-util.c (original)
+++ trunk/src/pulsecore/pstream-util.c Wed Jul 19 23:48:35 2006
@@ -29,7 +29,7 @@
#include "pstream-util.h"
-void pa_pstream_send_tagstruct_with_creds(pa_pstream *p, pa_tagstruct *t, const struct ucred *creds) {
+void pa_pstream_send_tagstruct_with_creds(pa_pstream *p, pa_tagstruct *t, const pa_creds *creds) {
size_t length;
uint8_t *data;
pa_packet *packet;
Modified: trunk/src/pulsecore/pstream-util.h
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/pulsecore/pstream-util.h?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/pulsecore/pstream-util.h (original)
+++ trunk/src/pulsecore/pstream-util.h Wed Jul 19 23:48:35 2006
@@ -25,11 +25,10 @@
#include <inttypes.h>
#include <pulsecore/pstream.h>
#include <pulsecore/tagstruct.h>
-
-struct ucred;
+#include <pulsecore/creds.h>
/* The tagstruct is freed!*/
-void pa_pstream_send_tagstruct_with_creds(pa_pstream *p, pa_tagstruct *t, const struct ucred *creds);
+void pa_pstream_send_tagstruct_with_creds(pa_pstream *p, pa_tagstruct *t, const pa_creds *creds);
#define pa_pstream_send_tagstruct(p, t) pa_pstream_send_tagstruct_with_creds((p), (t), 0)
Modified: trunk/src/pulsecore/pstream.c
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/pulsecore/pstream.c?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/pulsecore/pstream.c (original)
+++ trunk/src/pulsecore/pstream.c Wed Jul 19 23:48:35 2006
@@ -41,6 +41,7 @@
#include <pulsecore/queue.h>
#include <pulsecore/log.h>
#include <pulsecore/core-scache.h>
+#include <pulsecore/creds.h>
#include "pstream.h"
@@ -69,9 +70,9 @@
/* packet info */
pa_packet *packet;
-#ifdef SCM_CREDENTIALS
+#ifdef HAVE_CREDS
int with_creds;
- struct ucred creds;
+ pa_creds creds;
#endif
};
@@ -114,8 +115,8 @@
pa_memblock_stat *memblock_stat;
-#ifdef SCM_CREDENTIALS
- struct ucred read_creds, write_creds;
+#ifdef HAVE_CREDS
+ pa_creds read_creds, write_creds;
int read_creds_valid, send_creds_now;
#endif
};
@@ -216,7 +217,7 @@
pa_iochannel_socket_set_rcvbuf(io, 1024*8);
pa_iochannel_socket_set_sndbuf(io, 1024*8);
-#ifdef SCM_CREDENTIALS
+#ifdef HAVE_CREDS
p->send_creds_now = 0;
p->read_creds_valid = 0;
#endif
@@ -258,7 +259,7 @@
pa_xfree(p);
}
-void pa_pstream_send_packet(pa_pstream*p, pa_packet *packet, const struct ucred *creds) {
+void pa_pstream_send_packet(pa_pstream*p, pa_packet *packet, const pa_creds *creds) {
struct item_info *i;
assert(p && packet && p->ref >= 1);
@@ -270,7 +271,7 @@
i = pa_xnew(struct item_info, 1);
i->type = PA_PSTREAM_ITEM_PACKET;
i->packet = pa_packet_ref(packet);
-#ifdef SCM_CREDENTIALS
+#ifdef HAVE_CREDS
if ((i->with_creds = !!creds))
i->creds = *creds;
#endif
@@ -294,7 +295,7 @@
i->channel = channel;
i->offset = offset;
i->seek_mode = seek_mode;
-#ifdef SCM_CREDENTIALS
+#ifdef HAVE_CREDS
i->with_creds = 0;
#endif
@@ -334,7 +335,7 @@
p->write.descriptor[PA_PSTREAM_DESCRIPTOR_SEEK] = htonl(p->write.current->seek_mode);
}
-#ifdef SCM_CREDENTIALS
+#ifdef HAVE_CREDS
if ((p->send_creds_now = p->write.current->with_creds))
p->write_creds = p->write.current->creds;
@@ -364,7 +365,7 @@
l = ntohl(p->write.descriptor[PA_PSTREAM_DESCRIPTOR_LENGTH]) - (p->write.index - PA_PSTREAM_DESCRIPTOR_SIZE);
}
-#ifdef SCM_CREDENTIALS
+#ifdef HAVE_CREDS
if (p->send_creds_now) {
if ((r = pa_iochannel_write_with_creds(p->io, d, l, &p->write_creds)) < 0)
@@ -406,7 +407,7 @@
l = ntohl(p->read.descriptor[PA_PSTREAM_DESCRIPTOR_LENGTH]) - (p->read.index - PA_PSTREAM_DESCRIPTOR_SIZE);
}
-#ifdef SCM_CREDENTIALS
+#ifdef HAVE_CREDS
{
int b = 0;
@@ -495,7 +496,7 @@
assert(p->read.packet);
if (p->recieve_packet_callback)
-#ifdef SCM_CREDENTIALS
+#ifdef HAVE_CREDS
p->recieve_packet_callback(p, p->read.packet, p->read_creds_valid ? &p->read_creds : NULL, p->recieve_packet_callback_userdata);
#else
p->recieve_packet_callback(p, p->read.packet, NULL, p->recieve_packet_callback_userdata);
@@ -506,7 +507,7 @@
}
p->read.index = 0;
-#ifdef SCM_CREDENTIALS
+#ifdef HAVE_CREDS
p->read_creds_valid = 0;
#endif
}
Modified: trunk/src/pulsecore/pstream.h
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/pulsecore/pstream.h?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/pulsecore/pstream.h (original)
+++ trunk/src/pulsecore/pstream.h Wed Jul 19 23:48:35 2006
@@ -26,16 +26,16 @@
#include <pulse/mainloop-api.h>
#include <pulse/def.h>
+
#include <pulsecore/packet.h>
#include <pulsecore/memblock.h>
#include <pulsecore/iochannel.h>
#include <pulsecore/memchunk.h>
-
-struct ucred;
+#include <pulsecore/creds.h>
typedef struct pa_pstream pa_pstream;
-typedef void (*pa_pstream_packet_cb_t)(pa_pstream *p, pa_packet *packet, const struct ucred *creds, void *userdata);
+typedef void (*pa_pstream_packet_cb_t)(pa_pstream *p, pa_packet *packet, const pa_creds *creds, void *userdata);
typedef void (*pa_pstream_memblock_cb_t)(pa_pstream *p, uint32_t channel, int64_t offset, pa_seek_mode_t seek, const pa_memchunk *chunk, void *userdata);
typedef void (*pa_pstream_notify_cb_t)(pa_pstream *p, void *userdata);
@@ -43,7 +43,7 @@
void pa_pstream_unref(pa_pstream*p);
pa_pstream* pa_pstream_ref(pa_pstream*p);
-void pa_pstream_send_packet(pa_pstream*p, pa_packet *packet, const struct ucred *creds);
+void pa_pstream_send_packet(pa_pstream*p, pa_packet *packet, const pa_creds *creds);
void pa_pstream_send_memblock(pa_pstream*p, uint32_t channel, int64_t offset, pa_seek_mode_t seek, const pa_memchunk *chunk);
void pa_pstream_set_recieve_packet_callback(pa_pstream *p, pa_pstream_packet_cb_t cb, void *userdata);
Modified: trunk/src/pulsecore/socket-server.c
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/src/pulsecore/socket-server.c?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/src/pulsecore/socket-server.c (original)
+++ trunk/src/pulsecore/socket-server.c Wed Jul 19 23:48:35 2006
@@ -30,6 +30,7 @@
#include <sys/types.h>
#include <stdio.h>
#include <unistd.h>
+#include <sys/stat.h>
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
@@ -185,12 +186,18 @@
sa.sun_path[sizeof(sa.sun_path) - 1] = 0;
pa_socket_low_delay(fd);
-
+
if (bind(fd, (struct sockaddr*) &sa, SUN_LEN(&sa)) < 0) {
pa_log(__FILE__": bind(): %s", pa_cstrerror(errno));
goto fail;
}
+ /* Allow access from all clients. Sockets like this one should
+ * always be put inside a directory with proper access rights,
+ * because not all OS check the access rights on the socket
+ * inodes. */
+ chmod(filename, 0777);
+
if (listen(fd, 5) < 0) {
pa_log(__FILE__": listen(): %s", pa_cstrerror(errno));
goto fail;
Modified: trunk/todo
URL: http://0pointer.de/cgi-bin/viewcvs.cgi/trunk/todo?rev=1109&root=pulseaudio&r1=1108&r2=1109&view=diff
==============================================================================
--- trunk/todo (original)
+++ trunk/todo Wed Jul 19 23:48:35 2006
@@ -3,7 +3,6 @@
Post 0.9.0:
- alsa mmap driver
- dbus/hal (Shams King is working on this one)
-- polish for starting polypaudio as root/system-wide instance
- chroot()
- module-tunnel: improve latency calculation
- multiline configuration statements
@@ -32,6 +31,11 @@
- gconf module + frontend
- hooks for creating sink inputs
- insert the low-level device name in the default sink/source name, to make them recognizable
+- ssl
+- key rings for auth
+- challenge response auth
+- sasl auth
+- setrlimit
Long term:
- pass meta info for hearing impaired
More information about the pulseaudio-commits
mailing list