telepathy-qt: dbus-tubes: Rework credentials handling, inverting the logic and adopting credentials by default.

Dario Freddi drf at kemper.freedesktop.org
Tue Jul 3 15:08:57 PDT 2012 

Module: telepathy-qt
Branch: master
Commit: c3fb6ef81c21c255764ef1acb639c1779476d634
URL:    http://cgit.freedesktop.org/telepathy/telepathy-qt/commit/?id=c3fb6ef81c21c255764ef1acb639c1779476d634

Author: Dario Freddi <dario.freddi at collabora.com>
Date:   Fri Nov 11 22:50:37 2011 +0100

dbus-tubes: Rework credentials handling, inverting the logic and adopting credentials by default.

In case credentials are not available, the tube will fall back to localhost.

The D-Bus wire protocol always has one '\0' byte at the very beginning of the
stream, which is not part of the authentication handshake (text-based SASL) and
also not part of any of the subsequent D-Bus messages (binary). libdbus, GDBus
etc. assume that this byte will always be present.

If credentials-passing via SCM_CREDS (FreeBSD) or SCM_CREDENTIALS (Linux) is
supported, the credentials accompany that '\0' byte.

If the platform can't pass credentials (Windows) or can pass/get credentials
without sending a byte (Linux and OpenBSD via SO_PEERCRED, some other platforms
(Solaris?) via getpeereid or getpeerucred), it must still send the '\0' byte.

On OSs where you can choose whether to send credentials out-of-band
(LOCAL_CREDS), D-Bus expects
you to say "yes" to LOCAL_CREDS too.

For this reason why now default to credentials, and just warn if they are unsupported.

With the new API, people really needing stringent security can either assert (forgoing tubes
support these platforms) or otherwise check the
capability accessor (supportsRestrictingToCurrentUser) before trying to accept / offer the tube.
A check in the PendingDBusTube operation is also available.

Thanks to Simon McVittie and Olli Salli for their help in analyzing and solving the issue.

---

 TelepathyQt/dbus-tube-channel.cpp            |    4 +-
 TelepathyQt/dbus-tube-channel.h              |    2 +-
 TelepathyQt/incoming-dbus-tube-channel.cpp   |   38 +++++-------------
 TelepathyQt/incoming-dbus-tube-channel.h     |    2 +-
 TelepathyQt/outgoing-dbus-tube-channel.cpp   |   23 +++++------
 TelepathyQt/outgoing-dbus-tube-channel.h     |    2 +-
 TelepathyQt/pending-dbus-tube-connection.cpp |   51 +++----------------------
 TelepathyQt/pending-dbus-tube-connection.h   |    8 +---
 tests/dbus/dbus-tube-chan.cpp                |   52 +++++++++++---------------
 9 files changed, 57 insertions(+), 125 deletions(-)

Diff:   http://cgit.freedesktop.org/telepathy/telepathy-qt/diff/?id=c3fb6ef81c21c255764ef1acb639c1779476d634

More information about the telepathy-commits mailing list