dbus-sysdeps-unix.c 136 KB
Newer Older
1
/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
2
/* dbus-sysdeps-unix.c Wrappers around UNIX system/libc features (internal to D-Bus implementation)
3
 *
4
5
6
7
 * Copyright (C) 2002, 2003, 2006  Red Hat, Inc.
 * Copyright (C) 2003 CodeFactory AB
 *
 * Licensed under the Academic Free License version 2.1
8
 *
9
10
11
12
13
14
15
16
17
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
18
 *
19
20
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
21
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
22
23
24
 *
 */

25
#include <config.h>
26

27
28
#include "dbus-internals.h"
#include "dbus-sysdeps.h"
29
#include "dbus-sysdeps-unix.h"
30
31
#include "dbus-threads.h"
#include "dbus-protocol.h"
32
#include "dbus-file.h"
33
#include "dbus-transport.h"
34
#include "dbus-string.h"
35
36
#include "dbus-userdb.h"
#include "dbus-list.h"
37
#include "dbus-credentials.h"
Frank Osterfeld's avatar
Frank Osterfeld committed
38
#include "dbus-nonce.h"
39

40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
#include <sys/types.h>
#include <stdlib.h>
#include <string.h>
#include <signal.h>
#include <unistd.h>
#include <stdio.h>
#include <fcntl.h>
#include <sys/socket.h>
#include <dirent.h>
#include <sys/un.h>
#include <pwd.h>
#include <time.h>
#include <locale.h>
#include <sys/time.h>
#include <sys/stat.h>
#include <sys/wait.h>
#include <netinet/in.h>
57
#include <netinet/tcp.h>
58
59
#include <netdb.h>
#include <grp.h>
60
#include <arpa/inet.h>
61
62
63
64

#ifdef HAVE_ERRNO_H
#include <errno.h>
#endif
65
66
67
#ifdef HAVE_SYSLOG_H
#include <syslog.h>
#endif
68
69
70
71
72
73
74
75
76
#ifdef HAVE_WRITEV
#include <sys/uio.h>
#endif
#ifdef HAVE_BACKTRACE
#include <execinfo.h>
#endif
#ifdef HAVE_GETPEERUCRED
#include <ucred.h>
#endif
77
78
79
#ifdef HAVE_ALLOCA_H
#include <alloca.h>
#endif
80
81
82
#ifdef HAVE_SYS_RANDOM_H
#include <sys/random.h>
#endif
83

84
85
86
87
#ifdef HAVE_ADT
#include <bsm/adt.h>
#endif

88
89
90
#ifdef HAVE_SYSTEMD
#include <systemd/sd-daemon.h>
#endif
91

92
93
94
95
#if !DBUS_USE_SYNC
#include <pthread.h>
#endif

96
97
98
99
#ifndef O_BINARY
#define O_BINARY 0
#endif

100
101
#ifndef AI_ADDRCONFIG
#define AI_ADDRCONFIG 0
102
103
#endif

104
105
106
107
#ifndef HAVE_SOCKLEN_T
#define socklen_t int
#endif

108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
#if defined (__sun) || defined (__sun__)
/*
 * CMS_SPACE etc. definitions for Solaris < 10, based on
 *   http://mailman.videolan.org/pipermail/vlc-devel/2006-May/024402.html
 * via
 *   http://wiki.opencsw.org/porting-faq#toc10
 *
 * These are only redefined for Solaris, for now: if your OS needs these too,
 * please file a bug. (Or preferably, improve your OS so they're not needed.)
 */

# ifndef CMSG_ALIGN
#   ifdef __sun__
#     define CMSG_ALIGN(len) _CMSG_DATA_ALIGN (len)
#   else
      /* aligning to sizeof (long) is assumed to be portable (fd.o#40235) */
#     define CMSG_ALIGN(len) (((len) + sizeof (long) - 1) & \
                              ~(sizeof (long) - 1))
#   endif
# endif

# ifndef CMSG_SPACE
#   define CMSG_SPACE(len) (CMSG_ALIGN (sizeof (struct cmsghdr)) + \
                            CMSG_ALIGN (len))
# endif

# ifndef CMSG_LEN
#   define CMSG_LEN(len) (CMSG_ALIGN (sizeof (struct cmsghdr)) + (len))
# endif

#endif /* Solaris */

140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
/**
 * Ensure that the standard file descriptors stdin, stdout and stderr
 * are open, by opening /dev/null if necessary.
 *
 * This function does not use DBusError, to avoid calling malloc(), so
 * that it can be used in contexts where an async-signal-safe function
 * is required (for example after fork()). Instead, on failure it sets
 * errno and returns something like "Failed to open /dev/null" in
 * *error_str_p. Callers are expected to combine *error_str_p
 * with _dbus_strerror (errno) to get a full error report.
 *
 * This function can only be called while single-threaded: either during
 * startup of an executable, or after fork().
 */
dbus_bool_t
_dbus_ensure_standard_fds (DBusEnsureStandardFdsFlags   flags,
                           const char                 **error_str_p)
{
  static int const relevant_flag[] = { DBUS_FORCE_STDIN_NULL,
      DBUS_FORCE_STDOUT_NULL,
      DBUS_FORCE_STDERR_NULL };
  /* Should always get replaced with the real error before use */
  const char *error_str = "Failed mysteriously";
  int devnull = -1;
  int saved_errno;
  /* This function relies on the standard fds having their POSIX values. */
  _DBUS_STATIC_ASSERT (STDIN_FILENO == 0);
  _DBUS_STATIC_ASSERT (STDOUT_FILENO == 1);
  _DBUS_STATIC_ASSERT (STDERR_FILENO == 2);
  int i;

  for (i = STDIN_FILENO; i <= STDERR_FILENO; i++)
    {
      /* Because we rely on being single-threaded, and we want the
       * standard fds to not be close-on-exec, we don't set it
       * close-on-exec. */
      if (devnull < i)
        devnull = open ("/dev/null", O_RDWR);

      if (devnull < 0)
        {
          error_str = "Failed to open /dev/null";
          goto out;
        }

      /* We already opened all fds < i, so the only way this assertion
       * could fail is if another thread closed one, and we document
       * this function as not safe for multi-threading. */
      _dbus_assert (devnull >= i);

      if (devnull != i && (flags & relevant_flag[i]) != 0)
        {
          if (dup2 (devnull, i) < 0)
            {
              error_str = "Failed to dup2 /dev/null onto a standard fd";
              goto out;
            }
        }
    }

  error_str = NULL;

out:
  saved_errno = errno;

  if (devnull > STDERR_FILENO)
    close (devnull);

  if (error_str_p != NULL)
    *error_str_p = error_str;

  errno = saved_errno;
  return (error_str == NULL);
}

215
216
217
static dbus_bool_t _dbus_set_fd_nonblocking (int             fd,
                                             DBusError      *error);

218
static dbus_bool_t
219
_dbus_open_socket (int              *fd_p,
220
221
                   int               domain,
                   int               type,
222
223
                   int               protocol,
                   DBusError        *error)
224
{
225
226
227
228
229
230
231
#ifdef SOCK_CLOEXEC
  dbus_bool_t cloexec_done;

  *fd_p = socket (domain, type | SOCK_CLOEXEC, protocol);
  cloexec_done = *fd_p >= 0;

  /* Check if kernel seems to be too old to know SOCK_CLOEXEC */
232
  if (*fd_p < 0 && (errno == EINVAL || errno == EPROTOTYPE))
233
234
235
236
237
#endif
    {
      *fd_p = socket (domain, type, protocol);
    }

238
  if (*fd_p >= 0)
239
    {
240
241
242
243
244
245
246
#ifdef SOCK_CLOEXEC
      if (!cloexec_done)
#endif
        {
          _dbus_fd_set_close_on_exec(*fd_p);
        }

247
      _dbus_verbose ("socket fd %d opened\n", *fd_p);
248
249
250
251
252
253
254
255
256
257
258
259
      return TRUE;
    }
  else
    {
      dbus_set_error(error,
                     _dbus_error_from_errno (errno),
                     "Failed to open socket: %s",
                     _dbus_strerror (errno));
      return FALSE;
    }
}

260
261
262
/**
 * Opens a UNIX domain socket (as in the socket() call).
 * Does not bind the socket.
263
264
265
 *
 * This will set FD_CLOEXEC for the socket returned
 *
266
267
268
269
 * @param fd return location for socket descriptor
 * @param error return location for an error
 * @returns #FALSE if error is set
 */
270
static dbus_bool_t
271
272
273
274
_dbus_open_unix_socket (int              *fd,
                        DBusError        *error)
{
  return _dbus_open_socket(fd, PF_UNIX, SOCK_STREAM, 0, error);
275
276
}

277
278
279
280
281
282
283
284
/**
 * Closes a socket. Should not be used on non-socket
 * file descriptors or handles.
 *
 * @param fd the socket
 * @param error return location for an error
 * @returns #FALSE if error is set
 */
285
dbus_bool_t
286
_dbus_close_socket (DBusSocket        fd,
287
288
                    DBusError        *error)
{
289
  return _dbus_close (fd.fd, error);
290
291
}

292
293
294
295
296
297
298
299
300
/**
 * Like _dbus_read(), but only works on sockets so is
 * available on Windows.
 *
 * @param fd the socket
 * @param buffer string to append data to
 * @param count max amount of data to read
 * @returns number of bytes appended to the string
 */
301
int
302
_dbus_read_socket (DBusSocket        fd,
303
304
305
                   DBusString       *buffer,
                   int               count)
{
306
  return _dbus_read (fd.fd, buffer, count);
307
308
}

309
310
311
312
313
314
315
316
317
318
/**
 * Like _dbus_write(), but only supports sockets
 * and is thus available on Windows.
 *
 * @param fd the file descriptor to write
 * @param buffer the buffer to write data from
 * @param start the first byte in the buffer to write
 * @param len the number of bytes to try to write
 * @returns the number of bytes written or -1 on error
 */
319
int
320
_dbus_write_socket (DBusSocket        fd,
321
322
323
324
                    const DBusString *buffer,
                    int               start,
                    int               len)
{
325
#if HAVE_DECL_MSG_NOSIGNAL
326
327
328
329
330
331
332
  const char *data;
  int bytes_written;

  data = _dbus_string_get_const_data_len (buffer, start, len);

 again:

333
  bytes_written = send (fd.fd, data, len, MSG_NOSIGNAL);
334
335
336
337
338
339
340

  if (bytes_written < 0 && errno == EINTR)
    goto again;

  return bytes_written;

#else
341
  return _dbus_write (fd.fd, buffer, start, len);
342
#endif
343
344
}

345
346
347
348
349
350
351
352
353
354
355
356
357
/**
 * Like _dbus_read_socket() but also tries to read unix fds from the
 * socket. When there are more fds to read than space in the array
 * passed this function will fail with ENOSPC.
 *
 * @param fd the socket
 * @param buffer string to append data to
 * @param count max amount of data to read
 * @param fds array to place read file descriptors in
 * @param n_fds on input space in fds array, on output how many fds actually got read
 * @returns number of bytes appended to string
 */
int
358
_dbus_read_socket_with_unix_fds (DBusSocket        fd,
359
360
361
                                 DBusString       *buffer,
                                 int               count,
                                 int              *fds,
362
                                 unsigned int     *n_fds) {
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
#ifndef HAVE_UNIX_FD_PASSING
  int r;

  if ((r = _dbus_read_socket(fd, buffer, count)) < 0)
    return r;

  *n_fds = 0;
  return r;

#else
  int bytes_read;
  int start;
  struct msghdr m;
  struct iovec iov;

  _dbus_assert (count >= 0);
379
  _dbus_assert (*n_fds <= DBUS_MAXIMUM_MESSAGE_UNIX_FDS);
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407

  start = _dbus_string_get_length (buffer);

  if (!_dbus_string_lengthen (buffer, count))
    {
      errno = ENOMEM;
      return -1;
    }

  _DBUS_ZERO(iov);
  iov.iov_base = _dbus_string_get_data_len (buffer, start, count);
  iov.iov_len = count;

  _DBUS_ZERO(m);
  m.msg_iov = &iov;
  m.msg_iovlen = 1;

  /* Hmm, we have no clue how long the control data will actually be
     that is queued for us. The least we can do is assume that the
     caller knows. Hence let's make space for the number of fds that
     we shall read at max plus the cmsg header. */
  m.msg_controllen = CMSG_SPACE(*n_fds * sizeof(int));

  /* It's probably safe to assume that systems with SCM_RIGHTS also
     know alloca() */
  m.msg_control = alloca(m.msg_controllen);
  memset(m.msg_control, 0, m.msg_controllen);

408
409
410
411
412
413
  /* Do not include the padding at the end when we tell the kernel
   * how much we're willing to receive. This avoids getting
   * the padding filled with additional fds that we weren't expecting,
   * if a (potentially malicious) sender included them. (fd.o #83622) */
  m.msg_controllen = CMSG_LEN (*n_fds * sizeof(int));

414
415
 again:

416
  bytes_read = recvmsg (fd.fd, &m, 0
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
#ifdef MSG_CMSG_CLOEXEC
                       |MSG_CMSG_CLOEXEC
#endif
                       );

  if (bytes_read < 0)
    {
      if (errno == EINTR)
        goto again;
      else
        {
          /* put length back (note that this doesn't actually realloc anything) */
          _dbus_string_set_length (buffer, start);
          return -1;
        }
    }
  else
    {
      struct cmsghdr *cm;
      dbus_bool_t found = FALSE;

      if (m.msg_flags & MSG_CTRUNC)
        {
          /* Hmm, apparently the control data was truncated. The bad
             thing is that we might have completely lost a couple of fds
             without chance to recover them. Hence let's treat this as a
             serious error. */

          errno = ENOSPC;
          _dbus_string_set_length (buffer, start);
          return -1;
        }

      for (cm = CMSG_FIRSTHDR(&m); cm; cm = CMSG_NXTHDR(&m, cm))
        if (cm->cmsg_level == SOL_SOCKET && cm->cmsg_type == SCM_RIGHTS)
          {
453
454
455
456
457
458
            size_t i;
            int *payload = (int *) CMSG_DATA (cm);
            size_t payload_len_bytes = (cm->cmsg_len - CMSG_LEN (0));
            size_t payload_len_fds = payload_len_bytes / sizeof (int);
            size_t fds_to_use;

459
            /* Every unsigned int fits in a size_t without truncation, so
460
             * casting (size_t) *n_fds is OK */
461
            _DBUS_STATIC_ASSERT (sizeof (size_t) >= sizeof (unsigned int));
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485

            if (_DBUS_LIKELY (payload_len_fds <= (size_t) *n_fds))
              {
                /* The fds in the payload will fit in our buffer */
                fds_to_use = payload_len_fds;
              }
            else
              {
                /* Too many fds in the payload. This shouldn't happen
                 * any more because we're setting m.msg_controllen to
                 * the exact number we can accept, but be safe and
                 * truncate. */
                fds_to_use = (size_t) *n_fds;

                /* Close the excess fds to avoid DoS: if they stayed open,
                 * someone could send us an extra fd per message
                 * and we'd eventually run out. */
                for (i = fds_to_use; i < payload_len_fds; i++)
                  {
                    close (payload[i]);
                  }
              }

            memcpy (fds, payload, fds_to_use * sizeof (int));
486
            found = TRUE;
487
488
            /* This narrowing cast from size_t to unsigned int cannot
             * overflow because we have chosen fds_to_use
489
             * to be <= *n_fds */
490
            *n_fds = (unsigned int) fds_to_use;
491
492
493
494

            /* Linux doesn't tell us whether MSG_CMSG_CLOEXEC actually
               worked, hence we need to go through this list and set
               CLOEXEC everywhere in any case */
495
            for (i = 0; i < fds_to_use; i++)
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
              _dbus_fd_set_close_on_exec(fds[i]);

            break;
          }

      if (!found)
        *n_fds = 0;

      /* put length back (doesn't actually realloc) */
      _dbus_string_set_length (buffer, start + bytes_read);

#if 0
      if (bytes_read > 0)
        _dbus_verbose_bytes_of_string (buffer, start, bytes_read);
#endif

      return bytes_read;
    }
#endif
}

int
518
_dbus_write_socket_with_unix_fds(DBusSocket        fd,
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
                                 const DBusString *buffer,
                                 int               start,
                                 int               len,
                                 const int        *fds,
                                 int               n_fds) {

#ifndef HAVE_UNIX_FD_PASSING

  if (n_fds > 0) {
    errno = ENOTSUP;
    return -1;
  }

  return _dbus_write_socket(fd, buffer, start, len);
#else
  return _dbus_write_socket_with_unix_fds_two(fd, buffer, start, len, NULL, 0, 0, fds, n_fds);
#endif
}

int
539
_dbus_write_socket_with_unix_fds_two(DBusSocket        fd,
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
                                     const DBusString *buffer1,
                                     int               start1,
                                     int               len1,
                                     const DBusString *buffer2,
                                     int               start2,
                                     int               len2,
                                     const int        *fds,
                                     int               n_fds) {

#ifndef HAVE_UNIX_FD_PASSING

  if (n_fds > 0) {
    errno = ENOTSUP;
    return -1;
  }

  return _dbus_write_socket_two(fd,
                                buffer1, start1, len1,
                                buffer2, start2, len2);
#else

  struct msghdr m;
  struct cmsghdr *cm;
  struct iovec iov[2];
  int bytes_written;

  _dbus_assert (len1 >= 0);
  _dbus_assert (len2 >= 0);
  _dbus_assert (n_fds >= 0);

  _DBUS_ZERO(iov);
  iov[0].iov_base = (char*) _dbus_string_get_const_data_len (buffer1, start1, len1);
  iov[0].iov_len = len1;

  if (buffer2)
    {
      iov[1].iov_base = (char*) _dbus_string_get_const_data_len (buffer2, start2, len2);
      iov[1].iov_len = len2;
    }

  _DBUS_ZERO(m);
  m.msg_iov = iov;
  m.msg_iovlen = buffer2 ? 2 : 1;

  if (n_fds > 0)
    {
      m.msg_controllen = CMSG_SPACE(n_fds * sizeof(int));
      m.msg_control = alloca(m.msg_controllen);
      memset(m.msg_control, 0, m.msg_controllen);

      cm = CMSG_FIRSTHDR(&m);
      cm->cmsg_level = SOL_SOCKET;
      cm->cmsg_type = SCM_RIGHTS;
      cm->cmsg_len = CMSG_LEN(n_fds * sizeof(int));
      memcpy(CMSG_DATA(cm), fds, n_fds * sizeof(int));
    }

 again:

599
  bytes_written = sendmsg (fd.fd, &m, 0
600
#if HAVE_DECL_MSG_NOSIGNAL
601
602
603
604
605
606
607
608
609
610
611
612
613
614
                           |MSG_NOSIGNAL
#endif
                           );

  if (bytes_written < 0 && errno == EINTR)
    goto again;

#if 0
  if (bytes_written > 0)
    _dbus_verbose_bytes_of_string (buffer, start, bytes_written);
#endif

  return bytes_written;
#endif
615
616
}

617
618
619
/**
 * Like _dbus_write_two() but only works on sockets and is thus
 * available on Windows.
620
 *
621
622
623
624
625
626
627
628
629
 * @param fd the file descriptor
 * @param buffer1 first buffer
 * @param start1 first byte to write in first buffer
 * @param len1 number of bytes to write from first buffer
 * @param buffer2 second buffer, or #NULL
 * @param start2 first byte to write in second buffer
 * @param len2 number of bytes to write in second buffer
 * @returns total bytes written from both buffers, or -1 on error
 */
630
int
631
_dbus_write_socket_two (DBusSocket        fd,
632
633
634
635
636
637
638
                        const DBusString *buffer1,
                        int               start1,
                        int               len1,
                        const DBusString *buffer2,
                        int               start2,
                        int               len2)
{
639
#if HAVE_DECL_MSG_NOSIGNAL
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
  struct iovec vectors[2];
  const char *data1;
  const char *data2;
  int bytes_written;
  struct msghdr m;

  _dbus_assert (buffer1 != NULL);
  _dbus_assert (start1 >= 0);
  _dbus_assert (start2 >= 0);
  _dbus_assert (len1 >= 0);
  _dbus_assert (len2 >= 0);

  data1 = _dbus_string_get_const_data_len (buffer1, start1, len1);

  if (buffer2 != NULL)
    data2 = _dbus_string_get_const_data_len (buffer2, start2, len2);
  else
    {
      data2 = NULL;
      start2 = 0;
      len2 = 0;
    }

  vectors[0].iov_base = (char*) data1;
  vectors[0].iov_len = len1;
  vectors[1].iov_base = (char*) data2;
  vectors[1].iov_len = len2;

668
  _DBUS_ZERO(m);
669
670
671
672
673
  m.msg_iov = vectors;
  m.msg_iovlen = data2 ? 2 : 1;

 again:

674
  bytes_written = sendmsg (fd.fd, &m, MSG_NOSIGNAL);
675
676
677
678
679
680
681

  if (bytes_written < 0 && errno == EINTR)
    goto again;

  return bytes_written;

#else
682
  return _dbus_write_two (fd.fd, buffer1, start1, len1,
683
                          buffer2, start2, len2);
684
#endif
685
686
}

687
688
689
690
691
/**
 * Thin wrapper around the read() system call that appends
 * the data it reads to the DBusString buffer. It appends
 * up to the given count, and returns the same value
 * and same errno as read(). The only exception is that
692
 * _dbus_read() handles EINTR for you. Also, _dbus_read() can
693
694
 * return ENOMEM, even though regular UNIX read doesn't.
 *
695
696
 * Unlike _dbus_read_socket(), _dbus_read() is not available
 * on Windows.
697
 *
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
 * @param fd the file descriptor to read from
 * @param buffer the buffer to append data to
 * @param count the amount of data to read
 * @returns the number of bytes read or -1
 */
int
_dbus_read (int               fd,
            DBusString       *buffer,
            int               count)
{
  int bytes_read;
  int start;
  char *data;

  _dbus_assert (count >= 0);
713

714
715
716
717
718
719
720
721
722
723
724
  start = _dbus_string_get_length (buffer);

  if (!_dbus_string_lengthen (buffer, count))
    {
      errno = ENOMEM;
      return -1;
    }

  data = _dbus_string_get_data_len (buffer, start, count);

 again:
725

726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
  bytes_read = read (fd, data, count);

  if (bytes_read < 0)
    {
      if (errno == EINTR)
        goto again;
      else
        {
          /* put length back (note that this doesn't actually realloc anything) */
          _dbus_string_set_length (buffer, start);
          return -1;
        }
    }
  else
    {
      /* put length back (doesn't actually realloc) */
      _dbus_string_set_length (buffer, start + bytes_read);

#if 0
      if (bytes_read > 0)
        _dbus_verbose_bytes_of_string (buffer, start, bytes_read);
#endif
748

749
750
751
752
753
754
755
      return bytes_read;
    }
}

/**
 * Thin wrapper around the write() system call that writes a part of a
 * DBusString and handles EINTR for you.
756
 *
757
758
759
760
761
762
763
764
765
766
767
768
769
770
 * @param fd the file descriptor to write
 * @param buffer the buffer to write data from
 * @param start the first byte in the buffer to write
 * @param len the number of bytes to try to write
 * @returns the number of bytes written or -1 on error
 */
int
_dbus_write (int               fd,
             const DBusString *buffer,
             int               start,
             int               len)
{
  const char *data;
  int bytes_written;
771

772
  data = _dbus_string_get_const_data_len (buffer, start, len);
773

774
775
776
777
778
779
780
781
782
783
784
 again:

  bytes_written = write (fd, data, len);

  if (bytes_written < 0 && errno == EINTR)
    goto again;

#if 0
  if (bytes_written > 0)
    _dbus_verbose_bytes_of_string (buffer, start, bytes_written);
#endif
785

786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
  return bytes_written;
}

/**
 * Like _dbus_write() but will use writev() if possible
 * to write both buffers in sequence. The return value
 * is the number of bytes written in the first buffer,
 * plus the number written in the second. If the first
 * buffer is written successfully and an error occurs
 * writing the second, the number of bytes in the first
 * is returned (i.e. the error is ignored), on systems that
 * don't have writev. Handles EINTR for you.
 * The second buffer may be #NULL.
 *
 * @param fd the file descriptor
 * @param buffer1 first buffer
 * @param start1 first byte to write in first buffer
 * @param len1 number of bytes to write from first buffer
 * @param buffer2 second buffer, or #NULL
 * @param start2 first byte to write in second buffer
 * @param len2 number of bytes to write in second buffer
 * @returns total bytes written from both buffers, or -1 on error
 */
int
_dbus_write_two (int               fd,
                 const DBusString *buffer1,
                 int               start1,
                 int               len1,
                 const DBusString *buffer2,
                 int               start2,
                 int               len2)
{
  _dbus_assert (buffer1 != NULL);
  _dbus_assert (start1 >= 0);
  _dbus_assert (start2 >= 0);
  _dbus_assert (len1 >= 0);
  _dbus_assert (len2 >= 0);
823

824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
#ifdef HAVE_WRITEV
  {
    struct iovec vectors[2];
    const char *data1;
    const char *data2;
    int bytes_written;

    data1 = _dbus_string_get_const_data_len (buffer1, start1, len1);

    if (buffer2 != NULL)
      data2 = _dbus_string_get_const_data_len (buffer2, start2, len2);
    else
      {
        data2 = NULL;
        start2 = 0;
        len2 = 0;
      }
841

842
843
844
845
846
847
    vectors[0].iov_base = (char*) data1;
    vectors[0].iov_len = len1;
    vectors[1].iov_base = (char*) data2;
    vectors[1].iov_len = len2;

  again:
848

849
850
851
852
853
854
    bytes_written = writev (fd,
                            vectors,
                            data2 ? 2 : 1);

    if (bytes_written < 0 && errno == EINTR)
      goto again;
855

856
857
858
859
    return bytes_written;
  }
#else /* HAVE_WRITEV */
  {
860
    int ret1, ret2;
861

862
863
864
865
866
867
    ret1 = _dbus_write (fd, buffer1, start1, len1);
    if (ret1 == len1 && buffer2 != NULL)
      {
        ret2 = _dbus_write (fd, buffer2, start2, len2);
        if (ret2 < 0)
          ret2 = 0; /* we can't report an error as the first write was OK */
868

869
870
871
872
873
        return ret1 + ret2;
      }
    else
      return ret1;
  }
874
#endif /* !HAVE_WRITEV */
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
}

#define _DBUS_MAX_SUN_PATH_LENGTH 99

/**
 * @def _DBUS_MAX_SUN_PATH_LENGTH
 *
 * Maximum length of the path to a UNIX domain socket,
 * sockaddr_un::sun_path member. POSIX requires that all systems
 * support at least 100 bytes here, including the nul termination.
 * We use 99 for the max value to allow for the nul.
 *
 * We could probably also do sizeof (addr.sun_path)
 * but this way we are the same on all platforms
 * which is probably a good idea.
 */

/**
 * Creates a socket and connects it to the UNIX domain socket at the
 * given path.  The connection fd is returned, and is set up as
 * nonblocking.
896
 *
897
898
899
900
 * Uses abstract sockets instead of filesystem-linked sockets if
 * requested (it's possible only on Linux; see "man 7 unix" on Linux).
 * On non-Linux abstract socket usage always fails.
 *
901
902
 * This will set FD_CLOEXEC for the socket returned.
 *
903
904
905
906
907
908
909
910
911
912
913
914
 * @param path the path to UNIX domain socket
 * @param abstract #TRUE to use abstract namespace
 * @param error return location for error code
 * @returns connection file descriptor or -1 on error
 */
int
_dbus_connect_unix_socket (const char     *path,
                           dbus_bool_t     abstract,
                           DBusError      *error)
{
  int fd;
  size_t path_len;
915
  struct sockaddr_un addr;
916
  _DBUS_STATIC_ASSERT (sizeof (addr.sun_path) > _DBUS_MAX_SUN_PATH_LENGTH);
917
918
919
920
921

  _DBUS_ASSERT_ERROR_IS_CLEAR (error);

  _dbus_verbose ("connecting to unix socket %s abstract=%d\n",
                 path, abstract);
922
923


924
  if (!_dbus_open_unix_socket (&fd, error))
925
    {
926
      _DBUS_ASSERT_ERROR_IS_SET(error);
927
928
      return -1;
    }
929
  _DBUS_ASSERT_ERROR_IS_CLEAR(error);
930
931
932
933
934
935
936

  _DBUS_ZERO (addr);
  addr.sun_family = AF_UNIX;
  path_len = strlen (path);

  if (abstract)
    {
937
#ifdef __linux__
938
939
940
941
942
943
944
945
946
947
      addr.sun_path[0] = '\0'; /* this is what says "use abstract" */
      path_len++; /* Account for the extra nul byte added to the start of sun_path */

      if (path_len > _DBUS_MAX_SUN_PATH_LENGTH)
        {
          dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
                      "Abstract socket name too long\n");
          _dbus_close (fd, NULL);
          return -1;
	}
948

949
      strncpy (&addr.sun_path[1], path, sizeof (addr.sun_path) - 2);
950
      /* _dbus_verbose_bytes (addr.sun_path, sizeof (addr.sun_path)); */
951
#else /* !__linux__ */
952
953
954
955
      dbus_set_error (error, DBUS_ERROR_NOT_SUPPORTED,
                      "Operating system does not support abstract socket namespace\n");
      _dbus_close (fd, NULL);
      return -1;
956
#endif /* !__linux__ */
957
958
959
960
961
962
963
964
965
966
967
    }
  else
    {
      if (path_len > _DBUS_MAX_SUN_PATH_LENGTH)
        {
          dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
                      "Socket name too long\n");
          _dbus_close (fd, NULL);
          return -1;
	}

968
      strncpy (addr.sun_path, path, sizeof (addr.sun_path) - 1);
969
    }
970

971
  if (connect (fd, (struct sockaddr*) &addr, _DBUS_STRUCT_OFFSET (struct sockaddr_un, sun_path) + path_len) < 0)
972
    {
973
974
975
976
977
978
979
980
981
982
983
984
      dbus_set_error (error,
                      _dbus_error_from_errno (errno),
                      "Failed to connect to socket %s: %s",
                      path, _dbus_strerror (errno));

      _dbus_close (fd, NULL);
      return -1;
    }

  if (!_dbus_set_fd_nonblocking (fd, error))
    {
      _DBUS_ASSERT_ERROR_IS_SET (error);
985

986
987
988
989
990
991
992
      _dbus_close (fd, NULL);
      return -1;
    }

  return fd;
}

993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
/**
 * Creates a UNIX domain socket and connects it to the specified
 * process to execute.
 *
 * This will set FD_CLOEXEC for the socket returned.
 *
 * @param path the path to the executable
 * @param argv the argument list for the process to execute.
 * argv[0] typically is identical to the path of the executable
 * @param error return location for error code
 * @returns connection file descriptor or -1 on error
 */
int
_dbus_connect_exec (const char     *path,
                    char *const    argv[],
                    DBusError      *error)
{
  int fds[2];
  pid_t pid;
1012
1013
  int retval;
  dbus_bool_t cloexec_done = 0;
1014
1015
1016
1017
1018
1019

  _DBUS_ASSERT_ERROR_IS_CLEAR (error);

  _dbus_verbose ("connecting to process %s\n", path);

#ifdef SOCK_CLOEXEC
1020
1021
1022
  retval = socketpair (AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0, fds);
  cloexec_done = (retval >= 0);

1023
  if (retval < 0 && (errno == EINVAL || errno == EPROTOTYPE))
1024
#endif
1025
1026
1027
1028
1029
    {
      retval = socketpair (AF_UNIX, SOCK_STREAM, 0, fds);
    }

  if (retval < 0)
1030
1031
1032
1033
1034
1035
1036
1037
    {
      dbus_set_error (error,
                      _dbus_error_from_errno (errno),
                      "Failed to create socket pair: %s",
                      _dbus_strerror (errno));
      return -1;
    }

1038
1039
1040
1041
1042
  if (!cloexec_done)
    {
      _dbus_fd_set_close_on_exec (fds[0]);
      _dbus_fd_set_close_on_exec (fds[1]);
    }
1043

1044
1045
1046
1047
1048
  /* Make sure our output buffers aren't redundantly printed by both the
   * parent and the child */
  fflush (stdout);
  fflush (stderr);

1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
  pid = fork ();
  if (pid < 0)
    {
      dbus_set_error (error,
                      _dbus_error_from_errno (errno),
                      "Failed to fork() to call %s: %s",
                      path, _dbus_strerror (errno));
      close (fds[0]);
      close (fds[1]);
      return -1;
    }

  if (pid == 0)
    {
      /* child */
      close (fds[0]);

      dup2 (fds[1], STDIN_FILENO);
      dup2 (fds[1], STDOUT_FILENO);

      if (fds[1] != STDIN_FILENO &&
          fds[1] != STDOUT_FILENO)
        close (fds[1]);

      /* Inherit STDERR and the controlling terminal from the
         parent */

      _dbus_close_all ();

Simon McVittie's avatar
Simon McVittie committed
1078
      execvp (path, (char * const *) argv);
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098

      fprintf (stderr, "Failed to execute process %s: %s\n", path, _dbus_strerror (errno));

      _exit(1);
    }

  /* parent */
  close (fds[1]);

  if (!_dbus_set_fd_nonblocking (fds[0], error))
    {
      _DBUS_ASSERT_ERROR_IS_SET (error);

      close (fds[0]);
      return -1;
    }

  return fds[0];
}

1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
/**
 * Creates a socket and binds it to the given path,
 * then listens on the socket. The socket is
 * set to be nonblocking.
 *
 * Uses abstract sockets instead of filesystem-linked
 * sockets if requested (it's possible only on Linux;
 * see "man 7 unix" on Linux).
 * On non-Linux abstract socket usage always fails.
 *
1109
1110
 * This will set FD_CLOEXEC for the socket returned
 *
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
 * @param path the socket name
 * @param abstract #TRUE to use abstract namespace
 * @param error return location for errors
 * @returns the listening file descriptor or -1 on error
 */
int
_dbus_listen_unix_socket (const char     *path,
                          dbus_bool_t     abstract,
                          DBusError      *error)
{
  int listen_fd;
  struct sockaddr_un addr;
  size_t path_len;
1124
  _DBUS_STATIC_ASSERT (sizeof (addr.sun_path) > _DBUS_MAX_SUN_PATH_LENGTH);
1125
1126
1127
1128
1129

  _DBUS_ASSERT_ERROR_IS_CLEAR (error);

  _dbus_verbose ("listening on unix socket %s abstract=%d\n",
                 path, abstract);
1130

1131
  if (!_dbus_open_unix_socket (&listen_fd, error))
1132
    {
1133
      _DBUS_ASSERT_ERROR_IS_SET(error);
1134
1135
      return -1;
    }
1136
  _DBUS_ASSERT_ERROR_IS_CLEAR(error);
1137
1138
1139
1140

  _DBUS_ZERO (addr);
  addr.sun_family = AF_UNIX;
  path_len = strlen (path);
1141

1142
1143
  if (abstract)
    {
1144
#ifdef __linux__
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
      /* remember that abstract names aren't nul-terminated so we rely
       * on sun_path being filled in with zeroes above.
       */
      addr.sun_path[0] = '\0'; /* this is what says "use abstract" */
      path_len++; /* Account for the extra nul byte added to the start of sun_path */

      if (path_len > _DBUS_MAX_SUN_PATH_LENGTH)
        {
          dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
                      "Abstract socket name too long\n");
          _dbus_close (listen_fd, NULL);
          return -1;
	}
1158

1159
      strncpy (&addr.sun_path[1], path, sizeof (addr.sun_path) - 2);
1160
      /* _dbus_verbose_bytes (addr.sun_path, sizeof (addr.sun_path)); */
1161
#else /* !__linux__ */
1162
1163
1164
1165
      dbus_set_error (error, DBUS_ERROR_NOT_SUPPORTED,
                      "Operating system does not support abstract socket namespace\n");
      _dbus_close (listen_fd, NULL);
      return -1;
1166
#endif /* !__linux__ */
1167
1168
1169
    }
  else
    {
1170
      /* Discussed security implications of this with Nalin,
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
       * and we couldn't think of where it would kick our ass, but
       * it still seems a bit sucky. It also has non-security suckage;
       * really we'd prefer to exit if the socket is already in use.
       * But there doesn't seem to be a good way to do this.
       *
       * Just to be extra careful, I threw in the stat() - clearly
       * the stat() can't *fix* any security issue, but it at least
       * avoids inadvertent/accidental data loss.
       */
      {
        struct stat sb;

        if (stat (path, &sb) == 0 &&
            S_ISSOCK (sb.st_mode))
          unlink (path);
      }

      if (path_len > _DBUS_MAX_SUN_PATH_LENGTH)
        {
          dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
Antoine Jacoutot's avatar
Antoine Jacoutot committed
1191
                      "Socket name too long\n");
1192
1193
1194
          _dbus_close (listen_fd, NULL);
          return -1;
	}
1195

1196
      strncpy (addr.sun_path, path, sizeof (addr.sun_path) - 1);
1197
    }
1198

1199
1200
1201
1202
1203
1204
1205
1206
1207
  if (bind (listen_fd, (struct sockaddr*) &addr, _DBUS_STRUCT_OFFSET (struct sockaddr_un, sun_path) + path_len) < 0)
    {
      dbus_set_error (error, _dbus_error_from_errno (errno),
                      "Failed to bind socket \"%s\": %s",
                      path, _dbus_strerror (errno));
      _dbus_close (listen_fd, NULL);
      return -1;
    }

1208
  if (listen (listen_fd, SOMAXCONN /* backlog */) < 0)
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
    {
      dbus_set_error (error, _dbus_error_from_errno (errno),
                      "Failed to listen on socket \"%s\": %s",
                      path, _dbus_strerror (errno));
      _dbus_close (listen_fd, NULL);
      return -1;
    }

  if (!_dbus_set_fd_nonblocking (listen_fd, error))
    {
      _DBUS_ASSERT_ERROR_IS_SET (error);
      _dbus_close (listen_fd, NULL);
      return -1;
    }
1223

1224
1225
1226
1227
  /* Try opening up the permissions, but if we can't, just go ahead
   * and continue, maybe it will be good enough.
   */
  if (!abstract && chmod (path, 0777) < 0)
1228
    _dbus_warn ("Could not set mode 0777 on socket %s", path);
1229

1230
1231
1232
1233
  return listen_fd;
}

/**
1234
1235
1236
1237
1238
 * Acquires one or more sockets passed in from systemd. The sockets
 * are set to be nonblocking.
 *
 * This will set FD_CLOEXEC for the sockets returned.
 *
1239
 * @param fds the file descriptors
1240
1241
1242
1243
 * @param error return location for errors
 * @returns the number of file descriptors
 */
int
1244
1245
_dbus_listen_systemd_sockets (DBusSocket **fds,
                              DBusError   *error)
1246
{
1247
#ifdef HAVE_SYSTEMD
1248
  int r, n;
1249
  int fd;
1250
  DBusSocket *new_fds;
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291

  _DBUS_ASSERT_ERROR_IS_CLEAR (error);

  n = sd_listen_fds (TRUE);
  if (n < 0)
    {
      dbus_set_error (error, _dbus_error_from_errno (-n),
                      "Failed to acquire systemd socket: %s",
                      _dbus_strerror (-n));
      return -1;
    }

  if (n <= 0)
    {
      dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
                      "No socket received.");
      return -1;
    }

  for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd ++)
    {
      r = sd_is_socket (fd, AF_UNSPEC, SOCK_STREAM, 1);
      if (r < 0)
        {
          dbus_set_error (error, _dbus_error_from_errno (-r),
                          "Failed to verify systemd socket type: %s",
                          _dbus_strerror (-r));
          return -1;
        }

      if (!r)
        {
          dbus_set_error (error, DBUS_ERROR_BAD_ADDRESS,
                          "Passed socket has wrong type.");
          return -1;
        }
    }

  /* OK, the file descriptors are all good, so let's take posession of
     them then. */

1292
  new_fds = dbus_new (DBusSocket, n);
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
  if (!new_fds)
    {
      dbus_set_error (error, DBUS_ERROR_NO_MEMORY,
                      "Failed to allocate file handle array.");
      goto fail;
    }

  for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd ++)
    {
      if (!_dbus_set_fd_nonblocking (fd, error))
        {
          _DBUS_ASSERT_ERROR_IS_SET (error);
          goto fail;
        }

1308
      new_fds[fd - SD_LISTEN_FDS_START].fd = fd;
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
    }

  *fds = new_fds;
  return n;

 fail:

  for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd ++)
    {
      _dbus_close (fd, NULL);
    }

  dbus_free (new_fds);
  return -1;
1323
1324
1325
1326
1327
#else
  dbus_set_error_const (error, DBUS_ERROR_NOT_SUPPORTED,
                        "dbus was compiled without systemd support");
  return -1;
#endif
1328
1329
}

1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
/* Convert an error code from getaddrinfo() or getnameinfo() into
 * a D-Bus error name. */
static const char *
_dbus_error_from_gai (int gai_res,
                      int saved_errno)
{
  switch (gai_res)
    {
#ifdef EAI_FAMILY
      case EAI_FAMILY:
        /* ai_family not supported (at all) */
        return DBUS_ERROR_NOT_SUPPORTED;
#endif

#ifdef EAI_SOCKTYPE
      case EAI_SOCKTYPE:
        /* ai_socktype not supported (at all) */
        return DBUS_ERROR_NOT_SUPPORTED;
#endif

#ifdef EAI_MEMORY
      case EAI_MEMORY:
        /* Out of memory */
        return DBUS_ERROR_NO_MEMORY;
#endif

#ifdef EAI_SYSTEM
      case EAI_SYSTEM:
        /* Unspecified system error, details in errno */
        return _dbus_error_from_errno (saved_errno);
#endif

      case 0:
        /* It succeeded, but we didn't get any addresses? */
        return DBUS_ERROR_FAILED;

      /* EAI_AGAIN: Transient failure */
      /* EAI_BADFLAGS: invalid ai_flags (programming error) */
      /* EAI_FAIL: Non-recoverable failure */
      /* EAI_NODATA: host exists but has no addresses */
      /* EAI_NONAME: host does not exist */
      /* EAI_OVERFLOW: argument buffer overflow */
      /* EAI_SERVICE: service not available for specified socket
       * type (we should never see this because we use numeric
       * ports) */
      default:
        return DBUS_ERROR_FAILED;
    }
}

1380
1381
/**
 * Creates a socket and connects to a socket at the given host
1382
1383
1384
 * and port. The connection fd is returned, and is set up as
 * nonblocking.
 *
1385
1386
 * This will set FD_CLOEXEC for the socket returned
 *
1387
 * @param host the host name to connect to
1388
1389
 * @param port the port to connect to
 * @param family the address family to listen on, NULL for all
1390
1391
1392
 * @param error return location for error code
 * @returns connection file descriptor or -1 on error
 */
1393
DBusSocket
1394
_dbus_connect_tcp_socket (const char     *host,
1395
1396
                          const char     *port,
                          const char     *family,
1397
                          DBusError      *error)
1398
1399
1400
1401
{
    return _dbus_connect_tcp_socket_with_nonce (host, port, family, (const char*)NULL, error);
}

1402
DBusSocket
1403
1404
1405
1406
1407
_dbus_connect_tcp_socket_with_nonce (const char     *host,
                                     const char     *port,
                                     const char     *family,
                                     const char     *noncefile,
                                     DBusError      *error)
1408
{
Colin Walters's avatar
Colin Walters committed
1409
  int saved_errno = 0;
1410
  DBusList *connect_errors = NULL;
1411
1412
  DBusSocket fd = DBUS_SOCKET_INIT;
  int res;
1413
  struct addrinfo hints;
1414
1415
  struct addrinfo *ai = NULL;
  const struct addrinfo *tmp;
1416
  DBusError *connect_error;
1417

1418
  _DBUS_ASSERT_ERROR_IS_CLEAR(error);
1419

1420
1421
1422
1423
1424
1425
1426
1427
1428
  _DBUS_ZERO (hints);

  if (!family)
    hints.ai_family = AF_UNSPEC;
  else if (!strcmp(family, "ipv4"))
    hints.ai_family = AF_INET;
  else if (!strcmp(family, "ipv6"))
    hints.ai_family = AF_INET6;
  else
1429
1430
    {
      dbus_set_error (error,
1431
                      DBUS_ERROR_BAD_ADDRESS,
1432
                      "Unknown address family %s", family);
1433
      return _dbus_socket_get_invalid ();
1434
    }
1435
1436
1437
  hints.ai_protocol = IPPROTO_TCP;
  hints.ai_socktype = SOCK_STREAM;
  hints.ai_flags = AI_ADDRCONFIG;
1438

1439
1440
  if ((res = getaddrinfo(host, port, &hints, &ai)) != 0)
    {
1441
      dbus_set_error (error,
1442
                      _dbus_error_from_gai (res, errno),
1443
1444
                      "Failed to lookup host/port: \"%s:%s\": %s (%d)",
                      host, port, gai_strerror(res), res);
1445
1446
      _dbus_socket_invalidate (&fd);
      goto out;
1447
1448
    }

1449
1450
1451
  tmp = ai;
  while (tmp)
    {
1452
      if (!_dbus_open_socket (&fd.fd, tmp->ai_family, SOCK_STREAM, 0, error))
1453
1454
        {
          _DBUS_ASSERT_ERROR_IS_SET(error);
1455
1456
          _dbus_socket_invalidate (&fd);
          goto out;
1457
1458
1459
        }
      _DBUS_ASSERT_ERROR_IS_CLEAR(error);

1460
      if (connect (fd.fd, (struct sockaddr*) tmp->ai_addr, tmp->ai_addrlen) < 0)
1461
        {
1462
          saved_errno = errno;
1463
          _dbus_close (fd.fd, NULL);
1464
          _dbus_socket_invalidate (&fd);
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487

          connect_error = dbus_new0 (DBusError, 1);

          if (connect_error == NULL)
            {
              _DBUS_SET_OOM (error);
              goto out;
            }

          dbus_error_init (connect_error);
          _dbus_set_error_with_inet_sockaddr (connect_error,
                                              tmp->ai_addr, tmp->ai_addrlen,
                                              "Failed to connect to socket",
                                              saved_errno);

          if (!_dbus_list_append (&connect_errors, connect_error))
            {
              dbus_error_free (connect_error);
              dbus_free (connect_error);
              _DBUS_SET_OOM (error);
              goto out;
            }

1488
1489
1490
1491
1492
1493
1494
          tmp = tmp->ai_next;
          continue;
        }

      break;
    }

1495
  if (!_dbus_socket_is_valid (fd))
1496
    {
1497
1498
      _dbus_combine_tcp_errors (&connect_errors, "Failed to connect",
                                host, port, error);
1499
      goto out;
1500
1501
    }

1502
1503
1504
1505
1506
1507
  if (noncefile != NULL)
    {
      DBusString noncefileStr;
      dbus_bool_t ret;
      _dbus_string_init_const (&noncefileStr, noncefile);
      ret = _dbus_send_nonce (fd, &noncefileStr, error);
1508

1509
      if (!ret)
1510
1511
        {
          _dbus_close (fd.fd, NULL);
1512
1513
          _dbus_socket_invalidate (&fd);
          goto out;
1514
1515
        }
    }
1516

1517
  if (!_dbus_set_fd_nonblocking (fd.fd, error))
1518
    {
1519
      _dbus_close (fd.fd, NULL);
1520
1521
      _dbus_socket_invalidate (&fd);
      goto out;
1522
1523
    }

1524
out:
1525
1526
1527
  if (ai != NULL)
    freeaddrinfo (ai);

1528
1529
1530
1531
1532
1533
  while ((connect_error = _dbus_list_pop_first (&connect_errors)))
    {
      dbus_error_free (connect_error);
      dbus_free (connect_error);
    }

1534
1535
1536
1537
  return fd;
}

/**
1538
1539
1540
1541
 * Creates a socket and binds it to the given path, then listens on
 * the socket. The socket is set to be nonblocking.  In case of port=0
 * a random free port is used and returned in the port parameter.
 * If inaddr_any is specified, the hostname is ignored.
1542
 *
1543
1544
 * This will set FD_CLOEXEC for the socket returned
 *
1545
 * @param host the host name to listen on
1546
1547
1548
 * @param port the port to listen on, if zero a free port will be used
 * @param family the address family to listen on, NULL for all
 * @param retport string to return the actual port listened on
1549
 * @param retfamily string to return the actual family listened on
1550
 * @param fds_p location to store returned file descriptors
1551
 * @param error return location for errors
1552
 * @returns the number of listening file descriptors or -1 on error
1553
1554
1555
 */
int
_dbus_listen_tcp_socket (const char     *host,
1556
1557
1558
                         const char     *port,
                         const char     *family,
                         DBusString     *retport,
1559
                         const char    **retfamily,
1560
                         DBusSocket    **fds_p,
1561
1562
                         DBusError      *error)
{