2015-01-16 14:19:19 +01:00
|
|
|
#pragma once
|
|
|
|
|
|
|
|
/***
|
|
|
|
This file is part of systemd.
|
|
|
|
|
|
|
|
Copyright 2014 David Herrmann
|
|
|
|
|
|
|
|
systemd is free software; you can redistribute it and/or modify it
|
|
|
|
under the terms of the GNU Lesser General Public License as published by
|
|
|
|
the Free Software Foundation; either version 2.1 of the License, or
|
|
|
|
(at your option) any later version.
|
|
|
|
|
|
|
|
systemd is distributed in the hope that it will be useful, but
|
|
|
|
WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
Lesser General Public License for more details.
|
|
|
|
|
|
|
|
You should have received a copy of the GNU Lesser General Public License
|
|
|
|
along with systemd; If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
***/
|
|
|
|
|
|
|
|
#include "sd-bus.h"
|
2015-10-24 22:58:24 +02:00
|
|
|
|
2015-01-16 14:19:19 +01:00
|
|
|
#include "bus-xml-policy.h"
|
|
|
|
|
|
|
|
typedef struct Proxy Proxy;
|
bus-proxy: make StartServiceByName synchronous
The StartServiceByName() call was provided by dbus-daemon to activate a
service without sending a message. On receiption, dbus-daemon schedules
an activation request (different modes are supported) and sends back the
reply once activation is done.
With kdbus, we marked StartServiceByName() as deprecated. There is no
real reason to start services explicitly. Instead, applications should
just *use* the service and rely on it being activated implicitly.
However, we provide compatibility with dbus-daemon and implement
StartServiceByName() on the proxy via a call to
org.freedesktop.DBus.Peer.Ping() on the destination. This will activate
the peer implicitly as part of the no-op Ping() method call (regardless
whether the peer actually implements that call).
Now, the problem is, StartServiceByName() was synchronous on dbus-daemon
but isn't on bus-proxy. Hence, on return, there is no guarantee that
ListNames includes the activated name. As this is required by some
applications, we need to make this synchronous.
This patch makes the proxy track the Ping() method call and send the
reply of StartServiceByName() only once Ping() returned. We do not look
at possible errors of Ping(), as there is no strict requirement for the
peer to implement org.freedesktop.DBus.Peer. Furthermore, any interesting
error should have already been caught by sd_bus_send() before.
Note:
This race was triggered by gdbus. The gdbus-proxy implementation
relies on a name to be available after StartServiceByName()
returns. This is highly fragile and should be dropped by gdbus.
Even if the call is synchronous, there is no reason whatsoever to
assume the service did not exit-on-idle before ListNames()
returns.
However, this race is much less likely than the startup race, so
we try to be compatible to dbus-daemon now.
2015-07-31 13:25:04 +02:00
|
|
|
typedef struct ProxyActivation ProxyActivation;
|
|
|
|
|
|
|
|
#define PROXY_ACTIVATIONS_MAX (16) /* max parallel activation requests */
|
2015-01-16 14:19:19 +01:00
|
|
|
|
|
|
|
struct Proxy {
|
|
|
|
sd_bus *local_bus;
|
|
|
|
struct ucred local_creds;
|
|
|
|
int local_in;
|
|
|
|
int local_out;
|
|
|
|
|
2015-02-13 15:05:34 +01:00
|
|
|
sd_bus *destination_bus;
|
2015-01-16 14:19:19 +01:00
|
|
|
|
|
|
|
Set *owned_names;
|
2015-01-17 18:07:58 +01:00
|
|
|
SharedPolicy *policy;
|
2015-01-16 14:19:19 +01:00
|
|
|
|
bus-proxy: make StartServiceByName synchronous
The StartServiceByName() call was provided by dbus-daemon to activate a
service without sending a message. On receiption, dbus-daemon schedules
an activation request (different modes are supported) and sends back the
reply once activation is done.
With kdbus, we marked StartServiceByName() as deprecated. There is no
real reason to start services explicitly. Instead, applications should
just *use* the service and rely on it being activated implicitly.
However, we provide compatibility with dbus-daemon and implement
StartServiceByName() on the proxy via a call to
org.freedesktop.DBus.Peer.Ping() on the destination. This will activate
the peer implicitly as part of the no-op Ping() method call (regardless
whether the peer actually implements that call).
Now, the problem is, StartServiceByName() was synchronous on dbus-daemon
but isn't on bus-proxy. Hence, on return, there is no guarantee that
ListNames includes the activated name. As this is required by some
applications, we need to make this synchronous.
This patch makes the proxy track the Ping() method call and send the
reply of StartServiceByName() only once Ping() returned. We do not look
at possible errors of Ping(), as there is no strict requirement for the
peer to implement org.freedesktop.DBus.Peer. Furthermore, any interesting
error should have already been caught by sd_bus_send() before.
Note:
This race was triggered by gdbus. The gdbus-proxy implementation
relies on a name to be available after StartServiceByName()
returns. This is highly fragile and should be dropped by gdbus.
Even if the call is synchronous, there is no reason whatsoever to
assume the service did not exit-on-idle before ListNames()
returns.
However, this race is much less likely than the startup race, so
we try to be compatible to dbus-daemon now.
2015-07-31 13:25:04 +02:00
|
|
|
LIST_HEAD(ProxyActivation, activations);
|
|
|
|
size_t n_activations;
|
|
|
|
|
2015-01-16 14:19:19 +01:00
|
|
|
bool got_hello : 1;
|
bus-proxy: complain only once about queue overflows
If the local peer does not dispatch its incoming queue, the bus-proxy will
slowly fill its outgoing queue. Once its full, it will continously
complain that it cannot forward its messages.
As it turns out, pulseaudio does have an idle background dbus connection
that is not integrated into any mainloop (and given that gdbus and
libdbus1 both support background shared connections, PA is probably not
the only example), therefore, the bus-proxy will loudly complain if it
cannot forward NameOwnerChanged events once the queue is full.
This commit makes the proxy track queue-state and complain only once the
queue runs full, not if it is already full.
A PA bug-report (and patch) has been filed, and other applications should
be fixed similarly. Hence, lets keep the error message, instead of
dropping it. It's unused resources we really want to get rid of, so
silencing the message does not really help (which is actually what
dbus-daemon does).
2015-03-11 13:53:21 +01:00
|
|
|
bool queue_overflow : 1;
|
2015-07-16 15:14:43 +02:00
|
|
|
bool message_matched : 1;
|
|
|
|
bool synthetic_matched : 1;
|
2015-01-16 14:19:19 +01:00
|
|
|
};
|
|
|
|
|
bus-proxy: make StartServiceByName synchronous
The StartServiceByName() call was provided by dbus-daemon to activate a
service without sending a message. On receiption, dbus-daemon schedules
an activation request (different modes are supported) and sends back the
reply once activation is done.
With kdbus, we marked StartServiceByName() as deprecated. There is no
real reason to start services explicitly. Instead, applications should
just *use* the service and rely on it being activated implicitly.
However, we provide compatibility with dbus-daemon and implement
StartServiceByName() on the proxy via a call to
org.freedesktop.DBus.Peer.Ping() on the destination. This will activate
the peer implicitly as part of the no-op Ping() method call (regardless
whether the peer actually implements that call).
Now, the problem is, StartServiceByName() was synchronous on dbus-daemon
but isn't on bus-proxy. Hence, on return, there is no guarantee that
ListNames includes the activated name. As this is required by some
applications, we need to make this synchronous.
This patch makes the proxy track the Ping() method call and send the
reply of StartServiceByName() only once Ping() returned. We do not look
at possible errors of Ping(), as there is no strict requirement for the
peer to implement org.freedesktop.DBus.Peer. Furthermore, any interesting
error should have already been caught by sd_bus_send() before.
Note:
This race was triggered by gdbus. The gdbus-proxy implementation
relies on a name to be available after StartServiceByName()
returns. This is highly fragile and should be dropped by gdbus.
Even if the call is synchronous, there is no reason whatsoever to
assume the service did not exit-on-idle before ListNames()
returns.
However, this race is much less likely than the startup race, so
we try to be compatible to dbus-daemon now.
2015-07-31 13:25:04 +02:00
|
|
|
struct ProxyActivation {
|
|
|
|
LIST_FIELDS(ProxyActivation, activations_by_proxy);
|
|
|
|
Proxy *proxy;
|
|
|
|
sd_bus_message *request;
|
|
|
|
sd_bus_slot *slot;
|
|
|
|
};
|
|
|
|
|
2015-01-16 14:19:19 +01:00
|
|
|
int proxy_new(Proxy **out, int in_fd, int out_fd, const char *dest);
|
|
|
|
Proxy *proxy_free(Proxy *p);
|
|
|
|
|
2015-01-17 18:07:58 +01:00
|
|
|
int proxy_set_policy(Proxy *p, SharedPolicy *policy, char **configuration);
|
2015-01-16 14:19:19 +01:00
|
|
|
int proxy_hello_policy(Proxy *p, uid_t original_uid);
|
2015-07-16 15:14:43 +02:00
|
|
|
int proxy_match(sd_bus_message *m, void *userdata, sd_bus_error *error);
|
2015-01-16 14:19:19 +01:00
|
|
|
int proxy_run(Proxy *p);
|
|
|
|
|
|
|
|
DEFINE_TRIVIAL_CLEANUP_FUNC(Proxy*, proxy_free);
|