Conversation
- UID will now be used if possible - in native-unixsocket implementation there is no way of obtaining the UID (nothing reliable), therefore the native-implementation will still ignore authentication
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Updates the SASL server auth code to use the UID.
UID obtaining is unsupported when usingdbus-java-transport-native-unixsocket.This is a limitation of Java because one can only option UserPrincipal which just provides the user name, not the UID.
There is no reliable built-in function to obtain the UID fromSO_PEERCRED.It may be possible to fix this when switching to JDK 22 or higher using the new foreign function interface (aka Project Panama). Anyway that solution would be hacky as well (one needs to have the file description of the socket, which is not public accessible).
The other transport implementations (accept tcp transport which does not have UID anyways) provide methods to get the UID which are now properly used.After some researching I've found a way to get the UID when using JDK native unixsockets.
Base on the implementation in
sun.nio.fs.UnixUserPrincipals.User, a call tohashCode()will give you the UID if the UID is != -1. Otherwise the hashCode of the name is returned.I updated the code to use hashCode if the value is not equal to the hashCode of the name (so it does the opposite of the hashCode function in
sun.nio.fs.UnixUserPrincipals.User). If no UID is provided -1 will be returned (just like before).