Skip to content

Issue 298#299

Open
hypfvieh wants to merge 2 commits intomasterfrom
issue-298
Open

Issue 298#299
hypfvieh wants to merge 2 commits intomasterfrom
issue-298

Conversation

@hypfvieh
Copy link
Owner

@hypfvieh hypfvieh commented Feb 19, 2026

Updates the SASL server auth code to use the UID.

UID obtaining is unsupported when using dbus-java-transport-native-unixsocket.
This is a limitation of Java because one can only option UserPrincipal which just provides the user name, not the UID.

There is no reliable built-in function to obtain the UID from SO_PEERCRED.
It may be possible to fix this when switching to JDK 22 or higher using the new foreign function interface (aka Project Panama). Anyway that solution would be hacky as well (one needs to have the file description of the socket, which is not public accessible).

The other transport implementations (accept tcp transport which does not have UID anyways) provide methods to get the UID which are now properly used.


After some researching I've found a way to get the UID when using JDK native unixsockets.
Base on the implementation in sun.nio.fs.UnixUserPrincipals.User, a call to hashCode() will give you the UID if the UID is != -1. Otherwise the hashCode of the name is returned.

I updated the code to use hashCode if the value is not equal to the hashCode of the name (so it does the opposite of the hashCode function in sun.nio.fs.UnixUserPrincipals.User). If no UID is provided -1 will be returned (just like before).

- UID will now be used if possible
- in native-unixsocket implementation there is no way of obtaining the
  UID (nothing reliable), therefore the native-implementation will still
  ignore authentication
@sonarqubecloud
Copy link

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant

Comments