dbus-async 2.3.1

Asynchronous DBus library
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152

use crate::Uuid;
use hex::encode;
use std::io::Error as IoError;
use thiserror::Error;
use tokio::io::{AsyncBufReadExt, AsyncRead, AsyncWrite, AsyncWriteExt, BufStream};

#[derive(Debug, Error)]
pub enum HandshakeError {
    #[error("Could not list available mechanisms")]
    NoMechanism,
    #[error("Could not authenticate")]
    NoAuthentication,
    #[error("Authentication error: {0}")]
    AuthenticationError(String),
    #[error("Authentication error: {0}")]
    NegotiateUnixFdError(String),
    #[error("IO Error: {0}")]
    IoError(#[from] IoError),
}

const NEW_LINE: &str = "\r\n";

pub(super) struct Handshake<T>(BufStream<T>);

impl<T> Handshake<T>
where
    T: AsyncWrite + AsyncRead + Unpin,
{
    async fn read_line(&mut self) -> Result<String, IoError> {
        let mut line = String::new();
        self.0.read_line(&mut line).await?;
        if let Some(line) = line.strip_suffix(NEW_LINE) {
            Ok(line.to_owned())
        } else {
            Ok(line)
        }
    }

    async fn write_line(&mut self, line: &str) -> Result<(), IoError> {
        self.0.write_all(line.as_bytes()).await?;
        self.0.write_all(NEW_LINE.as_bytes()).await?;
        self.0.flush().await?;
        Ok(())
    }

    async fn request(&mut self, line: &str) -> Result<String, IoError> {
        self.write_line(line).await?;
        self.read_line().await
    }

    async fn list_available_mechanisms(&mut self) -> Result<Vec<String>, HandshakeError> {
        let response = self.request("AUTH").await?;
        if let Some(mechanisms) = response.strip_prefix("REJECTED ") {
            let mut result = Vec::new();
            for mechanism in mechanisms.split(' ') {
                result.push(mechanism.to_owned());
            }

            if result.is_empty() {
                Err(HandshakeError::NoMechanism)
            } else {
                Ok(result)
            }
        } else {
            Err(HandshakeError::NoMechanism)
        }
    }

    async fn negotiate_unix_fd(&mut self) -> Result<(), HandshakeError> {
        let response = self.request("NEGOTIATE_UNIX_FD").await?;
        if response == "AGREE_UNIX_FD" {
            Ok(())
        } else {
            Err(HandshakeError::NegotiateUnixFdError(response))
        }
    }

    async fn auth_external(&mut self) -> Result<(), HandshakeError> {
        // Get the UID of the process
        let uid = unsafe { libc::getuid() };
        // Encode the UID in a hex string.
        let hex = encode(uid.to_string());
        // Authenticate to the DBus daemon.
        let cmd = format!("AUTH EXTERNAL {}", hex);
        let response = self.request(&cmd).await?;
        if response.starts_with("OK ") {
            Ok(())
        } else {
            Err(HandshakeError::AuthenticationError(response))
        }
    }

    async fn auth_anonymous(&mut self) -> Result<(), HandshakeError> {
        let response = self.request("AUTH ANONYMOUS 646275732d6173796e63").await?;
        if response.starts_with("OK ") {
            Ok(())
        } else {
            Err(HandshakeError::AuthenticationError(response))
        }
    }

    async fn authenticate(&mut self) -> Result<(), HandshakeError> {
        for mechanism in self.list_available_mechanisms().await? {
            match mechanism.as_str() {
                "EXTERNAL" => match self.auth_external().await {
                    Ok(_) => return Ok(()),
                    Err(e) => error!("Could not authenticate (EXTERNAL): {}", e),
                },
                "ANONYMOUS" => match self.auth_anonymous().await {
                    Ok(_) => return Ok(()),
                    Err(e) => error!("Could not authenticate (ANONYMOUS): {}", e),
                },
                x => error!("Authentication is not supported: {}", x),
            }
        }

        Err(HandshakeError::NoAuthentication)
    }

    async fn begin(mut self) -> Result<(), IoError> {
        self.write_line("BEGIN").await
    }

    async fn new(stream: T, nonce: &Option<Uuid>) -> Result<Handshake<T>, IoError> {
        let mut buf_stream = BufStream::new(stream);
        if let Some(nonce) = nonce {
            buf_stream.write_all(nonce).await?;
        }
        // Write a zero to the socket.
        let zero: [u8; 1] = [0; 1];
        buf_stream.write_all(&zero[..]).await?;
        Ok(Handshake(buf_stream))
    }

    /// Connect to the Unix Domain Stream socket.
    pub(super) async fn handshake(
        stream: &mut T,
        negotiate_unix_fd: bool,
        nonce: &Option<Uuid>,
    ) -> Result<(), HandshakeError> {
        let mut handshake = Handshake::new(stream, nonce).await?;

        handshake.authenticate().await?;

        if negotiate_unix_fd {
            handshake.negotiate_unix_fd().await?;
        }

        handshake.begin().await?;
        Ok(())
    }
}