Skip to content

Commit

Permalink
🛂 Drop auth-mechanism CLI arg
Browse files Browse the repository at this point in the history
It's now automatically chosen for you, based on the socket type in use.
For UNIX sockets and for TCP on Windows, we use `EXTERNAL`. For TCP
sockets on non-Windows, we use `ANONYMOUS` (i-e no authentication at all).

On Unix machines, people should use the UNIX socket anyway and if
EXTERNAL is possible, it's best to stick to it. `dbus-broker` also
doesn't support anonymous authentication and since they only support
Unix sockets for transport, it means they don't support anonymous
authentication at all.
  • Loading branch information
zeenix committed Oct 4, 2024
1 parent bfff54c commit 1aa9846
Show file tree
Hide file tree
Showing 6 changed files with 32 additions and 58 deletions.
29 changes: 2 additions & 27 deletions src/bin/busd.rs
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ use std::{fs::File, io::Write, os::fd::FromRawFd};
use busd::bus;

use anyhow::Result;
use clap::{Parser, ValueEnum};
use clap::Parser;
#[cfg(unix)]
use tokio::{select, signal::unix::SignalKind};
use tracing::error;
Expand All @@ -25,11 +25,6 @@ struct Args {
#[clap(long)]
print_address: bool,

/// The authentication mechanism to use.
#[clap(long)]
#[arg(value_enum, default_value_t = AuthMechanism::External)]
auth_mechanism: AuthMechanism,

/// File descriptor to which readiness notifications are sent.
///
/// Once the server is listening to connections on the specified socket, it will print
Expand All @@ -43,33 +38,13 @@ struct Args {
ready_fd: Option<i32>,
}

#[derive(Copy, Clone, Debug, ValueEnum)]
enum AuthMechanism {
/// This is the recommended authentication mechanism on platforms where credentials can be
/// transferred out-of-band, in particular Unix platforms that can perform credentials-passing
/// over UNIX domain sockets.
External,
/// Does not perform any authentication at all (not recommended).
Anonymous,
}

impl From<AuthMechanism> for zbus::AuthMechanism {
fn from(auth_mechanism: AuthMechanism) -> Self {
match auth_mechanism {
AuthMechanism::External => zbus::AuthMechanism::External,
AuthMechanism::Anonymous => zbus::AuthMechanism::Anonymous,
}
}
}

#[tokio::main]
async fn main() -> Result<()> {
busd::tracing_subscriber::init();

let args = Args::parse();

let mut bus =
bus::Bus::for_address(args.address.as_deref(), args.auth_mechanism.into()).await?;
let mut bus = bus::Bus::for_address(args.address.as_deref()).await?;

#[cfg(unix)]
if let Some(fd) = args.ready_fd {
Expand Down
17 changes: 12 additions & 5 deletions src/bus/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ enum Listener {
}

impl Bus {
pub async fn for_address(address: Option<&str>, auth_mechanism: AuthMechanism) -> Result<Self> {
pub async fn for_address(address: Option<&str>) -> Result<Self> {
let mut address = match address {
Some(address) => Address::from_str(address)?,
None => Address::from_str(&default_address())?,
Expand All @@ -59,14 +59,21 @@ impl Bus {
guid.into()
}
};
let listener = match address.transport() {
let (listener, auth_mechanism) = match address.transport() {
#[cfg(unix)]
Transport::Unix(unix) => Self::unix_stream(unix).await,
Transport::Tcp(tcp) => Self::tcp_stream(tcp).await,
Transport::Unix(unix) => (Self::unix_stream(unix).await?, AuthMechanism::External),
Transport::Tcp(tcp) => {
#[cfg(not(windows))]
let auth_mechanism = AuthMechanism::Anonymous;
#[cfg(windows)]
let auth_mechanism = AuthMechanism::External;

(Self::tcp_stream(tcp).await?, auth_mechanism)
}
#[cfg(windows)]
Transport::Autolaunch(_) => bail!("`autolaunch` transport is not supported (yet)."),
_ => bail!("Unsupported address `{}`.", address),
}?;
};

let peers = Peers::new();

Expand Down
12 changes: 5 additions & 7 deletions tests/fdo.rs
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ use tracing::instrument;
use zbus::{
fdo::{self, DBusProxy, ReleaseNameReply, RequestNameFlags, RequestNameReply},
names::{BusName, WellKnownName},
AuthMechanism, CacheProperties, ConnectionBuilder,
CacheProperties, ConnectionBuilder,
};

#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
Expand All @@ -30,18 +30,16 @@ async fn name_ownership_changes() {
let s = Alphanumeric.sample_string(&mut thread_rng(), 10);
let path = temp_dir().join(s);
let address = format!("unix:path={}", path.display());
name_ownership_changes_(&address, AuthMechanism::External).await;
name_ownership_changes_(&address).await;
}

// TCP socket
let address = "tcp:host=127.0.0.1,port=4242".to_string();
name_ownership_changes_(&address, AuthMechanism::Anonymous).await;
name_ownership_changes_(&address).await;
}

async fn name_ownership_changes_(address: &str, auth_mechanism: AuthMechanism) {
let mut bus = Bus::for_address(Some(address), auth_mechanism)
.await
.unwrap();
async fn name_ownership_changes_(address: &str) {
let mut bus = Bus::for_address(Some(address)).await.unwrap();
let (tx, rx) = tokio::sync::oneshot::channel();

let handle = tokio::spawn(async move {
Expand Down
14 changes: 6 additions & 8 deletions tests/greet.rs
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,8 @@ use zbus::{
fdo::{self, DBusProxy},
interface, proxy,
zvariant::ObjectPath,
AsyncDrop, AuthMechanism, CacheProperties, Connection, ConnectionBuilder, MatchRule,
MessageHeader, MessageStream, SignalContext,
AsyncDrop, CacheProperties, Connection, ConnectionBuilder, MatchRule, MessageHeader,
MessageStream, SignalContext,
};

#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
Expand All @@ -33,18 +33,16 @@ async fn greet() {
let s = Alphanumeric.sample_string(&mut thread_rng(), 10);
let path = temp_dir().join(s);
let address = format!("unix:path={}", path.display());
greet_(&address, AuthMechanism::External).await;
greet_(&address).await;
}

// TCP socket
let address = "tcp:host=127.0.0.1,port=4248".to_string();
greet_(&address, AuthMechanism::Anonymous).await;
greet_(&address).await;
}

async fn greet_(socket_addr: &str, auth_mechanism: AuthMechanism) {
let mut bus = Bus::for_address(Some(socket_addr), auth_mechanism)
.await
.unwrap();
async fn greet_(socket_addr: &str) {
let mut bus = Bus::for_address(Some(socket_addr)).await.unwrap();
let (tx, mut rx) = channel(1);

let handle = tokio::spawn(async move {
Expand Down
6 changes: 2 additions & 4 deletions tests/monitor.rs
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ use tracing::instrument;
use zbus::{
fdo::{DBusProxy, MonitoringProxy, NameAcquired, NameLost, NameOwnerChanged, RequestNameFlags},
names::BusName,
AuthMechanism, CacheProperties, ConnectionBuilder, MessageStream, MessageType,
CacheProperties, ConnectionBuilder, MessageStream, MessageType,
};

#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
Expand All @@ -17,9 +17,7 @@ async fn become_monitor() {
busd::tracing_subscriber::init();

let address = "tcp:host=127.0.0.1,port=4242".to_string();
let mut bus = Bus::for_address(Some(&address), AuthMechanism::Anonymous)
.await
.unwrap();
let mut bus = Bus::for_address(Some(&address)).await.unwrap();
let (tx, rx) = tokio::sync::oneshot::channel();

let handle = tokio::spawn(async move {
Expand Down
12 changes: 5 additions & 7 deletions tests/multiple_conns.rs
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ use rand::{
};
use tokio::{select, sync::oneshot::channel};
use tracing::instrument;
use zbus::{AuthMechanism, ConnectionBuilder};
use zbus::ConnectionBuilder;

#[tokio::test(flavor = "multi_thread", worker_threads = 8)]
#[instrument]
Expand All @@ -24,18 +24,16 @@ async fn multi_conenct() {
let s = Alphanumeric.sample_string(&mut thread_rng(), 10);
let path = temp_dir().join(s);
let address = format!("unix:path={}", path.display());
multi_conenct_(&address, AuthMechanism::External).await;
multi_conenct_(&address).await;
}

// TCP socket
let address = "tcp:host=127.0.0.1,port=4246".to_string();
multi_conenct_(&address, AuthMechanism::Anonymous).await;
multi_conenct_(&address).await;
}

async fn multi_conenct_(socket_addr: &str, auth_mechanism: AuthMechanism) {
let mut bus = Bus::for_address(Some(socket_addr), auth_mechanism)
.await
.unwrap();
async fn multi_conenct_(socket_addr: &str) {
let mut bus = Bus::for_address(Some(socket_addr)).await.unwrap();
let (tx, rx) = channel();

let handle = tokio::spawn(async move {
Expand Down

0 comments on commit 1aa9846

Please sign in to comment.