gi-gio-2.0.27: Gio bindings
CopyrightWill Thompson Iñaki García Etxebarria and Jonas Platte
LicenseLGPL-2.1
MaintainerIñaki García Etxebarria
Safe HaskellNone
LanguageHaskell2010

GI.Gio.Objects.DBusAuthObserver

Description

The DBusAuthObserver type provides a mechanism for participating in how a DBusServer (or a DBusConnection) authenticates remote peers. Simply instantiate a DBusAuthObserver and connect to the signals you are interested in. Note that new signals may be added in the future

Controlling Authentication Mechanisms

By default, a DBusServer or server-side DBusConnection will allow any authentication mechanism to be used. If you only want to allow D-Bus connections with the EXTERNAL mechanism, which makes use of credentials passing and is the recommended mechanism for modern Unix platforms such as Linux and the BSD family, you would use a signal handler like this:

C code

static gboolean
on_allow_mechanism (GDBusAuthObserver *observer,
                    const gchar       *mechanism,
                    gpointer           user_data)
{
  if (g_strcmp0 (mechanism, "EXTERNAL") == 0)
    {
      return TRUE;
    }

  return FALSE;
}

# {auth-observer}

By default, a DBusServer or server-side DBusConnection will accept connections from any successfully authenticated user (but not from anonymous connections using the ANONYMOUS mechanism). If you only want to allow D-Bus connections from processes owned by the same uid as the server, you would use a signal handler like the following:

C code

static gboolean
on_authorize_authenticated_peer (GDBusAuthObserver *observer,
                                 GIOStream         *stream,
                                 GCredentials      *credentials,
                                 gpointer           user_data)
{
  gboolean authorized;

  authorized = FALSE;
  if (credentials != NULL)
    {
      GCredentials *own_credentials;
      own_credentials = g_credentials_new ();
      if (g_credentials_is_same_user (credentials, own_credentials, NULL))
        authorized = TRUE;
      g_object_unref (own_credentials);
    }

  return authorized;
}

Since: 2.26

Synopsis

Exported types

class (GObject o, IsDescendantOf DBusAuthObserver o) => IsDBusAuthObserver o Source #

Type class for types which can be safely cast to DBusAuthObserver, for instance with toDBusAuthObserver.

Instances

Instances details
(GObject o, IsDescendantOf DBusAuthObserver o) => IsDBusAuthObserver o Source # 
Instance details

Defined in GI.Gio.Objects.DBusAuthObserver

toDBusAuthObserver :: (MonadIO m, IsDBusAuthObserver o) => o -> m DBusAuthObserver Source #

Cast to DBusAuthObserver, for types for which this is known to be safe. For general casts, use castTo.

Methods

Overloaded methods

allowMechanism

dBusAuthObserverAllowMechanism Source #

Arguments

:: (HasCallStack, MonadIO m, IsDBusAuthObserver a) 
=> a

observer: A DBusAuthObserver.

-> Text

mechanism: The name of the mechanism, e.g. DBUS_COOKIE_SHA1.

-> m Bool

Returns: True if mechanism can be used to authenticate the other peer, False if not.

Emits the allowMechanism signal on observer.

Since: 2.34

authorizeAuthenticatedPeer

dBusAuthObserverAuthorizeAuthenticatedPeer Source #

Arguments

:: (HasCallStack, MonadIO m, IsDBusAuthObserver a, IsIOStream b, IsCredentials c) 
=> a

observer: A DBusAuthObserver.

-> b

stream: A IOStream for the DBusConnection.

-> Maybe c

credentials: Credentials received from the peer or Nothing.

-> m Bool

Returns: True if the peer is authorized, False if not.

Emits the authorizeAuthenticatedPeer signal on observer.

Since: 2.26

new

dBusAuthObserverNew Source #

Arguments

:: (HasCallStack, MonadIO m) 
=> m DBusAuthObserver

Returns: A DBusAuthObserver. Free with objectUnref.

Creates a new DBusAuthObserver object.

Since: 2.26

Signals

allowMechanism

type C_DBusAuthObserverAllowMechanismCallback = Ptr () -> CString -> Ptr () -> IO CInt Source #

Type for the callback on the (unwrapped) C side.

type DBusAuthObserverAllowMechanismCallback Source #

Arguments

 = Text

mechanism: The name of the mechanism, e.g. DBUS_COOKIE_SHA1.

-> IO Bool

Returns: True if mechanism can be used to authenticate the other peer, False if not.

Emitted to check if mechanism is allowed to be used.

Since: 2.34

afterDBusAuthObserverAllowMechanism :: (IsDBusAuthObserver a, MonadIO m) => a -> DBusAuthObserverAllowMechanismCallback -> m SignalHandlerId Source #

Connect a signal handler for the allowMechanism signal, to be run after the default handler. When overloading is enabled, this is equivalent to

after dBusAuthObserver #allowMechanism callback

onDBusAuthObserverAllowMechanism :: (IsDBusAuthObserver a, MonadIO m) => a -> DBusAuthObserverAllowMechanismCallback -> m SignalHandlerId Source #

Connect a signal handler for the allowMechanism signal, to be run before the default handler. When overloading is enabled, this is equivalent to

on dBusAuthObserver #allowMechanism callback

authorizeAuthenticatedPeer

type C_DBusAuthObserverAuthorizeAuthenticatedPeerCallback = Ptr () -> Ptr IOStream -> Ptr Credentials -> Ptr () -> IO CInt Source #

Type for the callback on the (unwrapped) C side.

type DBusAuthObserverAuthorizeAuthenticatedPeerCallback Source #

Arguments

 = IOStream

stream: A IOStream for the DBusConnection.

-> Maybe Credentials

credentials: Credentials received from the peer or Nothing.

-> IO Bool

Returns: True if the peer is authorized, False if not.

Emitted to check if a peer that is successfully authenticated is authorized.

Since: 2.26

afterDBusAuthObserverAuthorizeAuthenticatedPeer :: (IsDBusAuthObserver a, MonadIO m) => a -> DBusAuthObserverAuthorizeAuthenticatedPeerCallback -> m SignalHandlerId Source #

Connect a signal handler for the authorizeAuthenticatedPeer signal, to be run after the default handler. When overloading is enabled, this is equivalent to

after dBusAuthObserver #authorizeAuthenticatedPeer callback

onDBusAuthObserverAuthorizeAuthenticatedPeer :: (IsDBusAuthObserver a, MonadIO m) => a -> DBusAuthObserverAuthorizeAuthenticatedPeerCallback -> m SignalHandlerId Source #

Connect a signal handler for the authorizeAuthenticatedPeer signal, to be run before the default handler. When overloading is enabled, this is equivalent to

on dBusAuthObserver #authorizeAuthenticatedPeer callback