Class: Gio::DBusAuthObserver

Inherits:

Object

• Object
• Gio::DBusAuthObserver

Defined in:

(unknown)

Overview

GDBusAuthObserver provides a mechanism for participating
in how a [classGio.DBusServer] (or a [classGio.DBusConnection])
authenticates remote peers.

Simply instantiate a GDBusAuthObserver and connect to the
signals you are interested in. Note that new signals may be added
in the future.

Controlling Authentication Mechanisms

By default, a GDBusServer or server-side GDBusConnection will allow
any authentication mechanism to be used. If you only want to allow D-Bus
connections with the EXTERNAL mechanism, which makes use of credentials
passing and is the recommended mechanism for modern Unix platforms such
as Linux and the BSD family, you would use a signal handler like this:

static gboolean
on_allow_mechanism (GDBusAuthObserver *observer,
                    const gchar       *mechanism,
                    gpointer           user_data)
{
  if (g_strcmp0 (mechanism, "EXTERNAL") == 0)
    {
      return TRUE;
    }

  return FALSE;
}

Controlling Authorization

By default, a GDBusServer or server-side GDBusConnection will accept
connections from any successfully authenticated user (but not from
anonymous connections using the ANONYMOUS mechanism). If you only
want to allow D-Bus connections from processes owned by the same uid
as the server, since GLib 2.68, you should use the
G_DBUS_SERVER_FLAGS_AUTHENTICATION_REQUIRE_SAME_USER flag. It’s equivalent
to the following signal handler:

static gboolean
on_authorize_authenticated_peer (GDBusAuthObserver *observer,
                                 GIOStream         *stream,
                                 GCredentials      *credentials,
                                 gpointer           user_data)
{
  gboolean authorized;

  authorized = FALSE;
  if (credentials != NULL)
    {
      GCredentials *own_credentials;
      own_credentials = g_credentials_new ();
      if (g_credentials_is_same_user (credentials, own_credentials, NULL))
        authorized = TRUE;
      g_object_unref (own_credentials);
    }

  return authorized;
}

Instance Method Summary

• #allow_mechanism(mechanism) ⇒ Boolean

  Emits the GDBus::AuthObserver::allow-mechanism signal on observer.

• #authorize_authenticated_peer(stream, credentials) ⇒ Boolean

  Emits the GDBus::AuthObserver::authorize-authenticated-peer signal on observer.

• #initialize ⇒ Gio::DBusAuthObserver constructor

  Creates a new GDBus::AuthObserver object.

Constructor Details

#initialize ⇒ Gio::DBusAuthObserver

Creates a new GDBus::AuthObserver object.

Instance Method Details

#allow_mechanism(mechanism) ⇒ Boolean

Emits the GDBus::AuthObserver::allow-mechanism signal on observer.

Parameters:

• mechanism (String) —

  The name of the mechanism, e.g. DBUS_COOKIE_SHA1.

Returns:

• (Boolean) —

  true if mechanism can be used to authenticate the other peer, false if not.

#authorize_authenticated_peer(stream, credentials) ⇒ Boolean

Emits the GDBus::AuthObserver::authorize-authenticated-peer signal on observer.

Parameters:

• stream (Gio::IOStream) —

  A #GIOStream for the GDBus::Connection.

• credentials (Gio::Credentials) —

  Credentials received from the peer or nil.

Returns:

• (Boolean) —

  true if the peer is authorized, false if not.