Skip to content

Commit d5f9995

Browse files
authored
Merge pull request #299 from hypfvieh/issue-298
Issue 298
2 parents a2e034f + b5fc8c2 commit d5f9995

4 files changed

Lines changed: 31 additions & 19 deletions

File tree

README.md

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -74,7 +74,7 @@ The library will remain open source and MIT licensed and can still be used, fork
7474
- **Minimum Java version: 21**
7575
- **Removed** all methods, members and classes marked as deprecated
7676
- Update JUnit to Version 6
77-
- Remove `throws IOException` from `AbstractConnectionBase.close()` (Issue #287)
77+
- Remove `throws IOException` from `AbstractConnectionBase.close()` ([#287](https://github.com/hypfvieh/dbus-java/issues/287))
7878
- Support usage of `Struct`s as return value (as alternative to `Tuple` with generics) (based on discussion in #285)
7979
- Updated dependencies and plugins
8080
- Added support to use `Struct` datatypes as return values instead of `Tuple`#
@@ -87,6 +87,8 @@ The library will remain open source and MIT licensed and can still be used, fork
8787
- This can be enabled using the `DBusConnectionBuilder`, example: `DBusConnection sessionConnection = DBusConnectionBuilder.forSystemBus().receivingThreadConfig().withAllVirtualThreads(true).connectionConfig().build()`
8888
- Virtual-Threads can be enabled/disabled for each of the different executor services used in `ReceivingService`: `SIGNAL`, `ERROR`, `METHODCALL`, `METHODRETURN`
8989
- default remains native threads on all executors
90+
- Fixed possible NullPointerException in SASL auth ([#294](https://github.com/hypfvieh/dbus-java/issues/294))
91+
- Fixed SASL authentication issue when running in server mode in combination with unix sockets ([#298](https://github.com/hypfvieh/dbus-java/issues/298))
9092

9193
##### Changes in 5.2.0 (2025-12-21):
9294
- removed properties from dbus-java.version which causes issues with reproducable builds ([PR#279](https://github.com/hypfvieh/dbus-java/issues/279))

dbus-java-core/src/main/java/org/freedesktop/dbus/connections/SASL.java

Lines changed: 10 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -598,24 +598,18 @@ public boolean auth(SocketChannel _sock, AbstractTransport _transport) throws IO
598598
case SERVER:
599599
switch (state) {
600600
case INITIAL_STATE:
601-
ByteBuffer buf = ByteBuffer.allocate(1);
602-
if (_sock != null) {
603-
_sock.read(buf); // 0
601+
try {
602+
int kuid = -1;
603+
if (_transport instanceof AbstractUnixTransport aut) {
604+
kuid = aut.getUid(_sock);
605+
}
606+
if (kuid >= 0) {
607+
kernelUid = stupidlyEncode("" + kuid);
608+
}
604609
state = SaslAuthState.WAIT_AUTH;
605-
} else {
606-
try {
607-
int kuid = -1;
608-
if (_transport instanceof AbstractUnixTransport aut) {
609-
kuid = aut.getUid(null);
610-
}
611-
if (kuid >= 0) {
612-
kernelUid = stupidlyEncode("" + kuid);
613-
}
614-
state = SaslAuthState.WAIT_AUTH;
615610

616-
} catch (SocketException _ex) {
617-
state = SaslAuthState.FAILED;
618-
}
611+
} catch (SocketException _ex) {
612+
state = SaslAuthState.FAILED;
619613
}
620614
break;
621615
case WAIT_AUTH:

dbus-java-core/src/main/java/org/freedesktop/dbus/connections/transports/AbstractTransport.java

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -249,6 +249,9 @@ public void setPreConnectCallback(Consumer<AbstractTransport> _run) {
249249
* @throws IOException on any error
250250
*/
251251
private void authenticate(SocketChannel _sock) throws IOException {
252+
if (_sock == null) {
253+
throw new IOException("SocketChannel instance required");
254+
}
252255
SASL sasl = new SASL(config.getSaslConfig());
253256
try {
254257
if (!sasl.auth(_sock, this)) {

dbus-java-transport-native-unixsocket/src/main/java/org/freedesktop/dbus/transport/jre/NativeUnixSocketHelper.java

Lines changed: 15 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -13,9 +13,17 @@ private NativeUnixSocketHelper() {}
1313

1414
/**
1515
* Get the UID of peer credentials.
16+
* <p>
17+
* Gathering the UID of SO_PEERCRED directly is not obvious when it comes to JDK native unix sockets.<br>
18+
* based on the implementation in {@code sun.nio.fs.UnixUserPrincipals.User},<br>
19+
* calling {@code hashCode()} on the {@link UserPrincipal} will give you either the UID or the hashCode of the name.
20+
* </p><p>
21+
* This method ensures that a proper UID is returned and not the hashCode of the name.
22+
* If there is no UID, -1 is returned.
23+
* </p>
1624
*
1725
* @param _sock socket to read from
18-
* @return UID, -1 if given {@link SocketChannel} was null
26+
* @return UID, -1 if given {@link SocketChannel} was {@code null} or UID could not be determined
1927
*
2028
* @throws IOException when socket channel fails to read SO_PEERCRED option
2129
*/
@@ -27,7 +35,12 @@ public static int getUid(SocketChannel _sock) throws IOException {
2735
UnixDomainPrincipal creds = _sock.getOption(ExtendedSocketOptions.SO_PEERCRED);
2836
UserPrincipal user = creds.user();
2937

30-
return Integer.parseInt(user.getName());
38+
int uid = -1;
39+
if (user != null && user.hashCode() != user.getName().hashCode()) {
40+
uid = user.hashCode();
41+
}
42+
43+
return uid;
3144
}
3245

3346
}

0 commit comments

Comments
 (0)