AJ_Status AJ_PeerHandleExchangeGUIDsReply(AJ_Message* msg)
{
AJ_Status status;
const char* guidStr;
AJ_GUID remoteGuid;
uint32_t version;
char nul = '\0';
status = AJ_UnmarshalArgs(msg, "su", &guidStr, &version);
if (status != AJ_OK) {
return status;
}
if (version != REQUIRED_AUTH_VERSION) {
PeerAuthComplete(AJ_ERR_SECURITY);
return AJ_OK;
}
AJ_GUID_FromString(&remoteGuid, guidStr);
/*
* Two name mappings to add, the well known name, and the unique name from the message.
*/
AJ_GUID_AddNameMapping(&remoteGuid, msg->sender, authContext.peerName);
/*
* Remember which peer is being authenticated
*/
authContext.peerGuid = AJ_GUID_Find(msg->sender);
/*
* Initialize SASL state machine
*/
AJ_SASL_InitContext(&authContext.sasl, authMechanisms, AJ_AUTH_RESPONDER, msg->bus->pwdCallback);
/*
* Start the authentication conversation
*/
status = AuthResponse(msg, &nul);
if (status != AJ_OK) {
PeerAuthComplete(status);
}
return status;
}
AJ_Status AJ_Authenticate(AJ_BusAttachment* bus)
{
AJ_Status status = AJ_OK;
AJ_SASL_Context sasl;
/*
* Send initial NUL byte
*/
bus->sock.tx.writePtr[0] = 0;
bus->sock.tx.writePtr += 1;
status = bus->sock.tx.send(&bus->sock.tx);
if (status != AJ_OK) {
AJ_InfoPrintf(("AJ_Authenticate(): status=%s\n", AJ_StatusText(status)));
goto ExitConnect;
}
AJ_SASL_InitContext(&sasl, mechList, AJ_AUTH_RESPONDER, busAuthPwdFunc, FALSE);
while (TRUE) {
status = AuthAdvance(&sasl, &bus->sock.rx, &bus->sock.tx);
if ((status != AJ_OK) || (sasl.state == AJ_SASL_FAILED)) {
break;
}
if (sasl.state == AJ_SASL_AUTHENTICATED) {
status = SendHello(bus);
break;
}
}
if (status == AJ_OK) {
AJ_Message helloResponse;
status = AJ_UnmarshalMsg(bus, &helloResponse, 5000);
if (status == AJ_OK) {
/*
* The only error we might get is a timeout
*/
if (helloResponse.hdr->msgType == AJ_MSG_ERROR) {
status = AJ_ERR_TIMEOUT;
} else {
AJ_Arg arg;
status = AJ_UnmarshalArg(&helloResponse, &arg);
if (status == AJ_OK) {
if (arg.len >= (sizeof(bus->uniqueName) - 1)) {
AJ_ErrPrintf(("AJ_Authenticate(): AJ_ERR_RESOURCES\n"));
status = AJ_ERR_RESOURCES;
} else {
memcpy(bus->uniqueName, arg.val.v_string, arg.len);
bus->uniqueName[arg.len] = '\0';
}
}
}
AJ_CloseMsg(&helloResponse);
// subscribe to the signal NameOwnerChanged and wait for the response
status = AJ_BusSetSignalRule(bus, "type='signal',member='NameOwnerChanged',interface='org.freedesktop.DBus'", AJ_BUS_SIGNAL_ALLOW);
if (status == AJ_OK) {
uint8_t found_reply = FALSE;
AJ_Message msg;
AJ_Time timer;
AJ_InitTimer(&timer);
while (found_reply == FALSE && AJ_GetElapsedTime(&timer, TRUE) < 3000) {
status = AJ_UnmarshalMsg(bus, &msg, 3000);
if (status == AJ_OK) {
switch (msg.msgId) {
case AJ_REPLY_ID(AJ_METHOD_ADD_MATCH):
found_reply = TRUE;
break;
default:
// ignore everything else
AJ_BusHandleBusMessage(&msg);
break;
}
AJ_CloseMsg(&msg);
}
}
}
}
}
ExitConnect:
if (status != AJ_OK) {
AJ_InfoPrintf(("AJ_Authenticate(): status=%s\n", AJ_StatusText(status)));
}
return status;
}
AJ_Status AJ_PeerHandleAuthChallenge(AJ_Message* msg, AJ_Message* reply)
{
AJ_Status status;
AJ_Arg arg;
char* buf = NULL;
const AJ_GUID* peerGuid = AJ_GUID_Find(msg->sender);
/*
* We expect to know the GUID of the sender
*/
if (!peerGuid) {
return AJ_MarshalErrorMsg(msg, reply, AJ_ErrRejected);
}
/*
* Check for an authentication conversation in progress with a different peer
*/
if (authContext.peerGuid && (authContext.peerGuid != peerGuid)) {
/*
* Reject the request if the existing conversation has not expired
*/
if (AJ_GetElapsedTime(&authContext.timer, TRUE) < MAX_AUTH_TIME) {
return AJ_MarshalErrorMsg(msg, reply, AJ_ErrRejected);
}
memset(&authContext, 0, sizeof(AuthContext));
}
if (authContext.sasl.state == AJ_SASL_IDLE) {
/*
* Remember which peer is being authenticated and initialize the timeout timer
*/
authContext.peerGuid = peerGuid;
AJ_InitTimer(&authContext.timer);
/*
* Initialize SASL state machine
*/
AJ_SASL_InitContext(&authContext.sasl, authMechanisms, AJ_AUTH_CHALLENGER, msg->bus->pwdCallback);
}
if (AJ_UnmarshalArg(msg, &arg) != AJ_OK) {
goto FailAuth;
}
/*
* Need a short-lived buffer to compose the response
*/
buf = (char*)AJ_Malloc(AUTH_BUF_LEN);
if (!buf) {
status = AJ_ERR_RESOURCES;
goto FailAuth;
}
status = AJ_SASL_Advance(&authContext.sasl, (char*)arg.val.v_string, buf, AUTH_BUF_LEN);
if (status != AJ_OK) {
goto FailAuth;
}
AJ_MarshalReplyMsg(msg, reply);
AJ_MarshalArgs(reply, "s", buf);
AJ_Free(buf);
if (authContext.sasl.state == AJ_SASL_AUTHENTICATED) {
status = authContext.sasl.mechanism->Final(peerGuid);
memset(&authContext, 0, sizeof(AuthContext));
}
return status;
FailAuth:
AJ_Free(buf);
/*
* Clear current authentication context then return an error response
*/
if (authContext.sasl.mechanism) {
authContext.sasl.mechanism->Final(peerGuid);
}
memset(&authContext, 0, sizeof(AuthContext));
return AJ_MarshalErrorMsg(msg, reply, AJ_ErrSecurityViolation);
}
AJ_Status AJ_Connect(AJ_BusAttachment* bus, const char* serviceName, uint32_t timeout)
{
AJ_Status status;
AJ_SASL_Context sasl;
AJ_Service service;
/*
* Clear the bus struct
*/
memset(bus, 0, sizeof(AJ_BusAttachment));
/*
* Clear stale name->GUID mappings
*/
AJ_GUID_ClearNameMap();
/*
* Host-specific network bring-up procedure. This includes establishing a connection to the
* network and initializing the I/O buffers.
*/
status = AJ_Net_Up();
if (status != AJ_OK) {
return status;
}
/*
* Discover a daemon or service to connect to
*/
if (!serviceName) {
serviceName = daemonService;
}
#if AJ_CONNECT_LOCALHOST
service.ipv4port = 9955;
#if HOST_IS_LITTLE_ENDIAN
service.ipv4 = 0x0100007F; // 127.0.0.1
#endif
#if HOST_IS_BIG_ENDIAN
service.ipv4 = 0x7f000001; // 127.0.0.1
#endif
service.addrTypes = AJ_ADDR_IPV4;
#elif defined ARDUINO
service.ipv4port = 9955;
service.ipv4 = 0x6501A8C0; // 192.168.1.101
service.addrTypes = AJ_ADDR_IPV4;
status = AJ_Discover(serviceName, &service, timeout);
if (status != AJ_OK) {
goto ExitConnect;
}
#elif defined AJ_SERIAL_CONNECTION
// don't bother with discovery, we are connected to a daemon.
#else
status = AJ_Discover(serviceName, &service, timeout);
if (status != AJ_OK) {
goto ExitConnect;
}
#endif
status = AJ_Net_Connect(&bus->sock, service.ipv4port, service.addrTypes & AJ_ADDR_IPV4, &service.ipv4);
if (status != AJ_OK) {
goto ExitConnect;
}
/*
* Send initial NUL byte
*/
bus->sock.tx.writePtr[0] = 0;
bus->sock.tx.writePtr += 1;
status = bus->sock.tx.send(&bus->sock.tx);
if (status != AJ_OK) {
goto ExitConnect;
}
AJ_SASL_InitContext(&sasl, mechList, AJ_AUTH_RESPONDER, busAuthPwdFunc);
while (TRUE) {
status = AuthAdvance(&sasl, &bus->sock.rx, &bus->sock.tx);
if ((status != AJ_OK) || (sasl.state == AJ_SASL_FAILED)) {
break;
}
if (sasl.state == AJ_SASL_AUTHENTICATED) {
status = SendHello(bus);
break;
}
}
if (status == AJ_OK) {
AJ_Message helloResponse;
status = AJ_UnmarshalMsg(bus, &helloResponse, 5000);
if (status == AJ_OK) {
/*
* The only error we might get is a timeout
*/
if (helloResponse.hdr->msgType == AJ_MSG_ERROR) {
status = AJ_ERR_TIMEOUT;
} else {
AJ_Arg arg;
status = AJ_UnmarshalArg(&helloResponse, &arg);
if (status == AJ_OK) {
if (arg.len >= (sizeof(bus->uniqueName) - 1)) {
status = AJ_ERR_RESOURCES;
} else {
memcpy(bus->uniqueName, arg.val.v_string, arg.len);
bus->uniqueName[arg.len] = '\0';
}
}
}
AJ_CloseMsg(&helloResponse);
}
}
ExitConnect:
if (status != AJ_OK) {
AJ_Printf("AllJoyn connect failed %d\n", status);
AJ_Disconnect(bus);
}
return status;
}
