On bus startup check given auth in config file against supported mechanisms.

With recent code starting dbus-daemon with an unsupported auth mechanism
let dbus-daemon silently ignore this issue. Clients connecting to this
server fails to connect without any descriptive explanation of the
root cause, only the message 'Rejected client connection due to lack
of memory' error is reported in dbus-daemon verbose log, which is disabled
in production environments.

With this patch dbus-daemon checks the supported auth mechanisms on startup
and shuts down with a descriptive error message, which gives admins an
immediate feedback on service startup/restart.

Signed-off-by: Ralf Habacker <ralf.habacker@freenet.de>

Reviewed-by: Philip Withnall <withnall@endlessm.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=99622

bus/bus.c

@@ -37,6 +37,7 @@
 #include "apparmor.h"
 #include "audit.h"
 #include "dir-watch.h"
+#include <dbus/dbus-auth.h>
 #include <dbus/dbus-list.h>
 #include <dbus/dbus-hash.h>
 #include <dbus/dbus-credentials.h>
@@ -429,6 +430,26 @@ process_config_first_time_only (BusContext       *context,
       link = _dbus_list_get_first_link (auth_mechanisms_list);
       while (link != NULL)
         {
+          DBusString name;
+          _dbus_string_init_const (&name, link->data);
+          if (!_dbus_auth_is_supported_mechanism (&name))
+            {
+              DBusString list;
+              if (!_dbus_string_init (&list))
+                goto oom;
+
+              if (!_dbus_auth_dump_supported_mechanisms (&list))
+                {
+                  _dbus_string_free (&list);
+                  goto oom;
+                }
+              dbus_set_error (error, DBUS_ERROR_FAILED,
+                              "Unsupported auth mechanism \"%s\" in bus config file detected. Supported mechanisms are \"%s\".",
+                              link->data,
+                              _dbus_string_get_const_data (&list));
+              _dbus_string_free (&list);
+              goto failed;
+            }
           auth_mechanisms[i] = _dbus_strdup (link->data);
           if (auth_mechanisms[i] == NULL)
             goto oom;

dbus/dbus-auth.c

@@ -2837,6 +2837,45 @@ _dbus_auth_get_unix_fd_negotiated(DBusAuth *auth)
   return auth->unix_fd_negotiated;
 }
 
+/**
+ * Queries whether the given auth mechanism is supported.
+ *
+ * @param auth the auth mechanism to query for
+ * @returns #TRUE when auth mechanism is supported
+ */
+dbus_bool_t
+_dbus_auth_is_supported_mechanism (DBusString *name)
+{
+  _dbus_assert (name != NULL);
+
+  return find_mech (name, NULL) != NULL;
+}
+
+/**
+ * Return a human-readable string containing all supported auth mechanisms.
+ *
+ * @param string to hold the supported auth mechanisms
+ * @returns #FALSE on oom
+ */
+dbus_bool_t
+_dbus_auth_dump_supported_mechanisms (DBusString *buffer)
+{
+  unsigned int i;
+  _dbus_assert (buffer != NULL);
+
+  for (i = 0; all_mechanisms[i].mechanism != NULL; i++)
+    {
+      if (i > 0)
+        {
+          if (!_dbus_string_append (buffer, ", "))
+            return FALSE;
+        }
+      if (!_dbus_string_append (buffer, all_mechanisms[i].mechanism))
+        return FALSE;
+    }
+  return TRUE;
+}
+
 /** @} */
 
 /* tests in dbus-auth-util.c */

dbus/dbus-auth.h

@@ -92,6 +92,10 @@ const char*   _dbus_auth_get_guid_from_server(DBusAuth               *auth);
 
 void          _dbus_auth_set_unix_fd_possible(DBusAuth               *auth, dbus_bool_t b);
 dbus_bool_t   _dbus_auth_get_unix_fd_negotiated(DBusAuth             *auth);
+DBUS_PRIVATE_EXPORT
+dbus_bool_t   _dbus_auth_is_supported_mechanism(DBusString           *name);
+DBUS_PRIVATE_EXPORT
+dbus_bool_t   _dbus_auth_dump_supported_mechanisms(DBusString        *buffer);
 
 DBUS_END_DECLS