From fa996a3363e9bcefb547c2a587d55b279d44c5dd Mon Sep 17 00:00:00 2001 From: Steven Allen Date: Thu, 4 Jul 2024 20:45:07 +0200 Subject: [PATCH] Support interactive D-Bus authentication When invoking D-Bus methods, let the user enable interactive authorization by passing an :authenticate t parameter. This makes it possible to D-Bus methods that require polkit authorization. * src/dbusbind.c (dbus-message-internal): Allow interactive authorization by passing :authenticate t. * lisp/net/dbus.el (dbus-call-method-asynchronously): Document the new parameter. * doc/misc/dbus.texi (Synchronous Methods, Asynchronous Methods): Document the new parameter. --- doc/misc/dbus.texi | 12 ++++++++++-- etc/NEWS | 6 ++++++ lisp/net/dbus.el | 8 ++++++++ src/dbusbind.c | 26 ++++++++++++++++++++------ 4 files changed, 44 insertions(+), 8 deletions(-) diff --git a/doc/misc/dbus.texi b/doc/misc/dbus.texi index e5d867acd40..9bde8cbc76b 100644 --- a/doc/misc/dbus.texi +++ b/doc/misc/dbus.texi @@ -1208,7 +1208,7 @@ Synchronous Methods be called, and a reply message returning the resulting output parameters from the object. -@defun dbus-call-method bus service path interface method &optional :timeout timeout &rest args +@defun dbus-call-method bus service path interface method &optional :timeout timeout :authenticate auth &rest args @anchor{dbus-call-method} This function calls @var{method} on the D-Bus @var{bus}. @var{bus} is either the keyword @code{:system} or the keyword @code{:session}. @@ -1223,6 +1223,10 @@ Synchronous Methods call doesn't return in time, a D-Bus error is raised (@pxref{Errors and Events}). +If the parameter @code{:authenticate} is given and the following +@var{auth} is non-nil, the invoked method may interactively prompt the +user for authorization. The default is @code{nil}. + The remaining arguments @var{args} are passed to @var{method} as arguments. They are converted into D-Bus types as described in @ref{Type Conversion}. @@ -1302,7 +1306,7 @@ Asynchronous Methods @cindex method calls, asynchronous @cindex asynchronous method calls -@defun dbus-call-method-asynchronously bus service path interface method handler &optional :timeout timeout &rest args +@defun dbus-call-method-asynchronously bus service path interface method handler &optional :timeout timeout :authenticate auth &rest args This function calls @var{method} on the D-Bus @var{bus} asynchronously. @var{bus} is either the keyword @code{:system} or the keyword @code{:session}. @@ -1321,6 +1325,10 @@ Asynchronous Methods no reply message in time, a D-Bus error is raised (@pxref{Errors and Events}). +If the parameter @code{:authenticate} is given and the following +@var{auth} is non-nil, the invoked method may interactively prompt the +user for authorization. The default is @code{nil}. + The remaining arguments @var{args} are passed to @var{method} as arguments. They are converted into D-Bus types as described in @ref{Type Conversion}. diff --git a/etc/NEWS b/etc/NEWS index 3d2b86cfb6a..fd6e3737eb8 100644 --- a/etc/NEWS +++ b/etc/NEWS @@ -79,6 +79,12 @@ levels that SHR cycles through when calling 'shr-zoom-image'. * Lisp Changes in Emacs 31.1 ++++ +*** Support interactive D-Bus authentication +A new ':authenticate t' parameter has been added to 'dbus-call-method' +and 'dbus-call-method-asynchronously' to allow the invoked D-Bus method +to interactively authenticate the user (e.g., via polkit). + * Changes in Emacs 31.1 on Non-Free Operating Systems diff --git a/lisp/net/dbus.el b/lisp/net/dbus.el index dd5f0e88859..749a12b5368 100644 --- a/lisp/net/dbus.el +++ b/lisp/net/dbus.el @@ -297,6 +297,10 @@ dbus-call-method method call must return. The default value is 25,000. If the method call doesn't return in time, a D-Bus error is raised. +If the parameter `:authenticate' is given and the following AUTH +is non-nil, the invoked method may interactively prompt the user +for authorization. The default is nil. + All other arguments ARGS are passed to METHOD as arguments. They are converted into D-Bus types via the following rules: @@ -427,6 +431,10 @@ dbus-call-method-asynchronously method call must return. The default value is 25,000. If the method call doesn't return in time, a D-Bus error is raised. +If the parameter `:authenticate' is given and the following AUTH +is non-nil, the invoked method may interactively prompt the user +for authorization. The default is nil. + All other arguments ARGS are passed to METHOD as arguments. They are converted into D-Bus types via the following rules: diff --git a/src/dbusbind.c b/src/dbusbind.c index 35ce03c7911..6037112cfe7 100644 --- a/src/dbusbind.c +++ b/src/dbusbind.c @@ -1314,7 +1314,7 @@ DEFUN ("dbus-message-internal", Fdbus_message_internal, Sdbus_message_internal, `dbus-call-method', `dbus-call-method-asynchronously': (dbus-message-internal dbus-message-type-method-call BUS SERVICE PATH INTERFACE METHOD HANDLER - &optional :timeout TIMEOUT &rest ARGS) + &optional :timeout TIMEOUT :authenticate AUTH &rest ARGS) `dbus-send-signal': (dbus-message-internal @@ -1512,12 +1512,23 @@ DEFUN ("dbus-message-internal", Fdbus_message_internal, Sdbus_message_internal, XD_SIGNAL1 (build_string ("Unable to create an error message")); } - /* Check for timeout parameter. */ - if ((count + 2 <= nargs) && EQ (args[count], QCtimeout)) + while ((count + 2 <= nargs)) { - CHECK_FIXNAT (args[count+1]); - timeout = min (XFIXNAT (args[count+1]), INT_MAX); - count = count+2; + /* Check for timeout parameter. */ + if (EQ (args[count], QCtimeout)) + { + CHECK_FIXNAT (args[count+1]); + timeout = min (XFIXNAT (args[count+1]), INT_MAX); + count = count+2; + } + /* Check for authenticate parameter. */ + else if (EQ (args[count], QCauthenticate)) + { + dbus_message_set_allow_interactive_authorization + (dmessage, NILP (args[count+1]) ? FALSE : TRUE); + count = count+2; + } + else break; } /* Initialize parameter list of message. */ @@ -1895,6 +1906,9 @@ syms_of_dbusbind (void) /* Lisp symbol for method call timeout. */ DEFSYM (QCtimeout, ":timeout"); + /* Lisp symbol for method interactive authentication. */ + DEFSYM (QCauthenticate, ":authenticate"); + /* Lisp symbols of D-Bus types. */ DEFSYM (QCbyte, ":byte"); DEFSYM (QCboolean, ":boolean"); -- 2.45.2