For now, put a limit on the amount of items we can send and receive
over the native protocol. A more complex way of allocating and freeing
can be implemented later when we really need to raise the limits.
Fixes#2070
At the moment, file descriptors may be leaked
due to a malicious/buggy client:
1. If the control messages have been truncated, some file descriptors
may still have been successfully transferred. Currently, seeing
the MSG_CTRUNC bit causes `refill_buffer()` to immediately return
-EPROTO without doing anything with the control messages, which
may contain file descriptors.
2. When there is no truncation, it is still possible that the current
batch of file descriptors causes the total file descriptor count
to go over the maximum number of fds for the given buffer (currently 1024).
In this case, too, `refill_buffer()` immediately returns -EPROTO
without closing the file descriptors that can not be saved.
Fix both of these cases by closing all file descriptors in all
remaining cmsgs when one of the mentioned conditions occur.
Given that 10-bit colour is now becoming supported on Wayland, PipeWire
should be able to represent all the possible colour formats in order
for screen capture to work.
This commit adds all possible orderings of 10-bit RGB channels and 2
extra bits used for nothing or alpha in little endian to enum
spa_video_format. Note that Wayland only uses little endian for its
10-bit colour formats, and these are not the same as the big endian
formats in reverse order.
This is more complicated than a normal module because we have two
logging topics: mod.protocol-native and conn.protocol-native for wire
messages. Because the latter use spa_debug (through spa_debug_pod) we
need to #define our way around so those too use the right topics.
Note that this removes the previous "connection" category, it is now
"conn.protocol-native" instead.
This test needs an environment set up to load everything correctly,
running it directly results in a segfault. Let's make sure we assert on
a NULL loop to make this look slightly more planned.
spa_strstartswith() is more immediately understandable.
Coccinelle spatch file:
@@
expression E1, E2;
@@
- strstr(E1, E2) != E1
+ !spa_strstartswith(E1, E2)
@@
expression E1, E2;
@@
- strstr(E1, E2) == E1
+ spa_strstartswith(E1, E2)
Applied to the tree except for alsa/acp/compat.h because it looks like
that header is still mostly as-is from PA.
Mark some structures, arrays static/const at various places.
In some cases this prevents unnecessary initialization
when a function is entered.
All in all, the text segments across all shared
libraries are reduced by about 2 KiB. However,
the total size increases by about 2 KiB as well.
This also brings the advantage that all tools, examples, modules, components
can also be compiled standalone out-of-tree using libpipewire from the system
We can't recover from truncated control data so return a fatal error
that should stop the client. Truncated control data can happen when
there are no more fds available, for example.
See #1305
SPA_MEMBER is misleading, all we're doing here is pointer+offset and a
type-casting the result. Rename to SPA_PTROFF which is more expressive (and
has the same number of characters so we don't need to re-indent).
Do not return an error immediately if connect() fails with EAGAIN. Check
if it completed successfully with getsockopt() when the socket becomes
writable instead.
This is the way to handle non-blocking connect() by the book but after
testing it seems that the case when connect() fails with EAGAIN is when
the listen backlog is full on the server side and in that case the
server socket is closed. So even though connect() completes successfully
according to getsockopt() the client socket is no longer usable
(on_remote_data() will get both SPA_IO_OUT and SPA_IO_HUP in mask on the
first call after connect() returned EAGAIN).
The branch should be taken if errno is neither EAGAIN,
nor EWOULDBLOCK.
Previously,
if (errno != EAGAIN || errno != EWOULDBLOCK)
would be taken for all values of errno if EAGAIN != EWOULDBLOCK.
(Except for the ones that are filtered out before.)
Fix that by changing `||` to `&&`.
The message structures returned by pw_protocol_native_connection_get_next
point to data that is contained in the buffer of the connection.
The data was invalidated when pw_protocol_native_connection_get_next was
called the next time, which made the connection loop non-reentrant, in
cases where it was re-entered from demarshal callbacks.
Fix this by allocating new buffers when reentering and stashing the old
buffers onto a stack. The returned message structure is also stored on
the stack to make lifetimes to match.
Make sure the hook lists are emptied so that the removed callbacks
are called. The callers should really remove the hook they installed
themselves but this is a last chance to fix things up.
Don't say that there is no runtime directory set when there is but
the server is not running.
Simplify things by first trying to connect to the user runtime directory
when set and then try the system directory. There is no need to manually
check the existance of the socket, connect wil that that and set the
appropriate error.
Add /run/pipewire to the list of runtime directories so that clients can
connect to the system service without specifying runtime directory.
If the otherwise chosen directory (e.g. the user home directory) doesn't
contain any socket but /run/pipewire does, the latter will be used.
This tool detects and fixes common English spelling mistakes, with
generally very few mistakes.
Here is the command I used to generate this commit. There were a few
changes that had to be done manually, and of course adding the ignore
file:
```shell
codespell -I .codespell-ignore -x .codespell-ignore -w
```
I didn’t add it to the CI, but this would be a good place for it.
PIPEWIRE_CORE can be used to specify a server name.
PIPEWIRE_REMOTE can be used to specify what server name to
connect to.
Either use the absolute path of the name to create and connect
to a server, or use a relative path. For a relative path, the
server name will be completed by prefixing the following paths
in order:
PIPEWIRE_RUNTIME_DIR environment variable,
XDG_RUNTIME_DIR environment variable,
HOME environment variable,
USERPROFILE environment variable,
home directory as stored in the password database.
Fixes#259
First use the configured properties, then use the env variables.
Make the daemon use the env variable by default.
This makes it possible to start servers with PIPEWIRE_CORE env variable
names but still override with the command option.
Makes it possible to make apps connect to PIPEWIRE_REMOTE env by
default and allows you to override with the command option.
Fix up clients that say they have fixed properties while in fact
they are not. Assume that when there are alternatives, the property
was in fact not fixed.
dup the fd when added to the outgoing buffer and close it againç
when sent. This ensures the fd remains valid in the buffer. A
quick add/remove of memory before a buffer flush could close the
fd before we can send it and then we get a bad fd and disconnect
the client.
A missing XDG_RUNTIME_DIR results in ENOENT, like on the server
side.
A too long name results in ENAMETOOLONG, like on the server side.
When we can't find the socket, return EHOSTDOWN to make it more
obvious what is going.
Log an error when we send an error to the client so that we don't need
to log and error anymore.
Improve the error messages when we can
Move some warnings and errors to debug
