Using display object, Emit a signal if a new client is created.
In the server-side, we can get the destroy event of a client,
But there is no way to get the created event of it.
Of course, we can get the client object from the global registry
binding callbacks.
But it can be called several times with same client object.
And even if A client creates display object,
(so there is a connection), The server could not know that.
There could be more use-cases not only for this.
Giulio: a test is added for the new functionality
Signed-off-by: Sung-jae Park <nicesj@nicesj.com>
Signed-off-by: Giulio Camuffo <giulio.camuffo@kdab.com>
Reviewed-by: Jonas Ådahl <jadahl@gmail.com>
Reviewed-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
wayland-server.c directly depends on wayland-util.h, and will include
wayland-server-protocol.h via wayland-server.h.
Explicitly include wayland-util.h, making this dependency clear.
Remove the redundant inclusion of wayland-server-protocol.h.
Signed-off-by: Yong Bakos <ybakos@humanoriented.com>
Reviewed-by: Bryce Harrington <bryce@osg.samsung.com>
The Wayland docbook and the doxygen html docs had been presenting
wl_display_get_additional_shm_formats as part of the public API, but the
prototype for this function is in wayland-private.h.
Add a \private annotation to the doc comment, preventing doxygen from
publishing this function as public.
Add logic to the publican xsl to only transform elements with a "prot"
attribute value of "public".
Signed-off-by: Yong Bakos <ybakos@humanoriented.com>
Reviewed-by: Bryce Harrington <bryce@osg.samsung.com>
This reverts commit 88ff135ad4.
The parent interface version may be higher than this interface version,
and the child object should inherit that version.
This check is wrong.
We shouldn't ever create a resource with version less than 1 or
greater than the interface version.
Reviewed-by: Marek Chalupa <mchqwerty@gmail.com>
Signed-off-by: Derek Foreman <derekf@osg.samsung.com>
0 is not a valid version number for registry bind requests, so
let's check for it in registry_bind.
Signed-off-by: Derek Foreman <derekf@osg.samsung.com>
Reviewed-by: Daniel Stone <daniels@collabora.com>
Reviewed-by: Bryce Harrington <bryce@osg.samsung.com>
This adds an API to get the file descriptor for a client.
The client file descriptor can be used for a wayland compositor to validate
a request from a client if there are any additional information provided from
the client's file descriptor.
For instance, this will be helpful in some linux distributions, in which SELinux
or SMACK is enabled. In those environments, each file (including socket) will have
each security contexts in its inode as xattr member variable. A wayland compositor
can validate a client request by getting the file descriptor of the client and
by checking the security contexts associated with the file descriptor.
Signed-off-by: Sung-Jin Park <input.hacker@gmail.com>
The gratuitous %m jammed onto the end of the string prints errno
concatenated with the word "version".
I've removed the %m, and printed some additional information about the
failure.
Also, reversed the order of the expressions in the conditional to
make it match the english in the log message.
Signed-off-by: Derek Foreman <derekf@osg.samsung.com>
Reviewed-by: Daniel Stone <daniels@collabora.com>
if display_resource = wl_resource_create() fails in bind_display(),
we call wl_client_post_no_memory() which is wrong, since this function
uses display_resource (which is NULL at this point).
said simply: don't send an error to resource that you've just failed to create)
https://bugs.freedesktop.org/show_bug.cgi?id=91356
Reported-by: Ashim <ashim.shah@samsung.com>
Signed-off-by: Marek Chalupa <mchqwerty@gmail.com>
Reviewed-by: Derek Foreman <derekf@osg.samsung.com>
Reviewed-by: Bryce Harrington <bryce@osg.samsung.com>
When processing a closure, data in the connection can be consumed again
if the closure itself invokes extra event dispatch. In that case the
remaining data size is also altered, so the variable len should be
updated after the closure is processed.
Signed-off-by: Jaeyoon Jung <jaeyoon.jung@lge.com>
Reviewed-by: Jonas Ådahl <jadahl@gmail.com>
Reviewed-by: Derek Foreman <derekf@osg.samsung.com>
Signed-off-by: Jonas Ådahl <jadahl@gmail.com>
Reviewed-by: Daniel Stone <daniels@collabora.com>
Reviewed-by: Marek Chalupa <mchqwerty@gmail.com>
Reviewed-by: Derek Foreman <derekf@osg.samsung.com>
This adds functionality to allow system-level control over handing out
file descriptors for sockets, to allow tighter security when running a
Wayland compositor under a Wayland session server. Allows writing
socket activated Wayland servers.
Signed-off-by: Bryce Harrington <bryce@osg.samsung.com>
Reviewed-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
Cc: Sung-Jin Park <sj76.park@samsung.com>
Cc: Sangjin Lee <lsj119@samsung.com>
There are two same error messages with different cause.
Let user know what is the cause of the error.
Signed-off-by: Marek Chalupa <mchqwerty@gmail.com>
Reviewed-by: Daniel Stone <daniels@collabora.com>
Reviewed-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
There are functions below the "Deprecated functions below" comment
that are not deprecated.
Move the deprecated functions back down, and add a comment at the
end of the file to try to keep this from happening again.
Signed-off-by: Derek Foreman <derekf@osg.samsung.com>
We already have the id variable there and it makes it slightly easier to
read.
Signed-off-by: Jonas Ådahl <jadahl@gmail.com>
Reviewed-by: Bryce Harrington <bryce@osg.samsung.com>
Quells a doxygen warning:
src/wayland-server.c:790: warning: argument 'None' of command @param is
not found in the argument list of wl_display::wl_display_create(void)
Signed-off-by: Bryce Harrington <bryce@osg.samsung.com>
This happens on EOF if using a poll function such as select() or
kqueue() which doesn’t distinguish EOF events.
Currently execution should never reach the point where recvmsg() returns
EOF (len == 0). Instead, epoll() will detect this and indicate EPOLLHUP,
which is handled a few lines above, closing the connection. However,
other event mechanisms may not be able to distinguish EOF from regular
readability (in the case of select()) or inconsistently across platforms
(in the case of POLLHUP). There is also the possibility of half-closed
connections (shutdown(), POLLRDHUP), though this may not be an issue
with Wayland.
This will not cause problems if the FD polls as readable but actually is
not — in that case, recvmsg() will return EAGAIN.
Signed-off-by: Philip Withnall <philip at tecnocode.co.uk>
Signed-off-by: Karsten Otto <ottoka at posteo.de>
Reviewed-by: Marek Chalupa <mchqwerty@gmail.com>
Reviewed-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
Calling close() on the same file descriptor that a previous call to
close() already closed is wrong, and racy if another thread received
that same file descriptor as a eg. new socket or actual file.
There are two situations where wl_connection_destroy() would close its
file descriptor and then another function up in the call chain would
close the same file descriptor:
* When wl_client_create() fails after calling wl_connection_create(),
it will call wl_connection_destroy() before returning. However, its
caller will always close the file descriptor if wl_client_create()
fails.
* wl_display_disconnect() unconditionally closes the display file
descriptor and also calls wl_connection_destroy().
So these two seem to expect wl_connection_destroy() to leave the file
descriptor open. The other caller of wl_connection_destroy(),
wl_client_destroy(), does however expect wl_connection_destroy() to
close its file descriptor, alas.
This patch changes wl_connection_destroy() to indulge this majority of
two callers by simply not closing the file descriptor. For the benefit
of wl_client_destroy(), wl_connection_destroy() then returns the
unclosed file descriptor so that wl_client_destroy() can close it
itself.
Since wl_connection_destroy() is a private function called from few
places, changing its semantics seemed like the more expedient way to
address the double-close() problem than shuffling around the logic in
wl_client_create() to somehow enable it to always avoid calling
wl_connection_destroy().
Signed-off-by: Benjamin Herr <ben@0x539.de>
Reviewed-by: Marek Chalupa <mchqwerty@gmail.com>
Reviewed-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
The idea here was that once upon a time, clients could rebind wl_display
to a higher version, so we offered the ability to rebind it
here. However, this is particularly broken. The existing bind
implementation actually still hardcodes version numbers, and it leaks
previous resources, overwriting the existing one.
The newly bound resource *also* won't have any listeners attached by the
client, meaning that the error and delete_id events won't get delivered
correctly. Unless the client poked into libwayland internals, it also
can't possibly set up these handlers correctly either, so the client
will sustain errors and leak all deleted globals.
Since this never worked correctly in the first place, we can feel safe
removing it.
Acked-by: Jason Ekstrand <jason@jlekstrand.net>
Reviewed-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
0 is also a valid fd, and needs to be closed.
On error we set fd to -1. We need to also initialize fds to -1, so we do
not accidentally close stdout on error.
While fixing this, also remove one use-before-NULL-check.
Based on the patch by Marek.
Cc: Marek Chalupa <mchqwerty@gmail.com>
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
Reviewed-by: Jasper St. Pierre <jstpierre@mecheye.net>
When some function during adding socket fails, it must clean
everything it set or we can get funky errors.
This patch fixes:
http://lists.freedesktop.org/archives/wayland-devel/2014-August/016331.html
Signed-off-by: Marek Chalupa <mchqwerty@gmail.com>
Reviewed-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
The code here is wrong, leaky, and inconsistent. We don't free,
unlink or clean up things when we should in every error path.
Centralize the data destruction so it's easier to keep track of
and easier to bug fix.
If for some reason that errno is neither value (ENOMEM or
EINVAL), then prior to this patch, there would be a NULL
deref in wl_closure_lookup(...) at the "else if" conditional
when closure == NULL. Also, closure might not be NULL but still
fall into the block due to the wl_closure_lookup < 0 condition...
in that case, we need to destroy the closure to avoid a memory
leak.
Currently, wl_connection_demarshal only sets errno to ENOMEM
or EINVAL... we've already checked for ENOMEM so remove check
for EINVAL (just assume it). Also, call wl_closure_destroy(...)
unconditionally in the "else if" block (assume it can handle
NULL closure, too, which it does right now).
Signed-off-by: U. Artie Eoff <ullysses.a.eoff@intel.com>
In order to set a logging function all the time, the output we get
needs to be useful. Logging about trivial things like the socket
we're using and when clients disconnect doesn't realy help anyone.
The previous implementation of the wl_container_of macro was
dereferencing the sample pointer in order to get an address of the
member to calculate the offset. Ideally this shouldn't cause any
problems because the dereference doesn't actually cause the address to
be read from so it shouldn't matter if the pointer is uninitialised.
However this is probably technically invalid and could cause undefined
behavior. Clang appears to take advantage of this undefined behavior
and doesn't bother doing the subtraction. It also gives a warning when
it does this.
The documentation for wl_container_of implies that it should only be
given an initialised pointer and if that is done then there is no
problem with clang. However this is quite easy to forget and doesn't
cause any problems or warnings with gcc so it's quite easy to
accidentally break clang.
To fix the problem this changes the macro to use pointer -
offsetof(__typeof__(sample), member) so that it doesn't need to deref
the sample pointer. This does however require that the __typeof__
operator is supported by the compiler. In practice we probably only
care about gcc and clang and both of these happily support the
operator.
The previous implementation was also using __typeof__ but it had a
fallback path avoiding it when the operator isn't available. The
fallback effectively has undefined behaviour and it is targetting
unknown compilers so it is probably not a good idea to leave it in.
Instead, this patch just removes it. If someone finds a compiler that
doesn't have __typeof__ but does work with the old implementation then
maybe they could add it back in as a special case.
This patch removes the initialisation anywhere where the sample
pointer was being unitialised before using wl_container_of. The
documentation for the macro has also been updated to specify that this
is OK.
In wl_display_add_shm_format(), check the return value from
wl_array_add() before dereferencing it and assigning it a value.
Return the resulting pointer back to the caller.
Signed-off-by: U. Artie Eoff <ullysses.a.eoff@intel.com>
A bug in Weston's toytoolkit gave me an hour of debugging headaches.
Improve the error messages that we send if a client requests an invalid
global, either by name or by version.
This commit adds support for server-side languages bindings. This is done
in two ways:
1. Adding a wl_resource_set_dispatcher function that corresponds to
wl_resource_set_interface. The only difference between the two functions
is that the new version takes a dispatcher along with the implementation,
data, and destructor. This allows for runtime calling of native language
functions for callbacks instead of having to generate function pointers.
2. Adding versions of wl_resource_post_event and wl_resource_queue_event
that take an array of wl_argument instead of a variable argument list.
This allows for easier run-time argument conversion and removes the need
for libffi-based calling of variadic functions.
Signed-off-by: Jason Ekstrand <jason@jlekstrand.net>
