SnapdAuthData should always contain a valid Macaroon and discharges. It's
created in three possible ways:
- On the result of a v2/login request
- On the result of a D-Bus call to snapd-login-service
- By the user
In normal operation it shouldn't be possible to have an invalid
SnapdAuthData, but I'll add some more checks at creation time to confirm
macaroon != NULL and some checks when reading to handle a NULL
discharges (which is a valid empty string array in GObject).
Yeah, the manual HTTP code is a pain. As mentioned in the code this is because
libsoup doesn't support Unix sockets
(https://bugzilla.gnome.org/show_bug.cgi?id=727563). I decided to use as much
of libsoup as possible and not another library because:
- We only talk to snapd using this code - so a corrupt call shouldn't be much
higher risk than a malicious program accessing snapd directly.
- Other libraries are not likely to match well with existing GObject code.
- I don't want to add an additional dependency.
- I hold out hope that libsoup will support this case in the future and we can
drop our manual code. (I like to dream...)
** Bug watch added: GNOME Bug Tracker #727563
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
To manage notifications about this bug go to:
ubuntu-bugs mailing list