summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--ChangeLog15
-rw-r--r--NEWS41
-rw-r--r--bus/bus.c2
-rw-r--r--bus/config-loader-expat.c3
-rw-r--r--bus/config-parser.c17
-rw-r--r--bus/config-parser.h4
-rw-r--r--bus/system.conf.in5
-rw-r--r--configure.in2
-rw-r--r--dbus/dbus-userdb.c28
-rw-r--r--test/Makefile.am1
-rw-r--r--test/data/valid-config-files/system.d/test.conf20
11 files changed, 123 insertions, 15 deletions
diff --git a/ChangeLog b/ChangeLog
index 2967d1af..9cefee0b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,18 @@
+2003-04-28 Havoc Pennington <hp@redhat.com>
+
+ * configure.in: 0.10
+
+ * NEWS: update
+
+ * bus/system.conf.in: add <includedir>system.d</includedir>
+
+ * dbus/dbus-userdb.c (_dbus_user_database_lookup): fix bug when
+ username was provided but not uid
+
+ * bus/config-parser.c (struct BusConfigParser): keep track of
+ whether the parser is toplevel or was included; change some
+ of the error handling if it's included.
+
2003-04-27 Havoc Pennington <hp@pobox.com>
Unbreak my code...
diff --git a/NEWS b/NEWS
index ce26a046..e46359a9 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,44 @@
+D-BUS 0.10
+===
+
+- reversed order of args to dbus_message_new()
+- renamed dbus_message_name_is() and some other
+ functions
+- change DBusWatch to have dbus_watch_handle()
+ similar to dbus_timeout_handle(), drop
+ connection/server-specific handle routines
+- change message serials to be unsigned
+- implemented <allow>/<deny>/<limit> features for
+ config file; system bus now has a deny-all policy
+ by default.
+- system.conf has <includedir>system.d</includedir>
+ so packages can install additions to the default
+ policy to <allow> the messages they need. e.g.
+ CUPS might install a cups.conf - see
+ test/data/valid-config-files/system.d/test.conf
+ for an example.
+- add timeouts for authentication, activation
+- add glib-style "checks" on public API, enable
+ those by default, disable assertions by default
+- add GMainContext argument to GLib setup functions,
+ can be NULL for default context. Needed for threads.
+- add 64-bit integer type
+- validate type of standard message header fields
+- consider messages in the org.freedesktop.Local
+ namespace to be invalid (to avoid fake disconnect
+ messages for example)
+- fix assorted memory leaks and other bugs in
+ the SHA-1 auth mechanism
+- cache user database information (groups user is
+ in, etc.) helps a lot with NIS
+- always store uid_t, pid_t, gid_t in "ulong"
+ rather than "int"
+- implement config file settings for which
+ users can connect
+- SHA-1 unit test
+- dbus-send, dbus-monitor command line utilities
+- fixed lots of misc crashes and other bugs
+
D-BUS 0.9
===
diff --git a/bus/bus.c b/bus/bus.c
index e0f66489..cabc0b18 100644
--- a/bus/bus.c
+++ b/bus/bus.c
@@ -312,7 +312,7 @@ bus_context_new (const DBusString *config_file,
context = NULL;
auth_mechanisms = NULL;
- parser = bus_config_load (config_file, error);
+ parser = bus_config_load (config_file, TRUE, error);
if (parser == NULL)
goto failed;
diff --git a/bus/config-loader-expat.c b/bus/config-loader-expat.c
index 372a8867..3e45166d 100644
--- a/bus/config-loader-expat.c
+++ b/bus/config-loader-expat.c
@@ -164,6 +164,7 @@ expat_CharacterDataHandler (void *userData,
BusConfigParser*
bus_config_load (const DBusString *file,
+ dbus_bool_t is_toplevel,
DBusError *error)
{
XML_Parser expat;
@@ -207,7 +208,7 @@ bus_config_load (const DBusString *file,
goto failed;
}
- parser = bus_config_parser_new (&dirname);
+ parser = bus_config_parser_new (&dirname, is_toplevel);
if (parser == NULL)
{
dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
diff --git a/bus/config-parser.c b/bus/config-parser.c
index 90f9efd3..d3f482ab 100644
--- a/bus/config-parser.c
+++ b/bus/config-parser.c
@@ -109,10 +109,12 @@ struct BusConfigParser
BusPolicy *policy; /**< Security policy */
BusLimits limits; /**< Limits */
-
+
+ char *pidfile; /**< PID file */
+
unsigned int fork : 1; /**< TRUE to fork into daemon mode */
- char *pidfile;
+ unsigned int is_toplevel : 1; /**< FALSE if we are a sub-config-file inside another one */
};
static const char*
@@ -266,7 +268,8 @@ merge_included (BusConfigParser *parser,
}
BusConfigParser*
-bus_config_parser_new (const DBusString *basedir)
+bus_config_parser_new (const DBusString *basedir,
+ dbus_bool_t is_toplevel)
{
BusConfigParser *parser;
@@ -274,6 +277,8 @@ bus_config_parser_new (const DBusString *basedir)
if (parser == NULL)
return NULL;
+ parser->is_toplevel = !!is_toplevel;
+
if (!_dbus_string_init (&parser->basedir))
{
dbus_free (parser);
@@ -1388,7 +1393,7 @@ include_file (BusConfigParser *parser,
DBusError tmp_error;
dbus_error_init (&tmp_error);
- included = bus_config_load (filename, &tmp_error);
+ included = bus_config_load (filename, FALSE, &tmp_error);
if (included == NULL)
{
_DBUS_ASSERT_ERROR_IS_SET (&tmp_error);
@@ -1759,7 +1764,7 @@ bus_config_parser_finished (BusConfigParser *parser,
return FALSE;
}
- if (parser->listen_on == NULL)
+ if (parser->is_toplevel && parser->listen_on == NULL)
{
dbus_set_error (error, DBUS_ERROR_FAILED,
"Configuration file needs one or more <listen> elements giving addresses");
@@ -1853,7 +1858,7 @@ do_load (const DBusString *full_path,
dbus_error_init (&error);
- parser = bus_config_load (full_path, &error);
+ parser = bus_config_load (full_path, TRUE, &error);
if (parser == NULL)
{
_DBUS_ASSERT_ERROR_IS_SET (&error);
diff --git a/bus/config-parser.h b/bus/config-parser.h
index acf868ef..eaeafdc5 100644
--- a/bus/config-parser.h
+++ b/bus/config-parser.h
@@ -35,7 +35,8 @@
typedef struct BusConfigParser BusConfigParser;
-BusConfigParser* bus_config_parser_new (const DBusString *basedir);
+BusConfigParser* bus_config_parser_new (const DBusString *basedir,
+ dbus_bool_t is_toplevel);
void bus_config_parser_ref (BusConfigParser *parser);
void bus_config_parser_unref (BusConfigParser *parser);
dbus_bool_t bus_config_parser_check_doctype (BusConfigParser *parser,
@@ -71,6 +72,7 @@ void bus_config_parser_get_limits (BusConfigParser *parser,
* finished ConfigParser.
*/
BusConfigParser* bus_config_load (const DBusString *file,
+ dbus_bool_t is_toplevel,
DBusError *error);
diff --git a/bus/system.conf.in b/bus/system.conf.in
index e65c4af1..d8cd96a8 100644
--- a/bus/system.conf.in
+++ b/bus/system.conf.in
@@ -38,7 +38,12 @@
<allow user="*"/>
</policy>
+ <!-- Config files are placed here that among other things, punch
+ holes in the above policy for specific services. -->
+ <includedir>system.d</includedir>
+
<!-- This is included last so local configuration can override what's
in this standard file -->
<include ignore_missing="yes">system-local.conf</include>
+
</busconfig>
diff --git a/configure.in b/configure.in
index 37a1bef8..6c4982f7 100644
--- a/configure.in
+++ b/configure.in
@@ -3,7 +3,7 @@ AC_PREREQ(2.52)
AC_INIT(dbus/dbus.h)
-AM_INIT_AUTOMAKE(dbus, 0.9)
+AM_INIT_AUTOMAKE(dbus, 0.10)
AM_CONFIG_HEADER(config.h)
diff --git a/dbus/dbus-userdb.c b/dbus/dbus-userdb.c
index 00f2dced..4a7b7488 100644
--- a/dbus/dbus-userdb.c
+++ b/dbus/dbus-userdb.c
@@ -69,7 +69,8 @@ _dbus_user_database_lookup (DBusUserDatabase *db,
DBusUserInfo *info;
_DBUS_ASSERT_ERROR_IS_CLEAR (error);
-
+ _dbus_assert (uid != DBUS_UID_UNSET || username != NULL);
+
if (uid != DBUS_UID_UNSET)
info = _dbus_hash_table_lookup_ulong (db->users, uid);
else
@@ -93,13 +94,30 @@ _dbus_user_database_lookup (DBusUserDatabase *db,
return NULL;
}
- if (!_dbus_user_info_fill_uid (info, uid, error))
+ if (uid != DBUS_UID_UNSET)
{
- _DBUS_ASSERT_ERROR_IS_SET (error);
- free_user_info (info);
- return NULL;
+ if (!_dbus_user_info_fill_uid (info, uid, error))
+ {
+ _DBUS_ASSERT_ERROR_IS_SET (error);
+ free_user_info (info);
+ return NULL;
+ }
+ }
+ else
+ {
+ if (!_dbus_user_info_fill (info, username, error))
+ {
+ _DBUS_ASSERT_ERROR_IS_SET (error);
+ free_user_info (info);
+ return NULL;
+ }
}
+ /* be sure we don't use these after here */
+ uid = DBUS_UID_UNSET;
+ username = NULL;
+
+ /* insert into hash */
if (!_dbus_hash_table_insert_ulong (db->users, info->uid, info))
{
dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
diff --git a/test/Makefile.am b/test/Makefile.am
index 69a447df..227f0dba 100644
--- a/test/Makefile.am
+++ b/test/Makefile.am
@@ -61,6 +61,7 @@ TESTDIRS= \
data/sha-1 \
data/valid-config-files \
data/valid-config-files/basic.d \
+ data/valid-config-files/system.d \
data/valid-service-files
FIND_TESTS=find -name "*.message" -o -name "*.message-raw" -o -name "*.auth-script" -o -name "*.sha1" -o -name "*.txt" -o -name "*.conf" -o -name "*.service"
diff --git a/test/data/valid-config-files/system.d/test.conf b/test/data/valid-config-files/system.d/test.conf
new file mode 100644
index 00000000..a683679e
--- /dev/null
+++ b/test/data/valid-config-files/system.d/test.conf
@@ -0,0 +1,20 @@
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+ <!-- The following demonstrates how to punch holes in a default deny-all
+ policy so that a particular user can own a service, and other
+ connections can get messages from it -->
+
+ <!-- Only fooserviceuser can own the FooService service, and
+ this user can only send the one kind of message -->
+ <policy user="fooserviceuser">
+ <allow own="org.foo.FooService"/>
+ <allow send="org.foo.FooBroadcastMessage"/>
+ </policy>
+
+ <!-- Allow any connection to receive the message, but
+ only if the message is sent by the owner of FooService -->
+ <policy context="default">
+ <allow receive="org.foo.FooBroadcastMessage" receive_from="org.foo.FooService"/>
+ </policy>
+</busconfig>