diff options
-rw-r--r-- | bus/bus.c | 5 | ||||
-rw-r--r-- | bus/config-parser-common.c | 6 | ||||
-rw-r--r-- | bus/config-parser-common.h | 3 | ||||
-rw-r--r-- | bus/config-parser.c | 24 | ||||
-rw-r--r-- | bus/dbus-daemon.1.in | 5 | ||||
-rw-r--r-- | dbus/dbus-sysdeps-unix.c | 28 | ||||
-rw-r--r-- | dbus/dbus-sysdeps-util-unix.c | 2 | ||||
-rw-r--r-- | test/name-test/tmp-session-like-system.conf | 4 |
8 files changed, 60 insertions, 17 deletions
@@ -56,6 +56,7 @@ struct BusContext unsigned int fork : 1; unsigned int syslog : 1; unsigned int keep_umask : 1; + unsigned int allow_anonymous : 1; }; static dbus_int32_t server_data_slot = -1; @@ -190,6 +191,9 @@ new_connection_callback (DBusServer *server, dbus_connection_set_max_message_size (new_connection, context->limits.max_message_size); + dbus_connection_set_allow_anonymous (new_connection, + context->allow_anonymous); + /* on OOM, we won't have ref'd the connection so it will die. */ } @@ -388,6 +392,7 @@ process_config_first_time_only (BusContext *context, context->fork = bus_config_parser_get_fork (parser); context->syslog = bus_config_parser_get_syslog (parser); context->keep_umask = bus_config_parser_get_keep_umask (parser); + context->allow_anonymous = bus_config_parser_get_allow_anonymous (parser); _DBUS_ASSERT_ERROR_IS_CLEAR (error); retval = TRUE; diff --git a/bus/config-parser-common.c b/bus/config-parser-common.c index 88e099ac..5cdbba26 100644 --- a/bus/config-parser-common.c +++ b/bus/config-parser-common.c @@ -122,6 +122,10 @@ bus_config_parser_element_name_to_type (const char *name) { return ELEMENT_KEEP_UMASK; } + else if (strcmp (name, "allow_anonymous") == 0) + { + return ELEMENT_ALLOW_ANONYMOUS; + } return ELEMENT_NONE; } @@ -174,6 +178,8 @@ bus_config_parser_element_type_to_name (ElementType type) return "syslog"; case ELEMENT_KEEP_UMASK: return "keep_umask"; + case ELEMENT_ALLOW_ANONYMOUS: + return "allow_anonymous"; } _dbus_assert_not_reached ("bad element type"); diff --git a/bus/config-parser-common.h b/bus/config-parser-common.h index ae40d089..2c296433 100644 --- a/bus/config-parser-common.h +++ b/bus/config-parser-common.h @@ -48,8 +48,9 @@ typedef enum ELEMENT_ASSOCIATE, ELEMENT_STANDARD_SESSION_SERVICEDIRS, ELEMENT_STANDARD_SYSTEM_SERVICEDIRS, + ELEMENT_KEEP_UMASK, ELEMENT_SYSLOG, - ELEMENT_KEEP_UMASK + ELEMENT_ALLOW_ANONYMOUS } ElementType; ElementType bus_config_parser_element_name_to_type (const char *element_name); diff --git a/bus/config-parser.c b/bus/config-parser.c index 38ce8a1d..c3e8fba1 100644 --- a/bus/config-parser.c +++ b/bus/config-parser.c @@ -115,6 +115,8 @@ struct BusConfigParser unsigned int keep_umask : 1; /**< TRUE to keep original umask when forking */ unsigned int is_toplevel : 1; /**< FALSE if we are a sub-config-file inside another one */ + + unsigned int allow_anonymous : 1; /**< TRUE to allow anonymous connections */ }; static Element* @@ -851,6 +853,20 @@ start_busconfig_child (BusConfigParser *parser, return TRUE; } + else if (element_type == ELEMENT_ALLOW_ANONYMOUS) + { + if (!check_no_attributes (parser, "allow_anonymous", attribute_names, attribute_values, error)) + return FALSE; + + if (push_element (parser, ELEMENT_ALLOW_ANONYMOUS) == NULL) + { + BUS_SET_OOM (error); + return FALSE; + } + + parser->allow_anonymous = TRUE; + return TRUE; + } else if (element_type == ELEMENT_SERVICEDIR) { if (!check_no_attributes (parser, "servicedir", attribute_names, attribute_values, error)) @@ -1994,6 +2010,7 @@ bus_config_parser_end_element (BusConfigParser *parser, case ELEMENT_ASSOCIATE: case ELEMENT_STANDARD_SESSION_SERVICEDIRS: case ELEMENT_STANDARD_SYSTEM_SERVICEDIRS: + case ELEMENT_ALLOW_ANONYMOUS: break; } @@ -2279,6 +2296,7 @@ bus_config_parser_content (BusConfigParser *parser, case ELEMENT_KEEP_UMASK: case ELEMENT_STANDARD_SESSION_SERVICEDIRS: case ELEMENT_STANDARD_SYSTEM_SERVICEDIRS: + case ELEMENT_ALLOW_ANONYMOUS: case ELEMENT_SELINUX: case ELEMENT_ASSOCIATE: if (all_whitespace (content)) @@ -2611,6 +2629,12 @@ bus_config_parser_get_keep_umask (BusConfigParser *parser) return parser->keep_umask; } +dbus_bool_t +bus_config_parser_get_allow_anonymous (BusConfigParser *parser) +{ + return parser->allow_anonymous; +} + const char * bus_config_parser_get_pidfile (BusConfigParser *parser) { diff --git a/bus/dbus-daemon.1.in b/bus/dbus-daemon.1.in index 8342600e..4b55ac29 100644 --- a/bus/dbus-daemon.1.in +++ b/bus/dbus-daemon.1.in @@ -430,7 +430,6 @@ your service. .PP The <policy> element has one of four attributes: -daemon.1.in .nf context="(default|mandatory)" at_console="(true|false)" @@ -496,9 +495,7 @@ The possible attributes of these elements are: .PP Examples: .nf - <deny send_interface="org.freedesktop.System" send_member="Reboot"/> - <deny receive_interface="org.freedesktop.System" receive_member="Reboot"/> - <deny own="org.freedesktop.System"/> + <deny send_destination="org.freedesktop.Service" send_interface="org.freedesktop.System" send_member="Reboot"/> <deny send_destination="org.freedesktop.System"/> <deny receive_sender="org.freedesktop.System"/> <deny user="john"/> diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c index ccb84832..29d234a4 100644 --- a/dbus/dbus-sysdeps-unix.c +++ b/dbus/dbus-sysdeps-unix.c @@ -758,6 +758,7 @@ _dbus_connect_tcp_socket (const char *host, const char *family, DBusError *error) { + int saved_errno = 0; int fd = -1, res; struct addrinfo hints; struct addrinfo *ai, *tmp; @@ -783,7 +784,7 @@ _dbus_connect_tcp_socket (const char *host, else { dbus_set_error (error, - _dbus_error_from_errno (errno), + DBUS_ERROR_BAD_ADDRESS, "Unknown address family %s", family); return -1; } @@ -814,6 +815,7 @@ _dbus_connect_tcp_socket (const char *host, if (connect (fd, (struct sockaddr*) tmp->ai_addr, tmp->ai_addrlen) < 0) { + saved_errno = errno; _dbus_close(fd, NULL); fd = -1; tmp = tmp->ai_next; @@ -827,9 +829,9 @@ _dbus_connect_tcp_socket (const char *host, if (fd == -1) { dbus_set_error (error, - _dbus_error_from_errno (errno), + _dbus_error_from_errno (saved_errno), "Failed to connect to socket \"%s:%s\" %s", - host, port, _dbus_strerror(errno)); + host, port, _dbus_strerror(saved_errno)); return -1; } @@ -867,6 +869,7 @@ _dbus_listen_tcp_socket (const char *host, int **fds_p, DBusError *error) { + int saved_errno; int nlisten_fd = 0, *listen_fd = NULL, res, i; struct addrinfo hints; struct addrinfo *ai, *tmp; @@ -885,7 +888,7 @@ _dbus_listen_tcp_socket (const char *host, else { dbus_set_error (error, - _dbus_error_from_errno (errno), + DBUS_ERROR_BAD_ADDRESS, "Unknown address family %s", family); return -1; } @@ -917,8 +920,9 @@ _dbus_listen_tcp_socket (const char *host, if (bind (fd, (struct sockaddr*) tmp->ai_addr, tmp->ai_addrlen) < 0) { + saved_errno = errno; _dbus_close(fd, NULL); - if (errno == EADDRINUSE) + if (saved_errno == EADDRINUSE) { /* Depending on kernel policy, it may or may not be neccessary to bind to both IPv4 & 6 addresses @@ -926,28 +930,30 @@ _dbus_listen_tcp_socket (const char *host, tmp = tmp->ai_next; continue; } - dbus_set_error (error, _dbus_error_from_errno (errno), + dbus_set_error (error, _dbus_error_from_errno (saved_errno), "Failed to bind socket \"%s:%s\": %s", - host ? host : "*", port, _dbus_strerror (errno)); + host ? host : "*", port, _dbus_strerror (saved_errno)); goto failed; } if (listen (fd, 30 /* backlog */) < 0) { + saved_errno = errno; _dbus_close (fd, NULL); - dbus_set_error (error, _dbus_error_from_errno (errno), + dbus_set_error (error, _dbus_error_from_errno (saved_errno), "Failed to listen on socket \"%s:%s\": %s", - host ? host : "*", port, _dbus_strerror (errno)); + host ? host : "*", port, _dbus_strerror (saved_errno)); goto failed; } newlisten_fd = dbus_realloc(listen_fd, sizeof(int)*(nlisten_fd+1)); if (!newlisten_fd) { + saved_errno = errno; _dbus_close (fd, NULL); - dbus_set_error (error, _dbus_error_from_errno (errno), + dbus_set_error (error, _dbus_error_from_errno (saved_errno), "Failed to allocate file handle array: %s", - _dbus_strerror (errno)); + _dbus_strerror (saved_errno)); goto failed; } listen_fd = newlisten_fd; diff --git a/dbus/dbus-sysdeps-util-unix.c b/dbus/dbus-sysdeps-util-unix.c index d31e1441..f1e20334 100644 --- a/dbus/dbus-sysdeps-util-unix.c +++ b/dbus/dbus-sysdeps-util-unix.c @@ -44,6 +44,7 @@ #include <dirent.h> #include <sys/un.h> #include <syslog.h> +#include <syslog.h> #ifdef HAVE_LIBAUDIT #include <sys/prctl.h> #include <sys/capability.h> @@ -1234,4 +1235,3 @@ fail: _dbus_string_free (&path); return FALSE; } - diff --git a/test/name-test/tmp-session-like-system.conf b/test/name-test/tmp-session-like-system.conf index 0818109a..29ab115f 100644 --- a/test/name-test/tmp-session-like-system.conf +++ b/test/name-test/tmp-session-like-system.conf @@ -8,6 +8,10 @@ <!-- Our well-known bus type, don't change this --> <type>session</type> + <!-- If we fork, keep the user's original umask to avoid affecting + the behavior of child processes. --> + <keep_umask/> + <syslog/> <listen>unix:tmpdir=/tmp</listen> |