From 6531968a0b62959633627f9a74a6f19f2741261d Mon Sep 17 00:00:00 2001 From: Artem Bityutskiy Date: Fri, 29 Aug 2008 17:13:15 +0300 Subject: Bug 17352: synchronize the file before renaming Dbus is doing atomic file updates by copying them, changing the copy, and re-naming them. However, it does not synchronize the file before re-naming, which results in corruption in case of unclean reboots. The reason for this is that file-systems have write-back cache and they postpone writing data to the media. This patch adds the missed fsync() for the Unix part. I do not have windows so cannot provide a windows port fix. Signed-off-by: Artem Bityutskiy Signed-off-by: Colin Walters --- dbus/dbus-sysdeps-unix.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c index 1e45649f..18b4967b 100644 --- a/dbus/dbus-sysdeps-unix.c +++ b/dbus/dbus-sysdeps-unix.c @@ -2224,6 +2224,15 @@ _dbus_string_save_to_file (const DBusString *str, total += bytes_written; } + if (fsync(fd)) + { + dbus_set_error (error, _dbus_error_from_errno (errno), + "Could not synchronize file %s: %s", + tmp_filename_c, _dbus_strerror (errno)); + + goto out; + } + if (!_dbus_close (fd, NULL)) { dbus_set_error (error, _dbus_error_from_errno (errno), -- cgit From e8ea01bd07eedb3c98bc0725e5799fe08499262a Mon Sep 17 00:00:00 2001 From: Jens Granseuer Date: Thu, 7 Aug 2008 14:45:51 -0400 Subject: Bug 13387: Fix compilation failure with AI_ADDRCONFIG Signed-off-by: Colin Walters --- dbus/dbus-sysdeps-unix.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c index 18b4967b..3f963bca 100644 --- a/dbus/dbus-sysdeps-unix.c +++ b/dbus/dbus-sysdeps-unix.c @@ -79,8 +79,8 @@ #define O_BINARY 0 #endif -#ifndef _AI_ADDRCONFIG -#define _AI_ADDRCONFIG 0 +#ifndef AI_ADDRCONFIG +#define AI_ADDRCONFIG 0 #endif #ifndef HAVE_SOCKLEN_T -- cgit From 008bca5a4e3600d56ac7c1fe984789110b83e1b2 Mon Sep 17 00:00:00 2001 From: Joe Marcus Clarke Date: Thu, 4 Sep 2008 22:13:30 -0400 Subject: Bug 17061: Handle error return from sysconf correctly * dbus/dbus-sysdeps-unix.c: * dbus/dbus-sysdeps-util-unix.c: Cast return from sysconf temporarily so we actually see -1. Signed-off-by: Colin Walters --- dbus/dbus-sysdeps-unix.c | 6 +++++- dbus/dbus-sysdeps-util-unix.c | 6 +++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c index 3f963bca..24a3774f 100644 --- a/dbus/dbus-sysdeps-unix.c +++ b/dbus/dbus-sysdeps-unix.c @@ -1493,7 +1493,11 @@ fill_user_info (DBusUserInfo *info, /* retrieve maximum needed size for buf */ buflen = sysconf (_SC_GETPW_R_SIZE_MAX); - if (buflen <= 0) + /* sysconf actually returns a long, but everything else expects size_t, + * so just recast here. + * https://bugs.freedesktop.org/show_bug.cgi?id=17061 + */ + if ((long) buflen <= 0) buflen = 1024; result = -1; diff --git a/dbus/dbus-sysdeps-util-unix.c b/dbus/dbus-sysdeps-util-unix.c index 55eb9346..0343a90c 100644 --- a/dbus/dbus-sysdeps-util-unix.c +++ b/dbus/dbus-sysdeps-util-unix.c @@ -836,7 +836,11 @@ fill_group_info (DBusGroupInfo *info, /* retrieve maximum needed size for buf */ buflen = sysconf (_SC_GETGR_R_SIZE_MAX); - if (buflen <= 0) + /* sysconf actually returns a long, but everything else expects size_t, + * so just recast here. + * https://bugs.freedesktop.org/show_bug.cgi?id=17061 + */ + if ((long) buflen <= 0) buflen = 1024; result = -1; -- cgit From f2922ce4bcf06aa8ee540accbd005c472c95d28f Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Wed, 1 Oct 2008 13:49:48 -0400 Subject: Bug 17803: Panic from dbus_signature_validate * dbus/dbus-marshal-validate.c: Ensure we validate a basic type before calling is_basic on it. * dbus-marshal-validate-util.c: Test. --- dbus/dbus-marshal-validate-util.c | 1 + dbus/dbus-marshal-validate.c | 1 + 2 files changed, 2 insertions(+) diff --git a/dbus/dbus-marshal-validate-util.c b/dbus/dbus-marshal-validate-util.c index f2901d74..5365d6d3 100644 --- a/dbus/dbus-marshal-validate-util.c +++ b/dbus/dbus-marshal-validate-util.c @@ -228,6 +228,7 @@ _dbus_marshal_validate_test (void) "123", ".", "(" + "a{(ii)i}" /* https://bugs.freedesktop.org/show_bug.cgi?id=17803 */ }; /* Signature with reason */ diff --git a/dbus/dbus-marshal-validate.c b/dbus/dbus-marshal-validate.c index e63a463b..b24b5bc2 100644 --- a/dbus/dbus-marshal-validate.c +++ b/dbus/dbus-marshal-validate.c @@ -247,6 +247,7 @@ _dbus_validate_signature_with_reason (const DBusString *type_str, } if (last == DBUS_DICT_ENTRY_BEGIN_CHAR && + _dbus_type_is_valid (*p) && !dbus_type_is_basic (*p)) { result = DBUS_INVALID_DICT_KEY_MUST_BE_BASIC_TYPE; -- cgit From c3fe204d31e0b58ce1a48d7e7e9365d20dfbb95a Mon Sep 17 00:00:00 2001 From: Peter McCurdy Date: Mon, 25 Aug 2008 10:10:00 -0400 Subject: Bug 17280: Add a prototype for _dbus_credentials_add_adt_audit_data() * dbus/dbus-credentials.h: Add a prototype for _dbus_credentials_add_adt_audit_data() Signed-off-by: Colin Walters --- dbus/dbus-credentials.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/dbus/dbus-credentials.h b/dbus/dbus-credentials.h index d4c8d160..8eed2bd2 100644 --- a/dbus/dbus-credentials.h +++ b/dbus/dbus-credentials.h @@ -47,6 +47,9 @@ dbus_bool_t _dbus_credentials_add_unix_uid (DBusCredentials dbus_uid_t uid); dbus_bool_t _dbus_credentials_add_windows_sid (DBusCredentials *credentials, const char *windows_sid); +dbus_bool_t _dbus_credentials_add_adt_audit_data (DBusCredentials *credentials, + void *audit_data, + dbus_int32_t size); dbus_bool_t _dbus_credentials_include (DBusCredentials *credentials, DBusCredentialType type); dbus_pid_t _dbus_credentials_get_unix_pid (DBusCredentials *credentials); -- cgit From 033b67aff0cdb690b697408db52161f5fd69c597 Mon Sep 17 00:00:00 2001 From: Peter McCurdy Date: Mon, 25 Aug 2008 10:00:09 -0400 Subject: 2008-08-24 Peter McCurdy * dbus/dbus-marshal-recursive.c: A stray comma between two string literals caused incorrect output and a compiler warning. Signed-off-by: Colin Walters --- dbus/dbus-marshal-recursive.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dbus/dbus-marshal-recursive.c b/dbus/dbus-marshal-recursive.c index 6c2902e2..76ee344f 100644 --- a/dbus/dbus-marshal-recursive.c +++ b/dbus/dbus-marshal-recursive.c @@ -1654,7 +1654,7 @@ writer_recurse_init_and_check (DBusTypeWriter *writer, _dbus_type_to_string (expected), _dbus_string_get_const_data (writer->type_str), writer->type_pos); else - _dbus_warn_check_failed ("Writing an element of type %s, but no value is expected here\n", + _dbus_warn_check_failed ("Writing an element of type %s, but no value is expected here\n" "The overall signature expected here was '%s' and we are on byte %d of that signature.\n", _dbus_type_to_string (sub->container_type), _dbus_string_get_const_data (writer->type_str), writer->type_pos); -- cgit From 15c32cf40163888b92a2e40c062fe0b62542c259 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Mon, 6 Oct 2008 18:09:51 -0400 Subject: Release 1.2.4 --- configure.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.in b/configure.in index f75fed1d..97d9c142 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ AC_PREREQ(2.52) m4_define([dbus_major_version], [1]) m4_define([dbus_minor_version], [2]) -m4_define([dbus_micro_version], [3]) +m4_define([dbus_micro_version], [4]) m4_define([dbus_version], [dbus_major_version.dbus_minor_version.dbus_micro_version]) AC_INIT(dbus, [dbus_version]) -- cgit From 42d278a267359b5c93e839f033ecb306068557aa Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Mon, 6 Oct 2008 18:10:55 -0400 Subject: Bump configure again for git --- configure.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.in b/configure.in index 97d9c142..b5dbb2a0 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ AC_PREREQ(2.52) m4_define([dbus_major_version], [1]) m4_define([dbus_minor_version], [2]) -m4_define([dbus_micro_version], [4]) +m4_define([dbus_micro_version], [5]) m4_define([dbus_version], [dbus_major_version.dbus_minor_version.dbus_micro_version]) AC_INIT(dbus, [dbus_version]) -- cgit From c5526c18ad4dbf706e12ae46c5b8b26efa17e52c Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Thu, 4 Dec 2008 14:27:21 -0500 Subject: Infrastructure for testing a "system like" bus in test suite The tmp-session-like-system.conf bus configuration has a security policy intended to mirror that of the system bus. This allows testing policy rules. --- test/name-test/Makefile.am | 2 +- test/name-test/run-test-systemserver.sh | 41 +++++++++++++++ test/name-test/tmp-session-like-system.conf | 79 +++++++++++++++++++++++++++++ tools/run-with-tmp-session-bus.sh | 5 +- 4 files changed, 125 insertions(+), 2 deletions(-) create mode 100755 test/name-test/run-test-systemserver.sh create mode 100644 test/name-test/tmp-session-like-system.conf diff --git a/test/name-test/Makefile.am b/test/name-test/Makefile.am index 17e05bec..fee1e606 100644 --- a/test/name-test/Makefile.am +++ b/test/name-test/Makefile.am @@ -5,7 +5,7 @@ INCLUDES=-I$(top_srcdir) $(DBUS_CLIENT_CFLAGS) $(DBUS_GLIB_CFLAGS) $(DBUS_TEST_C ## TESTS if DBUS_BUILD_TESTS TESTS_ENVIRONMENT=DBUS_TOP_BUILDDIR=@abs_top_builddir@ DBUS_TOP_SRCDIR=@abs_top_srcdir@ -TESTS=run-test.sh +TESTS=run-test.sh run-test-systemserver.sh else TESTS= endif diff --git a/test/name-test/run-test-systemserver.sh b/test/name-test/run-test-systemserver.sh new file mode 100755 index 00000000..fd82326c --- /dev/null +++ b/test/name-test/run-test-systemserver.sh @@ -0,0 +1,41 @@ +#! /bin/sh +die() +{ + if ! test -z "$DBUS_SESSION_BUS_PID" ; then + echo "killing message bus "$DBUS_SESSION_BUS_PID >&2 + kill -9 $DBUS_SESSION_BUS_PID + fi + echo $SCRIPTNAME: $* >&2 + + exit 1 +} + +SCRIPTNAME=$0 +MODE=$1 + +## so the tests can complain if you fail to use the script to launch them +DBUS_TEST_NAME_RUN_TEST_SCRIPT=1 +export DBUS_TEST_NAME_RUN_TEST_SCRIPT + +SOURCE_CONFIG_FILE=$DBUS_TOP_SRCDIR/test/name-test/tmp-session-like-system.conf +export SOURCE_CONFIG_FILE +# Rerun ourselves with tmp session bus if we're not already +if test -z "$DBUS_TEST_NAME_IN_SYS_RUN_TEST"; then + DBUS_TEST_NAME_IN_SYS_RUN_TEST=1 + export DBUS_TEST_NAME_IN_SYS_RUN_TEST + exec $DBUS_TOP_SRCDIR/tools/run-with-tmp-session-bus.sh $SCRIPTNAME $MODE +fi + +if test -n "$DBUS_TEST_MONITOR"; then + dbus-monitor --session & +fi + +echo "running test-expected-echo-fail" +${DBUS_TOP_BUILDDIR}/libtool --mode=execute $DEBUG $DBUS_TOP_BUILDDIR/tools/dbus-send --print-reply --dest=org.freedesktop.DBus.TestSuiteEchoService /org/freedesktop/TestSuite org.freedesktop.TestSuite.Echo string:hi >echo-error-output.tmp 2>&1 +if ! grep -q 'DBus.Error' echo-error-output.tmp; then + echo "Didn't get expected failure; output was:" + echo "=====" + cat echo-error-output.tmp + echo "=====" + exit 1 +fi diff --git a/test/name-test/tmp-session-like-system.conf b/test/name-test/tmp-session-like-system.conf new file mode 100644 index 00000000..e483c89b --- /dev/null +++ b/test/name-test/tmp-session-like-system.conf @@ -0,0 +1,79 @@ + + + + + + session + + + + + unix:tmpdir=/tmp + + + + + + + + + + + + + + + + + + + + + + + + + + + + + session.d + + + session-local.conf + + contexts/dbus_contexts + + + + + 1000000000 + 1000000000 + 1000000000 + 120000 + 240000 + 100000 + 10000 + 100000 + 10000 + 50000 + 50000 + 50000 + 300000 + + diff --git a/tools/run-with-tmp-session-bus.sh b/tools/run-with-tmp-session-bus.sh index f95ee62e..982184a2 100755 --- a/tools/run-with-tmp-session-bus.sh +++ b/tools/run-with-tmp-session-bus.sh @@ -26,8 +26,11 @@ SERVICE_DIR="$DBUS_TOP_BUILDDIR/test/data/valid-service-files" ESCAPED_SERVICE_DIR=`echo $SERVICE_DIR | sed -e 's/\//\\\\\\//g'` echo "escaped service dir is: $ESCAPED_SERVICE_DIR" >&2 +if test -z "$SOURCE_CONFIG_FILE"; then + SOURCE_CONFIG_FILE="$DBUS_TOP_BUILDDIR/bus/session.conf"; +fi ## create a configuration file based on the standard session.conf -cat $DBUS_TOP_BUILDDIR/bus/session.conf | \ +cat $SOURCE_CONFIG_FILE | \ sed -e 's/'$ESCAPED_SERVICE_DIR'<\/servicedir>/g' | \ sed -e 's/ $CONFIG_FILE -- cgit From 8fad15265fd0f405a67eebbece81520b47d7ba5f Mon Sep 17 00:00:00 2001 From: Tomas Hoger Date: Thu, 4 Dec 2008 15:19:13 -0500 Subject: Bug 18229 - Change system.conf to correctly deny non-reply sends by default The previous rule was actually applied to all messages, even if they weren't a reply. This meant that in fact the default DBus policy was effectively allow, rather than deny as claimed. This fix ensures that the above rule only applies to actual reply messages. Signed-off-by: Colin Walters --- bus/system.conf.in | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/bus/system.conf.in b/bus/system.conf.in index 6a71926e..ac2822fa 100644 --- a/bus/system.conf.in +++ b/bus/system.conf.in @@ -50,9 +50,19 @@ even if they aren't in here --> - - + + + + + Date: Fri, 5 Dec 2008 11:53:14 -0500 Subject: Release 1.2.6 --- configure.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.in b/configure.in index b5dbb2a0..8362a785 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ AC_PREREQ(2.52) m4_define([dbus_major_version], [1]) m4_define([dbus_minor_version], [2]) -m4_define([dbus_micro_version], [5]) +m4_define([dbus_micro_version], [6]) m4_define([dbus_version], [dbus_major_version.dbus_minor_version.dbus_micro_version]) AC_INIT(dbus, [dbus_version]) -- cgit From d899734475f09068dfa410c91e126e1442b0325e Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Tue, 9 Dec 2008 09:15:06 -0500 Subject: Bug 18229: Allow signals Our previous fix went too far towards lockdown; many things rely on signals to work, and there's no really good reason to restrict which signals can be emitted on the bus because we can't tie them to a particular sender. --- bus/system.conf.in | 2 ++ test/name-test/Makefile.am | 2 +- test/name-test/run-test-systemserver.sh | 9 +++++++ test/name-test/test-wait-for-echo.py | 41 +++++++++++++++++++++++++++++ test/name-test/tmp-session-like-system.conf | 7 +++++ 5 files changed, 60 insertions(+), 1 deletion(-) create mode 100755 test/name-test/test-wait-for-echo.py diff --git a/bus/system.conf.in b/bus/system.conf.in index ac2822fa..1b6e716a 100644 --- a/bus/system.conf.in +++ b/bus/system.conf.in @@ -50,6 +50,8 @@ even if they aren't in here --> + + diff --git a/test/name-test/Makefile.am b/test/name-test/Makefile.am index fee1e606..10a2536d 100644 --- a/test/name-test/Makefile.am +++ b/test/name-test/Makefile.am @@ -10,7 +10,7 @@ else TESTS= endif -EXTRA_DIST=run-test.sh +EXTRA_DIST=run-test.sh run-test-systemserver.sh test-wait-for-echo.py if DBUS_BUILD_TESTS diff --git a/test/name-test/run-test-systemserver.sh b/test/name-test/run-test-systemserver.sh index fd82326c..34dd6487 100755 --- a/test/name-test/run-test-systemserver.sh +++ b/test/name-test/run-test-systemserver.sh @@ -39,3 +39,12 @@ if ! grep -q 'DBus.Error' echo-error-output.tmp; then echo "=====" exit 1 fi + +echo "running test echo signal" +if ! python ./test-wait-for-echo.py; then + echo "Failed test-wait-for-echo" + exit 1 +fi + + +exit 0 diff --git a/test/name-test/test-wait-for-echo.py b/test/name-test/test-wait-for-echo.py new file mode 100755 index 00000000..bd09e459 --- /dev/null +++ b/test/name-test/test-wait-for-echo.py @@ -0,0 +1,41 @@ +#!/usr/bin/env python + +import os,sys + +try: + import gobject + import dbus + import dbus.mainloop.glib +except: + print "Failed import, aborting test" + sys.exit(0) + +dbus.mainloop.glib.DBusGMainLoop(set_as_default=True) +loop = gobject.MainLoop() + +exitcode = 0 + +def handle_noreceipt(): + print "Failed to get signal" + global exitcode + exitcode = 1 + loop.quit() + +gobject.timeout_add(7000, handle_noreceipt) + +bus = dbus.SessionBus() + +def sighandler(*args, **kwargs): + print "got signal" + loop.quit() + +bus.add_signal_receiver(sighandler, dbus_interface='org.freedesktop.TestSuite', signal_name='Foo') + +o = bus.get_object('org.freedesktop.DBus.TestSuiteEchoService', '/org/freedesktop/TestSuite') +i = dbus.Interface(o, 'org.freedesktop.TestSuite') +def nullhandler(*args, **kwargs): + pass +i.EmitFoo(reply_handler=nullhandler, error_handler=nullhandler) + +loop.run() +sys.exit(exitcode) diff --git a/test/name-test/tmp-session-like-system.conf b/test/name-test/tmp-session-like-system.conf index e483c89b..96bbf764 100644 --- a/test/name-test/tmp-session-like-system.conf +++ b/test/name-test/tmp-session-like-system.conf @@ -29,6 +29,8 @@ even if they aren't in here --> + + @@ -41,6 +43,11 @@ + + - - - - + - - - - - + + + + + + - - - - - + + + + + + + + + + diff --git a/test/name-test/tmp-session-like-system.conf b/test/name-test/tmp-session-like-system.conf index 96bbf764..b3d9caea 100644 --- a/test/name-test/tmp-session-like-system.conf +++ b/test/name-test/tmp-session-like-system.conf @@ -18,27 +18,40 @@ - - - - - + - - - - - + + + + + + - - - + + + + + + + + + + + + + + + @@ -50,16 +63,6 @@ send_member="EmitFoo"/> - - session.d - - - session-local.conf - - contexts/dbus_contexts - @DBUS_SYSTEM_PID_FILE@ + + + EXTERNAL diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c index 24a3774f..ccb84832 100644 --- a/dbus/dbus-sysdeps-unix.c +++ b/dbus/dbus-sysdeps-unix.c @@ -2780,7 +2780,6 @@ _dbus_full_duplex_pipe (int *fd1, #endif } - /** * Measure the length of the given format string and arguments, * not including the terminating nul. diff --git a/dbus/dbus-sysdeps-util-unix.c b/dbus/dbus-sysdeps-util-unix.c index 0343a90c..3f2a2330 100644 --- a/dbus/dbus-sysdeps-util-unix.c +++ b/dbus/dbus-sysdeps-util-unix.c @@ -451,6 +451,38 @@ _dbus_change_to_daemon_user (const char *user, return FALSE; } +void +_dbus_init_system_log (void) +{ + openlog ("dbus", LOG_PID, LOG_DAEMON); +} + +/** + * Log an informative message. Intended for use primarily by + * the system bus. + * + * @param msg a printf-style format string + * @param args arguments for the format string + */ +void +_dbus_log_info (const char *msg, va_list args) +{ + vsyslog (LOG_DAEMON|LOG_NOTICE, msg, args); +} + +/** + * Log a security-related message. Intended for use primarily by + * the system bus. + * + * @param msg a printf-style format string + * @param args arguments for the format string + */ +void +_dbus_log_security (const char *msg, va_list args) +{ + vsyslog (LOG_AUTH|LOG_NOTICE, msg, args); +} + /** Installs a UNIX signal handler * * @param sig the signal to handle diff --git a/dbus/dbus-sysdeps.h b/dbus/dbus-sysdeps.h index 80236f05..5f4b00e1 100644 --- a/dbus/dbus-sysdeps.h +++ b/dbus/dbus-sysdeps.h @@ -420,6 +420,10 @@ void _dbus_set_signal_handler (int sig, dbus_bool_t _dbus_user_at_console (const char *username, DBusError *error); +void _dbus_init_system_log (void); +void _dbus_log_info (const char *msg, va_list args); +void _dbus_log_security (const char *msg, va_list args); + /* Define DBUS_VA_COPY() to do the right thing for copying va_list variables. * config.h may have already defined DBUS_VA_COPY as va_copy or __va_copy. */ diff --git a/test/name-test/tmp-session-like-system.conf b/test/name-test/tmp-session-like-system.conf index 96bbf764..1cb640a2 100644 --- a/test/name-test/tmp-session-like-system.conf +++ b/test/name-test/tmp-session-like-system.conf @@ -8,9 +8,7 @@ session - - + unix:tmpdir=/tmp -- cgit From 8cbe86da9089901c574387e4032f0858e8249c79 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Fri, 12 Dec 2008 16:58:06 -0500 Subject: Add message type to security syslog entries It's part of the security check, we should have it in the log. --- bus/bus.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/bus/bus.c b/bus/bus.c index 195a6fd4..ab986b93 100644 --- a/bus/bus.c +++ b/bus/bus.c @@ -1348,11 +1348,12 @@ bus_context_check_security_policy (BusContext *context, { const char *dest; const char *msg = "Rejected send message, %d matched rules; " - "sender=\"%s\" interface=\"%s\" member=\"%s\" error name=\"%s\" destination=\"%s\")"; + "type=\"%s\", sender=\"%s\" interface=\"%s\" member=\"%s\" error name=\"%s\" destination=\"%s\")"; dest = dbus_message_get_destination (message); dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, msg, toggles, + dbus_message_type_to_string (dbus_message_get_type (message)), sender_name ? sender_name : "(unset)", dbus_message_get_interface (message) ? dbus_message_get_interface (message) : "(unset)", @@ -1364,6 +1365,7 @@ bus_context_check_security_policy (BusContext *context, /* Needs to be duplicated to avoid calling malloc and having to handle OOM */ bus_context_log_security (context, msg, toggles, + dbus_message_type_to_string (dbus_message_get_type (message)), sender_name ? sender_name : "(unset)", dbus_message_get_interface (message) ? dbus_message_get_interface (message) : "(unset)", @@ -1385,12 +1387,13 @@ bus_context_check_security_policy (BusContext *context, message, &toggles)) { const char *msg = "Rejected receive message, %d matched rules; " - "sender=\"%s\" interface=\"%s\" member=\"%s\" error name=\"%s\" destination=\"%s\" reply serial=%u requested_reply=%d)"; + "type=\"%s\" sender=\"%s\" interface=\"%s\" member=\"%s\" error name=\"%s\" destination=\"%s\" reply serial=%u requested_reply=%d)"; const char *dest; dest = dbus_message_get_destination (message); dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, msg, toggles, + dbus_message_type_to_string (dbus_message_get_type (message)), sender_name ? sender_name : "(unset)", dbus_message_get_interface (message) ? dbus_message_get_interface (message) : "(unset)", @@ -1404,6 +1407,7 @@ bus_context_check_security_policy (BusContext *context, /* Needs to be duplicated to avoid calling malloc and having to handle OOM */ bus_context_log_security (context, msg, toggles, + dbus_message_type_to_string (dbus_message_get_type (message)), sender_name ? sender_name : "(unset)", dbus_message_get_interface (message) ? dbus_message_get_interface (message) : "(unset)", -- cgit From 427ff01f9d656700b370bb905fe738e76602a842 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Tue, 16 Dec 2008 11:57:27 -0500 Subject: Add optional logging on allow rules This lets us have a backwards compatibility allow rule but still easily see when that rule is being used. --- bus/bus.c | 37 +++++++++++++++++++++++-------------- bus/config-parser.c | 5 +++++ bus/policy.c | 4 +++- bus/policy.h | 4 +++- 4 files changed, 34 insertions(+), 16 deletions(-) diff --git a/bus/bus.c b/bus/bus.c index ab986b93..b749d309 100644 --- a/bus/bus.c +++ b/bus/bus.c @@ -1160,22 +1160,25 @@ bus_context_check_security_policy (BusContext *context, DBusMessage *message, DBusError *error) { + const char *dest; BusClientPolicy *sender_policy; BusClientPolicy *recipient_policy; dbus_int32_t toggles; + dbus_bool_t log; int type; dbus_bool_t requested_reply; const char *sender_name; type = dbus_message_get_type (message); + dest = dbus_message_get_destination (message); /* dispatch.c was supposed to ensure these invariants */ - _dbus_assert (dbus_message_get_destination (message) != NULL || + _dbus_assert (dest != NULL || type == DBUS_MESSAGE_TYPE_SIGNAL || (sender == NULL && !bus_connection_is_active (proposed_recipient))); _dbus_assert (type == DBUS_MESSAGE_TYPE_SIGNAL || addressed_recipient != NULL || - strcmp (dbus_message_get_destination (message), DBUS_SERVICE_DBUS) == 0); + strcmp (dest, DBUS_SERVICE_DBUS) == 0); /* Used in logging below */ if (sender != NULL) @@ -1205,10 +1208,6 @@ bus_context_check_security_policy (BusContext *context, if (sender != NULL) { - const char *dest; - - dest = dbus_message_get_destination (message); - /* First verify the SELinux access controls. If allowed then * go on with the standard checks. */ @@ -1339,18 +1338,18 @@ bus_context_check_security_policy (BusContext *context, (proposed_recipient != NULL && sender == NULL && recipient_policy == NULL) || (proposed_recipient == NULL && recipient_policy == NULL)); + log = FALSE; if (sender_policy && !bus_client_policy_check_can_send (sender_policy, context->registry, requested_reply, proposed_recipient, - message, &toggles)) + message, &toggles, &log)) { - const char *dest; const char *msg = "Rejected send message, %d matched rules; " "type=\"%s\", sender=\"%s\" interface=\"%s\" member=\"%s\" error name=\"%s\" destination=\"%s\")"; - dest = dbus_message_get_destination (message); + dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, msg, toggles, dbus_message_type_to_string (dbus_message_get_type (message)), @@ -1378,6 +1377,21 @@ bus_context_check_security_policy (BusContext *context, return FALSE; } + if (log) + bus_context_log_security (context, + "Would reject message, %d matched rules; " + "type=\"%s\", sender=\"%s\" interface=\"%s\" member=\"%s\" error name=\"%s\" destination=\"%s\")", + toggles, + dbus_message_type_to_string (dbus_message_get_type (message)), + sender_name ? sender_name : "(unset)", + dbus_message_get_interface (message) ? + dbus_message_get_interface (message) : "(unset)", + dbus_message_get_member (message) ? + dbus_message_get_member (message) : "(unset)", + dbus_message_get_error_name (message) ? + dbus_message_get_error_name (message) : "(unset)", + dest ? dest : DBUS_SERVICE_DBUS); + if (recipient_policy && !bus_client_policy_check_can_receive (recipient_policy, context->registry, @@ -1388,9 +1402,7 @@ bus_context_check_security_policy (BusContext *context, { const char *msg = "Rejected receive message, %d matched rules; " "type=\"%s\" sender=\"%s\" interface=\"%s\" member=\"%s\" error name=\"%s\" destination=\"%s\" reply serial=%u requested_reply=%d)"; - const char *dest; - dest = dbus_message_get_destination (message); dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, msg, toggles, dbus_message_type_to_string (dbus_message_get_type (message)), @@ -1427,9 +1439,6 @@ bus_context_check_security_policy (BusContext *context, dbus_connection_get_outgoing_size (proposed_recipient) > context->limits.max_outgoing_bytes) { - const char *dest; - - dest = dbus_message_get_destination (message); dbus_set_error (error, DBUS_ERROR_LIMITS_EXCEEDED, "The destination service \"%s\" has a full message queue", dest ? dest : (proposed_recipient ? diff --git a/bus/config-parser.c b/bus/config-parser.c index f4d7c501..a8de3ff3 100644 --- a/bus/config-parser.c +++ b/bus/config-parser.c @@ -1090,6 +1090,7 @@ append_rule_from_element (BusConfigParser *parser, dbus_bool_t allow, DBusError *error) { + const char *log; const char *send_interface; const char *send_member; const char *send_error; @@ -1133,6 +1134,7 @@ append_rule_from_element (BusConfigParser *parser, "own", &own, "user", &user, "group", &group, + "log", &log, NULL)) return FALSE; @@ -1337,6 +1339,9 @@ append_rule_from_element (BusConfigParser *parser, if (eavesdrop) rule->d.send.eavesdrop = (strcmp (eavesdrop, "true") == 0); + if (log) + rule->d.send.log = (strcmp (log, "true") == 0); + if (send_requested_reply) rule->d.send.requested_reply = (strcmp (send_requested_reply, "true") == 0); diff --git a/bus/policy.c b/bus/policy.c index 2c1a3541..ef31800f 100644 --- a/bus/policy.c +++ b/bus/policy.c @@ -867,7 +867,8 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, dbus_bool_t requested_reply, DBusConnection *receiver, DBusMessage *message, - dbus_int32_t *toggles) + dbus_int32_t *toggles, + dbus_bool_t *log) { DBusList *link; dbus_bool_t allowed; @@ -1028,6 +1029,7 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, /* Use this rule */ allowed = rule->allow; + *log = rule->d.send.log; (*toggles)++; _dbus_verbose (" (policy) used rule, allow now = %d\n", diff --git a/bus/policy.h b/bus/policy.h index 91fde99f..a75e0dd9 100644 --- a/bus/policy.h +++ b/bus/policy.h @@ -65,6 +65,7 @@ struct BusPolicyRule char *destination; unsigned int eavesdrop : 1; unsigned int requested_reply : 1; + unsigned int log : 1; } send; struct @@ -142,7 +143,8 @@ dbus_bool_t bus_client_policy_check_can_send (BusClientPolicy *policy, dbus_bool_t requested_reply, DBusConnection *receiver, DBusMessage *message, - dbus_int32_t *toggles); + dbus_int32_t *toggles, + dbus_bool_t *log); dbus_bool_t bus_client_policy_check_can_receive (BusClientPolicy *policy, BusRegistry *registry, dbus_bool_t requested_reply, -- cgit From 9a1657e8e1c0106bb5f1411fe9ea3c4ef6ec826f Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Wed, 17 Dec 2008 16:01:28 -0500 Subject: Add uid, pid, and command to security logs Extend the current security logs with even more relevant information than just the message content. This requires some utility code to look up and cache (as a string) the data such as the uid/pid/command when a connection is authenticated. --- bus/bus.c | 42 ++++++++++++----- bus/connection.c | 105 ++++++++++++++++++++++++++++++++++++++---- bus/connection.h | 1 + dbus/dbus-sysdeps-util-unix.c | 96 ++++++++++++++++++++++++++++++++++++++ dbus/dbus-sysdeps.h | 5 ++ 5 files changed, 228 insertions(+), 21 deletions(-) diff --git a/bus/bus.c b/bus/bus.c index b749d309..db3556fa 100644 --- a/bus/bus.c +++ b/bus/bus.c @@ -1168,6 +1168,8 @@ bus_context_check_security_policy (BusContext *context, int type; dbus_bool_t requested_reply; const char *sender_name; + const char *sender_loginfo; + const char *proposed_recipient_loginfo; type = dbus_message_get_type (message); dest = dbus_message_get_destination (message); @@ -1182,9 +1184,20 @@ bus_context_check_security_policy (BusContext *context, /* Used in logging below */ if (sender != NULL) - sender_name = bus_connection_get_name (sender); + { + sender_name = bus_connection_get_name (sender); + sender_loginfo = bus_connection_get_loginfo (sender); + } + else + { + sender_name = NULL; + sender_loginfo = "(bus)"; + } + + if (proposed_recipient != NULL) + proposed_recipient_loginfo = bus_connection_get_loginfo (proposed_recipient); else - sender_name = NULL; + proposed_recipient_loginfo = "bus"; switch (type) { @@ -1347,32 +1360,35 @@ bus_context_check_security_policy (BusContext *context, message, &toggles, &log)) { const char *msg = "Rejected send message, %d matched rules; " - "type=\"%s\", sender=\"%s\" interface=\"%s\" member=\"%s\" error name=\"%s\" destination=\"%s\")"; - + "type=\"%s\", sender=\"%s\" (%s) interface=\"%s\" member=\"%s\" error name=\"%s\" destination=\"%s\" (%s))"; dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, msg, toggles, dbus_message_type_to_string (dbus_message_get_type (message)), sender_name ? sender_name : "(unset)", + sender_loginfo, dbus_message_get_interface (message) ? dbus_message_get_interface (message) : "(unset)", dbus_message_get_member (message) ? dbus_message_get_member (message) : "(unset)", dbus_message_get_error_name (message) ? dbus_message_get_error_name (message) : "(unset)", - dest ? dest : DBUS_SERVICE_DBUS); + dest ? dest : DBUS_SERVICE_DBUS, + proposed_recipient_loginfo); /* Needs to be duplicated to avoid calling malloc and having to handle OOM */ bus_context_log_security (context, msg, toggles, dbus_message_type_to_string (dbus_message_get_type (message)), sender_name ? sender_name : "(unset)", + sender_loginfo, dbus_message_get_interface (message) ? dbus_message_get_interface (message) : "(unset)", dbus_message_get_member (message) ? dbus_message_get_member (message) : "(unset)", dbus_message_get_error_name (message) ? dbus_message_get_error_name (message) : "(unset)", - dest ? dest : DBUS_SERVICE_DBUS); + dest ? dest : DBUS_SERVICE_DBUS, + proposed_recipient_loginfo); _dbus_verbose ("security policy disallowing message due to sender policy\n"); return FALSE; } @@ -1401,35 +1417,39 @@ bus_context_check_security_policy (BusContext *context, message, &toggles)) { const char *msg = "Rejected receive message, %d matched rules; " - "type=\"%s\" sender=\"%s\" interface=\"%s\" member=\"%s\" error name=\"%s\" destination=\"%s\" reply serial=%u requested_reply=%d)"; + "type=\"%s\" sender=\"%s\" (%s) interface=\"%s\" member=\"%s\" error name=\"%s\" reply serial=%u requested_reply=%d destination=\"%s\" (%s))"; dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, msg, toggles, dbus_message_type_to_string (dbus_message_get_type (message)), sender_name ? sender_name : "(unset)", + sender_loginfo, dbus_message_get_interface (message) ? dbus_message_get_interface (message) : "(unset)", dbus_message_get_member (message) ? dbus_message_get_member (message) : "(unset)", dbus_message_get_error_name (message) ? dbus_message_get_error_name (message) : "(unset)", - dest ? dest : DBUS_SERVICE_DBUS, dbus_message_get_reply_serial (message), - requested_reply); + requested_reply, + dest ? dest : DBUS_SERVICE_DBUS, + proposed_recipient_loginfo); /* Needs to be duplicated to avoid calling malloc and having to handle OOM */ bus_context_log_security (context, msg, toggles, dbus_message_type_to_string (dbus_message_get_type (message)), sender_name ? sender_name : "(unset)", + sender_loginfo, dbus_message_get_interface (message) ? dbus_message_get_interface (message) : "(unset)", dbus_message_get_member (message) ? dbus_message_get_member (message) : "(unset)", dbus_message_get_error_name (message) ? dbus_message_get_error_name (message) : "(unset)", - dest ? dest : DBUS_SERVICE_DBUS, dbus_message_get_reply_serial (message), - requested_reply); + requested_reply, + dest ? dest : DBUS_SERVICE_DBUS, + proposed_recipient_loginfo); _dbus_verbose ("security policy disallowing message due to recipient policy\n"); return FALSE; } diff --git a/bus/connection.c b/bus/connection.c index ed1b1391..ab99fa5f 100644 --- a/bus/connection.c +++ b/bus/connection.c @@ -32,6 +32,9 @@ #include #include +/* Trim executed commands to this length; we want to keep logs readable */ +#define MAX_LOG_COMMAND_LEN 50 + static void bus_connection_remove_transactions (DBusConnection *connection); typedef struct @@ -76,6 +79,7 @@ typedef struct DBusPreallocatedSend *oom_preallocated; BusClientPolicy *policy; + char *cached_loginfo_string; BusSELinuxID *selinux_id; long connection_tv_sec; /**< Time when we connected (seconds component) */ @@ -406,6 +410,8 @@ free_connection_data (void *data) if (d->selinux_id) bus_selinux_id_unref (d->selinux_id); + dbus_free (d->cached_loginfo_string); + dbus_free (d->name); dbus_free (d); @@ -537,13 +543,73 @@ bus_connections_unref (BusConnections *connections) } } +/* Used for logging */ +static dbus_bool_t +cache_peer_loginfo_string (BusConnectionData *d, + DBusConnection *connection) +{ + DBusString loginfo_buf; + unsigned long uid; + unsigned long pid; + char *windows_sid; + dbus_bool_t prev_added; + + if (!_dbus_string_init (&loginfo_buf)) + return FALSE; + + prev_added = FALSE; + if (dbus_connection_get_unix_user (connection, &uid)) + { + if (!_dbus_string_append_printf (&loginfo_buf, "uid=%ld", uid)) + goto oom; + else + prev_added = TRUE; + } + + if (dbus_connection_get_unix_process_id (connection, &pid)) + { + if (prev_added) + { + if (!_dbus_string_append_byte (&loginfo_buf, ' ')) + goto oom; + } + if (!_dbus_string_append_printf (&loginfo_buf, "pid=%ld comm=\"", pid)) + goto oom; + /* Ignore errors here */ + if (_dbus_command_for_pid (pid, &loginfo_buf, MAX_LOG_COMMAND_LEN, NULL)) + { + if (!_dbus_string_append_byte (&loginfo_buf, '"')) + goto oom; + } + } + + if (dbus_connection_get_windows_user (connection, &windows_sid)) + { + if (!_dbus_string_append_printf (&loginfo_buf, "sid=\"%s\" ", windows_sid)) + goto oom; + dbus_free (windows_sid); + } + + if (!_dbus_string_steal_data (&loginfo_buf, &(d->cached_loginfo_string))) + goto oom; + + _dbus_string_free (&loginfo_buf); + + return TRUE; +oom: + _dbus_string_free (&loginfo_buf); + return FALSE; +} + dbus_bool_t bus_connections_setup_connection (BusConnections *connections, DBusConnection *connection) { + BusConnectionData *d; dbus_bool_t retval; DBusError error; + d = dbus_new0 (BusConnectionData, 1); @@ -583,7 +649,7 @@ bus_connections_setup_connection (BusConnections *connections, dbus_error_free (&error); goto out; } - + if (!dbus_connection_set_watch_functions (connection, add_connection_watch, remove_connection_watch, @@ -842,6 +908,18 @@ bus_connection_is_in_unix_group (DBusConnection *connection, return FALSE; } +const char * +bus_connection_get_loginfo (DBusConnection *connection) +{ + BusConnectionData *d; + + d = BUS_CONNECTION_DATA (connection); + + if (!bus_connection_is_active (connection)) + return "inactive"; + return d->cached_loginfo_string; +} + BusClientPolicy* bus_connection_get_policy (DBusConnection *connection) { @@ -1302,16 +1380,15 @@ bus_connection_complete (DBusConnection *connection, { if (!adjust_connections_for_uid (d->connections, uid, 1)) - { - BUS_SET_OOM (error); - dbus_free (d->name); - d->name = NULL; - bus_client_policy_unref (d->policy); - d->policy = NULL; - return FALSE; - } + goto fail; } - + + /* Create and cache a string which holds information about the + * peer process; used for logging purposes. + */ + if (!cache_peer_loginfo_string (d, connection)) + goto fail; + /* Now the connection is active, move it between lists */ _dbus_list_unlink (&d->connections->incomplete, d->link_in_connection_list); @@ -1329,6 +1406,14 @@ bus_connection_complete (DBusConnection *connection, _dbus_assert (bus_connection_is_active (connection)); return TRUE; +fail: + BUS_SET_OOM (error); + dbus_free (d->name); + d->name = NULL; + if (d->policy) + bus_client_policy_unref (d->policy); + d->policy = NULL; + return FALSE; } const char * diff --git a/bus/connection.h b/bus/connection.h index 5099bcf9..4f352169 100644 --- a/bus/connection.h +++ b/bus/connection.h @@ -50,6 +50,7 @@ BusConnections* bus_connection_get_connections (DBusConnection BusRegistry* bus_connection_get_registry (DBusConnection *connection); BusActivation* bus_connection_get_activation (DBusConnection *connection); BusMatchmaker* bus_connection_get_matchmaker (DBusConnection *connection); +const char * bus_connection_get_loginfo (DBusConnection *connection); BusSELinuxID* bus_connection_get_selinux_id (DBusConnection *connection); dbus_bool_t bus_connections_check_limits (BusConnections *connections, DBusConnection *requesting_completion, diff --git a/dbus/dbus-sysdeps-util-unix.c b/dbus/dbus-sysdeps-util-unix.c index 3f2a2330..6ca662b2 100644 --- a/dbus/dbus-sysdeps-util-unix.c +++ b/dbus/dbus-sysdeps-util-unix.c @@ -1132,3 +1132,99 @@ _dbus_string_get_dirname (const DBusString *filename, } /** @} */ /* DBusString stuff */ +static void +string_squash_nonprintable (DBusString *str) +{ + char *buf; + int i, len; + + buf = _dbus_string_get_data (str); + len = _dbus_string_get_length (str); + + for (i = 0; i < len; i++) + if (buf[i] == '\0') + buf[i] = ' '; + else if (buf[i] < 0x20 || buf[i] > 127) + buf[i] = '?'; +} + +/** + * Get a printable string describing the command used to execute + * the process with pid. This string should only be used for + * informative purposes such as logging; it may not be trusted. + * + * The command is guaranteed to be printable ASCII and no longer + * than max_len. + * + * @param pid Process id + * @param str Append command to this string + * @param max_len Maximum length of returned command + * @param error return location for errors + * @returns #FALSE on error + */ +dbus_bool_t +_dbus_command_for_pid (unsigned long pid, + DBusString *str, + int max_len, + DBusError *error) +{ + /* This is all Linux-specific for now */ + DBusString path; + DBusString cmdline; + int fd; + + if (!_dbus_string_init (&path)) + { + _DBUS_SET_OOM (error); + return FALSE; + } + + if (!_dbus_string_init (&cmdline)) + { + _DBUS_SET_OOM (error); + _dbus_string_free (&path); + return FALSE; + } + + if (!_dbus_string_append_printf (&path, "/proc/%ld/cmdline", pid)) + goto oom; + + fd = open (_dbus_string_get_const_data (&path), O_RDONLY); + if (fd < 0) + { + dbus_set_error (error, + _dbus_error_from_errno (errno), + "Failed to open \"%s\": %s", + _dbus_string_get_const_data (&path), + _dbus_strerror (errno)); + goto fail; + } + + if (!_dbus_read (fd, &cmdline, max_len)) + { + dbus_set_error (error, + _dbus_error_from_errno (errno), + "Failed to read from \"%s\": %s", + _dbus_string_get_const_data (&path), + _dbus_strerror (errno)); + goto fail; + } + + if (!_dbus_close (fd, error)) + goto fail; + + string_squash_nonprintable (&cmdline); + + if (!_dbus_string_copy (&cmdline, 0, str, _dbus_string_get_length (str))) + goto oom; + + _dbus_string_free (&cmdline); + _dbus_string_free (&path); + return TRUE; +oom: + _DBUS_SET_OOM (error); +fail: + _dbus_string_free (&cmdline); + _dbus_string_free (&path); + return FALSE; +} \ No newline at end of file diff --git a/dbus/dbus-sysdeps.h b/dbus/dbus-sysdeps.h index 5f4b00e1..2662b270 100644 --- a/dbus/dbus-sysdeps.h +++ b/dbus/dbus-sysdeps.h @@ -411,6 +411,11 @@ dbus_bool_t _dbus_write_pid_to_file_and_pipe (const DBusString *pidfile, dbus_pid_t pid_to_write, DBusError *error); +dbus_bool_t _dbus_command_for_pid (unsigned long pid, + DBusString *str, + int max_len, + DBusError *error); + /** A UNIX signal handler */ typedef void (* DBusSignalHandler) (int sig); -- cgit From 788e592b32c71c3570fe9034cf3041acadc83f9d Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Wed, 17 Dec 2008 19:29:39 -0500 Subject: Add requested_reply to send denials, and connection loginfo to "would deny" The requested_reply field is necessary in send denials too because it's used in the policy language. The connection loginfo lack in "would deny" was just an oversight. --- bus/bus.c | 69 +++++++++++++++++++++++++++++++++++---------------------------- 1 file changed, 38 insertions(+), 31 deletions(-) diff --git a/bus/bus.c b/bus/bus.c index db3556fa..e38d4a23 100644 --- a/bus/bus.c +++ b/bus/bus.c @@ -1360,7 +1360,7 @@ bus_context_check_security_policy (BusContext *context, message, &toggles, &log)) { const char *msg = "Rejected send message, %d matched rules; " - "type=\"%s\", sender=\"%s\" (%s) interface=\"%s\" member=\"%s\" error name=\"%s\" destination=\"%s\" (%s))"; + "type=\"%s\", sender=\"%s\" (%s) interface=\"%s\" member=\"%s\" error name=\"%s\" requested_reply=%d destination=\"%s\" (%s))"; dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, msg, toggles, @@ -1373,22 +1373,25 @@ bus_context_check_security_policy (BusContext *context, dbus_message_get_member (message) : "(unset)", dbus_message_get_error_name (message) ? dbus_message_get_error_name (message) : "(unset)", + requested_reply, dest ? dest : DBUS_SERVICE_DBUS, proposed_recipient_loginfo); /* Needs to be duplicated to avoid calling malloc and having to handle OOM */ - bus_context_log_security (context, msg, - toggles, - dbus_message_type_to_string (dbus_message_get_type (message)), - sender_name ? sender_name : "(unset)", - sender_loginfo, - dbus_message_get_interface (message) ? - dbus_message_get_interface (message) : "(unset)", - dbus_message_get_member (message) ? - dbus_message_get_member (message) : "(unset)", - dbus_message_get_error_name (message) ? - dbus_message_get_error_name (message) : "(unset)", - dest ? dest : DBUS_SERVICE_DBUS, - proposed_recipient_loginfo); + if (addressed_recipient == proposed_recipient) + bus_context_log_security (context, msg, + toggles, + dbus_message_type_to_string (dbus_message_get_type (message)), + sender_name ? sender_name : "(unset)", + sender_loginfo, + dbus_message_get_interface (message) ? + dbus_message_get_interface (message) : "(unset)", + dbus_message_get_member (message) ? + dbus_message_get_member (message) : "(unset)", + dbus_message_get_error_name (message) ? + dbus_message_get_error_name (message) : "(unset)", + requested_reply, + dest ? dest : DBUS_SERVICE_DBUS, + proposed_recipient_loginfo); _dbus_verbose ("security policy disallowing message due to sender policy\n"); return FALSE; } @@ -1396,17 +1399,20 @@ bus_context_check_security_policy (BusContext *context, if (log) bus_context_log_security (context, "Would reject message, %d matched rules; " - "type=\"%s\", sender=\"%s\" interface=\"%s\" member=\"%s\" error name=\"%s\" destination=\"%s\")", + "type=\"%s\", sender=\"%s\" (%s) interface=\"%s\" member=\"%s\" error name=\"%s\" requested_reply=%d destination=\"%s\" (%s))", toggles, dbus_message_type_to_string (dbus_message_get_type (message)), sender_name ? sender_name : "(unset)", + sender_loginfo, dbus_message_get_interface (message) ? dbus_message_get_interface (message) : "(unset)", dbus_message_get_member (message) ? dbus_message_get_member (message) : "(unset)", dbus_message_get_error_name (message) ? dbus_message_get_error_name (message) : "(unset)", - dest ? dest : DBUS_SERVICE_DBUS); + requested_reply, + dest ? dest : DBUS_SERVICE_DBUS, + proposed_recipient_loginfo); if (recipient_policy && !bus_client_policy_check_can_receive (recipient_policy, @@ -1435,21 +1441,22 @@ bus_context_check_security_policy (BusContext *context, dest ? dest : DBUS_SERVICE_DBUS, proposed_recipient_loginfo); /* Needs to be duplicated to avoid calling malloc and having to handle OOM */ - bus_context_log_security (context, msg, - toggles, - dbus_message_type_to_string (dbus_message_get_type (message)), - sender_name ? sender_name : "(unset)", - sender_loginfo, - dbus_message_get_interface (message) ? - dbus_message_get_interface (message) : "(unset)", - dbus_message_get_member (message) ? - dbus_message_get_member (message) : "(unset)", - dbus_message_get_error_name (message) ? - dbus_message_get_error_name (message) : "(unset)", - dbus_message_get_reply_serial (message), - requested_reply, - dest ? dest : DBUS_SERVICE_DBUS, - proposed_recipient_loginfo); + if (addressed_recipient == proposed_recipient) + bus_context_log_security (context, msg, + toggles, + dbus_message_type_to_string (dbus_message_get_type (message)), + sender_name ? sender_name : "(unset)", + sender_loginfo, + dbus_message_get_interface (message) ? + dbus_message_get_interface (message) : "(unset)", + dbus_message_get_member (message) ? + dbus_message_get_member (message) : "(unset)", + dbus_message_get_error_name (message) ? + dbus_message_get_error_name (message) : "(unset)", + dbus_message_get_reply_serial (message), + requested_reply, + dest ? dest : DBUS_SERVICE_DBUS, + proposed_recipient_loginfo); _dbus_verbose ("security policy disallowing message due to recipient policy\n"); return FALSE; } -- cgit From 427a7be51f43759146ecedb9d79a14e14ea16659 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Fri, 19 Dec 2008 15:17:24 -0500 Subject: Release 1.2.10 --- configure.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.in b/configure.in index af166cba..06af6b7c 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ AC_PREREQ(2.52) m4_define([dbus_major_version], [1]) m4_define([dbus_minor_version], [2]) -m4_define([dbus_micro_version], [9]) +m4_define([dbus_micro_version], [10]) m4_define([dbus_version], [dbus_major_version.dbus_minor_version.dbus_micro_version]) AC_INIT(dbus, [dbus_version]) -- cgit From eb1ba381f62ae0defc9b0cfaa3a228f2c6a3d623 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Fri, 19 Dec 2008 15:17:49 -0500 Subject: Bump for unstable cycle --- configure.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.in b/configure.in index 06af6b7c..54025b36 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ AC_PREREQ(2.52) m4_define([dbus_major_version], [1]) m4_define([dbus_minor_version], [2]) -m4_define([dbus_micro_version], [10]) +m4_define([dbus_micro_version], [11]) m4_define([dbus_version], [dbus_major_version.dbus_minor_version.dbus_micro_version]) AC_INIT(dbus, [dbus_version]) -- cgit From 4e4f0de8cc8c3127641013fd833349dab34b676b Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Fri, 19 Dec 2008 18:54:59 -0500 Subject: Various compiler warning fixes --- bus/config-parser.h | 1 + bus/driver.c | 2 +- dbus/dbus-marshal-basic.c | 2 +- dbus/dbus-spawn.c | 4 ++-- dbus/dbus-sysdeps-util-unix.c | 1 + dbus/dbus-sysdeps.c | 4 ++-- 6 files changed, 8 insertions(+), 6 deletions(-) diff --git a/bus/config-parser.h b/bus/config-parser.h index fcc5f5dc..b951d1d2 100644 --- a/bus/config-parser.h +++ b/bus/config-parser.h @@ -65,6 +65,7 @@ const char* bus_config_parser_get_type (BusConfigParser *parser); DBusList** bus_config_parser_get_addresses (BusConfigParser *parser); DBusList** bus_config_parser_get_mechanisms (BusConfigParser *parser); dbus_bool_t bus_config_parser_get_fork (BusConfigParser *parser); +dbus_bool_t bus_config_parser_get_allow_anonymous (BusConfigParser *parser); dbus_bool_t bus_config_parser_get_syslog (BusConfigParser *parser); const char* bus_config_parser_get_pidfile (BusConfigParser *parser); const char* bus_config_parser_get_servicehelper (BusConfigParser *parser); diff --git a/bus/driver.c b/bus/driver.c index 05ecd56c..c97bff5d 100644 --- a/bus/driver.c +++ b/bus/driver.c @@ -1411,7 +1411,7 @@ bus_driver_handle_get_adt_audit_session_data (DBusConnection *connection, BusService *serv; DBusConnection *conn; DBusMessage *reply; - char *data = NULL; + void *data = NULL; dbus_uint32_t data_size; _DBUS_ASSERT_ERROR_IS_CLEAR (error); diff --git a/dbus/dbus-marshal-basic.c b/dbus/dbus-marshal-basic.c index 0a33ff15..724d94b8 100644 --- a/dbus/dbus-marshal-basic.c +++ b/dbus/dbus-marshal-basic.c @@ -1333,7 +1333,7 @@ _dbus_verbose_bytes (const unsigned char *data, if (aligned != data) { - _dbus_verbose ("%4d\t%p: ", - (data - aligned), aligned); + _dbus_verbose ("%4ld\t%p: ", - (long)(data - aligned), aligned); while (aligned != data) { _dbus_verbose (" "); diff --git a/dbus/dbus-spawn.c b/dbus/dbus-spawn.c index 35ccba6c..f4e3b587 100644 --- a/dbus/dbus-spawn.c +++ b/dbus/dbus-spawn.c @@ -36,6 +36,8 @@ #include #endif +extern char **environ; + /** * @addtogroup DBusInternalsUtils * @{ @@ -914,8 +916,6 @@ do_exec (int child_err_report_fd, if (envp == NULL) { - extern char **environ; - _dbus_assert (environ != NULL); envp = environ; diff --git a/dbus/dbus-sysdeps-util-unix.c b/dbus/dbus-sysdeps-util-unix.c index 6ca662b2..be7bc968 100644 --- a/dbus/dbus-sysdeps-util-unix.c +++ b/dbus/dbus-sysdeps-util-unix.c @@ -43,6 +43,7 @@ #include #include #include +#include #ifdef HAVE_LIBAUDIT #include #include diff --git a/dbus/dbus-sysdeps.c b/dbus/dbus-sysdeps.c index d740f875..00a1a3de 100644 --- a/dbus/dbus-sysdeps.c +++ b/dbus/dbus-sysdeps.c @@ -51,6 +51,8 @@ _DBUS_DEFINE_GLOBAL_LOCK (win_fds); _DBUS_DEFINE_GLOBAL_LOCK (sid_atom_cache); _DBUS_DEFINE_GLOBAL_LOCK (system_users); +extern char **environ; + /** * @defgroup DBusSysdeps Internal system-dependent API * @ingroup DBusInternals @@ -191,7 +193,6 @@ _dbus_clearenv (void) if (clearenv () != 0) rc = FALSE; #else - extern char **environ; if (environ != NULL) environ[0] = NULL; @@ -210,7 +211,6 @@ char ** _dbus_get_environment (void) { int i, length; - extern char **environ; char **environment; _dbus_assert (environ != NULL); -- cgit From 6413acafefb307021d91ddaf21c4b0489ebf3bff Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Fri, 19 Dec 2008 20:02:14 -0500 Subject: Enable -Werror by default with --enable-maintainer-mode, and change warnings Important compiler warnings were being lost in the noise from warnings we know about but aren't problems, and moreover made using -Werror difficult. Now we expect *all* developers and testers to be using -Werror. --- configure.in | 48 ++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 42 insertions(+), 6 deletions(-) diff --git a/configure.in b/configure.in index 54025b36..b649f5ef 100644 --- a/configure.in +++ b/configure.in @@ -175,6 +175,12 @@ ld_supports_flag() { fi } +if test x$USE_MAINTAINER_MODE = xyes; then + if cc_supports_flag "-Werror"; then + CFLAGS="$CFLAGS -Werror" + fi +fi + if test "x$GCC" = "xyes"; then changequote(,)dnl case " $CFLAGS " in @@ -220,11 +226,6 @@ if test "x$GCC" = "xyes"; then ;; esac - case " $CFLAGS " in - *[\ \ ]-Wsign-compare[\ \ ]*) ;; - *) CFLAGS="$CFLAGS -Wsign-compare" ;; - esac - case " $CFLAGS " in *[\ \ ]-Wdeclaration-after-statement[\ \ ]*) ;; *) if cc_supports_flag -Wdeclaration-after-statement; then @@ -264,6 +265,41 @@ if test "x$GCC" = "xyes"; then fi ;; esac + + ### Disabled warnings, and compiler flag overrides + + # Let's just ignore unused for now + case " $CFLAGS " in + *[\ \ ]-Wno-unused[\ \ ]*) ;; + *) CFLAGS="$CFLAGS -Wno-unused" ;; + esac + + # This group is for warnings we currently don't pass. + # We would like to, however. Please fix. + + # http://bugs.freedesktop.org/show_bug.cgi?id=17433 + case " $CFLAGS " in + *[\ \ ]-Wno-sign-compare[\ \ ]*) ;; + *) CFLAGS="$CFLAGS -Wno-sign-compare" ;; + esac + case " $CFLAGS " in + *[\ \ ]-Wno-pointer-sign[\ \ ]*) ;; + *) CFLAGS="$CFLAGS -Wno-pointer-sign" ;; + esac + + # http://bugs.freedesktop.org/show_bug.cgi?id=19195 + case " $CFLAGS " in + *[\ \ ]-Wno-format[\ \ ]*) ;; + *) CFLAGS="$CFLAGS -Wno-format" ;; + esac + + # This one is special - it's not a warning override. + # http://bugs.freedesktop.org/show_bug.cgi?id=10599 + case " $CFLAGS " in + *[\ \ ]-fno-strict-aliasing[\ \ ]*) ;; + *) CFLAGS="$CFLAGS -fno-strict-aliasing" ;; + esac + ### End disabled warnings if test "x$enable_ansi" = "xyes"; then case " $CFLAGS " in @@ -284,7 +320,7 @@ if test "x$GCC" = "xyes"; then case " $CFLAGS " in *[\ \ ]-pedantic[\ \ ]*) ;; *) CFLAGS="$CFLAGS -pedantic" ;; - esac + esac fi if test x$enable_gcov = xyes; then case " $CFLAGS " in -- cgit From eebad8668d2b56a4b9a269f65513592eb1882b68 Mon Sep 17 00:00:00 2001 From: Peter Breitenlohner Date: Tue, 6 Jan 2009 16:48:39 -0500 Subject: Avoid possible use of uninitialized variable Signed-off-by: Colin Walters --- bus/activation.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bus/activation.c b/bus/activation.c index 18630958..a273c4ad 100644 --- a/bus/activation.c +++ b/bus/activation.c @@ -679,7 +679,7 @@ populate_environment (BusActivation *activation) DBusString value; int i; char **environment; - dbus_bool_t retval; + dbus_bool_t retval = FALSE; environment = _dbus_get_environment (); -- cgit From 9928648f16afd45078fb93116b6529a7dcca80dc Mon Sep 17 00:00:00 2001 From: "Diego E. 'Flameeyes' Pettenò" Date: Sun, 4 Jan 2009 01:16:50 +0100 Subject: Fix cross-compiling with autotools. The AC_CANONICAL_TARGET macro and the $target_os variables are used for the target of compilers and other code-generation tools, and should not be used during cross-compile of generic software. Replace them with AC_CANONICAL_HOST and $host_os instead, as they should have been from the start. For a breakdown of what host, build and target machines are, please see http://blog.flameeyes.eu/s/canonical-target . --- configure.in | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/configure.in b/configure.in index b649f5ef..f429ce6f 100644 --- a/configure.in +++ b/configure.in @@ -8,7 +8,7 @@ m4_define([dbus_version], [dbus_major_version.dbus_minor_version.dbus_micro_version]) AC_INIT(dbus, [dbus_version]) -AC_CANONICAL_TARGET +AC_CANONICAL_HOST AM_INIT_AUTOMAKE([1.9 tar-ustar]) AM_CONFIG_HEADER(config.h) @@ -357,7 +357,7 @@ AC_MSG_RESULT($ac_gcsections) # Add -D_POSIX_PTHREAD_SEMANTICS if on Solaris # -case $target_os in +case $host_os in solaris*) CFLAGS="$CFLAGS -D_POSIX_PTHREAD_SEMANTICS" ;; esac @@ -993,7 +993,7 @@ AM_CONDITIONAL(DBUS_BUS_ENABLE_INOTIFY, test x$have_inotify = xyes) if test x$enable_dnotify = xno ; then have_dnotify=no; else - if test x$have_inotify = xno -a x$target_os = xlinux-gnu -o x$target_os = xlinux; then + if test x$have_inotify = xno -a x$host_os = xlinux-gnu -o x$host_os = xlinux; then have_dnotify=yes; else have_dnotify=no; @@ -1031,7 +1031,7 @@ dnl console owner file if test x$enable_console_owner_file = xno ; then have_console_owner_file=no; else - case $target_os in + case $host_os in solaris*) have_console_owner_file=yes; AC_DEFINE(HAVE_CONSOLE_OWNER_FILE,1,[Have console owner file]) -- cgit From 6663d1dd35f94717209cd6fca86045bca853ef79 Mon Sep 17 00:00:00 2001 From: Matt McCutchen Date: Mon, 10 Nov 2008 08:55:27 -0500 Subject: Bug 18446: Keep umask for session bus Signed-off-by: Colin Walters --- bus/bus.c | 5 ++++- bus/config-parser-common.c | 8 +++++++- bus/config-parser-common.h | 3 ++- bus/config-parser.c | 32 +++++++++++++++++++++++++++++++- bus/config-parser.h | 1 + bus/dbus-daemon.1.in | 7 +++++++ bus/session.conf.in | 4 ++++ dbus/dbus-sysdeps-util-unix.c | 13 +++++++++---- dbus/dbus-sysdeps-util-win.c | 4 +++- dbus/dbus-sysdeps.h | 3 ++- doc/busconfig.dtd | 2 ++ 11 files changed, 72 insertions(+), 10 deletions(-) diff --git a/bus/bus.c b/bus/bus.c index e38d4a23..f5b6e7ec 100644 --- a/bus/bus.c +++ b/bus/bus.c @@ -55,6 +55,7 @@ struct BusContext BusLimits limits; unsigned int fork : 1; unsigned int syslog : 1; + unsigned int keep_umask : 1; }; static dbus_int32_t server_data_slot = -1; @@ -386,6 +387,7 @@ process_config_first_time_only (BusContext *context, context->fork = bus_config_parser_get_fork (parser); context->syslog = bus_config_parser_get_syslog (parser); + context->keep_umask = bus_config_parser_get_keep_umask (parser); _DBUS_ASSERT_ERROR_IS_CLEAR (error); retval = TRUE; @@ -710,7 +712,8 @@ bus_context_new (const DBusString *config_file, if (!_dbus_become_daemon (context->pidfile ? &u : NULL, print_pid_pipe, - error)) + error, + context->keep_umask)) { _DBUS_ASSERT_ERROR_IS_SET (error); goto failed; diff --git a/bus/config-parser-common.c b/bus/config-parser-common.c index ce590861..88e099ac 100644 --- a/bus/config-parser-common.c +++ b/bus/config-parser-common.c @@ -118,6 +118,10 @@ bus_config_parser_element_name_to_type (const char *name) { return ELEMENT_SYSLOG; } + else if (strcmp (name, "keep_umask") == 0) + { + return ELEMENT_KEEP_UMASK; + } return ELEMENT_NONE; } @@ -168,7 +172,9 @@ bus_config_parser_element_type_to_name (ElementType type) return "associate"; case ELEMENT_SYSLOG: return "syslog"; - } + case ELEMENT_KEEP_UMASK: + return "keep_umask"; + } _dbus_assert_not_reached ("bad element type"); diff --git a/bus/config-parser-common.h b/bus/config-parser-common.h index 4ecaa8d8..ae40d089 100644 --- a/bus/config-parser-common.h +++ b/bus/config-parser-common.h @@ -48,7 +48,8 @@ typedef enum ELEMENT_ASSOCIATE, ELEMENT_STANDARD_SESSION_SERVICEDIRS, ELEMENT_STANDARD_SYSTEM_SERVICEDIRS, - ELEMENT_SYSLOG + ELEMENT_SYSLOG, + ELEMENT_KEEP_UMASK } ElementType; ElementType bus_config_parser_element_name_to_type (const char *element_name); diff --git a/bus/config-parser.c b/bus/config-parser.c index a8de3ff3..38ce8a1d 100644 --- a/bus/config-parser.c +++ b/bus/config-parser.c @@ -112,6 +112,7 @@ struct BusConfigParser unsigned int fork : 1; /**< TRUE to fork into daemon mode */ unsigned int syslog : 1; /**< TRUE to enable syslog */ + unsigned int keep_umask : 1; /**< TRUE to keep original umask when forking */ unsigned int is_toplevel : 1; /**< FALSE if we are a sub-config-file inside another one */ }; @@ -308,6 +309,9 @@ merge_included (BusConfigParser *parser, if (included->fork) parser->fork = TRUE; + if (included->keep_umask) + parser->keep_umask = TRUE; + if (included->pidfile != NULL) { dbus_free (parser->pidfile); @@ -710,9 +714,24 @@ start_busconfig_child (BusConfigParser *parser, BUS_SET_OOM (error); return FALSE; } - + parser->syslog = TRUE; + return TRUE; + } + else if (element_type == ELEMENT_KEEP_UMASK) + { + if (!check_no_attributes (parser, "keep_umask", attribute_names, attribute_values, error)) + return FALSE; + + if (push_element (parser, ELEMENT_KEEP_UMASK) == NULL) + { + BUS_SET_OOM (error); + return FALSE; + } + + parser->keep_umask = TRUE; + return TRUE; } else if (element_type == ELEMENT_PIDFILE) @@ -1970,6 +1989,7 @@ bus_config_parser_end_element (BusConfigParser *parser, case ELEMENT_DENY: case ELEMENT_FORK: case ELEMENT_SYSLOG: + case ELEMENT_KEEP_UMASK: case ELEMENT_SELINUX: case ELEMENT_ASSOCIATE: case ELEMENT_STANDARD_SESSION_SERVICEDIRS: @@ -2256,6 +2276,7 @@ bus_config_parser_content (BusConfigParser *parser, case ELEMENT_DENY: case ELEMENT_FORK: case ELEMENT_SYSLOG: + case ELEMENT_KEEP_UMASK: case ELEMENT_STANDARD_SESSION_SERVICEDIRS: case ELEMENT_STANDARD_SYSTEM_SERVICEDIRS: case ELEMENT_SELINUX: @@ -2584,6 +2605,12 @@ bus_config_parser_get_syslog (BusConfigParser *parser) return parser->syslog; } +dbus_bool_t +bus_config_parser_get_keep_umask (BusConfigParser *parser) +{ + return parser->keep_umask; +} + const char * bus_config_parser_get_pidfile (BusConfigParser *parser) { @@ -2977,6 +3004,9 @@ config_parsers_equal (const BusConfigParser *a, if (! bools_equal (a->fork, b->fork)) return FALSE; + if (! bools_equal (a->keep_umask, b->keep_umask)) + return FALSE; + if (! bools_equal (a->is_toplevel, b->is_toplevel)) return FALSE; diff --git a/bus/config-parser.h b/bus/config-parser.h index b951d1d2..bb3a30f4 100644 --- a/bus/config-parser.h +++ b/bus/config-parser.h @@ -67,6 +67,7 @@ DBusList** bus_config_parser_get_mechanisms (BusConfigParser *parser); dbus_bool_t bus_config_parser_get_fork (BusConfigParser *parser); dbus_bool_t bus_config_parser_get_allow_anonymous (BusConfigParser *parser); dbus_bool_t bus_config_parser_get_syslog (BusConfigParser *parser); +dbus_bool_t bus_config_parser_get_keep_umask (BusConfigParser *parser); const char* bus_config_parser_get_pidfile (BusConfigParser *parser); const char* bus_config_parser_get_servicehelper (BusConfigParser *parser); DBusList** bus_config_parser_get_service_dirs (BusConfigParser *parser); diff --git a/bus/dbus-daemon.1.in b/bus/dbus-daemon.1.in index 81439343..8342600e 100644 --- a/bus/dbus-daemon.1.in +++ b/bus/dbus-daemon.1.in @@ -213,6 +213,13 @@ If present, the bus daemon becomes a real daemon (forks into the background, etc.). This is generally used rather than the \-\-fork command line option. +.TP +.I "" + +.PP +If present, the bus daemon keeps its original umask when forking. +This may be useful to avoid affecting the behavior of child processes. + .TP .I "" diff --git a/bus/session.conf.in b/bus/session.conf.in index b2dee5b3..794eb8da 100644 --- a/bus/session.conf.in +++ b/bus/session.conf.in @@ -8,6 +8,10 @@ session + + + unix:tmpdir=@DBUS_SESSION_SOCKET_DIR@ diff --git a/dbus/dbus-sysdeps-util-unix.c b/dbus/dbus-sysdeps-util-unix.c index be7bc968..03928044 100644 --- a/dbus/dbus-sysdeps-util-unix.c +++ b/dbus/dbus-sysdeps-util-unix.c @@ -70,12 +70,14 @@ * @param pidfile #NULL, or pidfile to create * @param print_pid_pipe pipe to print daemon's pid to, or -1 for none * @param error return location for errors + * @param keep_umask #TRUE to keep the original umask * @returns #FALSE on failure */ dbus_bool_t _dbus_become_daemon (const DBusString *pidfile, DBusPipe *print_pid_pipe, - DBusError *error) + DBusError *error, + dbus_bool_t keep_umask) { const char *s; pid_t child_pid; @@ -122,9 +124,12 @@ _dbus_become_daemon (const DBusString *pidfile, _dbus_verbose ("keeping stderr open due to DBUS_DEBUG_OUTPUT\n"); } - /* Get a predictable umask */ - _dbus_verbose ("setting umask\n"); - umask (022); + if (!keep_umask) + { + /* Get a predictable umask */ + _dbus_verbose ("setting umask\n"); + umask (022); + } _dbus_verbose ("calling setsid()\n"); if (setsid () == -1) diff --git a/dbus/dbus-sysdeps-util-win.c b/dbus/dbus-sysdeps-util-win.c index 8608ad0e..6358531b 100644 --- a/dbus/dbus-sysdeps-util-win.c +++ b/dbus/dbus-sysdeps-util-win.c @@ -70,12 +70,14 @@ errno_t strcpy_s(char *dest, size_t size, char *src) * @param pidfile #NULL, or pidfile to create * @param print_pid_fd file descriptor to print daemon's pid to, or -1 for none * @param error return location for errors + * @param keep_umask #TRUE to keep the original umask * @returns #FALSE on failure */ dbus_bool_t _dbus_become_daemon (const DBusString *pidfile, DBusPipe *print_pid_pipe, - DBusError *error) + DBusError *error, + dbus_bool_t keep_umask) { return TRUE; } diff --git a/dbus/dbus-sysdeps.h b/dbus/dbus-sysdeps.h index 2662b270..b766f3f9 100644 --- a/dbus/dbus-sysdeps.h +++ b/dbus/dbus-sysdeps.h @@ -400,7 +400,8 @@ void _dbus_print_backtrace (void); dbus_bool_t _dbus_become_daemon (const DBusString *pidfile, DBusPipe *print_pid_pipe, - DBusError *error); + DBusError *error, + dbus_bool_t keep_umask); dbus_bool_t _dbus_verify_daemon_user (const char *user); dbus_bool_t _dbus_change_to_daemon_user (const char *user, diff --git a/doc/busconfig.dtd b/doc/busconfig.dtd index 84593fe0..0cc519b4 100644 --- a/doc/busconfig.dtd +++ b/doc/busconfig.dtd @@ -1,6 +1,7 @@ + Date: Sat, 18 Oct 2008 14:50:49 -0400 Subject: Bug 15412: Add --address option to dbus-send Signed-off-by: Colin Walters --- tools/dbus-send.c | 51 +++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 45 insertions(+), 6 deletions(-) diff --git a/tools/dbus-send.c b/tools/dbus-send.c index 407c0497..81a9c372 100644 --- a/tools/dbus-send.c +++ b/tools/dbus-send.c @@ -33,7 +33,7 @@ static const char *appname; static void usage (int ecode) { - fprintf (stderr, "Usage: %s [--help] [--system | --session] [--dest=NAME] [--type=TYPE] [--print-reply=(literal)] [--reply-timeout=MSEC] [contents ...]\n", appname); + fprintf (stderr, "Usage: %s [--help] [--system | --session | --address=ADDRESS] [--dest=NAME] [--type=TYPE] [--print-reply=(literal)] [--reply-timeout=MSEC] [contents ...]\n", appname); exit (ecode); } @@ -222,6 +222,8 @@ main (int argc, char *argv[]) const char *path = NULL; int message_type = DBUS_MESSAGE_TYPE_SIGNAL; const char *type_str = NULL; + const char *address = NULL; + int session_or_system = FALSE; appname = argv[0]; @@ -237,9 +239,29 @@ main (int argc, char *argv[]) char *arg = argv[i]; if (strcmp (arg, "--system") == 0) - type = DBUS_BUS_SYSTEM; + { + type = DBUS_BUS_SYSTEM; + session_or_system = TRUE; + } else if (strcmp (arg, "--session") == 0) - type = DBUS_BUS_SESSION; + { + type = DBUS_BUS_SESSION; + session_or_system = TRUE; + } + else if (strstr (arg, "--address") == arg) + { + address = strchr (arg, '='); + + if (address == NULL) + { + fprintf (stderr, "\"--address=\" requires an ADDRESS\n"); + usage (1); + } + else + { + address = address + 1; + } + } else if (strncmp (arg, "--print-reply", 13) == 0) { print_reply = TRUE; @@ -271,6 +293,13 @@ main (int argc, char *argv[]) if (name == NULL) usage (1); + if (session_or_system && + (address != NULL)) + { + fprintf (stderr, "\"--address\" may not be used with \"--system\" or \"--session\"\n"); + usage (1); + } + if (type_str != NULL) { message_type = dbus_message_type_from_string (type_str); @@ -284,11 +313,21 @@ main (int argc, char *argv[]) } dbus_error_init (&error); - connection = dbus_bus_get (type, &error); + + if (address != NULL) + { + connection = dbus_connection_open (address, &error); + } + else + { + connection = dbus_bus_get (type, &error); + } + if (connection == NULL) { - fprintf (stderr, "Failed to open connection to %s message bus: %s\n", - (type == DBUS_BUS_SYSTEM) ? "system" : "session", + fprintf (stderr, "Failed to open connection to \"%s\" message bus: %s\n", + (address != NULL) ? address : + ((type == DBUS_BUS_SYSTEM) ? "system" : "session"), error.message); dbus_error_free (&error); exit (1); -- cgit From 100027007254aaec3ba0388bd0f42e29e512a678 Mon Sep 17 00:00:00 2001 From: Tor Lillqvist Date: Thu, 18 Sep 2008 19:40:50 -0400 Subject: [win32] Protect usage of SIGHUP with #ifdef Signed-off-by: Colin Walters --- bus/main.c | 23 ++++++++++++++--------- tools/dbus-launch.c | 2 ++ 2 files changed, 16 insertions(+), 9 deletions(-) diff --git a/bus/main.c b/bus/main.c index 161de19c..51538fe7 100644 --- a/bus/main.c +++ b/bus/main.c @@ -44,7 +44,6 @@ static void close_reload_pipe (void); static void signal_handler (int sig) { - DBusString str; switch (sig) { @@ -52,16 +51,20 @@ signal_handler (int sig) case SIGIO: /* explicit fall-through */ #endif /* DBUS_BUS_ENABLE_DNOTIFY_ON_LINUX */ +#ifdef SIGHUP case SIGHUP: - _dbus_string_init_const (&str, "foo"); - if ((reload_pipe[RELOAD_WRITE_END] > 0) && - !_dbus_write_socket (reload_pipe[RELOAD_WRITE_END], &str, 0, 1)) - { - _dbus_warn ("Unable to write to reload pipe.\n"); - close_reload_pipe (); - } + { + DBusString str; + _dbus_string_init_const (&str, "foo"); + if ((reload_pipe[RELOAD_WRITE_END] > 0) && + !_dbus_write_socket (reload_pipe[RELOAD_WRITE_END], &str, 0, 1)) + { + _dbus_warn ("Unable to write to reload pipe.\n"); + close_reload_pipe (); + } + } break; - +#endif case SIGTERM: _dbus_loop_quit (bus_context_get_loop (context)); break; @@ -458,7 +461,9 @@ main (int argc, char **argv) setup_reload_pipe (bus_context_get_loop (context)); +#ifdef SIGHUP _dbus_set_signal_handler (SIGHUP, signal_handler); +#endif _dbus_set_signal_handler (SIGTERM, signal_handler); #ifdef DBUS_BUS_ENABLE_DNOTIFY_ON_LINUX _dbus_set_signal_handler (SIGIO, signal_handler); diff --git a/tools/dbus-launch.c b/tools/dbus-launch.c index 216f7435..139d0aaf 100644 --- a/tools/dbus-launch.c +++ b/tools/dbus-launch.c @@ -402,7 +402,9 @@ signal_handler (int sig) { switch (sig) { +#ifdef SIGHUP case SIGHUP: +#endif case SIGTERM: got_sighup = TRUE; break; -- cgit From 2f561c2fc55858a9909e0035d564ce19e6a9722d Mon Sep 17 00:00:00 2001 From: Michael Meeks Date: Fri, 29 Aug 2008 08:48:45 -0400 Subject: Print serial in dbus-monitor * tools/dbus-print-message.c: Print serial too. Signed-off-by: Colin Walters --- tools/dbus-print-message.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tools/dbus-print-message.c b/tools/dbus-print-message.c index d5fced34..ea15769f 100644 --- a/tools/dbus-print-message.c +++ b/tools/dbus-print-message.c @@ -263,7 +263,8 @@ print_message (DBusMessage *message, dbus_bool_t literal) { case DBUS_MESSAGE_TYPE_METHOD_CALL: case DBUS_MESSAGE_TYPE_SIGNAL: - printf (" path=%s; interface=%s; member=%s\n", + printf (" serial=%u path=%s; interface=%s; member=%s\n", + dbus_message_get_serial (message), dbus_message_get_path (message), dbus_message_get_interface (message), dbus_message_get_member (message)); -- cgit From 1f3bcd241e5a54fa4ad8b515893783323eff6feb Mon Sep 17 00:00:00 2001 From: James Carter Date: Wed, 1 Oct 2008 16:40:33 -0400 Subject: Initialize AVC earlier so we can look up service security contexts * bus/bus.c: Initialize AVC earlier: http://lists.freedesktop.org/archives/dbus/2008-October/010493.html Signed-off-by: Colin Walters --- bus/bus.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/bus/bus.c b/bus/bus.c index f5b6e7ec..f9cf118b 100644 --- a/bus/bus.c +++ b/bus/bus.c @@ -741,6 +741,11 @@ bus_context_new (const DBusString *config_file, if (print_pid_pipe && _dbus_pipe_is_valid (print_pid_pipe) && !_dbus_pipe_is_stdout_or_stderr (print_pid_pipe)) _dbus_pipe_close (print_pid_pipe, NULL); + + if (!bus_selinux_full_init ()) + { + _dbus_warn ("SELinux initialization failed\n"); + } if (!process_config_postinit (context, parser, error)) { @@ -771,11 +776,6 @@ bus_context_new (const DBusString *config_file, #endif } - if (!bus_selinux_full_init ()) - { - _dbus_warn ("SELinux initialization failed\n"); - } - dbus_server_free_data_slot (&server_data_slot); return context; -- cgit From d437d9202efd8190ec6405d04627b34cb47bcc86 Mon Sep 17 00:00:00 2001 From: Jon Gosting Date: Mon, 10 Nov 2008 23:29:05 -0500 Subject: Bug 18064 - more efficient validation for fixed-size type arrays * dbus/dbus-marshal-validate.c: If an array is fixed size, skip validation Signed-off-by: Colin Walters --- dbus/dbus-marshal-validate.c | 71 +++++++++++++++++++++++++++++++++++++------- 1 file changed, 60 insertions(+), 11 deletions(-) diff --git a/dbus/dbus-marshal-validate.c b/dbus/dbus-marshal-validate.c index b24b5bc2..35998cbb 100644 --- a/dbus/dbus-marshal-validate.c +++ b/dbus/dbus-marshal-validate.c @@ -370,12 +370,30 @@ validate_body_helper (DBusTypeReader *reader, /* p may now be == end */ _dbus_assert (p <= end); - + if (current_type == DBUS_TYPE_ARRAY) { int array_elem_type = _dbus_type_reader_get_element_type (reader); + + if (!_dbus_type_is_valid (array_elem_type)) + { + return DBUS_INVALID_UNKNOWN_TYPECODE; + } + alignment = _dbus_type_get_alignment (array_elem_type); - p = _DBUS_ALIGN_ADDRESS (p, alignment); + + a = _DBUS_ALIGN_ADDRESS (p, alignment); + + /* a may now be == end */ + if (a > end) + return DBUS_INVALID_NOT_ENOUGH_DATA; + + while (p != a) + { + if (*p != '\0') + return DBUS_INVALID_ALIGNMENT_PADDING_NOT_NUL; + ++p; + } } if (claimed_len > (unsigned long) (end - p)) @@ -406,6 +424,7 @@ validate_body_helper (DBusTypeReader *reader, DBusTypeReader sub; DBusValidity validity; const unsigned char *array_end; + int array_elem_type; if (claimed_len > DBUS_MAXIMUM_ARRAY_LENGTH) return DBUS_INVALID_ARRAY_LENGTH_EXCEEDS_MAXIMUM; @@ -418,16 +437,46 @@ validate_body_helper (DBusTypeReader *reader, array_end = p + claimed_len; - while (p < array_end) + array_elem_type = _dbus_type_reader_get_element_type (reader); + + /* avoid recursive call to validate_body_helper if this is an array + * of fixed-size elements + */ + if (dbus_type_is_fixed (array_elem_type)) + { + /* bools need to be handled differently, because they can + * have an invalid value + */ + if (array_elem_type == DBUS_TYPE_BOOLEAN) + { + dbus_uint32_t v; + alignment = _dbus_type_get_alignment (array_elem_type); + + while (p < array_end) + { + v = _dbus_unpack_uint32 (byte_order, p); + + if (!(v == 0 || v == 1)) + return DBUS_INVALID_BOOLEAN_NOT_ZERO_OR_ONE; + + p += alignment; + } + } + + else + { + p = array_end; + } + } + + else { - /* FIXME we are calling a function per array element! very bad - * need if (dbus_type_is_fixed(elem_type)) here to just skip - * big blocks of ints/bytes/etc. - */ - - validity = validate_body_helper (&sub, byte_order, FALSE, p, end, &p); - if (validity != DBUS_VALID) - return validity; + while (p < array_end) + { + validity = validate_body_helper (&sub, byte_order, FALSE, p, end, &p); + if (validity != DBUS_VALID) + return validity; + } } if (p != array_end) -- cgit From 1334ecb435990ba48d3fd4d49aece3927efb0f37 Mon Sep 17 00:00:00 2001 From: Lionel Landwerlin Date: Sat, 18 Oct 2008 14:25:52 -0400 Subject: Bug 17969: Don't test for abstract sockets if explicitly disabled Signed-off-by: Colin Walters --- configure.in | 2 ++ 1 file changed, 2 insertions(+) diff --git a/configure.in b/configure.in index f429ce6f..e170df05 100644 --- a/configure.in +++ b/configure.in @@ -811,6 +811,7 @@ AC_CHECK_FUNCS(getpeerucred getpeereid) #### Abstract sockets +if ! test x$enable_abstract_sockets = xno; then AC_LANG_PUSH(C) AC_CACHE_CHECK([abstract socket namespace], ac_cv_have_abstract_sockets, @@ -854,6 +855,7 @@ AC_CACHE_CHECK([abstract socket namespace], [ac_cv_have_abstract_sockets=no] )]) AC_LANG_POP(C) +fi if test x$enable_abstract_sockets = xyes; then if test x$ac_cv_have_abstract_sockets = xno; then -- cgit From 2895b793ebbb63fcb6d4b1c5516d779959e5264b Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Mon, 11 Aug 2008 16:50:39 -0400 Subject: Bug 17060: Explicitly hard fail if expat is not available * configure.in: Tweak libxml/expat detection and handling. --- configure.in | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/configure.in b/configure.in index e170df05..8e86e7ae 100644 --- a/configure.in +++ b/configure.in @@ -889,30 +889,27 @@ AC_CHECK_LIB(expat, XML_ParserCreate_MM, dbus_use_libxml=false dbus_use_expat=false if test x$with_xml = xexpat; then - dbus_use_expat=true if ! $have_expat ; then AC_MSG_ERROR([Explicitly requested expat but expat not found]) fi + dbus_use_expat=true elif test x$with_xml = xlibxml; then - dbus_use_libxml=true PKG_CHECK_MODULES(LIBXML, libxml-2.0 >= 2.6.0, have_libxml=true, have_libxml=false) - if ! $have_libxml ; then AC_MSG_ERROR([Explicitly requested libxml but libxml not found]) fi + dbus_use_libxml=true else ### expat is the default because libxml can't currently survive ### our brutal OOM-handling unit test setup. ### http://bugzilla.gnome.org/show_bug.cgi?id=109368 - if $have_expat ; then - with_xml=expat - dbus_use_expat=true - elif $have_libxml ; then - with_xml=libxml - dbus_use_libxml=true - else - AC_MSG_ERROR([No XML library found, check config.log for failed attempts]) + if test x$have_expat = xfalse; then + AC_MSG_ERROR([Could not find expat.h, check config.log for failed attempts]) fi + ### By default, only use Expat since it's tested and known to work. If you're a + ### general-purpose OS vendor, please don't enable libxml. For embedded use + ### if your OS is built around libxml, that's another case. + dbus_use_expat=true fi AM_CONDITIONAL(DBUS_USE_EXPAT, $dbus_use_expat) -- cgit From be4745734689d78e606a69e09a4e07c33d7d51c2 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Tue, 23 Sep 2008 14:56:41 -0400 Subject: Add Scott to HACKING --- HACKING | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/HACKING b/HACKING index 58715487..f765866c 100644 --- a/HACKING +++ b/HACKING @@ -237,6 +237,5 @@ rules are: The reviewer group that can approve patches: Havoc Pennington, Michael Meeks, Alex Larsson, Zack Rusin, Joe Shaw, Mikael Hallendal, Richard Hult, Owen Fraser-Green, Olivier Andrieu, Colin Walters, Thiago -Macieira, John Palmieri. - +Macieira, John Palmieri, Scott James Remnant. -- cgit From 1757a749c331f874047d7b3689a7d4ad41d719f4 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Tue, 6 Jan 2009 19:35:55 -0500 Subject: Release 1.2.12. --- configure.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.in b/configure.in index 8e86e7ae..bf7d845b 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ AC_PREREQ(2.52) m4_define([dbus_major_version], [1]) m4_define([dbus_minor_version], [2]) -m4_define([dbus_micro_version], [11]) +m4_define([dbus_micro_version], [12]) m4_define([dbus_version], [dbus_major_version.dbus_minor_version.dbus_micro_version]) AC_INIT(dbus, [dbus_version]) -- cgit From c30270f18255b9fc503b3fdfc5e3c4f01d8888f7 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Tue, 6 Jan 2009 19:36:11 -0500 Subject: Bump for unstable cycle --- configure.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.in b/configure.in index bf7d845b..aaba9f41 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ AC_PREREQ(2.52) m4_define([dbus_major_version], [1]) m4_define([dbus_minor_version], [2]) -m4_define([dbus_micro_version], [12]) +m4_define([dbus_micro_version], [13]) m4_define([dbus_version], [dbus_major_version.dbus_minor_version.dbus_micro_version]) AC_INIT(dbus, [dbus_version]) -- cgit From 5a3907f28f963e05682bb29019774bf5843ab1ee Mon Sep 17 00:00:00 2001 From: Xan Lopez Date: Mon, 14 Apr 2008 15:46:33 +0300 Subject: Fix typo in docs. --- dbus/dbus-message.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dbus/dbus-message.c b/dbus/dbus-message.c index cd447985..e2c4771e 100644 --- a/dbus/dbus-message.c +++ b/dbus/dbus-message.c @@ -1726,7 +1726,7 @@ _dbus_message_iter_init_common (DBusMessage *message, * * The easiest way to iterate is like this: * @code - * dbus_message_iter_init (&iter); + * dbus_message_iter_init (message, &iter); * while ((current_type = dbus_message_iter_get_arg_type (&iter)) != DBUS_TYPE_INVALID) * dbus_message_iter_next (&iter); * @endcode -- cgit From b2f943e9c0d5ae1d6293d418b0c0b2a03799bb84 Mon Sep 17 00:00:00 2001 From: Marc Mutz Date: Mon, 20 Apr 2009 13:47:59 +0200 Subject: configure.in: fix help string alignment * AC_ARG_ENABLE(libaudit: use AS_HELP_STRING for aligned help messages Signed-off-by: Thiago Macieira (cherry picked from commit 660073925b03cad2f6e95ba9f25a81c2d9727185) --- configure.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.in b/configure.in index aaba9f41..c1eabf0c 100644 --- a/configure.in +++ b/configure.in @@ -72,7 +72,7 @@ AC_ARG_ENABLE(doxygen-docs, AS_HELP_STRING([--enable-doxygen-docs],[build DOXYGE AC_ARG_ENABLE(gcov, AS_HELP_STRING([--enable-gcov],[compile with coverage profiling instrumentation (gcc only)]),enable_gcov=$enableval,enable_gcov=no) AC_ARG_ENABLE(abstract-sockets, AS_HELP_STRING([--enable-abstract-sockets],[use abstract socket namespace (linux only)]),enable_abstract_sockets=$enableval,enable_abstract_sockets=auto) AC_ARG_ENABLE(selinux, AS_HELP_STRING([--enable-selinux],[build with SELinux support]),enable_selinux=$enableval,enable_selinux=auto) -AC_ARG_ENABLE(libaudit, [ --enable-libaudit build audit daemon support for SELinux],enable_libaudit=$enableval,enable_libaudit=auto) +AC_ARG_ENABLE(libaudit,AS_HELP_STRING([--enable-libaudit],[build audit daemon support for SELinux]),enable_libaudit=$enableval,enable_libaudit=auto) AC_ARG_ENABLE(dnotify, AS_HELP_STRING([--enable-dnotify],[build with dnotify support (linux only)]),enable_dnotify=$enableval,enable_dnotify=auto) AC_ARG_ENABLE(inotify, AS_HELP_STRING([--enable-inotify],[build with inotify support (linux only)]),enable_inotify=$enableval,enable_inotify=auto) AC_ARG_ENABLE(kqueue, AS_HELP_STRING([--enable-kqueue],[build with kqueue support]),enable_kqueue=$enableval,enable_kqueue=auto) -- cgit