Age | Commit message (Collapse) | Author | Files | Lines |
|
Previously, if dbus_connection_get_unix_user() succeeded but
_dbus_unix_groups_from_uid() failed, then bus_connection_get_unix_groups()
would incorrectly fail without setting the error indicator, resulting
in "(null)" being logged, which is rather unhelpful.
This also lets us distinguish between ENOMEM and other errors, such as
the uid not existing in the system's user database.
Fixes: 145fb99b (untitled refactoring commit, 2006-12-12)
Helps: https://gitlab.freedesktop.org/dbus/dbus/-/issues/343
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
The full license texts are not added because they were already
added in a previous commit.
Signed-off-by: Ralf Habacker <ralf.habacker@freenet.de>
see #394
|
|
If the memory is not sufficient, the created DBusString instance must be
released. This belongs to the mentioned function and
_dbus_string_init_from_string().
Fixes #360
|
|
remaining locations
The previously used function _dbus_win_stderr_win_error() has been removed
because it is no longer used.
|
|
The normal style is <function-name><space>(<no-spaces>...<no-spaces>).
|
|
Linux systems have traditionally set the soft limit to 1024 and the hard
limit to 4096. Recent versions of systemd keep the soft fd limit at
1024 to avoid breaking programs that still use select(), but raise the
hard limit to 512*1024, while in recent Debian versions a complicated
interaction between components gives a soft limit of 1024 and a hard
limit of 1024*1024. If we can, we might as well elevate our soft limit
to match the hard limit, minimizing the chance that we will run out of
file descriptor slots.
Unlike the previous code to raise the hard and soft limits to at least
65536, we do this even if we don't have privileges: privileges are
unnecessary to raise the soft limit up to the hard limit.
If we *do* have privileges, we also continue to raise the hard and soft
limits to at least 65536 if they weren't already that high, making
it harder to carry out a denial of service attack on the system bus on
systems that use the traditional limit (CVE-2014-7824).
As was previously the case on the system bus, we'll drop the limits back
to our initial limits before we execute a subprocess for traditional
(non-systemd) activation, if enabled.
systemd activation doesn't involve us starting subprocesses at all,
so in both cases activated services will still inherit the same limits
they did previously.
Reviewed-by: Lennart Poettering <lennart@poettering.net>
[smcv: Correct a comment based on Lennart's review, reword commit message]
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
We don't usually mass-remove trailing whitespace from the actual source
code because it would complicate cherry-picking bug fixes to older
branches, but that reasoning doesn't really apply to the comments
containing copyright and licensing notices.
Removing trailing whitespace makes it much easier to move code around:
we have a commit hook that rejects commits containing trailing
whitespace, but that commit hook counts moving a file as a delete + add
pair, so it objects to moving code that contains trailing whitespace.
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
It's only used in test code. We have to put it in its own translation
unit with no non-libc dependencies so that we can compile a copy of it
without AddressSanitizer support, because in a subsequent commit we will
special-case test-segfault to be compiled without using AddressSanitizer,
which would make linking to an AddressSanitizer-instrumented libdbus fail.
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
If a function returns boolean for success/error, and returns a
DBusError, then it should set the DBusError if and only if it
returns FALSE.
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
Bug: https://gitlab.freedesktop.org/dbus/dbus/issues/135
Signed-off-by: Ralf Habacker <ralf.habacker@freenet.de>
Reviewed-by: Simon McVittie <smcv@collabora.com>
|
|
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=104641
|
|
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=104641
|
|
Signed-off-by: Simon McVittie <smcv@collabora.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=104641
Reviewed-by: Philip Withnall <withnall@endlessm.com>
|
|
None of the things we rely on in POSIX async signal handlers, such
as the existence of async-signal-safe write(), are portable to Windows,
so the async signal handlers that use this function are #ifdef
DBUS_UNIX anyway. Remove the unused stub function from the
Windows side, and move the declaration to the Unix-specific header.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=103010
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
|
|
This silences -Wswitch-default.
Part of a larger commit from Thomas Zimmermann.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=98191
|
|
These directories can be used by service managers like `systemd --user`
and its generators, or by session infrastructure like gnome-session,
to synthesize D-Bus service files at runtime from some more canonical
source of information.
The intention is that this is in the XDG_RUNTIME_DIR as defined by the
freedesktop.org Base Directory Specification, which is private to the
user, and has a lifetime equal to the union of all the user's concurrent
login sessions.
This directory is provided on Linux systems that have systemd-logind and
pam_systemd, on other systems with PAM that have pam-xdg-support (which
has been abandoned by Ubuntu in favour of logind, but could be forked
by non-systemd environments that are interested in this functionality),
or any compatible reimplementation.
In practice this is most likely to be useful on systems that run
`dbus-daemon --session` from `systemd --user`.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=99825
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
|
|
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=98089
|
|
This is in preparation for optionally making _dbus_warn() use it.
dbus-daemon closes its stderr under some circumstances, including
when launched by dbus-launch, which makes failures in that
situation rather hard to debug.
_dbus_system_log() is the same on Unix and Windows, so move it
to dbus-sysdeps.c. _dbus_system_logv() remains platform-specific.
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=97009
[smcv: move the #include for syslog.h, too]
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
|
|
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=95191
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
|
|
|
|
Use seperate buffer in _dbus_system_logv() to avoid crash in vsprintf().
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92538
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
|
|
Both build systems arrange for this to be the case,
and we already assume that it's absolute on Unix.
On Windows, it's probably going to be /mingw/share or
something; it gets relocated via _dbus_replace_install_prefix()
at runtime.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=83539
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
|
|
This means we handle OOM correctly, and makes it obvious
that we are not overflowing buffers. This change does not
affect the actual content of the strings.
Instead of redefining DBUS_DATADIR to be a function call
(which hides the fact that DBUS_DATADIR is used),
this patch makes each use explicit: DBUS_DATADIR
is always the #define from configure or cmake, before
replacing the prefix.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=83539
Tested-by: Ralf Habacker <ralf.habacker@freenet.de>
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
|
|
It turns out to be easier to implement the Windows version
of these in a relocatable way if it can assume that the
argument starts empty, which is in fact true in practice.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=83539
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
|
|
Doing strcat() into a static buffer produces incorrect results for
the second and subsequent services if they are not in the ${prefix};
for example, if the first call should have returned
"C:\bar\bin\service1" and the second should have returned
"C:\bar\bin\service2", the second result would actually be
"C:\bar\bin\service1C:\bar\bin\service2".
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=83539
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
[smcv: added commit message; used strncpy/strncat to avoid overflow]
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
|
|
The canonical location for bus setup changed from
${sysconfdir}/dbus-1 to ${datadir}/dbus-1 (or their CMake
equivalents) in version 1.9.18.
Also stop trying to use bus/session.conf from the build tree,
which will not work if our ${prefix} contains an older
${sysconfdir}/dbus-1/session.conf.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92028
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
|
|
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=89444
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
[rh: rebased because a few hunks have already been applied with commit
92c39d1d8a30110c5760bd8d5e695e26a8538d1a]
|
|
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=85105
|
|
Conflicts:
NEWS
configure.ac
|
|
This ensures that our rlimit is actually high enough to avoid the
denial of service described in CVE-2014-3636 part A.
CVE-2014-7824 has been allocated for this incomplete fix.
Restore the original rlimit for activated services, to avoid
them getting undesired higher limits.
(Thanks to Alban Crequy for various adjustments which have been
included in this commit.)
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=85105
Reviewed-by: Alban Crequy <alban.crequy@collabora.co.uk>
|
|
opendir()/readdir() and closedir() emulation.
This fixes a license issue introduced by the initial win32 port.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=57272
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
|
|
This function is meaningless (and possibly unimplementable) on Windows.
We shouldn't call it; if we do, it should raise an error.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=68852
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
|
|
This means we don't need to worry about whether it's thread-safe,
and makes libdbus a little smaller.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=68610
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
|
|
Signed-off-by: Chengwei Yang <chengwei.yang@intel.com>
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=65755
|
|
This causes the test to fail. The assumption implicitly being made was
"if pid 1 is systemd, then every caller of _dbus_init_system_log() is a
systemd service" which is not valid for the regression test.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=63163
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Reviewed-by: Colin Walters <walters@verbum.org>
|
|
The DBusPipe code was broken by commit 6e214b5b3c2837, which switched
from C runtime API to Win32 API for WinCE's benefit. In a DBusPipe,
fd_or_handle is in fact always a C runtime file descriptor, which can't
be used with the Win32 API (which expects a HANDLE).
This commit goes back to the C runtime API. It might cause WinCE support
to regress, but at least dbus-daemon.exe --print-address works again.
This is enough to make a few tests work under Wine when cross-compiling
from Linux to mingw-w64: in particular, this now works:
DBUS_TEST_DAEMON=bus/dbus-daemon.exe DBUS_TEST_DATA=test/data \
wine test/test-dbus-daemon.exe -p /echo/session
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=46049
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
|
|
We don't need any initialization here, so there's nothing to fix.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=35358
Reviewed-by: Colin Walters <walters@verbum.org>
|
|
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
|
|
The default configuration has hardcoded 2048 complete connections,
and 64 incomplete. We need at least that number of file descriptors,
plus some for internal use.
In the bus, attempt to call setrlimit() before we drop privileges.
Practically speaking for this means the system bus gets it, the
session bus doesn't.
http://bugs.freedesktop.org/show_bug.cgi?id=33474
Reviewed-By: Simon McVittie <simon.mcvittie@collabora.co.uk>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Following commit: 04cf3166002a86b9a22851be4e243c87b5b3048d for Unix.
|
|
Drop _dbus_user_at_console() from dbus-sysdeps-util-win.c. It is
called only from dbus-userdb-util.c which isn't compiled on Windows.
|
|
Put the correct error code and a relevant message into the DBusError
in _dbus_unix_user_is_at_console().
|