+2008-02-26 John (J5) Palmieri <johnp@redhat.com>
+
+ * CVE-2008-0595 - security policy of the type <allow send_interface=
+ "some.interface.WithMethods"/> work as an implicit allow for
+ messages sent without an interface bypassing the default deny rules
+ and potentially allowing restricted methods exported on the bus to be
+ executed by unauthorized users. This patch fixes the issue.
+ * bus/policy.c (bus_client_policy_check_can_send,
+ bus_client_policy_check_can_receive): skip messages without an
+ interface when evaluating an allow rule, and thus pass it to the
+ default deny rules
+
+2008-02-26 John (J5) Palmieri <johnp@redhat.com>
+
+ * correctly unref connections without guids during shutdown
+ * dbus/dbus-connection.c (close_connection_on_shutdown): new method
+ split out from shared_connections_shutdown
+ (shared_connections_shutdown): shutdown all shared connections
+ without guids
+ (_dbus_connection_ref_unlocked): handle OOM when prepending no guid
+ connections to the shared_connections_no_guid list
+ * Patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>
+
+2008-02-21 John (J5) Palmieri <johnp@redhat.com>
+
+ * fix build against the latest gcc/glibc
+ * dbus/dbus-sysdeps-unix.c: define _GNU_SOURCE
+ * bus/selinux.c: include limits.h
+ * Patch by Matthias Clasen <mclasen at redhat.com>
+
+2008-02-21 John (J5) Palmieri <johnp@redhat.com>
+
+ * fixes dbus-launch so the bus goes away when X does
+ (Red Hat Bug #430412)
+ * tools/dbus-launch.c (main): set xdisplay = NULL
+ * Patch by Matthias Clasen <mclasen at redhat.com>
+
+2008-01-17 John (J5) Palmieri <johnp@redhat.com>
+
+ * Released 1.1.4
+
+2008-01-17 Timo Hoenig <thoenig@suse.de>
+ * fix inotify support
+ * bus/dir-watch-inotify.c (_handle_inotify_watch): fix reading of the
+ inotify events. Also, use ssize_t not size_t for 'ret'.
+ * bus/dir-watch-inotify.c (bus_watch_directory): watch not only for
+ IN_MODIFY but also for IN_CREATE and IN_DELETE
+ * bus/dir-watch-inotify.c (bus_drop_all_directory_watches): drop the
+ inotify watches more elegantly by closing inotify:_fd, set inotify_fd to
+ -1 after dropping the watches
+
+2008-01-15 John (J5) Palmieri <johnp@redhat.com>
+
+ * configure.in: post-release version bump
+
+2008-01-15 John (J5) Palmieri <johnp@redhat.com>
+
+ * Released 1.1.3 (1.2.0RC1)
+
+2008-01-15 John (J5) Palmieri <johnp@redhat.com>
+
+ * fix hacking to say git instead of cvs
+
+2008-01-15 John (J5) Palmieri <johnp@redhat.com>
+
+ * patch by Sébastien Couret <10function at gmail dot com>
+
+ * dbus/dbus-marshal-recursive.c (all_reader_classes[]): wrap in
+ #ifndef DBUS_DISABLE_ASSERT since it is only used in asserts which
+ are noop
+
+2008-01-15 John (J5) Palmieri <johnp@redhat.com>
+
+ * patch by Magnus Henoch <henoch plus bfdo at dtek dot chalmers dot se>
+
+ * dbus/dbus-auth.c (handle_server_data_external_mech): handle SASL
+ EXTERNAL's inital empty responce (FDO Bug #9945)
+
+2008-01-15 John (J5) Palmieri <johnp@redhat.com>
+
+ * bus/messagebus.in: add lsb headers (FDO Bug #11491)
+
+2008-01-15 John (J5) Palmieri <johnp@redhat.com>
+
+ * patch by Peter O'Gorman <pogma at thewrittenword dot com>
+
+ * dbus/dbus-spawn.c (babysit_signal_handler): check write return value
+ so we don't hang (FDO Bug #11665)
+
+2008-01-15 John (J5) Palmieri <johnp@redhat.com>
+
+ * patch by Peter O'Gorman <pogma at thewrittenword dot com>
+
+ * dbus/dbus-sysdeps.h: support for AIX poll implementation (FDO Bug
+ #11666)
+
+2008-01-15 John (J5) Palmieri <johnp@redhat.com>
+
+ * tests/name-test/run-test.sh: make more portable (FDO Bug #11667)
+
+2008-01-15 John (J5) Palmieri <johnp@redhat.com>
+
+ * patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>
+
+ * dbus/dbus-connection.c (_dbus_connection_get_next_client_serial):
+ don't check for < 0 on an unsigned variable (FDO Bug #12924)
+
+2008-01-15 John (J5) Palmieri <johnp@redhat.com>
+
+ * patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>
+
+ * bus/bus.c (setup_server): check failed allocation (FDO Bug #12920)
+
+2008-01-15 John (J5) Palmieri <johnp@redhat.com>
+
+ * patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>
+
+ * dbus/dbus-spawn.c (_dbus_spawn_async_with_babysitter): the API
+ contract says sitter_p can be NULL, so let's check it (FDO Bug #12919)
+
+2008-01-15 John (J5) Palmieri <johnp@redhat.com>
+
+ * patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>
+
+ * dbus/dbus-spawn.c (read_ints, read_pid): use correct ssize_t type
+ instead of size_t (FDO Bug #12862)
+
+2008-01-15 John (J5) Palmieri <johnp@redhat.com>
+
+ * patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>
+
+ * dbus/dbus-errors.c (dbus_set_error): make sure to call va_end if we
+ hit an OOM error inside va_start (FDO Bug #12846)
+
+2008-01-15 John (J5) Palmieri <johnp@redhat.com>
+
+ * patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>
+
+ * dbus/dbus-connection.c (dbus_connection_send_with_reply):
+ fix possible crash if pending_return is NULL (FDO Bug #12673)
+
+2008-01-15 John (J5) Palmieri <johnp@redhat.com>
+
+ * portions of patch submitted by Tim Mooney
+ <enchanter at users dot sourceforge dot net>
+
+ * configure.in: never auto-select libxml (FDO Bug #12479)
+
+2008-01-15 John (J5) Palmieri <johnp@redhat.com>
+
+ * patches by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>
+
+ * dbus/dbus-sysdeps-unix (_dbus_get_autolaunch_address): handle OOM
+ (FDO Bug #12945)
+
+ * dbus/dbus-uuidgen.c (return_uuid): handle OOM (FDO Bug #12928)
+
+ * dbus/dbus-misc.c (dbus_get_local_machine_id): handle OOM, fix return
+ value to return NULL not FALSE (FDO Bug #12946)
+
+2008-01-15 John (J5) Palmieri <johnp@redhat.com>
+
+ * bus/bus.c (bus_context_check_security_policy): rewrite selinux error
+ handling to not abort due to a NULL read and to set the error only if
+ it is not already set (Based off of FDO Bug #12430)
+
+2008-01-15 John (J5) Palmieri <johnp@redhat.com>
+
+ * patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>
+
+ * dbus/dbus-internals.c (_dbus_read_uuid_file_without_creating,
+ _dbus_create_uuid_file_exclusively): add OOM handling (FDO Bug #12952)
+
+2008-01-15 John (J5) Palmieri <johnp@redhat.com>
+
+ * patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>
+
+ * dbus/dbus-spawn.c (babysit, babysitter_iteration): add error
+ handling when polling (FDO Bug #12954)
+
+2008-01-15 John (J5) Palmieri <johnp@redhat.com>
+
+ * patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>
+
+ * bus/config-parser.c (locate_attributes): remove dead code which
+ always evaluated to TRUE
+
+ * dbus/dbus-shell.c (_dbus_shell_quote): remove unused code
+
+2008-01-14 John (J5) Palmieri <johnp@redhat.com>
+
+ * patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>
+
+ * bus/connection.c (bus_connection_complete): plug a possible
+ BusClientPolicy leak (FDO Bug #13242)
+
+2008-01-14 John (J5) Palmieri <johnp@redhat.com>
+
+ * patch by Frederic Crozat <fcrozat at mandriva dot com> (FDO Bz#
+ 13268)
+
+ * add inotify support
+
+ * bus/Makefile.am: add inotify module to the build
+
+ * bus/dir-watch-inotify.c: inotify module based off the dnotify and
+ kqueue modules
+
+ * configure.in: add checks and switch for inotify
+ also add a printout at the end of configure if inotify and kqueue
+ support is being built in (dnotify already had this)
+
+2008-01-14 John (J5) Palmieri <johnp@redhat.com>
+
+ * patch by Frederic Crozat <fcrozat at mandriva dot com>
+
+ * bus/dir-watch-dnotify.c (bus_watch_directory): watch for file
+ creates also
+
+2008-01-14 John (J5) Palmieri <johnp@redhat.com>
+
+ * patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>
+
+ * dbus/dbus-transport-socket.c(do_reading): return message
+ loader buffer in case of OOM (FDO Bug#12666)
+
+2008-01-14 John (J5) Palmieri <johnp@redhat.com>
+
+ * configure.in: add warning to output when libxml is selected since
+ we don't have a libxml maintainer and expat works perfectly fine
+ for what we need an xml parser for
+
+2008-01-14 John (J5) Palmieri <johnp@redhat.com>
+
+ * Patch by Andrea Luzzardi <scox at sig11 dot org>: creates a
+ _dbus_geteuid function to fix EXTERNAL authentication in setuid
+ applications
+
+ * dbus/dbus-sysdeps-unix.c (_dbus_geteuid): used to get the effective
+ uid of the running program
+ (_dbus_credentials_add_from_current_process): use geteuid instead of
+ getuid
+ (_dbus_append_user_from_current_process): use geteuid instead of
+ getuid
+
+ * dbus/dbus-sysdeps-util-unix.c (_dbus_change_to_daemon_user): use
+ geteuid instead of getuid
+ (_dbus_unix_user_is_at_console): use geteuid instead of getuid
+
+ * dbus/dbus-sysdeps-win.c (_dbus_geteuid): add a windows equivilant
+ that returns DBUS_UID_UNSET
+
+2007-12-18 Havoc Pennington <hp@redhat.com>
+
+ * dbus/dbus-connection.c (_dbus_connection_block_pending_call):
+ fix location of curly braces
+
+2007-11-23 Sjoerd Simons <sjoerd@luon.net>
+
+ * tools/dbus-launch.c: let both a normal dbus-launch and an
+ autolaunched bus save their parameters in X11 if possible. This makes
+ the autolaunch and non-autolaunch behaviour more similar. With the
+ exception that on a normal launch there will always be a new session
+ bus and not being able to save parameters is not fatal. This also
+ enables to launch programs directly with autolaunch (not very usefull
+ though).
+
+2007-10-31 Havoc Pennington <hp@redhat.com>
+
+ * bus/selinux.c (log_audit_callback): rewrite to use
+ _dbus_string_copy_to_buffer_with_nul()
+
+ * dbus/dbus-string.c (_dbus_string_copy_to_buffer): change to NOT
+ nul-terminate the buffer; fail an assertion if there is not enough
+ space in the target buffer. This fixes two bugs where
+ copy_to_buffer was used to copy the binary bytes in a UUID, where
+ nul termination did not make sense. Bug reported by David Castelow.
+ (_dbus_string_copy_to_buffer_with_nul): new function that always
+ nul-terminates the buffer, and fails an assertion if there is not
+ enough space in the buffer.
+
+2007-10-23 Havoc Pennington <hp@redhat.com>
+
+ * bus/bus.c (bus_context_new): use the new name here
+
+ * bus/selinux.c (bus_selinux_audit_init): rename from audit_init()
+ to avoid possible libc conflict, and declare it in .h file to
+ avoid a warning
+
+2007-10-19 Havoc Pennington <hp@redhat.com>
+
+ * bus/bus.c (bus_context_new): put audit_init() in HAVE_SELINUX
+
+2007-10-19 Havoc Pennington <hp@redhat.com>
+
+ * bus/bus.c (bus_context_new): put the audit_init() in here
+ instead, which I believe ends up being the same as where it was
+ before, though I'm not sure I understand why it goes here.
+
+ * dbus/dbus-sysdeps-util-unix.c (_dbus_change_to_daemon_user):
+ remove audit_init() from here, this file can't depend on code in
+ bus/ directory
+
+2007-10-16 Simon McVittie <simon.mcvittie@collabora.co.uk>
+
+ * configure.in: *Actually* fix detection of i486 atomic ops -
+ my previous attempt at a fix would always enable them due to wrong
+ quoting. Patch from Colin Walters <walters@verbum.org>
+
+2007-10-11 Simon McVittie <simon.mcvittie@collabora.co.uk>
+
+ * configure.in: enable Autoconf's AC_C_INLINE to avoid compilation
+ failure with gcc -ansi
+ * dbus/dbus-macros.h, dbus/dbus-arch-deps.h.in: Use new macro
+ _DBUS_GNUC_EXTENSION (the same as G_GNUC_EXTENSION) to avoid -ansi
+ warnings about use of "long long".
+ * dbus/dbus-server-socket.c: remove unused variable when assertions
+ are disabled
+ * dbus/dbus-marshal-validate.c: avoid empty statements by removing
+ stray semicolons
+ * tools/dbus-launch.c: convert C++-style comment to C-style, add {}
+ for clarity
+ * .gitignore: ignore vi swapfiles
+ * dbus/dbus-errors.h, dbus/dbus-errors.c: Add DBUS_ERROR_INIT macro,
+ equivalent to calling dbus_error_init() on an uninitialized DBusError
+ * dbus/dbus-address.c, dbus/dbus-auth-script.c, dbus/dbus-auth-util.c,
+ dbus/dbus-connection.c, dbus/dbus-internals.c, dbus/dbus-keyring.c,
+ dbus/dbus-message-util.c, dbus/dbus-server.c, dbus/dbus-sha.c,
+ dbus/dbus-spawn-win.c, dbus/dbus-spawn.c,
+ dbus/dbus-sysdeps-util-win.c, dbus/dbus-transport-socket.c,
+ dbus/dbus-transport.c, dbus/dbus-userdb.c: use that macro instead of
+ calling dbus_error_init() where it's clearly equivalent
+ * configure.in, dbus/dbus-sysdeps.h, dbus/dbus-sysdeps-unix.c: Fix
+ detection of i486 atomic ops. Previously, the attempts to determine
+ support at compile-time on Darwin were causing the i486 atomic ops to
+ be used on *all* i386 or x86-64 GCC builds (AH_VERBATIM can't be
+ conditionalized like we were trying to).
+
+2007-10-10 Simon McVittie <simon.mcvittie@collabora.co.uk>
+
+ * dbus/dbus-errors.c, dbus/dbus-protocol.h: Add new error
+ org.freedesktop.DBus.Error.ObjectPathInUse
+ * dbus/dbus-object-tree.h, dbus/dbus-object-tree.c,
+ dbus/dbus-connection.c, dbus/dbus-connection.h: add new functions
+ dbus_connection_try_register_object_path and
+ dbus_connection_try_register_fallback, which raise ObjectPathInUse
+ rather than asserting, to make object path registration less painful
+ for bindings
+ * .gitignore: add various things that weren't in .cvsignore because
+ CVS implicitly ignored them; generally bring up to date
+
+2007-10-09 John (J5) Palmieri <johnp@redhat.com>
+
+ * tools/run-with-tmp-session-bus.sh: Fix env exports for better
+ portability (#9280)
+ * tools/dbus-send.1: Document syntax for container types in dbus-send
+ man file (#9553) - patch from Jack Spaar <jspaar at
+ users.sourceforge.net>
+
+ [Both OK for MIT/X11 relicensing -smcv]
+
+2007-10-09 Simon McVittie <simon.mcvittie@collabora.co.uk>
+
+ * doc/dbus-specification.xml: Specifically forbid empty structs (#7969)
+ * doc/dbus-specification.xml: Patches from Kristoffer Lundén to clarify
+ description of DBUS_COOKIE_SHA1 (#10184) and allowable contents of a
+ variant (#10185, amended as per Havoc's comments)
+
+ [All of the above are OK for MIT/X11 licensing]
+
+2007-10-03 John (J5) Palmieri <johnp@redhat.com>
+
+ * dbus/dbus-internals.h: fd.o bug #11678 Don't error out if compiler
+ does not support vararg macros. _dbus_verbose is the only function
+ that does this so make it a noop if vararg macros are not supported
+ * bus/selinux.c, dbus/dbus-sysdeps-util-unix.c: fd.o bug #12429
+ Reverse check to setpcap and only init audit if we were root
+ (patch by Dan Walsh <dwalsh@redhat.com>,
+ https://bugs.freedesktop.org/show_bug.cgi?id=12429). Reverse
+ we_were_root check to setpcap if we were root. Also only init audit
+ if we were root. So error dbus message will not show up when policy
+ reload happens. dbus -session will no longer try to send audit
+ message, only system will.
+ * configure.in: fd.o bug #11872 improve linker test for --gc-sections.
+ Patch by Tim Mooney <enchanter at users.sourceforge.net>
+ * configure.in, dbus/dbus-sysdeps.c: fd.o bug #11872 fix clearenv for
+ systems that do not have it. Patch from Brian Cameron <brian.cameron
+ at sun.com>
+ * tools/dbus-launch.c: fd.o bug #12547 remove superfluous if.
+ Also convert tabs to spaces
+ * configure.in, bus/Makefile.am, dbus/Makefile.am: Correctly implement
+ -fPIC and -fPIE. For security reasons we want possition independent
+ code for libraries and possition independent executable for
+ executables. Before we were just enabling -fPIC. Now we correctly
+ enable -fPIC and -PIE for libdbus and the bus respectively. Proper
+ LD_FLAGS are set for each also.
+
+2007-09-20 Ryan Lortie <desrt@desrt.ca>
+
+ Add argument path matching support. Bug #11066.
+
+ * dbus/signals.c (struct DBusMatchRule, bus_match_rule_new,
+ bus_match_rule_set_arg, bus_match_rule_parse_arg_match,
+ match_rule_matches): Add support for parsing and matching on
+ arg0path='/some/path' type rules.
+
+ * dbus/signals.h (bus_match_rule_set_arg): change to take const
+ DBusString instead of const char * for the string to match against.
+
+ * dbus/dbus-bus.c: add a quick note to dbus_bus_add_match
+ documentation about the path matching.
+
+ * doc/dbus-specification.xml: add a more detailed description of the
+ changes here.
+
2007-09-19 Ryan Lortie <desrt@desrt.ca>
Add support for compacting DBusStrings to release wasted memory.
projects / platform / upstream / dbus.git / blobdiff