+2003-04-28 Havoc Pennington <hp@redhat.com>
+
+ * configure.in: 0.10
+
+ * NEWS: update
+
+ * bus/system.conf.in: add <includedir>system.d</includedir>
+
+ * dbus/dbus-userdb.c (_dbus_user_database_lookup): fix bug when
+ username was provided but not uid
+
+ * bus/config-parser.c (struct BusConfigParser): keep track of
+ whether the parser is toplevel or was included; change some
+ of the error handling if it's included.
+
2003-04-27 Havoc Pennington <hp@pobox.com>
Unbreak my code...
+D-BUS 0.10
+===
+
+- reversed order of args to dbus_message_new()
+- renamed dbus_message_name_is() and some other
+ functions
+- change DBusWatch to have dbus_watch_handle()
+ similar to dbus_timeout_handle(), drop
+ connection/server-specific handle routines
+- change message serials to be unsigned
+- implemented <allow>/<deny>/<limit> features for
+ config file; system bus now has a deny-all policy
+ by default.
+- system.conf has <includedir>system.d</includedir>
+ so packages can install additions to the default
+ policy to <allow> the messages they need. e.g.
+ CUPS might install a cups.conf - see
+ test/data/valid-config-files/system.d/test.conf
+ for an example.
+- add timeouts for authentication, activation
+- add glib-style "checks" on public API, enable
+ those by default, disable assertions by default
+- add GMainContext argument to GLib setup functions,
+ can be NULL for default context. Needed for threads.
+- add 64-bit integer type
+- validate type of standard message header fields
+- consider messages in the org.freedesktop.Local
+ namespace to be invalid (to avoid fake disconnect
+ messages for example)
+- fix assorted memory leaks and other bugs in
+ the SHA-1 auth mechanism
+- cache user database information (groups user is
+ in, etc.) helps a lot with NIS
+- always store uid_t, pid_t, gid_t in "ulong"
+ rather than "int"
+- implement config file settings for which
+ users can connect
+- SHA-1 unit test
+- dbus-send, dbus-monitor command line utilities
+- fixed lots of misc crashes and other bugs
+
D-BUS 0.9
===
context = NULL;
auth_mechanisms = NULL;
- parser = bus_config_load (config_file, error);
+ parser = bus_config_load (config_file, TRUE, error);
if (parser == NULL)
goto failed;
BusConfigParser*
bus_config_load (const DBusString *file,
+ dbus_bool_t is_toplevel,
DBusError *error)
{
XML_Parser expat;
goto failed;
}
- parser = bus_config_parser_new (&dirname);
+ parser = bus_config_parser_new (&dirname, is_toplevel);
if (parser == NULL)
{
dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
BusPolicy *policy; /**< Security policy */
BusLimits limits; /**< Limits */
-
+
+ char *pidfile; /**< PID file */
+
unsigned int fork : 1; /**< TRUE to fork into daemon mode */
- char *pidfile;
+ unsigned int is_toplevel : 1; /**< FALSE if we are a sub-config-file inside another one */
};
static const char*
}
BusConfigParser*
-bus_config_parser_new (const DBusString *basedir)
+bus_config_parser_new (const DBusString *basedir,
+ dbus_bool_t is_toplevel)
{
BusConfigParser *parser;
if (parser == NULL)
return NULL;
+ parser->is_toplevel = !!is_toplevel;
+
if (!_dbus_string_init (&parser->basedir))
{
dbus_free (parser);
DBusError tmp_error;
dbus_error_init (&tmp_error);
- included = bus_config_load (filename, &tmp_error);
+ included = bus_config_load (filename, FALSE, &tmp_error);
if (included == NULL)
{
_DBUS_ASSERT_ERROR_IS_SET (&tmp_error);
return FALSE;
}
- if (parser->listen_on == NULL)
+ if (parser->is_toplevel && parser->listen_on == NULL)
{
dbus_set_error (error, DBUS_ERROR_FAILED,
"Configuration file needs one or more <listen> elements giving addresses");
dbus_error_init (&error);
- parser = bus_config_load (full_path, &error);
+ parser = bus_config_load (full_path, TRUE, &error);
if (parser == NULL)
{
_DBUS_ASSERT_ERROR_IS_SET (&error);
typedef struct BusConfigParser BusConfigParser;
-BusConfigParser* bus_config_parser_new (const DBusString *basedir);
+BusConfigParser* bus_config_parser_new (const DBusString *basedir,
+ dbus_bool_t is_toplevel);
void bus_config_parser_ref (BusConfigParser *parser);
void bus_config_parser_unref (BusConfigParser *parser);
dbus_bool_t bus_config_parser_check_doctype (BusConfigParser *parser,
* finished ConfigParser.
*/
BusConfigParser* bus_config_load (const DBusString *file,
+ dbus_bool_t is_toplevel,
DBusError *error);
<allow user="*"/>
</policy>
+ <!-- Config files are placed here that among other things, punch
+ holes in the above policy for specific services. -->
+ <includedir>system.d</includedir>
+
<!-- This is included last so local configuration can override what's
in this standard file -->
<include ignore_missing="yes">system-local.conf</include>
+
</busconfig>
AC_INIT(dbus/dbus.h)
-AM_INIT_AUTOMAKE(dbus, 0.9)
+AM_INIT_AUTOMAKE(dbus, 0.10)
AM_CONFIG_HEADER(config.h)
DBusUserInfo *info;
_DBUS_ASSERT_ERROR_IS_CLEAR (error);
-
+ _dbus_assert (uid != DBUS_UID_UNSET || username != NULL);
+
if (uid != DBUS_UID_UNSET)
info = _dbus_hash_table_lookup_ulong (db->users, uid);
else
return NULL;
}
- if (!_dbus_user_info_fill_uid (info, uid, error))
+ if (uid != DBUS_UID_UNSET)
{
- _DBUS_ASSERT_ERROR_IS_SET (error);
- free_user_info (info);
- return NULL;
+ if (!_dbus_user_info_fill_uid (info, uid, error))
+ {
+ _DBUS_ASSERT_ERROR_IS_SET (error);
+ free_user_info (info);
+ return NULL;
+ }
+ }
+ else
+ {
+ if (!_dbus_user_info_fill (info, username, error))
+ {
+ _DBUS_ASSERT_ERROR_IS_SET (error);
+ free_user_info (info);
+ return NULL;
+ }
}
+ /* be sure we don't use these after here */
+ uid = DBUS_UID_UNSET;
+ username = NULL;
+
+ /* insert into hash */
if (!_dbus_hash_table_insert_ulong (db->users, info->uid, info))
{
dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
data/sha-1 \
data/valid-config-files \
data/valid-config-files/basic.d \
+ data/valid-config-files/system.d \
data/valid-service-files
FIND_TESTS=find -name "*.message" -o -name "*.message-raw" -o -name "*.auth-script" -o -name "*.sha1" -o -name "*.txt" -o -name "*.conf" -o -name "*.service"
--- /dev/null
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+ <!-- The following demonstrates how to punch holes in a default deny-all
+ policy so that a particular user can own a service, and other
+ connections can get messages from it -->
+
+ <!-- Only fooserviceuser can own the FooService service, and
+ this user can only send the one kind of message -->
+ <policy user="fooserviceuser">
+ <allow own="org.foo.FooService"/>
+ <allow send="org.foo.FooBroadcastMessage"/>
+ </policy>
+
+ <!-- Allow any connection to receive the message, but
+ only if the message is sent by the owner of FooService -->
+ <policy context="default">
+ <allow receive="org.foo.FooBroadcastMessage" receive_from="org.foo.FooService"/>
+ </policy>
+</busconfig>
projects / platform / upstream / dbus.git / commitdiff