Colin Walters [Tue, 23 Mar 2010 19:49:37 +0000 (15:49 -0400)]
Post-release version bump
Colin Walters [Tue, 23 Mar 2010 19:10:52 +0000 (15:10 -0400)]
Release 1.2.24
Colin Walters [Tue, 23 Mar 2010 19:04:21 +0000 (15:04 -0400)]
[bus] Don't install a SIGTERM handler
Really we don't have any interesting cleanup to do, so just
let the process die.
https://bugs.freedesktop.org/show_bug.cgi?id=26303
Colin Walters [Mon, 22 Mar 2010 18:33:37 +0000 (14:33 -0400)]
[64 bit printf] Update to use DBUS_PID_FORMAT, print (omitted)
There were already defines for formatting pids and uids, so use those.
In the case where we don't have a format specifier for 64 bit, print
(omitted) in dbus-monitor.
Colin Walters [Mon, 22 Mar 2010 15:50:24 +0000 (11:50 -0400)]
Add DBUS_INT64_MODIFIER define, turn on -Wformat
https://bugs.freedesktop.org/show_bug.cgi?id=19195
We were previously using -Wno-format because we didn't have
a #define for DBUS_INT64_MODIFIER, which was really lame because
it easily hid problems.
For now, just define it if we're on glibc; this is obviously
not strictly correct but it's safe, because the formatting
is only used in DBUS_VERBOSE mode, and in tools/dbus-monitor.
Ideally we get the the glib code relicensed.
Colin Walters [Mon, 22 Mar 2010 14:38:12 +0000 (10:38 -0400)]
Add DBUS_GNUC_PRINTF checks to new formatting functions
Otherwise we don't get GCC warnings.
Colin Walters [Sun, 21 Mar 2010 11:01:15 +0000 (07:01 -0400)]
[bus] While creating a syslog, correctly get pointer data from DBusString
Will Thompson [Thu, 4 Feb 2010 20:24:54 +0000 (20:24 +0000)]
Dispatch post-activation messages to anyone interested
Previously, if a method call activated a service, it would only be
delivered to that service, and not to other services with match rules
which should match. This patch replaces the improperly-duplicated
dispatch code in activation.c with a call back into the normal dispatch
code, fixing this bug (fd.o#26427).
Will Thompson [Thu, 4 Feb 2010 20:12:28 +0000 (20:12 +0000)]
Move dispatching to destination to bus_dispatch_matches()
Colin Walters [Wed, 17 Mar 2010 16:43:40 +0000 (12:43 -0400)]
Post-release version bump
Colin Walters [Wed, 17 Mar 2010 02:30:50 +0000 (22:30 -0400)]
Release 1.2.22
Colin Walters [Wed, 17 Mar 2010 02:25:40 +0000 (22:25 -0400)]
Delete name-test/test-names
This test, while extensive, has the serious flaw of effectively
spinning on _dbus_connection_do_iteration_unlocked. Any tests
like this should be using the internal DBus mainloop, which
I don't have time to port it to before doing a release.
Colin Walters [Tue, 16 Mar 2010 17:20:36 +0000 (13:20 -0400)]
Don't send an reply for driver messages if one isn't requested
Basically honor the no_reply flag; a binding is likely to want to
set this so it doesn't have to process extra traffic for match
rules.
Colin Walters [Mon, 15 Mar 2010 22:31:30 +0000 (18:31 -0400)]
Make SELinux initialization failure fatal
https://bugzilla.redhat.com/show_bug.cgi?id=572769
Previously we'd just continue if AVC initialization failed, but
that didn't really work because then we'd later crash in
avc_has_perm.
Simply treat initialization failures as fatal, and hopefully we
can get data from the system log.
Colin Walters [Tue, 16 Mar 2010 11:19:04 +0000 (07:19 -0400)]
Add a prefix to our syslog messages
Previously we were simply logging as "dbus", and it was unclear
whether it was the system bus, or a session bus. And if the latter,
which user?
This patch adds a prefix to the log message with the bus type
and the userid.
Colin Walters [Tue, 16 Mar 2010 13:00:23 +0000 (09:00 -0400)]
Add _dbus_credentials_to_string_append
Convert the credentials to a string; useful for logging.
Colin Walters [Fri, 12 Mar 2010 16:30:00 +0000 (11:30 -0500)]
Add DBUS_SYSTEM_LOG_FATAL severity
This severity is useful for when we encounter a fatal problem; we
get a log message out, then exit.
Colin Walters [Mon, 15 Mar 2010 17:50:48 +0000 (13:50 -0400)]
Refactor _dbus_log_info, _dbus_log_security into _dbus_log_system
In preparation for a future patch which introduces a fatal logging level,
don't duplicate the API here.
Kimmo Hämäläinen [Tue, 16 Mar 2010 17:55:13 +0000 (13:55 -0400)]
[dbus-spawn] Use correct sign values for variables
read() returns a signed value, whereas the byte count is unsigned.
Signed-off-by: Colin Walters <walters@verbum.org>
Kimmo Hämäläinen [Tue, 16 Mar 2010 17:50:30 +0000 (13:50 -0400)]
[dbus] Add missing va_end in dbus-errors.c
Colin Walters [Tue, 16 Mar 2010 17:11:20 +0000 (13:11 -0400)]
[main] Handle OOM in reload watch
http://bugs.freedesktop.org/show_bug.cgi?id=12953
Wait for memory if we can't init the string.
Based on an original patch by Kimmo Hämäläinen <kimmo.hamalainen@nokia.com>
Simon McVittie [Tue, 16 Mar 2010 16:40:08 +0000 (12:40 -0400)]
[doc/dbus-specification.xml] Explicitly specify lower-case hex must be used
https://bugs.freedesktop.org/show_bug.cgi?id=9486
When describing DBUS_COOKIE_SHA1, specify that lower-case hex encoding
must be used.
Colin Walters [Tue, 16 Mar 2010 16:16:33 +0000 (12:16 -0400)]
Support inotify on older kernels
https://bugs.freedesktop.org/show_bug.cgi?id=23957
Previously we detected glibc support at compile time and used
it unconditionally; better to try it and fall back, this way
we continue to run on older kernels when compiled for newer ones.
Marcus Brinkmann [Mon, 15 Mar 2010 14:39:45 +0000 (15:39 +0100)]
Fix double-free in error case.
Signed-off-by: Thiago Macieira <thiago@kde.org>
Colin Walters [Fri, 12 Mar 2010 22:23:10 +0000 (17:23 -0500)]
[configure.in] Use AM_SILENT_RULES if available
By rough consensus, and to keep up with the cool kids.
Note to builders: you need to use V=1 to enable verbose mode.
Michael Meeks [Fri, 12 Mar 2010 16:50:27 +0000 (11:50 -0500)]
[DBusConnection] When handling a watch, return if another thread is doing I/O
http://lists.freedesktop.org/archives/dbus/2010-March/012337.html
Previously, the watch handler would block until the I/O path was available.
However, if another non-main thread was doing a synchronous call, this would
cause the main thread to block on that thread, a highly undesirable
thing because it's important for the main thread to remain responsive
for user interfaces.
Signed-off-by: Colin Walters <walters@verbum.org>
Signed-off-by: Thiago Macieira <thiago@kde.org>
Frederic Crozat [Wed, 3 Mar 2010 13:05:23 +0000 (14:05 +0100)]
Fix build when selinux is disabled but libaudit enabled
https://bugs.freedesktop.org/show_bug.cgi?id=26859
Colin Walters [Fri, 19 Feb 2010 21:34:47 +0000 (16:34 -0500)]
[dbus-string] Sync up UNICODE_VALID with glib, add documentation
See https://bugzilla.gnome.org/show_bug.cgi?id=107427 for rationale
behind the first change.
The documentation was derived from an IRC conversation with
Behdad Esfahbod.
Colin Walters [Thu, 18 Feb 2010 20:33:28 +0000 (15:33 -0500)]
Monitor service directories for changes
It's not expected to have to manually SIGHUP the bus after installing
a new .service file. Since our directory monitoring is already set
up to queue a full reload which includes service activation, simply
monitor the servicedirs too.
https://bugs.freedesktop.org/show_bug.cgi?id=23846
Brian Cameron [Thu, 18 Feb 2010 15:38:42 +0000 (10:38 -0500)]
Fix dummy file monitoring backend compilation
https://bugs.freedesktop.org/show_bug.cgi?id=26421
Cyril Brulebois [Mon, 8 Feb 2010 17:21:35 +0000 (12:21 -0500)]
Fix compilation of kqueue file monitoring on FreeBSD
Colin Walters [Wed, 3 Feb 2010 17:13:38 +0000 (12:13 -0500)]
Release 1.2.20
Colin Walters [Tue, 2 Feb 2010 19:57:47 +0000 (14:57 -0500)]
Fix compilation in --disable-selinux case
_dbus_change_to_daemon_user moved into selinux.c for the --with-selinux
(and audit) case because that's where all of the relevant libcap headers
were being used. However in the --disable-selinux case this didn't
compile and wasn't very clean.
If we don't have libaudit, use the legacy direct setgid/setuid bits
we had before in dbus-sysdeps-util-unix.c.
Colin Walters [Tue, 2 Feb 2010 17:37:17 +0000 (12:37 -0500)]
Fix inotify shutdown
We were incorrectly passing NULL for a DBusList when the usage expected
is a pointer to a NULL DBusList pointer. Also during dbus_shutdown
we need to actually close the inotify fd, and remove our watch.
Move the shutdown handler out of bus.c and into inotify where we
can do all of this cleanly.
Colin Walters [Tue, 2 Feb 2010 15:31:28 +0000 (10:31 -0500)]
Release 1.2.18
Tom Hughes [Sun, 13 Dec 2009 21:30:09 +0000 (13:30 -0800)]
Use monotonic clock for _dbus_get_current_time() if it's available.
_dbus_get_current_time() is used for timeouts, but uses gettimeofday(), which
relies on the wall clock time, which can change. If the time is changed forwards
or backwards, the timeouts are no longer valid, so the monotonic clock must be used.
https://bugs.freedesktop.org/show_bug.cgi?id=25624
Signed-off-by: Colin Walters <walters@verbum.org>
Colin Walters [Mon, 1 Feb 2010 22:38:25 +0000 (17:38 -0500)]
Don't crash when reloading if we haven't loaded user database yet
The user database is populated on-demand, but the cache dropping
code assumed it had been initialized. Simply check for NULL.
https://bugs.freedesktop.org/show_bug.cgi?id=26182
Colin Walters [Mon, 1 Feb 2010 21:45:48 +0000 (16:45 -0500)]
Move system-activation.txt into non-conditional EXTRA_DIST
It doesn't depend on the XML doc generation.
Colin Walters [Thu, 28 Jan 2010 21:26:39 +0000 (16:26 -0500)]
Clean up inotify watch handling
Substantially based on a patch by Matthias Clasen <mclasen@redhat.com>
kqueue implementation by Joe Marcus Clarke <marcus@freebsd.org>
Previously, when we detected a configuration change (which included
the set of config directories to monitor for changes), we would
simply drop all watches, then readd them.
The problem with this is that it introduced a race condition where
we might not be watching one of the config directories for changes.
Rather than dropping and readding, change the OS-dependent monitoring
API to simply take a new set of directories to monitor. Implicit
in this is that the OS-specific layer needs to keep track of the
previously monitored set.
Colin Walters [Thu, 28 Jan 2010 22:31:36 +0000 (17:31 -0500)]
Update messagebus.in init script to start earlier
Patch from Fedora.
Colin Walters [Thu, 28 Jan 2010 22:28:25 +0000 (17:28 -0500)]
[doc] diagram.[svg,png] to EXTRA_DIST
These files are part of the docs and should appear in tarballs.
Colin Walters [Thu, 28 Jan 2010 20:04:14 +0000 (15:04 -0500)]
Don't drop pending activations when reloading configuration
The reload handling for activation simply dropped all knowledge
of pending activations, which was clearly wrong. Refactor things
so that reload only reloads directories, server address etc.
Based on a patch originally from Matthias Clasen <mclasen@redhat.com>
Colin Walters [Thu, 28 Jan 2010 00:38:44 +0000 (19:38 -0500)]
Switch to libcap-ng, avoid linking libdbus against libcap[-ng]
(Commit message written by Colin Walters <walters@verbum.org>)
A current Fedora goal is to convert projects to libcap-ng which
more easily allows dropping Linux capabilities. For software
which also links to libdbus, it's problematic to link against
libcap as well.
Though really, libdbus should have never linked against libcap
in the first place, which is another thing this patch changes
by moving the libcap-using bits out of dbus/ and into bus/.
https://bugzilla.redhat.com/show_bug.cgi?id=518541
Colin Walters [Fri, 15 Jan 2010 21:57:39 +0000 (16:57 -0500)]
Add Will Thompson and Simon McVittie to reviewers, add emails to all
The reviewer list was sorely lacking actual email addresses; fix this.
Also add Will and Simon.
Colin Walters [Mon, 14 Dec 2009 23:12:24 +0000 (18:12 -0500)]
Ignore exit code zero from activated services
A variety of system components have migrated from legacy init into DBus
service activation. Many of these system components "daemonize", which
involves forking. The DBus activation system treated an exit as an
activation failure, assuming that the child process which grabbed the
DBus name didn't run first.
While we're in here, also differentiate in this code path between the
servicehelper (system) versus direct activation (session) paths. In
the session activation path our error message mentioned a helper
process which was confusing, since none was involved.
Based on a patch and debugging research from Ray Strode <rstrode@redhat.com>
Will Thompson [Wed, 28 Oct 2009 19:40:38 +0000 (19:40 +0000)]
Print all-printable-ASCII byte arrays as strings
In practice, ay seems to be used mostly for binary data (in which case,
hex output is fine) or for Unix file paths (because they may be
non-UTF-8) and similar human-readable strings. So let's print the latter
similarly to strings.
Will Thompson [Wed, 9 Sep 2009 19:58:53 +0000 (20:58 +0100)]
Print byte arrays as nicely-formatted hex.
Will Thompson [Sat, 8 Aug 2009 13:29:12 +0000 (14:29 +0100)]
Add an accessor for the loader's corruption reason
Will Thompson [Sat, 8 Aug 2009 12:57:11 +0000 (13:57 +0100)]
Include reason when reporting corrupt messages
It would have been much easier to diagnose fd.o#19723 if the error
message had said more than just "Message is corrupted".
Will Thompson [Sat, 8 Aug 2009 13:03:46 +0000 (14:03 +0100)]
Forbid zero serial numbers
Will Thompson [Wed, 9 Sep 2009 19:35:13 +0000 (20:35 +0100)]
Make array-printing code easier to follow
Previously dbus_message_iter_get_arg_type() was called twice: once in
the loop condition to update 'current_type', and once to check if the
loop will run again. This patch moves updating current_type to the end
of the loop body.
James Westby [Thu, 1 Oct 2009 14:09:54 +0000 (15:09 +0100)]
Correct timeout handling
The timeout handling code subtracts the elapsed time from the timeout
each time a message is received, which drastically reduces the timeout
in circumstances such as service activation.
Correct so that the timeout is never modified, and the elapsed time
instead subtracted where necessary.
Signed-off-by: James Westby <jw+debian@jameswestby.net>
Signed-off-by: Scott James Remnant <scott@ubuntu.com>
Hendrik Buschmeier [Thu, 28 Jan 2010 10:22:32 +0000 (11:22 +0100)]
Bug 23502 - corrected wrong verbose-output
Matthias Clasen [Fri, 18 Dec 2009 19:29:40 +0000 (14:29 -0500)]
Bug 25697 - Fix memory leak in policy reload
Signed-off-by: Colin Walters <walters@verbum.org>
Sascha Silbe [Fri, 16 Oct 2009 19:20:43 +0000 (15:20 -0400)]
Bug 23977 - dbus-launch --exit-with-session not killing dbus-daemon on SIGINT
Handle SIGINT in the same way we handle SIGTERM.
Colin Watson [Fri, 18 Sep 2009 17:23:39 +0000 (18:23 +0100)]
Fix link order: system libraries should come after libdbus-convenience
libdbus-convenience may use system libraries, but not the other way
round. Most platforms don't care, but on some platforms this means that
system libraries need to be listed after libdbus-convenience.la on the
link line.
Lennart Poettering [Fri, 31 Jul 2009 16:26:57 +0000 (12:26 -0400)]
dbus-monitor: use unbuffered stdout instead of handling SIGINT
The current SIGINT handling of dbus-monitor ain't making too many people
happy since it defers the exit to the next msg received -- which might
be quite some time away often enough.
This patch replaces the SIGINT handling by simply enabling line-buffered
IO for STDOUT so that even if you redirect dbus-monitor into a file no
lines get accidently lost and the effect of C-c is still immediate.
halfline came up with the great idea to use setvbuf here instead of
fflush()ing after each printf().
(Oh and the old signal handler was broken anyway, the flag should have
been of type sigatomic_t and be marked volatile)
Signed-off-by: Colin Walters <walters@verbum.org>
Colin Walters [Thu, 30 Jul 2009 13:48:20 +0000 (09:48 -0400)]
Bug 22805 - Fix build with -Wl,--as-needed
Explicitly link dbus_convenience.la against DBUS_CLIENT_LIBS
because it uses $THREAD_LIBS, just like the main library does.
Aurelien Jarno [Thu, 16 Jul 2009 13:35:27 +0000 (09:35 -0400)]
Bug 19432 followup - Fix Debian/FreeBSD CMSGCRED compilation
Brian Cameron [Wed, 15 Jul 2009 21:35:38 +0000 (17:35 -0400)]
Bug 22788 - Fix detection of getpwnam_r on Solaris
Define POSIX_PTHREAD_SEMANTICS earlier so more things use it.
Signed-off-by: Colin Walters <walters@verbum.org>
Thiago Macieira [Tue, 14 Jul 2009 20:35:11 +0000 (22:35 +0200)]
Update the HACKING file to contain instructions on how we develop with Git
Colin Walters [Tue, 14 Jul 2009 20:11:27 +0000 (16:11 -0400)]
Release 1.2.16
Colin Walters [Tue, 14 Jul 2009 15:43:54 +0000 (11:43 -0400)]
Cope with dbus-launch not being in DBUS_BINDIR
This is a temporary hack for systems which use DBUS_BINDIR=/bin,
but then move dbus-launch back into /usr/bin. Longer term,
we should explicitly support this in upstream code, or even better
figure out how to move dbus-launch into /bin (e.g. dynamically
load libX11 if available), or have a --with-x11-tools configure
option.
(cherry picked from commit
70c5285eb4b757fdd4e552e002c5d54072492152)
Hasso Tepper [Mon, 13 Jul 2009 18:23:40 +0000 (14:23 -0400)]
Bug 19432 - Fix handling of HAVE_CMSGCRED case (FreeBSD)
Fixes dbus on FreeBSD and DragonFly systems.
The patch is obtained from FreeBSD ports tree.
Signed-off-by: Colin Walters <walters@verbum.org>
(cherry picked from commit
7bf132c7d15c1d8214b11442f053f7d53bca9a8f)
Daniel Reed [Mon, 13 Jul 2009 18:06:26 +0000 (14:06 -0400)]
Bug 2432 - Support --address option for dbus-monitor
Signed-off-by: Colin Walters <walters@verbum.org>
(cherry picked from commit
e4b271e2425a36884b5e3e70e6a32d440b41d145)
Grzegorz Dąbrowski [Mon, 13 Jul 2009 17:53:38 +0000 (13:53 -0400)]
Bug 19446 - HaikuOS support
Signed-off-by: Colin Walters <walters@verbum.org>
(cherry picked from commit
97c58ace430fb58cedfc1e5c83db9759063b6946)
Paul Bolle [Mon, 13 Jul 2009 17:35:05 +0000 (13:35 -0400)]
Bug 16688 - typo in dbus-monitor.1
s/dbus_bus_add_watch/dbus_bus_add_match/
Signed-off-by: Colin Walters <walters@verbum.org>
(cherry picked from commit
249f89181c4db5b15aab15472bb72402527434f5)
Colin Walters [Mon, 13 Jul 2009 17:11:20 +0000 (13:11 -0400)]
Bug 22415 - COYPING file should note we allow later versions of GPL
The canonical copyright information in the source file says we
allow later versions of the GPL. So note that in COPYING too.
(cherry picked from commit
f908daed82d61df44710a8ec681558c6d23b940d)
Colin Walters [Sat, 11 Jul 2009 01:33:02 +0000 (21:33 -0400)]
Bug 896 - Avoid race conditions reading message from exited process
Patch based on extensive work from Michael Meeks <michael.meeks@novell.com>,
thanks to Dafydd Harries <dafydd.harries@collabora.co.uk>,
Kimmo Hämäläinen <kimmo.hamalainen@nokia.com> and others.
The basic idea with this bug is that we effectively ignore errors
on write. Only when we're done reading from a connection do we
close down a connection. This avoids a race condition where
if a process (such as dbus-send) exited while we still had
data to read in the buffer, we'd miss that data.
(cherry picked from commit
0e36cdd54964c4012acec2bb8e598b85e82d2846)
Colin Walters [Mon, 13 Jul 2009 17:02:21 +0000 (13:02 -0400)]
Bug 14259 - Refactor _dbus_get_autolaunch_address
Split out the process-launching code, which can be reused for
other applications; in particular, a forthcoming patch to parse
output from launchd for MacOS X.
(cherry picked from commit
6b163e95e7a2318a98c16c0d0944337e38e62efa)
Colin Walters [Mon, 13 Jul 2009 16:47:19 +0000 (12:47 -0400)]
Bug 14259 - Make session address lookup system-dependent
On some platforms such as MacOS X and Windows, we can't depend
on an environment variable to determine the address of the
session bus. Create a sysdep function dbus_lookup_session_address
which can be filled in with platform-specific code.
(cherry picked from commit
6478ec6949c6bb794237b43d03b68f80eba1288c)
Benjamin Reed [Mon, 13 Jul 2009 15:21:08 +0000 (11:21 -0400)]
Bug 14259 - Work around broken getgrouplist on MacOS X
We don't get the number of groups, so allocate an arbitrary
larger array.
Signed-off-by: Colin Walters <walters@space-ghost.verbum.org>
(cherry picked from commit
c71403ddde230378e3beffee21a3d1fe6edc9bce)
Kimmo Hämäläinen [Mon, 13 Jul 2009 10:30:48 +0000 (06:30 -0400)]
Bug 12484 - Ensure initialized variable in dbus_connection_remove_filter
Signed-off-by: Colin Walters <walters@space-ghost.verbum.org>
(cherry picked from commit
ccfa8e51549f36e09f90a4f5822523a0f50201fc)
Colin Walters [Sat, 11 Jul 2009 02:27:55 +0000 (22:27 -0400)]
Bug 18121 - Use a monotonic clock for pthread timeouts
Patch based on one from Keith Mok <ek9852@gmail.com>, some
followup work from Janne Karhunen <Janne.Karhunen@gmail.com>.
We don't want condition variable timeouts to be affected by the system clock.
Use the POSIX CLOCK_MONOTONIC if available.
(cherry picked from commit
ae24bb35e2ee3ecde990f55852982b573754ec43)
Matthias Clasen [Sat, 11 Jul 2009 00:10:12 +0000 (20:10 -0400)]
Bug 22516 - Ensure inotify fd is set close on exec
This prevents it leaking into spawned child processes.
Signed-off-by: Colin Walters <walters@verbum.org>
(cherry picked from commit
f4e15893e5be6da6c7642bb7ef9b14d5531afe41)
Colin Walters [Sat, 11 Jul 2009 00:07:34 +0000 (20:07 -0400)]
Bug 21545 - Move CFLAGS modification towards the end of configure
This prevents the flags from screwing up autoconf tests.
(cherry picked from commit
98bbe8c7941f2c643dc55b4e7329c0da57d2c7bc)
Will Thompson [Sun, 7 Jun 2009 16:44:26 +0000 (17:44 +0100)]
Ensure messages are locked while marshalling.
Locking a message has the side-effect of updating the message's length
header. Previously, if dbus_message_marshal() was called on an unlocked
message, it could yield an invalid message (as discovered by Ben
Schwartz in <http://bugs.freedesktop.org/show_bug.cgi?id=19723>).
(cherry picked from commit
9f825271f9106c23fe51ab54abdb5156b7751014)
Christian Persch (GNOME) [Fri, 10 Jul 2009 23:40:00 +0000 (19:40 -0400)]
Bug 21657 - Fix configure checks for va_list in maintainer mode
Include the right headers.
(cherry picked from commit
fe86222d10f0b2532be314a58841db82b1f5887e)
Tobias Mueller [Fri, 10 Jul 2009 23:32:38 +0000 (19:32 -0400)]
Bug 21161 - Update the FSF address
No comment.
Signed-off-by: Colin Walters <walters@verbum.org>
(cherry picked from commit
5baf2f856a9c6625993234855b07680da1c8916f)
Colin Walters [Fri, 10 Jul 2009 23:26:52 +0000 (19:26 -0400)]
Bug 21646 - Fix a signed char comparison
Original suggested patch from Marc-Andre Lureau <marcandre.lureau@gmail.com>
Explicitly cast to unsigned char before we do comparisons.
(cherry picked from commit
1f6ac4deef91df3130c61525a2800e6b8a0ddcbf)
Colin Walters [Fri, 10 Jul 2009 23:22:54 +0000 (19:22 -0400)]
Add missing include for unistd.h in test-service.c
We use usleep here.
(cherry picked from commit
e5310abd6cbc4c2e1a9df54f097d6642ad0833c6)
Kurt Miller [Fri, 10 Jul 2009 23:14:10 +0000 (19:14 -0400)]
Bug 21347 - Don't fail autolaunching if process has SIGCHLD handler
If other code in the process set a global SIGCHLD handler, it
will make autolaunching fail spuriously due to waitpid() failing.
This fix will temporarily block SIGCHLD delivery.
Signed-off-by: Colin Walters <walters@verbum.org>
(cherry picked from commit
644fc38b249b490981becda4b2de5261865bba23)
Scott James Remnant [Thu, 9 Jul 2009 15:35:13 +0000 (16:35 +0100)]
dbus_message_append_args_valist - abandon container
In case of OOM when constructing an array, we should abandon the
container to free the resources.
Signed-off-by: Scott James Remnant <scott@ubuntu.com>
(cherry picked from commit
3f070088232f82fafce97c4fb3015da098fe00bf)
Scott James Remnant [Thu, 9 Jul 2009 15:34:54 +0000 (16:34 +0100)]
bfo22316 - add dbus_message_iter_abandon_container()
It's not currently possible to abandon creation of a container without
either hitting asserts or leaking memory. This new function allows
that.
Signed-off-by: Scott James Remnant <scott@ubuntu.com>
(cherry picked from commit
e57a368c440aec39caf6c3b491cf76ef615dc2e8)
Scott James Remnant [Thu, 9 Jul 2009 15:28:29 +0000 (16:28 +0100)]
Add test case for assert when unwinding a container.
* dbus/dbus-message-util.c: when constructing an array of structures,
it's not possible to unwind in case of an error part-way through.
This test will therefore assert.
Signed-off-by: Scott James Remnant <scott@ubuntu.com>
(cherry picked from commit
4bea3ca2b02098f2513a9902511e4de77ccf9b91)
Scott James Remnant [Mon, 11 May 2009 22:29:52 +0000 (23:29 +0100)]
Add tests for pending call timeouts
* test/test-service.c (handle_delay_echo, path_message_func): Add a
variant of the Echo method which sleeps for a short time.
* test/name-test/test-pending-call-timeout.c: Run tests with default,
specified and infinite timeout to make sure we get the reply.
* test/name-test/run-test.sh: Run the new test
* test/name-test/Makefile.am: Build the new test
Signed-off-by: Scott James Remnant <scott@ubuntu.com>
(cherry picked from commit
c1f165261afcc3bafa9b24ff916bb231628e3782)
Scott James Remnant [Mon, 11 May 2009 21:54:44 +0000 (22:54 +0100)]
Unrestrict session bus timeout.
* bus/session.conf.in: Remove the reply_timeout stanza, previously
intended to increase the reply timeout, this now reduces it.
Signed-off-by: Scott James Remnant <scott@ubuntu.com>
(cherry picked from commit
bd2063e17e1bb57dee1a5dfed76c9dde76d55ff3)
Scott James Remnant [Mon, 11 May 2009 21:43:09 +0000 (22:43 +0100)]
Change default reply timeout.
* bus/config-parser.c (bus_config_parser_new): change the default reply
timeout to "never"
Signed-off-by: Scott James Remnant <scott@ubuntu.com>
(cherry picked from commit
8f1d2a2fa8ba2f25121465ad82289c0e09c9675a)
Scott James Remnant [Mon, 11 May 2009 21:42:50 +0000 (22:42 +0100)]
Expire list timeout may be negative for no expiry.
* bus/expirelist.c (do_expiration_with_current_time): Don't check for
expiry if expire_after is negative, will just disable the expiry timer
after the call.
Signed-off-by: Scott James Remnant <scott@ubuntu.com>
(cherry picked from commit
d672d0320628e93a247eeff89945c81926a42163)
Scott James Remnant [Mon, 11 May 2009 21:42:32 +0000 (22:42 +0100)]
Explicitly check for zero time fields.
* bus/expirelist.c (do_expiration_with_current_time): If the item added
time fields are both zero, always expire.
Signed-off-by: Scott James Remnant <scott@ubuntu.com>
(cherry picked from commit
d33cfec625bf769384cc370ad0ea660c9993aa15)
Scott James Remnant [Mon, 11 May 2009 21:42:13 +0000 (22:42 +0100)]
Remove 6 hour timeout restriction.
* dbus/dbus-pending-call.c (_dbus_pending_call_new_unlocked): Now that
the timeout math won't overflow, don't clamp to six hours.
Signed-off-by: Scott James Remnant <scott@ubuntu.com>
(cherry picked from commit
7398ad7374c0a9201d41397c956deee325f3593e)
Scott James Remnant [Mon, 11 May 2009 21:41:49 +0000 (22:41 +0100)]
Fix issue where timeouts can overflow.
* dbus/dbus-connection.c (_dbus_connection_block_pending_call): Rework
the timeout math so instead of calculating an end time, which may
overflow, we instead calculate the elapsed time which is always
smaller than the boundaries.
Signed-off-by: Scott James Remnant <scott@ubuntu.com>
(cherry picked from commit
1faa92114f6489d286ad4cebe5e91b2145a4f7d1)
Scott James Remnant [Mon, 11 May 2009 21:41:20 +0000 (22:41 +0100)]
Update documentation now that INT_MAX means no timeout.
* dbus/dbus-connection.c (dbus_connection_send_with_reply): Fix
documentation now that INT_MAX will not be clamped.
(dbus_connection_send_with_reply_and_block): Update documentation too.
Signed-off-by: Scott James Remnant <scott@ubuntu.com>
(cherry picked from commit
ce0d932d9be5adec22943dd7b268bd4a165ada64)
Scott James Remnant [Mon, 11 May 2009 21:40:38 +0000 (22:40 +0100)]
Don't allocate DBusTimeout for pending call when passed INT_MAX
* dbus/dbus-pending-call.c (_dbus_pending_call_new_unlocked): When passed
INT_MAX, do not clamp the value and do not allocate a timeout for the call
(_dbus_pending_call_get_timeout_unlocked): Document that this may return
NULL.
Signed-off-by: Scott James Remnant <scott@ubuntu.com>
(cherry picked from commit
92dd55c903b440bc423f1f8f9aeb0bbbbcc11bac)
Scott James Remnant [Mon, 11 May 2009 21:40:10 +0000 (22:40 +0100)]
Allow a pending call to block forever
* dbus/dbus-connection.c (_dbus_connection_block_pending_call): Allow the
pending call to have no timeout, in which case we simply block until we
complete, have data or get disconnected.
Signed-off-by: Scott James Remnant <scott@ubuntu.com>
(cherry picked from commit
e5eb472d11aa36c67e320edce41d66eb18cdf5d0)
Scott James Remnant [Mon, 11 May 2009 21:38:23 +0000 (22:38 +0100)]
Make sure a pending call timeout isn't assumed.
* dbus/dbus-connection.c (_dbus_connection_attach_pending_call_unlocked):
Don't assume that the pending call has a timeout.
(connection_timeout_and_complete_all_pending_call_unlocked): check that
the timeout was actually added before removing it; this safeguards us
if the pending call doesn't have a timeout.
Signed-off-by: Scott James Remnant <scott@ubuntu.com>
(cherry picked from commit
ba22606c3b21c55c5c0af30d8f07edd71ded7213)
Marc Mutz [Wed, 7 Jan 2009 11:46:53 +0000 (12:46 +0100)]
configure.in: fail abstract socket test gracefully when cross-compiling
* configure.in: only run AC_CACHE_CHECK if enable_abstract_sockets=auto
* configure.in: warn that, when cross-compiling, we're unable to detect
abstract sockets availability automatically
Signed-off-by: Thiago Macieira <thiago@kde.org>
Marc Mutz [Fri, 17 Apr 2009 14:23:42 +0000 (16:23 +0200)]
configure.in: not all gccs support -Wno-pointer-sign
Signed-off-by: Thiago Macieira <thiago@kde.org>
Colin Walters [Mon, 27 Apr 2009 16:13:25 +0000 (12:13 -0400)]
Release 1.2.14
Eamon Walsh [Tue, 21 Apr 2009 23:11:22 +0000 (19:11 -0400)]
libselinux behavior in permissive mode wrt invalid domains
Stephen Smalley wrote:
> On Tue, 2009-04-21 at 16:32 -0400, Joshua Brindle wrote:
>
>> Stephen Smalley wrote:
>>
>>> On Thu, 2009-04-16 at 20:47 -0400, Eamon Walsh wrote:
>>>
>>>> Stephen Smalley wrote:
>>>>
>> <snip>
>>
>>
>>> No, I don't want to change the behavior upon context_to_sid calls in
>>> general, as we otherwise lose all context validity checking in
>>> permissive mode.
>>>
>>> I think I'd rather change compute_sid behavior to preclude the situation
>>> from arising in the first place, possibly altering the behavior in
>>> permissive mode upon an invalid context to fall back on the ssid
>>> (process) or the tsid (object). But I'm not entirely convinced any
>>> change is required here.
>>>
>>>
>> I just want to follow up to make sure we are all on the same page here. Was the
>> suggestion to change avc_has_perm in libselinux or context_to_sid in the kernel
>> or leave the code as is and fix the callers of avc_has_perm to correctly handle
>> error codes?
>>
>> I prefer the last approach because of Eamon's explanation, EINVAL is already
>> passed in errno to specify the context was invalid (and if object managers
>> aren't handling that correctly now there is a good chance they aren't handling
>> the ENOMEM case either).
>>
>
> I'd be inclined to change compute_sid (not context_to_sid) in the kernel
> to prevent invalid contexts from being formed even in permissive mode
> (scenario is a type transition where role is not authorized for the new
> type). That was originally to allow the system to boot in permissive
> mode. But an alternative would be to just stay in the caller's context
> (ssid) in that situation.
>
> Changing the callers of avc_has_perm() to handle EINVAL and/or ENOMEM
> may make sense, but that logic should not depend on enforcing vs.
> permissive mode.
>
>
FWIW, the following patch to D-Bus should help:
bfo21072 - Log SELinux denials better by checking errno for the cause
Note that this does not fully address the bug report since
EINVAL can still be returned in permissive mode. However the log
messages will now reflect the proper cause of the denial.
Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
Signed-off-by: Colin Walters <walters@verbum.org>