From cf059e4513fbf6106d71511a1cad25589f1a0d2a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ji=C5=99=C3=AD=20Klime=C5=A1?= <jklimes@redhat.com>
Date: Thu, 21 May 2015 12:25:45 +0200
Subject: [PATCH 1/2] dbus: increase 'max_replies_per_connection' limit in
 D-Bus configuration

D-Bus default limit of replies per connection has been lowered to 128 due to
CVE-2014-3638, see:
http://cgit.freedesktop.org/dbus/dbus/commit/?id=5bc7f9519ebc6117ba300c704794b36b87c2194b
https://bugs.freedesktop.org/show_bug.cgi?id=81053

The limit seems to be too low and causes problems in libnm-glib, that will not
return all NetworkManager connection profiles if there are too many of them
(roughly more than the limit). As a consequence, libnm-glib based clients will
not work properly.

Lets increase the limit in our D-Bus org.freedesktop.NetworkManager.conf
configuration as we had it before.

See also older commit d5b31d55fa1536a5bd08cf85929ac63a8f723467 that did the
opposite thing (removing the limit because the default D-Bus limit was 8192 at
that time).
---
 src/org.freedesktop.NetworkManager.conf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/org.freedesktop.NetworkManager.conf b/src/org.freedesktop.NetworkManager.conf
index bdfe3e6773..0f1019b90c 100644
--- a/src/org.freedesktop.NetworkManager.conf
+++ b/src/org.freedesktop.NetworkManager.conf
@@ -120,5 +120,7 @@
                 <deny send_interface="org.freedesktop.NetworkManager.VPN.Plugin"/>
                 <deny send_interface="org.freedesktop.NetworkManager.PPP"/>
         </policy>
+
+	<limit name="max_replies_per_connection">1024</limit>
 </busconfig>
 

From 84b3cb25b55be8a216d3173ca277dc399a50e6c2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ji=C5=99=C3=AD=20Klime=C5=A1?= <jklimes@redhat.com>
Date: Thu, 21 May 2015 13:04:58 +0200
Subject: [PATCH 2/2] libnm-glib: print a bold warning about reaching a D-Bus
 limit

This causes incorrect application behaviour, so libnm-glib should warn
at least.
---
 libnm-glib/nm-remote-settings.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/libnm-glib/nm-remote-settings.c b/libnm-glib/nm-remote-settings.c
index d5f4ca67f0..ba0aa47be6 100644
--- a/libnm-glib/nm-remote-settings.c
+++ b/libnm-glib/nm-remote-settings.c
@@ -469,6 +469,7 @@ connection_inited (GObject *source, GAsyncResult *result, gpointer user_data)
 	AddConnectionInfo *addinfo;
 	const char *path;
 	GError *error = NULL, *local;
+	static gboolean print_once = TRUE;
 
 	path = nm_connection_get_path (NM_CONNECTION (remote));
 	addinfo = add_connection_info_find (self, remote);
@@ -504,6 +505,14 @@ connection_inited (GObject *source, GAsyncResult *result, gpointer user_data)
 		if (!dbus_g_error_has_name (error, "org.freedesktop.NetworkManager.Settings.PermissionDenied"))
 			g_hash_table_remove (priv->pending, path);
 
+		if (print_once && error->code == DBUS_GERROR_LIMITS_EXCEEDED) {
+			g_printerr ("Warning: libnm-glib:%s(): a D-Bus limit exceeded: %s. The application might not work properly.\n"
+			            "Consider increasing max_replies_per_connection limit in /etc/dbus-1/system.d/org.freedesktop.NetworkManager.conf "
+			            "like <limit name=\"max_replies_per_connection\">2048</limit>",
+			            __func__, error->message);
+			print_once = FALSE;
+		}
+
 		g_error_free (error);
 	}