A DBusString that was initialized with a constant doesn't hold any
allocated memory, so it doesn't need to be freed.
Reviewed-by: Simon McVittie <smcv@collabora.com>
https://bugs.freedesktop.org/show_bug.cgi?id=61922
Now that we cope with getting WSAEADDRNOTAVAIL when trying to listen on
::1 with IPv6 disabled, and gracefully fall back to only listening on
127.0.0.1, we can use AF_UNSPEC like the corresponding Unix code does.
Reviewed-by: Simon McVittie <smcv@collabora.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61922
Previously, we took the errno from the most recent connect() error,
and used a more generic diagnostic message.
Reviewed-by: Simon McVittie <smcv@collabora.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61922
Previously, we took the errno from the most recent connect() error,
and used a more generic diagnostic message.
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Signed-off-by: Simon McVittie <smcv@collabora.com>
https://bugs.freedesktop.org/show_bug.cgi?id=61922
This will make it easier to do single-exit-path cleanup.
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Signed-off-by: Simon McVittie <smcv@collabora.com>
https://bugs.freedesktop.org/show_bug.cgi?id=61922
When we use AF_UNSPEC, we are likely to get multiple addresses back
from getaddrinfo(), and perhaps we won't be able to use them all.
Give that failure mode, or any other bind() failure, the same treatment
as EADDRINUSE failures here and all connect() failures in
_dbus_connect_tcp_socket_with_nonce(): if any address succeeds, then
the overall operation succeeds, but if all of them fail, then the
overall operation fails.
I've made _dbus_combine_tcp_errors() generic enough that
_dbus_connect_tcp_socket_with_nonce() could use it too, although that
isn't implemented here.
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
[smcv: Adjust commit message]
Signed-off-by: Simon McVittie <smcv@collabora.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61922
When we have resolved a hostname/port pair to a list of IPv4 or IPv6
addresses, if we are unable to listen on a a specific one of those
addresses, we should report which one.
When IPv6 is disabled for the loopback interface, this changes the
diagnostic from:
Failed to bind socket "localhost:1234": Cannot assign requested address
to the more informative
Failed to bind socket "::1" port 1234: Cannot assign requested address
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61922
This will give us the RFC-2553 inet_ntop() interface.
Windows Vista extended security support ended in 2017, but we don't
actually need anything from versions newer than Vista yet.
Loosely based on part of a patch by Ralf Habacker.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61922
Some libdbus functions have as their API "this function sets errno",
but that just leads to strangeness on Windows, where socket (Winsock)
functions don't actually set errno themselves, leading to those
functions having to copy the Winsock error into errno to fake the
Unix-like behaviour. With hindsight, that was probably a bad idea.
This function should be portable enough to be used with functions that
are essentially the same on Unix and Windows, like inet_ntop().
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61922
If what actually failed was reading the address from the socket,
we might as well say so.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61922
In the current implementation, we can reach the "err" label either
because we ran out of memory, or because we got a socket error from
getsockname() or inet_ntop(), and we blindly assume that running out
of memory will set ENOMEM.
However, that isn't actually true: when we are simulating OOM in
dbus_malloc(), the fake OOM doesn't set ENOMEM. Handle the OOM
condition explicitly instead.
In the AF_UNIX case, the break statement is no longer reached at all,
so leave a comment there. In the AF_INET and AF_INET6 cases, if
inet_ntop() fails, explicitly goto err instead of using break
(this has the same practical effect) to make it clearer that we are
going to the "socket error" code path.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61922
It only has the most important credentials, not the full set.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=103737
This saves a couple of _dbus_strdup/dbus_free pairs.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=103737
If we avoid consulting the userdb, then it's one less chance to
deadlock.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=103737
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Not to be confused with _dbus_credentials_clear(), which does something
different (this is a little unfortunate, but the fact that they take
different types should clarify which is which).
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=103737
It can't actually matter in practice, because we never know the
Unix uid and Unix groups but not pid, and we never have a Windows SID
and also a Linux security label; but resetting join to FALSE can only
ever result in us outputting something like "foo=123bar=456" instead
of the intended form with a space in the middle.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=103737
We have a lot of dbus_connection_get_foo() and
_dbus_transport_get_foo() that are actually rather redundant.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=103737
This gives us feature parity with the Autotools build system for this
particular area, and in particular means a system dbus-daemon built
with cmake can expand its fd limit.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=105165
Startup ordering was changed in #92832 to ensure that SELinux audit
messages could be sent. As a side effect, the raising of file descriptor
limits was moved to after the dropping of root privileges, resulting in
the limit change always failing.
Move the raise_file_descriptor_limit() call to ensure that it is called
before dropping root privileges.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=105165
Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1529044
[smcv: Call raise_file_descriptor_limit() even if !context->user]
Reviewed-by: Simon McVittie <smcv@collabora.com>
In the bus daemon, don't pass through the container instance path:
if there's any value here at all, we want to be able to guarantee that
we sent it (in a later commit).
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=101899
We'll need this if we want to stamp optional header fields on the
message according to the preferences of the recipient(s).
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=101899
