Previously, we didn't consistently test parsing of every file in
valid-config-files-system/ everywhere that we tested valid-config-files/.
We now test it on Unix.
The system bus is not supported on Windows, so we do not test
valid-config-files-system/ there.
valid-config-files/many-rules.conf contains <user> and <group> rules
which are not applicable to Windows. Copy the original many-rules.conf
to valid-config-files-system/ so that it will be tested on Unix, and
remove the non-portable rules from valid-config-files/many-rules.conf.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92721
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
[rh:base patch came from Simon]
This includes most of the situations I could think of:
* method call on dbus-daemon and response
* NameOwnerChanged
* NameAcquired, NameLost (although I'm not 100% sure these should
get captured, since they're redundant with NameOwnerChanged)
* unicast message is allowed through
* unicast message is rejected by no-sending or no-receiving policy
* broadcast is allowed through
* broadcast is rejected by no-sending policy (the error reply
is also captured)
* broadcast is rejected by no-receiving policy (there is no error
reply)
* message causing service activation, and the message telling systemd
to do the actual activation
* systemd reporting that activation failed
It does not cover:
* sending a message to dbus-daemon, then provoking a reply, then
dbus-daemon does not allow itself to send the reply due to its
own security policy
This is such an obscure corner case that I'm not even convinced it's
testable without dropping down into lower-level socket manipulation:
dbus-daemon's replies are always assumed to be requested replies,
and replies contain so little other metadata that I think we can
only forbid them by forbidding all method replies. If we do that,
the reply to Hello() won't arrive and the client-side connection will
not become active.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=46787
Reviewed-by: Philip Withnall <philip.withnall@collabora.co.uk>
As an implementation detail, dbus-daemon handles this situation by
artificially triggering a timeout (even if its configured timeout for
method calls is in fact infinite). However, using the same debug message
for both is misleading, and can lead people who are debugging a service
crash to blame dbus-daemon instead, wasting their time.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=76112
Now that authorization is in SASL mechs, enable anonymous authorizations
when we are testing anonymous mechs functionality
Bug: http://bugs.freedesktop.org/show_bug.cgi?id=39720
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
In Unix, the tests listened on both debug-pipe (which is a socketpair,
or a TCP emulation of socketpair on Windows) and a Unix socket.
In the Windows port, the tests were hard-coded to listen on a particular
port, which allowed the dispatch test to connect to that port, as long
as no two tests ran simultaneously (which I don't think was ever guaranteed -
make -j can violate this). That's valid out-of-process, and also
fully-specified, so they only needed one <listen> directive, so the
CMake input only had one.
To make the tests work under CMake on Unix, there was a hack: the string
substituted for the content of the <listen> directive contained
</listen><listen> to get the other address in, which is pretty nasty.
Instead of doing that, I've made both build systems, on both Unix and
Windows, use both debug-pipe and a more normal transport (Unix or TCP).
debug-pipe has a Windows implementation and it's used in
dbus-spawn-win.c, so it'd better work. The use of debug-pipe is now
hard-coded rather than being a configure parameter (there's no reason
to vary it in different builds), and I used TEST_LISTEN as the name of the
Unix/TCP address, because it's a "vague" address (no specific Unix path, no
TCP port), that you can listen on but not connect to.
This in turn means that we can merge the Autoconf .in and CMake .cmake
files, similar to Bug #41033.
You might wonder why I've kept debug-pipe. I did try to get rid of it, but
it turns out that the tests in dispatch.c rely on
dbus_connection_open_private() not blocking, and normal socket
connections block on connect(). Until we fix that by adding an async
version of dbus_connection_open_private(), it won't be safe to have a
test like dispatch.c that "talks to itself", unless it uses a transport
as trivial as debug-pipe in which neither end has to block on the other.
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=41222
Also use EXEEXT in all the service files, even in the automake build
system.
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=41222
The number of messages is arbitrary; the more messages, the more likely
the crash is. 2000 messages seem to cause it reliably on this laptop,
but I've set it to 10000 to be safe.
Reviewed-by: Colin Walters <walters@verbum.org>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=34393
The excellently-titled commit 197bef8 “Fix test failures on OSX.” broke
the tests on Linux, since there's no wheel group on this side of the
tracks. So here's a group everyone should enjoy.
(If anyone comes along and tells me that DragonflyBSD doesn't have
'nogroup' …)
Recent test configuration files contains 'unix:...'
bus adresses which do not work on windows.
For cross plattform usable test files the whole
listen tag entry has to be set by the build system,
which is available with a new build system variable
named TEST_LISTEN.
To have the client client side definition in sync,
TEST_CONNECTION has been moved from c file into cmake
build system.
A variety of system components have migrated from legacy init into DBus
service activation. Many of these system components "daemonize", which
involves forking. The DBus activation system treated an exit as an
activation failure, assuming that the child process which grabbed the
DBus name didn't run first.
While we're in here, also differentiate in this code path between the
servicehelper (system) versus direct activation (session) paths. In
the session activation path our error message mentioned a helper
process which was confusing, since none was involved.
Based on a patch and debugging research from Ray Strode <rstrode@redhat.com>
* test/data/valid-service-files/org.freedesktop.DBus.TestSuite.PrivServer.service.in:
New service file for PrivServer.
* configure.in: Generate it.
* test/name-test/Makefile.am: Build test-privserver and
test-privserver-client.
* test/name-test/test-privserver.c: Use DBusServer to
serve a private connection.
* test/name-test/test-privserver-client.c: Connect
via session bus and get address of private server,
exercise dbus_shutdown().
* test/name-test/run-test.sh: Run it.
2007-09-13 Ryan Lortie <desrt@desrt.ca>
migrate from cvs to git (cvs2svn -> git-svnimport).
* HACKING: update release/branch/tag instructions
* */.cvsignore: rename to .gitignore
also, clean up tags and branch names to conform to HACKING
* dbus/dbus-string.c (_dbus_string_pop_line): fix this not to
think an empty line is the end of the file.
Also, fix some whitespace.
* dbus/dbus-string-util.c: add more tests for
_dbus_string_pop_line() revealing that it thinks an empty line is
the end of the file, which broke dbus-auth-script.c so
it didn't really run the scripts
* dbus/dbus-auth.c: add ANONYMOUS mechanism
* dbus/dbus-auth-script.c (_dbus_auth_script_run): fix to detect
an empty/no-op auth script; add commands to check that we have or
don't have the expected credentials
* bus/config-parser.c: add the standard_session_servicedirs element
to the parser
(bus_config_parser_content): process the standard_session_servicedirs
element by getting the standard directories from sysdeps and merging
them into the service directory list
(test_default_session_servicedirs): make sure we get what we expect
* bus/session.conf.in: replace the servicedir tag with the
standard_session_servicedirs tag
* dbus/dbus-list.h: remove the typedef of DBusList and place it in
dbus-sysdeps.h to avoid circular header dependencies
* dbus/dbus-sysdeps.h: add the typedef of DBusList
* dbus/dbus-sysdeps-unix.c (split_paths_and_append): utility function
which takes a string of directories delimited by colons, parses them
out, appends a suffix and puts them in a list ignoring empty elements
(_dbus_get_standard_session_servicedirs): returns the standard
directories for a session bus to look for service activation files
on Unix which includes the XDG_DATA_HOME, XDG_DATA_DIRS and
DBUS_DATADIR directories
* test/data/valid-config-files/many-rules.conf: add the
standard_session_servicedirs tag to the valid config file tests
* python/dbus_bindings.pyx (String, MessageIter): make D-Bus strings
derive from unicode instead of str, and encode/decode UTF-8 when
marshalling/unmarshalling bus messages
* python/introspect_parser.py: encode introspection data as UTF-8
before passing the buffer into libxml2
* test/python/test-client.py: add unicode test strings
* test/data/valid-service-files/.cvsignore, test/python/.cvsignore:
ignore generated python test files
* test/data/auth/fallback.auth-script: we don't
retry the EXTERNAL method when we know its going
to fail anymore.
2005-09-11 Mark McLoughlin <mark@skynet.ie>
* dbus/dbus-connection-internal.h: rename
(add|remove|toggle)_(watch|timeout) to unlocked()
* dbus/dbus-connection.c: ditto.
* dbus/dbus-timeout.c, dbus/dbus-transport-unix.c:
Update some callers for the renaming.
2005-09-10 Mark McLoughlin <mark@skynet.ie>
* dbus/dbus-auth.c: (record_mechanisms): don't
retry the first auth mechanism because we know
we're just going to get rejected again.
* dbus/dbus-keyring.c: (_dbus_keyring_reload):
Fix thinko ... and what a nasty little bugger to
track down you were ...
* dbus/dbus-connection.c:
(_dbus_connection_add_watch),
(_dbus_connection_remove_watch): add note about
these needing the connection to be locked.
(_dbus_connection_get_dispatch_status_unlocked):
set status to DATA_REMAINS when we queue the
disconnected message.
* bus/dispatch.c:
(bus_dispatch): fix warning.
(check_existent_service_no_auto_start):
Expect ChildSignaled error too.
(check_existent_hello_from_self): fix another
couple of warnings.
2005-07-14 John (J5) Palmieri <johnp@redhat.com>
* bus/activation.c: clean up all tabs to be 8 spaces
(bus_activation_activate_service): make sure we clean up
if activation fails
* bus/dispatch.c: clean up all tabs to be 8 spaces
(check_shell_fail_service_auto_start): New function
tests to make sure we get fail properly when trying to auto start a service
with a faulty command line
(check_shell_service_success_auto_start): New function tests to make sure
auto started services get the arguments on the command line
* test/test-shell-service.c: Added service for testing auto-starting with
command line arguments
* test/data/valid-service-files/debug-shell-echo-fail.service.in,
test/data/valid-service-files/debug-shell-echo-success.service.in:
Added service files for testing auto-starting with command line arguments
* */.cvsignore: added a bunch of generated files to various .cvsignore files
2005-07-14 Rodrigo Moya <rodrigo@novell.com>
* dbus/dbus-shell.[ch]: copy/pasted code from GLib.
* dbus/Makefile.am: added new files to build.
* bus/activation.c (bus_activation_activate_service): support
activation commands with parameters.
* test/shell-test.c: added test program for the shell parsing
code.
* configure.in (LT_*): add notes on how the libtool versioning
works to save thinking. Increment soname to indicate protocol
breakage (though really the library interface hasn't changed I
guess)
* dbus/dbus-transport.c (_dbus_transport_get_is_authenticated):
verify the GUID received from server matches what we were
expecting, if we had an expectation
* dbus/dbus-auth.c (send_ok): send GUID along with the OK command
(_dbus_auth_get_guid_from_server): new function
(send_begin): parse the OK args
* doc/dbus-specification.xml: add GUID to the auth protocol
* glib/Makefile.am: Generate dbus-glib-bindings.h and
install it.
* bus/print-introspect.c: New file; prints introspection
data for a given name and object path.
* bus/run-with-tmp-session-bus.sh: New file, refactored
from test/glib/run-test.sh. Creates a temporary session
bus and runs another program.
* test/glib/run-test.sh: Refactor to invoke
run-with-tmp-session-bus.sh.
* bus/driver.c (bus_driver_handle_introspect): Fix to print new
introspection format. Also change to use DBUS_TYPE_x_AS_STRING
macros instead of hardcoding.
* glib/.cvsignore, bus/.cvsignore, test/glib/.cvsignore: Update.
* dbus/dbus-protocol.h (DBUS_SERVICE_ORG_FREEDESKTOP_DBUS):
Rename to DBUS_SERVICE_DBUS.
(DBUS_PATH_ORG_FREEDESKTOP_DBUS): Rename to DBUS_PATH_DBUS.
(DBUS_PATH_ORG_FREEDESKTOP_LOCAL): Rename to DBUS_PATH_LOCAL.
(DBUS_INTERFACE_ORG_FREEDESKTOP_DBUS): Rename to DBUS_INTERFACE_DBUS.
(DBUS_INTERFACE_ORG_FREEDESKTOP_INTROSPECTABLE): Rename to
DBUS_INTERFACE_INTROSPECTABLE.
(DBUS_INTERFACE_ORG_FREEDESKTOP_PROPERTIES): Rename to
DBUS_INTERFACE_PROPERTIES.
(DBUS_INTERFACE_ORG_FREEDESKTOP_PEER): Rename to
DBUS_INTERFACE_PEER.
(DBUS_INTERFACE_ORG_FREEDESKTOP_LOCAL):
DBUS_INTERFACE_LOCAL.
All other users of those constants have been changed.
* bus/driver.c (bus_driver_handle_introspect): Use constants.
* glib/dbus-gobject.c (handle_introspect): Use constants.
* doc/dbus-faq.xml, doc/dbus-specification.xml: Update for rename.
* Throughout, grand renaming to strip out the use of "service",
just say "name" instead (or "bus name" when ambiguous). Did not
change the internal code of the message bus itself, only the
programmer-facing API and messages.
* doc/dbus-specification.xml: further update the message bus section
* bus/config-parser.c (all_are_equiv): fix bug using freed string
in error case
* bus/selinux.h: Add bus_selinux_enabled.
* bus/selinux.c (bus_selinux_enabled): Implement it.
* bus/config-parser.c (struct include): Add
if_selinux_enabled member.
(start_busconfig_child): Parse if_selinux_enabled
attribute for include.
(bus_config_parser_content): Handle it.
* bus/session.conf.in, bus/system.conf.in: Add
inclusion of context mapping to default config files;
conditional on SELinux being enabled.
* doc/busconfig.dtd: Add to if_selinux_enabled to default DTD.
* test/data/invalid-config-files/badselinux-1.conf,
test/data/invalid-config-files/badselinux-2.conf:
Test files for bad syntax.
* bus/dbus-daemon-1.1.in:
* test/data/valid-config-files/many-rules.conf: set the
max_match_rules_per_connection limt from the config file.
* doc/busconfig.dtd: update the DTD.
* bus/driver.c: remove some unused variables.
SELinux support from Matthew Rickard <mjricka@epoch.ncsc.mil>
* bus/selinux.c, bus/selinux.h: new file encapsulating selinux
functionality
* configure.in: add --enable-selinux
* bus/policy.c (bus_policy_merge): add FIXME to a comment
* bus/main.c (main): initialize and shut down selinux
* bus/connection.c: store SELinux ID on each connection, to avoid
repeated getting of the string context and converting it into
an ID
* bus/bus.c (bus_context_get_policy): new accessor, though it
isn't used
(bus_context_check_security_policy): check whether the security
context of sender connection can send to the security context of
recipient connection
* bus/config-parser.c: add parsing for <selinux> and <associate>
* dbus/dbus-transport.c (_dbus_transport_get_unix_fd): to
implement dbus_connection_get_unix_fd()
* dbus/dbus-connection.c (dbus_connection_get_unix_fd): new
function, used by the selinux stuff
backend for config file loader. Doesn't work with full OOM test yet.
* configure.in: change error when selecting libxml into a warning.
* test/data/invalid-config-files: add two non-well-formed XML files.
* glib/Makefile.am: libdbus_gtool always uses expat, not libxml.
* dbus/dbus-transport-unix.c (unix_handle_watch): do not disconnect in
case of DBUS_WATCH_HANGUP, several do_reading() may be necessary to
read all the buffer. (bug #894)
* bus/activation.c (bus_activation_activate_service): fix a potential
assertion failure (bug #896). Small optimization in the case of
auto-activation messages.
* dbus/dbus-message.c (verify_test_message, _dbus_message_test): add
test case for byte-through-vararg bug (#901). patch by Kimmo
Hämäläinen.
* dbus/dbus-message-builder.c (_dbus_message_data_load): append
random signature when using REQUIRED_FIELDS (this hack won't work
in the long term)
* dbus/dbus-message.c: change the signature to be a header field,
instead of message->signature special-case string. Incremental
step forward. Then we can fix up code to send the signature in the
message, then fix up code to validate said signature, then fix up
code to not put the typecodes inline, etc.
(load_one_message): don't make up the signature after the fact
(decode_header_data): require signature field for the known
message types
* dbus/dbus-marshal.c (_dbus_marshal_string_len): new
* dbus/dbus-protocol.h: add DBUS_HEADER_FIELD_SIGNATURE
* dbus/dbus-auth.c: Rewrite auth protocol handling to use a state
machine approach. A state is implemented as a function that
handles incoming events as specified for that state.
* doc/dbus-specification.xml: Update auth protocol state machine
specification to match implementation. Remove some leftover
base64 examples.
* glib/dbus-gidl.c (method_info_add_arg): keep args sorted with
"in" before "out"
* glib/dbus-gobject.c (dbus_type_to_string): move to dbus-gutils.c
* glib/dbus-glib-tool.c (main): set up to have a --self-test
option that runs the tests, and start filling in some code
including for starters just dumping the interfaces to stdout
* glib/Makefile.am (INCLUDES): define DBUS_LOCALEDIR
* test/data/valid-introspection-files/lots-of-types.xml: test of
an example introspection file
* glib/dbus-gparser.c (parser_check_doctype): doctype should be
"node" (I think...)
filter against auth->allowed_mechs; we only add allowed mechs in
record_mechanisms().
* dbus/dbus-auth-script.c (_dbus_auth_script_run): Add an
ALLOWED_MECHS to auth-script format so we can set the list of
allowed mechanisms.
* data/auth/client-out-of-mechanisms.auth-script: New test to
check client disconnects when it is out of mechanisms to try.
* dbus/dbus-auth.c (process_command): Remove check for lines
longer that 1 MB; we only buffer up maximum 16 kB.
* dbus/dbus-transport.c, dbus/dbus-transport-unix.c,
dbus/dbus-auth-script.c, dbus/dbus-auth.c, dbus/dbus-auth.h:
Remove auth state AUTHENTICATED_WITH_UNUSED_BYTES, instead always
assume there might be unused bytes.
* dbus/dbus-auth.c (_dbus_auth_do_work): Remove check for
client-out-of-mechs, it is handled in process_reject(). Move check
for max failures to send_rejected(), as it's a server-only thing.
Remove base64 encoding, replace with hex encoding. Original patch
from trow@ximian.com, added error handling.
* dbus/dbus-string.c (_dbus_string_base64_encode)
(_dbus_string_base64_decode): Remove.
(_dbus_string_hex_decode): Add end_return argument so we can
distinguish between OOM and invalid hex encoding.
(_dbus_string_test): Remove base64 tests and add test case for
invalid hex.
* dbus/dbus-keyring.c, dbus/dbus-auth-script.c, dbus/dbus-auth.c:
Replace base64 with hex.
* test/data/auth/invalid-hex-encoding.auth-script: New test case
for invalid hex encoded data in auth protocol.
