DBUS_SESSION_BUS_PID is not mandatory to set, but we should unset it
if present, since it points to a different session's bus. Likewise for
DBUS_SESSION_BUS_WINDOWID.
Similarly, if DBUS_STARTER_BUS_TYPE and DBUS_STARTER_ADDRESS
are set (as they would be under GNOME Terminal 3.8, see
<https://bugs.freedesktop.org/show_bug.cgi?id=63119>) then they
are likely to point to a different session's bus.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=39196
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Reviewed-by: Colin Walters <walters@verbum.org>
It's sufficiently portable that GLib has an equivalent, and I really
don't want to have to either open-code it in dbus-run-session or
link dbus-run-session statically. We have enough statically-linked
rubbish already.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=39196
Reviewed-by: Colin Walters <walters@verbum.org>
All mechs do authorization before answering OK/REJECT.
There is no reason to run a second round of authorization which will
return the same answer of the first time (when OK) or will never be
reched (if REJECTed).
Bug: http://bugs.freedesktop.org/show_bug.cgi?id=39720
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Those structs are for DBusTransport internal use, they should not be
referenced outside it.
The transport needs only to allocate memory on initialization and free
it on finalization.
The lifecycle for the two allocated structs is DBusTransport lifecycle
and at DBusTransport's finalization its connection is already
disconnected.
The assumption is that the transport owns a reference for any object the
two structs holds a reference for (particularly DBusConnection)
Bug: http://bugs.freedesktop.org/show_bug.cgi?id=39720
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Now that authorization is in SASL mechs, enable anonymous authorizations
when we are testing anonymous mechs functionality
Bug: http://bugs.freedesktop.org/show_bug.cgi?id=39720
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Also update the authentication script so that DBusAuthorization default
rules are used during testing.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=39720
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
In order to authorize/reject a connection in a polite way, instead of
cutting it off after authentication succeed and Hello() is
sent, because authorization failed, we need to factor out some
authorization bits from DBusTransport and pass them to DBusAuth.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=39720
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Historically, _dbus_transport_get_is_authenticated() has had the
side-effect of trying to advance the authentication state machine (if
there's enough buffered input to do so). This seems an inappropriate
activity for what looks like a simple getter.
Split it into _dbus_transport_try_to_authenticate (which does what it
always used to do) and _dbus_transport_peek_is_authenticated (which
is the simple getter version).
To minimize the difference in behaviour for the stable branch of D-Bus,
I've only used _dbus_transport_peek_is_authenticated where it was used
in an assertion, which should clearly not have side effects (and I've
checked that the asserting function cannot be called until both
authentication and authorization have completed). Replacing most of the
calls to get_is_authenticated with try_to_authenticate is a possible
piece of future work.
Based on patches from Cosimo Alfarano, who noticed this
assertion-with-side-effects.
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
https://bugs.freedesktop.org/show_bug.cgi?id=39720
Reviewed-by: Cosimo Alfarano <cosimo.alfarano@collabora.com>
It's currently not used, but it's safer to unset it and free user's
data for avoiding future head-aches
https://bugs.freedesktop.org/show_bug.cgi?id=39720
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
There are two errors in the sample service file.
First, a typo, Names should be Name.
Second, can not specify multiple names.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=66481
Signed-off-by: Chengwei Yang <chengwei.yang@intel.com>
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
These are only part of the DBus interface because dbus-daemon didn't
previously support multiple interfaces. I don't know enough about
either of these security frameworks to know what they return, but
perhaps one day someone who knows about Solaris or SELinux will tell
us...
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=54445
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
The initial set of credentials is just UnixUserID and ProcessID.
The rest can follow when someone is sufficiently interested to actually
test them.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=54445
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
[rename a function that Ralf found unclear -smcv]
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
On wine (tested with 1.5.6) the mentioned function could not be located in
iphlpapi.dll using LoadLibrary()/GetProcAddress(), which is the prefered
method to get a tcp peer pid on WinXP <= SP2.
To workaround this limitation we use GetExtendedTcpTable() first to get the peer pid.
If this fails (which happens at least on real WinXP SP2) we then use
AllocateAndGetTcpExTableFromStack() to get the pid.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=66060
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
This patch makes sure, that the process id is fetched only from localhost
client address connections fetched from the tcp table.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=66060
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
