* bus/bus.c: (process_config_first_time_only),
(process_config_every_time), (bus_context_unref),
(bus_context_get_servicehelper):
* bus/bus.h:
Add the concept of a service-helper and allow it's value to be read.
* doc/dbus-specification.xml: document org.freedesktop.DBus.GetId()
* bus/driver.c (bus_driver_handle_get_id): implement org.freedesktop.DBus.GetId()
* bus/bus.c (bus_context_new): generate a unique ID for each bus context
* dbus/dbus-connection.c (dbus_connection_get_server_id): new function
* dbus/dbus-bus.c (dbus_bus_get_id): new function
* dbus/dbus-server.c (dbus_server_get_id): new function
* bus/policy.c (bus_policy_create_client_policy): gracefully
continue if the connection has no unix user - just don't apply
any unix user dependent rules.
* bus/config-parser.c: remove dbus-userdb.h usage
* bus/bus.c: remove dbus-userdb.h usage
* dbus/dbus-transport.c (_dbus_transport_get_is_authenticated):
support Windows user function; also, fix the logic for checking
auth as root in the default auth code (broken in the previous
commit)
* dbus/dbus-connection.c
(dbus_connection_set_windows_user_function): new function
(dbus_connection_get_windows_user): new function
* tools/dbus-launch.c (do_close_stderr): fix C89 problem and
formatting problem
* Mostly fix the DBusPipe mess.
- put line break after function return types
- put space before parens
- do not pass structs around by value
- don't use dbus_strerror after calling supposedly cross-platform
api
- don't name pipe variables "fd"
- abstract special fd numbers like -1 and 1
Makefile list
* dbus/dbus-shared.h (#define DBUS_NAME_FLAG_ALLOW_REPLACEMENT):
New flag which replaces DBUS_NAME_FLAG_PROHIBIT_REPLACEMENT
(#define DBUS_NAME_FLAG_DO_NOT_QUEUE): New flag for specifying
not to queue an ower if it can't be the primary owner
* bus/bus.h: Add new internal BusOwner struct
* bus/driver.c (bus_driver_handle_hello): Send flags (0 for default)
to bus_registry_ensure and don't set the prohibit_replacement flag
since they are now set per BusOwner and not per name.
(bus_driver_handle_list_queued_owners): bus method (ListQueuedOwners)
that returns the list of connections in a name's connection queue
* bus/services.c (struct BusService): remove prohibit_replacement field
(struct BusOwner): new struct for keeping track of queued connections
and their associated flags for the queue
(struct BusRegistry): add a BusOwner memory pool
(bus_registry_new): initialize the BusOwner memory pool
(bus_registry_unref): free the BusOwner memory pool
(_bus_service_find_owner_link): new internal method for
searching the queue for a specific connection
(bus_owner_set_flags): new method for adding setting the flags on a
bus owner
(bus_owner_new): new method that creates a BusOwner object from the
pool and sets its flags
(bus_owner_ref, bus_owner_unref): ref counting for BusOwner objects
(bus_registry_ensure): Add the flags parameter
(bus_registry_acquire_service): Switch from using raw connections to
using the BusOwner struct
Add new state machine for dealing with the new set of flags
(bus_registry_set_service_context_table, struct OwnershipCancelData,
cancel_ownership, free_ownership_cancel_data,
add_cancel_ownership_to_transaction, struct OwnershipRestoreData,
restore_ownership, free_ownership_restore_data,
add_restore_ownership_to_transaction): Switch to using BusOwner
instead of raw connections
(bus_service_add_owner): Add flags parameter
Switch to using BusOwner instead of raw connections
Add state machine for dealing with the new set of flags
(bus_service_swap_owner): Swaps the first and second owners in the
queue. Used to make sure proper signals are sent when a service looses
or gains primary ownership. We never insert an owner at the top of the
queue. Instead we insert it in the second position and then swap.
(bus_service_remove_owner): Remove the owner from the queue sending
out the NameLost and NameOwnerChanged signals if the we were the
primary owner
(bus_service_get_primary_owners_connection): New method that extracts
the connection from the primary owner
(bus_service_get_primary_owner): Returns the BusOwner instead of the
connection
(bus_service_get_allow_replacement): Changed from the old
bus_service_get_prohibit_replacement method. Checks the flags of the
primary owner and returns if it can be replaced or not
(bus_service_set_prohibit_replacement): removed
(bus_service_has_owner): returns TRUE if and owner with
the specified connection exists in the queue
* dbus/dbus-bus.c (dbus_bus_connection_get_unique_name): New helper
method that only compiles if tests are enabled. Allows us to get the
unique name of a connection so we can check it against the queue when
doing regression tests
* bus/activation.c (bus_activation_send_pending_auto_activate),
bus/dispatch.c (bus_dispatch),
bus/driver.c (bus_driver_handle_get_service_owner,
bus_driver_handle_get_connection_unix_user,
bus_driver_handle_get_connection_unix_process_id,
bus_driver_handle_get_connection_selinux_security_context),
bus/signals.c (connection_is_primary_owner):
use bus_service_get_primary_owners_connection instead of
bus_service_get_primary_owner
* dbus/dbus-sysdeps.c (_dbus_connect_unix_socket,
_dbus_listen_unix_socket): Calculate the length of the socket
path and use that instead of using a fixed length which was
causing socket names to contain many trailing Nul bytes.
* dbus/dbus-glib-lowlevel.h, glib/dbus-gobject.c
(dbus_g_method_get_sender): New method for extracting the sender
from a DBusGMethodInvocation
(dbus_g_method_return_get_reply): changed name to
dbus_g_method_get_reply
(dbus_g_method_return_send_reply): changed name to
dbus_g_method_send reply
* doc/dbus-specification.xml: New docs that describe how the new
queueing system works and talks about the changes to the how
we specify socket names
* glib/examples/example-service.c,
glib/examples/example-signal-emitter.c,
glib/examples/statemachine/statemachine-server.c:
Changed the RequestName flags to the new system
* test/name-test/ (test-names.c, run-test.sh, Makefile.am): New
regression test suite for testing various states of the new
queueing system
SELinux support from Matthew Rickard <mjricka@epoch.ncsc.mil>
* bus/selinux.c, bus/selinux.h: new file encapsulating selinux
functionality
* configure.in: add --enable-selinux
* bus/policy.c (bus_policy_merge): add FIXME to a comment
* bus/main.c (main): initialize and shut down selinux
* bus/connection.c: store SELinux ID on each connection, to avoid
repeated getting of the string context and converting it into
an ID
* bus/bus.c (bus_context_get_policy): new accessor, though it
isn't used
(bus_context_check_security_policy): check whether the security
context of sender connection can send to the security context of
recipient connection
* bus/config-parser.c: add parsing for <selinux> and <associate>
* dbus/dbus-transport.c (_dbus_transport_get_unix_fd): to
implement dbus_connection_get_unix_fd()
* dbus/dbus-connection.c (dbus_connection_get_unix_fd): new
function, used by the selinux stuff
* bus/main.c (signal_handler): Reload the configuration files
on SIGHUP.
(main): Set up our SIGHUP handler.
* bus/bus.c (struct BusContext): Store the config file, user and
fork flag in the BusContext.
(process_config_first_time_only): Added. Contains the code
(previously in bus_context_new) for setting up the BusContext from
the BusConfigParser that should only be run the first time the
config files are read.
(process_config_every_time): Added. Contains the code (previously
in bus_context_new) for setting up the BusContext from the
BusConfigParser that should be run every time the config files are
read.
(load_config): Added. Builds a BusConfigParser from the config
files and passes the resulting structure off to
process_config_first_time_only (assuming this is the first time)
and process_config_every_time.
(bus_context_new): All of the config-related code has been moved
to process_config_first_time_only and process_config_every_time.
Now this function just does the non-config-related initializations
and calls load_config.
(bus_context_reload_config): Added.
* bus/connection.c: implement pending reply tracking using
BusExpireList
* bus/bus.c (bus_context_check_security_policy): verify that a
reply is pending in order to allow a reply to be sent. Deny
messages of unknown type.
* bus/dbus-daemon-1.1.in: update to mention new resource limits
* bus/bus.c (bus_context_get_max_replies_per_connection): new
(bus_context_get_reply_timeout): new
Get matching rules mostly working in the bus; only actually
parsing the rule text remains. However, the client side of
"signal connections" hasn't been started, this patch is only the
bus side.
* dbus/dispatch.c: fix for the matching rules changes
* bus/driver.c (bus_driver_handle_remove_match)
(bus_driver_handle_add_match): send an ack reply from these
method calls
* glib/dbus-gproxy.c (dbus_gproxy_begin_call): fix order of
arguments, reported by Seth Nickell
* bus/config-parser.c (append_rule_from_element): support
eavesdrop=true|false attribute on policies so match rules
can be prevented from snooping on the system bus.
* bus/dbus-daemon-1.1.in: consistently use terminology "sender"
and "destination" in attribute names; fix some docs bugs;
add eavesdrop=true|false attribute
* bus/driver.c (bus_driver_handle_add_match)
(bus_driver_handle_remove_match): handle AddMatch, RemoveMatch
messages
* dbus/dbus-protocol.h (DBUS_SERVICE_ORG_FREEDESKTOP_BROADCAST): get
rid of broadcast service concept, signals are just always broadcast
* bus/signals.c, bus/dispatch.c, bus/connection.c, bus/bus.c:
mostly implement matching rules stuff (currently only exposed as signal
connections)
Unbreak my code...
* dbus/dbus-transport.c (_dbus_transport_get_dispatch_status):
report correct status if we finish processing authentication
inside this function.
* bus/activation.c (try_send_activation_failure): use
bus_transaction_send_error_reply
* bus/connection.c (bus_connection_get_groups): return an error
explaining the problem
* bus/bus.c (bus_context_check_security_policy): implement
restriction here that inactive connections can only send the
hello message. Also, allow bus driver to send anything to
any recipient.
* bus/connection.c (bus_connection_complete): create the
BusClientPolicy here instead of on-demand.
(bus_connection_get_policy): don't return an error
* dbus/dbus-message.c (dbus_message_new_error_reply): allow NULL
sender field in message being replied to
* bus/bus.c (bus_context_check_security_policy): fix silly typo
causing it to return FALSE always
* bus/policy.c (bus_client_policy_check_can_send): fix bug where
we checked sender rather than destination
test suite is slightly hosed at the moment, will fix soon
* bus/connection.c (bus_connections_expire_incomplete): fix to
properly disable the timeout when required
(bus_connection_set_name): check whether we can remove incomplete
connections timeout after we complete each connection.
* dbus/dbus-mainloop.c (check_timeout): fix this up a bit,
probably still broken.
* bus/services.c (bus_registry_acquire_service): implement max
number of services owned, and honor allow/deny rules on which
services a connection can own.
* bus/connection.c (bus_connection_get_policy): report errors here
* bus/activation.c: implement limit on number of pending
activations
* test/data/valid-config-files/basic.conf: add <limit> tags to
this test
* bus/config-parser.h, bus/config-parser.c, bus/bus.c: Implement
<limit> tag in configuration file.
* bus/driver.c (bus_driver_handle_hello): check limits and
return an error if they are exceeded.
* bus/connection.c: maintain separate lists of active and inactive
connections, and a count of each. Maintain count of completed
connections per user. Implement code to check connection limits.
* dbus/dbus-list.c (_dbus_list_unlink): export
* bus/bus.c (bus_context_check_security_policy): enforce a maximum
number of bytes in the message queue for a connection
* bus/bus.c: create and keep around a shared DBusUserDatabase
object.
* bus/connection.c (bus_connection_get_groups): don't cache
groups for user in the connection object, since user database
object now does that.
* dbus/dbus-mainloop.c: fix some reentrancy issues by refcounting
callbacks
* test/data/valid-config-files/debug-allow-all.conf.in: allow all
users
* dbus/dbus-transport.c (_dbus_transport_get_dispatch_status):
fix to only recover unused bytes if we're already authenticated
(_dbus_transport_get_is_authenticated): fix to still mark us
authenticated if there are unused bytes.
* bus/dispatch.c: implement security policy checking
* bus/connection.c (bus_transaction_send_from_driver): new
* bus/bus.c (bus_context_check_security_policy): new
* bus/dispatch.c (send_service_nonexistent_error): delete this,
now we just set the DBusError and it gets converted to an error
reply.
* bus/connection.c (allow_user_function): enable code using actual
data from the config file
* bus/policy.c (list_allows_user): handle wildcard rules for
user/group connection perms
* bus/policy.h: change BusPolicy to be the thing from the config
file, and rename old BusPolicy to BusClientPolicy
* bus/bus.c, bus/connection.c, bus/config-parser.c: change to
match change in how policy works
* dbus/dbus-internals.h: mark assert_not_reached as
__attribute((noreturn))__
* dbus/Makefile.am: split lists of sources into stuff that goes in
the library, util functions that go in the lib and are also used
elsewhere, and util functions that are used in tests/daemon but
don't go in the lib.
* dbus/dbus-mainloop.h, dbus/dbus-mainloop.c: move bus/loop.[hc]
here so it can be used in test binaries also
* bus/bus.c (bus_context_new): print the address in here, rather
than in main(), because we need to do it before forking the daemon
* bus/dispatch.c (send_service_nonexistent_error): set the sender
on the service nonexistent error
* bus/driver.c (bus_driver_handle_acquire_service): set the
sender on the AcquireService reply
* test/data/valid-config-files/debug-allow-all.conf.in: Make test
server also listen on a UNIX socket so services can connect to it.
* bus/bus.c (bus_context_new): fix wrong handling of
server_data_slot_unref() in the error case.
* dbus/dbus-internals.h (_dbus_assert): change so it passes
"(condition) != 0" to _dbus_real_assert so that
"_dbus_assert (pointer)" doesn't cause a warning
* bus/main.c (main): accept --print-address option to print out
the message bus address
* dbus/dbus-sysdeps.c (_dbus_generate_random_ascii): export this
* dbus/dbus-transport.c (_dbus_transport_open): special error for
"tmpdir" option to unix: address on client side
* dbus/dbus-server.c (dbus_server_listen): handle "tmpdir" option
to unix: address
* configure.in (TEST_SOCKET_DIR): locate a temporary directory
we can use to create sockets in the test suite.
* bus/main.c (signal_handler): on SIGTERM, exit the daemon
cleanly. To be used for testing.
* dbus/dbus-spawn.c (babysit): use _dbus_set_signal_handler()
* dbus/dbus-sysdeps.c (_dbus_set_signal_handler): new
* dbus/dbus-server-debug-pipe.c (_dbus_transport_debug_pipe_new):
handle trying to call this when there's no servers active
* bus/loop.c (bus_loop_iterate): fix the timeout code, using
magic from GLib
* dbus/dbus-spawn.c (_dbus_babysitter_unref): set sitter_pid
to -1 once we've reaped the babysitter
(_dbus_babysitter_handle_watch): do as much work as we can, not
just one go of it
* bus/activation.c: add code using DBusBabysitter so that we
handle it when a service fails to start up properly.
(bus_activation_service_created): don't remove the activation
entries as we go, just let them get removed when we free the pending
activation. Unref reply messages after sending them.
* bus/config-parser.c (bus_config_parser_unref): free
list of mechanisms, bug discovered by test suite enhancements
(putting system.conf and session.conf into suite)
* test/Makefile.am, test/test-service.c: add placeholder for a
test service that we'll activate as part of test suite. Doesn't
do anything yet.
* dbus/dbus-sysdeps.c (_dbus_setenv): support unsetenv by
setting NULL value, and use system malloc not dbus_malloc()
when we have unavoidable memleakage.
* dbus/dbus-bus.c (dbus_bus_get): fix bug where bus type of 0
didn't work, and support DBUS_BUS_ACTIVATION.
* bus/activation.c (child_setup): pass our well-known bus type to
the child
* bus/config-parser.c: support <type> to specify well-known type
* doc/dbus-specification.sgml: document the env variables to
locate well-known buses and find service activator
* dbus/dbus-transport-unix.c (_dbus_transport_new_for_domain_socket)
(_dbus_transport_new_for_tcp_socket): these didn't need the "server"
argument since they are always client side
* dbus/dbus-server.c (dbus_server_get_address): new function
* bus/main.c (main): take the configuration file as an argument.
* test/data/valid-config-files/debug-allow-all.conf: new file to
use with dispatch.c tests for example
* bus/test-main.c (main): require test data dir
* bus/bus.c (bus_context_new): change this to take a
configuration file name as argument
* doc/config-file.txt (Elements): add <servicedir>
* bus/system.conf, bus/session.conf: new files
* dbus/dbus-bus.c (dbus_bus_get): look for system bus on
well-known socket if none set
* configure.in: create system.conf and session.conf
Throughout: purge global variables, introduce BusActivation,
BusConnections, BusRegistry, etc. objects instead.
* bus/bus.h, bus/bus.c: introduce BusContext as a global
message bus object
* test/Makefile.am (TEST_BINARIES): disable bus-test for now,
going to redo this a bit differently I think
