Use getrandom(2) and fall back to /dev/urandom if it is missing or if it
fails some any reason.
This solves problem where dbus-uuidgen is called from a chroot which
lacks /dev/urandom.
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Traditional activation could be disabled if all services use
SystemdService activation instead. Provide an example of a hardened
DBus systemd service drop-in file for such a setup.
Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
The -test suffix does not indicate that this is a test, but rather that
it is for tests (similar to the -unix and -win suffixes on modules like
dbus-sysdeps). This seems unnecessarily confusing, so rename it to end
with -for-tests.
Signed-off-by: Simon McVittie <smcv@collabora.com>
We want to make autoconf fail early and with a user-comprehensible
message if autoconf-archive isn't installed, rather than generating
a configure script with syntax errors, or a configure script that runs
successfully but doesn't do what we intended.
However, autoconf-archive doesn't actually guarantee not to use
AX_-prefixed shell variable names without m4_pattern_allow'ing them
(unlike Autoconf, Automake, Libtool and pkg-config, which explicitly use
m4_pattern_allow for variables with AC_, AM_, LT_ and PKG_ prefixes), so
it isn't safe to assume that they won't be used. In particular, recent
versions of AX_CHECK_GNU_MAKE appear to be using
$AX_CHECK_GNU_MAKE_HEADLINE as a shell variable.
Instead, specifically forbid the names of the finite list of macros
that we actually use.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Resolves: dbus#249
This means we don't need to distinguish between DBUS_NAME_TEST_EXEC and
DBUS_TEST_EXEC any more, because all test helper executables are in the
same place, both during build and when installed (we don't install
test-privserver since no installed test requires it yet, but in
principle we could).
Signed-off-by: Simon McVittie <smcv@collabora.com>
We don't want to set these globally via the normal CFLAGS, because if
we did, AddressSanitizer would catch test-segfault deliberately
segfaulting, and "helpfully" turn it into exit status 1, which in turn
makes our test fail because it asserts that the segfault is reported
as a segfault.
A typical use with gcc as compiler, on a reasonably recent Debian,
would be:
./configure SANITIZE_CFLAGS="-fsanitize=address -fsanitize=undefined -fPIE -pie"
Signed-off-by: Simon McVittie <smcv@collabora.com>
Autotools creates executable applications in the respective
subdirectory of the build directory, while cmake creates
them in <build-root>/bin.
This leads to different paths in the file created
from org.freedesktop.DBus.TestSuite.PrivServer.service.in,
which are fixed by the new variable.
Bug: https://gitlab.freedesktop.org/dbus/dbus/issues/135
Signed-off-by: Ralf Habacker <ralf.habacker@freenet.de>
Reviewed-by: Simon McVittie <smcv@collabora.com>
This simplifies bootstrapping: now you don't have to build dbus,
build dbus-python (with GLib), and use dbus-python to test dbus.
It also avoids test failures when using facilities like
AddressSanitizer. When libdbus is built with AddressSanitizer, but the
system copies of Python and dbus-python were not, dbus-python will exit
the Python interpreter on load, because libasan wasn't already
initialized. The simplest way to avoid this is to not use Python:
the scripts are not *that* hard to translate into C.
Both of these tests happen to be conditionally compiled for Unix only.
test_activation_forking() relies on code in TestSuiteForkingEchoService
that calls fork(), which can only work on Unix; meanwhile,
test_system_signals() tests the system bus configuration, which is
only relevant to Unix because we don't support using dbus-daemon as
a privilege boundary on Windows (and in any case D-Bus is not a Windows
OS feature, so the system bus cannot be used to communicate with OS
services like it can on most Linux systems).
This is also a partial solution to
<https://gitlab.freedesktop.org/dbus/dbus/issues/135>, by reducing the
size of name-test/.
For this to work, we need to build the test-service helper executable
even if embedded tests are disabled.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Solaris 2.3 and 2.4 took their getpwnam_r() signature from draft 6
of the POSIX threads standard. Since Solaris 2.5 (1995), defining
_POSIX_PTHREAD_SEMANTICS opts-in to the non-draft version of
getpwnam_r(), and since Solaris 11.4 (2018), the non-draft version is
the default.
We already use AC_USE_SYSTEM_EXTENSIONS, which defines
_POSIX_PTHREAD_SEMANTICS, among other useful macros.
Thanks to Alan Coopersmith for assistance with Solaris history.
Signed-off-by: Simon McVittie <smcv@collabora.com>
va_copy() is a C99 feature, and should be widely supported by now.
gcc in strict C89 mode implements an equivalent __va_copy() instead.
MSVC 2013 implements va_copy(), but at the moment we still aim to support
MSVC 2010 and 2012, which don't have it. However, we know that in
Windows ABIs, va_list is a pointer, so we can use
_DBUS_VA_COPY_ASSIGN. We do not support MSVC for Autotools builds, only
CMake, due to its non-Unixish command-line interface.
Signed-off-by: Simon McVittie <smcv@collabora.com>
If we already have ISO C va_copy() or its non-standard counterpart
__va_copy(), then there's no need to do an AC_RUN_IFELSE or its
CMake equivalent to detect whether "args2 = args1" or "*args2 = *args1"
works. AC_RUN_IFELSE is problematic during cross-compilation, where the
program cannot be run (you have to know in advance that the test program
will be run and what its result will be), so we want to avoid it whenever
possible.
Signed-off-by: Simon McVittie <smcv@collabora.com>
We have considerable anecdotal evidence that every relevant compiler
supports at least the small part of ISO varargs syntax that we need
here, because tools/tool-common.h has contained
#define VERBOSE(...) do {} while (0)
since dbus 1.9.2 (2014) and nobody has complained yet. With that in
mind, let's simplify.
Signed-off-by: Simon McVittie <smcv@collabora.com>
If in a .pc variable a path is created from another
variable, such as exec_prefix=${prefix}/lib, prefix
must not contain a trailing slash to avoid double
slashes in the generated path.
Doing a runtime check in configure.ac (AC_RUN_IFELSE) has several
disadvantages:
* It doesn't work when cross-compiling. For example, if we build macOS
binaries on a Linux system, we'd assume that poll() works, but in
fact it won't.
* It checks the build system capabilities, but that is not necessarily
appropriate if (for example) a macOS 10.10 user builds binaries that
could be used by macOS 10.12 or macOS 10.9 users.
* It checks for one specific failure mode, but macOS seems to have a
history of various implementation issues in poll().
* If we want it to work in CMake, we have to duplicate it in the CMake
build system.
None of these is a showstopper on its own, but the combination of all
of them makes the current approach to avoiding the broken poll() on
macOS look unreliable. libcurl, a widely-portable library making
extensive use of sockets, specifically doesn't use poll() on Darwin
(macOS, iOS, etc.) or on Interix; let's follow their example here.
See also https://bugzilla.gnome.org/show_bug.cgi?id=302672 and
https://daniel.haxx.se/blog/2016/10/11/poll-on-mac-10-12-is-broken/
for some relevant history.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Resolves: https://gitlab.freedesktop.org/dbus/dbus/issues/232
Open Build Service RPMs for mingw32-dbus-1 hard-code all the
directories to make everything explicit, notably:
--prefix=/usr/i686-w64-mingw32/sys-root/mingw
--exec-prefix=/usr/i686-w64-mingw32/sys-root/mingw
...
--libdir=/usr/i686-w64-mingw32/sys-root/mingw/lib
Previously we didn't accept this as relocatable, but actually it's
fine: ${prefix} is still equivalent to ${libdir}/pkgconfig/../..,
so our relocation setup can work. Accept the result of expanding
"${prefix}" as an acceptable value for --exec-prefix, and accept the
results of expanding "${exec_prefix}/lib" etc. as acceptable values
for --libdir.
Note the use of single vs. double quotes here. A case statement that
matches '${prefix}' tests for the literal string «${prefix}»,
whereas a case that matches "${prefix}" tests for the string that is
the value of the variable named «prefix» that is set by the
--prefix command-line argument.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=107662
There are two reasons why we might reject relocation: the exec_prefix
differing from the prefix, or the libdir not being a first-level
subdirectory named "lib" or "lib64" of the prefix. Make it clearer
which one failed and why.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=107662
This saves around 32% of the size of the archive.
[smcv: Rebased onto current master]
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=107630
This will give us the RFC-2553 inet_ntop() interface.
Windows Vista extended security support ended in 2017, but we don't
actually need anything from versions newer than Vista yet.
Loosely based on part of a patch by Ralf Habacker.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61922
For now, this is considered to be a privileged operation, because the
resource-limiting isn't wired up yet. It only contains the bare minimum
of API.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=101354
This will be used in tests later in the branch.
Sadly we can't use GLIB_VERSION_2_44 unless we are willing to have a
hard dependency on GLib 2.44, which would force us to do all our
Travis-CI builds in Docker containers rather than in ye olde base
system, and that adds 50% to the time taken to do builds.
Reviewed-by: Philip Withnall <withnall@endlessm.com>
[smcv: Rebase onto 1.13.x branch, fix minor conflicts]
Signed-off-by: Simon McVittie <smcv@collabora.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=101354
