<windows.h> somewhat cloyingly attempts to include <winsock.h>
by default, which causes problems if the rest of the program
is trying to use the incompatible <winsock2.h>. The Windows
sysdep header attempts to prevent this by forcibly defining
the winsock header guard macro, so that it will not be included.
However, this does not work on MinGW because it uses a different
guard macro name.
This patch changes the code to instead define WIN32_LEAN_AND_MEAN,
which is a more portable way to ensure that <winsock.h> will not
be included.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=71405
Reviewed-By: Ralf Habacker <ralf.habacker@freenet.de>
tcp/nonce-tcp transport has a "bind" key, which can be specified a
hostname and will override hostname specified in "host" key.
"bind" has a special value "*" which means ip address 0.0.0.0 and will
cause dbus-daemon listen on all interfaces.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=72301
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
In _dbus_send_nonce() which call in _dbus_read_nonce() and assert on an
error is set if _dbus_read_nonce() fail. However, in _dbus_read_nonce(),
it may fail on fopen() and left error is unset. This will crash us if
assertions hasn't been disabled.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=72298
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
[FreeBSD and OpenBSD contributors clarified that O_CLOEXEC has been
supported for ~ 2 years on both, so for the moment we're assuming
that every platform with kqueue also has working O_CLOEXEC. Please reopen
the bug, with a tested patch that uses _dbus_fd_set_close_on_exec() instead,
if this assumption turns out to be false. -smcv]
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=72213
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
There is a DBusList* member of BusTransaction named "connections", while
its getter function bus_transaction_get_connections() returns
context->connections which in fact is a BusConnections pointer, this is
quite confusing. Because this is what bus_context_get_connections()
returns.
This patch call out to bus_context_get_connections() directly and remove
the then unused bus_transaction_get_connections().
https://bugs.freedesktop.org/show_bug.cgi?id=71597
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
The argument bytes_read of _dbus_auth_return_buffer() function isn't
used at all, so remove it.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=71477
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
On Hurd, the setsockopt() fails. Svante Signell confirmed that on
at least Linux and kFreeBSD, SO_REUSEADDR "succeeds" on Unix sockets,
but doesn't have any practical effect; so rather than making the
failure not issue a warning, we might as well not bother with the
syscall at all.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=69492
Reviewed-by: Chengwei Yang <chengwei.yang@intel.com>
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
If there are no cmsg headers, don't fail: this fixes receiving credentials
on TCP sockets under at least GNU/kFreeBSD, and probably FreeBSD too.
If there's more than one cmsg header, ignore any that don't look like
valid SCM_CREDS.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=69492
Tested-by: Svante Signell
Reviewed-by: Chengwei Yang <chengwei.yang@intel.com>
[added break, altered indentation in response to review -smcv]
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Perhaps some OSs accept and ignore attempts to send a SCM_CREDS
message on a non-Unix socket, but GNU/kFreeBSD doesn't (and presumably
FreeBSD doesn't either).
Based on a patch by Svante Signell.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=69492
Tested-by: Svante Signell
Reviewed-by: Chengwei Yang <chengwei.yang@intel.com>
There are memory blocks leak when doing bus-test, both dispatch-sha1 and
dispatch test cases complain memory blocks leak.
This patch also fix fd leaks.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=69332
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
We don't want the regression tests' "session" getting mixed up in
system-wide "sessions". This doesn't actually matter yet, but it is
likely to matter in future.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61301
Reviewed-by: Chengwei Yang <chengwei.yang@intel.com>
[merged with earlier line-wrapping of TESTS_ENVIRONMENT -smcv]
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
The message bus which can monitor its conf dirs for changes and reload
confs immediately if dir monitor enabled, for example, inotify in Linux,
kqueue in *BSD.
However, it doesn't apply policy rules change for completed connections,
so to apply policy rules change, the client connection has to disconnect
first and then re-connect to message bus.
For imcomplete connections, it always has the latest review of policy
rules.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=39463
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
The --with-dbus-session-bus-connect-address configure option and the
DBUS_SESSION_BUS_CONNECT_ADDRESS CMake variable expect a connectable
address, while the --with-dbus-session-bus-listen-address option and
the DBUS_SESSION_BUS_LISTEN_ADDRESS variable expect a listenable address.
DBUS_SYSTEM_BUS_DEFAULT_ADDRESS currently has to be an address that
is simultaneously listenable and connectable.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61303
Reviewed-by: Chengwei Yang <chengwei.yang@intel.com>
[fixed name of DBUS_SESSION_BUS_CONNECT_ADDRESS as per review -smcv]
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
So far, this bug can be triggered in systemd environment, if the
configured ListenStream for dbus.socket has characters must be escaped
first. Then we'll get an error like
"In D-Bus address, character '%c' should have been escaped\n"
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=46013
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
This is an important security measure. Without it, the system bus
would not deliver its intended security properties. The actual
implementation has always behaved like this, I think.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=68597
Reviewed-by: Chengwei Yang <chengwei.yang@intel.com>
Previously, if we have interfaces:
interface com.example.foo:
method Ambiguous()
interface com.example.bar:
method Ambiguous()
method Unambiguous()
implementations were required to deliver a message with no INTERFACE
and METHOD=Unambiguous to "bar". A message with no INTERFACE and
METHOD=Ambiguous could either be delivered to "foo", delivered to "bar"
or treated as an error.
Relax this to allow an error for the unambiguous case, too, and
strongly recommend specifying the interface (which is best-practice).
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=68597
Reviewed-by: Chengwei Yang <chengwei.yang@intel.com>
Vaguely-acked-by: Thiago Macieira, David Zeuthen
[and desrt objected that it didn't go far enough]
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
dbus-sysdeps-win.c makes use of a constant called
PROCESS_QUERY_LIMITED_INFORMATION, which was added after Windows
XP. There is code present to make sure the constant is not used
when running on an XP system, but the constant is still required
at build time. Unfortunately, the Windows headers provided by
MinGW are old enough that they do not contain this constant, so
building with MinGW fails.
This patch adds a definition for the constant if one is not already
present.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=71366
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
[altered comment to specify MinGW32 < 4, since mingw-w64
and MinGW 4.0+ do have this constant -smcv]
Previous to the introduction of selinux_set_mapping(), DBus pulled
constants generated from the system's policy at build time. But this
means it's impossible to replace the system policy without rebuilding
userspace components.
This patch maps from arbitrary class/perm indices used by D-Bus and
the policy values and handles all the translation at runtime on
avc_has_perm() calls.
Bug: https://bugs.freedesktop.org/attachment.cgi?id=88719
Reviewed-By: Colin Walters <walters@verbum.org>
Tested-By: Colin Walters <walters@verbum.org>
In code that looks like n[i] = v(&i), where v increments i, C leaves it
undefined whether the old or new value of i is used to locate n[i].
As it happens, gcc used the pre-increment value of i, but MSVC
used the post-increment value.
Fix this by inserting a sequence point to disambiguate the intended order.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=69924
Reviewed-by: Chengwei Yang <chengwei.yang@intel.com>
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
[wrote commit message, fixed whitespace -smcv]
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
As soon as capng_clear() is called, we won't appear to have
CAP_AUDIT_WRITE. Fix this by checking for it before resetting the
libcap state.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=49062
Tested-by: Laurent Bigonville <bigon@debian.org>
Reviewed-by: Laurent Bigonville <bigon@debian.org>
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Reviewed-by: Lennart Poettering <lennart@poettering.net>
In systemd environment, dbus-daemon will run as no-fork mode since this
is the recommended practice of systemd.
In that scenario, child activated by dbus-daemon will inherit
dbus-daemon standard streams, includes stdin/stdout/stderr. stdin will
be redirected to /dev/null by systemd and stdout/stderr will be catched
by systemd log subsystem. Since the child inherit stdout/stderr from
dbus-daemon, so from systemd journal log, the child log output will be
identified with dbus-daemon identifier. So it's a little confusing.
This patch redirects the child stdout/stderr to systemd journal stream,
and with its owned service name as identifier. However, thing not fixed
perfectly due to the socket ucred of the child is owned by dbus-daemon,
so the pid isn't the real pid of the chile.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=68559
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
DBusBabysitter->executable is defined as executable name to use in error
messages. However, if servicehelper used, then the executable name is
servicehelper. It's not much help because we couldn't figure out which
service we're trying to activated if error happens.
In the following patch, we'll use service name to be activated as the
child log identifier and add a parameter to
_dbus_spawn_async_with_babysitter() to pass the log identifier. Since
this is not the case in test, so executable changed to log_name.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=68559
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Update three configurable elements for dbus-daemon manual, <syslog>,
<pidfile> and <allow_anonymous>, all of them are undocumented so far.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=69125
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
