Merge tag 'upstream/1.8.12'

Upstream version 1.8.12

9 files changed, 80 insertions, 19 deletions

diff --git a/HACKING b/HACKING
index 8c993b66..2fed9e6c 100644
--- a/HACKING
+++ b/HACKING
@@ -11,6 +11,11 @@ of patches, etc. should go there.
 Security
 ===
 
+If you find a security vulnerability that is not known to the public,
+please report it privately to dbus-security@lists.freedesktop.org
+or by reporting a freedesktop.org bug that is marked as
+restricted to the "D-BUS security group".
+
 Most of D-Bus is security sensitive.  Guidelines related to that:
 
  - avoid memcpy(), sprintf(), strlen(), snprintf, strlcat(),
diff --git a/NEWS b/NEWS
index aa821fe1..c0d2fa2b 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,32 @@
+D-Bus 1.8.12 (2014-11-24)
+==
+
+The “days of fuchsia passed” release.
+
+Fixes:
+
+• Partially revert the CVE-2014-3639 patch by increasing the default
+  authentication timeout on the system bus from 5 seconds back to 30
+  seconds, since this has been reported to cause boot regressions for
+  some users, mostly with parallel boot (systemd) on slower hardware.
+
+  On fast systems where local users are considered particularly hostile,
+  administrators can return to the 5 second timeout (or any other value
+  in milliseconds) by saving this as /etc/dbus-1/system-local.conf:
+
+  <busconfig>
+    <limit name="auth_timeout">5000</limit>
+  </busconfig>
+
+  (fd.o #86431, Simon McVittie)
+
+• Add a message in syslog/the Journal when the auth_timeout is exceeded
+  (fd.o #86431, Simon McVittie)
+
+• Send back an AccessDenied error if the addressed recipient is not allowed
+  to receive a message (and in builds with assertions enabled, don't
+  assert under the same conditions). (fd.o #86194, Jacek Bukarewicz)
+
 D-Bus 1.8.10 (2014-11-10)
 ==
 
diff --git a/README b/README
index aea83300..0257e69d 100644
--- a/README
+++ b/README
@@ -29,6 +29,25 @@ If your use-case isn't one of these, D-Bus may still be useful, but
 only by accident; so you should evaluate carefully whether D-Bus makes
 sense for your project.
 
+Security
+==
+
+If you find a security vulnerability that is not known to the public,
+please report it privately to dbus-security@lists.freedesktop.org
+or by reporting a freedesktop.org bug that is marked as
+restricted to the "D-BUS security group" (you might need to "Show
+Advanced Fields" to have that option).
+
+On Unix systems, the system bus (dbus-daemon --system) is designed
+to be a security boundary between users with different privileges.
+
+On Unix systems, the session bus (dbus-daemon --session) is designed
+to be used by a single user, and only accessible by that user.
+
+We do not currently consider D-Bus on Windows to be security-supported,
+and we do not recommend allowing untrusted users to access Windows
+D-Bus via TCP.
+
 Note: low-level API vs. high-level binding APIs
 ===
 
diff --git a/bus/bus.c b/bus/bus.c
index 47cc3452..f0d980e5 100644
--- a/bus/bus.c
+++ b/bus/bus.c
@@ -1660,7 +1660,7 @@ bus_context_check_security_policy (BusContext     *context,
       complain_about_message (context, DBUS_ERROR_ACCESS_DENIED,
           "Rejected receive message", toggles,
           message, sender, proposed_recipient, requested_reply,
-          (addressed_recipient == proposed_recipient), NULL);
+          (addressed_recipient == proposed_recipient), error);
       _dbus_verbose ("security policy disallowing message due to recipient policy\n");
       return FALSE;
     }
diff --git a/bus/config-parser.c b/bus/config-parser.c
index 7bc9c019..ee2d4e7d 100644
--- a/bus/config-parser.c
+++ b/bus/config-parser.c
@@ -438,7 +438,7 @@ bus_config_parser_new (const DBusString      *basedir,
        * and legitimate auth will fail.  If interactive auth (ask user for
        * password) is allowed, then potentially it has to be quite long.
        */
-      parser->limits.auth_timeout = 5000; /* 5 seconds */
+      parser->limits.auth_timeout = 30000; /* 30 seconds */
 
       /* Do not allow a fd to stay forever in dbus-daemon
        * https://bugs.freedesktop.org/show_bug.cgi?id=80559
diff --git a/bus/connection.c b/bus/connection.c
index 519122c5..7107434f 100644
--- a/bus/connection.c
+++ b/bus/connection.c
@@ -860,6 +860,14 @@ bus_connections_expire_incomplete (BusConnections *connections)
 
           if (elapsed >= (double) auth_timeout)
             {
+              /* Unfortunately, we can't identify the connection: it doesn't
+               * have a unique name yet, we don't know its uid/pid yet,
+               * and so on. */
+              bus_context_log (connections->context, DBUS_SYSTEM_LOG_INFO,
+                  "Connection has not authenticated soon enough, closing it "
+                  "(auth_timeout=%dms, elapsed: %.0fms)",
+                  auth_timeout, elapsed);
+
               _dbus_verbose ("Timing out authentication for connection %p\n", connection);
               dbus_connection_close (connection);
             }
diff --git a/configure b/configure
index 87e5d5b3..9d8d3e0a 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for dbus 1.8.10.
+# Generated by GNU Autoconf 2.69 for dbus 1.8.12.
 #
 # Report bugs to <https://bugs.freedesktop.org/enter_bug.cgi?product=dbus>.
 #
@@ -591,8 +591,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='dbus'
 PACKAGE_TARNAME='dbus'
-PACKAGE_VERSION='1.8.10'
-PACKAGE_STRING='dbus 1.8.10'
+PACKAGE_VERSION='1.8.12'
+PACKAGE_STRING='dbus 1.8.12'
 PACKAGE_BUGREPORT='https://bugs.freedesktop.org/enter_bug.cgi?product=dbus'
 PACKAGE_URL=''
 
@@ -1513,7 +1513,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures dbus 1.8.10 to adapt to many kinds of systems.
+\`configure' configures dbus 1.8.12 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1587,7 +1587,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of dbus 1.8.10:";;
+     short | recursive ) echo "Configuration of dbus 1.8.12:";;
    esac
   cat <<\_ACEOF
 
@@ -1784,7 +1784,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-dbus configure 1.8.10
+dbus configure 1.8.12
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2503,7 +2503,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by dbus $as_me 1.8.10, which was
+It was created by dbus $as_me 1.8.12, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -3446,7 +3446,7 @@ fi
 
 # Define the identity of the package.
  PACKAGE='dbus'
- VERSION='1.8.10'
+ VERSION='1.8.12'
 
 
 cat >>confdefs.h <<_ACEOF
@@ -3746,7 +3746,7 @@ LT_CURRENT=11
 
 ## increment any time the source changes; set to
 ##  0 if you increment CURRENT
-LT_REVISION=8
+LT_REVISION=9
 
 ## increment if any interfaces have been added; set to 0
 ## if any interfaces have been changed or removed. removal has
@@ -3759,8 +3759,8 @@ LT_AGE=8
 
 DBUS_MAJOR_VERSION=1
 DBUS_MINOR_VERSION=8
-DBUS_MICRO_VERSION=10
-DBUS_VERSION=1.8.10
+DBUS_MICRO_VERSION=12
+DBUS_VERSION=1.8.12
 
 
 
@@ -23428,7 +23428,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by dbus $as_me 1.8.10, which was
+This file was extended by dbus $as_me 1.8.12, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -23494,7 +23494,7 @@ _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-dbus config.status 1.8.10
+dbus config.status 1.8.12
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 
diff --git a/configure.ac b/configure.ac
index df32f238..cd4542a1 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3,7 +3,7 @@ AC_PREREQ([2.63])
 
 m4_define([dbus_major_version], [1])
 m4_define([dbus_minor_version], [8])
-m4_define([dbus_micro_version], [10])
+m4_define([dbus_micro_version], [12])
 m4_define([dbus_version],
           [dbus_major_version.dbus_minor_version.dbus_micro_version])
 AC_INIT([dbus],[dbus_version],[https://bugs.freedesktop.org/enter_bug.cgi?product=dbus],[dbus])
@@ -37,7 +37,7 @@ LT_CURRENT=11
 
 ## increment any time the source changes; set to
 ##  0 if you increment CURRENT
-LT_REVISION=8
+LT_REVISION=9
 
 ## increment if any interfaces have been added; set to 0
 ## if any interfaces have been changed or removed. removal has
diff --git a/ltmain.sh b/ltmain.sh
index 3fd54dfa..bffda541 100644
--- a/ltmain.sh
+++ b/ltmain.sh
@@ -70,7 +70,7 @@
 #         compiler:		$LTCC
 #         compiler flags:		$LTCFLAGS
 #         linker:		$LD (gnu? $with_gnu_ld)
-#         $progname:	(GNU libtool) 2.4.2 Debian-2.4.2-1.10
+#         $progname:	(GNU libtool) 2.4.2 Debian-2.4.2-1.11
 #         automake:	$automake_version
 #         autoconf:	$autoconf_version
 #
@@ -80,7 +80,7 @@
 
 PROGRAM=libtool
 PACKAGE=libtool
-VERSION="2.4.2 Debian-2.4.2-1.10"
+VERSION="2.4.2 Debian-2.4.2-1.11"
 TIMESTAMP=""
 package_revision=1.3337