| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88980
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
|
|
test-marshal and test-syntax need the
$(testutils_shared_if_possible_cppflags), so that they will get the
$(static_cflags) when we are not linking to dbus-glib.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88980
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
|
|
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88964
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
|
|
socket in sync with unix.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=87999
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
|
|
|
|
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=46787
Reviewed-by: Philip Withnall <philip.withnall@collabora.co.uk>
|
|
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=46787
Reviewed-by: Philip Withnall <philip.withnall@collabora.co.uk>
|
|
Move the dbus_connection_add_filter() call further up as a precaution,
because it isn't safe for a monitor to not have a filter that
swallows all messages.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=46787
Reviewed-by: Philip Withnall <philip.withnall@collabora.co.uk>
|
|
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=46787
Reviewed-by: Philip Withnall <philip.withnall@collabora.co.uk>
|
|
This includes most of the situations I could think of:
* method call on dbus-daemon and response
* NameOwnerChanged
* NameAcquired, NameLost (although I'm not 100% sure these should
get captured, since they're redundant with NameOwnerChanged)
* unicast message is allowed through
* unicast message is rejected by no-sending or no-receiving policy
* broadcast is allowed through
* broadcast is rejected by no-sending policy (the error reply
is also captured)
* broadcast is rejected by no-receiving policy (there is no error
reply)
* message causing service activation, and the message telling systemd
to do the actual activation
* systemd reporting that activation failed
It does not cover:
* sending a message to dbus-daemon, then provoking a reply, then
dbus-daemon does not allow itself to send the reply due to its
own security policy
This is such an obscure corner case that I'm not even convinced it's
testable without dropping down into lower-level socket manipulation:
dbus-daemon's replies are always assumed to be requested replies,
and replies contain so little other metadata that I think we can
only forbid them by forbidding all method replies. If we do that,
the reply to Hello() won't arrive and the client-side connection will
not become active.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=46787
Reviewed-by: Philip Withnall <philip.withnall@collabora.co.uk>
|
|
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=46787
Reviewed-by: Philip Withnall <philip.withnall@collabora.co.uk>
|
|
Unlike eavesdropping, the point of capture is when the message is
received, except for messages originating inside the dbus-daemon.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=46787
Reviewed-by: Philip Withnall <philip.withnall@collabora.co.uk>
|
|
This is a special connection that is not allowed to send anything,
and loses all its well-known names.
In future commits, it will get a new set of match rules and the
ability to eavesdrop on messages before the rest of the bus daemon
has had a chance to process them.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=46787
Reviewed-by: Philip Withnall <philip.withnall@collabora.co.uk>
|
|
|
|
|
|
Without either this rule or better checking in dbus-daemon, non-systemd
processes can make dbus-daemon think systemd failed to activate a system
service, resulting in an error reply back to the requester.
This is redundant with the fix in the C code (which I consider to be
the real solution), but is likely to be easier to backport.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88811
Reviewed-by: Alban Crequy
Reviewed-by: David King
Reviewed-by: Philip Withnall
|
|
|
|
Not being aware of the second reason described here caused bug #87999
in the equivalent code on Windows.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=87999
|
|
If we happen to have been given (say) port 30865, we want to
represent that as host=localhost,port=30865 and not
host=localhost,port=csync2.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=87999
|
|
[separated out from a larger commit -smcv]
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88964
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
|
|
[Separated out from a larger commit -smcv]
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88964
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
|
|
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=46787
Reviewed-by: Philip Withnall
[also sync up the cmake build system -smcv]
|
|
|
|
|
|
|
|
If spawn_dbus_daemon() can fail for TEST_USER_ME, then we'd have to
go through all the tests adding the ability to skip tests after
it fails, which is a fairly extensive change.
The tests have historically all run as whatever uid is supplied, and
if the tests are being run as root for some reason - perhaps in a CI
framework for an embedded platform that doesn't have non-root users,
or in an environment where you can be root or non-root but not both -
there is no particular reason to skip them.
|
|
|
|
|
|
4.5 years after it was implemented, here is the regression test.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=57952
Reviewed-by: Philip Withnall
|
|
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall
|
|
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall
|
|
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall
|
|
Now we can actually notice incorrect format strings in other
translation units.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall
|
|
Unlike the initial mitigation for CVE-2014-8148, we now allow
uid 0 to call UpdateActivationEnvironment. There's no point in root
doing that, but there's also no reason why it's particularly bad -
if an attacker is uid 0 we've already lost - and it simplifies
use of this function for future things that do want to be callable
by root, like BecomeMonitor for #46787.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall
|
|
This is technical debt from mitigating CVE-2014-8148, which should
really have had a regression test at the time.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall
|
|
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall
|
|
We run each test twice:
* once with the system's session.conf, as an integration test
(test-cases that need a special configuration are automatically
skipped)
* once with our special test configuration files, which provide better
coverage
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall
|
|
This means we can generate a version that works when installed,
from the same source files.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall
|
|
In the process, make test_kill_pid() safer: do not try to terminate
more than one pid, or the NULL handle.
Also stop leaking the address_fd in spawn_dbus_daemon, a pre-existing
bug that was spotted by Philip Withnall during review.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall
|
|
This is for g_close(), which the next commit will use. It also lets us
rely on g_type_init() being a no-op (since 2.32 the type system is
always initialized by a global constructor).
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall
|
|
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88943
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
|
|
|
|
It seems lcov (or gcc?) has changed its paths since last time this
worked.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88808
Reviewed-by: Philip Withnall
|
|
It has been supported since at least 1.10, and its absence is
deprecated since 1.14.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88808
Reviewed-by: Philip Withnall
|
|
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88808
Reviewed-by: Philip Withnall
|
|
already in use'.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=87999
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
|
|
for now.
This fix is required to support at least ipv4 tcp support calling
_dbus_listen_tcp_socket() without family.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=87999
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
|
|
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=87999
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
|
|
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88087
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
|
|
pygobject 2 is obsolete and unmaintained, and anyway this is for
optional functionality (full regression test coverage) rather than
anything that will be needed in production builds.
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=85969
|
