summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2014-09-07Fix windows doc for running tests.Ralf Habacker1-4/+9
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=41252 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
2014-09-05NEWS for 1.8Simon McVittie1-1/+4
2014-09-04Stats: fix compilation issueAlban Crequy1-1/+3
Bug-Gentoo: https://bugs.gentoo.org/show_bug.cgi?id=507232 Bug: https://bugs.freedesktop.org/show_bug.cgi?id=81043 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
2014-08-21Don't attempt config reload if dbus system bus is not running.Michael Biebl2-6/+8
There is no point to attemp a reload if the system bus is not running and we avoid a warning upon initial installation this way. Update the comment to reflect recent changes.
2014-08-13Target unstabledebian/1.8.6-2Sjoerd Simons1-2/+2
2014-08-13debian/dbus.posinst: When triggered only poke the dbus-daemon, don't run ↵Sjoerd Simons2-10/+29
update-rc.d/invoke-rc.d as added by dh_installinit. This prevent some odd-corner when being triggered during init system upgrade (Closes: #754404)
2014-07-02start 1.8.7Simon McVittie2-1/+6
2014-06-30New upstream releasedebian/1.8.6-1Simon McVittie1-0/+7
- fix two local DoS vulnerabilities (CVE-2014-3532, CVE-2014-3533)
2014-06-30Merge tag 'upstream/1.8.6'Simon McVittie8-18/+89
Upstream version 1.8.6
2014-06-30Imported Upstream version 1.8.6upstream/1.8.6Simon McVittie8-18/+89
2014-06-30Prepare 1.8.6 in advancedbus-1.8.6Simon McVittie2-4/+19
2014-06-30Handle ETOOMANYREFS when sending recursive fds (SCM_RIGHTS)Alban Crequy3-1/+48
Since Linux commit 25888e (from 2.6.37-rc4, Nov 2010), sendmsg() on Unix sockets returns -1 errno=ETOOMANYREFS ("Too many references: cannot splice") when the passfd mechanism (SCM_RIGHTS) is "abusively" used recursively by applications. A malicious client could use this to force a victim system service to be disconnected from the system bus; the victim would likely respond by exiting. This is a denial of service (fd.o #80163, CVE-2014-3532). This patch silently drops the D-Bus message on ETOOMANYREFS and does not close the connection. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=80163 Reviewed-by: Thiago Macieira <thiago@kde.org> [altered commit message to explain DoS significance -smcv] Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
2014-06-30If loader contains two messages with fds, don't corrupt the secondSimon McVittie1-1/+1
There were two bugs here: we would previously overwrite the unused fds with the already-used fds instead of the other way round, and we would copy n bytes where we should have copied n ints. Additionally, sending crafted messages in a chosen sequence to a victim system service could cause an invalid file descriptor to be present when dbus-daemon tries to forward one of those crafted messages to the victim, causing sendmsg() to fail with EBADF, which resulted in disconnecting the victim service, which would likely respond to that by exiting. This is a denial of service (fd.o #80469, CVE-2014-3533). Bug: https://bugs.freedesktop.org/show_bug.cgi?id=79694 Bug: https://bugs.freedesktop.org/show_bug.cgi?id=80469 Reviewed-by: Alban Crequy <alban.crequy@collabora.co.uk>
2014-06-11NEWSSimon McVittie1-1/+5
2014-06-11dbus-launch: kill bus if we can't attach to a session when requestedРоман Донченко1-1/+1
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=74698 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
2014-06-10reset versionSimon McVittie2-1/+6
2014-06-05New upstream release, fixing a DoS vulnerability (CVE-2014-3477)debian/1.8.4-1Simon McVittie1-0/+6
2014-06-05Merge tag 'upstream/1.8.4'Simon McVittie6-26/+50
Upstream version 1.8.4
2014-06-05Imported Upstream version 1.8.4upstream/1.8.4Simon McVittie6-26/+50
2014-06-05Prepare embargoed security releasedbus-1.8.4Simon McVittie2-3/+11
2014-06-05CVE-2014-3477: deliver activation errors correctly, fixing Denial of ServiceAlban Crequy3-11/+24
How it should work: When a D-Bus message activates a service, LSMs (SELinux or AppArmor) check whether the message can be delivered after the service has been activated. The service is considered activated when its well-known name is requested with org.freedesktop.DBus.RequestName. When the message delivery is denied, the service stays activated but should not receive the activating message (the message which triggered the activation). dbus-daemon is supposed to drop the activating message and reply to the sender with a D-Bus error message. However, it does not work as expected: 1. The error message is delivered to the service instead of being delivered to the sender. As an example, the error message could be something like: An SELinux policy prevents this sender from sending this message to this recipient, [...] member="MaliciousMethod" If the sender and the service are malicious confederates and agree on a protocol to insert information in the member name, the sender can leak information to the service, even though the LSM attempted to block the communication between the sender and the service. 2. The error message is delivered as a reply to the RequestName call from service. It means the activated service will believe it cannot request the name and might exit. The sender could activate the service frequently and systemd will give up activating it. Thus the denial of service. The following changes fix the bug: - bus_activation_send_pending_auto_activation_messages() only returns an error in case of OOM. The prototype is changed to return TRUE, or FALSE on OOM (and its only caller sets the OOM error). - When a client is not allowed to talk to the service, a D-Bus error message is pre-allocated to be delivered to the client as part of the transaction. The error is not propagated to the caller so RequestName will not fail (except on OOM). [fixed a misleading comment -smcv] Bug: https://bugs.freedesktop.org/show_bug.cgi?id=78979 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Reviewed-by: Colin Walters <walters@verbum.org>
2014-04-30development versionSimon McVittie2-1/+4
2014-04-30New upstream releasedebian/1.8.2-1Simon McVittie1-0/+6
2014-04-30Merge tag 'upstream/1.8.2'Simon McVittie17-30/+148
Upstream version 1.8.2
2014-04-30Imported Upstream version 1.8.2upstream/1.8.2Simon McVittie17-30/+148
2014-04-301.8.2dbus-1.8.2Simon McVittie2-3/+8
2014-04-30Handle 0x0d0a EOLs in spawn_dbus_daemon()Руслан Ижбулатов2-0/+4
On W32 dbus daemon will print output in text mode, with 0x0d0a EOLs instead of just 0x0a. Be able to handle that. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=75863 Reviewed-by: Simon McVittie
2014-04-30NEWSSimon McVittie1-0/+3
2014-04-30Avoid killing all available processes if an X error arrives early onРоман Донченко1-1/+7
The timeline of events in dbus-launch's main process goes something like this: * do initial X calls [1] * do some other stuff * fork (child process starts doing some other stuff) * return "intermediate parent" pid from fork() * obtain bus daemon pid from bus_pid_to_launcher_pipe [2] * do things that might include X11 calls or killing the dbus-daemon Meanwhile, the "babysitter" child goes like this: * return 0 from fork() [3] * obtain bus daemon pid from parent process via bus_pid_to_babysitter_pipe [4] * do things that might include X11 calls or killing the bus daemon Before [1] or [3], the right thing to do about an X error is to just exit. The current implementation called kill(-1) first, which is undesirable: it kills unrelated processes. With this change, we just exit. After [2] or [4], the right thing to do is to kill the dbus-daemon, and that's what the existing code did. Between [1] and [2], or between [3] and [4], there is no correct thing that we can do immediately: we would have to wait for the end of the "critical section", *then* kill the dbus-daemon. This has not yet been implemented, so this patch relies for its correctness on the fact that there are no libX11 calls between those points, so we cannot receive an X error between them. dbus-launch deserves more comments, or a reimplementation that is easier to understand, but this change is certainly better than nothing. [Commit message added, summarizing reviewers' comments -smcv] Bug: https://bugs.freedesktop.org/show_bug.cgi?id=74698 Reviewed-by: Simon McVittie Reviewed-by: Thiago Macieira
2014-04-28NEWS for 1.8Simon McVittie1-0/+6
2014-04-28Add "Documentation=man:dbus-daemon(1)" line to systemd serviceCameron Norman1-0/+1
Enhances usability under systemd by making the documentation available with systemctl status or systemctl help. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=77447 Reviewed-by: Simon McVittie
2014-04-28Try to read /etc/machine-id before inventing a new /var/lib/dbus/machine-idSimon McVittie1-2/+21
It's least confusing if the two files have the same contents. systemd already knows how to pick up our /var/lib/dbus/machine-id if it exists and /etc/machine-id doesn't, but the converse is not currently true. We should make it true, so that it doesn't matter what order systemd-machine-id-setup and "dbus-uuidgen --ensure" were invoked in. In Debian, systemd currently Recommends dbus, so "dbus-uuidgen --ensure" will *usually* - but not always! - run first, and the two files will match. However, if you install systemd without dbus, and then install dbus later, there will be a mismatch. With this change, it doesn't matter which one is installed first: whichever one happens to come first, it will generate the machine ID, and then the other one will copy it. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=77941 Reviewed-by: Lennart Poettering
2014-04-28_dbus_write_uuid_file: factor out function to write a known UUIDSimon McVittie2-7/+18
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=77941 Reviewed-by: Lennart Poettering
2014-03-26Improve autopkgtest supportdebian/1.8.0-3Simon McVittie3-5/+15
- use a shell wildcard instead of dpkg-architecture, to avoid stderr spam failing the test if gcc is missing - wrap each test-case in an arbitrary (5 minute) timeout so that one test-case failing won't halt the whole build
2014-03-13Update email-address for David Zeuthen.David Zeuthen1-2/+1
I no longer have the email address davidz@redhat.com so update it to my current address. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=75288
2014-03-06Update .gitignore filesLukasz Skalski2-0/+7
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=75833 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
2014-03-03NEWS for dbus-1.8Simon McVittie1-1/+10
2014-02-26releasedebian/1.8.0-2Simon McVittie1-2/+2
2014-02-26debian/rules: say why no tests during buildSimon McVittie1-1/+4
2014-02-26add XS-Testsuite: autopkgtestSimon McVittie1-0/+1
2014-02-26Close #738317Simon McVittie1-1/+1
2014-02-26Add autopkgtest supportSimon McVittie4-0/+76
* Hook up the installed tests to DEP-8 metadata * Add a simple compile/link/run test
2014-02-26Clean debian/tmp-udeb in `debian/rules clean`Simon McVittie2-0/+5
2014-02-26Register a dpkg trigger on /usr/share/dbus-1/system-services and ↵Simon McVittie3-8/+16
/etc/dbus-1/system.d that calls ReloadConfig on the system dbus-daemon, in case our inotify monitoring isn't completely reliable (see #740139)
2014-02-15Mark dbus-1-doc with Build-Profiles: !stage1Simon McVittie2-0/+2
2014-02-15Don't try to install systemd units in a stage1 build (they are no longer ↵Simon McVittie3-2/+5
installed unless libsystemd*-dev are found)
2014-02-15debian/rules: look for DEB_BUILD_PROFILES, the new name for DEB_BUILD_PROFILESimon McVittie2-3/+10
2014-01-27Fix of 'dbus-daemon can only handle 64 simultaneous connections on Windows'.Cristian Onet3-0/+9
[Slightly modified by -rh] Bug: https://bugs.freedesktop.org/show_bug.cgi?id=71297 Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
2014-01-21Give cmake users some hints/requirements when cross compiling for Windows on ↵Ralf Habacker2-0/+31
Linux. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=41252 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
2014-01-201.8.1Simon McVittie2-1/+6
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-20 02:31:38 +0000