summaryrefslogtreecommitdiff
path: root/dbus/dbus-sysdeps.c
Commit message (Collapse)AuthorAgeFilesLines
* Add SPDX license marker for the AFL-2.1 OR GPL-2.0-or-later licenseRalf Habacker2023-01-041-0/+2
| | | | | | | | | The full license texts are not added because they were already added in a previous commit. Signed-off-by: Ralf Habacker <ralf.habacker@freenet.de> see #394
* trivial: Remove trailing whitespace from copyright noticesSimon McVittie2018-12-171-3/+3
| | | | | | | | | | | | | | We don't usually mass-remove trailing whitespace from the actual source code because it would complicate cherry-picking bug fixes to older branches, but that reasoning doesn't really apply to the comments containing copyright and licensing notices. Removing trailing whitespace makes it much easier to move code around: we have a commit hook that rejects commits containing trailing whitespace, but that commit hook counts moving a file as a delete + add pair, so it objects to moving code that contains trailing whitespace. Signed-off-by: Simon McVittie <smcv@collabora.com>
* Add and use _dbus_list_clear_fullSimon McVittie2018-08-021-2/+1
| | | | | | | | | | | In gcc 8, -Wall -Wextra includes -Wcast-function-type, which warns about passing an extra (unwanted) parameter to callbacks. Instead of using _dbus_list_foreach(), add a function to do what we actually wanted here. Signed-off-by: Simon McVittie <smcv@collabora.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=107349 Reviewed-by: Thiago Macieira <thiago@kde.org>
* Fix using uninitialized value "name" in _dbus_combine_tcp_errorsRalf Habacker2018-03-201-1/+1
| | | | | | | Coverity CID 265359. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61922 Reviewed-by: Simon McVittie <smcv@collabora.com>
* sysdeps-unix: Treat bind() failures as non-fatalSimon McVittie2018-03-091-0/+68
| | | | | | | | | | | | | | | | | | | When we use AF_UNSPEC, we are likely to get multiple addresses back from getaddrinfo(), and perhaps we won't be able to use them all. Give that failure mode, or any other bind() failure, the same treatment as EADDRINUSE failures here and all connect() failures in _dbus_connect_tcp_socket_with_nonce(): if any address succeeds, then the overall operation succeeds, but if all of them fail, then the overall operation fails. I've made _dbus_combine_tcp_errors() generic enough that _dbus_connect_tcp_socket_with_nonce() could use it too, although that isn't implemented here. Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> [smcv: Adjust commit message] Signed-off-by: Simon McVittie <smcv@collabora.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61922
* sysdeps-unix: Set more specific IP-related errors when listeningSimon McVittie2018-03-091-0/+38
| | | | | | | | | | | | | | | | | | | When we have resolved a hostname/port pair to a list of IPv4 or IPv6 addresses, if we are unable to listen on a a specific one of those addresses, we should report which one. When IPv6 is disabled for the loopback interface, this changes the diagnostic from: Failed to bind socket "localhost:1234": Cannot assign requested address to the more informative Failed to bind socket "::1" port 1234: Cannot assign requested address Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61922
* _dbus_append_address_from_socket: Factor out inet_sockaddr_to_stringSimon McVittie2018-03-091-0/+97
| | | | | | Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61922
* Move defaults for some switches into a default caseSimon McVittie2017-01-171-2/+2
| | | | | | | | | This is clearly equivalent, and quiets -Wswitch-default. Based on part of a patch by Thomas Zimmermann. Signed-off-by: Simon McVittie <smcv@debian.org> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=98191
* Clean up how we arrange for environ to be declaredSimon McVittie2016-10-131-0/+2
| | | | | | | | | | | | | | | | | | | | | | | Annoyingly, the POSIX way to declare environ (as "extern char **environ") is a redundant declaration in glibc with _GNU_SOURCE; work around that. We also have a workaround for _NSGetEnviron() needing to be used instead of direct access to environ in at least some circumstances on Mac OS. Attempt to sync that up between all the files that use environ, consistently sorting the most special special-cases first (Windows for files that are compiled there, then Mac, then GNU, with lowest-common-denominator POSIX last). The affected files are already OS-specific, so I'm not bothering to introduce a nicer or higher-level API for this. Based on the best bits of an earlier patch from me, and an earlier patch from Thomas Zimmermann. Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Reviewed-by: Thomas Zimmermann <tdz@users.sourceforge.net> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=97357
* _dbus_logv: configurably log to syslog and/or stderrSimon McVittie2016-09-301-1/+1
| | | | | | | | | | | | | | | | | | | | | This changes the behaviour of _dbus_logv() if _dbus_init_system_log() was not called. Previously, _dbus_logv() would always log to syslog; additionally, it would log to stderr, unless the process is dbus-daemon and it was started by systemd. Now, it will log to stderr only, unless _dbus_init_system_log() was called first. This is the desired behaviour because when we hook up _dbus_warn_check_failed() to _dbus_logv() in the next commit, we don't want typical users of libdbus to start logging their check failures to syslog - we only want the dbus-daemon to do that. In practice this is not usually a behaviour change, because there was only one situation in which we called _dbus_logv() without first calling _dbus_init_system_log(), namely an error while parsing configuration files. Initialize the system log "just in time" in that situation to preserve existing behaviour. Signed-off-by: Simon McVittie <smcv@debian.org>
* _dbus_system_log: rename to _dbus_logSimon McVittie2016-08-111-2/+4
| | | | | | | | | This is a step towards making it write to either stderr or syslog or both, as configured globally. Signed-off-by: Simon McVittie <smcv@debian.org> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=97009
* sysdeps: move _dbus_system_log() into the shared librarySimon McVittie2016-08-111-0/+18
| | | | | | | | | | | | | | | This is in preparation for optionally making _dbus_warn() use it. dbus-daemon closes its stderr under some circumstances, including when launched by dbus-launch, which makes failures in that situation rather hard to debug. _dbus_system_log() is the same on Unix and Windows, so move it to dbus-sysdeps.c. _dbus_system_logv() remains platform-specific. Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=97009 [smcv: move the #include for syslog.h, too] Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
* Fail to generate random bytes instead of falling back to rand()Simon McVittie2015-05-141-39/+15
| | | | | | | | | | This is more robust against broken setups where we run out of memory or cannot read /dev/urandom. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=90414 Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> [smcv: document @error] Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
* Consistently save and restore errnoSimon McVittie2014-10-291-20/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | Some functions in dbus-transport-socket.c make a (wrapped) socket syscall, then call other APIs, then test the result and errno of the socket syscall. This would break horribly if those "other APIs" overwrote errno with their own value (... and this is part of why errno is an awful API). Notably, if running under DBUS_VERBOSE, _dbus_verbose() is basically fprintf(), which sets errno; and our Unix fd-passing support makes calls of the form _dbus_verbose ("Read/wrote %i unix fds\n", n) between the syscall and the result processing. Maybe one day we'll convert all of dbus' syscall wrappers to either raise a DBusError, or use the "negative errno" convention that systemd borrowed from the Linux kernel, and in particular, we would need to do that if we ever ported it to a platform where socket error reporting was not basically errno. However, in practice everyone uses something derived from BSD sockets, so "this sets errno, you know what errno is" is a good enough internal API if we make sure to use it correctly. Nothing calls _dbus_get_is_errno_nonzero(), so I just removed it instead of converting it to the new calling convention. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=83625
* Handle ETOOMANYREFS when sending recursive fds (SCM_RIGHTS)Alban Crequy2014-06-301-0/+14
| | | | | | | | | | | | | | | | | | Since Linux commit 25888e (from 2.6.37-rc4, Nov 2010), sendmsg() on Unix sockets returns -1 errno=ETOOMANYREFS ("Too many references: cannot splice") when the passfd mechanism (SCM_RIGHTS) is "abusively" used recursively by applications. A malicious client could use this to force a victim system service to be disconnected from the system bus; the victim would likely respond by exiting. This is a denial of service (fd.o #80163, CVE-2014-3532). This patch silently drops the D-Bus message on ETOOMANYREFS and does not close the connection. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=80163 Reviewed-by: Thiago Macieira <thiago@kde.org> [altered commit message to explain DoS significance -smcv] Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
* Export dbus_setenv() as a utility functionSimon McVittie2013-08-231-4/+10
| | | | | | | | | | It's sufficiently portable that GLib has an equivalent, and I really don't want to have to either open-code it in dbus-run-session or link dbus-run-session statically. We have enough statically-linked rubbish already. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=39196 Reviewed-by: Colin Walters <walters@verbum.org>
* Replace individual global-lock variables with an array of DBusRMutex *Simon McVittie2013-06-171-2/+0
| | | | | | | | | | | | | | | | | | | | | | This means we can use a much simpler code structure in data-slot allocators: instead of giving them a DBusRMutex ** at first-allocation, we can just give them an index into the array, which can be done statically. It doesn't make us any more thread-safe-by-default - the mutexes will only actually be used if threads were already initialized - but it's substantially better than nothing. These locks really do have to be recursive: for instance, internal_bus_get() calls dbus_bus_register() under the bus lock, and dbus_bus_register() can call _dbus_connection_close_possibly_shared(), which takes the bus lock. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=54972 Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Reviewed-by: Alban Crequy <alban.crequy@collabora.co.uk> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Anas Nashif <anas.nashif@intel.com>
* Remove unused global mutexes for win_fds, sid_atom_cacheSimon McVittie2013-05-131-2/+0
| | | | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=54972 Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Reviewed-by: Alban Crequy <alban.crequy@collabora.co.uk> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
* Revert "hardening: Use __secure_getenv if available"Colin Walters2012-09-281-6/+0
| | | | | | | | It breaks gnome-keyring-daemon at least in some configurations; see https://bugs.freedesktop.org/show_bug.cgi?id=52202#c24 This reverts commit 1a556443757b19fee67ef4441141246dd9cfed4f.
* hardening: Use __secure_getenv if availableColin Walters2012-09-281-0/+6
| | | | | | | | This helps us in the case where we were executed via filesystem capabilities or a SELinux domain transition, not necessarily a plain old setuid binary. https://bugs.freedesktop.org/show_bug.cgi?id=52202
* CVE-2012-3524: Don't access environment variables or run dbus-launch when setuidColin Walters2012-09-271-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This matches a corresponding change in GLib. See glib/gutils.c:g_check_setuid(). Some programs attempt to use libdbus when setuid; notably the X.org server is shipped in such a configuration. libdbus never had an explicit policy about its use in setuid programs. I'm not sure whether we should advertise such support. However, given that there are real-world programs that do this currently, we can make them safer with not too much effort. Better to fix a problem caused by an interaction between two components in *both* places if possible. How to determine whether or not we're running in a privilege-escalated path is operating system specific. Note that GTK+'s code to check euid versus uid worked historically on Unix, more modern systems have filesystem capabilities and SELinux domain transitions, neither of which are captured by the uid comparison. On Linux/glibc, the way this works is that the kernel sets an AT_SECURE flag in the ELF auxiliary vector, and glibc looks for it on startup. If found, then glibc sets a public-but-undocumented __libc_enable_secure variable which we can use. Unfortunately, while it *previously* worked to check this variable, a combination of newer binutils and RPM break it: http://www.openwall.com/lists/owl-dev/2012/08/14/1 So for now on Linux/glibc, we fall back to the historical Unix version until we get glibc fixed. On some BSD variants, there is a issetugid() function. On other Unix variants, we fall back to what GTK+ has been doing. Reported-by: Sebastian Krahmer <krahmer@suse.de> Signed-off-by: Colin Walters <walters@verbum.org>
* Avoid using monotonic time in the DBUS_COOKIE_SHA1 authentication methodDavid Zeuthen2012-04-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | When libdbus-1 moved to using monotonic time support for the DBUS_COOKIE_SHA1 authentication was broken, in particular interoperability with non-libdbus-1 implementations such as GDBus. The problem is that if monotonic clocks are available in the OS, _dbus_get_current_time() will not return the number of seconds since the Epoch so using it for DBUS_COOKIE_SHA1 will violate the D-Bus specification. If both peers are using libdbus-1 it's not a problem since both ends will use the wrong time and thus agree. However, if the other end is another implementation and following the spec it will not work. First, we change _dbus_get_current_time() back so it always returns time since the Epoch and we then rename it _dbus_get_real_time() to make this clear. We then introduce _dbus_get_monotonic_time() and carefully make all current users of _dbus_get_current_time() use it, if applicable. During this audit, one of the callers, _dbus_generate_uuid(), was currently using monotonic time but it was decided to make it use real time instead. Signed-off-by: David Zeuthen <davidz@redhat.com> Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=48580
* Merge branch 'dbus-1.4'Simon McVittie2012-03-271-12/+6
|\ | | | | | | | | | | Conflicts: NEWS configure.ac
| * Fix duplicate case value compiling with mingw-w64Andoni Morales Alastruey2012-03-271-12/+6
| | | | | | | | | | | | | | | | In mingw-w64 both ESOMETHING and WSASOMETHING are defined, leading to a duplicate case in the switch. Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=47321
* | _dbus_string_append_double, _dbus_string_parse_double: removeSimon McVittie2012-02-131-256/+0
| | | | | | | | | | | | | | | | They're unused, except by their own regression tests. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=39759 Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Reviewed-by: Lennart Poettering <lennart@poettering.net>
* | _dbus_get_environment: move from shared library to dbus-sysdeps-utilSimon McVittie2012-02-081-41/+0
|/ | | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=34976 Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Reviewed-by: Cosimo Alfarano <cosimo.alfarano@collabora.co.uk>
* Implement _dbus_atomic_get directly, rather than via inc + decSimon McVittie2011-07-291-24/+0
| | | | | | | | The Windows implementation is untested, but does at least (cross-)compile, and matches what GLib does. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=38005 Reviewed-by: Lennart Poettering <lennart@poettering.net>
* Add _dbus_atomic_get implemented in terms of inc, decSimon McVittie2011-07-251-0/+24
| | | | | Reviewed-by: Cosimo Alfarano <cosimo.alfarano@collabora.co.uk> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=38005
* Revert "Bug 28460 - Refactored dbus configuration access."Will Thompson2010-06-171-2/+1
| | | | | | This reverts commit 6f9077ee870ad02119facf83d1293301b4535c3b, which broke the build on Unix (see previous patch) and introduced a bunch of warnings.
* Bug 28460 - Refactored dbus configuration access.Ralf Habacker2010-06-141-1/+2
| | | | | | | | | | | | | | | | | | Libdbus uses several config variables. On unix these settings are read from environment variables by using _dbus_getenv. On other platforms like wince there are no environment variables available and _dbus_getenv needs an emulation for those plattforms (see dbus/dbus-sysdeps-wince-glue.c) To cleanup this emulation the appended patch adds a config api by adding _dbus_config_... functions. Also having all client config related functions listed in one header file provides a good overview about which config attributes are available. The default implementation retrieves the config values from environment variables. For other os this could be easily extended or replaced by.
* Add support for Windows CE to the code base.Marcus Brinkmann2010-04-131-1/+5
|
* Prepare for WinCE port: Convert windows code to native API, avoid errno.Marcus Brinkmann2010-04-131-4/+15
|
* Make more signal and locale interface use conditional.Marcus Brinkmann2010-03-221-1/+7
|
* Consistently include <config.h> in all C source files and never in header files.Marcus Brinkmann2010-03-191-0/+1
|
* apply remaining unapplied parts of eeedba5b2f5b008819619764943caddd52441adf ↵Romain Pokrzywka2010-02-071-0/+3
| | | | in dbus4win
* moved out DBusPipe implementation into separate filesRalf Habacker2009-12-181-59/+0
|
* Handle also WinSock errors in _dbus_error_from_errnoTor Lillqvist2009-12-011-22/+26
| | | | | | Handle those WinSock errors that match the errno values handled. Don't bother handling those errors that are mapped to DBUS_ERROR_FAILED in the switch as that is the default return value anyway.
* Remove a misleading comment.Ole André Vadla Ravnås2009-11-301-4/+0
| | | | | errno.h is present and needed on Windows. (It's not present on Windows CE though.) (cherry picked from commit cef676c0c7ea8ad352e1ecf1c3643edb1abd7ad6)
* Include <stdlib.h> for envion on Windows (cherry picked from commit ↵Christian Ehrlicher2009-11-291-0/+4
| | | | 5874d104f52a0ef4d956ab56376776d3e385072f)
* Bug 896 - Avoid race conditions reading message from exited processColin Walters2009-07-131-0/+10
| | | | | | | | | | | | Patch based on extensive work from Michael Meeks <michael.meeks@novell.com>, thanks to Dafydd Harries <dafydd.harries@collabora.co.uk>, Kimmo Hämäläinen <kimmo.hamalainen@nokia.com> and others. The basic idea with this bug is that we effectively ignore errors on write. Only when we're done reading from a connection do we close down a connection. This avoids a race condition where if a process (such as dbus-send) exited while we still had data to read in the buffer, we'd miss that data.
* Bug 21161 - Update the FSF addressTobias Mueller2009-07-101-1/+1
| | | | | | No comment. Signed-off-by: Colin Walters <walters@verbum.org>
* Various compiler warning fixesColin Walters2008-12-191-2/+2
|
* Add new _dbus_get_environment callRay Strode2008-07-111-0/+42
| | | | | | | | It's a wrapper around the environ external variable. It will be important in the future when we allow bus clients to modify the environment of future activated clients. Presently, we just always use the bus daemon environment wholesale.
* fd.o bug #11872 fix clearenv for systems that do not have itJohn (J5) Palmieri2007-10-031-1/+13
| | | | * patch from Brian Cameron <brian.cameron at sun.com>
* 2007-07-24 Richard Hughes <richard@hughsie.com>Richard Hughes2007-07-241-0/+11
| | | | | | * dbus/dbus-sysdeps.c: (_dbus_clearenv): * dbus/dbus-sysdeps.h: Add a wrapper for clearenv.
* 2007-07-13 Havoc Pennington <hp@redhat.com>Havoc Pennington2007-07-141-1/+1
| | | | * Add indent-tabs-mode: nil to all file headers.
* 2007-07-12 Havoc Pennington <hp@redhat.com>Havoc Pennington2007-07-121-0/+6
| | | | | | | * dbus/dbus-sysdeps-util.c (_dbus_sysdeps_test): invert the test for parsing hex as double to be sure it fails to work * dbus/dbus-sysdeps.c (_dbus_string_parse_double): don't allow hex numbers.
* 2007-06-15 Havoc Pennington <hp@redhat.com>Havoc Pennington2007-06-151-0/+49
| | | | | | | | | | | | | | * dbus/dbus-sysdeps.c (_dbus_set_errno_to_zero) (_dbus_get_is_errno_nonzero, _dbus_get_is_errno_eintr) (_dbus_strerror_from_errno): family of functions to abstract errno, though these are somewhat bogus (really we should make our socket wrappers not use errno probably - the issue is that any usage of errno that isn't socket-related probably is not cross-platform, so should either be in a unix-only file that can use errno directly, or is a bug - these general errno wrappers hide issues of this nature in non-socket code, while socket-specific API changes would not since sockets are allowed cross-platform)
* * dbus/dbus-sysdeps.c: moved global lock system_users from dbus-userdb.cRalf Habacker2007-06-141-0/+1
|
* 2007-06-09 Havoc Pennington <hp@redhat.com>Havoc Pennington2007-06-091-105/+4
| | | | | | | | | | | | | | | | | | | * bus/dispatch.c (check_get_connection_unix_process_id): adapt since sysdeps-unix.h stuff isn't included anymore * bus/bus.c (bus_context_new): use more abstract functions to change user, so they can be no-ops on Windows * dbus/dbus-credentials.c, dbus/dbus-credentials.h, dbus/dbus-credentials-util.c: new files containing a fully opaque DBusCredentials data type to replace the old not opaque one. * configure.in (DBUS_UNIX): define DBUS_UNIX to match DBUS_WIN on windows * dbus/dbus-userdb.h: prohibit on Windows, next step is to clean up the uses of it in bus/*.c and factor out the parts of cookie auth that depend on it
View Lorry Controller Status