summaryrefslogtreecommitdiff
path: root/doc
Commit message (Collapse)AuthorAgeFilesLines
* Start working on dbus 1.13.10Simon McVittie2018-12-041-2/+2
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* 1.13.8dbus-1.13.8Simon McVittie2018-12-041-2/+12
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* doc: Remove obsolete message about man2htmlSimon McVittie2018-12-041-1/+0
| | | | | | We no longer run man2html. Signed-off-by: Simon McVittie <smcv@collabora.com>
* doc: Don't include ChangeLog in dbus-docs.tar.xzSimon McVittie2018-12-041-1/+1
| | | | | Signed-off-by: Simon McVittie <smcv@collabora.com> Fixes: e93b421137493710cb6b81420d15928eb13014e3
* doc: Use tar --xz to create dbus-docs.tar.xzSimon McVittie2018-12-041-1/+1
| | | | | Signed-off-by: Simon McVittie <smcv@collabora.com> Fixes: b805744029e6c497b0b92051199a304636e82fcd
* Merge branch 'max-conns-per-user' into 'master'Simon McVittie2018-12-031-1/+1
|\ | | | | | | | | | | | | | | test/dbus-daemon: Mark max-connections-per-user as unimplemented on Windows See merge request dbus/dbus!54 Reviewed-by: pwithnall Reviewed-by: rhabacker
| * dbus-daemon(1): Document max_connections_per_user as Unix-onlySimon McVittie2018-11-291-1/+1
| | | | | | | | | | | | The limit is accepted on Windows, but not enforced. Signed-off-by: Simon McVittie <smcv@collabora.com>
* | spec: Fix a typo in an ObjectManager examplePhilip Withnall2018-12-031-1/+1
|/ | | | | | | | As spotted by Peter Bigot. Closes #221 Signed-off-by: Philip Withnall <withnall@endlessm.com>
* CONTRIBUTING: Reformat as MarkdownSimon McVittie2018-10-191-1/+1
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* Distribute source code using .tar.xz archivesFrancesco Turco2018-08-292-4/+4
| | | | | | | | | This saves around 32% of the size of the archive. [smcv: Rebased onto current master] Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=107630
* Rename HACKING to CONTRIBUTINGSimon McVittie2018-08-221-1/+1
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* 1.13.4dbus-1.13.4Simon McVittie2018-04-301-3/+14
|
* build: Uninstall JavaScript and CSS from htmldirSimon McVittie2018-04-271-0/+2
| | | | | | Otherwise, distcheck fails when mallard-ducktype is available. Signed-off-by: Simon McVittie <smcv@collabora.com>
* spec: Describe nonce-tcp as "nonce-authenticated", not "nonce-secured"Simon McVittie2018-04-251-1/+1
| | | | | | | | | | | nonce-tcp isn't really any more secure than tcp, unless you are using ANONYMOUS authentication, which should not be considered secure in any case. Avoid the word "secured" so that people don't get the wrong idea. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com>
* spec, dbus-daemon(1): Mention and deprecate shared session busesSimon McVittie2018-04-252-0/+26
| | | | | | | | | | | | | | | This might (?) have made sense behind a firewall in 2003; but now it's 2018, the typical threat model that we are defending against has changed from "vandals want to feel proud of their l33t skills" to "organised crime wants your money", and a "trusted" local LAN probably contains an obsolete phone, tablet, games console or Internet-of-Things-enabled toaster with remote root exploits. This make network topologies that used to be acceptable look increasingly irresponsible. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com>
* spec: Note that EXTERNAL is not *completely* impossible via TCPSimon McVittie2018-04-251-1/+4
| | | | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
* spec: Expand on how tcp connections are normally authenticatedSimon McVittie2018-04-251-2/+5
| | | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com>
* dbus-daemon(1): Recommend requiring EXTERNAL on non-Windows OSsSimon McVittie2018-04-231-0/+4
| | | | | | | | | | | This is the default, and blocks TCP-based attacks by making the attacker fail to authenticate (while also preventing inadvisable TCP-based configurations from working). Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Philip Withnall <withnall@endlessm.com>
* dbus-daemon(1): Put some scary warnings on <allow_anonymous/>Simon McVittie2018-04-231-0/+7
| | | | | | | | | | I'm far from convinced that this option should even *exist*, but it should definitely be documented as a very bad thing. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Philip Withnall <withnall@endlessm.com>
* spec: Describe the security properties of nonce-tcp in terms of tcpSimon McVittie2018-04-231-0/+26
| | | | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Philip Withnall <withnall@endlessm.com>
* spec, dbus-daemon(1): Recommend against remote TCP for debuggingSimon McVittie2018-04-232-0/+20
| | | | | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Philip Withnall <withnall@endlessm.com> [smcv: Add a TODO comment as suggested] Signed-off-by: Simon McVittie <smcv@collabora.com>
* spec, dbus-daemon(1): Say that non-local TCP is insecureSimon McVittie2018-04-232-4/+29
| | | | | | | | | | | | | With some fairly reasonable threat models (active or passive local attacker able to eavesdrop on the network link, confidential information being transferred via D-Bus), secure authentication is insufficient to make this transport secure: it does not protect confidentiality or integrity either. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Philip Withnall <withnall@endlessm.com>
* spec: Don't claim that the nonce-tcp transport is "secured"Simon McVittie2018-04-231-4/+4
| | | | | | | | | | | | | | | | Like the normal TCP transport, it has no confidentiality or integrity protection. The only difference is that it adds an extra layer of authentication. However, this extra authentication is easily defeated if an attacker could be eavesdropping on the link between client and server (unlike DBUS_COOKIE_SHA1, which for all its flaws does at least protect the confidentiality of the magic cookie). Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Philip Withnall <withnall@endlessm.com>
* spec: Recommend Unix domain sockets for all non-Windows platformsSimon McVittie2018-04-231-1/+6
| | | | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Philip Withnall <withnall@endlessm.com>
* doxygen_to_devhelp: Produce Devhelp index format v2Simon McVittie2018-04-233-3/+9
| | | | | | | | | The old version-1 format is deprecated and now produces warnings. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106186 Reviewed-by: Philip Withnall <withnall@endlessm.com> [smcv: Add the .devhelp2 file to .gitignore as suggested] Signed-off-by: Simon McVittie <smcv@collabora.com>
* doxygen_to_devhelp: Make the API reference the front pageSimon McVittie2018-04-231-1/+2
| | | | | | | | | | | | The tutorial is not necessarily a great entry point for the libdbus documentation: it's infrequently updated, and we should probably have the "If you use this low-level API directly, you're signing up for some pain" message from the API reference show up in devhelp more immediately. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106186 Reviewed-by: Philip Withnall <withnall@endlessm.com> [smcv: Add longer commit message with rationale] Signed-off-by: Simon McVittie <smcv@collabora.com>
* doc: Install highlight.pack.js if presentSimon McVittie2018-04-232-0/+2
| | | | | | | | | | Newer versions of yelp-build use this instead of a jQuery syntax highlighter. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106171 Reviewed-by: Philip Withnall <withnall@endlessm.com> [smcv: Also add it to .gitignore as suggested] Signed-off-by: Simon McVittie <smcv@collabora.com>
* doc: Only install ancillary files from yelp-build if they existSimon McVittie2018-04-231-3/+14
| | | | | | | | Newer versions of yelp-build don't install jquery. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106171 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com>
* doc: Fix bracket escaping in Ducktype API design filePhilip Withnall2018-02-081-22/+22
| | | | | | | | | | | | There’s no need to escape closing brackets if the paired opening bracket is escaped (or doesn’t need escaping). See https://github.com/projectmallard/mallard-ducktype/issues/16#issuecomment-362590519. Signed-off-by: Philip Withnall <withnall@endlessm.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=104925 Reviewed-by: Simon McVittie <smcv@collabora.com>
* Start developing spec v0.33Simon McVittie2018-02-011-4/+2
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* Release spec v0.32Simon McVittie2018-01-301-1/+37
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* spec: Document the design principle that new headers must be asked forSimon McVittie2018-01-111-0/+19
| | | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=100317 Reviewed-by: Philip Withnall <withnall@endlessm.com> Signed-off-by: Simon McVittie <smcv@collabora.com>
* dbus-daemon: Filter out unknown header fieldsSimon McVittie2018-01-111-1/+24
| | | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=100317 Reviewed-by: Philip Withnall <withnall@endlessm.com> Signed-off-by: Simon McVittie <smcv@collabora.com>
* spec: Recommend that relaying servers filter header fieldsSimon McVittie2018-01-111-11/+37
| | | | | | | | | | | | | | | | | | | | | | | This is an interpretation of the existing text. There are two plausible ways a relaying server could interpret "must ignore [new] fields": it could pass them through as-is, or it could delete them before relaying. Until now, the reference implementation has done the former. However, this behaviour is difficult to defend. If a server relays messages without filtering out header fields that it doesn't understand, then a client can't know whether the header field was supplied by the server, or whether it was supplied by a (possibly malicious) fellow client. We can't introduce useful round-trip-reducing header fields like SENDER_UNIX_USER_ID or SENDER_LINUX_SECURITY_LABEL until the message bus filters them out, *and* provides a way for clients to know for sure that it has done so. This is a step towards that feature. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=100317 Reviewed-by: Philip Withnall <withnall@endlessm.com> Signed-off-by: Simon McVittie <smcv@collabora.com>
* spec: Allow non-message-bus servers to use SENDER and DESTINATIONSimon McVittie2018-01-111-5/+13
| | | | | | | | | | The Telepathy "Tubes" APIs are an example of a server that is not a message bus, but makes use of the sender and destination fields to provide broadly unique-connection-name-like semantics. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=100317 Reviewed-by: Philip Withnall <withnall@endlessm.com> Signed-off-by: Simon McVittie <smcv@collabora.com>
* spec: Describe the EXTERNAL and ANONYMOUS auth mechanismsSimon McVittie2018-01-111-5/+58
| | | | | | | | | | | These are defined by standard RFCs rather than by D-Bus. What separates them from other standard mechanisms like PLAIN (RFC 4616) is that in practice, D-Bus implementations support EXTERNAL, DBUS_COOKIE_SHA1 and sometimes ANONYMOUS, but not PLAIN. Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=104224
* spec: Make example authentication transactions more realisticSimon McVittie2018-01-111-16/+17
| | | | | | | | | We don't need to invent a MAGIC_COOKIE mechanism when we have a perfectly good EXTERNAL. Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=104224
* spec: Define what non-empty authorization identity strings meanSimon McVittie2018-01-111-0/+26
| | | | | | | | | | | The SASL RFC requires that we do this. I had previously thought that the D-Bus protocol on Unix requires the use of numeric user IDs, but in fact the reference implementation will also accept usernames. Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com> Reviewed-by: David Herrmann <dh.herrmann@gmail.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=104224
* spec: ERROR takes an optional explanation in both directionsSimon McVittie2018-01-111-1/+1
| | | | | | | | | | The examples don't include an explanation, but the reference implementation always sends the human-readable explanation, in both directions. Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=104224
* spec: Document NEGOTIATE_UNIX_FD, AGREE_UNIX_FD in state machinesSimon McVittie2018-01-111-5/+63
| | | | | | Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=104224
* spec: Document expected reply for each client-to-server auth commandSimon McVittie2018-01-111-0/+6
| | | | | | | | | | | Client-to-server auth commands expect a reply, whereas server-to-client auth commands don't (the client is expected to send another command that is valid in the new state, but it isn't really a direct reply to the server-to-client command). Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=104224
* spec: Document the direction of each auth commandSimon McVittie2018-01-111-0/+24
| | | | | | Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=104224
* spec: Move text about the BEGIN command to documentation of BEGINSimon McVittie2018-01-111-14/+15
| | | | | | | | | | | | | Having the text about the message stream in the documentation of AUTH seemed rather odd, and made it likely to get out of sync with the rest of the spec. Move it to the BEGIN section, remove some duplication, and make it clearer that if the client pipelines the fd-negotiation, the server is expected to send exactly one reply per non-BEGIN command before switching to the D-Bus wire protocol. Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=104224
* spec: Explicitly say that auth client and server take turnsSimon McVittie2018-01-111-1/+3
| | | | | | | | | This was (hopefully) implicit in the protocol descriptions, but we never actually said it. Do so. Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=104224
* Revert "spec: Document the initial Containers1 interface"Simon McVittie2018-01-111-552/+0
| | | | | | | | This reverts commit 39262d0a2913fc8ee951beb3d0241720abf651c0. I'm reasonably sure the API for Container1 is going to change incompatibly, so it isn't ready to be in the published spec yet. Signed-off-by: Simon McVittie <smcv@collabora.com>
* spec: Deprecate hyphen/minus in well-known namesSimon McVittie2017-12-241-3/+36
| | | | | | | | | | | | | | | | | | | | | | | We don't really need two parallel forms of punctuation, and in particular DNS domain names only have one (hyphens). If we choose one representation and deprecate the other, it makes the recommendation clearer for app authors. This reflects a similar change to the Desktop Entry Specification, which uses D-Bus well-known names as app IDs. While hyphens are not a problem for D-Bus well-known names or for freedesktop.org app IDs, they create problems for adjacent APIs and specifications that want to use a well-known name in a context where hyphens are not allowed. Hyphens are not allowed in D-Bus object paths and interface names, are only conditionally allowed in Flatpak app IDs (they can only appear in the last element), and have a special syntactic role in Freedesktop icon names. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=103216 Bug: https://bugs.freedesktop.org/show_bug.cgi?id=103914 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com> Reviewed-by: Alexander Larsson <alexl@redhat.com>
* bus: Add (unused) settings for resource limits for containersSimon McVittie2017-12-121-0/+8
| | | | | | | | | These will be enforced in subsequent commits. Reviewed-by: Philip Withnall <withnall@endlessm.com> [smcv: Fix whitespace] Signed-off-by: Simon McVittie <smcv@collabora.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=101354
* spec: Document the initial Containers1 interfaceSimon McVittie2017-12-111-0/+552
| | | | | | Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=101354
* doc: Fix dbus-send.1 uint16 typoDavid King2017-10-091-1/+1
| | | | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=103075 Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1467415 Reviewed-by: Philip Withnall <withnall@endlessm.com> Reviewed-by: Simon McVittie <smcv@collabora.com>
* policy: Add max_fds, min_fds qualifiers for send, receive rulesSimon McVittie2017-07-281-0/+20
| | | | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=101848 Reviewed-by: Thiago Macieira <thiago@kde.org> [smcv: Revert an incorrect comment change] Signed-off-by: Simon McVittie <smcv@collabora.com>
View Lorry Controller Status