• David Zeuthen's avatar
    Avoid using monotonic time in the DBUS_COOKIE_SHA1 authentication method · 87035143
    David Zeuthen authored
    When libdbus-1 moved to using monotonic time support for the
    DBUS_COOKIE_SHA1 authentication was broken, in particular
    interoperability with non-libdbus-1 implementations such as GDBus.
    The problem is that if monotonic clocks are available in the OS,
    _dbus_get_current_time() will not return the number of seconds since
    the Epoch so using it for DBUS_COOKIE_SHA1 will violate the D-Bus
    specification. If both peers are using libdbus-1 it's not a problem
    since both ends will use the wrong time and thus agree. However, if
    the other end is another implementation and following the spec it will
    not work.
    First, we change _dbus_get_current_time() back so it always returns
    time since the Epoch and we then rename it _dbus_get_real_time() to
    make this clear. We then introduce _dbus_get_monotonic_time() and
    carefully make all current users of _dbus_get_current_time() use it,
    if applicable. During this audit, one of the callers,
    _dbus_generate_uuid(), was currently using monotonic time but it was
    decided to make it use real time instead.
    Signed-off-by: default avatarDavid Zeuthen <davidz@redhat.com>
    Reviewed-by: default avatarSimon McVittie <simon.mcvittie@collabora.co.uk>
    Bug: https://bugs.freedesktop.org/show_bug.cgi?id=48580
dbus-sysdeps.h 20.3 KB