Commit 893d859e authored by Havoc Pennington's avatar Havoc Pennington

2003-04-28 Havoc Pennington <hp@redhat.com>

	* configure.in: 0.10

	* NEWS: update

	* bus/system.conf.in: add <includedir>system.d</includedir>

	* dbus/dbus-userdb.c (_dbus_user_database_lookup): fix bug when
	username was provided but not uid

	* bus/config-parser.c (struct BusConfigParser): keep track of
	whether the parser is toplevel or was included; change some
	of the error handling if it's included.
parent e8d396ef
2003-04-28 Havoc Pennington <hp@redhat.com>
* configure.in: 0.10
* NEWS: update
* bus/system.conf.in: add <includedir>system.d</includedir>
* dbus/dbus-userdb.c (_dbus_user_database_lookup): fix bug when
username was provided but not uid
* bus/config-parser.c (struct BusConfigParser): keep track of
whether the parser is toplevel or was included; change some
of the error handling if it's included.
2003-04-27 Havoc Pennington <hp@pobox.com>
Unbreak my code...
......
D-BUS 0.10
===
- reversed order of args to dbus_message_new()
- renamed dbus_message_name_is() and some other
functions
- change DBusWatch to have dbus_watch_handle()
similar to dbus_timeout_handle(), drop
connection/server-specific handle routines
- change message serials to be unsigned
- implemented <allow>/<deny>/<limit> features for
config file; system bus now has a deny-all policy
by default.
- system.conf has <includedir>system.d</includedir>
so packages can install additions to the default
policy to <allow> the messages they need. e.g.
CUPS might install a cups.conf - see
test/data/valid-config-files/system.d/test.conf
for an example.
- add timeouts for authentication, activation
- add glib-style "checks" on public API, enable
those by default, disable assertions by default
- add GMainContext argument to GLib setup functions,
can be NULL for default context. Needed for threads.
- add 64-bit integer type
- validate type of standard message header fields
- consider messages in the org.freedesktop.Local
namespace to be invalid (to avoid fake disconnect
messages for example)
- fix assorted memory leaks and other bugs in
the SHA-1 auth mechanism
- cache user database information (groups user is
in, etc.) helps a lot with NIS
- always store uid_t, pid_t, gid_t in "ulong"
rather than "int"
- implement config file settings for which
users can connect
- SHA-1 unit test
- dbus-send, dbus-monitor command line utilities
- fixed lots of misc crashes and other bugs
D-BUS 0.9
===
......
......@@ -312,7 +312,7 @@ bus_context_new (const DBusString *config_file,
context = NULL;
auth_mechanisms = NULL;
parser = bus_config_load (config_file, error);
parser = bus_config_load (config_file, TRUE, error);
if (parser == NULL)
goto failed;
......
......@@ -164,6 +164,7 @@ expat_CharacterDataHandler (void *userData,
BusConfigParser*
bus_config_load (const DBusString *file,
dbus_bool_t is_toplevel,
DBusError *error)
{
XML_Parser expat;
......@@ -207,7 +208,7 @@ bus_config_load (const DBusString *file,
goto failed;
}
parser = bus_config_parser_new (&dirname);
parser = bus_config_parser_new (&dirname, is_toplevel);
if (parser == NULL)
{
dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
......
......@@ -109,10 +109,12 @@ struct BusConfigParser
BusPolicy *policy; /**< Security policy */
BusLimits limits; /**< Limits */
char *pidfile; /**< PID file */
unsigned int fork : 1; /**< TRUE to fork into daemon mode */
char *pidfile;
unsigned int is_toplevel : 1; /**< FALSE if we are a sub-config-file inside another one */
};
static const char*
......@@ -266,7 +268,8 @@ merge_included (BusConfigParser *parser,
}
BusConfigParser*
bus_config_parser_new (const DBusString *basedir)
bus_config_parser_new (const DBusString *basedir,
dbus_bool_t is_toplevel)
{
BusConfigParser *parser;
......@@ -274,6 +277,8 @@ bus_config_parser_new (const DBusString *basedir)
if (parser == NULL)
return NULL;
parser->is_toplevel = !!is_toplevel;
if (!_dbus_string_init (&parser->basedir))
{
dbus_free (parser);
......@@ -1388,7 +1393,7 @@ include_file (BusConfigParser *parser,
DBusError tmp_error;
dbus_error_init (&tmp_error);
included = bus_config_load (filename, &tmp_error);
included = bus_config_load (filename, FALSE, &tmp_error);
if (included == NULL)
{
_DBUS_ASSERT_ERROR_IS_SET (&tmp_error);
......@@ -1759,7 +1764,7 @@ bus_config_parser_finished (BusConfigParser *parser,
return FALSE;
}
if (parser->listen_on == NULL)
if (parser->is_toplevel && parser->listen_on == NULL)
{
dbus_set_error (error, DBUS_ERROR_FAILED,
"Configuration file needs one or more <listen> elements giving addresses");
......@@ -1853,7 +1858,7 @@ do_load (const DBusString *full_path,
dbus_error_init (&error);
parser = bus_config_load (full_path, &error);
parser = bus_config_load (full_path, TRUE, &error);
if (parser == NULL)
{
_DBUS_ASSERT_ERROR_IS_SET (&error);
......
......@@ -35,7 +35,8 @@
typedef struct BusConfigParser BusConfigParser;
BusConfigParser* bus_config_parser_new (const DBusString *basedir);
BusConfigParser* bus_config_parser_new (const DBusString *basedir,
dbus_bool_t is_toplevel);
void bus_config_parser_ref (BusConfigParser *parser);
void bus_config_parser_unref (BusConfigParser *parser);
dbus_bool_t bus_config_parser_check_doctype (BusConfigParser *parser,
......@@ -71,6 +72,7 @@ void bus_config_parser_get_limits (BusConfigParser *parser,
* finished ConfigParser.
*/
BusConfigParser* bus_config_load (const DBusString *file,
dbus_bool_t is_toplevel,
DBusError *error);
......
......@@ -38,7 +38,12 @@
<allow user="*"/>
</policy>
<!-- Config files are placed here that among other things, punch
holes in the above policy for specific services. -->
<includedir>system.d</includedir>
<!-- This is included last so local configuration can override what's
in this standard file -->
<include ignore_missing="yes">system-local.conf</include>
</busconfig>
......@@ -3,7 +3,7 @@ AC_PREREQ(2.52)
AC_INIT(dbus/dbus.h)
AM_INIT_AUTOMAKE(dbus, 0.9)
AM_INIT_AUTOMAKE(dbus, 0.10)
AM_CONFIG_HEADER(config.h)
......
......@@ -69,7 +69,8 @@ _dbus_user_database_lookup (DBusUserDatabase *db,
DBusUserInfo *info;
_DBUS_ASSERT_ERROR_IS_CLEAR (error);
_dbus_assert (uid != DBUS_UID_UNSET || username != NULL);
if (uid != DBUS_UID_UNSET)
info = _dbus_hash_table_lookup_ulong (db->users, uid);
else
......@@ -93,13 +94,30 @@ _dbus_user_database_lookup (DBusUserDatabase *db,
return NULL;
}
if (!_dbus_user_info_fill_uid (info, uid, error))
if (uid != DBUS_UID_UNSET)
{
_DBUS_ASSERT_ERROR_IS_SET (error);
free_user_info (info);
return NULL;
if (!_dbus_user_info_fill_uid (info, uid, error))
{
_DBUS_ASSERT_ERROR_IS_SET (error);
free_user_info (info);
return NULL;
}
}
else
{
if (!_dbus_user_info_fill (info, username, error))
{
_DBUS_ASSERT_ERROR_IS_SET (error);
free_user_info (info);
return NULL;
}
}
/* be sure we don't use these after here */
uid = DBUS_UID_UNSET;
username = NULL;
/* insert into hash */
if (!_dbus_hash_table_insert_ulong (db->users, info->uid, info))
{
dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
......
......@@ -61,6 +61,7 @@ TESTDIRS= \
data/sha-1 \
data/valid-config-files \
data/valid-config-files/basic.d \
data/valid-config-files/system.d \
data/valid-service-files
FIND_TESTS=find -name "*.message" -o -name "*.message-raw" -o -name "*.auth-script" -o -name "*.sha1" -o -name "*.txt" -o -name "*.conf" -o -name "*.service"
......
<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
<!-- The following demonstrates how to punch holes in a default deny-all
policy so that a particular user can own a service, and other
connections can get messages from it -->
<!-- Only fooserviceuser can own the FooService service, and
this user can only send the one kind of message -->
<policy user="fooserviceuser">
<allow own="org.foo.FooService"/>
<allow send="org.foo.FooBroadcastMessage"/>
</policy>
<!-- Allow any connection to receive the message, but
only if the message is sent by the owner of FooService -->
<policy context="default">
<allow receive="org.foo.FooBroadcastMessage" receive_from="org.foo.FooService"/>
</policy>
</busconfig>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment