1. 02 Mar, 2018 1 commit
  2. 15 Jan, 2018 1 commit
  3. 29 Jun, 2017 2 commits
  4. 08 Jun, 2017 1 commit
  5. 02 Jun, 2017 2 commits
  6. 01 Jan, 2015 1 commit
    • Simon McVittie's avatar
      Hardening: reject UpdateActivationEnvironment on non-canonical path · 6a3f563a
      Simon McVittie authored
      UpdateActivationEnvironment is the one dbus-daemon API call that is
      obviously dangerous (it is intended for the session bus),
      so the default system.conf does not allow anyone to call it.
      
      It has recently come to the D-Bus maintainers' attention that some
      system services incorrectly install D-Bus policy rules that allow
      arbitrary method calls to any destination as long as they have a
      "safe" object path. This is not actually safe: some system services
      that use low-level D-Bus bindings like libdbus, including dbus-daemon
      itself, provide the same API on all object paths.
      
      Unauthorized calls to UpdateActivationEnvironment are probably just
      resource consumption rather than privilege escalation, because on
      the system bus, the modified environment is only used to execute
      a setuid wrapper that avoids LD_PRELOAD etc. via normal setuid
      handling, and sanitizes its own environment before executing
      the real service. However, it's safest to assume the worst and
      treat it as a potential privilege escalation.
      
      Accordingly, as a hardening measure to avoid privilege escalation on
      systems with these faulty services, stop allowing calls to
      ("/com/example/Whatever",
      "org.freedesktop.DBus.UpdateActivationEnvironment")
      and only allow ("/org/freedesktop/DBus",
      "org.freedesktop.DBus.UpdateActivationEnvironment").
      
      We deliberately continue to provide read-only APIs like
      GetConnectionUnixUser at all object paths, for backwards compatibility.
      Reviewed-by: Thiago Macieira's avatarThiago Macieira <thiago@kde.org>
      [adjusted commit message to note that this is probably only DoS -smcv]
      6a3f563a
  7. 14 Jul, 2009 1 commit
  8. 10 Jul, 2009 1 commit
  9. 14 Jul, 2007 1 commit
  10. 06 Sep, 2006 1 commit
    • John Palmieri's avatar
      * bus/driver.c: · 61316dd8
      John Palmieri authored
        (bus_driver_generate_introspect_string): New method for populating
        a DBusString with the introspect data
        (bus_driver_handle_introspect): Move introspect generation code to
        bus_driver_generate_introspect_string
      
      * bus/main.c:
        (introspect): New function which prints out the intropect data and
        exits
        (main): Add a --introspect switch
      61316dd8
  11. 24 Sep, 2004 1 commit
  12. 10 Aug, 2004 1 commit
  13. 02 Dec, 2003 1 commit
  14. 13 Mar, 2003 1 commit
    • Havoc Pennington's avatar
      2003-03-12 Havoc Pennington <hp@redhat.com> · 29560adc
      Havoc Pennington authored
              Mega-patch that gets the message bus daemon initially handling
      	out-of-memory. Work still needed. Also lots of random
      	moving stuff to DBusError instead of ResultCode.
      
      	* dbus/dbus-list.c (_dbus_list_length_is_one): new function
      
      	* dbus/dbus-connection.c
      	(dbus_connection_send_with_reply_and_block): use DBusError
      
      	* dbus/dbus-bus.c: adapt to API changes, make it use DBusError not
      	DBusResultCode
      
      	* dbus/dbus-connection.c (dbus_connection_send): drop the result
      	code here, as the only failure possible is OOM.
      
      	* bus/connection.c (bus_connection_disconnect):
      	rename bus_connection_disconnected as it's a notification only
      
      	* bus/driver.c (bus_driver_handle_acquire_service): don't free
      	"name" on get_args failure, should be done by get_args;
      	don't disconnect client for bad args, just return an error.
      	(bus_driver_handle_service_exists): ditto
      
      	* bus/services.c (bus_services_list): NULL-terminate returned array
      
      	* bus/driver.c (bus_driver_send_service_lost)
      	(bus_driver_send_service_acquired): send messages from driver to a
      	specific client to the client's unique name, not to the broadcast
      	service.
      
      	* dbus/dbus-message.c (decode_header_data): reject messages that
      	contain no name field
      	(_dbus_message_get_client_serial): rename to
      	dbus_message_get_serial and make public
      	(_dbus_message_set_serial): rename from set_client_serial
      	(_dbus_message_set_reply_serial): make public
      	(_dbus_message_get_reply_serial): make public
      
      	* bus/connection.c (bus_connection_foreach): allow stopping
      	iteration by returning FALSE from foreach function.
      
      	* dbus/dbus-connection.c (dbus_connection_send_preallocated)
      	(dbus_connection_free_preallocated_send)
      	(dbus_connection_preallocate_send): new API for sending a message
      	without possibility of malloc failure.
      	(dbus_connection_send_message): rename to just
      	dbus_connection_send (and same for whole function family)
      
      	* dbus/dbus-errors.c (dbus_error_free): make this reinit the error
      
      	* dbus/dbus-sysdeps.c (_dbus_exit): new function
      
      	* bus/activation.c: handle/return errors
      
      	* dbus/dbus-errors.h: add more DBUS_ERROR #define
      
      	* dbus/dbus-sysdeps.c (_dbus_directory_open) (_dbus_file_get_contents)
      	(_dbus_directory_get_next_file): use DBusError instead of DBusResultCode
      	(_dbus_result_from_errno): move to this file
      29560adc
  15. 13 Feb, 2003 1 commit
  16. 27 Jan, 2003 1 commit
    • Anders Carlsson's avatar
      2003-01-27 Anders Carlsson <andersca@codefactory.se> · ee1133de
      Anders Carlsson authored
      	* bus/dispatch.c: (bus_dispatch_message_handler):
      	Dispatch messages sent to services.
      
      	* bus/driver.c: (bus_driver_send_service_deleted),
      	(bus_driver_send_service_created), (bus_driver_send_service_lost),
      	(bus_driver_send_service_acquired):
      	Add helper functions for sending service related messages.
      
      	(bus_driver_send_welcome_message):
      	Send HELLO_REPLY instead of WELCOME.
      
      	(bus_driver_handle_list_services):
      	Send LIST_SERVICES_REPLY instead of SERVICES.
      
      	(bus_driver_handle_own_service),
      	(bus_driver_handle_service_exists):
      	New message handlers.
      
      	(bus_driver_handle_message):
      	Invoke new message handlers.
      
      	(bus_driver_remove_connection):
      	Don't remove any services here since that's done automatically
      	by bus_service_remove_owner now.
      
      	* bus/driver.h:
      	New function signatures.
      
      	* bus/services.c: (bus_service_add_owner):
      	Send ServiceAcquired message if we're the only primary owner.
      
      	(bus_service_remove_owner):
      	Send ServiceAcquired/ServiceLost messages.
      
      	(bus_service_set_prohibit_replacement),
      	(bus_service_get_prohibit_replacement):
      	Functions for setting prohibit replacement.
      
      	(bus_service_has_owner):
      	New function that checks if a connection is in the owner queue of
      	a certain service.
      
      	* bus/services.h:
      	Add new function signatures.
      
      	* dbus/dbus-list.c: (_dbus_list_test):
      	Add tests for _dbus_list_remove_last and traversing the list backwards.
      
      	* dbus/dbus-list.h:
      	Fix a typo in _dbus_list_get_prev_link, if we're at the first element we can't
      	go any further, so return NULL then.
      
      	* dbus/dbus-protocol.h:
      	Add new messages, service flags and service replies.
      ee1133de
  17. 25 Jan, 2003 1 commit
    • Anders Carlsson's avatar
      2003-01-25 Anders Carlsson <andersca@codefactory.se> · 39dd1fce
      Anders Carlsson authored
      	* bus/Makefile.am:
      	* bus/connection.c: (connection_disconnect_handler),
      	(connection_watch_callback), (bus_connection_setup):
      	* bus/dispatch.c: (send_one_message),
      	(bus_dispatch_broadcast_message), (bus_dispatch_message_handler),
      	(bus_dispatch_add_connection), (bus_dispatch_remove_connection):
      	* bus/dispatch.h:
      	* bus/driver.c: (bus_driver_send_service_deleted),
      	(bus_driver_send_service_created), (bus_driver_handle_hello),
      	(bus_driver_send_welcome_message),
      	(bus_driver_handle_list_services), (bus_driver_remove_connection),
      	(bus_driver_handle_message):
      	* bus/driver.h:
      	Refactor code, put the message dispatching in its own file. Use
      	_DBUS_HANDLE_OOM. Also send ServiceDeleted messages when a client
      	is disconnected.
      39dd1fce
  18. 22 Jan, 2003 1 commit
  19. 21 Jan, 2003 2 commits
    • Anders Carlsson's avatar
      2003-01-21 Anders Carlsson <andersca@codefactory.se> · aff24a72
      Anders Carlsson authored
      	* bus/Makefile.am:
      	Add driver.[ch]
      
      	* bus/connection.c: (connection_disconnect_handler):
      	Remove the connection from the bus driver's list.
      
      	(connection_watch_callback): Dispatch messages.
      
      	(free_connection_data): Free connection name.
      
      	(bus_connection_setup): Add connection to the bus driver's list.
      	(bus_connection_remove_owned_service):
      	(bus_connection_set_name), (bus_connection_get_name):
      	Add functions for setting and getting the connection's name.
      
      	* bus/connection.h:
      	Add function headers.
      
      	* bus/driver.c: (create_unique_client_name),
      	(bus_driver_handle_hello_message),
      	(bus_driver_send_welcome_message), (bus_driver_message_handler),
      	(bus_driver_add_connection), (bus_driver_remove_connection):
      	* bus/driver.h:
      	* bus/main.c:
      	* bus/services.c: (bus_service_free):
      	* bus/services.h:
      	New file that handles communication and registreation with the bus
      	itself.
      aff24a72
    • Anders Carlsson's avatar
      2003-01-21 Anders Carlsson <andersca@codefactory.se> · 4a85d321
      Anders Carlsson authored
      	* dbus/dbus-connection.c: (dbus_connection_send_message):
      	Add a new client_serial parameter.
      
      	(dbus_connection_send_message_with_reply):
      	Remove a @todo since we've implemented the blocking function.
      
      	(dbus_connection_send_message_with_reply_and_block):
      	New function that sends a message and waits for a reply and
      	then returns the reply.
      
      	* dbus/dbus-connection.h:
      	Add new functions.
      
      	* dbus/dbus-errors.c: (dbus_result_to_string):
      	* dbus/dbus-errors.h:
      	Add new DBUS_RESULT.
      
      	* dbus/dbus-message-internal.h:
      	* dbus/dbus-message.c: (_dbus_message_get_reply_serial),
      	(_dbus_message_set_sender), (dbus_message_write_header),
      	(dbus_message_new_reply), (decode_header_data),
      	(_dbus_message_loader_return_buffer), (_dbus_message_test):
      	* dbus/dbus-message.h:
      	Add new functions that set the reply serial and sender.
      	Also marshal and demarshal them correctly and add test.
      
      	* dbus/dbus-protocol.h:
      	Add new DBUS_MESSAGE_TYPE_SENDER.
      
      	* glib/dbus-glib.h:
      	* glib/dbus-gmain.c: (watch_callback), (free_callback_data),
      	(add_watch), (remove_watch), (add_timeout), (remove_timeout),
      	(dbus_connection_hookup_with_g_main):
      	* glib/test-dbus-glib.c: (main):
      	Rewrite to use GIOChannel and remove the GSource crack.
      
      	* test/echo-client.c: (main):
      	* test/watch.c: (check_messages):
      	Update for changed APIs
      4a85d321
  20. 24 Dec, 2002 1 commit
    • Havoc Pennington's avatar
      2002-12-24 Havoc Pennington <hp@pobox.com> · 17fbe2b7
      Havoc Pennington authored
      	* glib/dbus-gthread.c: fix include
      
      	* glib/dbus-glib.h: rename DBusMessageHandler for now.
      	I think glib API needs to change, though, as you don't
      	want to use DBusMessageFunction, you want to use the
      	DBusMessageHandler object. Probably
      	dbus_connection_open_with_g_main_loop()
      	and dbus_connection_setup_g_main_loop() or something like that
      	(but think of better names...) that just create a connection
      	that has watch/timeout functions etc. already set up.
      
      	* dbus/dbus-connection.c
      	(dbus_connection_send_message_with_reply): new function just to
      	show how the message handler helps us deal with replies.
      
      	* dbus/dbus-list.c (_dbus_list_remove_last): new function
      
      	* dbus/dbus-string.c (_dbus_string_test): free a string that
      	wasn't
      
      	* dbus/dbus-hash.c: use memory pools for the hash entries
      	(rebuild_table): be more paranoid about overflow, and
      	shrink table when we can
      	(_dbus_hash_test): reduce number of sprintfs and write
      	valid C89. Add tests for case where we grow and then
      	shrink the hash table.
      
      	* dbus/dbus-mempool.h, dbus/dbus-mempool.c: memory pools
      
      	* dbus/dbus-connection.c (dbus_connection_register_handler)
      	(dbus_connection_unregister_handler): new functions
      
      	* dbus/dbus-message.c (dbus_message_get_name): new
      
      	* dbus/dbus-list.c: fix docs typo
      
      	* dbus/dbus-message-handler.h, dbus/dbus-message-handler.c:
      	an object representing a handler for messages.
      17fbe2b7
  21. 16 Dec, 2002 3 commits
    • Anders Carlsson's avatar
      Doh · 849d1e92
      Anders Carlsson authored
      849d1e92
    • Anders Carlsson's avatar
      2002-12-16 Anders Carlsson <andersca@codefactory.se> · 9a5e216f
      Anders Carlsson authored
      	* glib/dbus-glib.h:
      	* glib/dbus-gthread.c: (dbus_gthread_init):
      	Don't use the gdbus prefix for public functions.
      9a5e216f
    • Anders Carlsson's avatar
      2002-12-16 Anders Carlsson <andersca@codefactory.se> · c531a709
      Anders Carlsson authored
      	* Makefile.am:
      	* configure.in:
      	Add GLib checks and fixup .pc files
      
      	* glib/Makefile.am:
      	* glib/dbus-glib.h:
      	* glib/dbus-gmain.c: (gdbus_connection_prepare),
      	(gdbus_connection_check), (gdbus_connection_dispatch),
      	(gdbus_add_connection_watch), (gdbus_remove_connection_watch),
      	(dbus_connection_gsource_new):
      	* glib/dbus-gthread.c: (dbus_gmutex_new), (dbus_gmutex_free),
      	(dbus_gmutex_lock), (dbus_gmutex_unlock), (dbus_gthread_init):
      	* glib/test-dbus-glib.c: (message_handler), (main):
      	Add GLib support.
      c531a709
  22. 12 Dec, 2002 1 commit
    • Havoc Pennington's avatar
      2002-12-11 Havoc Pennington <hp@pobox.com> · d4b870e7
      Havoc Pennington authored
      	* dbus/dbus-types.h: add dbus_unichar
      
      	* dbus/dbus-internals.c (_dbus_verbose): use _dbus_getenv
      
      	* dbus/dbus-connection.c (dbus_connection_send_message): return
      	TRUE on success
      
      	* dbus/dbus-transport.c: include dbus-watch.h
      
      	* dbus/dbus-connection.c: include dbus-message-internal.h
      
      	* HACKING: add file with coding guidelines stuff.
      
      	* dbus/dbus-string.h, dbus/dbus-string.c: Encapsulate all string
      	handling here, for security purposes (as in vsftpd). Not actually
      	using this class yet.
      
      	* dbus/dbus-sysdeps.h, dbus/dbus-sysdeps.c: Encapsulate all
      	system/libc usage here, as in vsftpd, for ease of auditing (and
      	should also simplify portability). Haven't actually moved all the
      	system/libc usage into here yet.
      d4b870e7
  23. 23 Nov, 2002 2 commits
    • Havoc Pennington's avatar
      2002-11-23 Havoc Pennington <hp@pobox.com> · 576cdb6e
      Havoc Pennington authored
      	* dbus/dbus-internals.h (_DBUS_INT_MAX): add _DBUS_INT_MIN
      	_DBUS_INT_MAX
      
      	* dbus/dbus-test.c (main): add list test, and include
      	dbus-test.h as intended
      
      	* dbus/dbus-hash.c (_dbus_hash_table_remove_string)
      	(_dbus_hash_table_remove_int): return value indicates
      	whether the entry existed to remove
      
      	* dbus/dbus-list.c: add linked list utility class,
      	with docs and tests
      
      	* dbus/dbus-hash.c: add TODO item about shrinking the hash bucket
      	array sometimes.
      576cdb6e
    • Havoc Pennington's avatar
      2002-11-23 Havoc Pennington <hp@pobox.com> · 1428c65e
      Havoc Pennington authored
      	* configure.in: pile on more warning flags if using gcc
      
      	* Doxyfile.in (EXTRACT_STATIC): set to NO, so we don't have
      	to document static functions
      
      	* configure.in: add summary to end of configure so it
      	looks nice and attractive
      
      	* dbus/dbus-hash.c: finish implementation and write unit
      	tests and docs
      
      	* configure.in: add --enable-tests to enable unit tests
      
      	* dbus/dbus-test.c: test program to run unit tests
      	for all files in dbus/*, initially runs a test for
      	dbus-hash.c
      
      	* dbus/dbus-internals.h: file to hold some internal utility stuff
      1428c65e
  24. 21 Nov, 2002 3 commits
    • Havoc Pennington's avatar
      2002-11-21 Havoc Pennington <hp@redhat.com> · 5a6adeee
      Havoc Pennington authored
      	* dbus/Makefile.am (INCLUDES): define DBUS_COMPILATION
      	so we can allow ourselves to include files directly,
      	instead of having to use dbus.h
      
      	* dbus/dbus.h: fill in
      
      	* dbus/dbus-message.h: sketch out a sample header file.
      	Include griping if you include it directly instead of
      	via dbus.h
      
      	* dbus/dbus-macros.h: new file with macros for extern "C",
      	TRUE/FALSE, NULL, etc.
      
      	* doc/file-boilerplate.c: put include guards in here
      5a6adeee
    • Havoc Pennington's avatar
      2002-11-21 Havoc Pennington <hp@redhat.com> · 89161753
      Havoc Pennington authored
      	* doc/file-boilerplate.c: include both AFL and GPL boilerplate.
      
      	* COPYING: include the GPL as well, and license code
      	under both AFL and GPL.
      89161753
    • Havoc Pennington's avatar
      add file-boilerplate.c · f6343e58
      Havoc Pennington authored
      f6343e58