* CVE-2008-0595 - security policy of the type <allow send_interface=
  "some.interface.WithMethods"/> work as an implicit allow for
  messages sent without an interface bypassing the default deny rules
  and potentially allowing restricted methods exported on the bus to be
  executed by unauthorized users.  This patch fixes the issue.
* bus/policy.c (bus_client_policy_check_can_send,
  bus_client_policy_check_can_receive): skip messages without an
  interface when evaluating an allow rule, and thus pass it to the
  default deny rules

* dbus/dbus-connection.c (close_connection_on_shutdown): new method
  split out from shared_connections_shutdown
  (shared_connections_shutdown): shutdown all shared connections
  without guids
  (_dbus_connection_ref_unlocked): handle OOM when prepending no guid
  connections to the shared_connections_no_guid list
* Patch by  Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>

* dbus/dbus-sysdeps-unix.c: define _GNU_SOURCE
* bus/selinux.c: include limits.h
* Patch by Matthias Clasen <mclasen at redhat.com>

* tools/dbus-launch.c (main): set xdisplay = NULL
* Patch by Matthias Clasen <mclasen at redhat.com>
+

2008-01-17  Timo Hoenig  <thoenig@suse.de>
	* fix inotify support
	* bus/dir-watch-inotify.c (_handle_inotify_watch): fix reading of the
	inotify events. Also, use ssize_t not size_t for 'ret'.
	* bus/dir-watch-inotify.c (bus_watch_directory): watch not only for
	IN_MODIFY but also for IN_CREATE and IN_DELETE
	* bus/dir-watch-inotify.c (bus_drop_all_directory_watches): drop the
	inotify watches more elegantly by closing inotify:_fd, set inotify_fd to
	-1 after dropping the watches

2008-01-15  John (J5) Palmieri  <johnp@redhat.com>

	* patch by Sébastien Couret <10function at gmail dot com>

	* dbus/dbus-marshal-recursive.c (all_reader_classes[]): wrap in
	#ifndef DBUS_DISABLE_ASSERT since it is only used in asserts which
	are noop

2008-01-15  John (J5) Palmieri  <johnp@redhat.com>

	* patch by Magnus Henoch <henoch plus bfdo at dtek dot chalmers dot se>

	* dbus/dbus-auth.c (handle_server_data_external_mech): handle SASL
	EXTERNAL's inital empty responce (FDO Bug #9945)

2008-01-15  John (J5) Palmieri  <johnp@redhat.com>

	* bus/messagebus.in: add lsb headers (FDO Bug #11491)

2008-01-15  John (J5) Palmieri  <johnp@redhat.com>

	* patch by Peter O'Gorman <pogma at thewrittenword dot com>

	* dbus/dbus-spawn.c (babysit_signal_handler): check write return value
	so we don't hang (FDO Bug #11665)

2008-01-15  John (J5) Palmieri  <johnp@redhat.com>

	* patch by Peter O'Gorman <pogma at thewrittenword dot com>

	* dbus/dbus-sysdeps.h: support for AIX poll implementation (FDO Bug
	#11666)

2008-01-15  John (J5) Palmieri  <johnp@redhat.com>

	* tests/name-test/run-test.sh: make more portable (FDO Bug #11667)

2008-01-15  John (J5) Palmieri  <johnp@redhat.com>

	* patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>

	* dbus/dbus-connection.c (_dbus_connection_get_next_client_serial):
	don't check for < 0 on an unsigned variable (FDO Bug #12924)

2008-01-15  John (J5) Palmieri  <johnp@redhat.com>

	* patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>

	* bus/bus.c (setup_server): check failed allocation (FDO Bug #12920)

2008-01-15  John (J5) Palmieri  <johnp@redhat.com>

	* patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>

	* dbus/dbus-spawn.c (_dbus_spawn_async_with_babysitter): the API
	contract says sitter_p can be NULL, so let's check it (FDO Bug #12919)

2008-01-15  John (J5) Palmieri  <johnp@redhat.com>

	* patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>

	* dbus/dbus-spawn.c (read_ints, read_pid): use correct ssize_t type
	instead of size_t (FDO Bug #12862)

2008-01-15  John (J5) Palmieri  <johnp@redhat.com>

	* patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>

	* dbus/dbus-errors.c (dbus_set_error): make sure to call va_end if we
	hit an OOM error inside va_start (FDO Bug #12846)

2008-01-15  John (J5) Palmieri  <johnp@redhat.com>

	* patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>

	* dbus/dbus-connection.c (dbus_connection_send_with_reply):
	fix possible crash if pending_return is NULL (FDO Bug #12673)

2008-01-15  John (J5) Palmieri  <johnp@redhat.com>

	* portions of patch submitted by Tim Mooney
	<enchanter at users dot sourceforge dot net>

	* configure.in: never auto-select libxml (FDO Bug #12479)

2008-01-15  John (J5) Palmieri  <johnp@redhat.com>

	* patches by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>

	* dbus/dbus-sysdeps-unix (_dbus_get_autolaunch_address): handle OOM
	(FDO Bug #12945)

	* dbus/dbus-uuidgen.c (return_uuid): handle OOM (FDO Bug #12928)

	* dbus/dbus-misc.c (dbus_get_local_machine_id): handle OOM, fix return
	value to return NULL not FALSE (FDO Bug #12946)

2008-01-15  John (J5) Palmieri  <johnp@redhat.com>

	* bus/bus.c (bus_context_check_security_policy): rewrite selinux error
	handling to not abort due to a NULL read and to set the error only if
	it is not already set (Based off of FDO Bug #12430)

2008-01-15  John (J5) Palmieri  <johnp@redhat.com>

	* patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>

	* dbus/dbus-internals.c (_dbus_read_uuid_file_without_creating,
	_dbus_create_uuid_file_exclusively): add OOM handling (FDO Bug #12952)

2008-01-15  John (J5) Palmieri  <johnp@redhat.com>

	* patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>

	* dbus/dbus-spawn.c (babysit, babysitter_iteration): add error
	handling when polling (FDO Bug #12954)

2008-01-15  John (J5) Palmieri  <johnp@redhat.com>

	* patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>

	* bus/config-parser.c (locate_attributes): remove dead code which
	always evaluated to TRUE

	* dbus/dbus-shell.c (_dbus_shell_quote): remove unused code

2008-01-14  John (J5) Palmieri  <johnp@redhat.com>

	* patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>

	* bus/connection.c (bus_connection_complete): plug a possible
	BusClientPolicy leak (FDO Bug #13242)

2008-01-14  John (J5) Palmieri  <johnp@redhat.com>

	* patch by Frederic Crozat <fcrozat at mandriva dot com> (FDO Bz#
	13268)

	* add inotify support

	* bus/Makefile.am: add inotify module to the build

	* bus/dir-watch-inotify.c: inotify module based off the dnotify and
	kqueue modules

	* configure.in: add checks and switch for inotify
	also add a printout at the end of configure if inotify and kqueue
	support is being built in (dnotify already had this)

2008-01-14  John (J5) Palmieri  <johnp@redhat.com>

	* patch by Frederic Crozat <fcrozat at mandriva dot com>

	* bus/dir-watch-dnotify.c (bus_watch_directory): watch for file
	creates also

2008-01-14  John (J5) Palmieri  <johnp@redhat.com>

	* patch by Kimmo Hämäläinen <kimmo dot hamalainen at nokia dot com>

	* dbus/dbus-transport-socket.c(do_reading): return message
	loader buffer in case of OOM (FDO Bug#12666)

2008-01-14  John (J5) Palmieri  <johnp@redhat.com>

	* configure.in: add warning to output when libxml is selected since
	we don't have a libxml maintainer and expat works perfectly fine
	for what we need an xml parser for

2008-01-14  John (J5) Palmieri  <johnp@redhat.com>

	* Patch by Andrea Luzzardi  <scox at sig11 dot org>: creates a
	_dbus_geteuid function to fix EXTERNAL authentication in setuid
	applications

	*  dbus/dbus-sysdeps-unix.c (_dbus_geteuid): used to get the effective
	uid of the running program
	(_dbus_credentials_add_from_current_process): use geteuid instead of
	getuid
	(_dbus_append_user_from_current_process): use geteuid instead of
	getuid

	* dbus/dbus-sysdeps-util-unix.c (_dbus_change_to_daemon_user): use
	geteuid instead of getuid
	(_dbus_unix_user_is_at_console): use geteuid instead of getuid

	* dbus/dbus-sysdeps-win.c (_dbus_geteuid): add a windows equivilant
	that returns DBUS_UID_UNSET

2007-12-18  Havoc Pennington  <hp@redhat.com>

	* dbus/dbus-connection.c (_dbus_connection_block_pending_call):
	fix location of curly braces

2007-11-23  Sjoerd Simons  <sjoerd@luon.net>

   * tools/dbus-launch.c: let both a normal dbus-launch and an
   autolaunched bus save their parameters in X11 if possible. This makes
   the autolaunch and non-autolaunch behaviour more similar. With the
   exception that on a normal launch there will always be a new session
   bus and not being able to save parameters is not fatal. This also
   enables to launch programs directly with autolaunch (not very usefull
   though).

Fix a problem where a nul byte was wrongly introduced into UUIDs, due to _dbus_string_copy_to_buffer weird behavior.

2007-10-31  Havoc Pennington  <hp@redhat.com>

	* bus/selinux.c (log_audit_callback): rewrite to use
	_dbus_string_copy_to_buffer_with_nul()

	* dbus/dbus-string.c (_dbus_string_copy_to_buffer): change to NOT
	nul-terminate the buffer; fail an assertion if there is not enough
	space in the target buffer. This fixes two bugs where
	copy_to_buffer was used to copy the binary bytes in a UUID, where
	nul termination did not make sense. Bug reported by David Castelow.
	(_dbus_string_copy_to_buffer_with_nul): new function that always
	nul-terminates the buffer, and fails an assertion if there is not
	enough space in the buffer.

2007-10-23  Havoc Pennington  <hp@redhat.com>

	* bus/bus.c (bus_context_new): use the new name here

	* bus/selinux.c (bus_selinux_audit_init): rename from audit_init()
	to avoid possible libc conflict, and declare it in .h file to
	avoid a warning

2007-10-19  Havoc Pennington  <hp@redhat.com>

	* bus/bus.c (bus_context_new): put audit_init() in HAVE_SELINUX