- Apr 30, 2018
-
-
Simon McVittie authored
-
- Apr 27, 2018
-
-
Simon McVittie authored
Otherwise, distcheck fails when mallard-ducktype is available. Signed-off-by: Simon McVittie <smcv@collabora.com>
-
- Apr 25, 2018
-
-
Simon McVittie authored
Signed-off-by: Simon McVittie <smcv@collabora.com>
-
Simon McVittie authored
nonce-tcp isn't really any more secure than tcp, unless you are using ANONYMOUS authentication, which should not be considered secure in any case. Avoid the word "secured" so that people don't get the wrong idea. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com>
-
Simon McVittie authored
This might (?) have made sense behind a firewall in 2003; but now it's 2018, the typical threat model that we are defending against has changed from "vandals want to feel proud of their l33t skills" to "organised crime wants your money", and a "trusted" local LAN probably contains an obsolete phone, tablet, games console or Internet-of-Things-enabled toaster with remote root exploits. This make network topologies that used to be acceptable look increasingly irresponsible. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com>
-
Simon McVittie authored
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
-
Simon McVittie authored
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com>
-
- Apr 23, 2018
-
-
Simon McVittie authored
-
Simon McVittie authored
This is the default, and blocks TCP-based attacks by making the attacker fail to authenticate (while also preventing inadvisable TCP-based configurations from working). Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Philip Withnall <withnall@endlessm.com>
-
Simon McVittie authored
I'm far from convinced that this option should even *exist*, but it should definitely be documented as a very bad thing. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Philip Withnall <withnall@endlessm.com>
-
Simon McVittie authored
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Philip Withnall <withnall@endlessm.com>
-
Simon McVittie authored
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Philip Withnall <withnall@endlessm.com> [smcv: Add a TODO comment as suggested] Signed-off-by: Simon McVittie <smcv@collabora.com>
-
Simon McVittie authored
With some fairly reasonable threat models (active or passive local attacker able to eavesdrop on the network link, confidential information being transferred via D-Bus), secure authentication is insufficient to make this transport secure: it does not protect confidentiality or integrity either. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Philip Withnall <withnall@endlessm.com>
-
Simon McVittie authored
Like the normal TCP transport, it has no confidentiality or integrity protection. The only difference is that it adds an extra layer of authentication. However, this extra authentication is easily defeated if an attacker could be eavesdropping on the link between client and server (unlike DBUS_COOKIE_SHA1, which for all its flaws does at least protect the confidentiality of the magic cookie). Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Philip Withnall <withnall@endlessm.com>
-
Simon McVittie authored
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Philip Withnall <withnall@endlessm.com>
-
Simon McVittie authored
Signed-off-by: Simon McVittie <smcv@collabora.com>
-
Simon McVittie authored
The old version-1 format is deprecated and now produces warnings. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106186 Reviewed-by: Philip Withnall <withnall@endlessm.com> [smcv: Add the .devhelp2 file to .gitignore as suggested] Signed-off-by: Simon McVittie <smcv@collabora.com>
-
Simon McVittie authored
The tutorial is not necessarily a great entry point for the libdbus documentation: it's infrequently updated, and we should probably have the "If you use this low-level API directly, you're signing up for some pain" message from the API reference show up in devhelp more immediately. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106186 Reviewed-by: Philip Withnall <withnall@endlessm.com> [smcv: Add longer commit message with rationale] Signed-off-by: Simon McVittie <smcv@collabora.com>
-
Simon McVittie authored
Newer versions of yelp-build use this instead of a jQuery syntax highlighter. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106171 Reviewed-by: Philip Withnall <withnall@endlessm.com> [smcv: Also add it to .gitignore as suggested] Signed-off-by: Simon McVittie <smcv@collabora.com>
-
Simon McVittie authored
Newer versions of yelp-build don't install jquery. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106171 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com>
-
- Mar 22, 2018
-
-
Ralf Habacker authored
Signed-off-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Simon McVittie <smcv@collabora.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=105662
-
Ralf Habacker authored
AddrPC.Offset is the same size as a pointer, but previously we printed it as though it was the same size as a long, which is 32 bits on 64-bit Windows. Reviewed-by: Simon McVittie <smcv@collabora.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=105662
-
Ralf Habacker authored
Previously, on 64-bit Windows we were passing a 32-bit int where the format string expects a 64-bit SOCKET. Reviewed-by: Simon McVittie <smcv@collabora.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=105662
-
Simon McVittie authored
-
Simon McVittie authored
We weren't sure whether this one should be inherited or not, so I asked on systemd-devel, and Lennart thought it shouldn't. Signed-off-by: Simon McVittie <smcv@collabora.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=104641 Reviewed-by: Philip Withnall <withnall@endlessm.com>
-
- Mar 21, 2018
-
-
Ralf Habacker authored
CMake suggests to set CMAKE_C.._COMPILER instead and let allow CMake to identify the compiler. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=105636 Reviewed-by: Simon McVittie <smcv@collabora.com>
-
- Mar 20, 2018
-
-
Ralf Habacker authored
groups is never NULL here, but *groups can be NULL on OOM, and that's the check that was intended. Coverity ID 265358. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=103737 Reviewed-by: Simon McVittie <smcv@collabora.com>
-
Ralf Habacker authored
Coverity CID 265359. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61922 Reviewed-by: Simon McVittie <smcv@collabora.com>
-
- Mar 19, 2018
-
-
Ralf Habacker authored
Specifying a dbus tcp address without a family let dbus-daemon the choice for listen on ipv4 or ipv6, but did not return the real used ip family, which is fixed with this commit. Bug:https://bugs.freedesktop.org/show_bug.cgi?id=105489 Reviewed-by: Simon McVittie <smcv@collabora.com>
-
Simon McVittie authored
Everywhere that we want GLib, we also want GObject and GIO. Detecting GLib and GIO but not GObject makes very little sense anyway, because GIO depends on GObject. Signed-off-by: Simon McVittie <smcv@collabora.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=105521 Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
-
- Mar 15, 2018
-
-
Simon McVittie authored
Signed-off-by: Simon McVittie <smcv@collabora.com>
-
The _Must_inspect_result_ annotation is documented to be used in both the declaration and implementation, but in testing with the MSVC 2012 compiler it appears to be sufficient to use the annotation only in the declaration to get a compiler warning, as with the GCC compiler. So the annotation is not necessary in the C implementation. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=105460 [smcv: Rebase dbus-sysdeps.h changes on master] [smcv: Clarify commit message] Reviewed-by: Simon McVittie <smcv@collabora.com> Tested-by: Daniel Wendt <daniel.wendt@linux.com>
-
- Mar 13, 2018
-
-
Simon McVittie authored
Signed-off-by: Simon McVittie <smcv@collabora.com>
-
- Mar 12, 2018
-
-
There is no point in calling these functions for their side-effects, because they don't have any. Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61922
-
Ralf Habacker authored
Signed-off-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Simon McVittie <smcv@collabora.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=103387
-
Ralf Habacker authored
This optimization has been detected while comparing the related unix implemention. Reviewed-by: Simon McVittie <smcv@collabora.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61922
-
Ralf Habacker authored
A DBusString that was initialized with a constant doesn't hold any allocated memory, so it doesn't need to be freed. Reviewed-by: Simon McVittie <smcv@collabora.com> https://bugs.freedesktop.org/show_bug.cgi?id=61922
-
Ralf Habacker authored
Reviewed-by: Simon McVittie <smcv@collabora.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61922
-
Ralf Habacker authored
Now that we cope with getting WSAEADDRNOTAVAIL when trying to listen on ::1 with IPv6 disabled, and gracefully fall back to only listening on 127.0.0.1, we can use AF_UNSPEC like the corresponding Unix code does. Reviewed-by: Simon McVittie <smcv@collabora.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61922
-
Ralf Habacker authored
Windows _dbus_connect_tcp_socket_with_nonce: Keep error code for 'Unknown address family' in sync with unix Reviewed-by: Simon McVittie <smcv@collabora.com> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=61922
-