Hello community,
here is the log from the commit of package dbus-1 for openSUSE:Factory
checked in at Thu Jan 29 23:01:39 CET 2009.
--------
--- dbus-1/dbus-1.changes 2008-12-10 14:11:26.000000000 +0100
+++ dbus-1/dbus-1.changes 2009-01-26 15:07:18.000000000 +0100
@@ -1,0 +2,19 @@
+Mon Jan 26 14:35:05 CET 2009 - lnussel@suse.de
+
+- remove dbus-1.2.10-permissive.patch
+- move /lib/libdbus-1.so to /usr
+
+-------------------------------------------------------------------
+Tue Jan 20 14:55:04 CET 2009 - thoenig@suse.de
+
+- update to 1.2.10: prepares fix for CVE-2008-4311 (bnc#443307)
+ - fix send_requested_reply="true" allows all non-reply messages
+ - add syslog of denials and config file reloads
+ - system policy cleanup
+- add patch dbus-1.2.10-compile-fix.patch: 1.2.10 compile fix
+- add patch dbus-1.2.10-permissive.patch: behave like permissive
+ branch, needs to be dropped as soon as all applications ship
+ with correct configuration files for the system bus
+- drop patch dbus-do-not-abort-on-check-thoenig-01.patch
+
+-------------------------------------------------------------------
dbus-1-x11.changes: same change
calling whatdependson for head-i586
Old:
----
dbus-1.2.4.tar.bz2
dbus-do-not-abort-on-check-thoenig-01.patch
New:
----
dbus-1.2.10-compile-fix.patch
dbus-1.2.10.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ dbus-1.spec ++++++
--- /var/tmp/diff_new_pack.z13026/_old 2009-01-29 22:51:43.000000000 +0100
+++ /var/tmp/diff_new_pack.z13026/_new 2009-01-29 22:51:43.000000000 +0100
@@ -1,7 +1,7 @@
#
-# spec file for package dbus-1 (Version 1.2.4)
+# spec file for package dbus-1 (Version 1.2.10)
#
-# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -26,8 +26,8 @@
# COMMON1-BEGIN
BuildRequires: doxygen libexpat-devel libzio pkgconfig
BuildRequires: audit-devel
-Version: 1.2.4
-Release: 5
+Version: 1.2.10
+Release: 2
AutoReqProv: on
# bug437293
%ifarch ppc64
@@ -38,7 +38,7 @@
Source1: rc.boot.dbus
Source2: dbus-1.desktop
Source3: dbus_at_console.ck
-Patch0: dbus-do-not-abort-on-check-thoenig-01.patch
+Patch0: dbus-1.2.10-compile-fix.patch
%if 0%{?suse_version} > 1100
%bcond_without selinux
%else
@@ -149,8 +149,7 @@
%prep
# COMMON2-BEGIN
%setup -n dbus-%{version} -q
-# Disable this until we hit RC phase
-#%patch0
+%patch0 -p1
%build
autoreconf -fi
@@ -196,12 +195,17 @@
mkdir -p %{buildroot}/%{_libdir}/pkgconfig
mkdir -p %{buildroot}/%{_datadir}/dbus-1/system-services
mkdir -p %{buildroot}/%{_datadir}/dbus-1/interfaces
-sed -e 's@-I${libdir}@-I${prefix}/%{_lib}@' %{buildroot}/%{_lib}/pkgconfig/dbus-1.pc > %{buildroot}/%{_libdir}/pkgconfig/dbus-1.pc
-rm -f %{buildroot}/%{_lib}/pkgconfig/dbus-1.pc
mkdir -p %{buildroot}/%{_libdir}/dbus-1.0/include/
mv -f %{buildroot}/%{_lib}/dbus-1.0/include/* %{buildroot}/%{_libdir}/dbus-1.0/include/
rm -f %{buildroot}/%{_lib}/*.a
rm -f %{buildroot}/%{_lib}/*.la
+# devel stuff must not be in /lib
+rm -f %{buildroot}/%{_lib}/*.so
+ln -s /%{_lib}/libdbus-1.so.3 %{buildroot}/%{_libdir}/libdbus-1.so
+# fix up pkgconfig file
+sed -e 's@^\(libdir=\).*@\1%{_libdir}@' %{buildroot}/%{_lib}/pkgconfig/dbus-1.pc > %{buildroot}/%{_libdir}/pkgconfig/dbus-1.pc
+rm -f %{buildroot}/%{_lib}/pkgconfig/dbus-1.pc
+#
rm -f %{buildroot}/bin/dbus-launch
rm -f %{buildroot}/%{_mandir}/man1/dbus-launch.1*
chmod a-x AUTHORS COPYING HACKING NEWS README doc/*.txt doc/file-boilerplate.c doc/TODO
@@ -252,7 +256,7 @@
/bin/dbus-send
/bin/dbus-uuidgen
/%{_lib}/dbus-1
-/%{_lib}/*dbus-1.so.*
+/%{_lib}/libdbus-1.so.*
%{_mandir}/man1/dbus-cleanup-sockets.1.*
%{_mandir}/man1/dbus-daemon.1.*
%{_mandir}/man1/dbus-monitor.1.*
@@ -269,7 +273,7 @@
%files -n dbus-1-devel
%defattr(-,root,root)
%{_includedir}/*
-/%{_lib}/*dbus-1.so
+%{_libdir}/libdbus-1.so
%dir %{_libdir}/dbus-1.0
%{_libdir}/dbus-1.0/include
%{_libdir}/pkgconfig/dbus-1.pc
@@ -281,6 +285,19 @@
%{_datadir}/susehelp
%changelog
+* Mon Jan 26 2009 lnussel@suse.de
+- remove dbus-1.2.10-permissive.patch
+- move /lib/libdbus-1.so to /usr
+* Tue Jan 20 2009 thoenig@suse.de
+- update to 1.2.10: prepares fix for CVE-2008-4311 (bnc#443307)
+ - fix send_requested_reply="true" allows all non-reply messages
+ - add syslog of denials and config file reloads
+ - system policy cleanup
+- add patch dbus-1.2.10-compile-fix.patch: 1.2.10 compile fix
+- add patch dbus-1.2.10-permissive.patch: behave like permissive
+ branch, needs to be dropped as soon as all applications ship
+ with correct configuration files for the system bus
+- drop patch dbus-do-not-abort-on-check-thoenig-01.patch
* Wed Dec 10 2008 dmueller@suse.de
- list the machine id as ghost file
- fix filelist
++++++ dbus-1-x11.spec ++++++
--- /var/tmp/diff_new_pack.z13026/_old 2009-01-29 22:51:43.000000000 +0100
+++ /var/tmp/diff_new_pack.z13026/_new 2009-01-29 22:51:43.000000000 +0100
@@ -1,7 +1,7 @@
#
-# spec file for package dbus-1-x11 (Version 1.2.4)
+# spec file for package dbus-1-x11 (Version 1.2.10)
#
-# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -28,8 +28,8 @@
# COMMON1-BEGIN
BuildRequires: doxygen libexpat-devel libzio pkgconfig
BuildRequires: audit-devel
-Version: 1.2.4
-Release: 5
+Version: 1.2.10
+Release: 2
AutoReqProv: on
# bug437293
%ifarch ppc64
@@ -40,7 +40,7 @@
Source1: rc.boot.dbus
Source2: dbus-1.desktop
Source3: dbus_at_console.ck
-Patch0: dbus-do-not-abort-on-check-thoenig-01.patch
+Patch0: dbus-1.2.10-compile-fix.patch
%if 0%{?suse_version} > 1100
%bcond_without selinux
%else
@@ -80,8 +80,7 @@
# COMMON2-BEGIN
# COMMON2-BEGIN
%setup -n dbus-%{version} -q
-# Disable this until we hit RC phase
-#%patch0
+%patch0 -p1
%build
autoreconf -fi
@@ -133,6 +132,19 @@
%{_mandir}/man1/dbus-launch.1*
%changelog
+* Mon Jan 26 2009 lnussel@suse.de
+- remove dbus-1.2.10-permissive.patch
+- move /lib/libdbus-1.so to /usr
+* Tue Jan 20 2009 thoenig@suse.de
+- update to 1.2.10: prepares fix for CVE-2008-4311 (bnc#443307)
+ - fix send_requested_reply="true" allows all non-reply messages
+ - add syslog of denials and config file reloads
+ - system policy cleanup
+- add patch dbus-1.2.10-compile-fix.patch: 1.2.10 compile fix
+- add patch dbus-1.2.10-permissive.patch: behave like permissive
+ branch, needs to be dropped as soon as all applications ship
+ with correct configuration files for the system bus
+- drop patch dbus-do-not-abort-on-check-thoenig-01.patch
* Wed Dec 10 2008 dmueller@suse.de
- list the machine id as ghost file
- fix filelist
++++++ dbus-1.2.10-compile-fix.patch ++++++
commit f8d2ef4aca7d74788b9c03272e9bb536254a8ac6
Author: Colin Walters
Date: Fri Dec 19 18:54:59 2008 -0500
Various compiler warning fixes
diff --git a/bus/config-parser.h b/bus/config-parser.h
index 1f2d3d9..bb3a30f 100644
--- a/bus/config-parser.h
+++ b/bus/config-parser.h
@@ -65,6 +65,7 @@ const char* bus_config_parser_get_type (BusConfigParser *parser);
DBusList** bus_config_parser_get_addresses (BusConfigParser *parser);
DBusList** bus_config_parser_get_mechanisms (BusConfigParser *parser);
dbus_bool_t bus_config_parser_get_fork (BusConfigParser *parser);
+dbus_bool_t bus_config_parser_get_allow_anonymous (BusConfigParser *parser);
dbus_bool_t bus_config_parser_get_syslog (BusConfigParser *parser);
dbus_bool_t bus_config_parser_get_keep_umask (BusConfigParser *parser);
const char* bus_config_parser_get_pidfile (BusConfigParser *parser);
diff --git a/bus/driver.c b/bus/driver.c
index 05ecd56..c97bff5 100644
--- a/bus/driver.c
+++ b/bus/driver.c
@@ -1411,7 +1411,7 @@ bus_driver_handle_get_adt_audit_session_data (DBusConnection *connection,
BusService *serv;
DBusConnection *conn;
DBusMessage *reply;
- char *data = NULL;
+ void *data = NULL;
dbus_uint32_t data_size;
_DBUS_ASSERT_ERROR_IS_CLEAR (error);
diff --git a/dbus/dbus-marshal-basic.c b/dbus/dbus-marshal-basic.c
index 0a33ff1..724d94b 100644
--- a/dbus/dbus-marshal-basic.c
+++ b/dbus/dbus-marshal-basic.c
@@ -1333,7 +1333,7 @@ _dbus_verbose_bytes (const unsigned char *data,
if (aligned != data)
{
- _dbus_verbose ("%4d\t%p: ", - (data - aligned), aligned);
+ _dbus_verbose ("%4ld\t%p: ", - (long)(data - aligned), aligned);
while (aligned != data)
{
_dbus_verbose (" ");
diff --git a/dbus/dbus-spawn.c b/dbus/dbus-spawn.c
index 35ccba6..f4e3b58 100644
--- a/dbus/dbus-spawn.c
+++ b/dbus/dbus-spawn.c
@@ -36,6 +36,8 @@
#include
#endif
+extern char **environ;
+
/**
* @addtogroup DBusInternalsUtils
* @{
@@ -914,8 +916,6 @@ do_exec (int child_err_report_fd,
if (envp == NULL)
{
- extern char **environ;
-
_dbus_assert (environ != NULL);
envp = environ;
diff --git a/dbus/dbus-sysdeps-util-unix.c b/dbus/dbus-sysdeps-util-unix.c
index 7f7b265..0392804 100644
--- a/dbus/dbus-sysdeps-util-unix.c
+++ b/dbus/dbus-sysdeps-util-unix.c
@@ -43,6 +43,7 @@
#include
#include
#include
+#include
#ifdef HAVE_LIBAUDIT
#include
#include
diff --git a/dbus/dbus-sysdeps.c b/dbus/dbus-sysdeps.c
index d740f87..00a1a3d 100644
--- a/dbus/dbus-sysdeps.c
+++ b/dbus/dbus-sysdeps.c
@@ -51,6 +51,8 @@ _DBUS_DEFINE_GLOBAL_LOCK (win_fds);
_DBUS_DEFINE_GLOBAL_LOCK (sid_atom_cache);
_DBUS_DEFINE_GLOBAL_LOCK (system_users);
+extern char **environ;
+
/**
* @defgroup DBusSysdeps Internal system-dependent API
* @ingroup DBusInternals
@@ -191,7 +193,6 @@ _dbus_clearenv (void)
if (clearenv () != 0)
rc = FALSE;
#else
- extern char **environ;
if (environ != NULL)
environ[0] = NULL;
@@ -210,7 +211,6 @@ char **
_dbus_get_environment (void)
{
int i, length;
- extern char **environ;
char **environment;
_dbus_assert (environ != NULL);
++++++ dbus-1.2.4.tar.bz2 -> dbus-1.2.10.tar.bz2 ++++++
++++ 20526 lines of diff (skipped)
++++ retrying with extended exclude list
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/bus/bus.c new/dbus-1.2.10/bus/bus.c
--- old/dbus-1.2.4/bus/bus.c 2008-10-06 23:14:50.000000000 +0200
+++ new/dbus-1.2.10/bus/bus.c 2008-12-19 20:35:23.000000000 +0100
@@ -54,6 +54,7 @@
BusMatchmaker *matchmaker;
BusLimits limits;
unsigned int fork : 1;
+ unsigned int syslog : 1;
};
static dbus_int32_t server_data_slot = -1;
@@ -384,6 +385,7 @@
}
context->fork = bus_config_parser_get_fork (parser);
+ context->syslog = bus_config_parser_get_syslog (parser);
_DBUS_ASSERT_ERROR_IS_CLEAR (error);
retval = TRUE;
@@ -826,7 +828,10 @@
}
ret = TRUE;
+ bus_context_log_info (context, "Reloaded configuration");
failed:
+ if (!ret)
+ bus_context_log_info (context, "Unable to reload configuration: %s", error->message);
if (parser != NULL)
bus_config_parser_unref (parser);
return ret;
@@ -1107,6 +1112,32 @@
return context->limits.reply_timeout;
}
+void
+bus_context_log_info (BusContext *context, const char *msg, ...)
+{
+ va_list args;
+
+ va_start (args, msg);
+
+ if (context->syslog)
+ _dbus_log_info (msg, args);
+
+ va_end (args);
+}
+
+void
+bus_context_log_security (BusContext *context, const char *msg, ...)
+{
+ va_list args;
+
+ va_start (args, msg);
+
+ if (context->syslog)
+ _dbus_log_security (msg, args);
+
+ va_end (args);
+}
+
/*
* addressed_recipient is the recipient specified in the message.
*
@@ -1129,20 +1160,44 @@
DBusMessage *message,
DBusError *error)
{
+ const char *dest;
BusClientPolicy *sender_policy;
BusClientPolicy *recipient_policy;
+ dbus_int32_t toggles;
+ dbus_bool_t log;
int type;
dbus_bool_t requested_reply;
+ const char *sender_name;
+ const char *sender_loginfo;
+ const char *proposed_recipient_loginfo;
type = dbus_message_get_type (message);
+ dest = dbus_message_get_destination (message);
/* dispatch.c was supposed to ensure these invariants */
- _dbus_assert (dbus_message_get_destination (message) != NULL ||
+ _dbus_assert (dest != NULL ||
type == DBUS_MESSAGE_TYPE_SIGNAL ||
(sender == NULL && !bus_connection_is_active (proposed_recipient)));
_dbus_assert (type == DBUS_MESSAGE_TYPE_SIGNAL ||
addressed_recipient != NULL ||
- strcmp (dbus_message_get_destination (message), DBUS_SERVICE_DBUS) == 0);
+ strcmp (dest, DBUS_SERVICE_DBUS) == 0);
+
+ /* Used in logging below */
+ if (sender != NULL)
+ {
+ sender_name = bus_connection_get_name (sender);
+ sender_loginfo = bus_connection_get_loginfo (sender);
+ }
+ else
+ {
+ sender_name = NULL;
+ sender_loginfo = "(bus)";
+ }
+
+ if (proposed_recipient != NULL)
+ proposed_recipient_loginfo = bus_connection_get_loginfo (proposed_recipient);
+ else
+ proposed_recipient_loginfo = "bus";
switch (type)
{
@@ -1166,10 +1221,6 @@
if (sender != NULL)
{
- const char *dest;
-
- dest = dbus_message_get_destination (message);
-
/* First verify the SELinux access controls. If allowed then
* go on with the standard checks.
*/
@@ -1185,8 +1236,9 @@
dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
"An SELinux policy prevents this sender "
"from sending this message to this recipient "
- "(rejected message had interface \"%s\" "
+ "(rejected message had sender \"%s\" interface \"%s\" "
"member \"%s\" error name \"%s\" destination \"%s\")",
+ sender_name ? sender_name : "(unset)",
dbus_message_get_interface (message) ?
dbus_message_get_interface (message) : "(unset)",
dbus_message_get_member (message) ?
@@ -1299,57 +1351,112 @@
(proposed_recipient != NULL && sender == NULL && recipient_policy == NULL) ||
(proposed_recipient == NULL && recipient_policy == NULL));
+ log = FALSE;
if (sender_policy &&
!bus_client_policy_check_can_send (sender_policy,
context->registry,
requested_reply,
proposed_recipient,
- message))
+ message, &toggles, &log))
{
- const char *dest;
+ const char *msg = "Rejected send message, %d matched rules; "
+ "type=\"%s\", sender=\"%s\" (%s) interface=\"%s\" member=\"%s\" error name=\"%s\" requested_reply=%d destination=\"%s\" (%s))";
- dest = dbus_message_get_destination (message);
- dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
- "A security policy in place prevents this sender "
- "from sending this message to this recipient, "
- "see message bus configuration file (rejected message "
- "had interface \"%s\" member \"%s\" error name \"%s\" destination \"%s\")",
+ dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, msg,
+ toggles,
+ dbus_message_type_to_string (dbus_message_get_type (message)),
+ sender_name ? sender_name : "(unset)",
+ sender_loginfo,
dbus_message_get_interface (message) ?
dbus_message_get_interface (message) : "(unset)",
dbus_message_get_member (message) ?
dbus_message_get_member (message) : "(unset)",
dbus_message_get_error_name (message) ?
dbus_message_get_error_name (message) : "(unset)",
- dest ? dest : DBUS_SERVICE_DBUS);
+ requested_reply,
+ dest ? dest : DBUS_SERVICE_DBUS,
+ proposed_recipient_loginfo);
+ /* Needs to be duplicated to avoid calling malloc and having to handle OOM */
+ if (addressed_recipient == proposed_recipient)
+ bus_context_log_security (context, msg,
+ toggles,
+ dbus_message_type_to_string (dbus_message_get_type (message)),
+ sender_name ? sender_name : "(unset)",
+ sender_loginfo,
+ dbus_message_get_interface (message) ?
+ dbus_message_get_interface (message) : "(unset)",
+ dbus_message_get_member (message) ?
+ dbus_message_get_member (message) : "(unset)",
+ dbus_message_get_error_name (message) ?
+ dbus_message_get_error_name (message) : "(unset)",
+ requested_reply,
+ dest ? dest : DBUS_SERVICE_DBUS,
+ proposed_recipient_loginfo);
_dbus_verbose ("security policy disallowing message due to sender policy\n");
return FALSE;
}
+ if (log)
+ bus_context_log_security (context,
+ "Would reject message, %d matched rules; "
+ "type=\"%s\", sender=\"%s\" (%s) interface=\"%s\" member=\"%s\" error name=\"%s\" requested_reply=%d destination=\"%s\" (%s))",
+ toggles,
+ dbus_message_type_to_string (dbus_message_get_type (message)),
+ sender_name ? sender_name : "(unset)",
+ sender_loginfo,
+ dbus_message_get_interface (message) ?
+ dbus_message_get_interface (message) : "(unset)",
+ dbus_message_get_member (message) ?
+ dbus_message_get_member (message) : "(unset)",
+ dbus_message_get_error_name (message) ?
+ dbus_message_get_error_name (message) : "(unset)",
+ requested_reply,
+ dest ? dest : DBUS_SERVICE_DBUS,
+ proposed_recipient_loginfo);
+
if (recipient_policy &&
!bus_client_policy_check_can_receive (recipient_policy,
context->registry,
requested_reply,
sender,
addressed_recipient, proposed_recipient,
- message))
+ message, &toggles))
{
- const char *dest;
+ const char *msg = "Rejected receive message, %d matched rules; "
+ "type=\"%s\" sender=\"%s\" (%s) interface=\"%s\" member=\"%s\" error name=\"%s\" reply serial=%u requested_reply=%d destination=\"%s\" (%s))";
- dest = dbus_message_get_destination (message);
- dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
- "A security policy in place prevents this recipient "
- "from receiving this message from this sender, "
- "see message bus configuration file (rejected message "
- "had interface \"%s\" member \"%s\" error name \"%s\" destination \"%s\" reply serial %u requested_reply=%d)",
+ dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, msg,
+ toggles,
+ dbus_message_type_to_string (dbus_message_get_type (message)),
+ sender_name ? sender_name : "(unset)",
+ sender_loginfo,
dbus_message_get_interface (message) ?
dbus_message_get_interface (message) : "(unset)",
dbus_message_get_member (message) ?
dbus_message_get_member (message) : "(unset)",
dbus_message_get_error_name (message) ?
dbus_message_get_error_name (message) : "(unset)",
- dest ? dest : DBUS_SERVICE_DBUS,
dbus_message_get_reply_serial (message),
- requested_reply);
+ requested_reply,
+ dest ? dest : DBUS_SERVICE_DBUS,
+ proposed_recipient_loginfo);
+ /* Needs to be duplicated to avoid calling malloc and having to handle OOM */
+ if (addressed_recipient == proposed_recipient)
+ bus_context_log_security (context, msg,
+ toggles,
+ dbus_message_type_to_string (dbus_message_get_type (message)),
+ sender_name ? sender_name : "(unset)",
+ sender_loginfo,
+ dbus_message_get_interface (message) ?
+ dbus_message_get_interface (message) : "(unset)",
+ dbus_message_get_member (message) ?
+ dbus_message_get_member (message) : "(unset)",
+ dbus_message_get_error_name (message) ?
+ dbus_message_get_error_name (message) : "(unset)",
+ dbus_message_get_reply_serial (message),
+ requested_reply,
+ dest ? dest : DBUS_SERVICE_DBUS,
+ proposed_recipient_loginfo);
_dbus_verbose ("security policy disallowing message due to recipient policy\n");
return FALSE;
}
@@ -1359,9 +1466,6 @@
dbus_connection_get_outgoing_size (proposed_recipient) >
context->limits.max_outgoing_bytes)
{
- const char *dest;
-
- dest = dbus_message_get_destination (message);
dbus_set_error (error, DBUS_ERROR_LIMITS_EXCEEDED,
"The destination service \"%s\" has a full message queue",
dest ? dest : (proposed_recipient ?
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/bus/bus.h new/dbus-1.2.10/bus/bus.h
--- old/dbus-1.2.4/bus/bus.h 2008-08-07 20:44:35.000000000 +0200
+++ new/dbus-1.2.10/bus/bus.h 2008-12-16 18:20:26.000000000 +0100
@@ -107,6 +107,12 @@
int bus_context_get_max_match_rules_per_connection (BusContext *context);
int bus_context_get_max_replies_per_connection (BusContext *context);
int bus_context_get_reply_timeout (BusContext *context);
+void bus_context_log_info (BusContext *context,
+ const char *msg,
+ ...);
+void bus_context_log_security (BusContext *context,
+ const char *msg,
+ ...);
dbus_bool_t bus_context_check_security_policy (BusContext *context,
BusTransaction *transaction,
DBusConnection *sender,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/bus/config-parser.c new/dbus-1.2.10/bus/config-parser.c
--- old/dbus-1.2.4/bus/config-parser.c 2008-08-07 20:44:35.000000000 +0200
+++ new/dbus-1.2.10/bus/config-parser.c 2008-12-19 20:35:23.000000000 +0100
@@ -111,6 +111,8 @@
unsigned int fork : 1; /**< TRUE to fork into daemon mode */
+ unsigned int syslog : 1; /**< TRUE to enable syslog */
+
unsigned int is_toplevel : 1; /**< FALSE if we are a sub-config-file inside another one */
};
@@ -698,6 +700,21 @@
return TRUE;
}
+ else if (element_type == ELEMENT_SYSLOG)
+ {
+ if (!check_no_attributes (parser, "syslog", attribute_names, attribute_values, error))
+ return FALSE;
+
+ if (push_element (parser, ELEMENT_SYSLOG) == NULL)
+ {
+ BUS_SET_OOM (error);
+ return FALSE;
+ }
+
+ parser->syslog = TRUE;
+
+ return TRUE;
+ }
else if (element_type == ELEMENT_PIDFILE)
{
if (!check_no_attributes (parser, "pidfile", attribute_names, attribute_values, error))
@@ -1073,6 +1090,7 @@
dbus_bool_t allow,
DBusError *error)
{
+ const char *log;
const char *send_interface;
const char *send_member;
const char *send_error;
@@ -1116,6 +1134,7 @@
"own", &own,
"user", &user,
"group", &group,
+ "log", &log,
NULL))
return FALSE;
@@ -1320,6 +1339,9 @@
if (eavesdrop)
rule->d.send.eavesdrop = (strcmp (eavesdrop, "true") == 0);
+ if (log)
+ rule->d.send.log = (strcmp (log, "true") == 0);
+
if (send_requested_reply)
rule->d.send.requested_reply = (strcmp (send_requested_reply, "true") == 0);
@@ -1947,6 +1969,7 @@
case ELEMENT_ALLOW:
case ELEMENT_DENY:
case ELEMENT_FORK:
+ case ELEMENT_SYSLOG:
case ELEMENT_SELINUX:
case ELEMENT_ASSOCIATE:
case ELEMENT_STANDARD_SESSION_SERVICEDIRS:
@@ -2232,6 +2255,7 @@
case ELEMENT_ALLOW:
case ELEMENT_DENY:
case ELEMENT_FORK:
+ case ELEMENT_SYSLOG:
case ELEMENT_STANDARD_SESSION_SERVICEDIRS:
case ELEMENT_STANDARD_SYSTEM_SERVICEDIRS:
case ELEMENT_SELINUX:
@@ -2554,6 +2578,12 @@
return parser->fork;
}
+dbus_bool_t
+bus_config_parser_get_syslog (BusConfigParser *parser)
+{
+ return parser->syslog;
+}
+
const char *
bus_config_parser_get_pidfile (BusConfigParser *parser)
{
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/bus/config-parser-common.c new/dbus-1.2.10/bus/config-parser-common.c
--- old/dbus-1.2.4/bus/config-parser-common.c 2008-08-07 20:44:35.000000000 +0200
+++ new/dbus-1.2.10/bus/config-parser-common.c 2008-12-19 20:35:23.000000000 +0100
@@ -114,6 +114,10 @@
{
return ELEMENT_ASSOCIATE;
}
+ else if (strcmp (name, "syslog") == 0)
+ {
+ return ELEMENT_SYSLOG;
+ }
return ELEMENT_NONE;
}
@@ -162,7 +166,9 @@
return "selinux";
case ELEMENT_ASSOCIATE:
return "associate";
- }
+ case ELEMENT_SYSLOG:
+ return "syslog";
+ }
_dbus_assert_not_reached ("bad element type");
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/bus/config-parser-common.h new/dbus-1.2.10/bus/config-parser-common.h
--- old/dbus-1.2.4/bus/config-parser-common.h 2008-08-07 20:44:35.000000000 +0200
+++ new/dbus-1.2.10/bus/config-parser-common.h 2008-12-19 20:35:23.000000000 +0100
@@ -47,7 +47,8 @@
ELEMENT_SELINUX,
ELEMENT_ASSOCIATE,
ELEMENT_STANDARD_SESSION_SERVICEDIRS,
- ELEMENT_STANDARD_SYSTEM_SERVICEDIRS
+ ELEMENT_STANDARD_SYSTEM_SERVICEDIRS,
+ ELEMENT_SYSLOG
} ElementType;
ElementType bus_config_parser_element_name_to_type (const char *element_name);
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/bus/config-parser.h new/dbus-1.2.10/bus/config-parser.h
--- old/dbus-1.2.4/bus/config-parser.h 2008-08-07 20:44:35.000000000 +0200
+++ new/dbus-1.2.10/bus/config-parser.h 2008-12-19 20:35:23.000000000 +0100
@@ -65,6 +65,7 @@
DBusList** bus_config_parser_get_addresses (BusConfigParser *parser);
DBusList** bus_config_parser_get_mechanisms (BusConfigParser *parser);
dbus_bool_t bus_config_parser_get_fork (BusConfigParser *parser);
+dbus_bool_t bus_config_parser_get_syslog (BusConfigParser *parser);
const char* bus_config_parser_get_pidfile (BusConfigParser *parser);
const char* bus_config_parser_get_servicehelper (BusConfigParser *parser);
DBusList** bus_config_parser_get_service_dirs (BusConfigParser *parser);
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/bus/connection.c new/dbus-1.2.10/bus/connection.c
--- old/dbus-1.2.4/bus/connection.c 2008-08-07 20:44:35.000000000 +0200
+++ new/dbus-1.2.10/bus/connection.c 2008-12-18 21:39:04.000000000 +0100
@@ -32,6 +32,9 @@
#include
#include
+/* Trim executed commands to this length; we want to keep logs readable */
+#define MAX_LOG_COMMAND_LEN 50
+
static void bus_connection_remove_transactions (DBusConnection *connection);
typedef struct
@@ -76,6 +79,7 @@
DBusPreallocatedSend *oom_preallocated;
BusClientPolicy *policy;
+ char *cached_loginfo_string;
BusSELinuxID *selinux_id;
long connection_tv_sec; /**< Time when we connected (seconds component) */
@@ -406,6 +410,8 @@
if (d->selinux_id)
bus_selinux_id_unref (d->selinux_id);
+ dbus_free (d->cached_loginfo_string);
+
dbus_free (d->name);
dbus_free (d);
@@ -537,13 +543,73 @@
}
}
+/* Used for logging */
+static dbus_bool_t
+cache_peer_loginfo_string (BusConnectionData *d,
+ DBusConnection *connection)
+{
+ DBusString loginfo_buf;
+ unsigned long uid;
+ unsigned long pid;
+ char *windows_sid;
+ dbus_bool_t prev_added;
+
+ if (!_dbus_string_init (&loginfo_buf))
+ return FALSE;
+
+ prev_added = FALSE;
+ if (dbus_connection_get_unix_user (connection, &uid))
+ {
+ if (!_dbus_string_append_printf (&loginfo_buf, "uid=%ld", uid))
+ goto oom;
+ else
+ prev_added = TRUE;
+ }
+
+ if (dbus_connection_get_unix_process_id (connection, &pid))
+ {
+ if (prev_added)
+ {
+ if (!_dbus_string_append_byte (&loginfo_buf, ' '))
+ goto oom;
+ }
+ if (!_dbus_string_append_printf (&loginfo_buf, "pid=%ld comm=\"", pid))
+ goto oom;
+ /* Ignore errors here */
+ if (_dbus_command_for_pid (pid, &loginfo_buf, MAX_LOG_COMMAND_LEN, NULL))
+ {
+ if (!_dbus_string_append_byte (&loginfo_buf, '"'))
+ goto oom;
+ }
+ }
+
+ if (dbus_connection_get_windows_user (connection, &windows_sid))
+ {
+ if (!_dbus_string_append_printf (&loginfo_buf, "sid=\"%s\" ", windows_sid))
+ goto oom;
+ dbus_free (windows_sid);
+ }
+
+ if (!_dbus_string_steal_data (&loginfo_buf, &(d->cached_loginfo_string)))
+ goto oom;
+
+ _dbus_string_free (&loginfo_buf);
+
+ return TRUE;
+oom:
+ _dbus_string_free (&loginfo_buf);
+ return FALSE;
+}
+
dbus_bool_t
bus_connections_setup_connection (BusConnections *connections,
DBusConnection *connection)
{
+
BusConnectionData *d;
dbus_bool_t retval;
DBusError error;
+
d = dbus_new0 (BusConnectionData, 1);
@@ -583,7 +649,7 @@
dbus_error_free (&error);
goto out;
}
-
+
if (!dbus_connection_set_watch_functions (connection,
add_connection_watch,
remove_connection_watch,
@@ -842,6 +908,18 @@
return FALSE;
}
+const char *
+bus_connection_get_loginfo (DBusConnection *connection)
+{
+ BusConnectionData *d;
+
+ d = BUS_CONNECTION_DATA (connection);
+
+ if (!bus_connection_is_active (connection))
+ return "inactive";
+ return d->cached_loginfo_string;
+}
+
BusClientPolicy*
bus_connection_get_policy (DBusConnection *connection)
{
@@ -1302,16 +1380,15 @@
{
if (!adjust_connections_for_uid (d->connections,
uid, 1))
- {
- BUS_SET_OOM (error);
- dbus_free (d->name);
- d->name = NULL;
- bus_client_policy_unref (d->policy);
- d->policy = NULL;
- return FALSE;
- }
+ goto fail;
}
-
+
+ /* Create and cache a string which holds information about the
+ * peer process; used for logging purposes.
+ */
+ if (!cache_peer_loginfo_string (d, connection))
+ goto fail;
+
/* Now the connection is active, move it between lists */
_dbus_list_unlink (&d->connections->incomplete,
d->link_in_connection_list);
@@ -1329,6 +1406,14 @@
_dbus_assert (bus_connection_is_active (connection));
return TRUE;
+fail:
+ BUS_SET_OOM (error);
+ dbus_free (d->name);
+ d->name = NULL;
+ if (d->policy)
+ bus_client_policy_unref (d->policy);
+ d->policy = NULL;
+ return FALSE;
}
const char *
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/bus/connection.h new/dbus-1.2.10/bus/connection.h
--- old/dbus-1.2.4/bus/connection.h 2008-08-07 20:44:35.000000000 +0200
+++ new/dbus-1.2.10/bus/connection.h 2008-12-18 21:39:04.000000000 +0100
@@ -50,6 +50,7 @@
BusRegistry* bus_connection_get_registry (DBusConnection *connection);
BusActivation* bus_connection_get_activation (DBusConnection *connection);
BusMatchmaker* bus_connection_get_matchmaker (DBusConnection *connection);
+const char * bus_connection_get_loginfo (DBusConnection *connection);
BusSELinuxID* bus_connection_get_selinux_id (DBusConnection *connection);
dbus_bool_t bus_connections_check_limits (BusConnections *connections,
DBusConnection *requesting_completion,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/bus/dbus-daemon.1 new/dbus-1.2.10/bus/dbus-daemon.1
--- old/dbus-1.2.4/bus/dbus-daemon.1 2008-10-06 23:20:24.000000000 +0200
+++ new/dbus-1.2.10/bus/dbus-daemon.1 2008-12-19 20:36:33.000000000 +0100
@@ -1,6 +1,6 @@
.\"
.\" dbus-daemon manual page.
-.\" Copyright (C) 2003 Red Hat, Inc.
+.\" Copyright (C) 2003,2008 Red Hat, Inc.
.\"
.TH dbus-daemon 1
.SH NAME
@@ -410,15 +410,28 @@
and prevent unexpected traffic.
.PP
-The <policy> element has one of three attributes:
+Currently, the system bus has a default-deny policy for sending method calls
+and owning bus names. Everything else, in particular reply messages, receive
+checks, and signals has a default allow policy.
+
+.PP
+In general, it is best to keep system services as small, targeted programs which
+run in their own process and provide a single bus name. Then, all that is needed
+is an <allow> rule for the "own" permission to let the process claim the bus
+name, and a "send_destination" rule to allow traffic from some or all uids to
+your service.
+
+.PP
+The <policy> element has one of four attributes:
+daemon.1.in
.nf
context="(default|mandatory)"
+ at_console="(true|false)"
user="username or userid"
group="group name or gid"
.fi
.PP
-
Policies are applied to a connection as follows:
.nf
- all context="default" policies are applied
@@ -426,6 +439,8 @@
in undefined order
- all user="connection's auth user" policies are applied
in undefined order
+ - all at_console="true" policies are applied
+ - all at_console="false" policies are applied
- all context="mandatory" policies are applied
.fi
@@ -566,7 +581,11 @@
.PP
Be careful with send_interface/receive_interface, because the
-interface field in messages is optional.
+interface field in messages is optional. In particular, do NOT
+specify <deny send_interface="org.foo.Bar"/>! This will cause
+no-interface messages to be blocked for all services, which is
+almost certainly not what you intended. Always use rules of
+the form: <deny send_interface="org.foo.Bar" send_destination="org.foo.Service"/>
.TP
.I "<selinux>"
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/bus/dbus-daemon.1.in new/dbus-1.2.10/bus/dbus-daemon.1.in
--- old/dbus-1.2.4/bus/dbus-daemon.1.in 2008-08-07 20:44:35.000000000 +0200
+++ new/dbus-1.2.10/bus/dbus-daemon.1.in 2008-12-19 20:35:23.000000000 +0100
@@ -1,6 +1,6 @@
.\"
.\" dbus-daemon manual page.
-.\" Copyright (C) 2003 Red Hat, Inc.
+.\" Copyright (C) 2003,2008 Red Hat, Inc.
.\"
.TH dbus-daemon 1
.SH NAME
@@ -410,15 +410,28 @@
and prevent unexpected traffic.
.PP
-The <policy> element has one of three attributes:
+Currently, the system bus has a default-deny policy for sending method calls
+and owning bus names. Everything else, in particular reply messages, receive
+checks, and signals has a default allow policy.
+
+.PP
+In general, it is best to keep system services as small, targeted programs which
+run in their own process and provide a single bus name. Then, all that is needed
+is an <allow> rule for the "own" permission to let the process claim the bus
+name, and a "send_destination" rule to allow traffic from some or all uids to
+your service.
+
+.PP
+The <policy> element has one of four attributes:
+daemon.1.in
.nf
context="(default|mandatory)"
+ at_console="(true|false)"
user="username or userid"
group="group name or gid"
.fi
.PP
-
Policies are applied to a connection as follows:
.nf
- all context="default" policies are applied
@@ -426,6 +439,8 @@
in undefined order
- all user="connection's auth user" policies are applied
in undefined order
+ - all at_console="true" policies are applied
+ - all at_console="false" policies are applied
- all context="mandatory" policies are applied
.fi
@@ -566,7 +581,11 @@
.PP
Be careful with send_interface/receive_interface, because the
-interface field in messages is optional.
+interface field in messages is optional. In particular, do NOT
+specify <deny send_interface="org.foo.Bar"/>! This will cause
+no-interface messages to be blocked for all services, which is
+almost certainly not what you intended. Always use rules of
+the form: <deny send_interface="org.foo.Bar" send_destination="org.foo.Service"/>
.TP
.I "<selinux>"
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/bus/policy.c new/dbus-1.2.10/bus/policy.c
--- old/dbus-1.2.4/bus/policy.c 2008-08-07 20:44:35.000000000 +0200
+++ new/dbus-1.2.10/bus/policy.c 2008-12-18 18:23:40.000000000 +0100
@@ -866,7 +866,9 @@
BusRegistry *registry,
dbus_bool_t requested_reply,
DBusConnection *receiver,
- DBusMessage *message)
+ DBusMessage *message,
+ dbus_int32_t *toggles,
+ dbus_bool_t *log)
{
DBusList *link;
dbus_bool_t allowed;
@@ -876,6 +878,7 @@
*/
_dbus_verbose (" (policy) checking send rules\n");
+ *toggles = 0;
allowed = FALSE;
link = _dbus_list_get_first_link (&policy->rules);
@@ -1026,6 +1029,8 @@
/* Use this rule */
allowed = rule->allow;
+ *log = rule->d.send.log;
+ (*toggles)++;
_dbus_verbose (" (policy) used rule, allow now = %d\n",
allowed);
@@ -1044,7 +1049,8 @@
DBusConnection *sender,
DBusConnection *addressed_recipient,
DBusConnection *proposed_recipient,
- DBusMessage *message)
+ DBusMessage *message,
+ dbus_int32_t *toggles)
{
DBusList *link;
dbus_bool_t allowed;
@@ -1059,6 +1065,7 @@
*/
_dbus_verbose (" (policy) checking receive rules, eavesdropping = %d\n", eavesdropping);
+ *toggles = 0;
allowed = FALSE;
link = _dbus_list_get_first_link (&policy->rules);
@@ -1223,6 +1230,7 @@
/* Use this rule */
allowed = rule->allow;
+ (*toggles)++;
_dbus_verbose (" (policy) used rule, allow now = %d\n",
allowed);
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/bus/policy.h new/dbus-1.2.10/bus/policy.h
--- old/dbus-1.2.4/bus/policy.h 2008-08-07 20:44:35.000000000 +0200
+++ new/dbus-1.2.10/bus/policy.h 2008-12-18 17:47:01.000000000 +0100
@@ -65,6 +65,7 @@
char *destination;
unsigned int eavesdrop : 1;
unsigned int requested_reply : 1;
+ unsigned int log : 1;
} send;
struct
@@ -141,14 +142,17 @@
BusRegistry *registry,
dbus_bool_t requested_reply,
DBusConnection *receiver,
- DBusMessage *message);
+ DBusMessage *message,
+ dbus_int32_t *toggles,
+ dbus_bool_t *log);
dbus_bool_t bus_client_policy_check_can_receive (BusClientPolicy *policy,
BusRegistry *registry,
dbus_bool_t requested_reply,
DBusConnection *sender,
DBusConnection *addressed_recipient,
DBusConnection *proposed_recipient,
- DBusMessage *message);
+ DBusMessage *message,
+ dbus_int32_t *toggles);
dbus_bool_t bus_client_policy_check_can_own (BusClientPolicy *policy,
DBusConnection *connection,
const DBusString *service_name);
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/bus/system.conf.in new/dbus-1.2.10/bus/system.conf.in
--- old/dbus-1.2.4/bus/system.conf.in 2008-08-07 20:44:35.000000000 +0200
+++ new/dbus-1.2.10/bus/system.conf.in 2008-12-18 22:10:55.000000000 +0100
@@ -29,6 +29,9 @@
<!-- Write a pid file -->
<pidfile>@DBUS_SYSTEM_PID_FILE@</pidfile>
+ <!-- Enable logging to syslog -->
+ <syslog/>
+
<!-- Only allow socket-credentials-based authentication -->
<auth>EXTERNAL</auth>
@@ -39,21 +42,29 @@
<listen>@DBUS_SYSTEM_BUS_DEFAULT_ADDRESS@</listen>
<policy context="default">
- <!-- Deny everything then punch holes -->
- <deny send_interface="*"/>
- <deny receive_interface="*"/>
- <deny own="*"/>
- <!-- But allow all users to connect -->
+ <!-- All users can connect to system bus -->
<allow user="*"/>
+
+ <!-- Holes must be punched in service configuration files for
+ name ownership and sending method calls -->
+ <deny own="*"/>
+ <deny send_type="method_call"/>
+
+ <!-- Signals and reply messages (method returns, errors) are allowed
+ by default -->
+ <allow send_type="signal"/>
+ <allow send_requested_reply="true" send_type="method_return"/>
+ <allow send_requested_reply="true" send_type="error"/>
+
+ <!-- All messages may be received by default -->
+ <allow receive_type="method_call"/>
+ <allow receive_type="method_return"/>
+ <allow receive_type="error"/>
+ <allow receive_type="signal"/>
+
<!-- Allow anyone to talk to the message bus -->
- <!-- FIXME I think currently these allow rules are always implicit
- even if they aren't in here -->
<allow send_destination="org.freedesktop.DBus"/>
- <allow receive_sender="org.freedesktop.DBus"/>
- <!-- valid replies are always allowed -->
- <allow send_requested_reply="true"/>
- <allow receive_requested_reply="true"/>
- <!-- disallow changing the activation environment of system services -->
+ <!-- But disallow some specific bus services -->
<deny send_destination="org.freedesktop.DBus"
send_interface="org.freedesktop.DBus"
send_member="UpdateActivationEnvironment"/>
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/config.h.in new/dbus-1.2.10/config.h.in
--- old/dbus-1.2.4/config.h.in 2008-10-06 23:45:34.000000000 +0200
+++ new/dbus-1.2.10/config.h.in 2008-12-19 20:38:03.000000000 +0100
@@ -1,5 +1,8 @@
/* config.h.in. Generated from configure.in by autoheader. */
+/* Define if building universal (internal helper macro) */
+#undef AC_APPLE_UNIVERSAL_BUILD
+
/* poll doesn't work on devices */
#undef BROKEN_POLL
@@ -330,9 +333,17 @@
/* Version number of package */
#undef VERSION
-/* Define to 1 if your processor stores words with the most significant byte
- first (like Motorola and SPARC, unlike Intel and VAX). */
-#undef WORDS_BIGENDIAN
+/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
+ significant byte first (like Motorola and SPARC, unlike Intel). */
+#if defined AC_APPLE_UNIVERSAL_BUILD
+# if defined __BIG_ENDIAN__
+# define WORDS_BIGENDIAN 1
+# endif
+#else
+# ifndef WORDS_BIGENDIAN
+# undef WORDS_BIGENDIAN
+# endif
+#endif
/* Use the compiler-provided endianness defines to allow universal compiling. */
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/configure.in new/dbus-1.2.10/configure.in
--- old/dbus-1.2.4/configure.in 2008-10-06 23:20:00.000000000 +0200
+++ new/dbus-1.2.10/configure.in 2008-12-19 20:36:00.000000000 +0100
@@ -3,7 +3,7 @@
m4_define([dbus_major_version], [1])
m4_define([dbus_minor_version], [2])
-m4_define([dbus_micro_version], [4])
+m4_define([dbus_micro_version], [10])
m4_define([dbus_version],
[dbus_major_version.dbus_minor_version.dbus_micro_version])
AC_INIT(dbus, [dbus_version])
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/dbus/dbus-arch-deps.h new/dbus-1.2.10/dbus/dbus-arch-deps.h
--- old/dbus-1.2.4/dbus/dbus-arch-deps.h 2008-10-06 23:20:24.000000000 +0200
+++ new/dbus-1.2.10/dbus/dbus-arch-deps.h 2008-12-19 20:36:33.000000000 +0100
@@ -56,11 +56,11 @@
*/
#define DBUS_MAJOR_VERSION 1
#define DBUS_MINOR_VERSION 2
-#define DBUS_MICRO_VERSION 4
+#define DBUS_MICRO_VERSION 10
-#define DBUS_VERSION_STRING "1.2.4"
+#define DBUS_VERSION_STRING "1.2.10"
-#define DBUS_VERSION ((1 << 16) | (2 << 8) | (4))
+#define DBUS_VERSION ((1 << 16) | (2 << 8) | (10))
DBUS_END_DECLS
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/dbus/dbus-sysdeps.h new/dbus-1.2.10/dbus/dbus-sysdeps.h
--- old/dbus-1.2.4/dbus/dbus-sysdeps.h 2008-08-07 20:44:36.000000000 +0200
+++ new/dbus-1.2.10/dbus/dbus-sysdeps.h 2008-12-19 20:35:23.000000000 +0100
@@ -411,6 +411,11 @@
dbus_pid_t pid_to_write,
DBusError *error);
+dbus_bool_t _dbus_command_for_pid (unsigned long pid,
+ DBusString *str,
+ int max_len,
+ DBusError *error);
+
/** A UNIX signal handler */
typedef void (* DBusSignalHandler) (int sig);
@@ -420,6 +425,10 @@
dbus_bool_t _dbus_user_at_console (const char *username,
DBusError *error);
+void _dbus_init_system_log (void);
+void _dbus_log_info (const char *msg, va_list args);
+void _dbus_log_security (const char *msg, va_list args);
+
/* Define DBUS_VA_COPY() to do the right thing for copying va_list variables.
* config.h may have already defined DBUS_VA_COPY as va_copy or __va_copy.
*/
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/dbus/dbus-sysdeps-unix.c new/dbus-1.2.10/dbus/dbus-sysdeps-unix.c
--- old/dbus-1.2.4/dbus/dbus-sysdeps-unix.c 2008-10-06 23:14:50.000000000 +0200
+++ new/dbus-1.2.10/dbus/dbus-sysdeps-unix.c 2008-12-19 20:35:23.000000000 +0100
@@ -2780,7 +2780,6 @@
#endif
}
-
/**
* Measure the length of the given format string and arguments,
* not including the terminating nul.
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/dbus/dbus-sysdeps-util-unix.c new/dbus-1.2.10/dbus/dbus-sysdeps-util-unix.c
--- old/dbus-1.2.4/dbus/dbus-sysdeps-util-unix.c 2008-10-01 21:00:29.000000000 +0200
+++ new/dbus-1.2.10/dbus/dbus-sysdeps-util-unix.c 2008-12-19 20:35:23.000000000 +0100
@@ -451,6 +451,38 @@
return FALSE;
}
+void
+_dbus_init_system_log (void)
+{
+ openlog ("dbus", LOG_PID, LOG_DAEMON);
+}
+
+/**
+ * Log an informative message. Intended for use primarily by
+ * the system bus.
+ *
+ * @param msg a printf-style format string
+ * @param args arguments for the format string
+ */
+void
+_dbus_log_info (const char *msg, va_list args)
+{
+ vsyslog (LOG_DAEMON|LOG_NOTICE, msg, args);
+}
+
+/**
+ * Log a security-related message. Intended for use primarily by
+ * the system bus.
+ *
+ * @param msg a printf-style format string
+ * @param args arguments for the format string
+ */
+void
+_dbus_log_security (const char *msg, va_list args)
+{
+ vsyslog (LOG_AUTH|LOG_NOTICE, msg, args);
+}
+
/** Installs a UNIX signal handler
*
* @param sig the signal to handle
@@ -1100,3 +1132,99 @@
}
/** @} */ /* DBusString stuff */
+static void
+string_squash_nonprintable (DBusString *str)
+{
+ char *buf;
+ int i, len;
+
+ buf = _dbus_string_get_data (str);
+ len = _dbus_string_get_length (str);
+
+ for (i = 0; i < len; i++)
+ if (buf[i] == '\0')
+ buf[i] = ' ';
+ else if (buf[i] < 0x20 || buf[i] > 127)
+ buf[i] = '?';
+}
+
+/**
+ * Get a printable string describing the command used to execute
+ * the process with pid. This string should only be used for
+ * informative purposes such as logging; it may not be trusted.
+ *
+ * The command is guaranteed to be printable ASCII and no longer
+ * than max_len.
+ *
+ * @param pid Process id
+ * @param str Append command to this string
+ * @param max_len Maximum length of returned command
+ * @param error return location for errors
+ * @returns #FALSE on error
+ */
+dbus_bool_t
+_dbus_command_for_pid (unsigned long pid,
+ DBusString *str,
+ int max_len,
+ DBusError *error)
+{
+ /* This is all Linux-specific for now */
+ DBusString path;
+ DBusString cmdline;
+ int fd;
+
+ if (!_dbus_string_init (&path))
+ {
+ _DBUS_SET_OOM (error);
+ return FALSE;
+ }
+
+ if (!_dbus_string_init (&cmdline))
+ {
+ _DBUS_SET_OOM (error);
+ _dbus_string_free (&path);
+ return FALSE;
+ }
+
+ if (!_dbus_string_append_printf (&path, "/proc/%ld/cmdline", pid))
+ goto oom;
+
+ fd = open (_dbus_string_get_const_data (&path), O_RDONLY);
+ if (fd < 0)
+ {
+ dbus_set_error (error,
+ _dbus_error_from_errno (errno),
+ "Failed to open \"%s\": %s",
+ _dbus_string_get_const_data (&path),
+ _dbus_strerror (errno));
+ goto fail;
+ }
+
+ if (!_dbus_read (fd, &cmdline, max_len))
+ {
+ dbus_set_error (error,
+ _dbus_error_from_errno (errno),
+ "Failed to read from \"%s\": %s",
+ _dbus_string_get_const_data (&path),
+ _dbus_strerror (errno));
+ goto fail;
+ }
+
+ if (!_dbus_close (fd, error))
+ goto fail;
+
+ string_squash_nonprintable (&cmdline);
+
+ if (!_dbus_string_copy (&cmdline, 0, str, _dbus_string_get_length (str)))
+ goto oom;
+
+ _dbus_string_free (&cmdline);
+ _dbus_string_free (&path);
+ return TRUE;
+oom:
+ _DBUS_SET_OOM (error);
+fail:
+ _dbus_string_free (&cmdline);
+ _dbus_string_free (&path);
+ return FALSE;
+}
\ No newline at end of file
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/test/data/valid-config-files/system.conf new/dbus-1.2.10/test/data/valid-config-files/system.conf
--- old/dbus-1.2.4/test/data/valid-config-files/system.conf 2008-10-06 23:51:05.000000000 +0200
+++ new/dbus-1.2.10/test/data/valid-config-files/system.conf 2008-12-19 20:39:55.000000000 +0100
@@ -29,6 +29,9 @@
<!-- Write a pid file -->
<pidfile>/src/build/jhbuild/var/run/messagebus.pid</pidfile>
+ <!-- Enable logging to syslog -->
+ <syslog/>
+
<!-- Only allow socket-credentials-based authentication -->
<auth>EXTERNAL</auth>
@@ -39,21 +42,29 @@
<listen>unix:path=/src/build/jhbuild/var/run/dbus/system_bus_socket</listen>
<policy context="default">
- <!-- Deny everything then punch holes -->
- <deny send_interface="*"/>
- <deny receive_interface="*"/>
- <deny own="*"/>
- <!-- But allow all users to connect -->
+ <!-- All users can connect to system bus -->
<allow user="*"/>
+
+ <!-- Holes must be punched in service configuration files for
+ name ownership and sending method calls -->
+ <deny own="*"/>
+ <deny send_type="method_call"/>
+
+ <!-- Signals and reply messages (method returns, errors) are allowed
+ by default -->
+ <allow send_type="signal"/>
+ <allow send_requested_reply="true" send_type="method_return"/>
+ <allow send_requested_reply="true" send_type="error"/>
+
+ <!-- All messages may be received by default -->
+ <allow receive_type="method_call"/>
+ <allow receive_type="method_return"/>
+ <allow receive_type="error"/>
+ <allow receive_type="signal"/>
+
<!-- Allow anyone to talk to the message bus -->
- <!-- FIXME I think currently these allow rules are always implicit
- even if they aren't in here -->
<allow send_destination="org.freedesktop.DBus"/>
- <allow receive_sender="org.freedesktop.DBus"/>
- <!-- valid replies are always allowed -->
- <allow send_requested_reply="true"/>
- <allow receive_requested_reply="true"/>
- <!-- disallow changing the activation environment of system services -->
+ <!-- But disallow some specific bus services -->
<deny send_destination="org.freedesktop.DBus"
send_interface="org.freedesktop.DBus"
send_member="UpdateActivationEnvironment"/>
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/test/name-test/Makefile.am new/dbus-1.2.10/test/name-test/Makefile.am
--- old/dbus-1.2.4/test/name-test/Makefile.am 2008-08-07 20:44:37.000000000 +0200
+++ new/dbus-1.2.10/test/name-test/Makefile.am 2008-12-10 18:36:56.000000000 +0100
@@ -5,12 +5,12 @@
## TESTS
if DBUS_BUILD_TESTS
TESTS_ENVIRONMENT=DBUS_TOP_BUILDDIR=@abs_top_builddir@ DBUS_TOP_SRCDIR=@abs_top_srcdir@
-TESTS=run-test.sh
+TESTS=run-test.sh run-test-systemserver.sh
else
TESTS=
endif
-EXTRA_DIST=run-test.sh
+EXTRA_DIST=run-test.sh run-test-systemserver.sh test-wait-for-echo.py
if DBUS_BUILD_TESTS
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/test/name-test/run-test-systemserver.sh new/dbus-1.2.10/test/name-test/run-test-systemserver.sh
--- old/dbus-1.2.4/test/name-test/run-test-systemserver.sh 1970-01-01 01:00:00.000000000 +0100
+++ new/dbus-1.2.10/test/name-test/run-test-systemserver.sh 2008-12-10 18:36:56.000000000 +0100
@@ -0,0 +1,50 @@
+#! /bin/sh
+die()
+{
+ if ! test -z "$DBUS_SESSION_BUS_PID" ; then
+ echo "killing message bus "$DBUS_SESSION_BUS_PID >&2
+ kill -9 $DBUS_SESSION_BUS_PID
+ fi
+ echo $SCRIPTNAME: $* >&2
+
+ exit 1
+}
+
+SCRIPTNAME=$0
+MODE=$1
+
+## so the tests can complain if you fail to use the script to launch them
+DBUS_TEST_NAME_RUN_TEST_SCRIPT=1
+export DBUS_TEST_NAME_RUN_TEST_SCRIPT
+
+SOURCE_CONFIG_FILE=$DBUS_TOP_SRCDIR/test/name-test/tmp-session-like-system.conf
+export SOURCE_CONFIG_FILE
+# Rerun ourselves with tmp session bus if we're not already
+if test -z "$DBUS_TEST_NAME_IN_SYS_RUN_TEST"; then
+ DBUS_TEST_NAME_IN_SYS_RUN_TEST=1
+ export DBUS_TEST_NAME_IN_SYS_RUN_TEST
+ exec $DBUS_TOP_SRCDIR/tools/run-with-tmp-session-bus.sh $SCRIPTNAME $MODE
+fi
+
+if test -n "$DBUS_TEST_MONITOR"; then
+ dbus-monitor --session &
+fi
+
+echo "running test-expected-echo-fail"
+${DBUS_TOP_BUILDDIR}/libtool --mode=execute $DEBUG $DBUS_TOP_BUILDDIR/tools/dbus-send --print-reply --dest=org.freedesktop.DBus.TestSuiteEchoService /org/freedesktop/TestSuite org.freedesktop.TestSuite.Echo string:hi >echo-error-output.tmp 2>&1
+if ! grep -q 'DBus.Error' echo-error-output.tmp; then
+ echo "Didn't get expected failure; output was:"
+ echo "====="
+ cat echo-error-output.tmp
+ echo "====="
+ exit 1
+fi
+
+echo "running test echo signal"
+if ! python ./test-wait-for-echo.py; then
+ echo "Failed test-wait-for-echo"
+ exit 1
+fi
+
+
+exit 0
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.2.4/test/name-test/run-with-tmp-session-bus.conf new/dbus-1.2.10/test/name-test/run-with-tmp-session-bus.conf
--- old/dbus-1.2.4/test/name-test/run-with-tmp-session-bus.conf 2008-10-06 23:51:05.000000000 +0200
+++ new/dbus-1.2.10/test/name-test/run-with-tmp-session-bus.conf 2008-12-19 20:39:55.000000000 +0100
@@ -8,17 +8,48 @@
<!-- Our well-known bus type, don't change this -->
<type>session</type>
+ <!-- If we fork, keep the user's original umask to avoid affecting
+ the behavior of child processes. -->
+
+
+ <syslog/>
+
<listen>unix:tmpdir=/tmp</listen>
<servicedir>/src/jhbuild/checkout/dbus/test/data/valid-service-files</servicedir>
+ <!-- intended to match system bus -->
+ <policy context="default">
+ <!-- Deny everything then punch holes -->
+ <deny send_interface="*"/>
+ <deny receive_interface="*"/>
+ <deny own="*"/>
+ <!-- But allow all users to connect -->
+ <allow user="*"/>
+ <!-- Allow anyone to talk to the message bus -->
+ <!-- FIXME I think currently these eallow rules are always implicit
+ even if they aren't in here -->
+ <allow send_destination="org.freedesktop.DBus"/>
+ <allow receive_sender="org.freedesktop.DBus"/>
+ <!-- Allow all signals to be sent by default -->
+ <allow send_type="signal"/>
+ <!-- valid replies are always allowed -->
+ <allow send_requested_reply="true" send_type="method_return"/>
+ <allow send_requested_reply="true" send_type="error"/>
+ <allow receive_requested_reply="true"/>
+ <!-- disallow changing the activation environment of system services -->
+
+ </policy>
+
<policy context="default">
- <!-- Allow everything to be sent -->
- <allow send_destination="*" eavesdrop="true"/>
- <!-- Allow everything to be received -->
- <allow eavesdrop="true"/>
- <!-- Allow anyone to own anything -->
- <allow own="*"/>
+ <allow own="org.freedesktop.DBus.TestSuiteEchoService"/>
+
+
</policy>
Reply