Commit e47c893c authored by Simon McVittie's avatar Simon McVittie

Imported Upstream version 1.5.12

parent e9e3de91
D-Bus 1.5.12 (2012-03-27)
==
The “Big Book of Science” release.
• Add public API to validate various string types:
dbus_validate_path(), dbus_validate_interface(), dbus_validate_member(),
dbus_validate_error_name(), dbus_validate_bus_name(), dbus_validate_utf8()
(fd.o #39549, Simon McVittie)
• Turn DBusBasicValue into public API so bindings don't need to invent their
own "union of everything" type (fd.o #11191, Simon McVittie)
• Enumerate data files included in the build rather than using find(1)
(fd.o #33840, Simon McVittie)
• Add support for policy rules like <allow own_prefix="com.example.Service"/>
in dbus-daemon (fd.o #46273, Alban Crequy)
• Windows-specific:
· make dbus-daemon.exe --print-address (and --print-pid) work again
on Win32, but not on WinCE (fd.o #46049, Simon McVittie)
· fix duplicate case value when compiling against mingw-w64
(fd.o #47321, Andoni Morales Alastruey)
D-Bus 1.5.10 (2012-02-21)
==
......
......@@ -1154,6 +1154,7 @@ append_rule_from_element (BusConfigParser *parser,
const char *send_requested_reply;
const char *receive_requested_reply;
const char *own;
const char *own_prefix;
const char *user;
const char *group;
......@@ -1179,6 +1180,7 @@ append_rule_from_element (BusConfigParser *parser,
"send_requested_reply", &send_requested_reply,
"receive_requested_reply", &receive_requested_reply,
"own", &own,
"own_prefix", &own_prefix,
"user", &user,
"group", &group,
"log", &log,
......@@ -1190,7 +1192,7 @@ append_rule_from_element (BusConfigParser *parser,
receive_interface || receive_member || receive_error || receive_sender ||
receive_type || receive_path || eavesdrop ||
send_requested_reply || receive_requested_reply ||
own || user || group))
own || own_prefix || user || group))
{
dbus_set_error (error, DBUS_ERROR_FAILED,
"Element <%s> must have one or more attributes",
......@@ -1218,7 +1220,7 @@ append_rule_from_element (BusConfigParser *parser,
* base send_ can combine with send_destination, send_path, send_type, send_requested_reply
* base receive_ with receive_sender, receive_path, receive_type, receive_requested_reply, eavesdrop
*
* user, group, own must occur alone
* user, group, own, own_prefix must occur alone
*
* Pretty sure the below stuff is broken, FIXME think about it more.
*/
......@@ -1229,7 +1231,7 @@ append_rule_from_element (BusConfigParser *parser,
receive_error ||
receive_sender ||
receive_requested_reply ||
own ||
own || own_prefix ||
user ||
group)) ||
......@@ -1239,7 +1241,7 @@ append_rule_from_element (BusConfigParser *parser,
receive_error ||
receive_sender ||
receive_requested_reply ||
own ||
own || own_prefix ||
user ||
group)) ||
......@@ -1248,7 +1250,7 @@ append_rule_from_element (BusConfigParser *parser,
receive_error ||
receive_sender ||
receive_requested_reply ||
own ||
own || own_prefix ||
user ||
group)) ||
......@@ -1257,7 +1259,7 @@ append_rule_from_element (BusConfigParser *parser,
receive_error ||
receive_sender ||
receive_requested_reply ||
own ||
own || own_prefix ||
user ||
group)) ||
......@@ -1266,7 +1268,7 @@ append_rule_from_element (BusConfigParser *parser,
receive_error ||
receive_sender ||
receive_requested_reply ||
own ||
own || own_prefix ||
user ||
group)) ||
......@@ -1275,7 +1277,7 @@ append_rule_from_element (BusConfigParser *parser,
receive_error ||
receive_sender ||
receive_requested_reply ||
own ||
own || own_prefix ||
user ||
group)) ||
......@@ -1284,33 +1286,35 @@ append_rule_from_element (BusConfigParser *parser,
receive_error ||
receive_sender ||
receive_requested_reply ||
own ||
own || own_prefix ||
user ||
group)) ||
(receive_interface && (receive_error ||
own ||
own || own_prefix ||
user ||
group)) ||
(receive_member && (receive_error ||
own ||
own || own_prefix ||
user ||
group)) ||
(receive_error && (own ||
(receive_error && (own || own_prefix ||
user ||
group)) ||
(eavesdrop && (own ||
(eavesdrop && (own || own_prefix ||
user ||
group)) ||
(receive_requested_reply && (own ||
(receive_requested_reply && (own || own_prefix ||
user ||
group)) ||
(own && (user || group)) ||
(own && (own_prefix || user || group)) ||
(own_prefix && (own || user || group)) ||
(user && group))
{
......@@ -1488,18 +1492,29 @@ append_rule_from_element (BusConfigParser *parser,
if (receive_sender && rule->d.receive.origin == NULL)
goto nomem;
}
else if (own)
else if (own || own_prefix)
{
rule = bus_policy_rule_new (BUS_POLICY_RULE_OWN, allow);
if (rule == NULL)
goto nomem;
if (IS_WILDCARD (own))
own = NULL;
if (own)
{
if (IS_WILDCARD (own))
own = NULL;
rule->d.own.service_name = _dbus_strdup (own);
if (own && rule->d.own.service_name == NULL)
goto nomem;
rule->d.own.prefix = 0;
rule->d.own.service_name = _dbus_strdup (own);
if (own && rule->d.own.service_name == NULL)
goto nomem;
}
else
{
rule->d.own.prefix = 1;
rule->d.own.service_name = _dbus_strdup (own_prefix);
if (rule->d.own.service_name == NULL)
goto nomem;
}
}
else if (user)
{
......@@ -2730,10 +2745,61 @@ typedef enum
UNKNOWN
} Validity;
static dbus_bool_t
do_check_own_rules (BusPolicy *policy)
{
const struct {
char *name;
dbus_bool_t allowed;
} checks[] = {
{"org.freedesktop", FALSE},
{"org.freedesktop.ManySystem", FALSE},
{"org.freedesktop.ManySystems", TRUE},
{"org.freedesktop.ManySystems.foo", TRUE},
{"org.freedesktop.ManySystems.foo.bar", TRUE},
{"org.freedesktop.ManySystems2", FALSE},
{"org.freedesktop.ManySystems2.foo", FALSE},
{"org.freedesktop.ManySystems2.foo.bar", FALSE},
{NULL, FALSE}
};
int i = 0;
while (checks[i].name)
{
DBusString service_name;
dbus_bool_t ret;
if (!_dbus_string_init (&service_name))
_dbus_assert_not_reached ("couldn't init string");
if (!_dbus_string_append (&service_name, checks[i].name))
_dbus_assert_not_reached ("couldn't append string");
ret = bus_policy_check_can_own (policy, &service_name);
printf (" Check name %s: %s\n", checks[i].name,
ret ? "allowed" : "not allowed");
if (checks[i].allowed && !ret)
{
_dbus_warn ("Cannot own %s\n", checks[i].name);
return FALSE;
}
if (!checks[i].allowed && ret)
{
_dbus_warn ("Can own %s\n", checks[i].name);
return FALSE;
}
_dbus_string_free (&service_name);
i++;
}
return TRUE;
}
static dbus_bool_t
do_load (const DBusString *full_path,
Validity validity,
dbus_bool_t oom_possible)
dbus_bool_t oom_possible,
dbus_bool_t check_own_rules)
{
BusConfigParser *parser;
DBusError error;
......@@ -2770,6 +2836,11 @@ do_load (const DBusString *full_path,
{
_DBUS_ASSERT_ERROR_IS_CLEAR (&error);
if (check_own_rules && do_check_own_rules (parser->policy) == FALSE)
{
return FALSE;
}
bus_config_parser_unref (parser);
if (validity == INVALID)
......@@ -2786,6 +2857,7 @@ typedef struct
{
const DBusString *full_path;
Validity validity;
dbus_bool_t check_own_rules;
} LoaderOomData;
static dbus_bool_t
......@@ -2793,7 +2865,7 @@ check_loader_oom_func (void *data)
{
LoaderOomData *d = data;
return do_load (d->full_path, d->validity, TRUE);
return do_load (d->full_path, d->validity, TRUE, d->check_own_rules);
}
static dbus_bool_t
......@@ -2876,6 +2948,8 @@ process_test_valid_subdir (const DBusString *test_base_dir,
d.full_path = &full_path;
d.validity = validity;
d.check_own_rules = _dbus_string_ends_with_c_str (&full_path,
"check-own-rules.conf");
/* FIXME hackaround for an expat problem, see
* https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124747
......
......@@ -1240,25 +1240,26 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy,
return allowed;
}
dbus_bool_t
bus_client_policy_check_can_own (BusClientPolicy *policy,
DBusConnection *connection,
const DBusString *service_name)
static dbus_bool_t
bus_rules_check_can_own (DBusList *rules,
const DBusString *service_name)
{
DBusList *link;
dbus_bool_t allowed;
/* policy->rules is in the order the rules appeared
/* rules is in the order the rules appeared
* in the config file, i.e. last rule that applies wins
*/
allowed = FALSE;
link = _dbus_list_get_first_link (&policy->rules);
link = _dbus_list_get_first_link (&rules);
while (link != NULL)
{
BusPolicyRule *rule = link->data;
link = _dbus_list_get_next_link (&policy->rules, link);
link = _dbus_list_get_next_link (&rules, link);
/* Rule is skipped if it specifies a different service name from
* the desired one.
......@@ -1267,12 +1268,25 @@ bus_client_policy_check_can_own (BusClientPolicy *policy,
if (rule->type != BUS_POLICY_RULE_OWN)
continue;
if (rule->d.own.service_name != NULL)
if (!rule->d.own.prefix && rule->d.own.service_name != NULL)
{
if (!_dbus_string_equal_c_str (service_name,
rule->d.own.service_name))
continue;
}
else if (rule->d.own.prefix)
{
const char *data;
char next_char;
if (!_dbus_string_starts_with_c_str (service_name,
rule->d.own.service_name))
continue;
data = _dbus_string_get_const_data (service_name);
next_char = data[strlen (rule->d.own.service_name)];
if (next_char != '\0' && next_char != '.')
continue;
}
/* Use this rule */
allowed = rule->allow;
......@@ -1280,3 +1294,20 @@ bus_client_policy_check_can_own (BusClientPolicy *policy,
return allowed;
}
dbus_bool_t
bus_client_policy_check_can_own (BusClientPolicy *policy,
const DBusString *service_name)
{
return bus_rules_check_can_own (policy->rules, service_name);
}
#ifdef DBUS_BUILD_TESTS
dbus_bool_t
bus_policy_check_can_own (BusPolicy *policy,
const DBusString *service_name)
{
return bus_rules_check_can_own (policy->default_rules, service_name);
}
#endif /* DBUS_BUILD_TESTS */
......@@ -86,6 +86,8 @@ struct BusPolicyRule
{
/* can be NULL meaning "any" */
char *service_name;
/* if prefix is set, any name starting with service_name can be owned */
unsigned int prefix : 1;
} own;
struct
......@@ -154,11 +156,14 @@ dbus_bool_t bus_client_policy_check_can_receive (BusClientPolicy *policy,
DBusMessage *message,
dbus_int32_t *toggles);
dbus_bool_t bus_client_policy_check_can_own (BusClientPolicy *policy,
DBusConnection *connection,
const DBusString *service_name);
dbus_bool_t bus_client_policy_append_rule (BusClientPolicy *policy,
BusPolicyRule *rule);
void bus_client_policy_optimize (BusClientPolicy *policy);
#ifdef DBUS_BUILD_TESTS
dbus_bool_t bus_policy_check_can_own (BusPolicy *policy,
const DBusString *service_name);
#endif
#endif /* BUS_POLICY_H */
......@@ -459,8 +459,7 @@ bus_registry_acquire_service (BusRegistry *registry,
goto out;
}
if (!bus_client_policy_check_can_own (policy, connection,
service_name))
if (!bus_client_policy_check_can_own (policy, service_name))
{
dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED,
"Connection \"%s\" is not allowed to own the service \"%s\" due "
......
......@@ -512,6 +512,7 @@ statements, and works just like &lt;deny&gt; but with the inverse meaning.</para
eavesdrop="true" | "false"
own="name"
own_prefix="name"
user="username"
group="groupname"
</literallayout> <!-- .fi -->
......@@ -590,6 +591,13 @@ the character "*" can be substituted, meaning "any." Complex globs
like "foo.bar.*" aren't allowed for now because they'd be work to
implement and maybe encourage sloppy security anyway.</para>
<para>&lt;allow own_prefix="a.b"/&gt; allows you to own the name "a.b" or any
name whose first dot-separated elements are "a.b": in particular,
you can own "a.b.c" or "a.b.c.d", but not "a.bc" or "a.c".
This is useful when services like Telepathy and ReserveDevice
define a meaning for subtrees of well-known names, such as
org.freedesktop.Telepathy.ConnectionManager.(anything)
and org.freedesktop.ReserveDevice1.(anything).</para>
<para>It does not make sense to deny a user or group inside a &lt;policy&gt;
for a user or group; user/group denials can only be inside
......
......@@ -21,6 +21,7 @@ set (dbusinclude_HEADERS
${DBUS_DIR}/dbus-server.h
${DBUS_DIR}/dbus-shared.h
${DBUS_DIR}/dbus-signature.h
${DBUS_DIR}/dbus-syntax.h
${DBUS_DIR}/dbus-threads.h
${DBUS_DIR}/dbus-types.h
dbus-arch-deps.h
......@@ -51,6 +52,7 @@ set (DBUS_LIB_SOURCES
${DBUS_DIR}/dbus-server-debug-pipe.c
${DBUS_DIR}/dbus-sha.c
${DBUS_DIR}/dbus-signature.c
${DBUS_DIR}/dbus-syntax.c
${DBUS_DIR}/dbus-timeout.c
${DBUS_DIR}/dbus-threads.c
${DBUS_DIR}/dbus-transport.c
......
#! /bin/sh
# Wrapper for compilers which do not understand `-c -o'.
# Wrapper for compilers which do not understand '-c -o'.
scriptversion=2009-10-06.20; # UTC
scriptversion=2012-01-04.17; # UTC
# Copyright (C) 1999, 2000, 2003, 2004, 2005, 2009 Free Software
# Foundation, Inc.
# Copyright (C) 1999, 2000, 2003, 2004, 2005, 2009, 2010, 2012 Free
# Software Foundation, Inc.
# Written by Tom Tromey <tromey@cygnus.com>.
#
# This program is free software; you can redistribute it and/or modify
......@@ -29,21 +29,186 @@ scriptversion=2009-10-06.20; # UTC
# bugs to <bug-automake@gnu.org> or send patches to
# <automake-patches@gnu.org>.
nl='
'
# We need space, tab and new line, in precisely that order. Quoting is
# there to prevent tools from complaining about whitespace usage.
IFS=" "" $nl"
file_conv=
# func_file_conv build_file lazy
# Convert a $build file to $host form and store it in $file
# Currently only supports Windows hosts. If the determined conversion
# type is listed in (the comma separated) LAZY, no conversion will
# take place.
func_file_conv ()
{
file=$1
case $file in
/ | /[!/]*) # absolute file, and not a UNC file
if test -z "$file_conv"; then
# lazily determine how to convert abs files
case `uname -s` in
MINGW*)
file_conv=mingw
;;
CYGWIN*)
file_conv=cygwin
;;
*)
file_conv=wine
;;
esac
fi
case $file_conv/,$2, in
*,$file_conv,*)
;;
mingw/*)
file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'`
;;
cygwin/*)
file=`cygpath -m "$file" || echo "$file"`
;;
wine/*)
file=`winepath -w "$file" || echo "$file"`
;;
esac
;;
esac
}
# func_cl_wrapper cl arg...
# Adjust compile command to suit cl
func_cl_wrapper ()
{
# Assume a capable shell
lib_path=
shared=:
linker_opts=
for arg
do
if test -n "$eat"; then
eat=
else
case $1 in
-o)
# configure might choose to run compile as 'compile cc -o foo foo.c'.
eat=1
case $2 in
*.o | *.[oO][bB][jJ])
func_file_conv "$2"
set x "$@" -Fo"$file"
shift
;;
*)
func_file_conv "$2"
set x "$@" -Fe"$file"
shift
;;
esac
;;
-I*)
func_file_conv "${1#-I}" mingw
set x "$@" -I"$file"
shift
;;
-l*)
lib=${1#-l}
found=no
save_IFS=$IFS
IFS=';'
for dir in $lib_path $LIB
do
IFS=$save_IFS
if $shared && test -f "$dir/$lib.dll.lib"; then
found=yes
set x "$@" "$dir/$lib.dll.lib"
break
fi
if test -f "$dir/$lib.lib"; then
found=yes
set x "$@" "$dir/$lib.lib"
break
fi
done
IFS=$save_IFS
test "$found" != yes && set x "$@" "$lib.lib"
shift
;;
-L*)
func_file_conv "${1#-L}"
if test -z "$lib_path"; then
lib_path=$file
else
lib_path="$lib_path;$file"
fi
linker_opts="$linker_opts -LIBPATH:$file"
;;
-static)
shared=false
;;
-Wl,*)
arg=${1#-Wl,}
save_ifs="$IFS"; IFS=','
for flag in $arg; do
IFS="$save_ifs"
linker_opts="$linker_opts $flag"
done
IFS="$save_ifs"
;;
-Xlinker)
eat=1
linker_opts="$linker_opts $2"
;;
-*)
set x "$@" "$1"
shift
;;
*.cc | *.CC | *.cxx | *.CXX | *.[cC]++)
func_file_conv "$1"
set x "$@" -Tp"$file"
shift
;;
*.c | *.cpp | *.CPP | *.lib | *.LIB | *.Lib | *.OBJ | *.obj | *.[oO])
func_file_conv "$1" mingw
set x "$@" "$file"
shift
;;
*)
set x "$@" "$1"
shift
;;
esac
fi
shift
done
if test -n "$linker_opts"; then
linker_opts="-link$linker_opts"
fi
exec "$@" $linker_opts
exit 1
}
eat=
case $1 in
'')
echo "$0: No command. Try \`$0 --help' for more information." 1>&2
echo "$0: No command. Try '$0 --help' for more information." 1>&2
exit 1;
;;
-h | --h*)
cat <<\EOF
Usage: compile [--help] [--version] PROGRAM [ARGS]
Wrapper for compilers which do not understand `-c -o'.
Remove `-o dest.o' from ARGS, run PROGRAM with the remaining
Wrapper for compilers which do not understand '-c -o'.
Remove '-o dest.o' from ARGS, run PROGRAM with the remaining
arguments, and rename the output as expected.
If you are trying to build a whole package this is not the
right script to run: please start by reading the file `INSTALL'.
right script to run: please start by reading the file 'INSTALL'.
Report bugs to <bug-automake@gnu.org>.
EOF
......@@ -53,11 +218,13 @@ EOF
echo "compile $scriptversion"
exit $?
;;
cl | *[/\\]cl | cl.exe | *[/\\]cl.exe )
func_cl_wrapper "$@" # Doesn't return...
;;
esac
ofile=
cfile=
eat=
for arg
do
......@@ -66,8 +233,8 @@ do
else
case $1 in
-o)
# configure might choose to run compile as `compile cc -o foo foo.c'.
# So we strip `-o arg' only if arg is an object.
# configure might choose to run compile as 'compile cc -o foo foo.c'.
# So we strip '-o arg' only if arg is an object.
eat=1
case $2 in
*.o | *.obj)
......@@ -94,10 +261,10 @@ do
done
if test -z "$ofile" || test -z "$cfile"; then
# If no `-o' option was seen then we might have been invoked from a
# If no '-o' option was seen then we might have been invoked from a
# pattern rule where we don't need one. That is ok -- this is a
# normal compilation that the losing compiler can handle. If no
# `.c' file was seen then we are probably linking. That is also
# '.c' file was seen then we are probably linking. That is also
# ok.
exec "$@"
fi
......@@ -106,7 +273,7 @@ fi
cofile=`echo "$cfile" | sed 's|^.*[\\/]||; s|^[a-zA-Z]:||; s/\.c$/.o/'`
# Create the lock directory.
# Note: use `[/\\:.-]' here to ensure that we don't use the same name
# Note: use '[/\\:.-]' here to ensure that we don't use the same name
# that we are using for the .o file. Also, base the name on the expected
# object file name, since that is what matters with a parallel build.
lockdir=`echo "$cofile" | sed -e 's|[/\\:.-]|_|g'`.d
......
......@@ -2,9 +2,9 @@
# Attempt to guess a canonical system name.
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
# 2011 Free Software Foundation, Inc.
# 2011, 2012 Free Software Foundation, Inc.
timestamp='2011-05-11'
timestamp='2012-02-10'
# This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
......@@ -17,9 +17,7 @@ timestamp='2011-05-11'
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
# 02110-1301, USA.
# along with this program; if not, see <http://www.gnu.org/licenses/>.
#
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
......@@ -57,8 +55,8 @@ GNU config.guess ($timestamp)
Originally written by Per Bothner.
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free
Software Foundation, Inc.
2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012
Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
......@@ -145,7 +143,7 @@ UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown
case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
*:NetBSD:*:*)
# NetBSD (nbsd) targets should (where applicable) match one or
# more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*,
# more of the tuples: *-*-netbsdelf*, *-*-netbsdaout*,
# *-*-netbsdecoff* and *-*-netbsd*. For targets that recently
# switched to ELF, *-*-netbsd* would select the old