Stop listening on DBusServer sockets when reaching max_incomplete_connections

This addresses the parts of CVE-2014-3639 not already addressed by reducing the default authentication timeout. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=80851 Bug: https://bugs.freedesktop.org/show_bug.cgi?id=80919 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
author: Alban Crequy <alban.crequy@collabora.co.uk> 2014-07-04 15:05:51 +0100
committer: Simon McVittie <simon.mcvittie@collabora.co.uk> 2014-09-15 12:28:37 +0100
commit: 8ad179a8dad789fc6a5402780044bc0ec3d41115 (patch)
tree: a0aa286cd837e1064acd0da5390824bec0f176f6 /dbus
parent: 54d26df52b6a394bea175651d1d7ad2ab3f87dea (diff)
download: dbus-8ad179a8dad789fc6a5402780044bc0ec3d41115.tar.gz
4 files changed, 30 insertions, 17 deletions
diff --git a/dbus/dbus-server-protected.h b/dbus/dbus-server-protected.h
index dd5234b9..e6dbd1e1 100644
--- a/dbus/dbus-server-protected.h
+++ b/dbus/dbus-server-protected.h
@@ -99,9 +99,8 @@ dbus_bool_t _dbus_server_add_watch      (DBusServer             *server,
                                          DBusWatch              *watch);
 void        _dbus_server_remove_watch   (DBusServer             *server,
                                          DBusWatch              *watch);
-void        _dbus_server_toggle_watch   (DBusServer             *server,
-                                         DBusWatch              *watch,
-                                         dbus_bool_t             enabled);
+void        _dbus_server_toggle_all_watches (DBusServer         *server,
+                                             dbus_bool_t         enabled);
 dbus_bool_t _dbus_server_add_timeout    (DBusServer             *server,
                                          DBusTimeout            *timeout);
 void        _dbus_server_remove_timeout (DBusServer             *server,
diff --git a/dbus/dbus-server.c b/dbus/dbus-server.c
index 19d8590c..c1d5f6e5 100644
--- a/dbus/dbus-server.c
+++ b/dbus/dbus-server.c
@@ -312,26 +312,17 @@ _dbus_server_remove_watch  (DBusServer *server,
 }
 
 /**
- * Toggles a watch and notifies app via server's
- * DBusWatchToggledFunction if available. It's an error to call this
- * function on a watch that was not previously added.
+ * Toggles all watch and notifies app via server's
+ * DBusWatchToggledFunction if available.
  *
  * @param server the server.
- * @param watch the watch to toggle.
  * @param enabled whether to enable or disable
  */
 void
-_dbus_server_toggle_watch (DBusServer  *server,
-                           DBusWatch   *watch,
-                           dbus_bool_t  enabled)
+_dbus_server_toggle_all_watches (DBusServer  *server,
+                                dbus_bool_t  enabled)
 {
-  _dbus_assert (watch != NULL);
-
-  HAVE_LOCK_CHECK (server);
-  protected_change_watch (server, watch,
-                          NULL, NULL,
-                          _dbus_watch_list_toggle_watch,
-                          enabled);
+  _dbus_watch_list_toggle_all_watches (server->watches, enabled);
 }
 
 /** Function to be called in protected_change_timeout() with refcount held */
diff --git a/dbus/dbus-watch.c b/dbus/dbus-watch.c
index b82c57d4..76a5d641 100644
--- a/dbus/dbus-watch.c
+++ b/dbus/dbus-watch.c
@@ -455,6 +455,27 @@ _dbus_watch_list_toggle_watch (DBusWatchList           *watch_list,
 }
 
 /**
+ * Sets all watches to the given enabled state, invoking the
+ * application's DBusWatchToggledFunction if appropriate.
+ *
+ * @param watch_list the watch list.
+ * @param enabled #TRUE to enable
+ */
+void
+_dbus_watch_list_toggle_all_watches (DBusWatchList           *watch_list,
+                                     dbus_bool_t              enabled)
+{
+  DBusList *link;
+
+  for (link = _dbus_list_get_first_link (&watch_list->watches);
+       link != NULL;
+       link = _dbus_list_get_next_link (&watch_list->watches, link))
+    {
+      _dbus_watch_list_toggle_watch (watch_list, link->data, enabled);
+    }
+}
+
+/**
  * Sets the handler for the watch.
  *
  * @todo this function only exists because of the weird
diff --git a/dbus/dbus-watch.h b/dbus/dbus-watch.h
index c5832141..321740ed 100644
--- a/dbus/dbus-watch.h
+++ b/dbus/dbus-watch.h
@@ -76,6 +76,8 @@ void           _dbus_watch_list_remove_watch  (DBusWatchList           *watch_li
 void           _dbus_watch_list_toggle_watch  (DBusWatchList           *watch_list,
                                                DBusWatch               *watch,
                                                dbus_bool_t              enabled);
+void           _dbus_watch_list_toggle_all_watches (DBusWatchList      *watch_list,
+                                               dbus_bool_t              enabled);
 dbus_bool_t    _dbus_watch_get_enabled        (DBusWatch              *watch);
 
 dbus_bool_t    _dbus_watch_get_oom_last_time  (DBusWatch               *watch);
author	Alban Crequy <alban.crequy@collabora.co.uk>	2014-07-04 15:05:51 +0100
committer	Simon McVittie <simon.mcvittie@collabora.co.uk>	2014-09-15 12:28:37 +0100
commit	8ad179a8dad789fc6a5402780044bc0ec3d41115 (patch)
tree	a0aa286cd837e1064acd0da5390824bec0f176f6 /dbus
parent	54d26df52b6a394bea175651d1d7ad2ab3f87dea (diff)
download	dbus-8ad179a8dad789fc6a5402780044bc0ec3d41115.tar.gz