diff options
-rw-r--r-- | ChangeLog | 15 | ||||
-rw-r--r-- | NEWS | 41 | ||||
-rw-r--r-- | bus/bus.c | 2 | ||||
-rw-r--r-- | bus/config-loader-expat.c | 3 | ||||
-rw-r--r-- | bus/config-parser.c | 17 | ||||
-rw-r--r-- | bus/config-parser.h | 4 | ||||
-rw-r--r-- | bus/system.conf.in | 5 | ||||
-rw-r--r-- | configure.in | 2 | ||||
-rw-r--r-- | dbus/dbus-userdb.c | 28 | ||||
-rw-r--r-- | test/Makefile.am | 1 | ||||
-rw-r--r-- | test/data/valid-config-files/system.d/test.conf | 20 |
11 files changed, 123 insertions, 15 deletions
@@ -1,3 +1,18 @@ +2003-04-28 Havoc Pennington <hp@redhat.com> + + * configure.in: 0.10 + + * NEWS: update + + * bus/system.conf.in: add <includedir>system.d</includedir> + + * dbus/dbus-userdb.c (_dbus_user_database_lookup): fix bug when + username was provided but not uid + + * bus/config-parser.c (struct BusConfigParser): keep track of + whether the parser is toplevel or was included; change some + of the error handling if it's included. + 2003-04-27 Havoc Pennington <hp@pobox.com> Unbreak my code... @@ -1,3 +1,44 @@ +D-BUS 0.10 +=== + +- reversed order of args to dbus_message_new() +- renamed dbus_message_name_is() and some other + functions +- change DBusWatch to have dbus_watch_handle() + similar to dbus_timeout_handle(), drop + connection/server-specific handle routines +- change message serials to be unsigned +- implemented <allow>/<deny>/<limit> features for + config file; system bus now has a deny-all policy + by default. +- system.conf has <includedir>system.d</includedir> + so packages can install additions to the default + policy to <allow> the messages they need. e.g. + CUPS might install a cups.conf - see + test/data/valid-config-files/system.d/test.conf + for an example. +- add timeouts for authentication, activation +- add glib-style "checks" on public API, enable + those by default, disable assertions by default +- add GMainContext argument to GLib setup functions, + can be NULL for default context. Needed for threads. +- add 64-bit integer type +- validate type of standard message header fields +- consider messages in the org.freedesktop.Local + namespace to be invalid (to avoid fake disconnect + messages for example) +- fix assorted memory leaks and other bugs in + the SHA-1 auth mechanism +- cache user database information (groups user is + in, etc.) helps a lot with NIS +- always store uid_t, pid_t, gid_t in "ulong" + rather than "int" +- implement config file settings for which + users can connect +- SHA-1 unit test +- dbus-send, dbus-monitor command line utilities +- fixed lots of misc crashes and other bugs + D-BUS 0.9 === @@ -312,7 +312,7 @@ bus_context_new (const DBusString *config_file, context = NULL; auth_mechanisms = NULL; - parser = bus_config_load (config_file, error); + parser = bus_config_load (config_file, TRUE, error); if (parser == NULL) goto failed; diff --git a/bus/config-loader-expat.c b/bus/config-loader-expat.c index 372a8867..3e45166d 100644 --- a/bus/config-loader-expat.c +++ b/bus/config-loader-expat.c @@ -164,6 +164,7 @@ expat_CharacterDataHandler (void *userData, BusConfigParser* bus_config_load (const DBusString *file, + dbus_bool_t is_toplevel, DBusError *error) { XML_Parser expat; @@ -207,7 +208,7 @@ bus_config_load (const DBusString *file, goto failed; } - parser = bus_config_parser_new (&dirname); + parser = bus_config_parser_new (&dirname, is_toplevel); if (parser == NULL) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); diff --git a/bus/config-parser.c b/bus/config-parser.c index 90f9efd3..d3f482ab 100644 --- a/bus/config-parser.c +++ b/bus/config-parser.c @@ -109,10 +109,12 @@ struct BusConfigParser BusPolicy *policy; /**< Security policy */ BusLimits limits; /**< Limits */ - + + char *pidfile; /**< PID file */ + unsigned int fork : 1; /**< TRUE to fork into daemon mode */ - char *pidfile; + unsigned int is_toplevel : 1; /**< FALSE if we are a sub-config-file inside another one */ }; static const char* @@ -266,7 +268,8 @@ merge_included (BusConfigParser *parser, } BusConfigParser* -bus_config_parser_new (const DBusString *basedir) +bus_config_parser_new (const DBusString *basedir, + dbus_bool_t is_toplevel) { BusConfigParser *parser; @@ -274,6 +277,8 @@ bus_config_parser_new (const DBusString *basedir) if (parser == NULL) return NULL; + parser->is_toplevel = !!is_toplevel; + if (!_dbus_string_init (&parser->basedir)) { dbus_free (parser); @@ -1388,7 +1393,7 @@ include_file (BusConfigParser *parser, DBusError tmp_error; dbus_error_init (&tmp_error); - included = bus_config_load (filename, &tmp_error); + included = bus_config_load (filename, FALSE, &tmp_error); if (included == NULL) { _DBUS_ASSERT_ERROR_IS_SET (&tmp_error); @@ -1759,7 +1764,7 @@ bus_config_parser_finished (BusConfigParser *parser, return FALSE; } - if (parser->listen_on == NULL) + if (parser->is_toplevel && parser->listen_on == NULL) { dbus_set_error (error, DBUS_ERROR_FAILED, "Configuration file needs one or more <listen> elements giving addresses"); @@ -1853,7 +1858,7 @@ do_load (const DBusString *full_path, dbus_error_init (&error); - parser = bus_config_load (full_path, &error); + parser = bus_config_load (full_path, TRUE, &error); if (parser == NULL) { _DBUS_ASSERT_ERROR_IS_SET (&error); diff --git a/bus/config-parser.h b/bus/config-parser.h index acf868ef..eaeafdc5 100644 --- a/bus/config-parser.h +++ b/bus/config-parser.h @@ -35,7 +35,8 @@ typedef struct BusConfigParser BusConfigParser; -BusConfigParser* bus_config_parser_new (const DBusString *basedir); +BusConfigParser* bus_config_parser_new (const DBusString *basedir, + dbus_bool_t is_toplevel); void bus_config_parser_ref (BusConfigParser *parser); void bus_config_parser_unref (BusConfigParser *parser); dbus_bool_t bus_config_parser_check_doctype (BusConfigParser *parser, @@ -71,6 +72,7 @@ void bus_config_parser_get_limits (BusConfigParser *parser, * finished ConfigParser. */ BusConfigParser* bus_config_load (const DBusString *file, + dbus_bool_t is_toplevel, DBusError *error); diff --git a/bus/system.conf.in b/bus/system.conf.in index e65c4af1..d8cd96a8 100644 --- a/bus/system.conf.in +++ b/bus/system.conf.in @@ -38,7 +38,12 @@ <allow user="*"/> </policy> + <!-- Config files are placed here that among other things, punch + holes in the above policy for specific services. --> + <includedir>system.d</includedir> + <!-- This is included last so local configuration can override what's in this standard file --> <include ignore_missing="yes">system-local.conf</include> + </busconfig> diff --git a/configure.in b/configure.in index 37a1bef8..6c4982f7 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ AC_PREREQ(2.52) AC_INIT(dbus/dbus.h) -AM_INIT_AUTOMAKE(dbus, 0.9) +AM_INIT_AUTOMAKE(dbus, 0.10) AM_CONFIG_HEADER(config.h) diff --git a/dbus/dbus-userdb.c b/dbus/dbus-userdb.c index 00f2dced..4a7b7488 100644 --- a/dbus/dbus-userdb.c +++ b/dbus/dbus-userdb.c @@ -69,7 +69,8 @@ _dbus_user_database_lookup (DBusUserDatabase *db, DBusUserInfo *info; _DBUS_ASSERT_ERROR_IS_CLEAR (error); - + _dbus_assert (uid != DBUS_UID_UNSET || username != NULL); + if (uid != DBUS_UID_UNSET) info = _dbus_hash_table_lookup_ulong (db->users, uid); else @@ -93,13 +94,30 @@ _dbus_user_database_lookup (DBusUserDatabase *db, return NULL; } - if (!_dbus_user_info_fill_uid (info, uid, error)) + if (uid != DBUS_UID_UNSET) { - _DBUS_ASSERT_ERROR_IS_SET (error); - free_user_info (info); - return NULL; + if (!_dbus_user_info_fill_uid (info, uid, error)) + { + _DBUS_ASSERT_ERROR_IS_SET (error); + free_user_info (info); + return NULL; + } + } + else + { + if (!_dbus_user_info_fill (info, username, error)) + { + _DBUS_ASSERT_ERROR_IS_SET (error); + free_user_info (info); + return NULL; + } } + /* be sure we don't use these after here */ + uid = DBUS_UID_UNSET; + username = NULL; + + /* insert into hash */ if (!_dbus_hash_table_insert_ulong (db->users, info->uid, info)) { dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); diff --git a/test/Makefile.am b/test/Makefile.am index 69a447df..227f0dba 100644 --- a/test/Makefile.am +++ b/test/Makefile.am @@ -61,6 +61,7 @@ TESTDIRS= \ data/sha-1 \ data/valid-config-files \ data/valid-config-files/basic.d \ + data/valid-config-files/system.d \ data/valid-service-files FIND_TESTS=find -name "*.message" -o -name "*.message-raw" -o -name "*.auth-script" -o -name "*.sha1" -o -name "*.txt" -o -name "*.conf" -o -name "*.service" diff --git a/test/data/valid-config-files/system.d/test.conf b/test/data/valid-config-files/system.d/test.conf new file mode 100644 index 00000000..a683679e --- /dev/null +++ b/test/data/valid-config-files/system.d/test.conf @@ -0,0 +1,20 @@ +<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" + "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> +<busconfig> + <!-- The following demonstrates how to punch holes in a default deny-all + policy so that a particular user can own a service, and other + connections can get messages from it --> + + <!-- Only fooserviceuser can own the FooService service, and + this user can only send the one kind of message --> + <policy user="fooserviceuser"> + <allow own="org.foo.FooService"/> + <allow send="org.foo.FooBroadcastMessage"/> + </policy> + + <!-- Allow any connection to receive the message, but + only if the message is sent by the owner of FooService --> + <policy context="default"> + <allow receive="org.foo.FooBroadcastMessage" receive_from="org.foo.FooService"/> + </policy> +</busconfig> |