summaryrefslogtreecommitdiff
path: root/configure.ac
Commit message (Collapse)AuthorAgeFilesLines
* Remove checks for dbus-glib from configure.acSimon McVittie2015-02-231-18/+1
| | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=83115 Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
* Link dbus-daemon and dbus-daemon-lauch-helper against libdbusBertrand SIMONNET2015-02-201-0/+8
| | | | | | | | | | | | | | The shared can be used by dbus-daemon and dbus-daemon-launch-helper by exporting the private symbols needed, reducing the size of dbus by about 500k. The private symbols are exposed under the version LIBDBUS_PRIVATE_@VERSION_NUMBER@. [Altered by Simon McVittie and Ralf Habacker to clear up some problematic linking.] Bug: https://bugs.freedesktop.org/show_bug.cgi?id=83115 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
* On Unix platforms with gcc (or compatible), hide non-exported symbolsSimon McVittie2015-02-201-0/+5
| | | | | | | | | | | | | | | | | | | | | | This changes the Linux behaviour to match the default situation on Windows: symbols without DBUS_EXPORT or DBUS_PRIVATE_EXPORT decoration are internal to libdbus-1, and cannot be used by other programs, even within the dbus source tree. This means the compiler/linker can optimize calls to those functions by avoiding indirection through the PLT, which should improve performance a little. However, the primary purpose of doing this is that it means developers building libdbus on Linux are considerably less likely to break it on Windows by mistake. I'm deliberately not adding -fvisbility=hidden in CMake because the complexity of doing so is unnecessary: Autotools is the recommended way to build dbus for Unix, and the one Unix developers are going to use in practice, unless they are specifically checking that they haven't broken the CMake build. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=83115 Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
* 1.9.13Simon McVittie2015-02-191-1/+1
|
* 1.9.12dbus-1.9.12Simon McVittie2015-02-191-4/+4
|
* Update autoconf file to build against libapparmorTyler Hicks2015-02-181-0/+21
| | | | | | | | | | | | | | | AppArmor support can be configured at build time with --enable-apparmor and --disable-apparmor. By default, the build time decision is automatically decided by checking if a sufficient libapparmor is available. A minimum required libapparmor is version 2.8.95. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=75113 Signed-off-by: Tyler Hicks <tyhicks@canonical.com> [smcv: avoid potential non-portability from "test EXPR -a EXPR"] Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Reviewed-by: Tyler Hicks <tyhicks@canonical.com>
* doc: Add a guide to designing D-Bus APIsPhilip Withnall2015-02-161-2/+40
| | | | | | | | | | | | | This guide gives some pointers on how to write D-Bus APIs which are nice to use. It adds an optional dependency on Ducktype and yelp-build from yelp-tools. These are used when available, but are not required unless --enable-ducktype-docs is passed to configure. They are required for uploading the docs, however. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88994 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
* Document dbus-test-toolSimon McVittie2015-02-121-0/+1
| | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=89086 Reviewed-by: Philip Withnall <philip.withnall@collabora.co.uk>
* 1.9.11Simon McVittie2015-02-091-1/+1
|
* 1.9.10dbus-1.9.10Simon McVittie2015-02-091-2/+2
|
* 1.9.9Simon McVittie2015-02-031-1/+1
|
* 1.9.8 development releasedbus-1.9.8Simon McVittie2015-02-031-3/+3
|
* Add infrastructure to run bits of tests under an alternative uidSimon McVittie2015-02-031-1/+11
| | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810 Reviewed-by: Philip Withnall
* test: implement GLib-style "installed tests"Simon McVittie2015-02-031-0/+1
| | | | | | | | | | | | | We run each test twice: * once with the system's session.conf, as an integration test (test-cases that need a special configuration are automatically skipped) * once with our special test configuration files, which provide better coverage Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810 Reviewed-by: Philip Withnall
* Generate test configuration files via build-time sed, not configureSimon McVittie2015-02-031-19/+0
| | | | | | | | This means we can generate a version that works when installed, from the same source files. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810 Reviewed-by: Philip Withnall
* Bump required GLib version to 2.36Simon McVittie2015-02-031-2/+2
| | | | | | | | | This is for g_close(), which the next commit will use. It also lets us rely on g_type_init() being a no-op (since 2.32 the type system is always initialized by a global constructor). Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810 Reviewed-by: Philip Withnall
* Enable subdir-objects Automake optionSimon McVittie2015-02-021-1/+1
| | | | | | | | It has been supported since at least 1.10, and its absence is deprecated since 1.14. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88808 Reviewed-by: Philip Withnall
* Use pygi instead of pygobject 2Simon McVittie2015-01-271-3/+3
| | | | | | | | | pygobject 2 is obsolete and unmaintained, and anyway this is for optional functionality (full regression test coverage) rather than anything that will be needed in production builds. Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=85969
* Merge tag 'dbus-1.9.6'Simon McVittie2015-01-051-2/+2
|\ | | | | | | | | | | | | | | dbus-1.9.6 Conflicts: NEWS configure.ac
| * Merge branch 'dbus-1.8' and prepare 1.9.6dbus-1.9.6Simon McVittie2015-01-011-2/+2
| |\ |/ / | | | | | | | | | | Conflicts: NEWS configure.ac test/dbus-daemon.c
| * Prepare release for Mondaydbus-1.8.14Simon McVittie2015-01-011-2/+2
| |
| * 1.8.13Simon McVittie2014-11-241-1/+1
| |
| * 1.8.12dbus-1.8.12Simon McVittie2014-11-241-2/+2
| |
* | 1.9.5Simon McVittie2014-11-241-1/+1
| |
* | 1.9.4dbus-1.9.4Simon McVittie2014-11-241-2/+2
| |
* | 1.9.3Simon McVittie2014-11-101-1/+1
|\ \ | |/
| * 1.8.11Simon McVittie2014-11-101-1/+1
| |
| * Embargoed security release for Mondaydbus-1.8.10Simon McVittie2014-11-061-2/+2
| |
* | 1.9.2, spec 0.25dbus-1.9.2Simon McVittie2014-11-061-3/+3
| |
* | Implement NetBSD credentials-passing with LOCAL_PEEREIDPatrick Welche2014-11-061-0/+5
| | | | | | | | | | | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=69702 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Reviewed-by: Alban Crequy <alban.crequy@collabora.co.uk> Tested-by: Patrick Welche <prlw1@cam.ac.uk>
* | Use a better NoReply message for disconnection with reply pendingSimon McVittie2014-10-291-0/+1
| | | | | | | | | | | | | | | | | | | | As an implementation detail, dbus-daemon handles this situation by artificially triggering a timeout (even if its configured timeout for method calls is in fact infinite). However, using the same debug message for both is misleading, and can lead people who are debugging a service crash to blame dbus-daemon instead, wasting their time. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=76112
* | Let pkg-config expand directory variables recursivelyРуслан Ижбулатов2014-10-131-0/+3
| | | | | | | | | | | | | | | | | | | | | | In particular this makes them more MinGW-friendly: pkg-config on Windows has specific code to rewrite the ${prefix} when installed in a different prefix. [add @datarootdir@, expand commit message -smcv] Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=75858
* | Start 1.9.2, update NEWSSimon McVittie2014-10-061-1/+1
| |
* | 1.9.0dbus-1.9.0Simon McVittie2014-10-011-5/+5
| |
* | config: add examples to show how to enable/disable the Stats interfaceAlban Crequy2014-10-011-0/+2
| | | | | | | | | | | | | | [install examples to ${docdir}/examples -smcv] Bug: https://bugs.freedesktop.org/show_bug.cgi?id=80759 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
* | Enable Stats interface by default; disallow non-root use on system busSimon McVittie2014-10-011-3/+3
| | | | | | | | | | | | | | [fix typo in interface name -alban] Bug: https://bugs.freedesktop.org/show_bug.cgi?id=80759 Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
* | New test for fd-passingSimon McVittie2014-09-171-2/+2
| | | | | | | | | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=83622 Reviewed-by: Alban Crequy <alban.crequy@collabora.co.uk> [add dbus-sysdeps-unix.h as required for close-on-exec in master -smcv]
* | Merge branch 'dbus-1.8'Simon McVittie2014-09-161-12/+1
|\ \ | |/ | | | | | | | | Conflicts: NEWS configure.ac
| * 1.8.9Simon McVittie2014-09-161-1/+1
| |
| * Prepare 1.8.8 (embargoed until tomorrow)dbus-1.8.8Simon McVittie2014-09-151-2/+2
| |
| * config: change DEFAULT_MESSAGE_UNIX_FDS to 16Simon McVittie2014-09-151-11/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This addresses CVE-2014-3636. Based on a patch by Alban Crequy. Now that it's the same on all platforms, there's little point in it being set by configure/cmake. This change fixes two distinct denials of service: fd.o#82820, part A ------------------ Before this patch, the system bus had the following default configuration: - max_connections_per_user: 256 - DBUS_DEFAULT_MESSAGE_UNIX_FDS: usually 1024 (or 256 on QNX, see fd.o#61176) as defined by configure.ac - max_incoming_unix_fds: DBUS_DEFAULT_MESSAGE_UNIX_FDS*4 = usually 4096 - max_outgoing_unix_fds: DBUS_DEFAULT_MESSAGE_UNIX_FDS*4 = usually 4096 - max_message_unix_fds: DBUS_DEFAULT_MESSAGE_UNIX_FDS = usually 1024 This means that a single user could create 256 connections and transmit 256*4096 = 1048576 file descriptors. The file descriptors stay attached to the dbus-daemon process while they are in the message loader, in the outgoing queue or waiting to be dispatched before D-Bus activation. dbus-daemon is usually limited to 65536 file descriptors (ulimit -n). If the limit is reached and dbus-daemon needs to receive a message with a file descriptor attached, this is signalled by recvfrom with the flag MSG_CTRUNC. Dbus-daemon cannot recover from that error because the kernel does not have any API to retrieve a file descriptor which has been discarded with MSG_CTRUNC. Therefore, it closes the connection of the sender. This is not necessarily the connection which generated the most file descriptors so it can lead to denial-of-service attacks. In order to prevent DoS issues, this patch reduces DEFAULT_MESSAGE_UNIX_FDS to 16: max_connections_per_user * max_incoming_unix_fds = 256 * 64 = 16384 This is less than the usual "ulimit -n" (65536) with a good margin to accomodate the other sources of file descriptors (stdin/stdout/stderr, listening sockets, message loader, etc.). Distributors on non-Linux may need to configure a smaller limit in system.conf, if their limit on the number of fds is smaller than Linux's. fd.o#82820, part B ------------------ On Linux, it's not possible to send more than 253 fds in a single sendmsg() call: sendmsg() would return -EINVAL. #define SCM_MAX_FD 253 SCM_MAX_FD changed value during Linux history: - it used to be (OPEN_MAX-1) - commit c09edd6eb (Jul 2007) changed it to 255 - commit bba14de98 (Nov 2010) changed it to 253 Libdbus always sends all of a message's fds, and the beginning of the message itself, in a single sendmsg() call. Combining these two, a malicious sender could split a message across two or more sendmsg() calls to construct a composite message with 254 or more fds. When dbus-daemon attempted to relay that message to its recipient in a single sendmsg() call, it would receive EINVAL, interpret that as a fatal socket error and disconnect the recipient, resulting in denial of service. This is fixed by keeping max_message_unix_fds <= SCM_MAX_FD. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=82820 Reviewed-by: Alban Crequy <alban.crequy@collabora.co.uk>
* | Merge branch 'dbus-1.8'Simon McVittie2014-09-151-0/+4
|\ \ | |/
| * On Linux, call prctl to disable core dumpsSimon McVittie2014-09-151-0/+4
| | | | | | | | | | | | | | | | Whenever I forget to turn off corekeeper, the regression tests take ages to record all test-segfault's crashes. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=83772 Reviewed-by: Alban Crequy <alban.crequy@collabora.co.uk>
* | Merge branch 'dbus-1.8'Simon McVittie2014-09-121-4/+7
|\ \ | |/ | | | | | | Conflicts: NEWS
| * enable build support without systemd compatibility librariesUmut Tezduyar Lindskog2014-09-121-4/+7
| | | | | | | | | | | | | | | | | | | | | | | | systemd 209 merged all the libraries to libsystemd. Old libraries can still be enabled with --enable-compat-libs switch in systemd but this increases the binary size. Implement a fallback library check in case compat libraries dont exist. [Fixed underquoting; switched priority so we try libsystemd first -smcv] Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
* | Merge branch 'dbus-1.8'Simon McVittie2014-07-021-2/+1
|\ \ | |/ | | | | | | | | Conflicts: NEWS configure.ac
| * start 1.8.7Simon McVittie2014-07-021-1/+1
| |
| * Prepare 1.8.6 in advancedbus-1.8.6Simon McVittie2014-06-301-2/+2
| |
| * reset versionSimon McVittie2014-06-101-1/+1
| |
* | configure.ac: backtrace() may be in libexecinfoPatrick Welche2014-06-111-1/+4
| | | | | | | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=69702 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
View Lorry Controller Status