summaryrefslogtreecommitdiff
path: root/doc/dbus-specification.xml
Commit message (Collapse)AuthorAgeFilesLines
* Prepare v1.15.4dbus-1.15.4Simon McVittie2023-02-081-2/+12
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* spec: Mention that the system bus address might actually be in /runSimon McVittie2022-10-111-7/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | The interoperable address is unix:path=/var/run/dbus/system_bus_socket. However, in most (perhaps all) current Linux distributions, /var/run is guaranteed to be a symbolic link to /run, and using the path in /run has some advantages (particularly if automounters are used). Implementations that intend to be interoperable are not required to listen on exactly /var/run/dbus/system_bus_socket, as long as clients that connect to that socket will work correctly. Similarly, clients are not required to connect to exactly /var/run/dbus/system_bus_socket, as long as the overall system (consisting of the client and the OSs that it supports) ensures that it ends up connecting to the same well-known system bus that is available at /var/run/dbus/system_bus_socket. Because of the Unix conventions for how software installs into a prefix, building a D-Bus implementation with its default build-time configuration options will not necessarily result in an interoperable system bus. The system bus is normally shipped by OS distributors, who should ensure that they have configured it in a way that is interoperable. Resolves: https://gitlab.freedesktop.org/dbus/dbus/-/issues/180 Signed-off-by: Simon McVittie <smcv@collabora.com>
* Prepare v1.15.2dbus-1.15.2Simon McVittie2022-10-051-2/+13
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* spec: Mention the consequences of abstract sockets when using namespacesSimon McVittie2022-10-021-0/+17
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* spec: Clarify that unix:tmpdir may create unix:path sockets even on LinuxSimon McVittie2022-10-021-1/+6
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* Prepare spec v0.39Simon McVittie2022-09-221-1/+12
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* spec: AF_UNIX now available on Windows as wellMarc-André Lureau2022-07-151-12/+2
| | | | Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
* spec: try to improve comment about AF_UNIX pathMarc-André Lureau2022-07-151-6/+4
| | | | | | | | The comment refers to the nul-padding of sockaddr_un member sun_path and using an addrlen of sizeof(sockaddr_un). There is not much need to document an old now "broken" behaviour. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
* spec: Document a recommendation for IDNs in reversed domain namesSimon McVittie2022-07-131-4/+25
| | | | | | | | | | | | | D-Bus names are in an ASCII subset, so IDNs have to be in their ACE encoding (Punycode). ACE-encoded labels contain hyphen/minus characters, and like any other label containing a hyphen/minus, we recommend replacing those with underscores, to improve interoperability with contexts that allow underscores but not hyphen/minus, such as D-Bus object paths and Flatpak app-IDs. Prompted by <https://github.com/flatpak/flatpak/issues/4974>. Signed-off-by: Simon McVittie <smcv@collabora.com>
* Revert "spec: Go back to v0.38"Simon McVittie2022-02-281-2/+2
| | | | | | This reverts commit 428f60e8b2f5e3f1871c3173700bbe2d8139e242. Signed-off-by: Simon McVittie <smcv@collabora.com>
* spec: Go back to v0.38Simon McVittie2022-02-281-2/+2
| | | | | | | Nothing changed in v0.39 yet, and it would be confusing to have the version uploaded alongside dbus 1.14.0 say "not yet finalized". Signed-off-by: Simon McVittie <smcv@collabora.com>
* Start development of dbus 1.13.24Simon McVittie2022-02-231-2/+2
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* Prepare dbus 1.13.22 and spec 0.38dbus-1.13.22Simon McVittie2022-02-231-2/+13
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* dbus-specification: Add signal 'ActivatableServicesChanged' and related bus ↵Ralf Habacker2022-02-161-0/+37
| | | | | | feature Signed-off-by: Ralf Habacker <ralf.habacker@freenet.de>
* spec: add * to optionally-escaped bytes setKir Kolyshkin2022-01-311-1/+1
| | | | | | | | | | | Commit ee71e1ff6033a added * to the list of optionally escaped bytes set, but did not update the documentation. I guess this happened because the change is not backward compatible. It seems that the period of 14+ years should be enough to not cause any backward compatibility issues, so let's document this. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
* Prepare v1.13.20Simon McVittie2021-12-171-2/+2
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* Update NEWSSimon McVittie2021-12-101-1/+4
| | | | | | | Since we're heading for a 1.14.x branch (dbus#350), also draft the summary of what has changed since 1.12.x. Signed-off-by: Simon McVittie <smcv@collabora.com>
* Clean up use of the term for an array of dict entriesRalf Habacker2021-11-091-8/+18
| | | | | | fixes #347 Signed-off-by: Ralf Habacker <ralf.habacker@freenet.de>
* Start spec 0.37 developmentRalf Habacker2021-11-081-2/+2
|
* Describe where machine ID comes fromThomas Kluyver2021-10-291-0/+18
|
* spec: Clarify Array element needs to be padded even if inexistentZeeshan Ali2021-03-101-1/+3
|
* spec: Clarify that Variant's value needs paddingZeeshan Ali2021-03-101-0/+18
|
* spec: Update recommendations for DBUS_COOKIE_SHA1 timeoutsSimon McVittie2020-09-071-2/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This had two issues that could damage interoperability. First, the spec wording suggested that any cookie that had not been deleted was suitable for use in authentication. However, this introduces a race condition, which is called out in comments in both the reference implementation and GDBus: the newest cookie might be less old than the arbitrary lifetime when authentication *begins*, but older than the lifetime at the time authentication *ends*. As a result, we need a grace period during which an old cookie will still be accepted, but a newer cookie exists and will be used for new authentication operations. Second, the spec wording implied that the arbitrary timeouts were completely up to the implementor. However, GLib bug https://gitlab.gnome.org/GNOME/glib/-/issues/2164 indicates that they need to be reasonably compatible: in particular, GDBus servers historically didn't allocate new cookies until 10 minutes had passed, but libdbus clients would decline to use a cookie older than 5 minutes, causing authentication to fail if the gdbus-server test-case (in which GDBus and libdbus clients connect to a GDBus server) happened to take longer than 5 minutes to run. While I'm here, also be consistent about calling the secrets "cookies" (consistent with the name of the mechanism) rather than "keys" (which is what they are called in libdbus' dbus-keyring.c). Signed-off-by: Simon McVittie <smcv@collabora.com>
* Reference implementation v1.13.14 and Specification v0.36dbus-1.13.14Simon McVittie2020-04-211-1/+11
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* spec: fix typo in exampleZygmunt Krynicki2020-04-161-1/+1
| | | The length of "bar" is encoded as 3. The annotation is incorrect.
* Start spec 0.36 developmentSimon McVittie2019-06-111-2/+2
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* Revert "Start spec 0.36 development"Simon McVittie2019-06-091-2/+2
| | | | | This reverts commit edece0274b37472d7da6db37e8afd9100d18564b. No spec changes have happened since 0.35.
* Start spec 0.36 developmentSimon McVittie2019-05-171-2/+2
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* Prepare release v1.13.10 and Specification v0.35dbus-1.13.10Simon McVittie2019-05-131-1/+12
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* spec: Document what happens for unrepresentable group IDsSimon McVittie2019-04-171-1/+2
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* Add UnixGroupIDs to connection credentialsMatthijs van Duin2019-03-251-0/+11
| | | | Signed-off-by: Matthijs van Duin <matthijsvanduin@gmail.com>
* Update dbus-specification.xml to remove redundancies in the interface name ↵Felipe Gasper2019-03-131-5/+0
| | | | requirements.
* Update dbus-specification.xml to avoid implying that an interface name may ↵Felipe Gasper2019-03-131-1/+1
| | | | consist of only 1 element.
* Start working on dbus 1.13.10Simon McVittie2018-12-041-2/+2
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* 1.13.8dbus-1.13.8Simon McVittie2018-12-041-2/+12
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* spec: Fix a typo in an ObjectManager examplePhilip Withnall2018-12-031-1/+1
| | | | | | | | As spotted by Peter Bigot. Closes #221 Signed-off-by: Philip Withnall <withnall@endlessm.com>
* 1.13.4dbus-1.13.4Simon McVittie2018-04-301-3/+14
|
* spec: Describe nonce-tcp as "nonce-authenticated", not "nonce-secured"Simon McVittie2018-04-251-1/+1
| | | | | | | | | | | nonce-tcp isn't really any more secure than tcp, unless you are using ANONYMOUS authentication, which should not be considered secure in any case. Avoid the word "secured" so that people don't get the wrong idea. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com>
* spec, dbus-daemon(1): Mention and deprecate shared session busesSimon McVittie2018-04-251-0/+13
| | | | | | | | | | | | | | | This might (?) have made sense behind a firewall in 2003; but now it's 2018, the typical threat model that we are defending against has changed from "vandals want to feel proud of their l33t skills" to "organised crime wants your money", and a "trusted" local LAN probably contains an obsolete phone, tablet, games console or Internet-of-Things-enabled toaster with remote root exploits. This make network topologies that used to be acceptable look increasingly irresponsible. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com>
* spec: Note that EXTERNAL is not *completely* impossible via TCPSimon McVittie2018-04-251-1/+4
| | | | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
* spec: Expand on how tcp connections are normally authenticatedSimon McVittie2018-04-251-2/+5
| | | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Philip Withnall <withnall@endlessm.com>
* spec: Describe the security properties of nonce-tcp in terms of tcpSimon McVittie2018-04-231-0/+26
| | | | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Philip Withnall <withnall@endlessm.com>
* spec, dbus-daemon(1): Recommend against remote TCP for debuggingSimon McVittie2018-04-231-0/+10
| | | | | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Philip Withnall <withnall@endlessm.com> [smcv: Add a TODO comment as suggested] Signed-off-by: Simon McVittie <smcv@collabora.com>
* spec, dbus-daemon(1): Say that non-local TCP is insecureSimon McVittie2018-04-231-2/+7
| | | | | | | | | | | | | With some fairly reasonable threat models (active or passive local attacker able to eavesdrop on the network link, confidential information being transferred via D-Bus), secure authentication is insufficient to make this transport secure: it does not protect confidentiality or integrity either. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Philip Withnall <withnall@endlessm.com>
* spec: Don't claim that the nonce-tcp transport is "secured"Simon McVittie2018-04-231-4/+4
| | | | | | | | | | | | | | | | Like the normal TCP transport, it has no confidentiality or integrity protection. The only difference is that it adds an extra layer of authentication. However, this extra authentication is easily defeated if an attacker could be eavesdropping on the link between client and server (unlike DBUS_COOKIE_SHA1, which for all its flaws does at least protect the confidentiality of the magic cookie). Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Philip Withnall <withnall@endlessm.com>
* spec: Recommend Unix domain sockets for all non-Windows platformsSimon McVittie2018-04-231-1/+6
| | | | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Philip Withnall <withnall@endlessm.com>
* Start developing spec v0.33Simon McVittie2018-02-011-4/+2
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* Release spec v0.32Simon McVittie2018-01-301-1/+37
| | | | Signed-off-by: Simon McVittie <smcv@collabora.com>
* spec: Document the design principle that new headers must be asked forSimon McVittie2018-01-111-0/+19
| | | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=100317 Reviewed-by: Philip Withnall <withnall@endlessm.com> Signed-off-by: Simon McVittie <smcv@collabora.com>
* dbus-daemon: Filter out unknown header fieldsSimon McVittie2018-01-111-1/+24
| | | | | | Bug: https://bugs.freedesktop.org/show_bug.cgi?id=100317 Reviewed-by: Philip Withnall <withnall@endlessm.com> Signed-off-by: Simon McVittie <smcv@collabora.com>
View Lorry Controller Status