| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
(This is cancellation by the daemon, possibly requested by the client, not by the agent.)
https://bugs.freedesktop.org/show_bug.cgi?id=99741
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
| |
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=99741
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
| |
|
|
|
|
|
|
| |
Fix memory leaks, and don't return a pointer to freed memory.
https://bugs.freedesktop.org/show_bug.cgi?id=99741
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
| |
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=99741
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
| |
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=99741
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
| |
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=99741
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
| |
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=99741
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
| |
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=99741
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
For (non-public-API) *_to_gvariant, explicitly document that they return
a floating value, and rely on it in callers to avoid a
variable/sink/unref combo.
This should not change behavior.
https://bugs.freedesktop.org/show_bug.cgi?id=99741
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
| |
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=100764
|
| |
|
|
|
|
| |
Signed-off-by: Rui Matos <tiagomatos@gmail.com>
https://bugs.freedesktop.org/show_bug.cgi?id=99741
|
| |
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=99790
|
| |
|
|
|
|
|
|
|
| |
I'm trying to keep a relatively standard set around, and the code
there is cleaner than what we had before.
Also, injecting as WARN_CFLAGS rather than changing CFLAGS during
autoconf avoids any surprises from new warnings breaking autoconf
checks.
|
| |
|
|
|
|
|
|
| |
The autocompartment definition in the previous patches seems to be fine, but
constructing the autocompartment for the lifetime of the global object is probably
a better way to handle this.
Signed-off-by: Jeremy Linton <jeremy.linton@arm.com>
|
| |
|
|
|
|
|
|
|
| |
C++ needs explicit casts for many pointer type conversions
For example char * to void * should have a cast. Fix a
number of these cases. Also, correct a white space indentation
error left in the last patch for review clarity.
Signed-off-by: Jeremy Linton <jeremy.linton@arm.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Remove mozjs185 and mozjs17 from autoconf and replace them
with mozjs24.
Now that polkitbackendjsauthority is compiling in C++ mode
and the autoconf supports mozjs24, update the module so
that it builds with mozjs24.
Signed-off-by: Jeremy Linton <jeremy.linton@arm.com>
|
| |
|
|
|
|
|
|
| |
The JSAPI is now a full C++ interface. Convert the polkit
to JavaScript interface module to C++ compilation in order to
support newer versions of spidermonkey.
Signed-off-by: Jeremy Linton <jeremy.linton@arm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The default appears to be to translate all entries. This rule never takes
effect, the path to /action/message and /action/description is wrong (/action
is not a root node). Since we wanted them to be translated, it doesn't matter.
But it also translates all other tags (vendor, allow_any, etc.) and that
causes polkit to be unhappy, it can't handle the various language versions of
"no"
** (polkitd:27434): WARNING **: Unknown PolkitImplicitAuthorization string
'tidak'
Switch to a default of "no" and explicitly include the message and description
strings to be translated.
The patch was modified for PolicyKit by Ondrej Holy <oholy@redhat.com>.
https://bugs.freedesktop.org/show_bug.cgi?id=98366
|
| |
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=97238
|
| |
|
|
|
|
|
| |
gettext can extract strings from and merge them back into xml
file formats, with the help of .its files.
https://bugs.freedesktop.org/show_bug.cgi?id=96940
|
| |
|
|
|
|
|
|
|
|
|
|
| |
There is no need for polkit to ever use GVFS to load files from
non-local sources, so it's best to avoid loading GVFS code, and to just
rely on the local implementation in GIO instead. This reduces the attack
surface of polkit.
Implemented for the daemon, pkaction, pkcheck, pkexec and pkttyagent,
because none of them need remote file access.
https://bugs.freedesktop.org/show_bug.cgi?id=95487
|
| |
|
|
|
|
|
|
|
|
| |
Add G_DEFINE_AUTOPTR_CLEANUP_FUNC calls to polkittypes.h, so that
g_autoptr() can be used with polkit objects.
This is conditional on GLib ≥ 2.44.0 being available. It does not bump
polkit’s dependency on GLib.
https://bugs.freedesktop.org/show_bug.cgi?id=95065
|
| | |
|
| |
|
|
|
|
|
| |
It is no longer used since the move to JavaScript, and we don't want to
maintain it unnecessarily.
https://bugs.freedesktop.org/show_bug.cgi?id=94670
|
| |
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=94506
|
| |
|
|
|
|
|
|
|
| |
If an authentication is going on while the agent listener is
going away, then we access memory that has been freed.
g_hash_table_lookup_node: assertion failed: (hash_table->ref_count > 0)'
https://bugs.freedesktop.org/show_bug.cgi?id=94486
|
| | |
|
| | |
|
| |
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=93028
|
| |
|
|
|
|
|
| |
There were duplicated pieces of code detecting EOLs and escaping the code.
Those actions has been delegated to already-existing send_to_helper function.
https://bugs.freedesktop.org/show_bug.cgi?id=92886
|
| |
|
|
|
|
|
|
|
| |
There are pam modules (e.g. pam_vas) that may attempt to display multi-line
PAM_TEXT_INFO messages. Polkit was interpreting the lines after the first one
as a separate message that was not recognized causing the authorization
to fail. Escaping these strings and unescaping them fixes the issue.
https://bugs.freedesktop.org/show_bug.cgi?id=92886
|
| |
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=93000
|
| |
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=92960
|
| |
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=92566
|
| |
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=92321
|
| | |
|
| |
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=92046
|
| |
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=26355
|
| |
|
|
|
| |
Cleanup for
https://bugs.freedesktop.org/show_bug.cgi?id=75187
|
| |
|
|
|
|
|
|
|
| |
- OpenBSD does not use PAM nor SHADOW but bsd_auth(3) for authentication
- get_kinfo_proc(): adapt FreeBSD code to OpenBSD
- OpenBSD, get/setnetgrent are defined in netgroup.h and getnetgrent(3) takes a
const char
https://bugs.freedesktop.org/show_bug.cgi?id=75187
|
| | |
|
| | |
|
| |
|
|
| |
This avoids duplicating effort.
|
| |
|
|
|
|
|
|
|
|
| |
PolkitAgentTextListener's "completed" handler drops the last reference
to the session; in fact this is explicitly recommended in the signal's
documentation. So we must not access any members of session after
emitting the signal.
Found while dealing with
https://bugs.freedesktop.org/show_bug.cgi?id=69501
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Don't assume that the hash table with free both the key and the value
at the same time, supply proper deallocation functions for the key
and value separately.
Then drop ParsedAction::action_id which is no longer used for anything.
https://bugs.freedesktop.org/show_bug.cgi?id=69501
and
https://bugs.freedesktop.org/show_bug.cgi?id=83590
CVE: CVE-2015-3255
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The JS “Operation callback” can be called by the runtime for other
reasons, not only when we trigger it by a timeout—notably as part of GC.
So, make sure to only raise an exception if there actually was a
timeout.
Adding a whole extra mutex to protect a single boolean is somewhat of an
overkill, but better than worrying about “subtle bugs and occasionally
undefined behaviour” the g_atomic_* API is warning about.
https://bugs.freedesktop.org/show_bug.cgi?id=69501
also
https://bugs.freedesktop.org/show_bug.cgi?id=77524
|
| |
|
|
|
|
|
|
| |
Setting the callback to NULL is required by
https://developer.mozilla.org/en-US/docs/SpiderMonkey/JSAPI_Reference/JS_SetOperationCallback
to avoid the possibility of recursion.
https://bugs.freedesktop.org/show_bug.cgi?id=69501
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
“Exact stack rooting” means that every on-stack pointer to a JavaScript
value needs to be registered with the runtime. The current code doesn't
do this, so it is not safe to use against a runtime with this
configuration. Luckily this configuration is not default.
See
https://developer.mozilla.org/en-US/docs/SpiderMonkey/Internals/GC/Exact_Stack_Rooting
and other pages in the wiki for what the conversion would require.
https://bugs.freedesktop.org/show_bug.cgi?id=69501
|
| |
|
|
|
|
|
| |
This is necessary so that the GC can move the objects (though I haven't
so far encountered this in testing).
https://bugs.freedesktop.org/show_bug.cgi?id=69501
|
| |
|
|
|
|
|
|
|
| |
Required by
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey/JSAPI_reference/JS_THREADSAFE
; lack of requests causes assertion failures with a debug build of
mozjs17.
https://bugs.freedesktop.org/show_bug.cgi?id=69501
|
