Age | Commit message (Collapse) | Author |
|
If the caller does not specify arg1 for NameOwnerChanged matches, we
really must take the ID from arg2 or arg3, if provided. They are
guaranteed to be identical to arg1 if either is supplied, but there is no
strict requiredment that arg1 is supplied. Hence, make sure to always
take the more restrictive match. Otherwise, we install rather wide
matches without anyone requiring them.
|
|
Make sure we don't install NameOwnerChanged matches if the caller passed
a destination='' match (except if it is the broadcast address). Per spec,
all NameOwnerChanged signals are broadcasts.
Only the NameLost/NameAcquired signals are unicasts, but those are never
received through sd-bus. Instead, the bus-proxy synthesizes them and it
already installs proper matches for them.
|
|
Make sure we actually parse "unsigned long long" if we encode a uint64_t.
Otherwise, we will get random data from the stack.
|
|
In gvariant, all fixed-size objects need to be sized a multiple of their
alignment. If a structure has only fixed-size members, it is required to
be fixed size itself. If you imagine a structure like (ty), you have an
8-byte member followed by an 1-byte member. Hence, the overall inner-size
is 9. The alignment of the object is 8, though. Therefore, the specs
mandates final padding after fixed-size structures, to make sure it's
sized a multiple of its alignment (=> 16).
On the gvariant decoder side, we already account for this in
bus_gvariant_get_size(), as we apply overall padding to the size of the
structure. Therefore, our decoder correctly skips such final padding when
parsing fixed-size structure.
On the gvariant encoder side, however, we don't account for this final
padding. This patch fixes the structure and dict-entry encoders to
properly place such padding at the end of non-uniform fixed-size
structures.
The problem can be easily seen by running:
$ busctl --user monitor
and
$ busctl call --user org.freedesktop.systemd1 / org.foobar foobar "(ty)" 777 8
The monitor will fail to parse the message and print an error. With this
patch applied, everything works fine again.
This patch also adds a bunch of test-cases to force non-uniform
structures with non-pre-aligned positions.
Thanks to Jan Alexander Steffens <jan.steffens@gmail.com> for spotting
this and narrowing it down to non-uniform gvariant structures. Fixes #597.
|
|
So right now our object-tree is limited to 2 levels at most
('/' and '/foo/...../bar'). We never link any intermediate levels, even
though that was clearly the plan. Fix the bus_node_allocate() helper to
actually link all intermediate nodes, too, not just the root node.
This fixes a simple inverse ptr-diff bug.
The downside of this fix is that we clearly never tested (nor used) the
object tree in any way. The only reason that the introspection works is
that our enumerators shortcut the object tree.
Lets see whether that code actually works..
Thanks to: Nathaniel McCallum <nathaniel@themccallums.org>
..for reporting this. See #524 for an actual example code.
|
|
We were ignoring failures from unhexchar, which meant that invalid
hex characters were being turned into garbage rather than the string
rejected.
Fix this by making unhexmem return an error code, also change the API
slightly, to return the size of the returned memory, reflecting the
fact that the memory is a binary blob,and not a string.
For convenience, still append a trailing NULL byte to the returned
memory (not included in the returned size), allowing callers to
treat it as a string without doing a second copy.
|
|
sd-bus: include queried path in GetManagedObjects
|
|
If GetManagedObjects is called on /foo/bar, then it should also include
the object /foo/bar, if it exists. Right now, we only include objects
underneath /foo/bar/.
This follows the behavior of existing dbus implementations.
Obsoletes #527 and fixes #525. Reported by: Nathaniel McCallum
|
|
All other *_get_description() functions use 'const char**', so make sure
sd_bus_slot_get_description() does the same.
This changes API, but ABI stays stable. I think this is fine, but I
wouldn't mind bumping SONAME.
Reported in #528.
|
|
Right now, if you're already in a session and call CreateSession, we
return information about the current session of yours. This is highy
confusing and a nasty hack. Avoid that, and instead return a commonly
known error, so the caller can detect that.
This has the side-effect, that we no longer override XDG_VTNR and XDG_SEAT
in pam_systemd, if you're already in a session. But this sounds like the
right thing to do, anyway.
|
|
|
|
Right now, we never install destination matches on kdbus as the kernel did
not support MATCH rules on those. With the introduction of
KDBUS_ITEM_DST_ID we can now match on destination IDs, so add explicit
support for those.
This requires a recent kdbus module to work. However, there seems to be no
user-space that uses "Destination=''" matches, yet, so old kdbus modules
still work fine (we couldn't find any real user).
This is needed to match on unicast signals in bus-proxy. A followup will
add support for this.
|
|
sd-bus: introduce new sd_bus_flush_close_unref() call
|
|
Running `busctl monitor` currently buffers data for several seconds /
kilobytes before writing stdout. This is highly confusing if you dump in a
file, ^C busctl and then end up with a file with data of the last few
_seconds_ missing.
Fix this by explicitly flushing after each signal.
|
|
sd_bus_flush_close_unref() is a call that simply combines sd_bus_flush()
(which writes all unwritten messages out) + sd_bus_close() (which
terminates the connection, releasing all unread messages) +
sd_bus_unref() (which frees the connection).
The combination of this call is used pretty frequently in systemd tools
right before exiting, and should also be relevant for most external
clients, and is hence useful to cover in a call of its own.
Previously the combination of the three calls was already done in the
_cleanup_bus_close_unref_ macro, but this was only available internally.
Also see #327
|
|
When we get notifications from the kernel, we always turn them into
synthetic dbus1 messages. This means, we do *not* consume the kdbus
message, and as such have to free the offset.
Right now, the translation-helpers told the caller that they consumed the
message, which is wrong. Fix this by explicitly releasing all kernel
messages that are translated.
|
|
Fixes #306.
|
|
In kdbus we still have to support org.freedesktop.DBus matches even though
there is no real bus driver. The reason is that bus-control.c turns
NameOwnerChanged matches into proper kdbus matches. If we drop DRIVER
matches early, we will never match on name-changes for kdbus.
Two ways to fix this:
1) Install DRIVER matches on kdbus (which is the simple way our and which
is what this patch does).
2) Properly fix the scope-detection to let NameOwnerChanged matches
through (or better: block anything with Member!=NameOwnerChanged).
|
|
./configure --enable/disable-kdbus can be used to set the default
behavior regarding kdbus.
If no kdbus kernel support is available, dbus-dameon will be used.
With --enable-kdbus, the kernel command line option "kdbus=0" can
be used to disable kdbus.
With --disable-kdbus, the kernel command line option "kdbus=1" is
required to enable kdbus support.
|
|
Stop talking about the "XDG" version of basename()
|
|
XDG refers to X Desktop Group, a former name for freedesktop.org.
This group is responsible for specifications like basedirs,
.desktop files and icon naming, but as far as I know, it has never
tried to redefine basename().
I think these references were meant to say XPG (X/Open Portability
Guide), a precursor of POSIX. POSIX is better-known and less easily
confused with XDG, and is how the basename(3) man page describes
the libgen.h version of basename().
The other version of basename() is glibc-specific and is described
in basename(3) as "the GNU version"; specifically mention that
version, to disambiguate.
|
|
sd-bus: suppress installing local bus matches server side
|
|
Matches that can only match against messages from the
org.freedesktop.DBus.Local service (or the local interfaces or path)
should never be installed server side, suppress them hence.
Similar, on kdbus matches that can only match driver messages shouldn't
be passed to the kernel.
|
|
https://github.com/systemd/systemd/issues/234
|
|
hashmap: fix iterators to not skip entries
|
|
|
|
Currently, the HASHMAP iterators stop at the first NULL entry in a
hashmap. This is non-obvious and breaks users like sd-device, which
legitimately store NULL values in a hashmap.
Fix all the iterators by taking a pointer to the value storage, instead of
returning it. The iterators now return a boolean that tells whether the
end of the list was reached.
Current users of HASHMAP_FOREACH() are *NOT* changed to explicitly check
for NULL. If it turns out, there were users that inserted NULL into
hashmaps, but didn't properly check for it during iteration, then we
really want to find those and fix them.
|
|
basic/ can be used by everything
cannot use anything outside of basic/
libsystemd/ can use basic/
cannot use shared/
shared/ can use libsystemd/
|
|
Our bloom-filters support root-path matching. Make sure we properly add
the path_namespace= tag.
|
|
DBus-spec defines two different pattern matchings:
1) Path and namespace prefix matching. In this case, A matches B either
if both are equal, or if B is fully included in the namespace of A.
In other words, A has to be a prefix of B, but end with a separator
character (or the following character in B must be one).
This is used for path_namespace= and arg0namespace=
2) The other pattern matching is used for arg0path= which does a two-way
matching. That is, A must be a prefix of B, or B a prefix of A.
Furthermore, the prefix must end with a separator.
Fix the sd-bus helpers to reflect that. The 'simple_' and 'complex_'
prefixes don't make any sense now, but.. eh..
|
|
Make sure we actually verify our match-rules are executed properly. Right
now all we test is the bloom-matches, which are non-reliable as they leave
through false-positives.
|
|
DBus spec clearly defines arg0path= to be a two-way matching. That is,
either the matcher or the matchee can be a prefix of the other to match.
This is not possible to implement with bloom-filters. Instead, we'd have
to add a separate filter for each prefix. This is non-trivial, though.
Hence, just skip the match for now and match locally.
|
|
Lets look at an example where we add arg0="/foo/bar/waldo" to a
bloom-filter. The following strings are added:
"arg0:/foo/bar/waldo"
"arg0-slash-prefix:/foo/bar"
"arg0-slash-prefix:/foo"
Two problems arise:
1) If we match on "arg0path=/foo/bar/waldo", the dbus-spec explicitly
states that equal strings are also considered prefixes. However, in the
bloom-match, we can only provide a single match-filter. Therefore, we have
to add "arg0-slash-prefix:/foo/bar/waldo" there, but this never occured in
the bloom-mask of the message.
Hence, this patch makes sure bloom_add_prefixes() adds the full path as
prefix, too.
2) If we match on "arg0path=/foo/", the dbus-spec states that arg0path
does prefix-matching with the trailing slash _included_, unlike
path_namespace= matches, which does *not* include them. This is
inconsistent, but we have to support the specs. Therefore, we must add
prefixes with _and_ without trailing separators.
Hence, this patch makes sure bloom_add_prefixes() adds all prefixes with
the trailing slash included.
The final set of strings added therefore is:
"arg0:/foo/bar/waldo"
"arg0-slash-prefix:/foo/bar/waldo"
"arg0-slash-prefix:/foo/bar/"
"arg0-slash-prefix:/foo/bar"
"arg0-slash-prefix:/foo/"
"arg0-slash-prefix:/foo"
"arg0-slash-prefix:/"
|
|
It's only marginally shorter then the usual for() loop, but certainly
more readable.
|
|
|
|
use it anymore
|
|
|
|
|
|
This appears to be the right time to do it for SOCK_STREAM
unix sockets.
Also: condition bus_get_owner_creds_dbus1 was reversed. Split
it out to a separate variable for clarity and fix.
https://bugzilla.redhat.com/show_bug.cgi?id=1224211
|
|
SELinux information cannot be retrieved this way, since we are
using stream unix sockets and SCM_SECURITY does not work for
them.
SCM_CREDENTIALS use dropped to be consistent. We also should
get this information at connection time.
https://bugzilla.redhat.com/show_bug.cgi?id=1224211
"SCM_SECURITY was only added for datagram sockets."
|
|
|
|
utezduyar/feat/dump-sync-dbus-message-with-logging-on
sd-bus: dump sync messages in debug mode
|
|
|
|
mask/handlers
Also, when the child is potentially long-running make sure to set a
death signal.
Also, ignore the result of the reset operations explicitly by casting
them to (void).
|
|
Also reorder the code a bit to be easier to parse.
|
|
|
|
Right now we always pass KDBUS_ITEM_ATTACH_FLAGS_RECV to
KDBUS_CMD_BUS_MAKE, effectively forcing every bus connection to do the
same during KDBUS_CMD_HELLO. This used to be a workaround to make sure all
metadata is always present. However, we refrained from that approach and
intend to make all metadata collection solely rely on /proc access
restrictions. Therefore, there is no need to force the send-flags mask on
newly created buses.
|
|
Sync with upstream.
|
|
|
|
No functional changes.
|