Age | Commit message (Collapse) | Author |
|
In gvariant, all fixed-size objects need to be sized a multiple of their
alignment. If a structure has only fixed-size members, it is required to
be fixed size itself. If you imagine a structure like (ty), you have an
8-byte member followed by an 1-byte member. Hence, the overall inner-size
is 9. The alignment of the object is 8, though. Therefore, the specs
mandates final padding after fixed-size structures, to make sure it's
sized a multiple of its alignment (=> 16).
On the gvariant decoder side, we already account for this in
bus_gvariant_get_size(), as we apply overall padding to the size of the
structure. Therefore, our decoder correctly skips such final padding when
parsing fixed-size structure.
On the gvariant encoder side, however, we don't account for this final
padding. This patch fixes the structure and dict-entry encoders to
properly place such padding at the end of non-uniform fixed-size
structures.
The problem can be easily seen by running:
$ busctl --user monitor
and
$ busctl call --user org.freedesktop.systemd1 / org.foobar foobar "(ty)" 777 8
The monitor will fail to parse the message and print an error. With this
patch applied, everything works fine again.
This patch also adds a bunch of test-cases to force non-uniform
structures with non-pre-aligned positions.
Thanks to Jan Alexander Steffens <jan.steffens@gmail.com> for spotting
this and narrowing it down to non-uniform gvariant structures. Fixes #597.
|
|
resolved: add basic NSEC and NSEC3 support
|
|
So right now our object-tree is limited to 2 levels at most
('/' and '/foo/...../bar'). We never link any intermediate levels, even
though that was clearly the plan. Fix the bus_node_allocate() helper to
actually link all intermediate nodes, too, not just the root node.
This fixes a simple inverse ptr-diff bug.
The downside of this fix is that we clearly never tested (nor used) the
object tree in any way. The only reason that the introspection works is
that our enumerators shortcut the object tree.
Lets see whether that code actually works..
Thanks to: Nathaniel McCallum <nathaniel@themccallums.org>
..for reporting this. See #524 for an actual example code.
|
|
It is highly confusing if a getter function returns 0, but the value is
set to NULL. This, right now, triggers assertions as code relies on the
returned values to be non-NULL.
Like with sd-bus-creds and friends, return 0 only if a value is actually
available.
Discussed with Tom, and actually fixes real bugs as in #512.
|
|
If /etc/machine-id is missing (eg., gold images), we should not fail
installing sd-boot. This is a perfectly fine use-case and we should simply
skip installing the default loader config in that case.
|
|
Needed for DNSSEC.
|
|
This implements more of RFC4648.
|
|
Needed for DNSSEC.
|
|
For when a Hashmap is overkill.
|
|
|
|
sd-dhcp-lease: fix handling of multiple routers
We only support one router, but in case more than one is given, we now ignore subsequent ones, rather than fall over.
|
|
resolved: minor improvements to RR handling
|
|
This implements the recommendations from RFC3597.
|
|
resolved: harden
|
|
This merges:
sd-netlink: respect attribute type flags
..fixing a conflict due to a typo fix.
|
|
Needed for DNSSEC.
|
|
|
|
We used to have one global socket, use one per transaction instead. This
has the side-effect of giving us a random UDP port per transaction, and
hence increasing the entropy and making cache poisoining significantly
harder to achieve.
We still reuse the same port number for packets belonging to the same
transaction (resent packets).
|
|
This improves the resilience against cache poisoning by being stricter
about only accepting responses that match precisely the requst they
are in reply to.
It should be noted that we still only use one port (which is picked
at random), rather than one port for each transaction. Port
randomization would improve things further, but is not required by
the RFC.
|
|
We want to discover information about the server and use that in when crafting
packets to be resent.
|
|
resolve-host: enable dbus-activation
|
|
We want to reference the servers from their active transactions, so make sure
they stay around as long as the transaction does.
|
|
Currently we only make sure our links can handle the size of the payload witohut
taking the headers into account.
|
|
This patch adds support to configure IFF_VNET_HDR flag
for a tap device. It allows whether sending and receiving
large pass larger (GSO) packets. This greatly increases the
achievable throughput.
|
|
As mandated by RFC4034.
|
|
Make all LLMNR related packet inspections conditional to p->protocol.
Use switch-case statements while at it, which will make future additions
more readable.
|
|
The C and T bits in the DNS packet header definitions are specific to LLMNR.
In regular DNS, they are called AA and RD instead. Reflect that by calling
the macros accordingly, and alias LLMNR specific macros.
While at it, define RA, AD and CD getters as well.
|
|
De-duplicate some magic numbers.
|
|
|
|
This adds support for option 43 (Vendor Specific Information) to
libsystemd-network DHCP code. The option carries an opaque object of n
octets, interpreted by vendor-specific code on the clients and
servers.
[@zonque: adopted to new unhexmem() API]
|
|
This implements RFC4648 for a slightly more compact representation of
binary data compared to hex (6 bits per character rather than 4).
|
|
We were ignoring failures from unhexchar, which meant that invalid
hex characters were being turned into garbage rather than the string
rejected.
Fix this by making unhexmem return an error code, also change the API
slightly, to return the size of the returned memory, reflecting the
fact that the memory is a binary blob,and not a string.
For convenience, still append a trailing NULL byte to the returned
memory (not included in the returned size), allowing callers to
treat it as a string without doing a second copy.
|
|
logind: bring bus policy up-to-date
|
|
currently if a dhcp server sends more than one router, sd-dhcp-lease
does not copy the ip because it assumes it will only ever be 4 bytes. a
dhcp server could send more than one ip in the router list, so we should
copy the first one and ignore the rest of the bytes.
|
|
We shouldn't fall over that, and just assume it is 0 in this case.
Fixes #499.
|
|
A while back we opened up all of logind's bus calls to unprivileged
users, via PK. However, the dbus1 policy wasn't updated accordingly.
With this change, the dbus1 policy is opened up for all bus calls that
should be available to unprivileged clients.
(also rearranges some calls in the vtable, to make more sense, and be in
line with the order in the bus policy file)
Fixes #471.
|
|
util: make sure we don't clobber errno in error path
|
|
basic: simplify path_is_mount_point() a bit
|
|
This removes two uses of the ternary operator.
|
|
|
|
core: include unit in path state transition debug logging.
|
|
|
|
Spell out the proper name. Use 'pos' over 'position', and also update the
logind state file to do the same. Note that this breaks live updates.
However, we only save 'POSITION' on non-seat0, so this shouldn't bother
anyone for real. If you run multi-seat setups, you better restart a
machine on updates, anyway.
|
|
Make sure a greeter can forcefully spawn a session on a VT that is
in-use. A recent patch prevented this (this used to be possible for all
session types) as it is highly fragile. However, as it turns out,
greeters seem to rely on that feature. Therefore, make sure we allow it
explicitly for greeters.
|
|
boot: use BUILD_ID if VERSION_ID is not available
|
|
sd-bus: include queried path in GetManagedObjects
|
|
|
|
sd-bus: sd_bus_slot_get_description() should return const strings
|
|
If GetManagedObjects is called on /foo/bar, then it should also include
the object /foo/bar, if it exists. Right now, we only include objects
underneath /foo/bar/.
This follows the behavior of existing dbus implementations.
Obsoletes #527 and fixes #525. Reported by: Nathaniel McCallum
|
|
According to os-release(5), VERSION_ID is not mandatory and BUILD_ID only
needs to be unique underneath VERSION_ID. Therefore, assuming a missing
VERSION_ID field means 'empty', we can rely on BUILD_ID to be unique.
Use BUILD_ID if VERSION_ID is not present. This way, rolling-release
distros can still provide a proper os-release entry without crafting
random VERSION_ID strings.
This fixes #186.
|