Colin Walters [Mon, 28 Mar 2011 17:21:35 +0000 (13:21 -0400)]
activation: Strip out code to compare by Exec=
In commit: 075945f6 (John (J5) Palmieri 2005-07-14 20:44:15 +0000
some code was added to compare services by Exec key. The changelog is
not pariticularly informative as to why this was added. But while
debugging other code, we noticed this.
Comparing by Exec key is not in the specification, and triggered a
problem where while converting services to use systemd for activation,
a change was made to use Exec=/bin/false and simply rely on systemd
to activate.
While I think it was broken for the service files to be changed
to Exec=/bin/false, we shouldn't be doing something here that's
not in the spec either.
Reviewed-by: Will Thompson <will.thompson@collabora.co.uk> Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=35750
UnknownInterface, UnknownObject, UnknownProperty and PropertyReadOnly,
as discussed on the ML.
The first two are already used by various bindings, such as the Qt and
Java binding, but have never been made official.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=34527 Reviewed-by: David Zeuthen <davidz@redhat.com> Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Simon McVittie [Thu, 3 Mar 2011 17:35:14 +0000 (17:35 +0000)]
Make dbus_type_is_valid into public API
This is just as useful for bindings as dbus_signature_validate, and I
think it's a good design principle to say that anything checked in a
_dbus_return_if_fail should be something the caller could check
for themselves.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=20496 Reviewed-by: Will Thompson <will.thompson@collabora.co.uk>
As far as I can tell, we've never accepted out-of-range booleans and
canonicalized them, ever since this was first committed in 2004. If sent,
they'd be considered to be invalid by recipients, so they're unambiguously
an error.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=35182 Reviewed-by: Will Thompson <will.thompson@collabora.co.uk>
Simon McVittie [Thu, 3 Mar 2011 16:51:56 +0000 (16:51 +0000)]
dbus_type_is_basic etc.: it is an error to pass in bad typecodes
Previously, the comments said "this function will crash", but that's not
strictly true (checks can be disabled or made non-fatal). Their behaviour
is undefined if you do that, though.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=20496 Reviewed-by: Will Thompson <will.thompson@collabora.co.uk>
Simon McVittie [Tue, 8 Mar 2011 13:32:06 +0000 (13:32 +0000)]
Require specific user action to compile without 64-bit support
The D-Bus type system isn't implementable without 64-bit support, although
for historical reasons we have some sort of semi-working support for
platforms with no 64-bit integers. Let's find out whether any
practically relevant platform still lacks these types...
(GLib appears to have required 64-bit integer types since 2001.)
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=35114 Reviewed-by: Lennart Poettering <lennart@poettering.net>
Andre Heinecke [Mon, 7 Mar 2011 10:43:23 +0000 (11:43 +0100)]
Do not use the name ELEMENT_TYPE
On Windows Systems ELEMENT_TYPE is already defined
in Winioctl.h this header is included indirectly
in dbus-sysdeps.h. By avoiding the use of the Name
ELEMENT_TYPE it is ensured that config-parser-common.h
can be included together with dbus-sysdeps.h
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Simon McVittie [Wed, 16 Feb 2011 17:44:48 +0000 (17:44 +0000)]
dbus_message_iter_append_basic: check string-like arguments for validity
Strings: UTF-8 with no embedded NULs, by adding a new internal function,
_dbus_check_is_valid_utf8
Object paths, signatures: the obvious syntactic checks
This moves some of the burden of validation to the sender.
When sending <http://www.cl.cam.ac.uk/~mgk25/ucs/examples/UTF-8-demo.txt>
10240 times with up to 1024 parallel calls pending, on a single-core ARM
Linux device, I found that user CPU time in dbus-spam increased by up to 80%
as a result of the validation. However, when sending messages to dbus-daemon,
overall throughput only reduced by 15%, and when sending messages to an echo
service, overall throughput actually improved by around 14% (presumably
because making the sender CPU-bound influenced kernel scheduling).
Simon McVittie [Thu, 24 Feb 2011 18:57:05 +0000 (18:57 +0000)]
Allow X11 autolaunch to be disabled even if the headers/libraries are there
In an embedded system where the D-Bus session is a core part of the
environment, like Maemo, accidentally auto-launching a second session bus
(for instance for a concurrent ssh session) is a bad idea - it can lead
to a "split brain" situation where half the applications in the GUI are
using a different bus. In these controlled environments, it'd be useful
to prevent autolaunch from ever happening.
(As a side benefit, the changes to configure.in also mean that packagers
can explicitly --enable-x11-autolaunch, to make sure that failure to find
X will make compilation fail cleanly.)
Simon McVittie [Thu, 24 Feb 2011 17:17:22 +0000 (17:17 +0000)]
Give XDG_DATA_HOME priority over XDG_DATA_DIRS for servicedirs
According to the XDG Base Directory Specification, “the base directory
defined by $XDG_DATA_HOME is considered more important than any of the
base directories defined by $XDG_DATA_DIRS.” This makes it easier to
override a system service file as a normal user.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=34496 Signed-off-by: Anders Kaseorg <andersk@mit.edu> Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Simon McVittie [Thu, 24 Feb 2011 15:20:18 +0000 (15:20 +0000)]
Don't compress spaces in CFLAGS and friends
Not all sed implementations understand "+" with its POSIX extended regular
expression semantics, and compressing spaces is purely cosmetic anyway.
Let's just drop this.
Simon McVittie [Mon, 7 Feb 2011 12:00:31 +0000 (12:00 +0000)]
Don't distribute dbus-daemon.1 in the tarball
It's generated by configure.
Also use a more normal way to distribute man pages that are actually
source, and use man1_MANS rather than auto-detecting the section from
the man page, which is best-practice and slightly faster.
Reviewed-by: Colin Walters <walters@verbum.org>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=34292
Simon McVittie [Tue, 1 Feb 2011 12:27:39 +0000 (12:27 +0000)]
DBusTransport: don't copy DBusAuth's GUID to expected_guid
There was previously a leak in _dbus_transport_get_is_authenticated, if
we hit OOM when copying the server's actual GUID. This would fail the
"SHA1 connection test" if _dbus_iterate was modified to allocate and free
one extra pointer per iteration.
Rather than adding OOM handling everywhere, if we avoid strdup'ing the
GUID, and just re-fetch the const string from the DBusAuth object on demand
instead, we go back to a situation where _dbus_transport_get_is_authenticated
can't fail.
build-sys: ignore -Waddress message so that build works on gcc/rawhide
Newer gccs warn if you compare an address of a variable that is allocated
on the stack or is static with NULL. Since we compile dbus with -Werror
this causes the build to fail since we do this check all the time due to
macros such as _DBUS_ASSERT_ERROR_IS_SET().
Colin Walters [Mon, 31 Jan 2011 20:22:14 +0000 (15:22 -0500)]
bus: Raise file descriptor limit to match configuration
The default configuration has hardcoded 2048 complete connections,
and 64 incomplete. We need at least that number of file descriptors,
plus some for internal use.
In the bus, attempt to call setrlimit() before we drop privileges.
Practically speaking for this means the system bus gets it, the
session bus doesn't.
http://bugs.freedesktop.org/show_bug.cgi?id=33474
Reviewed-By: Simon McVittie <simon.mcvittie@collabora.co.uk>
Simon McVittie [Mon, 31 Jan 2011 18:06:09 +0000 (18:06 +0000)]
If a file included via <includedir/> is invalid, syslog and skip it
This is more graceful than failing entirely (our previous behaviour),
but more visible than ignoring it completely (the previous behaviour
patched in by Debian and derivatives).
Based on a patch from Daniel Silverstone back in 2004, which was meant
to be temporary; I think it makes sense to change this permanently,
since files in *.d are typically supplied by other packages, whose bugs
shouldn't be able to bring down dbus-daemon.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=19186
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=230231 Reviewed-by: Colin Walters <walters@verbum.org>
Simon McVittie [Wed, 26 Jan 2011 18:21:49 +0000 (18:21 +0000)]
Opt-in to thread safety on Solaris
Alternatively, get a better C library. :-)
See also:
<http://lists.freedesktop.org/archives/dbus/2010-November/013796.html>,
<http://lists.freedesktop.org/archives/dbus/2010-December/013902.html>.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=33464 Reviewed-by: Colin Walters <walters@verbum.org>
This is one of the patches from Maemo's dbus package. It seems to do all
of:
* fix some documentation
* remove unreached code to delete/free the nonce file from
_dbus_server_new_for_socket - doing that on failure violates
least-astonishment anyway
* in _dbus_server_new_for_tcp_socket, never fail without setting @error
* if we fail after creating the nonce file, delete it
* if we fail after allocating the nonce file struct, free it
Origin: vendor, Maemo
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=33128 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Simon McVittie [Mon, 17 Jan 2011 18:40:15 +0000 (18:40 +0000)]
Make _dbus_directory_get_next_file use readdir, not readdir_r
This isn't thread-safe or reentrant, but it turns out we don't need
either of those properties, and readdir_r is a real pain to use correctly,
particularly in the presence of FUSE filesystems that might implement
statfs() wrong.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=8284
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=15922 Reviewed-by: Will Thompson <will.thompson@collabora.co.uk>
Simon McVittie [Wed, 12 Jan 2011 12:14:49 +0000 (12:14 +0000)]
_dbus_loop_iterate: if the kernel says a fd is bad, stop watching it
Again, this shouldn't happen - modules are responsible for cleaning up
their watches - but the failure mode here is really bad: if we leave an
invalid fd in the set, every poll() call will instantly return, marking
it as POLLNVAL. The result is that dbus-daemon busy-loops on poll()
without responding to I/O, so the bad watch will probably never be
cleared up.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=32992
Bug-NB: NB#200248 Reviewed-by: Colin Walters <walters@verbum.org>
Simon McVittie [Wed, 12 Jan 2011 11:58:31 +0000 (11:58 +0000)]
_dbus_loop_iterate: if a watch has been invalidated, skip it
This shouldn't happen - other modules are responsible for cleaning up
their watches - but the bug fixed in my last commit has been present for
several years and I'm sure it's not the only one, so for robustness,
let's refuse to watch obviously-wrong file descriptors.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=32992
Bug-NB: NB#200248 Reviewed-by: Colin Walters <walters@verbum.org>
projects / thirdparty / dbus.git / log
