Hello community, here is the log from the commit of package dbus-1 for openSUSE:Factory checked in at 2019-12-11 11:58:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/dbus-1 (Old) and /work/SRC/openSUSE:Factory/.dbus-1.new.4691 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "dbus-1" Wed Dec 11 11:58:55 2019 rev:160 rq:754618 version:1.12.16 Changes: -------- --- /work/SRC/openSUSE:Factory/dbus-1/dbus-1-x11.changes 2019-11-23 23:48:41.914957393 +0100 +++ /work/SRC/openSUSE:Factory/.dbus-1.new.4691/dbus-1-x11.changes 2019-12-11 11:59:13.808889134 +0100 @@ -1,0 +2,51 @@ +Tue Dec 3 01:16:18 UTC 2019 - Simon Lees <[email protected]> + +- Verify signatures + * dbus-1.keyring - Key for Simon McVittie (smcv) from the Debian + developer keyring. +- Drop dbus_at_console.ck not needed +- Clean up sources + * Source2 dbus-1.desktop now Source4 + * baselib.conf now source 3 +- Update to 1.12.16 + * CVE-2019-12749: Do not attempt to carry out DBUS_COOKIE_SHA1 + authentication for identities that differ from the user running the + DBusServer. Previously, a local attacker could manipulate symbolic + links in their own home directory to bypass authentication and connect + to a DBusServer with elevated privileges. The standard system and + session dbus-daemons in their default configuration were immune to this + attack because they did not allow DBUS_COOKIE_SHA1, but third-party + users of DBusServer such as Upstart could be vulnerable. + Thanks to Joe Vennix of Apple Information Security. + (bsc#1137832, dbus#269, Simon McVittie) +- From 1.12.14 + * Raise soft fd limit to match hard limit, even if unprivileged. + This makes session buses with many clients, or with clients that make + heavy use of fd-passing, less likely to suffer from fd exhaustion. + (dbus!103, Simon McVittie) + * If a privileged dbus-daemon has a hard fd limit greater than 64K, don't + reduce it to 64K, ensuring that we can put back the original fd limits + when carrying out traditional (non-systemd) activation. This fixes a + regression with systemd >= 240 in which system services inherited + dbus-daemon's hard and soft limit of 64K fds, instead of the intended + soft limit of 1K and hard limit of 512K or 1M. + (dbus!103, Debian#928877; Simon McVittie) + * Fix build failures caused by an AX_CODE_COVERAGE API change in newer + autoconf-archive versions (dbus#249, dbus!88; Simon McVittie) + * Fix build failures with newer autoconf-archive versions that include + AX_-prefixed shell variable names (dbus#249, dbus!86; Simon McVittie) + * Parse section/group names in .service files according to the syntax + from the Desktop Entry Specification, rejecting control characters + and non-ASCII in section/group names (dbus#208, David King) + * Fix various -Wlogical-op issues that cause build failure with newer + gcc versions (dbus#225, dbus!109; David King) + * Don't assume we can set permissions on a directory, for the benefit of + MSYS and Cygwin builds (dbus#216, dbus!110; Simon McVittie) + * Don't overwrite PKG_CONFIG_PATH and related environment variables when + the pkg-config-based version of DBus1Config is used in a CMake project + (dbus#267, dbus!96; Clemens Lang) +- Drop now upstream Patches + * dbus-no-ax-check.patch + * dbus-new-autoconf-archive.patch + +------------------------------------------------------------------- @@ -97 +148 @@ - • Prevent reading up to 3 bytes beyond the end of a truncated message. + * Prevent reading up to 3 bytes beyond the end of a truncated message. @@ -102 +153 @@ - • Fix build with gcc 8 -Werror=cast-function-type + * Fix build with gcc 8 -Werror=cast-function-type @@ -104 +155 @@ - • Fix warning from gcc 8 about suspicious use of strncpy() when + * Fix warning from gcc 8 about suspicious use of strncpy() when @@ -106 +157 @@ - • Fix a minor memory leak when a DBusServer listens on a new address + * Fix a minor memory leak when a DBusServer listens on a new address @@ -108 +159 @@ - • Fix an invalid NULL argument to rmdir() if a nonce-tcp DBusServer + * Fix an invalid NULL argument to rmdir() if a nonce-tcp DBusServer @@ -110 +161 @@ - • Don't use misleading errno-derived error names if getaddrinfo() or + * Don't use misleading errno-derived error names if getaddrinfo() or @@ -113 +164 @@ - • Skip tests that require working TCP if we are in a container environment + * Skip tests that require working TCP if we are in a container environment @@ -116 +167 @@ - • The Devhelp documentation index is now in version 2 format + * The Devhelp documentation index is now in version 2 format @@ -118 +169 @@ - • Give the dbus-daemon man page some scarier warnings about + * Give the dbus-daemon man page some scarier warnings about @@ -122 +173 @@ - • Fix installation of Ducktype documentation with newer yelp-build + * Fix installation of Ducktype documentation with newer yelp-build @@ -130 +181 @@ - • Increase system dbus-daemon's RLIMIT_NOFILE rlimit before it drops + * Increase system dbus-daemon's RLIMIT_NOFILE rlimit before it drops @@ -136 +187 @@ - • When iterating the DBusConnection while blocking on a pending call, + * When iterating the DBusConnection while blocking on a pending call, @@ -142 +193 @@ - • Report the correct error if OOM is reached while trying to listen + * Report the correct error if OOM is reached while trying to listen @@ -144 +195 @@ - • Fix assertion failures in recovery from OOM while setting up a + * Fix assertion failures in recovery from OOM while setting up a @@ -146,2 +197,2 @@ - • Add a missing space to a warning message (fdo#103729, Thomas Zajic) - • Expand ${bindir} correctly when pkg-config is asked for dbus_daemondir + * Add a missing space to a warning message (fdo#103729, Thomas Zajic) + * Expand ${bindir} correctly when pkg-config is asked for dbus_daemondir @@ -149 +200 @@ - • On Linux systems with systemd < 237, if ${localstatedir}/dbus doesn't + * On Linux systems with systemd < 237, if ${localstatedir}/dbus doesn't @@ -152 +203 @@ - • Fix escaping in dbus-api-design document (fdo#104925, Philip Withnall) + * Fix escaping in dbus-api-design document (fdo#104925, Philip Withnall) @@ -185 +236 @@ -• Eavesdropping is officially deprecated in favour of BecomeMonitor. +* Eavesdropping is officially deprecated in favour of BecomeMonitor. @@ -187 +238 @@ -• [Unix] Flag files in /var/run/console/${username} are deprecated. +* [Unix] Flag files in /var/run/console/${username} are deprecated. @@ -190 +241 @@ -• <allow> and <deny> rules in dbus-daemon configuration can now +* <allow> and <deny> rules in dbus-daemon configuration can now @@ -194 +245 @@ -• dbus_try_get_local_machine_id() is like +* dbus_try_get_local_machine_id() is like @@ -196 +247 @@ -• New APIs around DBusMessageIter to simplify cleanup. +* New APIs around DBusMessageIter to simplify cleanup. @@ -198 +249 @@ -• The message bus daemon now implements the standard Introspectable, +* The message bus daemon now implements the standard Introspectable, @@ -201,2 +252,2 @@ -• DTDs for introspection XML and bus configuration are installed. -• [Unix] A new unix:dir=… address family resembles unix:tmpdir=… but +* DTDs for introspection XML and bus configuration are installed. +* [Unix] A new unix:dir=… address family resembles unix:tmpdir=… but @@ -206,2 +257,2 @@ -• [Unix] New option "dbus-launch --exit-with-x11". -• [Unix] Session managers can create transient .service files in +* [Unix] New option "dbus-launch --exit-with-x11". +* [Unix] Session managers can create transient .service files in @@ -209 +260 @@ -• [Unix] A sysusers.d snippet can create the messagebus user on-demand. +* [Unix] A sysusers.d snippet can create the messagebus user on-demand. @@ -211 +262 @@ -• [Unix] The session bus now logs to syslog if it was started by +* [Unix] The session bus now logs to syslog if it was started by @@ -213,2 +264,2 @@ -• [Unix] Internal warnings are logged to syslog if configured. -• [Unix] Exceeding an anti-DoS limit is logged to syslog if configured, +* [Unix] Internal warnings are logged to syslog if configured. +* [Unix] Exceeding an anti-DoS limit is logged to syslog if configured, dbus-1.changes: same change Old: ---- dbus-1.12.12.tar.gz dbus-new-autoconf-archive.patch dbus-no-ax-check.patch dbus_at_console.ck New: ---- dbus-1.12.16.tar.gz dbus-1.12.16.tar.gz.asc dbus-1.keyring ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ dbus-1-x11.spec ++++++ --- /var/tmp/diff_new_pack.XFmpuh/_old 2019-12-11 11:59:14.724888748 +0100 +++ /var/tmp/diff_new_pack.XFmpuh/_new 2019-12-11 11:59:14.728888747 +0100 @@ -1,7 +1,7 @@ # # spec file for package dbus-1-x11 # -# Copyright (c) 2019 SUSE LLC. +# Copyright (c) 2019 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -23,25 +23,22 @@ %endif %bcond_without selinux Name: dbus-1-x11 -Version: 1.12.12 +Version: 1.12.16 Release: 0 Summary: D-Bus Message Bus System License: GPL-2.0-or-later OR AFL-2.1 Group: System/Daemons URL: http://dbus.freedesktop.org/ Source0: http://dbus.freedesktop.org/releases/dbus/%{_name}-%{version}.tar.gz -Source2: dbus-1.desktop -Source3: dbus_at_console.ck -Source4: baselibs.conf +Source1: http://dbus.freedesktop.org/releases/dbus/%{_name}-%{version}.tar.gz.asc +Source2: dbus-1.keyring +Source3: baselibs.conf +Source4: dbus-1.desktop Patch0: feature-suse-log-deny.patch # PATCH-FIX-OPENSUSE [email protected] -- force a feature configure won't accept without x11 in buildrequires Patch1: feature-suse-do-autolaunch.patch # Patch-Feature-opensuse [email protected], users shouldn't be allowed to start / stop the dbus service. Patch2: feature-suse-refuse-manual-start-stop.patch -# PATCH-FIX-UPSTREAM -Patch3: dbus-no-ax-check.patch -# PATCH-FIX-UPSTREAM [email protected] -- work with new autoconf-archive -Patch4: dbus-new-autoconf-archive.patch BuildRequires: autoconf-archive BuildRequires: libcap-ng-devel BuildRequires: libexpat-devel ++++++ dbus-1.spec ++++++ --- /var/tmp/diff_new_pack.XFmpuh/_old 2019-12-11 11:59:14.748888738 +0100 +++ /var/tmp/diff_new_pack.XFmpuh/_new 2019-12-11 11:59:14.752888737 +0100 @@ -1,7 +1,7 @@ # # spec file for package dbus-1 # -# Copyright (c) 2019 SUSE LLC. +# Copyright (c) 2019 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -21,30 +21,25 @@ %define _libname libdbus-1-3 # Temporary code to disable service restart on update [email protected] boo#1020301 %global _backup %{_sysconfdir}/sysconfig/services.rpmbak.%{name}-%{version}-%{release} -%if 0%{?suse_version} <= 1320 -%define _userunitdir %{_prefix}/lib/systemd/user -%endif + %bcond_without selinux Name: dbus-1 -Version: 1.12.12 +Version: 1.12.16 Release: 0 Summary: D-Bus Message Bus System License: GPL-2.0-or-later OR AFL-2.1 Group: System/Daemons URL: http://dbus.freedesktop.org/ Source0: http://dbus.freedesktop.org/releases/dbus/%{_name}-%{version}.tar.gz -Source2: dbus-1.desktop -Source3: dbus_at_console.ck -Source4: baselibs.conf +Source1: http://dbus.freedesktop.org/releases/dbus/%{_name}-%{version}.tar.gz.asc +Source2: dbus-1.keyring +Source3: baselibs.conf +Source4: dbus-1.desktop Patch0: feature-suse-log-deny.patch # PATCH-FIX-OPENSUSE [email protected] -- force a feature configure won't accept without x11 in buildrequires Patch1: feature-suse-do-autolaunch.patch # Patch-Feature-opensuse [email protected], users shouldn't be allowed to start / stop the dbus service. Patch2: feature-suse-refuse-manual-start-stop.patch -# PATCH-FIX-UPSTREAM -Patch3: dbus-no-ax-check.patch -# PATCH-FIX-UPSTREAM [email protected] -- work with new autoconf-archive -Patch4: dbus-new-autoconf-archive.patch BuildRequires: audit-devel BuildRequires: autoconf-archive BuildRequires: doxygen @@ -162,7 +157,7 @@ ln -sf %{_sbindir}/service %{buildroot}/%{_sbindir}/rcdbus install -d %{buildroot}/run/dbus mkdir -p %{buildroot}/%{_datadir}/susehelp/meta/Development/Libraries/ -install -m 0644 %{SOURCE2} \ +install -m 0644 %{SOURCE4} \ %{buildroot}/%{_datadir}/susehelp/meta/Development/Libraries/dbus-1.desktop mkdir -p %{buildroot}/%{_libdir}/pkgconfig mkdir -p %{buildroot}/lib/dbus-1/system-services @@ -173,8 +168,6 @@ mkdir -p %{buildroot}$i done -install -d %{buildroot}%{_sysconfdir}/ConsoleKit/run-session.d -install -m 755 %{SOURCE3} %{buildroot}%{_sysconfdir}/ConsoleKit/run-session.d mkdir -p %{buildroot}%{_localstatedir}/lib/dbus # don't ship executables in doc @@ -255,7 +248,6 @@ %config(noreplace) %{_sysconfdir}/dbus-1/system.conf %{_datadir}/dbus-1/session.conf %{_datadir}/dbus-1/system.conf -%{_sysconfdir}/ConsoleKit %{_bindir}/dbus-cleanup-sockets %{_bindir}/dbus-daemon %{_bindir}/dbus-monitor ++++++ dbus-1.12.12.tar.gz -> dbus-1.12.16.tar.gz ++++++ ++++ 4582 lines of diff (skipped) ++++ retrying with extended exclude list diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/Makefile.am new/dbus-1.12.16/Makefile.am --- old/dbus-1.12.12/Makefile.am 2018-12-04 12:13:44.000000000 +0100 +++ new/dbus-1.12.16/Makefile.am 2019-05-13 11:33:56.000000000 +0200 @@ -51,4 +51,4 @@ ACLOCAL_AMFLAGS = -I m4 ${ACLOCAL_FLAGS} # Add rules for code-coverage testing, as defined by AX_CODE_COVERAGE -@CODE_COVERAGE_RULES@ +include $(top_srcdir)/aminclude_static.am diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/NEWS new/dbus-1.12.16/NEWS --- old/dbus-1.12.12/NEWS 2018-12-04 14:56:48.000000000 +0100 +++ new/dbus-1.12.16/NEWS 2019-06-09 14:09:13.000000000 +0200 @@ -1,3 +1,63 @@ +dbus 1.12.16 (2019-06-11) +========================= + +The “tree cat” release. + +Security fixes: + +• CVE-2019-12749: Do not attempt to carry out DBUS_COOKIE_SHA1 + authentication for identities that differ from the user running the + DBusServer. Previously, a local attacker could manipulate symbolic + links in their own home directory to bypass authentication and connect + to a DBusServer with elevated privileges. The standard system and + session dbus-daemons in their default configuration were immune to this + attack because they did not allow DBUS_COOKIE_SHA1, but third-party + users of DBusServer such as Upstart could be vulnerable. + Thanks to Joe Vennix of Apple Information Security. + (dbus#269, Simon McVittie) + +dbus 1.12.14 (2019-05-17) +========================= + +The “reclaimed floorboards” release. + +Enhancements: + +• Raise soft fd limit to match hard limit, even if unprivileged. + This makes session buses with many clients, or with clients that make + heavy use of fd-passing, less likely to suffer from fd exhaustion. + (dbus!103, Simon McVittie) + +Fixes: + +• If a privileged dbus-daemon has a hard fd limit greater than 64K, don't + reduce it to 64K, ensuring that we can put back the original fd limits + when carrying out traditional (non-systemd) activation. This fixes a + regression with systemd >= 240 in which system services inherited + dbus-daemon's hard and soft limit of 64K fds, instead of the intended + soft limit of 1K and hard limit of 512K or 1M. + (dbus!103, Debian#928877; Simon McVittie) + +• Fix build failures caused by an AX_CODE_COVERAGE API change in newer + autoconf-archive versions (dbus#249, dbus!88; Simon McVittie) + +• Fix build failures with newer autoconf-archive versions that include + AX_-prefixed shell variable names (dbus#249, dbus!86; Simon McVittie) + +• Parse section/group names in .service files according to the syntax + from the Desktop Entry Specification, rejecting control characters + and non-ASCII in section/group names (dbus#208, David King) + +• Fix various -Wlogical-op issues that cause build failure with newer + gcc versions (dbus#225, dbus!109; David King) + +• Don't assume we can set permissions on a directory, for the benefit of + MSYS and Cygwin builds (dbus#216, dbus!110; Simon McVittie) + +• Don't overwrite PKG_CONFIG_PATH and related environment variables when + the pkg-config-based version of DBus1Config is used in a CMake project + (dbus#267, dbus!96; Clemens Lang) + dbus 1.12.12 (2018-12-04) ========================= diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/aminclude_static.am new/dbus-1.12.16/aminclude_static.am --- old/dbus-1.12.12/aminclude_static.am 1970-01-01 01:00:00.000000000 +0100 +++ new/dbus-1.12.16/aminclude_static.am 2019-06-09 14:09:33.000000000 +0200 @@ -0,0 +1,126 @@ + +# aminclude_static.am generated automatically by Autoconf +# from AX_AM_MACROS_STATIC on Sun Jun 9 13:09:33 BST 2019 + + +# Code coverage +# +# Optional: +# - CODE_COVERAGE_DIRECTORY: Top-level directory for code coverage reporting. +# Multiple directories may be specified, separated by whitespace. +# (Default: $(top_builddir)) +# - CODE_COVERAGE_OUTPUT_FILE: Filename and path for the .info file generated +# by lcov for code coverage. (Default: +# $(PACKAGE_NAME)-$(PACKAGE_VERSION)-coverage.info) +# - CODE_COVERAGE_OUTPUT_DIRECTORY: Directory for generated code coverage +# reports to be created. (Default: +# $(PACKAGE_NAME)-$(PACKAGE_VERSION)-coverage) +# - CODE_COVERAGE_BRANCH_COVERAGE: Set to 1 to enforce branch coverage, +# set to 0 to disable it and leave empty to stay with the default. +# (Default: empty) +# - CODE_COVERAGE_LCOV_SHOPTS_DEFAULT: Extra options shared between both lcov +# instances. (Default: based on ) +# - CODE_COVERAGE_LCOV_SHOPTS: Extra options to shared between both lcov +# instances. (Default: ) +# - CODE_COVERAGE_LCOV_OPTIONS_GCOVPATH: --gcov-tool pathtogcov +# - CODE_COVERAGE_LCOV_OPTIONS_DEFAULT: Extra options to pass to the +# collecting lcov instance. (Default: ) +# - CODE_COVERAGE_LCOV_OPTIONS: Extra options to pass to the collecting lcov +# instance. (Default: ) +# - CODE_COVERAGE_LCOV_RMOPTS_DEFAULT: Extra options to pass to the filtering +# lcov instance. (Default: empty) +# - CODE_COVERAGE_LCOV_RMOPTS: Extra options to pass to the filtering lcov +# instance. (Default: ) +# - CODE_COVERAGE_GENHTML_OPTIONS_DEFAULT: Extra options to pass to the +# genhtml instance. (Default: based on ) +# - CODE_COVERAGE_GENHTML_OPTIONS: Extra options to pass to the genhtml +# instance. (Default: ) +# - CODE_COVERAGE_IGNORE_PATTERN: Extra glob pattern of files to ignore +# +# The generated report will be titled using the $(PACKAGE_NAME) and +# $(PACKAGE_VERSION). In order to add the current git hash to the title, +# use the git-version-gen script, available online. +# Optional variables +# run only on top dir +if CODE_COVERAGE_ENABLED + ifeq ($(abs_builddir), $(abs_top_builddir)) +CODE_COVERAGE_DIRECTORY ?= $(top_builddir) +CODE_COVERAGE_OUTPUT_FILE ?= $(PACKAGE_NAME)-$(PACKAGE_VERSION)-coverage.info +CODE_COVERAGE_OUTPUT_DIRECTORY ?= $(PACKAGE_NAME)-$(PACKAGE_VERSION)-coverage + +CODE_COVERAGE_BRANCH_COVERAGE ?= +CODE_COVERAGE_LCOV_SHOPTS_DEFAULT ?= $(if $(CODE_COVERAGE_BRANCH_COVERAGE),--rc lcov_branch_coverage=$(CODE_COVERAGE_BRANCH_COVERAGE)) +CODE_COVERAGE_LCOV_SHOPTS ?= $(CODE_COVERAGE_LCOV_SHOPTS_DEFAULT) +CODE_COVERAGE_LCOV_OPTIONS_GCOVPATH ?= --gcov-tool "$(GCOV)" +CODE_COVERAGE_LCOV_OPTIONS_DEFAULT ?= $(CODE_COVERAGE_LCOV_OPTIONS_GCOVPATH) +CODE_COVERAGE_LCOV_OPTIONS ?= $(CODE_COVERAGE_LCOV_OPTIONS_DEFAULT) +CODE_COVERAGE_LCOV_RMOPTS_DEFAULT ?= +CODE_COVERAGE_LCOV_RMOPTS ?= $(CODE_COVERAGE_LCOV_RMOPTS_DEFAULT) +CODE_COVERAGE_GENHTML_OPTIONS_DEFAULT ?=$(if $(CODE_COVERAGE_BRANCH_COVERAGE),--rc genhtml_branch_coverage=$(CODE_COVERAGE_BRANCH_COVERAGE)) +CODE_COVERAGE_GENHTML_OPTIONS ?= $(CODE_COVERAGE_GENHTML_OPTIONS_DEFAULT) +CODE_COVERAGE_IGNORE_PATTERN ?= + +GITIGNOREFILES = $(GITIGNOREFILES) $(CODE_COVERAGE_OUTPUT_FILE) $(CODE_COVERAGE_OUTPUT_DIRECTORY) +code_coverage_v_lcov_cap = $(code_coverage_v_lcov_cap_$(V)) +code_coverage_v_lcov_cap_ = $(code_coverage_v_lcov_cap_$(AM_DEFAULT_VERBOSITY)) +code_coverage_v_lcov_cap_0 = @echo " LCOV --capture" $(CODE_COVERAGE_OUTPUT_FILE); +code_coverage_v_lcov_ign = $(code_coverage_v_lcov_ign_$(V)) +code_coverage_v_lcov_ign_ = $(code_coverage_v_lcov_ign_$(AM_DEFAULT_VERBOSITY)) +code_coverage_v_lcov_ign_0 = @echo " LCOV --remove /tmp/*" $(CODE_COVERAGE_IGNORE_PATTERN); +code_coverage_v_genhtml = $(code_coverage_v_genhtml_$(V)) +code_coverage_v_genhtml_ = $(code_coverage_v_genhtml_$(AM_DEFAULT_VERBOSITY)) +code_coverage_v_genhtml_0 = @echo " GEN " "$(CODE_COVERAGE_OUTPUT_DIRECTORY)"; +code_coverage_quiet = $(code_coverage_quiet_$(V)) +code_coverage_quiet_ = $(code_coverage_quiet_$(AM_DEFAULT_VERBOSITY)) +code_coverage_quiet_0 = --quiet + +# sanitizes the test-name: replaces with underscores: dashes and dots +code_coverage_sanitize = $(subst -,_,$(subst .,_,$(1))) + +# Use recursive makes in order to ignore errors during check +check-code-coverage: + -$(AM_V_at)$(MAKE) $(AM_MAKEFLAGS) -k check + $(AM_V_at)$(MAKE) $(AM_MAKEFLAGS) code-coverage-capture + +# Capture code coverage data +code-coverage-capture: code-coverage-capture-hook + $(code_coverage_v_lcov_cap)$(LCOV) $(code_coverage_quiet) $(addprefix --directory ,$(CODE_COVERAGE_DIRECTORY)) --capture --output-file "$(CODE_COVERAGE_OUTPUT_FILE).tmp" --test-name "$(call code_coverage_sanitize,$(PACKAGE_NAME)-$(PACKAGE_VERSION))" --no-checksum --compat-libtool $(CODE_COVERAGE_LCOV_SHOPTS) $(CODE_COVERAGE_LCOV_OPTIONS) + $(code_coverage_v_lcov_ign)$(LCOV) $(code_coverage_quiet) $(addprefix --directory ,$(CODE_COVERAGE_DIRECTORY)) --remove "$(CODE_COVERAGE_OUTPUT_FILE).tmp" "/tmp/*" $(CODE_COVERAGE_IGNORE_PATTERN) --output-file "$(CODE_COVERAGE_OUTPUT_FILE)" $(CODE_COVERAGE_LCOV_SHOPTS) $(CODE_COVERAGE_LCOV_RMOPTS) + -@rm -f "$(CODE_COVERAGE_OUTPUT_FILE).tmp" + $(code_coverage_v_genhtml)LANG=C $(GENHTML) $(code_coverage_quiet) $(addprefix --prefix ,$(CODE_COVERAGE_DIRECTORY)) --output-directory "$(CODE_COVERAGE_OUTPUT_DIRECTORY)" --title "$(PACKAGE_NAME)-$(PACKAGE_VERSION) Code Coverage" --legend --show-details "$(CODE_COVERAGE_OUTPUT_FILE)" $(CODE_COVERAGE_GENHTML_OPTIONS) + @echo "file://$(abs_builddir)/$(CODE_COVERAGE_OUTPUT_DIRECTORY)/index.html" + +code-coverage-clean: + -$(LCOV) --directory $(top_builddir) -z + -rm -rf "$(CODE_COVERAGE_OUTPUT_FILE)" "$(CODE_COVERAGE_OUTPUT_FILE).tmp" "$(CODE_COVERAGE_OUTPUT_DIRECTORY)" + -find . \( -name "*.gcda" -o -name "*.gcno" -o -name "*.gcov" \) -delete + +code-coverage-dist-clean: + +AM_DISTCHECK_CONFIGURE_FLAGS = $(AM_DISTCHECK_CONFIGURE_FLAGS) --disable-code-coverage + else # ifneq ($(abs_builddir), $(abs_top_builddir)) +check-code-coverage: + +code-coverage-capture: code-coverage-capture-hook + +code-coverage-clean: + +code-coverage-dist-clean: + endif # ifeq ($(abs_builddir), $(abs_top_builddir)) +else #! CODE_COVERAGE_ENABLED +# Use recursive makes in order to ignore errors during check +check-code-coverage: + @echo "Need to reconfigure with --enable-code-coverage" +# Capture code coverage data +code-coverage-capture: code-coverage-capture-hook + @echo "Need to reconfigure with --enable-code-coverage" + +code-coverage-clean: + +code-coverage-dist-clean: + +endif #CODE_COVERAGE_ENABLED +# Hook rule executed before code-coverage-capture, overridable by the user +code-coverage-capture-hook: + +.PHONY: check-code-coverage code-coverage-capture code-coverage-dist-clean code-coverage-clean code-coverage-capture-hook diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/bus/Makefile.am new/dbus-1.12.16/bus/Makefile.am --- old/dbus-1.12.12/bus/Makefile.am 2017-10-30 13:26:18.000000000 +0100 +++ new/dbus-1.12.16/bus/Makefile.am 2019-05-13 11:33:56.000000000 +0200 @@ -6,7 +6,7 @@ systemdsysusersdir = $(prefix)/lib/sysusers.d DBUS_BUS_LIBS = \ - $(CODE_COVERAGE_LDFLAGS) \ + $(CODE_COVERAGE_LIBS) \ $(EXPAT_LIBS) \ $(SELINUX_LIBS) \ $(APPARMOR_LIBS) \ @@ -16,7 +16,7 @@ $(NULL) DBUS_LAUNCHER_LIBS = \ - $(CODE_COVERAGE_LDFLAGS) \ + $(CODE_COVERAGE_LIBS) \ $(EXPAT_LIBS) \ $(THREAD_LIBS) \ $(NETWORK_libs) \ @@ -306,4 +306,4 @@ endif # Add rules for code-coverage testing, as defined by AX_CODE_COVERAGE -@CODE_COVERAGE_RULES@ +include $(top_srcdir)/aminclude_static.am diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/bus/bus.c new/dbus-1.12.16/bus/bus.c --- old/dbus-1.12.12/bus/bus.c 2018-02-23 11:25:17.000000000 +0100 +++ new/dbus-1.12.16/bus/bus.c 2019-05-13 12:50:32.000000000 +0200 @@ -693,11 +693,11 @@ /* We used to compute a suitable rlimit based on the configured number * of connections, but that breaks down as soon as we allow fd-passing, * because each connection is allowed to pass 64 fds to us, and if - * they all did, we'd hit kernel limits. We now hard-code 64k as a - * good limit, like systemd does: that's enough to avoid DoS from - * anything short of multiple uids conspiring against us. + * they all did, we'd hit kernel limits. We now hard-code a good + * limit that is enough to avoid DoS from anything short of multiple + * uids conspiring against us, much like systemd does. */ - if (!_dbus_rlimit_raise_fd_limit_if_privileged (65536, &error)) + if (!_dbus_rlimit_raise_fd_limit (&error)) { bus_context_log (context, DBUS_SYSTEM_LOG_WARNING, "%s: %s", error.name, error.message); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/bus/desktop-file.c new/dbus-1.12.16/bus/desktop-file.c --- old/dbus-1.12.12/bus/desktop-file.c 2017-10-30 13:26:18.000000000 +0100 +++ new/dbus-1.12.16/bus/desktop-file.c 2019-05-13 11:33:56.000000000 +0200 @@ -378,12 +378,16 @@ static dbus_bool_t is_valid_section_name (const char *name) { - /* 5. Group names may contain all ASCII characters except for control characters and '[' and ']'. */ + /* 5. Group names may contain all ASCII characters except for control characters and '[' and ']'. + * + * We don't use isprint() here because it's locale-dependent. ASCII + * characters <= 0x1f and 0x7f are control characters, and bytes with + * values >= 0x80 aren't ASCII. 0x20 is a space, which we must allow, + * not least because DBUS_SERVICE_SECTION contains one. */ while (*name) { - if (!((*name >= 'A' && *name <= 'Z') || (*name >= 'a' || *name <= 'z') || - *name == '\n' || *name == '\t')) + if (*name <= 0x1f || *name >= 0x7f || *name == '[' || *name == ']') return FALSE; name++; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/cmake/DBus1Config.pkgconfig.in new/dbus-1.12.16/cmake/DBus1Config.pkgconfig.in --- old/dbus-1.12.12/cmake/DBus1Config.pkgconfig.in 2017-10-30 13:26:18.000000000 +0100 +++ new/dbus-1.12.16/cmake/DBus1Config.pkgconfig.in 2019-05-13 11:36:07.000000000 +0200 @@ -10,12 +10,39 @@ get_filename_component(DBus1_PKGCONFIG_DIR "${CMAKE_CURRENT_LIST_DIR}/../../pkgconfig" ABSOLUTE) find_package(PkgConfig) +if(DEFINED ENV{PKG_CONFIG_DIR}) + set(_dbus_pkgconfig_dir "$ENV{PKG_CONFIG_DIR}") +endif() +if(DEFINED ENV{PKG_CONFIG_PATH}) + set(_dbus_pkgconfig_path "$ENV{PKG_CONFIG_PATH}") +endif() +if(DEFINED ENV{PKG_CONFIG_LIBDIR}) + set(_dbus_pkgconfig_libdir "$ENV{PKG_CONFIG_LIBDIR}") +endif() set(ENV{PKG_CONFIG_DIR}) set(ENV{PKG_CONFIG_PATH} ${DBus1_PKGCONFIG_DIR}) set(ENV{PKG_CONFIG_LIBDIR} ${DBus1_PKGCONFIG_DIR}) # for debugging #set(ENV{PKG_CONFIG_DEBUG_SPEW} 1) pkg_check_modules(PC_DBUS1 QUIET dbus-1) +if(DEFINED _dbus_pkgconfig_dir) + set(ENV{PKG_CONFIG_DIR} "${_dbus_pkgconfig_dir}") +else() + unset(ENV{PKG_CONFIG_DIR}) +endif() +if(DEFINED _dbus_pkgconfig_path) + set(ENV{PKG_CONFIG_PATH} "${_dbus_pkgconfig_path}") +else() + unset(ENV{PKG_CONFIG_PATH}) +endif() +if(DEFINED _dbus_pkgconfig_libdir) + set(ENV{PKG_CONFIG_LIBDIR} "${_dbus_pkgconfig_libdir}") +else() + unset(ENV{PKG_CONFIG_LIBDIR}) +endif() +unset(_dbus_pkgconfig_dir) +unset(_dbus_pkgconfig_path) +unset(_dbus_pkgconfig_libdir) set(DBus1_DEFINITIONS ${PC_DBUS1_CFLAGS_OTHER}) # find the real stuff and use pkgconfig variables as hints diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/configure.ac new/dbus-1.12.16/configure.ac --- old/dbus-1.12.12/configure.ac 2018-12-04 14:56:54.000000000 +0100 +++ new/dbus-1.12.16/configure.ac 2019-06-09 14:09:13.000000000 +0200 @@ -3,14 +3,14 @@ m4_define([dbus_major_version], [1]) m4_define([dbus_minor_version], [12]) -m4_define([dbus_micro_version], [12]) +m4_define([dbus_micro_version], [16]) m4_define([dbus_version], [dbus_major_version.dbus_minor_version.dbus_micro_version]) AC_INIT([dbus],[dbus_version],[https://bugs.freedesktop.org/enter_bug.cgi?product=dbus],[dbus]) AC_CONFIG_AUX_DIR([build-aux]) -m4_pattern_forbid([^AX_], +m4_pattern_forbid([^AX_(CHECK_ENABLE_DEBUG|CODE_COVERAGE|COMPILER_FLAGS|COMPILER_FLAGS_(CFLAGS|CXXFLAGS|LDFLAGS))\b], [Unexpanded AX_ macro found. Please install GNU autoconf-archive]) AC_CANONICAL_HOST @@ -42,7 +42,7 @@ ## increment any time the source changes; set to ## 0 if you increment CURRENT -LT_REVISION=9 +LT_REVISION=11 ## increment if any interfaces have been added; set to 0 ## if any interfaces have been changed or removed. removal has diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/dbus/Makefile.am new/dbus-1.12.16/dbus/Makefile.am --- old/dbus-1.12.12/dbus/Makefile.am 2017-10-30 13:26:18.000000000 +0100 +++ new/dbus-1.12.16/dbus/Makefile.am 2019-05-13 11:33:56.000000000 +0200 @@ -329,7 +329,7 @@ test_dbus_LDADD = libdbus-internal.la # Add rules for code-coverage testing, as defined by AX_CODE_COVERAGE -@CODE_COVERAGE_RULES@ +include $(top_srcdir)/aminclude_static.am clean-local: $(AM_V_at)rm -fr ./.dbus-keyrings diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/dbus/dbus-auth-script.c new/dbus-1.12.16/dbus/dbus-auth-script.c --- old/dbus-1.12.12/dbus/dbus-auth-script.c 2017-10-30 13:26:18.000000000 +0100 +++ new/dbus-1.12.16/dbus/dbus-auth-script.c 2019-06-09 14:08:49.000000000 +0200 @@ -34,6 +34,8 @@ #include "dbus-credentials.h" #include "dbus-internals.h" +#include "test/test-utils.h" + /** * @defgroup DBusAuthScript code for running unit test scripts for DBusAuth * @ingroup DBusInternals @@ -518,9 +520,43 @@ /* Replace USERID_HEX with our username in hex */ { int where; - - if (_dbus_string_find (&to_send, 0, - "USERID_HEX", &where)) + + if (_dbus_string_find (&to_send, 0, "WRONG_USERID_HEX", &where)) + { + /* This must be checked for before USERID_HEX, because + * that's a substring. */ + DBusString uid; + + if (!_dbus_string_init (&uid)) + { + _dbus_warn ("no memory for uid"); + _dbus_string_free (&to_send); + goto out; + } + + if (!_dbus_test_append_different_uid (&uid)) + { + _dbus_warn ("no memory for uid"); + _dbus_string_free (&to_send); + _dbus_string_free (&uid); + goto out; + } + + _dbus_string_delete (&to_send, where, + (int) strlen ("WRONG_USERID_HEX")); + + if (!_dbus_string_hex_encode (&uid, 0, &to_send, where)) + { + _dbus_warn ("no memory to subst WRONG_USERID_HEX"); + _dbus_string_free (&to_send); + _dbus_string_free (&uid); + goto out; + } + + _dbus_string_free (&uid); + } + else if (_dbus_string_find (&to_send, 0, + "USERID_HEX", &where)) { DBusString username; @@ -553,6 +589,51 @@ _dbus_string_free (&username); } else if (_dbus_string_find (&to_send, 0, + "WRONG_USERNAME_HEX", &where)) + { + /* This must be checked for before USERNAME_HEX, because + * that's a substring. */ +#ifdef DBUS_UNIX + DBusString username; + + if (!_dbus_string_init (&username)) + { + _dbus_warn ("no memory for username"); + _dbus_string_free (&to_send); + goto out; + } + + if (!_dbus_test_append_different_username (&username)) + { + _dbus_warn ("no memory for username"); + _dbus_string_free (&to_send); + _dbus_string_free (&username); + goto out; + } + + _dbus_string_delete (&to_send, where, + (int) strlen ("WRONG_USERNAME_HEX")); + + if (!_dbus_string_hex_encode (&username, 0, + &to_send, where)) + { + _dbus_warn ("no memory to subst WRONG_USERNAME_HEX"); + _dbus_string_free (&to_send); + _dbus_string_free (&username); + goto out; + } + + _dbus_string_free (&username); +#else + /* No authentication mechanism uses the login name on + * Windows, so there's no point in it appearing in an + * auth script that is not UNIX_ONLY. */ + _dbus_warn ("WRONG_USERNAME_HEX cannot be used on Windows"); + _dbus_string_free (&to_send); + goto out; +#endif + } + else if (_dbus_string_find (&to_send, 0, "USERNAME_HEX", &where)) { DBusString username; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/dbus/dbus-auth.c new/dbus-1.12.16/dbus/dbus-auth.c --- old/dbus-1.12.12/dbus/dbus-auth.c 2017-10-30 13:26:18.000000000 +0100 +++ new/dbus-1.12.16/dbus/dbus-auth.c 2019-06-09 14:08:12.000000000 +0200 @@ -529,6 +529,7 @@ DBusString tmp2; dbus_bool_t retval = FALSE; DBusError error = DBUS_ERROR_INIT; + DBusCredentials *myself = NULL; _dbus_string_set_length (&auth->challenge, 0); @@ -565,6 +566,34 @@ return FALSE; } + myself = _dbus_credentials_new_from_current_process (); + + if (myself == NULL) + goto out; + + if (!_dbus_credentials_same_user (myself, auth->desired_identity)) + { + /* + * DBUS_COOKIE_SHA1 is not suitable for authenticating that the + * client is anyone other than the user owning the process + * containing the DBusServer: we probably aren't allowed to write + * to other users' home directories. Even if we can (for example + * uid 0 on traditional Unix or CAP_DAC_OVERRIDE on Linux), we + * must not, because the other user controls their home directory, + * and could carry out symlink attacks to make us read from or + * write to unintended locations. It's difficult to avoid symlink + * attacks in a portable way, so we just don't try. This isn't a + * regression, because DBUS_COOKIE_SHA1 never worked for other + * users anyway. + */ + _dbus_verbose ("%s: client tried to authenticate as \"%s\", " + "but that doesn't match this process", + DBUS_AUTH_NAME (auth), + _dbus_string_get_const_data (data)); + retval = send_rejected (auth); + goto out; + } + /* we cache the keyring for speed, so here we drop it if it's the * wrong one. FIXME caching the keyring here is useless since we use * a different DBusAuth for every connection. @@ -679,6 +708,9 @@ _dbus_string_zero (&tmp2); _dbus_string_free (&tmp2); + if (myself != NULL) + _dbus_credentials_unref (myself); + return retval; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/dbus/dbus-sysdeps-unix.c new/dbus-1.12.16/dbus/dbus-sysdeps-unix.c --- old/dbus-1.12.12/dbus/dbus-sysdeps-unix.c 2018-08-02 18:13:02.000000000 +0200 +++ new/dbus-1.12.16/dbus/dbus-sysdeps-unix.c 2019-05-13 11:33:56.000000000 +0200 @@ -4364,7 +4364,15 @@ dbus_bool_t _dbus_get_is_errno_eagain_or_ewouldblock (int e) { + /* Avoid the -Wlogical-op GCC warning, which can be triggered when EAGAIN and + * EWOULDBLOCK are numerically equal, which is permitted as described by + * errno(3). + */ +#if EAGAIN == EWOULDBLOCK + return e == EAGAIN; +#else return e == EAGAIN || e == EWOULDBLOCK; +#endif } /** diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/dbus/dbus-sysdeps-util-unix.c new/dbus-1.12.16/dbus/dbus-sysdeps-util-unix.c --- old/dbus-1.12.12/dbus/dbus-sysdeps-util-unix.c 2017-10-30 13:26:18.000000000 +0100 +++ new/dbus-1.12.16/dbus/dbus-sysdeps-util-unix.c 2019-06-09 14:08:49.000000000 +0200 @@ -406,23 +406,15 @@ return self; } +/* Enough fds that we shouldn't run out, even if several uids work + * together to carry out a denial-of-service attack. This happens to be + * the same number that systemd < 234 would normally use. */ +#define ENOUGH_FDS 65536 + dbus_bool_t -_dbus_rlimit_raise_fd_limit_if_privileged (unsigned int desired, - DBusError *error) +_dbus_rlimit_raise_fd_limit (DBusError *error) { - struct rlimit lim; - - /* No point to doing this practically speaking - * if we're not uid 0. We expect the system - * bus to use this before we change UID, and - * the session bus takes the Linux default, - * currently 1024 for cur and 4096 for max. - */ - if (getuid () != 0) - { - /* not an error, we're probably the session bus */ - return TRUE; - } + struct rlimit old, lim; if (getrlimit (RLIMIT_NOFILE, &lim) < 0) { @@ -431,22 +423,43 @@ return FALSE; } - if (lim.rlim_cur == RLIM_INFINITY || lim.rlim_cur >= desired) - { - /* not an error, everything is fine */ - return TRUE; - } + old = lim; - /* Ignore "maximum limit", assume we have the "superuser" - * privileges. On Linux this is CAP_SYS_RESOURCE. - */ - lim.rlim_cur = lim.rlim_max = desired; + if (getuid () == 0) + { + /* We are privileged, so raise the soft limit to at least + * ENOUGH_FDS, and the hard limit to at least the desired soft + * limit. This assumes we can exercise CAP_SYS_RESOURCE on Linux, + * or other OSs' equivalents. */ + if (lim.rlim_cur != RLIM_INFINITY && + lim.rlim_cur < ENOUGH_FDS) + lim.rlim_cur = ENOUGH_FDS; + + if (lim.rlim_max != RLIM_INFINITY && + lim.rlim_max < lim.rlim_cur) + lim.rlim_max = lim.rlim_cur; + } + + /* Raise the soft limit to match the hard limit, which we can do even + * if we are unprivileged. In particular, systemd >= 240 will normally + * set rlim_cur to 1024 and rlim_max to 512*1024, recent Debian + * versions end up setting rlim_cur to 1024 and rlim_max to 1024*1024, + * and older and non-systemd Linux systems would typically set rlim_cur + * to 1024 and rlim_max to 4096. */ + if (lim.rlim_max == RLIM_INFINITY || lim.rlim_cur < lim.rlim_max) + lim.rlim_cur = lim.rlim_max; + + /* Early-return if there is nothing to do. */ + if (lim.rlim_max == old.rlim_max && + lim.rlim_cur == old.rlim_cur) + return TRUE; if (setrlimit (RLIMIT_NOFILE, &lim) < 0) { dbus_set_error (error, _dbus_error_from_errno (errno), - "Failed to set fd limit to %u: %s", - desired, _dbus_strerror (errno)); + "Failed to set fd limit to %lu: %s", + (unsigned long) lim.rlim_cur, + _dbus_strerror (errno)); return FALSE; } @@ -485,8 +498,7 @@ } dbus_bool_t -_dbus_rlimit_raise_fd_limit_if_privileged (unsigned int desired, - DBusError *error) +_dbus_rlimit_raise_fd_limit (DBusError *error) { fd_limit_not_supported (error); return FALSE; @@ -1512,3 +1524,43 @@ return _dbus_string_append (str, DBUS_SESSION_CONFIG_FILE); } + +#ifdef DBUS_ENABLE_EMBEDDED_TESTS + +/* + * Set uid to a machine-readable authentication identity (numeric Unix + * uid or ConvertSidToStringSid-style Windows SID) that is likely to exist, + * and differs from the identity of the current process. + * + * @param uid Populated with a machine-readable authentication identity + * on success + * @returns #FALSE if no memory + */ +dbus_bool_t +_dbus_test_append_different_uid (DBusString *uid) +{ + if (geteuid () == 0) + return _dbus_string_append (uid, "65534"); + else + return _dbus_string_append (uid, "0"); +} + +/* + * Set uid to a human-readable authentication identity (login name) + * that is likely to exist, and differs from the identity of the current + * process. This function currently only exists on Unix platforms. + * + * @param uid Populated with a machine-readable authentication identity + * on success + * @returns #FALSE if no memory + */ +dbus_bool_t +_dbus_test_append_different_username (DBusString *username) +{ + if (geteuid () == 0) + return _dbus_string_append (username, "nobody"); + else + return _dbus_string_append (username, "root"); +} + +#endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/dbus/dbus-sysdeps-util-win.c new/dbus-1.12.16/dbus/dbus-sysdeps-util-win.c --- old/dbus-1.12.12/dbus/dbus-sysdeps-util-win.c 2017-10-30 13:26:18.000000000 +0100 +++ new/dbus-1.12.16/dbus/dbus-sysdeps-util-win.c 2019-06-09 14:08:49.000000000 +0200 @@ -273,8 +273,7 @@ } dbus_bool_t -_dbus_rlimit_raise_fd_limit_if_privileged (unsigned int desired, - DBusError *error) +_dbus_rlimit_raise_fd_limit (DBusError *error) { fd_limit_not_supported (error); return FALSE; @@ -1654,3 +1653,28 @@ return _dbus_get_config_file_name(str, "session.conf"); } + +#ifdef DBUS_ENABLE_EMBEDDED_TESTS + +#define ANONYMOUS_SID "S-1-5-7" +#define LOCAL_SYSTEM_SID "S-1-5-18" + +dbus_bool_t +_dbus_test_append_different_uid (DBusString *uid) +{ + char *sid = NULL; + dbus_bool_t ret; + + if (!_dbus_getsid (&sid, _dbus_getpid ())) + return FALSE; + + if (strcmp (sid, ANONYMOUS_SID) == 0) + ret = _dbus_string_append (uid, LOCAL_SYSTEM_SID); + else + ret = _dbus_string_append (uid, ANONYMOUS_SID); + + LocalFree (sid); + return ret; +} + +#endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/dbus/dbus-sysdeps.h new/dbus-1.12.16/dbus/dbus-sysdeps.h --- old/dbus-1.12.12/dbus/dbus-sysdeps.h 2018-12-03 17:31:46.000000000 +0100 +++ new/dbus-1.12.16/dbus/dbus-sysdeps.h 2019-06-09 14:08:49.000000000 +0200 @@ -698,12 +698,21 @@ typedef struct DBusRLimit DBusRLimit; DBusRLimit *_dbus_rlimit_save_fd_limit (DBusError *error); -dbus_bool_t _dbus_rlimit_raise_fd_limit_if_privileged (unsigned int desired, - DBusError *error); +dbus_bool_t _dbus_rlimit_raise_fd_limit (DBusError *error); dbus_bool_t _dbus_rlimit_restore_fd_limit (DBusRLimit *saved, DBusError *error); void _dbus_rlimit_free (DBusRLimit *lim); +#ifdef DBUS_ENABLE_EMBEDDED_TESTS +_DBUS_GNUC_WARN_UNUSED_RESULT +dbus_bool_t _dbus_test_append_different_uid (DBusString *uid); + +#ifdef DBUS_UNIX +_DBUS_GNUC_WARN_UNUSED_RESULT +dbus_bool_t _dbus_test_append_different_username (DBusString *username); +#endif +#endif /* DBUS_ENABLE_EMBEDDED_TESTS */ + /** @} */ DBUS_END_DECLS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/m4/ax_ac_append_to_file.m4 new/dbus-1.12.16/m4/ax_ac_append_to_file.m4 --- old/dbus-1.12.12/m4/ax_ac_append_to_file.m4 1970-01-01 01:00:00.000000000 +0100 +++ new/dbus-1.12.16/m4/ax_ac_append_to_file.m4 2019-05-13 11:33:56.000000000 +0200 @@ -0,0 +1,32 @@ +# =========================================================================== +# https://www.gnu.org/software/autoconf-archive/ax_ac_append_to_file.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_AC_APPEND_TO_FILE([FILE],[DATA]) +# +# DESCRIPTION +# +# Appends the specified data to the specified Autoconf is run. If you want +# to append to a file when configure is run use AX_APPEND_TO_FILE instead. +# +# LICENSE +# +# Copyright (c) 2009 Allan Caffee <[email protected]> +# +# Copying and distribution of this file, with or without modification, are +# permitted in any medium without royalty provided the copyright notice +# and this notice are preserved. This file is offered as-is, without any +# warranty. + +#serial 10 + +AC_DEFUN([AX_AC_APPEND_TO_FILE],[ +AC_REQUIRE([AX_FILE_ESCAPES]) +m4_esyscmd( +AX_FILE_ESCAPES +[ +printf "%s" "$2" >> "$1" +]) +]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/m4/ax_ac_print_to_file.m4 new/dbus-1.12.16/m4/ax_ac_print_to_file.m4 --- old/dbus-1.12.12/m4/ax_ac_print_to_file.m4 1970-01-01 01:00:00.000000000 +0100 +++ new/dbus-1.12.16/m4/ax_ac_print_to_file.m4 2019-05-13 11:33:56.000000000 +0200 @@ -0,0 +1,32 @@ +# =========================================================================== +# https://www.gnu.org/software/autoconf-archive/ax_ac_print_to_file.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_AC_PRINT_TO_FILE([FILE],[DATA]) +# +# DESCRIPTION +# +# Writes the specified data to the specified file when Autoconf is run. If +# you want to print to a file when configure is run use AX_PRINT_TO_FILE +# instead. +# +# LICENSE +# +# Copyright (c) 2009 Allan Caffee <[email protected]> +# +# Copying and distribution of this file, with or without modification, are +# permitted in any medium without royalty provided the copyright notice +# and this notice are preserved. This file is offered as-is, without any +# warranty. + +#serial 10 + +AC_DEFUN([AX_AC_PRINT_TO_FILE],[ +m4_esyscmd( +AC_REQUIRE([AX_FILE_ESCAPES]) +[ +printf "%s" "$2" > "$1" +]) +]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/m4/ax_add_am_macro_static.m4 new/dbus-1.12.16/m4/ax_add_am_macro_static.m4 --- old/dbus-1.12.12/m4/ax_add_am_macro_static.m4 1970-01-01 01:00:00.000000000 +0100 +++ new/dbus-1.12.16/m4/ax_add_am_macro_static.m4 2019-05-13 11:33:56.000000000 +0200 @@ -0,0 +1,28 @@ +# =========================================================================== +# https://www.gnu.org/software/autoconf-archive/ax_add_am_macro_static.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_ADD_AM_MACRO_STATIC([RULE]) +# +# DESCRIPTION +# +# Adds the specified rule to $AMINCLUDE. +# +# LICENSE +# +# Copyright (c) 2009 Tom Howard <[email protected]> +# Copyright (c) 2009 Allan Caffee <[email protected]> +# +# Copying and distribution of this file, with or without modification, are +# permitted in any medium without royalty provided the copyright notice +# and this notice are preserved. This file is offered as-is, without any +# warranty. + +#serial 8 + +AC_DEFUN([AX_ADD_AM_MACRO_STATIC],[ + AC_REQUIRE([AX_AM_MACROS_STATIC]) + AX_AC_APPEND_TO_FILE(AMINCLUDE_STATIC,[$1]) +]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/m4/ax_am_macros_static.m4 new/dbus-1.12.16/m4/ax_am_macros_static.m4 --- old/dbus-1.12.12/m4/ax_am_macros_static.m4 1970-01-01 01:00:00.000000000 +0100 +++ new/dbus-1.12.16/m4/ax_am_macros_static.m4 2019-05-13 11:33:56.000000000 +0200 @@ -0,0 +1,38 @@ +# =========================================================================== +# https://www.gnu.org/software/autoconf-archive/ax_am_macros_static.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_AM_MACROS_STATIC +# +# DESCRIPTION +# +# Adds support for macros that create Automake rules. You must manually +# add the following line +# +# include $(top_srcdir)/aminclude_static.am +# +# to your Makefile.am files. +# +# LICENSE +# +# Copyright (c) 2009 Tom Howard <[email protected]> +# Copyright (c) 2009 Allan Caffee <[email protected]> +# +# Copying and distribution of this file, with or without modification, are +# permitted in any medium without royalty provided the copyright notice +# and this notice are preserved. This file is offered as-is, without any +# warranty. + +#serial 11 + +AC_DEFUN([AMINCLUDE_STATIC],[aminclude_static.am]) + +AC_DEFUN([AX_AM_MACROS_STATIC], +[ +AX_AC_PRINT_TO_FILE(AMINCLUDE_STATIC,[ +# ]AMINCLUDE_STATIC[ generated automatically by Autoconf +# from AX_AM_MACROS_STATIC on ]m4_esyscmd([LC_ALL=C date])[ +]) +]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/m4/ax_code_coverage.m4 new/dbus-1.12.16/m4/ax_code_coverage.m4 --- old/dbus-1.12.12/m4/ax_code_coverage.m4 1970-01-01 01:00:00.000000000 +0100 +++ new/dbus-1.12.16/m4/ax_code_coverage.m4 2019-05-13 11:33:56.000000000 +0200 @@ -0,0 +1,272 @@ +# =========================================================================== +# https://www.gnu.org/software/autoconf-archive/ax_code_coverage.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_CODE_COVERAGE() +# +# DESCRIPTION +# +# Defines CODE_COVERAGE_CPPFLAGS, CODE_COVERAGE_CFLAGS, +# CODE_COVERAGE_CXXFLAGS and CODE_COVERAGE_LIBS which should be included +# in the CPPFLAGS, CFLAGS CXXFLAGS and LIBS/LIBADD variables of every +# build target (program or library) which should be built with code +# coverage support. Also add rules using AX_ADD_AM_MACRO_STATIC; and +# $enable_code_coverage which can be used in subsequent configure output. +# CODE_COVERAGE_ENABLED is defined and substituted, and corresponds to the +# value of the --enable-code-coverage option, which defaults to being +# disabled. +# +# Test also for gcov program and create GCOV variable that could be +# substituted. +# +# Note that all optimization flags in CFLAGS must be disabled when code +# coverage is enabled. +# +# Usage example: +# +# configure.ac: +# +# AX_CODE_COVERAGE +# +# Makefile.am: +# +# include $(top_srcdir)/aminclude_static.am +# +# my_program_LIBS = ... $(CODE_COVERAGE_LIBS) ... +# my_program_CPPFLAGS = ... $(CODE_COVERAGE_CPPFLAGS) ... +# my_program_CFLAGS = ... $(CODE_COVERAGE_CFLAGS) ... +# my_program_CXXFLAGS = ... $(CODE_COVERAGE_CXXFLAGS) ... +# +# clean-local: code-coverage-clean +# distclean-local: code-coverage-dist-clean +# +# This results in a "check-code-coverage" rule being added to any +# Makefile.am which do "include $(top_srcdir)/aminclude_static.am" +# (assuming the module has been configured with --enable-code-coverage). +# Running `make check-code-coverage` in that directory will run the +# module's test suite (`make check`) and build a code coverage report +# detailing the code which was touched, then print the URI for the report. +# +# This code was derived from Makefile.decl in GLib, originally licensed +# under LGPLv2.1+. +# +# LICENSE +# +# Copyright (c) 2012, 2016 Philip Withnall +# Copyright (c) 2012 Xan Lopez +# Copyright (c) 2012 Christian Persch +# Copyright (c) 2012 Paolo Borelli +# Copyright (c) 2012 Dan Winship +# Copyright (c) 2015,2018 Bastien ROUCARIES +# +# This library is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or (at +# your option) any later version. +# +# This library is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser +# General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see <https://www.gnu.org/licenses/>. + +#serial 32 + +m4_define(_AX_CODE_COVERAGE_RULES,[ +AX_ADD_AM_MACRO_STATIC([ +# Code coverage +# +# Optional: +# - CODE_COVERAGE_DIRECTORY: Top-level directory for code coverage reporting. +# Multiple directories may be specified, separated by whitespace. +# (Default: \$(top_builddir)) +# - CODE_COVERAGE_OUTPUT_FILE: Filename and path for the .info file generated +# by lcov for code coverage. (Default: +# \$(PACKAGE_NAME)-\$(PACKAGE_VERSION)-coverage.info) +# - CODE_COVERAGE_OUTPUT_DIRECTORY: Directory for generated code coverage +# reports to be created. (Default: +# \$(PACKAGE_NAME)-\$(PACKAGE_VERSION)-coverage) +# - CODE_COVERAGE_BRANCH_COVERAGE: Set to 1 to enforce branch coverage, +# set to 0 to disable it and leave empty to stay with the default. +# (Default: empty) +# - CODE_COVERAGE_LCOV_SHOPTS_DEFAULT: Extra options shared between both lcov +# instances. (Default: based on $CODE_COVERAGE_BRANCH_COVERAGE) +# - CODE_COVERAGE_LCOV_SHOPTS: Extra options to shared between both lcov +# instances. (Default: $CODE_COVERAGE_LCOV_SHOPTS_DEFAULT) +# - CODE_COVERAGE_LCOV_OPTIONS_GCOVPATH: --gcov-tool pathtogcov +# - CODE_COVERAGE_LCOV_OPTIONS_DEFAULT: Extra options to pass to the +# collecting lcov instance. (Default: $CODE_COVERAGE_LCOV_OPTIONS_GCOVPATH) +# - CODE_COVERAGE_LCOV_OPTIONS: Extra options to pass to the collecting lcov +# instance. (Default: $CODE_COVERAGE_LCOV_OPTIONS_DEFAULT) +# - CODE_COVERAGE_LCOV_RMOPTS_DEFAULT: Extra options to pass to the filtering +# lcov instance. (Default: empty) +# - CODE_COVERAGE_LCOV_RMOPTS: Extra options to pass to the filtering lcov +# instance. (Default: $CODE_COVERAGE_LCOV_RMOPTS_DEFAULT) +# - CODE_COVERAGE_GENHTML_OPTIONS_DEFAULT: Extra options to pass to the +# genhtml instance. (Default: based on $CODE_COVERAGE_BRANCH_COVERAGE) +# - CODE_COVERAGE_GENHTML_OPTIONS: Extra options to pass to the genhtml +# instance. (Default: $CODE_COVERAGE_GENHTML_OPTIONS_DEFAULT) +# - CODE_COVERAGE_IGNORE_PATTERN: Extra glob pattern of files to ignore +# +# The generated report will be titled using the \$(PACKAGE_NAME) and +# \$(PACKAGE_VERSION). In order to add the current git hash to the title, +# use the git-version-gen script, available online. +# Optional variables +# run only on top dir +if CODE_COVERAGE_ENABLED + ifeq (\$(abs_builddir), \$(abs_top_builddir)) +CODE_COVERAGE_DIRECTORY ?= \$(top_builddir) +CODE_COVERAGE_OUTPUT_FILE ?= \$(PACKAGE_NAME)-\$(PACKAGE_VERSION)-coverage.info +CODE_COVERAGE_OUTPUT_DIRECTORY ?= \$(PACKAGE_NAME)-\$(PACKAGE_VERSION)-coverage + +CODE_COVERAGE_BRANCH_COVERAGE ?= +CODE_COVERAGE_LCOV_SHOPTS_DEFAULT ?= \$(if \$(CODE_COVERAGE_BRANCH_COVERAGE),\ +--rc lcov_branch_coverage=\$(CODE_COVERAGE_BRANCH_COVERAGE)) +CODE_COVERAGE_LCOV_SHOPTS ?= \$(CODE_COVERAGE_LCOV_SHOPTS_DEFAULT) +CODE_COVERAGE_LCOV_OPTIONS_GCOVPATH ?= --gcov-tool \"\$(GCOV)\" +CODE_COVERAGE_LCOV_OPTIONS_DEFAULT ?= \$(CODE_COVERAGE_LCOV_OPTIONS_GCOVPATH) +CODE_COVERAGE_LCOV_OPTIONS ?= \$(CODE_COVERAGE_LCOV_OPTIONS_DEFAULT) +CODE_COVERAGE_LCOV_RMOPTS_DEFAULT ?= +CODE_COVERAGE_LCOV_RMOPTS ?= \$(CODE_COVERAGE_LCOV_RMOPTS_DEFAULT) +CODE_COVERAGE_GENHTML_OPTIONS_DEFAULT ?=\ +\$(if \$(CODE_COVERAGE_BRANCH_COVERAGE),\ +--rc genhtml_branch_coverage=\$(CODE_COVERAGE_BRANCH_COVERAGE)) +CODE_COVERAGE_GENHTML_OPTIONS ?= \$(CODE_COVERAGE_GENHTML_OPTIONS_DEFAULT) +CODE_COVERAGE_IGNORE_PATTERN ?= + +GITIGNOREFILES = \$(GITIGNOREFILES) \$(CODE_COVERAGE_OUTPUT_FILE) \$(CODE_COVERAGE_OUTPUT_DIRECTORY) +code_coverage_v_lcov_cap = \$(code_coverage_v_lcov_cap_\$(V)) +code_coverage_v_lcov_cap_ = \$(code_coverage_v_lcov_cap_\$(AM_DEFAULT_VERBOSITY)) +code_coverage_v_lcov_cap_0 = @echo \" LCOV --capture\" \$(CODE_COVERAGE_OUTPUT_FILE); +code_coverage_v_lcov_ign = \$(code_coverage_v_lcov_ign_\$(V)) +code_coverage_v_lcov_ign_ = \$(code_coverage_v_lcov_ign_\$(AM_DEFAULT_VERBOSITY)) +code_coverage_v_lcov_ign_0 = @echo \" LCOV --remove /tmp/*\" \$(CODE_COVERAGE_IGNORE_PATTERN); +code_coverage_v_genhtml = \$(code_coverage_v_genhtml_\$(V)) +code_coverage_v_genhtml_ = \$(code_coverage_v_genhtml_\$(AM_DEFAULT_VERBOSITY)) +code_coverage_v_genhtml_0 = @echo \" GEN \" \"\$(CODE_COVERAGE_OUTPUT_DIRECTORY)\"; +code_coverage_quiet = \$(code_coverage_quiet_\$(V)) +code_coverage_quiet_ = \$(code_coverage_quiet_\$(AM_DEFAULT_VERBOSITY)) +code_coverage_quiet_0 = --quiet + +# sanitizes the test-name: replaces with underscores: dashes and dots +code_coverage_sanitize = \$(subst -,_,\$(subst .,_,\$(1))) + +# Use recursive makes in order to ignore errors during check +check-code-coverage: + -\$(AM_V_at)\$(MAKE) \$(AM_MAKEFLAGS) -k check + \$(AM_V_at)\$(MAKE) \$(AM_MAKEFLAGS) code-coverage-capture + +# Capture code coverage data +code-coverage-capture: code-coverage-capture-hook + \$(code_coverage_v_lcov_cap)\$(LCOV) \$(code_coverage_quiet) \$(addprefix --directory ,\$(CODE_COVERAGE_DIRECTORY)) --capture --output-file \"\$(CODE_COVERAGE_OUTPUT_FILE).tmp\" --test-name \"\$(call code_coverage_sanitize,\$(PACKAGE_NAME)-\$(PACKAGE_VERSION))\" --no-checksum --compat-libtool \$(CODE_COVERAGE_LCOV_SHOPTS) \$(CODE_COVERAGE_LCOV_OPTIONS) + \$(code_coverage_v_lcov_ign)\$(LCOV) \$(code_coverage_quiet) \$(addprefix --directory ,\$(CODE_COVERAGE_DIRECTORY)) --remove \"\$(CODE_COVERAGE_OUTPUT_FILE).tmp\" \"/tmp/*\" \$(CODE_COVERAGE_IGNORE_PATTERN) --output-file \"\$(CODE_COVERAGE_OUTPUT_FILE)\" \$(CODE_COVERAGE_LCOV_SHOPTS) \$(CODE_COVERAGE_LCOV_RMOPTS) + -@rm -f \"\$(CODE_COVERAGE_OUTPUT_FILE).tmp\" + \$(code_coverage_v_genhtml)LANG=C \$(GENHTML) \$(code_coverage_quiet) \$(addprefix --prefix ,\$(CODE_COVERAGE_DIRECTORY)) --output-directory \"\$(CODE_COVERAGE_OUTPUT_DIRECTORY)\" --title \"\$(PACKAGE_NAME)-\$(PACKAGE_VERSION) Code Coverage\" --legend --show-details \"\$(CODE_COVERAGE_OUTPUT_FILE)\" \$(CODE_COVERAGE_GENHTML_OPTIONS) + @echo \"file://\$(abs_builddir)/\$(CODE_COVERAGE_OUTPUT_DIRECTORY)/index.html\" + +code-coverage-clean: + -\$(LCOV) --directory \$(top_builddir) -z + -rm -rf \"\$(CODE_COVERAGE_OUTPUT_FILE)\" \"\$(CODE_COVERAGE_OUTPUT_FILE).tmp\" \"\$(CODE_COVERAGE_OUTPUT_DIRECTORY)\" + -find . \\( -name \"*.gcda\" -o -name \"*.gcno\" -o -name \"*.gcov\" \\) -delete + +code-coverage-dist-clean: + +A][M_DISTCHECK_CONFIGURE_FLAGS = \$(A][M_DISTCHECK_CONFIGURE_FLAGS) --disable-code-coverage + else # ifneq (\$(abs_builddir), \$(abs_top_builddir)) +check-code-coverage: + +code-coverage-capture: code-coverage-capture-hook + +code-coverage-clean: + +code-coverage-dist-clean: + endif # ifeq (\$(abs_builddir), \$(abs_top_builddir)) +else #! CODE_COVERAGE_ENABLED +# Use recursive makes in order to ignore errors during check +check-code-coverage: + @echo \"Need to reconfigure with --enable-code-coverage\" +# Capture code coverage data +code-coverage-capture: code-coverage-capture-hook + @echo \"Need to reconfigure with --enable-code-coverage\" + +code-coverage-clean: + +code-coverage-dist-clean: + +endif #CODE_COVERAGE_ENABLED +# Hook rule executed before code-coverage-capture, overridable by the user +code-coverage-capture-hook: + +.PHONY: check-code-coverage code-coverage-capture code-coverage-dist-clean code-coverage-clean code-coverage-capture-hook +]) +]) + +AC_DEFUN([_AX_CODE_COVERAGE_ENABLED],[ + AX_CHECK_GNU_MAKE([],[AC_MSG_ERROR([not using GNU make that is needed for coverage])]) + AC_REQUIRE([AX_ADD_AM_MACRO_STATIC]) + # check for gcov + AC_CHECK_TOOL([GCOV], + [$_AX_CODE_COVERAGE_GCOV_PROG_WITH], + [:]) + AS_IF([test "X$GCOV" = "X:"], + [AC_MSG_ERROR([gcov is needed to do coverage])]) + AC_SUBST([GCOV]) + + dnl Check if gcc is being used + AS_IF([ test "$GCC" = "no" ], [ + AC_MSG_ERROR([not compiling with gcc, which is required for gcov code coverage]) + ]) + + AC_CHECK_PROG([LCOV], [lcov], [lcov]) + AC_CHECK_PROG([GENHTML], [genhtml], [genhtml]) + + AS_IF([ test x"$LCOV" = x ], [ + AC_MSG_ERROR([To enable code coverage reporting you must have lcov installed]) + ]) + + AS_IF([ test x"$GENHTML" = x ], [ + AC_MSG_ERROR([Could not find genhtml from the lcov package]) + ]) + + dnl Build the code coverage flags + dnl Define CODE_COVERAGE_LDFLAGS for backwards compatibility + CODE_COVERAGE_CPPFLAGS="-DNDEBUG" + CODE_COVERAGE_CFLAGS="-O0 -g -fprofile-arcs -ftest-coverage" + CODE_COVERAGE_CXXFLAGS="-O0 -g -fprofile-arcs -ftest-coverage" + CODE_COVERAGE_LIBS="-lgcov" + + AC_SUBST([CODE_COVERAGE_CPPFLAGS]) + AC_SUBST([CODE_COVERAGE_CFLAGS]) + AC_SUBST([CODE_COVERAGE_CXXFLAGS]) + AC_SUBST([CODE_COVERAGE_LIBS]) +]) + +AC_DEFUN([AX_CODE_COVERAGE],[ + dnl Check for --enable-code-coverage + + # allow to override gcov location + AC_ARG_WITH([gcov], + [AS_HELP_STRING([--with-gcov[=GCOV]], [use given GCOV for coverage (GCOV=gcov).])], + [_AX_CODE_COVERAGE_GCOV_PROG_WITH=$with_gcov], + [_AX_CODE_COVERAGE_GCOV_PROG_WITH=gcov]) + + AC_MSG_CHECKING([whether to build with code coverage support]) + AC_ARG_ENABLE([code-coverage], + AS_HELP_STRING([--enable-code-coverage], + [Whether to enable code coverage support]),, + enable_code_coverage=no) + + AM_CONDITIONAL([CODE_COVERAGE_ENABLED], [test "x$enable_code_coverage" = xyes]) + AC_SUBST([CODE_COVERAGE_ENABLED], [$enable_code_coverage]) + AC_MSG_RESULT($enable_code_coverage) + + AS_IF([ test "x$enable_code_coverage" = xyes ], [ + _AX_CODE_COVERAGE_ENABLED + ]) + + _AX_CODE_COVERAGE_RULES +]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/m4/ax_file_escapes.m4 new/dbus-1.12.16/m4/ax_file_escapes.m4 --- old/dbus-1.12.12/m4/ax_file_escapes.m4 1970-01-01 01:00:00.000000000 +0100 +++ new/dbus-1.12.16/m4/ax_file_escapes.m4 2019-05-13 11:33:56.000000000 +0200 @@ -0,0 +1,30 @@ +# =========================================================================== +# https://www.gnu.org/software/autoconf-archive/ax_file_escapes.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_FILE_ESCAPES +# +# DESCRIPTION +# +# Writes the specified data to the specified file. +# +# LICENSE +# +# Copyright (c) 2008 Tom Howard <[email protected]> +# +# Copying and distribution of this file, with or without modification, are +# permitted in any medium without royalty provided the copyright notice +# and this notice are preserved. This file is offered as-is, without any +# warranty. + +#serial 8 + +AC_DEFUN([AX_FILE_ESCAPES],[ +AX_DOLLAR="\$" +AX_SRB="\\135" +AX_SLB="\\133" +AX_BS="\\\\" +AX_DQ="\"" +]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/m4/libtool.m4 new/dbus-1.12.16/m4/libtool.m4 --- old/dbus-1.12.12/m4/libtool.m4 2018-12-04 14:58:53.000000000 +0100 +++ new/dbus-1.12.16/m4/libtool.m4 2019-06-09 13:33:56.000000000 +0200 @@ -4704,6 +4704,12 @@ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' ;; + # flang / f18. f95 an alias for gfortran or flang on Debian + flang* | f18* | f95*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' + ;; # icc used to be incompatible with GCC. # ICC 10 doesn't accept -KPIC any more. icc* | ifort*) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/test/Makefile.am new/dbus-1.12.16/test/Makefile.am --- old/dbus-1.12.12/test/Makefile.am 2018-02-23 11:25:17.000000000 +0100 +++ new/dbus-1.12.16/test/Makefile.am 2019-06-09 14:08:49.000000000 +0200 @@ -39,9 +39,9 @@ endif libdbus_testutils_la_LIBADD = \ + $(CODE_COVERAGE_LIBS) \ $(top_builddir)/dbus/libdbus-1.la \ $(top_builddir)/dbus/libdbus-internal.la \ - $(CODE_COVERAGE_LDFLAGS) \ $(NULL) TEST_EXTENSIONS = .sh @@ -471,6 +471,8 @@ data/auth/anonymous-server-successful.auth-script \ data/auth/cancel.auth-script \ data/auth/client-out-of-mechanisms.auth-script \ + data/auth/cookie-sha1-username.auth-script \ + data/auth/cookie-sha1.auth-script \ data/auth/external-failed.auth-script \ data/auth/external-root.auth-script \ data/auth/external-silly.auth-script \ @@ -554,8 +556,11 @@ ## copy tests to builddir so that generated tests and static tests ## are all in one place. +## Note that we can't create the XDG_RUNTIME_DIR with permissions 0700 +## on MSYS2, which rejects attempts to change permissions, hence "|| true". all-local: copy-config-local uninstalled-config-local - $(AM_V_at)$(MKDIR_P) -m 700 XDG_RUNTIME_DIR + $(AM_V_at)$(MKDIR_P) XDG_RUNTIME_DIR + $(AM_V_at)chmod 0700 XDG_RUNTIME_DIR || true copy-config-local: $(AM_V_at)$(MKDIR_P) data/valid-config-files/session.d @@ -672,4 +677,4 @@ ) > [email protected] && mv [email protected] $@ # Add rules for code-coverage testing, as defined by AX_CODE_COVERAGE -@CODE_COVERAGE_RULES@ +include $(top_srcdir)/aminclude_static.am diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/test/data/auth/cookie-sha1-username.auth-script new/dbus-1.12.16/test/data/auth/cookie-sha1-username.auth-script --- old/dbus-1.12.12/test/data/auth/cookie-sha1-username.auth-script 1970-01-01 01:00:00.000000000 +0100 +++ new/dbus-1.12.16/test/data/auth/cookie-sha1-username.auth-script 2019-06-09 14:16:35.000000000 +0200 @@ -0,0 +1,12 @@ +UNIX_ONLY +SERVER +SEND 'AUTH DBUS_COOKIE_SHA1 WRONG_USERNAME_HEX' +EXPECT_COMMAND REJECTED +EXPECT_STATE WAITING_FOR_INPUT +EXPECT_HAVE_NO_CREDENTIALS +SEND 'AUTH DBUS_COOKIE_SHA1 USERNAME_HEX' +EXPECT_COMMAND DATA +EXPECT_STATE WAITING_FOR_INPUT +EXPECT_HAVE_NO_CREDENTIALS +# We don't actually complete DBUS_COOKIE_SHA1 authentication, because +# it's non-trivial. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/test/data/auth/cookie-sha1.auth-script new/dbus-1.12.16/test/data/auth/cookie-sha1.auth-script --- old/dbus-1.12.12/test/data/auth/cookie-sha1.auth-script 1970-01-01 01:00:00.000000000 +0100 +++ new/dbus-1.12.16/test/data/auth/cookie-sha1.auth-script 2019-06-09 14:16:35.000000000 +0200 @@ -0,0 +1,11 @@ +SERVER +SEND 'AUTH DBUS_COOKIE_SHA1 WRONG_USERID_HEX' +EXPECT_COMMAND REJECTED +EXPECT_STATE WAITING_FOR_INPUT +EXPECT_HAVE_NO_CREDENTIALS +SEND 'AUTH DBUS_COOKIE_SHA1 USERID_HEX' +EXPECT_COMMAND DATA +EXPECT_STATE WAITING_FOR_INPUT +EXPECT_HAVE_NO_CREDENTIALS +# We don't actually complete DBUS_COOKIE_SHA1 authentication, because +# it's non-trivial. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/dbus-1.12.12/tools/dbus-send.c new/dbus-1.12.16/tools/dbus-send.c --- old/dbus-1.12.12/tools/dbus-send.c 2017-10-30 13:26:18.000000000 +0100 +++ new/dbus-1.12.16/tools/dbus-send.c 2019-05-13 11:33:56.000000000 +0200 @@ -289,13 +289,16 @@ } else if ((strstr (arg, "--bus=") == arg) || (strstr (arg, "--peer=") == arg) || (strstr (arg, "--address=") == arg)) { - if (arg[2] == 'b') /* bus */ + /* Check for peer first, to avoid the GCC -Wduplicated-branches + * warning. + */ + if (arg[2] == 'p') /* peer */ { - is_bus = TRUE; + is_bus = FALSE; } - else if (arg[2] == 'p') /* peer */ + else if (arg[2] == 'b') /* bus */ { - is_bus = FALSE; + is_bus = TRUE; } else /* address; keeping backwards compatibility */ {
