Commit Graph

175 Commits

Author SHA1 Message Date
Simon McVittie
e0a0749268 gdbusauthmechanismexternal: Optionally send empty authorization identity
When using a GDBus client in a non-trivial user namespace, the result of
geteuid() can differ from the uid in the namespace where the server is
running. This would result in connection attempts being rejected, because
the identity that the client claims to have does not match the identity
that the server derives from its credentials.

RFC 4422 allows us to send an empty authorization identity, which means we
want to authenticate as whatever identity the server can derive from our
out-of-band credentials. In particular, this resolves the authentication
failure when crossing between different Linux user namespaces.

Because D-Bus does not have a way to represent an empty initial response
as distinct from the absence of an initial response, we cannot use the
initial-response optimization (RFC 4422 §4.3.a) in this case, and must
fall back to waiting for the server to send a challenge.

Unfortunately, GDBus versions older than glib!2826 did not implement
the server side of this protocol correctly, and would respond to the
missing initial response in a way that breaks the SASL state machine
(expecting a response without sending a challenge), causing client and
server to deadlock with each waiting for the other to respond. Until
fixed versions of GDBus are widespread, we can't rely on having a server
that can cope with this, so gate it behind a flag, which can be set for
connections that are known to cross non-trivial namespace boundaries.

Originally inspired by
<1ed4723d38>,
and based on earlier work by Giuseppe Scrivano (in which the
cross-namespace behaviour was unconditional, rather than gated by a
flag).

Co-authored-by: Giuseppe Scrivano <giuseppe@scrivano.org>
Signed-off-by: Simon McVittie <smcv@collabora.com>
2022-07-24 13:46:26 +01:00
Simon McVittie
937f9a61cd gioenums: G_IO_ERROR_NO_SUCH_DEVICE is new in 2.74
This attribute will produce "deprecation" warnings when using it in
code that does not want dependencies on newer GLib versions.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2022-07-18 12:02:12 +01:00
Philip Withnall
191923ce61 Merge branch 'wip/smcv/none-flags' into 'main'
Add a NONE or DEFAULT member to most flags-sets

See merge request GNOME/glib!2576
2022-06-23 16:09:38 +00:00
Simon McVittie
f59e02a143 gioenums: Add G_TLS_CERTIFICATE_FLAGS_NONE
This makes the absence of flags (in other words, a valid certificate)
more self-documenting.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2022-06-23 10:47:05 +01:00
Marco Trevisan (Treviño)
d2ca48ad97 gioerror: Add G_IO_ERROR_NO_SUCH_DEVICE to map ENODEV 2022-06-15 20:43:56 +02:00
Philip Withnall
5942cd7984 gio: Add SPDX license headers automatically
Add SPDX license (but not copyright) headers to all files which follow a
certain pattern in their existing non-machine-readable header comment.

This commit was entirely generated using the command:
```
git ls-files gio/*.[ch] | xargs perl -0777 -pi -e 's/\n \*\n \* This library is free software; you can redistribute it and\/or\n \* modify it under the terms of the GNU Lesser General Public/\n \*\n \* SPDX-License-Identifier: LGPL-2.1-or-later\n \*\n \* This library is free software; you can redistribute it and\/or\n \* modify it under the terms of the GNU Lesser General Public/igs'
```

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Helps: #1415
2022-05-18 09:18:52 +01:00
Gabor Karsay
7e64004db0 docs: mark macros, flags, enums with percent sign 2022-03-04 16:21:55 +00:00
Marc-André Lureau
95c3e28af5 gio: add G_CREDENTIALS_TYPE_WIN32_PID
Credentials are often used to check peer processes details.

With AF_UNIX sockets on Windows, SIO_AF_UNIX_GETPEERPID can
be used to retrive the peer PID.

We will probably introduce more advanced mechanisms later on, though,
but I am not a Windows API expert.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2022-01-26 18:19:44 +04:00
Patrick Griffis
96ce3feeb9 gtlscertificate: Add ability to load PKCS #12 encrypted files
This depends on the GTlsBackend implementing these properties
2022-01-07 11:27:56 -06:00
Hristo Venev
9bd4730008 gsubprocess: Add G_SUBPROCESS_FLAGS_SEARCH_PATH_FROM_ENVP 2021-11-17 12:27:46 +00:00
Michael Catanzaro
780af9cff3 Document potential footgun with GTlsCertificateFlags
Once upon a time, we tried to return all possible certificate errors,
but it never actually worked reliably and nowadays we have given up.
This needs to be documented because a reasonable developer would not
expect it.

Because mistakes could be security-critical, I decided to copy the same
warning in several different places rather than relying only on
cross-referencese.
2021-11-16 15:21:21 +00:00
Lubomir Rintel
a107a328e4 gdbusproxy: Add G_DBUS_PROXY_FLAGS_NO_MATCH_RULE flag
D-Bus has an upper limit on number of Match rules and it's rather easy to hit
with a big number of proxies with signal subscriptions. This happens with
NetworkManager with hundreds of devices or connection settings. By passing
G_DBUS_SIGNAL_FLAGS_NO_MATCH_RULE to g_dbus_connection_signal_subscribe(), the
user can call AddMatch with a less granular match instead of a match per every
proxy.

Tests subsequently added by Philip Withnall.

Fixes: #1109
2021-11-04 11:44:18 +00:00
Michael Catanzaro
bf37392045 tls: add functions to get protocol version and ciphersuite name
This adds g_tls_connection_get_protocol_version(),
g_tls_connection_get_ciphersuite_name(), and DTLS variants. This will
allow populating TLS connection information in the WebKit web inspector.

This is WIP because we found it's not quite possibly to implement
correctly with GnuTLS. See glib-networking!151.
2021-06-03 10:56:15 -05:00
Patrick Griffis
e750f7a145 gtlspassword: Add flags signifying PIN type for PKCS#11
In a PKCS#11 operation there are multiple types of PINs possibly
needed and these flags add a way to expose them to the user.

This design exactly matches gnutls' gnutls_pin_flag_t API.
2021-06-01 14:56:56 -05:00
Philip Withnall
c92d9dc267 enums: Add missing GLIB_AVAILABLE_ENUMERATOR_IN_2_68 annotations
In the 2.68 cycle we’d added 3 new enumerator elements. Due to the
preceding commit, they can now be annotated with
`GLIB_AVAILABLE_ENUMERATOR_IN_2_68`, which will make it a bit easier for
third party projects to notice when they’re using these symbols without
having bumped their GLib dependency.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Fixes: #2327
2021-03-11 13:37:49 +00:00
Philip Withnall
1a6aa9a493 gdbus: Add flags to require authentication as the same user
This eliminates a common use case for the
`GDBusAuthObserver::authorize-authenticated-peer` signal, which is often
implemented incorrectly by people.

Suggested by Simon McVittie.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Fixes: #1804
2021-02-11 16:12:40 +00:00
Sebastian Dröge
63809867bd GFile: Document that G_FILE_CREATE_REPLACE_DESTINATION can only be used with g_file_replace() and variants
Passing it to e.g. g_file_create() for an already existing file will
still cause a "file exists" error.
2020-07-27 18:35:38 +03:00
Ruslan Marchenko
44524b9daa Add g_(d)tls_connection_get_channel_binding_data calls and enums
* Add g_tls_connection_get_channel_binding_data API call
 * Add g_dtls_connection_get_channel_binding_data API call
 * Add get_binding_data method to GTlsConnection class
 * Add get_binding_data method to GDtlsConnection interface
 * Add GTlsChannelBindingType enum with tls-unique and
   tls-server-end-point types
 * Add GTlsChannelBindingError enum and G_TLS_CHANNEL_BINDING_ERROR
   quark
 * Add new API calls to documentation reference gio-sections-common
2020-06-25 12:40:34 +00:00
Philip Withnall
00bfb3ab44 tree: Fix various typos and outdated terminology
This was mostly machine generated with the following command:
```
codespell \
    --builtin clear,rare,usage \
    --skip './po/*' --skip './.git/*' --skip './NEWS*' \
    --write-changes .
```
using the latest git version of `codespell` as per [these
instructions](https://github.com/codespell-project/codespell#user-content-updating).

Then I manually checked each change using `git add -p`, made a few
manual fixups and dropped a load of incorrect changes.

There are still some outdated or loaded terms used in GLib, mostly to do
with git branch terminology. They will need to be changed later as part
of a wider migration of git terminology.

If I’ve missed anything, please file an issue!

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-06-12 15:01:08 +01:00
Dr. Michael Lauer
ec2f60a008 gio: add gcredential support for macOS
[smcv: Apply my review feedback from
<https://bugzilla.gnome.org/show_bug.cgi?id=668866>]

Co-authored-by: Simon McVittie <smcv@collabora.com>
Resolves: https://gitlab.gnome.org/GNOME/glib/issues/507
2020-05-07 14:19:16 +01:00
Simon McVittie
e33b0d0410 GCredentials: Document when NETBSD_UNPCBID was added
Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-05-07 10:25:14 +01:00
Simon McVittie
3e61acddc5 GCredentials: Format C library type names as code
Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-05-07 10:25:14 +01:00
Bastien Nocera
b04be9efc7 docs: Fix markup that led to unreadable example
We used XML to markup when we should have used our own brand of markdown
instead. This fixes the example being unreadable unless we trimmed the
XML away from it.
2020-01-07 18:29:53 +01:00
Bastien Nocera
cd6612dfb7 gio: Add GMemoryMonitor to monitor for low-memory
Add a memory monitor object, with D-Bus and Portal based
implementations. The D-Bus implementation uses the Linux-only
low-memory-monitor Freedesktop project.

Low Memory Monitor D-Bus API:
https://hadess.pages.freedesktop.org/low-memory-monitor/

Android API:
https://developer.android.com/reference/android/content/ComponentCallbacks2.html#onTrimMemory(int)

iOS API:
https://developer.apple.com/documentation/uikit/app_and_environment/managing_your_app_s_life_cycle/responding_to_memory_warnings

Win32 API:
https://docs.microsoft.com/en-us/dotnet/api/microsoft.win32.systemevents.lowmemory?view=netframework-4.8

Tizen API:
https://samsung.github.io/TizenFX/master/api/Tizen.Applications.EventManager.SystemEvents.LowMemory.html
2019-12-11 11:44:42 +00:00
Philip Withnall
40ff475977 Annotate various types and macros as deprecated
These have all been documented as deprecated for a long time, but we’ve
never had a way to programmatically mark them as deprecated. Do that
now.

This is based on the list of deprecations from the reverted commit
80fcb1bc2.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Fixes: #638
2019-05-30 10:39:11 +01:00
Philip Withnall
5bb19b04af docs: Clarify support for multiple TXT record strings
Most TXT records only contain a single string, but some may contain
more.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Fixes: #1760
2019-04-26 16:49:38 +01:00
Philip Withnall
e036d1bb29 docs: Improve formatting of GVariant types in GResolverRecordType docs
Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-04-26 12:15:55 +01:00
Philip Withnall
38de3e9dc3 docs: Use ‘look up’ as a verb, rather than the noun ‘lookup’
Another niggle fixed.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-04-26 12:12:31 +01:00
Emmanuele Bassi
e5ba5845a1 Revert "headers: Add various missing G_DISABLE_DEPRECATED guards"
This reverts commit 80fcb1bc26.

G_DISABLE_DEPRECATED should never be used by anybody, least of all by
GLib. We have deprecation annotations for the compiler, these days, and
they are much better suited than a macro that makes symbols appear and
disappear. The fact that gtk-doc doesn't understand the deprecation
annotations is a limitation of gtk-doc, and it's gtk-doc that ought to be
fixed.

Commit 80fcb1bc broke GStreamer, which disables old API that was
deprecated before the introduction of the deprecation annotations, but
still uses newly deprecated one, and relies on the deprecation
annotations to do their thing. It also broke libsoup, as it uses
GValueArray in its own API.
2019-03-16 11:30:13 +00:00
Philip Withnall
80fcb1bc26 headers: Add various missing G_DISABLE_DEPRECATED guards
As pointed out by gtk-doc, these are all symbols which have been marked
as deprecated, but which aren’t protected by a deprecation guard. We
can’t use G_DEPRECATED_IN_* for them, as they are all non-function
symbols. Instead, wrap them in #ifndef G_DISABLE_DEPRECATED.

In some cases, we also need to wrap one or two functions which use the
deprecated types in G_DISABLE_DEPRECATED too.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-03-15 11:09:32 +00:00
Philip Withnall
df62731771 Merge branch 'win32-symlink-refactoring' into 'master'
Win32 symlink code refactoring

See merge request GNOME/glib!269
2019-03-13 11:55:27 +00:00
Sebastian Dröge
042b8dc40d Introduce new GPollableReturn enum
This allows returning WOULD_BLOCK without allocating a GError, and
should later be used for various functions of GPollableOutputStream,
GPollableInputStream and anything else that can potentially block.
2019-01-24 16:25:31 +02:00
Michael Gratton
d7aedeff29 gio: Update bad cert error in accept-certificate and GTlsError docs
This makes the documented error returned when the cert is rejected
consistent with both self and reality.
2019-01-08 22:40:54 +11:00
Matthias Clasen
3a4b18f903 GApplication: Add a way to replace a unique instance
While uniqueness is great, sometimes you want to restart
a newer version of the same app. These two flags make that
possible.

We also add a ::name-lost signal, that is emitted when it
happens. The default handler for this signal just calls
g_application_quit(), but applications may want to connect
and do cleanup or state-saving here.
2018-11-26 11:45:29 -05:00
Michael Catanzaro
85f7d493d7 Deprecate TLS rehandshake APIs
Allowing unsafe rehandshakes used to be required for web compatibility,
but this is no longer a concern in 2018. So there should no longer be
compatibility benefits to calling this function. All it does is make
your TLS connection insecure.

Also, rehandshaking no longer exists at all in TLS 1.3.

At some point (maybe soon!) glib-networking will begin ignoring the
rehandshake mode, so let's deprecate it now.
2018-11-20 22:07:58 -06:00
Руслан Ижбулатов
19608e36d2 Straighten up the GFileType vs symlinks on Windows situation
On Windows NTFS symlinks are implemented as reparse points,
which are special kinds of files *or directories*. A directory
symlink should link to a directory. A file symlink should link
to a file. Mismatching (such as a file symlink pointing to a
directory) produces symlinks that simply do not function.

Therefore GFileType file vs directory vs symlink distinction is
too simplistic to correctly represent a NTFS filesystem object type.

Since we can't turn back time and choose a better way of representing
file types, make GFileType reflect the file vs directory type on
Windows, meaning that all FS objects are either files or
directories (or shortcuts, which are also files), but never symlinks.

A test for symlinkiness will have to be made via GFileInfo - it
tracks symlinkiness separately from file/directory/whatever.
2018-10-10 08:20:44 +00:00
Michael Catanzaro
4536deb5af Add a new GTlsError to indicate protocol downgrade attacks
G_TLS_ERROR_MISC suffices, but it's nicer to have a new error here.
2018-08-07 08:20:03 -05:00
segfault
76b4d0ab3f Add support for TCRYPT volumes to GMountOperation
Add G_ASK_PASSWORD_TCRYPT flag to GAskPasswordFlags and add the
following properties to GMountOperation:

- hidden_volume [1]
- system_volume [2]
- pim [3]

[1] https://www.veracrypt.fr/en/Hidden%20Volume.html
[2] https://www.veracrypt.fr/en/System%20Encryption.html
[3] https://www.veracrypt.fr/en/Personal%20Iterations%20Multiplier%20(PIM).html
2018-06-21 15:32:04 +02:00
Philip Withnall
565d8fa1ee docs: Add Markdown backticks around /dev/null in a few places
This improves the formatting of the documentation ever so slightly.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
Reviewed-by: nobody
2018-02-08 16:39:32 +00:00
Philip Withnall
8e8f4e6486 docs: Fix various minor syntax errors in gtk-doc comments
This will fix a few broken links in the documentation, and shut up a
load of gtk-doc warnings (but certainly not all of them).

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://bugzilla.gnome.org/show_bug.cgi?id=790015
2017-11-07 14:51:12 +00:00
Simon McVittie
c53b44edb2 GBusNameOwnerFlags: Add DO_NOT_QUEUE flag
PulseAudio and LibreOffice are among the services that use this flag.
Refusing to queue for a name lets you do this transaction,
but atomically, avoiding the transient state where you briefly join
the queue and then are given the name when its primary owner drops it:

    result = RequestName(name)

    if result == IN_QUEUE:
        ReleaseName(name)
        result = EXISTS

    return result

(Modified by Philip Withnall to add documentation.)

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://bugzilla.gnome.org/show_bug.cgi?id=784392
2017-08-07 17:16:07 +01:00
Simon McVittie
92f1ba200d GBusNameOwnerFlags: Note equivalence with D-Bus Specification
The implementation passes flags through directly to the RequestName()
call, so if any new values break that equivalence, the implementation
will have to be changed.

Signed-off-by: Simon McVittie <smcv@collabora.com>

https://bugzilla.gnome.org/show_bug.cgi?id=784392
2017-08-07 17:10:07 +01:00
Sébastien Wilmet
3bf4a720c3 gio/: LGPLv2+ -> LGPLv2.1+
Sub-directories inside gio/ already processed in a previous commit:
- fam/
- gdbus-2.0/ (which contains only codegen/)
- gvdb/
- inotify/
- tests/
- win32/
- xdgmime/

Other sub-directories inside gio/:
- completion/: no license headers
- kqueue/: not LGPL, BSD-style license

https://bugzilla.gnome.org/show_bug.cgi?id=776504
2017-05-29 19:53:34 +02:00
Philip Withnall
2411b76c5e docs: Fix some DocBook usage in a few gtk-doc comments
<emphasis> and <ulink> tags. Replace them with Markdown.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2017-03-16 13:50:19 +00:00
Damien Lespiau
c494c3028c gfile: G_FILE_MONITOR_WATCH_MOVES was actually introduced in 2.46
I'm guessing the developments were done in 2.44 but the patches landed
after the 2.45.0 bump without an update to the Since tags.

Signed-off-by: Damien Lespiau <damien.lespiau@intel.com>

https://bugzilla.gnome.org/show_bug.cgi?id=769630
2016-10-12 19:18:05 -04:00
Matthias Clasen
15a85f2095 GCredentialsType: Remove XML markup from docs
We now use markdown.
2016-06-02 13:26:07 -04:00
Antoine Jacoutot
52f116e874 gioenums.h: Remove trailing comma.
This is helpful to people using the g++ --pedantic option.
2016-04-17 10:04:13 +02:00
Lars Uebernickel
b32f8ba19b gapplication: add a way to override the app-id
Some applications support running in a mode where they present
themselves as a different application to the user (for example web
browsers or terminals).

To facilitate this, add an option --gapplication-app-id which allows
users to override an application's id from desktop files or similar.

Applications need to opt-in to this by setting the
G_APPLICATION_CAN_OVERRIDE_APP_ID flag.

https://bugzilla.gnome.org/show_bug.cgi?id=743933
2016-02-18 08:18:58 -05:00
Matthias Clasen
caf03300e5 Remove leftover markup 2016-02-17 20:10:43 -05:00
Debarshi Ray
cd1eba043c docs: Improve the text on G_DBUS_PROXY_FLAGS_DO_NOT_AUTO_START
... and fix a couple of typos in the process.

https://bugzilla.gnome.org/show_bug.cgi?id=756251
2015-10-09 14:16:29 +02:00